From 5c517720d5b21a720e400586177c050d4bc95721 Mon Sep 17 00:00:00 2001 From: cvs2svn Date: Mon, 23 Apr 2001 15:30:26 +0000 Subject: This commit was manufactured by cvs2git to create tag 'OPENBSD_2_9_BASE'. --- src/lib/libcrypto/asn1/a_bitstr.c | 259 --- src/lib/libcrypto/asn1/a_bool.c | 112 -- src/lib/libcrypto/asn1/a_bytes.c | 323 --- src/lib/libcrypto/asn1/a_d2i_fp.c | 195 -- src/lib/libcrypto/asn1/a_digest.c | 90 - src/lib/libcrypto/asn1/a_dup.c | 83 - src/lib/libcrypto/asn1/a_enum.c | 224 --- src/lib/libcrypto/asn1/a_i2d_fp.c | 113 -- src/lib/libcrypto/asn1/a_int.c | 473 ----- src/lib/libcrypto/asn1/a_mbstr.c | 400 ---- src/lib/libcrypto/asn1/a_object.c | 320 --- src/lib/libcrypto/asn1/a_octet.c | 95 - src/lib/libcrypto/asn1/a_print.c | 197 -- src/lib/libcrypto/asn1/a_set.c | 217 --- src/lib/libcrypto/asn1/a_sign.c | 148 -- src/lib/libcrypto/asn1/a_strex.c | 533 ----- src/lib/libcrypto/asn1/a_strnid.c | 250 --- src/lib/libcrypto/asn1/a_time.c | 127 -- src/lib/libcrypto/asn1/a_type.c | 352 ---- src/lib/libcrypto/asn1/a_utf8.c | 238 --- src/lib/libcrypto/asn1/a_verify.c | 119 -- src/lib/libcrypto/asn1/asn1.h | 1151 ----------- src/lib/libcrypto/asn1/asn1_err.c | 352 ---- src/lib/libcrypto/asn1/asn1_lib.c | 427 ---- src/lib/libcrypto/asn1/asn1_mac.h | 560 ------ src/lib/libcrypto/asn1/asn1_par.c | 423 ---- src/lib/libcrypto/asn1/asn_pack.c | 145 -- src/lib/libcrypto/asn1/charmap.h | 15 - src/lib/libcrypto/asn1/charmap.pl | 80 - src/lib/libcrypto/asn1/d2i_pr.c | 137 -- src/lib/libcrypto/asn1/d2i_pu.c | 114 -- src/lib/libcrypto/asn1/evp_asn1.c | 185 -- src/lib/libcrypto/asn1/f_enum.c | 207 -- src/lib/libcrypto/asn1/f_int.c | 214 -- src/lib/libcrypto/asn1/f_string.c | 212 -- src/lib/libcrypto/asn1/i2d_pr.c | 84 - src/lib/libcrypto/asn1/i2d_pu.c | 82 - src/lib/libcrypto/asn1/n_pkey.c | 388 ---- src/lib/libcrypto/asn1/nsseq.c | 118 -- src/lib/libcrypto/asn1/p5_pbe.c | 157 -- src/lib/libcrypto/asn1/p5_pbev2.c | 282 --- src/lib/libcrypto/asn1/p8_pkey.c | 127 -- src/lib/libcrypto/asn1/t_bitst.c | 99 - src/lib/libcrypto/asn1/t_crl.c | 166 -- src/lib/libcrypto/asn1/t_pkey.c | 361 ---- src/lib/libcrypto/asn1/t_req.c | 254 --- src/lib/libcrypto/asn1/t_spki.c | 116 -- src/lib/libcrypto/asn1/t_x509.c | 409 ---- src/lib/libcrypto/asn1/t_x509a.c | 110 -- src/lib/libcrypto/asn1/x_algor.c | 118 -- src/lib/libcrypto/asn1/x_attrib.c | 165 -- src/lib/libcrypto/asn1/x_crl.c | 348 ---- src/lib/libcrypto/asn1/x_exten.c | 139 -- src/lib/libcrypto/asn1/x_info.c | 114 -- src/lib/libcrypto/asn1/x_name.c | 279 --- src/lib/libcrypto/asn1/x_pkey.c | 151 -- src/lib/libcrypto/asn1/x_pubkey.c | 366 ---- src/lib/libcrypto/asn1/x_req.c | 257 --- src/lib/libcrypto/asn1/x_sig.c | 110 -- src/lib/libcrypto/asn1/x_spki.c | 166 -- src/lib/libcrypto/asn1/x_val.c | 109 -- src/lib/libcrypto/asn1/x_x509.c | 216 -- src/lib/libcrypto/asn1/x_x509a.c | 208 -- src/lib/libcrypto/bf/COPYRIGHT | 46 - src/lib/libcrypto/bf/INSTALL | 14 - src/lib/libcrypto/bf/README | 8 - src/lib/libcrypto/bf/VERSION | 6 - src/lib/libcrypto/bf/asm/bf-586.pl | 136 -- src/lib/libcrypto/bf/bf_cbc.c | 143 -- src/lib/libcrypto/bf/bf_cfb64.c | 121 -- src/lib/libcrypto/bf/bf_ecb.c | 96 - src/lib/libcrypto/bf/bf_enc.c | 306 --- src/lib/libcrypto/bf/bf_locl.h | 219 --- src/lib/libcrypto/bf/bf_ofb64.c | 110 -- src/lib/libcrypto/bf/bf_pi.h | 325 --- src/lib/libcrypto/bf/bf_skey.c | 116 -- src/lib/libcrypto/bf/blowfish.h | 125 -- src/lib/libcrypto/bio/b_dump.c | 152 -- src/lib/libcrypto/bio/b_print.c | 814 -------- src/lib/libcrypto/bio/b_sock.c | 722 ------- src/lib/libcrypto/bio/bf_buff.c | 511 ----- src/lib/libcrypto/bio/bf_lbuf.c | 397 ---- src/lib/libcrypto/bio/bf_nbio.c | 256 --- src/lib/libcrypto/bio/bf_null.c | 184 -- src/lib/libcrypto/bio/bio.h | 687 ------- src/lib/libcrypto/bio/bio_cb.c | 133 -- src/lib/libcrypto/bio/bio_err.c | 150 -- src/lib/libcrypto/bio/bio_lib.c | 542 ----- src/lib/libcrypto/bio/bss_acpt.c | 467 ----- src/lib/libcrypto/bio/bss_bio.c | 857 -------- src/lib/libcrypto/bio/bss_conn.c | 651 ------- src/lib/libcrypto/bio/bss_fd.c | 62 - src/lib/libcrypto/bio/bss_file.c | 310 --- src/lib/libcrypto/bio/bss_log.c | 394 ---- src/lib/libcrypto/bio/bss_mem.c | 317 --- src/lib/libcrypto/bio/bss_null.c | 150 -- src/lib/libcrypto/bio/bss_sock.c | 424 ---- src/lib/libcrypto/bn/asm/bn-586.pl | 384 ---- src/lib/libcrypto/bn/asm/co-586.pl | 286 --- src/lib/libcrypto/bn/asm/pa-risc2.s | 1618 --------------- src/lib/libcrypto/bn/asm/pa-risc2W.s | 1605 --------------- src/lib/libcrypto/bn/asm/sparcv8.S | 1458 -------------- src/lib/libcrypto/bn/asm/sparcv8plus.S | 1535 --------------- src/lib/libcrypto/bn/asm/x86.pl | 28 - src/lib/libcrypto/bn/asm/x86/add.pl | 76 - src/lib/libcrypto/bn/asm/x86/comba.pl | 277 --- src/lib/libcrypto/bn/asm/x86/div.pl | 15 - src/lib/libcrypto/bn/asm/x86/mul.pl | 77 - src/lib/libcrypto/bn/asm/x86/mul_add.pl | 87 - src/lib/libcrypto/bn/asm/x86/sqr.pl | 60 - src/lib/libcrypto/bn/asm/x86/sub.pl | 76 - src/lib/libcrypto/bn/bn.h | 514 ----- src/lib/libcrypto/bn/bn_add.c | 307 --- src/lib/libcrypto/bn/bn_asm.c | 832 -------- src/lib/libcrypto/bn/bn_blind.c | 144 -- src/lib/libcrypto/bn/bn_ctx.c | 144 -- src/lib/libcrypto/bn/bn_div.c | 380 ---- src/lib/libcrypto/bn/bn_err.c | 121 -- src/lib/libcrypto/bn/bn_exp.c | 696 ------- src/lib/libcrypto/bn/bn_exp2.c | 300 --- src/lib/libcrypto/bn/bn_gcd.c | 210 -- src/lib/libcrypto/bn/bn_lcl.h | 419 ---- src/lib/libcrypto/bn/bn_lib.c | 755 ------- src/lib/libcrypto/bn/bn_mont.c | 346 ---- src/lib/libcrypto/bn/bn_mpi.c | 129 -- src/lib/libcrypto/bn/bn_mul.c | 794 -------- src/lib/libcrypto/bn/bn_prime.c | 465 ----- src/lib/libcrypto/bn/bn_prime.h | 325 --- src/lib/libcrypto/bn/bn_prime.pl | 117 -- src/lib/libcrypto/bn/bn_print.c | 332 ---- src/lib/libcrypto/bn/bn_rand.c | 142 -- src/lib/libcrypto/bn/bn_recp.c | 220 --- src/lib/libcrypto/bn/bn_shift.c | 200 -- src/lib/libcrypto/bn/bn_sqr.c | 288 --- src/lib/libcrypto/bn/bn_word.c | 199 -- src/lib/libcrypto/buffer/buf_err.c | 95 - src/lib/libcrypto/buffer/buffer.c | 144 -- src/lib/libcrypto/buffer/buffer.h | 98 - src/lib/libcrypto/cast/asm/cast-586.pl | 176 -- src/lib/libcrypto/cast/c_cfb64.c | 122 -- src/lib/libcrypto/cast/c_ecb.c | 80 - src/lib/libcrypto/cast/c_enc.c | 207 -- src/lib/libcrypto/cast/c_ofb64.c | 111 -- src/lib/libcrypto/cast/c_skey.c | 166 -- src/lib/libcrypto/cast/cast.h | 103 - src/lib/libcrypto/cast/cast_lcl.h | 226 --- src/lib/libcrypto/cast/cast_s.h | 585 ------ src/lib/libcrypto/comp/c_rle.c | 61 - src/lib/libcrypto/comp/c_zlib.c | 133 -- src/lib/libcrypto/comp/comp.h | 61 - src/lib/libcrypto/comp/comp_err.c | 92 - src/lib/libcrypto/comp/comp_lib.c | 78 - src/lib/libcrypto/conf/conf.h | 177 -- src/lib/libcrypto/conf/conf_api.c | 289 --- src/lib/libcrypto/conf/conf_api.h | 87 - src/lib/libcrypto/conf/conf_def.c | 703 ------- src/lib/libcrypto/conf/conf_def.h | 145 -- src/lib/libcrypto/conf/conf_err.c | 110 -- src/lib/libcrypto/conf/conf_lib.c | 352 ---- src/lib/libcrypto/conf/keysets.pl | 179 -- src/lib/libcrypto/conf/ssleay.cnf | 78 - src/lib/libcrypto/cpt_err.c | 97 - src/lib/libcrypto/cryptlib.c | 491 ----- src/lib/libcrypto/cryptlib.h | 96 - src/lib/libcrypto/crypto.h | 401 ---- src/lib/libcrypto/cversion.c | 112 -- src/lib/libcrypto/des/COPYRIGHT | 50 - src/lib/libcrypto/des/asm/crypt586.pl | 204 -- src/lib/libcrypto/des/asm/des-586.pl | 253 --- src/lib/libcrypto/des/asm/desboth.pl | 79 - src/lib/libcrypto/des/cbc_cksm.c | 97 - src/lib/libcrypto/des/cbc_enc.c | 61 - src/lib/libcrypto/des/cfb64ede.c | 141 -- src/lib/libcrypto/des/cfb64enc.c | 121 -- src/lib/libcrypto/des/cfb_enc.c | 165 -- src/lib/libcrypto/des/des.h | 266 --- src/lib/libcrypto/des/des_enc.c | 406 ---- src/lib/libcrypto/des/des_locl.h | 412 ---- src/lib/libcrypto/des/ecb3_enc.c | 82 - src/lib/libcrypto/des/ecb_enc.c | 122 -- src/lib/libcrypto/des/ede_cbcm_enc.c | 197 -- src/lib/libcrypto/des/enc_read.c | 228 --- src/lib/libcrypto/des/enc_writ.c | 171 -- src/lib/libcrypto/des/fcrypt.c | 152 -- src/lib/libcrypto/des/fcrypt_b.c | 145 -- src/lib/libcrypto/des/ncbc_enc.c | 148 -- src/lib/libcrypto/des/ofb64ede.c | 124 -- src/lib/libcrypto/des/ofb64enc.c | 110 -- src/lib/libcrypto/des/ofb_enc.c | 134 -- src/lib/libcrypto/des/pcbc_enc.c | 122 -- src/lib/libcrypto/des/qud_cksm.c | 139 -- src/lib/libcrypto/des/rand_key.c | 73 - src/lib/libcrypto/des/set_key.c | 402 ---- src/lib/libcrypto/des/spr.h | 204 -- src/lib/libcrypto/des/str2key.c | 155 -- src/lib/libcrypto/des/xcbc_enc.c | 194 -- src/lib/libcrypto/dh/dh.h | 213 -- src/lib/libcrypto/dh/dh_check.c | 120 -- src/lib/libcrypto/dh/dh_err.c | 99 - src/lib/libcrypto/dh/dh_gen.c | 153 -- src/lib/libcrypto/dh/dh_key.c | 221 --- src/lib/libcrypto/dh/dh_lib.c | 237 --- src/lib/libcrypto/doc/DH_generate_key.pod | 50 - src/lib/libcrypto/doc/DH_generate_parameters.pod | 72 - src/lib/libcrypto/doc/DH_get_ex_new_index.pod | 36 - src/lib/libcrypto/doc/DH_new.pod | 40 - src/lib/libcrypto/doc/DH_set_method.pod | 111 -- src/lib/libcrypto/doc/DH_size.pod | 33 - src/lib/libcrypto/doc/DSA_SIG_new.pod | 39 - src/lib/libcrypto/doc/DSA_do_sign.pod | 47 - src/lib/libcrypto/doc/DSA_dup_DH.pod | 36 - src/lib/libcrypto/doc/DSA_generate_key.pod | 33 - src/lib/libcrypto/doc/DSA_generate_parameters.pod | 105 - src/lib/libcrypto/doc/DSA_get_ex_new_index.pod | 36 - src/lib/libcrypto/doc/DSA_new.pod | 41 - src/lib/libcrypto/doc/DSA_set_method.pod | 118 -- src/lib/libcrypto/doc/DSA_sign.pod | 66 - src/lib/libcrypto/doc/DSA_size.pod | 33 - src/lib/libcrypto/doc/ERR_GET_LIB.pod | 51 - src/lib/libcrypto/doc/ERR_clear_error.pod | 29 - src/lib/libcrypto/doc/ERR_error_string.pod | 73 - src/lib/libcrypto/doc/ERR_get_error.pod | 63 - src/lib/libcrypto/doc/ERR_load_crypto_strings.pod | 46 - src/lib/libcrypto/doc/ERR_load_strings.pod | 54 - src/lib/libcrypto/doc/ERR_print_errors.pod | 51 - src/lib/libcrypto/doc/ERR_put_error.pod | 44 - src/lib/libcrypto/doc/ERR_remove_state.pod | 34 - src/lib/libcrypto/doc/EVP_DigestInit.pod | 202 -- src/lib/libcrypto/doc/EVP_EncryptInit.pod | 359 ---- src/lib/libcrypto/doc/EVP_OpenInit.pod | 63 - src/lib/libcrypto/doc/EVP_SealInit.pod | 76 - src/lib/libcrypto/doc/EVP_SignInit.pod | 85 - src/lib/libcrypto/doc/EVP_VerifyInit.pod | 72 - src/lib/libcrypto/doc/OPENSSL_VERSION_NUMBER.pod | 88 - .../libcrypto/doc/OpenSSL_add_all_algorithms.pod | 66 - src/lib/libcrypto/doc/RAND_add.pod | 77 - src/lib/libcrypto/doc/RAND_bytes.pod | 46 - src/lib/libcrypto/doc/RAND_cleanup.pod | 29 - src/lib/libcrypto/doc/RAND_load_file.pod | 53 - src/lib/libcrypto/doc/RAND_set_rand_method.pod | 59 - src/lib/libcrypto/doc/RSA_blinding_on.pod | 43 - src/lib/libcrypto/doc/RSA_check_key.pod | 39 - src/lib/libcrypto/doc/RSA_generate_key.pod | 68 - src/lib/libcrypto/doc/RSA_get_ex_new_index.pod | 120 -- src/lib/libcrypto/doc/RSA_new.pod | 39 - .../libcrypto/doc/RSA_padding_add_PKCS1_type_1.pod | 124 -- src/lib/libcrypto/doc/RSA_print.pod | 49 - src/lib/libcrypto/doc/RSA_private_encrypt.pod | 70 - src/lib/libcrypto/doc/RSA_public_encrypt.pod | 86 - src/lib/libcrypto/doc/RSA_set_method.pod | 168 -- src/lib/libcrypto/doc/RSA_sign.pod | 62 - .../libcrypto/doc/RSA_sign_ASN1_OCTET_STRING.pod | 59 - src/lib/libcrypto/doc/RSA_size.pod | 33 - src/lib/libcrypto/doc/bn.pod | 148 -- src/lib/libcrypto/doc/d2i_DHparams.pod | 30 - src/lib/libcrypto/doc/d2i_RSAPublicKey.pod | 39 - src/lib/libcrypto/doc/dh.pod | 69 - src/lib/libcrypto/doc/dsa.pod | 105 - src/lib/libcrypto/doc/evp.pod | 37 - src/lib/libcrypto/doc/lh_stats.pod | 60 - src/lib/libcrypto/doc/rsa.pod | 117 -- src/lib/libcrypto/dsa/dsa.h | 256 --- src/lib/libcrypto/dsa/dsa_asn1.c | 96 - src/lib/libcrypto/dsa/dsa_err.c | 106 - src/lib/libcrypto/dsa/dsa_gen.c | 294 --- src/lib/libcrypto/dsa/dsa_key.c | 108 - src/lib/libcrypto/dsa/dsa_lib.c | 296 --- src/lib/libcrypto/dsa/dsa_ossl.c | 372 ---- src/lib/libcrypto/dsa/dsa_sign.c | 93 - src/lib/libcrypto/dsa/dsa_vrf.c | 95 - src/lib/libcrypto/dso/dso.h | 250 --- src/lib/libcrypto/dso/dso_dlfcn.c | 276 --- src/lib/libcrypto/dso/dso_err.c | 128 -- src/lib/libcrypto/dso/dso_lib.c | 306 --- src/lib/libcrypto/dso/dso_null.c | 86 - src/lib/libcrypto/dso/dso_openssl.c | 81 - src/lib/libcrypto/engine/README | 278 --- src/lib/libcrypto/engine/engine.h | 398 ---- src/lib/libcrypto/err/err.c | 795 -------- src/lib/libcrypto/err/err.h | 278 --- src/lib/libcrypto/err/err_all.c | 126 -- src/lib/libcrypto/err/err_prn.c | 107 - src/lib/libcrypto/err/openssl.ec | 74 - src/lib/libcrypto/evp/bio_b64.c | 547 ------ src/lib/libcrypto/evp/bio_enc.c | 425 ---- src/lib/libcrypto/evp/bio_md.c | 261 --- src/lib/libcrypto/evp/c_all.c | 67 - src/lib/libcrypto/evp/digest.c | 92 - src/lib/libcrypto/evp/e_bf.c | 80 - src/lib/libcrypto/evp/e_cast.c | 82 - src/lib/libcrypto/evp/e_des.c | 118 -- src/lib/libcrypto/evp/e_des3.c | 165 -- src/lib/libcrypto/evp/e_idea.c | 112 -- src/lib/libcrypto/evp/e_null.c | 101 - src/lib/libcrypto/evp/e_rc2.c | 222 --- src/lib/libcrypto/evp/e_rc4.c | 125 -- src/lib/libcrypto/evp/e_xcbc_d.c | 111 -- src/lib/libcrypto/evp/encode.c | 437 ----- src/lib/libcrypto/evp/evp.h | 820 -------- src/lib/libcrypto/evp/evp_enc.c | 341 ---- src/lib/libcrypto/evp/evp_err.c | 153 -- src/lib/libcrypto/evp/evp_key.c | 159 -- src/lib/libcrypto/evp/evp_lib.c | 142 -- src/lib/libcrypto/evp/evp_locl.h | 168 -- src/lib/libcrypto/evp/evp_pbe.c | 136 -- src/lib/libcrypto/evp/evp_pkey.c | 408 ---- src/lib/libcrypto/evp/m_dss.c | 83 - src/lib/libcrypto/evp/m_dss1.c | 83 - src/lib/libcrypto/evp/m_md4.c | 83 - src/lib/libcrypto/evp/m_md5.c | 83 - src/lib/libcrypto/evp/m_null.c | 88 - src/lib/libcrypto/evp/m_ripemd.c | 84 - src/lib/libcrypto/evp/m_sha1.c | 83 - src/lib/libcrypto/evp/names.c | 123 -- src/lib/libcrypto/evp/p5_crpt.c | 149 -- src/lib/libcrypto/evp/p5_crpt2.c | 248 --- src/lib/libcrypto/evp/p_dec.c | 87 - src/lib/libcrypto/evp/p_enc.c | 86 - src/lib/libcrypto/evp/p_lib.c | 333 ---- src/lib/libcrypto/evp/p_open.c | 123 -- src/lib/libcrypto/evp/p_seal.c | 112 -- src/lib/libcrypto/evp/p_sign.c | 112 -- src/lib/libcrypto/evp/p_verify.c | 99 - src/lib/libcrypto/ex_data.c | 223 --- src/lib/libcrypto/hmac/hmac.c | 152 -- src/lib/libcrypto/hmac/hmac.h | 100 - src/lib/libcrypto/idea/idea.h | 99 - src/lib/libcrypto/lhash/lh_stats.c | 274 --- src/lib/libcrypto/lhash/lhash.c | 461 ----- src/lib/libcrypto/lhash/lhash.h | 149 -- src/lib/libcrypto/md32_common.h | 607 ------ src/lib/libcrypto/md4/md4.h | 114 -- src/lib/libcrypto/md4/md4_dgst.c | 285 --- src/lib/libcrypto/md4/md4_locl.h | 154 -- src/lib/libcrypto/md4/md4_one.c | 95 - src/lib/libcrypto/md5/asm/md5-586.pl | 306 --- src/lib/libcrypto/md5/md5.h | 114 -- src/lib/libcrypto/md5/md5_dgst.c | 319 --- src/lib/libcrypto/md5/md5_locl.h | 172 -- src/lib/libcrypto/md5/md5_one.c | 95 - src/lib/libcrypto/mem_dbg.c | 730 ------- src/lib/libcrypto/objects/o_names.c | 266 --- src/lib/libcrypto/objects/obj_dat.c | 657 ------- src/lib/libcrypto/objects/obj_dat.pl | 302 --- src/lib/libcrypto/objects/obj_err.c | 99 - src/lib/libcrypto/objects/obj_lib.c | 126 -- src/lib/libcrypto/objects/obj_mac.num | 392 ---- src/lib/libcrypto/objects/objects.README | 44 - src/lib/libcrypto/objects/objects.h | 1038 ---------- src/lib/libcrypto/objects/objects.pl | 224 --- src/lib/libcrypto/objects/objects.txt | 593 ------ src/lib/libcrypto/opensslv.h | 85 - src/lib/libcrypto/pem/message | 16 - src/lib/libcrypto/pem/pem.h | 667 ------- src/lib/libcrypto/pem/pem2.h | 68 - src/lib/libcrypto/pem/pem_all.c | 203 -- src/lib/libcrypto/pem/pem_err.c | 131 -- src/lib/libcrypto/pem/pem_info.c | 364 ---- src/lib/libcrypto/pem/pem_lib.c | 963 --------- src/lib/libcrypto/pem/pem_seal.c | 184 -- src/lib/libcrypto/pem/pem_sign.c | 102 - src/lib/libcrypto/pem/pkcs7.lis | 22 - src/lib/libcrypto/perlasm/cbc.pl | 342 ---- src/lib/libcrypto/perlasm/readme | 124 -- src/lib/libcrypto/perlasm/x86asm.pl | 118 -- src/lib/libcrypto/pkcs12/p12_add.c | 218 --- src/lib/libcrypto/pkcs12/p12_attr.c | 238 --- src/lib/libcrypto/pkcs12/p12_crpt.c | 124 -- src/lib/libcrypto/pkcs12/p12_crt.c | 164 -- src/lib/libcrypto/pkcs12/p12_decr.c | 187 -- src/lib/libcrypto/pkcs12/p12_init.c | 98 - src/lib/libcrypto/pkcs12/p12_key.c | 197 -- src/lib/libcrypto/pkcs12/p12_kiss.c | 284 --- src/lib/libcrypto/pkcs12/p12_mutl.c | 170 -- src/lib/libcrypto/pkcs12/p12_npas.c | 217 --- src/lib/libcrypto/pkcs12/p12_utl.c | 118 -- src/lib/libcrypto/pkcs12/pk12err.c | 139 -- src/lib/libcrypto/pkcs12/pkcs12.h | 345 ---- src/lib/libcrypto/pkcs7/pk7_attr.c | 89 - src/lib/libcrypto/pkcs7/pk7_doit.c | 937 --------- src/lib/libcrypto/pkcs7/pk7_lib.c | 469 ----- src/lib/libcrypto/pkcs7/pk7_mime.c | 685 ------- src/lib/libcrypto/pkcs7/pk7_smime.c | 435 ----- src/lib/libcrypto/pkcs7/pkcs7.h | 505 ----- src/lib/libcrypto/pkcs7/pkcs7err.c | 161 -- src/lib/libcrypto/rand/rand.h | 132 -- src/lib/libcrypto/rand/rand_err.c | 94 - src/lib/libcrypto/rand/rand_lib.c | 136 -- src/lib/libcrypto/rand/randfile.c | 259 --- src/lib/libcrypto/rc2/rc2.h | 101 - src/lib/libcrypto/rc2/rc2_cbc.c | 226 --- src/lib/libcrypto/rc2/rc2_ecb.c | 88 - src/lib/libcrypto/rc2/rc2_locl.h | 156 -- src/lib/libcrypto/rc2/rc2_skey.c | 138 -- src/lib/libcrypto/rc2/rc2cfb64.c | 122 -- src/lib/libcrypto/rc2/rc2ofb64.c | 111 -- src/lib/libcrypto/rc2/rrc2.doc | 219 --- src/lib/libcrypto/rc2/version | 22 - src/lib/libcrypto/rc4/asm/rc4-586.pl | 173 -- src/lib/libcrypto/rc4/rc4.h | 88 - src/lib/libcrypto/rc4/rc4_enc.c | 315 --- src/lib/libcrypto/rc4/rc4_locl.h | 4 - src/lib/libcrypto/rc4/rc4_skey.c | 117 -- src/lib/libcrypto/ripemd/README | 15 - src/lib/libcrypto/ripemd/asm/rmd-586.pl | 590 ------ src/lib/libcrypto/ripemd/ripemd.h | 101 - src/lib/libcrypto/ripemd/rmd_dgst.c | 493 ----- src/lib/libcrypto/ripemd/rmd_locl.h | 160 -- src/lib/libcrypto/ripemd/rmd_one.c | 76 - src/lib/libcrypto/ripemd/rmdconst.h | 399 ---- src/lib/libcrypto/rsa/rsa.h | 357 ---- src/lib/libcrypto/rsa/rsa_chk.c | 184 -- src/lib/libcrypto/rsa/rsa_eay.c | 512 ----- src/lib/libcrypto/rsa/rsa_err.c | 148 -- src/lib/libcrypto/rsa/rsa_gen.c | 197 -- src/lib/libcrypto/rsa/rsa_lib.c | 388 ---- src/lib/libcrypto/rsa/rsa_none.c | 98 - src/lib/libcrypto/rsa/rsa_oaep.c | 163 -- src/lib/libcrypto/rsa/rsa_pk1.c | 224 --- src/lib/libcrypto/rsa/rsa_saos.c | 144 -- src/lib/libcrypto/rsa/rsa_sign.c | 224 --- src/lib/libcrypto/rsa/rsa_ssl.c | 154 -- src/lib/libcrypto/sha/asm/sha1-586.pl | 538 ----- src/lib/libcrypto/sha/sha.h | 119 -- src/lib/libcrypto/sha/sha1_one.c | 76 - src/lib/libcrypto/sha/sha1dgst.c | 73 - src/lib/libcrypto/sha/sha_locl.h | 471 ----- src/lib/libcrypto/stack/safestack.h | 1134 ----------- src/lib/libcrypto/stack/stack.c | 332 ---- src/lib/libcrypto/stack/stack.h | 107 - src/lib/libcrypto/txt_db/txt_db.c | 383 ---- src/lib/libcrypto/txt_db/txt_db.h | 108 - src/lib/libcrypto/util/mkerr.pl | 529 ----- src/lib/libcrypto/util/mkstack.pl | 124 -- src/lib/libcrypto/x509/by_dir.c | 351 ---- src/lib/libcrypto/x509/by_file.c | 298 --- src/lib/libcrypto/x509/x509.h | 1294 ------------ src/lib/libcrypto/x509/x509_att.c | 326 ---- src/lib/libcrypto/x509/x509_cmp.c | 314 --- src/lib/libcrypto/x509/x509_d2.c | 107 - src/lib/libcrypto/x509/x509_def.c | 81 - src/lib/libcrypto/x509/x509_err.c | 152 -- src/lib/libcrypto/x509/x509_ext.c | 191 -- src/lib/libcrypto/x509/x509_lu.c | 529 ----- src/lib/libcrypto/x509/x509_obj.c | 223 --- src/lib/libcrypto/x509/x509_r2x.c | 110 -- src/lib/libcrypto/x509/x509_req.c | 278 --- src/lib/libcrypto/x509/x509_set.c | 150 -- src/lib/libcrypto/x509/x509_trs.c | 266 --- src/lib/libcrypto/x509/x509_txt.c | 150 -- src/lib/libcrypto/x509/x509_v3.c | 267 --- src/lib/libcrypto/x509/x509_vfy.c | 920 --------- src/lib/libcrypto/x509/x509_vfy.h | 390 ---- src/lib/libcrypto/x509/x509name.c | 383 ---- src/lib/libcrypto/x509/x509rset.c | 83 - src/lib/libcrypto/x509/x509spki.c | 121 -- src/lib/libcrypto/x509/x509type.c | 114 -- src/lib/libcrypto/x509/x_all.c | 565 ------ src/lib/libcrypto/x509v3/ext_dat.h | 97 - src/lib/libcrypto/x509v3/v3_akey.c | 249 --- src/lib/libcrypto/x509v3/v3_alt.c | 401 ---- src/lib/libcrypto/x509v3/v3_bcons.c | 164 -- src/lib/libcrypto/x509v3/v3_bitst.c | 141 -- src/lib/libcrypto/x509v3/v3_conf.c | 390 ---- src/lib/libcrypto/x509v3/v3_cpols.c | 660 ------- src/lib/libcrypto/x509v3/v3_crld.c | 285 --- src/lib/libcrypto/x509v3/v3_enum.c | 96 - src/lib/libcrypto/x509v3/v3_extku.c | 150 -- src/lib/libcrypto/x509v3/v3_genn.c | 291 --- src/lib/libcrypto/x509v3/v3_ia5.c | 113 -- src/lib/libcrypto/x509v3/v3_info.c | 236 --- src/lib/libcrypto/x509v3/v3_int.c | 72 - src/lib/libcrypto/x509v3/v3_lib.c | 225 --- src/lib/libcrypto/x509v3/v3_pku.c | 151 -- src/lib/libcrypto/x509v3/v3_prn.c | 151 -- src/lib/libcrypto/x509v3/v3_purp.c | 533 ----- src/lib/libcrypto/x509v3/v3_skey.c | 149 -- src/lib/libcrypto/x509v3/v3_sxnet.c | 340 ---- src/lib/libcrypto/x509v3/v3_utl.c | 516 ----- src/lib/libcrypto/x509v3/v3err.c | 176 -- src/lib/libcrypto/x509v3/x509v3.h | 653 ------- src/lib/libssl/LICENSE | 127 -- src/lib/libssl/bio_ssl.c | 586 ------ src/lib/libssl/doc/openssl.cnf | 244 --- src/lib/libssl/doc/openssl.txt | 1235 ------------ src/lib/libssl/doc/standards.txt | 121 -- src/lib/libssl/s23_clnt.c | 475 ----- src/lib/libssl/s23_lib.c | 226 --- src/lib/libssl/s23_pkt.c | 117 -- src/lib/libssl/s23_srvr.c | 576 ------ src/lib/libssl/s3_both.c | 588 ------ src/lib/libssl/s3_clnt.c | 1740 ----------------- src/lib/libssl/s3_lib.c | 1339 ------------- src/lib/libssl/s3_pkt.c | 1198 ------------ src/lib/libssl/s3_srvr.c | 1755 ----------------- src/lib/libssl/shlib_version | 2 - src/lib/libssl/ssl.h | 1562 --------------- src/lib/libssl/ssl2.h | 269 --- src/lib/libssl/ssl23.h | 83 - src/lib/libssl/ssl3.h | 429 ---- src/lib/libssl/ssl_algs.c | 103 - src/lib/libssl/ssl_asn1.c | 349 ---- src/lib/libssl/ssl_cert.c | 755 ------- src/lib/libssl/ssl_ciph.c | 1071 ---------- src/lib/libssl/ssl_err.c | 431 ---- src/lib/libssl/ssl_err2.c | 70 - src/lib/libssl/ssl_lib.c | 2061 -------------------- src/lib/libssl/ssl_locl.h | 556 ------ src/lib/libssl/ssl_rsa.c | 815 -------- src/lib/libssl/ssl_sess.c | 680 ------- src/lib/libssl/ssl_stat.c | 454 ----- src/lib/libssl/ssl_txt.c | 174 -- src/lib/libssl/t1_clnt.c | 90 - src/lib/libssl/t1_enc.c | 633 ------ src/lib/libssl/t1_lib.c | 149 -- src/lib/libssl/t1_meth.c | 88 - src/lib/libssl/t1_srvr.c | 91 - src/lib/libssl/test/CAss.cnf | 25 - src/lib/libssl/test/CAssdh.cnf | 24 - src/lib/libssl/test/CAssdsa.cnf | 23 - src/lib/libssl/test/CAssrsa.cnf | 24 - src/lib/libssl/test/Sssdsa.cnf | 27 - src/lib/libssl/test/Sssrsa.cnf | 26 - src/lib/libssl/test/Uss.cnf | 28 - src/lib/libssl/test/VMSca-response.1 | 1 - src/lib/libssl/test/VMSca-response.2 | 2 - src/lib/libssl/test/methtest.c | 105 - src/lib/libssl/test/pkcs7-1.pem | 15 - src/lib/libssl/test/pkcs7.pem | 54 - src/lib/libssl/test/r160test.c | 57 - src/lib/libssl/test/tcrl | 81 - src/lib/libssl/test/test.cnf | 88 - src/lib/libssl/test/testca | 44 - src/lib/libssl/test/testcrl.pem | 16 - src/lib/libssl/test/testenc | 54 - src/lib/libssl/test/testgen | 32 - src/lib/libssl/test/testp7.pem | 46 - src/lib/libssl/test/testreq2.pem | 7 - src/lib/libssl/test/testrsa.pem | 9 - src/lib/libssl/test/testsid.pem | 12 - src/lib/libssl/test/testss | 90 - src/lib/libssl/test/testssl | 81 - src/lib/libssl/test/testx509.pem | 10 - src/lib/libssl/test/times | 113 -- src/lib/libssl/test/tpkcs7 | 51 - src/lib/libssl/test/tpkcs7d | 44 - src/lib/libssl/test/treq | 81 - src/lib/libssl/test/trsa | 81 - src/lib/libssl/test/tsid | 81 - src/lib/libssl/test/tx509 | 81 - src/lib/libssl/test/v3-cert1.pem | 16 - src/lib/libssl/test/v3-cert2.pem | 16 - src/lib/libssl/tls1.h | 164 -- 553 files changed, 134301 deletions(-) delete mode 100644 src/lib/libcrypto/asn1/a_bitstr.c delete mode 100644 src/lib/libcrypto/asn1/a_bool.c delete mode 100644 src/lib/libcrypto/asn1/a_bytes.c delete mode 100644 src/lib/libcrypto/asn1/a_d2i_fp.c delete mode 100644 src/lib/libcrypto/asn1/a_digest.c delete mode 100644 src/lib/libcrypto/asn1/a_dup.c delete mode 100644 src/lib/libcrypto/asn1/a_enum.c delete mode 100644 src/lib/libcrypto/asn1/a_i2d_fp.c delete mode 100644 src/lib/libcrypto/asn1/a_int.c delete mode 100644 src/lib/libcrypto/asn1/a_mbstr.c delete mode 100644 src/lib/libcrypto/asn1/a_object.c delete mode 100644 src/lib/libcrypto/asn1/a_octet.c delete mode 100644 src/lib/libcrypto/asn1/a_print.c delete mode 100644 src/lib/libcrypto/asn1/a_set.c delete mode 100644 src/lib/libcrypto/asn1/a_sign.c delete mode 100644 src/lib/libcrypto/asn1/a_strex.c delete mode 100644 src/lib/libcrypto/asn1/a_strnid.c delete mode 100644 src/lib/libcrypto/asn1/a_time.c delete mode 100644 src/lib/libcrypto/asn1/a_type.c delete mode 100644 src/lib/libcrypto/asn1/a_utf8.c delete mode 100644 src/lib/libcrypto/asn1/a_verify.c delete mode 100644 src/lib/libcrypto/asn1/asn1.h delete mode 100644 src/lib/libcrypto/asn1/asn1_err.c delete mode 100644 src/lib/libcrypto/asn1/asn1_lib.c delete mode 100644 src/lib/libcrypto/asn1/asn1_mac.h delete mode 100644 src/lib/libcrypto/asn1/asn1_par.c delete mode 100644 src/lib/libcrypto/asn1/asn_pack.c delete mode 100644 src/lib/libcrypto/asn1/charmap.h delete mode 100644 src/lib/libcrypto/asn1/charmap.pl delete mode 100644 src/lib/libcrypto/asn1/d2i_pr.c delete mode 100644 src/lib/libcrypto/asn1/d2i_pu.c delete mode 100644 src/lib/libcrypto/asn1/evp_asn1.c delete mode 100644 src/lib/libcrypto/asn1/f_enum.c delete mode 100644 src/lib/libcrypto/asn1/f_int.c delete mode 100644 src/lib/libcrypto/asn1/f_string.c delete mode 100644 src/lib/libcrypto/asn1/i2d_pr.c delete mode 100644 src/lib/libcrypto/asn1/i2d_pu.c delete mode 100644 src/lib/libcrypto/asn1/n_pkey.c delete mode 100644 src/lib/libcrypto/asn1/nsseq.c delete mode 100644 src/lib/libcrypto/asn1/p5_pbe.c delete mode 100644 src/lib/libcrypto/asn1/p5_pbev2.c delete mode 100644 src/lib/libcrypto/asn1/p8_pkey.c delete mode 100644 src/lib/libcrypto/asn1/t_bitst.c delete mode 100644 src/lib/libcrypto/asn1/t_crl.c delete mode 100644 src/lib/libcrypto/asn1/t_pkey.c delete mode 100644 src/lib/libcrypto/asn1/t_req.c delete mode 100644 src/lib/libcrypto/asn1/t_spki.c delete mode 100644 src/lib/libcrypto/asn1/t_x509.c delete mode 100644 src/lib/libcrypto/asn1/t_x509a.c delete mode 100644 src/lib/libcrypto/asn1/x_algor.c delete mode 100644 src/lib/libcrypto/asn1/x_attrib.c delete mode 100644 src/lib/libcrypto/asn1/x_crl.c delete mode 100644 src/lib/libcrypto/asn1/x_exten.c delete mode 100644 src/lib/libcrypto/asn1/x_info.c delete mode 100644 src/lib/libcrypto/asn1/x_name.c delete mode 100644 src/lib/libcrypto/asn1/x_pkey.c delete mode 100644 src/lib/libcrypto/asn1/x_pubkey.c delete mode 100644 src/lib/libcrypto/asn1/x_req.c delete mode 100644 src/lib/libcrypto/asn1/x_sig.c delete mode 100644 src/lib/libcrypto/asn1/x_spki.c delete mode 100644 src/lib/libcrypto/asn1/x_val.c delete mode 100644 src/lib/libcrypto/asn1/x_x509.c delete mode 100644 src/lib/libcrypto/asn1/x_x509a.c delete mode 100644 src/lib/libcrypto/bf/COPYRIGHT delete mode 100644 src/lib/libcrypto/bf/INSTALL delete mode 100644 src/lib/libcrypto/bf/README delete mode 100644 src/lib/libcrypto/bf/VERSION delete mode 100644 src/lib/libcrypto/bf/asm/bf-586.pl delete mode 100644 src/lib/libcrypto/bf/bf_cbc.c delete mode 100644 src/lib/libcrypto/bf/bf_cfb64.c delete mode 100644 src/lib/libcrypto/bf/bf_ecb.c delete mode 100644 src/lib/libcrypto/bf/bf_enc.c delete mode 100644 src/lib/libcrypto/bf/bf_locl.h delete mode 100644 src/lib/libcrypto/bf/bf_ofb64.c delete mode 100644 src/lib/libcrypto/bf/bf_pi.h delete mode 100644 src/lib/libcrypto/bf/bf_skey.c delete mode 100644 src/lib/libcrypto/bf/blowfish.h delete mode 100644 src/lib/libcrypto/bio/b_dump.c delete mode 100644 src/lib/libcrypto/bio/b_print.c delete mode 100644 src/lib/libcrypto/bio/b_sock.c delete mode 100644 src/lib/libcrypto/bio/bf_buff.c delete mode 100644 src/lib/libcrypto/bio/bf_lbuf.c delete mode 100644 src/lib/libcrypto/bio/bf_nbio.c delete mode 100644 src/lib/libcrypto/bio/bf_null.c delete mode 100644 src/lib/libcrypto/bio/bio.h delete mode 100644 src/lib/libcrypto/bio/bio_cb.c delete mode 100644 src/lib/libcrypto/bio/bio_err.c delete mode 100644 src/lib/libcrypto/bio/bio_lib.c delete mode 100644 src/lib/libcrypto/bio/bss_acpt.c delete mode 100644 src/lib/libcrypto/bio/bss_bio.c delete mode 100644 src/lib/libcrypto/bio/bss_conn.c delete mode 100644 src/lib/libcrypto/bio/bss_fd.c delete mode 100644 src/lib/libcrypto/bio/bss_file.c delete mode 100644 src/lib/libcrypto/bio/bss_log.c delete mode 100644 src/lib/libcrypto/bio/bss_mem.c delete mode 100644 src/lib/libcrypto/bio/bss_null.c delete mode 100644 src/lib/libcrypto/bio/bss_sock.c delete mode 100644 src/lib/libcrypto/bn/asm/bn-586.pl delete mode 100644 src/lib/libcrypto/bn/asm/co-586.pl delete mode 100644 src/lib/libcrypto/bn/asm/pa-risc2.s delete mode 100644 src/lib/libcrypto/bn/asm/pa-risc2W.s delete mode 100644 src/lib/libcrypto/bn/asm/sparcv8.S delete mode 100644 src/lib/libcrypto/bn/asm/sparcv8plus.S delete mode 100644 src/lib/libcrypto/bn/asm/x86.pl delete mode 100644 src/lib/libcrypto/bn/asm/x86/add.pl delete mode 100644 src/lib/libcrypto/bn/asm/x86/comba.pl delete mode 100644 src/lib/libcrypto/bn/asm/x86/div.pl delete mode 100644 src/lib/libcrypto/bn/asm/x86/mul.pl delete mode 100644 src/lib/libcrypto/bn/asm/x86/mul_add.pl delete mode 100644 src/lib/libcrypto/bn/asm/x86/sqr.pl delete mode 100644 src/lib/libcrypto/bn/asm/x86/sub.pl delete mode 100644 src/lib/libcrypto/bn/bn.h delete mode 100644 src/lib/libcrypto/bn/bn_add.c delete mode 100644 src/lib/libcrypto/bn/bn_asm.c delete mode 100644 src/lib/libcrypto/bn/bn_blind.c delete mode 100644 src/lib/libcrypto/bn/bn_ctx.c delete mode 100644 src/lib/libcrypto/bn/bn_div.c delete mode 100644 src/lib/libcrypto/bn/bn_err.c delete mode 100644 src/lib/libcrypto/bn/bn_exp.c delete mode 100644 src/lib/libcrypto/bn/bn_exp2.c delete mode 100644 src/lib/libcrypto/bn/bn_gcd.c delete mode 100644 src/lib/libcrypto/bn/bn_lcl.h delete mode 100644 src/lib/libcrypto/bn/bn_lib.c delete mode 100644 src/lib/libcrypto/bn/bn_mont.c delete mode 100644 src/lib/libcrypto/bn/bn_mpi.c delete mode 100644 src/lib/libcrypto/bn/bn_mul.c delete mode 100644 src/lib/libcrypto/bn/bn_prime.c delete mode 100644 src/lib/libcrypto/bn/bn_prime.h delete mode 100644 src/lib/libcrypto/bn/bn_prime.pl delete mode 100644 src/lib/libcrypto/bn/bn_print.c delete mode 100644 src/lib/libcrypto/bn/bn_rand.c delete mode 100644 src/lib/libcrypto/bn/bn_recp.c delete mode 100644 src/lib/libcrypto/bn/bn_shift.c delete mode 100644 src/lib/libcrypto/bn/bn_sqr.c delete mode 100644 src/lib/libcrypto/bn/bn_word.c delete mode 100644 src/lib/libcrypto/buffer/buf_err.c delete mode 100644 src/lib/libcrypto/buffer/buffer.c delete mode 100644 src/lib/libcrypto/buffer/buffer.h delete mode 100644 src/lib/libcrypto/cast/asm/cast-586.pl delete mode 100644 src/lib/libcrypto/cast/c_cfb64.c delete mode 100644 src/lib/libcrypto/cast/c_ecb.c delete mode 100644 src/lib/libcrypto/cast/c_enc.c delete mode 100644 src/lib/libcrypto/cast/c_ofb64.c delete mode 100644 src/lib/libcrypto/cast/c_skey.c delete mode 100644 src/lib/libcrypto/cast/cast.h delete mode 100644 src/lib/libcrypto/cast/cast_lcl.h delete mode 100644 src/lib/libcrypto/cast/cast_s.h delete mode 100644 src/lib/libcrypto/comp/c_rle.c delete mode 100644 src/lib/libcrypto/comp/c_zlib.c delete mode 100644 src/lib/libcrypto/comp/comp.h delete mode 100644 src/lib/libcrypto/comp/comp_err.c delete mode 100644 src/lib/libcrypto/comp/comp_lib.c delete mode 100644 src/lib/libcrypto/conf/conf.h delete mode 100644 src/lib/libcrypto/conf/conf_api.c delete mode 100644 src/lib/libcrypto/conf/conf_api.h delete mode 100644 src/lib/libcrypto/conf/conf_def.c delete mode 100644 src/lib/libcrypto/conf/conf_def.h delete mode 100644 src/lib/libcrypto/conf/conf_err.c delete mode 100644 src/lib/libcrypto/conf/conf_lib.c delete mode 100644 src/lib/libcrypto/conf/keysets.pl delete mode 100644 src/lib/libcrypto/conf/ssleay.cnf delete mode 100644 src/lib/libcrypto/cpt_err.c delete mode 100644 src/lib/libcrypto/cryptlib.c delete mode 100644 src/lib/libcrypto/cryptlib.h delete mode 100644 src/lib/libcrypto/crypto.h delete mode 100644 src/lib/libcrypto/cversion.c delete mode 100644 src/lib/libcrypto/des/COPYRIGHT delete mode 100644 src/lib/libcrypto/des/asm/crypt586.pl delete mode 100644 src/lib/libcrypto/des/asm/des-586.pl delete mode 100644 src/lib/libcrypto/des/asm/desboth.pl delete mode 100644 src/lib/libcrypto/des/cbc_cksm.c delete mode 100644 src/lib/libcrypto/des/cbc_enc.c delete mode 100644 src/lib/libcrypto/des/cfb64ede.c delete mode 100644 src/lib/libcrypto/des/cfb64enc.c delete mode 100644 src/lib/libcrypto/des/cfb_enc.c delete mode 100644 src/lib/libcrypto/des/des.h delete mode 100644 src/lib/libcrypto/des/des_enc.c delete mode 100644 src/lib/libcrypto/des/des_locl.h delete mode 100644 src/lib/libcrypto/des/ecb3_enc.c delete mode 100644 src/lib/libcrypto/des/ecb_enc.c delete mode 100644 src/lib/libcrypto/des/ede_cbcm_enc.c delete mode 100644 src/lib/libcrypto/des/enc_read.c delete mode 100644 src/lib/libcrypto/des/enc_writ.c delete mode 100644 src/lib/libcrypto/des/fcrypt.c delete mode 100644 src/lib/libcrypto/des/fcrypt_b.c delete mode 100644 src/lib/libcrypto/des/ncbc_enc.c delete mode 100644 src/lib/libcrypto/des/ofb64ede.c delete mode 100644 src/lib/libcrypto/des/ofb64enc.c delete mode 100644 src/lib/libcrypto/des/ofb_enc.c delete mode 100644 src/lib/libcrypto/des/pcbc_enc.c delete mode 100644 src/lib/libcrypto/des/qud_cksm.c delete mode 100644 src/lib/libcrypto/des/rand_key.c delete mode 100644 src/lib/libcrypto/des/set_key.c delete mode 100644 src/lib/libcrypto/des/spr.h delete mode 100644 src/lib/libcrypto/des/str2key.c delete mode 100644 src/lib/libcrypto/des/xcbc_enc.c delete mode 100644 src/lib/libcrypto/dh/dh.h delete mode 100644 src/lib/libcrypto/dh/dh_check.c delete mode 100644 src/lib/libcrypto/dh/dh_err.c delete mode 100644 src/lib/libcrypto/dh/dh_gen.c delete mode 100644 src/lib/libcrypto/dh/dh_key.c delete mode 100644 src/lib/libcrypto/dh/dh_lib.c delete mode 100644 src/lib/libcrypto/doc/DH_generate_key.pod delete mode 100644 src/lib/libcrypto/doc/DH_generate_parameters.pod delete mode 100644 src/lib/libcrypto/doc/DH_get_ex_new_index.pod delete mode 100644 src/lib/libcrypto/doc/DH_new.pod delete mode 100644 src/lib/libcrypto/doc/DH_set_method.pod delete mode 100644 src/lib/libcrypto/doc/DH_size.pod delete mode 100644 src/lib/libcrypto/doc/DSA_SIG_new.pod delete mode 100644 src/lib/libcrypto/doc/DSA_do_sign.pod delete mode 100644 src/lib/libcrypto/doc/DSA_dup_DH.pod delete mode 100644 src/lib/libcrypto/doc/DSA_generate_key.pod delete mode 100644 src/lib/libcrypto/doc/DSA_generate_parameters.pod delete mode 100644 src/lib/libcrypto/doc/DSA_get_ex_new_index.pod delete mode 100644 src/lib/libcrypto/doc/DSA_new.pod delete mode 100644 src/lib/libcrypto/doc/DSA_set_method.pod delete mode 100644 src/lib/libcrypto/doc/DSA_sign.pod delete mode 100644 src/lib/libcrypto/doc/DSA_size.pod delete mode 100644 src/lib/libcrypto/doc/ERR_GET_LIB.pod delete mode 100644 src/lib/libcrypto/doc/ERR_clear_error.pod delete mode 100644 src/lib/libcrypto/doc/ERR_error_string.pod delete mode 100644 src/lib/libcrypto/doc/ERR_get_error.pod delete mode 100644 src/lib/libcrypto/doc/ERR_load_crypto_strings.pod delete mode 100644 src/lib/libcrypto/doc/ERR_load_strings.pod delete mode 100644 src/lib/libcrypto/doc/ERR_print_errors.pod delete mode 100644 src/lib/libcrypto/doc/ERR_put_error.pod delete mode 100644 src/lib/libcrypto/doc/ERR_remove_state.pod delete mode 100644 src/lib/libcrypto/doc/EVP_DigestInit.pod delete mode 100644 src/lib/libcrypto/doc/EVP_EncryptInit.pod delete mode 100644 src/lib/libcrypto/doc/EVP_OpenInit.pod delete mode 100644 src/lib/libcrypto/doc/EVP_SealInit.pod delete mode 100644 src/lib/libcrypto/doc/EVP_SignInit.pod delete mode 100644 src/lib/libcrypto/doc/EVP_VerifyInit.pod delete mode 100644 src/lib/libcrypto/doc/OPENSSL_VERSION_NUMBER.pod delete mode 100644 src/lib/libcrypto/doc/OpenSSL_add_all_algorithms.pod delete mode 100644 src/lib/libcrypto/doc/RAND_add.pod delete mode 100644 src/lib/libcrypto/doc/RAND_bytes.pod delete mode 100644 src/lib/libcrypto/doc/RAND_cleanup.pod delete mode 100644 src/lib/libcrypto/doc/RAND_load_file.pod delete mode 100644 src/lib/libcrypto/doc/RAND_set_rand_method.pod delete mode 100644 src/lib/libcrypto/doc/RSA_blinding_on.pod delete mode 100644 src/lib/libcrypto/doc/RSA_check_key.pod delete mode 100644 src/lib/libcrypto/doc/RSA_generate_key.pod delete mode 100644 src/lib/libcrypto/doc/RSA_get_ex_new_index.pod delete mode 100644 src/lib/libcrypto/doc/RSA_new.pod delete mode 100644 src/lib/libcrypto/doc/RSA_padding_add_PKCS1_type_1.pod delete mode 100644 src/lib/libcrypto/doc/RSA_print.pod delete mode 100644 src/lib/libcrypto/doc/RSA_private_encrypt.pod delete mode 100644 src/lib/libcrypto/doc/RSA_public_encrypt.pod delete mode 100644 src/lib/libcrypto/doc/RSA_set_method.pod delete mode 100644 src/lib/libcrypto/doc/RSA_sign.pod delete mode 100644 src/lib/libcrypto/doc/RSA_sign_ASN1_OCTET_STRING.pod delete mode 100644 src/lib/libcrypto/doc/RSA_size.pod delete mode 100644 src/lib/libcrypto/doc/bn.pod delete mode 100644 src/lib/libcrypto/doc/d2i_DHparams.pod delete mode 100644 src/lib/libcrypto/doc/d2i_RSAPublicKey.pod delete mode 100644 src/lib/libcrypto/doc/dh.pod delete mode 100644 src/lib/libcrypto/doc/dsa.pod delete mode 100644 src/lib/libcrypto/doc/evp.pod delete mode 100644 src/lib/libcrypto/doc/lh_stats.pod delete mode 100644 src/lib/libcrypto/doc/rsa.pod delete mode 100644 src/lib/libcrypto/dsa/dsa.h delete mode 100644 src/lib/libcrypto/dsa/dsa_asn1.c delete mode 100644 src/lib/libcrypto/dsa/dsa_err.c delete mode 100644 src/lib/libcrypto/dsa/dsa_gen.c delete mode 100644 src/lib/libcrypto/dsa/dsa_key.c delete mode 100644 src/lib/libcrypto/dsa/dsa_lib.c delete mode 100644 src/lib/libcrypto/dsa/dsa_ossl.c delete mode 100644 src/lib/libcrypto/dsa/dsa_sign.c delete mode 100644 src/lib/libcrypto/dsa/dsa_vrf.c delete mode 100644 src/lib/libcrypto/dso/dso.h delete mode 100644 src/lib/libcrypto/dso/dso_dlfcn.c delete mode 100644 src/lib/libcrypto/dso/dso_err.c delete mode 100644 src/lib/libcrypto/dso/dso_lib.c delete mode 100644 src/lib/libcrypto/dso/dso_null.c delete mode 100644 src/lib/libcrypto/dso/dso_openssl.c delete mode 100644 src/lib/libcrypto/engine/README delete mode 100644 src/lib/libcrypto/engine/engine.h delete mode 100644 src/lib/libcrypto/err/err.c delete mode 100644 src/lib/libcrypto/err/err.h delete mode 100644 src/lib/libcrypto/err/err_all.c delete mode 100644 src/lib/libcrypto/err/err_prn.c delete mode 100644 src/lib/libcrypto/err/openssl.ec delete mode 100644 src/lib/libcrypto/evp/bio_b64.c delete mode 100644 src/lib/libcrypto/evp/bio_enc.c delete mode 100644 src/lib/libcrypto/evp/bio_md.c delete mode 100644 src/lib/libcrypto/evp/c_all.c delete mode 100644 src/lib/libcrypto/evp/digest.c delete mode 100644 src/lib/libcrypto/evp/e_bf.c delete mode 100644 src/lib/libcrypto/evp/e_cast.c delete mode 100644 src/lib/libcrypto/evp/e_des.c delete mode 100644 src/lib/libcrypto/evp/e_des3.c delete mode 100644 src/lib/libcrypto/evp/e_idea.c delete mode 100644 src/lib/libcrypto/evp/e_null.c delete mode 100644 src/lib/libcrypto/evp/e_rc2.c delete mode 100644 src/lib/libcrypto/evp/e_rc4.c delete mode 100644 src/lib/libcrypto/evp/e_xcbc_d.c delete mode 100644 src/lib/libcrypto/evp/encode.c delete mode 100644 src/lib/libcrypto/evp/evp.h delete mode 100644 src/lib/libcrypto/evp/evp_enc.c delete mode 100644 src/lib/libcrypto/evp/evp_err.c delete mode 100644 src/lib/libcrypto/evp/evp_key.c delete mode 100644 src/lib/libcrypto/evp/evp_lib.c delete mode 100644 src/lib/libcrypto/evp/evp_locl.h delete mode 100644 src/lib/libcrypto/evp/evp_pbe.c delete mode 100644 src/lib/libcrypto/evp/evp_pkey.c delete mode 100644 src/lib/libcrypto/evp/m_dss.c delete mode 100644 src/lib/libcrypto/evp/m_dss1.c delete mode 100644 src/lib/libcrypto/evp/m_md4.c delete mode 100644 src/lib/libcrypto/evp/m_md5.c delete mode 100644 src/lib/libcrypto/evp/m_null.c delete mode 100644 src/lib/libcrypto/evp/m_ripemd.c delete mode 100644 src/lib/libcrypto/evp/m_sha1.c delete mode 100644 src/lib/libcrypto/evp/names.c delete mode 100644 src/lib/libcrypto/evp/p5_crpt.c delete mode 100644 src/lib/libcrypto/evp/p5_crpt2.c delete mode 100644 src/lib/libcrypto/evp/p_dec.c delete mode 100644 src/lib/libcrypto/evp/p_enc.c delete mode 100644 src/lib/libcrypto/evp/p_lib.c delete mode 100644 src/lib/libcrypto/evp/p_open.c delete mode 100644 src/lib/libcrypto/evp/p_seal.c delete mode 100644 src/lib/libcrypto/evp/p_sign.c delete mode 100644 src/lib/libcrypto/evp/p_verify.c delete mode 100644 src/lib/libcrypto/ex_data.c delete mode 100644 src/lib/libcrypto/hmac/hmac.c delete mode 100644 src/lib/libcrypto/hmac/hmac.h delete mode 100644 src/lib/libcrypto/idea/idea.h delete mode 100644 src/lib/libcrypto/lhash/lh_stats.c delete mode 100644 src/lib/libcrypto/lhash/lhash.c delete mode 100644 src/lib/libcrypto/lhash/lhash.h delete mode 100644 src/lib/libcrypto/md32_common.h delete mode 100644 src/lib/libcrypto/md4/md4.h delete mode 100644 src/lib/libcrypto/md4/md4_dgst.c delete mode 100644 src/lib/libcrypto/md4/md4_locl.h delete mode 100644 src/lib/libcrypto/md4/md4_one.c delete mode 100644 src/lib/libcrypto/md5/asm/md5-586.pl delete mode 100644 src/lib/libcrypto/md5/md5.h delete mode 100644 src/lib/libcrypto/md5/md5_dgst.c delete mode 100644 src/lib/libcrypto/md5/md5_locl.h delete mode 100644 src/lib/libcrypto/md5/md5_one.c delete mode 100644 src/lib/libcrypto/mem_dbg.c delete mode 100644 src/lib/libcrypto/objects/o_names.c delete mode 100644 src/lib/libcrypto/objects/obj_dat.c delete mode 100644 src/lib/libcrypto/objects/obj_dat.pl delete mode 100644 src/lib/libcrypto/objects/obj_err.c delete mode 100644 src/lib/libcrypto/objects/obj_lib.c delete mode 100644 src/lib/libcrypto/objects/obj_mac.num delete mode 100644 src/lib/libcrypto/objects/objects.README delete mode 100644 src/lib/libcrypto/objects/objects.h delete mode 100644 src/lib/libcrypto/objects/objects.pl delete mode 100644 src/lib/libcrypto/objects/objects.txt delete mode 100644 src/lib/libcrypto/opensslv.h delete mode 100644 src/lib/libcrypto/pem/message delete mode 100644 src/lib/libcrypto/pem/pem.h delete mode 100644 src/lib/libcrypto/pem/pem2.h delete mode 100644 src/lib/libcrypto/pem/pem_all.c delete mode 100644 src/lib/libcrypto/pem/pem_err.c delete mode 100644 src/lib/libcrypto/pem/pem_info.c delete mode 100644 src/lib/libcrypto/pem/pem_lib.c delete mode 100644 src/lib/libcrypto/pem/pem_seal.c delete mode 100644 src/lib/libcrypto/pem/pem_sign.c delete mode 100644 src/lib/libcrypto/pem/pkcs7.lis delete mode 100644 src/lib/libcrypto/perlasm/cbc.pl delete mode 100644 src/lib/libcrypto/perlasm/readme delete mode 100644 src/lib/libcrypto/perlasm/x86asm.pl delete mode 100644 src/lib/libcrypto/pkcs12/p12_add.c delete mode 100644 src/lib/libcrypto/pkcs12/p12_attr.c delete mode 100644 src/lib/libcrypto/pkcs12/p12_crpt.c delete mode 100644 src/lib/libcrypto/pkcs12/p12_crt.c delete mode 100644 src/lib/libcrypto/pkcs12/p12_decr.c delete mode 100644 src/lib/libcrypto/pkcs12/p12_init.c delete mode 100644 src/lib/libcrypto/pkcs12/p12_key.c delete mode 100644 src/lib/libcrypto/pkcs12/p12_kiss.c delete mode 100644 src/lib/libcrypto/pkcs12/p12_mutl.c delete mode 100644 src/lib/libcrypto/pkcs12/p12_npas.c delete mode 100644 src/lib/libcrypto/pkcs12/p12_utl.c delete mode 100644 src/lib/libcrypto/pkcs12/pk12err.c delete mode 100644 src/lib/libcrypto/pkcs12/pkcs12.h delete mode 100644 src/lib/libcrypto/pkcs7/pk7_attr.c delete mode 100644 src/lib/libcrypto/pkcs7/pk7_doit.c delete mode 100644 src/lib/libcrypto/pkcs7/pk7_lib.c delete mode 100644 src/lib/libcrypto/pkcs7/pk7_mime.c delete mode 100644 src/lib/libcrypto/pkcs7/pk7_smime.c delete mode 100644 src/lib/libcrypto/pkcs7/pkcs7.h delete mode 100644 src/lib/libcrypto/pkcs7/pkcs7err.c delete mode 100644 src/lib/libcrypto/rand/rand.h delete mode 100644 src/lib/libcrypto/rand/rand_err.c delete mode 100644 src/lib/libcrypto/rand/rand_lib.c delete mode 100644 src/lib/libcrypto/rand/randfile.c delete mode 100644 src/lib/libcrypto/rc2/rc2.h delete mode 100644 src/lib/libcrypto/rc2/rc2_cbc.c delete mode 100644 src/lib/libcrypto/rc2/rc2_ecb.c delete mode 100644 src/lib/libcrypto/rc2/rc2_locl.h delete mode 100644 src/lib/libcrypto/rc2/rc2_skey.c delete mode 100644 src/lib/libcrypto/rc2/rc2cfb64.c delete mode 100644 src/lib/libcrypto/rc2/rc2ofb64.c delete mode 100644 src/lib/libcrypto/rc2/rrc2.doc delete mode 100644 src/lib/libcrypto/rc2/version delete mode 100644 src/lib/libcrypto/rc4/asm/rc4-586.pl delete mode 100644 src/lib/libcrypto/rc4/rc4.h delete mode 100644 src/lib/libcrypto/rc4/rc4_enc.c delete mode 100644 src/lib/libcrypto/rc4/rc4_locl.h delete mode 100644 src/lib/libcrypto/rc4/rc4_skey.c delete mode 100644 src/lib/libcrypto/ripemd/README delete mode 100644 src/lib/libcrypto/ripemd/asm/rmd-586.pl delete mode 100644 src/lib/libcrypto/ripemd/ripemd.h delete mode 100644 src/lib/libcrypto/ripemd/rmd_dgst.c delete mode 100644 src/lib/libcrypto/ripemd/rmd_locl.h delete mode 100644 src/lib/libcrypto/ripemd/rmd_one.c delete mode 100644 src/lib/libcrypto/ripemd/rmdconst.h delete mode 100644 src/lib/libcrypto/rsa/rsa.h delete mode 100644 src/lib/libcrypto/rsa/rsa_chk.c delete mode 100644 src/lib/libcrypto/rsa/rsa_eay.c delete mode 100644 src/lib/libcrypto/rsa/rsa_err.c delete mode 100644 src/lib/libcrypto/rsa/rsa_gen.c delete mode 100644 src/lib/libcrypto/rsa/rsa_lib.c delete mode 100644 src/lib/libcrypto/rsa/rsa_none.c delete mode 100644 src/lib/libcrypto/rsa/rsa_oaep.c delete mode 100644 src/lib/libcrypto/rsa/rsa_pk1.c delete mode 100644 src/lib/libcrypto/rsa/rsa_saos.c delete mode 100644 src/lib/libcrypto/rsa/rsa_sign.c delete mode 100644 src/lib/libcrypto/rsa/rsa_ssl.c delete mode 100644 src/lib/libcrypto/sha/asm/sha1-586.pl delete mode 100644 src/lib/libcrypto/sha/sha.h delete mode 100644 src/lib/libcrypto/sha/sha1_one.c delete mode 100644 src/lib/libcrypto/sha/sha1dgst.c delete mode 100644 src/lib/libcrypto/sha/sha_locl.h delete mode 100644 src/lib/libcrypto/stack/safestack.h delete mode 100644 src/lib/libcrypto/stack/stack.c delete mode 100644 src/lib/libcrypto/stack/stack.h delete mode 100644 src/lib/libcrypto/txt_db/txt_db.c delete mode 100644 src/lib/libcrypto/txt_db/txt_db.h delete mode 100644 src/lib/libcrypto/util/mkerr.pl delete mode 100644 src/lib/libcrypto/util/mkstack.pl delete mode 100644 src/lib/libcrypto/x509/by_dir.c delete mode 100644 src/lib/libcrypto/x509/by_file.c delete mode 100644 src/lib/libcrypto/x509/x509.h delete mode 100644 src/lib/libcrypto/x509/x509_att.c delete mode 100644 src/lib/libcrypto/x509/x509_cmp.c delete mode 100644 src/lib/libcrypto/x509/x509_d2.c delete mode 100644 src/lib/libcrypto/x509/x509_def.c delete mode 100644 src/lib/libcrypto/x509/x509_err.c delete mode 100644 src/lib/libcrypto/x509/x509_ext.c delete mode 100644 src/lib/libcrypto/x509/x509_lu.c delete mode 100644 src/lib/libcrypto/x509/x509_obj.c delete mode 100644 src/lib/libcrypto/x509/x509_r2x.c delete mode 100644 src/lib/libcrypto/x509/x509_req.c delete mode 100644 src/lib/libcrypto/x509/x509_set.c delete mode 100644 src/lib/libcrypto/x509/x509_trs.c delete mode 100644 src/lib/libcrypto/x509/x509_txt.c delete mode 100644 src/lib/libcrypto/x509/x509_v3.c delete mode 100644 src/lib/libcrypto/x509/x509_vfy.c delete mode 100644 src/lib/libcrypto/x509/x509_vfy.h delete mode 100644 src/lib/libcrypto/x509/x509name.c delete mode 100644 src/lib/libcrypto/x509/x509rset.c delete mode 100644 src/lib/libcrypto/x509/x509spki.c delete mode 100644 src/lib/libcrypto/x509/x509type.c delete mode 100644 src/lib/libcrypto/x509/x_all.c delete mode 100644 src/lib/libcrypto/x509v3/ext_dat.h delete mode 100644 src/lib/libcrypto/x509v3/v3_akey.c delete mode 100644 src/lib/libcrypto/x509v3/v3_alt.c delete mode 100644 src/lib/libcrypto/x509v3/v3_bcons.c delete mode 100644 src/lib/libcrypto/x509v3/v3_bitst.c delete mode 100644 src/lib/libcrypto/x509v3/v3_conf.c delete mode 100644 src/lib/libcrypto/x509v3/v3_cpols.c delete mode 100644 src/lib/libcrypto/x509v3/v3_crld.c delete mode 100644 src/lib/libcrypto/x509v3/v3_enum.c delete mode 100644 src/lib/libcrypto/x509v3/v3_extku.c delete mode 100644 src/lib/libcrypto/x509v3/v3_genn.c delete mode 100644 src/lib/libcrypto/x509v3/v3_ia5.c delete mode 100644 src/lib/libcrypto/x509v3/v3_info.c delete mode 100644 src/lib/libcrypto/x509v3/v3_int.c delete mode 100644 src/lib/libcrypto/x509v3/v3_lib.c delete mode 100644 src/lib/libcrypto/x509v3/v3_pku.c delete mode 100644 src/lib/libcrypto/x509v3/v3_prn.c delete mode 100644 src/lib/libcrypto/x509v3/v3_purp.c delete mode 100644 src/lib/libcrypto/x509v3/v3_skey.c delete mode 100644 src/lib/libcrypto/x509v3/v3_sxnet.c delete mode 100644 src/lib/libcrypto/x509v3/v3_utl.c delete mode 100644 src/lib/libcrypto/x509v3/v3err.c delete mode 100644 src/lib/libcrypto/x509v3/x509v3.h delete mode 100644 src/lib/libssl/LICENSE delete mode 100644 src/lib/libssl/bio_ssl.c delete mode 100644 src/lib/libssl/doc/openssl.cnf delete mode 100644 src/lib/libssl/doc/openssl.txt delete mode 100644 src/lib/libssl/doc/standards.txt delete mode 100644 src/lib/libssl/s23_clnt.c delete mode 100644 src/lib/libssl/s23_lib.c delete mode 100644 src/lib/libssl/s23_pkt.c delete mode 100644 src/lib/libssl/s23_srvr.c delete mode 100644 src/lib/libssl/s3_both.c delete mode 100644 src/lib/libssl/s3_clnt.c delete mode 100644 src/lib/libssl/s3_lib.c delete mode 100644 src/lib/libssl/s3_pkt.c delete mode 100644 src/lib/libssl/s3_srvr.c delete mode 100644 src/lib/libssl/shlib_version delete mode 100644 src/lib/libssl/ssl.h delete mode 100644 src/lib/libssl/ssl2.h delete mode 100644 src/lib/libssl/ssl23.h delete mode 100644 src/lib/libssl/ssl3.h delete mode 100644 src/lib/libssl/ssl_algs.c delete mode 100644 src/lib/libssl/ssl_asn1.c delete mode 100644 src/lib/libssl/ssl_cert.c delete mode 100644 src/lib/libssl/ssl_ciph.c delete mode 100644 src/lib/libssl/ssl_err.c delete mode 100644 src/lib/libssl/ssl_err2.c delete mode 100644 src/lib/libssl/ssl_lib.c delete mode 100644 src/lib/libssl/ssl_locl.h delete mode 100644 src/lib/libssl/ssl_rsa.c delete mode 100644 src/lib/libssl/ssl_sess.c delete mode 100644 src/lib/libssl/ssl_stat.c delete mode 100644 src/lib/libssl/ssl_txt.c delete mode 100644 src/lib/libssl/t1_clnt.c delete mode 100644 src/lib/libssl/t1_enc.c delete mode 100644 src/lib/libssl/t1_lib.c delete mode 100644 src/lib/libssl/t1_meth.c delete mode 100644 src/lib/libssl/t1_srvr.c delete mode 100644 src/lib/libssl/test/CAss.cnf delete mode 100644 src/lib/libssl/test/CAssdh.cnf delete mode 100644 src/lib/libssl/test/CAssdsa.cnf delete mode 100644 src/lib/libssl/test/CAssrsa.cnf delete mode 100644 src/lib/libssl/test/Sssdsa.cnf delete mode 100644 src/lib/libssl/test/Sssrsa.cnf delete mode 100644 src/lib/libssl/test/Uss.cnf delete mode 100644 src/lib/libssl/test/VMSca-response.1 delete mode 100644 src/lib/libssl/test/VMSca-response.2 delete mode 100644 src/lib/libssl/test/methtest.c delete mode 100644 src/lib/libssl/test/pkcs7-1.pem delete mode 100644 src/lib/libssl/test/pkcs7.pem delete mode 100644 src/lib/libssl/test/r160test.c delete mode 100644 src/lib/libssl/test/tcrl delete mode 100644 src/lib/libssl/test/test.cnf delete mode 100644 src/lib/libssl/test/testca delete mode 100644 src/lib/libssl/test/testcrl.pem delete mode 100644 src/lib/libssl/test/testenc delete mode 100644 src/lib/libssl/test/testgen delete mode 100644 src/lib/libssl/test/testp7.pem delete mode 100644 src/lib/libssl/test/testreq2.pem delete mode 100644 src/lib/libssl/test/testrsa.pem delete mode 100644 src/lib/libssl/test/testsid.pem delete mode 100644 src/lib/libssl/test/testss delete mode 100644 src/lib/libssl/test/testssl delete mode 100644 src/lib/libssl/test/testx509.pem delete mode 100644 src/lib/libssl/test/times delete mode 100644 src/lib/libssl/test/tpkcs7 delete mode 100644 src/lib/libssl/test/tpkcs7d delete mode 100644 src/lib/libssl/test/treq delete mode 100644 src/lib/libssl/test/trsa delete mode 100644 src/lib/libssl/test/tsid delete mode 100644 src/lib/libssl/test/tx509 delete mode 100644 src/lib/libssl/test/v3-cert1.pem delete mode 100644 src/lib/libssl/test/v3-cert2.pem delete mode 100644 src/lib/libssl/tls1.h diff --git a/src/lib/libcrypto/asn1/a_bitstr.c b/src/lib/libcrypto/asn1/a_bitstr.c deleted file mode 100644 index 7013a407ad..0000000000 --- a/src/lib/libcrypto/asn1/a_bitstr.c +++ /dev/null @@ -1,259 +0,0 @@ -/* crypto/asn1/a_bitstr.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include - -ASN1_BIT_STRING *ASN1_BIT_STRING_new(void) -{ return M_ASN1_BIT_STRING_new(); } - -void ASN1_BIT_STRING_free(ASN1_BIT_STRING *x) -{ M_ASN1_BIT_STRING_free(x); } - -int ASN1_BIT_STRING_set(ASN1_BIT_STRING *x, unsigned char *d, int len) -{ return M_ASN1_BIT_STRING_set(x, d, len); } - -int i2d_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp) -{ - int len, ret; - len = i2c_ASN1_BIT_STRING(a, NULL); - ret=ASN1_object_size(0,len,V_ASN1_BIT_STRING); - if(pp) { - ASN1_put_object(pp,0,len,V_ASN1_BIT_STRING,V_ASN1_UNIVERSAL); - i2c_ASN1_BIT_STRING(a, pp); - } - return ret; -} - -int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp) - { - int ret,j,bits,len; - unsigned char *p,*d; - - if (a == NULL) return(0); - - len=a->length; - ret=1+len; - if (pp == NULL) return(ret); - - if (len > 0) - { - if (a->flags & ASN1_STRING_FLAG_BITS_LEFT) - { - bits=(int)a->flags&0x07; - } - else - { - for ( ; len > 0; len--) - { - if (a->data[len-1]) break; - } - j=a->data[len-1]; - if (j & 0x01) bits=0; - else if (j & 0x02) bits=1; - else if (j & 0x04) bits=2; - else if (j & 0x08) bits=3; - else if (j & 0x10) bits=4; - else if (j & 0x20) bits=5; - else if (j & 0x40) bits=6; - else if (j & 0x80) bits=7; - else bits=0; /* should not happen */ - } - } - else - bits=0; - p= *pp; - - *(p++)=(unsigned char)bits; - d=a->data; - memcpy(p,d,len); - p+=len; - if (len > 0) p[-1]&=(0xff<flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); /* clear */ - ret->flags|=(ASN1_STRING_FLAG_BITS_LEFT|(i&0x07)); /* set */ - - if (len-- > 1) /* using one because of the bits left byte */ - { - s=(unsigned char *)OPENSSL_malloc((int)len); - if (s == NULL) - { - i=ERR_R_MALLOC_FAILURE; - goto err; - } - memcpy(s,p,(int)len); - s[len-1]&=(0xff<length=(int)len; - if (ret->data != NULL) OPENSSL_free(ret->data); - ret->data=s; - ret->type=V_ASN1_BIT_STRING; - if (a != NULL) (*a)=ret; - *pp=p; - return(ret); -err: - ASN1err(ASN1_F_D2I_ASN1_BIT_STRING,i); - if ((ret != NULL) && ((a == NULL) || (*a != ret))) - M_ASN1_BIT_STRING_free(ret); - return(NULL); - } - -/* These next 2 functions from Goetz Babin-Ebell - */ -int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value) - { - int w,v,iv; - unsigned char *c; - - w=n/8; - v=1<<(7-(n&0x07)); - iv= ~v; - - a->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); /* clear, set on write */ - - if (a == NULL) return(0); - if ((a->length < (w+1)) || (a->data == NULL)) - { - if (!value) return(1); /* Don't need to set */ - if (a->data == NULL) - c=(unsigned char *)OPENSSL_malloc(w+1); - else - c=(unsigned char *)OPENSSL_realloc(a->data,w+1); - if (c == NULL) return(0); - if (w+1-a->length > 0) memset(c+a->length, 0, w+1-a->length); - a->data=c; - a->length=w+1; - } - a->data[w]=((a->data[w])&iv)|v; - while ((a->length > 0) && (a->data[a->length-1] == 0)) - a->length--; - return(1); - } - -int ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n) - { - int w,v; - - w=n/8; - v=1<<(7-(n&0x07)); - if ((a == NULL) || (a->length < (w+1)) || (a->data == NULL)) - return(0); - return((a->data[w]&v) != 0); - } - diff --git a/src/lib/libcrypto/asn1/a_bool.c b/src/lib/libcrypto/asn1/a_bool.c deleted file mode 100644 index 18fa61840b..0000000000 --- a/src/lib/libcrypto/asn1/a_bool.c +++ /dev/null @@ -1,112 +0,0 @@ -/* crypto/asn1/a_bool.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include - -int i2d_ASN1_BOOLEAN(int a, unsigned char **pp) - { - int r; - unsigned char *p; - - r=ASN1_object_size(0,1,V_ASN1_BOOLEAN); - if (pp == NULL) return(r); - p= *pp; - - ASN1_put_object(&p,0,1,V_ASN1_BOOLEAN,V_ASN1_UNIVERSAL); - *(p++)= (unsigned char)a; - *pp=p; - return(r); - } - -int d2i_ASN1_BOOLEAN(int *a, unsigned char **pp, long length) - { - int ret= -1; - unsigned char *p; - long len; - int inf,tag,xclass; - int i=0; - - p= *pp; - inf=ASN1_get_object(&p,&len,&tag,&xclass,length); - if (inf & 0x80) - { - i=ASN1_R_BAD_OBJECT_HEADER; - goto err; - } - - if (tag != V_ASN1_BOOLEAN) - { - i=ASN1_R_EXPECTING_A_BOOLEAN; - goto err; - } - - if (len != 1) - { - i=ASN1_R_BOOLEAN_IS_WRONG_LENGTH; - goto err; - } - ret= (int)*(p++); - if (a != NULL) (*a)=ret; - *pp=p; - return(ret); -err: - ASN1err(ASN1_F_D2I_ASN1_BOOLEAN,i); - return(ret); - } diff --git a/src/lib/libcrypto/asn1/a_bytes.c b/src/lib/libcrypto/asn1/a_bytes.c deleted file mode 100644 index 3a0c0c7835..0000000000 --- a/src/lib/libcrypto/asn1/a_bytes.c +++ /dev/null @@ -1,323 +0,0 @@ -/* crypto/asn1/a_bytes.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include - -static unsigned long tag2bit[32]={ -0, 0, 0, B_ASN1_BIT_STRING, /* tags 0 - 3 */ -B_ASN1_OCTET_STRING, 0, 0, B_ASN1_UNKNOWN,/* tags 4- 7 */ -B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN,/* tags 8-11 */ -B_ASN1_UTF8STRING,B_ASN1_UNKNOWN,B_ASN1_UNKNOWN,B_ASN1_UNKNOWN,/* tags 12-15 */ -0, 0, B_ASN1_NUMERICSTRING,B_ASN1_PRINTABLESTRING, -B_ASN1_T61STRING,B_ASN1_VIDEOTEXSTRING,B_ASN1_IA5STRING,0, -0,B_ASN1_GRAPHICSTRING,B_ASN1_ISO64STRING,B_ASN1_GENERALSTRING, -B_ASN1_UNIVERSALSTRING,B_ASN1_UNKNOWN,B_ASN1_BMPSTRING,B_ASN1_UNKNOWN, - }; - -static int asn1_collate_primitive(ASN1_STRING *a, ASN1_CTX *c); -/* type is a 'bitmap' of acceptable string types. - */ -ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a, unsigned char **pp, - long length, int type) - { - ASN1_STRING *ret=NULL; - unsigned char *p,*s; - long len; - int inf,tag,xclass; - int i=0; - - p= *pp; - inf=ASN1_get_object(&p,&len,&tag,&xclass,length); - if (inf & 0x80) goto err; - - if (tag >= 32) - { - i=ASN1_R_TAG_VALUE_TOO_HIGH;; - goto err; - } - if (!(tag2bit[tag] & type)) - { - i=ASN1_R_WRONG_TYPE; - goto err; - } - - /* If a bit-string, exit early */ - if (tag == V_ASN1_BIT_STRING) - return(d2i_ASN1_BIT_STRING(a,pp,length)); - - if ((a == NULL) || ((*a) == NULL)) - { - if ((ret=ASN1_STRING_new()) == NULL) return(NULL); - } - else - ret=(*a); - - if (len != 0) - { - s=(unsigned char *)OPENSSL_malloc((int)len+1); - if (s == NULL) - { - i=ERR_R_MALLOC_FAILURE; - goto err; - } - memcpy(s,p,(int)len); - s[len]='\0'; - p+=len; - } - else - s=NULL; - - if (ret->data != NULL) OPENSSL_free(ret->data); - ret->length=(int)len; - ret->data=s; - ret->type=tag; - if (a != NULL) (*a)=ret; - *pp=p; - return(ret); -err: - ASN1err(ASN1_F_D2I_ASN1_TYPE_BYTES,i); - if ((ret != NULL) && ((a == NULL) || (*a != ret))) - ASN1_STRING_free(ret); - return(NULL); - } - -int i2d_ASN1_bytes(ASN1_STRING *a, unsigned char **pp, int tag, int xclass) - { - int ret,r,constructed; - unsigned char *p; - - if (a == NULL) return(0); - - if (tag == V_ASN1_BIT_STRING) - return(i2d_ASN1_BIT_STRING(a,pp)); - - ret=a->length; - r=ASN1_object_size(0,ret,tag); - if (pp == NULL) return(r); - p= *pp; - - if ((tag == V_ASN1_SEQUENCE) || (tag == V_ASN1_SET)) - constructed=1; - else - constructed=0; - ASN1_put_object(&p,constructed,ret,tag,xclass); - memcpy(p,a->data,a->length); - p+=a->length; - *pp= p; - return(r); - } - -ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, unsigned char **pp, long length, - int Ptag, int Pclass) - { - ASN1_STRING *ret=NULL; - unsigned char *p,*s; - long len; - int inf,tag,xclass; - int i=0; - - if ((a == NULL) || ((*a) == NULL)) - { - if ((ret=ASN1_STRING_new()) == NULL) return(NULL); - } - else - ret=(*a); - - p= *pp; - inf=ASN1_get_object(&p,&len,&tag,&xclass,length); - if (inf & 0x80) - { - i=ASN1_R_BAD_OBJECT_HEADER; - goto err; - } - - if (tag != Ptag) - { - i=ASN1_R_WRONG_TAG; - goto err; - } - - if (inf & V_ASN1_CONSTRUCTED) - { - ASN1_CTX c; - - c.pp=pp; - c.p=p; - c.inf=inf; - c.slen=len; - c.tag=Ptag; - c.xclass=Pclass; - c.max=(length == 0)?0:(p+length); - if (!asn1_collate_primitive(ret,&c)) - goto err; - else - { - p=c.p; - } - } - else - { - if (len != 0) - { - if ((ret->length < len) || (ret->data == NULL)) - { - if (ret->data != NULL) OPENSSL_free(ret->data); - s=(unsigned char *)OPENSSL_malloc((int)len + 1); - if (s == NULL) - { - i=ERR_R_MALLOC_FAILURE; - goto err; - } - } - else - s=ret->data; - memcpy(s,p,(int)len); - s[len] = '\0'; - p+=len; - } - else - { - s=NULL; - if (ret->data != NULL) OPENSSL_free(ret->data); - } - - ret->length=(int)len; - ret->data=s; - ret->type=Ptag; - } - - if (a != NULL) (*a)=ret; - *pp=p; - return(ret); -err: - if ((ret != NULL) && ((a == NULL) || (*a != ret))) - ASN1_STRING_free(ret); - ASN1err(ASN1_F_D2I_ASN1_BYTES,i); - return(NULL); - } - - -/* We are about to parse 0..n d2i_ASN1_bytes objects, we are to collapse - * them into the one structure that is then returned */ -/* There have been a few bug fixes for this function from - * Paul Keogh , many thanks to him */ -static int asn1_collate_primitive(ASN1_STRING *a, ASN1_CTX *c) - { - ASN1_STRING *os=NULL; - BUF_MEM b; - int num; - - b.length=0; - b.max=0; - b.data=NULL; - - if (a == NULL) - { - c->error=ERR_R_PASSED_NULL_PARAMETER; - goto err; - } - - num=0; - for (;;) - { - if (c->inf & 1) - { - c->eos=ASN1_check_infinite_end(&c->p, - (long)(c->max-c->p)); - if (c->eos) break; - } - else - { - if (c->slen <= 0) break; - } - - c->q=c->p; - if (d2i_ASN1_bytes(&os,&c->p,c->max-c->p,c->tag,c->xclass) - == NULL) - { - c->error=ERR_R_ASN1_LIB; - goto err; - } - - if (!BUF_MEM_grow(&b,num+os->length)) - { - c->error=ERR_R_BUF_LIB; - goto err; - } - memcpy(&(b.data[num]),os->data,os->length); - if (!(c->inf & 1)) - c->slen-=(c->p-c->q); - num+=os->length; - } - - if (!asn1_Finish(c)) goto err; - - a->length=num; - if (a->data != NULL) OPENSSL_free(a->data); - a->data=(unsigned char *)b.data; - if (os != NULL) ASN1_STRING_free(os); - return(1); -err: - ASN1err(ASN1_F_ASN1_COLLATE_PRIMITIVE,c->error); - if (os != NULL) ASN1_STRING_free(os); - if (b.data != NULL) OPENSSL_free(b.data); - return(0); - } - diff --git a/src/lib/libcrypto/asn1/a_d2i_fp.c b/src/lib/libcrypto/asn1/a_d2i_fp.c deleted file mode 100644 index a49d1cb289..0000000000 --- a/src/lib/libcrypto/asn1/a_d2i_fp.c +++ /dev/null @@ -1,195 +0,0 @@ -/* crypto/asn1/a_d2i_fp.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include - -#define HEADER_SIZE 8 - -#ifndef NO_FP_API -char *ASN1_d2i_fp(char *(*xnew)(), char *(*d2i)(), FILE *in, - unsigned char **x) - { - BIO *b; - char *ret; - - if ((b=BIO_new(BIO_s_file())) == NULL) - { - ASN1err(ASN1_F_ASN1_D2I_FP,ERR_R_BUF_LIB); - return(NULL); - } - BIO_set_fp(b,in,BIO_NOCLOSE); - ret=ASN1_d2i_bio(xnew,d2i,b,x); - BIO_free(b); - return(ret); - } -#endif - -char *ASN1_d2i_bio(char *(*xnew)(), char *(*d2i)(), BIO *in, - unsigned char **x) - { - BUF_MEM *b; - unsigned char *p; - int i; - char *ret=NULL; - ASN1_CTX c; - int want=HEADER_SIZE; - int eos=0; - int off=0; - int len=0; - - b=BUF_MEM_new(); - if (b == NULL) - { - ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE); - return(NULL); - } - - ERR_clear_error(); - for (;;) - { - if (want >= (len-off)) - { - want-=(len-off); - - if (!BUF_MEM_grow(b,len+want)) - { - ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE); - goto err; - } - i=BIO_read(in,&(b->data[len]),want); - if ((i < 0) && ((len-off) == 0)) - { - ASN1err(ASN1_F_ASN1_D2I_BIO,ASN1_R_NOT_ENOUGH_DATA); - goto err; - } - if (i > 0) - len+=i; - } - /* else data already loaded */ - - p=(unsigned char *)&(b->data[off]); - c.p=p; - c.inf=ASN1_get_object(&(c.p),&(c.slen),&(c.tag),&(c.xclass), - len-off); - if (c.inf & 0x80) - { - unsigned long e; - - e=ERR_GET_REASON(ERR_peek_error()); - if (e != ASN1_R_TOO_LONG) - goto err; - else - ERR_get_error(); /* clear error */ - } - i=c.p-p;/* header length */ - off+=i; /* end of data */ - - if (c.inf & 1) - { - /* no data body so go round again */ - eos++; - want=HEADER_SIZE; - } - else if (eos && (c.slen == 0) && (c.tag == V_ASN1_EOC)) - { - /* eos value, so go back and read another header */ - eos--; - if (eos <= 0) - break; - else - want=HEADER_SIZE; - } - else - { - /* suck in c.slen bytes of data */ - want=(int)c.slen; - if (want > (len-off)) - { - want-=(len-off); - if (!BUF_MEM_grow(b,len+want)) - { - ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE); - goto err; - } - i=BIO_read(in,&(b->data[len]),want); - if (i <= 0) - { - ASN1err(ASN1_F_ASN1_D2I_BIO,ASN1_R_NOT_ENOUGH_DATA); - goto err; - } - len+=i; - } - off+=(int)c.slen; - if (eos <= 0) - { - break; - } - else - want=HEADER_SIZE; - } - } - - p=(unsigned char *)b->data; - ret=d2i(x,&p,off); -err: - if (b != NULL) BUF_MEM_free(b); - return(ret); - } diff --git a/src/lib/libcrypto/asn1/a_digest.c b/src/lib/libcrypto/asn1/a_digest.c deleted file mode 100644 index 8257b8639e..0000000000 --- a/src/lib/libcrypto/asn1/a_digest.c +++ /dev/null @@ -1,90 +0,0 @@ -/* crypto/asn1/a_digest.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include - -#include "cryptlib.h" - -#ifndef NO_SYS_TYPES_H -# include -#endif - -#include -#include -#include - -int ASN1_digest(int (*i2d)(), const EVP_MD *type, char *data, - unsigned char *md, unsigned int *len) - { - EVP_MD_CTX ctx; - int i; - unsigned char *str,*p; - - i=i2d(data,NULL); - if ((str=(unsigned char *)OPENSSL_malloc(i)) == NULL) return(0); - p=str; - i2d(data,&p); - - EVP_DigestInit(&ctx,type); - EVP_DigestUpdate(&ctx,str,i); - EVP_DigestFinal(&ctx,md,len); - OPENSSL_free(str); - return(1); - } - diff --git a/src/lib/libcrypto/asn1/a_dup.c b/src/lib/libcrypto/asn1/a_dup.c deleted file mode 100644 index c3bda58a5d..0000000000 --- a/src/lib/libcrypto/asn1/a_dup.c +++ /dev/null @@ -1,83 +0,0 @@ -/* crypto/asn1/a_dup.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include - -#define READ_CHUNK 2048 - -char *ASN1_dup(int (*i2d)(), char *(*d2i)(), char *x) - { - unsigned char *b,*p; - long i; - char *ret; - - if (x == NULL) return(NULL); - - i=(long)i2d(x,NULL); - b=(unsigned char *)OPENSSL_malloc((unsigned int)i+10); - if (b == NULL) - { ASN1err(ASN1_F_ASN1_DUP,ERR_R_MALLOC_FAILURE); return(NULL); } - p= b; - i=i2d(x,&p); - p= b; - ret=d2i(NULL,&p,i); - OPENSSL_free(b); - return(ret); - } diff --git a/src/lib/libcrypto/asn1/a_enum.c b/src/lib/libcrypto/asn1/a_enum.c deleted file mode 100644 index 1428d1df7a..0000000000 --- a/src/lib/libcrypto/asn1/a_enum.c +++ /dev/null @@ -1,224 +0,0 @@ -/* crypto/asn1/a_enum.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include - -/* - * Code for ENUMERATED type: identical to INTEGER apart from a different tag. - * for comments on encoding see a_int.c - */ - -ASN1_ENUMERATED *ASN1_ENUMERATED_new(void) -{ return M_ASN1_ENUMERATED_new(); } - -void ASN1_ENUMERATED_free(ASN1_ENUMERATED *x) -{ M_ASN1_ENUMERATED_free(x); } - - -int i2d_ASN1_ENUMERATED(ASN1_ENUMERATED *a, unsigned char **pp) -{ - int len, ret; - if(!a) return 0; - len = i2c_ASN1_INTEGER(a, NULL); - ret=ASN1_object_size(0,len,V_ASN1_ENUMERATED); - if(pp) { - ASN1_put_object(pp,0,len,V_ASN1_ENUMERATED,V_ASN1_UNIVERSAL); - i2c_ASN1_INTEGER(a, pp); - } - return ret; -} - -ASN1_ENUMERATED *d2i_ASN1_ENUMERATED(ASN1_ENUMERATED **a, unsigned char **pp, - long length) -{ - unsigned char *p; - long len; - int i; - int inf,tag,xclass; - ASN1_ENUMERATED *ret; - - p= *pp; - inf=ASN1_get_object(&p,&len,&tag,&xclass,length); - if (inf & 0x80) - { - i=ASN1_R_BAD_OBJECT_HEADER; - goto err; - } - - if (tag != V_ASN1_ENUMERATED) - { - i=ASN1_R_EXPECTING_AN_ENUMERATED; - goto err; - } - ret = c2i_ASN1_INTEGER(a, &p, len); - if(ret) { - ret->type = (V_ASN1_NEG & ret->type) | V_ASN1_ENUMERATED; - *pp = p; - } - return ret; -err: - ASN1err(ASN1_F_D2I_ASN1_ENUMERATED,i); - return(NULL); - -} - -int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v) - { - int i,j,k; - unsigned char buf[sizeof(long)+1]; - long d; - - a->type=V_ASN1_ENUMERATED; - if (a->length < (sizeof(long)+1)) - { - if (a->data != NULL) - OPENSSL_free(a->data); - if ((a->data=(unsigned char *)OPENSSL_malloc(sizeof(long)+1)) != NULL) - memset((char *)a->data,0,sizeof(long)+1); - } - if (a->data == NULL) - { - ASN1err(ASN1_F_ASN1_ENUMERATED_SET,ERR_R_MALLOC_FAILURE); - return(0); - } - d=v; - if (d < 0) - { - d= -d; - a->type=V_ASN1_NEG_ENUMERATED; - } - - for (i=0; i>=8; - } - j=0; - for (k=i-1; k >=0; k--) - a->data[j++]=buf[k]; - a->length=j; - return(1); - } - -long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a) - { - int neg=0,i; - long r=0; - - if (a == NULL) return(0L); - i=a->type; - if (i == V_ASN1_NEG_ENUMERATED) - neg=1; - else if (i != V_ASN1_ENUMERATED) - return(0); - - if (a->length > sizeof(long)) - { - /* hmm... a bit ugly */ - return(0xffffffffL); - } - if (a->data == NULL) - return(0); - - for (i=0; ilength; i++) - { - r<<=8; - r|=(unsigned char)a->data[i]; - } - if (neg) r= -r; - return(r); - } - -ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai) - { - ASN1_ENUMERATED *ret; - int len,j; - - if (ai == NULL) - ret=M_ASN1_ENUMERATED_new(); - else - ret=ai; - if (ret == NULL) - { - ASN1err(ASN1_F_BN_TO_ASN1_ENUMERATED,ERR_R_NESTED_ASN1_ERROR); - goto err; - } - if(bn->neg) ret->type = V_ASN1_NEG_ENUMERATED; - else ret->type=V_ASN1_ENUMERATED; - j=BN_num_bits(bn); - len=((j == 0)?0:((j/8)+1)); - ret->data=(unsigned char *)OPENSSL_malloc(len+4); - ret->length=BN_bn2bin(bn,ret->data); - return(ret); -err: - if (ret != ai) M_ASN1_ENUMERATED_free(ret); - return(NULL); - } - -BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai, BIGNUM *bn) - { - BIGNUM *ret; - - if ((ret=BN_bin2bn(ai->data,ai->length,bn)) == NULL) - ASN1err(ASN1_F_ASN1_ENUMERATED_TO_BN,ASN1_R_BN_LIB); - else if(ai->type == V_ASN1_NEG_ENUMERATED) ret->neg = 1; - return(ret); - } diff --git a/src/lib/libcrypto/asn1/a_i2d_fp.c b/src/lib/libcrypto/asn1/a_i2d_fp.c deleted file mode 100644 index aee29a7790..0000000000 --- a/src/lib/libcrypto/asn1/a_i2d_fp.c +++ /dev/null @@ -1,113 +0,0 @@ -/* crypto/asn1/a_i2d_fp.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include - -#ifndef NO_FP_API -int ASN1_i2d_fp(int (*i2d)(), FILE *out, unsigned char *x) - { - BIO *b; - int ret; - - if ((b=BIO_new(BIO_s_file())) == NULL) - { - ASN1err(ASN1_F_ASN1_I2D_FP,ERR_R_BUF_LIB); - return(0); - } - BIO_set_fp(b,out,BIO_NOCLOSE); - ret=ASN1_i2d_bio(i2d,b,x); - BIO_free(b); - return(ret); - } -#endif - -int ASN1_i2d_bio(int (*i2d)(), BIO *out, unsigned char *x) - { - char *b; - unsigned char *p; - int i,j=0,n,ret=1; - - n=i2d(x,NULL); - b=(char *)OPENSSL_malloc(n); - if (b == NULL) - { - ASN1err(ASN1_F_ASN1_I2D_BIO,ERR_R_MALLOC_FAILURE); - return(0); - } - - p=(unsigned char *)b; - i2d(x,&p); - - for (;;) - { - i=BIO_write(out,&(b[j]),n); - if (i == n) break; - if (i <= 0) - { - ret=0; - break; - } - j+=i; - n-=i; - } - OPENSSL_free(b); - return(ret); - } diff --git a/src/lib/libcrypto/asn1/a_int.c b/src/lib/libcrypto/asn1/a_int.c deleted file mode 100644 index 6f0413f885..0000000000 --- a/src/lib/libcrypto/asn1/a_int.c +++ /dev/null @@ -1,473 +0,0 @@ -/* crypto/asn1/a_int.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include - -ASN1_INTEGER *ASN1_INTEGER_new(void) -{ return M_ASN1_INTEGER_new();} - -void ASN1_INTEGER_free(ASN1_INTEGER *x) -{ M_ASN1_INTEGER_free(x);} - -ASN1_INTEGER *ASN1_INTEGER_dup(ASN1_INTEGER *x) -{ return M_ASN1_INTEGER_dup(x);} - -int ASN1_INTEGER_cmp(ASN1_INTEGER *x, ASN1_INTEGER *y) -{ return M_ASN1_INTEGER_cmp(x,y);} - -/* Output ASN1 INTEGER including tag+length */ - -int i2d_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp) -{ - int len, ret; - if(!a) return 0; - len = i2c_ASN1_INTEGER(a, NULL); - ret=ASN1_object_size(0,len,V_ASN1_INTEGER); - if(pp) { - ASN1_put_object(pp,0,len,V_ASN1_INTEGER,V_ASN1_UNIVERSAL); - i2c_ASN1_INTEGER(a, pp); - } - return ret; -} - -/* - * This converts an ASN1 INTEGER into its content encoding. - * The internal representation is an ASN1_STRING whose data is a big endian - * representation of the value, ignoring the sign. The sign is determined by - * the type: V_ASN1_INTEGER for positive and V_ASN1_NEG_INTEGER for negative. - * - * Positive integers are no problem: they are almost the same as the DER - * encoding, except if the first byte is >= 0x80 we need to add a zero pad. - * - * Negative integers are a bit trickier... - * The DER representation of negative integers is in 2s complement form. - * The internal form is converted by complementing each octet and finally - * adding one to the result. This can be done less messily with a little trick. - * If the internal form has trailing zeroes then they will become FF by the - * complement and 0 by the add one (due to carry) so just copy as many trailing - * zeros to the destination as there are in the source. The carry will add one - * to the last none zero octet: so complement this octet and add one and finally - * complement any left over until you get to the start of the string. - * - * Padding is a little trickier too. If the first bytes is > 0x80 then we pad - * with 0xff. However if the first byte is 0x80 and one of the following bytes - * is non-zero we pad with 0xff. The reason for this distinction is that 0x80 - * followed by optional zeros isn't padded. - */ - -int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp) - { - int pad=0,ret,i,neg; - unsigned char *p,*n,pb=0; - - if ((a == NULL) || (a->data == NULL)) return(0); - neg=a->type & V_ASN1_NEG; - if (a->length == 0) - ret=1; - else - { - ret=a->length; - i=a->data[0]; - if (!neg && (i > 127)) { - pad=1; - pb=0; - } else if(neg) { - if(i>128) { - pad=1; - pb=0xFF; - } else if(i == 128) { - /* - * Special case: if any other bytes non zero we pad: - * otherwise we don't. - */ - for(i = 1; i < a->length; i++) if(a->data[i]) { - pad=1; - pb=0xFF; - break; - } - } - } - ret+=pad; - } - if (pp == NULL) return(ret); - p= *pp; - - if (pad) *(p++)=pb; - if (a->length == 0) *(p++)=0; - else if (!neg) memcpy(p,a->data,(unsigned int)a->length); - else { - /* Begin at the end of the encoding */ - n=a->data + a->length - 1; - p += a->length - 1; - i = a->length; - /* Copy zeros to destination as long as source is zero */ - while(!*n) { - *(p--) = 0; - n--; - i--; - } - /* Complement and increment next octet */ - *(p--) = ((*(n--)) ^ 0xff) + 1; - i--; - /* Complement any octets left */ - for(;i > 0; i--) *(p--) = *(n--) ^ 0xff; - } - - *pp+=ret; - return(ret); - } - -/* Convert DER encoded ASN1 INTEGER to ASN1_INTEGER structure */ -ASN1_INTEGER *d2i_ASN1_INTEGER(ASN1_INTEGER **a, unsigned char **pp, - long length) -{ - unsigned char *p; - long len; - int i; - int inf,tag,xclass; - ASN1_INTEGER *ret; - - p= *pp; - inf=ASN1_get_object(&p,&len,&tag,&xclass,length); - if (inf & 0x80) - { - i=ASN1_R_BAD_OBJECT_HEADER; - goto err; - } - - if (tag != V_ASN1_INTEGER) - { - i=ASN1_R_EXPECTING_AN_INTEGER; - goto err; - } - ret = c2i_ASN1_INTEGER(a, &p, len); - if(ret) *pp = p; - return ret; -err: - ASN1err(ASN1_F_D2I_ASN1_INTEGER,i); - return(NULL); - -} - - -/* Convert just ASN1 INTEGER content octets to ASN1_INTEGER structure */ - -ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, unsigned char **pp, - long len) - { - ASN1_INTEGER *ret=NULL; - unsigned char *p,*to,*s, *pend; - int i; - - if ((a == NULL) || ((*a) == NULL)) - { - if ((ret=M_ASN1_INTEGER_new()) == NULL) return(NULL); - ret->type=V_ASN1_INTEGER; - } - else - ret=(*a); - - p= *pp; - pend = p + len; - - /* We must OPENSSL_malloc stuff, even for 0 bytes otherwise it - * signifies a missing NULL parameter. */ - s=(unsigned char *)OPENSSL_malloc((int)len+1); - if (s == NULL) - { - i=ERR_R_MALLOC_FAILURE; - goto err; - } - to=s; - if(!len) { - /* Strictly speaking this is an illegal INTEGER but we - * tolerate it. - */ - ret->type=V_ASN1_INTEGER; - } else if (*p & 0x80) /* a negative number */ - { - ret->type=V_ASN1_NEG_INTEGER; - if ((*p == 0xff) && (len != 1)) { - p++; - len--; - } - i = len; - p += i - 1; - to += i - 1; - while((!*p) && i) { - *(to--) = 0; - i--; - p--; - } - /* Special case: if all zeros then the number will be of - * the form FF followed by n zero bytes: this corresponds to - * 1 followed by n zero bytes. We've already written n zeros - * so we just append an extra one and set the first byte to - * a 1. This is treated separately because it is the only case - * where the number of bytes is larger than len. - */ - if(!i) { - *s = 1; - s[len] = 0; - len++; - } else { - *(to--) = (*(p--) ^ 0xff) + 1; - i--; - for(;i > 0; i--) *(to--) = *(p--) ^ 0xff; - } - } else { - ret->type=V_ASN1_INTEGER; - if ((*p == 0) && (len != 1)) - { - p++; - len--; - } - memcpy(s,p,(int)len); - } - - if (ret->data != NULL) OPENSSL_free(ret->data); - ret->data=s; - ret->length=(int)len; - if (a != NULL) (*a)=ret; - *pp=pend; - return(ret); -err: - ASN1err(ASN1_F_D2I_ASN1_INTEGER,i); - if ((ret != NULL) && ((a == NULL) || (*a != ret))) - M_ASN1_INTEGER_free(ret); - return(NULL); - } - - -/* This is a version of d2i_ASN1_INTEGER that ignores the sign bit of - * ASN1 integers: some broken software can encode a positive INTEGER - * with its MSB set as negative (it doesn't add a padding zero). - */ - -ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, unsigned char **pp, - long length) - { - ASN1_INTEGER *ret=NULL; - unsigned char *p,*to,*s; - long len; - int inf,tag,xclass; - int i; - - if ((a == NULL) || ((*a) == NULL)) - { - if ((ret=M_ASN1_INTEGER_new()) == NULL) return(NULL); - ret->type=V_ASN1_INTEGER; - } - else - ret=(*a); - - p= *pp; - inf=ASN1_get_object(&p,&len,&tag,&xclass,length); - if (inf & 0x80) - { - i=ASN1_R_BAD_OBJECT_HEADER; - goto err; - } - - if (tag != V_ASN1_INTEGER) - { - i=ASN1_R_EXPECTING_AN_INTEGER; - goto err; - } - - /* We must OPENSSL_malloc stuff, even for 0 bytes otherwise it - * signifies a missing NULL parameter. */ - s=(unsigned char *)OPENSSL_malloc((int)len+1); - if (s == NULL) - { - i=ERR_R_MALLOC_FAILURE; - goto err; - } - to=s; - ret->type=V_ASN1_INTEGER; - if(len) { - if ((*p == 0) && (len != 1)) - { - p++; - len--; - } - memcpy(s,p,(int)len); - p+=len; - } - - if (ret->data != NULL) OPENSSL_free(ret->data); - ret->data=s; - ret->length=(int)len; - if (a != NULL) (*a)=ret; - *pp=p; - return(ret); -err: - ASN1err(ASN1_F_D2I_ASN1_UINTEGER,i); - if ((ret != NULL) && ((a == NULL) || (*a != ret))) - M_ASN1_INTEGER_free(ret); - return(NULL); - } - -int ASN1_INTEGER_set(ASN1_INTEGER *a, long v) - { - int i,j,k; - unsigned char buf[sizeof(long)+1]; - long d; - - a->type=V_ASN1_INTEGER; - if (a->length < (sizeof(long)+1)) - { - if (a->data != NULL) - OPENSSL_free(a->data); - if ((a->data=(unsigned char *)OPENSSL_malloc(sizeof(long)+1)) != NULL) - memset((char *)a->data,0,sizeof(long)+1); - } - if (a->data == NULL) - { - ASN1err(ASN1_F_ASN1_INTEGER_SET,ERR_R_MALLOC_FAILURE); - return(0); - } - d=v; - if (d < 0) - { - d= -d; - a->type=V_ASN1_NEG_INTEGER; - } - - for (i=0; i>=8; - } - j=0; - for (k=i-1; k >=0; k--) - a->data[j++]=buf[k]; - a->length=j; - return(1); - } - -long ASN1_INTEGER_get(ASN1_INTEGER *a) - { - int neg=0,i; - long r=0; - - if (a == NULL) return(0L); - i=a->type; - if (i == V_ASN1_NEG_INTEGER) - neg=1; - else if (i != V_ASN1_INTEGER) - return(0); - - if (a->length > sizeof(long)) - { - /* hmm... a bit ugly */ - return(0xffffffffL); - } - if (a->data == NULL) - return(0); - - for (i=0; ilength; i++) - { - r<<=8; - r|=(unsigned char)a->data[i]; - } - if (neg) r= -r; - return(r); - } - -ASN1_INTEGER *BN_to_ASN1_INTEGER(BIGNUM *bn, ASN1_INTEGER *ai) - { - ASN1_INTEGER *ret; - int len,j; - - if (ai == NULL) - ret=M_ASN1_INTEGER_new(); - else - ret=ai; - if (ret == NULL) - { - ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ERR_R_NESTED_ASN1_ERROR); - goto err; - } - if(bn->neg) ret->type = V_ASN1_NEG_INTEGER; - else ret->type=V_ASN1_INTEGER; - j=BN_num_bits(bn); - len=((j == 0)?0:((j/8)+1)); - ret->data=(unsigned char *)OPENSSL_malloc(len+4); - ret->length=BN_bn2bin(bn,ret->data); - return(ret); -err: - if (ret != ai) M_ASN1_INTEGER_free(ret); - return(NULL); - } - -BIGNUM *ASN1_INTEGER_to_BN(ASN1_INTEGER *ai, BIGNUM *bn) - { - BIGNUM *ret; - - if ((ret=BN_bin2bn(ai->data,ai->length,bn)) == NULL) - ASN1err(ASN1_F_ASN1_INTEGER_TO_BN,ASN1_R_BN_LIB); - else if(ai->type == V_ASN1_NEG_INTEGER) ret->neg = 1; - return(ret); - } - -IMPLEMENT_STACK_OF(ASN1_INTEGER) -IMPLEMENT_ASN1_SET_OF(ASN1_INTEGER) diff --git a/src/lib/libcrypto/asn1/a_mbstr.c b/src/lib/libcrypto/asn1/a_mbstr.c deleted file mode 100644 index 5d981c6553..0000000000 --- a/src/lib/libcrypto/asn1/a_mbstr.c +++ /dev/null @@ -1,400 +0,0 @@ -/* a_mbstr.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include "cryptlib.h" -#include - -static int traverse_string(const unsigned char *p, int len, int inform, - int (*rfunc)(unsigned long value, void *in), void *arg); -static int in_utf8(unsigned long value, void *arg); -static int out_utf8(unsigned long value, void *arg); -static int type_str(unsigned long value, void *arg); -static int cpy_asc(unsigned long value, void *arg); -static int cpy_bmp(unsigned long value, void *arg); -static int cpy_univ(unsigned long value, void *arg); -static int cpy_utf8(unsigned long value, void *arg); -static int is_printable(unsigned long value); - -/* These functions take a string in UTF8, ASCII or multibyte form and - * a mask of permissible ASN1 string types. It then works out the minimal - * type (using the order Printable < IA5 < T61 < BMP < Universal < UTF8) - * and creates a string of the correct type with the supplied data. - * Yes this is horrible: it has to be :-( - * The 'ncopy' form checks minimum and maximum size limits too. - */ - -int ASN1_mbstring_copy(ASN1_STRING **out, const unsigned char *in, int len, - int inform, unsigned long mask) -{ - return ASN1_mbstring_ncopy(out, in, len, inform, mask, 0, 0); -} - -int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, - int inform, unsigned long mask, - long minsize, long maxsize) -{ - int str_type; - int ret; - char free_out; - int outform, outlen; - ASN1_STRING *dest; - unsigned char *p; - int nchar; - char strbuf[32]; - int (*cpyfunc)(unsigned long,void *) = NULL; - if(len == -1) len = strlen((const char *)in); - if(!mask) mask = DIRSTRING_TYPE; - - /* First do a string check and work out the number of characters */ - switch(inform) { - - case MBSTRING_BMP: - if(len & 1) { - ASN1err(ASN1_F_ASN1_MBSTRING_COPY, - ASN1_R_INVALID_BMPSTRING_LENGTH); - return -1; - } - nchar = len >> 1; - break; - - case MBSTRING_UNIV: - if(len & 3) { - ASN1err(ASN1_F_ASN1_MBSTRING_COPY, - ASN1_R_INVALID_UNIVERSALSTRING_LENGTH); - return -1; - } - nchar = len >> 2; - break; - - case MBSTRING_UTF8: - nchar = 0; - /* This counts the characters and does utf8 syntax checking */ - ret = traverse_string(in, len, MBSTRING_UTF8, in_utf8, &nchar); - if(ret < 0) { - ASN1err(ASN1_F_ASN1_MBSTRING_COPY, - ASN1_R_INVALID_UTF8STRING); - return -1; - } - break; - - case MBSTRING_ASC: - nchar = len; - break; - - default: - ASN1err(ASN1_F_ASN1_MBSTRING_COPY, ASN1_R_UNKNOWN_FORMAT); - return -1; - } - - if((minsize > 0) && (nchar < minsize)) { - ASN1err(ASN1_F_ASN1_MBSTRING_COPY, ASN1_R_STRING_TOO_SHORT); - sprintf(strbuf, "%ld", minsize); - ERR_add_error_data(2, "minsize=", strbuf); - return -1; - } - - if((maxsize > 0) && (nchar > maxsize)) { - ASN1err(ASN1_F_ASN1_MBSTRING_COPY, ASN1_R_STRING_TOO_LONG); - sprintf(strbuf, "%ld", maxsize); - ERR_add_error_data(2, "maxsize=", strbuf); - return -1; - } - - /* Now work out minimal type (if any) */ - if(traverse_string(in, len, inform, type_str, &mask) < 0) { - ASN1err(ASN1_F_ASN1_MBSTRING_COPY, ASN1_R_ILLEGAL_CHARACTERS); - return -1; - } - - - /* Now work out output format and string type */ - outform = MBSTRING_ASC; - if(mask & B_ASN1_PRINTABLESTRING) str_type = V_ASN1_PRINTABLESTRING; - else if(mask & B_ASN1_IA5STRING) str_type = V_ASN1_IA5STRING; - else if(mask & B_ASN1_T61STRING) str_type = V_ASN1_T61STRING; - else if(mask & B_ASN1_BMPSTRING) { - str_type = V_ASN1_BMPSTRING; - outform = MBSTRING_BMP; - } else if(mask & B_ASN1_UNIVERSALSTRING) { - str_type = V_ASN1_UNIVERSALSTRING; - outform = MBSTRING_UNIV; - } else { - str_type = V_ASN1_UTF8STRING; - outform = MBSTRING_UTF8; - } - if(!out) return str_type; - if(*out) { - free_out = 0; - dest = *out; - if(dest->data) { - dest->length = 0; - OPENSSL_free(dest->data); - dest->data = NULL; - } - dest->type = str_type; - } else { - free_out = 1; - dest = ASN1_STRING_type_new(str_type); - if(!dest) { - ASN1err(ASN1_F_ASN1_MBSTRING_COPY, - ERR_R_MALLOC_FAILURE); - return -1; - } - *out = dest; - } - /* If both the same type just copy across */ - if(inform == outform) { - if(!ASN1_STRING_set(dest, in, len)) { - ASN1err(ASN1_F_ASN1_MBSTRING_COPY,ERR_R_MALLOC_FAILURE); - return -1; - } - return str_type; - } - - /* Work out how much space the destination will need */ - switch(outform) { - case MBSTRING_ASC: - outlen = nchar; - cpyfunc = cpy_asc; - break; - - case MBSTRING_BMP: - outlen = nchar << 1; - cpyfunc = cpy_bmp; - break; - - case MBSTRING_UNIV: - outlen = nchar << 2; - cpyfunc = cpy_univ; - break; - - case MBSTRING_UTF8: - outlen = 0; - traverse_string(in, len, inform, out_utf8, &outlen); - cpyfunc = cpy_utf8; - break; - } - if(!(p = OPENSSL_malloc(outlen + 1))) { - if(free_out) ASN1_STRING_free(dest); - ASN1err(ASN1_F_ASN1_MBSTRING_COPY,ERR_R_MALLOC_FAILURE); - return -1; - } - dest->length = outlen; - dest->data = p; - p[outlen] = 0; - traverse_string(in, len, inform, cpyfunc, &p); - return str_type; -} - -/* This function traverses a string and passes the value of each character - * to an optional function along with a void * argument. - */ - -static int traverse_string(const unsigned char *p, int len, int inform, - int (*rfunc)(unsigned long value, void *in), void *arg) -{ - unsigned long value; - int ret; - while(len) { - if(inform == MBSTRING_ASC) { - value = *p++; - len--; - } else if(inform == MBSTRING_BMP) { - value = *p++ << 8; - value |= *p++; - len -= 2; - } else if(inform == MBSTRING_UNIV) { - value = ((unsigned long)*p++) << 24; - value |= ((unsigned long)*p++) << 16; - value |= *p++ << 8; - value |= *p++; - len -= 4; - } else { - ret = UTF8_getc(p, len, &value); - if(ret < 0) return -1; - len -= ret; - p += ret; - } - if(rfunc) { - ret = rfunc(value, arg); - if(ret <= 0) return ret; - } - } - return 1; -} - -/* Various utility functions for traverse_string */ - -/* Just count number of characters */ - -static int in_utf8(unsigned long value, void *arg) -{ - int *nchar; - nchar = arg; - (*nchar)++; - return 1; -} - -/* Determine size of output as a UTF8 String */ - -static int out_utf8(unsigned long value, void *arg) -{ - long *outlen; - outlen = arg; - *outlen += UTF8_putc(NULL, -1, value); - return 1; -} - -/* Determine the "type" of a string: check each character against a - * supplied "mask". - */ - -static int type_str(unsigned long value, void *arg) -{ - unsigned long types; - types = *((unsigned long *)arg); - if((types & B_ASN1_PRINTABLESTRING) && !is_printable(value)) - types &= ~B_ASN1_PRINTABLESTRING; - if((types & B_ASN1_IA5STRING) && (value > 127)) - types &= ~B_ASN1_IA5STRING; - if((types & B_ASN1_T61STRING) && (value > 0xff)) - types &= ~B_ASN1_T61STRING; - if((types & B_ASN1_BMPSTRING) && (value > 0xffff)) - types &= ~B_ASN1_BMPSTRING; - if(!types) return -1; - *((unsigned long *)arg) = types; - return 1; -} - -/* Copy one byte per character ASCII like strings */ - -static int cpy_asc(unsigned long value, void *arg) -{ - unsigned char **p, *q; - p = arg; - q = *p; - *q = (unsigned char) value; - (*p)++; - return 1; -} - -/* Copy two byte per character BMPStrings */ - -static int cpy_bmp(unsigned long value, void *arg) -{ - unsigned char **p, *q; - p = arg; - q = *p; - *q++ = (unsigned char) ((value >> 8) & 0xff); - *q = (unsigned char) (value & 0xff); - *p += 2; - return 1; -} - -/* Copy four byte per character UniversalStrings */ - -static int cpy_univ(unsigned long value, void *arg) -{ - unsigned char **p, *q; - p = arg; - q = *p; - *q++ = (unsigned char) ((value >> 24) & 0xff); - *q++ = (unsigned char) ((value >> 16) & 0xff); - *q++ = (unsigned char) ((value >> 8) & 0xff); - *q = (unsigned char) (value & 0xff); - *p += 4; - return 1; -} - -/* Copy to a UTF8String */ - -static int cpy_utf8(unsigned long value, void *arg) -{ - unsigned char **p; - int ret; - p = arg; - /* We already know there is enough room so pass 0xff as the length */ - ret = UTF8_putc(*p, 0xff, value); - *p += ret; - return 1; -} - -/* Return 1 if the character is permitted in a PrintableString */ -static int is_printable(unsigned long value) -{ - int ch; - if(value > 0x7f) return 0; - ch = (int) value; - /* Note: we can't use 'isalnum' because certain accented - * characters may count as alphanumeric in some environments. - */ -#ifndef CHARSET_EBCDIC - if((ch >= 'a') && (ch <= 'z')) return 1; - if((ch >= 'A') && (ch <= 'Z')) return 1; - if((ch >= '0') && (ch <= '9')) return 1; - if ((ch == ' ') || strchr("'()+,-./:=?", ch)) return 1; -#else /*CHARSET_EBCDIC*/ - if((ch >= os_toascii['a']) && (ch <= os_toascii['z'])) return 1; - if((ch >= os_toascii['A']) && (ch <= os_toascii['Z'])) return 1; - if((ch >= os_toascii['0']) && (ch <= os_toascii['9'])) return 1; - if ((ch == os_toascii[' ']) || strchr("'()+,-./:=?", os_toebcdic[ch])) return 1; -#endif /*CHARSET_EBCDIC*/ - return 0; -} diff --git a/src/lib/libcrypto/asn1/a_object.c b/src/lib/libcrypto/asn1/a_object.c deleted file mode 100644 index 20caa2d3bd..0000000000 --- a/src/lib/libcrypto/asn1/a_object.c +++ /dev/null @@ -1,320 +0,0 @@ -/* crypto/asn1/a_object.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include -#include - -int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp) - { - unsigned char *p; - int objsize; - - if ((a == NULL) || (a->data == NULL)) return(0); - - objsize = ASN1_object_size(0,a->length,V_ASN1_OBJECT); - if (pp == NULL) return objsize; - - p= *pp; - ASN1_put_object(&p,0,a->length,V_ASN1_OBJECT,V_ASN1_UNIVERSAL); - memcpy(p,a->data,a->length); - p+=a->length; - - *pp=p; - return(objsize); - } - -int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num) - { - int i,first,len=0,c; - char tmp[24]; - const char *p; - unsigned long l; - - if (num == 0) - return(0); - else if (num == -1) - num=strlen(buf); - - p=buf; - c= *(p++); - num--; - if ((c >= '0') && (c <= '2')) - { - first=(c-'0')*40; - } - else - { - ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_FIRST_NUM_TOO_LARGE); - goto err; - } - - if (num <= 0) - { - ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_MISSING_SECOND_NUMBER); - goto err; - } - c= *(p++); - num--; - for (;;) - { - if (num <= 0) break; - if ((c != '.') && (c != ' ')) - { - ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_INVALID_SEPARATOR); - goto err; - } - l=0; - for (;;) - { - if (num <= 0) break; - num--; - c= *(p++); - if ((c == ' ') || (c == '.')) - break; - if ((c < '0') || (c > '9')) - { - ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_INVALID_DIGIT); - goto err; - } - l=l*10L+(long)(c-'0'); - } - if (len == 0) - { - if ((first < 2) && (l >= 40)) - { - ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_SECOND_NUMBER_TOO_LARGE); - goto err; - } - l+=(long)first; - } - i=0; - for (;;) - { - tmp[i++]=(unsigned char)l&0x7f; - l>>=7L; - if (l == 0L) break; - } - if (out != NULL) - { - if (len+i > olen) - { - ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_BUFFER_TOO_SMALL); - goto err; - } - while (--i > 0) - out[len++]=tmp[i]|0x80; - out[len++]=tmp[0]; - } - else - len+=i; - } - return(len); -err: - return(0); - } - -int i2t_ASN1_OBJECT(char *buf, int buf_len, ASN1_OBJECT *a) -{ - return OBJ_obj2txt(buf, buf_len, a, 0); -} - -int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a) - { - char buf[80]; - int i; - - if ((a == NULL) || (a->data == NULL)) - return(BIO_write(bp,"NULL",4)); - i=i2t_ASN1_OBJECT(buf,80,a); - if (i > 80) i=80; - BIO_write(bp,buf,i); - return(i); - } - -ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, unsigned char **pp, - long length) -{ - unsigned char *p; - long len; - int tag,xclass; - int inf,i; - ASN1_OBJECT *ret = NULL; - p= *pp; - inf=ASN1_get_object(&p,&len,&tag,&xclass,length); - if (inf & 0x80) - { - i=ASN1_R_BAD_OBJECT_HEADER; - goto err; - } - - if (tag != V_ASN1_OBJECT) - { - i=ASN1_R_EXPECTING_AN_OBJECT; - goto err; - } - ret = c2i_ASN1_OBJECT(a, &p, len); - if(ret) *pp = p; - return ret; -err: - ASN1err(ASN1_F_D2I_ASN1_OBJECT,i); - if ((ret != NULL) && ((a == NULL) || (*a != ret))) - ASN1_OBJECT_free(ret); - return(NULL); -} -ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, unsigned char **pp, - long len) - { - ASN1_OBJECT *ret=NULL; - unsigned char *p; - int i; - - /* only the ASN1_OBJECTs from the 'table' will have values - * for ->sn or ->ln */ - if ((a == NULL) || ((*a) == NULL) || - !((*a)->flags & ASN1_OBJECT_FLAG_DYNAMIC)) - { - if ((ret=ASN1_OBJECT_new()) == NULL) return(NULL); - } - else ret=(*a); - - p= *pp; - if ((ret->data == NULL) || (ret->length < len)) - { - if (ret->data != NULL) OPENSSL_free(ret->data); - ret->data=(unsigned char *)OPENSSL_malloc(len ? (int)len : 1); - ret->flags|=ASN1_OBJECT_FLAG_DYNAMIC_DATA; - if (ret->data == NULL) - { i=ERR_R_MALLOC_FAILURE; goto err; } - } - memcpy(ret->data,p,(int)len); - ret->length=(int)len; - ret->sn=NULL; - ret->ln=NULL; - /* ret->flags=ASN1_OBJECT_FLAG_DYNAMIC; we know it is dynamic */ - p+=len; - - if (a != NULL) (*a)=ret; - *pp=p; - return(ret); -err: - ASN1err(ASN1_F_D2I_ASN1_OBJECT,i); - if ((ret != NULL) && ((a == NULL) || (*a != ret))) - ASN1_OBJECT_free(ret); - return(NULL); - } - -ASN1_OBJECT *ASN1_OBJECT_new(void) - { - ASN1_OBJECT *ret; - - ret=(ASN1_OBJECT *)OPENSSL_malloc(sizeof(ASN1_OBJECT)); - if (ret == NULL) - { - ASN1err(ASN1_F_ASN1_OBJECT_NEW,ERR_R_MALLOC_FAILURE); - return(NULL); - } - ret->length=0; - ret->data=NULL; - ret->nid=0; - ret->sn=NULL; - ret->ln=NULL; - ret->flags=ASN1_OBJECT_FLAG_DYNAMIC; - return(ret); - } - -void ASN1_OBJECT_free(ASN1_OBJECT *a) - { - if (a == NULL) return; - if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_STRINGS) - { -#ifndef CONST_STRICT /* disable purely for compile-time strict const checking. Doing this on a "real" compile will cause memory leaks */ - if (a->sn != NULL) OPENSSL_free((void *)a->sn); - if (a->ln != NULL) OPENSSL_free((void *)a->ln); -#endif - a->sn=a->ln=NULL; - } - if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_DATA) - { - if (a->data != NULL) OPENSSL_free(a->data); - a->data=NULL; - a->length=0; - } - if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC) - OPENSSL_free(a); - } - -ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data, int len, - char *sn, char *ln) - { - ASN1_OBJECT o; - - o.sn=sn; - o.ln=ln; - o.data=data; - o.nid=nid; - o.length=len; - o.flags=ASN1_OBJECT_FLAG_DYNAMIC|ASN1_OBJECT_FLAG_DYNAMIC_STRINGS| - ASN1_OBJECT_FLAG_DYNAMIC_DATA; - return(OBJ_dup(&o)); - } - -IMPLEMENT_STACK_OF(ASN1_OBJECT) -IMPLEMENT_ASN1_SET_OF(ASN1_OBJECT) diff --git a/src/lib/libcrypto/asn1/a_octet.c b/src/lib/libcrypto/asn1/a_octet.c deleted file mode 100644 index 2586f4327d..0000000000 --- a/src/lib/libcrypto/asn1/a_octet.c +++ /dev/null @@ -1,95 +0,0 @@ -/* crypto/asn1/a_octet.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include - -ASN1_OCTET_STRING *ASN1_OCTET_STRING_new(void) -{ return M_ASN1_OCTET_STRING_new(); } - -void ASN1_OCTET_STRING_free(ASN1_OCTET_STRING *x) -{ M_ASN1_OCTET_STRING_free(x); } - -ASN1_OCTET_STRING *ASN1_OCTET_STRING_dup(ASN1_OCTET_STRING *x) -{ return M_ASN1_OCTET_STRING_dup(x); } - -int ASN1_OCTET_STRING_cmp(ASN1_OCTET_STRING *a, ASN1_OCTET_STRING *b) -{ return M_ASN1_OCTET_STRING_cmp(a, b); } - -int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *x, unsigned char *d, int len) -{ return M_ASN1_OCTET_STRING_set(x, d, len); } - -int i2d_ASN1_OCTET_STRING(ASN1_OCTET_STRING *a, unsigned char **pp) -{ return M_i2d_ASN1_OCTET_STRING(a, pp); } - -ASN1_OCTET_STRING *d2i_ASN1_OCTET_STRING(ASN1_OCTET_STRING **a, - unsigned char **pp, long length) - { - ASN1_OCTET_STRING *ret=NULL; - - ret=(ASN1_OCTET_STRING *)d2i_ASN1_bytes((ASN1_STRING **)a, - pp,length,V_ASN1_OCTET_STRING,V_ASN1_UNIVERSAL); - if (ret == NULL) - { - ASN1err(ASN1_F_D2I_ASN1_OCTET_STRING,ERR_R_NESTED_ASN1_ERROR); - return(NULL); - } - return(ret); - } - diff --git a/src/lib/libcrypto/asn1/a_print.c b/src/lib/libcrypto/asn1/a_print.c deleted file mode 100644 index b7bd2bd18a..0000000000 --- a/src/lib/libcrypto/asn1/a_print.c +++ /dev/null @@ -1,197 +0,0 @@ -/* crypto/asn1/a_print.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include - -ASN1_IA5STRING *ASN1_IA5STRING_new(void) -{ return M_ASN1_IA5STRING_new();} - -void ASN1_IA5STRING_free(ASN1_IA5STRING *x) -{ M_ASN1_IA5STRING_free(x);} - -int i2d_ASN1_IA5STRING(ASN1_IA5STRING *a, unsigned char **pp) - { return(M_i2d_ASN1_IA5STRING(a,pp)); } - -ASN1_IA5STRING *d2i_ASN1_IA5STRING(ASN1_IA5STRING **a, unsigned char **pp, - long l) - { return(M_d2i_ASN1_IA5STRING(a,pp,l)); } - -ASN1_T61STRING *ASN1_T61STRING_new(void) -{ return M_ASN1_T61STRING_new();} - -void ASN1_T61STRING_free(ASN1_T61STRING *x) -{ M_ASN1_T61STRING_free(x);} - -ASN1_T61STRING *d2i_ASN1_T61STRING(ASN1_T61STRING **a, unsigned char **pp, - long l) - { return(M_d2i_ASN1_T61STRING(a,pp,l)); } - -ASN1_PRINTABLESTRING *ASN1_PRINTABLESTRING_new(void) -{ return M_ASN1_PRINTABLESTRING_new();} - -void ASN1_PRINTABLESTRING_free(ASN1_PRINTABLESTRING *x) -{ M_ASN1_PRINTABLESTRING_free(x);} - -ASN1_PRINTABLESTRING *d2i_ASN1_PRINTABLESTRING(ASN1_PRINTABLESTRING **a, - unsigned char **pp, long l) - { return(M_d2i_ASN1_PRINTABLESTRING(a,pp, - l)); } - -int i2d_ASN1_PRINTABLESTRING(ASN1_PRINTABLESTRING *a, unsigned char **pp) - { return(M_i2d_ASN1_PRINTABLESTRING(a,pp)); } - -int i2d_ASN1_PRINTABLE(ASN1_STRING *a, unsigned char **pp) - { return(M_i2d_ASN1_PRINTABLE(a,pp)); } - -ASN1_STRING *d2i_ASN1_PRINTABLE(ASN1_STRING **a, unsigned char **pp, - long l) - { return(M_d2i_ASN1_PRINTABLE(a,pp,l)); } - -int ASN1_PRINTABLE_type(unsigned char *s, int len) - { - int c; - int ia5=0; - int t61=0; - - if (len <= 0) len= -1; - if (s == NULL) return(V_ASN1_PRINTABLESTRING); - - while ((*s) && (len-- != 0)) - { - c= *(s++); -#ifndef CHARSET_EBCDIC - if (!( ((c >= 'a') && (c <= 'z')) || - ((c >= 'A') && (c <= 'Z')) || - (c == ' ') || - ((c >= '0') && (c <= '9')) || - (c == ' ') || (c == '\'') || - (c == '(') || (c == ')') || - (c == '+') || (c == ',') || - (c == '-') || (c == '.') || - (c == '/') || (c == ':') || - (c == '=') || (c == '?'))) - ia5=1; - if (c&0x80) - t61=1; -#else - if (!isalnum(c) && (c != ' ') && - strchr("'()+,-./:=?", c) == NULL) - ia5=1; - if (os_toascii[c] & 0x80) - t61=1; -#endif - } - if (t61) return(V_ASN1_T61STRING); - if (ia5) return(V_ASN1_IA5STRING); - return(V_ASN1_PRINTABLESTRING); - } - -int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s) - { - int i; - unsigned char *p; - - if (s->type != V_ASN1_UNIVERSALSTRING) return(0); - if ((s->length%4) != 0) return(0); - p=s->data; - for (i=0; ilength; i+=4) - { - if ((p[0] != '\0') || (p[1] != '\0') || (p[2] != '\0')) - break; - else - p+=4; - } - if (i < s->length) return(0); - p=s->data; - for (i=3; ilength; i+=4) - { - *(p++)=s->data[i]; - } - *(p)='\0'; - s->length/=4; - s->type=ASN1_PRINTABLE_type(s->data,s->length); - return(1); - } - -ASN1_STRING *DIRECTORYSTRING_new(void) -{ return M_DIRECTORYSTRING_new();} - -void DIRECTORYSTRING_free(ASN1_STRING *x) -{ M_DIRECTORYSTRING_free(x);} - -int i2d_DIRECTORYSTRING(ASN1_STRING *a, unsigned char **pp) - { return(M_i2d_DIRECTORYSTRING(a,pp)); } - -ASN1_STRING *d2i_DIRECTORYSTRING(ASN1_STRING **a, unsigned char **pp, - long l) - { return(M_d2i_DIRECTORYSTRING(a,pp,l)); } - -ASN1_STRING *DISPLAYTEXT_new(void) -{ return M_DISPLAYTEXT_new();} - -void DISPLAYTEXT_free(ASN1_STRING *x) -{ M_DISPLAYTEXT_free(x);} - -int i2d_DISPLAYTEXT(ASN1_STRING *a, unsigned char **pp) - { return(M_i2d_DISPLAYTEXT(a,pp)); } - -ASN1_STRING *d2i_DISPLAYTEXT(ASN1_STRING **a, unsigned char **pp, - long l) - { return(M_d2i_DISPLAYTEXT(a,pp,l)); } diff --git a/src/lib/libcrypto/asn1/a_set.c b/src/lib/libcrypto/asn1/a_set.c deleted file mode 100644 index caf5a1419c..0000000000 --- a/src/lib/libcrypto/asn1/a_set.c +++ /dev/null @@ -1,217 +0,0 @@ -/* crypto/asn1/a_set.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include - -typedef struct - { - unsigned char *pbData; - int cbData; - } MYBLOB; - -/* SetBlobCmp - * This function compares two elements of SET_OF block - */ -static int SetBlobCmp(const void *elem1, const void *elem2 ) - { - const MYBLOB *b1 = (const MYBLOB *)elem1; - const MYBLOB *b2 = (const MYBLOB *)elem2; - int r; - - r = memcmp(b1->pbData, b2->pbData, - b1->cbData < b2->cbData ? b1->cbData : b2->cbData); - if(r != 0) - return r; - return b1->cbData-b2->cbData; - } - -/* int is_set: if TRUE, then sort the contents (i.e. it isn't a SEQUENCE) */ -int i2d_ASN1_SET(STACK *a, unsigned char **pp, int (*func)(), int ex_tag, - int ex_class, int is_set) - { - int ret=0,r; - int i; - unsigned char *p; - unsigned char *pStart, *pTempMem; - MYBLOB *rgSetBlob; - int totSize; - - if (a == NULL) return(0); - for (i=sk_num(a)-1; i>=0; i--) - ret+=func(sk_value(a,i),NULL); - r=ASN1_object_size(1,ret,ex_tag); - if (pp == NULL) return(r); - - p= *pp; - ASN1_put_object(&p,1,ret,ex_tag,ex_class); - -/* Modified by gp@nsj.co.jp */ - /* And then again by Ben */ - /* And again by Steve */ - - if(!is_set || (sk_num(a) < 2)) - { - for (i=0; i c.max) - { - ASN1err(ASN1_F_D2I_ASN1_SET,ASN1_R_LENGTH_ERROR); - goto err; - } - /* check for infinite constructed - it can be as long - * as the amount of data passed to us */ - if (c.inf == (V_ASN1_CONSTRUCTED+1)) - c.slen=length+ *pp-c.p; - c.max=c.p+c.slen; - - while (c.p < c.max) - { - char *s; - - if (M_ASN1_D2I_end_sequence()) break; - if ((s=func(NULL,&c.p,c.slen,c.max-c.p)) == NULL) - { - ASN1err(ASN1_F_D2I_ASN1_SET,ASN1_R_ERROR_PARSING_SET_ELEMENT); - asn1_add_error(*pp,(int)(c.q- *pp)); - goto err; - } - if (!sk_push(ret,s)) goto err; - } - if (a != NULL) (*a)=ret; - *pp=c.p; - return(ret); -err: - if ((ret != NULL) && ((a == NULL) || (*a != ret))) - { - if (free_func != NULL) - sk_pop_free(ret,free_func); - else - sk_free(ret); - } - return(NULL); - } - diff --git a/src/lib/libcrypto/asn1/a_sign.c b/src/lib/libcrypto/asn1/a_sign.c deleted file mode 100644 index 4c651706d2..0000000000 --- a/src/lib/libcrypto/asn1/a_sign.c +++ /dev/null @@ -1,148 +0,0 @@ -/* crypto/asn1/a_sign.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include - -#include "cryptlib.h" - -#ifndef NO_SYS_TYPES_H -# include -#endif - -#include -#include -#include -#include -#include - -int ASN1_sign(int (*i2d)(), X509_ALGOR *algor1, X509_ALGOR *algor2, - ASN1_BIT_STRING *signature, char *data, EVP_PKEY *pkey, - const EVP_MD *type) - { - EVP_MD_CTX ctx; - unsigned char *p,*buf_in=NULL,*buf_out=NULL; - int i,inl=0,outl=0,outll=0; - X509_ALGOR *a; - - for (i=0; i<2; i++) - { - if (i == 0) - a=algor1; - else - a=algor2; - if (a == NULL) continue; - if ( (a->parameter == NULL) || - (a->parameter->type != V_ASN1_NULL)) - { - ASN1_TYPE_free(a->parameter); - if ((a->parameter=ASN1_TYPE_new()) == NULL) goto err; - a->parameter->type=V_ASN1_NULL; - } - ASN1_OBJECT_free(a->algorithm); - a->algorithm=OBJ_nid2obj(type->pkey_type); - if (a->algorithm == NULL) - { - ASN1err(ASN1_F_ASN1_SIGN,ASN1_R_UNKNOWN_OBJECT_TYPE); - goto err; - } - if (a->algorithm->length == 0) - { - ASN1err(ASN1_F_ASN1_SIGN,ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD); - goto err; - } - } - inl=i2d(data,NULL); - buf_in=(unsigned char *)OPENSSL_malloc((unsigned int)inl); - outll=outl=EVP_PKEY_size(pkey); - buf_out=(unsigned char *)OPENSSL_malloc((unsigned int)outl); - if ((buf_in == NULL) || (buf_out == NULL)) - { - outl=0; - ASN1err(ASN1_F_ASN1_SIGN,ERR_R_MALLOC_FAILURE); - goto err; - } - p=buf_in; - - i2d(data,&p); - EVP_SignInit(&ctx,type); - EVP_SignUpdate(&ctx,(unsigned char *)buf_in,inl); - if (!EVP_SignFinal(&ctx,(unsigned char *)buf_out, - (unsigned int *)&outl,pkey)) - { - outl=0; - ASN1err(ASN1_F_ASN1_SIGN,ERR_R_EVP_LIB); - goto err; - } - if (signature->data != NULL) OPENSSL_free(signature->data); - signature->data=buf_out; - buf_out=NULL; - signature->length=outl; - /* In the interests of compatibility, I'll make sure that - * the bit string has a 'not-used bits' value of 0 - */ - signature->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); - signature->flags|=ASN1_STRING_FLAG_BITS_LEFT; -err: - memset(&ctx,0,sizeof(ctx)); - if (buf_in != NULL) - { memset((char *)buf_in,0,(unsigned int)inl); OPENSSL_free(buf_in); } - if (buf_out != NULL) - { memset((char *)buf_out,0,outll); OPENSSL_free(buf_out); } - return(outl); - } diff --git a/src/lib/libcrypto/asn1/a_strex.c b/src/lib/libcrypto/asn1/a_strex.c deleted file mode 100644 index 569b811998..0000000000 --- a/src/lib/libcrypto/asn1/a_strex.c +++ /dev/null @@ -1,533 +0,0 @@ -/* a_strex.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 2000. - */ -/* ==================================================================== - * Copyright (c) 2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include -#include -#include - -#include "charmap.h" - -/* ASN1_STRING_print_ex() and X509_NAME_print_ex(). - * Enhanced string and name printing routines handling - * multibyte characters, RFC2253 and a host of other - * options. - */ - - -#define CHARTYPE_BS_ESC (ASN1_STRFLGS_ESC_2253 | CHARTYPE_FIRST_ESC_2253 | CHARTYPE_LAST_ESC_2253) - - -/* Three IO functions for sending data to memory, a BIO and - * and a FILE pointer. - */ - -int send_mem_chars(void *arg, const void *buf, int len) -{ - unsigned char **out = arg; - if(!out) return 1; - memcpy(*out, buf, len); - *out += len; - return 1; -} - -int send_bio_chars(void *arg, const void *buf, int len) -{ - if(!arg) return 1; - if(BIO_write(arg, buf, len) != len) return 0; - return 1; -} - -int send_fp_chars(void *arg, const void *buf, int len) -{ - if(!arg) return 1; - if(fwrite(buf, 1, len, arg) != (unsigned int)len) return 0; - return 1; -} - -typedef int char_io(void *arg, const void *buf, int len); - -/* This function handles display of - * strings, one character at a time. - * It is passed an unsigned long for each - * character because it could come from 2 or even - * 4 byte forms. - */ - -static int do_esc_char(unsigned long c, unsigned char flags, char *do_quotes, char_io *io_ch, void *arg) -{ - unsigned char chflgs, chtmp; - char tmphex[11]; - if(c > 0xffff) { - BIO_snprintf(tmphex, 11, "\\W%08lX", c); - if(!io_ch(arg, tmphex, 10)) return -1; - return 10; - } - if(c > 0xff) { - BIO_snprintf(tmphex, 11, "\\U%04lX", c); - if(!io_ch(arg, tmphex, 6)) return -1; - return 6; - } - chtmp = (unsigned char)c; - if(chtmp > 0x7f) chflgs = flags & ASN1_STRFLGS_ESC_MSB; - else chflgs = char_type[chtmp] & flags; - if(chflgs & CHARTYPE_BS_ESC) { - /* If we don't escape with quotes, signal we need quotes */ - if(chflgs & ASN1_STRFLGS_ESC_QUOTE) { - if(do_quotes) *do_quotes = 1; - if(!io_ch(arg, &chtmp, 1)) return -1; - return 1; - } - if(!io_ch(arg, "\\", 1)) return -1; - if(!io_ch(arg, &chtmp, 1)) return -1; - return 2; - } - if(chflgs & (ASN1_STRFLGS_ESC_CTRL|ASN1_STRFLGS_ESC_MSB)) { - BIO_snprintf(tmphex, 11, "\\%02X", chtmp); - if(!io_ch(arg, tmphex, 3)) return -1; - return 3; - } - if(!io_ch(arg, &chtmp, 1)) return -1; - return 1; -} - -#define BUF_TYPE_WIDTH_MASK 0x7 -#define BUF_TYPE_CONVUTF8 0x8 - -/* This function sends each character in a buffer to - * do_esc_char(). It interprets the content formats - * and converts to or from UTF8 as appropriate. - */ - -static int do_buf(unsigned char *buf, int buflen, - int type, unsigned char flags, char *quotes, char_io *io_ch, void *arg) -{ - int i, outlen, len; - unsigned char orflags, *p, *q; - unsigned long c; - p = buf; - q = buf + buflen; - outlen = 0; - while(p != q) { - if(p == buf) orflags = CHARTYPE_FIRST_ESC_2253; - else orflags = 0; - switch(type & BUF_TYPE_WIDTH_MASK) { - case 4: - c = ((unsigned long)*p++) << 24; - c |= ((unsigned long)*p++) << 16; - c |= ((unsigned long)*p++) << 8; - c |= *p++; - break; - - case 2: - c = ((unsigned long)*p++) << 8; - c |= *p++; - break; - - case 1: - c = *p++; - break; - - case 0: - i = UTF8_getc(p, buflen, &c); - if(i < 0) return -1; /* Invalid UTF8String */ - p += i; - break; - } - if (p == q) orflags = CHARTYPE_LAST_ESC_2253; - if(type & BUF_TYPE_CONVUTF8) { - unsigned char utfbuf[6]; - int utflen; - utflen = UTF8_putc(utfbuf, 6, c); - for(i = 0; i < utflen; i++) { - /* We don't need to worry about setting orflags correctly - * because if utflen==1 its value will be correct anyway - * otherwise each character will be > 0x7f and so the - * character will never be escaped on first and last. - */ - len = do_esc_char(utfbuf[i], (unsigned char)(flags | orflags), quotes, io_ch, arg); - if(len < 0) return -1; - outlen += len; - } - } else { - len = do_esc_char(c, (unsigned char)(flags | orflags), quotes, io_ch, arg); - if(len < 0) return -1; - outlen += len; - } - } - return outlen; -} - -/* This function hex dumps a buffer of characters */ - -static int do_hex_dump(char_io *io_ch, void *arg, unsigned char *buf, int buflen) -{ - const static char hexdig[] = "0123456789ABCDEF"; - unsigned char *p, *q; - char hextmp[2]; - if(arg) { - p = buf; - q = buf + buflen; - while(p != q) { - hextmp[0] = hexdig[*p >> 4]; - hextmp[1] = hexdig[*p & 0xf]; - if(!io_ch(arg, hextmp, 2)) return -1; - p++; - } - } - return buflen << 1; -} - -/* "dump" a string. This is done when the type is unknown, - * or the flags request it. We can either dump the content - * octets or the entire DER encoding. This uses the RFC2253 - * #01234 format. - */ - -int do_dump(unsigned long lflags, char_io *io_ch, void *arg, ASN1_STRING *str) -{ - /* Placing the ASN1_STRING in a temp ASN1_TYPE allows - * the DER encoding to readily obtained - */ - ASN1_TYPE t; - unsigned char *der_buf, *p; - int outlen, der_len; - - if(!io_ch(arg, "#", 1)) return -1; - /* If we don't dump DER encoding just dump content octets */ - if(!(lflags & ASN1_STRFLGS_DUMP_DER)) { - outlen = do_hex_dump(io_ch, arg, str->data, str->length); - if(outlen < 0) return -1; - return outlen + 1; - } - t.type = str->type; - t.value.ptr = (char *)str; - der_len = i2d_ASN1_TYPE(&t, NULL); - der_buf = OPENSSL_malloc(der_len); - if(!der_buf) return -1; - p = der_buf; - i2d_ASN1_TYPE(&t, &p); - outlen = do_hex_dump(io_ch, arg, der_buf, der_len); - OPENSSL_free(der_buf); - if(outlen < 0) return -1; - return outlen + 1; -} - -/* Lookup table to convert tags to character widths, - * 0 = UTF8 encoded, -1 is used for non string types - * otherwise it is the number of bytes per character - */ - -const static char tag2nbyte[] = { - -1, -1, -1, -1, -1, /* 0-4 */ - -1, -1, -1, -1, -1, /* 5-9 */ - -1, -1, 0, -1, /* 10-13 */ - -1, -1, -1, -1, /* 15-17 */ - -1, 1, 1, /* 18-20 */ - -1, 1, -1,-1, /* 21-24 */ - -1, 1, -1, /* 25-27 */ - 4, -1, 2 /* 28-30 */ -}; - -#define ESC_FLAGS (ASN1_STRFLGS_ESC_2253 | \ - ASN1_STRFLGS_ESC_QUOTE | \ - ASN1_STRFLGS_ESC_CTRL | \ - ASN1_STRFLGS_ESC_MSB) - -/* This is the main function, print out an - * ASN1_STRING taking note of various escape - * and display options. Returns number of - * characters written or -1 if an error - * occurred. - */ - -static int do_print_ex(char_io *io_ch, void *arg, unsigned long lflags, ASN1_STRING *str) -{ - int outlen, len; - int type; - char quotes; - unsigned char flags; - quotes = 0; - /* Keep a copy of escape flags */ - flags = (unsigned char)(lflags & ESC_FLAGS); - - type = str->type; - - outlen = 0; - - - if(lflags & ASN1_STRFLGS_SHOW_TYPE) { - const char *tagname; - tagname = ASN1_tag2str(type); - outlen += strlen(tagname); - if(!io_ch(arg, tagname, outlen) || !io_ch(arg, ":", 1)) return -1; - outlen++; - } - - /* Decide what to do with type, either dump content or display it */ - - /* Dump everything */ - if(lflags & ASN1_STRFLGS_DUMP_ALL) type = -1; - /* Ignore the string type */ - else if(lflags & ASN1_STRFLGS_IGNORE_TYPE) type = 1; - else { - /* Else determine width based on type */ - if((type > 0) && (type < 31)) type = tag2nbyte[type]; - else type = -1; - if((type == -1) && !(lflags & ASN1_STRFLGS_DUMP_UNKNOWN)) type = 1; - } - - if(type == -1) { - len = do_dump(lflags, io_ch, arg, str); - if(len < 0) return -1; - outlen += len; - return outlen; - } - - if(lflags & ASN1_STRFLGS_UTF8_CONVERT) { - /* Note: if string is UTF8 and we want - * to convert to UTF8 then we just interpret - * it as 1 byte per character to avoid converting - * twice. - */ - if(!type) type = 1; - else type |= BUF_TYPE_CONVUTF8; - } - - len = do_buf(str->data, str->length, type, flags, "es, io_ch, NULL); - if(outlen < 0) return -1; - outlen += len; - if(quotes) outlen += 2; - if(!arg) return outlen; - if(quotes && !io_ch(arg, "\"", 1)) return -1; - do_buf(str->data, str->length, type, flags, NULL, io_ch, arg); - if(quotes && !io_ch(arg, "\"", 1)) return -1; - return outlen; -} - -/* Used for line indenting: print 'indent' spaces */ - -static int do_indent(char_io *io_ch, void *arg, int indent) -{ - int i; - for(i = 0; i < indent; i++) - if(!io_ch(arg, " ", 1)) return 0; - return 1; -} - - -static int do_name_ex(char_io *io_ch, void *arg, X509_NAME *n, - int indent, unsigned long flags) -{ - int i, prev = -1, orflags, cnt; - int fn_opt, fn_nid; - ASN1_OBJECT *fn; - ASN1_STRING *val; - X509_NAME_ENTRY *ent; - char objtmp[80]; - const char *objbuf; - int outlen, len; - char *sep_dn, *sep_mv, *sep_eq; - int sep_dn_len, sep_mv_len, sep_eq_len; - if(indent < 0) indent = 0; - outlen = indent; - if(!do_indent(io_ch, arg, indent)) return -1; - switch (flags & XN_FLAG_SEP_MASK) - { - case XN_FLAG_SEP_MULTILINE: - sep_dn = "\n"; - sep_dn_len = 1; - sep_mv = " + "; - sep_mv_len = 3; - break; - - case XN_FLAG_SEP_COMMA_PLUS: - sep_dn = ","; - sep_dn_len = 1; - sep_mv = "+"; - sep_mv_len = 1; - indent = 0; - break; - - case XN_FLAG_SEP_CPLUS_SPC: - sep_dn = ", "; - sep_dn_len = 2; - sep_mv = " + "; - sep_mv_len = 3; - indent = 0; - break; - - case XN_FLAG_SEP_SPLUS_SPC: - sep_dn = "; "; - sep_dn_len = 2; - sep_mv = " + "; - sep_mv_len = 3; - indent = 0; - break; - - default: - return -1; - } - - if(flags & XN_FLAG_SPC_EQ) { - sep_eq = " = "; - sep_eq_len = 3; - } else { - sep_eq = "="; - sep_eq_len = 1; - } - - fn_opt = flags & XN_FLAG_FN_MASK; - - cnt = X509_NAME_entry_count(n); - for(i = 0; i < cnt; i++) { - if(flags & XN_FLAG_DN_REV) - ent = X509_NAME_get_entry(n, cnt - i - 1); - else ent = X509_NAME_get_entry(n, i); - if(prev != -1) { - if(prev == ent->set) { - if(!io_ch(arg, sep_mv, sep_mv_len)) return -1; - outlen += sep_mv_len; - } else { - if(!io_ch(arg, sep_dn, sep_dn_len)) return -1; - outlen += sep_dn_len; - if(!do_indent(io_ch, arg, indent)) return -1; - outlen += indent; - } - } - prev = ent->set; - fn = X509_NAME_ENTRY_get_object(ent); - val = X509_NAME_ENTRY_get_data(ent); - fn_nid = OBJ_obj2nid(fn); - if(fn_opt != XN_FLAG_FN_NONE) { - int objlen; - if((fn_opt == XN_FLAG_FN_OID) || (fn_nid==NID_undef) ) { - OBJ_obj2txt(objtmp, 80, fn, 1); - objbuf = objtmp; - } else { - if(fn_opt == XN_FLAG_FN_SN) - objbuf = OBJ_nid2sn(fn_nid); - else if(fn_opt == XN_FLAG_FN_LN) - objbuf = OBJ_nid2ln(fn_nid); - else objbuf = ""; - } - objlen = strlen(objbuf); - if(!io_ch(arg, objbuf, objlen)) return -1; - if(!io_ch(arg, sep_eq, sep_eq_len)) return -1; - outlen += objlen + sep_eq_len; - } - /* If the field name is unknown then fix up the DER dump - * flag. We might want to limit this further so it will - * DER dump on anything other than a few 'standard' fields. - */ - if((fn_nid == NID_undef) && (flags & XN_FLAG_DUMP_UNKNOWN_FIELDS)) - orflags = ASN1_STRFLGS_DUMP_ALL; - else orflags = 0; - - len = do_print_ex(io_ch, arg, flags | orflags, val); - if(len < 0) return -1; - outlen += len; - } - return outlen; -} - -/* Wrappers round the main functions */ - -int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent, unsigned long flags) -{ - return do_name_ex(send_bio_chars, out, nm, indent, flags); -} - - -int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent, unsigned long flags) -{ - return do_name_ex(send_fp_chars, fp, nm, indent, flags); -} - -int ASN1_STRING_print_ex(BIO *out, ASN1_STRING *str, unsigned long flags) -{ - return do_print_ex(send_bio_chars, out, flags, str); -} - - -int ASN1_STRING_print_ex_fp(FILE *fp, ASN1_STRING *str, unsigned long flags) -{ - return do_print_ex(send_fp_chars, fp, flags, str); -} - -/* Utility function: convert any string type to UTF8, returns number of bytes - * in output string or a negative error code - */ - -int ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in) -{ - ASN1_STRING stmp, *str = &stmp; - int mbflag, type, ret; - if(!*out || !in) return -1; - type = in->type; - if((type < 0) || (type > 30)) return -1; - mbflag = tag2nbyte[type]; - if(mbflag == -1) return -1; - mbflag |= MBSTRING_FLAG; - stmp.data = NULL; - ret = ASN1_mbstring_copy(&str, in->data, in->length, mbflag, B_ASN1_UTF8STRING); - if(ret < 0) return ret; - if(out) *out = stmp.data; - return stmp.length; -} diff --git a/src/lib/libcrypto/asn1/a_strnid.c b/src/lib/libcrypto/asn1/a_strnid.c deleted file mode 100644 index 6b10cff994..0000000000 --- a/src/lib/libcrypto/asn1/a_strnid.c +++ /dev/null @@ -1,250 +0,0 @@ -/* a_strnid.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include "cryptlib.h" -#include -#include - - -static STACK_OF(ASN1_STRING_TABLE) *stable = NULL; -static void st_free(ASN1_STRING_TABLE *tbl); -static int sk_table_cmp(const ASN1_STRING_TABLE * const *a, - const ASN1_STRING_TABLE * const *b); -static int table_cmp(const void *a, const void *b); - - -/* This is the global mask for the mbstring functions: this is use to - * mask out certain types (such as BMPString and UTF8String) because - * certain software (e.g. Netscape) has problems with them. - */ - -static unsigned long global_mask = 0xFFFFFFFFL; - -void ASN1_STRING_set_default_mask(unsigned long mask) -{ - global_mask = mask; -} - -unsigned long ASN1_STRING_get_default_mask(void) -{ - return global_mask; -} - -/* This function sets the default to various "flavours" of configuration. - * based on an ASCII string. Currently this is: - * MASK:XXXX : a numerical mask value. - * nobmp : Don't use BMPStrings (just Printable, T61). - * pkix : PKIX recommendation in RFC2459. - * utf8only : only use UTF8Strings (RFC2459 recommendation for 2004). - * default: the default value, Printable, T61, BMP. - */ - -int ASN1_STRING_set_default_mask_asc(char *p) -{ - unsigned long mask; - char *end; - if(!strncmp(p, "MASK:", 5)) { - if(!p[5]) return 0; - mask = strtoul(p + 5, &end, 0); - if(*end) return 0; - } else if(!strcmp(p, "nombstr")) - mask = ~(B_ASN1_BMPSTRING|B_ASN1_UTF8STRING); - else if(!strcmp(p, "pkix")) - mask = ~B_ASN1_T61STRING; - else if(!strcmp(p, "utf8only")) mask = B_ASN1_UTF8STRING; - else if(!strcmp(p, "default")) - mask = 0xFFFFFFFFL; - else return 0; - ASN1_STRING_set_default_mask(mask); - return 1; -} - -/* The following function generates an ASN1_STRING based on limits in a table. - * Frequently the types and length of an ASN1_STRING are restricted by a - * corresponding OID. For example certificates and certificate requests. - */ - -ASN1_STRING *ASN1_STRING_set_by_NID(ASN1_STRING **out, const unsigned char *in, - int inlen, int inform, int nid) -{ - ASN1_STRING_TABLE *tbl; - ASN1_STRING *str = NULL; - unsigned long mask; - int ret; - if(!out) out = &str; - tbl = ASN1_STRING_TABLE_get(nid); - if(tbl) { - mask = tbl->mask; - if(!(tbl->flags & STABLE_NO_MASK)) mask &= global_mask; - ret = ASN1_mbstring_ncopy(out, in, inlen, inform, tbl->mask, - tbl->minsize, tbl->maxsize); - } else ret = ASN1_mbstring_copy(out, in, inlen, inform, DIRSTRING_TYPE & global_mask); - if(ret <= 0) return NULL; - return *out; -} - -/* Now the tables and helper functions for the string table: - */ - -/* size limits: this stuff is taken straight from RFC2459 */ - -#define ub_name 32768 -#define ub_common_name 64 -#define ub_locality_name 128 -#define ub_state_name 128 -#define ub_organization_name 64 -#define ub_organization_unit_name 64 -#define ub_title 64 -#define ub_email_address 128 - -/* This table must be kept in NID order */ - -static ASN1_STRING_TABLE tbl_standard[] = { -{NID_commonName, 1, ub_common_name, DIRSTRING_TYPE, 0}, -{NID_countryName, 2, 2, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK}, -{NID_localityName, 1, ub_locality_name, DIRSTRING_TYPE, 0}, -{NID_stateOrProvinceName, 1, ub_state_name, DIRSTRING_TYPE, 0}, -{NID_organizationName, 1, ub_organization_name, DIRSTRING_TYPE, 0}, -{NID_organizationalUnitName, 1, ub_organization_unit_name, DIRSTRING_TYPE, 0}, -{NID_pkcs9_emailAddress, 1, ub_email_address, B_ASN1_IA5STRING, STABLE_NO_MASK}, -{NID_pkcs9_unstructuredName, 1, -1, PKCS9STRING_TYPE, 0}, -{NID_pkcs9_challengePassword, 1, -1, PKCS9STRING_TYPE, 0}, -{NID_pkcs9_unstructuredAddress, 1, -1, DIRSTRING_TYPE, 0}, -{NID_givenName, 1, ub_name, DIRSTRING_TYPE, 0}, -{NID_surname, 1, ub_name, DIRSTRING_TYPE, 0}, -{NID_initials, 1, ub_name, DIRSTRING_TYPE, 0}, -{NID_name, 1, ub_name, DIRSTRING_TYPE, 0}, -{NID_dnQualifier, -1, -1, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK} -}; - -static int sk_table_cmp(const ASN1_STRING_TABLE * const *a, - const ASN1_STRING_TABLE * const *b) -{ - return (*a)->nid - (*b)->nid; -} - -static int table_cmp(const void *a, const void *b) -{ - const ASN1_STRING_TABLE *sa = a, *sb = b; - return sa->nid - sb->nid; -} - -ASN1_STRING_TABLE *ASN1_STRING_TABLE_get(int nid) -{ - int idx; - ASN1_STRING_TABLE *ttmp; - ASN1_STRING_TABLE fnd; - fnd.nid = nid; - ttmp = (ASN1_STRING_TABLE *) OBJ_bsearch((char *)&fnd, - (char *)tbl_standard, - sizeof(tbl_standard)/sizeof(ASN1_STRING_TABLE), - sizeof(ASN1_STRING_TABLE), table_cmp); - if(ttmp) return ttmp; - if(!stable) return NULL; - idx = sk_ASN1_STRING_TABLE_find(stable, &fnd); - if(idx < 0) return NULL; - return sk_ASN1_STRING_TABLE_value(stable, idx); -} - -int ASN1_STRING_TABLE_add(int nid, - long minsize, long maxsize, unsigned long mask, - unsigned long flags) -{ - ASN1_STRING_TABLE *tmp; - char new_nid = 0; - flags &= ~STABLE_FLAGS_MALLOC; - if(!stable) stable = sk_ASN1_STRING_TABLE_new(sk_table_cmp); - if(!stable) { - ASN1err(ASN1_F_ASN1_STRING_TABLE_ADD, ERR_R_MALLOC_FAILURE); - return 0; - } - if(!(tmp = ASN1_STRING_TABLE_get(nid))) { - tmp = OPENSSL_malloc(sizeof(ASN1_STRING_TABLE)); - if(!tmp) { - ASN1err(ASN1_F_ASN1_STRING_TABLE_ADD, - ERR_R_MALLOC_FAILURE); - return 0; - } - tmp->flags = flags | STABLE_FLAGS_MALLOC; - tmp->nid = nid; - new_nid = 1; - } else tmp->flags = (tmp->flags & STABLE_FLAGS_MALLOC) | flags; - if(minsize != -1) tmp->minsize = minsize; - if(maxsize != -1) tmp->maxsize = maxsize; - tmp->mask = mask; - if(new_nid) sk_ASN1_STRING_TABLE_push(stable, tmp); - return 1; -} - -void ASN1_STRING_TABLE_cleanup(void) -{ - STACK_OF(ASN1_STRING_TABLE) *tmp; - tmp = stable; - if(!tmp) return; - stable = NULL; - sk_ASN1_STRING_TABLE_pop_free(tmp, st_free); -} - -static void st_free(ASN1_STRING_TABLE *tbl) -{ - if(tbl->flags & STABLE_FLAGS_MALLOC) OPENSSL_free(tbl); -} - -IMPLEMENT_STACK_OF(ASN1_STRING_TABLE) diff --git a/src/lib/libcrypto/asn1/a_time.c b/src/lib/libcrypto/asn1/a_time.c deleted file mode 100644 index 8c0ddee4ac..0000000000 --- a/src/lib/libcrypto/asn1/a_time.c +++ /dev/null @@ -1,127 +0,0 @@ -/* crypto/asn1/a_time.c */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - - -/* This is an implementation of the ASN1 Time structure which is: - * Time ::= CHOICE { - * utcTime UTCTime, - * generalTime GeneralizedTime } - * written by Steve Henson. - */ - -#include -#include -#include "cryptlib.h" -#include - -ASN1_TIME *ASN1_TIME_new(void) -{ return M_ASN1_TIME_new(); } - -void ASN1_TIME_free(ASN1_TIME *x) -{ M_ASN1_TIME_free(x); } - -int i2d_ASN1_TIME(ASN1_TIME *a, unsigned char **pp) - { -#ifdef CHARSET_EBCDIC - /* KLUDGE! We convert to ascii before writing DER */ - char tmp[24]; - ASN1_STRING tmpstr; - - if(a->type == V_ASN1_UTCTIME || a->type == V_ASN1_GENERALIZEDTIME) { - int len; - - tmpstr = *(ASN1_STRING *)a; - len = tmpstr.length; - ebcdic2ascii(tmp, tmpstr.data, (len >= sizeof tmp) ? sizeof tmp : len); - tmpstr.data = tmp; - a = (ASN1_GENERALIZEDTIME *) &tmpstr; - } -#endif - if(a->type == V_ASN1_UTCTIME || a->type == V_ASN1_GENERALIZEDTIME) - return(i2d_ASN1_bytes((ASN1_STRING *)a,pp, - a->type ,V_ASN1_UNIVERSAL)); - ASN1err(ASN1_F_I2D_ASN1_TIME,ASN1_R_EXPECTING_A_TIME); - return -1; - } - - -ASN1_TIME *d2i_ASN1_TIME(ASN1_TIME **a, unsigned char **pp, long length) - { - unsigned char tag; - tag = **pp & ~V_ASN1_CONSTRUCTED; - if(tag == (V_ASN1_UTCTIME|V_ASN1_UNIVERSAL)) - return d2i_ASN1_UTCTIME(a, pp, length); - if(tag == (V_ASN1_GENERALIZEDTIME|V_ASN1_UNIVERSAL)) - return d2i_ASN1_GENERALIZEDTIME(a, pp, length); - ASN1err(ASN1_F_D2I_ASN1_TIME,ASN1_R_EXPECTING_A_TIME); - return(NULL); - } - - -ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t) - { - struct tm *ts; -#if defined(THREADS) && !defined(WIN32) && !defined(__CYGWIN32__) - struct tm data; - - gmtime_r(&t,&data); - ts=&data; /* should return &data, but doesn't on some systems, so we don't even look at the return value */ -#else - ts=gmtime(&t); -#endif - if((ts->tm_year >= 50) && (ts->tm_year < 150)) - return ASN1_UTCTIME_set(s, t); - return ASN1_GENERALIZEDTIME_set(s,t); - } diff --git a/src/lib/libcrypto/asn1/a_type.c b/src/lib/libcrypto/asn1/a_type.c deleted file mode 100644 index e72a6b29e0..0000000000 --- a/src/lib/libcrypto/asn1/a_type.c +++ /dev/null @@ -1,352 +0,0 @@ -/* crypto/asn1/a_type.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include - -static void ASN1_TYPE_component_free(ASN1_TYPE *a); -int i2d_ASN1_TYPE(ASN1_TYPE *a, unsigned char **pp) - { - int r=0; - - if (a == NULL) return(0); - - switch (a->type) - { - case V_ASN1_NULL: - if (pp != NULL) - ASN1_put_object(pp,0,0,V_ASN1_NULL,V_ASN1_UNIVERSAL); - r=2; - break; - case V_ASN1_INTEGER: - case V_ASN1_NEG_INTEGER: - r=i2d_ASN1_INTEGER(a->value.integer,pp); - break; - case V_ASN1_ENUMERATED: - case V_ASN1_NEG_ENUMERATED: - r=i2d_ASN1_ENUMERATED(a->value.enumerated,pp); - break; - case V_ASN1_BIT_STRING: - r=i2d_ASN1_BIT_STRING(a->value.bit_string,pp); - break; - case V_ASN1_OCTET_STRING: - r=i2d_ASN1_OCTET_STRING(a->value.octet_string,pp); - break; - case V_ASN1_OBJECT: - r=i2d_ASN1_OBJECT(a->value.object,pp); - break; - case V_ASN1_PRINTABLESTRING: - r=M_i2d_ASN1_PRINTABLESTRING(a->value.printablestring,pp); - break; - case V_ASN1_T61STRING: - r=M_i2d_ASN1_T61STRING(a->value.t61string,pp); - break; - case V_ASN1_IA5STRING: - r=M_i2d_ASN1_IA5STRING(a->value.ia5string,pp); - break; - case V_ASN1_GENERALSTRING: - r=M_i2d_ASN1_GENERALSTRING(a->value.generalstring,pp); - break; - case V_ASN1_UNIVERSALSTRING: - r=M_i2d_ASN1_UNIVERSALSTRING(a->value.universalstring,pp); - break; - case V_ASN1_UTF8STRING: - r=M_i2d_ASN1_UTF8STRING(a->value.utf8string,pp); - break; - case V_ASN1_VISIBLESTRING: - r=M_i2d_ASN1_VISIBLESTRING(a->value.visiblestring,pp); - break; - case V_ASN1_BMPSTRING: - r=M_i2d_ASN1_BMPSTRING(a->value.bmpstring,pp); - break; - case V_ASN1_UTCTIME: - r=i2d_ASN1_UTCTIME(a->value.utctime,pp); - break; - case V_ASN1_GENERALIZEDTIME: - r=i2d_ASN1_GENERALIZEDTIME(a->value.generalizedtime,pp); - break; - case V_ASN1_SET: - case V_ASN1_SEQUENCE: - case V_ASN1_OTHER: - default: - if (a->value.set == NULL) - r=0; - else - { - r=a->value.set->length; - if (pp != NULL) - { - memcpy(*pp,a->value.set->data,r); - *pp+=r; - } - } - break; - } - return(r); - } - -ASN1_TYPE *d2i_ASN1_TYPE(ASN1_TYPE **a, unsigned char **pp, long length) - { - ASN1_TYPE *ret=NULL; - unsigned char *q,*p,*max; - int inf,tag,xclass; - long len; - - if ((a == NULL) || ((*a) == NULL)) - { - if ((ret=ASN1_TYPE_new()) == NULL) goto err; - } - else - ret=(*a); - - p= *pp; - q=p; - max=(p+length); - - inf=ASN1_get_object(&q,&len,&tag,&xclass,length); - if (inf & 0x80) goto err; - /* If not universal tag we've no idea what it is */ - if(xclass != V_ASN1_UNIVERSAL) tag = V_ASN1_OTHER; - - ASN1_TYPE_component_free(ret); - - switch (tag) - { - case V_ASN1_NULL: - p=q; - ret->value.ptr=NULL; - break; - case V_ASN1_INTEGER: - if ((ret->value.integer= - d2i_ASN1_INTEGER(NULL,&p,max-p)) == NULL) - goto err; - break; - case V_ASN1_ENUMERATED: - if ((ret->value.enumerated= - d2i_ASN1_ENUMERATED(NULL,&p,max-p)) == NULL) - goto err; - break; - case V_ASN1_BIT_STRING: - if ((ret->value.bit_string= - d2i_ASN1_BIT_STRING(NULL,&p,max-p)) == NULL) - goto err; - break; - case V_ASN1_OCTET_STRING: - if ((ret->value.octet_string= - d2i_ASN1_OCTET_STRING(NULL,&p,max-p)) == NULL) - goto err; - break; - case V_ASN1_VISIBLESTRING: - if ((ret->value.visiblestring= - d2i_ASN1_VISIBLESTRING(NULL,&p,max-p)) == NULL) - goto err; - break; - case V_ASN1_UTF8STRING: - if ((ret->value.utf8string= - d2i_ASN1_UTF8STRING(NULL,&p,max-p)) == NULL) - goto err; - break; - case V_ASN1_OBJECT: - if ((ret->value.object= - d2i_ASN1_OBJECT(NULL,&p,max-p)) == NULL) - goto err; - break; - case V_ASN1_PRINTABLESTRING: - if ((ret->value.printablestring= - d2i_ASN1_PRINTABLESTRING(NULL,&p,max-p)) == NULL) - goto err; - break; - case V_ASN1_T61STRING: - if ((ret->value.t61string= - M_d2i_ASN1_T61STRING(NULL,&p,max-p)) == NULL) - goto err; - break; - case V_ASN1_IA5STRING: - if ((ret->value.ia5string= - M_d2i_ASN1_IA5STRING(NULL,&p,max-p)) == NULL) - goto err; - break; - case V_ASN1_GENERALSTRING: - if ((ret->value.generalstring= - M_d2i_ASN1_GENERALSTRING(NULL,&p,max-p)) == NULL) - goto err; - break; - case V_ASN1_UNIVERSALSTRING: - if ((ret->value.universalstring= - M_d2i_ASN1_UNIVERSALSTRING(NULL,&p,max-p)) == NULL) - goto err; - break; - case V_ASN1_BMPSTRING: - if ((ret->value.bmpstring= - M_d2i_ASN1_BMPSTRING(NULL,&p,max-p)) == NULL) - goto err; - break; - case V_ASN1_UTCTIME: - if ((ret->value.utctime= - d2i_ASN1_UTCTIME(NULL,&p,max-p)) == NULL) - goto err; - break; - case V_ASN1_GENERALIZEDTIME: - if ((ret->value.generalizedtime= - d2i_ASN1_GENERALIZEDTIME(NULL,&p,max-p)) == NULL) - goto err; - break; - case V_ASN1_SET: - case V_ASN1_SEQUENCE: - case V_ASN1_OTHER: - default: - /* Sets and sequences are left complete */ - if ((ret->value.set=ASN1_STRING_new()) == NULL) goto err; - ret->value.set->type=tag; - len+=(q-p); - if (!ASN1_STRING_set(ret->value.set,p,(int)len)) goto err; - p+=len; - break; - } - - ret->type=tag; - if (a != NULL) (*a)=ret; - *pp=p; - return(ret); -err: - if ((ret != NULL) && ((a == NULL) || (*a != ret))) ASN1_TYPE_free(ret); - return(NULL); - } - -ASN1_TYPE *ASN1_TYPE_new(void) - { - ASN1_TYPE *ret=NULL; - ASN1_CTX c; - - M_ASN1_New_Malloc(ret,ASN1_TYPE); - ret->type= -1; - ret->value.ptr=NULL; - return(ret); - M_ASN1_New_Error(ASN1_F_ASN1_TYPE_NEW); - } - -void ASN1_TYPE_free(ASN1_TYPE *a) - { - if (a == NULL) return; - ASN1_TYPE_component_free(a); - OPENSSL_free(a); - } - -int ASN1_TYPE_get(ASN1_TYPE *a) - { - if (a->value.ptr != NULL) - return(a->type); - else - return(0); - } - -void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value) - { - if (a->value.ptr != NULL) - ASN1_TYPE_component_free(a); - a->type=type; - a->value.ptr=value; - } - -static void ASN1_TYPE_component_free(ASN1_TYPE *a) - { - if (a == NULL) return; - - if (a->value.ptr != NULL) - { - switch (a->type) - { - case V_ASN1_OBJECT: - ASN1_OBJECT_free(a->value.object); - break; - case V_ASN1_NULL: - break; - case V_ASN1_INTEGER: - case V_ASN1_NEG_INTEGER: - case V_ASN1_ENUMERATED: - case V_ASN1_NEG_ENUMERATED: - case V_ASN1_BIT_STRING: - case V_ASN1_OCTET_STRING: - case V_ASN1_SEQUENCE: - case V_ASN1_SET: - case V_ASN1_NUMERICSTRING: - case V_ASN1_PRINTABLESTRING: - case V_ASN1_T61STRING: - case V_ASN1_VIDEOTEXSTRING: - case V_ASN1_IA5STRING: - case V_ASN1_UTCTIME: - case V_ASN1_GENERALIZEDTIME: - case V_ASN1_GRAPHICSTRING: - case V_ASN1_VISIBLESTRING: - case V_ASN1_GENERALSTRING: - case V_ASN1_UNIVERSALSTRING: - case V_ASN1_BMPSTRING: - case V_ASN1_UTF8STRING: - case V_ASN1_OTHER: - default: - ASN1_STRING_free((ASN1_STRING *)a->value.ptr); - break; - } - a->type=0; - a->value.ptr=NULL; - } - } - -IMPLEMENT_STACK_OF(ASN1_TYPE) -IMPLEMENT_ASN1_SET_OF(ASN1_TYPE) diff --git a/src/lib/libcrypto/asn1/a_utf8.c b/src/lib/libcrypto/asn1/a_utf8.c deleted file mode 100644 index 854278f136..0000000000 --- a/src/lib/libcrypto/asn1/a_utf8.c +++ /dev/null @@ -1,238 +0,0 @@ -/* crypto/asn1/a_utf8.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include - -ASN1_UTF8STRING *ASN1_UTF8STRING_new(void) -{ return M_ASN1_UTF8STRING_new();} - -void ASN1_UTF8STRING_free(ASN1_UTF8STRING *x) -{ M_ASN1_UTF8STRING_free(x);} - -int i2d_ASN1_UTF8STRING(ASN1_UTF8STRING *a, unsigned char **pp) - { - return(i2d_ASN1_bytes((ASN1_STRING *)a,pp, - V_ASN1_UTF8STRING,V_ASN1_UNIVERSAL)); - } - -ASN1_UTF8STRING *d2i_ASN1_UTF8STRING(ASN1_UTF8STRING **a, unsigned char **pp, - long length) - { - ASN1_UTF8STRING *ret=NULL; - - ret=(ASN1_UTF8STRING *)d2i_ASN1_bytes((ASN1_STRING **)a, - pp,length,V_ASN1_UTF8STRING,V_ASN1_UNIVERSAL); - if (ret == NULL) - { - ASN1err(ASN1_F_D2I_ASN1_UTF8STRING,ERR_R_NESTED_ASN1_ERROR); - return(NULL); - } - return(ret); - } - - -/* UTF8 utilities */ - -/* This parses a UTF8 string one character at a time. It is passed a pointer - * to the string and the length of the string. It sets 'value' to the value of - * the current character. It returns the number of characters read or a - * negative error code: - * -1 = string too short - * -2 = illegal character - * -3 = subsequent characters not of the form 10xxxxxx - * -4 = character encoded incorrectly (not minimal length). - */ - -int UTF8_getc(const unsigned char *str, int len, unsigned long *val) -{ - const unsigned char *p; - unsigned long value; - int ret; - if(len <= 0) return 0; - p = str; - - /* Check syntax and work out the encoded value (if correct) */ - if((*p & 0x80) == 0) { - value = *p++ & 0x7f; - ret = 1; - } else if((*p & 0xe0) == 0xc0) { - if(len < 2) return -1; - if((p[1] & 0xc0) != 0x80) return -3; - value = (*p++ & 0x1f) << 6; - value |= *p++ & 0x3f; - if(value < 0x80) return -4; - ret = 2; - } else if((*p & 0xf0) == 0xe0) { - if(len < 3) return -1; - if( ((p[1] & 0xc0) != 0x80) - || ((p[2] & 0xc0) != 0x80) ) return -3; - value = (*p++ & 0xf) << 12; - value |= (*p++ & 0x3f) << 6; - value |= *p++ & 0x3f; - if(value < 0x800) return -4; - ret = 3; - } else if((*p & 0xf8) == 0xf0) { - if(len < 4) return -1; - if( ((p[1] & 0xc0) != 0x80) - || ((p[2] & 0xc0) != 0x80) - || ((p[3] & 0xc0) != 0x80) ) return -3; - value = ((unsigned long)(*p++ & 0x7)) << 18; - value |= (*p++ & 0x3f) << 12; - value |= (*p++ & 0x3f) << 6; - value |= *p++ & 0x3f; - if(value < 0x10000) return -4; - ret = 4; - } else if((*p & 0xfc) == 0xf8) { - if(len < 5) return -1; - if( ((p[1] & 0xc0) != 0x80) - || ((p[2] & 0xc0) != 0x80) - || ((p[3] & 0xc0) != 0x80) - || ((p[4] & 0xc0) != 0x80) ) return -3; - value = ((unsigned long)(*p++ & 0x3)) << 24; - value |= ((unsigned long)(*p++ & 0x3f)) << 18; - value |= ((unsigned long)(*p++ & 0x3f)) << 12; - value |= (*p++ & 0x3f) << 6; - value |= *p++ & 0x3f; - if(value < 0x200000) return -4; - ret = 5; - } else if((*p & 0xfe) == 0xfc) { - if(len < 6) return -1; - if( ((p[1] & 0xc0) != 0x80) - || ((p[2] & 0xc0) != 0x80) - || ((p[3] & 0xc0) != 0x80) - || ((p[4] & 0xc0) != 0x80) - || ((p[5] & 0xc0) != 0x80) ) return -3; - value = ((unsigned long)(*p++ & 0x1)) << 30; - value |= ((unsigned long)(*p++ & 0x3f)) << 24; - value |= ((unsigned long)(*p++ & 0x3f)) << 18; - value |= ((unsigned long)(*p++ & 0x3f)) << 12; - value |= (*p++ & 0x3f) << 6; - value |= *p++ & 0x3f; - if(value < 0x4000000) return -4; - ret = 6; - } else return -2; - *val = value; - return ret; -} - -/* This takes a character 'value' and writes the UTF8 encoded value in - * 'str' where 'str' is a buffer containing 'len' characters. Returns - * the number of characters written or -1 if 'len' is too small. 'str' can - * be set to NULL in which case it just returns the number of characters. - * It will need at most 6 characters. - */ - -int UTF8_putc(unsigned char *str, int len, unsigned long value) -{ - if(!str) len = 6; /* Maximum we will need */ - else if(len <= 0) return -1; - if(value < 0x80) { - if(str) *str = (unsigned char)value; - return 1; - } - if(value < 0x800) { - if(len < 2) return -1; - if(str) { - *str++ = (unsigned char)(((value >> 6) & 0x1f) | 0xc0); - *str = (unsigned char)((value & 0x3f) | 0x80); - } - return 2; - } - if(value < 0x10000) { - if(len < 3) return -1; - if(str) { - *str++ = (unsigned char)(((value >> 12) & 0xf) | 0xe0); - *str++ = (unsigned char)(((value >> 6) & 0x3f) | 0x80); - *str = (unsigned char)((value & 0x3f) | 0x80); - } - return 3; - } - if(value < 0x200000) { - if(len < 4) return -1; - if(str) { - *str++ = (unsigned char)(((value >> 18) & 0x7) | 0xf0); - *str++ = (unsigned char)(((value >> 12) & 0x3f) | 0x80); - *str++ = (unsigned char)(((value >> 6) & 0x3f) | 0x80); - *str = (unsigned char)((value & 0x3f) | 0x80); - } - return 4; - } - if(value < 0x4000000) { - if(len < 5) return -1; - if(str) { - *str++ = (unsigned char)(((value >> 24) & 0x3) | 0xf8); - *str++ = (unsigned char)(((value >> 18) & 0x3f) | 0x80); - *str++ = (unsigned char)(((value >> 12) & 0x3f) | 0x80); - *str++ = (unsigned char)(((value >> 6) & 0x3f) | 0x80); - *str = (unsigned char)((value & 0x3f) | 0x80); - } - return 5; - } - if(len < 6) return -1; - if(str) { - *str++ = (unsigned char)(((value >> 30) & 0x1) | 0xfc); - *str++ = (unsigned char)(((value >> 24) & 0x3f) | 0x80); - *str++ = (unsigned char)(((value >> 18) & 0x3f) | 0x80); - *str++ = (unsigned char)(((value >> 12) & 0x3f) | 0x80); - *str++ = (unsigned char)(((value >> 6) & 0x3f) | 0x80); - *str = (unsigned char)((value & 0x3f) | 0x80); - } - return 6; -} diff --git a/src/lib/libcrypto/asn1/a_verify.c b/src/lib/libcrypto/asn1/a_verify.c deleted file mode 100644 index 2a11927e5c..0000000000 --- a/src/lib/libcrypto/asn1/a_verify.c +++ /dev/null @@ -1,119 +0,0 @@ -/* crypto/asn1/a_verify.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include - -#include "cryptlib.h" - -#ifndef NO_SYS_TYPES_H -# include -#endif - -#include -#include -#include -#include -#include - -int ASN1_verify(int (*i2d)(), X509_ALGOR *a, ASN1_BIT_STRING *signature, - char *data, EVP_PKEY *pkey) - { - EVP_MD_CTX ctx; - const EVP_MD *type; - unsigned char *p,*buf_in=NULL; - int ret= -1,i,inl; - - i=OBJ_obj2nid(a->algorithm); - type=EVP_get_digestbyname(OBJ_nid2sn(i)); - if (type == NULL) - { - ASN1err(ASN1_F_ASN1_VERIFY,ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM); - goto err; - } - - inl=i2d(data,NULL); - buf_in=OPENSSL_malloc((unsigned int)inl); - if (buf_in == NULL) - { - ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_MALLOC_FAILURE); - goto err; - } - p=buf_in; - - i2d(data,&p); - EVP_VerifyInit(&ctx,type); - EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl); - - memset(buf_in,0,(unsigned int)inl); - OPENSSL_free(buf_in); - - if (EVP_VerifyFinal(&ctx,(unsigned char *)signature->data, - (unsigned int)signature->length,pkey) <= 0) - { - ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_EVP_LIB); - ret=0; - goto err; - } - /* we don't need to zero the 'ctx' because we just checked - * public information */ - /* memset(&ctx,0,sizeof(ctx)); */ - ret=1; -err: - return(ret); - } diff --git a/src/lib/libcrypto/asn1/asn1.h b/src/lib/libcrypto/asn1/asn1.h deleted file mode 100644 index 6f956b1963..0000000000 --- a/src/lib/libcrypto/asn1/asn1.h +++ /dev/null @@ -1,1151 +0,0 @@ -/* crypto/asn1/asn1.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_ASN1_H -#define HEADER_ASN1_H - -#include -#ifndef NO_BIO -#include -#endif -#include -#include -#include - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -#define V_ASN1_UNIVERSAL 0x00 -#define V_ASN1_APPLICATION 0x40 -#define V_ASN1_CONTEXT_SPECIFIC 0x80 -#define V_ASN1_PRIVATE 0xc0 - -#define V_ASN1_CONSTRUCTED 0x20 -#define V_ASN1_PRIMITIVE_TAG 0x1f -#define V_ASN1_PRIMATIVE_TAG 0x1f - -#define V_ASN1_APP_CHOOSE -2 /* let the recipient choose */ -#define V_ASN1_OTHER -3 /* used in ASN1_TYPE */ - -#define V_ASN1_NEG 0x100 /* negative flag */ - -#define V_ASN1_UNDEF -1 -#define V_ASN1_EOC 0 -#define V_ASN1_BOOLEAN 1 /**/ -#define V_ASN1_INTEGER 2 -#define V_ASN1_NEG_INTEGER (2 | V_ASN1_NEG) -#define V_ASN1_BIT_STRING 3 -#define V_ASN1_OCTET_STRING 4 -#define V_ASN1_NULL 5 -#define V_ASN1_OBJECT 6 -#define V_ASN1_OBJECT_DESCRIPTOR 7 -#define V_ASN1_EXTERNAL 8 -#define V_ASN1_REAL 9 -#define V_ASN1_ENUMERATED 10 -#define V_ASN1_NEG_ENUMERATED (10 | V_ASN1_NEG) -#define V_ASN1_UTF8STRING 12 -#define V_ASN1_SEQUENCE 16 -#define V_ASN1_SET 17 -#define V_ASN1_NUMERICSTRING 18 /**/ -#define V_ASN1_PRINTABLESTRING 19 -#define V_ASN1_T61STRING 20 -#define V_ASN1_TELETEXSTRING 20 /* alias */ -#define V_ASN1_VIDEOTEXSTRING 21 /**/ -#define V_ASN1_IA5STRING 22 -#define V_ASN1_UTCTIME 23 -#define V_ASN1_GENERALIZEDTIME 24 /**/ -#define V_ASN1_GRAPHICSTRING 25 /**/ -#define V_ASN1_ISO64STRING 26 /**/ -#define V_ASN1_VISIBLESTRING 26 /* alias */ -#define V_ASN1_GENERALSTRING 27 /**/ -#define V_ASN1_UNIVERSALSTRING 28 /**/ -#define V_ASN1_BMPSTRING 30 - -/* For use with d2i_ASN1_type_bytes() */ -#define B_ASN1_NUMERICSTRING 0x0001 -#define B_ASN1_PRINTABLESTRING 0x0002 -#define B_ASN1_T61STRING 0x0004 -#define B_ASN1_TELETEXSTRING 0x0008 -#define B_ASN1_VIDEOTEXSTRING 0x0008 -#define B_ASN1_IA5STRING 0x0010 -#define B_ASN1_GRAPHICSTRING 0x0020 -#define B_ASN1_ISO64STRING 0x0040 -#define B_ASN1_VISIBLESTRING 0x0040 -#define B_ASN1_GENERALSTRING 0x0080 -#define B_ASN1_UNIVERSALSTRING 0x0100 -#define B_ASN1_OCTET_STRING 0x0200 -#define B_ASN1_BIT_STRING 0x0400 -#define B_ASN1_BMPSTRING 0x0800 -#define B_ASN1_UNKNOWN 0x1000 -#define B_ASN1_UTF8STRING 0x2000 - -/* For use with ASN1_mbstring_copy() */ -#define MBSTRING_FLAG 0x1000 -#define MBSTRING_ASC (MBSTRING_FLAG|1) -#define MBSTRING_BMP (MBSTRING_FLAG|2) -#define MBSTRING_UNIV (MBSTRING_FLAG|3) -#define MBSTRING_UTF8 (MBSTRING_FLAG|4) - -struct X509_algor_st; - -#define DECLARE_ASN1_SET_OF(type) /* filled in by mkstack.pl */ -#define IMPLEMENT_ASN1_SET_OF(type) /* nothing, no longer needed */ - -typedef struct asn1_ctx_st - { - unsigned char *p;/* work char pointer */ - int eos; /* end of sequence read for indefinite encoding */ - int error; /* error code to use when returning an error */ - int inf; /* constructed if 0x20, indefinite is 0x21 */ - int tag; /* tag from last 'get object' */ - int xclass; /* class from last 'get object' */ - long slen; /* length of last 'get object' */ - unsigned char *max; /* largest value of p allowed */ - unsigned char *q;/* temporary variable */ - unsigned char **pp;/* variable */ - int line; /* used in error processing */ - } ASN1_CTX; - -/* These are used internally in the ASN1_OBJECT to keep track of - * whether the names and data need to be free()ed */ -#define ASN1_OBJECT_FLAG_DYNAMIC 0x01 /* internal use */ -#define ASN1_OBJECT_FLAG_CRITICAL 0x02 /* critical x509v3 object id */ -#define ASN1_OBJECT_FLAG_DYNAMIC_STRINGS 0x04 /* internal use */ -#define ASN1_OBJECT_FLAG_DYNAMIC_DATA 0x08 /* internal use */ -typedef struct asn1_object_st - { - const char *sn,*ln; - int nid; - int length; - unsigned char *data; - int flags; /* Should we free this one */ - } ASN1_OBJECT; - -#define ASN1_STRING_FLAG_BITS_LEFT 0x08 /* Set if 0x07 has bits left value */ -/* This is the base type that holds just about everything :-) */ -typedef struct asn1_string_st - { - int length; - int type; - unsigned char *data; - /* The value of the following field depends on the type being - * held. It is mostly being used for BIT_STRING so if the - * input data has a non-zero 'unused bits' value, it will be - * handled correctly */ - long flags; - } ASN1_STRING; - -#define STABLE_FLAGS_MALLOC 0x01 -#define STABLE_NO_MASK 0x02 -#define DIRSTRING_TYPE \ - (B_ASN1_PRINTABLESTRING|B_ASN1_T61STRING|B_ASN1_BMPSTRING|B_ASN1_UTF8STRING) -#define PKCS9STRING_TYPE (DIRSTRING_TYPE|B_ASN1_IA5STRING) - -typedef struct asn1_string_table_st { - int nid; - long minsize; - long maxsize; - unsigned long mask; - unsigned long flags; -} ASN1_STRING_TABLE; - -DECLARE_STACK_OF(ASN1_STRING_TABLE) - -/* size limits: this stuff is taken straight from RFC2459 */ - -#define ub_name 32768 -#define ub_common_name 64 -#define ub_locality_name 128 -#define ub_state_name 128 -#define ub_organization_name 64 -#define ub_organization_unit_name 64 -#define ub_title 64 -#define ub_email_address 128 - -#ifdef NO_ASN1_TYPEDEFS -#define ASN1_INTEGER ASN1_STRING -#define ASN1_ENUMERATED ASN1_STRING -#define ASN1_BIT_STRING ASN1_STRING -#define ASN1_OCTET_STRING ASN1_STRING -#define ASN1_PRINTABLESTRING ASN1_STRING -#define ASN1_T61STRING ASN1_STRING -#define ASN1_IA5STRING ASN1_STRING -#define ASN1_UTCTIME ASN1_STRING -#define ASN1_GENERALIZEDTIME ASN1_STRING -#define ASN1_TIME ASN1_STRING -#define ASN1_GENERALSTRING ASN1_STRING -#define ASN1_UNIVERSALSTRING ASN1_STRING -#define ASN1_BMPSTRING ASN1_STRING -#define ASN1_VISIBLESTRING ASN1_STRING -#define ASN1_UTF8STRING ASN1_STRING -#define ASN1_BOOLEAN int -#else -typedef struct asn1_string_st ASN1_INTEGER; -typedef struct asn1_string_st ASN1_ENUMERATED; -typedef struct asn1_string_st ASN1_BIT_STRING; -typedef struct asn1_string_st ASN1_OCTET_STRING; -typedef struct asn1_string_st ASN1_PRINTABLESTRING; -typedef struct asn1_string_st ASN1_T61STRING; -typedef struct asn1_string_st ASN1_IA5STRING; -typedef struct asn1_string_st ASN1_GENERALSTRING; -typedef struct asn1_string_st ASN1_UNIVERSALSTRING; -typedef struct asn1_string_st ASN1_BMPSTRING; -typedef struct asn1_string_st ASN1_UTCTIME; -typedef struct asn1_string_st ASN1_TIME; -typedef struct asn1_string_st ASN1_GENERALIZEDTIME; -typedef struct asn1_string_st ASN1_VISIBLESTRING; -typedef struct asn1_string_st ASN1_UTF8STRING; -typedef int ASN1_BOOLEAN; -#endif - -typedef int ASN1_NULL; - -/* Parameters used by ASN1_STRING_print_ex() */ - -/* These determine which characters to escape: - * RFC2253 special characters, control characters and - * MSB set characters - */ - -#define ASN1_STRFLGS_ESC_2253 1 -#define ASN1_STRFLGS_ESC_CTRL 2 -#define ASN1_STRFLGS_ESC_MSB 4 - - -/* This flag determines how we do escaping: normally - * RC2253 backslash only, set this to use backslash and - * quote. - */ - -#define ASN1_STRFLGS_ESC_QUOTE 8 - - -/* These three flags are internal use only. */ - -/* Character is a valid PrintableString character */ -#define CHARTYPE_PRINTABLESTRING 0x10 -/* Character needs escaping if it is the first character */ -#define CHARTYPE_FIRST_ESC_2253 0x20 -/* Character needs escaping if it is the last character */ -#define CHARTYPE_LAST_ESC_2253 0x40 - -/* NB the internal flags are safely reused below by flags - * handled at the top level. - */ - -/* If this is set we convert all character strings - * to UTF8 first - */ - -#define ASN1_STRFLGS_UTF8_CONVERT 0x10 - -/* If this is set we don't attempt to interpret content: - * just assume all strings are 1 byte per character. This - * will produce some pretty odd looking output! - */ - -#define ASN1_STRFLGS_IGNORE_TYPE 0x20 - -/* If this is set we include the string type in the output */ -#define ASN1_STRFLGS_SHOW_TYPE 0x40 - -/* This determines which strings to display and which to - * 'dump' (hex dump of content octets or DER encoding). We can - * only dump non character strings or everything. If we - * don't dump 'unknown' they are interpreted as character - * strings with 1 octet per character and are subject to - * the usual escaping options. - */ - -#define ASN1_STRFLGS_DUMP_ALL 0x80 -#define ASN1_STRFLGS_DUMP_UNKNOWN 0x100 - -/* These determine what 'dumping' does, we can dump the - * content octets or the DER encoding: both use the - * RFC2253 #XXXXX notation. - */ - -#define ASN1_STRFLGS_DUMP_DER 0x200 - -/* All the string flags consistent with RFC2253, - * escaping control characters isn't essential in - * RFC2253 but it is advisable anyway. - */ - -#define ASN1_STRFLGS_RFC2253 (ASN1_STRFLGS_ESC_2253 | \ - ASN1_STRFLGS_ESC_CTRL | \ - ASN1_STRFLGS_ESC_MSB | \ - ASN1_STRFLGS_UTF8_CONVERT | \ - ASN1_STRFLGS_DUMP_UNKNOWN | \ - ASN1_STRFLGS_DUMP_DER) - -DECLARE_STACK_OF(ASN1_INTEGER) -DECLARE_ASN1_SET_OF(ASN1_INTEGER) - -typedef struct asn1_type_st - { - int type; - union { - char *ptr; - ASN1_BOOLEAN boolean; - ASN1_STRING * asn1_string; - ASN1_OBJECT * object; - ASN1_INTEGER * integer; - ASN1_ENUMERATED * enumerated; - ASN1_BIT_STRING * bit_string; - ASN1_OCTET_STRING * octet_string; - ASN1_PRINTABLESTRING * printablestring; - ASN1_T61STRING * t61string; - ASN1_IA5STRING * ia5string; - ASN1_GENERALSTRING * generalstring; - ASN1_BMPSTRING * bmpstring; - ASN1_UNIVERSALSTRING * universalstring; - ASN1_UTCTIME * utctime; - ASN1_GENERALIZEDTIME * generalizedtime; - ASN1_VISIBLESTRING * visiblestring; - ASN1_UTF8STRING * utf8string; - /* set and sequence are left complete and still - * contain the set or sequence bytes */ - ASN1_STRING * set; - ASN1_STRING * sequence; - } value; - } ASN1_TYPE; - -DECLARE_STACK_OF(ASN1_TYPE) -DECLARE_ASN1_SET_OF(ASN1_TYPE) - -typedef struct asn1_method_st - { - int (*i2d)(); - char *(*d2i)(); - char *(*create)(); - void (*destroy)(); - } ASN1_METHOD; - -/* This is used when parsing some Netscape objects */ -typedef struct asn1_header_st - { - ASN1_OCTET_STRING *header; - char *data; - ASN1_METHOD *meth; - } ASN1_HEADER; - -/* This is used to contain a list of bit names */ -typedef struct BIT_STRING_BITNAME_st { - int bitnum; - const char *lname; - const char *sname; -} BIT_STRING_BITNAME; - - -#define M_ASN1_STRING_length(x) ((x)->length) -#define M_ASN1_STRING_length_set(x, n) ((x)->length = (n)) -#define M_ASN1_STRING_type(x) ((x)->type) -#define M_ASN1_STRING_data(x) ((x)->data) - -/* Macros for string operations */ -#define M_ASN1_BIT_STRING_new() (ASN1_BIT_STRING *)\ - ASN1_STRING_type_new(V_ASN1_BIT_STRING) -#define M_ASN1_BIT_STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) -#define M_ASN1_BIT_STRING_dup(a) (ASN1_BIT_STRING *)\ - ASN1_STRING_dup((ASN1_STRING *)a) -#define M_ASN1_BIT_STRING_cmp(a,b) ASN1_STRING_cmp(\ - (ASN1_STRING *)a,(ASN1_STRING *)b) -#define M_ASN1_BIT_STRING_set(a,b,c) ASN1_STRING_set((ASN1_STRING *)a,b,c) - -#define M_ASN1_INTEGER_new() (ASN1_INTEGER *)\ - ASN1_STRING_type_new(V_ASN1_INTEGER) -#define M_ASN1_INTEGER_free(a) ASN1_STRING_free((ASN1_STRING *)a) -#define M_ASN1_INTEGER_dup(a) (ASN1_INTEGER *)ASN1_STRING_dup((ASN1_STRING *)a) -#define M_ASN1_INTEGER_cmp(a,b) ASN1_STRING_cmp(\ - (ASN1_STRING *)a,(ASN1_STRING *)b) - -#define M_ASN1_ENUMERATED_new() (ASN1_ENUMERATED *)\ - ASN1_STRING_type_new(V_ASN1_ENUMERATED) -#define M_ASN1_ENUMERATED_free(a) ASN1_STRING_free((ASN1_STRING *)a) -#define M_ASN1_ENUMERATED_dup(a) (ASN1_ENUMERATED *)ASN1_STRING_dup((ASN1_STRING *)a) -#define M_ASN1_ENUMERATED_cmp(a,b) ASN1_STRING_cmp(\ - (ASN1_STRING *)a,(ASN1_STRING *)b) - -#define M_ASN1_OCTET_STRING_new() (ASN1_OCTET_STRING *)\ - ASN1_STRING_type_new(V_ASN1_OCTET_STRING) -#define M_ASN1_OCTET_STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) -#define M_ASN1_OCTET_STRING_dup(a) (ASN1_OCTET_STRING *)\ - ASN1_STRING_dup((ASN1_STRING *)a) -#define M_ASN1_OCTET_STRING_cmp(a,b) ASN1_STRING_cmp(\ - (ASN1_STRING *)a,(ASN1_STRING *)b) -#define M_ASN1_OCTET_STRING_set(a,b,c) ASN1_STRING_set((ASN1_STRING *)a,b,c) -#define M_ASN1_OCTET_STRING_print(a,b) ASN1_STRING_print(a,(ASN1_STRING *)b) -#define M_i2d_ASN1_OCTET_STRING(a,pp) \ - i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_OCTET_STRING,\ - V_ASN1_UNIVERSAL) - -#define M_ASN1_PRINTABLE_new() ASN1_STRING_type_new(V_ASN1_T61STRING) -#define M_ASN1_PRINTABLE_free(a) ASN1_STRING_free((ASN1_STRING *)a) -#define M_i2d_ASN1_PRINTABLE(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\ - pp,a->type,V_ASN1_UNIVERSAL) -#define M_d2i_ASN1_PRINTABLE(a,pp,l) \ - d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \ - B_ASN1_PRINTABLESTRING| \ - B_ASN1_T61STRING| \ - B_ASN1_IA5STRING| \ - B_ASN1_BIT_STRING| \ - B_ASN1_UNIVERSALSTRING|\ - B_ASN1_BMPSTRING|\ - B_ASN1_UTF8STRING|\ - B_ASN1_UNKNOWN) - -#define M_DIRECTORYSTRING_new() ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING) -#define M_DIRECTORYSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) -#define M_i2d_DIRECTORYSTRING(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\ - pp,a->type,V_ASN1_UNIVERSAL) -#define M_d2i_DIRECTORYSTRING(a,pp,l) \ - d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \ - B_ASN1_PRINTABLESTRING| \ - B_ASN1_TELETEXSTRING|\ - B_ASN1_BMPSTRING|\ - B_ASN1_UNIVERSALSTRING|\ - B_ASN1_UTF8STRING) - -#define M_DISPLAYTEXT_new() ASN1_STRING_type_new(V_ASN1_VISIBLESTRING) -#define M_DISPLAYTEXT_free(a) ASN1_STRING_free((ASN1_STRING *)a) -#define M_i2d_DISPLAYTEXT(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\ - pp,a->type,V_ASN1_UNIVERSAL) -#define M_d2i_DISPLAYTEXT(a,pp,l) \ - d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \ - B_ASN1_VISIBLESTRING| \ - B_ASN1_BMPSTRING|\ - B_ASN1_UTF8STRING) - -#define M_ASN1_PRINTABLESTRING_new() (ASN1_PRINTABLESTRING *)\ - ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING) -#define M_ASN1_PRINTABLESTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) -#define M_i2d_ASN1_PRINTABLESTRING(a,pp) \ - i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_PRINTABLESTRING,\ - V_ASN1_UNIVERSAL) -#define M_d2i_ASN1_PRINTABLESTRING(a,pp,l) \ - (ASN1_PRINTABLESTRING *)d2i_ASN1_type_bytes\ - ((ASN1_STRING **)a,pp,l,B_ASN1_PRINTABLESTRING) - -#define M_ASN1_T61STRING_new() (ASN1_T61STRING *)\ - ASN1_STRING_type_new(V_ASN1_T61STRING) -#define M_ASN1_T61STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) -#define M_i2d_ASN1_T61STRING(a,pp) \ - i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_T61STRING,\ - V_ASN1_UNIVERSAL) -#define M_d2i_ASN1_T61STRING(a,pp,l) \ - (ASN1_T61STRING *)d2i_ASN1_type_bytes\ - ((ASN1_STRING **)a,pp,l,B_ASN1_T61STRING) - -#define M_ASN1_IA5STRING_new() (ASN1_IA5STRING *)\ - ASN1_STRING_type_new(V_ASN1_IA5STRING) -#define M_ASN1_IA5STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) -#define M_ASN1_IA5STRING_dup(a) \ - (ASN1_IA5STRING *)ASN1_STRING_dup((ASN1_STRING *)a) -#define M_i2d_ASN1_IA5STRING(a,pp) \ - i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_IA5STRING,\ - V_ASN1_UNIVERSAL) -#define M_d2i_ASN1_IA5STRING(a,pp,l) \ - (ASN1_IA5STRING *)d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l,\ - B_ASN1_IA5STRING) - -#define M_ASN1_UTCTIME_new() (ASN1_UTCTIME *)\ - ASN1_STRING_type_new(V_ASN1_UTCTIME) -#define M_ASN1_UTCTIME_free(a) ASN1_STRING_free((ASN1_STRING *)a) -#define M_ASN1_UTCTIME_dup(a) (ASN1_UTCTIME *)ASN1_STRING_dup((ASN1_STRING *)a) - -#define M_ASN1_GENERALIZEDTIME_new() (ASN1_GENERALIZEDTIME *)\ - ASN1_STRING_type_new(V_ASN1_GENERALIZEDTIME) -#define M_ASN1_GENERALIZEDTIME_free(a) ASN1_STRING_free((ASN1_STRING *)a) -#define M_ASN1_GENERALIZEDTIME_dup(a) (ASN1_GENERALIZEDTIME *)ASN1_STRING_dup(\ - (ASN1_STRING *)a) - -#define M_ASN1_TIME_new() (ASN1_TIME *)\ - ASN1_STRING_type_new(V_ASN1_UTCTIME) -#define M_ASN1_TIME_free(a) ASN1_STRING_free((ASN1_STRING *)a) -#define M_ASN1_TIME_dup(a) (ASN1_TIME *)ASN1_STRING_dup((ASN1_STRING *)a) - -#define M_ASN1_GENERALSTRING_new() (ASN1_GENERALSTRING *)\ - ASN1_STRING_type_new(V_ASN1_GENERALSTRING) -#define M_ASN1_GENERALSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) -#define M_i2d_ASN1_GENERALSTRING(a,pp) \ - i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_GENERALSTRING,\ - V_ASN1_UNIVERSAL) -#define M_d2i_ASN1_GENERALSTRING(a,pp,l) \ - (ASN1_GENERALSTRING *)d2i_ASN1_type_bytes\ - ((ASN1_STRING **)a,pp,l,B_ASN1_GENERALSTRING) - -#define M_ASN1_UNIVERSALSTRING_new() (ASN1_UNIVERSALSTRING *)\ - ASN1_STRING_type_new(V_ASN1_UNIVERSALSTRING) -#define M_ASN1_UNIVERSALSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) -#define M_i2d_ASN1_UNIVERSALSTRING(a,pp) \ - i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_UNIVERSALSTRING,\ - V_ASN1_UNIVERSAL) -#define M_d2i_ASN1_UNIVERSALSTRING(a,pp,l) \ - (ASN1_UNIVERSALSTRING *)d2i_ASN1_type_bytes\ - ((ASN1_STRING **)a,pp,l,B_ASN1_UNIVERSALSTRING) - -#define M_ASN1_BMPSTRING_new() (ASN1_BMPSTRING *)\ - ASN1_STRING_type_new(V_ASN1_BMPSTRING) -#define M_ASN1_BMPSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) -#define M_i2d_ASN1_BMPSTRING(a,pp) \ - i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_BMPSTRING,\ - V_ASN1_UNIVERSAL) -#define M_d2i_ASN1_BMPSTRING(a,pp,l) \ - (ASN1_BMPSTRING *)d2i_ASN1_type_bytes\ - ((ASN1_STRING **)a,pp,l,B_ASN1_BMPSTRING) - -#define M_ASN1_VISIBLESTRING_new() (ASN1_VISIBLESTRING *)\ - ASN1_STRING_type_new(V_ASN1_VISIBLESTRING) -#define M_ASN1_VISIBLESTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) -#define M_i2d_ASN1_VISIBLESTRING(a,pp) \ - i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_VISIBLESTRING,\ - V_ASN1_UNIVERSAL) -#define M_d2i_ASN1_VISIBLESTRING(a,pp,l) \ - (ASN1_VISIBLESTRING *)d2i_ASN1_type_bytes\ - ((ASN1_STRING **)a,pp,l,B_ASN1_VISIBLESTRING) - -#define M_ASN1_UTF8STRING_new() (ASN1_UTF8STRING *)\ - ASN1_STRING_type_new(V_ASN1_UTF8STRING) -#define M_ASN1_UTF8STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) -#define M_i2d_ASN1_UTF8STRING(a,pp) \ - i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_UTF8STRING,\ - V_ASN1_UNIVERSAL) -#define M_d2i_ASN1_UTF8STRING(a,pp,l) \ - (ASN1_UTF8STRING *)d2i_ASN1_type_bytes\ - ((ASN1_STRING **)a,pp,l,B_ASN1_UTF8STRING) - - /* for the is_set parameter to i2d_ASN1_SET */ -#define IS_SEQUENCE 0 -#define IS_SET 1 - -ASN1_TYPE * ASN1_TYPE_new(void ); -void ASN1_TYPE_free(ASN1_TYPE *a); -int i2d_ASN1_TYPE(ASN1_TYPE *a,unsigned char **pp); -ASN1_TYPE * d2i_ASN1_TYPE(ASN1_TYPE **a,unsigned char **pp,long length); -int ASN1_TYPE_get(ASN1_TYPE *a); -void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value); - -ASN1_OBJECT * ASN1_OBJECT_new(void ); -void ASN1_OBJECT_free(ASN1_OBJECT *a); -int i2d_ASN1_OBJECT(ASN1_OBJECT *a,unsigned char **pp); -ASN1_OBJECT * c2i_ASN1_OBJECT(ASN1_OBJECT **a,unsigned char **pp, - long length); -ASN1_OBJECT * d2i_ASN1_OBJECT(ASN1_OBJECT **a,unsigned char **pp, - long length); - -DECLARE_STACK_OF(ASN1_OBJECT) -DECLARE_ASN1_SET_OF(ASN1_OBJECT) - -ASN1_STRING * ASN1_STRING_new(void); -void ASN1_STRING_free(ASN1_STRING *a); -ASN1_STRING * ASN1_STRING_dup(ASN1_STRING *a); -ASN1_STRING * ASN1_STRING_type_new(int type ); -int ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b); - /* Since this is used to store all sorts of things, via macros, for now, make - its data void * */ -int ASN1_STRING_set(ASN1_STRING *str, const void *data, int len); -int ASN1_STRING_length(ASN1_STRING *x); -void ASN1_STRING_length_set(ASN1_STRING *x, int n); -int ASN1_STRING_type(ASN1_STRING *x); -unsigned char * ASN1_STRING_data(ASN1_STRING *x); - -ASN1_BIT_STRING * ASN1_BIT_STRING_new(void); -void ASN1_BIT_STRING_free(ASN1_BIT_STRING *a); -int i2d_ASN1_BIT_STRING(ASN1_BIT_STRING *a,unsigned char **pp); -int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a,unsigned char **pp); -ASN1_BIT_STRING *d2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,unsigned char **pp, - long length); -ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,unsigned char **pp, - long length); -int ASN1_BIT_STRING_set(ASN1_BIT_STRING *a, unsigned char *d, - int length ); -int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value); -int ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n); - -#ifndef NO_BIO -int ASN1_BIT_STRING_name_print(BIO *out, ASN1_BIT_STRING *bs, - BIT_STRING_BITNAME *tbl, int indent); -#endif -int ASN1_BIT_STRING_num_asc(char *name, BIT_STRING_BITNAME *tbl); -int ASN1_BIT_STRING_set_asc(ASN1_BIT_STRING *bs, char *name, int value, - BIT_STRING_BITNAME *tbl); - -int i2d_ASN1_BOOLEAN(int a,unsigned char **pp); -int d2i_ASN1_BOOLEAN(int *a,unsigned char **pp,long length); - -ASN1_INTEGER * ASN1_INTEGER_new(void); -void ASN1_INTEGER_free(ASN1_INTEGER *a); -int i2d_ASN1_INTEGER(ASN1_INTEGER *a,unsigned char **pp); -int i2c_ASN1_INTEGER(ASN1_INTEGER *a,unsigned char **pp); -ASN1_INTEGER *d2i_ASN1_INTEGER(ASN1_INTEGER **a,unsigned char **pp, - long length); -ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a,unsigned char **pp, - long length); -ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a,unsigned char **pp, - long length); -ASN1_INTEGER * ASN1_INTEGER_dup(ASN1_INTEGER *x); -int ASN1_INTEGER_cmp(ASN1_INTEGER *x, ASN1_INTEGER *y); - -ASN1_ENUMERATED * ASN1_ENUMERATED_new(void); -void ASN1_ENUMERATED_free(ASN1_ENUMERATED *a); -int i2d_ASN1_ENUMERATED(ASN1_ENUMERATED *a,unsigned char **pp); -ASN1_ENUMERATED *d2i_ASN1_ENUMERATED(ASN1_ENUMERATED **a,unsigned char **pp, - long length); - -int ASN1_UTCTIME_check(ASN1_UTCTIME *a); -ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s,time_t t); -int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, char *str); -int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t); -#if 0 -time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s); -#endif - -int ASN1_GENERALIZEDTIME_check(ASN1_GENERALIZEDTIME *a); -ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,time_t t); -int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, char *str); - -ASN1_OCTET_STRING * ASN1_OCTET_STRING_new(void); -void ASN1_OCTET_STRING_free(ASN1_OCTET_STRING *a); -int i2d_ASN1_OCTET_STRING(ASN1_OCTET_STRING *a,unsigned char **pp); -ASN1_OCTET_STRING *d2i_ASN1_OCTET_STRING(ASN1_OCTET_STRING **a, - unsigned char **pp,long length); -ASN1_OCTET_STRING * ASN1_OCTET_STRING_dup(ASN1_OCTET_STRING *a); -int ASN1_OCTET_STRING_cmp(ASN1_OCTET_STRING *a, ASN1_OCTET_STRING *b); -int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *str, unsigned char *data, int len); - -ASN1_VISIBLESTRING * ASN1_VISIBLESTRING_new(void); -void ASN1_VISIBLESTRING_free(ASN1_VISIBLESTRING *a); -int i2d_ASN1_VISIBLESTRING(ASN1_VISIBLESTRING *a,unsigned char **pp); -ASN1_VISIBLESTRING *d2i_ASN1_VISIBLESTRING(ASN1_VISIBLESTRING **a, - unsigned char **pp,long length); - -ASN1_UTF8STRING * ASN1_UTF8STRING_new(void); -void ASN1_UTF8STRING_free(ASN1_UTF8STRING *a); -int i2d_ASN1_UTF8STRING(ASN1_UTF8STRING *a,unsigned char **pp); -ASN1_UTF8STRING *d2i_ASN1_UTF8STRING(ASN1_UTF8STRING **a, - unsigned char **pp,long length); - -ASN1_NULL * ASN1_NULL_new(void); -void ASN1_NULL_free(ASN1_NULL *a); -int i2d_ASN1_NULL(ASN1_NULL *a,unsigned char **pp); -ASN1_NULL *d2i_ASN1_NULL(ASN1_NULL **a, unsigned char **pp,long length); - -ASN1_BMPSTRING * ASN1_BMPSTRING_new(void); -void ASN1_BMPSTRING_free(ASN1_BMPSTRING *a); -int i2d_ASN1_BMPSTRING(ASN1_BMPSTRING *a, unsigned char **pp); -ASN1_BMPSTRING *d2i_ASN1_BMPSTRING(ASN1_BMPSTRING **a, unsigned char **pp, - long length); - - -int UTF8_getc(const unsigned char *str, int len, unsigned long *val); -int UTF8_putc(unsigned char *str, int len, unsigned long value); - -int i2d_ASN1_PRINTABLE(ASN1_STRING *a,unsigned char **pp); -ASN1_STRING *d2i_ASN1_PRINTABLE(ASN1_STRING **a, - unsigned char **pp, long l); - -ASN1_PRINTABLESTRING * ASN1_PRINTABLESTRING_new(void); -void ASN1_PRINTABLESTRING_free(ASN1_PRINTABLESTRING *a); -ASN1_PRINTABLESTRING *d2i_ASN1_PRINTABLESTRING(ASN1_PRINTABLESTRING **a, - unsigned char **pp, long l); -int i2d_ASN1_PRINTABLESTRING(ASN1_PRINTABLESTRING *a, unsigned char **pp); - -ASN1_STRING * DIRECTORYSTRING_new(void); -void DIRECTORYSTRING_free(ASN1_STRING *a); -int i2d_DIRECTORYSTRING(ASN1_STRING *a,unsigned char **pp); -ASN1_STRING *d2i_DIRECTORYSTRING(ASN1_STRING **a, unsigned char **pp, - long length); - -ASN1_STRING * DISPLAYTEXT_new(void); -void DISPLAYTEXT_free(ASN1_STRING *a); -int i2d_DISPLAYTEXT(ASN1_STRING *a,unsigned char **pp); -ASN1_STRING *d2i_DISPLAYTEXT(ASN1_STRING **a, unsigned char **pp, long length); - -ASN1_T61STRING * ASN1_T61STRING_new(void); -void ASN1_T61STRING_free(ASN1_IA5STRING *a); -ASN1_T61STRING *d2i_ASN1_T61STRING(ASN1_T61STRING **a, - unsigned char **pp, long l); - -ASN1_IA5STRING * ASN1_IA5STRING_new(void); -void ASN1_IA5STRING_free(ASN1_IA5STRING *a); -int i2d_ASN1_IA5STRING(ASN1_IA5STRING *a,unsigned char **pp); -ASN1_IA5STRING *d2i_ASN1_IA5STRING(ASN1_IA5STRING **a, - unsigned char **pp, long l); - -ASN1_UTCTIME * ASN1_UTCTIME_new(void); -void ASN1_UTCTIME_free(ASN1_UTCTIME *a); -int i2d_ASN1_UTCTIME(ASN1_UTCTIME *a,unsigned char **pp); -ASN1_UTCTIME * d2i_ASN1_UTCTIME(ASN1_UTCTIME **a,unsigned char **pp, - long length); - -ASN1_GENERALIZEDTIME * ASN1_GENERALIZEDTIME_new(void); -void ASN1_GENERALIZEDTIME_free(ASN1_GENERALIZEDTIME *a); -int i2d_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME *a,unsigned char **pp); -ASN1_GENERALIZEDTIME * d2i_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME **a,unsigned char **pp, - long length); - -ASN1_TIME * ASN1_TIME_new(void); -void ASN1_TIME_free(ASN1_TIME *a); -int i2d_ASN1_TIME(ASN1_TIME *a,unsigned char **pp); -ASN1_TIME * d2i_ASN1_TIME(ASN1_TIME **a,unsigned char **pp, long length); -ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s,time_t t); - -int i2d_ASN1_SET(STACK *a, unsigned char **pp, - int (*func)(), int ex_tag, int ex_class, int is_set); -STACK * d2i_ASN1_SET(STACK **a, unsigned char **pp, long length, - char *(*func)(), void (*free_func)(void *), - int ex_tag, int ex_class); - -#ifndef NO_BIO -int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a); -int a2i_ASN1_INTEGER(BIO *bp,ASN1_INTEGER *bs,char *buf,int size); -int i2a_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *a); -int a2i_ASN1_ENUMERATED(BIO *bp,ASN1_ENUMERATED *bs,char *buf,int size); -int i2a_ASN1_OBJECT(BIO *bp,ASN1_OBJECT *a); -int a2i_ASN1_STRING(BIO *bp,ASN1_STRING *bs,char *buf,int size); -int i2a_ASN1_STRING(BIO *bp, ASN1_STRING *a, int type); -#endif -int i2t_ASN1_OBJECT(char *buf,int buf_len,ASN1_OBJECT *a); - -int a2d_ASN1_OBJECT(unsigned char *out,int olen, const char *buf, int num); -ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data,int len, - char *sn, char *ln); - -int ASN1_INTEGER_set(ASN1_INTEGER *a, long v); -long ASN1_INTEGER_get(ASN1_INTEGER *a); -ASN1_INTEGER *BN_to_ASN1_INTEGER(BIGNUM *bn, ASN1_INTEGER *ai); -BIGNUM *ASN1_INTEGER_to_BN(ASN1_INTEGER *ai,BIGNUM *bn); - -int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v); -long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a); -ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai); -BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai,BIGNUM *bn); - -/* General */ -/* given a string, return the correct type, max is the maximum length */ -int ASN1_PRINTABLE_type(unsigned char *s, int max); - -int i2d_ASN1_bytes(ASN1_STRING *a, unsigned char **pp, int tag, int xclass); -ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, unsigned char **pp, - long length, int Ptag, int Pclass); -/* type is one or more of the B_ASN1_ values. */ -ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a,unsigned char **pp, - long length,int type); - -/* PARSING */ -int asn1_Finish(ASN1_CTX *c); - -/* SPECIALS */ -int ASN1_get_object(unsigned char **pp, long *plength, int *ptag, - int *pclass, long omax); -int ASN1_check_infinite_end(unsigned char **p,long len); -void ASN1_put_object(unsigned char **pp, int constructed, int length, - int tag, int xclass); -int ASN1_object_size(int constructed, int length, int tag); - -/* Used to implement other functions */ -char *ASN1_dup(int (*i2d)(),char *(*d2i)(),char *x); - -#ifndef NO_FP_API -char *ASN1_d2i_fp(char *(*xnew)(),char *(*d2i)(),FILE *fp,unsigned char **x); -int ASN1_i2d_fp(int (*i2d)(),FILE *out,unsigned char *x); -int ASN1_STRING_print_ex_fp(FILE *fp, ASN1_STRING *str, unsigned long flags); -#endif - -int ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in); - -#ifndef NO_BIO -char *ASN1_d2i_bio(char *(*xnew)(),char *(*d2i)(),BIO *bp,unsigned char **x); -int ASN1_i2d_bio(int (*i2d)(),BIO *out,unsigned char *x); -int ASN1_UTCTIME_print(BIO *fp,ASN1_UTCTIME *a); -int ASN1_GENERALIZEDTIME_print(BIO *fp,ASN1_GENERALIZEDTIME *a); -int ASN1_TIME_print(BIO *fp,ASN1_TIME *a); -int ASN1_STRING_print(BIO *bp,ASN1_STRING *v); -int ASN1_STRING_print_ex(BIO *out, ASN1_STRING *str, unsigned long flags); -int ASN1_parse(BIO *bp,unsigned char *pp,long len,int indent); -int ASN1_parse_dump(BIO *bp,unsigned char *pp,long len,int indent,int dump); -#endif -const char *ASN1_tag2str(int tag); - -/* Used to load and write netscape format cert/key */ -int i2d_ASN1_HEADER(ASN1_HEADER *a,unsigned char **pp); -ASN1_HEADER *d2i_ASN1_HEADER(ASN1_HEADER **a,unsigned char **pp, long length); -ASN1_HEADER *ASN1_HEADER_new(void ); -void ASN1_HEADER_free(ASN1_HEADER *a); - -int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s); - -void ERR_load_ASN1_strings(void); - -/* Not used that much at this point, except for the first two */ -ASN1_METHOD *X509_asn1_meth(void); -ASN1_METHOD *RSAPrivateKey_asn1_meth(void); -ASN1_METHOD *ASN1_IA5STRING_asn1_meth(void); -ASN1_METHOD *ASN1_BIT_STRING_asn1_meth(void); - -int ASN1_TYPE_set_octetstring(ASN1_TYPE *a, - unsigned char *data, int len); -int ASN1_TYPE_get_octetstring(ASN1_TYPE *a, - unsigned char *data, int max_len); -int ASN1_TYPE_set_int_octetstring(ASN1_TYPE *a, long num, - unsigned char *data, int len); -int ASN1_TYPE_get_int_octetstring(ASN1_TYPE *a,long *num, - unsigned char *data, int max_len); - -STACK *ASN1_seq_unpack(unsigned char *buf, int len, char *(*d2i)(), - void (*free_func)(void *) ); -unsigned char *ASN1_seq_pack(STACK *safes, int (*i2d)(), unsigned char **buf, - int *len ); -void *ASN1_unpack_string(ASN1_STRING *oct, char *(*d2i)()); -ASN1_STRING *ASN1_pack_string(void *obj, int (*i2d)(), ASN1_OCTET_STRING **oct); - -void ASN1_STRING_set_default_mask(unsigned long mask); -int ASN1_STRING_set_default_mask_asc(char *p); -unsigned long ASN1_STRING_get_default_mask(void); -int ASN1_mbstring_copy(ASN1_STRING **out, const unsigned char *in, int len, - int inform, unsigned long mask); -int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, - int inform, unsigned long mask, - long minsize, long maxsize); - -ASN1_STRING *ASN1_STRING_set_by_NID(ASN1_STRING **out, - const unsigned char *in, int inlen, int inform, int nid); -ASN1_STRING_TABLE *ASN1_STRING_TABLE_get(int nid); -int ASN1_STRING_TABLE_add(int, long, long, unsigned long, unsigned long); -void ASN1_STRING_TABLE_cleanup(void); - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ - -/* Error codes for the ASN1 functions. */ - -/* Function codes. */ -#define ASN1_F_A2D_ASN1_OBJECT 100 -#define ASN1_F_A2I_ASN1_ENUMERATED 236 -#define ASN1_F_A2I_ASN1_INTEGER 101 -#define ASN1_F_A2I_ASN1_STRING 102 -#define ASN1_F_ACCESS_DESCRIPTION_NEW 291 -#define ASN1_F_ASN1_COLLATE_PRIMITIVE 103 -#define ASN1_F_ASN1_D2I_BIO 104 -#define ASN1_F_ASN1_D2I_FP 105 -#define ASN1_F_ASN1_DUP 106 -#define ASN1_F_ASN1_ENUMERATED_SET 232 -#define ASN1_F_ASN1_ENUMERATED_TO_BN 233 -#define ASN1_F_ASN1_GENERALIZEDTIME_NEW 222 -#define ASN1_F_ASN1_GET_OBJECT 107 -#define ASN1_F_ASN1_HEADER_NEW 108 -#define ASN1_F_ASN1_I2D_BIO 109 -#define ASN1_F_ASN1_I2D_FP 110 -#define ASN1_F_ASN1_INTEGER_SET 111 -#define ASN1_F_ASN1_INTEGER_TO_BN 112 -#define ASN1_F_ASN1_MBSTRING_COPY 282 -#define ASN1_F_ASN1_OBJECT_NEW 113 -#define ASN1_F_ASN1_PACK_STRING 245 -#define ASN1_F_ASN1_PBE_SET 253 -#define ASN1_F_ASN1_SEQ_PACK 246 -#define ASN1_F_ASN1_SEQ_UNPACK 247 -#define ASN1_F_ASN1_SIGN 114 -#define ASN1_F_ASN1_STRING_NEW 115 -#define ASN1_F_ASN1_STRING_TABLE_ADD 283 -#define ASN1_F_ASN1_STRING_TYPE_NEW 116 -#define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING 117 -#define ASN1_F_ASN1_TYPE_GET_OCTETSTRING 118 -#define ASN1_F_ASN1_TYPE_NEW 119 -#define ASN1_F_ASN1_UNPACK_STRING 248 -#define ASN1_F_ASN1_UTCTIME_NEW 120 -#define ASN1_F_ASN1_VERIFY 121 -#define ASN1_F_AUTHORITY_KEYID_NEW 237 -#define ASN1_F_BASIC_CONSTRAINTS_NEW 226 -#define ASN1_F_BN_TO_ASN1_ENUMERATED 234 -#define ASN1_F_BN_TO_ASN1_INTEGER 122 -#define ASN1_F_D2I_ACCESS_DESCRIPTION 284 -#define ASN1_F_D2I_ASN1_BIT_STRING 123 -#define ASN1_F_D2I_ASN1_BMPSTRING 124 -#define ASN1_F_D2I_ASN1_BOOLEAN 125 -#define ASN1_F_D2I_ASN1_BYTES 126 -#define ASN1_F_D2I_ASN1_ENUMERATED 235 -#define ASN1_F_D2I_ASN1_GENERALIZEDTIME 223 -#define ASN1_F_D2I_ASN1_HEADER 127 -#define ASN1_F_D2I_ASN1_INTEGER 128 -#define ASN1_F_D2I_ASN1_NULL 292 -#define ASN1_F_D2I_ASN1_OBJECT 129 -#define ASN1_F_D2I_ASN1_OCTET_STRING 130 -#define ASN1_F_D2I_ASN1_PRINT_TYPE 131 -#define ASN1_F_D2I_ASN1_SET 132 -#define ASN1_F_D2I_ASN1_TIME 224 -#define ASN1_F_D2I_ASN1_TYPE 133 -#define ASN1_F_D2I_ASN1_TYPE_BYTES 134 -#define ASN1_F_D2I_ASN1_UINTEGER 280 -#define ASN1_F_D2I_ASN1_UTCTIME 135 -#define ASN1_F_D2I_ASN1_UTF8STRING 266 -#define ASN1_F_D2I_ASN1_VISIBLESTRING 267 -#define ASN1_F_D2I_AUTHORITY_KEYID 238 -#define ASN1_F_D2I_BASIC_CONSTRAINTS 227 -#define ASN1_F_D2I_DHPARAMS 136 -#define ASN1_F_D2I_DIST_POINT 276 -#define ASN1_F_D2I_DIST_POINT_NAME 277 -#define ASN1_F_D2I_DSAPARAMS 137 -#define ASN1_F_D2I_DSAPRIVATEKEY 138 -#define ASN1_F_D2I_DSAPUBLICKEY 139 -#define ASN1_F_D2I_GENERAL_NAME 230 -#define ASN1_F_D2I_NETSCAPE_CERT_SEQUENCE 228 -#define ASN1_F_D2I_NETSCAPE_PKEY 140 -#define ASN1_F_D2I_NETSCAPE_RSA 141 -#define ASN1_F_D2I_NETSCAPE_RSA_2 142 -#define ASN1_F_D2I_NETSCAPE_SPKAC 143 -#define ASN1_F_D2I_NETSCAPE_SPKI 144 -#define ASN1_F_D2I_NOTICEREF 268 -#define ASN1_F_D2I_OTHERNAME 287 -#define ASN1_F_D2I_PBE2PARAM 262 -#define ASN1_F_D2I_PBEPARAM 249 -#define ASN1_F_D2I_PBKDF2PARAM 263 -#define ASN1_F_D2I_PKCS12 254 -#define ASN1_F_D2I_PKCS12_BAGS 255 -#define ASN1_F_D2I_PKCS12_MAC_DATA 256 -#define ASN1_F_D2I_PKCS12_SAFEBAG 257 -#define ASN1_F_D2I_PKCS7 145 -#define ASN1_F_D2I_PKCS7_DIGEST 146 -#define ASN1_F_D2I_PKCS7_ENCRYPT 147 -#define ASN1_F_D2I_PKCS7_ENC_CONTENT 148 -#define ASN1_F_D2I_PKCS7_ENVELOPE 149 -#define ASN1_F_D2I_PKCS7_ISSUER_AND_SERIAL 150 -#define ASN1_F_D2I_PKCS7_RECIP_INFO 151 -#define ASN1_F_D2I_PKCS7_SIGNED 152 -#define ASN1_F_D2I_PKCS7_SIGNER_INFO 153 -#define ASN1_F_D2I_PKCS7_SIGN_ENVELOPE 154 -#define ASN1_F_D2I_PKCS8_PRIV_KEY_INFO 250 -#define ASN1_F_D2I_PKEY_USAGE_PERIOD 239 -#define ASN1_F_D2I_POLICYINFO 269 -#define ASN1_F_D2I_POLICYQUALINFO 270 -#define ASN1_F_D2I_PRIVATEKEY 155 -#define ASN1_F_D2I_PUBLICKEY 156 -#define ASN1_F_D2I_RSAPRIVATEKEY 157 -#define ASN1_F_D2I_RSAPUBLICKEY 158 -#define ASN1_F_D2I_SXNET 241 -#define ASN1_F_D2I_SXNETID 243 -#define ASN1_F_D2I_USERNOTICE 271 -#define ASN1_F_D2I_X509 159 -#define ASN1_F_D2I_X509_ALGOR 160 -#define ASN1_F_D2I_X509_ATTRIBUTE 161 -#define ASN1_F_D2I_X509_CERT_AUX 285 -#define ASN1_F_D2I_X509_CINF 162 -#define ASN1_F_D2I_X509_CRL 163 -#define ASN1_F_D2I_X509_CRL_INFO 164 -#define ASN1_F_D2I_X509_EXTENSION 165 -#define ASN1_F_D2I_X509_KEY 166 -#define ASN1_F_D2I_X509_NAME 167 -#define ASN1_F_D2I_X509_NAME_ENTRY 168 -#define ASN1_F_D2I_X509_PKEY 169 -#define ASN1_F_D2I_X509_PUBKEY 170 -#define ASN1_F_D2I_X509_REQ 171 -#define ASN1_F_D2I_X509_REQ_INFO 172 -#define ASN1_F_D2I_X509_REVOKED 173 -#define ASN1_F_D2I_X509_SIG 174 -#define ASN1_F_D2I_X509_VAL 175 -#define ASN1_F_DIST_POINT_NAME_NEW 278 -#define ASN1_F_DIST_POINT_NEW 279 -#define ASN1_F_GENERAL_NAME_NEW 231 -#define ASN1_F_I2D_ASN1_HEADER 176 -#define ASN1_F_I2D_ASN1_TIME 225 -#define ASN1_F_I2D_DHPARAMS 177 -#define ASN1_F_I2D_DSAPARAMS 178 -#define ASN1_F_I2D_DSAPRIVATEKEY 179 -#define ASN1_F_I2D_DSAPUBLICKEY 180 -#define ASN1_F_I2D_DSA_PUBKEY 290 -#define ASN1_F_I2D_NETSCAPE_RSA 181 -#define ASN1_F_I2D_PKCS7 182 -#define ASN1_F_I2D_PRIVATEKEY 183 -#define ASN1_F_I2D_PUBLICKEY 184 -#define ASN1_F_I2D_RSAPRIVATEKEY 185 -#define ASN1_F_I2D_RSAPUBLICKEY 186 -#define ASN1_F_I2D_RSA_PUBKEY 289 -#define ASN1_F_I2D_X509_ATTRIBUTE 187 -#define ASN1_F_I2T_ASN1_OBJECT 188 -#define ASN1_F_NETSCAPE_CERT_SEQUENCE_NEW 229 -#define ASN1_F_NETSCAPE_PKEY_NEW 189 -#define ASN1_F_NETSCAPE_SPKAC_NEW 190 -#define ASN1_F_NETSCAPE_SPKI_NEW 191 -#define ASN1_F_NOTICEREF_NEW 272 -#define ASN1_F_OTHERNAME_NEW 288 -#define ASN1_F_PBE2PARAM_NEW 264 -#define ASN1_F_PBEPARAM_NEW 251 -#define ASN1_F_PBKDF2PARAM_NEW 265 -#define ASN1_F_PKCS12_BAGS_NEW 258 -#define ASN1_F_PKCS12_MAC_DATA_NEW 259 -#define ASN1_F_PKCS12_NEW 260 -#define ASN1_F_PKCS12_SAFEBAG_NEW 261 -#define ASN1_F_PKCS5_PBE2_SET 281 -#define ASN1_F_PKCS7_DIGEST_NEW 192 -#define ASN1_F_PKCS7_ENCRYPT_NEW 193 -#define ASN1_F_PKCS7_ENC_CONTENT_NEW 194 -#define ASN1_F_PKCS7_ENVELOPE_NEW 195 -#define ASN1_F_PKCS7_ISSUER_AND_SERIAL_NEW 196 -#define ASN1_F_PKCS7_NEW 197 -#define ASN1_F_PKCS7_RECIP_INFO_NEW 198 -#define ASN1_F_PKCS7_SIGNED_NEW 199 -#define ASN1_F_PKCS7_SIGNER_INFO_NEW 200 -#define ASN1_F_PKCS7_SIGN_ENVELOPE_NEW 201 -#define ASN1_F_PKCS8_PRIV_KEY_INFO_NEW 252 -#define ASN1_F_PKEY_USAGE_PERIOD_NEW 240 -#define ASN1_F_POLICYINFO_NEW 273 -#define ASN1_F_POLICYQUALINFO_NEW 274 -#define ASN1_F_SXNETID_NEW 244 -#define ASN1_F_SXNET_NEW 242 -#define ASN1_F_USERNOTICE_NEW 275 -#define ASN1_F_X509_ALGOR_NEW 202 -#define ASN1_F_X509_ATTRIBUTE_NEW 203 -#define ASN1_F_X509_CERT_AUX_NEW 286 -#define ASN1_F_X509_CINF_NEW 204 -#define ASN1_F_X509_CRL_INFO_NEW 205 -#define ASN1_F_X509_CRL_NEW 206 -#define ASN1_F_X509_DHPARAMS_NEW 207 -#define ASN1_F_X509_EXTENSION_NEW 208 -#define ASN1_F_X509_INFO_NEW 209 -#define ASN1_F_X509_KEY_NEW 210 -#define ASN1_F_X509_NAME_ENTRY_NEW 211 -#define ASN1_F_X509_NAME_NEW 212 -#define ASN1_F_X509_NEW 213 -#define ASN1_F_X509_PKEY_NEW 214 -#define ASN1_F_X509_PUBKEY_NEW 215 -#define ASN1_F_X509_REQ_INFO_NEW 216 -#define ASN1_F_X509_REQ_NEW 217 -#define ASN1_F_X509_REVOKED_NEW 218 -#define ASN1_F_X509_SIG_NEW 219 -#define ASN1_F_X509_VAL_FREE 220 -#define ASN1_F_X509_VAL_NEW 221 - -/* Reason codes. */ -#define ASN1_R_BAD_CLASS 100 -#define ASN1_R_BAD_OBJECT_HEADER 101 -#define ASN1_R_BAD_PASSWORD_READ 102 -#define ASN1_R_BAD_PKCS7_CONTENT 103 -#define ASN1_R_BAD_PKCS7_TYPE 104 -#define ASN1_R_BAD_TAG 105 -#define ASN1_R_BAD_TYPE 106 -#define ASN1_R_BN_LIB 107 -#define ASN1_R_BOOLEAN_IS_WRONG_LENGTH 108 -#define ASN1_R_BUFFER_TOO_SMALL 109 -#define ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER 166 -#define ASN1_R_DATA_IS_WRONG 110 -#define ASN1_R_DECODE_ERROR 155 -#define ASN1_R_DECODING_ERROR 111 -#define ASN1_R_ENCODE_ERROR 156 -#define ASN1_R_ERROR_PARSING_SET_ELEMENT 112 -#define ASN1_R_ERROR_SETTING_CIPHER_PARAMS 157 -#define ASN1_R_EXPECTING_AN_ENUMERATED 154 -#define ASN1_R_EXPECTING_AN_INTEGER 113 -#define ASN1_R_EXPECTING_AN_OBJECT 114 -#define ASN1_R_EXPECTING_AN_OCTET_STRING 115 -#define ASN1_R_EXPECTING_A_BIT_STRING 116 -#define ASN1_R_EXPECTING_A_BOOLEAN 117 -#define ASN1_R_EXPECTING_A_GENERALIZEDTIME 151 -#define ASN1_R_EXPECTING_A_NULL 164 -#define ASN1_R_EXPECTING_A_TIME 152 -#define ASN1_R_EXPECTING_A_UTCTIME 118 -#define ASN1_R_FIRST_NUM_TOO_LARGE 119 -#define ASN1_R_GENERALIZEDTIME_TOO_LONG 153 -#define ASN1_R_HEADER_TOO_LONG 120 -#define ASN1_R_ILLEGAL_CHARACTERS 158 -#define ASN1_R_INVALID_BMPSTRING_LENGTH 159 -#define ASN1_R_INVALID_DIGIT 121 -#define ASN1_R_INVALID_SEPARATOR 122 -#define ASN1_R_INVALID_TIME_FORMAT 123 -#define ASN1_R_INVALID_UNIVERSALSTRING_LENGTH 160 -#define ASN1_R_INVALID_UTF8STRING 161 -#define ASN1_R_IV_TOO_LARGE 124 -#define ASN1_R_LENGTH_ERROR 125 -#define ASN1_R_MISSING_SECOND_NUMBER 126 -#define ASN1_R_NON_HEX_CHARACTERS 127 -#define ASN1_R_NOT_ENOUGH_DATA 128 -#define ASN1_R_NULL_IS_WRONG_LENGTH 165 -#define ASN1_R_ODD_NUMBER_OF_CHARS 129 -#define ASN1_R_PARSING 130 -#define ASN1_R_PRIVATE_KEY_HEADER_MISSING 131 -#define ASN1_R_SECOND_NUMBER_TOO_LARGE 132 -#define ASN1_R_SHORT_LINE 133 -#define ASN1_R_STRING_TOO_LONG 163 -#define ASN1_R_STRING_TOO_SHORT 134 -#define ASN1_R_TAG_VALUE_TOO_HIGH 135 -#define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 136 -#define ASN1_R_TOO_LONG 137 -#define ASN1_R_UNABLE_TO_DECODE_RSA_KEY 138 -#define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY 139 -#define ASN1_R_UNKNOWN_ATTRIBUTE_TYPE 140 -#define ASN1_R_UNKNOWN_FORMAT 162 -#define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM 141 -#define ASN1_R_UNKNOWN_OBJECT_TYPE 142 -#define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE 143 -#define ASN1_R_UNSUPPORTED_CIPHER 144 -#define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM 145 -#define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE 146 -#define ASN1_R_UTCTIME_TOO_LONG 147 -#define ASN1_R_WRONG_PRINTABLE_TYPE 148 -#define ASN1_R_WRONG_TAG 149 -#define ASN1_R_WRONG_TYPE 150 - -#ifdef __cplusplus -} -#endif -#endif - diff --git a/src/lib/libcrypto/asn1/asn1_err.c b/src/lib/libcrypto/asn1/asn1_err.c deleted file mode 100644 index cecd555c88..0000000000 --- a/src/lib/libcrypto/asn1/asn1_err.c +++ /dev/null @@ -1,352 +0,0 @@ -/* crypto/asn1/asn1_err.c */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* NOTE: this file was auto generated by the mkerr.pl script: any changes - * made to it will be overwritten when the script next updates this file, - * only reason strings will be preserved. - */ - -#include -#include -#include - -/* BEGIN ERROR CODES */ -#ifndef NO_ERR -static ERR_STRING_DATA ASN1_str_functs[]= - { -{ERR_PACK(0,ASN1_F_A2D_ASN1_OBJECT,0), "a2d_ASN1_OBJECT"}, -{ERR_PACK(0,ASN1_F_A2I_ASN1_ENUMERATED,0), "a2i_ASN1_ENUMERATED"}, -{ERR_PACK(0,ASN1_F_A2I_ASN1_INTEGER,0), "a2i_ASN1_INTEGER"}, -{ERR_PACK(0,ASN1_F_A2I_ASN1_STRING,0), "a2i_ASN1_STRING"}, -{ERR_PACK(0,ASN1_F_ACCESS_DESCRIPTION_NEW,0), "ACCESS_DESCRIPTION_new"}, -{ERR_PACK(0,ASN1_F_ASN1_COLLATE_PRIMITIVE,0), "ASN1_COLLATE_PRIMITIVE"}, -{ERR_PACK(0,ASN1_F_ASN1_D2I_BIO,0), "ASN1_d2i_bio"}, -{ERR_PACK(0,ASN1_F_ASN1_D2I_FP,0), "ASN1_d2i_fp"}, -{ERR_PACK(0,ASN1_F_ASN1_DUP,0), "ASN1_dup"}, -{ERR_PACK(0,ASN1_F_ASN1_ENUMERATED_SET,0), "ASN1_ENUMERATED_set"}, -{ERR_PACK(0,ASN1_F_ASN1_ENUMERATED_TO_BN,0), "ASN1_ENUMERATED_to_BN"}, -{ERR_PACK(0,ASN1_F_ASN1_GENERALIZEDTIME_NEW,0), "ASN1_GENERALIZEDTIME_new"}, -{ERR_PACK(0,ASN1_F_ASN1_GET_OBJECT,0), "ASN1_get_object"}, -{ERR_PACK(0,ASN1_F_ASN1_HEADER_NEW,0), "ASN1_HEADER_new"}, -{ERR_PACK(0,ASN1_F_ASN1_I2D_BIO,0), "ASN1_i2d_bio"}, -{ERR_PACK(0,ASN1_F_ASN1_I2D_FP,0), "ASN1_i2d_fp"}, -{ERR_PACK(0,ASN1_F_ASN1_INTEGER_SET,0), "ASN1_INTEGER_set"}, -{ERR_PACK(0,ASN1_F_ASN1_INTEGER_TO_BN,0), "ASN1_INTEGER_to_BN"}, -{ERR_PACK(0,ASN1_F_ASN1_MBSTRING_COPY,0), "ASN1_mbstring_copy"}, -{ERR_PACK(0,ASN1_F_ASN1_OBJECT_NEW,0), "ASN1_OBJECT_new"}, -{ERR_PACK(0,ASN1_F_ASN1_PACK_STRING,0), "ASN1_pack_string"}, -{ERR_PACK(0,ASN1_F_ASN1_PBE_SET,0), "ASN1_PBE_SET"}, -{ERR_PACK(0,ASN1_F_ASN1_SEQ_PACK,0), "ASN1_seq_pack"}, -{ERR_PACK(0,ASN1_F_ASN1_SEQ_UNPACK,0), "ASN1_seq_unpack"}, -{ERR_PACK(0,ASN1_F_ASN1_SIGN,0), "ASN1_sign"}, -{ERR_PACK(0,ASN1_F_ASN1_STRING_NEW,0), "ASN1_STRING_new"}, -{ERR_PACK(0,ASN1_F_ASN1_STRING_TABLE_ADD,0), "ASN1_STRING_TABLE_add"}, -{ERR_PACK(0,ASN1_F_ASN1_STRING_TYPE_NEW,0), "ASN1_STRING_type_new"}, -{ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING,0), "ASN1_TYPE_get_int_octetstring"}, -{ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_OCTETSTRING,0), "ASN1_TYPE_get_octetstring"}, -{ERR_PACK(0,ASN1_F_ASN1_TYPE_NEW,0), "ASN1_TYPE_new"}, -{ERR_PACK(0,ASN1_F_ASN1_UNPACK_STRING,0), "ASN1_unpack_string"}, -{ERR_PACK(0,ASN1_F_ASN1_UTCTIME_NEW,0), "ASN1_UTCTIME_new"}, -{ERR_PACK(0,ASN1_F_ASN1_VERIFY,0), "ASN1_verify"}, -{ERR_PACK(0,ASN1_F_AUTHORITY_KEYID_NEW,0), "AUTHORITY_KEYID_new"}, -{ERR_PACK(0,ASN1_F_BASIC_CONSTRAINTS_NEW,0), "BASIC_CONSTRAINTS_new"}, -{ERR_PACK(0,ASN1_F_BN_TO_ASN1_ENUMERATED,0), "BN_to_ASN1_ENUMERATED"}, -{ERR_PACK(0,ASN1_F_BN_TO_ASN1_INTEGER,0), "BN_to_ASN1_INTEGER"}, -{ERR_PACK(0,ASN1_F_D2I_ACCESS_DESCRIPTION,0), "d2i_ACCESS_DESCRIPTION"}, -{ERR_PACK(0,ASN1_F_D2I_ASN1_BIT_STRING,0), "d2i_ASN1_BIT_STRING"}, -{ERR_PACK(0,ASN1_F_D2I_ASN1_BMPSTRING,0), "d2i_ASN1_BMPSTRING"}, -{ERR_PACK(0,ASN1_F_D2I_ASN1_BOOLEAN,0), "d2i_ASN1_BOOLEAN"}, -{ERR_PACK(0,ASN1_F_D2I_ASN1_BYTES,0), "d2i_ASN1_bytes"}, -{ERR_PACK(0,ASN1_F_D2I_ASN1_ENUMERATED,0), "d2i_ASN1_ENUMERATED"}, -{ERR_PACK(0,ASN1_F_D2I_ASN1_GENERALIZEDTIME,0), "d2i_ASN1_GENERALIZEDTIME"}, -{ERR_PACK(0,ASN1_F_D2I_ASN1_HEADER,0), "d2i_ASN1_HEADER"}, -{ERR_PACK(0,ASN1_F_D2I_ASN1_INTEGER,0), "d2i_ASN1_INTEGER"}, -{ERR_PACK(0,ASN1_F_D2I_ASN1_NULL,0), "d2i_ASN1_NULL"}, -{ERR_PACK(0,ASN1_F_D2I_ASN1_OBJECT,0), "d2i_ASN1_OBJECT"}, -{ERR_PACK(0,ASN1_F_D2I_ASN1_OCTET_STRING,0), "d2i_ASN1_OCTET_STRING"}, -{ERR_PACK(0,ASN1_F_D2I_ASN1_PRINT_TYPE,0), "D2I_ASN1_PRINT_TYPE"}, -{ERR_PACK(0,ASN1_F_D2I_ASN1_SET,0), "d2i_ASN1_SET"}, -{ERR_PACK(0,ASN1_F_D2I_ASN1_TIME,0), "d2i_ASN1_TIME"}, -{ERR_PACK(0,ASN1_F_D2I_ASN1_TYPE,0), "d2i_ASN1_TYPE"}, -{ERR_PACK(0,ASN1_F_D2I_ASN1_TYPE_BYTES,0), "d2i_ASN1_type_bytes"}, -{ERR_PACK(0,ASN1_F_D2I_ASN1_UINTEGER,0), "d2i_ASN1_UINTEGER"}, -{ERR_PACK(0,ASN1_F_D2I_ASN1_UTCTIME,0), "d2i_ASN1_UTCTIME"}, -{ERR_PACK(0,ASN1_F_D2I_ASN1_UTF8STRING,0), "d2i_ASN1_UTF8STRING"}, -{ERR_PACK(0,ASN1_F_D2I_ASN1_VISIBLESTRING,0), "d2i_ASN1_VISIBLESTRING"}, -{ERR_PACK(0,ASN1_F_D2I_AUTHORITY_KEYID,0), "d2i_AUTHORITY_KEYID"}, -{ERR_PACK(0,ASN1_F_D2I_BASIC_CONSTRAINTS,0), "d2i_BASIC_CONSTRAINTS"}, -{ERR_PACK(0,ASN1_F_D2I_DHPARAMS,0), "d2i_DHparams"}, -{ERR_PACK(0,ASN1_F_D2I_DIST_POINT,0), "d2i_DIST_POINT"}, -{ERR_PACK(0,ASN1_F_D2I_DIST_POINT_NAME,0), "d2i_DIST_POINT_NAME"}, -{ERR_PACK(0,ASN1_F_D2I_DSAPARAMS,0), "d2i_DSAparams"}, -{ERR_PACK(0,ASN1_F_D2I_DSAPRIVATEKEY,0), "d2i_DSAPrivateKey"}, -{ERR_PACK(0,ASN1_F_D2I_DSAPUBLICKEY,0), "d2i_DSAPublicKey"}, -{ERR_PACK(0,ASN1_F_D2I_GENERAL_NAME,0), "d2i_GENERAL_NAME"}, -{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_CERT_SEQUENCE,0), "d2i_NETSCAPE_CERT_SEQUENCE"}, -{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_PKEY,0), "D2I_NETSCAPE_PKEY"}, -{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_RSA,0), "d2i_Netscape_RSA"}, -{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_RSA_2,0), "d2i_Netscape_RSA_2"}, -{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_SPKAC,0), "d2i_NETSCAPE_SPKAC"}, -{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_SPKI,0), "d2i_NETSCAPE_SPKI"}, -{ERR_PACK(0,ASN1_F_D2I_NOTICEREF,0), "d2i_NOTICEREF"}, -{ERR_PACK(0,ASN1_F_D2I_OTHERNAME,0), "d2i_OTHERNAME"}, -{ERR_PACK(0,ASN1_F_D2I_PBE2PARAM,0), "d2i_PBE2PARAM"}, -{ERR_PACK(0,ASN1_F_D2I_PBEPARAM,0), "d2i_PBEPARAM"}, -{ERR_PACK(0,ASN1_F_D2I_PBKDF2PARAM,0), "d2i_PBKDF2PARAM"}, -{ERR_PACK(0,ASN1_F_D2I_PKCS12,0), "d2i_PKCS12"}, -{ERR_PACK(0,ASN1_F_D2I_PKCS12_BAGS,0), "d2i_PKCS12_BAGS"}, -{ERR_PACK(0,ASN1_F_D2I_PKCS12_MAC_DATA,0), "d2i_PKCS12_MAC_DATA"}, -{ERR_PACK(0,ASN1_F_D2I_PKCS12_SAFEBAG,0), "d2i_PKCS12_SAFEBAG"}, -{ERR_PACK(0,ASN1_F_D2I_PKCS7,0), "d2i_PKCS7"}, -{ERR_PACK(0,ASN1_F_D2I_PKCS7_DIGEST,0), "d2i_PKCS7_DIGEST"}, -{ERR_PACK(0,ASN1_F_D2I_PKCS7_ENCRYPT,0), "d2i_PKCS7_ENCRYPT"}, -{ERR_PACK(0,ASN1_F_D2I_PKCS7_ENC_CONTENT,0), "d2i_PKCS7_ENC_CONTENT"}, -{ERR_PACK(0,ASN1_F_D2I_PKCS7_ENVELOPE,0), "d2i_PKCS7_ENVELOPE"}, -{ERR_PACK(0,ASN1_F_D2I_PKCS7_ISSUER_AND_SERIAL,0), "d2i_PKCS7_ISSUER_AND_SERIAL"}, -{ERR_PACK(0,ASN1_F_D2I_PKCS7_RECIP_INFO,0), "d2i_PKCS7_RECIP_INFO"}, -{ERR_PACK(0,ASN1_F_D2I_PKCS7_SIGNED,0), "d2i_PKCS7_SIGNED"}, -{ERR_PACK(0,ASN1_F_D2I_PKCS7_SIGNER_INFO,0), "d2i_PKCS7_SIGNER_INFO"}, -{ERR_PACK(0,ASN1_F_D2I_PKCS7_SIGN_ENVELOPE,0), "d2i_PKCS7_SIGN_ENVELOPE"}, -{ERR_PACK(0,ASN1_F_D2I_PKCS8_PRIV_KEY_INFO,0), "d2i_PKCS8_PRIV_KEY_INFO"}, -{ERR_PACK(0,ASN1_F_D2I_PKEY_USAGE_PERIOD,0), "d2i_PKEY_USAGE_PERIOD"}, -{ERR_PACK(0,ASN1_F_D2I_POLICYINFO,0), "d2i_POLICYINFO"}, -{ERR_PACK(0,ASN1_F_D2I_POLICYQUALINFO,0), "d2i_POLICYQUALINFO"}, -{ERR_PACK(0,ASN1_F_D2I_PRIVATEKEY,0), "d2i_PrivateKey"}, -{ERR_PACK(0,ASN1_F_D2I_PUBLICKEY,0), "d2i_PublicKey"}, -{ERR_PACK(0,ASN1_F_D2I_RSAPRIVATEKEY,0), "d2i_RSAPrivateKey"}, -{ERR_PACK(0,ASN1_F_D2I_RSAPUBLICKEY,0), "d2i_RSAPublicKey"}, -{ERR_PACK(0,ASN1_F_D2I_SXNET,0), "d2i_SXNET"}, -{ERR_PACK(0,ASN1_F_D2I_SXNETID,0), "d2i_SXNETID"}, -{ERR_PACK(0,ASN1_F_D2I_USERNOTICE,0), "d2i_USERNOTICE"}, -{ERR_PACK(0,ASN1_F_D2I_X509,0), "d2i_X509"}, -{ERR_PACK(0,ASN1_F_D2I_X509_ALGOR,0), "d2i_X509_ALGOR"}, -{ERR_PACK(0,ASN1_F_D2I_X509_ATTRIBUTE,0), "d2i_X509_ATTRIBUTE"}, -{ERR_PACK(0,ASN1_F_D2I_X509_CERT_AUX,0), "d2i_X509_CERT_AUX"}, -{ERR_PACK(0,ASN1_F_D2I_X509_CINF,0), "d2i_X509_CINF"}, -{ERR_PACK(0,ASN1_F_D2I_X509_CRL,0), "d2i_X509_CRL"}, -{ERR_PACK(0,ASN1_F_D2I_X509_CRL_INFO,0), "d2i_X509_CRL_INFO"}, -{ERR_PACK(0,ASN1_F_D2I_X509_EXTENSION,0), "d2i_X509_EXTENSION"}, -{ERR_PACK(0,ASN1_F_D2I_X509_KEY,0), "D2I_X509_KEY"}, -{ERR_PACK(0,ASN1_F_D2I_X509_NAME,0), "d2i_X509_NAME"}, -{ERR_PACK(0,ASN1_F_D2I_X509_NAME_ENTRY,0), "d2i_X509_NAME_ENTRY"}, -{ERR_PACK(0,ASN1_F_D2I_X509_PKEY,0), "d2i_X509_PKEY"}, -{ERR_PACK(0,ASN1_F_D2I_X509_PUBKEY,0), "d2i_X509_PUBKEY"}, -{ERR_PACK(0,ASN1_F_D2I_X509_REQ,0), "d2i_X509_REQ"}, -{ERR_PACK(0,ASN1_F_D2I_X509_REQ_INFO,0), "d2i_X509_REQ_INFO"}, -{ERR_PACK(0,ASN1_F_D2I_X509_REVOKED,0), "d2i_X509_REVOKED"}, -{ERR_PACK(0,ASN1_F_D2I_X509_SIG,0), "d2i_X509_SIG"}, -{ERR_PACK(0,ASN1_F_D2I_X509_VAL,0), "d2i_X509_VAL"}, -{ERR_PACK(0,ASN1_F_DIST_POINT_NAME_NEW,0), "DIST_POINT_NAME_new"}, -{ERR_PACK(0,ASN1_F_DIST_POINT_NEW,0), "DIST_POINT_new"}, -{ERR_PACK(0,ASN1_F_GENERAL_NAME_NEW,0), "GENERAL_NAME_new"}, -{ERR_PACK(0,ASN1_F_I2D_ASN1_HEADER,0), "i2d_ASN1_HEADER"}, -{ERR_PACK(0,ASN1_F_I2D_ASN1_TIME,0), "i2d_ASN1_TIME"}, -{ERR_PACK(0,ASN1_F_I2D_DHPARAMS,0), "i2d_DHparams"}, -{ERR_PACK(0,ASN1_F_I2D_DSAPARAMS,0), "i2d_DSAparams"}, -{ERR_PACK(0,ASN1_F_I2D_DSAPRIVATEKEY,0), "i2d_DSAPrivateKey"}, -{ERR_PACK(0,ASN1_F_I2D_DSAPUBLICKEY,0), "i2d_DSAPublicKey"}, -{ERR_PACK(0,ASN1_F_I2D_DSA_PUBKEY,0), "i2d_DSA_PUBKEY"}, -{ERR_PACK(0,ASN1_F_I2D_NETSCAPE_RSA,0), "i2d_Netscape_RSA"}, -{ERR_PACK(0,ASN1_F_I2D_PKCS7,0), "i2d_PKCS7"}, -{ERR_PACK(0,ASN1_F_I2D_PRIVATEKEY,0), "i2d_PrivateKey"}, -{ERR_PACK(0,ASN1_F_I2D_PUBLICKEY,0), "i2d_PublicKey"}, -{ERR_PACK(0,ASN1_F_I2D_RSAPRIVATEKEY,0), "i2d_RSAPrivateKey"}, -{ERR_PACK(0,ASN1_F_I2D_RSAPUBLICKEY,0), "i2d_RSAPublicKey"}, -{ERR_PACK(0,ASN1_F_I2D_RSA_PUBKEY,0), "i2d_RSA_PUBKEY"}, -{ERR_PACK(0,ASN1_F_I2D_X509_ATTRIBUTE,0), "i2d_X509_ATTRIBUTE"}, -{ERR_PACK(0,ASN1_F_I2T_ASN1_OBJECT,0), "i2t_ASN1_OBJECT"}, -{ERR_PACK(0,ASN1_F_NETSCAPE_CERT_SEQUENCE_NEW,0), "NETSCAPE_CERT_SEQUENCE_new"}, -{ERR_PACK(0,ASN1_F_NETSCAPE_PKEY_NEW,0), "NETSCAPE_PKEY_NEW"}, -{ERR_PACK(0,ASN1_F_NETSCAPE_SPKAC_NEW,0), "NETSCAPE_SPKAC_new"}, -{ERR_PACK(0,ASN1_F_NETSCAPE_SPKI_NEW,0), "NETSCAPE_SPKI_new"}, -{ERR_PACK(0,ASN1_F_NOTICEREF_NEW,0), "NOTICEREF_new"}, -{ERR_PACK(0,ASN1_F_OTHERNAME_NEW,0), "OTHERNAME_new"}, -{ERR_PACK(0,ASN1_F_PBE2PARAM_NEW,0), "PBE2PARAM_new"}, -{ERR_PACK(0,ASN1_F_PBEPARAM_NEW,0), "PBEPARAM_new"}, -{ERR_PACK(0,ASN1_F_PBKDF2PARAM_NEW,0), "PBKDF2PARAM_new"}, -{ERR_PACK(0,ASN1_F_PKCS12_BAGS_NEW,0), "PKCS12_BAGS_new"}, -{ERR_PACK(0,ASN1_F_PKCS12_MAC_DATA_NEW,0), "PKCS12_MAC_DATA_new"}, -{ERR_PACK(0,ASN1_F_PKCS12_NEW,0), "PKCS12_new"}, -{ERR_PACK(0,ASN1_F_PKCS12_SAFEBAG_NEW,0), "PKCS12_SAFEBAG_new"}, -{ERR_PACK(0,ASN1_F_PKCS5_PBE2_SET,0), "PKCS5_pbe2_set"}, -{ERR_PACK(0,ASN1_F_PKCS7_DIGEST_NEW,0), "PKCS7_DIGEST_new"}, -{ERR_PACK(0,ASN1_F_PKCS7_ENCRYPT_NEW,0), "PKCS7_ENCRYPT_new"}, -{ERR_PACK(0,ASN1_F_PKCS7_ENC_CONTENT_NEW,0), "PKCS7_ENC_CONTENT_new"}, -{ERR_PACK(0,ASN1_F_PKCS7_ENVELOPE_NEW,0), "PKCS7_ENVELOPE_new"}, -{ERR_PACK(0,ASN1_F_PKCS7_ISSUER_AND_SERIAL_NEW,0), "PKCS7_ISSUER_AND_SERIAL_new"}, -{ERR_PACK(0,ASN1_F_PKCS7_NEW,0), "PKCS7_new"}, -{ERR_PACK(0,ASN1_F_PKCS7_RECIP_INFO_NEW,0), "PKCS7_RECIP_INFO_new"}, -{ERR_PACK(0,ASN1_F_PKCS7_SIGNED_NEW,0), "PKCS7_SIGNED_new"}, -{ERR_PACK(0,ASN1_F_PKCS7_SIGNER_INFO_NEW,0), "PKCS7_SIGNER_INFO_new"}, -{ERR_PACK(0,ASN1_F_PKCS7_SIGN_ENVELOPE_NEW,0), "PKCS7_SIGN_ENVELOPE_new"}, -{ERR_PACK(0,ASN1_F_PKCS8_PRIV_KEY_INFO_NEW,0), "PKCS8_PRIV_KEY_INFO_new"}, -{ERR_PACK(0,ASN1_F_PKEY_USAGE_PERIOD_NEW,0), "PKEY_USAGE_PERIOD_new"}, -{ERR_PACK(0,ASN1_F_POLICYINFO_NEW,0), "POLICYINFO_new"}, -{ERR_PACK(0,ASN1_F_POLICYQUALINFO_NEW,0), "POLICYQUALINFO_new"}, -{ERR_PACK(0,ASN1_F_SXNETID_NEW,0), "SXNETID_new"}, -{ERR_PACK(0,ASN1_F_SXNET_NEW,0), "SXNET_new"}, -{ERR_PACK(0,ASN1_F_USERNOTICE_NEW,0), "USERNOTICE_new"}, -{ERR_PACK(0,ASN1_F_X509_ALGOR_NEW,0), "X509_ALGOR_new"}, -{ERR_PACK(0,ASN1_F_X509_ATTRIBUTE_NEW,0), "X509_ATTRIBUTE_new"}, -{ERR_PACK(0,ASN1_F_X509_CERT_AUX_NEW,0), "X509_CERT_AUX_new"}, -{ERR_PACK(0,ASN1_F_X509_CINF_NEW,0), "X509_CINF_new"}, -{ERR_PACK(0,ASN1_F_X509_CRL_INFO_NEW,0), "X509_CRL_INFO_new"}, -{ERR_PACK(0,ASN1_F_X509_CRL_NEW,0), "X509_CRL_new"}, -{ERR_PACK(0,ASN1_F_X509_DHPARAMS_NEW,0), "X509_DHPARAMS_NEW"}, -{ERR_PACK(0,ASN1_F_X509_EXTENSION_NEW,0), "X509_EXTENSION_new"}, -{ERR_PACK(0,ASN1_F_X509_INFO_NEW,0), "X509_INFO_new"}, -{ERR_PACK(0,ASN1_F_X509_KEY_NEW,0), "X509_KEY_NEW"}, -{ERR_PACK(0,ASN1_F_X509_NAME_ENTRY_NEW,0), "X509_NAME_ENTRY_new"}, -{ERR_PACK(0,ASN1_F_X509_NAME_NEW,0), "X509_NAME_new"}, -{ERR_PACK(0,ASN1_F_X509_NEW,0), "X509_new"}, -{ERR_PACK(0,ASN1_F_X509_PKEY_NEW,0), "X509_PKEY_new"}, -{ERR_PACK(0,ASN1_F_X509_PUBKEY_NEW,0), "X509_PUBKEY_new"}, -{ERR_PACK(0,ASN1_F_X509_REQ_INFO_NEW,0), "X509_REQ_INFO_new"}, -{ERR_PACK(0,ASN1_F_X509_REQ_NEW,0), "X509_REQ_new"}, -{ERR_PACK(0,ASN1_F_X509_REVOKED_NEW,0), "X509_REVOKED_new"}, -{ERR_PACK(0,ASN1_F_X509_SIG_NEW,0), "X509_SIG_new"}, -{ERR_PACK(0,ASN1_F_X509_VAL_FREE,0), "X509_VAL_free"}, -{ERR_PACK(0,ASN1_F_X509_VAL_NEW,0), "X509_VAL_new"}, -{0,NULL} - }; - -static ERR_STRING_DATA ASN1_str_reasons[]= - { -{ASN1_R_BAD_CLASS ,"bad class"}, -{ASN1_R_BAD_OBJECT_HEADER ,"bad object header"}, -{ASN1_R_BAD_PASSWORD_READ ,"bad password read"}, -{ASN1_R_BAD_PKCS7_CONTENT ,"bad pkcs7 content"}, -{ASN1_R_BAD_PKCS7_TYPE ,"bad pkcs7 type"}, -{ASN1_R_BAD_TAG ,"bad tag"}, -{ASN1_R_BAD_TYPE ,"bad type"}, -{ASN1_R_BN_LIB ,"bn lib"}, -{ASN1_R_BOOLEAN_IS_WRONG_LENGTH ,"boolean is wrong length"}, -{ASN1_R_BUFFER_TOO_SMALL ,"buffer too small"}, -{ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER ,"cipher has no object identifier"}, -{ASN1_R_DATA_IS_WRONG ,"data is wrong"}, -{ASN1_R_DECODE_ERROR ,"decode error"}, -{ASN1_R_DECODING_ERROR ,"decoding error"}, -{ASN1_R_ENCODE_ERROR ,"encode error"}, -{ASN1_R_ERROR_PARSING_SET_ELEMENT ,"error parsing set element"}, -{ASN1_R_ERROR_SETTING_CIPHER_PARAMS ,"error setting cipher params"}, -{ASN1_R_EXPECTING_AN_ENUMERATED ,"expecting an enumerated"}, -{ASN1_R_EXPECTING_AN_INTEGER ,"expecting an integer"}, -{ASN1_R_EXPECTING_AN_OBJECT ,"expecting an object"}, -{ASN1_R_EXPECTING_AN_OCTET_STRING ,"expecting an octet string"}, -{ASN1_R_EXPECTING_A_BIT_STRING ,"expecting a bit string"}, -{ASN1_R_EXPECTING_A_BOOLEAN ,"expecting a boolean"}, -{ASN1_R_EXPECTING_A_GENERALIZEDTIME ,"expecting a generalizedtime"}, -{ASN1_R_EXPECTING_A_NULL ,"expecting a null"}, -{ASN1_R_EXPECTING_A_TIME ,"expecting a time"}, -{ASN1_R_EXPECTING_A_UTCTIME ,"expecting a utctime"}, -{ASN1_R_FIRST_NUM_TOO_LARGE ,"first num too large"}, -{ASN1_R_GENERALIZEDTIME_TOO_LONG ,"generalizedtime too long"}, -{ASN1_R_HEADER_TOO_LONG ,"header too long"}, -{ASN1_R_ILLEGAL_CHARACTERS ,"illegal characters"}, -{ASN1_R_INVALID_BMPSTRING_LENGTH ,"invalid bmpstring length"}, -{ASN1_R_INVALID_DIGIT ,"invalid digit"}, -{ASN1_R_INVALID_SEPARATOR ,"invalid separator"}, -{ASN1_R_INVALID_TIME_FORMAT ,"invalid time format"}, -{ASN1_R_INVALID_UNIVERSALSTRING_LENGTH ,"invalid universalstring length"}, -{ASN1_R_INVALID_UTF8STRING ,"invalid utf8string"}, -{ASN1_R_IV_TOO_LARGE ,"iv too large"}, -{ASN1_R_LENGTH_ERROR ,"length error"}, -{ASN1_R_MISSING_SECOND_NUMBER ,"missing second number"}, -{ASN1_R_NON_HEX_CHARACTERS ,"non hex characters"}, -{ASN1_R_NOT_ENOUGH_DATA ,"not enough data"}, -{ASN1_R_NULL_IS_WRONG_LENGTH ,"null is wrong length"}, -{ASN1_R_ODD_NUMBER_OF_CHARS ,"odd number of chars"}, -{ASN1_R_PARSING ,"parsing"}, -{ASN1_R_PRIVATE_KEY_HEADER_MISSING ,"private key header missing"}, -{ASN1_R_SECOND_NUMBER_TOO_LARGE ,"second number too large"}, -{ASN1_R_SHORT_LINE ,"short line"}, -{ASN1_R_STRING_TOO_LONG ,"string too long"}, -{ASN1_R_STRING_TOO_SHORT ,"string too short"}, -{ASN1_R_TAG_VALUE_TOO_HIGH ,"tag value too high"}, -{ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD,"the asn1 object identifier is not known for this md"}, -{ASN1_R_TOO_LONG ,"too long"}, -{ASN1_R_UNABLE_TO_DECODE_RSA_KEY ,"unable to decode rsa key"}, -{ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY ,"unable to decode rsa private key"}, -{ASN1_R_UNKNOWN_ATTRIBUTE_TYPE ,"unknown attribute type"}, -{ASN1_R_UNKNOWN_FORMAT ,"unknown format"}, -{ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM ,"unknown message digest algorithm"}, -{ASN1_R_UNKNOWN_OBJECT_TYPE ,"unknown object type"}, -{ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE ,"unknown public key type"}, -{ASN1_R_UNSUPPORTED_CIPHER ,"unsupported cipher"}, -{ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM ,"unsupported encryption algorithm"}, -{ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE ,"unsupported public key type"}, -{ASN1_R_UTCTIME_TOO_LONG ,"utctime too long"}, -{ASN1_R_WRONG_PRINTABLE_TYPE ,"wrong printable type"}, -{ASN1_R_WRONG_TAG ,"wrong tag"}, -{ASN1_R_WRONG_TYPE ,"wrong type"}, -{0,NULL} - }; - -#endif - -void ERR_load_ASN1_strings(void) - { - static int init=1; - - if (init) - { - init=0; -#ifndef NO_ERR - ERR_load_strings(ERR_LIB_ASN1,ASN1_str_functs); - ERR_load_strings(ERR_LIB_ASN1,ASN1_str_reasons); -#endif - - } - } diff --git a/src/lib/libcrypto/asn1/asn1_lib.c b/src/lib/libcrypto/asn1/asn1_lib.c deleted file mode 100644 index 77447a5240..0000000000 --- a/src/lib/libcrypto/asn1/asn1_lib.c +++ /dev/null @@ -1,427 +0,0 @@ -/* crypto/asn1/asn1_lib.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include - -static int asn1_get_length(unsigned char **pp,int *inf,long *rl,int max); -static void asn1_put_length(unsigned char **pp, int length); -const char *ASN1_version="ASN.1" OPENSSL_VERSION_PTEXT; - -int ASN1_check_infinite_end(unsigned char **p, long len) - { - /* If there is 0 or 1 byte left, the length check should pick - * things up */ - if (len <= 0) - return(1); - else if ((len >= 2) && ((*p)[0] == 0) && ((*p)[1] == 0)) - { - (*p)+=2; - return(1); - } - return(0); - } - - -int ASN1_get_object(unsigned char **pp, long *plength, int *ptag, int *pclass, - long omax) - { - int i,ret; - long l; - unsigned char *p= *pp; - int tag,xclass,inf; - long max=omax; - - if (!max) goto err; - ret=(*p&V_ASN1_CONSTRUCTED); - xclass=(*p&V_ASN1_PRIVATE); - i= *p&V_ASN1_PRIMITIVE_TAG; - if (i == V_ASN1_PRIMITIVE_TAG) - { /* high-tag */ - p++; - if (--max == 0) goto err; - l=0; - while (*p&0x80) - { - l<<=7L; - l|= *(p++)&0x7f; - if (--max == 0) goto err; - } - l<<=7L; - l|= *(p++)&0x7f; - tag=(int)l; - } - else - { - tag=i; - p++; - if (--max == 0) goto err; - } - *ptag=tag; - *pclass=xclass; - if (!asn1_get_length(&p,&inf,plength,(int)max)) goto err; - -#if 0 - fprintf(stderr,"p=%d + *plength=%ld > omax=%ld + *pp=%d (%d > %d)\n", - (int)p,*plength,omax,(int)*pp,(int)(p+ *plength), - (int)(omax+ *pp)); - -#endif -#if 0 - if ((p+ *plength) > (omax+ *pp)) - { - ASN1err(ASN1_F_ASN1_GET_OBJECT,ASN1_R_TOO_LONG); - /* Set this so that even if things are not long enough - * the values are set correctly */ - ret|=0x80; - } -#endif - *pp=p; - return(ret|inf); -err: - ASN1err(ASN1_F_ASN1_GET_OBJECT,ASN1_R_HEADER_TOO_LONG); - return(0x80); - } - -static int asn1_get_length(unsigned char **pp, int *inf, long *rl, int max) - { - unsigned char *p= *pp; - long ret=0; - int i; - - if (max-- < 1) return(0); - if (*p == 0x80) - { - *inf=1; - ret=0; - p++; - } - else - { - *inf=0; - i= *p&0x7f; - if (*(p++) & 0x80) - { - if (max-- == 0) return(0); - while (i-- > 0) - { - ret<<=8L; - ret|= *(p++); - if (max-- == 0) return(0); - } - } - else - ret=i; - } - *pp=p; - *rl=ret; - return(1); - } - -/* class 0 is constructed - * constructed == 2 for indefinite length constructed */ -void ASN1_put_object(unsigned char **pp, int constructed, int length, int tag, - int xclass) - { - unsigned char *p= *pp; - int i, ttag; - - i=(constructed)?V_ASN1_CONSTRUCTED:0; - i|=(xclass&V_ASN1_PRIVATE); - if (tag < 31) - *(p++)=i|(tag&V_ASN1_PRIMITIVE_TAG); - else - { - *(p++)=i|V_ASN1_PRIMITIVE_TAG; - for(i = 0, ttag = tag; ttag > 0; i++) ttag >>=7; - ttag = i; - while(i-- > 0) - { - p[i] = tag & 0x7f; - if(i != (ttag - 1)) p[i] |= 0x80; - tag >>= 7; - } - p += ttag; - } - if ((constructed == 2) && (length == 0)) - *(p++)=0x80; /* der_put_length would output 0 instead */ - else - asn1_put_length(&p,length); - *pp=p; - } - -static void asn1_put_length(unsigned char **pp, int length) - { - unsigned char *p= *pp; - int i,l; - if (length <= 127) - *(p++)=(unsigned char)length; - else - { - l=length; - for (i=0; l > 0; i++) - l>>=8; - *(p++)=i|0x80; - l=i; - while (i-- > 0) - { - p[i]=length&0xff; - length>>=8; - } - p+=l; - } - *pp=p; - } - -int ASN1_object_size(int constructed, int length, int tag) - { - int ret; - - ret=length; - ret++; - if (tag >= 31) - { - while (tag > 0) - { - tag>>=7; - ret++; - } - } - if ((length == 0) && (constructed == 2)) - ret+=2; - ret++; - if (length > 127) - { - while (length > 0) - { - length>>=8; - ret++; - } - } - return(ret); - } - -int asn1_Finish(ASN1_CTX *c) - { - if ((c->inf == (1|V_ASN1_CONSTRUCTED)) && (!c->eos)) - { - if (!ASN1_check_infinite_end(&c->p,c->slen)) - { - c->error=ERR_R_MISSING_ASN1_EOS; - return(0); - } - } - if ( ((c->slen != 0) && !(c->inf & 1)) || - ((c->slen < 0) && (c->inf & 1))) - { - c->error=ERR_R_ASN1_LENGTH_MISMATCH; - return(0); - } - return(1); - } - -int asn1_GetSequence(ASN1_CTX *c, long *length) - { - unsigned char *q; - - q=c->p; - c->inf=ASN1_get_object(&(c->p),&(c->slen),&(c->tag),&(c->xclass), - *length); - if (c->inf & 0x80) - { - c->error=ERR_R_BAD_GET_ASN1_OBJECT_CALL; - return(0); - } - if (c->tag != V_ASN1_SEQUENCE) - { - c->error=ERR_R_EXPECTING_AN_ASN1_SEQUENCE; - return(0); - } - (*length)-=(c->p-q); - if (c->max && (*length < 0)) - { - c->error=ERR_R_ASN1_LENGTH_MISMATCH; - return(0); - } - if (c->inf == (1|V_ASN1_CONSTRUCTED)) - c->slen= *length+ *(c->pp)-c->p; - c->eos=0; - return(1); - } - -ASN1_STRING *ASN1_STRING_dup(ASN1_STRING *str) - { - ASN1_STRING *ret; - - if (str == NULL) return(NULL); - if ((ret=ASN1_STRING_type_new(str->type)) == NULL) - return(NULL); - if (!ASN1_STRING_set(ret,str->data,str->length)) - { - ASN1_STRING_free(ret); - return(NULL); - } - ret->flags = str->flags; - return(ret); - } - -int ASN1_STRING_set(ASN1_STRING *str, const void *_data, int len) - { - unsigned char *c; - const char *data=_data; - - if (len < 0) - { - if (data == NULL) - return(0); - else - len=strlen(data); - } - if ((str->length < len) || (str->data == NULL)) - { - c=str->data; - if (c == NULL) - str->data=OPENSSL_malloc(len+1); - else - str->data=OPENSSL_realloc(c,len+1); - - if (str->data == NULL) - { - str->data=c; - return(0); - } - } - str->length=len; - if (data != NULL) - { - memcpy(str->data,data,len); - /* an allowance for strings :-) */ - str->data[len]='\0'; - } - return(1); - } - -ASN1_STRING *ASN1_STRING_new(void) - { - return(ASN1_STRING_type_new(V_ASN1_OCTET_STRING)); - } - - -ASN1_STRING *ASN1_STRING_type_new(int type) - { - ASN1_STRING *ret; - - ret=(ASN1_STRING *)OPENSSL_malloc(sizeof(ASN1_STRING)); - if (ret == NULL) - { - ASN1err(ASN1_F_ASN1_STRING_TYPE_NEW,ERR_R_MALLOC_FAILURE); - return(NULL); - } - ret->length=0; - ret->type=type; - ret->data=NULL; - ret->flags=0; - return(ret); - } - -void ASN1_STRING_free(ASN1_STRING *a) - { - if (a == NULL) return; - if (a->data != NULL) OPENSSL_free(a->data); - OPENSSL_free(a); - } - -int ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b) - { - int i; - - i=(a->length-b->length); - if (i == 0) - { - i=memcmp(a->data,b->data,a->length); - if (i == 0) - return(a->type-b->type); - else - return(i); - } - else - return(i); - } - -void asn1_add_error(unsigned char *address, int offset) - { - char buf1[16],buf2[16]; - - sprintf(buf1,"%lu",(unsigned long)address); - sprintf(buf2,"%d",offset); - ERR_add_error_data(4,"address=",buf1," offset=",buf2); - } - -int ASN1_STRING_length(ASN1_STRING *x) -{ return M_ASN1_STRING_length(x); } - -void ASN1_STRING_length_set(ASN1_STRING *x, int len) -{ M_ASN1_STRING_length_set(x, len); return; } - -int ASN1_STRING_type(ASN1_STRING *x) -{ return M_ASN1_STRING_type(x); } - -unsigned char * ASN1_STRING_data(ASN1_STRING *x) -{ return M_ASN1_STRING_data(x); } diff --git a/src/lib/libcrypto/asn1/asn1_mac.h b/src/lib/libcrypto/asn1/asn1_mac.h deleted file mode 100644 index 4512ba6cc6..0000000000 --- a/src/lib/libcrypto/asn1/asn1_mac.h +++ /dev/null @@ -1,560 +0,0 @@ -/* crypto/asn1/asn1_mac.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_ASN1_MAC_H -#define HEADER_ASN1_MAC_H - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -#ifndef ASN1_MAC_ERR_LIB -#define ASN1_MAC_ERR_LIB ERR_LIB_ASN1 -#endif - -#define ASN1_MAC_H_err(f,r,line) \ - ERR_PUT_error(ASN1_MAC_ERR_LIB,(f),(r),ERR_file_name,(line)) - -#define M_ASN1_D2I_vars(a,type,func) \ - ASN1_CTX c; \ - type ret=NULL; \ - \ - c.pp=pp; \ - c.q= *pp; \ - c.error=ERR_R_NESTED_ASN1_ERROR; \ - if ((a == NULL) || ((*a) == NULL)) \ - { if ((ret=(type)func()) == NULL) \ - { c.line=__LINE__; goto err; } } \ - else ret=(*a); - -#define M_ASN1_D2I_Init() \ - c.p= *pp; \ - c.max=(length == 0)?0:(c.p+length); - -#define M_ASN1_D2I_Finish_2(a) \ - if (!asn1_Finish(&c)) \ - { c.line=__LINE__; goto err; } \ - *pp=c.p; \ - if (a != NULL) (*a)=ret; \ - return(ret); - -#define M_ASN1_D2I_Finish(a,func,e) \ - M_ASN1_D2I_Finish_2(a); \ -err:\ - ASN1_MAC_H_err((e),c.error,c.line); \ - asn1_add_error(*pp,(int)(c.q- *pp)); \ - if ((ret != NULL) && ((a == NULL) || (*a != ret))) func(ret); \ - return(NULL) - -#define M_ASN1_D2I_start_sequence() \ - if (!asn1_GetSequence(&c,&length)) \ - { c.line=__LINE__; goto err; } -/* Begin reading ASN1 without a surrounding sequence */ -#define M_ASN1_D2I_begin() \ - c.slen = length; - -/* End reading ASN1 with no check on length */ -#define M_ASN1_D2I_Finish_nolen(a, func, e) \ - *pp=c.p; \ - if (a != NULL) (*a)=ret; \ - return(ret); \ -err:\ - ASN1_MAC_H_err((e),c.error,c.line); \ - asn1_add_error(*pp,(int)(c.q- *pp)); \ - if ((ret != NULL) && ((a == NULL) || (*a != ret))) func(ret); \ - return(NULL) - -#define M_ASN1_D2I_end_sequence() \ - (((c.inf&1) == 0)?(c.slen <= 0): \ - (c.eos=ASN1_check_infinite_end(&c.p,c.slen))) - -/* Don't use this with d2i_ASN1_BOOLEAN() */ -#define M_ASN1_D2I_get(b,func) \ - c.q=c.p; \ - if (func(&(b),&c.p,c.slen) == NULL) \ - {c.line=__LINE__; goto err; } \ - c.slen-=(c.p-c.q); - -/* use this instead () */ -#define M_ASN1_D2I_get_int(b,func) \ - c.q=c.p; \ - if (func(&(b),&c.p,c.slen) < 0) \ - {c.line=__LINE__; goto err; } \ - c.slen-=(c.p-c.q); - -#define M_ASN1_D2I_get_opt(b,func,type) \ - if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) \ - == (V_ASN1_UNIVERSAL|(type)))) \ - { \ - M_ASN1_D2I_get(b,func); \ - } - -#define M_ASN1_D2I_get_imp(b,func, type) \ - M_ASN1_next=(_tmp& V_ASN1_CONSTRUCTED)|type; \ - c.q=c.p; \ - if (func(&(b),&c.p,c.slen) == NULL) \ - {c.line=__LINE__; M_ASN1_next_prev = _tmp; goto err; } \ - c.slen-=(c.p-c.q);\ - M_ASN1_next_prev=_tmp; - -#define M_ASN1_D2I_get_IMP_opt(b,func,tag,type) \ - if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) == \ - (V_ASN1_CONTEXT_SPECIFIC|(tag)))) \ - { \ - unsigned char _tmp = M_ASN1_next; \ - M_ASN1_D2I_get_imp(b,func, type);\ - } - -#define M_ASN1_D2I_get_set(r,func,free_func) \ - M_ASN1_D2I_get_imp_set(r,func,free_func, \ - V_ASN1_SET,V_ASN1_UNIVERSAL); - -#define M_ASN1_D2I_get_set_type(type,r,func,free_func) \ - M_ASN1_D2I_get_imp_set_type(type,r,func,free_func, \ - V_ASN1_SET,V_ASN1_UNIVERSAL); - -#define M_ASN1_D2I_get_set_opt(r,func,free_func) \ - if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \ - V_ASN1_CONSTRUCTED|V_ASN1_SET)))\ - { M_ASN1_D2I_get_set(r,func,free_func); } - -#define M_ASN1_D2I_get_set_opt_type(type,r,func,free_func) \ - if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \ - V_ASN1_CONSTRUCTED|V_ASN1_SET)))\ - { M_ASN1_D2I_get_set_type(type,r,func,free_func); } - -#define M_ASN1_I2D_len_SET_opt(a,f) \ - if ((a != NULL) && (sk_num(a) != 0)) \ - M_ASN1_I2D_len_SET(a,f); - -#define M_ASN1_I2D_put_SET_opt(a,f) \ - if ((a != NULL) && (sk_num(a) != 0)) \ - M_ASN1_I2D_put_SET(a,f); - -#define M_ASN1_I2D_put_SEQUENCE_opt(a,f) \ - if ((a != NULL) && (sk_num(a) != 0)) \ - M_ASN1_I2D_put_SEQUENCE(a,f); - -#define M_ASN1_I2D_put_SEQUENCE_opt_type(type,a,f) \ - if ((a != NULL) && (sk_##type##_num(a) != 0)) \ - M_ASN1_I2D_put_SEQUENCE_type(type,a,f); - -#define M_ASN1_D2I_get_IMP_set_opt(b,func,free_func,tag) \ - if ((c.slen != 0) && \ - (M_ASN1_next == \ - (V_ASN1_CONTEXT_SPECIFIC|V_ASN1_CONSTRUCTED|(tag))))\ - { \ - M_ASN1_D2I_get_imp_set(b,func,free_func,\ - tag,V_ASN1_CONTEXT_SPECIFIC); \ - } - -#define M_ASN1_D2I_get_IMP_set_opt_type(type,b,func,free_func,tag) \ - if ((c.slen != 0) && \ - (M_ASN1_next == \ - (V_ASN1_CONTEXT_SPECIFIC|V_ASN1_CONSTRUCTED|(tag))))\ - { \ - M_ASN1_D2I_get_imp_set_type(type,b,func,free_func,\ - tag,V_ASN1_CONTEXT_SPECIFIC); \ - } - -#define M_ASN1_D2I_get_seq(r,func,free_func) \ - M_ASN1_D2I_get_imp_set(r,func,free_func,\ - V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL); - -#define M_ASN1_D2I_get_seq_type(type,r,func,free_func) \ - M_ASN1_D2I_get_imp_set_type(type,r,func,free_func,\ - V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL) - -#define M_ASN1_D2I_get_seq_opt(r,func,free_func) \ - if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \ - V_ASN1_CONSTRUCTED|V_ASN1_SEQUENCE)))\ - { M_ASN1_D2I_get_seq(r,func,free_func); } - -#define M_ASN1_D2I_get_seq_opt_type(type,r,func,free_func) \ - if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \ - V_ASN1_CONSTRUCTED|V_ASN1_SEQUENCE)))\ - { M_ASN1_D2I_get_seq_type(type,r,func,free_func); } - -#define M_ASN1_D2I_get_IMP_set(r,func,free_func,x) \ - M_ASN1_D2I_get_imp_set(r,func,free_func,\ - x,V_ASN1_CONTEXT_SPECIFIC); - -#define M_ASN1_D2I_get_IMP_set_type(type,r,func,free_func,x) \ - M_ASN1_D2I_get_imp_set_type(type,r,func,free_func,\ - x,V_ASN1_CONTEXT_SPECIFIC); - -#define M_ASN1_D2I_get_imp_set(r,func,free_func,a,b) \ - c.q=c.p; \ - if (d2i_ASN1_SET(&(r),&c.p,c.slen,(char *(*)())func,\ - (void (*)())free_func,a,b) == NULL) \ - { c.line=__LINE__; goto err; } \ - c.slen-=(c.p-c.q); - -#define M_ASN1_D2I_get_imp_set_type(type,r,func,free_func,a,b) \ - c.q=c.p; \ - if (d2i_ASN1_SET_OF_##type(&(r),&c.p,c.slen,func,\ - free_func,a,b) == NULL) \ - { c.line=__LINE__; goto err; } \ - c.slen-=(c.p-c.q); - -#define M_ASN1_D2I_get_set_strings(r,func,a,b) \ - c.q=c.p; \ - if (d2i_ASN1_STRING_SET(&(r),&c.p,c.slen,a,b) == NULL) \ - { c.line=__LINE__; goto err; } \ - c.slen-=(c.p-c.q); - -#define M_ASN1_D2I_get_EXP_opt(r,func,tag) \ - if ((c.slen != 0L) && (M_ASN1_next == \ - (V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \ - { \ - int Tinf,Ttag,Tclass; \ - long Tlen; \ - \ - c.q=c.p; \ - Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \ - if (Tinf & 0x80) \ - { c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \ - c.line=__LINE__; goto err; } \ - if (Tinf == (V_ASN1_CONSTRUCTED+1)) \ - Tlen = c.slen - (c.p - c.q) - 2; \ - if (func(&(r),&c.p,Tlen) == NULL) \ - { c.line=__LINE__; goto err; } \ - if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \ - Tlen = c.slen - (c.p - c.q); \ - if(!ASN1_check_infinite_end(&c.p, Tlen)) \ - { c.error=ERR_R_MISSING_ASN1_EOS; \ - c.line=__LINE__; goto err; } \ - }\ - c.slen-=(c.p-c.q); \ - } - -#define M_ASN1_D2I_get_EXP_set_opt(r,func,free_func,tag,b) \ - if ((c.slen != 0) && (M_ASN1_next == \ - (V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \ - { \ - int Tinf,Ttag,Tclass; \ - long Tlen; \ - \ - c.q=c.p; \ - Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \ - if (Tinf & 0x80) \ - { c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \ - c.line=__LINE__; goto err; } \ - if (Tinf == (V_ASN1_CONSTRUCTED+1)) \ - Tlen = c.slen - (c.p - c.q) - 2; \ - if (d2i_ASN1_SET(&(r),&c.p,Tlen,(char *(*)())func, \ - (void (*)())free_func, \ - b,V_ASN1_UNIVERSAL) == NULL) \ - { c.line=__LINE__; goto err; } \ - if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \ - Tlen = c.slen - (c.p - c.q); \ - if(!ASN1_check_infinite_end(&c.p, Tlen)) \ - { c.error=ERR_R_MISSING_ASN1_EOS; \ - c.line=__LINE__; goto err; } \ - }\ - c.slen-=(c.p-c.q); \ - } - -#define M_ASN1_D2I_get_EXP_set_opt_type(type,r,func,free_func,tag,b) \ - if ((c.slen != 0) && (M_ASN1_next == \ - (V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \ - { \ - int Tinf,Ttag,Tclass; \ - long Tlen; \ - \ - c.q=c.p; \ - Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \ - if (Tinf & 0x80) \ - { c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \ - c.line=__LINE__; goto err; } \ - if (Tinf == (V_ASN1_CONSTRUCTED+1)) \ - Tlen = c.slen - (c.p - c.q) - 2; \ - if (d2i_ASN1_SET_OF_##type(&(r),&c.p,Tlen,func, \ - free_func,b,V_ASN1_UNIVERSAL) == NULL) \ - { c.line=__LINE__; goto err; } \ - if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \ - Tlen = c.slen - (c.p - c.q); \ - if(!ASN1_check_infinite_end(&c.p, Tlen)) \ - { c.error=ERR_R_MISSING_ASN1_EOS; \ - c.line=__LINE__; goto err; } \ - }\ - c.slen-=(c.p-c.q); \ - } - -/* New macros */ -#define M_ASN1_New_Malloc(ret,type) \ - if ((ret=(type *)OPENSSL_malloc(sizeof(type))) == NULL) \ - { c.line=__LINE__; goto err2; } - -#define M_ASN1_New(arg,func) \ - if (((arg)=func()) == NULL) return(NULL) - -#define M_ASN1_New_Error(a) \ -/* err: ASN1_MAC_H_err((a),ERR_R_NESTED_ASN1_ERROR,c.line); \ - return(NULL);*/ \ - err2: ASN1_MAC_H_err((a),ERR_R_MALLOC_FAILURE,c.line); \ - return(NULL) - - -#define M_ASN1_next (*c.p) -#define M_ASN1_next_prev (*c.q) - -/*************************************************/ - -#define M_ASN1_I2D_vars(a) int r=0,ret=0; \ - unsigned char *p; \ - if (a == NULL) return(0) - -/* Length Macros */ -#define M_ASN1_I2D_len(a,f) ret+=f(a,NULL) -#define M_ASN1_I2D_len_IMP_opt(a,f) if (a != NULL) M_ASN1_I2D_len(a,f) - -#define M_ASN1_I2D_len_SET(a,f) \ - ret+=i2d_ASN1_SET(a,NULL,f,V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET); - -#define M_ASN1_I2D_len_SET_type(type,a,f) \ - ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,V_ASN1_SET, \ - V_ASN1_UNIVERSAL,IS_SET); - -#define M_ASN1_I2D_len_SEQUENCE(a,f) \ - ret+=i2d_ASN1_SET(a,NULL,f,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL, \ - IS_SEQUENCE); - -#define M_ASN1_I2D_len_SEQUENCE_type(type,a,f) \ - ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,V_ASN1_SEQUENCE, \ - V_ASN1_UNIVERSAL,IS_SEQUENCE) - -#define M_ASN1_I2D_len_SEQUENCE_opt(a,f) \ - if ((a != NULL) && (sk_num(a) != 0)) \ - M_ASN1_I2D_len_SEQUENCE(a,f); - -#define M_ASN1_I2D_len_SEQUENCE_opt_type(type,a,f) \ - if ((a != NULL) && (sk_##type##_num(a) != 0)) \ - M_ASN1_I2D_len_SEQUENCE_type(type,a,f); - -#define M_ASN1_I2D_len_IMP_SET(a,f,x) \ - ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC,IS_SET); - -#define M_ASN1_I2D_len_IMP_SET_type(type,a,f,x) \ - ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,x, \ - V_ASN1_CONTEXT_SPECIFIC,IS_SET); - -#define M_ASN1_I2D_len_IMP_SET_opt(a,f,x) \ - if ((a != NULL) && (sk_num(a) != 0)) \ - ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC, \ - IS_SET); - -#define M_ASN1_I2D_len_IMP_SET_opt_type(type,a,f,x) \ - if ((a != NULL) && (sk_##type##_num(a) != 0)) \ - ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,x, \ - V_ASN1_CONTEXT_SPECIFIC,IS_SET); - -#define M_ASN1_I2D_len_IMP_SEQUENCE(a,f,x) \ - ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC, \ - IS_SEQUENCE); - -#define M_ASN1_I2D_len_IMP_SEQUENCE_opt(a,f,x) \ - if ((a != NULL) && (sk_num(a) != 0)) \ - ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC, \ - IS_SEQUENCE); - -#define M_ASN1_I2D_len_IMP_SEQUENCE_opt_type(type,a,f,x) \ - if ((a != NULL) && (sk_##type##_num(a) != 0)) \ - ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,x, \ - V_ASN1_CONTEXT_SPECIFIC, \ - IS_SEQUENCE); - -#define M_ASN1_I2D_len_EXP_opt(a,f,mtag,v) \ - if (a != NULL)\ - { \ - v=f(a,NULL); \ - ret+=ASN1_object_size(1,v,mtag); \ - } - -#define M_ASN1_I2D_len_EXP_SET_opt(a,f,mtag,tag,v) \ - if ((a != NULL) && (sk_num(a) != 0))\ - { \ - v=i2d_ASN1_SET(a,NULL,f,tag,V_ASN1_UNIVERSAL,IS_SET); \ - ret+=ASN1_object_size(1,v,mtag); \ - } - -#define M_ASN1_I2D_len_EXP_SEQUENCE_opt(a,f,mtag,tag,v) \ - if ((a != NULL) && (sk_num(a) != 0))\ - { \ - v=i2d_ASN1_SET(a,NULL,f,tag,V_ASN1_UNIVERSAL, \ - IS_SEQUENCE); \ - ret+=ASN1_object_size(1,v,mtag); \ - } - -#define M_ASN1_I2D_len_EXP_SEQUENCE_opt_type(type,a,f,mtag,tag,v) \ - if ((a != NULL) && (sk_##type##_num(a) != 0))\ - { \ - v=i2d_ASN1_SET_OF_##type(a,NULL,f,tag, \ - V_ASN1_UNIVERSAL, \ - IS_SEQUENCE); \ - ret+=ASN1_object_size(1,v,mtag); \ - } - -/* Put Macros */ -#define M_ASN1_I2D_put(a,f) f(a,&p) - -#define M_ASN1_I2D_put_IMP_opt(a,f,t) \ - if (a != NULL) \ - { \ - unsigned char *q=p; \ - f(a,&p); \ - *q=(V_ASN1_CONTEXT_SPECIFIC|t|(*q&V_ASN1_CONSTRUCTED));\ - } - -#define M_ASN1_I2D_put_SET(a,f) i2d_ASN1_SET(a,&p,f,V_ASN1_SET,\ - V_ASN1_UNIVERSAL,IS_SET) -#define M_ASN1_I2D_put_SET_type(type,a,f) \ - i2d_ASN1_SET_OF_##type(a,&p,f,V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET) -#define M_ASN1_I2D_put_IMP_SET(a,f,x) i2d_ASN1_SET(a,&p,f,x,\ - V_ASN1_CONTEXT_SPECIFIC,IS_SET) -#define M_ASN1_I2D_put_IMP_SET_type(type,a,f,x) \ - i2d_ASN1_SET_OF_##type(a,&p,f,x,V_ASN1_CONTEXT_SPECIFIC,IS_SET) -#define M_ASN1_I2D_put_IMP_SEQUENCE(a,f,x) i2d_ASN1_SET(a,&p,f,x,\ - V_ASN1_CONTEXT_SPECIFIC,IS_SEQUENCE) - -#define M_ASN1_I2D_put_SEQUENCE(a,f) i2d_ASN1_SET(a,&p,f,V_ASN1_SEQUENCE,\ - V_ASN1_UNIVERSAL,IS_SEQUENCE) - -#define M_ASN1_I2D_put_SEQUENCE_type(type,a,f) \ - i2d_ASN1_SET_OF_##type(a,&p,f,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL, \ - IS_SEQUENCE) - -#define M_ASN1_I2D_put_SEQUENCE_opt(a,f) \ - if ((a != NULL) && (sk_num(a) != 0)) \ - M_ASN1_I2D_put_SEQUENCE(a,f); - -#define M_ASN1_I2D_put_IMP_SET_opt(a,f,x) \ - if ((a != NULL) && (sk_num(a) != 0)) \ - { i2d_ASN1_SET(a,&p,f,x,V_ASN1_CONTEXT_SPECIFIC, \ - IS_SET); } - -#define M_ASN1_I2D_put_IMP_SET_opt_type(type,a,f,x) \ - if ((a != NULL) && (sk_##type##_num(a) != 0)) \ - { i2d_ASN1_SET_OF_##type(a,&p,f,x, \ - V_ASN1_CONTEXT_SPECIFIC, \ - IS_SET); } - -#define M_ASN1_I2D_put_IMP_SEQUENCE_opt(a,f,x) \ - if ((a != NULL) && (sk_num(a) != 0)) \ - { i2d_ASN1_SET(a,&p,f,x,V_ASN1_CONTEXT_SPECIFIC, \ - IS_SEQUENCE); } - -#define M_ASN1_I2D_put_IMP_SEQUENCE_opt_type(type,a,f,x) \ - if ((a != NULL) && (sk_##type##_num(a) != 0)) \ - { i2d_ASN1_SET_OF_##type(a,&p,f,x, \ - V_ASN1_CONTEXT_SPECIFIC, \ - IS_SEQUENCE); } - -#define M_ASN1_I2D_put_EXP_opt(a,f,tag,v) \ - if (a != NULL) \ - { \ - ASN1_put_object(&p,1,v,tag,V_ASN1_CONTEXT_SPECIFIC); \ - f(a,&p); \ - } - -#define M_ASN1_I2D_put_EXP_SET_opt(a,f,mtag,tag,v) \ - if ((a != NULL) && (sk_num(a) != 0)) \ - { \ - ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \ - i2d_ASN1_SET(a,&p,f,tag,V_ASN1_UNIVERSAL,IS_SET); \ - } - -#define M_ASN1_I2D_put_EXP_SEQUENCE_opt(a,f,mtag,tag,v) \ - if ((a != NULL) && (sk_num(a) != 0)) \ - { \ - ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \ - i2d_ASN1_SET(a,&p,f,tag,V_ASN1_UNIVERSAL,IS_SEQUENCE); \ - } - -#define M_ASN1_I2D_put_EXP_SEQUENCE_opt_type(type,a,f,mtag,tag,v) \ - if ((a != NULL) && (sk_##type##_num(a) != 0)) \ - { \ - ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \ - i2d_ASN1_SET_OF_##type(a,&p,f,tag,V_ASN1_UNIVERSAL, \ - IS_SEQUENCE); \ - } - -#define M_ASN1_I2D_seq_total() \ - r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE); \ - if (pp == NULL) return(r); \ - p= *pp; \ - ASN1_put_object(&p,1,ret,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL) - -#define M_ASN1_I2D_INF_seq_start(tag,ctx) \ - *(p++)=(V_ASN1_CONSTRUCTED|(tag)|(ctx)); \ - *(p++)=0x80 - -#define M_ASN1_I2D_INF_seq_end() *(p++)=0x00; *(p++)=0x00 - -#define M_ASN1_I2D_finish() *pp=p; \ - return(r); - -int asn1_GetSequence(ASN1_CTX *c, long *length); -void asn1_add_error(unsigned char *address,int offset); -#ifdef __cplusplus -} -#endif - -#endif diff --git a/src/lib/libcrypto/asn1/asn1_par.c b/src/lib/libcrypto/asn1/asn1_par.c deleted file mode 100644 index facfdd27fc..0000000000 --- a/src/lib/libcrypto/asn1/asn1_par.c +++ /dev/null @@ -1,423 +0,0 @@ -/* crypto/asn1/asn1_par.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include -#include - -static int asn1_print_info(BIO *bp, int tag, int xclass,int constructed, - int indent); -static int asn1_parse2(BIO *bp, unsigned char **pp, long length, - int offset, int depth, int indent, int dump); -static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed, - int indent) - { - static const char fmt[]="%-18s"; - static const char fmt2[]="%2d %-15s"; - char str[128]; - const char *p,*p2=NULL; - - if (constructed & V_ASN1_CONSTRUCTED) - p="cons: "; - else - p="prim: "; - if (BIO_write(bp,p,6) < 6) goto err; - if (indent) - { - if (indent > 128) indent=128; - memset(str,' ',indent); - if (BIO_write(bp,str,indent) < indent) goto err; - } - - p=str; - if ((xclass & V_ASN1_PRIVATE) == V_ASN1_PRIVATE) - sprintf(str,"priv [ %d ] ",tag); - else if ((xclass & V_ASN1_CONTEXT_SPECIFIC) == V_ASN1_CONTEXT_SPECIFIC) - sprintf(str,"cont [ %d ]",tag); - else if ((xclass & V_ASN1_APPLICATION) == V_ASN1_APPLICATION) - sprintf(str,"appl [ %d ]",tag); - else p = ASN1_tag2str(tag); - - if (p2 != NULL) - { - if (BIO_printf(bp,fmt2,tag,p2) <= 0) goto err; - } - else - { - if (BIO_printf(bp,fmt,p) <= 0) goto err; - } - return(1); -err: - return(0); - } - -int ASN1_parse(BIO *bp, unsigned char *pp, long len, int indent) - { - return(asn1_parse2(bp,&pp,len,0,0,indent,0)); - } - -int ASN1_parse_dump(BIO *bp, unsigned char *pp, long len, int indent, int dump) - { - return(asn1_parse2(bp,&pp,len,0,0,indent,dump)); - } - -static int asn1_parse2(BIO *bp, unsigned char **pp, long length, int offset, - int depth, int indent, int dump) - { - unsigned char *p,*ep,*tot,*op,*opp; - long len; - int tag,xclass,ret=0; - int nl,hl,j,r; - ASN1_OBJECT *o=NULL; - ASN1_OCTET_STRING *os=NULL; - /* ASN1_BMPSTRING *bmp=NULL;*/ - int dump_indent; - -#if 0 - dump_indent = indent; -#else - dump_indent = 6; /* Because we know BIO_dump_indent() */ -#endif - p= *pp; - tot=p+length; - op=p-1; - while ((p < tot) && (op < p)) - { - op=p; - j=ASN1_get_object(&p,&len,&tag,&xclass,length); -#ifdef LINT - j=j; -#endif - if (j & 0x80) - { - if (BIO_write(bp,"Error in encoding\n",18) <= 0) - goto end; - ret=0; - goto end; - } - hl=(p-op); - length-=hl; - /* if j == 0x21 it is a constructed indefinite length object */ - if (BIO_printf(bp,"%5ld:",(long)offset+(long)(op- *pp)) - <= 0) goto end; - - if (j != (V_ASN1_CONSTRUCTED | 1)) - { - if (BIO_printf(bp,"d=%-2d hl=%ld l=%4ld ", - depth,(long)hl,len) <= 0) - goto end; - } - else - { - if (BIO_printf(bp,"d=%-2d hl=%ld l=inf ", - depth,(long)hl) <= 0) - goto end; - } - if (!asn1_print_info(bp,tag,xclass,j,(indent)?depth:0)) - goto end; - if (j & V_ASN1_CONSTRUCTED) - { - ep=p+len; - if (BIO_write(bp,"\n",1) <= 0) goto end; - if (len > length) - { - BIO_printf(bp, - "length is greater than %ld\n",length); - ret=0; - goto end; - } - if ((j == 0x21) && (len == 0)) - { - for (;;) - { - r=asn1_parse2(bp,&p,(long)(tot-p), - offset+(p - *pp),depth+1, - indent,dump); - if (r == 0) { ret=0; goto end; } - if ((r == 2) || (p >= tot)) break; - } - } - else - while (p < ep) - { - r=asn1_parse2(bp,&p,(long)len, - offset+(p - *pp),depth+1, - indent,dump); - if (r == 0) { ret=0; goto end; } - } - } - else if (xclass != 0) - { - p+=len; - if (BIO_write(bp,"\n",1) <= 0) goto end; - } - else - { - nl=0; - if ( (tag == V_ASN1_PRINTABLESTRING) || - (tag == V_ASN1_T61STRING) || - (tag == V_ASN1_IA5STRING) || - (tag == V_ASN1_VISIBLESTRING) || - (tag == V_ASN1_UTCTIME) || - (tag == V_ASN1_GENERALIZEDTIME)) - { - if (BIO_write(bp,":",1) <= 0) goto end; - if ((len > 0) && - BIO_write(bp,(char *)p,(int)len) - != (int)len) - goto end; - } - else if (tag == V_ASN1_OBJECT) - { - opp=op; - if (d2i_ASN1_OBJECT(&o,&opp,len+hl) != NULL) - { - if (BIO_write(bp,":",1) <= 0) goto end; - i2a_ASN1_OBJECT(bp,o); - } - else - { - if (BIO_write(bp,":BAD OBJECT",11) <= 0) - goto end; - } - } - else if (tag == V_ASN1_BOOLEAN) - { - int ii; - - opp=op; - ii=d2i_ASN1_BOOLEAN(NULL,&opp,len+hl); - if (ii < 0) - { - if (BIO_write(bp,"Bad boolean\n",12)) - goto end; - } - BIO_printf(bp,":%d",ii); - } - else if (tag == V_ASN1_BMPSTRING) - { - /* do the BMP thang */ - } - else if (tag == V_ASN1_OCTET_STRING) - { - int i,printable=1; - - opp=op; - os=d2i_ASN1_OCTET_STRING(NULL,&opp,len+hl); - if (os != NULL) - { - opp=os->data; - for (i=0; ilength; i++) - { - if (( (opp[i] < ' ') && - (opp[i] != '\n') && - (opp[i] != '\r') && - (opp[i] != '\t')) || - (opp[i] > '~')) - { - printable=0; - break; - } - } - if (printable && (os->length > 0)) - { - if (BIO_write(bp,":",1) <= 0) - goto end; - if (BIO_write(bp,(char *)opp, - os->length) <= 0) - goto end; - } - if (!printable && (os->length > 0) - && dump) - { - if (!nl) - { - if (BIO_write(bp,"\n",1) <= 0) - goto end; - } - if (BIO_dump_indent(bp,(char *)opp, - ((dump == -1 || dump > os->length)?os->length:dump), - dump_indent) <= 0) - goto end; - nl=1; - } - M_ASN1_OCTET_STRING_free(os); - os=NULL; - } - } - else if (tag == V_ASN1_INTEGER) - { - ASN1_INTEGER *bs; - int i; - - opp=op; - bs=d2i_ASN1_INTEGER(NULL,&opp,len+hl); - if (bs != NULL) - { - if (BIO_write(bp,":",1) <= 0) goto end; - if (bs->type == V_ASN1_NEG_INTEGER) - if (BIO_write(bp,"-",1) <= 0) - goto end; - for (i=0; ilength; i++) - { - if (BIO_printf(bp,"%02X", - bs->data[i]) <= 0) - goto end; - } - if (bs->length == 0) - { - if (BIO_write(bp,"00",2) <= 0) - goto end; - } - } - else - { - if (BIO_write(bp,"BAD INTEGER",11) <= 0) - goto end; - } - M_ASN1_INTEGER_free(bs); - } - else if (tag == V_ASN1_ENUMERATED) - { - ASN1_ENUMERATED *bs; - int i; - - opp=op; - bs=d2i_ASN1_ENUMERATED(NULL,&opp,len+hl); - if (bs != NULL) - { - if (BIO_write(bp,":",1) <= 0) goto end; - if (bs->type == V_ASN1_NEG_ENUMERATED) - if (BIO_write(bp,"-",1) <= 0) - goto end; - for (i=0; ilength; i++) - { - if (BIO_printf(bp,"%02X", - bs->data[i]) <= 0) - goto end; - } - if (bs->length == 0) - { - if (BIO_write(bp,"00",2) <= 0) - goto end; - } - } - else - { - if (BIO_write(bp,"BAD ENUMERATED",11) <= 0) - goto end; - } - M_ASN1_ENUMERATED_free(bs); - } - else if (len > 0 && dump) - { - if (!nl) - { - if (BIO_write(bp,"\n",1) <= 0) - goto end; - } - if (BIO_dump_indent(bp,(char *)p, - ((dump == -1 || dump > len)?len:dump), - dump_indent) <= 0) - goto end; - nl=1; - } - - if (!nl) - { - if (BIO_write(bp,"\n",1) <= 0) goto end; - } - p+=len; - if ((tag == V_ASN1_EOC) && (xclass == 0)) - { - ret=2; /* End of sequence */ - goto end; - } - } - length-=len; - } - ret=1; -end: - if (o != NULL) ASN1_OBJECT_free(o); - if (os != NULL) M_ASN1_OCTET_STRING_free(os); - *pp=p; - return(ret); - } - -const char *ASN1_tag2str(int tag) -{ - const static char *tag2str[] = { - "EOC", "BOOLEAN", "INTEGER", "BIT STRING", "OCTET STRING", /* 0-4 */ - "NULL", "OBJECT", "OBJECT DESCRIPTOR", "EXTERNAL", "REAL", /* 5-9 */ - "ENUMERATED", "", "UTF8STRING", "", /* 10-13 */ - "", "", "SEQUENCE", "SET", /* 15-17 */ - "NUMERICSTRING", "PRINTABLESTRING", "T61STRING", /* 18-20 */ - "VIDEOTEXSTRING", "IA5STRING", "UTCTIME","GENERALIZEDTIME", /* 21-24 */ - "GRAPHICSTRING", "VISIBLESTRING", "GENERALSTRING", /* 25-27 */ - "UNIVERSALSTRING", "", "BMPSTRING" /* 28-30 */ - }; - - if((tag == V_ASN1_NEG_INTEGER) || (tag == V_ASN1_NEG_ENUMERATED)) - tag &= ~0x100; - - if(tag < 0 || tag > 30) return "(unknown)"; - return tag2str[tag]; -} - diff --git a/src/lib/libcrypto/asn1/asn_pack.c b/src/lib/libcrypto/asn1/asn_pack.c deleted file mode 100644 index bdf5f130b3..0000000000 --- a/src/lib/libcrypto/asn1/asn_pack.c +++ /dev/null @@ -1,145 +0,0 @@ -/* asn_pack.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include "cryptlib.h" -#include - -/* ASN1 packing and unpacking functions */ - -/* Turn an ASN1 encoded SEQUENCE OF into a STACK of structures */ - -STACK *ASN1_seq_unpack(unsigned char *buf, int len, char *(*d2i)(), - void (*free_func)(void *)) -{ - STACK *sk; - unsigned char *pbuf; - pbuf = buf; - if (!(sk = d2i_ASN1_SET(NULL, &pbuf, len, d2i, free_func, - V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL))) - ASN1err(ASN1_F_ASN1_SEQ_UNPACK,ASN1_R_DECODE_ERROR); - return sk; -} - -/* Turn a STACK structures into an ASN1 encoded SEQUENCE OF structure in a - * OPENSSL_malloc'ed buffer - */ - -unsigned char *ASN1_seq_pack(STACK *safes, int (*i2d)(), unsigned char **buf, - int *len) -{ - int safelen; - unsigned char *safe, *p; - if (!(safelen = i2d_ASN1_SET(safes, NULL, i2d, V_ASN1_SEQUENCE, - V_ASN1_UNIVERSAL, IS_SEQUENCE))) { - ASN1err(ASN1_F_ASN1_SEQ_PACK,ASN1_R_ENCODE_ERROR); - return NULL; - } - if (!(safe = OPENSSL_malloc (safelen))) { - ASN1err(ASN1_F_ASN1_SEQ_PACK,ERR_R_MALLOC_FAILURE); - return NULL; - } - p = safe; - i2d_ASN1_SET(safes, &p, i2d, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL, - IS_SEQUENCE); - if (len) *len = safelen; - if (buf) *buf = safe; - return safe; -} - -/* Extract an ASN1 object from an ASN1_STRING */ - -void *ASN1_unpack_string (ASN1_STRING *oct, char *(*d2i)()) -{ - unsigned char *p; - char *ret; - - p = oct->data; - if(!(ret = d2i(NULL, &p, oct->length))) - ASN1err(ASN1_F_ASN1_UNPACK_STRING,ASN1_R_DECODE_ERROR); - return ret; -} - -/* Pack an ASN1 object into an ASN1_STRING */ - -ASN1_STRING *ASN1_pack_string (void *obj, int (*i2d)(), ASN1_STRING **oct) -{ - unsigned char *p; - ASN1_STRING *octmp; - - if (!oct || !*oct) { - if (!(octmp = ASN1_STRING_new ())) { - ASN1err(ASN1_F_ASN1_PACK_STRING,ERR_R_MALLOC_FAILURE); - return NULL; - } - if (oct) *oct = octmp; - } else octmp = *oct; - - if (!(octmp->length = i2d(obj, NULL))) { - ASN1err(ASN1_F_ASN1_PACK_STRING,ASN1_R_ENCODE_ERROR); - return NULL; - } - if (!(p = OPENSSL_malloc (octmp->length))) { - ASN1err(ASN1_F_ASN1_PACK_STRING,ERR_R_MALLOC_FAILURE); - return NULL; - } - octmp->data = p; - i2d (obj, &p); - return octmp; -} - diff --git a/src/lib/libcrypto/asn1/charmap.h b/src/lib/libcrypto/asn1/charmap.h deleted file mode 100644 index bd020a9562..0000000000 --- a/src/lib/libcrypto/asn1/charmap.h +++ /dev/null @@ -1,15 +0,0 @@ -/* Auto generated with chartype.pl script. - * Mask of various character properties - */ - -static unsigned char char_type[] = { - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, -120, 0, 1,40, 0, 0, 0,16,16,16, 0,25,25,16,16,16, -16,16,16,16,16,16,16,16,16,16,16, 9, 9,16, 9,16, - 0,16,16,16,16,16,16,16,16,16,16,16,16,16,16,16, -16,16,16,16,16,16,16,16,16,16,16, 0, 1, 0, 0, 0, - 0,16,16,16,16,16,16,16,16,16,16,16,16,16,16,16, -16,16,16,16,16,16,16,16,16,16,16, 0, 0, 0, 0, 2 -}; - diff --git a/src/lib/libcrypto/asn1/charmap.pl b/src/lib/libcrypto/asn1/charmap.pl deleted file mode 100644 index 2875c59867..0000000000 --- a/src/lib/libcrypto/asn1/charmap.pl +++ /dev/null @@ -1,80 +0,0 @@ -#!/usr/local/bin/perl -w - -use strict; - -my ($i, @arr); - -# Set up an array with the type of ASCII characters -# Each set bit represents a character property. - -# RFC2253 character properties -my $RFC2253_ESC = 1; # Character escaped with \ -my $ESC_CTRL = 2; # Escaped control character -# These are used with RFC1779 quoting using " -my $NOESC_QUOTE = 8; # Not escaped if quoted -my $PSTRING_CHAR = 0x10; # Valid PrintableString character -my $RFC2253_FIRST_ESC = 0x20; # Escaped with \ if first character -my $RFC2253_LAST_ESC = 0x40; # Escaped with \ if last character - -for($i = 0; $i < 128; $i++) { - # Set the RFC2253 escape characters (control) - $arr[$i] = 0; - if(($i < 32) || ($i > 126)) { - $arr[$i] |= $ESC_CTRL; - } - - # Some PrintableString characters - if( ( ( $i >= ord("a")) && ( $i <= ord("z")) ) - || ( ( $i >= ord("A")) && ( $i <= ord("Z")) ) - || ( ( $i >= ord("0")) && ( $i <= ord("9")) ) ) { - $arr[$i] |= $PSTRING_CHAR; - } -} - -# Now setup the rest - -# Remaining RFC2253 escaped characters - -$arr[ord(" ")] |= $NOESC_QUOTE | $RFC2253_FIRST_ESC | $RFC2253_LAST_ESC; -$arr[ord("#")] |= $NOESC_QUOTE | $RFC2253_FIRST_ESC; - -$arr[ord(",")] |= $NOESC_QUOTE | $RFC2253_ESC; -$arr[ord("+")] |= $NOESC_QUOTE | $RFC2253_ESC; -$arr[ord("\"")] |= $RFC2253_ESC; -$arr[ord("\\")] |= $RFC2253_ESC; -$arr[ord("<")] |= $NOESC_QUOTE | $RFC2253_ESC; -$arr[ord(">")] |= $NOESC_QUOTE | $RFC2253_ESC; -$arr[ord(";")] |= $NOESC_QUOTE | $RFC2253_ESC; - -# Remaining PrintableString characters - -$arr[ord(" ")] |= $PSTRING_CHAR; -$arr[ord("'")] |= $PSTRING_CHAR; -$arr[ord("(")] |= $PSTRING_CHAR; -$arr[ord(")")] |= $PSTRING_CHAR; -$arr[ord("+")] |= $PSTRING_CHAR; -$arr[ord(",")] |= $PSTRING_CHAR; -$arr[ord("-")] |= $PSTRING_CHAR; -$arr[ord(".")] |= $PSTRING_CHAR; -$arr[ord("/")] |= $PSTRING_CHAR; -$arr[ord(":")] |= $PSTRING_CHAR; -$arr[ord("=")] |= $PSTRING_CHAR; -$arr[ord("?")] |= $PSTRING_CHAR; - -# Now generate the C code - -print < -#include "cryptlib.h" -#include -#include -#include -#include - -EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, unsigned char **pp, - long length) - { - EVP_PKEY *ret; - - if ((a == NULL) || (*a == NULL)) - { - if ((ret=EVP_PKEY_new()) == NULL) - { - ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_EVP_LIB); - return(NULL); - } - } - else ret= *a; - - ret->save_type=type; - ret->type=EVP_PKEY_type(type); - switch (ret->type) - { -#ifndef NO_RSA - case EVP_PKEY_RSA: - if ((ret->pkey.rsa=d2i_RSAPrivateKey(NULL,pp,length)) == NULL) - { - ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_ASN1_LIB); - goto err; - } - break; -#endif -#ifndef NO_DSA - case EVP_PKEY_DSA: - if ((ret->pkey.dsa=d2i_DSAPrivateKey(NULL,pp,length)) == NULL) - { - ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_ASN1_LIB); - goto err; - } - break; -#endif - default: - ASN1err(ASN1_F_D2I_PRIVATEKEY,ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE); - goto err; - /* break; */ - } - if (a != NULL) (*a)=ret; - return(ret); -err: - if ((ret != NULL) && ((a == NULL) || (*a != ret))) EVP_PKEY_free(ret); - return(NULL); - } - -/* This works like d2i_PrivateKey() except it automatically works out the type */ - -EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, unsigned char **pp, - long length) -{ - STACK_OF(ASN1_TYPE) *inkey; - unsigned char *p; - int keytype; - p = *pp; - /* Dirty trick: read in the ASN1 data into a STACK_OF(ASN1_TYPE): - * by analyzing it we can determine the passed structure: this - * assumes the input is surrounded by an ASN1 SEQUENCE. - */ - inkey = d2i_ASN1_SET_OF_ASN1_TYPE(NULL, &p, length, d2i_ASN1_TYPE, - ASN1_TYPE_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL); - /* Since we only need to discern "traditional format" RSA and DSA - * keys we can just count the elements. - */ - if(sk_ASN1_TYPE_num(inkey) == 6) keytype = EVP_PKEY_DSA; - else keytype = EVP_PKEY_RSA; - sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free); - return d2i_PrivateKey(keytype, a, pp, length); -} diff --git a/src/lib/libcrypto/asn1/d2i_pu.c b/src/lib/libcrypto/asn1/d2i_pu.c deleted file mode 100644 index e0d203cef7..0000000000 --- a/src/lib/libcrypto/asn1/d2i_pu.c +++ /dev/null @@ -1,114 +0,0 @@ -/* crypto/asn1/d2i_pu.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include -#include -#include - -EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, unsigned char **pp, - long length) - { - EVP_PKEY *ret; - - if ((a == NULL) || (*a == NULL)) - { - if ((ret=EVP_PKEY_new()) == NULL) - { - ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_EVP_LIB); - return(NULL); - } - } - else ret= *a; - - ret->save_type=type; - ret->type=EVP_PKEY_type(type); - switch (ret->type) - { -#ifndef NO_RSA - case EVP_PKEY_RSA: - if ((ret->pkey.rsa=d2i_RSAPublicKey(NULL,pp,length)) == NULL) - { - ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_ASN1_LIB); - goto err; - } - break; -#endif -#ifndef NO_DSA - case EVP_PKEY_DSA: - if ((ret->pkey.dsa=d2i_DSAPublicKey(NULL,pp,length)) == NULL) - { - ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_ASN1_LIB); - goto err; - } - break; -#endif - default: - ASN1err(ASN1_F_D2I_PUBLICKEY,ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE); - goto err; - /* break; */ - } - if (a != NULL) (*a)=ret; - return(ret); -err: - if ((ret != NULL) && ((a == NULL) || (*a != ret))) EVP_PKEY_free(ret); - return(NULL); - } - diff --git a/src/lib/libcrypto/asn1/evp_asn1.c b/src/lib/libcrypto/asn1/evp_asn1.c deleted file mode 100644 index 3506005a71..0000000000 --- a/src/lib/libcrypto/asn1/evp_asn1.c +++ /dev/null @@ -1,185 +0,0 @@ -/* crypto/asn1/evp_asn1.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include - -int ASN1_TYPE_set_octetstring(ASN1_TYPE *a, unsigned char *data, int len) - { - ASN1_STRING *os; - - if ((os=M_ASN1_OCTET_STRING_new()) == NULL) return(0); - if (!M_ASN1_OCTET_STRING_set(os,data,len)) return(0); - ASN1_TYPE_set(a,V_ASN1_OCTET_STRING,os); - return(1); - } - -/* int max_len: for returned value */ -int ASN1_TYPE_get_octetstring(ASN1_TYPE *a, unsigned char *data, - int max_len) - { - int ret,num; - unsigned char *p; - - if ((a->type != V_ASN1_OCTET_STRING) || (a->value.octet_string == NULL)) - { - ASN1err(ASN1_F_ASN1_TYPE_GET_OCTETSTRING,ASN1_R_DATA_IS_WRONG); - return(-1); - } - p=M_ASN1_STRING_data(a->value.octet_string); - ret=M_ASN1_STRING_length(a->value.octet_string); - if (ret < max_len) - num=ret; - else - num=max_len; - memcpy(data,p,num); - return(ret); - } - -int ASN1_TYPE_set_int_octetstring(ASN1_TYPE *a, long num, unsigned char *data, - int len) - { - int n,size; - ASN1_OCTET_STRING os,*osp; - ASN1_INTEGER in; - unsigned char *p; - unsigned char buf[32]; /* when they have 256bit longs, - * I'll be in trouble */ - in.data=buf; - in.length=32; - os.data=data; - os.type=V_ASN1_OCTET_STRING; - os.length=len; - ASN1_INTEGER_set(&in,num); - n = i2d_ASN1_INTEGER(&in,NULL); - n+=M_i2d_ASN1_OCTET_STRING(&os,NULL); - - size=ASN1_object_size(1,n,V_ASN1_SEQUENCE); - - if ((osp=ASN1_STRING_new()) == NULL) return(0); - /* Grow the 'string' */ - ASN1_STRING_set(osp,NULL,size); - - M_ASN1_STRING_length_set(osp, size); - p=M_ASN1_STRING_data(osp); - - ASN1_put_object(&p,1,n,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL); - i2d_ASN1_INTEGER(&in,&p); - M_i2d_ASN1_OCTET_STRING(&os,&p); - - ASN1_TYPE_set(a,V_ASN1_SEQUENCE,osp); - return(1); - } - -/* we return the actual length..., num may be missing, in which - * case, set it to zero */ -/* int max_len: for returned value */ -int ASN1_TYPE_get_int_octetstring(ASN1_TYPE *a, long *num, unsigned char *data, - int max_len) - { - int ret= -1,n; - ASN1_INTEGER *ai=NULL; - ASN1_OCTET_STRING *os=NULL; - unsigned char *p; - long length; - ASN1_CTX c; - - if ((a->type != V_ASN1_SEQUENCE) || (a->value.sequence == NULL)) - { - goto err; - } - p=M_ASN1_STRING_data(a->value.sequence); - length=M_ASN1_STRING_length(a->value.sequence); - - c.pp= &p; - c.p=p; - c.max=p+length; - c.error=ASN1_R_DATA_IS_WRONG; - - M_ASN1_D2I_start_sequence(); - c.q=c.p; - if ((ai=d2i_ASN1_INTEGER(NULL,&c.p,c.slen)) == NULL) goto err; - c.slen-=(c.p-c.q); - c.q=c.p; - if ((os=d2i_ASN1_OCTET_STRING(NULL,&c.p,c.slen)) == NULL) goto err; - c.slen-=(c.p-c.q); - if (!M_ASN1_D2I_end_sequence()) goto err; - - if (num != NULL) - *num=ASN1_INTEGER_get(ai); - - ret=M_ASN1_STRING_length(os); - if (max_len > ret) - n=ret; - else - n=max_len; - - if (data != NULL) - memcpy(data,M_ASN1_STRING_data(os),n); - if (0) - { -err: - ASN1err(ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING,ASN1_R_DATA_IS_WRONG); - } - if (os != NULL) M_ASN1_OCTET_STRING_free(os); - if (ai != NULL) M_ASN1_INTEGER_free(ai); - return(ret); - } - diff --git a/src/lib/libcrypto/asn1/f_enum.c b/src/lib/libcrypto/asn1/f_enum.c deleted file mode 100644 index 56e3cc8df2..0000000000 --- a/src/lib/libcrypto/asn1/f_enum.c +++ /dev/null @@ -1,207 +0,0 @@ -/* crypto/asn1/f_enum.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include - -/* Based on a_int.c: equivalent ENUMERATED functions */ - -int i2a_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *a) - { - int i,n=0; - static const char *h="0123456789ABCDEF"; - char buf[2]; - - if (a == NULL) return(0); - - if (a->length == 0) - { - if (BIO_write(bp,"00",2) != 2) goto err; - n=2; - } - else - { - for (i=0; ilength; i++) - { - if ((i != 0) && (i%35 == 0)) - { - if (BIO_write(bp,"\\\n",2) != 2) goto err; - n+=2; - } - buf[0]=h[((unsigned char)a->data[i]>>4)&0x0f]; - buf[1]=h[((unsigned char)a->data[i] )&0x0f]; - if (BIO_write(bp,buf,2) != 2) goto err; - n+=2; - } - } - return(n); -err: - return(-1); - } - -int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size) - { - int ret=0; - int i,j,k,m,n,again,bufsize; - unsigned char *s=NULL,*sp; - unsigned char *bufp; - int num=0,slen=0,first=1; - - bs->type=V_ASN1_ENUMERATED; - - bufsize=BIO_gets(bp,buf,size); - for (;;) - { - if (bufsize < 1) goto err_sl; - i=bufsize; - if (buf[i-1] == '\n') buf[--i]='\0'; - if (i == 0) goto err_sl; - if (buf[i-1] == '\r') buf[--i]='\0'; - if (i == 0) goto err_sl; - again=(buf[i-1] == '\\'); - - for (j=0; j= '0') && (buf[j] <= '9')) || - ((buf[j] >= 'a') && (buf[j] <= 'f')) || - ((buf[j] >= 'A') && (buf[j] <= 'F')))) - { - i=j; - break; - } - } - buf[i]='\0'; - /* We have now cleared all the crap off the end of the - * line */ - if (i < 2) goto err_sl; - - bufp=(unsigned char *)buf; - if (first) - { - first=0; - if ((bufp[0] == '0') && (buf[1] == '0')) - { - bufp+=2; - i-=2; - } - } - k=0; - i-=again; - if (i%2 != 0) - { - ASN1err(ASN1_F_A2I_ASN1_ENUMERATED,ASN1_R_ODD_NUMBER_OF_CHARS); - goto err; - } - i/=2; - if (num+i > slen) - { - if (s == NULL) - sp=(unsigned char *)OPENSSL_malloc( - (unsigned int)num+i*2); - else - sp=(unsigned char *)OPENSSL_realloc(s, - (unsigned int)num+i*2); - if (sp == NULL) - { - ASN1err(ASN1_F_A2I_ASN1_ENUMERATED,ERR_R_MALLOC_FAILURE); - if (s != NULL) OPENSSL_free(s); - goto err; - } - s=sp; - slen=num+i*2; - } - for (j=0; j= '0') && (m <= '9')) - m-='0'; - else if ((m >= 'a') && (m <= 'f')) - m=m-'a'+10; - else if ((m >= 'A') && (m <= 'F')) - m=m-'A'+10; - else - { - ASN1err(ASN1_F_A2I_ASN1_ENUMERATED,ASN1_R_NON_HEX_CHARACTERS); - goto err; - } - s[num+j]<<=4; - s[num+j]|=m; - } - } - num+=i; - if (again) - bufsize=BIO_gets(bp,buf,size); - else - break; - } - bs->length=num; - bs->data=s; - ret=1; -err: - if (0) - { -err_sl: - ASN1err(ASN1_F_A2I_ASN1_ENUMERATED,ASN1_R_SHORT_LINE); - } - return(ret); - } - diff --git a/src/lib/libcrypto/asn1/f_int.c b/src/lib/libcrypto/asn1/f_int.c deleted file mode 100644 index 6b090f6740..0000000000 --- a/src/lib/libcrypto/asn1/f_int.c +++ /dev/null @@ -1,214 +0,0 @@ -/* crypto/asn1/f_int.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include - -int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a) - { - int i,n=0; - static const char *h="0123456789ABCDEF"; - char buf[2]; - - if (a == NULL) return(0); - - if (a->length == 0) - { - if (BIO_write(bp,"00",2) != 2) goto err; - n=2; - } - else - { - for (i=0; ilength; i++) - { - if ((i != 0) && (i%35 == 0)) - { - if (BIO_write(bp,"\\\n",2) != 2) goto err; - n+=2; - } - buf[0]=h[((unsigned char)a->data[i]>>4)&0x0f]; - buf[1]=h[((unsigned char)a->data[i] )&0x0f]; - if (BIO_write(bp,buf,2) != 2) goto err; - n+=2; - } - } - return(n); -err: - return(-1); - } - -int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size) - { - int ret=0; - int i,j,k,m,n,again,bufsize; - unsigned char *s=NULL,*sp; - unsigned char *bufp; - int num=0,slen=0,first=1; - - bs->type=V_ASN1_INTEGER; - - bufsize=BIO_gets(bp,buf,size); - for (;;) - { - if (bufsize < 1) goto err_sl; - i=bufsize; - if (buf[i-1] == '\n') buf[--i]='\0'; - if (i == 0) goto err_sl; - if (buf[i-1] == '\r') buf[--i]='\0'; - if (i == 0) goto err_sl; - again=(buf[i-1] == '\\'); - - for (j=0; j= '0') && (buf[j] <= '9')) || - ((buf[j] >= 'a') && (buf[j] <= 'f')) || - ((buf[j] >= 'A') && (buf[j] <= 'F')))) -#else - /* This #ifdef is not strictly necessary, since - * the characters A...F a...f 0...9 are contiguous - * (yes, even in EBCDIC - but not the whole alphabet). - * Nevertheless, isxdigit() is faster. - */ - if (!isxdigit(buf[j])) -#endif - { - i=j; - break; - } - } - buf[i]='\0'; - /* We have now cleared all the crap off the end of the - * line */ - if (i < 2) goto err_sl; - - bufp=(unsigned char *)buf; - if (first) - { - first=0; - if ((bufp[0] == '0') && (buf[1] == '0')) - { - bufp+=2; - i-=2; - } - } - k=0; - i-=again; - if (i%2 != 0) - { - ASN1err(ASN1_F_A2I_ASN1_INTEGER,ASN1_R_ODD_NUMBER_OF_CHARS); - goto err; - } - i/=2; - if (num+i > slen) - { - if (s == NULL) - sp=(unsigned char *)OPENSSL_malloc( - (unsigned int)num+i*2); - else - sp=(unsigned char *)OPENSSL_realloc(s, - (unsigned int)num+i*2); - if (sp == NULL) - { - ASN1err(ASN1_F_A2I_ASN1_INTEGER,ERR_R_MALLOC_FAILURE); - if (s != NULL) OPENSSL_free(s); - goto err; - } - s=sp; - slen=num+i*2; - } - for (j=0; j= '0') && (m <= '9')) - m-='0'; - else if ((m >= 'a') && (m <= 'f')) - m=m-'a'+10; - else if ((m >= 'A') && (m <= 'F')) - m=m-'A'+10; - else - { - ASN1err(ASN1_F_A2I_ASN1_INTEGER,ASN1_R_NON_HEX_CHARACTERS); - goto err; - } - s[num+j]<<=4; - s[num+j]|=m; - } - } - num+=i; - if (again) - bufsize=BIO_gets(bp,buf,size); - else - break; - } - bs->length=num; - bs->data=s; - ret=1; -err: - if (0) - { -err_sl: - ASN1err(ASN1_F_A2I_ASN1_INTEGER,ASN1_R_SHORT_LINE); - } - return(ret); - } - diff --git a/src/lib/libcrypto/asn1/f_string.c b/src/lib/libcrypto/asn1/f_string.c deleted file mode 100644 index 968698a798..0000000000 --- a/src/lib/libcrypto/asn1/f_string.c +++ /dev/null @@ -1,212 +0,0 @@ -/* crypto/asn1/f_string.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include - -int i2a_ASN1_STRING(BIO *bp, ASN1_STRING *a, int type) - { - int i,n=0; - static const char *h="0123456789ABCDEF"; - char buf[2]; - - if (a == NULL) return(0); - - if (a->length == 0) - { - if (BIO_write(bp,"0",1) != 1) goto err; - n=1; - } - else - { - for (i=0; ilength; i++) - { - if ((i != 0) && (i%35 == 0)) - { - if (BIO_write(bp,"\\\n",2) != 2) goto err; - n+=2; - } - buf[0]=h[((unsigned char)a->data[i]>>4)&0x0f]; - buf[1]=h[((unsigned char)a->data[i] )&0x0f]; - if (BIO_write(bp,buf,2) != 2) goto err; - n+=2; - } - } - return(n); -err: - return(-1); - } - -int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size) - { - int ret=0; - int i,j,k,m,n,again,bufsize; - unsigned char *s=NULL,*sp; - unsigned char *bufp; - int num=0,slen=0,first=1; - - bufsize=BIO_gets(bp,buf,size); - for (;;) - { - if (bufsize < 1) - { - if (first) - break; - else - goto err_sl; - } - first=0; - - i=bufsize; - if (buf[i-1] == '\n') buf[--i]='\0'; - if (i == 0) goto err_sl; - if (buf[i-1] == '\r') buf[--i]='\0'; - if (i == 0) goto err_sl; - again=(buf[i-1] == '\\'); - - for (j=i-1; j>0; j--) - { -#ifndef CHARSET_EBCDIC - if (!( ((buf[j] >= '0') && (buf[j] <= '9')) || - ((buf[j] >= 'a') && (buf[j] <= 'f')) || - ((buf[j] >= 'A') && (buf[j] <= 'F')))) -#else - /* This #ifdef is not strictly necessary, since - * the characters A...F a...f 0...9 are contiguous - * (yes, even in EBCDIC - but not the whole alphabet). - * Nevertheless, isxdigit() is faster. - */ - if (!isxdigit(buf[j])) -#endif - { - i=j; - break; - } - } - buf[i]='\0'; - /* We have now cleared all the crap off the end of the - * line */ - if (i < 2) goto err_sl; - - bufp=(unsigned char *)buf; - - k=0; - i-=again; - if (i%2 != 0) - { - ASN1err(ASN1_F_A2I_ASN1_STRING,ASN1_R_ODD_NUMBER_OF_CHARS); - goto err; - } - i/=2; - if (num+i > slen) - { - if (s == NULL) - sp=(unsigned char *)OPENSSL_malloc( - (unsigned int)num+i*2); - else - sp=(unsigned char *)OPENSSL_realloc(s, - (unsigned int)num+i*2); - if (sp == NULL) - { - ASN1err(ASN1_F_A2I_ASN1_STRING,ERR_R_MALLOC_FAILURE); - if (s != NULL) OPENSSL_free(s); - goto err; - } - s=sp; - slen=num+i*2; - } - for (j=0; j= '0') && (m <= '9')) - m-='0'; - else if ((m >= 'a') && (m <= 'f')) - m=m-'a'+10; - else if ((m >= 'A') && (m <= 'F')) - m=m-'A'+10; - else - { - ASN1err(ASN1_F_A2I_ASN1_STRING,ASN1_R_NON_HEX_CHARACTERS); - goto err; - } - s[num+j]<<=4; - s[num+j]|=m; - } - } - num+=i; - if (again) - bufsize=BIO_gets(bp,buf,size); - else - break; - } - bs->length=num; - bs->data=s; - ret=1; -err: - if (0) - { -err_sl: - ASN1err(ASN1_F_A2I_ASN1_STRING,ASN1_R_SHORT_LINE); - } - return(ret); - } - diff --git a/src/lib/libcrypto/asn1/i2d_pr.c b/src/lib/libcrypto/asn1/i2d_pr.c deleted file mode 100644 index 71d6910204..0000000000 --- a/src/lib/libcrypto/asn1/i2d_pr.c +++ /dev/null @@ -1,84 +0,0 @@ -/* crypto/asn1/i2d_pr.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include -#include - -int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp) - { -#ifndef NO_RSA - if (a->type == EVP_PKEY_RSA) - { - return(i2d_RSAPrivateKey(a->pkey.rsa,pp)); - } - else -#endif -#ifndef NO_DSA - if (a->type == EVP_PKEY_DSA) - { - return(i2d_DSAPrivateKey(a->pkey.dsa,pp)); - } -#endif - - ASN1err(ASN1_F_I2D_PRIVATEKEY,ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE); - return(-1); - } - diff --git a/src/lib/libcrypto/asn1/i2d_pu.c b/src/lib/libcrypto/asn1/i2d_pu.c deleted file mode 100644 index 8f73d37d03..0000000000 --- a/src/lib/libcrypto/asn1/i2d_pu.c +++ /dev/null @@ -1,82 +0,0 @@ -/* crypto/asn1/i2d_pu.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include -#include - -int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp) - { - switch (a->type) - { -#ifndef NO_RSA - case EVP_PKEY_RSA: - return(i2d_RSAPublicKey(a->pkey.rsa,pp)); -#endif -#ifndef NO_DSA - case EVP_PKEY_DSA: - return(i2d_DSAPublicKey(a->pkey.dsa,pp)); -#endif - default: - ASN1err(ASN1_F_I2D_PUBLICKEY,ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE); - return(-1); - } - } - diff --git a/src/lib/libcrypto/asn1/n_pkey.c b/src/lib/libcrypto/asn1/n_pkey.c deleted file mode 100644 index 9840193538..0000000000 --- a/src/lib/libcrypto/asn1/n_pkey.c +++ /dev/null @@ -1,388 +0,0 @@ -/* crypto/asn1/n_pkey.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef NO_RSA -#include -#include "cryptlib.h" -#include -#include -#include -#include -#include - - -#ifndef NO_RC4 - -typedef struct netscape_pkey_st - { - ASN1_INTEGER *version; - X509_ALGOR *algor; - ASN1_OCTET_STRING *private_key; - } NETSCAPE_PKEY; - -static int i2d_NETSCAPE_PKEY(NETSCAPE_PKEY *a, unsigned char **pp); -static NETSCAPE_PKEY *d2i_NETSCAPE_PKEY(NETSCAPE_PKEY **a,unsigned char **pp, long length); -static NETSCAPE_PKEY *NETSCAPE_PKEY_new(void); -static void NETSCAPE_PKEY_free(NETSCAPE_PKEY *); - -int i2d_Netscape_RSA(RSA *a, unsigned char **pp, int (*cb)()) -{ - return i2d_RSA_NET(a, pp, cb, 0); -} - -int i2d_RSA_NET(RSA *a, unsigned char **pp, int (*cb)(), int sgckey) - { - int i,j,l[6]; - NETSCAPE_PKEY *pkey; - unsigned char buf[256],*zz; - unsigned char key[EVP_MAX_KEY_LENGTH]; - EVP_CIPHER_CTX ctx; - X509_ALGOR *alg=NULL; - ASN1_OCTET_STRING os,os2; - M_ASN1_I2D_vars(a); - - if (a == NULL) return(0); - -#ifdef WIN32 - r=r; /* shut the damn compiler up :-) */ -#endif - - os.data=os2.data=NULL; - if ((pkey=NETSCAPE_PKEY_new()) == NULL) goto err; - if (!ASN1_INTEGER_set(pkey->version,0)) goto err; - - if (pkey->algor->algorithm != NULL) - ASN1_OBJECT_free(pkey->algor->algorithm); - pkey->algor->algorithm=OBJ_nid2obj(NID_rsaEncryption); - if ((pkey->algor->parameter=ASN1_TYPE_new()) == NULL) goto err; - pkey->algor->parameter->type=V_ASN1_NULL; - - l[0]=i2d_RSAPrivateKey(a,NULL); - pkey->private_key->length=l[0]; - - os2.length=i2d_NETSCAPE_PKEY(pkey,NULL); - l[1]=i2d_ASN1_OCTET_STRING(&os2,NULL); - - if ((alg=X509_ALGOR_new()) == NULL) goto err; - if (alg->algorithm != NULL) - ASN1_OBJECT_free(alg->algorithm); - alg->algorithm=OBJ_nid2obj(NID_rc4); - if ((alg->parameter=ASN1_TYPE_new()) == NULL) goto err; - alg->parameter->type=V_ASN1_NULL; - - l[2]=i2d_X509_ALGOR(alg,NULL); - l[3]=ASN1_object_size(1,l[2]+l[1],V_ASN1_SEQUENCE); - -#ifndef CONST_STRICT - os.data=(unsigned char *)"private-key"; -#endif - os.length=11; - l[4]=i2d_ASN1_OCTET_STRING(&os,NULL); - - l[5]=ASN1_object_size(1,l[4]+l[3],V_ASN1_SEQUENCE); - - if (pp == NULL) - { - if (pkey != NULL) NETSCAPE_PKEY_free(pkey); - if (alg != NULL) X509_ALGOR_free(alg); - return(l[5]); - } - - if (pkey->private_key->data != NULL) - OPENSSL_free(pkey->private_key->data); - if ((pkey->private_key->data=(unsigned char *)OPENSSL_malloc(l[0])) == NULL) - { - ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE); - goto err; - } - zz=pkey->private_key->data; - i2d_RSAPrivateKey(a,&zz); - - if ((os2.data=(unsigned char *)OPENSSL_malloc(os2.length)) == NULL) - { - ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE); - goto err; - } - zz=os2.data; - i2d_NETSCAPE_PKEY(pkey,&zz); - - if (cb == NULL) - cb=EVP_read_pw_string; - i=cb(buf,256,"Enter Private Key password:",1); - if (i != 0) - { - ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ASN1_R_BAD_PASSWORD_READ); - goto err; - } - i = strlen((char *)buf); - /* If the key is used for SGC the algorithm is modified a little. */ - if(sgckey){ - EVP_MD_CTX mctx; - EVP_DigestInit(&mctx, EVP_md5()); - EVP_DigestUpdate(&mctx, buf, i); - EVP_DigestFinal(&mctx, buf, NULL); - memcpy(buf + 16, "SGCKEYSALT", 10); - i = 26; - } - - EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL); - memset(buf,0,256); - - EVP_CIPHER_CTX_init(&ctx); - EVP_EncryptInit(&ctx,EVP_rc4(),key,NULL); - EVP_EncryptUpdate(&ctx,os2.data,&i,os2.data,os2.length); - EVP_EncryptFinal(&ctx,&(os2.data[i]),&j); - EVP_CIPHER_CTX_cleanup(&ctx); - - p= *pp; - ASN1_put_object(&p,1,l[4]+l[3],V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL); - i2d_ASN1_OCTET_STRING(&os,&p); - ASN1_put_object(&p,1,l[2]+l[1],V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL); - i2d_X509_ALGOR(alg,&p); - i2d_ASN1_OCTET_STRING(&os2,&p); - ret=l[5]; -err: - if (os2.data != NULL) OPENSSL_free(os2.data); - if (alg != NULL) X509_ALGOR_free(alg); - if (pkey != NULL) NETSCAPE_PKEY_free(pkey); - r=r; - return(ret); - } - - -RSA *d2i_Netscape_RSA(RSA **a, unsigned char **pp, long length, int (*cb)()) -{ - return d2i_RSA_NET(a, pp, length, cb, 0); -} - -RSA *d2i_RSA_NET(RSA **a, unsigned char **pp, long length, int (*cb)(), int sgckey) - { - RSA *ret=NULL; - ASN1_OCTET_STRING *os=NULL; - ASN1_CTX c; - - c.pp=pp; - c.error=ASN1_R_DECODING_ERROR; - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(os,d2i_ASN1_OCTET_STRING); - if ((os->length != 11) || (strncmp("private-key", - (char *)os->data,os->length) != 0)) - { - ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ASN1_R_PRIVATE_KEY_HEADER_MISSING); - M_ASN1_BIT_STRING_free(os); - goto err; - } - M_ASN1_BIT_STRING_free(os); - c.q=c.p; - if ((ret=d2i_RSA_NET_2(a,&c.p,c.slen,cb, sgckey)) == NULL) goto err; - /* Note: some versions of IIS key files use length values that are - * too small for the surrounding SEQUENCEs. This following line - * effectively disable length checking. - */ - c.slen = 0; - - M_ASN1_D2I_Finish(a,RSA_free,ASN1_F_D2I_NETSCAPE_RSA); - } - -RSA *d2i_Netscape_RSA_2(RSA **a, unsigned char **pp, long length, - int (*cb)()) -{ - return d2i_RSA_NET_2(a, pp, length, cb, 0); -} - -RSA *d2i_RSA_NET_2(RSA **a, unsigned char **pp, long length, - int (*cb)(), int sgckey) - { - NETSCAPE_PKEY *pkey=NULL; - RSA *ret=NULL; - int i,j; - unsigned char buf[256],*zz; - unsigned char key[EVP_MAX_KEY_LENGTH]; - EVP_CIPHER_CTX ctx; - X509_ALGOR *alg=NULL; - ASN1_OCTET_STRING *os=NULL; - ASN1_CTX c; - - c.error=ERR_R_NESTED_ASN1_ERROR; - c.pp=pp; - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(alg,d2i_X509_ALGOR); - if (OBJ_obj2nid(alg->algorithm) != NID_rc4) - { - ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM); - goto err; - } - M_ASN1_D2I_get(os,d2i_ASN1_OCTET_STRING); - if (cb == NULL) - cb=EVP_read_pw_string; - i=cb(buf,256,"Enter Private Key password:",0); - if (i != 0) - { - ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_BAD_PASSWORD_READ); - goto err; - } - - i = strlen((char *)buf); - if(sgckey){ - EVP_MD_CTX mctx; - EVP_DigestInit(&mctx, EVP_md5()); - EVP_DigestUpdate(&mctx, buf, i); - EVP_DigestFinal(&mctx, buf, NULL); - memcpy(buf + 16, "SGCKEYSALT", 10); - i = 26; - } - - EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL); - memset(buf,0,256); - - EVP_CIPHER_CTX_init(&ctx); - EVP_DecryptInit(&ctx,EVP_rc4(),key,NULL); - EVP_DecryptUpdate(&ctx,os->data,&i,os->data,os->length); - EVP_DecryptFinal(&ctx,&(os->data[i]),&j); - EVP_CIPHER_CTX_cleanup(&ctx); - os->length=i+j; - - zz=os->data; - - if ((pkey=d2i_NETSCAPE_PKEY(NULL,&zz,os->length)) == NULL) - { - ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY); - goto err; - } - - zz=pkey->private_key->data; - if ((ret=d2i_RSAPrivateKey(a,&zz,pkey->private_key->length)) == NULL) - { - ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNABLE_TO_DECODE_RSA_KEY); - goto err; - } - if (!asn1_Finish(&c)) goto err; - *pp=c.p; -err: - if (pkey != NULL) NETSCAPE_PKEY_free(pkey); - if (os != NULL) M_ASN1_BIT_STRING_free(os); - if (alg != NULL) X509_ALGOR_free(alg); - return(ret); - } - -static int i2d_NETSCAPE_PKEY(NETSCAPE_PKEY *a, unsigned char **pp) - { - M_ASN1_I2D_vars(a); - - - M_ASN1_I2D_len(a->version, i2d_ASN1_INTEGER); - M_ASN1_I2D_len(a->algor, i2d_X509_ALGOR); - M_ASN1_I2D_len(a->private_key, i2d_ASN1_OCTET_STRING); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put(a->version, i2d_ASN1_INTEGER); - M_ASN1_I2D_put(a->algor, i2d_X509_ALGOR); - M_ASN1_I2D_put(a->private_key, i2d_ASN1_OCTET_STRING); - - M_ASN1_I2D_finish(); - } - -static NETSCAPE_PKEY *d2i_NETSCAPE_PKEY(NETSCAPE_PKEY **a, unsigned char **pp, - long length) - { - M_ASN1_D2I_vars(a,NETSCAPE_PKEY *,NETSCAPE_PKEY_new); - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER); - M_ASN1_D2I_get(ret->algor,d2i_X509_ALGOR); - M_ASN1_D2I_get(ret->private_key,d2i_ASN1_OCTET_STRING); - M_ASN1_D2I_Finish(a,NETSCAPE_PKEY_free,ASN1_F_D2I_NETSCAPE_PKEY); - } - -static NETSCAPE_PKEY *NETSCAPE_PKEY_new(void) - { - NETSCAPE_PKEY *ret=NULL; - ASN1_CTX c; - - M_ASN1_New_Malloc(ret,NETSCAPE_PKEY); - M_ASN1_New(ret->version,M_ASN1_INTEGER_new); - M_ASN1_New(ret->algor,X509_ALGOR_new); - M_ASN1_New(ret->private_key,M_ASN1_OCTET_STRING_new); - return(ret); - M_ASN1_New_Error(ASN1_F_NETSCAPE_PKEY_NEW); - } - -static void NETSCAPE_PKEY_free(NETSCAPE_PKEY *a) - { - if (a == NULL) return; - M_ASN1_INTEGER_free(a->version); - X509_ALGOR_free(a->algor); - M_ASN1_OCTET_STRING_free(a->private_key); - OPENSSL_free(a); - } - -#endif /* NO_RC4 */ - -#else /* !NO_RSA */ - -# if PEDANTIC -static void *dummy=&dummy; -# endif - -#endif diff --git a/src/lib/libcrypto/asn1/nsseq.c b/src/lib/libcrypto/asn1/nsseq.c deleted file mode 100644 index 6e7f09ba23..0000000000 --- a/src/lib/libcrypto/asn1/nsseq.c +++ /dev/null @@ -1,118 +0,0 @@ -/* nsseq.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include -#include -#include -#include - -/* Netscape certificate sequence structure */ - -int i2d_NETSCAPE_CERT_SEQUENCE(NETSCAPE_CERT_SEQUENCE *a, unsigned char **pp) -{ - int v = 0; - M_ASN1_I2D_vars(a); - M_ASN1_I2D_len (a->type, i2d_ASN1_OBJECT); - M_ASN1_I2D_len_EXP_SEQUENCE_opt_type(X509,a->certs,i2d_X509,0, - V_ASN1_SEQUENCE,v); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put (a->type, i2d_ASN1_OBJECT); - M_ASN1_I2D_put_EXP_SEQUENCE_opt_type(X509,a->certs,i2d_X509,0, - V_ASN1_SEQUENCE,v); - - M_ASN1_I2D_finish(); -} - -NETSCAPE_CERT_SEQUENCE *NETSCAPE_CERT_SEQUENCE_new(void) -{ - NETSCAPE_CERT_SEQUENCE *ret=NULL; - ASN1_CTX c; - M_ASN1_New_Malloc(ret, NETSCAPE_CERT_SEQUENCE); - /* Note hardcoded object type */ - ret->type = OBJ_nid2obj(NID_netscape_cert_sequence); - ret->certs = NULL; - return (ret); - M_ASN1_New_Error(ASN1_F_NETSCAPE_CERT_SEQUENCE_NEW); -} - -NETSCAPE_CERT_SEQUENCE *d2i_NETSCAPE_CERT_SEQUENCE(NETSCAPE_CERT_SEQUENCE **a, - unsigned char **pp, long length) -{ - M_ASN1_D2I_vars(a,NETSCAPE_CERT_SEQUENCE *, - NETSCAPE_CERT_SEQUENCE_new); - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get (ret->type, d2i_ASN1_OBJECT); - M_ASN1_D2I_get_EXP_set_opt_type(X509,ret->certs,d2i_X509,X509_free,0, - V_ASN1_SEQUENCE); - M_ASN1_D2I_Finish(a, NETSCAPE_CERT_SEQUENCE_free, - ASN1_F_D2I_NETSCAPE_CERT_SEQUENCE); -} - -void NETSCAPE_CERT_SEQUENCE_free (NETSCAPE_CERT_SEQUENCE *a) -{ - if (a == NULL) return; - ASN1_OBJECT_free(a->type); - if(a->certs) - sk_X509_pop_free(a->certs, X509_free); - OPENSSL_free (a); -} diff --git a/src/lib/libcrypto/asn1/p5_pbe.c b/src/lib/libcrypto/asn1/p5_pbe.c deleted file mode 100644 index b7ed538eb2..0000000000 --- a/src/lib/libcrypto/asn1/p5_pbe.c +++ /dev/null @@ -1,157 +0,0 @@ -/* p5_pbe.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include "cryptlib.h" -#include -#include -#include - -/* PKCS#5 password based encryption structure */ - -int i2d_PBEPARAM(PBEPARAM *a, unsigned char **pp) -{ - M_ASN1_I2D_vars(a); - M_ASN1_I2D_len (a->salt, i2d_ASN1_OCTET_STRING); - M_ASN1_I2D_len (a->iter, i2d_ASN1_INTEGER); - - M_ASN1_I2D_seq_total (); - - M_ASN1_I2D_put (a->salt, i2d_ASN1_OCTET_STRING); - M_ASN1_I2D_put (a->iter, i2d_ASN1_INTEGER); - M_ASN1_I2D_finish(); -} - -PBEPARAM *PBEPARAM_new(void) -{ - PBEPARAM *ret=NULL; - ASN1_CTX c; - M_ASN1_New_Malloc(ret, PBEPARAM); - M_ASN1_New(ret->iter,M_ASN1_INTEGER_new); - M_ASN1_New(ret->salt,M_ASN1_OCTET_STRING_new); - return (ret); - M_ASN1_New_Error(ASN1_F_PBEPARAM_NEW); -} - -PBEPARAM *d2i_PBEPARAM(PBEPARAM **a, unsigned char **pp, long length) -{ - M_ASN1_D2I_vars(a,PBEPARAM *,PBEPARAM_new); - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get (ret->salt, d2i_ASN1_OCTET_STRING); - M_ASN1_D2I_get (ret->iter, d2i_ASN1_INTEGER); - M_ASN1_D2I_Finish(a, PBEPARAM_free, ASN1_F_D2I_PBEPARAM); -} - -void PBEPARAM_free (PBEPARAM *a) -{ - if(a==NULL) return; - M_ASN1_OCTET_STRING_free(a->salt); - M_ASN1_INTEGER_free (a->iter); - OPENSSL_free (a); -} - -/* Return an algorithm identifier for a PKCS#5 PBE algorithm */ - -X509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt, - int saltlen) -{ - PBEPARAM *pbe; - ASN1_OBJECT *al; - X509_ALGOR *algor; - ASN1_TYPE *astype; - - if (!(pbe = PBEPARAM_new ())) { - ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE); - return NULL; - } - if(iter <= 0) iter = PKCS5_DEFAULT_ITER; - ASN1_INTEGER_set (pbe->iter, iter); - if (!saltlen) saltlen = PKCS5_SALT_LEN; - if (!(pbe->salt->data = OPENSSL_malloc (saltlen))) { - ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE); - return NULL; - } - pbe->salt->length = saltlen; - if (salt) memcpy (pbe->salt->data, salt, saltlen); - else if (RAND_pseudo_bytes (pbe->salt->data, saltlen) < 0) - return NULL; - - if (!(astype = ASN1_TYPE_new())) { - ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE); - return NULL; - } - - astype->type = V_ASN1_SEQUENCE; - if(!ASN1_pack_string(pbe, i2d_PBEPARAM, &astype->value.sequence)) { - ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE); - return NULL; - } - PBEPARAM_free (pbe); - - al = OBJ_nid2obj(alg); /* never need to free al */ - if (!(algor = X509_ALGOR_new())) { - ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE); - return NULL; - } - ASN1_OBJECT_free(algor->algorithm); - algor->algorithm = al; - algor->parameter = astype; - - return (algor); -} diff --git a/src/lib/libcrypto/asn1/p5_pbev2.c b/src/lib/libcrypto/asn1/p5_pbev2.c deleted file mode 100644 index 6a7b578c0e..0000000000 --- a/src/lib/libcrypto/asn1/p5_pbev2.c +++ /dev/null @@ -1,282 +0,0 @@ -/* p5_pbev2.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include "cryptlib.h" -#include -#include -#include - -/* PKCS#5 v2.0 password based encryption structures */ - -int i2d_PBE2PARAM(PBE2PARAM *a, unsigned char **pp) -{ - M_ASN1_I2D_vars(a); - M_ASN1_I2D_len (a->keyfunc, i2d_X509_ALGOR); - M_ASN1_I2D_len (a->encryption, i2d_X509_ALGOR); - - M_ASN1_I2D_seq_total (); - - M_ASN1_I2D_put (a->keyfunc, i2d_X509_ALGOR); - M_ASN1_I2D_put (a->encryption, i2d_X509_ALGOR); - - M_ASN1_I2D_finish(); -} - -PBE2PARAM *PBE2PARAM_new(void) -{ - PBE2PARAM *ret=NULL; - ASN1_CTX c; - M_ASN1_New_Malloc(ret, PBE2PARAM); - M_ASN1_New(ret->keyfunc,X509_ALGOR_new); - M_ASN1_New(ret->encryption,X509_ALGOR_new); - return (ret); - M_ASN1_New_Error(ASN1_F_PBE2PARAM_NEW); -} - -PBE2PARAM *d2i_PBE2PARAM(PBE2PARAM **a, unsigned char **pp, long length) -{ - M_ASN1_D2I_vars(a,PBE2PARAM *,PBE2PARAM_new); - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get (ret->keyfunc, d2i_X509_ALGOR); - M_ASN1_D2I_get (ret->encryption, d2i_X509_ALGOR); - M_ASN1_D2I_Finish(a, PBE2PARAM_free, ASN1_F_D2I_PBE2PARAM); -} - -void PBE2PARAM_free (PBE2PARAM *a) -{ - if(a==NULL) return; - X509_ALGOR_free(a->keyfunc); - X509_ALGOR_free(a->encryption); - OPENSSL_free (a); -} - -int i2d_PBKDF2PARAM(PBKDF2PARAM *a, unsigned char **pp) -{ - M_ASN1_I2D_vars(a); - M_ASN1_I2D_len (a->salt, i2d_ASN1_TYPE); - M_ASN1_I2D_len (a->iter, i2d_ASN1_INTEGER); - M_ASN1_I2D_len (a->keylength, i2d_ASN1_INTEGER); - M_ASN1_I2D_len (a->prf, i2d_X509_ALGOR); - - M_ASN1_I2D_seq_total (); - - M_ASN1_I2D_put (a->salt, i2d_ASN1_TYPE); - M_ASN1_I2D_put (a->iter, i2d_ASN1_INTEGER); - M_ASN1_I2D_put (a->keylength, i2d_ASN1_INTEGER); - M_ASN1_I2D_put (a->prf, i2d_X509_ALGOR); - - M_ASN1_I2D_finish(); -} - -PBKDF2PARAM *PBKDF2PARAM_new(void) -{ - PBKDF2PARAM *ret=NULL; - ASN1_CTX c; - M_ASN1_New_Malloc(ret, PBKDF2PARAM); - M_ASN1_New(ret->salt, ASN1_TYPE_new); - M_ASN1_New(ret->iter, M_ASN1_INTEGER_new); - ret->keylength = NULL; - ret->prf = NULL; - return (ret); - M_ASN1_New_Error(ASN1_F_PBKDF2PARAM_NEW); -} - -PBKDF2PARAM *d2i_PBKDF2PARAM(PBKDF2PARAM **a, unsigned char **pp, - long length) -{ - M_ASN1_D2I_vars(a,PBKDF2PARAM *,PBKDF2PARAM_new); - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get (ret->salt, d2i_ASN1_TYPE); - M_ASN1_D2I_get (ret->iter, d2i_ASN1_INTEGER); - M_ASN1_D2I_get_opt (ret->keylength, d2i_ASN1_INTEGER, V_ASN1_INTEGER); - M_ASN1_D2I_get_opt (ret->prf, d2i_X509_ALGOR, V_ASN1_SEQUENCE); - M_ASN1_D2I_Finish(a, PBKDF2PARAM_free, ASN1_F_D2I_PBKDF2PARAM); -} - -void PBKDF2PARAM_free (PBKDF2PARAM *a) -{ - if(a==NULL) return; - ASN1_TYPE_free(a->salt); - M_ASN1_INTEGER_free(a->iter); - M_ASN1_INTEGER_free(a->keylength); - X509_ALGOR_free(a->prf); - OPENSSL_free (a); -} - -/* Return an algorithm identifier for a PKCS#5 v2.0 PBE algorithm: - * yes I know this is horrible! - */ - -X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, - unsigned char *salt, int saltlen) -{ - X509_ALGOR *scheme = NULL, *kalg = NULL, *ret = NULL; - int alg_nid; - EVP_CIPHER_CTX ctx; - unsigned char iv[EVP_MAX_IV_LENGTH]; - PBKDF2PARAM *kdf = NULL; - PBE2PARAM *pbe2 = NULL; - ASN1_OCTET_STRING *osalt = NULL; - ASN1_OBJECT *obj; - - alg_nid = EVP_CIPHER_type(cipher); - if(alg_nid == NID_undef) { - ASN1err(ASN1_F_PKCS5_PBE2_SET, - ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER); - goto err; - } - obj = OBJ_nid2obj(alg_nid); - - if(!(pbe2 = PBE2PARAM_new())) goto merr; - - /* Setup the AlgorithmIdentifier for the encryption scheme */ - scheme = pbe2->encryption; - - scheme->algorithm = obj; - if(!(scheme->parameter = ASN1_TYPE_new())) goto merr; - - /* Create random IV */ - if (RAND_pseudo_bytes(iv, EVP_CIPHER_iv_length(cipher)) < 0) - goto err; - - /* Dummy cipherinit to just setup the IV */ - EVP_CipherInit(&ctx, cipher, NULL, iv, 0); - if(EVP_CIPHER_param_to_asn1(&ctx, scheme->parameter) < 0) { - ASN1err(ASN1_F_PKCS5_PBE2_SET, - ASN1_R_ERROR_SETTING_CIPHER_PARAMS); - goto err; - } - EVP_CIPHER_CTX_cleanup(&ctx); - - if(!(kdf = PBKDF2PARAM_new())) goto merr; - if(!(osalt = M_ASN1_OCTET_STRING_new())) goto merr; - - if (!saltlen) saltlen = PKCS5_SALT_LEN; - if (!(osalt->data = OPENSSL_malloc (saltlen))) goto merr; - osalt->length = saltlen; - if (salt) memcpy (osalt->data, salt, saltlen); - else if (RAND_pseudo_bytes (osalt->data, saltlen) < 0) goto merr; - - if(iter <= 0) iter = PKCS5_DEFAULT_ITER; - if(!ASN1_INTEGER_set(kdf->iter, iter)) goto merr; - - /* Now include salt in kdf structure */ - kdf->salt->value.octet_string = osalt; - kdf->salt->type = V_ASN1_OCTET_STRING; - osalt = NULL; - - /* If its RC2 then we'd better setup the key length */ - - if(alg_nid == NID_rc2_cbc) { - if(!(kdf->keylength = M_ASN1_INTEGER_new())) goto merr; - if(!ASN1_INTEGER_set (kdf->keylength, - EVP_CIPHER_key_length(cipher))) goto merr; - } - - /* prf can stay NULL because we are using hmacWithSHA1 */ - - /* Now setup the PBE2PARAM keyfunc structure */ - - pbe2->keyfunc->algorithm = OBJ_nid2obj(NID_id_pbkdf2); - - /* Encode PBKDF2PARAM into parameter of pbe2 */ - - if(!(pbe2->keyfunc->parameter = ASN1_TYPE_new())) goto merr; - - if(!ASN1_pack_string(kdf, i2d_PBKDF2PARAM, - &pbe2->keyfunc->parameter->value.sequence)) goto merr; - pbe2->keyfunc->parameter->type = V_ASN1_SEQUENCE; - - PBKDF2PARAM_free(kdf); - kdf = NULL; - - /* Now set up top level AlgorithmIdentifier */ - - if(!(ret = X509_ALGOR_new())) goto merr; - if(!(ret->parameter = ASN1_TYPE_new())) goto merr; - - ret->algorithm = OBJ_nid2obj(NID_pbes2); - - /* Encode PBE2PARAM into parameter */ - - if(!ASN1_pack_string(pbe2, i2d_PBE2PARAM, - &ret->parameter->value.sequence)) goto merr; - ret->parameter->type = V_ASN1_SEQUENCE; - - PBE2PARAM_free(pbe2); - pbe2 = NULL; - - return ret; - - merr: - ASN1err(ASN1_F_PKCS5_PBE2_SET,ERR_R_MALLOC_FAILURE); - - err: - PBE2PARAM_free(pbe2); - /* Note 'scheme' is freed as part of pbe2 */ - M_ASN1_OCTET_STRING_free(osalt); - PBKDF2PARAM_free(kdf); - X509_ALGOR_free(kalg); - X509_ALGOR_free(ret); - - return NULL; - -} diff --git a/src/lib/libcrypto/asn1/p8_pkey.c b/src/lib/libcrypto/asn1/p8_pkey.c deleted file mode 100644 index fa6cbfb6f8..0000000000 --- a/src/lib/libcrypto/asn1/p8_pkey.c +++ /dev/null @@ -1,127 +0,0 @@ -/* p8_pkey.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include "cryptlib.h" -#include -#include - -int i2d_PKCS8_PRIV_KEY_INFO (PKCS8_PRIV_KEY_INFO *a, unsigned char **pp) -{ - - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len (a->version, i2d_ASN1_INTEGER); - M_ASN1_I2D_len (a->pkeyalg, i2d_X509_ALGOR); - M_ASN1_I2D_len (a->pkey, i2d_ASN1_TYPE); - M_ASN1_I2D_len_IMP_SET_opt_type (X509_ATTRIBUTE, a->attributes, - i2d_X509_ATTRIBUTE, 0); - - M_ASN1_I2D_seq_total (); - - M_ASN1_I2D_put (a->version, i2d_ASN1_INTEGER); - M_ASN1_I2D_put (a->pkeyalg, i2d_X509_ALGOR); - M_ASN1_I2D_put (a->pkey, i2d_ASN1_TYPE); - M_ASN1_I2D_put_IMP_SET_opt_type (X509_ATTRIBUTE, a->attributes, - i2d_X509_ATTRIBUTE, 0); - - M_ASN1_I2D_finish(); -} - -PKCS8_PRIV_KEY_INFO *PKCS8_PRIV_KEY_INFO_new(void) -{ - PKCS8_PRIV_KEY_INFO *ret=NULL; - ASN1_CTX c; - M_ASN1_New_Malloc(ret, PKCS8_PRIV_KEY_INFO); - M_ASN1_New (ret->version, M_ASN1_INTEGER_new); - M_ASN1_New (ret->pkeyalg, X509_ALGOR_new); - M_ASN1_New (ret->pkey, ASN1_TYPE_new); - ret->attributes = NULL; - ret->broken = PKCS8_OK; - return (ret); - M_ASN1_New_Error(ASN1_F_PKCS8_PRIV_KEY_INFO_NEW); -} - -PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO(PKCS8_PRIV_KEY_INFO **a, - unsigned char **pp, long length) -{ - M_ASN1_D2I_vars(a,PKCS8_PRIV_KEY_INFO *,PKCS8_PRIV_KEY_INFO_new); - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get (ret->version, d2i_ASN1_INTEGER); - M_ASN1_D2I_get (ret->pkeyalg, d2i_X509_ALGOR); - M_ASN1_D2I_get (ret->pkey, d2i_ASN1_TYPE); - M_ASN1_D2I_get_IMP_set_opt_type(X509_ATTRIBUTE, ret->attributes, - d2i_X509_ATTRIBUTE, - X509_ATTRIBUTE_free, 0); - M_ASN1_D2I_Finish(a, PKCS8_PRIV_KEY_INFO_free, ASN1_F_D2I_PKCS8_PRIV_KEY_INFO); -} - -void PKCS8_PRIV_KEY_INFO_free (PKCS8_PRIV_KEY_INFO *a) -{ - if (a == NULL) return; - M_ASN1_INTEGER_free (a->version); - X509_ALGOR_free(a->pkeyalg); - /* Clear sensitive data */ - if (a->pkey->value.octet_string) - memset (a->pkey->value.octet_string->data, - 0, a->pkey->value.octet_string->length); - ASN1_TYPE_free (a->pkey); - sk_X509_ATTRIBUTE_pop_free (a->attributes, X509_ATTRIBUTE_free); - OPENSSL_free (a); -} diff --git a/src/lib/libcrypto/asn1/t_bitst.c b/src/lib/libcrypto/asn1/t_bitst.c deleted file mode 100644 index 8ee789f082..0000000000 --- a/src/lib/libcrypto/asn1/t_bitst.c +++ /dev/null @@ -1,99 +0,0 @@ -/* t_bitst.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include "cryptlib.h" -#include -#include - -int ASN1_BIT_STRING_name_print(BIO *out, ASN1_BIT_STRING *bs, - BIT_STRING_BITNAME *tbl, int indent) -{ - BIT_STRING_BITNAME *bnam; - char first = 1; - BIO_printf(out, "%*s", indent, ""); - for(bnam = tbl; bnam->lname; bnam++) { - if(ASN1_BIT_STRING_get_bit(bs, bnam->bitnum)) { - if(!first) BIO_puts(out, ", "); - BIO_puts(out, bnam->lname); - first = 0; - } - } - BIO_puts(out, "\n"); - return 1; -} - -int ASN1_BIT_STRING_set_asc(ASN1_BIT_STRING *bs, char *name, int value, - BIT_STRING_BITNAME *tbl) -{ - int bitnum; - bitnum = ASN1_BIT_STRING_num_asc(name, tbl); - if(bitnum < 0) return 0; - if(bs) ASN1_BIT_STRING_set_bit(bs, bitnum, value); - return 1; -} - -int ASN1_BIT_STRING_num_asc(char *name, BIT_STRING_BITNAME *tbl) -{ - BIT_STRING_BITNAME *bnam; - for(bnam = tbl; bnam->lname; bnam++) { - if(!strcmp(bnam->sname, name) || - !strcmp(bnam->lname, name) ) return bnam->bitnum; - } - return -1; -} diff --git a/src/lib/libcrypto/asn1/t_crl.c b/src/lib/libcrypto/asn1/t_crl.c deleted file mode 100644 index d78e4a8f88..0000000000 --- a/src/lib/libcrypto/asn1/t_crl.c +++ /dev/null @@ -1,166 +0,0 @@ -/* t_crl.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include "cryptlib.h" -#include -#include -#include -#include -#include - -static void ext_print(BIO *out, X509_EXTENSION *ex); -#ifndef NO_FP_API -int X509_CRL_print_fp(FILE *fp, X509_CRL *x) - { - BIO *b; - int ret; - - if ((b=BIO_new(BIO_s_file())) == NULL) - { - X509err(X509_F_X509_PRINT_FP,ERR_R_BUF_LIB); - return(0); - } - BIO_set_fp(b,fp,BIO_NOCLOSE); - ret=X509_CRL_print(b, x); - BIO_free(b); - return(ret); - } -#endif - -int X509_CRL_print(BIO *out, X509_CRL *x) -{ - char buf[256]; - unsigned char *s; - STACK_OF(X509_REVOKED) *rev; - X509_REVOKED *r; - long l; - int i, j, n; - - BIO_printf(out, "Certificate Revocation List (CRL):\n"); - l = X509_CRL_get_version(x); - BIO_printf(out, "%8sVersion %lu (0x%lx)\n", "", l+1, l); - i = OBJ_obj2nid(x->sig_alg->algorithm); - BIO_printf(out, "%8sSignature Algorithm: %s\n", "", - (i == NID_undef) ? "NONE" : OBJ_nid2ln(i)); - X509_NAME_oneline(X509_CRL_get_issuer(x),buf,256); - BIO_printf(out,"%8sIssuer: %s\n","",buf); - BIO_printf(out,"%8sLast Update: ",""); - ASN1_TIME_print(out,X509_CRL_get_lastUpdate(x)); - BIO_printf(out,"\n%8sNext Update: ",""); - if (X509_CRL_get_nextUpdate(x)) - ASN1_TIME_print(out,X509_CRL_get_nextUpdate(x)); - else BIO_printf(out,"NONE"); - BIO_printf(out,"\n"); - - n=X509_CRL_get_ext_count(x); - if (n > 0) { - BIO_printf(out,"%8sCRL extensions:\n",""); - for (i=0; iserialNumber); - BIO_printf(out,"\n Revocation Date: ",""); - ASN1_TIME_print(out,r->revocationDate); - BIO_printf(out,"\n"); - for(j = 0; j < X509_REVOKED_get_ext_count(r); j++) - ext_print(out, X509_REVOKED_get_ext(r, j)); - } - - i=OBJ_obj2nid(x->sig_alg->algorithm); - BIO_printf(out," Signature Algorithm: %s", - (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)); - - s = x->signature->data; - n = x->signature->length; - for (i=0; ivalue); - } - BIO_write(out,"\n",1); -} diff --git a/src/lib/libcrypto/asn1/t_pkey.c b/src/lib/libcrypto/asn1/t_pkey.c deleted file mode 100644 index ae18da96e3..0000000000 --- a/src/lib/libcrypto/asn1/t_pkey.c +++ /dev/null @@ -1,361 +0,0 @@ -/* crypto/asn1/t_pkey.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include -#ifndef NO_RSA -#include -#endif -#ifndef NO_DH -#include -#endif -#ifndef NO_DSA -#include -#endif - -static int print(BIO *fp,const char *str,BIGNUM *num, - unsigned char *buf,int off); -#ifndef NO_RSA -#ifndef NO_FP_API -int RSA_print_fp(FILE *fp, RSA *x, int off) - { - BIO *b; - int ret; - - if ((b=BIO_new(BIO_s_file())) == NULL) - { - RSAerr(RSA_F_RSA_PRINT_FP,ERR_R_BUF_LIB); - return(0); - } - BIO_set_fp(b,fp,BIO_NOCLOSE); - ret=RSA_print(b,x,off); - BIO_free(b); - return(ret); - } -#endif - -int RSA_print(BIO *bp, RSA *x, int off) - { - char str[128]; - const char *s; - unsigned char *m=NULL; - int i,ret=0; - - i=RSA_size(x); - m=(unsigned char *)OPENSSL_malloc((unsigned int)i+10); - if (m == NULL) - { - RSAerr(RSA_F_RSA_PRINT,ERR_R_MALLOC_FAILURE); - goto err; - } - - if (off) - { - if (off > 128) off=128; - memset(str,' ',off); - } - if (x->d != NULL) - { - if (off && (BIO_write(bp,str,off) <= 0)) goto err; - if (BIO_printf(bp,"Private-Key: (%d bit)\n",BN_num_bits(x->n)) - <= 0) goto err; - } - - if (x->d == NULL) - sprintf(str,"Modulus (%d bit):",BN_num_bits(x->n)); - else - strcpy(str,"modulus:"); - if (!print(bp,str,x->n,m,off)) goto err; - s=(x->d == NULL)?"Exponent:":"publicExponent:"; - if (!print(bp,s,x->e,m,off)) goto err; - if (!print(bp,"privateExponent:",x->d,m,off)) goto err; - if (!print(bp,"prime1:",x->p,m,off)) goto err; - if (!print(bp,"prime2:",x->q,m,off)) goto err; - if (!print(bp,"exponent1:",x->dmp1,m,off)) goto err; - if (!print(bp,"exponent2:",x->dmq1,m,off)) goto err; - if (!print(bp,"coefficient:",x->iqmp,m,off)) goto err; - ret=1; -err: - if (m != NULL) OPENSSL_free(m); - return(ret); - } -#endif /* NO_RSA */ - -#ifndef NO_DSA -#ifndef NO_FP_API -int DSA_print_fp(FILE *fp, DSA *x, int off) - { - BIO *b; - int ret; - - if ((b=BIO_new(BIO_s_file())) == NULL) - { - DSAerr(DSA_F_DSA_PRINT_FP,ERR_R_BUF_LIB); - return(0); - } - BIO_set_fp(b,fp,BIO_NOCLOSE); - ret=DSA_print(b,x,off); - BIO_free(b); - return(ret); - } -#endif - -int DSA_print(BIO *bp, DSA *x, int off) - { - char str[128]; - unsigned char *m=NULL; - int i,ret=0; - BIGNUM *bn=NULL; - - if (x->p != NULL) - bn=x->p; - else if (x->priv_key != NULL) - bn=x->priv_key; - else if (x->pub_key != NULL) - bn=x->pub_key; - - /* larger than needed but what the hell :-) */ - if (bn != NULL) - i=BN_num_bytes(bn)*2; - else - i=256; - m=(unsigned char *)OPENSSL_malloc((unsigned int)i+10); - if (m == NULL) - { - DSAerr(DSA_F_DSA_PRINT,ERR_R_MALLOC_FAILURE); - goto err; - } - - if (off) - { - if (off > 128) off=128; - memset(str,' ',off); - } - if (x->priv_key != NULL) - { - if (off && (BIO_write(bp,str,off) <= 0)) goto err; - if (BIO_printf(bp,"Private-Key: (%d bit)\n",BN_num_bits(x->p)) - <= 0) goto err; - } - - if ((x->priv_key != NULL) && !print(bp,"priv:",x->priv_key,m,off)) - goto err; - if ((x->pub_key != NULL) && !print(bp,"pub: ",x->pub_key,m,off)) - goto err; - if ((x->p != NULL) && !print(bp,"P: ",x->p,m,off)) goto err; - if ((x->q != NULL) && !print(bp,"Q: ",x->q,m,off)) goto err; - if ((x->g != NULL) && !print(bp,"G: ",x->g,m,off)) goto err; - ret=1; -err: - if (m != NULL) OPENSSL_free(m); - return(ret); - } -#endif /* !NO_DSA */ - -static int print(BIO *bp, const char *number, BIGNUM *num, unsigned char *buf, - int off) - { - int n,i; - char str[128]; - const char *neg; - - if (num == NULL) return(1); - neg=(num->neg)?"-":""; - if (off) - { - if (off > 128) off=128; - memset(str,' ',off); - if (BIO_write(bp,str,off) <= 0) return(0); - } - - if (BN_num_bytes(num) <= BN_BYTES) - { - if (BIO_printf(bp,"%s %s%lu (%s0x%lx)\n",number,neg, - (unsigned long)num->d[0],neg,(unsigned long)num->d[0]) - <= 0) return(0); - } - else - { - buf[0]=0; - if (BIO_printf(bp,"%s%s",number, - (neg[0] == '-')?" (Negative)":"") <= 0) - return(0); - n=BN_bn2bin(num,&buf[1]); - - if (buf[1] & 0x80) - n++; - else buf++; - - for (i=0; ip); - m=(unsigned char *)OPENSSL_malloc((unsigned int)i+10); - if (m == NULL) - { - reason=ERR_R_MALLOC_FAILURE; - goto err; - } - - if (BIO_printf(bp,"Diffie-Hellman-Parameters: (%d bit)\n", - BN_num_bits(x->p)) <= 0) - goto err; - if (!print(bp,"prime:",x->p,m,4)) goto err; - if (!print(bp,"generator:",x->g,m,4)) goto err; - if (x->length != 0) - { - if (BIO_printf(bp," recommended-private-length: %d bits\n", - (int)x->length) <= 0) goto err; - } - ret=1; - if (0) - { -err: - DHerr(DH_F_DHPARAMS_PRINT,reason); - } - if (m != NULL) OPENSSL_free(m); - return(ret); - } -#endif - -#ifndef NO_DSA -#ifndef NO_FP_API -int DSAparams_print_fp(FILE *fp, DSA *x) - { - BIO *b; - int ret; - - if ((b=BIO_new(BIO_s_file())) == NULL) - { - DSAerr(DSA_F_DSAPARAMS_PRINT_FP,ERR_R_BUF_LIB); - return(0); - } - BIO_set_fp(b,fp,BIO_NOCLOSE); - ret=DSAparams_print(b, x); - BIO_free(b); - return(ret); - } -#endif - -int DSAparams_print(BIO *bp, DSA *x) - { - unsigned char *m=NULL; - int reason=ERR_R_BUF_LIB,i,ret=0; - - i=BN_num_bytes(x->p); - m=(unsigned char *)OPENSSL_malloc((unsigned int)i+10); - if (m == NULL) - { - reason=ERR_R_MALLOC_FAILURE; - goto err; - } - - if (BIO_printf(bp,"DSA-Parameters: (%d bit)\n", - BN_num_bits(x->p)) <= 0) - goto err; - if (!print(bp,"p:",x->p,m,4)) goto err; - if (!print(bp,"q:",x->q,m,4)) goto err; - if (!print(bp,"g:",x->g,m,4)) goto err; - ret=1; -err: - if (m != NULL) OPENSSL_free(m); - DSAerr(DSA_F_DSAPARAMS_PRINT,reason); - return(ret); - } - -#endif /* !NO_DSA */ - diff --git a/src/lib/libcrypto/asn1/t_req.c b/src/lib/libcrypto/asn1/t_req.c deleted file mode 100644 index ea1af092db..0000000000 --- a/src/lib/libcrypto/asn1/t_req.c +++ /dev/null @@ -1,254 +0,0 @@ -/* crypto/asn1/t_req.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include -#include -#include -#include - -#ifndef NO_FP_API -int X509_REQ_print_fp(FILE *fp, X509_REQ *x) - { - BIO *b; - int ret; - - if ((b=BIO_new(BIO_s_file())) == NULL) - { - X509err(X509_F_X509_REQ_PRINT_FP,ERR_R_BUF_LIB); - return(0); - } - BIO_set_fp(b,fp,BIO_NOCLOSE); - ret=X509_REQ_print(b, x); - BIO_free(b); - return(ret); - } -#endif - -int X509_REQ_print(BIO *bp, X509_REQ *x) - { - unsigned long l; - int i,n; - char *s; - const char *neg; - X509_REQ_INFO *ri; - EVP_PKEY *pkey; - STACK_OF(X509_ATTRIBUTE) *sk; - STACK_OF(X509_EXTENSION) *exts; - char str[128]; - - ri=x->req_info; - sprintf(str,"Certificate Request:\n"); - if (BIO_puts(bp,str) <= 0) goto err; - sprintf(str,"%4sData:\n",""); - if (BIO_puts(bp,str) <= 0) goto err; - - neg=(ri->version->type == V_ASN1_NEG_INTEGER)?"-":""; - l=0; - for (i=0; iversion->length; i++) - { l<<=8; l+=ri->version->data[i]; } - sprintf(str,"%8sVersion: %s%lu (%s0x%lx)\n","",neg,l,neg,l); - if (BIO_puts(bp,str) <= 0) goto err; - sprintf(str,"%8sSubject: ",""); - if (BIO_puts(bp,str) <= 0) goto err; - - X509_NAME_print(bp,ri->subject,16); - sprintf(str,"\n%8sSubject Public Key Info:\n",""); - if (BIO_puts(bp,str) <= 0) goto err; - i=OBJ_obj2nid(ri->pubkey->algor->algorithm); - sprintf(str,"%12sPublic Key Algorithm: %s\n","", - (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)); - if (BIO_puts(bp,str) <= 0) goto err; - - pkey=X509_REQ_get_pubkey(x); -#ifndef NO_RSA - if (pkey != NULL && pkey->type == EVP_PKEY_RSA) - { - BIO_printf(bp,"%12sRSA Public Key: (%d bit)\n","", - BN_num_bits(pkey->pkey.rsa->n)); - RSA_print(bp,pkey->pkey.rsa,16); - } - else -#endif -#ifndef NO_DSA - if (pkey != NULL && pkey->type == EVP_PKEY_DSA) - { - BIO_printf(bp,"%12sDSA Public Key:\n",""); - DSA_print(bp,pkey->pkey.dsa,16); - } - else -#endif - BIO_printf(bp,"%12sUnknown Public Key:\n",""); - - if (pkey != NULL) - EVP_PKEY_free(pkey); - - /* may not be */ - sprintf(str,"%8sAttributes:\n",""); - if (BIO_puts(bp,str) <= 0) goto err; - - sk=x->req_info->attributes; - if ((sk == NULL) || (sk_X509_ATTRIBUTE_num(sk) == 0)) - { - if (!x->req_info->req_kludge) - { - sprintf(str,"%12sa0:00\n",""); - if (BIO_puts(bp,str) <= 0) goto err; - } - } - else - { - for (i=0; iobject))) - continue; - sprintf(str,"%12s",""); - if (BIO_puts(bp,str) <= 0) goto err; - if ((j=i2a_ASN1_OBJECT(bp,a->object)) > 0) - { - if (a->set) - { - ii=0; - count=sk_ASN1_TYPE_num(a->value.set); -get_next: - at=sk_ASN1_TYPE_value(a->value.set,ii); - type=at->type; - bs=at->value.asn1_string; - } - else - { - t=a->value.single; - type=t->type; - bs=t->value.bit_string; - } - } - for (j=25-j; j>0; j--) - if (BIO_write(bp," ",1) != 1) goto err; - if (BIO_puts(bp,":") <= 0) goto err; - if ( (type == V_ASN1_PRINTABLESTRING) || - (type == V_ASN1_T61STRING) || - (type == V_ASN1_IA5STRING)) - { - if (BIO_write(bp,(char *)bs->data,bs->length) - != bs->length) - goto err; - BIO_puts(bp,"\n"); - } - else - { - BIO_puts(bp,"unable to print attribute\n"); - } - if (++ii < count) goto get_next; - } - } - - exts = X509_REQ_get_extensions(x); - if(exts) { - BIO_printf(bp,"%8sRequested Extensions:\n",""); - for (i=0; ivalue); - } - if (BIO_write(bp,"\n",1) <= 0) goto err; - } - sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free); - } - - i=OBJ_obj2nid(x->sig_alg->algorithm); - sprintf(str,"%4sSignature Algorithm: %s","", - (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)); - if (BIO_puts(bp,str) <= 0) goto err; - - n=x->signature->length; - s=(char *)x->signature->data; - for (i=0; i -#include "cryptlib.h" -#include -#include - -/* Print out an SPKI */ - -int NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki) -{ - EVP_PKEY *pkey; - ASN1_IA5STRING *chal; - int i, n; - char *s; - BIO_printf(out, "Netscape SPKI:\n"); - i=OBJ_obj2nid(spki->spkac->pubkey->algor->algorithm); - BIO_printf(out," Public Key Algorithm: %s\n", - (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)); - pkey = X509_PUBKEY_get(spki->spkac->pubkey); - if(!pkey) BIO_printf(out, " Unable to load public key\n"); - else { -#ifndef NO_RSA - if (pkey->type == EVP_PKEY_RSA) - { - BIO_printf(out," RSA Public Key: (%d bit)\n", - BN_num_bits(pkey->pkey.rsa->n)); - RSA_print(out,pkey->pkey.rsa,2); - } - else -#endif -#ifndef NO_DSA - if (pkey->type == EVP_PKEY_DSA) - { - BIO_printf(out," DSA Public Key:\n"); - DSA_print(out,pkey->pkey.dsa,2); - } - else -#endif - BIO_printf(out," Unknown Public Key:\n"); - EVP_PKEY_free(pkey); - } - chal = spki->spkac->challenge; - if(chal->length) - BIO_printf(out, " Challenge String: %s\n", chal->data); - i=OBJ_obj2nid(spki->sig_algor->algorithm); - BIO_printf(out," Signature Algorithm: %s", - (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)); - - n=spki->signature->length; - s=(char *)spki->signature->data; - for (i=0; i -#include "cryptlib.h" -#include -#include -#ifndef NO_RSA -#include -#endif -#ifndef NO_DSA -#include -#endif -#include -#include -#include - -#ifndef NO_FP_API -int X509_print_fp(FILE *fp, X509 *x) - { - BIO *b; - int ret; - - if ((b=BIO_new(BIO_s_file())) == NULL) - { - X509err(X509_F_X509_PRINT_FP,ERR_R_BUF_LIB); - return(0); - } - BIO_set_fp(b,fp,BIO_NOCLOSE); - ret=X509_print(b, x); - BIO_free(b); - return(ret); - } -#endif - -int X509_print(BIO *bp, X509 *x) - { - long l; - int ret=0,i,j,n; - char *m=NULL,*s; - X509_CINF *ci; - ASN1_INTEGER *bs; - EVP_PKEY *pkey=NULL; - const char *neg; - X509_EXTENSION *ex; - ASN1_STRING *str=NULL; - - ci=x->cert_info; - if (BIO_write(bp,"Certificate:\n",13) <= 0) goto err; - if (BIO_write(bp," Data:\n",10) <= 0) goto err; - l=X509_get_version(x); - if (BIO_printf(bp,"%8sVersion: %lu (0x%lx)\n","",l+1,l) <= 0) goto err; - if (BIO_write(bp," Serial Number:",22) <= 0) goto err; - - bs=X509_get_serialNumber(x); - if (bs->length <= 4) - { - l=ASN1_INTEGER_get(bs); - if (l < 0) - { - l= -l; - neg="-"; - } - else - neg=""; - if (BIO_printf(bp," %s%lu (%s0x%lx)\n",neg,l,neg,l) <= 0) - goto err; - } - else - { - neg=(bs->type == V_ASN1_NEG_INTEGER)?" (Negative)":""; - if (BIO_printf(bp,"\n%12s%s","",neg) <= 0) goto err; - - for (i=0; ilength; i++) - { - if (BIO_printf(bp,"%02x%c",bs->data[i], - ((i+1 == bs->length)?'\n':':')) <= 0) - goto err; - } - } - - i=OBJ_obj2nid(ci->signature->algorithm); - if (BIO_printf(bp,"%8sSignature Algorithm: %s\n","", - (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0) - goto err; - - if (BIO_write(bp," Issuer: ",16) <= 0) goto err; - if (!X509_NAME_print(bp,X509_get_issuer_name(x),16)) goto err; - if (BIO_write(bp,"\n Validity\n",18) <= 0) goto err; - if (BIO_write(bp," Not Before: ",24) <= 0) goto err; - if (!ASN1_TIME_print(bp,X509_get_notBefore(x))) goto err; - if (BIO_write(bp,"\n Not After : ",25) <= 0) goto err; - if (!ASN1_TIME_print(bp,X509_get_notAfter(x))) goto err; - if (BIO_write(bp,"\n Subject: ",18) <= 0) goto err; - if (!X509_NAME_print(bp,X509_get_subject_name(x),16)) goto err; - if (BIO_write(bp,"\n Subject Public Key Info:\n",34) <= 0) - goto err; - i=OBJ_obj2nid(ci->key->algor->algorithm); - if (BIO_printf(bp,"%12sPublic Key Algorithm: %s\n","", - (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0) goto err; - - pkey=X509_get_pubkey(x); - if (pkey == NULL) - { - BIO_printf(bp,"%12sUnable to load Public Key\n",""); - ERR_print_errors(bp); - } - else -#ifndef NO_RSA - if (pkey->type == EVP_PKEY_RSA) - { - BIO_printf(bp,"%12sRSA Public Key: (%d bit)\n","", - BN_num_bits(pkey->pkey.rsa->n)); - RSA_print(bp,pkey->pkey.rsa,16); - } - else -#endif -#ifndef NO_DSA - if (pkey->type == EVP_PKEY_DSA) - { - BIO_printf(bp,"%12sDSA Public Key:\n",""); - DSA_print(bp,pkey->pkey.dsa,16); - } - else -#endif - BIO_printf(bp,"%12sUnknown Public Key:\n",""); - - EVP_PKEY_free(pkey); - - n=X509_get_ext_count(x); - if (n > 0) - { - BIO_printf(bp,"%8sX509v3 extensions:\n",""); - for (i=0; ivalue); - } - if (BIO_write(bp,"\n",1) <= 0) goto err; - } - } - - i=OBJ_obj2nid(x->sig_alg->algorithm); - if (BIO_printf(bp,"%4sSignature Algorithm: %s","", - (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0) goto err; - - n=x->signature->length; - s=(char *)x->signature->data; - for (i=0; iaux, 0)) goto err; - ret=1; -err: - if (str != NULL) ASN1_STRING_free(str); - if (m != NULL) OPENSSL_free(m); - return(ret); - } - -int ASN1_STRING_print(BIO *bp, ASN1_STRING *v) - { - int i,n; - char buf[80],*p;; - - if (v == NULL) return(0); - n=0; - p=(char *)v->data; - for (i=0; ilength; i++) - { - if ((p[i] > '~') || ((p[i] < ' ') && - (p[i] != '\n') && (p[i] != '\r'))) - buf[n]='.'; - else - buf[n]=p[i]; - n++; - if (n >= 80) - { - if (BIO_write(bp,buf,n) <= 0) - return(0); - n=0; - } - } - if (n > 0) - if (BIO_write(bp,buf,n) <= 0) - return(0); - return(1); - } - -int ASN1_TIME_print(BIO *bp, ASN1_TIME *tm) -{ - if(tm->type == V_ASN1_UTCTIME) return ASN1_UTCTIME_print(bp, tm); - if(tm->type == V_ASN1_GENERALIZEDTIME) - return ASN1_GENERALIZEDTIME_print(bp, tm); - BIO_write(bp,"Bad time value",14); - return(0); -} - -static const char *mon[12]= - { - "Jan","Feb","Mar","Apr","May","Jun", - "Jul","Aug","Sep","Oct","Nov","Dec" - }; - -int ASN1_GENERALIZEDTIME_print(BIO *bp, ASN1_GENERALIZEDTIME *tm) - { - char *v; - int gmt=0; - int i; - int y=0,M=0,d=0,h=0,m=0,s=0; - - i=tm->length; - v=(char *)tm->data; - - if (i < 12) goto err; - if (v[i-1] == 'Z') gmt=1; - for (i=0; i<12; i++) - if ((v[i] > '9') || (v[i] < '0')) goto err; - y= (v[0]-'0')*1000+(v[1]-'0')*100 + (v[2]-'0')*10+(v[3]-'0'); - M= (v[4]-'0')*10+(v[5]-'0'); - if ((M > 12) || (M < 1)) goto err; - d= (v[6]-'0')*10+(v[7]-'0'); - h= (v[8]-'0')*10+(v[9]-'0'); - m= (v[10]-'0')*10+(v[11]-'0'); - if ( (v[12] >= '0') && (v[12] <= '9') && - (v[13] >= '0') && (v[13] <= '9')) - s= (v[12]-'0')*10+(v[13]-'0'); - - if (BIO_printf(bp,"%s %2d %02d:%02d:%02d %d%s", - mon[M-1],d,h,m,s,y,(gmt)?" GMT":"") <= 0) - return(0); - else - return(1); -err: - BIO_write(bp,"Bad time value",14); - return(0); - } - -int ASN1_UTCTIME_print(BIO *bp, ASN1_UTCTIME *tm) - { - char *v; - int gmt=0; - int i; - int y=0,M=0,d=0,h=0,m=0,s=0; - - i=tm->length; - v=(char *)tm->data; - - if (i < 10) goto err; - if (v[i-1] == 'Z') gmt=1; - for (i=0; i<10; i++) - if ((v[i] > '9') || (v[i] < '0')) goto err; - y= (v[0]-'0')*10+(v[1]-'0'); - if (y < 50) y+=100; - M= (v[2]-'0')*10+(v[3]-'0'); - if ((M > 12) || (M < 1)) goto err; - d= (v[4]-'0')*10+(v[5]-'0'); - h= (v[6]-'0')*10+(v[7]-'0'); - m= (v[8]-'0')*10+(v[9]-'0'); - if ( (v[10] >= '0') && (v[10] <= '9') && - (v[11] >= '0') && (v[11] <= '9')) - s= (v[10]-'0')*10+(v[11]-'0'); - - if (BIO_printf(bp,"%s %2d %02d:%02d:%02d %d%s", - mon[M-1],d,h,m,s,y+1900,(gmt)?" GMT":"") <= 0) - return(0); - else - return(1); -err: - BIO_write(bp,"Bad time value",14); - return(0); - } - -int X509_NAME_print(BIO *bp, X509_NAME *name, int obase) - { - char *s,*c; - int ret=0,l,ll,i,first=1; - char buf[256]; - - ll=80-2-obase; - - s=X509_NAME_oneline(name,buf,256); - s++; /* skip the first slash */ - - l=ll; - c=s; - for (;;) - { -#ifndef CHARSET_EBCDIC - if ( ((*s == '/') && - ((s[1] >= 'A') && (s[1] <= 'Z') && ( - (s[2] == '=') || - ((s[2] >= 'A') && (s[2] <= 'Z') && - (s[3] == '=')) - ))) || - (*s == '\0')) -#else - if ( ((*s == '/') && - (isupper(s[1]) && ( - (s[2] == '=') || - (isupper(s[2]) && - (s[3] == '=')) - ))) || - (*s == '\0')) -#endif - { - if ((l <= 0) && !first) - { - first=0; - if (BIO_write(bp,"\n",1) != 1) goto err; - for (i=0; i -#include "cryptlib.h" -#include -#include -#include - -/* X509_CERT_AUX and string set routines - */ - -int X509_CERT_AUX_print(BIO *out, X509_CERT_AUX *aux, int indent) -{ - char oidstr[80], first; - int i; - if(!aux) return 1; - if(aux->trust) { - first = 1; - BIO_printf(out, "%*sTrusted Uses:\n%*s", - indent, "", indent + 2, ""); - for(i = 0; i < sk_ASN1_OBJECT_num(aux->trust); i++) { - if(!first) BIO_puts(out, ", "); - else first = 0; - OBJ_obj2txt(oidstr, 80, - sk_ASN1_OBJECT_value(aux->trust, i), 0); - BIO_puts(out, oidstr); - } - BIO_puts(out, "\n"); - } else BIO_printf(out, "%*sNo Trusted Uses.\n", indent, ""); - if(aux->reject) { - first = 1; - BIO_printf(out, "%*sRejected Uses:\n%*s", - indent, "", indent + 2, ""); - for(i = 0; i < sk_ASN1_OBJECT_num(aux->reject); i++) { - if(!first) BIO_puts(out, ", "); - else first = 0; - OBJ_obj2txt(oidstr, 80, - sk_ASN1_OBJECT_value(aux->reject, i), 0); - BIO_puts(out, oidstr); - } - BIO_puts(out, "\n"); - } else BIO_printf(out, "%*sNo Rejected Uses.\n", indent, ""); - if(aux->alias) BIO_printf(out, "%*sAlias: %s\n", indent, "", - aux->alias->data); - if(aux->keyid) { - BIO_printf(out, "%*sKey Id: ", indent, ""); - for(i = 0; i < aux->keyid->length; i++) - BIO_printf(out, "%s%02X", - i ? ":" : "", - aux->keyid->data[i]); - BIO_write(out,"\n",1); - } - return 1; -} diff --git a/src/lib/libcrypto/asn1/x_algor.c b/src/lib/libcrypto/asn1/x_algor.c deleted file mode 100644 index 853a8dfeef..0000000000 --- a/src/lib/libcrypto/asn1/x_algor.c +++ /dev/null @@ -1,118 +0,0 @@ -/* crypto/asn1/x_algor.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include - -int i2d_X509_ALGOR(X509_ALGOR *a, unsigned char **pp) - { - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len(a->algorithm,i2d_ASN1_OBJECT); - if (a->parameter != NULL) - { M_ASN1_I2D_len(a->parameter,i2d_ASN1_TYPE); } - - M_ASN1_I2D_seq_total(); - M_ASN1_I2D_put(a->algorithm,i2d_ASN1_OBJECT); - if (a->parameter != NULL) - { M_ASN1_I2D_put(a->parameter,i2d_ASN1_TYPE); } - - M_ASN1_I2D_finish(); - } - -X509_ALGOR *d2i_X509_ALGOR(X509_ALGOR **a, unsigned char **pp, long length) - { - M_ASN1_D2I_vars(a,X509_ALGOR *,X509_ALGOR_new); - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->algorithm,d2i_ASN1_OBJECT); - if (!M_ASN1_D2I_end_sequence()) - { M_ASN1_D2I_get(ret->parameter,d2i_ASN1_TYPE); } - else - { - ASN1_TYPE_free(ret->parameter); - ret->parameter=NULL; - } - M_ASN1_D2I_Finish(a,X509_ALGOR_free,ASN1_F_D2I_X509_ALGOR); - } - -X509_ALGOR *X509_ALGOR_new(void) - { - X509_ALGOR *ret=NULL; - ASN1_CTX c; - - M_ASN1_New_Malloc(ret,X509_ALGOR); - ret->algorithm=OBJ_nid2obj(NID_undef); - ret->parameter=NULL; - return(ret); - M_ASN1_New_Error(ASN1_F_X509_ALGOR_NEW); - } - -void X509_ALGOR_free(X509_ALGOR *a) - { - if (a == NULL) return; - ASN1_OBJECT_free(a->algorithm); - ASN1_TYPE_free(a->parameter); - OPENSSL_free(a); - } - -IMPLEMENT_STACK_OF(X509_ALGOR) -IMPLEMENT_ASN1_SET_OF(X509_ALGOR) diff --git a/src/lib/libcrypto/asn1/x_attrib.c b/src/lib/libcrypto/asn1/x_attrib.c deleted file mode 100644 index 14e5ea27aa..0000000000 --- a/src/lib/libcrypto/asn1/x_attrib.c +++ /dev/null @@ -1,165 +0,0 @@ -/* crypto/asn1/x_attrib.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include -#include - -/* sequence */ -int i2d_X509_ATTRIBUTE(X509_ATTRIBUTE *a, unsigned char **pp) - { - int k=0; - int r=0,ret=0; - unsigned char **p=NULL; - - if (a == NULL) return(0); - - p=NULL; - for (;;) - { - if (k) - { - r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE); - if (pp == NULL) return(r); - p=pp; - ASN1_put_object(p,1,ret,V_ASN1_SEQUENCE, - V_ASN1_UNIVERSAL); - } - - ret+=i2d_ASN1_OBJECT(a->object,p); - if (a->set) - ret+=i2d_ASN1_SET_OF_ASN1_TYPE(a->value.set,p,i2d_ASN1_TYPE, - V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET); - else - ret+=i2d_ASN1_TYPE(a->value.single,p); - if (k++) return(r); - } - } - -X509_ATTRIBUTE *d2i_X509_ATTRIBUTE(X509_ATTRIBUTE **a, unsigned char **pp, - long length) - { - M_ASN1_D2I_vars(a,X509_ATTRIBUTE *,X509_ATTRIBUTE_new); - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->object,d2i_ASN1_OBJECT); - - if ((c.slen != 0) && - (M_ASN1_next == (V_ASN1_CONSTRUCTED|V_ASN1_UNIVERSAL|V_ASN1_SET))) - { - ret->set=1; - M_ASN1_D2I_get_set_type(ASN1_TYPE,ret->value.set,d2i_ASN1_TYPE, - ASN1_TYPE_free); - } - else - { - ret->set=0; - M_ASN1_D2I_get(ret->value.single,d2i_ASN1_TYPE); - } - - M_ASN1_D2I_Finish(a,X509_ATTRIBUTE_free,ASN1_F_D2I_X509_ATTRIBUTE); - } - -X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value) - { - X509_ATTRIBUTE *ret=NULL; - ASN1_TYPE *val=NULL; - - if ((ret=X509_ATTRIBUTE_new()) == NULL) - return(NULL); - ret->object=OBJ_nid2obj(nid); - ret->set=1; - if ((ret->value.set=sk_ASN1_TYPE_new_null()) == NULL) goto err; - if ((val=ASN1_TYPE_new()) == NULL) goto err; - if (!sk_ASN1_TYPE_push(ret->value.set,val)) goto err; - - ASN1_TYPE_set(val,atrtype,value); - return(ret); -err: - if (ret != NULL) X509_ATTRIBUTE_free(ret); - if (val != NULL) ASN1_TYPE_free(val); - return(NULL); - } - -X509_ATTRIBUTE *X509_ATTRIBUTE_new(void) - { - X509_ATTRIBUTE *ret=NULL; - ASN1_CTX c; - - M_ASN1_New_Malloc(ret,X509_ATTRIBUTE); - ret->object=OBJ_nid2obj(NID_undef); - ret->set=0; - ret->value.ptr=NULL; - return(ret); - M_ASN1_New_Error(ASN1_F_X509_ATTRIBUTE_NEW); - } - -void X509_ATTRIBUTE_free(X509_ATTRIBUTE *a) - { - if (a == NULL) return; - ASN1_OBJECT_free(a->object); - if (a->set) - sk_ASN1_TYPE_pop_free(a->value.set,ASN1_TYPE_free); - else - ASN1_TYPE_free(a->value.single); - OPENSSL_free(a); - } - diff --git a/src/lib/libcrypto/asn1/x_crl.c b/src/lib/libcrypto/asn1/x_crl.c deleted file mode 100644 index 1f302d0e01..0000000000 --- a/src/lib/libcrypto/asn1/x_crl.c +++ /dev/null @@ -1,348 +0,0 @@ -/* crypto/asn1/x_crl.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include - -static int X509_REVOKED_cmp(const X509_REVOKED * const *a, - const X509_REVOKED * const *b); -static int X509_REVOKED_seq_cmp(const X509_REVOKED * const *a, - const X509_REVOKED * const *b); -int i2d_X509_REVOKED(X509_REVOKED *a, unsigned char **pp) - { - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len(a->serialNumber,i2d_ASN1_INTEGER); - M_ASN1_I2D_len(a->revocationDate,i2d_ASN1_TIME); - M_ASN1_I2D_len_SEQUENCE_opt_type(X509_EXTENSION,a->extensions, - i2d_X509_EXTENSION); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put(a->serialNumber,i2d_ASN1_INTEGER); - M_ASN1_I2D_put(a->revocationDate,i2d_ASN1_TIME); - M_ASN1_I2D_put_SEQUENCE_opt_type(X509_EXTENSION,a->extensions, - i2d_X509_EXTENSION); - - M_ASN1_I2D_finish(); - } - -X509_REVOKED *d2i_X509_REVOKED(X509_REVOKED **a, unsigned char **pp, - long length) - { - M_ASN1_D2I_vars(a,X509_REVOKED *,X509_REVOKED_new); - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->serialNumber,d2i_ASN1_INTEGER); - M_ASN1_D2I_get(ret->revocationDate,d2i_ASN1_TIME); - M_ASN1_D2I_get_seq_opt_type(X509_EXTENSION,ret->extensions, - d2i_X509_EXTENSION,X509_EXTENSION_free); - M_ASN1_D2I_Finish(a,X509_REVOKED_free,ASN1_F_D2I_X509_REVOKED); - } - -int i2d_X509_CRL_INFO(X509_CRL_INFO *a, unsigned char **pp) - { - int v1=0; - long l=0; - int (*old_cmp)(const X509_REVOKED * const *, - const X509_REVOKED * const *); - M_ASN1_I2D_vars(a); - - old_cmp=sk_X509_REVOKED_set_cmp_func(a->revoked,X509_REVOKED_seq_cmp); - sk_X509_REVOKED_sort(a->revoked); - sk_X509_REVOKED_set_cmp_func(a->revoked,old_cmp); - - if ((a->version != NULL) && ((l=ASN1_INTEGER_get(a->version)) != 0)) - { - M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER); - } - M_ASN1_I2D_len(a->sig_alg,i2d_X509_ALGOR); - M_ASN1_I2D_len(a->issuer,i2d_X509_NAME); - M_ASN1_I2D_len(a->lastUpdate,i2d_ASN1_TIME); - if (a->nextUpdate != NULL) - { M_ASN1_I2D_len(a->nextUpdate,i2d_ASN1_TIME); } - M_ASN1_I2D_len_SEQUENCE_opt_type(X509_REVOKED,a->revoked, - i2d_X509_REVOKED); - M_ASN1_I2D_len_EXP_SEQUENCE_opt_type(X509_EXTENSION,a->extensions, - i2d_X509_EXTENSION,0, - V_ASN1_SEQUENCE,v1); - - M_ASN1_I2D_seq_total(); - - if ((a->version != NULL) && (l != 0)) - { - M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER); - } - M_ASN1_I2D_put(a->sig_alg,i2d_X509_ALGOR); - M_ASN1_I2D_put(a->issuer,i2d_X509_NAME); - M_ASN1_I2D_put(a->lastUpdate,i2d_ASN1_TIME); - if (a->nextUpdate != NULL) - { M_ASN1_I2D_put(a->nextUpdate,i2d_ASN1_TIME); } - M_ASN1_I2D_put_SEQUENCE_opt_type(X509_REVOKED,a->revoked, - i2d_X509_REVOKED); - M_ASN1_I2D_put_EXP_SEQUENCE_opt_type(X509_EXTENSION,a->extensions, - i2d_X509_EXTENSION,0, - V_ASN1_SEQUENCE,v1); - - M_ASN1_I2D_finish(); - } - -X509_CRL_INFO *d2i_X509_CRL_INFO(X509_CRL_INFO **a, unsigned char **pp, - long length) - { - int i,ver=0; - M_ASN1_D2I_vars(a,X509_CRL_INFO *,X509_CRL_INFO_new); - - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get_opt(ret->version,d2i_ASN1_INTEGER,V_ASN1_INTEGER); - if (ret->version != NULL) - ver=ret->version->data[0]; - - if ((ver == 0) && (ret->version != NULL)) - { - M_ASN1_INTEGER_free(ret->version); - ret->version=NULL; - } - M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR); - M_ASN1_D2I_get(ret->issuer,d2i_X509_NAME); - M_ASN1_D2I_get(ret->lastUpdate,d2i_ASN1_TIME); - /* Manually handle the OPTIONAL ASN1_TIME stuff */ - /* First try UTCTime */ - M_ASN1_D2I_get_opt(ret->nextUpdate,d2i_ASN1_UTCTIME, V_ASN1_UTCTIME); - /* If that doesn't work try GeneralizedTime */ - if(!ret->nextUpdate) - M_ASN1_D2I_get_opt(ret->nextUpdate,d2i_ASN1_GENERALIZEDTIME, - V_ASN1_GENERALIZEDTIME); - if (ret->revoked != NULL) - { - while (sk_X509_REVOKED_num(ret->revoked)) - X509_REVOKED_free(sk_X509_REVOKED_pop(ret->revoked)); - } - M_ASN1_D2I_get_seq_opt_type(X509_REVOKED,ret->revoked,d2i_X509_REVOKED, - X509_REVOKED_free); - - if (ret->revoked != NULL) - { - for (i=0; irevoked); i++) - { - sk_X509_REVOKED_value(ret->revoked,i)->sequence=i; - } - } - - if (ret->extensions != NULL) - { - while (sk_X509_EXTENSION_num(ret->extensions)) - X509_EXTENSION_free( - sk_X509_EXTENSION_pop(ret->extensions)); - } - - M_ASN1_D2I_get_EXP_set_opt_type(X509_EXTENSION,ret->extensions, - d2i_X509_EXTENSION, - X509_EXTENSION_free,0, - V_ASN1_SEQUENCE); - - M_ASN1_D2I_Finish(a,X509_CRL_INFO_free,ASN1_F_D2I_X509_CRL_INFO); - } - -int i2d_X509_CRL(X509_CRL *a, unsigned char **pp) - { - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len(a->crl,i2d_X509_CRL_INFO); - M_ASN1_I2D_len(a->sig_alg,i2d_X509_ALGOR); - M_ASN1_I2D_len(a->signature,i2d_ASN1_BIT_STRING); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put(a->crl,i2d_X509_CRL_INFO); - M_ASN1_I2D_put(a->sig_alg,i2d_X509_ALGOR); - M_ASN1_I2D_put(a->signature,i2d_ASN1_BIT_STRING); - - M_ASN1_I2D_finish(); - } - -X509_CRL *d2i_X509_CRL(X509_CRL **a, unsigned char **pp, long length) - { - M_ASN1_D2I_vars(a,X509_CRL *,X509_CRL_new); - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->crl,d2i_X509_CRL_INFO); - M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR); - M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING); - - M_ASN1_D2I_Finish(a,X509_CRL_free,ASN1_F_D2I_X509_CRL); - } - - -X509_REVOKED *X509_REVOKED_new(void) - { - X509_REVOKED *ret=NULL; - ASN1_CTX c; - - M_ASN1_New_Malloc(ret,X509_REVOKED); - M_ASN1_New(ret->serialNumber,M_ASN1_INTEGER_new); - M_ASN1_New(ret->revocationDate,M_ASN1_UTCTIME_new); - ret->extensions=NULL; - return(ret); - M_ASN1_New_Error(ASN1_F_X509_REVOKED_NEW); - } - -X509_CRL_INFO *X509_CRL_INFO_new(void) - { - X509_CRL_INFO *ret=NULL; - ASN1_CTX c; - - M_ASN1_New_Malloc(ret,X509_CRL_INFO); - ret->version=NULL; - M_ASN1_New(ret->sig_alg,X509_ALGOR_new); - M_ASN1_New(ret->issuer,X509_NAME_new); - M_ASN1_New(ret->lastUpdate,M_ASN1_UTCTIME_new); - ret->nextUpdate=NULL; - M_ASN1_New(ret->revoked,sk_X509_REVOKED_new_null); - M_ASN1_New(ret->extensions,sk_X509_EXTENSION_new_null); - sk_X509_REVOKED_set_cmp_func(ret->revoked,X509_REVOKED_cmp); - return(ret); - M_ASN1_New_Error(ASN1_F_X509_CRL_INFO_NEW); - } - -X509_CRL *X509_CRL_new(void) - { - X509_CRL *ret=NULL; - ASN1_CTX c; - - M_ASN1_New_Malloc(ret,X509_CRL); - ret->references=1; - M_ASN1_New(ret->crl,X509_CRL_INFO_new); - M_ASN1_New(ret->sig_alg,X509_ALGOR_new); - M_ASN1_New(ret->signature,M_ASN1_BIT_STRING_new); - return(ret); - M_ASN1_New_Error(ASN1_F_X509_CRL_NEW); - } - -void X509_REVOKED_free(X509_REVOKED *a) - { - if (a == NULL) return; - M_ASN1_INTEGER_free(a->serialNumber); - M_ASN1_UTCTIME_free(a->revocationDate); - sk_X509_EXTENSION_pop_free(a->extensions,X509_EXTENSION_free); - OPENSSL_free(a); - } - -void X509_CRL_INFO_free(X509_CRL_INFO *a) - { - if (a == NULL) return; - M_ASN1_INTEGER_free(a->version); - X509_ALGOR_free(a->sig_alg); - X509_NAME_free(a->issuer); - M_ASN1_UTCTIME_free(a->lastUpdate); - if (a->nextUpdate) - M_ASN1_UTCTIME_free(a->nextUpdate); - sk_X509_REVOKED_pop_free(a->revoked,X509_REVOKED_free); - sk_X509_EXTENSION_pop_free(a->extensions,X509_EXTENSION_free); - OPENSSL_free(a); - } - -void X509_CRL_free(X509_CRL *a) - { - int i; - - if (a == NULL) return; - - i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_X509_CRL); -#ifdef REF_PRINT - REF_PRINT("X509_CRL",a); -#endif - if (i > 0) return; -#ifdef REF_CHECK - if (i < 0) - { - fprintf(stderr,"X509_CRL_free, bad reference count\n"); - abort(); - } -#endif - - X509_CRL_INFO_free(a->crl); - X509_ALGOR_free(a->sig_alg); - M_ASN1_BIT_STRING_free(a->signature); - OPENSSL_free(a); - } - -static int X509_REVOKED_cmp(const X509_REVOKED * const *a, - const X509_REVOKED * const *b) - { - return(ASN1_STRING_cmp( - (ASN1_STRING *)(*a)->serialNumber, - (ASN1_STRING *)(*b)->serialNumber)); - } - -static int X509_REVOKED_seq_cmp(const X509_REVOKED * const *a, - const X509_REVOKED * const *b) - { - return((*a)->sequence-(*b)->sequence); - } - -IMPLEMENT_STACK_OF(X509_REVOKED) -IMPLEMENT_ASN1_SET_OF(X509_REVOKED) -IMPLEMENT_STACK_OF(X509_CRL) -IMPLEMENT_ASN1_SET_OF(X509_CRL) diff --git a/src/lib/libcrypto/asn1/x_exten.c b/src/lib/libcrypto/asn1/x_exten.c deleted file mode 100644 index fbfd963b40..0000000000 --- a/src/lib/libcrypto/asn1/x_exten.c +++ /dev/null @@ -1,139 +0,0 @@ -/* crypto/asn1/x_exten.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include -#include - -int i2d_X509_EXTENSION(X509_EXTENSION *a, unsigned char **pp) - { - int k=0; - int r=0,ret=0; - unsigned char **p=NULL; - - if (a == NULL) return(0); - - p=NULL; - for (;;) - { - if (k) - { - r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE); - if (pp == NULL) return(r); - p=pp; - ASN1_put_object(p,1,ret,V_ASN1_SEQUENCE, - V_ASN1_UNIVERSAL); - } - - ret+=i2d_ASN1_OBJECT(a->object,p); - if ((a->critical) || a->netscape_hack) - ret+=i2d_ASN1_BOOLEAN(a->critical,p); - ret+=i2d_ASN1_OCTET_STRING(a->value,p); - if (k++) return(r); - } - } - -X509_EXTENSION *d2i_X509_EXTENSION(X509_EXTENSION **a, unsigned char **pp, - long length) - { - int i; - M_ASN1_D2I_vars(a,X509_EXTENSION *,X509_EXTENSION_new); - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->object,d2i_ASN1_OBJECT); - - ret->netscape_hack=0; - if ((c.slen != 0) && - (M_ASN1_next == (V_ASN1_UNIVERSAL|V_ASN1_BOOLEAN))) - { - c.q=c.p; - if (d2i_ASN1_BOOLEAN(&i,&c.p,c.slen) < 0) goto err; - ret->critical=i; - c.slen-=(c.p-c.q); - if (ret->critical == 0) ret->netscape_hack=1; - } - M_ASN1_D2I_get(ret->value,d2i_ASN1_OCTET_STRING); - - M_ASN1_D2I_Finish(a,X509_EXTENSION_free,ASN1_F_D2I_X509_EXTENSION); - } - -X509_EXTENSION *X509_EXTENSION_new(void) - { - X509_EXTENSION *ret=NULL; - ASN1_CTX c; - - M_ASN1_New_Malloc(ret,X509_EXTENSION); - ret->object=OBJ_nid2obj(NID_undef); - M_ASN1_New(ret->value,M_ASN1_OCTET_STRING_new); - ret->critical=0; - ret->netscape_hack=0; - return(ret); - M_ASN1_New_Error(ASN1_F_X509_EXTENSION_NEW); - } - -void X509_EXTENSION_free(X509_EXTENSION *a) - { - if (a == NULL) return; - ASN1_OBJECT_free(a->object); - M_ASN1_OCTET_STRING_free(a->value); - OPENSSL_free(a); - } - diff --git a/src/lib/libcrypto/asn1/x_info.c b/src/lib/libcrypto/asn1/x_info.c deleted file mode 100644 index 5e62fc2f6f..0000000000 --- a/src/lib/libcrypto/asn1/x_info.c +++ /dev/null @@ -1,114 +0,0 @@ -/* crypto/asn1/x_info.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include -#include - -X509_INFO *X509_INFO_new(void) - { - X509_INFO *ret=NULL; - - ret=(X509_INFO *)OPENSSL_malloc(sizeof(X509_INFO)); - if (ret == NULL) - { - ASN1err(ASN1_F_X509_INFO_NEW,ERR_R_MALLOC_FAILURE); - return(NULL); - } - - ret->enc_cipher.cipher=NULL; - ret->enc_len=0; - ret->enc_data=NULL; - - ret->references=1; - ret->x509=NULL; - ret->crl=NULL; - ret->x_pkey=NULL; - return(ret); - } - -void X509_INFO_free(X509_INFO *x) - { - int i; - - if (x == NULL) return; - - i=CRYPTO_add(&x->references,-1,CRYPTO_LOCK_X509_INFO); -#ifdef REF_PRINT - REF_PRINT("X509_INFO",x); -#endif - if (i > 0) return; -#ifdef REF_CHECK - if (i < 0) - { - fprintf(stderr,"X509_INFO_free, bad reference count\n"); - abort(); - } -#endif - - if (x->x509 != NULL) X509_free(x->x509); - if (x->crl != NULL) X509_CRL_free(x->crl); - if (x->x_pkey != NULL) X509_PKEY_free(x->x_pkey); - if (x->enc_data != NULL) OPENSSL_free(x->enc_data); - OPENSSL_free(x); - } - -IMPLEMENT_STACK_OF(X509_INFO) - diff --git a/src/lib/libcrypto/asn1/x_name.c b/src/lib/libcrypto/asn1/x_name.c deleted file mode 100644 index b832deb928..0000000000 --- a/src/lib/libcrypto/asn1/x_name.c +++ /dev/null @@ -1,279 +0,0 @@ -/* crypto/asn1/x_name.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include -#include - -static int i2d_X509_NAME_entries(X509_NAME *a); -int i2d_X509_NAME_ENTRY(X509_NAME_ENTRY *a, unsigned char **pp) - { - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len(a->object,i2d_ASN1_OBJECT); - M_ASN1_I2D_len(a->value,i2d_ASN1_PRINTABLE); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put(a->object,i2d_ASN1_OBJECT); - M_ASN1_I2D_put(a->value,i2d_ASN1_PRINTABLE); - - M_ASN1_I2D_finish(); - } - -X509_NAME_ENTRY *d2i_X509_NAME_ENTRY(X509_NAME_ENTRY **a, unsigned char **pp, - long length) - { - M_ASN1_D2I_vars(a,X509_NAME_ENTRY *,X509_NAME_ENTRY_new); - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->object,d2i_ASN1_OBJECT); - M_ASN1_D2I_get(ret->value,d2i_ASN1_PRINTABLE); - ret->set=0; - M_ASN1_D2I_Finish(a,X509_NAME_ENTRY_free,ASN1_F_D2I_X509_NAME_ENTRY); - } - -int i2d_X509_NAME(X509_NAME *a, unsigned char **pp) - { - int ret; - - if (a == NULL) return(0); - if (a->modified) - { - ret=i2d_X509_NAME_entries(a); - if (ret < 0) return(ret); - } - - ret=a->bytes->length; - if (pp != NULL) - { - memcpy(*pp,a->bytes->data,ret); - *pp+=ret; - } - return(ret); - } - -static int i2d_X509_NAME_entries(X509_NAME *a) - { - X509_NAME_ENTRY *ne,*fe=NULL; - STACK_OF(X509_NAME_ENTRY) *sk; - BUF_MEM *buf=NULL; - int set=0,r,ret=0; - int i; - unsigned char *p; - int size=0; - - sk=a->entries; - for (i=0; iset != set) - { - ret+=ASN1_object_size(1,size,V_ASN1_SET); - fe->size=size; - fe=ne; - size=0; - set=ne->set; - } - size+=i2d_X509_NAME_ENTRY(ne,NULL); - } - - ret+=ASN1_object_size(1,size,V_ASN1_SET); - if (fe != NULL) - fe->size=size; - - r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE); - - buf=a->bytes; - if (!BUF_MEM_grow(buf,r)) goto err; - p=(unsigned char *)buf->data; - - ASN1_put_object(&p,1,ret,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL); - - set= -1; - for (i=0; iset) - { - set=ne->set; - ASN1_put_object(&p,1,ne->size, - V_ASN1_SET,V_ASN1_UNIVERSAL); - } - i2d_X509_NAME_ENTRY(ne,&p); - } - a->modified=0; - return(r); -err: - return(-1); - } - -X509_NAME *d2i_X509_NAME(X509_NAME **a, unsigned char **pp, long length) - { - int set=0,i; - int idx=0; - unsigned char *orig; - M_ASN1_D2I_vars(a,X509_NAME *,X509_NAME_new); - - orig= *pp; - if (sk_X509_NAME_ENTRY_num(ret->entries) > 0) - { - while (sk_X509_NAME_ENTRY_num(ret->entries) > 0) - X509_NAME_ENTRY_free( - sk_X509_NAME_ENTRY_pop(ret->entries)); - } - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - for (;;) - { - if (M_ASN1_D2I_end_sequence()) break; - M_ASN1_D2I_get_set_type(X509_NAME_ENTRY,ret->entries, - d2i_X509_NAME_ENTRY, - X509_NAME_ENTRY_free); - for (; idx < sk_X509_NAME_ENTRY_num(ret->entries); idx++) - { - sk_X509_NAME_ENTRY_value(ret->entries,idx)->set=set; - } - set++; - } - - i=(int)(c.p-orig); - if (!BUF_MEM_grow(ret->bytes,i)) goto err; - memcpy(ret->bytes->data,orig,i); - ret->bytes->length=i; - ret->modified=0; - - M_ASN1_D2I_Finish(a,X509_NAME_free,ASN1_F_D2I_X509_NAME); - } - -X509_NAME *X509_NAME_new(void) - { - X509_NAME *ret=NULL; - ASN1_CTX c; - - M_ASN1_New_Malloc(ret,X509_NAME); - if ((ret->entries=sk_X509_NAME_ENTRY_new_null()) == NULL) - { c.line=__LINE__; goto err2; } - M_ASN1_New(ret->bytes,BUF_MEM_new); - ret->modified=1; - return(ret); - M_ASN1_New_Error(ASN1_F_X509_NAME_NEW); - } - -X509_NAME_ENTRY *X509_NAME_ENTRY_new(void) - { - X509_NAME_ENTRY *ret=NULL; - ASN1_CTX c; - - M_ASN1_New_Malloc(ret,X509_NAME_ENTRY); -/* M_ASN1_New(ret->object,ASN1_OBJECT_new);*/ - ret->object=NULL; - ret->set=0; - M_ASN1_New(ret->value,ASN1_STRING_new); - return(ret); - M_ASN1_New_Error(ASN1_F_X509_NAME_ENTRY_NEW); - } - -void X509_NAME_free(X509_NAME *a) - { - if(a == NULL) - return; - - BUF_MEM_free(a->bytes); - sk_X509_NAME_ENTRY_pop_free(a->entries,X509_NAME_ENTRY_free); - OPENSSL_free(a); - } - -void X509_NAME_ENTRY_free(X509_NAME_ENTRY *a) - { - if (a == NULL) return; - ASN1_OBJECT_free(a->object); - M_ASN1_BIT_STRING_free(a->value); - OPENSSL_free(a); - } - -int X509_NAME_set(X509_NAME **xn, X509_NAME *name) - { - X509_NAME *in; - - if (*xn == NULL) return(0); - - if (*xn != name) - { - in=X509_NAME_dup(name); - if (in != NULL) - { - X509_NAME_free(*xn); - *xn=in; - } - } - return(*xn != NULL); - } - -IMPLEMENT_STACK_OF(X509_NAME_ENTRY) -IMPLEMENT_ASN1_SET_OF(X509_NAME_ENTRY) diff --git a/src/lib/libcrypto/asn1/x_pkey.c b/src/lib/libcrypto/asn1/x_pkey.c deleted file mode 100644 index f1c6221ac3..0000000000 --- a/src/lib/libcrypto/asn1/x_pkey.c +++ /dev/null @@ -1,151 +0,0 @@ -/* crypto/asn1/x_pkey.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include -#include -#include - -/* need to implement */ -int i2d_X509_PKEY(X509_PKEY *a, unsigned char **pp) - { - return(0); - } - -X509_PKEY *d2i_X509_PKEY(X509_PKEY **a, unsigned char **pp, long length) - { - int i; - M_ASN1_D2I_vars(a,X509_PKEY *,X509_PKEY_new); - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->enc_algor,d2i_X509_ALGOR); - M_ASN1_D2I_get(ret->enc_pkey,d2i_ASN1_OCTET_STRING); - - ret->cipher.cipher=EVP_get_cipherbyname( - OBJ_nid2ln(OBJ_obj2nid(ret->enc_algor->algorithm))); - if (ret->cipher.cipher == NULL) - { - c.error=ASN1_R_UNSUPPORTED_CIPHER; - c.line=__LINE__; - goto err; - } - if (ret->enc_algor->parameter->type == V_ASN1_OCTET_STRING) - { - i=ret->enc_algor->parameter->value.octet_string->length; - if (i > EVP_MAX_IV_LENGTH) - { - c.error=ASN1_R_IV_TOO_LARGE; - c.line=__LINE__; - goto err; - } - memcpy(ret->cipher.iv, - ret->enc_algor->parameter->value.octet_string->data,i); - } - else - memset(ret->cipher.iv,0,EVP_MAX_IV_LENGTH); - M_ASN1_D2I_Finish(a,X509_PKEY_free,ASN1_F_D2I_X509_PKEY); - } - -X509_PKEY *X509_PKEY_new(void) - { - X509_PKEY *ret=NULL; - ASN1_CTX c; - - M_ASN1_New_Malloc(ret,X509_PKEY); - ret->version=0; - M_ASN1_New(ret->enc_algor,X509_ALGOR_new); - M_ASN1_New(ret->enc_pkey,M_ASN1_OCTET_STRING_new); - ret->dec_pkey=NULL; - ret->key_length=0; - ret->key_data=NULL; - ret->key_free=0; - ret->cipher.cipher=NULL; - memset(ret->cipher.iv,0,EVP_MAX_IV_LENGTH); - ret->references=1; - return(ret); - M_ASN1_New_Error(ASN1_F_X509_PKEY_NEW); - } - -void X509_PKEY_free(X509_PKEY *x) - { - int i; - - if (x == NULL) return; - - i=CRYPTO_add(&x->references,-1,CRYPTO_LOCK_X509_PKEY); -#ifdef REF_PRINT - REF_PRINT("X509_PKEY",x); -#endif - if (i > 0) return; -#ifdef REF_CHECK - if (i < 0) - { - fprintf(stderr,"X509_PKEY_free, bad reference count\n"); - abort(); - } -#endif - - if (x->enc_algor != NULL) X509_ALGOR_free(x->enc_algor); - if (x->enc_pkey != NULL) M_ASN1_OCTET_STRING_free(x->enc_pkey); - if (x->dec_pkey != NULL)EVP_PKEY_free(x->dec_pkey); - if ((x->key_data != NULL) && (x->key_free)) OPENSSL_free(x->key_data); - OPENSSL_free(x); - } diff --git a/src/lib/libcrypto/asn1/x_pubkey.c b/src/lib/libcrypto/asn1/x_pubkey.c deleted file mode 100644 index b2e2a51477..0000000000 --- a/src/lib/libcrypto/asn1/x_pubkey.c +++ /dev/null @@ -1,366 +0,0 @@ -/* crypto/asn1/x_pubkey.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include - -int i2d_X509_PUBKEY(X509_PUBKEY *a, unsigned char **pp) - { - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len(a->algor, i2d_X509_ALGOR); - M_ASN1_I2D_len(a->public_key, i2d_ASN1_BIT_STRING); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put(a->algor, i2d_X509_ALGOR); - M_ASN1_I2D_put(a->public_key, i2d_ASN1_BIT_STRING); - - M_ASN1_I2D_finish(); - } - -X509_PUBKEY *d2i_X509_PUBKEY(X509_PUBKEY **a, unsigned char **pp, - long length) - { - M_ASN1_D2I_vars(a,X509_PUBKEY *,X509_PUBKEY_new); - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->algor,d2i_X509_ALGOR); - M_ASN1_D2I_get(ret->public_key,d2i_ASN1_BIT_STRING); - if (ret->pkey != NULL) - { - EVP_PKEY_free(ret->pkey); - ret->pkey=NULL; - } - M_ASN1_D2I_Finish(a,X509_PUBKEY_free,ASN1_F_D2I_X509_PUBKEY); - } - -X509_PUBKEY *X509_PUBKEY_new(void) - { - X509_PUBKEY *ret=NULL; - ASN1_CTX c; - - M_ASN1_New_Malloc(ret,X509_PUBKEY); - M_ASN1_New(ret->algor,X509_ALGOR_new); - M_ASN1_New(ret->public_key,M_ASN1_BIT_STRING_new); - ret->pkey=NULL; - return(ret); - M_ASN1_New_Error(ASN1_F_X509_PUBKEY_NEW); - } - -void X509_PUBKEY_free(X509_PUBKEY *a) - { - if (a == NULL) return; - X509_ALGOR_free(a->algor); - M_ASN1_BIT_STRING_free(a->public_key); - if (a->pkey != NULL) EVP_PKEY_free(a->pkey); - OPENSSL_free(a); - } - -int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) - { - int ok=0; - X509_PUBKEY *pk; - X509_ALGOR *a; - ASN1_OBJECT *o; - unsigned char *s,*p; - int i; - - if (x == NULL) return(0); - - if ((pk=X509_PUBKEY_new()) == NULL) goto err; - a=pk->algor; - - /* set the algorithm id */ - if ((o=OBJ_nid2obj(pkey->type)) == NULL) goto err; - ASN1_OBJECT_free(a->algorithm); - a->algorithm=o; - - /* Set the parameter list */ - if (!pkey->save_parameters || (pkey->type == EVP_PKEY_RSA)) - { - if ((a->parameter == NULL) || - (a->parameter->type != V_ASN1_NULL)) - { - ASN1_TYPE_free(a->parameter); - a->parameter=ASN1_TYPE_new(); - a->parameter->type=V_ASN1_NULL; - } - } - else -#ifndef NO_DSA - if (pkey->type == EVP_PKEY_DSA) - { - unsigned char *pp; - DSA *dsa; - - dsa=pkey->pkey.dsa; - dsa->write_params=0; - ASN1_TYPE_free(a->parameter); - i=i2d_DSAparams(dsa,NULL); - p=(unsigned char *)OPENSSL_malloc(i); - pp=p; - i2d_DSAparams(dsa,&pp); - a->parameter=ASN1_TYPE_new(); - a->parameter->type=V_ASN1_SEQUENCE; - a->parameter->value.sequence=ASN1_STRING_new(); - ASN1_STRING_set(a->parameter->value.sequence,p,i); - OPENSSL_free(p); - } - else -#endif - { - X509err(X509_F_X509_PUBKEY_SET,X509_R_UNSUPPORTED_ALGORITHM); - goto err; - } - - if ((i=i2d_PublicKey(pkey,NULL)) <= 0) goto err; - if ((s=(unsigned char *)OPENSSL_malloc(i+1)) == NULL) goto err; - p=s; - i2d_PublicKey(pkey,&p); - if (!M_ASN1_BIT_STRING_set(pk->public_key,s,i)) goto err; - /* Set number of unused bits to zero */ - pk->public_key->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); - pk->public_key->flags|=ASN1_STRING_FLAG_BITS_LEFT; - - OPENSSL_free(s); - -#if 0 - CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY); - pk->pkey=pkey; -#endif - - if (*x != NULL) - X509_PUBKEY_free(*x); - - *x=pk; - pk=NULL; - - ok=1; -err: - if (pk != NULL) X509_PUBKEY_free(pk); - return(ok); - } - -EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key) - { - EVP_PKEY *ret=NULL; - long j; - int type; - unsigned char *p; -#ifndef NO_DSA - X509_ALGOR *a; -#endif - - if (key == NULL) goto err; - - if (key->pkey != NULL) - { - CRYPTO_add(&key->pkey->references,1,CRYPTO_LOCK_EVP_PKEY); - return(key->pkey); - } - - if (key->public_key == NULL) goto err; - - type=OBJ_obj2nid(key->algor->algorithm); - p=key->public_key->data; - j=key->public_key->length; - if ((ret=d2i_PublicKey(type,NULL,&p,(long)j)) == NULL) - { - X509err(X509_F_X509_PUBKEY_GET,X509_R_ERR_ASN1_LIB); - goto err; - } - ret->save_parameters=0; - -#ifndef NO_DSA - a=key->algor; - if (ret->type == EVP_PKEY_DSA) - { - if (a->parameter->type == V_ASN1_SEQUENCE) - { - ret->pkey.dsa->write_params=0; - p=a->parameter->value.sequence->data; - j=a->parameter->value.sequence->length; - if (!d2i_DSAparams(&ret->pkey.dsa,&p,(long)j)) - goto err; - } - ret->save_parameters=1; - } -#endif - key->pkey=ret; - CRYPTO_add(&ret->references,1,CRYPTO_LOCK_EVP_PKEY); - return(ret); -err: - if (ret != NULL) - EVP_PKEY_free(ret); - return(NULL); - } - -/* Now two pseudo ASN1 routines that take an EVP_PKEY structure - * and encode or decode as X509_PUBKEY - */ - -EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, unsigned char **pp, - long length) -{ - X509_PUBKEY *xpk; - EVP_PKEY *pktmp; - xpk = d2i_X509_PUBKEY(NULL, pp, length); - if(!xpk) return NULL; - pktmp = X509_PUBKEY_get(xpk); - X509_PUBKEY_free(xpk); - if(!pktmp) return NULL; - if(a) { - EVP_PKEY_free(*a); - *a = pktmp; - } - return pktmp; -} - -int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp) -{ - X509_PUBKEY *xpk=NULL; - int ret; - if(!a) return 0; - if(!X509_PUBKEY_set(&xpk, a)) return 0; - ret = i2d_X509_PUBKEY(xpk, pp); - X509_PUBKEY_free(xpk); - return ret; -} - -/* The following are equivalents but which return RSA and DSA - * keys - */ -#ifndef NO_RSA -RSA *d2i_RSA_PUBKEY(RSA **a, unsigned char **pp, - long length) -{ - EVP_PKEY *pkey; - RSA *key; - unsigned char *q; - q = *pp; - pkey = d2i_PUBKEY(NULL, &q, length); - if(!pkey) return NULL; - key = EVP_PKEY_get1_RSA(pkey); - EVP_PKEY_free(pkey); - if(!key) return NULL; - *pp = q; - if(a) { - RSA_free(*a); - *a = key; - } - return key; -} - -int i2d_RSA_PUBKEY(RSA *a, unsigned char **pp) -{ - EVP_PKEY *pktmp; - int ret; - if(!a) return 0; - pktmp = EVP_PKEY_new(); - if(!pktmp) { - ASN1err(ASN1_F_I2D_RSA_PUBKEY, ERR_R_MALLOC_FAILURE); - return 0; - } - EVP_PKEY_set1_RSA(pktmp, a); - ret = i2d_PUBKEY(pktmp, pp); - EVP_PKEY_free(pktmp); - return ret; -} -#endif - -#ifndef NO_DSA -DSA *d2i_DSA_PUBKEY(DSA **a, unsigned char **pp, - long length) -{ - EVP_PKEY *pkey; - DSA *key; - unsigned char *q; - q = *pp; - pkey = d2i_PUBKEY(NULL, &q, length); - if(!pkey) return NULL; - key = EVP_PKEY_get1_DSA(pkey); - EVP_PKEY_free(pkey); - if(!key) return NULL; - *pp = q; - if(a) { - DSA_free(*a); - *a = key; - } - return key; -} - -int i2d_DSA_PUBKEY(DSA *a, unsigned char **pp) -{ - EVP_PKEY *pktmp; - int ret; - if(!a) return 0; - pktmp = EVP_PKEY_new(); - if(!pktmp) { - ASN1err(ASN1_F_I2D_DSA_PUBKEY, ERR_R_MALLOC_FAILURE); - return 0; - } - EVP_PKEY_set1_DSA(pktmp, a); - ret = i2d_PUBKEY(pktmp, pp); - EVP_PKEY_free(pktmp); - return ret; -} -#endif diff --git a/src/lib/libcrypto/asn1/x_req.c b/src/lib/libcrypto/asn1/x_req.c deleted file mode 100644 index 6dddd4f653..0000000000 --- a/src/lib/libcrypto/asn1/x_req.c +++ /dev/null @@ -1,257 +0,0 @@ -/* crypto/asn1/x_req.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include - -int i2d_X509_REQ_INFO(X509_REQ_INFO *a, unsigned char **pp) - { - M_ASN1_I2D_vars(a); - - if(a->asn1) { - if(pp) { - memcpy(*pp, a->asn1, a->length); - *pp += a->length; - } - return a->length; - } - - M_ASN1_I2D_len(a->version, i2d_ASN1_INTEGER); - M_ASN1_I2D_len(a->subject, i2d_X509_NAME); - M_ASN1_I2D_len(a->pubkey, i2d_X509_PUBKEY); - - /* this is a *nasty* hack reported to be required to - * allow some CA Software to accept the cert request. - * It is not following the PKCS standards ... - * PKCS#10 pg 5 - * attributes [0] IMPLICIT Attributes - * NOTE: no OPTIONAL ... so it *must* be there - */ - if (a->req_kludge) - { - M_ASN1_I2D_len_IMP_SET_opt_type(X509_ATTRIBUTE,a->attributes,i2d_X509_ATTRIBUTE,0); - } - else - { - M_ASN1_I2D_len_IMP_SET_type(X509_ATTRIBUTE,a->attributes, - i2d_X509_ATTRIBUTE,0); - } - - M_ASN1_I2D_seq_total(); - M_ASN1_I2D_put(a->version, i2d_ASN1_INTEGER); - M_ASN1_I2D_put(a->subject, i2d_X509_NAME); - M_ASN1_I2D_put(a->pubkey, i2d_X509_PUBKEY); - - /* this is a *nasty* hack reported to be required by some CA's. - * It is not following the PKCS standards ... - * PKCS#10 pg 5 - * attributes [0] IMPLICIT Attributes - * NOTE: no OPTIONAL ... so it *must* be there - */ - if (a->req_kludge) - { - M_ASN1_I2D_put_IMP_SET_opt_type(X509_ATTRIBUTE,a->attributes, - i2d_X509_ATTRIBUTE,0); - } - else - { - M_ASN1_I2D_put_IMP_SET_type(X509_ATTRIBUTE,a->attributes, - i2d_X509_ATTRIBUTE,0); - } - - M_ASN1_I2D_finish(); - } - -X509_REQ_INFO *d2i_X509_REQ_INFO(X509_REQ_INFO **a, unsigned char **pp, - long length) - { - M_ASN1_D2I_vars(a,X509_REQ_INFO *,X509_REQ_INFO_new); - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER); - M_ASN1_D2I_get(ret->subject,d2i_X509_NAME); - M_ASN1_D2I_get(ret->pubkey,d2i_X509_PUBKEY); - - /* this is a *nasty* hack to allow for some CA's that - * have been reported as requiring it. - * It is not following the PKCS standards ... - * PKCS#10 pg 5 - * attributes [0] IMPLICIT Attributes - * NOTE: no OPTIONAL ... so it *must* be there - */ - if (asn1_Finish(&c)) - ret->req_kludge=1; - else - { - M_ASN1_D2I_get_IMP_set_type(X509_ATTRIBUTE,ret->attributes, - d2i_X509_ATTRIBUTE, - X509_ATTRIBUTE_free,0); - } - - M_ASN1_D2I_Finish(a,X509_REQ_INFO_free,ASN1_F_D2I_X509_REQ_INFO); - } - -X509_REQ_INFO *X509_REQ_INFO_new(void) - { - X509_REQ_INFO *ret=NULL; - ASN1_CTX c; - - M_ASN1_New_Malloc(ret,X509_REQ_INFO); - M_ASN1_New(ret->version,M_ASN1_INTEGER_new); - M_ASN1_New(ret->subject,X509_NAME_new); - M_ASN1_New(ret->pubkey,X509_PUBKEY_new); - M_ASN1_New(ret->attributes,sk_X509_ATTRIBUTE_new_null); - ret->req_kludge=0; - ret->asn1 = NULL; - return(ret); - M_ASN1_New_Error(ASN1_F_X509_REQ_INFO_NEW); - } - -void X509_REQ_INFO_free(X509_REQ_INFO *a) - { - if (a == NULL) return; - if(a->asn1) OPENSSL_free(a->asn1); - M_ASN1_INTEGER_free(a->version); - X509_NAME_free(a->subject); - X509_PUBKEY_free(a->pubkey); - sk_X509_ATTRIBUTE_pop_free(a->attributes,X509_ATTRIBUTE_free); - OPENSSL_free(a); - } - -int i2d_X509_REQ(X509_REQ *a, unsigned char **pp) - { - M_ASN1_I2D_vars(a); - M_ASN1_I2D_len(a->req_info, i2d_X509_REQ_INFO); - M_ASN1_I2D_len(a->sig_alg, i2d_X509_ALGOR); - M_ASN1_I2D_len(a->signature, i2d_ASN1_BIT_STRING); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put(a->req_info, i2d_X509_REQ_INFO); - M_ASN1_I2D_put(a->sig_alg, i2d_X509_ALGOR); - M_ASN1_I2D_put(a->signature, i2d_ASN1_BIT_STRING); - - M_ASN1_I2D_finish(); - } - -X509_REQ *d2i_X509_REQ(X509_REQ **a, unsigned char **pp, long length) - { - M_ASN1_D2I_vars(a,X509_REQ *,X509_REQ_new); - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->req_info,d2i_X509_REQ_INFO); - - /* Keep a copy of the original encoding for signature checking */ - ret->req_info->length = c.p - c.q; - if(!(ret->req_info->asn1 = OPENSSL_malloc(ret->req_info->length))) { - c.line=__LINE__; - c.error = ERR_R_MALLOC_FAILURE; - goto err; - } - - memcpy(ret->req_info->asn1, c.q, ret->req_info->length); - - M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR); - M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING); - M_ASN1_D2I_Finish(a,X509_REQ_free,ASN1_F_D2I_X509_REQ); - } - -X509_REQ *X509_REQ_new(void) - { - X509_REQ *ret=NULL; - ASN1_CTX c; - - M_ASN1_New_Malloc(ret,X509_REQ); - ret->references=1; - M_ASN1_New(ret->req_info,X509_REQ_INFO_new); - M_ASN1_New(ret->sig_alg,X509_ALGOR_new); - M_ASN1_New(ret->signature,M_ASN1_BIT_STRING_new); - return(ret); - M_ASN1_New_Error(ASN1_F_X509_REQ_NEW); - } - -void X509_REQ_free(X509_REQ *a) - { - int i; - - if (a == NULL) return; - - i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_X509_REQ); -#ifdef REF_PRINT - REF_PRINT("X509_REQ",a); -#endif - if (i > 0) return; -#ifdef REF_CHECK - if (i < 0) - { - fprintf(stderr,"X509_REQ_free, bad reference count\n"); - abort(); - } -#endif - - X509_REQ_INFO_free(a->req_info); - X509_ALGOR_free(a->sig_alg); - M_ASN1_BIT_STRING_free(a->signature); - OPENSSL_free(a); - } - - diff --git a/src/lib/libcrypto/asn1/x_sig.c b/src/lib/libcrypto/asn1/x_sig.c deleted file mode 100644 index d79f147647..0000000000 --- a/src/lib/libcrypto/asn1/x_sig.c +++ /dev/null @@ -1,110 +0,0 @@ -/* crypto/asn1/x_sig.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include - -int i2d_X509_SIG(X509_SIG *a, unsigned char **pp) - { - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len(a->algor, i2d_X509_ALGOR); - M_ASN1_I2D_len(a->digest, i2d_ASN1_OCTET_STRING); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put(a->algor, i2d_X509_ALGOR); - M_ASN1_I2D_put(a->digest, i2d_ASN1_OCTET_STRING); - - M_ASN1_I2D_finish(); - } - -X509_SIG *d2i_X509_SIG(X509_SIG **a, unsigned char **pp, long length) - { - M_ASN1_D2I_vars(a,X509_SIG *,X509_SIG_new); - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->algor,d2i_X509_ALGOR); - M_ASN1_D2I_get(ret->digest,d2i_ASN1_OCTET_STRING); - M_ASN1_D2I_Finish(a,X509_SIG_free,ASN1_F_D2I_X509_SIG); - } - -X509_SIG *X509_SIG_new(void) - { - X509_SIG *ret=NULL; - ASN1_CTX c; - - M_ASN1_New_Malloc(ret,X509_SIG); - M_ASN1_New(ret->algor,X509_ALGOR_new); - M_ASN1_New(ret->digest,M_ASN1_OCTET_STRING_new); - return(ret); - M_ASN1_New_Error(ASN1_F_X509_SIG_NEW); - } - -void X509_SIG_free(X509_SIG *a) - { - if (a == NULL) return; - X509_ALGOR_free(a->algor); - M_ASN1_OCTET_STRING_free(a->digest); - OPENSSL_free(a); - } - - diff --git a/src/lib/libcrypto/asn1/x_spki.c b/src/lib/libcrypto/asn1/x_spki.c deleted file mode 100644 index 4f01888f7d..0000000000 --- a/src/lib/libcrypto/asn1/x_spki.c +++ /dev/null @@ -1,166 +0,0 @@ -/* crypto/asn1/x_spki.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - - /* This module was send to me my Pat Richards who - * wrote it. It is under my Copyright with his permission - */ - -#include -#include "cryptlib.h" -#include -#include - -int i2d_NETSCAPE_SPKAC(NETSCAPE_SPKAC *a, unsigned char **pp) - { - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len(a->pubkey, i2d_X509_PUBKEY); - M_ASN1_I2D_len(a->challenge, i2d_ASN1_IA5STRING); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put(a->pubkey, i2d_X509_PUBKEY); - M_ASN1_I2D_put(a->challenge, i2d_ASN1_IA5STRING); - - M_ASN1_I2D_finish(); - } - -NETSCAPE_SPKAC *d2i_NETSCAPE_SPKAC(NETSCAPE_SPKAC **a, unsigned char **pp, - long length) - { - M_ASN1_D2I_vars(a,NETSCAPE_SPKAC *,NETSCAPE_SPKAC_new); - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->pubkey,d2i_X509_PUBKEY); - M_ASN1_D2I_get(ret->challenge,d2i_ASN1_IA5STRING); - M_ASN1_D2I_Finish(a,NETSCAPE_SPKAC_free,ASN1_F_D2I_NETSCAPE_SPKAC); - } - -NETSCAPE_SPKAC *NETSCAPE_SPKAC_new(void) - { - NETSCAPE_SPKAC *ret=NULL; - ASN1_CTX c; - - M_ASN1_New_Malloc(ret,NETSCAPE_SPKAC); - M_ASN1_New(ret->pubkey,X509_PUBKEY_new); - M_ASN1_New(ret->challenge,M_ASN1_IA5STRING_new); - return(ret); - M_ASN1_New_Error(ASN1_F_NETSCAPE_SPKAC_NEW); - } - -void NETSCAPE_SPKAC_free(NETSCAPE_SPKAC *a) - { - if (a == NULL) return; - X509_PUBKEY_free(a->pubkey); - M_ASN1_IA5STRING_free(a->challenge); - OPENSSL_free(a); - } - -int i2d_NETSCAPE_SPKI(NETSCAPE_SPKI *a, unsigned char **pp) - { - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len(a->spkac, i2d_NETSCAPE_SPKAC); - M_ASN1_I2D_len(a->sig_algor, i2d_X509_ALGOR); - M_ASN1_I2D_len(a->signature, i2d_ASN1_BIT_STRING); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put(a->spkac, i2d_NETSCAPE_SPKAC); - M_ASN1_I2D_put(a->sig_algor, i2d_X509_ALGOR); - M_ASN1_I2D_put(a->signature, i2d_ASN1_BIT_STRING); - - M_ASN1_I2D_finish(); - } - -NETSCAPE_SPKI *d2i_NETSCAPE_SPKI(NETSCAPE_SPKI **a, unsigned char **pp, - long length) - { - M_ASN1_D2I_vars(a,NETSCAPE_SPKI *,NETSCAPE_SPKI_new); - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->spkac,d2i_NETSCAPE_SPKAC); - M_ASN1_D2I_get(ret->sig_algor,d2i_X509_ALGOR); - M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING); - M_ASN1_D2I_Finish(a,NETSCAPE_SPKI_free,ASN1_F_D2I_NETSCAPE_SPKI); - } - -NETSCAPE_SPKI *NETSCAPE_SPKI_new(void) - { - NETSCAPE_SPKI *ret=NULL; - ASN1_CTX c; - - M_ASN1_New_Malloc(ret,NETSCAPE_SPKI); - M_ASN1_New(ret->spkac,NETSCAPE_SPKAC_new); - M_ASN1_New(ret->sig_algor,X509_ALGOR_new); - M_ASN1_New(ret->signature,M_ASN1_BIT_STRING_new); - return(ret); - M_ASN1_New_Error(ASN1_F_NETSCAPE_SPKI_NEW); - } - -void NETSCAPE_SPKI_free(NETSCAPE_SPKI *a) - { - if (a == NULL) return; - NETSCAPE_SPKAC_free(a->spkac); - X509_ALGOR_free(a->sig_algor); - M_ASN1_BIT_STRING_free(a->signature); - OPENSSL_free(a); - } - diff --git a/src/lib/libcrypto/asn1/x_val.c b/src/lib/libcrypto/asn1/x_val.c deleted file mode 100644 index 0f8f020b57..0000000000 --- a/src/lib/libcrypto/asn1/x_val.c +++ /dev/null @@ -1,109 +0,0 @@ -/* crypto/asn1/x_val.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include - -int i2d_X509_VAL(X509_VAL *a, unsigned char **pp) - { - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len(a->notBefore,i2d_ASN1_TIME); - M_ASN1_I2D_len(a->notAfter,i2d_ASN1_TIME); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put(a->notBefore,i2d_ASN1_TIME); - M_ASN1_I2D_put(a->notAfter,i2d_ASN1_TIME); - - M_ASN1_I2D_finish(); - } - -X509_VAL *d2i_X509_VAL(X509_VAL **a, unsigned char **pp, long length) - { - M_ASN1_D2I_vars(a,X509_VAL *,X509_VAL_new); - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->notBefore,d2i_ASN1_TIME); - M_ASN1_D2I_get(ret->notAfter,d2i_ASN1_TIME); - M_ASN1_D2I_Finish(a,X509_VAL_free,ASN1_F_D2I_X509_VAL); - } - -X509_VAL *X509_VAL_new(void) - { - X509_VAL *ret=NULL; - ASN1_CTX c; - - M_ASN1_New_Malloc(ret,X509_VAL); - M_ASN1_New(ret->notBefore,M_ASN1_TIME_new); - M_ASN1_New(ret->notAfter,M_ASN1_TIME_new); - return(ret); - M_ASN1_New_Error(ASN1_F_X509_VAL_NEW); - } - -void X509_VAL_free(X509_VAL *a) - { - if (a == NULL) return; - M_ASN1_TIME_free(a->notBefore); - M_ASN1_TIME_free(a->notAfter); - OPENSSL_free(a); - } - diff --git a/src/lib/libcrypto/asn1/x_x509.c b/src/lib/libcrypto/asn1/x_x509.c deleted file mode 100644 index 61ba856b17..0000000000 --- a/src/lib/libcrypto/asn1/x_x509.c +++ /dev/null @@ -1,216 +0,0 @@ -/* crypto/asn1/x_x509.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include -#include -#include - -static int x509_meth_num = 0; -static STACK_OF(CRYPTO_EX_DATA_FUNCS) *x509_meth = NULL; - -static ASN1_METHOD meth={ - (int (*)()) i2d_X509, - (char *(*)())d2i_X509, - (char *(*)())X509_new, - (void (*)()) X509_free}; - -ASN1_METHOD *X509_asn1_meth(void) - { - return(&meth); - } - -int i2d_X509(X509 *a, unsigned char **pp) - { - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len(a->cert_info, i2d_X509_CINF); - M_ASN1_I2D_len(a->sig_alg, i2d_X509_ALGOR); - M_ASN1_I2D_len(a->signature, i2d_ASN1_BIT_STRING); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put(a->cert_info, i2d_X509_CINF); - M_ASN1_I2D_put(a->sig_alg, i2d_X509_ALGOR); - M_ASN1_I2D_put(a->signature, i2d_ASN1_BIT_STRING); - - M_ASN1_I2D_finish(); - } - -X509 *d2i_X509(X509 **a, unsigned char **pp, long length) - { - M_ASN1_D2I_vars(a,X509 *,X509_new); - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->cert_info,d2i_X509_CINF); - M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR); - M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING); - if (ret->name != NULL) OPENSSL_free(ret->name); - ret->name=X509_NAME_oneline(ret->cert_info->subject,NULL,0); - - M_ASN1_D2I_Finish(a,X509_free,ASN1_F_D2I_X509); - } - -X509 *X509_new(void) - { - X509 *ret=NULL; - ASN1_CTX c; - - M_ASN1_New_Malloc(ret,X509); - ret->valid=0; - ret->references=1; - ret->name = NULL; - ret->ex_flags = 0; - ret->ex_pathlen = -1; - ret->skid = NULL; - ret->akid = NULL; - ret->aux = NULL; - M_ASN1_New(ret->cert_info,X509_CINF_new); - M_ASN1_New(ret->sig_alg,X509_ALGOR_new); - M_ASN1_New(ret->signature,M_ASN1_BIT_STRING_new); - CRYPTO_new_ex_data(x509_meth, ret, &ret->ex_data); - return(ret); - M_ASN1_New_Error(ASN1_F_X509_NEW); - } - -void X509_free(X509 *a) - { - int i; - - if (a == NULL) return; - - i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_X509); -#ifdef REF_PRINT - REF_PRINT("X509",a); -#endif - if (i > 0) return; -#ifdef REF_CHECK - if (i < 0) - { - fprintf(stderr,"X509_free, bad reference count\n"); - abort(); - } -#endif - - CRYPTO_free_ex_data(x509_meth,a,&a->ex_data); - X509_CINF_free(a->cert_info); - X509_ALGOR_free(a->sig_alg); - M_ASN1_BIT_STRING_free(a->signature); - X509_CERT_AUX_free(a->aux); - ASN1_OCTET_STRING_free(a->skid); - AUTHORITY_KEYID_free(a->akid); - - if (a->name != NULL) OPENSSL_free(a->name); - OPENSSL_free(a); - } - -int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) - { - x509_meth_num++; - return(CRYPTO_get_ex_new_index(x509_meth_num-1, - &x509_meth,argl,argp,new_func,dup_func,free_func)); - } - -int X509_set_ex_data(X509 *r, int idx, void *arg) - { - return(CRYPTO_set_ex_data(&r->ex_data,idx,arg)); - } - -void *X509_get_ex_data(X509 *r, int idx) - { - return(CRYPTO_get_ex_data(&r->ex_data,idx)); - } - -/* X509_AUX ASN1 routines. X509_AUX is the name given to - * a certificate with extra info tagged on the end. Since these - * functions set how a certificate is trusted they should only - * be used when the certificate comes from a reliable source - * such as local storage. - * - */ - -X509 *d2i_X509_AUX(X509 **a, unsigned char **pp, long length) -{ - unsigned char *q; - X509 *ret; - /* Save start position */ - q = *pp; - ret = d2i_X509(a, pp, length); - /* If certificate unreadable then forget it */ - if(!ret) return NULL; - /* update length */ - length -= *pp - q; - if(!length) return ret; - if(!d2i_X509_CERT_AUX(&ret->aux, pp, length)) goto err; - return ret; - err: - X509_free(ret); - return NULL; -} - -int i2d_X509_AUX(X509 *a, unsigned char **pp) -{ - int length; - length = i2d_X509(a, pp); - if(a) length += i2d_X509_CERT_AUX(a->aux, pp); - return length; -} diff --git a/src/lib/libcrypto/asn1/x_x509a.c b/src/lib/libcrypto/asn1/x_x509a.c deleted file mode 100644 index ebcce87bf2..0000000000 --- a/src/lib/libcrypto/asn1/x_x509a.c +++ /dev/null @@ -1,208 +0,0 @@ -/* a_x509a.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include "cryptlib.h" -#include -#include -#include - -/* X509_CERT_AUX routines. These are used to encode additional - * user modifiable data about a certificate. This data is - * appended to the X509 encoding when the *_X509_AUX routines - * are used. This means that the "traditional" X509 routines - * will simply ignore the extra data. - */ - -static X509_CERT_AUX *aux_get(X509 *x); - -X509_CERT_AUX *d2i_X509_CERT_AUX(X509_CERT_AUX **a, unsigned char **pp, long length) -{ - M_ASN1_D2I_vars(a, X509_CERT_AUX *, X509_CERT_AUX_new); - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - - M_ASN1_D2I_get_seq_opt_type(ASN1_OBJECT, ret->trust, - d2i_ASN1_OBJECT, ASN1_OBJECT_free); - M_ASN1_D2I_get_IMP_set_opt_type(ASN1_OBJECT, ret->reject, - d2i_ASN1_OBJECT, ASN1_OBJECT_free, 0); - M_ASN1_D2I_get_opt(ret->alias, d2i_ASN1_UTF8STRING, V_ASN1_UTF8STRING); - M_ASN1_D2I_get_opt(ret->keyid, d2i_ASN1_OCTET_STRING, V_ASN1_OCTET_STRING); - M_ASN1_D2I_get_IMP_set_opt_type(X509_ALGOR, ret->other, - d2i_X509_ALGOR, X509_ALGOR_free, 1); - - M_ASN1_D2I_Finish(a, X509_CERT_AUX_free, ASN1_F_D2I_X509_CERT_AUX); -} - -X509_CERT_AUX *X509_CERT_AUX_new() -{ - X509_CERT_AUX *ret = NULL; - ASN1_CTX c; - M_ASN1_New_Malloc(ret, X509_CERT_AUX); - ret->trust = NULL; - ret->reject = NULL; - ret->alias = NULL; - ret->keyid = NULL; - ret->other = NULL; - return(ret); - M_ASN1_New_Error(ASN1_F_X509_CERT_AUX_NEW); -} - -void X509_CERT_AUX_free(X509_CERT_AUX *a) -{ - if(a == NULL) return; - sk_ASN1_OBJECT_pop_free(a->trust, ASN1_OBJECT_free); - sk_ASN1_OBJECT_pop_free(a->reject, ASN1_OBJECT_free); - ASN1_UTF8STRING_free(a->alias); - ASN1_OCTET_STRING_free(a->keyid); - sk_X509_ALGOR_pop_free(a->other, X509_ALGOR_free); - OPENSSL_free(a); -} - -int i2d_X509_CERT_AUX(X509_CERT_AUX *a, unsigned char **pp) -{ - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len_SEQUENCE_opt_type(ASN1_OBJECT, a->trust, i2d_ASN1_OBJECT); - M_ASN1_I2D_len_IMP_SEQUENCE_opt_type(ASN1_OBJECT, a->reject, i2d_ASN1_OBJECT, 0); - - M_ASN1_I2D_len(a->alias, i2d_ASN1_UTF8STRING); - M_ASN1_I2D_len(a->keyid, i2d_ASN1_OCTET_STRING); - M_ASN1_I2D_len_IMP_SEQUENCE_opt_type(X509_ALGOR, a->other, i2d_X509_ALGOR, 1); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put_SEQUENCE_opt_type(ASN1_OBJECT, a->trust, i2d_ASN1_OBJECT); - M_ASN1_I2D_put_IMP_SEQUENCE_opt_type(ASN1_OBJECT, a->reject, i2d_ASN1_OBJECT, 0); - - M_ASN1_I2D_put(a->alias, i2d_ASN1_UTF8STRING); - M_ASN1_I2D_put(a->keyid, i2d_ASN1_OCTET_STRING); - M_ASN1_I2D_put_IMP_SEQUENCE_opt_type(X509_ALGOR, a->other, i2d_X509_ALGOR, 1); - - M_ASN1_I2D_finish(); -} - -static X509_CERT_AUX *aux_get(X509 *x) -{ - if(!x) return NULL; - if(!x->aux && !(x->aux = X509_CERT_AUX_new())) return NULL; - return x->aux; -} - -int X509_alias_set1(X509 *x, unsigned char *name, int len) -{ - X509_CERT_AUX *aux; - if(!(aux = aux_get(x))) return 0; - if(!aux->alias && !(aux->alias = ASN1_UTF8STRING_new())) return 0; - return ASN1_STRING_set(aux->alias, name, len); -} - -int X509_keyid_set1(X509 *x, unsigned char *id, int len) -{ - X509_CERT_AUX *aux; - if(!(aux = aux_get(x))) return 0; - if(!aux->keyid && !(aux->keyid = ASN1_OCTET_STRING_new())) return 0; - return ASN1_STRING_set(aux->keyid, id, len); -} - -unsigned char *X509_alias_get0(X509 *x, int *len) -{ - if(!x->aux || !x->aux->alias) return NULL; - if(len) *len = x->aux->alias->length; - return x->aux->alias->data; -} - -int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj) -{ - X509_CERT_AUX *aux; - ASN1_OBJECT *objtmp; - if(!(objtmp = OBJ_dup(obj))) return 0; - if(!(aux = aux_get(x))) return 0; - if(!aux->trust - && !(aux->trust = sk_ASN1_OBJECT_new_null())) return 0; - return sk_ASN1_OBJECT_push(aux->trust, objtmp); -} - -int X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj) -{ - X509_CERT_AUX *aux; - ASN1_OBJECT *objtmp; - if(!(objtmp = OBJ_dup(obj))) return 0; - if(!(aux = aux_get(x))) return 0; - if(!aux->reject - && !(aux->reject = sk_ASN1_OBJECT_new_null())) return 0; - return sk_ASN1_OBJECT_push(aux->reject, objtmp); -} - -void X509_trust_clear(X509 *x) -{ - if(x->aux && x->aux->trust) { - sk_ASN1_OBJECT_pop_free(x->aux->trust, ASN1_OBJECT_free); - x->aux->trust = NULL; - } -} - -void X509_reject_clear(X509 *x) -{ - if(x->aux && x->aux->reject) { - sk_ASN1_OBJECT_pop_free(x->aux->reject, ASN1_OBJECT_free); - x->aux->reject = NULL; - } -} - diff --git a/src/lib/libcrypto/bf/COPYRIGHT b/src/lib/libcrypto/bf/COPYRIGHT deleted file mode 100644 index 6857223506..0000000000 --- a/src/lib/libcrypto/bf/COPYRIGHT +++ /dev/null @@ -1,46 +0,0 @@ -Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) -All rights reserved. - -This package is an Blowfish implementation written -by Eric Young (eay@cryptsoft.com). - -This library is free for commercial and non-commercial use as long as -the following conditions are aheared to. The following conditions -apply to all code found in this distribution. - -Copyright remains Eric Young's, and as such any Copyright notices in -the code are not to be removed. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions -are met: -1. Redistributions of source code must retain the copyright - notice, this list of conditions and the following disclaimer. -2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. -3. All advertising materials mentioning features or use of this software - must display the following acknowledgement: - This product includes software developed by Eric Young (eay@cryptsoft.com) - -THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND -ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE -FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -SUCH DAMAGE. - -The license and distribution terms for any publically available version or -derivative of this code cannot be changed. i.e. this code cannot simply be -copied and put under another distrubution license -[including the GNU Public License.] - -The reason behind this being stated in this direct manner is past -experience in code simply being copied and the attribution removed -from it and then being distributed as part of other packages. This -implementation was a non-trivial and unpaid effort. diff --git a/src/lib/libcrypto/bf/INSTALL b/src/lib/libcrypto/bf/INSTALL deleted file mode 100644 index 3b25923532..0000000000 --- a/src/lib/libcrypto/bf/INSTALL +++ /dev/null @@ -1,14 +0,0 @@ -This Eric Young's blowfish implementation, taken from his SSLeay library -and made available as a separate library. - -The version number (0.7.2m) is the SSLeay version that this library was -taken from. - -To build, just unpack and type make. -If you are not using gcc, edit the Makefile. -If you are compiling for an x86 box, try the assembler (it needs improving). -There are also some compile time options that can improve performance, -these are documented in the Makefile. - -eric 15-Apr-1997 - diff --git a/src/lib/libcrypto/bf/README b/src/lib/libcrypto/bf/README deleted file mode 100644 index f2712fd0e7..0000000000 --- a/src/lib/libcrypto/bf/README +++ /dev/null @@ -1,8 +0,0 @@ -This is a quick packaging up of my blowfish code into a library. -It has been lifted from SSLeay. -The copyright notices seem a little harsh because I have not spent the -time to rewrite the conditions from the normal SSLeay ones. - -Basically if you just want to play with the library, not a problem. - -eric 15-Apr-1997 diff --git a/src/lib/libcrypto/bf/VERSION b/src/lib/libcrypto/bf/VERSION deleted file mode 100644 index be995855e4..0000000000 --- a/src/lib/libcrypto/bf/VERSION +++ /dev/null @@ -1,6 +0,0 @@ -The version numbers will follow my SSL implementation - -0.7.2r - Some reasonable default compiler options from - Peter Gutman - -0.7.2m - the first release diff --git a/src/lib/libcrypto/bf/asm/bf-586.pl b/src/lib/libcrypto/bf/asm/bf-586.pl deleted file mode 100644 index b556642c94..0000000000 --- a/src/lib/libcrypto/bf/asm/bf-586.pl +++ /dev/null @@ -1,136 +0,0 @@ -#!/usr/local/bin/perl - -push(@INC,"perlasm","../../perlasm"); -require "x86asm.pl"; -require "cbc.pl"; - -&asm_init($ARGV[0],"bf-586.pl",$ARGV[$#ARGV] eq "386"); - -$BF_ROUNDS=16; -$BF_OFF=($BF_ROUNDS+2)*4; -$L="edi"; -$R="esi"; -$P="ebp"; -$tmp1="eax"; -$tmp2="ebx"; -$tmp3="ecx"; -$tmp4="edx"; - -&BF_encrypt("BF_encrypt",1); -&BF_encrypt("BF_decrypt",0); -&cbc("BF_cbc_encrypt","BF_encrypt","BF_decrypt",1,4,5,3,-1,-1); -&asm_finish(); - -sub BF_encrypt - { - local($name,$enc)=@_; - - &function_begin_B($name,""); - - &comment(""); - - &push("ebp"); - &push("ebx"); - &mov($tmp2,&wparam(0)); - &mov($P,&wparam(1)); - &push("esi"); - &push("edi"); - - &comment("Load the 2 words"); - &mov($L,&DWP(0,$tmp2,"",0)); - &mov($R,&DWP(4,$tmp2,"",0)); - - &xor( $tmp1, $tmp1); - - # encrypting part - - if ($enc) - { - &mov($tmp2,&DWP(0,$P,"",0)); - &xor( $tmp3, $tmp3); - - &xor($L,$tmp2); - for ($i=0; $i<$BF_ROUNDS; $i+=2) - { - &comment(""); - &comment("Round $i"); - &BF_ENCRYPT($i+1,$R,$L,$P,$tmp1,$tmp2,$tmp3,$tmp4,1); - - &comment(""); - &comment("Round ".sprintf("%d",$i+1)); - &BF_ENCRYPT($i+2,$L,$R,$P,$tmp1,$tmp2,$tmp3,$tmp4,1); - } - # &mov($tmp1,&wparam(0)); In last loop - &mov($tmp4,&DWP(($BF_ROUNDS+1)*4,$P,"",0)); - } - else - { - &mov($tmp2,&DWP(($BF_ROUNDS+1)*4,$P,"",0)); - &xor( $tmp3, $tmp3); - - &xor($L,$tmp2); - for ($i=$BF_ROUNDS; $i>0; $i-=2) - { - &comment(""); - &comment("Round $i"); - &BF_ENCRYPT($i,$R,$L,$P,$tmp1,$tmp2,$tmp3,$tmp4,0); - &comment(""); - &comment("Round ".sprintf("%d",$i-1)); - &BF_ENCRYPT($i-1,$L,$R,$P,$tmp1,$tmp2,$tmp3,$tmp4,0); - } - # &mov($tmp1,&wparam(0)); In last loop - &mov($tmp4,&DWP(0,$P,"",0)); - } - - &xor($R,$tmp4); - &mov(&DWP(4,$tmp1,"",0),$L); - - &mov(&DWP(0,$tmp1,"",0),$R); - &function_end($name); - } - -sub BF_ENCRYPT - { - local($i,$L,$R,$P,$tmp1,$tmp2,$tmp3,$tmp4,$enc)=@_; - - &mov( $tmp4, &DWP(&n2a($i*4),$P,"",0)); # for next round - - &mov( $tmp2, $R); - &xor( $L, $tmp4); - - &shr( $tmp2, 16); - &mov( $tmp4, $R); - - &movb( &LB($tmp1), &HB($tmp2)); # A - &and( $tmp2, 0xff); # B - - &movb( &LB($tmp3), &HB($tmp4)); # C - &and( $tmp4, 0xff); # D - - &mov( $tmp1, &DWP(&n2a($BF_OFF+0x0000),$P,$tmp1,4)); - &mov( $tmp2, &DWP(&n2a($BF_OFF+0x0400),$P,$tmp2,4)); - - &add( $tmp2, $tmp1); - &mov( $tmp1, &DWP(&n2a($BF_OFF+0x0800),$P,$tmp3,4)); - - &xor( $tmp2, $tmp1); - &mov( $tmp4, &DWP(&n2a($BF_OFF+0x0C00),$P,$tmp4,4)); - - &add( $tmp2, $tmp4); - if (($enc && ($i != 16)) || ((!$enc) && ($i != 1))) - { &xor( $tmp1, $tmp1); } - else - { - &comment("Load parameter 0 ($i) enc=$enc"); - &mov($tmp1,&wparam(0)); - } # In last loop - - &xor( $L, $tmp2); - # delay - } - -sub n2a - { - sprintf("%d",$_[0]); - } - diff --git a/src/lib/libcrypto/bf/bf_cbc.c b/src/lib/libcrypto/bf/bf_cbc.c deleted file mode 100644 index f949629dc6..0000000000 --- a/src/lib/libcrypto/bf/bf_cbc.c +++ /dev/null @@ -1,143 +0,0 @@ -/* crypto/bf/bf_cbc.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "bf_locl.h" - -void BF_cbc_encrypt(const unsigned char *in, unsigned char *out, long length, - const BF_KEY *schedule, unsigned char *ivec, int encrypt) - { - register BF_LONG tin0,tin1; - register BF_LONG tout0,tout1,xor0,xor1; - register long l=length; - BF_LONG tin[2]; - - if (encrypt) - { - n2l(ivec,tout0); - n2l(ivec,tout1); - ivec-=8; - for (l-=8; l>=0; l-=8) - { - n2l(in,tin0); - n2l(in,tin1); - tin0^=tout0; - tin1^=tout1; - tin[0]=tin0; - tin[1]=tin1; - BF_encrypt(tin,schedule); - tout0=tin[0]; - tout1=tin[1]; - l2n(tout0,out); - l2n(tout1,out); - } - if (l != -8) - { - n2ln(in,tin0,tin1,l+8); - tin0^=tout0; - tin1^=tout1; - tin[0]=tin0; - tin[1]=tin1; - BF_encrypt(tin,schedule); - tout0=tin[0]; - tout1=tin[1]; - l2n(tout0,out); - l2n(tout1,out); - } - l2n(tout0,ivec); - l2n(tout1,ivec); - } - else - { - n2l(ivec,xor0); - n2l(ivec,xor1); - ivec-=8; - for (l-=8; l>=0; l-=8) - { - n2l(in,tin0); - n2l(in,tin1); - tin[0]=tin0; - tin[1]=tin1; - BF_decrypt(tin,schedule); - tout0=tin[0]^xor0; - tout1=tin[1]^xor1; - l2n(tout0,out); - l2n(tout1,out); - xor0=tin0; - xor1=tin1; - } - if (l != -8) - { - n2l(in,tin0); - n2l(in,tin1); - tin[0]=tin0; - tin[1]=tin1; - BF_decrypt(tin,schedule); - tout0=tin[0]^xor0; - tout1=tin[1]^xor1; - l2nn(tout0,tout1,out,l+8); - xor0=tin0; - xor1=tin1; - } - l2n(xor0,ivec); - l2n(xor1,ivec); - } - tin0=tin1=tout0=tout1=xor0=xor1=0; - tin[0]=tin[1]=0; - } - diff --git a/src/lib/libcrypto/bf/bf_cfb64.c b/src/lib/libcrypto/bf/bf_cfb64.c deleted file mode 100644 index 6451c8d407..0000000000 --- a/src/lib/libcrypto/bf/bf_cfb64.c +++ /dev/null @@ -1,121 +0,0 @@ -/* crypto/bf/bf_cfb64.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "bf_locl.h" - -/* The input and output encrypted as though 64bit cfb mode is being - * used. The extra state information to record how much of the - * 64bit block we have used is contained in *num; - */ - -void BF_cfb64_encrypt(const unsigned char *in, unsigned char *out, long length, - const BF_KEY *schedule, unsigned char *ivec, int *num, int encrypt) - { - register BF_LONG v0,v1,t; - register int n= *num; - register long l=length; - BF_LONG ti[2]; - unsigned char *iv,c,cc; - - iv=(unsigned char *)ivec; - if (encrypt) - { - while (l--) - { - if (n == 0) - { - n2l(iv,v0); ti[0]=v0; - n2l(iv,v1); ti[1]=v1; - BF_encrypt((BF_LONG *)ti,schedule); - iv=(unsigned char *)ivec; - t=ti[0]; l2n(t,iv); - t=ti[1]; l2n(t,iv); - iv=(unsigned char *)ivec; - } - c= *(in++)^iv[n]; - *(out++)=c; - iv[n]=c; - n=(n+1)&0x07; - } - } - else - { - while (l--) - { - if (n == 0) - { - n2l(iv,v0); ti[0]=v0; - n2l(iv,v1); ti[1]=v1; - BF_encrypt((BF_LONG *)ti,schedule); - iv=(unsigned char *)ivec; - t=ti[0]; l2n(t,iv); - t=ti[1]; l2n(t,iv); - iv=(unsigned char *)ivec; - } - cc= *(in++); - c=iv[n]; - iv[n]=cc; - *(out++)=c^cc; - n=(n+1)&0x07; - } - } - v0=v1=ti[0]=ti[1]=t=c=cc=0; - *num=n; - } - diff --git a/src/lib/libcrypto/bf/bf_ecb.c b/src/lib/libcrypto/bf/bf_ecb.c deleted file mode 100644 index 341991636f..0000000000 --- a/src/lib/libcrypto/bf/bf_ecb.c +++ /dev/null @@ -1,96 +0,0 @@ -/* crypto/bf/bf_ecb.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "bf_locl.h" -#include - -/* Blowfish as implemented from 'Blowfish: Springer-Verlag paper' - * (From LECTURE NOTES IN COMPUTER SCIENCE 809, FAST SOFTWARE ENCRYPTION, - * CAMBRIDGE SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993) - */ - -const char *BF_version="Blowfish" OPENSSL_VERSION_PTEXT; - -const char *BF_options(void) - { -#ifdef BF_PTR - return("blowfish(ptr)"); -#elif defined(BF_PTR2) - return("blowfish(ptr2)"); -#else - return("blowfish(idx)"); -#endif - } - -void BF_ecb_encrypt(const unsigned char *in, unsigned char *out, - const BF_KEY *key, int encrypt) - { - BF_LONG l,d[2]; - - n2l(in,l); d[0]=l; - n2l(in,l); d[1]=l; - if (encrypt) - BF_encrypt(d,key); - else - BF_decrypt(d,key); - l=d[0]; l2n(l,out); - l=d[1]; l2n(l,out); - l=d[0]=d[1]=0; - } - diff --git a/src/lib/libcrypto/bf/bf_enc.c b/src/lib/libcrypto/bf/bf_enc.c deleted file mode 100644 index b380acf959..0000000000 --- a/src/lib/libcrypto/bf/bf_enc.c +++ /dev/null @@ -1,306 +0,0 @@ -/* crypto/bf/bf_enc.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "bf_locl.h" - -/* Blowfish as implemented from 'Blowfish: Springer-Verlag paper' - * (From LECTURE NOTES IN COMPUTER SCIENCE 809, FAST SOFTWARE ENCRYPTION, - * CAMBRIDGE SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993) - */ - -#if (BF_ROUNDS != 16) && (BF_ROUNDS != 20) -#error If you set BF_ROUNDS to some value other than 16 or 20, you will have \ -to modify the code. -#endif - -void BF_encrypt(BF_LONG *data, const BF_KEY *key) - { -#ifndef BF_PTR2 - register BF_LONG l,r; - const register BF_LONG *p,*s; - - p=key->P; - s= &(key->S[0]); - l=data[0]; - r=data[1]; - - l^=p[0]; - BF_ENC(r,l,s,p[ 1]); - BF_ENC(l,r,s,p[ 2]); - BF_ENC(r,l,s,p[ 3]); - BF_ENC(l,r,s,p[ 4]); - BF_ENC(r,l,s,p[ 5]); - BF_ENC(l,r,s,p[ 6]); - BF_ENC(r,l,s,p[ 7]); - BF_ENC(l,r,s,p[ 8]); - BF_ENC(r,l,s,p[ 9]); - BF_ENC(l,r,s,p[10]); - BF_ENC(r,l,s,p[11]); - BF_ENC(l,r,s,p[12]); - BF_ENC(r,l,s,p[13]); - BF_ENC(l,r,s,p[14]); - BF_ENC(r,l,s,p[15]); - BF_ENC(l,r,s,p[16]); -#if BF_ROUNDS == 20 - BF_ENC(r,l,s,p[17]); - BF_ENC(l,r,s,p[18]); - BF_ENC(r,l,s,p[19]); - BF_ENC(l,r,s,p[20]); -#endif - r^=p[BF_ROUNDS+1]; - - data[1]=l&0xffffffffL; - data[0]=r&0xffffffffL; -#else - register BF_LONG l,r,t,*k; - - l=data[0]; - r=data[1]; - k=(BF_LONG*)key; - - l^=k[0]; - BF_ENC(r,l,k, 1); - BF_ENC(l,r,k, 2); - BF_ENC(r,l,k, 3); - BF_ENC(l,r,k, 4); - BF_ENC(r,l,k, 5); - BF_ENC(l,r,k, 6); - BF_ENC(r,l,k, 7); - BF_ENC(l,r,k, 8); - BF_ENC(r,l,k, 9); - BF_ENC(l,r,k,10); - BF_ENC(r,l,k,11); - BF_ENC(l,r,k,12); - BF_ENC(r,l,k,13); - BF_ENC(l,r,k,14); - BF_ENC(r,l,k,15); - BF_ENC(l,r,k,16); -#if BF_ROUNDS == 20 - BF_ENC(r,l,k,17); - BF_ENC(l,r,k,18); - BF_ENC(r,l,k,19); - BF_ENC(l,r,k,20); -#endif - r^=k[BF_ROUNDS+1]; - - data[1]=l&0xffffffffL; - data[0]=r&0xffffffffL; -#endif - } - -#ifndef BF_DEFAULT_OPTIONS - -void BF_decrypt(BF_LONG *data, const BF_KEY *key) - { -#ifndef BF_PTR2 - register BF_LONG l,r; - const register BF_LONG *p,*s; - - p=key->P; - s= &(key->S[0]); - l=data[0]; - r=data[1]; - - l^=p[BF_ROUNDS+1]; -#if BF_ROUNDS == 20 - BF_ENC(r,l,s,p[20]); - BF_ENC(l,r,s,p[19]); - BF_ENC(r,l,s,p[18]); - BF_ENC(l,r,s,p[17]); -#endif - BF_ENC(r,l,s,p[16]); - BF_ENC(l,r,s,p[15]); - BF_ENC(r,l,s,p[14]); - BF_ENC(l,r,s,p[13]); - BF_ENC(r,l,s,p[12]); - BF_ENC(l,r,s,p[11]); - BF_ENC(r,l,s,p[10]); - BF_ENC(l,r,s,p[ 9]); - BF_ENC(r,l,s,p[ 8]); - BF_ENC(l,r,s,p[ 7]); - BF_ENC(r,l,s,p[ 6]); - BF_ENC(l,r,s,p[ 5]); - BF_ENC(r,l,s,p[ 4]); - BF_ENC(l,r,s,p[ 3]); - BF_ENC(r,l,s,p[ 2]); - BF_ENC(l,r,s,p[ 1]); - r^=p[0]; - - data[1]=l&0xffffffffL; - data[0]=r&0xffffffffL; -#else - register BF_LONG l,r,t,*k; - - l=data[0]; - r=data[1]; - k=(BF_LONG *)key; - - l^=k[BF_ROUNDS+1]; -#if BF_ROUNDS == 20 - BF_ENC(r,l,k,20); - BF_ENC(l,r,k,19); - BF_ENC(r,l,k,18); - BF_ENC(l,r,k,17); -#endif - BF_ENC(r,l,k,16); - BF_ENC(l,r,k,15); - BF_ENC(r,l,k,14); - BF_ENC(l,r,k,13); - BF_ENC(r,l,k,12); - BF_ENC(l,r,k,11); - BF_ENC(r,l,k,10); - BF_ENC(l,r,k, 9); - BF_ENC(r,l,k, 8); - BF_ENC(l,r,k, 7); - BF_ENC(r,l,k, 6); - BF_ENC(l,r,k, 5); - BF_ENC(r,l,k, 4); - BF_ENC(l,r,k, 3); - BF_ENC(r,l,k, 2); - BF_ENC(l,r,k, 1); - r^=k[0]; - - data[1]=l&0xffffffffL; - data[0]=r&0xffffffffL; -#endif - } - -void BF_cbc_encrypt(const unsigned char *in, unsigned char *out, long length, - const BF_KEY *schedule, unsigned char *ivec, int encrypt) - { - register BF_LONG tin0,tin1; - register BF_LONG tout0,tout1,xor0,xor1; - register long l=length; - BF_LONG tin[2]; - - if (encrypt) - { - n2l(ivec,tout0); - n2l(ivec,tout1); - ivec-=8; - for (l-=8; l>=0; l-=8) - { - n2l(in,tin0); - n2l(in,tin1); - tin0^=tout0; - tin1^=tout1; - tin[0]=tin0; - tin[1]=tin1; - BF_encrypt(tin,schedule); - tout0=tin[0]; - tout1=tin[1]; - l2n(tout0,out); - l2n(tout1,out); - } - if (l != -8) - { - n2ln(in,tin0,tin1,l+8); - tin0^=tout0; - tin1^=tout1; - tin[0]=tin0; - tin[1]=tin1; - BF_encrypt(tin,schedule); - tout0=tin[0]; - tout1=tin[1]; - l2n(tout0,out); - l2n(tout1,out); - } - l2n(tout0,ivec); - l2n(tout1,ivec); - } - else - { - n2l(ivec,xor0); - n2l(ivec,xor1); - ivec-=8; - for (l-=8; l>=0; l-=8) - { - n2l(in,tin0); - n2l(in,tin1); - tin[0]=tin0; - tin[1]=tin1; - BF_decrypt(tin,schedule); - tout0=tin[0]^xor0; - tout1=tin[1]^xor1; - l2n(tout0,out); - l2n(tout1,out); - xor0=tin0; - xor1=tin1; - } - if (l != -8) - { - n2l(in,tin0); - n2l(in,tin1); - tin[0]=tin0; - tin[1]=tin1; - BF_decrypt(tin,schedule); - tout0=tin[0]^xor0; - tout1=tin[1]^xor1; - l2nn(tout0,tout1,out,l+8); - xor0=tin0; - xor1=tin1; - } - l2n(xor0,ivec); - l2n(xor1,ivec); - } - tin0=tin1=tout0=tout1=xor0=xor1=0; - tin[0]=tin[1]=0; - } - -#endif diff --git a/src/lib/libcrypto/bf/bf_locl.h b/src/lib/libcrypto/bf/bf_locl.h deleted file mode 100644 index cc7c3ec992..0000000000 --- a/src/lib/libcrypto/bf/bf_locl.h +++ /dev/null @@ -1,219 +0,0 @@ -/* crypto/bf/bf_locl.h */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_BF_LOCL_H -#define HEADER_BF_LOCL_H -#include /* BF_PTR, BF_PTR2 */ - -#undef c2l -#define c2l(c,l) (l =((unsigned long)(*((c)++))) , \ - l|=((unsigned long)(*((c)++)))<< 8L, \ - l|=((unsigned long)(*((c)++)))<<16L, \ - l|=((unsigned long)(*((c)++)))<<24L) - -/* NOTE - c is not incremented as per c2l */ -#undef c2ln -#define c2ln(c,l1,l2,n) { \ - c+=n; \ - l1=l2=0; \ - switch (n) { \ - case 8: l2 =((unsigned long)(*(--(c))))<<24L; \ - case 7: l2|=((unsigned long)(*(--(c))))<<16L; \ - case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \ - case 5: l2|=((unsigned long)(*(--(c)))); \ - case 4: l1 =((unsigned long)(*(--(c))))<<24L; \ - case 3: l1|=((unsigned long)(*(--(c))))<<16L; \ - case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \ - case 1: l1|=((unsigned long)(*(--(c)))); \ - } \ - } - -#undef l2c -#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \ - *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \ - *((c)++)=(unsigned char)(((l)>>16L)&0xff), \ - *((c)++)=(unsigned char)(((l)>>24L)&0xff)) - -/* NOTE - c is not incremented as per l2c */ -#undef l2cn -#define l2cn(l1,l2,c,n) { \ - c+=n; \ - switch (n) { \ - case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \ - case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \ - case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \ - case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \ - case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \ - case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \ - case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \ - case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \ - } \ - } - -/* NOTE - c is not incremented as per n2l */ -#define n2ln(c,l1,l2,n) { \ - c+=n; \ - l1=l2=0; \ - switch (n) { \ - case 8: l2 =((unsigned long)(*(--(c)))) ; \ - case 7: l2|=((unsigned long)(*(--(c))))<< 8; \ - case 6: l2|=((unsigned long)(*(--(c))))<<16; \ - case 5: l2|=((unsigned long)(*(--(c))))<<24; \ - case 4: l1 =((unsigned long)(*(--(c)))) ; \ - case 3: l1|=((unsigned long)(*(--(c))))<< 8; \ - case 2: l1|=((unsigned long)(*(--(c))))<<16; \ - case 1: l1|=((unsigned long)(*(--(c))))<<24; \ - } \ - } - -/* NOTE - c is not incremented as per l2n */ -#define l2nn(l1,l2,c,n) { \ - c+=n; \ - switch (n) { \ - case 8: *(--(c))=(unsigned char)(((l2) )&0xff); \ - case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \ - case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \ - case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \ - case 4: *(--(c))=(unsigned char)(((l1) )&0xff); \ - case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \ - case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \ - case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \ - } \ - } - -#undef n2l -#define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24L, \ - l|=((unsigned long)(*((c)++)))<<16L, \ - l|=((unsigned long)(*((c)++)))<< 8L, \ - l|=((unsigned long)(*((c)++)))) - -#undef l2n -#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \ - *((c)++)=(unsigned char)(((l)>>16L)&0xff), \ - *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \ - *((c)++)=(unsigned char)(((l) )&0xff)) - -/* This is actually a big endian algorithm, the most significant byte - * is used to lookup array 0 */ - -#if defined(BF_PTR2) - -/* - * This is basically a special Intel version. Point is that Intel - * doesn't have many registers, but offers a reach choice of addressing - * modes. So we spare some registers by directly traversing BF_KEY - * structure and hiring the most decorated addressing mode. The code - * generated by EGCS is *perfectly* competitive with assembler - * implementation! - */ -#define BF_ENC(LL,R,KEY,Pi) (\ - LL^=KEY[Pi], \ - t= KEY[BF_ROUNDS+2 + 0 + ((R>>24)&0xFF)], \ - t+= KEY[BF_ROUNDS+2 + 256 + ((R>>16)&0xFF)], \ - t^= KEY[BF_ROUNDS+2 + 512 + ((R>>8 )&0xFF)], \ - t+= KEY[BF_ROUNDS+2 + 768 + ((R )&0xFF)], \ - LL^=t \ - ) - -#elif defined(BF_PTR) - -#ifndef BF_LONG_LOG2 -#define BF_LONG_LOG2 2 /* default to BF_LONG being 32 bits */ -#endif -#define BF_M (0xFF<>BF_i)&BF_M gets folded into a single instruction, namely - * rlwinm. So let'em double-check if their compiler does it. - */ - -#define BF_ENC(LL,R,S,P) ( \ - LL^=P, \ - LL^= (((*(BF_LONG *)((unsigned char *)&(S[ 0])+((R>>BF_0)&BF_M))+ \ - *(BF_LONG *)((unsigned char *)&(S[256])+((R>>BF_1)&BF_M)))^ \ - *(BF_LONG *)((unsigned char *)&(S[512])+((R>>BF_2)&BF_M)))+ \ - *(BF_LONG *)((unsigned char *)&(S[768])+((R<>24)&0xff)] + \ - S[0x0100+((int)(R>>16)&0xff)])^ \ - S[0x0200+((int)(R>> 8)&0xff)])+ \ - S[0x0300+((int)(R )&0xff)])&0xffffffffL \ - ) -#endif - -#endif diff --git a/src/lib/libcrypto/bf/bf_ofb64.c b/src/lib/libcrypto/bf/bf_ofb64.c deleted file mode 100644 index f2a9ff6e41..0000000000 --- a/src/lib/libcrypto/bf/bf_ofb64.c +++ /dev/null @@ -1,110 +0,0 @@ -/* crypto/bf/bf_ofb64.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "bf_locl.h" - -/* The input and output encrypted as though 64bit ofb mode is being - * used. The extra state information to record how much of the - * 64bit block we have used is contained in *num; - */ -void BF_ofb64_encrypt(const unsigned char *in, unsigned char *out, long length, - const BF_KEY *schedule, unsigned char *ivec, int *num) - { - register BF_LONG v0,v1,t; - register int n= *num; - register long l=length; - unsigned char d[8]; - register char *dp; - BF_LONG ti[2]; - unsigned char *iv; - int save=0; - - iv=(unsigned char *)ivec; - n2l(iv,v0); - n2l(iv,v1); - ti[0]=v0; - ti[1]=v1; - dp=(char *)d; - l2n(v0,dp); - l2n(v1,dp); - while (l--) - { - if (n == 0) - { - BF_encrypt((BF_LONG *)ti,schedule); - dp=(char *)d; - t=ti[0]; l2n(t,dp); - t=ti[1]; l2n(t,dp); - save++; - } - *(out++)= *(in++)^d[n]; - n=(n+1)&0x07; - } - if (save) - { - v0=ti[0]; - v1=ti[1]; - iv=(unsigned char *)ivec; - l2n(v0,iv); - l2n(v1,iv); - } - t=v0=v1=ti[0]=ti[1]=0; - *num=n; - } - diff --git a/src/lib/libcrypto/bf/bf_pi.h b/src/lib/libcrypto/bf/bf_pi.h deleted file mode 100644 index 9949513c68..0000000000 --- a/src/lib/libcrypto/bf/bf_pi.h +++ /dev/null @@ -1,325 +0,0 @@ -/* crypto/bf/bf_pi.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -static const BF_KEY bf_init= { - { - 0x243f6a88L, 0x85a308d3L, 0x13198a2eL, 0x03707344L, - 0xa4093822L, 0x299f31d0L, 0x082efa98L, 0xec4e6c89L, - 0x452821e6L, 0x38d01377L, 0xbe5466cfL, 0x34e90c6cL, - 0xc0ac29b7L, 0xc97c50ddL, 0x3f84d5b5L, 0xb5470917L, - 0x9216d5d9L, 0x8979fb1b - },{ - 0xd1310ba6L, 0x98dfb5acL, 0x2ffd72dbL, 0xd01adfb7L, - 0xb8e1afedL, 0x6a267e96L, 0xba7c9045L, 0xf12c7f99L, - 0x24a19947L, 0xb3916cf7L, 0x0801f2e2L, 0x858efc16L, - 0x636920d8L, 0x71574e69L, 0xa458fea3L, 0xf4933d7eL, - 0x0d95748fL, 0x728eb658L, 0x718bcd58L, 0x82154aeeL, - 0x7b54a41dL, 0xc25a59b5L, 0x9c30d539L, 0x2af26013L, - 0xc5d1b023L, 0x286085f0L, 0xca417918L, 0xb8db38efL, - 0x8e79dcb0L, 0x603a180eL, 0x6c9e0e8bL, 0xb01e8a3eL, - 0xd71577c1L, 0xbd314b27L, 0x78af2fdaL, 0x55605c60L, - 0xe65525f3L, 0xaa55ab94L, 0x57489862L, 0x63e81440L, - 0x55ca396aL, 0x2aab10b6L, 0xb4cc5c34L, 0x1141e8ceL, - 0xa15486afL, 0x7c72e993L, 0xb3ee1411L, 0x636fbc2aL, - 0x2ba9c55dL, 0x741831f6L, 0xce5c3e16L, 0x9b87931eL, - 0xafd6ba33L, 0x6c24cf5cL, 0x7a325381L, 0x28958677L, - 0x3b8f4898L, 0x6b4bb9afL, 0xc4bfe81bL, 0x66282193L, - 0x61d809ccL, 0xfb21a991L, 0x487cac60L, 0x5dec8032L, - 0xef845d5dL, 0xe98575b1L, 0xdc262302L, 0xeb651b88L, - 0x23893e81L, 0xd396acc5L, 0x0f6d6ff3L, 0x83f44239L, - 0x2e0b4482L, 0xa4842004L, 0x69c8f04aL, 0x9e1f9b5eL, - 0x21c66842L, 0xf6e96c9aL, 0x670c9c61L, 0xabd388f0L, - 0x6a51a0d2L, 0xd8542f68L, 0x960fa728L, 0xab5133a3L, - 0x6eef0b6cL, 0x137a3be4L, 0xba3bf050L, 0x7efb2a98L, - 0xa1f1651dL, 0x39af0176L, 0x66ca593eL, 0x82430e88L, - 0x8cee8619L, 0x456f9fb4L, 0x7d84a5c3L, 0x3b8b5ebeL, - 0xe06f75d8L, 0x85c12073L, 0x401a449fL, 0x56c16aa6L, - 0x4ed3aa62L, 0x363f7706L, 0x1bfedf72L, 0x429b023dL, - 0x37d0d724L, 0xd00a1248L, 0xdb0fead3L, 0x49f1c09bL, - 0x075372c9L, 0x80991b7bL, 0x25d479d8L, 0xf6e8def7L, - 0xe3fe501aL, 0xb6794c3bL, 0x976ce0bdL, 0x04c006baL, - 0xc1a94fb6L, 0x409f60c4L, 0x5e5c9ec2L, 0x196a2463L, - 0x68fb6fafL, 0x3e6c53b5L, 0x1339b2ebL, 0x3b52ec6fL, - 0x6dfc511fL, 0x9b30952cL, 0xcc814544L, 0xaf5ebd09L, - 0xbee3d004L, 0xde334afdL, 0x660f2807L, 0x192e4bb3L, - 0xc0cba857L, 0x45c8740fL, 0xd20b5f39L, 0xb9d3fbdbL, - 0x5579c0bdL, 0x1a60320aL, 0xd6a100c6L, 0x402c7279L, - 0x679f25feL, 0xfb1fa3ccL, 0x8ea5e9f8L, 0xdb3222f8L, - 0x3c7516dfL, 0xfd616b15L, 0x2f501ec8L, 0xad0552abL, - 0x323db5faL, 0xfd238760L, 0x53317b48L, 0x3e00df82L, - 0x9e5c57bbL, 0xca6f8ca0L, 0x1a87562eL, 0xdf1769dbL, - 0xd542a8f6L, 0x287effc3L, 0xac6732c6L, 0x8c4f5573L, - 0x695b27b0L, 0xbbca58c8L, 0xe1ffa35dL, 0xb8f011a0L, - 0x10fa3d98L, 0xfd2183b8L, 0x4afcb56cL, 0x2dd1d35bL, - 0x9a53e479L, 0xb6f84565L, 0xd28e49bcL, 0x4bfb9790L, - 0xe1ddf2daL, 0xa4cb7e33L, 0x62fb1341L, 0xcee4c6e8L, - 0xef20cadaL, 0x36774c01L, 0xd07e9efeL, 0x2bf11fb4L, - 0x95dbda4dL, 0xae909198L, 0xeaad8e71L, 0x6b93d5a0L, - 0xd08ed1d0L, 0xafc725e0L, 0x8e3c5b2fL, 0x8e7594b7L, - 0x8ff6e2fbL, 0xf2122b64L, 0x8888b812L, 0x900df01cL, - 0x4fad5ea0L, 0x688fc31cL, 0xd1cff191L, 0xb3a8c1adL, - 0x2f2f2218L, 0xbe0e1777L, 0xea752dfeL, 0x8b021fa1L, - 0xe5a0cc0fL, 0xb56f74e8L, 0x18acf3d6L, 0xce89e299L, - 0xb4a84fe0L, 0xfd13e0b7L, 0x7cc43b81L, 0xd2ada8d9L, - 0x165fa266L, 0x80957705L, 0x93cc7314L, 0x211a1477L, - 0xe6ad2065L, 0x77b5fa86L, 0xc75442f5L, 0xfb9d35cfL, - 0xebcdaf0cL, 0x7b3e89a0L, 0xd6411bd3L, 0xae1e7e49L, - 0x00250e2dL, 0x2071b35eL, 0x226800bbL, 0x57b8e0afL, - 0x2464369bL, 0xf009b91eL, 0x5563911dL, 0x59dfa6aaL, - 0x78c14389L, 0xd95a537fL, 0x207d5ba2L, 0x02e5b9c5L, - 0x83260376L, 0x6295cfa9L, 0x11c81968L, 0x4e734a41L, - 0xb3472dcaL, 0x7b14a94aL, 0x1b510052L, 0x9a532915L, - 0xd60f573fL, 0xbc9bc6e4L, 0x2b60a476L, 0x81e67400L, - 0x08ba6fb5L, 0x571be91fL, 0xf296ec6bL, 0x2a0dd915L, - 0xb6636521L, 0xe7b9f9b6L, 0xff34052eL, 0xc5855664L, - 0x53b02d5dL, 0xa99f8fa1L, 0x08ba4799L, 0x6e85076aL, - 0x4b7a70e9L, 0xb5b32944L, 0xdb75092eL, 0xc4192623L, - 0xad6ea6b0L, 0x49a7df7dL, 0x9cee60b8L, 0x8fedb266L, - 0xecaa8c71L, 0x699a17ffL, 0x5664526cL, 0xc2b19ee1L, - 0x193602a5L, 0x75094c29L, 0xa0591340L, 0xe4183a3eL, - 0x3f54989aL, 0x5b429d65L, 0x6b8fe4d6L, 0x99f73fd6L, - 0xa1d29c07L, 0xefe830f5L, 0x4d2d38e6L, 0xf0255dc1L, - 0x4cdd2086L, 0x8470eb26L, 0x6382e9c6L, 0x021ecc5eL, - 0x09686b3fL, 0x3ebaefc9L, 0x3c971814L, 0x6b6a70a1L, - 0x687f3584L, 0x52a0e286L, 0xb79c5305L, 0xaa500737L, - 0x3e07841cL, 0x7fdeae5cL, 0x8e7d44ecL, 0x5716f2b8L, - 0xb03ada37L, 0xf0500c0dL, 0xf01c1f04L, 0x0200b3ffL, - 0xae0cf51aL, 0x3cb574b2L, 0x25837a58L, 0xdc0921bdL, - 0xd19113f9L, 0x7ca92ff6L, 0x94324773L, 0x22f54701L, - 0x3ae5e581L, 0x37c2dadcL, 0xc8b57634L, 0x9af3dda7L, - 0xa9446146L, 0x0fd0030eL, 0xecc8c73eL, 0xa4751e41L, - 0xe238cd99L, 0x3bea0e2fL, 0x3280bba1L, 0x183eb331L, - 0x4e548b38L, 0x4f6db908L, 0x6f420d03L, 0xf60a04bfL, - 0x2cb81290L, 0x24977c79L, 0x5679b072L, 0xbcaf89afL, - 0xde9a771fL, 0xd9930810L, 0xb38bae12L, 0xdccf3f2eL, - 0x5512721fL, 0x2e6b7124L, 0x501adde6L, 0x9f84cd87L, - 0x7a584718L, 0x7408da17L, 0xbc9f9abcL, 0xe94b7d8cL, - 0xec7aec3aL, 0xdb851dfaL, 0x63094366L, 0xc464c3d2L, - 0xef1c1847L, 0x3215d908L, 0xdd433b37L, 0x24c2ba16L, - 0x12a14d43L, 0x2a65c451L, 0x50940002L, 0x133ae4ddL, - 0x71dff89eL, 0x10314e55L, 0x81ac77d6L, 0x5f11199bL, - 0x043556f1L, 0xd7a3c76bL, 0x3c11183bL, 0x5924a509L, - 0xf28fe6edL, 0x97f1fbfaL, 0x9ebabf2cL, 0x1e153c6eL, - 0x86e34570L, 0xeae96fb1L, 0x860e5e0aL, 0x5a3e2ab3L, - 0x771fe71cL, 0x4e3d06faL, 0x2965dcb9L, 0x99e71d0fL, - 0x803e89d6L, 0x5266c825L, 0x2e4cc978L, 0x9c10b36aL, - 0xc6150ebaL, 0x94e2ea78L, 0xa5fc3c53L, 0x1e0a2df4L, - 0xf2f74ea7L, 0x361d2b3dL, 0x1939260fL, 0x19c27960L, - 0x5223a708L, 0xf71312b6L, 0xebadfe6eL, 0xeac31f66L, - 0xe3bc4595L, 0xa67bc883L, 0xb17f37d1L, 0x018cff28L, - 0xc332ddefL, 0xbe6c5aa5L, 0x65582185L, 0x68ab9802L, - 0xeecea50fL, 0xdb2f953bL, 0x2aef7dadL, 0x5b6e2f84L, - 0x1521b628L, 0x29076170L, 0xecdd4775L, 0x619f1510L, - 0x13cca830L, 0xeb61bd96L, 0x0334fe1eL, 0xaa0363cfL, - 0xb5735c90L, 0x4c70a239L, 0xd59e9e0bL, 0xcbaade14L, - 0xeecc86bcL, 0x60622ca7L, 0x9cab5cabL, 0xb2f3846eL, - 0x648b1eafL, 0x19bdf0caL, 0xa02369b9L, 0x655abb50L, - 0x40685a32L, 0x3c2ab4b3L, 0x319ee9d5L, 0xc021b8f7L, - 0x9b540b19L, 0x875fa099L, 0x95f7997eL, 0x623d7da8L, - 0xf837889aL, 0x97e32d77L, 0x11ed935fL, 0x16681281L, - 0x0e358829L, 0xc7e61fd6L, 0x96dedfa1L, 0x7858ba99L, - 0x57f584a5L, 0x1b227263L, 0x9b83c3ffL, 0x1ac24696L, - 0xcdb30aebL, 0x532e3054L, 0x8fd948e4L, 0x6dbc3128L, - 0x58ebf2efL, 0x34c6ffeaL, 0xfe28ed61L, 0xee7c3c73L, - 0x5d4a14d9L, 0xe864b7e3L, 0x42105d14L, 0x203e13e0L, - 0x45eee2b6L, 0xa3aaabeaL, 0xdb6c4f15L, 0xfacb4fd0L, - 0xc742f442L, 0xef6abbb5L, 0x654f3b1dL, 0x41cd2105L, - 0xd81e799eL, 0x86854dc7L, 0xe44b476aL, 0x3d816250L, - 0xcf62a1f2L, 0x5b8d2646L, 0xfc8883a0L, 0xc1c7b6a3L, - 0x7f1524c3L, 0x69cb7492L, 0x47848a0bL, 0x5692b285L, - 0x095bbf00L, 0xad19489dL, 0x1462b174L, 0x23820e00L, - 0x58428d2aL, 0x0c55f5eaL, 0x1dadf43eL, 0x233f7061L, - 0x3372f092L, 0x8d937e41L, 0xd65fecf1L, 0x6c223bdbL, - 0x7cde3759L, 0xcbee7460L, 0x4085f2a7L, 0xce77326eL, - 0xa6078084L, 0x19f8509eL, 0xe8efd855L, 0x61d99735L, - 0xa969a7aaL, 0xc50c06c2L, 0x5a04abfcL, 0x800bcadcL, - 0x9e447a2eL, 0xc3453484L, 0xfdd56705L, 0x0e1e9ec9L, - 0xdb73dbd3L, 0x105588cdL, 0x675fda79L, 0xe3674340L, - 0xc5c43465L, 0x713e38d8L, 0x3d28f89eL, 0xf16dff20L, - 0x153e21e7L, 0x8fb03d4aL, 0xe6e39f2bL, 0xdb83adf7L, - 0xe93d5a68L, 0x948140f7L, 0xf64c261cL, 0x94692934L, - 0x411520f7L, 0x7602d4f7L, 0xbcf46b2eL, 0xd4a20068L, - 0xd4082471L, 0x3320f46aL, 0x43b7d4b7L, 0x500061afL, - 0x1e39f62eL, 0x97244546L, 0x14214f74L, 0xbf8b8840L, - 0x4d95fc1dL, 0x96b591afL, 0x70f4ddd3L, 0x66a02f45L, - 0xbfbc09ecL, 0x03bd9785L, 0x7fac6dd0L, 0x31cb8504L, - 0x96eb27b3L, 0x55fd3941L, 0xda2547e6L, 0xabca0a9aL, - 0x28507825L, 0x530429f4L, 0x0a2c86daL, 0xe9b66dfbL, - 0x68dc1462L, 0xd7486900L, 0x680ec0a4L, 0x27a18deeL, - 0x4f3ffea2L, 0xe887ad8cL, 0xb58ce006L, 0x7af4d6b6L, - 0xaace1e7cL, 0xd3375fecL, 0xce78a399L, 0x406b2a42L, - 0x20fe9e35L, 0xd9f385b9L, 0xee39d7abL, 0x3b124e8bL, - 0x1dc9faf7L, 0x4b6d1856L, 0x26a36631L, 0xeae397b2L, - 0x3a6efa74L, 0xdd5b4332L, 0x6841e7f7L, 0xca7820fbL, - 0xfb0af54eL, 0xd8feb397L, 0x454056acL, 0xba489527L, - 0x55533a3aL, 0x20838d87L, 0xfe6ba9b7L, 0xd096954bL, - 0x55a867bcL, 0xa1159a58L, 0xcca92963L, 0x99e1db33L, - 0xa62a4a56L, 0x3f3125f9L, 0x5ef47e1cL, 0x9029317cL, - 0xfdf8e802L, 0x04272f70L, 0x80bb155cL, 0x05282ce3L, - 0x95c11548L, 0xe4c66d22L, 0x48c1133fL, 0xc70f86dcL, - 0x07f9c9eeL, 0x41041f0fL, 0x404779a4L, 0x5d886e17L, - 0x325f51ebL, 0xd59bc0d1L, 0xf2bcc18fL, 0x41113564L, - 0x257b7834L, 0x602a9c60L, 0xdff8e8a3L, 0x1f636c1bL, - 0x0e12b4c2L, 0x02e1329eL, 0xaf664fd1L, 0xcad18115L, - 0x6b2395e0L, 0x333e92e1L, 0x3b240b62L, 0xeebeb922L, - 0x85b2a20eL, 0xe6ba0d99L, 0xde720c8cL, 0x2da2f728L, - 0xd0127845L, 0x95b794fdL, 0x647d0862L, 0xe7ccf5f0L, - 0x5449a36fL, 0x877d48faL, 0xc39dfd27L, 0xf33e8d1eL, - 0x0a476341L, 0x992eff74L, 0x3a6f6eabL, 0xf4f8fd37L, - 0xa812dc60L, 0xa1ebddf8L, 0x991be14cL, 0xdb6e6b0dL, - 0xc67b5510L, 0x6d672c37L, 0x2765d43bL, 0xdcd0e804L, - 0xf1290dc7L, 0xcc00ffa3L, 0xb5390f92L, 0x690fed0bL, - 0x667b9ffbL, 0xcedb7d9cL, 0xa091cf0bL, 0xd9155ea3L, - 0xbb132f88L, 0x515bad24L, 0x7b9479bfL, 0x763bd6ebL, - 0x37392eb3L, 0xcc115979L, 0x8026e297L, 0xf42e312dL, - 0x6842ada7L, 0xc66a2b3bL, 0x12754cccL, 0x782ef11cL, - 0x6a124237L, 0xb79251e7L, 0x06a1bbe6L, 0x4bfb6350L, - 0x1a6b1018L, 0x11caedfaL, 0x3d25bdd8L, 0xe2e1c3c9L, - 0x44421659L, 0x0a121386L, 0xd90cec6eL, 0xd5abea2aL, - 0x64af674eL, 0xda86a85fL, 0xbebfe988L, 0x64e4c3feL, - 0x9dbc8057L, 0xf0f7c086L, 0x60787bf8L, 0x6003604dL, - 0xd1fd8346L, 0xf6381fb0L, 0x7745ae04L, 0xd736fcccL, - 0x83426b33L, 0xf01eab71L, 0xb0804187L, 0x3c005e5fL, - 0x77a057beL, 0xbde8ae24L, 0x55464299L, 0xbf582e61L, - 0x4e58f48fL, 0xf2ddfda2L, 0xf474ef38L, 0x8789bdc2L, - 0x5366f9c3L, 0xc8b38e74L, 0xb475f255L, 0x46fcd9b9L, - 0x7aeb2661L, 0x8b1ddf84L, 0x846a0e79L, 0x915f95e2L, - 0x466e598eL, 0x20b45770L, 0x8cd55591L, 0xc902de4cL, - 0xb90bace1L, 0xbb8205d0L, 0x11a86248L, 0x7574a99eL, - 0xb77f19b6L, 0xe0a9dc09L, 0x662d09a1L, 0xc4324633L, - 0xe85a1f02L, 0x09f0be8cL, 0x4a99a025L, 0x1d6efe10L, - 0x1ab93d1dL, 0x0ba5a4dfL, 0xa186f20fL, 0x2868f169L, - 0xdcb7da83L, 0x573906feL, 0xa1e2ce9bL, 0x4fcd7f52L, - 0x50115e01L, 0xa70683faL, 0xa002b5c4L, 0x0de6d027L, - 0x9af88c27L, 0x773f8641L, 0xc3604c06L, 0x61a806b5L, - 0xf0177a28L, 0xc0f586e0L, 0x006058aaL, 0x30dc7d62L, - 0x11e69ed7L, 0x2338ea63L, 0x53c2dd94L, 0xc2c21634L, - 0xbbcbee56L, 0x90bcb6deL, 0xebfc7da1L, 0xce591d76L, - 0x6f05e409L, 0x4b7c0188L, 0x39720a3dL, 0x7c927c24L, - 0x86e3725fL, 0x724d9db9L, 0x1ac15bb4L, 0xd39eb8fcL, - 0xed545578L, 0x08fca5b5L, 0xd83d7cd3L, 0x4dad0fc4L, - 0x1e50ef5eL, 0xb161e6f8L, 0xa28514d9L, 0x6c51133cL, - 0x6fd5c7e7L, 0x56e14ec4L, 0x362abfceL, 0xddc6c837L, - 0xd79a3234L, 0x92638212L, 0x670efa8eL, 0x406000e0L, - 0x3a39ce37L, 0xd3faf5cfL, 0xabc27737L, 0x5ac52d1bL, - 0x5cb0679eL, 0x4fa33742L, 0xd3822740L, 0x99bc9bbeL, - 0xd5118e9dL, 0xbf0f7315L, 0xd62d1c7eL, 0xc700c47bL, - 0xb78c1b6bL, 0x21a19045L, 0xb26eb1beL, 0x6a366eb4L, - 0x5748ab2fL, 0xbc946e79L, 0xc6a376d2L, 0x6549c2c8L, - 0x530ff8eeL, 0x468dde7dL, 0xd5730a1dL, 0x4cd04dc6L, - 0x2939bbdbL, 0xa9ba4650L, 0xac9526e8L, 0xbe5ee304L, - 0xa1fad5f0L, 0x6a2d519aL, 0x63ef8ce2L, 0x9a86ee22L, - 0xc089c2b8L, 0x43242ef6L, 0xa51e03aaL, 0x9cf2d0a4L, - 0x83c061baL, 0x9be96a4dL, 0x8fe51550L, 0xba645bd6L, - 0x2826a2f9L, 0xa73a3ae1L, 0x4ba99586L, 0xef5562e9L, - 0xc72fefd3L, 0xf752f7daL, 0x3f046f69L, 0x77fa0a59L, - 0x80e4a915L, 0x87b08601L, 0x9b09e6adL, 0x3b3ee593L, - 0xe990fd5aL, 0x9e34d797L, 0x2cf0b7d9L, 0x022b8b51L, - 0x96d5ac3aL, 0x017da67dL, 0xd1cf3ed6L, 0x7c7d2d28L, - 0x1f9f25cfL, 0xadf2b89bL, 0x5ad6b472L, 0x5a88f54cL, - 0xe029ac71L, 0xe019a5e6L, 0x47b0acfdL, 0xed93fa9bL, - 0xe8d3c48dL, 0x283b57ccL, 0xf8d56629L, 0x79132e28L, - 0x785f0191L, 0xed756055L, 0xf7960e44L, 0xe3d35e8cL, - 0x15056dd4L, 0x88f46dbaL, 0x03a16125L, 0x0564f0bdL, - 0xc3eb9e15L, 0x3c9057a2L, 0x97271aecL, 0xa93a072aL, - 0x1b3f6d9bL, 0x1e6321f5L, 0xf59c66fbL, 0x26dcf319L, - 0x7533d928L, 0xb155fdf5L, 0x03563482L, 0x8aba3cbbL, - 0x28517711L, 0xc20ad9f8L, 0xabcc5167L, 0xccad925fL, - 0x4de81751L, 0x3830dc8eL, 0x379d5862L, 0x9320f991L, - 0xea7a90c2L, 0xfb3e7bceL, 0x5121ce64L, 0x774fbe32L, - 0xa8b6e37eL, 0xc3293d46L, 0x48de5369L, 0x6413e680L, - 0xa2ae0810L, 0xdd6db224L, 0x69852dfdL, 0x09072166L, - 0xb39a460aL, 0x6445c0ddL, 0x586cdecfL, 0x1c20c8aeL, - 0x5bbef7ddL, 0x1b588d40L, 0xccd2017fL, 0x6bb4e3bbL, - 0xdda26a7eL, 0x3a59ff45L, 0x3e350a44L, 0xbcb4cdd5L, - 0x72eacea8L, 0xfa6484bbL, 0x8d6612aeL, 0xbf3c6f47L, - 0xd29be463L, 0x542f5d9eL, 0xaec2771bL, 0xf64e6370L, - 0x740e0d8dL, 0xe75b1357L, 0xf8721671L, 0xaf537d5dL, - 0x4040cb08L, 0x4eb4e2ccL, 0x34d2466aL, 0x0115af84L, - 0xe1b00428L, 0x95983a1dL, 0x06b89fb4L, 0xce6ea048L, - 0x6f3f3b82L, 0x3520ab82L, 0x011a1d4bL, 0x277227f8L, - 0x611560b1L, 0xe7933fdcL, 0xbb3a792bL, 0x344525bdL, - 0xa08839e1L, 0x51ce794bL, 0x2f32c9b7L, 0xa01fbac9L, - 0xe01cc87eL, 0xbcc7d1f6L, 0xcf0111c3L, 0xa1e8aac7L, - 0x1a908749L, 0xd44fbd9aL, 0xd0dadecbL, 0xd50ada38L, - 0x0339c32aL, 0xc6913667L, 0x8df9317cL, 0xe0b12b4fL, - 0xf79e59b7L, 0x43f5bb3aL, 0xf2d519ffL, 0x27d9459cL, - 0xbf97222cL, 0x15e6fc2aL, 0x0f91fc71L, 0x9b941525L, - 0xfae59361L, 0xceb69cebL, 0xc2a86459L, 0x12baa8d1L, - 0xb6c1075eL, 0xe3056a0cL, 0x10d25065L, 0xcb03a442L, - 0xe0ec6e0eL, 0x1698db3bL, 0x4c98a0beL, 0x3278e964L, - 0x9f1f9532L, 0xe0d392dfL, 0xd3a0342bL, 0x8971f21eL, - 0x1b0a7441L, 0x4ba3348cL, 0xc5be7120L, 0xc37632d8L, - 0xdf359f8dL, 0x9b992f2eL, 0xe60b6f47L, 0x0fe3f11dL, - 0xe54cda54L, 0x1edad891L, 0xce6279cfL, 0xcd3e7e6fL, - 0x1618b166L, 0xfd2c1d05L, 0x848fd2c5L, 0xf6fb2299L, - 0xf523f357L, 0xa6327623L, 0x93a83531L, 0x56cccd02L, - 0xacf08162L, 0x5a75ebb5L, 0x6e163697L, 0x88d273ccL, - 0xde966292L, 0x81b949d0L, 0x4c50901bL, 0x71c65614L, - 0xe6c6c7bdL, 0x327a140aL, 0x45e1d006L, 0xc3f27b9aL, - 0xc9aa53fdL, 0x62a80f00L, 0xbb25bfe2L, 0x35bdd2f6L, - 0x71126905L, 0xb2040222L, 0xb6cbcf7cL, 0xcd769c2bL, - 0x53113ec0L, 0x1640e3d3L, 0x38abbd60L, 0x2547adf0L, - 0xba38209cL, 0xf746ce76L, 0x77afa1c5L, 0x20756060L, - 0x85cbfe4eL, 0x8ae88dd8L, 0x7aaaf9b0L, 0x4cf9aa7eL, - 0x1948c25cL, 0x02fb8a8cL, 0x01c36ae4L, 0xd6ebe1f9L, - 0x90d4f869L, 0xa65cdea0L, 0x3f09252dL, 0xc208e69fL, - 0xb74e6132L, 0xce77e25bL, 0x578fdfe3L, 0x3ac372e6L, - } - }; - diff --git a/src/lib/libcrypto/bf/bf_skey.c b/src/lib/libcrypto/bf/bf_skey.c deleted file mode 100644 index 4d6a232fe0..0000000000 --- a/src/lib/libcrypto/bf/bf_skey.c +++ /dev/null @@ -1,116 +0,0 @@ -/* crypto/bf/bf_skey.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include "bf_locl.h" -#include "bf_pi.h" - -void BF_set_key(BF_KEY *key, int len, const unsigned char *data) - { - int i; - BF_LONG *p,ri,in[2]; - const unsigned char *d,*end; - - - memcpy((char *)key,(char *)&bf_init,sizeof(BF_KEY)); - p=key->P; - - if (len > ((BF_ROUNDS+2)*4)) len=(BF_ROUNDS+2)*4; - - d=data; - end= &(data[len]); - for (i=0; i<(BF_ROUNDS+2); i++) - { - ri= *(d++); - if (d >= end) d=data; - - ri<<=8; - ri|= *(d++); - if (d >= end) d=data; - - ri<<=8; - ri|= *(d++); - if (d >= end) d=data; - - ri<<=8; - ri|= *(d++); - if (d >= end) d=data; - - p[i]^=ri; - } - - in[0]=0L; - in[1]=0L; - for (i=0; i<(BF_ROUNDS+2); i+=2) - { - BF_encrypt(in,key); - p[i ]=in[0]; - p[i+1]=in[1]; - } - - p=key->S; - for (i=0; i<4*256; i+=2) - { - BF_encrypt(in,key); - p[i ]=in[0]; - p[i+1]=in[1]; - } - } - diff --git a/src/lib/libcrypto/bf/blowfish.h b/src/lib/libcrypto/bf/blowfish.h deleted file mode 100644 index 78acfd63b4..0000000000 --- a/src/lib/libcrypto/bf/blowfish.h +++ /dev/null @@ -1,125 +0,0 @@ -/* crypto/bf/blowfish.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_BLOWFISH_H -#define HEADER_BLOWFISH_H - -#ifdef __cplusplus -extern "C" { -#endif - -#ifdef NO_BF -#error BF is disabled. -#endif - -#define BF_ENCRYPT 1 -#define BF_DECRYPT 0 - -/* - * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - * ! BF_LONG has to be at least 32 bits wide. If it's wider, then ! - * ! BF_LONG_LOG2 has to be defined along. ! - * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - */ - -#if defined(WIN16) || defined(__LP32__) -#define BF_LONG unsigned long -#elif defined(_CRAY) || defined(__ILP64__) -#define BF_LONG unsigned long -#define BF_LONG_LOG2 3 -/* - * _CRAY note. I could declare short, but I have no idea what impact - * does it have on performance on none-T3E machines. I could declare - * int, but at least on C90 sizeof(int) can be chosen at compile time. - * So I've chosen long... - * - */ -#else -#define BF_LONG unsigned int -#endif - -#define BF_ROUNDS 16 -#define BF_BLOCK 8 - -typedef struct bf_key_st - { - BF_LONG P[BF_ROUNDS+2]; - BF_LONG S[4*256]; - } BF_KEY; - - -void BF_set_key(BF_KEY *key, int len, const unsigned char *data); - -void BF_encrypt(BF_LONG *data,const BF_KEY *key); -void BF_decrypt(BF_LONG *data,const BF_KEY *key); - -void BF_ecb_encrypt(const unsigned char *in, unsigned char *out, - const BF_KEY *key, int enc); -void BF_cbc_encrypt(const unsigned char *in, unsigned char *out, long length, - const BF_KEY *schedule, unsigned char *ivec, int enc); -void BF_cfb64_encrypt(const unsigned char *in, unsigned char *out, long length, - const BF_KEY *schedule, unsigned char *ivec, int *num, int enc); -void BF_ofb64_encrypt(const unsigned char *in, unsigned char *out, long length, - const BF_KEY *schedule, unsigned char *ivec, int *num); -const char *BF_options(void); - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/src/lib/libcrypto/bio/b_dump.c b/src/lib/libcrypto/bio/b_dump.c deleted file mode 100644 index 8397cfab6a..0000000000 --- a/src/lib/libcrypto/bio/b_dump.c +++ /dev/null @@ -1,152 +0,0 @@ -/* crypto/bio/b_dump.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -/* - * Stolen from tjh's ssl/ssl_trc.c stuff. - */ - -#include -#include "cryptlib.h" -#include - -#define TRUNCATE -#define DUMP_WIDTH 16 -#define DUMP_WIDTH_LESS_INDENT(i) (DUMP_WIDTH-((i-(i>6?6:i)+3)/4)) - -int BIO_dump(BIO *bio, const char *s, int len) - { - return BIO_dump_indent(bio, s, len, 0); - } - -int BIO_dump_indent(BIO *bio, const char *s, int len, int indent) - { - int ret=0; - char buf[288+1],tmp[20],str[128+1]; - int i,j,rows,trunc; - unsigned char ch; - int dump_width; - - trunc=0; - -#ifdef TRUNCATE - for(; (len > 0) && ((s[len-1] == ' ') || (s[len-1] == '\0')); len--) - trunc++; -#endif - - if (indent < 0) - indent = 0; - if (indent) - { - if (indent > 128) indent=128; - memset(str,' ',indent); - } - str[indent]='\0'; - - dump_width=DUMP_WIDTH_LESS_INDENT(indent); - rows=(len/dump_width); - if ((rows*dump_width)=len) - { - strcat(buf," "); - } - else - { - ch=((unsigned char)*(s+i*dump_width+j)) & 0xff; - sprintf(tmp,"%02x%c",ch,j==7?'-':' '); - strcat(buf,tmp); - } - } - strcat(buf," "); - for(j=0;j=len) - break; - ch=((unsigned char)*(s+i*dump_width+j)) & 0xff; -#ifndef CHARSET_EBCDIC - sprintf(tmp,"%c",((ch>=' ')&&(ch<='~'))?ch:'.'); -#else - sprintf(tmp,"%c",((ch>=os_toascii[' '])&&(ch<=os_toascii['~'])) - ? os_toebcdic[ch] - : '.'); -#endif - strcat(buf,tmp); - } - strcat(buf,"\n"); - /* if this is the last call then update the ddt_dump thing so that - * we will move the selection point in the debug window - */ - ret+=BIO_write(bio,(char *)buf,strlen(buf)); - } -#ifdef TRUNCATE - if (trunc > 0) - { - sprintf(buf,"%s%04x - \n",str,len+trunc); - ret+=BIO_write(bio,(char *)buf,strlen(buf)); - } -#endif - return(ret); - } diff --git a/src/lib/libcrypto/bio/b_print.c b/src/lib/libcrypto/bio/b_print.c deleted file mode 100644 index a62f551635..0000000000 --- a/src/lib/libcrypto/bio/b_print.c +++ /dev/null @@ -1,814 +0,0 @@ -/* crypto/bio/b_print.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -/* - * Stolen from tjh's ssl/ssl_trc.c stuff. - */ - -#include -#include -#include -#include -#include -#include "cryptlib.h" -#ifndef NO_SYS_TYPES_H -#include -#endif -#include - -#ifdef BN_LLONG -# ifndef HAVE_LONG_LONG -# define HAVE_LONG_LONG 1 -# endif -#endif - -/***************************************************************************/ - -/* - * Copyright Patrick Powell 1995 - * This code is based on code written by Patrick Powell - * It may be used for any purpose as long as this notice remains intact - * on all source code distributions. - */ - -/* - * This code contains numerious changes and enhancements which were - * made by lots of contributors over the last years to Patrick Powell's - * original code: - * - * o Patrick Powell (1995) - * o Brandon Long (1996, for Mutt) - * o Thomas Roessler (1998, for Mutt) - * o Michael Elkins (1998, for Mutt) - * o Andrew Tridgell (1998, for Samba) - * o Luke Mewburn (1999, for LukemFTP) - * o Ralf S. Engelschall (1999, for Pth) - * o ... (for OpenSSL) - */ - -#if HAVE_LONG_DOUBLE -#define LDOUBLE long double -#else -#define LDOUBLE double -#endif - -#if HAVE_LONG_LONG -#define LLONG long long -#else -#define LLONG long -#endif - -static void fmtstr (char **, char **, size_t *, size_t *, - const char *, int, int, int); -static void fmtint (char **, char **, size_t *, size_t *, - LLONG, int, int, int, int); -static void fmtfp (char **, char **, size_t *, size_t *, - LDOUBLE, int, int, int); -static void doapr_outch (char **, char **, size_t *, size_t *, int); -static void _dopr(char **sbuffer, char **buffer, - size_t *maxlen, size_t *retlen, int *truncated, - const char *format, va_list args); - -/* format read states */ -#define DP_S_DEFAULT 0 -#define DP_S_FLAGS 1 -#define DP_S_MIN 2 -#define DP_S_DOT 3 -#define DP_S_MAX 4 -#define DP_S_MOD 5 -#define DP_S_CONV 6 -#define DP_S_DONE 7 - -/* format flags - Bits */ -#define DP_F_MINUS (1 << 0) -#define DP_F_PLUS (1 << 1) -#define DP_F_SPACE (1 << 2) -#define DP_F_NUM (1 << 3) -#define DP_F_ZERO (1 << 4) -#define DP_F_UP (1 << 5) -#define DP_F_UNSIGNED (1 << 6) - -/* conversion flags */ -#define DP_C_SHORT 1 -#define DP_C_LONG 2 -#define DP_C_LDOUBLE 3 -#define DP_C_LLONG 4 - -/* some handy macros */ -#define char_to_int(p) (p - '0') -#define MAX(p,q) ((p >= q) ? p : q) - -static void -_dopr( - char **sbuffer, - char **buffer, - size_t *maxlen, - size_t *retlen, - int *truncated, - const char *format, - va_list args) -{ - char ch; - LLONG value; - LDOUBLE fvalue; - char *strvalue; - int min; - int max; - int state; - int flags; - int cflags; - size_t currlen; - - state = DP_S_DEFAULT; - flags = currlen = cflags = min = 0; - max = -1; - ch = *format++; - - while (state != DP_S_DONE) { - if (ch == '\0' || (buffer == NULL && currlen >= *maxlen)) - state = DP_S_DONE; - - switch (state) { - case DP_S_DEFAULT: - if (ch == '%') - state = DP_S_FLAGS; - else - doapr_outch(sbuffer,buffer, &currlen, maxlen, ch); - ch = *format++; - break; - case DP_S_FLAGS: - switch (ch) { - case '-': - flags |= DP_F_MINUS; - ch = *format++; - break; - case '+': - flags |= DP_F_PLUS; - ch = *format++; - break; - case ' ': - flags |= DP_F_SPACE; - ch = *format++; - break; - case '#': - flags |= DP_F_NUM; - ch = *format++; - break; - case '0': - flags |= DP_F_ZERO; - ch = *format++; - break; - default: - state = DP_S_MIN; - break; - } - break; - case DP_S_MIN: - if (isdigit((unsigned char)ch)) { - min = 10 * min + char_to_int(ch); - ch = *format++; - } else if (ch == '*') { - min = va_arg(args, int); - ch = *format++; - state = DP_S_DOT; - } else - state = DP_S_DOT; - break; - case DP_S_DOT: - if (ch == '.') { - state = DP_S_MAX; - ch = *format++; - } else - state = DP_S_MOD; - break; - case DP_S_MAX: - if (isdigit((unsigned char)ch)) { - if (max < 0) - max = 0; - max = 10 * max + char_to_int(ch); - ch = *format++; - } else if (ch == '*') { - max = va_arg(args, int); - ch = *format++; - state = DP_S_MOD; - } else - state = DP_S_MOD; - break; - case DP_S_MOD: - switch (ch) { - case 'h': - cflags = DP_C_SHORT; - ch = *format++; - break; - case 'l': - if (*format == 'l') { - cflags = DP_C_LLONG; - format++; - } else - cflags = DP_C_LONG; - ch = *format++; - break; - case 'q': - cflags = DP_C_LLONG; - ch = *format++; - break; - case 'L': - cflags = DP_C_LDOUBLE; - ch = *format++; - break; - default: - break; - } - state = DP_S_CONV; - break; - case DP_S_CONV: - switch (ch) { - case 'd': - case 'i': - switch (cflags) { - case DP_C_SHORT: - value = (short int)va_arg(args, int); - break; - case DP_C_LONG: - value = va_arg(args, long int); - break; - case DP_C_LLONG: - value = va_arg(args, LLONG); - break; - default: - value = va_arg(args, int); - break; - } - fmtint(sbuffer, buffer, &currlen, maxlen, - value, 10, min, max, flags); - break; - case 'X': - flags |= DP_F_UP; - /* FALLTHROUGH */ - case 'x': - case 'o': - case 'u': - flags |= DP_F_UNSIGNED; - switch (cflags) { - case DP_C_SHORT: - value = (unsigned short int)va_arg(args, unsigned int); - break; - case DP_C_LONG: - value = (LLONG) va_arg(args, - unsigned long int); - break; - case DP_C_LLONG: - value = va_arg(args, unsigned LLONG); - break; - default: - value = (LLONG) va_arg(args, - unsigned int); - break; - } - fmtint(sbuffer, buffer, &currlen, maxlen, value, - ch == 'o' ? 8 : (ch == 'u' ? 10 : 16), - min, max, flags); - break; - case 'f': - if (cflags == DP_C_LDOUBLE) - fvalue = va_arg(args, LDOUBLE); - else - fvalue = va_arg(args, double); - fmtfp(sbuffer, buffer, &currlen, maxlen, - fvalue, min, max, flags); - break; - case 'E': - flags |= DP_F_UP; - case 'e': - if (cflags == DP_C_LDOUBLE) - fvalue = va_arg(args, LDOUBLE); - else - fvalue = va_arg(args, double); - break; - case 'G': - flags |= DP_F_UP; - case 'g': - if (cflags == DP_C_LDOUBLE) - fvalue = va_arg(args, LDOUBLE); - else - fvalue = va_arg(args, double); - break; - case 'c': - doapr_outch(sbuffer, buffer, &currlen, maxlen, - va_arg(args, int)); - break; - case 's': - strvalue = va_arg(args, char *); - if (max < 0) { - if (buffer) - max = INT_MAX; - else - max = *maxlen; - } - fmtstr(sbuffer, buffer, &currlen, maxlen, strvalue, - flags, min, max); - break; - case 'p': - value = (long)va_arg(args, void *); - fmtint(sbuffer, buffer, &currlen, maxlen, - value, 16, min, max, flags); - break; - case 'n': /* XXX */ - if (cflags == DP_C_SHORT) { - short int *num; - num = va_arg(args, short int *); - *num = currlen; - } else if (cflags == DP_C_LONG) { /* XXX */ - long int *num; - num = va_arg(args, long int *); - *num = (long int) currlen; - } else if (cflags == DP_C_LLONG) { /* XXX */ - LLONG *num; - num = va_arg(args, LLONG *); - *num = (LLONG) currlen; - } else { - int *num; - num = va_arg(args, int *); - *num = currlen; - } - break; - case '%': - doapr_outch(sbuffer, buffer, &currlen, maxlen, ch); - break; - case 'w': - /* not supported yet, treat as next char */ - ch = *format++; - break; - default: - /* unknown, skip */ - break; - } - ch = *format++; - state = DP_S_DEFAULT; - flags = cflags = min = 0; - max = -1; - break; - case DP_S_DONE: - break; - default: - break; - } - } - *truncated = (currlen > *maxlen - 1); - if (*truncated) - currlen = *maxlen - 1; - doapr_outch(sbuffer, buffer, &currlen, maxlen, '\0'); - *retlen = currlen - 1; - return; -} - -static void -fmtstr( - char **sbuffer, - char **buffer, - size_t *currlen, - size_t *maxlen, - const char *value, - int flags, - int min, - int max) -{ - int padlen, strln; - int cnt = 0; - - if (value == 0) - value = ""; - for (strln = 0; value[strln]; ++strln) - ; - padlen = min - strln; - if (padlen < 0) - padlen = 0; - if (flags & DP_F_MINUS) - padlen = -padlen; - - while ((padlen > 0) && (cnt < max)) { - doapr_outch(sbuffer, buffer, currlen, maxlen, ' '); - --padlen; - ++cnt; - } - while (*value && (cnt < max)) { - doapr_outch(sbuffer, buffer, currlen, maxlen, *value++); - ++cnt; - } - while ((padlen < 0) && (cnt < max)) { - doapr_outch(sbuffer, buffer, currlen, maxlen, ' '); - ++padlen; - ++cnt; - } -} - -static void -fmtint( - char **sbuffer, - char **buffer, - size_t *currlen, - size_t *maxlen, - LLONG value, - int base, - int min, - int max, - int flags) -{ - int signvalue = 0; - unsigned LLONG uvalue; - char convert[20]; - int place = 0; - int spadlen = 0; - int zpadlen = 0; - int caps = 0; - - if (max < 0) - max = 0; - uvalue = value; - if (!(flags & DP_F_UNSIGNED)) { - if (value < 0) { - signvalue = '-'; - uvalue = -value; - } else if (flags & DP_F_PLUS) - signvalue = '+'; - else if (flags & DP_F_SPACE) - signvalue = ' '; - } - if (flags & DP_F_UP) - caps = 1; - do { - convert[place++] = - (caps ? "0123456789ABCDEF" : "0123456789abcdef") - [uvalue % (unsigned) base]; - uvalue = (uvalue / (unsigned) base); - } while (uvalue && (place < 20)); - if (place == 20) - place--; - convert[place] = 0; - - zpadlen = max - place; - spadlen = min - MAX(max, place) - (signvalue ? 1 : 0); - if (zpadlen < 0) - zpadlen = 0; - if (spadlen < 0) - spadlen = 0; - if (flags & DP_F_ZERO) { - zpadlen = MAX(zpadlen, spadlen); - spadlen = 0; - } - if (flags & DP_F_MINUS) - spadlen = -spadlen; - - /* spaces */ - while (spadlen > 0) { - doapr_outch(sbuffer, buffer, currlen, maxlen, ' '); - --spadlen; - } - - /* sign */ - if (signvalue) - doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue); - - /* zeros */ - if (zpadlen > 0) { - while (zpadlen > 0) { - doapr_outch(sbuffer, buffer, currlen, maxlen, '0'); - --zpadlen; - } - } - /* digits */ - while (place > 0) - doapr_outch(sbuffer, buffer, currlen, maxlen, convert[--place]); - - /* left justified spaces */ - while (spadlen < 0) { - doapr_outch(sbuffer, buffer, currlen, maxlen, ' '); - ++spadlen; - } - return; -} - -static LDOUBLE -abs_val(LDOUBLE value) -{ - LDOUBLE result = value; - if (value < 0) - result = -value; - return result; -} - -static LDOUBLE -pow10(int exp) -{ - LDOUBLE result = 1; - while (exp) { - result *= 10; - exp--; - } - return result; -} - -static long -round(LDOUBLE value) -{ - long intpart; - intpart = (long) value; - value = value - intpart; - if (value >= 0.5) - intpart++; - return intpart; -} - -static void -fmtfp( - char **sbuffer, - char **buffer, - size_t *currlen, - size_t *maxlen, - LDOUBLE fvalue, - int min, - int max, - int flags) -{ - int signvalue = 0; - LDOUBLE ufvalue; - char iconvert[20]; - char fconvert[20]; - int iplace = 0; - int fplace = 0; - int padlen = 0; - int zpadlen = 0; - int caps = 0; - long intpart; - long fracpart; - - if (max < 0) - max = 6; - ufvalue = abs_val(fvalue); - if (fvalue < 0) - signvalue = '-'; - else if (flags & DP_F_PLUS) - signvalue = '+'; - else if (flags & DP_F_SPACE) - signvalue = ' '; - - intpart = (long)ufvalue; - - /* sorry, we only support 9 digits past the decimal because of our - conversion method */ - if (max > 9) - max = 9; - - /* we "cheat" by converting the fractional part to integer by - multiplying by a factor of 10 */ - fracpart = round((pow10(max)) * (ufvalue - intpart)); - - if (fracpart >= pow10(max)) { - intpart++; - fracpart -= (long)pow10(max); - } - - /* convert integer part */ - do { - iconvert[iplace++] = - (caps ? "0123456789ABCDEF" - : "0123456789abcdef")[intpart % 10]; - intpart = (intpart / 10); - } while (intpart && (iplace < 20)); - if (iplace == 20) - iplace--; - iconvert[iplace] = 0; - - /* convert fractional part */ - do { - fconvert[fplace++] = - (caps ? "0123456789ABCDEF" - : "0123456789abcdef")[fracpart % 10]; - fracpart = (fracpart / 10); - } while (fracpart && (fplace < 20)); - if (fplace == 20) - fplace--; - fconvert[fplace] = 0; - - /* -1 for decimal point, another -1 if we are printing a sign */ - padlen = min - iplace - max - 1 - ((signvalue) ? 1 : 0); - zpadlen = max - fplace; - if (zpadlen < 0) - zpadlen = 0; - if (padlen < 0) - padlen = 0; - if (flags & DP_F_MINUS) - padlen = -padlen; - - if ((flags & DP_F_ZERO) && (padlen > 0)) { - if (signvalue) { - doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue); - --padlen; - signvalue = 0; - } - while (padlen > 0) { - doapr_outch(sbuffer, buffer, currlen, maxlen, '0'); - --padlen; - } - } - while (padlen > 0) { - doapr_outch(sbuffer, buffer, currlen, maxlen, ' '); - --padlen; - } - if (signvalue) - doapr_outch(sbuffer, buffer, currlen, maxlen, signvalue); - - while (iplace > 0) - doapr_outch(sbuffer, buffer, currlen, maxlen, iconvert[--iplace]); - - /* - * Decimal point. This should probably use locale to find the correct - * char to print out. - */ - if (max > 0) { - doapr_outch(sbuffer, buffer, currlen, maxlen, '.'); - - while (fplace > 0) - doapr_outch(sbuffer, buffer, currlen, maxlen, fconvert[--fplace]); - } - while (zpadlen > 0) { - doapr_outch(sbuffer, buffer, currlen, maxlen, '0'); - --zpadlen; - } - - while (padlen < 0) { - doapr_outch(sbuffer, buffer, currlen, maxlen, ' '); - ++padlen; - } -} - -static void -doapr_outch( - char **sbuffer, - char **buffer, - size_t *currlen, - size_t *maxlen, - int c) -{ - /* If we haven't at least one buffer, someone has doe a big booboo */ - assert(*sbuffer != NULL || buffer != NULL); - - if (buffer) { - while (*currlen >= *maxlen) { - if (*buffer == NULL) { - assert(*sbuffer != NULL); - if (*maxlen == 0) - *maxlen = 1024; - *buffer = OPENSSL_malloc(*maxlen); - if (*currlen > 0) - memcpy(*buffer, *sbuffer, *currlen); - *sbuffer = NULL; - } else { - *maxlen += 1024; - *buffer = OPENSSL_realloc(*buffer, *maxlen); - } - } - /* What to do if *buffer is NULL? */ - assert(*sbuffer != NULL || *buffer != NULL); - } - - if (*currlen < *maxlen) { - if (*sbuffer) - (*sbuffer)[(*currlen)++] = (char)c; - else - (*buffer)[(*currlen)++] = (char)c; - } - - return; -} - -/***************************************************************************/ - -int BIO_printf (BIO *bio, const char *format, ...) - { - va_list args; - int ret; - - va_start(args, format); - - ret = BIO_vprintf(bio, format, args); - - va_end(args); - return(ret); - } - -int BIO_vprintf (BIO *bio, const char *format, va_list args) - { - int ret; - size_t retlen; - MS_STATIC char hugebuf[1024*10]; - char *hugebufp = hugebuf; - size_t hugebufsize = sizeof(hugebuf); - char *dynbuf = NULL; - int ignored; - - dynbuf = NULL; - CRYPTO_push_info("doapr()"); - _dopr(&hugebufp, &dynbuf, &hugebufsize, - &retlen, &ignored, format, args); - if (dynbuf) - { - ret=BIO_write(bio, dynbuf, (int)retlen); - OPENSSL_free(dynbuf); - } - else - { - ret=BIO_write(bio, hugebuf, (int)retlen); - } - CRYPTO_pop_info(); - return(ret); - } - -/* As snprintf is not available everywhere, we provide our own implementation. - * This function has nothing to do with BIOs, but it's closely related - * to BIO_printf, and we need *some* name prefix ... - * (XXX the function should be renamed, but to what?) */ -int BIO_snprintf(char *buf, size_t n, const char *format, ...) - { - va_list args; - int ret; - - va_start(args, format); - - ret = BIO_vsnprintf(buf, n, format, args); - - va_end(args); - return(ret); - } - -int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args) - { - size_t retlen; - int truncated; - - _dopr(&buf, NULL, &n, &retlen, &truncated, format, args); - - if (truncated) - /* In case of truncation, return -1 like traditional snprintf. - * (Current drafts for ISO/IEC 9899 say snprintf should return - * the number of characters that would have been written, - * had the buffer been large enough.) */ - return -1; - else - return (retlen <= INT_MAX) ? retlen : -1; - } diff --git a/src/lib/libcrypto/bio/b_sock.c b/src/lib/libcrypto/bio/b_sock.c deleted file mode 100644 index 64310058b4..0000000000 --- a/src/lib/libcrypto/bio/b_sock.c +++ /dev/null @@ -1,722 +0,0 @@ -/* crypto/bio/b_sock.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef NO_SOCK - -#include -#include -#include -#define USE_SOCKETS -#include "cryptlib.h" -#include - -#ifdef WIN16 -#define SOCKET_PROTOCOL 0 /* more microsoft stupidity */ -#else -#define SOCKET_PROTOCOL IPPROTO_TCP -#endif - -#ifdef SO_MAXCONN -#define MAX_LISTEN SOMAXCONN -#elif defined(SO_MAXCONN) -#define MAX_LISTEN SO_MAXCONN -#else -#define MAX_LISTEN 32 -#endif - -#ifdef WINDOWS -static int wsa_init_done=0; -#endif - -static unsigned long BIO_ghbn_hits=0L; -static unsigned long BIO_ghbn_miss=0L; - -#define GHBN_NUM 4 -static struct ghbn_cache_st - { - char name[129]; - struct hostent *ent; - unsigned long order; - } ghbn_cache[GHBN_NUM]; - -static int get_ip(const char *str,unsigned char *ip); -static void ghbn_free(struct hostent *a); -static struct hostent *ghbn_dup(struct hostent *a); -int BIO_get_host_ip(const char *str, unsigned char *ip) - { - int i; - int err = 1; - int locked = 0; - struct hostent *he; - - i=get_ip(str,ip); - if (i < 0) - { - BIOerr(BIO_F_BIO_GET_HOST_IP,BIO_R_INVALID_IP_ADDRESS); - goto err; - } - - /* At this point, we have something that is most probably correct - in some way, so let's init the socket. */ - if (!BIO_sock_init()) - return(0); /* don't generate another error code here */ - - /* If the string actually contained an IP address, we need not do - anything more */ - if (i > 0) return(1); - - /* do a gethostbyname */ - CRYPTO_w_lock(CRYPTO_LOCK_GETHOSTBYNAME); - locked = 1; - he=BIO_gethostbyname(str); - if (he == NULL) - { - BIOerr(BIO_F_BIO_GET_HOST_IP,BIO_R_BAD_HOSTNAME_LOOKUP); - goto err; - } - - /* cast to short because of win16 winsock definition */ - if ((short)he->h_addrtype != AF_INET) - { - BIOerr(BIO_F_BIO_GET_HOST_IP,BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET); - goto err; - } - for (i=0; i<4; i++) - ip[i]=he->h_addr_list[0][i]; - err = 0; - - err: - if (locked) - CRYPTO_w_unlock(CRYPTO_LOCK_GETHOSTBYNAME); - if (err) - { - ERR_add_error_data(2,"host=",str); - return 0; - } - else - return 1; - } - -int BIO_get_port(const char *str, unsigned short *port_ptr) - { - int i; - struct servent *s; - - if (str == NULL) - { - BIOerr(BIO_F_BIO_GET_PORT,BIO_R_NO_PORT_DEFINED); - return(0); - } - i=atoi(str); - if (i != 0) - *port_ptr=(unsigned short)i; - else - { - CRYPTO_w_lock(CRYPTO_LOCK_GETSERVBYNAME); - /* Note: under VMS with SOCKETSHR, it seems like the first - * parameter is 'char *', instead of 'const char *' - */ - s=getservbyname( -#ifndef CONST_STRICT - (char *) -#endif - str,"tcp"); - if(s != NULL) - *port_ptr=ntohs((unsigned short)s->s_port); - CRYPTO_w_unlock(CRYPTO_LOCK_GETSERVBYNAME); - if(s == NULL) - { - if (strcmp(str,"http") == 0) - *port_ptr=80; - else if (strcmp(str,"telnet") == 0) - *port_ptr=23; - else if (strcmp(str,"socks") == 0) - *port_ptr=1080; - else if (strcmp(str,"https") == 0) - *port_ptr=443; - else if (strcmp(str,"ssl") == 0) - *port_ptr=443; - else if (strcmp(str,"ftp") == 0) - *port_ptr=21; - else if (strcmp(str,"gopher") == 0) - *port_ptr=70; -#if 0 - else if (strcmp(str,"wais") == 0) - *port_ptr=21; -#endif - else - { - SYSerr(SYS_F_GETSERVBYNAME,get_last_socket_error()); - ERR_add_error_data(3,"service='",str,"'"); - return(0); - } - } - } - return(1); - } - -int BIO_sock_error(int sock) - { - int j,i; - int size; - - size=sizeof(int); - /* Note: under Windows the third parameter is of type (char *) - * whereas under other systems it is (void *) if you don't have - * a cast it will choke the compiler: if you do have a cast then - * you can either go for (char *) or (void *). - */ - i=getsockopt(sock,SOL_SOCKET,SO_ERROR,(void *)&j,(void *)&size); - if (i < 0) - return(1); - else - return(j); - } - -long BIO_ghbn_ctrl(int cmd, int iarg, char *parg) - { - int i; - char **p; - - switch (cmd) - { - case BIO_GHBN_CTRL_HITS: - return(BIO_ghbn_hits); - /* break; */ - case BIO_GHBN_CTRL_MISSES: - return(BIO_ghbn_miss); - /* break; */ - case BIO_GHBN_CTRL_CACHE_SIZE: - return(GHBN_NUM); - /* break; */ - case BIO_GHBN_CTRL_GET_ENTRY: - if ((iarg >= 0) && (iarg 0)) - { - p=(char **)parg; - if (p == NULL) return(0); - *p=ghbn_cache[iarg].name; - ghbn_cache[iarg].name[128]='\0'; - return(1); - } - return(0); - /* break; */ - case BIO_GHBN_CTRL_FLUSH: - for (i=0; ih_aliases[i] != NULL; i++) - ; - i++; - ret->h_aliases = (char **)OPENSSL_malloc(i*sizeof(char *)); - if (ret->h_aliases == NULL) - goto err; - memset(ret->h_aliases, 0, i*sizeof(char *)); - - for (i=0; a->h_addr_list[i] != NULL; i++) - ; - i++; - ret->h_addr_list=(char **)OPENSSL_malloc(i*sizeof(char *)); - if (ret->h_addr_list == NULL) - goto err; - memset(ret->h_addr_list, 0, i*sizeof(char *)); - - j=strlen(a->h_name)+1; - if ((ret->h_name=OPENSSL_malloc(j)) == NULL) goto err; - memcpy((char *)ret->h_name,a->h_name,j); - for (i=0; a->h_aliases[i] != NULL; i++) - { - j=strlen(a->h_aliases[i])+1; - if ((ret->h_aliases[i]=OPENSSL_malloc(j)) == NULL) goto err; - memcpy(ret->h_aliases[i],a->h_aliases[i],j); - } - ret->h_length=a->h_length; - ret->h_addrtype=a->h_addrtype; - for (i=0; a->h_addr_list[i] != NULL; i++) - { - if ((ret->h_addr_list[i]=OPENSSL_malloc(a->h_length)) == NULL) - goto err; - memcpy(ret->h_addr_list[i],a->h_addr_list[i],a->h_length); - } - if (0) - { -err: - if (ret != NULL) - ghbn_free(ret); - ret=NULL; - } - MemCheck_on(); - return(ret); - } - -static void ghbn_free(struct hostent *a) - { - int i; - - if(a == NULL) - return; - - if (a->h_aliases != NULL) - { - for (i=0; a->h_aliases[i] != NULL; i++) - OPENSSL_free(a->h_aliases[i]); - OPENSSL_free(a->h_aliases); - } - if (a->h_addr_list != NULL) - { - for (i=0; a->h_addr_list[i] != NULL; i++) - OPENSSL_free(a->h_addr_list[i]); - OPENSSL_free(a->h_addr_list); - } - if (a->h_name != NULL) OPENSSL_free(a->h_name); - OPENSSL_free(a); - } - -struct hostent *BIO_gethostbyname(const char *name) - { - struct hostent *ret; - int i,lowi=0,j; - unsigned long low= (unsigned long)-1; - -/* return(gethostbyname(name)); */ - -#if 0 /* It doesn't make sense to use locking here: The function interface - * is not thread-safe, because threads can never be sure when - * some other thread destroys the data they were given a pointer to. - */ - CRYPTO_w_lock(CRYPTO_LOCK_GETHOSTBYNAME); -#endif - j=strlen(name); - if (j < 128) - { - for (i=0; i ghbn_cache[i].order) - { - low=ghbn_cache[i].order; - lowi=i; - } - if (ghbn_cache[i].order > 0) - { - if (strncmp(name,ghbn_cache[i].name,128) == 0) - break; - } - } - } - else - i=GHBN_NUM; - - if (i == GHBN_NUM) /* no hit*/ - { - BIO_ghbn_miss++; - /* Note: under VMS with SOCKETSHR, it seems like the first - * parameter is 'char *', instead of 'const char *' - */ - ret=gethostbyname( -#ifndef CONST_STRICT - (char *) -#endif - name); - - if (ret == NULL) - goto end; - if (j > 128) /* too big to cache */ - { -#if 0 /* If we were trying to make this function thread-safe (which - * is bound to fail), we'd have to give up in this case - * (or allocate more memory). */ - ret = NULL; -#endif - goto end; - } - - /* else add to cache */ - if (ghbn_cache[lowi].ent != NULL) - ghbn_free(ghbn_cache[lowi].ent); /* XXX not thread-safe */ - ghbn_cache[lowi].name[0] = '\0'; - - if((ret=ghbn_cache[lowi].ent=ghbn_dup(ret)) == NULL) - { - BIOerr(BIO_F_BIO_GETHOSTBYNAME,ERR_R_MALLOC_FAILURE); - goto end; - } - strncpy(ghbn_cache[lowi].name,name,128); - ghbn_cache[lowi].order=BIO_ghbn_miss+BIO_ghbn_hits; - } - else - { - BIO_ghbn_hits++; - ret= ghbn_cache[i].ent; - ghbn_cache[i].order=BIO_ghbn_miss+BIO_ghbn_hits; - } -end: -#if 0 - CRYPTO_w_unlock(CRYPTO_LOCK_GETHOSTBYNAME); -#endif - return(ret); - } - -int BIO_sock_init(void) - { -#ifdef WINDOWS - static struct WSAData wsa_state; - - if (!wsa_init_done) - { - int err; - -#ifdef SIGINT - signal(SIGINT,(void (*)(int))BIO_sock_cleanup); -#endif - wsa_init_done=1; - memset(&wsa_state,0,sizeof(wsa_state)); - if (WSAStartup(0x0101,&wsa_state)!=0) - { - err=WSAGetLastError(); - SYSerr(SYS_F_WSASTARTUP,err); - BIOerr(BIO_F_BIO_SOCK_INIT,BIO_R_WSASTARTUP); - return(-1); - } - } -#endif /* WINDOWS */ - return(1); - } - -void BIO_sock_cleanup(void) - { -#ifdef WINDOWS - if (wsa_init_done) - { - wsa_init_done=0; - WSACancelBlockingCall(); - WSACleanup(); - } -#endif - } - -#if !defined(VMS) || __VMS_VER >= 70000000 - -int BIO_socket_ioctl(int fd, long type, unsigned long *arg) - { - int i; - - i=ioctlsocket(fd,type,arg); - if (i < 0) - SYSerr(SYS_F_IOCTLSOCKET,get_last_socket_error()); - return(i); - } -#endif /* __VMS_VER */ - -/* The reason I have implemented this instead of using sscanf is because - * Visual C 1.52c gives an unresolved external when linking a DLL :-( */ -static int get_ip(const char *str, unsigned char ip[4]) - { - unsigned int tmp[4]; - int num=0,c,ok=0; - - tmp[0]=tmp[1]=tmp[2]=tmp[3]=0; - - for (;;) - { - c= *(str++); - if ((c >= '0') && (c <= '9')) - { - ok=1; - tmp[num]=tmp[num]*10+c-'0'; - if (tmp[num] > 255) return(-1); - } - else if (c == '.') - { - if (!ok) return(-1); - if (num == 3) break; - num++; - ok=0; - } - else if ((num == 3) && ok) - break; - else - return(0); - } - ip[0]=tmp[0]; - ip[1]=tmp[1]; - ip[2]=tmp[2]; - ip[3]=tmp[3]; - return(1); - } - -int BIO_get_accept_socket(char *host, int bind_mode) - { - int ret=0; - struct sockaddr_in server,client; - int s= -1,cs; - unsigned char ip[4]; - unsigned short port; - char *str,*e; - const char *h,*p; - unsigned long l; - int err_num; - - if (!BIO_sock_init()) return(INVALID_SOCKET); - - if ((str=BUF_strdup(host)) == NULL) return(INVALID_SOCKET); - - h=p=NULL; - h=str; - for (e=str; *e; e++) - { - if (*e == ':') - { - p= &(e[1]); - *e='\0'; - } - else if (*e == '/') - { - *e='\0'; - break; - } - } - - if (p == NULL) - { - p=h; - h="*"; - } - - if (!BIO_get_port(p,&port)) return(INVALID_SOCKET); - - memset((char *)&server,0,sizeof(server)); - server.sin_family=AF_INET; - server.sin_port=htons(port); - - if (strcmp(h,"*") == 0) - server.sin_addr.s_addr=INADDR_ANY; - else - { - if (!BIO_get_host_ip(h,&(ip[0]))) return(INVALID_SOCKET); - l=(unsigned long) - ((unsigned long)ip[0]<<24L)| - ((unsigned long)ip[1]<<16L)| - ((unsigned long)ip[2]<< 8L)| - ((unsigned long)ip[3]); - server.sin_addr.s_addr=htonl(l); - } - -again: - s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL); - if (s == INVALID_SOCKET) - { - SYSerr(SYS_F_SOCKET,get_last_socket_error()); - ERR_add_error_data(3,"port='",host,"'"); - BIOerr(BIO_F_BIO_GET_ACCEPT_SOCKET,BIO_R_UNABLE_TO_CREATE_SOCKET); - goto err; - } - -#ifdef SO_REUSEADDR - if (bind_mode == BIO_BIND_REUSEADDR) - { - int i=1; - - ret=setsockopt(s,SOL_SOCKET,SO_REUSEADDR,(char *)&i,sizeof(i)); - bind_mode=BIO_BIND_NORMAL; - } -#endif - if (bind(s,(struct sockaddr *)&server,sizeof(server)) == -1) - { -#ifdef SO_REUSEADDR - err_num=get_last_socket_error(); - if ((bind_mode == BIO_BIND_REUSEADDR_IF_UNUSED) && - (err_num == EADDRINUSE)) - { - memcpy((char *)&client,(char *)&server,sizeof(server)); - if (strcmp(h,"*") == 0) - client.sin_addr.s_addr=htonl(0x7F000001); - cs=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL); - if (cs != INVALID_SOCKET) - { - int ii; - ii=connect(cs,(struct sockaddr *)&client, - sizeof(client)); - closesocket(cs); - if (ii == INVALID_SOCKET) - { - bind_mode=BIO_BIND_REUSEADDR; - closesocket(s); - goto again; - } - /* else error */ - } - /* else error */ - } -#endif - SYSerr(SYS_F_BIND,err_num); - ERR_add_error_data(3,"port='",host,"'"); - BIOerr(BIO_F_BIO_GET_ACCEPT_SOCKET,BIO_R_UNABLE_TO_BIND_SOCKET); - goto err; - } - if (listen(s,MAX_LISTEN) == -1) - { - SYSerr(SYS_F_BIND,get_last_socket_error()); - ERR_add_error_data(3,"port='",host,"'"); - BIOerr(BIO_F_BIO_GET_ACCEPT_SOCKET,BIO_R_UNABLE_TO_LISTEN_SOCKET); - goto err; - } - ret=1; -err: - if (str != NULL) OPENSSL_free(str); - if ((ret == 0) && (s != INVALID_SOCKET)) - { - closesocket(s); - s= INVALID_SOCKET; - } - return(s); - } - -int BIO_accept(int sock, char **addr) - { - int ret=INVALID_SOCKET; - static struct sockaddr_in from; - unsigned long l; - unsigned short port; - int len; - char *p; - - memset((char *)&from,0,sizeof(from)); - len=sizeof(from); - /* Note: under VMS with SOCKETSHR the fourth parameter is currently - * of type (int *) whereas under other systems it is (void *) if - * you don't have a cast it will choke the compiler: if you do - * have a cast then you can either go for (int *) or (void *). - */ - ret=accept(sock,(struct sockaddr *)&from,(void *)&len); - if (ret == INVALID_SOCKET) - { - SYSerr(SYS_F_ACCEPT,get_last_socket_error()); - BIOerr(BIO_F_BIO_ACCEPT,BIO_R_ACCEPT_ERROR); - goto end; - } - - if (addr == NULL) goto end; - - l=ntohl(from.sin_addr.s_addr); - port=ntohs(from.sin_port); - if (*addr == NULL) - { - if ((p=OPENSSL_malloc(24)) == NULL) - { - BIOerr(BIO_F_BIO_ACCEPT,ERR_R_MALLOC_FAILURE); - goto end; - } - *addr=p; - } - sprintf(*addr,"%d.%d.%d.%d:%d", - (unsigned char)(l>>24L)&0xff, - (unsigned char)(l>>16L)&0xff, - (unsigned char)(l>> 8L)&0xff, - (unsigned char)(l )&0xff, - port); -end: - return(ret); - } - -int BIO_set_tcp_ndelay(int s, int on) - { - int ret=0; -#if defined(TCP_NODELAY) && (defined(IPPROTO_TCP) || defined(SOL_TCP)) - int opt; - -#ifdef SOL_TCP - opt=SOL_TCP; -#else -#ifdef IPPROTO_TCP - opt=IPPROTO_TCP; -#endif -#endif - - ret=setsockopt(s,opt,TCP_NODELAY,(char *)&on,sizeof(on)); -#endif - return(ret == 0); - } -#endif - -int BIO_socket_nbio(int s, int mode) - { - int ret= -1; - unsigned long l; - - l=mode; -#ifdef FIONBIO - ret=BIO_socket_ioctl(s,FIONBIO,&l); -#endif - return(ret == 0); - } diff --git a/src/lib/libcrypto/bio/bf_buff.c b/src/lib/libcrypto/bio/bf_buff.c deleted file mode 100644 index f50e8f98a3..0000000000 --- a/src/lib/libcrypto/bio/bf_buff.c +++ /dev/null @@ -1,511 +0,0 @@ -/* crypto/bio/bf_buff.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include "cryptlib.h" -#include -#include - -static int buffer_write(BIO *h, const char *buf,int num); -static int buffer_read(BIO *h, char *buf, int size); -static int buffer_puts(BIO *h, const char *str); -static int buffer_gets(BIO *h, char *str, int size); -static long buffer_ctrl(BIO *h, int cmd, long arg1, void *arg2); -static int buffer_new(BIO *h); -static int buffer_free(BIO *data); -static long buffer_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp); -#define DEFAULT_BUFFER_SIZE 1024 - -static BIO_METHOD methods_buffer= - { - BIO_TYPE_BUFFER, - "buffer", - buffer_write, - buffer_read, - buffer_puts, - buffer_gets, - buffer_ctrl, - buffer_new, - buffer_free, - buffer_callback_ctrl, - }; - -BIO_METHOD *BIO_f_buffer(void) - { - return(&methods_buffer); - } - -static int buffer_new(BIO *bi) - { - BIO_F_BUFFER_CTX *ctx; - - ctx=(BIO_F_BUFFER_CTX *)OPENSSL_malloc(sizeof(BIO_F_BUFFER_CTX)); - if (ctx == NULL) return(0); - ctx->ibuf=(char *)OPENSSL_malloc(DEFAULT_BUFFER_SIZE); - if (ctx->ibuf == NULL) { OPENSSL_free(ctx); return(0); } - ctx->obuf=(char *)OPENSSL_malloc(DEFAULT_BUFFER_SIZE); - if (ctx->obuf == NULL) { OPENSSL_free(ctx->ibuf); OPENSSL_free(ctx); return(0); } - ctx->ibuf_size=DEFAULT_BUFFER_SIZE; - ctx->obuf_size=DEFAULT_BUFFER_SIZE; - ctx->ibuf_len=0; - ctx->ibuf_off=0; - ctx->obuf_len=0; - ctx->obuf_off=0; - - bi->init=1; - bi->ptr=(char *)ctx; - bi->flags=0; - return(1); - } - -static int buffer_free(BIO *a) - { - BIO_F_BUFFER_CTX *b; - - if (a == NULL) return(0); - b=(BIO_F_BUFFER_CTX *)a->ptr; - if (b->ibuf != NULL) OPENSSL_free(b->ibuf); - if (b->obuf != NULL) OPENSSL_free(b->obuf); - OPENSSL_free(a->ptr); - a->ptr=NULL; - a->init=0; - a->flags=0; - return(1); - } - -static int buffer_read(BIO *b, char *out, int outl) - { - int i,num=0; - BIO_F_BUFFER_CTX *ctx; - - if (out == NULL) return(0); - ctx=(BIO_F_BUFFER_CTX *)b->ptr; - - if ((ctx == NULL) || (b->next_bio == NULL)) return(0); - num=0; - BIO_clear_retry_flags(b); - -start: - i=ctx->ibuf_len; - /* If there is stuff left over, grab it */ - if (i != 0) - { - if (i > outl) i=outl; - memcpy(out,&(ctx->ibuf[ctx->ibuf_off]),i); - ctx->ibuf_off+=i; - ctx->ibuf_len-=i; - num+=i; - if (outl == i) return(num); - outl-=i; - out+=i; - } - - /* We may have done a partial read. try to do more. - * We have nothing in the buffer. - * If we get an error and have read some data, just return it - * and let them retry to get the error again. - * copy direct to parent address space */ - if (outl > ctx->ibuf_size) - { - for (;;) - { - i=BIO_read(b->next_bio,out,outl); - if (i <= 0) - { - BIO_copy_next_retry(b); - if (i < 0) return((num > 0)?num:i); - if (i == 0) return(num); - } - num+=i; - if (outl == i) return(num); - out+=i; - outl-=i; - } - } - /* else */ - - /* we are going to be doing some buffering */ - i=BIO_read(b->next_bio,ctx->ibuf,ctx->ibuf_size); - if (i <= 0) - { - BIO_copy_next_retry(b); - if (i < 0) return((num > 0)?num:i); - if (i == 0) return(num); - } - ctx->ibuf_off=0; - ctx->ibuf_len=i; - - /* Lets re-read using ourselves :-) */ - goto start; - } - -static int buffer_write(BIO *b, const char *in, int inl) - { - int i,num=0; - BIO_F_BUFFER_CTX *ctx; - - if ((in == NULL) || (inl <= 0)) return(0); - ctx=(BIO_F_BUFFER_CTX *)b->ptr; - if ((ctx == NULL) || (b->next_bio == NULL)) return(0); - - BIO_clear_retry_flags(b); -start: - i=ctx->obuf_size-(ctx->obuf_len+ctx->obuf_off); - /* add to buffer and return */ - if (i >= inl) - { - memcpy(&(ctx->obuf[ctx->obuf_len]),in,inl); - ctx->obuf_len+=inl; - return(num+inl); - } - /* else */ - /* stuff already in buffer, so add to it first, then flush */ - if (ctx->obuf_len != 0) - { - if (i > 0) /* lets fill it up if we can */ - { - memcpy(&(ctx->obuf[ctx->obuf_len]),in,i); - in+=i; - inl-=i; - num+=i; - ctx->obuf_len+=i; - } - /* we now have a full buffer needing flushing */ - for (;;) - { - i=BIO_write(b->next_bio,&(ctx->obuf[ctx->obuf_off]), - ctx->obuf_len); - if (i <= 0) - { - BIO_copy_next_retry(b); - - if (i < 0) return((num > 0)?num:i); - if (i == 0) return(num); - } - ctx->obuf_off+=i; - ctx->obuf_len-=i; - if (ctx->obuf_len == 0) break; - } - } - /* we only get here if the buffer has been flushed and we - * still have stuff to write */ - ctx->obuf_off=0; - - /* we now have inl bytes to write */ - while (inl >= ctx->obuf_size) - { - i=BIO_write(b->next_bio,in,inl); - if (i <= 0) - { - BIO_copy_next_retry(b); - if (i < 0) return((num > 0)?num:i); - if (i == 0) return(num); - } - num+=i; - in+=i; - inl-=i; - if (inl == 0) return(num); - } - - /* copy the rest into the buffer since we have only a small - * amount left */ - goto start; - } - -static long buffer_ctrl(BIO *b, int cmd, long num, void *ptr) - { - BIO *dbio; - BIO_F_BUFFER_CTX *ctx; - long ret=1; - char *p1,*p2; - int r,i,*ip; - int ibs,obs; - - ctx=(BIO_F_BUFFER_CTX *)b->ptr; - - switch (cmd) - { - case BIO_CTRL_RESET: - ctx->ibuf_off=0; - ctx->ibuf_len=0; - ctx->obuf_off=0; - ctx->obuf_len=0; - if (b->next_bio == NULL) return(0); - ret=BIO_ctrl(b->next_bio,cmd,num,ptr); - break; - case BIO_CTRL_INFO: - ret=(long)ctx->obuf_len; - break; - case BIO_C_GET_BUFF_NUM_LINES: - ret=0; - p1=ctx->ibuf; - for (i=ctx->ibuf_off; iibuf_len; i++) - { - if (p1[i] == '\n') ret++; - } - break; - case BIO_CTRL_WPENDING: - ret=(long)ctx->obuf_len; - if (ret == 0) - { - if (b->next_bio == NULL) return(0); - ret=BIO_ctrl(b->next_bio,cmd,num,ptr); - } - break; - case BIO_CTRL_PENDING: - ret=(long)ctx->ibuf_len; - if (ret == 0) - { - if (b->next_bio == NULL) return(0); - ret=BIO_ctrl(b->next_bio,cmd,num,ptr); - } - break; - case BIO_C_SET_BUFF_READ_DATA: - if (num > ctx->ibuf_size) - { - p1=OPENSSL_malloc((int)num); - if (p1 == NULL) goto malloc_error; - if (ctx->ibuf != NULL) OPENSSL_free(ctx->ibuf); - ctx->ibuf=p1; - } - ctx->ibuf_off=0; - ctx->ibuf_len=(int)num; - memcpy(ctx->ibuf,ptr,(int)num); - ret=1; - break; - case BIO_C_SET_BUFF_SIZE: - if (ptr != NULL) - { - ip=(int *)ptr; - if (*ip == 0) - { - ibs=(int)num; - obs=ctx->obuf_size; - } - else /* if (*ip == 1) */ - { - ibs=ctx->ibuf_size; - obs=(int)num; - } - } - else - { - ibs=(int)num; - obs=(int)num; - } - p1=ctx->ibuf; - p2=ctx->obuf; - if ((ibs > DEFAULT_BUFFER_SIZE) && (ibs != ctx->ibuf_size)) - { - p1=(char *)OPENSSL_malloc((int)num); - if (p1 == NULL) goto malloc_error; - } - if ((obs > DEFAULT_BUFFER_SIZE) && (obs != ctx->obuf_size)) - { - p2=(char *)OPENSSL_malloc((int)num); - if (p2 == NULL) - { - if (p1 != ctx->ibuf) OPENSSL_free(p1); - goto malloc_error; - } - } - if (ctx->ibuf != p1) - { - OPENSSL_free(ctx->ibuf); - ctx->ibuf=p1; - ctx->ibuf_off=0; - ctx->ibuf_len=0; - ctx->ibuf_size=ibs; - } - if (ctx->obuf != p2) - { - OPENSSL_free(ctx->obuf); - ctx->obuf=p2; - ctx->obuf_off=0; - ctx->obuf_len=0; - ctx->obuf_size=obs; - } - break; - case BIO_C_DO_STATE_MACHINE: - if (b->next_bio == NULL) return(0); - BIO_clear_retry_flags(b); - ret=BIO_ctrl(b->next_bio,cmd,num,ptr); - BIO_copy_next_retry(b); - break; - - case BIO_CTRL_FLUSH: - if (b->next_bio == NULL) return(0); - if (ctx->obuf_len <= 0) - { - ret=BIO_ctrl(b->next_bio,cmd,num,ptr); - break; - } - - for (;;) - { - BIO_clear_retry_flags(b); - if (ctx->obuf_len > ctx->obuf_off) - { - r=BIO_write(b->next_bio, - &(ctx->obuf[ctx->obuf_off]), - ctx->obuf_len-ctx->obuf_off); -#if 0 -fprintf(stderr,"FLUSH [%3d] %3d -> %3d\n",ctx->obuf_off,ctx->obuf_len-ctx->obuf_off,r); -#endif - BIO_copy_next_retry(b); - if (r <= 0) return((long)r); - ctx->obuf_off+=r; - } - else - { - ctx->obuf_len=0; - ctx->obuf_off=0; - ret=1; - break; - } - } - ret=BIO_ctrl(b->next_bio,cmd,num,ptr); - break; - case BIO_CTRL_DUP: - dbio=(BIO *)ptr; - if ( !BIO_set_read_buffer_size(dbio,ctx->ibuf_size) || - !BIO_set_write_buffer_size(dbio,ctx->obuf_size)) - ret=0; - break; - default: - if (b->next_bio == NULL) return(0); - ret=BIO_ctrl(b->next_bio,cmd,num,ptr); - break; - } - return(ret); -malloc_error: - BIOerr(BIO_F_BUFFER_CTRL,ERR_R_MALLOC_FAILURE); - return(0); - } - -static long buffer_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp) - { - long ret=1; - - if (b->next_bio == NULL) return(0); - switch (cmd) - { - default: - ret=BIO_callback_ctrl(b->next_bio,cmd,fp); - break; - } - return(ret); - } - -static int buffer_gets(BIO *b, char *buf, int size) - { - BIO_F_BUFFER_CTX *ctx; - int num=0,i,flag; - char *p; - - ctx=(BIO_F_BUFFER_CTX *)b->ptr; - size--; /* reserve space for a '\0' */ - BIO_clear_retry_flags(b); - - for (;;) - { - if (ctx->ibuf_len > 0) - { - p= &(ctx->ibuf[ctx->ibuf_off]); - flag=0; - for (i=0; (iibuf_len) && (iibuf_len-=i; - ctx->ibuf_off+=i; - if ((flag) || (i == size)) - { - *buf='\0'; - return(num); - } - } - else /* read another chunk */ - { - i=BIO_read(b->next_bio,ctx->ibuf,ctx->ibuf_size); - if (i <= 0) - { - BIO_copy_next_retry(b); - if (i < 0) return((num > 0)?num:i); - if (i == 0) return(num); - } - ctx->ibuf_len=i; - ctx->ibuf_off=0; - } - } - } - -static int buffer_puts(BIO *b, const char *str) - { - return(buffer_write(b,str,strlen(str))); - } - diff --git a/src/lib/libcrypto/bio/bf_lbuf.c b/src/lib/libcrypto/bio/bf_lbuf.c deleted file mode 100644 index 7bcf8ed941..0000000000 --- a/src/lib/libcrypto/bio/bf_lbuf.c +++ /dev/null @@ -1,397 +0,0 @@ -/* crypto/bio/bf_buff.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include "cryptlib.h" -#include -#include - -static int linebuffer_write(BIO *h, const char *buf,int num); -static int linebuffer_read(BIO *h, char *buf, int size); -static int linebuffer_puts(BIO *h, const char *str); -static int linebuffer_gets(BIO *h, char *str, int size); -static long linebuffer_ctrl(BIO *h, int cmd, long arg1, void *arg2); -static int linebuffer_new(BIO *h); -static int linebuffer_free(BIO *data); -static long linebuffer_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp); - -/* A 10k maximum should be enough for most purposes */ -#define DEFAULT_LINEBUFFER_SIZE 1024*10 - -/* #define DEBUG */ - -static BIO_METHOD methods_linebuffer= - { - BIO_TYPE_LINEBUFFER, - "linebuffer", - linebuffer_write, - linebuffer_read, - linebuffer_puts, - linebuffer_gets, - linebuffer_ctrl, - linebuffer_new, - linebuffer_free, - linebuffer_callback_ctrl, - }; - -BIO_METHOD *BIO_f_linebuffer(void) - { - return(&methods_linebuffer); - } - -typedef struct bio_linebuffer_ctx_struct - { - char *obuf; /* the output char array */ - int obuf_size; /* how big is the output buffer */ - int obuf_len; /* how many bytes are in it */ - } BIO_LINEBUFFER_CTX; - -static int linebuffer_new(BIO *bi) - { - BIO_LINEBUFFER_CTX *ctx; - - ctx=(BIO_LINEBUFFER_CTX *)OPENSSL_malloc(sizeof(BIO_LINEBUFFER_CTX)); - if (ctx == NULL) return(0); - ctx->obuf=(char *)OPENSSL_malloc(DEFAULT_LINEBUFFER_SIZE); - if (ctx->obuf == NULL) { OPENSSL_free(ctx); return(0); } - ctx->obuf_size=DEFAULT_LINEBUFFER_SIZE; - ctx->obuf_len=0; - - bi->init=1; - bi->ptr=(char *)ctx; - bi->flags=0; - return(1); - } - -static int linebuffer_free(BIO *a) - { - BIO_LINEBUFFER_CTX *b; - - if (a == NULL) return(0); - b=(BIO_LINEBUFFER_CTX *)a->ptr; - if (b->obuf != NULL) OPENSSL_free(b->obuf); - OPENSSL_free(a->ptr); - a->ptr=NULL; - a->init=0; - a->flags=0; - return(1); - } - -static int linebuffer_read(BIO *b, char *out, int outl) - { - int ret=0; - - if (out == NULL) return(0); - if (b->next_bio == NULL) return(0); - ret=BIO_read(b->next_bio,out,outl); - BIO_clear_retry_flags(b); - BIO_copy_next_retry(b); - return(ret); - } - -static int linebuffer_write(BIO *b, const char *in, int inl) - { - int i,num=0,foundnl; - BIO_LINEBUFFER_CTX *ctx; - - if ((in == NULL) || (inl <= 0)) return(0); - ctx=(BIO_LINEBUFFER_CTX *)b->ptr; - if ((ctx == NULL) || (b->next_bio == NULL)) return(0); - - BIO_clear_retry_flags(b); - - do - { - const char *p; - - for(p = in; p < in + inl && *p != '\n'; p++) - ; - if (*p == '\n') - { - p++; - foundnl = 1; - } - else - foundnl = 0; - - /* If a NL was found and we already have text in the save - buffer, concatenate them and write */ - while ((foundnl || p - in > ctx->obuf_size - ctx->obuf_len) - && ctx->obuf_len > 0) - { - int orig_olen = ctx->obuf_len; - - i = ctx->obuf_size - ctx->obuf_len; - if (p - in > 0) - { - if (i >= p - in) - { - memcpy(&(ctx->obuf[ctx->obuf_len]), - in,p - in); - ctx->obuf_len += p - in; - inl -= p - in; - num += p - in; - in = p; - } - else - { - memcpy(&(ctx->obuf[ctx->obuf_len]), - in,i); - ctx->obuf_len += i; - inl -= i; - in += i; - num += i; - } - } - -#ifdef DEBUG -BIO_write(b->next_bio, "<*<", 3); -#endif - i=BIO_write(b->next_bio, - ctx->obuf, ctx->obuf_len); - if (i <= 0) - { - ctx->obuf_len = orig_olen; - BIO_copy_next_retry(b); - -#ifdef DEBUG -BIO_write(b->next_bio, ">*>", 3); -#endif - if (i < 0) return((num > 0)?num:i); - if (i == 0) return(num); - } -#ifdef DEBUG -BIO_write(b->next_bio, ">*>", 3); -#endif - if (i < ctx->obuf_len) - memmove(ctx->obuf, ctx->obuf + i, - ctx->obuf_len - i); - ctx->obuf_len-=i; - } - - /* Now that the save buffer is emptied, let's write the input - buffer if a NL was found and there is anything to write. */ - if ((foundnl || p - in > ctx->obuf_size) && p - in > 0) - { -#ifdef DEBUG -BIO_write(b->next_bio, "<*<", 3); -#endif - i=BIO_write(b->next_bio,in,p - in); - if (i <= 0) - { - BIO_copy_next_retry(b); -#ifdef DEBUG -BIO_write(b->next_bio, ">*>", 3); -#endif - if (i < 0) return((num > 0)?num:i); - if (i == 0) return(num); - } -#ifdef DEBUG -BIO_write(b->next_bio, ">*>", 3); -#endif - num+=i; - in+=i; - inl-=i; - } - } - while(foundnl && inl > 0); - /* We've written as much as we can. The rest of the input buffer, if - any, is text that doesn't and with a NL and therefore needs to be - saved for the next trip. */ - if (inl > 0) - { - memcpy(&(ctx->obuf[ctx->obuf_len]), in, inl); - ctx->obuf_len += inl; - num += inl; - } - return num; - } - -static long linebuffer_ctrl(BIO *b, int cmd, long num, void *ptr) - { - BIO *dbio; - BIO_LINEBUFFER_CTX *ctx; - long ret=1; - char *p; - int r; - int obs; - - ctx=(BIO_LINEBUFFER_CTX *)b->ptr; - - switch (cmd) - { - case BIO_CTRL_RESET: - ctx->obuf_len=0; - if (b->next_bio == NULL) return(0); - ret=BIO_ctrl(b->next_bio,cmd,num,ptr); - break; - case BIO_CTRL_INFO: - ret=(long)ctx->obuf_len; - break; - case BIO_CTRL_WPENDING: - ret=(long)ctx->obuf_len; - if (ret == 0) - { - if (b->next_bio == NULL) return(0); - ret=BIO_ctrl(b->next_bio,cmd,num,ptr); - } - break; - case BIO_C_SET_BUFF_SIZE: - obs=(int)num; - p=ctx->obuf; - if ((obs > DEFAULT_LINEBUFFER_SIZE) && (obs != ctx->obuf_size)) - { - p=(char *)OPENSSL_malloc((int)num); - if (p == NULL) - goto malloc_error; - } - if (ctx->obuf != p) - { - if (ctx->obuf_len > obs) - { - ctx->obuf_len = obs; - } - memcpy(p, ctx->obuf, ctx->obuf_len); - OPENSSL_free(ctx->obuf); - ctx->obuf=p; - ctx->obuf_size=obs; - } - break; - case BIO_C_DO_STATE_MACHINE: - if (b->next_bio == NULL) return(0); - BIO_clear_retry_flags(b); - ret=BIO_ctrl(b->next_bio,cmd,num,ptr); - BIO_copy_next_retry(b); - break; - - case BIO_CTRL_FLUSH: - if (b->next_bio == NULL) return(0); - if (ctx->obuf_len <= 0) - { - ret=BIO_ctrl(b->next_bio,cmd,num,ptr); - break; - } - - for (;;) - { - BIO_clear_retry_flags(b); - if (ctx->obuf_len > 0) - { - r=BIO_write(b->next_bio, - ctx->obuf, ctx->obuf_len); -#if 0 -fprintf(stderr,"FLUSH %3d -> %3d\n",ctx->obuf_len,r); -#endif - BIO_copy_next_retry(b); - if (r <= 0) return((long)r); - if (r < ctx->obuf_len) - memmove(ctx->obuf, ctx->obuf + r, - ctx->obuf_len - r); - ctx->obuf_len-=r; - } - else - { - ctx->obuf_len=0; - ret=1; - break; - } - } - ret=BIO_ctrl(b->next_bio,cmd,num,ptr); - break; - case BIO_CTRL_DUP: - dbio=(BIO *)ptr; - if ( !BIO_set_write_buffer_size(dbio,ctx->obuf_size)) - ret=0; - break; - default: - if (b->next_bio == NULL) return(0); - ret=BIO_ctrl(b->next_bio,cmd,num,ptr); - break; - } - return(ret); -malloc_error: - BIOerr(BIO_F_LINEBUFFER_CTRL,ERR_R_MALLOC_FAILURE); - return(0); - } - -static long linebuffer_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp) - { - long ret=1; - - if (b->next_bio == NULL) return(0); - switch (cmd) - { - default: - ret=BIO_callback_ctrl(b->next_bio,cmd,fp); - break; - } - return(ret); - } - -static int linebuffer_gets(BIO *b, char *buf, int size) - { - if (b->next_bio == NULL) return(0); - return(BIO_gets(b->next_bio,buf,size)); - } - -static int linebuffer_puts(BIO *b, const char *str) - { - return(linebuffer_write(b,str,strlen(str))); - } - diff --git a/src/lib/libcrypto/bio/bf_nbio.c b/src/lib/libcrypto/bio/bf_nbio.c deleted file mode 100644 index 413ef5c4c5..0000000000 --- a/src/lib/libcrypto/bio/bf_nbio.c +++ /dev/null @@ -1,256 +0,0 @@ -/* crypto/bio/bf_nbio.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include "cryptlib.h" -#include -#include -#include - -/* BIO_put and BIO_get both add to the digest, - * BIO_gets returns the digest */ - -static int nbiof_write(BIO *h,const char *buf,int num); -static int nbiof_read(BIO *h,char *buf,int size); -static int nbiof_puts(BIO *h,const char *str); -static int nbiof_gets(BIO *h,char *str,int size); -static long nbiof_ctrl(BIO *h,int cmd,long arg1,void *arg2); -static int nbiof_new(BIO *h); -static int nbiof_free(BIO *data); -static long nbiof_callback_ctrl(BIO *h,int cmd,bio_info_cb *fp); -typedef struct nbio_test_st - { - /* only set if we sent a 'should retry' error */ - int lrn; - int lwn; - } NBIO_TEST; - -static BIO_METHOD methods_nbiof= - { - BIO_TYPE_NBIO_TEST, - "non-blocking IO test filter", - nbiof_write, - nbiof_read, - nbiof_puts, - nbiof_gets, - nbiof_ctrl, - nbiof_new, - nbiof_free, - nbiof_callback_ctrl, - }; - -BIO_METHOD *BIO_f_nbio_test(void) - { - return(&methods_nbiof); - } - -static int nbiof_new(BIO *bi) - { - NBIO_TEST *nt; - - nt=(NBIO_TEST *)OPENSSL_malloc(sizeof(NBIO_TEST)); - nt->lrn= -1; - nt->lwn= -1; - bi->ptr=(char *)nt; - bi->init=1; - bi->flags=0; - return(1); - } - -static int nbiof_free(BIO *a) - { - if (a == NULL) return(0); - if (a->ptr != NULL) - OPENSSL_free(a->ptr); - a->ptr=NULL; - a->init=0; - a->flags=0; - return(1); - } - -static int nbiof_read(BIO *b, char *out, int outl) - { - NBIO_TEST *nt; - int ret=0; -#if 0 - int num; - unsigned char n; -#endif - - if (out == NULL) return(0); - if (b->next_bio == NULL) return(0); - nt=(NBIO_TEST *)b->ptr; - - BIO_clear_retry_flags(b); -#if 0 - RAND_pseudo_bytes(&n,1); - num=(n&0x07); - - if (outl > num) outl=num; - - if (num == 0) - { - ret= -1; - BIO_set_retry_read(b); - } - else -#endif - { - ret=BIO_read(b->next_bio,out,outl); - if (ret < 0) - BIO_copy_next_retry(b); - } - return(ret); - } - -static int nbiof_write(BIO *b, const char *in, int inl) - { - NBIO_TEST *nt; - int ret=0; - int num; - unsigned char n; - - if ((in == NULL) || (inl <= 0)) return(0); - if (b->next_bio == NULL) return(0); - nt=(NBIO_TEST *)b->ptr; - - BIO_clear_retry_flags(b); - -#if 1 - if (nt->lwn > 0) - { - num=nt->lwn; - nt->lwn=0; - } - else - { - RAND_pseudo_bytes(&n,1); - num=(n&7); - } - - if (inl > num) inl=num; - - if (num == 0) - { - ret= -1; - BIO_set_retry_write(b); - } - else -#endif - { - ret=BIO_write(b->next_bio,in,inl); - if (ret < 0) - { - BIO_copy_next_retry(b); - nt->lwn=inl; - } - } - return(ret); - } - -static long nbiof_ctrl(BIO *b, int cmd, long num, void *ptr) - { - long ret; - - if (b->next_bio == NULL) return(0); - switch (cmd) - { - case BIO_C_DO_STATE_MACHINE: - BIO_clear_retry_flags(b); - ret=BIO_ctrl(b->next_bio,cmd,num,ptr); - BIO_copy_next_retry(b); - break; - case BIO_CTRL_DUP: - ret=0L; - break; - default: - ret=BIO_ctrl(b->next_bio,cmd,num,ptr); - break; - } - return(ret); - } - -static long nbiof_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp) - { - long ret=1; - - if (b->next_bio == NULL) return(0); - switch (cmd) - { - default: - ret=BIO_callback_ctrl(b->next_bio,cmd,fp); - break; - } - return(ret); - } - -static int nbiof_gets(BIO *bp, char *buf, int size) - { - if (bp->next_bio == NULL) return(0); - return(BIO_gets(bp->next_bio,buf,size)); - } - - -static int nbiof_puts(BIO *bp, const char *str) - { - if (bp->next_bio == NULL) return(0); - return(BIO_puts(bp->next_bio,str)); - } - - diff --git a/src/lib/libcrypto/bio/bf_null.c b/src/lib/libcrypto/bio/bf_null.c deleted file mode 100644 index 2678a1a85d..0000000000 --- a/src/lib/libcrypto/bio/bf_null.c +++ /dev/null @@ -1,184 +0,0 @@ -/* crypto/bio/bf_null.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include "cryptlib.h" -#include -#include - -/* BIO_put and BIO_get both add to the digest, - * BIO_gets returns the digest */ - -static int nullf_write(BIO *h, const char *buf, int num); -static int nullf_read(BIO *h, char *buf, int size); -static int nullf_puts(BIO *h, const char *str); -static int nullf_gets(BIO *h, char *str, int size); -static long nullf_ctrl(BIO *h, int cmd, long arg1, void *arg2); -static int nullf_new(BIO *h); -static int nullf_free(BIO *data); -static long nullf_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp); -static BIO_METHOD methods_nullf= - { - BIO_TYPE_NULL_FILTER, - "NULL filter", - nullf_write, - nullf_read, - nullf_puts, - nullf_gets, - nullf_ctrl, - nullf_new, - nullf_free, - nullf_callback_ctrl, - }; - -BIO_METHOD *BIO_f_null(void) - { - return(&methods_nullf); - } - -static int nullf_new(BIO *bi) - { - bi->init=1; - bi->ptr=NULL; - bi->flags=0; - return(1); - } - -static int nullf_free(BIO *a) - { - if (a == NULL) return(0); -/* a->ptr=NULL; - a->init=0; - a->flags=0;*/ - return(1); - } - -static int nullf_read(BIO *b, char *out, int outl) - { - int ret=0; - - if (out == NULL) return(0); - if (b->next_bio == NULL) return(0); - ret=BIO_read(b->next_bio,out,outl); - BIO_clear_retry_flags(b); - BIO_copy_next_retry(b); - return(ret); - } - -static int nullf_write(BIO *b, const char *in, int inl) - { - int ret=0; - - if ((in == NULL) || (inl <= 0)) return(0); - if (b->next_bio == NULL) return(0); - ret=BIO_write(b->next_bio,in,inl); - BIO_clear_retry_flags(b); - BIO_copy_next_retry(b); - return(ret); - } - -static long nullf_ctrl(BIO *b, int cmd, long num, void *ptr) - { - long ret; - - if (b->next_bio == NULL) return(0); - switch(cmd) - { - case BIO_C_DO_STATE_MACHINE: - BIO_clear_retry_flags(b); - ret=BIO_ctrl(b->next_bio,cmd,num,ptr); - BIO_copy_next_retry(b); - break; - case BIO_CTRL_DUP: - ret=0L; - break; - default: - ret=BIO_ctrl(b->next_bio,cmd,num,ptr); - } - return(ret); - } - -static long nullf_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp) - { - long ret=1; - - if (b->next_bio == NULL) return(0); - switch (cmd) - { - default: - ret=BIO_callback_ctrl(b->next_bio,cmd,fp); - break; - } - return(ret); - } - -static int nullf_gets(BIO *bp, char *buf, int size) - { - if (bp->next_bio == NULL) return(0); - return(BIO_gets(bp->next_bio,buf,size)); - } - - -static int nullf_puts(BIO *bp, const char *str) - { - if (bp->next_bio == NULL) return(0); - return(BIO_puts(bp->next_bio,str)); - } - - diff --git a/src/lib/libcrypto/bio/bio.h b/src/lib/libcrypto/bio/bio.h deleted file mode 100644 index 97003b503c..0000000000 --- a/src/lib/libcrypto/bio/bio.h +++ /dev/null @@ -1,687 +0,0 @@ -/* crypto/bio/bio.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_BIO_H -#define HEADER_BIO_H - -#ifndef NO_FP_API -# include -#endif -#include - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -/* These are the 'types' of BIOs */ -#define BIO_TYPE_NONE 0 -#define BIO_TYPE_MEM (1|0x0400) -#define BIO_TYPE_FILE (2|0x0400) - -#define BIO_TYPE_FD (4|0x0400|0x0100) -#define BIO_TYPE_SOCKET (5|0x0400|0x0100) -#define BIO_TYPE_NULL (6|0x0400) -#define BIO_TYPE_SSL (7|0x0200) -#define BIO_TYPE_MD (8|0x0200) /* passive filter */ -#define BIO_TYPE_BUFFER (9|0x0200) /* filter */ -#define BIO_TYPE_CIPHER (10|0x0200) /* filter */ -#define BIO_TYPE_BASE64 (11|0x0200) /* filter */ -#define BIO_TYPE_CONNECT (12|0x0400|0x0100) /* socket - connect */ -#define BIO_TYPE_ACCEPT (13|0x0400|0x0100) /* socket for accept */ -#define BIO_TYPE_PROXY_CLIENT (14|0x0200) /* client proxy BIO */ -#define BIO_TYPE_PROXY_SERVER (15|0x0200) /* server proxy BIO */ -#define BIO_TYPE_NBIO_TEST (16|0x0200) /* server proxy BIO */ -#define BIO_TYPE_NULL_FILTER (17|0x0200) -#define BIO_TYPE_BER (18|0x0200) /* BER -> bin filter */ -#define BIO_TYPE_BIO (19|0x0400) /* (half a) BIO pair */ -#define BIO_TYPE_LINEBUFFER (20|0x0200) /* filter */ - -#define BIO_TYPE_DESCRIPTOR 0x0100 /* socket, fd, connect or accept */ -#define BIO_TYPE_FILTER 0x0200 -#define BIO_TYPE_SOURCE_SINK 0x0400 - -/* BIO_FILENAME_READ|BIO_CLOSE to open or close on free. - * BIO_set_fp(in,stdin,BIO_NOCLOSE); */ -#define BIO_NOCLOSE 0x00 -#define BIO_CLOSE 0x01 - -/* These are used in the following macros and are passed to - * BIO_ctrl() */ -#define BIO_CTRL_RESET 1 /* opt - rewind/zero etc */ -#define BIO_CTRL_EOF 2 /* opt - are we at the eof */ -#define BIO_CTRL_INFO 3 /* opt - extra tit-bits */ -#define BIO_CTRL_SET 4 /* man - set the 'IO' type */ -#define BIO_CTRL_GET 5 /* man - get the 'IO' type */ -#define BIO_CTRL_PUSH 6 /* opt - internal, used to signify change */ -#define BIO_CTRL_POP 7 /* opt - internal, used to signify change */ -#define BIO_CTRL_GET_CLOSE 8 /* man - set the 'close' on free */ -#define BIO_CTRL_SET_CLOSE 9 /* man - set the 'close' on free */ -#define BIO_CTRL_PENDING 10 /* opt - is their more data buffered */ -#define BIO_CTRL_FLUSH 11 /* opt - 'flush' buffered output */ -#define BIO_CTRL_DUP 12 /* man - extra stuff for 'duped' BIO */ -#define BIO_CTRL_WPENDING 13 /* opt - number of bytes still to write */ -/* callback is int cb(BIO *bio,state,ret); */ -#define BIO_CTRL_SET_CALLBACK 14 /* opt - set callback function */ -#define BIO_CTRL_GET_CALLBACK 15 /* opt - set callback function */ - -#define BIO_CTRL_SET_FILENAME 30 /* BIO_s_file special */ - -/* modifiers */ -#define BIO_FP_READ 0x02 -#define BIO_FP_WRITE 0x04 -#define BIO_FP_APPEND 0x08 -#define BIO_FP_TEXT 0x10 - -#define BIO_FLAGS_READ 0x01 -#define BIO_FLAGS_WRITE 0x02 -#define BIO_FLAGS_IO_SPECIAL 0x04 -#define BIO_FLAGS_RWS (BIO_FLAGS_READ|BIO_FLAGS_WRITE|BIO_FLAGS_IO_SPECIAL) -#define BIO_FLAGS_SHOULD_RETRY 0x08 - -/* Used in BIO_gethostbyname() */ -#define BIO_GHBN_CTRL_HITS 1 -#define BIO_GHBN_CTRL_MISSES 2 -#define BIO_GHBN_CTRL_CACHE_SIZE 3 -#define BIO_GHBN_CTRL_GET_ENTRY 4 -#define BIO_GHBN_CTRL_FLUSH 5 - -/* Mostly used in the SSL BIO */ -/* Not used anymore - * #define BIO_FLAGS_PROTOCOL_DELAYED_READ 0x10 - * #define BIO_FLAGS_PROTOCOL_DELAYED_WRITE 0x20 - * #define BIO_FLAGS_PROTOCOL_STARTUP 0x40 - */ - -#define BIO_FLAGS_BASE64_NO_NL 0x100 - -/* This is used with memory BIOs: it means we shouldn't free up or change the - * data in any way. - */ -#define BIO_FLAGS_MEM_RDONLY 0x200 - -#define BIO_set_flags(b,f) ((b)->flags|=(f)) -#define BIO_get_flags(b) ((b)->flags) -#define BIO_set_retry_special(b) \ - ((b)->flags|=(BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY)) -#define BIO_set_retry_read(b) \ - ((b)->flags|=(BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY)) -#define BIO_set_retry_write(b) \ - ((b)->flags|=(BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY)) - -/* These are normally used internally in BIOs */ -#define BIO_clear_flags(b,f) ((b)->flags&= ~(f)) -#define BIO_clear_retry_flags(b) \ - ((b)->flags&= ~(BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY)) -#define BIO_get_retry_flags(b) \ - ((b)->flags&(BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY)) - -/* These should be used by the application to tell why we should retry */ -#define BIO_should_read(a) ((a)->flags & BIO_FLAGS_READ) -#define BIO_should_write(a) ((a)->flags & BIO_FLAGS_WRITE) -#define BIO_should_io_special(a) ((a)->flags & BIO_FLAGS_IO_SPECIAL) -#define BIO_retry_type(a) ((a)->flags & BIO_FLAGS_RWS) -#define BIO_should_retry(a) ((a)->flags & BIO_FLAGS_SHOULD_RETRY) - -/* The next two are used in conjunction with the - * BIO_should_io_special() condition. After this returns true, - * BIO *BIO_get_retry_BIO(BIO *bio, int *reason); will walk the BIO - * stack and return the 'reason' for the special and the offending BIO. - * Given a BIO, BIO_get_retry_reason(bio) will return the code. */ -/* Returned from the SSL bio when the certificate retrieval code had an error */ -#define BIO_RR_SSL_X509_LOOKUP 0x01 -/* Returned from the connect BIO when a connect would have blocked */ -#define BIO_RR_CONNECT 0x02 - -/* These are passed by the BIO callback */ -#define BIO_CB_FREE 0x01 -#define BIO_CB_READ 0x02 -#define BIO_CB_WRITE 0x03 -#define BIO_CB_PUTS 0x04 -#define BIO_CB_GETS 0x05 -#define BIO_CB_CTRL 0x06 - -/* The callback is called before and after the underling operation, - * The BIO_CB_RETURN flag indicates if it is after the call */ -#define BIO_CB_RETURN 0x80 -#define BIO_CB_return(a) ((a)|BIO_CB_RETURN)) -#define BIO_cb_pre(a) (!((a)&BIO_CB_RETURN)) -#define BIO_cb_post(a) ((a)&BIO_CB_RETURN) - -#define BIO_set_callback(b,cb) ((b)->callback=(cb)) -#define BIO_set_callback_arg(b,arg) ((b)->cb_arg=(char *)(arg)) -#define BIO_get_callback_arg(b) ((b)->cb_arg) -#define BIO_get_callback(b) ((b)->callback) -#define BIO_method_name(b) ((b)->method->name) -#define BIO_method_type(b) ((b)->method->type) - -typedef struct bio_st BIO; - -typedef void bio_info_cb(struct bio_st *, int, const char *, int, long, long); - -#ifndef WIN16 -typedef struct bio_method_st - { - int type; - const char *name; - int (*bwrite)(BIO *, const char *, int); - int (*bread)(BIO *, char *, int); - int (*bputs)(BIO *, const char *); - int (*bgets)(BIO *, char *, int); - long (*ctrl)(BIO *, int, long, void *); - int (*create)(BIO *); - int (*destroy)(BIO *); - long (*callback_ctrl)(BIO *, int, bio_info_cb *); - } BIO_METHOD; -#else -typedef struct bio_method_st - { - int type; - const char *name; - int (_far *bwrite)(); - int (_far *bread)(); - int (_far *bputs)(); - int (_far *bgets)(); - long (_far *ctrl)(); - int (_far *create)(); - int (_far *destroy)(); - long (_fat *callback_ctrl)(); - } BIO_METHOD; -#endif - -struct bio_st - { - BIO_METHOD *method; - /* bio, mode, argp, argi, argl, ret */ - long (*callback)(struct bio_st *,int,const char *,int, long,long); - char *cb_arg; /* first argument for the callback */ - - int init; - int shutdown; - int flags; /* extra storage */ - int retry_reason; - int num; - void *ptr; - struct bio_st *next_bio; /* used by filter BIOs */ - struct bio_st *prev_bio; /* used by filter BIOs */ - int references; - unsigned long num_read; - unsigned long num_write; - - CRYPTO_EX_DATA ex_data; - }; - -DECLARE_STACK_OF(BIO) - -typedef struct bio_f_buffer_ctx_struct - { - /* BIO *bio; */ /* this is now in the BIO struct */ - int ibuf_size; /* how big is the input buffer */ - int obuf_size; /* how big is the output buffer */ - - char *ibuf; /* the char array */ - int ibuf_len; /* how many bytes are in it */ - int ibuf_off; /* write/read offset */ - - char *obuf; /* the char array */ - int obuf_len; /* how many bytes are in it */ - int obuf_off; /* write/read offset */ - } BIO_F_BUFFER_CTX; - -/* connect BIO stuff */ -#define BIO_CONN_S_BEFORE 1 -#define BIO_CONN_S_GET_IP 2 -#define BIO_CONN_S_GET_PORT 3 -#define BIO_CONN_S_CREATE_SOCKET 4 -#define BIO_CONN_S_CONNECT 5 -#define BIO_CONN_S_OK 6 -#define BIO_CONN_S_BLOCKED_CONNECT 7 -#define BIO_CONN_S_NBIO 8 -/*#define BIO_CONN_get_param_hostname BIO_ctrl */ - -#define BIO_C_SET_CONNECT 100 -#define BIO_C_DO_STATE_MACHINE 101 -#define BIO_C_SET_NBIO 102 -#define BIO_C_SET_PROXY_PARAM 103 -#define BIO_C_SET_FD 104 -#define BIO_C_GET_FD 105 -#define BIO_C_SET_FILE_PTR 106 -#define BIO_C_GET_FILE_PTR 107 -#define BIO_C_SET_FILENAME 108 -#define BIO_C_SET_SSL 109 -#define BIO_C_GET_SSL 110 -#define BIO_C_SET_MD 111 -#define BIO_C_GET_MD 112 -#define BIO_C_GET_CIPHER_STATUS 113 -#define BIO_C_SET_BUF_MEM 114 -#define BIO_C_GET_BUF_MEM_PTR 115 -#define BIO_C_GET_BUFF_NUM_LINES 116 -#define BIO_C_SET_BUFF_SIZE 117 -#define BIO_C_SET_ACCEPT 118 -#define BIO_C_SSL_MODE 119 -#define BIO_C_GET_MD_CTX 120 -#define BIO_C_GET_PROXY_PARAM 121 -#define BIO_C_SET_BUFF_READ_DATA 122 /* data to read first */ -#define BIO_C_GET_CONNECT 123 -#define BIO_C_GET_ACCEPT 124 -#define BIO_C_SET_SSL_RENEGOTIATE_BYTES 125 -#define BIO_C_GET_SSL_NUM_RENEGOTIATES 126 -#define BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT 127 -#define BIO_C_FILE_SEEK 128 -#define BIO_C_GET_CIPHER_CTX 129 -#define BIO_C_SET_BUF_MEM_EOF_RETURN 130/*return end of input value*/ -#define BIO_C_SET_BIND_MODE 131 -#define BIO_C_GET_BIND_MODE 132 -#define BIO_C_FILE_TELL 133 -#define BIO_C_GET_SOCKS 134 -#define BIO_C_SET_SOCKS 135 - -#define BIO_C_SET_WRITE_BUF_SIZE 136/* for BIO_s_bio */ -#define BIO_C_GET_WRITE_BUF_SIZE 137 -#define BIO_C_MAKE_BIO_PAIR 138 -#define BIO_C_DESTROY_BIO_PAIR 139 -#define BIO_C_GET_WRITE_GUARANTEE 140 -#define BIO_C_GET_READ_REQUEST 141 -#define BIO_C_SHUTDOWN_WR 142 -#define BIO_C_NREAD0 143 -#define BIO_C_NREAD 144 -#define BIO_C_NWRITE0 145 -#define BIO_C_NWRITE 146 -#define BIO_C_RESET_READ_REQUEST 147 - - -#define BIO_set_app_data(s,arg) BIO_set_ex_data(s,0,arg) -#define BIO_get_app_data(s) BIO_get_ex_data(s,0) - -/* BIO_s_connect() and BIO_s_socks4a_connect() */ -#define BIO_set_conn_hostname(b,name) BIO_ctrl(b,BIO_C_SET_CONNECT,0,(char *)name) -#define BIO_set_conn_port(b,port) BIO_ctrl(b,BIO_C_SET_CONNECT,1,(char *)port) -#define BIO_set_conn_ip(b,ip) BIO_ctrl(b,BIO_C_SET_CONNECT,2,(char *)ip) -#define BIO_set_conn_int_port(b,port) BIO_ctrl(b,BIO_C_SET_CONNECT,3,(char *)port) -#define BIO_get_conn_hostname(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,0) -#define BIO_get_conn_port(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,1) -#define BIO_get_conn_ip(b,ip) BIO_ptr_ctrl(b,BIO_C_SET_CONNECT,2) -#define BIO_get_conn_int_port(b,port) BIO_int_ctrl(b,BIO_C_SET_CONNECT,3,port) - - -#define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL) - -/* BIO_s_accept_socket() */ -#define BIO_set_accept_port(b,name) BIO_ctrl(b,BIO_C_SET_ACCEPT,0,(char *)name) -#define BIO_get_accept_port(b) BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,0) -/* #define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL) */ -#define BIO_set_nbio_accept(b,n) BIO_ctrl(b,BIO_C_SET_ACCEPT,1,(n)?"a":NULL) -#define BIO_set_accept_bios(b,bio) BIO_ctrl(b,BIO_C_SET_ACCEPT,2,(char *)bio) - -#define BIO_BIND_NORMAL 0 -#define BIO_BIND_REUSEADDR_IF_UNUSED 1 -#define BIO_BIND_REUSEADDR 2 -#define BIO_set_bind_mode(b,mode) BIO_ctrl(b,BIO_C_SET_BIND_MODE,mode,NULL) -#define BIO_get_bind_mode(b,mode) BIO_ctrl(b,BIO_C_GET_BIND_MODE,0,NULL) - -#define BIO_do_connect(b) BIO_do_handshake(b) -#define BIO_do_accept(b) BIO_do_handshake(b) -#define BIO_do_handshake(b) BIO_ctrl(b,BIO_C_DO_STATE_MACHINE,0,NULL) - -/* BIO_s_proxy_client() */ -#define BIO_set_url(b,url) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,0,(char *)(url)) -#define BIO_set_proxies(b,p) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,1,(char *)(p)) -/* BIO_set_nbio(b,n) */ -#define BIO_set_filter_bio(b,s) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,2,(char *)(s)) -/* BIO *BIO_get_filter_bio(BIO *bio); */ -#define BIO_set_proxy_cb(b,cb) BIO_callback_ctrl(b,BIO_C_SET_PROXY_PARAM,3,(void *(*cb)())) -#define BIO_set_proxy_header(b,sk) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,4,(char *)sk) -#define BIO_set_no_connect_return(b,bool) BIO_int_ctrl(b,BIO_C_SET_PROXY_PARAM,5,bool) - -#define BIO_get_proxy_header(b,skp) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,0,(char *)skp) -#define BIO_get_proxies(b,pxy_p) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,1,(char *)(pxy_p)) -#define BIO_get_url(b,url) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,2,(char *)(url)) -#define BIO_get_no_connect_return(b) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,5,NULL) - -#define BIO_set_fd(b,fd,c) BIO_int_ctrl(b,BIO_C_SET_FD,c,fd) -#define BIO_get_fd(b,c) BIO_ctrl(b,BIO_C_GET_FD,0,(char *)c) - -#define BIO_set_fp(b,fp,c) BIO_ctrl(b,BIO_C_SET_FILE_PTR,c,(char *)fp) -#define BIO_get_fp(b,fpp) BIO_ctrl(b,BIO_C_GET_FILE_PTR,0,(char *)fpp) - -#define BIO_seek(b,ofs) (int)BIO_ctrl(b,BIO_C_FILE_SEEK,ofs,NULL) -#define BIO_tell(b) (int)BIO_ctrl(b,BIO_C_FILE_TELL,0,NULL) - -/* name is cast to lose const, but might be better to route through a function - so we can do it safely */ -#ifdef CONST_STRICT -/* If you are wondering why this isn't defined, its because CONST_STRICT is - * purely a compile-time kludge to allow const to be checked. - */ -int BIO_read_filename(BIO *b,const char *name); -#else -#define BIO_read_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \ - BIO_CLOSE|BIO_FP_READ,(char *)name) -#endif -#define BIO_write_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \ - BIO_CLOSE|BIO_FP_WRITE,name) -#define BIO_append_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \ - BIO_CLOSE|BIO_FP_APPEND,name) -#define BIO_rw_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \ - BIO_CLOSE|BIO_FP_READ|BIO_FP_WRITE,name) - -/* WARNING WARNING, this ups the reference count on the read bio of the - * SSL structure. This is because the ssl read BIO is now pointed to by - * the next_bio field in the bio. So when you free the BIO, make sure - * you are doing a BIO_free_all() to catch the underlying BIO. */ -#define BIO_set_ssl(b,ssl,c) BIO_ctrl(b,BIO_C_SET_SSL,c,(char *)ssl) -#define BIO_get_ssl(b,sslp) BIO_ctrl(b,BIO_C_GET_SSL,0,(char *)sslp) -#define BIO_set_ssl_mode(b,client) BIO_ctrl(b,BIO_C_SSL_MODE,client,NULL) -#define BIO_set_ssl_renegotiate_bytes(b,num) \ - BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_BYTES,num,NULL); -#define BIO_get_num_renegotiates(b) \ - BIO_ctrl(b,BIO_C_SET_SSL_NUM_RENEGOTIATES,0,NULL); -#define BIO_set_ssl_renegotiate_timeout(b,seconds) \ - BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT,seconds,NULL); - -/* defined in evp.h */ -/* #define BIO_set_md(b,md) BIO_ctrl(b,BIO_C_SET_MD,1,(char *)md) */ - -#define BIO_get_mem_data(b,pp) BIO_ctrl(b,BIO_CTRL_INFO,0,(char *)pp) -#define BIO_set_mem_buf(b,bm,c) BIO_ctrl(b,BIO_C_SET_BUF_MEM,c,(char *)bm) -#define BIO_get_mem_ptr(b,pp) BIO_ctrl(b,BIO_C_GET_BUF_MEM_PTR,0,(char *)pp) -#define BIO_set_mem_eof_return(b,v) \ - BIO_ctrl(b,BIO_C_SET_BUF_MEM_EOF_RETURN,v,NULL) - -/* For the BIO_f_buffer() type */ -#define BIO_get_buffer_num_lines(b) BIO_ctrl(b,BIO_C_GET_BUFF_NUM_LINES,0,NULL) -#define BIO_set_buffer_size(b,size) BIO_ctrl(b,BIO_C_SET_BUFF_SIZE,size,NULL) -#define BIO_set_read_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,0) -#define BIO_set_write_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,1) -#define BIO_set_buffer_read_data(b,buf,num) BIO_ctrl(b,BIO_C_SET_BUFF_READ_DATA,num,buf) - -/* Don't use the next one unless you know what you are doing :-) */ -#define BIO_dup_state(b,ret) BIO_ctrl(b,BIO_CTRL_DUP,0,(char *)(ret)) - -#define BIO_reset(b) (int)BIO_ctrl(b,BIO_CTRL_RESET,0,NULL) -#define BIO_eof(b) (int)BIO_ctrl(b,BIO_CTRL_EOF,0,NULL) -#define BIO_set_close(b,c) (int)BIO_ctrl(b,BIO_CTRL_SET_CLOSE,(c),NULL) -#define BIO_get_close(b) (int)BIO_ctrl(b,BIO_CTRL_GET_CLOSE,0,NULL) -#define BIO_pending(b) (int)BIO_ctrl(b,BIO_CTRL_PENDING,0,NULL) -#define BIO_wpending(b) (int)BIO_ctrl(b,BIO_CTRL_WPENDING,0,NULL) -/* ...pending macros have inappropriate return type */ -size_t BIO_ctrl_pending(BIO *b); -size_t BIO_ctrl_wpending(BIO *b); -#define BIO_flush(b) (int)BIO_ctrl(b,BIO_CTRL_FLUSH,0,NULL) -#define BIO_get_info_callback(b,cbp) (int)BIO_ctrl(b,BIO_CTRL_GET_CALLBACK,0,(bio_info_cb **)(cbp)) -#define BIO_set_info_callback(b,cb) (int)BIO_callback_ctrl(b,BIO_CTRL_SET_CALLBACK,(bio_info_cb *)(cb)) - -/* For the BIO_f_buffer() type */ -#define BIO_buffer_get_num_lines(b) BIO_ctrl(b,BIO_CTRL_GET,0,NULL) - -/* For BIO_s_bio() */ -#define BIO_set_write_buf_size(b,size) (int)BIO_ctrl(b,BIO_C_SET_WRITE_BUF_SIZE,size,NULL) -#define BIO_get_write_buf_size(b,size) (size_t)BIO_ctrl(b,BIO_C_GET_WRITE_BUF_SIZE,size,NULL) -#define BIO_make_bio_pair(b1,b2) (int)BIO_ctrl(b1,BIO_C_MAKE_BIO_PAIR,0,b2) -#define BIO_destroy_bio_pair(b) (int)BIO_ctrl(b,BIO_C_DESTROY_BIO_PAIR,0,NULL) -#define BIO_shutdown_wr(b) (int)BIO_ctrl(b, BIO_C_SHUTDOWN_WR, 0, NULL) -/* macros with inappropriate type -- but ...pending macros use int too: */ -#define BIO_get_write_guarantee(b) (int)BIO_ctrl(b,BIO_C_GET_WRITE_GUARANTEE,0,NULL) -#define BIO_get_read_request(b) (int)BIO_ctrl(b,BIO_C_GET_READ_REQUEST,0,NULL) -size_t BIO_ctrl_get_write_guarantee(BIO *b); -size_t BIO_ctrl_get_read_request(BIO *b); -int BIO_ctrl_reset_read_request(BIO *b); - -/* These two aren't currently implemented */ -/* int BIO_get_ex_num(BIO *bio); */ -/* void BIO_set_ex_free_func(BIO *bio,int idx,void (*cb)()); */ -int BIO_set_ex_data(BIO *bio,int idx,void *data); -void *BIO_get_ex_data(BIO *bio,int idx); -int BIO_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); -unsigned long BIO_number_read(BIO *bio); -unsigned long BIO_number_written(BIO *bio); - -# ifndef NO_FP_API -# if defined(WIN16) && defined(_WINDLL) -BIO_METHOD *BIO_s_file_internal(void); -BIO *BIO_new_file_internal(char *filename, char *mode); -BIO *BIO_new_fp_internal(FILE *stream, int close_flag); -# define BIO_s_file BIO_s_file_internal -# define BIO_new_file BIO_new_file_internal -# define BIO_new_fp BIO_new_fp_internal -# else /* FP_API */ -BIO_METHOD *BIO_s_file(void ); -BIO *BIO_new_file(const char *filename, const char *mode); -BIO *BIO_new_fp(FILE *stream, int close_flag); -# define BIO_s_file_internal BIO_s_file -# define BIO_new_file_internal BIO_new_file -# define BIO_new_fp_internal BIO_s_file -# endif /* FP_API */ -# endif -BIO * BIO_new(BIO_METHOD *type); -int BIO_set(BIO *a,BIO_METHOD *type); -int BIO_free(BIO *a); -void BIO_vfree(BIO *a); -int BIO_read(BIO *b, void *data, int len); -int BIO_gets(BIO *bp,char *buf, int size); -int BIO_write(BIO *b, const void *data, int len); -int BIO_puts(BIO *bp,const char *buf); -long BIO_ctrl(BIO *bp,int cmd,long larg,void *parg); -long BIO_callback_ctrl(BIO *b, int cmd, void (*fp)(struct bio_st *, int, const char *, int, long, long)); -char * BIO_ptr_ctrl(BIO *bp,int cmd,long larg); -long BIO_int_ctrl(BIO *bp,int cmd,long larg,int iarg); -BIO * BIO_push(BIO *b,BIO *append); -BIO * BIO_pop(BIO *b); -void BIO_free_all(BIO *a); -BIO * BIO_find_type(BIO *b,int bio_type); -BIO * BIO_next(BIO *b); -BIO * BIO_get_retry_BIO(BIO *bio, int *reason); -int BIO_get_retry_reason(BIO *bio); -BIO * BIO_dup_chain(BIO *in); - -int BIO_nread0(BIO *bio, char **buf); -int BIO_nread(BIO *bio, char **buf, int num); -int BIO_nwrite0(BIO *bio, char **buf); -int BIO_nwrite(BIO *bio, char **buf, int num); - -#ifndef WIN16 -long BIO_debug_callback(BIO *bio,int cmd,const char *argp,int argi, - long argl,long ret); -#else -long _far _loadds BIO_debug_callback(BIO *bio,int cmd,const char *argp,int argi, - long argl,long ret); -#endif - -BIO_METHOD *BIO_s_mem(void); -BIO *BIO_new_mem_buf(void *buf, int len); -BIO_METHOD *BIO_s_socket(void); -BIO_METHOD *BIO_s_connect(void); -BIO_METHOD *BIO_s_accept(void); -BIO_METHOD *BIO_s_fd(void); -BIO_METHOD *BIO_s_log(void); -BIO_METHOD *BIO_s_bio(void); -BIO_METHOD *BIO_s_null(void); -BIO_METHOD *BIO_f_null(void); -BIO_METHOD *BIO_f_buffer(void); -#ifdef VMS -BIO_METHOD *BIO_f_linebuffer(void); -#endif -BIO_METHOD *BIO_f_nbio_test(void); -/* BIO_METHOD *BIO_f_ber(void); */ - -int BIO_sock_should_retry(int i); -int BIO_sock_non_fatal_error(int error); -int BIO_fd_should_retry(int i); -int BIO_fd_non_fatal_error(int error); -int BIO_dump(BIO *b,const char *bytes,int len); -int BIO_dump_indent(BIO *b,const char *bytes,int len,int indent); - -struct hostent *BIO_gethostbyname(const char *name); -/* We might want a thread-safe interface too: - * struct hostent *BIO_gethostbyname_r(const char *name, - * struct hostent *result, void *buffer, size_t buflen); - * or something similar (caller allocates a struct hostent, - * pointed to by "result", and additional buffer space for the various - * substructures; if the buffer does not suffice, NULL is returned - * and an appropriate error code is set). - */ -int BIO_sock_error(int sock); -int BIO_socket_ioctl(int fd, long type, unsigned long *arg); -int BIO_socket_nbio(int fd,int mode); -int BIO_get_port(const char *str, unsigned short *port_ptr); -int BIO_get_host_ip(const char *str, unsigned char *ip); -int BIO_get_accept_socket(char *host_port,int mode); -int BIO_accept(int sock,char **ip_port); -int BIO_sock_init(void ); -void BIO_sock_cleanup(void); -int BIO_set_tcp_ndelay(int sock,int turn_on); - -void ERR_load_BIO_strings(void ); - -BIO *BIO_new_socket(int sock, int close_flag); -BIO *BIO_new_fd(int fd, int close_flag); -BIO *BIO_new_connect(char *host_port); -BIO *BIO_new_accept(char *host_port); - -int BIO_new_bio_pair(BIO **bio1, size_t writebuf1, - BIO **bio2, size_t writebuf2); -/* If successful, returns 1 and in *bio1, *bio2 two BIO pair endpoints. - * Otherwise returns 0 and sets *bio1 and *bio2 to NULL. - * Size 0 uses default value. - */ - -void BIO_copy_next_retry(BIO *b); - -long BIO_ghbn_ctrl(int cmd,int iarg,char *parg); - -int BIO_printf(BIO *bio, const char *format, ...); -int BIO_vprintf(BIO *bio, const char *format, va_list args); -int BIO_snprintf(char *buf, size_t n, const char *format, ...); -int BIO_vsnprintf(char *buf, size_t n, const char *format, va_list args); - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ - -/* Error codes for the BIO functions. */ - -/* Function codes. */ -#define BIO_F_ACPT_STATE 100 -#define BIO_F_BIO_ACCEPT 101 -#define BIO_F_BIO_BER_GET_HEADER 102 -#define BIO_F_BIO_CTRL 103 -#define BIO_F_BIO_GETHOSTBYNAME 120 -#define BIO_F_BIO_GETS 104 -#define BIO_F_BIO_GET_ACCEPT_SOCKET 105 -#define BIO_F_BIO_GET_HOST_IP 106 -#define BIO_F_BIO_GET_PORT 107 -#define BIO_F_BIO_MAKE_PAIR 121 -#define BIO_F_BIO_NEW 108 -#define BIO_F_BIO_NEW_FILE 109 -#define BIO_F_BIO_NEW_MEM_BUF 126 -#define BIO_F_BIO_NREAD 123 -#define BIO_F_BIO_NREAD0 124 -#define BIO_F_BIO_NWRITE 125 -#define BIO_F_BIO_NWRITE0 122 -#define BIO_F_BIO_PUTS 110 -#define BIO_F_BIO_READ 111 -#define BIO_F_BIO_SOCK_INIT 112 -#define BIO_F_BIO_WRITE 113 -#define BIO_F_BUFFER_CTRL 114 -#define BIO_F_CONN_CTRL 127 -#define BIO_F_CONN_STATE 115 -#define BIO_F_FILE_CTRL 116 -#define BIO_F_LINEBUFFER_CTRL 129 -#define BIO_F_MEM_READ 128 -#define BIO_F_MEM_WRITE 117 -#define BIO_F_SSL_NEW 118 -#define BIO_F_WSASTARTUP 119 - -/* Reason codes. */ -#define BIO_R_ACCEPT_ERROR 100 -#define BIO_R_BAD_FOPEN_MODE 101 -#define BIO_R_BAD_HOSTNAME_LOOKUP 102 -#define BIO_R_BROKEN_PIPE 124 -#define BIO_R_CONNECT_ERROR 103 -#define BIO_R_EOF_ON_MEMORY_BIO 127 -#define BIO_R_ERROR_SETTING_NBIO 104 -#define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET 105 -#define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET 106 -#define BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET 107 -#define BIO_R_INVALID_ARGUMENT 125 -#define BIO_R_INVALID_IP_ADDRESS 108 -#define BIO_R_IN_USE 123 -#define BIO_R_KEEPALIVE 109 -#define BIO_R_NBIO_CONNECT_ERROR 110 -#define BIO_R_NO_ACCEPT_PORT_SPECIFIED 111 -#define BIO_R_NO_HOSTNAME_SPECIFIED 112 -#define BIO_R_NO_PORT_DEFINED 113 -#define BIO_R_NO_PORT_SPECIFIED 114 -#define BIO_R_NULL_PARAMETER 115 -#define BIO_R_TAG_MISMATCH 116 -#define BIO_R_UNABLE_TO_BIND_SOCKET 117 -#define BIO_R_UNABLE_TO_CREATE_SOCKET 118 -#define BIO_R_UNABLE_TO_LISTEN_SOCKET 119 -#define BIO_R_UNINITIALIZED 120 -#define BIO_R_UNSUPPORTED_METHOD 121 -#define BIO_R_WRITE_TO_READ_ONLY_BIO 126 -#define BIO_R_WSASTARTUP 122 - -#ifdef __cplusplus -} -#endif -#endif - diff --git a/src/lib/libcrypto/bio/bio_cb.c b/src/lib/libcrypto/bio/bio_cb.c deleted file mode 100644 index 37c7c22666..0000000000 --- a/src/lib/libcrypto/bio/bio_cb.c +++ /dev/null @@ -1,133 +0,0 @@ -/* crypto/bio/bio_cb.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include "cryptlib.h" -#include -#include - -long MS_CALLBACK BIO_debug_callback(BIO *bio, int cmd, const char *argp, - int argi, long argl, long ret) - { - BIO *b; - MS_STATIC char buf[256]; - char *p; - long r=1; - - if (BIO_CB_RETURN & cmd) - r=ret; - - sprintf(buf,"BIO[%08lX]:",(unsigned long)bio); - p= &(buf[14]); - switch (cmd) - { - case BIO_CB_FREE: - sprintf(p,"Free - %s\n",bio->method->name); - break; - case BIO_CB_READ: - if (bio->method->type & BIO_TYPE_DESCRIPTOR) - sprintf(p,"read(%d,%d) - %s fd=%d\n",bio->num,argi,bio->method->name,bio->num); - else - sprintf(p,"read(%d,%d) - %s\n",bio->num,argi,bio->method->name); - break; - case BIO_CB_WRITE: - if (bio->method->type & BIO_TYPE_DESCRIPTOR) - sprintf(p,"write(%d,%d) - %s fd=%d\n",bio->num,argi,bio->method->name,bio->num); - else - sprintf(p,"write(%d,%d) - %s\n",bio->num,argi,bio->method->name); - break; - case BIO_CB_PUTS: - sprintf(p,"puts() - %s\n",bio->method->name); - break; - case BIO_CB_GETS: - sprintf(p,"gets(%d) - %s\n",argi,bio->method->name); - break; - case BIO_CB_CTRL: - sprintf(p,"ctrl(%d) - %s\n",argi,bio->method->name); - break; - case BIO_CB_RETURN|BIO_CB_READ: - sprintf(p,"read return %ld\n",ret); - break; - case BIO_CB_RETURN|BIO_CB_WRITE: - sprintf(p,"write return %ld\n",ret); - break; - case BIO_CB_RETURN|BIO_CB_GETS: - sprintf(p,"gets return %ld\n",ret); - break; - case BIO_CB_RETURN|BIO_CB_PUTS: - sprintf(p,"puts return %ld\n",ret); - break; - case BIO_CB_RETURN|BIO_CB_CTRL: - sprintf(p,"ctrl return %ld\n",ret); - break; - default: - sprintf(p,"bio callback - unknown type (%d)\n",cmd); - break; - } - - b=(BIO *)bio->cb_arg; - if (b != NULL) - BIO_write(b,buf,strlen(buf)); -#if !defined(NO_STDIO) && !defined(WIN16) - else - fputs(buf,stderr); -#endif - return(r); - } diff --git a/src/lib/libcrypto/bio/bio_err.c b/src/lib/libcrypto/bio/bio_err.c deleted file mode 100644 index bb815fb1e6..0000000000 --- a/src/lib/libcrypto/bio/bio_err.c +++ /dev/null @@ -1,150 +0,0 @@ -/* crypto/bio/bio_err.c */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* NOTE: this file was auto generated by the mkerr.pl script: any changes - * made to it will be overwritten when the script next updates this file, - * only reason strings will be preserved. - */ - -#include -#include -#include - -/* BEGIN ERROR CODES */ -#ifndef NO_ERR -static ERR_STRING_DATA BIO_str_functs[]= - { -{ERR_PACK(0,BIO_F_ACPT_STATE,0), "ACPT_STATE"}, -{ERR_PACK(0,BIO_F_BIO_ACCEPT,0), "BIO_accept"}, -{ERR_PACK(0,BIO_F_BIO_BER_GET_HEADER,0), "BIO_BER_GET_HEADER"}, -{ERR_PACK(0,BIO_F_BIO_CTRL,0), "BIO_ctrl"}, -{ERR_PACK(0,BIO_F_BIO_GETHOSTBYNAME,0), "BIO_gethostbyname"}, -{ERR_PACK(0,BIO_F_BIO_GETS,0), "BIO_gets"}, -{ERR_PACK(0,BIO_F_BIO_GET_ACCEPT_SOCKET,0), "BIO_get_accept_socket"}, -{ERR_PACK(0,BIO_F_BIO_GET_HOST_IP,0), "BIO_get_host_ip"}, -{ERR_PACK(0,BIO_F_BIO_GET_PORT,0), "BIO_get_port"}, -{ERR_PACK(0,BIO_F_BIO_MAKE_PAIR,0), "BIO_MAKE_PAIR"}, -{ERR_PACK(0,BIO_F_BIO_NEW,0), "BIO_new"}, -{ERR_PACK(0,BIO_F_BIO_NEW_FILE,0), "BIO_new_file"}, -{ERR_PACK(0,BIO_F_BIO_NEW_MEM_BUF,0), "BIO_new_mem_buf"}, -{ERR_PACK(0,BIO_F_BIO_NREAD,0), "BIO_nread"}, -{ERR_PACK(0,BIO_F_BIO_NREAD0,0), "BIO_nread0"}, -{ERR_PACK(0,BIO_F_BIO_NWRITE,0), "BIO_nwrite"}, -{ERR_PACK(0,BIO_F_BIO_NWRITE0,0), "BIO_nwrite0"}, -{ERR_PACK(0,BIO_F_BIO_PUTS,0), "BIO_puts"}, -{ERR_PACK(0,BIO_F_BIO_READ,0), "BIO_read"}, -{ERR_PACK(0,BIO_F_BIO_SOCK_INIT,0), "BIO_sock_init"}, -{ERR_PACK(0,BIO_F_BIO_WRITE,0), "BIO_write"}, -{ERR_PACK(0,BIO_F_BUFFER_CTRL,0), "BUFFER_CTRL"}, -{ERR_PACK(0,BIO_F_CONN_CTRL,0), "CONN_CTRL"}, -{ERR_PACK(0,BIO_F_CONN_STATE,0), "CONN_STATE"}, -{ERR_PACK(0,BIO_F_FILE_CTRL,0), "FILE_CTRL"}, -{ERR_PACK(0,BIO_F_LINEBUFFER_CTRL,0), "LINEBUFFER_CTRL"}, -{ERR_PACK(0,BIO_F_MEM_READ,0), "MEM_READ"}, -{ERR_PACK(0,BIO_F_MEM_WRITE,0), "MEM_WRITE"}, -{ERR_PACK(0,BIO_F_SSL_NEW,0), "SSL_new"}, -{ERR_PACK(0,BIO_F_WSASTARTUP,0), "WSASTARTUP"}, -{0,NULL} - }; - -static ERR_STRING_DATA BIO_str_reasons[]= - { -{BIO_R_ACCEPT_ERROR ,"accept error"}, -{BIO_R_BAD_FOPEN_MODE ,"bad fopen mode"}, -{BIO_R_BAD_HOSTNAME_LOOKUP ,"bad hostname lookup"}, -{BIO_R_BROKEN_PIPE ,"broken pipe"}, -{BIO_R_CONNECT_ERROR ,"connect error"}, -{BIO_R_EOF_ON_MEMORY_BIO ,"EOF on memory BIO"}, -{BIO_R_ERROR_SETTING_NBIO ,"error setting nbio"}, -{BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET,"error setting nbio on accepted socket"}, -{BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET,"error setting nbio on accept socket"}, -{BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET ,"gethostbyname addr is not af inet"}, -{BIO_R_INVALID_ARGUMENT ,"invalid argument"}, -{BIO_R_INVALID_IP_ADDRESS ,"invalid ip address"}, -{BIO_R_IN_USE ,"in use"}, -{BIO_R_KEEPALIVE ,"keepalive"}, -{BIO_R_NBIO_CONNECT_ERROR ,"nbio connect error"}, -{BIO_R_NO_ACCEPT_PORT_SPECIFIED ,"no accept port specified"}, -{BIO_R_NO_HOSTNAME_SPECIFIED ,"no hostname specified"}, -{BIO_R_NO_PORT_DEFINED ,"no port defined"}, -{BIO_R_NO_PORT_SPECIFIED ,"no port specified"}, -{BIO_R_NULL_PARAMETER ,"null parameter"}, -{BIO_R_TAG_MISMATCH ,"tag mismatch"}, -{BIO_R_UNABLE_TO_BIND_SOCKET ,"unable to bind socket"}, -{BIO_R_UNABLE_TO_CREATE_SOCKET ,"unable to create socket"}, -{BIO_R_UNABLE_TO_LISTEN_SOCKET ,"unable to listen socket"}, -{BIO_R_UNINITIALIZED ,"uninitialized"}, -{BIO_R_UNSUPPORTED_METHOD ,"unsupported method"}, -{BIO_R_WRITE_TO_READ_ONLY_BIO ,"write to read only BIO"}, -{BIO_R_WSASTARTUP ,"WSAStartup"}, -{0,NULL} - }; - -#endif - -void ERR_load_BIO_strings(void) - { - static int init=1; - - if (init) - { - init=0; -#ifndef NO_ERR - ERR_load_strings(ERR_LIB_BIO,BIO_str_functs); - ERR_load_strings(ERR_LIB_BIO,BIO_str_reasons); -#endif - - } - } diff --git a/src/lib/libcrypto/bio/bio_lib.c b/src/lib/libcrypto/bio/bio_lib.c deleted file mode 100644 index 381afc9b8e..0000000000 --- a/src/lib/libcrypto/bio/bio_lib.c +++ /dev/null @@ -1,542 +0,0 @@ -/* crypto/bio/bio_lib.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include "cryptlib.h" -#include -#include - -static STACK_OF(CRYPTO_EX_DATA_FUNCS) *bio_meth=NULL; -static int bio_meth_num=0; - -BIO *BIO_new(BIO_METHOD *method) - { - BIO *ret=NULL; - - ret=(BIO *)OPENSSL_malloc(sizeof(BIO)); - if (ret == NULL) - { - BIOerr(BIO_F_BIO_NEW,ERR_R_MALLOC_FAILURE); - return(NULL); - } - if (!BIO_set(ret,method)) - { - OPENSSL_free(ret); - ret=NULL; - } - return(ret); - } - -int BIO_set(BIO *bio, BIO_METHOD *method) - { - bio->method=method; - bio->callback=NULL; - bio->cb_arg=NULL; - bio->init=0; - bio->shutdown=1; - bio->flags=0; - bio->retry_reason=0; - bio->num=0; - bio->ptr=NULL; - bio->prev_bio=NULL; - bio->next_bio=NULL; - bio->references=1; - bio->num_read=0L; - bio->num_write=0L; - CRYPTO_new_ex_data(bio_meth,bio,&bio->ex_data); - if (method->create != NULL) - if (!method->create(bio)) - return(0); - return(1); - } - -int BIO_free(BIO *a) - { - int ret=0,i; - - if (a == NULL) return(0); - - i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_BIO); -#ifdef REF_PRINT - REF_PRINT("BIO",a); -#endif - if (i > 0) return(1); -#ifdef REF_CHECK - if (i < 0) - { - fprintf(stderr,"BIO_free, bad reference count\n"); - abort(); - } -#endif - if ((a->callback != NULL) && - ((i=(int)a->callback(a,BIO_CB_FREE,NULL,0,0L,1L)) <= 0)) - return(i); - - CRYPTO_free_ex_data(bio_meth,a,&a->ex_data); - - if ((a->method == NULL) || (a->method->destroy == NULL)) return(1); - ret=a->method->destroy(a); - OPENSSL_free(a); - return(1); - } - -void BIO_vfree(BIO *a) - { BIO_free(a); } - -int BIO_read(BIO *b, void *out, int outl) - { - int i; - long (*cb)(); - - if ((b == NULL) || (b->method == NULL) || (b->method->bread == NULL)) - { - BIOerr(BIO_F_BIO_READ,BIO_R_UNSUPPORTED_METHOD); - return(-2); - } - - cb=b->callback; - if ((cb != NULL) && - ((i=(int)cb(b,BIO_CB_READ,out,outl,0L,1L)) <= 0)) - return(i); - - if (!b->init) - { - BIOerr(BIO_F_BIO_READ,BIO_R_UNINITIALIZED); - return(-2); - } - - i=b->method->bread(b,out,outl); - - if (i > 0) b->num_read+=(unsigned long)i; - - if (cb != NULL) - i=(int)cb(b,BIO_CB_READ|BIO_CB_RETURN,out,outl, - 0L,(long)i); - return(i); - } - -int BIO_write(BIO *b, const void *in, int inl) - { - int i; - long (*cb)(); - - if (b == NULL) - return(0); - - cb=b->callback; - if ((b->method == NULL) || (b->method->bwrite == NULL)) - { - BIOerr(BIO_F_BIO_WRITE,BIO_R_UNSUPPORTED_METHOD); - return(-2); - } - - if ((cb != NULL) && - ((i=(int)cb(b,BIO_CB_WRITE,in,inl,0L,1L)) <= 0)) - return(i); - - if (!b->init) - { - BIOerr(BIO_F_BIO_WRITE,BIO_R_UNINITIALIZED); - return(-2); - } - - i=b->method->bwrite(b,in,inl); - - if (i > 0) b->num_write+=(unsigned long)i; - - if (cb != NULL) - i=(int)cb(b,BIO_CB_WRITE|BIO_CB_RETURN,in,inl, - 0L,(long)i); - return(i); - } - -int BIO_puts(BIO *b, const char *in) - { - int i; - long (*cb)(); - - if ((b == NULL) || (b->method == NULL) || (b->method->bputs == NULL)) - { - BIOerr(BIO_F_BIO_PUTS,BIO_R_UNSUPPORTED_METHOD); - return(-2); - } - - cb=b->callback; - - if ((cb != NULL) && - ((i=(int)cb(b,BIO_CB_PUTS,in,0,0L,1L)) <= 0)) - return(i); - - if (!b->init) - { - BIOerr(BIO_F_BIO_PUTS,BIO_R_UNINITIALIZED); - return(-2); - } - - i=b->method->bputs(b,in); - - if (i > 0) b->num_write+=(unsigned long)i; - - if (cb != NULL) - i=(int)cb(b,BIO_CB_PUTS|BIO_CB_RETURN,in,0, - 0L,(long)i); - return(i); - } - -int BIO_gets(BIO *b, char *in, int inl) - { - int i; - long (*cb)(); - - if ((b == NULL) || (b->method == NULL) || (b->method->bgets == NULL)) - { - BIOerr(BIO_F_BIO_GETS,BIO_R_UNSUPPORTED_METHOD); - return(-2); - } - - cb=b->callback; - - if ((cb != NULL) && - ((i=(int)cb(b,BIO_CB_GETS,in,inl,0L,1L)) <= 0)) - return(i); - - if (!b->init) - { - BIOerr(BIO_F_BIO_GETS,BIO_R_UNINITIALIZED); - return(-2); - } - - i=b->method->bgets(b,in,inl); - - if (cb != NULL) - i=(int)cb(b,BIO_CB_GETS|BIO_CB_RETURN,in,inl, - 0L,(long)i); - return(i); - } - -long BIO_int_ctrl(BIO *b, int cmd, long larg, int iarg) - { - int i; - - i=iarg; - return(BIO_ctrl(b,cmd,larg,(char *)&i)); - } - -char *BIO_ptr_ctrl(BIO *b, int cmd, long larg) - { - char *p=NULL; - - if (BIO_ctrl(b,cmd,larg,(char *)&p) <= 0) - return(NULL); - else - return(p); - } - -long BIO_ctrl(BIO *b, int cmd, long larg, void *parg) - { - long ret; - long (*cb)(); - - if (b == NULL) return(0); - - if ((b->method == NULL) || (b->method->ctrl == NULL)) - { - BIOerr(BIO_F_BIO_CTRL,BIO_R_UNSUPPORTED_METHOD); - return(-2); - } - - cb=b->callback; - - if ((cb != NULL) && - ((ret=cb(b,BIO_CB_CTRL,parg,cmd,larg,1L)) <= 0)) - return(ret); - - ret=b->method->ctrl(b,cmd,larg,parg); - - if (cb != NULL) - ret=cb(b,BIO_CB_CTRL|BIO_CB_RETURN,parg,cmd, - larg,ret); - return(ret); - } - -long BIO_callback_ctrl(BIO *b, int cmd, void (*fp)(struct bio_st *, int, const char *, int, long, long)) - { - long ret; - long (*cb)(); - - if (b == NULL) return(0); - - if ((b->method == NULL) || (b->method->callback_ctrl == NULL)) - { - BIOerr(BIO_F_BIO_CTRL,BIO_R_UNSUPPORTED_METHOD); - return(-2); - } - - cb=b->callback; - - if ((cb != NULL) && - ((ret=cb(b,BIO_CB_CTRL,(void *)&fp,cmd,0,1L)) <= 0)) - return(ret); - - ret=b->method->callback_ctrl(b,cmd,fp); - - if (cb != NULL) - ret=cb(b,BIO_CB_CTRL|BIO_CB_RETURN,(void *)&fp,cmd, - 0,ret); - return(ret); - } - -/* It is unfortunate to duplicate in functions what the BIO_(w)pending macros - * do; but those macros have inappropriate return type, and for interfacing - * from other programming languages, C macros aren't much of a help anyway. */ -size_t BIO_ctrl_pending(BIO *bio) - { - return BIO_ctrl(bio, BIO_CTRL_PENDING, 0, NULL); - } - -size_t BIO_ctrl_wpending(BIO *bio) - { - return BIO_ctrl(bio, BIO_CTRL_WPENDING, 0, NULL); - } - - -/* put the 'bio' on the end of b's list of operators */ -BIO *BIO_push(BIO *b, BIO *bio) - { - BIO *lb; - - if (b == NULL) return(bio); - lb=b; - while (lb->next_bio != NULL) - lb=lb->next_bio; - lb->next_bio=bio; - if (bio != NULL) - bio->prev_bio=lb; - /* called to do internal processing */ - BIO_ctrl(b,BIO_CTRL_PUSH,0,NULL); - return(b); - } - -/* Remove the first and return the rest */ -BIO *BIO_pop(BIO *b) - { - BIO *ret; - - if (b == NULL) return(NULL); - ret=b->next_bio; - - if (b->prev_bio != NULL) - b->prev_bio->next_bio=b->next_bio; - if (b->next_bio != NULL) - b->next_bio->prev_bio=b->prev_bio; - - b->next_bio=NULL; - b->prev_bio=NULL; - BIO_ctrl(b,BIO_CTRL_POP,0,NULL); - return(ret); - } - -BIO *BIO_get_retry_BIO(BIO *bio, int *reason) - { - BIO *b,*last; - - b=last=bio; - for (;;) - { - if (!BIO_should_retry(b)) break; - last=b; - b=b->next_bio; - if (b == NULL) break; - } - if (reason != NULL) *reason=last->retry_reason; - return(last); - } - -int BIO_get_retry_reason(BIO *bio) - { - return(bio->retry_reason); - } - -BIO *BIO_find_type(BIO *bio, int type) - { - int mt,mask; - - if(!bio) return NULL; - mask=type&0xff; - do { - if (bio->method != NULL) - { - mt=bio->method->type; - - if (!mask) - { - if (mt & type) return(bio); - } - else if (mt == type) - return(bio); - } - bio=bio->next_bio; - } while (bio != NULL); - return(NULL); - } - -BIO *BIO_next(BIO *b) - { - if(!b) return NULL; - return b->next_bio; - } - -void BIO_free_all(BIO *bio) - { - BIO *b; - int ref; - - while (bio != NULL) - { - b=bio; - ref=b->references; - bio=bio->next_bio; - BIO_free(b); - /* Since ref count > 1, don't free anyone else. */ - if (ref > 1) break; - } - } - -BIO *BIO_dup_chain(BIO *in) - { - BIO *ret=NULL,*eoc=NULL,*bio,*new; - - for (bio=in; bio != NULL; bio=bio->next_bio) - { - if ((new=BIO_new(bio->method)) == NULL) goto err; - new->callback=bio->callback; - new->cb_arg=bio->cb_arg; - new->init=bio->init; - new->shutdown=bio->shutdown; - new->flags=bio->flags; - - /* This will let SSL_s_sock() work with stdin/stdout */ - new->num=bio->num; - - if (!BIO_dup_state(bio,(char *)new)) - { - BIO_free(new); - goto err; - } - - /* copy app data */ - if (!CRYPTO_dup_ex_data(bio_meth,&new->ex_data,&bio->ex_data)) - goto err; - - if (ret == NULL) - { - eoc=new; - ret=eoc; - } - else - { - BIO_push(eoc,new); - eoc=new; - } - } - return(ret); -err: - if (ret != NULL) - BIO_free(ret); - return(NULL); - } - -void BIO_copy_next_retry(BIO *b) - { - BIO_set_flags(b,BIO_get_retry_flags(b->next_bio)); - b->retry_reason=b->next_bio->retry_reason; - } - -int BIO_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) - { - bio_meth_num++; - return(CRYPTO_get_ex_new_index(bio_meth_num-1,&bio_meth, - argl,argp,new_func,dup_func,free_func)); - } - -int BIO_set_ex_data(BIO *bio, int idx, void *data) - { - return(CRYPTO_set_ex_data(&(bio->ex_data),idx,data)); - } - -void *BIO_get_ex_data(BIO *bio, int idx) - { - return(CRYPTO_get_ex_data(&(bio->ex_data),idx)); - } - -unsigned long BIO_number_read(BIO *bio) -{ - if(bio) return bio->num_read; - return 0; -} - -unsigned long BIO_number_written(BIO *bio) -{ - if(bio) return bio->num_write; - return 0; -} - -IMPLEMENT_STACK_OF(BIO) diff --git a/src/lib/libcrypto/bio/bss_acpt.c b/src/lib/libcrypto/bio/bss_acpt.c deleted file mode 100644 index 4da5822062..0000000000 --- a/src/lib/libcrypto/bio/bss_acpt.c +++ /dev/null @@ -1,467 +0,0 @@ -/* crypto/bio/bss_acpt.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef NO_SOCK - -#include -#include -#define USE_SOCKETS -#include "cryptlib.h" -#include - -#ifdef WIN16 -#define SOCKET_PROTOCOL 0 /* more microsoft stupidity */ -#else -#define SOCKET_PROTOCOL IPPROTO_TCP -#endif - -#if (defined(VMS) && __VMS_VER < 70000000) -/* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */ -#undef FIONBIO -#endif - -typedef struct bio_accept_st - { - int state; - char *param_addr; - - int accept_sock; - int accept_nbio; - - char *addr; - int nbio; - /* If 0, it means normal, if 1, do a connect on bind failure, - * and if there is no-one listening, bind with SO_REUSEADDR. - * If 2, always use SO_REUSEADDR. */ - int bind_mode; - BIO *bio_chain; - } BIO_ACCEPT; - -static int acpt_write(BIO *h, const char *buf, int num); -static int acpt_read(BIO *h, char *buf, int size); -static int acpt_puts(BIO *h, const char *str); -static long acpt_ctrl(BIO *h, int cmd, long arg1, void *arg2); -static int acpt_new(BIO *h); -static int acpt_free(BIO *data); -static int acpt_state(BIO *b, BIO_ACCEPT *c); -static void acpt_close_socket(BIO *data); -BIO_ACCEPT *BIO_ACCEPT_new(void ); -void BIO_ACCEPT_free(BIO_ACCEPT *a); - -#define ACPT_S_BEFORE 1 -#define ACPT_S_GET_ACCEPT_SOCKET 2 -#define ACPT_S_OK 3 - -static BIO_METHOD methods_acceptp= - { - BIO_TYPE_ACCEPT, - "socket accept", - acpt_write, - acpt_read, - acpt_puts, - NULL, /* connect_gets, */ - acpt_ctrl, - acpt_new, - acpt_free, - NULL, - }; - -BIO_METHOD *BIO_s_accept(void) - { - return(&methods_acceptp); - } - -static int acpt_new(BIO *bi) - { - BIO_ACCEPT *ba; - - bi->init=0; - bi->num=INVALID_SOCKET; - bi->flags=0; - if ((ba=BIO_ACCEPT_new()) == NULL) - return(0); - bi->ptr=(char *)ba; - ba->state=ACPT_S_BEFORE; - bi->shutdown=1; - return(1); - } - -BIO_ACCEPT *BIO_ACCEPT_new(void) - { - BIO_ACCEPT *ret; - - if ((ret=(BIO_ACCEPT *)OPENSSL_malloc(sizeof(BIO_ACCEPT))) == NULL) - return(NULL); - - memset(ret,0,sizeof(BIO_ACCEPT)); - ret->accept_sock=INVALID_SOCKET; - ret->bind_mode=BIO_BIND_NORMAL; - return(ret); - } - -void BIO_ACCEPT_free(BIO_ACCEPT *a) - { - if(a == NULL) - return; - - if (a->param_addr != NULL) OPENSSL_free(a->param_addr); - if (a->addr != NULL) OPENSSL_free(a->addr); - if (a->bio_chain != NULL) BIO_free(a->bio_chain); - OPENSSL_free(a); - } - -static void acpt_close_socket(BIO *bio) - { - BIO_ACCEPT *c; - - c=(BIO_ACCEPT *)bio->ptr; - if (c->accept_sock != INVALID_SOCKET) - { - shutdown(c->accept_sock,2); - closesocket(c->accept_sock); - c->accept_sock=INVALID_SOCKET; - bio->num=INVALID_SOCKET; - } - } - -static int acpt_free(BIO *a) - { - BIO_ACCEPT *data; - - if (a == NULL) return(0); - data=(BIO_ACCEPT *)a->ptr; - - if (a->shutdown) - { - acpt_close_socket(a); - BIO_ACCEPT_free(data); - a->ptr=NULL; - a->flags=0; - a->init=0; - } - return(1); - } - -static int acpt_state(BIO *b, BIO_ACCEPT *c) - { - BIO *bio=NULL,*dbio; - int s= -1; - int i; - -again: - switch (c->state) - { - case ACPT_S_BEFORE: - if (c->param_addr == NULL) - { - BIOerr(BIO_F_ACPT_STATE,BIO_R_NO_ACCEPT_PORT_SPECIFIED); - return(-1); - } - s=BIO_get_accept_socket(c->param_addr,c->bind_mode); - if (s == INVALID_SOCKET) - return(-1); - - if (c->accept_nbio) - { - if (!BIO_socket_nbio(s,1)) - { - closesocket(s); - BIOerr(BIO_F_ACPT_STATE,BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET); - return(-1); - } - } - c->accept_sock=s; - b->num=s; - c->state=ACPT_S_GET_ACCEPT_SOCKET; - return(1); - /* break; */ - case ACPT_S_GET_ACCEPT_SOCKET: - if (b->next_bio != NULL) - { - c->state=ACPT_S_OK; - goto again; - } - i=BIO_accept(c->accept_sock,&(c->addr)); - if (i < 0) return(i); - bio=BIO_new_socket(i,BIO_CLOSE); - if (bio == NULL) goto err; - - BIO_set_callback(bio,BIO_get_callback(b)); - BIO_set_callback_arg(bio,BIO_get_callback_arg(b)); - - if (c->nbio) - { - if (!BIO_socket_nbio(i,1)) - { - BIOerr(BIO_F_ACPT_STATE,BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET); - goto err; - } - } - - /* If the accept BIO has an bio_chain, we dup it and - * put the new socket at the end. */ - if (c->bio_chain != NULL) - { - if ((dbio=BIO_dup_chain(c->bio_chain)) == NULL) - goto err; - if (!BIO_push(dbio,bio)) goto err; - bio=dbio; - } - if (BIO_push(b,bio) == NULL) goto err; - - c->state=ACPT_S_OK; - return(1); -err: - if (bio != NULL) - BIO_free(bio); - else if (s >= 0) - closesocket(s); - return(0); - /* break; */ - case ACPT_S_OK: - if (b->next_bio == NULL) - { - c->state=ACPT_S_GET_ACCEPT_SOCKET; - goto again; - } - return(1); - /* break; */ - default: - return(0); - /* break; */ - } - - } - -static int acpt_read(BIO *b, char *out, int outl) - { - int ret=0; - BIO_ACCEPT *data; - - BIO_clear_retry_flags(b); - data=(BIO_ACCEPT *)b->ptr; - - while (b->next_bio == NULL) - { - ret=acpt_state(b,data); - if (ret <= 0) return(ret); - } - - ret=BIO_read(b->next_bio,out,outl); - BIO_copy_next_retry(b); - return(ret); - } - -static int acpt_write(BIO *b, const char *in, int inl) - { - int ret; - BIO_ACCEPT *data; - - BIO_clear_retry_flags(b); - data=(BIO_ACCEPT *)b->ptr; - - while (b->next_bio == NULL) - { - ret=acpt_state(b,data); - if (ret <= 0) return(ret); - } - - ret=BIO_write(b->next_bio,in,inl); - BIO_copy_next_retry(b); - return(ret); - } - -static long acpt_ctrl(BIO *b, int cmd, long num, void *ptr) - { - BIO *dbio; - int *ip; - long ret=1; - BIO_ACCEPT *data; - char **pp; - - data=(BIO_ACCEPT *)b->ptr; - - switch (cmd) - { - case BIO_CTRL_RESET: - ret=0; - data->state=ACPT_S_BEFORE; - acpt_close_socket(b); - b->flags=0; - break; - case BIO_C_DO_STATE_MACHINE: - /* use this one to start the connection */ - ret=(long)acpt_state(b,data); - break; - case BIO_C_SET_ACCEPT: - if (ptr != NULL) - { - if (num == 0) - { - b->init=1; - if (data->param_addr != NULL) - OPENSSL_free(data->param_addr); - data->param_addr=BUF_strdup(ptr); - } - else if (num == 1) - { - data->accept_nbio=(ptr != NULL); - } - else if (num == 2) - { - if (data->bio_chain != NULL) - BIO_free(data->bio_chain); - data->bio_chain=(BIO *)ptr; - } - } - break; - case BIO_C_SET_NBIO: - data->nbio=(int)num; - break; - case BIO_C_SET_FD: - b->init=1; - b->num= *((int *)ptr); - data->accept_sock=b->num; - data->state=ACPT_S_GET_ACCEPT_SOCKET; - b->shutdown=(int)num; - b->init=1; - break; - case BIO_C_GET_FD: - if (b->init) - { - ip=(int *)ptr; - if (ip != NULL) - *ip=data->accept_sock; - ret=data->accept_sock; - } - else - ret= -1; - break; - case BIO_C_GET_ACCEPT: - if (b->init) - { - if (ptr != NULL) - { - pp=(char **)ptr; - *pp=data->param_addr; - } - else - ret= -1; - } - else - ret= -1; - break; - case BIO_CTRL_GET_CLOSE: - ret=b->shutdown; - break; - case BIO_CTRL_SET_CLOSE: - b->shutdown=(int)num; - break; - case BIO_CTRL_PENDING: - case BIO_CTRL_WPENDING: - ret=0; - break; - case BIO_CTRL_FLUSH: - break; - case BIO_C_SET_BIND_MODE: - data->bind_mode=(int)num; - break; - case BIO_C_GET_BIND_MODE: - ret=(long)data->bind_mode; - break; - case BIO_CTRL_DUP: - dbio=(BIO *)ptr; -/* if (data->param_port) EAY EAY - BIO_set_port(dbio,data->param_port); - if (data->param_hostname) - BIO_set_hostname(dbio,data->param_hostname); - BIO_set_nbio(dbio,data->nbio); */ - break; - - default: - ret=0; - break; - } - return(ret); - } - -static int acpt_puts(BIO *bp, const char *str) - { - int n,ret; - - n=strlen(str); - ret=acpt_write(bp,str,n); - return(ret); - } - -BIO *BIO_new_accept(char *str) - { - BIO *ret; - - ret=BIO_new(BIO_s_accept()); - if (ret == NULL) return(NULL); - if (BIO_set_accept_port(ret,str)) - return(ret); - else - { - BIO_free(ret); - return(NULL); - } - } - -#endif diff --git a/src/lib/libcrypto/bio/bss_bio.c b/src/lib/libcrypto/bio/bss_bio.c deleted file mode 100644 index 78c6ab4fdd..0000000000 --- a/src/lib/libcrypto/bio/bss_bio.c +++ /dev/null @@ -1,857 +0,0 @@ -/* crypto/bio/bss_bio.c -*- Mode: C; c-file-style: "eay" -*- */ - -/* Special method for a BIO where the other endpoint is also a BIO - * of this kind, handled by the same thread (i.e. the "peer" is actually - * ourselves, wearing a different hat). - * Such "BIO pairs" are mainly for using the SSL library with I/O interfaces - * for which no specific BIO method is available. - * See ssl/ssltest.c for some hints on how this can be used. */ - -#ifndef BIO_PAIR_DEBUG -# undef NDEBUG /* avoid conflicting definitions */ -# define NDEBUG -#endif - -#include -#include -#include -#include - -#include -#include -#include -#include - -#include "openssl/e_os.h" -#ifndef SSIZE_MAX -# define SSIZE_MAX INT_MAX -#endif - -static int bio_new(BIO *bio); -static int bio_free(BIO *bio); -static int bio_read(BIO *bio, char *buf, int size); -static int bio_write(BIO *bio, const char *buf, int num); -static long bio_ctrl(BIO *bio, int cmd, long num, void *ptr); -static int bio_puts(BIO *bio, const char *str); - -static int bio_make_pair(BIO *bio1, BIO *bio2); -static void bio_destroy_pair(BIO *bio); - -static BIO_METHOD methods_biop = -{ - BIO_TYPE_BIO, - "BIO pair", - bio_write, - bio_read, - bio_puts, - NULL /* no bio_gets */, - bio_ctrl, - bio_new, - bio_free, - NULL /* no bio_callback_ctrl */ -}; - -BIO_METHOD *BIO_s_bio(void) - { - return &methods_biop; - } - -struct bio_bio_st -{ - BIO *peer; /* NULL if buf == NULL. - * If peer != NULL, then peer->ptr is also a bio_bio_st, - * and its "peer" member points back to us. - * peer != NULL iff init != 0 in the BIO. */ - - /* This is for what we write (i.e. reading uses peer's struct): */ - int closed; /* valid iff peer != NULL */ - size_t len; /* valid iff buf != NULL; 0 if peer == NULL */ - size_t offset; /* valid iff buf != NULL; 0 if len == 0 */ - size_t size; - char *buf; /* "size" elements (if != NULL) */ - - size_t request; /* valid iff peer != NULL; 0 if len != 0, - * otherwise set by peer to number of bytes - * it (unsuccessfully) tried to read, - * never more than buffer space (size-len) warrants. */ -}; - -static int bio_new(BIO *bio) - { - struct bio_bio_st *b; - - b = OPENSSL_malloc(sizeof *b); - if (b == NULL) - return 0; - - b->peer = NULL; - b->size = 17*1024; /* enough for one TLS record (just a default) */ - b->buf = NULL; - - bio->ptr = b; - return 1; - } - - -static int bio_free(BIO *bio) - { - struct bio_bio_st *b; - - if (bio == NULL) - return 0; - b = bio->ptr; - - assert(b != NULL); - - if (b->peer) - bio_destroy_pair(bio); - - if (b->buf != NULL) - { - OPENSSL_free(b->buf); - } - - OPENSSL_free(b); - - return 1; - } - - - -static int bio_read(BIO *bio, char *buf, int size_) - { - size_t size = size_; - size_t rest; - struct bio_bio_st *b, *peer_b; - - BIO_clear_retry_flags(bio); - - if (!bio->init) - return 0; - - b = bio->ptr; - assert(b != NULL); - assert(b->peer != NULL); - peer_b = b->peer->ptr; - assert(peer_b != NULL); - assert(peer_b->buf != NULL); - - peer_b->request = 0; /* will be set in "retry_read" situation */ - - if (buf == NULL || size == 0) - return 0; - - if (peer_b->len == 0) - { - if (peer_b->closed) - return 0; /* writer has closed, and no data is left */ - else - { - BIO_set_retry_read(bio); /* buffer is empty */ - if (size <= peer_b->size) - peer_b->request = size; - else - /* don't ask for more than the peer can - * deliver in one write */ - peer_b->request = peer_b->size; - return -1; - } - } - - /* we can read */ - if (peer_b->len < size) - size = peer_b->len; - - /* now read "size" bytes */ - - rest = size; - - assert(rest > 0); - do /* one or two iterations */ - { - size_t chunk; - - assert(rest <= peer_b->len); - if (peer_b->offset + rest <= peer_b->size) - chunk = rest; - else - /* wrap around ring buffer */ - chunk = peer_b->size - peer_b->offset; - assert(peer_b->offset + chunk <= peer_b->size); - - memcpy(buf, peer_b->buf + peer_b->offset, chunk); - - peer_b->len -= chunk; - if (peer_b->len) - { - peer_b->offset += chunk; - assert(peer_b->offset <= peer_b->size); - if (peer_b->offset == peer_b->size) - peer_b->offset = 0; - buf += chunk; - } - else - { - /* buffer now empty, no need to advance "buf" */ - assert(chunk == rest); - peer_b->offset = 0; - } - rest -= chunk; - } - while (rest); - - return size; - } - -/* non-copying interface: provide pointer to available data in buffer - * bio_nread0: return number of available bytes - * bio_nread: also advance index - * (example usage: bio_nread0(), read from buffer, bio_nread() - * or just bio_nread(), read from buffer) - */ -/* WARNING: The non-copying interface is largely untested as of yet - * and may contain bugs. */ -static ssize_t bio_nread0(BIO *bio, char **buf) - { - struct bio_bio_st *b, *peer_b; - ssize_t num; - - BIO_clear_retry_flags(bio); - - if (!bio->init) - return 0; - - b = bio->ptr; - assert(b != NULL); - assert(b->peer != NULL); - peer_b = b->peer->ptr; - assert(peer_b != NULL); - assert(peer_b->buf != NULL); - - peer_b->request = 0; - - if (peer_b->len == 0) - { - char dummy; - - /* avoid code duplication -- nothing available for reading */ - return bio_read(bio, &dummy, 1); /* returns 0 or -1 */ - } - - num = peer_b->len; - if (peer_b->size < peer_b->offset + num) - /* no ring buffer wrap-around for non-copying interface */ - num = peer_b->size - peer_b->offset; - assert(num > 0); - - if (buf != NULL) - *buf = peer_b->buf + peer_b->offset; - return num; - } - -static ssize_t bio_nread(BIO *bio, char **buf, size_t num_) - { - struct bio_bio_st *b, *peer_b; - ssize_t num, available; - - if (num_ > SSIZE_MAX) - num = SSIZE_MAX; - else - num = (ssize_t)num_; - - available = bio_nread0(bio, buf); - if (num > available) - num = available; - if (num <= 0) - return num; - - b = bio->ptr; - peer_b = b->peer->ptr; - - peer_b->len -= num; - if (peer_b->len) - { - peer_b->offset += num; - assert(peer_b->offset <= peer_b->size); - if (peer_b->offset == peer_b->size) - peer_b->offset = 0; - } - else - peer_b->offset = 0; - - return num; - } - - -static int bio_write(BIO *bio, const char *buf, int num_) - { - size_t num = num_; - size_t rest; - struct bio_bio_st *b; - - BIO_clear_retry_flags(bio); - - if (!bio->init || buf == NULL || num == 0) - return 0; - - b = bio->ptr; - assert(b != NULL); - assert(b->peer != NULL); - assert(b->buf != NULL); - - b->request = 0; - if (b->closed) - { - /* we already closed */ - BIOerr(BIO_F_BIO_WRITE, BIO_R_BROKEN_PIPE); - return -1; - } - - assert(b->len <= b->size); - - if (b->len == b->size) - { - BIO_set_retry_write(bio); /* buffer is full */ - return -1; - } - - /* we can write */ - if (num > b->size - b->len) - num = b->size - b->len; - - /* now write "num" bytes */ - - rest = num; - - assert(rest > 0); - do /* one or two iterations */ - { - size_t write_offset; - size_t chunk; - - assert(b->len + rest <= b->size); - - write_offset = b->offset + b->len; - if (write_offset >= b->size) - write_offset -= b->size; - /* b->buf[write_offset] is the first byte we can write to. */ - - if (write_offset + rest <= b->size) - chunk = rest; - else - /* wrap around ring buffer */ - chunk = b->size - write_offset; - - memcpy(b->buf + write_offset, buf, chunk); - - b->len += chunk; - - assert(b->len <= b->size); - - rest -= chunk; - buf += chunk; - } - while (rest); - - return num; - } - -/* non-copying interface: provide pointer to region to write to - * bio_nwrite0: check how much space is available - * bio_nwrite: also increase length - * (example usage: bio_nwrite0(), write to buffer, bio_nwrite() - * or just bio_nwrite(), write to buffer) - */ -static ssize_t bio_nwrite0(BIO *bio, char **buf) - { - struct bio_bio_st *b; - size_t num; - size_t write_offset; - - BIO_clear_retry_flags(bio); - - if (!bio->init) - return 0; - - b = bio->ptr; - assert(b != NULL); - assert(b->peer != NULL); - assert(b->buf != NULL); - - b->request = 0; - if (b->closed) - { - BIOerr(BIO_F_BIO_NWRITE0, BIO_R_BROKEN_PIPE); - return -1; - } - - assert(b->len <= b->size); - - if (b->len == b->size) - { - BIO_set_retry_write(bio); - return -1; - } - - num = b->size - b->len; - write_offset = b->offset + b->len; - if (write_offset >= b->size) - write_offset -= b->size; - if (write_offset + num > b->size) - /* no ring buffer wrap-around for non-copying interface - * (to fulfil the promise by BIO_ctrl_get_write_guarantee, - * BIO_nwrite may have to be called twice) */ - num = b->size - write_offset; - - if (buf != NULL) - *buf = b->buf + write_offset; - assert(write_offset + num <= b->size); - - return num; - } - -static ssize_t bio_nwrite(BIO *bio, char **buf, size_t num_) - { - struct bio_bio_st *b; - ssize_t num, space; - - if (num_ > SSIZE_MAX) - num = SSIZE_MAX; - else - num = (ssize_t)num_; - - space = bio_nwrite0(bio, buf); - if (num > space) - num = space; - if (num <= 0) - return num; - b = bio->ptr; - assert(b != NULL); - b->len += num; - assert(b->len <= b->size); - - return num; - } - - -static long bio_ctrl(BIO *bio, int cmd, long num, void *ptr) - { - long ret; - struct bio_bio_st *b = bio->ptr; - - assert(b != NULL); - - switch (cmd) - { - /* specific CTRL codes */ - - case BIO_C_SET_WRITE_BUF_SIZE: - if (b->peer) - { - BIOerr(BIO_F_BIO_CTRL, BIO_R_IN_USE); - ret = 0; - } - else if (num == 0) - { - BIOerr(BIO_F_BIO_CTRL, BIO_R_INVALID_ARGUMENT); - ret = 0; - } - else - { - size_t new_size = num; - - if (b->size != new_size) - { - if (b->buf) - { - OPENSSL_free(b->buf); - b->buf = NULL; - } - b->size = new_size; - } - ret = 1; - } - break; - - case BIO_C_GET_WRITE_BUF_SIZE: - num = (long) b->size; - - case BIO_C_MAKE_BIO_PAIR: - { - BIO *other_bio = ptr; - - if (bio_make_pair(bio, other_bio)) - ret = 1; - else - ret = 0; - } - break; - - case BIO_C_DESTROY_BIO_PAIR: - /* Effects both BIOs in the pair -- call just once! - * Or let BIO_free(bio1); BIO_free(bio2); do the job. */ - bio_destroy_pair(bio); - ret = 1; - break; - - case BIO_C_GET_WRITE_GUARANTEE: - /* How many bytes can the caller feed to the next write - * without having to keep any? */ - if (b->peer == NULL || b->closed) - ret = 0; - else - ret = (long) b->size - b->len; - break; - - case BIO_C_GET_READ_REQUEST: - /* If the peer unsuccessfully tried to read, how many bytes - * were requested? (As with BIO_CTRL_PENDING, that number - * can usually be treated as boolean.) */ - ret = (long) b->request; - break; - - case BIO_C_RESET_READ_REQUEST: - /* Reset request. (Can be useful after read attempts - * at the other side that are meant to be non-blocking, - * e.g. when probing SSL_read to see if any data is - * available.) */ - b->request = 0; - ret = 1; - break; - - case BIO_C_SHUTDOWN_WR: - /* similar to shutdown(..., SHUT_WR) */ - b->closed = 1; - ret = 1; - break; - - case BIO_C_NREAD0: - /* prepare for non-copying read */ - ret = (long) bio_nread0(bio, ptr); - break; - - case BIO_C_NREAD: - /* non-copying read */ - ret = (long) bio_nread(bio, ptr, (size_t) num); - break; - - case BIO_C_NWRITE0: - /* prepare for non-copying write */ - ret = (long) bio_nwrite0(bio, ptr); - break; - - case BIO_C_NWRITE: - /* non-copying write */ - ret = (long) bio_nwrite(bio, ptr, (size_t) num); - break; - - - /* standard CTRL codes follow */ - - case BIO_CTRL_RESET: - if (b->buf != NULL) - { - b->len = 0; - b->offset = 0; - } - ret = 0; - break; - - case BIO_CTRL_GET_CLOSE: - ret = bio->shutdown; - break; - - case BIO_CTRL_SET_CLOSE: - bio->shutdown = (int) num; - ret = 1; - break; - - case BIO_CTRL_PENDING: - if (b->peer != NULL) - { - struct bio_bio_st *peer_b = b->peer->ptr; - - ret = (long) peer_b->len; - } - else - ret = 0; - break; - - case BIO_CTRL_WPENDING: - if (b->buf != NULL) - ret = (long) b->len; - else - ret = 0; - break; - - case BIO_CTRL_DUP: - /* See BIO_dup_chain for circumstances we have to expect. */ - { - BIO *other_bio = ptr; - struct bio_bio_st *other_b; - - assert(other_bio != NULL); - other_b = other_bio->ptr; - assert(other_b != NULL); - - assert(other_b->buf == NULL); /* other_bio is always fresh */ - - other_b->size = b->size; - } - - ret = 1; - break; - - case BIO_CTRL_FLUSH: - ret = 1; - break; - - case BIO_CTRL_EOF: - { - BIO *other_bio = ptr; - - if (other_bio) - { - struct bio_bio_st *other_b = other_bio->ptr; - - assert(other_b != NULL); - ret = other_b->len == 0 && other_b->closed; - } - else - ret = 1; - } - break; - - default: - ret = 0; - } - return ret; - } - -static int bio_puts(BIO *bio, const char *str) - { - return bio_write(bio, str, strlen(str)); - } - - -static int bio_make_pair(BIO *bio1, BIO *bio2) - { - struct bio_bio_st *b1, *b2; - - assert(bio1 != NULL); - assert(bio2 != NULL); - - b1 = bio1->ptr; - b2 = bio2->ptr; - - if (b1->peer != NULL || b2->peer != NULL) - { - BIOerr(BIO_F_BIO_MAKE_PAIR, BIO_R_IN_USE); - return 0; - } - - if (b1->buf == NULL) - { - b1->buf = OPENSSL_malloc(b1->size); - if (b1->buf == NULL) - { - BIOerr(BIO_F_BIO_MAKE_PAIR, ERR_R_MALLOC_FAILURE); - return 0; - } - b1->len = 0; - b1->offset = 0; - } - - if (b2->buf == NULL) - { - b2->buf = OPENSSL_malloc(b2->size); - if (b2->buf == NULL) - { - BIOerr(BIO_F_BIO_MAKE_PAIR, ERR_R_MALLOC_FAILURE); - return 0; - } - b2->len = 0; - b2->offset = 0; - } - - b1->peer = bio2; - b1->closed = 0; - b1->request = 0; - b2->peer = bio1; - b2->closed = 0; - b2->request = 0; - - bio1->init = 1; - bio2->init = 1; - - return 1; - } - -static void bio_destroy_pair(BIO *bio) - { - struct bio_bio_st *b = bio->ptr; - - if (b != NULL) - { - BIO *peer_bio = b->peer; - - if (peer_bio != NULL) - { - struct bio_bio_st *peer_b = peer_bio->ptr; - - assert(peer_b != NULL); - assert(peer_b->peer == bio); - - peer_b->peer = NULL; - peer_bio->init = 0; - assert(peer_b->buf != NULL); - peer_b->len = 0; - peer_b->offset = 0; - - b->peer = NULL; - bio->init = 0; - assert(b->buf != NULL); - b->len = 0; - b->offset = 0; - } - } - } - - -/* Exported convenience functions */ -int BIO_new_bio_pair(BIO **bio1_p, size_t writebuf1, - BIO **bio2_p, size_t writebuf2) - { - BIO *bio1 = NULL, *bio2 = NULL; - long r; - int ret = 0; - - bio1 = BIO_new(BIO_s_bio()); - if (bio1 == NULL) - goto err; - bio2 = BIO_new(BIO_s_bio()); - if (bio2 == NULL) - goto err; - - if (writebuf1) - { - r = BIO_set_write_buf_size(bio1, writebuf1); - if (!r) - goto err; - } - if (writebuf2) - { - r = BIO_set_write_buf_size(bio2, writebuf2); - if (!r) - goto err; - } - - r = BIO_make_bio_pair(bio1, bio2); - if (!r) - goto err; - ret = 1; - - err: - if (ret == 0) - { - if (bio1) - { - BIO_free(bio1); - bio1 = NULL; - } - if (bio2) - { - BIO_free(bio2); - bio2 = NULL; - } - } - - *bio1_p = bio1; - *bio2_p = bio2; - return ret; - } - -size_t BIO_ctrl_get_write_guarantee(BIO *bio) - { - return BIO_ctrl(bio, BIO_C_GET_WRITE_GUARANTEE, 0, NULL); - } - -size_t BIO_ctrl_get_read_request(BIO *bio) - { - return BIO_ctrl(bio, BIO_C_GET_READ_REQUEST, 0, NULL); - } - -int BIO_ctrl_reset_read_request(BIO *bio) - { - return (BIO_ctrl(bio, BIO_C_RESET_READ_REQUEST, 0, NULL) != 0); - } - - -/* BIO_nread0/nread/nwrite0/nwrite are available only for BIO pairs for now - * (conceivably some other BIOs could allow non-copying reads and writes too.) - */ -int BIO_nread0(BIO *bio, char **buf) - { - long ret; - - if (!bio->init) - { - BIOerr(BIO_F_BIO_NREAD0, BIO_R_UNINITIALIZED); - return -2; - } - - ret = BIO_ctrl(bio, BIO_C_NREAD0, 0, buf); - if (ret > INT_MAX) - return INT_MAX; - else - return (int) ret; - } - -int BIO_nread(BIO *bio, char **buf, int num) - { - int ret; - - if (!bio->init) - { - BIOerr(BIO_F_BIO_NREAD, BIO_R_UNINITIALIZED); - return -2; - } - - ret = (int) BIO_ctrl(bio, BIO_C_NREAD, num, buf); - if (ret > 0) - bio->num_read += ret; - return ret; - } - -int BIO_nwrite0(BIO *bio, char **buf) - { - long ret; - - if (!bio->init) - { - BIOerr(BIO_F_BIO_NWRITE0, BIO_R_UNINITIALIZED); - return -2; - } - - ret = BIO_ctrl(bio, BIO_C_NWRITE0, 0, buf); - if (ret > INT_MAX) - return INT_MAX; - else - return (int) ret; - } - -int BIO_nwrite(BIO *bio, char **buf, int num) - { - int ret; - - if (!bio->init) - { - BIOerr(BIO_F_BIO_NWRITE, BIO_R_UNINITIALIZED); - return -2; - } - - ret = BIO_ctrl(bio, BIO_C_NWRITE, num, buf); - if (ret > 0) - bio->num_read += ret; - return ret; - } diff --git a/src/lib/libcrypto/bio/bss_conn.c b/src/lib/libcrypto/bio/bss_conn.c deleted file mode 100644 index a6b77a2cb9..0000000000 --- a/src/lib/libcrypto/bio/bss_conn.c +++ /dev/null @@ -1,651 +0,0 @@ -/* crypto/bio/bss_conn.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef NO_SOCK - -#include -#include -#define USE_SOCKETS -#include "cryptlib.h" -#include - -#ifdef WIN16 -#define SOCKET_PROTOCOL 0 /* more microsoft stupidity */ -#else -#define SOCKET_PROTOCOL IPPROTO_TCP -#endif - -#if (defined(VMS) && __VMS_VER < 70000000) -/* FIONBIO used as a switch to enable ioctl, and that isn't in VMS < 7.0 */ -#undef FIONBIO -#endif - - -typedef struct bio_connect_st - { - int state; - - char *param_hostname; - char *param_port; - int nbio; - - unsigned char ip[4]; - unsigned short port; - - struct sockaddr_in them; - - /* int socket; this will be kept in bio->num so that it is - * compatible with the bss_sock bio */ - - /* called when the connection is initially made - * callback(BIO,state,ret); The callback should return - * 'ret'. state is for compatibility with the ssl info_callback */ - int (*info_callback)(); - } BIO_CONNECT; - -static int conn_write(BIO *h, const char *buf, int num); -static int conn_read(BIO *h, char *buf, int size); -static int conn_puts(BIO *h, const char *str); -static long conn_ctrl(BIO *h, int cmd, long arg1, void *arg2); -static int conn_new(BIO *h); -static int conn_free(BIO *data); -static long conn_callback_ctrl(BIO *h, int cmd, bio_info_cb *); - -static int conn_state(BIO *b, BIO_CONNECT *c); -static void conn_close_socket(BIO *data); -BIO_CONNECT *BIO_CONNECT_new(void ); -void BIO_CONNECT_free(BIO_CONNECT *a); - -static BIO_METHOD methods_connectp= - { - BIO_TYPE_CONNECT, - "socket connect", - conn_write, - conn_read, - conn_puts, - NULL, /* connect_gets, */ - conn_ctrl, - conn_new, - conn_free, - conn_callback_ctrl, - }; - -static int conn_state(BIO *b, BIO_CONNECT *c) - { - int ret= -1,i; - unsigned long l; - char *p,*q; - int (*cb)()=NULL; - - if (c->info_callback != NULL) - cb=c->info_callback; - - for (;;) - { - switch (c->state) - { - case BIO_CONN_S_BEFORE: - p=c->param_hostname; - if (p == NULL) - { - BIOerr(BIO_F_CONN_STATE,BIO_R_NO_HOSTNAME_SPECIFIED); - goto exit_loop; - } - for ( ; *p != '\0'; p++) - { - if ((*p == ':') || (*p == '/')) break; - } - - i= *p; - if ((i == ':') || (i == '/')) - { - - *(p++)='\0'; - if (i == ':') - { - for (q=p; *q; q++) - if (*q == '/') - { - *q='\0'; - break; - } - if (c->param_port != NULL) - OPENSSL_free(c->param_port); - c->param_port=BUF_strdup(p); - } - } - - if (c->param_port == NULL) - { - BIOerr(BIO_F_CONN_STATE,BIO_R_NO_PORT_SPECIFIED); - ERR_add_error_data(2,"host=",c->param_hostname); - goto exit_loop; - } - c->state=BIO_CONN_S_GET_IP; - break; - - case BIO_CONN_S_GET_IP: - if (BIO_get_host_ip(c->param_hostname,&(c->ip[0])) <= 0) - goto exit_loop; - c->state=BIO_CONN_S_GET_PORT; - break; - - case BIO_CONN_S_GET_PORT: - if (c->param_port == NULL) - { - /* abort(); */ - goto exit_loop; - } - else if (BIO_get_port(c->param_port,&c->port) <= 0) - goto exit_loop; - c->state=BIO_CONN_S_CREATE_SOCKET; - break; - - case BIO_CONN_S_CREATE_SOCKET: - /* now setup address */ - memset((char *)&c->them,0,sizeof(c->them)); - c->them.sin_family=AF_INET; - c->them.sin_port=htons((unsigned short)c->port); - l=(unsigned long) - ((unsigned long)c->ip[0]<<24L)| - ((unsigned long)c->ip[1]<<16L)| - ((unsigned long)c->ip[2]<< 8L)| - ((unsigned long)c->ip[3]); - c->them.sin_addr.s_addr=htonl(l); - c->state=BIO_CONN_S_CREATE_SOCKET; - - ret=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL); - if (ret == INVALID_SOCKET) - { - SYSerr(SYS_F_SOCKET,get_last_socket_error()); - ERR_add_error_data(4,"host=",c->param_hostname, - ":",c->param_port); - BIOerr(BIO_F_CONN_STATE,BIO_R_UNABLE_TO_CREATE_SOCKET); - goto exit_loop; - } - b->num=ret; - c->state=BIO_CONN_S_NBIO; - break; - - case BIO_CONN_S_NBIO: - if (c->nbio) - { - if (!BIO_socket_nbio(b->num,1)) - { - BIOerr(BIO_F_CONN_STATE,BIO_R_ERROR_SETTING_NBIO); - ERR_add_error_data(4,"host=", - c->param_hostname, - ":",c->param_port); - goto exit_loop; - } - } - c->state=BIO_CONN_S_CONNECT; - -#if defined(SO_KEEPALIVE) && !defined(MPE) - i=1; - i=setsockopt(b->num,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i)); - if (i < 0) - { - SYSerr(SYS_F_SOCKET,get_last_socket_error()); - ERR_add_error_data(4,"host=",c->param_hostname, - ":",c->param_port); - BIOerr(BIO_F_CONN_STATE,BIO_R_KEEPALIVE); - goto exit_loop; - } -#endif - break; - - case BIO_CONN_S_CONNECT: - BIO_clear_retry_flags(b); - ret=connect(b->num, - (struct sockaddr *)&c->them, - sizeof(c->them)); - b->retry_reason=0; - if (ret < 0) - { - if (BIO_sock_should_retry(ret)) - { - BIO_set_retry_special(b); - c->state=BIO_CONN_S_BLOCKED_CONNECT; - b->retry_reason=BIO_RR_CONNECT; - } - else - { - SYSerr(SYS_F_CONNECT,get_last_socket_error()); - ERR_add_error_data(4,"host=", - c->param_hostname, - ":",c->param_port); - BIOerr(BIO_F_CONN_STATE,BIO_R_CONNECT_ERROR); - } - goto exit_loop; - } - else - c->state=BIO_CONN_S_OK; - break; - - case BIO_CONN_S_BLOCKED_CONNECT: - i=BIO_sock_error(b->num); - if (i) - { - BIO_clear_retry_flags(b); - SYSerr(SYS_F_CONNECT,i); - ERR_add_error_data(4,"host=", - c->param_hostname, - ":",c->param_port); - BIOerr(BIO_F_CONN_STATE,BIO_R_NBIO_CONNECT_ERROR); - ret=0; - goto exit_loop; - } - else - c->state=BIO_CONN_S_OK; - break; - - case BIO_CONN_S_OK: - ret=1; - goto exit_loop; - default: - /* abort(); */ - goto exit_loop; - } - - if (cb != NULL) - { - if (!(ret=cb((BIO *)b,c->state,ret))) - goto end; - } - } - - /* Loop does not exit */ -exit_loop: - if (cb != NULL) - ret=cb((BIO *)b,c->state,ret); -end: - return(ret); - } - -BIO_CONNECT *BIO_CONNECT_new(void) - { - BIO_CONNECT *ret; - - if ((ret=(BIO_CONNECT *)OPENSSL_malloc(sizeof(BIO_CONNECT))) == NULL) - return(NULL); - ret->state=BIO_CONN_S_BEFORE; - ret->param_hostname=NULL; - ret->param_port=NULL; - ret->info_callback=NULL; - ret->nbio=0; - ret->ip[0]=0; - ret->ip[1]=0; - ret->ip[2]=0; - ret->ip[3]=0; - ret->port=0; - memset((char *)&ret->them,0,sizeof(ret->them)); - return(ret); - } - -void BIO_CONNECT_free(BIO_CONNECT *a) - { - if(a == NULL) - return; - - if (a->param_hostname != NULL) - OPENSSL_free(a->param_hostname); - if (a->param_port != NULL) - OPENSSL_free(a->param_port); - OPENSSL_free(a); - } - -BIO_METHOD *BIO_s_connect(void) - { - return(&methods_connectp); - } - -static int conn_new(BIO *bi) - { - bi->init=0; - bi->num=INVALID_SOCKET; - bi->flags=0; - if ((bi->ptr=(char *)BIO_CONNECT_new()) == NULL) - return(0); - else - return(1); - } - -static void conn_close_socket(BIO *bio) - { - BIO_CONNECT *c; - - c=(BIO_CONNECT *)bio->ptr; - if (bio->num != INVALID_SOCKET) - { - /* Only do a shutdown if things were established */ - if (c->state == BIO_CONN_S_OK) - shutdown(bio->num,2); - closesocket(bio->num); - bio->num=INVALID_SOCKET; - } - } - -static int conn_free(BIO *a) - { - BIO_CONNECT *data; - - if (a == NULL) return(0); - data=(BIO_CONNECT *)a->ptr; - - if (a->shutdown) - { - conn_close_socket(a); - BIO_CONNECT_free(data); - a->ptr=NULL; - a->flags=0; - a->init=0; - } - return(1); - } - -static int conn_read(BIO *b, char *out, int outl) - { - int ret=0; - BIO_CONNECT *data; - - data=(BIO_CONNECT *)b->ptr; - if (data->state != BIO_CONN_S_OK) - { - ret=conn_state(b,data); - if (ret <= 0) - return(ret); - } - - if (out != NULL) - { - clear_socket_error(); - ret=readsocket(b->num,out,outl); - BIO_clear_retry_flags(b); - if (ret <= 0) - { - if (BIO_sock_should_retry(ret)) - BIO_set_retry_read(b); - } - } - return(ret); - } - -static int conn_write(BIO *b, const char *in, int inl) - { - int ret; - BIO_CONNECT *data; - - data=(BIO_CONNECT *)b->ptr; - if (data->state != BIO_CONN_S_OK) - { - ret=conn_state(b,data); - if (ret <= 0) return(ret); - } - - clear_socket_error(); - ret=writesocket(b->num,in,inl); - BIO_clear_retry_flags(b); - if (ret <= 0) - { - if (BIO_sock_should_retry(ret)) - BIO_set_retry_write(b); - } - return(ret); - } - -static long conn_ctrl(BIO *b, int cmd, long num, void *ptr) - { - BIO *dbio; - int *ip; - const char **pptr; - long ret=1; - BIO_CONNECT *data; - - data=(BIO_CONNECT *)b->ptr; - - switch (cmd) - { - case BIO_CTRL_RESET: - ret=0; - data->state=BIO_CONN_S_BEFORE; - conn_close_socket(b); - b->flags=0; - break; - case BIO_C_DO_STATE_MACHINE: - /* use this one to start the connection */ - if (!data->state != BIO_CONN_S_OK) - ret=(long)conn_state(b,data); - else - ret=1; - break; - case BIO_C_GET_CONNECT: - if (ptr != NULL) - { - pptr=(const char **)ptr; - if (num == 0) - { - *pptr=data->param_hostname; - - } - else if (num == 1) - { - *pptr=data->param_port; - } - else if (num == 2) - { - *pptr= (char *)&(data->ip[0]); - } - else if (num == 3) - { - *((int *)ptr)=data->port; - } - if ((!b->init) || (ptr == NULL)) - *pptr="not initialized"; - ret=1; - } - break; - case BIO_C_SET_CONNECT: - if (ptr != NULL) - { - b->init=1; - if (num == 0) - { - if (data->param_hostname != NULL) - OPENSSL_free(data->param_hostname); - data->param_hostname=BUF_strdup(ptr); - } - else if (num == 1) - { - if (data->param_port != NULL) - OPENSSL_free(data->param_port); - data->param_port=BUF_strdup(ptr); - } - else if (num == 2) - { - char buf[16]; - char *p = ptr; - - sprintf(buf,"%d.%d.%d.%d", - p[0],p[1],p[2],p[3]); - if (data->param_hostname != NULL) - OPENSSL_free(data->param_hostname); - data->param_hostname=BUF_strdup(buf); - memcpy(&(data->ip[0]),ptr,4); - } - else if (num == 3) - { - char buf[16]; - - sprintf(buf,"%d",*(int *)ptr); - if (data->param_port != NULL) - OPENSSL_free(data->param_port); - data->param_port=BUF_strdup(buf); - data->port= *(int *)ptr; - } - } - break; - case BIO_C_SET_NBIO: - data->nbio=(int)num; - break; - case BIO_C_GET_FD: - if (b->init) - { - ip=(int *)ptr; - if (ip != NULL) - *ip=b->num; - ret=b->num; - } - else - ret= -1; - break; - case BIO_CTRL_GET_CLOSE: - ret=b->shutdown; - break; - case BIO_CTRL_SET_CLOSE: - b->shutdown=(int)num; - break; - case BIO_CTRL_PENDING: - case BIO_CTRL_WPENDING: - ret=0; - break; - case BIO_CTRL_FLUSH: - break; - case BIO_CTRL_DUP: - { - dbio=(BIO *)ptr; - if (data->param_port) - BIO_set_conn_port(dbio,data->param_port); - if (data->param_hostname) - BIO_set_conn_hostname(dbio,data->param_hostname); - BIO_set_nbio(dbio,data->nbio); - (void)BIO_set_info_callback(dbio,data->info_callback); - } - break; - case BIO_CTRL_SET_CALLBACK: - { -#if 0 /* FIXME: Should this be used? -- Richard Levitte */ - BIOerr(BIO_F_CONN_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); - ret = -1; -#else - ret=0; -#endif - } - break; - case BIO_CTRL_GET_CALLBACK: - { - int (**fptr)(); - - fptr=(int (**)())ptr; - *fptr=data->info_callback; - } - break; - default: - ret=0; - break; - } - return(ret); - } - -static long conn_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp) - { - long ret=1; - BIO_CONNECT *data; - - data=(BIO_CONNECT *)b->ptr; - - switch (cmd) - { - case BIO_CTRL_SET_CALLBACK: - { - data->info_callback=(int (*)())fp; - } - break; - default: - ret=0; - break; - } - return(ret); - } - -static int conn_puts(BIO *bp, const char *str) - { - int n,ret; - - n=strlen(str); - ret=conn_write(bp,str,n); - return(ret); - } - -BIO *BIO_new_connect(char *str) - { - BIO *ret; - - ret=BIO_new(BIO_s_connect()); - if (ret == NULL) return(NULL); - if (BIO_set_conn_hostname(ret,str)) - return(ret); - else - { - BIO_free(ret); - return(NULL); - } - } - -#endif - diff --git a/src/lib/libcrypto/bio/bss_fd.c b/src/lib/libcrypto/bio/bss_fd.c deleted file mode 100644 index 686c4909a2..0000000000 --- a/src/lib/libcrypto/bio/bss_fd.c +++ /dev/null @@ -1,62 +0,0 @@ -/* crypto/bio/bss_fd.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#define BIO_FD -#include "bss_sock.c" -#undef BIO_FD - diff --git a/src/lib/libcrypto/bio/bss_file.c b/src/lib/libcrypto/bio/bss_file.c deleted file mode 100644 index 1f770b390f..0000000000 --- a/src/lib/libcrypto/bio/bss_file.c +++ /dev/null @@ -1,310 +0,0 @@ -/* crypto/bio/bss_file.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -/* - * 03-Dec-1997 rdenny@dc3.com Fix bug preventing use of stdin/stdout - * with binary data (e.g. asn1parse -inform DER < xxx) under - * Windows - */ - -#ifndef HEADER_BSS_FILE_C -#define HEADER_BSS_FILE_C - -#include -#include -#include "cryptlib.h" -#include -#include - -#if !defined(NO_STDIO) - -static int MS_CALLBACK file_write(BIO *h, const char *buf, int num); -static int MS_CALLBACK file_read(BIO *h, char *buf, int size); -static int MS_CALLBACK file_puts(BIO *h, const char *str); -static int MS_CALLBACK file_gets(BIO *h, char *str, int size); -static long MS_CALLBACK file_ctrl(BIO *h, int cmd, long arg1, void *arg2); -static int MS_CALLBACK file_new(BIO *h); -static int MS_CALLBACK file_free(BIO *data); -static BIO_METHOD methods_filep= - { - BIO_TYPE_FILE, - "FILE pointer", - file_write, - file_read, - file_puts, - file_gets, - file_ctrl, - file_new, - file_free, - NULL, - }; - -BIO *BIO_new_file(const char *filename, const char *mode) - { - BIO *ret; - FILE *file; - - if ((file=fopen(filename,mode)) == NULL) - { - SYSerr(SYS_F_FOPEN,get_last_sys_error()); - ERR_add_error_data(5,"fopen('",filename,"','",mode,"')"); - BIOerr(BIO_F_BIO_NEW_FILE,ERR_R_SYS_LIB); - return(NULL); - } - if ((ret=BIO_new(BIO_s_file_internal())) == NULL) - return(NULL); - - BIO_set_fp(ret,file,BIO_CLOSE); - return(ret); - } - -BIO *BIO_new_fp(FILE *stream, int close_flag) - { - BIO *ret; - - if ((ret=BIO_new(BIO_s_file())) == NULL) - return(NULL); - - BIO_set_fp(ret,stream,close_flag); - return(ret); - } - -BIO_METHOD *BIO_s_file(void) - { - return(&methods_filep); - } - -static int MS_CALLBACK file_new(BIO *bi) - { - bi->init=0; - bi->num=0; - bi->ptr=NULL; - return(1); - } - -static int MS_CALLBACK file_free(BIO *a) - { - if (a == NULL) return(0); - if (a->shutdown) - { - if ((a->init) && (a->ptr != NULL)) - { - fclose((FILE *)a->ptr); - a->ptr=NULL; - } - a->init=0; - } - return(1); - } - -static int MS_CALLBACK file_read(BIO *b, char *out, int outl) - { - int ret=0; - - if (b->init && (out != NULL)) - { - ret=fread(out,1,(int)outl,(FILE *)b->ptr); - } - return(ret); - } - -static int MS_CALLBACK file_write(BIO *b, const char *in, int inl) - { - int ret=0; - - if (b->init && (in != NULL)) - { - if (fwrite(in,(int)inl,1,(FILE *)b->ptr)) - ret=inl; - /* ret=fwrite(in,1,(int)inl,(FILE *)b->ptr); */ - /* according to Tim Hudson , the commented - * out version above can cause 'inl' write calls under - * some stupid stdio implementations (VMS) */ - } - return(ret); - } - -static long MS_CALLBACK file_ctrl(BIO *b, int cmd, long num, void *ptr) - { - long ret=1; - FILE *fp=(FILE *)b->ptr; - FILE **fpp; - char p[4]; - - switch (cmd) - { - case BIO_C_FILE_SEEK: - case BIO_CTRL_RESET: - ret=(long)fseek(fp,num,0); - break; - case BIO_CTRL_EOF: - ret=(long)feof(fp); - break; - case BIO_C_FILE_TELL: - case BIO_CTRL_INFO: - ret=ftell(fp); - break; - case BIO_C_SET_FILE_PTR: - file_free(b); - b->shutdown=(int)num&BIO_CLOSE; - b->ptr=(char *)ptr; - b->init=1; -#if defined(MSDOS) || defined(WINDOWS) - /* Set correct text/binary mode */ - if (num & BIO_FP_TEXT) - _setmode(fileno((FILE *)ptr),_O_TEXT); - else - _setmode(fileno((FILE *)ptr),_O_BINARY); -#endif - break; - case BIO_C_SET_FILENAME: - file_free(b); - b->shutdown=(int)num&BIO_CLOSE; - if (num & BIO_FP_APPEND) - { - if (num & BIO_FP_READ) - strcpy(p,"a+"); - else strcpy(p,"a"); - } - else if ((num & BIO_FP_READ) && (num & BIO_FP_WRITE)) - strcpy(p,"r+"); - else if (num & BIO_FP_WRITE) - strcpy(p,"w"); - else if (num & BIO_FP_READ) - strcpy(p,"r"); - else - { - BIOerr(BIO_F_FILE_CTRL,BIO_R_BAD_FOPEN_MODE); - ret=0; - break; - } -#if defined(MSDOS) || defined(WINDOWS) - if (!(num & BIO_FP_TEXT)) - strcat(p,"b"); - else - strcat(p,"t"); -#endif - fp=fopen(ptr,p); - if (fp == NULL) - { - SYSerr(SYS_F_FOPEN,get_last_sys_error()); - ERR_add_error_data(5,"fopen('",ptr,"','",p,"')"); - BIOerr(BIO_F_FILE_CTRL,ERR_R_SYS_LIB); - ret=0; - break; - } - b->ptr=(char *)fp; - b->init=1; - break; - case BIO_C_GET_FILE_PTR: - /* the ptr parameter is actually a FILE ** in this case. */ - if (ptr != NULL) - { - fpp=(FILE **)ptr; - *fpp=(FILE *)b->ptr; - } - break; - case BIO_CTRL_GET_CLOSE: - ret=(long)b->shutdown; - break; - case BIO_CTRL_SET_CLOSE: - b->shutdown=(int)num; - break; - case BIO_CTRL_FLUSH: - fflush((FILE *)b->ptr); - break; - case BIO_CTRL_DUP: - ret=1; - break; - - case BIO_CTRL_WPENDING: - case BIO_CTRL_PENDING: - case BIO_CTRL_PUSH: - case BIO_CTRL_POP: - default: - ret=0; - break; - } - return(ret); - } - -static int MS_CALLBACK file_gets(BIO *bp, char *buf, int size) - { - int ret=0; - - buf[0]='\0'; - fgets(buf,size,(FILE *)bp->ptr); - if (buf[0] != '\0') - ret=strlen(buf); - return(ret); - } - -static int MS_CALLBACK file_puts(BIO *bp, const char *str) - { - int n,ret; - - n=strlen(str); - ret=file_write(bp,str,n); - return(ret); - } - -#endif /* NO_STDIO */ - -#endif /* HEADER_BSS_FILE_C */ - - diff --git a/src/lib/libcrypto/bio/bss_log.c b/src/lib/libcrypto/bio/bss_log.c deleted file mode 100644 index 1edf16a76f..0000000000 --- a/src/lib/libcrypto/bio/bss_log.c +++ /dev/null @@ -1,394 +0,0 @@ -/* crypto/bio/bss_log.c */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* - Why BIO_s_log? - - BIO_s_log is useful for system daemons (or services under NT). - It is one-way BIO, it sends all stuff to syslogd (on system that - commonly use that), or event log (on NT), or OPCOM (on OpenVMS). - -*/ - - -#include -#include - -#if defined(WIN32) -# include -#elif defined(VMS) || defined(__VMS) -# include -# include -# include -# include -#elif defined(__ultrix) -# include -#elif !defined(MSDOS) /* Unix */ -# include -#endif - -#include "cryptlib.h" -#include -#include - -#ifndef NO_SYSLOG - -#if defined(WIN32) -#define LOG_EMERG 0 -#define LOG_ALERT 1 -#define LOG_CRIT 2 -#define LOG_ERR 3 -#define LOG_WARNING 4 -#define LOG_NOTICE 5 -#define LOG_INFO 6 -#define LOG_DEBUG 7 - -#define LOG_DAEMON (3<<3) -#elif defined(VMS) -/* On VMS, we don't really care about these, but we need them to compile */ -#define LOG_EMERG 0 -#define LOG_ALERT 1 -#define LOG_CRIT 2 -#define LOG_ERR 3 -#define LOG_WARNING 4 -#define LOG_NOTICE 5 -#define LOG_INFO 6 -#define LOG_DEBUG 7 - -#define LOG_DAEMON OPC$M_NM_NTWORK -#endif - -static int MS_CALLBACK slg_write(BIO *h, const char *buf, int num); -static int MS_CALLBACK slg_puts(BIO *h, const char *str); -static long MS_CALLBACK slg_ctrl(BIO *h, int cmd, long arg1, void *arg2); -static int MS_CALLBACK slg_new(BIO *h); -static int MS_CALLBACK slg_free(BIO *data); -static void xopenlog(BIO* bp, char* name, int level); -static void xsyslog(BIO* bp, int priority, const char* string); -static void xcloselog(BIO* bp); -#ifdef WIN32 -LONG (WINAPI *go_for_advapi)() = RegOpenKeyEx; -HANDLE (WINAPI *register_event_source)() = NULL; -BOOL (WINAPI *deregister_event_source)() = NULL; -BOOL (WINAPI *report_event)() = NULL; -#define DL_PROC(m,f) (GetProcAddress( m, f )) -#ifdef UNICODE -#define DL_PROC_X(m,f) DL_PROC( m, f "W" ) -#else -#define DL_PROC_X(m,f) DL_PROC( m, f "A" ) -#endif -#endif - -static BIO_METHOD methods_slg= - { - BIO_TYPE_MEM,"syslog", - slg_write, - NULL, - slg_puts, - NULL, - slg_ctrl, - slg_new, - slg_free, - NULL, - }; - -BIO_METHOD *BIO_s_log(void) - { - return(&methods_slg); - } - -static int MS_CALLBACK slg_new(BIO *bi) - { - bi->init=1; - bi->num=0; - bi->ptr=NULL; - xopenlog(bi, "application", LOG_DAEMON); - return(1); - } - -static int MS_CALLBACK slg_free(BIO *a) - { - if (a == NULL) return(0); - xcloselog(a); - return(1); - } - -static int MS_CALLBACK slg_write(BIO *b, const char *in, int inl) - { - int ret= inl; - char* buf; - char* pp; - int priority, i; - static struct - { - int strl; - char str[10]; - int log_level; - } - mapping[] = - { - { 6, "PANIC ", LOG_EMERG }, - { 6, "EMERG ", LOG_EMERG }, - { 4, "EMR ", LOG_EMERG }, - { 6, "ALERT ", LOG_ALERT }, - { 4, "ALR ", LOG_ALERT }, - { 5, "CRIT ", LOG_CRIT }, - { 4, "CRI ", LOG_CRIT }, - { 6, "ERROR ", LOG_ERR }, - { 4, "ERR ", LOG_ERR }, - { 8, "WARNING ", LOG_WARNING }, - { 5, "WARN ", LOG_WARNING }, - { 4, "WAR ", LOG_WARNING }, - { 7, "NOTICE ", LOG_NOTICE }, - { 5, "NOTE ", LOG_NOTICE }, - { 4, "NOT ", LOG_NOTICE }, - { 5, "INFO ", LOG_INFO }, - { 4, "INF ", LOG_INFO }, - { 6, "DEBUG ", LOG_DEBUG }, - { 4, "DBG ", LOG_DEBUG }, - { 0, "", LOG_ERR } /* The default */ - }; - - if((buf= (char *)OPENSSL_malloc(inl+ 1)) == NULL){ - return(0); - } - strncpy(buf, in, inl); - buf[inl]= '\0'; - - i = 0; - while(strncmp(buf, mapping[i].str, mapping[i].strl) != 0) i++; - priority = mapping[i].log_level; - pp = buf + mapping[i].strl; - - xsyslog(b, priority, pp); - - OPENSSL_free(buf); - return(ret); - } - -static long MS_CALLBACK slg_ctrl(BIO *b, int cmd, long num, void *ptr) - { - switch (cmd) - { - case BIO_CTRL_SET: - xcloselog(b); - xopenlog(b, ptr, num); - break; - default: - break; - } - return(0); - } - -static int MS_CALLBACK slg_puts(BIO *bp, const char *str) - { - int n,ret; - - n=strlen(str); - ret=slg_write(bp,str,n); - return(ret); - } - -#if defined(WIN32) - -static void xopenlog(BIO* bp, char* name, int level) -{ - if ( !register_event_source ) - { - HANDLE advapi; - if ( !(advapi = GetModuleHandle("advapi32")) ) - return; - register_event_source = (HANDLE (WINAPI *)())DL_PROC_X(advapi, - "RegisterEventSource" ); - deregister_event_source = (BOOL (WINAPI *)())DL_PROC(advapi, - "DeregisterEventSource"); - report_event = (BOOL (WINAPI *)())DL_PROC_X(advapi, - "ReportEvent" ); - if ( !(register_event_source && deregister_event_source && - report_event) ) - { - register_event_source = NULL; - deregister_event_source = NULL; - report_event = NULL; - return; - } - } - bp->ptr= (char *)register_event_source(NULL, name); -} - -static void xsyslog(BIO *bp, int priority, const char *string) -{ - LPCSTR lpszStrings[2]; - WORD evtype= EVENTLOG_ERROR_TYPE; - int pid = _getpid(); - char pidbuf[20]; - - switch (priority) - { - case LOG_EMERG: - case LOG_ALERT: - case LOG_CRIT: - case LOG_ERR: - evtype = EVENTLOG_ERROR_TYPE; - break; - case LOG_WARNING: - evtype = EVENTLOG_WARNING_TYPE; - break; - case LOG_NOTICE: - case LOG_INFO: - case LOG_DEBUG: - evtype = EVENTLOG_INFORMATION_TYPE; - break; - default: /* Should never happen, but set it - as error anyway. */ - evtype = EVENTLOG_ERROR_TYPE; - break; - } - - sprintf(pidbuf, "[%d] ", pid); - lpszStrings[0] = pidbuf; - lpszStrings[1] = string; - - if(report_event && bp->ptr) - report_event(bp->ptr, evtype, 0, 1024, NULL, 2, 0, - lpszStrings, NULL); -} - -static void xcloselog(BIO* bp) -{ - if(deregister_event_source && bp->ptr) - deregister_event_source((HANDLE)(bp->ptr)); - bp->ptr= NULL; -} - -#elif defined(VMS) - -static int VMS_OPC_target = LOG_DAEMON; - -static void xopenlog(BIO* bp, char* name, int level) -{ - VMS_OPC_target = level; -} - -static void xsyslog(BIO *bp, int priority, const char *string) -{ - struct dsc$descriptor_s opc_dsc; - struct opcdef *opcdef_p; - char buf[10240]; - unsigned int len; - struct dsc$descriptor_s buf_dsc; - $DESCRIPTOR(fao_cmd, "!AZ: !AZ"); - char *priority_tag; - - switch (priority) - { - case LOG_EMERG: priority_tag = "Emergency"; break; - case LOG_ALERT: priority_tag = "Alert"; break; - case LOG_CRIT: priority_tag = "Critical"; break; - case LOG_ERR: priority_tag = "Error"; break; - case LOG_WARNING: priority_tag = "Warning"; break; - case LOG_NOTICE: priority_tag = "Notice"; break; - case LOG_INFO: priority_tag = "Info"; break; - case LOG_DEBUG: priority_tag = "DEBUG"; break; - } - - buf_dsc.dsc$b_dtype = DSC$K_DTYPE_T; - buf_dsc.dsc$b_class = DSC$K_CLASS_S; - buf_dsc.dsc$a_pointer = buf; - buf_dsc.dsc$w_length = sizeof(buf) - 1; - - lib$sys_fao(&fao_cmd, &len, &buf_dsc, priority_tag, string); - - /* we know there's an 8 byte header. That's documented */ - opcdef_p = (struct opcdef *) OPENSSL_malloc(8 + len); - opcdef_p->opc$b_ms_type = OPC$_RQ_RQST; - memcpy(opcdef_p->opc$z_ms_target_classes, &VMS_OPC_target, 3); - opcdef_p->opc$l_ms_rqstid = 0; - memcpy(&opcdef_p->opc$l_ms_text, buf, len); - - opc_dsc.dsc$b_dtype = DSC$K_DTYPE_T; - opc_dsc.dsc$b_class = DSC$K_CLASS_S; - opc_dsc.dsc$a_pointer = (char *)opcdef_p; - opc_dsc.dsc$w_length = len + 8; - - sys$sndopr(opc_dsc, 0); - - OPENSSL_free(opcdef_p); -} - -static void xcloselog(BIO* bp) -{ -} - -#else /* Unix */ - -static void xopenlog(BIO* bp, char* name, int level) -{ - openlog(name, LOG_PID|LOG_CONS, level); -} - -static void xsyslog(BIO *bp, int priority, const char *string) -{ - syslog(priority, "%s", string); -} - -static void xcloselog(BIO* bp) -{ - closelog(); -} - -#endif /* Unix */ - -#endif /* NO_SYSLOG */ diff --git a/src/lib/libcrypto/bio/bss_mem.c b/src/lib/libcrypto/bio/bss_mem.c deleted file mode 100644 index 28ff7582bf..0000000000 --- a/src/lib/libcrypto/bio/bss_mem.c +++ /dev/null @@ -1,317 +0,0 @@ -/* crypto/bio/bss_mem.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include "cryptlib.h" -#include - -static int mem_write(BIO *h, const char *buf, int num); -static int mem_read(BIO *h, char *buf, int size); -static int mem_puts(BIO *h, const char *str); -static int mem_gets(BIO *h, char *str, int size); -static long mem_ctrl(BIO *h, int cmd, long arg1, void *arg2); -static int mem_new(BIO *h); -static int mem_free(BIO *data); -static BIO_METHOD mem_method= - { - BIO_TYPE_MEM, - "memory buffer", - mem_write, - mem_read, - mem_puts, - mem_gets, - mem_ctrl, - mem_new, - mem_free, - NULL, - }; - -/* bio->num is used to hold the value to return on 'empty', if it is - * 0, should_retry is not set */ - -BIO_METHOD *BIO_s_mem(void) - { - return(&mem_method); - } - -BIO *BIO_new_mem_buf(void *buf, int len) -{ - BIO *ret; - BUF_MEM *b; - if (!buf) { - BIOerr(BIO_F_BIO_NEW_MEM_BUF,BIO_R_NULL_PARAMETER); - return NULL; - } - if(len == -1) len = strlen(buf); - if(!(ret = BIO_new(BIO_s_mem())) ) return NULL; - b = (BUF_MEM *)ret->ptr; - b->data = buf; - b->length = len; - b->max = len; - ret->flags |= BIO_FLAGS_MEM_RDONLY; - /* Since this is static data retrying wont help */ - ret->num = 0; - return ret; -} - -static int mem_new(BIO *bi) - { - BUF_MEM *b; - - if ((b=BUF_MEM_new()) == NULL) - return(0); - bi->shutdown=1; - bi->init=1; - bi->num= -1; - bi->ptr=(char *)b; - return(1); - } - -static int mem_free(BIO *a) - { - if (a == NULL) return(0); - if (a->shutdown) - { - if ((a->init) && (a->ptr != NULL)) - { - BUF_MEM *b; - b = (BUF_MEM *)a->ptr; - if(a->flags & BIO_FLAGS_MEM_RDONLY) b->data = NULL; - BUF_MEM_free(b); - a->ptr=NULL; - } - } - return(1); - } - -static int mem_read(BIO *b, char *out, int outl) - { - int ret= -1; - BUF_MEM *bm; - int i; - char *from,*to; - - bm=(BUF_MEM *)b->ptr; - BIO_clear_retry_flags(b); - ret=(outl > bm->length)?bm->length:outl; - if ((out != NULL) && (ret > 0)) { - memcpy(out,bm->data,ret); - bm->length-=ret; - /* memmove(&(bm->data[0]),&(bm->data[ret]), bm->length); */ - if(b->flags & BIO_FLAGS_MEM_RDONLY) bm->data += ret; - else { - from=(char *)&(bm->data[ret]); - to=(char *)&(bm->data[0]); - for (i=0; ilength; i++) - to[i]=from[i]; - } - } else if (bm->length == 0) - { - ret = b->num; - if (ret != 0) - BIO_set_retry_read(b); - } - return(ret); - } - -static int mem_write(BIO *b, const char *in, int inl) - { - int ret= -1; - int blen; - BUF_MEM *bm; - - bm=(BUF_MEM *)b->ptr; - if (in == NULL) - { - BIOerr(BIO_F_MEM_WRITE,BIO_R_NULL_PARAMETER); - goto end; - } - - if(b->flags & BIO_FLAGS_MEM_RDONLY) { - BIOerr(BIO_F_MEM_WRITE,BIO_R_WRITE_TO_READ_ONLY_BIO); - goto end; - } - - BIO_clear_retry_flags(b); - blen=bm->length; - if (BUF_MEM_grow(bm,blen+inl) != (blen+inl)) - goto end; - memcpy(&(bm->data[blen]),in,inl); - ret=inl; -end: - return(ret); - } - -static long mem_ctrl(BIO *b, int cmd, long num, void *ptr) - { - long ret=1; - char **pptr; - - BUF_MEM *bm=(BUF_MEM *)b->ptr; - - switch (cmd) - { - case BIO_CTRL_RESET: - if (bm->data != NULL) - { - /* For read only case reset to the start again */ - if(b->flags & BIO_FLAGS_MEM_RDONLY) - { - bm->data -= bm->max - bm->length; - bm->length = bm->max; - } - else - { - memset(bm->data,0,bm->max); - bm->length=0; - } - } - break; - case BIO_CTRL_EOF: - ret=(long)(bm->length == 0); - break; - case BIO_C_SET_BUF_MEM_EOF_RETURN: - b->num=(int)num; - break; - case BIO_CTRL_INFO: - ret=(long)bm->length; - if (ptr != NULL) - { - pptr=(char **)ptr; - *pptr=(char *)&(bm->data[0]); - } - break; - case BIO_C_SET_BUF_MEM: - mem_free(b); - b->shutdown=(int)num; - b->ptr=ptr; - break; - case BIO_C_GET_BUF_MEM_PTR: - if (ptr != NULL) - { - pptr=(char **)ptr; - *pptr=(char *)bm; - } - break; - case BIO_CTRL_GET_CLOSE: - ret=(long)b->shutdown; - break; - case BIO_CTRL_SET_CLOSE: - b->shutdown=(int)num; - break; - - case BIO_CTRL_WPENDING: - ret=0L; - break; - case BIO_CTRL_PENDING: - ret=(long)bm->length; - break; - case BIO_CTRL_DUP: - case BIO_CTRL_FLUSH: - ret=1; - break; - case BIO_CTRL_PUSH: - case BIO_CTRL_POP: - default: - ret=0; - break; - } - return(ret); - } - -static int mem_gets(BIO *bp, char *buf, int size) - { - int i,j; - int ret= -1; - char *p; - BUF_MEM *bm=(BUF_MEM *)bp->ptr; - - BIO_clear_retry_flags(bp); - j=bm->length; - if (j <= 0) return(0); - p=bm->data; - for (i=0; i 0) buf[i]='\0'; - ret=i; - return(ret); - } - -static int mem_puts(BIO *bp, const char *str) - { - int n,ret; - - n=strlen(str); - ret=mem_write(bp,str,n); - /* memory semantics is that it will always work */ - return(ret); - } - diff --git a/src/lib/libcrypto/bio/bss_null.c b/src/lib/libcrypto/bio/bss_null.c deleted file mode 100644 index 46b73339df..0000000000 --- a/src/lib/libcrypto/bio/bss_null.c +++ /dev/null @@ -1,150 +0,0 @@ -/* crypto/bio/bss_null.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include "cryptlib.h" -#include - -static int null_write(BIO *h, const char *buf, int num); -static int null_read(BIO *h, char *buf, int size); -static int null_puts(BIO *h, const char *str); -static int null_gets(BIO *h, char *str, int size); -static long null_ctrl(BIO *h, int cmd, long arg1, void *arg2); -static int null_new(BIO *h); -static int null_free(BIO *data); -static BIO_METHOD null_method= - { - BIO_TYPE_NULL, - "NULL", - null_write, - null_read, - null_puts, - null_gets, - null_ctrl, - null_new, - null_free, - NULL, - }; - -BIO_METHOD *BIO_s_null(void) - { - return(&null_method); - } - -static int null_new(BIO *bi) - { - bi->init=1; - bi->num=0; - bi->ptr=(NULL); - return(1); - } - -static int null_free(BIO *a) - { - if (a == NULL) return(0); - return(1); - } - -static int null_read(BIO *b, char *out, int outl) - { - return(0); - } - -static int null_write(BIO *b, const char *in, int inl) - { - return(inl); - } - -static long null_ctrl(BIO *b, int cmd, long num, void *ptr) - { - long ret=1; - - switch (cmd) - { - case BIO_CTRL_RESET: - case BIO_CTRL_EOF: - case BIO_CTRL_SET: - case BIO_CTRL_SET_CLOSE: - case BIO_CTRL_FLUSH: - case BIO_CTRL_DUP: - ret=1; - break; - case BIO_CTRL_GET_CLOSE: - case BIO_CTRL_INFO: - case BIO_CTRL_GET: - case BIO_CTRL_PENDING: - case BIO_CTRL_WPENDING: - default: - ret=0; - break; - } - return(ret); - } - -static int null_gets(BIO *bp, char *buf, int size) - { - return(0); - } - -static int null_puts(BIO *bp, const char *str) - { - if (str == NULL) return(0); - return(strlen(str)); - } - diff --git a/src/lib/libcrypto/bio/bss_sock.c b/src/lib/libcrypto/bio/bss_sock.c deleted file mode 100644 index 50c6744c06..0000000000 --- a/src/lib/libcrypto/bio/bss_sock.c +++ /dev/null @@ -1,424 +0,0 @@ -/* crypto/bio/bss_sock.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#if !defined(NO_SOCK) || defined(BIO_FD) - -#include -#include -#define USE_SOCKETS -#include "cryptlib.h" -#include - -#ifndef BIO_FD -static int sock_write(BIO *h, const char *buf, int num); -static int sock_read(BIO *h, char *buf, int size); -static int sock_puts(BIO *h, const char *str); -static long sock_ctrl(BIO *h, int cmd, long arg1, void *arg2); -static int sock_new(BIO *h); -static int sock_free(BIO *data); -int BIO_sock_should_retry(int s); -#else - -static int fd_write(BIO *h, const char *buf, int num); -static int fd_read(BIO *h, char *buf, int size); -static int fd_puts(BIO *h, const char *str); -static long fd_ctrl(BIO *h, int cmd, long arg1, void *arg2); -static int fd_new(BIO *h); -static int fd_free(BIO *data); -int BIO_fd_should_retry(int s); -#endif - -#ifndef BIO_FD -static BIO_METHOD methods_sockp= - { - BIO_TYPE_SOCKET, - "socket", - sock_write, - sock_read, - sock_puts, - NULL, /* sock_gets, */ - sock_ctrl, - sock_new, - sock_free, - NULL, - }; - -BIO_METHOD *BIO_s_socket(void) - { - return(&methods_sockp); - } -#else -static BIO_METHOD methods_fdp= - { - BIO_TYPE_FD,"file descriptor", - fd_write, - fd_read, - fd_puts, - NULL, /* fd_gets, */ - fd_ctrl, - fd_new, - fd_free, - NULL, - }; - -BIO_METHOD *BIO_s_fd(void) - { - return(&methods_fdp); - } -#endif - -#ifndef BIO_FD -BIO *BIO_new_socket(int fd, int close_flag) -#else -BIO *BIO_new_fd(int fd,int close_flag) -#endif - { - BIO *ret; - -#ifndef BIO_FD - ret=BIO_new(BIO_s_socket()); -#else - ret=BIO_new(BIO_s_fd()); -#endif - if (ret == NULL) return(NULL); - BIO_set_fd(ret,fd,close_flag); - return(ret); - } - -#ifndef BIO_FD -static int sock_new(BIO *bi) -#else -static int fd_new(BIO *bi) -#endif - { - bi->init=0; - bi->num=0; - bi->ptr=NULL; - bi->flags=0; - return(1); - } - -#ifndef BIO_FD -static int sock_free(BIO *a) -#else -static int fd_free(BIO *a) -#endif - { - if (a == NULL) return(0); - if (a->shutdown) - { - if (a->init) - { -#ifndef BIO_FD - SHUTDOWN2(a->num); -#else /* BIO_FD */ - close(a->num); -#endif - - } - a->init=0; - a->flags=0; - } - return(1); - } - -#ifndef BIO_FD -static int sock_read(BIO *b, char *out, int outl) -#else -static int fd_read(BIO *b, char *out,int outl) -#endif - { - int ret=0; - - if (out != NULL) - { -#ifndef BIO_FD - clear_socket_error(); - ret=readsocket(b->num,out,outl); -#else - clear_sys_error(); - ret=read(b->num,out,outl); -#endif - BIO_clear_retry_flags(b); - if (ret <= 0) - { -#ifndef BIO_FD - if (BIO_sock_should_retry(ret)) -#else - if (BIO_fd_should_retry(ret)) -#endif - BIO_set_retry_read(b); - } - } - return(ret); - } - -#ifndef BIO_FD -static int sock_write(BIO *b, const char *in, int inl) -#else -static int fd_write(BIO *b, const char *in, int inl) -#endif - { - int ret; - -#ifndef BIO_FD - clear_socket_error(); - ret=writesocket(b->num,in,inl); -#else - clear_sys_error(); - ret=write(b->num,in,inl); -#endif - BIO_clear_retry_flags(b); - if (ret <= 0) - { -#ifndef BIO_FD - if (BIO_sock_should_retry(ret)) -#else - if (BIO_fd_should_retry(ret)) -#endif - BIO_set_retry_write(b); - } - return(ret); - } - -#ifndef BIO_FD -static long sock_ctrl(BIO *b, int cmd, long num, void *ptr) -#else -static long fd_ctrl(BIO *b, int cmd, long num, void *ptr) -#endif - { - long ret=1; - int *ip; - - switch (cmd) - { - case BIO_CTRL_RESET: - num=0; - case BIO_C_FILE_SEEK: -#ifdef BIO_FD - ret=(long)lseek(b->num,num,0); -#else - ret=0; -#endif - break; - case BIO_C_FILE_TELL: - case BIO_CTRL_INFO: -#ifdef BIO_FD - ret=(long)lseek(b->num,0,1); -#else - ret=0; -#endif - break; - case BIO_C_SET_FD: -#ifndef BIO_FD - sock_free(b); -#else - fd_free(b); -#endif - b->num= *((int *)ptr); - b->shutdown=(int)num; - b->init=1; - break; - case BIO_C_GET_FD: - if (b->init) - { - ip=(int *)ptr; - if (ip != NULL) *ip=b->num; - ret=b->num; - } - else - ret= -1; - break; - case BIO_CTRL_GET_CLOSE: - ret=b->shutdown; - break; - case BIO_CTRL_SET_CLOSE: - b->shutdown=(int)num; - break; - case BIO_CTRL_PENDING: - case BIO_CTRL_WPENDING: - ret=0; - break; - case BIO_CTRL_DUP: - case BIO_CTRL_FLUSH: - ret=1; - break; - default: - ret=0; - break; - } - return(ret); - } - -#ifdef undef -static int sock_gets(BIO *bp, char *buf,int size) - { - return(-1); - } -#endif - -#ifndef BIO_FD -static int sock_puts(BIO *bp, const char *str) -#else -static int fd_puts(BIO *bp, const char *str) -#endif - { - int n,ret; - - n=strlen(str); -#ifndef BIO_FD - ret=sock_write(bp,str,n); -#else - ret=fd_write(bp,str,n); -#endif - return(ret); - } - -#ifndef BIO_FD -int BIO_sock_should_retry(int i) -#else -int BIO_fd_should_retry(int i) -#endif - { - int err; - - if ((i == 0) || (i == -1)) - { -#ifndef BIO_FD - err=get_last_socket_error(); -#else - err=get_last_sys_error(); -#endif - -#if defined(WINDOWS) && 0 /* more microsoft stupidity? perhaps not? Ben 4/1/99 */ - if ((i == -1) && (err == 0)) - return(1); -#endif - -#ifndef BIO_FD - return(BIO_sock_non_fatal_error(err)); -#else - return(BIO_fd_non_fatal_error(err)); -#endif - } - return(0); - } - -#ifndef BIO_FD -int BIO_sock_non_fatal_error(int err) -#else -int BIO_fd_non_fatal_error(int err) -#endif - { - switch (err) - { -#if !defined(BIO_FD) && defined(WINDOWS) -# if defined(WSAEWOULDBLOCK) - case WSAEWOULDBLOCK: -# endif - -# if 0 /* This appears to always be an error */ -# if defined(WSAENOTCONN) - case WSAENOTCONN: -# endif -# endif -#endif - -#ifdef EWOULDBLOCK -# ifdef WSAEWOULDBLOCK -# if WSAEWOULDBLOCK != EWOULDBLOCK - case EWOULDBLOCK: -# endif -# else - case EWOULDBLOCK: -# endif -#endif - -#if defined(ENOTCONN) - case ENOTCONN: -#endif - -#ifdef EINTR - case EINTR: -#endif - -#ifdef EAGAIN -#if EWOULDBLOCK != EAGAIN - case EAGAIN: -# endif -#endif - -#ifdef EPROTO - case EPROTO: -#endif - -#ifdef EINPROGRESS - case EINPROGRESS: -#endif - -#ifdef EALREADY - case EALREADY: -#endif - return(1); - /* break; */ - default: - break; - } - return(0); - } -#endif diff --git a/src/lib/libcrypto/bn/asm/bn-586.pl b/src/lib/libcrypto/bn/asm/bn-586.pl deleted file mode 100644 index 5191bed273..0000000000 --- a/src/lib/libcrypto/bn/asm/bn-586.pl +++ /dev/null @@ -1,384 +0,0 @@ -#!/usr/local/bin/perl - -push(@INC,"perlasm","../../perlasm"); -require "x86asm.pl"; - -&asm_init($ARGV[0],$0); - -&bn_mul_add_words("bn_mul_add_words"); -&bn_mul_words("bn_mul_words"); -&bn_sqr_words("bn_sqr_words"); -&bn_div_words("bn_div_words"); -&bn_add_words("bn_add_words"); -&bn_sub_words("bn_sub_words"); - -&asm_finish(); - -sub bn_mul_add_words - { - local($name)=@_; - - &function_begin($name,""); - - &comment(""); - $Low="eax"; - $High="edx"; - $a="ebx"; - $w="ebp"; - $r="edi"; - $c="esi"; - - &xor($c,$c); # clear carry - &mov($r,&wparam(0)); # - - &mov("ecx",&wparam(2)); # - &mov($a,&wparam(1)); # - - &and("ecx",0xfffffff8); # num / 8 - &mov($w,&wparam(3)); # - - &push("ecx"); # Up the stack for a tmp variable - - &jz(&label("maw_finish")); - - &set_label("maw_loop",0); - - &mov(&swtmp(0),"ecx"); # - - for ($i=0; $i<32; $i+=4) - { - &comment("Round $i"); - - &mov("eax",&DWP($i,$a,"",0)); # *a - &mul($w); # *a * w - &add("eax",$c); # L(t)+= *r - &mov($c,&DWP($i,$r,"",0)); # L(t)+= *r - &adc("edx",0); # H(t)+=carry - &add("eax",$c); # L(t)+=c - &adc("edx",0); # H(t)+=carry - &mov(&DWP($i,$r,"",0),"eax"); # *r= L(t); - &mov($c,"edx"); # c= H(t); - } - - &comment(""); - &mov("ecx",&swtmp(0)); # - &add($a,32); - &add($r,32); - &sub("ecx",8); - &jnz(&label("maw_loop")); - - &set_label("maw_finish",0); - &mov("ecx",&wparam(2)); # get num - &and("ecx",7); - &jnz(&label("maw_finish2")); # helps branch prediction - &jmp(&label("maw_end")); - - &set_label("maw_finish2",1); - for ($i=0; $i<7; $i++) - { - &comment("Tail Round $i"); - &mov("eax",&DWP($i*4,$a,"",0));# *a - &mul($w); # *a * w - &add("eax",$c); # L(t)+=c - &mov($c,&DWP($i*4,$r,"",0)); # L(t)+= *r - &adc("edx",0); # H(t)+=carry - &add("eax",$c); - &adc("edx",0); # H(t)+=carry - &dec("ecx") if ($i != 7-1); - &mov(&DWP($i*4,$r,"",0),"eax"); # *r= L(t); - &mov($c,"edx"); # c= H(t); - &jz(&label("maw_end")) if ($i != 7-1); - } - &set_label("maw_end",0); - &mov("eax",$c); - - &pop("ecx"); # clear variable from - - &function_end($name); - } - -sub bn_mul_words - { - local($name)=@_; - - &function_begin($name,""); - - &comment(""); - $Low="eax"; - $High="edx"; - $a="ebx"; - $w="ecx"; - $r="edi"; - $c="esi"; - $num="ebp"; - - &xor($c,$c); # clear carry - &mov($r,&wparam(0)); # - &mov($a,&wparam(1)); # - &mov($num,&wparam(2)); # - &mov($w,&wparam(3)); # - - &and($num,0xfffffff8); # num / 8 - &jz(&label("mw_finish")); - - &set_label("mw_loop",0); - for ($i=0; $i<32; $i+=4) - { - &comment("Round $i"); - - &mov("eax",&DWP($i,$a,"",0)); # *a - &mul($w); # *a * w - &add("eax",$c); # L(t)+=c - # XXX - - &adc("edx",0); # H(t)+=carry - &mov(&DWP($i,$r,"",0),"eax"); # *r= L(t); - - &mov($c,"edx"); # c= H(t); - } - - &comment(""); - &add($a,32); - &add($r,32); - &sub($num,8); - &jz(&label("mw_finish")); - &jmp(&label("mw_loop")); - - &set_label("mw_finish",0); - &mov($num,&wparam(2)); # get num - &and($num,7); - &jnz(&label("mw_finish2")); - &jmp(&label("mw_end")); - - &set_label("mw_finish2",1); - for ($i=0; $i<7; $i++) - { - &comment("Tail Round $i"); - &mov("eax",&DWP($i*4,$a,"",0));# *a - &mul($w); # *a * w - &add("eax",$c); # L(t)+=c - # XXX - &adc("edx",0); # H(t)+=carry - &mov(&DWP($i*4,$r,"",0),"eax");# *r= L(t); - &mov($c,"edx"); # c= H(t); - &dec($num) if ($i != 7-1); - &jz(&label("mw_end")) if ($i != 7-1); - } - &set_label("mw_end",0); - &mov("eax",$c); - - &function_end($name); - } - -sub bn_sqr_words - { - local($name)=@_; - - &function_begin($name,""); - - &comment(""); - $r="esi"; - $a="edi"; - $num="ebx"; - - &mov($r,&wparam(0)); # - &mov($a,&wparam(1)); # - &mov($num,&wparam(2)); # - - &and($num,0xfffffff8); # num / 8 - &jz(&label("sw_finish")); - - &set_label("sw_loop",0); - for ($i=0; $i<32; $i+=4) - { - &comment("Round $i"); - &mov("eax",&DWP($i,$a,"",0)); # *a - # XXX - &mul("eax"); # *a * *a - &mov(&DWP($i*2,$r,"",0),"eax"); # - &mov(&DWP($i*2+4,$r,"",0),"edx");# - } - - &comment(""); - &add($a,32); - &add($r,64); - &sub($num,8); - &jnz(&label("sw_loop")); - - &set_label("sw_finish",0); - &mov($num,&wparam(2)); # get num - &and($num,7); - &jz(&label("sw_end")); - - for ($i=0; $i<7; $i++) - { - &comment("Tail Round $i"); - &mov("eax",&DWP($i*4,$a,"",0)); # *a - # XXX - &mul("eax"); # *a * *a - &mov(&DWP($i*8,$r,"",0),"eax"); # - &dec($num) if ($i != 7-1); - &mov(&DWP($i*8+4,$r,"",0),"edx"); - &jz(&label("sw_end")) if ($i != 7-1); - } - &set_label("sw_end",0); - - &function_end($name); - } - -sub bn_div_words - { - local($name)=@_; - - &function_begin($name,""); - &mov("edx",&wparam(0)); # - &mov("eax",&wparam(1)); # - &mov("ebx",&wparam(2)); # - &div("ebx"); - &function_end($name); - } - -sub bn_add_words - { - local($name)=@_; - - &function_begin($name,""); - - &comment(""); - $a="esi"; - $b="edi"; - $c="eax"; - $r="ebx"; - $tmp1="ecx"; - $tmp2="edx"; - $num="ebp"; - - &mov($r,&wparam(0)); # get r - &mov($a,&wparam(1)); # get a - &mov($b,&wparam(2)); # get b - &mov($num,&wparam(3)); # get num - &xor($c,$c); # clear carry - &and($num,0xfffffff8); # num / 8 - - &jz(&label("aw_finish")); - - &set_label("aw_loop",0); - for ($i=0; $i<8; $i++) - { - &comment("Round $i"); - - &mov($tmp1,&DWP($i*4,$a,"",0)); # *a - &mov($tmp2,&DWP($i*4,$b,"",0)); # *b - &add($tmp1,$c); - &mov($c,0); - &adc($c,$c); - &add($tmp1,$tmp2); - &adc($c,0); - &mov(&DWP($i*4,$r,"",0),$tmp1); # *r - } - - &comment(""); - &add($a,32); - &add($b,32); - &add($r,32); - &sub($num,8); - &jnz(&label("aw_loop")); - - &set_label("aw_finish",0); - &mov($num,&wparam(3)); # get num - &and($num,7); - &jz(&label("aw_end")); - - for ($i=0; $i<7; $i++) - { - &comment("Tail Round $i"); - &mov($tmp1,&DWP($i*4,$a,"",0)); # *a - &mov($tmp2,&DWP($i*4,$b,"",0));# *b - &add($tmp1,$c); - &mov($c,0); - &adc($c,$c); - &add($tmp1,$tmp2); - &adc($c,0); - &dec($num) if ($i != 6); - &mov(&DWP($i*4,$r,"",0),$tmp1); # *a - &jz(&label("aw_end")) if ($i != 6); - } - &set_label("aw_end",0); - -# &mov("eax",$c); # $c is "eax" - - &function_end($name); - } - -sub bn_sub_words - { - local($name)=@_; - - &function_begin($name,""); - - &comment(""); - $a="esi"; - $b="edi"; - $c="eax"; - $r="ebx"; - $tmp1="ecx"; - $tmp2="edx"; - $num="ebp"; - - &mov($r,&wparam(0)); # get r - &mov($a,&wparam(1)); # get a - &mov($b,&wparam(2)); # get b - &mov($num,&wparam(3)); # get num - &xor($c,$c); # clear carry - &and($num,0xfffffff8); # num / 8 - - &jz(&label("aw_finish")); - - &set_label("aw_loop",0); - for ($i=0; $i<8; $i++) - { - &comment("Round $i"); - - &mov($tmp1,&DWP($i*4,$a,"",0)); # *a - &mov($tmp2,&DWP($i*4,$b,"",0)); # *b - &sub($tmp1,$c); - &mov($c,0); - &adc($c,$c); - &sub($tmp1,$tmp2); - &adc($c,0); - &mov(&DWP($i*4,$r,"",0),$tmp1); # *r - } - - &comment(""); - &add($a,32); - &add($b,32); - &add($r,32); - &sub($num,8); - &jnz(&label("aw_loop")); - - &set_label("aw_finish",0); - &mov($num,&wparam(3)); # get num - &and($num,7); - &jz(&label("aw_end")); - - for ($i=0; $i<7; $i++) - { - &comment("Tail Round $i"); - &mov($tmp1,&DWP($i*4,$a,"",0)); # *a - &mov($tmp2,&DWP($i*4,$b,"",0));# *b - &sub($tmp1,$c); - &mov($c,0); - &adc($c,$c); - &sub($tmp1,$tmp2); - &adc($c,0); - &dec($num) if ($i != 6); - &mov(&DWP($i*4,$r,"",0),$tmp1); # *a - &jz(&label("aw_end")) if ($i != 6); - } - &set_label("aw_end",0); - -# &mov("eax",$c); # $c is "eax" - - &function_end($name); - } - diff --git a/src/lib/libcrypto/bn/asm/co-586.pl b/src/lib/libcrypto/bn/asm/co-586.pl deleted file mode 100644 index 5d962cb957..0000000000 --- a/src/lib/libcrypto/bn/asm/co-586.pl +++ /dev/null @@ -1,286 +0,0 @@ -#!/usr/local/bin/perl - -push(@INC,"perlasm","../../perlasm"); -require "x86asm.pl"; - -&asm_init($ARGV[0],$0); - -&bn_mul_comba("bn_mul_comba8",8); -&bn_mul_comba("bn_mul_comba4",4); -&bn_sqr_comba("bn_sqr_comba8",8); -&bn_sqr_comba("bn_sqr_comba4",4); - -&asm_finish(); - -sub mul_add_c - { - local($a,$ai,$b,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_; - - # pos == -1 if eax and edx are pre-loaded, 0 to load from next - # words, and 1 if load return value - - &comment("mul a[$ai]*b[$bi]"); - - # "eax" and "edx" will always be pre-loaded. - # &mov("eax",&DWP($ai*4,$a,"",0)) ; - # &mov("edx",&DWP($bi*4,$b,"",0)); - - &mul("edx"); - &add($c0,"eax"); - &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0; # laod next a - &mov("eax",&wparam(0)) if $pos > 0; # load r[] - ### - &adc($c1,"edx"); - &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 0; # laod next b - &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 1; # laod next b - ### - &adc($c2,0); - # is pos > 1, it means it is the last loop - &mov(&DWP($i*4,"eax","",0),$c0) if $pos > 0; # save r[]; - &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1; # laod next a - } - -sub sqr_add_c - { - local($r,$a,$ai,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_; - - # pos == -1 if eax and edx are pre-loaded, 0 to load from next - # words, and 1 if load return value - - &comment("sqr a[$ai]*a[$bi]"); - - # "eax" and "edx" will always be pre-loaded. - # &mov("eax",&DWP($ai*4,$a,"",0)) ; - # &mov("edx",&DWP($bi*4,$b,"",0)); - - if ($ai == $bi) - { &mul("eax");} - else - { &mul("edx");} - &add($c0,"eax"); - &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0; # load next a - ### - &adc($c1,"edx"); - &mov("edx",&DWP(($nb)*4,$a,"",0)) if ($pos == 1) && ($na != $nb); - ### - &adc($c2,0); - # is pos > 1, it means it is the last loop - &mov(&DWP($i*4,$r,"",0),$c0) if $pos > 0; # save r[]; - &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1; # load next b - } - -sub sqr_add_c2 - { - local($r,$a,$ai,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_; - - # pos == -1 if eax and edx are pre-loaded, 0 to load from next - # words, and 1 if load return value - - &comment("sqr a[$ai]*a[$bi]"); - - # "eax" and "edx" will always be pre-loaded. - # &mov("eax",&DWP($ai*4,$a,"",0)) ; - # &mov("edx",&DWP($bi*4,$a,"",0)); - - if ($ai == $bi) - { &mul("eax");} - else - { &mul("edx");} - &add("eax","eax"); - ### - &adc("edx","edx"); - ### - &adc($c2,0); - &add($c0,"eax"); - &adc($c1,"edx"); - &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0; # load next a - &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1; # load next b - &adc($c2,0); - &mov(&DWP($i*4,$r,"",0),$c0) if $pos > 0; # save r[]; - &mov("edx",&DWP(($nb)*4,$a,"",0)) if ($pos <= 1) && ($na != $nb); - ### - } - -sub bn_mul_comba - { - local($name,$num)=@_; - local($a,$b,$c0,$c1,$c2); - local($i,$as,$ae,$bs,$be,$ai,$bi); - local($tot,$end); - - &function_begin_B($name,""); - - $c0="ebx"; - $c1="ecx"; - $c2="ebp"; - $a="esi"; - $b="edi"; - - $as=0; - $ae=0; - $bs=0; - $be=0; - $tot=$num+$num-1; - - &push("esi"); - &mov($a,&wparam(1)); - &push("edi"); - &mov($b,&wparam(2)); - &push("ebp"); - &push("ebx"); - - &xor($c0,$c0); - &mov("eax",&DWP(0,$a,"",0)); # load the first word - &xor($c1,$c1); - &mov("edx",&DWP(0,$b,"",0)); # load the first second - - for ($i=0; $i<$tot; $i++) - { - $ai=$as; - $bi=$bs; - $end=$be+1; - - &comment("################## Calculate word $i"); - - for ($j=$bs; $j<$end; $j++) - { - &xor($c2,$c2) if ($j == $bs); - if (($j+1) == $end) - { - $v=1; - $v=2 if (($i+1) == $tot); - } - else - { $v=0; } - if (($j+1) != $end) - { - $na=($ai-1); - $nb=($bi+1); - } - else - { - $na=$as+($i < ($num-1)); - $nb=$bs+($i >= ($num-1)); - } -#printf STDERR "[$ai,$bi] -> [$na,$nb]\n"; - &mul_add_c($a,$ai,$b,$bi,$c0,$c1,$c2,$v,$i,$na,$nb); - if ($v) - { - &comment("saved r[$i]"); - # &mov("eax",&wparam(0)); - # &mov(&DWP($i*4,"eax","",0),$c0); - ($c0,$c1,$c2)=($c1,$c2,$c0); - } - $ai--; - $bi++; - } - $as++ if ($i < ($num-1)); - $ae++ if ($i >= ($num-1)); - - $bs++ if ($i >= ($num-1)); - $be++ if ($i < ($num-1)); - } - &comment("save r[$i]"); - # &mov("eax",&wparam(0)); - &mov(&DWP($i*4,"eax","",0),$c0); - - &pop("ebx"); - &pop("ebp"); - &pop("edi"); - &pop("esi"); - &ret(); - &function_end_B($name); - } - -sub bn_sqr_comba - { - local($name,$num)=@_; - local($r,$a,$c0,$c1,$c2)=@_; - local($i,$as,$ae,$bs,$be,$ai,$bi); - local($b,$tot,$end,$half); - - &function_begin_B($name,""); - - $c0="ebx"; - $c1="ecx"; - $c2="ebp"; - $a="esi"; - $r="edi"; - - &push("esi"); - &push("edi"); - &push("ebp"); - &push("ebx"); - &mov($r,&wparam(0)); - &mov($a,&wparam(1)); - &xor($c0,$c0); - &xor($c1,$c1); - &mov("eax",&DWP(0,$a,"",0)); # load the first word - - $as=0; - $ae=0; - $bs=0; - $be=0; - $tot=$num+$num-1; - - for ($i=0; $i<$tot; $i++) - { - $ai=$as; - $bi=$bs; - $end=$be+1; - - &comment("############### Calculate word $i"); - for ($j=$bs; $j<$end; $j++) - { - &xor($c2,$c2) if ($j == $bs); - if (($ai-1) < ($bi+1)) - { - $v=1; - $v=2 if ($i+1) == $tot; - } - else - { $v=0; } - if (!$v) - { - $na=$ai-1; - $nb=$bi+1; - } - else - { - $na=$as+($i < ($num-1)); - $nb=$bs+($i >= ($num-1)); - } - if ($ai == $bi) - { - &sqr_add_c($r,$a,$ai,$bi, - $c0,$c1,$c2,$v,$i,$na,$nb); - } - else - { - &sqr_add_c2($r,$a,$ai,$bi, - $c0,$c1,$c2,$v,$i,$na,$nb); - } - if ($v) - { - &comment("saved r[$i]"); - #&mov(&DWP($i*4,$r,"",0),$c0); - ($c0,$c1,$c2)=($c1,$c2,$c0); - last; - } - $ai--; - $bi++; - } - $as++ if ($i < ($num-1)); - $ae++ if ($i >= ($num-1)); - - $bs++ if ($i >= ($num-1)); - $be++ if ($i < ($num-1)); - } - &mov(&DWP($i*4,$r,"",0),$c0); - &pop("ebx"); - &pop("ebp"); - &pop("edi"); - &pop("esi"); - &ret(); - &function_end_B($name); - } diff --git a/src/lib/libcrypto/bn/asm/pa-risc2.s b/src/lib/libcrypto/bn/asm/pa-risc2.s deleted file mode 100644 index 7239aa2c76..0000000000 --- a/src/lib/libcrypto/bn/asm/pa-risc2.s +++ /dev/null @@ -1,1618 +0,0 @@ -; -; PA-RISC 2.0 implementation of bn_asm code, based on the -; 64-bit version of the code. This code is effectively the -; same as the 64-bit version except the register model is -; slightly different given all values must be 32-bit between -; function calls. Thus the 64-bit return values are returned -; in %ret0 and %ret1 vs just %ret0 as is done in 64-bit -; -; -; This code is approximately 2x faster than the C version -; for RSA/DSA. -; -; See http://devresource.hp.com/ for more details on the PA-RISC -; architecture. Also see the book "PA-RISC 2.0 Architecture" -; by Gerry Kane for information on the instruction set architecture. -; -; Code written by Chris Ruemmler (with some help from the HP C -; compiler). -; -; The code compiles with HP's assembler -; - - .level 2.0N - .space $TEXT$ - .subspa $CODE$,QUAD=0,ALIGN=8,ACCESS=0x2c,CODE_ONLY - -; -; Global Register definitions used for the routines. -; -; Some information about HP's runtime architecture for 32-bits. -; -; "Caller save" means the calling function must save the register -; if it wants the register to be preserved. -; "Callee save" means if a function uses the register, it must save -; the value before using it. -; -; For the floating point registers -; -; "caller save" registers: fr4-fr11, fr22-fr31 -; "callee save" registers: fr12-fr21 -; "special" registers: fr0-fr3 (status and exception registers) -; -; For the integer registers -; value zero : r0 -; "caller save" registers: r1,r19-r26 -; "callee save" registers: r3-r18 -; return register : r2 (rp) -; return values ; r28,r29 (ret0,ret1) -; Stack pointer ; r30 (sp) -; millicode return ptr ; r31 (also a caller save register) - - -; -; Arguments to the routines -; -r_ptr .reg %r26 -a_ptr .reg %r25 -b_ptr .reg %r24 -num .reg %r24 -n .reg %r23 - -; -; Note that the "w" argument for bn_mul_add_words and bn_mul_words -; is passed on the stack at a delta of -56 from the top of stack -; as the routine is entered. -; - -; -; Globals used in some routines -; - -top_overflow .reg %r23 -high_mask .reg %r22 ; value 0xffffffff80000000L - - -;------------------------------------------------------------------------------ -; -; bn_mul_add_words -; -;BN_ULONG bn_mul_add_words(BN_ULONG *r_ptr, BN_ULONG *a_ptr, -; int num, BN_ULONG w) -; -; arg0 = r_ptr -; arg1 = a_ptr -; arg3 = num -; -56(sp) = w -; -; Local register definitions -; - -fm1 .reg %fr22 -fm .reg %fr23 -ht_temp .reg %fr24 -ht_temp_1 .reg %fr25 -lt_temp .reg %fr26 -lt_temp_1 .reg %fr27 -fm1_1 .reg %fr28 -fm_1 .reg %fr29 - -fw_h .reg %fr7L -fw_l .reg %fr7R -fw .reg %fr7 - -fht_0 .reg %fr8L -flt_0 .reg %fr8R -t_float_0 .reg %fr8 - -fht_1 .reg %fr9L -flt_1 .reg %fr9R -t_float_1 .reg %fr9 - -tmp_0 .reg %r31 -tmp_1 .reg %r21 -m_0 .reg %r20 -m_1 .reg %r19 -ht_0 .reg %r1 -ht_1 .reg %r3 -lt_0 .reg %r4 -lt_1 .reg %r5 -m1_0 .reg %r6 -m1_1 .reg %r7 -rp_val .reg %r8 -rp_val_1 .reg %r9 - -bn_mul_add_words - .export bn_mul_add_words,entry,NO_RELOCATION,LONG_RETURN - .proc - .callinfo frame=128 - .entry - .align 64 - - STD %r3,0(%sp) ; save r3 - STD %r4,8(%sp) ; save r4 - NOP ; Needed to make the loop 16-byte aligned - NOP ; needed to make the loop 16-byte aligned - - STD %r5,16(%sp) ; save r5 - NOP - STD %r6,24(%sp) ; save r6 - STD %r7,32(%sp) ; save r7 - - STD %r8,40(%sp) ; save r8 - STD %r9,48(%sp) ; save r9 - COPY %r0,%ret1 ; return 0 by default - DEPDI,Z 1,31,1,top_overflow ; top_overflow = 1 << 32 - - CMPIB,>= 0,num,bn_mul_add_words_exit ; if (num <= 0) then exit - LDO 128(%sp),%sp ; bump stack - - ; - ; The loop is unrolled twice, so if there is only 1 number - ; then go straight to the cleanup code. - ; - CMPIB,= 1,num,bn_mul_add_words_single_top - FLDD -184(%sp),fw ; (-56-128) load up w into fw (fw_h/fw_l) - - ; - ; This loop is unrolled 2 times (64-byte aligned as well) - ; - ; PA-RISC 2.0 chips have two fully pipelined multipliers, thus - ; two 32-bit mutiplies can be issued per cycle. - ; -bn_mul_add_words_unroll2 - - FLDD 0(a_ptr),t_float_0 ; load up 64-bit value (fr8L) ht(L)/lt(R) - FLDD 8(a_ptr),t_float_1 ; load up 64-bit value (fr8L) ht(L)/lt(R) - LDD 0(r_ptr),rp_val ; rp[0] - LDD 8(r_ptr),rp_val_1 ; rp[1] - - XMPYU fht_0,fw_l,fm1 ; m1[0] = fht_0*fw_l - XMPYU fht_1,fw_l,fm1_1 ; m1[1] = fht_1*fw_l - FSTD fm1,-16(%sp) ; -16(sp) = m1[0] - FSTD fm1_1,-48(%sp) ; -48(sp) = m1[1] - - XMPYU flt_0,fw_h,fm ; m[0] = flt_0*fw_h - XMPYU flt_1,fw_h,fm_1 ; m[1] = flt_1*fw_h - FSTD fm,-8(%sp) ; -8(sp) = m[0] - FSTD fm_1,-40(%sp) ; -40(sp) = m[1] - - XMPYU fht_0,fw_h,ht_temp ; ht_temp = fht_0*fw_h - XMPYU fht_1,fw_h,ht_temp_1 ; ht_temp_1 = fht_1*fw_h - FSTD ht_temp,-24(%sp) ; -24(sp) = ht_temp - FSTD ht_temp_1,-56(%sp) ; -56(sp) = ht_temp_1 - - XMPYU flt_0,fw_l,lt_temp ; lt_temp = lt*fw_l - XMPYU flt_1,fw_l,lt_temp_1 ; lt_temp = lt*fw_l - FSTD lt_temp,-32(%sp) ; -32(sp) = lt_temp - FSTD lt_temp_1,-64(%sp) ; -64(sp) = lt_temp_1 - - LDD -8(%sp),m_0 ; m[0] - LDD -40(%sp),m_1 ; m[1] - LDD -16(%sp),m1_0 ; m1[0] - LDD -48(%sp),m1_1 ; m1[1] - - LDD -24(%sp),ht_0 ; ht[0] - LDD -56(%sp),ht_1 ; ht[1] - ADD,L m1_0,m_0,tmp_0 ; tmp_0 = m[0] + m1[0]; - ADD,L m1_1,m_1,tmp_1 ; tmp_1 = m[1] + m1[1]; - - LDD -32(%sp),lt_0 - LDD -64(%sp),lt_1 - CMPCLR,*>>= tmp_0,m1_0, %r0 ; if (m[0] < m1[0]) - ADD,L ht_0,top_overflow,ht_0 ; ht[0] += (1<<32) - - CMPCLR,*>>= tmp_1,m1_1,%r0 ; if (m[1] < m1[1]) - ADD,L ht_1,top_overflow,ht_1 ; ht[1] += (1<<32) - EXTRD,U tmp_0,31,32,m_0 ; m[0]>>32 - DEPD,Z tmp_0,31,32,m1_0 ; m1[0] = m[0]<<32 - - EXTRD,U tmp_1,31,32,m_1 ; m[1]>>32 - DEPD,Z tmp_1,31,32,m1_1 ; m1[1] = m[1]<<32 - ADD,L ht_0,m_0,ht_0 ; ht[0]+= (m[0]>>32) - ADD,L ht_1,m_1,ht_1 ; ht[1]+= (m[1]>>32) - - ADD lt_0,m1_0,lt_0 ; lt[0] = lt[0]+m1[0]; - ADD,DC ht_0,%r0,ht_0 ; ht[0]++ - ADD lt_1,m1_1,lt_1 ; lt[1] = lt[1]+m1[1]; - ADD,DC ht_1,%r0,ht_1 ; ht[1]++ - - ADD %ret1,lt_0,lt_0 ; lt[0] = lt[0] + c; - ADD,DC ht_0,%r0,ht_0 ; ht[0]++ - ADD lt_0,rp_val,lt_0 ; lt[0] = lt[0]+rp[0] - ADD,DC ht_0,%r0,ht_0 ; ht[0]++ - - LDO -2(num),num ; num = num - 2; - ADD ht_0,lt_1,lt_1 ; lt[1] = lt[1] + ht_0 (c); - ADD,DC ht_1,%r0,ht_1 ; ht[1]++ - STD lt_0,0(r_ptr) ; rp[0] = lt[0] - - ADD lt_1,rp_val_1,lt_1 ; lt[1] = lt[1]+rp[1] - ADD,DC ht_1,%r0,%ret1 ; ht[1]++ - LDO 16(a_ptr),a_ptr ; a_ptr += 2 - - STD lt_1,8(r_ptr) ; rp[1] = lt[1] - CMPIB,<= 2,num,bn_mul_add_words_unroll2 ; go again if more to do - LDO 16(r_ptr),r_ptr ; r_ptr += 2 - - CMPIB,=,N 0,num,bn_mul_add_words_exit ; are we done, or cleanup last one - - ; - ; Top of loop aligned on 64-byte boundary - ; -bn_mul_add_words_single_top - FLDD 0(a_ptr),t_float_0 ; load up 64-bit value (fr8L) ht(L)/lt(R) - LDD 0(r_ptr),rp_val ; rp[0] - LDO 8(a_ptr),a_ptr ; a_ptr++ - XMPYU fht_0,fw_l,fm1 ; m1 = ht*fw_l - FSTD fm1,-16(%sp) ; -16(sp) = m1 - XMPYU flt_0,fw_h,fm ; m = lt*fw_h - FSTD fm,-8(%sp) ; -8(sp) = m - XMPYU fht_0,fw_h,ht_temp ; ht_temp = ht*fw_h - FSTD ht_temp,-24(%sp) ; -24(sp) = ht - XMPYU flt_0,fw_l,lt_temp ; lt_temp = lt*fw_l - FSTD lt_temp,-32(%sp) ; -32(sp) = lt - - LDD -8(%sp),m_0 - LDD -16(%sp),m1_0 ; m1 = temp1 - ADD,L m_0,m1_0,tmp_0 ; tmp_0 = m + m1; - LDD -24(%sp),ht_0 - LDD -32(%sp),lt_0 - - CMPCLR,*>>= tmp_0,m1_0,%r0 ; if (m < m1) - ADD,L ht_0,top_overflow,ht_0 ; ht += (1<<32) - - EXTRD,U tmp_0,31,32,m_0 ; m>>32 - DEPD,Z tmp_0,31,32,m1_0 ; m1 = m<<32 - - ADD,L ht_0,m_0,ht_0 ; ht+= (m>>32) - ADD lt_0,m1_0,tmp_0 ; tmp_0 = lt+m1; - ADD,DC ht_0,%r0,ht_0 ; ht++ - ADD %ret1,tmp_0,lt_0 ; lt = lt + c; - ADD,DC ht_0,%r0,ht_0 ; ht++ - ADD lt_0,rp_val,lt_0 ; lt = lt+rp[0] - ADD,DC ht_0,%r0,%ret1 ; ht++ - STD lt_0,0(r_ptr) ; rp[0] = lt - -bn_mul_add_words_exit - .EXIT - - EXTRD,U %ret1,31,32,%ret0 ; for 32-bit, return in ret0/ret1 - LDD -80(%sp),%r9 ; restore r9 - LDD -88(%sp),%r8 ; restore r8 - LDD -96(%sp),%r7 ; restore r7 - LDD -104(%sp),%r6 ; restore r6 - LDD -112(%sp),%r5 ; restore r5 - LDD -120(%sp),%r4 ; restore r4 - BVE (%rp) - LDD,MB -128(%sp),%r3 ; restore r3 - .PROCEND ;in=23,24,25,26,29;out=28; - -;---------------------------------------------------------------------------- -; -;BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w) -; -; arg0 = rp -; arg1 = ap -; arg3 = num -; w on stack at -56(sp) - -bn_mul_words - .proc - .callinfo frame=128 - .entry - .EXPORT bn_mul_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN - .align 64 - - STD %r3,0(%sp) ; save r3 - STD %r4,8(%sp) ; save r4 - NOP - STD %r5,16(%sp) ; save r5 - - STD %r6,24(%sp) ; save r6 - STD %r7,32(%sp) ; save r7 - COPY %r0,%ret1 ; return 0 by default - DEPDI,Z 1,31,1,top_overflow ; top_overflow = 1 << 32 - - CMPIB,>= 0,num,bn_mul_words_exit - LDO 128(%sp),%sp ; bump stack - - ; - ; See if only 1 word to do, thus just do cleanup - ; - CMPIB,= 1,num,bn_mul_words_single_top - FLDD -184(%sp),fw ; (-56-128) load up w into fw (fw_h/fw_l) - - ; - ; This loop is unrolled 2 times (64-byte aligned as well) - ; - ; PA-RISC 2.0 chips have two fully pipelined multipliers, thus - ; two 32-bit mutiplies can be issued per cycle. - ; -bn_mul_words_unroll2 - - FLDD 0(a_ptr),t_float_0 ; load up 64-bit value (fr8L) ht(L)/lt(R) - FLDD 8(a_ptr),t_float_1 ; load up 64-bit value (fr8L) ht(L)/lt(R) - XMPYU fht_0,fw_l,fm1 ; m1[0] = fht_0*fw_l - XMPYU fht_1,fw_l,fm1_1 ; m1[1] = ht*fw_l - - FSTD fm1,-16(%sp) ; -16(sp) = m1 - FSTD fm1_1,-48(%sp) ; -48(sp) = m1 - XMPYU flt_0,fw_h,fm ; m = lt*fw_h - XMPYU flt_1,fw_h,fm_1 ; m = lt*fw_h - - FSTD fm,-8(%sp) ; -8(sp) = m - FSTD fm_1,-40(%sp) ; -40(sp) = m - XMPYU fht_0,fw_h,ht_temp ; ht_temp = fht_0*fw_h - XMPYU fht_1,fw_h,ht_temp_1 ; ht_temp = ht*fw_h - - FSTD ht_temp,-24(%sp) ; -24(sp) = ht - FSTD ht_temp_1,-56(%sp) ; -56(sp) = ht - XMPYU flt_0,fw_l,lt_temp ; lt_temp = lt*fw_l - XMPYU flt_1,fw_l,lt_temp_1 ; lt_temp = lt*fw_l - - FSTD lt_temp,-32(%sp) ; -32(sp) = lt - FSTD lt_temp_1,-64(%sp) ; -64(sp) = lt - LDD -8(%sp),m_0 - LDD -40(%sp),m_1 - - LDD -16(%sp),m1_0 - LDD -48(%sp),m1_1 - LDD -24(%sp),ht_0 - LDD -56(%sp),ht_1 - - ADD,L m1_0,m_0,tmp_0 ; tmp_0 = m + m1; - ADD,L m1_1,m_1,tmp_1 ; tmp_1 = m + m1; - LDD -32(%sp),lt_0 - LDD -64(%sp),lt_1 - - CMPCLR,*>>= tmp_0,m1_0, %r0 ; if (m < m1) - ADD,L ht_0,top_overflow,ht_0 ; ht += (1<<32) - CMPCLR,*>>= tmp_1,m1_1,%r0 ; if (m < m1) - ADD,L ht_1,top_overflow,ht_1 ; ht += (1<<32) - - EXTRD,U tmp_0,31,32,m_0 ; m>>32 - DEPD,Z tmp_0,31,32,m1_0 ; m1 = m<<32 - EXTRD,U tmp_1,31,32,m_1 ; m>>32 - DEPD,Z tmp_1,31,32,m1_1 ; m1 = m<<32 - - ADD,L ht_0,m_0,ht_0 ; ht+= (m>>32) - ADD,L ht_1,m_1,ht_1 ; ht+= (m>>32) - ADD lt_0,m1_0,lt_0 ; lt = lt+m1; - ADD,DC ht_0,%r0,ht_0 ; ht++ - - ADD lt_1,m1_1,lt_1 ; lt = lt+m1; - ADD,DC ht_1,%r0,ht_1 ; ht++ - ADD %ret1,lt_0,lt_0 ; lt = lt + c (ret1); - ADD,DC ht_0,%r0,ht_0 ; ht++ - - ADD ht_0,lt_1,lt_1 ; lt = lt + c (ht_0) - ADD,DC ht_1,%r0,ht_1 ; ht++ - STD lt_0,0(r_ptr) ; rp[0] = lt - STD lt_1,8(r_ptr) ; rp[1] = lt - - COPY ht_1,%ret1 ; carry = ht - LDO -2(num),num ; num = num - 2; - LDO 16(a_ptr),a_ptr ; ap += 2 - CMPIB,<= 2,num,bn_mul_words_unroll2 - LDO 16(r_ptr),r_ptr ; rp++ - - CMPIB,=,N 0,num,bn_mul_words_exit ; are we done? - - ; - ; Top of loop aligned on 64-byte boundary - ; -bn_mul_words_single_top - FLDD 0(a_ptr),t_float_0 ; load up 64-bit value (fr8L) ht(L)/lt(R) - - XMPYU fht_0,fw_l,fm1 ; m1 = ht*fw_l - FSTD fm1,-16(%sp) ; -16(sp) = m1 - XMPYU flt_0,fw_h,fm ; m = lt*fw_h - FSTD fm,-8(%sp) ; -8(sp) = m - XMPYU fht_0,fw_h,ht_temp ; ht_temp = ht*fw_h - FSTD ht_temp,-24(%sp) ; -24(sp) = ht - XMPYU flt_0,fw_l,lt_temp ; lt_temp = lt*fw_l - FSTD lt_temp,-32(%sp) ; -32(sp) = lt - - LDD -8(%sp),m_0 - LDD -16(%sp),m1_0 - ADD,L m_0,m1_0,tmp_0 ; tmp_0 = m + m1; - LDD -24(%sp),ht_0 - LDD -32(%sp),lt_0 - - CMPCLR,*>>= tmp_0,m1_0,%r0 ; if (m < m1) - ADD,L ht_0,top_overflow,ht_0 ; ht += (1<<32) - - EXTRD,U tmp_0,31,32,m_0 ; m>>32 - DEPD,Z tmp_0,31,32,m1_0 ; m1 = m<<32 - - ADD,L ht_0,m_0,ht_0 ; ht+= (m>>32) - ADD lt_0,m1_0,lt_0 ; lt= lt+m1; - ADD,DC ht_0,%r0,ht_0 ; ht++ - - ADD %ret1,lt_0,lt_0 ; lt = lt + c; - ADD,DC ht_0,%r0,ht_0 ; ht++ - - COPY ht_0,%ret1 ; copy carry - STD lt_0,0(r_ptr) ; rp[0] = lt - -bn_mul_words_exit - .EXIT - EXTRD,U %ret1,31,32,%ret0 ; for 32-bit, return in ret0/ret1 - LDD -96(%sp),%r7 ; restore r7 - LDD -104(%sp),%r6 ; restore r6 - LDD -112(%sp),%r5 ; restore r5 - LDD -120(%sp),%r4 ; restore r4 - BVE (%rp) - LDD,MB -128(%sp),%r3 ; restore r3 - .PROCEND - -;---------------------------------------------------------------------------- -; -;void bn_sqr_words(BN_ULONG *rp, BN_ULONG *ap, int num) -; -; arg0 = rp -; arg1 = ap -; arg2 = num -; - -bn_sqr_words - .proc - .callinfo FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE - .EXPORT bn_sqr_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN - .entry - .align 64 - - STD %r3,0(%sp) ; save r3 - STD %r4,8(%sp) ; save r4 - NOP - STD %r5,16(%sp) ; save r5 - - CMPIB,>= 0,num,bn_sqr_words_exit - LDO 128(%sp),%sp ; bump stack - - ; - ; If only 1, the goto straight to cleanup - ; - CMPIB,= 1,num,bn_sqr_words_single_top - DEPDI,Z -1,32,33,high_mask ; Create Mask 0xffffffff80000000L - - ; - ; This loop is unrolled 2 times (64-byte aligned as well) - ; - -bn_sqr_words_unroll2 - FLDD 0(a_ptr),t_float_0 ; a[0] - FLDD 8(a_ptr),t_float_1 ; a[1] - XMPYU fht_0,flt_0,fm ; m[0] - XMPYU fht_1,flt_1,fm_1 ; m[1] - - FSTD fm,-24(%sp) ; store m[0] - FSTD fm_1,-56(%sp) ; store m[1] - XMPYU flt_0,flt_0,lt_temp ; lt[0] - XMPYU flt_1,flt_1,lt_temp_1 ; lt[1] - - FSTD lt_temp,-16(%sp) ; store lt[0] - FSTD lt_temp_1,-48(%sp) ; store lt[1] - XMPYU fht_0,fht_0,ht_temp ; ht[0] - XMPYU fht_1,fht_1,ht_temp_1 ; ht[1] - - FSTD ht_temp,-8(%sp) ; store ht[0] - FSTD ht_temp_1,-40(%sp) ; store ht[1] - LDD -24(%sp),m_0 - LDD -56(%sp),m_1 - - AND m_0,high_mask,tmp_0 ; m[0] & Mask - AND m_1,high_mask,tmp_1 ; m[1] & Mask - DEPD,Z m_0,30,31,m_0 ; m[0] << 32+1 - DEPD,Z m_1,30,31,m_1 ; m[1] << 32+1 - - LDD -16(%sp),lt_0 - LDD -48(%sp),lt_1 - EXTRD,U tmp_0,32,33,tmp_0 ; tmp_0 = m[0]&Mask >> 32-1 - EXTRD,U tmp_1,32,33,tmp_1 ; tmp_1 = m[1]&Mask >> 32-1 - - LDD -8(%sp),ht_0 - LDD -40(%sp),ht_1 - ADD,L ht_0,tmp_0,ht_0 ; ht[0] += tmp_0 - ADD,L ht_1,tmp_1,ht_1 ; ht[1] += tmp_1 - - ADD lt_0,m_0,lt_0 ; lt = lt+m - ADD,DC ht_0,%r0,ht_0 ; ht[0]++ - STD lt_0,0(r_ptr) ; rp[0] = lt[0] - STD ht_0,8(r_ptr) ; rp[1] = ht[1] - - ADD lt_1,m_1,lt_1 ; lt = lt+m - ADD,DC ht_1,%r0,ht_1 ; ht[1]++ - STD lt_1,16(r_ptr) ; rp[2] = lt[1] - STD ht_1,24(r_ptr) ; rp[3] = ht[1] - - LDO -2(num),num ; num = num - 2; - LDO 16(a_ptr),a_ptr ; ap += 2 - CMPIB,<= 2,num,bn_sqr_words_unroll2 - LDO 32(r_ptr),r_ptr ; rp += 4 - - CMPIB,=,N 0,num,bn_sqr_words_exit ; are we done? - - ; - ; Top of loop aligned on 64-byte boundary - ; -bn_sqr_words_single_top - FLDD 0(a_ptr),t_float_0 ; load up 64-bit value (fr8L) ht(L)/lt(R) - - XMPYU fht_0,flt_0,fm ; m - FSTD fm,-24(%sp) ; store m - - XMPYU flt_0,flt_0,lt_temp ; lt - FSTD lt_temp,-16(%sp) ; store lt - - XMPYU fht_0,fht_0,ht_temp ; ht - FSTD ht_temp,-8(%sp) ; store ht - - LDD -24(%sp),m_0 ; load m - AND m_0,high_mask,tmp_0 ; m & Mask - DEPD,Z m_0,30,31,m_0 ; m << 32+1 - LDD -16(%sp),lt_0 ; lt - - LDD -8(%sp),ht_0 ; ht - EXTRD,U tmp_0,32,33,tmp_0 ; tmp_0 = m&Mask >> 32-1 - ADD m_0,lt_0,lt_0 ; lt = lt+m - ADD,L ht_0,tmp_0,ht_0 ; ht += tmp_0 - ADD,DC ht_0,%r0,ht_0 ; ht++ - - STD lt_0,0(r_ptr) ; rp[0] = lt - STD ht_0,8(r_ptr) ; rp[1] = ht - -bn_sqr_words_exit - .EXIT - LDD -112(%sp),%r5 ; restore r5 - LDD -120(%sp),%r4 ; restore r4 - BVE (%rp) - LDD,MB -128(%sp),%r3 - .PROCEND ;in=23,24,25,26,29;out=28; - - -;---------------------------------------------------------------------------- -; -;BN_ULONG bn_add_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n) -; -; arg0 = rp -; arg1 = ap -; arg2 = bp -; arg3 = n - -t .reg %r22 -b .reg %r21 -l .reg %r20 - -bn_add_words - .proc - .entry - .callinfo - .EXPORT bn_add_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN - .align 64 - - CMPIB,>= 0,n,bn_add_words_exit - COPY %r0,%ret1 ; return 0 by default - - ; - ; If 2 or more numbers do the loop - ; - CMPIB,= 1,n,bn_add_words_single_top - NOP - - ; - ; This loop is unrolled 2 times (64-byte aligned as well) - ; -bn_add_words_unroll2 - LDD 0(a_ptr),t - LDD 0(b_ptr),b - ADD t,%ret1,t ; t = t+c; - ADD,DC %r0,%r0,%ret1 ; set c to carry - ADD t,b,l ; l = t + b[0] - ADD,DC %ret1,%r0,%ret1 ; c+= carry - STD l,0(r_ptr) - - LDD 8(a_ptr),t - LDD 8(b_ptr),b - ADD t,%ret1,t ; t = t+c; - ADD,DC %r0,%r0,%ret1 ; set c to carry - ADD t,b,l ; l = t + b[0] - ADD,DC %ret1,%r0,%ret1 ; c+= carry - STD l,8(r_ptr) - - LDO -2(n),n - LDO 16(a_ptr),a_ptr - LDO 16(b_ptr),b_ptr - - CMPIB,<= 2,n,bn_add_words_unroll2 - LDO 16(r_ptr),r_ptr - - CMPIB,=,N 0,n,bn_add_words_exit ; are we done? - -bn_add_words_single_top - LDD 0(a_ptr),t - LDD 0(b_ptr),b - - ADD t,%ret1,t ; t = t+c; - ADD,DC %r0,%r0,%ret1 ; set c to carry (could use CMPCLR??) - ADD t,b,l ; l = t + b[0] - ADD,DC %ret1,%r0,%ret1 ; c+= carry - STD l,0(r_ptr) - -bn_add_words_exit - .EXIT - BVE (%rp) - EXTRD,U %ret1,31,32,%ret0 ; for 32-bit, return in ret0/ret1 - .PROCEND ;in=23,24,25,26,29;out=28; - -;---------------------------------------------------------------------------- -; -;BN_ULONG bn_sub_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n) -; -; arg0 = rp -; arg1 = ap -; arg2 = bp -; arg3 = n - -t1 .reg %r22 -t2 .reg %r21 -sub_tmp1 .reg %r20 -sub_tmp2 .reg %r19 - - -bn_sub_words - .proc - .callinfo - .EXPORT bn_sub_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN - .entry - .align 64 - - CMPIB,>= 0,n,bn_sub_words_exit - COPY %r0,%ret1 ; return 0 by default - - ; - ; If 2 or more numbers do the loop - ; - CMPIB,= 1,n,bn_sub_words_single_top - NOP - - ; - ; This loop is unrolled 2 times (64-byte aligned as well) - ; -bn_sub_words_unroll2 - LDD 0(a_ptr),t1 - LDD 0(b_ptr),t2 - SUB t1,t2,sub_tmp1 ; t3 = t1-t2; - SUB sub_tmp1,%ret1,sub_tmp1 ; t3 = t3- c; - - CMPCLR,*>> t1,t2,sub_tmp2 ; clear if t1 > t2 - LDO 1(%r0),sub_tmp2 - - CMPCLR,*= t1,t2,%r0 - COPY sub_tmp2,%ret1 - STD sub_tmp1,0(r_ptr) - - LDD 8(a_ptr),t1 - LDD 8(b_ptr),t2 - SUB t1,t2,sub_tmp1 ; t3 = t1-t2; - SUB sub_tmp1,%ret1,sub_tmp1 ; t3 = t3- c; - CMPCLR,*>> t1,t2,sub_tmp2 ; clear if t1 > t2 - LDO 1(%r0),sub_tmp2 - - CMPCLR,*= t1,t2,%r0 - COPY sub_tmp2,%ret1 - STD sub_tmp1,8(r_ptr) - - LDO -2(n),n - LDO 16(a_ptr),a_ptr - LDO 16(b_ptr),b_ptr - - CMPIB,<= 2,n,bn_sub_words_unroll2 - LDO 16(r_ptr),r_ptr - - CMPIB,=,N 0,n,bn_sub_words_exit ; are we done? - -bn_sub_words_single_top - LDD 0(a_ptr),t1 - LDD 0(b_ptr),t2 - SUB t1,t2,sub_tmp1 ; t3 = t1-t2; - SUB sub_tmp1,%ret1,sub_tmp1 ; t3 = t3- c; - CMPCLR,*>> t1,t2,sub_tmp2 ; clear if t1 > t2 - LDO 1(%r0),sub_tmp2 - - CMPCLR,*= t1,t2,%r0 - COPY sub_tmp2,%ret1 - - STD sub_tmp1,0(r_ptr) - -bn_sub_words_exit - .EXIT - BVE (%rp) - EXTRD,U %ret1,31,32,%ret0 ; for 32-bit, return in ret0/ret1 - .PROCEND ;in=23,24,25,26,29;out=28; - -;------------------------------------------------------------------------------ -; -; unsigned long bn_div_words(unsigned long h, unsigned long l, unsigned long d) -; -; arg0 = h -; arg1 = l -; arg2 = d -; -; This is mainly just output from the HP C compiler. -; -;------------------------------------------------------------------------------ -bn_div_words - .PROC - .EXPORT bn_div_words,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,RTNVAL=GR,LONG_RETURN - .IMPORT BN_num_bits_word,CODE - .IMPORT __iob,DATA - .IMPORT fprintf,CODE - .IMPORT abort,CODE - .IMPORT $$div2U,MILLICODE - .CALLINFO CALLER,FRAME=144,ENTRY_GR=%r9,SAVE_RP,ARGS_SAVED,ORDERING_AWARE - .ENTRY - STW %r2,-20(%r30) ;offset 0x8ec - STW,MA %r3,192(%r30) ;offset 0x8f0 - STW %r4,-188(%r30) ;offset 0x8f4 - DEPD %r5,31,32,%r6 ;offset 0x8f8 - STD %r6,-184(%r30) ;offset 0x8fc - DEPD %r7,31,32,%r8 ;offset 0x900 - STD %r8,-176(%r30) ;offset 0x904 - STW %r9,-168(%r30) ;offset 0x908 - LDD -248(%r30),%r3 ;offset 0x90c - COPY %r26,%r4 ;offset 0x910 - COPY %r24,%r5 ;offset 0x914 - DEPD %r25,31,32,%r4 ;offset 0x918 - CMPB,*<> %r3,%r0,$0006000C ;offset 0x91c - DEPD %r23,31,32,%r5 ;offset 0x920 - MOVIB,TR -1,%r29,$00060002 ;offset 0x924 - EXTRD,U %r29,31,32,%r28 ;offset 0x928 -$0006002A - LDO -1(%r29),%r29 ;offset 0x92c - SUB %r23,%r7,%r23 ;offset 0x930 -$00060024 - SUB %r4,%r31,%r25 ;offset 0x934 - AND %r25,%r19,%r26 ;offset 0x938 - CMPB,*<>,N %r0,%r26,$00060046 ;offset 0x93c - DEPD,Z %r25,31,32,%r20 ;offset 0x940 - OR %r20,%r24,%r21 ;offset 0x944 - CMPB,*<<,N %r21,%r23,$0006002A ;offset 0x948 - SUB %r31,%r2,%r31 ;offset 0x94c -$00060046 -$0006002E - DEPD,Z %r23,31,32,%r25 ;offset 0x950 - EXTRD,U %r23,31,32,%r26 ;offset 0x954 - AND %r25,%r19,%r24 ;offset 0x958 - ADD,L %r31,%r26,%r31 ;offset 0x95c - CMPCLR,*>>= %r5,%r24,%r0 ;offset 0x960 - LDO 1(%r31),%r31 ;offset 0x964 -$00060032 - CMPB,*<<=,N %r31,%r4,$00060036 ;offset 0x968 - LDO -1(%r29),%r29 ;offset 0x96c - ADD,L %r4,%r3,%r4 ;offset 0x970 -$00060036 - ADDIB,=,N -1,%r8,$D0 ;offset 0x974 - SUB %r5,%r24,%r28 ;offset 0x978 -$0006003A - SUB %r4,%r31,%r24 ;offset 0x97c - SHRPD %r24,%r28,32,%r4 ;offset 0x980 - DEPD,Z %r29,31,32,%r9 ;offset 0x984 - DEPD,Z %r28,31,32,%r5 ;offset 0x988 -$0006001C - EXTRD,U %r4,31,32,%r31 ;offset 0x98c - CMPB,*<>,N %r31,%r2,$00060020 ;offset 0x990 - MOVB,TR %r6,%r29,$D1 ;offset 0x994 - STD %r29,-152(%r30) ;offset 0x998 -$0006000C - EXTRD,U %r3,31,32,%r25 ;offset 0x99c - COPY %r3,%r26 ;offset 0x9a0 - EXTRD,U %r3,31,32,%r9 ;offset 0x9a4 - EXTRD,U %r4,31,32,%r8 ;offset 0x9a8 - .CALL ARGW0=GR,ARGW1=GR,RTNVAL=GR ;in=25,26;out=28; - B,L BN_num_bits_word,%r2 ;offset 0x9ac - EXTRD,U %r5,31,32,%r7 ;offset 0x9b0 - LDI 64,%r20 ;offset 0x9b4 - DEPD %r7,31,32,%r5 ;offset 0x9b8 - DEPD %r8,31,32,%r4 ;offset 0x9bc - DEPD %r9,31,32,%r3 ;offset 0x9c0 - CMPB,= %r28,%r20,$00060012 ;offset 0x9c4 - COPY %r28,%r24 ;offset 0x9c8 - MTSARCM %r24 ;offset 0x9cc - DEPDI,Z -1,%sar,1,%r19 ;offset 0x9d0 - CMPB,*>>,N %r4,%r19,$D2 ;offset 0x9d4 -$00060012 - SUBI 64,%r24,%r31 ;offset 0x9d8 - CMPCLR,*<< %r4,%r3,%r0 ;offset 0x9dc - SUB %r4,%r3,%r4 ;offset 0x9e0 -$00060016 - CMPB,= %r31,%r0,$0006001A ;offset 0x9e4 - COPY %r0,%r9 ;offset 0x9e8 - MTSARCM %r31 ;offset 0x9ec - DEPD,Z %r3,%sar,64,%r3 ;offset 0x9f0 - SUBI 64,%r31,%r26 ;offset 0x9f4 - MTSAR %r26 ;offset 0x9f8 - SHRPD %r4,%r5,%sar,%r4 ;offset 0x9fc - MTSARCM %r31 ;offset 0xa00 - DEPD,Z %r5,%sar,64,%r5 ;offset 0xa04 -$0006001A - DEPDI,Z -1,31,32,%r19 ;offset 0xa08 - AND %r3,%r19,%r29 ;offset 0xa0c - EXTRD,U %r29,31,32,%r2 ;offset 0xa10 - DEPDI,Z -1,63,32,%r6 ;offset 0xa14 - MOVIB,TR 2,%r8,$0006001C ;offset 0xa18 - EXTRD,U %r3,63,32,%r7 ;offset 0xa1c -$D2 - ADDIL LR'__iob-$global$,%r27,%r1 ;offset 0xa20 - LDIL LR'C$7,%r21 ;offset 0xa24 - LDO RR'__iob-$global$+32(%r1),%r26 ;offset 0xa28 - .CALL ARGW0=GR,ARGW1=GR,ARGW2=GR,RTNVAL=GR ;in=24,25,26;out=28; - B,L fprintf,%r2 ;offset 0xa2c - LDO RR'C$7(%r21),%r25 ;offset 0xa30 - .CALL ; - B,L abort,%r2 ;offset 0xa34 - NOP ;offset 0xa38 - B $D3 ;offset 0xa3c - LDW -212(%r30),%r2 ;offset 0xa40 -$00060020 - COPY %r4,%r26 ;offset 0xa44 - EXTRD,U %r4,31,32,%r25 ;offset 0xa48 - COPY %r2,%r24 ;offset 0xa4c - .CALL ;in=23,24,25,26;out=20,21,22,28,29; (MILLICALL) - B,L $$div2U,%r31 ;offset 0xa50 - EXTRD,U %r2,31,32,%r23 ;offset 0xa54 - DEPD %r28,31,32,%r29 ;offset 0xa58 -$00060022 - STD %r29,-152(%r30) ;offset 0xa5c -$D1 - AND %r5,%r19,%r24 ;offset 0xa60 - EXTRD,U %r24,31,32,%r24 ;offset 0xa64 - STW %r2,-160(%r30) ;offset 0xa68 - STW %r7,-128(%r30) ;offset 0xa6c - FLDD -152(%r30),%fr4 ;offset 0xa70 - FLDD -152(%r30),%fr7 ;offset 0xa74 - FLDW -160(%r30),%fr8L ;offset 0xa78 - FLDW -128(%r30),%fr5L ;offset 0xa7c - XMPYU %fr8L,%fr7L,%fr10 ;offset 0xa80 - FSTD %fr10,-136(%r30) ;offset 0xa84 - XMPYU %fr8L,%fr7R,%fr22 ;offset 0xa88 - FSTD %fr22,-144(%r30) ;offset 0xa8c - XMPYU %fr5L,%fr4L,%fr11 ;offset 0xa90 - XMPYU %fr5L,%fr4R,%fr23 ;offset 0xa94 - FSTD %fr11,-112(%r30) ;offset 0xa98 - FSTD %fr23,-120(%r30) ;offset 0xa9c - LDD -136(%r30),%r28 ;offset 0xaa0 - DEPD,Z %r28,31,32,%r31 ;offset 0xaa4 - LDD -144(%r30),%r20 ;offset 0xaa8 - ADD,L %r20,%r31,%r31 ;offset 0xaac - LDD -112(%r30),%r22 ;offset 0xab0 - DEPD,Z %r22,31,32,%r22 ;offset 0xab4 - LDD -120(%r30),%r21 ;offset 0xab8 - B $00060024 ;offset 0xabc - ADD,L %r21,%r22,%r23 ;offset 0xac0 -$D0 - OR %r9,%r29,%r29 ;offset 0xac4 -$00060040 - EXTRD,U %r29,31,32,%r28 ;offset 0xac8 -$00060002 -$L2 - LDW -212(%r30),%r2 ;offset 0xacc -$D3 - LDW -168(%r30),%r9 ;offset 0xad0 - LDD -176(%r30),%r8 ;offset 0xad4 - EXTRD,U %r8,31,32,%r7 ;offset 0xad8 - LDD -184(%r30),%r6 ;offset 0xadc - EXTRD,U %r6,31,32,%r5 ;offset 0xae0 - LDW -188(%r30),%r4 ;offset 0xae4 - BVE (%r2) ;offset 0xae8 - .EXIT - LDW,MB -192(%r30),%r3 ;offset 0xaec - .PROCEND ;in=23,25;out=28,29;fpin=105,107; - - - - -;---------------------------------------------------------------------------- -; -; Registers to hold 64-bit values to manipulate. The "L" part -; of the register corresponds to the upper 32-bits, while the "R" -; part corresponds to the lower 32-bits -; -; Note, that when using b6 and b7, the code must save these before -; using them because they are callee save registers -; -; -; Floating point registers to use to save values that -; are manipulated. These don't collide with ftemp1-6 and -; are all caller save registers -; -a0 .reg %fr22 -a0L .reg %fr22L -a0R .reg %fr22R - -a1 .reg %fr23 -a1L .reg %fr23L -a1R .reg %fr23R - -a2 .reg %fr24 -a2L .reg %fr24L -a2R .reg %fr24R - -a3 .reg %fr25 -a3L .reg %fr25L -a3R .reg %fr25R - -a4 .reg %fr26 -a4L .reg %fr26L -a4R .reg %fr26R - -a5 .reg %fr27 -a5L .reg %fr27L -a5R .reg %fr27R - -a6 .reg %fr28 -a6L .reg %fr28L -a6R .reg %fr28R - -a7 .reg %fr29 -a7L .reg %fr29L -a7R .reg %fr29R - -b0 .reg %fr30 -b0L .reg %fr30L -b0R .reg %fr30R - -b1 .reg %fr31 -b1L .reg %fr31L -b1R .reg %fr31R - -; -; Temporary floating point variables, these are all caller save -; registers -; -ftemp1 .reg %fr4 -ftemp2 .reg %fr5 -ftemp3 .reg %fr6 -ftemp4 .reg %fr7 - -; -; The B set of registers when used. -; - -b2 .reg %fr8 -b2L .reg %fr8L -b2R .reg %fr8R - -b3 .reg %fr9 -b3L .reg %fr9L -b3R .reg %fr9R - -b4 .reg %fr10 -b4L .reg %fr10L -b4R .reg %fr10R - -b5 .reg %fr11 -b5L .reg %fr11L -b5R .reg %fr11R - -b6 .reg %fr12 -b6L .reg %fr12L -b6R .reg %fr12R - -b7 .reg %fr13 -b7L .reg %fr13L -b7R .reg %fr13R - -c1 .reg %r21 ; only reg -temp1 .reg %r20 ; only reg -temp2 .reg %r19 ; only reg -temp3 .reg %r31 ; only reg - -m1 .reg %r28 -c2 .reg %r23 -high_one .reg %r1 -ht .reg %r6 -lt .reg %r5 -m .reg %r4 -c3 .reg %r3 - -SQR_ADD_C .macro A0L,A0R,C1,C2,C3 - XMPYU A0L,A0R,ftemp1 ; m - FSTD ftemp1,-24(%sp) ; store m - - XMPYU A0R,A0R,ftemp2 ; lt - FSTD ftemp2,-16(%sp) ; store lt - - XMPYU A0L,A0L,ftemp3 ; ht - FSTD ftemp3,-8(%sp) ; store ht - - LDD -24(%sp),m ; load m - AND m,high_mask,temp2 ; m & Mask - DEPD,Z m,30,31,temp3 ; m << 32+1 - LDD -16(%sp),lt ; lt - - LDD -8(%sp),ht ; ht - EXTRD,U temp2,32,33,temp1 ; temp1 = m&Mask >> 32-1 - ADD temp3,lt,lt ; lt = lt+m - ADD,L ht,temp1,ht ; ht += temp1 - ADD,DC ht,%r0,ht ; ht++ - - ADD C1,lt,C1 ; c1=c1+lt - ADD,DC ht,%r0,ht ; ht++ - - ADD C2,ht,C2 ; c2=c2+ht - ADD,DC C3,%r0,C3 ; c3++ -.endm - -SQR_ADD_C2 .macro A0L,A0R,A1L,A1R,C1,C2,C3 - XMPYU A0L,A1R,ftemp1 ; m1 = bl*ht - FSTD ftemp1,-16(%sp) ; - XMPYU A0R,A1L,ftemp2 ; m = bh*lt - FSTD ftemp2,-8(%sp) ; - XMPYU A0R,A1R,ftemp3 ; lt = bl*lt - FSTD ftemp3,-32(%sp) - XMPYU A0L,A1L,ftemp4 ; ht = bh*ht - FSTD ftemp4,-24(%sp) ; - - LDD -8(%sp),m ; r21 = m - LDD -16(%sp),m1 ; r19 = m1 - ADD,L m,m1,m ; m+m1 - - DEPD,Z m,31,32,temp3 ; (m+m1<<32) - LDD -24(%sp),ht ; r24 = ht - - CMPCLR,*>>= m,m1,%r0 ; if (m < m1) - ADD,L ht,high_one,ht ; ht+=high_one - - EXTRD,U m,31,32,temp1 ; m >> 32 - LDD -32(%sp),lt ; lt - ADD,L ht,temp1,ht ; ht+= m>>32 - ADD lt,temp3,lt ; lt = lt+m1 - ADD,DC ht,%r0,ht ; ht++ - - ADD ht,ht,ht ; ht=ht+ht; - ADD,DC C3,%r0,C3 ; add in carry (c3++) - - ADD lt,lt,lt ; lt=lt+lt; - ADD,DC ht,%r0,ht ; add in carry (ht++) - - ADD C1,lt,C1 ; c1=c1+lt - ADD,DC,*NUV ht,%r0,ht ; add in carry (ht++) - LDO 1(C3),C3 ; bump c3 if overflow,nullify otherwise - - ADD C2,ht,C2 ; c2 = c2 + ht - ADD,DC C3,%r0,C3 ; add in carry (c3++) -.endm - -; -;void bn_sqr_comba8(BN_ULONG *r, BN_ULONG *a) -; arg0 = r_ptr -; arg1 = a_ptr -; - -bn_sqr_comba8 - .PROC - .CALLINFO FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE - .EXPORT bn_sqr_comba8,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN - .ENTRY - .align 64 - - STD %r3,0(%sp) ; save r3 - STD %r4,8(%sp) ; save r4 - STD %r5,16(%sp) ; save r5 - STD %r6,24(%sp) ; save r6 - - ; - ; Zero out carries - ; - COPY %r0,c1 - COPY %r0,c2 - COPY %r0,c3 - - LDO 128(%sp),%sp ; bump stack - DEPDI,Z -1,32,33,high_mask ; Create Mask 0xffffffff80000000L - DEPDI,Z 1,31,1,high_one ; Create Value 1 << 32 - - ; - ; Load up all of the values we are going to use - ; - FLDD 0(a_ptr),a0 - FLDD 8(a_ptr),a1 - FLDD 16(a_ptr),a2 - FLDD 24(a_ptr),a3 - FLDD 32(a_ptr),a4 - FLDD 40(a_ptr),a5 - FLDD 48(a_ptr),a6 - FLDD 56(a_ptr),a7 - - SQR_ADD_C a0L,a0R,c1,c2,c3 - STD c1,0(r_ptr) ; r[0] = c1; - COPY %r0,c1 - - SQR_ADD_C2 a1L,a1R,a0L,a0R,c2,c3,c1 - STD c2,8(r_ptr) ; r[1] = c2; - COPY %r0,c2 - - SQR_ADD_C a1L,a1R,c3,c1,c2 - SQR_ADD_C2 a2L,a2R,a0L,a0R,c3,c1,c2 - STD c3,16(r_ptr) ; r[2] = c3; - COPY %r0,c3 - - SQR_ADD_C2 a3L,a3R,a0L,a0R,c1,c2,c3 - SQR_ADD_C2 a2L,a2R,a1L,a1R,c1,c2,c3 - STD c1,24(r_ptr) ; r[3] = c1; - COPY %r0,c1 - - SQR_ADD_C a2L,a2R,c2,c3,c1 - SQR_ADD_C2 a3L,a3R,a1L,a1R,c2,c3,c1 - SQR_ADD_C2 a4L,a4R,a0L,a0R,c2,c3,c1 - STD c2,32(r_ptr) ; r[4] = c2; - COPY %r0,c2 - - SQR_ADD_C2 a5L,a5R,a0L,a0R,c3,c1,c2 - SQR_ADD_C2 a4L,a4R,a1L,a1R,c3,c1,c2 - SQR_ADD_C2 a3L,a3R,a2L,a2R,c3,c1,c2 - STD c3,40(r_ptr) ; r[5] = c3; - COPY %r0,c3 - - SQR_ADD_C a3L,a3R,c1,c2,c3 - SQR_ADD_C2 a4L,a4R,a2L,a2R,c1,c2,c3 - SQR_ADD_C2 a5L,a5R,a1L,a1R,c1,c2,c3 - SQR_ADD_C2 a6L,a6R,a0L,a0R,c1,c2,c3 - STD c1,48(r_ptr) ; r[6] = c1; - COPY %r0,c1 - - SQR_ADD_C2 a7L,a7R,a0L,a0R,c2,c3,c1 - SQR_ADD_C2 a6L,a6R,a1L,a1R,c2,c3,c1 - SQR_ADD_C2 a5L,a5R,a2L,a2R,c2,c3,c1 - SQR_ADD_C2 a4L,a4R,a3L,a3R,c2,c3,c1 - STD c2,56(r_ptr) ; r[7] = c2; - COPY %r0,c2 - - SQR_ADD_C a4L,a4R,c3,c1,c2 - SQR_ADD_C2 a5L,a5R,a3L,a3R,c3,c1,c2 - SQR_ADD_C2 a6L,a6R,a2L,a2R,c3,c1,c2 - SQR_ADD_C2 a7L,a7R,a1L,a1R,c3,c1,c2 - STD c3,64(r_ptr) ; r[8] = c3; - COPY %r0,c3 - - SQR_ADD_C2 a7L,a7R,a2L,a2R,c1,c2,c3 - SQR_ADD_C2 a6L,a6R,a3L,a3R,c1,c2,c3 - SQR_ADD_C2 a5L,a5R,a4L,a4R,c1,c2,c3 - STD c1,72(r_ptr) ; r[9] = c1; - COPY %r0,c1 - - SQR_ADD_C a5L,a5R,c2,c3,c1 - SQR_ADD_C2 a6L,a6R,a4L,a4R,c2,c3,c1 - SQR_ADD_C2 a7L,a7R,a3L,a3R,c2,c3,c1 - STD c2,80(r_ptr) ; r[10] = c2; - COPY %r0,c2 - - SQR_ADD_C2 a7L,a7R,a4L,a4R,c3,c1,c2 - SQR_ADD_C2 a6L,a6R,a5L,a5R,c3,c1,c2 - STD c3,88(r_ptr) ; r[11] = c3; - COPY %r0,c3 - - SQR_ADD_C a6L,a6R,c1,c2,c3 - SQR_ADD_C2 a7L,a7R,a5L,a5R,c1,c2,c3 - STD c1,96(r_ptr) ; r[12] = c1; - COPY %r0,c1 - - SQR_ADD_C2 a7L,a7R,a6L,a6R,c2,c3,c1 - STD c2,104(r_ptr) ; r[13] = c2; - COPY %r0,c2 - - SQR_ADD_C a7L,a7R,c3,c1,c2 - STD c3, 112(r_ptr) ; r[14] = c3 - STD c1, 120(r_ptr) ; r[15] = c1 - - .EXIT - LDD -104(%sp),%r6 ; restore r6 - LDD -112(%sp),%r5 ; restore r5 - LDD -120(%sp),%r4 ; restore r4 - BVE (%rp) - LDD,MB -128(%sp),%r3 - - .PROCEND - -;----------------------------------------------------------------------------- -; -;void bn_sqr_comba4(BN_ULONG *r, BN_ULONG *a) -; arg0 = r_ptr -; arg1 = a_ptr -; - -bn_sqr_comba4 - .proc - .callinfo FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE - .EXPORT bn_sqr_comba4,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN - .entry - .align 64 - STD %r3,0(%sp) ; save r3 - STD %r4,8(%sp) ; save r4 - STD %r5,16(%sp) ; save r5 - STD %r6,24(%sp) ; save r6 - - ; - ; Zero out carries - ; - COPY %r0,c1 - COPY %r0,c2 - COPY %r0,c3 - - LDO 128(%sp),%sp ; bump stack - DEPDI,Z -1,32,33,high_mask ; Create Mask 0xffffffff80000000L - DEPDI,Z 1,31,1,high_one ; Create Value 1 << 32 - - ; - ; Load up all of the values we are going to use - ; - FLDD 0(a_ptr),a0 - FLDD 8(a_ptr),a1 - FLDD 16(a_ptr),a2 - FLDD 24(a_ptr),a3 - FLDD 32(a_ptr),a4 - FLDD 40(a_ptr),a5 - FLDD 48(a_ptr),a6 - FLDD 56(a_ptr),a7 - - SQR_ADD_C a0L,a0R,c1,c2,c3 - - STD c1,0(r_ptr) ; r[0] = c1; - COPY %r0,c1 - - SQR_ADD_C2 a1L,a1R,a0L,a0R,c2,c3,c1 - - STD c2,8(r_ptr) ; r[1] = c2; - COPY %r0,c2 - - SQR_ADD_C a1L,a1R,c3,c1,c2 - SQR_ADD_C2 a2L,a2R,a0L,a0R,c3,c1,c2 - - STD c3,16(r_ptr) ; r[2] = c3; - COPY %r0,c3 - - SQR_ADD_C2 a3L,a3R,a0L,a0R,c1,c2,c3 - SQR_ADD_C2 a2L,a2R,a1L,a1R,c1,c2,c3 - - STD c1,24(r_ptr) ; r[3] = c1; - COPY %r0,c1 - - SQR_ADD_C a2L,a2R,c2,c3,c1 - SQR_ADD_C2 a3L,a3R,a1L,a1R,c2,c3,c1 - - STD c2,32(r_ptr) ; r[4] = c2; - COPY %r0,c2 - - SQR_ADD_C2 a3L,a3R,a2L,a2R,c3,c1,c2 - STD c3,40(r_ptr) ; r[5] = c3; - COPY %r0,c3 - - SQR_ADD_C a3L,a3R,c1,c2,c3 - STD c1,48(r_ptr) ; r[6] = c1; - STD c2,56(r_ptr) ; r[7] = c2; - - .EXIT - LDD -104(%sp),%r6 ; restore r6 - LDD -112(%sp),%r5 ; restore r5 - LDD -120(%sp),%r4 ; restore r4 - BVE (%rp) - LDD,MB -128(%sp),%r3 - - .PROCEND - - -;--------------------------------------------------------------------------- - -MUL_ADD_C .macro A0L,A0R,B0L,B0R,C1,C2,C3 - XMPYU A0L,B0R,ftemp1 ; m1 = bl*ht - FSTD ftemp1,-16(%sp) ; - XMPYU A0R,B0L,ftemp2 ; m = bh*lt - FSTD ftemp2,-8(%sp) ; - XMPYU A0R,B0R,ftemp3 ; lt = bl*lt - FSTD ftemp3,-32(%sp) - XMPYU A0L,B0L,ftemp4 ; ht = bh*ht - FSTD ftemp4,-24(%sp) ; - - LDD -8(%sp),m ; r21 = m - LDD -16(%sp),m1 ; r19 = m1 - ADD,L m,m1,m ; m+m1 - - DEPD,Z m,31,32,temp3 ; (m+m1<<32) - LDD -24(%sp),ht ; r24 = ht - - CMPCLR,*>>= m,m1,%r0 ; if (m < m1) - ADD,L ht,high_one,ht ; ht+=high_one - - EXTRD,U m,31,32,temp1 ; m >> 32 - LDD -32(%sp),lt ; lt - ADD,L ht,temp1,ht ; ht+= m>>32 - ADD lt,temp3,lt ; lt = lt+m1 - ADD,DC ht,%r0,ht ; ht++ - - ADD C1,lt,C1 ; c1=c1+lt - ADD,DC ht,%r0,ht ; bump c3 if overflow,nullify otherwise - - ADD C2,ht,C2 ; c2 = c2 + ht - ADD,DC C3,%r0,C3 ; add in carry (c3++) -.endm - - -; -;void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b) -; arg0 = r_ptr -; arg1 = a_ptr -; arg2 = b_ptr -; - -bn_mul_comba8 - .proc - .callinfo FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE - .EXPORT bn_mul_comba8,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN - .entry - .align 64 - - STD %r3,0(%sp) ; save r3 - STD %r4,8(%sp) ; save r4 - STD %r5,16(%sp) ; save r5 - STD %r6,24(%sp) ; save r6 - FSTD %fr12,32(%sp) ; save r6 - FSTD %fr13,40(%sp) ; save r7 - - ; - ; Zero out carries - ; - COPY %r0,c1 - COPY %r0,c2 - COPY %r0,c3 - - LDO 128(%sp),%sp ; bump stack - DEPDI,Z 1,31,1,high_one ; Create Value 1 << 32 - - ; - ; Load up all of the values we are going to use - ; - FLDD 0(a_ptr),a0 - FLDD 8(a_ptr),a1 - FLDD 16(a_ptr),a2 - FLDD 24(a_ptr),a3 - FLDD 32(a_ptr),a4 - FLDD 40(a_ptr),a5 - FLDD 48(a_ptr),a6 - FLDD 56(a_ptr),a7 - - FLDD 0(b_ptr),b0 - FLDD 8(b_ptr),b1 - FLDD 16(b_ptr),b2 - FLDD 24(b_ptr),b3 - FLDD 32(b_ptr),b4 - FLDD 40(b_ptr),b5 - FLDD 48(b_ptr),b6 - FLDD 56(b_ptr),b7 - - MUL_ADD_C a0L,a0R,b0L,b0R,c1,c2,c3 - STD c1,0(r_ptr) - COPY %r0,c1 - - MUL_ADD_C a0L,a0R,b1L,b1R,c2,c3,c1 - MUL_ADD_C a1L,a1R,b0L,b0R,c2,c3,c1 - STD c2,8(r_ptr) - COPY %r0,c2 - - MUL_ADD_C a2L,a2R,b0L,b0R,c3,c1,c2 - MUL_ADD_C a1L,a1R,b1L,b1R,c3,c1,c2 - MUL_ADD_C a0L,a0R,b2L,b2R,c3,c1,c2 - STD c3,16(r_ptr) - COPY %r0,c3 - - MUL_ADD_C a0L,a0R,b3L,b3R,c1,c2,c3 - MUL_ADD_C a1L,a1R,b2L,b2R,c1,c2,c3 - MUL_ADD_C a2L,a2R,b1L,b1R,c1,c2,c3 - MUL_ADD_C a3L,a3R,b0L,b0R,c1,c2,c3 - STD c1,24(r_ptr) - COPY %r0,c1 - - MUL_ADD_C a4L,a4R,b0L,b0R,c2,c3,c1 - MUL_ADD_C a3L,a3R,b1L,b1R,c2,c3,c1 - MUL_ADD_C a2L,a2R,b2L,b2R,c2,c3,c1 - MUL_ADD_C a1L,a1R,b3L,b3R,c2,c3,c1 - MUL_ADD_C a0L,a0R,b4L,b4R,c2,c3,c1 - STD c2,32(r_ptr) - COPY %r0,c2 - - MUL_ADD_C a0L,a0R,b5L,b5R,c3,c1,c2 - MUL_ADD_C a1L,a1R,b4L,b4R,c3,c1,c2 - MUL_ADD_C a2L,a2R,b3L,b3R,c3,c1,c2 - MUL_ADD_C a3L,a3R,b2L,b2R,c3,c1,c2 - MUL_ADD_C a4L,a4R,b1L,b1R,c3,c1,c2 - MUL_ADD_C a5L,a5R,b0L,b0R,c3,c1,c2 - STD c3,40(r_ptr) - COPY %r0,c3 - - MUL_ADD_C a6L,a6R,b0L,b0R,c1,c2,c3 - MUL_ADD_C a5L,a5R,b1L,b1R,c1,c2,c3 - MUL_ADD_C a4L,a4R,b2L,b2R,c1,c2,c3 - MUL_ADD_C a3L,a3R,b3L,b3R,c1,c2,c3 - MUL_ADD_C a2L,a2R,b4L,b4R,c1,c2,c3 - MUL_ADD_C a1L,a1R,b5L,b5R,c1,c2,c3 - MUL_ADD_C a0L,a0R,b6L,b6R,c1,c2,c3 - STD c1,48(r_ptr) - COPY %r0,c1 - - MUL_ADD_C a0L,a0R,b7L,b7R,c2,c3,c1 - MUL_ADD_C a1L,a1R,b6L,b6R,c2,c3,c1 - MUL_ADD_C a2L,a2R,b5L,b5R,c2,c3,c1 - MUL_ADD_C a3L,a3R,b4L,b4R,c2,c3,c1 - MUL_ADD_C a4L,a4R,b3L,b3R,c2,c3,c1 - MUL_ADD_C a5L,a5R,b2L,b2R,c2,c3,c1 - MUL_ADD_C a6L,a6R,b1L,b1R,c2,c3,c1 - MUL_ADD_C a7L,a7R,b0L,b0R,c2,c3,c1 - STD c2,56(r_ptr) - COPY %r0,c2 - - MUL_ADD_C a7L,a7R,b1L,b1R,c3,c1,c2 - MUL_ADD_C a6L,a6R,b2L,b2R,c3,c1,c2 - MUL_ADD_C a5L,a5R,b3L,b3R,c3,c1,c2 - MUL_ADD_C a4L,a4R,b4L,b4R,c3,c1,c2 - MUL_ADD_C a3L,a3R,b5L,b5R,c3,c1,c2 - MUL_ADD_C a2L,a2R,b6L,b6R,c3,c1,c2 - MUL_ADD_C a1L,a1R,b7L,b7R,c3,c1,c2 - STD c3,64(r_ptr) - COPY %r0,c3 - - MUL_ADD_C a2L,a2R,b7L,b7R,c1,c2,c3 - MUL_ADD_C a3L,a3R,b6L,b6R,c1,c2,c3 - MUL_ADD_C a4L,a4R,b5L,b5R,c1,c2,c3 - MUL_ADD_C a5L,a5R,b4L,b4R,c1,c2,c3 - MUL_ADD_C a6L,a6R,b3L,b3R,c1,c2,c3 - MUL_ADD_C a7L,a7R,b2L,b2R,c1,c2,c3 - STD c1,72(r_ptr) - COPY %r0,c1 - - MUL_ADD_C a7L,a7R,b3L,b3R,c2,c3,c1 - MUL_ADD_C a6L,a6R,b4L,b4R,c2,c3,c1 - MUL_ADD_C a5L,a5R,b5L,b5R,c2,c3,c1 - MUL_ADD_C a4L,a4R,b6L,b6R,c2,c3,c1 - MUL_ADD_C a3L,a3R,b7L,b7R,c2,c3,c1 - STD c2,80(r_ptr) - COPY %r0,c2 - - MUL_ADD_C a4L,a4R,b7L,b7R,c3,c1,c2 - MUL_ADD_C a5L,a5R,b6L,b6R,c3,c1,c2 - MUL_ADD_C a6L,a6R,b5L,b5R,c3,c1,c2 - MUL_ADD_C a7L,a7R,b4L,b4R,c3,c1,c2 - STD c3,88(r_ptr) - COPY %r0,c3 - - MUL_ADD_C a7L,a7R,b5L,b5R,c1,c2,c3 - MUL_ADD_C a6L,a6R,b6L,b6R,c1,c2,c3 - MUL_ADD_C a5L,a5R,b7L,b7R,c1,c2,c3 - STD c1,96(r_ptr) - COPY %r0,c1 - - MUL_ADD_C a6L,a6R,b7L,b7R,c2,c3,c1 - MUL_ADD_C a7L,a7R,b6L,b6R,c2,c3,c1 - STD c2,104(r_ptr) - COPY %r0,c2 - - MUL_ADD_C a7L,a7R,b7L,b7R,c3,c1,c2 - STD c3,112(r_ptr) - STD c1,120(r_ptr) - - .EXIT - FLDD -88(%sp),%fr13 - FLDD -96(%sp),%fr12 - LDD -104(%sp),%r6 ; restore r6 - LDD -112(%sp),%r5 ; restore r5 - LDD -120(%sp),%r4 ; restore r4 - BVE (%rp) - LDD,MB -128(%sp),%r3 - - .PROCEND - -;----------------------------------------------------------------------------- -; -;void bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b) -; arg0 = r_ptr -; arg1 = a_ptr -; arg2 = b_ptr -; - -bn_mul_comba4 - .proc - .callinfo FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE - .EXPORT bn_mul_comba4,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN - .entry - .align 64 - - STD %r3,0(%sp) ; save r3 - STD %r4,8(%sp) ; save r4 - STD %r5,16(%sp) ; save r5 - STD %r6,24(%sp) ; save r6 - FSTD %fr12,32(%sp) ; save r6 - FSTD %fr13,40(%sp) ; save r7 - - ; - ; Zero out carries - ; - COPY %r0,c1 - COPY %r0,c2 - COPY %r0,c3 - - LDO 128(%sp),%sp ; bump stack - DEPDI,Z 1,31,1,high_one ; Create Value 1 << 32 - - ; - ; Load up all of the values we are going to use - ; - FLDD 0(a_ptr),a0 - FLDD 8(a_ptr),a1 - FLDD 16(a_ptr),a2 - FLDD 24(a_ptr),a3 - - FLDD 0(b_ptr),b0 - FLDD 8(b_ptr),b1 - FLDD 16(b_ptr),b2 - FLDD 24(b_ptr),b3 - - MUL_ADD_C a0L,a0R,b0L,b0R,c1,c2,c3 - STD c1,0(r_ptr) - COPY %r0,c1 - - MUL_ADD_C a0L,a0R,b1L,b1R,c2,c3,c1 - MUL_ADD_C a1L,a1R,b0L,b0R,c2,c3,c1 - STD c2,8(r_ptr) - COPY %r0,c2 - - MUL_ADD_C a2L,a2R,b0L,b0R,c3,c1,c2 - MUL_ADD_C a1L,a1R,b1L,b1R,c3,c1,c2 - MUL_ADD_C a0L,a0R,b2L,b2R,c3,c1,c2 - STD c3,16(r_ptr) - COPY %r0,c3 - - MUL_ADD_C a0L,a0R,b3L,b3R,c1,c2,c3 - MUL_ADD_C a1L,a1R,b2L,b2R,c1,c2,c3 - MUL_ADD_C a2L,a2R,b1L,b1R,c1,c2,c3 - MUL_ADD_C a3L,a3R,b0L,b0R,c1,c2,c3 - STD c1,24(r_ptr) - COPY %r0,c1 - - MUL_ADD_C a3L,a3R,b1L,b1R,c2,c3,c1 - MUL_ADD_C a2L,a2R,b2L,b2R,c2,c3,c1 - MUL_ADD_C a1L,a1R,b3L,b3R,c2,c3,c1 - STD c2,32(r_ptr) - COPY %r0,c2 - - MUL_ADD_C a2L,a2R,b3L,b3R,c3,c1,c2 - MUL_ADD_C a3L,a3R,b2L,b2R,c3,c1,c2 - STD c3,40(r_ptr) - COPY %r0,c3 - - MUL_ADD_C a3L,a3R,b3L,b3R,c1,c2,c3 - STD c1,48(r_ptr) - STD c2,56(r_ptr) - - .EXIT - FLDD -88(%sp),%fr13 - FLDD -96(%sp),%fr12 - LDD -104(%sp),%r6 ; restore r6 - LDD -112(%sp),%r5 ; restore r5 - LDD -120(%sp),%r4 ; restore r4 - BVE (%rp) - LDD,MB -128(%sp),%r3 - - .PROCEND - - - .SPACE $TEXT$ - .SUBSPA $CODE$ - .SPACE $PRIVATE$,SORT=16 - .IMPORT $global$,DATA - .SPACE $TEXT$ - .SUBSPA $CODE$ - .SUBSPA $LIT$,QUAD=0,ALIGN=8,ACCESS=0x2c,SORT=16 -C$7 - .ALIGN 8 - .STRINGZ "Division would overflow (%d)\n" - .END diff --git a/src/lib/libcrypto/bn/asm/pa-risc2W.s b/src/lib/libcrypto/bn/asm/pa-risc2W.s deleted file mode 100644 index 54b6606252..0000000000 --- a/src/lib/libcrypto/bn/asm/pa-risc2W.s +++ /dev/null @@ -1,1605 +0,0 @@ -; -; PA-RISC 64-bit implementation of bn_asm code -; -; This code is approximately 2x faster than the C version -; for RSA/DSA. -; -; See http://devresource.hp.com/ for more details on the PA-RISC -; architecture. Also see the book "PA-RISC 2.0 Architecture" -; by Gerry Kane for information on the instruction set architecture. -; -; Code written by Chris Ruemmler (with some help from the HP C -; compiler). -; -; The code compiles with HP's assembler -; - - .level 2.0W - .space $TEXT$ - .subspa $CODE$,QUAD=0,ALIGN=8,ACCESS=0x2c,CODE_ONLY - -; -; Global Register definitions used for the routines. -; -; Some information about HP's runtime architecture for 64-bits. -; -; "Caller save" means the calling function must save the register -; if it wants the register to be preserved. -; "Callee save" means if a function uses the register, it must save -; the value before using it. -; -; For the floating point registers -; -; "caller save" registers: fr4-fr11, fr22-fr31 -; "callee save" registers: fr12-fr21 -; "special" registers: fr0-fr3 (status and exception registers) -; -; For the integer registers -; value zero : r0 -; "caller save" registers: r1,r19-r26 -; "callee save" registers: r3-r18 -; return register : r2 (rp) -; return values ; r28 (ret0,ret1) -; Stack pointer ; r30 (sp) -; global data pointer ; r27 (dp) -; argument pointer ; r29 (ap) -; millicode return ptr ; r31 (also a caller save register) - - -; -; Arguments to the routines -; -r_ptr .reg %r26 -a_ptr .reg %r25 -b_ptr .reg %r24 -num .reg %r24 -w .reg %r23 -n .reg %r23 - - -; -; Globals used in some routines -; - -top_overflow .reg %r29 -high_mask .reg %r22 ; value 0xffffffff80000000L - - -;------------------------------------------------------------------------------ -; -; bn_mul_add_words -; -;BN_ULONG bn_mul_add_words(BN_ULONG *r_ptr, BN_ULONG *a_ptr, -; int num, BN_ULONG w) -; -; arg0 = r_ptr -; arg1 = a_ptr -; arg2 = num -; arg3 = w -; -; Local register definitions -; - -fm1 .reg %fr22 -fm .reg %fr23 -ht_temp .reg %fr24 -ht_temp_1 .reg %fr25 -lt_temp .reg %fr26 -lt_temp_1 .reg %fr27 -fm1_1 .reg %fr28 -fm_1 .reg %fr29 - -fw_h .reg %fr7L -fw_l .reg %fr7R -fw .reg %fr7 - -fht_0 .reg %fr8L -flt_0 .reg %fr8R -t_float_0 .reg %fr8 - -fht_1 .reg %fr9L -flt_1 .reg %fr9R -t_float_1 .reg %fr9 - -tmp_0 .reg %r31 -tmp_1 .reg %r21 -m_0 .reg %r20 -m_1 .reg %r19 -ht_0 .reg %r1 -ht_1 .reg %r3 -lt_0 .reg %r4 -lt_1 .reg %r5 -m1_0 .reg %r6 -m1_1 .reg %r7 -rp_val .reg %r8 -rp_val_1 .reg %r9 - -bn_mul_add_words - .export bn_mul_add_words,entry,NO_RELOCATION,LONG_RETURN - .proc - .callinfo frame=128 - .entry - .align 64 - - STD %r3,0(%sp) ; save r3 - STD %r4,8(%sp) ; save r4 - NOP ; Needed to make the loop 16-byte aligned - NOP ; Needed to make the loop 16-byte aligned - - STD %r5,16(%sp) ; save r5 - STD %r6,24(%sp) ; save r6 - STD %r7,32(%sp) ; save r7 - STD %r8,40(%sp) ; save r8 - - STD %r9,48(%sp) ; save r9 - COPY %r0,%ret0 ; return 0 by default - DEPDI,Z 1,31,1,top_overflow ; top_overflow = 1 << 32 - STD w,56(%sp) ; store w on stack - - CMPIB,>= 0,num,bn_mul_add_words_exit ; if (num <= 0) then exit - LDO 128(%sp),%sp ; bump stack - - ; - ; The loop is unrolled twice, so if there is only 1 number - ; then go straight to the cleanup code. - ; - CMPIB,= 1,num,bn_mul_add_words_single_top - FLDD -72(%sp),fw ; load up w into fp register fw (fw_h/fw_l) - - ; - ; This loop is unrolled 2 times (64-byte aligned as well) - ; - ; PA-RISC 2.0 chips have two fully pipelined multipliers, thus - ; two 32-bit mutiplies can be issued per cycle. - ; -bn_mul_add_words_unroll2 - - FLDD 0(a_ptr),t_float_0 ; load up 64-bit value (fr8L) ht(L)/lt(R) - FLDD 8(a_ptr),t_float_1 ; load up 64-bit value (fr8L) ht(L)/lt(R) - LDD 0(r_ptr),rp_val ; rp[0] - LDD 8(r_ptr),rp_val_1 ; rp[1] - - XMPYU fht_0,fw_l,fm1 ; m1[0] = fht_0*fw_l - XMPYU fht_1,fw_l,fm1_1 ; m1[1] = fht_1*fw_l - FSTD fm1,-16(%sp) ; -16(sp) = m1[0] - FSTD fm1_1,-48(%sp) ; -48(sp) = m1[1] - - XMPYU flt_0,fw_h,fm ; m[0] = flt_0*fw_h - XMPYU flt_1,fw_h,fm_1 ; m[1] = flt_1*fw_h - FSTD fm,-8(%sp) ; -8(sp) = m[0] - FSTD fm_1,-40(%sp) ; -40(sp) = m[1] - - XMPYU fht_0,fw_h,ht_temp ; ht_temp = fht_0*fw_h - XMPYU fht_1,fw_h,ht_temp_1 ; ht_temp_1 = fht_1*fw_h - FSTD ht_temp,-24(%sp) ; -24(sp) = ht_temp - FSTD ht_temp_1,-56(%sp) ; -56(sp) = ht_temp_1 - - XMPYU flt_0,fw_l,lt_temp ; lt_temp = lt*fw_l - XMPYU flt_1,fw_l,lt_temp_1 ; lt_temp = lt*fw_l - FSTD lt_temp,-32(%sp) ; -32(sp) = lt_temp - FSTD lt_temp_1,-64(%sp) ; -64(sp) = lt_temp_1 - - LDD -8(%sp),m_0 ; m[0] - LDD -40(%sp),m_1 ; m[1] - LDD -16(%sp),m1_0 ; m1[0] - LDD -48(%sp),m1_1 ; m1[1] - - LDD -24(%sp),ht_0 ; ht[0] - LDD -56(%sp),ht_1 ; ht[1] - ADD,L m1_0,m_0,tmp_0 ; tmp_0 = m[0] + m1[0]; - ADD,L m1_1,m_1,tmp_1 ; tmp_1 = m[1] + m1[1]; - - LDD -32(%sp),lt_0 - LDD -64(%sp),lt_1 - CMPCLR,*>>= tmp_0,m1_0, %r0 ; if (m[0] < m1[0]) - ADD,L ht_0,top_overflow,ht_0 ; ht[0] += (1<<32) - - CMPCLR,*>>= tmp_1,m1_1,%r0 ; if (m[1] < m1[1]) - ADD,L ht_1,top_overflow,ht_1 ; ht[1] += (1<<32) - EXTRD,U tmp_0,31,32,m_0 ; m[0]>>32 - DEPD,Z tmp_0,31,32,m1_0 ; m1[0] = m[0]<<32 - - EXTRD,U tmp_1,31,32,m_1 ; m[1]>>32 - DEPD,Z tmp_1,31,32,m1_1 ; m1[1] = m[1]<<32 - ADD,L ht_0,m_0,ht_0 ; ht[0]+= (m[0]>>32) - ADD,L ht_1,m_1,ht_1 ; ht[1]+= (m[1]>>32) - - ADD lt_0,m1_0,lt_0 ; lt[0] = lt[0]+m1[0]; - ADD,DC ht_0,%r0,ht_0 ; ht[0]++ - ADD lt_1,m1_1,lt_1 ; lt[1] = lt[1]+m1[1]; - ADD,DC ht_1,%r0,ht_1 ; ht[1]++ - - ADD %ret0,lt_0,lt_0 ; lt[0] = lt[0] + c; - ADD,DC ht_0,%r0,ht_0 ; ht[0]++ - ADD lt_0,rp_val,lt_0 ; lt[0] = lt[0]+rp[0] - ADD,DC ht_0,%r0,ht_0 ; ht[0]++ - - LDO -2(num),num ; num = num - 2; - ADD ht_0,lt_1,lt_1 ; lt[1] = lt[1] + ht_0 (c); - ADD,DC ht_1,%r0,ht_1 ; ht[1]++ - STD lt_0,0(r_ptr) ; rp[0] = lt[0] - - ADD lt_1,rp_val_1,lt_1 ; lt[1] = lt[1]+rp[1] - ADD,DC ht_1,%r0,%ret0 ; ht[1]++ - LDO 16(a_ptr),a_ptr ; a_ptr += 2 - - STD lt_1,8(r_ptr) ; rp[1] = lt[1] - CMPIB,<= 2,num,bn_mul_add_words_unroll2 ; go again if more to do - LDO 16(r_ptr),r_ptr ; r_ptr += 2 - - CMPIB,=,N 0,num,bn_mul_add_words_exit ; are we done, or cleanup last one - - ; - ; Top of loop aligned on 64-byte boundary - ; -bn_mul_add_words_single_top - FLDD 0(a_ptr),t_float_0 ; load up 64-bit value (fr8L) ht(L)/lt(R) - LDD 0(r_ptr),rp_val ; rp[0] - LDO 8(a_ptr),a_ptr ; a_ptr++ - XMPYU fht_0,fw_l,fm1 ; m1 = ht*fw_l - FSTD fm1,-16(%sp) ; -16(sp) = m1 - XMPYU flt_0,fw_h,fm ; m = lt*fw_h - FSTD fm,-8(%sp) ; -8(sp) = m - XMPYU fht_0,fw_h,ht_temp ; ht_temp = ht*fw_h - FSTD ht_temp,-24(%sp) ; -24(sp) = ht - XMPYU flt_0,fw_l,lt_temp ; lt_temp = lt*fw_l - FSTD lt_temp,-32(%sp) ; -32(sp) = lt - - LDD -8(%sp),m_0 - LDD -16(%sp),m1_0 ; m1 = temp1 - ADD,L m_0,m1_0,tmp_0 ; tmp_0 = m + m1; - LDD -24(%sp),ht_0 - LDD -32(%sp),lt_0 - - CMPCLR,*>>= tmp_0,m1_0,%r0 ; if (m < m1) - ADD,L ht_0,top_overflow,ht_0 ; ht += (1<<32) - - EXTRD,U tmp_0,31,32,m_0 ; m>>32 - DEPD,Z tmp_0,31,32,m1_0 ; m1 = m<<32 - - ADD,L ht_0,m_0,ht_0 ; ht+= (m>>32) - ADD lt_0,m1_0,tmp_0 ; tmp_0 = lt+m1; - ADD,DC ht_0,%r0,ht_0 ; ht++ - ADD %ret0,tmp_0,lt_0 ; lt = lt + c; - ADD,DC ht_0,%r0,ht_0 ; ht++ - ADD lt_0,rp_val,lt_0 ; lt = lt+rp[0] - ADD,DC ht_0,%r0,%ret0 ; ht++ - STD lt_0,0(r_ptr) ; rp[0] = lt - -bn_mul_add_words_exit - .EXIT - LDD -80(%sp),%r9 ; restore r9 - LDD -88(%sp),%r8 ; restore r8 - LDD -96(%sp),%r7 ; restore r7 - LDD -104(%sp),%r6 ; restore r6 - LDD -112(%sp),%r5 ; restore r5 - LDD -120(%sp),%r4 ; restore r4 - BVE (%rp) - LDD,MB -128(%sp),%r3 ; restore r3 - .PROCEND ;in=23,24,25,26,29;out=28; - -;---------------------------------------------------------------------------- -; -;BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w) -; -; arg0 = rp -; arg1 = ap -; arg2 = num -; arg3 = w - -bn_mul_words - .proc - .callinfo frame=128 - .entry - .EXPORT bn_mul_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN - .align 64 - - STD %r3,0(%sp) ; save r3 - STD %r4,8(%sp) ; save r4 - STD %r5,16(%sp) ; save r5 - STD %r6,24(%sp) ; save r6 - - STD %r7,32(%sp) ; save r7 - COPY %r0,%ret0 ; return 0 by default - DEPDI,Z 1,31,1,top_overflow ; top_overflow = 1 << 32 - STD w,56(%sp) ; w on stack - - CMPIB,>= 0,num,bn_mul_words_exit - LDO 128(%sp),%sp ; bump stack - - ; - ; See if only 1 word to do, thus just do cleanup - ; - CMPIB,= 1,num,bn_mul_words_single_top - FLDD -72(%sp),fw ; load up w into fp register fw (fw_h/fw_l) - - ; - ; This loop is unrolled 2 times (64-byte aligned as well) - ; - ; PA-RISC 2.0 chips have two fully pipelined multipliers, thus - ; two 32-bit mutiplies can be issued per cycle. - ; -bn_mul_words_unroll2 - - FLDD 0(a_ptr),t_float_0 ; load up 64-bit value (fr8L) ht(L)/lt(R) - FLDD 8(a_ptr),t_float_1 ; load up 64-bit value (fr8L) ht(L)/lt(R) - XMPYU fht_0,fw_l,fm1 ; m1[0] = fht_0*fw_l - XMPYU fht_1,fw_l,fm1_1 ; m1[1] = ht*fw_l - - FSTD fm1,-16(%sp) ; -16(sp) = m1 - FSTD fm1_1,-48(%sp) ; -48(sp) = m1 - XMPYU flt_0,fw_h,fm ; m = lt*fw_h - XMPYU flt_1,fw_h,fm_1 ; m = lt*fw_h - - FSTD fm,-8(%sp) ; -8(sp) = m - FSTD fm_1,-40(%sp) ; -40(sp) = m - XMPYU fht_0,fw_h,ht_temp ; ht_temp = fht_0*fw_h - XMPYU fht_1,fw_h,ht_temp_1 ; ht_temp = ht*fw_h - - FSTD ht_temp,-24(%sp) ; -24(sp) = ht - FSTD ht_temp_1,-56(%sp) ; -56(sp) = ht - XMPYU flt_0,fw_l,lt_temp ; lt_temp = lt*fw_l - XMPYU flt_1,fw_l,lt_temp_1 ; lt_temp = lt*fw_l - - FSTD lt_temp,-32(%sp) ; -32(sp) = lt - FSTD lt_temp_1,-64(%sp) ; -64(sp) = lt - LDD -8(%sp),m_0 - LDD -40(%sp),m_1 - - LDD -16(%sp),m1_0 - LDD -48(%sp),m1_1 - LDD -24(%sp),ht_0 - LDD -56(%sp),ht_1 - - ADD,L m1_0,m_0,tmp_0 ; tmp_0 = m + m1; - ADD,L m1_1,m_1,tmp_1 ; tmp_1 = m + m1; - LDD -32(%sp),lt_0 - LDD -64(%sp),lt_1 - - CMPCLR,*>>= tmp_0,m1_0, %r0 ; if (m < m1) - ADD,L ht_0,top_overflow,ht_0 ; ht += (1<<32) - CMPCLR,*>>= tmp_1,m1_1,%r0 ; if (m < m1) - ADD,L ht_1,top_overflow,ht_1 ; ht += (1<<32) - - EXTRD,U tmp_0,31,32,m_0 ; m>>32 - DEPD,Z tmp_0,31,32,m1_0 ; m1 = m<<32 - EXTRD,U tmp_1,31,32,m_1 ; m>>32 - DEPD,Z tmp_1,31,32,m1_1 ; m1 = m<<32 - - ADD,L ht_0,m_0,ht_0 ; ht+= (m>>32) - ADD,L ht_1,m_1,ht_1 ; ht+= (m>>32) - ADD lt_0,m1_0,lt_0 ; lt = lt+m1; - ADD,DC ht_0,%r0,ht_0 ; ht++ - - ADD lt_1,m1_1,lt_1 ; lt = lt+m1; - ADD,DC ht_1,%r0,ht_1 ; ht++ - ADD %ret0,lt_0,lt_0 ; lt = lt + c (ret0); - ADD,DC ht_0,%r0,ht_0 ; ht++ - - ADD ht_0,lt_1,lt_1 ; lt = lt + c (ht_0) - ADD,DC ht_1,%r0,ht_1 ; ht++ - STD lt_0,0(r_ptr) ; rp[0] = lt - STD lt_1,8(r_ptr) ; rp[1] = lt - - COPY ht_1,%ret0 ; carry = ht - LDO -2(num),num ; num = num - 2; - LDO 16(a_ptr),a_ptr ; ap += 2 - CMPIB,<= 2,num,bn_mul_words_unroll2 - LDO 16(r_ptr),r_ptr ; rp++ - - CMPIB,=,N 0,num,bn_mul_words_exit ; are we done? - - ; - ; Top of loop aligned on 64-byte boundary - ; -bn_mul_words_single_top - FLDD 0(a_ptr),t_float_0 ; load up 64-bit value (fr8L) ht(L)/lt(R) - - XMPYU fht_0,fw_l,fm1 ; m1 = ht*fw_l - FSTD fm1,-16(%sp) ; -16(sp) = m1 - XMPYU flt_0,fw_h,fm ; m = lt*fw_h - FSTD fm,-8(%sp) ; -8(sp) = m - XMPYU fht_0,fw_h,ht_temp ; ht_temp = ht*fw_h - FSTD ht_temp,-24(%sp) ; -24(sp) = ht - XMPYU flt_0,fw_l,lt_temp ; lt_temp = lt*fw_l - FSTD lt_temp,-32(%sp) ; -32(sp) = lt - - LDD -8(%sp),m_0 - LDD -16(%sp),m1_0 - ADD,L m_0,m1_0,tmp_0 ; tmp_0 = m + m1; - LDD -24(%sp),ht_0 - LDD -32(%sp),lt_0 - - CMPCLR,*>>= tmp_0,m1_0,%r0 ; if (m < m1) - ADD,L ht_0,top_overflow,ht_0 ; ht += (1<<32) - - EXTRD,U tmp_0,31,32,m_0 ; m>>32 - DEPD,Z tmp_0,31,32,m1_0 ; m1 = m<<32 - - ADD,L ht_0,m_0,ht_0 ; ht+= (m>>32) - ADD lt_0,m1_0,lt_0 ; lt= lt+m1; - ADD,DC ht_0,%r0,ht_0 ; ht++ - - ADD %ret0,lt_0,lt_0 ; lt = lt + c; - ADD,DC ht_0,%r0,ht_0 ; ht++ - - COPY ht_0,%ret0 ; copy carry - STD lt_0,0(r_ptr) ; rp[0] = lt - -bn_mul_words_exit - .EXIT - LDD -96(%sp),%r7 ; restore r7 - LDD -104(%sp),%r6 ; restore r6 - LDD -112(%sp),%r5 ; restore r5 - LDD -120(%sp),%r4 ; restore r4 - BVE (%rp) - LDD,MB -128(%sp),%r3 ; restore r3 - .PROCEND ;in=23,24,25,26,29;out=28; - -;---------------------------------------------------------------------------- -; -;void bn_sqr_words(BN_ULONG *rp, BN_ULONG *ap, int num) -; -; arg0 = rp -; arg1 = ap -; arg2 = num -; - -bn_sqr_words - .proc - .callinfo FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE - .EXPORT bn_sqr_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN - .entry - .align 64 - - STD %r3,0(%sp) ; save r3 - STD %r4,8(%sp) ; save r4 - NOP - STD %r5,16(%sp) ; save r5 - - CMPIB,>= 0,num,bn_sqr_words_exit - LDO 128(%sp),%sp ; bump stack - - ; - ; If only 1, the goto straight to cleanup - ; - CMPIB,= 1,num,bn_sqr_words_single_top - DEPDI,Z -1,32,33,high_mask ; Create Mask 0xffffffff80000000L - - ; - ; This loop is unrolled 2 times (64-byte aligned as well) - ; - -bn_sqr_words_unroll2 - FLDD 0(a_ptr),t_float_0 ; a[0] - FLDD 8(a_ptr),t_float_1 ; a[1] - XMPYU fht_0,flt_0,fm ; m[0] - XMPYU fht_1,flt_1,fm_1 ; m[1] - - FSTD fm,-24(%sp) ; store m[0] - FSTD fm_1,-56(%sp) ; store m[1] - XMPYU flt_0,flt_0,lt_temp ; lt[0] - XMPYU flt_1,flt_1,lt_temp_1 ; lt[1] - - FSTD lt_temp,-16(%sp) ; store lt[0] - FSTD lt_temp_1,-48(%sp) ; store lt[1] - XMPYU fht_0,fht_0,ht_temp ; ht[0] - XMPYU fht_1,fht_1,ht_temp_1 ; ht[1] - - FSTD ht_temp,-8(%sp) ; store ht[0] - FSTD ht_temp_1,-40(%sp) ; store ht[1] - LDD -24(%sp),m_0 - LDD -56(%sp),m_1 - - AND m_0,high_mask,tmp_0 ; m[0] & Mask - AND m_1,high_mask,tmp_1 ; m[1] & Mask - DEPD,Z m_0,30,31,m_0 ; m[0] << 32+1 - DEPD,Z m_1,30,31,m_1 ; m[1] << 32+1 - - LDD -16(%sp),lt_0 - LDD -48(%sp),lt_1 - EXTRD,U tmp_0,32,33,tmp_0 ; tmp_0 = m[0]&Mask >> 32-1 - EXTRD,U tmp_1,32,33,tmp_1 ; tmp_1 = m[1]&Mask >> 32-1 - - LDD -8(%sp),ht_0 - LDD -40(%sp),ht_1 - ADD,L ht_0,tmp_0,ht_0 ; ht[0] += tmp_0 - ADD,L ht_1,tmp_1,ht_1 ; ht[1] += tmp_1 - - ADD lt_0,m_0,lt_0 ; lt = lt+m - ADD,DC ht_0,%r0,ht_0 ; ht[0]++ - STD lt_0,0(r_ptr) ; rp[0] = lt[0] - STD ht_0,8(r_ptr) ; rp[1] = ht[1] - - ADD lt_1,m_1,lt_1 ; lt = lt+m - ADD,DC ht_1,%r0,ht_1 ; ht[1]++ - STD lt_1,16(r_ptr) ; rp[2] = lt[1] - STD ht_1,24(r_ptr) ; rp[3] = ht[1] - - LDO -2(num),num ; num = num - 2; - LDO 16(a_ptr),a_ptr ; ap += 2 - CMPIB,<= 2,num,bn_sqr_words_unroll2 - LDO 32(r_ptr),r_ptr ; rp += 4 - - CMPIB,=,N 0,num,bn_sqr_words_exit ; are we done? - - ; - ; Top of loop aligned on 64-byte boundary - ; -bn_sqr_words_single_top - FLDD 0(a_ptr),t_float_0 ; load up 64-bit value (fr8L) ht(L)/lt(R) - - XMPYU fht_0,flt_0,fm ; m - FSTD fm,-24(%sp) ; store m - - XMPYU flt_0,flt_0,lt_temp ; lt - FSTD lt_temp,-16(%sp) ; store lt - - XMPYU fht_0,fht_0,ht_temp ; ht - FSTD ht_temp,-8(%sp) ; store ht - - LDD -24(%sp),m_0 ; load m - AND m_0,high_mask,tmp_0 ; m & Mask - DEPD,Z m_0,30,31,m_0 ; m << 32+1 - LDD -16(%sp),lt_0 ; lt - - LDD -8(%sp),ht_0 ; ht - EXTRD,U tmp_0,32,33,tmp_0 ; tmp_0 = m&Mask >> 32-1 - ADD m_0,lt_0,lt_0 ; lt = lt+m - ADD,L ht_0,tmp_0,ht_0 ; ht += tmp_0 - ADD,DC ht_0,%r0,ht_0 ; ht++ - - STD lt_0,0(r_ptr) ; rp[0] = lt - STD ht_0,8(r_ptr) ; rp[1] = ht - -bn_sqr_words_exit - .EXIT - LDD -112(%sp),%r5 ; restore r5 - LDD -120(%sp),%r4 ; restore r4 - BVE (%rp) - LDD,MB -128(%sp),%r3 - .PROCEND ;in=23,24,25,26,29;out=28; - - -;---------------------------------------------------------------------------- -; -;BN_ULONG bn_add_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n) -; -; arg0 = rp -; arg1 = ap -; arg2 = bp -; arg3 = n - -t .reg %r22 -b .reg %r21 -l .reg %r20 - -bn_add_words - .proc - .entry - .callinfo - .EXPORT bn_add_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN - .align 64 - - CMPIB,>= 0,n,bn_add_words_exit - COPY %r0,%ret0 ; return 0 by default - - ; - ; If 2 or more numbers do the loop - ; - CMPIB,= 1,n,bn_add_words_single_top - NOP - - ; - ; This loop is unrolled 2 times (64-byte aligned as well) - ; -bn_add_words_unroll2 - LDD 0(a_ptr),t - LDD 0(b_ptr),b - ADD t,%ret0,t ; t = t+c; - ADD,DC %r0,%r0,%ret0 ; set c to carry - ADD t,b,l ; l = t + b[0] - ADD,DC %ret0,%r0,%ret0 ; c+= carry - STD l,0(r_ptr) - - LDD 8(a_ptr),t - LDD 8(b_ptr),b - ADD t,%ret0,t ; t = t+c; - ADD,DC %r0,%r0,%ret0 ; set c to carry - ADD t,b,l ; l = t + b[0] - ADD,DC %ret0,%r0,%ret0 ; c+= carry - STD l,8(r_ptr) - - LDO -2(n),n - LDO 16(a_ptr),a_ptr - LDO 16(b_ptr),b_ptr - - CMPIB,<= 2,n,bn_add_words_unroll2 - LDO 16(r_ptr),r_ptr - - CMPIB,=,N 0,n,bn_add_words_exit ; are we done? - -bn_add_words_single_top - LDD 0(a_ptr),t - LDD 0(b_ptr),b - - ADD t,%ret0,t ; t = t+c; - ADD,DC %r0,%r0,%ret0 ; set c to carry (could use CMPCLR??) - ADD t,b,l ; l = t + b[0] - ADD,DC %ret0,%r0,%ret0 ; c+= carry - STD l,0(r_ptr) - -bn_add_words_exit - .EXIT - BVE (%rp) - NOP - .PROCEND ;in=23,24,25,26,29;out=28; - -;---------------------------------------------------------------------------- -; -;BN_ULONG bn_sub_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n) -; -; arg0 = rp -; arg1 = ap -; arg2 = bp -; arg3 = n - -t1 .reg %r22 -t2 .reg %r21 -sub_tmp1 .reg %r20 -sub_tmp2 .reg %r19 - - -bn_sub_words - .proc - .callinfo - .EXPORT bn_sub_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN - .entry - .align 64 - - CMPIB,>= 0,n,bn_sub_words_exit - COPY %r0,%ret0 ; return 0 by default - - ; - ; If 2 or more numbers do the loop - ; - CMPIB,= 1,n,bn_sub_words_single_top - NOP - - ; - ; This loop is unrolled 2 times (64-byte aligned as well) - ; -bn_sub_words_unroll2 - LDD 0(a_ptr),t1 - LDD 0(b_ptr),t2 - SUB t1,t2,sub_tmp1 ; t3 = t1-t2; - SUB sub_tmp1,%ret0,sub_tmp1 ; t3 = t3- c; - - CMPCLR,*>> t1,t2,sub_tmp2 ; clear if t1 > t2 - LDO 1(%r0),sub_tmp2 - - CMPCLR,*= t1,t2,%r0 - COPY sub_tmp2,%ret0 - STD sub_tmp1,0(r_ptr) - - LDD 8(a_ptr),t1 - LDD 8(b_ptr),t2 - SUB t1,t2,sub_tmp1 ; t3 = t1-t2; - SUB sub_tmp1,%ret0,sub_tmp1 ; t3 = t3- c; - CMPCLR,*>> t1,t2,sub_tmp2 ; clear if t1 > t2 - LDO 1(%r0),sub_tmp2 - - CMPCLR,*= t1,t2,%r0 - COPY sub_tmp2,%ret0 - STD sub_tmp1,8(r_ptr) - - LDO -2(n),n - LDO 16(a_ptr),a_ptr - LDO 16(b_ptr),b_ptr - - CMPIB,<= 2,n,bn_sub_words_unroll2 - LDO 16(r_ptr),r_ptr - - CMPIB,=,N 0,n,bn_sub_words_exit ; are we done? - -bn_sub_words_single_top - LDD 0(a_ptr),t1 - LDD 0(b_ptr),t2 - SUB t1,t2,sub_tmp1 ; t3 = t1-t2; - SUB sub_tmp1,%ret0,sub_tmp1 ; t3 = t3- c; - CMPCLR,*>> t1,t2,sub_tmp2 ; clear if t1 > t2 - LDO 1(%r0),sub_tmp2 - - CMPCLR,*= t1,t2,%r0 - COPY sub_tmp2,%ret0 - - STD sub_tmp1,0(r_ptr) - -bn_sub_words_exit - .EXIT - BVE (%rp) - NOP - .PROCEND ;in=23,24,25,26,29;out=28; - -;------------------------------------------------------------------------------ -; -; unsigned long bn_div_words(unsigned long h, unsigned long l, unsigned long d) -; -; arg0 = h -; arg1 = l -; arg2 = d -; -; This is mainly just modified assembly from the compiler, thus the -; lack of variable names. -; -;------------------------------------------------------------------------------ -bn_div_words - .proc - .callinfo CALLER,FRAME=272,ENTRY_GR=%r10,SAVE_RP,ARGS_SAVED,ORDERING_AWARE - .EXPORT bn_div_words,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN - .IMPORT BN_num_bits_word,CODE,NO_RELOCATION - .IMPORT __iob,DATA - .IMPORT fprintf,CODE,NO_RELOCATION - .IMPORT abort,CODE,NO_RELOCATION - .IMPORT $$div2U,MILLICODE - .entry - STD %r2,-16(%r30) - STD,MA %r3,352(%r30) - STD %r4,-344(%r30) - STD %r5,-336(%r30) - STD %r6,-328(%r30) - STD %r7,-320(%r30) - STD %r8,-312(%r30) - STD %r9,-304(%r30) - STD %r10,-296(%r30) - - STD %r27,-288(%r30) ; save gp - - COPY %r24,%r3 ; save d - COPY %r26,%r4 ; save h (high 64-bits) - LDO -1(%r0),%ret0 ; return -1 by default - - CMPB,*= %r0,%arg2,$D3 ; if (d == 0) - COPY %r25,%r5 ; save l (low 64-bits) - - LDO -48(%r30),%r29 ; create ap - .CALL ;in=26,29;out=28; - B,L BN_num_bits_word,%r2 - COPY %r3,%r26 - LDD -288(%r30),%r27 ; restore gp - LDI 64,%r21 - - CMPB,= %r21,%ret0,$00000012 ;if (i == 64) (forward) - COPY %ret0,%r24 ; i - MTSARCM %r24 - DEPDI,Z -1,%sar,1,%r29 - CMPB,*<<,N %r29,%r4,bn_div_err_case ; if (h > 1<= d) - SUB %r4,%r3,%r4 ; h -= d - CMPB,= %r31,%r0,$0000001A ; if (i) - COPY %r0,%r10 ; ret = 0 - MTSARCM %r31 ; i to shift - DEPD,Z %r3,%sar,64,%r3 ; d <<= i; - SUBI 64,%r31,%r19 ; 64 - i; redundent - MTSAR %r19 ; (64 -i) to shift - SHRPD %r4,%r5,%sar,%r4 ; l>> (64-i) - MTSARCM %r31 ; i to shift - DEPD,Z %r5,%sar,64,%r5 ; l <<= i; - -$0000001A - DEPDI,Z -1,31,32,%r19 - EXTRD,U %r3,31,32,%r6 ; dh=(d&0xfff)>>32 - EXTRD,U %r3,63,32,%r8 ; dl = d&0xffffff - LDO 2(%r0),%r9 - STD %r3,-280(%r30) ; "d" to stack - -$0000001C - DEPDI,Z -1,63,32,%r29 ; - EXTRD,U %r4,31,32,%r31 ; h >> 32 - CMPB,*=,N %r31,%r6,$D2 ; if ((h>>32) != dh)(forward) div - COPY %r4,%r26 - EXTRD,U %r4,31,32,%r25 - COPY %r6,%r24 - .CALL ;in=23,24,25,26;out=20,21,22,28,29; (MILLICALL) - B,L $$div2U,%r2 - EXTRD,U %r6,31,32,%r23 - DEPD %r28,31,32,%r29 -$D2 - STD %r29,-272(%r30) ; q - AND %r5,%r19,%r24 ; t & 0xffffffff00000000; - EXTRD,U %r24,31,32,%r24 ; ??? - FLDD -272(%r30),%fr7 ; q - FLDD -280(%r30),%fr8 ; d - XMPYU %fr8L,%fr7L,%fr10 - FSTD %fr10,-256(%r30) - XMPYU %fr8L,%fr7R,%fr22 - FSTD %fr22,-264(%r30) - XMPYU %fr8R,%fr7L,%fr11 - XMPYU %fr8R,%fr7R,%fr23 - FSTD %fr11,-232(%r30) - FSTD %fr23,-240(%r30) - LDD -256(%r30),%r28 - DEPD,Z %r28,31,32,%r2 - LDD -264(%r30),%r20 - ADD,L %r20,%r2,%r31 - LDD -232(%r30),%r22 - DEPD,Z %r22,31,32,%r22 - LDD -240(%r30),%r21 - B $00000024 ; enter loop - ADD,L %r21,%r22,%r23 - -$0000002A - LDO -1(%r29),%r29 - SUB %r23,%r8,%r23 -$00000024 - SUB %r4,%r31,%r25 - AND %r25,%r19,%r26 - CMPB,*<>,N %r0,%r26,$00000046 ; (forward) - DEPD,Z %r25,31,32,%r20 - OR %r20,%r24,%r21 - CMPB,*<<,N %r21,%r23,$0000002A ;(backward) - SUB %r31,%r6,%r31 -;-------------Break path--------------------- - -$00000046 - DEPD,Z %r23,31,32,%r25 ;tl - EXTRD,U %r23,31,32,%r26 ;t - AND %r25,%r19,%r24 ;tl = (tl<<32)&0xfffffff0000000L - ADD,L %r31,%r26,%r31 ;th += t; - CMPCLR,*>>= %r5,%r24,%r0 ;if (l>32)); - DEPD,Z %r29,31,32,%r10 ; ret = q<<32 - b $0000001C - DEPD,Z %r28,31,32,%r5 ; l = l << 32 - -$D1 - OR %r10,%r29,%r28 ; ret |= q -$D3 - LDD -368(%r30),%r2 -$D0 - LDD -296(%r30),%r10 - LDD -304(%r30),%r9 - LDD -312(%r30),%r8 - LDD -320(%r30),%r7 - LDD -328(%r30),%r6 - LDD -336(%r30),%r5 - LDD -344(%r30),%r4 - BVE (%r2) - .EXIT - LDD,MB -352(%r30),%r3 - -bn_div_err_case - MFIA %r6 - ADDIL L'bn_div_words-bn_div_err_case,%r6,%r1 - LDO R'bn_div_words-bn_div_err_case(%r1),%r6 - ADDIL LT'__iob,%r27,%r1 - LDD RT'__iob(%r1),%r26 - ADDIL L'C$4-bn_div_words,%r6,%r1 - LDO R'C$4-bn_div_words(%r1),%r25 - LDO 64(%r26),%r26 - .CALL ;in=24,25,26,29;out=28; - B,L fprintf,%r2 - LDO -48(%r30),%r29 - LDD -288(%r30),%r27 - .CALL ;in=29; - B,L abort,%r2 - LDO -48(%r30),%r29 - LDD -288(%r30),%r27 - B $D0 - LDD -368(%r30),%r2 - .PROCEND ;in=24,25,26,29;out=28; - -;---------------------------------------------------------------------------- -; -; Registers to hold 64-bit values to manipulate. The "L" part -; of the register corresponds to the upper 32-bits, while the "R" -; part corresponds to the lower 32-bits -; -; Note, that when using b6 and b7, the code must save these before -; using them because they are callee save registers -; -; -; Floating point registers to use to save values that -; are manipulated. These don't collide with ftemp1-6 and -; are all caller save registers -; -a0 .reg %fr22 -a0L .reg %fr22L -a0R .reg %fr22R - -a1 .reg %fr23 -a1L .reg %fr23L -a1R .reg %fr23R - -a2 .reg %fr24 -a2L .reg %fr24L -a2R .reg %fr24R - -a3 .reg %fr25 -a3L .reg %fr25L -a3R .reg %fr25R - -a4 .reg %fr26 -a4L .reg %fr26L -a4R .reg %fr26R - -a5 .reg %fr27 -a5L .reg %fr27L -a5R .reg %fr27R - -a6 .reg %fr28 -a6L .reg %fr28L -a6R .reg %fr28R - -a7 .reg %fr29 -a7L .reg %fr29L -a7R .reg %fr29R - -b0 .reg %fr30 -b0L .reg %fr30L -b0R .reg %fr30R - -b1 .reg %fr31 -b1L .reg %fr31L -b1R .reg %fr31R - -; -; Temporary floating point variables, these are all caller save -; registers -; -ftemp1 .reg %fr4 -ftemp2 .reg %fr5 -ftemp3 .reg %fr6 -ftemp4 .reg %fr7 - -; -; The B set of registers when used. -; - -b2 .reg %fr8 -b2L .reg %fr8L -b2R .reg %fr8R - -b3 .reg %fr9 -b3L .reg %fr9L -b3R .reg %fr9R - -b4 .reg %fr10 -b4L .reg %fr10L -b4R .reg %fr10R - -b5 .reg %fr11 -b5L .reg %fr11L -b5R .reg %fr11R - -b6 .reg %fr12 -b6L .reg %fr12L -b6R .reg %fr12R - -b7 .reg %fr13 -b7L .reg %fr13L -b7R .reg %fr13R - -c1 .reg %r21 ; only reg -temp1 .reg %r20 ; only reg -temp2 .reg %r19 ; only reg -temp3 .reg %r31 ; only reg - -m1 .reg %r28 -c2 .reg %r23 -high_one .reg %r1 -ht .reg %r6 -lt .reg %r5 -m .reg %r4 -c3 .reg %r3 - -SQR_ADD_C .macro A0L,A0R,C1,C2,C3 - XMPYU A0L,A0R,ftemp1 ; m - FSTD ftemp1,-24(%sp) ; store m - - XMPYU A0R,A0R,ftemp2 ; lt - FSTD ftemp2,-16(%sp) ; store lt - - XMPYU A0L,A0L,ftemp3 ; ht - FSTD ftemp3,-8(%sp) ; store ht - - LDD -24(%sp),m ; load m - AND m,high_mask,temp2 ; m & Mask - DEPD,Z m,30,31,temp3 ; m << 32+1 - LDD -16(%sp),lt ; lt - - LDD -8(%sp),ht ; ht - EXTRD,U temp2,32,33,temp1 ; temp1 = m&Mask >> 32-1 - ADD temp3,lt,lt ; lt = lt+m - ADD,L ht,temp1,ht ; ht += temp1 - ADD,DC ht,%r0,ht ; ht++ - - ADD C1,lt,C1 ; c1=c1+lt - ADD,DC ht,%r0,ht ; ht++ - - ADD C2,ht,C2 ; c2=c2+ht - ADD,DC C3,%r0,C3 ; c3++ -.endm - -SQR_ADD_C2 .macro A0L,A0R,A1L,A1R,C1,C2,C3 - XMPYU A0L,A1R,ftemp1 ; m1 = bl*ht - FSTD ftemp1,-16(%sp) ; - XMPYU A0R,A1L,ftemp2 ; m = bh*lt - FSTD ftemp2,-8(%sp) ; - XMPYU A0R,A1R,ftemp3 ; lt = bl*lt - FSTD ftemp3,-32(%sp) - XMPYU A0L,A1L,ftemp4 ; ht = bh*ht - FSTD ftemp4,-24(%sp) ; - - LDD -8(%sp),m ; r21 = m - LDD -16(%sp),m1 ; r19 = m1 - ADD,L m,m1,m ; m+m1 - - DEPD,Z m,31,32,temp3 ; (m+m1<<32) - LDD -24(%sp),ht ; r24 = ht - - CMPCLR,*>>= m,m1,%r0 ; if (m < m1) - ADD,L ht,high_one,ht ; ht+=high_one - - EXTRD,U m,31,32,temp1 ; m >> 32 - LDD -32(%sp),lt ; lt - ADD,L ht,temp1,ht ; ht+= m>>32 - ADD lt,temp3,lt ; lt = lt+m1 - ADD,DC ht,%r0,ht ; ht++ - - ADD ht,ht,ht ; ht=ht+ht; - ADD,DC C3,%r0,C3 ; add in carry (c3++) - - ADD lt,lt,lt ; lt=lt+lt; - ADD,DC ht,%r0,ht ; add in carry (ht++) - - ADD C1,lt,C1 ; c1=c1+lt - ADD,DC,*NUV ht,%r0,ht ; add in carry (ht++) - LDO 1(C3),C3 ; bump c3 if overflow,nullify otherwise - - ADD C2,ht,C2 ; c2 = c2 + ht - ADD,DC C3,%r0,C3 ; add in carry (c3++) -.endm - -; -;void bn_sqr_comba8(BN_ULONG *r, BN_ULONG *a) -; arg0 = r_ptr -; arg1 = a_ptr -; - -bn_sqr_comba8 - .PROC - .CALLINFO FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE - .EXPORT bn_sqr_comba8,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN - .ENTRY - .align 64 - - STD %r3,0(%sp) ; save r3 - STD %r4,8(%sp) ; save r4 - STD %r5,16(%sp) ; save r5 - STD %r6,24(%sp) ; save r6 - - ; - ; Zero out carries - ; - COPY %r0,c1 - COPY %r0,c2 - COPY %r0,c3 - - LDO 128(%sp),%sp ; bump stack - DEPDI,Z -1,32,33,high_mask ; Create Mask 0xffffffff80000000L - DEPDI,Z 1,31,1,high_one ; Create Value 1 << 32 - - ; - ; Load up all of the values we are going to use - ; - FLDD 0(a_ptr),a0 - FLDD 8(a_ptr),a1 - FLDD 16(a_ptr),a2 - FLDD 24(a_ptr),a3 - FLDD 32(a_ptr),a4 - FLDD 40(a_ptr),a5 - FLDD 48(a_ptr),a6 - FLDD 56(a_ptr),a7 - - SQR_ADD_C a0L,a0R,c1,c2,c3 - STD c1,0(r_ptr) ; r[0] = c1; - COPY %r0,c1 - - SQR_ADD_C2 a1L,a1R,a0L,a0R,c2,c3,c1 - STD c2,8(r_ptr) ; r[1] = c2; - COPY %r0,c2 - - SQR_ADD_C a1L,a1R,c3,c1,c2 - SQR_ADD_C2 a2L,a2R,a0L,a0R,c3,c1,c2 - STD c3,16(r_ptr) ; r[2] = c3; - COPY %r0,c3 - - SQR_ADD_C2 a3L,a3R,a0L,a0R,c1,c2,c3 - SQR_ADD_C2 a2L,a2R,a1L,a1R,c1,c2,c3 - STD c1,24(r_ptr) ; r[3] = c1; - COPY %r0,c1 - - SQR_ADD_C a2L,a2R,c2,c3,c1 - SQR_ADD_C2 a3L,a3R,a1L,a1R,c2,c3,c1 - SQR_ADD_C2 a4L,a4R,a0L,a0R,c2,c3,c1 - STD c2,32(r_ptr) ; r[4] = c2; - COPY %r0,c2 - - SQR_ADD_C2 a5L,a5R,a0L,a0R,c3,c1,c2 - SQR_ADD_C2 a4L,a4R,a1L,a1R,c3,c1,c2 - SQR_ADD_C2 a3L,a3R,a2L,a2R,c3,c1,c2 - STD c3,40(r_ptr) ; r[5] = c3; - COPY %r0,c3 - - SQR_ADD_C a3L,a3R,c1,c2,c3 - SQR_ADD_C2 a4L,a4R,a2L,a2R,c1,c2,c3 - SQR_ADD_C2 a5L,a5R,a1L,a1R,c1,c2,c3 - SQR_ADD_C2 a6L,a6R,a0L,a0R,c1,c2,c3 - STD c1,48(r_ptr) ; r[6] = c1; - COPY %r0,c1 - - SQR_ADD_C2 a7L,a7R,a0L,a0R,c2,c3,c1 - SQR_ADD_C2 a6L,a6R,a1L,a1R,c2,c3,c1 - SQR_ADD_C2 a5L,a5R,a2L,a2R,c2,c3,c1 - SQR_ADD_C2 a4L,a4R,a3L,a3R,c2,c3,c1 - STD c2,56(r_ptr) ; r[7] = c2; - COPY %r0,c2 - - SQR_ADD_C a4L,a4R,c3,c1,c2 - SQR_ADD_C2 a5L,a5R,a3L,a3R,c3,c1,c2 - SQR_ADD_C2 a6L,a6R,a2L,a2R,c3,c1,c2 - SQR_ADD_C2 a7L,a7R,a1L,a1R,c3,c1,c2 - STD c3,64(r_ptr) ; r[8] = c3; - COPY %r0,c3 - - SQR_ADD_C2 a7L,a7R,a2L,a2R,c1,c2,c3 - SQR_ADD_C2 a6L,a6R,a3L,a3R,c1,c2,c3 - SQR_ADD_C2 a5L,a5R,a4L,a4R,c1,c2,c3 - STD c1,72(r_ptr) ; r[9] = c1; - COPY %r0,c1 - - SQR_ADD_C a5L,a5R,c2,c3,c1 - SQR_ADD_C2 a6L,a6R,a4L,a4R,c2,c3,c1 - SQR_ADD_C2 a7L,a7R,a3L,a3R,c2,c3,c1 - STD c2,80(r_ptr) ; r[10] = c2; - COPY %r0,c2 - - SQR_ADD_C2 a7L,a7R,a4L,a4R,c3,c1,c2 - SQR_ADD_C2 a6L,a6R,a5L,a5R,c3,c1,c2 - STD c3,88(r_ptr) ; r[11] = c3; - COPY %r0,c3 - - SQR_ADD_C a6L,a6R,c1,c2,c3 - SQR_ADD_C2 a7L,a7R,a5L,a5R,c1,c2,c3 - STD c1,96(r_ptr) ; r[12] = c1; - COPY %r0,c1 - - SQR_ADD_C2 a7L,a7R,a6L,a6R,c2,c3,c1 - STD c2,104(r_ptr) ; r[13] = c2; - COPY %r0,c2 - - SQR_ADD_C a7L,a7R,c3,c1,c2 - STD c3, 112(r_ptr) ; r[14] = c3 - STD c1, 120(r_ptr) ; r[15] = c1 - - .EXIT - LDD -104(%sp),%r6 ; restore r6 - LDD -112(%sp),%r5 ; restore r5 - LDD -120(%sp),%r4 ; restore r4 - BVE (%rp) - LDD,MB -128(%sp),%r3 - - .PROCEND - -;----------------------------------------------------------------------------- -; -;void bn_sqr_comba4(BN_ULONG *r, BN_ULONG *a) -; arg0 = r_ptr -; arg1 = a_ptr -; - -bn_sqr_comba4 - .proc - .callinfo FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE - .EXPORT bn_sqr_comba4,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN - .entry - .align 64 - STD %r3,0(%sp) ; save r3 - STD %r4,8(%sp) ; save r4 - STD %r5,16(%sp) ; save r5 - STD %r6,24(%sp) ; save r6 - - ; - ; Zero out carries - ; - COPY %r0,c1 - COPY %r0,c2 - COPY %r0,c3 - - LDO 128(%sp),%sp ; bump stack - DEPDI,Z -1,32,33,high_mask ; Create Mask 0xffffffff80000000L - DEPDI,Z 1,31,1,high_one ; Create Value 1 << 32 - - ; - ; Load up all of the values we are going to use - ; - FLDD 0(a_ptr),a0 - FLDD 8(a_ptr),a1 - FLDD 16(a_ptr),a2 - FLDD 24(a_ptr),a3 - FLDD 32(a_ptr),a4 - FLDD 40(a_ptr),a5 - FLDD 48(a_ptr),a6 - FLDD 56(a_ptr),a7 - - SQR_ADD_C a0L,a0R,c1,c2,c3 - - STD c1,0(r_ptr) ; r[0] = c1; - COPY %r0,c1 - - SQR_ADD_C2 a1L,a1R,a0L,a0R,c2,c3,c1 - - STD c2,8(r_ptr) ; r[1] = c2; - COPY %r0,c2 - - SQR_ADD_C a1L,a1R,c3,c1,c2 - SQR_ADD_C2 a2L,a2R,a0L,a0R,c3,c1,c2 - - STD c3,16(r_ptr) ; r[2] = c3; - COPY %r0,c3 - - SQR_ADD_C2 a3L,a3R,a0L,a0R,c1,c2,c3 - SQR_ADD_C2 a2L,a2R,a1L,a1R,c1,c2,c3 - - STD c1,24(r_ptr) ; r[3] = c1; - COPY %r0,c1 - - SQR_ADD_C a2L,a2R,c2,c3,c1 - SQR_ADD_C2 a3L,a3R,a1L,a1R,c2,c3,c1 - - STD c2,32(r_ptr) ; r[4] = c2; - COPY %r0,c2 - - SQR_ADD_C2 a3L,a3R,a2L,a2R,c3,c1,c2 - STD c3,40(r_ptr) ; r[5] = c3; - COPY %r0,c3 - - SQR_ADD_C a3L,a3R,c1,c2,c3 - STD c1,48(r_ptr) ; r[6] = c1; - STD c2,56(r_ptr) ; r[7] = c2; - - .EXIT - LDD -104(%sp),%r6 ; restore r6 - LDD -112(%sp),%r5 ; restore r5 - LDD -120(%sp),%r4 ; restore r4 - BVE (%rp) - LDD,MB -128(%sp),%r3 - - .PROCEND - - -;--------------------------------------------------------------------------- - -MUL_ADD_C .macro A0L,A0R,B0L,B0R,C1,C2,C3 - XMPYU A0L,B0R,ftemp1 ; m1 = bl*ht - FSTD ftemp1,-16(%sp) ; - XMPYU A0R,B0L,ftemp2 ; m = bh*lt - FSTD ftemp2,-8(%sp) ; - XMPYU A0R,B0R,ftemp3 ; lt = bl*lt - FSTD ftemp3,-32(%sp) - XMPYU A0L,B0L,ftemp4 ; ht = bh*ht - FSTD ftemp4,-24(%sp) ; - - LDD -8(%sp),m ; r21 = m - LDD -16(%sp),m1 ; r19 = m1 - ADD,L m,m1,m ; m+m1 - - DEPD,Z m,31,32,temp3 ; (m+m1<<32) - LDD -24(%sp),ht ; r24 = ht - - CMPCLR,*>>= m,m1,%r0 ; if (m < m1) - ADD,L ht,high_one,ht ; ht+=high_one - - EXTRD,U m,31,32,temp1 ; m >> 32 - LDD -32(%sp),lt ; lt - ADD,L ht,temp1,ht ; ht+= m>>32 - ADD lt,temp3,lt ; lt = lt+m1 - ADD,DC ht,%r0,ht ; ht++ - - ADD C1,lt,C1 ; c1=c1+lt - ADD,DC ht,%r0,ht ; bump c3 if overflow,nullify otherwise - - ADD C2,ht,C2 ; c2 = c2 + ht - ADD,DC C3,%r0,C3 ; add in carry (c3++) -.endm - - -; -;void bn_mul_comba8(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b) -; arg0 = r_ptr -; arg1 = a_ptr -; arg2 = b_ptr -; - -bn_mul_comba8 - .proc - .callinfo FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE - .EXPORT bn_mul_comba8,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN - .entry - .align 64 - - STD %r3,0(%sp) ; save r3 - STD %r4,8(%sp) ; save r4 - STD %r5,16(%sp) ; save r5 - STD %r6,24(%sp) ; save r6 - FSTD %fr12,32(%sp) ; save r6 - FSTD %fr13,40(%sp) ; save r7 - - ; - ; Zero out carries - ; - COPY %r0,c1 - COPY %r0,c2 - COPY %r0,c3 - - LDO 128(%sp),%sp ; bump stack - DEPDI,Z 1,31,1,high_one ; Create Value 1 << 32 - - ; - ; Load up all of the values we are going to use - ; - FLDD 0(a_ptr),a0 - FLDD 8(a_ptr),a1 - FLDD 16(a_ptr),a2 - FLDD 24(a_ptr),a3 - FLDD 32(a_ptr),a4 - FLDD 40(a_ptr),a5 - FLDD 48(a_ptr),a6 - FLDD 56(a_ptr),a7 - - FLDD 0(b_ptr),b0 - FLDD 8(b_ptr),b1 - FLDD 16(b_ptr),b2 - FLDD 24(b_ptr),b3 - FLDD 32(b_ptr),b4 - FLDD 40(b_ptr),b5 - FLDD 48(b_ptr),b6 - FLDD 56(b_ptr),b7 - - MUL_ADD_C a0L,a0R,b0L,b0R,c1,c2,c3 - STD c1,0(r_ptr) - COPY %r0,c1 - - MUL_ADD_C a0L,a0R,b1L,b1R,c2,c3,c1 - MUL_ADD_C a1L,a1R,b0L,b0R,c2,c3,c1 - STD c2,8(r_ptr) - COPY %r0,c2 - - MUL_ADD_C a2L,a2R,b0L,b0R,c3,c1,c2 - MUL_ADD_C a1L,a1R,b1L,b1R,c3,c1,c2 - MUL_ADD_C a0L,a0R,b2L,b2R,c3,c1,c2 - STD c3,16(r_ptr) - COPY %r0,c3 - - MUL_ADD_C a0L,a0R,b3L,b3R,c1,c2,c3 - MUL_ADD_C a1L,a1R,b2L,b2R,c1,c2,c3 - MUL_ADD_C a2L,a2R,b1L,b1R,c1,c2,c3 - MUL_ADD_C a3L,a3R,b0L,b0R,c1,c2,c3 - STD c1,24(r_ptr) - COPY %r0,c1 - - MUL_ADD_C a4L,a4R,b0L,b0R,c2,c3,c1 - MUL_ADD_C a3L,a3R,b1L,b1R,c2,c3,c1 - MUL_ADD_C a2L,a2R,b2L,b2R,c2,c3,c1 - MUL_ADD_C a1L,a1R,b3L,b3R,c2,c3,c1 - MUL_ADD_C a0L,a0R,b4L,b4R,c2,c3,c1 - STD c2,32(r_ptr) - COPY %r0,c2 - - MUL_ADD_C a0L,a0R,b5L,b5R,c3,c1,c2 - MUL_ADD_C a1L,a1R,b4L,b4R,c3,c1,c2 - MUL_ADD_C a2L,a2R,b3L,b3R,c3,c1,c2 - MUL_ADD_C a3L,a3R,b2L,b2R,c3,c1,c2 - MUL_ADD_C a4L,a4R,b1L,b1R,c3,c1,c2 - MUL_ADD_C a5L,a5R,b0L,b0R,c3,c1,c2 - STD c3,40(r_ptr) - COPY %r0,c3 - - MUL_ADD_C a6L,a6R,b0L,b0R,c1,c2,c3 - MUL_ADD_C a5L,a5R,b1L,b1R,c1,c2,c3 - MUL_ADD_C a4L,a4R,b2L,b2R,c1,c2,c3 - MUL_ADD_C a3L,a3R,b3L,b3R,c1,c2,c3 - MUL_ADD_C a2L,a2R,b4L,b4R,c1,c2,c3 - MUL_ADD_C a1L,a1R,b5L,b5R,c1,c2,c3 - MUL_ADD_C a0L,a0R,b6L,b6R,c1,c2,c3 - STD c1,48(r_ptr) - COPY %r0,c1 - - MUL_ADD_C a0L,a0R,b7L,b7R,c2,c3,c1 - MUL_ADD_C a1L,a1R,b6L,b6R,c2,c3,c1 - MUL_ADD_C a2L,a2R,b5L,b5R,c2,c3,c1 - MUL_ADD_C a3L,a3R,b4L,b4R,c2,c3,c1 - MUL_ADD_C a4L,a4R,b3L,b3R,c2,c3,c1 - MUL_ADD_C a5L,a5R,b2L,b2R,c2,c3,c1 - MUL_ADD_C a6L,a6R,b1L,b1R,c2,c3,c1 - MUL_ADD_C a7L,a7R,b0L,b0R,c2,c3,c1 - STD c2,56(r_ptr) - COPY %r0,c2 - - MUL_ADD_C a7L,a7R,b1L,b1R,c3,c1,c2 - MUL_ADD_C a6L,a6R,b2L,b2R,c3,c1,c2 - MUL_ADD_C a5L,a5R,b3L,b3R,c3,c1,c2 - MUL_ADD_C a4L,a4R,b4L,b4R,c3,c1,c2 - MUL_ADD_C a3L,a3R,b5L,b5R,c3,c1,c2 - MUL_ADD_C a2L,a2R,b6L,b6R,c3,c1,c2 - MUL_ADD_C a1L,a1R,b7L,b7R,c3,c1,c2 - STD c3,64(r_ptr) - COPY %r0,c3 - - MUL_ADD_C a2L,a2R,b7L,b7R,c1,c2,c3 - MUL_ADD_C a3L,a3R,b6L,b6R,c1,c2,c3 - MUL_ADD_C a4L,a4R,b5L,b5R,c1,c2,c3 - MUL_ADD_C a5L,a5R,b4L,b4R,c1,c2,c3 - MUL_ADD_C a6L,a6R,b3L,b3R,c1,c2,c3 - MUL_ADD_C a7L,a7R,b2L,b2R,c1,c2,c3 - STD c1,72(r_ptr) - COPY %r0,c1 - - MUL_ADD_C a7L,a7R,b3L,b3R,c2,c3,c1 - MUL_ADD_C a6L,a6R,b4L,b4R,c2,c3,c1 - MUL_ADD_C a5L,a5R,b5L,b5R,c2,c3,c1 - MUL_ADD_C a4L,a4R,b6L,b6R,c2,c3,c1 - MUL_ADD_C a3L,a3R,b7L,b7R,c2,c3,c1 - STD c2,80(r_ptr) - COPY %r0,c2 - - MUL_ADD_C a4L,a4R,b7L,b7R,c3,c1,c2 - MUL_ADD_C a5L,a5R,b6L,b6R,c3,c1,c2 - MUL_ADD_C a6L,a6R,b5L,b5R,c3,c1,c2 - MUL_ADD_C a7L,a7R,b4L,b4R,c3,c1,c2 - STD c3,88(r_ptr) - COPY %r0,c3 - - MUL_ADD_C a7L,a7R,b5L,b5R,c1,c2,c3 - MUL_ADD_C a6L,a6R,b6L,b6R,c1,c2,c3 - MUL_ADD_C a5L,a5R,b7L,b7R,c1,c2,c3 - STD c1,96(r_ptr) - COPY %r0,c1 - - MUL_ADD_C a6L,a6R,b7L,b7R,c2,c3,c1 - MUL_ADD_C a7L,a7R,b6L,b6R,c2,c3,c1 - STD c2,104(r_ptr) - COPY %r0,c2 - - MUL_ADD_C a7L,a7R,b7L,b7R,c3,c1,c2 - STD c3,112(r_ptr) - STD c1,120(r_ptr) - - .EXIT - FLDD -88(%sp),%fr13 - FLDD -96(%sp),%fr12 - LDD -104(%sp),%r6 ; restore r6 - LDD -112(%sp),%r5 ; restore r5 - LDD -120(%sp),%r4 ; restore r4 - BVE (%rp) - LDD,MB -128(%sp),%r3 - - .PROCEND - -;----------------------------------------------------------------------------- -; -;void bn_mul_comba4(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b) -; arg0 = r_ptr -; arg1 = a_ptr -; arg2 = b_ptr -; - -bn_mul_comba4 - .proc - .callinfo FRAME=128,ENTRY_GR=%r3,ARGS_SAVED,ORDERING_AWARE - .EXPORT bn_mul_comba4,ENTRY,PRIV_LEV=3,NO_RELOCATION,LONG_RETURN - .entry - .align 64 - - STD %r3,0(%sp) ; save r3 - STD %r4,8(%sp) ; save r4 - STD %r5,16(%sp) ; save r5 - STD %r6,24(%sp) ; save r6 - FSTD %fr12,32(%sp) ; save r6 - FSTD %fr13,40(%sp) ; save r7 - - ; - ; Zero out carries - ; - COPY %r0,c1 - COPY %r0,c2 - COPY %r0,c3 - - LDO 128(%sp),%sp ; bump stack - DEPDI,Z 1,31,1,high_one ; Create Value 1 << 32 - - ; - ; Load up all of the values we are going to use - ; - FLDD 0(a_ptr),a0 - FLDD 8(a_ptr),a1 - FLDD 16(a_ptr),a2 - FLDD 24(a_ptr),a3 - - FLDD 0(b_ptr),b0 - FLDD 8(b_ptr),b1 - FLDD 16(b_ptr),b2 - FLDD 24(b_ptr),b3 - - MUL_ADD_C a0L,a0R,b0L,b0R,c1,c2,c3 - STD c1,0(r_ptr) - COPY %r0,c1 - - MUL_ADD_C a0L,a0R,b1L,b1R,c2,c3,c1 - MUL_ADD_C a1L,a1R,b0L,b0R,c2,c3,c1 - STD c2,8(r_ptr) - COPY %r0,c2 - - MUL_ADD_C a2L,a2R,b0L,b0R,c3,c1,c2 - MUL_ADD_C a1L,a1R,b1L,b1R,c3,c1,c2 - MUL_ADD_C a0L,a0R,b2L,b2R,c3,c1,c2 - STD c3,16(r_ptr) - COPY %r0,c3 - - MUL_ADD_C a0L,a0R,b3L,b3R,c1,c2,c3 - MUL_ADD_C a1L,a1R,b2L,b2R,c1,c2,c3 - MUL_ADD_C a2L,a2R,b1L,b1R,c1,c2,c3 - MUL_ADD_C a3L,a3R,b0L,b0R,c1,c2,c3 - STD c1,24(r_ptr) - COPY %r0,c1 - - MUL_ADD_C a3L,a3R,b1L,b1R,c2,c3,c1 - MUL_ADD_C a2L,a2R,b2L,b2R,c2,c3,c1 - MUL_ADD_C a1L,a1R,b3L,b3R,c2,c3,c1 - STD c2,32(r_ptr) - COPY %r0,c2 - - MUL_ADD_C a2L,a2R,b3L,b3R,c3,c1,c2 - MUL_ADD_C a3L,a3R,b2L,b2R,c3,c1,c2 - STD c3,40(r_ptr) - COPY %r0,c3 - - MUL_ADD_C a3L,a3R,b3L,b3R,c1,c2,c3 - STD c1,48(r_ptr) - STD c2,56(r_ptr) - - .EXIT - FLDD -88(%sp),%fr13 - FLDD -96(%sp),%fr12 - LDD -104(%sp),%r6 ; restore r6 - LDD -112(%sp),%r5 ; restore r5 - LDD -120(%sp),%r4 ; restore r4 - BVE (%rp) - LDD,MB -128(%sp),%r3 - - .PROCEND - - - .SPACE $TEXT$ - .SUBSPA $CODE$ - .SPACE $PRIVATE$,SORT=16 - .IMPORT $global$,DATA - .SPACE $TEXT$ - .SUBSPA $CODE$ - .SUBSPA $LIT$,QUAD=0,ALIGN=8,ACCESS=0x2c,SORT=16 -C$4 - .ALIGN 8 - .STRINGZ "Division would overflow (%d)\n" - .END diff --git a/src/lib/libcrypto/bn/asm/sparcv8.S b/src/lib/libcrypto/bn/asm/sparcv8.S deleted file mode 100644 index 88c5dc480a..0000000000 --- a/src/lib/libcrypto/bn/asm/sparcv8.S +++ /dev/null @@ -1,1458 +0,0 @@ -.ident "sparcv8.s, Version 1.4" -.ident "SPARC v8 ISA artwork by Andy Polyakov " - -/* - * ==================================================================== - * Written by Andy Polyakov for the OpenSSL - * project. - * - * Rights for redistribution and usage in source and binary forms are - * granted according to the OpenSSL license. Warranty of any kind is - * disclaimed. - * ==================================================================== - */ - -/* - * This is my modest contributon to OpenSSL project (see - * http://www.openssl.org/ for more information about it) and is - * a drop-in SuperSPARC ISA replacement for crypto/bn/bn_asm.c - * module. For updates see http://fy.chalmers.se/~appro/hpe/. - * - * See bn_asm.sparc.v8plus.S for more details. - */ - -/* - * Revision history. - * - * 1.1 - new loop unrolling model(*); - * 1.2 - made gas friendly; - * 1.3 - fixed problem with /usr/ccs/lib/cpp; - * 1.4 - some retunes; - * - * (*) see bn_asm.sparc.v8plus.S for details - */ - -.section ".text",#alloc,#execinstr -.file "bn_asm.sparc.v8.S" - -.align 32 - -.global bn_mul_add_words -/* - * BN_ULONG bn_mul_add_words(rp,ap,num,w) - * BN_ULONG *rp,*ap; - * int num; - * BN_ULONG w; - */ -bn_mul_add_words: - cmp %o2,0 - bg,a .L_bn_mul_add_words_proceed - ld [%o1],%g2 - retl - clr %o0 - -.L_bn_mul_add_words_proceed: - andcc %o2,-4,%g0 - bz .L_bn_mul_add_words_tail - clr %o5 - -.L_bn_mul_add_words_loop: - ld [%o0],%o4 - ld [%o1+4],%g3 - umul %o3,%g2,%g2 - rd %y,%g1 - addcc %o4,%o5,%o4 - addx %g1,0,%g1 - addcc %o4,%g2,%o4 - st %o4,[%o0] - addx %g1,0,%o5 - - ld [%o0+4],%o4 - ld [%o1+8],%g2 - umul %o3,%g3,%g3 - dec 4,%o2 - rd %y,%g1 - addcc %o4,%o5,%o4 - addx %g1,0,%g1 - addcc %o4,%g3,%o4 - st %o4,[%o0+4] - addx %g1,0,%o5 - - ld [%o0+8],%o4 - ld [%o1+12],%g3 - umul %o3,%g2,%g2 - inc 16,%o1 - rd %y,%g1 - addcc %o4,%o5,%o4 - addx %g1,0,%g1 - addcc %o4,%g2,%o4 - st %o4,[%o0+8] - addx %g1,0,%o5 - - ld [%o0+12],%o4 - umul %o3,%g3,%g3 - inc 16,%o0 - rd %y,%g1 - addcc %o4,%o5,%o4 - addx %g1,0,%g1 - addcc %o4,%g3,%o4 - st %o4,[%o0-4] - addx %g1,0,%o5 - andcc %o2,-4,%g0 - bnz,a .L_bn_mul_add_words_loop - ld [%o1],%g2 - - tst %o2 - bnz,a .L_bn_mul_add_words_tail - ld [%o1],%g2 -.L_bn_mul_add_words_return: - retl - mov %o5,%o0 - nop - -.L_bn_mul_add_words_tail: - ld [%o0],%o4 - umul %o3,%g2,%g2 - addcc %o4,%o5,%o4 - rd %y,%g1 - addx %g1,0,%g1 - addcc %o4,%g2,%o4 - addx %g1,0,%o5 - deccc %o2 - bz .L_bn_mul_add_words_return - st %o4,[%o0] - - ld [%o1+4],%g2 - ld [%o0+4],%o4 - umul %o3,%g2,%g2 - rd %y,%g1 - addcc %o4,%o5,%o4 - addx %g1,0,%g1 - addcc %o4,%g2,%o4 - addx %g1,0,%o5 - deccc %o2 - bz .L_bn_mul_add_words_return - st %o4,[%o0+4] - - ld [%o1+8],%g2 - ld [%o0+8],%o4 - umul %o3,%g2,%g2 - rd %y,%g1 - addcc %o4,%o5,%o4 - addx %g1,0,%g1 - addcc %o4,%g2,%o4 - st %o4,[%o0+8] - retl - addx %g1,0,%o0 - -.type bn_mul_add_words,#function -.size bn_mul_add_words,(.-bn_mul_add_words) - -.align 32 - -.global bn_mul_words -/* - * BN_ULONG bn_mul_words(rp,ap,num,w) - * BN_ULONG *rp,*ap; - * int num; - * BN_ULONG w; - */ -bn_mul_words: - cmp %o2,0 - bg,a .L_bn_mul_words_proceeed - ld [%o1],%g2 - retl - clr %o0 - -.L_bn_mul_words_proceeed: - andcc %o2,-4,%g0 - bz .L_bn_mul_words_tail - clr %o5 - -.L_bn_mul_words_loop: - ld [%o1+4],%g3 - umul %o3,%g2,%g2 - addcc %g2,%o5,%g2 - rd %y,%g1 - addx %g1,0,%o5 - st %g2,[%o0] - - ld [%o1+8],%g2 - umul %o3,%g3,%g3 - addcc %g3,%o5,%g3 - rd %y,%g1 - dec 4,%o2 - addx %g1,0,%o5 - st %g3,[%o0+4] - - ld [%o1+12],%g3 - umul %o3,%g2,%g2 - addcc %g2,%o5,%g2 - rd %y,%g1 - inc 16,%o1 - st %g2,[%o0+8] - addx %g1,0,%o5 - - umul %o3,%g3,%g3 - addcc %g3,%o5,%g3 - rd %y,%g1 - inc 16,%o0 - addx %g1,0,%o5 - st %g3,[%o0-4] - andcc %o2,-4,%g0 - nop - bnz,a .L_bn_mul_words_loop - ld [%o1],%g2 - - tst %o2 - bnz,a .L_bn_mul_words_tail - ld [%o1],%g2 -.L_bn_mul_words_return: - retl - mov %o5,%o0 - nop - -.L_bn_mul_words_tail: - umul %o3,%g2,%g2 - addcc %g2,%o5,%g2 - rd %y,%g1 - addx %g1,0,%o5 - deccc %o2 - bz .L_bn_mul_words_return - st %g2,[%o0] - nop - - ld [%o1+4],%g2 - umul %o3,%g2,%g2 - addcc %g2,%o5,%g2 - rd %y,%g1 - addx %g1,0,%o5 - deccc %o2 - bz .L_bn_mul_words_return - st %g2,[%o0+4] - - ld [%o1+8],%g2 - umul %o3,%g2,%g2 - addcc %g2,%o5,%g2 - rd %y,%g1 - st %g2,[%o0+8] - retl - addx %g1,0,%o0 - -.type bn_mul_words,#function -.size bn_mul_words,(.-bn_mul_words) - -.align 32 -.global bn_sqr_words -/* - * void bn_sqr_words(r,a,n) - * BN_ULONG *r,*a; - * int n; - */ -bn_sqr_words: - cmp %o2,0 - bg,a .L_bn_sqr_words_proceeed - ld [%o1],%g2 - retl - clr %o0 - -.L_bn_sqr_words_proceeed: - andcc %o2,-4,%g0 - bz .L_bn_sqr_words_tail - clr %o5 - -.L_bn_sqr_words_loop: - ld [%o1+4],%g3 - umul %g2,%g2,%o4 - st %o4,[%o0] - rd %y,%o5 - st %o5,[%o0+4] - - ld [%o1+8],%g2 - umul %g3,%g3,%o4 - dec 4,%o2 - st %o4,[%o0+8] - rd %y,%o5 - st %o5,[%o0+12] - nop - - ld [%o1+12],%g3 - umul %g2,%g2,%o4 - st %o4,[%o0+16] - rd %y,%o5 - inc 16,%o1 - st %o5,[%o0+20] - - umul %g3,%g3,%o4 - inc 32,%o0 - st %o4,[%o0-8] - rd %y,%o5 - st %o5,[%o0-4] - andcc %o2,-4,%g2 - bnz,a .L_bn_sqr_words_loop - ld [%o1],%g2 - - tst %o2 - nop - bnz,a .L_bn_sqr_words_tail - ld [%o1],%g2 -.L_bn_sqr_words_return: - retl - clr %o0 - -.L_bn_sqr_words_tail: - umul %g2,%g2,%o4 - st %o4,[%o0] - deccc %o2 - rd %y,%o5 - bz .L_bn_sqr_words_return - st %o5,[%o0+4] - - ld [%o1+4],%g2 - umul %g2,%g2,%o4 - st %o4,[%o0+8] - deccc %o2 - rd %y,%o5 - nop - bz .L_bn_sqr_words_return - st %o5,[%o0+12] - - ld [%o1+8],%g2 - umul %g2,%g2,%o4 - st %o4,[%o0+16] - rd %y,%o5 - st %o5,[%o0+20] - retl - clr %o0 - -.type bn_sqr_words,#function -.size bn_sqr_words,(.-bn_sqr_words) - -.align 32 - -.global bn_div_words -/* - * BN_ULONG bn_div_words(h,l,d) - * BN_ULONG h,l,d; - */ -bn_div_words: - wr %o0,%y - udiv %o1,%o2,%o0 - retl - nop - -.type bn_div_words,#function -.size bn_div_words,(.-bn_div_words) - -.align 32 - -.global bn_add_words -/* - * BN_ULONG bn_add_words(rp,ap,bp,n) - * BN_ULONG *rp,*ap,*bp; - * int n; - */ -bn_add_words: - cmp %o3,0 - bg,a .L_bn_add_words_proceed - ld [%o1],%o4 - retl - clr %o0 - -.L_bn_add_words_proceed: - andcc %o3,-4,%g0 - bz .L_bn_add_words_tail - clr %g1 - ba .L_bn_add_words_warn_loop - addcc %g0,0,%g0 ! clear carry flag - -.L_bn_add_words_loop: - ld [%o1],%o4 -.L_bn_add_words_warn_loop: - ld [%o2],%o5 - ld [%o1+4],%g3 - ld [%o2+4],%g4 - dec 4,%o3 - addxcc %o5,%o4,%o5 - st %o5,[%o0] - - ld [%o1+8],%o4 - ld [%o2+8],%o5 - inc 16,%o1 - addxcc %g3,%g4,%g3 - st %g3,[%o0+4] - - ld [%o1-4],%g3 - ld [%o2+12],%g4 - inc 16,%o2 - addxcc %o5,%o4,%o5 - st %o5,[%o0+8] - - inc 16,%o0 - addxcc %g3,%g4,%g3 - st %g3,[%o0-4] - addx %g0,0,%g1 - andcc %o3,-4,%g0 - bnz,a .L_bn_add_words_loop - addcc %g1,-1,%g0 - - tst %o3 - bnz,a .L_bn_add_words_tail - ld [%o1],%o4 -.L_bn_add_words_return: - retl - mov %g1,%o0 - -.L_bn_add_words_tail: - addcc %g1,-1,%g0 - ld [%o2],%o5 - addxcc %o5,%o4,%o5 - addx %g0,0,%g1 - deccc %o3 - bz .L_bn_add_words_return - st %o5,[%o0] - - ld [%o1+4],%o4 - addcc %g1,-1,%g0 - ld [%o2+4],%o5 - addxcc %o5,%o4,%o5 - addx %g0,0,%g1 - deccc %o3 - bz .L_bn_add_words_return - st %o5,[%o0+4] - - ld [%o1+8],%o4 - addcc %g1,-1,%g0 - ld [%o2+8],%o5 - addxcc %o5,%o4,%o5 - st %o5,[%o0+8] - retl - addx %g0,0,%o0 - -.type bn_add_words,#function -.size bn_add_words,(.-bn_add_words) - -.align 32 - -.global bn_sub_words -/* - * BN_ULONG bn_sub_words(rp,ap,bp,n) - * BN_ULONG *rp,*ap,*bp; - * int n; - */ -bn_sub_words: - cmp %o3,0 - bg,a .L_bn_sub_words_proceed - ld [%o1],%o4 - retl - clr %o0 - -.L_bn_sub_words_proceed: - andcc %o3,-4,%g0 - bz .L_bn_sub_words_tail - clr %g1 - ba .L_bn_sub_words_warm_loop - addcc %g0,0,%g0 ! clear carry flag - -.L_bn_sub_words_loop: - ld [%o1],%o4 -.L_bn_sub_words_warm_loop: - ld [%o2],%o5 - ld [%o1+4],%g3 - ld [%o2+4],%g4 - dec 4,%o3 - subxcc %o4,%o5,%o5 - st %o5,[%o0] - - ld [%o1+8],%o4 - ld [%o2+8],%o5 - inc 16,%o1 - subxcc %g3,%g4,%g4 - st %g4,[%o0+4] - - ld [%o1-4],%g3 - ld [%o2+12],%g4 - inc 16,%o2 - subxcc %o4,%o5,%o5 - st %o5,[%o0+8] - - inc 16,%o0 - subxcc %g3,%g4,%g4 - st %g4,[%o0-4] - addx %g0,0,%g1 - andcc %o3,-4,%g0 - bnz,a .L_bn_sub_words_loop - addcc %g1,-1,%g0 - - tst %o3 - nop - bnz,a .L_bn_sub_words_tail - ld [%o1],%o4 -.L_bn_sub_words_return: - retl - mov %g1,%o0 - -.L_bn_sub_words_tail: - addcc %g1,-1,%g0 - ld [%o2],%o5 - subxcc %o4,%o5,%o5 - addx %g0,0,%g1 - deccc %o3 - bz .L_bn_sub_words_return - st %o5,[%o0] - nop - - ld [%o1+4],%o4 - addcc %g1,-1,%g0 - ld [%o2+4],%o5 - subxcc %o4,%o5,%o5 - addx %g0,0,%g1 - deccc %o3 - bz .L_bn_sub_words_return - st %o5,[%o0+4] - - ld [%o1+8],%o4 - addcc %g1,-1,%g0 - ld [%o2+8],%o5 - subxcc %o4,%o5,%o5 - st %o5,[%o0+8] - retl - addx %g0,0,%o0 - -.type bn_sub_words,#function -.size bn_sub_words,(.-bn_sub_words) - -#define FRAME_SIZE -96 - -/* - * Here is register usage map for *all* routines below. - */ -#define t_1 %o0 -#define t_2 %o1 -#define c_1 %o2 -#define c_2 %o3 -#define c_3 %o4 - -#define ap(I) [%i1+4*I] -#define bp(I) [%i2+4*I] -#define rp(I) [%i0+4*I] - -#define a_0 %l0 -#define a_1 %l1 -#define a_2 %l2 -#define a_3 %l3 -#define a_4 %l4 -#define a_5 %l5 -#define a_6 %l6 -#define a_7 %l7 - -#define b_0 %i3 -#define b_1 %i4 -#define b_2 %i5 -#define b_3 %o5 -#define b_4 %g1 -#define b_5 %g2 -#define b_6 %g3 -#define b_7 %g4 - -.align 32 -.global bn_mul_comba8 -/* - * void bn_mul_comba8(r,a,b) - * BN_ULONG *r,*a,*b; - */ -bn_mul_comba8: - save %sp,FRAME_SIZE,%sp - ld ap(0),a_0 - ld bp(0),b_0 - umul a_0,b_0,c_1 !=!mul_add_c(a[0],b[0],c1,c2,c3); - ld bp(1),b_1 - rd %y,c_2 - st c_1,rp(0) !r[0]=c1; - - umul a_0,b_1,t_1 !=!mul_add_c(a[0],b[1],c2,c3,c1); - ld ap(1),a_1 - addcc c_2,t_1,c_2 - rd %y,t_2 - addxcc %g0,t_2,c_3 != - addx %g0,%g0,c_1 - ld ap(2),a_2 - umul a_1,b_0,t_1 !mul_add_c(a[1],b[0],c2,c3,c1); - addcc c_2,t_1,c_2 != - rd %y,t_2 - addxcc c_3,t_2,c_3 - st c_2,rp(1) !r[1]=c2; - addx c_1,%g0,c_1 != - - umul a_2,b_0,t_1 !mul_add_c(a[2],b[0],c3,c1,c2); - addcc c_3,t_1,c_3 - rd %y,t_2 - addxcc c_1,t_2,c_1 != - addx %g0,%g0,c_2 - ld bp(2),b_2 - umul a_1,b_1,t_1 !mul_add_c(a[1],b[1],c3,c1,c2); - addcc c_3,t_1,c_3 != - rd %y,t_2 - addxcc c_1,t_2,c_1 - ld bp(3),b_3 - addx c_2,%g0,c_2 != - umul a_0,b_2,t_1 !mul_add_c(a[0],b[2],c3,c1,c2); - addcc c_3,t_1,c_3 - rd %y,t_2 - addxcc c_1,t_2,c_1 != - addx c_2,%g0,c_2 - st c_3,rp(2) !r[2]=c3; - - umul a_0,b_3,t_1 !mul_add_c(a[0],b[3],c1,c2,c3); - addcc c_1,t_1,c_1 != - rd %y,t_2 - addxcc c_2,t_2,c_2 - addx %g0,%g0,c_3 - umul a_1,b_2,t_1 !=!mul_add_c(a[1],b[2],c1,c2,c3); - addcc c_1,t_1,c_1 - rd %y,t_2 - addxcc c_2,t_2,c_2 - addx c_3,%g0,c_3 != - ld ap(3),a_3 - umul a_2,b_1,t_1 !mul_add_c(a[2],b[1],c1,c2,c3); - addcc c_1,t_1,c_1 - rd %y,t_2 != - addxcc c_2,t_2,c_2 - addx c_3,%g0,c_3 - ld ap(4),a_4 - umul a_3,b_0,t_1 !mul_add_c(a[3],b[0],c1,c2,c3);!= - addcc c_1,t_1,c_1 - rd %y,t_2 - addxcc c_2,t_2,c_2 - addx c_3,%g0,c_3 != - st c_1,rp(3) !r[3]=c1; - - umul a_4,b_0,t_1 !mul_add_c(a[4],b[0],c2,c3,c1); - addcc c_2,t_1,c_2 - rd %y,t_2 != - addxcc c_3,t_2,c_3 - addx %g0,%g0,c_1 - umul a_3,b_1,t_1 !mul_add_c(a[3],b[1],c2,c3,c1); - addcc c_2,t_1,c_2 != - rd %y,t_2 - addxcc c_3,t_2,c_3 - addx c_1,%g0,c_1 - umul a_2,b_2,t_1 !=!mul_add_c(a[2],b[2],c2,c3,c1); - addcc c_2,t_1,c_2 - rd %y,t_2 - addxcc c_3,t_2,c_3 - addx c_1,%g0,c_1 != - ld bp(4),b_4 - umul a_1,b_3,t_1 !mul_add_c(a[1],b[3],c2,c3,c1); - addcc c_2,t_1,c_2 - rd %y,t_2 != - addxcc c_3,t_2,c_3 - addx c_1,%g0,c_1 - ld bp(5),b_5 - umul a_0,b_4,t_1 !=!mul_add_c(a[0],b[4],c2,c3,c1); - addcc c_2,t_1,c_2 - rd %y,t_2 - addxcc c_3,t_2,c_3 - addx c_1,%g0,c_1 != - st c_2,rp(4) !r[4]=c2; - - umul a_0,b_5,t_1 !mul_add_c(a[0],b[5],c3,c1,c2); - addcc c_3,t_1,c_3 - rd %y,t_2 != - addxcc c_1,t_2,c_1 - addx %g0,%g0,c_2 - umul a_1,b_4,t_1 !mul_add_c(a[1],b[4],c3,c1,c2); - addcc c_3,t_1,c_3 != - rd %y,t_2 - addxcc c_1,t_2,c_1 - addx c_2,%g0,c_2 - umul a_2,b_3,t_1 !=!mul_add_c(a[2],b[3],c3,c1,c2); - addcc c_3,t_1,c_3 - rd %y,t_2 - addxcc c_1,t_2,c_1 - addx c_2,%g0,c_2 != - umul a_3,b_2,t_1 !mul_add_c(a[3],b[2],c3,c1,c2); - addcc c_3,t_1,c_3 - rd %y,t_2 - addxcc c_1,t_2,c_1 != - addx c_2,%g0,c_2 - ld ap(5),a_5 - umul a_4,b_1,t_1 !mul_add_c(a[4],b[1],c3,c1,c2); - addcc c_3,t_1,c_3 != - rd %y,t_2 - addxcc c_1,t_2,c_1 - ld ap(6),a_6 - addx c_2,%g0,c_2 != - umul a_5,b_0,t_1 !mul_add_c(a[5],b[0],c3,c1,c2); - addcc c_3,t_1,c_3 - rd %y,t_2 - addxcc c_1,t_2,c_1 != - addx c_2,%g0,c_2 - st c_3,rp(5) !r[5]=c3; - - umul a_6,b_0,t_1 !mul_add_c(a[6],b[0],c1,c2,c3); - addcc c_1,t_1,c_1 != - rd %y,t_2 - addxcc c_2,t_2,c_2 - addx %g0,%g0,c_3 - umul a_5,b_1,t_1 !=!mul_add_c(a[5],b[1],c1,c2,c3); - addcc c_1,t_1,c_1 - rd %y,t_2 - addxcc c_2,t_2,c_2 - addx c_3,%g0,c_3 != - umul a_4,b_2,t_1 !mul_add_c(a[4],b[2],c1,c2,c3); - addcc c_1,t_1,c_1 - rd %y,t_2 - addxcc c_2,t_2,c_2 != - addx c_3,%g0,c_3 - umul a_3,b_3,t_1 !mul_add_c(a[3],b[3],c1,c2,c3); - addcc c_1,t_1,c_1 - rd %y,t_2 != - addxcc c_2,t_2,c_2 - addx c_3,%g0,c_3 - umul a_2,b_4,t_1 !mul_add_c(a[2],b[4],c1,c2,c3); - addcc c_1,t_1,c_1 != - rd %y,t_2 - addxcc c_2,t_2,c_2 - ld bp(6),b_6 - addx c_3,%g0,c_3 != - umul a_1,b_5,t_1 !mul_add_c(a[1],b[5],c1,c2,c3); - addcc c_1,t_1,c_1 - rd %y,t_2 - addxcc c_2,t_2,c_2 != - addx c_3,%g0,c_3 - ld bp(7),b_7 - umul a_0,b_6,t_1 !mul_add_c(a[0],b[6],c1,c2,c3); - addcc c_1,t_1,c_1 != - rd %y,t_2 - addxcc c_2,t_2,c_2 - st c_1,rp(6) !r[6]=c1; - addx c_3,%g0,c_3 != - - umul a_0,b_7,t_1 !mul_add_c(a[0],b[7],c2,c3,c1); - addcc c_2,t_1,c_2 - rd %y,t_2 - addxcc c_3,t_2,c_3 != - addx %g0,%g0,c_1 - umul a_1,b_6,t_1 !mul_add_c(a[1],b[6],c2,c3,c1); - addcc c_2,t_1,c_2 - rd %y,t_2 != - addxcc c_3,t_2,c_3 - addx c_1,%g0,c_1 - umul a_2,b_5,t_1 !mul_add_c(a[2],b[5],c2,c3,c1); - addcc c_2,t_1,c_2 != - rd %y,t_2 - addxcc c_3,t_2,c_3 - addx c_1,%g0,c_1 - umul a_3,b_4,t_1 !=!mul_add_c(a[3],b[4],c2,c3,c1); - addcc c_2,t_1,c_2 - rd %y,t_2 - addxcc c_3,t_2,c_3 - addx c_1,%g0,c_1 != - umul a_4,b_3,t_1 !mul_add_c(a[4],b[3],c2,c3,c1); - addcc c_2,t_1,c_2 - rd %y,t_2 - addxcc c_3,t_2,c_3 != - addx c_1,%g0,c_1 - umul a_5,b_2,t_1 !mul_add_c(a[5],b[2],c2,c3,c1); - addcc c_2,t_1,c_2 - rd %y,t_2 != - addxcc c_3,t_2,c_3 - addx c_1,%g0,c_1 - ld ap(7),a_7 - umul a_6,b_1,t_1 !=!mul_add_c(a[6],b[1],c2,c3,c1); - addcc c_2,t_1,c_2 - rd %y,t_2 - addxcc c_3,t_2,c_3 - addx c_1,%g0,c_1 != - umul a_7,b_0,t_1 !mul_add_c(a[7],b[0],c2,c3,c1); - addcc c_2,t_1,c_2 - rd %y,t_2 - addxcc c_3,t_2,c_3 != - addx c_1,%g0,c_1 - st c_2,rp(7) !r[7]=c2; - - umul a_7,b_1,t_1 !mul_add_c(a[7],b[1],c3,c1,c2); - addcc c_3,t_1,c_3 != - rd %y,t_2 - addxcc c_1,t_2,c_1 - addx %g0,%g0,c_2 - umul a_6,b_2,t_1 !=!mul_add_c(a[6],b[2],c3,c1,c2); - addcc c_3,t_1,c_3 - rd %y,t_2 - addxcc c_1,t_2,c_1 - addx c_2,%g0,c_2 != - umul a_5,b_3,t_1 !mul_add_c(a[5],b[3],c3,c1,c2); - addcc c_3,t_1,c_3 - rd %y,t_2 - addxcc c_1,t_2,c_1 != - addx c_2,%g0,c_2 - umul a_4,b_4,t_1 !mul_add_c(a[4],b[4],c3,c1,c2); - addcc c_3,t_1,c_3 - rd %y,t_2 != - addxcc c_1,t_2,c_1 - addx c_2,%g0,c_2 - umul a_3,b_5,t_1 !mul_add_c(a[3],b[5],c3,c1,c2); - addcc c_3,t_1,c_3 != - rd %y,t_2 - addxcc c_1,t_2,c_1 - addx c_2,%g0,c_2 - umul a_2,b_6,t_1 !=!mul_add_c(a[2],b[6],c3,c1,c2); - addcc c_3,t_1,c_3 - rd %y,t_2 - addxcc c_1,t_2,c_1 - addx c_2,%g0,c_2 != - umul a_1,b_7,t_1 !mul_add_c(a[1],b[7],c3,c1,c2); - addcc c_3,t_1,c_3 - rd %y,t_2 - addxcc c_1,t_2,c_1 ! - addx c_2,%g0,c_2 - st c_3,rp(8) !r[8]=c3; - - umul a_2,b_7,t_1 !mul_add_c(a[2],b[7],c1,c2,c3); - addcc c_1,t_1,c_1 != - rd %y,t_2 - addxcc c_2,t_2,c_2 - addx %g0,%g0,c_3 - umul a_3,b_6,t_1 !=!mul_add_c(a[3],b[6],c1,c2,c3); - addcc c_1,t_1,c_1 - rd %y,t_2 - addxcc c_2,t_2,c_2 - addx c_3,%g0,c_3 != - umul a_4,b_5,t_1 !mul_add_c(a[4],b[5],c1,c2,c3); - addcc c_1,t_1,c_1 - rd %y,t_2 - addxcc c_2,t_2,c_2 != - addx c_3,%g0,c_3 - umul a_5,b_4,t_1 !mul_add_c(a[5],b[4],c1,c2,c3); - addcc c_1,t_1,c_1 - rd %y,t_2 != - addxcc c_2,t_2,c_2 - addx c_3,%g0,c_3 - umul a_6,b_3,t_1 !mul_add_c(a[6],b[3],c1,c2,c3); - addcc c_1,t_1,c_1 != - rd %y,t_2 - addxcc c_2,t_2,c_2 - addx c_3,%g0,c_3 - umul a_7,b_2,t_1 !=!mul_add_c(a[7],b[2],c1,c2,c3); - addcc c_1,t_1,c_1 - rd %y,t_2 - addxcc c_2,t_2,c_2 - addx c_3,%g0,c_3 != - st c_1,rp(9) !r[9]=c1; - - umul a_7,b_3,t_1 !mul_add_c(a[7],b[3],c2,c3,c1); - addcc c_2,t_1,c_2 - rd %y,t_2 != - addxcc c_3,t_2,c_3 - addx %g0,%g0,c_1 - umul a_6,b_4,t_1 !mul_add_c(a[6],b[4],c2,c3,c1); - addcc c_2,t_1,c_2 != - rd %y,t_2 - addxcc c_3,t_2,c_3 - addx c_1,%g0,c_1 - umul a_5,b_5,t_1 !=!mul_add_c(a[5],b[5],c2,c3,c1); - addcc c_2,t_1,c_2 - rd %y,t_2 - addxcc c_3,t_2,c_3 - addx c_1,%g0,c_1 != - umul a_4,b_6,t_1 !mul_add_c(a[4],b[6],c2,c3,c1); - addcc c_2,t_1,c_2 - rd %y,t_2 - addxcc c_3,t_2,c_3 != - addx c_1,%g0,c_1 - umul a_3,b_7,t_1 !mul_add_c(a[3],b[7],c2,c3,c1); - addcc c_2,t_1,c_2 - rd %y,t_2 != - addxcc c_3,t_2,c_3 - addx c_1,%g0,c_1 - st c_2,rp(10) !r[10]=c2; - - umul a_4,b_7,t_1 !=!mul_add_c(a[4],b[7],c3,c1,c2); - addcc c_3,t_1,c_3 - rd %y,t_2 - addxcc c_1,t_2,c_1 - addx %g0,%g0,c_2 != - umul a_5,b_6,t_1 !mul_add_c(a[5],b[6],c3,c1,c2); - addcc c_3,t_1,c_3 - rd %y,t_2 - addxcc c_1,t_2,c_1 != - addx c_2,%g0,c_2 - umul a_6,b_5,t_1 !mul_add_c(a[6],b[5],c3,c1,c2); - addcc c_3,t_1,c_3 - rd %y,t_2 != - addxcc c_1,t_2,c_1 - addx c_2,%g0,c_2 - umul a_7,b_4,t_1 !mul_add_c(a[7],b[4],c3,c1,c2); - addcc c_3,t_1,c_3 != - rd %y,t_2 - addxcc c_1,t_2,c_1 - st c_3,rp(11) !r[11]=c3; - addx c_2,%g0,c_2 != - - umul a_7,b_5,t_1 !mul_add_c(a[7],b[5],c1,c2,c3); - addcc c_1,t_1,c_1 - rd %y,t_2 - addxcc c_2,t_2,c_2 != - addx %g0,%g0,c_3 - umul a_6,b_6,t_1 !mul_add_c(a[6],b[6],c1,c2,c3); - addcc c_1,t_1,c_1 - rd %y,t_2 != - addxcc c_2,t_2,c_2 - addx c_3,%g0,c_3 - umul a_5,b_7,t_1 !mul_add_c(a[5],b[7],c1,c2,c3); - addcc c_1,t_1,c_1 != - rd %y,t_2 - addxcc c_2,t_2,c_2 - st c_1,rp(12) !r[12]=c1; - addx c_3,%g0,c_3 != - - umul a_6,b_7,t_1 !mul_add_c(a[6],b[7],c2,c3,c1); - addcc c_2,t_1,c_2 - rd %y,t_2 - addxcc c_3,t_2,c_3 != - addx %g0,%g0,c_1 - umul a_7,b_6,t_1 !mul_add_c(a[7],b[6],c2,c3,c1); - addcc c_2,t_1,c_2 - rd %y,t_2 != - addxcc c_3,t_2,c_3 - addx c_1,%g0,c_1 - st c_2,rp(13) !r[13]=c2; - - umul a_7,b_7,t_1 !=!mul_add_c(a[7],b[7],c3,c1,c2); - addcc c_3,t_1,c_3 - rd %y,t_2 - addxcc c_1,t_2,c_1 - nop != - st c_3,rp(14) !r[14]=c3; - st c_1,rp(15) !r[15]=c1; - - ret - restore %g0,%g0,%o0 - -.type bn_mul_comba8,#function -.size bn_mul_comba8,(.-bn_mul_comba8) - -.align 32 - -.global bn_mul_comba4 -/* - * void bn_mul_comba4(r,a,b) - * BN_ULONG *r,*a,*b; - */ -bn_mul_comba4: - save %sp,FRAME_SIZE,%sp - ld ap(0),a_0 - ld bp(0),b_0 - umul a_0,b_0,c_1 !=!mul_add_c(a[0],b[0],c1,c2,c3); - ld bp(1),b_1 - rd %y,c_2 - st c_1,rp(0) !r[0]=c1; - - umul a_0,b_1,t_1 !=!mul_add_c(a[0],b[1],c2,c3,c1); - ld ap(1),a_1 - addcc c_2,t_1,c_2 - rd %y,t_2 != - addxcc %g0,t_2,c_3 - addx %g0,%g0,c_1 - ld ap(2),a_2 - umul a_1,b_0,t_1 !=!mul_add_c(a[1],b[0],c2,c3,c1); - addcc c_2,t_1,c_2 - rd %y,t_2 - addxcc c_3,t_2,c_3 - addx c_1,%g0,c_1 != - st c_2,rp(1) !r[1]=c2; - - umul a_2,b_0,t_1 !mul_add_c(a[2],b[0],c3,c1,c2); - addcc c_3,t_1,c_3 - rd %y,t_2 != - addxcc c_1,t_2,c_1 - addx %g0,%g0,c_2 - ld bp(2),b_2 - umul a_1,b_1,t_1 !=!mul_add_c(a[1],b[1],c3,c1,c2); - addcc c_3,t_1,c_3 - rd %y,t_2 - addxcc c_1,t_2,c_1 - addx c_2,%g0,c_2 != - ld bp(3),b_3 - umul a_0,b_2,t_1 !mul_add_c(a[0],b[2],c3,c1,c2); - addcc c_3,t_1,c_3 - rd %y,t_2 != - addxcc c_1,t_2,c_1 - addx c_2,%g0,c_2 - st c_3,rp(2) !r[2]=c3; - - umul a_0,b_3,t_1 !=!mul_add_c(a[0],b[3],c1,c2,c3); - addcc c_1,t_1,c_1 - rd %y,t_2 - addxcc c_2,t_2,c_2 - addx %g0,%g0,c_3 != - umul a_1,b_2,t_1 !mul_add_c(a[1],b[2],c1,c2,c3); - addcc c_1,t_1,c_1 - rd %y,t_2 - addxcc c_2,t_2,c_2 != - addx c_3,%g0,c_3 - ld ap(3),a_3 - umul a_2,b_1,t_1 !mul_add_c(a[2],b[1],c1,c2,c3); - addcc c_1,t_1,c_1 != - rd %y,t_2 - addxcc c_2,t_2,c_2 - addx c_3,%g0,c_3 - umul a_3,b_0,t_1 !=!mul_add_c(a[3],b[0],c1,c2,c3); - addcc c_1,t_1,c_1 - rd %y,t_2 - addxcc c_2,t_2,c_2 - addx c_3,%g0,c_3 != - st c_1,rp(3) !r[3]=c1; - - umul a_3,b_1,t_1 !mul_add_c(a[3],b[1],c2,c3,c1); - addcc c_2,t_1,c_2 - rd %y,t_2 != - addxcc c_3,t_2,c_3 - addx %g0,%g0,c_1 - umul a_2,b_2,t_1 !mul_add_c(a[2],b[2],c2,c3,c1); - addcc c_2,t_1,c_2 != - rd %y,t_2 - addxcc c_3,t_2,c_3 - addx c_1,%g0,c_1 - umul a_1,b_3,t_1 !=!mul_add_c(a[1],b[3],c2,c3,c1); - addcc c_2,t_1,c_2 - rd %y,t_2 - addxcc c_3,t_2,c_3 - addx c_1,%g0,c_1 != - st c_2,rp(4) !r[4]=c2; - - umul a_2,b_3,t_1 !mul_add_c(a[2],b[3],c3,c1,c2); - addcc c_3,t_1,c_3 - rd %y,t_2 != - addxcc c_1,t_2,c_1 - addx %g0,%g0,c_2 - umul a_3,b_2,t_1 !mul_add_c(a[3],b[2],c3,c1,c2); - addcc c_3,t_1,c_3 != - rd %y,t_2 - addxcc c_1,t_2,c_1 - st c_3,rp(5) !r[5]=c3; - addx c_2,%g0,c_2 != - - umul a_3,b_3,t_1 !mul_add_c(a[3],b[3],c1,c2,c3); - addcc c_1,t_1,c_1 - rd %y,t_2 - addxcc c_2,t_2,c_2 != - st c_1,rp(6) !r[6]=c1; - st c_2,rp(7) !r[7]=c2; - - ret - restore %g0,%g0,%o0 - -.type bn_mul_comba4,#function -.size bn_mul_comba4,(.-bn_mul_comba4) - -.align 32 - -.global bn_sqr_comba8 -bn_sqr_comba8: - save %sp,FRAME_SIZE,%sp - ld ap(0),a_0 - ld ap(1),a_1 - umul a_0,a_0,c_1 !=!sqr_add_c(a,0,c1,c2,c3); - rd %y,c_2 - st c_1,rp(0) !r[0]=c1; - - ld ap(2),a_2 - umul a_0,a_1,t_1 !=!sqr_add_c2(a,1,0,c2,c3,c1); - addcc c_2,t_1,c_2 - rd %y,t_2 - addxcc %g0,t_2,c_3 - addx %g0,%g0,c_1 != - addcc c_2,t_1,c_2 - addxcc c_3,t_2,c_3 - st c_2,rp(1) !r[1]=c2; - addx c_1,%g0,c_1 != - - umul a_2,a_0,t_1 !sqr_add_c2(a,2,0,c3,c1,c2); - addcc c_3,t_1,c_3 - rd %y,t_2 - addxcc c_1,t_2,c_1 != - addx %g0,%g0,c_2 - addcc c_3,t_1,c_3 - addxcc c_1,t_2,c_1 - addx c_2,%g0,c_2 != - ld ap(3),a_3 - umul a_1,a_1,t_1 !sqr_add_c(a,1,c3,c1,c2); - addcc c_3,t_1,c_3 - rd %y,t_2 != - addxcc c_1,t_2,c_1 - addx c_2,%g0,c_2 - st c_3,rp(2) !r[2]=c3; - - umul a_0,a_3,t_1 !=!sqr_add_c2(a,3,0,c1,c2,c3); - addcc c_1,t_1,c_1 - rd %y,t_2 - addxcc c_2,t_2,c_2 - addx %g0,%g0,c_3 != - addcc c_1,t_1,c_1 - addxcc c_2,t_2,c_2 - ld ap(4),a_4 - addx c_3,%g0,c_3 != - umul a_1,a_2,t_1 !sqr_add_c2(a,2,1,c1,c2,c3); - addcc c_1,t_1,c_1 - rd %y,t_2 - addxcc c_2,t_2,c_2 != - addx c_3,%g0,c_3 - addcc c_1,t_1,c_1 - addxcc c_2,t_2,c_2 - addx c_3,%g0,c_3 != - st c_1,rp(3) !r[3]=c1; - - umul a_4,a_0,t_1 !sqr_add_c2(a,4,0,c2,c3,c1); - addcc c_2,t_1,c_2 - rd %y,t_2 != - addxcc c_3,t_2,c_3 - addx %g0,%g0,c_1 - addcc c_2,t_1,c_2 - addxcc c_3,t_2,c_3 != - addx c_1,%g0,c_1 - umul a_3,a_1,t_1 !sqr_add_c2(a,3,1,c2,c3,c1); - addcc c_2,t_1,c_2 - rd %y,t_2 != - addxcc c_3,t_2,c_3 - addx c_1,%g0,c_1 - addcc c_2,t_1,c_2 - addxcc c_3,t_2,c_3 != - addx c_1,%g0,c_1 - ld ap(5),a_5 - umul a_2,a_2,t_1 !sqr_add_c(a,2,c2,c3,c1); - addcc c_2,t_1,c_2 != - rd %y,t_2 - addxcc c_3,t_2,c_3 - st c_2,rp(4) !r[4]=c2; - addx c_1,%g0,c_1 != - - umul a_0,a_5,t_1 !sqr_add_c2(a,5,0,c3,c1,c2); - addcc c_3,t_1,c_3 - rd %y,t_2 - addxcc c_1,t_2,c_1 != - addx %g0,%g0,c_2 - addcc c_3,t_1,c_3 - addxcc c_1,t_2,c_1 - addx c_2,%g0,c_2 != - umul a_1,a_4,t_1 !sqr_add_c2(a,4,1,c3,c1,c2); - addcc c_3,t_1,c_3 - rd %y,t_2 - addxcc c_1,t_2,c_1 != - addx c_2,%g0,c_2 - addcc c_3,t_1,c_3 - addxcc c_1,t_2,c_1 - addx c_2,%g0,c_2 != - ld ap(6),a_6 - umul a_2,a_3,t_1 !sqr_add_c2(a,3,2,c3,c1,c2); - addcc c_3,t_1,c_3 - rd %y,t_2 != - addxcc c_1,t_2,c_1 - addx c_2,%g0,c_2 - addcc c_3,t_1,c_3 - addxcc c_1,t_2,c_1 != - addx c_2,%g0,c_2 - st c_3,rp(5) !r[5]=c3; - - umul a_6,a_0,t_1 !sqr_add_c2(a,6,0,c1,c2,c3); - addcc c_1,t_1,c_1 != - rd %y,t_2 - addxcc c_2,t_2,c_2 - addx %g0,%g0,c_3 - addcc c_1,t_1,c_1 != - addxcc c_2,t_2,c_2 - addx c_3,%g0,c_3 - umul a_5,a_1,t_1 !sqr_add_c2(a,5,1,c1,c2,c3); - addcc c_1,t_1,c_1 != - rd %y,t_2 - addxcc c_2,t_2,c_2 - addx c_3,%g0,c_3 - addcc c_1,t_1,c_1 != - addxcc c_2,t_2,c_2 - addx c_3,%g0,c_3 - umul a_4,a_2,t_1 !sqr_add_c2(a,4,2,c1,c2,c3); - addcc c_1,t_1,c_1 != - rd %y,t_2 - addxcc c_2,t_2,c_2 - addx c_3,%g0,c_3 - addcc c_1,t_1,c_1 != - addxcc c_2,t_2,c_2 - addx c_3,%g0,c_3 - ld ap(7),a_7 - umul a_3,a_3,t_1 !=!sqr_add_c(a,3,c1,c2,c3); - addcc c_1,t_1,c_1 - rd %y,t_2 - addxcc c_2,t_2,c_2 - addx c_3,%g0,c_3 != - st c_1,rp(6) !r[6]=c1; - - umul a_0,a_7,t_1 !sqr_add_c2(a,7,0,c2,c3,c1); - addcc c_2,t_1,c_2 - rd %y,t_2 != - addxcc c_3,t_2,c_3 - addx %g0,%g0,c_1 - addcc c_2,t_1,c_2 - addxcc c_3,t_2,c_3 != - addx c_1,%g0,c_1 - umul a_1,a_6,t_1 !sqr_add_c2(a,6,1,c2,c3,c1); - addcc c_2,t_1,c_2 - rd %y,t_2 != - addxcc c_3,t_2,c_3 - addx c_1,%g0,c_1 - addcc c_2,t_1,c_2 - addxcc c_3,t_2,c_3 != - addx c_1,%g0,c_1 - umul a_2,a_5,t_1 !sqr_add_c2(a,5,2,c2,c3,c1); - addcc c_2,t_1,c_2 - rd %y,t_2 != - addxcc c_3,t_2,c_3 - addx c_1,%g0,c_1 - addcc c_2,t_1,c_2 - addxcc c_3,t_2,c_3 != - addx c_1,%g0,c_1 - umul a_3,a_4,t_1 !sqr_add_c2(a,4,3,c2,c3,c1); - addcc c_2,t_1,c_2 - rd %y,t_2 != - addxcc c_3,t_2,c_3 - addx c_1,%g0,c_1 - addcc c_2,t_1,c_2 - addxcc c_3,t_2,c_3 != - addx c_1,%g0,c_1 - st c_2,rp(7) !r[7]=c2; - - umul a_7,a_1,t_1 !sqr_add_c2(a,7,1,c3,c1,c2); - addcc c_3,t_1,c_3 != - rd %y,t_2 - addxcc c_1,t_2,c_1 - addx %g0,%g0,c_2 - addcc c_3,t_1,c_3 != - addxcc c_1,t_2,c_1 - addx c_2,%g0,c_2 - umul a_6,a_2,t_1 !sqr_add_c2(a,6,2,c3,c1,c2); - addcc c_3,t_1,c_3 != - rd %y,t_2 - addxcc c_1,t_2,c_1 - addx c_2,%g0,c_2 - addcc c_3,t_1,c_3 != - addxcc c_1,t_2,c_1 - addx c_2,%g0,c_2 - umul a_5,a_3,t_1 !sqr_add_c2(a,5,3,c3,c1,c2); - addcc c_3,t_1,c_3 != - rd %y,t_2 - addxcc c_1,t_2,c_1 - addx c_2,%g0,c_2 - addcc c_3,t_1,c_3 != - addxcc c_1,t_2,c_1 - addx c_2,%g0,c_2 - umul a_4,a_4,t_1 !sqr_add_c(a,4,c3,c1,c2); - addcc c_3,t_1,c_3 != - rd %y,t_2 - addxcc c_1,t_2,c_1 - st c_3,rp(8) !r[8]=c3; - addx c_2,%g0,c_2 != - - umul a_2,a_7,t_1 !sqr_add_c2(a,7,2,c1,c2,c3); - addcc c_1,t_1,c_1 - rd %y,t_2 - addxcc c_2,t_2,c_2 != - addx %g0,%g0,c_3 - addcc c_1,t_1,c_1 - addxcc c_2,t_2,c_2 - addx c_3,%g0,c_3 != - umul a_3,a_6,t_1 !sqr_add_c2(a,6,3,c1,c2,c3); - addcc c_1,t_1,c_1 - rd %y,t_2 - addxcc c_2,t_2,c_2 != - addx c_3,%g0,c_3 - addcc c_1,t_1,c_1 - addxcc c_2,t_2,c_2 - addx c_3,%g0,c_3 != - umul a_4,a_5,t_1 !sqr_add_c2(a,5,4,c1,c2,c3); - addcc c_1,t_1,c_1 - rd %y,t_2 - addxcc c_2,t_2,c_2 != - addx c_3,%g0,c_3 - addcc c_1,t_1,c_1 - addxcc c_2,t_2,c_2 - addx c_3,%g0,c_3 != - st c_1,rp(9) !r[9]=c1; - - umul a_7,a_3,t_1 !sqr_add_c2(a,7,3,c2,c3,c1); - addcc c_2,t_1,c_2 - rd %y,t_2 != - addxcc c_3,t_2,c_3 - addx %g0,%g0,c_1 - addcc c_2,t_1,c_2 - addxcc c_3,t_2,c_3 != - addx c_1,%g0,c_1 - umul a_6,a_4,t_1 !sqr_add_c2(a,6,4,c2,c3,c1); - addcc c_2,t_1,c_2 - rd %y,t_2 != - addxcc c_3,t_2,c_3 - addx c_1,%g0,c_1 - addcc c_2,t_1,c_2 - addxcc c_3,t_2,c_3 != - addx c_1,%g0,c_1 - umul a_5,a_5,t_1 !sqr_add_c(a,5,c2,c3,c1); - addcc c_2,t_1,c_2 - rd %y,t_2 != - addxcc c_3,t_2,c_3 - addx c_1,%g0,c_1 - st c_2,rp(10) !r[10]=c2; - - umul a_4,a_7,t_1 !=!sqr_add_c2(a,7,4,c3,c1,c2); - addcc c_3,t_1,c_3 - rd %y,t_2 - addxcc c_1,t_2,c_1 - addx %g0,%g0,c_2 != - addcc c_3,t_1,c_3 - addxcc c_1,t_2,c_1 - addx c_2,%g0,c_2 - umul a_5,a_6,t_1 !=!sqr_add_c2(a,6,5,c3,c1,c2); - addcc c_3,t_1,c_3 - rd %y,t_2 - addxcc c_1,t_2,c_1 - addx c_2,%g0,c_2 != - addcc c_3,t_1,c_3 - addxcc c_1,t_2,c_1 - st c_3,rp(11) !r[11]=c3; - addx c_2,%g0,c_2 != - - umul a_7,a_5,t_1 !sqr_add_c2(a,7,5,c1,c2,c3); - addcc c_1,t_1,c_1 - rd %y,t_2 - addxcc c_2,t_2,c_2 != - addx %g0,%g0,c_3 - addcc c_1,t_1,c_1 - addxcc c_2,t_2,c_2 - addx c_3,%g0,c_3 != - umul a_6,a_6,t_1 !sqr_add_c(a,6,c1,c2,c3); - addcc c_1,t_1,c_1 - rd %y,t_2 - addxcc c_2,t_2,c_2 != - addx c_3,%g0,c_3 - st c_1,rp(12) !r[12]=c1; - - umul a_6,a_7,t_1 !sqr_add_c2(a,7,6,c2,c3,c1); - addcc c_2,t_1,c_2 != - rd %y,t_2 - addxcc c_3,t_2,c_3 - addx %g0,%g0,c_1 - addcc c_2,t_1,c_2 != - addxcc c_3,t_2,c_3 - st c_2,rp(13) !r[13]=c2; - addx c_1,%g0,c_1 != - - umul a_7,a_7,t_1 !sqr_add_c(a,7,c3,c1,c2); - addcc c_3,t_1,c_3 - rd %y,t_2 - addxcc c_1,t_2,c_1 != - st c_3,rp(14) !r[14]=c3; - st c_1,rp(15) !r[15]=c1; - - ret - restore %g0,%g0,%o0 - -.type bn_sqr_comba8,#function -.size bn_sqr_comba8,(.-bn_sqr_comba8) - -.align 32 - -.global bn_sqr_comba4 -/* - * void bn_sqr_comba4(r,a) - * BN_ULONG *r,*a; - */ -bn_sqr_comba4: - save %sp,FRAME_SIZE,%sp - ld ap(0),a_0 - umul a_0,a_0,c_1 !sqr_add_c(a,0,c1,c2,c3); - ld ap(1),a_1 != - rd %y,c_2 - st c_1,rp(0) !r[0]=c1; - - ld ap(2),a_2 - umul a_0,a_1,t_1 !=!sqr_add_c2(a,1,0,c2,c3,c1); - addcc c_2,t_1,c_2 - rd %y,t_2 - addxcc %g0,t_2,c_3 - addx %g0,%g0,c_1 != - addcc c_2,t_1,c_2 - addxcc c_3,t_2,c_3 - addx c_1,%g0,c_1 != - st c_2,rp(1) !r[1]=c2; - - umul a_2,a_0,t_1 !sqr_add_c2(a,2,0,c3,c1,c2); - addcc c_3,t_1,c_3 - rd %y,t_2 != - addxcc c_1,t_2,c_1 - addx %g0,%g0,c_2 - addcc c_3,t_1,c_3 - addxcc c_1,t_2,c_1 != - addx c_2,%g0,c_2 - ld ap(3),a_3 - umul a_1,a_1,t_1 !sqr_add_c(a,1,c3,c1,c2); - addcc c_3,t_1,c_3 != - rd %y,t_2 - addxcc c_1,t_2,c_1 - st c_3,rp(2) !r[2]=c3; - addx c_2,%g0,c_2 != - - umul a_0,a_3,t_1 !sqr_add_c2(a,3,0,c1,c2,c3); - addcc c_1,t_1,c_1 - rd %y,t_2 - addxcc c_2,t_2,c_2 != - addx %g0,%g0,c_3 - addcc c_1,t_1,c_1 - addxcc c_2,t_2,c_2 - addx c_3,%g0,c_3 != - umul a_1,a_2,t_1 !sqr_add_c2(a,2,1,c1,c2,c3); - addcc c_1,t_1,c_1 - rd %y,t_2 - addxcc c_2,t_2,c_2 != - addx c_3,%g0,c_3 - addcc c_1,t_1,c_1 - addxcc c_2,t_2,c_2 - addx c_3,%g0,c_3 != - st c_1,rp(3) !r[3]=c1; - - umul a_3,a_1,t_1 !sqr_add_c2(a,3,1,c2,c3,c1); - addcc c_2,t_1,c_2 - rd %y,t_2 != - addxcc c_3,t_2,c_3 - addx %g0,%g0,c_1 - addcc c_2,t_1,c_2 - addxcc c_3,t_2,c_3 != - addx c_1,%g0,c_1 - umul a_2,a_2,t_1 !sqr_add_c(a,2,c2,c3,c1); - addcc c_2,t_1,c_2 - rd %y,t_2 != - addxcc c_3,t_2,c_3 - addx c_1,%g0,c_1 - st c_2,rp(4) !r[4]=c2; - - umul a_2,a_3,t_1 !=!sqr_add_c2(a,3,2,c3,c1,c2); - addcc c_3,t_1,c_3 - rd %y,t_2 - addxcc c_1,t_2,c_1 - addx %g0,%g0,c_2 != - addcc c_3,t_1,c_3 - addxcc c_1,t_2,c_1 - st c_3,rp(5) !r[5]=c3; - addx c_2,%g0,c_2 != - - umul a_3,a_3,t_1 !sqr_add_c(a,3,c1,c2,c3); - addcc c_1,t_1,c_1 - rd %y,t_2 - addxcc c_2,t_2,c_2 != - st c_1,rp(6) !r[6]=c1; - st c_2,rp(7) !r[7]=c2; - - ret - restore %g0,%g0,%o0 - -.type bn_sqr_comba4,#function -.size bn_sqr_comba4,(.-bn_sqr_comba4) - -.align 32 diff --git a/src/lib/libcrypto/bn/asm/sparcv8plus.S b/src/lib/libcrypto/bn/asm/sparcv8plus.S deleted file mode 100644 index 0074dfdb75..0000000000 --- a/src/lib/libcrypto/bn/asm/sparcv8plus.S +++ /dev/null @@ -1,1535 +0,0 @@ -.ident "sparcv8plus.s, Version 1.4" -.ident "SPARC v9 ISA artwork by Andy Polyakov " - -/* - * ==================================================================== - * Written by Andy Polyakov for the OpenSSL - * project. - * - * Rights for redistribution and usage in source and binary forms are - * granted according to the OpenSSL license. Warranty of any kind is - * disclaimed. - * ==================================================================== - */ - -/* - * This is my modest contributon to OpenSSL project (see - * http://www.openssl.org/ for more information about it) and is - * a drop-in UltraSPARC ISA replacement for crypto/bn/bn_asm.c - * module. For updates see http://fy.chalmers.se/~appro/hpe/. - * - * Questions-n-answers. - * - * Q. How to compile? - * A. With SC4.x/SC5.x: - * - * cc -xarch=v8plus -c bn_asm.sparc.v8plus.S -o bn_asm.o - * - * and with gcc: - * - * gcc -mcpu=ultrasparc -c bn_asm.sparc.v8plus.S -o bn_asm.o - * - * or if above fails (it does if you have gas installed): - * - * gcc -E bn_asm.sparc.v8plus.S | as -xarch=v8plus /dev/fd/0 -o bn_asm.o - * - * Quick-n-dirty way to fuse the module into the library. - * Provided that the library is already configured and built - * (in 0.9.2 case with no-asm option): - * - * # cd crypto/bn - * # cp /some/place/bn_asm.sparc.v8plus.S . - * # cc -xarch=v8plus -c bn_asm.sparc.v8plus.S -o bn_asm.o - * # make - * # cd ../.. - * # make; make test - * - * Quick-n-dirty way to get rid of it: - * - * # cd crypto/bn - * # touch bn_asm.c - * # make - * # cd ../.. - * # make; make test - * - * Q. V8plus achitecture? What kind of beast is that? - * A. Well, it's rather a programming model than an architecture... - * It's actually v9-compliant, i.e. *any* UltraSPARC, CPU under - * special conditions, namely when kernel doesn't preserve upper - * 32 bits of otherwise 64-bit registers during a context switch. - * - * Q. Why just UltraSPARC? What about SuperSPARC? - * A. Original release did target UltraSPARC only. Now SuperSPARC - * version is provided along. Both version share bn_*comba[48] - * implementations (see comment later in code for explanation). - * But what's so special about this UltraSPARC implementation? - * Why didn't I let compiler do the job? Trouble is that most of - * available compilers (well, SC5.0 is the only exception) don't - * attempt to take advantage of UltraSPARC's 64-bitness under - * 32-bit kernels even though it's perfectly possible (see next - * question). - * - * Q. 64-bit registers under 32-bit kernels? Didn't you just say it - * doesn't work? - * A. You can't adress *all* registers as 64-bit wide:-( The catch is - * that you actually may rely upon %o0-%o5 and %g1-%g4 being fully - * preserved if you're in a leaf function, i.e. such never calling - * any other functions. All functions in this module are leaf and - * 10 registers is a handful. And as a matter of fact none-"comba" - * routines don't require even that much and I could even afford to - * not allocate own stack frame for 'em:-) - * - * Q. What about 64-bit kernels? - * A. What about 'em? Just kidding:-) Pure 64-bit version is currently - * under evaluation and development... - * - * Q. What about shared libraries? - * A. What about 'em? Kidding again:-) Code does *not* contain any - * code position dependencies and it's safe to include it into - * shared library as is. - * - * Q. How much faster does it go? - * A. Do you have a good benchmark? In either case below is what I - * experience with crypto/bn/expspeed.c test program: - * - * v8plus module on U10/300MHz against bn_asm.c compiled with: - * - * cc-5.0 -xarch=v8plus -xO5 -xdepend +7-12% - * cc-4.2 -xarch=v8plus -xO5 -xdepend +25-35% - * egcs-1.1.2 -mcpu=ultrasparc -O3 +35-45% - * - * v8 module on SS10/60MHz against bn_asm.c compiled with: - * - * cc-5.0 -xarch=v8 -xO5 -xdepend +7-10% - * cc-4.2 -xarch=v8 -xO5 -xdepend +10% - * egcs-1.1.2 -mv8 -O3 +35-45% - * - * As you can see it's damn hard to beat the new Sun C compiler - * and it's in first place GNU C users who will appreciate this - * assembler implementation:-) - */ - -/* - * Revision history. - * - * 1.0 - initial release; - * 1.1 - new loop unrolling model(*); - * - some more fine tuning; - * 1.2 - made gas friendly; - * - updates to documentation concerning v9; - * - new performance comparison matrix; - * 1.3 - fixed problem with /usr/ccs/lib/cpp; - * 1.4 - native V9 bn_*_comba[48] implementation (15% more efficient) - * resulting in slight overall performance kick; - * - some retunes; - * - support for GNU as added; - * - * (*) Originally unrolled loop looked like this: - * for (;;) { - * op(p+0); if (--n==0) break; - * op(p+1); if (--n==0) break; - * op(p+2); if (--n==0) break; - * op(p+3); if (--n==0) break; - * p+=4; - * } - * I unroll according to following: - * while (n&~3) { - * op(p+0); op(p+1); op(p+2); op(p+3); - * p+=4; n=-4; - * } - * if (n) { - * op(p+0); if (--n==0) return; - * op(p+2); if (--n==0) return; - * op(p+3); return; - * } - */ - -/* - * GNU assembler can't stand stuw:-( - */ -#define stuw st - -.section ".text",#alloc,#execinstr -.file "bn_asm.sparc.v8plus.S" - -.align 32 - -.global bn_mul_add_words -/* - * BN_ULONG bn_mul_add_words(rp,ap,num,w) - * BN_ULONG *rp,*ap; - * int num; - * BN_ULONG w; - */ -bn_mul_add_words: - brgz,a %o2,.L_bn_mul_add_words_proceed - lduw [%o1],%g2 - retl - clr %o0 - -.L_bn_mul_add_words_proceed: - srl %o3,%g0,%o3 ! clruw %o3 - andcc %o2,-4,%g0 - bz,pn %icc,.L_bn_mul_add_words_tail - clr %o5 - -.L_bn_mul_add_words_loop: ! wow! 32 aligned! - lduw [%o0],%g1 - lduw [%o1+4],%g3 - mulx %o3,%g2,%g2 - add %g1,%o5,%o4 - nop - add %o4,%g2,%o4 - stuw %o4,[%o0] - srlx %o4,32,%o5 - - lduw [%o0+4],%g1 - lduw [%o1+8],%g2 - mulx %o3,%g3,%g3 - add %g1,%o5,%o4 - dec 4,%o2 - add %o4,%g3,%o4 - stuw %o4,[%o0+4] - srlx %o4,32,%o5 - - lduw [%o0+8],%g1 - lduw [%o1+12],%g3 - mulx %o3,%g2,%g2 - add %g1,%o5,%o4 - inc 16,%o1 - add %o4,%g2,%o4 - stuw %o4,[%o0+8] - srlx %o4,32,%o5 - - lduw [%o0+12],%g1 - mulx %o3,%g3,%g3 - add %g1,%o5,%o4 - inc 16,%o0 - add %o4,%g3,%o4 - andcc %o2,-4,%g0 - stuw %o4,[%o0-4] - srlx %o4,32,%o5 - bnz,a,pt %icc,.L_bn_mul_add_words_loop - lduw [%o1],%g2 - - brnz,a,pn %o2,.L_bn_mul_add_words_tail - lduw [%o1],%g2 -.L_bn_mul_add_words_return: - retl - mov %o5,%o0 - -.L_bn_mul_add_words_tail: - lduw [%o0],%g1 - mulx %o3,%g2,%g2 - add %g1,%o5,%o4 - dec %o2 - add %o4,%g2,%o4 - srlx %o4,32,%o5 - brz,pt %o2,.L_bn_mul_add_words_return - stuw %o4,[%o0] - - lduw [%o1+4],%g2 - lduw [%o0+4],%g1 - mulx %o3,%g2,%g2 - add %g1,%o5,%o4 - dec %o2 - add %o4,%g2,%o4 - srlx %o4,32,%o5 - brz,pt %o2,.L_bn_mul_add_words_return - stuw %o4,[%o0+4] - - lduw [%o1+8],%g2 - lduw [%o0+8],%g1 - mulx %o3,%g2,%g2 - add %g1,%o5,%o4 - add %o4,%g2,%o4 - stuw %o4,[%o0+8] - retl - srlx %o4,32,%o0 - -.type bn_mul_add_words,#function -.size bn_mul_add_words,(.-bn_mul_add_words) - -.align 32 - -.global bn_mul_words -/* - * BN_ULONG bn_mul_words(rp,ap,num,w) - * BN_ULONG *rp,*ap; - * int num; - * BN_ULONG w; - */ -bn_mul_words: - brgz,a %o2,.L_bn_mul_words_proceeed - lduw [%o1],%g2 - retl - clr %o0 - -.L_bn_mul_words_proceeed: - srl %o3,%g0,%o3 ! clruw %o3 - andcc %o2,-4,%g0 - bz,pn %icc,.L_bn_mul_words_tail - clr %o5 - -.L_bn_mul_words_loop: ! wow! 32 aligned! - lduw [%o1+4],%g3 - mulx %o3,%g2,%g2 - add %g2,%o5,%o4 - nop - stuw %o4,[%o0] - srlx %o4,32,%o5 - - lduw [%o1+8],%g2 - mulx %o3,%g3,%g3 - add %g3,%o5,%o4 - dec 4,%o2 - stuw %o4,[%o0+4] - srlx %o4,32,%o5 - - lduw [%o1+12],%g3 - mulx %o3,%g2,%g2 - add %g2,%o5,%o4 - inc 16,%o1 - stuw %o4,[%o0+8] - srlx %o4,32,%o5 - - mulx %o3,%g3,%g3 - add %g3,%o5,%o4 - inc 16,%o0 - stuw %o4,[%o0-4] - srlx %o4,32,%o5 - andcc %o2,-4,%g0 - bnz,a,pt %icc,.L_bn_mul_words_loop - lduw [%o1],%g2 - nop - nop - - brnz,a,pn %o2,.L_bn_mul_words_tail - lduw [%o1],%g2 -.L_bn_mul_words_return: - retl - mov %o5,%o0 - -.L_bn_mul_words_tail: - mulx %o3,%g2,%g2 - add %g2,%o5,%o4 - dec %o2 - srlx %o4,32,%o5 - brz,pt %o2,.L_bn_mul_words_return - stuw %o4,[%o0] - - lduw [%o1+4],%g2 - mulx %o3,%g2,%g2 - add %g2,%o5,%o4 - dec %o2 - srlx %o4,32,%o5 - brz,pt %o2,.L_bn_mul_words_return - stuw %o4,[%o0+4] - - lduw [%o1+8],%g2 - mulx %o3,%g2,%g2 - add %g2,%o5,%o4 - stuw %o4,[%o0+8] - retl - srlx %o4,32,%o0 - -.type bn_mul_words,#function -.size bn_mul_words,(.-bn_mul_words) - -.align 32 -.global bn_sqr_words -/* - * void bn_sqr_words(r,a,n) - * BN_ULONG *r,*a; - * int n; - */ -bn_sqr_words: - brgz,a %o2,.L_bn_sqr_words_proceeed - lduw [%o1],%g2 - retl - clr %o0 - -.L_bn_sqr_words_proceeed: - andcc %o2,-4,%g0 - nop - bz,pn %icc,.L_bn_sqr_words_tail - nop - -.L_bn_sqr_words_loop: ! wow! 32 aligned! - lduw [%o1+4],%g3 - mulx %g2,%g2,%o4 - stuw %o4,[%o0] - srlx %o4,32,%o5 - stuw %o5,[%o0+4] - nop - - lduw [%o1+8],%g2 - mulx %g3,%g3,%o4 - dec 4,%o2 - stuw %o4,[%o0+8] - srlx %o4,32,%o5 - stuw %o5,[%o0+12] - - lduw [%o1+12],%g3 - mulx %g2,%g2,%o4 - srlx %o4,32,%o5 - stuw %o4,[%o0+16] - inc 16,%o1 - stuw %o5,[%o0+20] - - mulx %g3,%g3,%o4 - inc 32,%o0 - stuw %o4,[%o0-8] - srlx %o4,32,%o5 - andcc %o2,-4,%g2 - stuw %o5,[%o0-4] - bnz,a,pt %icc,.L_bn_sqr_words_loop - lduw [%o1],%g2 - nop - - brnz,a,pn %o2,.L_bn_sqr_words_tail - lduw [%o1],%g2 -.L_bn_sqr_words_return: - retl - clr %o0 - -.L_bn_sqr_words_tail: - mulx %g2,%g2,%o4 - dec %o2 - stuw %o4,[%o0] - srlx %o4,32,%o5 - brz,pt %o2,.L_bn_sqr_words_return - stuw %o5,[%o0+4] - - lduw [%o1+4],%g2 - mulx %g2,%g2,%o4 - dec %o2 - stuw %o4,[%o0+8] - srlx %o4,32,%o5 - brz,pt %o2,.L_bn_sqr_words_return - stuw %o5,[%o0+12] - - lduw [%o1+8],%g2 - mulx %g2,%g2,%o4 - srlx %o4,32,%o5 - stuw %o4,[%o0+16] - stuw %o5,[%o0+20] - retl - clr %o0 - -.type bn_sqr_words,#function -.size bn_sqr_words,(.-bn_sqr_words) - -.align 32 -.global bn_div_words -/* - * BN_ULONG bn_div_words(h,l,d) - * BN_ULONG h,l,d; - */ -bn_div_words: - sllx %o0,32,%o0 - or %o0,%o1,%o0 - udivx %o0,%o2,%o0 - retl - srl %o0,%g0,%o0 ! clruw %o0 - -.type bn_div_words,#function -.size bn_div_words,(.-bn_div_words) - -.align 32 - -.global bn_add_words -/* - * BN_ULONG bn_add_words(rp,ap,bp,n) - * BN_ULONG *rp,*ap,*bp; - * int n; - */ -bn_add_words: - brgz,a %o3,.L_bn_add_words_proceed - lduw [%o1],%o4 - retl - clr %o0 - -.L_bn_add_words_proceed: - andcc %o3,-4,%g0 - bz,pn %icc,.L_bn_add_words_tail - addcc %g0,0,%g0 ! clear carry flag - nop - -.L_bn_add_words_loop: ! wow! 32 aligned! - dec 4,%o3 - lduw [%o2],%o5 - lduw [%o1+4],%g1 - lduw [%o2+4],%g2 - lduw [%o1+8],%g3 - lduw [%o2+8],%g4 - addccc %o5,%o4,%o5 - stuw %o5,[%o0] - - lduw [%o1+12],%o4 - lduw [%o2+12],%o5 - inc 16,%o1 - addccc %g1,%g2,%g1 - stuw %g1,[%o0+4] - - inc 16,%o2 - addccc %g3,%g4,%g3 - stuw %g3,[%o0+8] - - inc 16,%o0 - addccc %o5,%o4,%o5 - stuw %o5,[%o0-4] - and %o3,-4,%g1 - brnz,a,pt %g1,.L_bn_add_words_loop - lduw [%o1],%o4 - - brnz,a,pn %o3,.L_bn_add_words_tail - lduw [%o1],%o4 -.L_bn_add_words_return: - clr %o0 - retl - movcs %icc,1,%o0 - nop - -.L_bn_add_words_tail: - lduw [%o2],%o5 - dec %o3 - addccc %o5,%o4,%o5 - brz,pt %o3,.L_bn_add_words_return - stuw %o5,[%o0] - - lduw [%o1+4],%o4 - lduw [%o2+4],%o5 - dec %o3 - addccc %o5,%o4,%o5 - brz,pt %o3,.L_bn_add_words_return - stuw %o5,[%o0+4] - - lduw [%o1+8],%o4 - lduw [%o2+8],%o5 - addccc %o5,%o4,%o5 - stuw %o5,[%o0+8] - clr %o0 - retl - movcs %icc,1,%o0 - -.type bn_add_words,#function -.size bn_add_words,(.-bn_add_words) - -.global bn_sub_words -/* - * BN_ULONG bn_sub_words(rp,ap,bp,n) - * BN_ULONG *rp,*ap,*bp; - * int n; - */ -bn_sub_words: - brgz,a %o3,.L_bn_sub_words_proceed - lduw [%o1],%o4 - retl - clr %o0 - -.L_bn_sub_words_proceed: - andcc %o3,-4,%g0 - bz,pn %icc,.L_bn_sub_words_tail - addcc %g0,0,%g0 ! clear carry flag - nop - -.L_bn_sub_words_loop: ! wow! 32 aligned! - dec 4,%o3 - lduw [%o2],%o5 - lduw [%o1+4],%g1 - lduw [%o2+4],%g2 - lduw [%o1+8],%g3 - lduw [%o2+8],%g4 - subccc %o4,%o5,%o5 - stuw %o5,[%o0] - - lduw [%o1+12],%o4 - lduw [%o2+12],%o5 - inc 16,%o1 - subccc %g1,%g2,%g2 - stuw %g2,[%o0+4] - - inc 16,%o2 - subccc %g3,%g4,%g4 - stuw %g4,[%o0+8] - - inc 16,%o0 - subccc %o4,%o5,%o5 - stuw %o5,[%o0-4] - and %o3,-4,%g1 - brnz,a,pt %g1,.L_bn_sub_words_loop - lduw [%o1],%o4 - - brnz,a,pn %o3,.L_bn_sub_words_tail - lduw [%o1],%o4 -.L_bn_sub_words_return: - clr %o0 - retl - movcs %icc,1,%o0 - nop - -.L_bn_sub_words_tail: ! wow! 32 aligned! - lduw [%o2],%o5 - dec %o3 - subccc %o4,%o5,%o5 - brz,pt %o3,.L_bn_sub_words_return - stuw %o5,[%o0] - - lduw [%o1+4],%o4 - lduw [%o2+4],%o5 - dec %o3 - subccc %o4,%o5,%o5 - brz,pt %o3,.L_bn_sub_words_return - stuw %o5,[%o0+4] - - lduw [%o1+8],%o4 - lduw [%o2+8],%o5 - subccc %o4,%o5,%o5 - stuw %o5,[%o0+8] - clr %o0 - retl - movcs %icc,1,%o0 - -.type bn_sub_words,#function -.size bn_sub_words,(.-bn_sub_words) - -/* - * Code below depends on the fact that upper parts of the %l0-%l7 - * and %i0-%i7 are zeroed by kernel after context switch. In - * previous versions this comment stated that "the trouble is that - * it's not feasible to implement the mumbo-jumbo in less V9 - * instructions:-(" which apparently isn't true thanks to - * 'bcs,a %xcc,.+8; inc %rd' pair. But the performance improvement - * results not from the shorter code, but from elimination of - * multicycle none-pairable 'rd %y,%rd' instructions. - * - * Andy. - */ - -#define FRAME_SIZE -96 - -/* - * Here is register usage map for *all* routines below. - */ -#define t_1 %o0 -#define t_2 %o1 -#define c_12 %o2 -#define c_3 %o3 - -#define ap(I) [%i1+4*I] -#define bp(I) [%i2+4*I] -#define rp(I) [%i0+4*I] - -#define a_0 %l0 -#define a_1 %l1 -#define a_2 %l2 -#define a_3 %l3 -#define a_4 %l4 -#define a_5 %l5 -#define a_6 %l6 -#define a_7 %l7 - -#define b_0 %i3 -#define b_1 %i4 -#define b_2 %i5 -#define b_3 %o4 -#define b_4 %o5 -#define b_5 %o7 -#define b_6 %g1 -#define b_7 %g4 - -.align 32 -.global bn_mul_comba8 -/* - * void bn_mul_comba8(r,a,b) - * BN_ULONG *r,*a,*b; - */ -bn_mul_comba8: - save %sp,FRAME_SIZE,%sp - mov 1,t_2 - lduw ap(0),a_0 - sllx t_2,32,t_2 - lduw bp(0),b_0 != - lduw bp(1),b_1 - mulx a_0,b_0,t_1 !mul_add_c(a[0],b[0],c1,c2,c3); - srlx t_1,32,c_12 - stuw t_1,rp(0) !=!r[0]=c1; - - lduw ap(1),a_1 - mulx a_0,b_1,t_1 !mul_add_c(a[0],b[1],c2,c3,c1); - addcc c_12,t_1,c_12 - clr c_3 != - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - lduw ap(2),a_2 - mulx a_1,b_0,t_1 !=!mul_add_c(a[1],b[0],c2,c3,c1); - addcc c_12,t_1,t_1 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - srlx t_1,32,c_12 != - stuw t_1,rp(1) !r[1]=c2; - or c_12,c_3,c_12 - - mulx a_2,b_0,t_1 !mul_add_c(a[2],b[0],c3,c1,c2); - addcc c_12,t_1,c_12 != - clr c_3 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - lduw bp(2),b_2 != - mulx a_1,b_1,t_1 !mul_add_c(a[1],b[1],c3,c1,c2); - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 != - lduw bp(3),b_3 - mulx a_0,b_2,t_1 !mul_add_c(a[0],b[2],c3,c1,c2); - addcc c_12,t_1,t_1 - bcs,a %xcc,.+8 != - add c_3,t_2,c_3 - srlx t_1,32,c_12 - stuw t_1,rp(2) !r[2]=c3; - or c_12,c_3,c_12 != - - mulx a_0,b_3,t_1 !mul_add_c(a[0],b[3],c1,c2,c3); - addcc c_12,t_1,c_12 - clr c_3 - bcs,a %xcc,.+8 != - add c_3,t_2,c_3 - mulx a_1,b_2,t_1 !=!mul_add_c(a[1],b[2],c1,c2,c3); - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 != - add c_3,t_2,c_3 - lduw ap(3),a_3 - mulx a_2,b_1,t_1 !mul_add_c(a[2],b[1],c1,c2,c3); - addcc c_12,t_1,c_12 != - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - lduw ap(4),a_4 - mulx a_3,b_0,t_1 !=!mul_add_c(a[3],b[0],c1,c2,c3);!= - addcc c_12,t_1,t_1 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - srlx t_1,32,c_12 != - stuw t_1,rp(3) !r[3]=c1; - or c_12,c_3,c_12 - - mulx a_4,b_0,t_1 !mul_add_c(a[4],b[0],c2,c3,c1); - addcc c_12,t_1,c_12 != - clr c_3 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - mulx a_3,b_1,t_1 !=!mul_add_c(a[3],b[1],c2,c3,c1); - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - mulx a_2,b_2,t_1 !=!mul_add_c(a[2],b[2],c2,c3,c1); - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - lduw bp(4),b_4 != - mulx a_1,b_3,t_1 !mul_add_c(a[1],b[3],c2,c3,c1); - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 != - lduw bp(5),b_5 - mulx a_0,b_4,t_1 !mul_add_c(a[0],b[4],c2,c3,c1); - addcc c_12,t_1,t_1 - bcs,a %xcc,.+8 != - add c_3,t_2,c_3 - srlx t_1,32,c_12 - stuw t_1,rp(4) !r[4]=c2; - or c_12,c_3,c_12 != - - mulx a_0,b_5,t_1 !mul_add_c(a[0],b[5],c3,c1,c2); - addcc c_12,t_1,c_12 - clr c_3 - bcs,a %xcc,.+8 != - add c_3,t_2,c_3 - mulx a_1,b_4,t_1 !mul_add_c(a[1],b[4],c3,c1,c2); - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 != - add c_3,t_2,c_3 - mulx a_2,b_3,t_1 !mul_add_c(a[2],b[3],c3,c1,c2); - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 != - add c_3,t_2,c_3 - mulx a_3,b_2,t_1 !mul_add_c(a[3],b[2],c3,c1,c2); - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 != - add c_3,t_2,c_3 - lduw ap(5),a_5 - mulx a_4,b_1,t_1 !mul_add_c(a[4],b[1],c3,c1,c2); - addcc c_12,t_1,c_12 != - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - lduw ap(6),a_6 - mulx a_5,b_0,t_1 !=!mul_add_c(a[5],b[0],c3,c1,c2); - addcc c_12,t_1,t_1 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - srlx t_1,32,c_12 != - stuw t_1,rp(5) !r[5]=c3; - or c_12,c_3,c_12 - - mulx a_6,b_0,t_1 !mul_add_c(a[6],b[0],c1,c2,c3); - addcc c_12,t_1,c_12 != - clr c_3 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - mulx a_5,b_1,t_1 !=!mul_add_c(a[5],b[1],c1,c2,c3); - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - mulx a_4,b_2,t_1 !=!mul_add_c(a[4],b[2],c1,c2,c3); - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - mulx a_3,b_3,t_1 !=!mul_add_c(a[3],b[3],c1,c2,c3); - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - mulx a_2,b_4,t_1 !=!mul_add_c(a[2],b[4],c1,c2,c3); - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - lduw bp(6),b_6 != - mulx a_1,b_5,t_1 !mul_add_c(a[1],b[5],c1,c2,c3); - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 != - lduw bp(7),b_7 - mulx a_0,b_6,t_1 !mul_add_c(a[0],b[6],c1,c2,c3); - addcc c_12,t_1,t_1 - bcs,a %xcc,.+8 != - add c_3,t_2,c_3 - srlx t_1,32,c_12 - stuw t_1,rp(6) !r[6]=c1; - or c_12,c_3,c_12 != - - mulx a_0,b_7,t_1 !mul_add_c(a[0],b[7],c2,c3,c1); - addcc c_12,t_1,c_12 - clr c_3 - bcs,a %xcc,.+8 != - add c_3,t_2,c_3 - mulx a_1,b_6,t_1 !mul_add_c(a[1],b[6],c2,c3,c1); - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 != - add c_3,t_2,c_3 - mulx a_2,b_5,t_1 !mul_add_c(a[2],b[5],c2,c3,c1); - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 != - add c_3,t_2,c_3 - mulx a_3,b_4,t_1 !mul_add_c(a[3],b[4],c2,c3,c1); - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 != - add c_3,t_2,c_3 - mulx a_4,b_3,t_1 !mul_add_c(a[4],b[3],c2,c3,c1); - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 != - add c_3,t_2,c_3 - mulx a_5,b_2,t_1 !mul_add_c(a[5],b[2],c2,c3,c1); - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 != - add c_3,t_2,c_3 - lduw ap(7),a_7 - mulx a_6,b_1,t_1 !=!mul_add_c(a[6],b[1],c2,c3,c1); - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - mulx a_7,b_0,t_1 !=!mul_add_c(a[7],b[0],c2,c3,c1); - addcc c_12,t_1,t_1 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - srlx t_1,32,c_12 != - stuw t_1,rp(7) !r[7]=c2; - or c_12,c_3,c_12 - - mulx a_7,b_1,t_1 !=!mul_add_c(a[7],b[1],c3,c1,c2); - addcc c_12,t_1,c_12 - clr c_3 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 != - mulx a_6,b_2,t_1 !mul_add_c(a[6],b[2],c3,c1,c2); - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 != - mulx a_5,b_3,t_1 !mul_add_c(a[5],b[3],c3,c1,c2); - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 != - mulx a_4,b_4,t_1 !mul_add_c(a[4],b[4],c3,c1,c2); - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 != - mulx a_3,b_5,t_1 !mul_add_c(a[3],b[5],c3,c1,c2); - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 != - mulx a_2,b_6,t_1 !mul_add_c(a[2],b[6],c3,c1,c2); - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 != - mulx a_1,b_7,t_1 !mul_add_c(a[1],b[7],c3,c1,c2); - addcc c_12,t_1,t_1 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 != - srlx t_1,32,c_12 - stuw t_1,rp(8) !r[8]=c3; - or c_12,c_3,c_12 - - mulx a_2,b_7,t_1 !=!mul_add_c(a[2],b[7],c1,c2,c3); - addcc c_12,t_1,c_12 - clr c_3 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 != - mulx a_3,b_6,t_1 !mul_add_c(a[3],b[6],c1,c2,c3); - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 != - add c_3,t_2,c_3 - mulx a_4,b_5,t_1 !mul_add_c(a[4],b[5],c1,c2,c3); - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 != - add c_3,t_2,c_3 - mulx a_5,b_4,t_1 !mul_add_c(a[5],b[4],c1,c2,c3); - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 != - add c_3,t_2,c_3 - mulx a_6,b_3,t_1 !mul_add_c(a[6],b[3],c1,c2,c3); - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 != - add c_3,t_2,c_3 - mulx a_7,b_2,t_1 !mul_add_c(a[7],b[2],c1,c2,c3); - addcc c_12,t_1,t_1 - bcs,a %xcc,.+8 != - add c_3,t_2,c_3 - srlx t_1,32,c_12 - stuw t_1,rp(9) !r[9]=c1; - or c_12,c_3,c_12 != - - mulx a_7,b_3,t_1 !mul_add_c(a[7],b[3],c2,c3,c1); - addcc c_12,t_1,c_12 - clr c_3 - bcs,a %xcc,.+8 != - add c_3,t_2,c_3 - mulx a_6,b_4,t_1 !mul_add_c(a[6],b[4],c2,c3,c1); - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 != - add c_3,t_2,c_3 - mulx a_5,b_5,t_1 !mul_add_c(a[5],b[5],c2,c3,c1); - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 != - add c_3,t_2,c_3 - mulx a_4,b_6,t_1 !mul_add_c(a[4],b[6],c2,c3,c1); - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 != - add c_3,t_2,c_3 - mulx a_3,b_7,t_1 !mul_add_c(a[3],b[7],c2,c3,c1); - addcc c_12,t_1,t_1 - bcs,a %xcc,.+8 != - add c_3,t_2,c_3 - srlx t_1,32,c_12 - stuw t_1,rp(10) !r[10]=c2; - or c_12,c_3,c_12 != - - mulx a_4,b_7,t_1 !mul_add_c(a[4],b[7],c3,c1,c2); - addcc c_12,t_1,c_12 - clr c_3 - bcs,a %xcc,.+8 != - add c_3,t_2,c_3 - mulx a_5,b_6,t_1 !mul_add_c(a[5],b[6],c3,c1,c2); - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 != - add c_3,t_2,c_3 - mulx a_6,b_5,t_1 !mul_add_c(a[6],b[5],c3,c1,c2); - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 != - add c_3,t_2,c_3 - mulx a_7,b_4,t_1 !mul_add_c(a[7],b[4],c3,c1,c2); - addcc c_12,t_1,t_1 - bcs,a %xcc,.+8 != - add c_3,t_2,c_3 - srlx t_1,32,c_12 - stuw t_1,rp(11) !r[11]=c3; - or c_12,c_3,c_12 != - - mulx a_7,b_5,t_1 !mul_add_c(a[7],b[5],c1,c2,c3); - addcc c_12,t_1,c_12 - clr c_3 - bcs,a %xcc,.+8 != - add c_3,t_2,c_3 - mulx a_6,b_6,t_1 !mul_add_c(a[6],b[6],c1,c2,c3); - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 != - add c_3,t_2,c_3 - mulx a_5,b_7,t_1 !mul_add_c(a[5],b[7],c1,c2,c3); - addcc c_12,t_1,t_1 - bcs,a %xcc,.+8 != - add c_3,t_2,c_3 - srlx t_1,32,c_12 - stuw t_1,rp(12) !r[12]=c1; - or c_12,c_3,c_12 != - - mulx a_6,b_7,t_1 !mul_add_c(a[6],b[7],c2,c3,c1); - addcc c_12,t_1,c_12 - clr c_3 - bcs,a %xcc,.+8 != - add c_3,t_2,c_3 - mulx a_7,b_6,t_1 !mul_add_c(a[7],b[6],c2,c3,c1); - addcc c_12,t_1,t_1 - bcs,a %xcc,.+8 != - add c_3,t_2,c_3 - srlx t_1,32,c_12 - st t_1,rp(13) !r[13]=c2; - or c_12,c_3,c_12 != - - mulx a_7,b_7,t_1 !mul_add_c(a[7],b[7],c3,c1,c2); - addcc c_12,t_1,t_1 - srlx t_1,32,c_12 != - stuw t_1,rp(14) !r[14]=c3; - stuw c_12,rp(15) !r[15]=c1; - - ret - restore %g0,%g0,%o0 != - -.type bn_mul_comba8,#function -.size bn_mul_comba8,(.-bn_mul_comba8) - -.align 32 - -.global bn_mul_comba4 -/* - * void bn_mul_comba4(r,a,b) - * BN_ULONG *r,*a,*b; - */ -bn_mul_comba4: - save %sp,FRAME_SIZE,%sp - lduw ap(0),a_0 - mov 1,t_2 - lduw bp(0),b_0 - sllx t_2,32,t_2 != - lduw bp(1),b_1 - mulx a_0,b_0,t_1 !mul_add_c(a[0],b[0],c1,c2,c3); - srlx t_1,32,c_12 - stuw t_1,rp(0) !=!r[0]=c1; - - lduw ap(1),a_1 - mulx a_0,b_1,t_1 !mul_add_c(a[0],b[1],c2,c3,c1); - addcc c_12,t_1,c_12 - clr c_3 != - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - lduw ap(2),a_2 - mulx a_1,b_0,t_1 !=!mul_add_c(a[1],b[0],c2,c3,c1); - addcc c_12,t_1,t_1 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - srlx t_1,32,c_12 != - stuw t_1,rp(1) !r[1]=c2; - or c_12,c_3,c_12 - - mulx a_2,b_0,t_1 !mul_add_c(a[2],b[0],c3,c1,c2); - addcc c_12,t_1,c_12 != - clr c_3 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - lduw bp(2),b_2 != - mulx a_1,b_1,t_1 !mul_add_c(a[1],b[1],c3,c1,c2); - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 != - lduw bp(3),b_3 - mulx a_0,b_2,t_1 !mul_add_c(a[0],b[2],c3,c1,c2); - addcc c_12,t_1,t_1 - bcs,a %xcc,.+8 != - add c_3,t_2,c_3 - srlx t_1,32,c_12 - stuw t_1,rp(2) !r[2]=c3; - or c_12,c_3,c_12 != - - mulx a_0,b_3,t_1 !mul_add_c(a[0],b[3],c1,c2,c3); - addcc c_12,t_1,c_12 - clr c_3 - bcs,a %xcc,.+8 != - add c_3,t_2,c_3 - mulx a_1,b_2,t_1 !mul_add_c(a[1],b[2],c1,c2,c3); - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 != - add c_3,t_2,c_3 - lduw ap(3),a_3 - mulx a_2,b_1,t_1 !mul_add_c(a[2],b[1],c1,c2,c3); - addcc c_12,t_1,c_12 != - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - mulx a_3,b_0,t_1 !mul_add_c(a[3],b[0],c1,c2,c3);!= - addcc c_12,t_1,t_1 != - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - srlx t_1,32,c_12 - stuw t_1,rp(3) !=!r[3]=c1; - or c_12,c_3,c_12 - - mulx a_3,b_1,t_1 !mul_add_c(a[3],b[1],c2,c3,c1); - addcc c_12,t_1,c_12 - clr c_3 != - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - mulx a_2,b_2,t_1 !mul_add_c(a[2],b[2],c2,c3,c1); - addcc c_12,t_1,c_12 != - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - mulx a_1,b_3,t_1 !mul_add_c(a[1],b[3],c2,c3,c1); - addcc c_12,t_1,t_1 != - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - srlx t_1,32,c_12 - stuw t_1,rp(4) !=!r[4]=c2; - or c_12,c_3,c_12 - - mulx a_2,b_3,t_1 !mul_add_c(a[2],b[3],c3,c1,c2); - addcc c_12,t_1,c_12 - clr c_3 != - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - mulx a_3,b_2,t_1 !mul_add_c(a[3],b[2],c3,c1,c2); - addcc c_12,t_1,t_1 != - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - srlx t_1,32,c_12 - stuw t_1,rp(5) !=!r[5]=c3; - or c_12,c_3,c_12 - - mulx a_3,b_3,t_1 !mul_add_c(a[3],b[3],c1,c2,c3); - addcc c_12,t_1,t_1 - srlx t_1,32,c_12 != - stuw t_1,rp(6) !r[6]=c1; - stuw c_12,rp(7) !r[7]=c2; - - ret - restore %g0,%g0,%o0 - -.type bn_mul_comba4,#function -.size bn_mul_comba4,(.-bn_mul_comba4) - -.align 32 - -.global bn_sqr_comba8 -bn_sqr_comba8: - save %sp,FRAME_SIZE,%sp - mov 1,t_2 - lduw ap(0),a_0 - sllx t_2,32,t_2 - lduw ap(1),a_1 - mulx a_0,a_0,t_1 !sqr_add_c(a,0,c1,c2,c3); - srlx t_1,32,c_12 - stuw t_1,rp(0) !r[0]=c1; - - lduw ap(2),a_2 - mulx a_0,a_1,t_1 !=!sqr_add_c2(a,1,0,c2,c3,c1); - addcc c_12,t_1,c_12 - clr c_3 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - addcc c_12,t_1,t_1 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - srlx t_1,32,c_12 - stuw t_1,rp(1) !r[1]=c2; - or c_12,c_3,c_12 - - mulx a_2,a_0,t_1 !sqr_add_c2(a,2,0,c3,c1,c2); - addcc c_12,t_1,c_12 - clr c_3 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - lduw ap(3),a_3 - mulx a_1,a_1,t_1 !sqr_add_c(a,1,c3,c1,c2); - addcc c_12,t_1,t_1 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - srlx t_1,32,c_12 - stuw t_1,rp(2) !r[2]=c3; - or c_12,c_3,c_12 - - mulx a_0,a_3,t_1 !sqr_add_c2(a,3,0,c1,c2,c3); - addcc c_12,t_1,c_12 - clr c_3 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - lduw ap(4),a_4 - mulx a_1,a_2,t_1 !sqr_add_c2(a,2,1,c1,c2,c3); - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - addcc c_12,t_1,t_1 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - srlx t_1,32,c_12 - st t_1,rp(3) !r[3]=c1; - or c_12,c_3,c_12 - - mulx a_4,a_0,t_1 !sqr_add_c2(a,4,0,c2,c3,c1); - addcc c_12,t_1,c_12 - clr c_3 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - mulx a_3,a_1,t_1 !sqr_add_c2(a,3,1,c2,c3,c1); - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - lduw ap(5),a_5 - mulx a_2,a_2,t_1 !sqr_add_c(a,2,c2,c3,c1); - addcc c_12,t_1,t_1 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - srlx t_1,32,c_12 - stuw t_1,rp(4) !r[4]=c2; - or c_12,c_3,c_12 - - mulx a_0,a_5,t_1 !sqr_add_c2(a,5,0,c3,c1,c2); - addcc c_12,t_1,c_12 - clr c_3 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - mulx a_1,a_4,t_1 !sqr_add_c2(a,4,1,c3,c1,c2); - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - lduw ap(6),a_6 - mulx a_2,a_3,t_1 !sqr_add_c2(a,3,2,c3,c1,c2); - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - addcc c_12,t_1,t_1 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - srlx t_1,32,c_12 - stuw t_1,rp(5) !r[5]=c3; - or c_12,c_3,c_12 - - mulx a_6,a_0,t_1 !sqr_add_c2(a,6,0,c1,c2,c3); - addcc c_12,t_1,c_12 - clr c_3 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - mulx a_5,a_1,t_1 !sqr_add_c2(a,5,1,c1,c2,c3); - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - mulx a_4,a_2,t_1 !sqr_add_c2(a,4,2,c1,c2,c3); - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - lduw ap(7),a_7 - mulx a_3,a_3,t_1 !=!sqr_add_c(a,3,c1,c2,c3); - addcc c_12,t_1,t_1 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - srlx t_1,32,c_12 - stuw t_1,rp(6) !r[6]=c1; - or c_12,c_3,c_12 - - mulx a_0,a_7,t_1 !sqr_add_c2(a,7,0,c2,c3,c1); - addcc c_12,t_1,c_12 - clr c_3 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - mulx a_1,a_6,t_1 !sqr_add_c2(a,6,1,c2,c3,c1); - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - mulx a_2,a_5,t_1 !sqr_add_c2(a,5,2,c2,c3,c1); - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - mulx a_3,a_4,t_1 !sqr_add_c2(a,4,3,c2,c3,c1); - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - addcc c_12,t_1,t_1 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - srlx t_1,32,c_12 - stuw t_1,rp(7) !r[7]=c2; - or c_12,c_3,c_12 - - mulx a_7,a_1,t_1 !sqr_add_c2(a,7,1,c3,c1,c2); - addcc c_12,t_1,c_12 - clr c_3 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - mulx a_6,a_2,t_1 !sqr_add_c2(a,6,2,c3,c1,c2); - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - mulx a_5,a_3,t_1 !sqr_add_c2(a,5,3,c3,c1,c2); - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - mulx a_4,a_4,t_1 !sqr_add_c(a,4,c3,c1,c2); - addcc c_12,t_1,t_1 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - srlx t_1,32,c_12 - stuw t_1,rp(8) !r[8]=c3; - or c_12,c_3,c_12 - - mulx a_2,a_7,t_1 !sqr_add_c2(a,7,2,c1,c2,c3); - addcc c_12,t_1,c_12 - clr c_3 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - mulx a_3,a_6,t_1 !sqr_add_c2(a,6,3,c1,c2,c3); - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - mulx a_4,a_5,t_1 !sqr_add_c2(a,5,4,c1,c2,c3); - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - addcc c_12,t_1,t_1 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - srlx t_1,32,c_12 - stuw t_1,rp(9) !r[9]=c1; - or c_12,c_3,c_12 - - mulx a_7,a_3,t_1 !sqr_add_c2(a,7,3,c2,c3,c1); - addcc c_12,t_1,c_12 - clr c_3 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - mulx a_6,a_4,t_1 !sqr_add_c2(a,6,4,c2,c3,c1); - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - mulx a_5,a_5,t_1 !sqr_add_c(a,5,c2,c3,c1); - addcc c_12,t_1,t_1 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - srlx t_1,32,c_12 - stuw t_1,rp(10) !r[10]=c2; - or c_12,c_3,c_12 - - mulx a_4,a_7,t_1 !sqr_add_c2(a,7,4,c3,c1,c2); - addcc c_12,t_1,c_12 - clr c_3 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - mulx a_5,a_6,t_1 !sqr_add_c2(a,6,5,c3,c1,c2); - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - addcc c_12,t_1,t_1 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - srlx t_1,32,c_12 - stuw t_1,rp(11) !r[11]=c3; - or c_12,c_3,c_12 - - mulx a_7,a_5,t_1 !sqr_add_c2(a,7,5,c1,c2,c3); - addcc c_12,t_1,c_12 - clr c_3 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - mulx a_6,a_6,t_1 !sqr_add_c(a,6,c1,c2,c3); - addcc c_12,t_1,t_1 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - srlx t_1,32,c_12 - stuw t_1,rp(12) !r[12]=c1; - or c_12,c_3,c_12 - - mulx a_6,a_7,t_1 !sqr_add_c2(a,7,6,c2,c3,c1); - addcc c_12,t_1,c_12 - clr c_3 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - addcc c_12,t_1,t_1 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - srlx t_1,32,c_12 - stuw t_1,rp(13) !r[13]=c2; - or c_12,c_3,c_12 - - mulx a_7,a_7,t_1 !sqr_add_c(a,7,c3,c1,c2); - addcc c_12,t_1,t_1 - srlx t_1,32,c_12 - stuw t_1,rp(14) !r[14]=c3; - stuw c_12,rp(15) !r[15]=c1; - - ret - restore %g0,%g0,%o0 - -.type bn_sqr_comba8,#function -.size bn_sqr_comba8,(.-bn_sqr_comba8) - -.align 32 - -.global bn_sqr_comba4 -/* - * void bn_sqr_comba4(r,a) - * BN_ULONG *r,*a; - */ -bn_sqr_comba4: - save %sp,FRAME_SIZE,%sp - mov 1,t_2 - lduw ap(0),a_0 - sllx t_2,32,t_2 - lduw ap(1),a_1 - mulx a_0,a_0,t_1 !sqr_add_c(a,0,c1,c2,c3); - srlx t_1,32,c_12 - stuw t_1,rp(0) !r[0]=c1; - - lduw ap(2),a_2 - mulx a_0,a_1,t_1 !sqr_add_c2(a,1,0,c2,c3,c1); - addcc c_12,t_1,c_12 - clr c_3 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - addcc c_12,t_1,t_1 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - srlx t_1,32,c_12 - stuw t_1,rp(1) !r[1]=c2; - or c_12,c_3,c_12 - - mulx a_2,a_0,t_1 !sqr_add_c2(a,2,0,c3,c1,c2); - addcc c_12,t_1,c_12 - clr c_3 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - lduw ap(3),a_3 - mulx a_1,a_1,t_1 !sqr_add_c(a,1,c3,c1,c2); - addcc c_12,t_1,t_1 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - srlx t_1,32,c_12 - stuw t_1,rp(2) !r[2]=c3; - or c_12,c_3,c_12 - - mulx a_0,a_3,t_1 !sqr_add_c2(a,3,0,c1,c2,c3); - addcc c_12,t_1,c_12 - clr c_3 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - mulx a_1,a_2,t_1 !sqr_add_c2(a,2,1,c1,c2,c3); - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - addcc c_12,t_1,t_1 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - srlx t_1,32,c_12 - stuw t_1,rp(3) !r[3]=c1; - or c_12,c_3,c_12 - - mulx a_3,a_1,t_1 !sqr_add_c2(a,3,1,c2,c3,c1); - addcc c_12,t_1,c_12 - clr c_3 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - addcc c_12,t_1,c_12 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - mulx a_2,a_2,t_1 !sqr_add_c(a,2,c2,c3,c1); - addcc c_12,t_1,t_1 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - srlx t_1,32,c_12 - stuw t_1,rp(4) !r[4]=c2; - or c_12,c_3,c_12 - - mulx a_2,a_3,t_1 !sqr_add_c2(a,3,2,c3,c1,c2); - addcc c_12,t_1,c_12 - clr c_3 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - addcc c_12,t_1,t_1 - bcs,a %xcc,.+8 - add c_3,t_2,c_3 - srlx t_1,32,c_12 - stuw t_1,rp(5) !r[5]=c3; - or c_12,c_3,c_12 - - mulx a_3,a_3,t_1 !sqr_add_c(a,3,c1,c2,c3); - addcc c_12,t_1,t_1 - srlx t_1,32,c_12 - stuw t_1,rp(6) !r[6]=c1; - stuw c_12,rp(7) !r[7]=c2; - - ret - restore %g0,%g0,%o0 - -.type bn_sqr_comba4,#function -.size bn_sqr_comba4,(.-bn_sqr_comba4) - -.align 32 diff --git a/src/lib/libcrypto/bn/asm/x86.pl b/src/lib/libcrypto/bn/asm/x86.pl deleted file mode 100644 index 1bc4f1bb27..0000000000 --- a/src/lib/libcrypto/bn/asm/x86.pl +++ /dev/null @@ -1,28 +0,0 @@ -#!/usr/local/bin/perl - -push(@INC,"perlasm","../../perlasm"); -require "x86asm.pl"; - -require("x86/mul_add.pl"); -require("x86/mul.pl"); -require("x86/sqr.pl"); -require("x86/div.pl"); -require("x86/add.pl"); -require("x86/sub.pl"); -require("x86/comba.pl"); - -&asm_init($ARGV[0],$0); - -&bn_mul_add_words("bn_mul_add_words"); -&bn_mul_words("bn_mul_words"); -&bn_sqr_words("bn_sqr_words"); -&bn_div_words("bn_div_words"); -&bn_add_words("bn_add_words"); -&bn_sub_words("bn_sub_words"); -&bn_mul_comba("bn_mul_comba8",8); -&bn_mul_comba("bn_mul_comba4",4); -&bn_sqr_comba("bn_sqr_comba8",8); -&bn_sqr_comba("bn_sqr_comba4",4); - -&asm_finish(); - diff --git a/src/lib/libcrypto/bn/asm/x86/add.pl b/src/lib/libcrypto/bn/asm/x86/add.pl deleted file mode 100644 index 0b5cf583e3..0000000000 --- a/src/lib/libcrypto/bn/asm/x86/add.pl +++ /dev/null @@ -1,76 +0,0 @@ -#!/usr/local/bin/perl -# x86 assember - -sub bn_add_words - { - local($name)=@_; - - &function_begin($name,""); - - &comment(""); - $a="esi"; - $b="edi"; - $c="eax"; - $r="ebx"; - $tmp1="ecx"; - $tmp2="edx"; - $num="ebp"; - - &mov($r,&wparam(0)); # get r - &mov($a,&wparam(1)); # get a - &mov($b,&wparam(2)); # get b - &mov($num,&wparam(3)); # get num - &xor($c,$c); # clear carry - &and($num,0xfffffff8); # num / 8 - - &jz(&label("aw_finish")); - - &set_label("aw_loop",0); - for ($i=0; $i<8; $i++) - { - &comment("Round $i"); - - &mov($tmp1,&DWP($i*4,$a,"",0)); # *a - &mov($tmp2,&DWP($i*4,$b,"",0)); # *b - &add($tmp1,$c); - &mov($c,0); - &adc($c,$c); - &add($tmp1,$tmp2); - &adc($c,0); - &mov(&DWP($i*4,$r,"",0),$tmp1); # *r - } - - &comment(""); - &add($a,32); - &add($b,32); - &add($r,32); - &sub($num,8); - &jnz(&label("aw_loop")); - - &set_label("aw_finish",0); - &mov($num,&wparam(3)); # get num - &and($num,7); - &jz(&label("aw_end")); - - for ($i=0; $i<7; $i++) - { - &comment("Tail Round $i"); - &mov($tmp1,&DWP($i*4,$a,"",0)); # *a - &mov($tmp2,&DWP($i*4,$b,"",0));# *b - &add($tmp1,$c); - &mov($c,0); - &adc($c,$c); - &add($tmp1,$tmp2); - &adc($c,0); - &dec($num) if ($i != 6); - &mov(&DWP($i*4,$r,"",0),$tmp1); # *a - &jz(&label("aw_end")) if ($i != 6); - } - &set_label("aw_end",0); - -# &mov("eax",$c); # $c is "eax" - - &function_end($name); - } - -1; diff --git a/src/lib/libcrypto/bn/asm/x86/comba.pl b/src/lib/libcrypto/bn/asm/x86/comba.pl deleted file mode 100644 index 2291253629..0000000000 --- a/src/lib/libcrypto/bn/asm/x86/comba.pl +++ /dev/null @@ -1,277 +0,0 @@ -#!/usr/local/bin/perl -# x86 assember - -sub mul_add_c - { - local($a,$ai,$b,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_; - - # pos == -1 if eax and edx are pre-loaded, 0 to load from next - # words, and 1 if load return value - - &comment("mul a[$ai]*b[$bi]"); - - # "eax" and "edx" will always be pre-loaded. - # &mov("eax",&DWP($ai*4,$a,"",0)) ; - # &mov("edx",&DWP($bi*4,$b,"",0)); - - &mul("edx"); - &add($c0,"eax"); - &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0; # laod next a - &mov("eax",&wparam(0)) if $pos > 0; # load r[] - ### - &adc($c1,"edx"); - &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 0; # laod next b - &mov("edx",&DWP(($nb)*4,$b,"",0)) if $pos == 1; # laod next b - ### - &adc($c2,0); - # is pos > 1, it means it is the last loop - &mov(&DWP($i*4,"eax","",0),$c0) if $pos > 0; # save r[]; - &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1; # laod next a - } - -sub sqr_add_c - { - local($r,$a,$ai,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_; - - # pos == -1 if eax and edx are pre-loaded, 0 to load from next - # words, and 1 if load return value - - &comment("sqr a[$ai]*a[$bi]"); - - # "eax" and "edx" will always be pre-loaded. - # &mov("eax",&DWP($ai*4,$a,"",0)) ; - # &mov("edx",&DWP($bi*4,$b,"",0)); - - if ($ai == $bi) - { &mul("eax");} - else - { &mul("edx");} - &add($c0,"eax"); - &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0; # load next a - ### - &adc($c1,"edx"); - &mov("edx",&DWP(($nb)*4,$a,"",0)) if ($pos == 1) && ($na != $nb); - ### - &adc($c2,0); - # is pos > 1, it means it is the last loop - &mov(&DWP($i*4,$r,"",0),$c0) if $pos > 0; # save r[]; - &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1; # load next b - } - -sub sqr_add_c2 - { - local($r,$a,$ai,$bi,$c0,$c1,$c2,$pos,$i,$na,$nb)=@_; - - # pos == -1 if eax and edx are pre-loaded, 0 to load from next - # words, and 1 if load return value - - &comment("sqr a[$ai]*a[$bi]"); - - # "eax" and "edx" will always be pre-loaded. - # &mov("eax",&DWP($ai*4,$a,"",0)) ; - # &mov("edx",&DWP($bi*4,$a,"",0)); - - if ($ai == $bi) - { &mul("eax");} - else - { &mul("edx");} - &add("eax","eax"); - ### - &adc("edx","edx"); - ### - &adc($c2,0); - &add($c0,"eax"); - &adc($c1,"edx"); - &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 0; # load next a - &mov("eax",&DWP(($na)*4,$a,"",0)) if $pos == 1; # load next b - &adc($c2,0); - &mov(&DWP($i*4,$r,"",0),$c0) if $pos > 0; # save r[]; - &mov("edx",&DWP(($nb)*4,$a,"",0)) if ($pos <= 1) && ($na != $nb); - ### - } - -sub bn_mul_comba - { - local($name,$num)=@_; - local($a,$b,$c0,$c1,$c2); - local($i,$as,$ae,$bs,$be,$ai,$bi); - local($tot,$end); - - &function_begin_B($name,""); - - $c0="ebx"; - $c1="ecx"; - $c2="ebp"; - $a="esi"; - $b="edi"; - - $as=0; - $ae=0; - $bs=0; - $be=0; - $tot=$num+$num-1; - - &push("esi"); - &mov($a,&wparam(1)); - &push("edi"); - &mov($b,&wparam(2)); - &push("ebp"); - &push("ebx"); - - &xor($c0,$c0); - &mov("eax",&DWP(0,$a,"",0)); # load the first word - &xor($c1,$c1); - &mov("edx",&DWP(0,$b,"",0)); # load the first second - - for ($i=0; $i<$tot; $i++) - { - $ai=$as; - $bi=$bs; - $end=$be+1; - - &comment("################## Calculate word $i"); - - for ($j=$bs; $j<$end; $j++) - { - &xor($c2,$c2) if ($j == $bs); - if (($j+1) == $end) - { - $v=1; - $v=2 if (($i+1) == $tot); - } - else - { $v=0; } - if (($j+1) != $end) - { - $na=($ai-1); - $nb=($bi+1); - } - else - { - $na=$as+($i < ($num-1)); - $nb=$bs+($i >= ($num-1)); - } -#printf STDERR "[$ai,$bi] -> [$na,$nb]\n"; - &mul_add_c($a,$ai,$b,$bi,$c0,$c1,$c2,$v,$i,$na,$nb); - if ($v) - { - &comment("saved r[$i]"); - # &mov("eax",&wparam(0)); - # &mov(&DWP($i*4,"eax","",0),$c0); - ($c0,$c1,$c2)=($c1,$c2,$c0); - } - $ai--; - $bi++; - } - $as++ if ($i < ($num-1)); - $ae++ if ($i >= ($num-1)); - - $bs++ if ($i >= ($num-1)); - $be++ if ($i < ($num-1)); - } - &comment("save r[$i]"); - # &mov("eax",&wparam(0)); - &mov(&DWP($i*4,"eax","",0),$c0); - - &pop("ebx"); - &pop("ebp"); - &pop("edi"); - &pop("esi"); - &ret(); - &function_end_B($name); - } - -sub bn_sqr_comba - { - local($name,$num)=@_; - local($r,$a,$c0,$c1,$c2)=@_; - local($i,$as,$ae,$bs,$be,$ai,$bi); - local($b,$tot,$end,$half); - - &function_begin_B($name,""); - - $c0="ebx"; - $c1="ecx"; - $c2="ebp"; - $a="esi"; - $r="edi"; - - &push("esi"); - &push("edi"); - &push("ebp"); - &push("ebx"); - &mov($r,&wparam(0)); - &mov($a,&wparam(1)); - &xor($c0,$c0); - &xor($c1,$c1); - &mov("eax",&DWP(0,$a,"",0)); # load the first word - - $as=0; - $ae=0; - $bs=0; - $be=0; - $tot=$num+$num-1; - - for ($i=0; $i<$tot; $i++) - { - $ai=$as; - $bi=$bs; - $end=$be+1; - - &comment("############### Calculate word $i"); - for ($j=$bs; $j<$end; $j++) - { - &xor($c2,$c2) if ($j == $bs); - if (($ai-1) < ($bi+1)) - { - $v=1; - $v=2 if ($i+1) == $tot; - } - else - { $v=0; } - if (!$v) - { - $na=$ai-1; - $nb=$bi+1; - } - else - { - $na=$as+($i < ($num-1)); - $nb=$bs+($i >= ($num-1)); - } - if ($ai == $bi) - { - &sqr_add_c($r,$a,$ai,$bi, - $c0,$c1,$c2,$v,$i,$na,$nb); - } - else - { - &sqr_add_c2($r,$a,$ai,$bi, - $c0,$c1,$c2,$v,$i,$na,$nb); - } - if ($v) - { - &comment("saved r[$i]"); - #&mov(&DWP($i*4,$r,"",0),$c0); - ($c0,$c1,$c2)=($c1,$c2,$c0); - last; - } - $ai--; - $bi++; - } - $as++ if ($i < ($num-1)); - $ae++ if ($i >= ($num-1)); - - $bs++ if ($i >= ($num-1)); - $be++ if ($i < ($num-1)); - } - &mov(&DWP($i*4,$r,"",0),$c0); - &pop("ebx"); - &pop("ebp"); - &pop("edi"); - &pop("esi"); - &ret(); - &function_end_B($name); - } - -1; diff --git a/src/lib/libcrypto/bn/asm/x86/div.pl b/src/lib/libcrypto/bn/asm/x86/div.pl deleted file mode 100644 index 0e90152caa..0000000000 --- a/src/lib/libcrypto/bn/asm/x86/div.pl +++ /dev/null @@ -1,15 +0,0 @@ -#!/usr/local/bin/perl -# x86 assember - -sub bn_div_words - { - local($name)=@_; - - &function_begin($name,""); - &mov("edx",&wparam(0)); # - &mov("eax",&wparam(1)); # - &mov("ebx",&wparam(2)); # - &div("ebx"); - &function_end($name); - } -1; diff --git a/src/lib/libcrypto/bn/asm/x86/mul.pl b/src/lib/libcrypto/bn/asm/x86/mul.pl deleted file mode 100644 index 674cb9b055..0000000000 --- a/src/lib/libcrypto/bn/asm/x86/mul.pl +++ /dev/null @@ -1,77 +0,0 @@ -#!/usr/local/bin/perl -# x86 assember - -sub bn_mul_words - { - local($name)=@_; - - &function_begin($name,""); - - &comment(""); - $Low="eax"; - $High="edx"; - $a="ebx"; - $w="ecx"; - $r="edi"; - $c="esi"; - $num="ebp"; - - &xor($c,$c); # clear carry - &mov($r,&wparam(0)); # - &mov($a,&wparam(1)); # - &mov($num,&wparam(2)); # - &mov($w,&wparam(3)); # - - &and($num,0xfffffff8); # num / 8 - &jz(&label("mw_finish")); - - &set_label("mw_loop",0); - for ($i=0; $i<32; $i+=4) - { - &comment("Round $i"); - - &mov("eax",&DWP($i,$a,"",0)); # *a - &mul($w); # *a * w - &add("eax",$c); # L(t)+=c - # XXX - - &adc("edx",0); # H(t)+=carry - &mov(&DWP($i,$r,"",0),"eax"); # *r= L(t); - - &mov($c,"edx"); # c= H(t); - } - - &comment(""); - &add($a,32); - &add($r,32); - &sub($num,8); - &jz(&label("mw_finish")); - &jmp(&label("mw_loop")); - - &set_label("mw_finish",0); - &mov($num,&wparam(2)); # get num - &and($num,7); - &jnz(&label("mw_finish2")); - &jmp(&label("mw_end")); - - &set_label("mw_finish2",1); - for ($i=0; $i<7; $i++) - { - &comment("Tail Round $i"); - &mov("eax",&DWP($i*4,$a,"",0));# *a - &mul($w); # *a * w - &add("eax",$c); # L(t)+=c - # XXX - &adc("edx",0); # H(t)+=carry - &mov(&DWP($i*4,$r,"",0),"eax");# *r= L(t); - &mov($c,"edx"); # c= H(t); - &dec($num) if ($i != 7-1); - &jz(&label("mw_end")) if ($i != 7-1); - } - &set_label("mw_end",0); - &mov("eax",$c); - - &function_end($name); - } - -1; diff --git a/src/lib/libcrypto/bn/asm/x86/mul_add.pl b/src/lib/libcrypto/bn/asm/x86/mul_add.pl deleted file mode 100644 index 61830d3a90..0000000000 --- a/src/lib/libcrypto/bn/asm/x86/mul_add.pl +++ /dev/null @@ -1,87 +0,0 @@ -#!/usr/local/bin/perl -# x86 assember - -sub bn_mul_add_words - { - local($name)=@_; - - &function_begin($name,""); - - &comment(""); - $Low="eax"; - $High="edx"; - $a="ebx"; - $w="ebp"; - $r="edi"; - $c="esi"; - - &xor($c,$c); # clear carry - &mov($r,&wparam(0)); # - - &mov("ecx",&wparam(2)); # - &mov($a,&wparam(1)); # - - &and("ecx",0xfffffff8); # num / 8 - &mov($w,&wparam(3)); # - - &push("ecx"); # Up the stack for a tmp variable - - &jz(&label("maw_finish")); - - &set_label("maw_loop",0); - - &mov(&swtmp(0),"ecx"); # - - for ($i=0; $i<32; $i+=4) - { - &comment("Round $i"); - - &mov("eax",&DWP($i,$a,"",0)); # *a - &mul($w); # *a * w - &add("eax",$c); # L(t)+= *r - &mov($c,&DWP($i,$r,"",0)); # L(t)+= *r - &adc("edx",0); # H(t)+=carry - &add("eax",$c); # L(t)+=c - &adc("edx",0); # H(t)+=carry - &mov(&DWP($i,$r,"",0),"eax"); # *r= L(t); - &mov($c,"edx"); # c= H(t); - } - - &comment(""); - &mov("ecx",&swtmp(0)); # - &add($a,32); - &add($r,32); - &sub("ecx",8); - &jnz(&label("maw_loop")); - - &set_label("maw_finish",0); - &mov("ecx",&wparam(2)); # get num - &and("ecx",7); - &jnz(&label("maw_finish2")); # helps branch prediction - &jmp(&label("maw_end")); - - &set_label("maw_finish2",1); - for ($i=0; $i<7; $i++) - { - &comment("Tail Round $i"); - &mov("eax",&DWP($i*4,$a,"",0));# *a - &mul($w); # *a * w - &add("eax",$c); # L(t)+=c - &mov($c,&DWP($i*4,$r,"",0)); # L(t)+= *r - &adc("edx",0); # H(t)+=carry - &add("eax",$c); - &adc("edx",0); # H(t)+=carry - &dec("ecx") if ($i != 7-1); - &mov(&DWP($i*4,$r,"",0),"eax"); # *r= L(t); - &mov($c,"edx"); # c= H(t); - &jz(&label("maw_end")) if ($i != 7-1); - } - &set_label("maw_end",0); - &mov("eax",$c); - - &pop("ecx"); # clear variable from - - &function_end($name); - } - -1; diff --git a/src/lib/libcrypto/bn/asm/x86/sqr.pl b/src/lib/libcrypto/bn/asm/x86/sqr.pl deleted file mode 100644 index 1f90993cf6..0000000000 --- a/src/lib/libcrypto/bn/asm/x86/sqr.pl +++ /dev/null @@ -1,60 +0,0 @@ -#!/usr/local/bin/perl -# x86 assember - -sub bn_sqr_words - { - local($name)=@_; - - &function_begin($name,""); - - &comment(""); - $r="esi"; - $a="edi"; - $num="ebx"; - - &mov($r,&wparam(0)); # - &mov($a,&wparam(1)); # - &mov($num,&wparam(2)); # - - &and($num,0xfffffff8); # num / 8 - &jz(&label("sw_finish")); - - &set_label("sw_loop",0); - for ($i=0; $i<32; $i+=4) - { - &comment("Round $i"); - &mov("eax",&DWP($i,$a,"",0)); # *a - # XXX - &mul("eax"); # *a * *a - &mov(&DWP($i*2,$r,"",0),"eax"); # - &mov(&DWP($i*2+4,$r,"",0),"edx");# - } - - &comment(""); - &add($a,32); - &add($r,64); - &sub($num,8); - &jnz(&label("sw_loop")); - - &set_label("sw_finish",0); - &mov($num,&wparam(2)); # get num - &and($num,7); - &jz(&label("sw_end")); - - for ($i=0; $i<7; $i++) - { - &comment("Tail Round $i"); - &mov("eax",&DWP($i*4,$a,"",0)); # *a - # XXX - &mul("eax"); # *a * *a - &mov(&DWP($i*8,$r,"",0),"eax"); # - &dec($num) if ($i != 7-1); - &mov(&DWP($i*8+4,$r,"",0),"edx"); - &jz(&label("sw_end")) if ($i != 7-1); - } - &set_label("sw_end",0); - - &function_end($name); - } - -1; diff --git a/src/lib/libcrypto/bn/asm/x86/sub.pl b/src/lib/libcrypto/bn/asm/x86/sub.pl deleted file mode 100644 index 837b0e1b07..0000000000 --- a/src/lib/libcrypto/bn/asm/x86/sub.pl +++ /dev/null @@ -1,76 +0,0 @@ -#!/usr/local/bin/perl -# x86 assember - -sub bn_sub_words - { - local($name)=@_; - - &function_begin($name,""); - - &comment(""); - $a="esi"; - $b="edi"; - $c="eax"; - $r="ebx"; - $tmp1="ecx"; - $tmp2="edx"; - $num="ebp"; - - &mov($r,&wparam(0)); # get r - &mov($a,&wparam(1)); # get a - &mov($b,&wparam(2)); # get b - &mov($num,&wparam(3)); # get num - &xor($c,$c); # clear carry - &and($num,0xfffffff8); # num / 8 - - &jz(&label("aw_finish")); - - &set_label("aw_loop",0); - for ($i=0; $i<8; $i++) - { - &comment("Round $i"); - - &mov($tmp1,&DWP($i*4,$a,"",0)); # *a - &mov($tmp2,&DWP($i*4,$b,"",0)); # *b - &sub($tmp1,$c); - &mov($c,0); - &adc($c,$c); - &sub($tmp1,$tmp2); - &adc($c,0); - &mov(&DWP($i*4,$r,"",0),$tmp1); # *r - } - - &comment(""); - &add($a,32); - &add($b,32); - &add($r,32); - &sub($num,8); - &jnz(&label("aw_loop")); - - &set_label("aw_finish",0); - &mov($num,&wparam(3)); # get num - &and($num,7); - &jz(&label("aw_end")); - - for ($i=0; $i<7; $i++) - { - &comment("Tail Round $i"); - &mov($tmp1,&DWP($i*4,$a,"",0)); # *a - &mov($tmp2,&DWP($i*4,$b,"",0));# *b - &sub($tmp1,$c); - &mov($c,0); - &adc($c,$c); - &sub($tmp1,$tmp2); - &adc($c,0); - &dec($num) if ($i != 6); - &mov(&DWP($i*4,$r,"",0),$tmp1); # *a - &jz(&label("aw_end")) if ($i != 6); - } - &set_label("aw_end",0); - -# &mov("eax",$c); # $c is "eax" - - &function_end($name); - } - -1; diff --git a/src/lib/libcrypto/bn/bn.h b/src/lib/libcrypto/bn/bn.h deleted file mode 100644 index 1eb8395b25..0000000000 --- a/src/lib/libcrypto/bn/bn.h +++ /dev/null @@ -1,514 +0,0 @@ -/* crypto/bn/bn.h */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_BN_H -#define HEADER_BN_H - -#ifndef NO_FP_API -#include /* FILE */ -#endif -#include - -#ifdef __cplusplus -extern "C" { -#endif - -#ifdef VMS -#undef BN_LLONG /* experimental, so far... */ -#endif - -#define BN_MUL_COMBA -#define BN_SQR_COMBA -#define BN_RECURSION -#define RECP_MUL_MOD -#define MONT_MUL_MOD - -/* This next option uses the C libraries (2 word)/(1 word) function. - * If it is not defined, I use my C version (which is slower). - * The reason for this flag is that when the particular C compiler - * library routine is used, and the library is linked with a different - * compiler, the library is missing. This mostly happens when the - * library is built with gcc and then linked using normal cc. This would - * be a common occurrence because gcc normally produces code that is - * 2 times faster than system compilers for the big number stuff. - * For machines with only one compiler (or shared libraries), this should - * be on. Again this in only really a problem on machines - * using "long long's", are 32bit, and are not using my assembler code. */ -#if defined(MSDOS) || defined(WINDOWS) || defined(WIN32) || defined(linux) -#define BN_DIV2W -#endif - -/* assuming long is 64bit - this is the DEC Alpha - * unsigned long long is only 64 bits :-(, don't define - * BN_LLONG for the DEC Alpha */ -#ifdef SIXTY_FOUR_BIT_LONG -#define BN_ULLONG unsigned long long -#define BN_ULONG unsigned long -#define BN_LONG long -#define BN_BITS 128 -#define BN_BYTES 8 -#define BN_BITS2 64 -#define BN_BITS4 32 -#define BN_MASK (0xffffffffffffffffffffffffffffffffLL) -#define BN_MASK2 (0xffffffffffffffffL) -#define BN_MASK2l (0xffffffffL) -#define BN_MASK2h (0xffffffff00000000L) -#define BN_MASK2h1 (0xffffffff80000000L) -#define BN_TBIT (0x8000000000000000L) -#define BN_DEC_CONV (10000000000000000000UL) -#define BN_DEC_FMT1 "%lu" -#define BN_DEC_FMT2 "%019lu" -#define BN_DEC_NUM 19 -#endif - -/* This is where the long long data type is 64 bits, but long is 32. - * For machines where there are 64bit registers, this is the mode to use. - * IRIX, on R4000 and above should use this mode, along with the relevant - * assembler code :-). Do NOT define BN_LLONG. - */ -#ifdef SIXTY_FOUR_BIT -#undef BN_LLONG -#undef BN_ULLONG -#define BN_ULONG unsigned long long -#define BN_LONG long long -#define BN_BITS 128 -#define BN_BYTES 8 -#define BN_BITS2 64 -#define BN_BITS4 32 -#define BN_MASK2 (0xffffffffffffffffLL) -#define BN_MASK2l (0xffffffffL) -#define BN_MASK2h (0xffffffff00000000LL) -#define BN_MASK2h1 (0xffffffff80000000LL) -#define BN_TBIT (0x8000000000000000LL) -#define BN_DEC_CONV (10000000000000000000LL) -#define BN_DEC_FMT1 "%llu" -#define BN_DEC_FMT2 "%019llu" -#define BN_DEC_NUM 19 -#endif - -#ifdef THIRTY_TWO_BIT -#if defined(WIN32) && !defined(__GNUC__) -#define BN_ULLONG unsigned _int64 -#else -#define BN_ULLONG unsigned long long -#endif -#define BN_ULONG unsigned long -#define BN_LONG long -#define BN_BITS 64 -#define BN_BYTES 4 -#define BN_BITS2 32 -#define BN_BITS4 16 -#ifdef WIN32 -/* VC++ doesn't like the LL suffix */ -#define BN_MASK (0xffffffffffffffffL) -#else -#define BN_MASK (0xffffffffffffffffLL) -#endif -#define BN_MASK2 (0xffffffffL) -#define BN_MASK2l (0xffff) -#define BN_MASK2h1 (0xffff8000L) -#define BN_MASK2h (0xffff0000L) -#define BN_TBIT (0x80000000L) -#define BN_DEC_CONV (1000000000L) -#define BN_DEC_FMT1 "%lu" -#define BN_DEC_FMT2 "%09lu" -#define BN_DEC_NUM 9 -#endif - -#ifdef SIXTEEN_BIT -#ifndef BN_DIV2W -#define BN_DIV2W -#endif -#define BN_ULLONG unsigned long -#define BN_ULONG unsigned short -#define BN_LONG short -#define BN_BITS 32 -#define BN_BYTES 2 -#define BN_BITS2 16 -#define BN_BITS4 8 -#define BN_MASK (0xffffffff) -#define BN_MASK2 (0xffff) -#define BN_MASK2l (0xff) -#define BN_MASK2h1 (0xff80) -#define BN_MASK2h (0xff00) -#define BN_TBIT (0x8000) -#define BN_DEC_CONV (100000) -#define BN_DEC_FMT1 "%u" -#define BN_DEC_FMT2 "%05u" -#define BN_DEC_NUM 5 -#endif - -#ifdef EIGHT_BIT -#ifndef BN_DIV2W -#define BN_DIV2W -#endif -#define BN_ULLONG unsigned short -#define BN_ULONG unsigned char -#define BN_LONG char -#define BN_BITS 16 -#define BN_BYTES 1 -#define BN_BITS2 8 -#define BN_BITS4 4 -#define BN_MASK (0xffff) -#define BN_MASK2 (0xff) -#define BN_MASK2l (0xf) -#define BN_MASK2h1 (0xf8) -#define BN_MASK2h (0xf0) -#define BN_TBIT (0x80) -#define BN_DEC_CONV (100) -#define BN_DEC_FMT1 "%u" -#define BN_DEC_FMT2 "%02u" -#define BN_DEC_NUM 2 -#endif - -#define BN_DEFAULT_BITS 1280 - -#ifdef BIGNUM -#undef BIGNUM -#endif - -#define BN_FLG_MALLOCED 0x01 -#define BN_FLG_STATIC_DATA 0x02 -#define BN_FLG_FREE 0x8000 /* used for debuging */ -#define BN_set_flags(b,n) ((b)->flags|=(n)) -#define BN_get_flags(b,n) ((b)->flags&(n)) - -typedef struct bignum_st - { - BN_ULONG *d; /* Pointer to an array of 'BN_BITS2' bit chunks. */ - int top; /* Index of last used d +1. */ - /* The next are internal book keeping for bn_expand. */ - int dmax; /* Size of the d array. */ - int neg; /* one if the number is negative */ - int flags; - } BIGNUM; - -/* Used for temp variables */ -#define BN_CTX_NUM 12 -#define BN_CTX_NUM_POS 12 -typedef struct bignum_ctx - { - int tos; - BIGNUM bn[BN_CTX_NUM]; - int flags; - int depth; - int pos[BN_CTX_NUM_POS]; - int too_many; - } BN_CTX; - -typedef struct bn_blinding_st - { - int init; - BIGNUM *A; - BIGNUM *Ai; - BIGNUM *mod; /* just a reference */ - } BN_BLINDING; - -/* Used for montgomery multiplication */ -typedef struct bn_mont_ctx_st - { - int ri; /* number of bits in R */ - BIGNUM RR; /* used to convert to montgomery form */ - BIGNUM N; /* The modulus */ - BIGNUM Ni; /* R*(1/R mod N) - N*Ni = 1 - * (Ni is only stored for bignum algorithm) */ - BN_ULONG n0; /* least significant word of Ni */ - int flags; - } BN_MONT_CTX; - -/* Used for reciprocal division/mod functions - * It cannot be shared between threads - */ -typedef struct bn_recp_ctx_st - { - BIGNUM N; /* the divisor */ - BIGNUM Nr; /* the reciprocal */ - int num_bits; - int shift; - int flags; - } BN_RECP_CTX; - -#define BN_to_montgomery(r,a,mont,ctx) BN_mod_mul_montgomery(\ - r,a,&((mont)->RR),(mont),ctx) - -#define BN_prime_checks 0 /* default: select number of iterations - based on the size of the number */ - -/* number of Miller-Rabin iterations for an error rate of less than 2^-80 - * for random 'b'-bit input, b >= 100 (taken from table 4.4 in the Handbook - * of Applied Cryptography [Menezes, van Oorschot, Vanstone; CRC Press 1996]; - * original paper: Damgaard, Landrock, Pomerance: Average case error estimates - * for the strong probable prime test. -- Math. Comp. 61 (1993) 177-194) */ -#define BN_prime_checks_for_size(b) ((b) >= 1300 ? 2 : \ - (b) >= 850 ? 3 : \ - (b) >= 650 ? 4 : \ - (b) >= 550 ? 5 : \ - (b) >= 450 ? 6 : \ - (b) >= 400 ? 7 : \ - (b) >= 350 ? 8 : \ - (b) >= 300 ? 9 : \ - (b) >= 250 ? 12 : \ - (b) >= 200 ? 15 : \ - (b) >= 150 ? 18 : \ - /* b >= 100 */ 27) - -#define BN_num_bytes(a) ((BN_num_bits(a)+7)/8) -#define BN_is_word(a,w) (((a)->top == 1) && ((a)->d[0] == (BN_ULONG)(w))) -#define BN_is_zero(a) (((a)->top == 0) || BN_is_word(a,0)) -#define BN_is_one(a) (BN_is_word((a),1)) -#define BN_is_odd(a) (((a)->top > 0) && ((a)->d[0] & 1)) -#define BN_one(a) (BN_set_word((a),1)) -#define BN_zero(a) (BN_set_word((a),0)) - -/*#define BN_ascii2bn(a) BN_hex2bn(a) */ -/*#define BN_bn2ascii(a) BN_bn2hex(a) */ - -BIGNUM *BN_value_one(void); -char * BN_options(void); -BN_CTX *BN_CTX_new(void); -void BN_CTX_init(BN_CTX *c); -void BN_CTX_free(BN_CTX *c); -void BN_CTX_start(BN_CTX *ctx); -BIGNUM *BN_CTX_get(BN_CTX *ctx); -void BN_CTX_end(BN_CTX *ctx); -int BN_rand(BIGNUM *rnd, int bits, int top,int bottom); -int BN_pseudo_rand(BIGNUM *rnd, int bits, int top,int bottom); -int BN_num_bits(const BIGNUM *a); -int BN_num_bits_word(BN_ULONG); -BIGNUM *BN_new(void); -void BN_init(BIGNUM *); -void BN_clear_free(BIGNUM *a); -BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b); -BIGNUM *BN_bin2bn(const unsigned char *s,int len,BIGNUM *ret); -int BN_bn2bin(const BIGNUM *a, unsigned char *to); -BIGNUM *BN_mpi2bn(unsigned char *s,int len,BIGNUM *ret); -int BN_bn2mpi(const BIGNUM *a, unsigned char *to); -int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); -int BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); -int BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); -int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); -int BN_mod(BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx); -int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, - BN_CTX *ctx); -int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx); -int BN_sqr(BIGNUM *r, BIGNUM *a,BN_CTX *ctx); -BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w); -BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w); -int BN_mul_word(BIGNUM *a, BN_ULONG w); -int BN_add_word(BIGNUM *a, BN_ULONG w); -int BN_sub_word(BIGNUM *a, BN_ULONG w); -int BN_set_word(BIGNUM *a, BN_ULONG w); -BN_ULONG BN_get_word(BIGNUM *a); -int BN_cmp(const BIGNUM *a, const BIGNUM *b); -void BN_free(BIGNUM *a); -int BN_is_bit_set(const BIGNUM *a, int n); -int BN_lshift(BIGNUM *r, const BIGNUM *a, int n); -int BN_lshift1(BIGNUM *r, BIGNUM *a); -int BN_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p,BN_CTX *ctx); -int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, - const BIGNUM *m,BN_CTX *ctx); -int BN_mod_exp_mont(BIGNUM *r, BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); -int BN_mod_exp_mont_word(BIGNUM *r, BN_ULONG a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); -int BN_mod_exp2_mont(BIGNUM *r, BIGNUM *a1, BIGNUM *p1,BIGNUM *a2, - BIGNUM *p2,BIGNUM *m,BN_CTX *ctx,BN_MONT_CTX *m_ctx); -int BN_mod_exp_simple(BIGNUM *r, BIGNUM *a, BIGNUM *p, - BIGNUM *m,BN_CTX *ctx); -int BN_mask_bits(BIGNUM *a,int n); -int BN_mod_mul(BIGNUM *ret, BIGNUM *a, BIGNUM *b, const BIGNUM *m, BN_CTX *ctx); -#ifndef NO_FP_API -int BN_print_fp(FILE *fp, const BIGNUM *a); -#endif -#ifdef HEADER_BIO_H -int BN_print(BIO *fp, const BIGNUM *a); -#else -int BN_print(void *fp, const BIGNUM *a); -#endif -int BN_reciprocal(BIGNUM *r, BIGNUM *m, int len, BN_CTX *ctx); -int BN_rshift(BIGNUM *r, BIGNUM *a, int n); -int BN_rshift1(BIGNUM *r, BIGNUM *a); -void BN_clear(BIGNUM *a); -BIGNUM *BN_dup(const BIGNUM *a); -int BN_ucmp(const BIGNUM *a, const BIGNUM *b); -int BN_set_bit(BIGNUM *a, int n); -int BN_clear_bit(BIGNUM *a, int n); -char * BN_bn2hex(const BIGNUM *a); -char * BN_bn2dec(const BIGNUM *a); -int BN_hex2bn(BIGNUM **a, const char *str); -int BN_dec2bn(BIGNUM **a, const char *str); -int BN_gcd(BIGNUM *r,BIGNUM *in_a,BIGNUM *in_b,BN_CTX *ctx); -BIGNUM *BN_mod_inverse(BIGNUM *ret,BIGNUM *a, const BIGNUM *n,BN_CTX *ctx); -BIGNUM *BN_generate_prime(BIGNUM *ret,int bits,int safe,BIGNUM *add, - BIGNUM *rem,void (*callback)(int,int,void *),void *cb_arg); -int BN_is_prime(const BIGNUM *p,int nchecks, - void (*callback)(int,int,void *), - BN_CTX *ctx,void *cb_arg); -int BN_is_prime_fasttest(const BIGNUM *p,int nchecks, - void (*callback)(int,int,void *),BN_CTX *ctx,void *cb_arg, - int do_trial_division); -void ERR_load_BN_strings(void ); - -BN_MONT_CTX *BN_MONT_CTX_new(void ); -void BN_MONT_CTX_init(BN_MONT_CTX *ctx); -int BN_mod_mul_montgomery(BIGNUM *r,BIGNUM *a,BIGNUM *b,BN_MONT_CTX *mont, - BN_CTX *ctx); -int BN_from_montgomery(BIGNUM *r,BIGNUM *a,BN_MONT_CTX *mont,BN_CTX *ctx); -void BN_MONT_CTX_free(BN_MONT_CTX *mont); -int BN_MONT_CTX_set(BN_MONT_CTX *mont,const BIGNUM *modulus,BN_CTX *ctx); -BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to,BN_MONT_CTX *from); - -BN_BLINDING *BN_BLINDING_new(BIGNUM *A,BIGNUM *Ai,BIGNUM *mod); -void BN_BLINDING_free(BN_BLINDING *b); -int BN_BLINDING_update(BN_BLINDING *b,BN_CTX *ctx); -int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *r, BN_CTX *ctx); -int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx); - -void BN_set_params(int mul,int high,int low,int mont); -int BN_get_params(int which); /* 0, mul, 1 high, 2 low, 3 mont */ - -void BN_RECP_CTX_init(BN_RECP_CTX *recp); -BN_RECP_CTX *BN_RECP_CTX_new(void); -void BN_RECP_CTX_free(BN_RECP_CTX *recp); -int BN_RECP_CTX_set(BN_RECP_CTX *recp,const BIGNUM *rdiv,BN_CTX *ctx); -int BN_mod_mul_reciprocal(BIGNUM *r, BIGNUM *x, BIGNUM *y, - BN_RECP_CTX *recp,BN_CTX *ctx); -int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx); -int BN_div_recp(BIGNUM *dv, BIGNUM *rem, BIGNUM *m, - BN_RECP_CTX *recp, BN_CTX *ctx); - -/* library internal functions */ - -#define bn_expand(a,bits) ((((((bits+BN_BITS2-1))/BN_BITS2)) <= (a)->dmax)?\ - (a):bn_expand2((a),(bits)/BN_BITS2+1)) -#define bn_wexpand(a,words) (((words) <= (a)->dmax)?(a):bn_expand2((a),(words))) -BIGNUM *bn_expand2(BIGNUM *a, int words); - -#define bn_fix_top(a) \ - { \ - BN_ULONG *ftl; \ - if ((a)->top > 0) \ - { \ - for (ftl= &((a)->d[(a)->top-1]); (a)->top > 0; (a)->top--) \ - if (*(ftl--)) break; \ - } \ - } - -BN_ULONG bn_mul_add_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w); -BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w); -void bn_sqr_words(BN_ULONG *rp, BN_ULONG *ap, int num); -BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d); -BN_ULONG bn_add_words(BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,int num); -BN_ULONG bn_sub_words(BN_ULONG *rp, BN_ULONG *ap, BN_ULONG *bp,int num); - -#ifdef BN_DEBUG - void bn_dump1(FILE *o, const char *a, BN_ULONG *b,int n); -# define bn_print(a) {fprintf(stderr, #a "="); BN_print_fp(stderr,a); \ - fprintf(stderr,"\n");} -# define bn_dump(a,n) bn_dump1(stderr,#a,a,n); -#else -# define bn_print(a) -# define bn_dump(a,b) -#endif - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ - -/* Error codes for the BN functions. */ - -/* Function codes. */ -#define BN_F_BN_BLINDING_CONVERT 100 -#define BN_F_BN_BLINDING_INVERT 101 -#define BN_F_BN_BLINDING_NEW 102 -#define BN_F_BN_BLINDING_UPDATE 103 -#define BN_F_BN_BN2DEC 104 -#define BN_F_BN_BN2HEX 105 -#define BN_F_BN_CTX_GET 116 -#define BN_F_BN_CTX_NEW 106 -#define BN_F_BN_DIV 107 -#define BN_F_BN_EXPAND2 108 -#define BN_F_BN_MOD_EXP2_MONT 118 -#define BN_F_BN_MOD_EXP_MONT 109 -#define BN_F_BN_MOD_EXP_MONT_WORD 117 -#define BN_F_BN_MOD_INVERSE 110 -#define BN_F_BN_MOD_MUL_RECIPROCAL 111 -#define BN_F_BN_MPI2BN 112 -#define BN_F_BN_NEW 113 -#define BN_F_BN_RAND 114 -#define BN_F_BN_USUB 115 - -/* Reason codes. */ -#define BN_R_ARG2_LT_ARG3 100 -#define BN_R_BAD_RECIPROCAL 101 -#define BN_R_CALLED_WITH_EVEN_MODULUS 102 -#define BN_R_DIV_BY_ZERO 103 -#define BN_R_ENCODING_ERROR 104 -#define BN_R_EXPAND_ON_STATIC_BIGNUM_DATA 105 -#define BN_R_INVALID_LENGTH 106 -#define BN_R_NOT_INITIALIZED 107 -#define BN_R_NO_INVERSE 108 -#define BN_R_TOO_MANY_TEMPORARY_VARIABLES 109 - -#ifdef __cplusplus -} -#endif -#endif - diff --git a/src/lib/libcrypto/bn/bn_add.c b/src/lib/libcrypto/bn/bn_add.c deleted file mode 100644 index 5d24691233..0000000000 --- a/src/lib/libcrypto/bn/bn_add.c +++ /dev/null @@ -1,307 +0,0 @@ -/* crypto/bn/bn_add.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include "bn_lcl.h" - -/* r can == a or b */ -int BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) - { - const BIGNUM *tmp; - - bn_check_top(a); - bn_check_top(b); - - /* a + b a+b - * a + -b a-b - * -a + b b-a - * -a + -b -(a+b) - */ - if (a->neg ^ b->neg) - { - /* only one is negative */ - if (a->neg) - { tmp=a; a=b; b=tmp; } - - /* we are now a - b */ - - if (BN_ucmp(a,b) < 0) - { - if (!BN_usub(r,b,a)) return(0); - r->neg=1; - } - else - { - if (!BN_usub(r,a,b)) return(0); - r->neg=0; - } - return(1); - } - - if (a->neg) /* both are neg */ - r->neg=1; - else - r->neg=0; - - if (!BN_uadd(r,a,b)) return(0); - return(1); - } - -/* unsigned add of b to a, r must be large enough */ -int BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) - { - register int i; - int max,min; - BN_ULONG *ap,*bp,*rp,carry,t1; - const BIGNUM *tmp; - - bn_check_top(a); - bn_check_top(b); - - if (a->top < b->top) - { tmp=a; a=b; b=tmp; } - max=a->top; - min=b->top; - - if (bn_wexpand(r,max+1) == NULL) - return(0); - - r->top=max; - - - ap=a->d; - bp=b->d; - rp=r->d; - carry=0; - - carry=bn_add_words(rp,ap,bp,min); - rp+=min; - ap+=min; - bp+=min; - i=min; - - if (carry) - { - while (i < max) - { - i++; - t1= *(ap++); - if ((*(rp++)=(t1+1)&BN_MASK2) >= t1) - { - carry=0; - break; - } - } - if ((i >= max) && carry) - { - *(rp++)=1; - r->top++; - } - } - if (rp != ap) - { - for (; itop < b->top) /* hmm... should not be happening */ - { - BNerr(BN_F_BN_USUB,BN_R_ARG2_LT_ARG3); - return(0); - } - - max=a->top; - min=b->top; - if (bn_wexpand(r,max) == NULL) return(0); - - ap=a->d; - bp=b->d; - rp=r->d; - -#if 1 - carry=0; - for (i=0; i t2) break; - } - } -#if 0 - memcpy(rp,ap,sizeof(*rp)*(max-i)); -#else - if (rp != ap) - { - for (;;) - { - if (i++ >= max) break; - rp[0]=ap[0]; - if (i++ >= max) break; - rp[1]=ap[1]; - if (i++ >= max) break; - rp[2]=ap[2]; - if (i++ >= max) break; - rp[3]=ap[3]; - rp+=4; - ap+=4; - } - } -#endif - - r->top=max; - bn_fix_top(r); - return(1); - } - -int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) - { - int max; - int add=0,neg=0; - const BIGNUM *tmp; - - bn_check_top(a); - bn_check_top(b); - - /* a - b a-b - * a - -b a+b - * -a - b -(a+b) - * -a - -b b-a - */ - if (a->neg) - { - if (b->neg) - { tmp=a; a=b; b=tmp; } - else - { add=1; neg=1; } - } - else - { - if (b->neg) { add=1; neg=0; } - } - - if (add) - { - if (!BN_uadd(r,a,b)) return(0); - r->neg=neg; - return(1); - } - - /* We are actually doing a - b :-) */ - - max=(a->top > b->top)?a->top:b->top; - if (bn_wexpand(r,max) == NULL) return(0); - if (BN_ucmp(a,b) < 0) - { - if (!BN_usub(r,b,a)) return(0); - r->neg=1; - } - else - { - if (!BN_usub(r,a,b)) return(0); - r->neg=0; - } - return(1); - } - diff --git a/src/lib/libcrypto/bn/bn_asm.c b/src/lib/libcrypto/bn/bn_asm.c deleted file mode 100644 index 44e52a40db..0000000000 --- a/src/lib/libcrypto/bn/bn_asm.c +++ /dev/null @@ -1,832 +0,0 @@ -/* crypto/bn/bn_asm.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef BN_DEBUG -# undef NDEBUG /* avoid conflicting definitions */ -# define NDEBUG -#endif - -#include -#include -#include "cryptlib.h" -#include "bn_lcl.h" - -#if defined(BN_LLONG) || defined(BN_UMULT_HIGH) - -BN_ULONG bn_mul_add_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w) - { - BN_ULONG c1=0; - - assert(num >= 0); - if (num <= 0) return(c1); - - while (num&~3) - { - mul_add(rp[0],ap[0],w,c1); - mul_add(rp[1],ap[1],w,c1); - mul_add(rp[2],ap[2],w,c1); - mul_add(rp[3],ap[3],w,c1); - ap+=4; rp+=4; num-=4; - } - if (num) - { - mul_add(rp[0],ap[0],w,c1); if (--num==0) return c1; - mul_add(rp[1],ap[1],w,c1); if (--num==0) return c1; - mul_add(rp[2],ap[2],w,c1); return c1; - } - - return(c1); - } - -BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w) - { - BN_ULONG c1=0; - - assert(num >= 0); - if (num <= 0) return(c1); - - while (num&~3) - { - mul(rp[0],ap[0],w,c1); - mul(rp[1],ap[1],w,c1); - mul(rp[2],ap[2],w,c1); - mul(rp[3],ap[3],w,c1); - ap+=4; rp+=4; num-=4; - } - if (num) - { - mul(rp[0],ap[0],w,c1); if (--num == 0) return c1; - mul(rp[1],ap[1],w,c1); if (--num == 0) return c1; - mul(rp[2],ap[2],w,c1); - } - return(c1); - } - -void bn_sqr_words(BN_ULONG *r, BN_ULONG *a, int n) - { - assert(n >= 0); - if (n <= 0) return; - while (n&~3) - { - sqr(r[0],r[1],a[0]); - sqr(r[2],r[3],a[1]); - sqr(r[4],r[5],a[2]); - sqr(r[6],r[7],a[3]); - a+=4; r+=8; n-=4; - } - if (n) - { - sqr(r[0],r[1],a[0]); if (--n == 0) return; - sqr(r[2],r[3],a[1]); if (--n == 0) return; - sqr(r[4],r[5],a[2]); - } - } - -#else /* !(defined(BN_LLONG) || defined(BN_UMULT_HIGH)) */ - -BN_ULONG bn_mul_add_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w) - { - BN_ULONG c=0; - BN_ULONG bl,bh; - - assert(num >= 0); - if (num <= 0) return((BN_ULONG)0); - - bl=LBITS(w); - bh=HBITS(w); - - for (;;) - { - mul_add(rp[0],ap[0],bl,bh,c); - if (--num == 0) break; - mul_add(rp[1],ap[1],bl,bh,c); - if (--num == 0) break; - mul_add(rp[2],ap[2],bl,bh,c); - if (--num == 0) break; - mul_add(rp[3],ap[3],bl,bh,c); - if (--num == 0) break; - ap+=4; - rp+=4; - } - return(c); - } - -BN_ULONG bn_mul_words(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w) - { - BN_ULONG carry=0; - BN_ULONG bl,bh; - - assert(num >= 0); - if (num <= 0) return((BN_ULONG)0); - - bl=LBITS(w); - bh=HBITS(w); - - for (;;) - { - mul(rp[0],ap[0],bl,bh,carry); - if (--num == 0) break; - mul(rp[1],ap[1],bl,bh,carry); - if (--num == 0) break; - mul(rp[2],ap[2],bl,bh,carry); - if (--num == 0) break; - mul(rp[3],ap[3],bl,bh,carry); - if (--num == 0) break; - ap+=4; - rp+=4; - } - return(carry); - } - -void bn_sqr_words(BN_ULONG *r, BN_ULONG *a, int n) - { - assert(n >= 0); - if (n <= 0) return; - for (;;) - { - sqr64(r[0],r[1],a[0]); - if (--n == 0) break; - - sqr64(r[2],r[3],a[1]); - if (--n == 0) break; - - sqr64(r[4],r[5],a[2]); - if (--n == 0) break; - - sqr64(r[6],r[7],a[3]); - if (--n == 0) break; - - a+=4; - r+=8; - } - } - -#endif /* !(defined(BN_LLONG) || defined(BN_UMULT_HIGH)) */ - -#if defined(BN_LLONG) && defined(BN_DIV2W) - -BN_ULONG bn_div_words(BN_ULONG h, BN_ULONG l, BN_ULONG d) - { - return((BN_ULONG)(((((BN_ULLONG)h)< (BN_ULONG)1<= d) h-=d; - - if (i) - { - d<<=i; - h=(h<>(BN_BITS2-i)); - l<<=i; - } - dh=(d&BN_MASK2h)>>BN_BITS4; - dl=(d&BN_MASK2l); - for (;;) - { - if ((h>>BN_BITS4) == dh) - q=BN_MASK2l; - else - q=h/dh; - - th=q*dh; - tl=dl*q; - for (;;) - { - t=h-th; - if ((t&BN_MASK2h) || - ((tl) <= ( - (t<>BN_BITS4)))) - break; - q--; - th-=dh; - tl-=dl; - } - t=(tl>>BN_BITS4); - tl=(tl<>BN_BITS4))&BN_MASK2; - l=(l&BN_MASK2l)<= 0); - if (n <= 0) return((BN_ULONG)0); - - for (;;) - { - ll+=(BN_ULLONG)a[0]+b[0]; - r[0]=(BN_ULONG)ll&BN_MASK2; - ll>>=BN_BITS2; - if (--n <= 0) break; - - ll+=(BN_ULLONG)a[1]+b[1]; - r[1]=(BN_ULONG)ll&BN_MASK2; - ll>>=BN_BITS2; - if (--n <= 0) break; - - ll+=(BN_ULLONG)a[2]+b[2]; - r[2]=(BN_ULONG)ll&BN_MASK2; - ll>>=BN_BITS2; - if (--n <= 0) break; - - ll+=(BN_ULLONG)a[3]+b[3]; - r[3]=(BN_ULONG)ll&BN_MASK2; - ll>>=BN_BITS2; - if (--n <= 0) break; - - a+=4; - b+=4; - r+=4; - } - return((BN_ULONG)ll); - } -#else /* !BN_LLONG */ -BN_ULONG bn_add_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n) - { - BN_ULONG c,l,t; - - assert(n >= 0); - if (n <= 0) return((BN_ULONG)0); - - c=0; - for (;;) - { - t=a[0]; - t=(t+c)&BN_MASK2; - c=(t < c); - l=(t+b[0])&BN_MASK2; - c+=(l < t); - r[0]=l; - if (--n <= 0) break; - - t=a[1]; - t=(t+c)&BN_MASK2; - c=(t < c); - l=(t+b[1])&BN_MASK2; - c+=(l < t); - r[1]=l; - if (--n <= 0) break; - - t=a[2]; - t=(t+c)&BN_MASK2; - c=(t < c); - l=(t+b[2])&BN_MASK2; - c+=(l < t); - r[2]=l; - if (--n <= 0) break; - - t=a[3]; - t=(t+c)&BN_MASK2; - c=(t < c); - l=(t+b[3])&BN_MASK2; - c+=(l < t); - r[3]=l; - if (--n <= 0) break; - - a+=4; - b+=4; - r+=4; - } - return((BN_ULONG)c); - } -#endif /* !BN_LLONG */ - -BN_ULONG bn_sub_words(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n) - { - BN_ULONG t1,t2; - int c=0; - - assert(n >= 0); - if (n <= 0) return((BN_ULONG)0); - - for (;;) - { - t1=a[0]; t2=b[0]; - r[0]=(t1-t2-c)&BN_MASK2; - if (t1 != t2) c=(t1 < t2); - if (--n <= 0) break; - - t1=a[1]; t2=b[1]; - r[1]=(t1-t2-c)&BN_MASK2; - if (t1 != t2) c=(t1 < t2); - if (--n <= 0) break; - - t1=a[2]; t2=b[2]; - r[2]=(t1-t2-c)&BN_MASK2; - if (t1 != t2) c=(t1 < t2); - if (--n <= 0) break; - - t1=a[3]; t2=b[3]; - r[3]=(t1-t2-c)&BN_MASK2; - if (t1 != t2) c=(t1 < t2); - if (--n <= 0) break; - - a+=4; - b+=4; - r+=4; - } - return(c); - } - -#ifdef BN_MUL_COMBA - -#undef bn_mul_comba8 -#undef bn_mul_comba4 -#undef bn_sqr_comba8 -#undef bn_sqr_comba4 - -/* mul_add_c(a,b,c0,c1,c2) -- c+=a*b for three word number c=(c2,c1,c0) */ -/* mul_add_c2(a,b,c0,c1,c2) -- c+=2*a*b for three word number c=(c2,c1,c0) */ -/* sqr_add_c(a,i,c0,c1,c2) -- c+=a[i]^2 for three word number c=(c2,c1,c0) */ -/* sqr_add_c2(a,i,c0,c1,c2) -- c+=2*a[i]*a[j] for three word number c=(c2,c1,c0) */ - -#ifdef BN_LLONG -#define mul_add_c(a,b,c0,c1,c2) \ - t=(BN_ULLONG)a*b; \ - t1=(BN_ULONG)Lw(t); \ - t2=(BN_ULONG)Hw(t); \ - c0=(c0+t1)&BN_MASK2; if ((c0) < t1) t2++; \ - c1=(c1+t2)&BN_MASK2; if ((c1) < t2) c2++; - -#define mul_add_c2(a,b,c0,c1,c2) \ - t=(BN_ULLONG)a*b; \ - tt=(t+t)&BN_MASK; \ - if (tt < t) c2++; \ - t1=(BN_ULONG)Lw(tt); \ - t2=(BN_ULONG)Hw(tt); \ - c0=(c0+t1)&BN_MASK2; \ - if ((c0 < t1) && (((++t2)&BN_MASK2) == 0)) c2++; \ - c1=(c1+t2)&BN_MASK2; if ((c1) < t2) c2++; - -#define sqr_add_c(a,i,c0,c1,c2) \ - t=(BN_ULLONG)a[i]*a[i]; \ - t1=(BN_ULONG)Lw(t); \ - t2=(BN_ULONG)Hw(t); \ - c0=(c0+t1)&BN_MASK2; if ((c0) < t1) t2++; \ - c1=(c1+t2)&BN_MASK2; if ((c1) < t2) c2++; - -#define sqr_add_c2(a,i,j,c0,c1,c2) \ - mul_add_c2((a)[i],(a)[j],c0,c1,c2) - -#elif defined(BN_UMULT_HIGH) - -#define mul_add_c(a,b,c0,c1,c2) { \ - BN_ULONG ta=(a),tb=(b); \ - t1 = ta * tb; \ - t2 = BN_UMULT_HIGH(ta,tb); \ - c0 += t1; t2 += (c0 -#include "cryptlib.h" -#include "bn_lcl.h" - -BN_BLINDING *BN_BLINDING_new(BIGNUM *A, BIGNUM *Ai, BIGNUM *mod) - { - BN_BLINDING *ret=NULL; - - bn_check_top(Ai); - bn_check_top(mod); - - if ((ret=(BN_BLINDING *)OPENSSL_malloc(sizeof(BN_BLINDING))) == NULL) - { - BNerr(BN_F_BN_BLINDING_NEW,ERR_R_MALLOC_FAILURE); - return(NULL); - } - memset(ret,0,sizeof(BN_BLINDING)); - if ((ret->A=BN_new()) == NULL) goto err; - if ((ret->Ai=BN_new()) == NULL) goto err; - if (!BN_copy(ret->A,A)) goto err; - if (!BN_copy(ret->Ai,Ai)) goto err; - ret->mod=mod; - return(ret); -err: - if (ret != NULL) BN_BLINDING_free(ret); - return(NULL); - } - -void BN_BLINDING_free(BN_BLINDING *r) - { - if(r == NULL) - return; - - if (r->A != NULL) BN_free(r->A ); - if (r->Ai != NULL) BN_free(r->Ai); - OPENSSL_free(r); - } - -int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx) - { - int ret=0; - - if ((b->A == NULL) || (b->Ai == NULL)) - { - BNerr(BN_F_BN_BLINDING_UPDATE,BN_R_NOT_INITIALIZED); - goto err; - } - - if (!BN_mod_mul(b->A,b->A,b->A,b->mod,ctx)) goto err; - if (!BN_mod_mul(b->Ai,b->Ai,b->Ai,b->mod,ctx)) goto err; - - ret=1; -err: - return(ret); - } - -int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx) - { - bn_check_top(n); - - if ((b->A == NULL) || (b->Ai == NULL)) - { - BNerr(BN_F_BN_BLINDING_CONVERT,BN_R_NOT_INITIALIZED); - return(0); - } - return(BN_mod_mul(n,n,b->A,b->mod,ctx)); - } - -int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx) - { - int ret; - - bn_check_top(n); - if ((b->A == NULL) || (b->Ai == NULL)) - { - BNerr(BN_F_BN_BLINDING_INVERT,BN_R_NOT_INITIALIZED); - return(0); - } - if ((ret=BN_mod_mul(n,n,b->Ai,b->mod,ctx)) >= 0) - { - if (!BN_BLINDING_update(b,ctx)) - return(0); - } - return(ret); - } - diff --git a/src/lib/libcrypto/bn/bn_ctx.c b/src/lib/libcrypto/bn/bn_ctx.c deleted file mode 100644 index b1a8d7571e..0000000000 --- a/src/lib/libcrypto/bn/bn_ctx.c +++ /dev/null @@ -1,144 +0,0 @@ -/* crypto/bn/bn_ctx.c */ -/* Written by Ulf Moeller for the OpenSSL project. */ -/* ==================================================================== - * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef BN_CTX_DEBUG -# undef NDEBUG /* avoid conflicting definitions */ -# define NDEBUG -#endif - -#include -#include -#include "cryptlib.h" -#include - - -BN_CTX *BN_CTX_new(void) - { - BN_CTX *ret; - - ret=(BN_CTX *)OPENSSL_malloc(sizeof(BN_CTX)); - if (ret == NULL) - { - BNerr(BN_F_BN_CTX_NEW,ERR_R_MALLOC_FAILURE); - return(NULL); - } - - BN_CTX_init(ret); - ret->flags=BN_FLG_MALLOCED; - return(ret); - } - -void BN_CTX_init(BN_CTX *ctx) - { - int i; - ctx->tos = 0; - ctx->flags = 0; - ctx->depth = 0; - ctx->too_many = 0; - for (i = 0; i < BN_CTX_NUM; i++) - BN_init(&(ctx->bn[i])); - } - -void BN_CTX_free(BN_CTX *ctx) - { - int i; - - if (ctx == NULL) return; - assert(ctx->depth == 0); - - for (i=0; i < BN_CTX_NUM; i++) - BN_clear_free(&(ctx->bn[i])); - if (ctx->flags & BN_FLG_MALLOCED) - OPENSSL_free(ctx); - } - -void BN_CTX_start(BN_CTX *ctx) - { - if (ctx->depth < BN_CTX_NUM_POS) - ctx->pos[ctx->depth] = ctx->tos; - ctx->depth++; - } - -BIGNUM *BN_CTX_get(BN_CTX *ctx) - { - if (ctx->depth > BN_CTX_NUM_POS || ctx->tos >= BN_CTX_NUM) - { - if (!ctx->too_many) - { - BNerr(BN_F_BN_CTX_GET,BN_R_TOO_MANY_TEMPORARY_VARIABLES); - /* disable error code until BN_CTX_end is called: */ - ctx->too_many = 1; - } - return NULL; - } - return (&(ctx->bn[ctx->tos++])); - } - -void BN_CTX_end(BN_CTX *ctx) - { - if (ctx == NULL) return; - assert(ctx->depth > 0); - if (ctx->depth == 0) - /* should never happen, but we can tolerate it if not in - * debug mode (could be a 'goto err' in the calling function - * before BN_CTX_start was reached) */ - BN_CTX_start(ctx); - - ctx->too_many = 0; - ctx->depth--; - if (ctx->depth < BN_CTX_NUM_POS) - ctx->tos = ctx->pos[ctx->depth]; - } diff --git a/src/lib/libcrypto/bn/bn_div.c b/src/lib/libcrypto/bn/bn_div.c deleted file mode 100644 index c3772c243b..0000000000 --- a/src/lib/libcrypto/bn/bn_div.c +++ /dev/null @@ -1,380 +0,0 @@ -/* crypto/bn/bn_div.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include "cryptlib.h" -#include "bn_lcl.h" - -/* The old slow way */ -#if 0 -int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, - BN_CTX *ctx) - { - int i,nm,nd; - int ret = 0; - BIGNUM *D; - - bn_check_top(m); - bn_check_top(d); - if (BN_is_zero(d)) - { - BNerr(BN_F_BN_DIV,BN_R_DIV_BY_ZERO); - return(0); - } - - if (BN_ucmp(m,d) < 0) - { - if (rem != NULL) - { if (BN_copy(rem,m) == NULL) return(0); } - if (dv != NULL) BN_zero(dv); - return(1); - } - - BN_CTX_start(ctx); - D = BN_CTX_get(ctx); - if (dv == NULL) dv = BN_CTX_get(ctx); - if (rem == NULL) rem = BN_CTX_get(ctx); - if (D == NULL || dv == NULL || rem == NULL) - goto end; - - nd=BN_num_bits(d); - nm=BN_num_bits(m); - if (BN_copy(D,d) == NULL) goto end; - if (BN_copy(rem,m) == NULL) goto end; - - /* The next 2 are needed so we can do a dv->d[0]|=1 later - * since BN_lshift1 will only work once there is a value :-) */ - BN_zero(dv); - bn_wexpand(dv,1); - dv->top=1; - - if (!BN_lshift(D,D,nm-nd)) goto end; - for (i=nm-nd; i>=0; i--) - { - if (!BN_lshift1(dv,dv)) goto end; - if (BN_ucmp(rem,D) >= 0) - { - dv->d[0]|=1; - if (!BN_usub(rem,rem,D)) goto end; - } -/* CAN IMPROVE (and have now :=) */ - if (!BN_rshift1(D,D)) goto end; - } - rem->neg=BN_is_zero(rem)?0:m->neg; - dv->neg=m->neg^d->neg; - ret = 1; - end: - BN_CTX_end(ctx); - return(ret); - } - -#else - -#if !defined(NO_ASM) && !defined(NO_INLINE_ASM) && !defined(PEDANTIC) && !defined(BN_DIV3W) -# if defined(__GNUC__) && __GNUC__>=2 -# if defined(__i386) - /* - * There were two reasons for implementing this template: - * - GNU C generates a call to a function (__udivdi3 to be exact) - * in reply to ((((BN_ULLONG)n0)< - */ -# define bn_div_words(n0,n1,d0) \ - ({ asm volatile ( \ - "divl %4" \ - : "=a"(q), "=d"(rem) \ - : "a"(n1), "d"(n0), "g"(d0) \ - : "cc"); \ - q; \ - }) -# define REMAINDER_IS_ALREADY_CALCULATED -# endif /* __ */ -# endif /* __GNUC__ */ -#endif /* NO_ASM */ - -int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor, - BN_CTX *ctx) - { - int norm_shift,i,j,loop; - BIGNUM *tmp,wnum,*snum,*sdiv,*res; - BN_ULONG *resp,*wnump; - BN_ULONG d0,d1; - int num_n,div_n; - - bn_check_top(num); - bn_check_top(divisor); - - if (BN_is_zero(divisor)) - { - BNerr(BN_F_BN_DIV,BN_R_DIV_BY_ZERO); - return(0); - } - - if (BN_ucmp(num,divisor) < 0) - { - if (rm != NULL) - { if (BN_copy(rm,num) == NULL) return(0); } - if (dv != NULL) BN_zero(dv); - return(1); - } - - BN_CTX_start(ctx); - tmp=BN_CTX_get(ctx); - tmp->neg=0; - snum=BN_CTX_get(ctx); - sdiv=BN_CTX_get(ctx); - if (dv == NULL) - res=BN_CTX_get(ctx); - else res=dv; - if (res == NULL) goto err; - - /* First we normalise the numbers */ - norm_shift=BN_BITS2-((BN_num_bits(divisor))%BN_BITS2); - BN_lshift(sdiv,divisor,norm_shift); - sdiv->neg=0; - norm_shift+=BN_BITS2; - BN_lshift(snum,num,norm_shift); - snum->neg=0; - div_n=sdiv->top; - num_n=snum->top; - loop=num_n-div_n; - - /* Lets setup a 'window' into snum - * This is the part that corresponds to the current - * 'area' being divided */ - BN_init(&wnum); - wnum.d= &(snum->d[loop]); - wnum.top= div_n; - wnum.dmax= snum->dmax+1; /* a bit of a lie */ - - /* Get the top 2 words of sdiv */ - /* i=sdiv->top; */ - d0=sdiv->d[div_n-1]; - d1=(div_n == 1)?0:sdiv->d[div_n-2]; - - /* pointer to the 'top' of snum */ - wnump= &(snum->d[num_n-1]); - - /* Setup to 'res' */ - res->neg= (num->neg^divisor->neg); - if (!bn_wexpand(res,(loop+1))) goto err; - res->top=loop; - resp= &(res->d[loop-1]); - - /* space for temp */ - if (!bn_wexpand(tmp,(div_n+1))) goto err; - - if (BN_ucmp(&wnum,sdiv) >= 0) - { - if (!BN_usub(&wnum,&wnum,sdiv)) goto err; - *resp=1; - res->d[res->top-1]=1; - } - else - res->top--; - resp--; - - for (i=0; id,sdiv->d,div_n,q); - wnum.d--; wnum.top++; - tmp->d[div_n]=l0; - for (j=div_n+1; j>0; j--) - if (tmp->d[j-1]) break; - tmp->top=j; - - j=wnum.top; - BN_sub(&wnum,&wnum,tmp); - - snum->top=snum->top+wnum.top-j; - - if (wnum.neg) - { - q--; - j=wnum.top; - BN_add(&wnum,&wnum,sdiv); - snum->top+=wnum.top-j; - } - *(resp--)=q; - wnump--; - } - if (rm != NULL) - { - BN_rshift(rm,snum,norm_shift); - rm->neg=num->neg; - } - BN_CTX_end(ctx); - return(1); -err: - BN_CTX_end(ctx); - return(0); - } - -#endif - -/* rem != m */ -int BN_mod(BIGNUM *rem, const BIGNUM *m, const BIGNUM *d, BN_CTX *ctx) - { -#if 0 /* The old slow way */ - int i,nm,nd; - BIGNUM *dv; - - if (BN_ucmp(m,d) < 0) - return((BN_copy(rem,m) == NULL)?0:1); - - BN_CTX_start(ctx); - dv=BN_CTX_get(ctx); - - if (!BN_copy(rem,m)) goto err; - - nm=BN_num_bits(rem); - nd=BN_num_bits(d); - if (!BN_lshift(dv,d,nm-nd)) goto err; - for (i=nm-nd; i>=0; i--) - { - if (BN_cmp(rem,dv) >= 0) - { - if (!BN_sub(rem,rem,dv)) goto err; - } - if (!BN_rshift1(dv,dv)) goto err; - } - BN_CTX_end(ctx); - return(1); - err: - BN_CTX_end(ctx); - return(0); -#else - return(BN_div(NULL,rem,m,d,ctx)); -#endif - } - diff --git a/src/lib/libcrypto/bn/bn_err.c b/src/lib/libcrypto/bn/bn_err.c deleted file mode 100644 index 86550c4c21..0000000000 --- a/src/lib/libcrypto/bn/bn_err.c +++ /dev/null @@ -1,121 +0,0 @@ -/* crypto/bn/bn_err.c */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* NOTE: this file was auto generated by the mkerr.pl script: any changes - * made to it will be overwritten when the script next updates this file, - * only reason strings will be preserved. - */ - -#include -#include -#include - -/* BEGIN ERROR CODES */ -#ifndef NO_ERR -static ERR_STRING_DATA BN_str_functs[]= - { -{ERR_PACK(0,BN_F_BN_BLINDING_CONVERT,0), "BN_BLINDING_convert"}, -{ERR_PACK(0,BN_F_BN_BLINDING_INVERT,0), "BN_BLINDING_invert"}, -{ERR_PACK(0,BN_F_BN_BLINDING_NEW,0), "BN_BLINDING_new"}, -{ERR_PACK(0,BN_F_BN_BLINDING_UPDATE,0), "BN_BLINDING_update"}, -{ERR_PACK(0,BN_F_BN_BN2DEC,0), "BN_bn2dec"}, -{ERR_PACK(0,BN_F_BN_BN2HEX,0), "BN_bn2hex"}, -{ERR_PACK(0,BN_F_BN_CTX_GET,0), "BN_CTX_get"}, -{ERR_PACK(0,BN_F_BN_CTX_NEW,0), "BN_CTX_new"}, -{ERR_PACK(0,BN_F_BN_DIV,0), "BN_div"}, -{ERR_PACK(0,BN_F_BN_EXPAND2,0), "bn_expand2"}, -{ERR_PACK(0,BN_F_BN_MOD_EXP2_MONT,0), "BN_mod_exp2_mont"}, -{ERR_PACK(0,BN_F_BN_MOD_EXP_MONT,0), "BN_mod_exp_mont"}, -{ERR_PACK(0,BN_F_BN_MOD_EXP_MONT_WORD,0), "BN_mod_exp_mont_word"}, -{ERR_PACK(0,BN_F_BN_MOD_INVERSE,0), "BN_mod_inverse"}, -{ERR_PACK(0,BN_F_BN_MOD_MUL_RECIPROCAL,0), "BN_mod_mul_reciprocal"}, -{ERR_PACK(0,BN_F_BN_MPI2BN,0), "BN_mpi2bn"}, -{ERR_PACK(0,BN_F_BN_NEW,0), "BN_new"}, -{ERR_PACK(0,BN_F_BN_RAND,0), "BN_rand"}, -{ERR_PACK(0,BN_F_BN_USUB,0), "BN_usub"}, -{0,NULL} - }; - -static ERR_STRING_DATA BN_str_reasons[]= - { -{BN_R_ARG2_LT_ARG3 ,"arg2 lt arg3"}, -{BN_R_BAD_RECIPROCAL ,"bad reciprocal"}, -{BN_R_CALLED_WITH_EVEN_MODULUS ,"called with even modulus"}, -{BN_R_DIV_BY_ZERO ,"div by zero"}, -{BN_R_ENCODING_ERROR ,"encoding error"}, -{BN_R_EXPAND_ON_STATIC_BIGNUM_DATA ,"expand on static bignum data"}, -{BN_R_INVALID_LENGTH ,"invalid length"}, -{BN_R_NOT_INITIALIZED ,"not initialized"}, -{BN_R_NO_INVERSE ,"no inverse"}, -{BN_R_TOO_MANY_TEMPORARY_VARIABLES ,"too many temporary variables"}, -{0,NULL} - }; - -#endif - -void ERR_load_BN_strings(void) - { - static int init=1; - - if (init) - { - init=0; -#ifndef NO_ERR - ERR_load_strings(ERR_LIB_BN,BN_str_functs); - ERR_load_strings(ERR_LIB_BN,BN_str_reasons); -#endif - - } - } diff --git a/src/lib/libcrypto/bn/bn_exp.c b/src/lib/libcrypto/bn/bn_exp.c deleted file mode 100644 index d2c91628ac..0000000000 --- a/src/lib/libcrypto/bn/bn_exp.c +++ /dev/null @@ -1,696 +0,0 @@ -/* crypto/bn/bn_exp.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - - -#include -#include "cryptlib.h" -#include "bn_lcl.h" - -#define TABLE_SIZE 32 - -/* slow but works */ -int BN_mod_mul(BIGNUM *ret, BIGNUM *a, BIGNUM *b, const BIGNUM *m, BN_CTX *ctx) - { - BIGNUM *t; - int r=0; - - bn_check_top(a); - bn_check_top(b); - bn_check_top(m); - - BN_CTX_start(ctx); - if ((t = BN_CTX_get(ctx)) == NULL) goto err; - if (a == b) - { if (!BN_sqr(t,a,ctx)) goto err; } - else - { if (!BN_mul(t,a,b,ctx)) goto err; } - if (!BN_mod(ret,t,m,ctx)) goto err; - r=1; -err: - BN_CTX_end(ctx); - return(r); - } - - -/* this one works - simple but works */ -int BN_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BN_CTX *ctx) - { - int i,bits,ret=0; - BIGNUM *v,*rr; - - BN_CTX_start(ctx); - if ((r == a) || (r == p)) - rr = BN_CTX_get(ctx); - else - rr = r; - if ((v = BN_CTX_get(ctx)) == NULL) goto err; - - if (BN_copy(v,a) == NULL) goto err; - bits=BN_num_bits(p); - - if (BN_is_odd(p)) - { if (BN_copy(rr,a) == NULL) goto err; } - else { if (!BN_one(rr)) goto err; } - - for (i=1; i= m. eay 07-May-97 */ -/* if ((m->d[m->top-1]&BN_TBIT) && BN_is_odd(m)) */ - - if (BN_is_odd(m)) - { - if (a->top == 1) - { - BN_ULONG A = a->d[0]; - ret=BN_mod_exp_mont_word(r,A,p,m,ctx,NULL); - } - else - ret=BN_mod_exp_mont(r,a,p,m,ctx,NULL); - } - else -#endif -#ifdef RECP_MUL_MOD - { ret=BN_mod_exp_recp(r,a,p,m,ctx); } -#else - { ret=BN_mod_exp_simple(r,a,p,m,ctx); } -#endif - - return(ret); - } - - -int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx) - { - int i,j,bits,ret=0,wstart,wend,window,wvalue; - int start=1,ts=0; - BIGNUM *aa; - BIGNUM val[TABLE_SIZE]; - BN_RECP_CTX recp; - - bits=BN_num_bits(p); - - if (bits == 0) - { - BN_one(r); - return(1); - } - - BN_CTX_start(ctx); - if ((aa = BN_CTX_get(ctx)) == NULL) goto err; - - BN_RECP_CTX_init(&recp); - if (BN_RECP_CTX_set(&recp,m,ctx) <= 0) goto err; - - BN_init(&(val[0])); - ts=1; - - if (!BN_mod(&(val[0]),a,m,ctx)) goto err; /* 1 */ - - window = BN_window_bits_for_exponent_size(bits); - if (window > 1) - { - if (!BN_mod_mul_reciprocal(aa,&(val[0]),&(val[0]),&recp,ctx)) - goto err; /* 2 */ - j=1<<(window-1); - for (i=1; i>1]),&recp,ctx)) - goto err; - - /* move the 'window' down further */ - wstart-=wend+1; - wvalue=0; - start=0; - if (wstart < 0) break; - } - ret=1; -err: - BN_CTX_end(ctx); - for (i=0; id[0] & 1)) - { - BNerr(BN_F_BN_MOD_EXP_MONT,BN_R_CALLED_WITH_EVEN_MODULUS); - return(0); - } - bits=BN_num_bits(p); - if (bits == 0) - { - BN_one(rr); - return(1); - } - BN_CTX_start(ctx); - d = BN_CTX_get(ctx); - r = BN_CTX_get(ctx); - if (d == NULL || r == NULL) goto err; - - /* If this is not done, things will break in the montgomery - * part */ - - if (in_mont != NULL) - mont=in_mont; - else - { - if ((mont=BN_MONT_CTX_new()) == NULL) goto err; - if (!BN_MONT_CTX_set(mont,m,ctx)) goto err; - } - - BN_init(&val[0]); - ts=1; - if (BN_ucmp(a,m) >= 0) - { - if (!BN_mod(&(val[0]),a,m,ctx)) - goto err; - aa= &(val[0]); - } - else - aa=a; - if (!BN_to_montgomery(&(val[0]),aa,mont,ctx)) goto err; /* 1 */ - - window = BN_window_bits_for_exponent_size(bits); - if (window > 1) - { - if (!BN_mod_mul_montgomery(d,&(val[0]),&(val[0]),mont,ctx)) goto err; /* 2 */ - j=1<<(window-1); - for (i=1; i>1]),mont,ctx)) - goto err; - - /* move the 'window' down further */ - wstart-=wend+1; - wvalue=0; - start=0; - if (wstart < 0) break; - } - if (!BN_from_montgomery(rr,r,mont,ctx)) goto err; - ret=1; -err: - if ((in_mont == NULL) && (mont != NULL)) BN_MONT_CTX_free(mont); - BN_CTX_end(ctx); - for (i=0; id[0] & 1)) - { - BNerr(BN_F_BN_MOD_EXP_MONT_WORD,BN_R_CALLED_WITH_EVEN_MODULUS); - return(0); - } - bits = BN_num_bits(p); - if (bits == 0) - { - BN_one(rr); - return(1); - } - BN_CTX_start(ctx); - d = BN_CTX_get(ctx); - r = BN_CTX_get(ctx); - t = BN_CTX_get(ctx); - if (d == NULL || r == NULL || t == NULL) goto err; - - if (in_mont != NULL) - mont=in_mont; - else - { - if ((mont = BN_MONT_CTX_new()) == NULL) goto err; - if (!BN_MONT_CTX_set(mont, m, ctx)) goto err; - } - - r_is_one = 1; /* except for Montgomery factor */ - - /* bits-1 >= 0 */ - - /* The result is accumulated in the product r*w. */ - w = a; /* bit 'bits-1' of 'p' is always set */ - for (b = bits-2; b >= 0; b--) - { - /* First, square r*w. */ - next_w = w*w; - if ((next_w/w) != w) /* overflow */ - { - if (r_is_one) - { - if (!BN_TO_MONTGOMERY_WORD(r, w, mont)) goto err; - r_is_one = 0; - } - else - { - if (!BN_MOD_MUL_WORD(r, w, m)) goto err; - } - next_w = 1; - } - w = next_w; - if (!r_is_one) - { - if (!BN_mod_mul_montgomery(r, r, r, mont, ctx)) goto err; - } - - /* Second, multiply r*w by 'a' if exponent bit is set. */ - if (BN_is_bit_set(p, b)) - { - next_w = w*a; - if ((next_w/a) != w) /* overflow */ - { - if (r_is_one) - { - if (!BN_TO_MONTGOMERY_WORD(r, w, mont)) goto err; - r_is_one = 0; - } - else - { - if (!BN_MOD_MUL_WORD(r, w, m)) goto err; - } - next_w = a; - } - w = next_w; - } - } - - /* Finally, set r:=r*w. */ - if (w != 1) - { - if (r_is_one) - { - if (!BN_TO_MONTGOMERY_WORD(r, w, mont)) goto err; - r_is_one = 0; - } - else - { - if (!BN_MOD_MUL_WORD(r, w, m)) goto err; - } - } - - if (r_is_one) /* can happen only if a == 1*/ - { - if (!BN_one(rr)) goto err; - } - else - { - if (!BN_from_montgomery(rr, r, mont, ctx)) goto err; - } - ret = 1; -err: - if ((in_mont == NULL) && (mont != NULL)) BN_MONT_CTX_free(mont); - BN_CTX_end(ctx); - return(ret); - } - - -/* The old fallback, simple version :-) */ -int BN_mod_exp_simple(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m, - BN_CTX *ctx) - { - int i,j,bits,ret=0,wstart,wend,window,wvalue,ts=0; - int start=1; - BIGNUM *d; - BIGNUM val[TABLE_SIZE]; - - bits=BN_num_bits(p); - - if (bits == 0) - { - BN_one(r); - return(1); - } - - BN_CTX_start(ctx); - if ((d = BN_CTX_get(ctx)) == NULL) goto err; - - BN_init(&(val[0])); - ts=1; - if (!BN_mod(&(val[0]),a,m,ctx)) goto err; /* 1 */ - - window = BN_window_bits_for_exponent_size(bits); - if (window > 1) - { - if (!BN_mod_mul(d,&(val[0]),&(val[0]),m,ctx)) - goto err; /* 2 */ - j=1<<(window-1); - for (i=1; i>1]),m,ctx)) - goto err; - - /* move the 'window' down further */ - wstart-=wend+1; - wvalue=0; - start=0; - if (wstart < 0) break; - } - ret=1; -err: - BN_CTX_end(ctx); - for (i=0; i -#include "cryptlib.h" -#include "bn_lcl.h" - -#define TABLE_SIZE 32 - -int BN_mod_exp2_mont(BIGNUM *rr, BIGNUM *a1, BIGNUM *p1, BIGNUM *a2, - BIGNUM *p2, BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont) - { - int i,j,bits,b,bits1,bits2,ret=0,wpos1,wpos2,window1,window2,wvalue1,wvalue2; - int r_is_one=1,ts1=0,ts2=0; - BIGNUM *d,*r; - BIGNUM *a_mod_m; - BIGNUM val1[TABLE_SIZE], val2[TABLE_SIZE]; - BN_MONT_CTX *mont=NULL; - - bn_check_top(a1); - bn_check_top(p1); - bn_check_top(a2); - bn_check_top(p2); - bn_check_top(m); - - if (!(m->d[0] & 1)) - { - BNerr(BN_F_BN_MOD_EXP2_MONT,BN_R_CALLED_WITH_EVEN_MODULUS); - return(0); - } - bits1=BN_num_bits(p1); - bits2=BN_num_bits(p2); - if ((bits1 == 0) && (bits2 == 0)) - { - BN_one(rr); - return(1); - } - bits=(bits1 > bits2)?bits1:bits2; - - BN_CTX_start(ctx); - d = BN_CTX_get(ctx); - r = BN_CTX_get(ctx); - if (d == NULL || r == NULL) goto err; - - if (in_mont != NULL) - mont=in_mont; - else - { - if ((mont=BN_MONT_CTX_new()) == NULL) goto err; - if (!BN_MONT_CTX_set(mont,m,ctx)) goto err; - } - - window1 = BN_window_bits_for_exponent_size(bits1); - window2 = BN_window_bits_for_exponent_size(bits2); - - /* - * Build table for a1: val1[i] := a1^(2*i + 1) mod m for i = 0 .. 2^(window1-1) - */ - BN_init(&val1[0]); - ts1=1; - if (BN_ucmp(a1,m) >= 0) - { - if (!BN_mod(&(val1[0]),a1,m,ctx)) - goto err; - a_mod_m = &(val1[0]); - } - else - a_mod_m = a1; - if (!BN_to_montgomery(&(val1[0]),a_mod_m,mont,ctx)) goto err; - if (window1 > 1) - { - if (!BN_mod_mul_montgomery(d,&(val1[0]),&(val1[0]),mont,ctx)) goto err; - - j=1<<(window1-1); - for (i=1; i= 0) - { - if (!BN_mod(&(val2[0]),a2,m,ctx)) - goto err; - a_mod_m = &(val2[0]); - } - else - a_mod_m = a2; - if (!BN_to_montgomery(&(val2[0]),a_mod_m,mont,ctx)) goto err; - if (window2 > 1) - { - if (!BN_mod_mul_montgomery(d,&(val2[0]),&(val2[0]),mont,ctx)) goto err; - - j=1<<(window2-1); - for (i=1; i 0, the bottom bit of the first window */ - wpos2=0; /* If wvalue2 > 0, the bottom bit of the second window */ - - if (!BN_to_montgomery(r,BN_value_one(),mont,ctx)) goto err; - for (b=bits-1; b>=0; b--) - { - if (!r_is_one) - { - if (!BN_mod_mul_montgomery(r,r,r,mont,ctx)) - goto err; - } - - if (!wvalue1) - if (BN_is_bit_set(p1, b)) - { - /* consider bits b-window1+1 .. b for this window */ - i = b-window1+1; - while (!BN_is_bit_set(p1, i)) /* works for i<0 */ - i++; - wpos1 = i; - wvalue1 = 1; - for (i = b-1; i >= wpos1; i--) - { - wvalue1 <<= 1; - if (BN_is_bit_set(p1, i)) - wvalue1++; - } - } - - if (!wvalue2) - if (BN_is_bit_set(p2, b)) - { - /* consider bits b-window2+1 .. b for this window */ - i = b-window2+1; - while (!BN_is_bit_set(p2, i)) - i++; - wpos2 = i; - wvalue2 = 1; - for (i = b-1; i >= wpos2; i--) - { - wvalue2 <<= 1; - if (BN_is_bit_set(p2, i)) - wvalue2++; - } - } - - if (wvalue1 && b == wpos1) - { - /* wvalue1 is odd and < 2^window1 */ - if (!BN_mod_mul_montgomery(r,r,&(val1[wvalue1>>1]),mont,ctx)) - goto err; - wvalue1 = 0; - r_is_one = 0; - } - - if (wvalue2 && b == wpos2) - { - /* wvalue2 is odd and < 2^window2 */ - if (!BN_mod_mul_montgomery(r,r,&(val2[wvalue2>>1]),mont,ctx)) - goto err; - wvalue2 = 0; - r_is_one = 0; - } - } - BN_from_montgomery(rr,r,mont,ctx); - ret=1; -err: - if ((in_mont == NULL) && (mont != NULL)) BN_MONT_CTX_free(mont); - BN_CTX_end(ctx); - for (i=0; i -#include "cryptlib.h" -#include "bn_lcl.h" - -static BIGNUM *euclid(BIGNUM *a, BIGNUM *b); - -int BN_gcd(BIGNUM *r, BIGNUM *in_a, BIGNUM *in_b, BN_CTX *ctx) - { - BIGNUM *a,*b,*t; - int ret=0; - - bn_check_top(in_a); - bn_check_top(in_b); - - BN_CTX_start(ctx); - a = BN_CTX_get(ctx); - b = BN_CTX_get(ctx); - if (a == NULL || b == NULL) goto err; - - if (BN_copy(a,in_a) == NULL) goto err; - if (BN_copy(b,in_b) == NULL) goto err; - - if (BN_cmp(a,b) < 0) { t=a; a=b; b=t; } - t=euclid(a,b); - if (t == NULL) goto err; - - if (BN_copy(r,t) == NULL) goto err; - ret=1; -err: - BN_CTX_end(ctx); - return(ret); - } - -static BIGNUM *euclid(BIGNUM *a, BIGNUM *b) - { - BIGNUM *t; - int shifts=0; - - bn_check_top(a); - bn_check_top(b); - - for (;;) - { - if (BN_is_zero(b)) - break; - - if (BN_is_odd(a)) - { - if (BN_is_odd(b)) - { - if (!BN_sub(a,a,b)) goto err; - if (!BN_rshift1(a,a)) goto err; - if (BN_cmp(a,b) < 0) - { t=a; a=b; b=t; } - } - else /* a odd - b even */ - { - if (!BN_rshift1(b,b)) goto err; - if (BN_cmp(a,b) < 0) - { t=a; a=b; b=t; } - } - } - else /* a is even */ - { - if (BN_is_odd(b)) - { - if (!BN_rshift1(a,a)) goto err; - if (BN_cmp(a,b) < 0) - { t=a; a=b; b=t; } - } - else /* a even - b even */ - { - if (!BN_rshift1(a,a)) goto err; - if (!BN_rshift1(b,b)) goto err; - shifts++; - } - } - } - if (shifts) - { - if (!BN_lshift(a,a,shifts)) goto err; - } - return(a); -err: - return(NULL); - } - -/* solves ax == 1 (mod n) */ -BIGNUM *BN_mod_inverse(BIGNUM *in, BIGNUM *a, const BIGNUM *n, BN_CTX *ctx) - { - BIGNUM *A,*B,*X,*Y,*M,*D,*R=NULL; - BIGNUM *T,*ret=NULL; - int sign; - - bn_check_top(a); - bn_check_top(n); - - BN_CTX_start(ctx); - A = BN_CTX_get(ctx); - B = BN_CTX_get(ctx); - X = BN_CTX_get(ctx); - D = BN_CTX_get(ctx); - M = BN_CTX_get(ctx); - Y = BN_CTX_get(ctx); - if (Y == NULL) goto err; - - if (in == NULL) - R=BN_new(); - else - R=in; - if (R == NULL) goto err; - - BN_zero(X); - BN_one(Y); - if (BN_copy(A,a) == NULL) goto err; - if (BN_copy(B,n) == NULL) goto err; - sign=1; - - while (!BN_is_zero(B)) - { - if (!BN_div(D,M,A,B,ctx)) goto err; - T=A; - A=B; - B=M; - /* T has a struct, M does not */ - - if (!BN_mul(T,D,X,ctx)) goto err; - if (!BN_add(T,T,Y)) goto err; - M=Y; - Y=X; - X=T; - sign= -sign; - } - if (sign < 0) - { - if (!BN_sub(Y,n,Y)) goto err; - } - - if (BN_is_one(A)) - { if (!BN_mod(R,Y,n,ctx)) goto err; } - else - { - BNerr(BN_F_BN_MOD_INVERSE,BN_R_NO_INVERSE); - goto err; - } - ret=R; -err: - if ((ret == NULL) && (in == NULL)) BN_free(R); - BN_CTX_end(ctx); - return(ret); - } - diff --git a/src/lib/libcrypto/bn/bn_lcl.h b/src/lib/libcrypto/bn/bn_lcl.h deleted file mode 100644 index 9c959921b4..0000000000 --- a/src/lib/libcrypto/bn/bn_lcl.h +++ /dev/null @@ -1,419 +0,0 @@ -/* crypto/bn/bn_lcl.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_BN_LCL_H -#define HEADER_BN_LCL_H - -#include - -#ifdef __cplusplus -extern "C" { -#endif - - -/* - * BN_window_bits_for_exponent_size -- macro for sliding window mod_exp functions - * - * - * For window size 'w' (w >= 2) and a random 'b' bits exponent, - * the number of multiplications is a constant plus on average - * - * 2^(w-1) + (b-w)/(w+1); - * - * here 2^(w-1) is for precomputing the table (we actually need - * entries only for windows that have the lowest bit set), and - * (b-w)/(w+1) is an approximation for the expected number of - * w-bit windows, not counting the first one. - * - * Thus we should use - * - * w >= 6 if b > 671 - * w = 5 if 671 > b > 239 - * w = 4 if 239 > b > 79 - * w = 3 if 79 > b > 23 - * w <= 2 if 23 > b - * - * (with draws in between). Very small exponents are often selected - * with low Hamming weight, so we use w = 1 for b <= 23. - */ -#if 1 -#define BN_window_bits_for_exponent_size(b) \ - ((b) > 671 ? 6 : \ - (b) > 239 ? 5 : \ - (b) > 79 ? 4 : \ - (b) > 23 ? 3 : 1) -#else -/* Old SSLeay/OpenSSL table. - * Maximum window size was 5, so this table differs for b==1024; - * but it coincides for other interesting values (b==160, b==512). - */ -#define BN_window_bits_for_exponent_size(b) \ - ((b) > 255 ? 5 : \ - (b) > 127 ? 4 : \ - (b) > 17 ? 3 : 1) -#endif - - - -/* Pentium pro 16,16,16,32,64 */ -/* Alpha 16,16,16,16.64 */ -#define BN_MULL_SIZE_NORMAL (16) /* 32 */ -#define BN_MUL_RECURSIVE_SIZE_NORMAL (16) /* 32 less than */ -#define BN_SQR_RECURSIVE_SIZE_NORMAL (16) /* 32 */ -#define BN_MUL_LOW_RECURSIVE_SIZE_NORMAL (32) /* 32 */ -#define BN_MONT_CTX_SET_SIZE_WORD (64) /* 32 */ - -#if !defined(NO_ASM) && !defined(NO_INLINE_ASM) && !defined(PEDANTIC) -/* - * BN_UMULT_HIGH section. - * - * No, I'm not trying to overwhelm you when stating that the - * product of N-bit numbers is 2*N bits wide:-) No, I don't expect - * you to be impressed when I say that if the compiler doesn't - * support 2*N integer type, then you have to replace every N*N - * multiplication with 4 (N/2)*(N/2) accompanied by some shifts - * and additions which unavoidably results in severe performance - * penalties. Of course provided that the hardware is capable of - * producing 2*N result... That's when you normally start - * considering assembler implementation. However! It should be - * pointed out that some CPUs (most notably Alpha, PowerPC and - * upcoming IA-64 family:-) provide *separate* instruction - * calculating the upper half of the product placing the result - * into a general purpose register. Now *if* the compiler supports - * inline assembler, then it's not impossible to implement the - * "bignum" routines (and have the compiler optimize 'em) - * exhibiting "native" performance in C. That's what BN_UMULT_HIGH - * macro is about:-) - * - * - */ -# if defined(__alpha) && (defined(SIXTY_FOUR_BIT_LONG) || defined(SIXTY_FOUR_BIT)) -# if defined(__DECC) -# include -# define BN_UMULT_HIGH(a,b) (BN_ULONG)asm("umulh %a0,%a1,%v0",(a),(b)) -# elif defined(__GNUC__) -# define BN_UMULT_HIGH(a,b) ({ \ - register BN_ULONG ret; \ - asm ("umulh %1,%2,%0" \ - : "=r"(ret) \ - : "r"(a), "r"(b)); \ - ret; }) -# endif /* compiler */ -# elif defined(_ARCH_PPC) && defined(__64BIT__) && defined(SIXTY_FOUR_BIT_LONG) -# if defined(__GNUC__) -# define BN_UMULT_HIGH(a,b) ({ \ - register BN_ULONG ret; \ - asm ("mulhdu %0,%1,%2" \ - : "=r"(ret) \ - : "r"(a), "r"(b)); \ - ret; }) -# endif /* compiler */ -# endif /* cpu */ -#endif /* NO_ASM */ - -/************************************************************* - * Using the long long type - */ -#define Lw(t) (((BN_ULONG)(t))&BN_MASK2) -#define Hw(t) (((BN_ULONG)((t)>>BN_BITS2))&BN_MASK2) - -/* This is used for internal error checking and is not normally used */ -#ifdef BN_DEBUG -# include -# define bn_check_top(a) assert ((a)->top >= 0 && (a)->top <= (a)->dmax); -#else -# define bn_check_top(a) -#endif - -/* This macro is to add extra stuff for development checking */ -#ifdef BN_DEBUG -#define bn_set_max(r) ((r)->max=(r)->top,BN_set_flags((r),BN_FLG_STATIC_DATA)) -#else -#define bn_set_max(r) -#endif - -/* These macros are used to 'take' a section of a bignum for read only use */ -#define bn_set_low(r,a,n) \ - { \ - (r)->top=((a)->top > (n))?(n):(a)->top; \ - (r)->d=(a)->d; \ - (r)->neg=(a)->neg; \ - (r)->flags|=BN_FLG_STATIC_DATA; \ - bn_set_max(r); \ - } - -#define bn_set_high(r,a,n) \ - { \ - if ((a)->top > (n)) \ - { \ - (r)->top=(a)->top-n; \ - (r)->d= &((a)->d[n]); \ - } \ - else \ - (r)->top=0; \ - (r)->neg=(a)->neg; \ - (r)->flags|=BN_FLG_STATIC_DATA; \ - bn_set_max(r); \ - } - -#ifdef BN_LLONG -#define mul_add(r,a,w,c) { \ - BN_ULLONG t; \ - t=(BN_ULLONG)w * (a) + (r) + (c); \ - (r)= Lw(t); \ - (c)= Hw(t); \ - } - -#define mul(r,a,w,c) { \ - BN_ULLONG t; \ - t=(BN_ULLONG)w * (a) + (c); \ - (r)= Lw(t); \ - (c)= Hw(t); \ - } - -#define sqr(r0,r1,a) { \ - BN_ULLONG t; \ - t=(BN_ULLONG)(a)*(a); \ - (r0)=Lw(t); \ - (r1)=Hw(t); \ - } - -#elif defined(BN_UMULT_HIGH) -#define mul_add(r,a,w,c) { \ - BN_ULONG high,low,ret,tmp=(a); \ - ret = (r); \ - high= BN_UMULT_HIGH(w,tmp); \ - ret += (c); \ - low = (w) * tmp; \ - (c) = (ret<(c))?1:0; \ - (c) += high; \ - ret += low; \ - (c) += (ret>BN_BITS4)&BN_MASK2l) -#define L2HBITS(a) ((BN_ULONG)((a)&BN_MASK2l)<>BN_BITS2)&BN_MASKl) -#define LL2HBITS(a) ((BN_ULLONG)((a)&BN_MASKl)<>(BN_BITS4-1); \ - m =(m&BN_MASK2l)<<(BN_BITS4+1); \ - l=(l+m)&BN_MASK2; if (l < m) h++; \ - (lo)=l; \ - (ho)=h; \ - } - -#define mul_add(r,a,bl,bh,c) { \ - BN_ULONG l,h; \ - \ - h= (a); \ - l=LBITS(h); \ - h=HBITS(h); \ - mul64(l,h,(bl),(bh)); \ - \ - /* non-multiply part */ \ - l=(l+(c))&BN_MASK2; if (l < (c)) h++; \ - (c)=(r); \ - l=(l+(c))&BN_MASK2; if (l < (c)) h++; \ - (c)=h&BN_MASK2; \ - (r)=l; \ - } - -#define mul(r,a,bl,bh,c) { \ - BN_ULONG l,h; \ - \ - h= (a); \ - l=LBITS(h); \ - h=HBITS(h); \ - mul64(l,h,(bl),(bh)); \ - \ - /* non-multiply part */ \ - l+=(c); if ((l&BN_MASK2) < (c)) h++; \ - (c)=h&BN_MASK2; \ - (r)=l&BN_MASK2; \ - } -#endif /* !BN_LLONG */ - -void bn_mul_normal(BN_ULONG *r,BN_ULONG *a,int na,BN_ULONG *b,int nb); -void bn_mul_comba8(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b); -void bn_mul_comba4(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b); -void bn_sqr_normal(BN_ULONG *r, BN_ULONG *a, int n, BN_ULONG *tmp); -void bn_sqr_comba8(BN_ULONG *r,BN_ULONG *a); -void bn_sqr_comba4(BN_ULONG *r,BN_ULONG *a); -int bn_cmp_words(BN_ULONG *a,BN_ULONG *b,int n); -void bn_mul_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,int n2,BN_ULONG *t); -void bn_mul_part_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b, - int tn, int n,BN_ULONG *t); -void bn_sqr_recursive(BN_ULONG *r,BN_ULONG *a, int n2, BN_ULONG *t); -void bn_mul_low_normal(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b, int n); -void bn_mul_low_recursive(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,int n2, - BN_ULONG *t); -void bn_mul_high(BN_ULONG *r,BN_ULONG *a,BN_ULONG *b,BN_ULONG *l,int n2, - BN_ULONG *t); - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/src/lib/libcrypto/bn/bn_lib.c b/src/lib/libcrypto/bn/bn_lib.c deleted file mode 100644 index b6b0ce4b3c..0000000000 --- a/src/lib/libcrypto/bn/bn_lib.c +++ /dev/null @@ -1,755 +0,0 @@ -/* crypto/bn/bn_lib.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef BN_DEBUG -# undef NDEBUG /* avoid conflicting definitions */ -# define NDEBUG -#endif - -#include -#include -#include "cryptlib.h" -#include "bn_lcl.h" - -const char *BN_version="Big Number" OPENSSL_VERSION_PTEXT; - -/* For a 32 bit machine - * 2 - 4 == 128 - * 3 - 8 == 256 - * 4 - 16 == 512 - * 5 - 32 == 1024 - * 6 - 64 == 2048 - * 7 - 128 == 4096 - * 8 - 256 == 8192 - */ -static int bn_limit_bits=0; -static int bn_limit_num=8; /* (1<= 0) - { - if (mult > (sizeof(int)*8)-1) - mult=sizeof(int)*8-1; - bn_limit_bits=mult; - bn_limit_num=1<= 0) - { - if (high > (sizeof(int)*8)-1) - high=sizeof(int)*8-1; - bn_limit_bits_high=high; - bn_limit_num_high=1<= 0) - { - if (low > (sizeof(int)*8)-1) - low=sizeof(int)*8-1; - bn_limit_bits_low=low; - bn_limit_num_low=1<= 0) - { - if (mont > (sizeof(int)*8)-1) - mont=sizeof(int)*8-1; - bn_limit_bits_mont=mont; - bn_limit_num_mont=1<>56)]+56); - } - else return(bits[(int)(l>>48)]+48); - } - else - { - if (l & 0x0000ff0000000000L) - { - return(bits[(int)(l>>40)]+40); - } - else return(bits[(int)(l>>32)]+32); - } - } - else -#else -#ifdef SIXTY_FOUR_BIT - if (l & 0xffffffff00000000LL) - { - if (l & 0xffff000000000000LL) - { - if (l & 0xff00000000000000LL) - { - return(bits[(int)(l>>56)]+56); - } - else return(bits[(int)(l>>48)]+48); - } - else - { - if (l & 0x0000ff0000000000LL) - { - return(bits[(int)(l>>40)]+40); - } - else return(bits[(int)(l>>32)]+32); - } - } - else -#endif -#endif - { -#if defined(THIRTY_TWO_BIT) || defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG) - if (l & 0xffff0000L) - { - if (l & 0xff000000L) - return(bits[(int)(l>>24L)]+24); - else return(bits[(int)(l>>16L)]+16); - } - else -#endif - { -#if defined(SIXTEEN_BIT) || defined(THIRTY_TWO_BIT) || defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG) - if (l & 0xff00L) - return(bits[(int)(l>>8)]+8); - else -#endif - return(bits[(int)(l )] ); - } - } - } - -int BN_num_bits(const BIGNUM *a) - { - BN_ULONG l; - int i; - - bn_check_top(a); - - if (a->top == 0) return(0); - l=a->d[a->top-1]; - assert(l != 0); - i=(a->top-1)*BN_BITS2; - return(i+BN_num_bits_word(l)); - } - -void BN_clear_free(BIGNUM *a) - { - int i; - - if (a == NULL) return; - if (a->d != NULL) - { - memset(a->d,0,a->dmax*sizeof(a->d[0])); - if (!(BN_get_flags(a,BN_FLG_STATIC_DATA))) - OPENSSL_free(a->d); - } - i=BN_get_flags(a,BN_FLG_MALLOCED); - memset(a,0,sizeof(BIGNUM)); - if (i) - OPENSSL_free(a); - } - -void BN_free(BIGNUM *a) - { - if (a == NULL) return; - if ((a->d != NULL) && !(BN_get_flags(a,BN_FLG_STATIC_DATA))) - OPENSSL_free(a->d); - a->flags|=BN_FLG_FREE; /* REMOVE? */ - if (a->flags & BN_FLG_MALLOCED) - OPENSSL_free(a); - } - -void BN_init(BIGNUM *a) - { - memset(a,0,sizeof(BIGNUM)); - } - -BIGNUM *BN_new(void) - { - BIGNUM *ret; - - if ((ret=(BIGNUM *)OPENSSL_malloc(sizeof(BIGNUM))) == NULL) - { - BNerr(BN_F_BN_NEW,ERR_R_MALLOC_FAILURE); - return(NULL); - } - ret->flags=BN_FLG_MALLOCED; - ret->top=0; - ret->neg=0; - ret->dmax=0; - ret->d=NULL; - return(ret); - } - -/* This is an internal function that should not be used in applications. - * It ensures that 'b' has enough room for a 'words' word number number. - * It is mostly used by the various BIGNUM routines. If there is an error, - * NULL is returned. If not, 'b' is returned. */ - -BIGNUM *bn_expand2(BIGNUM *b, int words) - { - BN_ULONG *A,*a; - const BN_ULONG *B; - int i; - - bn_check_top(b); - - if (words > b->dmax) - { - bn_check_top(b); - if (BN_get_flags(b,BN_FLG_STATIC_DATA)) - { - BNerr(BN_F_BN_EXPAND2,BN_R_EXPAND_ON_STATIC_BIGNUM_DATA); - return(NULL); - } - a=A=(BN_ULONG *)OPENSSL_malloc(sizeof(BN_ULONG)*(words+1)); - if (A == NULL) - { - BNerr(BN_F_BN_EXPAND2,ERR_R_MALLOC_FAILURE); - return(NULL); - } -#if 1 - B=b->d; - /* Check if the previous number needs to be copied */ - if (B != NULL) - { -#if 0 - /* This lot is an unrolled loop to copy b->top - * BN_ULONGs from B to A - */ -/* - * I have nothing against unrolling but it's usually done for - * several reasons, namely: - * - minimize percentage of decision making code, i.e. branches; - * - avoid cache trashing; - * - make it possible to schedule loads earlier; - * Now let's examine the code below. The cornerstone of C is - * "programmer is always right" and that's what we love it for:-) - * For this very reason C compilers have to be paranoid when it - * comes to data aliasing and assume the worst. Yeah, but what - * does it mean in real life? This means that loop body below will - * be compiled to sequence of loads immediately followed by stores - * as compiler assumes the worst, something in A==B+1 style. As a - * result CPU pipeline is going to starve for incoming data. Secondly - * if A and B happen to share same cache line such code is going to - * cause severe cache trashing. Both factors have severe impact on - * performance of modern CPUs and this is the reason why this - * particular piece of code is #ifdefed away and replaced by more - * "friendly" version found in #else section below. This comment - * also applies to BN_copy function. - * - * - */ - for (i=b->top&(~7); i>0; i-=8) - { - A[0]=B[0]; A[1]=B[1]; A[2]=B[2]; A[3]=B[3]; - A[4]=B[4]; A[5]=B[5]; A[6]=B[6]; A[7]=B[7]; - A+=8; - B+=8; - } - switch (b->top&7) - { - case 7: - A[6]=B[6]; - case 6: - A[5]=B[5]; - case 5: - A[4]=B[4]; - case 4: - A[3]=B[3]; - case 3: - A[2]=B[2]; - case 2: - A[1]=B[1]; - case 1: - A[0]=B[0]; - case 0: - /* I need the 'case 0' entry for utrix cc. - * If the optimizer is turned on, it does the - * switch table by doing - * a=top&7 - * a--; - * goto jump_table[a]; - * If top is 0, this makes us jump to 0xffffffc - * which is rather bad :-(. - * eric 23-Apr-1998 - */ - ; - } -#else - for (i=b->top>>2; i>0; i--,A+=4,B+=4) - { - /* - * The fact that the loop is unrolled - * 4-wise is a tribute to Intel. It's - * the one that doesn't have enough - * registers to accomodate more data. - * I'd unroll it 8-wise otherwise:-) - * - * - */ - BN_ULONG a0,a1,a2,a3; - a0=B[0]; a1=B[1]; a2=B[2]; a3=B[3]; - A[0]=a0; A[1]=a1; A[2]=a2; A[3]=a3; - } - switch (b->top&3) - { - case 3: A[2]=B[2]; - case 2: A[1]=B[1]; - case 1: A[0]=B[0]; - case 0: ; /* ultrix cc workaround, see above */ - } -#endif - OPENSSL_free(b->d); - } - - b->d=a; - b->dmax=words; - - /* Now need to zero any data between b->top and b->max */ - - A= &(b->d[b->top]); - for (i=(b->dmax - b->top)>>3; i>0; i--,A+=8) - { - A[0]=0; A[1]=0; A[2]=0; A[3]=0; - A[4]=0; A[5]=0; A[6]=0; A[7]=0; - } - for (i=(b->dmax - b->top)&7; i>0; i--,A++) - A[0]=0; -#else - memset(A,0,sizeof(BN_ULONG)*(words+1)); - memcpy(A,b->d,sizeof(b->d[0])*b->top); - b->d=a; - b->max=words; -#endif - -/* memset(&(p[b->max]),0,((words+1)-b->max)*sizeof(BN_ULONG)); */ -/* { int i; for (i=b->max; itop) == NULL) return(NULL); - -#if 1 - A=a->d; - B=b->d; - for (i=b->top>>2; i>0; i--,A+=4,B+=4) - { - BN_ULONG a0,a1,a2,a3; - a0=B[0]; a1=B[1]; a2=B[2]; a3=B[3]; - A[0]=a0; A[1]=a1; A[2]=a2; A[3]=a3; - } - switch (b->top&3) - { - case 3: A[2]=B[2]; - case 2: A[1]=B[1]; - case 1: A[0]=B[0]; - case 0: ; /* ultrix cc workaround, see comments in bn_expand2 */ - } -#else - memcpy(a->d,b->d,sizeof(b->d[0])*b->top); -#endif - -/* memset(&(a->d[b->top]),0,sizeof(a->d[0])*(a->max-b->top));*/ - a->top=b->top; - if ((a->top == 0) && (a->d != NULL)) - a->d[0]=0; - a->neg=b->neg; - return(a); - } - -void BN_clear(BIGNUM *a) - { - if (a->d != NULL) - memset(a->d,0,a->dmax*sizeof(a->d[0])); - a->top=0; - a->neg=0; - } - -BN_ULONG BN_get_word(BIGNUM *a) - { - int i,n; - BN_ULONG ret=0; - - n=BN_num_bytes(a); - if (n > sizeof(BN_ULONG)) - return(BN_MASK2); - for (i=a->top-1; i>=0; i--) - { -#ifndef SIXTY_FOUR_BIT /* the data item > unsigned long */ - ret<<=BN_BITS4; /* stops the compiler complaining */ - ret<<=BN_BITS4; -#else - ret=0; -#endif - ret|=a->d[i]; - } - return(ret); - } - -int BN_set_word(BIGNUM *a, BN_ULONG w) - { - int i,n; - if (bn_expand(a,sizeof(BN_ULONG)*8) == NULL) return(0); - - n=sizeof(BN_ULONG)/BN_BYTES; - a->neg=0; - a->top=0; - a->d[0]=(BN_ULONG)w&BN_MASK2; - if (a->d[0] != 0) a->top=1; - for (i=1; i>=BN_BITS2 so compilers don't complain - * on builds where sizeof(long) == BN_TYPES */ -#ifndef SIXTY_FOUR_BIT /* the data item > unsigned long */ - w>>=BN_BITS4; - w>>=BN_BITS4; -#else - w=0; -#endif - a->d[i]=(BN_ULONG)w&BN_MASK2; - if (a->d[i] != 0) a->top=i+1; - } - return(1); - } - -/* ignore negative */ -BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret) - { - unsigned int i,m; - unsigned int n; - BN_ULONG l; - - if (ret == NULL) ret=BN_new(); - if (ret == NULL) return(NULL); - l=0; - n=len; - if (n == 0) - { - ret->top=0; - return(ret); - } - if (bn_expand(ret,(int)(n+2)*8) == NULL) - return(NULL); - i=((n-1)/BN_BYTES)+1; - m=((n-1)%(BN_BYTES)); - ret->top=i; - while (n-- > 0) - { - l=(l<<8L)| *(s++); - if (m-- == 0) - { - ret->d[--i]=l; - l=0; - m=BN_BYTES-1; - } - } - /* need to call this due to clear byte at top if avoiding - * having the top bit set (-ve number) */ - bn_fix_top(ret); - return(ret); - } - -/* ignore negative */ -int BN_bn2bin(const BIGNUM *a, unsigned char *to) - { - int n,i; - BN_ULONG l; - - n=i=BN_num_bytes(a); - while (i-- > 0) - { - l=a->d[i/BN_BYTES]; - *(to++)=(unsigned char)(l>>(8*(i%BN_BYTES)))&0xff; - } - return(n); - } - -int BN_ucmp(const BIGNUM *a, const BIGNUM *b) - { - int i; - BN_ULONG t1,t2,*ap,*bp; - - bn_check_top(a); - bn_check_top(b); - - i=a->top-b->top; - if (i != 0) return(i); - ap=a->d; - bp=b->d; - for (i=a->top-1; i>=0; i--) - { - t1= ap[i]; - t2= bp[i]; - if (t1 != t2) - return(t1 > t2?1:-1); - } - return(0); - } - -int BN_cmp(const BIGNUM *a, const BIGNUM *b) - { - int i; - int gt,lt; - BN_ULONG t1,t2; - - if ((a == NULL) || (b == NULL)) - { - if (a != NULL) - return(-1); - else if (b != NULL) - return(1); - else - return(0); - } - - bn_check_top(a); - bn_check_top(b); - - if (a->neg != b->neg) - { - if (a->neg) - return(-1); - else return(1); - } - if (a->neg == 0) - { gt=1; lt= -1; } - else { gt= -1; lt=1; } - - if (a->top > b->top) return(gt); - if (a->top < b->top) return(lt); - for (i=a->top-1; i>=0; i--) - { - t1=a->d[i]; - t2=b->d[i]; - if (t1 > t2) return(gt); - if (t1 < t2) return(lt); - } - return(0); - } - -int BN_set_bit(BIGNUM *a, int n) - { - int i,j,k; - - i=n/BN_BITS2; - j=n%BN_BITS2; - if (a->top <= i) - { - if (bn_wexpand(a,i+1) == NULL) return(0); - for(k=a->top; kd[k]=0; - a->top=i+1; - } - - a->d[i]|=(((BN_ULONG)1)<top <= i) return(0); - - a->d[i]&=(~(((BN_ULONG)1)<top <= i) return(0); - return((a->d[i]&(((BN_ULONG)1)<= a->top) return(0); - if (b == 0) - a->top=w; - else - { - a->top=w+1; - a->d[w]&= ~(BN_MASK2< bb)?1:-1); - for (i=n-2; i>=0; i--) - { - aa=a[i]; - bb=b[i]; - if (aa != bb) return((aa > bb)?1:-1); - } - return(0); - } - diff --git a/src/lib/libcrypto/bn/bn_mont.c b/src/lib/libcrypto/bn/bn_mont.c deleted file mode 100644 index 8cf1febacc..0000000000 --- a/src/lib/libcrypto/bn/bn_mont.c +++ /dev/null @@ -1,346 +0,0 @@ -/* crypto/bn/bn_mont.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -/* - * Details about Montgomery multiplication algorithms can be found at - * http://security.ece.orst.edu/publications.html, e.g. - * http://security.ece.orst.edu/koc/papers/j37acmon.pdf and - * sections 3.8 and 4.2 in http://security.ece.orst.edu/koc/papers/r01rsasw.pdf - */ - -#include -#include "cryptlib.h" -#include "bn_lcl.h" - -#define MONT_WORD /* use the faster word-based algorithm */ - -int BN_mod_mul_montgomery(BIGNUM *r, BIGNUM *a, BIGNUM *b, - BN_MONT_CTX *mont, BN_CTX *ctx) - { - BIGNUM *tmp,*tmp2; - int ret=0; - - BN_CTX_start(ctx); - tmp = BN_CTX_get(ctx); - tmp2 = BN_CTX_get(ctx); - if (tmp == NULL || tmp2 == NULL) goto err; - - bn_check_top(tmp); - bn_check_top(tmp2); - - if (a == b) - { - if (!BN_sqr(tmp,a,ctx)) goto err; - } - else - { - if (!BN_mul(tmp,a,b,ctx)) goto err; - } - /* reduce from aRR to aR */ - if (!BN_from_montgomery(r,tmp,mont,ctx)) goto err; - ret=1; -err: - BN_CTX_end(ctx); - return(ret); - } - -int BN_from_montgomery(BIGNUM *ret, BIGNUM *a, BN_MONT_CTX *mont, - BN_CTX *ctx) - { - int retn=0; - -#ifdef MONT_WORD - BIGNUM *n,*r; - BN_ULONG *ap,*np,*rp,n0,v,*nrp; - int al,nl,max,i,x,ri; - - BN_CTX_start(ctx); - if ((r = BN_CTX_get(ctx)) == NULL) goto err; - - if (!BN_copy(r,a)) goto err; - n= &(mont->N); - - ap=a->d; - /* mont->ri is the size of mont->N in bits (rounded up - to the word size) */ - al=ri=mont->ri/BN_BITS2; - - nl=n->top; - if ((al == 0) || (nl == 0)) { r->top=0; return(1); } - - max=(nl+al+1); /* allow for overflow (no?) XXX */ - if (bn_wexpand(r,max) == NULL) goto err; - if (bn_wexpand(ret,max) == NULL) goto err; - - r->neg=a->neg^n->neg; - np=n->d; - rp=r->d; - nrp= &(r->d[nl]); - - /* clear the top words of T */ -#if 1 - for (i=r->top; id[i]=0; -#else - memset(&(r->d[r->top]),0,(max-r->top)*sizeof(BN_ULONG)); -#endif - - r->top=max; - n0=mont->n0; - -#ifdef BN_COUNT - printf("word BN_from_montgomery %d * %d\n",nl,nl); -#endif - for (i=0; i= v) - continue; - else - { - if (((++nrp[0])&BN_MASK2) != 0) continue; - if (((++nrp[1])&BN_MASK2) != 0) continue; - for (x=2; (((++nrp[x])&BN_MASK2) == 0); x++) ; - } - } - bn_fix_top(r); - - /* mont->ri will be a multiple of the word size */ -#if 0 - BN_rshift(ret,r,mont->ri); -#else - ret->neg = r->neg; - x=ri; - rp=ret->d; - ap= &(r->d[x]); - if (r->top < x) - al=0; - else - al=r->top-x; - ret->top=al; - al-=4; - for (i=0; iri); - - if (!BN_mul(t2,t1,&mont->Ni,ctx)) goto err; - BN_mask_bits(t2,mont->ri); - - if (!BN_mul(t1,t2,&mont->N,ctx)) goto err; - if (!BN_add(t2,a,t1)) goto err; - BN_rshift(ret,t2,mont->ri); -#endif /* MONT_WORD */ - - if (BN_ucmp(ret, &(mont->N)) >= 0) - { - BN_usub(ret,ret,&(mont->N)); - } - retn=1; - err: - BN_CTX_end(ctx); - return(retn); - } - -BN_MONT_CTX *BN_MONT_CTX_new(void) - { - BN_MONT_CTX *ret; - - if ((ret=(BN_MONT_CTX *)OPENSSL_malloc(sizeof(BN_MONT_CTX))) == NULL) - return(NULL); - - BN_MONT_CTX_init(ret); - ret->flags=BN_FLG_MALLOCED; - return(ret); - } - -void BN_MONT_CTX_init(BN_MONT_CTX *ctx) - { - ctx->ri=0; - BN_init(&(ctx->RR)); - BN_init(&(ctx->N)); - BN_init(&(ctx->Ni)); - ctx->flags=0; - } - -void BN_MONT_CTX_free(BN_MONT_CTX *mont) - { - if(mont == NULL) - return; - - BN_free(&(mont->RR)); - BN_free(&(mont->N)); - BN_free(&(mont->Ni)); - if (mont->flags & BN_FLG_MALLOCED) - OPENSSL_free(mont); - } - -int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx) - { - BIGNUM Ri,*R; - - BN_init(&Ri); - R= &(mont->RR); /* grab RR as a temp */ - BN_copy(&(mont->N),mod); /* Set N */ - -#ifdef MONT_WORD - { - BIGNUM tmod; - BN_ULONG buf[2]; - - mont->ri=(BN_num_bits(mod)+(BN_BITS2-1))/BN_BITS2*BN_BITS2; - BN_zero(R); - BN_set_bit(R,BN_BITS2); /* R */ - - buf[0]=mod->d[0]; /* tmod = N mod word size */ - buf[1]=0; - tmod.d=buf; - tmod.top=1; - tmod.dmax=2; - tmod.neg=mod->neg; - /* Ri = R^-1 mod N*/ - if ((BN_mod_inverse(&Ri,R,&tmod,ctx)) == NULL) - goto err; - BN_lshift(&Ri,&Ri,BN_BITS2); /* R*Ri */ - if (!BN_is_zero(&Ri)) - BN_sub_word(&Ri,1); - else /* if N mod word size == 1 */ - BN_set_word(&Ri,BN_MASK2); /* Ri-- (mod word size) */ - BN_div(&Ri,NULL,&Ri,&tmod,ctx); /* Ni = (R*Ri-1)/N, - * keep only least significant word: */ - mont->n0=Ri.d[0]; - BN_free(&Ri); - } -#else /* !MONT_WORD */ - { /* bignum version */ - mont->ri=BN_num_bits(mod); - BN_zero(R); - BN_set_bit(R,mont->ri); /* R = 2^ri */ - /* Ri = R^-1 mod N*/ - if ((BN_mod_inverse(&Ri,R,mod,ctx)) == NULL) - goto err; - BN_lshift(&Ri,&Ri,mont->ri); /* R*Ri */ - BN_sub_word(&Ri,1); - /* Ni = (R*Ri-1) / N */ - BN_div(&(mont->Ni),NULL,&Ri,mod,ctx); - BN_free(&Ri); - } -#endif - - /* setup RR for conversions */ - BN_zero(&(mont->RR)); - BN_set_bit(&(mont->RR),mont->ri*2); - BN_mod(&(mont->RR),&(mont->RR),&(mont->N),ctx); - - return(1); -err: - return(0); - } - -BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from) - { - if (to == from) return(to); - - BN_copy(&(to->RR),&(from->RR)); - BN_copy(&(to->N),&(from->N)); - BN_copy(&(to->Ni),&(from->Ni)); - to->ri=from->ri; - to->n0=from->n0; - return(to); - } - diff --git a/src/lib/libcrypto/bn/bn_mpi.c b/src/lib/libcrypto/bn/bn_mpi.c deleted file mode 100644 index 80e1dca6b7..0000000000 --- a/src/lib/libcrypto/bn/bn_mpi.c +++ /dev/null @@ -1,129 +0,0 @@ -/* crypto/bn/bn_mpi.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include "bn_lcl.h" - -int BN_bn2mpi(const BIGNUM *a, unsigned char *d) - { - int bits; - int num=0; - int ext=0; - long l; - - bits=BN_num_bits(a); - num=(bits+7)/8; - if (bits > 0) - { - ext=((bits & 0x07) == 0); - } - if (d == NULL) - return(num+4+ext); - - l=num+ext; - d[0]=(unsigned char)(l>>24)&0xff; - d[1]=(unsigned char)(l>>16)&0xff; - d[2]=(unsigned char)(l>> 8)&0xff; - d[3]=(unsigned char)(l )&0xff; - if (ext) d[4]=0; - num=BN_bn2bin(a,&(d[4+ext])); - if (a->neg) - d[4]|=0x80; - return(num+4+ext); - } - -BIGNUM *BN_mpi2bn(unsigned char *d, int n, BIGNUM *a) - { - long len; - int neg=0; - - if (n < 4) - { - BNerr(BN_F_BN_MPI2BN,BN_R_INVALID_LENGTH); - return(NULL); - } - len=((long)d[0]<<24)|((long)d[1]<<16)|((int)d[2]<<8)|(int)d[3]; - if ((len+4) != n) - { - BNerr(BN_F_BN_MPI2BN,BN_R_ENCODING_ERROR); - return(NULL); - } - - if (a == NULL) a=BN_new(); - if (a == NULL) return(NULL); - - if (len == 0) - { - a->neg=0; - a->top=0; - return(a); - } - d+=4; - if ((*d) & 0x80) - neg=1; - if (BN_bin2bn(d,(int)len,a) == NULL) - return(NULL); - a->neg=neg; - if (neg) - { - BN_clear_bit(a,BN_num_bits(a)-1); - } - return(a); - } - diff --git a/src/lib/libcrypto/bn/bn_mul.c b/src/lib/libcrypto/bn/bn_mul.c deleted file mode 100644 index 3e8d8b9567..0000000000 --- a/src/lib/libcrypto/bn/bn_mul.c +++ /dev/null @@ -1,794 +0,0 @@ -/* crypto/bn/bn_mul.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include "bn_lcl.h" - -#ifdef BN_RECURSION -/* Karatsuba recursive multiplication algorithm - * (cf. Knuth, The Art of Computer Programming, Vol. 2) */ - -/* r is 2*n2 words in size, - * a and b are both n2 words in size. - * n2 must be a power of 2. - * We multiply and return the result. - * t must be 2*n2 words in size - * We calculate - * a[0]*b[0] - * a[0]*b[0]+a[1]*b[1]+(a[0]-a[1])*(b[1]-b[0]) - * a[1]*b[1] - */ -void bn_mul_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, - BN_ULONG *t) - { - int n=n2/2,c1,c2; - unsigned int neg,zero; - BN_ULONG ln,lo,*p; - -# ifdef BN_COUNT - printf(" bn_mul_recursive %d * %d\n",n2,n2); -# endif -# ifdef BN_MUL_COMBA -# if 0 - if (n2 == 4) - { - bn_mul_comba4(r,a,b); - return; - } -# endif - if (n2 == 8) - { - bn_mul_comba8(r,a,b); - return; - } -# endif /* BN_MUL_COMBA */ - if (n2 < BN_MUL_RECURSIVE_SIZE_NORMAL) - { - /* This should not happen */ - bn_mul_normal(r,a,n2,b,n2); - return; - } - /* r=(a[0]-a[1])*(b[1]-b[0]) */ - c1=bn_cmp_words(a,&(a[n]),n); - c2=bn_cmp_words(&(b[n]),b,n); - zero=neg=0; - switch (c1*3+c2) - { - case -4: - bn_sub_words(t, &(a[n]),a, n); /* - */ - bn_sub_words(&(t[n]),b, &(b[n]),n); /* - */ - break; - case -3: - zero=1; - break; - case -2: - bn_sub_words(t, &(a[n]),a, n); /* - */ - bn_sub_words(&(t[n]),&(b[n]),b, n); /* + */ - neg=1; - break; - case -1: - case 0: - case 1: - zero=1; - break; - case 2: - bn_sub_words(t, a, &(a[n]),n); /* + */ - bn_sub_words(&(t[n]),b, &(b[n]),n); /* - */ - neg=1; - break; - case 3: - zero=1; - break; - case 4: - bn_sub_words(t, a, &(a[n]),n); - bn_sub_words(&(t[n]),&(b[n]),b, n); - break; - } - -# ifdef BN_MUL_COMBA - if (n == 4) - { - if (!zero) - bn_mul_comba4(&(t[n2]),t,&(t[n])); - else - memset(&(t[n2]),0,8*sizeof(BN_ULONG)); - - bn_mul_comba4(r,a,b); - bn_mul_comba4(&(r[n2]),&(a[n]),&(b[n])); - } - else if (n == 8) - { - if (!zero) - bn_mul_comba8(&(t[n2]),t,&(t[n])); - else - memset(&(t[n2]),0,16*sizeof(BN_ULONG)); - - bn_mul_comba8(r,a,b); - bn_mul_comba8(&(r[n2]),&(a[n]),&(b[n])); - } - else -# endif /* BN_MUL_COMBA */ - { - p= &(t[n2*2]); - if (!zero) - bn_mul_recursive(&(t[n2]),t,&(t[n]),n,p); - else - memset(&(t[n2]),0,n2*sizeof(BN_ULONG)); - bn_mul_recursive(r,a,b,n,p); - bn_mul_recursive(&(r[n2]),&(a[n]),&(b[n]),n,p); - } - - /* t[32] holds (a[0]-a[1])*(b[1]-b[0]), c1 is the sign - * r[10] holds (a[0]*b[0]) - * r[32] holds (b[1]*b[1]) - */ - - c1=(int)(bn_add_words(t,r,&(r[n2]),n2)); - - if (neg) /* if t[32] is negative */ - { - c1-=(int)(bn_sub_words(&(t[n2]),t,&(t[n2]),n2)); - } - else - { - /* Might have a carry */ - c1+=(int)(bn_add_words(&(t[n2]),&(t[n2]),t,n2)); - } - - /* t[32] holds (a[0]-a[1])*(b[1]-b[0])+(a[0]*b[0])+(a[1]*b[1]) - * r[10] holds (a[0]*b[0]) - * r[32] holds (b[1]*b[1]) - * c1 holds the carry bits - */ - c1+=(int)(bn_add_words(&(r[n]),&(r[n]),&(t[n2]),n2)); - if (c1) - { - p= &(r[n+n2]); - lo= *p; - ln=(lo+c1)&BN_MASK2; - *p=ln; - - /* The overflow will stop before we over write - * words we should not overwrite */ - if (ln < (BN_ULONG)c1) - { - do { - p++; - lo= *p; - ln=(lo+1)&BN_MASK2; - *p=ln; - } while (ln == 0); - } - } - } - -/* n+tn is the word length - * t needs to be n*4 is size, as does r */ -void bn_mul_part_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int tn, - int n, BN_ULONG *t) - { - int i,j,n2=n*2; - unsigned int c1,c2,neg,zero; - BN_ULONG ln,lo,*p; - -# ifdef BN_COUNT - printf(" bn_mul_part_recursive %d * %d\n",tn+n,tn+n); -# endif - if (n < 8) - { - i=tn+n; - bn_mul_normal(r,a,i,b,i); - return; - } - - /* r=(a[0]-a[1])*(b[1]-b[0]) */ - c1=bn_cmp_words(a,&(a[n]),n); - c2=bn_cmp_words(&(b[n]),b,n); - zero=neg=0; - switch (c1*3+c2) - { - case -4: - bn_sub_words(t, &(a[n]),a, n); /* - */ - bn_sub_words(&(t[n]),b, &(b[n]),n); /* - */ - break; - case -3: - zero=1; - /* break; */ - case -2: - bn_sub_words(t, &(a[n]),a, n); /* - */ - bn_sub_words(&(t[n]),&(b[n]),b, n); /* + */ - neg=1; - break; - case -1: - case 0: - case 1: - zero=1; - /* break; */ - case 2: - bn_sub_words(t, a, &(a[n]),n); /* + */ - bn_sub_words(&(t[n]),b, &(b[n]),n); /* - */ - neg=1; - break; - case 3: - zero=1; - /* break; */ - case 4: - bn_sub_words(t, a, &(a[n]),n); - bn_sub_words(&(t[n]),&(b[n]),b, n); - break; - } - /* The zero case isn't yet implemented here. The speedup - would probably be negligible. */ -# if 0 - if (n == 4) - { - bn_mul_comba4(&(t[n2]),t,&(t[n])); - bn_mul_comba4(r,a,b); - bn_mul_normal(&(r[n2]),&(a[n]),tn,&(b[n]),tn); - memset(&(r[n2+tn*2]),0,sizeof(BN_ULONG)*(n2-tn*2)); - } - else -# endif - if (n == 8) - { - bn_mul_comba8(&(t[n2]),t,&(t[n])); - bn_mul_comba8(r,a,b); - bn_mul_normal(&(r[n2]),&(a[n]),tn,&(b[n]),tn); - memset(&(r[n2+tn*2]),0,sizeof(BN_ULONG)*(n2-tn*2)); - } - else - { - p= &(t[n2*2]); - bn_mul_recursive(&(t[n2]),t,&(t[n]),n,p); - bn_mul_recursive(r,a,b,n,p); - i=n/2; - /* If there is only a bottom half to the number, - * just do it */ - j=tn-i; - if (j == 0) - { - bn_mul_recursive(&(r[n2]),&(a[n]),&(b[n]),i,p); - memset(&(r[n2+i*2]),0,sizeof(BN_ULONG)*(n2-i*2)); - } - else if (j > 0) /* eg, n == 16, i == 8 and tn == 11 */ - { - bn_mul_part_recursive(&(r[n2]),&(a[n]),&(b[n]), - j,i,p); - memset(&(r[n2+tn*2]),0, - sizeof(BN_ULONG)*(n2-tn*2)); - } - else /* (j < 0) eg, n == 16, i == 8 and tn == 5 */ - { - memset(&(r[n2]),0,sizeof(BN_ULONG)*n2); - if (tn < BN_MUL_RECURSIVE_SIZE_NORMAL) - { - bn_mul_normal(&(r[n2]),&(a[n]),tn,&(b[n]),tn); - } - else - { - for (;;) - { - i/=2; - if (i < tn) - { - bn_mul_part_recursive(&(r[n2]), - &(a[n]),&(b[n]), - tn-i,i,p); - break; - } - else if (i == tn) - { - bn_mul_recursive(&(r[n2]), - &(a[n]),&(b[n]), - i,p); - break; - } - } - } - } - } - - /* t[32] holds (a[0]-a[1])*(b[1]-b[0]), c1 is the sign - * r[10] holds (a[0]*b[0]) - * r[32] holds (b[1]*b[1]) - */ - - c1=(int)(bn_add_words(t,r,&(r[n2]),n2)); - - if (neg) /* if t[32] is negative */ - { - c1-=(int)(bn_sub_words(&(t[n2]),t,&(t[n2]),n2)); - } - else - { - /* Might have a carry */ - c1+=(int)(bn_add_words(&(t[n2]),&(t[n2]),t,n2)); - } - - /* t[32] holds (a[0]-a[1])*(b[1]-b[0])+(a[0]*b[0])+(a[1]*b[1]) - * r[10] holds (a[0]*b[0]) - * r[32] holds (b[1]*b[1]) - * c1 holds the carry bits - */ - c1+=(int)(bn_add_words(&(r[n]),&(r[n]),&(t[n2]),n2)); - if (c1) - { - p= &(r[n+n2]); - lo= *p; - ln=(lo+c1)&BN_MASK2; - *p=ln; - - /* The overflow will stop before we over write - * words we should not overwrite */ - if (ln < c1) - { - do { - p++; - lo= *p; - ln=(lo+1)&BN_MASK2; - *p=ln; - } while (ln == 0); - } - } - } - -/* a and b must be the same size, which is n2. - * r needs to be n2 words and t needs to be n2*2 - */ -void bn_mul_low_recursive(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n2, - BN_ULONG *t) - { - int n=n2/2; - -# ifdef BN_COUNT - printf(" bn_mul_low_recursive %d * %d\n",n2,n2); -# endif - - bn_mul_recursive(r,a,b,n,&(t[0])); - if (n >= BN_MUL_LOW_RECURSIVE_SIZE_NORMAL) - { - bn_mul_low_recursive(&(t[0]),&(a[0]),&(b[n]),n,&(t[n2])); - bn_add_words(&(r[n]),&(r[n]),&(t[0]),n); - bn_mul_low_recursive(&(t[0]),&(a[n]),&(b[0]),n,&(t[n2])); - bn_add_words(&(r[n]),&(r[n]),&(t[0]),n); - } - else - { - bn_mul_low_normal(&(t[0]),&(a[0]),&(b[n]),n); - bn_mul_low_normal(&(t[n]),&(a[n]),&(b[0]),n); - bn_add_words(&(r[n]),&(r[n]),&(t[0]),n); - bn_add_words(&(r[n]),&(r[n]),&(t[n]),n); - } - } - -/* a and b must be the same size, which is n2. - * r needs to be n2 words and t needs to be n2*2 - * l is the low words of the output. - * t needs to be n2*3 - */ -void bn_mul_high(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, BN_ULONG *l, int n2, - BN_ULONG *t) - { - int i,n; - int c1,c2; - int neg,oneg,zero; - BN_ULONG ll,lc,*lp,*mp; - -# ifdef BN_COUNT - printf(" bn_mul_high %d * %d\n",n2,n2); -# endif - n=n2/2; - - /* Calculate (al-ah)*(bh-bl) */ - neg=zero=0; - c1=bn_cmp_words(&(a[0]),&(a[n]),n); - c2=bn_cmp_words(&(b[n]),&(b[0]),n); - switch (c1*3+c2) - { - case -4: - bn_sub_words(&(r[0]),&(a[n]),&(a[0]),n); - bn_sub_words(&(r[n]),&(b[0]),&(b[n]),n); - break; - case -3: - zero=1; - break; - case -2: - bn_sub_words(&(r[0]),&(a[n]),&(a[0]),n); - bn_sub_words(&(r[n]),&(b[n]),&(b[0]),n); - neg=1; - break; - case -1: - case 0: - case 1: - zero=1; - break; - case 2: - bn_sub_words(&(r[0]),&(a[0]),&(a[n]),n); - bn_sub_words(&(r[n]),&(b[0]),&(b[n]),n); - neg=1; - break; - case 3: - zero=1; - break; - case 4: - bn_sub_words(&(r[0]),&(a[0]),&(a[n]),n); - bn_sub_words(&(r[n]),&(b[n]),&(b[0]),n); - break; - } - - oneg=neg; - /* t[10] = (a[0]-a[1])*(b[1]-b[0]) */ - /* r[10] = (a[1]*b[1]) */ -# ifdef BN_MUL_COMBA - if (n == 8) - { - bn_mul_comba8(&(t[0]),&(r[0]),&(r[n])); - bn_mul_comba8(r,&(a[n]),&(b[n])); - } - else -# endif - { - bn_mul_recursive(&(t[0]),&(r[0]),&(r[n]),n,&(t[n2])); - bn_mul_recursive(r,&(a[n]),&(b[n]),n,&(t[n2])); - } - - /* s0 == low(al*bl) - * s1 == low(ah*bh)+low((al-ah)*(bh-bl))+low(al*bl)+high(al*bl) - * We know s0 and s1 so the only unknown is high(al*bl) - * high(al*bl) == s1 - low(ah*bh+s0+(al-ah)*(bh-bl)) - * high(al*bl) == s1 - (r[0]+l[0]+t[0]) - */ - if (l != NULL) - { - lp= &(t[n2+n]); - c1=(int)(bn_add_words(lp,&(r[0]),&(l[0]),n)); - } - else - { - c1=0; - lp= &(r[0]); - } - - if (neg) - neg=(int)(bn_sub_words(&(t[n2]),lp,&(t[0]),n)); - else - { - bn_add_words(&(t[n2]),lp,&(t[0]),n); - neg=0; - } - - if (l != NULL) - { - bn_sub_words(&(t[n2+n]),&(l[n]),&(t[n2]),n); - } - else - { - lp= &(t[n2+n]); - mp= &(t[n2]); - for (i=0; i 0) - { - lc=c1; - do { - ll=(r[i]+lc)&BN_MASK2; - r[i++]=ll; - lc=(lc > ll); - } while (lc); - } - else - { - lc= -c1; - do { - ll=r[i]; - r[i++]=(ll-lc)&BN_MASK2; - lc=(lc > ll); - } while (lc); - } - } - if (c2 != 0) /* Add starting at r[1] */ - { - i=n; - if (c2 > 0) - { - lc=c2; - do { - ll=(r[i]+lc)&BN_MASK2; - r[i++]=ll; - lc=(lc > ll); - } while (lc); - } - else - { - lc= -c2; - do { - ll=r[i]; - r[i++]=(ll-lc)&BN_MASK2; - lc=(lc > ll); - } while (lc); - } - } - } -#endif /* BN_RECURSION */ - -int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx) - { - int top,al,bl; - BIGNUM *rr; - int ret = 0; -#if defined(BN_MUL_COMBA) || defined(BN_RECURSION) - int i; -#endif -#ifdef BN_RECURSION - BIGNUM *t; - int j,k; -#endif - -#ifdef BN_COUNT - printf("BN_mul %d * %d\n",a->top,b->top); -#endif - - bn_check_top(a); - bn_check_top(b); - bn_check_top(r); - - al=a->top; - bl=b->top; - - if ((al == 0) || (bl == 0)) - { - BN_zero(r); - return(1); - } - top=al+bl; - - BN_CTX_start(ctx); - if ((r == a) || (r == b)) - { - if ((rr = BN_CTX_get(ctx)) == NULL) goto err; - } - else - rr = r; - rr->neg=a->neg^b->neg; - -#if defined(BN_MUL_COMBA) || defined(BN_RECURSION) - i = al-bl; -#endif -#ifdef BN_MUL_COMBA - if (i == 0) - { -# if 0 - if (al == 4) - { - if (bn_wexpand(rr,8) == NULL) goto err; - rr->top=8; - bn_mul_comba4(rr->d,a->d,b->d); - goto end; - } -# endif - if (al == 8) - { - if (bn_wexpand(rr,16) == NULL) goto err; - rr->top=16; - bn_mul_comba8(rr->d,a->d,b->d); - goto end; - } - } -#endif /* BN_MUL_COMBA */ -#ifdef BN_RECURSION - if ((al >= BN_MULL_SIZE_NORMAL) && (bl >= BN_MULL_SIZE_NORMAL)) - { - if (i == 1 && !BN_get_flags(b,BN_FLG_STATIC_DATA)) - { - bn_wexpand(b,al); - b->d[bl]=0; - bl++; - i--; - } - else if (i == -1 && !BN_get_flags(a,BN_FLG_STATIC_DATA)) - { - bn_wexpand(a,bl); - a->d[al]=0; - al++; - i++; - } - if (i == 0) - { - /* symmetric and > 4 */ - /* 16 or larger */ - j=BN_num_bits_word((BN_ULONG)al); - j=1<<(j-1); - k=j+j; - t = BN_CTX_get(ctx); - if (al == j) /* exact multiple */ - { - bn_wexpand(t,k*2); - bn_wexpand(rr,k*2); - bn_mul_recursive(rr->d,a->d,b->d,al,t->d); - } - else - { - bn_wexpand(a,k); - bn_wexpand(b,k); - bn_wexpand(t,k*4); - bn_wexpand(rr,k*4); - for (i=a->top; id[i]=0; - for (i=b->top; id[i]=0; - bn_mul_part_recursive(rr->d,a->d,b->d,al-j,j,t->d); - } - rr->top=top; - goto end; - } - } -#endif /* BN_RECURSION */ - if (bn_wexpand(rr,top) == NULL) goto err; - rr->top=top; - bn_mul_normal(rr->d,a->d,al,b->d,bl); - -#if defined(BN_MUL_COMBA) || defined(BN_RECURSION) -end: -#endif - bn_fix_top(rr); - if (r != rr) BN_copy(r,rr); - ret=1; -err: - BN_CTX_end(ctx); - return(ret); - } - -void bn_mul_normal(BN_ULONG *r, BN_ULONG *a, int na, BN_ULONG *b, int nb) - { - BN_ULONG *rr; - -#ifdef BN_COUNT - printf(" bn_mul_normal %d * %d\n",na,nb); -#endif - - if (na < nb) - { - int itmp; - BN_ULONG *ltmp; - - itmp=na; na=nb; nb=itmp; - ltmp=a; a=b; b=ltmp; - - } - rr= &(r[na]); - rr[0]=bn_mul_words(r,a,na,b[0]); - - for (;;) - { - if (--nb <= 0) return; - rr[1]=bn_mul_add_words(&(r[1]),a,na,b[1]); - if (--nb <= 0) return; - rr[2]=bn_mul_add_words(&(r[2]),a,na,b[2]); - if (--nb <= 0) return; - rr[3]=bn_mul_add_words(&(r[3]),a,na,b[3]); - if (--nb <= 0) return; - rr[4]=bn_mul_add_words(&(r[4]),a,na,b[4]); - rr+=4; - r+=4; - b+=4; - } - } - -void bn_mul_low_normal(BN_ULONG *r, BN_ULONG *a, BN_ULONG *b, int n) - { -#ifdef BN_COUNT - printf(" bn_mul_low_normal %d * %d\n",n,n); -#endif - bn_mul_words(r,a,n,b[0]); - - for (;;) - { - if (--n <= 0) return; - bn_mul_add_words(&(r[1]),a,n,b[1]); - if (--n <= 0) return; - bn_mul_add_words(&(r[2]),a,n,b[2]); - if (--n <= 0) return; - bn_mul_add_words(&(r[3]),a,n,b[3]); - if (--n <= 0) return; - bn_mul_add_words(&(r[4]),a,n,b[4]); - r+=4; - b+=4; - } - } diff --git a/src/lib/libcrypto/bn/bn_prime.c b/src/lib/libcrypto/bn/bn_prime.c deleted file mode 100644 index a5f01b92eb..0000000000 --- a/src/lib/libcrypto/bn/bn_prime.c +++ /dev/null @@ -1,465 +0,0 @@ -/* crypto/bn/bn_prime.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include "cryptlib.h" -#include "bn_lcl.h" -#include - -/* The quick sieve algorithm approach to weeding out primes is - * Philip Zimmermann's, as implemented in PGP. I have had a read of - * his comments and implemented my own version. - */ -#include "bn_prime.h" - -static int witness(BIGNUM *w, const BIGNUM *a, const BIGNUM *a1, - const BIGNUM *a1_odd, int k, BN_CTX *ctx, BN_MONT_CTX *mont); -static int probable_prime(BIGNUM *rnd, int bits); -static int probable_prime_dh(BIGNUM *rnd, int bits, - BIGNUM *add, BIGNUM *rem, BN_CTX *ctx); -static int probable_prime_dh_safe(BIGNUM *rnd, int bits, - BIGNUM *add, BIGNUM *rem, BN_CTX *ctx); - -BIGNUM *BN_generate_prime(BIGNUM *ret, int bits, int safe, BIGNUM *add, - BIGNUM *rem, void (*callback)(int,int,void *), void *cb_arg) - { - BIGNUM *rnd=NULL; - BIGNUM t; - int found=0; - int i,j,c1=0; - BN_CTX *ctx; - int checks = BN_prime_checks_for_size(bits); - - ctx=BN_CTX_new(); - if (ctx == NULL) goto err; - if (ret == NULL) - { - if ((rnd=BN_new()) == NULL) goto err; - } - else - rnd=ret; - BN_init(&t); -loop: - /* make a random number and set the top and bottom bits */ - if (add == NULL) - { - if (!probable_prime(rnd,bits)) goto err; - } - else - { - if (safe) - { - if (!probable_prime_dh_safe(rnd,bits,add,rem,ctx)) - goto err; - } - else - { - if (!probable_prime_dh(rnd,bits,add,rem,ctx)) - goto err; - } - } - /* if (BN_mod_word(rnd,(BN_ULONG)3) == 1) goto loop; */ - if (callback != NULL) callback(0,c1++,cb_arg); - - if (!safe) - { - i=BN_is_prime_fasttest(rnd,checks,callback,ctx,cb_arg,0); - if (i == -1) goto err; - if (i == 0) goto loop; - } - else - { - /* for "safe prime" generation, - * check that (p-1)/2 is prime. - * Since a prime is odd, We just - * need to divide by 2 */ - if (!BN_rshift1(&t,rnd)) goto err; - - for (i=0; ineg) - { - BIGNUM *t; - if ((t = BN_CTX_get(ctx)) == NULL) goto err; - BN_copy(t, a); - t->neg = 0; - A = t; - } - else - A = a; - A1 = BN_CTX_get(ctx); - A1_odd = BN_CTX_get(ctx); - check = BN_CTX_get(ctx); - if (check == NULL) goto err; - - /* compute A1 := A - 1 */ - if (!BN_copy(A1, A)) - goto err; - if (!BN_sub_word(A1, 1)) - goto err; - if (BN_is_zero(A1)) - { - ret = 0; - goto err; - } - - /* write A1 as A1_odd * 2^k */ - k = 1; - while (!BN_is_bit_set(A1, k)) - k++; - if (!BN_rshift(A1_odd, A1, k)) - goto err; - - /* Montgomery setup for computations mod A */ - mont = BN_MONT_CTX_new(); - if (mont == NULL) - goto err; - if (!BN_MONT_CTX_set(mont, A, ctx)) - goto err; - - for (i = 0; i < checks; i++) - { - if (!BN_pseudo_rand(check, BN_num_bits(A1), 0, 0)) - goto err; - if (BN_cmp(check, A1) >= 0) - if (!BN_sub(check, check, A1)) - goto err; - if (!BN_add_word(check, 1)) - goto err; - /* now 1 <= check < A */ - - j = witness(check, A, A1, A1_odd, k, ctx, mont); - if (j == -1) goto err; - if (j) - { - ret=0; - goto err; - } - if (callback != NULL) callback(1,i,cb_arg); - } - ret=1; -err: - if (ctx != NULL) - { - BN_CTX_end(ctx); - if (ctx_passed == NULL) - BN_CTX_free(ctx); - } - if (mont != NULL) - BN_MONT_CTX_free(mont); - - return(ret); - } - -static int witness(BIGNUM *w, const BIGNUM *a, const BIGNUM *a1, - const BIGNUM *a1_odd, int k, BN_CTX *ctx, BN_MONT_CTX *mont) - { - if (!BN_mod_exp_mont(w, w, a1_odd, a, ctx, mont)) /* w := w^a1_odd mod a */ - return -1; - if (BN_is_one(w)) - return 0; /* probably prime */ - if (BN_cmp(w, a1) == 0) - return 0; /* w == -1 (mod a), 'a' is probably prime */ - while (--k) - { - if (!BN_mod_mul(w, w, w, a, ctx)) /* w := w^2 mod a */ - return -1; - if (BN_is_one(w)) - return 1; /* 'a' is composite, otherwise a previous 'w' would - * have been == -1 (mod 'a') */ - if (BN_cmp(w, a1) == 0) - return 0; /* w == -1 (mod a), 'a' is probably prime */ - } - /* If we get here, 'w' is the (a-1)/2-th power of the original 'w', - * and it is neither -1 nor +1 -- so 'a' cannot be prime */ - return 1; - } - -static int probable_prime(BIGNUM *rnd, int bits) - { - int i; - BN_ULONG mods[NUMPRIMES]; - BN_ULONG delta,d; - -again: - if (!BN_rand(rnd,bits,1,1)) return(0); - /* we now have a random number 'rand' to test. */ - for (i=1; i= 0); - -push(@primes,2); -$p=1; -loop: while ($#primes < $num-1) - { - $p+=2; - $s=int(sqrt($p)); - - for ($i=0; $primes[$i]<=$s; $i++) - { - next loop if (($p%$primes[$i]) == 0); - } - push(@primes,$p); - } - -# print <<"EOF"; -# /* Auto generated by bn_prime.pl */ -# /* Copyright (C) 1995-1997 Eric Young (eay\@mincom.oz.au). -# * All rights reserved. -# * Copyright remains Eric Young's, and as such any Copyright notices in -# * the code are not to be removed. -# * See the COPYRIGHT file in the SSLeay distribution for more details. -# */ -# -# EOF - -print <<\EOF; -/* Auto generated by bn_prime.pl */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -EOF - -for ($i=0; $i <= $#primes; $i++) - { - if ($primes[$i] > 256) - { - $eight=$i; - last; - } - } - -printf "#ifndef EIGHT_BIT\n"; -printf "#define NUMPRIMES %d\n",$num; -printf "#else\n"; -printf "#define NUMPRIMES %d\n",$eight; -printf "#endif\n"; -print "static const unsigned int primes[NUMPRIMES]=\n\t{\n\t"; -$init=0; -for ($i=0; $i <= $#primes; $i++) - { - printf "\n#ifndef EIGHT_BIT\n\t" if ($primes[$i] > 256) && !($init++); - printf("\n\t") if (($i%8) == 0) && ($i != 0); - printf("%4d,",$primes[$i]); - } -print "\n#endif\n\t};\n"; - - diff --git a/src/lib/libcrypto/bn/bn_print.c b/src/lib/libcrypto/bn/bn_print.c deleted file mode 100644 index 532e66bcc3..0000000000 --- a/src/lib/libcrypto/bn/bn_print.c +++ /dev/null @@ -1,332 +0,0 @@ -/* crypto/bn/bn_print.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include "cryptlib.h" -#include -#include "bn_lcl.h" - -static const char *Hex="0123456789ABCDEF"; - -/* Must 'OPENSSL_free' the returned data */ -char *BN_bn2hex(const BIGNUM *a) - { - int i,j,v,z=0; - char *buf; - char *p; - - buf=(char *)OPENSSL_malloc(a->top*BN_BYTES*2+2); - if (buf == NULL) - { - BNerr(BN_F_BN_BN2HEX,ERR_R_MALLOC_FAILURE); - goto err; - } - p=buf; - if (a->neg) *(p++)='-'; - if (a->top == 0) *(p++)='0'; - for (i=a->top-1; i >=0; i--) - { - for (j=BN_BITS2-8; j >= 0; j-=8) - { - /* strip leading zeros */ - v=((int)(a->d[i]>>(long)j))&0xff; - if (z || (v != 0)) - { - *(p++)=Hex[v>>4]; - *(p++)=Hex[v&0x0f]; - z=1; - } - } - } - *p='\0'; -err: - return(buf); - } - -/* Must 'OPENSSL_free' the returned data */ -char *BN_bn2dec(const BIGNUM *a) - { - int i=0,num; - char *buf=NULL; - char *p; - BIGNUM *t=NULL; - BN_ULONG *bn_data=NULL,*lp; - - i=BN_num_bits(a)*3; - num=(i/10+i/1000+3)+1; - bn_data=(BN_ULONG *)OPENSSL_malloc((num/BN_DEC_NUM+1)*sizeof(BN_ULONG)); - buf=(char *)OPENSSL_malloc(num+3); - if ((buf == NULL) || (bn_data == NULL)) - { - BNerr(BN_F_BN_BN2DEC,ERR_R_MALLOC_FAILURE); - goto err; - } - if ((t=BN_dup(a)) == NULL) goto err; - - p=buf; - lp=bn_data; - if (t->neg) *(p++)='-'; - if (t->top == 0) - { - *(p++)='0'; - *(p++)='\0'; - } - else - { - i=0; - while (!BN_is_zero(t)) - { - *lp=BN_div_word(t,BN_DEC_CONV); - lp++; - } - lp--; - /* We now have a series of blocks, BN_DEC_NUM chars - * in length, where the last one needs truncation. - * The blocks need to be reversed in order. */ - sprintf(p,BN_DEC_FMT1,*lp); - while (*p) p++; - while (lp != bn_data) - { - lp--; - sprintf(p,BN_DEC_FMT2,*lp); - while (*p) p++; - } - } -err: - if (bn_data != NULL) OPENSSL_free(bn_data); - if (t != NULL) BN_free(t); - return(buf); - } - -int BN_hex2bn(BIGNUM **bn, const char *a) - { - BIGNUM *ret=NULL; - BN_ULONG l=0; - int neg=0,h,m,i,j,k,c; - int num; - - if ((a == NULL) || (*a == '\0')) return(0); - - if (*a == '-') { neg=1; a++; } - - for (i=0; isxdigit((unsigned char) a[i]); i++) - ; - - num=i+neg; - if (bn == NULL) return(num); - - /* a is the start of the hex digits, and it is 'i' long */ - if (*bn == NULL) - { - if ((ret=BN_new()) == NULL) return(0); - } - else - { - ret= *bn; - BN_zero(ret); - } - - /* i is the number of hex digests; */ - if (bn_expand(ret,i*4) == NULL) goto err; - - j=i; /* least significant 'hex' */ - m=0; - h=0; - while (j > 0) - { - m=((BN_BYTES*2) <= j)?(BN_BYTES*2):j; - l=0; - for (;;) - { - c=a[j-m]; - if ((c >= '0') && (c <= '9')) k=c-'0'; - else if ((c >= 'a') && (c <= 'f')) k=c-'a'+10; - else if ((c >= 'A') && (c <= 'F')) k=c-'A'+10; - else k=0; /* paranoia */ - l=(l<<4)|k; - - if (--m <= 0) - { - ret->d[h++]=l; - break; - } - } - j-=(BN_BYTES*2); - } - ret->top=h; - bn_fix_top(ret); - ret->neg=neg; - - *bn=ret; - return(num); -err: - if (*bn == NULL) BN_free(ret); - return(0); - } - -int BN_dec2bn(BIGNUM **bn, const char *a) - { - BIGNUM *ret=NULL; - BN_ULONG l=0; - int neg=0,i,j; - int num; - - if ((a == NULL) || (*a == '\0')) return(0); - if (*a == '-') { neg=1; a++; } - - for (i=0; isdigit((unsigned char) a[i]); i++) - ; - - num=i+neg; - if (bn == NULL) return(num); - - /* a is the start of the digits, and it is 'i' long. - * We chop it into BN_DEC_NUM digits at a time */ - if (*bn == NULL) - { - if ((ret=BN_new()) == NULL) return(0); - } - else - { - ret= *bn; - BN_zero(ret); - } - - /* i is the number of digests, a bit of an over expand; */ - if (bn_expand(ret,i*4) == NULL) goto err; - - j=BN_DEC_NUM-(i%BN_DEC_NUM); - if (j == BN_DEC_NUM) j=0; - l=0; - while (*a) - { - l*=10; - l+= *a-'0'; - a++; - if (++j == BN_DEC_NUM) - { - BN_mul_word(ret,BN_DEC_CONV); - BN_add_word(ret,l); - l=0; - j=0; - } - } - ret->neg=neg; - - bn_fix_top(ret); - *bn=ret; - return(num); -err: - if (*bn == NULL) BN_free(ret); - return(0); - } - -#ifndef NO_BIO -#ifndef NO_FP_API -int BN_print_fp(FILE *fp, const BIGNUM *a) - { - BIO *b; - int ret; - - if ((b=BIO_new(BIO_s_file())) == NULL) - return(0); - BIO_set_fp(b,fp,BIO_NOCLOSE); - ret=BN_print(b,a); - BIO_free(b); - return(ret); - } -#endif - -int BN_print(BIO *bp, const BIGNUM *a) - { - int i,j,v,z=0; - int ret=0; - - if ((a->neg) && (BIO_write(bp,"-",1) != 1)) goto end; - if ((a->top == 0) && (BIO_write(bp,"0",1) != 1)) goto end; - for (i=a->top-1; i >=0; i--) - { - for (j=BN_BITS2-4; j >= 0; j-=4) - { - /* strip leading zeros */ - v=((int)(a->d[i]>>(long)j))&0x0f; - if (z || (v != 0)) - { - if (BIO_write(bp,&(Hex[v]),1) != 1) - goto end; - z=1; - } - } - } - ret=1; -end: - return(ret); - } -#endif - -#ifdef BN_DEBUG -void bn_dump1(FILE *o, const char *a, BN_ULONG *b,int n) - { - int i; - fprintf(o, "%s=", a); - for (i=n-1;i>=0;i--) - fprintf(o, "%08lX", b[i]); /* assumes 32-bit BN_ULONG */ - fprintf(o, "\n"); - } -#endif diff --git a/src/lib/libcrypto/bn/bn_rand.c b/src/lib/libcrypto/bn/bn_rand.c deleted file mode 100644 index 21ecbc04ed..0000000000 --- a/src/lib/libcrypto/bn/bn_rand.c +++ /dev/null @@ -1,142 +0,0 @@ -/* crypto/bn/bn_rand.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include "cryptlib.h" -#include "bn_lcl.h" -#include - -static int bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom) - { - unsigned char *buf=NULL; - int ret=0,bit,bytes,mask; - time_t tim; - - if (bits == 0) - { - BN_zero(rnd); - return 1; - } - - bytes=(bits+7)/8; - bit=(bits-1)%8; - mask=0xff< -#include "cryptlib.h" -#include "bn_lcl.h" - -void BN_RECP_CTX_init(BN_RECP_CTX *recp) - { - BN_init(&(recp->N)); - BN_init(&(recp->Nr)); - recp->num_bits=0; - recp->flags=0; - } - -BN_RECP_CTX *BN_RECP_CTX_new(void) - { - BN_RECP_CTX *ret; - - if ((ret=(BN_RECP_CTX *)OPENSSL_malloc(sizeof(BN_RECP_CTX))) == NULL) - return(NULL); - - BN_RECP_CTX_init(ret); - ret->flags=BN_FLG_MALLOCED; - return(ret); - } - -void BN_RECP_CTX_free(BN_RECP_CTX *recp) - { - if(recp == NULL) - return; - - BN_free(&(recp->N)); - BN_free(&(recp->Nr)); - if (recp->flags & BN_FLG_MALLOCED) - OPENSSL_free(recp); - } - -int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *d, BN_CTX *ctx) - { - BN_copy(&(recp->N),d); - BN_zero(&(recp->Nr)); - recp->num_bits=BN_num_bits(d); - recp->shift=0; - return(1); - } - -int BN_mod_mul_reciprocal(BIGNUM *r, BIGNUM *x, BIGNUM *y, BN_RECP_CTX *recp, - BN_CTX *ctx) - { - int ret=0; - BIGNUM *a; - - BN_CTX_start(ctx); - if ((a = BN_CTX_get(ctx)) == NULL) goto err; - if (y != NULL) - { - if (x == y) - { if (!BN_sqr(a,x,ctx)) goto err; } - else - { if (!BN_mul(a,x,y,ctx)) goto err; } - } - else - a=x; /* Just do the mod */ - - BN_div_recp(NULL,r,a,recp,ctx); - ret=1; -err: - BN_CTX_end(ctx); - return(ret); - } - -int BN_div_recp(BIGNUM *dv, BIGNUM *rem, BIGNUM *m, BN_RECP_CTX *recp, - BN_CTX *ctx) - { - int i,j,ret=0; - BIGNUM *a,*b,*d,*r; - - BN_CTX_start(ctx); - a=BN_CTX_get(ctx); - b=BN_CTX_get(ctx); - if (dv != NULL) - d=dv; - else - d=BN_CTX_get(ctx); - if (rem != NULL) - r=rem; - else - r=BN_CTX_get(ctx); - if (a == NULL || b == NULL || d == NULL || r == NULL) goto err; - - if (BN_ucmp(m,&(recp->N)) < 0) - { - BN_zero(d); - BN_copy(r,m); - BN_CTX_end(ctx); - return(1); - } - - /* We want the remainder - * Given input of ABCDEF / ab - * we need multiply ABCDEF by 3 digests of the reciprocal of ab - * - */ - i=BN_num_bits(m); - - j=recp->num_bits<<1; - if (j>i) i=j; - j>>=1; - - if (i != recp->shift) - recp->shift=BN_reciprocal(&(recp->Nr),&(recp->N), - i,ctx); - - if (!BN_rshift(a,m,j)) goto err; - if (!BN_mul(b,a,&(recp->Nr),ctx)) goto err; - if (!BN_rshift(d,b,i-j)) goto err; - d->neg=0; - if (!BN_mul(b,&(recp->N),d,ctx)) goto err; - if (!BN_usub(r,m,b)) goto err; - r->neg=0; - -#if 1 - j=0; - while (BN_ucmp(r,&(recp->N)) >= 0) - { - if (j++ > 2) - { - BNerr(BN_F_BN_MOD_MUL_RECIPROCAL,BN_R_BAD_RECIPROCAL); - goto err; - } - if (!BN_usub(r,r,&(recp->N))) goto err; - if (!BN_add_word(d,1)) goto err; - } -#endif - - r->neg=BN_is_zero(r)?0:m->neg; - d->neg=m->neg^recp->N.neg; - ret=1; -err: - BN_CTX_end(ctx); - return(ret); - } - -/* len is the expected size of the result - * We actually calculate with an extra word of precision, so - * we can do faster division if the remainder is not required. - */ -int BN_reciprocal(BIGNUM *r, BIGNUM *m, int len, BN_CTX *ctx) - { - int ret= -1; - BIGNUM t; - - BN_init(&t); - - BN_zero(&t); - if (!BN_set_bit(&t,len)) goto err; - - if (!BN_div(r,NULL,&t,m,ctx)) goto err; - ret=len; -err: - BN_free(&t); - return(ret); - } - diff --git a/src/lib/libcrypto/bn/bn_shift.c b/src/lib/libcrypto/bn/bn_shift.c deleted file mode 100644 index 0883247384..0000000000 --- a/src/lib/libcrypto/bn/bn_shift.c +++ /dev/null @@ -1,200 +0,0 @@ -/* crypto/bn/bn_shift.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include "bn_lcl.h" - -int BN_lshift1(BIGNUM *r, BIGNUM *a) - { - register BN_ULONG *ap,*rp,t,c; - int i; - - if (r != a) - { - r->neg=a->neg; - if (bn_wexpand(r,a->top+1) == NULL) return(0); - r->top=a->top; - } - else - { - if (bn_wexpand(r,a->top+1) == NULL) return(0); - } - ap=a->d; - rp=r->d; - c=0; - for (i=0; itop; i++) - { - t= *(ap++); - *(rp++)=((t<<1)|c)&BN_MASK2; - c=(t & BN_TBIT)?1:0; - } - if (c) - { - *rp=1; - r->top++; - } - return(1); - } - -int BN_rshift1(BIGNUM *r, BIGNUM *a) - { - BN_ULONG *ap,*rp,t,c; - int i; - - if (BN_is_zero(a)) - { - BN_zero(r); - return(1); - } - if (a != r) - { - if (bn_wexpand(r,a->top) == NULL) return(0); - r->top=a->top; - r->neg=a->neg; - } - ap=a->d; - rp=r->d; - c=0; - for (i=a->top-1; i>=0; i--) - { - t=ap[i]; - rp[i]=((t>>1)&BN_MASK2)|c; - c=(t&1)?BN_TBIT:0; - } - bn_fix_top(r); - return(1); - } - -int BN_lshift(BIGNUM *r, const BIGNUM *a, int n) - { - int i,nw,lb,rb; - BN_ULONG *t,*f; - BN_ULONG l; - - r->neg=a->neg; - if (bn_wexpand(r,a->top+(n/BN_BITS2)+1) == NULL) return(0); - nw=n/BN_BITS2; - lb=n%BN_BITS2; - rb=BN_BITS2-lb; - f=a->d; - t=r->d; - t[a->top+nw]=0; - if (lb == 0) - for (i=a->top-1; i>=0; i--) - t[nw+i]=f[i]; - else - for (i=a->top-1; i>=0; i--) - { - l=f[i]; - t[nw+i+1]|=(l>>rb)&BN_MASK2; - t[nw+i]=(l<top=a->top+nw+1; - bn_fix_top(r); - return(1); - } - -int BN_rshift(BIGNUM *r, BIGNUM *a, int n) - { - int i,j,nw,lb,rb; - BN_ULONG *t,*f; - BN_ULONG l,tmp; - - nw=n/BN_BITS2; - rb=n%BN_BITS2; - lb=BN_BITS2-rb; - if (nw > a->top || a->top == 0) - { - BN_zero(r); - return(1); - } - if (r != a) - { - r->neg=a->neg; - if (bn_wexpand(r,a->top-nw+1) == NULL) return(0); - } - - f= &(a->d[nw]); - t=r->d; - j=a->top-nw; - r->top=j; - - if (rb == 0) - { - for (i=j+1; i > 0; i--) - *(t++)= *(f++); - } - else - { - l= *(f++); - for (i=1; i>rb)&BN_MASK2; - l= *(f++); - *(t++) =(tmp|(l<>rb)&BN_MASK2; - } - *t=0; - bn_fix_top(r); - return(1); - } diff --git a/src/lib/libcrypto/bn/bn_sqr.c b/src/lib/libcrypto/bn/bn_sqr.c deleted file mode 100644 index 75f4f38392..0000000000 --- a/src/lib/libcrypto/bn/bn_sqr.c +++ /dev/null @@ -1,288 +0,0 @@ -/* crypto/bn/bn_sqr.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include "bn_lcl.h" - -/* r must not be a */ -/* I've just gone over this and it is now %20 faster on x86 - eay - 27 Jun 96 */ -int BN_sqr(BIGNUM *r, BIGNUM *a, BN_CTX *ctx) - { - int max,al; - int ret = 0; - BIGNUM *tmp,*rr; - -#ifdef BN_COUNT -printf("BN_sqr %d * %d\n",a->top,a->top); -#endif - bn_check_top(a); - - al=a->top; - if (al <= 0) - { - r->top=0; - return(1); - } - - BN_CTX_start(ctx); - rr=(a != r) ? r : BN_CTX_get(ctx); - tmp=BN_CTX_get(ctx); - if (tmp == NULL) goto err; - - max=(al+al); - if (bn_wexpand(rr,max+1) == NULL) goto err; - - r->neg=0; - if (al == 4) - { -#ifndef BN_SQR_COMBA - BN_ULONG t[8]; - bn_sqr_normal(rr->d,a->d,4,t); -#else - bn_sqr_comba4(rr->d,a->d); -#endif - } - else if (al == 8) - { -#ifndef BN_SQR_COMBA - BN_ULONG t[16]; - bn_sqr_normal(rr->d,a->d,8,t); -#else - bn_sqr_comba8(rr->d,a->d); -#endif - } - else - { -#if defined(BN_RECURSION) - if (al < BN_SQR_RECURSIVE_SIZE_NORMAL) - { - BN_ULONG t[BN_SQR_RECURSIVE_SIZE_NORMAL*2]; - bn_sqr_normal(rr->d,a->d,al,t); - } - else - { - int j,k; - - j=BN_num_bits_word((BN_ULONG)al); - j=1<<(j-1); - k=j+j; - if (al == j) - { - if (bn_wexpand(a,k*2) == NULL) goto err; - if (bn_wexpand(tmp,k*2) == NULL) goto err; - bn_sqr_recursive(rr->d,a->d,al,tmp->d); - } - else - { - if (bn_wexpand(tmp,max) == NULL) goto err; - bn_sqr_normal(rr->d,a->d,al,tmp->d); - } - } -#else - if (bn_wexpand(tmp,max) == NULL) goto err; - bn_sqr_normal(rr->d,a->d,al,tmp->d); -#endif - } - - rr->top=max; - if ((max > 0) && (rr->d[max-1] == 0)) rr->top--; - if (rr != r) BN_copy(r,rr); - ret = 1; - err: - BN_CTX_end(ctx); - return(ret); - } - -/* tmp must have 2*n words */ -void bn_sqr_normal(BN_ULONG *r, BN_ULONG *a, int n, BN_ULONG *tmp) - { - int i,j,max; - BN_ULONG *ap,*rp; - - max=n*2; - ap=a; - rp=r; - rp[0]=rp[max-1]=0; - rp++; - j=n; - - if (--j > 0) - { - ap++; - rp[j]=bn_mul_words(rp,ap,j,ap[-1]); - rp+=2; - } - - for (i=n-2; i>0; i--) - { - j--; - ap++; - rp[j]=bn_mul_add_words(rp,ap,j,ap[-1]); - rp+=2; - } - - bn_add_words(r,r,r,max); - - /* There will not be a carry */ - - bn_sqr_words(tmp,a,n); - - bn_add_words(r,r,tmp,max); - } - -#ifdef BN_RECURSION -/* r is 2*n words in size, - * a and b are both n words in size. (There's not actually a 'b' here ...) - * n must be a power of 2. - * We multiply and return the result. - * t must be 2*n words in size - * We calculate - * a[0]*b[0] - * a[0]*b[0]+a[1]*b[1]+(a[0]-a[1])*(b[1]-b[0]) - * a[1]*b[1] - */ -void bn_sqr_recursive(BN_ULONG *r, BN_ULONG *a, int n2, BN_ULONG *t) - { - int n=n2/2; - int zero,c1; - BN_ULONG ln,lo,*p; - -#ifdef BN_COUNT -printf(" bn_sqr_recursive %d * %d\n",n2,n2); -#endif - if (n2 == 4) - { -#ifndef BN_SQR_COMBA - bn_sqr_normal(r,a,4,t); -#else - bn_sqr_comba4(r,a); -#endif - return; - } - else if (n2 == 8) - { -#ifndef BN_SQR_COMBA - bn_sqr_normal(r,a,8,t); -#else - bn_sqr_comba8(r,a); -#endif - return; - } - if (n2 < BN_SQR_RECURSIVE_SIZE_NORMAL) - { - bn_sqr_normal(r,a,n2,t); - return; - } - /* r=(a[0]-a[1])*(a[1]-a[0]) */ - c1=bn_cmp_words(a,&(a[n]),n); - zero=0; - if (c1 > 0) - bn_sub_words(t,a,&(a[n]),n); - else if (c1 < 0) - bn_sub_words(t,&(a[n]),a,n); - else - zero=1; - - /* The result will always be negative unless it is zero */ - p= &(t[n2*2]); - - if (!zero) - bn_sqr_recursive(&(t[n2]),t,n,p); - else - memset(&(t[n2]),0,n*sizeof(BN_ULONG)); - bn_sqr_recursive(r,a,n,p); - bn_sqr_recursive(&(r[n2]),&(a[n]),n,p); - - /* t[32] holds (a[0]-a[1])*(a[1]-a[0]), it is negative or zero - * r[10] holds (a[0]*b[0]) - * r[32] holds (b[1]*b[1]) - */ - - c1=(int)(bn_add_words(t,r,&(r[n2]),n2)); - - /* t[32] is negative */ - c1-=(int)(bn_sub_words(&(t[n2]),t,&(t[n2]),n2)); - - /* t[32] holds (a[0]-a[1])*(a[1]-a[0])+(a[0]*a[0])+(a[1]*a[1]) - * r[10] holds (a[0]*a[0]) - * r[32] holds (a[1]*a[1]) - * c1 holds the carry bits - */ - c1+=(int)(bn_add_words(&(r[n]),&(r[n]),&(t[n2]),n2)); - if (c1) - { - p= &(r[n+n2]); - lo= *p; - ln=(lo+c1)&BN_MASK2; - *p=ln; - - /* The overflow will stop before we over write - * words we should not overwrite */ - if (ln < (BN_ULONG)c1) - { - do { - p++; - lo= *p; - ln=(lo+1)&BN_MASK2; - *p=ln; - } while (ln == 0); - } - } - } -#endif diff --git a/src/lib/libcrypto/bn/bn_word.c b/src/lib/libcrypto/bn/bn_word.c deleted file mode 100644 index cd59baa2c4..0000000000 --- a/src/lib/libcrypto/bn/bn_word.c +++ /dev/null @@ -1,199 +0,0 @@ -/* crypto/bn/bn_word.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include "bn_lcl.h" - -BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w) - { -#ifndef BN_LLONG - BN_ULONG ret=0; -#else - BN_ULLONG ret=0; -#endif - int i; - - w&=BN_MASK2; - for (i=a->top-1; i>=0; i--) - { -#ifndef BN_LLONG - ret=((ret<d[i]>>BN_BITS4)&BN_MASK2l))%w; - ret=((ret<d[i]&BN_MASK2l))%w; -#else - ret=(BN_ULLONG)(((ret<<(BN_ULLONG)BN_BITS2)|a->d[i])% - (BN_ULLONG)w); -#endif - } - return((BN_ULONG)ret); - } - -BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w) - { - BN_ULONG ret; - int i; - - if (a->top == 0) return(0); - ret=0; - w&=BN_MASK2; - for (i=a->top-1; i>=0; i--) - { - BN_ULONG l,d; - - l=a->d[i]; - d=bn_div_words(ret,l,w); - ret=(l-((d*w)&BN_MASK2))&BN_MASK2; - a->d[i]=d; - } - if ((a->top > 0) && (a->d[a->top-1] == 0)) - a->top--; - return(ret); - } - -int BN_add_word(BIGNUM *a, BN_ULONG w) - { - BN_ULONG l; - int i; - - if (a->neg) - { - a->neg=0; - i=BN_sub_word(a,w); - if (!BN_is_zero(a)) - a->neg=!(a->neg); - return(i); - } - w&=BN_MASK2; - if (bn_wexpand(a,a->top+1) == NULL) return(0); - i=0; - for (;;) - { - l=(a->d[i]+(BN_ULONG)w)&BN_MASK2; - a->d[i]=l; - if (w > l) - w=1; - else - break; - i++; - } - if (i >= a->top) - a->top++; - return(1); - } - -int BN_sub_word(BIGNUM *a, BN_ULONG w) - { - int i; - - if (BN_is_zero(a) || a->neg) - { - a->neg=0; - i=BN_add_word(a,w); - a->neg=1; - return(i); - } - - w&=BN_MASK2; - if ((a->top == 1) && (a->d[0] < w)) - { - a->d[0]=w-a->d[0]; - a->neg=1; - return(1); - } - i=0; - for (;;) - { - if (a->d[i] >= w) - { - a->d[i]-=w; - break; - } - else - { - a->d[i]=(a->d[i]-w)&BN_MASK2; - i++; - w=1; - } - } - if ((a->d[i] == 0) && (i == (a->top-1))) - a->top--; - return(1); - } - -int BN_mul_word(BIGNUM *a, BN_ULONG w) - { - BN_ULONG ll; - - w&=BN_MASK2; - if (a->top) - { - if (w == 0) - BN_zero(a); - else - { - ll=bn_mul_words(a->d,a->d,a->top,w); - if (ll) - { - if (bn_wexpand(a,a->top+1) == NULL) return(0); - a->d[a->top++]=ll; - } - } - } - return(1); - } - diff --git a/src/lib/libcrypto/buffer/buf_err.c b/src/lib/libcrypto/buffer/buf_err.c deleted file mode 100644 index 2f971a5f38..0000000000 --- a/src/lib/libcrypto/buffer/buf_err.c +++ /dev/null @@ -1,95 +0,0 @@ -/* crypto/buffer/buf_err.c */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* NOTE: this file was auto generated by the mkerr.pl script: any changes - * made to it will be overwritten when the script next updates this file, - * only reason strings will be preserved. - */ - -#include -#include -#include - -/* BEGIN ERROR CODES */ -#ifndef NO_ERR -static ERR_STRING_DATA BUF_str_functs[]= - { -{ERR_PACK(0,BUF_F_BUF_MEM_GROW,0), "BUF_MEM_grow"}, -{ERR_PACK(0,BUF_F_BUF_MEM_NEW,0), "BUF_MEM_new"}, -{ERR_PACK(0,BUF_F_BUF_STRDUP,0), "BUF_strdup"}, -{0,NULL} - }; - -static ERR_STRING_DATA BUF_str_reasons[]= - { -{0,NULL} - }; - -#endif - -void ERR_load_BUF_strings(void) - { - static int init=1; - - if (init) - { - init=0; -#ifndef NO_ERR - ERR_load_strings(ERR_LIB_BUF,BUF_str_functs); - ERR_load_strings(ERR_LIB_BUF,BUF_str_reasons); -#endif - - } - } diff --git a/src/lib/libcrypto/buffer/buffer.c b/src/lib/libcrypto/buffer/buffer.c deleted file mode 100644 index b76ff3ad7a..0000000000 --- a/src/lib/libcrypto/buffer/buffer.c +++ /dev/null @@ -1,144 +0,0 @@ -/* crypto/buffer/buffer.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include - -BUF_MEM *BUF_MEM_new(void) - { - BUF_MEM *ret; - - ret=OPENSSL_malloc(sizeof(BUF_MEM)); - if (ret == NULL) - { - BUFerr(BUF_F_BUF_MEM_NEW,ERR_R_MALLOC_FAILURE); - return(NULL); - } - ret->length=0; - ret->max=0; - ret->data=NULL; - return(ret); - } - -void BUF_MEM_free(BUF_MEM *a) - { - if(a == NULL) - return; - - if (a->data != NULL) - { - memset(a->data,0,(unsigned int)a->max); - OPENSSL_free(a->data); - } - OPENSSL_free(a); - } - -int BUF_MEM_grow(BUF_MEM *str, int len) - { - char *ret; - unsigned int n; - - if (str->length >= len) - { - str->length=len; - return(len); - } - if (str->max >= len) - { - memset(&str->data[str->length],0,len-str->length); - str->length=len; - return(len); - } - n=(len+3)/3*4; - if (str->data == NULL) - ret=OPENSSL_malloc(n); - else - ret=OPENSSL_realloc(str->data,n); - if (ret == NULL) - { - BUFerr(BUF_F_BUF_MEM_GROW,ERR_R_MALLOC_FAILURE); - len=0; - } - else - { - str->data=ret; - str->length=len; - str->max=n; - } - return(len); - } - -char *BUF_strdup(const char *str) - { - char *ret; - int n; - - if (str == NULL) return(NULL); - - n=strlen(str); - ret=OPENSSL_malloc(n+1); - if (ret == NULL) - { - BUFerr(BUF_F_BUF_STRDUP,ERR_R_MALLOC_FAILURE); - return(NULL); - } - memcpy(ret,str,n+1); - return(ret); - } - diff --git a/src/lib/libcrypto/buffer/buffer.h b/src/lib/libcrypto/buffer/buffer.h deleted file mode 100644 index bff26bf391..0000000000 --- a/src/lib/libcrypto/buffer/buffer.h +++ /dev/null @@ -1,98 +0,0 @@ -/* crypto/buffer/buffer.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_BUFFER_H -#define HEADER_BUFFER_H - -#ifdef __cplusplus -extern "C" { -#endif - -typedef struct buf_mem_st - { - int length; /* current number of bytes */ - char *data; - int max; /* size of buffer */ - } BUF_MEM; - -BUF_MEM *BUF_MEM_new(void); -void BUF_MEM_free(BUF_MEM *a); -int BUF_MEM_grow(BUF_MEM *str, int len); -char * BUF_strdup(const char *str); - -void ERR_load_BUF_strings(void ); - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ - -/* Error codes for the BUF functions. */ - -/* Function codes. */ -#define BUF_F_BUF_MEM_GROW 100 -#define BUF_F_BUF_MEM_NEW 101 -#define BUF_F_BUF_STRDUP 102 - -/* Reason codes. */ - -#ifdef __cplusplus -} -#endif -#endif - diff --git a/src/lib/libcrypto/cast/asm/cast-586.pl b/src/lib/libcrypto/cast/asm/cast-586.pl deleted file mode 100644 index 6be0bfe572..0000000000 --- a/src/lib/libcrypto/cast/asm/cast-586.pl +++ /dev/null @@ -1,176 +0,0 @@ -#!/usr/local/bin/perl - -# define for pentium pro friendly version -$ppro=1; - -push(@INC,"perlasm","../../perlasm"); -require "x86asm.pl"; -require "cbc.pl"; - -&asm_init($ARGV[0],"cast-586.pl",$ARGV[$#ARGV] eq "386"); - -$CAST_ROUNDS=16; -$L="edi"; -$R="esi"; -$K="ebp"; -$tmp1="ecx"; -$tmp2="ebx"; -$tmp3="eax"; -$tmp4="edx"; -$S1="CAST_S_table0"; -$S2="CAST_S_table1"; -$S3="CAST_S_table2"; -$S4="CAST_S_table3"; - -@F1=("add","xor","sub"); -@F2=("xor","sub","add"); -@F3=("sub","add","xor"); - -&CAST_encrypt("CAST_encrypt",1); -&CAST_encrypt("CAST_decrypt",0); -&cbc("CAST_cbc_encrypt","CAST_encrypt","CAST_decrypt",1,4,5,3,-1,-1); - -&asm_finish(); - -sub CAST_encrypt { - local($name,$enc)=@_; - - local($win_ex)=<<"EOF"; -EXTERN _CAST_S_table0:DWORD -EXTERN _CAST_S_table1:DWORD -EXTERN _CAST_S_table2:DWORD -EXTERN _CAST_S_table3:DWORD -EOF - &main::external_label( - "CAST_S_table0", - "CAST_S_table1", - "CAST_S_table2", - "CAST_S_table3", - ); - - &function_begin_B($name,$win_ex); - - &comment(""); - - &push("ebp"); - &push("ebx"); - &mov($tmp2,&wparam(0)); - &mov($K,&wparam(1)); - &push("esi"); - &push("edi"); - - &comment("Load the 2 words"); - &mov($L,&DWP(0,$tmp2,"",0)); - &mov($R,&DWP(4,$tmp2,"",0)); - - &comment('Get short key flag'); - &mov($tmp3,&DWP(128,$K,"",0)); - if($enc) { - &push($tmp3); - } else { - &or($tmp3,$tmp3); - &jnz(&label('cast_dec_skip')); - } - - &xor($tmp3, $tmp3); - - # encrypting part - - if ($enc) { - &E_CAST( 0,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST( 1,$S,$R,$L,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST( 2,$S,$L,$R,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST( 3,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST( 4,$S,$L,$R,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST( 5,$S,$R,$L,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST( 6,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST( 7,$S,$R,$L,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST( 8,$S,$L,$R,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST( 9,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST(10,$S,$L,$R,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST(11,$S,$R,$L,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4); - &comment('test short key flag'); - &pop($tmp4); - &or($tmp4,$tmp4); - &jnz(&label('cast_enc_done')); - &E_CAST(12,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST(13,$S,$R,$L,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST(14,$S,$L,$R,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST(15,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4); - } else { - &E_CAST(15,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST(14,$S,$R,$L,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST(13,$S,$L,$R,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST(12,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4); - &set_label('cast_dec_skip'); - &E_CAST(11,$S,$L,$R,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST(10,$S,$R,$L,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST( 9,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST( 8,$S,$R,$L,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST( 7,$S,$L,$R,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST( 6,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST( 5,$S,$L,$R,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST( 4,$S,$R,$L,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST( 3,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST( 2,$S,$R,$L,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST( 1,$S,$L,$R,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4); - &E_CAST( 0,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4); - } - - &set_label('cast_enc_done') if $enc; -# Why the nop? - Ben 17/1/99 - &nop(); - &mov($tmp3,&wparam(0)); - &mov(&DWP(4,$tmp3,"",0),$L); - &mov(&DWP(0,$tmp3,"",0),$R); - &function_end($name); -} - -sub E_CAST { - local($i,$S,$L,$R,$K,$OP1,$OP2,$OP3,$tmp1,$tmp2,$tmp3,$tmp4)=@_; - # Ri needs to have 16 pre added. - - &comment("round $i"); - &mov( $tmp4, &DWP($i*8,$K,"",1)); - - &mov( $tmp1, &DWP($i*8+4,$K,"",1)); - &$OP1( $tmp4, $R); - - &rotl( $tmp4, &LB($tmp1)); - - if ($ppro) { - &mov( $tmp2, $tmp4); # B - &xor( $tmp1, $tmp1); - - &movb( &LB($tmp1), &HB($tmp4)); # A - &and( $tmp2, 0xff); - - &shr( $tmp4, 16); # - &xor( $tmp3, $tmp3); - } else { - &mov( $tmp2, $tmp4); # B - &movb( &LB($tmp1), &HB($tmp4)); # A # BAD BAD BAD - - &shr( $tmp4, 16); # - &and( $tmp2, 0xff); - } - - &movb( &LB($tmp3), &HB($tmp4)); # C # BAD BAD BAD - &and( $tmp4, 0xff); # D - - &mov( $tmp1, &DWP($S1,"",$tmp1,4)); - &mov( $tmp2, &DWP($S2,"",$tmp2,4)); - - &$OP2( $tmp1, $tmp2); - &mov( $tmp2, &DWP($S3,"",$tmp3,4)); - - &$OP3( $tmp1, $tmp2); - &mov( $tmp2, &DWP($S4,"",$tmp4,4)); - - &$OP1( $tmp1, $tmp2); - # XXX - - &xor( $L, $tmp1); - # XXX -} - diff --git a/src/lib/libcrypto/cast/c_cfb64.c b/src/lib/libcrypto/cast/c_cfb64.c deleted file mode 100644 index 514c005c32..0000000000 --- a/src/lib/libcrypto/cast/c_cfb64.c +++ /dev/null @@ -1,122 +0,0 @@ -/* crypto/cast/c_cfb64.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cast_lcl.h" - -/* The input and output encrypted as though 64bit cfb mode is being - * used. The extra state information to record how much of the - * 64bit block we have used is contained in *num; - */ - -void CAST_cfb64_encrypt(const unsigned char *in, unsigned char *out, - long length, CAST_KEY *schedule, unsigned char *ivec, - int *num, int enc) - { - register CAST_LONG v0,v1,t; - register int n= *num; - register long l=length; - CAST_LONG ti[2]; - unsigned char *iv,c,cc; - - iv=ivec; - if (enc) - { - while (l--) - { - if (n == 0) - { - n2l(iv,v0); ti[0]=v0; - n2l(iv,v1); ti[1]=v1; - CAST_encrypt((CAST_LONG *)ti,schedule); - iv=ivec; - t=ti[0]; l2n(t,iv); - t=ti[1]; l2n(t,iv); - iv=ivec; - } - c= *(in++)^iv[n]; - *(out++)=c; - iv[n]=c; - n=(n+1)&0x07; - } - } - else - { - while (l--) - { - if (n == 0) - { - n2l(iv,v0); ti[0]=v0; - n2l(iv,v1); ti[1]=v1; - CAST_encrypt((CAST_LONG *)ti,schedule); - iv=ivec; - t=ti[0]; l2n(t,iv); - t=ti[1]; l2n(t,iv); - iv=ivec; - } - cc= *(in++); - c=iv[n]; - iv[n]=cc; - *(out++)=c^cc; - n=(n+1)&0x07; - } - } - v0=v1=ti[0]=ti[1]=t=c=cc=0; - *num=n; - } - diff --git a/src/lib/libcrypto/cast/c_ecb.c b/src/lib/libcrypto/cast/c_ecb.c deleted file mode 100644 index 0b3da9ad87..0000000000 --- a/src/lib/libcrypto/cast/c_ecb.c +++ /dev/null @@ -1,80 +0,0 @@ -/* crypto/cast/c_ecb.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cast_lcl.h" -#include - -const char *CAST_version="CAST" OPENSSL_VERSION_PTEXT; - -void CAST_ecb_encrypt(const unsigned char *in, unsigned char *out, - CAST_KEY *ks, int enc) - { - CAST_LONG l,d[2]; - - n2l(in,l); d[0]=l; - n2l(in,l); d[1]=l; - if (enc) - CAST_encrypt(d,ks); - else - CAST_decrypt(d,ks); - l=d[0]; l2n(l,out); - l=d[1]; l2n(l,out); - l=d[0]=d[1]=0; - } - diff --git a/src/lib/libcrypto/cast/c_enc.c b/src/lib/libcrypto/cast/c_enc.c deleted file mode 100644 index 0fe2cffecc..0000000000 --- a/src/lib/libcrypto/cast/c_enc.c +++ /dev/null @@ -1,207 +0,0 @@ -/* crypto/cast/c_enc.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cast_lcl.h" - -void CAST_encrypt(CAST_LONG *data, CAST_KEY *key) - { - register CAST_LONG l,r,*k,t; - - k= &(key->data[0]); - l=data[0]; - r=data[1]; - - E_CAST( 0,k,l,r,+,^,-); - E_CAST( 1,k,r,l,^,-,+); - E_CAST( 2,k,l,r,-,+,^); - E_CAST( 3,k,r,l,+,^,-); - E_CAST( 4,k,l,r,^,-,+); - E_CAST( 5,k,r,l,-,+,^); - E_CAST( 6,k,l,r,+,^,-); - E_CAST( 7,k,r,l,^,-,+); - E_CAST( 8,k,l,r,-,+,^); - E_CAST( 9,k,r,l,+,^,-); - E_CAST(10,k,l,r,^,-,+); - E_CAST(11,k,r,l,-,+,^); - if(!key->short_key) - { - E_CAST(12,k,l,r,+,^,-); - E_CAST(13,k,r,l,^,-,+); - E_CAST(14,k,l,r,-,+,^); - E_CAST(15,k,r,l,+,^,-); - } - - data[1]=l&0xffffffffL; - data[0]=r&0xffffffffL; - } - -void CAST_decrypt(CAST_LONG *data, CAST_KEY *key) - { - register CAST_LONG l,r,*k,t; - - k= &(key->data[0]); - l=data[0]; - r=data[1]; - - if(!key->short_key) - { - E_CAST(15,k,l,r,+,^,-); - E_CAST(14,k,r,l,-,+,^); - E_CAST(13,k,l,r,^,-,+); - E_CAST(12,k,r,l,+,^,-); - } - E_CAST(11,k,l,r,-,+,^); - E_CAST(10,k,r,l,^,-,+); - E_CAST( 9,k,l,r,+,^,-); - E_CAST( 8,k,r,l,-,+,^); - E_CAST( 7,k,l,r,^,-,+); - E_CAST( 6,k,r,l,+,^,-); - E_CAST( 5,k,l,r,-,+,^); - E_CAST( 4,k,r,l,^,-,+); - E_CAST( 3,k,l,r,+,^,-); - E_CAST( 2,k,r,l,-,+,^); - E_CAST( 1,k,l,r,^,-,+); - E_CAST( 0,k,r,l,+,^,-); - - data[1]=l&0xffffffffL; - data[0]=r&0xffffffffL; - } - -void CAST_cbc_encrypt(const unsigned char *in, unsigned char *out, long length, - CAST_KEY *ks, unsigned char *iv, int enc) - { - register CAST_LONG tin0,tin1; - register CAST_LONG tout0,tout1,xor0,xor1; - register long l=length; - CAST_LONG tin[2]; - - if (enc) - { - n2l(iv,tout0); - n2l(iv,tout1); - iv-=8; - for (l-=8; l>=0; l-=8) - { - n2l(in,tin0); - n2l(in,tin1); - tin0^=tout0; - tin1^=tout1; - tin[0]=tin0; - tin[1]=tin1; - CAST_encrypt(tin,ks); - tout0=tin[0]; - tout1=tin[1]; - l2n(tout0,out); - l2n(tout1,out); - } - if (l != -8) - { - n2ln(in,tin0,tin1,l+8); - tin0^=tout0; - tin1^=tout1; - tin[0]=tin0; - tin[1]=tin1; - CAST_encrypt(tin,ks); - tout0=tin[0]; - tout1=tin[1]; - l2n(tout0,out); - l2n(tout1,out); - } - l2n(tout0,iv); - l2n(tout1,iv); - } - else - { - n2l(iv,xor0); - n2l(iv,xor1); - iv-=8; - for (l-=8; l>=0; l-=8) - { - n2l(in,tin0); - n2l(in,tin1); - tin[0]=tin0; - tin[1]=tin1; - CAST_decrypt(tin,ks); - tout0=tin[0]^xor0; - tout1=tin[1]^xor1; - l2n(tout0,out); - l2n(tout1,out); - xor0=tin0; - xor1=tin1; - } - if (l != -8) - { - n2l(in,tin0); - n2l(in,tin1); - tin[0]=tin0; - tin[1]=tin1; - CAST_decrypt(tin,ks); - tout0=tin[0]^xor0; - tout1=tin[1]^xor1; - l2nn(tout0,tout1,out,l+8); - xor0=tin0; - xor1=tin1; - } - l2n(xor0,iv); - l2n(xor1,iv); - } - tin0=tin1=tout0=tout1=xor0=xor1=0; - tin[0]=tin[1]=0; - } - diff --git a/src/lib/libcrypto/cast/c_ofb64.c b/src/lib/libcrypto/cast/c_ofb64.c deleted file mode 100644 index fd0469a62f..0000000000 --- a/src/lib/libcrypto/cast/c_ofb64.c +++ /dev/null @@ -1,111 +0,0 @@ -/* crypto/cast/c_ofb64.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cast_lcl.h" - -/* The input and output encrypted as though 64bit ofb mode is being - * used. The extra state information to record how much of the - * 64bit block we have used is contained in *num; - */ -void CAST_ofb64_encrypt(const unsigned char *in, unsigned char *out, - long length, CAST_KEY *schedule, unsigned char *ivec, - int *num) - { - register CAST_LONG v0,v1,t; - register int n= *num; - register long l=length; - unsigned char d[8]; - register char *dp; - CAST_LONG ti[2]; - unsigned char *iv; - int save=0; - - iv=ivec; - n2l(iv,v0); - n2l(iv,v1); - ti[0]=v0; - ti[1]=v1; - dp=(char *)d; - l2n(v0,dp); - l2n(v1,dp); - while (l--) - { - if (n == 0) - { - CAST_encrypt((CAST_LONG *)ti,schedule); - dp=(char *)d; - t=ti[0]; l2n(t,dp); - t=ti[1]; l2n(t,dp); - save++; - } - *(out++)= *(in++)^d[n]; - n=(n+1)&0x07; - } - if (save) - { - v0=ti[0]; - v1=ti[1]; - iv=ivec; - l2n(v0,iv); - l2n(v1,iv); - } - t=v0=v1=ti[0]=ti[1]=0; - *num=n; - } - diff --git a/src/lib/libcrypto/cast/c_skey.c b/src/lib/libcrypto/cast/c_skey.c deleted file mode 100644 index 76e40005c9..0000000000 --- a/src/lib/libcrypto/cast/c_skey.c +++ /dev/null @@ -1,166 +0,0 @@ -/* crypto/cast/c_skey.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cast_lcl.h" -#include "cast_s.h" - -#define CAST_exp(l,A,a,n) \ - A[n/4]=l; \ - a[n+3]=(l )&0xff; \ - a[n+2]=(l>> 8)&0xff; \ - a[n+1]=(l>>16)&0xff; \ - a[n+0]=(l>>24)&0xff; - -#define S4 CAST_S_table4 -#define S5 CAST_S_table5 -#define S6 CAST_S_table6 -#define S7 CAST_S_table7 - -void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data) - { - CAST_LONG x[16]; - CAST_LONG z[16]; - CAST_LONG k[32]; - CAST_LONG X[4],Z[4]; - CAST_LONG l,*K; - int i; - - for (i=0; i<16; i++) x[i]=0; - if (len > 16) len=16; - for (i=0; ishort_key=1; - else - key->short_key=0; - - K= &k[0]; - X[0]=((x[ 0]<<24)|(x[ 1]<<16)|(x[ 2]<<8)|x[ 3])&0xffffffffL; - X[1]=((x[ 4]<<24)|(x[ 5]<<16)|(x[ 6]<<8)|x[ 7])&0xffffffffL; - X[2]=((x[ 8]<<24)|(x[ 9]<<16)|(x[10]<<8)|x[11])&0xffffffffL; - X[3]=((x[12]<<24)|(x[13]<<16)|(x[14]<<8)|x[15])&0xffffffffL; - - for (;;) - { - l=X[0]^S4[x[13]]^S5[x[15]]^S6[x[12]]^S7[x[14]]^S6[x[ 8]]; - CAST_exp(l,Z,z, 0); - l=X[2]^S4[z[ 0]]^S5[z[ 2]]^S6[z[ 1]]^S7[z[ 3]]^S7[x[10]]; - CAST_exp(l,Z,z, 4); - l=X[3]^S4[z[ 7]]^S5[z[ 6]]^S6[z[ 5]]^S7[z[ 4]]^S4[x[ 9]]; - CAST_exp(l,Z,z, 8); - l=X[1]^S4[z[10]]^S5[z[ 9]]^S6[z[11]]^S7[z[ 8]]^S5[x[11]]; - CAST_exp(l,Z,z,12); - - K[ 0]= S4[z[ 8]]^S5[z[ 9]]^S6[z[ 7]]^S7[z[ 6]]^S4[z[ 2]]; - K[ 1]= S4[z[10]]^S5[z[11]]^S6[z[ 5]]^S7[z[ 4]]^S5[z[ 6]]; - K[ 2]= S4[z[12]]^S5[z[13]]^S6[z[ 3]]^S7[z[ 2]]^S6[z[ 9]]; - K[ 3]= S4[z[14]]^S5[z[15]]^S6[z[ 1]]^S7[z[ 0]]^S7[z[12]]; - - l=Z[2]^S4[z[ 5]]^S5[z[ 7]]^S6[z[ 4]]^S7[z[ 6]]^S6[z[ 0]]; - CAST_exp(l,X,x, 0); - l=Z[0]^S4[x[ 0]]^S5[x[ 2]]^S6[x[ 1]]^S7[x[ 3]]^S7[z[ 2]]; - CAST_exp(l,X,x, 4); - l=Z[1]^S4[x[ 7]]^S5[x[ 6]]^S6[x[ 5]]^S7[x[ 4]]^S4[z[ 1]]; - CAST_exp(l,X,x, 8); - l=Z[3]^S4[x[10]]^S5[x[ 9]]^S6[x[11]]^S7[x[ 8]]^S5[z[ 3]]; - CAST_exp(l,X,x,12); - - K[ 4]= S4[x[ 3]]^S5[x[ 2]]^S6[x[12]]^S7[x[13]]^S4[x[ 8]]; - K[ 5]= S4[x[ 1]]^S5[x[ 0]]^S6[x[14]]^S7[x[15]]^S5[x[13]]; - K[ 6]= S4[x[ 7]]^S5[x[ 6]]^S6[x[ 8]]^S7[x[ 9]]^S6[x[ 3]]; - K[ 7]= S4[x[ 5]]^S5[x[ 4]]^S6[x[10]]^S7[x[11]]^S7[x[ 7]]; - - l=X[0]^S4[x[13]]^S5[x[15]]^S6[x[12]]^S7[x[14]]^S6[x[ 8]]; - CAST_exp(l,Z,z, 0); - l=X[2]^S4[z[ 0]]^S5[z[ 2]]^S6[z[ 1]]^S7[z[ 3]]^S7[x[10]]; - CAST_exp(l,Z,z, 4); - l=X[3]^S4[z[ 7]]^S5[z[ 6]]^S6[z[ 5]]^S7[z[ 4]]^S4[x[ 9]]; - CAST_exp(l,Z,z, 8); - l=X[1]^S4[z[10]]^S5[z[ 9]]^S6[z[11]]^S7[z[ 8]]^S5[x[11]]; - CAST_exp(l,Z,z,12); - - K[ 8]= S4[z[ 3]]^S5[z[ 2]]^S6[z[12]]^S7[z[13]]^S4[z[ 9]]; - K[ 9]= S4[z[ 1]]^S5[z[ 0]]^S6[z[14]]^S7[z[15]]^S5[z[12]]; - K[10]= S4[z[ 7]]^S5[z[ 6]]^S6[z[ 8]]^S7[z[ 9]]^S6[z[ 2]]; - K[11]= S4[z[ 5]]^S5[z[ 4]]^S6[z[10]]^S7[z[11]]^S7[z[ 6]]; - - l=Z[2]^S4[z[ 5]]^S5[z[ 7]]^S6[z[ 4]]^S7[z[ 6]]^S6[z[ 0]]; - CAST_exp(l,X,x, 0); - l=Z[0]^S4[x[ 0]]^S5[x[ 2]]^S6[x[ 1]]^S7[x[ 3]]^S7[z[ 2]]; - CAST_exp(l,X,x, 4); - l=Z[1]^S4[x[ 7]]^S5[x[ 6]]^S6[x[ 5]]^S7[x[ 4]]^S4[z[ 1]]; - CAST_exp(l,X,x, 8); - l=Z[3]^S4[x[10]]^S5[x[ 9]]^S6[x[11]]^S7[x[ 8]]^S5[z[ 3]]; - CAST_exp(l,X,x,12); - - K[12]= S4[x[ 8]]^S5[x[ 9]]^S6[x[ 7]]^S7[x[ 6]]^S4[x[ 3]]; - K[13]= S4[x[10]]^S5[x[11]]^S6[x[ 5]]^S7[x[ 4]]^S5[x[ 7]]; - K[14]= S4[x[12]]^S5[x[13]]^S6[x[ 3]]^S7[x[ 2]]^S6[x[ 8]]; - K[15]= S4[x[14]]^S5[x[15]]^S6[x[ 1]]^S7[x[ 0]]^S7[x[13]]; - if (K != k) break; - K+=16; - } - - for (i=0; i<16; i++) - { - key->data[i*2]=k[i]; - key->data[i*2+1]=((k[i+16])+16)&0x1f; - } - } - diff --git a/src/lib/libcrypto/cast/cast.h b/src/lib/libcrypto/cast/cast.h deleted file mode 100644 index e24e133099..0000000000 --- a/src/lib/libcrypto/cast/cast.h +++ /dev/null @@ -1,103 +0,0 @@ -/* crypto/cast/cast.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_CAST_H -#define HEADER_CAST_H - -#ifdef __cplusplus -extern "C" { -#endif - -#ifdef NO_CAST -#error CAST is disabled. -#endif - -#define CAST_ENCRYPT 1 -#define CAST_DECRYPT 0 - -#define CAST_LONG unsigned long - -#define CAST_BLOCK 8 -#define CAST_KEY_LENGTH 16 - -typedef struct cast_key_st - { - CAST_LONG data[32]; - int short_key; /* Use reduced rounds for short key */ - } CAST_KEY; - - -void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data); -void CAST_ecb_encrypt(const unsigned char *in,unsigned char *out,CAST_KEY *key, - int enc); -void CAST_encrypt(CAST_LONG *data,CAST_KEY *key); -void CAST_decrypt(CAST_LONG *data,CAST_KEY *key); -void CAST_cbc_encrypt(const unsigned char *in, unsigned char *out, long length, - CAST_KEY *ks, unsigned char *iv, int enc); -void CAST_cfb64_encrypt(const unsigned char *in, unsigned char *out, - long length, CAST_KEY *schedule, unsigned char *ivec, - int *num, int enc); -void CAST_ofb64_encrypt(const unsigned char *in, unsigned char *out, - long length, CAST_KEY *schedule, unsigned char *ivec, - int *num); - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/src/lib/libcrypto/cast/cast_lcl.h b/src/lib/libcrypto/cast/cast_lcl.h deleted file mode 100644 index 5fab8a43f6..0000000000 --- a/src/lib/libcrypto/cast/cast_lcl.h +++ /dev/null @@ -1,226 +0,0 @@ -/* crypto/cast/cast_lcl.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifdef WIN32 -#include -#endif - - -#include "openssl/e_os.h" /* OPENSSL_EXTERN */ - -#undef c2l -#define c2l(c,l) (l =((unsigned long)(*((c)++))) , \ - l|=((unsigned long)(*((c)++)))<< 8L, \ - l|=((unsigned long)(*((c)++)))<<16L, \ - l|=((unsigned long)(*((c)++)))<<24L) - -/* NOTE - c is not incremented as per c2l */ -#undef c2ln -#define c2ln(c,l1,l2,n) { \ - c+=n; \ - l1=l2=0; \ - switch (n) { \ - case 8: l2 =((unsigned long)(*(--(c))))<<24L; \ - case 7: l2|=((unsigned long)(*(--(c))))<<16L; \ - case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \ - case 5: l2|=((unsigned long)(*(--(c)))); \ - case 4: l1 =((unsigned long)(*(--(c))))<<24L; \ - case 3: l1|=((unsigned long)(*(--(c))))<<16L; \ - case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \ - case 1: l1|=((unsigned long)(*(--(c)))); \ - } \ - } - -#undef l2c -#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \ - *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \ - *((c)++)=(unsigned char)(((l)>>16L)&0xff), \ - *((c)++)=(unsigned char)(((l)>>24L)&0xff)) - -/* NOTE - c is not incremented as per l2c */ -#undef l2cn -#define l2cn(l1,l2,c,n) { \ - c+=n; \ - switch (n) { \ - case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \ - case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \ - case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \ - case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \ - case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \ - case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \ - case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \ - case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \ - } \ - } - -/* NOTE - c is not incremented as per n2l */ -#define n2ln(c,l1,l2,n) { \ - c+=n; \ - l1=l2=0; \ - switch (n) { \ - case 8: l2 =((unsigned long)(*(--(c)))) ; \ - case 7: l2|=((unsigned long)(*(--(c))))<< 8; \ - case 6: l2|=((unsigned long)(*(--(c))))<<16; \ - case 5: l2|=((unsigned long)(*(--(c))))<<24; \ - case 4: l1 =((unsigned long)(*(--(c)))) ; \ - case 3: l1|=((unsigned long)(*(--(c))))<< 8; \ - case 2: l1|=((unsigned long)(*(--(c))))<<16; \ - case 1: l1|=((unsigned long)(*(--(c))))<<24; \ - } \ - } - -/* NOTE - c is not incremented as per l2n */ -#define l2nn(l1,l2,c,n) { \ - c+=n; \ - switch (n) { \ - case 8: *(--(c))=(unsigned char)(((l2) )&0xff); \ - case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \ - case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \ - case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \ - case 4: *(--(c))=(unsigned char)(((l1) )&0xff); \ - case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \ - case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \ - case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \ - } \ - } - -#undef n2l -#define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24L, \ - l|=((unsigned long)(*((c)++)))<<16L, \ - l|=((unsigned long)(*((c)++)))<< 8L, \ - l|=((unsigned long)(*((c)++)))) - -#undef l2n -#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \ - *((c)++)=(unsigned char)(((l)>>16L)&0xff), \ - *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \ - *((c)++)=(unsigned char)(((l) )&0xff)) - -#if defined(WIN32) && defined(_MSC_VER) -#define ROTL(a,n) (_lrotl(a,n)) -#else -#define ROTL(a,n) ((((a)<<(n))&0xffffffffL)|((a)>>(32-(n)))) -#endif - -#define C_M 0x3fc -#define C_0 22L -#define C_1 14L -#define C_2 6L -#define C_3 2L /* left shift */ - -/* The rotate has an extra 16 added to it to help the x86 asm */ -#if defined(CAST_PTR) -#define E_CAST(n,key,L,R,OP1,OP2,OP3) \ - { \ - int i; \ - t=(key[n*2] OP1 R)&0xffffffffL; \ - i=key[n*2+1]; \ - t=ROTL(t,i); \ - L^= (((((*(CAST_LONG *)((unsigned char *) \ - CAST_S_table0+((t>>C_2)&C_M)) OP2 \ - *(CAST_LONG *)((unsigned char *) \ - CAST_S_table1+((t<>C_0)&C_M)))&0xffffffffL) OP1 \ - *(CAST_LONG *)((unsigned char *) \ - CAST_S_table3+((t>>C_1)&C_M)))&0xffffffffL; \ - } -#elif defined(CAST_PTR2) -#define E_CAST(n,key,L,R,OP1,OP2,OP3) \ - { \ - int i; \ - CAST_LONG u,v,w; \ - w=(key[n*2] OP1 R)&0xffffffffL; \ - i=key[n*2+1]; \ - w=ROTL(w,i); \ - u=w>>C_2; \ - v=w<>C_0; \ - t=(t OP2 *(CAST_LONG *)((unsigned char *)CAST_S_table1+v))&0xffffffffL;\ - v=w>>C_1; \ - u&=C_M; \ - v&=C_M; \ - t=(t OP3 *(CAST_LONG *)((unsigned char *)CAST_S_table2+u)&0xffffffffL);\ - t=(t OP1 *(CAST_LONG *)((unsigned char *)CAST_S_table3+v)&0xffffffffL);\ - L^=(t&0xffffffff); \ - } -#else -#define E_CAST(n,key,L,R,OP1,OP2,OP3) \ - { \ - CAST_LONG a,b,c,d; \ - t=(key[n*2] OP1 R)&0xffffffff; \ - t=ROTL(t,(key[n*2+1])); \ - a=CAST_S_table0[(t>> 8)&0xff]; \ - b=CAST_S_table1[(t )&0xff]; \ - c=CAST_S_table2[(t>>24)&0xff]; \ - d=CAST_S_table3[(t>>16)&0xff]; \ - L^=(((((a OP2 b)&0xffffffffL) OP3 c)&0xffffffffL) OP1 d)&0xffffffffL; \ - } -#endif - -OPENSSL_EXTERN const CAST_LONG CAST_S_table0[256]; -OPENSSL_EXTERN const CAST_LONG CAST_S_table1[256]; -OPENSSL_EXTERN const CAST_LONG CAST_S_table2[256]; -OPENSSL_EXTERN const CAST_LONG CAST_S_table3[256]; -OPENSSL_EXTERN const CAST_LONG CAST_S_table4[256]; -OPENSSL_EXTERN const CAST_LONG CAST_S_table5[256]; -OPENSSL_EXTERN const CAST_LONG CAST_S_table6[256]; -OPENSSL_EXTERN const CAST_LONG CAST_S_table7[256]; diff --git a/src/lib/libcrypto/cast/cast_s.h b/src/lib/libcrypto/cast/cast_s.h deleted file mode 100644 index c483fd5e43..0000000000 --- a/src/lib/libcrypto/cast/cast_s.h +++ /dev/null @@ -1,585 +0,0 @@ -/* crypto/cast/cast_s.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -OPENSSL_GLOBAL const CAST_LONG CAST_S_table0[256]={ - 0x30fb40d4,0x9fa0ff0b,0x6beccd2f,0x3f258c7a, - 0x1e213f2f,0x9c004dd3,0x6003e540,0xcf9fc949, - 0xbfd4af27,0x88bbbdb5,0xe2034090,0x98d09675, - 0x6e63a0e0,0x15c361d2,0xc2e7661d,0x22d4ff8e, - 0x28683b6f,0xc07fd059,0xff2379c8,0x775f50e2, - 0x43c340d3,0xdf2f8656,0x887ca41a,0xa2d2bd2d, - 0xa1c9e0d6,0x346c4819,0x61b76d87,0x22540f2f, - 0x2abe32e1,0xaa54166b,0x22568e3a,0xa2d341d0, - 0x66db40c8,0xa784392f,0x004dff2f,0x2db9d2de, - 0x97943fac,0x4a97c1d8,0x527644b7,0xb5f437a7, - 0xb82cbaef,0xd751d159,0x6ff7f0ed,0x5a097a1f, - 0x827b68d0,0x90ecf52e,0x22b0c054,0xbc8e5935, - 0x4b6d2f7f,0x50bb64a2,0xd2664910,0xbee5812d, - 0xb7332290,0xe93b159f,0xb48ee411,0x4bff345d, - 0xfd45c240,0xad31973f,0xc4f6d02e,0x55fc8165, - 0xd5b1caad,0xa1ac2dae,0xa2d4b76d,0xc19b0c50, - 0x882240f2,0x0c6e4f38,0xa4e4bfd7,0x4f5ba272, - 0x564c1d2f,0xc59c5319,0xb949e354,0xb04669fe, - 0xb1b6ab8a,0xc71358dd,0x6385c545,0x110f935d, - 0x57538ad5,0x6a390493,0xe63d37e0,0x2a54f6b3, - 0x3a787d5f,0x6276a0b5,0x19a6fcdf,0x7a42206a, - 0x29f9d4d5,0xf61b1891,0xbb72275e,0xaa508167, - 0x38901091,0xc6b505eb,0x84c7cb8c,0x2ad75a0f, - 0x874a1427,0xa2d1936b,0x2ad286af,0xaa56d291, - 0xd7894360,0x425c750d,0x93b39e26,0x187184c9, - 0x6c00b32d,0x73e2bb14,0xa0bebc3c,0x54623779, - 0x64459eab,0x3f328b82,0x7718cf82,0x59a2cea6, - 0x04ee002e,0x89fe78e6,0x3fab0950,0x325ff6c2, - 0x81383f05,0x6963c5c8,0x76cb5ad6,0xd49974c9, - 0xca180dcf,0x380782d5,0xc7fa5cf6,0x8ac31511, - 0x35e79e13,0x47da91d0,0xf40f9086,0xa7e2419e, - 0x31366241,0x051ef495,0xaa573b04,0x4a805d8d, - 0x548300d0,0x00322a3c,0xbf64cddf,0xba57a68e, - 0x75c6372b,0x50afd341,0xa7c13275,0x915a0bf5, - 0x6b54bfab,0x2b0b1426,0xab4cc9d7,0x449ccd82, - 0xf7fbf265,0xab85c5f3,0x1b55db94,0xaad4e324, - 0xcfa4bd3f,0x2deaa3e2,0x9e204d02,0xc8bd25ac, - 0xeadf55b3,0xd5bd9e98,0xe31231b2,0x2ad5ad6c, - 0x954329de,0xadbe4528,0xd8710f69,0xaa51c90f, - 0xaa786bf6,0x22513f1e,0xaa51a79b,0x2ad344cc, - 0x7b5a41f0,0xd37cfbad,0x1b069505,0x41ece491, - 0xb4c332e6,0x032268d4,0xc9600acc,0xce387e6d, - 0xbf6bb16c,0x6a70fb78,0x0d03d9c9,0xd4df39de, - 0xe01063da,0x4736f464,0x5ad328d8,0xb347cc96, - 0x75bb0fc3,0x98511bfb,0x4ffbcc35,0xb58bcf6a, - 0xe11f0abc,0xbfc5fe4a,0xa70aec10,0xac39570a, - 0x3f04442f,0x6188b153,0xe0397a2e,0x5727cb79, - 0x9ceb418f,0x1cacd68d,0x2ad37c96,0x0175cb9d, - 0xc69dff09,0xc75b65f0,0xd9db40d8,0xec0e7779, - 0x4744ead4,0xb11c3274,0xdd24cb9e,0x7e1c54bd, - 0xf01144f9,0xd2240eb1,0x9675b3fd,0xa3ac3755, - 0xd47c27af,0x51c85f4d,0x56907596,0xa5bb15e6, - 0x580304f0,0xca042cf1,0x011a37ea,0x8dbfaadb, - 0x35ba3e4a,0x3526ffa0,0xc37b4d09,0xbc306ed9, - 0x98a52666,0x5648f725,0xff5e569d,0x0ced63d0, - 0x7c63b2cf,0x700b45e1,0xd5ea50f1,0x85a92872, - 0xaf1fbda7,0xd4234870,0xa7870bf3,0x2d3b4d79, - 0x42e04198,0x0cd0ede7,0x26470db8,0xf881814c, - 0x474d6ad7,0x7c0c5e5c,0xd1231959,0x381b7298, - 0xf5d2f4db,0xab838653,0x6e2f1e23,0x83719c9e, - 0xbd91e046,0x9a56456e,0xdc39200c,0x20c8c571, - 0x962bda1c,0xe1e696ff,0xb141ab08,0x7cca89b9, - 0x1a69e783,0x02cc4843,0xa2f7c579,0x429ef47d, - 0x427b169c,0x5ac9f049,0xdd8f0f00,0x5c8165bf, - }; -OPENSSL_GLOBAL const CAST_LONG CAST_S_table1[256]={ - 0x1f201094,0xef0ba75b,0x69e3cf7e,0x393f4380, - 0xfe61cf7a,0xeec5207a,0x55889c94,0x72fc0651, - 0xada7ef79,0x4e1d7235,0xd55a63ce,0xde0436ba, - 0x99c430ef,0x5f0c0794,0x18dcdb7d,0xa1d6eff3, - 0xa0b52f7b,0x59e83605,0xee15b094,0xe9ffd909, - 0xdc440086,0xef944459,0xba83ccb3,0xe0c3cdfb, - 0xd1da4181,0x3b092ab1,0xf997f1c1,0xa5e6cf7b, - 0x01420ddb,0xe4e7ef5b,0x25a1ff41,0xe180f806, - 0x1fc41080,0x179bee7a,0xd37ac6a9,0xfe5830a4, - 0x98de8b7f,0x77e83f4e,0x79929269,0x24fa9f7b, - 0xe113c85b,0xacc40083,0xd7503525,0xf7ea615f, - 0x62143154,0x0d554b63,0x5d681121,0xc866c359, - 0x3d63cf73,0xcee234c0,0xd4d87e87,0x5c672b21, - 0x071f6181,0x39f7627f,0x361e3084,0xe4eb573b, - 0x602f64a4,0xd63acd9c,0x1bbc4635,0x9e81032d, - 0x2701f50c,0x99847ab4,0xa0e3df79,0xba6cf38c, - 0x10843094,0x2537a95e,0xf46f6ffe,0xa1ff3b1f, - 0x208cfb6a,0x8f458c74,0xd9e0a227,0x4ec73a34, - 0xfc884f69,0x3e4de8df,0xef0e0088,0x3559648d, - 0x8a45388c,0x1d804366,0x721d9bfd,0xa58684bb, - 0xe8256333,0x844e8212,0x128d8098,0xfed33fb4, - 0xce280ae1,0x27e19ba5,0xd5a6c252,0xe49754bd, - 0xc5d655dd,0xeb667064,0x77840b4d,0xa1b6a801, - 0x84db26a9,0xe0b56714,0x21f043b7,0xe5d05860, - 0x54f03084,0x066ff472,0xa31aa153,0xdadc4755, - 0xb5625dbf,0x68561be6,0x83ca6b94,0x2d6ed23b, - 0xeccf01db,0xa6d3d0ba,0xb6803d5c,0xaf77a709, - 0x33b4a34c,0x397bc8d6,0x5ee22b95,0x5f0e5304, - 0x81ed6f61,0x20e74364,0xb45e1378,0xde18639b, - 0x881ca122,0xb96726d1,0x8049a7e8,0x22b7da7b, - 0x5e552d25,0x5272d237,0x79d2951c,0xc60d894c, - 0x488cb402,0x1ba4fe5b,0xa4b09f6b,0x1ca815cf, - 0xa20c3005,0x8871df63,0xb9de2fcb,0x0cc6c9e9, - 0x0beeff53,0xe3214517,0xb4542835,0x9f63293c, - 0xee41e729,0x6e1d2d7c,0x50045286,0x1e6685f3, - 0xf33401c6,0x30a22c95,0x31a70850,0x60930f13, - 0x73f98417,0xa1269859,0xec645c44,0x52c877a9, - 0xcdff33a6,0xa02b1741,0x7cbad9a2,0x2180036f, - 0x50d99c08,0xcb3f4861,0xc26bd765,0x64a3f6ab, - 0x80342676,0x25a75e7b,0xe4e6d1fc,0x20c710e6, - 0xcdf0b680,0x17844d3b,0x31eef84d,0x7e0824e4, - 0x2ccb49eb,0x846a3bae,0x8ff77888,0xee5d60f6, - 0x7af75673,0x2fdd5cdb,0xa11631c1,0x30f66f43, - 0xb3faec54,0x157fd7fa,0xef8579cc,0xd152de58, - 0xdb2ffd5e,0x8f32ce19,0x306af97a,0x02f03ef8, - 0x99319ad5,0xc242fa0f,0xa7e3ebb0,0xc68e4906, - 0xb8da230c,0x80823028,0xdcdef3c8,0xd35fb171, - 0x088a1bc8,0xbec0c560,0x61a3c9e8,0xbca8f54d, - 0xc72feffa,0x22822e99,0x82c570b4,0xd8d94e89, - 0x8b1c34bc,0x301e16e6,0x273be979,0xb0ffeaa6, - 0x61d9b8c6,0x00b24869,0xb7ffce3f,0x08dc283b, - 0x43daf65a,0xf7e19798,0x7619b72f,0x8f1c9ba4, - 0xdc8637a0,0x16a7d3b1,0x9fc393b7,0xa7136eeb, - 0xc6bcc63e,0x1a513742,0xef6828bc,0x520365d6, - 0x2d6a77ab,0x3527ed4b,0x821fd216,0x095c6e2e, - 0xdb92f2fb,0x5eea29cb,0x145892f5,0x91584f7f, - 0x5483697b,0x2667a8cc,0x85196048,0x8c4bacea, - 0x833860d4,0x0d23e0f9,0x6c387e8a,0x0ae6d249, - 0xb284600c,0xd835731d,0xdcb1c647,0xac4c56ea, - 0x3ebd81b3,0x230eabb0,0x6438bc87,0xf0b5b1fa, - 0x8f5ea2b3,0xfc184642,0x0a036b7a,0x4fb089bd, - 0x649da589,0xa345415e,0x5c038323,0x3e5d3bb9, - 0x43d79572,0x7e6dd07c,0x06dfdf1e,0x6c6cc4ef, - 0x7160a539,0x73bfbe70,0x83877605,0x4523ecf1, - }; -OPENSSL_GLOBAL const CAST_LONG CAST_S_table2[256]={ - 0x8defc240,0x25fa5d9f,0xeb903dbf,0xe810c907, - 0x47607fff,0x369fe44b,0x8c1fc644,0xaececa90, - 0xbeb1f9bf,0xeefbcaea,0xe8cf1950,0x51df07ae, - 0x920e8806,0xf0ad0548,0xe13c8d83,0x927010d5, - 0x11107d9f,0x07647db9,0xb2e3e4d4,0x3d4f285e, - 0xb9afa820,0xfade82e0,0xa067268b,0x8272792e, - 0x553fb2c0,0x489ae22b,0xd4ef9794,0x125e3fbc, - 0x21fffcee,0x825b1bfd,0x9255c5ed,0x1257a240, - 0x4e1a8302,0xbae07fff,0x528246e7,0x8e57140e, - 0x3373f7bf,0x8c9f8188,0xa6fc4ee8,0xc982b5a5, - 0xa8c01db7,0x579fc264,0x67094f31,0xf2bd3f5f, - 0x40fff7c1,0x1fb78dfc,0x8e6bd2c1,0x437be59b, - 0x99b03dbf,0xb5dbc64b,0x638dc0e6,0x55819d99, - 0xa197c81c,0x4a012d6e,0xc5884a28,0xccc36f71, - 0xb843c213,0x6c0743f1,0x8309893c,0x0feddd5f, - 0x2f7fe850,0xd7c07f7e,0x02507fbf,0x5afb9a04, - 0xa747d2d0,0x1651192e,0xaf70bf3e,0x58c31380, - 0x5f98302e,0x727cc3c4,0x0a0fb402,0x0f7fef82, - 0x8c96fdad,0x5d2c2aae,0x8ee99a49,0x50da88b8, - 0x8427f4a0,0x1eac5790,0x796fb449,0x8252dc15, - 0xefbd7d9b,0xa672597d,0xada840d8,0x45f54504, - 0xfa5d7403,0xe83ec305,0x4f91751a,0x925669c2, - 0x23efe941,0xa903f12e,0x60270df2,0x0276e4b6, - 0x94fd6574,0x927985b2,0x8276dbcb,0x02778176, - 0xf8af918d,0x4e48f79e,0x8f616ddf,0xe29d840e, - 0x842f7d83,0x340ce5c8,0x96bbb682,0x93b4b148, - 0xef303cab,0x984faf28,0x779faf9b,0x92dc560d, - 0x224d1e20,0x8437aa88,0x7d29dc96,0x2756d3dc, - 0x8b907cee,0xb51fd240,0xe7c07ce3,0xe566b4a1, - 0xc3e9615e,0x3cf8209d,0x6094d1e3,0xcd9ca341, - 0x5c76460e,0x00ea983b,0xd4d67881,0xfd47572c, - 0xf76cedd9,0xbda8229c,0x127dadaa,0x438a074e, - 0x1f97c090,0x081bdb8a,0x93a07ebe,0xb938ca15, - 0x97b03cff,0x3dc2c0f8,0x8d1ab2ec,0x64380e51, - 0x68cc7bfb,0xd90f2788,0x12490181,0x5de5ffd4, - 0xdd7ef86a,0x76a2e214,0xb9a40368,0x925d958f, - 0x4b39fffa,0xba39aee9,0xa4ffd30b,0xfaf7933b, - 0x6d498623,0x193cbcfa,0x27627545,0x825cf47a, - 0x61bd8ba0,0xd11e42d1,0xcead04f4,0x127ea392, - 0x10428db7,0x8272a972,0x9270c4a8,0x127de50b, - 0x285ba1c8,0x3c62f44f,0x35c0eaa5,0xe805d231, - 0x428929fb,0xb4fcdf82,0x4fb66a53,0x0e7dc15b, - 0x1f081fab,0x108618ae,0xfcfd086d,0xf9ff2889, - 0x694bcc11,0x236a5cae,0x12deca4d,0x2c3f8cc5, - 0xd2d02dfe,0xf8ef5896,0xe4cf52da,0x95155b67, - 0x494a488c,0xb9b6a80c,0x5c8f82bc,0x89d36b45, - 0x3a609437,0xec00c9a9,0x44715253,0x0a874b49, - 0xd773bc40,0x7c34671c,0x02717ef6,0x4feb5536, - 0xa2d02fff,0xd2bf60c4,0xd43f03c0,0x50b4ef6d, - 0x07478cd1,0x006e1888,0xa2e53f55,0xb9e6d4bc, - 0xa2048016,0x97573833,0xd7207d67,0xde0f8f3d, - 0x72f87b33,0xabcc4f33,0x7688c55d,0x7b00a6b0, - 0x947b0001,0x570075d2,0xf9bb88f8,0x8942019e, - 0x4264a5ff,0x856302e0,0x72dbd92b,0xee971b69, - 0x6ea22fde,0x5f08ae2b,0xaf7a616d,0xe5c98767, - 0xcf1febd2,0x61efc8c2,0xf1ac2571,0xcc8239c2, - 0x67214cb8,0xb1e583d1,0xb7dc3e62,0x7f10bdce, - 0xf90a5c38,0x0ff0443d,0x606e6dc6,0x60543a49, - 0x5727c148,0x2be98a1d,0x8ab41738,0x20e1be24, - 0xaf96da0f,0x68458425,0x99833be5,0x600d457d, - 0x282f9350,0x8334b362,0xd91d1120,0x2b6d8da0, - 0x642b1e31,0x9c305a00,0x52bce688,0x1b03588a, - 0xf7baefd5,0x4142ed9c,0xa4315c11,0x83323ec5, - 0xdfef4636,0xa133c501,0xe9d3531c,0xee353783, - }; -OPENSSL_GLOBAL const CAST_LONG CAST_S_table3[256]={ - 0x9db30420,0x1fb6e9de,0xa7be7bef,0xd273a298, - 0x4a4f7bdb,0x64ad8c57,0x85510443,0xfa020ed1, - 0x7e287aff,0xe60fb663,0x095f35a1,0x79ebf120, - 0xfd059d43,0x6497b7b1,0xf3641f63,0x241e4adf, - 0x28147f5f,0x4fa2b8cd,0xc9430040,0x0cc32220, - 0xfdd30b30,0xc0a5374f,0x1d2d00d9,0x24147b15, - 0xee4d111a,0x0fca5167,0x71ff904c,0x2d195ffe, - 0x1a05645f,0x0c13fefe,0x081b08ca,0x05170121, - 0x80530100,0xe83e5efe,0xac9af4f8,0x7fe72701, - 0xd2b8ee5f,0x06df4261,0xbb9e9b8a,0x7293ea25, - 0xce84ffdf,0xf5718801,0x3dd64b04,0xa26f263b, - 0x7ed48400,0x547eebe6,0x446d4ca0,0x6cf3d6f5, - 0x2649abdf,0xaea0c7f5,0x36338cc1,0x503f7e93, - 0xd3772061,0x11b638e1,0x72500e03,0xf80eb2bb, - 0xabe0502e,0xec8d77de,0x57971e81,0xe14f6746, - 0xc9335400,0x6920318f,0x081dbb99,0xffc304a5, - 0x4d351805,0x7f3d5ce3,0xa6c866c6,0x5d5bcca9, - 0xdaec6fea,0x9f926f91,0x9f46222f,0x3991467d, - 0xa5bf6d8e,0x1143c44f,0x43958302,0xd0214eeb, - 0x022083b8,0x3fb6180c,0x18f8931e,0x281658e6, - 0x26486e3e,0x8bd78a70,0x7477e4c1,0xb506e07c, - 0xf32d0a25,0x79098b02,0xe4eabb81,0x28123b23, - 0x69dead38,0x1574ca16,0xdf871b62,0x211c40b7, - 0xa51a9ef9,0x0014377b,0x041e8ac8,0x09114003, - 0xbd59e4d2,0xe3d156d5,0x4fe876d5,0x2f91a340, - 0x557be8de,0x00eae4a7,0x0ce5c2ec,0x4db4bba6, - 0xe756bdff,0xdd3369ac,0xec17b035,0x06572327, - 0x99afc8b0,0x56c8c391,0x6b65811c,0x5e146119, - 0x6e85cb75,0xbe07c002,0xc2325577,0x893ff4ec, - 0x5bbfc92d,0xd0ec3b25,0xb7801ab7,0x8d6d3b24, - 0x20c763ef,0xc366a5fc,0x9c382880,0x0ace3205, - 0xaac9548a,0xeca1d7c7,0x041afa32,0x1d16625a, - 0x6701902c,0x9b757a54,0x31d477f7,0x9126b031, - 0x36cc6fdb,0xc70b8b46,0xd9e66a48,0x56e55a79, - 0x026a4ceb,0x52437eff,0x2f8f76b4,0x0df980a5, - 0x8674cde3,0xedda04eb,0x17a9be04,0x2c18f4df, - 0xb7747f9d,0xab2af7b4,0xefc34d20,0x2e096b7c, - 0x1741a254,0xe5b6a035,0x213d42f6,0x2c1c7c26, - 0x61c2f50f,0x6552daf9,0xd2c231f8,0x25130f69, - 0xd8167fa2,0x0418f2c8,0x001a96a6,0x0d1526ab, - 0x63315c21,0x5e0a72ec,0x49bafefd,0x187908d9, - 0x8d0dbd86,0x311170a7,0x3e9b640c,0xcc3e10d7, - 0xd5cad3b6,0x0caec388,0xf73001e1,0x6c728aff, - 0x71eae2a1,0x1f9af36e,0xcfcbd12f,0xc1de8417, - 0xac07be6b,0xcb44a1d8,0x8b9b0f56,0x013988c3, - 0xb1c52fca,0xb4be31cd,0xd8782806,0x12a3a4e2, - 0x6f7de532,0x58fd7eb6,0xd01ee900,0x24adffc2, - 0xf4990fc5,0x9711aac5,0x001d7b95,0x82e5e7d2, - 0x109873f6,0x00613096,0xc32d9521,0xada121ff, - 0x29908415,0x7fbb977f,0xaf9eb3db,0x29c9ed2a, - 0x5ce2a465,0xa730f32c,0xd0aa3fe8,0x8a5cc091, - 0xd49e2ce7,0x0ce454a9,0xd60acd86,0x015f1919, - 0x77079103,0xdea03af6,0x78a8565e,0xdee356df, - 0x21f05cbe,0x8b75e387,0xb3c50651,0xb8a5c3ef, - 0xd8eeb6d2,0xe523be77,0xc2154529,0x2f69efdf, - 0xafe67afb,0xf470c4b2,0xf3e0eb5b,0xd6cc9876, - 0x39e4460c,0x1fda8538,0x1987832f,0xca007367, - 0xa99144f8,0x296b299e,0x492fc295,0x9266beab, - 0xb5676e69,0x9bd3ddda,0xdf7e052f,0xdb25701c, - 0x1b5e51ee,0xf65324e6,0x6afce36c,0x0316cc04, - 0x8644213e,0xb7dc59d0,0x7965291f,0xccd6fd43, - 0x41823979,0x932bcdf6,0xb657c34d,0x4edfd282, - 0x7ae5290c,0x3cb9536b,0x851e20fe,0x9833557e, - 0x13ecf0b0,0xd3ffb372,0x3f85c5c1,0x0aef7ed2, - }; -OPENSSL_GLOBAL const CAST_LONG CAST_S_table4[256]={ - 0x7ec90c04,0x2c6e74b9,0x9b0e66df,0xa6337911, - 0xb86a7fff,0x1dd358f5,0x44dd9d44,0x1731167f, - 0x08fbf1fa,0xe7f511cc,0xd2051b00,0x735aba00, - 0x2ab722d8,0x386381cb,0xacf6243a,0x69befd7a, - 0xe6a2e77f,0xf0c720cd,0xc4494816,0xccf5c180, - 0x38851640,0x15b0a848,0xe68b18cb,0x4caadeff, - 0x5f480a01,0x0412b2aa,0x259814fc,0x41d0efe2, - 0x4e40b48d,0x248eb6fb,0x8dba1cfe,0x41a99b02, - 0x1a550a04,0xba8f65cb,0x7251f4e7,0x95a51725, - 0xc106ecd7,0x97a5980a,0xc539b9aa,0x4d79fe6a, - 0xf2f3f763,0x68af8040,0xed0c9e56,0x11b4958b, - 0xe1eb5a88,0x8709e6b0,0xd7e07156,0x4e29fea7, - 0x6366e52d,0x02d1c000,0xc4ac8e05,0x9377f571, - 0x0c05372a,0x578535f2,0x2261be02,0xd642a0c9, - 0xdf13a280,0x74b55bd2,0x682199c0,0xd421e5ec, - 0x53fb3ce8,0xc8adedb3,0x28a87fc9,0x3d959981, - 0x5c1ff900,0xfe38d399,0x0c4eff0b,0x062407ea, - 0xaa2f4fb1,0x4fb96976,0x90c79505,0xb0a8a774, - 0xef55a1ff,0xe59ca2c2,0xa6b62d27,0xe66a4263, - 0xdf65001f,0x0ec50966,0xdfdd55bc,0x29de0655, - 0x911e739a,0x17af8975,0x32c7911c,0x89f89468, - 0x0d01e980,0x524755f4,0x03b63cc9,0x0cc844b2, - 0xbcf3f0aa,0x87ac36e9,0xe53a7426,0x01b3d82b, - 0x1a9e7449,0x64ee2d7e,0xcddbb1da,0x01c94910, - 0xb868bf80,0x0d26f3fd,0x9342ede7,0x04a5c284, - 0x636737b6,0x50f5b616,0xf24766e3,0x8eca36c1, - 0x136e05db,0xfef18391,0xfb887a37,0xd6e7f7d4, - 0xc7fb7dc9,0x3063fcdf,0xb6f589de,0xec2941da, - 0x26e46695,0xb7566419,0xf654efc5,0xd08d58b7, - 0x48925401,0xc1bacb7f,0xe5ff550f,0xb6083049, - 0x5bb5d0e8,0x87d72e5a,0xab6a6ee1,0x223a66ce, - 0xc62bf3cd,0x9e0885f9,0x68cb3e47,0x086c010f, - 0xa21de820,0xd18b69de,0xf3f65777,0xfa02c3f6, - 0x407edac3,0xcbb3d550,0x1793084d,0xb0d70eba, - 0x0ab378d5,0xd951fb0c,0xded7da56,0x4124bbe4, - 0x94ca0b56,0x0f5755d1,0xe0e1e56e,0x6184b5be, - 0x580a249f,0x94f74bc0,0xe327888e,0x9f7b5561, - 0xc3dc0280,0x05687715,0x646c6bd7,0x44904db3, - 0x66b4f0a3,0xc0f1648a,0x697ed5af,0x49e92ff6, - 0x309e374f,0x2cb6356a,0x85808573,0x4991f840, - 0x76f0ae02,0x083be84d,0x28421c9a,0x44489406, - 0x736e4cb8,0xc1092910,0x8bc95fc6,0x7d869cf4, - 0x134f616f,0x2e77118d,0xb31b2be1,0xaa90b472, - 0x3ca5d717,0x7d161bba,0x9cad9010,0xaf462ba2, - 0x9fe459d2,0x45d34559,0xd9f2da13,0xdbc65487, - 0xf3e4f94e,0x176d486f,0x097c13ea,0x631da5c7, - 0x445f7382,0x175683f4,0xcdc66a97,0x70be0288, - 0xb3cdcf72,0x6e5dd2f3,0x20936079,0x459b80a5, - 0xbe60e2db,0xa9c23101,0xeba5315c,0x224e42f2, - 0x1c5c1572,0xf6721b2c,0x1ad2fff3,0x8c25404e, - 0x324ed72f,0x4067b7fd,0x0523138e,0x5ca3bc78, - 0xdc0fd66e,0x75922283,0x784d6b17,0x58ebb16e, - 0x44094f85,0x3f481d87,0xfcfeae7b,0x77b5ff76, - 0x8c2302bf,0xaaf47556,0x5f46b02a,0x2b092801, - 0x3d38f5f7,0x0ca81f36,0x52af4a8a,0x66d5e7c0, - 0xdf3b0874,0x95055110,0x1b5ad7a8,0xf61ed5ad, - 0x6cf6e479,0x20758184,0xd0cefa65,0x88f7be58, - 0x4a046826,0x0ff6f8f3,0xa09c7f70,0x5346aba0, - 0x5ce96c28,0xe176eda3,0x6bac307f,0x376829d2, - 0x85360fa9,0x17e3fe2a,0x24b79767,0xf5a96b20, - 0xd6cd2595,0x68ff1ebf,0x7555442c,0xf19f06be, - 0xf9e0659a,0xeeb9491d,0x34010718,0xbb30cab8, - 0xe822fe15,0x88570983,0x750e6249,0xda627e55, - 0x5e76ffa8,0xb1534546,0x6d47de08,0xefe9e7d4, - }; -OPENSSL_GLOBAL const CAST_LONG CAST_S_table5[256]={ - 0xf6fa8f9d,0x2cac6ce1,0x4ca34867,0xe2337f7c, - 0x95db08e7,0x016843b4,0xeced5cbc,0x325553ac, - 0xbf9f0960,0xdfa1e2ed,0x83f0579d,0x63ed86b9, - 0x1ab6a6b8,0xde5ebe39,0xf38ff732,0x8989b138, - 0x33f14961,0xc01937bd,0xf506c6da,0xe4625e7e, - 0xa308ea99,0x4e23e33c,0x79cbd7cc,0x48a14367, - 0xa3149619,0xfec94bd5,0xa114174a,0xeaa01866, - 0xa084db2d,0x09a8486f,0xa888614a,0x2900af98, - 0x01665991,0xe1992863,0xc8f30c60,0x2e78ef3c, - 0xd0d51932,0xcf0fec14,0xf7ca07d2,0xd0a82072, - 0xfd41197e,0x9305a6b0,0xe86be3da,0x74bed3cd, - 0x372da53c,0x4c7f4448,0xdab5d440,0x6dba0ec3, - 0x083919a7,0x9fbaeed9,0x49dbcfb0,0x4e670c53, - 0x5c3d9c01,0x64bdb941,0x2c0e636a,0xba7dd9cd, - 0xea6f7388,0xe70bc762,0x35f29adb,0x5c4cdd8d, - 0xf0d48d8c,0xb88153e2,0x08a19866,0x1ae2eac8, - 0x284caf89,0xaa928223,0x9334be53,0x3b3a21bf, - 0x16434be3,0x9aea3906,0xefe8c36e,0xf890cdd9, - 0x80226dae,0xc340a4a3,0xdf7e9c09,0xa694a807, - 0x5b7c5ecc,0x221db3a6,0x9a69a02f,0x68818a54, - 0xceb2296f,0x53c0843a,0xfe893655,0x25bfe68a, - 0xb4628abc,0xcf222ebf,0x25ac6f48,0xa9a99387, - 0x53bddb65,0xe76ffbe7,0xe967fd78,0x0ba93563, - 0x8e342bc1,0xe8a11be9,0x4980740d,0xc8087dfc, - 0x8de4bf99,0xa11101a0,0x7fd37975,0xda5a26c0, - 0xe81f994f,0x9528cd89,0xfd339fed,0xb87834bf, - 0x5f04456d,0x22258698,0xc9c4c83b,0x2dc156be, - 0x4f628daa,0x57f55ec5,0xe2220abe,0xd2916ebf, - 0x4ec75b95,0x24f2c3c0,0x42d15d99,0xcd0d7fa0, - 0x7b6e27ff,0xa8dc8af0,0x7345c106,0xf41e232f, - 0x35162386,0xe6ea8926,0x3333b094,0x157ec6f2, - 0x372b74af,0x692573e4,0xe9a9d848,0xf3160289, - 0x3a62ef1d,0xa787e238,0xf3a5f676,0x74364853, - 0x20951063,0x4576698d,0xb6fad407,0x592af950, - 0x36f73523,0x4cfb6e87,0x7da4cec0,0x6c152daa, - 0xcb0396a8,0xc50dfe5d,0xfcd707ab,0x0921c42f, - 0x89dff0bb,0x5fe2be78,0x448f4f33,0x754613c9, - 0x2b05d08d,0x48b9d585,0xdc049441,0xc8098f9b, - 0x7dede786,0xc39a3373,0x42410005,0x6a091751, - 0x0ef3c8a6,0x890072d6,0x28207682,0xa9a9f7be, - 0xbf32679d,0xd45b5b75,0xb353fd00,0xcbb0e358, - 0x830f220a,0x1f8fb214,0xd372cf08,0xcc3c4a13, - 0x8cf63166,0x061c87be,0x88c98f88,0x6062e397, - 0x47cf8e7a,0xb6c85283,0x3cc2acfb,0x3fc06976, - 0x4e8f0252,0x64d8314d,0xda3870e3,0x1e665459, - 0xc10908f0,0x513021a5,0x6c5b68b7,0x822f8aa0, - 0x3007cd3e,0x74719eef,0xdc872681,0x073340d4, - 0x7e432fd9,0x0c5ec241,0x8809286c,0xf592d891, - 0x08a930f6,0x957ef305,0xb7fbffbd,0xc266e96f, - 0x6fe4ac98,0xb173ecc0,0xbc60b42a,0x953498da, - 0xfba1ae12,0x2d4bd736,0x0f25faab,0xa4f3fceb, - 0xe2969123,0x257f0c3d,0x9348af49,0x361400bc, - 0xe8816f4a,0x3814f200,0xa3f94043,0x9c7a54c2, - 0xbc704f57,0xda41e7f9,0xc25ad33a,0x54f4a084, - 0xb17f5505,0x59357cbe,0xedbd15c8,0x7f97c5ab, - 0xba5ac7b5,0xb6f6deaf,0x3a479c3a,0x5302da25, - 0x653d7e6a,0x54268d49,0x51a477ea,0x5017d55b, - 0xd7d25d88,0x44136c76,0x0404a8c8,0xb8e5a121, - 0xb81a928a,0x60ed5869,0x97c55b96,0xeaec991b, - 0x29935913,0x01fdb7f1,0x088e8dfa,0x9ab6f6f5, - 0x3b4cbf9f,0x4a5de3ab,0xe6051d35,0xa0e1d855, - 0xd36b4cf1,0xf544edeb,0xb0e93524,0xbebb8fbd, - 0xa2d762cf,0x49c92f54,0x38b5f331,0x7128a454, - 0x48392905,0xa65b1db8,0x851c97bd,0xd675cf2f, - }; -OPENSSL_GLOBAL const CAST_LONG CAST_S_table6[256]={ - 0x85e04019,0x332bf567,0x662dbfff,0xcfc65693, - 0x2a8d7f6f,0xab9bc912,0xde6008a1,0x2028da1f, - 0x0227bce7,0x4d642916,0x18fac300,0x50f18b82, - 0x2cb2cb11,0xb232e75c,0x4b3695f2,0xb28707de, - 0xa05fbcf6,0xcd4181e9,0xe150210c,0xe24ef1bd, - 0xb168c381,0xfde4e789,0x5c79b0d8,0x1e8bfd43, - 0x4d495001,0x38be4341,0x913cee1d,0x92a79c3f, - 0x089766be,0xbaeeadf4,0x1286becf,0xb6eacb19, - 0x2660c200,0x7565bde4,0x64241f7a,0x8248dca9, - 0xc3b3ad66,0x28136086,0x0bd8dfa8,0x356d1cf2, - 0x107789be,0xb3b2e9ce,0x0502aa8f,0x0bc0351e, - 0x166bf52a,0xeb12ff82,0xe3486911,0xd34d7516, - 0x4e7b3aff,0x5f43671b,0x9cf6e037,0x4981ac83, - 0x334266ce,0x8c9341b7,0xd0d854c0,0xcb3a6c88, - 0x47bc2829,0x4725ba37,0xa66ad22b,0x7ad61f1e, - 0x0c5cbafa,0x4437f107,0xb6e79962,0x42d2d816, - 0x0a961288,0xe1a5c06e,0x13749e67,0x72fc081a, - 0xb1d139f7,0xf9583745,0xcf19df58,0xbec3f756, - 0xc06eba30,0x07211b24,0x45c28829,0xc95e317f, - 0xbc8ec511,0x38bc46e9,0xc6e6fa14,0xbae8584a, - 0xad4ebc46,0x468f508b,0x7829435f,0xf124183b, - 0x821dba9f,0xaff60ff4,0xea2c4e6d,0x16e39264, - 0x92544a8b,0x009b4fc3,0xaba68ced,0x9ac96f78, - 0x06a5b79a,0xb2856e6e,0x1aec3ca9,0xbe838688, - 0x0e0804e9,0x55f1be56,0xe7e5363b,0xb3a1f25d, - 0xf7debb85,0x61fe033c,0x16746233,0x3c034c28, - 0xda6d0c74,0x79aac56c,0x3ce4e1ad,0x51f0c802, - 0x98f8f35a,0x1626a49f,0xeed82b29,0x1d382fe3, - 0x0c4fb99a,0xbb325778,0x3ec6d97b,0x6e77a6a9, - 0xcb658b5c,0xd45230c7,0x2bd1408b,0x60c03eb7, - 0xb9068d78,0xa33754f4,0xf430c87d,0xc8a71302, - 0xb96d8c32,0xebd4e7be,0xbe8b9d2d,0x7979fb06, - 0xe7225308,0x8b75cf77,0x11ef8da4,0xe083c858, - 0x8d6b786f,0x5a6317a6,0xfa5cf7a0,0x5dda0033, - 0xf28ebfb0,0xf5b9c310,0xa0eac280,0x08b9767a, - 0xa3d9d2b0,0x79d34217,0x021a718d,0x9ac6336a, - 0x2711fd60,0x438050e3,0x069908a8,0x3d7fedc4, - 0x826d2bef,0x4eeb8476,0x488dcf25,0x36c9d566, - 0x28e74e41,0xc2610aca,0x3d49a9cf,0xbae3b9df, - 0xb65f8de6,0x92aeaf64,0x3ac7d5e6,0x9ea80509, - 0xf22b017d,0xa4173f70,0xdd1e16c3,0x15e0d7f9, - 0x50b1b887,0x2b9f4fd5,0x625aba82,0x6a017962, - 0x2ec01b9c,0x15488aa9,0xd716e740,0x40055a2c, - 0x93d29a22,0xe32dbf9a,0x058745b9,0x3453dc1e, - 0xd699296e,0x496cff6f,0x1c9f4986,0xdfe2ed07, - 0xb87242d1,0x19de7eae,0x053e561a,0x15ad6f8c, - 0x66626c1c,0x7154c24c,0xea082b2a,0x93eb2939, - 0x17dcb0f0,0x58d4f2ae,0x9ea294fb,0x52cf564c, - 0x9883fe66,0x2ec40581,0x763953c3,0x01d6692e, - 0xd3a0c108,0xa1e7160e,0xe4f2dfa6,0x693ed285, - 0x74904698,0x4c2b0edd,0x4f757656,0x5d393378, - 0xa132234f,0x3d321c5d,0xc3f5e194,0x4b269301, - 0xc79f022f,0x3c997e7e,0x5e4f9504,0x3ffafbbd, - 0x76f7ad0e,0x296693f4,0x3d1fce6f,0xc61e45be, - 0xd3b5ab34,0xf72bf9b7,0x1b0434c0,0x4e72b567, - 0x5592a33d,0xb5229301,0xcfd2a87f,0x60aeb767, - 0x1814386b,0x30bcc33d,0x38a0c07d,0xfd1606f2, - 0xc363519b,0x589dd390,0x5479f8e6,0x1cb8d647, - 0x97fd61a9,0xea7759f4,0x2d57539d,0x569a58cf, - 0xe84e63ad,0x462e1b78,0x6580f87e,0xf3817914, - 0x91da55f4,0x40a230f3,0xd1988f35,0xb6e318d2, - 0x3ffa50bc,0x3d40f021,0xc3c0bdae,0x4958c24c, - 0x518f36b2,0x84b1d370,0x0fedce83,0x878ddada, - 0xf2a279c7,0x94e01be8,0x90716f4b,0x954b8aa3, - }; -OPENSSL_GLOBAL const CAST_LONG CAST_S_table7[256]={ - 0xe216300d,0xbbddfffc,0xa7ebdabd,0x35648095, - 0x7789f8b7,0xe6c1121b,0x0e241600,0x052ce8b5, - 0x11a9cfb0,0xe5952f11,0xece7990a,0x9386d174, - 0x2a42931c,0x76e38111,0xb12def3a,0x37ddddfc, - 0xde9adeb1,0x0a0cc32c,0xbe197029,0x84a00940, - 0xbb243a0f,0xb4d137cf,0xb44e79f0,0x049eedfd, - 0x0b15a15d,0x480d3168,0x8bbbde5a,0x669ded42, - 0xc7ece831,0x3f8f95e7,0x72df191b,0x7580330d, - 0x94074251,0x5c7dcdfa,0xabbe6d63,0xaa402164, - 0xb301d40a,0x02e7d1ca,0x53571dae,0x7a3182a2, - 0x12a8ddec,0xfdaa335d,0x176f43e8,0x71fb46d4, - 0x38129022,0xce949ad4,0xb84769ad,0x965bd862, - 0x82f3d055,0x66fb9767,0x15b80b4e,0x1d5b47a0, - 0x4cfde06f,0xc28ec4b8,0x57e8726e,0x647a78fc, - 0x99865d44,0x608bd593,0x6c200e03,0x39dc5ff6, - 0x5d0b00a3,0xae63aff2,0x7e8bd632,0x70108c0c, - 0xbbd35049,0x2998df04,0x980cf42a,0x9b6df491, - 0x9e7edd53,0x06918548,0x58cb7e07,0x3b74ef2e, - 0x522fffb1,0xd24708cc,0x1c7e27cd,0xa4eb215b, - 0x3cf1d2e2,0x19b47a38,0x424f7618,0x35856039, - 0x9d17dee7,0x27eb35e6,0xc9aff67b,0x36baf5b8, - 0x09c467cd,0xc18910b1,0xe11dbf7b,0x06cd1af8, - 0x7170c608,0x2d5e3354,0xd4de495a,0x64c6d006, - 0xbcc0c62c,0x3dd00db3,0x708f8f34,0x77d51b42, - 0x264f620f,0x24b8d2bf,0x15c1b79e,0x46a52564, - 0xf8d7e54e,0x3e378160,0x7895cda5,0x859c15a5, - 0xe6459788,0xc37bc75f,0xdb07ba0c,0x0676a3ab, - 0x7f229b1e,0x31842e7b,0x24259fd7,0xf8bef472, - 0x835ffcb8,0x6df4c1f2,0x96f5b195,0xfd0af0fc, - 0xb0fe134c,0xe2506d3d,0x4f9b12ea,0xf215f225, - 0xa223736f,0x9fb4c428,0x25d04979,0x34c713f8, - 0xc4618187,0xea7a6e98,0x7cd16efc,0x1436876c, - 0xf1544107,0xbedeee14,0x56e9af27,0xa04aa441, - 0x3cf7c899,0x92ecbae6,0xdd67016d,0x151682eb, - 0xa842eedf,0xfdba60b4,0xf1907b75,0x20e3030f, - 0x24d8c29e,0xe139673b,0xefa63fb8,0x71873054, - 0xb6f2cf3b,0x9f326442,0xcb15a4cc,0xb01a4504, - 0xf1e47d8d,0x844a1be5,0xbae7dfdc,0x42cbda70, - 0xcd7dae0a,0x57e85b7a,0xd53f5af6,0x20cf4d8c, - 0xcea4d428,0x79d130a4,0x3486ebfb,0x33d3cddc, - 0x77853b53,0x37effcb5,0xc5068778,0xe580b3e6, - 0x4e68b8f4,0xc5c8b37e,0x0d809ea2,0x398feb7c, - 0x132a4f94,0x43b7950e,0x2fee7d1c,0x223613bd, - 0xdd06caa2,0x37df932b,0xc4248289,0xacf3ebc3, - 0x5715f6b7,0xef3478dd,0xf267616f,0xc148cbe4, - 0x9052815e,0x5e410fab,0xb48a2465,0x2eda7fa4, - 0xe87b40e4,0xe98ea084,0x5889e9e1,0xefd390fc, - 0xdd07d35b,0xdb485694,0x38d7e5b2,0x57720101, - 0x730edebc,0x5b643113,0x94917e4f,0x503c2fba, - 0x646f1282,0x7523d24a,0xe0779695,0xf9c17a8f, - 0x7a5b2121,0xd187b896,0x29263a4d,0xba510cdf, - 0x81f47c9f,0xad1163ed,0xea7b5965,0x1a00726e, - 0x11403092,0x00da6d77,0x4a0cdd61,0xad1f4603, - 0x605bdfb0,0x9eedc364,0x22ebe6a8,0xcee7d28a, - 0xa0e736a0,0x5564a6b9,0x10853209,0xc7eb8f37, - 0x2de705ca,0x8951570f,0xdf09822b,0xbd691a6c, - 0xaa12e4f2,0x87451c0f,0xe0f6a27a,0x3ada4819, - 0x4cf1764f,0x0d771c2b,0x67cdb156,0x350d8384, - 0x5938fa0f,0x42399ef3,0x36997b07,0x0e84093d, - 0x4aa93e61,0x8360d87b,0x1fa98b0c,0x1149382c, - 0xe97625a5,0x0614d1b7,0x0e25244b,0x0c768347, - 0x589e8d82,0x0d2059d1,0xa466bb1e,0xf8da0a82, - 0x04f19130,0xba6e4ec0,0x99265164,0x1ee7230d, - 0x50b2ad80,0xeaee6801,0x8db2a283,0xea8bf59e, - }; diff --git a/src/lib/libcrypto/comp/c_rle.c b/src/lib/libcrypto/comp/c_rle.c deleted file mode 100644 index 1a819e3737..0000000000 --- a/src/lib/libcrypto/comp/c_rle.c +++ /dev/null @@ -1,61 +0,0 @@ -#include -#include -#include -#include -#include - -static int rle_compress_block(COMP_CTX *ctx, unsigned char *out, - unsigned int olen, unsigned char *in, unsigned int ilen); -static int rle_expand_block(COMP_CTX *ctx, unsigned char *out, - unsigned int olen, unsigned char *in, unsigned int ilen); - -static COMP_METHOD rle_method={ - NID_rle_compression, - LN_rle_compression, - NULL, - NULL, - rle_compress_block, - rle_expand_block, - NULL, - }; - -COMP_METHOD *COMP_rle(void) - { - return(&rle_method); - } - -static int rle_compress_block(COMP_CTX *ctx, unsigned char *out, - unsigned int olen, unsigned char *in, unsigned int ilen) - { - /* int i; */ - - if (olen < (ilen+1)) - { - /* ZZZZZZZZZZZZZZZZZZZZZZ */ - return(-1); - } - - *(out++)=0; - memcpy(out,in,ilen); - return(ilen+1); - } - -static int rle_expand_block(COMP_CTX *ctx, unsigned char *out, - unsigned int olen, unsigned char *in, unsigned int ilen) - { - int i; - - if (olen < (ilen-1)) - { - /* ZZZZZZZZZZZZZZZZZZZZZZ */ - return(-1); - } - - i= *(in++); - if (i == 0) - { - memcpy(out,in,ilen-1); - } - return(ilen-1); - } - diff --git a/src/lib/libcrypto/comp/c_zlib.c b/src/lib/libcrypto/comp/c_zlib.c deleted file mode 100644 index 6684ab4841..0000000000 --- a/src/lib/libcrypto/comp/c_zlib.c +++ /dev/null @@ -1,133 +0,0 @@ -#include -#include -#include -#include -#include - -COMP_METHOD *COMP_zlib(void ); - -#ifndef ZLIB - -static COMP_METHOD zlib_method={ - NID_undef, - "(null)", - NULL, - NULL, - NULL, - NULL, - NULL, - }; - -#else - -#include - -static int zlib_compress_block(COMP_CTX *ctx, unsigned char *out, - unsigned int olen, unsigned char *in, unsigned int ilen); -static int zlib_expand_block(COMP_CTX *ctx, unsigned char *out, - unsigned int olen, unsigned char *in, unsigned int ilen); - -static int zz_uncompress(Bytef *dest, uLongf *destLen, const Bytef *source, - uLong sourceLen); - -static COMP_METHOD zlib_method={ - NID_zlib_compression, - LN_zlib_compression, - NULL, - NULL, - zlib_compress_block, - zlib_expand_block, - NULL, - }; - -static int zlib_compress_block(COMP_CTX *ctx, unsigned char *out, - unsigned int olen, unsigned char *in, unsigned int ilen) - { - unsigned long l; - int i; - int clear=1; - - if (ilen > 128) - { - out[0]=1; - l=olen-1; - i=compress(&(out[1]),&l,in,(unsigned long)ilen); - if (i != Z_OK) - return(-1); - if (ilen > l) - { - clear=0; - l++; - } - } - if (clear) - { - out[0]=0; - memcpy(&(out[1]),in,ilen); - l=ilen+1; - } -fprintf(stderr,"compress(%4d)->%4d %s\n",ilen,(int)l,(clear)?"clear":"zlib"); - return((int)l); - } - -static int zlib_expand_block(COMP_CTX *ctx, unsigned char *out, - unsigned int olen, unsigned char *in, unsigned int ilen) - { - unsigned long l; - int i; - - if (in[0]) - { - l=olen; - i=zz_uncompress(out,&l,&(in[1]),(unsigned long)ilen-1); - if (i != Z_OK) - return(-1); - } - else - { - memcpy(out,&(in[1]),ilen-1); - l=ilen-1; - } - fprintf(stderr,"expand (%4d)->%4d %s\n",ilen,(int)l,in[0]?"zlib":"clear"); - return((int)l); - } - -static int zz_uncompress (Bytef *dest, uLongf *destLen, const Bytef *source, - uLong sourceLen) -{ - z_stream stream; - int err; - - stream.next_in = (Bytef*)source; - stream.avail_in = (uInt)sourceLen; - /* Check for source > 64K on 16-bit machine: */ - if ((uLong)stream.avail_in != sourceLen) return Z_BUF_ERROR; - - stream.next_out = dest; - stream.avail_out = (uInt)*destLen; - if ((uLong)stream.avail_out != *destLen) return Z_BUF_ERROR; - - stream.zalloc = (alloc_func)0; - stream.zfree = (free_func)0; - - err = inflateInit(&stream); - if (err != Z_OK) return err; - - err = inflate(&stream, Z_FINISH); - if (err != Z_STREAM_END) { - inflateEnd(&stream); - return err; - } - *destLen = stream.total_out; - - err = inflateEnd(&stream); - return err; -} - -#endif - -COMP_METHOD *COMP_zlib(void) - { - return(&zlib_method); - } - diff --git a/src/lib/libcrypto/comp/comp.h b/src/lib/libcrypto/comp/comp.h deleted file mode 100644 index 0922609542..0000000000 --- a/src/lib/libcrypto/comp/comp.h +++ /dev/null @@ -1,61 +0,0 @@ - -#ifndef HEADER_COMP_H -#define HEADER_COMP_H - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -typedef struct comp_method_st - { - int type; /* NID for compression library */ - const char *name; /* A text string to identify the library */ - int (*init)(); - void (*finish)(); - int (*compress)(); - int (*expand)(); - long (*ctrl)(); - long (*callback_ctrl)(); - } COMP_METHOD; - -typedef struct comp_ctx_st - { - COMP_METHOD *meth; - unsigned long compress_in; - unsigned long compress_out; - unsigned long expand_in; - unsigned long expand_out; - - CRYPTO_EX_DATA ex_data; - } COMP_CTX; - - -COMP_CTX *COMP_CTX_new(COMP_METHOD *meth); -void COMP_CTX_free(COMP_CTX *ctx); -int COMP_compress_block(COMP_CTX *ctx, unsigned char *out, int olen, - unsigned char *in, int ilen); -int COMP_expand_block(COMP_CTX *ctx, unsigned char *out, int olen, - unsigned char *in, int ilen); -COMP_METHOD *COMP_rle(void ); -#ifdef ZLIB -COMP_METHOD *COMP_zlib(void ); -#endif - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ - -/* Error codes for the COMP functions. */ - -/* Function codes. */ - -/* Reason codes. */ - -#ifdef __cplusplus -} -#endif -#endif - diff --git a/src/lib/libcrypto/comp/comp_err.c b/src/lib/libcrypto/comp/comp_err.c deleted file mode 100644 index c10282a73c..0000000000 --- a/src/lib/libcrypto/comp/comp_err.c +++ /dev/null @@ -1,92 +0,0 @@ -/* crypto/comp/comp_err.c */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* NOTE: this file was auto generated by the mkerr.pl script: any changes - * made to it will be overwritten when the script next updates this file, - * only reason strings will be preserved. - */ - -#include -#include -#include - -/* BEGIN ERROR CODES */ -#ifndef NO_ERR -static ERR_STRING_DATA COMP_str_functs[]= - { -{0,NULL} - }; - -static ERR_STRING_DATA COMP_str_reasons[]= - { -{0,NULL} - }; - -#endif - -void ERR_load_COMP_strings(void) - { - static int init=1; - - if (init) - { - init=0; -#ifndef NO_ERR - ERR_load_strings(ERR_LIB_COMP,COMP_str_functs); - ERR_load_strings(ERR_LIB_COMP,COMP_str_reasons); -#endif - - } - } diff --git a/src/lib/libcrypto/comp/comp_lib.c b/src/lib/libcrypto/comp/comp_lib.c deleted file mode 100644 index beb98ce8cc..0000000000 --- a/src/lib/libcrypto/comp/comp_lib.c +++ /dev/null @@ -1,78 +0,0 @@ -#include -#include -#include -#include -#include - -COMP_CTX *COMP_CTX_new(COMP_METHOD *meth) - { - COMP_CTX *ret; - - if ((ret=(COMP_CTX *)OPENSSL_malloc(sizeof(COMP_CTX))) == NULL) - { - /* ZZZZZZZZZZZZZZZZ */ - return(NULL); - } - memset(ret,0,sizeof(COMP_CTX)); - ret->meth=meth; - if ((ret->meth->init != NULL) && !ret->meth->init(ret)) - { - OPENSSL_free(ret); - ret=NULL; - } -#if 0 - else - CRYPTO_new_ex_data(rsa_meth,(char *)ret,&ret->ex_data); -#endif - return(ret); - } - -void COMP_CTX_free(COMP_CTX *ctx) - { - /* CRYPTO_free_ex_data(rsa_meth,(char *)ctx,&ctx->ex_data); */ - - if(ctx == NULL) - return; - - if (ctx->meth->finish != NULL) - ctx->meth->finish(ctx); - - OPENSSL_free(ctx); - } - -int COMP_compress_block(COMP_CTX *ctx, unsigned char *out, int olen, - unsigned char *in, int ilen) - { - int ret; - if (ctx->meth->compress == NULL) - { - /* ZZZZZZZZZZZZZZZZZ */ - return(-1); - } - ret=ctx->meth->compress(ctx,out,olen,in,ilen); - if (ret > 0) - { - ctx->compress_in+=ilen; - ctx->compress_out+=ret; - } - return(ret); - } - -int COMP_expand_block(COMP_CTX *ctx, unsigned char *out, int olen, - unsigned char *in, int ilen) - { - int ret; - - if (ctx->meth->expand == NULL) - { - /* ZZZZZZZZZZZZZZZZZ */ - return(-1); - } - ret=ctx->meth->expand(ctx,out,olen,in,ilen); - if (ret > 0) - { - ctx->expand_in+=ilen; - ctx->expand_out+=ret; - } - return(ret); - } diff --git a/src/lib/libcrypto/conf/conf.h b/src/lib/libcrypto/conf/conf.h deleted file mode 100644 index 2f70634455..0000000000 --- a/src/lib/libcrypto/conf/conf.h +++ /dev/null @@ -1,177 +0,0 @@ -/* crypto/conf/conf.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_CONF_H -#define HEADER_CONF_H - -#include -#include -#include -#include -#include - -#ifdef __cplusplus -extern "C" { -#endif - -typedef struct - { - char *section; - char *name; - char *value; - } CONF_VALUE; - -DECLARE_STACK_OF(CONF_VALUE) - -struct conf_st; -typedef struct conf_st CONF; -struct conf_method_st; -typedef struct conf_method_st CONF_METHOD; - -struct conf_method_st - { - const char *name; - CONF *(MS_FAR *create)(CONF_METHOD *meth); - int (MS_FAR *init)(CONF *conf); - int (MS_FAR *destroy)(CONF *conf); - int (MS_FAR *destroy_data)(CONF *conf); - int (MS_FAR *load)(CONF *conf, BIO *bp, long *eline); - int (MS_FAR *dump)(CONF *conf, BIO *bp); - int (MS_FAR *is_number)(CONF *conf, char c); - int (MS_FAR *to_int)(CONF *conf, char c); - }; - -int CONF_set_default_method(CONF_METHOD *meth); -LHASH *CONF_load(LHASH *conf,const char *file,long *eline); -#ifndef NO_FP_API -LHASH *CONF_load_fp(LHASH *conf, FILE *fp,long *eline); -#endif -LHASH *CONF_load_bio(LHASH *conf, BIO *bp,long *eline); -STACK_OF(CONF_VALUE) *CONF_get_section(LHASH *conf,char *section); -char *CONF_get_string(LHASH *conf,char *group,char *name); -long CONF_get_number(LHASH *conf,char *group,char *name); -void CONF_free(LHASH *conf); -int CONF_dump_fp(LHASH *conf, FILE *out); -int CONF_dump_bio(LHASH *conf, BIO *out); -void ERR_load_CONF_strings(void ); - -/* New conf code. The semantics are different from the functions above. - If that wasn't the case, the above functions would have been replaced */ - -struct conf_st - { - CONF_METHOD *meth; - void *meth_data; - LHASH *data; - }; - -CONF *NCONF_new(CONF_METHOD *meth); -CONF_METHOD *NCONF_default(); -CONF_METHOD *NCONF_WIN32(); -#if 0 /* Just to give you an idea of what I have in mind */ -CONF_METHOD *NCONF_XML(); -#endif -void NCONF_free(CONF *conf); -void NCONF_free_data(CONF *conf); - -int NCONF_load(CONF *conf,const char *file,long *eline); -#ifndef NO_FP_API -int NCONF_load_fp(CONF *conf, FILE *fp,long *eline); -#endif -int NCONF_load_bio(CONF *conf, BIO *bp,long *eline); -STACK_OF(CONF_VALUE) *NCONF_get_section(CONF *conf,char *section); -char *NCONF_get_string(CONF *conf,char *group,char *name); -long NCONF_get_number(CONF *conf,char *group,char *name); -int NCONF_dump_fp(CONF *conf, FILE *out); -int NCONF_dump_bio(CONF *conf, BIO *out); - - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ - -/* Error codes for the CONF functions. */ - -/* Function codes. */ -#define CONF_F_CONF_DUMP_FP 104 -#define CONF_F_CONF_LOAD 100 -#define CONF_F_CONF_LOAD_BIO 102 -#define CONF_F_CONF_LOAD_FP 103 -#define CONF_F_NCONF_DUMP_BIO 105 -#define CONF_F_NCONF_DUMP_FP 106 -#define CONF_F_NCONF_GET_NUMBER 107 -#define CONF_F_NCONF_GET_SECTION 108 -#define CONF_F_NCONF_GET_STRING 109 -#define CONF_F_NCONF_LOAD_BIO 110 -#define CONF_F_NCONF_NEW 111 -#define CONF_F_STR_COPY 101 - -/* Reason codes. */ -#define CONF_R_MISSING_CLOSE_SQUARE_BRACKET 100 -#define CONF_R_MISSING_EQUAL_SIGN 101 -#define CONF_R_NO_CLOSE_BRACE 102 -#define CONF_R_NO_CONF 105 -#define CONF_R_UNABLE_TO_CREATE_NEW_SECTION 103 -#define CONF_R_VARIABLE_HAS_NO_VALUE 104 - -#ifdef __cplusplus -} -#endif -#endif - diff --git a/src/lib/libcrypto/conf/conf_api.c b/src/lib/libcrypto/conf/conf_api.c deleted file mode 100644 index d05a778ff6..0000000000 --- a/src/lib/libcrypto/conf/conf_api.c +++ /dev/null @@ -1,289 +0,0 @@ -/* conf_api.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -/* Part of the code in here was originally in conf.c, which is now removed */ - -#ifndef CONF_DEBUG -# undef NDEBUG /* avoid conflicting definitions */ -# define NDEBUG -#endif - -#include -#include -#include -#include - -static void value_free_hash(CONF_VALUE *a, LHASH *conf); -static void value_free_stack(CONF_VALUE *a,LHASH *conf); -static unsigned long hash(CONF_VALUE *v); -static int cmp_conf(CONF_VALUE *a,CONF_VALUE *b); - -/* Up until OpenSSL 0.9.5a, this was get_section */ -CONF_VALUE *_CONF_get_section(CONF *conf, char *section) - { - CONF_VALUE *v,vv; - - if ((conf == NULL) || (section == NULL)) return(NULL); - vv.name=NULL; - vv.section=section; - v=(CONF_VALUE *)lh_retrieve(conf->data,&vv); - return(v); - } - -/* Up until OpenSSL 0.9.5a, this was CONF_get_section */ -STACK_OF(CONF_VALUE) *_CONF_get_section_values(CONF *conf, char *section) - { - CONF_VALUE *v; - - v=_CONF_get_section(conf,section); - if (v != NULL) - return((STACK_OF(CONF_VALUE) *)v->value); - else - return(NULL); - } - -int _CONF_add_string(CONF *conf, CONF_VALUE *section, CONF_VALUE *value) - { - CONF_VALUE *v = NULL; - STACK_OF(CONF_VALUE) *ts; - - ts = (STACK_OF(CONF_VALUE) *)section->value; - - value->section=section->section; - if (!sk_CONF_VALUE_push(ts,value)) - { - return 0; - } - - v = (CONF_VALUE *)lh_insert(conf->data, value); - if (v != NULL) - { - sk_CONF_VALUE_delete_ptr(ts,v); - OPENSSL_free(v->name); - OPENSSL_free(v->value); - OPENSSL_free(v); - } - return 1; - } - -char *_CONF_get_string(CONF *conf, char *section, char *name) - { - CONF_VALUE *v,vv; - char *p; - - if (name == NULL) return(NULL); - if (conf != NULL) - { - if (section != NULL) - { - vv.name=name; - vv.section=section; - v=(CONF_VALUE *)lh_retrieve(conf->data,&vv); - if (v != NULL) return(v->value); - if (strcmp(section,"ENV") == 0) - { - p=Getenv(name); - if (p != NULL) return(p); - } - } - vv.section="default"; - vv.name=name; - v=(CONF_VALUE *)lh_retrieve(conf->data,&vv); - if (v != NULL) - return(v->value); - else - return(NULL); - } - else - return(Getenv(name)); - } - -long _CONF_get_number(CONF *conf, char *section, char *name) - { - char *str; - long ret=0; - - str=_CONF_get_string(conf,section,name); - if (str == NULL) return(0); - for (;;) - { - if (conf->meth->is_number(conf, *str)) - ret=ret*10+conf->meth->to_int(conf, *str); - else - return(ret); - str++; - } - } - -int _CONF_new_data(CONF *conf) - { - if (conf == NULL) - { - return 0; - } - if (conf->data == NULL) - if ((conf->data = lh_new(hash,cmp_conf)) == NULL) - { - return 0; - } - return 1; - } - -void _CONF_free_data(CONF *conf) - { - if (conf == NULL || conf->data == NULL) return; - - conf->data->down_load=0; /* evil thing to make sure the 'OPENSSL_free()' - * works as expected */ - lh_doall_arg(conf->data,(void (*)())value_free_hash,conf->data); - - /* We now have only 'section' entries in the hash table. - * Due to problems with */ - - lh_doall_arg(conf->data,(void (*)())value_free_stack,conf->data); - lh_free(conf->data); - } - -static void value_free_hash(CONF_VALUE *a, LHASH *conf) - { - if (a->name != NULL) - { - a=(CONF_VALUE *)lh_delete(conf,a); - } - } - -static void value_free_stack(CONF_VALUE *a, LHASH *conf) - { - CONF_VALUE *vv; - STACK *sk; - int i; - - if (a->name != NULL) return; - - sk=(STACK *)a->value; - for (i=sk_num(sk)-1; i>=0; i--) - { - vv=(CONF_VALUE *)sk_value(sk,i); - OPENSSL_free(vv->value); - OPENSSL_free(vv->name); - OPENSSL_free(vv); - } - if (sk != NULL) sk_free(sk); - OPENSSL_free(a->section); - OPENSSL_free(a); - } - -static unsigned long hash(CONF_VALUE *v) - { - return((lh_strhash(v->section)<<2)^lh_strhash(v->name)); - } - -static int cmp_conf(CONF_VALUE *a, CONF_VALUE *b) - { - int i; - - if (a->section != b->section) - { - i=strcmp(a->section,b->section); - if (i) return(i); - } - - if ((a->name != NULL) && (b->name != NULL)) - { - i=strcmp(a->name,b->name); - return(i); - } - else if (a->name == b->name) - return(0); - else - return((a->name == NULL)?-1:1); - } - -/* Up until OpenSSL 0.9.5a, this was new_section */ -CONF_VALUE *_CONF_new_section(CONF *conf, char *section) - { - STACK *sk=NULL; - int ok=0,i; - CONF_VALUE *v=NULL,*vv; - - if ((sk=sk_new_null()) == NULL) - goto err; - if ((v=(CONF_VALUE *)OPENSSL_malloc(sizeof(CONF_VALUE))) == NULL) - goto err; - i=strlen(section)+1; - if ((v->section=(char *)OPENSSL_malloc(i)) == NULL) - goto err; - - memcpy(v->section,section,i); - v->name=NULL; - v->value=(char *)sk; - - vv=(CONF_VALUE *)lh_insert(conf->data,v); - assert(vv == NULL); - ok=1; -err: - if (!ok) - { - if (sk != NULL) sk_free(sk); - if (v != NULL) OPENSSL_free(v); - v=NULL; - } - return(v); - } - -IMPLEMENT_STACK_OF(CONF_VALUE) diff --git a/src/lib/libcrypto/conf/conf_api.h b/src/lib/libcrypto/conf/conf_api.h deleted file mode 100644 index a5cc17b233..0000000000 --- a/src/lib/libcrypto/conf/conf_api.h +++ /dev/null @@ -1,87 +0,0 @@ -/* conf_api.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_CONF_API_H -#define HEADER_CONF_API_H - -#include -#include - -#ifdef __cplusplus -extern "C" { -#endif - -/* Up until OpenSSL 0.9.5a, this was new_section */ -CONF_VALUE *_CONF_new_section(CONF *conf, char *section); -/* Up until OpenSSL 0.9.5a, this was get_section */ -CONF_VALUE *_CONF_get_section(CONF *conf, char *section); -/* Up until OpenSSL 0.9.5a, this was CONF_get_section */ -STACK_OF(CONF_VALUE) *_CONF_get_section_values(CONF *conf, char *section); - -int _CONF_add_string(CONF *conf, CONF_VALUE *section, CONF_VALUE *value); -char *_CONF_get_string(CONF *conf, char *section, char *name); -long _CONF_get_number(CONF *conf, char *section, char *name); - -int _CONF_new_data(CONF *conf); -void _CONF_free_data(CONF *conf); - -#ifdef __cplusplus -} -#endif -#endif - diff --git a/src/lib/libcrypto/conf/conf_def.c b/src/lib/libcrypto/conf/conf_def.c deleted file mode 100644 index 773df32c68..0000000000 --- a/src/lib/libcrypto/conf/conf_def.c +++ /dev/null @@ -1,703 +0,0 @@ -/* crypto/conf/conf.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -/* Part of the code in here was originally in conf.c, which is now removed */ - -#include -#include -#include -#include -#include -#include -#include "conf_def.h" -#include -#include - -static char *eat_ws(CONF *conf, char *p); -static char *eat_alpha_numeric(CONF *conf, char *p); -static void clear_comments(CONF *conf, char *p); -static int str_copy(CONF *conf,char *section,char **to, char *from); -static char *scan_quote(CONF *conf, char *p); -static char *scan_dquote(CONF *conf, char *p); -#define scan_esc(conf,p) (((IS_EOF((conf),(p)[1]))?((p)+1):((p)+2))) - -static CONF *def_create(CONF_METHOD *meth); -static int def_init_default(CONF *conf); -static int def_init_WIN32(CONF *conf); -static int def_destroy(CONF *conf); -static int def_destroy_data(CONF *conf); -static int def_load(CONF *conf, BIO *bp, long *eline); -static int def_dump(CONF *conf, BIO *bp); -static int def_is_number(CONF *conf, char c); -static int def_to_int(CONF *conf, char c); - -const char *CONF_def_version="CONF_def" OPENSSL_VERSION_PTEXT; - -static CONF_METHOD default_method = { - "OpenSSL default", - def_create, - def_init_default, - def_destroy, - def_destroy_data, - def_load, - def_dump, - def_is_number, - def_to_int - }; - -static CONF_METHOD WIN32_method = { - "WIN32", - def_create, - def_init_WIN32, - def_destroy, - def_destroy_data, - def_load, - def_dump, - def_is_number, - def_to_int - }; - -CONF_METHOD *NCONF_default() - { - return &default_method; - } -CONF_METHOD *NCONF_WIN32() - { - return &WIN32_method; - } - -static CONF *def_create(CONF_METHOD *meth) - { - CONF *ret; - - ret = (CONF *)OPENSSL_malloc(sizeof(CONF) + sizeof(unsigned short *)); - if (ret) - if (meth->init(ret) == 0) - { - OPENSSL_free(ret); - ret = NULL; - } - return ret; - } - -static int def_init_default(CONF *conf) - { - if (conf == NULL) - return 0; - - conf->meth = &default_method; - conf->meth_data = (void *)CONF_type_default; - conf->data = NULL; - - return 1; - } - -static int def_init_WIN32(CONF *conf) - { - if (conf == NULL) - return 0; - - conf->meth = &WIN32_method; - conf->meth_data = (void *)CONF_type_win32; - conf->data = NULL; - - return 1; - } - -static int def_destroy(CONF *conf) - { - if (def_destroy_data(conf)) - { - OPENSSL_free(conf); - return 1; - } - return 0; - } - -static int def_destroy_data(CONF *conf) - { - if (conf == NULL) - return 0; - _CONF_free_data(conf); - return 1; - } - -static int def_load(CONF *conf, BIO *in, long *line) - { -#define BUFSIZE 512 - char btmp[16]; - int bufnum=0,i,ii; - BUF_MEM *buff=NULL; - char *s,*p,*end; - int again,n; - long eline=0; - CONF_VALUE *v=NULL,*tv; - CONF_VALUE *sv=NULL; - char *section=NULL,*buf; - STACK_OF(CONF_VALUE) *section_sk=NULL,*ts; - char *start,*psection,*pname; - void *h = (void *)(conf->data); - - if ((buff=BUF_MEM_new()) == NULL) - { - CONFerr(CONF_F_CONF_LOAD_BIO,ERR_R_BUF_LIB); - goto err; - } - - section=(char *)OPENSSL_malloc(10); - if (section == NULL) - { - CONFerr(CONF_F_CONF_LOAD_BIO,ERR_R_MALLOC_FAILURE); - goto err; - } - strcpy(section,"default"); - - if (_CONF_new_data(conf) == 0) - { - CONFerr(CONF_F_CONF_LOAD_BIO,ERR_R_MALLOC_FAILURE); - goto err; - } - - sv=_CONF_new_section(conf,section); - if (sv == NULL) - { - CONFerr(CONF_F_CONF_LOAD_BIO, - CONF_R_UNABLE_TO_CREATE_NEW_SECTION); - goto err; - } - section_sk=(STACK_OF(CONF_VALUE) *)sv->value; - - bufnum=0; - for (;;) - { - again=0; - if (!BUF_MEM_grow(buff,bufnum+BUFSIZE)) - { - CONFerr(CONF_F_CONF_LOAD_BIO,ERR_R_BUF_LIB); - goto err; - } - p= &(buff->data[bufnum]); - *p='\0'; - BIO_gets(in, p, BUFSIZE-1); - p[BUFSIZE-1]='\0'; - ii=i=strlen(p); - if (i == 0) break; - while (i > 0) - { - if ((p[i-1] != '\r') && (p[i-1] != '\n')) - break; - else - i--; - } - /* we removed some trailing stuff so there is a new - * line on the end. */ - if (i == ii) - again=1; /* long line */ - else - { - p[i]='\0'; - eline++; /* another input line */ - } - - /* we now have a line with trailing \r\n removed */ - - /* i is the number of bytes */ - bufnum+=i; - - v=NULL; - /* check for line continuation */ - if (bufnum >= 1) - { - /* If we have bytes and the last char '\\' and - * second last char is not '\\' */ - p= &(buff->data[bufnum-1]); - if (IS_ESC(conf,p[0]) && - ((bufnum <= 1) || !IS_ESC(conf,p[-1]))) - { - bufnum--; - again=1; - } - } - if (again) continue; - bufnum=0; - buf=buff->data; - - clear_comments(conf, buf); - n=strlen(buf); - s=eat_ws(conf, buf); - if (IS_EOF(conf,*s)) continue; /* blank line */ - if (*s == '[') - { - char *ss; - - s++; - start=eat_ws(conf, s); - ss=start; -again: - end=eat_alpha_numeric(conf, ss); - p=eat_ws(conf, end); - if (*p != ']') - { - if (*p != '\0') - { - ss=p; - goto again; - } - CONFerr(CONF_F_CONF_LOAD_BIO, - CONF_R_MISSING_CLOSE_SQUARE_BRACKET); - goto err; - } - *end='\0'; - if (!str_copy(conf,NULL,§ion,start)) goto err; - if ((sv=_CONF_get_section(conf,section)) == NULL) - sv=_CONF_new_section(conf,section); - if (sv == NULL) - { - CONFerr(CONF_F_CONF_LOAD_BIO, - CONF_R_UNABLE_TO_CREATE_NEW_SECTION); - goto err; - } - section_sk=(STACK_OF(CONF_VALUE) *)sv->value; - continue; - } - else - { - pname=s; - psection=NULL; - end=eat_alpha_numeric(conf, s); - if ((end[0] == ':') && (end[1] == ':')) - { - *end='\0'; - end+=2; - psection=pname; - pname=end; - end=eat_alpha_numeric(conf, end); - } - p=eat_ws(conf, end); - if (*p != '=') - { - CONFerr(CONF_F_CONF_LOAD_BIO, - CONF_R_MISSING_EQUAL_SIGN); - goto err; - } - *end='\0'; - p++; - start=eat_ws(conf, p); - while (!IS_EOF(conf,*p)) - p++; - p--; - while ((p != start) && (IS_WS(conf,*p))) - p--; - p++; - *p='\0'; - - if (!(v=(CONF_VALUE *)OPENSSL_malloc(sizeof(CONF_VALUE)))) - { - CONFerr(CONF_F_CONF_LOAD_BIO, - ERR_R_MALLOC_FAILURE); - goto err; - } - if (psection == NULL) psection=section; - v->name=(char *)OPENSSL_malloc(strlen(pname)+1); - v->value=NULL; - if (v->name == NULL) - { - CONFerr(CONF_F_CONF_LOAD_BIO, - ERR_R_MALLOC_FAILURE); - goto err; - } - strcpy(v->name,pname); - if (!str_copy(conf,psection,&(v->value),start)) goto err; - - if (strcmp(psection,section) != 0) - { - if ((tv=_CONF_get_section(conf,psection)) - == NULL) - tv=_CONF_new_section(conf,psection); - if (tv == NULL) - { - CONFerr(CONF_F_CONF_LOAD_BIO, - CONF_R_UNABLE_TO_CREATE_NEW_SECTION); - goto err; - } - ts=(STACK_OF(CONF_VALUE) *)tv->value; - } - else - { - tv=sv; - ts=section_sk; - } -#if 1 - if (_CONF_add_string(conf, tv, v) == 0) - { - CONFerr(CONF_F_CONF_LOAD_BIO, - ERR_R_MALLOC_FAILURE); - goto err; - } -#else - v->section=tv->section; - if (!sk_CONF_VALUE_push(ts,v)) - { - CONFerr(CONF_F_CONF_LOAD_BIO, - ERR_R_MALLOC_FAILURE); - goto err; - } - vv=(CONF_VALUE *)lh_insert(conf->data,v); - if (vv != NULL) - { - sk_CONF_VALUE_delete_ptr(ts,vv); - OPENSSL_free(vv->name); - OPENSSL_free(vv->value); - OPENSSL_free(vv); - } -#endif - v=NULL; - } - } - if (buff != NULL) BUF_MEM_free(buff); - if (section != NULL) OPENSSL_free(section); - return(1); -err: - if (buff != NULL) BUF_MEM_free(buff); - if (section != NULL) OPENSSL_free(section); - if (line != NULL) *line=eline; - sprintf(btmp,"%ld",eline); - ERR_add_error_data(2,"line ",btmp); - if ((h != conf->data) && (conf->data != NULL)) CONF_free(conf->data); - if (v != NULL) - { - if (v->name != NULL) OPENSSL_free(v->name); - if (v->value != NULL) OPENSSL_free(v->value); - if (v != NULL) OPENSSL_free(v); - } - return(0); - } - -static void clear_comments(CONF *conf, char *p) - { - char *to; - - to=p; - for (;;) - { - if (IS_FCOMMENT(conf,*p)) - { - *p='\0'; - return; - } - if (!IS_WS(conf,*p)) - { - break; - } - p++; - } - - for (;;) - { - if (IS_COMMENT(conf,*p)) - { - *p='\0'; - return; - } - if (IS_DQUOTE(conf,*p)) - { - p=scan_dquote(conf, p); - continue; - } - if (IS_QUOTE(conf,*p)) - { - p=scan_quote(conf, p); - continue; - } - if (IS_ESC(conf,*p)) - { - p=scan_esc(conf,p); - continue; - } - if (IS_EOF(conf,*p)) - return; - else - p++; - } - } - -static int str_copy(CONF *conf, char *section, char **pto, char *from) - { - int q,r,rr=0,to=0,len=0; - char *s,*e,*rp,*p,*rrp,*np,*cp,v; - BUF_MEM *buf; - - if ((buf=BUF_MEM_new()) == NULL) return(0); - - len=strlen(from)+1; - if (!BUF_MEM_grow(buf,len)) goto err; - - for (;;) - { - if (IS_QUOTE(conf,*from)) - { - q= *from; - from++; - while (!IS_EOF(conf,*from) && (*from != q)) - { - if (IS_ESC(conf,*from)) - { - from++; - if (IS_EOF(conf,*from)) break; - } - buf->data[to++]= *(from++); - } - if (*from == q) from++; - } - else if (IS_DQUOTE(conf,*from)) - { - q= *from; - from++; - while (!IS_EOF(conf,*from)) - { - if (*from == q) - { - if (*(from+1) == q) - { - from++; - } - else - { - break; - } - } - buf->data[to++]= *(from++); - } - if (*from == q) from++; - } - else if (IS_ESC(conf,*from)) - { - from++; - v= *(from++); - if (IS_EOF(conf,v)) break; - else if (v == 'r') v='\r'; - else if (v == 'n') v='\n'; - else if (v == 'b') v='\b'; - else if (v == 't') v='\t'; - buf->data[to++]= v; - } - else if (IS_EOF(conf,*from)) - break; - else if (*from == '$') - { - /* try to expand it */ - rrp=NULL; - s= &(from[1]); - if (*s == '{') - q='}'; - else if (*s == '(') - q=')'; - else q=0; - - if (q) s++; - cp=section; - e=np=s; - while (IS_ALPHA_NUMERIC(conf,*e)) - e++; - if ((e[0] == ':') && (e[1] == ':')) - { - cp=np; - rrp=e; - rr= *e; - *rrp='\0'; - e+=2; - np=e; - while (IS_ALPHA_NUMERIC(conf,*e)) - e++; - } - r= *e; - *e='\0'; - rp=e; - if (q) - { - if (r != q) - { - CONFerr(CONF_F_STR_COPY,CONF_R_NO_CLOSE_BRACE); - goto err; - } - e++; - } - /* So at this point we have - * ns which is the start of the name string which is - * '\0' terminated. - * cs which is the start of the section string which is - * '\0' terminated. - * e is the 'next point after'. - * r and s are the chars replaced by the '\0' - * rp and sp is where 'r' and 's' came from. - */ - p=_CONF_get_string(conf,cp,np); - if (rrp != NULL) *rrp=rr; - *rp=r; - if (p == NULL) - { - CONFerr(CONF_F_STR_COPY,CONF_R_VARIABLE_HAS_NO_VALUE); - goto err; - } - BUF_MEM_grow(buf,(strlen(p)+len-(e-from))); - while (*p) - buf->data[to++]= *(p++); - from=e; - } - else - buf->data[to++]= *(from++); - } - buf->data[to]='\0'; - if (*pto != NULL) OPENSSL_free(*pto); - *pto=buf->data; - OPENSSL_free(buf); - return(1); -err: - if (buf != NULL) BUF_MEM_free(buf); - return(0); - } - -static char *eat_ws(CONF *conf, char *p) - { - while (IS_WS(conf,*p) && (!IS_EOF(conf,*p))) - p++; - return(p); - } - -static char *eat_alpha_numeric(CONF *conf, char *p) - { - for (;;) - { - if (IS_ESC(conf,*p)) - { - p=scan_esc(conf,p); - continue; - } - if (!IS_ALPHA_NUMERIC_PUNCT(conf,*p)) - return(p); - p++; - } - } - -static char *scan_quote(CONF *conf, char *p) - { - int q= *p; - - p++; - while (!(IS_EOF(conf,*p)) && (*p != q)) - { - if (IS_ESC(conf,*p)) - { - p++; - if (IS_EOF(conf,*p)) return(p); - } - p++; - } - if (*p == q) p++; - return(p); - } - - -static char *scan_dquote(CONF *conf, char *p) - { - int q= *p; - - p++; - while (!(IS_EOF(conf,*p))) - { - if (*p == q) - { - if (*(p+1) == q) - { - p++; - } - else - { - break; - } - } - p++; - } - if (*p == q) p++; - return(p); - } - -static void dump_value(CONF_VALUE *a, BIO *out) - { - if (a->name) - BIO_printf(out, "[%s] %s=%s\n", a->section, a->name, a->value); - else - BIO_printf(out, "[[%s]]\n", a->section); - } - -static int def_dump(CONF *conf, BIO *out) - { - lh_doall_arg(conf->data, (void (*)())dump_value, out); - return 1; - } - -static int def_is_number(CONF *conf, char c) - { - return IS_NUMBER(conf,c); - } - -static int def_to_int(CONF *conf, char c) - { - return c - '0'; - } - diff --git a/src/lib/libcrypto/conf/conf_def.h b/src/lib/libcrypto/conf/conf_def.h deleted file mode 100644 index 3244d9a331..0000000000 --- a/src/lib/libcrypto/conf/conf_def.h +++ /dev/null @@ -1,145 +0,0 @@ -/* crypto/conf/conf_def.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -/* THIS FILE WAS AUTOMAGICALLY GENERATED! - Please modify and use keysets.pl to regenerate it. */ - -#define CONF_NUMBER 1 -#define CONF_UPPER 2 -#define CONF_LOWER 4 -#define CONF_UNDER 256 -#define CONF_PUNCTUATION 512 -#define CONF_WS 16 -#define CONF_ESC 32 -#define CONF_QUOTE 64 -#define CONF_DQUOTE 1024 -#define CONF_COMMENT 128 -#define CONF_FCOMMENT 2048 -#define CONF_EOF 8 -#define CONF_ALPHA (CONF_UPPER|CONF_LOWER) -#define CONF_ALPHA_NUMERIC (CONF_ALPHA|CONF_NUMBER|CONF_UNDER) -#define CONF_ALPHA_NUMERIC_PUNCT (CONF_ALPHA|CONF_NUMBER|CONF_UNDER| \ - CONF_PUNCTUATION) - -#define KEYTYPES(c) ((unsigned short *)((c)->meth_data)) -#ifndef CHARSET_EBCDIC -#define IS_COMMENT(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_COMMENT) -#define IS_FCOMMENT(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_FCOMMENT) -#define IS_EOF(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_EOF) -#define IS_ESC(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_ESC) -#define IS_NUMBER(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_NUMBER) -#define IS_WS(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_WS) -#define IS_ALPHA_NUMERIC(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_ALPHA_NUMERIC) -#define IS_ALPHA_NUMERIC_PUNCT(c,a) \ - (KEYTYPES(c)[(a)&0x7f]&CONF_ALPHA_NUMERIC_PUNCT) -#define IS_QUOTE(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_QUOTE) -#define IS_DQUOTE(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_DQUOTE) - -#else /*CHARSET_EBCDIC*/ - -#define IS_COMMENT(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_COMMENT) -#define IS_FCOMMENT(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_FCOMMENT) -#define IS_EOF(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_EOF) -#define IS_ESC(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_ESC) -#define IS_NUMBER(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_NUMBER) -#define IS_WS(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_WS) -#define IS_ALPHA_NUMERIC(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_ALPHA_NUMERIC) -#define IS_ALPHA_NUMERIC_PUNCT(c,a) \ - (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_ALPHA_NUMERIC_PUNCT) -#define IS_QUOTE(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_QUOTE) -#define IS_DQUOTE(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_DQUOTE) -#endif /*CHARSET_EBCDIC*/ - -static unsigned short CONF_type_default[128]={ - 0x008,0x000,0x000,0x000,0x000,0x000,0x000,0x000, - 0x000,0x010,0x010,0x000,0x000,0x010,0x000,0x000, - 0x000,0x000,0x000,0x000,0x000,0x000,0x000,0x000, - 0x000,0x000,0x000,0x000,0x000,0x000,0x000,0x000, - 0x010,0x200,0x040,0x080,0x000,0x200,0x200,0x040, - 0x000,0x000,0x200,0x200,0x200,0x200,0x200,0x200, - 0x001,0x001,0x001,0x001,0x001,0x001,0x001,0x001, - 0x001,0x001,0x000,0x200,0x000,0x000,0x000,0x200, - 0x200,0x002,0x002,0x002,0x002,0x002,0x002,0x002, - 0x002,0x002,0x002,0x002,0x002,0x002,0x002,0x002, - 0x002,0x002,0x002,0x002,0x002,0x002,0x002,0x002, - 0x002,0x002,0x002,0x000,0x020,0x000,0x200,0x100, - 0x040,0x004,0x004,0x004,0x004,0x004,0x004,0x004, - 0x004,0x004,0x004,0x004,0x004,0x004,0x004,0x004, - 0x004,0x004,0x004,0x004,0x004,0x004,0x004,0x004, - 0x004,0x004,0x004,0x000,0x200,0x000,0x200,0x000, - }; - -static unsigned short CONF_type_win32[128]={ - 0x008,0x000,0x000,0x000,0x000,0x000,0x000,0x000, - 0x000,0x010,0x010,0x000,0x000,0x010,0x000,0x000, - 0x000,0x000,0x000,0x000,0x000,0x000,0x000,0x000, - 0x000,0x000,0x000,0x000,0x000,0x000,0x000,0x000, - 0x010,0x200,0x400,0x000,0x000,0x200,0x200,0x000, - 0x000,0x000,0x200,0x200,0x200,0x200,0x200,0x200, - 0x001,0x001,0x001,0x001,0x001,0x001,0x001,0x001, - 0x001,0x001,0x000,0xA00,0x000,0x000,0x000,0x200, - 0x200,0x002,0x002,0x002,0x002,0x002,0x002,0x002, - 0x002,0x002,0x002,0x002,0x002,0x002,0x002,0x002, - 0x002,0x002,0x002,0x002,0x002,0x002,0x002,0x002, - 0x002,0x002,0x002,0x000,0x000,0x000,0x200,0x100, - 0x000,0x004,0x004,0x004,0x004,0x004,0x004,0x004, - 0x004,0x004,0x004,0x004,0x004,0x004,0x004,0x004, - 0x004,0x004,0x004,0x004,0x004,0x004,0x004,0x004, - 0x004,0x004,0x004,0x000,0x200,0x000,0x200,0x000, - }; - diff --git a/src/lib/libcrypto/conf/conf_err.c b/src/lib/libcrypto/conf/conf_err.c deleted file mode 100644 index 06d3163573..0000000000 --- a/src/lib/libcrypto/conf/conf_err.c +++ /dev/null @@ -1,110 +0,0 @@ -/* crypto/conf/conf_err.c */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* NOTE: this file was auto generated by the mkerr.pl script: any changes - * made to it will be overwritten when the script next updates this file, - * only reason strings will be preserved. - */ - -#include -#include -#include - -/* BEGIN ERROR CODES */ -#ifndef NO_ERR -static ERR_STRING_DATA CONF_str_functs[]= - { -{ERR_PACK(0,CONF_F_CONF_DUMP_FP,0), "CONF_dump_fp"}, -{ERR_PACK(0,CONF_F_CONF_LOAD,0), "CONF_load"}, -{ERR_PACK(0,CONF_F_CONF_LOAD_BIO,0), "CONF_load_bio"}, -{ERR_PACK(0,CONF_F_CONF_LOAD_FP,0), "CONF_load_fp"}, -{ERR_PACK(0,CONF_F_NCONF_DUMP_BIO,0), "NCONF_dump_bio"}, -{ERR_PACK(0,CONF_F_NCONF_DUMP_FP,0), "NCONF_dump_fp"}, -{ERR_PACK(0,CONF_F_NCONF_GET_NUMBER,0), "NCONF_get_number"}, -{ERR_PACK(0,CONF_F_NCONF_GET_SECTION,0), "NCONF_get_section"}, -{ERR_PACK(0,CONF_F_NCONF_GET_STRING,0), "NCONF_get_string"}, -{ERR_PACK(0,CONF_F_NCONF_LOAD_BIO,0), "NCONF_load_bio"}, -{ERR_PACK(0,CONF_F_NCONF_NEW,0), "NCONF_new"}, -{ERR_PACK(0,CONF_F_STR_COPY,0), "STR_COPY"}, -{0,NULL} - }; - -static ERR_STRING_DATA CONF_str_reasons[]= - { -{CONF_R_MISSING_CLOSE_SQUARE_BRACKET ,"missing close square bracket"}, -{CONF_R_MISSING_EQUAL_SIGN ,"missing equal sign"}, -{CONF_R_NO_CLOSE_BRACE ,"no close brace"}, -{CONF_R_NO_CONF ,"no conf"}, -{CONF_R_UNABLE_TO_CREATE_NEW_SECTION ,"unable to create new section"}, -{CONF_R_VARIABLE_HAS_NO_VALUE ,"variable has no value"}, -{0,NULL} - }; - -#endif - -void ERR_load_CONF_strings(void) - { - static int init=1; - - if (init) - { - init=0; -#ifndef NO_ERR - ERR_load_strings(ERR_LIB_CONF,CONF_str_functs); - ERR_load_strings(ERR_LIB_CONF,CONF_str_reasons); -#endif - - } - } diff --git a/src/lib/libcrypto/conf/conf_lib.c b/src/lib/libcrypto/conf/conf_lib.c deleted file mode 100644 index 4c8ca9e9ae..0000000000 --- a/src/lib/libcrypto/conf/conf_lib.c +++ /dev/null @@ -1,352 +0,0 @@ -/* conf_lib.c */ -/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL - * project 2000. - */ -/* ==================================================================== - * Copyright (c) 2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include -#include -#include -#include - -const char *CONF_version="CONF" OPENSSL_VERSION_PTEXT; - -static CONF_METHOD *default_CONF_method=NULL; - -/* The following section contains the "CONF classic" functions, - rewritten in terms of the new CONF interface. */ - -int CONF_set_default_method(CONF_METHOD *meth) - { - default_CONF_method = meth; - return 1; - } - -LHASH *CONF_load(LHASH *conf, const char *file, long *eline) - { - LHASH *ltmp; - BIO *in=NULL; - -#ifdef VMS - in=BIO_new_file(file, "r"); -#else - in=BIO_new_file(file, "rb"); -#endif - if (in == NULL) - { - CONFerr(CONF_F_CONF_LOAD,ERR_R_SYS_LIB); - return NULL; - } - - ltmp = CONF_load_bio(conf, in, eline); - BIO_free(in); - - return ltmp; - } - -#ifndef NO_FP_API -LHASH *CONF_load_fp(LHASH *conf, FILE *fp,long *eline) - { - BIO *btmp; - LHASH *ltmp; - if(!(btmp = BIO_new_fp(fp, BIO_NOCLOSE))) { - CONFerr(CONF_F_CONF_LOAD_FP,ERR_R_BUF_LIB); - return NULL; - } - ltmp = CONF_load_bio(conf, btmp, eline); - BIO_free(btmp); - return ltmp; - } -#endif - -LHASH *CONF_load_bio(LHASH *conf, BIO *bp,long *eline) - { - CONF ctmp; - int ret; - - if (default_CONF_method == NULL) - default_CONF_method = NCONF_default(); - - default_CONF_method->init(&ctmp); - ctmp.data = conf; - ret = NCONF_load_bio(&ctmp, bp, eline); - if (ret) - return ctmp.data; - return NULL; - } - -STACK_OF(CONF_VALUE) *CONF_get_section(LHASH *conf,char *section) - { - CONF ctmp; - - if (default_CONF_method == NULL) - default_CONF_method = NCONF_default(); - - default_CONF_method->init(&ctmp); - ctmp.data = conf; - return NCONF_get_section(&ctmp, section); - } - -char *CONF_get_string(LHASH *conf,char *group,char *name) - { - CONF ctmp; - - if (default_CONF_method == NULL) - default_CONF_method = NCONF_default(); - - default_CONF_method->init(&ctmp); - ctmp.data = conf; - return NCONF_get_string(&ctmp, group, name); - } - -long CONF_get_number(LHASH *conf,char *group,char *name) - { - CONF ctmp; - - if (default_CONF_method == NULL) - default_CONF_method = NCONF_default(); - - default_CONF_method->init(&ctmp); - ctmp.data = conf; - return NCONF_get_number(&ctmp, group, name); - } - -void CONF_free(LHASH *conf) - { - CONF ctmp; - - if (default_CONF_method == NULL) - default_CONF_method = NCONF_default(); - - default_CONF_method->init(&ctmp); - ctmp.data = conf; - NCONF_free_data(&ctmp); - } - -#ifndef NO_FP_API -int CONF_dump_fp(LHASH *conf, FILE *out) - { - BIO *btmp; - int ret; - - if(!(btmp = BIO_new_fp(out, BIO_NOCLOSE))) { - CONFerr(CONF_F_CONF_DUMP_FP,ERR_R_BUF_LIB); - return 0; - } - ret = CONF_dump_bio(conf, btmp); - BIO_free(btmp); - return ret; - } -#endif - -int CONF_dump_bio(LHASH *conf, BIO *out) - { - CONF ctmp; - - if (default_CONF_method == NULL) - default_CONF_method = NCONF_default(); - - default_CONF_method->init(&ctmp); - ctmp.data = conf; - return NCONF_dump_bio(&ctmp, out); - } - -/* The following section contains the "New CONF" functions. They are - completely centralised around a new CONF structure that may contain - basically anything, but at least a method pointer and a table of data. - These functions are also written in terms of the bridge functions used - by the "CONF classic" functions, for consistency. */ - -CONF *NCONF_new(CONF_METHOD *meth) - { - CONF *ret; - - if (meth == NULL) - meth = NCONF_default(); - - ret = meth->create(meth); - if (ret == NULL) - { - CONFerr(CONF_F_NCONF_NEW,ERR_R_MALLOC_FAILURE); - return(NULL); - } - - return ret; - } - -void NCONF_free(CONF *conf) - { - if (conf == NULL) - return; - conf->meth->destroy(conf); - } - -void NCONF_free_data(CONF *conf) - { - if (conf == NULL) - return; - conf->meth->destroy_data(conf); - } - -int NCONF_load(CONF *conf, const char *file, long *eline) - { - int ret; - BIO *in=NULL; - -#ifdef VMS - in=BIO_new_file(file, "r"); -#else - in=BIO_new_file(file, "rb"); -#endif - if (in == NULL) - { - CONFerr(CONF_F_CONF_LOAD,ERR_R_SYS_LIB); - return 0; - } - - ret = NCONF_load_bio(conf, in, eline); - BIO_free(in); - - return ret; - } - -#ifndef NO_FP_API -int NCONF_load_fp(CONF *conf, FILE *fp,long *eline) - { - BIO *btmp; - int ret; - if(!(btmp = BIO_new_fp(fp, BIO_NOCLOSE))) - { - CONFerr(CONF_F_CONF_LOAD_FP,ERR_R_BUF_LIB); - return 0; - } - ret = NCONF_load_bio(conf, btmp, eline); - BIO_free(btmp); - return ret; - } -#endif - -int NCONF_load_bio(CONF *conf, BIO *bp,long *eline) - { - if (conf == NULL) - { - CONFerr(CONF_F_NCONF_LOAD_BIO,CONF_R_NO_CONF); - return 0; - } - - return conf->meth->load(conf, bp, eline); - } - -STACK_OF(CONF_VALUE) *NCONF_get_section(CONF *conf,char *section) - { - if (conf == NULL) - { - CONFerr(CONF_F_NCONF_GET_SECTION,CONF_R_NO_CONF); - return NULL; - } - - return _CONF_get_section_values(conf, section); - } - -char *NCONF_get_string(CONF *conf,char *group,char *name) - { - if (conf == NULL) - { - CONFerr(CONF_F_NCONF_GET_STRING,CONF_R_NO_CONF); - return NULL; - } - - return _CONF_get_string(conf, group, name); - } - -long NCONF_get_number(CONF *conf,char *group,char *name) - { - if (conf == NULL) - { - CONFerr(CONF_F_NCONF_GET_NUMBER,CONF_R_NO_CONF); - return 0; - } - - return _CONF_get_number(conf, group, name); - } - -#ifndef NO_FP_API -int NCONF_dump_fp(CONF *conf, FILE *out) - { - BIO *btmp; - int ret; - if(!(btmp = BIO_new_fp(out, BIO_NOCLOSE))) { - CONFerr(CONF_F_NCONF_DUMP_FP,ERR_R_BUF_LIB); - return 0; - } - ret = NCONF_dump_bio(conf, btmp); - BIO_free(btmp); - return ret; - } -#endif - -int NCONF_dump_bio(CONF *conf, BIO *out) - { - if (conf == NULL) - { - CONFerr(CONF_F_NCONF_DUMP_BIO,CONF_R_NO_CONF); - return 0; - } - - return conf->meth->dump(conf, out); - } - diff --git a/src/lib/libcrypto/conf/keysets.pl b/src/lib/libcrypto/conf/keysets.pl deleted file mode 100644 index 56669e76ac..0000000000 --- a/src/lib/libcrypto/conf/keysets.pl +++ /dev/null @@ -1,179 +0,0 @@ -#!/usr/local/bin/perl - -$NUMBER=0x01; -$UPPER=0x02; -$LOWER=0x04; -$UNDER=0x100; -$PUNCTUATION=0x200; -$WS=0x10; -$ESC=0x20; -$QUOTE=0x40; -$DQUOTE=0x400; -$COMMENT=0x80; -$FCOMMENT=0x800; -$EOF=0x08; - -foreach (0 .. 127) - { - $v=0; - $c=sprintf("%c",$_); - $v|=$NUMBER if ($c =~ /[0-9]/); - $v|=$UPPER if ($c =~ /[A-Z]/); - $v|=$LOWER if ($c =~ /[a-z]/); - $v|=$UNDER if ($c =~ /_/); - $v|=$PUNCTUATION if ($c =~ /[!\.%&\*\+,\/;\?\@\^\~\|-]/); - $v|=$WS if ($c =~ /[ \t\r\n]/); - $v|=$ESC if ($c =~ /\\/); - $v|=$QUOTE if ($c =~ /['`"]/); # for emacs: "`'}/) - $v|=$COMMENT if ($c =~ /\#/); - $v|=$EOF if ($c =~ /\0/); - - push(@V_def,$v); - } - -foreach (0 .. 127) - { - $v=0; - $c=sprintf("%c",$_); - $v|=$NUMBER if ($c =~ /[0-9]/); - $v|=$UPPER if ($c =~ /[A-Z]/); - $v|=$LOWER if ($c =~ /[a-z]/); - $v|=$UNDER if ($c =~ /_/); - $v|=$PUNCTUATION if ($c =~ /[!\.%&\*\+,\/;\?\@\^\~\|-]/); - $v|=$WS if ($c =~ /[ \t\r\n]/); - $v|=$DQUOTE if ($c =~ /["]/); # for emacs: "}/) - $v|=$FCOMMENT if ($c =~ /;/); - $v|=$EOF if ($c =~ /\0/); - - push(@V_w32,$v); - } - -print <<"EOF"; -/* crypto/conf/conf_def.h */ -/* Copyright (C) 1995-1998 Eric Young (eay\@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay\@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh\@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay\@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh\@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -/* THIS FILE WAS AUTOMAGICALLY GENERATED! - Please modify and use keysets.pl to regenerate it. */ - -#define CONF_NUMBER $NUMBER -#define CONF_UPPER $UPPER -#define CONF_LOWER $LOWER -#define CONF_UNDER $UNDER -#define CONF_PUNCTUATION $PUNCTUATION -#define CONF_WS $WS -#define CONF_ESC $ESC -#define CONF_QUOTE $QUOTE -#define CONF_DQUOTE $DQUOTE -#define CONF_COMMENT $COMMENT -#define CONF_FCOMMENT $FCOMMENT -#define CONF_EOF $EOF -#define CONF_ALPHA (CONF_UPPER|CONF_LOWER) -#define CONF_ALPHA_NUMERIC (CONF_ALPHA|CONF_NUMBER|CONF_UNDER) -#define CONF_ALPHA_NUMERIC_PUNCT (CONF_ALPHA|CONF_NUMBER|CONF_UNDER| \\ - CONF_PUNCTUATION) - -#define KEYTYPES(c) ((unsigned short *)((c)->meth_data)) -#ifndef CHARSET_EBCDIC -#define IS_COMMENT(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_COMMENT) -#define IS_FCOMMENT(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_FCOMMENT) -#define IS_EOF(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_EOF) -#define IS_ESC(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_ESC) -#define IS_NUMBER(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_NUMBER) -#define IS_WS(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_WS) -#define IS_ALPHA_NUMERIC(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_ALPHA_NUMERIC) -#define IS_ALPHA_NUMERIC_PUNCT(c,a) \\ - (KEYTYPES(c)[(a)&0x7f]&CONF_ALPHA_NUMERIC_PUNCT) -#define IS_QUOTE(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_QUOTE) -#define IS_DQUOTE(c,a) (KEYTYPES(c)[(a)&0x7f]&CONF_DQUOTE) - -#else /*CHARSET_EBCDIC*/ - -#define IS_COMMENT(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_COMMENT) -#define IS_FCOMMENT(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_FCOMMENT) -#define IS_EOF(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_EOF) -#define IS_ESC(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_ESC) -#define IS_NUMBER(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_NUMBER) -#define IS_WS(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_WS) -#define IS_ALPHA_NUMERIC(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_ALPHA_NUMERIC) -#define IS_ALPHA_NUMERIC_PUNCT(c,a) \\ - (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_ALPHA_NUMERIC_PUNCT) -#define IS_QUOTE(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_QUOTE) -#define IS_DQUOTE(c,a) (KEYTYPES(c)[os_toascii[a]&0x7f]&CONF_DQUOTE) -#endif /*CHARSET_EBCDIC*/ - -EOF - -print "static unsigned short CONF_type_default[128]={"; - -for ($i=0; $i<128; $i++) - { - print "\n\t" if ($i % 8) == 0; - printf "0x%03X,",$V_def[$i]; - } - -print "\n\t};\n\n"; - -print "static unsigned short CONF_type_win32[128]={"; - -for ($i=0; $i<128; $i++) - { - print "\n\t" if ($i % 8) == 0; - printf "0x%03X,",$V_w32[$i]; - } - -print "\n\t};\n\n"; diff --git a/src/lib/libcrypto/conf/ssleay.cnf b/src/lib/libcrypto/conf/ssleay.cnf deleted file mode 100644 index ed33af601e..0000000000 --- a/src/lib/libcrypto/conf/ssleay.cnf +++ /dev/null @@ -1,78 +0,0 @@ -# -# This is a test configuration file for use in SSLeay etc... -# - -init = 5 -in\#it1 =10 -init2='10' -init3='10\'' -init4="10'" -init5='='10\'' again' - -SSLeay::version = 0.5.0 - -[genrsa] -default_bits = 512 -SSLEAY::version = 0.5.0 - -[gendh] -default_bits = 512 -def_generator = 2 - -[s_client] -cipher1 = DES_CBC_MD5:DES_CBC_SHA:DES_EDE_SHA:RC4_MD5\ -cipher2 = 'DES_CBC_MD5 DES_CBC_SHA DES_EDE_SHA RC4_MD5' -cipher3 = "DES_CBC_MD5 DES_CBC_SHA DES_EDE_SHA RC4_MD5" -cipher4 = DES_CBC_MD5 DES_CBC_SHA DES_EDE_SHA RC4_MD5 - -[ default ] -cert_dir = $ENV::HOME/.ca_certs - -HOME = /tmp/eay - -tmp_cert_dir = $HOME/.ca_certs -tmp2_cert_dir = thisis$(HOME)stuff - -LOGNAME = Eric Young (home=$HOME) - -[ special ] - -H=$HOME -H=$default::HOME -H=$ENV::HOME -# -# SSLeay example configuration file. -# This is mostly being used for generation of certificate requests. -# - -RANDFILE = $HOME/.rand - -[ req ] -default_bits = 512 -default_keyfile = privkey.pem - -Attribute_type_1 = countryName -Attribute_text_1 = Country Name (2 letter code) -Attribute_default_1 = AU - -Attribute_type_2 = stateOrProvinceName -Attribute_text_2 = State or Province Name (full name) -Attribute_default_2 = Queensland - -Attribute_type_3 = localityName -Attribute_text_3 = Locality Name (eg, city) - -Attribute_type_4 = organizationName -Attribute_text_4 = Organization Name (eg, company) -Attribute_default_4 = Mincom Pty Ltd - -Attribute_type_5 = organizationalUnitName -Attribute_text_5 = Organizational Unit Name (eg, section) -Attribute_default_5 = TR - -Attribute_type_6 = commonName -Attribute_text_6 = Common Name (eg, YOUR name) - -Attribute_type_7 = emailAddress -Attribute_text_7 = Email Address - diff --git a/src/lib/libcrypto/cpt_err.c b/src/lib/libcrypto/cpt_err.c deleted file mode 100644 index 7018b74ca0..0000000000 --- a/src/lib/libcrypto/cpt_err.c +++ /dev/null @@ -1,97 +0,0 @@ -/* crypto/cpt_err.c */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* NOTE: this file was auto generated by the mkerr.pl script: any changes - * made to it will be overwritten when the script next updates this file, - * only reason strings will be preserved. - */ - -#include -#include -#include - -/* BEGIN ERROR CODES */ -#ifndef NO_ERR -static ERR_STRING_DATA CRYPTO_str_functs[]= - { -{ERR_PACK(0,CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX,0), "CRYPTO_get_ex_new_index"}, -{ERR_PACK(0,CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,0), "CRYPTO_get_new_dynlockid"}, -{ERR_PACK(0,CRYPTO_F_CRYPTO_GET_NEW_LOCKID,0), "CRYPTO_get_new_lockid"}, -{ERR_PACK(0,CRYPTO_F_CRYPTO_SET_EX_DATA,0), "CRYPTO_set_ex_data"}, -{0,NULL} - }; - -static ERR_STRING_DATA CRYPTO_str_reasons[]= - { -{CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK ,"no dynlock create callback"}, -{0,NULL} - }; - -#endif - -void ERR_load_CRYPTO_strings(void) - { - static int init=1; - - if (init) - { - init=0; -#ifndef NO_ERR - ERR_load_strings(ERR_LIB_CRYPTO,CRYPTO_str_functs); - ERR_load_strings(ERR_LIB_CRYPTO,CRYPTO_str_reasons); -#endif - - } - } diff --git a/src/lib/libcrypto/cryptlib.c b/src/lib/libcrypto/cryptlib.c deleted file mode 100644 index 9de60fd528..0000000000 --- a/src/lib/libcrypto/cryptlib.c +++ /dev/null @@ -1,491 +0,0 @@ -/* crypto/cryptlib.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include "cryptlib.h" -#include -#include - -#if defined(WIN32) || defined(WIN16) -static double SSLeay_MSVC5_hack=0.0; /* and for VC1.5 */ -#endif - -DECLARE_STACK_OF(CRYPTO_dynlock) -IMPLEMENT_STACK_OF(CRYPTO_dynlock) - -/* real #defines in crypto.h, keep these upto date */ -static const char* lock_names[CRYPTO_NUM_LOCKS] = - { - "<>", - "err", - "err_hash", - "x509", - "x509_info", - "x509_pkey", - "x509_crl", - "x509_req", - "dsa", - "rsa", - "evp_pkey", - "x509_store", - "ssl_ctx", - "ssl_cert", - "ssl_session", - "ssl_sess_cert", - "ssl", - "rand", - "debug_malloc", - "BIO", - "gethostbyname", - "getservbyname", - "readdir", - "RSA_blinding", - "dh", - "debug_malloc2", - "dso", - "dynlock", - "engine", -#if CRYPTO_NUM_LOCKS != 29 -# error "Inconsistency between crypto.h and cryptlib.c" -#endif - }; - -/* This is for applications to allocate new type names in the non-dynamic - array of lock names. These are numbered with positive numbers. */ -static STACK *app_locks=NULL; - -/* For applications that want a more dynamic way of handling threads, the - following stack is used. These are externally numbered with negative - numbers. */ -static STACK_OF(CRYPTO_dynlock) *dyn_locks=NULL; - - -static void (MS_FAR *locking_callback)(int mode,int type, - const char *file,int line)=NULL; -static int (MS_FAR *add_lock_callback)(int *pointer,int amount, - int type,const char *file,int line)=NULL; -static unsigned long (MS_FAR *id_callback)(void)=NULL; -static struct CRYPTO_dynlock_value *(MS_FAR *dynlock_create_callback) - (const char *file,int line)=NULL; -static void (MS_FAR *dynlock_lock_callback)(int mode, - struct CRYPTO_dynlock_value *l, const char *file,int line)=NULL; -static void (MS_FAR *dynlock_destroy_callback)(struct CRYPTO_dynlock_value *l, - const char *file,int line)=NULL; - -int CRYPTO_get_new_lockid(char *name) - { - char *str; - int i; - - /* A hack to make Visual C++ 5.0 work correctly when linking as - * a DLL using /MT. Without this, the application cannot use - * and floating point printf's. - * It also seems to be needed for Visual C 1.5 (win16) */ -#if defined(WIN32) || defined(WIN16) - SSLeay_MSVC5_hack=(double)name[0]*(double)name[1]; -#endif - - if ((app_locks == NULL) && ((app_locks=sk_new_null()) == NULL)) - { - CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_LOCKID,ERR_R_MALLOC_FAILURE); - return(0); - } - if ((str=BUF_strdup(name)) == NULL) - { - CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_LOCKID,ERR_R_MALLOC_FAILURE); - return(0); - } - i=sk_push(app_locks,str); - if (!i) - OPENSSL_free(str); - else - i+=CRYPTO_NUM_LOCKS; /* gap of one :-) */ - return(i); - } - -int CRYPTO_num_locks(void) - { - return CRYPTO_NUM_LOCKS; - } - -int CRYPTO_get_new_dynlockid(void) - { - int i = 0; - CRYPTO_dynlock *pointer = NULL; - - if (dynlock_create_callback == NULL) - { - CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK); - return(0); - } - CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK); - if ((dyn_locks == NULL) - && ((dyn_locks=sk_CRYPTO_dynlock_new_null()) == NULL)) - { - CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK); - CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,ERR_R_MALLOC_FAILURE); - return(0); - } - CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK); - - pointer = (CRYPTO_dynlock *)OPENSSL_malloc(sizeof(CRYPTO_dynlock)); - if (pointer == NULL) - { - CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,ERR_R_MALLOC_FAILURE); - return(0); - } - pointer->references = 1; - pointer->data = dynlock_create_callback(__FILE__,__LINE__); - if (pointer->data == NULL) - { - OPENSSL_free(pointer); - CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID,ERR_R_MALLOC_FAILURE); - return(0); - } - - CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK); - /* First, try to find an existing empty slot */ - i=sk_CRYPTO_dynlock_find(dyn_locks,NULL); - /* If there was none, push, thereby creating a new one */ - if (i == -1) - i=sk_CRYPTO_dynlock_push(dyn_locks,pointer); - CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK); - - if (!i) - { - dynlock_destroy_callback(pointer->data,__FILE__,__LINE__); - OPENSSL_free(pointer); - } - else - i += 1; /* to avoid 0 */ - return -i; - } - -void CRYPTO_destroy_dynlockid(int i) - { - CRYPTO_dynlock *pointer = NULL; - if (i) - i = -i-1; - if (dynlock_destroy_callback == NULL) - return; - - CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK); - - if (dyn_locks == NULL || i >= sk_CRYPTO_dynlock_num(dyn_locks)) - return; - pointer = sk_CRYPTO_dynlock_value(dyn_locks, i); - if (pointer != NULL) - { - --pointer->references; -#ifdef REF_CHECK - if (pointer->references < 0) - { - fprintf(stderr,"CRYPTO_destroy_dynlockid, bad reference count\n"); - abort(); - } - else -#endif - if (--(pointer->references) <= 0) - { - sk_CRYPTO_dynlock_set(dyn_locks, i, NULL); - } - else - pointer = NULL; - } - CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK); - - if (pointer) - { - dynlock_destroy_callback(pointer->data,__FILE__,__LINE__); - OPENSSL_free(pointer); - } - } - -struct CRYPTO_dynlock_value *CRYPTO_get_dynlock_value(int i) - { - CRYPTO_dynlock *pointer = NULL; - if (i) - i = -i-1; - - CRYPTO_w_lock(CRYPTO_LOCK_DYNLOCK); - - if (dyn_locks != NULL && i < sk_CRYPTO_dynlock_num(dyn_locks)) - pointer = sk_CRYPTO_dynlock_value(dyn_locks, i); - if (pointer) - pointer->references++; - - CRYPTO_w_unlock(CRYPTO_LOCK_DYNLOCK); - - if (pointer) - return pointer->data; - return NULL; - } - -struct CRYPTO_dynlock_value *(*CRYPTO_get_dynlock_create_callback(void)) - (const char *file,int line) - { - return(dynlock_create_callback); - } - -void (*CRYPTO_get_dynlock_lock_callback(void))(int mode, - struct CRYPTO_dynlock_value *l, const char *file,int line) - { - return(dynlock_lock_callback); - } - -void (*CRYPTO_get_dynlock_destroy_callback(void)) - (struct CRYPTO_dynlock_value *l, const char *file,int line) - { - return(dynlock_destroy_callback); - } - -void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value *(*func) - (const char *file, int line)) - { - dynlock_create_callback=func; - } - -void CRYPTO_set_dynlock_lock_callback(void (*func)(int mode, - struct CRYPTO_dynlock_value *l, const char *file, int line)) - { - dynlock_lock_callback=func; - } - -void CRYPTO_set_dynlock_destroy_callback(void (*func) - (struct CRYPTO_dynlock_value *l, const char *file, int line)) - { - dynlock_destroy_callback=func; - } - - -void (*CRYPTO_get_locking_callback(void))(int mode,int type,const char *file, - int line) - { - return(locking_callback); - } - -int (*CRYPTO_get_add_lock_callback(void))(int *num,int mount,int type, - const char *file,int line) - { - return(add_lock_callback); - } - -void CRYPTO_set_locking_callback(void (*func)(int mode,int type, - const char *file,int line)) - { - locking_callback=func; - } - -void CRYPTO_set_add_lock_callback(int (*func)(int *num,int mount,int type, - const char *file,int line)) - { - add_lock_callback=func; - } - -unsigned long (*CRYPTO_get_id_callback(void))(void) - { - return(id_callback); - } - -void CRYPTO_set_id_callback(unsigned long (*func)(void)) - { - id_callback=func; - } - -unsigned long CRYPTO_thread_id(void) - { - unsigned long ret=0; - - if (id_callback == NULL) - { -#ifdef WIN16 - ret=(unsigned long)GetCurrentTask(); -#elif defined(WIN32) - ret=(unsigned long)GetCurrentThreadId(); -#elif defined(GETPID_IS_MEANINGLESS) - ret=1L; -#else - ret=(unsigned long)getpid(); -#endif - } - else - ret=id_callback(); - return(ret); - } - -void CRYPTO_lock(int mode, int type, const char *file, int line) - { -#ifdef LOCK_DEBUG - { - char *rw_text,*operation_text; - - if (mode & CRYPTO_LOCK) - operation_text="lock "; - else if (mode & CRYPTO_UNLOCK) - operation_text="unlock"; - else - operation_text="ERROR "; - - if (mode & CRYPTO_READ) - rw_text="r"; - else if (mode & CRYPTO_WRITE) - rw_text="w"; - else - rw_text="ERROR"; - - fprintf(stderr,"lock:%08lx:(%s)%s %-18s %s:%d\n", - CRYPTO_thread_id(), rw_text, operation_text, - CRYPTO_get_lock_name(type), file, line); - } -#endif - if (type < 0) - { - int i = -type - 1; - struct CRYPTO_dynlock_value *pointer - = CRYPTO_get_dynlock_value(i); - - if (pointer) - { - dynlock_lock_callback(mode, pointer, file, line); - } - - CRYPTO_destroy_dynlockid(i); - } - else - if (locking_callback != NULL) - locking_callback(mode,type,file,line); - } - -int CRYPTO_add_lock(int *pointer, int amount, int type, const char *file, - int line) - { - int ret = 0; - - if (add_lock_callback != NULL) - { -#ifdef LOCK_DEBUG - int before= *pointer; -#endif - - ret=add_lock_callback(pointer,amount,type,file,line); -#ifdef LOCK_DEBUG - fprintf(stderr,"ladd:%08lx:%2d+%2d->%2d %-18s %s:%d\n", - CRYPTO_thread_id(), - before,amount,ret, - CRYPTO_get_lock_name(type), - file,line); -#endif - *pointer=ret; - } - else - { - CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,file,line); - - ret= *pointer+amount; -#ifdef LOCK_DEBUG - fprintf(stderr,"ladd:%08lx:%2d+%2d->%2d %-18s %s:%d\n", - CRYPTO_thread_id(), - *pointer,amount,ret, - CRYPTO_get_lock_name(type), - file,line); -#endif - *pointer=ret; - CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,file,line); - } - return(ret); - } - -const char *CRYPTO_get_lock_name(int type) - { - if (type < 0) - return("dynamic"); - else if (type < CRYPTO_NUM_LOCKS) - return(lock_names[type]); - else if (type-CRYPTO_NUM_LOCKS >= sk_num(app_locks)) - return("ERROR"); - else - return(sk_value(app_locks,type-CRYPTO_NUM_LOCKS)); - } - -#ifdef _DLL -#ifdef WIN32 - -/* All we really need to do is remove the 'error' state when a thread - * detaches */ - -BOOL WINAPI DLLEntryPoint(HINSTANCE hinstDLL, DWORD fdwReason, - LPVOID lpvReserved) - { - switch(fdwReason) - { - case DLL_PROCESS_ATTACH: - break; - case DLL_THREAD_ATTACH: - break; - case DLL_THREAD_DETACH: - ERR_remove_state(0); - break; - case DLL_PROCESS_DETACH: - break; - } - return(TRUE); - } -#endif - -#endif diff --git a/src/lib/libcrypto/cryptlib.h b/src/lib/libcrypto/cryptlib.h deleted file mode 100644 index 5eff5d3141..0000000000 --- a/src/lib/libcrypto/cryptlib.h +++ /dev/null @@ -1,96 +0,0 @@ -/* crypto/cryptlib.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_CRYPTLIB_H -#define HEADER_CRYPTLIB_H - -#include -#include - -#include "openssl/e_os.h" - -#include -#include -#include -#include -#include - -#ifdef __cplusplus -extern "C" { -#endif - -#ifndef VMS -#define X509_CERT_AREA OPENSSLDIR -#define X509_CERT_DIR OPENSSLDIR "/certs" -#define X509_CERT_FILE OPENSSLDIR "/cert.pem" -#define X509_PRIVATE_DIR OPENSSLDIR "/private" -#else -#define X509_CERT_AREA "SSLROOT:[000000]" -#define X509_CERT_DIR "SSLCERTS:" -#define X509_CERT_FILE "SSLCERTS:cert.pem" -#define X509_PRIVATE_DIR "SSLPRIVATE:" -#endif - -#define X509_CERT_DIR_EVP "SSL_CERT_DIR" -#define X509_CERT_FILE_EVP "SSL_CERT_FILE" - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/src/lib/libcrypto/crypto.h b/src/lib/libcrypto/crypto.h deleted file mode 100644 index 52ee97b71a..0000000000 --- a/src/lib/libcrypto/crypto.h +++ /dev/null @@ -1,401 +0,0 @@ -/* crypto/crypto.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_CRYPTO_H -#define HEADER_CRYPTO_H - -#include - -#ifndef NO_FP_API -#include -#endif - -#include -#include -#include - -#ifdef CHARSET_EBCDIC -#include -#endif - -/* Resolve problems on some operating systems with symbol names that clash - one way or another */ -#include - -#ifdef __cplusplus -extern "C" { -#endif - -/* Backward compatibility to SSLeay */ -/* This is more to be used to check the correct DLL is being used - * in the MS world. */ -#define SSLEAY_VERSION_NUMBER OPENSSL_VERSION_NUMBER -#define SSLEAY_VERSION 0 -/* #define SSLEAY_OPTIONS 1 no longer supported */ -#define SSLEAY_CFLAGS 2 -#define SSLEAY_BUILT_ON 3 -#define SSLEAY_PLATFORM 4 - -/* When changing the CRYPTO_LOCK_* list, be sure to maintin the text lock - * names in cryptlib.c - */ - -#define CRYPTO_LOCK_ERR 1 -#define CRYPTO_LOCK_ERR_HASH 2 -#define CRYPTO_LOCK_X509 3 -#define CRYPTO_LOCK_X509_INFO 4 -#define CRYPTO_LOCK_X509_PKEY 5 -#define CRYPTO_LOCK_X509_CRL 6 -#define CRYPTO_LOCK_X509_REQ 7 -#define CRYPTO_LOCK_DSA 8 -#define CRYPTO_LOCK_RSA 9 -#define CRYPTO_LOCK_EVP_PKEY 10 -#define CRYPTO_LOCK_X509_STORE 11 -#define CRYPTO_LOCK_SSL_CTX 12 -#define CRYPTO_LOCK_SSL_CERT 13 -#define CRYPTO_LOCK_SSL_SESSION 14 -#define CRYPTO_LOCK_SSL_SESS_CERT 15 -#define CRYPTO_LOCK_SSL 16 -#define CRYPTO_LOCK_RAND 17 -#define CRYPTO_LOCK_MALLOC 18 -#define CRYPTO_LOCK_BIO 19 -#define CRYPTO_LOCK_GETHOSTBYNAME 20 -#define CRYPTO_LOCK_GETSERVBYNAME 21 -#define CRYPTO_LOCK_READDIR 22 -#define CRYPTO_LOCK_RSA_BLINDING 23 -#define CRYPTO_LOCK_DH 24 -#define CRYPTO_LOCK_MALLOC2 25 -#define CRYPTO_LOCK_DSO 26 -#define CRYPTO_LOCK_DYNLOCK 27 -#define CRYPTO_LOCK_ENGINE 28 -#define CRYPTO_NUM_LOCKS 29 - -#define CRYPTO_LOCK 1 -#define CRYPTO_UNLOCK 2 -#define CRYPTO_READ 4 -#define CRYPTO_WRITE 8 - -#ifndef NO_LOCKING -#ifndef CRYPTO_w_lock -#define CRYPTO_w_lock(type) \ - CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,__FILE__,__LINE__) -#define CRYPTO_w_unlock(type) \ - CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,__FILE__,__LINE__) -#define CRYPTO_r_lock(type) \ - CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,__FILE__,__LINE__) -#define CRYPTO_r_unlock(type) \ - CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,__FILE__,__LINE__) -#define CRYPTO_add(addr,amount,type) \ - CRYPTO_add_lock(addr,amount,type,__FILE__,__LINE__) -#endif -#else -#define CRYPTO_w_lock(a) -#define CRYPTO_w_unlock(a) -#define CRYPTO_r_lock(a) -#define CRYPTO_r_unlock(a) -#define CRYPTO_add(a,b,c) ((*(a))+=(b)) -#endif - -/* Some applications as well as some parts of OpenSSL need to allocate - and deallocate locks in a dynamic fashion. The following typedef - makes this possible in a type-safe manner. */ -/* struct CRYPTO_dynlock_value has to be defined by the application. */ -typedef struct - { - int references; - struct CRYPTO_dynlock_value *data; - } CRYPTO_dynlock; - - -/* The following can be used to detect memory leaks in the SSLeay library. - * It used, it turns on malloc checking */ - -#define CRYPTO_MEM_CHECK_OFF 0x0 /* an enume */ -#define CRYPTO_MEM_CHECK_ON 0x1 /* a bit */ -#define CRYPTO_MEM_CHECK_ENABLE 0x2 /* a bit */ -#define CRYPTO_MEM_CHECK_DISABLE 0x3 /* an enume */ - -/* The following are bit values to turn on or off options connected to the - * malloc checking functionality */ - -/* Adds time to the memory checking information */ -#define V_CRYPTO_MDEBUG_TIME 0x1 /* a bit */ -/* Adds thread number to the memory checking information */ -#define V_CRYPTO_MDEBUG_THREAD 0x2 /* a bit */ - -#define V_CRYPTO_MDEBUG_ALL (V_CRYPTO_MDEBUG_TIME | V_CRYPTO_MDEBUG_THREAD) - - -/* predec of the BIO type */ -typedef struct bio_st BIO_dummy; - -typedef struct crypto_ex_data_st - { - STACK *sk; - int dummy; /* gcc is screwing up this data structure :-( */ - } CRYPTO_EX_DATA; - -/* Called when a new object is created */ -typedef int CRYPTO_EX_new(void *parent, void *ptr, CRYPTO_EX_DATA *ad, - int idx, long argl, void *argp); -/* Called when an object is free()ed */ -typedef void CRYPTO_EX_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad, - int idx, long argl, void *argp); -/* Called when we need to dup an object */ -typedef int CRYPTO_EX_dup(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, void *from_d, - int idx, long argl, void *argp); - -/* This stuff is basically class callback functions - * The current classes are SSL_CTX, SSL, SSL_SESSION, and a few more */ - -typedef struct crypto_ex_data_func_st - { - long argl; /* Arbitary long */ - void *argp; /* Arbitary void * */ - CRYPTO_EX_new *new_func; - CRYPTO_EX_free *free_func; - CRYPTO_EX_dup *dup_func; - } CRYPTO_EX_DATA_FUNCS; - -DECLARE_STACK_OF(CRYPTO_EX_DATA_FUNCS) - -/* Per class, we have a STACK of CRYPTO_EX_DATA_FUNCS for each CRYPTO_EX_DATA - * entry. - */ - -#define CRYPTO_EX_INDEX_BIO 0 -#define CRYPTO_EX_INDEX_SSL 1 -#define CRYPTO_EX_INDEX_SSL_CTX 2 -#define CRYPTO_EX_INDEX_SSL_SESSION 3 -#define CRYPTO_EX_INDEX_X509_STORE 4 -#define CRYPTO_EX_INDEX_X509_STORE_CTX 5 - - -/* This is the default callbacks, but we can have others as well: - * this is needed in Win32 where the application malloc and the - * library malloc may not be the same. - */ -#define CRYPTO_malloc_init() CRYPTO_set_mem_functions(\ - malloc, realloc, free) - -#if defined CRYPTO_MDEBUG_ALL || defined CRYPTO_MDEBUG_TIME || defined CRYPTO_MDEBUG_THREAD -# ifndef CRYPTO_MDEBUG /* avoid duplicate #define */ -# define CRYPTO_MDEBUG -# endif -#endif - -/* Set standard debugging functions (not done by default - * unless CRYPTO_MDEBUG is defined) */ -#define CRYPTO_malloc_debug_init() do {\ - CRYPTO_set_mem_debug_functions(\ - CRYPTO_dbg_malloc,\ - CRYPTO_dbg_realloc,\ - CRYPTO_dbg_free,\ - CRYPTO_dbg_set_options,\ - CRYPTO_dbg_get_options);\ - } while(0) - -int CRYPTO_mem_ctrl(int mode); -int CRYPTO_is_mem_check_on(void); - -/* for applications */ -#define MemCheck_start() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON) -#define MemCheck_stop() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_OFF) - -/* for library-internal use */ -#define MemCheck_on() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ENABLE) -#define MemCheck_off() CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE) -#define is_MemCheck_on() CRYPTO_is_mem_check_on() - -#define OPENSSL_malloc(num) CRYPTO_malloc((int)num,__FILE__,__LINE__) -#define OPENSSL_realloc(addr,num) \ - CRYPTO_realloc((char *)addr,(int)num,__FILE__,__LINE__) -#define OPENSSL_remalloc(addr,num) \ - CRYPTO_remalloc((char **)addr,(int)num,__FILE__,__LINE__) -#define OPENSSL_freeFunc CRYPTO_free -#define OPENSSL_free(addr) CRYPTO_free(addr) - -#define OPENSSL_malloc_locked(num) \ - CRYPTO_malloc_locked((int)num,__FILE__,__LINE__) -#define OPENSSL_free_locked(addr) CRYPTO_free_locked(addr) - - -const char *SSLeay_version(int type); -unsigned long SSLeay(void); - -int CRYPTO_get_ex_new_index(int idx, STACK_OF(CRYPTO_EX_DATA_FUNCS) **skp, long argl, void *argp, - CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); -int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad, int idx, void *val); -void *CRYPTO_get_ex_data(CRYPTO_EX_DATA *ad,int idx); -int CRYPTO_dup_ex_data(STACK_OF(CRYPTO_EX_DATA_FUNCS) *meth, CRYPTO_EX_DATA *to, - CRYPTO_EX_DATA *from); -void CRYPTO_free_ex_data(STACK_OF(CRYPTO_EX_DATA_FUNCS) *meth, void *obj, CRYPTO_EX_DATA *ad); -void CRYPTO_new_ex_data(STACK_OF(CRYPTO_EX_DATA_FUNCS) *meth, void *obj, CRYPTO_EX_DATA *ad); - -int CRYPTO_get_new_lockid(char *name); - -int CRYPTO_num_locks(void); /* return CRYPTO_NUM_LOCKS (shared libs!) */ -void CRYPTO_lock(int mode, int type,const char *file,int line); -void CRYPTO_set_locking_callback(void (*func)(int mode,int type, - const char *file,int line)); -void (*CRYPTO_get_locking_callback(void))(int mode,int type,const char *file, - int line); -void CRYPTO_set_add_lock_callback(int (*func)(int *num,int mount,int type, - const char *file, int line)); -int (*CRYPTO_get_add_lock_callback(void))(int *num,int mount,int type, - const char *file,int line); -void CRYPTO_set_id_callback(unsigned long (*func)(void)); -unsigned long (*CRYPTO_get_id_callback(void))(void); -unsigned long CRYPTO_thread_id(void); -const char *CRYPTO_get_lock_name(int type); -int CRYPTO_add_lock(int *pointer,int amount,int type, const char *file, - int line); - -int CRYPTO_get_new_dynlockid(void); -void CRYPTO_destroy_dynlockid(int i); -struct CRYPTO_dynlock_value *CRYPTO_get_dynlock_value(int i); -void CRYPTO_set_dynlock_create_callback(struct CRYPTO_dynlock_value *(*dyn_create_function)(const char *file, int line)); -void CRYPTO_set_dynlock_lock_callback(void (*dyn_lock_function)(int mode, struct CRYPTO_dynlock_value *l, const char *file, int line)); -void CRYPTO_set_dynlock_destroy_callback(void (*dyn_destroy_function)(struct CRYPTO_dynlock_value *l, const char *file, int line)); -struct CRYPTO_dynlock_value *(*CRYPTO_get_dynlock_create_callback(void))(const char *file,int line); -void (*CRYPTO_get_dynlock_lock_callback(void))(int mode, struct CRYPTO_dynlock_value *l, const char *file,int line); -void (*CRYPTO_get_dynlock_destroy_callback(void))(struct CRYPTO_dynlock_value *l, const char *file,int line); - -/* CRYPTO_set_mem_functions includes CRYPTO_set_locked_mem_functions -- - * call the latter last if you need different functions */ -int CRYPTO_set_mem_functions(void *(*m)(size_t),void *(*r)(void *,size_t), void (*f)(void *)); -int CRYPTO_set_locked_mem_functions(void *(*m)(size_t), void (*free_func)(void *)); -int CRYPTO_set_mem_debug_functions(void (*m)(void *,int,const char *,int,int), - void (*r)(void *,void *,int,const char *,int,int), - void (*f)(void *,int), - void (*so)(long), - long (*go)(void)); -void CRYPTO_get_mem_functions(void *(**m)(size_t),void *(**r)(void *, size_t), void (**f)(void *)); -void CRYPTO_get_locked_mem_functions(void *(**m)(size_t), void (**f)(void *)); -void CRYPTO_get_mem_debug_functions(void (**m)(void *,int,const char *,int,int), - void (**r)(void *,void *,int,const char *,int,int), - void (**f)(void *,int), - void (**so)(long), - long (**go)(void)); - -void *CRYPTO_malloc_locked(int num, const char *file, int line); -void CRYPTO_free_locked(void *); -void *CRYPTO_malloc(int num, const char *file, int line); -void CRYPTO_free(void *); -void *CRYPTO_realloc(void *addr,int num, const char *file, int line); -void *CRYPTO_remalloc(void *addr,int num, const char *file, int line); - -void CRYPTO_set_mem_debug_options(long bits); -long CRYPTO_get_mem_debug_options(void); - -#define CRYPTO_push_info(info) \ - CRYPTO_push_info_(info, __FILE__, __LINE__); -int CRYPTO_push_info_(const char *info, const char *file, int line); -int CRYPTO_pop_info(void); -int CRYPTO_remove_all_info(void); - -/* The last argument has the following significance: - * - * 0: called before the actual memory allocation has taken place - * 1: called after the actual memory allocation has taken place - */ -void CRYPTO_dbg_malloc(void *addr,int num,const char *file,int line,int before_p); -void CRYPTO_dbg_realloc(void *addr1,void *addr2,int num,const char *file,int line,int before_p); -void CRYPTO_dbg_free(void *addr,int before_p); - -/* Tell the debugging code about options. By default, the following values - * apply: - * - * 0: Clear all options. - * 1: Set the "Show Time" option. - * 2: Set the "Show Thread Number" option. - * 3: 1 + 2 - */ -void CRYPTO_dbg_set_options(long bits); -long CRYPTO_dbg_get_options(void); - -#ifndef NO_FP_API -void CRYPTO_mem_leaks_fp(FILE *); -#endif -void CRYPTO_mem_leaks(struct bio_st *bio); -/* unsigned long order, char *file, int line, int num_bytes, char *addr */ -void CRYPTO_mem_leaks_cb(void (*cb)(unsigned long, const char *, int, int, void *)); - -void ERR_load_CRYPTO_strings(void); - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ - -/* Error codes for the CRYPTO functions. */ - -/* Function codes. */ -#define CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX 100 -#define CRYPTO_F_CRYPTO_GET_NEW_DYNLOCKID 103 -#define CRYPTO_F_CRYPTO_GET_NEW_LOCKID 101 -#define CRYPTO_F_CRYPTO_SET_EX_DATA 102 - -/* Reason codes. */ -#define CRYPTO_R_NO_DYNLOCK_CREATE_CALLBACK 100 - -#ifdef __cplusplus -} -#endif -#endif - diff --git a/src/lib/libcrypto/cversion.c b/src/lib/libcrypto/cversion.c deleted file mode 100644 index affdfca98f..0000000000 --- a/src/lib/libcrypto/cversion.c +++ /dev/null @@ -1,112 +0,0 @@ -/* crypto/cversion.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include "cryptlib.h" -#include - -#ifndef NO_WINDOWS_BRAINDEATH -#include "buildinf.h" -#endif - -const char *SSLeay_version(int t) - { - if (t == SSLEAY_VERSION) - return OPENSSL_VERSION_TEXT; - if (t == SSLEAY_BUILT_ON) - { -#ifdef DATE - static char buf[sizeof(DATE)+11]; - - sprintf(buf,"built on: %s",DATE); - return(buf); -#else - return("built on: date not available"); -#endif - } - if (t == SSLEAY_CFLAGS) - { -#ifdef CFLAGS - static char buf[sizeof(CFLAGS)+11]; - - sprintf(buf,"compiler: %s",CFLAGS); - return(buf); -#else - return("compiler: information not available"); -#endif - } - if (t == SSLEAY_PLATFORM) - { -#ifdef PLATFORM - static char buf[sizeof(PLATFORM)+11]; - - sprintf(buf,"platform: %s", PLATFORM); - return(buf); -#else - return("platform: information not available"); -#endif - } - return("not available"); - } - -unsigned long SSLeay(void) - { - return(SSLEAY_VERSION_NUMBER); - } - diff --git a/src/lib/libcrypto/des/COPYRIGHT b/src/lib/libcrypto/des/COPYRIGHT deleted file mode 100644 index 5469e1e469..0000000000 --- a/src/lib/libcrypto/des/COPYRIGHT +++ /dev/null @@ -1,50 +0,0 @@ -Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) -All rights reserved. - -This package is an DES implementation written by Eric Young (eay@cryptsoft.com). -The implementation was written so as to conform with MIT's libdes. - -This library is free for commercial and non-commercial use as long as -the following conditions are aheared to. The following conditions -apply to all code found in this distribution. - -Copyright remains Eric Young's, and as such any Copyright notices in -the code are not to be removed. -If this package is used in a product, Eric Young should be given attribution -as the author of that the SSL library. This can be in the form of a textual -message at program startup or in documentation (online or textual) provided -with the package. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions -are met: -1. Redistributions of source code must retain the copyright - notice, this list of conditions and the following disclaimer. -2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. -3. All advertising materials mentioning features or use of this software - must display the following acknowledgement: - This product includes software developed by Eric Young (eay@cryptsoft.com) - -THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND -ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE -FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -SUCH DAMAGE. - -The license and distribution terms for any publically available version or -derivative of this code cannot be changed. i.e. this code cannot simply be -copied and put under another distrubution license -[including the GNU Public License.] - -The reason behind this being stated in this direct manner is past -experience in code simply being copied and the attribution removed -from it and then being distributed as part of other packages. This -implementation was a non-trivial and unpaid effort. diff --git a/src/lib/libcrypto/des/asm/crypt586.pl b/src/lib/libcrypto/des/asm/crypt586.pl deleted file mode 100644 index 197c413ea6..0000000000 --- a/src/lib/libcrypto/des/asm/crypt586.pl +++ /dev/null @@ -1,204 +0,0 @@ -#!/usr/local/bin/perl -# -# The inner loop instruction sequence and the IP/FP modifications are from -# Svend Olaf Mikkelsen -# I've added the stuff needed for crypt() but I've not worried about making -# things perfect. -# - -push(@INC,"perlasm","../../perlasm"); -require "x86asm.pl"; - -&asm_init($ARGV[0],"crypt586.pl"); - -$L="edi"; -$R="esi"; - -&external_label("des_SPtrans"); -&fcrypt_body("fcrypt_body"); -&asm_finish(); - -sub fcrypt_body - { - local($name,$do_ip)=@_; - - &function_begin($name,"EXTRN _des_SPtrans:DWORD"); - - &comment(""); - &comment("Load the 2 words"); - $ks="ebp"; - - &xor( $L, $L); - &xor( $R, $R); - &mov($ks,&wparam(1)); - - &push(&DWC(25)); # add a variable - - &set_label("start"); - for ($i=0; $i<16; $i+=2) - { - &comment(""); - &comment("Round $i"); - &D_ENCRYPT($i,$L,$R,$i*2,$ks,"des_SPtrans","eax","ebx","ecx","edx"); - - &comment(""); - &comment("Round ".sprintf("%d",$i+1)); - &D_ENCRYPT($i+1,$R,$L,($i+1)*2,$ks,"des_SPtrans","eax","ebx","ecx","edx"); - } - &mov("ebx", &swtmp(0)); - &mov("eax", $L); - &dec("ebx"); - &mov($L, $R); - &mov($R, "eax"); - &mov(&swtmp(0), "ebx"); - &jnz(&label("start")); - - &comment(""); - &comment("FP"); - &mov("edx",&wparam(0)); - - &FP_new($R,$L,"eax",3); - &mov(&DWP(0,"edx","",0),"eax"); - &mov(&DWP(4,"edx","",0),$L); - - &pop("ecx"); # remove variable - - &function_end($name); - } - -sub D_ENCRYPT - { - local($r,$L,$R,$S,$ks,$desSP,$u,$tmp1,$tmp2,$t)=@_; - - &mov( $u, &wparam(2)); # 2 - &mov( $t, $R); - &shr( $t, 16); # 1 - &mov( $tmp2, &wparam(3)); # 2 - &xor( $t, $R); # 1 - - &and( $u, $t); # 2 - &and( $t, $tmp2); # 2 - - &mov( $tmp1, $u); - &shl( $tmp1, 16); # 1 - &mov( $tmp2, $t); - &shl( $tmp2, 16); # 1 - &xor( $u, $tmp1); # 2 - &xor( $t, $tmp2); # 2 - &mov( $tmp1, &DWP(&n2a($S*4),$ks,"",0)); # 2 - &xor( $u, $tmp1); - &mov( $tmp2, &DWP(&n2a(($S+1)*4),$ks,"",0)); # 2 - &xor( $u, $R); - &xor( $t, $R); - &xor( $t, $tmp2); - - &and( $u, "0xfcfcfcfc" ); # 2 - &xor( $tmp1, $tmp1); # 1 - &and( $t, "0xcfcfcfcf" ); # 2 - &xor( $tmp2, $tmp2); - &movb( &LB($tmp1), &LB($u) ); - &movb( &LB($tmp2), &HB($u) ); - &rotr( $t, 4 ); - &mov( $ks, &DWP(" $desSP",$tmp1,"",0)); - &movb( &LB($tmp1), &LB($t) ); - &xor( $L, $ks); - &mov( $ks, &DWP("0x200+$desSP",$tmp2,"",0)); - &xor( $L, $ks); - &movb( &LB($tmp2), &HB($t) ); - &shr( $u, 16); - &mov( $ks, &DWP("0x100+$desSP",$tmp1,"",0)); - &xor( $L, $ks); - &movb( &LB($tmp1), &HB($u) ); - &shr( $t, 16); - &mov( $ks, &DWP("0x300+$desSP",$tmp2,"",0)); - &xor( $L, $ks); - &mov( $ks, &wparam(1)); - &movb( &LB($tmp2), &HB($t) ); - &and( $u, "0xff" ); - &and( $t, "0xff" ); - &mov( $tmp1, &DWP("0x600+$desSP",$tmp1,"",0)); - &xor( $L, $tmp1); - &mov( $tmp1, &DWP("0x700+$desSP",$tmp2,"",0)); - &xor( $L, $tmp1); - &mov( $tmp1, &DWP("0x400+$desSP",$u,"",0)); - &xor( $L, $tmp1); - &mov( $tmp1, &DWP("0x500+$desSP",$t,"",0)); - &xor( $L, $tmp1); - } - -sub n2a - { - sprintf("%d",$_[0]); - } - -# now has a side affect of rotating $a by $shift -sub R_PERM_OP - { - local($a,$b,$tt,$shift,$mask,$last)=@_; - - &rotl( $a, $shift ) if ($shift != 0); - &mov( $tt, $a ); - &xor( $a, $b ); - &and( $a, $mask ); - if ($notlast eq $b) - { - &xor( $b, $a ); - &xor( $tt, $a ); - } - else - { - &xor( $tt, $a ); - &xor( $b, $a ); - } - &comment(""); - } - -sub IP_new - { - local($l,$r,$tt,$lr)=@_; - - &R_PERM_OP($l,$r,$tt, 4,"0xf0f0f0f0",$l); - &R_PERM_OP($r,$tt,$l,20,"0xfff0000f",$l); - &R_PERM_OP($l,$tt,$r,14,"0x33333333",$r); - &R_PERM_OP($tt,$r,$l,22,"0x03fc03fc",$r); - &R_PERM_OP($l,$r,$tt, 9,"0xaaaaaaaa",$r); - - if ($lr != 3) - { - if (($lr-3) < 0) - { &rotr($tt, 3-$lr); } - else { &rotl($tt, $lr-3); } - } - if ($lr != 2) - { - if (($lr-2) < 0) - { &rotr($r, 2-$lr); } - else { &rotl($r, $lr-2); } - } - } - -sub FP_new - { - local($l,$r,$tt,$lr)=@_; - - if ($lr != 2) - { - if (($lr-2) < 0) - { &rotl($r, 2-$lr); } - else { &rotr($r, $lr-2); } - } - if ($lr != 3) - { - if (($lr-3) < 0) - { &rotl($l, 3-$lr); } - else { &rotr($l, $lr-3); } - } - - &R_PERM_OP($l,$r,$tt, 0,"0xaaaaaaaa",$r); - &R_PERM_OP($tt,$r,$l,23,"0x03fc03fc",$r); - &R_PERM_OP($l,$r,$tt,10,"0x33333333",$l); - &R_PERM_OP($r,$tt,$l,18,"0xfff0000f",$l); - &R_PERM_OP($l,$tt,$r,12,"0xf0f0f0f0",$r); - &rotr($tt , 4); - } - diff --git a/src/lib/libcrypto/des/asm/des-586.pl b/src/lib/libcrypto/des/asm/des-586.pl deleted file mode 100644 index f054071077..0000000000 --- a/src/lib/libcrypto/des/asm/des-586.pl +++ /dev/null @@ -1,253 +0,0 @@ -#!/usr/local/bin/perl -# -# The inner loop instruction sequence and the IP/FP modifications are from -# Svend Olaf Mikkelsen -# - -push(@INC,"perlasm","../../perlasm"); -require "x86asm.pl"; -require "cbc.pl"; -require "desboth.pl"; - -# base code is in microsft -# op dest, source -# format. -# - -&asm_init($ARGV[0],"des-586.pl"); - -$L="edi"; -$R="esi"; - -&external_label("des_SPtrans"); -&des_encrypt("des_encrypt",1); -&des_encrypt("des_encrypt2",0); -&des_encrypt3("des_encrypt3",1); -&des_encrypt3("des_decrypt3",0); -&cbc("des_ncbc_encrypt","des_encrypt","des_encrypt",0,4,5,3,5,-1); -&cbc("des_ede3_cbc_encrypt","des_encrypt3","des_decrypt3",0,6,7,3,4,5); - -&asm_finish(); - -sub des_encrypt - { - local($name,$do_ip)=@_; - - &function_begin_B($name,"EXTRN _des_SPtrans:DWORD"); - - &push("esi"); - &push("edi"); - - &comment(""); - &comment("Load the 2 words"); - $ks="ebp"; - - if ($do_ip) - { - &mov($R,&wparam(0)); - &xor( "ecx", "ecx" ); - - &push("ebx"); - &push("ebp"); - - &mov("eax",&DWP(0,$R,"",0)); - &mov("ebx",&wparam(2)); # get encrypt flag - &mov($L,&DWP(4,$R,"",0)); - &comment(""); - &comment("IP"); - &IP_new("eax",$L,$R,3); - } - else - { - &mov("eax",&wparam(0)); - &xor( "ecx", "ecx" ); - - &push("ebx"); - &push("ebp"); - - &mov($R,&DWP(0,"eax","",0)); - &mov("ebx",&wparam(2)); # get encrypt flag - &rotl($R,3); - &mov($L,&DWP(4,"eax","",0)); - &rotl($L,3); - } - - &mov( $ks, &wparam(1) ); - &cmp("ebx","0"); - &je(&label("start_decrypt")); - - for ($i=0; $i<16; $i+=2) - { - &comment(""); - &comment("Round $i"); - &D_ENCRYPT($i,$L,$R,$i*2,$ks,"des_SPtrans","eax","ebx","ecx","edx"); - - &comment(""); - &comment("Round ".sprintf("%d",$i+1)); - &D_ENCRYPT($i+1,$R,$L,($i+1)*2,$ks,"des_SPtrans","eax","ebx","ecx","edx"); - } - &jmp(&label("end")); - - &set_label("start_decrypt"); - - for ($i=15; $i>0; $i-=2) - { - &comment(""); - &comment("Round $i"); - &D_ENCRYPT(15-$i,$L,$R,$i*2,$ks,"des_SPtrans","eax","ebx","ecx","edx"); - &comment(""); - &comment("Round ".sprintf("%d",$i-1)); - &D_ENCRYPT(15-$i+1,$R,$L,($i-1)*2,$ks,"des_SPtrans","eax","ebx","ecx","edx"); - } - - &set_label("end"); - - if ($do_ip) - { - &comment(""); - &comment("FP"); - &mov("edx",&wparam(0)); - &FP_new($L,$R,"eax",3); - - &mov(&DWP(0,"edx","",0),"eax"); - &mov(&DWP(4,"edx","",0),$R); - } - else - { - &comment(""); - &comment("Fixup"); - &rotr($L,3); # r - &mov("eax",&wparam(0)); - &rotr($R,3); # l - &mov(&DWP(0,"eax","",0),$L); - &mov(&DWP(4,"eax","",0),$R); - } - - &pop("ebp"); - &pop("ebx"); - &pop("edi"); - &pop("esi"); - &ret(); - - &function_end_B($name); - } - -sub D_ENCRYPT - { - local($r,$L,$R,$S,$ks,$desSP,$u,$tmp1,$tmp2,$t)=@_; - - &mov( $u, &DWP(&n2a($S*4),$ks,"",0)); - &xor( $tmp1, $tmp1); - &mov( $t, &DWP(&n2a(($S+1)*4),$ks,"",0)); - &xor( $u, $R); - &xor( $t, $R); - &and( $u, "0xfcfcfcfc" ); - &and( $t, "0xcfcfcfcf" ); - &movb( &LB($tmp1), &LB($u) ); - &movb( &LB($tmp2), &HB($u) ); - &rotr( $t, 4 ); - &mov( $ks, &DWP(" $desSP",$tmp1,"",0)); - &movb( &LB($tmp1), &LB($t) ); - &xor( $L, $ks); - &mov( $ks, &DWP("0x200+$desSP",$tmp2,"",0)); - &xor( $L, $ks); ###### - &movb( &LB($tmp2), &HB($t) ); - &shr( $u, 16); - &mov( $ks, &DWP("0x100+$desSP",$tmp1,"",0)); - &xor( $L, $ks); ###### - &movb( &LB($tmp1), &HB($u) ); - &shr( $t, 16); - &mov( $ks, &DWP("0x300+$desSP",$tmp2,"",0)); - &xor( $L, $ks); - &mov( $ks, &wparam(1) ); - &movb( &LB($tmp2), &HB($t) ); - &and( $u, "0xff" ); - &and( $t, "0xff" ); - &mov( $tmp1, &DWP("0x600+$desSP",$tmp1,"",0)); - &xor( $L, $tmp1); - &mov( $tmp1, &DWP("0x700+$desSP",$tmp2,"",0)); - &xor( $L, $tmp1); - &mov( $tmp1, &DWP("0x400+$desSP",$u,"",0)); - &xor( $L, $tmp1); - &mov( $tmp1, &DWP("0x500+$desSP",$t,"",0)); - &xor( $L, $tmp1); - } - -sub n2a - { - sprintf("%d",$_[0]); - } - -# now has a side affect of rotating $a by $shift -sub R_PERM_OP - { - local($a,$b,$tt,$shift,$mask,$last)=@_; - - &rotl( $a, $shift ) if ($shift != 0); - &mov( $tt, $a ); - &xor( $a, $b ); - &and( $a, $mask ); - # This can never succeed, and besides it is difficult to see what the - # idea was - Ben 13 Feb 99 - if (!$last eq $b) - { - &xor( $b, $a ); - &xor( $tt, $a ); - } - else - { - &xor( $tt, $a ); - &xor( $b, $a ); - } - &comment(""); - } - -sub IP_new - { - local($l,$r,$tt,$lr)=@_; - - &R_PERM_OP($l,$r,$tt, 4,"0xf0f0f0f0",$l); - &R_PERM_OP($r,$tt,$l,20,"0xfff0000f",$l); - &R_PERM_OP($l,$tt,$r,14,"0x33333333",$r); - &R_PERM_OP($tt,$r,$l,22,"0x03fc03fc",$r); - &R_PERM_OP($l,$r,$tt, 9,"0xaaaaaaaa",$r); - - if ($lr != 3) - { - if (($lr-3) < 0) - { &rotr($tt, 3-$lr); } - else { &rotl($tt, $lr-3); } - } - if ($lr != 2) - { - if (($lr-2) < 0) - { &rotr($r, 2-$lr); } - else { &rotl($r, $lr-2); } - } - } - -sub FP_new - { - local($l,$r,$tt,$lr)=@_; - - if ($lr != 2) - { - if (($lr-2) < 0) - { &rotl($r, 2-$lr); } - else { &rotr($r, $lr-2); } - } - if ($lr != 3) - { - if (($lr-3) < 0) - { &rotl($l, 3-$lr); } - else { &rotr($l, $lr-3); } - } - - &R_PERM_OP($l,$r,$tt, 0,"0xaaaaaaaa",$r); - &R_PERM_OP($tt,$r,$l,23,"0x03fc03fc",$r); - &R_PERM_OP($l,$r,$tt,10,"0x33333333",$l); - &R_PERM_OP($r,$tt,$l,18,"0xfff0000f",$l); - &R_PERM_OP($l,$tt,$r,12,"0xf0f0f0f0",$r); - &rotr($tt , 4); - } - diff --git a/src/lib/libcrypto/des/asm/desboth.pl b/src/lib/libcrypto/des/asm/desboth.pl deleted file mode 100644 index d5106414db..0000000000 --- a/src/lib/libcrypto/des/asm/desboth.pl +++ /dev/null @@ -1,79 +0,0 @@ -#!/usr/local/bin/perl - -$L="edi"; -$R="esi"; - -sub des_encrypt3 - { - local($name,$enc)=@_; - - &function_begin_B($name,""); - &push("ebx"); - &mov("ebx",&wparam(0)); - - &push("ebp"); - &push("esi"); - - &push("edi"); - - &comment(""); - &comment("Load the data words"); - &mov($L,&DWP(0,"ebx","",0)); - &mov($R,&DWP(4,"ebx","",0)); - &stack_push(3); - - &comment(""); - &comment("IP"); - &IP_new($L,$R,"edx",0); - - # put them back - - if ($enc) - { - &mov(&DWP(4,"ebx","",0),$R); - &mov("eax",&wparam(1)); - &mov(&DWP(0,"ebx","",0),"edx"); - &mov("edi",&wparam(2)); - &mov("esi",&wparam(3)); - } - else - { - &mov(&DWP(4,"ebx","",0),$R); - &mov("esi",&wparam(1)); - &mov(&DWP(0,"ebx","",0),"edx"); - &mov("edi",&wparam(2)); - &mov("eax",&wparam(3)); - } - &mov(&swtmp(2), (DWC(($enc)?"1":"0"))); - &mov(&swtmp(1), "eax"); - &mov(&swtmp(0), "ebx"); - &call("des_encrypt2"); - &mov(&swtmp(2), (DWC(($enc)?"0":"1"))); - &mov(&swtmp(1), "edi"); - &mov(&swtmp(0), "ebx"); - &call("des_encrypt2"); - &mov(&swtmp(2), (DWC(($enc)?"1":"0"))); - &mov(&swtmp(1), "esi"); - &mov(&swtmp(0), "ebx"); - &call("des_encrypt2"); - - &stack_pop(3); - &mov($L,&DWP(0,"ebx","",0)); - &mov($R,&DWP(4,"ebx","",0)); - - &comment(""); - &comment("FP"); - &FP_new($L,$R,"eax",0); - - &mov(&DWP(0,"ebx","",0),"eax"); - &mov(&DWP(4,"ebx","",0),$R); - - &pop("edi"); - &pop("esi"); - &pop("ebp"); - &pop("ebx"); - &ret(); - &function_end_B($name); - } - - diff --git a/src/lib/libcrypto/des/cbc_cksm.c b/src/lib/libcrypto/des/cbc_cksm.c deleted file mode 100644 index 1e543cb2a1..0000000000 --- a/src/lib/libcrypto/des/cbc_cksm.c +++ /dev/null @@ -1,97 +0,0 @@ -/* crypto/des/cbc_cksm.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include "des_locl.h" - -DES_LONG des_cbc_cksum(const unsigned char *in, des_cblock *output, - long length, - des_key_schedule schedule, const_des_cblock *ivec) - { - register DES_LONG tout0,tout1,tin0,tin1; - register long l=length; - DES_LONG tin[2]; - unsigned char *out = &(*output)[0]; - const unsigned char *iv = &(*ivec)[0]; - - c2l(iv,tout0); - c2l(iv,tout1); - for (; l>0; l-=8) - { - if (l >= 8) - { - c2l(in,tin0); - c2l(in,tin1); - } - else - c2ln(in,tin0,tin1,l); - - tin0^=tout0; tin[0]=tin0; - tin1^=tout1; tin[1]=tin1; - des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT); - /* fix 15/10/91 eay - thanks to keithr@sco.COM */ - tout0=tin[0]; - tout1=tin[1]; - } - if (out != NULL) - { - l2c(tout0,out); - l2c(tout1,out); - } - tout0=tin0=tin1=tin[0]=tin[1]=0; - return(tout1); - } diff --git a/src/lib/libcrypto/des/cbc_enc.c b/src/lib/libcrypto/des/cbc_enc.c deleted file mode 100644 index 677903ae4e..0000000000 --- a/src/lib/libcrypto/des/cbc_enc.c +++ /dev/null @@ -1,61 +0,0 @@ -/* crypto/des/cbc_enc.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#define CBC_ENC_C__DONT_UPDATE_IV - -#include "ncbc_enc.c" /* des_cbc_encrypt */ diff --git a/src/lib/libcrypto/des/cfb64ede.c b/src/lib/libcrypto/des/cfb64ede.c deleted file mode 100644 index 5362a551bf..0000000000 --- a/src/lib/libcrypto/des/cfb64ede.c +++ /dev/null @@ -1,141 +0,0 @@ -/* crypto/des/cfb64ede.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include "des_locl.h" - -/* The input and output encrypted as though 64bit cfb mode is being - * used. The extra state information to record how much of the - * 64bit block we have used is contained in *num; - */ - -void des_ede3_cfb64_encrypt(const unsigned char *in, unsigned char *out, - long length, des_key_schedule ks1, des_key_schedule ks2, - des_key_schedule ks3, des_cblock *ivec, int *num, int enc) - { - register DES_LONG v0,v1; - register long l=length; - register int n= *num; - DES_LONG ti[2]; - unsigned char *iv,c,cc; - - iv=&(*ivec)[0]; - if (enc) - { - while (l--) - { - if (n == 0) - { - c2l(iv,v0); - c2l(iv,v1); - - ti[0]=v0; - ti[1]=v1; - des_encrypt3(ti,ks1,ks2,ks3); - v0=ti[0]; - v1=ti[1]; - - iv = &(*ivec)[0]; - l2c(v0,iv); - l2c(v1,iv); - iv = &(*ivec)[0]; - } - c= *(in++)^iv[n]; - *(out++)=c; - iv[n]=c; - n=(n+1)&0x07; - } - } - else - { - while (l--) - { - if (n == 0) - { - c2l(iv,v0); - c2l(iv,v1); - - ti[0]=v0; - ti[1]=v1; - des_encrypt3(ti,ks1,ks2,ks3); - v0=ti[0]; - v1=ti[1]; - - iv = &(*ivec)[0]; - l2c(v0,iv); - l2c(v1,iv); - iv = &(*ivec)[0]; - } - cc= *(in++); - c=iv[n]; - iv[n]=cc; - *(out++)=c^cc; - n=(n+1)&0x07; - } - } - v0=v1=ti[0]=ti[1]=c=cc=0; - *num=n; - } - -#ifdef undef /* MACRO */ -void des_ede2_cfb64_encrypt(unsigned char *in, unsigned char *out, long length, - des_key_schedule ks1, des_key_schedule ks2, des_cblock (*ivec), - int *num, int enc) - { - des_ede3_cfb64_encrypt(in,out,length,ks1,ks2,ks1,ivec,num,enc); - } -#endif diff --git a/src/lib/libcrypto/des/cfb64enc.c b/src/lib/libcrypto/des/cfb64enc.c deleted file mode 100644 index 389a232cb3..0000000000 --- a/src/lib/libcrypto/des/cfb64enc.c +++ /dev/null @@ -1,121 +0,0 @@ -/* crypto/des/cfb64enc.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include "des_locl.h" - -/* The input and output encrypted as though 64bit cfb mode is being - * used. The extra state information to record how much of the - * 64bit block we have used is contained in *num; - */ - -void des_cfb64_encrypt(const unsigned char *in, unsigned char *out, - long length, des_key_schedule schedule, des_cblock *ivec, - int *num, int enc) - { - register DES_LONG v0,v1; - register long l=length; - register int n= *num; - DES_LONG ti[2]; - unsigned char *iv,c,cc; - - iv = &(*ivec)[0]; - if (enc) - { - while (l--) - { - if (n == 0) - { - c2l(iv,v0); ti[0]=v0; - c2l(iv,v1); ti[1]=v1; - des_encrypt(ti,schedule,DES_ENCRYPT); - iv = &(*ivec)[0]; - v0=ti[0]; l2c(v0,iv); - v0=ti[1]; l2c(v0,iv); - iv = &(*ivec)[0]; - } - c= *(in++)^iv[n]; - *(out++)=c; - iv[n]=c; - n=(n+1)&0x07; - } - } - else - { - while (l--) - { - if (n == 0) - { - c2l(iv,v0); ti[0]=v0; - c2l(iv,v1); ti[1]=v1; - des_encrypt(ti,schedule,DES_ENCRYPT); - iv = &(*ivec)[0]; - v0=ti[0]; l2c(v0,iv); - v0=ti[1]; l2c(v0,iv); - iv = &(*ivec)[0]; - } - cc= *(in++); - c=iv[n]; - iv[n]=cc; - *(out++)=c^cc; - n=(n+1)&0x07; - } - } - v0=v1=ti[0]=ti[1]=c=cc=0; - *num=n; - } - diff --git a/src/lib/libcrypto/des/cfb_enc.c b/src/lib/libcrypto/des/cfb_enc.c deleted file mode 100644 index cca34dd7c5..0000000000 --- a/src/lib/libcrypto/des/cfb_enc.c +++ /dev/null @@ -1,165 +0,0 @@ -/* crypto/des/cfb_enc.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include "des_locl.h" - -/* The input and output are loaded in multiples of 8 bits. - * What this means is that if you hame numbits=12 and length=2 - * the first 12 bits will be retrieved from the first byte and half - * the second. The second 12 bits will come from the 3rd and half the 4th - * byte. - */ -void des_cfb_encrypt(const unsigned char *in, unsigned char *out, int numbits, - long length, des_key_schedule schedule, des_cblock *ivec, int enc) - { - register DES_LONG d0,d1,v0,v1,n=(numbits+7)/8; - register DES_LONG mask0,mask1; - register unsigned long l=length; - register int num=numbits; - DES_LONG ti[2]; - unsigned char *iv; - - if (num > 64) return; - if (num > 32) - { - mask0=0xffffffffL; - if (num == 64) - mask1=mask0; - else mask1=(1L<<(num-32))-1; - } - else - { - if (num == 32) - mask0=0xffffffffL; - else mask0=(1L<= n) - { - l-=n; - ti[0]=v0; - ti[1]=v1; - des_encrypt((DES_LONG *)ti,schedule,DES_ENCRYPT); - c2ln(in,d0,d1,n); - in+=n; - d0=(d0^ti[0])&mask0; - d1=(d1^ti[1])&mask1; - l2cn(d0,d1,out,n); - out+=n; - /* 30-08-94 - eay - changed because l>>32 and - * l<<32 are bad under gcc :-( */ - if (num == 32) - { v0=v1; v1=d0; } - else if (num == 64) - { v0=d0; v1=d1; } - else if (num > 32) /* && num != 64 */ - { - v0=((v1>>(num-32))|(d0<<(64-num)))&0xffffffffL; - v1=((d0>>(num-32))|(d1<<(64-num)))&0xffffffffL; - } - else /* num < 32 */ - { - v0=((v0>>num)|(v1<<(32-num)))&0xffffffffL; - v1=((v1>>num)|(d0<<(32-num)))&0xffffffffL; - } - } - } - else - { - while (l >= n) - { - l-=n; - ti[0]=v0; - ti[1]=v1; - des_encrypt((DES_LONG *)ti,schedule,DES_ENCRYPT); - c2ln(in,d0,d1,n); - in+=n; - /* 30-08-94 - eay - changed because l>>32 and - * l<<32 are bad under gcc :-( */ - if (num == 32) - { v0=v1; v1=d0; } - else if (num == 64) - { v0=d0; v1=d1; } - else if (num > 32) /* && num != 64 */ - { - v0=((v1>>(num-32))|(d0<<(64-num)))&0xffffffffL; - v1=((d0>>(num-32))|(d1<<(64-num)))&0xffffffffL; - } - else /* num < 32 */ - { - v0=((v0>>num)|(v1<<(32-num)))&0xffffffffL; - v1=((v1>>num)|(d0<<(32-num)))&0xffffffffL; - } - d0=(d0^ti[0])&mask0; - d1=(d1^ti[1])&mask1; - l2cn(d0,d1,out,n); - out+=n; - } - } - iv = &(*ivec)[0]; - l2c(v0,iv); - l2c(v1,iv); - v0=v1=d0=d1=ti[0]=ti[1]=0; - } - diff --git a/src/lib/libcrypto/des/des.h b/src/lib/libcrypto/des/des.h deleted file mode 100644 index 2db9748cb4..0000000000 --- a/src/lib/libcrypto/des/des.h +++ /dev/null @@ -1,266 +0,0 @@ -/* crypto/des/des.h */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_DES_H -#define HEADER_DES_H - -#ifdef NO_DES -#error DES is disabled. -#endif - -#ifdef _KERBEROS_DES_H -#error replaces . -#endif - -#include /* DES_LONG */ -#include /* OPENSSL_EXTERN */ - -#ifdef __cplusplus -extern "C" { -#endif - -typedef unsigned char des_cblock[8]; -typedef /* const */ unsigned char const_des_cblock[8]; -/* With "const", gcc 2.8.1 on Solaris thinks that des_cblock * - * and const_des_cblock * are incompatible pointer types. */ - -typedef struct des_ks_struct - { - union { - des_cblock cblock; - /* make sure things are correct size on machines with - * 8 byte longs */ - DES_LONG deslong[2]; - } ks; - int weak_key; - } des_key_schedule[16]; - -#define DES_KEY_SZ (sizeof(des_cblock)) -#define DES_SCHEDULE_SZ (sizeof(des_key_schedule)) - -#define DES_ENCRYPT 1 -#define DES_DECRYPT 0 - -#define DES_CBC_MODE 0 -#define DES_PCBC_MODE 1 - -#define des_ecb2_encrypt(i,o,k1,k2,e) \ - des_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e)) - -#define des_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \ - des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e)) - -#define des_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \ - des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e)) - -#define des_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \ - des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n)) - -OPENSSL_EXTERN int des_check_key; /* defaults to false */ -OPENSSL_EXTERN int des_rw_mode; /* defaults to DES_PCBC_MODE */ -OPENSSL_EXTERN int des_set_weak_key_flag; /* set the weak key flag */ - -const char *des_options(void); -void des_ecb3_encrypt(const_des_cblock *input, des_cblock *output, - des_key_schedule ks1,des_key_schedule ks2, - des_key_schedule ks3, int enc); -DES_LONG des_cbc_cksum(const unsigned char *input,des_cblock *output, - long length,des_key_schedule schedule, - const_des_cblock *ivec); -/* des_cbc_encrypt does not update the IV! Use des_ncbc_encrypt instead. */ -void des_cbc_encrypt(const unsigned char *input,unsigned char *output, - long length,des_key_schedule schedule,des_cblock *ivec, - int enc); -void des_ncbc_encrypt(const unsigned char *input,unsigned char *output, - long length,des_key_schedule schedule,des_cblock *ivec, - int enc); -void des_xcbc_encrypt(const unsigned char *input,unsigned char *output, - long length,des_key_schedule schedule,des_cblock *ivec, - const_des_cblock *inw,const_des_cblock *outw,int enc); -void des_cfb_encrypt(const unsigned char *in,unsigned char *out,int numbits, - long length,des_key_schedule schedule,des_cblock *ivec, - int enc); -void des_ecb_encrypt(const_des_cblock *input,des_cblock *output, - des_key_schedule ks,int enc); - -/* This is the DES encryption function that gets called by just about - every other DES routine in the library. You should not use this - function except to implement 'modes' of DES. I say this because the - functions that call this routine do the conversion from 'char *' to - long, and this needs to be done to make sure 'non-aligned' memory - access do not occur. The characters are loaded 'little endian'. - Data is a pointer to 2 unsigned long's and ks is the - des_key_schedule to use. enc, is non zero specifies encryption, - zero if decryption. */ -void des_encrypt(DES_LONG *data,des_key_schedule ks, int enc); - -/* This functions is the same as des_encrypt() except that the DES - initial permutation (IP) and final permutation (FP) have been left - out. As for des_encrypt(), you should not use this function. - It is used by the routines in the library that implement triple DES. - IP() des_encrypt2() des_encrypt2() des_encrypt2() FP() is the same - as des_encrypt() des_encrypt() des_encrypt() except faster :-). */ -void des_encrypt2(DES_LONG *data,des_key_schedule ks, int enc); - -void des_encrypt3(DES_LONG *data, des_key_schedule ks1, - des_key_schedule ks2, des_key_schedule ks3); -void des_decrypt3(DES_LONG *data, des_key_schedule ks1, - des_key_schedule ks2, des_key_schedule ks3); -void des_ede3_cbc_encrypt(const unsigned char *input,unsigned char *output, - long length, - des_key_schedule ks1,des_key_schedule ks2, - des_key_schedule ks3,des_cblock *ivec,int enc); -void des_ede3_cbcm_encrypt(const unsigned char *in,unsigned char *out, - long length, - des_key_schedule ks1,des_key_schedule ks2, - des_key_schedule ks3, - des_cblock *ivec1,des_cblock *ivec2, - int enc); -void des_ede3_cfb64_encrypt(const unsigned char *in,unsigned char *out, - long length,des_key_schedule ks1, - des_key_schedule ks2,des_key_schedule ks3, - des_cblock *ivec,int *num,int enc); -void des_ede3_ofb64_encrypt(const unsigned char *in,unsigned char *out, - long length,des_key_schedule ks1, - des_key_schedule ks2,des_key_schedule ks3, - des_cblock *ivec,int *num); - -void des_xwhite_in2out(const_des_cblock *des_key,const_des_cblock *in_white, - des_cblock *out_white); - -int des_enc_read(int fd,void *buf,int len,des_key_schedule sched, - des_cblock *iv); -int des_enc_write(int fd,const void *buf,int len,des_key_schedule sched, - des_cblock *iv); -char *des_fcrypt(const char *buf,const char *salt, char *ret); -char *des_crypt(const char *buf,const char *salt); -#if !defined(PERL5) && !defined(__FreeBSD__) && !defined(NeXT) -char *crypt(const char *buf,const char *salt); -#endif -void des_ofb_encrypt(const unsigned char *in,unsigned char *out,int numbits, - long length,des_key_schedule schedule,des_cblock *ivec); -void des_pcbc_encrypt(const unsigned char *input,unsigned char *output, - long length,des_key_schedule schedule,des_cblock *ivec, - int enc); -DES_LONG des_quad_cksum(const unsigned char *input,des_cblock output[], - long length,int out_count,des_cblock *seed); -void des_random_seed(des_cblock *key); -int des_random_key(des_cblock *ret); -int des_read_password(des_cblock *key,const char *prompt,int verify); -int des_read_2passwords(des_cblock *key1,des_cblock *key2, - const char *prompt,int verify); -int des_read_pw_string(char *buf,int length,const char *prompt,int verify); -void des_set_odd_parity(des_cblock *key); -int des_check_key_parity(const_des_cblock *key); -int des_is_weak_key(const_des_cblock *key); -/* des_set_key (= set_key = des_key_sched = key_sched) calls - * des_set_key_checked if global variable des_check_key is set, - * des_set_key_unchecked otherwise. */ -int des_set_key(const_des_cblock *key,des_key_schedule schedule); -int des_key_sched(const_des_cblock *key,des_key_schedule schedule); -int des_set_key_checked(const_des_cblock *key,des_key_schedule schedule); -void des_set_key_unchecked(const_des_cblock *key,des_key_schedule schedule); -void des_string_to_key(const char *str,des_cblock *key); -void des_string_to_2keys(const char *str,des_cblock *key1,des_cblock *key2); -void des_cfb64_encrypt(const unsigned char *in,unsigned char *out,long length, - des_key_schedule schedule,des_cblock *ivec,int *num, - int enc); -void des_ofb64_encrypt(const unsigned char *in,unsigned char *out,long length, - des_key_schedule schedule,des_cblock *ivec,int *num); -int des_read_pw(char *buf,char *buff,int size,const char *prompt,int verify); - -/* The following definitions provide compatibility with the MIT Kerberos - * library. The des_key_schedule structure is not binary compatible. */ - -#define _KERBEROS_DES_H - -#define KRBDES_ENCRYPT DES_ENCRYPT -#define KRBDES_DECRYPT DES_DECRYPT - -#ifdef KERBEROS -# define ENCRYPT DES_ENCRYPT -# define DECRYPT DES_DECRYPT -#endif - -#ifndef NCOMPAT -# define C_Block des_cblock -# define Key_schedule des_key_schedule -# define KEY_SZ DES_KEY_SZ -# define string_to_key des_string_to_key -# define read_pw_string des_read_pw_string -# define random_key des_random_key -# define pcbc_encrypt des_pcbc_encrypt -# define set_key des_set_key -# define key_sched des_key_sched -# define ecb_encrypt des_ecb_encrypt -# define cbc_encrypt des_cbc_encrypt -# define ncbc_encrypt des_ncbc_encrypt -# define xcbc_encrypt des_xcbc_encrypt -# define cbc_cksum des_cbc_cksum -# define quad_cksum des_quad_cksum -# define check_parity des_check_key_parity -#endif - -typedef des_key_schedule bit_64; -#define des_fixup_key_parity des_set_odd_parity - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/src/lib/libcrypto/des/des_enc.c b/src/lib/libcrypto/des/des_enc.c deleted file mode 100644 index 8311e10628..0000000000 --- a/src/lib/libcrypto/des/des_enc.c +++ /dev/null @@ -1,406 +0,0 @@ -/* crypto/des/des_enc.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include "des_locl.h" - -void des_encrypt(DES_LONG *data, des_key_schedule ks, int enc) - { - register DES_LONG l,r,t,u; -#ifdef DES_PTR - register const unsigned char *des_SP=(const unsigned char *)des_SPtrans; -#endif -#ifndef DES_UNROLL - register int i; -#endif - register DES_LONG *s; - - r=data[0]; - l=data[1]; - - IP(r,l); - /* Things have been modified so that the initial rotate is - * done outside the loop. This required the - * des_SPtrans values in sp.h to be rotated 1 bit to the right. - * One perl script later and things have a 5% speed up on a sparc2. - * Thanks to Richard Outerbridge <71755.204@CompuServe.COM> - * for pointing this out. */ - /* clear the top bits on machines with 8byte longs */ - /* shift left by 2 */ - r=ROTATE(r,29)&0xffffffffL; - l=ROTATE(l,29)&0xffffffffL; - - s=ks->ks.deslong; - /* I don't know if it is worth the effort of loop unrolling the - * inner loop */ - if (enc) - { -#ifdef DES_UNROLL - D_ENCRYPT(l,r, 0); /* 1 */ - D_ENCRYPT(r,l, 2); /* 2 */ - D_ENCRYPT(l,r, 4); /* 3 */ - D_ENCRYPT(r,l, 6); /* 4 */ - D_ENCRYPT(l,r, 8); /* 5 */ - D_ENCRYPT(r,l,10); /* 6 */ - D_ENCRYPT(l,r,12); /* 7 */ - D_ENCRYPT(r,l,14); /* 8 */ - D_ENCRYPT(l,r,16); /* 9 */ - D_ENCRYPT(r,l,18); /* 10 */ - D_ENCRYPT(l,r,20); /* 11 */ - D_ENCRYPT(r,l,22); /* 12 */ - D_ENCRYPT(l,r,24); /* 13 */ - D_ENCRYPT(r,l,26); /* 14 */ - D_ENCRYPT(l,r,28); /* 15 */ - D_ENCRYPT(r,l,30); /* 16 */ -#else - for (i=0; i<32; i+=8) - { - D_ENCRYPT(l,r,i+0); /* 1 */ - D_ENCRYPT(r,l,i+2); /* 2 */ - D_ENCRYPT(l,r,i+4); /* 3 */ - D_ENCRYPT(r,l,i+6); /* 4 */ - } -#endif - } - else - { -#ifdef DES_UNROLL - D_ENCRYPT(l,r,30); /* 16 */ - D_ENCRYPT(r,l,28); /* 15 */ - D_ENCRYPT(l,r,26); /* 14 */ - D_ENCRYPT(r,l,24); /* 13 */ - D_ENCRYPT(l,r,22); /* 12 */ - D_ENCRYPT(r,l,20); /* 11 */ - D_ENCRYPT(l,r,18); /* 10 */ - D_ENCRYPT(r,l,16); /* 9 */ - D_ENCRYPT(l,r,14); /* 8 */ - D_ENCRYPT(r,l,12); /* 7 */ - D_ENCRYPT(l,r,10); /* 6 */ - D_ENCRYPT(r,l, 8); /* 5 */ - D_ENCRYPT(l,r, 6); /* 4 */ - D_ENCRYPT(r,l, 4); /* 3 */ - D_ENCRYPT(l,r, 2); /* 2 */ - D_ENCRYPT(r,l, 0); /* 1 */ -#else - for (i=30; i>0; i-=8) - { - D_ENCRYPT(l,r,i-0); /* 16 */ - D_ENCRYPT(r,l,i-2); /* 15 */ - D_ENCRYPT(l,r,i-4); /* 14 */ - D_ENCRYPT(r,l,i-6); /* 13 */ - } -#endif - } - - /* rotate and clear the top bits on machines with 8byte longs */ - l=ROTATE(l,3)&0xffffffffL; - r=ROTATE(r,3)&0xffffffffL; - - FP(r,l); - data[0]=l; - data[1]=r; - l=r=t=u=0; - } - -void des_encrypt2(DES_LONG *data, des_key_schedule ks, int enc) - { - register DES_LONG l,r,t,u; -#ifdef DES_PTR - register const unsigned char *des_SP=(const unsigned char *)des_SPtrans; -#endif -#ifndef DES_UNROLL - register int i; -#endif - register DES_LONG *s; - - r=data[0]; - l=data[1]; - - /* Things have been modified so that the initial rotate is - * done outside the loop. This required the - * des_SPtrans values in sp.h to be rotated 1 bit to the right. - * One perl script later and things have a 5% speed up on a sparc2. - * Thanks to Richard Outerbridge <71755.204@CompuServe.COM> - * for pointing this out. */ - /* clear the top bits on machines with 8byte longs */ - r=ROTATE(r,29)&0xffffffffL; - l=ROTATE(l,29)&0xffffffffL; - - s=ks->ks.deslong; - /* I don't know if it is worth the effort of loop unrolling the - * inner loop */ - if (enc) - { -#ifdef DES_UNROLL - D_ENCRYPT(l,r, 0); /* 1 */ - D_ENCRYPT(r,l, 2); /* 2 */ - D_ENCRYPT(l,r, 4); /* 3 */ - D_ENCRYPT(r,l, 6); /* 4 */ - D_ENCRYPT(l,r, 8); /* 5 */ - D_ENCRYPT(r,l,10); /* 6 */ - D_ENCRYPT(l,r,12); /* 7 */ - D_ENCRYPT(r,l,14); /* 8 */ - D_ENCRYPT(l,r,16); /* 9 */ - D_ENCRYPT(r,l,18); /* 10 */ - D_ENCRYPT(l,r,20); /* 11 */ - D_ENCRYPT(r,l,22); /* 12 */ - D_ENCRYPT(l,r,24); /* 13 */ - D_ENCRYPT(r,l,26); /* 14 */ - D_ENCRYPT(l,r,28); /* 15 */ - D_ENCRYPT(r,l,30); /* 16 */ -#else - for (i=0; i<32; i+=8) - { - D_ENCRYPT(l,r,i+0); /* 1 */ - D_ENCRYPT(r,l,i+2); /* 2 */ - D_ENCRYPT(l,r,i+4); /* 3 */ - D_ENCRYPT(r,l,i+6); /* 4 */ - } -#endif - } - else - { -#ifdef DES_UNROLL - D_ENCRYPT(l,r,30); /* 16 */ - D_ENCRYPT(r,l,28); /* 15 */ - D_ENCRYPT(l,r,26); /* 14 */ - D_ENCRYPT(r,l,24); /* 13 */ - D_ENCRYPT(l,r,22); /* 12 */ - D_ENCRYPT(r,l,20); /* 11 */ - D_ENCRYPT(l,r,18); /* 10 */ - D_ENCRYPT(r,l,16); /* 9 */ - D_ENCRYPT(l,r,14); /* 8 */ - D_ENCRYPT(r,l,12); /* 7 */ - D_ENCRYPT(l,r,10); /* 6 */ - D_ENCRYPT(r,l, 8); /* 5 */ - D_ENCRYPT(l,r, 6); /* 4 */ - D_ENCRYPT(r,l, 4); /* 3 */ - D_ENCRYPT(l,r, 2); /* 2 */ - D_ENCRYPT(r,l, 0); /* 1 */ -#else - for (i=30; i>0; i-=8) - { - D_ENCRYPT(l,r,i-0); /* 16 */ - D_ENCRYPT(r,l,i-2); /* 15 */ - D_ENCRYPT(l,r,i-4); /* 14 */ - D_ENCRYPT(r,l,i-6); /* 13 */ - } -#endif - } - /* rotate and clear the top bits on machines with 8byte longs */ - data[0]=ROTATE(l,3)&0xffffffffL; - data[1]=ROTATE(r,3)&0xffffffffL; - l=r=t=u=0; - } - -void des_encrypt3(DES_LONG *data, des_key_schedule ks1, des_key_schedule ks2, - des_key_schedule ks3) - { - register DES_LONG l,r; - - l=data[0]; - r=data[1]; - IP(l,r); - data[0]=l; - data[1]=r; - des_encrypt2((DES_LONG *)data,ks1,DES_ENCRYPT); - des_encrypt2((DES_LONG *)data,ks2,DES_DECRYPT); - des_encrypt2((DES_LONG *)data,ks3,DES_ENCRYPT); - l=data[0]; - r=data[1]; - FP(r,l); - data[0]=l; - data[1]=r; - } - -void des_decrypt3(DES_LONG *data, des_key_schedule ks1, des_key_schedule ks2, - des_key_schedule ks3) - { - register DES_LONG l,r; - - l=data[0]; - r=data[1]; - IP(l,r); - data[0]=l; - data[1]=r; - des_encrypt2((DES_LONG *)data,ks3,DES_DECRYPT); - des_encrypt2((DES_LONG *)data,ks2,DES_ENCRYPT); - des_encrypt2((DES_LONG *)data,ks1,DES_DECRYPT); - l=data[0]; - r=data[1]; - FP(r,l); - data[0]=l; - data[1]=r; - } - -#ifndef DES_DEFAULT_OPTIONS - -#undef CBC_ENC_C__DONT_UPDATE_IV -#include "ncbc_enc.c" /* des_ncbc_encrypt */ - -void des_ede3_cbc_encrypt(const unsigned char *input, unsigned char *output, - long length, des_key_schedule ks1, des_key_schedule ks2, - des_key_schedule ks3, des_cblock *ivec, int enc) - { - register DES_LONG tin0,tin1; - register DES_LONG tout0,tout1,xor0,xor1; - register const unsigned char *in; - unsigned char *out; - register long l=length; - DES_LONG tin[2]; - unsigned char *iv; - - in=input; - out=output; - iv = &(*ivec)[0]; - - if (enc) - { - c2l(iv,tout0); - c2l(iv,tout1); - for (l-=8; l>=0; l-=8) - { - c2l(in,tin0); - c2l(in,tin1); - tin0^=tout0; - tin1^=tout1; - - tin[0]=tin0; - tin[1]=tin1; - des_encrypt3((DES_LONG *)tin,ks1,ks2,ks3); - tout0=tin[0]; - tout1=tin[1]; - - l2c(tout0,out); - l2c(tout1,out); - } - if (l != -8) - { - c2ln(in,tin0,tin1,l+8); - tin0^=tout0; - tin1^=tout1; - - tin[0]=tin0; - tin[1]=tin1; - des_encrypt3((DES_LONG *)tin,ks1,ks2,ks3); - tout0=tin[0]; - tout1=tin[1]; - - l2c(tout0,out); - l2c(tout1,out); - } - iv = &(*ivec)[0]; - l2c(tout0,iv); - l2c(tout1,iv); - } - else - { - register DES_LONG t0,t1; - - c2l(iv,xor0); - c2l(iv,xor1); - for (l-=8; l>=0; l-=8) - { - c2l(in,tin0); - c2l(in,tin1); - - t0=tin0; - t1=tin1; - - tin[0]=tin0; - tin[1]=tin1; - des_decrypt3((DES_LONG *)tin,ks1,ks2,ks3); - tout0=tin[0]; - tout1=tin[1]; - - tout0^=xor0; - tout1^=xor1; - l2c(tout0,out); - l2c(tout1,out); - xor0=t0; - xor1=t1; - } - if (l != -8) - { - c2l(in,tin0); - c2l(in,tin1); - - t0=tin0; - t1=tin1; - - tin[0]=tin0; - tin[1]=tin1; - des_decrypt3((DES_LONG *)tin,ks1,ks2,ks3); - tout0=tin[0]; - tout1=tin[1]; - - tout0^=xor0; - tout1^=xor1; - l2cn(tout0,tout1,out,l+8); - xor0=t0; - xor1=t1; - } - - iv = &(*ivec)[0]; - l2c(xor0,iv); - l2c(xor1,iv); - } - tin0=tin1=tout0=tout1=xor0=xor1=0; - tin[0]=tin[1]=0; - } - -#endif /* DES_DEFAULT_OPTIONS */ diff --git a/src/lib/libcrypto/des/des_locl.h b/src/lib/libcrypto/des/des_locl.h deleted file mode 100644 index 1ace8f5930..0000000000 --- a/src/lib/libcrypto/des/des_locl.h +++ /dev/null @@ -1,412 +0,0 @@ -/* crypto/des/des_locl.h */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_DES_LOCL_H -#define HEADER_DES_LOCL_H - -#if defined(WIN32) || defined(WIN16) -#ifndef MSDOS -#define MSDOS -#endif -#endif - -#include -#include - -#include - -#ifndef MSDOS -#if !defined(VMS) || defined(__DECC) -#ifdef OPENSSL_UNISTD -# include OPENSSL_UNISTD -#else -# include -#endif -#include -#endif -#endif -#include - -#ifdef MSDOS /* Visual C++ 2.1 (Windows NT/95) */ -#include -#include -#include -#include -#endif - -#if defined(__STDC__) || defined(VMS) || defined(M_XENIX) || defined(MSDOS) -#include -#endif - -#define ITERATIONS 16 -#define HALF_ITERATIONS 8 - -/* used in des_read and des_write */ -#define MAXWRITE (1024*16) -#define BSIZE (MAXWRITE+4) - -#define c2l(c,l) (l =((DES_LONG)(*((c)++))) , \ - l|=((DES_LONG)(*((c)++)))<< 8L, \ - l|=((DES_LONG)(*((c)++)))<<16L, \ - l|=((DES_LONG)(*((c)++)))<<24L) - -/* NOTE - c is not incremented as per c2l */ -#define c2ln(c,l1,l2,n) { \ - c+=n; \ - l1=l2=0; \ - switch (n) { \ - case 8: l2 =((DES_LONG)(*(--(c))))<<24L; \ - case 7: l2|=((DES_LONG)(*(--(c))))<<16L; \ - case 6: l2|=((DES_LONG)(*(--(c))))<< 8L; \ - case 5: l2|=((DES_LONG)(*(--(c)))); \ - case 4: l1 =((DES_LONG)(*(--(c))))<<24L; \ - case 3: l1|=((DES_LONG)(*(--(c))))<<16L; \ - case 2: l1|=((DES_LONG)(*(--(c))))<< 8L; \ - case 1: l1|=((DES_LONG)(*(--(c)))); \ - } \ - } - -#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \ - *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \ - *((c)++)=(unsigned char)(((l)>>16L)&0xff), \ - *((c)++)=(unsigned char)(((l)>>24L)&0xff)) - -/* replacements for htonl and ntohl since I have no idea what to do - * when faced with machines with 8 byte longs. */ -#define HDRSIZE 4 - -#define n2l(c,l) (l =((DES_LONG)(*((c)++)))<<24L, \ - l|=((DES_LONG)(*((c)++)))<<16L, \ - l|=((DES_LONG)(*((c)++)))<< 8L, \ - l|=((DES_LONG)(*((c)++)))) - -#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \ - *((c)++)=(unsigned char)(((l)>>16L)&0xff), \ - *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \ - *((c)++)=(unsigned char)(((l) )&0xff)) - -/* NOTE - c is not incremented as per l2c */ -#define l2cn(l1,l2,c,n) { \ - c+=n; \ - switch (n) { \ - case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \ - case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \ - case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \ - case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \ - case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \ - case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \ - case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \ - case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \ - } \ - } - -#if defined(WIN32) && defined(_MSC_VER) -#define ROTATE(a,n) (_lrotr(a,n)) -#else -#define ROTATE(a,n) (((a)>>(n))+((a)<<(32-(n)))) -#endif - -/* Don't worry about the LOAD_DATA() stuff, that is used by - * fcrypt() to add it's little bit to the front */ - -#ifdef DES_FCRYPT - -#define LOAD_DATA_tmp(R,S,u,t,E0,E1) \ - { DES_LONG tmp; LOAD_DATA(R,S,u,t,E0,E1,tmp); } - -#define LOAD_DATA(R,S,u,t,E0,E1,tmp) \ - t=R^(R>>16L); \ - u=t&E0; t&=E1; \ - tmp=(u<<16); u^=R^s[S ]; u^=tmp; \ - tmp=(t<<16); t^=R^s[S+1]; t^=tmp -#else -#define LOAD_DATA_tmp(a,b,c,d,e,f) LOAD_DATA(a,b,c,d,e,f,g) -#define LOAD_DATA(R,S,u,t,E0,E1,tmp) \ - u=R^s[S ]; \ - t=R^s[S+1] -#endif - -/* The changes to this macro may help or hinder, depending on the - * compiler and the architecture. gcc2 always seems to do well :-). - * Inspired by Dana How - * DO NOT use the alternative version on machines with 8 byte longs. - * It does not seem to work on the Alpha, even when DES_LONG is 4 - * bytes, probably an issue of accessing non-word aligned objects :-( */ -#ifdef DES_PTR - -/* It recently occurred to me that 0^0^0^0^0^0^0 == 0, so there - * is no reason to not xor all the sub items together. This potentially - * saves a register since things can be xored directly into L */ - -#if defined(DES_RISC1) || defined(DES_RISC2) -#ifdef DES_RISC1 -#define D_ENCRYPT(LL,R,S) { \ - unsigned int u1,u2,u3; \ - LOAD_DATA(R,S,u,t,E0,E1,u1); \ - u2=(int)u>>8L; \ - u1=(int)u&0xfc; \ - u2&=0xfc; \ - t=ROTATE(t,4); \ - u>>=16L; \ - LL^= *(const DES_LONG *)(des_SP +u1); \ - LL^= *(const DES_LONG *)(des_SP+0x200+u2); \ - u3=(int)(u>>8L); \ - u1=(int)u&0xfc; \ - u3&=0xfc; \ - LL^= *(const DES_LONG *)(des_SP+0x400+u1); \ - LL^= *(const DES_LONG *)(des_SP+0x600+u3); \ - u2=(int)t>>8L; \ - u1=(int)t&0xfc; \ - u2&=0xfc; \ - t>>=16L; \ - LL^= *(const DES_LONG *)(des_SP+0x100+u1); \ - LL^= *(const DES_LONG *)(des_SP+0x300+u2); \ - u3=(int)t>>8L; \ - u1=(int)t&0xfc; \ - u3&=0xfc; \ - LL^= *(const DES_LONG *)(des_SP+0x500+u1); \ - LL^= *(const DES_LONG *)(des_SP+0x700+u3); } -#endif -#ifdef DES_RISC2 -#define D_ENCRYPT(LL,R,S) { \ - unsigned int u1,u2,s1,s2; \ - LOAD_DATA(R,S,u,t,E0,E1,u1); \ - u2=(int)u>>8L; \ - u1=(int)u&0xfc; \ - u2&=0xfc; \ - t=ROTATE(t,4); \ - LL^= *(const DES_LONG *)(des_SP +u1); \ - LL^= *(const DES_LONG *)(des_SP+0x200+u2); \ - s1=(int)(u>>16L); \ - s2=(int)(u>>24L); \ - s1&=0xfc; \ - s2&=0xfc; \ - LL^= *(const DES_LONG *)(des_SP+0x400+s1); \ - LL^= *(const DES_LONG *)(des_SP+0x600+s2); \ - u2=(int)t>>8L; \ - u1=(int)t&0xfc; \ - u2&=0xfc; \ - LL^= *(const DES_LONG *)(des_SP+0x100+u1); \ - LL^= *(const DES_LONG *)(des_SP+0x300+u2); \ - s1=(int)(t>>16L); \ - s2=(int)(t>>24L); \ - s1&=0xfc; \ - s2&=0xfc; \ - LL^= *(const DES_LONG *)(des_SP+0x500+s1); \ - LL^= *(const DES_LONG *)(des_SP+0x700+s2); } -#endif -#else -#define D_ENCRYPT(LL,R,S) { \ - LOAD_DATA_tmp(R,S,u,t,E0,E1); \ - t=ROTATE(t,4); \ - LL^= \ - *(const DES_LONG *)(des_SP +((u )&0xfc))^ \ - *(const DES_LONG *)(des_SP+0x200+((u>> 8L)&0xfc))^ \ - *(const DES_LONG *)(des_SP+0x400+((u>>16L)&0xfc))^ \ - *(const DES_LONG *)(des_SP+0x600+((u>>24L)&0xfc))^ \ - *(const DES_LONG *)(des_SP+0x100+((t )&0xfc))^ \ - *(const DES_LONG *)(des_SP+0x300+((t>> 8L)&0xfc))^ \ - *(const DES_LONG *)(des_SP+0x500+((t>>16L)&0xfc))^ \ - *(const DES_LONG *)(des_SP+0x700+((t>>24L)&0xfc)); } -#endif - -#else /* original version */ - -#if defined(DES_RISC1) || defined(DES_RISC2) -#ifdef DES_RISC1 -#define D_ENCRYPT(LL,R,S) {\ - unsigned int u1,u2,u3; \ - LOAD_DATA(R,S,u,t,E0,E1,u1); \ - u>>=2L; \ - t=ROTATE(t,6); \ - u2=(int)u>>8L; \ - u1=(int)u&0x3f; \ - u2&=0x3f; \ - u>>=16L; \ - LL^=des_SPtrans[0][u1]; \ - LL^=des_SPtrans[2][u2]; \ - u3=(int)u>>8L; \ - u1=(int)u&0x3f; \ - u3&=0x3f; \ - LL^=des_SPtrans[4][u1]; \ - LL^=des_SPtrans[6][u3]; \ - u2=(int)t>>8L; \ - u1=(int)t&0x3f; \ - u2&=0x3f; \ - t>>=16L; \ - LL^=des_SPtrans[1][u1]; \ - LL^=des_SPtrans[3][u2]; \ - u3=(int)t>>8L; \ - u1=(int)t&0x3f; \ - u3&=0x3f; \ - LL^=des_SPtrans[5][u1]; \ - LL^=des_SPtrans[7][u3]; } -#endif -#ifdef DES_RISC2 -#define D_ENCRYPT(LL,R,S) {\ - unsigned int u1,u2,s1,s2; \ - LOAD_DATA(R,S,u,t,E0,E1,u1); \ - u>>=2L; \ - t=ROTATE(t,6); \ - u2=(int)u>>8L; \ - u1=(int)u&0x3f; \ - u2&=0x3f; \ - LL^=des_SPtrans[0][u1]; \ - LL^=des_SPtrans[2][u2]; \ - s1=(int)u>>16L; \ - s2=(int)u>>24L; \ - s1&=0x3f; \ - s2&=0x3f; \ - LL^=des_SPtrans[4][s1]; \ - LL^=des_SPtrans[6][s2]; \ - u2=(int)t>>8L; \ - u1=(int)t&0x3f; \ - u2&=0x3f; \ - LL^=des_SPtrans[1][u1]; \ - LL^=des_SPtrans[3][u2]; \ - s1=(int)t>>16; \ - s2=(int)t>>24L; \ - s1&=0x3f; \ - s2&=0x3f; \ - LL^=des_SPtrans[5][s1]; \ - LL^=des_SPtrans[7][s2]; } -#endif - -#else - -#define D_ENCRYPT(LL,R,S) {\ - LOAD_DATA_tmp(R,S,u,t,E0,E1); \ - t=ROTATE(t,4); \ - LL^=\ - des_SPtrans[0][(u>> 2L)&0x3f]^ \ - des_SPtrans[2][(u>>10L)&0x3f]^ \ - des_SPtrans[4][(u>>18L)&0x3f]^ \ - des_SPtrans[6][(u>>26L)&0x3f]^ \ - des_SPtrans[1][(t>> 2L)&0x3f]^ \ - des_SPtrans[3][(t>>10L)&0x3f]^ \ - des_SPtrans[5][(t>>18L)&0x3f]^ \ - des_SPtrans[7][(t>>26L)&0x3f]; } -#endif -#endif - - /* IP and FP - * The problem is more of a geometric problem that random bit fiddling. - 0 1 2 3 4 5 6 7 62 54 46 38 30 22 14 6 - 8 9 10 11 12 13 14 15 60 52 44 36 28 20 12 4 - 16 17 18 19 20 21 22 23 58 50 42 34 26 18 10 2 - 24 25 26 27 28 29 30 31 to 56 48 40 32 24 16 8 0 - - 32 33 34 35 36 37 38 39 63 55 47 39 31 23 15 7 - 40 41 42 43 44 45 46 47 61 53 45 37 29 21 13 5 - 48 49 50 51 52 53 54 55 59 51 43 35 27 19 11 3 - 56 57 58 59 60 61 62 63 57 49 41 33 25 17 9 1 - - The output has been subject to swaps of the form - 0 1 -> 3 1 but the odd and even bits have been put into - 2 3 2 0 - different words. The main trick is to remember that - t=((l>>size)^r)&(mask); - r^=t; - l^=(t<>(n))^(b))&(m)),\ - (b)^=(t),\ - (a)^=((t)<<(n))) - -#define IP(l,r) \ - { \ - register DES_LONG tt; \ - PERM_OP(r,l,tt, 4,0x0f0f0f0fL); \ - PERM_OP(l,r,tt,16,0x0000ffffL); \ - PERM_OP(r,l,tt, 2,0x33333333L); \ - PERM_OP(l,r,tt, 8,0x00ff00ffL); \ - PERM_OP(r,l,tt, 1,0x55555555L); \ - } - -#define FP(l,r) \ - { \ - register DES_LONG tt; \ - PERM_OP(l,r,tt, 1,0x55555555L); \ - PERM_OP(r,l,tt, 8,0x00ff00ffL); \ - PERM_OP(l,r,tt, 2,0x33333333L); \ - PERM_OP(r,l,tt,16,0x0000ffffL); \ - PERM_OP(l,r,tt, 4,0x0f0f0f0fL); \ - } - -OPENSSL_EXTERN const DES_LONG des_SPtrans[8][64]; - -void fcrypt_body(DES_LONG *out,des_key_schedule ks, - DES_LONG Eswap0, DES_LONG Eswap1); -#endif diff --git a/src/lib/libcrypto/des/ecb3_enc.c b/src/lib/libcrypto/des/ecb3_enc.c deleted file mode 100644 index fb28b97e1a..0000000000 --- a/src/lib/libcrypto/des/ecb3_enc.c +++ /dev/null @@ -1,82 +0,0 @@ -/* crypto/des/ecb3_enc.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include "des_locl.h" - -void des_ecb3_encrypt(const_des_cblock *input, des_cblock *output, - des_key_schedule ks1, des_key_schedule ks2, des_key_schedule ks3, - int enc) - { - register DES_LONG l0,l1; - DES_LONG ll[2]; - const unsigned char *in = &(*input)[0]; - unsigned char *out = &(*output)[0]; - - c2l(in,l0); - c2l(in,l1); - ll[0]=l0; - ll[1]=l1; - if (enc) - des_encrypt3(ll,ks1,ks2,ks3); - else - des_decrypt3(ll,ks1,ks2,ks3); - l0=ll[0]; - l1=ll[1]; - l2c(l0,out); - l2c(l1,out); - } diff --git a/src/lib/libcrypto/des/ecb_enc.c b/src/lib/libcrypto/des/ecb_enc.c deleted file mode 100644 index b261a8aad9..0000000000 --- a/src/lib/libcrypto/des/ecb_enc.c +++ /dev/null @@ -1,122 +0,0 @@ -/* crypto/des/ecb_enc.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include "des_locl.h" -#include "spr.h" -#include - -OPENSSL_GLOBAL const char *libdes_version="libdes" OPENSSL_VERSION_PTEXT; -OPENSSL_GLOBAL const char *DES_version="DES" OPENSSL_VERSION_PTEXT; - -const char *des_options(void) - { - static int init=1; - static char buf[32]; - - if (init) - { - const char *ptr,*unroll,*risc,*size; - -#ifdef DES_PTR - ptr="ptr"; -#else - ptr="idx"; -#endif -#if defined(DES_RISC1) || defined(DES_RISC2) -#ifdef DES_RISC1 - risc="risc1"; -#endif -#ifdef DES_RISC2 - risc="risc2"; -#endif -#else - risc="cisc"; -#endif -#ifdef DES_UNROLL - unroll="16"; -#else - unroll="4"; -#endif - if (sizeof(DES_LONG) != sizeof(long)) - size="int"; - else - size="long"; - sprintf(buf,"des(%s,%s,%s,%s)",ptr,risc,unroll,size); - init=0; - } - return(buf); - } - - -void des_ecb_encrypt(const_des_cblock *input, des_cblock *output, - des_key_schedule ks, - int enc) - { - register DES_LONG l; - DES_LONG ll[2]; - const unsigned char *in = &(*input)[0]; - unsigned char *out = &(*output)[0]; - - c2l(in,l); ll[0]=l; - c2l(in,l); ll[1]=l; - des_encrypt(ll,ks,enc); - l=ll[0]; l2c(l,out); - l=ll[1]; l2c(l,out); - l=ll[0]=ll[1]=0; - } - diff --git a/src/lib/libcrypto/des/ede_cbcm_enc.c b/src/lib/libcrypto/des/ede_cbcm_enc.c deleted file mode 100644 index c53062481d..0000000000 --- a/src/lib/libcrypto/des/ede_cbcm_enc.c +++ /dev/null @@ -1,197 +0,0 @@ -/* ede_cbcm_enc.c */ -/* Written by Ben Laurie for the OpenSSL - * project 13 Feb 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* - -This is an implementation of Triple DES Cipher Block Chaining with Output -Feedback Masking, by Coppersmith, Johnson and Matyas, (IBM and Certicom). - -Note that there is a known attack on this by Biham and Knudsen but it takes -a lot of work: - -http://www.cs.technion.ac.il/users/wwwb/cgi-bin/tr-get.cgi/1998/CS/CS0928.ps.gz - -*/ - -#ifndef NO_DESCBCM -#include "des_locl.h" - -void des_ede3_cbcm_encrypt(const unsigned char *in, unsigned char *out, - long length, des_key_schedule ks1, des_key_schedule ks2, - des_key_schedule ks3, des_cblock *ivec1, des_cblock *ivec2, - int enc) - { - register DES_LONG tin0,tin1; - register DES_LONG tout0,tout1,xor0,xor1,m0,m1; - register long l=length; - DES_LONG tin[2]; - unsigned char *iv1,*iv2; - - iv1 = &(*ivec1)[0]; - iv2 = &(*ivec2)[0]; - - if (enc) - { - c2l(iv1,m0); - c2l(iv1,m1); - c2l(iv2,tout0); - c2l(iv2,tout1); - for (l-=8; l>=-7; l-=8) - { - tin[0]=m0; - tin[1]=m1; - des_encrypt(tin,ks3,1); - m0=tin[0]; - m1=tin[1]; - - if(l < 0) - { - c2ln(in,tin0,tin1,l+8); - } - else - { - c2l(in,tin0); - c2l(in,tin1); - } - tin0^=tout0; - tin1^=tout1; - - tin[0]=tin0; - tin[1]=tin1; - des_encrypt(tin,ks1,1); - tin[0]^=m0; - tin[1]^=m1; - des_encrypt(tin,ks2,0); - tin[0]^=m0; - tin[1]^=m1; - des_encrypt(tin,ks1,1); - tout0=tin[0]; - tout1=tin[1]; - - l2c(tout0,out); - l2c(tout1,out); - } - iv1=&(*ivec1)[0]; - l2c(m0,iv1); - l2c(m1,iv1); - - iv2=&(*ivec2)[0]; - l2c(tout0,iv2); - l2c(tout1,iv2); - } - else - { - register DES_LONG t0,t1; - - c2l(iv1,m0); - c2l(iv1,m1); - c2l(iv2,xor0); - c2l(iv2,xor1); - for (l-=8; l>=-7; l-=8) - { - tin[0]=m0; - tin[1]=m1; - des_encrypt(tin,ks3,1); - m0=tin[0]; - m1=tin[1]; - - c2l(in,tin0); - c2l(in,tin1); - - t0=tin0; - t1=tin1; - - tin[0]=tin0; - tin[1]=tin1; - des_encrypt(tin,ks1,0); - tin[0]^=m0; - tin[1]^=m1; - des_encrypt(tin,ks2,1); - tin[0]^=m0; - tin[1]^=m1; - des_encrypt(tin,ks1,0); - tout0=tin[0]; - tout1=tin[1]; - - tout0^=xor0; - tout1^=xor1; - if(l < 0) - { - l2cn(tout0,tout1,out,l+8); - } - else - { - l2c(tout0,out); - l2c(tout1,out); - } - xor0=t0; - xor1=t1; - } - - iv1=&(*ivec1)[0]; - l2c(m0,iv1); - l2c(m1,iv1); - - iv2=&(*ivec2)[0]; - l2c(xor0,iv2); - l2c(xor1,iv2); - } - tin0=tin1=tout0=tout1=xor0=xor1=0; - tin[0]=tin[1]=0; - } -#endif diff --git a/src/lib/libcrypto/des/enc_read.c b/src/lib/libcrypto/des/enc_read.c deleted file mode 100644 index af2d9177d2..0000000000 --- a/src/lib/libcrypto/des/enc_read.c +++ /dev/null @@ -1,228 +0,0 @@ -/* crypto/des/enc_read.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include "cryptlib.h" -#include "des_locl.h" - -/* This has some uglies in it but it works - even over sockets. */ -/*extern int errno;*/ -OPENSSL_GLOBAL int des_rw_mode=DES_PCBC_MODE; - - -/* - * WARNINGS: - * - * - The data format used by des_enc_write() and des_enc_read() - * has a cryptographic weakness: When asked to write more - * than MAXWRITE bytes, des_enc_write will split the data - * into several chunks that are all encrypted - * using the same IV. So don't use these functions unless you - * are sure you know what you do (in which case you might - * not want to use them anyway). - * - * - This code cannot handle non-blocking sockets. - * - * - This function uses an internal state and thus cannot be - * used on multiple files. - */ - - -int des_enc_read(int fd, void *buf, int len, des_key_schedule sched, - des_cblock *iv) - { - /* data to be unencrypted */ - int net_num=0; - static unsigned char *net=NULL; - /* extra unencrypted data - * for when a block of 100 comes in but is des_read one byte at - * a time. */ - static unsigned char *unnet=NULL; - static int unnet_start=0; - static int unnet_left=0; - static unsigned char *tmpbuf=NULL; - int i; - long num=0,rnum; - unsigned char *p; - - if (tmpbuf == NULL) - { - tmpbuf=OPENSSL_malloc(BSIZE); - if (tmpbuf == NULL) return(-1); - } - if (net == NULL) - { - net=OPENSSL_malloc(BSIZE); - if (net == NULL) return(-1); - } - if (unnet == NULL) - { - unnet=OPENSSL_malloc(BSIZE); - if (unnet == NULL) return(-1); - } - /* left over data from last decrypt */ - if (unnet_left != 0) - { - if (unnet_left < len) - { - /* we still still need more data but will return - * with the number of bytes we have - should always - * check the return value */ - memcpy(buf,&(unnet[unnet_start]), - unnet_left); - /* eay 26/08/92 I had the next 2 lines - * reversed :-( */ - i=unnet_left; - unnet_start=unnet_left=0; - } - else - { - memcpy(buf,&(unnet[unnet_start]),len); - unnet_start+=len; - unnet_left-=len; - i=len; - } - return(i); - } - - /* We need to get more data. */ - if (len > MAXWRITE) len=MAXWRITE; - - /* first - get the length */ - while (net_num < HDRSIZE) - { - i=read(fd,(void *)&(net[net_num]),HDRSIZE-net_num); -#ifdef EINTR - if ((i == -1) && (errno == EINTR)) continue; -#endif - if (i <= 0) return(0); - net_num+=i; - } - - /* we now have at net_num bytes in net */ - p=net; - /* num=0; */ - n2l(p,num); - /* num should be rounded up to the next group of eight - * we make sure that we have read a multiple of 8 bytes from the net. - */ - if ((num > MAXWRITE) || (num < 0)) /* error */ - return(-1); - rnum=(num < 8)?8:((num+7)/8*8); - - net_num=0; - while (net_num < rnum) - { - i=read(fd,(void *)&(net[net_num]),rnum-net_num); -#ifdef EINTR - if ((i == -1) && (errno == EINTR)) continue; -#endif - if (i <= 0) return(0); - net_num+=i; - } - - /* Check if there will be data left over. */ - if (len < num) - { - if (des_rw_mode & DES_PCBC_MODE) - des_pcbc_encrypt(net,unnet,num,sched,iv,DES_DECRYPT); - else - des_cbc_encrypt(net,unnet,num,sched,iv,DES_DECRYPT); - memcpy(buf,unnet,len); - unnet_start=len; - unnet_left=num-len; - - /* The following line is done because we return num - * as the number of bytes read. */ - num=len; - } - else - { - /* >output is a multiple of 8 byes, if len < rnum - * >we must be careful. The user must be aware that this - * >routine will write more bytes than he asked for. - * >The length of the buffer must be correct. - * FIXED - Should be ok now 18-9-90 - eay */ - if (len < rnum) - { - - if (des_rw_mode & DES_PCBC_MODE) - des_pcbc_encrypt(net,tmpbuf,num,sched,iv, - DES_DECRYPT); - else - des_cbc_encrypt(net,tmpbuf,num,sched,iv, - DES_DECRYPT); - - /* eay 26/08/92 fix a bug that returned more - * bytes than you asked for (returned len bytes :-( */ - memcpy(buf,tmpbuf,num); - } - else - { - if (des_rw_mode & DES_PCBC_MODE) - des_pcbc_encrypt(net,buf,num,sched,iv, - DES_DECRYPT); - else - des_cbc_encrypt(net,buf,num,sched,iv, - DES_DECRYPT); - } - } - return num; - } - diff --git a/src/lib/libcrypto/des/enc_writ.c b/src/lib/libcrypto/des/enc_writ.c deleted file mode 100644 index cc2b50fb50..0000000000 --- a/src/lib/libcrypto/des/enc_writ.c +++ /dev/null @@ -1,171 +0,0 @@ -/* crypto/des/enc_writ.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include "cryptlib.h" -#include "des_locl.h" -#include - -/* - * WARNINGS: - * - * - The data format used by des_enc_write() and des_enc_read() - * has a cryptographic weakness: When asked to write more - * than MAXWRITE bytes, des_enc_write will split the data - * into several chunks that are all encrypted - * using the same IV. So don't use these functions unless you - * are sure you know what you do (in which case you might - * not want to use them anyway). - * - * - This code cannot handle non-blocking sockets. - */ - -int des_enc_write(int fd, const void *_buf, int len, - des_key_schedule sched, des_cblock *iv) - { -#ifdef _LIBC - extern unsigned long time(); - extern int write(); -#endif - const unsigned char *buf=_buf; - long rnum; - int i,j,k,outnum; - static unsigned char *outbuf=NULL; - unsigned char shortbuf[8]; - unsigned char *p; - const unsigned char *cp; - static int start=1; - - if (outbuf == NULL) - { - outbuf=OPENSSL_malloc(BSIZE+HDRSIZE); - if (outbuf == NULL) return(-1); - } - /* If we are sending less than 8 bytes, the same char will look - * the same if we don't pad it out with random bytes */ - if (start) - { - start=0; - } - - /* lets recurse if we want to send the data in small chunks */ - if (len > MAXWRITE) - { - j=0; - for (i=0; i MAXWRITE)?MAXWRITE:(len-i),sched,iv); - if (k < 0) - return(k); - else - j+=k; - } - return(j); - } - - /* write length first */ - p=outbuf; - l2n(len,p); - - /* pad short strings */ - if (len < 8) - { - cp=shortbuf; - memcpy(shortbuf,buf,len); - RAND_pseudo_bytes(shortbuf+len, 8-len); - rnum=8; - } - else - { - cp=buf; - rnum=((len+7)/8*8); /* round up to nearest eight */ - } - - if (des_rw_mode & DES_PCBC_MODE) - des_pcbc_encrypt(cp,&(outbuf[HDRSIZE]),(len<8)?8:len,sched,iv, - DES_ENCRYPT); - else - des_cbc_encrypt(cp,&(outbuf[HDRSIZE]),(len<8)?8:len,sched,iv, - DES_ENCRYPT); - - /* output */ - outnum=rnum+HDRSIZE; - - for (j=0; j - -/* This version of crypt has been developed from my MIT compatible - * DES library. - * Eric Young (eay@cryptsoft.com) - */ - -/* Modification by Jens Kupferschmidt (Cu) - * I have included directive PARA for shared memory computers. - * I have included a directive LONGCRYPT to using this routine to cipher - * passwords with more then 8 bytes like HP-UX 10.x it used. The MAXPLEN - * definition is the maximum of length of password and can changed. I have - * defined 24. - */ - -#include "des_locl.h" - -/* Added more values to handle illegal salt values the way normal - * crypt() implementations do. The patch was sent by - * Bjorn Gronvall - */ -static unsigned const char con_salt[128]={ -0xD2,0xD3,0xD4,0xD5,0xD6,0xD7,0xD8,0xD9, -0xDA,0xDB,0xDC,0xDD,0xDE,0xDF,0xE0,0xE1, -0xE2,0xE3,0xE4,0xE5,0xE6,0xE7,0xE8,0xE9, -0xEA,0xEB,0xEC,0xED,0xEE,0xEF,0xF0,0xF1, -0xF2,0xF3,0xF4,0xF5,0xF6,0xF7,0xF8,0xF9, -0xFA,0xFB,0xFC,0xFD,0xFE,0xFF,0x00,0x01, -0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09, -0x0A,0x0B,0x05,0x06,0x07,0x08,0x09,0x0A, -0x0B,0x0C,0x0D,0x0E,0x0F,0x10,0x11,0x12, -0x13,0x14,0x15,0x16,0x17,0x18,0x19,0x1A, -0x1B,0x1C,0x1D,0x1E,0x1F,0x20,0x21,0x22, -0x23,0x24,0x25,0x20,0x21,0x22,0x23,0x24, -0x25,0x26,0x27,0x28,0x29,0x2A,0x2B,0x2C, -0x2D,0x2E,0x2F,0x30,0x31,0x32,0x33,0x34, -0x35,0x36,0x37,0x38,0x39,0x3A,0x3B,0x3C, -0x3D,0x3E,0x3F,0x40,0x41,0x42,0x43,0x44, -}; - -static unsigned const char cov_2char[64]={ -0x2E,0x2F,0x30,0x31,0x32,0x33,0x34,0x35, -0x36,0x37,0x38,0x39,0x41,0x42,0x43,0x44, -0x45,0x46,0x47,0x48,0x49,0x4A,0x4B,0x4C, -0x4D,0x4E,0x4F,0x50,0x51,0x52,0x53,0x54, -0x55,0x56,0x57,0x58,0x59,0x5A,0x61,0x62, -0x63,0x64,0x65,0x66,0x67,0x68,0x69,0x6A, -0x6B,0x6C,0x6D,0x6E,0x6F,0x70,0x71,0x72, -0x73,0x74,0x75,0x76,0x77,0x78,0x79,0x7A -}; - -#ifndef NOPROTO -void fcrypt_body(DES_LONG *out,des_key_schedule ks, - DES_LONG Eswap0, DES_LONG Eswap1); - -#if defined(PERL5) || defined(FreeBSD) || defined(__OpenBSD__) -char *des_crypt(const char *buf,const char *salt); -#else -char *crypt(const char *buf,const char *salt); -#endif -#else -void fcrypt_body(); -#ifdef PERL5 -char *des_crypt(); -#else -char *crypt(); -#endif -#endif - -#if defined(PERL5) || defined(FreeBSD) || defined(__OpenBSD__) -char *des_crypt(buf,salt) -#else -char *crypt(buf,salt) -#endif -const char *buf; -const char *salt; - { - static char buff[14]; - - return(des_fcrypt(buf,salt,buff)); - } - - -char *des_fcrypt(buf,salt,ret) -const char *buf; -const char *salt; -char *ret; - { - unsigned int i,j,x,y; - DES_LONG Eswap0,Eswap1; - DES_LONG out[2],ll; - des_cblock key; - des_key_schedule ks; - unsigned char bb[9]; - unsigned char *b=bb; - unsigned char c,u; - - /* eay 25/08/92 - * If you call crypt("pwd","*") as often happens when you - * have * as the pwd field in /etc/passwd, the function - * returns *\0XXXXXXXXX - * The \0 makes the string look like * so the pwd "*" would - * crypt to "*". This was found when replacing the crypt in - * our shared libraries. People found that the disabled - * accounts effectively had no passwd :-(. */ - x=ret[0]=((salt[0] == '\0')?'A':salt[0]); - Eswap0=con_salt[x]<<2; - x=ret[1]=((salt[1] == '\0')?'A':salt[1]); - Eswap1=con_salt[x]<<6; - -/* EAY -r=strlen(buf); -r=(r+7)/8; -*/ - for (i=0; i<8; i++) - { - c= *(buf++); - if (!c) break; - key[i]=(c<<1); - } - for (; i<8; i++) - key[i]=0; - - des_set_key_unchecked(&key,ks); - fcrypt_body(&(out[0]),ks,Eswap0,Eswap1); - - ll=out[0]; l2c(ll,b); - ll=out[1]; l2c(ll,b); - y=0; - u=0x80; - bb[8]=0; - for (i=2; i<13; i++) - { - c=0; - for (j=0; j<6; j++) - { - c<<=1; - if (bb[y] & u) c|=1; - u>>=1; - if (!u) - { - y++; - u=0x80; - } - } - ret[i]=cov_2char[c]; - } - ret[13]='\0'; - return(ret); - } - diff --git a/src/lib/libcrypto/des/fcrypt_b.c b/src/lib/libcrypto/des/fcrypt_b.c deleted file mode 100644 index 22c87f5983..0000000000 --- a/src/lib/libcrypto/des/fcrypt_b.c +++ /dev/null @@ -1,145 +0,0 @@ -/* crypto/des/fcrypt_b.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include - -/* This version of crypt has been developed from my MIT compatible - * DES library. - * The library is available at pub/Crypto/DES at ftp.psy.uq.oz.au - * Eric Young (eay@cryptsoft.com) - */ - -#define DES_FCRYPT -#include "des_locl.h" -#undef DES_FCRYPT - -#undef PERM_OP -#define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\ - (b)^=(t),\ - (a)^=((t)<<(n))) - -#undef HPERM_OP -#define HPERM_OP(a,t,n,m) ((t)=((((a)<<(16-(n)))^(a))&(m)),\ - (a)=(a)^(t)^(t>>(16-(n))))\ - -void fcrypt_body(DES_LONG *out, des_key_schedule ks, DES_LONG Eswap0, - DES_LONG Eswap1) - { - register DES_LONG l,r,t,u; -#ifdef DES_PTR - register const unsigned char *des_SP=(const unsigned char *)des_SPtrans; -#endif - register DES_LONG *s; - register int j; - register DES_LONG E0,E1; - - l=0; - r=0; - - s=(DES_LONG *)ks; - E0=Eswap0; - E1=Eswap1; - - for (j=0; j<25; j++) - { -#ifndef DES_UNROLL - register int i; - - for (i=0; i<32; i+=8) - { - D_ENCRYPT(l,r,i+0); /* 1 */ - D_ENCRYPT(r,l,i+2); /* 2 */ - D_ENCRYPT(l,r,i+4); /* 1 */ - D_ENCRYPT(r,l,i+6); /* 2 */ - } -#else - D_ENCRYPT(l,r, 0); /* 1 */ - D_ENCRYPT(r,l, 2); /* 2 */ - D_ENCRYPT(l,r, 4); /* 3 */ - D_ENCRYPT(r,l, 6); /* 4 */ - D_ENCRYPT(l,r, 8); /* 5 */ - D_ENCRYPT(r,l,10); /* 6 */ - D_ENCRYPT(l,r,12); /* 7 */ - D_ENCRYPT(r,l,14); /* 8 */ - D_ENCRYPT(l,r,16); /* 9 */ - D_ENCRYPT(r,l,18); /* 10 */ - D_ENCRYPT(l,r,20); /* 11 */ - D_ENCRYPT(r,l,22); /* 12 */ - D_ENCRYPT(l,r,24); /* 13 */ - D_ENCRYPT(r,l,26); /* 14 */ - D_ENCRYPT(l,r,28); /* 15 */ - D_ENCRYPT(r,l,30); /* 16 */ -#endif - - t=l; - l=r; - r=t; - } - l=ROTATE(l,3)&0xffffffffL; - r=ROTATE(r,3)&0xffffffffL; - - PERM_OP(l,r,t, 1,0x55555555L); - PERM_OP(r,l,t, 8,0x00ff00ffL); - PERM_OP(l,r,t, 2,0x33333333L); - PERM_OP(r,l,t,16,0x0000ffffL); - PERM_OP(l,r,t, 4,0x0f0f0f0fL); - - out[0]=r; - out[1]=l; - } - diff --git a/src/lib/libcrypto/des/ncbc_enc.c b/src/lib/libcrypto/des/ncbc_enc.c deleted file mode 100644 index 3b681691a9..0000000000 --- a/src/lib/libcrypto/des/ncbc_enc.c +++ /dev/null @@ -1,148 +0,0 @@ -/* crypto/des/ncbc_enc.c */ -/* - * #included by: - * cbc_enc.c (des_cbc_encrypt) - * des_enc.c (des_ncbc_encrypt) - */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include "des_locl.h" - -#ifdef CBC_ENC_C__DONT_UPDATE_IV -void des_cbc_encrypt(const unsigned char *in, unsigned char *out, long length, - des_key_schedule schedule, des_cblock *ivec, int enc) -#else -void des_ncbc_encrypt(const unsigned char *in, unsigned char *out, long length, - des_key_schedule schedule, des_cblock *ivec, int enc) -#endif - { - register DES_LONG tin0,tin1; - register DES_LONG tout0,tout1,xor0,xor1; - register long l=length; - DES_LONG tin[2]; - unsigned char *iv; - - iv = &(*ivec)[0]; - - if (enc) - { - c2l(iv,tout0); - c2l(iv,tout1); - for (l-=8; l>=0; l-=8) - { - c2l(in,tin0); - c2l(in,tin1); - tin0^=tout0; tin[0]=tin0; - tin1^=tout1; tin[1]=tin1; - des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT); - tout0=tin[0]; l2c(tout0,out); - tout1=tin[1]; l2c(tout1,out); - } - if (l != -8) - { - c2ln(in,tin0,tin1,l+8); - tin0^=tout0; tin[0]=tin0; - tin1^=tout1; tin[1]=tin1; - des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT); - tout0=tin[0]; l2c(tout0,out); - tout1=tin[1]; l2c(tout1,out); - } -#ifndef CBC_ENC_C__DONT_UPDATE_IV - iv = &(*ivec)[0]; - l2c(tout0,iv); - l2c(tout1,iv); -#endif - } - else - { - c2l(iv,xor0); - c2l(iv,xor1); - for (l-=8; l>=0; l-=8) - { - c2l(in,tin0); tin[0]=tin0; - c2l(in,tin1); tin[1]=tin1; - des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT); - tout0=tin[0]^xor0; - tout1=tin[1]^xor1; - l2c(tout0,out); - l2c(tout1,out); - xor0=tin0; - xor1=tin1; - } - if (l != -8) - { - c2l(in,tin0); tin[0]=tin0; - c2l(in,tin1); tin[1]=tin1; - des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT); - tout0=tin[0]^xor0; - tout1=tin[1]^xor1; - l2cn(tout0,tout1,out,l+8); -#ifndef CBC_ENC_C__DONT_UPDATE_IV - xor0=tin0; - xor1=tin1; -#endif - } -#ifndef CBC_ENC_C__DONT_UPDATE_IV - iv = &(*ivec)[0]; - l2c(xor0,iv); - l2c(xor1,iv); -#endif - } - tin0=tin1=tout0=tout1=xor0=xor1=0; - tin[0]=tin[1]=0; - } diff --git a/src/lib/libcrypto/des/ofb64ede.c b/src/lib/libcrypto/des/ofb64ede.c deleted file mode 100644 index 6eafe908da..0000000000 --- a/src/lib/libcrypto/des/ofb64ede.c +++ /dev/null @@ -1,124 +0,0 @@ -/* crypto/des/ofb64ede.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include "des_locl.h" - -/* The input and output encrypted as though 64bit ofb mode is being - * used. The extra state information to record how much of the - * 64bit block we have used is contained in *num; - */ -void des_ede3_ofb64_encrypt(register const unsigned char *in, - register unsigned char *out, long length, des_key_schedule k1, - des_key_schedule k2, des_key_schedule k3, des_cblock *ivec, - int *num) - { - register DES_LONG v0,v1; - register int n= *num; - register long l=length; - des_cblock d; - register char *dp; - DES_LONG ti[2]; - unsigned char *iv; - int save=0; - - iv = &(*ivec)[0]; - c2l(iv,v0); - c2l(iv,v1); - ti[0]=v0; - ti[1]=v1; - dp=(char *)d; - l2c(v0,dp); - l2c(v1,dp); - while (l--) - { - if (n == 0) - { - /* ti[0]=v0; */ - /* ti[1]=v1; */ - des_encrypt3(ti,k1,k2,k3); - v0=ti[0]; - v1=ti[1]; - - dp=(char *)d; - l2c(v0,dp); - l2c(v1,dp); - save++; - } - *(out++)= *(in++)^d[n]; - n=(n+1)&0x07; - } - if (save) - { -/* v0=ti[0]; - v1=ti[1];*/ - iv = &(*ivec)[0]; - l2c(v0,iv); - l2c(v1,iv); - } - v0=v1=ti[0]=ti[1]=0; - *num=n; - } - -#ifdef undef /* MACRO */ -void des_ede2_ofb64_encrypt(register unsigned char *in, - register unsigned char *out, long length, des_key_schedule k1, - des_key_schedule k2, des_cblock (*ivec), int *num) - { - des_ede3_ofb64_encrypt(in, out, length, k1,k2,k1, ivec, num); - } -#endif diff --git a/src/lib/libcrypto/des/ofb64enc.c b/src/lib/libcrypto/des/ofb64enc.c deleted file mode 100644 index 64953959ca..0000000000 --- a/src/lib/libcrypto/des/ofb64enc.c +++ /dev/null @@ -1,110 +0,0 @@ -/* crypto/des/ofb64enc.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include "des_locl.h" - -/* The input and output encrypted as though 64bit ofb mode is being - * used. The extra state information to record how much of the - * 64bit block we have used is contained in *num; - */ -void des_ofb64_encrypt(register const unsigned char *in, - register unsigned char *out, long length, des_key_schedule schedule, - des_cblock *ivec, int *num) - { - register DES_LONG v0,v1,t; - register int n= *num; - register long l=length; - des_cblock d; - register unsigned char *dp; - DES_LONG ti[2]; - unsigned char *iv; - int save=0; - - iv = &(*ivec)[0]; - c2l(iv,v0); - c2l(iv,v1); - ti[0]=v0; - ti[1]=v1; - dp=d; - l2c(v0,dp); - l2c(v1,dp); - while (l--) - { - if (n == 0) - { - des_encrypt(ti,schedule,DES_ENCRYPT); - dp=d; - t=ti[0]; l2c(t,dp); - t=ti[1]; l2c(t,dp); - save++; - } - *(out++)= *(in++)^d[n]; - n=(n+1)&0x07; - } - if (save) - { - v0=ti[0]; - v1=ti[1]; - iv = &(*ivec)[0]; - l2c(v0,iv); - l2c(v1,iv); - } - t=v0=v1=ti[0]=ti[1]=0; - *num=n; - } - diff --git a/src/lib/libcrypto/des/ofb_enc.c b/src/lib/libcrypto/des/ofb_enc.c deleted file mode 100644 index a8f425a575..0000000000 --- a/src/lib/libcrypto/des/ofb_enc.c +++ /dev/null @@ -1,134 +0,0 @@ -/* crypto/des/ofb_enc.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include "des_locl.h" - -/* The input and output are loaded in multiples of 8 bits. - * What this means is that if you hame numbits=12 and length=2 - * the first 12 bits will be retrieved from the first byte and half - * the second. The second 12 bits will come from the 3rd and half the 4th - * byte. - */ -void des_ofb_encrypt(const unsigned char *in, unsigned char *out, int numbits, - long length, des_key_schedule schedule, des_cblock *ivec) - { - register DES_LONG d0,d1,vv0,vv1,v0,v1,n=(numbits+7)/8; - register DES_LONG mask0,mask1; - register long l=length; - register int num=numbits; - DES_LONG ti[2]; - unsigned char *iv; - - if (num > 64) return; - if (num > 32) - { - mask0=0xffffffffL; - if (num >= 64) - mask1=mask0; - else - mask1=(1L<<(num-32))-1; - } - else - { - if (num == 32) - mask0=0xffffffffL; - else - mask0=(1L< 0) - { - ti[0]=v0; - ti[1]=v1; - des_encrypt((DES_LONG *)ti,schedule,DES_ENCRYPT); - vv0=ti[0]; - vv1=ti[1]; - c2ln(in,d0,d1,n); - in+=n; - d0=(d0^vv0)&mask0; - d1=(d1^vv1)&mask1; - l2cn(d0,d1,out,n); - out+=n; - - if (num == 32) - { v0=v1; v1=vv0; } - else if (num == 64) - { v0=vv0; v1=vv1; } - else if (num > 32) /* && num != 64 */ - { - v0=((v1>>(num-32))|(vv0<<(64-num)))&0xffffffffL; - v1=((vv0>>(num-32))|(vv1<<(64-num)))&0xffffffffL; - } - else /* num < 32 */ - { - v0=((v0>>num)|(v1<<(32-num)))&0xffffffffL; - v1=((v1>>num)|(vv0<<(32-num)))&0xffffffffL; - } - } - iv = &(*ivec)[0]; - l2c(v0,iv); - l2c(v1,iv); - v0=v1=d0=d1=ti[0]=ti[1]=vv0=vv1=0; - } - diff --git a/src/lib/libcrypto/des/pcbc_enc.c b/src/lib/libcrypto/des/pcbc_enc.c deleted file mode 100644 index dd69a26d4a..0000000000 --- a/src/lib/libcrypto/des/pcbc_enc.c +++ /dev/null @@ -1,122 +0,0 @@ -/* crypto/des/pcbc_enc.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include "des_locl.h" - -void des_pcbc_encrypt(const unsigned char *input, unsigned char *output, - long length, des_key_schedule schedule, des_cblock *ivec, int enc) - { - register DES_LONG sin0,sin1,xor0,xor1,tout0,tout1; - DES_LONG tin[2]; - const unsigned char *in; - unsigned char *out,*iv; - - in=input; - out=output; - iv = &(*ivec)[0]; - - if (enc) - { - c2l(iv,xor0); - c2l(iv,xor1); - for (; length>0; length-=8) - { - if (length >= 8) - { - c2l(in,sin0); - c2l(in,sin1); - } - else - c2ln(in,sin0,sin1,length); - tin[0]=sin0^xor0; - tin[1]=sin1^xor1; - des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT); - tout0=tin[0]; - tout1=tin[1]; - xor0=sin0^tout0; - xor1=sin1^tout1; - l2c(tout0,out); - l2c(tout1,out); - } - } - else - { - c2l(iv,xor0); c2l(iv,xor1); - for (; length>0; length-=8) - { - c2l(in,sin0); - c2l(in,sin1); - tin[0]=sin0; - tin[1]=sin1; - des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT); - tout0=tin[0]^xor0; - tout1=tin[1]^xor1; - if (length >= 8) - { - l2c(tout0,out); - l2c(tout1,out); - } - else - l2cn(tout0,tout1,out,length); - xor0=tout0^sin0; - xor1=tout1^sin1; - } - } - tin[0]=tin[1]=0; - sin0=sin1=xor0=xor1=tout0=tout1=0; - } diff --git a/src/lib/libcrypto/des/qud_cksm.c b/src/lib/libcrypto/des/qud_cksm.c deleted file mode 100644 index 9fff989edb..0000000000 --- a/src/lib/libcrypto/des/qud_cksm.c +++ /dev/null @@ -1,139 +0,0 @@ -/* crypto/des/qud_cksm.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -/* From "Message Authentication" R.R. Jueneman, S.M. Matyas, C.H. Meyer - * IEEE Communications Magazine Sept 1985 Vol. 23 No. 9 p 29-40 - * This module in only based on the code in this paper and is - * almost definitely not the same as the MIT implementation. - */ -#include "des_locl.h" - -/* bug fix for dos - 7/6/91 - Larry hughes@logos.ucs.indiana.edu */ -#define Q_B0(a) (((DES_LONG)(a))) -#define Q_B1(a) (((DES_LONG)(a))<<8) -#define Q_B2(a) (((DES_LONG)(a))<<16) -#define Q_B3(a) (((DES_LONG)(a))<<24) - -/* used to scramble things a bit */ -/* Got the value MIT uses via brute force :-) 2/10/90 eay */ -#define NOISE ((DES_LONG)83653421L) - -DES_LONG des_quad_cksum(const unsigned char *input, des_cblock output[], - long length, int out_count, des_cblock *seed) - { - DES_LONG z0,z1,t0,t1; - int i; - long l; - const unsigned char *cp; -#ifdef _CRAY - struct lp_st { int a:32; int b:32; } *lp; -#else - DES_LONG *lp; -#endif - - if (out_count < 1) out_count=1; -#ifdef _CRAY - lp = (struct lp_st *) &(output[0])[0]; -#else - lp = (DES_LONG *) &(output[0])[0]; -#endif - - z0=Q_B0((*seed)[0])|Q_B1((*seed)[1])|Q_B2((*seed)[2])|Q_B3((*seed)[3]); - z1=Q_B0((*seed)[4])|Q_B1((*seed)[5])|Q_B2((*seed)[6])|Q_B3((*seed)[7]); - - for (i=0; ((i<4)&&(i 0) - { - if (l > 1) - { - t0= (DES_LONG)(*(cp++)); - t0|=(DES_LONG)Q_B1(*(cp++)); - l--; - } - else - t0= (DES_LONG)(*(cp++)); - l--; - /* add */ - t0+=z0; - t0&=0xffffffffL; - t1=z1; - /* square, well sort of square */ - z0=((((t0*t0)&0xffffffffL)+((t1*t1)&0xffffffffL)) - &0xffffffffL)%0x7fffffffL; - z1=((t0*((t1+NOISE)&0xffffffffL))&0xffffffffL)%0x7fffffffL; - } - if (lp != NULL) - { - /* The MIT library assumes that the checksum is - * composed of 2*out_count 32 bit ints */ -#ifdef _CRAY - (*lp).a = z0; - (*lp).b = z1; - lp++; -#else - *lp++ = z0; - *lp++ = z1; -#endif - } - } - return(z0); - } - diff --git a/src/lib/libcrypto/des/rand_key.c b/src/lib/libcrypto/des/rand_key.c deleted file mode 100644 index ee1a6c274e..0000000000 --- a/src/lib/libcrypto/des/rand_key.c +++ /dev/null @@ -1,73 +0,0 @@ -/* crypto/des/rand_key.c */ -/* ==================================================================== - * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include - -void des_random_seed(des_cblock *key) - { - RAND_seed(key, sizeof(des_cblock)); - } - -int des_random_key(des_cblock *ret) - { - do - { - if (RAND_bytes((unsigned char *)ret, sizeof(des_cblock)) != 1) - return (0); - } while (des_is_weak_key(ret)); - des_set_odd_parity(ret); - return (1); - } diff --git a/src/lib/libcrypto/des/set_key.c b/src/lib/libcrypto/des/set_key.c deleted file mode 100644 index 09afd4fc03..0000000000 --- a/src/lib/libcrypto/des/set_key.c +++ /dev/null @@ -1,402 +0,0 @@ -/* crypto/des/set_key.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -/* set_key.c v 1.4 eay 24/9/91 - * 1.4 Speed up by 400% :-) - * 1.3 added register declarations. - * 1.2 unrolled make_key_sched a bit more - * 1.1 added norm_expand_bits - * 1.0 First working version - */ -#include "des_locl.h" - -OPENSSL_GLOBAL int des_check_key=0; - -static const unsigned char odd_parity[256]={ - 1, 1, 2, 2, 4, 4, 7, 7, 8, 8, 11, 11, 13, 13, 14, 14, - 16, 16, 19, 19, 21, 21, 22, 22, 25, 25, 26, 26, 28, 28, 31, 31, - 32, 32, 35, 35, 37, 37, 38, 38, 41, 41, 42, 42, 44, 44, 47, 47, - 49, 49, 50, 50, 52, 52, 55, 55, 56, 56, 59, 59, 61, 61, 62, 62, - 64, 64, 67, 67, 69, 69, 70, 70, 73, 73, 74, 74, 76, 76, 79, 79, - 81, 81, 82, 82, 84, 84, 87, 87, 88, 88, 91, 91, 93, 93, 94, 94, - 97, 97, 98, 98,100,100,103,103,104,104,107,107,109,109,110,110, -112,112,115,115,117,117,118,118,121,121,122,122,124,124,127,127, -128,128,131,131,133,133,134,134,137,137,138,138,140,140,143,143, -145,145,146,146,148,148,151,151,152,152,155,155,157,157,158,158, -161,161,162,162,164,164,167,167,168,168,171,171,173,173,174,174, -176,176,179,179,181,181,182,182,185,185,186,186,188,188,191,191, -193,193,194,194,196,196,199,199,200,200,203,203,205,205,206,206, -208,208,211,211,213,213,214,214,217,217,218,218,220,220,223,223, -224,224,227,227,229,229,230,230,233,233,234,234,236,236,239,239, -241,241,242,242,244,244,247,247,248,248,251,251,253,253,254,254}; - -void des_set_odd_parity(des_cblock *key) - { - int i; - - for (i=0; i>(n))^(b))&(m)),\ - * (b)^=(t),\ - * (a)=((a)^((t)<<(n)))) - */ - -#define HPERM_OP(a,t,n,m) ((t)=((((a)<<(16-(n)))^(a))&(m)),\ - (a)=(a)^(t)^(t>>(16-(n)))) - -static const DES_LONG des_skb[8][64]={ - { - /* for C bits (numbered as per FIPS 46) 1 2 3 4 5 6 */ - 0x00000000L,0x00000010L,0x20000000L,0x20000010L, - 0x00010000L,0x00010010L,0x20010000L,0x20010010L, - 0x00000800L,0x00000810L,0x20000800L,0x20000810L, - 0x00010800L,0x00010810L,0x20010800L,0x20010810L, - 0x00000020L,0x00000030L,0x20000020L,0x20000030L, - 0x00010020L,0x00010030L,0x20010020L,0x20010030L, - 0x00000820L,0x00000830L,0x20000820L,0x20000830L, - 0x00010820L,0x00010830L,0x20010820L,0x20010830L, - 0x00080000L,0x00080010L,0x20080000L,0x20080010L, - 0x00090000L,0x00090010L,0x20090000L,0x20090010L, - 0x00080800L,0x00080810L,0x20080800L,0x20080810L, - 0x00090800L,0x00090810L,0x20090800L,0x20090810L, - 0x00080020L,0x00080030L,0x20080020L,0x20080030L, - 0x00090020L,0x00090030L,0x20090020L,0x20090030L, - 0x00080820L,0x00080830L,0x20080820L,0x20080830L, - 0x00090820L,0x00090830L,0x20090820L,0x20090830L, - },{ - /* for C bits (numbered as per FIPS 46) 7 8 10 11 12 13 */ - 0x00000000L,0x02000000L,0x00002000L,0x02002000L, - 0x00200000L,0x02200000L,0x00202000L,0x02202000L, - 0x00000004L,0x02000004L,0x00002004L,0x02002004L, - 0x00200004L,0x02200004L,0x00202004L,0x02202004L, - 0x00000400L,0x02000400L,0x00002400L,0x02002400L, - 0x00200400L,0x02200400L,0x00202400L,0x02202400L, - 0x00000404L,0x02000404L,0x00002404L,0x02002404L, - 0x00200404L,0x02200404L,0x00202404L,0x02202404L, - 0x10000000L,0x12000000L,0x10002000L,0x12002000L, - 0x10200000L,0x12200000L,0x10202000L,0x12202000L, - 0x10000004L,0x12000004L,0x10002004L,0x12002004L, - 0x10200004L,0x12200004L,0x10202004L,0x12202004L, - 0x10000400L,0x12000400L,0x10002400L,0x12002400L, - 0x10200400L,0x12200400L,0x10202400L,0x12202400L, - 0x10000404L,0x12000404L,0x10002404L,0x12002404L, - 0x10200404L,0x12200404L,0x10202404L,0x12202404L, - },{ - /* for C bits (numbered as per FIPS 46) 14 15 16 17 19 20 */ - 0x00000000L,0x00000001L,0x00040000L,0x00040001L, - 0x01000000L,0x01000001L,0x01040000L,0x01040001L, - 0x00000002L,0x00000003L,0x00040002L,0x00040003L, - 0x01000002L,0x01000003L,0x01040002L,0x01040003L, - 0x00000200L,0x00000201L,0x00040200L,0x00040201L, - 0x01000200L,0x01000201L,0x01040200L,0x01040201L, - 0x00000202L,0x00000203L,0x00040202L,0x00040203L, - 0x01000202L,0x01000203L,0x01040202L,0x01040203L, - 0x08000000L,0x08000001L,0x08040000L,0x08040001L, - 0x09000000L,0x09000001L,0x09040000L,0x09040001L, - 0x08000002L,0x08000003L,0x08040002L,0x08040003L, - 0x09000002L,0x09000003L,0x09040002L,0x09040003L, - 0x08000200L,0x08000201L,0x08040200L,0x08040201L, - 0x09000200L,0x09000201L,0x09040200L,0x09040201L, - 0x08000202L,0x08000203L,0x08040202L,0x08040203L, - 0x09000202L,0x09000203L,0x09040202L,0x09040203L, - },{ - /* for C bits (numbered as per FIPS 46) 21 23 24 26 27 28 */ - 0x00000000L,0x00100000L,0x00000100L,0x00100100L, - 0x00000008L,0x00100008L,0x00000108L,0x00100108L, - 0x00001000L,0x00101000L,0x00001100L,0x00101100L, - 0x00001008L,0x00101008L,0x00001108L,0x00101108L, - 0x04000000L,0x04100000L,0x04000100L,0x04100100L, - 0x04000008L,0x04100008L,0x04000108L,0x04100108L, - 0x04001000L,0x04101000L,0x04001100L,0x04101100L, - 0x04001008L,0x04101008L,0x04001108L,0x04101108L, - 0x00020000L,0x00120000L,0x00020100L,0x00120100L, - 0x00020008L,0x00120008L,0x00020108L,0x00120108L, - 0x00021000L,0x00121000L,0x00021100L,0x00121100L, - 0x00021008L,0x00121008L,0x00021108L,0x00121108L, - 0x04020000L,0x04120000L,0x04020100L,0x04120100L, - 0x04020008L,0x04120008L,0x04020108L,0x04120108L, - 0x04021000L,0x04121000L,0x04021100L,0x04121100L, - 0x04021008L,0x04121008L,0x04021108L,0x04121108L, - },{ - /* for D bits (numbered as per FIPS 46) 1 2 3 4 5 6 */ - 0x00000000L,0x10000000L,0x00010000L,0x10010000L, - 0x00000004L,0x10000004L,0x00010004L,0x10010004L, - 0x20000000L,0x30000000L,0x20010000L,0x30010000L, - 0x20000004L,0x30000004L,0x20010004L,0x30010004L, - 0x00100000L,0x10100000L,0x00110000L,0x10110000L, - 0x00100004L,0x10100004L,0x00110004L,0x10110004L, - 0x20100000L,0x30100000L,0x20110000L,0x30110000L, - 0x20100004L,0x30100004L,0x20110004L,0x30110004L, - 0x00001000L,0x10001000L,0x00011000L,0x10011000L, - 0x00001004L,0x10001004L,0x00011004L,0x10011004L, - 0x20001000L,0x30001000L,0x20011000L,0x30011000L, - 0x20001004L,0x30001004L,0x20011004L,0x30011004L, - 0x00101000L,0x10101000L,0x00111000L,0x10111000L, - 0x00101004L,0x10101004L,0x00111004L,0x10111004L, - 0x20101000L,0x30101000L,0x20111000L,0x30111000L, - 0x20101004L,0x30101004L,0x20111004L,0x30111004L, - },{ - /* for D bits (numbered as per FIPS 46) 8 9 11 12 13 14 */ - 0x00000000L,0x08000000L,0x00000008L,0x08000008L, - 0x00000400L,0x08000400L,0x00000408L,0x08000408L, - 0x00020000L,0x08020000L,0x00020008L,0x08020008L, - 0x00020400L,0x08020400L,0x00020408L,0x08020408L, - 0x00000001L,0x08000001L,0x00000009L,0x08000009L, - 0x00000401L,0x08000401L,0x00000409L,0x08000409L, - 0x00020001L,0x08020001L,0x00020009L,0x08020009L, - 0x00020401L,0x08020401L,0x00020409L,0x08020409L, - 0x02000000L,0x0A000000L,0x02000008L,0x0A000008L, - 0x02000400L,0x0A000400L,0x02000408L,0x0A000408L, - 0x02020000L,0x0A020000L,0x02020008L,0x0A020008L, - 0x02020400L,0x0A020400L,0x02020408L,0x0A020408L, - 0x02000001L,0x0A000001L,0x02000009L,0x0A000009L, - 0x02000401L,0x0A000401L,0x02000409L,0x0A000409L, - 0x02020001L,0x0A020001L,0x02020009L,0x0A020009L, - 0x02020401L,0x0A020401L,0x02020409L,0x0A020409L, - },{ - /* for D bits (numbered as per FIPS 46) 16 17 18 19 20 21 */ - 0x00000000L,0x00000100L,0x00080000L,0x00080100L, - 0x01000000L,0x01000100L,0x01080000L,0x01080100L, - 0x00000010L,0x00000110L,0x00080010L,0x00080110L, - 0x01000010L,0x01000110L,0x01080010L,0x01080110L, - 0x00200000L,0x00200100L,0x00280000L,0x00280100L, - 0x01200000L,0x01200100L,0x01280000L,0x01280100L, - 0x00200010L,0x00200110L,0x00280010L,0x00280110L, - 0x01200010L,0x01200110L,0x01280010L,0x01280110L, - 0x00000200L,0x00000300L,0x00080200L,0x00080300L, - 0x01000200L,0x01000300L,0x01080200L,0x01080300L, - 0x00000210L,0x00000310L,0x00080210L,0x00080310L, - 0x01000210L,0x01000310L,0x01080210L,0x01080310L, - 0x00200200L,0x00200300L,0x00280200L,0x00280300L, - 0x01200200L,0x01200300L,0x01280200L,0x01280300L, - 0x00200210L,0x00200310L,0x00280210L,0x00280310L, - 0x01200210L,0x01200310L,0x01280210L,0x01280310L, - },{ - /* for D bits (numbered as per FIPS 46) 22 23 24 25 27 28 */ - 0x00000000L,0x04000000L,0x00040000L,0x04040000L, - 0x00000002L,0x04000002L,0x00040002L,0x04040002L, - 0x00002000L,0x04002000L,0x00042000L,0x04042000L, - 0x00002002L,0x04002002L,0x00042002L,0x04042002L, - 0x00000020L,0x04000020L,0x00040020L,0x04040020L, - 0x00000022L,0x04000022L,0x00040022L,0x04040022L, - 0x00002020L,0x04002020L,0x00042020L,0x04042020L, - 0x00002022L,0x04002022L,0x00042022L,0x04042022L, - 0x00000800L,0x04000800L,0x00040800L,0x04040800L, - 0x00000802L,0x04000802L,0x00040802L,0x04040802L, - 0x00002800L,0x04002800L,0x00042800L,0x04042800L, - 0x00002802L,0x04002802L,0x00042802L,0x04042802L, - 0x00000820L,0x04000820L,0x00040820L,0x04040820L, - 0x00000822L,0x04000822L,0x00040822L,0x04040822L, - 0x00002820L,0x04002820L,0x00042820L,0x04042820L, - 0x00002822L,0x04002822L,0x00042822L,0x04042822L, - }}; - -int des_set_key(const_des_cblock *key, des_key_schedule schedule) - { - if (des_check_key) - { - return des_set_key_checked(key, schedule); - } - else - { - des_set_key_unchecked(key, schedule); - return 0; - } - } - -/* return 0 if key parity is odd (correct), - * return -1 if key parity error, - * return -2 if illegal weak key. - */ -int des_set_key_checked(const_des_cblock *key, des_key_schedule schedule) - { - if (!des_check_key_parity(key)) - return(-1); - if (des_is_weak_key(key)) - return(-2); - des_set_key_unchecked(key, schedule); - return 0; - } - -void des_set_key_unchecked(const_des_cblock *key, des_key_schedule schedule) - { - static int shifts2[16]={0,0,1,1,1,1,1,1,0,1,1,1,1,1,1,0}; - register DES_LONG c,d,t,s,t2; - register const unsigned char *in; - register DES_LONG *k; - register int i; - - k = &schedule->ks.deslong[0]; - in = &(*key)[0]; - - c2l(in,c); - c2l(in,d); - - /* do PC1 in 47 simple operations :-) - * Thanks to John Fletcher (john_fletcher@lccmail.ocf.llnl.gov) - * for the inspiration. :-) */ - PERM_OP (d,c,t,4,0x0f0f0f0fL); - HPERM_OP(c,t,-2,0xcccc0000L); - HPERM_OP(d,t,-2,0xcccc0000L); - PERM_OP (d,c,t,1,0x55555555L); - PERM_OP (c,d,t,8,0x00ff00ffL); - PERM_OP (d,c,t,1,0x55555555L); - d= (((d&0x000000ffL)<<16L)| (d&0x0000ff00L) | - ((d&0x00ff0000L)>>16L)|((c&0xf0000000L)>>4L)); - c&=0x0fffffffL; - - for (i=0; i>2L)|(c<<26L)); d=((d>>2L)|(d<<26L)); } - else - { c=((c>>1L)|(c<<27L)); d=((d>>1L)|(d<<27L)); } - c&=0x0fffffffL; - d&=0x0fffffffL; - /* could be a few less shifts but I am to lazy at this - * point in time to investigate */ - s= des_skb[0][ (c )&0x3f ]| - des_skb[1][((c>> 6L)&0x03)|((c>> 7L)&0x3c)]| - des_skb[2][((c>>13L)&0x0f)|((c>>14L)&0x30)]| - des_skb[3][((c>>20L)&0x01)|((c>>21L)&0x06) | - ((c>>22L)&0x38)]; - t= des_skb[4][ (d )&0x3f ]| - des_skb[5][((d>> 7L)&0x03)|((d>> 8L)&0x3c)]| - des_skb[6][ (d>>15L)&0x3f ]| - des_skb[7][((d>>21L)&0x0f)|((d>>22L)&0x30)]; - - /* table contained 0213 4657 */ - t2=((t<<16L)|(s&0x0000ffffL))&0xffffffffL; - *(k++)=ROTATE(t2,30)&0xffffffffL; - - t2=((s>>16L)|(t&0xffff0000L)); - *(k++)=ROTATE(t2,26)&0xffffffffL; - } - } - -int des_key_sched(const_des_cblock *key, des_key_schedule schedule) - { - return(des_set_key(key,schedule)); - } - -#undef des_fixup_key_parity -void des_fixup_key_parity(des_cblock *key) - { - des_set_odd_parity(key); - } diff --git a/src/lib/libcrypto/des/spr.h b/src/lib/libcrypto/des/spr.h deleted file mode 100644 index b8fbdcf8d3..0000000000 --- a/src/lib/libcrypto/des/spr.h +++ /dev/null @@ -1,204 +0,0 @@ -/* crypto/des/spr.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -OPENSSL_GLOBAL const DES_LONG des_SPtrans[8][64]={ -{ -/* nibble 0 */ -0x02080800L, 0x00080000L, 0x02000002L, 0x02080802L, -0x02000000L, 0x00080802L, 0x00080002L, 0x02000002L, -0x00080802L, 0x02080800L, 0x02080000L, 0x00000802L, -0x02000802L, 0x02000000L, 0x00000000L, 0x00080002L, -0x00080000L, 0x00000002L, 0x02000800L, 0x00080800L, -0x02080802L, 0x02080000L, 0x00000802L, 0x02000800L, -0x00000002L, 0x00000800L, 0x00080800L, 0x02080002L, -0x00000800L, 0x02000802L, 0x02080002L, 0x00000000L, -0x00000000L, 0x02080802L, 0x02000800L, 0x00080002L, -0x02080800L, 0x00080000L, 0x00000802L, 0x02000800L, -0x02080002L, 0x00000800L, 0x00080800L, 0x02000002L, -0x00080802L, 0x00000002L, 0x02000002L, 0x02080000L, -0x02080802L, 0x00080800L, 0x02080000L, 0x02000802L, -0x02000000L, 0x00000802L, 0x00080002L, 0x00000000L, -0x00080000L, 0x02000000L, 0x02000802L, 0x02080800L, -0x00000002L, 0x02080002L, 0x00000800L, 0x00080802L, -},{ -/* nibble 1 */ -0x40108010L, 0x00000000L, 0x00108000L, 0x40100000L, -0x40000010L, 0x00008010L, 0x40008000L, 0x00108000L, -0x00008000L, 0x40100010L, 0x00000010L, 0x40008000L, -0x00100010L, 0x40108000L, 0x40100000L, 0x00000010L, -0x00100000L, 0x40008010L, 0x40100010L, 0x00008000L, -0x00108010L, 0x40000000L, 0x00000000L, 0x00100010L, -0x40008010L, 0x00108010L, 0x40108000L, 0x40000010L, -0x40000000L, 0x00100000L, 0x00008010L, 0x40108010L, -0x00100010L, 0x40108000L, 0x40008000L, 0x00108010L, -0x40108010L, 0x00100010L, 0x40000010L, 0x00000000L, -0x40000000L, 0x00008010L, 0x00100000L, 0x40100010L, -0x00008000L, 0x40000000L, 0x00108010L, 0x40008010L, -0x40108000L, 0x00008000L, 0x00000000L, 0x40000010L, -0x00000010L, 0x40108010L, 0x00108000L, 0x40100000L, -0x40100010L, 0x00100000L, 0x00008010L, 0x40008000L, -0x40008010L, 0x00000010L, 0x40100000L, 0x00108000L, -},{ -/* nibble 2 */ -0x04000001L, 0x04040100L, 0x00000100L, 0x04000101L, -0x00040001L, 0x04000000L, 0x04000101L, 0x00040100L, -0x04000100L, 0x00040000L, 0x04040000L, 0x00000001L, -0x04040101L, 0x00000101L, 0x00000001L, 0x04040001L, -0x00000000L, 0x00040001L, 0x04040100L, 0x00000100L, -0x00000101L, 0x04040101L, 0x00040000L, 0x04000001L, -0x04040001L, 0x04000100L, 0x00040101L, 0x04040000L, -0x00040100L, 0x00000000L, 0x04000000L, 0x00040101L, -0x04040100L, 0x00000100L, 0x00000001L, 0x00040000L, -0x00000101L, 0x00040001L, 0x04040000L, 0x04000101L, -0x00000000L, 0x04040100L, 0x00040100L, 0x04040001L, -0x00040001L, 0x04000000L, 0x04040101L, 0x00000001L, -0x00040101L, 0x04000001L, 0x04000000L, 0x04040101L, -0x00040000L, 0x04000100L, 0x04000101L, 0x00040100L, -0x04000100L, 0x00000000L, 0x04040001L, 0x00000101L, -0x04000001L, 0x00040101L, 0x00000100L, 0x04040000L, -},{ -/* nibble 3 */ -0x00401008L, 0x10001000L, 0x00000008L, 0x10401008L, -0x00000000L, 0x10400000L, 0x10001008L, 0x00400008L, -0x10401000L, 0x10000008L, 0x10000000L, 0x00001008L, -0x10000008L, 0x00401008L, 0x00400000L, 0x10000000L, -0x10400008L, 0x00401000L, 0x00001000L, 0x00000008L, -0x00401000L, 0x10001008L, 0x10400000L, 0x00001000L, -0x00001008L, 0x00000000L, 0x00400008L, 0x10401000L, -0x10001000L, 0x10400008L, 0x10401008L, 0x00400000L, -0x10400008L, 0x00001008L, 0x00400000L, 0x10000008L, -0x00401000L, 0x10001000L, 0x00000008L, 0x10400000L, -0x10001008L, 0x00000000L, 0x00001000L, 0x00400008L, -0x00000000L, 0x10400008L, 0x10401000L, 0x00001000L, -0x10000000L, 0x10401008L, 0x00401008L, 0x00400000L, -0x10401008L, 0x00000008L, 0x10001000L, 0x00401008L, -0x00400008L, 0x00401000L, 0x10400000L, 0x10001008L, -0x00001008L, 0x10000000L, 0x10000008L, 0x10401000L, -},{ -/* nibble 4 */ -0x08000000L, 0x00010000L, 0x00000400L, 0x08010420L, -0x08010020L, 0x08000400L, 0x00010420L, 0x08010000L, -0x00010000L, 0x00000020L, 0x08000020L, 0x00010400L, -0x08000420L, 0x08010020L, 0x08010400L, 0x00000000L, -0x00010400L, 0x08000000L, 0x00010020L, 0x00000420L, -0x08000400L, 0x00010420L, 0x00000000L, 0x08000020L, -0x00000020L, 0x08000420L, 0x08010420L, 0x00010020L, -0x08010000L, 0x00000400L, 0x00000420L, 0x08010400L, -0x08010400L, 0x08000420L, 0x00010020L, 0x08010000L, -0x00010000L, 0x00000020L, 0x08000020L, 0x08000400L, -0x08000000L, 0x00010400L, 0x08010420L, 0x00000000L, -0x00010420L, 0x08000000L, 0x00000400L, 0x00010020L, -0x08000420L, 0x00000400L, 0x00000000L, 0x08010420L, -0x08010020L, 0x08010400L, 0x00000420L, 0x00010000L, -0x00010400L, 0x08010020L, 0x08000400L, 0x00000420L, -0x00000020L, 0x00010420L, 0x08010000L, 0x08000020L, -},{ -/* nibble 5 */ -0x80000040L, 0x00200040L, 0x00000000L, 0x80202000L, -0x00200040L, 0x00002000L, 0x80002040L, 0x00200000L, -0x00002040L, 0x80202040L, 0x00202000L, 0x80000000L, -0x80002000L, 0x80000040L, 0x80200000L, 0x00202040L, -0x00200000L, 0x80002040L, 0x80200040L, 0x00000000L, -0x00002000L, 0x00000040L, 0x80202000L, 0x80200040L, -0x80202040L, 0x80200000L, 0x80000000L, 0x00002040L, -0x00000040L, 0x00202000L, 0x00202040L, 0x80002000L, -0x00002040L, 0x80000000L, 0x80002000L, 0x00202040L, -0x80202000L, 0x00200040L, 0x00000000L, 0x80002000L, -0x80000000L, 0x00002000L, 0x80200040L, 0x00200000L, -0x00200040L, 0x80202040L, 0x00202000L, 0x00000040L, -0x80202040L, 0x00202000L, 0x00200000L, 0x80002040L, -0x80000040L, 0x80200000L, 0x00202040L, 0x00000000L, -0x00002000L, 0x80000040L, 0x80002040L, 0x80202000L, -0x80200000L, 0x00002040L, 0x00000040L, 0x80200040L, -},{ -/* nibble 6 */ -0x00004000L, 0x00000200L, 0x01000200L, 0x01000004L, -0x01004204L, 0x00004004L, 0x00004200L, 0x00000000L, -0x01000000L, 0x01000204L, 0x00000204L, 0x01004000L, -0x00000004L, 0x01004200L, 0x01004000L, 0x00000204L, -0x01000204L, 0x00004000L, 0x00004004L, 0x01004204L, -0x00000000L, 0x01000200L, 0x01000004L, 0x00004200L, -0x01004004L, 0x00004204L, 0x01004200L, 0x00000004L, -0x00004204L, 0x01004004L, 0x00000200L, 0x01000000L, -0x00004204L, 0x01004000L, 0x01004004L, 0x00000204L, -0x00004000L, 0x00000200L, 0x01000000L, 0x01004004L, -0x01000204L, 0x00004204L, 0x00004200L, 0x00000000L, -0x00000200L, 0x01000004L, 0x00000004L, 0x01000200L, -0x00000000L, 0x01000204L, 0x01000200L, 0x00004200L, -0x00000204L, 0x00004000L, 0x01004204L, 0x01000000L, -0x01004200L, 0x00000004L, 0x00004004L, 0x01004204L, -0x01000004L, 0x01004200L, 0x01004000L, 0x00004004L, -},{ -/* nibble 7 */ -0x20800080L, 0x20820000L, 0x00020080L, 0x00000000L, -0x20020000L, 0x00800080L, 0x20800000L, 0x20820080L, -0x00000080L, 0x20000000L, 0x00820000L, 0x00020080L, -0x00820080L, 0x20020080L, 0x20000080L, 0x20800000L, -0x00020000L, 0x00820080L, 0x00800080L, 0x20020000L, -0x20820080L, 0x20000080L, 0x00000000L, 0x00820000L, -0x20000000L, 0x00800000L, 0x20020080L, 0x20800080L, -0x00800000L, 0x00020000L, 0x20820000L, 0x00000080L, -0x00800000L, 0x00020000L, 0x20000080L, 0x20820080L, -0x00020080L, 0x20000000L, 0x00000000L, 0x00820000L, -0x20800080L, 0x20020080L, 0x20020000L, 0x00800080L, -0x20820000L, 0x00000080L, 0x00800080L, 0x20020000L, -0x20820080L, 0x00800000L, 0x20800000L, 0x20000080L, -0x00820000L, 0x00020080L, 0x20020080L, 0x20800000L, -0x00000080L, 0x20820000L, 0x00820080L, 0x00000000L, -0x20000000L, 0x20800080L, 0x00020000L, 0x00820080L, -}}; diff --git a/src/lib/libcrypto/des/str2key.c b/src/lib/libcrypto/des/str2key.c deleted file mode 100644 index c6abb87201..0000000000 --- a/src/lib/libcrypto/des/str2key.c +++ /dev/null @@ -1,155 +0,0 @@ -/* crypto/des/str2key.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include "des_locl.h" - -void des_string_to_key(const char *str, des_cblock *key) - { - des_key_schedule ks; - int i,length; - register unsigned char j; - - memset(key,0,8); - length=strlen(str); -#ifdef OLD_STR_TO_KEY - for (i=0; i>4)&0x0f); - j=((j<<2)&0xcc)|((j>>2)&0x33); - j=((j<<1)&0xaa)|((j>>1)&0x55); - (*key)[7-(i%8)]^=j; - } - } -#endif - des_set_odd_parity(key); - des_set_key_unchecked(key,ks); - des_cbc_cksum((const unsigned char*)str,key,length,ks,key); - memset(ks,0,sizeof(ks)); - des_set_odd_parity(key); - } - -void des_string_to_2keys(const char *str, des_cblock *key1, des_cblock *key2) - { - des_key_schedule ks; - int i,length; - register unsigned char j; - - memset(key1,0,8); - memset(key2,0,8); - length=strlen(str); -#ifdef OLD_STR_TO_KEY - if (length <= 8) - { - for (i=0; i>4)&0x0f); - j=((j<<2)&0xcc)|((j>>2)&0x33); - j=((j<<1)&0xaa)|((j>>1)&0x55); - if ((i%16) < 8) - (*key1)[7-(i%8)]^=j; - else - (*key2)[7-(i%8)]^=j; - } - } - if (length <= 8) memcpy(key2,key1,8); -#endif - des_set_odd_parity(key1); - des_set_odd_parity(key2); - des_set_key_unchecked(key1,ks); - des_cbc_cksum((const unsigned char*)str,key1,length,ks,key1); - des_set_key_unchecked(key2,ks); - des_cbc_cksum((const unsigned char*)str,key2,length,ks,key2); - memset(ks,0,sizeof(ks)); - des_set_odd_parity(key1); - des_set_odd_parity(key2); - } diff --git a/src/lib/libcrypto/des/xcbc_enc.c b/src/lib/libcrypto/des/xcbc_enc.c deleted file mode 100644 index 51e17e6b8a..0000000000 --- a/src/lib/libcrypto/des/xcbc_enc.c +++ /dev/null @@ -1,194 +0,0 @@ -/* crypto/des/xcbc_enc.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include "des_locl.h" - -/* RSA's DESX */ - -static unsigned char desx_white_in2out[256]={ -0xBD,0x56,0xEA,0xF2,0xA2,0xF1,0xAC,0x2A,0xB0,0x93,0xD1,0x9C,0x1B,0x33,0xFD,0xD0, -0x30,0x04,0xB6,0xDC,0x7D,0xDF,0x32,0x4B,0xF7,0xCB,0x45,0x9B,0x31,0xBB,0x21,0x5A, -0x41,0x9F,0xE1,0xD9,0x4A,0x4D,0x9E,0xDA,0xA0,0x68,0x2C,0xC3,0x27,0x5F,0x80,0x36, -0x3E,0xEE,0xFB,0x95,0x1A,0xFE,0xCE,0xA8,0x34,0xA9,0x13,0xF0,0xA6,0x3F,0xD8,0x0C, -0x78,0x24,0xAF,0x23,0x52,0xC1,0x67,0x17,0xF5,0x66,0x90,0xE7,0xE8,0x07,0xB8,0x60, -0x48,0xE6,0x1E,0x53,0xF3,0x92,0xA4,0x72,0x8C,0x08,0x15,0x6E,0x86,0x00,0x84,0xFA, -0xF4,0x7F,0x8A,0x42,0x19,0xF6,0xDB,0xCD,0x14,0x8D,0x50,0x12,0xBA,0x3C,0x06,0x4E, -0xEC,0xB3,0x35,0x11,0xA1,0x88,0x8E,0x2B,0x94,0x99,0xB7,0x71,0x74,0xD3,0xE4,0xBF, -0x3A,0xDE,0x96,0x0E,0xBC,0x0A,0xED,0x77,0xFC,0x37,0x6B,0x03,0x79,0x89,0x62,0xC6, -0xD7,0xC0,0xD2,0x7C,0x6A,0x8B,0x22,0xA3,0x5B,0x05,0x5D,0x02,0x75,0xD5,0x61,0xE3, -0x18,0x8F,0x55,0x51,0xAD,0x1F,0x0B,0x5E,0x85,0xE5,0xC2,0x57,0x63,0xCA,0x3D,0x6C, -0xB4,0xC5,0xCC,0x70,0xB2,0x91,0x59,0x0D,0x47,0x20,0xC8,0x4F,0x58,0xE0,0x01,0xE2, -0x16,0x38,0xC4,0x6F,0x3B,0x0F,0x65,0x46,0xBE,0x7E,0x2D,0x7B,0x82,0xF9,0x40,0xB5, -0x1D,0x73,0xF8,0xEB,0x26,0xC7,0x87,0x97,0x25,0x54,0xB1,0x28,0xAA,0x98,0x9D,0xA5, -0x64,0x6D,0x7A,0xD4,0x10,0x81,0x44,0xEF,0x49,0xD6,0xAE,0x2E,0xDD,0x76,0x5C,0x2F, -0xA7,0x1C,0xC9,0x09,0x69,0x9A,0x83,0xCF,0x29,0x39,0xB9,0xE9,0x4C,0xFF,0x43,0xAB, - }; - -void des_xwhite_in2out(const_des_cblock *des_key, const_des_cblock *in_white, - des_cblock *out_white) - { - int out0,out1; - int i; - const unsigned char *key = &(*des_key)[0]; - const unsigned char *in = &(*in_white)[0]; - unsigned char *out = &(*out_white)[0]; - - out[0]=out[1]=out[2]=out[3]=out[4]=out[5]=out[6]=out[7]=0; - out0=out1=0; - for (i=0; i<8; i++) - { - out[i]=key[i]^desx_white_in2out[out0^out1]; - out0=out1; - out1=(int)out[i&0x07]; - } - - out0=out[0]; - out1=out[i]; - for (i=0; i<8; i++) - { - out[i]=in[i]^desx_white_in2out[out0^out1]; - out0=out1; - out1=(int)out[i&0x07]; - } - } - -void des_xcbc_encrypt(const unsigned char *in, unsigned char *out, - long length, des_key_schedule schedule, des_cblock *ivec, - const_des_cblock *inw, const_des_cblock *outw, int enc) - { - register DES_LONG tin0,tin1; - register DES_LONG tout0,tout1,xor0,xor1; - register DES_LONG inW0,inW1,outW0,outW1; - register const unsigned char *in2; - register long l=length; - DES_LONG tin[2]; - unsigned char *iv; - - in2 = &(*inw)[0]; - c2l(in2,inW0); - c2l(in2,inW1); - in2 = &(*outw)[0]; - c2l(in2,outW0); - c2l(in2,outW1); - - iv = &(*ivec)[0]; - - if (enc) - { - c2l(iv,tout0); - c2l(iv,tout1); - for (l-=8; l>=0; l-=8) - { - c2l(in,tin0); - c2l(in,tin1); - tin0^=tout0^inW0; tin[0]=tin0; - tin1^=tout1^inW1; tin[1]=tin1; - des_encrypt(tin,schedule,DES_ENCRYPT); - tout0=tin[0]^outW0; l2c(tout0,out); - tout1=tin[1]^outW1; l2c(tout1,out); - } - if (l != -8) - { - c2ln(in,tin0,tin1,l+8); - tin0^=tout0^inW0; tin[0]=tin0; - tin1^=tout1^inW1; tin[1]=tin1; - des_encrypt(tin,schedule,DES_ENCRYPT); - tout0=tin[0]^outW0; l2c(tout0,out); - tout1=tin[1]^outW1; l2c(tout1,out); - } - iv = &(*ivec)[0]; - l2c(tout0,iv); - l2c(tout1,iv); - } - else - { - c2l(iv,xor0); - c2l(iv,xor1); - for (l-=8; l>0; l-=8) - { - c2l(in,tin0); tin[0]=tin0^outW0; - c2l(in,tin1); tin[1]=tin1^outW1; - des_encrypt(tin,schedule,DES_DECRYPT); - tout0=tin[0]^xor0^inW0; - tout1=tin[1]^xor1^inW1; - l2c(tout0,out); - l2c(tout1,out); - xor0=tin0; - xor1=tin1; - } - if (l != -8) - { - c2l(in,tin0); tin[0]=tin0^outW0; - c2l(in,tin1); tin[1]=tin1^outW1; - des_encrypt(tin,schedule,DES_DECRYPT); - tout0=tin[0]^xor0^inW0; - tout1=tin[1]^xor1^inW1; - l2cn(tout0,tout1,out,l+8); - xor0=tin0; - xor1=tin1; - } - - iv = &(*ivec)[0]; - l2c(xor0,iv); - l2c(xor1,iv); - } - tin0=tin1=tout0=tout1=xor0=xor1=0; - inW0=inW1=outW0=outW1=0; - tin[0]=tin[1]=0; - } - diff --git a/src/lib/libcrypto/dh/dh.h b/src/lib/libcrypto/dh/dh.h deleted file mode 100644 index 7a8d9f88c2..0000000000 --- a/src/lib/libcrypto/dh/dh.h +++ /dev/null @@ -1,213 +0,0 @@ -/* crypto/dh/dh.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_DH_H -#define HEADER_DH_H - -#ifdef NO_DH -#error DH is disabled. -#endif - -#ifndef NO_BIO -#include -#endif -#include -#include - -#define DH_FLAG_CACHE_MONT_P 0x01 - -#ifdef __cplusplus -extern "C" { -#endif - -typedef struct dh_st DH; - -typedef struct dh_method { - const char *name; - /* Methods here */ - int (*generate_key)(DH *dh); - int (*compute_key)(unsigned char *key,BIGNUM *pub_key,DH *dh); - int (*bn_mod_exp)(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx); /* Can be null */ - - int (*init)(DH *dh); - int (*finish)(DH *dh); - int flags; - char *app_data; -} DH_METHOD; - -struct dh_st - { - /* This first argument is used to pick up errors when - * a DH is passed instead of a EVP_PKEY */ - int pad; - int version; - BIGNUM *p; - BIGNUM *g; - int length; /* optional */ - BIGNUM *pub_key; /* g^x */ - BIGNUM *priv_key; /* x */ - - int flags; - char *method_mont_p; - /* Place holders if we want to do X9.42 DH */ - BIGNUM *q; - BIGNUM *j; - unsigned char *seed; - int seedlen; - BIGNUM *counter; - - int references; - CRYPTO_EX_DATA ex_data; -#if 0 - DH_METHOD *meth; -#else - struct engine_st *engine; -#endif - }; - -#define DH_GENERATOR_2 2 -/* #define DH_GENERATOR_3 3 */ -#define DH_GENERATOR_5 5 - -/* DH_check error codes */ -#define DH_CHECK_P_NOT_PRIME 0x01 -#define DH_CHECK_P_NOT_SAFE_PRIME 0x02 -#define DH_UNABLE_TO_CHECK_GENERATOR 0x04 -#define DH_NOT_SUITABLE_GENERATOR 0x08 - -/* primes p where (p-1)/2 is prime too are called "safe"; we define - this for backward compatibility: */ -#define DH_CHECK_P_NOT_STRONG_PRIME DH_CHECK_P_NOT_SAFE_PRIME - -#define DHparams_dup(x) (DH *)ASN1_dup((int (*)())i2d_DHparams, \ - (char *(*)())d2i_DHparams,(char *)(x)) -#define d2i_DHparams_fp(fp,x) (DH *)ASN1_d2i_fp((char *(*)())DH_new, \ - (char *(*)())d2i_DHparams,(fp),(unsigned char **)(x)) -#define i2d_DHparams_fp(fp,x) ASN1_i2d_fp(i2d_DHparams,(fp), \ - (unsigned char *)(x)) -#define d2i_DHparams_bio(bp,x) (DH *)ASN1_d2i_bio((char *(*)())DH_new, \ - (char *(*)())d2i_DHparams,(bp),(unsigned char **)(x)) -#ifdef __cplusplus -#define i2d_DHparams_bio(bp,x) ASN1_i2d_bio((int (*)())i2d_DHparams,(bp), \ - (unsigned char *)(x)) -#else -#define i2d_DHparams_bio(bp,x) ASN1_i2d_bio(i2d_DHparams,(bp), \ - (unsigned char *)(x)) -#endif - -DH_METHOD *DH_OpenSSL(void); - -void DH_set_default_openssl_method(DH_METHOD *meth); -DH_METHOD *DH_get_default_openssl_method(void); -#if 0 -DH_METHOD *DH_set_method(DH *dh, DH_METHOD *meth); -DH *DH_new_method(DH_METHOD *meth); -#else -int DH_set_method(DH *dh, struct engine_st *engine); -DH *DH_new_method(struct engine_st *engine); -#endif - -DH * DH_new(void); -void DH_free(DH *dh); -int DH_size(DH *dh); -int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); -int DH_set_ex_data(DH *d, int idx, void *arg); -void *DH_get_ex_data(DH *d, int idx); -DH * DH_generate_parameters(int prime_len,int generator, - void (*callback)(int,int,void *),void *cb_arg); -int DH_check(DH *dh,int *codes); -int DH_generate_key(DH *dh); -int DH_compute_key(unsigned char *key,BIGNUM *pub_key,DH *dh); -DH * d2i_DHparams(DH **a,unsigned char **pp, long length); -int i2d_DHparams(DH *a,unsigned char **pp); -#ifndef NO_FP_API -int DHparams_print_fp(FILE *fp, DH *x); -#endif -#ifndef NO_BIO -int DHparams_print(BIO *bp, DH *x); -#else -int DHparams_print(char *bp, DH *x); -#endif -void ERR_load_DH_strings(void ); - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ - -/* Error codes for the DH functions. */ - -/* Function codes. */ -#define DH_F_DHPARAMS_PRINT 100 -#define DH_F_DHPARAMS_PRINT_FP 101 -#define DH_F_DH_COMPUTE_KEY 102 -#define DH_F_DH_GENERATE_KEY 103 -#define DH_F_DH_GENERATE_PARAMETERS 104 -#define DH_F_DH_NEW 105 - -/* Reason codes. */ -#define DH_R_NO_PRIVATE_VALUE 100 - -#ifdef __cplusplus -} -#endif -#endif - diff --git a/src/lib/libcrypto/dh/dh_check.c b/src/lib/libcrypto/dh/dh_check.c deleted file mode 100644 index 7e5cfd8bfc..0000000000 --- a/src/lib/libcrypto/dh/dh_check.c +++ /dev/null @@ -1,120 +0,0 @@ -/* crypto/dh/dh_check.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include - -/* Check that p is a safe prime and - * if g is 2, 3 or 5, check that is is a suitable generator - * where - * for 2, p mod 24 == 11 - * for 3, p mod 12 == 5 - * for 5, p mod 10 == 3 or 7 - * should hold. - */ - -int DH_check(DH *dh, int *ret) - { - int ok=0; - BN_CTX *ctx=NULL; - BN_ULONG l; - BIGNUM *q=NULL; - - *ret=0; - ctx=BN_CTX_new(); - if (ctx == NULL) goto err; - q=BN_new(); - if (q == NULL) goto err; - - if (BN_is_word(dh->g,DH_GENERATOR_2)) - { - l=BN_mod_word(dh->p,24); - if (l != 11) *ret|=DH_NOT_SUITABLE_GENERATOR; - } -#if 0 - else if (BN_is_word(dh->g,DH_GENERATOR_3)) - { - l=BN_mod_word(dh->p,12); - if (l != 5) *ret|=DH_NOT_SUITABLE_GENERATOR; - } -#endif - else if (BN_is_word(dh->g,DH_GENERATOR_5)) - { - l=BN_mod_word(dh->p,10); - if ((l != 3) && (l != 7)) - *ret|=DH_NOT_SUITABLE_GENERATOR; - } - else - *ret|=DH_UNABLE_TO_CHECK_GENERATOR; - - if (!BN_is_prime(dh->p,BN_prime_checks,NULL,ctx,NULL)) - *ret|=DH_CHECK_P_NOT_PRIME; - else - { - if (!BN_rshift1(q,dh->p)) goto err; - if (!BN_is_prime(q,BN_prime_checks,NULL,ctx,NULL)) - *ret|=DH_CHECK_P_NOT_SAFE_PRIME; - } - ok=1; -err: - if (ctx != NULL) BN_CTX_free(ctx); - if (q != NULL) BN_free(q); - return(ok); - } diff --git a/src/lib/libcrypto/dh/dh_err.c b/src/lib/libcrypto/dh/dh_err.c deleted file mode 100644 index ff2d1684c2..0000000000 --- a/src/lib/libcrypto/dh/dh_err.c +++ /dev/null @@ -1,99 +0,0 @@ -/* crypto/dh/dh_err.c */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* NOTE: this file was auto generated by the mkerr.pl script: any changes - * made to it will be overwritten when the script next updates this file, - * only reason strings will be preserved. - */ - -#include -#include -#include - -/* BEGIN ERROR CODES */ -#ifndef NO_ERR -static ERR_STRING_DATA DH_str_functs[]= - { -{ERR_PACK(0,DH_F_DHPARAMS_PRINT,0), "DHparams_print"}, -{ERR_PACK(0,DH_F_DHPARAMS_PRINT_FP,0), "DHparams_print_fp"}, -{ERR_PACK(0,DH_F_DH_COMPUTE_KEY,0), "DH_compute_key"}, -{ERR_PACK(0,DH_F_DH_GENERATE_KEY,0), "DH_generate_key"}, -{ERR_PACK(0,DH_F_DH_GENERATE_PARAMETERS,0), "DH_generate_parameters"}, -{ERR_PACK(0,DH_F_DH_NEW,0), "DH_new"}, -{0,NULL} - }; - -static ERR_STRING_DATA DH_str_reasons[]= - { -{DH_R_NO_PRIVATE_VALUE ,"no private value"}, -{0,NULL} - }; - -#endif - -void ERR_load_DH_strings(void) - { - static int init=1; - - if (init) - { - init=0; -#ifndef NO_ERR - ERR_load_strings(ERR_LIB_DH,DH_str_functs); - ERR_load_strings(ERR_LIB_DH,DH_str_reasons); -#endif - - } - } diff --git a/src/lib/libcrypto/dh/dh_gen.c b/src/lib/libcrypto/dh/dh_gen.c deleted file mode 100644 index 7a6a38fbb4..0000000000 --- a/src/lib/libcrypto/dh/dh_gen.c +++ /dev/null @@ -1,153 +0,0 @@ -/* crypto/dh/dh_gen.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include - -/* We generate DH parameters as follows - * find a prime q which is prime_len/2 bits long. - * p=(2*q)+1 or (p-1)/2 = q - * For this case, g is a generator if - * g^((p-1)/q) mod p != 1 for values of q which are the factors of p-1. - * Since the factors of p-1 are q and 2, we just need to check - * g^2 mod p != 1 and g^q mod p != 1. - * - * Having said all that, - * there is another special case method for the generators 2, 3 and 5. - * for 2, p mod 24 == 11 - * for 3, p mod 12 == 5 <<<<< does not work for safe primes. - * for 5, p mod 10 == 3 or 7 - * - * Thanks to Phil Karn for the pointers about the - * special generators and for answering some of my questions. - * - * I've implemented the second simple method :-). - * Since DH should be using a safe prime (both p and q are prime), - * this generator function can take a very very long time to run. - */ - -DH *DH_generate_parameters(int prime_len, int generator, - void (*callback)(int,int,void *), void *cb_arg) - { - BIGNUM *p=NULL,*t1,*t2; - DH *ret=NULL; - int g,ok= -1; - BN_CTX *ctx=NULL; - - ret=DH_new(); - if (ret == NULL) goto err; - ctx=BN_CTX_new(); - if (ctx == NULL) goto err; - BN_CTX_start(ctx); - t1 = BN_CTX_get(ctx); - t2 = BN_CTX_get(ctx); - if (t1 == NULL || t2 == NULL) goto err; - - if (generator == DH_GENERATOR_2) - { - BN_set_word(t1,24); - BN_set_word(t2,11); - g=2; - } -#ifdef undef /* does not work for safe primes */ - else if (generator == DH_GENERATOR_3) - { - BN_set_word(t1,12); - BN_set_word(t2,5); - g=3; - } -#endif - else if (generator == DH_GENERATOR_5) - { - BN_set_word(t1,10); - BN_set_word(t2,3); - /* BN_set_word(t3,7); just have to miss - * out on these ones :-( */ - g=5; - } - else - g=generator; - - p=BN_generate_prime(NULL,prime_len,1,t1,t2,callback,cb_arg); - if (p == NULL) goto err; - if (callback != NULL) callback(3,0,cb_arg); - ret->p=p; - ret->g=BN_new(); - if (!BN_set_word(ret->g,g)) goto err; - ok=1; -err: - if (ok == -1) - { - DHerr(DH_F_DH_GENERATE_PARAMETERS,ERR_R_BN_LIB); - ok=0; - } - - if (ctx != NULL) - { - BN_CTX_end(ctx); - BN_CTX_free(ctx); - } - if (!ok && (ret != NULL)) - { - DH_free(ret); - ret=NULL; - } - return(ret); - } diff --git a/src/lib/libcrypto/dh/dh_key.c b/src/lib/libcrypto/dh/dh_key.c deleted file mode 100644 index 6915d79dcc..0000000000 --- a/src/lib/libcrypto/dh/dh_key.c +++ /dev/null @@ -1,221 +0,0 @@ -/* crypto/dh/dh_key.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include -#include -#include - -static int generate_key(DH *dh); -static int compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh); -static int dh_bn_mod_exp(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx); -static int dh_init(DH *dh); -static int dh_finish(DH *dh); - -int DH_generate_key(DH *dh) - { - return ENGINE_get_DH(dh->engine)->generate_key(dh); - } - -int DH_compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh) - { - return ENGINE_get_DH(dh->engine)->compute_key(key, pub_key, dh); - } - -static DH_METHOD dh_ossl = { -"OpenSSL DH Method", -generate_key, -compute_key, -dh_bn_mod_exp, -dh_init, -dh_finish, -0, -NULL -}; - -DH_METHOD *DH_OpenSSL(void) -{ - return &dh_ossl; -} - -static int generate_key(DH *dh) - { - int ok=0; - unsigned int i; - BN_CTX ctx; - BN_MONT_CTX *mont; - BIGNUM *pub_key=NULL,*priv_key=NULL; - - BN_CTX_init(&ctx); - - if (dh->priv_key == NULL) - { - i=dh->length; - if (i == 0) - { - /* Make the number p-1 bits long */ - i=BN_num_bits(dh->p)-1; - } - priv_key=BN_new(); - if (priv_key == NULL) goto err; - if (!BN_rand(priv_key,i,0,0)) goto err; - } - else - priv_key=dh->priv_key; - - if (dh->pub_key == NULL) - { - pub_key=BN_new(); - if (pub_key == NULL) goto err; - } - else - pub_key=dh->pub_key; - - if ((dh->method_mont_p == NULL) && (dh->flags & DH_FLAG_CACHE_MONT_P)) - { - if ((dh->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL) - if (!BN_MONT_CTX_set((BN_MONT_CTX *)dh->method_mont_p, - dh->p,&ctx)) goto err; - } - mont=(BN_MONT_CTX *)dh->method_mont_p; - - if (!ENGINE_get_DH(dh->engine)->bn_mod_exp(dh, pub_key, dh->g, - priv_key,dh->p,&ctx,mont)) - goto err; - - dh->pub_key=pub_key; - dh->priv_key=priv_key; - ok=1; -err: - if (ok != 1) - DHerr(DH_F_DH_GENERATE_KEY,ERR_R_BN_LIB); - - if ((pub_key != NULL) && (dh->pub_key == NULL)) BN_free(pub_key); - if ((priv_key != NULL) && (dh->priv_key == NULL)) BN_free(priv_key); - BN_CTX_free(&ctx); - return(ok); - } - -static int compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh) - { - BN_CTX ctx; - BN_MONT_CTX *mont; - BIGNUM *tmp; - int ret= -1; - - BN_CTX_init(&ctx); - BN_CTX_start(&ctx); - tmp = BN_CTX_get(&ctx); - - if (dh->priv_key == NULL) - { - DHerr(DH_F_DH_COMPUTE_KEY,DH_R_NO_PRIVATE_VALUE); - goto err; - } - if ((dh->method_mont_p == NULL) && (dh->flags & DH_FLAG_CACHE_MONT_P)) - { - if ((dh->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL) - if (!BN_MONT_CTX_set((BN_MONT_CTX *)dh->method_mont_p, - dh->p,&ctx)) goto err; - } - - mont=(BN_MONT_CTX *)dh->method_mont_p; - if (!ENGINE_get_DH(dh->engine)->bn_mod_exp(dh, tmp, pub_key, - dh->priv_key,dh->p,&ctx,mont)) - { - DHerr(DH_F_DH_COMPUTE_KEY,ERR_R_BN_LIB); - goto err; - } - - ret=BN_bn2bin(tmp,key); -err: - BN_CTX_end(&ctx); - BN_CTX_free(&ctx); - return(ret); - } - -static int dh_bn_mod_exp(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx) - { - if (a->top == 1) - { - BN_ULONG A = a->d[0]; - return BN_mod_exp_mont_word(r,A,p,m,ctx,m_ctx); - } - else - return BN_mod_exp_mont(r,a,p,m,ctx,m_ctx); - } - - -static int dh_init(DH *dh) - { - dh->flags |= DH_FLAG_CACHE_MONT_P; - return(1); - } - -static int dh_finish(DH *dh) - { - if(dh->method_mont_p) - BN_MONT_CTX_free((BN_MONT_CTX *)dh->method_mont_p); - return(1); - } diff --git a/src/lib/libcrypto/dh/dh_lib.c b/src/lib/libcrypto/dh/dh_lib.c deleted file mode 100644 index 66803b5565..0000000000 --- a/src/lib/libcrypto/dh/dh_lib.c +++ /dev/null @@ -1,237 +0,0 @@ -/* crypto/dh/dh_lib.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include -#include - -const char *DH_version="Diffie-Hellman" OPENSSL_VERSION_PTEXT; - -static DH_METHOD *default_DH_method; -static int dh_meth_num = 0; -static STACK_OF(CRYPTO_EX_DATA_FUNCS) *dh_meth = NULL; - -void DH_set_default_openssl_method(DH_METHOD *meth) -{ - ENGINE *e; - /* We'll need to notify the "openssl" ENGINE of this - * change too. We won't bother locking things down at - * our end as there was never any locking in these - * functions! */ - if(default_DH_method != meth) - { - default_DH_method = meth; - e = ENGINE_by_id("openssl"); - if(e) - { - ENGINE_set_DH(e, meth); - ENGINE_free(e); - } - } -} - -DH_METHOD *DH_get_default_openssl_method(void) -{ - if(!default_DH_method) default_DH_method = DH_OpenSSL(); - return default_DH_method; -} - -#if 0 -DH_METHOD *DH_set_method(DH *dh, DH_METHOD *meth) -{ - DH_METHOD *mtmp; - mtmp = dh->meth; - if (mtmp->finish) mtmp->finish(dh); - dh->meth = meth; - if (meth->init) meth->init(dh); - return mtmp; -} -#else -int DH_set_method(DH *dh, ENGINE *engine) -{ - ENGINE *mtmp; - DH_METHOD *meth; - mtmp = dh->engine; - meth = ENGINE_get_DH(mtmp); - if (!ENGINE_init(engine)) - return 0; - if (meth->finish) meth->finish(dh); - dh->engine= engine; - meth = ENGINE_get_DH(engine); - if (meth->init) meth->init(dh); - /* SHOULD ERROR CHECK THIS!!! */ - ENGINE_finish(mtmp); - return 1; -} -#endif - -DH *DH_new(void) -{ - return DH_new_method(NULL); -} - -#if 0 -DH *DH_new_method(DH_METHOD *meth) -#else -DH *DH_new_method(ENGINE *engine) -#endif - { - DH_METHOD *meth; - DH *ret; - ret=(DH *)OPENSSL_malloc(sizeof(DH)); - - if (ret == NULL) - { - DHerr(DH_F_DH_NEW,ERR_R_MALLOC_FAILURE); - return(NULL); - } - if(engine) - ret->engine = engine; - else - { - if((ret->engine=ENGINE_get_default_DH()) == NULL) - { - OPENSSL_free(ret); - return NULL; - } - } - meth = ENGINE_get_DH(ret->engine); - ret->pad=0; - ret->version=0; - ret->p=NULL; - ret->g=NULL; - ret->length=0; - ret->pub_key=NULL; - ret->priv_key=NULL; - ret->q=NULL; - ret->j=NULL; - ret->seed = NULL; - ret->seedlen = 0; - ret->counter = NULL; - ret->method_mont_p=NULL; - ret->references = 1; - ret->flags=meth->flags; - if ((meth->init != NULL) && !meth->init(ret)) - { - OPENSSL_free(ret); - ret=NULL; - } - else - CRYPTO_new_ex_data(dh_meth,ret,&ret->ex_data); - return(ret); - } - -void DH_free(DH *r) - { - DH_METHOD *meth; - int i; - if(r == NULL) return; - i = CRYPTO_add(&r->references, -1, CRYPTO_LOCK_DH); -#ifdef REF_PRINT - REF_PRINT("DH",r); -#endif - if (i > 0) return; -#ifdef REF_CHECK - if (i < 0) - { - fprintf(stderr,"DH_free, bad reference count\n"); - abort(); - } -#endif - - CRYPTO_free_ex_data(dh_meth, r, &r->ex_data); - - meth = ENGINE_get_DH(r->engine); - if(meth->finish) meth->finish(r); - ENGINE_finish(r->engine); - - if (r->p != NULL) BN_clear_free(r->p); - if (r->g != NULL) BN_clear_free(r->g); - if (r->q != NULL) BN_clear_free(r->q); - if (r->j != NULL) BN_clear_free(r->j); - if (r->seed) OPENSSL_free(r->seed); - if (r->counter != NULL) BN_clear_free(r->counter); - if (r->pub_key != NULL) BN_clear_free(r->pub_key); - if (r->priv_key != NULL) BN_clear_free(r->priv_key); - OPENSSL_free(r); - } - -int DH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) - { - dh_meth_num++; - return(CRYPTO_get_ex_new_index(dh_meth_num-1, - &dh_meth,argl,argp,new_func,dup_func,free_func)); - } - -int DH_set_ex_data(DH *d, int idx, void *arg) - { - return(CRYPTO_set_ex_data(&d->ex_data,idx,arg)); - } - -void *DH_get_ex_data(DH *d, int idx) - { - return(CRYPTO_get_ex_data(&d->ex_data,idx)); - } - -int DH_size(DH *dh) - { - return(BN_num_bytes(dh->p)); - } diff --git a/src/lib/libcrypto/doc/DH_generate_key.pod b/src/lib/libcrypto/doc/DH_generate_key.pod deleted file mode 100644 index 81f09fdf45..0000000000 --- a/src/lib/libcrypto/doc/DH_generate_key.pod +++ /dev/null @@ -1,50 +0,0 @@ -=pod - -=head1 NAME - -DH_generate_key, DH_compute_key - perform Diffie-Hellman key exchange - -=head1 SYNOPSIS - - #include - - int DH_generate_key(DH *dh); - - int DH_compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh); - -=head1 DESCRIPTION - -DH_generate_key() performs the first step of a Diffie-Hellman key -exchange by generating private and public DH values. By calling -DH_compute_key(), these are combined with the other party's public -value to compute the shared key. - -DH_generate_key() expects B to contain the shared parameters -Bp> and Bg>. It generates a random private DH value -unless Bpriv_key> is already set, and computes the -corresponding public value Bpub_key>, which can then be -published. - -DH_compute_key() computes the shared secret from the private DH value -in B and the other party's public value in B and stores -it in B. B must point to B bytes of memory. - -=head1 RETURN VALUES - -DH_generate_key() returns 1 on success, 0 otherwise. - -DH_compute_key() returns the size of the shared secret on success, -1 -on error. - -The error codes can be obtained by L. - -=head1 SEE ALSO - -L, L, L, L - -=head1 HISTORY - -DH_generate_key() and DH_compute_key() are available in all versions -of SSLeay and OpenSSL. - -=cut diff --git a/src/lib/libcrypto/doc/DH_generate_parameters.pod b/src/lib/libcrypto/doc/DH_generate_parameters.pod deleted file mode 100644 index 4a2d653758..0000000000 --- a/src/lib/libcrypto/doc/DH_generate_parameters.pod +++ /dev/null @@ -1,72 +0,0 @@ -=pod - -=head1 NAME - -DH_generate_parameters, DH_check - generate and check Diffie-Hellman parameters - -=head1 SYNOPSIS - - #include - - DH *DH_generate_parameters(int prime_len, int generator, - void (*callback)(int, int, void *), void *cb_arg); - - int DH_check(DH *dh, int *codes); - -=head1 DESCRIPTION - -DH_generate_parameters() generates Diffie-Hellman parameters that can -be shared among a group of users, and returns them in a newly -allocated B structure. The pseudo-random number generator must be -seeded prior to calling DH_generate_parameters(). - -B is the length in bits of the safe prime to be generated. -B is a small number E 1, typically 2 or 5. - -A callback function may be used to provide feedback about the progress -of the key generation. If B is not B, it will be -called as described in L while a random prime -number is generated, and when a prime has been found, B is called. - -DH_check() validates Diffie-Hellman parameters. It checks that B

is -a safe prime, and that B is a suitable generator. In the case of an -error, the bit flags DH_CHECK_P_NOT_SAFE_PRIME or -DH_NOT_SUITABLE_GENERATOR are set in B<*codes>. -DH_UNABLE_TO_CHECK_GENERATOR is set if the generator cannot be -checked, i.e. it does not equal 2 or 5. - -=head1 RETURN VALUES - -DH_generate_parameters() returns a pointer to the DH structure, or -NULL if the parameter generation fails. The error codes can be -obtained by L. - -DH_check() returns 1 if the check could be performed, 0 otherwise. - -=head1 NOTES - -DH_generate_parameters() may run for several hours before finding a -suitable prime. - -The parameters generated by DH_generate_parameters() are not to be -used in signature schemes. - -=head1 BUGS - -If B is not 2 or 5, Bg>=B is not -a usable generator. - -=head1 SEE ALSO - -L, L, L, L - -=head1 HISTORY - -DH_check() is available in all versions of SSLeay and OpenSSL. -The B argument to DH_generate_parameters() was added in SSLeay 0.9.0. - -In versions before OpenSSL 0.9.5, DH_CHECK_P_NOT_STRONG_PRIME is used -instead of DH_CHECK_P_NOT_SAFE_PRIME. - -=cut diff --git a/src/lib/libcrypto/doc/DH_get_ex_new_index.pod b/src/lib/libcrypto/doc/DH_get_ex_new_index.pod deleted file mode 100644 index 82e2548bcd..0000000000 --- a/src/lib/libcrypto/doc/DH_get_ex_new_index.pod +++ /dev/null @@ -1,36 +0,0 @@ -=pod - -=head1 NAME - -DH_get_ex_new_index, DH_set_ex_data, DH_get_ex_data - add application specific data to DH structures - -=head1 SYNOPSIS - - #include - - int DH_get_ex_new_index(long argl, void *argp, - CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, - CRYPTO_EX_free *free_func); - - int DH_set_ex_data(DH *d, int idx, void *arg); - - char *DH_get_ex_data(DH *d, int idx); - -=head1 DESCRIPTION - -These functions handle application specific data in DH -structures. Their usage is identical to that of -RSA_get_ex_new_index(), RSA_set_ex_data() and RSA_get_ex_data() -as described in L. - -=head1 SEE ALSO - -L, L - -=head1 HISTORY - -DH_get_ex_new_index(), DH_set_ex_data() and DH_get_ex_data() are -available since OpenSSL 0.9.5. - -=cut diff --git a/src/lib/libcrypto/doc/DH_new.pod b/src/lib/libcrypto/doc/DH_new.pod deleted file mode 100644 index 60c930093e..0000000000 --- a/src/lib/libcrypto/doc/DH_new.pod +++ /dev/null @@ -1,40 +0,0 @@ -=pod - -=head1 NAME - -DH_new, DH_free - allocate and free DH objects - -=head1 SYNOPSIS - - #include - - DH* DH_new(void); - - void DH_free(DH *dh); - -=head1 DESCRIPTION - -DH_new() allocates and initializes a B structure. - -DH_free() frees the B structure and its components. The values are -erased before the memory is returned to the system. - -=head1 RETURN VALUES - -If the allocation fails, DH_new() returns B and sets an error -code that can be obtained by L. Otherwise it returns -a pointer to the newly allocated structure. - -DH_free() returns no value. - -=head1 SEE ALSO - -L, L, -L, -L - -=head1 HISTORY - -DH_new() and DH_free() are available in all versions of SSLeay and OpenSSL. - -=cut diff --git a/src/lib/libcrypto/doc/DH_set_method.pod b/src/lib/libcrypto/doc/DH_set_method.pod deleted file mode 100644 index 62088eea1b..0000000000 --- a/src/lib/libcrypto/doc/DH_set_method.pod +++ /dev/null @@ -1,111 +0,0 @@ -=pod - -=head1 NAME - -DH_set_default_openssl_method, DH_get_default_openssl_method, -DH_set_method, DH_new_method, DH_OpenSSL - select DH method - -=head1 SYNOPSIS - - #include - #include - - void DH_set_default_openssl_method(DH_METHOD *meth); - - DH_METHOD *DH_get_default_openssl_method(void); - - int DH_set_method(DH *dh, ENGINE *engine); - - DH *DH_new_method(ENGINE *engine); - - DH_METHOD *DH_OpenSSL(void); - -=head1 DESCRIPTION - -A B specifies the functions that OpenSSL uses for Diffie-Hellman -operations. By modifying the method, alternative implementations -such as hardware accelerators may be used. - -Initially, the default is to use the OpenSSL internal implementation. -DH_OpenSSL() returns a pointer to that method. - -DH_set_default_openssl_method() makes B the default method for all DH -structures created later. B This is true only whilst the default engine -for Diffie-Hellman operations remains as "openssl". ENGINEs provide an -encapsulation for implementations of one or more algorithms, and all the DH -functions mentioned here operate within the scope of the default -"openssl" engine. - -DH_get_default_openssl_method() returns a pointer to the current default -method for the "openssl" engine. - -DH_set_method() selects B as the engine that will be responsible for -all operations using the structure B. If this function completes successfully, -then the B structure will have its own functional reference of B, so -the caller should remember to free their own reference to B when they are -finished with it. NB: An ENGINE's DH_METHOD can be retrieved (or set) by -ENGINE_get_DH() or ENGINE_set_DH(). - -DH_new_method() allocates and initializes a DH structure so that -B will be used for the DH operations. If B is NULL, -the default engine for Diffie-Hellman opertaions is used. - -=head1 THE DH_METHOD STRUCTURE - - typedef struct dh_meth_st - { - /* name of the implementation */ - const char *name; - - /* generate private and public DH values for key agreement */ - int (*generate_key)(DH *dh); - - /* compute shared secret */ - int (*compute_key)(unsigned char *key, BIGNUM *pub_key, DH *dh); - - /* compute r = a ^ p mod m (May be NULL for some implementations) */ - int (*bn_mod_exp)(DH *dh, BIGNUM *r, BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx); - - /* called at DH_new */ - int (*init)(DH *dh); - - /* called at DH_free */ - int (*finish)(DH *dh); - - int flags; - - char *app_data; /* ?? */ - - } DH_METHOD; - -=head1 RETURN VALUES - -DH_OpenSSL() and DH_get_default_method() return pointers to the respective -DH_METHODs. - -DH_set_default_openssl_method() returns no value. - -DH_set_method() returns non-zero if the ENGINE associated with B -was successfully changed to B. - -DH_new_method() returns NULL and sets an error code that can be -obtained by L if the allocation fails. -Otherwise it returns a pointer to the newly allocated structure. - -=head1 SEE ALSO - -L, L - -=head1 HISTORY - -DH_set_default_method(), DH_get_default_method(), DH_set_method(), -DH_new_method() and DH_OpenSSL() were added in OpenSSL 0.9.4. - -DH_set_default_openssl_method() and DH_get_default_openssl_method() -replaced DH_set_default_method() and DH_get_default_method() respectively, -and DH_set_method() and DH_new_method() were altered to use Bs -rather than Bs during development of OpenSSL 0.9.6. - -=cut diff --git a/src/lib/libcrypto/doc/DH_size.pod b/src/lib/libcrypto/doc/DH_size.pod deleted file mode 100644 index 97f26fda78..0000000000 --- a/src/lib/libcrypto/doc/DH_size.pod +++ /dev/null @@ -1,33 +0,0 @@ -=pod - -=head1 NAME - -DH_size - get Diffie-Hellman prime size - -=head1 SYNOPSIS - - #include - - int DH_size(DH *dh); - -=head1 DESCRIPTION - -This function returns the Diffie-Hellman size in bytes. It can be used -to determine how much memory must be allocated for the shared secret -computed by DH_compute_key(). - -Bp> must not be B. - -=head1 RETURN VALUE - -The size in bytes. - -=head1 SEE ALSO - -L, L - -=head1 HISTORY - -DH_size() is available in all versions of SSLeay and OpenSSL. - -=cut diff --git a/src/lib/libcrypto/doc/DSA_SIG_new.pod b/src/lib/libcrypto/doc/DSA_SIG_new.pod deleted file mode 100644 index 45df4c0661..0000000000 --- a/src/lib/libcrypto/doc/DSA_SIG_new.pod +++ /dev/null @@ -1,39 +0,0 @@ -=pod - -=head1 NAME - -DSA_SIG_new, DSA_SIG_free - allocate and free DSA signature objects - -=head1 SYNOPSIS - - #include - - DSA_SIG *DSA_SIG_new(void); - - void DSA_SIG_free(DSA_SIG *a); - -=head1 DESCRIPTION - -DSA_SIG_new() allocates and initializes a B structure. - -DSA_SIG_free() frees the B structure and its components. The -values are erased before the memory is returned to the system. - -=head1 RETURN VALUES - -If the allocation fails, DSA_SIG_new() returns B and sets an -error code that can be obtained by -L. Otherwise it returns a pointer -to the newly allocated structure. - -DSA_SIG_free() returns no value. - -=head1 SEE ALSO - -L, L, L - -=head1 HISTORY - -DSA_SIG_new() and DSA_SIG_free() were added in OpenSSL 0.9.3. - -=cut diff --git a/src/lib/libcrypto/doc/DSA_do_sign.pod b/src/lib/libcrypto/doc/DSA_do_sign.pod deleted file mode 100644 index 5dfc733b20..0000000000 --- a/src/lib/libcrypto/doc/DSA_do_sign.pod +++ /dev/null @@ -1,47 +0,0 @@ -=pod - -=head1 NAME - -DSA_do_sign, DSA_do_verify - raw DSA signature operations - -=head1 SYNOPSIS - - #include - - DSA_SIG *DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa); - - int DSA_do_verify(const unsigned char *dgst, int dgst_len, - DSA_SIG *sig, DSA *dsa); - -=head1 DESCRIPTION - -DSA_do_sign() computes a digital signature on the B byte message -digest B using the private key B and returns it in a -newly allocated B structure. - -L may be used to precompute part -of the signing operation in case signature generation is -time-critical. - -DSA_do_verify() verifies that the signature B matches a given -message digest B of size B. B is the signer's public -key. - -=head1 RETURN VALUES - -DSA_do_sign() returns the signature, NULL on error. DSA_do_verify() -returns 1 for a valid signature, 0 for an incorrect signature and -1 -on error. The error codes can be obtained by -L. - -=head1 SEE ALSO - -L, L, L, -L, -L - -=head1 HISTORY - -DSA_do_sign() and DSA_do_verify() were added in OpenSSL 0.9.3. - -=cut diff --git a/src/lib/libcrypto/doc/DSA_dup_DH.pod b/src/lib/libcrypto/doc/DSA_dup_DH.pod deleted file mode 100644 index 695f99a13b..0000000000 --- a/src/lib/libcrypto/doc/DSA_dup_DH.pod +++ /dev/null @@ -1,36 +0,0 @@ -=pod - -=head1 NAME - -DSA_dup_DH - create a DH structure out of DSA structure - -=head1 SYNOPSIS - - #include - - DH * DSA_dup_DH(DSA *r); - -=head1 DESCRIPTION - -DSA_dup_DH() duplicates DSA parameters/keys as DH parameters/keys. q -is lost during that conversion, but the resulting DH parameters -contain its length. - -=head1 RETURN VALUE - -DSA_dup_DH() returns the new B structure, and NULL on error. The -error codes can be obtained by L. - -=head1 NOTE - -Be careful to avoid small subgroup attacks when using this. - -=head1 SEE ALSO - -L, L, L - -=head1 HISTORY - -DSA_dup_DH() was added in OpenSSL 0.9.4. - -=cut diff --git a/src/lib/libcrypto/doc/DSA_generate_key.pod b/src/lib/libcrypto/doc/DSA_generate_key.pod deleted file mode 100644 index 9906a2d7e0..0000000000 --- a/src/lib/libcrypto/doc/DSA_generate_key.pod +++ /dev/null @@ -1,33 +0,0 @@ -=pod - -=head1 NAME - -DSA_generate_key - generate DSA key pair - -=head1 SYNOPSIS - - #include - - int DSA_generate_key(DSA *a); - -=head1 DESCRIPTION - -DSA_generate_key() expects B to contain DSA parameters. It generates -a new key pair and stores it in Bpub_key> and Bpriv_key>. - -The PRNG must be seeded prior to calling DSA_generate_key(). - -=head1 RETURN VALUE - -DSA_generate_key() returns 1 on success, 0 otherwise. -The error codes can be obtained by L. - -=head1 SEE ALSO - -L, L, L, L - -=head1 HISTORY - -DSA_generate_key() is available since SSLeay 0.8. - -=cut diff --git a/src/lib/libcrypto/doc/DSA_generate_parameters.pod b/src/lib/libcrypto/doc/DSA_generate_parameters.pod deleted file mode 100644 index be7c924ff8..0000000000 --- a/src/lib/libcrypto/doc/DSA_generate_parameters.pod +++ /dev/null @@ -1,105 +0,0 @@ -=pod - -=head1 NAME - -DSA_generate_parameters - generate DSA parameters - -=head1 SYNOPSIS - - #include - - DSA *DSA_generate_parameters(int bits, unsigned char *seed, - int seed_len, int *counter_ret, unsigned long *h_ret, - void (*callback)(int, int, void *), void *cb_arg); - -=head1 DESCRIPTION - -DSA_generate_parameters() generates primes p and q and a generator g -for use in the DSA. - -B is the length of the prime to be generated; the DSS allows a -maximum of 1024 bits. - -If B is B or B E 20, the primes will be -generated at random. Otherwise, the seed is used to generate -them. If the given seed does not yield a prime q, a new random -seed is chosen and placed at B. - -DSA_generate_parameters() places the iteration count in -*B and a counter used for finding a generator in -*B, unless these are B. - -A callback function may be used to provide feedback about the progress -of the key generation. If B is not B, it will be -called as follows: - -=over 4 - -=item * - -When a candidate for q is generated, B is called -(m is 0 for the first candidate). - -=item * - -When a candidate for q has passed a test by trial division, -B is called. -While a candidate for q is tested by Miller-Rabin primality tests, -B is called in the outer loop -(once for each witness that confirms that the candidate may be prime); -i is the loop counter (starting at 0). - -=item * - -When a prime q has been found, B and -B are called. - -=item * - -Before a candidate for p (other than the first) is generated and tested, -B is called. - -=item * - -When a candidate for p has passed the test by trial division, -B is called. -While it is tested by the Miller-Rabin primality test, -B is called in the outer loop -(once for each witness that confirms that the candidate may be prime). -i is the loop counter (starting at 0). - -=item * - -When p has been found, B is called. - -=item * - -When the generator has been found, B is called. - -=back - -=head1 RETURN VALUE - -DSA_generate_parameters() returns a pointer to the DSA structure, or -B if the parameter generation fails. The error codes can be -obtained by L. - -=head1 BUGS - -Seed lengths E 20 are not supported. - -=head1 SEE ALSO - -L, L, L, -L - -=head1 HISTORY - -DSA_generate_parameters() appeared in SSLeay 0.8. The B -argument was added in SSLeay 0.9.0. -In versions up to OpenSSL 0.9.4, B was called -in the inner loop of the Miller-Rabin test whenever it reached the -squaring step (the parameters to B did not reveal how many -witnesses had been tested); since OpenSSL 0.9.5, B -is called as in BN_is_prime(3), i.e. once for each witness. -=cut diff --git a/src/lib/libcrypto/doc/DSA_get_ex_new_index.pod b/src/lib/libcrypto/doc/DSA_get_ex_new_index.pod deleted file mode 100644 index 4612e708ec..0000000000 --- a/src/lib/libcrypto/doc/DSA_get_ex_new_index.pod +++ /dev/null @@ -1,36 +0,0 @@ -=pod - -=head1 NAME - -DSA_get_ex_new_index, DSA_set_ex_data, DSA_get_ex_data - add application specific data to DSA structures - -=head1 SYNOPSIS - - #include - - int DSA_get_ex_new_index(long argl, void *argp, - CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, - CRYPTO_EX_free *free_func); - - int DSA_set_ex_data(DSA *d, int idx, void *arg); - - char *DSA_get_ex_data(DSA *d, int idx); - -=head1 DESCRIPTION - -These functions handle application specific data in DSA -structures. Their usage is identical to that of -RSA_get_ex_new_index(), RSA_set_ex_data() and RSA_get_ex_data() -as described in L. - -=head1 SEE ALSO - -L, L - -=head1 HISTORY - -DSA_get_ex_new_index(), DSA_set_ex_data() and DSA_get_ex_data() are -available since OpenSSL 0.9.5. - -=cut diff --git a/src/lib/libcrypto/doc/DSA_new.pod b/src/lib/libcrypto/doc/DSA_new.pod deleted file mode 100644 index 301af912dd..0000000000 --- a/src/lib/libcrypto/doc/DSA_new.pod +++ /dev/null @@ -1,41 +0,0 @@ -=pod - -=head1 NAME - -DSA_new, DSA_free - allocate and free DSA objects - -=head1 SYNOPSIS - - #include - - DSA* DSA_new(void); - - void DSA_free(DSA *dsa); - -=head1 DESCRIPTION - -DSA_new() allocates and initializes a B structure. - -DSA_free() frees the B structure and its components. The values are -erased before the memory is returned to the system. - -=head1 RETURN VALUES - -If the allocation fails, DSA_new() returns B and sets an error -code that can be obtained by -L. Otherwise it returns a pointer -to the newly allocated structure. - -DSA_free() returns no value. - -=head1 SEE ALSO - -L, L, -L, -L - -=head1 HISTORY - -DSA_new() and DSA_free() are available in all versions of SSLeay and OpenSSL. - -=cut diff --git a/src/lib/libcrypto/doc/DSA_set_method.pod b/src/lib/libcrypto/doc/DSA_set_method.pod deleted file mode 100644 index c56dfd0f47..0000000000 --- a/src/lib/libcrypto/doc/DSA_set_method.pod +++ /dev/null @@ -1,118 +0,0 @@ -=pod - -=head1 NAME - -DSA_set_default_openssl_method, DSA_get_default_openssl_method, -DSA_set_method, DSA_new_method, DSA_OpenSSL - select DSA method - -=head1 SYNOPSIS - - #include - #include - - void DSA_set_default_openssl_method(DSA_METHOD *meth); - - DSA_METHOD *DSA_get_default_openssl_method(void); - - int DSA_set_method(DSA *dsa, ENGINE *engine); - - DSA *DSA_new_method(ENGINE *engine); - - DSA_METHOD *DSA_OpenSSL(void); - -=head1 DESCRIPTION - -A B specifies the functions that OpenSSL uses for DSA -operations. By modifying the method, alternative implementations -such as hardware accelerators may be used. - -Initially, the default is to use the OpenSSL internal implementation. -DSA_OpenSSL() returns a pointer to that method. - -DSA_set_default_openssl_method() makes B the default method for -all DSA structures created later. B This is true only whilst the -default engine for DSA operations remains as "openssl". ENGINEs -provide an encapsulation for implementations of one or more algorithms at a -time, and all the DSA functions mentioned here operate within the scope -of the default "openssl" engine. - -DSA_get_default_openssl_method() returns a pointer to the current default -method for the "openssl" engine. - -DSA_set_method() selects B for all operations using the structure B. - -DSA_new_method() allocates and initializes a DSA structure so that -B will be used for the DSA operations. If B is NULL, -the default engine for DSA operations is used. - -=head1 THE DSA_METHOD STRUCTURE - -struct - { - /* name of the implementation */ - const char *name; - - /* sign */ - DSA_SIG *(*dsa_do_sign)(const unsigned char *dgst, int dlen, - DSA *dsa); - - /* pre-compute k^-1 and r */ - int (*dsa_sign_setup)(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, - BIGNUM **rp); - - /* verify */ - int (*dsa_do_verify)(const unsigned char *dgst, int dgst_len, - DSA_SIG *sig, DSA *dsa); - - /* compute rr = a1^p1 * a2^p2 mod m (May be NULL for some - implementations) */ - int (*dsa_mod_exp)(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1, - BIGNUM *a2, BIGNUM *p2, BIGNUM *m, - BN_CTX *ctx, BN_MONT_CTX *in_mont); - - /* compute r = a ^ p mod m (May be NULL for some implementations) */ - int (*bn_mod_exp)(DSA *dsa, BIGNUM *r, BIGNUM *a, - const BIGNUM *p, const BIGNUM *m, - BN_CTX *ctx, BN_MONT_CTX *m_ctx); - - /* called at DSA_new */ - int (*init)(DSA *DSA); - - /* called at DSA_free */ - int (*finish)(DSA *DSA); - - int flags; - - char *app_data; /* ?? */ - - } DSA_METHOD; - -=head1 RETURN VALUES - -DSA_OpenSSL() and DSA_get_default_openssl_method() return pointers to the -respective DSA_METHODs. - -DSA_set_default_openssl_method() returns no value. - -DSA_set_method() returns non-zero if the ENGINE associated with B -was successfully changed to B. - -DSA_new_method() returns NULL and sets an error code that can be -obtained by L if the allocation -fails. Otherwise it returns a pointer to the newly allocated structure. - -=head1 SEE ALSO - -L, L - -=head1 HISTORY - -DSA_set_default_method(), DSA_get_default_method(), DSA_set_method(), -DSA_new_method() and DSA_OpenSSL() were added in OpenSSL 0.9.4. - -DSA_set_default_openssl_method() and DSA_get_default_openssl_method() -replaced DSA_set_default_method() and DSA_get_default_method() respectively, -and DSA_set_method() and DSA_new_method() were altered to use Bs -rather than Bs during development of OpenSSL 0.9.6. - -=cut diff --git a/src/lib/libcrypto/doc/DSA_sign.pod b/src/lib/libcrypto/doc/DSA_sign.pod deleted file mode 100644 index 97389e8ec8..0000000000 --- a/src/lib/libcrypto/doc/DSA_sign.pod +++ /dev/null @@ -1,66 +0,0 @@ -=pod - -=head1 NAME - -DSA_sign, DSA_sign_setup, DSA_verify - DSA signatures - -=head1 SYNOPSIS - - #include - - int DSA_sign(int type, const unsigned char *dgst, int len, - unsigned char *sigret, unsigned int *siglen, DSA *dsa); - - int DSA_sign_setup(DSA *dsa, BN_CTX *ctx, BIGNUM **kinvp, - BIGNUM **rp); - - int DSA_verify(int type, const unsigned char *dgst, int len, - unsigned char *sigbuf, int siglen, DSA *dsa); - -=head1 DESCRIPTION - -DSA_sign() computes a digital signature on the B byte message -digest B using the private key B and places its ASN.1 DER -encoding at B. The length of the signature is places in -*B. B must point to DSA_size(B) bytes of memory. - -DSA_sign_setup() may be used to precompute part of the signing -operation in case signature generation is time-critical. It expects -B to contain DSA parameters. It places the precomputed values -in newly allocated Bs at *B and *B, after freeing -the old ones unless *B and *B are NULL. These values may -be passed to DSA_sign() in Bkinv> and Br>. -B is a pre-allocated B or NULL. - -DSA_verify() verifies that the signature B of size B -matches a given message digest B of size B. -B is the signer's public key. - -The B parameter is ignored. - -The PRNG must be seeded before DSA_sign() (or DSA_sign_setup()) -is called. - -=head1 RETURN VALUES - -DSA_sign() and DSA_sign_setup() return 1 on success, 0 on error. -DSA_verify() returns 1 for a valid signature, 0 for an incorrect -signature and -1 on error. The error codes can be obtained by -L. - -=head1 CONFORMING TO - -US Federal Information Processing Standard FIPS 186 (Digital Signature -Standard, DSS), ANSI X9.30 - -=head1 SEE ALSO - -L, L, L, -L - -=head1 HISTORY - -DSA_sign() and DSA_verify() are available in all versions of SSLeay. -DSA_sign_setup() was added in SSLeay 0.8. - -=cut diff --git a/src/lib/libcrypto/doc/DSA_size.pod b/src/lib/libcrypto/doc/DSA_size.pod deleted file mode 100644 index 23b6320a4d..0000000000 --- a/src/lib/libcrypto/doc/DSA_size.pod +++ /dev/null @@ -1,33 +0,0 @@ -=pod - -=head1 NAME - -DSA_size - get DSA signature size - -=head1 SYNOPSIS - - #include - - int DSA_size(DSA *dsa); - -=head1 DESCRIPTION - -This function returns the size of an ASN.1 encoded DSA signature in -bytes. It can be used to determine how much memory must be allocated -for a DSA signature. - -Bq> must not be B. - -=head1 RETURN VALUE - -The size in bytes. - -=head1 SEE ALSO - -L, L - -=head1 HISTORY - -DSA_size() is available in all versions of SSLeay and OpenSSL. - -=cut diff --git a/src/lib/libcrypto/doc/ERR_GET_LIB.pod b/src/lib/libcrypto/doc/ERR_GET_LIB.pod deleted file mode 100644 index 2a129da036..0000000000 --- a/src/lib/libcrypto/doc/ERR_GET_LIB.pod +++ /dev/null @@ -1,51 +0,0 @@ -=pod - -=head1 NAME - -ERR_GET_LIB, ERR_GET_FUNC, ERR_GET_REASON - get library, function and -reason code - -=head1 SYNOPSIS - - #include - - int ERR_GET_LIB(unsigned long e); - - int ERR_GET_FUNC(unsigned long e); - - int ERR_GET_REASON(unsigned long e); - -=head1 DESCRIPTION - -The error code returned by ERR_get_error() consists of a library -number, function code and reason code. ERR_GET_LIB(), ERR_GET_FUNC() -and ERR_GET_REASON() can be used to extract these. - -The library number and function code describe where the error -occurred, the reason code is the information about what went wrong. - -Each sub-library of OpenSSL has a unique library number; function and -reason codes are unique within each sub-library. Note that different -libraries may use the same value to signal different functions and -reasons. - -B reason codes such as B are globally -unique. However, when checking for sub-library specific reason codes, -be sure to also compare the library number. - -ERR_GET_LIB(), ERR_GET_FUNC() and ERR_GET_REASON() are macros. - -=head1 RETURN VALUES - -The library number, function code and reason code respectively. - -=head1 SEE ALSO - -L, L - -=head1 HISTORY - -ERR_GET_LIB(), ERR_GET_FUNC() and ERR_GET_REASON() are available in -all versions of SSLeay and OpenSSL. - -=cut diff --git a/src/lib/libcrypto/doc/ERR_clear_error.pod b/src/lib/libcrypto/doc/ERR_clear_error.pod deleted file mode 100644 index 566e1f4e31..0000000000 --- a/src/lib/libcrypto/doc/ERR_clear_error.pod +++ /dev/null @@ -1,29 +0,0 @@ -=pod - -=head1 NAME - -ERR_clear_error - clear the error queue - -=head1 SYNOPSIS - - #include - - void ERR_clear_error(void); - -=head1 DESCRIPTION - -ERR_clear_error() empties the current thread's error queue. - -=head1 RETURN VALUES - -ERR_clear_error() has no return value. - -=head1 SEE ALSO - -L, L - -=head1 HISTORY - -ERR_clear_error() is available in all versions of SSLeay and OpenSSL. - -=cut diff --git a/src/lib/libcrypto/doc/ERR_error_string.pod b/src/lib/libcrypto/doc/ERR_error_string.pod deleted file mode 100644 index e01beb817a..0000000000 --- a/src/lib/libcrypto/doc/ERR_error_string.pod +++ /dev/null @@ -1,73 +0,0 @@ -=pod - -=head1 NAME - -ERR_error_string, ERR_error_string_n, ERR_lib_error_string, -ERR_func_error_string, ERR_reason_error_string - obtain human-readable -error message - -=head1 SYNOPSIS - - #include - - char *ERR_error_string(unsigned long e, char *buf); - char *ERR_error_string_n(unsigned long e, char *buf, size_t len); - - const char *ERR_lib_error_string(unsigned long e); - const char *ERR_func_error_string(unsigned long e); - const char *ERR_reason_error_string(unsigned long e); - -=head1 DESCRIPTION - -ERR_error_string() generates a human-readable string representing the -error code I, and places it at I. I must be at least 120 -bytes long. If I is B, the error string is placed in a -static buffer. -ERR_error_string_n() is a variant of ERR_error_string() that writes -at most I characters (including the terminating 0) -and truncates the string if necessary. -For ERR_error_string_n(), I may not be B. - -The string will have the following format: - - error:[error code]:[library name]:[function name]:[reason string] - -I is an 8 digit hexadecimal number, I, -I and I are ASCII text. - -ERR_lib_error_string(), ERR_func_error_string() and -ERR_reason_error_string() return the library name, function -name and reason string respectively. - -The OpenSSL error strings should be loaded by calling -L or, for SSL -applications, L -first. -If there is no text string registered for the given error code, -the error string will contain the numeric code. - -L can be used to print -all error codes currently in the queue. - -=head1 RETURN VALUES - -ERR_error_string() returns a pointer to a static buffer containing the -string if I B<== NULL>, I otherwise. - -ERR_lib_error_string(), ERR_func_error_string() and -ERR_reason_error_string() return the strings, and B if -none is registered for the error code. - -=head1 SEE ALSO - -L, L, -L, -L -L - -=head1 HISTORY - -ERR_error_string() is available in all versions of SSLeay and OpenSSL. -ERR_error_string_n() was added in OpenSSL 0.9.6. - -=cut diff --git a/src/lib/libcrypto/doc/ERR_get_error.pod b/src/lib/libcrypto/doc/ERR_get_error.pod deleted file mode 100644 index 3551bacb8d..0000000000 --- a/src/lib/libcrypto/doc/ERR_get_error.pod +++ /dev/null @@ -1,63 +0,0 @@ -=pod - -=head1 NAME - -ERR_get_error, ERR_peek_error, ERR_get_error_line, ERR_peek_error_line, -ERR_get_error_line_data, ERR_peek_error_line_data - obtain error code and data - -=head1 SYNOPSIS - - #include - - unsigned long ERR_get_error(void); - unsigned long ERR_peek_error(void); - - unsigned long ERR_get_error_line(const char **file, int *line); - unsigned long ERR_peek_error_line(const char **file, int *line); - - unsigned long ERR_get_error_line_data(const char **file, int *line, - const char **data, int *flags); - unsigned long ERR_peek_error_line_data(const char **file, int *line, - const char **data, int *flags); - -=head1 DESCRIPTION - -ERR_get_error() returns the last error code from the thread's error -queue and removes the entry. This function can be called repeatedly -until there are no more error codes to return. - -ERR_peek_error() returns the last error code from the thread's -error queue without modifying it. - -See L for obtaining information about -location and reason of the error, and -L for human-readable error -messages. - -ERR_get_error_line() and ERR_peek_error_line() are the same as the -above, but they additionally store the file name and line number where -the error occurred in *B and *B, unless these are B. - -ERR_get_error_line_data() and ERR_peek_error_line_data() store -additional data and flags associated with the error code in *B -and *B, unless these are B. *B contains a string -if *B&B. If it has been allocated by OPENSSL_malloc(), -*B&B is true. - -=head1 RETURN VALUES - -The error code, or 0 if there is no error in the queue. - -=head1 SEE ALSO - -L, L, -L - -=head1 HISTORY - -ERR_get_error(), ERR_peek_error(), ERR_get_error_line() and -ERR_peek_error_line() are available in all versions of SSLeay and -OpenSSL. ERR_get_error_line_data() and ERR_peek_error_line_data() -were added in SSLeay 0.9.0. - -=cut diff --git a/src/lib/libcrypto/doc/ERR_load_crypto_strings.pod b/src/lib/libcrypto/doc/ERR_load_crypto_strings.pod deleted file mode 100644 index 9bdec75a46..0000000000 --- a/src/lib/libcrypto/doc/ERR_load_crypto_strings.pod +++ /dev/null @@ -1,46 +0,0 @@ -=pod - -=head1 NAME - -ERR_load_crypto_strings, SSL_load_error_strings, ERR_free_strings - -load and free error strings - -=head1 SYNOPSIS - - #include - - void ERR_load_crypto_strings(void); - void ERR_free_strings(void); - - #include - - void SSL_load_error_strings(void); - -=head1 DESCRIPTION - -ERR_load_crypto_strings() registers the error strings for all -B functions. SSL_load_error_strings() does the same, -but also registers the B error strings. - -One of these functions should be called before generating -textual error messages. However, this is not required when memory -usage is an issue. - -ERR_free_strings() frees all previously loaded error strings. - -=head1 RETURN VALUES - -ERR_load_crypto_strings(), SSL_load_error_strings() and -ERR_free_strings() return no values. - -=head1 SEE ALSO - -L, L - -=head1 HISTORY - -ERR_load_error_strings(), SSL_load_error_strings() and -ERR_free_strings() are available in all versions of SSLeay and -OpenSSL. - -=cut diff --git a/src/lib/libcrypto/doc/ERR_load_strings.pod b/src/lib/libcrypto/doc/ERR_load_strings.pod deleted file mode 100644 index 5acdd0edbc..0000000000 --- a/src/lib/libcrypto/doc/ERR_load_strings.pod +++ /dev/null @@ -1,54 +0,0 @@ -=pod - -=head1 NAME - -ERR_load_strings, ERR_PACK, ERR_get_next_error_library - load -arbitrary error strings - -=head1 SYNOPSIS - - #include - - void ERR_load_strings(int lib, ERR_STRING_DATA str[]); - - int ERR_get_next_error_library(void); - - unsigned long ERR_PACK(int lib, int func, int reason); - -=head1 DESCRIPTION - -ERR_load_strings() registers error strings for library number B. - -B is an array of error string data: - - typedef struct ERR_string_data_st - { - unsigned long error; - char *string; - } ERR_STRING_DATA; - -The error code is generated from the library number and a function and -reason code: B = ERR_PACK(B, B, B). -ERR_PACK() is a macro. - -The last entry in the array is {0,0}. - -ERR_get_next_error_library() can be used to assign library numbers -to user libraries at runtime. - -=head1 RETURN VALUE - -ERR_load_strings() returns no value. ERR_PACK() return the error code. -ERR_get_next_error_library() returns a new library number. - -=head1 SEE ALSO - -L, L - -=head1 HISTORY - -ERR_load_error_strings() and ERR_PACK() are available in all versions -of SSLeay and OpenSSL. ERR_get_next_error_library() was added in -SSLeay 0.9.0. - -=cut diff --git a/src/lib/libcrypto/doc/ERR_print_errors.pod b/src/lib/libcrypto/doc/ERR_print_errors.pod deleted file mode 100644 index b100a5fa2b..0000000000 --- a/src/lib/libcrypto/doc/ERR_print_errors.pod +++ /dev/null @@ -1,51 +0,0 @@ -=pod - -=head1 NAME - -ERR_print_errors, ERR_print_errors_fp - print error messages - -=head1 SYNOPSIS - - #include - - void ERR_print_errors(BIO *bp); - void ERR_print_errors_fp(FILE *fp); - -=head1 DESCRIPTION - -ERR_print_errors() is a convenience function that prints the error -strings for all errors that OpenSSL has recorded to B, thus -emptying the error queue. - -ERR_print_errors_fp() is the same, except that the output goes to a -B. - - -The error strings will have the following format: - - [pid]:error:[error code]:[library name]:[function name]:[reason string]:[file name]:[line]:[optional text message] - -I is an 8 digit hexadecimal number. I, -I and I are ASCII text, as is I if one was set for the respective error code. - -If there is no text string registered for the given error code, -the error string will contain the numeric code. - -=head1 RETURN VALUES - -ERR_print_errors() and ERR_print_errors_fp() return no values. - -=head1 SEE ALSO - -L, L, -L, -L, -L - -=head1 HISTORY - -ERR_print_errors() and ERR_print_errors_fp() -are available in all versions of SSLeay and OpenSSL. - -=cut diff --git a/src/lib/libcrypto/doc/ERR_put_error.pod b/src/lib/libcrypto/doc/ERR_put_error.pod deleted file mode 100644 index acd241fbe4..0000000000 --- a/src/lib/libcrypto/doc/ERR_put_error.pod +++ /dev/null @@ -1,44 +0,0 @@ -=pod - -=head1 NAME - -ERR_put_error, ERR_add_error_data - record an error - -=head1 SYNOPSIS - - #include - - void ERR_put_error(int lib, int func, int reason, const char *file, - int line); - - void ERR_add_error_data(int num, ...); - -=head1 DESCRIPTION - -ERR_put_error() adds an error code to the thread's error queue. It -signals that the error of reason code B occurred in function -B of library B, in line number B of B. -This function is usually called by a macro. - -ERR_add_error_data() associates the concatenation of its B string -arguments with the error code added last. - -L can be used to register -error strings so that the application can a generate human-readable -error messages for the error code. - -=head1 RETURN VALUES - -ERR_put_error() and ERR_add_error_data() return -no values. - -=head1 SEE ALSO - -L, L - -=head1 HISTORY - -ERR_put_error() is available in all versions of SSLeay and OpenSSL. -ERR_add_error_data() was added in SSLeay 0.9.0. - -=cut diff --git a/src/lib/libcrypto/doc/ERR_remove_state.pod b/src/lib/libcrypto/doc/ERR_remove_state.pod deleted file mode 100644 index 72925fb9f4..0000000000 --- a/src/lib/libcrypto/doc/ERR_remove_state.pod +++ /dev/null @@ -1,34 +0,0 @@ -=pod - -=head1 NAME - -ERR_remove_state - free a thread's error queue - -=head1 SYNOPSIS - - #include - - void ERR_remove_state(unsigned long pid); - -=head1 DESCRIPTION - -ERR_remove_state() frees the error queue associated with thread B. -If B == 0, the current thread will have its error queue removed. - -Since error queue data structures are allocated automatically for new -threads, they must be freed when threads are terminated in order to -avoid memory leaks. - -=head1 RETURN VALUE - -ERR_remove_state() returns no value. - -=head1 SEE ALSO - -L - -=head1 HISTORY - -ERR_remove_state() is available in all versions of SSLeay and OpenSSL. - -=cut diff --git a/src/lib/libcrypto/doc/EVP_DigestInit.pod b/src/lib/libcrypto/doc/EVP_DigestInit.pod deleted file mode 100644 index fefc858f7e..0000000000 --- a/src/lib/libcrypto/doc/EVP_DigestInit.pod +++ /dev/null @@ -1,202 +0,0 @@ -=pod - -=head1 NAME - -EVP_DigestInit, EVP_DigestUpdate, EVP_DigestFinal, EVP_MAX_MD_SIZE, -EVP_MD_CTX_copy, EVP_MD_type, EVP_MD_pkey_type, EVP_MD_size, EVP_MD_block_size, -EVP_MD_CTX_md, EVP_MD_CTX_size, EVP_MD_CTX_block_size, EVP_MD_CTX_type, -EVP_md_null, EVP_md2, EVP_md5, EVP_sha, EVP_sha1, EVP_dss, EVP_dss1, EVP_mdc2, -EVP_ripemd160, EVP_get_digestbyname, EVP_get_digestbynid, EVP_get_digestbyobj - -EVP digest routines - -=head1 SYNOPSIS - - #include - - void EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type); - void EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt); - void EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, - unsigned int *s); - - #define EVP_MAX_MD_SIZE (16+20) /* The SSLv3 md5+sha1 type */ - - int EVP_MD_CTX_copy(EVP_MD_CTX *out,EVP_MD_CTX *in); - - #define EVP_MD_type(e) ((e)->type) - #define EVP_MD_pkey_type(e) ((e)->pkey_type) - #define EVP_MD_size(e) ((e)->md_size) - #define EVP_MD_block_size(e) ((e)->block_size) - - #define EVP_MD_CTX_md(e) (e)->digest) - #define EVP_MD_CTX_size(e) EVP_MD_size((e)->digest) - #define EVP_MD_CTX_block_size(e) EVP_MD_block_size((e)->digest) - #define EVP_MD_CTX_type(e) EVP_MD_type((e)->digest) - - EVP_MD *EVP_md_null(void); - EVP_MD *EVP_md2(void); - EVP_MD *EVP_md5(void); - EVP_MD *EVP_sha(void); - EVP_MD *EVP_sha1(void); - EVP_MD *EVP_dss(void); - EVP_MD *EVP_dss1(void); - EVP_MD *EVP_mdc2(void); - EVP_MD *EVP_ripemd160(void); - - const EVP_MD *EVP_get_digestbyname(const char *name); - #define EVP_get_digestbynid(a) EVP_get_digestbyname(OBJ_nid2sn(a)) - #define EVP_get_digestbyobj(a) EVP_get_digestbynid(OBJ_obj2nid(a)) - -=head1 DESCRIPTION - -The EVP digest routines are a high level interface to message digests. - -EVP_DigestInit() initializes a digest context B to use a digest -B: this will typically be supplied by a function such as -EVP_sha1(). - -EVP_DigestUpdate() hashes B bytes of data at B into the -digest context B. This function can be called several times on the -same B to hash additional data. - -EVP_DigestFinal() retrieves the digest value from B and places -it in B. If the B parameter is not NULL then the number of -bytes of data written (i.e. the length of the digest) will be written -to the integer at B, at most B bytes will be written. -After calling EVP_DigestFinal() no additional calls to EVP_DigestUpdate() -can be made, but EVP_DigestInit() can be called to initialize a new -digest operation. - -EVP_MD_CTX_copy() can be used to copy the message digest state from -B to B. This is useful if large amounts of data are to be -hashed which only differ in the last few bytes. - -EVP_MD_size() and EVP_MD_CTX_size() return the size of the message digest -when passed an B or an B structure, i.e. the size of the -hash. - -EVP_MD_block_size() and EVP_MD_CTX_block_size() return the block size of the -message digest when passed an B or an B structure. - -EVP_MD_type() and EVP_MD_CTX_type() return the NID of the OBJECT IDENTIFIER -representing the given message digest when passed an B structure. -For example EVP_MD_type(EVP_sha1()) returns B. This function is -normally used when setting ASN1 OIDs. - -EVP_MD_CTX_md() returns the B structure corresponding to the passed -B. - -EVP_MD_pkey_type() returns the NID of the public key signing algorithm associated -with this digest. For example EVP_sha1() is associated with RSA so this will -return B. This "link" between digests and signature -algorithms may not be retained in future versions of OpenSSL. - -EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(), EVP_mdc2() and EVP_ripemd160() -return B structures for the MD2, MD5, SHA, SHA1, MDC2 and RIPEMD160 digest -algorithms respectively. The associated signature algorithm is RSA in each case. - -EVP_dss() and EVP_dss1() return B structures for SHA and SHA1 digest -algorithms but using DSS (DSA) for the signature algorithm. - -EVP_md_null() is a "null" message digest that does nothing: i.e. the hash it -returns is of zero length. - -EVP_get_digestbyname(), EVP_get_digestbynid() and EVP_get_digestbyobj() -return an B structure when passed a digest name, a digest NID or -an ASN1_OBJECT structure respectively. The digest table must be initialized -using, for example, OpenSSL_add_all_digests() for these functions to work. - -=head1 RETURN VALUES - -EVP_DigestInit(), EVP_DigestUpdate() and EVP_DigestFinal() do not return values. - -EVP_MD_CTX_copy() returns 1 if successful or 0 for failure. - -EVP_MD_type(), EVP_MD_pkey_type() and EVP_MD_type() return the NID of the -corresponding OBJECT IDENTIFIER or NID_undef if none exists. - -EVP_MD_size(), EVP_MD_block_size(), EVP_MD_CTX_size(e), EVP_MD_size(), -EVP_MD_CTX_block_size() and EVP_MD_block_size() return the digest or block -size in bytes. - -EVP_md_null(), EVP_md2(), EVP_md5(), EVP_sha(), EVP_sha1(), EVP_dss(), -EVP_dss1(), EVP_mdc2() and EVP_ripemd160() return pointers to the -corresponding EVP_MD structures. - -EVP_get_digestbyname(), EVP_get_digestbynid() and EVP_get_digestbyobj() -return either an B structure or NULL if an error occurs. - -=head1 NOTES - -The B interface to message digests should almost always be used in -preference to the low level interfaces. This is because the code then becomes -transparent to the digest used and much more flexible. - -SHA1 is the digest of choice for new applications. The other digest algorithms -are still in common use. - -=head1 EXAMPLE - -This example digests the data "Test Message\n" and "Hello World\n", using the -digest name passed on the command line. - - #include - #include - - main(int argc, char *argv[]) - { - EVP_MD_CTX mdctx; - const EVP_MD *md; - char mess1[] = "Test Message\n"; - char mess2[] = "Hello World\n"; - unsigned char md_value[EVP_MAX_MD_SIZE]; - int md_len, i; - - OpenSSL_add_all_digests(); - - if(!argv[1]) { - printf("Usage: mdtest digestname\n"); - exit(1); - } - - md = EVP_get_digestbyname(argv[1]); - - if(!md) { - printf("Unknown message digest %s\n", argv[1]); - exit(1); - } - - EVP_DigestInit(&mdctx, md); - EVP_DigestUpdate(&mdctx, mess1, strlen(mess1)); - EVP_DigestUpdate(&mdctx, mess2, strlen(mess2)); - EVP_DigestFinal(&mdctx, md_value, &md_len); - - printf("Digest is: "); - for(i = 0; i < md_len; i++) printf("%02x", md_value[i]); - printf("\n"); - } - -=head1 BUGS - -Several of the functions do not return values: maybe they should. Although the -internal digest operations will never fail some future hardware based operations -might. - -The link between digests and signing algorithms results in a situation where -EVP_sha1() must be used with RSA and EVP_dss1() must be used with DSS -even though they are identical digests. - -The size of an B structure is determined at compile time: this results -in code that must be recompiled if the size of B increases. - -=head1 SEE ALSO - -L, L, L, -L, L, L, -L - -=head1 HISTORY - -EVP_DigestInit(), EVP_DigestUpdate() and EVP_DigestFinal() are -available in all versions of SSLeay and OpenSSL. - -=cut diff --git a/src/lib/libcrypto/doc/EVP_EncryptInit.pod b/src/lib/libcrypto/doc/EVP_EncryptInit.pod deleted file mode 100644 index 9afe2396e2..0000000000 --- a/src/lib/libcrypto/doc/EVP_EncryptInit.pod +++ /dev/null @@ -1,359 +0,0 @@ -=pod - -=head1 NAME - -EVP_EncryptInit, EVP_EncryptUpdate, EVP_EncryptFinal, EVP_DecryptInit, -EVP_DecryptUpdate, EVP_DecryptFinal, EVP_CipherInit, EVP_CipherUpdate, -EVP_CipherFinal, EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX_ctrl, -EVP_CIPHER_CTX_cleanup, EVP_get_cipherbyname, EVP_get_cipherbynid, -EVP_get_cipherbyobj, EVP_CIPHER_nid, EVP_CIPHER_block_size, -EVP_CIPHER_key_length, EVP_CIPHER_iv_length, EVP_CIPHER_flags, -EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher, EVP_CIPHER_CTX_nid, -EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length, EVP_CIPHER_CTX_iv_length, -EVP_CIPHER_CTX_get_app_data, EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type, -EVP_CIPHER_CTX_flags, EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1, -EVP_CIPHER_asn1_to_param - EVP cipher routines - -=head1 SYNOPSIS - - #include - - int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, - unsigned char *key, unsigned char *iv); - int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, - int *outl, unsigned char *in, int inl); - int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, - int *outl); - - int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, - unsigned char *key, unsigned char *iv); - int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, - int *outl, unsigned char *in, int inl); - int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, - int *outl); - - int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, - unsigned char *key, unsigned char *iv, int enc); - int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, - int *outl, unsigned char *in, int inl); - int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, - int *outl); - - int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen); - int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr); - int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a); - - const EVP_CIPHER *EVP_get_cipherbyname(const char *name); - #define EVP_get_cipherbynid(a) EVP_get_cipherbyname(OBJ_nid2sn(a)) - #define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a)) - - #define EVP_CIPHER_nid(e) ((e)->nid) - #define EVP_CIPHER_block_size(e) ((e)->block_size) - #define EVP_CIPHER_key_length(e) ((e)->key_len) - #define EVP_CIPHER_iv_length(e) ((e)->iv_len) - #define EVP_CIPHER_flags(e) ((e)->flags) - #define EVP_CIPHER_mode(e) ((e)->flags) & EVP_CIPH_MODE) - int EVP_CIPHER_type(const EVP_CIPHER *ctx); - - #define EVP_CIPHER_CTX_cipher(e) ((e)->cipher) - #define EVP_CIPHER_CTX_nid(e) ((e)->cipher->nid) - #define EVP_CIPHER_CTX_block_size(e) ((e)->cipher->block_size) - #define EVP_CIPHER_CTX_key_length(e) ((e)->key_len) - #define EVP_CIPHER_CTX_iv_length(e) ((e)->cipher->iv_len) - #define EVP_CIPHER_CTX_get_app_data(e) ((e)->app_data) - #define EVP_CIPHER_CTX_set_app_data(e,d) ((e)->app_data=(char *)(d)) - #define EVP_CIPHER_CTX_type(c) EVP_CIPHER_type(EVP_CIPHER_CTX_cipher(c)) - #define EVP_CIPHER_CTX_flags(e) ((e)->cipher->flags) - #define EVP_CIPHER_CTX_mode(e) ((e)->cipher->flags & EVP_CIPH_MODE) - - int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type); - int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type); - -=head1 DESCRIPTION - -The EVP cipher routines are a high level interface to certain -symmetric ciphers. - -EVP_EncryptInit() initializes a cipher context B for encryption -with cipher B. B is normally supplied by a function such -as EVP_des_cbc() . B is the symmetric key to use and B is the -IV to use (if necessary), the actual number of bytes used for the -key and IV depends on the cipher. It is possible to set all parameters -to NULL except B in an initial call and supply the remaining -parameters in subsequent calls, all of which have B set to NULL. -This is done when the default cipher parameters are not appropriate. - -EVP_EncryptUpdate() encrypts B bytes from the buffer B and -writes the encrypted version to B. This function can be called -multiple times to encrypt successive blocks of data. The amount -of data written depends on the block alignment of the encrypted data: -as a result the amount of data written may be anything from zero bytes -to (inl + cipher_block_size - 1) so B should contain sufficient -room. The actual number of bytes written is placed in B. - -EVP_EncryptFinal() encrypts the "final" data, that is any data that -remains in a partial block. It uses L (aka PKCS -padding). The encrypted final data is written to B which should -have sufficient space for one cipher block. The number of bytes written -is placed in B. After this function is called the encryption operation -is finished and no further calls to EVP_EncryptUpdate() should be made. - -EVP_DecryptInit(), EVP_DecryptUpdate() and EVP_DecryptFinal() are the -corresponding decryption operations. EVP_DecryptFinal() will return an -error code if the final block is not correctly formatted. The parameters -and restrictions are identical to the encryption operations except that -the decrypted data buffer B passed to EVP_DecryptUpdate() should -have sufficient room for (B + cipher_block_size) bytes unless the -cipher block size is 1 in which case B bytes is sufficient. - -EVP_CipherInit(), EVP_CipherUpdate() and EVP_CipherFinal() are functions -that can be used for decryption or encryption. The operation performed -depends on the value of the B parameter. It should be set to 1 for -encryption, 0 for decryption and -1 to leave the value unchanged (the -actual value of 'enc' being supplied in a previous call). - -EVP_CIPHER_CTX_cleanup() clears all information from a cipher context. -It should be called after all operations using a cipher are complete -so sensitive information does not remain in memory. - -EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() -return an EVP_CIPHER structure when passed a cipher name, a NID or an -ASN1_OBJECT structure. - -EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return the NID of a cipher when -passed an B or B structure. The actual NID -value is an internal value which may not have a corresponding OBJECT -IDENTIFIER. - -EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key -length of a cipher when passed an B or B -structure. The constant B is the maximum key length -for all ciphers. Note: although EVP_CIPHER_key_length() is fixed for a -given cipher, the value of EVP_CIPHER_CTX_key_length() may be different -for variable key length ciphers. - -EVP_CIPHER_CTX_set_key_length() sets the key length of the cipher ctx. -If the cipher is a fixed length cipher then attempting to set the key -length to any value other than the fixed value is an error. - -EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV -length of a cipher when passed an B or B. -It will return zero if the cipher does not use an IV. The constant -B is the maximum IV length for all ciphers. - -EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block -size of a cipher when passed an B or B -structure. The constant B is also the maximum block -length for all ciphers. - -EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the type of the passed -cipher or context. This "type" is the actual NID of the cipher OBJECT -IDENTIFIER as such it ignores the cipher parameters and 40 bit RC2 and -128 bit RC2 have the same NID. If the cipher does not have an object -identifier or does not have ASN1 support this function will return -B. - -EVP_CIPHER_CTX_cipher() returns the B structure when passed -an B structure. - -EVP_CIPHER_mode() and EVP_CIPHER_CTX_mode() return the block cipher mode: -EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE or -EVP_CIPH_OFB_MODE. If the cipher is a stream cipher then -EVP_CIPH_STREAM_CIPHER is returned. - -EVP_CIPHER_param_to_asn1() sets the AlgorithmIdentifier "parameter" based -on the passed cipher. This will typically include any parameters and an -IV. The cipher IV (if any) must be set when this call is made. This call -should be made before the cipher is actually "used" (before any -EVP_EncryptUpdate(), EVP_DecryptUpdate() calls for example). This function -may fail if the cipher does not have any ASN1 support. - -EVP_CIPHER_asn1_to_param() sets the cipher parameters based on an ASN1 -AlgorithmIdentifier "parameter". The precise effect depends on the cipher -In the case of RC2, for example, it will set the IV and effective key length. -This function should be called after the base cipher type is set but before -the key is set. For example EVP_CipherInit() will be called with the IV and -key set to NULL, EVP_CIPHER_asn1_to_param() will be called and finally -EVP_CipherInit() again with all parameters except the key set to NULL. It is -possible for this function to fail if the cipher does not have any ASN1 support -or the parameters cannot be set (for example the RC2 effective key length -is not supported. - -EVP_CIPHER_CTX_ctrl() allows various cipher specific parameters to be determined -and set. Currently only the RC2 effective key length and the number of rounds of -RC5 can be set. - -=head1 RETURN VALUES - -EVP_EncryptInit(), EVP_EncryptUpdate() and EVP_EncryptFinal() return 1 for success -and 0 for failure. - -EVP_DecryptInit() and EVP_DecryptUpdate() return 1 for success and 0 for failure. -EVP_DecryptFinal() returns 0 if the decrypt failed or 1 for success. - -EVP_CipherInit() and EVP_CipherUpdate() return 1 for success and 0 for failure. -EVP_CipherFinal() returns 1 for a decryption failure or 1 for success. - -EVP_CIPHER_CTX_cleanup() returns 1 for success and 0 for failure. - -EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj() -return an B structure or NULL on error. - -EVP_CIPHER_nid() and EVP_CIPHER_CTX_nid() return a NID. - -EVP_CIPHER_block_size() and EVP_CIPHER_CTX_block_size() return the block -size. - -EVP_CIPHER_key_length() and EVP_CIPHER_CTX_key_length() return the key -length. - -EVP_CIPHER_iv_length() and EVP_CIPHER_CTX_iv_length() return the IV -length or zero if the cipher does not use an IV. - -EVP_CIPHER_type() and EVP_CIPHER_CTX_type() return the NID of the cipher's -OBJECT IDENTIFIER or NID_undef if it has no defined OBJECT IDENTIFIER. - -EVP_CIPHER_CTX_cipher() returns an B structure. - -EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return 1 for -success or zero for failure. - -=head1 CIPHER LISTING - -All algorithms have a fixed key length unless otherwise stated. - -=over 4 - -=item EVP_enc_null() - -Null cipher: does nothing. - -=item EVP_des_cbc(void), EVP_des_ecb(void), EVP_des_cfb(void), EVP_des_ofb(void) - -DES in CBC, ECB, CFB and OFB modes respectively. - -=item EVP_des_ede_cbc(void), EVP_des_ede(), EVP_des_ede_ofb(void), EVP_des_ede_cfb(void) - -Two key triple DES in CBC, ECB, CFB and OFB modes respectively. - -=item EVP_des_ede3_cbc(void), EVP_des_ede3(), EVP_des_ede3_ofb(void), EVP_des_ede3_cfb(void) - -Three key triple DES in CBC, ECB, CFB and OFB modes respectively. - -=item EVP_desx_cbc(void) - -DESX algorithm in CBC mode. - -=item EVP_rc4(void) - -RC4 stream cipher. This is a variable key length cipher with default key length 128 bits. - -=item EVP_rc4_40(void) - -RC4 stream cipher with 40 bit key length. This is obsolete and new code should use EVP_rc4() -and the EVP_CIPHER_CTX_set_key_length() function. - -=item EVP_idea_cbc() EVP_idea_ecb(void), EVP_idea_cfb(void), EVP_idea_ofb(void), EVP_idea_cbc(void) - -IDEA encryption algorithm in CBC, ECB, CFB and OFB modes respectively. - -=item EVP_rc2_cbc(void), EVP_rc2_ecb(void), EVP_rc2_cfb(void), EVP_rc2_ofb(void) - -RC2 encryption algorithm in CBC, ECB, CFB and OFB modes respectively. This is a variable key -length cipher with an additional parameter called "effective key bits" or "effective key length". -By default both are set to 128 bits. - -=item EVP_rc2_40_cbc(void), EVP_rc2_64_cbc(void) - -RC2 algorithm in CBC mode with a default key length and effective key length of 40 and 64 bits. -These are obsolete and new code should use EVP_rc2_cbc(), EVP_CIPHER_CTX_set_key_length() and -EVP_CIPHER_CTX_ctrl() to set the key length and effective key length. - -=item EVP_bf_cbc(void), EVP_bf_ecb(void), EVP_bf_cfb(void), EVP_bf_ofb(void); - -Blowfish encryption algorithm in CBC, ECB, CFB and OFB modes respectively. This is a variable key -length cipher. - -=item EVP_cast5_cbc(void), EVP_cast5_ecb(void), EVP_cast5_cfb(void), EVP_cast5_ofb(void) - -CAST encryption algorithm in CBC, ECB, CFB and OFB modes respectively. This is a variable key -length cipher. - -=item EVP_rc5_32_12_16_cbc(void), EVP_rc5_32_12_16_ecb(void), EVP_rc5_32_12_16_cfb(void), EVP_rc5_32_12_16_ofb(void) - -RC5 encryption algorithm in CBC, ECB, CFB and OFB modes respectively. This is a variable key length -cipher with an additional "number of rounds" parameter. By default the key length is set to 128 -bits and 12 rounds. - -=back - -=head1 NOTES - -Where possible the B interface to symmetric ciphers should be used in -preference to the low level interfaces. This is because the code then becomes -transparent to the cipher used and much more flexible. - -PKCS padding works by adding B padding bytes of value B to make the total -length of the encrypted data a multiple of the block size. Padding is always -added so if the data is already a multiple of the block size B will equal -the block size. For example if the block size is 8 and 11 bytes are to be -encrypted then 5 padding bytes of value 5 will be added. - -When decrypting the final block is checked to see if it has the correct form. - -Although the decryption operation can produce an error, it is not a strong -test that the input data or key is correct. A random block has better than -1 in 256 chance of being of the correct format and problems with the -input data earlier on will not produce a final decrypt error. - -The functions EVP_EncryptInit(), EVP_EncryptUpdate(), EVP_EncryptFinal(), -EVP_DecryptInit(), EVP_DecryptUpdate(), EVP_CipherInit() and EVP_CipherUpdate() -and EVP_CIPHER_CTX_cleanup() did not return errors in OpenSSL version 0.9.5a or -earlier. Software only versions of encryption algorithms will never return -error codes for these functions, unless there is a programming error (for example -and attempt to set the key before the cipher is set in EVP_EncryptInit() ). - -=head1 BUGS - -For RC5 the number of rounds can currently only be set to 8, 12 or 16. This is -a limitation of the current RC5 code rather than the EVP interface. - -It should be possible to disable PKCS padding: currently it isn't. - -EVP_MAX_KEY_LENGTH and EVP_MAX_IV_LENGTH only refer to the internal ciphers with -default key lengths. If custom ciphers exceed these values the results are -unpredictable. This is because it has become standard practice to define a -generic key as a fixed unsigned char array containing EVP_MAX_KEY_LENGTH bytes. - -The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested -for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode. - -=head1 EXAMPLES - -Get the number of rounds used in RC5: - - int nrounds; - EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GET_RC5_ROUNDS, 0, &i); - -Get the RC2 effective key length: - - int key_bits; - EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GET_RC2_KEY_BITS, 0, &i); - -Set the number of rounds used in RC5: - - int nrounds; - EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_SET_RC5_ROUNDS, i, NULL); - -Set the number of rounds used in RC2: - - int nrounds; - EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_SET_RC2_KEY_BITS, i, NULL); - -=head1 SEE ALSO - -L - -=head1 HISTORY - -=cut diff --git a/src/lib/libcrypto/doc/EVP_OpenInit.pod b/src/lib/libcrypto/doc/EVP_OpenInit.pod deleted file mode 100644 index 2e710da945..0000000000 --- a/src/lib/libcrypto/doc/EVP_OpenInit.pod +++ /dev/null @@ -1,63 +0,0 @@ -=pod - -=head1 NAME - -EVP_OpenInit, EVP_OpenUpdate, EVP_OpenFinal - EVP envelope decryption - -=head1 SYNOPSIS - - #include - - int EVP_OpenInit(EVP_CIPHER_CTX *ctx,EVP_CIPHER *type,unsigned char *ek, - int ekl,unsigned char *iv,EVP_PKEY *priv); - int EVP_OpenUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, - int *outl, unsigned char *in, int inl); - int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, - int *outl); - -=head1 DESCRIPTION - -The EVP envelope routines are a high level interface to envelope -decryption. They decrypt a public key encrypted symmetric key and -then decrypt data using it. - -EVP_OpenInit() initializes a cipher context B for decryption -with cipher B. It decrypts the encrypted symmetric key of length -B bytes passed in the B parameter using the private key B. -The IV is supplied in the B parameter. - -EVP_OpenUpdate() and EVP_OpenFinal() have exactly the same properties -as the EVP_DecryptUpdate() and EVP_DecryptFinal() routines, as -documented on the L manual -page. - -=head1 NOTES - -It is possible to call EVP_OpenInit() twice in the same way as -EVP_DecryptInit(). The first call should have B set to NULL -and (after setting any cipher parameters) it should be called again -with B set to NULL. - -If the cipher passed in the B parameter is a variable length -cipher then the key length will be set to the value of the recovered -key length. If the cipher is a fixed length cipher then the recovered -key length must match the fixed cipher length. - -=head1 RETURN VALUES - -EVP_OpenInit() returns 0 on error or a non zero integer (actually the -recovered secret key size) if successful. - -EVP_OpenUpdate() returns 1 for success or 0 for failure. - -EVP_OpenFinal() returns 0 if the decrypt failed or 1 for success. - -=head1 SEE ALSO - -L, L, -L, -L - -=head1 HISTORY - -=cut diff --git a/src/lib/libcrypto/doc/EVP_SealInit.pod b/src/lib/libcrypto/doc/EVP_SealInit.pod deleted file mode 100644 index 0451eb648a..0000000000 --- a/src/lib/libcrypto/doc/EVP_SealInit.pod +++ /dev/null @@ -1,76 +0,0 @@ -=pod - -=head1 NAME - -EVP_SealInit, EVP_SealUpdate, EVP_SealFinal - EVP envelope encryption - -=head1 SYNOPSIS - - #include - - int EVP_SealInit(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, unsigned char **ek, - int *ekl, unsigned char *iv,EVP_PKEY **pubk, int npubk); - int EVP_SealUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, - int *outl, unsigned char *in, int inl); - int EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, - int *outl); - -=head1 DESCRIPTION - -The EVP envelope routines are a high level interface to envelope -encryption. They generate a random key and then "envelope" it by -using public key encryption. Data can then be encrypted using this -key. - -EVP_SealInit() initializes a cipher context B for encryption -with cipher B using a random secret key and IV supplied in -the B parameter. B is normally supplied by a function such -as EVP_des_cbc(). The secret key is encrypted using one or more public -keys, this allows the same encrypted data to be decrypted using any -of the corresponding private keys. B is an array of buffers where -the public key encrypted secret key will be written, each buffer must -contain enough room for the corresponding encrypted key: that is -B must have room for B bytes. The actual -size of each encrypted secret key is written to the array B. B is -an array of B public keys. - -EVP_SealUpdate() and EVP_SealFinal() have exactly the same properties -as the EVP_EncryptUpdate() and EVP_EncryptFinal() routines, as -documented on the L manual -page. - -=head1 RETURN VALUES - -EVP_SealInit() returns 0 on error or B if successful. - -EVP_SealUpdate() and EVP_SealFinal() return 1 for success and 0 for -failure. - -=head1 NOTES - -Because a random secret key is generated the random number generator -must be seeded before calling EVP_SealInit(). - -The public key must be RSA because it is the only OpenSSL public key -algorithm that supports key transport. - -Envelope encryption is the usual method of using public key encryption -on large amounts of data, this is because public key encryption is slow -but symmetric encryption is fast. So symmetric encryption is used for -bulk encryption and the small random symmetric key used is transferred -using public key encryption. - -It is possible to call EVP_SealInit() twice in the same way as -EVP_EncryptInit(). The first call should have B set to 0 -and (after setting any cipher parameters) it should be called again -with B set to NULL. - -=head1 SEE ALSO - -L, L, -L, -L - -=head1 HISTORY - -=cut diff --git a/src/lib/libcrypto/doc/EVP_SignInit.pod b/src/lib/libcrypto/doc/EVP_SignInit.pod deleted file mode 100644 index d5ce245ecd..0000000000 --- a/src/lib/libcrypto/doc/EVP_SignInit.pod +++ /dev/null @@ -1,85 +0,0 @@ -=pod - -=head1 NAME - -EVP_SignInit, EVP_SignUpdate, EVP_SignFinal - EVP signing functions - -=head1 SYNOPSIS - - #include - - void EVP_SignInit(EVP_MD_CTX *ctx, const EVP_MD *type); - void EVP_SignUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt); - int EVP_SignFinal(EVP_MD_CTX *ctx,unsigned char *sig,unsigned int *s, EVP_PKEY *pkey); - - int EVP_PKEY_size(EVP_PKEY *pkey); - -=head1 DESCRIPTION - -The EVP signature routines are a high level interface to digital -signatures. - -EVP_SignInit() initializes a signing context B to using digest -B: this will typically be supplied by a function such as -EVP_sha1(). - -EVP_SignUpdate() hashes B bytes of data at B into the -signature context B. This function can be called several times on the -same B to include additional data. - -EVP_SignFinal() signs the data in B using the private key B -and places the signature in B. If the B parameter is not NULL -then the number of bytes of data written (i.e. the length of the signature) -will be written to the integer at B, at most EVP_PKEY_size(pkey) bytes -will be written. After calling EVP_SignFinal() no additional calls to -EVP_SignUpdate() can be made, but EVP_SignInit() can be called to initialize -a new signature operation. - -EVP_PKEY_size() returns the maximum size of a signature in bytes. The actual -signature returned by EVP_SignFinal() may be smaller. - -=head1 RETURN VALUES - -EVP_SignInit() and EVP_SignUpdate() do not return values. - -EVP_SignFinal() returns 1 for success and 0 for failure. - -EVP_PKEY_size() returns the maximum size of a signature in bytes. - -The error codes can be obtained by L. - -=head1 NOTES - -The B interface to digital signatures should almost always be used in -preference to the low level interfaces. This is because the code then becomes -transparent to the algorithm used and much more flexible. - -Due to the link between message digests and public key algorithms the correct -digest algorithm must be used with the correct public key type. A list of -algorithms and associated public key algorithms appears in -L. - -When signing with DSA private keys the random number generator must be seeded -or the operation will fail. The random number generator does not need to be -seeded for RSA signatures. - -=head1 BUGS - -Several of the functions do not return values: maybe they should. Although the -internal digest operations will never fail some future hardware based operations -might. - -=head1 SEE ALSO - -L, -L, L, -L, L, L, -L, L, L, -L, L - -=head1 HISTORY - -EVP_SignInit(), EVP_SignUpdate() and EVP_SignFinal() are -available in all versions of SSLeay and OpenSSL. - -=cut diff --git a/src/lib/libcrypto/doc/EVP_VerifyInit.pod b/src/lib/libcrypto/doc/EVP_VerifyInit.pod deleted file mode 100644 index 736a0f4a82..0000000000 --- a/src/lib/libcrypto/doc/EVP_VerifyInit.pod +++ /dev/null @@ -1,72 +0,0 @@ -=pod - -=head1 NAME - -EVP_VerifyInit, EVP_VerifyUpdate, EVP_VerifyFinal - EVP signature verification functions - -=head1 SYNOPSIS - - #include - - void EVP_VerifyInit(EVP_MD_CTX *ctx, const EVP_MD *type); - void EVP_VerifyUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt); - int EVP_VerifyFinal(EVP_MD_CTX *ctx,unsigned char *sigbuf, unsigned int siglen,EVP_PKEY *pkey); - -=head1 DESCRIPTION - -The EVP signature verification routines are a high level interface to digital -signatures. - -EVP_VerifyInit() initializes a verification context B to using digest -B: this will typically be supplied by a function such as EVP_sha1(). - -EVP_VerifyUpdate() hashes B bytes of data at B into the -verification context B. This function can be called several times on the -same B to include additional data. - -EVP_VerifyFinal() verifies the data in B using the public key B -and against the B bytes at B. After calling EVP_VerifyFinal() -no additional calls to EVP_VerifyUpdate() can be made, but EVP_VerifyInit() -can be called to initialize a new verification operation. - -=head1 RETURN VALUES - -EVP_VerifyInit() and EVP_VerifyUpdate() do not return values. - -EVP_VerifyFinal() returns 1 for a correct signature, 0 for failure and -1 if some -other error occurred. - -The error codes can be obtained by L. - -=head1 NOTES - -The B interface to digital signatures should almost always be used in -preference to the low level interfaces. This is because the code then becomes -transparent to the algorithm used and much more flexible. - -Due to the link between message digests and public key algorithms the correct -digest algorithm must be used with the correct public key type. A list of -algorithms and associated public key algorithms appears in -L. - -=head1 BUGS - -Several of the functions do not return values: maybe they should. Although the -internal digest operations will never fail some future hardware based operations -might. - -=head1 SEE ALSO - -L, -L, -L, L, -L, L, L, -L, L, L, -L, L - -=head1 HISTORY - -EVP_VerifyInit(), EVP_VerifyUpdate() and EVP_VerifyFinal() are -available in all versions of SSLeay and OpenSSL. - -=cut diff --git a/src/lib/libcrypto/doc/OPENSSL_VERSION_NUMBER.pod b/src/lib/libcrypto/doc/OPENSSL_VERSION_NUMBER.pod deleted file mode 100644 index 68ea723259..0000000000 --- a/src/lib/libcrypto/doc/OPENSSL_VERSION_NUMBER.pod +++ /dev/null @@ -1,88 +0,0 @@ -=pod - -=head1 NAME - -OPENSSL_VERSION_NUMBER, SSLeay SSLeay_version - get OpenSSL version number - -=head1 SYNOPSIS - - #include - #define OPENSSL_VERSION_NUMBER 0xnnnnnnnnnL - - #include - long SSLeay(void); - char *SSLeay_version(int t); - -=head1 DESCRIPTION - -OPENSSL_VERSION_NUMBER is a numeric release version identifier: - - MMNNFFPPS: major minor fix patch status - -The status nibble has one of the values 0 for development, 1 to e for betas -1 to 14, and f for release. - -for example - - 0x000906000 == 0.9.6 dev - 0x000906023 == 0.9.6b beta 3 - 0x00090605f == 0.9.6e release - -Versions prior to 0.9.3 have identifiers E 0x0930. -Versions between 0.9.3 and 0.9.5 had a version identifier with this -interpretation: - - MMNNFFRBB major minor fix final beta/patch - -for example - - 0x000904100 == 0.9.4 release - 0x000905000 == 0.9.5 dev - -Version 0.9.5a had an interim interpretation that is like the current one, -except the patch level got the highest bit set, to keep continuity. The -number was therefore 0x0090581f. - - -For backward compatibility, SSLEAY_VERSION_NUMBER is also defined. - -SSLeay() returns this number. The return value can be compared to the -macro to make sure that the correct version of the library has been -loaded, especially when using DLLs on Windows systems. - -SSLeay_version() returns different strings depending on B: - -=over 4 - -=item SSLEAY_VERSION -The text variant of the version number and the release date. For example, -"OpenSSL 0.9.5a 1 Apr 2000". - -=item SSLEAY_CFLAGS -The flags given to the C compiler when compiling OpenSSL are returned in a -string. - -=item SSLEAY_PLATFORM -The platform name used when OpenSSL was configured is returned. - -=back - -If the data request isn't available, a text saying that the information is -not available is returned. - -For an unknown B, the text "not available" is returned. - -=head1 RETURN VALUE - -The version number. - -=head1 SEE ALSO - -L - -=head1 HISTORY - -SSLeay() and SSLEAY_VERSION_NUMBER are available in all versions of SSLeay and OpenSSL. -OPENSSL_VERSION_NUMBER is available in all versions of OpenSSL. - -=cut diff --git a/src/lib/libcrypto/doc/OpenSSL_add_all_algorithms.pod b/src/lib/libcrypto/doc/OpenSSL_add_all_algorithms.pod deleted file mode 100644 index e63411b5bb..0000000000 --- a/src/lib/libcrypto/doc/OpenSSL_add_all_algorithms.pod +++ /dev/null @@ -1,66 +0,0 @@ -=pod - -=head1 NAME - -OpenSSL_add_all_algorithms, OpenSSL_add_all_ciphers, OpenSSL_add_all_digests - -add algorithms to internal table - -=head1 SYNOPSIS - - #include - - void OpenSSL_add_all_algorithms(void); - void OpenSSL_add_all_ciphers(void); - void OpenSSL_add_all_digests(void); - - void EVP_cleanup(void); - -=head1 DESCRIPTION - -OpenSSL keeps an internal table of digest algorithms and ciphers. It uses -this table to lookup ciphers via functions such as EVP_get_cipher_byname(). - -OpenSSL_add_all_digests() adds all digest algorithms to the table. - -OpenSSL_add_all_algorithms() adds all algorithms to the table (digests and -ciphers). - -OpenSSL_add_all_ciphers() adds all encryption algorithms to the table including -password based encryption algorithms. - -EVP_cleanup() removes all ciphers and digests from the table. - -=head1 RETURN VALUES - -None of the functions return a value. - -=head1 NOTES - -A typical application will call OpenSSL_add_all_algorithms() initially and -EVP_cleanup() before exiting. - -An application does not need to add algorithms to use them explicitly, for example -by EVP_sha1(). It just needs to add them if it (or any of the functions it calls) -needs to lookup algorithms. - -The cipher and digest lookup functions are used in many parts of the library. If -the table is not initialized several functions will misbehave and complain they -cannot find algorithms. This includes the PEM, PKCS#12, SSL and S/MIME libraries. -This is a common query in the OpenSSL mailing lists. - -Calling OpenSSL_add_all_algorithms() links in all algorithms: as a result a -statically linked executable can be quite large. If this is important it is possible -to just add the required ciphers and digests. - -=head1 BUGS - -Although the functions do not return error codes it is possible for them to fail. -This will only happen as a result of a memory allocation failure so this is not -too much of a problem in practice. - -=head1 SEE ALSO - -L, L, -L - -=cut diff --git a/src/lib/libcrypto/doc/RAND_add.pod b/src/lib/libcrypto/doc/RAND_add.pod deleted file mode 100644 index 67c66f3e0c..0000000000 --- a/src/lib/libcrypto/doc/RAND_add.pod +++ /dev/null @@ -1,77 +0,0 @@ -=pod - -=head1 NAME - -RAND_add, RAND_seed, RAND_status, RAND_event, RAND_screen - add -entropy to the PRNG - -=head1 SYNOPSIS - - #include - - void RAND_seed(const void *buf, int num); - - void RAND_add(const void *buf, int num, double entropy); - - int RAND_status(void); - - int RAND_event(UINT iMsg, WPARAM wParam, LPARAM lParam); - void RAND_screen(void); - -=head1 DESCRIPTION - -RAND_add() mixes the B bytes at B into the PRNG state. Thus, -if the data at B are unpredictable to an adversary, this -increases the uncertainty about the state and makes the PRNG output -less predictable. Suitable input comes from user interaction (random -key presses, mouse movements) and certain hardware events. The -B argument is (the lower bound of) an estimate of how much -randomness is contained in B, measured in bytes. Details about -sources of randomness and how to estimate their entropy can be found -in the literature, e.g. RFC 1750. - -RAND_add() may be called with sensitive data such as user entered -passwords. The seed values cannot be recovered from the PRNG output. - -OpenSSL makes sure that the PRNG state is unique for each thread. On -systems that provide C, the randomness device is used -to seed the PRNG transparently. However, on all other systems, the -application is responsible for seeding the PRNG by calling RAND_add(), -L -or L. - -RAND_seed() is equivalent to RAND_add() when B. - -RAND_event() collects the entropy from Windows events such as mouse -movements and other user interaction. It should be called with the -B, B and B arguments of I messages sent to -the window procedure. It will estimate the entropy contained in the -event message (if any), and add it to the PRNG. The program can then -process the messages as usual. - -The RAND_screen() function is available for the convenience of Windows -programmers. It adds the current contents of the screen to the PRNG. -For applications that can catch Windows events, seeding the PRNG by -calling RAND_event() is a significantly better source of -randomness. It should be noted that both methods cannot be used on -servers that run without user interaction. - -=head1 RETURN VALUES - -RAND_status() and RAND_event() return 1 if the PRNG has been seeded -with enough data, 0 otherwise. - -The other functions do not return values. - -=head1 SEE ALSO - -L, L, -L, L - -=head1 HISTORY - -RAND_seed() and RAND_screen() are available in all versions of SSLeay -and OpenSSL. RAND_add() and RAND_status() have been added in OpenSSL -0.9.5, RAND_event() in OpenSSL 0.9.5a. - -=cut diff --git a/src/lib/libcrypto/doc/RAND_bytes.pod b/src/lib/libcrypto/doc/RAND_bytes.pod deleted file mode 100644 index b03748b918..0000000000 --- a/src/lib/libcrypto/doc/RAND_bytes.pod +++ /dev/null @@ -1,46 +0,0 @@ -=pod - -=head1 NAME - -RAND_bytes, RAND_pseudo_bytes - generate random data - -=head1 SYNOPSIS - - #include - - int RAND_bytes(unsigned char *buf, int num); - - int RAND_pseudo_bytes(unsigned char *buf, int num); - -=head1 DESCRIPTION - -RAND_bytes() puts B cryptographically strong pseudo-random bytes -into B. An error occurs if the PRNG has not been seeded with -enough randomness to ensure an unpredictable byte sequence. - -RAND_pseudo_bytes() puts B pseudo-random bytes into B. -Pseudo-random byte sequences generated by RAND_pseudo_bytes() will be -unique if they are of sufficient length, but are not necessarily -unpredictable. They can be used for non-cryptographic purposes and for -certain purposes in cryptographic protocols, but usually not for key -generation etc. - -=head1 RETURN VALUES - -RAND_bytes() returns 1 on success, 0 otherwise. The error code can be -obtained by L. RAND_pseudo_bytes() returns 1 if the -bytes generated are cryptographically strong, 0 otherwise. Both -functions return -1 if they are not supported by the current RAND -method. - -=head1 SEE ALSO - -L, L, L - -=head1 HISTORY - -RAND_bytes() is available in all versions of SSLeay and OpenSSL. It -has a return value since OpenSSL 0.9.5. RAND_pseudo_bytes() was added -in OpenSSL 0.9.5. - -=cut diff --git a/src/lib/libcrypto/doc/RAND_cleanup.pod b/src/lib/libcrypto/doc/RAND_cleanup.pod deleted file mode 100644 index 3a8f0749a8..0000000000 --- a/src/lib/libcrypto/doc/RAND_cleanup.pod +++ /dev/null @@ -1,29 +0,0 @@ -=pod - -=head1 NAME - -RAND_cleanup - erase the PRNG state - -=head1 SYNOPSIS - - #include - - void RAND_cleanup(void); - -=head1 DESCRIPTION - -RAND_cleanup() erases the memory used by the PRNG. - -=head1 RETURN VALUE - -RAND_cleanup() returns no value. - -=head1 SEE ALSO - -L - -=head1 HISTORY - -RAND_cleanup() is available in all versions of SSLeay and OpenSSL. - -=cut diff --git a/src/lib/libcrypto/doc/RAND_load_file.pod b/src/lib/libcrypto/doc/RAND_load_file.pod deleted file mode 100644 index 8dd700ca3d..0000000000 --- a/src/lib/libcrypto/doc/RAND_load_file.pod +++ /dev/null @@ -1,53 +0,0 @@ -=pod - -=head1 NAME - -RAND_load_file, RAND_write_file, RAND_file_name - PRNG seed file - -=head1 SYNOPSIS - - #include - - const char *RAND_file_name(char *buf, int num); - - int RAND_load_file(const char *filename, long max_bytes); - - int RAND_write_file(const char *filename); - -=head1 DESCRIPTION - -RAND_file_name() generates a default path for the random seed -file. B points to a buffer of size B in which to store the -filename. The seed file is $RANDFILE if that environment variable is -set, $HOME/.rnd otherwise. If $HOME is not set either, or B is -too small for the path name, an error occurs. - -RAND_load_file() reads a number of bytes from file B and -adds them to the PRNG. If B is non-negative, -up to to B are read; starting with OpenSSL 0.9.5, -if B is -1, the complete file is read. - -RAND_write_file() writes a number of random bytes (currently 1024) to -file B which can be used to initialize the PRNG by calling -RAND_load_file() in a later session. - -=head1 RETURN VALUES - -RAND_load_file() returns the number of bytes read. - -RAND_write_file() returns the number of bytes written, and -1 if the -bytes written were generated without appropriate seed. - -RAND_file_name() returns a pointer to B on success, and NULL on -error. - -=head1 SEE ALSO - -L, L, L - -=head1 HISTORY - -RAND_load_file(), RAND_write_file() and RAND_file_name() are available in -all versions of SSLeay and OpenSSL. - -=cut diff --git a/src/lib/libcrypto/doc/RAND_set_rand_method.pod b/src/lib/libcrypto/doc/RAND_set_rand_method.pod deleted file mode 100644 index 464eba416d..0000000000 --- a/src/lib/libcrypto/doc/RAND_set_rand_method.pod +++ /dev/null @@ -1,59 +0,0 @@ -=pod - -=head1 NAME - -RAND_set_rand_method, RAND_get_rand_method, RAND_SSLeay - select RAND method - -=head1 SYNOPSIS - - #include - - void RAND_set_rand_method(RAND_METHOD *meth); - - RAND_METHOD *RAND_get_rand_method(void); - - RAND_METHOD *RAND_SSLeay(void); - -=head1 DESCRIPTION - -A B specifies the functions that OpenSSL uses for random -number generation. By modifying the method, alternative -implementations such as hardware RNGs may be used. Initially, the -default is to use the OpenSSL internal implementation. RAND_SSLeay() -returns a pointer to that method. - -RAND_set_rand_method() sets the RAND method to B. -RAND_get_rand_method() returns a pointer to the current method. - -=head1 THE RAND_METHOD STRUCTURE - - typedef struct rand_meth_st - { - void (*seed)(const void *buf, int num); - int (*bytes)(unsigned char *buf, int num); - void (*cleanup)(void); - void (*add)(const void *buf, int num, int entropy); - int (*pseudorand)(unsigned char *buf, int num); - int (*status)(void); - } RAND_METHOD; - -The components point to the implementation of RAND_seed(), -RAND_bytes(), RAND_cleanup(), RAND_add(), RAND_pseudo_rand() -and RAND_status(). -Each component may be NULL if the function is not implemented. - -=head1 RETURN VALUES - -RAND_set_rand_method() returns no value. RAND_get_rand_method() and -RAND_SSLeay() return pointers to the respective methods. - -=head1 SEE ALSO - -L - -=head1 HISTORY - -RAND_set_rand_method(), RAND_get_rand_method() and RAND_SSLeay() are -available in all versions of OpenSSL. - -=cut diff --git a/src/lib/libcrypto/doc/RSA_blinding_on.pod b/src/lib/libcrypto/doc/RSA_blinding_on.pod deleted file mode 100644 index fd2c69abd8..0000000000 --- a/src/lib/libcrypto/doc/RSA_blinding_on.pod +++ /dev/null @@ -1,43 +0,0 @@ -=pod - -=head1 NAME - -RSA_blinding_on, RSA_blinding_off - protect the RSA operation from timing attacks - -=head1 SYNOPSIS - - #include - - int RSA_blinding_on(RSA *rsa, BN_CTX *ctx); - - void RSA_blinding_off(RSA *rsa); - -=head1 DESCRIPTION - -RSA is vulnerable to timing attacks. In a setup where attackers can -measure the time of RSA decryption or signature operations, blinding -must be used to protect the RSA operation from that attack. - -RSA_blinding_on() turns blinding on for key B and generates a -random blinding factor. B is B or a pre-allocated and -initialized B. The random number generator must be seeded -prior to calling RSA_blinding_on(). - -RSA_blinding_off() turns blinding off and frees the memory used for -the blinding factor. - -=head1 RETURN VALUES - -RSA_blinding_on() returns 1 on success, and 0 if an error occurred. - -RSA_blinding_off() returns no value. - -=head1 SEE ALSO - -L, L - -=head1 HISTORY - -RSA_blinding_on() and RSA_blinding_off() appeared in SSLeay 0.9.0. - -=cut diff --git a/src/lib/libcrypto/doc/RSA_check_key.pod b/src/lib/libcrypto/doc/RSA_check_key.pod deleted file mode 100644 index 1db6d736ab..0000000000 --- a/src/lib/libcrypto/doc/RSA_check_key.pod +++ /dev/null @@ -1,39 +0,0 @@ -=pod - -=head1 NAME - -RSA_check_key - validate private RSA keys - -=head1 SYNOPSIS - - #include - - int RSA_check_key(RSA *rsa); - -=head1 DESCRIPTION - -This function validates RSA keys. It checks that B

and B are -in fact prime, and that B. - -It also checks that B, -and that B, B and B are set correctly or are B. - -The key's public components may not be B. - -=head1 RETURN VALUE - -RSA_check_key() returns 1 if B is a valid RSA key, and 0 otherwise. --1 is returned if an error occurs while checking the key. - -If the key is invalid or an error occurred, the reason code can be -obtained using L. - -=head1 SEE ALSO - -L, L - -=head1 HISTORY - -RSA_check() appeared in OpenSSL 0.9.4. - -=cut diff --git a/src/lib/libcrypto/doc/RSA_generate_key.pod b/src/lib/libcrypto/doc/RSA_generate_key.pod deleted file mode 100644 index 0e0f0a764c..0000000000 --- a/src/lib/libcrypto/doc/RSA_generate_key.pod +++ /dev/null @@ -1,68 +0,0 @@ -=pod - -=head1 NAME - -RSA_generate_key - generate RSA key pair - -=head1 SYNOPSIS - - #include - - RSA *RSA_generate_key(int num, unsigned long e, - void (*callback)(int,int,void *), void *cb_arg); - -=head1 DESCRIPTION - -RSA_generate_key() generates a key pair and returns it in a newly -allocated B structure. The pseudo-random number generator must -be seeded prior to calling RSA_generate_key(). - -The modulus size will be B bits, and the public exponent will be -B. Key sizes with B E 1024 should be considered insecure. -The exponent is an odd number, typically 3 or 65535. - -A callback function may be used to provide feedback about the -progress of the key generation. If B is not B, it -will be called as follows: - -=over 4 - -=item * - -While a random prime number is generated, it is called as -described in L. - -=item * - -When the n-th randomly generated prime is rejected as not -suitable for the key, B is called. - -=item * - -When a random p has been found with p-1 relatively prime to B, -it is called as B. - -=back - -The process is then repeated for prime q with B. - -=head1 RETURN VALUE - -If key generation fails, RSA_generate_key() returns B; the -error codes can be obtained by L. - -=head1 BUGS - -B is used with two different meanings. - -RSA_generate_key() goes into an infinite loop for illegal input values. - -=head1 SEE ALSO - -L, L, L, L - -=head1 HISTORY - -The B argument was added in SSLeay 0.9.0. - -=cut diff --git a/src/lib/libcrypto/doc/RSA_get_ex_new_index.pod b/src/lib/libcrypto/doc/RSA_get_ex_new_index.pod deleted file mode 100644 index 46cc8f5359..0000000000 --- a/src/lib/libcrypto/doc/RSA_get_ex_new_index.pod +++ /dev/null @@ -1,120 +0,0 @@ -=pod - -=head1 NAME - -RSA_get_ex_new_index, RSA_set_ex_data, RSA_get_ex_data - add application specific data to RSA structures - -=head1 SYNOPSIS - - #include - - int RSA_get_ex_new_index(long argl, void *argp, - CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, - CRYPTO_EX_free *free_func); - - int RSA_set_ex_data(RSA *r, int idx, void *arg); - - void *RSA_get_ex_data(RSA *r, int idx); - - typedef int new_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad, - int idx, long argl, void *argp); - typedef void free_func(void *parent, void *ptr, CRYPTO_EX_DATA *ad, - int idx, long argl, void *argp); - typedef int dup_func(CRYPTO_EX_DATA *to, CRYPTO_EX_DATA *from, void *from_d, - int idx, long argl, void *argp); - -=head1 DESCRIPTION - -Several OpenSSL structures can have application specific data attached to them. -This has several potential uses, it can be used to cache data associated with -a structure (for example the hash of some part of the structure) or some -additional data (for example a handle to the data in an external library). - -Since the application data can be anything at all it is passed and retrieved -as a B type. - -The B function is initially called to "register" some -new application specific data. It takes three optional function pointers which -are called when the parent structure (in this case an RSA structure) is -initially created, when it is copied and when it is freed up. If any or all of -these function pointer arguments are not used they should be set to NULL. The -precise manner in which these function pointers are called is described in more -detail below. B also takes additional long and pointer -parameters which will be passed to the supplied functions but which otherwise -have no special meaning. It returns an B which should be stored -(typically in a static variable) and passed used in the B parameter in -the remaining functions. Each successful call to B -will return an index greater than any previously returned, this is important -because the optional functions are called in order of increasing index value. - -B is used to set application specific data, the data is -supplied in the B parameter and its precise meaning is up to the -application. - -B is used to retrieve application specific data. The data -is returned to the application, this will be the same value as supplied to -a previous B call. - -B is called when a structure is initially allocated (for example -with B. The parent structure members will not have any meaningful -values at this point. This function will typically be used to allocate any -application specific structure. - -B is called when a structure is being freed up. The dynamic parent -structure members should not be accessed because they will be freed up when -this function is called. - -B and B take the same parameters. B is a -pointer to the parent RSA structure. B is a the application specific data -(this wont be of much use in B. B is a pointer to the -B structure from the parent RSA structure: the functions -B and B can be called to manipulate -it. The B parameter is the index: this will be the same value returned by -B when the functions were initially registered. Finally -the B and B parameters are the values originally passed to the same -corresponding parameters when B was called. - -B is called when a structure is being copied. Pointers to the -destination and source B structures are passed in the B and -B parameters respectively. The B parameter is passed a pointer to -the source application data when the function is called, when the function returns -the value is copied to the destination: the application can thus modify the data -pointed to by B and have different values in the source and destination. -The B, B and B parameters are the same as those in B -and B. - -=head1 RETURN VALUES - -B returns a new index or -1 on failure (note 0 is a valid -index value). - -B returns 1 on success or 0 on failure. - -B returns the application data or 0 on failure. 0 may also -be valid application data but currently it can only fail if given an invalid B -parameter. - -B and B should return 0 for failure and 1 for success. - -On failure an error code can be obtained from L. - -=head1 BUGS - -B is currently never called. - -The return value of B is ignored. - -The B function isn't very useful because no meaningful values are -present in the parent RSA structure when it is called. - -=head1 SEE ALSO - -L, L - -=head1 HISTORY - -RSA_get_ex_new_index(), RSA_set_ex_data() and RSA_get_ex_data() are -available since SSLeay 0.9.0. - -=cut diff --git a/src/lib/libcrypto/doc/RSA_new.pod b/src/lib/libcrypto/doc/RSA_new.pod deleted file mode 100644 index 299047f31f..0000000000 --- a/src/lib/libcrypto/doc/RSA_new.pod +++ /dev/null @@ -1,39 +0,0 @@ -=pod - -=head1 NAME - -RSA_new, RSA_free - allocate and free RSA objects - -=head1 SYNOPSIS - - #include - - RSA * RSA_new(void); - - void RSA_free(RSA *rsa); - -=head1 DESCRIPTION - -RSA_new() allocates and initializes an B structure. - -RSA_free() frees the B structure and its components. The key is -erased before the memory is returned to the system. - -=head1 RETURN VALUES - -If the allocation fails, RSA_new() returns B and sets an error -code that can be obtained by L. Otherwise it returns -a pointer to the newly allocated structure. - -RSA_free() returns no value. - -=head1 SEE ALSO - -L, L, -L - -=head1 HISTORY - -RSA_new() and RSA_free() are available in all versions of SSLeay and OpenSSL. - -=cut diff --git a/src/lib/libcrypto/doc/RSA_padding_add_PKCS1_type_1.pod b/src/lib/libcrypto/doc/RSA_padding_add_PKCS1_type_1.pod deleted file mode 100644 index b8f678fe72..0000000000 --- a/src/lib/libcrypto/doc/RSA_padding_add_PKCS1_type_1.pod +++ /dev/null @@ -1,124 +0,0 @@ -=pod - -=head1 NAME - -RSA_padding_add_PKCS1_type_1, RSA_padding_check_PKCS1_type_1, -RSA_padding_add_PKCS1_type_2, RSA_padding_check_PKCS1_type_2, -RSA_padding_add_PKCS1_OAEP, RSA_padding_check_PKCS1_OAEP, -RSA_padding_add_SSLv23, RSA_padding_check_SSLv23, -RSA_padding_add_none, RSA_padding_check_none - asymmetric encryption -padding - -=head1 SYNOPSIS - - #include - - int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen, - unsigned char *f, int fl); - - int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen, - unsigned char *f, int fl, int rsa_len); - - int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen, - unsigned char *f, int fl); - - int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen, - unsigned char *f, int fl, int rsa_len); - - int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen, - unsigned char *f, int fl, unsigned char *p, int pl); - - int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen, - unsigned char *f, int fl, int rsa_len, unsigned char *p, int pl); - - int RSA_padding_add_SSLv23(unsigned char *to, int tlen, - unsigned char *f, int fl); - - int RSA_padding_check_SSLv23(unsigned char *to, int tlen, - unsigned char *f, int fl, int rsa_len); - - int RSA_padding_add_none(unsigned char *to, int tlen, - unsigned char *f, int fl); - - int RSA_padding_check_none(unsigned char *to, int tlen, - unsigned char *f, int fl, int rsa_len); - -=head1 DESCRIPTION - -The RSA_padding_xxx_xxx() functions are called from the RSA encrypt, -decrypt, sign and verify functions. Normally they should not be called -from application programs. - -However, they can also be called directly to implement padding for other -asymmetric ciphers. RSA_padding_add_PKCS1_OAEP() and -RSA_padding_check_PKCS1_OAEP() may be used in an application combined -with B in order to implement OAEP with an encoding -parameter. - -RSA_padding_add_xxx() encodes B bytes from B so as to fit into -B bytes and stores the result at B. An error occurs if B -does not meet the size requirements of the encoding method. - -The following encoding methods are implemented: - -=over 4 - -=item PKCS1_type_1 - -PKCS #1 v2.0 EMSA-PKCS1-v1_5 (PKCS #1 v1.5 block type 1); used for signatures - -=item PKCS1_type_2 - -PKCS #1 v2.0 EME-PKCS1-v1_5 (PKCS #1 v1.5 block type 2) - -=item PKCS1_OAEP - -PKCS #1 v2.0 EME-OAEP - -=item SSLv23 - -PKCS #1 EME-PKCS1-v1_5 with SSL-specific modification - -=item none - -simply copy the data - -=back - -The random number generator must be seeded prior to calling -RSA_padding_add_xxx(). - -RSA_padding_check_xxx() verifies that the B bytes at B contain -a valid encoding for a B byte RSA key in the respective -encoding method and stores the recovered data of at most B bytes -(for B: of size B) -at B. - -For RSA_padding_xxx_OAEP(), B

points to the encoding parameter -of length B. B

may be B if B is 0. - -=head1 RETURN VALUES - -The RSA_padding_add_xxx() functions return 1 on success, 0 on error. -The RSA_padding_check_xxx() functions return the length of the -recovered data, -1 on error. Error codes can be obtained by calling -L. - -=head1 SEE ALSO - -L, -L, -L, L - -=head1 HISTORY - -RSA_padding_add_PKCS1_type_1(), RSA_padding_check_PKCS1_type_1(), -RSA_padding_add_PKCS1_type_2(), RSA_padding_check_PKCS1_type_2(), -RSA_padding_add_SSLv23(), RSA_padding_check_SSLv23(), -RSA_padding_add_none() and RSA_padding_check_none() appeared in -SSLeay 0.9.0. - -RSA_padding_add_PKCS1_OAEP() and RSA_padding_check_PKCS1_OAEP() were -added in OpenSSL 0.9.2b. - -=cut diff --git a/src/lib/libcrypto/doc/RSA_print.pod b/src/lib/libcrypto/doc/RSA_print.pod deleted file mode 100644 index 67876facc5..0000000000 --- a/src/lib/libcrypto/doc/RSA_print.pod +++ /dev/null @@ -1,49 +0,0 @@ -=pod - -=head1 NAME - -RSA_print, RSA_print_fp, DHparams_print, DHparams_print_fp, DSA_print, -DSA_print_fp, DHparams_print, DHparams_print_fp - print cryptographic -parameters - -=head1 SYNOPSIS - - #include - - int RSA_print(BIO *bp, RSA *x, int offset); - int RSA_print_fp(FILE *fp, RSA *x, int offset); - - #include - - int DSAparams_print(BIO *bp, DSA *x); - int DSAparams_print_fp(FILE *fp, DSA *x); - int DSA_print(BIO *bp, DSA *x, int offset); - int DSA_print_fp(FILE *fp, DSA *x, int offset); - - #include - - int DHparams_print(BIO *bp, DH *x); - int DHparams_print_fp(FILE *fp, DH *x); - -=head1 DESCRIPTION - -A human-readable hexadecimal output of the components of the RSA -key, DSA parameters or key or DH parameters is printed to B or B. - -The output lines are indented by B spaces. - -=head1 RETURN VALUES - -These functions return 1 on success, 0 on error. - -=head1 SEE ALSO - -L, L, L, L - -=head1 HISTORY - -RSA_print(), RSA_print_fp(), DSA_print(), DSA_print_fp(), DH_print(), -DH_print_fp() are available in all versions of SSLeay and OpenSSL. -DSAparams_print() and DSAparams_print_pf() were added in SSLeay 0.8. - -=cut diff --git a/src/lib/libcrypto/doc/RSA_private_encrypt.pod b/src/lib/libcrypto/doc/RSA_private_encrypt.pod deleted file mode 100644 index 0d1b2bd541..0000000000 --- a/src/lib/libcrypto/doc/RSA_private_encrypt.pod +++ /dev/null @@ -1,70 +0,0 @@ -=pod - -=head1 NAME - -RSA_private_encrypt, RSA_public_decrypt - low level signature operations - -=head1 SYNOPSIS - - #include - - int RSA_private_encrypt(int flen, unsigned char *from, - unsigned char *to, RSA *rsa, int padding); - - int RSA_public_decrypt(int flen, unsigned char *from, - unsigned char *to, RSA *rsa, int padding); - -=head1 DESCRIPTION - -These functions handle RSA signatures at a low level. - -RSA_private_encrypt() signs the B bytes at B (usually a -message digest with an algorithm identifier) using the private key -B and stores the signature in B. B must point to -B bytes of memory. - -B denotes one of the following modes: - -=over 4 - -=item RSA_PKCS1_PADDING - -PKCS #1 v1.5 padding. This function does not handle the -B specified in PKCS #1. When generating or -verifying PKCS #1 signatures, L and L should be -used. - -=item RSA_NO_PADDING - -Raw RSA signature. This mode should I be used to implement -cryptographically sound padding modes in the application code. -Signing user data directly with RSA is insecure. - -=back - -RSA_public_decrypt() recovers the message digest from the B -bytes long signature at B using the signer's public key -B. B must point to a memory section large enough to hold the -message digest (which is smaller than B). B is the padding mode that was used to sign the data. - -=head1 RETURN VALUES - -RSA_private_encrypt() returns the size of the signature (i.e., -RSA_size(rsa)). RSA_public_decrypt() returns the size of the -recovered message digest. - -On error, -1 is returned; the error codes can be -obtained by L. - -=head1 SEE ALSO - -L, L, L, -L - -=head1 HISTORY - -The B argument was added in SSLeay 0.8. RSA_NO_PADDING is -available since SSLeay 0.9.0. - -=cut diff --git a/src/lib/libcrypto/doc/RSA_public_encrypt.pod b/src/lib/libcrypto/doc/RSA_public_encrypt.pod deleted file mode 100644 index 23861c0004..0000000000 --- a/src/lib/libcrypto/doc/RSA_public_encrypt.pod +++ /dev/null @@ -1,86 +0,0 @@ -=pod - -=head1 NAME - -RSA_public_encrypt, RSA_private_decrypt - RSA public key cryptography - -=head1 SYNOPSIS - - #include - - int RSA_public_encrypt(int flen, unsigned char *from, - unsigned char *to, RSA *rsa, int padding); - - int RSA_private_decrypt(int flen, unsigned char *from, - unsigned char *to, RSA *rsa, int padding); - -=head1 DESCRIPTION - -RSA_public_encrypt() encrypts the B bytes at B (usually a -session key) using the public key B and stores the ciphertext in -B. B must point to RSA_size(B) bytes of memory. - -B denotes one of the following modes: - -=over 4 - -=item RSA_PKCS1_PADDING - -PKCS #1 v1.5 padding. This currently is the most widely used mode. - -=item RSA_PKCS1_OAEP_PADDING - -EME-OAEP as defined in PKCS #1 v2.0 with SHA-1, MGF1 and an empty -encoding parameter. This mode is recommended for all new applications. - -=item RSA_SSLV23_PADDING - -PKCS #1 v1.5 padding with an SSL-specific modification that denotes -that the server is SSL3 capable. - -=item RSA_NO_PADDING - -Raw RSA encryption. This mode should I be used to implement -cryptographically sound padding modes in the application code. -Encrypting user data directly with RSA is insecure. - -=back - -B must be less than RSA_size(B) - 11 for the PKCS #1 v1.5 -based padding modes, and less than RSA_size(B) - 41 for -RSA_PKCS1_OAEP_PADDING. The random number generator must be seeded -prior to calling RSA_public_encrypt(). - -RSA_private_decrypt() decrypts the B bytes at B using the -private key B and stores the plaintext in B. B must point -to a memory section large enough to hold the decrypted data (which is -smaller than RSA_size(B)). B is the padding mode that -was used to encrypt the data. - -=head1 RETURN VALUES - -RSA_public_encrypt() returns the size of the encrypted data (i.e., -RSA_size(B)). RSA_private_decrypt() returns the size of the -recovered plaintext. - -On error, -1 is returned; the error codes can be -obtained by L. - -=head1 CONFORMING TO - -SSL, PKCS #1 v2.0 - -=head1 SEE ALSO - -L, L, L, L - -=head1 NOTES - -The L method supports only the RSA_PKCS1_PADDING mode. - -=head1 HISTORY - -The B argument was added in SSLeay 0.8. RSA_NO_PADDING is -available since SSLeay 0.9.0, OAEP was added in OpenSSL 0.9.2b. - -=cut diff --git a/src/lib/libcrypto/doc/RSA_set_method.pod b/src/lib/libcrypto/doc/RSA_set_method.pod deleted file mode 100644 index b672712292..0000000000 --- a/src/lib/libcrypto/doc/RSA_set_method.pod +++ /dev/null @@ -1,168 +0,0 @@ -=pod - -=head1 NAME - -RSA_set_default_method, RSA_get_default_method, RSA_set_method, -RSA_get_method, RSA_PKCS1_SSLeay, RSA_PKCS1_RSAref, -RSA_null_method, RSA_flags, RSA_new_method - select RSA method - -=head1 SYNOPSIS - - #include - #include - - void RSA_set_default_openssl_method(RSA_METHOD *meth); - - RSA_METHOD *RSA_get_default_openssl_method(void); - - RSA_METHOD *RSA_set_method(RSA *rsa, ENGINE *engine); - - RSA_METHOD *RSA_get_method(RSA *rsa); - - RSA_METHOD *RSA_PKCS1_SSLeay(void); - - RSA_METHOD *RSA_PKCS1_RSAref(void); - - RSA_METHOD *RSA_null_method(void); - - int RSA_flags(RSA *rsa); - - RSA *RSA_new_method(ENGINE *engine); - -=head1 DESCRIPTION - -An B specifies the functions that OpenSSL uses for RSA -operations. By modifying the method, alternative implementations -such as hardware accelerators may be used. - -Initially, the default is to use the OpenSSL internal implementation, -unless OpenSSL was configured with the C or C<-DRSA_NULL> -options. RSA_PKCS1_SSLeay() returns a pointer to that method. - -RSA_PKCS1_RSAref() returns a pointer to a method that uses the RSAref -library. This is the default method in the C configuration; -the function is not available in other configurations. -RSA_null_method() returns a pointer to a method that does not support -the RSA transformation. It is the default if OpenSSL is compiled with -C<-DRSA_NULL>. These methods may be useful in the USA because of a -patent on the RSA cryptosystem. - -RSA_set_default_openssl_method() makes B the default method for all B -structures created later. B This is true only whilst the default engine -for RSA operations remains as "openssl". ENGINEs provide an -encapsulation for implementations of one or more algorithms at a time, and all -the RSA functions mentioned here operate within the scope of the default -"openssl" engine. - -RSA_get_default_openssl_method() returns a pointer to the current default -method for the "openssl" engine. - -RSA_set_method() selects B for all operations using the key -B. - -RSA_get_method() returns a pointer to the RSA_METHOD from the currently -selected ENGINE for B. - -RSA_flags() returns the B that are set for B's current method. - -RSA_new_method() allocates and initializes an RSA structure so that -B will be used for the RSA operations. If B is NULL, -the default engine for RSA operations is used. - -=head1 THE RSA_METHOD STRUCTURE - - typedef struct rsa_meth_st - { - /* name of the implementation */ - const char *name; - - /* encrypt */ - int (*rsa_pub_enc)(int flen, unsigned char *from, - unsigned char *to, RSA *rsa, int padding); - - /* verify arbitrary data */ - int (*rsa_pub_dec)(int flen, unsigned char *from, - unsigned char *to, RSA *rsa, int padding); - - /* sign arbitrary data */ - int (*rsa_priv_enc)(int flen, unsigned char *from, - unsigned char *to, RSA *rsa, int padding); - - /* decrypt */ - int (*rsa_priv_dec)(int flen, unsigned char *from, - unsigned char *to, RSA *rsa, int padding); - - /* compute r0 = r0 ^ I mod rsa->n (May be NULL for some - implementations) */ - int (*rsa_mod_exp)(BIGNUM *r0, BIGNUM *I, RSA *rsa); - - /* compute r = a ^ p mod m (May be NULL for some implementations) */ - int (*bn_mod_exp)(BIGNUM *r, BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); - - /* called at RSA_new */ - int (*init)(RSA *rsa); - - /* called at RSA_free */ - int (*finish)(RSA *rsa); - - /* RSA_FLAG_EXT_PKEY - rsa_mod_exp is called for private key - * operations, even if p,q,dmp1,dmq1,iqmp - * are NULL - * RSA_FLAG_SIGN_VER - enable rsa_sign and rsa_verify - * RSA_METHOD_FLAG_NO_CHECK - don't check pub/private match - */ - int flags; - - char *app_data; /* ?? */ - - /* sign. For backward compatibility, this is used only - * if (flags & RSA_FLAG_SIGN_VER) - */ - int (*rsa_sign)(int type, unsigned char *m, unsigned int m_len, - unsigned char *sigret, unsigned int *siglen, RSA *rsa); - - /* verify. For backward compatibility, this is used only - * if (flags & RSA_FLAG_SIGN_VER) - */ - int (*rsa_verify)(int type, unsigned char *m, unsigned int m_len, - unsigned char *sigbuf, unsigned int siglen, RSA *rsa); - - } RSA_METHOD; - -=head1 RETURN VALUES - -RSA_PKCS1_SSLeay(), RSA_PKCS1_RSAref(), RSA_PKCS1_null_method(), -RSA_get_default_openssl_method() and RSA_get_method() return pointers to -the respective RSA_METHODs. - -RSA_set_default_openssl_method() returns no value. - -RSA_set_method() selects B as the engine that will be responsible for -all operations using the structure B. If this function completes successfully, -then the B structure will have its own functional reference of B, so -the caller should remember to free their own reference to B when they are -finished with it. NB: An ENGINE's RSA_METHOD can be retrieved (or set) by -ENGINE_get_RSA() or ENGINE_set_RSA(). - -RSA_new_method() returns NULL and sets an error code that can be -obtained by L if the allocation fails. Otherwise -it returns a pointer to the newly allocated structure. - -=head1 SEE ALSO - -L, L - -=head1 HISTORY - -RSA_new_method() and RSA_set_default_method() appeared in SSLeay 0.8. -RSA_get_default_method(), RSA_set_method() and RSA_get_method() as -well as the rsa_sign and rsa_verify components of RSA_METHOD were -added in OpenSSL 0.9.4. - -RSA_set_default_openssl_method() and RSA_get_default_openssl_method() -replaced RSA_set_default_method() and RSA_get_default_method() respectively, -and RSA_set_method() and RSA_new_method() were altered to use Bs -rather than Bs during development of OpenSSL 0.9.6. - -=cut diff --git a/src/lib/libcrypto/doc/RSA_sign.pod b/src/lib/libcrypto/doc/RSA_sign.pod deleted file mode 100644 index 71688a665e..0000000000 --- a/src/lib/libcrypto/doc/RSA_sign.pod +++ /dev/null @@ -1,62 +0,0 @@ -=pod - -=head1 NAME - -RSA_sign, RSA_verify - RSA signatures - -=head1 SYNOPSIS - - #include - - int RSA_sign(int type, unsigned char *m, unsigned int m_len, - unsigned char *sigret, unsigned int *siglen, RSA *rsa); - - int RSA_verify(int type, unsigned char *m, unsigned int m_len, - unsigned char *sigbuf, unsigned int siglen, RSA *rsa); - -=head1 DESCRIPTION - -RSA_sign() signs the message digest B of size B using the -private key B as specified in PKCS #1 v2.0. It stores the -signature in B and the signature size in B. B -must point to RSA_size(B) bytes of memory. - -B denotes the message digest algorithm that was used to generate -B. It usually is one of B, B and B; -see L for details. If B is B, -an SSL signature (MD5 and SHA1 message digests with PKCS #1 padding -and no algorithm identifier) is created. - -RSA_verify() verifies that the signature B of size B -matches a given message digest B of size B. B denotes -the message digest algorithm that was used to generate the signature. -B is the signer's public key. - -=head1 RETURN VALUES - -RSA_sign() returns 1 on success, 0 otherwise. RSA_verify() returns 1 -on successful verification, 0 otherwise. - -The error codes can be obtained by L. - -=head1 BUGS - -Certain signatures with an improper algorithm identifier are accepted -for compatibility with SSLeay 0.4.5 :-) - -=head1 CONFORMING TO - -SSL, PKCS #1 v2.0 - -=head1 SEE ALSO - -L, L, -L, L, -L - -=head1 HISTORY - -RSA_sign() and RSA_verify() are available in all versions of SSLeay -and OpenSSL. - -=cut diff --git a/src/lib/libcrypto/doc/RSA_sign_ASN1_OCTET_STRING.pod b/src/lib/libcrypto/doc/RSA_sign_ASN1_OCTET_STRING.pod deleted file mode 100644 index b8c7bbb7e3..0000000000 --- a/src/lib/libcrypto/doc/RSA_sign_ASN1_OCTET_STRING.pod +++ /dev/null @@ -1,59 +0,0 @@ -=pod - -=head1 NAME - -RSA_sign_ASN1_OCTET_STRING, RSA_verify_ASN1_OCTET_STRING - RSA signatures - -=head1 SYNOPSIS - - #include - - int RSA_sign_ASN1_OCTET_STRING(int dummy, unsigned char *m, - unsigned int m_len, unsigned char *sigret, unsigned int *siglen, - RSA *rsa); - - int RSA_verify_ASN1_OCTET_STRING(int dummy, unsigned char *m, - unsigned int m_len, unsigned char *sigbuf, unsigned int siglen, - RSA *rsa); - -=head1 DESCRIPTION - -RSA_sign_ASN1_OCTET_STRING() signs the octet string B of size -B using the private key B represented in DER using PKCS #1 -padding. It stores the signature in B and the signature size -in B. B must point to B bytes of -memory. - -B is ignored. - -The random number generator must be seeded prior to calling RSA_sign_ASN1_OCTET_STRING(). - -RSA_verify_ASN1_OCTET_STRING() verifies that the signature B -of size B is the DER representation of a given octet string -B of size B. B is ignored. B is the signer's -public key. - -=head1 RETURN VALUES - -RSA_sign_ASN1_OCTET_STRING() returns 1 on success, 0 otherwise. -RSA_verify_ASN1_OCTET_STRING() returns 1 on successful verification, 0 -otherwise. - -The error codes can be obtained by L. - -=head1 BUGS - -These functions serve no recognizable purpose. - -=head1 SEE ALSO - -L, L, L, -L, L, -L - -=head1 HISTORY - -RSA_sign_ASN1_OCTET_STRING() and RSA_verify_ASN1_OCTET_STRING() were -added in SSLeay 0.8. - -=cut diff --git a/src/lib/libcrypto/doc/RSA_size.pod b/src/lib/libcrypto/doc/RSA_size.pod deleted file mode 100644 index b36b4d58d5..0000000000 --- a/src/lib/libcrypto/doc/RSA_size.pod +++ /dev/null @@ -1,33 +0,0 @@ -=pod - -=head1 NAME - -RSA_size - get RSA modulus size - -=head1 SYNOPSIS - - #include - - int RSA_size(RSA *rsa); - -=head1 DESCRIPTION - -This function returns the RSA modulus size in bytes. It can be used to -determine how much memory must be allocated for an RSA encrypted -value. - -Bn> must not be B. - -=head1 RETURN VALUE - -The size in bytes. - -=head1 SEE ALSO - -L - -=head1 HISTORY - -RSA_size() is available in all versions of SSLeay and OpenSSL. - -=cut diff --git a/src/lib/libcrypto/doc/bn.pod b/src/lib/libcrypto/doc/bn.pod deleted file mode 100644 index 1504a1c92d..0000000000 --- a/src/lib/libcrypto/doc/bn.pod +++ /dev/null @@ -1,148 +0,0 @@ -=pod - -=head1 NAME - -bn - multiprecision integer arithmetics - -=head1 SYNOPSIS - - #include - - BIGNUM *BN_new(void); - void BN_free(BIGNUM *a); - void BN_init(BIGNUM *); - void BN_clear(BIGNUM *a); - void BN_clear_free(BIGNUM *a); - - BN_CTX *BN_CTX_new(void); - void BN_CTX_init(BN_CTX *c); - void BN_CTX_free(BN_CTX *c); - - BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b); - BIGNUM *BN_dup(const BIGNUM *a); - - int BN_num_bytes(const BIGNUM *a); - int BN_num_bits(const BIGNUM *a); - int BN_num_bits_word(BN_ULONG w); - - int BN_add(BIGNUM *r, BIGNUM *a, BIGNUM *b); - int BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); - int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx); - int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *a, const BIGNUM *d, - BN_CTX *ctx); - int BN_sqr(BIGNUM *r, BIGNUM *a, BN_CTX *ctx); - int BN_mod(BIGNUM *rem, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx); - int BN_mod_mul(BIGNUM *ret, BIGNUM *a, BIGNUM *b, const BIGNUM *m, - BN_CTX *ctx); - int BN_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BN_CTX *ctx); - int BN_mod_exp(BIGNUM *r, BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx); - int BN_gcd(BIGNUM *r, BIGNUM *a, BIGNUM *b, BN_CTX *ctx); - - int BN_add_word(BIGNUM *a, BN_ULONG w); - int BN_sub_word(BIGNUM *a, BN_ULONG w); - int BN_mul_word(BIGNUM *a, BN_ULONG w); - BN_ULONG BN_div_word(BIGNUM *a, BN_ULONG w); - BN_ULONG BN_mod_word(const BIGNUM *a, BN_ULONG w); - - int BN_cmp(BIGNUM *a, BIGNUM *b); - int BN_ucmp(BIGNUM *a, BIGNUM *b); - int BN_is_zero(BIGNUM *a); - int BN_is_one(BIGNUM *a); - int BN_is_word(BIGNUM *a, BN_ULONG w); - int BN_is_odd(BIGNUM *a); - - int BN_zero(BIGNUM *a); - int BN_one(BIGNUM *a); - BIGNUM *BN_value_one(void); - int BN_set_word(BIGNUM *a, unsigned long w); - unsigned long BN_get_word(BIGNUM *a); - - int BN_rand(BIGNUM *rnd, int bits, int top, int bottom); - int BN_pseudo_rand(BIGNUM *rnd, int bits, int top, int bottom); - - BIGNUM *BN_generate_prime(BIGNUM *ret, int bits,int safe, BIGNUM *add, - BIGNUM *rem, void (*callback)(int, int, void *), void *cb_arg); - int BN_is_prime(const BIGNUM *p, int nchecks, - void (*callback)(int, int, void *), BN_CTX *ctx, void *cb_arg); - - int BN_set_bit(BIGNUM *a, int n); - int BN_clear_bit(BIGNUM *a, int n); - int BN_is_bit_set(const BIGNUM *a, int n); - int BN_mask_bits(BIGNUM *a, int n); - int BN_lshift(BIGNUM *r, const BIGNUM *a, int n); - int BN_lshift1(BIGNUM *r, BIGNUM *a); - int BN_rshift(BIGNUM *r, BIGNUM *a, int n); - int BN_rshift1(BIGNUM *r, BIGNUM *a); - - int BN_bn2bin(const BIGNUM *a, unsigned char *to); - BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret); - char *BN_bn2hex(const BIGNUM *a); - char *BN_bn2dec(const BIGNUM *a); - int BN_hex2bn(BIGNUM **a, const char *str); - int BN_dec2bn(BIGNUM **a, const char *str); - int BN_print(BIO *fp, const BIGNUM *a); - int BN_print_fp(FILE *fp, const BIGNUM *a); - int BN_bn2mpi(const BIGNUM *a, unsigned char *to); - BIGNUM *BN_mpi2bn(unsigned char *s, int len, BIGNUM *ret); - - BIGNUM *BN_mod_inverse(BIGNUM *r, BIGNUM *a, const BIGNUM *n, - BN_CTX *ctx); - - BN_RECP_CTX *BN_RECP_CTX_new(void); - void BN_RECP_CTX_init(BN_RECP_CTX *recp); - void BN_RECP_CTX_free(BN_RECP_CTX *recp); - int BN_RECP_CTX_set(BN_RECP_CTX *recp, const BIGNUM *m, BN_CTX *ctx); - int BN_mod_mul_reciprocal(BIGNUM *r, BIGNUM *a, BIGNUM *b, - BN_RECP_CTX *recp, BN_CTX *ctx); - - BN_MONT_CTX *BN_MONT_CTX_new(void); - void BN_MONT_CTX_init(BN_MONT_CTX *ctx); - void BN_MONT_CTX_free(BN_MONT_CTX *mont); - int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *m, BN_CTX *ctx); - BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from); - int BN_mod_mul_montgomery(BIGNUM *r, BIGNUM *a, BIGNUM *b, - BN_MONT_CTX *mont, BN_CTX *ctx); - int BN_from_montgomery(BIGNUM *r, BIGNUM *a, BN_MONT_CTX *mont, - BN_CTX *ctx); - int BN_to_montgomery(BIGNUM *r, BIGNUM *a, BN_MONT_CTX *mont, - BN_CTX *ctx); - - -=head1 DESCRIPTION - -This library performs arithmetic operations on integers of arbitrary -size. It was written for use in public key cryptography, such as RSA -and Diffie-Hellman. - -It uses dynamic memory allocation for storing its data structures. -That means that there is no limit on the size of the numbers -manipulated by these functions, but return values must always be -checked in case a memory allocation error has occurred. - -The basic object in this library is a B. It is used to hold a -single large integer. This type should be considered opaque and fields -should not be modified or accessed directly. - -The creation of B objects is described in L; -L describes most of the arithmetic operations. -Comparison is described in L; L -describes certain assignments, L the generation of -random numbers, L deals with prime -numbers and L with bit operations. The conversion -of Bs to external formats is described in L. - -=head1 SEE ALSO - -L, -L, L, L, L, -L, L, -L, L, -L, L, -L, L, L, -L, L, -L, L, -L, -L - -=cut diff --git a/src/lib/libcrypto/doc/d2i_DHparams.pod b/src/lib/libcrypto/doc/d2i_DHparams.pod deleted file mode 100644 index a6d1743d39..0000000000 --- a/src/lib/libcrypto/doc/d2i_DHparams.pod +++ /dev/null @@ -1,30 +0,0 @@ -=pod - -=head1 NAME - -d2i_DHparams, i2d_DHparams - ... - -=head1 SYNOPSIS - - #include - - DH *d2i_DHparams(DH **a, unsigned char **pp, long length); - int i2d_DHparams(DH *a, unsigned char **pp); - -=head1 DESCRIPTION - -... - -=head1 RETURN VALUES - -... - -=head1 SEE ALSO - -... - -=head1 HISTORY - -... - -=cut diff --git a/src/lib/libcrypto/doc/d2i_RSAPublicKey.pod b/src/lib/libcrypto/doc/d2i_RSAPublicKey.pod deleted file mode 100644 index ff4d0d57db..0000000000 --- a/src/lib/libcrypto/doc/d2i_RSAPublicKey.pod +++ /dev/null @@ -1,39 +0,0 @@ -=pod - -=head1 NAME - -d2i_RSAPublicKey, i2d_RSAPublicKey, d2i_RSAPrivateKey, i2d_RSAPrivateKey, i2d_Netscape_RSA, d2i_Netscape_RSA - ... - -=head1 SYNOPSIS - - #include - - RSA * d2i_RSAPublicKey(RSA **a, unsigned char **pp, long length); - - int i2d_RSAPublicKey(RSA *a, unsigned char **pp); - - RSA * d2i_RSAPrivateKey(RSA **a, unsigned char **pp, long length); - - int i2d_RSAPrivateKey(RSA *a, unsigned char **pp); - - int i2d_Netscape_RSA(RSA *a, unsigned char **pp, int (*cb)()); - - RSA * d2i_Netscape_RSA(RSA **a, unsigned char **pp, long length, int (*cb)()); - -=head1 DESCRIPTION - -... - -=head1 RETURN VALUES - -... - -=head1 SEE ALSO - -... - -=head1 HISTORY - -... - -=cut diff --git a/src/lib/libcrypto/doc/dh.pod b/src/lib/libcrypto/doc/dh.pod deleted file mode 100644 index b4be4be405..0000000000 --- a/src/lib/libcrypto/doc/dh.pod +++ /dev/null @@ -1,69 +0,0 @@ -=pod - -=head1 NAME - -dh - Diffie-Hellman key agreement - -=head1 SYNOPSIS - - #include - #include - - DH * DH_new(void); - void DH_free(DH *dh); - - int DH_size(DH *dh); - - DH * DH_generate_parameters(int prime_len, int generator, - void (*callback)(int, int, void *), void *cb_arg); - int DH_check(DH *dh, int *codes); - - int DH_generate_key(DH *dh); - int DH_compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh); - - void DH_set_default_openssl_method(DH_METHOD *meth); - DH_METHOD *DH_get_default_openssl_method(void); - int DH_set_method(DH *dh, ENGINE *engine); - DH *DH_new_method(ENGINE *engine); - DH_METHOD *DH_OpenSSL(void); - - int DH_get_ex_new_index(long argl, char *argp, int (*new_func)(), - int (*dup_func)(), void (*free_func)()); - int DH_set_ex_data(DH *d, int idx, char *arg); - char *DH_get_ex_data(DH *d, int idx); - - DH * d2i_DHparams(DH **a, unsigned char **pp, long length); - int i2d_DHparams(DH *a, unsigned char **pp); - - int DHparams_print_fp(FILE *fp, DH *x); - int DHparams_print(BIO *bp, DH *x); - -=head1 DESCRIPTION - -These functions implement the Diffie-Hellman key agreement protocol. -The generation of shared DH parameters is described in -L; L describes how -to perform a key agreement. - -The B structure consists of several BIGNUM components. - - struct - { - BIGNUM *p; // prime number (shared) - BIGNUM *g; // generator of Z_p (shared) - BIGNUM *priv_key; // private DH value x - BIGNUM *pub_key; // public DH value g^x - // ... - }; - DH - -=head1 SEE ALSO - -L, L, L, L, -L, L, L, -L, L, -L, -L, L, -L - -=cut diff --git a/src/lib/libcrypto/doc/dsa.pod b/src/lib/libcrypto/doc/dsa.pod deleted file mode 100644 index 573500204b..0000000000 --- a/src/lib/libcrypto/doc/dsa.pod +++ /dev/null @@ -1,105 +0,0 @@ -=pod - -=head1 NAME - -dsa - Digital Signature Algorithm - -=head1 SYNOPSIS - - #include - #include - - DSA * DSA_new(void); - void DSA_free(DSA *dsa); - - int DSA_size(DSA *dsa); - - DSA * DSA_generate_parameters(int bits, unsigned char *seed, - int seed_len, int *counter_ret, unsigned long *h_ret, - void (*callback)(int, int, void *), void *cb_arg); - - DH * DSA_dup_DH(DSA *r); - - int DSA_generate_key(DSA *dsa); - - int DSA_sign(int dummy, const unsigned char *dgst, int len, - unsigned char *sigret, unsigned int *siglen, DSA *dsa); - int DSA_sign_setup(DSA *dsa, BN_CTX *ctx, BIGNUM **kinvp, - BIGNUM **rp); - int DSA_verify(int dummy, const unsigned char *dgst, int len, - unsigned char *sigbuf, int siglen, DSA *dsa); - - void DSA_set_default_openssl_method(DSA_METHOD *meth); - DSA_METHOD *DSA_get_default_openssl_method(void); - int DSA_set_method(DSA *dsa, ENGINE *engine); - DSA *DSA_new_method(ENGINE *engine); - DSA_METHOD *DSA_OpenSSL(void); - - int DSA_get_ex_new_index(long argl, char *argp, int (*new_func)(), - int (*dup_func)(), void (*free_func)()); - int DSA_set_ex_data(DSA *d, int idx, char *arg); - char *DSA_get_ex_data(DSA *d, int idx); - - DSA_SIG *DSA_SIG_new(void); - void DSA_SIG_free(DSA_SIG *a); - int i2d_DSA_SIG(DSA_SIG *a, unsigned char **pp); - DSA_SIG *d2i_DSA_SIG(DSA_SIG **v, unsigned char **pp, long length); - - DSA_SIG *DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa); - int DSA_do_verify(const unsigned char *dgst, int dgst_len, - DSA_SIG *sig, DSA *dsa); - - DSA * d2i_DSAPublicKey(DSA **a, unsigned char **pp, long length); - DSA * d2i_DSAPrivateKey(DSA **a, unsigned char **pp, long length); - DSA * d2i_DSAparams(DSA **a, unsigned char **pp, long length); - int i2d_DSAPublicKey(DSA *a, unsigned char **pp); - int i2d_DSAPrivateKey(DSA *a, unsigned char **pp); - int i2d_DSAparams(DSA *a,unsigned char **pp); - - int DSAparams_print(BIO *bp, DSA *x); - int DSAparams_print_fp(FILE *fp, DSA *x); - int DSA_print(BIO *bp, DSA *x, int off); - int DSA_print_fp(FILE *bp, DSA *x, int off); - -=head1 DESCRIPTION - -These functions implement the Digital Signature Algorithm (DSA). The -generation of shared DSA parameters is described in -L; -L describes how to -generate a signature key. Signature generation and verification are -described in L. - -The B structure consists of several BIGNUM components. - - struct - { - BIGNUM *p; // prime number (public) - BIGNUM *q; // 160-bit subprime, q | p-1 (public) - BIGNUM *g; // generator of subgroup (public) - BIGNUM *priv_key; // private key x - BIGNUM *pub_key; // public key y = g^x - // ... - } - DSA; - -In public keys, B is NULL. - -=head1 CONFORMING TO - -US Federal Information Processing Standard FIPS 186 (Digital Signature -Standard, DSS), ANSI X9.30 - -=head1 SEE ALSO - -L, L, L, L, -L, L, L, -L, -L, -L, -L, -L, L, -L, -L - -=cut diff --git a/src/lib/libcrypto/doc/evp.pod b/src/lib/libcrypto/doc/evp.pod deleted file mode 100644 index f089dd49a2..0000000000 --- a/src/lib/libcrypto/doc/evp.pod +++ /dev/null @@ -1,37 +0,0 @@ -=pod - -=head1 NAME - -evp - high-level cryptographic functions - -=head1 SYNOPSIS - - #include - -=head1 DESCRIPTION - -The EVP library provided a high-level interface to cryptographic -functions. - -BI<...> and BI<...> provide public key encryption -and decryption to implement digital "envelopes". - -The BI<...> and BI<...> functions implement -digital signatures. - -Symmetric encryption is available with the BI<...> -functions. The BI<...> functions provide message digests. - -Algorithms are loaded with OpenSSL_add_all_algorithms(3). - -=head1 SEE ALSO - -L, -L, -L, -L, -L, -L, -L - -=cut diff --git a/src/lib/libcrypto/doc/lh_stats.pod b/src/lib/libcrypto/doc/lh_stats.pod deleted file mode 100644 index 3eeaa72e52..0000000000 --- a/src/lib/libcrypto/doc/lh_stats.pod +++ /dev/null @@ -1,60 +0,0 @@ -=pod - -=head1 NAME - -lh_stats, lh_node_stats, lh_node_usage_stats, lh_stats_bio, -lh_node_stats_bio, lh_node_usage_stats_bio - LHASH statistics - -=head1 SYNOPSIS - - #include - - void lh_stats(LHASH *table, FILE *out); - void lh_node_stats(LHASH *table, FILE *out); - void lh_node_usage_stats(LHASH *table, FILE *out); - - void lh_stats_bio(LHASH *table, BIO *out); - void lh_node_stats_bio(LHASH *table, BIO *out); - void lh_node_usage_stats_bio(LHASH *table, BIO *out); - -=head1 DESCRIPTION - -The B structure records statistics about most aspects of -accessing the hash table. This is mostly a legacy of Eric Young -writing this library for the reasons of implementing what looked like -a nice algorithm rather than for a particular software product. - -lh_stats() prints out statistics on the size of the hash table, how -many entries are in it, and the number and result of calls to the -routines in this library. - -lh_node_stats() prints the number of entries for each 'bucket' in the -hash table. - -lh_node_usage_stats() prints out a short summary of the state of the -hash table. It prints the 'load' and the 'actual load'. The load is -the average number of data items per 'bucket' in the hash table. The -'actual load' is the average number of items per 'bucket', but only -for buckets which contain entries. So the 'actual load' is the -average number of searches that will need to find an item in the hash -table, while the 'load' is the average number that will be done to -record a miss. - -lh_stats_bio(), lh_node_stats_bio() and lh_node_usage_stats_bio() -are the same as the above, except that the output goes to a B. - -=head1 RETURN VALUES - -These functions do not return values. - -=head1 SEE ALSO - -L, L - -=head1 HISTORY - -These functions are available in all versions of SSLeay and OpenSSL. - -This manpage is derived from the SSLeay documentation. - -=cut diff --git a/src/lib/libcrypto/doc/rsa.pod b/src/lib/libcrypto/doc/rsa.pod deleted file mode 100644 index ef0d4df205..0000000000 --- a/src/lib/libcrypto/doc/rsa.pod +++ /dev/null @@ -1,117 +0,0 @@ -=pod - -=head1 NAME - -rsa - RSA public key cryptosystem - -=head1 SYNOPSIS - - #include - #include - - RSA * RSA_new(void); - void RSA_free(RSA *rsa); - - int RSA_public_encrypt(int flen, unsigned char *from, - unsigned char *to, RSA *rsa, int padding); - int RSA_private_decrypt(int flen, unsigned char *from, - unsigned char *to, RSA *rsa, int padding); - - int RSA_sign(int type, unsigned char *m, unsigned int m_len, - unsigned char *sigret, unsigned int *siglen, RSA *rsa); - int RSA_verify(int type, unsigned char *m, unsigned int m_len, - unsigned char *sigbuf, unsigned int siglen, RSA *rsa); - - int RSA_size(RSA *rsa); - - RSA *RSA_generate_key(int num, unsigned long e, - void (*callback)(int,int,void *), void *cb_arg); - - int RSA_check_key(RSA *rsa); - - int RSA_blinding_on(RSA *rsa, BN_CTX *ctx); - void RSA_blinding_off(RSA *rsa); - - void RSA_set_default_openssl_method(RSA_METHOD *meth); - RSA_METHOD *RSA_get_default_openssl_method(void); - int RSA_set_method(RSA *rsa, ENGINE *engine); - RSA_METHOD *RSA_get_method(RSA *rsa); - RSA_METHOD *RSA_PKCS1_SSLeay(void); - RSA_METHOD *RSA_PKCS1_RSAref(void); - RSA_METHOD *RSA_null_method(void); - int RSA_flags(RSA *rsa); - RSA *RSA_new_method(ENGINE *engine); - - int RSA_print(BIO *bp, RSA *x, int offset); - int RSA_print_fp(FILE *fp, RSA *x, int offset); - - int RSA_get_ex_new_index(long argl, char *argp, int (*new_func)(), - int (*dup_func)(), void (*free_func)()); - int RSA_set_ex_data(RSA *r,int idx,char *arg); - char *RSA_get_ex_data(RSA *r, int idx); - - int RSA_private_encrypt(int flen, unsigned char *from, - unsigned char *to, RSA *rsa,int padding); - int RSA_public_decrypt(int flen, unsigned char *from, - unsigned char *to, RSA *rsa,int padding); - - int RSA_sign_ASN1_OCTET_STRING(int dummy, unsigned char *m, - unsigned int m_len, unsigned char *sigret, unsigned int *siglen, - RSA *rsa); - int RSA_verify_ASN1_OCTET_STRING(int dummy, unsigned char *m, - unsigned int m_len, unsigned char *sigbuf, unsigned int siglen, - RSA *rsa); - -=head1 DESCRIPTION - -These functions implement RSA public key encryption and signatures -as defined in PKCS #1 v2.0 [RFC 2437]. - -The B structure consists of several BIGNUM components. It can -contain public as well as private RSA keys: - - struct - { - BIGNUM *n; // public modulus - BIGNUM *e; // public exponent - BIGNUM *d; // private exponent - BIGNUM *p; // secret prime factor - BIGNUM *q; // secret prime factor - BIGNUM *dmp1; // d mod (p-1) - BIGNUM *dmq1; // d mod (q-1) - BIGNUM *iqmp; // q^-1 mod p - // ... - }; - RSA - -In public keys, the private exponent and the related secret values are -B. - -B

, B, B, B and B may be B in private -keys, but the RSA operations are much faster when these values are -available. - -=head1 CONFORMING TO - -SSL, PKCS #1 v2.0 - -=head1 PATENTS - -RSA was covered by a US patent which expired in September 2000. - -=head1 SEE ALSO - -L, L, L, L, -L, L, -L, -L, L, -L, -L, -L, -L, L, -L, -L, -L, -L - -=cut diff --git a/src/lib/libcrypto/dsa/dsa.h b/src/lib/libcrypto/dsa/dsa.h deleted file mode 100644 index 65689a3426..0000000000 --- a/src/lib/libcrypto/dsa/dsa.h +++ /dev/null @@ -1,256 +0,0 @@ -/* crypto/dsa/dsa.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -/* - * The DSS routines are based on patches supplied by - * Steven Schoch . He basically did the - * work and I have just tweaked them a little to fit into my - * stylistic vision for SSLeay :-) */ - -#ifndef HEADER_DSA_H -#define HEADER_DSA_H - -#ifdef NO_DSA -#error DSA is disabled. -#endif - -#ifndef NO_BIO -#include -#endif -#include -#include -#ifndef NO_DH -# include -#endif - -#define DSA_FLAG_CACHE_MONT_P 0x01 - -#ifdef __cplusplus -extern "C" { -#endif - -typedef struct dsa_st DSA; - -typedef struct DSA_SIG_st - { - BIGNUM *r; - BIGNUM *s; - } DSA_SIG; - -typedef struct dsa_method { - const char *name; - DSA_SIG * (*dsa_do_sign)(const unsigned char *dgst, int dlen, DSA *dsa); - int (*dsa_sign_setup)(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, - BIGNUM **rp); - int (*dsa_do_verify)(const unsigned char *dgst, int dgst_len, - DSA_SIG *sig, DSA *dsa); - int (*dsa_mod_exp)(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1, - BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *in_mont); - int (*bn_mod_exp)(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx); /* Can be null */ - int (*init)(DSA *dsa); - int (*finish)(DSA *dsa); - int flags; - char *app_data; -} DSA_METHOD; - -struct dsa_st - { - /* This first variable is used to pick up errors where - * a DSA is passed instead of of a EVP_PKEY */ - int pad; - int version; - int write_params; - BIGNUM *p; - BIGNUM *q; /* == 20 */ - BIGNUM *g; - - BIGNUM *pub_key; /* y public key */ - BIGNUM *priv_key; /* x private key */ - - BIGNUM *kinv; /* Signing pre-calc */ - BIGNUM *r; /* Signing pre-calc */ - - int flags; - /* Normally used to cache montgomery values */ - char *method_mont_p; - int references; - CRYPTO_EX_DATA ex_data; -#if 0 - DSA_METHOD *meth; -#else - struct engine_st *engine; -#endif - }; - -#define DSAparams_dup(x) (DSA *)ASN1_dup((int (*)())i2d_DSAparams, \ - (char *(*)())d2i_DSAparams,(char *)(x)) -#define d2i_DSAparams_fp(fp,x) (DSA *)ASN1_d2i_fp((char *(*)())DSA_new, \ - (char *(*)())d2i_DSAparams,(fp),(unsigned char **)(x)) -#define i2d_DSAparams_fp(fp,x) ASN1_i2d_fp(i2d_DSAparams,(fp), \ - (unsigned char *)(x)) -#define d2i_DSAparams_bio(bp,x) (DSA *)ASN1_d2i_bio((char *(*)())DSA_new, \ - (char *(*)())d2i_DSAparams,(bp),(unsigned char **)(x)) -#define i2d_DSAparams_bio(bp,x) ASN1_i2d_bio(i2d_DSAparams,(bp), \ - (unsigned char *)(x)) - - -DSA_SIG * DSA_SIG_new(void); -void DSA_SIG_free(DSA_SIG *a); -int i2d_DSA_SIG(DSA_SIG *a, unsigned char **pp); -DSA_SIG * d2i_DSA_SIG(DSA_SIG **v, unsigned char **pp, long length); - -DSA_SIG * DSA_do_sign(const unsigned char *dgst,int dlen,DSA *dsa); -int DSA_do_verify(const unsigned char *dgst,int dgst_len, - DSA_SIG *sig,DSA *dsa); - -DSA_METHOD *DSA_OpenSSL(void); - -void DSA_set_default_openssl_method(DSA_METHOD *); -DSA_METHOD *DSA_get_default_openssl_method(void); -#if 0 -DSA_METHOD *DSA_set_method(DSA *dsa, DSA_METHOD *); -#else -int DSA_set_method(DSA *dsa, struct engine_st *engine); -#endif - -DSA * DSA_new(void); -#if 0 -DSA * DSA_new_method(DSA_METHOD *meth); -#else -DSA * DSA_new_method(struct engine_st *engine); -#endif -int DSA_size(DSA *); - /* next 4 return -1 on error */ -int DSA_sign_setup( DSA *dsa,BN_CTX *ctx_in,BIGNUM **kinvp,BIGNUM **rp); -int DSA_sign(int type,const unsigned char *dgst,int dlen, - unsigned char *sig, unsigned int *siglen, DSA *dsa); -int DSA_verify(int type,const unsigned char *dgst,int dgst_len, - unsigned char *sigbuf, int siglen, DSA *dsa); -void DSA_free (DSA *r); -int DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); -int DSA_set_ex_data(DSA *d, int idx, void *arg); -void *DSA_get_ex_data(DSA *d, int idx); - -void ERR_load_DSA_strings(void ); - -DSA * d2i_DSAPublicKey(DSA **a, unsigned char **pp, long length); -DSA * d2i_DSAPrivateKey(DSA **a, unsigned char **pp, long length); -DSA * d2i_DSAparams(DSA **a, unsigned char **pp, long length); -DSA * DSA_generate_parameters(int bits, unsigned char *seed,int seed_len, - int *counter_ret, unsigned long *h_ret,void - (*callback)(int, int, void *),void *cb_arg); -int DSA_generate_key(DSA *a); -int i2d_DSAPublicKey(DSA *a, unsigned char **pp); -int i2d_DSAPrivateKey(DSA *a, unsigned char **pp); -int i2d_DSAparams(DSA *a,unsigned char **pp); - -#ifndef NO_BIO -int DSAparams_print(BIO *bp, DSA *x); -int DSA_print(BIO *bp, DSA *x, int off); -#endif -#ifndef NO_FP_API -int DSAparams_print_fp(FILE *fp, DSA *x); -int DSA_print_fp(FILE *bp, DSA *x, int off); -#endif - -#define DSS_prime_checks 50 -/* Primality test according to FIPS PUB 186[-1], Appendix 2.1: - * 50 rounds of Rabin-Miller */ -#define DSA_is_prime(n, callback, cb_arg) \ - BN_is_prime(n, DSS_prime_checks, callback, NULL, cb_arg) - -#ifndef NO_DH -/* Convert DSA structure (key or just parameters) into DH structure - * (be careful to avoid small subgroup attacks when using this!) */ -DH *DSA_dup_DH(DSA *r); -#endif - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ - -/* Error codes for the DSA functions. */ - -/* Function codes. */ -#define DSA_F_D2I_DSA_SIG 110 -#define DSA_F_DSAPARAMS_PRINT 100 -#define DSA_F_DSAPARAMS_PRINT_FP 101 -#define DSA_F_DSA_DO_SIGN 112 -#define DSA_F_DSA_DO_VERIFY 113 -#define DSA_F_DSA_NEW 103 -#define DSA_F_DSA_PRINT 104 -#define DSA_F_DSA_PRINT_FP 105 -#define DSA_F_DSA_SIGN 106 -#define DSA_F_DSA_SIGN_SETUP 107 -#define DSA_F_DSA_SIG_NEW 109 -#define DSA_F_DSA_VERIFY 108 -#define DSA_F_I2D_DSA_SIG 111 - -/* Reason codes. */ -#define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 100 - -#ifdef __cplusplus -} -#endif -#endif - diff --git a/src/lib/libcrypto/dsa/dsa_asn1.c b/src/lib/libcrypto/dsa/dsa_asn1.c deleted file mode 100644 index a76c8f7c7e..0000000000 --- a/src/lib/libcrypto/dsa/dsa_asn1.c +++ /dev/null @@ -1,96 +0,0 @@ -/* crypto/dsa/dsa_asn1.c */ - -#include -#include "cryptlib.h" -#include -#include -#include - -DSA_SIG *DSA_SIG_new(void) -{ - DSA_SIG *ret; - - ret = OPENSSL_malloc(sizeof(DSA_SIG)); - if (ret == NULL) - { - DSAerr(DSA_F_DSA_SIG_NEW,ERR_R_MALLOC_FAILURE); - return(NULL); - } - ret->r = NULL; - ret->s = NULL; - return(ret); -} - -void DSA_SIG_free(DSA_SIG *r) -{ - if (r == NULL) return; - if (r->r) BN_clear_free(r->r); - if (r->s) BN_clear_free(r->s); - OPENSSL_free(r); -} - -int i2d_DSA_SIG(DSA_SIG *v, unsigned char **pp) -{ - int t=0,len; - ASN1_INTEGER rbs,sbs; - unsigned char *p; - - rbs.data=OPENSSL_malloc(BN_num_bits(v->r)/8+1); - if (rbs.data == NULL) - { - DSAerr(DSA_F_I2D_DSA_SIG, ERR_R_MALLOC_FAILURE); - return(0); - } - rbs.type=V_ASN1_INTEGER; - rbs.length=BN_bn2bin(v->r,rbs.data); - sbs.data=OPENSSL_malloc(BN_num_bits(v->s)/8+1); - if (sbs.data == NULL) - { - OPENSSL_free(rbs.data); - DSAerr(DSA_F_I2D_DSA_SIG, ERR_R_MALLOC_FAILURE); - return(0); - } - sbs.type=V_ASN1_INTEGER; - sbs.length=BN_bn2bin(v->s,sbs.data); - - len=i2d_ASN1_INTEGER(&rbs,NULL); - len+=i2d_ASN1_INTEGER(&sbs,NULL); - - if (pp) - { - p=*pp; - ASN1_put_object(&p,1,len,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL); - i2d_ASN1_INTEGER(&rbs,&p); - i2d_ASN1_INTEGER(&sbs,&p); - } - t=ASN1_object_size(1,len,V_ASN1_SEQUENCE); - OPENSSL_free(rbs.data); - OPENSSL_free(sbs.data); - return(t); -} - -DSA_SIG *d2i_DSA_SIG(DSA_SIG **a, unsigned char **pp, long length) -{ - int i=ERR_R_NESTED_ASN1_ERROR; - ASN1_INTEGER *bs=NULL; - M_ASN1_D2I_vars(a,DSA_SIG *,DSA_SIG_new); - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER); - if ((ret->r=BN_bin2bn(bs->data,bs->length,ret->r)) == NULL) - goto err_bn; - M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER); - if ((ret->s=BN_bin2bn(bs->data,bs->length,ret->s)) == NULL) - goto err_bn; - M_ASN1_BIT_STRING_free(bs); - M_ASN1_D2I_Finish_2(a); - -err_bn: - i=ERR_R_BN_LIB; -err: - DSAerr(DSA_F_D2I_DSA_SIG,i); - if ((ret != NULL) && ((a == NULL) || (*a != ret))) DSA_SIG_free(ret); - if (bs != NULL) M_ASN1_BIT_STRING_free(bs); - return(NULL); -} diff --git a/src/lib/libcrypto/dsa/dsa_err.c b/src/lib/libcrypto/dsa/dsa_err.c deleted file mode 100644 index 2b3ab3a9ad..0000000000 --- a/src/lib/libcrypto/dsa/dsa_err.c +++ /dev/null @@ -1,106 +0,0 @@ -/* crypto/dsa/dsa_err.c */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* NOTE: this file was auto generated by the mkerr.pl script: any changes - * made to it will be overwritten when the script next updates this file, - * only reason strings will be preserved. - */ - -#include -#include -#include - -/* BEGIN ERROR CODES */ -#ifndef NO_ERR -static ERR_STRING_DATA DSA_str_functs[]= - { -{ERR_PACK(0,DSA_F_D2I_DSA_SIG,0), "d2i_DSA_SIG"}, -{ERR_PACK(0,DSA_F_DSAPARAMS_PRINT,0), "DSAparams_print"}, -{ERR_PACK(0,DSA_F_DSAPARAMS_PRINT_FP,0), "DSAparams_print_fp"}, -{ERR_PACK(0,DSA_F_DSA_DO_SIGN,0), "DSA_do_sign"}, -{ERR_PACK(0,DSA_F_DSA_DO_VERIFY,0), "DSA_do_verify"}, -{ERR_PACK(0,DSA_F_DSA_NEW,0), "DSA_new"}, -{ERR_PACK(0,DSA_F_DSA_PRINT,0), "DSA_print"}, -{ERR_PACK(0,DSA_F_DSA_PRINT_FP,0), "DSA_print_fp"}, -{ERR_PACK(0,DSA_F_DSA_SIGN,0), "DSA_sign"}, -{ERR_PACK(0,DSA_F_DSA_SIGN_SETUP,0), "DSA_sign_setup"}, -{ERR_PACK(0,DSA_F_DSA_SIG_NEW,0), "DSA_SIG_new"}, -{ERR_PACK(0,DSA_F_DSA_VERIFY,0), "DSA_verify"}, -{ERR_PACK(0,DSA_F_I2D_DSA_SIG,0), "i2d_DSA_SIG"}, -{0,NULL} - }; - -static ERR_STRING_DATA DSA_str_reasons[]= - { -{DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE ,"data too large for key size"}, -{0,NULL} - }; - -#endif - -void ERR_load_DSA_strings(void) - { - static int init=1; - - if (init) - { - init=0; -#ifndef NO_ERR - ERR_load_strings(ERR_LIB_DSA,DSA_str_functs); - ERR_load_strings(ERR_LIB_DSA,DSA_str_reasons); -#endif - - } - } diff --git a/src/lib/libcrypto/dsa/dsa_gen.c b/src/lib/libcrypto/dsa/dsa_gen.c deleted file mode 100644 index 2294a362d9..0000000000 --- a/src/lib/libcrypto/dsa/dsa_gen.c +++ /dev/null @@ -1,294 +0,0 @@ -/* crypto/dsa/dsa_gen.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#undef GENUINE_DSA - -#ifdef GENUINE_DSA -/* Parameter generation follows the original release of FIPS PUB 186, - * Appendix 2.2 (i.e. use SHA as defined in FIPS PUB 180) */ -#define HASH SHA -#else -/* Parameter generation follows the updated Appendix 2.2 for FIPS PUB 186, - * also Appendix 2.2 of FIPS PUB 186-1 (i.e. use SHA as defined in - * FIPS PUB 180-1) */ -#define HASH SHA1 -#endif - -#ifndef NO_SHA - -#include -#include -#include "cryptlib.h" -#include -#include -#include -#include - -DSA *DSA_generate_parameters(int bits, unsigned char *seed_in, int seed_len, - int *counter_ret, unsigned long *h_ret, - void (*callback)(int, int, void *), - void *cb_arg) - { - int ok=0; - unsigned char seed[SHA_DIGEST_LENGTH]; - unsigned char md[SHA_DIGEST_LENGTH]; - unsigned char buf[SHA_DIGEST_LENGTH],buf2[SHA_DIGEST_LENGTH]; - BIGNUM *r0,*W,*X,*c,*test; - BIGNUM *g=NULL,*q=NULL,*p=NULL; - BN_MONT_CTX *mont=NULL; - int k,n=0,i,b,m=0; - int counter=0; - int r=0; - BN_CTX *ctx=NULL,*ctx2=NULL,*ctx3=NULL; - unsigned int h=2; - DSA *ret=NULL; - - if (bits < 512) bits=512; - bits=(bits+63)/64*64; - - if (seed_len < 20) - seed_in = NULL; /* seed buffer too small -- ignore */ - if (seed_len > 20) - seed_len = 20; /* App. 2.2 of FIPS PUB 186 allows larger SEED, - * but our internal buffers are restricted to 160 bits*/ - if ((seed_in != NULL) && (seed_len == 20)) - memcpy(seed,seed_in,seed_len); - - if ((ctx=BN_CTX_new()) == NULL) goto err; - if ((ctx2=BN_CTX_new()) == NULL) goto err; - if ((ctx3=BN_CTX_new()) == NULL) goto err; - if ((ret=DSA_new()) == NULL) goto err; - - if ((mont=BN_MONT_CTX_new()) == NULL) goto err; - - BN_CTX_start(ctx2); - r0 = BN_CTX_get(ctx2); - g = BN_CTX_get(ctx2); - W = BN_CTX_get(ctx2); - q = BN_CTX_get(ctx2); - X = BN_CTX_get(ctx2); - c = BN_CTX_get(ctx2); - p = BN_CTX_get(ctx2); - test = BN_CTX_get(ctx2); - - BN_lshift(test,BN_value_one(),bits-1); - - for (;;) - { - for (;;) /* find q */ - { - int seed_is_random; - - /* step 1 */ - if (callback != NULL) callback(0,m++,cb_arg); - - if (!seed_len) - { - RAND_pseudo_bytes(seed,SHA_DIGEST_LENGTH); - seed_is_random = 1; - } - else - { - seed_is_random = 0; - seed_len=0; /* use random seed if 'seed_in' turns out to be bad*/ - } - memcpy(buf,seed,SHA_DIGEST_LENGTH); - memcpy(buf2,seed,SHA_DIGEST_LENGTH); - /* precompute "SEED + 1" for step 7: */ - for (i=SHA_DIGEST_LENGTH-1; i >= 0; i--) - { - buf[i]++; - if (buf[i] != 0) break; - } - - /* step 2 */ - HASH(seed,SHA_DIGEST_LENGTH,md); - HASH(buf,SHA_DIGEST_LENGTH,buf2); - for (i=0; i 0) - break; - if (r != 0) - goto err; - - /* do a callback call */ - /* step 5 */ - } - - if (callback != NULL) callback(2,0,cb_arg); - if (callback != NULL) callback(3,0,cb_arg); - - /* step 6 */ - counter=0; - /* "offset = 2" */ - - n=(bits-1)/160; - b=(bits-1)-n*160; - - for (;;) - { - if (callback != NULL && counter != 0) - callback(0,counter,cb_arg); - - /* step 7 */ - BN_zero(W); - /* now 'buf' contains "SEED + offset - 1" */ - for (k=0; k<=n; k++) - { - /* obtain "SEED + offset + k" by incrementing: */ - for (i=SHA_DIGEST_LENGTH-1; i >= 0; i--) - { - buf[i]++; - if (buf[i] != 0) break; - } - - HASH(buf,SHA_DIGEST_LENGTH,md); - - /* step 8 */ - if (!BN_bin2bn(md,SHA_DIGEST_LENGTH,r0)) - goto err; - BN_lshift(r0,r0,160*k); - BN_add(W,W,r0); - } - - /* more of step 8 */ - BN_mask_bits(W,bits-1); - BN_copy(X,W); /* this should be ok */ - BN_add(X,X,test); /* this should be ok */ - - /* step 9 */ - BN_lshift1(r0,q); - BN_mod(c,X,r0,ctx); - BN_sub(r0,c,BN_value_one()); - BN_sub(p,X,r0); - - /* step 10 */ - if (BN_cmp(p,test) >= 0) - { - /* step 11 */ - r = BN_is_prime_fasttest(p, DSS_prime_checks, callback, ctx3, cb_arg, 1); - if (r > 0) - goto end; /* found it */ - if (r != 0) - goto err; - } - - /* step 13 */ - counter++; - /* "offset = offset + n + 1" */ - - /* step 14 */ - if (counter >= 4096) break; - } - } -end: - if (callback != NULL) callback(2,1,cb_arg); - - /* We now need to generate g */ - /* Set r0=(p-1)/q */ - BN_sub(test,p,BN_value_one()); - BN_div(r0,NULL,test,q,ctx); - - BN_set_word(test,h); - BN_MONT_CTX_set(mont,p,ctx); - - for (;;) - { - /* g=test^r0%p */ - BN_mod_exp_mont(g,test,r0,p,ctx,mont); - if (!BN_is_one(g)) break; - BN_add(test,test,BN_value_one()); - h++; - } - - if (callback != NULL) callback(3,1,cb_arg); - - ok=1; -err: - if (!ok) - { - if (ret != NULL) DSA_free(ret); - } - else - { - ret->p=BN_dup(p); - ret->q=BN_dup(q); - ret->g=BN_dup(g); - if ((m > 1) && (seed_in != NULL)) memcpy(seed_in,seed,20); - if (counter_ret != NULL) *counter_ret=counter; - if (h_ret != NULL) *h_ret=h; - } - if (ctx != NULL) BN_CTX_free(ctx); - if (ctx2 != NULL) - { - BN_CTX_end(ctx2); - BN_CTX_free(ctx2); - } - if (ctx3 != NULL) BN_CTX_free(ctx3); - if (mont != NULL) BN_MONT_CTX_free(mont); - return(ok?ret:NULL); - } -#endif diff --git a/src/lib/libcrypto/dsa/dsa_key.c b/src/lib/libcrypto/dsa/dsa_key.c deleted file mode 100644 index a68d236e05..0000000000 --- a/src/lib/libcrypto/dsa/dsa_key.c +++ /dev/null @@ -1,108 +0,0 @@ -/* crypto/dsa/dsa_key.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef NO_SHA -#include -#include -#include "cryptlib.h" -#include -#include -#include -#include - -extern int __BN_rand_range(BIGNUM *r, BIGNUM *range); - -int DSA_generate_key(DSA *dsa) - { - int ok=0; - BN_CTX *ctx=NULL; - BIGNUM *pub_key=NULL,*priv_key=NULL; - - if ((ctx=BN_CTX_new()) == NULL) goto err; - - if (dsa->priv_key == NULL) - { - if ((priv_key=BN_new()) == NULL) goto err; - } - else - priv_key=dsa->priv_key; - - do - if (!__BN_rand_range(priv_key,dsa->q)) goto err; - while (BN_is_zero(priv_key)); - - if (dsa->pub_key == NULL) - { - if ((pub_key=BN_new()) == NULL) goto err; - } - else - pub_key=dsa->pub_key; - - if (!BN_mod_exp(pub_key,dsa->g,priv_key,dsa->p,ctx)) goto err; - - dsa->priv_key=priv_key; - dsa->pub_key=pub_key; - ok=1; - -err: - if ((pub_key != NULL) && (dsa->pub_key == NULL)) BN_free(pub_key); - if ((priv_key != NULL) && (dsa->priv_key == NULL)) BN_free(priv_key); - if (ctx != NULL) BN_CTX_free(ctx); - return(ok); - } -#endif diff --git a/src/lib/libcrypto/dsa/dsa_lib.c b/src/lib/libcrypto/dsa/dsa_lib.c deleted file mode 100644 index 15f667a203..0000000000 --- a/src/lib/libcrypto/dsa/dsa_lib.c +++ /dev/null @@ -1,296 +0,0 @@ -/* crypto/dsa/dsa_lib.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -/* Original version from Steven Schoch */ - -#include -#include "cryptlib.h" -#include -#include -#include -#include - -const char *DSA_version="DSA" OPENSSL_VERSION_PTEXT; - -static DSA_METHOD *default_DSA_method; -static int dsa_meth_num = 0; -static STACK_OF(CRYPTO_EX_DATA_FUNCS) *dsa_meth = NULL; - -void DSA_set_default_openssl_method(DSA_METHOD *meth) -{ - ENGINE *e; - /* We'll need to notify the "openssl" ENGINE of this - * change too. We won't bother locking things down at - * our end as there was never any locking in these - * functions! */ - if(default_DSA_method != meth) - { - default_DSA_method = meth; - e = ENGINE_by_id("openssl"); - if(e) - { - ENGINE_set_DSA(e, meth); - ENGINE_free(e); - } - } -} - -DSA_METHOD *DSA_get_default_openssl_method(void) -{ - if(!default_DSA_method) default_DSA_method = DSA_OpenSSL(); - return default_DSA_method; -} - -DSA *DSA_new(void) -{ - return DSA_new_method(NULL); -} - -#if 0 -DSA_METHOD *DSA_set_method(DSA *dsa, DSA_METHOD *meth) -{ - DSA_METHOD *mtmp; - mtmp = dsa->meth; - if (mtmp->finish) mtmp->finish(dsa); - dsa->meth = meth; - if (meth->init) meth->init(dsa); - return mtmp; -} -#else -int DSA_set_method(DSA *dsa, ENGINE *engine) - { - ENGINE *mtmp; - DSA_METHOD *meth; - mtmp = dsa->engine; - meth = ENGINE_get_DSA(mtmp); - if (!ENGINE_init(engine)) - return 0; - if (meth->finish) meth->finish(dsa); - dsa->engine = engine; - meth = ENGINE_get_DSA(engine); - if (meth->init) meth->init(dsa); - /* SHOULD ERROR CHECK THIS!!! */ - ENGINE_finish(mtmp); - return 1; - } -#endif - - -#if 0 -DSA *DSA_new_method(DSA_METHOD *meth) -#else -DSA *DSA_new_method(ENGINE *engine) -#endif - { - DSA_METHOD *meth; - DSA *ret; - - ret=(DSA *)OPENSSL_malloc(sizeof(DSA)); - if (ret == NULL) - { - DSAerr(DSA_F_DSA_NEW,ERR_R_MALLOC_FAILURE); - return(NULL); - } - if(engine) - ret->engine = engine; - else - { - if((ret->engine=ENGINE_get_default_DSA()) == NULL) - { - OPENSSL_free(ret); - return NULL; - } - } - meth = ENGINE_get_DSA(ret->engine); - ret->pad=0; - ret->version=0; - ret->write_params=1; - ret->p=NULL; - ret->q=NULL; - ret->g=NULL; - - ret->pub_key=NULL; - ret->priv_key=NULL; - - ret->kinv=NULL; - ret->r=NULL; - ret->method_mont_p=NULL; - - ret->references=1; - ret->flags=meth->flags; - CRYPTO_new_ex_data(dsa_meth,ret,&ret->ex_data); - if ((meth->init != NULL) && !meth->init(ret)) - { - CRYPTO_free_ex_data(dsa_meth,ret,&ret->ex_data); - OPENSSL_free(ret); - ret=NULL; - } - - return(ret); - } - -void DSA_free(DSA *r) - { - DSA_METHOD *meth; - int i; - - if (r == NULL) return; - - i=CRYPTO_add(&r->references,-1,CRYPTO_LOCK_DSA); -#ifdef REF_PRINT - REF_PRINT("DSA",r); -#endif - if (i > 0) return; -#ifdef REF_CHECK - if (i < 0) - { - fprintf(stderr,"DSA_free, bad reference count\n"); - abort(); - } -#endif - - meth = ENGINE_get_DSA(r->engine); - if(meth->finish) meth->finish(r); - ENGINE_finish(r->engine); - - CRYPTO_free_ex_data(dsa_meth, r, &r->ex_data); - - if (r->p != NULL) BN_clear_free(r->p); - if (r->q != NULL) BN_clear_free(r->q); - if (r->g != NULL) BN_clear_free(r->g); - if (r->pub_key != NULL) BN_clear_free(r->pub_key); - if (r->priv_key != NULL) BN_clear_free(r->priv_key); - if (r->kinv != NULL) BN_clear_free(r->kinv); - if (r->r != NULL) BN_clear_free(r->r); - OPENSSL_free(r); - } - -int DSA_size(DSA *r) - { - int ret,i; - ASN1_INTEGER bs; - unsigned char buf[4]; - - i=BN_num_bits(r->q); - bs.length=(i+7)/8; - bs.data=buf; - bs.type=V_ASN1_INTEGER; - /* If the top bit is set the asn1 encoding is 1 larger. */ - buf[0]=0xff; - - i=i2d_ASN1_INTEGER(&bs,NULL); - i+=i; /* r and s */ - ret=ASN1_object_size(1,i,V_ASN1_SEQUENCE); - return(ret); - } - -int DSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) - { - dsa_meth_num++; - return(CRYPTO_get_ex_new_index(dsa_meth_num-1, - &dsa_meth,argl,argp,new_func,dup_func,free_func)); - } - -int DSA_set_ex_data(DSA *d, int idx, void *arg) - { - return(CRYPTO_set_ex_data(&d->ex_data,idx,arg)); - } - -void *DSA_get_ex_data(DSA *d, int idx) - { - return(CRYPTO_get_ex_data(&d->ex_data,idx)); - } - -#ifndef NO_DH -DH *DSA_dup_DH(DSA *r) - { - /* DSA has p, q, g, optional pub_key, optional priv_key. - * DH has p, optional length, g, optional pub_key, optional priv_key. - */ - - DH *ret = NULL; - - if (r == NULL) - goto err; - ret = DH_new(); - if (ret == NULL) - goto err; - if (r->p != NULL) - if ((ret->p = BN_dup(r->p)) == NULL) - goto err; - if (r->q != NULL) - ret->length = BN_num_bits(r->q); - if (r->g != NULL) - if ((ret->g = BN_dup(r->g)) == NULL) - goto err; - if (r->pub_key != NULL) - if ((ret->pub_key = BN_dup(r->pub_key)) == NULL) - goto err; - if (r->priv_key != NULL) - if ((ret->priv_key = BN_dup(r->priv_key)) == NULL) - goto err; - - return ret; - - err: - if (ret != NULL) - DH_free(ret); - return NULL; - } -#endif diff --git a/src/lib/libcrypto/dsa/dsa_ossl.c b/src/lib/libcrypto/dsa/dsa_ossl.c deleted file mode 100644 index 5cbbdddfb9..0000000000 --- a/src/lib/libcrypto/dsa/dsa_ossl.c +++ /dev/null @@ -1,372 +0,0 @@ -/* crypto/dsa/dsa_ossl.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -/* Original version from Steven Schoch */ - -#include -#include "cryptlib.h" -#include -#include -#include -#include -#include - -int __BN_rand_range(BIGNUM *r, BIGNUM *range); - -static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa); -static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp); -static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, - DSA *dsa); -static int dsa_init(DSA *dsa); -static int dsa_finish(DSA *dsa); -static int dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1, - BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *in_mont); -static int dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx); - -static DSA_METHOD openssl_dsa_meth = { -"OpenSSL DSA method", -dsa_do_sign, -dsa_sign_setup, -dsa_do_verify, -dsa_mod_exp, -dsa_bn_mod_exp, -dsa_init, -dsa_finish, -0, -NULL -}; - -DSA_METHOD *DSA_OpenSSL(void) -{ - return &openssl_dsa_meth; -} - -static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) - { - BIGNUM *kinv=NULL,*r=NULL,*s=NULL; - BIGNUM m; - BIGNUM xr; - BN_CTX *ctx=NULL; - int i,reason=ERR_R_BN_LIB; - DSA_SIG *ret=NULL; - - BN_init(&m); - BN_init(&xr); - s=BN_new(); - if (s == NULL) goto err; - - i=BN_num_bytes(dsa->q); /* should be 20 */ - if ((dlen > i) || (dlen > 50)) - { - reason=DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE; - goto err; - } - - ctx=BN_CTX_new(); - if (ctx == NULL) goto err; - - if ((dsa->kinv == NULL) || (dsa->r == NULL)) - { - if (!DSA_sign_setup(dsa,ctx,&kinv,&r)) goto err; - } - else - { - kinv=dsa->kinv; - dsa->kinv=NULL; - r=dsa->r; - dsa->r=NULL; - } - - if (BN_bin2bn(dgst,dlen,&m) == NULL) goto err; - - /* Compute s = inv(k) (m + xr) mod q */ - if (!BN_mod_mul(&xr,dsa->priv_key,r,dsa->q,ctx)) goto err;/* s = xr */ - if (!BN_add(s, &xr, &m)) goto err; /* s = m + xr */ - if (BN_cmp(s,dsa->q) > 0) - BN_sub(s,s,dsa->q); - if (!BN_mod_mul(s,s,kinv,dsa->q,ctx)) goto err; - - ret=DSA_SIG_new(); - if (ret == NULL) goto err; - ret->r = r; - ret->s = s; - -err: - if (!ret) - { - DSAerr(DSA_F_DSA_DO_SIGN,reason); - BN_free(r); - BN_free(s); - } - if (ctx != NULL) BN_CTX_free(ctx); - BN_clear_free(&m); - BN_clear_free(&xr); - if (kinv != NULL) /* dsa->kinv is NULL now if we used it */ - BN_clear_free(kinv); - return(ret); - } - -static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) - { - BN_CTX *ctx; - BIGNUM k,*kinv=NULL,*r=NULL; - int ret=0; - - if (ctx_in == NULL) - { - if ((ctx=BN_CTX_new()) == NULL) goto err; - } - else - ctx=ctx_in; - - BN_init(&k); - if ((r=BN_new()) == NULL) goto err; - kinv=NULL; - - /* Get random k */ - do - if (!__BN_rand_range(&k, dsa->q)) goto err; - while (BN_is_zero(&k)); - - if ((dsa->method_mont_p == NULL) && (dsa->flags & DSA_FLAG_CACHE_MONT_P)) - { - if ((dsa->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL) - if (!BN_MONT_CTX_set((BN_MONT_CTX *)dsa->method_mont_p, - dsa->p,ctx)) goto err; - } - - /* Compute r = (g^k mod p) mod q */ - if (!ENGINE_get_DSA(dsa->engine)->bn_mod_exp(dsa, r,dsa->g,&k,dsa->p,ctx, - (BN_MONT_CTX *)dsa->method_mont_p)) goto err; - if (!BN_mod(r,r,dsa->q,ctx)) goto err; - - /* Compute part of 's = inv(k) (m + xr) mod q' */ - if ((kinv=BN_mod_inverse(NULL,&k,dsa->q,ctx)) == NULL) goto err; - - if (*kinvp != NULL) BN_clear_free(*kinvp); - *kinvp=kinv; - kinv=NULL; - if (*rp != NULL) BN_clear_free(*rp); - *rp=r; - ret=1; -err: - if (!ret) - { - DSAerr(DSA_F_DSA_SIGN_SETUP,ERR_R_BN_LIB); - if (kinv != NULL) BN_clear_free(kinv); - if (r != NULL) BN_clear_free(r); - } - if (ctx_in == NULL) BN_CTX_free(ctx); - if (kinv != NULL) BN_clear_free(kinv); - BN_clear_free(&k); - return(ret); - } - -static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, - DSA *dsa) - { - BN_CTX *ctx; - BIGNUM u1,u2,t1; - BN_MONT_CTX *mont=NULL; - int ret = -1; - - if ((ctx=BN_CTX_new()) == NULL) goto err; - BN_init(&u1); - BN_init(&u2); - BN_init(&t1); - - /* Calculate W = inv(S) mod Q - * save W in u2 */ - if ((BN_mod_inverse(&u2,sig->s,dsa->q,ctx)) == NULL) goto err; - - /* save M in u1 */ - if (BN_bin2bn(dgst,dgst_len,&u1) == NULL) goto err; - - /* u1 = M * w mod q */ - if (!BN_mod_mul(&u1,&u1,&u2,dsa->q,ctx)) goto err; - - /* u2 = r * w mod q */ - if (!BN_mod_mul(&u2,sig->r,&u2,dsa->q,ctx)) goto err; - - if ((dsa->method_mont_p == NULL) && (dsa->flags & DSA_FLAG_CACHE_MONT_P)) - { - if ((dsa->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL) - if (!BN_MONT_CTX_set((BN_MONT_CTX *)dsa->method_mont_p, - dsa->p,ctx)) goto err; - } - mont=(BN_MONT_CTX *)dsa->method_mont_p; - -#if 0 - { - BIGNUM t2; - - BN_init(&t2); - /* v = ( g^u1 * y^u2 mod p ) mod q */ - /* let t1 = g ^ u1 mod p */ - if (!BN_mod_exp_mont(&t1,dsa->g,&u1,dsa->p,ctx,mont)) goto err; - /* let t2 = y ^ u2 mod p */ - if (!BN_mod_exp_mont(&t2,dsa->pub_key,&u2,dsa->p,ctx,mont)) goto err; - /* let u1 = t1 * t2 mod p */ - if (!BN_mod_mul(&u1,&t1,&t2,dsa->p,ctx)) goto err_bn; - BN_free(&t2); - } - /* let u1 = u1 mod q */ - if (!BN_mod(&u1,&u1,dsa->q,ctx)) goto err; -#else - { - if (!ENGINE_get_DSA(dsa->engine)->dsa_mod_exp(dsa, &t1,dsa->g,&u1,dsa->pub_key,&u2, - dsa->p,ctx,mont)) goto err; - /* BN_copy(&u1,&t1); */ - /* let u1 = u1 mod q */ - if (!BN_mod(&u1,&t1,dsa->q,ctx)) goto err; - } -#endif - /* V is now in u1. If the signature is correct, it will be - * equal to R. */ - ret=(BN_ucmp(&u1, sig->r) == 0); - - err: - if (ret != 1) DSAerr(DSA_F_DSA_DO_VERIFY,ERR_R_BN_LIB); - if (ctx != NULL) BN_CTX_free(ctx); - BN_free(&u1); - BN_free(&u2); - BN_free(&t1); - return(ret); - } - -static int dsa_init(DSA *dsa) -{ - dsa->flags|=DSA_FLAG_CACHE_MONT_P; - return(1); -} - -static int dsa_finish(DSA *dsa) -{ - if(dsa->method_mont_p) - BN_MONT_CTX_free((BN_MONT_CTX *)dsa->method_mont_p); - return(1); -} - -static int dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1, - BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *in_mont) -{ - return BN_mod_exp2_mont(rr, a1, p1, a2, p2, m, ctx, in_mont); -} - -static int dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx) -{ - return BN_mod_exp_mont(r, a, p, m, ctx, m_ctx); -} - - -/* random number r: 0 <= r < range */ -int __BN_rand_range(BIGNUM *r, BIGNUM *range) - { - int n; - - if (range->neg || BN_is_zero(range)) - { - /* BNerr(BN_F_BN_RAND_RANGE, BN_R_INVALID_RANGE); */ - return 0; - } - - n = BN_num_bits(range); /* n > 0 */ - - if (n == 1) - { - if (!BN_zero(r)) return 0; - } - else if (BN_is_bit_set(range, n - 2)) - { - do - { - /* range = 11..._2, so each iteration succeeds with probability >= .75 */ - if (!BN_rand(r, n, -1, 0)) return 0; - } - while (BN_cmp(r, range) >= 0); - } - else - { - /* range = 10..._2, - * so 3*range (= 11..._2) is exactly one bit longer than range */ - do - { - if (!BN_rand(r, n + 1, -1, 0)) return 0; - /* If r < 3*range, use r := r MOD range - * (which is either r, r - range, or r - 2*range). - * Otherwise, iterate once more. - * Since 3*range = 11..._2, each iteration succeeds with - * probability >= .75. */ - if (BN_cmp(r ,range) >= 0) - { - if (!BN_sub(r, r, range)) return 0; - if (BN_cmp(r, range) >= 0) - if (!BN_sub(r, r, range)) return 0; - } - } - while (BN_cmp(r, range) >= 0); - } - - return 1; - } diff --git a/src/lib/libcrypto/dsa/dsa_sign.c b/src/lib/libcrypto/dsa/dsa_sign.c deleted file mode 100644 index dfe27bae47..0000000000 --- a/src/lib/libcrypto/dsa/dsa_sign.c +++ /dev/null @@ -1,93 +0,0 @@ -/* crypto/dsa/dsa_sign.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -/* Original version from Steven Schoch */ - -#include -#include "cryptlib.h" -#include -#include -#include -#include -#include - -DSA_SIG * DSA_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) - { - return ENGINE_get_DSA(dsa->engine)->dsa_do_sign(dgst, dlen, dsa); - } - -int DSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig, - unsigned int *siglen, DSA *dsa) - { - DSA_SIG *s; - s=DSA_do_sign(dgst,dlen,dsa); - if (s == NULL) - { - *siglen=0; - return(0); - } - *siglen=i2d_DSA_SIG(s,&sig); - DSA_SIG_free(s); - return(1); - } - -int DSA_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) - { - return ENGINE_get_DSA(dsa->engine)->dsa_sign_setup(dsa, ctx_in, kinvp, rp); - } - diff --git a/src/lib/libcrypto/dsa/dsa_vrf.c b/src/lib/libcrypto/dsa/dsa_vrf.c deleted file mode 100644 index 2e891ae491..0000000000 --- a/src/lib/libcrypto/dsa/dsa_vrf.c +++ /dev/null @@ -1,95 +0,0 @@ -/* crypto/dsa/dsa_vrf.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -/* Original version from Steven Schoch */ - -#include -#include "cryptlib.h" -#include -#include -#include -#include -#include -#include - -int DSA_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, - DSA *dsa) - { - return ENGINE_get_DSA(dsa->engine)->dsa_do_verify(dgst, dgst_len, sig, dsa); - } - -/* data has already been hashed (probably with SHA or SHA-1). */ -/* returns - * 1: correct signature - * 0: incorrect signature - * -1: error - */ -int DSA_verify(int type, const unsigned char *dgst, int dgst_len, - unsigned char *sigbuf, int siglen, DSA *dsa) - { - DSA_SIG *s; - int ret=-1; - - s = DSA_SIG_new(); - if (s == NULL) return(ret); - if (d2i_DSA_SIG(&s,&sigbuf,siglen) == NULL) goto err; - ret=DSA_do_verify(dgst,dgst_len,s,dsa); -err: - DSA_SIG_free(s); - return(ret); - } diff --git a/src/lib/libcrypto/dso/dso.h b/src/lib/libcrypto/dso/dso.h deleted file mode 100644 index bed7c464a6..0000000000 --- a/src/lib/libcrypto/dso/dso.h +++ /dev/null @@ -1,250 +0,0 @@ -/* dso.h */ -/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL - * project 2000. - */ -/* ==================================================================== - * Copyright (c) 2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_DSO_H -#define HEADER_DSO_H - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -/* These values are used as commands to DSO_ctrl() */ -#define DSO_CTRL_GET_FLAGS 1 -#define DSO_CTRL_SET_FLAGS 2 -#define DSO_CTRL_OR_FLAGS 3 - -/* These flags control the translation of file-names from canonical to - * native. Eg. in the CryptoSwift support, the "dl" and "dlfcn" - * methods will translate "swift" -> "libswift.so" whereas the "win32" - * method will translate "swift" -> "swift.dll". NB: Until I can figure - * out how to be more "conventional" with this, the methods will only - * honour this flag if it looks like it was passed a file without any - * path and if the filename is small enough. - */ -#define DSO_FLAG_NAME_TRANSLATION 0x01 - -/* The following flag controls the translation of symbol names to upper - * case. This is currently only being implemented for OpenVMS. - */ -#define DSO_FLAG_UPCASE_SYMBOL 0x02 - - -typedef void (*DSO_FUNC_TYPE)(void); - -typedef struct dso_st DSO; - -typedef struct dso_meth_st - { - const char *name; - /* Loads a shared library */ - int (*dso_load)(DSO *dso, const char *filename); - /* Unloads a shared library */ - int (*dso_unload)(DSO *dso); - /* Binds a variable */ - void *(*dso_bind_var)(DSO *dso, const char *symname); - /* Binds a function - assumes a return type of DSO_FUNC_TYPE. - * This should be cast to the real function prototype by the - * caller. Platforms that don't have compatible representations - * for different prototypes (this is possible within ANSI C) - * are highly unlikely to have shared libraries at all, let - * alone a DSO_METHOD implemented for them. */ - DSO_FUNC_TYPE (*dso_bind_func)(DSO *dso, const char *symname); - -/* I don't think this would actually be used in any circumstances. */ -#if 0 - /* Unbinds a variable */ - int (*dso_unbind_var)(DSO *dso, char *symname, void *symptr); - /* Unbinds a function */ - int (*dso_unbind_func)(DSO *dso, char *symname, DSO_FUNC_TYPE symptr); -#endif - /* The generic (yuck) "ctrl()" function. NB: Negative return - * values (rather than zero) indicate errors. */ - long (*dso_ctrl)(DSO *dso, int cmd, long larg, void *parg); - - /* [De]Initialisation handlers. */ - int (*init)(DSO *dso); - int (*finish)(DSO *dso); - } DSO_METHOD; - -/**********************************************************************/ -/* The low-level handle type used to refer to a loaded shared library */ - -struct dso_st - { - DSO_METHOD *meth; - /* Standard dlopen uses a (void *). Win32 uses a HANDLE. VMS - * doesn't use anything but will need to cache the filename - * for use in the dso_bind handler. All in all, let each - * method control its own destiny. "Handles" and such go in - * a STACK. */ - STACK *meth_data; - int references; - int flags; - /* For use by applications etc ... use this for your bits'n'pieces, - * don't touch meth_data! */ - CRYPTO_EX_DATA ex_data; - }; - - -DSO * DSO_new(void); -DSO * DSO_new_method(DSO_METHOD *method); -int DSO_free(DSO *dso); -int DSO_flags(DSO *dso); -int DSO_up(DSO *dso); -long DSO_ctrl(DSO *dso, int cmd, long larg, void *parg); - -void DSO_set_default_method(DSO_METHOD *meth); -DSO_METHOD *DSO_get_default_method(void); -DSO_METHOD *DSO_get_method(DSO *dso); -DSO_METHOD *DSO_set_method(DSO *dso, DSO_METHOD *meth); - -/* The all-singing all-dancing load function, you normally pass NULL - * for the first and third parameters. Use DSO_up and DSO_free for - * subsequent reference count handling. Any flags passed in will be set - * in the constructed DSO after its init() function but before the - * load operation. This will be done with; - * DSO_ctrl(dso, DSO_CTRL_SET_FLAGS, flags, NULL); */ -DSO *DSO_load(DSO *dso, const char *filename, DSO_METHOD *meth, int flags); - -/* This function binds to a variable inside a shared library. */ -void *DSO_bind_var(DSO *dso, const char *symname); - -/* This function binds to a function inside a shared library. */ -DSO_FUNC_TYPE DSO_bind_func(DSO *dso, const char *symname); - -/* This method is the default, but will beg, borrow, or steal whatever - * method should be the default on any particular platform (including - * DSO_METH_null() if necessary). */ -DSO_METHOD *DSO_METHOD_openssl(void); - -/* This method is defined for all platforms - if a platform has no - * DSO support then this will be the only method! */ -DSO_METHOD *DSO_METHOD_null(void); - -/* If DSO_DLFCN is defined, the standard dlfcn.h-style functions - * (dlopen, dlclose, dlsym, etc) will be used and incorporated into - * this method. If not, this method will return NULL. */ -DSO_METHOD *DSO_METHOD_dlfcn(void); - -/* If DSO_DL is defined, the standard dl.h-style functions (shl_load, - * shl_unload, shl_findsym, etc) will be used and incorporated into - * this method. If not, this method will return NULL. */ -DSO_METHOD *DSO_METHOD_dl(void); - -/* If WIN32 is defined, use DLLs. If not, return NULL. */ -DSO_METHOD *DSO_METHOD_win32(void); - -/* If VMS is defined, use shared images. If not, return NULL. */ -DSO_METHOD *DSO_METHOD_vms(void); - -void ERR_load_DSO_strings(void); - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ - -/* Error codes for the DSO functions. */ - -/* Function codes. */ -#define DSO_F_DLFCN_BIND_FUNC 100 -#define DSO_F_DLFCN_BIND_VAR 101 -#define DSO_F_DLFCN_CTRL 102 -#define DSO_F_DLFCN_LOAD 103 -#define DSO_F_DLFCN_UNLOAD 104 -#define DSO_F_DL_BIND_FUNC 105 -#define DSO_F_DL_BIND_VAR 106 -#define DSO_F_DL_CTRL 107 -#define DSO_F_DL_LOAD 108 -#define DSO_F_DL_UNLOAD 109 -#define DSO_F_DSO_BIND_FUNC 110 -#define DSO_F_DSO_BIND_VAR 111 -#define DSO_F_DSO_CTRL 112 -#define DSO_F_DSO_FREE 113 -#define DSO_F_DSO_LOAD 114 -#define DSO_F_DSO_NEW_METHOD 115 -#define DSO_F_DSO_UP 116 -#define DSO_F_VMS_BIND_VAR 122 -#define DSO_F_VMS_CTRL 123 -#define DSO_F_VMS_LOAD 124 -#define DSO_F_VMS_UNLOAD 125 -#define DSO_F_WIN32_BIND_FUNC 117 -#define DSO_F_WIN32_BIND_VAR 118 -#define DSO_F_WIN32_CTRL 119 -#define DSO_F_WIN32_LOAD 120 -#define DSO_F_WIN32_UNLOAD 121 - -/* Reason codes. */ -#define DSO_R_CTRL_FAILED 100 -#define DSO_R_FILENAME_TOO_BIG 109 -#define DSO_R_FINISH_FAILED 101 -#define DSO_R_LOAD_FAILED 102 -#define DSO_R_NULL_HANDLE 103 -#define DSO_R_STACK_ERROR 104 -#define DSO_R_SYM_FAILURE 105 -#define DSO_R_UNKNOWN_COMMAND 106 -#define DSO_R_UNLOAD_FAILED 107 -#define DSO_R_UNSUPPORTED 108 - -#ifdef __cplusplus -} -#endif -#endif - diff --git a/src/lib/libcrypto/dso/dso_dlfcn.c b/src/lib/libcrypto/dso/dso_dlfcn.c deleted file mode 100644 index e709c721cc..0000000000 --- a/src/lib/libcrypto/dso/dso_dlfcn.c +++ /dev/null @@ -1,276 +0,0 @@ -/* dso_dlfcn.c */ -/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL - * project 2000. - */ -/* ==================================================================== - * Copyright (c) 2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include "cryptlib.h" -#include - -#ifndef DSO_DLFCN -DSO_METHOD *DSO_METHOD_dlfcn(void) - { - return NULL; - } -#else - -#ifdef HAVE_DLFCN_H -#include -#endif - -/* Part of the hack in "dlfcn_load" ... */ -#define DSO_MAX_TRANSLATED_SIZE 256 - -static int dlfcn_load(DSO *dso, const char *filename); -static int dlfcn_unload(DSO *dso); -static void *dlfcn_bind_var(DSO *dso, const char *symname); -static DSO_FUNC_TYPE dlfcn_bind_func(DSO *dso, const char *symname); -#if 0 -static int dlfcn_unbind(DSO *dso, char *symname, void *symptr); -static int dlfcn_init(DSO *dso); -static int dlfcn_finish(DSO *dso); -#endif -static long dlfcn_ctrl(DSO *dso, int cmd, long larg, void *parg); - -static DSO_METHOD dso_meth_dlfcn = { - "OpenSSL 'dlfcn' shared library method", - dlfcn_load, - dlfcn_unload, - dlfcn_bind_var, - dlfcn_bind_func, -/* For now, "unbind" doesn't exist */ -#if 0 - NULL, /* unbind_var */ - NULL, /* unbind_func */ -#endif - dlfcn_ctrl, - NULL, /* init */ - NULL /* finish */ - }; - -DSO_METHOD *DSO_METHOD_dlfcn(void) - { - return(&dso_meth_dlfcn); - } - -/* Prior to using the dlopen() function, we should decide on the flag - * we send. There's a few different ways of doing this and it's a - * messy venn-diagram to match up which platforms support what. So - * as we don't have autoconf yet, I'm implementing a hack that could - * be hacked further relatively easily to deal with cases as we find - * them. Initially this is to cope with OpenBSD. */ -#ifdef __OpenBSD__ -# ifdef DL_LAZY -# define DLOPEN_FLAG DL_LAZY -# else -# ifdef RTLD_NOW -# define DLOPEN_FLAG RTLD_NOW -# else -# define DLOPEN_FLAG 0 -# endif -# endif -#else -# define DLOPEN_FLAG RTLD_NOW /* Hope this works everywhere else */ -#endif - -/* For this DSO_METHOD, our meth_data STACK will contain; - * (i) the handle (void*) returned from dlopen(). - */ - -static int dlfcn_load(DSO *dso, const char *filename) - { - void *ptr; - char translated[DSO_MAX_TRANSLATED_SIZE]; - int len; - - /* NB: This is a hideous hack, but I'm not yet sure what - * to replace it with. This attempts to convert any filename, - * that looks like it has no path information, into a - * translated form, e. "blah" -> "libblah.so" */ - len = strlen(filename); - if((dso->flags & DSO_FLAG_NAME_TRANSLATION) && - (len + 6 < DSO_MAX_TRANSLATED_SIZE) && - (strstr(filename, "/") == NULL)) - { - sprintf(translated, "lib%s.so", filename); - ptr = dlopen(translated, DLOPEN_FLAG); - } - else - { - ptr = dlopen(filename, DLOPEN_FLAG); - } - if(ptr == NULL) - { - DSOerr(DSO_F_DLFCN_LOAD,DSO_R_LOAD_FAILED); - return(0); - } - if(!sk_push(dso->meth_data, (char *)ptr)) - { - DSOerr(DSO_F_DLFCN_LOAD,DSO_R_STACK_ERROR); - dlclose(ptr); - return(0); - } - return(1); - } - -static int dlfcn_unload(DSO *dso) - { - void *ptr; - if(dso == NULL) - { - DSOerr(DSO_F_DLFCN_UNLOAD,ERR_R_PASSED_NULL_PARAMETER); - return(0); - } - if(sk_num(dso->meth_data) < 1) - return(1); - ptr = (void *)sk_pop(dso->meth_data); - if(ptr == NULL) - { - DSOerr(DSO_F_DLFCN_UNLOAD,DSO_R_NULL_HANDLE); - /* Should push the value back onto the stack in - * case of a retry. */ - sk_push(dso->meth_data, (char *)ptr); - return(0); - } - /* For now I'm not aware of any errors associated with dlclose() */ - dlclose(ptr); - return(1); - } - -static void *dlfcn_bind_var(DSO *dso, const char *symname) - { - void *ptr, *sym; - - if((dso == NULL) || (symname == NULL)) - { - DSOerr(DSO_F_DLFCN_BIND_VAR,ERR_R_PASSED_NULL_PARAMETER); - return(NULL); - } - if(sk_num(dso->meth_data) < 1) - { - DSOerr(DSO_F_DLFCN_BIND_VAR,DSO_R_STACK_ERROR); - return(NULL); - } - ptr = (void *)sk_value(dso->meth_data, sk_num(dso->meth_data) - 1); - if(ptr == NULL) - { - DSOerr(DSO_F_DLFCN_BIND_VAR,DSO_R_NULL_HANDLE); - return(NULL); - } - sym = dlsym(ptr, symname); - if(sym == NULL) - { - DSOerr(DSO_F_DLFCN_BIND_VAR,DSO_R_SYM_FAILURE); - return(NULL); - } - return(sym); - } - -static DSO_FUNC_TYPE dlfcn_bind_func(DSO *dso, const char *symname) - { - void *ptr; - DSO_FUNC_TYPE sym; - - if((dso == NULL) || (symname == NULL)) - { - DSOerr(DSO_F_DLFCN_BIND_FUNC,ERR_R_PASSED_NULL_PARAMETER); - return(NULL); - } - if(sk_num(dso->meth_data) < 1) - { - DSOerr(DSO_F_DLFCN_BIND_FUNC,DSO_R_STACK_ERROR); - return(NULL); - } - ptr = (void *)sk_value(dso->meth_data, sk_num(dso->meth_data) - 1); - if(ptr == NULL) - { - DSOerr(DSO_F_DLFCN_BIND_FUNC,DSO_R_NULL_HANDLE); - return(NULL); - } - sym = (DSO_FUNC_TYPE)dlsym(ptr, symname); - if(sym == NULL) - { - DSOerr(DSO_F_DLFCN_BIND_FUNC,DSO_R_SYM_FAILURE); - return(NULL); - } - return(sym); - } - -static long dlfcn_ctrl(DSO *dso, int cmd, long larg, void *parg) - { - if(dso == NULL) - { - DSOerr(DSO_F_DLFCN_CTRL,ERR_R_PASSED_NULL_PARAMETER); - return(-1); - } - switch(cmd) - { - case DSO_CTRL_GET_FLAGS: - return dso->flags; - case DSO_CTRL_SET_FLAGS: - dso->flags = (int)larg; - return(0); - case DSO_CTRL_OR_FLAGS: - dso->flags |= (int)larg; - return(0); - default: - break; - } - DSOerr(DSO_F_DLFCN_CTRL,DSO_R_UNKNOWN_COMMAND); - return(-1); - } - -#endif /* DSO_DLFCN */ diff --git a/src/lib/libcrypto/dso/dso_err.c b/src/lib/libcrypto/dso/dso_err.c deleted file mode 100644 index a3d7321c9b..0000000000 --- a/src/lib/libcrypto/dso/dso_err.c +++ /dev/null @@ -1,128 +0,0 @@ -/* crypto/dso/dso_err.c */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* NOTE: this file was auto generated by the mkerr.pl script: any changes - * made to it will be overwritten when the script next updates this file, - * only reason strings will be preserved. - */ - -#include -#include -#include - -/* BEGIN ERROR CODES */ -#ifndef NO_ERR -static ERR_STRING_DATA DSO_str_functs[]= - { -{ERR_PACK(0,DSO_F_DLFCN_BIND_FUNC,0), "DLFCN_BIND_FUNC"}, -{ERR_PACK(0,DSO_F_DLFCN_BIND_VAR,0), "DLFCN_BIND_VAR"}, -{ERR_PACK(0,DSO_F_DLFCN_CTRL,0), "DLFCN_CTRL"}, -{ERR_PACK(0,DSO_F_DLFCN_LOAD,0), "DLFCN_LOAD"}, -{ERR_PACK(0,DSO_F_DLFCN_UNLOAD,0), "DLFCN_UNLOAD"}, -{ERR_PACK(0,DSO_F_DL_BIND_FUNC,0), "DL_BIND_FUNC"}, -{ERR_PACK(0,DSO_F_DL_BIND_VAR,0), "DL_BIND_VAR"}, -{ERR_PACK(0,DSO_F_DL_CTRL,0), "DL_CTRL"}, -{ERR_PACK(0,DSO_F_DL_LOAD,0), "DL_LOAD"}, -{ERR_PACK(0,DSO_F_DL_UNLOAD,0), "DL_UNLOAD"}, -{ERR_PACK(0,DSO_F_DSO_BIND_FUNC,0), "DSO_bind_func"}, -{ERR_PACK(0,DSO_F_DSO_BIND_VAR,0), "DSO_bind_var"}, -{ERR_PACK(0,DSO_F_DSO_CTRL,0), "DSO_ctrl"}, -{ERR_PACK(0,DSO_F_DSO_FREE,0), "DSO_free"}, -{ERR_PACK(0,DSO_F_DSO_LOAD,0), "DSO_load"}, -{ERR_PACK(0,DSO_F_DSO_NEW_METHOD,0), "DSO_new_method"}, -{ERR_PACK(0,DSO_F_DSO_UP,0), "DSO_up"}, -{ERR_PACK(0,DSO_F_VMS_BIND_VAR,0), "VMS_BIND_VAR"}, -{ERR_PACK(0,DSO_F_VMS_CTRL,0), "VMS_CTRL"}, -{ERR_PACK(0,DSO_F_VMS_LOAD,0), "VMS_LOAD"}, -{ERR_PACK(0,DSO_F_VMS_UNLOAD,0), "VMS_UNLOAD"}, -{ERR_PACK(0,DSO_F_WIN32_BIND_FUNC,0), "WIN32_BIND_FUNC"}, -{ERR_PACK(0,DSO_F_WIN32_BIND_VAR,0), "WIN32_BIND_VAR"}, -{ERR_PACK(0,DSO_F_WIN32_CTRL,0), "WIN32_CTRL"}, -{ERR_PACK(0,DSO_F_WIN32_LOAD,0), "WIN32_LOAD"}, -{ERR_PACK(0,DSO_F_WIN32_UNLOAD,0), "WIN32_UNLOAD"}, -{0,NULL} - }; - -static ERR_STRING_DATA DSO_str_reasons[]= - { -{DSO_R_CTRL_FAILED ,"control command failed"}, -{DSO_R_FILENAME_TOO_BIG ,"filename too big"}, -{DSO_R_FINISH_FAILED ,"cleanup method function failed"}, -{DSO_R_LOAD_FAILED ,"could not load the shared library"}, -{DSO_R_NULL_HANDLE ,"a null shared library handle was used"}, -{DSO_R_STACK_ERROR ,"the meth_data stack is corrupt"}, -{DSO_R_SYM_FAILURE ,"could not bind to the requested symbol name"}, -{DSO_R_UNKNOWN_COMMAND ,"unknown control command"}, -{DSO_R_UNLOAD_FAILED ,"could not unload the shared library"}, -{DSO_R_UNSUPPORTED ,"functionality not supported"}, -{0,NULL} - }; - -#endif - -void ERR_load_DSO_strings(void) - { - static int init=1; - - if (init) - { - init=0; -#ifndef NO_ERR - ERR_load_strings(ERR_LIB_DSO,DSO_str_functs); - ERR_load_strings(ERR_LIB_DSO,DSO_str_reasons); -#endif - - } - } diff --git a/src/lib/libcrypto/dso/dso_lib.c b/src/lib/libcrypto/dso/dso_lib.c deleted file mode 100644 index acd166697e..0000000000 --- a/src/lib/libcrypto/dso/dso_lib.c +++ /dev/null @@ -1,306 +0,0 @@ -/* dso_lib.c */ -/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL - * project 2000. - */ -/* ==================================================================== - * Copyright (c) 2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include "cryptlib.h" -#include - -static DSO_METHOD *default_DSO_meth = NULL; - -DSO *DSO_new(void) - { - return(DSO_new_method(NULL)); - } - -void DSO_set_default_method(DSO_METHOD *meth) - { - default_DSO_meth = meth; - } - -DSO_METHOD *DSO_get_default_method(void) - { - return(default_DSO_meth); - } - -DSO_METHOD *DSO_get_method(DSO *dso) - { - return(dso->meth); - } - -DSO_METHOD *DSO_set_method(DSO *dso, DSO_METHOD *meth) - { - DSO_METHOD *mtmp; - mtmp = dso->meth; - dso->meth = meth; - return(mtmp); - } - -DSO *DSO_new_method(DSO_METHOD *meth) - { - DSO *ret; - - if(default_DSO_meth == NULL) - /* We default to DSO_METH_openssl() which in turn defaults - * to stealing the "best available" method. Will fallback - * to DSO_METH_null() in the worst case. */ - default_DSO_meth = DSO_METHOD_openssl(); - ret = (DSO *)OPENSSL_malloc(sizeof(DSO)); - if(ret == NULL) - { - DSOerr(DSO_F_DSO_NEW_METHOD,ERR_R_MALLOC_FAILURE); - return(NULL); - } - memset(ret, 0, sizeof(DSO)); - ret->meth_data = sk_new_null(); - if((ret->meth_data = sk_new_null()) == NULL) - { - /* sk_new doesn't generate any errors so we do */ - DSOerr(DSO_F_DSO_NEW_METHOD,ERR_R_MALLOC_FAILURE); - OPENSSL_free(ret); - return(NULL); - } - if(meth == NULL) - ret->meth = default_DSO_meth; - else - ret->meth = meth; - ret->references = 1; - if((ret->meth->init != NULL) && !ret->meth->init(ret)) - { - OPENSSL_free(ret); - ret=NULL; - } - return(ret); - } - -int DSO_free(DSO *dso) - { - int i; - - if(dso == NULL) - { - DSOerr(DSO_F_DSO_FREE,ERR_R_PASSED_NULL_PARAMETER); - return(0); - } - - i=CRYPTO_add(&dso->references,-1,CRYPTO_LOCK_DSO); -#ifdef REF_PRINT - REF_PRINT("DSO",dso); -#endif - if(i > 0) return(1); -#ifdef REF_CHECK - if(i < 0) - { - fprintf(stderr,"DSO_free, bad reference count\n"); - abort(); - } -#endif - - if((dso->meth->dso_unload != NULL) && !dso->meth->dso_unload(dso)) - { - DSOerr(DSO_F_DSO_FREE,DSO_R_UNLOAD_FAILED); - return(0); - } - - if((dso->meth->finish != NULL) && !dso->meth->finish(dso)) - { - DSOerr(DSO_F_DSO_FREE,DSO_R_FINISH_FAILED); - return(0); - } - - sk_free(dso->meth_data); - - OPENSSL_free(dso); - return(1); - } - -int DSO_flags(DSO *dso) - { - return((dso == NULL) ? 0 : dso->flags); - } - - -int DSO_up(DSO *dso) - { - if (dso == NULL) - { - DSOerr(DSO_F_DSO_UP,ERR_R_PASSED_NULL_PARAMETER); - return(0); - } - - CRYPTO_add(&dso->references,1,CRYPTO_LOCK_DSO); - return(1); - } - -DSO *DSO_load(DSO *dso, const char *filename, DSO_METHOD *meth, int flags) - { - DSO *ret; - int allocated = 0; - - if(filename == NULL) - { - DSOerr(DSO_F_DSO_LOAD,ERR_R_PASSED_NULL_PARAMETER); - return(NULL); - } - if(dso == NULL) - { - ret = DSO_new_method(meth); - if(ret == NULL) - { - DSOerr(DSO_F_DSO_LOAD,ERR_R_MALLOC_FAILURE); - return(NULL); - } - allocated = 1; - } - else - ret = dso; - /* Bleurgh ... have to check for negative return values for - * errors. */ - if(DSO_ctrl(ret, DSO_CTRL_SET_FLAGS, flags, NULL) < 0) - { - DSOerr(DSO_F_DSO_LOAD,DSO_R_CTRL_FAILED); - if(allocated) - DSO_free(ret); - return(NULL); - } - if(ret->meth->dso_load == NULL) - { - DSOerr(DSO_F_DSO_LOAD,DSO_R_UNSUPPORTED); - if(allocated) - DSO_free(ret); - return(NULL); - } - if(!ret->meth->dso_load(ret, filename)) - { - DSOerr(DSO_F_DSO_LOAD,DSO_R_LOAD_FAILED); - if(allocated) - DSO_free(ret); - return(NULL); - } - /* Load succeeded */ - return(ret); - } - -void *DSO_bind_var(DSO *dso, const char *symname) - { - void *ret = NULL; - - if((dso == NULL) || (symname == NULL)) - { - DSOerr(DSO_F_DSO_BIND_VAR,ERR_R_PASSED_NULL_PARAMETER); - return(NULL); - } - if(dso->meth->dso_bind_var == NULL) - { - DSOerr(DSO_F_DSO_BIND_VAR,DSO_R_UNSUPPORTED); - return(NULL); - } - if((ret = dso->meth->dso_bind_var(dso, symname)) == NULL) - { - DSOerr(DSO_F_DSO_BIND_VAR,DSO_R_SYM_FAILURE); - return(NULL); - } - /* Success */ - return(ret); - } - -DSO_FUNC_TYPE DSO_bind_func(DSO *dso, const char *symname) - { - DSO_FUNC_TYPE ret = NULL; - - if((dso == NULL) || (symname == NULL)) - { - DSOerr(DSO_F_DSO_BIND_FUNC,ERR_R_PASSED_NULL_PARAMETER); - return(NULL); - } - if(dso->meth->dso_bind_func == NULL) - { - DSOerr(DSO_F_DSO_BIND_FUNC,DSO_R_UNSUPPORTED); - return(NULL); - } - if((ret = dso->meth->dso_bind_func(dso, symname)) == NULL) - { - DSOerr(DSO_F_DSO_BIND_FUNC,DSO_R_SYM_FAILURE); - return(NULL); - } - /* Success */ - return(ret); - } - -/* I don't really like these *_ctrl functions very much to be perfectly - * honest. For one thing, I think I have to return a negative value for - * any error because possible DSO_ctrl() commands may return values - * such as "size"s that can legitimately be zero (making the standard - * "if(DSO_cmd(...))" form that works almost everywhere else fail at - * odd times. I'd prefer "output" values to be passed by reference and - * the return value as success/failure like usual ... but we conform - * when we must... :-) */ -long DSO_ctrl(DSO *dso, int cmd, long larg, void *parg) - { - if(dso == NULL) - { - DSOerr(DSO_F_DSO_CTRL,ERR_R_PASSED_NULL_PARAMETER); - return(-1); - } - if((dso->meth == NULL) || (dso->meth->dso_ctrl == NULL)) - { - DSOerr(DSO_F_DSO_CTRL,DSO_R_UNSUPPORTED); - return(-1); - } - return(dso->meth->dso_ctrl(dso,cmd,larg,parg)); - } diff --git a/src/lib/libcrypto/dso/dso_null.c b/src/lib/libcrypto/dso/dso_null.c deleted file mode 100644 index fa13a7cb0f..0000000000 --- a/src/lib/libcrypto/dso/dso_null.c +++ /dev/null @@ -1,86 +0,0 @@ -/* dso_null.c */ -/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL - * project 2000. - */ -/* ==================================================================== - * Copyright (c) 2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* This "NULL" method is provided as the fallback for systems that have - * no appropriate support for "shared-libraries". */ - -#include -#include "cryptlib.h" -#include - -static DSO_METHOD dso_meth_null = { - "NULL shared library method", - NULL, /* load */ - NULL, /* unload */ - NULL, /* bind_var */ - NULL, /* bind_func */ -/* For now, "unbind" doesn't exist */ -#if 0 - NULL, /* unbind_var */ - NULL, /* unbind_func */ -#endif - NULL, /* ctrl */ - NULL, /* init */ - NULL /* finish */ - }; - -DSO_METHOD *DSO_METHOD_null(void) - { - return(&dso_meth_null); - } - diff --git a/src/lib/libcrypto/dso/dso_openssl.c b/src/lib/libcrypto/dso/dso_openssl.c deleted file mode 100644 index a4395ebffe..0000000000 --- a/src/lib/libcrypto/dso/dso_openssl.c +++ /dev/null @@ -1,81 +0,0 @@ -/* dso_openssl.c */ -/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL - * project 2000. - */ -/* ==================================================================== - * Copyright (c) 2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include "cryptlib.h" -#include - -/* We just pinch the method from an appropriate "default" method. */ - -DSO_METHOD *DSO_METHOD_openssl(void) - { -#ifdef DEF_DSO_METHOD - return(DEF_DSO_METHOD()); -#elif defined(DSO_DLFCN) - return(DSO_METHOD_dlfcn()); -#elif defined(DSO_DL) - return(DSO_METHOD_dl()); -#elif defined(DSO_WIN32) - return(DSO_METHOD_win32()); -#elif defined(DSO_VMS) - return(DSO_METHOD_vms()); -#else - return(DSO_METHOD_null()); -#endif - } - diff --git a/src/lib/libcrypto/engine/README b/src/lib/libcrypto/engine/README deleted file mode 100644 index 96595e6f35..0000000000 --- a/src/lib/libcrypto/engine/README +++ /dev/null @@ -1,278 +0,0 @@ -NOTES, THOUGHTS, and EVERYTHING -------------------------------- - -(1) Concurrency and locking ... I made a change to the ENGINE_free code - because I spotted a potential hold-up in proceedings (doing too - much inside a lock including calling a callback), there may be - other bits like this. What do the speed/optimisation freaks think - of this aspect of the code and design? There's lots of locking for - manipulation functions and I need that to keep things nice and - solid, but this manipulation is mostly (de)initialisation, I would - think that most run-time locking is purely in the ENGINE_init and - ENGINE_finish calls that might be made when getting handles for - RSA (and friends') structures. These would be mostly reference - count operations as the functional references should always be 1 - or greater at run-time to prevent init/deinit thrashing. - -(2) nCipher support, via the HWCryptoHook API, is now in the code. - Apparently this hasn't been tested too much yet, but it looks - good. :-) Atalla support has been added too, but shares a lot in - common with Ben's original hooks in bn_exp.c (although it has been - ENGINE-ified, and error handling wrapped around it) and it's also - had some low-volume testing, so it should be usable. - -(3) Of more concern, we need to work out (a) how to put together usable - RAND_METHODs for units that just have one "get n or less random - bytes" function, (b) we also need to determine how to hook the code - in crypto/rand/ to use the ENGINE defaults in a way similar to what - has been done in crypto/rsa/, crypto/dsa/, etc. - -(4) ENGINE should really grow to encompass more than 3 public key - algorithms and randomness gathering. The structure/data level of - the engine code is hidden from code outside the crypto/engine/ - directory so change shouldn't be too viral. More important though - is how things should evolve ... this needs thought and discussion. - - ------------------------------------==*==----------------------------------- - -More notes 2000-08-01 ---------------------- - -Geoff Thorpe, who designed the engine part, wrote a pretty good description -of the thoughts he had when he built it, good enough to include verbatim here -(with his permission) -- Richard Levitte - - -Date: Tue, 1 Aug 2000 16:54:08 +0100 (BST) -From: Geoff Thorpe -Subject: Re: The thoughts to merge BRANCH_engine into the main trunk are - emerging - -Hi there, - -I'm going to try and do some justice to this, but I'm a little short on -time and the there is an endless amount that could be discussed on this -subject. sigh ... please bear with me :-) - -> The changes in BRANCH_engine dig deep into the core of OpenSSL, for example -> into the RSA and RAND routines, adding a level of indirection which is needed -> to keep the abstraction, as far as I understand. It would be a good thing if -> those who do play with those things took a look at the changes that have been -> done in the branch and say out loud how much (or hopefully little) we've made -> fools of ourselves. - -The point here is that the code that has emerged in the BRANCH_engine -branch was based on some initial requirements of mine that I went in and -addressed, and Richard has picked up the ball and run with it too. It -would be really useful to get some review of the approach we've taken, but -first I think I need to describe as best I can the reasons behind what has -been done so far, in particular what issues we have tried to address when -doing this, and what issues we have intentionally (or necessarily) tried -to avoid. - -methods, engines, and evps --------------------------- - -There has been some dicussion, particularly with Steve, about where this -ENGINE stuff might fit into the conceptual picture as/when we start to -abstract algorithms a little bit to make the library more extensible. In -particular, it would desirable to have algorithms (symmetric, hash, pkc, -etc) abstracted in some way that allows them to be just objects sitting in -a list (or database) ... it'll just happen that the "DSA" object doesn't -support encryption whereas the "RSA" object does. This requires a lot of -consideration to begin to know how to tackle it; in particular how -encapsulated should these things be? If the objects also understand their -own ASN1 encodings and what-not, then it would for example be possible to -add support for elliptic-curve DSA in as a new algorithm and automatically -have ECC-DSA certificates supported in SSL applications. Possible, but not -easy. :-) - -Whatever, it seems that the way to go (if I've grok'd Steve's comments on -this in the past) is to amalgamate these things in EVP as is already done -(I think) for ciphers or hashes (Steve, please correct/elaborate). I -certainly think something should be done in this direction because right -now we have different source directories, types, functions, and methods -for each algorithm - even when conceptually they are very much different -feathers of the same bird. (This is certainly all true for the public-key -stuff, and may be partially true for the other parts.) - -ENGINE was *not* conceived as a way of solving this, far from it. Nor was -it conceived as a way of replacing the various "***_METHOD"s. It was -conceived as an abstraction of a sort of "virtual crypto device". If we -lived in a world where "EVP_ALGO"s (or something like them) encapsulated -particular algorithms like RSA,DSA,MD5,RC4,etc, and "***_METHOD"s -encapsulated interfaces to algorithms (eg. some algo's might support a -PKC_METHOD, a HASH_METHOD, or a CIPHER_METHOD, who knows?), then I would -think that ENGINE would encapsulate an implementation of arbitrarily many -of those algorithms - perhaps as alternatives to existing algorithms -and/or perhaps as new previously unimplemented algorithms. An ENGINE could -be used to contain an alternative software implementation, a wrapper for a -hardware acceleration and/or key-management unit, a comms-wrapper for -distributing cryptographic operations to remote machines, or any other -"devices" your imagination can dream up. - -However, what has been done in the ENGINE branch so far is nothing more -than starting to get our toes wet. I had a couple of self-imposed -requirements when putting the initial abstraction together, and I may have -already posed these in one form or another on the list, but briefly; - - (i) only bother with public key algorithms for now, and maybe RAND too - (motivated by the need to get hardware support going and the fact - this was a comparitively easy subset to address to begin with). - - (ii) don't change (if at all possible) the existing crypto code, ie. the - implementations, the way the ***_METHODs work, etc. - - (iii) ensure that if no function from the ENGINE code is ever called then - things work the way they always did, and there is no memory - allocation (otherwise the failure to cleanup would be a problem - - this is part of the reason no STACKs were used, the other part of - the reason being I found them inappropriate). - - (iv) ensure that all the built-in crypto was encapsulated by one of - these "ENGINE"s and that this engine was automatically selected as - the default. - - (v) provide the minimum hooking possible in the existing crypto code - so that global functions (eg. RSA_public_encrypt) do not need any - extra parameter, yet will use whatever the current default ENGINE - for that RSA key is, and that the default can be set "per-key" - and globally (new keys will assume the global default, and keys - without their own default will be operated on using the global - default). NB: Try and make (v) conflict as little as possible with - (ii). :-) - - (vi) wrap the ENGINE code up in duct tape so you can't even see the - corners. Ie. expose no structures at all, just black-box pointers. - - (v) maintain internally a list of ENGINEs on which a calling - application can iterate, interrogate, etc. Allow a calling - application to hook in new ENGINEs, remove ENGINEs from the list, - and enforce uniqueness within the global list of each ENGINE's - "unique id". - - (vi) keep reference counts for everything - eg. this includes storing a - reference inside each RSA structure to the ENGINE that it uses. - This is freed when the RSA structure is destroyed, or has its - ENGINE explicitly changed. The net effect needs to be that at any - time, it is deterministic to know whether an ENGINE is in use or - can be safely removed (or unloaded in the case of the other type - of reference) without invalidating function pointers that may or - may not be used indavertently in the future. This was actually - one of the biggest problems to overcome in the existing OpenSSL - code - implementations had always been assumed to be ever-present, - so there was no trivial way to get round this. - - (vii) distinguish between structural references and functional - references. - -A *little* detail ------------------ - -While my mind is on it; I'll illustrate the bit in item (vii). This idea -turned out to be very handy - the ENGINEs themselves need to be operated -on and manipulated simply as objects without necessarily trying to -"enable" them for use. Eg. most host machines will not have the necessary -hardware or software to support all the engines one might compile into -OpenSSL, yet it needs to be possible to iterate across the ENGINEs, -querying their names, properties, etc - all happening in a thread-safe -manner that uses reference counts (if you imagine two threads iterating -through a list and one thread removing the ENGINE the other is currently -looking at - you can see the gotcha waiting to happen). For all of this, -*structural references* are used and operate much like the other reference -counts in OpenSSL. - -The other kind of reference count is for *functional* references - these -indicate a reference on which the caller can actually assume the -particular ENGINE to be initialised and usable to perform the operations -it implements. Any increment or decrement of the functional reference -count automatically invokes a corresponding change in the structural -reference count, as it is fairly obvious that a functional reference is a -restricted case of a structural reference. So struct_ref >= funct_ref at -all times. NB: functional references are usually obtained by a call to -ENGINE_init(), but can also be created implicitly by calls that require a -new functional reference to be created, eg. ENGINE_set_default(). Either -way the only time the underlying ENGINE's "init" function is really called -is when the (functional) reference count increases to 1, similarly the -underlying "finish" handler is only called as the count goes down to 0. -The effect of this, for example, is that if you set the default ENGINE for -RSA operations to be "cswift", then its functional reference count will -already be at least 1 so the CryptoSwift shared-library and the card will -stay loaded and initialised until such time as all RSA keys using the -cswift ENGINE are changed or destroyed and the default ENGINE for RSA -operations has been changed. This prevents repeated thrashing of init and -finish handling if the count keeps getting down as far as zero. - -Otherwise, the way the ENGINE code has been put together I think pretty -much reflects the above points. The reason for the ENGINE structure having -individual RSA_METHOD, DSA_METHOD, etc pointers is simply that it was the -easiest way to go about things for now, to hook it all into the raw -RSA,DSA,etc code, and I was trying to the keep the structure invisible -anyway so that the way this is internally managed could be easily changed -later on when we start to work out what's to be done about these other -abstractions. - -Down the line, if some EVP-based technique emerges for adequately -encapsulating algorithms and all their various bits and pieces, then I can -imagine that "ENGINE" would turn into a reference-counting database of -these EVP things, of which the default "openssl" ENGINE would be the -library's own object database of pre-built software implemented algorithms -(and such). It would also be cool to see the idea of "METHOD"s detached -from the algorithms themselves ... so RSA, DSA, ElGamal, etc can all -expose essentially the same METHOD (aka interface), which would include -any querying/flagging stuff to identify what the algorithm can/can't do, -its name, and other stuff like max/min block sizes, key sizes, etc. This -would result in ENGINE similarly detaching its internal database of -algorithm implementations from the function definitions that return -interfaces to them. I think ... - -As for DSOs etc. Well the DSO code is pretty handy (but could be made much -more so) for loading vendor's driver-libraries and talking to them in some -generic way, but right now there's still big problems associated with -actually putting OpenSSL code (ie. new ENGINEs, or anything else for that -matter) in dynamically loadable libraries. These problems won't go away in -a hurry so I don't think we should expect to have any kind of -shared-library extensions any time soon - but solving the problems is a -good thing to aim for, and would as a side-effect probably help make -OpenSSL more usable as a shared-library itself (looking at the things -needed to do this will show you why). - -One of the problems is that if you look at any of the ENGINE -implementations, eg. hw_cswift.c or hw_ncipher.c, you'll see how it needs -a variety of functionality and definitions from various areas of OpenSSL, -including crypto/bn/, crypto/err/, crypto/ itself (locking for example), -crypto/dso/, crypto/engine/, crypto/rsa, etc etc etc. So if similar code -were to be suctioned off into shared libraries, the shared libraries would -either have to duplicate all the definitions and code and avoid loader -conflicts, or OpenSSL would have to somehow expose all that functionality -to the shared-library. If this isn't a big enough problem, the issue of -binary compatibility will be - anyone writing Apache modules can tell you -that (Ralf? Ben? :-). However, I don't think OpenSSL would need to be -quite so forgiving as Apache should be, so OpenSSL could simply tell its -version to the DSO and leave the DSO with the problem of deciding whether -to proceed or bail out for fear of binary incompatibilities. - -Certainly one thing that would go a long way to addressing this is to -embark on a bit of an opaqueness mission. I've set the ENGINE code up with -this in mind - it's so draconian that even to declare your own ENGINE, you -have to get the engine code to create the underlying ENGINE structure, and -then feed in the new ENGINE's function/method pointers through various -"set" functions. The more of the code that takes on such a black-box -approach, the more of the code that will be (a) easy to expose to shared -libraries that need it, and (b) easy to expose to applications wanting to -use OpenSSL itself as a shared-library. From my own explorations in -OpenSSL, the biggest leviathan I've seen that is a problem in this respect -is the BIGNUM code. Trying to "expose" the bignum code through any kind of -organised "METHODs", let alone do all the necessary bignum operations -solely through functions rather than direct access to the structures and -macros, will be a massive pain in the "r"s. - -Anyway, I'm done for now - hope it was readable. Thoughts? - -Cheers, -Geoff - - ------------------------------------==*==----------------------------------- - diff --git a/src/lib/libcrypto/engine/engine.h b/src/lib/libcrypto/engine/engine.h deleted file mode 100644 index 2983f47034..0000000000 --- a/src/lib/libcrypto/engine/engine.h +++ /dev/null @@ -1,398 +0,0 @@ -/* openssl/engine.h */ -/* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL - * project 2000. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_ENGINE_H -#define HEADER_ENGINE_H - -#include -#include -#include -#include -#include -#include -#include - -#ifdef __cplusplus -extern "C" { -#endif - -/* These flags are used to control combinations of algorithm (methods) - * by bitwise "OR"ing. */ -#define ENGINE_METHOD_RSA (unsigned int)0x0001 -#define ENGINE_METHOD_DSA (unsigned int)0x0002 -#define ENGINE_METHOD_DH (unsigned int)0x0004 -#define ENGINE_METHOD_RAND (unsigned int)0x0008 -#define ENGINE_METHOD_BN_MOD_EXP (unsigned int)0x0010 -#define ENGINE_METHOD_BN_MOD_EXP_CRT (unsigned int)0x0020 -/* Obvious all-or-nothing cases. */ -#define ENGINE_METHOD_ALL (unsigned int)0xFFFF -#define ENGINE_METHOD_NONE (unsigned int)0x0000 - -/* These flags are used to tell the ctrl function what should be done. - * All command numbers are shared between all engines, even if some don't - * make sense to some engines. In such a case, they do nothing but return - * the error ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED. */ -#define ENGINE_CTRL_SET_LOGSTREAM 1 -#define ENGINE_CTRL_SET_PASSWORD_CALLBACK 2 -/* Flags specific to the nCipher "chil" engine */ -#define ENGINE_CTRL_CHIL_SET_FORKCHECK 100 - /* Depending on the value of the (long)i argument, this sets or - * unsets the SimpleForkCheck flag in the CHIL API to enable or - * disable checking and workarounds for applications that fork(). - */ -#define ENGINE_CTRL_CHIL_NO_LOCKING 101 - /* This prevents the initialisation function from providing mutex - * callbacks to the nCipher library. */ - -/* As we're missing a BIGNUM_METHOD, we need a couple of locally - * defined function types that engines can implement. */ - -#ifndef HEADER_ENGINE_INT_H -/* mod_exp operation, calculates; r = a ^ p mod m - * NB: ctx can be NULL, but if supplied, the implementation may use - * it if it wishes. */ -typedef int (*BN_MOD_EXP)(BIGNUM *r, BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx); - -/* private key operation for RSA, provided seperately in case other - * RSA implementations wish to use it. */ -typedef int (*BN_MOD_EXP_CRT)(BIGNUM *r, BIGNUM *a, const BIGNUM *p, - const BIGNUM *q, const BIGNUM *dmp1, const BIGNUM *dmq1, - const BIGNUM *iqmp, BN_CTX *ctx); - -/* Generic function pointer */ -typedef void (*ENGINE_GEN_FUNC_PTR)(); -/* Generic function pointer taking no arguments */ -typedef void (*ENGINE_GEN_INT_FUNC_PTR)(void); -/* Specific control function pointer */ -typedef int (*ENGINE_CTRL_FUNC_PTR)(int cmd, long i, void *p, void (*f)()); - -/* The list of "engine" types is a static array of (const ENGINE*) - * pointers (not dynamic because static is fine for now and we otherwise - * have to hook an appropriate load/unload function in to initialise and - * cleanup). */ -typedef struct engine_st ENGINE; -#endif - -/* STRUCTURE functions ... all of these functions deal with pointers to - * ENGINE structures where the pointers have a "structural reference". - * This means that their reference is to allow access to the structure - * but it does not imply that the structure is functional. To simply - * increment or decrement the structural reference count, use ENGINE_new - * and ENGINE_free. NB: This is not required when iterating using - * ENGINE_get_next as it will automatically decrement the structural - * reference count of the "current" ENGINE and increment the structural - * reference count of the ENGINE it returns (unless it is NULL). */ - -/* Get the first/last "ENGINE" type available. */ -ENGINE *ENGINE_get_first(void); -ENGINE *ENGINE_get_last(void); -/* Iterate to the next/previous "ENGINE" type (NULL = end of the list). */ -ENGINE *ENGINE_get_next(ENGINE *e); -ENGINE *ENGINE_get_prev(ENGINE *e); -/* Add another "ENGINE" type into the array. */ -int ENGINE_add(ENGINE *e); -/* Remove an existing "ENGINE" type from the array. */ -int ENGINE_remove(ENGINE *e); -/* Retrieve an engine from the list by its unique "id" value. */ -ENGINE *ENGINE_by_id(const char *id); - -/* These functions are useful for manufacturing new ENGINE - * structures. They don't address reference counting at all - - * one uses them to populate an ENGINE structure with personalised - * implementations of things prior to using it directly or adding - * it to the builtin ENGINE list in OpenSSL. These are also here - * so that the ENGINE structure doesn't have to be exposed and - * break binary compatibility! - * - * NB: I'm changing ENGINE_new to force the ENGINE structure to - * be allocated from within OpenSSL. See the comment for - * ENGINE_get_struct_size(). - */ -#if 0 -ENGINE *ENGINE_new(ENGINE *e); -#else -ENGINE *ENGINE_new(void); -#endif -int ENGINE_free(ENGINE *e); -int ENGINE_set_id(ENGINE *e, const char *id); -int ENGINE_set_name(ENGINE *e, const char *name); -int ENGINE_set_RSA(ENGINE *e, RSA_METHOD *rsa_meth); -int ENGINE_set_DSA(ENGINE *e, DSA_METHOD *dsa_meth); -int ENGINE_set_DH(ENGINE *e, DH_METHOD *dh_meth); -int ENGINE_set_RAND(ENGINE *e, RAND_METHOD *rand_meth); -int ENGINE_set_BN_mod_exp(ENGINE *e, BN_MOD_EXP bn_mod_exp); -int ENGINE_set_BN_mod_exp_crt(ENGINE *e, BN_MOD_EXP_CRT bn_mod_exp_crt); -int ENGINE_set_init_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR init_f); -int ENGINE_set_finish_function(ENGINE *e, ENGINE_GEN_INT_FUNC_PTR finish_f); -int ENGINE_set_ctrl_function(ENGINE *e, ENGINE_CTRL_FUNC_PTR ctrl_f); - -/* These return values from within the ENGINE structure. These can - * be useful with functional references as well as structural - * references - it depends which you obtained. Using the result - * for functional purposes if you only obtained a structural - * reference may be problematic! */ -const char *ENGINE_get_id(ENGINE *e); -const char *ENGINE_get_name(ENGINE *e); -RSA_METHOD *ENGINE_get_RSA(ENGINE *e); -DSA_METHOD *ENGINE_get_DSA(ENGINE *e); -DH_METHOD *ENGINE_get_DH(ENGINE *e); -RAND_METHOD *ENGINE_get_RAND(ENGINE *e); -BN_MOD_EXP ENGINE_get_BN_mod_exp(ENGINE *e); -BN_MOD_EXP_CRT ENGINE_get_BN_mod_exp_crt(ENGINE *e); -ENGINE_GEN_INT_FUNC_PTR ENGINE_get_init_function(ENGINE *e); -ENGINE_GEN_INT_FUNC_PTR ENGINE_get_finish_function(ENGINE *e); -ENGINE_CTRL_FUNC_PTR ENGINE_get_ctrl_function(ENGINE *e); - -/* ENGINE_new is normally passed a NULL in the first parameter because - * the calling code doesn't have access to the definition of the ENGINE - * structure (for good reason). However, if the caller wishes to use - * its own memory allocation or use a static array, the following call - * should be used to check the amount of memory the ENGINE structure - * will occupy. This will make the code more future-proof. - * - * NB: I'm "#if 0"-ing this out because it's better to force the use of - * internally allocated memory. See similar change in ENGINE_new(). - */ -#if 0 -int ENGINE_get_struct_size(void); -#endif - -/* FUNCTIONAL functions. These functions deal with ENGINE structures - * that have (or will) be initialised for use. Broadly speaking, the - * structural functions are useful for iterating the list of available - * engine types, creating new engine types, and other "list" operations. - * These functions actually deal with ENGINEs that are to be used. As - * such these functions can fail (if applicable) when particular - * engines are unavailable - eg. if a hardware accelerator is not - * attached or not functioning correctly. Each ENGINE has 2 reference - * counts; structural and functional. Every time a functional reference - * is obtained or released, a corresponding structural reference is - * automatically obtained or released too. */ - -/* Initialise a engine type for use (or up its reference count if it's - * already in use). This will fail if the engine is not currently - * operational and cannot initialise. */ -int ENGINE_init(ENGINE *e); -/* Free a functional reference to a engine type. This does not require - * a corresponding call to ENGINE_free as it also releases a structural - * reference. */ -int ENGINE_finish(ENGINE *e); -/* Send control parametrised commands to the engine. The possibilities - * to send down an integer, a pointer to data or a function pointer are - * provided. Any of the parameters may or may not be NULL, depending - * on the command number */ -/* WARNING: This is currently experimental and may change radically! */ -int ENGINE_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)()); - -/* The following functions handle keys that are stored in some secondary - * location, handled by the engine. The storage may be on a card or - * whatever. */ -EVP_PKEY *ENGINE_load_private_key(ENGINE *e, const char *key_id, - const char *passphrase); -EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id, - const char *passphrase); - -/* This returns a pointer for the current ENGINE structure that - * is (by default) performing any RSA operations. The value returned - * is an incremented reference, so it should be free'd (ENGINE_finish) - * before it is discarded. */ -ENGINE *ENGINE_get_default_RSA(void); -/* Same for the other "methods" */ -ENGINE *ENGINE_get_default_DSA(void); -ENGINE *ENGINE_get_default_DH(void); -ENGINE *ENGINE_get_default_RAND(void); -ENGINE *ENGINE_get_default_BN_mod_exp(void); -ENGINE *ENGINE_get_default_BN_mod_exp_crt(void); - -/* This sets a new default ENGINE structure for performing RSA - * operations. If the result is non-zero (success) then the ENGINE - * structure will have had its reference count up'd so the caller - * should still free their own reference 'e'. */ -int ENGINE_set_default_RSA(ENGINE *e); -/* Same for the other "methods" */ -int ENGINE_set_default_DSA(ENGINE *e); -int ENGINE_set_default_DH(ENGINE *e); -int ENGINE_set_default_RAND(ENGINE *e); -int ENGINE_set_default_BN_mod_exp(ENGINE *e); -int ENGINE_set_default_BN_mod_exp_crt(ENGINE *e); - -/* The combination "set" - the flags are bitwise "OR"d from the - * ENGINE_METHOD_*** defines above. */ -int ENGINE_set_default(ENGINE *e, unsigned int flags); - -/* Obligatory error function. */ -void ERR_load_ENGINE_strings(void); - -/* - * Error codes for all engine functions. NB: We use "generic" - * function names instead of per-implementation ones because this - * levels the playing field for externally implemented bootstrapped - * support code. As the filename and line number is included, it's - * more important to indicate the type of function, so that - * bootstrapped code (that can't easily add its own errors in) can - * use the same error codes too. - */ - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ - -/* Error codes for the ENGINE functions. */ - -/* Function codes. */ -#define ENGINE_F_ATALLA_FINISH 135 -#define ENGINE_F_ATALLA_INIT 136 -#define ENGINE_F_ATALLA_MOD_EXP 137 -#define ENGINE_F_ATALLA_RSA_MOD_EXP 138 -#define ENGINE_F_CSWIFT_DSA_SIGN 133 -#define ENGINE_F_CSWIFT_DSA_VERIFY 134 -#define ENGINE_F_CSWIFT_FINISH 100 -#define ENGINE_F_CSWIFT_INIT 101 -#define ENGINE_F_CSWIFT_MOD_EXP 102 -#define ENGINE_F_CSWIFT_MOD_EXP_CRT 103 -#define ENGINE_F_CSWIFT_RSA_MOD_EXP 104 -#define ENGINE_F_ENGINE_ADD 105 -#define ENGINE_F_ENGINE_BY_ID 106 -#define ENGINE_F_ENGINE_CTRL 142 -#define ENGINE_F_ENGINE_FINISH 107 -#define ENGINE_F_ENGINE_FREE 108 -#define ENGINE_F_ENGINE_GET_BN_MOD_EXP 109 -#define ENGINE_F_ENGINE_GET_BN_MOD_EXP_CRT 110 -#define ENGINE_F_ENGINE_GET_CTRL_FUNCTION 144 -#define ENGINE_F_ENGINE_GET_DH 111 -#define ENGINE_F_ENGINE_GET_DSA 112 -#define ENGINE_F_ENGINE_GET_FINISH_FUNCTION 145 -#define ENGINE_F_ENGINE_GET_ID 113 -#define ENGINE_F_ENGINE_GET_INIT_FUNCTION 146 -#define ENGINE_F_ENGINE_GET_NAME 114 -#define ENGINE_F_ENGINE_GET_NEXT 115 -#define ENGINE_F_ENGINE_GET_PREV 116 -#define ENGINE_F_ENGINE_GET_RAND 117 -#define ENGINE_F_ENGINE_GET_RSA 118 -#define ENGINE_F_ENGINE_INIT 119 -#define ENGINE_F_ENGINE_LIST_ADD 120 -#define ENGINE_F_ENGINE_LIST_REMOVE 121 -#define ENGINE_F_ENGINE_LOAD_PRIVATE_KEY 150 -#define ENGINE_F_ENGINE_LOAD_PUBLIC_KEY 151 -#define ENGINE_F_ENGINE_NEW 122 -#define ENGINE_F_ENGINE_REMOVE 123 -#define ENGINE_F_ENGINE_SET_BN_MOD_EXP 124 -#define ENGINE_F_ENGINE_SET_BN_MOD_EXP_CRT 125 -#define ENGINE_F_ENGINE_SET_CTRL_FUNCTION 147 -#define ENGINE_F_ENGINE_SET_DEFAULT_TYPE 126 -#define ENGINE_F_ENGINE_SET_DH 127 -#define ENGINE_F_ENGINE_SET_DSA 128 -#define ENGINE_F_ENGINE_SET_FINISH_FUNCTION 148 -#define ENGINE_F_ENGINE_SET_ID 129 -#define ENGINE_F_ENGINE_SET_INIT_FUNCTION 149 -#define ENGINE_F_ENGINE_SET_NAME 130 -#define ENGINE_F_ENGINE_SET_RAND 131 -#define ENGINE_F_ENGINE_SET_RSA 132 -#define ENGINE_F_ENGINE_UNLOAD_KEY 152 -#define ENGINE_F_HWCRHK_CTRL 143 -#define ENGINE_F_HWCRHK_FINISH 135 -#define ENGINE_F_HWCRHK_GET_PASS 155 -#define ENGINE_F_HWCRHK_INIT 136 -#define ENGINE_F_HWCRHK_LOAD_PRIVKEY 153 -#define ENGINE_F_HWCRHK_LOAD_PUBKEY 154 -#define ENGINE_F_HWCRHK_MOD_EXP 137 -#define ENGINE_F_HWCRHK_MOD_EXP_CRT 138 -#define ENGINE_F_HWCRHK_RAND_BYTES 139 -#define ENGINE_F_HWCRHK_RSA_MOD_EXP 140 -#define ENGINE_F_LOG_MESSAGE 141 - -/* Reason codes. */ -#define ENGINE_R_ALREADY_LOADED 100 -#define ENGINE_R_BIO_WAS_FREED 121 -#define ENGINE_R_BN_CTX_FULL 101 -#define ENGINE_R_BN_EXPAND_FAIL 102 -#define ENGINE_R_CHIL_ERROR 123 -#define ENGINE_R_CONFLICTING_ENGINE_ID 103 -#define ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED 119 -#define ENGINE_R_DSO_FAILURE 104 -#define ENGINE_R_ENGINE_IS_NOT_IN_LIST 105 -#define ENGINE_R_FAILED_LOADING_PRIVATE_KEY 128 -#define ENGINE_R_FAILED_LOADING_PUBLIC_KEY 129 -#define ENGINE_R_FINISH_FAILED 106 -#define ENGINE_R_GET_HANDLE_FAILED 107 -#define ENGINE_R_ID_OR_NAME_MISSING 108 -#define ENGINE_R_INIT_FAILED 109 -#define ENGINE_R_INTERNAL_LIST_ERROR 110 -#define ENGINE_R_MISSING_KEY_COMPONENTS 111 -#define ENGINE_R_NOT_INITIALISED 117 -#define ENGINE_R_NOT_LOADED 112 -#define ENGINE_R_NO_CALLBACK 127 -#define ENGINE_R_NO_CONTROL_FUNCTION 120 -#define ENGINE_R_NO_KEY 124 -#define ENGINE_R_NO_LOAD_FUNCTION 125 -#define ENGINE_R_NO_REFERENCE 130 -#define ENGINE_R_NO_SUCH_ENGINE 116 -#define ENGINE_R_NO_UNLOAD_FUNCTION 126 -#define ENGINE_R_PROVIDE_PARAMETERS 113 -#define ENGINE_R_REQUEST_FAILED 114 -#define ENGINE_R_REQUEST_FALLBACK 118 -#define ENGINE_R_SIZE_TOO_LARGE_OR_TOO_SMALL 122 -#define ENGINE_R_UNIT_FAILURE 115 - -#ifdef __cplusplus -} -#endif -#endif - diff --git a/src/lib/libcrypto/err/err.c b/src/lib/libcrypto/err/err.c deleted file mode 100644 index 99272e437c..0000000000 --- a/src/lib/libcrypto/err/err.c +++ /dev/null @@ -1,795 +0,0 @@ -/* crypto/err/err.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include -#include -#include -#include "cryptlib.h" -#include -#include -#include - - -static LHASH *error_hash=NULL; -static LHASH *thread_hash=NULL; - -static unsigned long err_hash(ERR_STRING_DATA *a); -static int err_cmp(ERR_STRING_DATA *a, ERR_STRING_DATA *b); -static unsigned long pid_hash(ERR_STATE *pid); -static int pid_cmp(ERR_STATE *a,ERR_STATE *pid); -static unsigned long get_error_values(int inc,const char **file,int *line, - const char **data,int *flags); -static void ERR_STATE_free(ERR_STATE *s); -#ifndef NO_ERR -static ERR_STRING_DATA ERR_str_libraries[]= - { -{ERR_PACK(ERR_LIB_NONE,0,0) ,"unknown library"}, -{ERR_PACK(ERR_LIB_SYS,0,0) ,"system library"}, -{ERR_PACK(ERR_LIB_BN,0,0) ,"bignum routines"}, -{ERR_PACK(ERR_LIB_RSA,0,0) ,"rsa routines"}, -{ERR_PACK(ERR_LIB_DSA,0,0) ,"dsa routines"}, -{ERR_PACK(ERR_LIB_DH,0,0) ,"Diffie-Hellman routines"}, -{ERR_PACK(ERR_LIB_EVP,0,0) ,"digital envelope routines"}, -{ERR_PACK(ERR_LIB_BUF,0,0) ,"memory buffer routines"}, -{ERR_PACK(ERR_LIB_BIO,0,0) ,"BIO routines"}, -{ERR_PACK(ERR_LIB_OBJ,0,0) ,"object identifier routines"}, -{ERR_PACK(ERR_LIB_PEM,0,0) ,"PEM routines"}, -{ERR_PACK(ERR_LIB_ASN1,0,0) ,"asn1 encoding routines"}, -{ERR_PACK(ERR_LIB_X509,0,0) ,"x509 certificate routines"}, -{ERR_PACK(ERR_LIB_CONF,0,0) ,"configuration file routines"}, -{ERR_PACK(ERR_LIB_METH,0,0) ,"X509 lookup 'method' routines"}, -{ERR_PACK(ERR_LIB_SSL,0,0) ,"SSL routines"}, -{ERR_PACK(ERR_LIB_RSAREF,0,0) ,"RSAref routines"}, -{ERR_PACK(ERR_LIB_PROXY,0,0) ,"Proxy routines"}, -{ERR_PACK(ERR_LIB_BIO,0,0) ,"BIO routines"}, -{ERR_PACK(ERR_LIB_PKCS7,0,0) ,"PKCS7 routines"}, -{ERR_PACK(ERR_LIB_X509V3,0,0) ,"X509 V3 routines"}, -{ERR_PACK(ERR_LIB_PKCS12,0,0) ,"PKCS12 routines"}, -{ERR_PACK(ERR_LIB_RAND,0,0) ,"random number generator"}, -{ERR_PACK(ERR_LIB_DSO,0,0) ,"DSO support routines"}, -{ERR_PACK(ERR_LIB_ENGINE,0,0) ,"engine routines"}, -{0,NULL}, - }; - -static ERR_STRING_DATA ERR_str_functs[]= - { - {ERR_PACK(0,SYS_F_FOPEN,0), "fopen"}, - {ERR_PACK(0,SYS_F_CONNECT,0), "connect"}, - {ERR_PACK(0,SYS_F_GETSERVBYNAME,0), "getservbyname"}, - {ERR_PACK(0,SYS_F_SOCKET,0), "socket"}, - {ERR_PACK(0,SYS_F_IOCTLSOCKET,0), "ioctlsocket"}, - {ERR_PACK(0,SYS_F_BIND,0), "bind"}, - {ERR_PACK(0,SYS_F_LISTEN,0), "listen"}, - {ERR_PACK(0,SYS_F_ACCEPT,0), "accept"}, -#ifdef WINDOWS - {ERR_PACK(0,SYS_F_WSASTARTUP,0), "WSAstartup"}, -#endif - {ERR_PACK(0,SYS_F_OPENDIR,0), "opendir"}, - {0,NULL}, - }; - -static ERR_STRING_DATA ERR_str_reasons[]= - { -{ERR_R_FATAL ,"fatal"}, -{ERR_R_SYS_LIB ,"system lib"}, -{ERR_R_BN_LIB ,"BN lib"}, -{ERR_R_RSA_LIB ,"RSA lib"}, -{ERR_R_DH_LIB ,"DH lib"}, -{ERR_R_EVP_LIB ,"EVP lib"}, -{ERR_R_BUF_LIB ,"BUF lib"}, -{ERR_R_BIO_LIB ,"BIO lib"}, -{ERR_R_OBJ_LIB ,"OBJ lib"}, -{ERR_R_PEM_LIB ,"PEM lib"}, -{ERR_R_X509_LIB ,"X509 lib"}, -{ERR_R_METH_LIB ,"METH lib"}, -{ERR_R_ASN1_LIB ,"ASN1 lib"}, -{ERR_R_CONF_LIB ,"CONF lib"}, -{ERR_R_SSL_LIB ,"SSL lib"}, -{ERR_R_PROXY_LIB ,"PROXY lib"}, -{ERR_R_BIO_LIB ,"BIO lib"}, -{ERR_R_PKCS7_LIB ,"PKCS7 lib"}, -{ERR_R_PKCS12_LIB ,"PKCS12 lib"}, -{ERR_R_MALLOC_FAILURE ,"Malloc failure"}, -{ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED ,"called a function you should not call"}, -{ERR_R_PASSED_NULL_PARAMETER ,"passed a null parameter"}, -{ERR_R_NESTED_ASN1_ERROR ,"nested asn1 error"}, -{ERR_R_BAD_ASN1_OBJECT_HEADER ,"bad asn1 object header"}, -{ERR_R_BAD_GET_ASN1_OBJECT_CALL ,"bad get asn1 object call"}, -{ERR_R_EXPECTING_AN_ASN1_SEQUENCE ,"expecting an asn1 sequence"}, -{ERR_R_ASN1_LENGTH_MISMATCH ,"asn1 length mismatch"}, -{ERR_R_MISSING_ASN1_EOS ,"missing asn1 eos"}, -{ERR_R_DSO_LIB ,"DSO lib"}, -{ERR_R_ENGINE_LIB ,"ENGINE lib"}, - -{0,NULL}, - }; - - -#define NUM_SYS_STR_REASONS 127 -#define LEN_SYS_STR_REASON 32 - -static ERR_STRING_DATA SYS_str_reasons[NUM_SYS_STR_REASONS + 1]; -/* SYS_str_reasons is filled with copies of strerror() results at - * initialization. - * 'errno' values up to 127 should cover all usual errors, - * others will be displayed numerically by ERR_error_string. - * It is crucial that we have something for each reason code - * that occurs in ERR_str_reasons, or bogus reason strings - * will be returned for SYSerr(), which always gets an errno - * value and never one of those 'standard' reason codes. */ - -static void build_SYS_str_reasons() - { - /* OPENSSL_malloc cannot be used here, use static storage instead */ - static char strerror_tab[NUM_SYS_STR_REASONS][LEN_SYS_STR_REASON]; - int i; - - CRYPTO_w_lock(CRYPTO_LOCK_ERR_HASH); - - for (i = 1; i <= NUM_SYS_STR_REASONS; i++) - { - ERR_STRING_DATA *str = &SYS_str_reasons[i - 1]; - - str->error = (unsigned long)i; - if (str->string == NULL) - { - char (*dest)[LEN_SYS_STR_REASON] = &(strerror_tab[i - 1]); - char *src = strerror(i); - if (src != NULL) - { - strncpy(*dest, src, sizeof *dest); - (*dest)[sizeof *dest - 1] = '\0'; - str->string = *dest; - } - } - if (str->string == NULL) - str->string = "unknown"; - } - - /* Now we still have SYS_str_reasons[NUM_SYS_STR_REASONS] = {0, NULL}, - * as required by ERR_load_strings. */ - - CRYPTO_w_unlock(CRYPTO_LOCK_ERR_HASH); - } -#endif - -#define err_clear_data(p,i) \ - if (((p)->err_data[i] != NULL) && \ - (p)->err_data_flags[i] & ERR_TXT_MALLOCED) \ - { \ - OPENSSL_free((p)->err_data[i]); \ - (p)->err_data[i]=NULL; \ - } \ - (p)->err_data_flags[i]=0; - -static void ERR_STATE_free(ERR_STATE *s) - { - int i; - - if(s == NULL) - return; - - for (i=0; ierror) - { - str->error|=ERR_PACK(lib,0,0); - lh_insert(error_hash,str); - str++; - } - CRYPTO_w_unlock(CRYPTO_LOCK_ERR_HASH); - } - -void ERR_free_strings(void) - { - CRYPTO_w_lock(CRYPTO_LOCK_ERR); - - if (error_hash != NULL) - { - lh_free(error_hash); - error_hash=NULL; - } - - CRYPTO_w_unlock(CRYPTO_LOCK_ERR); - } - -/********************************************************/ - -void ERR_put_error(int lib, int func, int reason, const char *file, - int line) - { - ERR_STATE *es; - -#ifdef _OSD_POSIX - /* In the BS2000-OSD POSIX subsystem, the compiler generates - * path names in the form "*POSIX(/etc/passwd)". - * This dirty hack strips them to something sensible. - * @@@ We shouldn't modify a const string, though. - */ - if (strncmp(file,"*POSIX(", sizeof("*POSIX(")-1) == 0) { - char *end; - - /* Skip the "*POSIX(" prefix */ - file += sizeof("*POSIX(")-1; - end = &file[strlen(file)-1]; - if (*end == ')') - *end = '\0'; - /* Optional: use the basename of the path only. */ - if ((end = strrchr(file, '/')) != NULL) - file = &end[1]; - } -#endif - es=ERR_get_state(); - - es->top=(es->top+1)%ERR_NUM_ERRORS; - if (es->top == es->bottom) - es->bottom=(es->bottom+1)%ERR_NUM_ERRORS; - es->err_buffer[es->top]=ERR_PACK(lib,func,reason); - es->err_file[es->top]=file; - es->err_line[es->top]=line; - err_clear_data(es,es->top); - } - -void ERR_clear_error(void) - { - ERR_STATE *es; - - es=ERR_get_state(); - -#if 0 - /* hmm... is this needed */ - for (i=0; ierr_buffer[i]=0; - es->err_file[i]=NULL; - es->err_line[i]= -1; - err_clear_data(es,i); - } -#endif - es->top=es->bottom=0; - } - - -unsigned long ERR_get_error(void) - { return(get_error_values(1,NULL,NULL,NULL,NULL)); } - -unsigned long ERR_get_error_line(const char **file, - int *line) - { return(get_error_values(1,file,line,NULL,NULL)); } - -unsigned long ERR_get_error_line_data(const char **file, int *line, - const char **data, int *flags) - { return(get_error_values(1,file,line, - data,flags)); } - -unsigned long ERR_peek_error(void) - { return(get_error_values(0,NULL,NULL,NULL,NULL)); } - -unsigned long ERR_peek_error_line(const char **file, - int *line) - { return(get_error_values(0,file,line,NULL,NULL)); } - -unsigned long ERR_peek_error_line_data(const char **file, int *line, - const char **data, int *flags) - { return(get_error_values(0,file,line, - data,flags)); } - -static unsigned long get_error_values(int inc, const char **file, int *line, - const char **data, int *flags) - { - int i=0; - ERR_STATE *es; - unsigned long ret; - - es=ERR_get_state(); - - if (es->bottom == es->top) return(0); - i=(es->bottom+1)%ERR_NUM_ERRORS; - - ret=es->err_buffer[i]; - if (inc) - { - es->bottom=i; - es->err_buffer[i]=0; - } - - if ((file != NULL) && (line != NULL)) - { - if (es->err_file[i] == NULL) - { - *file="NA"; - if (line != NULL) *line=0; - } - else - { - *file=es->err_file[i]; - if (line != NULL) *line=es->err_line[i]; - } - } - - if (data != NULL) - { - if (es->err_data[i] == NULL) - { - *data=""; - if (flags != NULL) *flags=0; - } - else - { - *data=es->err_data[i]; - if (flags != NULL) *flags=es->err_data_flags[i]; - } - } - return(ret); - } - -void ERR_error_string_n(unsigned long e, char *buf, size_t len) - { - char lsbuf[64], fsbuf[64], rsbuf[64]; - const char *ls,*fs,*rs; - unsigned long l,f,r; - - l=ERR_GET_LIB(e); - f=ERR_GET_FUNC(e); - r=ERR_GET_REASON(e); - - ls=ERR_lib_error_string(e); - fs=ERR_func_error_string(e); - rs=ERR_reason_error_string(e); - - if (ls == NULL) - BIO_snprintf(lsbuf, sizeof(lsbuf), "lib(%lu)", l); - if (fs == NULL) - BIO_snprintf(fsbuf, sizeof(fsbuf), "func(%lu)", f); - if (rs == NULL) - BIO_snprintf(rsbuf, sizeof(rsbuf), "reason(%lu)", r); - - BIO_snprintf(buf, len,"error:%08lX:%s:%s:%s", e, ls?ls:lsbuf, - fs?fs:fsbuf, rs?rs:rsbuf); - if (strlen(buf) == len-1) - { - /* output may be truncated; make sure we always have 5 - * colon-separated fields, i.e. 4 colons ... */ -#define NUM_COLONS 4 - if (len > NUM_COLONS) /* ... if possible */ - { - int i; - char *s = buf; - - for (i = 0; i < NUM_COLONS; i++) - { - char *colon = strchr(s, ':'); - if (colon == NULL || colon > &buf[len-1] - NUM_COLONS + i) - { - /* set colon no. i at last possible position - * (buf[len-1] is the terminating 0)*/ - colon = &buf[len-1] - NUM_COLONS + i; - *colon = ':'; - } - s = colon + 1; - } - } - } - } - -/* BAD for multi-threading: uses a local buffer if ret == NULL */ -/* ERR_error_string_n should be used instead for ret != NULL - * as ERR_error_string cannot know how large the buffer is */ -char *ERR_error_string(unsigned long e, char *ret) - { - static char buf[256]; - - if (ret == NULL) ret=buf; - ERR_error_string_n(e, ret, 256); - - return(ret); - } - -LHASH *ERR_get_string_table(void) - { - return(error_hash); - } - -/* not thread-safe */ -LHASH *ERR_get_err_state_table(void) - { - return(thread_hash); - } - -const char *ERR_lib_error_string(unsigned long e) - { - ERR_STRING_DATA d,*p=NULL; - unsigned long l; - - l=ERR_GET_LIB(e); - - CRYPTO_w_lock(CRYPTO_LOCK_ERR_HASH); - - if (error_hash != NULL) - { - d.error=ERR_PACK(l,0,0); - p=(ERR_STRING_DATA *)lh_retrieve(error_hash,&d); - } - - CRYPTO_w_unlock(CRYPTO_LOCK_ERR_HASH); - - return((p == NULL)?NULL:p->string); - } - -const char *ERR_func_error_string(unsigned long e) - { - ERR_STRING_DATA d,*p=NULL; - unsigned long l,f; - - l=ERR_GET_LIB(e); - f=ERR_GET_FUNC(e); - - CRYPTO_w_lock(CRYPTO_LOCK_ERR_HASH); - - if (error_hash != NULL) - { - d.error=ERR_PACK(l,f,0); - p=(ERR_STRING_DATA *)lh_retrieve(error_hash,&d); - } - - CRYPTO_w_unlock(CRYPTO_LOCK_ERR_HASH); - - return((p == NULL)?NULL:p->string); - } - -const char *ERR_reason_error_string(unsigned long e) - { - ERR_STRING_DATA d,*p=NULL; - unsigned long l,r; - - l=ERR_GET_LIB(e); - r=ERR_GET_REASON(e); - - CRYPTO_w_lock(CRYPTO_LOCK_ERR_HASH); - - if (error_hash != NULL) - { - d.error=ERR_PACK(l,0,r); - p=(ERR_STRING_DATA *)lh_retrieve(error_hash,&d); - if (p == NULL) - { - d.error=ERR_PACK(0,0,r); - p=(ERR_STRING_DATA *)lh_retrieve(error_hash,&d); - } - } - - CRYPTO_w_unlock(CRYPTO_LOCK_ERR_HASH); - - return((p == NULL)?NULL:p->string); - } - -static unsigned long err_hash(ERR_STRING_DATA *a) - { - unsigned long ret,l; - - l=a->error; - ret=l^ERR_GET_LIB(l)^ERR_GET_FUNC(l); - return(ret^ret%19*13); - } - -static int err_cmp(ERR_STRING_DATA *a, ERR_STRING_DATA *b) - { - return((int)(a->error-b->error)); - } - -static unsigned long pid_hash(ERR_STATE *a) - { - return(a->pid*13); - } - -static int pid_cmp(ERR_STATE *a, ERR_STATE *b) - { - return((int)((long)a->pid - (long)b->pid)); - } - -void ERR_remove_state(unsigned long pid) - { - ERR_STATE *p = NULL,tmp; - - if (thread_hash == NULL) - return; - if (pid == 0) - pid=(unsigned long)CRYPTO_thread_id(); - tmp.pid=pid; - CRYPTO_w_lock(CRYPTO_LOCK_ERR); - if (thread_hash) - { - p=(ERR_STATE *)lh_delete(thread_hash,&tmp); - if (lh_num_items(thread_hash) == 0) - { - /* make sure we don't leak memory */ - lh_free(thread_hash); - thread_hash = NULL; - } - } - CRYPTO_w_unlock(CRYPTO_LOCK_ERR); - - if (p != NULL) ERR_STATE_free(p); - } - -ERR_STATE *ERR_get_state(void) - { - static ERR_STATE fallback; - ERR_STATE *ret=NULL,tmp,*tmpp=NULL; - int thread_state_exists; - int i; - unsigned long pid; - - pid=(unsigned long)CRYPTO_thread_id(); - - CRYPTO_w_lock(CRYPTO_LOCK_ERR); - if (thread_hash != NULL) - { - tmp.pid=pid; - ret=(ERR_STATE *)lh_retrieve(thread_hash,&tmp); - } - CRYPTO_w_unlock(CRYPTO_LOCK_ERR); - - /* ret == the error state, if NULL, make a new one */ - if (ret == NULL) - { - ret=(ERR_STATE *)OPENSSL_malloc(sizeof(ERR_STATE)); - if (ret == NULL) return(&fallback); - ret->pid=pid; - ret->top=0; - ret->bottom=0; - for (i=0; ierr_data[i]=NULL; - ret->err_data_flags[i]=0; - } - - CRYPTO_w_lock(CRYPTO_LOCK_ERR); - - /* no entry yet in thread_hash for current thread - - * thus, it may have changed since we last looked at it */ - if (thread_hash == NULL) - thread_hash = lh_new(pid_hash, pid_cmp); - if (thread_hash == NULL) - thread_state_exists = 0; /* allocation error */ - else - { - tmpp=(ERR_STATE *)lh_insert(thread_hash,ret); - thread_state_exists = 1; - } - - CRYPTO_w_unlock(CRYPTO_LOCK_ERR); - - if (!thread_state_exists) - { - ERR_STATE_free(ret); /* could not insert it */ - return(&fallback); - } - - if (tmpp != NULL) /* old entry - should not happen */ - { - ERR_STATE_free(tmpp); - } - } - return(ret); - } - -int ERR_get_next_error_library(void) - { - static int value=ERR_LIB_USER; - - return(value++); - } - -void ERR_set_error_data(char *data, int flags) - { - ERR_STATE *es; - int i; - - es=ERR_get_state(); - - i=es->top; - if (i == 0) - i=ERR_NUM_ERRORS-1; - - es->err_data[i]=data; - es->err_data_flags[es->top]=flags; - } - -void ERR_add_error_data(int num, ...) - { - va_list args; - int i,n,s; - char *str,*p,*a; - - s=64; - str=OPENSSL_malloc(s+1); - if (str == NULL) return; - str[0]='\0'; - - va_start(args, num); - n=0; - for (i=0; i */ - if (a != NULL) - { - n+=strlen(a); - if (n > s) - { - s=n+20; - p=OPENSSL_realloc(str,s+1); - if (p == NULL) - { - OPENSSL_free(str); - return; - } - else - str=p; - } - strcat(str,a); - } - } - ERR_set_error_data(str,ERR_TXT_MALLOCED|ERR_TXT_STRING); - - va_end(args); - } - diff --git a/src/lib/libcrypto/err/err.h b/src/lib/libcrypto/err/err.h deleted file mode 100644 index 7388a4a937..0000000000 --- a/src/lib/libcrypto/err/err.h +++ /dev/null @@ -1,278 +0,0 @@ -/* crypto/err/err.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_ERR_H -#define HEADER_ERR_H - -#ifndef NO_FP_API -#include -#include -#endif - -#ifndef NO_BIO -#include -#endif -#ifndef NO_LHASH -#include -#endif - -#ifdef __cplusplus -extern "C" { -#endif - -/* The following is a bit of a trick to help the object files only contain - * the 'name of the file' string once. Since 'err.h' is protected by the - * HEADER_ERR_H stuff, this should be included only once per file. */ - -#define ERR_file_name __FILE__ - -#ifndef NO_ERR -#define ERR_PUT_error(a,b,c,d,e) ERR_put_error(a,b,c,d,e) -#else -#define ERR_PUT_error(a,b,c,d,e) ERR_put_error(a,b,c,NULL,0) -#endif - -#include - -#define ERR_TXT_MALLOCED 0x01 -#define ERR_TXT_STRING 0x02 - -#define ERR_NUM_ERRORS 16 -typedef struct err_state_st - { - unsigned long pid; - unsigned long err_buffer[ERR_NUM_ERRORS]; - char *err_data[ERR_NUM_ERRORS]; - int err_data_flags[ERR_NUM_ERRORS]; - const char *err_file[ERR_NUM_ERRORS]; - int err_line[ERR_NUM_ERRORS]; - int top,bottom; - } ERR_STATE; - -/* library */ -#define ERR_LIB_NONE 1 -#define ERR_LIB_SYS 2 -#define ERR_LIB_BN 3 -#define ERR_LIB_RSA 4 -#define ERR_LIB_DH 5 -#define ERR_LIB_EVP 6 -#define ERR_LIB_BUF 7 -#define ERR_LIB_OBJ 8 -#define ERR_LIB_PEM 9 -#define ERR_LIB_DSA 10 -#define ERR_LIB_X509 11 -#define ERR_LIB_METH 12 -#define ERR_LIB_ASN1 13 -#define ERR_LIB_CONF 14 -#define ERR_LIB_CRYPTO 15 -#define ERR_LIB_SSL 20 -#define ERR_LIB_SSL23 21 -#define ERR_LIB_SSL2 22 -#define ERR_LIB_SSL3 23 -#define ERR_LIB_RSAREF 30 -#define ERR_LIB_PROXY 31 -#define ERR_LIB_BIO 32 -#define ERR_LIB_PKCS7 33 -#define ERR_LIB_X509V3 34 -#define ERR_LIB_PKCS12 35 -#define ERR_LIB_RAND 36 -#define ERR_LIB_DSO 37 -#define ERR_LIB_ENGINE 38 - -#define ERR_LIB_USER 128 - -#define SYSerr(f,r) ERR_PUT_error(ERR_LIB_SYS,(f),(r),ERR_file_name,__LINE__) -#define BNerr(f,r) ERR_PUT_error(ERR_LIB_BN,(f),(r),ERR_file_name,__LINE__) -#define RSAerr(f,r) ERR_PUT_error(ERR_LIB_RSA,(f),(r),ERR_file_name,__LINE__) -#define DHerr(f,r) ERR_PUT_error(ERR_LIB_DH,(f),(r),ERR_file_name,__LINE__) -#define EVPerr(f,r) ERR_PUT_error(ERR_LIB_EVP,(f),(r),ERR_file_name,__LINE__) -#define BUFerr(f,r) ERR_PUT_error(ERR_LIB_BUF,(f),(r),ERR_file_name,__LINE__) -#define BIOerr(f,r) ERR_PUT_error(ERR_LIB_BIO,(f),(r),ERR_file_name,__LINE__) -#define OBJerr(f,r) ERR_PUT_error(ERR_LIB_OBJ,(f),(r),ERR_file_name,__LINE__) -#define PEMerr(f,r) ERR_PUT_error(ERR_LIB_PEM,(f),(r),ERR_file_name,__LINE__) -#define DSAerr(f,r) ERR_PUT_error(ERR_LIB_DSA,(f),(r),ERR_file_name,__LINE__) -#define X509err(f,r) ERR_PUT_error(ERR_LIB_X509,(f),(r),ERR_file_name,__LINE__) -#define METHerr(f,r) ERR_PUT_error(ERR_LIB_METH,(f),(r),ERR_file_name,__LINE__) -#define ASN1err(f,r) ERR_PUT_error(ERR_LIB_ASN1,(f),(r),ERR_file_name,__LINE__) -#define CONFerr(f,r) ERR_PUT_error(ERR_LIB_CONF,(f),(r),ERR_file_name,__LINE__) -#define CRYPTOerr(f,r) ERR_PUT_error(ERR_LIB_CRYPTO,(f),(r),ERR_file_name,__LINE__) -#define SSLerr(f,r) ERR_PUT_error(ERR_LIB_SSL,(f),(r),ERR_file_name,__LINE__) -#define SSL23err(f,r) ERR_PUT_error(ERR_LIB_SSL23,(f),(r),ERR_file_name,__LINE__) -#define SSL2err(f,r) ERR_PUT_error(ERR_LIB_SSL2,(f),(r),ERR_file_name,__LINE__) -#define SSL3err(f,r) ERR_PUT_error(ERR_LIB_SSL3,(f),(r),ERR_file_name,__LINE__) -#define RSAREFerr(f,r) ERR_PUT_error(ERR_LIB_RSAREF,(f),(r),ERR_file_name,__LINE__) -#define PROXYerr(f,r) ERR_PUT_error(ERR_LIB_PROXY,(f),(r),ERR_file_name,__LINE__) -#define PKCS7err(f,r) ERR_PUT_error(ERR_LIB_PKCS7,(f),(r),ERR_file_name,__LINE__) -#define X509V3err(f,r) ERR_PUT_error(ERR_LIB_X509V3,(f),(r),ERR_file_name,__LINE__) -#define PKCS12err(f,r) ERR_PUT_error(ERR_LIB_PKCS12,(f),(r),ERR_file_name,__LINE__) -#define RANDerr(f,r) ERR_PUT_error(ERR_LIB_RAND,(f),(r),ERR_file_name,__LINE__) -#define DSOerr(f,r) ERR_PUT_error(ERR_LIB_DSO,(f),(r),ERR_file_name,__LINE__) -#define ENGINEerr(f,r) ERR_PUT_error(ERR_LIB_ENGINE,(f),(r),ERR_file_name,__LINE__) - -/* Borland C seems too stupid to be able to shift and do longs in - * the pre-processor :-( */ -#define ERR_PACK(l,f,r) (((((unsigned long)l)&0xffL)*0x1000000)| \ - ((((unsigned long)f)&0xfffL)*0x1000)| \ - ((((unsigned long)r)&0xfffL))) -#define ERR_GET_LIB(l) (int)((((unsigned long)l)>>24L)&0xffL) -#define ERR_GET_FUNC(l) (int)((((unsigned long)l)>>12L)&0xfffL) -#define ERR_GET_REASON(l) (int)((l)&0xfffL) -#define ERR_FATAL_ERROR(l) (int)((l)&ERR_R_FATAL) - -/* OS functions */ -#define SYS_F_FOPEN 1 -#define SYS_F_CONNECT 2 -#define SYS_F_GETSERVBYNAME 3 -#define SYS_F_SOCKET 4 -#define SYS_F_IOCTLSOCKET 5 -#define SYS_F_BIND 6 -#define SYS_F_LISTEN 7 -#define SYS_F_ACCEPT 8 -#define SYS_F_WSASTARTUP 9 /* Winsock stuff */ -#define SYS_F_OPENDIR 10 - -#define ERR_R_FATAL 32 -/* reasons */ -#define ERR_R_SYS_LIB ERR_LIB_SYS -#define ERR_R_BN_LIB ERR_LIB_BN -#define ERR_R_RSA_LIB ERR_LIB_RSA -#define ERR_R_DSA_LIB ERR_LIB_DSA -#define ERR_R_DH_LIB ERR_LIB_DH -#define ERR_R_EVP_LIB ERR_LIB_EVP -#define ERR_R_BUF_LIB ERR_LIB_BUF -#define ERR_R_BIO_LIB ERR_LIB_BIO -#define ERR_R_OBJ_LIB ERR_LIB_OBJ -#define ERR_R_PEM_LIB ERR_LIB_PEM -#define ERR_R_X509_LIB ERR_LIB_X509 -#define ERR_R_METH_LIB ERR_LIB_METH -#define ERR_R_ASN1_LIB ERR_LIB_ASN1 -#define ERR_R_CONF_LIB ERR_LIB_CONF -#define ERR_R_CRYPTO_LIB ERR_LIB_CRYPTO -#define ERR_R_SSL_LIB ERR_LIB_SSL -#define ERR_R_SSL23_LIB ERR_LIB_SSL23 -#define ERR_R_SSL2_LIB ERR_LIB_SSL2 -#define ERR_R_SSL3_LIB ERR_LIB_SSL3 -#define ERR_R_PROXY_LIB ERR_LIB_PROXY -#define ERR_R_BIO_LIB ERR_LIB_BIO -#define ERR_R_PKCS7_LIB ERR_LIB_PKCS7 -#define ERR_R_PKCS12_LIB ERR_LIB_PKCS12 -#define ERR_R_DSO_LIB ERR_LIB_DSO -#define ERR_R_ENGINE_LIB ERR_LIB_ENGINE - -/* fatal error */ -#define ERR_R_MALLOC_FAILURE (1|ERR_R_FATAL) -#define ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED (2|ERR_R_FATAL) -#define ERR_R_PASSED_NULL_PARAMETER (3|ERR_R_FATAL) -#define ERR_R_NESTED_ASN1_ERROR (4) -#define ERR_R_BAD_ASN1_OBJECT_HEADER (5) -#define ERR_R_BAD_GET_ASN1_OBJECT_CALL (6) -#define ERR_R_EXPECTING_AN_ASN1_SEQUENCE (7) -#define ERR_R_ASN1_LENGTH_MISMATCH (8) -#define ERR_R_MISSING_ASN1_EOS (9) - -typedef struct ERR_string_data_st - { - unsigned long error; - const char *string; - } ERR_STRING_DATA; - -void ERR_put_error(int lib, int func,int reason,const char *file,int line); -void ERR_set_error_data(char *data,int flags); - -unsigned long ERR_get_error(void ); -unsigned long ERR_get_error_line(const char **file,int *line); -unsigned long ERR_get_error_line_data(const char **file,int *line, - const char **data, int *flags); -unsigned long ERR_peek_error(void ); -unsigned long ERR_peek_error_line(const char **file,int *line); -unsigned long ERR_peek_error_line_data(const char **file,int *line, - const char **data,int *flags); -void ERR_clear_error(void ); -char *ERR_error_string(unsigned long e,char *buf); -void ERR_error_string_n(unsigned long e, char *buf, size_t len); -const char *ERR_lib_error_string(unsigned long e); -const char *ERR_func_error_string(unsigned long e); -const char *ERR_reason_error_string(unsigned long e); -#ifndef NO_FP_API -void ERR_print_errors_fp(FILE *fp); -#endif -#ifndef NO_BIO -void ERR_print_errors(BIO *bp); -void ERR_add_error_data(int num, ...); -#endif -void ERR_load_strings(int lib,ERR_STRING_DATA str[]); -void ERR_load_ERR_strings(void); -void ERR_load_crypto_strings(void); -void ERR_free_strings(void); - -void ERR_remove_state(unsigned long pid); /* if zero we look it up */ -ERR_STATE *ERR_get_state(void); - -#ifndef NO_LHASH -LHASH *ERR_get_string_table(void); -LHASH *ERR_get_err_state_table(void); /* even less thread-safe than - * ERR_get_string_table :-) */ -#endif - -int ERR_get_next_error_library(void); - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/src/lib/libcrypto/err/err_all.c b/src/lib/libcrypto/err/err_all.c deleted file mode 100644 index b8315d8272..0000000000 --- a/src/lib/libcrypto/err/err_all.c +++ /dev/null @@ -1,126 +0,0 @@ -/* crypto/err/err_all.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include -#include -#ifndef NO_RSA -#include -#endif -#ifdef RSAref -#include -#endif -#ifndef NO_DH -#include -#endif -#ifndef NO_DSA -#include -#endif -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -void ERR_load_crypto_strings(void) - { - static int done=0; - - if (done) return; - done=1; -#ifndef NO_ERR - ERR_load_ASN1_strings(); - ERR_load_BN_strings(); - ERR_load_BUF_strings(); - ERR_load_BIO_strings(); - ERR_load_CONF_strings(); -#ifndef NO_RSA -#ifdef RSAref - ERR_load_RSAREF_strings(); -#else - ERR_load_RSA_strings(); -#endif -#endif -#ifndef NO_DH - ERR_load_DH_strings(); -#endif -#ifndef NO_DSA - ERR_load_DSA_strings(); -#endif - ERR_load_ERR_strings(); - ERR_load_EVP_strings(); - ERR_load_OBJ_strings(); - ERR_load_PEM_strings(); - ERR_load_X509_strings(); - ERR_load_X509V3_strings(); - ERR_load_CRYPTO_strings(); - ERR_load_PKCS7_strings(); - ERR_load_PKCS12_strings(); - ERR_load_RAND_strings(); - ERR_load_DSO_strings(); - ERR_load_ENGINE_strings(); -#endif - } diff --git a/src/lib/libcrypto/err/err_prn.c b/src/lib/libcrypto/err/err_prn.c deleted file mode 100644 index 6f60b016c3..0000000000 --- a/src/lib/libcrypto/err/err_prn.c +++ /dev/null @@ -1,107 +0,0 @@ -/* crypto/err/err_prn.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include "cryptlib.h" -#include -#include -#include - -#ifndef NO_FP_API -void ERR_print_errors_fp(FILE *fp) - { - unsigned long l; - char buf[200]; - const char *file,*data; - int line,flags; - unsigned long es; - - es=CRYPTO_thread_id(); - while ((l=ERR_get_error_line_data(&file,&line,&data,&flags)) != 0) - { - ERR_error_string_n(l, buf, sizeof buf); - fprintf(fp,"%lu:%s:%s:%d:%s\n",es,buf, - file,line,(flags&ERR_TXT_STRING)?data:""); - } - } -#endif - -void ERR_print_errors(BIO *bp) - { - unsigned long l; - char buf[256]; - char buf2[256]; - const char *file,*data; - int line,flags; - unsigned long es; - - es=CRYPTO_thread_id(); - while ((l=ERR_get_error_line_data(&file,&line,&data,&flags)) != 0) - { - ERR_error_string_n(l, buf, sizeof buf); - sprintf(buf2,"%lu:%s:%s:%d:",es,buf, - file,line); - BIO_write(bp,buf2,strlen(buf2)); - if (flags & ERR_TXT_STRING) - BIO_write(bp,data,strlen(data)); - BIO_write(bp,"\n",1); - } - } - diff --git a/src/lib/libcrypto/err/openssl.ec b/src/lib/libcrypto/err/openssl.ec deleted file mode 100644 index 861d680e07..0000000000 --- a/src/lib/libcrypto/err/openssl.ec +++ /dev/null @@ -1,74 +0,0 @@ -L ERR NONE NONE -L CRYPTO crypto/crypto.h crypto/cpt_err.c -L BN crypto/bn/bn.h crypto/bn/bn_err.c -L RSA crypto/rsa/rsa.h crypto/rsa/rsa_err.c -L DSA crypto/dsa/dsa.h crypto/dsa/dsa_err.c -L DSO crypto/dso/dso.h crypto/dso/dso_err.c -L DH crypto/dh/dh.h crypto/dh/dh_err.c -L EVP crypto/evp/evp.h crypto/evp/evp_err.c -L BUF crypto/buffer/buffer.h crypto/buffer/buf_err.c -L BIO crypto/bio/bio.h crypto/bio/bio_err.c -L OBJ crypto/objects/objects.h crypto/objects/obj_err.c -L PEM crypto/pem/pem.h crypto/pem/pem_err.c -L X509 crypto/x509/x509.h crypto/x509/x509_err.c -L NONE crypto/x509/x509_vfy.h NONE -L X509V3 crypto/x509v3/x509v3.h crypto/x509v3/v3err.c -#L METH crypto/meth/meth.h crypto/meth/meth_err.c -L ASN1 crypto/asn1/asn1.h crypto/asn1/asn1_err.c -L CONF crypto/conf/conf.h crypto/conf/conf_err.c -#L PROXY crypto/proxy/proxy.h crypto/proxy/proxy_err.c -L PKCS7 crypto/pkcs7/pkcs7.h crypto/pkcs7/pkcs7err.c -L PKCS12 crypto/pkcs12/pkcs12.h crypto/pkcs12/pk12err.c -L RSAREF rsaref/rsaref.h rsaref/rsar_err.c -L SSL ssl/ssl.h ssl/ssl_err.c -L COMP crypto/comp/comp.h crypto/comp/comp_err.c -L RAND crypto/rand/rand.h crypto/rand/rand_err.c -L ENGINE crypto/engine/engine.h crypto/engine/engine_err.c - - -F RSAREF_F_RSA_BN2BIN -F RSAREF_F_RSA_PRIVATE_DECRYPT -F RSAREF_F_RSA_PRIVATE_ENCRYPT -F RSAREF_F_RSA_PUBLIC_DECRYPT -F RSAREF_F_RSA_PUBLIC_ENCRYPT -#F SSL_F_CLIENT_CERTIFICATE - -R SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE 1010 -R SSL_R_SSLV3_ALERT_BAD_RECORD_MAC 1020 -R SSL_R_TLSV1_ALERT_DECRYPTION_FAILED 1021 -R SSL_R_TLSV1_ALERT_RECORD_OVERFLOW 1022 -R SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE 1030 -R SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE 1040 -R SSL_R_SSLV3_ALERT_NO_CERTIFICATE 1041 -R SSL_R_SSLV3_ALERT_BAD_CERTIFICATE 1042 -R SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE 1043 -R SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED 1044 -R SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED 1045 -R SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN 1046 -R SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER 1047 -R SSL_R_TLSV1_ALERT_UNKNOWN_CA 1048 -R SSL_R_TLSV1_ALERT_ACCESS_DENIED 1049 -R SSL_R_TLSV1_ALERT_DECODE_ERROR 1050 -R SSL_R_TLSV1_ALERT_DECRYPT_ERROR 1051 -R SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION 1060 -R SSL_R_TLSV1_ALERT_PROTOCOL_VERSION 1070 -R SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY 1071 -R SSL_R_TLSV1_ALERT_INTERNAL_ERROR 1080 -R SSL_R_TLSV1_ALERT_USER_CANCELLED 1090 -R SSL_R_TLSV1_ALERT_NO_RENEGOTIATION 1100 - -R RSAREF_R_CONTENT_ENCODING 0x0400 -R RSAREF_R_DATA 0x0401 -R RSAREF_R_DIGEST_ALGORITHM 0x0402 -R RSAREF_R_ENCODING 0x0403 -R RSAREF_R_KEY 0x0404 -R RSAREF_R_KEY_ENCODING 0x0405 -R RSAREF_R_LEN 0x0406 -R RSAREF_R_MODULUS_LEN 0x0407 -R RSAREF_R_NEED_RANDOM 0x0408 -R RSAREF_R_PRIVATE_KEY 0x0409 -R RSAREF_R_PUBLIC_KEY 0x040a -R RSAREF_R_SIGNATURE 0x040b -R RSAREF_R_SIGNATURE_ENCODING 0x040c -R RSAREF_R_ENCRYPTION_ALGORITHM 0x040d - diff --git a/src/lib/libcrypto/evp/bio_b64.c b/src/lib/libcrypto/evp/bio_b64.c deleted file mode 100644 index af6fa2ae8f..0000000000 --- a/src/lib/libcrypto/evp/bio_b64.c +++ /dev/null @@ -1,547 +0,0 @@ -/* crypto/evp/bio_b64.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include "cryptlib.h" -#include -#include - -static int b64_write(BIO *h, const char *buf, int num); -static int b64_read(BIO *h, char *buf, int size); -/*static int b64_puts(BIO *h, const char *str); */ -/*static int b64_gets(BIO *h, char *str, int size); */ -static long b64_ctrl(BIO *h, int cmd, long arg1, void *arg2); -static int b64_new(BIO *h); -static int b64_free(BIO *data); -static long b64_callback_ctrl(BIO *h,int cmd,bio_info_cb *fp); -#define B64_BLOCK_SIZE 1024 -#define B64_BLOCK_SIZE2 768 -#define B64_NONE 0 -#define B64_ENCODE 1 -#define B64_DECODE 2 - -typedef struct b64_struct - { - /*BIO *bio; moved to the BIO structure */ - int buf_len; - int buf_off; - int tmp_len; /* used to find the start when decoding */ - int tmp_nl; /* If true, scan until '\n' */ - int encode; - int start; /* have we started decoding yet? */ - int cont; /* <= 0 when finished */ - EVP_ENCODE_CTX base64; - char buf[EVP_ENCODE_LENGTH(B64_BLOCK_SIZE)+10]; - char tmp[B64_BLOCK_SIZE]; - } BIO_B64_CTX; - -static BIO_METHOD methods_b64= - { - BIO_TYPE_BASE64,"base64 encoding", - b64_write, - b64_read, - NULL, /* b64_puts, */ - NULL, /* b64_gets, */ - b64_ctrl, - b64_new, - b64_free, - b64_callback_ctrl, - }; - -BIO_METHOD *BIO_f_base64(void) - { - return(&methods_b64); - } - -static int b64_new(BIO *bi) - { - BIO_B64_CTX *ctx; - - ctx=(BIO_B64_CTX *)OPENSSL_malloc(sizeof(BIO_B64_CTX)); - if (ctx == NULL) return(0); - - ctx->buf_len=0; - ctx->tmp_len=0; - ctx->tmp_nl=0; - ctx->buf_off=0; - ctx->cont=1; - ctx->start=1; - ctx->encode=0; - - bi->init=1; - bi->ptr=(char *)ctx; - bi->flags=0; - return(1); - } - -static int b64_free(BIO *a) - { - if (a == NULL) return(0); - OPENSSL_free(a->ptr); - a->ptr=NULL; - a->init=0; - a->flags=0; - return(1); - } - -static int b64_read(BIO *b, char *out, int outl) - { - int ret=0,i,ii,j,k,x,n,num,ret_code=0; - BIO_B64_CTX *ctx; - unsigned char *p,*q; - - if (out == NULL) return(0); - ctx=(BIO_B64_CTX *)b->ptr; - - if ((ctx == NULL) || (b->next_bio == NULL)) return(0); - - if (ctx->encode != B64_DECODE) - { - ctx->encode=B64_DECODE; - ctx->buf_len=0; - ctx->buf_off=0; - ctx->tmp_len=0; - EVP_DecodeInit(&(ctx->base64)); - } - - /* First check if there are bytes decoded/encoded */ - if (ctx->buf_len > 0) - { - i=ctx->buf_len-ctx->buf_off; - if (i > outl) i=outl; - memcpy(out,&(ctx->buf[ctx->buf_off]),i); - ret=i; - out+=i; - outl-=i; - ctx->buf_off+=i; - if (ctx->buf_len == ctx->buf_off) - { - ctx->buf_len=0; - ctx->buf_off=0; - } - } - - /* At this point, we have room of outl bytes and an empty - * buffer, so we should read in some more. */ - - ret_code=0; - while (outl > 0) - { - if (ctx->cont <= 0) break; - - i=BIO_read(b->next_bio,&(ctx->tmp[ctx->tmp_len]), - B64_BLOCK_SIZE-ctx->tmp_len); - - if (i <= 0) - { - ret_code=i; - - /* Should be continue next time we are called? */ - if (!BIO_should_retry(b->next_bio)) - ctx->cont=i; - /* else we should continue when called again */ - break; - } - i+=ctx->tmp_len; - - /* We need to scan, a line at a time until we - * have a valid line if we are starting. */ - if (ctx->start && (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL)) - { - /* ctx->start=1; */ - ctx->tmp_len=0; - } - else if (ctx->start) - { - q=p=(unsigned char *)ctx->tmp; - for (j=0; jtmp_nl) - { - p=q; - ctx->tmp_nl=0; - continue; - } - - k=EVP_DecodeUpdate(&(ctx->base64), - (unsigned char *)ctx->buf, - &num,p,q-p); - if ((k <= 0) && (num == 0) && (ctx->start)) - EVP_DecodeInit(&ctx->base64); - else - { - if (p != (unsigned char *) - &(ctx->tmp[0])) - { - i-=(p- (unsigned char *) - &(ctx->tmp[0])); - for (x=0; x < i; x++) - ctx->tmp[x]=p[x]; - } - EVP_DecodeInit(&ctx->base64); - ctx->start=0; - break; - } - p=q; - } - - /* we fell off the end without starting */ - if (j == i) - { - /* Is this is one long chunk?, if so, keep on - * reading until a new line. */ - if (p == (unsigned char *)&(ctx->tmp[0])) - { - ctx->tmp_nl=1; - ctx->tmp_len=0; - } - else if (p != q) /* finished on a '\n' */ - { - n=q-p; - for (ii=0; iitmp[ii]=p[ii]; - ctx->tmp_len=n; - } - /* else finished on a '\n' */ - continue; - } - else - ctx->tmp_len=0; - } - - if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL) - { - int z,jj; - - jj=(i>>2)<<2; - z=EVP_DecodeBlock((unsigned char *)ctx->buf, - (unsigned char *)ctx->tmp,jj); - if (jj > 2) - { - if (ctx->tmp[jj-1] == '=') - { - z--; - if (ctx->tmp[jj-2] == '=') - z--; - } - } - /* z is now number of output bytes and jj is the - * number consumed */ - if (jj != i) - { - memcpy((unsigned char *)ctx->tmp, - (unsigned char *)&(ctx->tmp[jj]),i-jj); - ctx->tmp_len=i-jj; - } - ctx->buf_len=0; - if (z > 0) - { - ctx->buf_len=z; - i=1; - } - else - i=z; - } - else - { - i=EVP_DecodeUpdate(&(ctx->base64), - (unsigned char *)ctx->buf,&ctx->buf_len, - (unsigned char *)ctx->tmp,i); - } - ctx->cont=i; - ctx->buf_off=0; - if (i < 0) - { - ret_code=0; - ctx->buf_len=0; - break; - } - - if (ctx->buf_len <= outl) - i=ctx->buf_len; - else - i=outl; - - memcpy(out,ctx->buf,i); - ret+=i; - ctx->buf_off=i; - if (ctx->buf_off == ctx->buf_len) - { - ctx->buf_len=0; - ctx->buf_off=0; - } - outl-=i; - out+=i; - } - BIO_clear_retry_flags(b); - BIO_copy_next_retry(b); - return((ret == 0)?ret_code:ret); - } - -static int b64_write(BIO *b, const char *in, int inl) - { - int ret=inl,n,i; - BIO_B64_CTX *ctx; - - ctx=(BIO_B64_CTX *)b->ptr; - BIO_clear_retry_flags(b); - - if (ctx->encode != B64_ENCODE) - { - ctx->encode=B64_ENCODE; - ctx->buf_len=0; - ctx->buf_off=0; - ctx->tmp_len=0; - EVP_EncodeInit(&(ctx->base64)); - } - - n=ctx->buf_len-ctx->buf_off; - while (n > 0) - { - i=BIO_write(b->next_bio,&(ctx->buf[ctx->buf_off]),n); - if (i <= 0) - { - BIO_copy_next_retry(b); - return(i); - } - ctx->buf_off+=i; - n-=i; - } - /* at this point all pending data has been written */ - ctx->buf_off=0; - ctx->buf_len=0; - - if ((in == NULL) || (inl <= 0)) return(0); - - while (inl > 0) - { - n=(inl > B64_BLOCK_SIZE)?B64_BLOCK_SIZE:inl; - - if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL) - { - if (ctx->tmp_len > 0) - { - n=3-ctx->tmp_len; - /* There's a teoretical possibility for this */ - if (n > inl) - n=inl; - memcpy(&(ctx->tmp[ctx->tmp_len]),in,n); - ctx->tmp_len+=n; - if (ctx->tmp_len < 3) - break; - ctx->buf_len=EVP_EncodeBlock( - (unsigned char *)ctx->buf, - (unsigned char *)ctx->tmp, - ctx->tmp_len); - /* Since we're now done using the temporary - buffer, the length should be 0'd */ - ctx->tmp_len=0; - } - else - { - if (n < 3) - { - memcpy(&(ctx->tmp[0]),in,n); - ctx->tmp_len=n; - break; - } - n-=n%3; - ctx->buf_len=EVP_EncodeBlock( - (unsigned char *)ctx->buf, - (unsigned char *)in,n); - } - } - else - { - EVP_EncodeUpdate(&(ctx->base64), - (unsigned char *)ctx->buf,&ctx->buf_len, - (unsigned char *)in,n); - } - inl-=n; - in+=n; - - ctx->buf_off=0; - n=ctx->buf_len; - while (n > 0) - { - i=BIO_write(b->next_bio,&(ctx->buf[ctx->buf_off]),n); - if (i <= 0) - { - BIO_copy_next_retry(b); - return((ret == 0)?i:ret); - } - n-=i; - ctx->buf_off+=i; - } - ctx->buf_len=0; - ctx->buf_off=0; - } - return(ret); - } - -static long b64_ctrl(BIO *b, int cmd, long num, void *ptr) - { - BIO_B64_CTX *ctx; - long ret=1; - int i; - - ctx=(BIO_B64_CTX *)b->ptr; - - switch (cmd) - { - case BIO_CTRL_RESET: - ctx->cont=1; - ctx->start=1; - ctx->encode=B64_NONE; - ret=BIO_ctrl(b->next_bio,cmd,num,ptr); - break; - case BIO_CTRL_EOF: /* More to read */ - if (ctx->cont <= 0) - ret=1; - else - ret=BIO_ctrl(b->next_bio,cmd,num,ptr); - break; - case BIO_CTRL_WPENDING: /* More to write in buffer */ - ret=ctx->buf_len-ctx->buf_off; - if ((ret == 0) && (ctx->base64.num != 0)) - ret=1; - else if (ret <= 0) - ret=BIO_ctrl(b->next_bio,cmd,num,ptr); - break; - case BIO_CTRL_PENDING: /* More to read in buffer */ - ret=ctx->buf_len-ctx->buf_off; - if (ret <= 0) - ret=BIO_ctrl(b->next_bio,cmd,num,ptr); - break; - case BIO_CTRL_FLUSH: - /* do a final write */ -again: - while (ctx->buf_len != ctx->buf_off) - { - i=b64_write(b,NULL,0); - if (i < 0) - { - ret=i; - break; - } - } - if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL) - { - if (ctx->tmp_len != 0) - { - ctx->buf_len=EVP_EncodeBlock( - (unsigned char *)ctx->buf, - (unsigned char *)ctx->tmp, - ctx->tmp_len); - ctx->buf_off=0; - ctx->tmp_len=0; - goto again; - } - } - else if (ctx->base64.num != 0) - { - ctx->buf_off=0; - EVP_EncodeFinal(&(ctx->base64), - (unsigned char *)ctx->buf, - &(ctx->buf_len)); - /* push out the bytes */ - goto again; - } - /* Finally flush the underlying BIO */ - ret=BIO_ctrl(b->next_bio,cmd,num,ptr); - break; - - case BIO_C_DO_STATE_MACHINE: - BIO_clear_retry_flags(b); - ret=BIO_ctrl(b->next_bio,cmd,num,ptr); - BIO_copy_next_retry(b); - break; - - case BIO_CTRL_DUP: - break; - case BIO_CTRL_INFO: - case BIO_CTRL_GET: - case BIO_CTRL_SET: - default: - ret=BIO_ctrl(b->next_bio,cmd,num,ptr); - break; - } - return(ret); - } - -static long b64_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp) - { - long ret=1; - - if (b->next_bio == NULL) return(0); - switch (cmd) - { - default: - ret=BIO_callback_ctrl(b->next_bio,cmd,fp); - break; - } - return(ret); - } - diff --git a/src/lib/libcrypto/evp/bio_enc.c b/src/lib/libcrypto/evp/bio_enc.c deleted file mode 100644 index 831c71a2b5..0000000000 --- a/src/lib/libcrypto/evp/bio_enc.c +++ /dev/null @@ -1,425 +0,0 @@ -/* crypto/evp/bio_enc.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include "cryptlib.h" -#include -#include - -static int enc_write(BIO *h, const char *buf, int num); -static int enc_read(BIO *h, char *buf, int size); -/*static int enc_puts(BIO *h, const char *str); */ -/*static int enc_gets(BIO *h, char *str, int size); */ -static long enc_ctrl(BIO *h, int cmd, long arg1, void *arg2); -static int enc_new(BIO *h); -static int enc_free(BIO *data); -static long enc_callback_ctrl(BIO *h, int cmd, bio_info_cb *fps); -#define ENC_BLOCK_SIZE (1024*4) - -typedef struct enc_struct - { - int buf_len; - int buf_off; - int cont; /* <= 0 when finished */ - int finished; - int ok; /* bad decrypt */ - EVP_CIPHER_CTX cipher; - char buf[ENC_BLOCK_SIZE+10]; - } BIO_ENC_CTX; - -static BIO_METHOD methods_enc= - { - BIO_TYPE_CIPHER,"cipher", - enc_write, - enc_read, - NULL, /* enc_puts, */ - NULL, /* enc_gets, */ - enc_ctrl, - enc_new, - enc_free, - enc_callback_ctrl, - }; - -BIO_METHOD *BIO_f_cipher(void) - { - return(&methods_enc); - } - -static int enc_new(BIO *bi) - { - BIO_ENC_CTX *ctx; - - ctx=(BIO_ENC_CTX *)OPENSSL_malloc(sizeof(BIO_ENC_CTX)); - EVP_CIPHER_CTX_init(&ctx->cipher); - if (ctx == NULL) return(0); - - ctx->buf_len=0; - ctx->buf_off=0; - ctx->cont=1; - ctx->finished=0; - ctx->ok=1; - - bi->init=0; - bi->ptr=(char *)ctx; - bi->flags=0; - return(1); - } - -static int enc_free(BIO *a) - { - BIO_ENC_CTX *b; - - if (a == NULL) return(0); - b=(BIO_ENC_CTX *)a->ptr; - EVP_CIPHER_CTX_cleanup(&(b->cipher)); - memset(a->ptr,0,sizeof(BIO_ENC_CTX)); - OPENSSL_free(a->ptr); - a->ptr=NULL; - a->init=0; - a->flags=0; - return(1); - } - -static int enc_read(BIO *b, char *out, int outl) - { - int ret=0,i; - BIO_ENC_CTX *ctx; - - if (out == NULL) return(0); - ctx=(BIO_ENC_CTX *)b->ptr; - - if ((ctx == NULL) || (b->next_bio == NULL)) return(0); - - /* First check if there are bytes decoded/encoded */ - if (ctx->buf_len > 0) - { - i=ctx->buf_len-ctx->buf_off; - if (i > outl) i=outl; - memcpy(out,&(ctx->buf[ctx->buf_off]),i); - ret=i; - out+=i; - outl-=i; - ctx->buf_off+=i; - if (ctx->buf_len == ctx->buf_off) - { - ctx->buf_len=0; - ctx->buf_off=0; - } - } - - /* At this point, we have room of outl bytes and an empty - * buffer, so we should read in some more. */ - - while (outl > 0) - { - if (ctx->cont <= 0) break; - - /* read in at offset 8, read the EVP_Cipher - * documentation about why */ - i=BIO_read(b->next_bio,&(ctx->buf[8]),ENC_BLOCK_SIZE); - - if (i <= 0) - { - /* Should be continue next time we are called? */ - if (!BIO_should_retry(b->next_bio)) - { - ctx->cont=i; - i=EVP_CipherFinal(&(ctx->cipher), - (unsigned char *)ctx->buf, - &(ctx->buf_len)); - ctx->ok=i; - ctx->buf_off=0; - } - else - { - ret=(ret == 0)?i:ret; - break; - } - } - else - { - EVP_CipherUpdate(&(ctx->cipher), - (unsigned char *)ctx->buf,&ctx->buf_len, - (unsigned char *)&(ctx->buf[8]),i); - ctx->cont=1; - /* Note: it is possible for EVP_CipherUpdate to - * decrypt zero bytes because this is or looks like - * the final block: if this happens we should retry - * and either read more data or decrypt the final - * block - */ - if(ctx->buf_len == 0) continue; - } - - if (ctx->buf_len <= outl) - i=ctx->buf_len; - else - i=outl; - if (i <= 0) break; - memcpy(out,ctx->buf,i); - ret+=i; - ctx->buf_off=i; - outl-=i; - out+=i; - } - - BIO_clear_retry_flags(b); - BIO_copy_next_retry(b); - return((ret == 0)?ctx->cont:ret); - } - -static int enc_write(BIO *b, const char *in, int inl) - { - int ret=0,n,i; - BIO_ENC_CTX *ctx; - - ctx=(BIO_ENC_CTX *)b->ptr; - ret=inl; - - BIO_clear_retry_flags(b); - n=ctx->buf_len-ctx->buf_off; - while (n > 0) - { - i=BIO_write(b->next_bio,&(ctx->buf[ctx->buf_off]),n); - if (i <= 0) - { - BIO_copy_next_retry(b); - return(i); - } - ctx->buf_off+=i; - n-=i; - } - /* at this point all pending data has been written */ - - if ((in == NULL) || (inl <= 0)) return(0); - - ctx->buf_off=0; - while (inl > 0) - { - n=(inl > ENC_BLOCK_SIZE)?ENC_BLOCK_SIZE:inl; - EVP_CipherUpdate(&(ctx->cipher), - (unsigned char *)ctx->buf,&ctx->buf_len, - (unsigned char *)in,n); - inl-=n; - in+=n; - - ctx->buf_off=0; - n=ctx->buf_len; - while (n > 0) - { - i=BIO_write(b->next_bio,&(ctx->buf[ctx->buf_off]),n); - if (i <= 0) - { - BIO_copy_next_retry(b); - return(i); - } - n-=i; - ctx->buf_off+=i; - } - ctx->buf_len=0; - ctx->buf_off=0; - } - BIO_copy_next_retry(b); - return(ret); - } - -static long enc_ctrl(BIO *b, int cmd, long num, void *ptr) - { - BIO *dbio; - BIO_ENC_CTX *ctx,*dctx; - long ret=1; - int i; - EVP_CIPHER_CTX **c_ctx; - - ctx=(BIO_ENC_CTX *)b->ptr; - - switch (cmd) - { - case BIO_CTRL_RESET: - ctx->ok=1; - ctx->finished=0; - EVP_CipherInit(&(ctx->cipher),NULL,NULL,NULL, - ctx->cipher.encrypt); - ret=BIO_ctrl(b->next_bio,cmd,num,ptr); - break; - case BIO_CTRL_EOF: /* More to read */ - if (ctx->cont <= 0) - ret=1; - else - ret=BIO_ctrl(b->next_bio,cmd,num,ptr); - break; - case BIO_CTRL_WPENDING: - ret=ctx->buf_len-ctx->buf_off; - if (ret <= 0) - ret=BIO_ctrl(b->next_bio,cmd,num,ptr); - break; - case BIO_CTRL_PENDING: /* More to read in buffer */ - ret=ctx->buf_len-ctx->buf_off; - if (ret <= 0) - ret=BIO_ctrl(b->next_bio,cmd,num,ptr); - break; - case BIO_CTRL_FLUSH: - /* do a final write */ -again: - while (ctx->buf_len != ctx->buf_off) - { - i=enc_write(b,NULL,0); - if (i < 0) - { - ret=i; - break; - } - } - - if (!ctx->finished) - { - ctx->finished=1; - ctx->buf_off=0; - ret=EVP_CipherFinal(&(ctx->cipher), - (unsigned char *)ctx->buf, - &(ctx->buf_len)); - ctx->ok=(int)ret; - if (ret <= 0) break; - - /* push out the bytes */ - goto again; - } - - /* Finally flush the underlying BIO */ - ret=BIO_ctrl(b->next_bio,cmd,num,ptr); - break; - case BIO_C_GET_CIPHER_STATUS: - ret=(long)ctx->ok; - break; - case BIO_C_DO_STATE_MACHINE: - BIO_clear_retry_flags(b); - ret=BIO_ctrl(b->next_bio,cmd,num,ptr); - BIO_copy_next_retry(b); - break; - case BIO_C_GET_CIPHER_CTX: - c_ctx=(EVP_CIPHER_CTX **)ptr; - (*c_ctx)= &(ctx->cipher); - b->init=1; - break; - case BIO_CTRL_DUP: - dbio=(BIO *)ptr; - dctx=(BIO_ENC_CTX *)dbio->ptr; - memcpy(&(dctx->cipher),&(ctx->cipher),sizeof(ctx->cipher)); - dbio->init=1; - break; - default: - ret=BIO_ctrl(b->next_bio,cmd,num,ptr); - break; - } - return(ret); - } - -static long enc_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp) - { - long ret=1; - - if (b->next_bio == NULL) return(0); - switch (cmd) - { - default: - ret=BIO_callback_ctrl(b->next_bio,cmd,fp); - break; - } - return(ret); - } - -/* -void BIO_set_cipher_ctx(b,c) -BIO *b; -EVP_CIPHER_ctx *c; - { - if (b == NULL) return; - - if ((b->callback != NULL) && - (b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,0L) <= 0)) - return; - - b->init=1; - ctx=(BIO_ENC_CTX *)b->ptr; - memcpy(ctx->cipher,c,sizeof(EVP_CIPHER_CTX)); - - if (b->callback != NULL) - b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,1L); - } -*/ - -void BIO_set_cipher(BIO *b, const EVP_CIPHER *c, unsigned char *k, - unsigned char *i, int e) - { - BIO_ENC_CTX *ctx; - - if (b == NULL) return; - - if ((b->callback != NULL) && - (b->callback(b,BIO_CB_CTRL,(const char *)c,BIO_CTRL_SET,e,0L) <= 0)) - return; - - b->init=1; - ctx=(BIO_ENC_CTX *)b->ptr; - EVP_CipherInit(&(ctx->cipher),c,k,i,e); - - if (b->callback != NULL) - b->callback(b,BIO_CB_CTRL,(const char *)c,BIO_CTRL_SET,e,1L); - } - diff --git a/src/lib/libcrypto/evp/bio_md.c b/src/lib/libcrypto/evp/bio_md.c deleted file mode 100644 index 2373c247d8..0000000000 --- a/src/lib/libcrypto/evp/bio_md.c +++ /dev/null @@ -1,261 +0,0 @@ -/* crypto/evp/bio_md.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include "cryptlib.h" -#include -#include - -/* BIO_put and BIO_get both add to the digest, - * BIO_gets returns the digest */ - -static int md_write(BIO *h, char const *buf, int num); -static int md_read(BIO *h, char *buf, int size); -/*static int md_puts(BIO *h, const char *str); */ -static int md_gets(BIO *h, char *str, int size); -static long md_ctrl(BIO *h, int cmd, long arg1, void *arg2); -static int md_new(BIO *h); -static int md_free(BIO *data); -static long md_callback_ctrl(BIO *h,int cmd,bio_info_cb *fp); - -static BIO_METHOD methods_md= - { - BIO_TYPE_MD,"message digest", - md_write, - md_read, - NULL, /* md_puts, */ - md_gets, - md_ctrl, - md_new, - md_free, - md_callback_ctrl, - }; - -BIO_METHOD *BIO_f_md(void) - { - return(&methods_md); - } - -static int md_new(BIO *bi) - { - EVP_MD_CTX *ctx; - - ctx=(EVP_MD_CTX *)OPENSSL_malloc(sizeof(EVP_MD_CTX)); - if (ctx == NULL) return(0); - - bi->init=0; - bi->ptr=(char *)ctx; - bi->flags=0; - return(1); - } - -static int md_free(BIO *a) - { - if (a == NULL) return(0); - OPENSSL_free(a->ptr); - a->ptr=NULL; - a->init=0; - a->flags=0; - return(1); - } - -static int md_read(BIO *b, char *out, int outl) - { - int ret=0; - EVP_MD_CTX *ctx; - - if (out == NULL) return(0); - ctx=(EVP_MD_CTX *)b->ptr; - - if ((ctx == NULL) || (b->next_bio == NULL)) return(0); - - ret=BIO_read(b->next_bio,out,outl); - if (b->init) - { - if (ret > 0) - { - EVP_DigestUpdate(ctx,(unsigned char *)out, - (unsigned int)ret); - } - } - BIO_clear_retry_flags(b); - BIO_copy_next_retry(b); - return(ret); - } - -static int md_write(BIO *b, const char *in, int inl) - { - int ret=0; - EVP_MD_CTX *ctx; - - if ((in == NULL) || (inl <= 0)) return(0); - ctx=(EVP_MD_CTX *)b->ptr; - - if ((ctx != NULL) && (b->next_bio != NULL)) - ret=BIO_write(b->next_bio,in,inl); - if (b->init) - { - if (ret > 0) - { - EVP_DigestUpdate(ctx,(unsigned char *)in, - (unsigned int)ret); - } - } - BIO_clear_retry_flags(b); - BIO_copy_next_retry(b); - return(ret); - } - -static long md_ctrl(BIO *b, int cmd, long num, void *ptr) - { - EVP_MD_CTX *ctx,*dctx,**pctx; - const EVP_MD **ppmd; - EVP_MD *md; - long ret=1; - BIO *dbio; - - ctx=(EVP_MD_CTX *)b->ptr; - - switch (cmd) - { - case BIO_CTRL_RESET: - if (b->init) - EVP_DigestInit(ctx,ctx->digest); - else - ret=0; - ret=BIO_ctrl(b->next_bio,cmd,num,ptr); - break; - case BIO_C_GET_MD: - if (b->init) - { - ppmd=(const EVP_MD **)ptr; - *ppmd=ctx->digest; - } - else - ret=0; - break; - case BIO_C_GET_MD_CTX: - if (b->init) - { - pctx=(EVP_MD_CTX **)ptr; - *pctx=ctx; - } - else - ret=0; - break; - case BIO_C_DO_STATE_MACHINE: - BIO_clear_retry_flags(b); - ret=BIO_ctrl(b->next_bio,cmd,num,ptr); - BIO_copy_next_retry(b); - break; - - case BIO_C_SET_MD: - md=(EVP_MD *)ptr; - EVP_DigestInit(ctx,md); - b->init=1; - break; - case BIO_CTRL_DUP: - dbio=(BIO *)ptr; - dctx=(EVP_MD_CTX *)dbio->ptr; - memcpy(dctx,ctx,sizeof(ctx)); - b->init=1; - break; - default: - ret=BIO_ctrl(b->next_bio,cmd,num,ptr); - break; - } - return(ret); - } - -static long md_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp) - { - long ret=1; - - if (b->next_bio == NULL) return(0); - switch (cmd) - { - default: - ret=BIO_callback_ctrl(b->next_bio,cmd,fp); - break; - } - return(ret); - } - -static int md_gets(BIO *bp, char *buf, int size) - { - EVP_MD_CTX *ctx; - unsigned int ret; - - - ctx=(EVP_MD_CTX *)bp->ptr; - if (size < ctx->digest->md_size) - return(0); - EVP_DigestFinal(ctx,(unsigned char *)buf,&ret); - return((int)ret); - } - -/* -static int md_puts(bp,str) -BIO *bp; -char *str; - { - return(-1); - } -*/ - diff --git a/src/lib/libcrypto/evp/c_all.c b/src/lib/libcrypto/evp/c_all.c deleted file mode 100644 index 1e185830a3..0000000000 --- a/src/lib/libcrypto/evp/c_all.c +++ /dev/null @@ -1,67 +0,0 @@ -/* crypto/evp/c_all.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include - -void OpenSSL_add_all_algorithms(void) -{ - OpenSSL_add_all_ciphers(); - OpenSSL_add_all_digests(); -} diff --git a/src/lib/libcrypto/evp/digest.c b/src/lib/libcrypto/evp/digest.c deleted file mode 100644 index c560733568..0000000000 --- a/src/lib/libcrypto/evp/digest.c +++ /dev/null @@ -1,92 +0,0 @@ -/* crypto/evp/digest.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include - -void EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type) - { - ctx->digest=type; - type->init(&(ctx->md)); - } - -void EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, - unsigned int count) - { - ctx->digest->update(&(ctx->md.base[0]),data,(unsigned long)count); - } - -void EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size) - { - ctx->digest->final(md,&(ctx->md.base[0])); - if (size != NULL) - *size=ctx->digest->md_size; - memset(&(ctx->md),0,sizeof(ctx->md)); - } - -int EVP_MD_CTX_copy(EVP_MD_CTX *out, EVP_MD_CTX *in) -{ - if ((in == NULL) || (in->digest == NULL)) { - EVPerr(EVP_F_EVP_MD_CTX_COPY,EVP_R_INPUT_NOT_INITIALIZED); - return 0; - } - memcpy((char *)out,(char *)in,in->digest->ctx_size); - return 1; -} diff --git a/src/lib/libcrypto/evp/e_bf.c b/src/lib/libcrypto/evp/e_bf.c deleted file mode 100644 index 72047f64da..0000000000 --- a/src/lib/libcrypto/evp/e_bf.c +++ /dev/null @@ -1,80 +0,0 @@ -/* crypto/evp/e_bf.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef NO_BF -#include -#include "cryptlib.h" -#include -#include "evp_locl.h" -#include - -static int bf_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc); - -IMPLEMENT_BLOCK_CIPHER(bf, bf_ks, BF, bf_ks, NID_bf, 8, 16, 8, - 0, bf_init_key, NULL, - EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL) - -static int bf_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) - { - BF_set_key(&(ctx->c.bf_ks),EVP_CIPHER_CTX_key_length(ctx),key); - return 1; - } - -#endif diff --git a/src/lib/libcrypto/evp/e_cast.c b/src/lib/libcrypto/evp/e_cast.c deleted file mode 100644 index e5af7fb4ed..0000000000 --- a/src/lib/libcrypto/evp/e_cast.c +++ /dev/null @@ -1,82 +0,0 @@ -/* crypto/evp/e_cast.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef NO_CAST - -#include -#include "cryptlib.h" -#include -#include -#include "evp_locl.h" - -static int cast_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv,int enc); - -IMPLEMENT_BLOCK_CIPHER(cast5, cast_ks, CAST, cast_ks, - NID_cast5, 8, EVP_CAST5_KEY_SIZE, 8, - EVP_CIPH_VARIABLE_LENGTH, cast_init_key, NULL, - EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL) - -static int cast_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) - { - CAST_set_key(&(ctx->c.cast_ks),EVP_CIPHER_CTX_key_length(ctx),key); - return 1; - } - -#endif diff --git a/src/lib/libcrypto/evp/e_des.c b/src/lib/libcrypto/evp/e_des.c deleted file mode 100644 index f4e998b81c..0000000000 --- a/src/lib/libcrypto/evp/e_des.c +++ /dev/null @@ -1,118 +0,0 @@ -/* crypto/evp/e_des.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef NO_DES -#include -#include "cryptlib.h" -#include -#include -#include "evp_locl.h" - -static int des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc); - -/* Because of various casts and different names can't use IMPLEMENT_BLOCK_CIPHER */ - -static int des_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, unsigned int inl) -{ - BLOCK_CIPHER_ecb_loop() - des_ecb_encrypt((des_cblock *)(in + i), (des_cblock *)(out + i), ctx->c.des_ks, ctx->encrypt); - return 1; -} - -static int des_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, unsigned int inl) -{ - des_ofb64_encrypt(in, out, (long)inl, ctx->c.des_ks, (des_cblock *)ctx->iv, &ctx->num); - return 1; -} - -static int des_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, unsigned int inl) -{ - des_ncbc_encrypt(in, out, (long)inl, ctx->c.des_ks, - (des_cblock *)ctx->iv, ctx->encrypt); - return 1; -} - -static int des_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, unsigned int inl) -{ - des_cfb64_encrypt(in, out, (long)inl, ctx->c.des_ks, - (des_cblock *)ctx->iv, &ctx->num, ctx->encrypt); - return 1; -} - -BLOCK_CIPHER_defs(des, des_ks, NID_des, 8, 8, 8, - 0, des_init_key, NULL, - EVP_CIPHER_set_asn1_iv, - EVP_CIPHER_get_asn1_iv, - NULL) - - -static int des_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) - { - des_cblock *deskey = (des_cblock *)key; - - des_set_key_unchecked(deskey,ctx->c.des_ks); - return 1; - } - -#endif diff --git a/src/lib/libcrypto/evp/e_des3.c b/src/lib/libcrypto/evp/e_des3.c deleted file mode 100644 index a9aba4ae70..0000000000 --- a/src/lib/libcrypto/evp/e_des3.c +++ /dev/null @@ -1,165 +0,0 @@ -/* crypto/evp/e_des3.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef NO_DES -#include -#include "cryptlib.h" -#include -#include -#include "evp_locl.h" - -static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv,int enc); - -static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv,int enc); - -/* Because of various casts and different args can't use IMPLEMENT_BLOCK_CIPHER */ - -static int des_ede_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, unsigned int inl) -{ - BLOCK_CIPHER_ecb_loop() - des_ecb3_encrypt((des_cblock *)(in + i), (des_cblock *)(out + i), - ctx->c.des_ede.ks1, ctx->c.des_ede.ks2, ctx->c.des_ede.ks3, - ctx->encrypt); - return 1; -} - -static int des_ede_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, unsigned int inl) -{ - des_ede3_ofb64_encrypt(in, out, (long)inl, - ctx->c.des_ede.ks1, ctx->c.des_ede.ks2, ctx->c.des_ede.ks3, - (des_cblock *)ctx->iv, &ctx->num); - return 1; -} - -static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, unsigned int inl) -{ - des_ede3_cbc_encrypt(in, out, (long)inl, - ctx->c.des_ede.ks1, ctx->c.des_ede.ks2, ctx->c.des_ede.ks3, - (des_cblock *)ctx->iv, ctx->encrypt); - return 1; -} - -static int des_ede_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, unsigned int inl) -{ - des_ede3_cfb64_encrypt(in, out, (long)inl, - ctx->c.des_ede.ks1, ctx->c.des_ede.ks2, ctx->c.des_ede.ks3, - (des_cblock *)ctx->iv, &ctx->num, ctx->encrypt); - return 1; -} - -#define NID_des_ede_ecb NID_des_ede - -BLOCK_CIPHER_defs(des_ede, des_ede, NID_des_ede, 8, 16, 8, - 0, des_ede_init_key, NULL, - EVP_CIPHER_set_asn1_iv, - EVP_CIPHER_get_asn1_iv, - NULL) - -#define NID_des_ede3_ecb NID_des_ede3 -#define des_ede3_cfb_cipher des_ede_cfb_cipher -#define des_ede3_ofb_cipher des_ede_ofb_cipher -#define des_ede3_cbc_cipher des_ede_cbc_cipher -#define des_ede3_ecb_cipher des_ede_ecb_cipher - -BLOCK_CIPHER_defs(des_ede3, des_ede, NID_des_ede3, 8, 24, 8, - 0, des_ede3_init_key, NULL, - EVP_CIPHER_set_asn1_iv, - EVP_CIPHER_get_asn1_iv, - NULL) - -static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) - { - des_cblock *deskey = (des_cblock *)key; - - des_set_key_unchecked(&deskey[0],ctx->c.des_ede.ks1); - des_set_key_unchecked(&deskey[1],ctx->c.des_ede.ks2); - memcpy( (char *)ctx->c.des_ede.ks3, - (char *)ctx->c.des_ede.ks1, - sizeof(ctx->c.des_ede.ks1)); - return 1; - } - -static int des_ede3_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) - { - des_cblock *deskey = (des_cblock *)key; - - des_set_key_unchecked(&deskey[0],ctx->c.des_ede.ks1); - des_set_key_unchecked(&deskey[1],ctx->c.des_ede.ks2); - des_set_key_unchecked(&deskey[2],ctx->c.des_ede.ks3); - - return 1; - } - -EVP_CIPHER *EVP_des_ede(void) -{ - return &des_ede_ecb; -} - -EVP_CIPHER *EVP_des_ede3(void) -{ - return &des_ede3_ecb; -} -#endif diff --git a/src/lib/libcrypto/evp/e_idea.c b/src/lib/libcrypto/evp/e_idea.c deleted file mode 100644 index 8d3c88deb7..0000000000 --- a/src/lib/libcrypto/evp/e_idea.c +++ /dev/null @@ -1,112 +0,0 @@ -/* crypto/evp/e_idea.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef NO_IDEA - -#include -#include "cryptlib.h" -#include -#include -#include "evp_locl.h" - -static int idea_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv,int enc); - -/* NB idea_ecb_encrypt doesn't take an 'encrypt' argument so we treat it as a special - * case - */ - -static int idea_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, unsigned int inl) -{ - BLOCK_CIPHER_ecb_loop() - idea_ecb_encrypt(in + i, out + i, &ctx->c.idea_ks); - return 1; -} - -/* Can't use IMPLEMENT_BLOCK_CIPHER because idea_ecb_encrypt is different */ - -BLOCK_CIPHER_func_cbc(idea, idea, idea_ks) -BLOCK_CIPHER_func_ofb(idea, idea, idea_ks) -BLOCK_CIPHER_func_cfb(idea, idea, idea_ks) - -BLOCK_CIPHER_defs(idea, idea_ks, NID_idea, 8, 16, 8, - 0, idea_init_key, NULL, - EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL) - -static int idea_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) - { - if(!enc) { - if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_OFB_MODE) enc = 1; - else if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_CFB_MODE) enc = 1; - } - if (enc) idea_set_encrypt_key(key,&(ctx->c.idea_ks)); - else - { - IDEA_KEY_SCHEDULE tmp; - - idea_set_encrypt_key(key,&tmp); - idea_set_decrypt_key(&tmp,&(ctx->c.idea_ks)); - memset((unsigned char *)&tmp,0, - sizeof(IDEA_KEY_SCHEDULE)); - } - return 1; - } - -#endif diff --git a/src/lib/libcrypto/evp/e_null.c b/src/lib/libcrypto/evp/e_null.c deleted file mode 100644 index e0702cf818..0000000000 --- a/src/lib/libcrypto/evp/e_null.c +++ /dev/null @@ -1,101 +0,0 @@ -/* crypto/evp/e_null.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include - -static int null_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv,int enc); -static int null_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, unsigned int inl); -static EVP_CIPHER n_cipher= - { - NID_undef, - 1,0,0, - 0, - null_init_key, - null_cipher, - NULL, - 0, - NULL, - NULL, - NULL - }; - -EVP_CIPHER *EVP_enc_null(void) - { - return(&n_cipher); - } - -static int null_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) - { - memset(&(ctx->c),0,sizeof(ctx->c)); - return 1; - } - -static int null_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, unsigned int inl) - { - if (in != out) - memcpy((char *)out,(char *)in,(int)inl); - return 1; - } - diff --git a/src/lib/libcrypto/evp/e_rc2.c b/src/lib/libcrypto/evp/e_rc2.c deleted file mode 100644 index 3955c3ef84..0000000000 --- a/src/lib/libcrypto/evp/e_rc2.c +++ /dev/null @@ -1,222 +0,0 @@ -/* crypto/evp/e_rc2.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef NO_RC2 - -#include -#include "cryptlib.h" -#include -#include -#include "evp_locl.h" - -static int rc2_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv,int enc); -static int rc2_meth_to_magic(EVP_CIPHER_CTX *ctx); -static int rc2_magic_to_meth(int i); -static int rc2_set_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type); -static int rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type); -static int rc2_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr); - -IMPLEMENT_BLOCK_CIPHER(rc2, rc2.ks, RC2, rc2, NID_rc2, - 8, - EVP_RC2_KEY_SIZE, 8, - EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT, - rc2_init_key, NULL, - rc2_set_asn1_type_and_iv, rc2_get_asn1_type_and_iv, - rc2_ctrl) - -#define RC2_40_MAGIC 0xa0 -#define RC2_64_MAGIC 0x78 -#define RC2_128_MAGIC 0x3a - -static EVP_CIPHER r2_64_cbc_cipher= - { - NID_rc2_64_cbc, - 8,8 /* 64 bit */,8, - EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT, - rc2_init_key, - rc2_cbc_cipher, - NULL, - sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+ - sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc2)), - rc2_set_asn1_type_and_iv, - rc2_get_asn1_type_and_iv, - rc2_ctrl, - NULL - }; - -static EVP_CIPHER r2_40_cbc_cipher= - { - NID_rc2_40_cbc, - 8,5 /* 40 bit */,8, - EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | EVP_CIPH_CTRL_INIT, - rc2_init_key, - rc2_cbc_cipher, - NULL, - sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+ - sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc2)), - rc2_set_asn1_type_and_iv, - rc2_get_asn1_type_and_iv, - rc2_ctrl, - NULL - }; - -EVP_CIPHER *EVP_rc2_64_cbc(void) - { - return(&r2_64_cbc_cipher); - } - -EVP_CIPHER *EVP_rc2_40_cbc(void) - { - return(&r2_40_cbc_cipher); - } - -static int rc2_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) - { - RC2_set_key(&(ctx->c.rc2.ks),EVP_CIPHER_CTX_key_length(ctx), - key,ctx->c.rc2.key_bits); - return 1; - } - -static int rc2_meth_to_magic(EVP_CIPHER_CTX *e) - { - int i; - - EVP_CIPHER_CTX_ctrl(e, EVP_CTRL_GET_RC2_KEY_BITS, 0, &i); - if (i == 128) return(RC2_128_MAGIC); - else if (i == 64) return(RC2_64_MAGIC); - else if (i == 40) return(RC2_40_MAGIC); - else return(0); - } - -static int rc2_magic_to_meth(int i) - { - if (i == RC2_128_MAGIC) return 128; - else if (i == RC2_64_MAGIC) return 64; - else if (i == RC2_40_MAGIC) return 40; - else - { - EVPerr(EVP_F_RC2_MAGIC_TO_METH,EVP_R_UNSUPPORTED_KEY_SIZE); - return(0); - } - } - -static int rc2_get_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type) - { - long num=0; - int i=0,l; - int key_bits; - unsigned char iv[EVP_MAX_IV_LENGTH]; - - if (type != NULL) - { - l=EVP_CIPHER_CTX_iv_length(c); - i=ASN1_TYPE_get_int_octetstring(type,&num,iv,l); - if (i != l) - return(-1); - key_bits =rc2_magic_to_meth((int)num); - if (!key_bits) - return(-1); - if(i > 0) EVP_CipherInit(c, NULL, NULL, iv, -1); - EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_RC2_KEY_BITS, key_bits, NULL); - EVP_CIPHER_CTX_set_key_length(c, key_bits / 8); - } - return(i); - } - -static int rc2_set_asn1_type_and_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type) - { - long num; - int i=0,j; - - if (type != NULL) - { - num=rc2_meth_to_magic(c); - j=EVP_CIPHER_CTX_iv_length(c); - i=ASN1_TYPE_set_int_octetstring(type,num,c->oiv,j); - } - return(i); - } - -static int rc2_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) - { - switch(type) { - - case EVP_CTRL_INIT: - c->c.rc2.key_bits = EVP_CIPHER_CTX_key_length(c) * 8; - return 1; - - case EVP_CTRL_GET_RC2_KEY_BITS: - *(int *)ptr = c->c.rc2.key_bits; - return 1; - - - case EVP_CTRL_SET_RC2_KEY_BITS: - if(arg > 0) { - c->c.rc2.key_bits = arg; - return 1; - } - return 0; - - default: - return -1; - } - } - -#endif diff --git a/src/lib/libcrypto/evp/e_rc4.c b/src/lib/libcrypto/evp/e_rc4.c deleted file mode 100644 index 1c1e3b3857..0000000000 --- a/src/lib/libcrypto/evp/e_rc4.c +++ /dev/null @@ -1,125 +0,0 @@ -/* crypto/evp/e_rc4.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef NO_RC4 - -#include -#include "cryptlib.h" -#include -#include - -static int rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv,int enc); -static int rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, unsigned int inl); -static EVP_CIPHER r4_cipher= - { - NID_rc4, - 1,EVP_RC4_KEY_SIZE,0, - EVP_CIPH_VARIABLE_LENGTH, - rc4_init_key, - rc4_cipher, - NULL, - sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+ - sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc4)), - NULL, - NULL, - NULL - }; - -static EVP_CIPHER r4_40_cipher= - { - NID_rc4_40, - 1,5 /* 40 bit */,0, - EVP_CIPH_VARIABLE_LENGTH, - rc4_init_key, - rc4_cipher, - NULL, - sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+ - sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc4)), - NULL, - NULL, - NULL - }; - -EVP_CIPHER *EVP_rc4(void) - { - return(&r4_cipher); - } - -EVP_CIPHER *EVP_rc4_40(void) - { - return(&r4_40_cipher); - } - -static int rc4_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) - { - memcpy(&(ctx->c.rc4.key[0]),key,EVP_CIPHER_CTX_key_length(ctx)); - RC4_set_key(&(ctx->c.rc4.ks),EVP_CIPHER_CTX_key_length(ctx), - ctx->c.rc4.key); - return 1; - } - -static int rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, unsigned int inl) - { - RC4(&(ctx->c.rc4.ks),inl,in,out); - return 1; - } -#endif diff --git a/src/lib/libcrypto/evp/e_xcbc_d.c b/src/lib/libcrypto/evp/e_xcbc_d.c deleted file mode 100644 index e5b15acc7d..0000000000 --- a/src/lib/libcrypto/evp/e_xcbc_d.c +++ /dev/null @@ -1,111 +0,0 @@ -/* crypto/evp/e_xcbc_d.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef NO_DES -#include -#include "cryptlib.h" -#include -#include - -static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv,int enc); -static int desx_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, unsigned int inl); -static EVP_CIPHER d_xcbc_cipher= - { - NID_desx_cbc, - 8,24,8, - EVP_CIPH_CBC_MODE, - desx_cbc_init_key, - desx_cbc_cipher, - NULL, - sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+ - sizeof((((EVP_CIPHER_CTX *)NULL)->c.desx_cbc)), - EVP_CIPHER_set_asn1_iv, - EVP_CIPHER_get_asn1_iv, - NULL - }; - -EVP_CIPHER *EVP_desx_cbc(void) - { - return(&d_xcbc_cipher); - } - -static int desx_cbc_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) - { - des_cblock *deskey = (des_cblock *)key; - - des_set_key_unchecked(deskey,ctx->c.desx_cbc.ks); - memcpy(&(ctx->c.desx_cbc.inw[0]),&(key[8]),8); - memcpy(&(ctx->c.desx_cbc.outw[0]),&(key[16]),8); - - return 1; - } - -static int desx_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, unsigned int inl) - { - des_xcbc_encrypt(in,out,inl,ctx->c.desx_cbc.ks, - (des_cblock *)&(ctx->iv[0]), - &ctx->c.desx_cbc.inw, - &ctx->c.desx_cbc.outw, - ctx->encrypt); - return 1; - } -#endif diff --git a/src/lib/libcrypto/evp/encode.c b/src/lib/libcrypto/evp/encode.c deleted file mode 100644 index 6ff9c1783c..0000000000 --- a/src/lib/libcrypto/evp/encode.c +++ /dev/null @@ -1,437 +0,0 @@ -/* crypto/evp/encode.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include - -#ifndef CHARSET_EBCDIC -#define conv_bin2ascii(a) (data_bin2ascii[(a)&0x3f]) -#define conv_ascii2bin(a) (data_ascii2bin[(a)&0x7f]) -#else -/* We assume that PEM encoded files are EBCDIC files - * (i.e., printable text files). Convert them here while decoding. - * When encoding, output is EBCDIC (text) format again. - * (No need for conversion in the conv_bin2ascii macro, as the - * underlying textstring data_bin2ascii[] is already EBCDIC) - */ -#define conv_bin2ascii(a) (data_bin2ascii[(a)&0x3f]) -#define conv_ascii2bin(a) (data_ascii2bin[os_toascii[a]&0x7f]) -#endif - -/* 64 char lines - * pad input with 0 - * left over chars are set to = - * 1 byte => xx== - * 2 bytes => xxx= - * 3 bytes => xxxx - */ -#define BIN_PER_LINE (64/4*3) -#define CHUNKS_PER_LINE (64/4) -#define CHAR_PER_LINE (64+1) - -static unsigned char data_bin2ascii[65]="ABCDEFGHIJKLMNOPQRSTUVWXYZ\ -abcdefghijklmnopqrstuvwxyz0123456789+/"; - -/* 0xF0 is a EOLN - * 0xF1 is ignore but next needs to be 0xF0 (for \r\n processing). - * 0xF2 is EOF - * 0xE0 is ignore at start of line. - * 0xFF is error - */ - -#define B64_EOLN 0xF0 -#define B64_CR 0xF1 -#define B64_EOF 0xF2 -#define B64_WS 0xE0 -#define B64_ERROR 0xFF -#define B64_NOT_BASE64(a) (((a)|0x13) == 0xF3) - -static unsigned char data_ascii2bin[128]={ - 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF, - 0xFF,0xE0,0xF0,0xFF,0xFF,0xF1,0xFF,0xFF, - 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF, - 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF, - 0xE0,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF, - 0xFF,0xFF,0xFF,0x3E,0xFF,0xF2,0xFF,0x3F, - 0x34,0x35,0x36,0x37,0x38,0x39,0x3A,0x3B, - 0x3C,0x3D,0xFF,0xFF,0xFF,0x00,0xFF,0xFF, - 0xFF,0x00,0x01,0x02,0x03,0x04,0x05,0x06, - 0x07,0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E, - 0x0F,0x10,0x11,0x12,0x13,0x14,0x15,0x16, - 0x17,0x18,0x19,0xFF,0xFF,0xFF,0xFF,0xFF, - 0xFF,0x1A,0x1B,0x1C,0x1D,0x1E,0x1F,0x20, - 0x21,0x22,0x23,0x24,0x25,0x26,0x27,0x28, - 0x29,0x2A,0x2B,0x2C,0x2D,0x2E,0x2F,0x30, - 0x31,0x32,0x33,0xFF,0xFF,0xFF,0xFF,0xFF, - }; - -void EVP_EncodeInit(EVP_ENCODE_CTX *ctx) - { - ctx->length=48; - ctx->num=0; - ctx->line_num=0; - } - -void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl, - unsigned char *in, int inl) - { - int i,j; - unsigned int total=0; - - *outl=0; - if (inl == 0) return; - if ((ctx->num+inl) < ctx->length) - { - memcpy(&(ctx->enc_data[ctx->num]),in,inl); - ctx->num+=inl; - return; - } - if (ctx->num != 0) - { - i=ctx->length-ctx->num; - memcpy(&(ctx->enc_data[ctx->num]),in,i); - in+=i; - inl-=i; - j=EVP_EncodeBlock(out,ctx->enc_data,ctx->length); - ctx->num=0; - out+=j; - *(out++)='\n'; - *out='\0'; - total=j+1; - } - while (inl >= ctx->length) - { - j=EVP_EncodeBlock(out,in,ctx->length); - in+=ctx->length; - inl-=ctx->length; - out+=j; - *(out++)='\n'; - *out='\0'; - total+=j+1; - } - if (inl != 0) - memcpy(&(ctx->enc_data[0]),in,inl); - ctx->num=inl; - *outl=total; - } - -void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl) - { - unsigned int ret=0; - - if (ctx->num != 0) - { - ret=EVP_EncodeBlock(out,ctx->enc_data,ctx->num); - out[ret++]='\n'; - out[ret]='\0'; - ctx->num=0; - } - *outl=ret; - } - -int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int dlen) - { - int i,ret=0; - unsigned long l; - - for (i=dlen; i > 0; i-=3) - { - if (i >= 3) - { - l= (((unsigned long)f[0])<<16L)| - (((unsigned long)f[1])<< 8L)|f[2]; - *(t++)=conv_bin2ascii(l>>18L); - *(t++)=conv_bin2ascii(l>>12L); - *(t++)=conv_bin2ascii(l>> 6L); - *(t++)=conv_bin2ascii(l ); - } - else - { - l=((unsigned long)f[0])<<16L; - if (i == 2) l|=((unsigned long)f[1]<<8L); - - *(t++)=conv_bin2ascii(l>>18L); - *(t++)=conv_bin2ascii(l>>12L); - *(t++)=(i == 1)?'=':conv_bin2ascii(l>> 6L); - *(t++)='='; - } - ret+=4; - f+=3; - } - - *t='\0'; - return(ret); - } - -void EVP_DecodeInit(EVP_ENCODE_CTX *ctx) - { - ctx->length=30; - ctx->num=0; - ctx->line_num=0; - ctx->expect_nl=0; - } - -/* -1 for error - * 0 for last line - * 1 for full line - */ -int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl, - unsigned char *in, int inl) - { - int seof= -1,eof=0,rv= -1,ret=0,i,v,tmp,n,ln,tmp2,exp_nl; - unsigned char *d; - - n=ctx->num; - d=ctx->enc_data; - ln=ctx->line_num; - exp_nl=ctx->expect_nl; - - /* last line of input. */ - if ((inl == 0) || ((n == 0) && (conv_ascii2bin(in[0]) == B64_EOF))) - { rv=0; goto end; } - - /* We parse the input data */ - for (i=0; i 80 characters, scream alot */ - if (ln >= 80) { rv= -1; goto end; } - - /* Get char and put it into the buffer */ - tmp= *(in++); - v=conv_ascii2bin(tmp); - /* only save the good data :-) */ - if (!B64_NOT_BASE64(v)) - { - d[n++]=tmp; - ln++; - } - else if (v == B64_ERROR) - { - rv= -1; - goto end; - } - - /* have we seen a '=' which is 'definitly' the last - * input line. seof will point to the character that - * holds it. and eof will hold how many characters to - * chop off. */ - if (tmp == '=') - { - if (seof == -1) seof=n; - eof++; - } - - /* eoln */ - if (v == B64_EOLN) - { - ln=0; - if (exp_nl) - { - exp_nl=0; - continue; - } - } - exp_nl=0; - - /* If we are at the end of input and it looks like a - * line, process it. */ - if (((i+1) == inl) && (((n&3) == 0) || eof)) - { - v=B64_EOF; - /* In case things were given us in really small - records (so two '=' were given in separate - updates), eof may contain the incorrect number - of ending bytes to skip, so let's redo the count */ - eof = 0; - if (d[n-1] == '=') eof++; - if (d[n-2] == '=') eof++; - /* There will never be more than two '=' */ - } - - if ((v == B64_EOF) || (n >= 64)) - { - /* This is needed to work correctly on 64 byte input - * lines. We process the line and then need to - * accept the '\n' */ - if ((v != B64_EOF) && (n >= 64)) exp_nl=1; - tmp2=v; - if (n > 0) - { - v=EVP_DecodeBlock(out,d,n); - if (v < 0) { rv=0; goto end; } - n=0; - ret+=(v-eof); - } - else - { - eof=1; - v=0; - } - - /* This is the case where we have had a short - * but valid input line */ - if ((v < ctx->length) && eof) - { - rv=0; - goto end; - } - else - ctx->length=v; - - if (seof >= 0) { rv=0; goto end; } - out+=v; - } - } - rv=1; -end: - *outl=ret; - ctx->num=n; - ctx->line_num=ln; - ctx->expect_nl=exp_nl; - return(rv); - } - -int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n) - { - int i,ret=0,a,b,c,d; - unsigned long l; - - /* trim white space from the start of the line. */ - while ((conv_ascii2bin(*f) == B64_WS) && (n > 0)) - { - f++; - n--; - } - - /* strip off stuff at the end of the line - * ascii2bin values B64_WS, B64_EOLN, B64_EOLN and B64_EOF */ - while ((n > 3) && (B64_NOT_BASE64(conv_ascii2bin(f[n-1])))) - n--; - - if (n%4 != 0) return(-1); - - for (i=0; i>16L)&0xff; - *(t++)=(unsigned char)(l>> 8L)&0xff; - *(t++)=(unsigned char)(l )&0xff; - ret+=3; - } - return(ret); - } - -int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl) - { - int i; - - *outl=0; - if (ctx->num != 0) - { - i=EVP_DecodeBlock(out,ctx->enc_data,ctx->num); - if (i < 0) return(-1); - ctx->num=0; - *outl=i; - return(1); - } - else - return(1); - } - -#ifdef undef -int EVP_DecodeValid(unsigned char *buf, int len) - { - int i,num=0,bad=0; - - if (len == 0) return(-1); - while (conv_ascii2bin(*buf) == B64_WS) - { - buf++; - len--; - if (len == 0) return(-1); - } - - for (i=len; i >= 4; i-=4) - { - if ( (conv_ascii2bin(buf[0]) >= 0x40) || - (conv_ascii2bin(buf[1]) >= 0x40) || - (conv_ascii2bin(buf[2]) >= 0x40) || - (conv_ascii2bin(buf[3]) >= 0x40)) - return(-1); - buf+=4; - num+=1+(buf[2] != '=')+(buf[3] != '='); - } - if ((i == 1) && (conv_ascii2bin(buf[0]) == B64_EOLN)) - return(num); - if ((i == 2) && (conv_ascii2bin(buf[0]) == B64_EOLN) && - (conv_ascii2bin(buf[0]) == B64_EOLN)) - return(num); - return(1); - } -#endif diff --git a/src/lib/libcrypto/evp/evp.h b/src/lib/libcrypto/evp/evp.h deleted file mode 100644 index f5b938d2f8..0000000000 --- a/src/lib/libcrypto/evp/evp.h +++ /dev/null @@ -1,820 +0,0 @@ -/* crypto/evp/evp.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_ENVELOPE_H -#define HEADER_ENVELOPE_H - -#ifdef OPENSSL_ALGORITHM_DEFINES -# include -#else -# define OPENSSL_ALGORITHM_DEFINES -# include -# undef OPENSSL_ALGORITHM_DEFINES -#endif - -#ifndef NO_BIO -#include -#endif -#ifndef NO_MD2 -#include -#endif -#ifndef NO_MD4 -#include -#endif -#ifndef NO_MD5 -#include -#endif -#ifndef NO_SHA -#include -#endif -#ifndef NO_RIPEMD -#include -#endif -#ifndef NO_DES -#include -#endif -#ifndef NO_RC4 -#include -#endif -#ifndef NO_RC2 -#include -#endif -#ifndef NO_RC5 -#include -#endif -#ifndef NO_BF -#include -#endif -#ifndef NO_CAST -#include -#endif -#ifndef NO_IDEA -#include -#endif -#ifndef NO_MDC2 -#include -#endif - -#define EVP_RC2_KEY_SIZE 16 -#define EVP_RC4_KEY_SIZE 16 -#define EVP_BLOWFISH_KEY_SIZE 16 -#define EVP_CAST5_KEY_SIZE 16 -#define EVP_RC5_32_12_16_KEY_SIZE 16 -#define EVP_MAX_MD_SIZE (16+20) /* The SSLv3 md5+sha1 type */ -#define EVP_MAX_KEY_LENGTH 24 -#define EVP_MAX_IV_LENGTH 8 - -#define PKCS5_SALT_LEN 8 -/* Default PKCS#5 iteration count */ -#define PKCS5_DEFAULT_ITER 2048 - -#ifndef NO_RSA -#include -#endif - -#ifndef NO_DSA -#include -#endif - -#ifndef NO_DH -#include -#endif - -#include - -#define EVP_PK_RSA 0x0001 -#define EVP_PK_DSA 0x0002 -#define EVP_PK_DH 0x0004 -#define EVP_PKT_SIGN 0x0010 -#define EVP_PKT_ENC 0x0020 -#define EVP_PKT_EXCH 0x0040 -#define EVP_PKS_RSA 0x0100 -#define EVP_PKS_DSA 0x0200 -#define EVP_PKT_EXP 0x1000 /* <= 512 bit key */ - -#define EVP_PKEY_NONE NID_undef -#define EVP_PKEY_RSA NID_rsaEncryption -#define EVP_PKEY_RSA2 NID_rsa -#define EVP_PKEY_DSA NID_dsa -#define EVP_PKEY_DSA1 NID_dsa_2 -#define EVP_PKEY_DSA2 NID_dsaWithSHA -#define EVP_PKEY_DSA3 NID_dsaWithSHA1 -#define EVP_PKEY_DSA4 NID_dsaWithSHA1_2 -#define EVP_PKEY_DH NID_dhKeyAgreement - -#ifdef __cplusplus -extern "C" { -#endif - -/* Type needs to be a bit field - * Sub-type needs to be for variations on the method, as in, can it do - * arbitrary encryption.... */ -typedef struct evp_pkey_st - { - int type; - int save_type; - int references; - union { - char *ptr; -#ifndef NO_RSA - struct rsa_st *rsa; /* RSA */ -#endif -#ifndef NO_DSA - struct dsa_st *dsa; /* DSA */ -#endif -#ifndef NO_DH - struct dh_st *dh; /* DH */ -#endif - } pkey; - int save_parameters; - STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */ - } EVP_PKEY; - -#define EVP_PKEY_MO_SIGN 0x0001 -#define EVP_PKEY_MO_VERIFY 0x0002 -#define EVP_PKEY_MO_ENCRYPT 0x0004 -#define EVP_PKEY_MO_DECRYPT 0x0008 - -#if 0 -/* This structure is required to tie the message digest and signing together. - * The lookup can be done by md/pkey_method, oid, oid/pkey_method, or - * oid, md and pkey. - * This is required because for various smart-card perform the digest and - * signing/verification on-board. To handle this case, the specific - * EVP_MD and EVP_PKEY_METHODs need to be closely associated. - * When a PKEY is created, it will have a EVP_PKEY_METHOD associated with it. - * This can either be software or a token to provide the required low level - * routines. - */ -typedef struct evp_pkey_md_st - { - int oid; - EVP_MD *md; - EVP_PKEY_METHOD *pkey; - } EVP_PKEY_MD; - -#define EVP_rsa_md2() \ - EVP_PKEY_MD_add(NID_md2WithRSAEncryption,\ - EVP_rsa_pkcs1(),EVP_md2()) -#define EVP_rsa_md5() \ - EVP_PKEY_MD_add(NID_md5WithRSAEncryption,\ - EVP_rsa_pkcs1(),EVP_md5()) -#define EVP_rsa_sha0() \ - EVP_PKEY_MD_add(NID_shaWithRSAEncryption,\ - EVP_rsa_pkcs1(),EVP_sha()) -#define EVP_rsa_sha1() \ - EVP_PKEY_MD_add(NID_sha1WithRSAEncryption,\ - EVP_rsa_pkcs1(),EVP_sha1()) -#define EVP_rsa_ripemd160() \ - EVP_PKEY_MD_add(NID_ripemd160WithRSA,\ - EVP_rsa_pkcs1(),EVP_ripemd160()) -#define EVP_rsa_mdc2() \ - EVP_PKEY_MD_add(NID_mdc2WithRSA,\ - EVP_rsa_octet_string(),EVP_mdc2()) -#define EVP_dsa_sha() \ - EVP_PKEY_MD_add(NID_dsaWithSHA,\ - EVP_dsa(),EVP_mdc2()) -#define EVP_dsa_sha1() \ - EVP_PKEY_MD_add(NID_dsaWithSHA1,\ - EVP_dsa(),EVP_sha1()) - -typedef struct evp_pkey_method_st - { - char *name; - int flags; - int type; /* RSA, DSA, an SSLeay specific constant */ - int oid; /* For the pub-key type */ - int encrypt_oid; /* pub/priv key encryption */ - - int (*sign)(); - int (*verify)(); - struct { - int - int (*set)(); /* get and/or set the underlying type */ - int (*get)(); - int (*encrypt)(); - int (*decrypt)(); - int (*i2d)(); - int (*d2i)(); - int (*dup)(); - } pub,priv; - int (*set_asn1_parameters)(); - int (*get_asn1_parameters)(); - } EVP_PKEY_METHOD; -#endif - -#ifndef EVP_MD -typedef struct env_md_st - { - int type; - int pkey_type; - int md_size; - void (*init)(); - void (*update)(); - void (*final)(); - - int (*sign)(); - int (*verify)(); - int required_pkey_type[5]; /*EVP_PKEY_xxx */ - int block_size; - int ctx_size; /* how big does the ctx need to be */ - } EVP_MD; - - - -#define EVP_PKEY_NULL_method NULL,NULL,{0,0,0,0} - -#ifndef NO_DSA -#define EVP_PKEY_DSA_method DSA_sign,DSA_verify, \ - {EVP_PKEY_DSA,EVP_PKEY_DSA2,EVP_PKEY_DSA3, \ - EVP_PKEY_DSA4,0} -#else -#define EVP_PKEY_DSA_method EVP_PKEY_NULL_method -#endif - -#ifndef NO_RSA -#define EVP_PKEY_RSA_method RSA_sign,RSA_verify, \ - {EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0} -#define EVP_PKEY_RSA_ASN1_OCTET_STRING_method \ - RSA_sign_ASN1_OCTET_STRING, \ - RSA_verify_ASN1_OCTET_STRING, \ - {EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0} -#else -#define EVP_PKEY_RSA_method EVP_PKEY_NULL_method -#define EVP_PKEY_RSA_ASN1_OCTET_STRING_method EVP_PKEY_NULL_method -#endif - -#endif /* !EVP_MD */ - -typedef struct env_md_ctx_st - { - const EVP_MD *digest; - union { - unsigned char base[4]; -#ifndef NO_MD2 - MD2_CTX md2; -#endif -#ifndef NO_MD5 - MD5_CTX md5; -#endif -#ifndef NO_MD4 - MD4_CTX md4; -#endif -#ifndef NO_RIPEMD - RIPEMD160_CTX ripemd160; -#endif -#ifndef NO_SHA - SHA_CTX sha; -#endif -#ifndef NO_MDC2 - MDC2_CTX mdc2; -#endif - } md; - } EVP_MD_CTX; - -typedef struct evp_cipher_st EVP_CIPHER; -typedef struct evp_cipher_ctx_st EVP_CIPHER_CTX; - -struct evp_cipher_st - { - int nid; - int block_size; - int key_len; /* Default value for variable length ciphers */ - int iv_len; - unsigned long flags; /* Various flags */ - int (*init)(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc); /* init key */ - int (*do_cipher)(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, unsigned int inl);/* encrypt/decrypt data */ - int (*cleanup)(EVP_CIPHER_CTX *); /* cleanup ctx */ - int ctx_size; /* how big the ctx needs to be */ - int (*set_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Populate a ASN1_TYPE with parameters */ - int (*get_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *); /* Get parameters from a ASN1_TYPE */ - int (*ctrl)(EVP_CIPHER_CTX *, int type, int arg, void *ptr); /* Miscellaneous operations */ - void *app_data; /* Application data */ - }; - -/* Values for cipher flags */ - -/* Modes for ciphers */ - -#define EVP_CIPH_STREAM_CIPHER 0x0 -#define EVP_CIPH_ECB_MODE 0x1 -#define EVP_CIPH_CBC_MODE 0x2 -#define EVP_CIPH_CFB_MODE 0x3 -#define EVP_CIPH_OFB_MODE 0x4 -#define EVP_CIPH_MODE 0x7 -/* Set if variable length cipher */ -#define EVP_CIPH_VARIABLE_LENGTH 0x8 -/* Set if the iv handling should be done by the cipher itself */ -#define EVP_CIPH_CUSTOM_IV 0x10 -/* Set if the cipher's init() function should be called if key is NULL */ -#define EVP_CIPH_ALWAYS_CALL_INIT 0x20 -/* Call ctrl() to init cipher parameters */ -#define EVP_CIPH_CTRL_INIT 0x40 -/* Don't use standard key length function */ -#define EVP_CIPH_CUSTOM_KEY_LENGTH 0x80 - -/* ctrl() values */ - -#define EVP_CTRL_INIT 0x0 -#define EVP_CTRL_SET_KEY_LENGTH 0x1 -#define EVP_CTRL_GET_RC2_KEY_BITS 0x2 -#define EVP_CTRL_SET_RC2_KEY_BITS 0x3 -#define EVP_CTRL_GET_RC5_ROUNDS 0x4 -#define EVP_CTRL_SET_RC5_ROUNDS 0x5 - -typedef struct evp_cipher_info_st - { - const EVP_CIPHER *cipher; - unsigned char iv[EVP_MAX_IV_LENGTH]; - } EVP_CIPHER_INFO; - -struct evp_cipher_ctx_st - { - const EVP_CIPHER *cipher; - int encrypt; /* encrypt or decrypt */ - int buf_len; /* number we have left */ - - unsigned char oiv[EVP_MAX_IV_LENGTH]; /* original iv */ - unsigned char iv[EVP_MAX_IV_LENGTH]; /* working iv */ - unsigned char buf[EVP_MAX_IV_LENGTH]; /* saved partial block */ - int num; /* used by cfb/ofb mode */ - - void *app_data; /* application stuff */ - int key_len; /* May change for variable length cipher */ - union { -#ifndef NO_RC4 - struct - { - unsigned char key[EVP_RC4_KEY_SIZE]; - RC4_KEY ks; /* working key */ - } rc4; -#endif -#ifndef NO_DES - des_key_schedule des_ks;/* key schedule */ - struct - { - des_key_schedule ks;/* key schedule */ - des_cblock inw; - des_cblock outw; - } desx_cbc; - struct - { - des_key_schedule ks1;/* key schedule */ - des_key_schedule ks2;/* key schedule (for ede) */ - des_key_schedule ks3;/* key schedule (for ede3) */ - } des_ede; -#endif -#ifndef NO_IDEA - IDEA_KEY_SCHEDULE idea_ks;/* key schedule */ -#endif -#ifndef NO_RC2 - struct { - int key_bits; /* effective key bits */ - RC2_KEY ks;/* key schedule */ - } rc2; -#endif -#ifndef NO_RC5 - struct { - int rounds; /* number of rounds */ - RC5_32_KEY ks;/* key schedule */ - } rc5; -#endif -#ifndef NO_BF - BF_KEY bf_ks;/* key schedule */ -#endif -#ifndef NO_CAST - CAST_KEY cast_ks;/* key schedule */ -#endif - } c; - }; - -typedef struct evp_Encode_Ctx_st - { - int num; /* number saved in a partial encode/decode */ - int length; /* The length is either the output line length - * (in input bytes) or the shortest input line - * length that is ok. Once decoding begins, - * the length is adjusted up each time a longer - * line is decoded */ - unsigned char enc_data[80]; /* data to encode */ - int line_num; /* number read on current line */ - int expect_nl; - } EVP_ENCODE_CTX; - -/* Password based encryption function */ -typedef int (EVP_PBE_KEYGEN)(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, - ASN1_TYPE *param, EVP_CIPHER *cipher, - EVP_MD *md, int en_de); - -#define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\ - (char *)(rsa)) -#define EVP_PKEY_assign_DSA(pkey,dsa) EVP_PKEY_assign((pkey),EVP_PKEY_DSA,\ - (char *)(dsa)) -#define EVP_PKEY_assign_DH(pkey,dh) EVP_PKEY_assign((pkey),EVP_PKEY_DH,\ - (char *)(dh)) - -/* Add some extra combinations */ -#define EVP_get_digestbynid(a) EVP_get_digestbyname(OBJ_nid2sn(a)) -#define EVP_get_digestbyobj(a) EVP_get_digestbynid(OBJ_obj2nid(a)) -#define EVP_get_cipherbynid(a) EVP_get_cipherbyname(OBJ_nid2sn(a)) -#define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a)) - -#define EVP_MD_type(e) ((e)->type) -#define EVP_MD_pkey_type(e) ((e)->pkey_type) -#define EVP_MD_size(e) ((e)->md_size) -#define EVP_MD_block_size(e) ((e)->block_size) - -#define EVP_MD_CTX_md(e) ((e)->digest) -#define EVP_MD_CTX_size(e) EVP_MD_size((e)->digest) -#define EVP_MD_CTX_block_size(e) EVP_MD_block_size((e)->digest) -#define EVP_MD_CTX_type(e) EVP_MD_type((e)->digest) - -#define EVP_CIPHER_nid(e) ((e)->nid) -#define EVP_CIPHER_block_size(e) ((e)->block_size) -#define EVP_CIPHER_key_length(e) ((e)->key_len) -#define EVP_CIPHER_iv_length(e) ((e)->iv_len) -#define EVP_CIPHER_flags(e) ((e)->flags) -#define EVP_CIPHER_mode(e) ((e)->flags) & EVP_CIPH_MODE) - -#define EVP_CIPHER_CTX_cipher(e) ((e)->cipher) -#define EVP_CIPHER_CTX_nid(e) ((e)->cipher->nid) -#define EVP_CIPHER_CTX_block_size(e) ((e)->cipher->block_size) -#define EVP_CIPHER_CTX_key_length(e) ((e)->key_len) -#define EVP_CIPHER_CTX_iv_length(e) ((e)->cipher->iv_len) -#define EVP_CIPHER_CTX_get_app_data(e) ((e)->app_data) -#define EVP_CIPHER_CTX_set_app_data(e,d) ((e)->app_data=(char *)(d)) -#define EVP_CIPHER_CTX_type(c) EVP_CIPHER_type(EVP_CIPHER_CTX_cipher(c)) -#define EVP_CIPHER_CTX_flags(e) ((e)->cipher->flags) -#define EVP_CIPHER_CTX_mode(e) ((e)->cipher->flags & EVP_CIPH_MODE) - -#define EVP_ENCODE_LENGTH(l) (((l+2)/3*4)+(l/48+1)*2+80) -#define EVP_DECODE_LENGTH(l) ((l+3)/4*3+80) - -#define EVP_SignInit(a,b) EVP_DigestInit(a,b) -#define EVP_SignUpdate(a,b,c) EVP_DigestUpdate(a,b,c) -#define EVP_VerifyInit(a,b) EVP_DigestInit(a,b) -#define EVP_VerifyUpdate(a,b,c) EVP_DigestUpdate(a,b,c) -#define EVP_OpenUpdate(a,b,c,d,e) EVP_DecryptUpdate(a,b,c,d,e) -#define EVP_SealUpdate(a,b,c,d,e) EVP_EncryptUpdate(a,b,c,d,e) - -#ifdef CONST_STRICT -void BIO_set_md(BIO *,const EVP_MD *md); -#else -# define BIO_set_md(b,md) BIO_ctrl(b,BIO_C_SET_MD,0,(char *)md) -#endif -#define BIO_get_md(b,mdp) BIO_ctrl(b,BIO_C_GET_MD,0,(char *)mdp) -#define BIO_get_md_ctx(b,mdcp) BIO_ctrl(b,BIO_C_GET_MD_CTX,0,(char *)mdcp) -#define BIO_get_cipher_status(b) BIO_ctrl(b,BIO_C_GET_CIPHER_STATUS,0,NULL) -#define BIO_get_cipher_ctx(b,c_pp) BIO_ctrl(b,BIO_C_GET_CIPHER_CTX,0,(char *)c_pp) - -#define EVP_Cipher(c,o,i,l) (c)->cipher->do_cipher((c),(o),(i),(l)) - -#define EVP_add_cipher_alias(n,alias) \ - OBJ_NAME_add((alias),OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS,(n)) -#define EVP_add_digest_alias(n,alias) \ - OBJ_NAME_add((alias),OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS,(n)) -#define EVP_delete_cipher_alias(alias) \ - OBJ_NAME_remove(alias,OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS); -#define EVP_delete_digest_alias(alias) \ - OBJ_NAME_remove(alias,OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS); - - -int EVP_MD_CTX_copy(EVP_MD_CTX *out,EVP_MD_CTX *in); -void EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type); -void EVP_DigestUpdate(EVP_MD_CTX *ctx,const void *d, - unsigned int cnt); -void EVP_DigestFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s); - -int EVP_read_pw_string(char *buf,int length,const char *prompt,int verify); -void EVP_set_pw_prompt(char *prompt); -char * EVP_get_pw_prompt(void); - -int EVP_BytesToKey(const EVP_CIPHER *type,EVP_MD *md,unsigned char *salt, - unsigned char *data, int datal, int count, - unsigned char *key,unsigned char *iv); - -int EVP_EncryptInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *type, - unsigned char *key, unsigned char *iv); -int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, - int *outl, unsigned char *in, int inl); -int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl); - -int EVP_DecryptInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *type, - unsigned char *key, unsigned char *iv); -int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, - int *outl, unsigned char *in, int inl); -int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl); - -int EVP_CipherInit(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *type, - unsigned char *key,unsigned char *iv,int enc); -int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, - int *outl, unsigned char *in, int inl); -int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl); - -int EVP_SignFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s, - EVP_PKEY *pkey); - -int EVP_VerifyFinal(EVP_MD_CTX *ctx,unsigned char *sigbuf, - unsigned int siglen,EVP_PKEY *pkey); - -int EVP_OpenInit(EVP_CIPHER_CTX *ctx,EVP_CIPHER *type,unsigned char *ek, - int ekl,unsigned char *iv,EVP_PKEY *priv); -int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl); - -int EVP_SealInit(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, unsigned char **ek, - int *ekl, unsigned char *iv,EVP_PKEY **pubk, int npubk); -void EVP_SealFinal(EVP_CIPHER_CTX *ctx,unsigned char *out,int *outl); - -void EVP_EncodeInit(EVP_ENCODE_CTX *ctx); -void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx,unsigned char *out, - int *outl,unsigned char *in,int inl); -void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl); -int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int n); - -void EVP_DecodeInit(EVP_ENCODE_CTX *ctx); -int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl, - unsigned char *in, int inl); -int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned - char *out, int *outl); -int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n); - -void ERR_load_EVP_strings(void ); - -void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a); -int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a); -int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen); -int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr); - -#ifndef NO_BIO -BIO_METHOD *BIO_f_md(void); -BIO_METHOD *BIO_f_base64(void); -BIO_METHOD *BIO_f_cipher(void); -BIO_METHOD *BIO_f_reliable(void); -void BIO_set_cipher(BIO *b,const EVP_CIPHER *c,unsigned char *k, - unsigned char *i, int enc); -#endif - -EVP_MD *EVP_md_null(void); -EVP_MD *EVP_md2(void); -EVP_MD *EVP_md4(void); -EVP_MD *EVP_md5(void); -EVP_MD *EVP_sha(void); -EVP_MD *EVP_sha1(void); -EVP_MD *EVP_dss(void); -EVP_MD *EVP_dss1(void); -EVP_MD *EVP_mdc2(void); -EVP_MD *EVP_ripemd160(void); - -EVP_CIPHER *EVP_enc_null(void); /* does nothing :-) */ -EVP_CIPHER *EVP_des_ecb(void); -EVP_CIPHER *EVP_des_ede(void); -EVP_CIPHER *EVP_des_ede3(void); -EVP_CIPHER *EVP_des_cfb(void); -EVP_CIPHER *EVP_des_ede_cfb(void); -EVP_CIPHER *EVP_des_ede3_cfb(void); -EVP_CIPHER *EVP_des_ofb(void); -EVP_CIPHER *EVP_des_ede_ofb(void); -EVP_CIPHER *EVP_des_ede3_ofb(void); -EVP_CIPHER *EVP_des_cbc(void); -EVP_CIPHER *EVP_des_ede_cbc(void); -EVP_CIPHER *EVP_des_ede3_cbc(void); -EVP_CIPHER *EVP_desx_cbc(void); -EVP_CIPHER *EVP_rc4(void); -EVP_CIPHER *EVP_rc4_40(void); -EVP_CIPHER *EVP_idea_ecb(void); -EVP_CIPHER *EVP_idea_cfb(void); -EVP_CIPHER *EVP_idea_ofb(void); -EVP_CIPHER *EVP_idea_cbc(void); -EVP_CIPHER *EVP_rc2_ecb(void); -EVP_CIPHER *EVP_rc2_cbc(void); -EVP_CIPHER *EVP_rc2_40_cbc(void); -EVP_CIPHER *EVP_rc2_64_cbc(void); -EVP_CIPHER *EVP_rc2_cfb(void); -EVP_CIPHER *EVP_rc2_ofb(void); -EVP_CIPHER *EVP_bf_ecb(void); -EVP_CIPHER *EVP_bf_cbc(void); -EVP_CIPHER *EVP_bf_cfb(void); -EVP_CIPHER *EVP_bf_ofb(void); -EVP_CIPHER *EVP_cast5_ecb(void); -EVP_CIPHER *EVP_cast5_cbc(void); -EVP_CIPHER *EVP_cast5_cfb(void); -EVP_CIPHER *EVP_cast5_ofb(void); -EVP_CIPHER *EVP_rc5_32_12_16_cbc(void); -EVP_CIPHER *EVP_rc5_32_12_16_ecb(void); -EVP_CIPHER *EVP_rc5_32_12_16_cfb(void); -EVP_CIPHER *EVP_rc5_32_12_16_ofb(void); - -void OpenSSL_add_all_algorithms(void); -void OpenSSL_add_all_ciphers(void); -void OpenSSL_add_all_digests(void); -#define SSLeay_add_all_algorithms() OpenSSL_add_all_algorithms() -#define SSLeay_add_all_ciphers() OpenSSL_add_all_ciphers() -#define SSLeay_add_all_digests() OpenSSL_add_all_digests() - -int EVP_add_cipher(EVP_CIPHER *cipher); -int EVP_add_digest(EVP_MD *digest); - -const EVP_CIPHER *EVP_get_cipherbyname(const char *name); -const EVP_MD *EVP_get_digestbyname(const char *name); -void EVP_cleanup(void); - -int EVP_PKEY_decrypt(unsigned char *dec_key,unsigned char *enc_key, - int enc_key_len,EVP_PKEY *private_key); -int EVP_PKEY_encrypt(unsigned char *enc_key, - unsigned char *key,int key_len,EVP_PKEY *pub_key); -int EVP_PKEY_type(int type); -int EVP_PKEY_bits(EVP_PKEY *pkey); -int EVP_PKEY_size(EVP_PKEY *pkey); -int EVP_PKEY_assign(EVP_PKEY *pkey,int type,char *key); -#ifndef NO_RSA -int EVP_PKEY_set1_RSA(EVP_PKEY *pkey,RSA *key); -RSA * EVP_PKEY_get1_RSA(EVP_PKEY *pkey); -#endif -#ifndef NO_DSA -int EVP_PKEY_set1_DSA(EVP_PKEY *pkey,DSA *key); -DSA * EVP_PKEY_get1_DSA(EVP_PKEY *pkey); -#endif -#ifndef NO_DH -int EVP_PKEY_set1_DH(EVP_PKEY *pkey,DH *key); -DH * EVP_PKEY_get1_DH(EVP_PKEY *pkey); -#endif -EVP_PKEY * EVP_PKEY_new(void); -void EVP_PKEY_free(EVP_PKEY *pkey); -EVP_PKEY * d2i_PublicKey(int type,EVP_PKEY **a, unsigned char **pp, - long length); -int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp); - -EVP_PKEY * d2i_PrivateKey(int type,EVP_PKEY **a, unsigned char **pp, - long length); -EVP_PKEY * d2i_AutoPrivateKey(EVP_PKEY **a, unsigned char **pp, - long length); -int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp); - -int EVP_PKEY_copy_parameters(EVP_PKEY *to,EVP_PKEY *from); -int EVP_PKEY_missing_parameters(EVP_PKEY *pkey); -int EVP_PKEY_save_parameters(EVP_PKEY *pkey,int mode); -int EVP_PKEY_cmp_parameters(EVP_PKEY *a,EVP_PKEY *b); - -int EVP_CIPHER_type(const EVP_CIPHER *ctx); - -/* calls methods */ -int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type); -int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type); - -/* These are used by EVP_CIPHER methods */ -int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c,ASN1_TYPE *type); -int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c,ASN1_TYPE *type); - -/* PKCS5 password based encryption */ -int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, - ASN1_TYPE *param, EVP_CIPHER *cipher, EVP_MD *md, - int en_de); -int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen, - unsigned char *salt, int saltlen, int iter, - int keylen, unsigned char *out); -int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, - ASN1_TYPE *param, EVP_CIPHER *cipher, EVP_MD *md, - int en_de); - -void PKCS5_PBE_add(void); - -int EVP_PBE_CipherInit (ASN1_OBJECT *pbe_obj, const char *pass, int passlen, - ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de); -int EVP_PBE_alg_add(int nid, EVP_CIPHER *cipher, EVP_MD *md, - EVP_PBE_KEYGEN *keygen); -void EVP_PBE_cleanup(void); - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ - -/* Error codes for the EVP functions. */ - -/* Function codes. */ -#define EVP_F_D2I_PKEY 100 -#define EVP_F_EVP_CIPHERINIT 123 -#define EVP_F_EVP_CIPHER_CTX_CTRL 124 -#define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH 122 -#define EVP_F_EVP_DECRYPTFINAL 101 -#define EVP_F_EVP_MD_CTX_COPY 110 -#define EVP_F_EVP_OPENINIT 102 -#define EVP_F_EVP_PBE_ALG_ADD 115 -#define EVP_F_EVP_PBE_CIPHERINIT 116 -#define EVP_F_EVP_PKCS82PKEY 111 -#define EVP_F_EVP_PKCS8_SET_BROKEN 112 -#define EVP_F_EVP_PKEY2PKCS8 113 -#define EVP_F_EVP_PKEY_COPY_PARAMETERS 103 -#define EVP_F_EVP_PKEY_DECRYPT 104 -#define EVP_F_EVP_PKEY_ENCRYPT 105 -#define EVP_F_EVP_PKEY_GET1_DH 119 -#define EVP_F_EVP_PKEY_GET1_DSA 120 -#define EVP_F_EVP_PKEY_GET1_RSA 121 -#define EVP_F_EVP_PKEY_NEW 106 -#define EVP_F_EVP_SIGNFINAL 107 -#define EVP_F_EVP_VERIFYFINAL 108 -#define EVP_F_PKCS5_PBE_KEYIVGEN 117 -#define EVP_F_PKCS5_V2_PBE_KEYIVGEN 118 -#define EVP_F_RC2_MAGIC_TO_METH 109 -#define EVP_F_RC5_CTRL 125 - -/* Reason codes. */ -#define EVP_R_BAD_DECRYPT 100 -#define EVP_R_BN_DECODE_ERROR 112 -#define EVP_R_BN_PUBKEY_ERROR 113 -#define EVP_R_CIPHER_PARAMETER_ERROR 122 -#define EVP_R_CTRL_NOT_IMPLEMENTED 132 -#define EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED 133 -#define EVP_R_DECODE_ERROR 114 -#define EVP_R_DIFFERENT_KEY_TYPES 101 -#define EVP_R_ENCODE_ERROR 115 -#define EVP_R_EVP_PBE_CIPHERINIT_ERROR 119 -#define EVP_R_EXPECTING_AN_RSA_KEY 127 -#define EVP_R_EXPECTING_A_DH_KEY 128 -#define EVP_R_EXPECTING_A_DSA_KEY 129 -#define EVP_R_INITIALIZATION_ERROR 134 -#define EVP_R_INPUT_NOT_INITIALIZED 111 -#define EVP_R_INVALID_KEY_LENGTH 130 -#define EVP_R_IV_TOO_LARGE 102 -#define EVP_R_KEYGEN_FAILURE 120 -#define EVP_R_MISSING_PARAMETERS 103 -#define EVP_R_NO_CIPHER_SET 131 -#define EVP_R_NO_DSA_PARAMETERS 116 -#define EVP_R_NO_SIGN_FUNCTION_CONFIGURED 104 -#define EVP_R_NO_VERIFY_FUNCTION_CONFIGURED 105 -#define EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE 117 -#define EVP_R_PUBLIC_KEY_NOT_RSA 106 -#define EVP_R_UNKNOWN_PBE_ALGORITHM 121 -#define EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS 135 -#define EVP_R_UNSUPPORTED_CIPHER 107 -#define EVP_R_UNSUPPORTED_KEYLENGTH 123 -#define EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION 124 -#define EVP_R_UNSUPPORTED_KEY_SIZE 108 -#define EVP_R_UNSUPPORTED_PRF 125 -#define EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM 118 -#define EVP_R_UNSUPPORTED_SALT_TYPE 126 -#define EVP_R_WRONG_FINAL_BLOCK_LENGTH 109 -#define EVP_R_WRONG_PUBLIC_KEY_TYPE 110 - -#ifdef __cplusplus -} -#endif -#endif - diff --git a/src/lib/libcrypto/evp/evp_enc.c b/src/lib/libcrypto/evp/evp_enc.c deleted file mode 100644 index e2687f9879..0000000000 --- a/src/lib/libcrypto/evp/evp_enc.c +++ /dev/null @@ -1,341 +0,0 @@ -/* crypto/evp/evp_enc.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include -#include "evp_locl.h" - -const char *EVP_version="EVP" OPENSSL_VERSION_PTEXT; - -void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx) - { - memset(ctx,0,sizeof(EVP_CIPHER_CTX)); - /* ctx->cipher=NULL; */ - } - -int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, - unsigned char *key, unsigned char *iv, int enc) - { - if(enc && (enc != -1)) enc = 1; - if (cipher) { - ctx->cipher=cipher; - ctx->key_len = cipher->key_len; - if(ctx->cipher->flags & EVP_CIPH_CTRL_INIT) { - if(!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_INIT, 0, NULL)) { - EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_INITIALIZATION_ERROR); - return 0; - } - } - } else if(!ctx->cipher) { - EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_NO_CIPHER_SET); - return 0; - } - if(!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_CUSTOM_IV)) { - switch(EVP_CIPHER_CTX_mode(ctx)) { - - case EVP_CIPH_STREAM_CIPHER: - case EVP_CIPH_ECB_MODE: - break; - - case EVP_CIPH_CFB_MODE: - case EVP_CIPH_OFB_MODE: - - ctx->num = 0; - - case EVP_CIPH_CBC_MODE: - - if(iv) memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx)); - memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx)); - break; - - default: - return 0; - break; - } - } - - if(key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT)) { - if(!ctx->cipher->init(ctx,key,iv,enc)) return 0; - } - if(enc != -1) ctx->encrypt=enc; - ctx->buf_len=0; - return 1; - } - -int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, - unsigned char *in, int inl) - { - if (ctx->encrypt) - return EVP_EncryptUpdate(ctx,out,outl,in,inl); - else return EVP_DecryptUpdate(ctx,out,outl,in,inl); - } - -int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) - { - if (ctx->encrypt) - return EVP_EncryptFinal(ctx,out,outl); - else return(EVP_DecryptFinal(ctx,out,outl)); - } - -int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, - unsigned char *key, unsigned char *iv) - { - return EVP_CipherInit(ctx, cipher, key, iv, 1); - } - -int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, - unsigned char *key, unsigned char *iv) - { - return EVP_CipherInit(ctx, cipher, key, iv, 0); - } - - -int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, - unsigned char *in, int inl) - { - int i,j,bl; - - i=ctx->buf_len; - bl=ctx->cipher->block_size; - *outl=0; - if ((inl == 0) && (i != bl)) return 1; - if (i != 0) - { - if (i+inl < bl) - { - memcpy(&(ctx->buf[i]),in,inl); - ctx->buf_len+=inl; - return 1; - } - else - { - j=bl-i; - if (j != 0) memcpy(&(ctx->buf[i]),in,j); - if(!ctx->cipher->do_cipher(ctx,out,ctx->buf,bl)) return 0; - inl-=j; - in+=j; - out+=bl; - *outl+=bl; - } - } - i=inl%bl; /* how much is left */ - inl-=i; - if (inl > 0) - { - if(!ctx->cipher->do_cipher(ctx,out,in,inl)) return 0; - *outl+=inl; - } - - if (i != 0) - memcpy(ctx->buf,&(in[inl]),i); - ctx->buf_len=i; - return 1; - } - -int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) - { - int i,n,b,bl; - - b=ctx->cipher->block_size; - if (b == 1) - { - *outl=0; - return 1; - } - bl=ctx->buf_len; - n=b-bl; - for (i=bl; ibuf[i]=n; - if(!ctx->cipher->do_cipher(ctx,out,ctx->buf,b)) return 0; - *outl=b; - return 1; - } - -int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, - unsigned char *in, int inl) - { - int b,bl,n; - int keep_last=0; - - *outl=0; - if (inl == 0) return 1; - - b=ctx->cipher->block_size; - if (b > 1) - { - /* Is the input a multiple of the block size? */ - bl=ctx->buf_len; - n=inl+bl; - if (n%b == 0) - { - if (inl < b) /* must be 'just one' buff */ - { - memcpy(&(ctx->buf[bl]),in,inl); - ctx->buf_len=b; - *outl=0; - return 1; - } - keep_last=1; - inl-=b; /* don't do the last block */ - } - } - if(!EVP_EncryptUpdate(ctx,out,outl,in,inl)) return 0; - - /* if we have 'decrypted' a multiple of block size, make sure - * we have a copy of this last block */ - if (keep_last) - { - memcpy(&(ctx->buf[0]),&(in[inl]),b); -#ifdef DEBUG - if (ctx->buf_len != 0) - { - abort(); - } -#endif - ctx->buf_len=b; - } - return 1; - } - -int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) - { - int i,b; - int n; - - *outl=0; - b=ctx->cipher->block_size; - if (b > 1) - { - if (ctx->buf_len != b) - { - EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_WRONG_FINAL_BLOCK_LENGTH); - return(0); - } - if(!EVP_EncryptUpdate(ctx,ctx->buf,&n,ctx->buf,0)) return 0; - if (n != b) - return(0); - n=ctx->buf[b-1]; - if (n > b) - { - EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_BAD_DECRYPT); - return(0); - } - for (i=0; ibuf[--b] != n) - { - EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_BAD_DECRYPT); - return(0); - } - } - n=ctx->cipher->block_size-n; - for (i=0; ibuf[i]; - *outl=n; - } - else - *outl=0; - return(1); - } - -int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c) - { - if ((c->cipher != NULL) && (c->cipher->cleanup != NULL)) - { - if(!c->cipher->cleanup(c)) return 0; - } - memset(c,0,sizeof(EVP_CIPHER_CTX)); - return 1; - } - -int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int keylen) - { - if(c->cipher->flags & EVP_CIPH_CUSTOM_KEY_LENGTH) - return EVP_CIPHER_CTX_ctrl(c, EVP_CTRL_SET_KEY_LENGTH, keylen, NULL); - if(c->key_len == keylen) return 1; - if((keylen > 0) && (c->cipher->flags & EVP_CIPH_VARIABLE_LENGTH)) - { - c->key_len = keylen; - return 1; - } - EVPerr(EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH,EVP_R_INVALID_KEY_LENGTH); - return 0; - } - -int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) -{ - int ret; - if(!ctx->cipher) { - EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_NO_CIPHER_SET); - return 0; - } - - if(!ctx->cipher->ctrl) { - EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_CTRL_NOT_IMPLEMENTED); - return 0; - } - - ret = ctx->cipher->ctrl(ctx, type, arg, ptr); - if(ret == -1) { - EVPerr(EVP_F_EVP_CIPHER_CTX_CTRL, EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED); - return 0; - } - return ret; -} diff --git a/src/lib/libcrypto/evp/evp_err.c b/src/lib/libcrypto/evp/evp_err.c deleted file mode 100644 index a01412a07c..0000000000 --- a/src/lib/libcrypto/evp/evp_err.c +++ /dev/null @@ -1,153 +0,0 @@ -/* crypto/evp/evp_err.c */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* NOTE: this file was auto generated by the mkerr.pl script: any changes - * made to it will be overwritten when the script next updates this file, - * only reason strings will be preserved. - */ - -#include -#include -#include - -/* BEGIN ERROR CODES */ -#ifndef NO_ERR -static ERR_STRING_DATA EVP_str_functs[]= - { -{ERR_PACK(0,EVP_F_D2I_PKEY,0), "D2I_PKEY"}, -{ERR_PACK(0,EVP_F_EVP_CIPHERINIT,0), "EVP_CipherInit"}, -{ERR_PACK(0,EVP_F_EVP_CIPHER_CTX_CTRL,0), "EVP_CIPHER_CTX_ctrl"}, -{ERR_PACK(0,EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH,0), "EVP_CIPHER_CTX_set_key_length"}, -{ERR_PACK(0,EVP_F_EVP_DECRYPTFINAL,0), "EVP_DecryptFinal"}, -{ERR_PACK(0,EVP_F_EVP_MD_CTX_COPY,0), "EVP_MD_CTX_copy"}, -{ERR_PACK(0,EVP_F_EVP_OPENINIT,0), "EVP_OpenInit"}, -{ERR_PACK(0,EVP_F_EVP_PBE_ALG_ADD,0), "EVP_PBE_alg_add"}, -{ERR_PACK(0,EVP_F_EVP_PBE_CIPHERINIT,0), "EVP_PBE_CipherInit"}, -{ERR_PACK(0,EVP_F_EVP_PKCS82PKEY,0), "EVP_PKCS82PKEY"}, -{ERR_PACK(0,EVP_F_EVP_PKCS8_SET_BROKEN,0), "EVP_PKCS8_SET_BROKEN"}, -{ERR_PACK(0,EVP_F_EVP_PKEY2PKCS8,0), "EVP_PKEY2PKCS8"}, -{ERR_PACK(0,EVP_F_EVP_PKEY_COPY_PARAMETERS,0), "EVP_PKEY_copy_parameters"}, -{ERR_PACK(0,EVP_F_EVP_PKEY_DECRYPT,0), "EVP_PKEY_decrypt"}, -{ERR_PACK(0,EVP_F_EVP_PKEY_ENCRYPT,0), "EVP_PKEY_encrypt"}, -{ERR_PACK(0,EVP_F_EVP_PKEY_GET1_DH,0), "EVP_PKEY_get1_DH"}, -{ERR_PACK(0,EVP_F_EVP_PKEY_GET1_DSA,0), "EVP_PKEY_get1_DSA"}, -{ERR_PACK(0,EVP_F_EVP_PKEY_GET1_RSA,0), "EVP_PKEY_get1_RSA"}, -{ERR_PACK(0,EVP_F_EVP_PKEY_NEW,0), "EVP_PKEY_new"}, -{ERR_PACK(0,EVP_F_EVP_SIGNFINAL,0), "EVP_SignFinal"}, -{ERR_PACK(0,EVP_F_EVP_VERIFYFINAL,0), "EVP_VerifyFinal"}, -{ERR_PACK(0,EVP_F_PKCS5_PBE_KEYIVGEN,0), "PKCS5_PBE_keyivgen"}, -{ERR_PACK(0,EVP_F_PKCS5_V2_PBE_KEYIVGEN,0), "PKCS5_v2_PBE_keyivgen"}, -{ERR_PACK(0,EVP_F_RC2_MAGIC_TO_METH,0), "RC2_MAGIC_TO_METH"}, -{ERR_PACK(0,EVP_F_RC5_CTRL,0), "RC5_CTRL"}, -{0,NULL} - }; - -static ERR_STRING_DATA EVP_str_reasons[]= - { -{EVP_R_BAD_DECRYPT ,"bad decrypt"}, -{EVP_R_BN_DECODE_ERROR ,"bn decode error"}, -{EVP_R_BN_PUBKEY_ERROR ,"bn pubkey error"}, -{EVP_R_CIPHER_PARAMETER_ERROR ,"cipher parameter error"}, -{EVP_R_CTRL_NOT_IMPLEMENTED ,"ctrl not implemented"}, -{EVP_R_CTRL_OPERATION_NOT_IMPLEMENTED ,"ctrl operation not implemented"}, -{EVP_R_DECODE_ERROR ,"decode error"}, -{EVP_R_DIFFERENT_KEY_TYPES ,"different key types"}, -{EVP_R_ENCODE_ERROR ,"encode error"}, -{EVP_R_EVP_PBE_CIPHERINIT_ERROR ,"evp pbe cipherinit error"}, -{EVP_R_EXPECTING_AN_RSA_KEY ,"expecting an rsa key"}, -{EVP_R_EXPECTING_A_DH_KEY ,"expecting a dh key"}, -{EVP_R_EXPECTING_A_DSA_KEY ,"expecting a dsa key"}, -{EVP_R_INITIALIZATION_ERROR ,"initialization error"}, -{EVP_R_INPUT_NOT_INITIALIZED ,"input not initialized"}, -{EVP_R_INVALID_KEY_LENGTH ,"invalid key length"}, -{EVP_R_IV_TOO_LARGE ,"iv too large"}, -{EVP_R_KEYGEN_FAILURE ,"keygen failure"}, -{EVP_R_MISSING_PARAMETERS ,"missing parameters"}, -{EVP_R_NO_CIPHER_SET ,"no cipher set"}, -{EVP_R_NO_DSA_PARAMETERS ,"no dsa parameters"}, -{EVP_R_NO_SIGN_FUNCTION_CONFIGURED ,"no sign function configured"}, -{EVP_R_NO_VERIFY_FUNCTION_CONFIGURED ,"no verify function configured"}, -{EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE ,"pkcs8 unknown broken type"}, -{EVP_R_PUBLIC_KEY_NOT_RSA ,"public key not rsa"}, -{EVP_R_UNKNOWN_PBE_ALGORITHM ,"unknown pbe algorithm"}, -{EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS ,"unsuported number of rounds"}, -{EVP_R_UNSUPPORTED_CIPHER ,"unsupported cipher"}, -{EVP_R_UNSUPPORTED_KEYLENGTH ,"unsupported keylength"}, -{EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION,"unsupported key derivation function"}, -{EVP_R_UNSUPPORTED_KEY_SIZE ,"unsupported key size"}, -{EVP_R_UNSUPPORTED_PRF ,"unsupported prf"}, -{EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM ,"unsupported private key algorithm"}, -{EVP_R_UNSUPPORTED_SALT_TYPE ,"unsupported salt type"}, -{EVP_R_WRONG_FINAL_BLOCK_LENGTH ,"wrong final block length"}, -{EVP_R_WRONG_PUBLIC_KEY_TYPE ,"wrong public key type"}, -{0,NULL} - }; - -#endif - -void ERR_load_EVP_strings(void) - { - static int init=1; - - if (init) - { - init=0; -#ifndef NO_ERR - ERR_load_strings(ERR_LIB_EVP,EVP_str_functs); - ERR_load_strings(ERR_LIB_EVP,EVP_str_reasons); -#endif - - } - } diff --git a/src/lib/libcrypto/evp/evp_key.c b/src/lib/libcrypto/evp/evp_key.c deleted file mode 100644 index 09b72bf4bd..0000000000 --- a/src/lib/libcrypto/evp/evp_key.c +++ /dev/null @@ -1,159 +0,0 @@ -/* crypto/evp/evp_key.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include -#include - -/* should be init to zeros. */ -static char prompt_string[80]; - -void EVP_set_pw_prompt(char *prompt) - { - if (prompt == NULL) - prompt_string[0]='\0'; - else - strncpy(prompt_string,prompt,79); - } - -char *EVP_get_pw_prompt(void) - { - if (prompt_string[0] == '\0') - return(NULL); - else - return(prompt_string); - } - -/* For historical reasons, the standard function for reading passwords is - * in the DES library -- if someone ever wants to disable DES, - * this function will fail */ -int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify) - { -#ifndef NO_DES - if ((prompt == NULL) && (prompt_string[0] != '\0')) - prompt=prompt_string; - return(des_read_pw_string(buf,len,prompt,verify)); -#else - return -1; -#endif - } - -int EVP_BytesToKey(const EVP_CIPHER *type, EVP_MD *md, unsigned char *salt, - unsigned char *data, int datal, int count, unsigned char *key, - unsigned char *iv) - { - EVP_MD_CTX c; - unsigned char md_buf[EVP_MAX_MD_SIZE]; - int niv,nkey,addmd=0; - unsigned int mds=0,i; - - nkey=type->key_len; - niv=type->iv_len; - - if (data == NULL) return(nkey); - - for (;;) - { - EVP_DigestInit(&c,md); - if (addmd++) - EVP_DigestUpdate(&c,&(md_buf[0]),mds); - EVP_DigestUpdate(&c,data,datal); - if (salt != NULL) - EVP_DigestUpdate(&c,salt,PKCS5_SALT_LEN); - EVP_DigestFinal(&c,&(md_buf[0]),&mds); - - for (i=1; i<(unsigned int)count; i++) - { - EVP_DigestInit(&c,md); - EVP_DigestUpdate(&c,&(md_buf[0]),mds); - EVP_DigestFinal(&c,&(md_buf[0]),&mds); - } - i=0; - if (nkey) - { - for (;;) - { - if (nkey == 0) break; - if (i == mds) break; - if (key != NULL) - *(key++)=md_buf[i]; - nkey--; - i++; - } - } - if (niv && (i != mds)) - { - for (;;) - { - if (niv == 0) break; - if (i == mds) break; - if (iv != NULL) - *(iv++)=md_buf[i]; - niv--; - i++; - } - } - if ((nkey == 0) && (niv == 0)) break; - } - memset(&c,0,sizeof(c)); - memset(&(md_buf[0]),0,EVP_MAX_MD_SIZE); - return(type->key_len); - } - diff --git a/src/lib/libcrypto/evp/evp_lib.c b/src/lib/libcrypto/evp/evp_lib.c deleted file mode 100644 index a431945ef5..0000000000 --- a/src/lib/libcrypto/evp/evp_lib.c +++ /dev/null @@ -1,142 +0,0 @@ -/* crypto/evp/evp_lib.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include - -int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type) - { - int ret; - - if (c->cipher->set_asn1_parameters != NULL) - ret=c->cipher->set_asn1_parameters(c,type); - else - ret=1; - return(ret); - } - -int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type) - { - int ret; - - if (c->cipher->get_asn1_parameters != NULL) - ret=c->cipher->get_asn1_parameters(c,type); - else - ret=1; - return(ret); - } - -int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type) - { - int i=0,l; - - if (type != NULL) - { - l=EVP_CIPHER_CTX_iv_length(c); - i=ASN1_TYPE_get_octetstring(type,c->oiv,l); - if (i != l) - return(-1); - else if (i > 0) - memcpy(c->iv,c->oiv,l); - } - return(i); - } - -int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c, ASN1_TYPE *type) - { - int i=0,j; - - if (type != NULL) - { - j=EVP_CIPHER_CTX_iv_length(c); - i=ASN1_TYPE_set_octetstring(type,c->oiv,j); - } - return(i); - } - -/* Convert the various cipher NIDs and dummies to a proper OID NID */ -int EVP_CIPHER_type(const EVP_CIPHER *ctx) -{ - int nid; - ASN1_OBJECT *otmp; - nid = EVP_CIPHER_nid(ctx); - - switch(nid) { - - case NID_rc2_cbc: - case NID_rc2_64_cbc: - case NID_rc2_40_cbc: - - return NID_rc2_cbc; - - case NID_rc4: - case NID_rc4_40: - - return NID_rc4; - - default: - /* Check it has an OID and it is valid */ - otmp = OBJ_nid2obj(nid); - if(!otmp || !otmp->data) nid = NID_undef; - ASN1_OBJECT_free(otmp); - return nid; - } -} - diff --git a/src/lib/libcrypto/evp/evp_locl.h b/src/lib/libcrypto/evp/evp_locl.h deleted file mode 100644 index ce49d5b7d8..0000000000 --- a/src/lib/libcrypto/evp/evp_locl.h +++ /dev/null @@ -1,168 +0,0 @@ -/* evp_locl.h */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 2000. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* Macros to code block cipher wrappers */ - -/* Wrapper functions for each cipher mode */ - -#define BLOCK_CIPHER_ecb_loop() \ - unsigned int i; \ - if(inl < 8) return 1;\ - inl -= 8; \ - for(i=0; i <= inl; i+=8) \ - -#define BLOCK_CIPHER_func_ecb(cname, cprefix, kname) \ -static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \ -{\ - BLOCK_CIPHER_ecb_loop() \ - cprefix##_ecb_encrypt(in + i, out + i, &ctx->c.kname, ctx->encrypt);\ - return 1;\ -} - -#define BLOCK_CIPHER_func_ofb(cname, cprefix, kname) \ -static int cname##_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \ -{\ - cprefix##_ofb64_encrypt(in, out, (long)inl, &ctx->c.kname, ctx->iv, &ctx->num);\ - return 1;\ -} - -#define BLOCK_CIPHER_func_cbc(cname, cprefix, kname) \ -static int cname##_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \ -{\ - cprefix##_cbc_encrypt(in, out, (long)inl, &ctx->c.kname, ctx->iv, ctx->encrypt);\ - return 1;\ -} - -#define BLOCK_CIPHER_func_cfb(cname, cprefix, kname) \ -static int cname##_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \ -{\ - cprefix##_cfb64_encrypt(in, out, (long)inl, &ctx->c.kname, ctx->iv, &ctx->num, ctx->encrypt);\ - return 1;\ -} - -#define BLOCK_CIPHER_all_funcs(cname, cprefix, kname) \ - BLOCK_CIPHER_func_cbc(cname, cprefix, kname) \ - BLOCK_CIPHER_func_cfb(cname, cprefix, kname) \ - BLOCK_CIPHER_func_ecb(cname, cprefix, kname) \ - BLOCK_CIPHER_func_ofb(cname, cprefix, kname) - -#define BLOCK_CIPHER_defs(cname, kstruct, \ - nid, block_size, key_len, iv_len, flags,\ - init_key, cleanup, set_asn1, get_asn1, ctrl)\ -static EVP_CIPHER cname##_cbc = {\ - nid##_cbc, block_size, key_len, iv_len, \ - flags | EVP_CIPH_CBC_MODE,\ - init_key,\ - cname##_cbc_cipher,\ - cleanup,\ - sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\ - sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\ - set_asn1, get_asn1,\ - ctrl, \ - NULL \ -};\ -EVP_CIPHER *EVP_##cname##_cbc(void) { return &cname##_cbc; }\ -static EVP_CIPHER cname##_cfb = {\ - nid##_cfb64, 1, key_len, iv_len, \ - flags | EVP_CIPH_CFB_MODE,\ - init_key,\ - cname##_cfb_cipher,\ - cleanup,\ - sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\ - sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\ - set_asn1, get_asn1,\ - ctrl,\ - NULL \ -};\ -EVP_CIPHER *EVP_##cname##_cfb(void) { return &cname##_cfb; }\ -static EVP_CIPHER cname##_ofb = {\ - nid##_ofb64, 1, key_len, iv_len, \ - flags | EVP_CIPH_OFB_MODE,\ - init_key,\ - cname##_ofb_cipher,\ - cleanup,\ - sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\ - sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\ - set_asn1, get_asn1,\ - ctrl,\ - NULL \ -};\ -EVP_CIPHER *EVP_##cname##_ofb(void) { return &cname##_ofb; }\ -static EVP_CIPHER cname##_ecb = {\ - nid##_ecb, block_size, key_len, iv_len, \ - flags | EVP_CIPH_ECB_MODE,\ - init_key,\ - cname##_ecb_cipher,\ - cleanup,\ - sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+\ - sizeof((((EVP_CIPHER_CTX *)NULL)->c.kstruct)),\ - set_asn1, get_asn1,\ - ctrl,\ - NULL \ -};\ -EVP_CIPHER *EVP_##cname##_ecb(void) { return &cname##_ecb; } - - - -#define IMPLEMENT_BLOCK_CIPHER(cname, kname, cprefix, kstruct, \ - nid, block_size, key_len, iv_len, flags, \ - init_key, cleanup, set_asn1, get_asn1, ctrl) \ - BLOCK_CIPHER_all_funcs(cname, cprefix, kname) \ - BLOCK_CIPHER_defs(cname, kstruct, nid, block_size, key_len, iv_len, flags,\ - init_key, cleanup, set_asn1, get_asn1, ctrl) - diff --git a/src/lib/libcrypto/evp/evp_pbe.c b/src/lib/libcrypto/evp/evp_pbe.c deleted file mode 100644 index 224a422b12..0000000000 --- a/src/lib/libcrypto/evp/evp_pbe.c +++ /dev/null @@ -1,136 +0,0 @@ -/* evp_pbe.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include -#include "cryptlib.h" - -/* Password based encryption (PBE) functions */ - -static STACK *pbe_algs; - -/* Setup a cipher context from a PBE algorithm */ - -typedef struct { -int pbe_nid; -EVP_CIPHER *cipher; -EVP_MD *md; -EVP_PBE_KEYGEN *keygen; -} EVP_PBE_CTL; - -int EVP_PBE_CipherInit (ASN1_OBJECT *pbe_obj, const char *pass, int passlen, - ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de) -{ - - EVP_PBE_CTL *pbetmp, pbelu; - int i; - pbelu.pbe_nid = OBJ_obj2nid(pbe_obj); - if (pbelu.pbe_nid != NID_undef) i = sk_find(pbe_algs, (char *)&pbelu); - else i = -1; - - if (i == -1) { - char obj_tmp[80]; - EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_UNKNOWN_PBE_ALGORITHM); - if (!pbe_obj) strcpy (obj_tmp, "NULL"); - else i2t_ASN1_OBJECT(obj_tmp, 80, pbe_obj); - ERR_add_error_data(2, "TYPE=", obj_tmp); - return 0; - } - if(!pass) passlen = 0; - else if (passlen == -1) passlen = strlen(pass); - pbetmp = (EVP_PBE_CTL *)sk_value (pbe_algs, i); - i = (*pbetmp->keygen)(ctx, pass, passlen, param, pbetmp->cipher, - pbetmp->md, en_de); - if (!i) { - EVPerr(EVP_F_EVP_PBE_CIPHERINIT,EVP_R_KEYGEN_FAILURE); - return 0; - } - return 1; -} - -static int pbe_cmp(const char * const *a, const char * const *b) -{ - EVP_PBE_CTL **pbe1 = (EVP_PBE_CTL **) a, **pbe2 = (EVP_PBE_CTL **)b; - return ((*pbe1)->pbe_nid - (*pbe2)->pbe_nid); -} - -/* Add a PBE algorithm */ - -int EVP_PBE_alg_add (int nid, EVP_CIPHER *cipher, EVP_MD *md, - EVP_PBE_KEYGEN *keygen) -{ - EVP_PBE_CTL *pbe_tmp; - if (!pbe_algs) pbe_algs = sk_new(pbe_cmp); - if (!(pbe_tmp = (EVP_PBE_CTL*) OPENSSL_malloc (sizeof(EVP_PBE_CTL)))) { - EVPerr(EVP_F_EVP_PBE_ALG_ADD,ERR_R_MALLOC_FAILURE); - return 0; - } - pbe_tmp->pbe_nid = nid; - pbe_tmp->cipher = cipher; - pbe_tmp->md = md; - pbe_tmp->keygen = keygen; - sk_push (pbe_algs, (char *)pbe_tmp); - return 1; -} - -void EVP_PBE_cleanup(void) -{ - sk_pop_free(pbe_algs, OPENSSL_freeFunc); - pbe_algs = NULL; -} diff --git a/src/lib/libcrypto/evp/evp_pkey.c b/src/lib/libcrypto/evp/evp_pkey.c deleted file mode 100644 index 8df2874f3c..0000000000 --- a/src/lib/libcrypto/evp/evp_pkey.c +++ /dev/null @@ -1,408 +0,0 @@ -/* evp_pkey.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include "cryptlib.h" -#include -#include - -static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8inf, EVP_PKEY *pkey); - -/* Extract a private key from a PKCS8 structure */ - -EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8) -{ - EVP_PKEY *pkey = NULL; -#ifndef NO_RSA - RSA *rsa = NULL; -#endif -#ifndef NO_DSA - DSA *dsa = NULL; - ASN1_INTEGER *privkey; - ASN1_TYPE *t1, *t2, *param = NULL; - STACK_OF(ASN1_TYPE) *ndsa = NULL; - BN_CTX *ctx = NULL; - int plen; -#endif - X509_ALGOR *a; - unsigned char *p; - int pkeylen; - char obj_tmp[80]; - - if(p8->pkey->type == V_ASN1_OCTET_STRING) { - p8->broken = PKCS8_OK; - p = p8->pkey->value.octet_string->data; - pkeylen = p8->pkey->value.octet_string->length; - } else { - p8->broken = PKCS8_NO_OCTET; - p = p8->pkey->value.sequence->data; - pkeylen = p8->pkey->value.sequence->length; - } - if (!(pkey = EVP_PKEY_new())) { - EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE); - return NULL; - } - a = p8->pkeyalg; - switch (OBJ_obj2nid(a->algorithm)) - { -#ifndef NO_RSA - case NID_rsaEncryption: - if (!(rsa = d2i_RSAPrivateKey (NULL, &p, pkeylen))) { - EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); - return NULL; - } - EVP_PKEY_assign_RSA (pkey, rsa); - break; -#endif -#ifndef NO_DSA - case NID_dsa: - /* PKCS#8 DSA is weird: you just get a private key integer - * and parameters in the AlgorithmIdentifier the pubkey must - * be recalculated. - */ - - /* Check for broken DSA PKCS#8, UGH! */ - if(*p == (V_ASN1_SEQUENCE|V_ASN1_CONSTRUCTED)) { - if(!(ndsa = ASN1_seq_unpack_ASN1_TYPE(p, pkeylen, - d2i_ASN1_TYPE, - ASN1_TYPE_free))) { - EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); - goto dsaerr; - } - if(sk_ASN1_TYPE_num(ndsa) != 2 ) { - EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); - goto dsaerr; - } - /* Handle Two broken types: - * SEQUENCE {parameters, priv_key} - * SEQUENCE {pub_key, priv_key} - */ - - t1 = sk_ASN1_TYPE_value(ndsa, 0); - t2 = sk_ASN1_TYPE_value(ndsa, 1); - if(t1->type == V_ASN1_SEQUENCE) { - p8->broken = PKCS8_EMBEDDED_PARAM; - param = t1; - } else if(a->parameter->type == V_ASN1_SEQUENCE) { - p8->broken = PKCS8_NS_DB; - param = a->parameter; - } else { - EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); - goto dsaerr; - } - - if(t2->type != V_ASN1_INTEGER) { - EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); - goto dsaerr; - } - privkey = t2->value.integer; - } else { - if (!(privkey=d2i_ASN1_INTEGER (NULL, &p, pkeylen))) { - EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); - goto dsaerr; - } - param = p8->pkeyalg->parameter; - } - if (!param || (param->type != V_ASN1_SEQUENCE)) { - EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); - goto dsaerr; - } - p = param->value.sequence->data; - plen = param->value.sequence->length; - if (!(dsa = d2i_DSAparams (NULL, &p, plen))) { - EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); - goto dsaerr; - } - /* We have parameters now set private key */ - if (!(dsa->priv_key = ASN1_INTEGER_to_BN(privkey, NULL))) { - EVPerr(EVP_F_EVP_PKCS82PKEY,EVP_R_BN_DECODE_ERROR); - goto dsaerr; - } - /* Calculate public key (ouch!) */ - if (!(dsa->pub_key = BN_new())) { - EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE); - goto dsaerr; - } - if (!(ctx = BN_CTX_new())) { - EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE); - goto dsaerr; - } - - if (!BN_mod_exp(dsa->pub_key, dsa->g, - dsa->priv_key, dsa->p, ctx)) { - - EVPerr(EVP_F_EVP_PKCS82PKEY,EVP_R_BN_PUBKEY_ERROR); - goto dsaerr; - } - - EVP_PKEY_assign_DSA(pkey, dsa); - BN_CTX_free (ctx); - if(ndsa) sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); - else ASN1_INTEGER_free(privkey); - break; - dsaerr: - BN_CTX_free (ctx); - sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); - DSA_free(dsa); - EVP_PKEY_free(pkey); - return NULL; - break; -#endif - default: - EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM); - if (!a->algorithm) strcpy (obj_tmp, "NULL"); - else i2t_ASN1_OBJECT(obj_tmp, 80, a->algorithm); - ERR_add_error_data(2, "TYPE=", obj_tmp); - EVP_PKEY_free (pkey); - return NULL; - } - return pkey; -} - -PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey) -{ - return EVP_PKEY2PKCS8_broken(pkey, PKCS8_OK); -} - -/* Turn a private key into a PKCS8 structure */ - -PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken) -{ - PKCS8_PRIV_KEY_INFO *p8; - - if (!(p8 = PKCS8_PRIV_KEY_INFO_new())) { - EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); - return NULL; - } - p8->broken = broken; - ASN1_INTEGER_set (p8->version, 0); - if (!(p8->pkeyalg->parameter = ASN1_TYPE_new ())) { - EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); - PKCS8_PRIV_KEY_INFO_free (p8); - return NULL; - } - p8->pkey->type = V_ASN1_OCTET_STRING; - switch (EVP_PKEY_type(pkey->type)) { -#ifndef NO_RSA - case EVP_PKEY_RSA: - - if(p8->broken == PKCS8_NO_OCTET) p8->pkey->type = V_ASN1_SEQUENCE; - - p8->pkeyalg->algorithm = OBJ_nid2obj(NID_rsaEncryption); - p8->pkeyalg->parameter->type = V_ASN1_NULL; - if (!ASN1_pack_string ((char *)pkey, i2d_PrivateKey, - &p8->pkey->value.octet_string)) { - EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); - PKCS8_PRIV_KEY_INFO_free (p8); - return NULL; - } - break; -#endif -#ifndef NO_DSA - case EVP_PKEY_DSA: - if(!dsa_pkey2pkcs8(p8, pkey)) { - PKCS8_PRIV_KEY_INFO_free (p8); - return NULL; - } - - break; -#endif - default: - EVPerr(EVP_F_EVP_PKEY2PKCS8, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM); - PKCS8_PRIV_KEY_INFO_free (p8); - return NULL; - } - RAND_add(p8->pkey->value.octet_string->data, - p8->pkey->value.octet_string->length, 0); - return p8; -} - -PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken) -{ - switch (broken) { - - case PKCS8_OK: - p8->broken = PKCS8_OK; - return p8; - break; - - case PKCS8_NO_OCTET: - p8->broken = PKCS8_NO_OCTET; - p8->pkey->type = V_ASN1_SEQUENCE; - return p8; - break; - - default: - EVPerr(EVP_F_EVP_PKCS8_SET_BROKEN,EVP_R_PKCS8_UNKNOWN_BROKEN_TYPE); - return NULL; - break; - - } -} - -#ifndef NO_DSA -static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey) -{ - ASN1_STRING *params; - ASN1_INTEGER *prkey; - ASN1_TYPE *ttmp; - STACK_OF(ASN1_TYPE) *ndsa; - unsigned char *p, *q; - int len; - - p8->pkeyalg->algorithm = OBJ_nid2obj(NID_dsa); - len = i2d_DSAparams (pkey->pkey.dsa, NULL); - if (!(p = OPENSSL_malloc(len))) { - EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); - PKCS8_PRIV_KEY_INFO_free (p8); - return 0; - } - q = p; - i2d_DSAparams (pkey->pkey.dsa, &q); - params = ASN1_STRING_new(); - ASN1_STRING_set(params, p, len); - OPENSSL_free(p); - /* Get private key into integer */ - if (!(prkey = BN_to_ASN1_INTEGER (pkey->pkey.dsa->priv_key, NULL))) { - EVPerr(EVP_F_EVP_PKEY2PKCS8,EVP_R_ENCODE_ERROR); - return 0; - } - - switch(p8->broken) { - - case PKCS8_OK: - case PKCS8_NO_OCTET: - - if (!ASN1_pack_string((char *)prkey, i2d_ASN1_INTEGER, - &p8->pkey->value.octet_string)) { - EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); - M_ASN1_INTEGER_free (prkey); - return 0; - } - - M_ASN1_INTEGER_free (prkey); - p8->pkeyalg->parameter->value.sequence = params; - p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE; - - break; - - case PKCS8_NS_DB: - - p8->pkeyalg->parameter->value.sequence = params; - p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE; - ndsa = sk_ASN1_TYPE_new_null(); - ttmp = ASN1_TYPE_new(); - if (!(ttmp->value.integer = BN_to_ASN1_INTEGER (pkey->pkey.dsa->pub_key, NULL))) { - EVPerr(EVP_F_EVP_PKEY2PKCS8,EVP_R_ENCODE_ERROR); - PKCS8_PRIV_KEY_INFO_free(p8); - return 0; - } - ttmp->type = V_ASN1_INTEGER; - sk_ASN1_TYPE_push(ndsa, ttmp); - - ttmp = ASN1_TYPE_new(); - ttmp->value.integer = prkey; - ttmp->type = V_ASN1_INTEGER; - sk_ASN1_TYPE_push(ndsa, ttmp); - - p8->pkey->value.octet_string = ASN1_OCTET_STRING_new(); - - if (!ASN1_seq_pack_ASN1_TYPE(ndsa, i2d_ASN1_TYPE, - &p8->pkey->value.octet_string->data, - &p8->pkey->value.octet_string->length)) { - - EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); - sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); - M_ASN1_INTEGER_free(prkey); - return 0; - } - sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); - break; - - case PKCS8_EMBEDDED_PARAM: - - p8->pkeyalg->parameter->type = V_ASN1_NULL; - ndsa = sk_ASN1_TYPE_new_null(); - ttmp = ASN1_TYPE_new(); - ttmp->value.sequence = params; - ttmp->type = V_ASN1_SEQUENCE; - sk_ASN1_TYPE_push(ndsa, ttmp); - - ttmp = ASN1_TYPE_new(); - ttmp->value.integer = prkey; - ttmp->type = V_ASN1_INTEGER; - sk_ASN1_TYPE_push(ndsa, ttmp); - - p8->pkey->value.octet_string = ASN1_OCTET_STRING_new(); - - if (!ASN1_seq_pack_ASN1_TYPE(ndsa, i2d_ASN1_TYPE, - &p8->pkey->value.octet_string->data, - &p8->pkey->value.octet_string->length)) { - - EVPerr(EVP_F_EVP_PKEY2PKCS8,ERR_R_MALLOC_FAILURE); - sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); - M_ASN1_INTEGER_free (prkey); - return 0; - } - sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); - break; - } - return 1; -} -#endif diff --git a/src/lib/libcrypto/evp/m_dss.c b/src/lib/libcrypto/evp/m_dss.c deleted file mode 100644 index 8ea826868e..0000000000 --- a/src/lib/libcrypto/evp/m_dss.c +++ /dev/null @@ -1,83 +0,0 @@ -/* crypto/evp/m_dss.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include -#include - -#ifndef NO_SHA -static EVP_MD dsa_md= - { - NID_dsaWithSHA, - NID_dsaWithSHA, - SHA_DIGEST_LENGTH, - SHA1_Init, - SHA1_Update, - SHA1_Final, - EVP_PKEY_DSA_method, - SHA_CBLOCK, - sizeof(EVP_MD *)+sizeof(SHA_CTX), - }; - -EVP_MD *EVP_dss(void) - { - return(&dsa_md); - } -#endif diff --git a/src/lib/libcrypto/evp/m_dss1.c b/src/lib/libcrypto/evp/m_dss1.c deleted file mode 100644 index 9d8d1ce23e..0000000000 --- a/src/lib/libcrypto/evp/m_dss1.c +++ /dev/null @@ -1,83 +0,0 @@ -/* crypto/evp/m_dss1.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef NO_SHA -#include -#include "cryptlib.h" -#include -#include -#include - -static EVP_MD dss1_md= - { - NID_dsa, - NID_dsaWithSHA1, - SHA_DIGEST_LENGTH, - SHA1_Init, - SHA1_Update, - SHA1_Final, - EVP_PKEY_DSA_method, - SHA_CBLOCK, - sizeof(EVP_MD *)+sizeof(SHA_CTX), - }; - -EVP_MD *EVP_dss1(void) - { - return(&dss1_md); - } -#endif diff --git a/src/lib/libcrypto/evp/m_md4.c b/src/lib/libcrypto/evp/m_md4.c deleted file mode 100644 index 6a24ceb86d..0000000000 --- a/src/lib/libcrypto/evp/m_md4.c +++ /dev/null @@ -1,83 +0,0 @@ -/* crypto/evp/m_md4.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef NO_MD4 -#include -#include "cryptlib.h" -#include -#include -#include - -static EVP_MD md4_md= - { - NID_md4, - 0, - MD4_DIGEST_LENGTH, - MD4_Init, - MD4_Update, - MD4_Final, - EVP_PKEY_RSA_method, - MD4_CBLOCK, - sizeof(EVP_MD *)+sizeof(MD4_CTX), - }; - -EVP_MD *EVP_md4(void) - { - return(&md4_md); - } -#endif diff --git a/src/lib/libcrypto/evp/m_md5.c b/src/lib/libcrypto/evp/m_md5.c deleted file mode 100644 index 9fc9530127..0000000000 --- a/src/lib/libcrypto/evp/m_md5.c +++ /dev/null @@ -1,83 +0,0 @@ -/* crypto/evp/m_md5.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef NO_MD5 -#include -#include "cryptlib.h" -#include -#include -#include - -static EVP_MD md5_md= - { - NID_md5, - NID_md5WithRSAEncryption, - MD5_DIGEST_LENGTH, - MD5_Init, - MD5_Update, - MD5_Final, - EVP_PKEY_RSA_method, - MD5_CBLOCK, - sizeof(EVP_MD *)+sizeof(MD5_CTX), - }; - -EVP_MD *EVP_md5(void) - { - return(&md5_md); - } -#endif diff --git a/src/lib/libcrypto/evp/m_null.c b/src/lib/libcrypto/evp/m_null.c deleted file mode 100644 index e2dadf3dab..0000000000 --- a/src/lib/libcrypto/evp/m_null.c +++ /dev/null @@ -1,88 +0,0 @@ -/* crypto/evp/m_null.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include -#include - -static void function(void) - { - } - -static EVP_MD null_md= - { - NID_undef, - NID_undef, - 0, - function, - function, - function, - - EVP_PKEY_NULL_method, - 0, - sizeof(EVP_MD *), - }; - -EVP_MD *EVP_md_null(void) - { - return(&null_md); - } - - diff --git a/src/lib/libcrypto/evp/m_ripemd.c b/src/lib/libcrypto/evp/m_ripemd.c deleted file mode 100644 index 3d781a4e8d..0000000000 --- a/src/lib/libcrypto/evp/m_ripemd.c +++ /dev/null @@ -1,84 +0,0 @@ -/* crypto/evp/m_ripemd.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef NO_RIPEMD -#include -#include "cryptlib.h" -#include -#include -#include -#include - -static EVP_MD ripemd160_md= - { - NID_ripemd160, - NID_ripemd160WithRSA, - RIPEMD160_DIGEST_LENGTH, - RIPEMD160_Init, - RIPEMD160_Update, - RIPEMD160_Final, - EVP_PKEY_RSA_method, - RIPEMD160_CBLOCK, - sizeof(EVP_MD *)+sizeof(RIPEMD160_CTX), - }; - -EVP_MD *EVP_ripemd160(void) - { - return(&ripemd160_md); - } -#endif diff --git a/src/lib/libcrypto/evp/m_sha1.c b/src/lib/libcrypto/evp/m_sha1.c deleted file mode 100644 index 57a1ab0cce..0000000000 --- a/src/lib/libcrypto/evp/m_sha1.c +++ /dev/null @@ -1,83 +0,0 @@ -/* crypto/evp/m_sha1.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef NO_SHA -#include -#include "cryptlib.h" -#include -#include -#include - -static EVP_MD sha1_md= - { - NID_sha1, - NID_sha1WithRSAEncryption, - SHA_DIGEST_LENGTH, - SHA1_Init, - SHA1_Update, - SHA1_Final, - EVP_PKEY_RSA_method, - SHA_CBLOCK, - sizeof(EVP_MD *)+sizeof(SHA_CTX), - }; - -EVP_MD *EVP_sha1(void) - { - return(&sha1_md); - } -#endif diff --git a/src/lib/libcrypto/evp/names.c b/src/lib/libcrypto/evp/names.c deleted file mode 100644 index 620f43feaa..0000000000 --- a/src/lib/libcrypto/evp/names.c +++ /dev/null @@ -1,123 +0,0 @@ -/* crypto/evp/names.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include -#include - -int EVP_add_cipher(EVP_CIPHER *c) - { - int r; - - r=OBJ_NAME_add(OBJ_nid2sn(c->nid),OBJ_NAME_TYPE_CIPHER_METH,(char *)c); - if (r == 0) return(0); - r=OBJ_NAME_add(OBJ_nid2ln(c->nid),OBJ_NAME_TYPE_CIPHER_METH,(char *)c); - return(r); - } - -int EVP_add_digest(EVP_MD *md) - { - int r; - const char *name; - - name=OBJ_nid2sn(md->type); - r=OBJ_NAME_add(name,OBJ_NAME_TYPE_MD_METH,(char *)md); - if (r == 0) return(0); - r=OBJ_NAME_add(OBJ_nid2ln(md->type),OBJ_NAME_TYPE_MD_METH,(char *)md); - if (r == 0) return(0); - - if (md->type != md->pkey_type) - { - r=OBJ_NAME_add(OBJ_nid2sn(md->pkey_type), - OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS,name); - if (r == 0) return(0); - r=OBJ_NAME_add(OBJ_nid2ln(md->pkey_type), - OBJ_NAME_TYPE_MD_METH|OBJ_NAME_ALIAS,name); - } - return(r); - } - -const EVP_CIPHER *EVP_get_cipherbyname(const char *name) - { - const EVP_CIPHER *cp; - - cp=(const EVP_CIPHER *)OBJ_NAME_get(name,OBJ_NAME_TYPE_CIPHER_METH); - return(cp); - } - -const EVP_MD *EVP_get_digestbyname(const char *name) - { - const EVP_MD *cp; - - cp=(const EVP_MD *)OBJ_NAME_get(name,OBJ_NAME_TYPE_MD_METH); - return(cp); - } - -void EVP_cleanup(void) - { - OBJ_NAME_cleanup(OBJ_NAME_TYPE_CIPHER_METH); - OBJ_NAME_cleanup(OBJ_NAME_TYPE_MD_METH); - /* The above calls will only clean out the contents of the name - hash table, but not the hash table itself. The following line - does that part. -- Richard Levitte */ - OBJ_NAME_cleanup(-1); - - EVP_PBE_cleanup(); - } diff --git a/src/lib/libcrypto/evp/p5_crpt.c b/src/lib/libcrypto/evp/p5_crpt.c deleted file mode 100644 index 6bfa2c5acb..0000000000 --- a/src/lib/libcrypto/evp/p5_crpt.c +++ /dev/null @@ -1,149 +0,0 @@ -/* p5_crpt.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include -#include -#include "cryptlib.h" - -/* PKCS#5 v1.5 compatible PBE functions: see PKCS#5 v2.0 for more info. - */ - -void PKCS5_PBE_add(void) -{ -#ifndef NO_DES -# ifndef NO_MD5 -EVP_PBE_alg_add(NID_pbeWithMD5AndDES_CBC, EVP_des_cbc(), EVP_md5(), - PKCS5_PBE_keyivgen); -# endif -# ifndef NO_MD2 -EVP_PBE_alg_add(NID_pbeWithMD2AndDES_CBC, EVP_des_cbc(), EVP_md2(), - PKCS5_PBE_keyivgen); -# endif -# ifndef NO_SHA -EVP_PBE_alg_add(NID_pbeWithSHA1AndDES_CBC, EVP_des_cbc(), EVP_sha1(), - PKCS5_PBE_keyivgen); -# endif -#endif -#ifndef NO_RC2 -# ifndef NO_MD5 -EVP_PBE_alg_add(NID_pbeWithMD5AndRC2_CBC, EVP_rc2_64_cbc(), EVP_md5(), - PKCS5_PBE_keyivgen); -# endif -# ifndef NO_MD2 -EVP_PBE_alg_add(NID_pbeWithMD2AndRC2_CBC, EVP_rc2_64_cbc(), EVP_md2(), - PKCS5_PBE_keyivgen); -# endif -# ifndef NO_SHA -EVP_PBE_alg_add(NID_pbeWithSHA1AndRC2_CBC, EVP_rc2_64_cbc(), EVP_sha1(), - PKCS5_PBE_keyivgen); -# endif -#endif -#ifndef NO_HMAC -EVP_PBE_alg_add(NID_pbes2, NULL, NULL, PKCS5_v2_PBE_keyivgen); -#endif -} - -int PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen, - ASN1_TYPE *param, EVP_CIPHER *cipher, EVP_MD *md, - int en_de) -{ - EVP_MD_CTX ctx; - unsigned char md_tmp[EVP_MAX_MD_SIZE]; - unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH]; - int i; - PBEPARAM *pbe; - int saltlen, iter; - unsigned char *salt, *pbuf; - - /* Extract useful info from parameter */ - pbuf = param->value.sequence->data; - if (!param || (param->type != V_ASN1_SEQUENCE) || - !(pbe = d2i_PBEPARAM (NULL, &pbuf, param->value.sequence->length))) { - EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN,EVP_R_DECODE_ERROR); - return 0; - } - - if (!pbe->iter) iter = 1; - else iter = ASN1_INTEGER_get (pbe->iter); - salt = pbe->salt->data; - saltlen = pbe->salt->length; - - if(!pass) passlen = 0; - else if(passlen == -1) passlen = strlen(pass); - - EVP_DigestInit (&ctx, md); - EVP_DigestUpdate (&ctx, pass, passlen); - EVP_DigestUpdate (&ctx, salt, saltlen); - PBEPARAM_free(pbe); - EVP_DigestFinal (&ctx, md_tmp, NULL); - for (i = 1; i < iter; i++) { - EVP_DigestInit(&ctx, md); - EVP_DigestUpdate(&ctx, md_tmp, EVP_MD_size(md)); - EVP_DigestFinal (&ctx, md_tmp, NULL); - } - memcpy (key, md_tmp, EVP_CIPHER_key_length(cipher)); - memcpy (iv, md_tmp + (16 - EVP_CIPHER_iv_length(cipher)), - EVP_CIPHER_iv_length(cipher)); - EVP_CipherInit(cctx, cipher, key, iv, en_de); - memset(md_tmp, 0, EVP_MAX_MD_SIZE); - memset(key, 0, EVP_MAX_KEY_LENGTH); - memset(iv, 0, EVP_MAX_IV_LENGTH); - return 1; -} diff --git a/src/lib/libcrypto/evp/p5_crpt2.c b/src/lib/libcrypto/evp/p5_crpt2.c deleted file mode 100644 index 717fad68ca..0000000000 --- a/src/lib/libcrypto/evp/p5_crpt2.c +++ /dev/null @@ -1,248 +0,0 @@ -/* p5_crpt2.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -#if !defined(NO_HMAC) && !defined(NO_SHA) -#include -#include -#include -#include -#include -#include "cryptlib.h" - -/* set this to print out info about the keygen algorithm */ -/* #define DEBUG_PKCS5V2 */ - -#ifdef DEBUG_PKCS5V2 - static void h__dump (const unsigned char *p, int len); -#endif - -/* This is an implementation of PKCS#5 v2.0 password based encryption key - * derivation function PBKDF2 using the only currently defined function HMAC - * with SHA1. Verified against test vectors posted by Peter Gutmann - * to the PKCS-TNG mailing list. - */ - -int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen, - unsigned char *salt, int saltlen, int iter, - int keylen, unsigned char *out) -{ - unsigned char digtmp[SHA_DIGEST_LENGTH], *p, itmp[4]; - int cplen, j, k, tkeylen; - unsigned long i = 1; - HMAC_CTX hctx; - p = out; - tkeylen = keylen; - if(!pass) passlen = 0; - else if(passlen == -1) passlen = strlen(pass); - while(tkeylen) { - if(tkeylen > SHA_DIGEST_LENGTH) cplen = SHA_DIGEST_LENGTH; - else cplen = tkeylen; - /* We are unlikely to ever use more than 256 blocks (5120 bits!) - * but just in case... - */ - itmp[0] = (unsigned char)((i >> 24) & 0xff); - itmp[1] = (unsigned char)((i >> 16) & 0xff); - itmp[2] = (unsigned char)((i >> 8) & 0xff); - itmp[3] = (unsigned char)(i & 0xff); - HMAC_Init(&hctx, pass, passlen, EVP_sha1()); - HMAC_Update(&hctx, salt, saltlen); - HMAC_Update(&hctx, itmp, 4); - HMAC_Final(&hctx, digtmp, NULL); - memcpy(p, digtmp, cplen); - for(j = 1; j < iter; j++) { - HMAC(EVP_sha1(), pass, passlen, - digtmp, SHA_DIGEST_LENGTH, digtmp, NULL); - for(k = 0; k < cplen; k++) p[k] ^= digtmp[k]; - } - tkeylen-= cplen; - i++; - p+= cplen; - } - HMAC_cleanup(&hctx); -#ifdef DEBUG_PKCS5V2 - fprintf(stderr, "Password:\n"); - h__dump (pass, passlen); - fprintf(stderr, "Salt:\n"); - h__dump (salt, saltlen); - fprintf(stderr, "Iteration count %d\n", iter); - fprintf(stderr, "Key:\n"); - h__dump (out, keylen); -#endif - return 1; -} - -#ifdef DO_TEST -main() -{ - unsigned char out[4]; - unsigned char salt[] = {0x12, 0x34, 0x56, 0x78}; - PKCS5_PBKDF2_HMAC_SHA1("password", -1, salt, 4, 5, 4, out); - fprintf(stderr, "Out %02X %02X %02X %02X\n", - out[0], out[1], out[2], out[3]); -} - -#endif - -/* Now the key derivation function itself. This is a bit evil because - * it has to check the ASN1 parameters are valid: and there are quite a - * few of them... - */ - -int PKCS5_v2_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, - ASN1_TYPE *param, EVP_CIPHER *c, EVP_MD *md, - int en_de) -{ - unsigned char *pbuf, *salt, key[EVP_MAX_KEY_LENGTH]; - int saltlen, keylen, iter, plen; - PBE2PARAM *pbe2 = NULL; - const EVP_CIPHER *cipher; - PBKDF2PARAM *kdf = NULL; - - pbuf = param->value.sequence->data; - plen = param->value.sequence->length; - if(!param || (param->type != V_ASN1_SEQUENCE) || - !(pbe2 = d2i_PBE2PARAM(NULL, &pbuf, plen))) { - EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR); - return 0; - } - - /* See if we recognise the key derivation function */ - - if(OBJ_obj2nid(pbe2->keyfunc->algorithm) != NID_id_pbkdf2) { - EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, - EVP_R_UNSUPPORTED_KEY_DERIVATION_FUNCTION); - goto err; - } - - /* lets see if we recognise the encryption algorithm. - */ - - cipher = EVP_get_cipherbyname( - OBJ_nid2sn(OBJ_obj2nid(pbe2->encryption->algorithm))); - - if(!cipher) { - EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, - EVP_R_UNSUPPORTED_CIPHER); - goto err; - } - - /* Fixup cipher based on AlgorithmIdentifier */ - EVP_CipherInit(ctx, cipher, NULL, NULL, en_de); - if(EVP_CIPHER_asn1_to_param(ctx, pbe2->encryption->parameter) < 0) { - EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, - EVP_R_CIPHER_PARAMETER_ERROR); - goto err; - } - keylen = EVP_CIPHER_CTX_key_length(ctx); - - /* Now decode key derivation function */ - - pbuf = pbe2->keyfunc->parameter->value.sequence->data; - plen = pbe2->keyfunc->parameter->value.sequence->length; - if(!pbe2->keyfunc->parameter || - (pbe2->keyfunc->parameter->type != V_ASN1_SEQUENCE) || - !(kdf = d2i_PBKDF2PARAM(NULL, &pbuf, plen)) ) { - EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN,EVP_R_DECODE_ERROR); - goto err; - } - - PBE2PARAM_free(pbe2); - pbe2 = NULL; - - /* Now check the parameters of the kdf */ - - if(kdf->keylength && (ASN1_INTEGER_get(kdf->keylength) != keylen)){ - EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, - EVP_R_UNSUPPORTED_KEYLENGTH); - goto err; - } - - if(kdf->prf && (OBJ_obj2nid(kdf->prf->algorithm) != NID_hmacWithSHA1)) { - EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, EVP_R_UNSUPPORTED_PRF); - goto err; - } - - if(kdf->salt->type != V_ASN1_OCTET_STRING) { - EVPerr(EVP_F_PKCS5_V2_PBE_KEYIVGEN, - EVP_R_UNSUPPORTED_SALT_TYPE); - goto err; - } - - /* it seems that its all OK */ - salt = kdf->salt->value.octet_string->data; - saltlen = kdf->salt->value.octet_string->length; - iter = ASN1_INTEGER_get(kdf->iter); - PKCS5_PBKDF2_HMAC_SHA1(pass, passlen, salt, saltlen, iter, keylen, key); - EVP_CipherInit(ctx, NULL, key, NULL, en_de); - memset(key, 0, keylen); - PBKDF2PARAM_free(kdf); - return 1; - - err: - PBE2PARAM_free(pbe2); - PBKDF2PARAM_free(kdf); - return 0; -} - -#ifdef DEBUG_PKCS5V2 -static void h__dump (const unsigned char *p, int len) -{ - for (; len --; p++) fprintf(stderr, "%02X ", *p); - fprintf(stderr, "\n"); -} -#endif -#endif diff --git a/src/lib/libcrypto/evp/p_dec.c b/src/lib/libcrypto/evp/p_dec.c deleted file mode 100644 index 57b5daa453..0000000000 --- a/src/lib/libcrypto/evp/p_dec.c +++ /dev/null @@ -1,87 +0,0 @@ -/* crypto/evp/p_dec.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#ifndef NO_RSA -#include -#endif -#include -#include -#include - -int EVP_PKEY_decrypt(unsigned char *key, unsigned char *ek, int ekl, - EVP_PKEY *priv) - { - int ret= -1; - -#ifndef NO_RSA - if (priv->type != EVP_PKEY_RSA) - { -#endif - EVPerr(EVP_F_EVP_PKEY_DECRYPT,EVP_R_PUBLIC_KEY_NOT_RSA); -#ifndef NO_RSA - goto err; - } - - ret=RSA_private_decrypt(ekl,ek,key,priv->pkey.rsa,RSA_PKCS1_PADDING); -err: -#endif - return(ret); - } diff --git a/src/lib/libcrypto/evp/p_enc.c b/src/lib/libcrypto/evp/p_enc.c deleted file mode 100644 index 4cf6acaf5d..0000000000 --- a/src/lib/libcrypto/evp/p_enc.c +++ /dev/null @@ -1,86 +0,0 @@ -/* crypto/evp/p_enc.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#ifndef NO_RSA -#include -#endif -#include -#include -#include - -int EVP_PKEY_encrypt(unsigned char *ek, unsigned char *key, int key_len, - EVP_PKEY *pubk) - { - int ret=0; - -#ifndef NO_RSA - if (pubk->type != EVP_PKEY_RSA) - { -#endif - EVPerr(EVP_F_EVP_PKEY_ENCRYPT,EVP_R_PUBLIC_KEY_NOT_RSA); -#ifndef NO_RSA - goto err; - } - ret=RSA_public_encrypt(key_len,key,ek,pubk->pkey.rsa,RSA_PKCS1_PADDING); -err: -#endif - return(ret); - } diff --git a/src/lib/libcrypto/evp/p_lib.c b/src/lib/libcrypto/evp/p_lib.c deleted file mode 100644 index 62398ed74d..0000000000 --- a/src/lib/libcrypto/evp/p_lib.c +++ /dev/null @@ -1,333 +0,0 @@ -/* crypto/evp/p_lib.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include -#include -#include - -static void EVP_PKEY_free_it(EVP_PKEY *x); -int EVP_PKEY_bits(EVP_PKEY *pkey) - { -#ifndef NO_RSA - if (pkey->type == EVP_PKEY_RSA) - return(BN_num_bits(pkey->pkey.rsa->n)); - else -#endif -#ifndef NO_DSA - if (pkey->type == EVP_PKEY_DSA) - return(BN_num_bits(pkey->pkey.dsa->p)); -#endif - return(0); - } - -int EVP_PKEY_size(EVP_PKEY *pkey) - { - if (pkey == NULL) - return(0); -#ifndef NO_RSA - if (pkey->type == EVP_PKEY_RSA) - return(RSA_size(pkey->pkey.rsa)); - else -#endif -#ifndef NO_DSA - if (pkey->type == EVP_PKEY_DSA) - return(DSA_size(pkey->pkey.dsa)); -#endif - return(0); - } - -int EVP_PKEY_save_parameters(EVP_PKEY *pkey, int mode) - { -#ifndef NO_DSA - if (pkey->type == EVP_PKEY_DSA) - { - int ret=pkey->save_parameters=mode; - - if (mode >= 0) - pkey->save_parameters=mode; - return(ret); - } -#endif - return(0); - } - -int EVP_PKEY_copy_parameters(EVP_PKEY *to, EVP_PKEY *from) - { - if (to->type != from->type) - { - EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,EVP_R_DIFFERENT_KEY_TYPES); - goto err; - } - - if (EVP_PKEY_missing_parameters(from)) - { - EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,EVP_R_MISSING_PARAMETERS); - goto err; - } -#ifndef NO_DSA - if (to->type == EVP_PKEY_DSA) - { - BIGNUM *a; - - if ((a=BN_dup(from->pkey.dsa->p)) == NULL) goto err; - if (to->pkey.dsa->p != NULL) BN_free(to->pkey.dsa->p); - to->pkey.dsa->p=a; - - if ((a=BN_dup(from->pkey.dsa->q)) == NULL) goto err; - if (to->pkey.dsa->q != NULL) BN_free(to->pkey.dsa->q); - to->pkey.dsa->q=a; - - if ((a=BN_dup(from->pkey.dsa->g)) == NULL) goto err; - if (to->pkey.dsa->g != NULL) BN_free(to->pkey.dsa->g); - to->pkey.dsa->g=a; - } -#endif - return(1); -err: - return(0); - } - -int EVP_PKEY_missing_parameters(EVP_PKEY *pkey) - { -#ifndef NO_DSA - if (pkey->type == EVP_PKEY_DSA) - { - DSA *dsa; - - dsa=pkey->pkey.dsa; - if ((dsa->p == NULL) || (dsa->q == NULL) || (dsa->g == NULL)) - return(1); - } -#endif - return(0); - } - -int EVP_PKEY_cmp_parameters(EVP_PKEY *a, EVP_PKEY *b) - { -#ifndef NO_DSA - if ((a->type == EVP_PKEY_DSA) && (b->type == EVP_PKEY_DSA)) - { - if ( BN_cmp(a->pkey.dsa->p,b->pkey.dsa->p) || - BN_cmp(a->pkey.dsa->q,b->pkey.dsa->q) || - BN_cmp(a->pkey.dsa->g,b->pkey.dsa->g)) - return(0); - else - return(1); - } -#endif - return(-1); - } - -EVP_PKEY *EVP_PKEY_new(void) - { - EVP_PKEY *ret; - - ret=(EVP_PKEY *)OPENSSL_malloc(sizeof(EVP_PKEY)); - if (ret == NULL) - { - EVPerr(EVP_F_EVP_PKEY_NEW,ERR_R_MALLOC_FAILURE); - return(NULL); - } - ret->type=EVP_PKEY_NONE; - ret->references=1; - ret->pkey.ptr=NULL; - ret->attributes=NULL; - ret->save_parameters=1; - return(ret); - } - -int EVP_PKEY_assign(EVP_PKEY *pkey, int type, char *key) - { - if (pkey == NULL) return(0); - if (pkey->pkey.ptr != NULL) - EVP_PKEY_free_it(pkey); - pkey->type=EVP_PKEY_type(type); - pkey->save_type=type; - pkey->pkey.ptr=key; - return(key != NULL); - } - -#ifndef NO_RSA -int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key) -{ - int ret = EVP_PKEY_assign_RSA(pkey, key); - if(ret) CRYPTO_add(&key->references, 1, CRYPTO_LOCK_RSA); - return ret; -} - -RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey) - { - if(pkey->type != EVP_PKEY_RSA) { - EVPerr(EVP_F_EVP_PKEY_GET1_RSA, EVP_R_EXPECTING_AN_RSA_KEY); - return NULL; - } - CRYPTO_add(&pkey->pkey.rsa->references, 1, CRYPTO_LOCK_RSA); - return pkey->pkey.rsa; -} -#endif - -#ifndef NO_DSA -int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key) -{ - int ret = EVP_PKEY_assign_DSA(pkey, key); - if(ret) CRYPTO_add(&key->references, 1, CRYPTO_LOCK_DSA); - return ret; -} - -DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey) - { - if(pkey->type != EVP_PKEY_DSA) { - EVPerr(EVP_F_EVP_PKEY_GET1_DSA, EVP_R_EXPECTING_A_DSA_KEY); - return NULL; - } - CRYPTO_add(&pkey->pkey.dsa->references, 1, CRYPTO_LOCK_DSA); - return pkey->pkey.dsa; -} -#endif - -#ifndef NO_DH - -int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key) -{ - int ret = EVP_PKEY_assign_DH(pkey, key); - if(ret) CRYPTO_add(&key->references, 1, CRYPTO_LOCK_DH); - return ret; -} - -DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey) - { - if(pkey->type != EVP_PKEY_DH) { - EVPerr(EVP_F_EVP_PKEY_GET1_DH, EVP_R_EXPECTING_A_DH_KEY); - return NULL; - } - CRYPTO_add(&pkey->pkey.dh->references, 1, CRYPTO_LOCK_DH); - return pkey->pkey.dh; -} -#endif - -int EVP_PKEY_type(int type) - { - switch (type) - { - case EVP_PKEY_RSA: - case EVP_PKEY_RSA2: - return(EVP_PKEY_RSA); - case EVP_PKEY_DSA: - case EVP_PKEY_DSA1: - case EVP_PKEY_DSA2: - case EVP_PKEY_DSA3: - case EVP_PKEY_DSA4: - return(EVP_PKEY_DSA); - case EVP_PKEY_DH: - return(EVP_PKEY_DH); - default: - return(NID_undef); - } - } - -void EVP_PKEY_free(EVP_PKEY *x) - { - int i; - - if (x == NULL) return; - - i=CRYPTO_add(&x->references,-1,CRYPTO_LOCK_EVP_PKEY); -#ifdef REF_PRINT - REF_PRINT("EVP_PKEY",x); -#endif - if (i > 0) return; -#ifdef REF_CHECK - if (i < 0) - { - fprintf(stderr,"EVP_PKEY_free, bad reference count\n"); - abort(); - } -#endif - EVP_PKEY_free_it(x); - OPENSSL_free(x); - } - -static void EVP_PKEY_free_it(EVP_PKEY *x) - { - switch (x->type) - { -#ifndef NO_RSA - case EVP_PKEY_RSA: - case EVP_PKEY_RSA2: - RSA_free(x->pkey.rsa); - break; -#endif -#ifndef NO_DSA - case EVP_PKEY_DSA: - case EVP_PKEY_DSA2: - case EVP_PKEY_DSA3: - case EVP_PKEY_DSA4: - DSA_free(x->pkey.dsa); - break; -#endif -#ifndef NO_DH - case EVP_PKEY_DH: - DH_free(x->pkey.dh); - break; -#endif - } - } - diff --git a/src/lib/libcrypto/evp/p_open.c b/src/lib/libcrypto/evp/p_open.c deleted file mode 100644 index 2760c00fec..0000000000 --- a/src/lib/libcrypto/evp/p_open.c +++ /dev/null @@ -1,123 +0,0 @@ -/* crypto/evp/p_open.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef NO_RSA -#include -#include "cryptlib.h" -#include -#include -#include - -int EVP_OpenInit(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, unsigned char *ek, - int ekl, unsigned char *iv, EVP_PKEY *priv) - { - unsigned char *key=NULL; - int i,size=0,ret=0; - - if(type) { - EVP_CIPHER_CTX_init(ctx); - if(!EVP_DecryptInit(ctx,type,NULL,NULL)) return 0; - } - - if(!priv) return 1; - - if (priv->type != EVP_PKEY_RSA) - { - EVPerr(EVP_F_EVP_OPENINIT,EVP_R_PUBLIC_KEY_NOT_RSA); - goto err; - } - - size=RSA_size(priv->pkey.rsa); - key=(unsigned char *)OPENSSL_malloc(size+2); - if (key == NULL) - { - /* ERROR */ - EVPerr(EVP_F_EVP_OPENINIT,ERR_R_MALLOC_FAILURE); - goto err; - } - - i=EVP_PKEY_decrypt(key,ek,ekl,priv); - if ((i <= 0) || !EVP_CIPHER_CTX_set_key_length(ctx, i)) - { - /* ERROR */ - goto err; - } - if(!EVP_DecryptInit(ctx,NULL,key,iv)) goto err; - - ret=1; -err: - if (key != NULL) memset(key,0,size); - OPENSSL_free(key); - return(ret); - } - -int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) - { - int i; - - i=EVP_DecryptFinal(ctx,out,outl); - EVP_DecryptInit(ctx,NULL,NULL,NULL); - return(i); - } -#else /* !NO_RSA */ - -# ifdef PEDANTIC -static void *dummy=&dummy; -# endif - -#endif diff --git a/src/lib/libcrypto/evp/p_seal.c b/src/lib/libcrypto/evp/p_seal.c deleted file mode 100644 index 2fd1d7e0c2..0000000000 --- a/src/lib/libcrypto/evp/p_seal.c +++ /dev/null @@ -1,112 +0,0 @@ -/* crypto/evp/p_seal.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#ifndef NO_RSA -#include -#endif -#include -#include -#include - -int EVP_SealInit(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, unsigned char **ek, - int *ekl, unsigned char *iv, EVP_PKEY **pubk, int npubk) - { - unsigned char key[EVP_MAX_KEY_LENGTH]; - int i; - - if(type) { - EVP_CIPHER_CTX_init(ctx); - if(!EVP_EncryptInit(ctx,type,NULL,NULL)) return 0; - } - if (npubk <= 0) return(0); - if (RAND_bytes(key,EVP_MAX_KEY_LENGTH) <= 0) - return(0); - if (EVP_CIPHER_CTX_iv_length(ctx)) - RAND_pseudo_bytes(iv,EVP_CIPHER_CTX_iv_length(ctx)); - - if(!EVP_EncryptInit(ctx,NULL,key,iv)) return 0; - - for (i=0; i -#include "cryptlib.h" -#include -#include -#include - -#ifdef undef -void EVP_SignInit(EVP_MD_CTX *ctx, EVP_MD *type) - { - EVP_DigestInit(ctx,type); - } - -void EVP_SignUpdate(EVP_MD_CTX *ctx, unsigned char *data, - unsigned int count) - { - EVP_DigestUpdate(ctx,data,count); - } -#endif - -int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen, - EVP_PKEY *pkey) - { - unsigned char m[EVP_MAX_MD_SIZE]; - unsigned int m_len; - int i,ok=0,v; - MS_STATIC EVP_MD_CTX tmp_ctx; - - *siglen=0; - EVP_MD_CTX_copy(&tmp_ctx,ctx); - EVP_DigestFinal(&tmp_ctx,&(m[0]),&m_len); - for (i=0; i<4; i++) - { - v=ctx->digest->required_pkey_type[i]; - if (v == 0) break; - if (pkey->type == v) - { - ok=1; - break; - } - } - if (!ok) - { - EVPerr(EVP_F_EVP_SIGNFINAL,EVP_R_WRONG_PUBLIC_KEY_TYPE); - return(0); - } - if (ctx->digest->sign == NULL) - { - EVPerr(EVP_F_EVP_SIGNFINAL,EVP_R_NO_SIGN_FUNCTION_CONFIGURED); - return(0); - } - return(ctx->digest->sign(ctx->digest->type,m,m_len,sigret,siglen, - pkey->pkey.ptr)); - } - diff --git a/src/lib/libcrypto/evp/p_verify.c b/src/lib/libcrypto/evp/p_verify.c deleted file mode 100644 index dcb54f3abb..0000000000 --- a/src/lib/libcrypto/evp/p_verify.c +++ /dev/null @@ -1,99 +0,0 @@ -/* crypto/evp/p_verify.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include -#include - -int EVP_VerifyFinal(EVP_MD_CTX *ctx, unsigned char *sigbuf, - unsigned int siglen, EVP_PKEY *pkey) - { - unsigned char m[EVP_MAX_MD_SIZE]; - unsigned int m_len; - int i,ok=0,v; - MS_STATIC EVP_MD_CTX tmp_ctx; - - for (i=0; i<4; i++) - { - v=ctx->digest->required_pkey_type[i]; - if (v == 0) break; - if (pkey->type == v) - { - ok=1; - break; - } - } - if (!ok) - { - EVPerr(EVP_F_EVP_VERIFYFINAL,EVP_R_WRONG_PUBLIC_KEY_TYPE); - return(-1); - } - EVP_MD_CTX_copy(&tmp_ctx,ctx); - EVP_DigestFinal(&tmp_ctx,&(m[0]),&m_len); - if (ctx->digest->verify == NULL) - { - EVPerr(EVP_F_EVP_VERIFYFINAL,EVP_R_NO_VERIFY_FUNCTION_CONFIGURED); - return(0); - } - - return(ctx->digest->verify(ctx->digest->type,m,m_len, - sigbuf,siglen,pkey->pkey.ptr)); - } - diff --git a/src/lib/libcrypto/ex_data.c b/src/lib/libcrypto/ex_data.c deleted file mode 100644 index 1ee88da2a8..0000000000 --- a/src/lib/libcrypto/ex_data.c +++ /dev/null @@ -1,223 +0,0 @@ -/* crypto/ex_data.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include -#include -#include "cryptlib.h" - -int CRYPTO_get_ex_new_index(int idx, STACK_OF(CRYPTO_EX_DATA_FUNCS) **skp, long argl, void *argp, - CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) - { - int ret= -1; - CRYPTO_EX_DATA_FUNCS *a; - - MemCheck_off(); - if (*skp == NULL) - *skp=sk_CRYPTO_EX_DATA_FUNCS_new_null(); - if (*skp == NULL) - { - CRYPTOerr(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX,ERR_R_MALLOC_FAILURE); - goto err; - } - a=(CRYPTO_EX_DATA_FUNCS *)OPENSSL_malloc(sizeof(CRYPTO_EX_DATA_FUNCS)); - if (a == NULL) - { - CRYPTOerr(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX,ERR_R_MALLOC_FAILURE); - goto err; - } - a->argl=argl; - a->argp=argp; - a->new_func=new_func; - a->dup_func=dup_func; - a->free_func=free_func; - while (sk_CRYPTO_EX_DATA_FUNCS_num(*skp) <= idx) - { - if (!sk_CRYPTO_EX_DATA_FUNCS_push(*skp,NULL)) - { - CRYPTOerr(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX,ERR_R_MALLOC_FAILURE); - OPENSSL_free(a); - goto err; - } - } - sk_CRYPTO_EX_DATA_FUNCS_set(*skp,idx, a); - ret=idx; -err: - MemCheck_on(); - return(idx); - } - -int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad, int idx, void *val) - { - int i; - - if (ad->sk == NULL) - { - if ((ad->sk=sk_new_null()) == NULL) - { - CRYPTOerr(CRYPTO_F_CRYPTO_SET_EX_DATA,ERR_R_MALLOC_FAILURE); - return(0); - } - } - i=sk_num(ad->sk); - - while (i <= idx) - { - if (!sk_push(ad->sk,NULL)) - { - CRYPTOerr(CRYPTO_F_CRYPTO_SET_EX_DATA,ERR_R_MALLOC_FAILURE); - return(0); - } - i++; - } - sk_set(ad->sk,idx,val); - return(1); - } - -void *CRYPTO_get_ex_data(CRYPTO_EX_DATA *ad, int idx) - { - if (ad->sk == NULL) - return(0); - else if (idx >= sk_num(ad->sk)) - return(0); - else - return(sk_value(ad->sk,idx)); - } - -/* The callback is called with the 'object', which is the original data object - * being duplicated, a pointer to the - * 'new' object to be inserted, the index, and the argi/argp - */ -int CRYPTO_dup_ex_data(STACK_OF(CRYPTO_EX_DATA_FUNCS) *meth, CRYPTO_EX_DATA *to, - CRYPTO_EX_DATA *from) - { - int i,j,m,r; - CRYPTO_EX_DATA_FUNCS *mm; - char *from_d; - - if (meth == NULL) return(1); - if (from->sk == NULL) return(1); - m=sk_CRYPTO_EX_DATA_FUNCS_num(meth); - j=sk_num(from->sk); - for (i=0; idup_func != NULL) - r=mm->dup_func(to,from,(char **)&from_d,i, - mm->argl,mm->argp); - } - CRYPTO_set_ex_data(to,i,from_d); - } - return(1); - } - -/* Call each free callback */ -void CRYPTO_free_ex_data(STACK_OF(CRYPTO_EX_DATA_FUNCS) *meth, void *obj, CRYPTO_EX_DATA *ad) - { - CRYPTO_EX_DATA_FUNCS *m; - void *ptr; - int i,max; - - if (meth != NULL) - { - max=sk_CRYPTO_EX_DATA_FUNCS_num(meth); - for (i=0; ifree_func != NULL)) - { - ptr=CRYPTO_get_ex_data(ad,i); - m->free_func(obj,ptr,ad,i,m->argl,m->argp); - } - } - } - if (ad->sk != NULL) - { - sk_free(ad->sk); - ad->sk=NULL; - } - } - -void CRYPTO_new_ex_data(STACK_OF(CRYPTO_EX_DATA_FUNCS) *meth, void *obj, CRYPTO_EX_DATA *ad) - { - CRYPTO_EX_DATA_FUNCS *m; - void *ptr; - int i,max; - - ad->sk=NULL; - if (meth != NULL) - { - max=sk_CRYPTO_EX_DATA_FUNCS_num(meth); - for (i=0; inew_func != NULL)) - { - ptr=CRYPTO_get_ex_data(ad,i); - m->new_func(obj,ptr,ad,i,m->argl,m->argp); - } - } - } - } - -IMPLEMENT_STACK_OF(CRYPTO_EX_DATA_FUNCS) diff --git a/src/lib/libcrypto/hmac/hmac.c b/src/lib/libcrypto/hmac/hmac.c deleted file mode 100644 index e1ec79e093..0000000000 --- a/src/lib/libcrypto/hmac/hmac.c +++ /dev/null @@ -1,152 +0,0 @@ -/* crypto/hmac/hmac.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -#include -#include -#include -#include - -void HMAC_Init(HMAC_CTX *ctx, const void *key, int len, - const EVP_MD *md) - { - int i,j,reset=0; - unsigned char pad[HMAC_MAX_MD_CBLOCK]; - - if (md != NULL) - { - reset=1; - ctx->md=md; - } - else - md=ctx->md; - - if (key != NULL) - { - reset=1; - j=EVP_MD_block_size(md); - if (j < len) - { - EVP_DigestInit(&ctx->md_ctx,md); - EVP_DigestUpdate(&ctx->md_ctx,key,len); - EVP_DigestFinal(&(ctx->md_ctx),ctx->key, - &ctx->key_length); - } - else - { - memcpy(ctx->key,key,len); - ctx->key_length=len; - } - if(ctx->key_length != HMAC_MAX_MD_CBLOCK) - memset(&ctx->key[ctx->key_length], 0, - HMAC_MAX_MD_CBLOCK - ctx->key_length); - } - - if (reset) - { - for (i=0; ikey[i]; - EVP_DigestInit(&ctx->i_ctx,md); - EVP_DigestUpdate(&ctx->i_ctx,pad,EVP_MD_block_size(md)); - - for (i=0; ikey[i]; - EVP_DigestInit(&ctx->o_ctx,md); - EVP_DigestUpdate(&ctx->o_ctx,pad,EVP_MD_block_size(md)); - } - - memcpy(&ctx->md_ctx,&ctx->i_ctx,sizeof(ctx->i_ctx)); - } - -void HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len) - { - EVP_DigestUpdate(&(ctx->md_ctx),data,len); - } - -void HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len) - { - int j; - unsigned int i; - unsigned char buf[EVP_MAX_MD_SIZE]; - - j=EVP_MD_block_size(ctx->md); - - EVP_DigestFinal(&(ctx->md_ctx),buf,&i); - memcpy(&(ctx->md_ctx),&(ctx->o_ctx),sizeof(ctx->o_ctx)); - EVP_DigestUpdate(&(ctx->md_ctx),buf,i); - EVP_DigestFinal(&(ctx->md_ctx),md,len); - } - -void HMAC_cleanup(HMAC_CTX *ctx) - { - memset(ctx,0,sizeof(HMAC_CTX)); - } - -unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len, - const unsigned char *d, int n, unsigned char *md, - unsigned int *md_len) - { - HMAC_CTX c; - static unsigned char m[EVP_MAX_MD_SIZE]; - - if (md == NULL) md=m; - HMAC_Init(&c,key,key_len,evp_md); - HMAC_Update(&c,d,n); - HMAC_Final(&c,md,md_len); - HMAC_cleanup(&c); - return(md); - } - diff --git a/src/lib/libcrypto/hmac/hmac.h b/src/lib/libcrypto/hmac/hmac.h deleted file mode 100644 index 328bad2608..0000000000 --- a/src/lib/libcrypto/hmac/hmac.h +++ /dev/null @@ -1,100 +0,0 @@ -/* crypto/hmac/hmac.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -#ifndef HEADER_HMAC_H -#define HEADER_HMAC_H - -#ifdef NO_HMAC -#error HMAC is disabled. -#endif - -#include - -#define HMAC_MAX_MD_CBLOCK 64 - -#ifdef __cplusplus -extern "C" { -#endif - -typedef struct hmac_ctx_st - { - const EVP_MD *md; - EVP_MD_CTX md_ctx; - EVP_MD_CTX i_ctx; - EVP_MD_CTX o_ctx; - unsigned int key_length; - unsigned char key[HMAC_MAX_MD_CBLOCK]; - } HMAC_CTX; - -#define HMAC_size(e) (EVP_MD_size((e)->md)) - - -void HMAC_Init(HMAC_CTX *ctx, const void *key, int len, - const EVP_MD *md); -void HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len); -void HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len); -void HMAC_cleanup(HMAC_CTX *ctx); -unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len, - const unsigned char *d, int n, unsigned char *md, - unsigned int *md_len); - - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/src/lib/libcrypto/idea/idea.h b/src/lib/libcrypto/idea/idea.h deleted file mode 100644 index f14adf8398..0000000000 --- a/src/lib/libcrypto/idea/idea.h +++ /dev/null @@ -1,99 +0,0 @@ -/* crypto/idea/idea.h */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_IDEA_H -#define HEADER_IDEA_H - -#ifdef NO_IDEA -#error IDEA is disabled. -#endif - -#define IDEA_ENCRYPT 1 -#define IDEA_DECRYPT 0 - -#include /* IDEA_INT */ -#define IDEA_BLOCK 8 -#define IDEA_KEY_LENGTH 16 - -#ifdef __cplusplus -extern "C" { -#endif - -typedef struct idea_key_st - { - IDEA_INT data[9][6]; - } IDEA_KEY_SCHEDULE; - -const char *idea_options(void); -void idea_ecb_encrypt(const unsigned char *in, unsigned char *out, - IDEA_KEY_SCHEDULE *ks); -void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks); -void idea_set_decrypt_key(IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk); -void idea_cbc_encrypt(const unsigned char *in, unsigned char *out, - long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,int enc); -void idea_cfb64_encrypt(const unsigned char *in, unsigned char *out, - long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv, - int *num,int enc); -void idea_ofb64_encrypt(const unsigned char *in, unsigned char *out, - long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv, int *num); -void idea_encrypt(unsigned long *in, IDEA_KEY_SCHEDULE *ks); -#ifdef __cplusplus -} -#endif - -#endif diff --git a/src/lib/libcrypto/lhash/lh_stats.c b/src/lib/libcrypto/lhash/lh_stats.c deleted file mode 100644 index ee0600060e..0000000000 --- a/src/lib/libcrypto/lhash/lh_stats.c +++ /dev/null @@ -1,274 +0,0 @@ -/* crypto/lhash/lh_stats.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -/* If you wish to build this outside of SSLeay, remove the following lines - * and things should work as expected */ -#include "cryptlib.h" - -#ifndef NO_BIO -#include -#endif -#include - -#ifdef NO_BIO - -void lh_stats(LHASH *lh, FILE *out) - { - fprintf(out,"num_items = %lu\n",lh->num_items); - fprintf(out,"num_nodes = %u\n",lh->num_nodes); - fprintf(out,"num_alloc_nodes = %u\n",lh->num_alloc_nodes); - fprintf(out,"num_expands = %lu\n",lh->num_expands); - fprintf(out,"num_expand_reallocs = %lu\n",lh->num_expand_reallocs); - fprintf(out,"num_contracts = %lu\n",lh->num_contracts); - fprintf(out,"num_contract_reallocs = %lu\n",lh->num_contract_reallocs); - fprintf(out,"num_hash_calls = %lu\n",lh->num_hash_calls); - fprintf(out,"num_comp_calls = %lu\n",lh->num_comp_calls); - fprintf(out,"num_insert = %lu\n",lh->num_insert); - fprintf(out,"num_replace = %lu\n",lh->num_replace); - fprintf(out,"num_delete = %lu\n",lh->num_delete); - fprintf(out,"num_no_delete = %lu\n",lh->num_no_delete); - fprintf(out,"num_retrieve = %lu\n",lh->num_retrieve); - fprintf(out,"num_retrieve_miss = %lu\n",lh->num_retrieve_miss); - fprintf(out,"num_hash_comps = %lu\n",lh->num_hash_comps); -#ifdef DEBUG - fprintf(out,"p = %u\n",lh->p); - fprintf(out,"pmax = %u\n",lh->pmax); - fprintf(out,"up_load = %lu\n",lh->up_load); - fprintf(out,"down_load = %lu\n",lh->down_load); -#endif - } - -void lh_node_stats(LHASH *lh, FILE *out) - { - LHASH_NODE *n; - unsigned int i,num; - - for (i=0; inum_nodes; i++) - { - for (n=lh->b[i],num=0; n != NULL; n=n->next) - num++; - fprintf(out,"node %6u -> %3u\n",i,num); - } - } - -void lh_node_usage_stats(LHASH *lh, FILE *out) - { - LHASH_NODE *n; - unsigned long num; - unsigned int i; - unsigned long total=0,n_used=0; - - for (i=0; inum_nodes; i++) - { - for (n=lh->b[i],num=0; n != NULL; n=n->next) - num++; - if (num != 0) - { - n_used++; - total+=num; - } - } - fprintf(out,"%lu nodes used out of %u\n",n_used,lh->num_nodes); - fprintf(out,"%lu items\n",total); - if (n_used == 0) return; - fprintf(out,"load %d.%02d actual load %d.%02d\n", - (int)(total/lh->num_nodes), - (int)((total%lh->num_nodes)*100/lh->num_nodes), - (int)(total/n_used), - (int)((total%n_used)*100/n_used)); - } - -#else - -#ifndef NO_FP_API -void lh_stats(LHASH *lh, FILE *fp) - { - BIO *bp; - - bp=BIO_new(BIO_s_file()); - if (bp == NULL) goto end; - BIO_set_fp(bp,fp,BIO_NOCLOSE); - lh_stats_bio(lh,bp); - BIO_free(bp); -end:; - } - -void lh_node_stats(LHASH *lh, FILE *fp) - { - BIO *bp; - - bp=BIO_new(BIO_s_file()); - if (bp == NULL) goto end; - BIO_set_fp(bp,fp,BIO_NOCLOSE); - lh_node_stats_bio(lh,bp); - BIO_free(bp); -end:; - } - -void lh_node_usage_stats(LHASH *lh, FILE *fp) - { - BIO *bp; - - bp=BIO_new(BIO_s_file()); - if (bp == NULL) goto end; - BIO_set_fp(bp,fp,BIO_NOCLOSE); - lh_node_usage_stats_bio(lh,bp); - BIO_free(bp); -end:; - } - -#endif - -void lh_stats_bio(LHASH *lh, BIO *out) - { - char buf[128]; - - sprintf(buf,"num_items = %lu\n",lh->num_items); - BIO_puts(out,buf); - sprintf(buf,"num_nodes = %u\n",lh->num_nodes); - BIO_puts(out,buf); - sprintf(buf,"num_alloc_nodes = %u\n",lh->num_alloc_nodes); - BIO_puts(out,buf); - sprintf(buf,"num_expands = %lu\n",lh->num_expands); - BIO_puts(out,buf); - sprintf(buf,"num_expand_reallocs = %lu\n",lh->num_expand_reallocs); - BIO_puts(out,buf); - sprintf(buf,"num_contracts = %lu\n",lh->num_contracts); - BIO_puts(out,buf); - sprintf(buf,"num_contract_reallocs = %lu\n",lh->num_contract_reallocs); - BIO_puts(out,buf); - sprintf(buf,"num_hash_calls = %lu\n",lh->num_hash_calls); - BIO_puts(out,buf); - sprintf(buf,"num_comp_calls = %lu\n",lh->num_comp_calls); - BIO_puts(out,buf); - sprintf(buf,"num_insert = %lu\n",lh->num_insert); - BIO_puts(out,buf); - sprintf(buf,"num_replace = %lu\n",lh->num_replace); - BIO_puts(out,buf); - sprintf(buf,"num_delete = %lu\n",lh->num_delete); - BIO_puts(out,buf); - sprintf(buf,"num_no_delete = %lu\n",lh->num_no_delete); - BIO_puts(out,buf); - sprintf(buf,"num_retrieve = %lu\n",lh->num_retrieve); - BIO_puts(out,buf); - sprintf(buf,"num_retrieve_miss = %lu\n",lh->num_retrieve_miss); - BIO_puts(out,buf); - sprintf(buf,"num_hash_comps = %lu\n",lh->num_hash_comps); - BIO_puts(out,buf); -#ifdef DEBUG - sprintf(buf,"p = %u\n",lh->p); - BIO_puts(out,buf); - sprintf(buf,"pmax = %u\n",lh->pmax); - BIO_puts(out,buf); - sprintf(buf,"up_load = %lu\n",lh->up_load); - BIO_puts(out,buf); - sprintf(buf,"down_load = %lu\n",lh->down_load); - BIO_puts(out,buf); -#endif - } - -void lh_node_stats_bio(LHASH *lh, BIO *out) - { - LHASH_NODE *n; - unsigned int i,num; - char buf[128]; - - for (i=0; inum_nodes; i++) - { - for (n=lh->b[i],num=0; n != NULL; n=n->next) - num++; - sprintf(buf,"node %6u -> %3u\n",i,num); - BIO_puts(out,buf); - } - } - -void lh_node_usage_stats_bio(LHASH *lh, BIO *out) - { - LHASH_NODE *n; - unsigned long num; - unsigned int i; - unsigned long total=0,n_used=0; - char buf[128]; - - for (i=0; inum_nodes; i++) - { - for (n=lh->b[i],num=0; n != NULL; n=n->next) - num++; - if (num != 0) - { - n_used++; - total+=num; - } - } - sprintf(buf,"%lu nodes used out of %u\n",n_used,lh->num_nodes); - BIO_puts(out,buf); - sprintf(buf,"%lu items\n",total); - BIO_puts(out,buf); - if (n_used == 0) return; - sprintf(buf,"load %d.%02d actual load %d.%02d\n", - (int)(total/lh->num_nodes), - (int)((total%lh->num_nodes)*100/lh->num_nodes), - (int)(total/n_used), - (int)((total%n_used)*100/n_used)); - BIO_puts(out,buf); - } - -#endif diff --git a/src/lib/libcrypto/lhash/lhash.c b/src/lib/libcrypto/lhash/lhash.c deleted file mode 100644 index 7da14620a4..0000000000 --- a/src/lib/libcrypto/lhash/lhash.c +++ /dev/null @@ -1,461 +0,0 @@ -/* crypto/lhash/lhash.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -/* Code for dynamic hash table routines - * Author - Eric Young v 2.0 - * - * 2.2 eay - added #include "crypto.h" so the memory leak checking code is - * present. eay 18-Jun-98 - * - * 2.1 eay - Added an 'error in last operation' flag. eay 6-May-98 - * - * 2.0 eay - Fixed a bug that occurred when using lh_delete - * from inside lh_doall(). As entries were deleted, - * the 'table' was 'contract()ed', making some entries - * jump from the end of the table to the start, there by - * skipping the lh_doall() processing. eay - 4/12/95 - * - * 1.9 eay - Fixed a memory leak in lh_free, the LHASH_NODEs - * were not being free()ed. 21/11/95 - * - * 1.8 eay - Put the stats routines into a separate file, lh_stats.c - * 19/09/95 - * - * 1.7 eay - Removed the fputs() for realloc failures - the code - * should silently tolerate them. I have also fixed things - * lint complained about 04/05/95 - * - * 1.6 eay - Fixed an invalid pointers in contract/expand 27/07/92 - * - * 1.5 eay - Fixed a misuse of realloc in expand 02/03/1992 - * - * 1.4 eay - Fixed lh_doall so the function can call lh_delete 28/05/91 - * - * 1.3 eay - Fixed a few lint problems 19/3/1991 - * - * 1.2 eay - Fixed lh_doall problem 13/3/1991 - * - * 1.1 eay - Added lh_doall - * - * 1.0 eay - First version - */ -#include -#include -#include -#include -#include - -const char *lh_version="lhash" OPENSSL_VERSION_PTEXT; - -#undef MIN_NODES -#define MIN_NODES 16 -#define UP_LOAD (2*LH_LOAD_MULT) /* load times 256 (default 2) */ -#define DOWN_LOAD (LH_LOAD_MULT) /* load times 256 (default 1) */ - -static void expand(LHASH *lh); -static void contract(LHASH *lh); -static LHASH_NODE **getrn(LHASH *lh, void *data, unsigned long *rhash); - -LHASH *lh_new(unsigned long (*h)(), int (*c)()) - { - LHASH *ret; - int i; - - if ((ret=(LHASH *)OPENSSL_malloc(sizeof(LHASH))) == NULL) - goto err0; - if ((ret->b=(LHASH_NODE **)OPENSSL_malloc(sizeof(LHASH_NODE *)*MIN_NODES)) == NULL) - goto err1; - for (i=0; ib[i]=NULL; - ret->comp=((c == NULL)?(int (*)())strcmp:c); - ret->hash=((h == NULL)?(unsigned long (*)())lh_strhash:h); - ret->num_nodes=MIN_NODES/2; - ret->num_alloc_nodes=MIN_NODES; - ret->p=0; - ret->pmax=MIN_NODES/2; - ret->up_load=UP_LOAD; - ret->down_load=DOWN_LOAD; - ret->num_items=0; - - ret->num_expands=0; - ret->num_expand_reallocs=0; - ret->num_contracts=0; - ret->num_contract_reallocs=0; - ret->num_hash_calls=0; - ret->num_comp_calls=0; - ret->num_insert=0; - ret->num_replace=0; - ret->num_delete=0; - ret->num_no_delete=0; - ret->num_retrieve=0; - ret->num_retrieve_miss=0; - ret->num_hash_comps=0; - - ret->error=0; - return(ret); -err1: - OPENSSL_free(ret); -err0: - return(NULL); - } - -void lh_free(LHASH *lh) - { - unsigned int i; - LHASH_NODE *n,*nn; - - if (lh == NULL) - return; - - for (i=0; inum_nodes; i++) - { - n=lh->b[i]; - while (n != NULL) - { - nn=n->next; - OPENSSL_free(n); - n=nn; - } - } - OPENSSL_free(lh->b); - OPENSSL_free(lh); - } - -void *lh_insert(LHASH *lh, void *data) - { - unsigned long hash; - LHASH_NODE *nn,**rn; - void *ret; - - lh->error=0; - if (lh->up_load <= (lh->num_items*LH_LOAD_MULT/lh->num_nodes)) - expand(lh); - - rn=getrn(lh,data,&hash); - - if (*rn == NULL) - { - if ((nn=(LHASH_NODE *)OPENSSL_malloc(sizeof(LHASH_NODE))) == NULL) - { - lh->error++; - return(NULL); - } - nn->data=data; - nn->next=NULL; -#ifndef NO_HASH_COMP - nn->hash=hash; -#endif - *rn=nn; - ret=NULL; - lh->num_insert++; - lh->num_items++; - } - else /* replace same key */ - { - ret= (*rn)->data; - (*rn)->data=data; - lh->num_replace++; - } - return(ret); - } - -void *lh_delete(LHASH *lh, void *data) - { - unsigned long hash; - LHASH_NODE *nn,**rn; - void *ret; - - lh->error=0; - rn=getrn(lh,data,&hash); - - if (*rn == NULL) - { - lh->num_no_delete++; - return(NULL); - } - else - { - nn= *rn; - *rn=nn->next; - ret=nn->data; - OPENSSL_free(nn); - lh->num_delete++; - } - - lh->num_items--; - if ((lh->num_nodes > MIN_NODES) && - (lh->down_load >= (lh->num_items*LH_LOAD_MULT/lh->num_nodes))) - contract(lh); - - return(ret); - } - -void *lh_retrieve(LHASH *lh, void *data) - { - unsigned long hash; - LHASH_NODE **rn; - void *ret; - - lh->error=0; - rn=getrn(lh,data,&hash); - - if (*rn == NULL) - { - lh->num_retrieve_miss++; - return(NULL); - } - else - { - ret= (*rn)->data; - lh->num_retrieve++; - } - return(ret); - } - -void lh_doall(LHASH *lh, void (*func)()) - { - lh_doall_arg(lh,func,NULL); - } - -void lh_doall_arg(LHASH *lh, void (*func)(), void *arg) - { - int i; - LHASH_NODE *a,*n; - - /* reverse the order so we search from 'top to bottom' - * We were having memory leaks otherwise */ - for (i=lh->num_nodes-1; i>=0; i--) - { - a=lh->b[i]; - while (a != NULL) - { - /* 28/05/91 - eay - n added so items can be deleted - * via lh_doall */ - n=a->next; - func(a->data,arg); - a=n; - } - } - } - -static void expand(LHASH *lh) - { - LHASH_NODE **n,**n1,**n2,*np; - unsigned int p,i,j; - unsigned long hash,nni; - - lh->num_nodes++; - lh->num_expands++; - p=(int)lh->p++; - n1= &(lh->b[p]); - n2= &(lh->b[p+(int)lh->pmax]); - *n2=NULL; /* 27/07/92 - eay - undefined pointer bug */ - nni=lh->num_alloc_nodes; - - for (np= *n1; np != NULL; ) - { -#ifndef NO_HASH_COMP - hash=np->hash; -#else - hash=(*(lh->hash))(np->data); - lh->num_hash_calls++; -#endif - if ((hash%nni) != p) - { /* move it */ - *n1= (*n1)->next; - np->next= *n2; - *n2=np; - } - else - n1= &((*n1)->next); - np= *n1; - } - - if ((lh->p) >= lh->pmax) - { - j=(int)lh->num_alloc_nodes*2; - n=(LHASH_NODE **)OPENSSL_realloc(lh->b, - (unsigned int)sizeof(LHASH_NODE *)*j); - if (n == NULL) - { -/* fputs("realloc error in lhash",stderr); */ - lh->error++; - lh->p=0; - return; - } - /* else */ - for (i=(int)lh->num_alloc_nodes; ipmax=lh->num_alloc_nodes; - lh->num_alloc_nodes=j; - lh->num_expand_reallocs++; - lh->p=0; - lh->b=n; - } - } - -static void contract(LHASH *lh) - { - LHASH_NODE **n,*n1,*np; - - np=lh->b[lh->p+lh->pmax-1]; - lh->b[lh->p+lh->pmax-1]=NULL; /* 24/07-92 - eay - weird but :-( */ - if (lh->p == 0) - { - n=(LHASH_NODE **)OPENSSL_realloc(lh->b, - (unsigned int)(sizeof(LHASH_NODE *)*lh->pmax)); - if (n == NULL) - { -/* fputs("realloc error in lhash",stderr); */ - lh->error++; - return; - } - lh->num_contract_reallocs++; - lh->num_alloc_nodes/=2; - lh->pmax/=2; - lh->p=lh->pmax-1; - lh->b=n; - } - else - lh->p--; - - lh->num_nodes--; - lh->num_contracts++; - - n1=lh->b[(int)lh->p]; - if (n1 == NULL) - lh->b[(int)lh->p]=np; - else - { - while (n1->next != NULL) - n1=n1->next; - n1->next=np; - } - } - -static LHASH_NODE **getrn(LHASH *lh, void *data, unsigned long *rhash) - { - LHASH_NODE **ret,*n1; - unsigned long hash,nn; - int (*cf)(); - - hash=(*(lh->hash))(data); - lh->num_hash_calls++; - *rhash=hash; - - nn=hash%lh->pmax; - if (nn < lh->p) - nn=hash%lh->num_alloc_nodes; - - cf=lh->comp; - ret= &(lh->b[(int)nn]); - for (n1= *ret; n1 != NULL; n1=n1->next) - { -#ifndef NO_HASH_COMP - lh->num_hash_comps++; - if (n1->hash != hash) - { - ret= &(n1->next); - continue; - } -#endif - lh->num_comp_calls++; - if ((*cf)(n1->data,data) == 0) - break; - ret= &(n1->next); - } - return(ret); - } - -/* The following hash seems to work very well on normal text strings - * no collisions on /usr/dict/words and it distributes on %2^n quite - * well, not as good as MD5, but still good. - */ -unsigned long lh_strhash(const char *c) - { - unsigned long ret=0; - long n; - unsigned long v; - int r; - - if ((c == NULL) || (*c == '\0')) - return(ret); -/* - unsigned char b[16]; - MD5(c,strlen(c),b); - return(b[0]|(b[1]<<8)|(b[2]<<16)|(b[3]<<24)); -*/ - - n=0x100; - while (*c) - { - v=n|(*c); - n+=0x100; - r= (int)((v>>2)^v)&0x0f; - ret=(ret<>(32-r)); - ret&=0xFFFFFFFFL; - ret^=v*v; - c++; - } - return((ret>>16)^ret); - } - -unsigned long lh_num_items(LHASH *lh) - { - return lh ? lh->num_items : 0; - } diff --git a/src/lib/libcrypto/lhash/lhash.h b/src/lib/libcrypto/lhash/lhash.h deleted file mode 100644 index b8ff021906..0000000000 --- a/src/lib/libcrypto/lhash/lhash.h +++ /dev/null @@ -1,149 +0,0 @@ -/* crypto/lhash/lhash.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -/* Header for dynamic hash table routines - * Author - Eric Young - */ - -#ifndef HEADER_LHASH_H -#define HEADER_LHASH_H - -#ifndef NO_FP_API -#include -#endif - -#ifndef NO_BIO -#include -#endif - -#ifdef __cplusplus -extern "C" { -#endif - -typedef struct lhash_node_st - { - void *data; - struct lhash_node_st *next; -#ifndef NO_HASH_COMP - unsigned long hash; -#endif - } LHASH_NODE; - -typedef struct lhash_st - { - LHASH_NODE **b; - int (*comp)(); - unsigned long (*hash)(); - unsigned int num_nodes; - unsigned int num_alloc_nodes; - unsigned int p; - unsigned int pmax; - unsigned long up_load; /* load times 256 */ - unsigned long down_load; /* load times 256 */ - unsigned long num_items; - - unsigned long num_expands; - unsigned long num_expand_reallocs; - unsigned long num_contracts; - unsigned long num_contract_reallocs; - unsigned long num_hash_calls; - unsigned long num_comp_calls; - unsigned long num_insert; - unsigned long num_replace; - unsigned long num_delete; - unsigned long num_no_delete; - unsigned long num_retrieve; - unsigned long num_retrieve_miss; - unsigned long num_hash_comps; - - int error; - } LHASH; - -#define LH_LOAD_MULT 256 - -/* Indicates a malloc() error in the last call, this is only bad - * in lh_insert(). */ -#define lh_error(lh) ((lh)->error) - -LHASH *lh_new(unsigned long (*h)(/* void *a */), int (*c)(/* void *a,void *b */)); -void lh_free(LHASH *lh); -void *lh_insert(LHASH *lh, void *data); -void *lh_delete(LHASH *lh, void *data); -void *lh_retrieve(LHASH *lh, void *data); - void lh_doall(LHASH *lh, void (*func)(/*void *b*/)); -void lh_doall_arg(LHASH *lh, void (*func)(/*void *a,void *b*/),void *arg); -unsigned long lh_strhash(const char *c); -unsigned long lh_num_items(LHASH *lh); - -#ifndef NO_FP_API -void lh_stats(LHASH *lh, FILE *out); -void lh_node_stats(LHASH *lh, FILE *out); -void lh_node_usage_stats(LHASH *lh, FILE *out); -#endif - -#ifndef NO_BIO -void lh_stats_bio(LHASH *lh, BIO *out); -void lh_node_stats_bio(LHASH *lh, BIO *out); -void lh_node_usage_stats_bio(LHASH *lh, BIO *out); -#endif -#ifdef __cplusplus -} -#endif - -#endif - diff --git a/src/lib/libcrypto/md32_common.h b/src/lib/libcrypto/md32_common.h deleted file mode 100644 index 1a404a458d..0000000000 --- a/src/lib/libcrypto/md32_common.h +++ /dev/null @@ -1,607 +0,0 @@ -/* crypto/md32_common.h */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* - * This is a generic 32 bit "collector" for message digest algorithms. - * Whenever needed it collects input character stream into chunks of - * 32 bit values and invokes a block function that performs actual hash - * calculations. - * - * Porting guide. - * - * Obligatory macros: - * - * DATA_ORDER_IS_BIG_ENDIAN or DATA_ORDER_IS_LITTLE_ENDIAN - * this macro defines byte order of input stream. - * HASH_CBLOCK - * size of a unit chunk HASH_BLOCK operates on. - * HASH_LONG - * has to be at lest 32 bit wide, if it's wider, then - * HASH_LONG_LOG2 *has to* be defined along - * HASH_CTX - * context structure that at least contains following - * members: - * typedef struct { - * ... - * HASH_LONG Nl,Nh; - * HASH_LONG data[HASH_LBLOCK]; - * int num; - * ... - * } HASH_CTX; - * HASH_UPDATE - * name of "Update" function, implemented here. - * HASH_TRANSFORM - * name of "Transform" function, implemented here. - * HASH_FINAL - * name of "Final" function, implemented here. - * HASH_BLOCK_HOST_ORDER - * name of "block" function treating *aligned* input message - * in host byte order, implemented externally. - * HASH_BLOCK_DATA_ORDER - * name of "block" function treating *unaligned* input message - * in original (data) byte order, implemented externally (it - * actually is optional if data and host are of the same - * "endianess"). - * HASH_MAKE_STRING - * macro convering context variables to an ASCII hash string. - * - * Optional macros: - * - * B_ENDIAN or L_ENDIAN - * defines host byte-order. - * HASH_LONG_LOG2 - * defaults to 2 if not states otherwise. - * HASH_LBLOCK - * assumed to be HASH_CBLOCK/4 if not stated otherwise. - * HASH_BLOCK_DATA_ORDER_ALIGNED - * alternative "block" function capable of treating - * aligned input message in original (data) order, - * implemented externally. - * - * MD5 example: - * - * #define DATA_ORDER_IS_LITTLE_ENDIAN - * - * #define HASH_LONG MD5_LONG - * #define HASH_LONG_LOG2 MD5_LONG_LOG2 - * #define HASH_CTX MD5_CTX - * #define HASH_CBLOCK MD5_CBLOCK - * #define HASH_LBLOCK MD5_LBLOCK - * #define HASH_UPDATE MD5_Update - * #define HASH_TRANSFORM MD5_Transform - * #define HASH_FINAL MD5_Final - * #define HASH_BLOCK_HOST_ORDER md5_block_host_order - * #define HASH_BLOCK_DATA_ORDER md5_block_data_order - * - * - */ - -#if !defined(DATA_ORDER_IS_BIG_ENDIAN) && !defined(DATA_ORDER_IS_LITTLE_ENDIAN) -#error "DATA_ORDER must be defined!" -#endif - -#ifndef HASH_CBLOCK -#error "HASH_CBLOCK must be defined!" -#endif -#ifndef HASH_LONG -#error "HASH_LONG must be defined!" -#endif -#ifndef HASH_CTX -#error "HASH_CTX must be defined!" -#endif - -#ifndef HASH_UPDATE -#error "HASH_UPDATE must be defined!" -#endif -#ifndef HASH_TRANSFORM -#error "HASH_TRANSFORM must be defined!" -#endif -#ifndef HASH_FINAL -#error "HASH_FINAL must be defined!" -#endif - -#ifndef HASH_BLOCK_HOST_ORDER -#error "HASH_BLOCK_HOST_ORDER must be defined!" -#endif - -#if 0 -/* - * Moved below as it's required only if HASH_BLOCK_DATA_ORDER_ALIGNED - * isn't defined. - */ -#ifndef HASH_BLOCK_DATA_ORDER -#error "HASH_BLOCK_DATA_ORDER must be defined!" -#endif -#endif - -#ifndef HASH_LBLOCK -#define HASH_LBLOCK (HASH_CBLOCK/4) -#endif - -#ifndef HASH_LONG_LOG2 -#define HASH_LONG_LOG2 2 -#endif - -/* - * Engage compiler specific rotate intrinsic function if available. - */ -#undef ROTATE -#ifndef PEDANTIC -# if defined(_MSC_VER) -# define ROTATE(a,n) _lrotl(a,n) -# elif defined(__MWERKS__) -# if defined(__POWERPC__) -# define ROTATE(a,n) __rlwinm(a,n,0,31) -# elif defined(__MC68K__) - /* Motorola specific tweak. */ -# define ROTATE(a,n) ( n<24 ? __rol(a,n) : __ror(a,32-n) ) -# else -# define ROTATE(a,n) __rol(a,n) -# endif -# elif defined(__GNUC__) && __GNUC__>=2 && !defined(NO_ASM) && !defined(NO_INLINE_ASM) - /* - * Some GNU C inline assembler templates. Note that these are - * rotates by *constant* number of bits! But that's exactly - * what we need here... - * - * - */ -# if defined(__i386) -# define ROTATE(a,n) ({ register unsigned int ret; \ - asm ( \ - "roll %1,%0" \ - : "=r"(ret) \ - : "I"(n), "0"(a) \ - : "cc"); \ - ret; \ - }) -# elif defined(__powerpc) || defined(__ppc) -# define ROTATE(a,n) ({ register unsigned int ret; \ - asm ( \ - "rlwinm %0,%1,%2,0,31" \ - : "=r"(ret) \ - : "r"(a), "I"(n)); \ - ret; \ - }) -# endif -# endif - -/* - * Engage compiler specific "fetch in reverse byte order" - * intrinsic function if available. - */ -# if defined(__GNUC__) && __GNUC__>=2 && !defined(NO_ASM) && !defined(NO_INLINE_ASM) - /* some GNU C inline assembler templates by */ -# if defined(__i386) && !defined(I386_ONLY) -# define BE_FETCH32(a) ({ register unsigned int l=(a);\ - asm ( \ - "bswapl %0" \ - : "=r"(l) : "0"(l)); \ - l; \ - }) -# elif defined(__powerpc) -# define LE_FETCH32(a) ({ register unsigned int l; \ - asm ( \ - "lwbrx %0,0,%1" \ - : "=r"(l) \ - : "r"(a)); \ - l; \ - }) - -# elif defined(__sparc) && defined(ULTRASPARC) -# define LE_FETCH32(a) ({ register unsigned int l; \ - asm ( \ - "lda [%1]#ASI_PRIMARY_LITTLE,%0"\ - : "=r"(l) \ - : "r"(a)); \ - l; \ - }) -# endif -# endif -#endif /* PEDANTIC */ - -#if HASH_LONG_LOG2==2 /* Engage only if sizeof(HASH_LONG)== 4 */ -/* A nice byte order reversal from Wei Dai */ -#ifdef ROTATE -/* 5 instructions with rotate instruction, else 9 */ -#define REVERSE_FETCH32(a,l) ( \ - l=*(const HASH_LONG *)(a), \ - ((ROTATE(l,8)&0x00FF00FF)|(ROTATE((l&0x00FF00FF),24))) \ - ) -#else -/* 6 instructions with rotate instruction, else 8 */ -#define REVERSE_FETCH32(a,l) ( \ - l=*(const HASH_LONG *)(a), \ - l=(((l>>8)&0x00FF00FF)|((l&0x00FF00FF)<<8)), \ - ROTATE(l,16) \ - ) -/* - * Originally the middle line started with l=(((l&0xFF00FF00)>>8)|... - * It's rewritten as above for two reasons: - * - RISCs aren't good at long constants and have to explicitely - * compose 'em with several (well, usually 2) instructions in a - * register before performing the actual operation and (as you - * already realized:-) having same constant should inspire the - * compiler to permanently allocate the only register for it; - * - most modern CPUs have two ALUs, but usually only one has - * circuitry for shifts:-( this minor tweak inspires compiler - * to schedule shift instructions in a better way... - * - * - */ -#endif -#endif - -#ifndef ROTATE -#define ROTATE(a,n) (((a)<<(n))|(((a)&0xffffffff)>>(32-(n)))) -#endif - -/* - * Make some obvious choices. E.g., HASH_BLOCK_DATA_ORDER_ALIGNED - * and HASH_BLOCK_HOST_ORDER ought to be the same if input data - * and host are of the same "endianess". It's possible to mask - * this with blank #define HASH_BLOCK_DATA_ORDER though... - * - * - */ -#if defined(B_ENDIAN) -# if defined(DATA_ORDER_IS_BIG_ENDIAN) -# if !defined(HASH_BLOCK_DATA_ORDER_ALIGNED) && HASH_LONG_LOG2==2 -# define HASH_BLOCK_DATA_ORDER_ALIGNED HASH_BLOCK_HOST_ORDER -# endif -# elif defined(DATA_ORDER_IS_LITTLE_ENDIAN) -# ifndef HOST_FETCH32 -# ifdef LE_FETCH32 -# define HOST_FETCH32(p,l) LE_FETCH32(p) -# elif defined(REVERSE_FETCH32) -# define HOST_FETCH32(p,l) REVERSE_FETCH32(p,l) -# endif -# endif -# endif -#elif defined(L_ENDIAN) -# if defined(DATA_ORDER_IS_LITTLE_ENDIAN) -# if !defined(HASH_BLOCK_DATA_ORDER_ALIGNED) && HASH_LONG_LOG2==2 -# define HASH_BLOCK_DATA_ORDER_ALIGNED HASH_BLOCK_HOST_ORDER -# endif -# elif defined(DATA_ORDER_IS_BIG_ENDIAN) -# ifndef HOST_FETCH32 -# ifdef BE_FETCH32 -# define HOST_FETCH32(p,l) BE_FETCH32(p) -# elif defined(REVERSE_FETCH32) -# define HOST_FETCH32(p,l) REVERSE_FETCH32(p,l) -# endif -# endif -# endif -#endif - -#if !defined(HASH_BLOCK_DATA_ORDER_ALIGNED) -#ifndef HASH_BLOCK_DATA_ORDER -#error "HASH_BLOCK_DATA_ORDER must be defined!" -#endif -#endif - -#if defined(DATA_ORDER_IS_BIG_ENDIAN) - -#define HOST_c2l(c,l) (l =(((unsigned long)(*((c)++)))<<24), \ - l|=(((unsigned long)(*((c)++)))<<16), \ - l|=(((unsigned long)(*((c)++)))<< 8), \ - l|=(((unsigned long)(*((c)++))) ), \ - l) -#define HOST_p_c2l(c,l,n) { \ - switch (n) { \ - case 0: l =((unsigned long)(*((c)++)))<<24; \ - case 1: l|=((unsigned long)(*((c)++)))<<16; \ - case 2: l|=((unsigned long)(*((c)++)))<< 8; \ - case 3: l|=((unsigned long)(*((c)++))); \ - } } -#define HOST_p_c2l_p(c,l,sc,len) { \ - switch (sc) { \ - case 0: l =((unsigned long)(*((c)++)))<<24; \ - if (--len == 0) break; \ - case 1: l|=((unsigned long)(*((c)++)))<<16; \ - if (--len == 0) break; \ - case 2: l|=((unsigned long)(*((c)++)))<< 8; \ - } } -/* NOTE the pointer is not incremented at the end of this */ -#define HOST_c2l_p(c,l,n) { \ - l=0; (c)+=n; \ - switch (n) { \ - case 3: l =((unsigned long)(*(--(c))))<< 8; \ - case 2: l|=((unsigned long)(*(--(c))))<<16; \ - case 1: l|=((unsigned long)(*(--(c))))<<24; \ - } } -#define HOST_l2c(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \ - *((c)++)=(unsigned char)(((l)>>16)&0xff), \ - *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ - *((c)++)=(unsigned char)(((l) )&0xff), \ - l) - -#elif defined(DATA_ORDER_IS_LITTLE_ENDIAN) - -#define HOST_c2l(c,l) (l =(((unsigned long)(*((c)++))) ), \ - l|=(((unsigned long)(*((c)++)))<< 8), \ - l|=(((unsigned long)(*((c)++)))<<16), \ - l|=(((unsigned long)(*((c)++)))<<24), \ - l) -#define HOST_p_c2l(c,l,n) { \ - switch (n) { \ - case 0: l =((unsigned long)(*((c)++))); \ - case 1: l|=((unsigned long)(*((c)++)))<< 8; \ - case 2: l|=((unsigned long)(*((c)++)))<<16; \ - case 3: l|=((unsigned long)(*((c)++)))<<24; \ - } } -#define HOST_p_c2l_p(c,l,sc,len) { \ - switch (sc) { \ - case 0: l =((unsigned long)(*((c)++))); \ - if (--len == 0) break; \ - case 1: l|=((unsigned long)(*((c)++)))<< 8; \ - if (--len == 0) break; \ - case 2: l|=((unsigned long)(*((c)++)))<<16; \ - } } -/* NOTE the pointer is not incremented at the end of this */ -#define HOST_c2l_p(c,l,n) { \ - l=0; (c)+=n; \ - switch (n) { \ - case 3: l =((unsigned long)(*(--(c))))<<16; \ - case 2: l|=((unsigned long)(*(--(c))))<< 8; \ - case 1: l|=((unsigned long)(*(--(c)))); \ - } } -#define HOST_l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \ - *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ - *((c)++)=(unsigned char)(((l)>>16)&0xff), \ - *((c)++)=(unsigned char)(((l)>>24)&0xff), \ - l) - -#endif - -/* - * Time for some action:-) - */ - -void HASH_UPDATE (HASH_CTX *c, const void *data_, unsigned long len) - { - const unsigned char *data=data_; - register HASH_LONG * p; - register unsigned long l; - int sw,sc,ew,ec; - - if (len==0) return; - - l=(c->Nl+(len<<3))&0xffffffffL; - /* 95-05-24 eay Fixed a bug with the overflow handling, thanks to - * Wei Dai for pointing it out. */ - if (l < c->Nl) /* overflow */ - c->Nh++; - c->Nh+=(len>>29); - c->Nl=l; - - if (c->num != 0) - { - p=c->data; - sw=c->num>>2; - sc=c->num&0x03; - - if ((c->num+len) >= HASH_CBLOCK) - { - l=p[sw]; HOST_p_c2l(data,l,sc); p[sw++]=l; - for (; swnum); - c->num=0; - /* drop through and do the rest */ - } - else - { - c->num+=len; - if ((sc+len) < 4) /* ugly, add char's to a word */ - { - l=p[sw]; HOST_p_c2l_p(data,l,sc,len); p[sw]=l; - } - else - { - ew=(c->num>>2); - ec=(c->num&0x03); - l=p[sw]; HOST_p_c2l(data,l,sc); p[sw++]=l; - for (; sw < ew; sw++) - { - HOST_c2l(data,l); p[sw]=l; - } - if (ec) - { - HOST_c2l_p(data,l,ec); p[sw]=l; - } - } - return; - } - } - - sw=len/HASH_CBLOCK; - if (sw > 0) - { -#if defined(HASH_BLOCK_DATA_ORDER_ALIGNED) - /* - * Note that HASH_BLOCK_DATA_ORDER_ALIGNED gets defined - * only if sizeof(HASH_LONG)==4. - */ - if ((((unsigned long)data)%4) == 0) - { - /* data is properly aligned so that we can cast it: */ - HASH_BLOCK_DATA_ORDER_ALIGNED (c,(HASH_LONG *)data,sw); - sw*=HASH_CBLOCK; - data+=sw; - len-=sw; - } - else -#if !defined(HASH_BLOCK_DATA_ORDER) - while (sw--) - { - memcpy (p=c->data,data,HASH_CBLOCK); - HASH_BLOCK_DATA_ORDER_ALIGNED(c,p,1); - data+=HASH_CBLOCK; - len-=HASH_CBLOCK; - } -#endif -#endif -#if defined(HASH_BLOCK_DATA_ORDER) - { - HASH_BLOCK_DATA_ORDER(c,data,sw); - sw*=HASH_CBLOCK; - data+=sw; - len-=sw; - } -#endif - } - - if (len!=0) - { - p = c->data; - c->num = len; - ew=len>>2; /* words to copy */ - ec=len&0x03; - for (; ew; ew--,p++) - { - HOST_c2l(data,l); *p=l; - } - HOST_c2l_p(data,l,ec); - *p=l; - } - } - - -void HASH_TRANSFORM (HASH_CTX *c, const unsigned char *data) - { -#if defined(HASH_BLOCK_DATA_ORDER_ALIGNED) - if ((((unsigned long)data)%4) == 0) - /* data is properly aligned so that we can cast it: */ - HASH_BLOCK_DATA_ORDER_ALIGNED (c,(HASH_LONG *)data,1); - else -#if !defined(HASH_BLOCK_DATA_ORDER) - { - memcpy (c->data,data,HASH_CBLOCK); - HASH_BLOCK_DATA_ORDER_ALIGNED (c,c->data,1); - } -#endif -#endif -#if defined(HASH_BLOCK_DATA_ORDER) - HASH_BLOCK_DATA_ORDER (c,data,1); -#endif - } - - -void HASH_FINAL (unsigned char *md, HASH_CTX *c) - { - register HASH_LONG *p; - register unsigned long l; - register int i,j; - static const unsigned char end[4]={0x80,0x00,0x00,0x00}; - const unsigned char *cp=end; - - /* c->num should definitly have room for at least one more byte. */ - p=c->data; - i=c->num>>2; - j=c->num&0x03; - -#if 0 - /* purify often complains about the following line as an - * Uninitialized Memory Read. While this can be true, the - * following p_c2l macro will reset l when that case is true. - * This is because j&0x03 contains the number of 'valid' bytes - * already in p[i]. If and only if j&0x03 == 0, the UMR will - * occur but this is also the only time p_c2l will do - * l= *(cp++) instead of l|= *(cp++) - * Many thanks to Alex Tang for pickup this - * 'potential bug' */ -#ifdef PURIFY - if (j==0) p[i]=0; /* Yeah, but that's not the way to fix it:-) */ -#endif - l=p[i]; -#else - l = (j==0) ? 0 : p[i]; -#endif - HOST_p_c2l(cp,l,j); p[i++]=l; /* i is the next 'undefined word' */ - - if (i>(HASH_LBLOCK-2)) /* save room for Nl and Nh */ - { - if (iNh; - p[HASH_LBLOCK-1]=c->Nl; -#elif defined(DATA_ORDER_IS_LITTLE_ENDIAN) - p[HASH_LBLOCK-2]=c->Nl; - p[HASH_LBLOCK-1]=c->Nh; -#endif - HASH_BLOCK_HOST_ORDER (c,p,1); - -#ifndef HASH_MAKE_STRING -#error "HASH_MAKE_STRING must be defined!" -#else - HASH_MAKE_STRING(c,md); -#endif - - c->num=0; - /* clear stuff, HASH_BLOCK may be leaving some stuff on the stack - * but I'm not worried :-) - memset((void *)c,0,sizeof(HASH_CTX)); - */ - } diff --git a/src/lib/libcrypto/md4/md4.h b/src/lib/libcrypto/md4/md4.h deleted file mode 100644 index c794e186db..0000000000 --- a/src/lib/libcrypto/md4/md4.h +++ /dev/null @@ -1,114 +0,0 @@ -/* crypto/md4/md4.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_MD4_H -#define HEADER_MD4_H - -#ifdef __cplusplus -extern "C" { -#endif - -#ifdef NO_MD4 -#error MD4 is disabled. -#endif - -/* - * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - * ! MD4_LONG has to be at least 32 bits wide. If it's wider, then ! - * ! MD4_LONG_LOG2 has to be defined along. ! - * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - */ - -#if defined(WIN16) || defined(__LP32__) -#define MD4_LONG unsigned long -#elif defined(_CRAY) || defined(__ILP64__) -#define MD4_LONG unsigned long -#define MD4_LONG_LOG2 3 -/* - * _CRAY note. I could declare short, but I have no idea what impact - * does it have on performance on none-T3E machines. I could declare - * int, but at least on C90 sizeof(int) can be chosen at compile time. - * So I've chosen long... - * - */ -#else -#define MD4_LONG unsigned int -#endif - -#define MD4_CBLOCK 64 -#define MD4_LBLOCK (MD4_CBLOCK/4) -#define MD4_DIGEST_LENGTH 16 - -typedef struct MD4state_st - { - MD4_LONG A,B,C,D; - MD4_LONG Nl,Nh; - MD4_LONG data[MD4_LBLOCK]; - int num; - } MD4_CTX; - -void MD4_Init(MD4_CTX *c); -void MD4_Update(MD4_CTX *c, const void *data, unsigned long len); -void MD4_Final(unsigned char *md, MD4_CTX *c); -unsigned char *MD4(const unsigned char *d, unsigned long n, unsigned char *md); -void MD4_Transform(MD4_CTX *c, const unsigned char *b); -#ifdef __cplusplus -} -#endif - -#endif diff --git a/src/lib/libcrypto/md4/md4_dgst.c b/src/lib/libcrypto/md4/md4_dgst.c deleted file mode 100644 index 81488ae2e2..0000000000 --- a/src/lib/libcrypto/md4/md4_dgst.c +++ /dev/null @@ -1,285 +0,0 @@ -/* crypto/md4/md4_dgst.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "md4_locl.h" -#include - -const char *MD4_version="MD4" OPENSSL_VERSION_PTEXT; - -/* Implemented from RFC1186 The MD4 Message-Digest Algorithm - */ - -#define INIT_DATA_A (unsigned long)0x67452301L -#define INIT_DATA_B (unsigned long)0xefcdab89L -#define INIT_DATA_C (unsigned long)0x98badcfeL -#define INIT_DATA_D (unsigned long)0x10325476L - -void MD4_Init(MD4_CTX *c) - { - c->A=INIT_DATA_A; - c->B=INIT_DATA_B; - c->C=INIT_DATA_C; - c->D=INIT_DATA_D; - c->Nl=0; - c->Nh=0; - c->num=0; - } - -#ifndef md4_block_host_order -void md4_block_host_order (MD4_CTX *c, const void *data, int num) - { - const MD4_LONG *X=data; - register unsigned long A,B,C,D; - /* - * In case you wonder why A-D are declared as long and not - * as MD4_LONG. Doing so results in slight performance - * boost on LP64 architectures. The catch is we don't - * really care if 32 MSBs of a 64-bit register get polluted - * with eventual overflows as we *save* only 32 LSBs in - * *either* case. Now declaring 'em long excuses the compiler - * from keeping 32 MSBs zeroed resulting in 13% performance - * improvement under SPARC Solaris7/64 and 5% under AlphaLinux. - * Well, to be honest it should say that this *prevents* - * performance degradation. - * - * - */ - - A=c->A; - B=c->B; - C=c->C; - D=c->D; - - for (;num--;X+=HASH_LBLOCK) - { - /* Round 0 */ - R0(A,B,C,D,X[ 0], 3,0); - R0(D,A,B,C,X[ 1], 7,0); - R0(C,D,A,B,X[ 2],11,0); - R0(B,C,D,A,X[ 3],19,0); - R0(A,B,C,D,X[ 4], 3,0); - R0(D,A,B,C,X[ 5], 7,0); - R0(C,D,A,B,X[ 6],11,0); - R0(B,C,D,A,X[ 7],19,0); - R0(A,B,C,D,X[ 8], 3,0); - R0(D,A,B,C,X[ 9], 7,0); - R0(C,D,A,B,X[10],11,0); - R0(B,C,D,A,X[11],19,0); - R0(A,B,C,D,X[12], 3,0); - R0(D,A,B,C,X[13], 7,0); - R0(C,D,A,B,X[14],11,0); - R0(B,C,D,A,X[15],19,0); - /* Round 1 */ - R1(A,B,C,D,X[ 0], 3,0x5A827999L); - R1(D,A,B,C,X[ 4], 5,0x5A827999L); - R1(C,D,A,B,X[ 8], 9,0x5A827999L); - R1(B,C,D,A,X[12],13,0x5A827999L); - R1(A,B,C,D,X[ 1], 3,0x5A827999L); - R1(D,A,B,C,X[ 5], 5,0x5A827999L); - R1(C,D,A,B,X[ 9], 9,0x5A827999L); - R1(B,C,D,A,X[13],13,0x5A827999L); - R1(A,B,C,D,X[ 2], 3,0x5A827999L); - R1(D,A,B,C,X[ 6], 5,0x5A827999L); - R1(C,D,A,B,X[10], 9,0x5A827999L); - R1(B,C,D,A,X[14],13,0x5A827999L); - R1(A,B,C,D,X[ 3], 3,0x5A827999L); - R1(D,A,B,C,X[ 7], 5,0x5A827999L); - R1(C,D,A,B,X[11], 9,0x5A827999L); - R1(B,C,D,A,X[15],13,0x5A827999L); - /* Round 2 */ - R2(A,B,C,D,X[ 0], 3,0x6ED9EBA1); - R2(D,A,B,C,X[ 8], 9,0x6ED9EBA1); - R2(C,D,A,B,X[ 4],11,0x6ED9EBA1); - R2(B,C,D,A,X[12],15,0x6ED9EBA1); - R2(A,B,C,D,X[ 2], 3,0x6ED9EBA1); - R2(D,A,B,C,X[10], 9,0x6ED9EBA1); - R2(C,D,A,B,X[ 6],11,0x6ED9EBA1); - R2(B,C,D,A,X[14],15,0x6ED9EBA1); - R2(A,B,C,D,X[ 1], 3,0x6ED9EBA1); - R2(D,A,B,C,X[ 9], 9,0x6ED9EBA1); - R2(C,D,A,B,X[ 5],11,0x6ED9EBA1); - R2(B,C,D,A,X[13],15,0x6ED9EBA1); - R2(A,B,C,D,X[ 3], 3,0x6ED9EBA1); - R2(D,A,B,C,X[11], 9,0x6ED9EBA1); - R2(C,D,A,B,X[ 7],11,0x6ED9EBA1); - R2(B,C,D,A,X[15],15,0x6ED9EBA1); - - A = c->A += A; - B = c->B += B; - C = c->C += C; - D = c->D += D; - } - } -#endif - -#ifndef md4_block_data_order -#ifdef X -#undef X -#endif -void md4_block_data_order (MD4_CTX *c, const void *data_, int num) - { - const unsigned char *data=data_; - register unsigned long A,B,C,D,l; - /* - * In case you wonder why A-D are declared as long and not - * as MD4_LONG. Doing so results in slight performance - * boost on LP64 architectures. The catch is we don't - * really care if 32 MSBs of a 64-bit register get polluted - * with eventual overflows as we *save* only 32 LSBs in - * *either* case. Now declaring 'em long excuses the compiler - * from keeping 32 MSBs zeroed resulting in 13% performance - * improvement under SPARC Solaris7/64 and 5% under AlphaLinux. - * Well, to be honest it should say that this *prevents* - * performance degradation. - * - * - */ -#ifndef MD32_XARRAY - /* See comment in crypto/sha/sha_locl.h for details. */ - unsigned long XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7, - XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15; -# define X(i) XX##i -#else - MD4_LONG XX[MD4_LBLOCK]; -# define X(i) XX[i] -#endif - - A=c->A; - B=c->B; - C=c->C; - D=c->D; - - for (;num--;) - { - HOST_c2l(data,l); X( 0)=l; HOST_c2l(data,l); X( 1)=l; - /* Round 0 */ - R0(A,B,C,D,X( 0), 3,0); HOST_c2l(data,l); X( 2)=l; - R0(D,A,B,C,X( 1), 7,0); HOST_c2l(data,l); X( 3)=l; - R0(C,D,A,B,X( 2),11,0); HOST_c2l(data,l); X( 4)=l; - R0(B,C,D,A,X( 3),19,0); HOST_c2l(data,l); X( 5)=l; - R0(A,B,C,D,X( 4), 3,0); HOST_c2l(data,l); X( 6)=l; - R0(D,A,B,C,X( 5), 7,0); HOST_c2l(data,l); X( 7)=l; - R0(C,D,A,B,X( 6),11,0); HOST_c2l(data,l); X( 8)=l; - R0(B,C,D,A,X( 7),19,0); HOST_c2l(data,l); X( 9)=l; - R0(A,B,C,D,X( 8), 3,0); HOST_c2l(data,l); X(10)=l; - R0(D,A,B,C,X( 9), 7,0); HOST_c2l(data,l); X(11)=l; - R0(C,D,A,B,X(10),11,0); HOST_c2l(data,l); X(12)=l; - R0(B,C,D,A,X(11),19,0); HOST_c2l(data,l); X(13)=l; - R0(A,B,C,D,X(12), 3,0); HOST_c2l(data,l); X(14)=l; - R0(D,A,B,C,X(13), 7,0); HOST_c2l(data,l); X(15)=l; - R0(C,D,A,B,X(14),11,0); - R0(B,C,D,A,X(15),19,0); - /* Round 1 */ - R1(A,B,C,D,X( 0), 3,0x5A827999L); - R1(D,A,B,C,X( 4), 5,0x5A827999L); - R1(C,D,A,B,X( 8), 9,0x5A827999L); - R1(B,C,D,A,X(12),13,0x5A827999L); - R1(A,B,C,D,X( 1), 3,0x5A827999L); - R1(D,A,B,C,X( 5), 5,0x5A827999L); - R1(C,D,A,B,X( 9), 9,0x5A827999L); - R1(B,C,D,A,X(13),13,0x5A827999L); - R1(A,B,C,D,X( 2), 3,0x5A827999L); - R1(D,A,B,C,X( 6), 5,0x5A827999L); - R1(C,D,A,B,X(10), 9,0x5A827999L); - R1(B,C,D,A,X(14),13,0x5A827999L); - R1(A,B,C,D,X( 3), 3,0x5A827999L); - R1(D,A,B,C,X( 7), 5,0x5A827999L); - R1(C,D,A,B,X(11), 9,0x5A827999L); - R1(B,C,D,A,X(15),13,0x5A827999L); - /* Round 2 */ - R2(A,B,C,D,X( 0), 3,0x6ED9EBA1L); - R2(D,A,B,C,X( 8), 9,0x6ED9EBA1L); - R2(C,D,A,B,X( 4),11,0x6ED9EBA1L); - R2(B,C,D,A,X(12),15,0x6ED9EBA1L); - R2(A,B,C,D,X( 2), 3,0x6ED9EBA1L); - R2(D,A,B,C,X(10), 9,0x6ED9EBA1L); - R2(C,D,A,B,X( 6),11,0x6ED9EBA1L); - R2(B,C,D,A,X(14),15,0x6ED9EBA1L); - R2(A,B,C,D,X( 1), 3,0x6ED9EBA1L); - R2(D,A,B,C,X( 9), 9,0x6ED9EBA1L); - R2(C,D,A,B,X( 5),11,0x6ED9EBA1L); - R2(B,C,D,A,X(13),15,0x6ED9EBA1L); - R2(A,B,C,D,X( 3), 3,0x6ED9EBA1L); - R2(D,A,B,C,X(11), 9,0x6ED9EBA1L); - R2(C,D,A,B,X( 7),11,0x6ED9EBA1L); - R2(B,C,D,A,X(15),15,0x6ED9EBA1L); - - A = c->A += A; - B = c->B += B; - C = c->C += C; - D = c->D += D; - } - } -#endif - -#ifdef undef -int printit(unsigned long *l) - { - int i,ii; - - for (i=0; i<2; i++) - { - for (ii=0; ii<8; ii++) - { - fprintf(stderr,"%08lx ",l[i*8+ii]); - } - fprintf(stderr,"\n"); - } - } -#endif diff --git a/src/lib/libcrypto/md4/md4_locl.h b/src/lib/libcrypto/md4/md4_locl.h deleted file mode 100644 index 0a2b39018d..0000000000 --- a/src/lib/libcrypto/md4/md4_locl.h +++ /dev/null @@ -1,154 +0,0 @@ -/* crypto/md4/md4_locl.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include - -#ifndef MD4_LONG_LOG2 -#define MD4_LONG_LOG2 2 /* default to 32 bits */ -#endif - -void md4_block_host_order (MD4_CTX *c, const void *p,int num); -void md4_block_data_order (MD4_CTX *c, const void *p,int num); - -#if defined(__i386) || defined(_M_IX86) || defined(__INTEL__) -/* - * *_block_host_order is expected to handle aligned data while - * *_block_data_order - unaligned. As algorithm and host (x86) - * are in this case of the same "endianness" these two are - * otherwise indistinguishable. But normally you don't want to - * call the same function because unaligned access in places - * where alignment is expected is usually a "Bad Thing". Indeed, - * on RISCs you get punished with BUS ERROR signal or *severe* - * performance degradation. Intel CPUs are in turn perfectly - * capable of loading unaligned data without such drastic side - * effect. Yes, they say it's slower than aligned load, but no - * exception is generated and therefore performance degradation - * is *incomparable* with RISCs. What we should weight here is - * costs of unaligned access against costs of aligning data. - * According to my measurements allowing unaligned access results - * in ~9% performance improvement on Pentium II operating at - * 266MHz. I won't be surprised if the difference will be higher - * on faster systems:-) - * - * - */ -#define md4_block_data_order md4_block_host_order -#endif - -#define DATA_ORDER_IS_LITTLE_ENDIAN - -#define HASH_LONG MD4_LONG -#define HASH_LONG_LOG2 MD4_LONG_LOG2 -#define HASH_CTX MD4_CTX -#define HASH_CBLOCK MD4_CBLOCK -#define HASH_LBLOCK MD4_LBLOCK -#define HASH_UPDATE MD4_Update -#define HASH_TRANSFORM MD4_Transform -#define HASH_FINAL MD4_Final -#define HASH_MAKE_STRING(c,s) do { \ - unsigned long ll; \ - ll=(c)->A; HOST_l2c(ll,(s)); \ - ll=(c)->B; HOST_l2c(ll,(s)); \ - ll=(c)->C; HOST_l2c(ll,(s)); \ - ll=(c)->D; HOST_l2c(ll,(s)); \ - } while (0) -#define HASH_BLOCK_HOST_ORDER md4_block_host_order -#if !defined(L_ENDIAN) || defined(md4_block_data_order) -#define HASH_BLOCK_DATA_ORDER md4_block_data_order -/* - * Little-endians (Intel and Alpha) feel better without this. - * It looks like memcpy does better job than generic - * md4_block_data_order on copying-n-aligning input data. - * But frankly speaking I didn't expect such result on Alpha. - * On the other hand I've got this with egcs-1.0.2 and if - * program is compiled with another (better?) compiler it - * might turn out other way around. - * - * - */ -#endif - -#include "md32_common.h" - -/* -#define F(x,y,z) (((x) & (y)) | ((~(x)) & (z))) -#define G(x,y,z) (((x) & (y)) | ((x) & ((z))) | ((y) & ((z)))) -*/ - -/* As pointed out by Wei Dai , the above can be - * simplified to the code below. Wei attributes these optimizations - * to Peter Gutmann's SHS code, and he attributes it to Rich Schroeppel. - */ -#define F(b,c,d) ((((c) ^ (d)) & (b)) ^ (d)) -#define G(b,c,d) (((b) & (c)) | ((b) & (d)) | ((c) & (d))) -#define H(b,c,d) ((b) ^ (c) ^ (d)) - -#define R0(a,b,c,d,k,s,t) { \ - a+=((k)+(t)+F((b),(c),(d))); \ - a=ROTATE(a,s); }; - -#define R1(a,b,c,d,k,s,t) { \ - a+=((k)+(t)+G((b),(c),(d))); \ - a=ROTATE(a,s); };\ - -#define R2(a,b,c,d,k,s,t) { \ - a+=((k)+(t)+H((b),(c),(d))); \ - a=ROTATE(a,s); }; diff --git a/src/lib/libcrypto/md4/md4_one.c b/src/lib/libcrypto/md4/md4_one.c deleted file mode 100644 index 87a995d38d..0000000000 --- a/src/lib/libcrypto/md4/md4_one.c +++ /dev/null @@ -1,95 +0,0 @@ -/* crypto/md4/md4_one.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include - -#ifdef CHARSET_EBCDIC -#include -#endif - -unsigned char *MD4(const unsigned char *d, unsigned long n, unsigned char *md) - { - MD4_CTX c; - static unsigned char m[MD4_DIGEST_LENGTH]; - - if (md == NULL) md=m; - MD4_Init(&c); -#ifndef CHARSET_EBCDIC - MD4_Update(&c,d,n); -#else - { - char temp[1024]; - unsigned long chunk; - - while (n > 0) - { - chunk = (n > sizeof(temp)) ? sizeof(temp) : n; - ebcdic2ascii(temp, d, chunk); - MD4_Update(&c,temp,chunk); - n -= chunk; - d += chunk; - } - } -#endif - MD4_Final(md,&c); - memset(&c,0,sizeof(c)); /* security consideration */ - return(md); - } - diff --git a/src/lib/libcrypto/md5/asm/md5-586.pl b/src/lib/libcrypto/md5/asm/md5-586.pl deleted file mode 100644 index 5fc6a205ce..0000000000 --- a/src/lib/libcrypto/md5/asm/md5-586.pl +++ /dev/null @@ -1,306 +0,0 @@ -#!/usr/local/bin/perl - -# Normal is the -# md5_block_x86(MD5_CTX *c, ULONG *X); -# version, non-normal is the -# md5_block_x86(MD5_CTX *c, ULONG *X,int blocks); - -$normal=0; - -push(@INC,"perlasm","../../perlasm"); -require "x86asm.pl"; - -&asm_init($ARGV[0],$0); - -$A="eax"; -$B="ebx"; -$C="ecx"; -$D="edx"; -$tmp1="edi"; -$tmp2="ebp"; -$X="esi"; - -# What we need to load into $tmp for the next round -%Ltmp1=("R0",&Np($C), "R1",&Np($C), "R2",&Np($C), "R3",&Np($D)); -@xo=( - 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, # R0 - 1, 6, 11, 0, 5, 10, 15, 4, 9, 14, 3, 8, 13, 2, 7, 12, # R1 - 5, 8, 11, 14, 1, 4, 7, 10, 13, 0, 3, 6, 9, 12, 15, 2, # R2 - 0, 7, 14, 5, 12, 3, 10, 1, 8, 15, 6, 13, 4, 11, 2, 9, # R3 - ); - -&md5_block("md5_block_asm_host_order"); -&asm_finish(); - -sub Np - { - local($p)=@_; - local(%n)=($A,$D,$B,$A,$C,$B,$D,$C); - return($n{$p}); - } - -sub R0 - { - local($pos,$a,$b,$c,$d,$K,$ki,$s,$t)=@_; - - &mov($tmp1,$C) if $pos < 0; - &mov($tmp2,&DWP($xo[$ki]*4,$K,"",0)) if $pos < 0; # very first one - - # body proper - - &comment("R0 $ki"); - &xor($tmp1,$d); # F function - part 2 - - &and($tmp1,$b); # F function - part 3 - &lea($a,&DWP($t,$a,$tmp2,1)); - - &xor($tmp1,$d); # F function - part 4 - - &add($a,$tmp1); - &mov($tmp1,&Np($c)) if $pos < 1; # next tmp1 for R0 - &mov($tmp1,&Np($c)) if $pos == 1; # next tmp1 for R1 - - &rotl($a,$s); - - &mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0)) if ($pos != 2); - - &add($a,$b); - } - -sub R1 - { - local($pos,$a,$b,$c,$d,$K,$ki,$s,$t)=@_; - - &comment("R1 $ki"); - - &lea($a,&DWP($t,$a,$tmp2,1)); - - &xor($tmp1,$b); # G function - part 2 - &and($tmp1,$d); # G function - part 3 - - &mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0)) if ($pos != 2); - &xor($tmp1,$c); # G function - part 4 - - &add($a,$tmp1); - &mov($tmp1,&Np($c)) if $pos < 1; # G function - part 1 - &mov($tmp1,&Np($c)) if $pos == 1; # G function - part 1 - - &rotl($a,$s); - - &add($a,$b); - } - -sub R2 - { - local($n,$pos,$a,$b,$c,$d,$K,$ki,$s,$t)=@_; - # This one is different, only 3 logical operations - -if (($n & 1) == 0) - { - &comment("R2 $ki"); - # make sure to do 'D' first, not 'B', else we clash with - # the last add from the previous round. - - &xor($tmp1,$d); # H function - part 2 - - &xor($tmp1,$b); # H function - part 3 - &lea($a,&DWP($t,$a,$tmp2,1)); - - &add($a,$tmp1); - - &rotl($a,$s); - - &mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0)); - &mov($tmp1,&Np($c)); - } -else - { - &comment("R2 $ki"); - # make sure to do 'D' first, not 'B', else we clash with - # the last add from the previous round. - - &lea($a,&DWP($t,$a,$tmp2,1)); - - &add($b,$c); # MOVED FORWARD - &xor($tmp1,$d); # H function - part 2 - - &xor($tmp1,$b); # H function - part 3 - &mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0)) if ($pos != 2); - - &add($a,$tmp1); - &mov($tmp1,&Np($c)) if $pos < 1; # H function - part 1 - &mov($tmp1,-1) if $pos == 1; # I function - part 1 - - &rotl($a,$s); - - &add($a,$b); - } - } - -sub R3 - { - local($pos,$a,$b,$c,$d,$K,$ki,$s,$t)=@_; - - &comment("R3 $ki"); - - # ¬($tmp1) - &xor($tmp1,$d) if $pos < 0; # I function - part 2 - - &or($tmp1,$b); # I function - part 3 - &lea($a,&DWP($t,$a,$tmp2,1)); - - &xor($tmp1,$c); # I function - part 4 - &mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0)) if $pos != 2; # load X/k value - &mov($tmp2,&wparam(0)) if $pos == 2; - - &add($a,$tmp1); - &mov($tmp1,-1) if $pos < 1; # H function - part 1 - &add($K,64) if $pos >=1 && !$normal; - - &rotl($a,$s); - - &xor($tmp1,&Np($d)) if $pos <= 0; # I function - part = first time - &mov($tmp1,&DWP( 0,$tmp2,"",0)) if $pos > 0; - &add($a,$b); - } - - -sub md5_block - { - local($name)=@_; - - &function_begin_B($name,"",3); - - # parameter 1 is the MD5_CTX structure. - # A 0 - # B 4 - # C 8 - # D 12 - - &push("esi"); - &push("edi"); - &mov($tmp1, &wparam(0)); # edi - &mov($X, &wparam(1)); # esi - &mov($C, &wparam(2)); - &push("ebp"); - &shl($C, 6); - &push("ebx"); - &add($C, $X); # offset we end at - &sub($C, 64); - &mov($A, &DWP( 0,$tmp1,"",0)); - &push($C); # Put on the TOS - &mov($B, &DWP( 4,$tmp1,"",0)); - &mov($C, &DWP( 8,$tmp1,"",0)); - &mov($D, &DWP(12,$tmp1,"",0)); - - &set_label("start") unless $normal; - &comment(""); - &comment("R0 section"); - - &R0(-2,$A,$B,$C,$D,$X, 0, 7,0xd76aa478); - &R0( 0,$D,$A,$B,$C,$X, 1,12,0xe8c7b756); - &R0( 0,$C,$D,$A,$B,$X, 2,17,0x242070db); - &R0( 0,$B,$C,$D,$A,$X, 3,22,0xc1bdceee); - &R0( 0,$A,$B,$C,$D,$X, 4, 7,0xf57c0faf); - &R0( 0,$D,$A,$B,$C,$X, 5,12,0x4787c62a); - &R0( 0,$C,$D,$A,$B,$X, 6,17,0xa8304613); - &R0( 0,$B,$C,$D,$A,$X, 7,22,0xfd469501); - &R0( 0,$A,$B,$C,$D,$X, 8, 7,0x698098d8); - &R0( 0,$D,$A,$B,$C,$X, 9,12,0x8b44f7af); - &R0( 0,$C,$D,$A,$B,$X,10,17,0xffff5bb1); - &R0( 0,$B,$C,$D,$A,$X,11,22,0x895cd7be); - &R0( 0,$A,$B,$C,$D,$X,12, 7,0x6b901122); - &R0( 0,$D,$A,$B,$C,$X,13,12,0xfd987193); - &R0( 0,$C,$D,$A,$B,$X,14,17,0xa679438e); - &R0( 1,$B,$C,$D,$A,$X,15,22,0x49b40821); - - &comment(""); - &comment("R1 section"); - &R1(-1,$A,$B,$C,$D,$X,16, 5,0xf61e2562); - &R1( 0,$D,$A,$B,$C,$X,17, 9,0xc040b340); - &R1( 0,$C,$D,$A,$B,$X,18,14,0x265e5a51); - &R1( 0,$B,$C,$D,$A,$X,19,20,0xe9b6c7aa); - &R1( 0,$A,$B,$C,$D,$X,20, 5,0xd62f105d); - &R1( 0,$D,$A,$B,$C,$X,21, 9,0x02441453); - &R1( 0,$C,$D,$A,$B,$X,22,14,0xd8a1e681); - &R1( 0,$B,$C,$D,$A,$X,23,20,0xe7d3fbc8); - &R1( 0,$A,$B,$C,$D,$X,24, 5,0x21e1cde6); - &R1( 0,$D,$A,$B,$C,$X,25, 9,0xc33707d6); - &R1( 0,$C,$D,$A,$B,$X,26,14,0xf4d50d87); - &R1( 0,$B,$C,$D,$A,$X,27,20,0x455a14ed); - &R1( 0,$A,$B,$C,$D,$X,28, 5,0xa9e3e905); - &R1( 0,$D,$A,$B,$C,$X,29, 9,0xfcefa3f8); - &R1( 0,$C,$D,$A,$B,$X,30,14,0x676f02d9); - &R1( 1,$B,$C,$D,$A,$X,31,20,0x8d2a4c8a); - - &comment(""); - &comment("R2 section"); - &R2( 0,-1,$A,$B,$C,$D,$X,32, 4,0xfffa3942); - &R2( 1, 0,$D,$A,$B,$C,$X,33,11,0x8771f681); - &R2( 2, 0,$C,$D,$A,$B,$X,34,16,0x6d9d6122); - &R2( 3, 0,$B,$C,$D,$A,$X,35,23,0xfde5380c); - &R2( 4, 0,$A,$B,$C,$D,$X,36, 4,0xa4beea44); - &R2( 5, 0,$D,$A,$B,$C,$X,37,11,0x4bdecfa9); - &R2( 6, 0,$C,$D,$A,$B,$X,38,16,0xf6bb4b60); - &R2( 7, 0,$B,$C,$D,$A,$X,39,23,0xbebfbc70); - &R2( 8, 0,$A,$B,$C,$D,$X,40, 4,0x289b7ec6); - &R2( 9, 0,$D,$A,$B,$C,$X,41,11,0xeaa127fa); - &R2(10, 0,$C,$D,$A,$B,$X,42,16,0xd4ef3085); - &R2(11, 0,$B,$C,$D,$A,$X,43,23,0x04881d05); - &R2(12, 0,$A,$B,$C,$D,$X,44, 4,0xd9d4d039); - &R2(13, 0,$D,$A,$B,$C,$X,45,11,0xe6db99e5); - &R2(14, 0,$C,$D,$A,$B,$X,46,16,0x1fa27cf8); - &R2(15, 1,$B,$C,$D,$A,$X,47,23,0xc4ac5665); - - &comment(""); - &comment("R3 section"); - &R3(-1,$A,$B,$C,$D,$X,48, 6,0xf4292244); - &R3( 0,$D,$A,$B,$C,$X,49,10,0x432aff97); - &R3( 0,$C,$D,$A,$B,$X,50,15,0xab9423a7); - &R3( 0,$B,$C,$D,$A,$X,51,21,0xfc93a039); - &R3( 0,$A,$B,$C,$D,$X,52, 6,0x655b59c3); - &R3( 0,$D,$A,$B,$C,$X,53,10,0x8f0ccc92); - &R3( 0,$C,$D,$A,$B,$X,54,15,0xffeff47d); - &R3( 0,$B,$C,$D,$A,$X,55,21,0x85845dd1); - &R3( 0,$A,$B,$C,$D,$X,56, 6,0x6fa87e4f); - &R3( 0,$D,$A,$B,$C,$X,57,10,0xfe2ce6e0); - &R3( 0,$C,$D,$A,$B,$X,58,15,0xa3014314); - &R3( 0,$B,$C,$D,$A,$X,59,21,0x4e0811a1); - &R3( 0,$A,$B,$C,$D,$X,60, 6,0xf7537e82); - &R3( 0,$D,$A,$B,$C,$X,61,10,0xbd3af235); - &R3( 0,$C,$D,$A,$B,$X,62,15,0x2ad7d2bb); - &R3( 2,$B,$C,$D,$A,$X,63,21,0xeb86d391); - - # &mov($tmp2,&wparam(0)); # done in the last R3 - # &mov($tmp1, &DWP( 0,$tmp2,"",0)); # done is the last R3 - - &add($A,$tmp1); - &mov($tmp1, &DWP( 4,$tmp2,"",0)); - - &add($B,$tmp1); - &mov($tmp1, &DWP( 8,$tmp2,"",0)); - - &add($C,$tmp1); - &mov($tmp1, &DWP(12,$tmp2,"",0)); - - &add($D,$tmp1); - &mov(&DWP( 0,$tmp2,"",0),$A); - - &mov(&DWP( 4,$tmp2,"",0),$B); - &mov($tmp1,&swtmp(0)) unless $normal; - - &mov(&DWP( 8,$tmp2,"",0),$C); - &mov(&DWP(12,$tmp2,"",0),$D); - - &cmp($tmp1,$X) unless $normal; # check count - &jge(&label("start")) unless $normal; - - &pop("eax"); # pop the temp variable off the stack - &pop("ebx"); - &pop("ebp"); - &pop("edi"); - &pop("esi"); - &ret(); - &function_end_B($name); - } - diff --git a/src/lib/libcrypto/md5/md5.h b/src/lib/libcrypto/md5/md5.h deleted file mode 100644 index d10bc8397f..0000000000 --- a/src/lib/libcrypto/md5/md5.h +++ /dev/null @@ -1,114 +0,0 @@ -/* crypto/md5/md5.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_MD5_H -#define HEADER_MD5_H - -#ifdef __cplusplus -extern "C" { -#endif - -#ifdef NO_MD5 -#error MD5 is disabled. -#endif - -/* - * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - * ! MD5_LONG has to be at least 32 bits wide. If it's wider, then ! - * ! MD5_LONG_LOG2 has to be defined along. ! - * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - */ - -#if defined(WIN16) || defined(__LP32__) -#define MD5_LONG unsigned long -#elif defined(_CRAY) || defined(__ILP64__) -#define MD5_LONG unsigned long -#define MD5_LONG_LOG2 3 -/* - * _CRAY note. I could declare short, but I have no idea what impact - * does it have on performance on none-T3E machines. I could declare - * int, but at least on C90 sizeof(int) can be chosen at compile time. - * So I've chosen long... - * - */ -#else -#define MD5_LONG unsigned int -#endif - -#define MD5_CBLOCK 64 -#define MD5_LBLOCK (MD5_CBLOCK/4) -#define MD5_DIGEST_LENGTH 16 - -typedef struct MD5state_st - { - MD5_LONG A,B,C,D; - MD5_LONG Nl,Nh; - MD5_LONG data[MD5_LBLOCK]; - int num; - } MD5_CTX; - -void MD5_Init(MD5_CTX *c); -void MD5_Update(MD5_CTX *c, const void *data, unsigned long len); -void MD5_Final(unsigned char *md, MD5_CTX *c); -unsigned char *MD5(const unsigned char *d, unsigned long n, unsigned char *md); -void MD5_Transform(MD5_CTX *c, const unsigned char *b); -#ifdef __cplusplus -} -#endif - -#endif diff --git a/src/lib/libcrypto/md5/md5_dgst.c b/src/lib/libcrypto/md5/md5_dgst.c deleted file mode 100644 index 23d196b8d4..0000000000 --- a/src/lib/libcrypto/md5/md5_dgst.c +++ /dev/null @@ -1,319 +0,0 @@ -/* crypto/md5/md5_dgst.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "md5_locl.h" -#include - -const char *MD5_version="MD5" OPENSSL_VERSION_PTEXT; - -/* Implemented from RFC1321 The MD5 Message-Digest Algorithm - */ - -#define INIT_DATA_A (unsigned long)0x67452301L -#define INIT_DATA_B (unsigned long)0xefcdab89L -#define INIT_DATA_C (unsigned long)0x98badcfeL -#define INIT_DATA_D (unsigned long)0x10325476L - -void MD5_Init(MD5_CTX *c) - { - c->A=INIT_DATA_A; - c->B=INIT_DATA_B; - c->C=INIT_DATA_C; - c->D=INIT_DATA_D; - c->Nl=0; - c->Nh=0; - c->num=0; - } - -#ifndef md5_block_host_order -void md5_block_host_order (MD5_CTX *c, const void *data, int num) - { - const MD5_LONG *X=data; - register unsigned long A,B,C,D; - /* - * In case you wonder why A-D are declared as long and not - * as MD5_LONG. Doing so results in slight performance - * boost on LP64 architectures. The catch is we don't - * really care if 32 MSBs of a 64-bit register get polluted - * with eventual overflows as we *save* only 32 LSBs in - * *either* case. Now declaring 'em long excuses the compiler - * from keeping 32 MSBs zeroed resulting in 13% performance - * improvement under SPARC Solaris7/64 and 5% under AlphaLinux. - * Well, to be honest it should say that this *prevents* - * performance degradation. - * - * - */ - - A=c->A; - B=c->B; - C=c->C; - D=c->D; - - for (;num--;X+=HASH_LBLOCK) - { - /* Round 0 */ - R0(A,B,C,D,X[ 0], 7,0xd76aa478L); - R0(D,A,B,C,X[ 1],12,0xe8c7b756L); - R0(C,D,A,B,X[ 2],17,0x242070dbL); - R0(B,C,D,A,X[ 3],22,0xc1bdceeeL); - R0(A,B,C,D,X[ 4], 7,0xf57c0fafL); - R0(D,A,B,C,X[ 5],12,0x4787c62aL); - R0(C,D,A,B,X[ 6],17,0xa8304613L); - R0(B,C,D,A,X[ 7],22,0xfd469501L); - R0(A,B,C,D,X[ 8], 7,0x698098d8L); - R0(D,A,B,C,X[ 9],12,0x8b44f7afL); - R0(C,D,A,B,X[10],17,0xffff5bb1L); - R0(B,C,D,A,X[11],22,0x895cd7beL); - R0(A,B,C,D,X[12], 7,0x6b901122L); - R0(D,A,B,C,X[13],12,0xfd987193L); - R0(C,D,A,B,X[14],17,0xa679438eL); - R0(B,C,D,A,X[15],22,0x49b40821L); - /* Round 1 */ - R1(A,B,C,D,X[ 1], 5,0xf61e2562L); - R1(D,A,B,C,X[ 6], 9,0xc040b340L); - R1(C,D,A,B,X[11],14,0x265e5a51L); - R1(B,C,D,A,X[ 0],20,0xe9b6c7aaL); - R1(A,B,C,D,X[ 5], 5,0xd62f105dL); - R1(D,A,B,C,X[10], 9,0x02441453L); - R1(C,D,A,B,X[15],14,0xd8a1e681L); - R1(B,C,D,A,X[ 4],20,0xe7d3fbc8L); - R1(A,B,C,D,X[ 9], 5,0x21e1cde6L); - R1(D,A,B,C,X[14], 9,0xc33707d6L); - R1(C,D,A,B,X[ 3],14,0xf4d50d87L); - R1(B,C,D,A,X[ 8],20,0x455a14edL); - R1(A,B,C,D,X[13], 5,0xa9e3e905L); - R1(D,A,B,C,X[ 2], 9,0xfcefa3f8L); - R1(C,D,A,B,X[ 7],14,0x676f02d9L); - R1(B,C,D,A,X[12],20,0x8d2a4c8aL); - /* Round 2 */ - R2(A,B,C,D,X[ 5], 4,0xfffa3942L); - R2(D,A,B,C,X[ 8],11,0x8771f681L); - R2(C,D,A,B,X[11],16,0x6d9d6122L); - R2(B,C,D,A,X[14],23,0xfde5380cL); - R2(A,B,C,D,X[ 1], 4,0xa4beea44L); - R2(D,A,B,C,X[ 4],11,0x4bdecfa9L); - R2(C,D,A,B,X[ 7],16,0xf6bb4b60L); - R2(B,C,D,A,X[10],23,0xbebfbc70L); - R2(A,B,C,D,X[13], 4,0x289b7ec6L); - R2(D,A,B,C,X[ 0],11,0xeaa127faL); - R2(C,D,A,B,X[ 3],16,0xd4ef3085L); - R2(B,C,D,A,X[ 6],23,0x04881d05L); - R2(A,B,C,D,X[ 9], 4,0xd9d4d039L); - R2(D,A,B,C,X[12],11,0xe6db99e5L); - R2(C,D,A,B,X[15],16,0x1fa27cf8L); - R2(B,C,D,A,X[ 2],23,0xc4ac5665L); - /* Round 3 */ - R3(A,B,C,D,X[ 0], 6,0xf4292244L); - R3(D,A,B,C,X[ 7],10,0x432aff97L); - R3(C,D,A,B,X[14],15,0xab9423a7L); - R3(B,C,D,A,X[ 5],21,0xfc93a039L); - R3(A,B,C,D,X[12], 6,0x655b59c3L); - R3(D,A,B,C,X[ 3],10,0x8f0ccc92L); - R3(C,D,A,B,X[10],15,0xffeff47dL); - R3(B,C,D,A,X[ 1],21,0x85845dd1L); - R3(A,B,C,D,X[ 8], 6,0x6fa87e4fL); - R3(D,A,B,C,X[15],10,0xfe2ce6e0L); - R3(C,D,A,B,X[ 6],15,0xa3014314L); - R3(B,C,D,A,X[13],21,0x4e0811a1L); - R3(A,B,C,D,X[ 4], 6,0xf7537e82L); - R3(D,A,B,C,X[11],10,0xbd3af235L); - R3(C,D,A,B,X[ 2],15,0x2ad7d2bbL); - R3(B,C,D,A,X[ 9],21,0xeb86d391L); - - A = c->A += A; - B = c->B += B; - C = c->C += C; - D = c->D += D; - } - } -#endif - -#ifndef md5_block_data_order -#ifdef X -#undef X -#endif -void md5_block_data_order (MD5_CTX *c, const void *data_, int num) - { - const unsigned char *data=data_; - register unsigned long A,B,C,D,l; - /* - * In case you wonder why A-D are declared as long and not - * as MD5_LONG. Doing so results in slight performance - * boost on LP64 architectures. The catch is we don't - * really care if 32 MSBs of a 64-bit register get polluted - * with eventual overflows as we *save* only 32 LSBs in - * *either* case. Now declaring 'em long excuses the compiler - * from keeping 32 MSBs zeroed resulting in 13% performance - * improvement under SPARC Solaris7/64 and 5% under AlphaLinux. - * Well, to be honest it should say that this *prevents* - * performance degradation. - * - * - */ -#ifndef MD32_XARRAY - /* See comment in crypto/sha/sha_locl.h for details. */ - unsigned long XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7, - XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15; -# define X(i) XX##i -#else - MD5_LONG XX[MD5_LBLOCK]; -# define X(i) XX[i] -#endif - - A=c->A; - B=c->B; - C=c->C; - D=c->D; - - for (;num--;) - { - HOST_c2l(data,l); X( 0)=l; HOST_c2l(data,l); X( 1)=l; - /* Round 0 */ - R0(A,B,C,D,X( 0), 7,0xd76aa478L); HOST_c2l(data,l); X( 2)=l; - R0(D,A,B,C,X( 1),12,0xe8c7b756L); HOST_c2l(data,l); X( 3)=l; - R0(C,D,A,B,X( 2),17,0x242070dbL); HOST_c2l(data,l); X( 4)=l; - R0(B,C,D,A,X( 3),22,0xc1bdceeeL); HOST_c2l(data,l); X( 5)=l; - R0(A,B,C,D,X( 4), 7,0xf57c0fafL); HOST_c2l(data,l); X( 6)=l; - R0(D,A,B,C,X( 5),12,0x4787c62aL); HOST_c2l(data,l); X( 7)=l; - R0(C,D,A,B,X( 6),17,0xa8304613L); HOST_c2l(data,l); X( 8)=l; - R0(B,C,D,A,X( 7),22,0xfd469501L); HOST_c2l(data,l); X( 9)=l; - R0(A,B,C,D,X( 8), 7,0x698098d8L); HOST_c2l(data,l); X(10)=l; - R0(D,A,B,C,X( 9),12,0x8b44f7afL); HOST_c2l(data,l); X(11)=l; - R0(C,D,A,B,X(10),17,0xffff5bb1L); HOST_c2l(data,l); X(12)=l; - R0(B,C,D,A,X(11),22,0x895cd7beL); HOST_c2l(data,l); X(13)=l; - R0(A,B,C,D,X(12), 7,0x6b901122L); HOST_c2l(data,l); X(14)=l; - R0(D,A,B,C,X(13),12,0xfd987193L); HOST_c2l(data,l); X(15)=l; - R0(C,D,A,B,X(14),17,0xa679438eL); - R0(B,C,D,A,X(15),22,0x49b40821L); - /* Round 1 */ - R1(A,B,C,D,X( 1), 5,0xf61e2562L); - R1(D,A,B,C,X( 6), 9,0xc040b340L); - R1(C,D,A,B,X(11),14,0x265e5a51L); - R1(B,C,D,A,X( 0),20,0xe9b6c7aaL); - R1(A,B,C,D,X( 5), 5,0xd62f105dL); - R1(D,A,B,C,X(10), 9,0x02441453L); - R1(C,D,A,B,X(15),14,0xd8a1e681L); - R1(B,C,D,A,X( 4),20,0xe7d3fbc8L); - R1(A,B,C,D,X( 9), 5,0x21e1cde6L); - R1(D,A,B,C,X(14), 9,0xc33707d6L); - R1(C,D,A,B,X( 3),14,0xf4d50d87L); - R1(B,C,D,A,X( 8),20,0x455a14edL); - R1(A,B,C,D,X(13), 5,0xa9e3e905L); - R1(D,A,B,C,X( 2), 9,0xfcefa3f8L); - R1(C,D,A,B,X( 7),14,0x676f02d9L); - R1(B,C,D,A,X(12),20,0x8d2a4c8aL); - /* Round 2 */ - R2(A,B,C,D,X( 5), 4,0xfffa3942L); - R2(D,A,B,C,X( 8),11,0x8771f681L); - R2(C,D,A,B,X(11),16,0x6d9d6122L); - R2(B,C,D,A,X(14),23,0xfde5380cL); - R2(A,B,C,D,X( 1), 4,0xa4beea44L); - R2(D,A,B,C,X( 4),11,0x4bdecfa9L); - R2(C,D,A,B,X( 7),16,0xf6bb4b60L); - R2(B,C,D,A,X(10),23,0xbebfbc70L); - R2(A,B,C,D,X(13), 4,0x289b7ec6L); - R2(D,A,B,C,X( 0),11,0xeaa127faL); - R2(C,D,A,B,X( 3),16,0xd4ef3085L); - R2(B,C,D,A,X( 6),23,0x04881d05L); - R2(A,B,C,D,X( 9), 4,0xd9d4d039L); - R2(D,A,B,C,X(12),11,0xe6db99e5L); - R2(C,D,A,B,X(15),16,0x1fa27cf8L); - R2(B,C,D,A,X( 2),23,0xc4ac5665L); - /* Round 3 */ - R3(A,B,C,D,X( 0), 6,0xf4292244L); - R3(D,A,B,C,X( 7),10,0x432aff97L); - R3(C,D,A,B,X(14),15,0xab9423a7L); - R3(B,C,D,A,X( 5),21,0xfc93a039L); - R3(A,B,C,D,X(12), 6,0x655b59c3L); - R3(D,A,B,C,X( 3),10,0x8f0ccc92L); - R3(C,D,A,B,X(10),15,0xffeff47dL); - R3(B,C,D,A,X( 1),21,0x85845dd1L); - R3(A,B,C,D,X( 8), 6,0x6fa87e4fL); - R3(D,A,B,C,X(15),10,0xfe2ce6e0L); - R3(C,D,A,B,X( 6),15,0xa3014314L); - R3(B,C,D,A,X(13),21,0x4e0811a1L); - R3(A,B,C,D,X( 4), 6,0xf7537e82L); - R3(D,A,B,C,X(11),10,0xbd3af235L); - R3(C,D,A,B,X( 2),15,0x2ad7d2bbL); - R3(B,C,D,A,X( 9),21,0xeb86d391L); - - A = c->A += A; - B = c->B += B; - C = c->C += C; - D = c->D += D; - } - } -#endif - -#ifdef undef -int printit(unsigned long *l) - { - int i,ii; - - for (i=0; i<2; i++) - { - for (ii=0; ii<8; ii++) - { - fprintf(stderr,"%08lx ",l[i*8+ii]); - } - fprintf(stderr,"\n"); - } - } -#endif diff --git a/src/lib/libcrypto/md5/md5_locl.h b/src/lib/libcrypto/md5/md5_locl.h deleted file mode 100644 index c912484122..0000000000 --- a/src/lib/libcrypto/md5/md5_locl.h +++ /dev/null @@ -1,172 +0,0 @@ -/* crypto/md5/md5_locl.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include - -#ifndef MD5_LONG_LOG2 -#define MD5_LONG_LOG2 2 /* default to 32 bits */ -#endif - -#ifdef MD5_ASM -# if defined(__i386) || defined(_M_IX86) || defined(__INTEL__) -# define md5_block_host_order md5_block_asm_host_order -# elif defined(__sparc) && defined(ULTRASPARC) - void md5_block_asm_data_order_aligned (MD5_CTX *c, const MD5_LONG *p,int num); -# define HASH_BLOCK_DATA_ORDER_ALIGNED md5_block_asm_data_order_aligned -# endif -#endif - -void md5_block_host_order (MD5_CTX *c, const void *p,int num); -void md5_block_data_order (MD5_CTX *c, const void *p,int num); - -#if defined(__i386) || defined(_M_IX86) || defined(__INTEL__) -/* - * *_block_host_order is expected to handle aligned data while - * *_block_data_order - unaligned. As algorithm and host (x86) - * are in this case of the same "endianness" these two are - * otherwise indistinguishable. But normally you don't want to - * call the same function because unaligned access in places - * where alignment is expected is usually a "Bad Thing". Indeed, - * on RISCs you get punished with BUS ERROR signal or *severe* - * performance degradation. Intel CPUs are in turn perfectly - * capable of loading unaligned data without such drastic side - * effect. Yes, they say it's slower than aligned load, but no - * exception is generated and therefore performance degradation - * is *incomparable* with RISCs. What we should weight here is - * costs of unaligned access against costs of aligning data. - * According to my measurements allowing unaligned access results - * in ~9% performance improvement on Pentium II operating at - * 266MHz. I won't be surprised if the difference will be higher - * on faster systems:-) - * - * - */ -#define md5_block_data_order md5_block_host_order -#endif - -#define DATA_ORDER_IS_LITTLE_ENDIAN - -#define HASH_LONG MD5_LONG -#define HASH_LONG_LOG2 MD5_LONG_LOG2 -#define HASH_CTX MD5_CTX -#define HASH_CBLOCK MD5_CBLOCK -#define HASH_LBLOCK MD5_LBLOCK -#define HASH_UPDATE MD5_Update -#define HASH_TRANSFORM MD5_Transform -#define HASH_FINAL MD5_Final -#define HASH_MAKE_STRING(c,s) do { \ - unsigned long ll; \ - ll=(c)->A; HOST_l2c(ll,(s)); \ - ll=(c)->B; HOST_l2c(ll,(s)); \ - ll=(c)->C; HOST_l2c(ll,(s)); \ - ll=(c)->D; HOST_l2c(ll,(s)); \ - } while (0) -#define HASH_BLOCK_HOST_ORDER md5_block_host_order -#if !defined(L_ENDIAN) || defined(md5_block_data_order) -#define HASH_BLOCK_DATA_ORDER md5_block_data_order -/* - * Little-endians (Intel and Alpha) feel better without this. - * It looks like memcpy does better job than generic - * md5_block_data_order on copying-n-aligning input data. - * But frankly speaking I didn't expect such result on Alpha. - * On the other hand I've got this with egcs-1.0.2 and if - * program is compiled with another (better?) compiler it - * might turn out other way around. - * - * - */ -#endif - -#include "md32_common.h" - -/* -#define F(x,y,z) (((x) & (y)) | ((~(x)) & (z))) -#define G(x,y,z) (((x) & (z)) | ((y) & (~(z)))) -*/ - -/* As pointed out by Wei Dai , the above can be - * simplified to the code below. Wei attributes these optimizations - * to Peter Gutmann's SHS code, and he attributes it to Rich Schroeppel. - */ -#define F(b,c,d) ((((c) ^ (d)) & (b)) ^ (d)) -#define G(b,c,d) ((((b) ^ (c)) & (d)) ^ (c)) -#define H(b,c,d) ((b) ^ (c) ^ (d)) -#define I(b,c,d) (((~(d)) | (b)) ^ (c)) - -#define R0(a,b,c,d,k,s,t) { \ - a+=((k)+(t)+F((b),(c),(d))); \ - a=ROTATE(a,s); \ - a+=b; };\ - -#define R1(a,b,c,d,k,s,t) { \ - a+=((k)+(t)+G((b),(c),(d))); \ - a=ROTATE(a,s); \ - a+=b; }; - -#define R2(a,b,c,d,k,s,t) { \ - a+=((k)+(t)+H((b),(c),(d))); \ - a=ROTATE(a,s); \ - a+=b; }; - -#define R3(a,b,c,d,k,s,t) { \ - a+=((k)+(t)+I((b),(c),(d))); \ - a=ROTATE(a,s); \ - a+=b; }; diff --git a/src/lib/libcrypto/md5/md5_one.c b/src/lib/libcrypto/md5/md5_one.c deleted file mode 100644 index b89dec850d..0000000000 --- a/src/lib/libcrypto/md5/md5_one.c +++ /dev/null @@ -1,95 +0,0 @@ -/* crypto/md5/md5_one.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include - -#ifdef CHARSET_EBCDIC -#include -#endif - -unsigned char *MD5(const unsigned char *d, unsigned long n, unsigned char *md) - { - MD5_CTX c; - static unsigned char m[MD5_DIGEST_LENGTH]; - - if (md == NULL) md=m; - MD5_Init(&c); -#ifndef CHARSET_EBCDIC - MD5_Update(&c,d,n); -#else - { - char temp[1024]; - unsigned long chunk; - - while (n > 0) - { - chunk = (n > sizeof(temp)) ? sizeof(temp) : n; - ebcdic2ascii(temp, d, chunk); - MD5_Update(&c,temp,chunk); - n -= chunk; - d += chunk; - } - } -#endif - MD5_Final(md,&c); - memset(&c,0,sizeof(c)); /* security consideration */ - return(md); - } - diff --git a/src/lib/libcrypto/mem_dbg.c b/src/lib/libcrypto/mem_dbg.c deleted file mode 100644 index 866c53e73a..0000000000 --- a/src/lib/libcrypto/mem_dbg.c +++ /dev/null @@ -1,730 +0,0 @@ -/* crypto/mem_dbg.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include -#include -#include -#include -#include "cryptlib.h" - -static int mh_mode=CRYPTO_MEM_CHECK_OFF; -/* The state changes to CRYPTO_MEM_CHECK_ON | CRYPTO_MEM_CHECK_ENABLE - * when the application asks for it (usually after library initialisation - * for which no book-keeping is desired). - * - * State CRYPTO_MEM_CHECK_ON exists only temporarily when the library - * thinks that certain allocations should not be checked (e.g. the data - * structures used for memory checking). It is not suitable as an initial - * state: the library will unexpectedly enable memory checking when it - * executes one of those sections that want to disable checking - * temporarily. - * - * State CRYPTO_MEM_CHECK_ENABLE without ..._ON makes no sense whatsoever. - */ - -static unsigned long order = 0; /* number of memory requests */ -static LHASH *mh=NULL; /* hash-table of memory requests (address as key) */ - - -typedef struct app_mem_info_st -/* For application-defined information (static C-string `info') - * to be displayed in memory leak list. - * Each thread has its own stack. For applications, there is - * CRYPTO_push_info("...") to push an entry, - * CRYPTO_pop_info() to pop an entry, - * CRYPTO_remove_all_info() to pop all entries. - */ - { - unsigned long thread; - const char *file; - int line; - const char *info; - struct app_mem_info_st *next; /* tail of thread's stack */ - int references; - } APP_INFO; - -static LHASH *amih=NULL; /* hash-table with those app_mem_info_st's - * that are at the top of their thread's stack - * (with `thread' as key) */ - -typedef struct mem_st -/* memory-block description */ - { - void *addr; - int num; - const char *file; - int line; - unsigned long thread; - unsigned long order; - time_t time; - APP_INFO *app_info; - } MEM; - -static long options = /* extra information to be recorded */ -#if defined(CRYPTO_MDEBUG_TIME) || defined(CRYPTO_MDEBUG_ALL) - V_CRYPTO_MDEBUG_TIME | -#endif -#if defined(CRYPTO_MDEBUG_THREAD) || defined(CRYPTO_MDEBUG_ALL) - V_CRYPTO_MDEBUG_THREAD | -#endif - 0; - - -static unsigned long disabling_thread = 0; - -int CRYPTO_mem_ctrl(int mode) - { - int ret=mh_mode; - - CRYPTO_w_lock(CRYPTO_LOCK_MALLOC); - switch (mode) - { - /* for applications: */ - case CRYPTO_MEM_CHECK_ON: /* aka MemCheck_start() */ - mh_mode = CRYPTO_MEM_CHECK_ON|CRYPTO_MEM_CHECK_ENABLE; - disabling_thread = 0; - break; - case CRYPTO_MEM_CHECK_OFF: /* aka MemCheck_stop() */ - mh_mode = 0; - disabling_thread = 0; - break; - - /* switch off temporarily (for library-internal use): */ - case CRYPTO_MEM_CHECK_DISABLE: /* aka MemCheck_off() */ - if (mh_mode & CRYPTO_MEM_CHECK_ON) - { - mh_mode&= ~CRYPTO_MEM_CHECK_ENABLE; - if (disabling_thread != CRYPTO_thread_id()) /* otherwise we already have the MALLOC2 lock */ - { - /* Long-time lock CRYPTO_LOCK_MALLOC2 must not be claimed while - * we're holding CRYPTO_LOCK_MALLOC, or we'll deadlock if - * somebody else holds CRYPTO_LOCK_MALLOC2 (and cannot release - * it because we block entry to this function). - * Give them a chance, first, and then claim the locks in - * appropriate order (long-time lock first). - */ - CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC); - /* Note that after we have waited for CRYPTO_LOCK_MALLOC2 - * and CRYPTO_LOCK_MALLOC, we'll still be in the right - * "case" and "if" branch because MemCheck_start and - * MemCheck_stop may never be used while there are multiple - * OpenSSL threads. */ - CRYPTO_w_lock(CRYPTO_LOCK_MALLOC2); - CRYPTO_w_lock(CRYPTO_LOCK_MALLOC); - disabling_thread=CRYPTO_thread_id(); - } - } - break; - case CRYPTO_MEM_CHECK_ENABLE: /* aka MemCheck_on() */ - if (mh_mode & CRYPTO_MEM_CHECK_ON) - { - mh_mode|=CRYPTO_MEM_CHECK_ENABLE; - if (disabling_thread != 0) - { - disabling_thread=0; - CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC2); - } - } - break; - - default: - break; - } - CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC); - return(ret); - } - -int CRYPTO_is_mem_check_on(void) - { - int ret = 0; - - if (mh_mode & CRYPTO_MEM_CHECK_ON) - { - CRYPTO_w_lock(CRYPTO_LOCK_MALLOC); - - ret = (mh_mode & CRYPTO_MEM_CHECK_ENABLE) - && disabling_thread != CRYPTO_thread_id(); - - CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC); - } - return(ret); - } - - -void CRYPTO_dbg_set_options(long bits) - { - options = bits; - } - -long CRYPTO_dbg_get_options(void) - { - return options; - } - -static int mem_cmp(MEM *a, MEM *b) - { - return((char *)a->addr - (char *)b->addr); - } - -static unsigned long mem_hash(MEM *a) - { - unsigned long ret; - - ret=(unsigned long)a->addr; - - ret=ret*17851+(ret>>14)*7+(ret>>4)*251; - return(ret); - } - -static int app_info_cmp(APP_INFO *a, APP_INFO *b) - { - return(a->thread != b->thread); - } - -static unsigned long app_info_hash(APP_INFO *a) - { - unsigned long ret; - - ret=(unsigned long)a->thread; - - ret=ret*17851+(ret>>14)*7+(ret>>4)*251; - return(ret); - } - -static APP_INFO *pop_info() - { - APP_INFO tmp; - APP_INFO *ret = NULL; - - if (amih != NULL) - { - tmp.thread=CRYPTO_thread_id(); - if ((ret=(APP_INFO *)lh_delete(amih,&tmp)) != NULL) - { - APP_INFO *next=ret->next; - - if (next != NULL) - { - next->references++; - lh_insert(amih,(char *)next); - } -#ifdef LEVITTE_DEBUG - if (ret->thread != tmp.thread) - { - fprintf(stderr, "pop_info(): deleted info has other thread ID (%lu) than the current thread (%lu)!!!!\n", - ret->thread, tmp.thread); - abort(); - } -#endif - if (--(ret->references) <= 0) - { - ret->next = NULL; - if (next != NULL) - next->references--; - OPENSSL_free(ret); - } - } - } - return(ret); - } - -int CRYPTO_push_info_(const char *info, const char *file, int line) - { - APP_INFO *ami, *amim; - int ret=0; - - if (is_MemCheck_on()) - { - MemCheck_off(); /* obtains CRYPTO_LOCK_MALLOC2 */ - - if ((ami = (APP_INFO *)OPENSSL_malloc(sizeof(APP_INFO))) == NULL) - { - ret=0; - goto err; - } - if (amih == NULL) - { - if ((amih=lh_new(app_info_hash,app_info_cmp)) == NULL) - { - OPENSSL_free(ami); - ret=0; - goto err; - } - } - - ami->thread=CRYPTO_thread_id(); - ami->file=file; - ami->line=line; - ami->info=info; - ami->references=1; - ami->next=NULL; - - if ((amim=(APP_INFO *)lh_insert(amih,(char *)ami)) != NULL) - { -#ifdef LEVITTE_DEBUG - if (ami->thread != amim->thread) - { - fprintf(stderr, "CRYPTO_push_info(): previous info has other thread ID (%lu) than the current thread (%lu)!!!!\n", - amim->thread, ami->thread); - abort(); - } -#endif - ami->next=amim; - } - err: - MemCheck_on(); /* releases CRYPTO_LOCK_MALLOC2 */ - } - - return(ret); - } - -int CRYPTO_pop_info(void) - { - int ret=0; - - if (is_MemCheck_on()) /* _must_ be true, or something went severely wrong */ - { - MemCheck_off(); /* obtains CRYPTO_LOCK_MALLOC2 */ - - ret=(pop_info() != NULL); - - MemCheck_on(); /* releases CRYPTO_LOCK_MALLOC2 */ - } - return(ret); - } - -int CRYPTO_remove_all_info(void) - { - int ret=0; - - if (is_MemCheck_on()) /* _must_ be true */ - { - MemCheck_off(); /* obtains CRYPTO_LOCK_MALLOC2 */ - - while(pop_info() != NULL) - ret++; - - MemCheck_on(); /* releases CRYPTO_LOCK_MALLOC2 */ - } - return(ret); - } - - -static unsigned long break_order_num=0; -void CRYPTO_dbg_malloc(void *addr, int num, const char *file, int line, - int before_p) - { - MEM *m,*mm; - APP_INFO tmp,*amim; - - switch(before_p & 127) - { - case 0: - break; - case 1: - if (addr == NULL) - break; - - if (is_MemCheck_on()) - { - MemCheck_off(); /* obtains CRYPTO_LOCK_MALLOC2 */ - if ((m=(MEM *)OPENSSL_malloc(sizeof(MEM))) == NULL) - { - OPENSSL_free(addr); - MemCheck_on(); /* releases CRYPTO_LOCK_MALLOC2 */ - return; - } - if (mh == NULL) - { - if ((mh=lh_new(mem_hash,mem_cmp)) == NULL) - { - OPENSSL_free(addr); - OPENSSL_free(m); - addr=NULL; - goto err; - } - } - - m->addr=addr; - m->file=file; - m->line=line; - m->num=num; - if (options & V_CRYPTO_MDEBUG_THREAD) - m->thread=CRYPTO_thread_id(); - else - m->thread=0; - - if (order == break_order_num) - { - /* BREAK HERE */ - m->order=order; - } - m->order=order++; -#ifdef LEVITTE_DEBUG - fprintf(stderr, "LEVITTE_DEBUG: [%5d] %c 0x%p (%d)\n", - m->order, - (before_p & 128) ? '*' : '+', - m->addr, m->num); -#endif - if (options & V_CRYPTO_MDEBUG_TIME) - m->time=time(NULL); - else - m->time=0; - - tmp.thread=CRYPTO_thread_id(); - m->app_info=NULL; - if (amih != NULL - && (amim=(APP_INFO *)lh_retrieve(amih,(char *)&tmp)) != NULL) - { - m->app_info = amim; - amim->references++; - } - - if ((mm=(MEM *)lh_insert(mh,(char *)m)) != NULL) - { - /* Not good, but don't sweat it */ - if (mm->app_info != NULL) - { - mm->app_info->references--; - } - OPENSSL_free(mm); - } - err: - MemCheck_on(); /* releases CRYPTO_LOCK_MALLOC2 */ - } - break; - } - return; - } - -void CRYPTO_dbg_free(void *addr, int before_p) - { - MEM m,*mp; - - switch(before_p) - { - case 0: - if (addr == NULL) - break; - - if (is_MemCheck_on() && (mh != NULL)) - { - MemCheck_off(); - - m.addr=addr; - mp=(MEM *)lh_delete(mh,(char *)&m); - if (mp != NULL) - { -#ifdef LEVITTE_DEBUG - fprintf(stderr, "LEVITTE_DEBUG: [%5d] - 0x%p (%d)\n", - mp->order, mp->addr, mp->num); -#endif - if (mp->app_info != NULL) - { - mp->app_info->references--; - } - OPENSSL_free(mp); - } - - MemCheck_on(); /* releases CRYPTO_LOCK_MALLOC2 */ - } - break; - case 1: - break; - } - } - -void CRYPTO_dbg_realloc(void *addr1, void *addr2, int num, - const char *file, int line, int before_p) - { - MEM m,*mp; - -#ifdef LEVITTE_DEBUG - fprintf(stderr, "LEVITTE_DEBUG: --> CRYPTO_dbg_malloc(addr1 = %p, addr2 = %p, num = %d, file = \"%s\", line = %d, before_p = %d)\n", - addr1, addr2, num, file, line, before_p); -#endif - - switch(before_p) - { - case 0: - break; - case 1: - if (addr2 == NULL) - break; - - if (addr1 == NULL) - { - CRYPTO_dbg_malloc(addr2, num, file, line, 128 | before_p); - break; - } - - if (is_MemCheck_on()) - { - MemCheck_off(); /* obtains CRYPTO_LOCK_MALLOC2 */ - - m.addr=addr1; - mp=(MEM *)lh_delete(mh,(char *)&m); - if (mp != NULL) - { -#ifdef LEVITTE_DEBUG - fprintf(stderr, "LEVITTE_DEBUG: [%5d] * 0x%p (%d) -> 0x%p (%d)\n", - mp->order, - mp->addr, mp->num, - addr2, num); -#endif - mp->addr=addr2; - mp->num=num; - lh_insert(mh,(char *)mp); - } - - MemCheck_on(); /* releases CRYPTO_LOCK_MALLOC2 */ - } - break; - } - return; - } - - -typedef struct mem_leak_st - { - BIO *bio; - int chunks; - long bytes; - } MEM_LEAK; - -static void print_leak(MEM *m, MEM_LEAK *l) - { - char buf[1024]; - char *bufp = buf; - APP_INFO *amip; - int ami_cnt; - struct tm *lcl = NULL; - unsigned long ti; - - if(m->addr == (char *)l->bio) - return; - - if (options & V_CRYPTO_MDEBUG_TIME) - { - lcl = localtime(&m->time); - - sprintf(bufp, "[%02d:%02d:%02d] ", - lcl->tm_hour,lcl->tm_min,lcl->tm_sec); - bufp += strlen(bufp); - } - - sprintf(bufp, "%5lu file=%s, line=%d, ", - m->order,m->file,m->line); - bufp += strlen(bufp); - - if (options & V_CRYPTO_MDEBUG_THREAD) - { - sprintf(bufp, "thread=%lu, ", m->thread); - bufp += strlen(bufp); - } - - sprintf(bufp, "number=%d, address=%08lX\n", - m->num,(unsigned long)m->addr); - bufp += strlen(bufp); - - BIO_puts(l->bio,buf); - - l->chunks++; - l->bytes+=m->num; - - amip=m->app_info; - ami_cnt=0; - if (!amip) - return; - ti=amip->thread; - - do - { - int buf_len; - int info_len; - - ami_cnt++; - memset(buf,'>',ami_cnt); - sprintf(buf + ami_cnt, - " thread=%lu, file=%s, line=%d, info=\"", - amip->thread, amip->file, amip->line); - buf_len=strlen(buf); - info_len=strlen(amip->info); - if (128 - buf_len - 3 < info_len) - { - memcpy(buf + buf_len, amip->info, 128 - buf_len - 3); - buf_len = 128 - 3; - } - else - { - strcpy(buf + buf_len, amip->info); - buf_len = strlen(buf); - } - sprintf(buf + buf_len, "\"\n"); - - BIO_puts(l->bio,buf); - - amip = amip->next; - } - while(amip && amip->thread == ti); - -#ifdef LEVITTE_DEBUG - if (amip) - { - fprintf(stderr, "Thread switch detected in backtrace!!!!\n"); - abort(); - } -#endif - } - -void CRYPTO_mem_leaks(BIO *b) - { - MEM_LEAK ml; - char buf[80]; - - if (mh == NULL && amih == NULL) - return; - ml.bio=b; - ml.bytes=0; - ml.chunks=0; - MemCheck_off(); /* obtains CRYPTO_LOCK_MALLOC2 */ - if (mh != NULL) - lh_doall_arg(mh,(void (*)())print_leak,(char *)&ml); - if (ml.chunks != 0) - { - sprintf(buf,"%ld bytes leaked in %d chunks\n", - ml.bytes,ml.chunks); - BIO_puts(b,buf); - } - else - { - /* Make sure that, if we found no leaks, memory-leak debugging itself - * does not introduce memory leaks (which might irritate - * external debugging tools). - * (When someone enables leak checking, but does not call - * this function, we declare it to be their fault.) - * - * XXX This should be in CRYPTO_mem_leaks_cb, - * and CRYPTO_mem_leaks should be implemented by - * using CRYPTO_mem_leaks_cb. - * (Also their should be a variant of lh_doall_arg - * that takes a function pointer instead of a void *; - * this would obviate the ugly and illegal - * void_fn_to_char kludge in CRYPTO_mem_leaks_cb. - * Otherwise the code police will come and get us.) - */ - CRYPTO_w_lock(CRYPTO_LOCK_MALLOC); - if (mh != NULL) - { - lh_free(mh); - mh = NULL; - } - if (amih != NULL) - { - if (lh_num_items(amih) == 0) - { - lh_free(amih); - amih = NULL; - } - } - CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC); - } - MemCheck_on(); /* releases CRYPTO_LOCK_MALLOC2 */ - -#if 0 - lh_stats_bio(mh,b); - lh_node_stats_bio(mh,b); - lh_node_usage_stats_bio(mh,b); -#endif - } - -#ifndef NO_FP_API -void CRYPTO_mem_leaks_fp(FILE *fp) - { - BIO *b; - - if (mh == NULL) return; - if ((b=BIO_new(BIO_s_file())) == NULL) - return; - BIO_set_fp(b,fp,BIO_NOCLOSE); - CRYPTO_mem_leaks(b); - BIO_free(b); - } -#endif - - - -/* FIXME: We really don't allow much to the callback. For example, it has - no chance of reaching the info stack for the item it processes. Should - it really be this way? -- Richard Levitte */ -static void cb_leak(MEM *m, - void (**cb)(unsigned long, const char *, int, int, void *)) - { - (**cb)(m->order,m->file,m->line,m->num,m->addr); - } - -void CRYPTO_mem_leaks_cb(void (*cb)(unsigned long, const char *, int, int, void *)) - { - if (mh == NULL) return; - CRYPTO_w_lock(CRYPTO_LOCK_MALLOC2); - lh_doall_arg(mh,(void (*)())cb_leak,(void *)&cb); - CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC2); - } diff --git a/src/lib/libcrypto/objects/o_names.c b/src/lib/libcrypto/objects/o_names.c deleted file mode 100644 index dca988230e..0000000000 --- a/src/lib/libcrypto/objects/o_names.c +++ /dev/null @@ -1,266 +0,0 @@ -#include -#include -#include - -#include -#include -#include - -/* I use the ex_data stuff to manage the identifiers for the obj_name_types - * that applications may define. I only really use the free function field. - */ -static LHASH *names_lh=NULL; -static int names_type_num=OBJ_NAME_TYPE_NUM; - -typedef struct name_funcs_st - { - unsigned long (*hash_func)(); - int (*cmp_func)(); - void (*free_func)(); - } NAME_FUNCS; - -DECLARE_STACK_OF(NAME_FUNCS) -IMPLEMENT_STACK_OF(NAME_FUNCS) - -static STACK_OF(NAME_FUNCS) *name_funcs_stack; - -static unsigned long obj_name_hash(OBJ_NAME *a); -static int obj_name_cmp(OBJ_NAME *a,OBJ_NAME *b); - -int OBJ_NAME_init(void) - { - if (names_lh != NULL) return(1); - MemCheck_off(); - names_lh=lh_new(obj_name_hash,obj_name_cmp); - MemCheck_on(); - return(names_lh != NULL); - } - -int OBJ_NAME_new_index(unsigned long (*hash_func)(const char *), - int (*cmp_func)(const void *, const void *), - void (*free_func)(const char *, int, const char *)) - { - int ret; - int i; - NAME_FUNCS *name_funcs; - - if (name_funcs_stack == NULL) - { - MemCheck_off(); - name_funcs_stack=sk_NAME_FUNCS_new_null(); - MemCheck_on(); - } - if ((name_funcs_stack == NULL)) - { - /* ERROR */ - return(0); - } - ret=names_type_num; - names_type_num++; - for (i=sk_NAME_FUNCS_num(name_funcs_stack); ihash_func = lh_strhash; - name_funcs->cmp_func = (int (*)())strcmp; - name_funcs->free_func = 0; /* NULL is often declared to - * ((void *)0), which according - * to Compaq C is not really - * compatible with a function - * pointer. -- Richard Levitte*/ - sk_NAME_FUNCS_push(name_funcs_stack,name_funcs); - MemCheck_on(); - } - name_funcs = sk_NAME_FUNCS_value(name_funcs_stack, ret); - if (hash_func != NULL) - name_funcs->hash_func = hash_func; - if (cmp_func != NULL) - name_funcs->cmp_func = cmp_func; - if (free_func != NULL) - name_funcs->free_func = free_func; - return(ret); - } - -static int obj_name_cmp(OBJ_NAME *a, OBJ_NAME *b) - { - int ret; - - ret=a->type-b->type; - if (ret == 0) - { - if ((name_funcs_stack != NULL) - && (sk_NAME_FUNCS_num(name_funcs_stack) > a->type)) - { - ret=sk_NAME_FUNCS_value(name_funcs_stack,a->type) - ->cmp_func(a->name,b->name); - } - else - ret=strcmp(a->name,b->name); - } - return(ret); - } - -static unsigned long obj_name_hash(OBJ_NAME *a) - { - unsigned long ret; - - if ((name_funcs_stack != NULL) && (sk_NAME_FUNCS_num(name_funcs_stack) > a->type)) - { - ret=sk_NAME_FUNCS_value(name_funcs_stack,a->type) - ->hash_func(a->name); - } - else - { - ret=lh_strhash(a->name); - } - ret^=a->type; - return(ret); - } - -const char *OBJ_NAME_get(const char *name, int type) - { - OBJ_NAME on,*ret; - int num=0,alias; - - if (name == NULL) return(NULL); - if ((names_lh == NULL) && !OBJ_NAME_init()) return(NULL); - - alias=type&OBJ_NAME_ALIAS; - type&= ~OBJ_NAME_ALIAS; - - on.name=name; - on.type=type; - - for (;;) - { - ret=(OBJ_NAME *)lh_retrieve(names_lh,&on); - if (ret == NULL) return(NULL); - if ((ret->alias) && !alias) - { - if (++num > 10) return(NULL); - on.name=ret->data; - } - else - { - return(ret->data); - } - } - } - -int OBJ_NAME_add(const char *name, int type, const char *data) - { - OBJ_NAME *onp,*ret; - int alias; - - if ((names_lh == NULL) && !OBJ_NAME_init()) return(0); - - alias=type&OBJ_NAME_ALIAS; - type&= ~OBJ_NAME_ALIAS; - - onp=(OBJ_NAME *)OPENSSL_malloc(sizeof(OBJ_NAME)); - if (onp == NULL) - { - /* ERROR */ - return(0); - } - - onp->name=name; - onp->alias=alias; - onp->type=type; - onp->data=data; - - ret=(OBJ_NAME *)lh_insert(names_lh,onp); - if (ret != NULL) - { - /* free things */ - if ((name_funcs_stack != NULL) && (sk_NAME_FUNCS_num(name_funcs_stack) > ret->type)) - { - /* XXX: I'm not sure I understand why the free - * function should get three arguments... - * -- Richard Levitte - */ - sk_NAME_FUNCS_value(name_funcs_stack,ret->type) - ->free_func(ret->name,ret->type,ret->data); - } - OPENSSL_free(ret); - } - else - { - if (lh_error(names_lh)) - { - /* ERROR */ - return(0); - } - } - return(1); - } - -int OBJ_NAME_remove(const char *name, int type) - { - OBJ_NAME on,*ret; - - if (names_lh == NULL) return(0); - - type&= ~OBJ_NAME_ALIAS; - on.name=name; - on.type=type; - ret=(OBJ_NAME *)lh_delete(names_lh,&on); - if (ret != NULL) - { - /* free things */ - if ((name_funcs_stack != NULL) && (sk_NAME_FUNCS_num(name_funcs_stack) > ret->type)) - { - /* XXX: I'm not sure I understand why the free - * function should get three arguments... - * -- Richard Levitte - */ - sk_NAME_FUNCS_value(name_funcs_stack,ret->type) - ->free_func(ret->name,ret->type,ret->data); - } - OPENSSL_free(ret); - return(1); - } - else - return(0); - } - -static int free_type; - -static void names_lh_free(OBJ_NAME *onp, int type) -{ - if(onp == NULL) - return; - - if ((free_type < 0) || (free_type == onp->type)) - { - OBJ_NAME_remove(onp->name,onp->type); - } - } - -static void name_funcs_free(NAME_FUNCS *ptr) - { - OPENSSL_free(ptr); - } - -void OBJ_NAME_cleanup(int type) - { - unsigned long down_load; - - if (names_lh == NULL) return; - - free_type=type; - down_load=names_lh->down_load; - names_lh->down_load=0; - - lh_doall(names_lh,names_lh_free); - if (type < 0) - { - lh_free(names_lh); - sk_NAME_FUNCS_pop_free(name_funcs_stack,name_funcs_free); - names_lh=NULL; - name_funcs_stack = NULL; - } - else - names_lh->down_load=down_load; - } - diff --git a/src/lib/libcrypto/objects/obj_dat.c b/src/lib/libcrypto/objects/obj_dat.c deleted file mode 100644 index 4b1bb9583a..0000000000 --- a/src/lib/libcrypto/objects/obj_dat.c +++ /dev/null @@ -1,657 +0,0 @@ -/* crypto/objects/obj_dat.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include "cryptlib.h" -#include -#include -#include - -/* obj_dat.h is generated from objects.h by obj_dat.pl */ -#ifndef NO_OBJECT -#include "obj_dat.h" -#else -/* You will have to load all the objects needed manually in the application */ -#define NUM_NID 0 -#define NUM_SN 0 -#define NUM_LN 0 -#define NUM_OBJ 0 -static unsigned char lvalues[1]; -static ASN1_OBJECT nid_objs[1]; -static ASN1_OBJECT *sn_objs[1]; -static ASN1_OBJECT *ln_objs[1]; -static ASN1_OBJECT *obj_objs[1]; -#endif - -static int sn_cmp(const void *a, const void *b); -static int ln_cmp(const void *a, const void *b); -static int obj_cmp(const void *a, const void *b); -#define ADDED_DATA 0 -#define ADDED_SNAME 1 -#define ADDED_LNAME 2 -#define ADDED_NID 3 - -typedef struct added_obj_st - { - int type; - ASN1_OBJECT *obj; - } ADDED_OBJ; - -static int new_nid=NUM_NID; -static LHASH *added=NULL; - -static int sn_cmp(const void *a, const void *b) - { - const ASN1_OBJECT * const *ap = a, * const *bp = b; - return(strcmp((*ap)->sn,(*bp)->sn)); - } - -static int ln_cmp(const void *a, const void *b) - { - const ASN1_OBJECT * const *ap = a, * const *bp = b; - return(strcmp((*ap)->ln,(*bp)->ln)); - } - -static unsigned long add_hash(ADDED_OBJ *ca) - { - ASN1_OBJECT *a; - int i; - unsigned long ret=0; - unsigned char *p; - - a=ca->obj; - switch (ca->type) - { - case ADDED_DATA: - ret=a->length<<20L; - p=(unsigned char *)a->data; - for (i=0; ilength; i++) - ret^=p[i]<<((i*3)%24); - break; - case ADDED_SNAME: - ret=lh_strhash(a->sn); - break; - case ADDED_LNAME: - ret=lh_strhash(a->ln); - break; - case ADDED_NID: - ret=a->nid; - break; - default: - /* abort(); */ - return 0; - } - ret&=0x3fffffffL; - ret|=ca->type<<30L; - return(ret); - } - -static int add_cmp(ADDED_OBJ *ca, ADDED_OBJ *cb) - { - ASN1_OBJECT *a,*b; - int i; - - i=ca->type-cb->type; - if (i) return(i); - a=ca->obj; - b=cb->obj; - switch (ca->type) - { - case ADDED_DATA: - i=(a->length - b->length); - if (i) return(i); - return(memcmp(a->data,b->data,a->length)); - case ADDED_SNAME: - if (a->sn == NULL) return(-1); - else if (b->sn == NULL) return(1); - else return(strcmp(a->sn,b->sn)); - case ADDED_LNAME: - if (a->ln == NULL) return(-1); - else if (b->ln == NULL) return(1); - else return(strcmp(a->ln,b->ln)); - case ADDED_NID: - return(a->nid-b->nid); - default: - /* abort(); */ - return 0; - } - return(1); /* should not get here */ - } - -static int init_added(void) - { - if (added != NULL) return(1); - added=lh_new(add_hash,add_cmp); - return(added != NULL); - } - -static void cleanup1(ADDED_OBJ *a) - { - a->obj->nid=0; - a->obj->flags|=ASN1_OBJECT_FLAG_DYNAMIC| - ASN1_OBJECT_FLAG_DYNAMIC_STRINGS| - ASN1_OBJECT_FLAG_DYNAMIC_DATA; - } - -static void cleanup2(ADDED_OBJ *a) - { a->obj->nid++; } - -static void cleanup3(ADDED_OBJ *a) - { - if (--a->obj->nid == 0) - ASN1_OBJECT_free(a->obj); - OPENSSL_free(a); - } - -void OBJ_cleanup(void) - { - if (added == NULL) return; - added->down_load=0; - lh_doall(added,cleanup1); /* zero counters */ - lh_doall(added,cleanup2); /* set counters */ - lh_doall(added,cleanup3); /* free objects */ - lh_free(added); - added=NULL; - } - -int OBJ_new_nid(int num) - { - int i; - - i=new_nid; - new_nid+=num; - return(i); - } - -int OBJ_add_object(ASN1_OBJECT *obj) - { - ASN1_OBJECT *o; - ADDED_OBJ *ao[4]={NULL,NULL,NULL,NULL},*aop; - int i; - - if (added == NULL) - if (!init_added()) return(0); - if ((o=OBJ_dup(obj)) == NULL) goto err; - ao[ADDED_NID]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ)); - if ((o->length != 0) && (obj->data != NULL)) - ao[ADDED_DATA]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ)); - if (o->sn != NULL) - ao[ADDED_SNAME]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ)); - if (o->ln != NULL) - ao[ADDED_LNAME]=(ADDED_OBJ *)OPENSSL_malloc(sizeof(ADDED_OBJ)); - - for (i=ADDED_DATA; i<=ADDED_NID; i++) - { - if (ao[i] != NULL) - { - ao[i]->type=i; - ao[i]->obj=o; - aop=(ADDED_OBJ *)lh_insert(added,ao[i]); - /* memory leak, buit should not normally matter */ - if (aop != NULL) - OPENSSL_free(aop); - } - } - o->flags&= ~(ASN1_OBJECT_FLAG_DYNAMIC|ASN1_OBJECT_FLAG_DYNAMIC_STRINGS| - ASN1_OBJECT_FLAG_DYNAMIC_DATA); - - return(o->nid); -err: - for (i=ADDED_DATA; i<=ADDED_NID; i++) - if (ao[i] != NULL) OPENSSL_free(ao[i]); - if (o != NULL) OPENSSL_free(o); - return(NID_undef); - } - -ASN1_OBJECT *OBJ_nid2obj(int n) - { - ADDED_OBJ ad,*adp; - ASN1_OBJECT ob; - - if ((n >= 0) && (n < NUM_NID)) - { - if ((n != NID_undef) && (nid_objs[n].nid == NID_undef)) - { - OBJerr(OBJ_F_OBJ_NID2OBJ,OBJ_R_UNKNOWN_NID); - return(NULL); - } - return((ASN1_OBJECT *)&(nid_objs[n])); - } - else if (added == NULL) - return(NULL); - else - { - ad.type=ADDED_NID; - ad.obj= &ob; - ob.nid=n; - adp=(ADDED_OBJ *)lh_retrieve(added,&ad); - if (adp != NULL) - return(adp->obj); - else - { - OBJerr(OBJ_F_OBJ_NID2OBJ,OBJ_R_UNKNOWN_NID); - return(NULL); - } - } - } - -const char *OBJ_nid2sn(int n) - { - ADDED_OBJ ad,*adp; - ASN1_OBJECT ob; - - if ((n >= 0) && (n < NUM_NID)) - { - if ((n != NID_undef) && (nid_objs[n].nid == NID_undef)) - { - OBJerr(OBJ_F_OBJ_NID2SN,OBJ_R_UNKNOWN_NID); - return(NULL); - } - return(nid_objs[n].sn); - } - else if (added == NULL) - return(NULL); - else - { - ad.type=ADDED_NID; - ad.obj= &ob; - ob.nid=n; - adp=(ADDED_OBJ *)lh_retrieve(added,&ad); - if (adp != NULL) - return(adp->obj->sn); - else - { - OBJerr(OBJ_F_OBJ_NID2SN,OBJ_R_UNKNOWN_NID); - return(NULL); - } - } - } - -const char *OBJ_nid2ln(int n) - { - ADDED_OBJ ad,*adp; - ASN1_OBJECT ob; - - if ((n >= 0) && (n < NUM_NID)) - { - if ((n != NID_undef) && (nid_objs[n].nid == NID_undef)) - { - OBJerr(OBJ_F_OBJ_NID2LN,OBJ_R_UNKNOWN_NID); - return(NULL); - } - return(nid_objs[n].ln); - } - else if (added == NULL) - return(NULL); - else - { - ad.type=ADDED_NID; - ad.obj= &ob; - ob.nid=n; - adp=(ADDED_OBJ *)lh_retrieve(added,&ad); - if (adp != NULL) - return(adp->obj->ln); - else - { - OBJerr(OBJ_F_OBJ_NID2LN,OBJ_R_UNKNOWN_NID); - return(NULL); - } - } - } - -int OBJ_obj2nid(ASN1_OBJECT *a) - { - ASN1_OBJECT **op; - ADDED_OBJ ad,*adp; - - if (a == NULL) - return(NID_undef); - if (a->nid != 0) - return(a->nid); - - if (added != NULL) - { - ad.type=ADDED_DATA; - ad.obj=a; - adp=(ADDED_OBJ *)lh_retrieve(added,&ad); - if (adp != NULL) return (adp->obj->nid); - } - op=(ASN1_OBJECT **)OBJ_bsearch((char *)&a,(char *)obj_objs,NUM_OBJ, - sizeof(ASN1_OBJECT *),obj_cmp); - if (op == NULL) - return(NID_undef); - return((*op)->nid); - } - -/* Convert an object name into an ASN1_OBJECT - * if "noname" is not set then search for short and long names first. - * This will convert the "dotted" form into an object: unlike OBJ_txt2nid - * it can be used with any objects, not just registered ones. - */ - -ASN1_OBJECT *OBJ_txt2obj(const char *s, int no_name) - { - int nid = NID_undef; - ASN1_OBJECT *op=NULL; - unsigned char *buf,*p; - int i, j; - - if(!no_name) { - if( ((nid = OBJ_sn2nid(s)) != NID_undef) || - ((nid = OBJ_ln2nid(s)) != NID_undef) ) - return OBJ_nid2obj(nid); - } - - /* Work out size of content octets */ - i=a2d_ASN1_OBJECT(NULL,0,s,-1); - if (i <= 0) { - /* Clear the error */ - ERR_get_error(); - return NULL; - } - /* Work out total size */ - j = ASN1_object_size(0,i,V_ASN1_OBJECT); - - if((buf=(unsigned char *)OPENSSL_malloc(j)) == NULL) return NULL; - - p = buf; - /* Write out tag+length */ - ASN1_put_object(&p,0,i,V_ASN1_OBJECT,V_ASN1_UNIVERSAL); - /* Write out contents */ - a2d_ASN1_OBJECT(p,i,s,-1); - - p=buf; - op=d2i_ASN1_OBJECT(NULL,&p,i); - OPENSSL_free(buf); - return op; - } - -int OBJ_obj2txt(char *buf, int buf_len, ASN1_OBJECT *a, int no_name) -{ - int i,idx=0,n=0,len,nid; - unsigned long l; - unsigned char *p; - const char *s; - char tbuf[32]; - - if (buf_len <= 0) return(0); - - if ((a == NULL) || (a->data == NULL)) { - buf[0]='\0'; - return(0); - } - - nid=OBJ_obj2nid(a); - if ((nid == NID_undef) || no_name) { - len=a->length; - p=a->data; - - idx=0; - l=0; - while (idx < a->length) { - l|=(p[idx]&0x7f); - if (!(p[idx] & 0x80)) break; - l<<=7L; - idx++; - } - idx++; - i=(int)(l/40); - if (i > 2) i=2; - l-=(long)(i*40); - - sprintf(tbuf,"%d.%lu",i,l); - i=strlen(tbuf); - strncpy(buf,tbuf,buf_len); - buf_len-=i; - buf+=i; - n+=i; - - l=0; - for (; idx 0) - strncpy(buf,tbuf,buf_len); - buf_len-=i; - buf+=i; - n+=i; - l=0; - } - l<<=7L; - } - } else { - s=OBJ_nid2ln(nid); - if (s == NULL) - s=OBJ_nid2sn(nid); - strncpy(buf,s,buf_len); - n=strlen(s); - } - buf[buf_len-1]='\0'; - return(n); -} - -int OBJ_txt2nid(char *s) -{ - ASN1_OBJECT *obj; - int nid; - obj = OBJ_txt2obj(s, 0); - nid = OBJ_obj2nid(obj); - ASN1_OBJECT_free(obj); - return nid; -} - -int OBJ_ln2nid(const char *s) - { - ASN1_OBJECT o,*oo= &o,**op; - ADDED_OBJ ad,*adp; - - o.ln=s; - if (added != NULL) - { - ad.type=ADDED_LNAME; - ad.obj= &o; - adp=(ADDED_OBJ *)lh_retrieve(added,&ad); - if (adp != NULL) return (adp->obj->nid); - } - op=(ASN1_OBJECT **)OBJ_bsearch((char *)&oo,(char *)ln_objs,NUM_LN, - sizeof(ASN1_OBJECT *),ln_cmp); - if (op == NULL) return(NID_undef); - return((*op)->nid); - } - -int OBJ_sn2nid(const char *s) - { - ASN1_OBJECT o,*oo= &o,**op; - ADDED_OBJ ad,*adp; - - o.sn=s; - if (added != NULL) - { - ad.type=ADDED_SNAME; - ad.obj= &o; - adp=(ADDED_OBJ *)lh_retrieve(added,&ad); - if (adp != NULL) return (adp->obj->nid); - } - op=(ASN1_OBJECT **)OBJ_bsearch((char *)&oo,(char *)sn_objs,NUM_SN, - sizeof(ASN1_OBJECT *),sn_cmp); - if (op == NULL) return(NID_undef); - return((*op)->nid); - } - -static int obj_cmp(const void *ap, const void *bp) - { - int j; - ASN1_OBJECT *a= *(ASN1_OBJECT **)ap; - ASN1_OBJECT *b= *(ASN1_OBJECT **)bp; - - j=(a->length - b->length); - if (j) return(j); - return(memcmp(a->data,b->data,a->length)); - } - -char *OBJ_bsearch(char *key, char *base, int num, int size, int (*cmp)(const void *, const void *)) - { - int l,h,i,c; - char *p; - - if (num == 0) return(NULL); - l=0; - h=num; - while (l < h) - { - i=(l+h)/2; - p= &(base[i*size]); - c=(*cmp)(key,p); - if (c < 0) - h=i; - else if (c > 0) - l=i+1; - else - return(p); - } -#ifdef CHARSET_EBCDIC -/* THIS IS A KLUDGE - Because the *_obj is sorted in ASCII order, and - * I don't have perl (yet), we revert to a *LINEAR* search - * when the object wasn't found in the binary search. - */ - for (i=0; i$ARGV[1]") || die "Can't open output file $ARGV[1]"; - -while () - { - next unless /^\#define\s+(\S+)\s+(.*)$/; - $v=$1; - $d=$2; - $d =~ s/^\"//; - $d =~ s/\"$//; - if ($v =~ /^SN_(.*)$/) - { - if(defined $snames{$d}) - { - print "WARNING: Duplicate short name \"$d\"\n"; - } - else - { $snames{$d} = "X"; } - $sn{$1}=$d; - } - elsif ($v =~ /^LN_(.*)$/) - { - if(defined $lnames{$d}) - { - print "WARNING: Duplicate long name \"$d\"\n"; - } - else - { $lnames{$d} = "X"; } - $ln{$1}=$d; - } - elsif ($v =~ /^NID_(.*)$/) - { $nid{$d}=$1; } - elsif ($v =~ /^OBJ_(.*)$/) - { - $obj{$1}=$v; - $objd{$v}=$d; - } - } -close IN; - -%ob=&expand_obj(*objd); - -@a=sort { $a <=> $b } keys %nid; -$n=$a[$#a]+1; - -@lvalues=(); -$lvalues=0; - -for ($i=0; $i<$n; $i++) - { - if (!defined($nid{$i})) - { - push(@out,"{NULL,NULL,NID_undef,0,NULL},\n"); - } - else - { - $sn=defined($sn{$nid{$i}})?"$sn{$nid{$i}}":"NULL"; - $ln=defined($ln{$nid{$i}})?"$ln{$nid{$i}}":"NULL"; - - if ($sn eq "NULL") { - $sn=$ln; - $sn{$nid{$i}} = $ln; - } - - if ($ln eq "NULL") { - $ln=$sn; - $ln{$nid{$i}} = $sn; - } - - $out ="{"; - $out.="\"$sn\""; - $out.=","."\"$ln\""; - $out.=",NID_$nid{$i},"; - if (defined($obj{$nid{$i}})) - { - $v=$objd{$obj{$nid{$i}}}; - $v =~ s/L//g; - $v =~ s/,/ /g; - $r=&der_it($v); - $z=""; - $length=0; - foreach (unpack("C*",$r)) - { - $z.=sprintf("0x%02X,",$_); - $length++; - } - $obj_der{$obj{$nid{$i}}}=$z; - $obj_len{$obj{$nid{$i}}}=$length; - - push(@lvalues,sprintf("%-45s/* [%3d] %s */\n", - $z,$lvalues,$obj{$nid{$i}})); - $out.="$length,&(lvalues[$lvalues]),0"; - $lvalues+=$length; - } - else - { - $out.="0,NULL"; - } - $out.="},\n"; - push(@out,$out); - } - } - -@a=grep(defined($sn{$nid{$_}}),0 .. $n); -foreach (sort { $sn{$nid{$a}} cmp $sn{$nid{$b}} } @a) - { - push(@sn,sprintf("&(nid_objs[%2d]),/* \"$sn{$nid{$_}}\" */\n",$_)); - } - -@a=grep(defined($ln{$nid{$_}}),0 .. $n); -foreach (sort { $ln{$nid{$a}} cmp $ln{$nid{$b}} } @a) - { - push(@ln,sprintf("&(nid_objs[%2d]),/* \"$ln{$nid{$_}}\" */\n",$_)); - } - -@a=grep(defined($obj{$nid{$_}}),0 .. $n); -foreach (sort obj_cmp @a) - { - $m=$obj{$nid{$_}}; - $v=$objd{$m}; - $v =~ s/L//g; - $v =~ s/,/ /g; - push(@ob,sprintf("&(nid_objs[%2d]),/* %-32s %s */\n",$_,$m,$v)); - } - -print OUT <<'EOF'; -/* lib/obj/obj_dat.h */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -/* THIS FILE IS GENERATED FROM Objects.h by obj_dat.pl via the - * following command: - * perl obj_dat.pl objects.h obj_dat.h - */ - -EOF - -printf OUT "#define NUM_NID %d\n",$n; -printf OUT "#define NUM_SN %d\n",$#sn+1; -printf OUT "#define NUM_LN %d\n",$#ln+1; -printf OUT "#define NUM_OBJ %d\n\n",$#ob+1; - -printf OUT "static unsigned char lvalues[%d]={\n",$lvalues+1; -print OUT @lvalues; -print OUT "};\n\n"; - -printf OUT "static ASN1_OBJECT nid_objs[NUM_NID]={\n"; -foreach (@out) - { - if (length($_) > 75) - { - $out=""; - foreach (split(/,/)) - { - $t=$out.$_.","; - if (length($t) > 70) - { - print OUT "$out\n"; - $t="\t$_,"; - } - $out=$t; - } - chop $out; - print OUT "$out"; - } - else - { print OUT $_; } - } -print OUT "};\n\n"; - -printf OUT "static ASN1_OBJECT *sn_objs[NUM_SN]={\n"; -print OUT @sn; -print OUT "};\n\n"; - -printf OUT "static ASN1_OBJECT *ln_objs[NUM_LN]={\n"; -print OUT @ln; -print OUT "};\n\n"; - -printf OUT "static ASN1_OBJECT *obj_objs[NUM_OBJ]={\n"; -print OUT @ob; -print OUT "};\n\n"; - -close OUT; - -sub der_it - { - local($v)=@_; - local(@a,$i,$ret,@r); - - @a=split(/\s+/,$v); - $ret.=pack("C*",$a[0]*40+$a[1]); - shift @a; - shift @a; - foreach (@a) - { - @r=(); - $t=0; - while ($_ >= 128) - { - $x=$_%128; - $_/=128; - push(@r,((($t++)?0x80:0)|$x)); - } - push(@r,((($t++)?0x80:0)|$_)); - $ret.=pack("C*",reverse(@r)); - } - return($ret); - } diff --git a/src/lib/libcrypto/objects/obj_err.c b/src/lib/libcrypto/objects/obj_err.c deleted file mode 100644 index 7aec0ed47a..0000000000 --- a/src/lib/libcrypto/objects/obj_err.c +++ /dev/null @@ -1,99 +0,0 @@ -/* crypto/objects/obj_err.c */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* NOTE: this file was auto generated by the mkerr.pl script: any changes - * made to it will be overwritten when the script next updates this file, - * only reason strings will be preserved. - */ - -#include -#include -#include - -/* BEGIN ERROR CODES */ -#ifndef NO_ERR -static ERR_STRING_DATA OBJ_str_functs[]= - { -{ERR_PACK(0,OBJ_F_OBJ_CREATE,0), "OBJ_create"}, -{ERR_PACK(0,OBJ_F_OBJ_DUP,0), "OBJ_dup"}, -{ERR_PACK(0,OBJ_F_OBJ_NID2LN,0), "OBJ_nid2ln"}, -{ERR_PACK(0,OBJ_F_OBJ_NID2OBJ,0), "OBJ_nid2obj"}, -{ERR_PACK(0,OBJ_F_OBJ_NID2SN,0), "OBJ_nid2sn"}, -{0,NULL} - }; - -static ERR_STRING_DATA OBJ_str_reasons[]= - { -{OBJ_R_MALLOC_FAILURE ,"malloc failure"}, -{OBJ_R_UNKNOWN_NID ,"unknown nid"}, -{0,NULL} - }; - -#endif - -void ERR_load_OBJ_strings(void) - { - static int init=1; - - if (init) - { - init=0; -#ifndef NO_ERR - ERR_load_strings(ERR_LIB_OBJ,OBJ_str_functs); - ERR_load_strings(ERR_LIB_OBJ,OBJ_str_reasons); -#endif - - } - } diff --git a/src/lib/libcrypto/objects/obj_lib.c b/src/lib/libcrypto/objects/obj_lib.c deleted file mode 100644 index 0c71639eba..0000000000 --- a/src/lib/libcrypto/objects/obj_lib.c +++ /dev/null @@ -1,126 +0,0 @@ -/* crypto/objects/obj_lib.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include -#include - -ASN1_OBJECT *OBJ_dup(ASN1_OBJECT *o) - { - ASN1_OBJECT *r; - int i; - char *ln=NULL; - - if (o == NULL) return(NULL); - if (!(o->flags & ASN1_OBJECT_FLAG_DYNAMIC)) - return(o); - - r=ASN1_OBJECT_new(); - if (r == NULL) - { - OBJerr(OBJ_F_OBJ_DUP,ERR_R_ASN1_LIB); - return(NULL); - } - r->data=OPENSSL_malloc(o->length); - if (r->data == NULL) - goto err; - memcpy(r->data,o->data,o->length); - r->length=o->length; - r->nid=o->nid; - r->ln=r->sn=NULL; - if (o->ln != NULL) - { - i=strlen(o->ln)+1; - r->ln=ln=OPENSSL_malloc(i); - if (r->ln == NULL) goto err; - memcpy(ln,o->ln,i); - } - - if (o->sn != NULL) - { - char *s; - - i=strlen(o->sn)+1; - r->sn=s=OPENSSL_malloc(i); - if (r->sn == NULL) goto err; - memcpy(s,o->sn,i); - } - r->flags=o->flags|(ASN1_OBJECT_FLAG_DYNAMIC| - ASN1_OBJECT_FLAG_DYNAMIC_STRINGS|ASN1_OBJECT_FLAG_DYNAMIC_DATA); - return(r); -err: - OBJerr(OBJ_F_OBJ_DUP,ERR_R_MALLOC_FAILURE); - if (r != NULL) - { - if (ln != NULL) OPENSSL_free(ln); - if (r->data != NULL) OPENSSL_free(r->data); - OPENSSL_free(r); - } - return(NULL); - } - -int OBJ_cmp(ASN1_OBJECT *a, ASN1_OBJECT *b) - { - int ret; - - ret=(a->length-b->length); - if (ret) return(ret); - return(memcmp(a->data,b->data,a->length)); - } diff --git a/src/lib/libcrypto/objects/obj_mac.num b/src/lib/libcrypto/objects/obj_mac.num deleted file mode 100644 index d73a51370f..0000000000 --- a/src/lib/libcrypto/objects/obj_mac.num +++ /dev/null @@ -1,392 +0,0 @@ -undef 0 -rsadsi 1 -pkcs 2 -md2 3 -md5 4 -rc4 5 -rsaEncryption 6 -md2WithRSAEncryption 7 -md5WithRSAEncryption 8 -pbeWithMD2AndDES_CBC 9 -pbeWithMD5AndDES_CBC 10 -X500 11 -X509 12 -commonName 13 -countryName 14 -localityName 15 -stateOrProvinceName 16 -organizationName 17 -organizationalUnitName 18 -rsa 19 -pkcs7 20 -pkcs7_data 21 -pkcs7_signed 22 -pkcs7_enveloped 23 -pkcs7_signedAndEnveloped 24 -pkcs7_digest 25 -pkcs7_encrypted 26 -pkcs3 27 -dhKeyAgreement 28 -des_ecb 29 -des_cfb64 30 -des_cbc 31 -des_ede 32 -des_ede3 33 -idea_cbc 34 -idea_cfb64 35 -idea_ecb 36 -rc2_cbc 37 -rc2_ecb 38 -rc2_cfb64 39 -rc2_ofb64 40 -sha 41 -shaWithRSAEncryption 42 -des_ede_cbc 43 -des_ede3_cbc 44 -des_ofb64 45 -idea_ofb64 46 -pkcs9 47 -pkcs9_emailAddress 48 -pkcs9_unstructuredName 49 -pkcs9_contentType 50 -pkcs9_messageDigest 51 -pkcs9_signingTime 52 -pkcs9_countersignature 53 -pkcs9_challengePassword 54 -pkcs9_unstructuredAddress 55 -pkcs9_extCertAttributes 56 -netscape 57 -netscape_cert_extension 58 -netscape_data_type 59 -des_ede_cfb64 60 -des_ede3_cfb64 61 -des_ede_ofb64 62 -des_ede3_ofb64 63 -sha1 64 -sha1WithRSAEncryption 65 -dsaWithSHA 66 -dsa_2 67 -pbeWithSHA1AndRC2_CBC 68 -id_pbkdf2 69 -dsaWithSHA1_2 70 -netscape_cert_type 71 -netscape_base_url 72 -netscape_revocation_url 73 -netscape_ca_revocation_url 74 -netscape_renewal_url 75 -netscape_ca_policy_url 76 -netscape_ssl_server_name 77 -netscape_comment 78 -netscape_cert_sequence 79 -desx_cbc 80 -id_ce 81 -subject_key_identifier 82 -key_usage 83 -private_key_usage_period 84 -subject_alt_name 85 -issuer_alt_name 86 -basic_constraints 87 -crl_number 88 -certificate_policies 89 -authority_key_identifier 90 -bf_cbc 91 -bf_ecb 92 -bf_cfb64 93 -bf_ofb64 94 -mdc2 95 -mdc2WithRSA 96 -rc4_40 97 -rc2_40_cbc 98 -givenName 99 -surname 100 -initials 101 -uniqueIdentifier 102 -crl_distribution_points 103 -md5WithRSA 104 -serialNumber 105 -title 106 -description 107 -cast5_cbc 108 -cast5_ecb 109 -cast5_cfb64 110 -cast5_ofb64 111 -pbeWithMD5AndCast5_CBC 112 -dsaWithSHA1 113 -md5_sha1 114 -sha1WithRSA 115 -dsa 116 -ripemd160 117 -ripemd160WithRSA 119 -rc5_cbc 120 -rc5_ecb 121 -rc5_cfb64 122 -rc5_ofb64 123 -rle_compression 124 -zlib_compression 125 -ext_key_usage 126 -id_pkix 127 -id_kp 128 -server_auth 129 -client_auth 130 -code_sign 131 -email_protect 132 -time_stamp 133 -ms_code_ind 134 -ms_code_com 135 -ms_ctl_sign 136 -ms_sgc 137 -ms_efs 138 -ns_sgc 139 -delta_crl 140 -crl_reason 141 -invalidity_date 142 -sxnet 143 -pbe_WithSHA1And128BitRC4 144 -pbe_WithSHA1And40BitRC4 145 -pbe_WithSHA1And3_Key_TripleDES_CBC 146 -pbe_WithSHA1And2_Key_TripleDES_CBC 147 -pbe_WithSHA1And128BitRC2_CBC 148 -pbe_WithSHA1And40BitRC2_CBC 149 -keyBag 150 -pkcs8ShroudedKeyBag 151 -certBag 152 -crlBag 153 -secretBag 154 -safeContentsBag 155 -friendlyName 156 -localKeyID 157 -x509Certificate 158 -sdsiCertificate 159 -x509Crl 160 -pbes2 161 -pbmac1 162 -hmacWithSHA1 163 -id_qt_cps 164 -id_qt_unotice 165 -rc2_64_cbc 166 -SMIMECapabilities 167 -pbeWithMD2AndRC2_CBC 168 -pbeWithMD5AndRC2_CBC 169 -pbeWithSHA1AndDES_CBC 170 -ms_ext_req 171 -ext_req 172 -name 173 -dnQualifier 174 -id_pe 175 -id_ad 176 -info_access 177 -ad_OCSP 178 -ad_ca_issuers 179 -OCSP_sign 180 -iso 181 -member_body 182 -ISO_US 183 -X9_57 184 -X9cm 185 -pkcs1 186 -pkcs5 187 -SMIME 188 -id_smime_mod 189 -id_smime_ct 190 -id_smime_aa 191 -id_smime_alg 192 -id_smime_cd 193 -id_smime_spq 194 -id_smime_cti 195 -id_smime_mod_cms 196 -id_smime_mod_ess 197 -id_smime_mod_oid 198 -id_smime_mod_msg_v3 199 -id_smime_mod_ets_eSignature_88 200 -id_smime_mod_ets_eSignature_97 201 -id_smime_mod_ets_eSigPolicy_88 202 -id_smime_mod_ets_eSigPolicy_97 203 -id_smime_ct_receipt 204 -id_smime_ct_authData 205 -id_smime_ct_publishCert 206 -id_smime_ct_TSTInfo 207 -id_smime_ct_TDTInfo 208 -id_smime_ct_contentInfo 209 -id_smime_ct_DVCSRequestData 210 -id_smime_ct_DVCSResponseData 211 -id_smime_aa_receiptRequest 212 -id_smime_aa_securityLabel 213 -id_smime_aa_mlExpandHistory 214 -id_smime_aa_contentHint 215 -id_smime_aa_msgSigDigest 216 -id_smime_aa_encapContentType 217 -id_smime_aa_contentIdentifier 218 -id_smime_aa_macValue 219 -id_smime_aa_equivalentLabels 220 -id_smime_aa_contentReference 221 -id_smime_aa_encrypKeyPref 222 -id_smime_aa_signingCertificate 223 -id_smime_aa_smimeEncryptCerts 224 -id_smime_aa_timeStampToken 225 -id_smime_aa_ets_sigPolicyId 226 -id_smime_aa_ets_commitmentType 227 -id_smime_aa_ets_signerLocation 228 -id_smime_aa_ets_signerAttr 229 -id_smime_aa_ets_otherSigCert 230 -id_smime_aa_ets_contentTimestamp 231 -id_smime_aa_ets_CertificateRefs 232 -id_smime_aa_ets_RevocationRefs 233 -id_smime_aa_ets_certValues 234 -id_smime_aa_ets_revocationValues 235 -id_smime_aa_ets_escTimeStamp 236 -id_smime_aa_ets_certCRLTimestamp 237 -id_smime_aa_ets_archiveTimeStamp 238 -id_smime_aa_signatureType 239 -id_smime_aa_dvcs_dvc 240 -id_smime_alg_ESDHwith3DES 241 -id_smime_alg_ESDHwithRC2 242 -id_smime_alg_3DESwrap 243 -id_smime_alg_RC2wrap 244 -id_smime_alg_ESDH 245 -id_smime_alg_CMS3DESwrap 246 -id_smime_alg_CMSRC2wrap 247 -id_smime_cd_ldap 248 -id_smime_spq_ets_sqt_uri 249 -id_smime_spq_ets_sqt_unotice 250 -id_smime_cti_ets_proofOfOrigin 251 -id_smime_cti_ets_proofOfReceipt 252 -id_smime_cti_ets_proofOfDelivery 253 -id_smime_cti_ets_proofOfSender 254 -id_smime_cti_ets_proofOfApproval 255 -id_smime_cti_ets_proofOfCreation 256 -md4 257 -id_pkix_mod 258 -id_qt 259 -id_it 260 -id_pkip 261 -id_alg 262 -id_cmc 263 -id_on 264 -id_pda 265 -id_aca 266 -id_qcs 267 -id_cct 268 -id_pkix1_explicit_88 269 -id_pkix1_implicit_88 270 -id_pkix1_explicit_93 271 -id_pkix1_implicit_93 272 -id_mod_crmf 273 -id_mod_cmc 274 -id_mod_kea_profile_88 275 -id_mod_kea_profile_93 276 -id_mod_cmp 277 -id_mod_qualified_cert_88 278 -id_mod_qualified_cert_93 279 -id_mod_attribute_cert 280 -id_mod_timestamp_protocol 281 -id_mod_ocsp 282 -id_mod_dvcs 283 -id_mod_cmp2000 284 -biometricInfo 285 -qcStatements 286 -ac_auditEntity 287 -ac_targeting 288 -aaControls 289 -sbqp_ipAddrBlock 290 -sbqp_autonomousSysNum 291 -sbqp_routerIdentifier 292 -textNotice 293 -ipsecEndSystem 294 -ipsecTunnel 295 -ipsecUser 296 -dvcs 297 -id_it_caProtEncCert 298 -id_it_signKeyPairTypes 299 -id_it_encKeyPairTypes 300 -id_it_preferredSymmAlg 301 -id_it_caKeyUpdateInfo 302 -id_it_currentCRL 303 -id_it_unsupportedOIDs 304 -id_it_subscriptionRequest 305 -id_it_subscriptionResponse 306 -id_it_keyPairParamReq 307 -id_it_keyPairParamRep 308 -id_it_revPassphrase 309 -id_it_implicitConfirm 310 -id_it_confirmWaitTime 311 -id_it_origPKIMessage 312 -id_regCtrl 313 -id_regInfo 314 -id_regCtrl_regToken 315 -id_regCtrl_authenticator 316 -id_regCtrl_pkiPublicationInfo 317 -id_regCtrl_pkiArchiveOptions 318 -id_regCtrl_oldCertID 319 -id_regCtrl_protocolEncrKey 320 -id_regInfo_utf8Pairs 321 -id_regInfo_certReq 322 -id_alg_des40 323 -id_alg_noSignature 324 -id_alg_dh_sig_hmac_sha1 325 -id_alg_dh_pop 326 -id_cmc_statusInfo 327 -id_cmc_identification 328 -id_cmc_identityProof 329 -id_cmc_dataReturn 330 -id_cmc_transactionId 331 -id_cmc_senderNonce 332 -id_cmc_recipientNonce 333 -id_cmc_addExtensions 334 -id_cmc_encryptedPOP 335 -id_cmc_decryptedPOP 336 -id_cmc_lraPOPWitness 337 -id_cmc_getCert 338 -id_cmc_getCRL 339 -id_cmc_revokeRequest 340 -id_cmc_regInfo 341 -id_cmc_responseInfo 342 -id_cmc_queryPending 343 -id_cmc_popLinkRandom 344 -id_cmc_popLinkWitness 345 -id_cmc_confirmCertAcceptance 346 -id_on_personalData 347 -id_pda_dateOfBirth 348 -id_pda_placeOfBirth 349 -id_pda_pseudonym 350 -id_pda_gender 351 -id_pda_countryOfCitizenship 352 -id_pda_countryOfResidence 353 -id_aca_authenticationInfo 354 -id_aca_accessIdentity 355 -id_aca_chargingIdentity 356 -id_aca_group 357 -id_aca_role 358 -id_qcs_pkixQCSyntax_v1 359 -id_cct_crs 360 -id_cct_PKIData 361 -id_cct_PKIResponse 362 -ad_timeStamping 363 -ad_dvcs 364 -id_pkix_OCSP_basic 365 -id_pkix_OCSP_Nonce 366 -id_pkix_OCSP_CrlID 367 -id_pkix_OCSP_acceptableResponses 368 -id_pkix_OCSP_noCheck 369 -id_pkix_OCSP_archiveCutoff 370 -id_pkix_OCSP_serviceLocator 371 -id_pkix_OCSP_extendedStatus 372 -id_pkix_OCSP_valid 373 -id_pkix_OCSP_path 374 -id_pkix_OCSP_trustRoot 375 -algorithm 376 -rsaSignature 377 -X500algorithms 378 -org 379 -dod 380 -iana 381 -Directory 382 -Management 383 -Experimental 384 -Private 385 -Security 386 -SNMPv2 387 -Mail 388 -Enterprises 389 -dcObject 390 -domainComponent 391 -Domain 392 diff --git a/src/lib/libcrypto/objects/objects.README b/src/lib/libcrypto/objects/objects.README deleted file mode 100644 index 4d745508d8..0000000000 --- a/src/lib/libcrypto/objects/objects.README +++ /dev/null @@ -1,44 +0,0 @@ -objects.txt syntax ------------------- - -To cover all the naming hacks that were previously in objects.h needed some -kind of hacks in objects.txt. - -The basic syntax for adding an object is as follows: - - 1 2 3 4 : shortName : Long Name - - If the long name doesn't contain spaces, or no short name - exists, the long name is used as basis for the base name - in C. Otherwise, the short name is used. - - The base name (let's call it 'base') will then be used to - create the C macros SN_base, LN_base, NID_base and OBJ_base. - - Note that if the base name contains spaces, dashes or periods, - those will be converte to underscore. - -Then there are some extra commands: - - !Alias foo 1 2 3 4 - - This juts makes a name foo for an OID. The C macro - OBJ_foo will be created as a result. - - !Cname foo - - This makes sure that the name foo will be used as base name - in C. - - !module foo - 1 2 3 4 : shortName : Long Name - !global - - The !module command was meant to define a kind of modularity. - What it does is to make sure the module name is prepended - to the base name. !global turns this off. This construction - is not recursive. - -Lines starting with # are treated as comments, as well as any line starting -with ! and not matching the commands above. - diff --git a/src/lib/libcrypto/objects/objects.h b/src/lib/libcrypto/objects/objects.h deleted file mode 100644 index c099e2e84e..0000000000 --- a/src/lib/libcrypto/objects/objects.h +++ /dev/null @@ -1,1038 +0,0 @@ -/* crypto/objects/objects.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_OBJECTS_H -#define HEADER_OBJECTS_H - -#define USE_OBJ_MAC - -#ifdef USE_OBJ_MAC -#include -#else -#define SN_undef "UNDEF" -#define LN_undef "undefined" -#define NID_undef 0 -#define OBJ_undef 0L - -#define SN_Algorithm "Algorithm" -#define LN_algorithm "algorithm" -#define NID_algorithm 38 -#define OBJ_algorithm 1L,3L,14L,3L,2L - -#define LN_rsadsi "rsadsi" -#define NID_rsadsi 1 -#define OBJ_rsadsi 1L,2L,840L,113549L - -#define LN_pkcs "pkcs" -#define NID_pkcs 2 -#define OBJ_pkcs OBJ_rsadsi,1L - -#define SN_md2 "MD2" -#define LN_md2 "md2" -#define NID_md2 3 -#define OBJ_md2 OBJ_rsadsi,2L,2L - -#define SN_md5 "MD5" -#define LN_md5 "md5" -#define NID_md5 4 -#define OBJ_md5 OBJ_rsadsi,2L,5L - -#define SN_rc4 "RC4" -#define LN_rc4 "rc4" -#define NID_rc4 5 -#define OBJ_rc4 OBJ_rsadsi,3L,4L - -#define LN_rsaEncryption "rsaEncryption" -#define NID_rsaEncryption 6 -#define OBJ_rsaEncryption OBJ_pkcs,1L,1L - -#define SN_md2WithRSAEncryption "RSA-MD2" -#define LN_md2WithRSAEncryption "md2WithRSAEncryption" -#define NID_md2WithRSAEncryption 7 -#define OBJ_md2WithRSAEncryption OBJ_pkcs,1L,2L - -#define SN_md5WithRSAEncryption "RSA-MD5" -#define LN_md5WithRSAEncryption "md5WithRSAEncryption" -#define NID_md5WithRSAEncryption 8 -#define OBJ_md5WithRSAEncryption OBJ_pkcs,1L,4L - -#define SN_pbeWithMD2AndDES_CBC "PBE-MD2-DES" -#define LN_pbeWithMD2AndDES_CBC "pbeWithMD2AndDES-CBC" -#define NID_pbeWithMD2AndDES_CBC 9 -#define OBJ_pbeWithMD2AndDES_CBC OBJ_pkcs,5L,1L - -#define SN_pbeWithMD5AndDES_CBC "PBE-MD5-DES" -#define LN_pbeWithMD5AndDES_CBC "pbeWithMD5AndDES-CBC" -#define NID_pbeWithMD5AndDES_CBC 10 -#define OBJ_pbeWithMD5AndDES_CBC OBJ_pkcs,5L,3L - -#define LN_X500 "X500" -#define NID_X500 11 -#define OBJ_X500 2L,5L - -#define LN_X509 "X509" -#define NID_X509 12 -#define OBJ_X509 OBJ_X500,4L - -#define SN_commonName "CN" -#define LN_commonName "commonName" -#define NID_commonName 13 -#define OBJ_commonName OBJ_X509,3L - -#define SN_countryName "C" -#define LN_countryName "countryName" -#define NID_countryName 14 -#define OBJ_countryName OBJ_X509,6L - -#define SN_localityName "L" -#define LN_localityName "localityName" -#define NID_localityName 15 -#define OBJ_localityName OBJ_X509,7L - -/* Postal Address? PA */ - -/* should be "ST" (rfc1327) but MS uses 'S' */ -#define SN_stateOrProvinceName "ST" -#define LN_stateOrProvinceName "stateOrProvinceName" -#define NID_stateOrProvinceName 16 -#define OBJ_stateOrProvinceName OBJ_X509,8L - -#define SN_organizationName "O" -#define LN_organizationName "organizationName" -#define NID_organizationName 17 -#define OBJ_organizationName OBJ_X509,10L - -#define SN_organizationalUnitName "OU" -#define LN_organizationalUnitName "organizationalUnitName" -#define NID_organizationalUnitName 18 -#define OBJ_organizationalUnitName OBJ_X509,11L - -#define SN_rsa "RSA" -#define LN_rsa "rsa" -#define NID_rsa 19 -#define OBJ_rsa OBJ_X500,8L,1L,1L - -#define LN_pkcs7 "pkcs7" -#define NID_pkcs7 20 -#define OBJ_pkcs7 OBJ_pkcs,7L - -#define LN_pkcs7_data "pkcs7-data" -#define NID_pkcs7_data 21 -#define OBJ_pkcs7_data OBJ_pkcs7,1L - -#define LN_pkcs7_signed "pkcs7-signedData" -#define NID_pkcs7_signed 22 -#define OBJ_pkcs7_signed OBJ_pkcs7,2L - -#define LN_pkcs7_enveloped "pkcs7-envelopedData" -#define NID_pkcs7_enveloped 23 -#define OBJ_pkcs7_enveloped OBJ_pkcs7,3L - -#define LN_pkcs7_signedAndEnveloped "pkcs7-signedAndEnvelopedData" -#define NID_pkcs7_signedAndEnveloped 24 -#define OBJ_pkcs7_signedAndEnveloped OBJ_pkcs7,4L - -#define LN_pkcs7_digest "pkcs7-digestData" -#define NID_pkcs7_digest 25 -#define OBJ_pkcs7_digest OBJ_pkcs7,5L - -#define LN_pkcs7_encrypted "pkcs7-encryptedData" -#define NID_pkcs7_encrypted 26 -#define OBJ_pkcs7_encrypted OBJ_pkcs7,6L - -#define LN_pkcs3 "pkcs3" -#define NID_pkcs3 27 -#define OBJ_pkcs3 OBJ_pkcs,3L - -#define LN_dhKeyAgreement "dhKeyAgreement" -#define NID_dhKeyAgreement 28 -#define OBJ_dhKeyAgreement OBJ_pkcs3,1L - -#define SN_des_ecb "DES-ECB" -#define LN_des_ecb "des-ecb" -#define NID_des_ecb 29 -#define OBJ_des_ecb OBJ_algorithm,6L - -#define SN_des_cfb64 "DES-CFB" -#define LN_des_cfb64 "des-cfb" -#define NID_des_cfb64 30 -/* IV + num */ -#define OBJ_des_cfb64 OBJ_algorithm,9L - -#define SN_des_cbc "DES-CBC" -#define LN_des_cbc "des-cbc" -#define NID_des_cbc 31 -/* IV */ -#define OBJ_des_cbc OBJ_algorithm,7L - -#define SN_des_ede "DES-EDE" -#define LN_des_ede "des-ede" -#define NID_des_ede 32 -/* ?? */ -#define OBJ_des_ede OBJ_algorithm,17L - -#define SN_des_ede3 "DES-EDE3" -#define LN_des_ede3 "des-ede3" -#define NID_des_ede3 33 - -#define SN_idea_cbc "IDEA-CBC" -#define LN_idea_cbc "idea-cbc" -#define NID_idea_cbc 34 -#define OBJ_idea_cbc 1L,3L,6L,1L,4L,1L,188L,7L,1L,1L,2L - -#define SN_idea_cfb64 "IDEA-CFB" -#define LN_idea_cfb64 "idea-cfb" -#define NID_idea_cfb64 35 - -#define SN_idea_ecb "IDEA-ECB" -#define LN_idea_ecb "idea-ecb" -#define NID_idea_ecb 36 - -#define SN_rc2_cbc "RC2-CBC" -#define LN_rc2_cbc "rc2-cbc" -#define NID_rc2_cbc 37 -#define OBJ_rc2_cbc OBJ_rsadsi,3L,2L - -#define SN_rc2_ecb "RC2-ECB" -#define LN_rc2_ecb "rc2-ecb" -#define NID_rc2_ecb 38 - -#define SN_rc2_cfb64 "RC2-CFB" -#define LN_rc2_cfb64 "rc2-cfb" -#define NID_rc2_cfb64 39 - -#define SN_rc2_ofb64 "RC2-OFB" -#define LN_rc2_ofb64 "rc2-ofb" -#define NID_rc2_ofb64 40 - -#define SN_sha "SHA" -#define LN_sha "sha" -#define NID_sha 41 -#define OBJ_sha OBJ_algorithm,18L - -#define SN_shaWithRSAEncryption "RSA-SHA" -#define LN_shaWithRSAEncryption "shaWithRSAEncryption" -#define NID_shaWithRSAEncryption 42 -#define OBJ_shaWithRSAEncryption OBJ_algorithm,15L - -#define SN_des_ede_cbc "DES-EDE-CBC" -#define LN_des_ede_cbc "des-ede-cbc" -#define NID_des_ede_cbc 43 - -#define SN_des_ede3_cbc "DES-EDE3-CBC" -#define LN_des_ede3_cbc "des-ede3-cbc" -#define NID_des_ede3_cbc 44 -#define OBJ_des_ede3_cbc OBJ_rsadsi,3L,7L - -#define SN_des_ofb64 "DES-OFB" -#define LN_des_ofb64 "des-ofb" -#define NID_des_ofb64 45 -#define OBJ_des_ofb64 OBJ_algorithm,8L - -#define SN_idea_ofb64 "IDEA-OFB" -#define LN_idea_ofb64 "idea-ofb" -#define NID_idea_ofb64 46 - -#define LN_pkcs9 "pkcs9" -#define NID_pkcs9 47 -#define OBJ_pkcs9 OBJ_pkcs,9L - -#define SN_pkcs9_emailAddress "Email" -#define LN_pkcs9_emailAddress "emailAddress" -#define NID_pkcs9_emailAddress 48 -#define OBJ_pkcs9_emailAddress OBJ_pkcs9,1L - -#define LN_pkcs9_unstructuredName "unstructuredName" -#define NID_pkcs9_unstructuredName 49 -#define OBJ_pkcs9_unstructuredName OBJ_pkcs9,2L - -#define LN_pkcs9_contentType "contentType" -#define NID_pkcs9_contentType 50 -#define OBJ_pkcs9_contentType OBJ_pkcs9,3L - -#define LN_pkcs9_messageDigest "messageDigest" -#define NID_pkcs9_messageDigest 51 -#define OBJ_pkcs9_messageDigest OBJ_pkcs9,4L - -#define LN_pkcs9_signingTime "signingTime" -#define NID_pkcs9_signingTime 52 -#define OBJ_pkcs9_signingTime OBJ_pkcs9,5L - -#define LN_pkcs9_countersignature "countersignature" -#define NID_pkcs9_countersignature 53 -#define OBJ_pkcs9_countersignature OBJ_pkcs9,6L - -#define LN_pkcs9_challengePassword "challengePassword" -#define NID_pkcs9_challengePassword 54 -#define OBJ_pkcs9_challengePassword OBJ_pkcs9,7L - -#define LN_pkcs9_unstructuredAddress "unstructuredAddress" -#define NID_pkcs9_unstructuredAddress 55 -#define OBJ_pkcs9_unstructuredAddress OBJ_pkcs9,8L - -#define LN_pkcs9_extCertAttributes "extendedCertificateAttributes" -#define NID_pkcs9_extCertAttributes 56 -#define OBJ_pkcs9_extCertAttributes OBJ_pkcs9,9L - -#define SN_netscape "Netscape" -#define LN_netscape "Netscape Communications Corp." -#define NID_netscape 57 -#define OBJ_netscape 2L,16L,840L,1L,113730L - -#define SN_netscape_cert_extension "nsCertExt" -#define LN_netscape_cert_extension "Netscape Certificate Extension" -#define NID_netscape_cert_extension 58 -#define OBJ_netscape_cert_extension OBJ_netscape,1L - -#define SN_netscape_data_type "nsDataType" -#define LN_netscape_data_type "Netscape Data Type" -#define NID_netscape_data_type 59 -#define OBJ_netscape_data_type OBJ_netscape,2L - -#define SN_des_ede_cfb64 "DES-EDE-CFB" -#define LN_des_ede_cfb64 "des-ede-cfb" -#define NID_des_ede_cfb64 60 - -#define SN_des_ede3_cfb64 "DES-EDE3-CFB" -#define LN_des_ede3_cfb64 "des-ede3-cfb" -#define NID_des_ede3_cfb64 61 - -#define SN_des_ede_ofb64 "DES-EDE-OFB" -#define LN_des_ede_ofb64 "des-ede-ofb" -#define NID_des_ede_ofb64 62 - -#define SN_des_ede3_ofb64 "DES-EDE3-OFB" -#define LN_des_ede3_ofb64 "des-ede3-ofb" -#define NID_des_ede3_ofb64 63 - -/* I'm not sure about the object ID */ -#define SN_sha1 "SHA1" -#define LN_sha1 "sha1" -#define NID_sha1 64 -#define OBJ_sha1 OBJ_algorithm,26L -/* 28 Jun 1996 - eay */ -/* #define OBJ_sha1 1L,3L,14L,2L,26L,05L <- wrong */ - -#define SN_sha1WithRSAEncryption "RSA-SHA1" -#define LN_sha1WithRSAEncryption "sha1WithRSAEncryption" -#define NID_sha1WithRSAEncryption 65 -#define OBJ_sha1WithRSAEncryption OBJ_pkcs,1L,5L - -#define SN_dsaWithSHA "DSA-SHA" -#define LN_dsaWithSHA "dsaWithSHA" -#define NID_dsaWithSHA 66 -#define OBJ_dsaWithSHA OBJ_algorithm,13L - -#define SN_dsa_2 "DSA-old" -#define LN_dsa_2 "dsaEncryption-old" -#define NID_dsa_2 67 -#define OBJ_dsa_2 OBJ_algorithm,12L - -/* proposed by microsoft to RSA */ -#define SN_pbeWithSHA1AndRC2_CBC "PBE-SHA1-RC2-64" -#define LN_pbeWithSHA1AndRC2_CBC "pbeWithSHA1AndRC2-CBC" -#define NID_pbeWithSHA1AndRC2_CBC 68 -#define OBJ_pbeWithSHA1AndRC2_CBC OBJ_pkcs,5L,11L - -/* proposed by microsoft to RSA as pbeWithSHA1AndRC4: it is now - * defined explicitly in PKCS#5 v2.0 as id-PBKDF2 which is something - * completely different. - */ -#define LN_id_pbkdf2 "PBKDF2" -#define NID_id_pbkdf2 69 -#define OBJ_id_pbkdf2 OBJ_pkcs,5L,12L - -#define SN_dsaWithSHA1_2 "DSA-SHA1-old" -#define LN_dsaWithSHA1_2 "dsaWithSHA1-old" -#define NID_dsaWithSHA1_2 70 -/* Got this one from 'sdn706r20.pdf' which is actually an NSA document :-) */ -#define OBJ_dsaWithSHA1_2 OBJ_algorithm,27L - -#define SN_netscape_cert_type "nsCertType" -#define LN_netscape_cert_type "Netscape Cert Type" -#define NID_netscape_cert_type 71 -#define OBJ_netscape_cert_type OBJ_netscape_cert_extension,1L - -#define SN_netscape_base_url "nsBaseUrl" -#define LN_netscape_base_url "Netscape Base Url" -#define NID_netscape_base_url 72 -#define OBJ_netscape_base_url OBJ_netscape_cert_extension,2L - -#define SN_netscape_revocation_url "nsRevocationUrl" -#define LN_netscape_revocation_url "Netscape Revocation Url" -#define NID_netscape_revocation_url 73 -#define OBJ_netscape_revocation_url OBJ_netscape_cert_extension,3L - -#define SN_netscape_ca_revocation_url "nsCaRevocationUrl" -#define LN_netscape_ca_revocation_url "Netscape CA Revocation Url" -#define NID_netscape_ca_revocation_url 74 -#define OBJ_netscape_ca_revocation_url OBJ_netscape_cert_extension,4L - -#define SN_netscape_renewal_url "nsRenewalUrl" -#define LN_netscape_renewal_url "Netscape Renewal Url" -#define NID_netscape_renewal_url 75 -#define OBJ_netscape_renewal_url OBJ_netscape_cert_extension,7L - -#define SN_netscape_ca_policy_url "nsCaPolicyUrl" -#define LN_netscape_ca_policy_url "Netscape CA Policy Url" -#define NID_netscape_ca_policy_url 76 -#define OBJ_netscape_ca_policy_url OBJ_netscape_cert_extension,8L - -#define SN_netscape_ssl_server_name "nsSslServerName" -#define LN_netscape_ssl_server_name "Netscape SSL Server Name" -#define NID_netscape_ssl_server_name 77 -#define OBJ_netscape_ssl_server_name OBJ_netscape_cert_extension,12L - -#define SN_netscape_comment "nsComment" -#define LN_netscape_comment "Netscape Comment" -#define NID_netscape_comment 78 -#define OBJ_netscape_comment OBJ_netscape_cert_extension,13L - -#define SN_netscape_cert_sequence "nsCertSequence" -#define LN_netscape_cert_sequence "Netscape Certificate Sequence" -#define NID_netscape_cert_sequence 79 -#define OBJ_netscape_cert_sequence OBJ_netscape_data_type,5L - -#define SN_desx_cbc "DESX-CBC" -#define LN_desx_cbc "desx-cbc" -#define NID_desx_cbc 80 - -#define SN_ld_ce "ld-ce" -#define NID_ld_ce 81 -#define OBJ_ld_ce 2L,5L,29L - -#define SN_subject_key_identifier "subjectKeyIdentifier" -#define LN_subject_key_identifier "X509v3 Subject Key Identifier" -#define NID_subject_key_identifier 82 -#define OBJ_subject_key_identifier OBJ_ld_ce,14L - -#define SN_key_usage "keyUsage" -#define LN_key_usage "X509v3 Key Usage" -#define NID_key_usage 83 -#define OBJ_key_usage OBJ_ld_ce,15L - -#define SN_private_key_usage_period "privateKeyUsagePeriod" -#define LN_private_key_usage_period "X509v3 Private Key Usage Period" -#define NID_private_key_usage_period 84 -#define OBJ_private_key_usage_period OBJ_ld_ce,16L - -#define SN_subject_alt_name "subjectAltName" -#define LN_subject_alt_name "X509v3 Subject Alternative Name" -#define NID_subject_alt_name 85 -#define OBJ_subject_alt_name OBJ_ld_ce,17L - -#define SN_issuer_alt_name "issuerAltName" -#define LN_issuer_alt_name "X509v3 Issuer Alternative Name" -#define NID_issuer_alt_name 86 -#define OBJ_issuer_alt_name OBJ_ld_ce,18L - -#define SN_basic_constraints "basicConstraints" -#define LN_basic_constraints "X509v3 Basic Constraints" -#define NID_basic_constraints 87 -#define OBJ_basic_constraints OBJ_ld_ce,19L - -#define SN_crl_number "crlNumber" -#define LN_crl_number "X509v3 CRL Number" -#define NID_crl_number 88 -#define OBJ_crl_number OBJ_ld_ce,20L - -#define SN_certificate_policies "certificatePolicies" -#define LN_certificate_policies "X509v3 Certificate Policies" -#define NID_certificate_policies 89 -#define OBJ_certificate_policies OBJ_ld_ce,32L - -#define SN_authority_key_identifier "authorityKeyIdentifier" -#define LN_authority_key_identifier "X509v3 Authority Key Identifier" -#define NID_authority_key_identifier 90 -#define OBJ_authority_key_identifier OBJ_ld_ce,35L - -#define SN_bf_cbc "BF-CBC" -#define LN_bf_cbc "bf-cbc" -#define NID_bf_cbc 91 -#define OBJ_bf_cbc 1L,3L,6L,1L,4L,1L,3029L,1L,2L - -#define SN_bf_ecb "BF-ECB" -#define LN_bf_ecb "bf-ecb" -#define NID_bf_ecb 92 - -#define SN_bf_cfb64 "BF-CFB" -#define LN_bf_cfb64 "bf-cfb" -#define NID_bf_cfb64 93 - -#define SN_bf_ofb64 "BF-OFB" -#define LN_bf_ofb64 "bf-ofb" -#define NID_bf_ofb64 94 - -#define SN_mdc2 "MDC2" -#define LN_mdc2 "mdc2" -#define NID_mdc2 95 -#define OBJ_mdc2 2L,5L,8L,3L,101L -/* An alternative? 1L,3L,14L,3L,2L,19L */ - -#define SN_mdc2WithRSA "RSA-MDC2" -#define LN_mdc2WithRSA "mdc2withRSA" -#define NID_mdc2WithRSA 96 -#define OBJ_mdc2WithRSA 2L,5L,8L,3L,100L - -#define SN_rc4_40 "RC4-40" -#define LN_rc4_40 "rc4-40" -#define NID_rc4_40 97 - -#define SN_rc2_40_cbc "RC2-40-CBC" -#define LN_rc2_40_cbc "rc2-40-cbc" -#define NID_rc2_40_cbc 98 - -#define SN_givenName "G" -#define LN_givenName "givenName" -#define NID_givenName 99 -#define OBJ_givenName OBJ_X509,42L - -#define SN_surname "S" -#define LN_surname "surname" -#define NID_surname 100 -#define OBJ_surname OBJ_X509,4L - -#define SN_initials "I" -#define LN_initials "initials" -#define NID_initials 101 -#define OBJ_initials OBJ_X509,43L - -#define SN_uniqueIdentifier "UID" -#define LN_uniqueIdentifier "uniqueIdentifier" -#define NID_uniqueIdentifier 102 -#define OBJ_uniqueIdentifier OBJ_X509,45L - -#define SN_crl_distribution_points "crlDistributionPoints" -#define LN_crl_distribution_points "X509v3 CRL Distribution Points" -#define NID_crl_distribution_points 103 -#define OBJ_crl_distribution_points OBJ_ld_ce,31L - -#define SN_md5WithRSA "RSA-NP-MD5" -#define LN_md5WithRSA "md5WithRSA" -#define NID_md5WithRSA 104 -#define OBJ_md5WithRSA OBJ_algorithm,3L - -#define SN_serialNumber "SN" -#define LN_serialNumber "serialNumber" -#define NID_serialNumber 105 -#define OBJ_serialNumber OBJ_X509,5L - -#define SN_title "T" -#define LN_title "title" -#define NID_title 106 -#define OBJ_title OBJ_X509,12L - -#define SN_description "D" -#define LN_description "description" -#define NID_description 107 -#define OBJ_description OBJ_X509,13L - -/* CAST5 is CAST-128, I'm just sticking with the documentation */ -#define SN_cast5_cbc "CAST5-CBC" -#define LN_cast5_cbc "cast5-cbc" -#define NID_cast5_cbc 108 -#define OBJ_cast5_cbc 1L,2L,840L,113533L,7L,66L,10L - -#define SN_cast5_ecb "CAST5-ECB" -#define LN_cast5_ecb "cast5-ecb" -#define NID_cast5_ecb 109 - -#define SN_cast5_cfb64 "CAST5-CFB" -#define LN_cast5_cfb64 "cast5-cfb" -#define NID_cast5_cfb64 110 - -#define SN_cast5_ofb64 "CAST5-OFB" -#define LN_cast5_ofb64 "cast5-ofb" -#define NID_cast5_ofb64 111 - -#define LN_pbeWithMD5AndCast5_CBC "pbeWithMD5AndCast5CBC" -#define NID_pbeWithMD5AndCast5_CBC 112 -#define OBJ_pbeWithMD5AndCast5_CBC 1L,2L,840L,113533L,7L,66L,12L - -/* This is one sun will soon be using :-( - * id-dsa-with-sha1 ID ::= { - * iso(1) member-body(2) us(840) x9-57 (10040) x9cm(4) 3 } - */ -#define SN_dsaWithSHA1 "DSA-SHA1" -#define LN_dsaWithSHA1 "dsaWithSHA1" -#define NID_dsaWithSHA1 113 -#define OBJ_dsaWithSHA1 1L,2L,840L,10040L,4L,3L - -#define NID_md5_sha1 114 -#define SN_md5_sha1 "MD5-SHA1" -#define LN_md5_sha1 "md5-sha1" - -#define SN_sha1WithRSA "RSA-SHA1-2" -#define LN_sha1WithRSA "sha1WithRSA" -#define NID_sha1WithRSA 115 -#define OBJ_sha1WithRSA OBJ_algorithm,29L - -#define SN_dsa "DSA" -#define LN_dsa "dsaEncryption" -#define NID_dsa 116 -#define OBJ_dsa 1L,2L,840L,10040L,4L,1L - -#define SN_ripemd160 "RIPEMD160" -#define LN_ripemd160 "ripemd160" -#define NID_ripemd160 117 -#define OBJ_ripemd160 1L,3L,36L,3L,2L,1L - -/* The name should actually be rsaSignatureWithripemd160, but I'm going - * to continue using the convention I'm using with the other ciphers */ -#define SN_ripemd160WithRSA "RSA-RIPEMD160" -#define LN_ripemd160WithRSA "ripemd160WithRSA" -#define NID_ripemd160WithRSA 119 -#define OBJ_ripemd160WithRSA 1L,3L,36L,3L,3L,1L,2L - -/* Taken from rfc2040 - * RC5_CBC_Parameters ::= SEQUENCE { - * version INTEGER (v1_0(16)), - * rounds INTEGER (8..127), - * blockSizeInBits INTEGER (64, 128), - * iv OCTET STRING OPTIONAL - * } - */ -#define SN_rc5_cbc "RC5-CBC" -#define LN_rc5_cbc "rc5-cbc" -#define NID_rc5_cbc 120 -#define OBJ_rc5_cbc OBJ_rsadsi,3L,8L - -#define SN_rc5_ecb "RC5-ECB" -#define LN_rc5_ecb "rc5-ecb" -#define NID_rc5_ecb 121 - -#define SN_rc5_cfb64 "RC5-CFB" -#define LN_rc5_cfb64 "rc5-cfb" -#define NID_rc5_cfb64 122 - -#define SN_rc5_ofb64 "RC5-OFB" -#define LN_rc5_ofb64 "rc5-ofb" -#define NID_rc5_ofb64 123 - -#define SN_rle_compression "RLE" -#define LN_rle_compression "run length compression" -#define NID_rle_compression 124 -#define OBJ_rle_compression 1L,1L,1L,1L,666L,1L - -#define SN_zlib_compression "ZLIB" -#define LN_zlib_compression "zlib compression" -#define NID_zlib_compression 125 -#define OBJ_zlib_compression 1L,1L,1L,1L,666L,2L - -#define SN_ext_key_usage "extendedKeyUsage" -#define LN_ext_key_usage "X509v3 Extended Key Usage" -#define NID_ext_key_usage 126 -#define OBJ_ext_key_usage OBJ_ld_ce,37 - -#define SN_id_pkix "PKIX" -#define NID_id_pkix 127 -#define OBJ_id_pkix 1L,3L,6L,1L,5L,5L,7L - -#define SN_id_kp "id-kp" -#define NID_id_kp 128 -#define OBJ_id_kp OBJ_id_pkix,3L - -/* PKIX extended key usage OIDs */ - -#define SN_server_auth "serverAuth" -#define LN_server_auth "TLS Web Server Authentication" -#define NID_server_auth 129 -#define OBJ_server_auth OBJ_id_kp,1L - -#define SN_client_auth "clientAuth" -#define LN_client_auth "TLS Web Client Authentication" -#define NID_client_auth 130 -#define OBJ_client_auth OBJ_id_kp,2L - -#define SN_code_sign "codeSigning" -#define LN_code_sign "Code Signing" -#define NID_code_sign 131 -#define OBJ_code_sign OBJ_id_kp,3L - -#define SN_email_protect "emailProtection" -#define LN_email_protect "E-mail Protection" -#define NID_email_protect 132 -#define OBJ_email_protect OBJ_id_kp,4L - -#define SN_time_stamp "timeStamping" -#define LN_time_stamp "Time Stamping" -#define NID_time_stamp 133 -#define OBJ_time_stamp OBJ_id_kp,8L - -/* Additional extended key usage OIDs: Microsoft */ - -#define SN_ms_code_ind "msCodeInd" -#define LN_ms_code_ind "Microsoft Individual Code Signing" -#define NID_ms_code_ind 134 -#define OBJ_ms_code_ind 1L,3L,6L,1L,4L,1L,311L,2L,1L,21L - -#define SN_ms_code_com "msCodeCom" -#define LN_ms_code_com "Microsoft Commercial Code Signing" -#define NID_ms_code_com 135 -#define OBJ_ms_code_com 1L,3L,6L,1L,4L,1L,311L,2L,1L,22L - -#define SN_ms_ctl_sign "msCTLSign" -#define LN_ms_ctl_sign "Microsoft Trust List Signing" -#define NID_ms_ctl_sign 136 -#define OBJ_ms_ctl_sign 1L,3L,6L,1L,4L,1L,311L,10L,3L,1L - -#define SN_ms_sgc "msSGC" -#define LN_ms_sgc "Microsoft Server Gated Crypto" -#define NID_ms_sgc 137 -#define OBJ_ms_sgc 1L,3L,6L,1L,4L,1L,311L,10L,3L,3L - -#define SN_ms_efs "msEFS" -#define LN_ms_efs "Microsoft Encrypted File System" -#define NID_ms_efs 138 -#define OBJ_ms_efs 1L,3L,6L,1L,4L,1L,311L,10L,3L,4L - -/* Additional usage: Netscape */ - -#define SN_ns_sgc "nsSGC" -#define LN_ns_sgc "Netscape Server Gated Crypto" -#define NID_ns_sgc 139 -#define OBJ_ns_sgc OBJ_netscape,4L,1L - -#define SN_delta_crl "deltaCRL" -#define LN_delta_crl "X509v3 Delta CRL Indicator" -#define NID_delta_crl 140 -#define OBJ_delta_crl OBJ_ld_ce,27L - -#define SN_crl_reason "CRLReason" -#define LN_crl_reason "CRL Reason Code" -#define NID_crl_reason 141 -#define OBJ_crl_reason OBJ_ld_ce,21L - -#define SN_invalidity_date "invalidityDate" -#define LN_invalidity_date "Invalidity Date" -#define NID_invalidity_date 142 -#define OBJ_invalidity_date OBJ_ld_ce,24L - -#define SN_sxnet "SXNetID" -#define LN_sxnet "Strong Extranet ID" -#define NID_sxnet 143 -#define OBJ_sxnet 1L,3L,101L,1L,4L,1L - -/* PKCS12 and related OBJECT IDENTIFIERS */ - -#define OBJ_pkcs12 OBJ_pkcs,12L -#define OBJ_pkcs12_pbeids OBJ_pkcs12, 1 - -#define SN_pbe_WithSHA1And128BitRC4 "PBE-SHA1-RC4-128" -#define LN_pbe_WithSHA1And128BitRC4 "pbeWithSHA1And128BitRC4" -#define NID_pbe_WithSHA1And128BitRC4 144 -#define OBJ_pbe_WithSHA1And128BitRC4 OBJ_pkcs12_pbeids, 1L - -#define SN_pbe_WithSHA1And40BitRC4 "PBE-SHA1-RC4-40" -#define LN_pbe_WithSHA1And40BitRC4 "pbeWithSHA1And40BitRC4" -#define NID_pbe_WithSHA1And40BitRC4 145 -#define OBJ_pbe_WithSHA1And40BitRC4 OBJ_pkcs12_pbeids, 2L - -#define SN_pbe_WithSHA1And3_Key_TripleDES_CBC "PBE-SHA1-3DES" -#define LN_pbe_WithSHA1And3_Key_TripleDES_CBC "pbeWithSHA1And3-KeyTripleDES-CBC" -#define NID_pbe_WithSHA1And3_Key_TripleDES_CBC 146 -#define OBJ_pbe_WithSHA1And3_Key_TripleDES_CBC OBJ_pkcs12_pbeids, 3L - -#define SN_pbe_WithSHA1And2_Key_TripleDES_CBC "PBE-SHA1-2DES" -#define LN_pbe_WithSHA1And2_Key_TripleDES_CBC "pbeWithSHA1And2-KeyTripleDES-CBC" -#define NID_pbe_WithSHA1And2_Key_TripleDES_CBC 147 -#define OBJ_pbe_WithSHA1And2_Key_TripleDES_CBC OBJ_pkcs12_pbeids, 4L - -#define SN_pbe_WithSHA1And128BitRC2_CBC "PBE-SHA1-RC2-128" -#define LN_pbe_WithSHA1And128BitRC2_CBC "pbeWithSHA1And128BitRC2-CBC" -#define NID_pbe_WithSHA1And128BitRC2_CBC 148 -#define OBJ_pbe_WithSHA1And128BitRC2_CBC OBJ_pkcs12_pbeids, 5L - -#define SN_pbe_WithSHA1And40BitRC2_CBC "PBE-SHA1-RC2-40" -#define LN_pbe_WithSHA1And40BitRC2_CBC "pbeWithSHA1And40BitRC2-CBC" -#define NID_pbe_WithSHA1And40BitRC2_CBC 149 -#define OBJ_pbe_WithSHA1And40BitRC2_CBC OBJ_pkcs12_pbeids, 6L - -#define OBJ_pkcs12_Version1 OBJ_pkcs12, 10L - -#define OBJ_pkcs12_BagIds OBJ_pkcs12_Version1, 1L - -#define LN_keyBag "keyBag" -#define NID_keyBag 150 -#define OBJ_keyBag OBJ_pkcs12_BagIds, 1L - -#define LN_pkcs8ShroudedKeyBag "pkcs8ShroudedKeyBag" -#define NID_pkcs8ShroudedKeyBag 151 -#define OBJ_pkcs8ShroudedKeyBag OBJ_pkcs12_BagIds, 2L - -#define LN_certBag "certBag" -#define NID_certBag 152 -#define OBJ_certBag OBJ_pkcs12_BagIds, 3L - -#define LN_crlBag "crlBag" -#define NID_crlBag 153 -#define OBJ_crlBag OBJ_pkcs12_BagIds, 4L - -#define LN_secretBag "secretBag" -#define NID_secretBag 154 -#define OBJ_secretBag OBJ_pkcs12_BagIds, 5L - -#define LN_safeContentsBag "safeContentsBag" -#define NID_safeContentsBag 155 -#define OBJ_safeContentsBag OBJ_pkcs12_BagIds, 6L - -#define LN_friendlyName "friendlyName" -#define NID_friendlyName 156 -#define OBJ_friendlyName OBJ_pkcs9, 20L - -#define LN_localKeyID "localKeyID" -#define NID_localKeyID 157 -#define OBJ_localKeyID OBJ_pkcs9, 21L - -#define OBJ_certTypes OBJ_pkcs9, 22L - -#define LN_x509Certificate "x509Certificate" -#define NID_x509Certificate 158 -#define OBJ_x509Certificate OBJ_certTypes, 1L - -#define LN_sdsiCertificate "sdsiCertificate" -#define NID_sdsiCertificate 159 -#define OBJ_sdsiCertificate OBJ_certTypes, 2L - -#define OBJ_crlTypes OBJ_pkcs9, 23L - -#define LN_x509Crl "x509Crl" -#define NID_x509Crl 160 -#define OBJ_x509Crl OBJ_crlTypes, 1L - -/* PKCS#5 v2 OIDs */ - -#define LN_pbes2 "PBES2" -#define NID_pbes2 161 -#define OBJ_pbes2 OBJ_pkcs,5L,13L - -#define LN_pbmac1 "PBMAC1" -#define NID_pbmac1 162 -#define OBJ_pbmac1 OBJ_pkcs,5L,14L - -#define LN_hmacWithSHA1 "hmacWithSHA1" -#define NID_hmacWithSHA1 163 -#define OBJ_hmacWithSHA1 OBJ_rsadsi,2L,7L - -/* Policy Qualifier Ids */ - -#define LN_id_qt_cps "Policy Qualifier CPS" -#define SN_id_qt_cps "id-qt-cps" -#define NID_id_qt_cps 164 -#define OBJ_id_qt_cps OBJ_id_pkix,2L,1L - -#define LN_id_qt_unotice "Policy Qualifier User Notice" -#define SN_id_qt_unotice "id-qt-unotice" -#define NID_id_qt_unotice 165 -#define OBJ_id_qt_unotice OBJ_id_pkix,2L,2L - -#define SN_rc2_64_cbc "RC2-64-CBC" -#define LN_rc2_64_cbc "rc2-64-cbc" -#define NID_rc2_64_cbc 166 - -#define SN_SMIMECapabilities "SMIME-CAPS" -#define LN_SMIMECapabilities "S/MIME Capabilities" -#define NID_SMIMECapabilities 167 -#define OBJ_SMIMECapabilities OBJ_pkcs9,15L - -#define SN_pbeWithMD2AndRC2_CBC "PBE-MD2-RC2-64" -#define LN_pbeWithMD2AndRC2_CBC "pbeWithMD2AndRC2-CBC" -#define NID_pbeWithMD2AndRC2_CBC 168 -#define OBJ_pbeWithMD2AndRC2_CBC OBJ_pkcs,5L,4L - -#define SN_pbeWithMD5AndRC2_CBC "PBE-MD5-RC2-64" -#define LN_pbeWithMD5AndRC2_CBC "pbeWithMD5AndRC2-CBC" -#define NID_pbeWithMD5AndRC2_CBC 169 -#define OBJ_pbeWithMD5AndRC2_CBC OBJ_pkcs,5L,6L - -#define SN_pbeWithSHA1AndDES_CBC "PBE-SHA1-DES" -#define LN_pbeWithSHA1AndDES_CBC "pbeWithSHA1AndDES-CBC" -#define NID_pbeWithSHA1AndDES_CBC 170 -#define OBJ_pbeWithSHA1AndDES_CBC OBJ_pkcs,5L,10L - -/* Extension request OIDs */ - -#define LN_ms_ext_req "Microsoft Extension Request" -#define SN_ms_ext_req "msExtReq" -#define NID_ms_ext_req 171 -#define OBJ_ms_ext_req 1L,3L,6L,1L,4L,1L,311L,2L,1L,14L - -#define LN_ext_req "Extension Request" -#define SN_ext_req "extReq" -#define NID_ext_req 172 -#define OBJ_ext_req OBJ_pkcs9,14L - -#define SN_name "name" -#define LN_name "name" -#define NID_name 173 -#define OBJ_name OBJ_X509,41L - -#define SN_dnQualifier "dnQualifier" -#define LN_dnQualifier "dnQualifier" -#define NID_dnQualifier 174 -#define OBJ_dnQualifier OBJ_X509,46L - -#define SN_id_pe "id-pe" -#define NID_id_pe 175 -#define OBJ_id_pe OBJ_id_pkix,1L - -#define SN_id_ad "id-ad" -#define NID_id_ad 176 -#define OBJ_id_ad OBJ_id_pkix,48L - -#define SN_info_access "authorityInfoAccess" -#define LN_info_access "Authority Information Access" -#define NID_info_access 177 -#define OBJ_info_access OBJ_id_pe,1L - -#define SN_ad_OCSP "OCSP" -#define LN_ad_OCSP "OCSP" -#define NID_ad_OCSP 178 -#define OBJ_ad_OCSP OBJ_id_ad,1L - -#define SN_ad_ca_issuers "caIssuers" -#define LN_ad_ca_issuers "CA Issuers" -#define NID_ad_ca_issuers 179 -#define OBJ_ad_ca_issuers OBJ_id_ad,2L - -#define SN_OCSP_sign "OCSPSigning" -#define LN_OCSP_sign "OCSP Signing" -#define NID_OCSP_sign 180 -#define OBJ_OCSP_sign OBJ_id_kp,9L -#endif /* USE_OBJ_MAC */ - -#include -#include - -#define OBJ_NAME_TYPE_UNDEF 0x00 -#define OBJ_NAME_TYPE_MD_METH 0x01 -#define OBJ_NAME_TYPE_CIPHER_METH 0x02 -#define OBJ_NAME_TYPE_PKEY_METH 0x03 -#define OBJ_NAME_TYPE_COMP_METH 0x04 -#define OBJ_NAME_TYPE_NUM 0x05 - -#define OBJ_NAME_ALIAS 0x8000 - - -#ifdef __cplusplus -extern "C" { -#endif - -typedef struct obj_name_st - { - int type; - int alias; - const char *name; - const char *data; - } OBJ_NAME; - -#define OBJ_create_and_add_object(a,b,c) OBJ_create(a,b,c) - - -int OBJ_NAME_init(void); -int OBJ_NAME_new_index(unsigned long (*hash_func)(const char *),int (*cmp_func)(const void *, const void *), - void (*free_func)(const char *, int, const char *)); -const char *OBJ_NAME_get(const char *name,int type); -int OBJ_NAME_add(const char *name,int type,const char *data); -int OBJ_NAME_remove(const char *name,int type); -void OBJ_NAME_cleanup(int type); /* -1 for everything */ - -ASN1_OBJECT * OBJ_dup(ASN1_OBJECT *o); -ASN1_OBJECT * OBJ_nid2obj(int n); -const char * OBJ_nid2ln(int n); -const char * OBJ_nid2sn(int n); -int OBJ_obj2nid(ASN1_OBJECT *o); -ASN1_OBJECT * OBJ_txt2obj(const char *s, int no_name); -int OBJ_obj2txt(char *buf, int buf_len, ASN1_OBJECT *a, int no_name); -int OBJ_txt2nid(char *s); -int OBJ_ln2nid(const char *s); -int OBJ_sn2nid(const char *s); -int OBJ_cmp(ASN1_OBJECT *a,ASN1_OBJECT *b); -char * OBJ_bsearch(char *key,char *base,int num,int size,int (*cmp)(const void *, const void *)); - -void ERR_load_OBJ_strings(void ); - -int OBJ_new_nid(int num); -int OBJ_add_object(ASN1_OBJECT *obj); -int OBJ_create(char *oid,char *sn,char *ln); -void OBJ_cleanup(void ); -int OBJ_create_objects(BIO *in); - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ - -/* Error codes for the OBJ functions. */ - -/* Function codes. */ -#define OBJ_F_OBJ_CREATE 100 -#define OBJ_F_OBJ_DUP 101 -#define OBJ_F_OBJ_NID2LN 102 -#define OBJ_F_OBJ_NID2OBJ 103 -#define OBJ_F_OBJ_NID2SN 104 - -/* Reason codes. */ -#define OBJ_R_MALLOC_FAILURE 100 -#define OBJ_R_UNKNOWN_NID 101 - -#ifdef __cplusplus -} -#endif -#endif - diff --git a/src/lib/libcrypto/objects/objects.pl b/src/lib/libcrypto/objects/objects.pl deleted file mode 100644 index c956bbb841..0000000000 --- a/src/lib/libcrypto/objects/objects.pl +++ /dev/null @@ -1,224 +0,0 @@ -#!/usr/local/bin/perl - -open (NUMIN,"$ARGV[1]") || die "Can't open number file $ARGV[1]"; -$max_nid=0; -$o=0; -while() - { - chop; - $o++; - s/#.*$//; - next if /^\s*$/; - ($Cname,$mynum) = split; - if (defined($nidn{$mynum})) - { die "$ARGV[1]:$o:There's already an object with NID ",$mynum," on line ",$order{$mynum},"\n"; } - $nid{$Cname} = $mynum; - $nidn{$mynum} = $Cname; - $order{$mynum} = $o; - $max_nid = $mynum if $mynum > $max_nid; - } -close NUMIN; - -open (IN,"$ARGV[0]") || die "Can't open input file $ARGV[0]"; -$Cname=""; -$o=0; -while () - { - chop; - $o++; - if (/^!module\s+(.*)$/) - { - $module = $1."-"; - $module =~ s/\./_/g; - $module =~ s/-/_/g; - } - if (/^!global$/) - { $module = ""; } - if (/^!Cname\s+(.*)$/) - { $Cname = $1; } - if (/^!Alias\s+(.+?)\s+(.*)$/) - { - $Cname = $module.$1; - $myoid = $2; - $myoid = &process_oid($myoid); - $Cname =~ s/-/_/g; - $ordern{$o} = $Cname; - $order{$Cname} = $o; - $obj{$Cname} = $myoid; - $_ = ""; - $Cname = ""; - } - s/!.*$//; - s/#.*$//; - next if /^\s*$/; - ($myoid,$mysn,$myln) = split ':'; - $mysn =~ s/^\s*//; - $mysn =~ s/\s*$//; - $myln =~ s/^\s*//; - $myln =~ s/\s*$//; - $myoid =~ s/^\s*//; - $myoid =~ s/\s*$//; - if ($myoid ne "") - { - $myoid = &process_oid($myoid); - } - - if ($Cname eq "" && !($myln =~ / /)) - { - $Cname = $myln; - $Cname =~ s/\./_/g; - $Cname =~ s/-/_/g; - if ($Cname ne "" && defined($ln{$module.$Cname})) - { die "objects.txt:$o:There's already an object with long name ",$ln{$module.$Cname}," on line ",$order{$module.$Cname},"\n"; } - } - if ($Cname eq "") - { - $Cname = $mysn; - $Cname =~ s/-/_/g; - if ($Cname ne "" && defined($sn{$module.$Cname})) - { die "objects.txt:$o:There's already an object with short name ",$sn{$module.$Cname}," on line ",$order{$module.$Cname},"\n"; } - } - if ($Cname eq "") - { - $Cname = $myln; - $Cname =~ s/-/_/g; - $Cname =~ s/\./_/g; - $Cname =~ s/ /_/g; - if ($Cname ne "" && defined($ln{$module.$Cname})) - { die "objects.txt:$o:There's already an object with long name ",$ln{$module.$Cname}," on line ",$order{$module.$Cname},"\n"; } - } - $Cname =~ s/\./_/g; - $Cname =~ s/-/_/g; - $Cname = $module.$Cname; - $ordern{$o} = $Cname; - $order{$Cname} = $o; - $sn{$Cname} = $mysn; - $ln{$Cname} = $myln; - $obj{$Cname} = $myoid; - if (!defined($nid{$Cname})) - { - $max_nid++; - $nid{$Cname} = $max_nid; - $nidn{$max_nid} = $Cname; - } - $Cname=""; - } -close IN; - -open (NUMOUT,">$ARGV[1]") || die "Can't open output file $ARGV[1]"; -foreach (sort { $a <=> $b } keys %nidn) - { - print NUMOUT $nidn{$_},"\t\t",$_,"\n"; - } -close NUMOUT; - -open (OUT,">$ARGV[2]") || die "Can't open output file $ARGV[2]"; -print OUT <<'EOF'; -/* lib/obj/obj_mac.h */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -/* THIS FILE IS GENERATED FROM objects.txt by objects.pl via the - * following command: - * perl objects.pl objects.txt obj_mac.num obj_mac.h - */ - -#define SN_undef "UNDEF" -#define LN_undef "undefined" -#define NID_undef 0 -#define OBJ_undef 0L - -EOF - -foreach (sort { $a <=> $b } keys %ordern) - { - $Cname=$ordern{$_}; - print OUT "#define SN_",$Cname,"\t\t\"",$sn{$Cname},"\"\n" if $sn{$Cname} ne ""; - print OUT "#define LN_",$Cname,"\t\t\"",$ln{$Cname},"\"\n" if $ln{$Cname} ne ""; - print OUT "#define NID_",$Cname,"\t\t",$nid{$Cname},"\n" if $nid{$Cname} ne ""; - print OUT "#define OBJ_",$Cname,"\t\t",$obj{$Cname},"\n" if $obj{$Cname} ne ""; - print OUT "\n"; - } - -close OUT; - -sub process_oid - { - local($oid)=@_; - local(@a,$oid_pref); - - @a = split(/\s+/,$myoid); - $pref_oid = ""; - $pref_sep = ""; - if (!($a[0] =~ /^[0-9]+$/)) - { - $a[0] =~ s/-/_/g; - $pref_oid = "OBJ_" . $a[0]; - $pref_sep = ","; - shift @a; - } - $oids = join('L,',@a) . "L"; - if ($oids ne "L") - { - $oids = $pref_oid . $pref_sep . $oids; - } - else - { - $oids = $pref_oid; - } - return($oids); - } diff --git a/src/lib/libcrypto/objects/objects.txt b/src/lib/libcrypto/objects/objects.txt deleted file mode 100644 index 3d443cf884..0000000000 --- a/src/lib/libcrypto/objects/objects.txt +++ /dev/null @@ -1,593 +0,0 @@ -1 : ISO : iso - -iso 2 : member-body : ISO Member Body - -member-body 840 : ISO-US : ISO US Member Body -ISO-US 10040 : X9-57 : X9.57 -X9-57 4 : X9cm : X9.57 CM ? - -!Cname dsa -X9cm 1 : DSA : dsaEncryption -X9cm 3 : DSA-SHA1 : dsaWithSHA1 - -ISO-US 113533 7 66 10 : CAST5-CBC : cast5-cbc - : CAST5-ECB : cast5-ecb -!Cname cast5-cfb64 - : CAST5-CFB : cast5-cfb -!Cname cast5-ofb64 - : CAST5-OFB : cast5-ofb -!Cname pbeWithMD5AndCast5-CBC -ISO-US 113533 7 66 12 : : pbeWithMD5AndCast5CBC - -ISO-US 113549 : rsadsi : RSA Data Security, Inc. - -rsadsi 1 : pkcs : RSA Data Security, Inc. PKCS - -pkcs 1 : pkcs1 -pkcs1 1 : : rsaEncryption -pkcs1 2 : RSA-MD2 : md2WithRSAEncryption -pkcs1 4 : RSA-MD5 : md5WithRSAEncryption -pkcs1 5 : RSA-SHA1 : sha1WithRSAEncryption - -pkcs 3 : pkcs3 -pkcs3 1 : : dhKeyAgreement - -pkcs 5 : pkcs5 -pkcs5 1 : PBE-MD2-DES : pbeWithMD2AndDES-CBC -pkcs5 3 : PBE-MD5-DES : pbeWithMD5AndDES-CBC -pkcs5 4 : PBE-MD2-RC2-64 : pbeWithMD2AndRC2-CBC -pkcs5 6 : PBE-MD5-RC2-64 : pbeWithMD5AndRC2-CBC -pkcs5 10 : PBE-SHA1-DES : pbeWithSHA1AndDES-CBC -pkcs5 11 : PBE-SHA1-RC2-64 : pbeWithSHA1AndRC2-CBC -!Cname id_pbkdf2 -pkcs5 12 : : PBKDF2 -!Cname pbes2 -pkcs5 13 : : PBES2 -!Cname pbmac1 -pkcs5 14 : : PBMAC1 - -pkcs 7 : pkcs7 -pkcs7 1 : : pkcs7-data -!Cname pkcs7-signed -pkcs7 2 : : pkcs7-signedData -!Cname pkcs7-enveloped -pkcs7 3 : : pkcs7-envelopedData -!Cname pkcs7-signedAndEnveloped -pkcs7 4 : : pkcs7-signedAndEnvelopedData -!Cname pkcs7-digest -pkcs7 5 : : pkcs7-digestData -!Cname pkcs7-encrypted -pkcs7 6 : : pkcs7-encryptedData - -pkcs 9 : pkcs9 -!module pkcs9 -pkcs9 1 : Email : emailAddress -pkcs9 2 : : unstructuredName -pkcs9 3 : : contentType -pkcs9 4 : : messageDigest -pkcs9 5 : : signingTime -pkcs9 6 : : countersignature -pkcs9 7 : : challengePassword -pkcs9 8 : : unstructuredAddress -!Cname extCertAttributes -pkcs9 9 : : extendedCertificateAttributes -!global - -!Cname ext-req -pkcs9 14 : extReq : Extension Request - -!Cname SMIMECapabilities -pkcs9 15 : SMIME-CAPS : S/MIME Capabilities - -# S/MIME -!Cname SMIME -pkcs9 16 : SMIME : S/MIME -SMIME 0 : id-smime-mod -SMIME 1 : id-smime-ct -SMIME 2 : id-smime-aa -SMIME 3 : id-smime-alg -SMIME 4 : id-smime-cd -SMIME 5 : id-smime-spq -SMIME 6 : id-smime-cti - -# S/MIME Modules -id-smime-mod 1 : id-smime-mod-cms -id-smime-mod 2 : id-smime-mod-ess -id-smime-mod 3 : id-smime-mod-oid -id-smime-mod 4 : id-smime-mod-msg-v3 -id-smime-mod 5 : id-smime-mod-ets-eSignature-88 -id-smime-mod 6 : id-smime-mod-ets-eSignature-97 -id-smime-mod 7 : id-smime-mod-ets-eSigPolicy-88 -id-smime-mod 8 : id-smime-mod-ets-eSigPolicy-97 - -# S/MIME Content Types -id-smime-ct 1 : id-smime-ct-receipt -id-smime-ct 2 : id-smime-ct-authData -id-smime-ct 3 : id-smime-ct-publishCert -id-smime-ct 4 : id-smime-ct-TSTInfo -id-smime-ct 5 : id-smime-ct-TDTInfo -id-smime-ct 6 : id-smime-ct-contentInfo -id-smime-ct 7 : id-smime-ct-DVCSRequestData -id-smime-ct 8 : id-smime-ct-DVCSResponseData - -# S/MIME Attributes -id-smime-aa 1 : id-smime-aa-receiptRequest -id-smime-aa 2 : id-smime-aa-securityLabel -id-smime-aa 3 : id-smime-aa-mlExpandHistory -id-smime-aa 4 : id-smime-aa-contentHint -id-smime-aa 5 : id-smime-aa-msgSigDigest -# obsolete -id-smime-aa 6 : id-smime-aa-encapContentType -id-smime-aa 7 : id-smime-aa-contentIdentifier -# obsolete -id-smime-aa 8 : id-smime-aa-macValue -id-smime-aa 9 : id-smime-aa-equivalentLabels -id-smime-aa 10 : id-smime-aa-contentReference -id-smime-aa 11 : id-smime-aa-encrypKeyPref -id-smime-aa 12 : id-smime-aa-signingCertificate -id-smime-aa 13 : id-smime-aa-smimeEncryptCerts -id-smime-aa 14 : id-smime-aa-timeStampToken -id-smime-aa 15 : id-smime-aa-ets-sigPolicyId -id-smime-aa 16 : id-smime-aa-ets-commitmentType -id-smime-aa 17 : id-smime-aa-ets-signerLocation -id-smime-aa 18 : id-smime-aa-ets-signerAttr -id-smime-aa 19 : id-smime-aa-ets-otherSigCert -id-smime-aa 20 : id-smime-aa-ets-contentTimestamp -id-smime-aa 21 : id-smime-aa-ets-CertificateRefs -id-smime-aa 22 : id-smime-aa-ets-RevocationRefs -id-smime-aa 23 : id-smime-aa-ets-certValues -id-smime-aa 24 : id-smime-aa-ets-revocationValues -id-smime-aa 25 : id-smime-aa-ets-escTimeStamp -id-smime-aa 26 : id-smime-aa-ets-certCRLTimestamp -id-smime-aa 27 : id-smime-aa-ets-archiveTimeStamp -id-smime-aa 28 : id-smime-aa-signatureType -id-smime-aa 29 : id-smime-aa-dvcs-dvc - -# S/MIME Algorithm Identifiers -# obsolete -id-smime-alg 1 : id-smime-alg-ESDHwith3DES -# obsolete -id-smime-alg 2 : id-smime-alg-ESDHwithRC2 -# obsolete -id-smime-alg 3 : id-smime-alg-3DESwrap -# obsolete -id-smime-alg 4 : id-smime-alg-RC2wrap -id-smime-alg 5 : id-smime-alg-ESDH -id-smime-alg 6 : id-smime-alg-CMS3DESwrap -id-smime-alg 7 : id-smime-alg-CMSRC2wrap - -# S/MIME Certificate Distribution -id-smime-cd 1 : id-smime-cd-ldap - -# S/MIME Signature Policy Qualifier -id-smime-spq 1 : id-smime-spq-ets-sqt-uri -id-smime-spq 2 : id-smime-spq-ets-sqt-unotice - -# S/MIME Commitment Type Identifier -id-smime-cti 1 : id-smime-cti-ets-proofOfOrigin -id-smime-cti 2 : id-smime-cti-ets-proofOfReceipt -id-smime-cti 3 : id-smime-cti-ets-proofOfDelivery -id-smime-cti 4 : id-smime-cti-ets-proofOfSender -id-smime-cti 5 : id-smime-cti-ets-proofOfApproval -id-smime-cti 6 : id-smime-cti-ets-proofOfCreation - -pkcs9 20 : : friendlyName -pkcs9 21 : : localKeyID -!Alias certTypes pkcs9 22 -certTypes 1 : : x509Certificate -certTypes 2 : : sdsiCertificate -!Alias crlTypes pkcs9 23 -crlTypes 1 : : x509Crl - -!Alias pkcs12 pkcs 12 -!Alias pkcs12-pbeids pkcs12 1 - -!Cname pbe-WithSHA1And128BitRC4 -pkcs12-pbeids 1 : PBE-SHA1-RC4-128 : pbeWithSHA1And128BitRC4 -!Cname pbe-WithSHA1And40BitRC4 -pkcs12-pbeids 2 : PBE-SHA1-RC4-40 : pbeWithSHA1And40BitRC4 -!Cname pbe-WithSHA1And3_Key_TripleDES-CBC -pkcs12-pbeids 3 : PBE-SHA1-3DES : pbeWithSHA1And3-KeyTripleDES-CBC -!Cname pbe-WithSHA1And2_Key_TripleDES-CBC -pkcs12-pbeids 4 : PBE-SHA1-2DES : pbeWithSHA1And2-KeyTripleDES-CBC -!Cname pbe-WithSHA1And128BitRC2-CBC -pkcs12-pbeids 5 : PBE-SHA1-RC2-128 : pbeWithSHA1And128BitRC2-CBC -!Cname pbe-WithSHA1And40BitRC2-CBC -pkcs12-pbeids 6 : PBE-SHA1-RC2-40 : pbeWithSHA1And40BitRC2-CBC - -!Alias pkcs12-Version1 pkcs12 10 -!Alias pkcs12-BagIds pkcs12-Version1 1 -pkcs12-BagIds 1 : : keyBag -pkcs12-BagIds 2 : : pkcs8ShroudedKeyBag -pkcs12-BagIds 3 : : certBag -pkcs12-BagIds 4 : : crlBag -pkcs12-BagIds 5 : : secretBag -pkcs12-BagIds 6 : : safeContentsBag - -rsadsi 2 2 : MD2 : md2 -rsadsi 2 4 : MD4 : md4 -rsadsi 2 5 : MD5 : md5 - : MD5-SHA1 : md5-sha1 -rsadsi 2 7 : : hmacWithSHA1 -rsadsi 3 2 : RC2-CBC : rc2-cbc - : RC2-ECB : rc2-ecb -!Cname rc2-cfb64 - : RC2-CFB : rc2-cfb -!Cname rc2-ofb64 - : RC2-OFB : rc2-ofb - : RC2-40-CBC : rc2-40-cbc - : RC2-64-CBC : rc2-64-cbc -rsadsi 3 4 : RC4 : rc4 - : RC4-40 : rc4-40 -rsadsi 3 7 : DES-EDE3-CBC : des-ede3-cbc -rsadsi 3 8 : RC5-CBC : rc5-cbc - : RC5-ECB : rc5-ecb -!Cname rc5-cfb64 - : RC5-CFB : rc5-cfb -!Cname rc5-ofb64 - : RC5-OFB : rc5-ofb - -!Cname ms-ext-req -1 3 6 1 4 1 311 2 1 14 : msExtReq : Microsoft Extension Request -!Cname ms-code-ind -1 3 6 1 4 1 311 2 1 21 : msCodeInd : Microsoft Individual Code Signing -!Cname ms-code-com -1 3 6 1 4 1 311 2 1 22 : msCodeCom : Microsoft Commercial Code Signing -!Cname ms-ctl-sign -1 3 6 1 4 1 311 10 3 1 : msCTLSign : Microsoft Trust List Signing -!Cname ms-sgc -1 3 6 1 4 1 311 10 3 3 : msSGC : Microsoft Server Gated Crypto -!Cname ms-efs -1 3 6 1 4 1 311 10 3 4 : msEFS : Microsoft Encrypted File System - -1 3 6 1 4 1 188 7 1 1 2 : IDEA-CBC : idea-cbc - : IDEA-ECB : idea-ecb -!Cname idea-cfb64 - : IDEA-CFB : idea-cfb -!Cname idea-ofb64 - : IDEA-OFB : idea-ofb - -1 3 6 1 4 1 3029 1 2 : BF-CBC : bf-cbc - : BF-ECB : bf-ecb -!Cname bf-cfb64 - : BF-CFB : bf-cfb -!Cname bf-ofb64 - : BF-OFB : bf-ofb - -!Cname id-pkix -1 3 6 1 5 5 7 : PKIX - -# PKIX Arcs -id-pkix 0 : id-pkix-mod -id-pkix 1 : id-pe -id-pkix 2 : id-qt -id-pkix 3 : id-kp -id-pkix 4 : id-it -id-pkix 5 : id-pkip -id-pkix 6 : id-alg -id-pkix 7 : id-cmc -id-pkix 8 : id-on -id-pkix 9 : id-pda -id-pkix 10 : id-aca -id-pkix 11 : id-qcs -id-pkix 12 : id-cct -id-pkix 48 : id-ad - -# PKIX Modules -id-pkix-mod 1 : id-pkix1-explicit-88 -id-pkix-mod 2 : id-pkix1-implicit-88 -id-pkix-mod 3 : id-pkix1-explicit-93 -id-pkix-mod 4 : id-pkix1-implicit-93 -id-pkix-mod 5 : id-mod-crmf -id-pkix-mod 6 : id-mod-cmc -id-pkix-mod 7 : id-mod-kea-profile-88 -id-pkix-mod 8 : id-mod-kea-profile-93 -id-pkix-mod 9 : id-mod-cmp -id-pkix-mod 10 : id-mod-qualified-cert-88 -id-pkix-mod 11 : id-mod-qualified-cert-93 -id-pkix-mod 12 : id-mod-attribute-cert -id-pkix-mod 13 : id-mod-timestamp-protocol -id-pkix-mod 14 : id-mod-ocsp -id-pkix-mod 15 : id-mod-dvcs -id-pkix-mod 16 : id-mod-cmp2000 - -# PKIX Private Extensions -!Cname info-access -id-pe 1 : authorityInfoAccess : Authority Information Access -id-pe 2 : biometricInfo : Biometric Info -id-pe 3 : qcStatements -id-pe 4 : ac-auditEntity -id-pe 5 : ac-targeting -id-pe 6 : aaControls -id-pe 7 : sbqp-ipAddrBlock -id-pe 8 : sbqp-autonomousSysNum -id-pe 9 : sbqp-routerIdentifier - -# PKIX policyQualifiers for Internet policy qualifiers -id-qt 1 : id-qt-cps : Policy Qualifier CPS -id-qt 2 : id-qt-unotice : Policy Qualifier User Notice -id-qt 3 : textNotice - -# PKIX key purpose identifiers -!Cname server-auth -id-kp 1 : serverAuth : TLS Web Server Authentication -!Cname client-auth -id-kp 2 : clientAuth : TLS Web Client Authentication -!Cname code-sign -id-kp 3 : codeSigning : Code Signing -!Cname email-protect -id-kp 4 : emailProtection : E-mail Protection -id-kp 5 : ipsecEndSystem : IPSec End System -id-kp 6 : ipsecTunnel : IPSec Tunnel -id-kp 7 : ipsecUser : IPSec User -!Cname time-stamp -id-kp 8 : timeStamping : Time Stamping -# From OCSP spec RFC2560 -!Cname OCSP-sign -id-kp 9 : OCSPSigning : OCSP Signing -id-kp 10 : DVCS : dvcs - -# CMP information types -id-it 1 : id-it-caProtEncCert -id-it 2 : id-it-signKeyPairTypes -id-it 3 : id-it-encKeyPairTypes -id-it 4 : id-it-preferredSymmAlg -id-it 5 : id-it-caKeyUpdateInfo -id-it 6 : id-it-currentCRL -id-it 7 : id-it-unsupportedOIDs -# obsolete -id-it 8 : id-it-subscriptionRequest -# obsolete -id-it 9 : id-it-subscriptionResponse -id-it 10 : id-it-keyPairParamReq -id-it 11 : id-it-keyPairParamRep -id-it 12 : id-it-revPassphrase -id-it 13 : id-it-implicitConfirm -id-it 14 : id-it-confirmWaitTime -id-it 15 : id-it-origPKIMessage - -# CRMF registration -id-pkip 1 : id-regCtrl -id-pkip 2 : id-regInfo - -# CRMF registration controls -id-regCtrl 1 : id-regCtrl-regToken -id-regCtrl 2 : id-regCtrl-authenticator -id-regCtrl 3 : id-regCtrl-pkiPublicationInfo -id-regCtrl 4 : id-regCtrl-pkiArchiveOptions -id-regCtrl 5 : id-regCtrl-oldCertID -id-regCtrl 6 : id-regCtrl-protocolEncrKey - -# CRMF registration information -id-regInfo 1 : id-regInfo-utf8Pairs -id-regInfo 2 : id-regInfo-certReq - -# algorithms -id-alg 1 : id-alg-des40 -id-alg 2 : id-alg-noSignature -id-alg 3 : id-alg-dh-sig-hmac-sha1 -id-alg 4 : id-alg-dh-pop - -# CMC controls -id-cmc 1 : id-cmc-statusInfo -id-cmc 2 : id-cmc-identification -id-cmc 3 : id-cmc-identityProof -id-cmc 4 : id-cmc-dataReturn -id-cmc 5 : id-cmc-transactionId -id-cmc 6 : id-cmc-senderNonce -id-cmc 7 : id-cmc-recipientNonce -id-cmc 8 : id-cmc-addExtensions -id-cmc 9 : id-cmc-encryptedPOP -id-cmc 10 : id-cmc-decryptedPOP -id-cmc 11 : id-cmc-lraPOPWitness -id-cmc 15 : id-cmc-getCert -id-cmc 16 : id-cmc-getCRL -id-cmc 17 : id-cmc-revokeRequest -id-cmc 18 : id-cmc-regInfo -id-cmc 19 : id-cmc-responseInfo -id-cmc 21 : id-cmc-queryPending -id-cmc 22 : id-cmc-popLinkRandom -id-cmc 23 : id-cmc-popLinkWitness -id-cmc 24 : id-cmc-confirmCertAcceptance - -# other names -id-on 1 : id-on-personalData - -# personal data attributes -id-pda 1 : id-pda-dateOfBirth -id-pda 2 : id-pda-placeOfBirth -id-pda 3 : id-pda-pseudonym -id-pda 4 : id-pda-gender -id-pda 5 : id-pda-countryOfCitizenship -id-pda 6 : id-pda-countryOfResidence - -# attribute certificate attributes -id-aca 1 : id-aca-authenticationInfo -id-aca 2 : id-aca-accessIdentity -id-aca 3 : id-aca-chargingIdentity -id-aca 4 : id-aca-group -id-aca 5 : id-aca-role - -# qualified certificate statements -id-qcs 1 : id-qcs-pkixQCSyntax-v1 - -# CMC content types -id-cct 1 : id-cct-crs -id-cct 2 : id-cct-PKIData -id-cct 3 : id-cct-PKIResponse - -# access descriptors for authority info access extension -!Cname ad-OCSP -id-ad 1 : OCSP : OCSP -!Cname ad-ca-issuers -id-ad 2 : caIssuers : CA Issuers -!Cname ad-timeStamping -id-ad 3 : ad_timestamping : AD Time Stamping -!Cname ad-dvcs -id-ad 4 : AD_DVCS : ad dvcs - - -!Alias id-pkix-OCSP ad-OCSP -!module id-pkix-OCSP -!Cname basic -id-pkix-OCSP 1 : basicOCSPResponse : Basic OCSP Response -id-pkix-OCSP 2 : Nonce : OCSP Nonce -id-pkix-OCSP 3 : CrlID : OCSP CRL ID -id-pkix-OCSP 4 : acceptableResponses : Acceptable OCSP Responses -id-pkix-OCSP 5 : noCheck -id-pkix-OCSP 6 : archiveCutoff : OCSP Archive Cutoff -id-pkix-OCSP 7 : serviceLocator : OCSP Service Locator -id-pkix-OCSP 8 : extendedStatus : Extended OCSP Status -id-pkix-OCSP 9 : valid -id-pkix-OCSP 10 : path -id-pkix-OCSP 11 : trustRoot : Trust Root -!global - -1 3 14 3 2 : algorithm : algorithm -algorithm 3 : RSA-NP-MD5 : md5WithRSA -algorithm 6 : DES-ECB : des-ecb -algorithm 7 : DES-CBC : des-cbc -!Cname des-ofb64 -algorithm 8 : DES-OFB : des-ofb -!Cname des-cfb64 -algorithm 9 : DES-CFB : des-cfb -algorithm 11 : rsaSignature -!Cname dsa-2 -algorithm 12 : DSA-old : dsaEncryption-old -algorithm 13 : DSA-SHA : dsaWithSHA -algorithm 15 : RSA-SHA : shaWithRSAEncryption -algorithm 17 : DES-EDE : des-ede - : DES-EDE3 : des-ede3 - : DES-EDE-CBC : des-ede-cbc -!Cname des-ede-cfb64 - : DES-EDE-CFB : des-ede-cfb -!Cname des-ede3-cfb64 - : DES-EDE3-CFB : des-ede3-cfb -!Cname des-ede-ofb64 - : DES-EDE-OFB : des-ede-ofb -!Cname des-ede3-ofb64 - : DES-EDE3-OFB : des-ede3-ofb - : DESX-CBC : desx-cbc -algorithm 18 : SHA : sha -algorithm 26 : SHA1 : sha1 -!Cname dsaWithSHA1-2 -algorithm 27 : DSA-SHA1-old : dsaWithSHA1-old -algorithm 29 : RSA-SHA1-2 : sha1WithRSA - -1 3 36 3 2 1 : RIPEMD160 : ripemd160 -1 3 36 3 3 1 2 : RSA-RIPEMD160 : ripemd160WithRSA - -!Cname sxnet -1 3 101 1 4 1 : SXNetID : Strong Extranet ID - -2 5 : X500 : directory services (X.500) - -X500 4 : X509 -X509 3 : CN : commonName -X509 4 : S : surname -X509 5 : SN : serialNumber -X509 6 : C : countryName -X509 7 : L : localityName -X509 8 : ST : stateOrProvinceName -X509 10 : O : organizationName -X509 11 : OU : organizationalUnitName -X509 12 : T : title -X509 13 : D : description -X509 41 : name : name -X509 42 : G : givenName -X509 43 : I : initials -X509 45 : UID : uniqueIdentifier -X509 46 : dnQualifier : dnQualifier - -X500 8 : X500algorithms : directory services - algorithms -X500algorithms 1 1 : RSA : rsa -X500algorithms 3 100 : RSA-MDC2 : mdc2WithRSA -X500algorithms 3 101 : MDC2 : mdc2 - -X500 29 : id-ce -!Cname subject-key-identifier -id-ce 14 : subjectKeyIdentifier : X509v3 Subject Key Identifier -!Cname key-usage -id-ce 15 : keyUsage : X509v3 Key Usage -!Cname private-key-usage-period -id-ce 16 : privateKeyUsagePeriod : X509v3 Private Key Usage Period -!Cname subject-alt-name -id-ce 17 : subjectAltName : X509v3 Subject Alternative Name -!Cname issuer-alt-name -id-ce 18 : issuerAltName : X509v3 Issuer Alternative Name -!Cname basic-constraints -id-ce 19 : basicConstraints : X509v3 Basic Constraints -!Cname crl-number -id-ce 20 : crlNumber : X509v3 CRL Number -!Cname crl-reason -id-ce 21 : CRLReason : X509v3 CRL Reason Code -!Cname invalidity-date -id-ce 24 : invalidityDate : Invalidity Date -!Cname delta-crl -id-ce 27 : deltaCRL : X509v3 Delta CRL Indicator -!Cname crl-distribution-points -id-ce 31 : crlDistributionPoints : X509v3 CRL Distribution Points -!Cname certificate-policies -id-ce 32 : certificatePolicies : X509v3 Certificate Policies -!Cname authority-key-identifier -id-ce 35 : authorityKeyIdentifier : X509v3 Authority Key Identifier -!Cname ext-key-usage -id-ce 37 : extendedKeyUsage : X509v3 Extended Key Usage - -!Cname netscape -2 16 840 1 113730 : Netscape : Netscape Communications Corp. -!Cname netscape-cert-extension -netscape 1 : nsCertExt : Netscape Certificate Extension -!Cname netscape-data-type -netscape 2 : nsDataType : Netscape Data Type -!Cname netscape-cert-type -netscape-cert-extension 1 : nsCertType : Netscape Cert Type -!Cname netscape-base-url -netscape-cert-extension 2 : nsBaseUrl : Netscape Base Url -!Cname netscape-revocation-url -netscape-cert-extension 3 : nsRevocationUrl : Netscape Revocation Url -!Cname netscape-ca-revocation-url -netscape-cert-extension 4 : nsCaRevocationUrl : Netscape CA Revocation Url -!Cname netscape-renewal-url -netscape-cert-extension 7 : nsRenewalUrl : Netscape Renewal Url -!Cname netscape-ca-policy-url -netscape-cert-extension 8 : nsCaPolicyUrl : Netscape CA Policy Url -!Cname netscape-ssl-server-name -netscape-cert-extension 12 : nsSslServerName : Netscape SSL Server Name -!Cname netscape-comment -netscape-cert-extension 13 : nsComment : Netscape Comment -!Cname netscape-cert-sequence -netscape-data-type 5 : nsCertSequence : Netscape Certificate Sequence -!Cname ns-sgc -netscape 4 1 : nsSGC : Netscape Server Gated Crypto - -# iso(1) -iso 3 : ORG : org -org 6 : DOD : dod -dod 1 : IANA : iana -!Alias internet iana - -internet 1 : directory : Directory -internet 2 : mgmt : Management -internet 3 : experimental : Experimental -internet 4 : private : Private -internet 5 : security : Security -internet 6 : snmpv2 : SNMPv2 -internet 7 : mail : Mail - -private 1 : enterprises : Enterprises - -# RFC 2247 -enterprises 1466 344 : dcobject : dcObject - -# Stray OIDs we don't know the full name of each step for -# RFC 2247 -0 9 2342 19200300 100 1 25 : DC : domainComponent -0 9 2342 19200300 100 4 13 : domain : Domain - -# What the hell are these OIDs, really? -!Cname rle-compression -1 1 1 1 666 1 : RLE : run length compression -!Cname zlib-compression -1 1 1 1 666 2 : ZLIB : zlib compression - diff --git a/src/lib/libcrypto/opensslv.h b/src/lib/libcrypto/opensslv.h deleted file mode 100644 index 6b5aedeea6..0000000000 --- a/src/lib/libcrypto/opensslv.h +++ /dev/null @@ -1,85 +0,0 @@ -#ifndef HEADER_OPENSSLV_H -#define HEADER_OPENSSLV_H - -/* Numeric release version identifier: - * MMNNFFPPS: major minor fix patch status - * The status nibble has one of the values 0 for development, 1 to e for betas - * 1 to 14, and f for release. The patch level is exactly that. - * For example: - * 0.9.3-dev 0x00903000 - * 0.9.3-beta1 0x00903001 - * 0.9.3-beta2-dev 0x00903002 - * 0.9.3-beta2 0x00903002 (same as ...beta2-dev) - * 0.9.3 0x0090300f - * 0.9.3a 0x0090301f - * 0.9.4 0x0090400f - * 1.2.3z 0x102031af - * - * For continuity reasons (because 0.9.5 is already out, and is coded - * 0x00905100), between 0.9.5 and 0.9.6 the coding of the patch level - * part is slightly different, by setting the highest bit. This means - * that 0.9.5a looks like this: 0x0090581f. At 0.9.6, we can start - * with 0x0090600S... - * - * (Prior to 0.9.3-dev a different scheme was used: 0.9.2b is 0x0922.) - * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for - * major minor fix final patch/beta) - */ -#define OPENSSL_VERSION_NUMBER 0x0090600fL -#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.6 [engine] 24 Sep 2000" -#define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT - - -/* The macros below are to be used for shared library (.so, .dll, ...) - * versioning. That kind of versioning works a bit differently between - * operating systems. The most usual scheme is to set a major and a minor - * number, and have the runtime loader check that the major number is equal - * to what it was at application link time, while the minor number has to - * be greater or equal to what it was at application link time. With this - * scheme, the version number is usually part of the file name, like this: - * - * libcrypto.so.0.9 - * - * Some unixen also make a softlink with the major verson number only: - * - * libcrypto.so.0 - * - * On True64 it works a little bit differently. There, the shared library - * version is stored in the file, and is actually a series of versions, - * separated by colons. The rightmost version present in the library when - * linking an application is stored in the application to be matched at - * run time. When the application is run, a check is done to see if the - * library version stored in the application matches any of the versions - * in the version string of the library itself. - * This version string can be constructed in any way, depending on what - * kind of matching is desired. However, to implement the same scheme as - * the one used in the other unixen, all compatible versions, from lowest - * to highest, should be part of the string. Consecutive builds would - * give the following versions strings: - * - * 3.0 - * 3.0:3.1 - * 3.0:3.1:3.2 - * 4.0 - * 4.0:4.1 - * - * Notice how version 4 is completely incompatible with version, and - * therefore give the breach you can see. - * - * There may be other schemes as well that I haven't yet discovered. - * - * So, here's the way it works here: first of all, the library version - * number doesn't need at all to match the overall OpenSSL version. - * However, it's nice and more understandable if it actually does. - * The current library version is stored in the macro SHLIB_VERSION_NUMBER, - * which is just a piece of text in the format "M.m.e" (Major, minor, edit). - * For the sake of True64 and any other OS that behaves in similar ways, - * we need to keep a history of version numbers, which is done in the - * macro SHLIB_VERSION_HISTORY. The numbers are separated by colons and - * should only keep the versions that are binary compatible with the current. - */ -#define SHLIB_VERSION_HISTORY "" -#define SHLIB_VERSION_NUMBER "0.9.6" - - -#endif /* HEADER_OPENSSLV_H */ diff --git a/src/lib/libcrypto/pem/message b/src/lib/libcrypto/pem/message deleted file mode 100644 index e8bf9d7592..0000000000 --- a/src/lib/libcrypto/pem/message +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PRIVACY-ENHANCED MESSAGE----- -Proc-Type: 4,ENCRYPTED -Proc-Type: 4,MIC-ONLY -Proc-Type: 4,MIC-CLEAR -Content-Domain: RFC822 -DEK-Info: DES-CBC,0123456789abcdef -Originator-Certificate - xxxx -Issuer-Certificate - xxxx -MIC-Info: RSA-MD5,RSA, - xxxx - - ------END PRIVACY-ENHANCED MESSAGE----- - diff --git a/src/lib/libcrypto/pem/pem.h b/src/lib/libcrypto/pem/pem.h deleted file mode 100644 index 6d3c446577..0000000000 --- a/src/lib/libcrypto/pem/pem.h +++ /dev/null @@ -1,667 +0,0 @@ -/* crypto/pem/pem.h */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_PEM_H -#define HEADER_PEM_H - -#ifndef NO_BIO -#include -#endif -#ifndef NO_STACK -#include -#endif -#include -#include -#include - -#ifdef __cplusplus -extern "C" { -#endif - -#define PEM_BUFSIZE 1024 - -#define PEM_OBJ_UNDEF 0 -#define PEM_OBJ_X509 1 -#define PEM_OBJ_X509_REQ 2 -#define PEM_OBJ_CRL 3 -#define PEM_OBJ_SSL_SESSION 4 -#define PEM_OBJ_PRIV_KEY 10 -#define PEM_OBJ_PRIV_RSA 11 -#define PEM_OBJ_PRIV_DSA 12 -#define PEM_OBJ_PRIV_DH 13 -#define PEM_OBJ_PUB_RSA 14 -#define PEM_OBJ_PUB_DSA 15 -#define PEM_OBJ_PUB_DH 16 -#define PEM_OBJ_DHPARAMS 17 -#define PEM_OBJ_DSAPARAMS 18 -#define PEM_OBJ_PRIV_RSA_PUBLIC 19 - -#define PEM_ERROR 30 -#define PEM_DEK_DES_CBC 40 -#define PEM_DEK_IDEA_CBC 45 -#define PEM_DEK_DES_EDE 50 -#define PEM_DEK_DES_ECB 60 -#define PEM_DEK_RSA 70 -#define PEM_DEK_RSA_MD2 80 -#define PEM_DEK_RSA_MD5 90 - -#define PEM_MD_MD2 NID_md2 -#define PEM_MD_MD5 NID_md5 -#define PEM_MD_SHA NID_sha -#define PEM_MD_MD2_RSA NID_md2WithRSAEncryption -#define PEM_MD_MD5_RSA NID_md5WithRSAEncryption -#define PEM_MD_SHA_RSA NID_sha1WithRSAEncryption - -#define PEM_STRING_X509_OLD "X509 CERTIFICATE" -#define PEM_STRING_X509 "CERTIFICATE" -#define PEM_STRING_X509_TRUSTED "TRUSTED CERTIFICATE" -#define PEM_STRING_X509_REQ_OLD "NEW CERTIFICATE REQUEST" -#define PEM_STRING_X509_REQ "CERTIFICATE REQUEST" -#define PEM_STRING_X509_CRL "X509 CRL" -#define PEM_STRING_EVP_PKEY "ANY PRIVATE KEY" -#define PEM_STRING_PUBLIC "PUBLIC KEY" -#define PEM_STRING_RSA "RSA PRIVATE KEY" -#define PEM_STRING_RSA_PUBLIC "RSA PUBLIC KEY" -#define PEM_STRING_DSA "DSA PRIVATE KEY" -#define PEM_STRING_DSA_PUBLIC "DSA PUBLIC KEY" -#define PEM_STRING_PKCS7 "PKCS7" -#define PEM_STRING_PKCS8 "ENCRYPTED PRIVATE KEY" -#define PEM_STRING_PKCS8INF "PRIVATE KEY" -#define PEM_STRING_DHPARAMS "DH PARAMETERS" -#define PEM_STRING_SSL_SESSION "SSL SESSION PARAMETERS" -#define PEM_STRING_DSAPARAMS "DSA PARAMETERS" - - -typedef struct PEM_Encode_Seal_st - { - EVP_ENCODE_CTX encode; - EVP_MD_CTX md; - EVP_CIPHER_CTX cipher; - } PEM_ENCODE_SEAL_CTX; - -/* enc_type is one off */ -#define PEM_TYPE_ENCRYPTED 10 -#define PEM_TYPE_MIC_ONLY 20 -#define PEM_TYPE_MIC_CLEAR 30 -#define PEM_TYPE_CLEAR 40 - -typedef struct pem_recip_st - { - char *name; - X509_NAME *dn; - - int cipher; - int key_enc; - char iv[8]; - } PEM_USER; - -typedef struct pem_ctx_st - { - int type; /* what type of object */ - - struct { - int version; - int mode; - } proc_type; - - char *domain; - - struct { - int cipher; - unsigned char iv[8]; - } DEK_info; - - PEM_USER *originator; - - int num_recipient; - PEM_USER **recipient; - -#ifndef NO_STACK - STACK *x509_chain; /* certificate chain */ -#else - char *x509_chain; /* certificate chain */ -#endif - EVP_MD *md; /* signature type */ - - int md_enc; /* is the md encrypted or not? */ - int md_len; /* length of md_data */ - char *md_data; /* message digest, could be pkey encrypted */ - - EVP_CIPHER *dec; /* date encryption cipher */ - int key_len; /* key length */ - unsigned char *key; /* key */ - unsigned char iv[8]; /* the iv */ - - - int data_enc; /* is the data encrypted */ - int data_len; - unsigned char *data; - } PEM_CTX; - -/* These macros make the PEM_read/PEM_write functions easier to maintain and - * write. Now they are all implemented with either: - * IMPLEMENT_PEM_rw(...) or IMPLEMENT_PEM_rw_cb(...) - */ - -#ifdef NO_FP_API - -#define IMPLEMENT_PEM_read_fp(name, type, str, asn1) /**/ -#define IMPLEMENT_PEM_write_fp(name, type, str, asn1) /**/ -#define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) /**/ - -#else - -#define IMPLEMENT_PEM_read_fp(name, type, str, asn1) \ -type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u)\ -{ \ -return((type *)PEM_ASN1_read((char *(*)())d2i_##asn1, str,fp,(char **)x,\ - cb,u)); \ -} \ - -#define IMPLEMENT_PEM_write_fp(name, type, str, asn1) \ -int PEM_write_##name(FILE *fp, type *x) \ -{ \ -return(PEM_ASN1_write((int (*)())i2d_##asn1,str,fp, (char *)x, \ - NULL,NULL,0,NULL,NULL)); \ -} - -#define IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) \ -int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \ - unsigned char *kstr, int klen, pem_password_cb *cb, \ - void *u) \ - { \ - return(PEM_ASN1_write((int (*)())i2d_##asn1,str,fp, \ - (char *)x,enc,kstr,klen,cb,u)); \ - } - -#endif - -#define IMPLEMENT_PEM_read_bio(name, type, str, asn1) \ -type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u)\ -{ \ -return((type *)PEM_ASN1_read_bio((char *(*)())d2i_##asn1, str,bp,\ - (char **)x,cb,u)); \ -} - -#define IMPLEMENT_PEM_write_bio(name, type, str, asn1) \ -int PEM_write_bio_##name(BIO *bp, type *x) \ -{ \ -return(PEM_ASN1_write_bio((int (*)())i2d_##asn1,str,bp, (char *)x, \ - NULL,NULL,0,NULL,NULL)); \ -} - -#define IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \ -int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ - unsigned char *kstr, int klen, pem_password_cb *cb, void *u) \ - { \ - return(PEM_ASN1_write_bio((int (*)())i2d_##asn1,str,bp, \ - (char *)x,enc,kstr,klen,cb,u)); \ - } - -#define IMPLEMENT_PEM_write(name, type, str, asn1) \ - IMPLEMENT_PEM_write_bio(name, type, str, asn1) \ - IMPLEMENT_PEM_write_fp(name, type, str, asn1) - -#define IMPLEMENT_PEM_write_cb(name, type, str, asn1) \ - IMPLEMENT_PEM_write_cb_bio(name, type, str, asn1) \ - IMPLEMENT_PEM_write_cb_fp(name, type, str, asn1) - -#define IMPLEMENT_PEM_read(name, type, str, asn1) \ - IMPLEMENT_PEM_read_bio(name, type, str, asn1) \ - IMPLEMENT_PEM_read_fp(name, type, str, asn1) - -#define IMPLEMENT_PEM_rw(name, type, str, asn1) \ - IMPLEMENT_PEM_read(name, type, str, asn1) \ - IMPLEMENT_PEM_write(name, type, str, asn1) - -#define IMPLEMENT_PEM_rw_cb(name, type, str, asn1) \ - IMPLEMENT_PEM_read(name, type, str, asn1) \ - IMPLEMENT_PEM_write_cb(name, type, str, asn1) - -/* These are the same except they are for the declarations */ - -#if defined(WIN16) || defined(NO_FP_API) - -#define DECLARE_PEM_read_fp(name, type) /**/ -#define DECLARE_PEM_write_fp(name, type) /**/ -#define DECLARE_PEM_write_cb_fp(name, type) /**/ - -#else - -#define DECLARE_PEM_read_fp(name, type) \ - type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u); - -#define DECLARE_PEM_write_fp(name, type) \ - int PEM_write_##name(FILE *fp, type *x); - -#define DECLARE_PEM_write_cb_fp(name, type) \ - int PEM_write_##name(FILE *fp, type *x, const EVP_CIPHER *enc, \ - unsigned char *kstr, int klen, pem_password_cb *cb, void *u); - -#endif - -#ifndef NO_BIO -#define DECLARE_PEM_read_bio(name, type) \ - type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u); - -#define DECLARE_PEM_write_bio(name, type) \ - int PEM_write_bio_##name(BIO *bp, type *x); - -#define DECLARE_PEM_write_cb_bio(name, type) \ - int PEM_write_bio_##name(BIO *bp, type *x, const EVP_CIPHER *enc, \ - unsigned char *kstr, int klen, pem_password_cb *cb, void *u); - -#else - -#define DECLARE_PEM_read_bio(name, type) /**/ -#define DECLARE_PEM_write_bio(name, type) /**/ -#define DECLARE_PEM_write_cb_bio(name, type) /**/ - -#endif - -#define DECLARE_PEM_write(name, type) \ - DECLARE_PEM_write_bio(name, type) \ - DECLARE_PEM_write_fp(name, type) - -#define DECLARE_PEM_write_cb(name, type) \ - DECLARE_PEM_write_cb_bio(name, type) \ - DECLARE_PEM_write_cb_fp(name, type) - -#define DECLARE_PEM_read(name, type) \ - DECLARE_PEM_read_bio(name, type) \ - DECLARE_PEM_read_fp(name, type) - -#define DECLARE_PEM_rw(name, type) \ - DECLARE_PEM_read(name, type) \ - DECLARE_PEM_write(name, type) - -#define DECLARE_PEM_rw_cb(name, type) \ - DECLARE_PEM_read(name, type) \ - DECLARE_PEM_write_cb(name, type) - -#ifdef SSLEAY_MACROS - -#define PEM_write_SSL_SESSION(fp,x) \ - PEM_ASN1_write((int (*)())i2d_SSL_SESSION, \ - PEM_STRING_SSL_SESSION,fp, (char *)x, NULL,NULL,0,NULL,NULL) -#define PEM_write_X509(fp,x) \ - PEM_ASN1_write((int (*)())i2d_X509,PEM_STRING_X509,fp, \ - (char *)x, NULL,NULL,0,NULL,NULL) -#define PEM_write_X509_REQ(fp,x) PEM_ASN1_write( \ - (int (*)())i2d_X509_REQ,PEM_STRING_X509_REQ,fp,(char *)x, \ - NULL,NULL,0,NULL,NULL) -#define PEM_write_X509_CRL(fp,x) \ - PEM_ASN1_write((int (*)())i2d_X509_CRL,PEM_STRING_X509_CRL, \ - fp,(char *)x, NULL,NULL,0,NULL,NULL) -#define PEM_write_RSAPrivateKey(fp,x,enc,kstr,klen,cb,u) \ - PEM_ASN1_write((int (*)())i2d_RSAPrivateKey,PEM_STRING_RSA,fp,\ - (char *)x,enc,kstr,klen,cb,u) -#define PEM_write_RSAPublicKey(fp,x) \ - PEM_ASN1_write((int (*)())i2d_RSAPublicKey,\ - PEM_STRING_RSA_PUBLIC,fp,(char *)x,NULL,NULL,0,NULL,NULL) -#define PEM_write_DSAPrivateKey(fp,x,enc,kstr,klen,cb,u) \ - PEM_ASN1_write((int (*)())i2d_DSAPrivateKey,PEM_STRING_DSA,fp,\ - (char *)x,enc,kstr,klen,cb,u) -#define PEM_write_PrivateKey(bp,x,enc,kstr,klen,cb,u) \ - PEM_ASN1_write((int (*)())i2d_PrivateKey,\ - (((x)->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA),\ - bp,(char *)x,enc,kstr,klen,cb,u) -#define PEM_write_PKCS7(fp,x) \ - PEM_ASN1_write((int (*)())i2d_PKCS7,PEM_STRING_PKCS7,fp, \ - (char *)x, NULL,NULL,0,NULL,NULL) -#define PEM_write_DHparams(fp,x) \ - PEM_ASN1_write((int (*)())i2d_DHparams,PEM_STRING_DHPARAMS,fp,\ - (char *)x,NULL,NULL,0,NULL,NULL) - -#define PEM_write_NETSCAPE_CERT_SEQUENCE(fp,x) \ - PEM_ASN1_write((int (*)())i2d_NETSCAPE_CERT_SEQUENCE, \ - PEM_STRING_X509,fp, \ - (char *)x, NULL,NULL,0,NULL,NULL) - -#define PEM_read_SSL_SESSION(fp,x,cb,u) (SSL_SESSION *)PEM_ASN1_read( \ - (char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,fp,(char **)x,cb,u) -#define PEM_read_X509(fp,x,cb,u) (X509 *)PEM_ASN1_read( \ - (char *(*)())d2i_X509,PEM_STRING_X509,fp,(char **)x,cb,u) -#define PEM_read_X509_REQ(fp,x,cb,u) (X509_REQ *)PEM_ASN1_read( \ - (char *(*)())d2i_X509_REQ,PEM_STRING_X509_REQ,fp,(char **)x,cb,u) -#define PEM_read_X509_CRL(fp,x,cb,u) (X509_CRL *)PEM_ASN1_read( \ - (char *(*)())d2i_X509_CRL,PEM_STRING_X509_CRL,fp,(char **)x,cb,u) -#define PEM_read_RSAPrivateKey(fp,x,cb,u) (RSA *)PEM_ASN1_read( \ - (char *(*)())d2i_RSAPrivateKey,PEM_STRING_RSA,fp,(char **)x,cb,u) -#define PEM_read_RSAPublicKey(fp,x,cb,u) (RSA *)PEM_ASN1_read( \ - (char *(*)())d2i_RSAPublicKey,PEM_STRING_RSA_PUBLIC,fp,(char **)x,cb,u) -#define PEM_read_DSAPrivateKey(fp,x,cb,u) (DSA *)PEM_ASN1_read( \ - (char *(*)())d2i_DSAPrivateKey,PEM_STRING_DSA,fp,(char **)x,cb,u) -#define PEM_read_PrivateKey(fp,x,cb,u) (EVP_PKEY *)PEM_ASN1_read( \ - (char *(*)())d2i_PrivateKey,PEM_STRING_EVP_PKEY,fp,(char **)x,cb,u) -#define PEM_read_PKCS7(fp,x,cb,u) (PKCS7 *)PEM_ASN1_read( \ - (char *(*)())d2i_PKCS7,PEM_STRING_PKCS7,fp,(char **)x,cb,u) -#define PEM_read_DHparams(fp,x,cb,u) (DH *)PEM_ASN1_read( \ - (char *(*)())d2i_DHparams,PEM_STRING_DHPARAMS,fp,(char **)x,cb,u) - -#define PEM_read_NETSCAPE_CERT_SEQUENCE(fp,x,cb,u) \ - (NETSCAPE_CERT_SEQUENCE *)PEM_ASN1_read( \ - (char *(*)())d2i_NETSCAPE_CERT_SEQUENCE,PEM_STRING_X509,fp,\ - (char **)x,cb,u) - -#define PEM_write_bio_SSL_SESSION(bp,x) \ - PEM_ASN1_write_bio((int (*)())i2d_SSL_SESSION, \ - PEM_STRING_SSL_SESSION,bp, (char *)x, NULL,NULL,0,NULL,NULL) -#define PEM_write_bio_X509(bp,x) \ - PEM_ASN1_write_bio((int (*)())i2d_X509,PEM_STRING_X509,bp, \ - (char *)x, NULL,NULL,0,NULL,NULL) -#define PEM_write_bio_X509_REQ(bp,x) PEM_ASN1_write_bio( \ - (int (*)())i2d_X509_REQ,PEM_STRING_X509_REQ,bp,(char *)x, \ - NULL,NULL,0,NULL,NULL) -#define PEM_write_bio_X509_CRL(bp,x) \ - PEM_ASN1_write_bio((int (*)())i2d_X509_CRL,PEM_STRING_X509_CRL,\ - bp,(char *)x, NULL,NULL,0,NULL,NULL) -#define PEM_write_bio_RSAPrivateKey(bp,x,enc,kstr,klen,cb,u) \ - PEM_ASN1_write_bio((int (*)())i2d_RSAPrivateKey,PEM_STRING_RSA,\ - bp,(char *)x,enc,kstr,klen,cb,u) -#define PEM_write_bio_RSAPublicKey(bp,x) \ - PEM_ASN1_write_bio((int (*)())i2d_RSAPublicKey, \ - PEM_STRING_RSA_PUBLIC,\ - bp,(char *)x,NULL,NULL,0,NULL,NULL) -#define PEM_write_bio_DSAPrivateKey(bp,x,enc,kstr,klen,cb,u) \ - PEM_ASN1_write_bio((int (*)())i2d_DSAPrivateKey,PEM_STRING_DSA,\ - bp,(char *)x,enc,kstr,klen,cb,u) -#define PEM_write_bio_PrivateKey(bp,x,enc,kstr,klen,cb,u) \ - PEM_ASN1_write_bio((int (*)())i2d_PrivateKey,\ - (((x)->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA),\ - bp,(char *)x,enc,kstr,klen,cb,u) -#define PEM_write_bio_PKCS7(bp,x) \ - PEM_ASN1_write_bio((int (*)())i2d_PKCS7,PEM_STRING_PKCS7,bp, \ - (char *)x, NULL,NULL,0,NULL,NULL) -#define PEM_write_bio_DHparams(bp,x) \ - PEM_ASN1_write_bio((int (*)())i2d_DHparams,PEM_STRING_DHPARAMS,\ - bp,(char *)x,NULL,NULL,0,NULL,NULL) -#define PEM_write_bio_DSAparams(bp,x) \ - PEM_ASN1_write_bio((int (*)())i2d_DSAparams, \ - PEM_STRING_DSAPARAMS,bp,(char *)x,NULL,NULL,0,NULL,NULL) - -#define PEM_write_bio_NETSCAPE_CERT_SEQUENCE(bp,x) \ - PEM_ASN1_write_bio((int (*)())i2d_NETSCAPE_CERT_SEQUENCE, \ - PEM_STRING_X509,bp, \ - (char *)x, NULL,NULL,0,NULL,NULL) - -#define PEM_read_bio_SSL_SESSION(bp,x,cb,u) (SSL_SESSION *)PEM_ASN1_read_bio( \ - (char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,bp,(char **)x,cb,u) -#define PEM_read_bio_X509(bp,x,cb,u) (X509 *)PEM_ASN1_read_bio( \ - (char *(*)())d2i_X509,PEM_STRING_X509,bp,(char **)x,cb,u) -#define PEM_read_bio_X509_REQ(bp,x,cb,u) (X509_REQ *)PEM_ASN1_read_bio( \ - (char *(*)())d2i_X509_REQ,PEM_STRING_X509_REQ,bp,(char **)x,cb,u) -#define PEM_read_bio_X509_CRL(bp,x,cb,u) (X509_CRL *)PEM_ASN1_read_bio( \ - (char *(*)())d2i_X509_CRL,PEM_STRING_X509_CRL,bp,(char **)x,cb,u) -#define PEM_read_bio_RSAPrivateKey(bp,x,cb,u) (RSA *)PEM_ASN1_read_bio( \ - (char *(*)())d2i_RSAPrivateKey,PEM_STRING_RSA,bp,(char **)x,cb,u) -#define PEM_read_bio_RSAPublicKey(bp,x,cb,u) (RSA *)PEM_ASN1_read_bio( \ - (char *(*)())d2i_RSAPublicKey,PEM_STRING_RSA_PUBLIC,bp,(char **)x,cb,u) -#define PEM_read_bio_DSAPrivateKey(bp,x,cb,u) (DSA *)PEM_ASN1_read_bio( \ - (char *(*)())d2i_DSAPrivateKey,PEM_STRING_DSA,bp,(char **)x,cb,u) -#define PEM_read_bio_PrivateKey(bp,x,cb,u) (EVP_PKEY *)PEM_ASN1_read_bio( \ - (char *(*)())d2i_PrivateKey,PEM_STRING_EVP_PKEY,bp,(char **)x,cb,u) - -#define PEM_read_bio_PKCS7(bp,x,cb,u) (PKCS7 *)PEM_ASN1_read_bio( \ - (char *(*)())d2i_PKCS7,PEM_STRING_PKCS7,bp,(char **)x,cb,u) -#define PEM_read_bio_DHparams(bp,x,cb,u) (DH *)PEM_ASN1_read_bio( \ - (char *(*)())d2i_DHparams,PEM_STRING_DHPARAMS,bp,(char **)x,cb,u) -#define PEM_read_bio_DSAparams(bp,x,cb,u) (DSA *)PEM_ASN1_read_bio( \ - (char *(*)())d2i_DSAparams,PEM_STRING_DSAPARAMS,bp,(char **)x,cb,u) - -#define PEM_read_bio_NETSCAPE_CERT_SEQUENCE(bp,x,cb,u) \ - (NETSCAPE_CERT_SEQUENCE *)PEM_ASN1_read_bio( \ - (char *(*)())d2i_NETSCAPE_CERT_SEQUENCE,PEM_STRING_X509,bp,\ - (char **)x,cb,u) - -#endif - -#if 1 -/* "userdata": new with OpenSSL 0.9.4 */ -typedef int pem_password_cb(char *buf, int size, int rwflag, void *userdata); -#else -/* OpenSSL 0.9.3, 0.9.3a */ -typedef int pem_password_cb(char *buf, int size, int rwflag); -#endif - -int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher); -int PEM_do_header (EVP_CIPHER_INFO *cipher, unsigned char *data,long *len, - pem_password_cb *callback,void *u); - -#ifndef NO_BIO -int PEM_read_bio(BIO *bp, char **name, char **header, - unsigned char **data,long *len); -int PEM_write_bio(BIO *bp,const char *name,char *hdr,unsigned char *data, - long len); -char * PEM_ASN1_read_bio(char *(*d2i)(),const char *name,BIO *bp,char **x, - pem_password_cb *cb, void *u); -int PEM_ASN1_write_bio(int (*i2d)(),const char *name,BIO *bp,char *x, - const EVP_CIPHER *enc,unsigned char *kstr,int klen, - pem_password_cb *cb, void *u); -STACK_OF(X509_INFO) * PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u); -int PEM_X509_INFO_write_bio(BIO *bp,X509_INFO *xi, EVP_CIPHER *enc, - unsigned char *kstr, int klen, pem_password_cb *cd, void *u); -#endif - -#ifndef WIN16 -int PEM_read(FILE *fp, char **name, char **header, - unsigned char **data,long *len); -int PEM_write(FILE *fp,char *name,char *hdr,unsigned char *data,long len); -char * PEM_ASN1_read(char *(*d2i)(),const char *name,FILE *fp,char **x, - pem_password_cb *cb, void *u); -int PEM_ASN1_write(int (*i2d)(),const char *name,FILE *fp,char *x, - const EVP_CIPHER *enc,unsigned char *kstr,int klen, - pem_password_cb *callback, void *u); -STACK_OF(X509_INFO) * PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, - pem_password_cb *cb, void *u); -#endif - -int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, - EVP_MD *md_type, unsigned char **ek, int *ekl, - unsigned char *iv, EVP_PKEY **pubk, int npubk); -void PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl, - unsigned char *in, int inl); -int PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig,int *sigl, - unsigned char *out, int *outl, EVP_PKEY *priv); - -void PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type); -void PEM_SignUpdate(EVP_MD_CTX *ctx,unsigned char *d,unsigned int cnt); -int PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, - unsigned int *siglen, EVP_PKEY *pkey); - -void ERR_load_PEM_strings(void); - -void PEM_proc_type(char *buf, int type); -void PEM_dek_info(char *buf, const char *type, int len, char *str); - -#ifndef SSLEAY_MACROS - -#include - -DECLARE_PEM_rw(X509, X509) - -DECLARE_PEM_rw(X509_AUX, X509) - -DECLARE_PEM_rw(X509_REQ, X509_REQ) -DECLARE_PEM_write(X509_REQ_NEW, X509_REQ) - -DECLARE_PEM_rw(X509_CRL, X509_CRL) - -DECLARE_PEM_rw(PKCS7, PKCS7) - -DECLARE_PEM_rw(NETSCAPE_CERT_SEQUENCE, NETSCAPE_CERT_SEQUENCE) - -DECLARE_PEM_rw(PKCS8, X509_SIG) - -DECLARE_PEM_rw(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO) - -#ifndef NO_RSA - -DECLARE_PEM_rw_cb(RSAPrivateKey, RSA) - -DECLARE_PEM_rw(RSAPublicKey, RSA) -DECLARE_PEM_rw(RSA_PUBKEY, RSA) - -#endif - -#ifndef NO_DSA - -DECLARE_PEM_rw_cb(DSAPrivateKey, DSA) - -DECLARE_PEM_rw(DSA_PUBKEY, DSA) - -DECLARE_PEM_rw(DSAparams, DSA) - -#endif - -#ifndef NO_DH - -DECLARE_PEM_rw(DHparams, DH) - -#endif - -DECLARE_PEM_rw_cb(PrivateKey, EVP_PKEY) - -DECLARE_PEM_rw(PUBKEY, EVP_PKEY) - -int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid, - char *kstr, int klen, - pem_password_cb *cb, void *u); -int PEM_write_bio_PKCS8PrivateKey(BIO *, EVP_PKEY *, const EVP_CIPHER *, - char *, int, pem_password_cb *, void *); -int i2d_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc, - char *kstr, int klen, - pem_password_cb *cb, void *u); -int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, EVP_PKEY *x, int nid, - char *kstr, int klen, - pem_password_cb *cb, void *u); -EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u); - -int i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc, - char *kstr, int klen, - pem_password_cb *cb, void *u); -int i2d_PKCS8PrivateKey_nid_fp(FILE *fp, EVP_PKEY *x, int nid, - char *kstr, int klen, - pem_password_cb *cb, void *u); -int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid, - char *kstr, int klen, - pem_password_cb *cb, void *u); - -EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void *u); - -int PEM_write_PKCS8PrivateKey(FILE *fp,EVP_PKEY *x,const EVP_CIPHER *enc, - char *kstr,int klen, pem_password_cb *cd, void *u); - -#endif /* SSLEAY_MACROS */ - - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ - -/* Error codes for the PEM functions. */ - -/* Function codes. */ -#define PEM_F_D2I_PKCS8PRIVATEKEY_BIO 120 -#define PEM_F_D2I_PKCS8PRIVATEKEY_FP 121 -#define PEM_F_DEF_CALLBACK 100 -#define PEM_F_LOAD_IV 101 -#define PEM_F_PEM_ASN1_READ 102 -#define PEM_F_PEM_ASN1_READ_BIO 103 -#define PEM_F_PEM_ASN1_WRITE 104 -#define PEM_F_PEM_ASN1_WRITE_BIO 105 -#define PEM_F_PEM_DO_HEADER 106 -#define PEM_F_PEM_F_DO_PK8KEY_FP 122 -#define PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY 118 -#define PEM_F_PEM_GET_EVP_CIPHER_INFO 107 -#define PEM_F_PEM_READ 108 -#define PEM_F_PEM_READ_BIO 109 -#define PEM_F_PEM_SEALFINAL 110 -#define PEM_F_PEM_SEALINIT 111 -#define PEM_F_PEM_SIGNFINAL 112 -#define PEM_F_PEM_WRITE 113 -#define PEM_F_PEM_WRITE_BIO 114 -#define PEM_F_PEM_WRITE_BIO_PKCS8PRIVATEKEY 119 -#define PEM_F_PEM_X509_INFO_READ 115 -#define PEM_F_PEM_X509_INFO_READ_BIO 116 -#define PEM_F_PEM_X509_INFO_WRITE_BIO 117 - -/* Reason codes. */ -#define PEM_R_BAD_BASE64_DECODE 100 -#define PEM_R_BAD_DECRYPT 101 -#define PEM_R_BAD_END_LINE 102 -#define PEM_R_BAD_IV_CHARS 103 -#define PEM_R_BAD_PASSWORD_READ 104 -#define PEM_R_ERROR_CONVERTING_PRIVATE_KEY 115 -#define PEM_R_NOT_DEK_INFO 105 -#define PEM_R_NOT_ENCRYPTED 106 -#define PEM_R_NOT_PROC_TYPE 107 -#define PEM_R_NO_START_LINE 108 -#define PEM_R_PROBLEMS_GETTING_PASSWORD 109 -#define PEM_R_PUBLIC_KEY_NO_RSA 110 -#define PEM_R_READ_KEY 111 -#define PEM_R_SHORT_HEADER 112 -#define PEM_R_UNSUPPORTED_CIPHER 113 -#define PEM_R_UNSUPPORTED_ENCRYPTION 114 - -#ifdef __cplusplus -} -#endif -#endif - diff --git a/src/lib/libcrypto/pem/pem2.h b/src/lib/libcrypto/pem/pem2.h deleted file mode 100644 index 4e484bcd82..0000000000 --- a/src/lib/libcrypto/pem/pem2.h +++ /dev/null @@ -1,68 +0,0 @@ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* - * This header only exists to break a circular dependency between pem and err - * Ben 30 Jan 1999. - */ - -#ifdef __cplusplus -extern "C" { -#endif - -void ERR_load_PEM_strings(void); - -#ifdef __cplusplus -} -#endif diff --git a/src/lib/libcrypto/pem/pem_all.c b/src/lib/libcrypto/pem/pem_all.c deleted file mode 100644 index dc9c35b4b4..0000000000 --- a/src/lib/libcrypto/pem/pem_all.c +++ /dev/null @@ -1,203 +0,0 @@ -/* crypto/pem/pem_all.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#undef SSLEAY_MACROS -#include "cryptlib.h" -#include -#include -#include -#include -#include - -#ifndef NO_RSA -static RSA *pkey_get_rsa(EVP_PKEY *key, RSA **rsa); -#endif -#ifndef NO_DSA -static DSA *pkey_get_dsa(EVP_PKEY *key, DSA **dsa); -#endif - -IMPLEMENT_PEM_rw(X509, X509, PEM_STRING_X509, X509) - -IMPLEMENT_PEM_rw(X509_AUX, X509, PEM_STRING_X509_TRUSTED, X509_AUX) - -IMPLEMENT_PEM_rw(X509_REQ, X509_REQ, PEM_STRING_X509_REQ, X509_REQ) - -IMPLEMENT_PEM_write(X509_REQ_NEW, X509_REQ, PEM_STRING_X509_REQ_OLD, X509_REQ) - -IMPLEMENT_PEM_rw(X509_CRL, X509_CRL, PEM_STRING_X509_CRL, X509_CRL) - -IMPLEMENT_PEM_rw(PKCS7, PKCS7, PEM_STRING_PKCS7, PKCS7) - -IMPLEMENT_PEM_rw(NETSCAPE_CERT_SEQUENCE, NETSCAPE_CERT_SEQUENCE, - PEM_STRING_X509, NETSCAPE_CERT_SEQUENCE) - -IMPLEMENT_PEM_rw(PKCS8, X509_SIG, PEM_STRING_PKCS8, X509_SIG) -IMPLEMENT_PEM_rw(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO, PEM_STRING_PKCS8INF, - PKCS8_PRIV_KEY_INFO) - -#ifndef NO_RSA - -/* We treat RSA or DSA private keys as a special case. - * - * For private keys we read in an EVP_PKEY structure with - * PEM_read_bio_PrivateKey() and extract the relevant private - * key: this means can handle "traditional" and PKCS#8 formats - * transparently. - */ - -static RSA *pkey_get_rsa(EVP_PKEY *key, RSA **rsa) -{ - RSA *rtmp; - if(!key) return NULL; - rtmp = EVP_PKEY_get1_RSA(key); - EVP_PKEY_free(key); - if(!rtmp) return NULL; - if(rsa) { - RSA_free(*rsa); - *rsa = rtmp; - } - return rtmp; -} - -RSA *PEM_read_bio_RSAPrivateKey(BIO *bp, RSA **rsa, pem_password_cb *cb, - void *u) -{ - EVP_PKEY *pktmp; - pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u); - return pkey_get_rsa(pktmp, rsa); -} - -#ifndef NO_FP_API - -RSA *PEM_read_RSAPrivateKey(FILE *fp, RSA **rsa, pem_password_cb *cb, - void *u) -{ - EVP_PKEY *pktmp; - pktmp = PEM_read_PrivateKey(fp, NULL, cb, u); - return pkey_get_rsa(pktmp, rsa); -} - -#endif - -IMPLEMENT_PEM_write_cb(RSAPrivateKey, RSA, PEM_STRING_RSA, RSAPrivateKey) -IMPLEMENT_PEM_rw(RSAPublicKey, RSA, PEM_STRING_RSA_PUBLIC, RSAPublicKey) -IMPLEMENT_PEM_rw(RSA_PUBKEY, RSA, PEM_STRING_PUBLIC, RSA_PUBKEY) - -#endif - -#ifndef NO_DSA - -static DSA *pkey_get_dsa(EVP_PKEY *key, DSA **dsa) -{ - DSA *dtmp; - if(!key) return NULL; - dtmp = EVP_PKEY_get1_DSA(key); - EVP_PKEY_free(key); - if(!dtmp) return NULL; - if(dsa) { - DSA_free(*dsa); - *dsa = dtmp; - } - return dtmp; -} - -DSA *PEM_read_bio_DSAPrivateKey(BIO *bp, DSA **dsa, pem_password_cb *cb, - void *u) -{ - EVP_PKEY *pktmp; - pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u); - return pkey_get_dsa(pktmp, dsa); -} - -IMPLEMENT_PEM_write_cb(DSAPrivateKey, DSA, PEM_STRING_DSA, DSAPrivateKey) -IMPLEMENT_PEM_rw(DSA_PUBKEY, DSA, PEM_STRING_PUBLIC, DSA_PUBKEY) - -#ifndef NO_FP_API - -DSA *PEM_read_DSAPrivateKey(FILE *fp, DSA **dsa, pem_password_cb *cb, - void *u) -{ - EVP_PKEY *pktmp; - pktmp = PEM_read_PrivateKey(fp, NULL, cb, u); - return pkey_get_dsa(pktmp, dsa); -} - -#endif - -IMPLEMENT_PEM_rw(DSAparams, DSA, PEM_STRING_DSAPARAMS, DSAparams) - -#endif - -#ifndef NO_DH - -IMPLEMENT_PEM_rw(DHparams, DH, PEM_STRING_DHPARAMS, DHparams) - -#endif - - -/* The PrivateKey case is not that straightforward. - * IMPLEMENT_PEM_rw_cb(PrivateKey, EVP_PKEY, PEM_STRING_EVP_PKEY, PrivateKey) - * does not work, RSA and DSA keys have specific strings. - * (When reading, parameter PEM_STRING_EVP_PKEY is a wildcard for anything - * appropriate.) - */ -IMPLEMENT_PEM_read(PrivateKey, EVP_PKEY, PEM_STRING_EVP_PKEY, PrivateKey) -IMPLEMENT_PEM_write_cb(PrivateKey, EVP_PKEY, ((x->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA), PrivateKey) - -IMPLEMENT_PEM_rw(PUBKEY, EVP_PKEY, PEM_STRING_PUBLIC, PUBKEY) diff --git a/src/lib/libcrypto/pem/pem_err.c b/src/lib/libcrypto/pem/pem_err.c deleted file mode 100644 index 8b1789b11c..0000000000 --- a/src/lib/libcrypto/pem/pem_err.c +++ /dev/null @@ -1,131 +0,0 @@ -/* crypto/pem/pem_err.c */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* NOTE: this file was auto generated by the mkerr.pl script: any changes - * made to it will be overwritten when the script next updates this file, - * only reason strings will be preserved. - */ - -#include -#include -#include - -/* BEGIN ERROR CODES */ -#ifndef NO_ERR -static ERR_STRING_DATA PEM_str_functs[]= - { -{ERR_PACK(0,PEM_F_D2I_PKCS8PRIVATEKEY_BIO,0), "d2i_PKCS8PrivateKey_bio"}, -{ERR_PACK(0,PEM_F_D2I_PKCS8PRIVATEKEY_FP,0), "d2i_PKCS8PrivateKey_fp"}, -{ERR_PACK(0,PEM_F_DEF_CALLBACK,0), "DEF_CALLBACK"}, -{ERR_PACK(0,PEM_F_LOAD_IV,0), "LOAD_IV"}, -{ERR_PACK(0,PEM_F_PEM_ASN1_READ,0), "PEM_ASN1_read"}, -{ERR_PACK(0,PEM_F_PEM_ASN1_READ_BIO,0), "PEM_ASN1_read_bio"}, -{ERR_PACK(0,PEM_F_PEM_ASN1_WRITE,0), "PEM_ASN1_write"}, -{ERR_PACK(0,PEM_F_PEM_ASN1_WRITE_BIO,0), "PEM_ASN1_write_bio"}, -{ERR_PACK(0,PEM_F_PEM_DO_HEADER,0), "PEM_do_header"}, -{ERR_PACK(0,PEM_F_PEM_F_DO_PK8KEY_FP,0), "PEM_F_DO_PK8KEY_FP"}, -{ERR_PACK(0,PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY,0), "PEM_F_PEM_WRITE_PKCS8PRIVATEKEY"}, -{ERR_PACK(0,PEM_F_PEM_GET_EVP_CIPHER_INFO,0), "PEM_get_EVP_CIPHER_INFO"}, -{ERR_PACK(0,PEM_F_PEM_READ,0), "PEM_read"}, -{ERR_PACK(0,PEM_F_PEM_READ_BIO,0), "PEM_read_bio"}, -{ERR_PACK(0,PEM_F_PEM_SEALFINAL,0), "PEM_SealFinal"}, -{ERR_PACK(0,PEM_F_PEM_SEALINIT,0), "PEM_SealInit"}, -{ERR_PACK(0,PEM_F_PEM_SIGNFINAL,0), "PEM_SignFinal"}, -{ERR_PACK(0,PEM_F_PEM_WRITE,0), "PEM_write"}, -{ERR_PACK(0,PEM_F_PEM_WRITE_BIO,0), "PEM_write_bio"}, -{ERR_PACK(0,PEM_F_PEM_WRITE_BIO_PKCS8PRIVATEKEY,0), "PEM_write_bio_PKCS8PrivateKey"}, -{ERR_PACK(0,PEM_F_PEM_X509_INFO_READ,0), "PEM_X509_INFO_read"}, -{ERR_PACK(0,PEM_F_PEM_X509_INFO_READ_BIO,0), "PEM_X509_INFO_read_bio"}, -{ERR_PACK(0,PEM_F_PEM_X509_INFO_WRITE_BIO,0), "PEM_X509_INFO_write_bio"}, -{0,NULL} - }; - -static ERR_STRING_DATA PEM_str_reasons[]= - { -{PEM_R_BAD_BASE64_DECODE ,"bad base64 decode"}, -{PEM_R_BAD_DECRYPT ,"bad decrypt"}, -{PEM_R_BAD_END_LINE ,"bad end line"}, -{PEM_R_BAD_IV_CHARS ,"bad iv chars"}, -{PEM_R_BAD_PASSWORD_READ ,"bad password read"}, -{PEM_R_ERROR_CONVERTING_PRIVATE_KEY ,"error converting private key"}, -{PEM_R_NOT_DEK_INFO ,"not dek info"}, -{PEM_R_NOT_ENCRYPTED ,"not encrypted"}, -{PEM_R_NOT_PROC_TYPE ,"not proc type"}, -{PEM_R_NO_START_LINE ,"no start line"}, -{PEM_R_PROBLEMS_GETTING_PASSWORD ,"problems getting password"}, -{PEM_R_PUBLIC_KEY_NO_RSA ,"public key no rsa"}, -{PEM_R_READ_KEY ,"read key"}, -{PEM_R_SHORT_HEADER ,"short header"}, -{PEM_R_UNSUPPORTED_CIPHER ,"unsupported cipher"}, -{PEM_R_UNSUPPORTED_ENCRYPTION ,"unsupported encryption"}, -{0,NULL} - }; - -#endif - -void ERR_load_PEM_strings(void) - { - static int init=1; - - if (init) - { - init=0; -#ifndef NO_ERR - ERR_load_strings(ERR_LIB_PEM,PEM_str_functs); - ERR_load_strings(ERR_LIB_PEM,PEM_str_reasons); -#endif - - } - } diff --git a/src/lib/libcrypto/pem/pem_info.c b/src/lib/libcrypto/pem/pem_info.c deleted file mode 100644 index 1c5c6dea00..0000000000 --- a/src/lib/libcrypto/pem/pem_info.c +++ /dev/null @@ -1,364 +0,0 @@ -/* crypto/pem/pem_info.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include -#include -#include -#include - -#ifndef NO_FP_API -STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u) - { - BIO *b; - STACK_OF(X509_INFO) *ret; - - if ((b=BIO_new(BIO_s_file())) == NULL) - { - PEMerr(PEM_F_PEM_X509_INFO_READ,ERR_R_BUF_LIB); - return(0); - } - BIO_set_fp(b,fp,BIO_NOCLOSE); - ret=PEM_X509_INFO_read_bio(b,sk,cb,u); - BIO_free(b); - return(ret); - } -#endif - -STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u) - { - X509_INFO *xi=NULL; - char *name=NULL,*header=NULL,**pp; - unsigned char *data=NULL,*p; - long len,error=0; - int ok=0; - STACK_OF(X509_INFO) *ret=NULL; - unsigned int i,raw; - char *(*d2i)(); - - if (sk == NULL) - { - if ((ret=sk_X509_INFO_new_null()) == NULL) - { - PEMerr(PEM_F_PEM_X509_INFO_READ_BIO,ERR_R_MALLOC_FAILURE); - goto err; - } - } - else - ret=sk; - - if ((xi=X509_INFO_new()) == NULL) goto err; - for (;;) - { - raw=0; - i=PEM_read_bio(bp,&name,&header,&data,&len); - if (i == 0) - { - error=ERR_GET_REASON(ERR_peek_error()); - if (error == PEM_R_NO_START_LINE) - { - ERR_clear_error(); - break; - } - goto err; - } -start: - if ( (strcmp(name,PEM_STRING_X509) == 0) || - (strcmp(name,PEM_STRING_X509_OLD) == 0)) - { - d2i=(char *(*)())d2i_X509; - if (xi->x509 != NULL) - { - if (!sk_X509_INFO_push(ret,xi)) goto err; - if ((xi=X509_INFO_new()) == NULL) goto err; - goto start; - } - pp=(char **)&(xi->x509); - } - else if ((strcmp(name,PEM_STRING_X509_TRUSTED) == 0)) - { - d2i=(char *(*)())d2i_X509_AUX; - if (xi->x509 != NULL) - { - if (!sk_X509_INFO_push(ret,xi)) goto err; - if ((xi=X509_INFO_new()) == NULL) goto err; - goto start; - } - pp=(char **)&(xi->x509); - } - else if (strcmp(name,PEM_STRING_X509_CRL) == 0) - { - d2i=(char *(*)())d2i_X509_CRL; - if (xi->crl != NULL) - { - if (!sk_X509_INFO_push(ret,xi)) goto err; - if ((xi=X509_INFO_new()) == NULL) goto err; - goto start; - } - pp=(char **)&(xi->crl); - } - else -#ifndef NO_RSA - if (strcmp(name,PEM_STRING_RSA) == 0) - { - d2i=(char *(*)())d2i_RSAPrivateKey; - if (xi->x_pkey != NULL) - { - if (!sk_X509_INFO_push(ret,xi)) goto err; - if ((xi=X509_INFO_new()) == NULL) goto err; - goto start; - } - - xi->enc_data=NULL; - xi->enc_len=0; - - xi->x_pkey=X509_PKEY_new(); - if ((xi->x_pkey->dec_pkey=EVP_PKEY_new()) == NULL) - goto err; - xi->x_pkey->dec_pkey->type=EVP_PKEY_RSA; - pp=(char **)&(xi->x_pkey->dec_pkey->pkey.rsa); - if ((int)strlen(header) > 10) /* assume encrypted */ - raw=1; - } - else -#endif -#ifndef NO_DSA - if (strcmp(name,PEM_STRING_DSA) == 0) - { - d2i=(char *(*)())d2i_DSAPrivateKey; - if (xi->x_pkey != NULL) - { - if (!sk_X509_INFO_push(ret,xi)) goto err; - if ((xi=X509_INFO_new()) == NULL) goto err; - goto start; - } - - xi->enc_data=NULL; - xi->enc_len=0; - - xi->x_pkey=X509_PKEY_new(); - if ((xi->x_pkey->dec_pkey=EVP_PKEY_new()) == NULL) - goto err; - xi->x_pkey->dec_pkey->type=EVP_PKEY_DSA; - pp=(char **)&(xi->x_pkey->dec_pkey->pkey.dsa); - if ((int)strlen(header) > 10) /* assume encrypted */ - raw=1; - } - else -#endif - { - d2i=NULL; - pp=NULL; - } - - if (d2i != NULL) - { - if (!raw) - { - EVP_CIPHER_INFO cipher; - - if (!PEM_get_EVP_CIPHER_INFO(header,&cipher)) - goto err; - if (!PEM_do_header(&cipher,data,&len,cb,u)) - goto err; - p=data; - if (d2i(pp,&p,len) == NULL) - { - PEMerr(PEM_F_PEM_X509_INFO_READ_BIO,ERR_R_ASN1_LIB); - goto err; - } - } - else - { /* encrypted RSA data */ - if (!PEM_get_EVP_CIPHER_INFO(header, - &xi->enc_cipher)) goto err; - xi->enc_data=(char *)data; - xi->enc_len=(int)len; - data=NULL; - } - } - else { - /* unknown */ - } - if (name != NULL) OPENSSL_free(name); - if (header != NULL) OPENSSL_free(header); - if (data != NULL) OPENSSL_free(data); - name=NULL; - header=NULL; - data=NULL; - } - - /* if the last one hasn't been pushed yet and there is anything - * in it then add it to the stack ... - */ - if ((xi->x509 != NULL) || (xi->crl != NULL) || - (xi->x_pkey != NULL) || (xi->enc_data != NULL)) - { - if (!sk_X509_INFO_push(ret,xi)) goto err; - xi=NULL; - } - ok=1; -err: - if (xi != NULL) X509_INFO_free(xi); - if (!ok) - { - for (i=0; ((int)i)x_pkey!=NULL) - { - if ( (xi->enc_data!=NULL) && (xi->enc_len>0) ) - { - /* copy from wierdo names into more normal things */ - iv=xi->enc_cipher.iv; - data=(unsigned char *)xi->enc_data; - i=xi->enc_len; - - /* we take the encryption data from the - * internal stuff rather than what the - * user has passed us ... as we have to - * match exactly for some strange reason - */ - objstr=OBJ_nid2sn( - EVP_CIPHER_nid(xi->enc_cipher.cipher)); - if (objstr == NULL) - { - PEMerr(PEM_F_PEM_X509_INFO_WRITE_BIO,PEM_R_UNSUPPORTED_CIPHER); - goto err; - } - - /* create the right magic header stuff */ - buf[0]='\0'; - PEM_proc_type(buf,PEM_TYPE_ENCRYPTED); - PEM_dek_info(buf,objstr,8,(char *)iv); - - /* use the normal code to write things out */ - i=PEM_write_bio(bp,PEM_STRING_RSA,buf,data,i); - if (i <= 0) goto err; - } - else - { - /* Add DSA/DH */ -#ifndef NO_RSA - /* normal optionally encrypted stuff */ - if (PEM_write_bio_RSAPrivateKey(bp, - xi->x_pkey->dec_pkey->pkey.rsa, - enc,kstr,klen,cb,u)<=0) - goto err; -#endif - } - } - - /* if we have a certificate then write it out now */ - if ((xi->x509 != NULL) || (PEM_write_bio_X509(bp,xi->x509) <= 0)) - goto err; - - /* we are ignoring anything else that is loaded into the X509_INFO - * structure for the moment ... as I don't need it so I'm not - * coding it here and Eric can do it when this makes it into the - * base library --tjh - */ - - ret=1; - -err: - memset((char *)&ctx,0,sizeof(ctx)); - memset(buf,0,PEM_BUFSIZE); - return(ret); - } diff --git a/src/lib/libcrypto/pem/pem_lib.c b/src/lib/libcrypto/pem/pem_lib.c deleted file mode 100644 index a17c3ed57f..0000000000 --- a/src/lib/libcrypto/pem/pem_lib.c +++ /dev/null @@ -1,963 +0,0 @@ -/* crypto/pem/pem_lib.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include -#include -#include -#include -#include -#include -#ifndef NO_DES -#include -#endif - -const char *PEM_version="PEM" OPENSSL_VERSION_PTEXT; - -#define MIN_LENGTH 4 - -static int def_callback(char *buf, int num, int w, void *userdata); -static int load_iv(unsigned char **fromp,unsigned char *to, int num); -static int check_pem(const char *nm, const char *name); -static int do_pk8pkey(BIO *bp, EVP_PKEY *x, int isder, - int nid, const EVP_CIPHER *enc, - char *kstr, int klen, - pem_password_cb *cb, void *u); -static int do_pk8pkey_fp(FILE *bp, EVP_PKEY *x, int isder, - int nid, const EVP_CIPHER *enc, - char *kstr, int klen, - pem_password_cb *cb, void *u); - -static int def_callback(char *buf, int num, int w, void *key) - { -#ifdef NO_FP_API - /* We should not ever call the default callback routine from - * windows. */ - PEMerr(PEM_F_DEF_CALLBACK,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); - return(-1); -#else - int i,j; - const char *prompt; - if(key) { - i=strlen(key); - i=(i > num)?num:i; - memcpy(buf,key,i); - return(i); - } - - prompt=EVP_get_pw_prompt(); - if (prompt == NULL) - prompt="Enter PEM pass phrase:"; - - for (;;) - { - i=EVP_read_pw_string(buf,num,prompt,w); - if (i != 0) - { - PEMerr(PEM_F_DEF_CALLBACK,PEM_R_PROBLEMS_GETTING_PASSWORD); - memset(buf,0,(unsigned int)num); - return(-1); - } - j=strlen(buf); - if (j < MIN_LENGTH) - { - fprintf(stderr,"phrase is too short, needs to be at least %d chars\n",MIN_LENGTH); - } - else - break; - } - return(j); -#endif - } - -void PEM_proc_type(char *buf, int type) - { - const char *str; - - if (type == PEM_TYPE_ENCRYPTED) - str="ENCRYPTED"; - else if (type == PEM_TYPE_MIC_CLEAR) - str="MIC-CLEAR"; - else if (type == PEM_TYPE_MIC_ONLY) - str="MIC-ONLY"; - else - str="BAD-TYPE"; - - strcat(buf,"Proc-Type: 4,"); - strcat(buf,str); - strcat(buf,"\n"); - } - -void PEM_dek_info(char *buf, const char *type, int len, char *str) - { - static unsigned char map[17]="0123456789ABCDEF"; - long i; - int j; - - strcat(buf,"DEK-Info: "); - strcat(buf,type); - strcat(buf,","); - j=strlen(buf); - for (i=0; i>4)&0x0f]; - buf[j+i*2+1]=map[(str[i] )&0x0f]; - } - buf[j+i*2]='\n'; - buf[j+i*2+1]='\0'; - } - -#ifndef NO_FP_API -char *PEM_ASN1_read(char *(*d2i)(), const char *name, FILE *fp, char **x, - pem_password_cb *cb, void *u) - { - BIO *b; - char *ret; - - if ((b=BIO_new(BIO_s_file())) == NULL) - { - PEMerr(PEM_F_PEM_ASN1_READ,ERR_R_BUF_LIB); - return(0); - } - BIO_set_fp(b,fp,BIO_NOCLOSE); - ret=PEM_ASN1_read_bio(d2i,name,b,x,cb,u); - BIO_free(b); - return(ret); - } -#endif - -static int check_pem(const char *nm, const char *name) -{ - /* Normal matching nm and name */ - if (!strcmp(nm,name)) return 1; - - /* Make PEM_STRING_EVP_PKEY match any private key */ - - if(!strcmp(nm,PEM_STRING_PKCS8) && - !strcmp(name,PEM_STRING_EVP_PKEY)) return 1; - - if(!strcmp(nm,PEM_STRING_PKCS8INF) && - !strcmp(name,PEM_STRING_EVP_PKEY)) return 1; - - if(!strcmp(nm,PEM_STRING_RSA) && - !strcmp(name,PEM_STRING_EVP_PKEY)) return 1; - - if(!strcmp(nm,PEM_STRING_DSA) && - !strcmp(name,PEM_STRING_EVP_PKEY)) return 1; - - /* Permit older strings */ - - if(!strcmp(nm,PEM_STRING_X509_OLD) && - !strcmp(name,PEM_STRING_X509)) return 1; - - if(!strcmp(nm,PEM_STRING_X509_REQ_OLD) && - !strcmp(name,PEM_STRING_X509_REQ)) return 1; - - /* Allow normal certs to be read as trusted certs */ - if(!strcmp(nm,PEM_STRING_X509) && - !strcmp(name,PEM_STRING_X509_TRUSTED)) return 1; - - if(!strcmp(nm,PEM_STRING_X509_OLD) && - !strcmp(name,PEM_STRING_X509_TRUSTED)) return 1; - - /* Some CAs use PKCS#7 with CERTIFICATE headers */ - if(!strcmp(nm, PEM_STRING_X509) && - !strcmp(name, PEM_STRING_PKCS7)) return 1; - - return 0; -} - -char *PEM_ASN1_read_bio(char *(*d2i)(), const char *name, BIO *bp, char **x, - pem_password_cb *cb, void *u) - { - EVP_CIPHER_INFO cipher; - char *nm=NULL,*header=NULL; - unsigned char *p=NULL,*data=NULL; - long len; - char *ret=NULL; - - for (;;) - { - if (!PEM_read_bio(bp,&nm,&header,&data,&len)) { - if(ERR_GET_REASON(ERR_peek_error()) == - PEM_R_NO_START_LINE) - ERR_add_error_data(2, "Expecting: ", name); - return(NULL); - } - if(check_pem(nm, name)) break; - OPENSSL_free(nm); - OPENSSL_free(header); - OPENSSL_free(data); - } - if (!PEM_get_EVP_CIPHER_INFO(header,&cipher)) goto err; - if (!PEM_do_header(&cipher,data,&len,cb,u)) goto err; - p=data; - if (strcmp(name,PEM_STRING_EVP_PKEY) == 0) { - if (strcmp(nm,PEM_STRING_RSA) == 0) - ret=d2i(EVP_PKEY_RSA,x,&p,len); - else if (strcmp(nm,PEM_STRING_DSA) == 0) - ret=d2i(EVP_PKEY_DSA,x,&p,len); - else if (strcmp(nm,PEM_STRING_PKCS8INF) == 0) { - PKCS8_PRIV_KEY_INFO *p8inf; - p8inf=d2i_PKCS8_PRIV_KEY_INFO( - (PKCS8_PRIV_KEY_INFO **) x, &p, len); - ret = (char *)EVP_PKCS82PKEY(p8inf); - PKCS8_PRIV_KEY_INFO_free(p8inf); - } else if (strcmp(nm,PEM_STRING_PKCS8) == 0) { - PKCS8_PRIV_KEY_INFO *p8inf; - X509_SIG *p8; - int klen; - char psbuf[PEM_BUFSIZE]; - p8 = d2i_X509_SIG(NULL, &p, len); - if(!p8) goto p8err; - if (cb) klen=cb(psbuf,PEM_BUFSIZE,0,u); - else klen=def_callback(psbuf,PEM_BUFSIZE,0,u); - if (klen <= 0) { - PEMerr(PEM_F_PEM_ASN1_READ_BIO, - PEM_R_BAD_PASSWORD_READ); - goto err; - } - p8inf = M_PKCS8_decrypt(p8, psbuf, klen); - X509_SIG_free(p8); - if(!p8inf) goto p8err; - ret = (char *)EVP_PKCS82PKEY(p8inf); - if(x) { - if(*x) EVP_PKEY_free((EVP_PKEY *)*x); - *x = ret; - } - PKCS8_PRIV_KEY_INFO_free(p8inf); - } - } else ret=d2i(x,&p,len); -p8err: - if (ret == NULL) - PEMerr(PEM_F_PEM_ASN1_READ_BIO,ERR_R_ASN1_LIB); -err: - OPENSSL_free(nm); - OPENSSL_free(header); - OPENSSL_free(data); - return(ret); - } - -#ifndef NO_FP_API -int PEM_ASN1_write(int (*i2d)(), const char *name, FILE *fp, char *x, - const EVP_CIPHER *enc, unsigned char *kstr, int klen, - pem_password_cb *callback, void *u) - { - BIO *b; - int ret; - - if ((b=BIO_new(BIO_s_file())) == NULL) - { - PEMerr(PEM_F_PEM_ASN1_WRITE,ERR_R_BUF_LIB); - return(0); - } - BIO_set_fp(b,fp,BIO_NOCLOSE); - ret=PEM_ASN1_write_bio(i2d,name,b,x,enc,kstr,klen,callback,u); - BIO_free(b); - return(ret); - } -#endif - -int PEM_ASN1_write_bio(int (*i2d)(), const char *name, BIO *bp, char *x, - const EVP_CIPHER *enc, unsigned char *kstr, int klen, - pem_password_cb *callback, void *u) - { - EVP_CIPHER_CTX ctx; - int dsize=0,i,j,ret=0; - unsigned char *p,*data=NULL; - const char *objstr=NULL; - char buf[PEM_BUFSIZE]; - unsigned char key[EVP_MAX_KEY_LENGTH]; - unsigned char iv[EVP_MAX_IV_LENGTH]; - - if (enc != NULL) - { - objstr=OBJ_nid2sn(EVP_CIPHER_nid(enc)); - if (objstr == NULL) - { - PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,PEM_R_UNSUPPORTED_CIPHER); - goto err; - } - } - - if ((dsize=i2d(x,NULL)) < 0) - { - PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,ERR_R_MALLOC_FAILURE); - dsize=0; - goto err; - } - /* dzise + 8 bytes are needed */ - data=(unsigned char *)OPENSSL_malloc((unsigned int)dsize+20); - if (data == NULL) - { - PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,ERR_R_MALLOC_FAILURE); - goto err; - } - p=data; - i=i2d(x,&p); - - if (enc != NULL) - { - if (kstr == NULL) - { - if (callback == NULL) - klen=def_callback(buf,PEM_BUFSIZE,1,u); - else - klen=(*callback)(buf,PEM_BUFSIZE,1,u); - if (klen <= 0) - { - PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,PEM_R_READ_KEY); - goto err; - } -#ifdef CHARSET_EBCDIC - /* Convert the pass phrase from EBCDIC */ - ebcdic2ascii(buf, buf, klen); -#endif - kstr=(unsigned char *)buf; - } - RAND_add(data,i,0);/* put in the RSA key. */ - if (RAND_pseudo_bytes(iv,8) < 0) /* Generate a salt */ - goto err; - /* The 'iv' is used as the iv and as a salt. It is - * NOT taken from the BytesToKey function */ - EVP_BytesToKey(enc,EVP_md5(),iv,kstr,klen,1,key,NULL); - - if (kstr == (unsigned char *)buf) memset(buf,0,PEM_BUFSIZE); - - buf[0]='\0'; - PEM_proc_type(buf,PEM_TYPE_ENCRYPTED); - PEM_dek_info(buf,objstr,8,(char *)iv); - /* k=strlen(buf); */ - - EVP_EncryptInit(&ctx,enc,key,iv); - EVP_EncryptUpdate(&ctx,data,&j,data,i); - EVP_EncryptFinal(&ctx,&(data[j]),&i); - i+=j; - ret=1; - } - else - { - ret=1; - buf[0]='\0'; - } - i=PEM_write_bio(bp,name,buf,data,i); - if (i <= 0) ret=0; -err: - memset(key,0,sizeof(key)); - memset(iv,0,sizeof(iv)); - memset((char *)&ctx,0,sizeof(ctx)); - memset(buf,0,PEM_BUFSIZE); - memset(data,0,(unsigned int)dsize); - OPENSSL_free(data); - return(ret); - } - -int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen, - pem_password_cb *callback,void *u) - { - int i,j,o,klen; - long len; - EVP_CIPHER_CTX ctx; - unsigned char key[EVP_MAX_KEY_LENGTH]; - char buf[PEM_BUFSIZE]; - - len= *plen; - - if (cipher->cipher == NULL) return(1); - if (callback == NULL) - klen=def_callback(buf,PEM_BUFSIZE,0,u); - else - klen=callback(buf,PEM_BUFSIZE,0,u); - if (klen <= 0) - { - PEMerr(PEM_F_PEM_DO_HEADER,PEM_R_BAD_PASSWORD_READ); - return(0); - } -#ifdef CHARSET_EBCDIC - /* Convert the pass phrase from EBCDIC */ - ebcdic2ascii(buf, buf, klen); -#endif - - EVP_BytesToKey(cipher->cipher,EVP_md5(),&(cipher->iv[0]), - (unsigned char *)buf,klen,1,key,NULL); - - j=(int)len; - EVP_DecryptInit(&ctx,cipher->cipher,key,&(cipher->iv[0])); - EVP_DecryptUpdate(&ctx,data,&i,data,j); - o=EVP_DecryptFinal(&ctx,&(data[i]),&j); - EVP_CIPHER_CTX_cleanup(&ctx); - memset((char *)buf,0,sizeof(buf)); - memset((char *)key,0,sizeof(key)); - j+=i; - if (!o) - { - PEMerr(PEM_F_PEM_DO_HEADER,PEM_R_BAD_DECRYPT); - return(0); - } - *plen=j; - return(1); - } - -int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher) - { - int o; - const EVP_CIPHER *enc=NULL; - char *p,c; - - cipher->cipher=NULL; - if ((header == NULL) || (*header == '\0') || (*header == '\n')) - return(1); - if (strncmp(header,"Proc-Type: ",11) != 0) - { PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_NOT_PROC_TYPE); return(0); } - header+=11; - if (*header != '4') return(0); header++; - if (*header != ',') return(0); header++; - if (strncmp(header,"ENCRYPTED",9) != 0) - { PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_NOT_ENCRYPTED); return(0); } - for (; (*header != '\n') && (*header != '\0'); header++) - ; - if (*header == '\0') - { PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_SHORT_HEADER); return(0); } - header++; - if (strncmp(header,"DEK-Info: ",10) != 0) - { PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_NOT_DEK_INFO); return(0); } - header+=10; - - p=header; - for (;;) - { - c= *header; -#ifndef CHARSET_EBCDIC - if (!( ((c >= 'A') && (c <= 'Z')) || (c == '-') || - ((c >= '0') && (c <= '9')))) - break; -#else - if (!( isupper(c) || (c == '-') || - isdigit(c))) - break; -#endif - header++; - } - *header='\0'; - o=OBJ_sn2nid(p); - cipher->cipher=enc=EVP_get_cipherbyname(p); - *header=c; - header++; - - if (enc == NULL) - { - PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_UNSUPPORTED_ENCRYPTION); - return(0); - } - if (!load_iv((unsigned char **)&header,&(cipher->iv[0]),8)) return(0); - - return(1); - } - -static int load_iv(unsigned char **fromp, unsigned char *to, int num) - { - int v,i; - unsigned char *from; - - from= *fromp; - for (i=0; i= '0') && (*from <= '9')) - v= *from-'0'; - else if ((*from >= 'A') && (*from <= 'F')) - v= *from-'A'+10; - else if ((*from >= 'a') && (*from <= 'f')) - v= *from-'a'+10; - else - { - PEMerr(PEM_F_LOAD_IV,PEM_R_BAD_IV_CHARS); - return(0); - } - from++; - to[i/2]|=v<<(long)((!(i&1))*4); - } - - *fromp=from; - return(1); - } - -#ifndef NO_FP_API -int PEM_write(FILE *fp, char *name, char *header, unsigned char *data, - long len) - { - BIO *b; - int ret; - - if ((b=BIO_new(BIO_s_file())) == NULL) - { - PEMerr(PEM_F_PEM_WRITE,ERR_R_BUF_LIB); - return(0); - } - BIO_set_fp(b,fp,BIO_NOCLOSE); - ret=PEM_write_bio(b, name, header, data,len); - BIO_free(b); - return(ret); - } -#endif - -int PEM_write_bio(BIO *bp, const char *name, char *header, unsigned char *data, - long len) - { - int nlen,n,i,j,outl; - unsigned char *buf; - EVP_ENCODE_CTX ctx; - int reason=ERR_R_BUF_LIB; - - EVP_EncodeInit(&ctx); - nlen=strlen(name); - - if ( (BIO_write(bp,"-----BEGIN ",11) != 11) || - (BIO_write(bp,name,nlen) != nlen) || - (BIO_write(bp,"-----\n",6) != 6)) - goto err; - - i=strlen(header); - if (i > 0) - { - if ( (BIO_write(bp,header,i) != i) || - (BIO_write(bp,"\n",1) != 1)) - goto err; - } - - buf=(unsigned char *)OPENSSL_malloc(PEM_BUFSIZE*8); - if (buf == NULL) - { - reason=ERR_R_MALLOC_FAILURE; - goto err; - } - - i=j=0; - while (len > 0) - { - n=(int)((len>(PEM_BUFSIZE*5))?(PEM_BUFSIZE*5):len); - EVP_EncodeUpdate(&ctx,buf,&outl,&(data[j]),n); - if ((outl) && (BIO_write(bp,(char *)buf,outl) != outl)) - goto err; - i+=outl; - len-=n; - j+=n; - } - EVP_EncodeFinal(&ctx,buf,&outl); - if ((outl > 0) && (BIO_write(bp,(char *)buf,outl) != outl)) goto err; - OPENSSL_free(buf); - if ( (BIO_write(bp,"-----END ",9) != 9) || - (BIO_write(bp,name,nlen) != nlen) || - (BIO_write(bp,"-----\n",6) != 6)) - goto err; - return(i+outl); -err: - PEMerr(PEM_F_PEM_WRITE_BIO,reason); - return(0); - } - -#ifndef NO_FP_API -int PEM_read(FILE *fp, char **name, char **header, unsigned char **data, - long *len) - { - BIO *b; - int ret; - - if ((b=BIO_new(BIO_s_file())) == NULL) - { - PEMerr(PEM_F_PEM_READ,ERR_R_BUF_LIB); - return(0); - } - BIO_set_fp(b,fp,BIO_NOCLOSE); - ret=PEM_read_bio(b, name, header, data,len); - BIO_free(b); - return(ret); - } -#endif - -int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data, - long *len) - { - EVP_ENCODE_CTX ctx; - int end=0,i,k,bl=0,hl=0,nohead=0; - char buf[256]; - BUF_MEM *nameB; - BUF_MEM *headerB; - BUF_MEM *dataB,*tmpB; - - nameB=BUF_MEM_new(); - headerB=BUF_MEM_new(); - dataB=BUF_MEM_new(); - if ((nameB == NULL) || (headerB == NULL) || (dataB == NULL)) - { - PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE); - return(0); - } - - buf[254]='\0'; - for (;;) - { - i=BIO_gets(bp,buf,254); - - if (i <= 0) - { - PEMerr(PEM_F_PEM_READ_BIO,PEM_R_NO_START_LINE); - goto err; - } - - while ((i >= 0) && (buf[i] <= ' ')) i--; - buf[++i]='\n'; buf[++i]='\0'; - - if (strncmp(buf,"-----BEGIN ",11) == 0) - { - i=strlen(&(buf[11])); - - if (strncmp(&(buf[11+i-6]),"-----\n",6) != 0) - continue; - if (!BUF_MEM_grow(nameB,i+9)) - { - PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE); - goto err; - } - memcpy(nameB->data,&(buf[11]),i-6); - nameB->data[i-6]='\0'; - break; - } - } - hl=0; - if (!BUF_MEM_grow(headerB,256)) - { PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE); goto err; } - headerB->data[0]='\0'; - for (;;) - { - i=BIO_gets(bp,buf,254); - if (i <= 0) break; - - while ((i >= 0) && (buf[i] <= ' ')) i--; - buf[++i]='\n'; buf[++i]='\0'; - - if (buf[0] == '\n') break; - if (!BUF_MEM_grow(headerB,hl+i+9)) - { PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE); goto err; } - if (strncmp(buf,"-----END ",9) == 0) - { - nohead=1; - break; - } - memcpy(&(headerB->data[hl]),buf,i); - headerB->data[hl+i]='\0'; - hl+=i; - } - - bl=0; - if (!BUF_MEM_grow(dataB,1024)) - { PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE); goto err; } - dataB->data[0]='\0'; - if (!nohead) - { - for (;;) - { - i=BIO_gets(bp,buf,254); - if (i <= 0) break; - - while ((i >= 0) && (buf[i] <= ' ')) i--; - buf[++i]='\n'; buf[++i]='\0'; - - if (i != 65) end=1; - if (strncmp(buf,"-----END ",9) == 0) - break; - if (i > 65) break; - if (!BUF_MEM_grow(dataB,i+bl+9)) - { - PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE); - goto err; - } - memcpy(&(dataB->data[bl]),buf,i); - dataB->data[bl+i]='\0'; - bl+=i; - if (end) - { - buf[0]='\0'; - i=BIO_gets(bp,buf,254); - if (i <= 0) break; - - while ((i >= 0) && (buf[i] <= ' ')) i--; - buf[++i]='\n'; buf[++i]='\0'; - - break; - } - } - } - else - { - tmpB=headerB; - headerB=dataB; - dataB=tmpB; - bl=hl; - } - i=strlen(nameB->data); - if ( (strncmp(buf,"-----END ",9) != 0) || - (strncmp(nameB->data,&(buf[9]),i) != 0) || - (strncmp(&(buf[9+i]),"-----\n",6) != 0)) - { - PEMerr(PEM_F_PEM_READ_BIO,PEM_R_BAD_END_LINE); - goto err; - } - - EVP_DecodeInit(&ctx); - i=EVP_DecodeUpdate(&ctx, - (unsigned char *)dataB->data,&bl, - (unsigned char *)dataB->data,bl); - if (i < 0) - { - PEMerr(PEM_F_PEM_READ_BIO,PEM_R_BAD_BASE64_DECODE); - goto err; - } - i=EVP_DecodeFinal(&ctx,(unsigned char *)&(dataB->data[bl]),&k); - if (i < 0) - { - PEMerr(PEM_F_PEM_READ_BIO,PEM_R_BAD_BASE64_DECODE); - goto err; - } - bl+=k; - - if (bl == 0) goto err; - *name=nameB->data; - *header=headerB->data; - *data=(unsigned char *)dataB->data; - *len=bl; - OPENSSL_free(nameB); - OPENSSL_free(headerB); - OPENSSL_free(dataB); - return(1); -err: - BUF_MEM_free(nameB); - BUF_MEM_free(headerB); - BUF_MEM_free(dataB); - return(0); - } - -/* These functions write a private key in PKCS#8 format: it is a "drop in" - * replacement for PEM_write_bio_PrivateKey() and friends. As usual if 'enc' - * is NULL then it uses the unencrypted private key form. The 'nid' versions - * uses PKCS#5 v1.5 PBE algorithms whereas the others use PKCS#5 v2.0. - */ - -int PEM_write_bio_PKCS8PrivateKey_nid(BIO *bp, EVP_PKEY *x, int nid, - char *kstr, int klen, - pem_password_cb *cb, void *u) -{ - return do_pk8pkey(bp, x, 0, nid, NULL, kstr, klen, cb, u); -} - -int PEM_write_bio_PKCS8PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc, - char *kstr, int klen, - pem_password_cb *cb, void *u) -{ - return do_pk8pkey(bp, x, 0, -1, enc, kstr, klen, cb, u); -} - -int i2d_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc, - char *kstr, int klen, - pem_password_cb *cb, void *u) -{ - return do_pk8pkey(bp, x, 1, -1, enc, kstr, klen, cb, u); -} - -int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, EVP_PKEY *x, int nid, - char *kstr, int klen, - pem_password_cb *cb, void *u) -{ - return do_pk8pkey(bp, x, 1, nid, NULL, kstr, klen, cb, u); -} - -static int do_pk8pkey(BIO *bp, EVP_PKEY *x, int isder, int nid, const EVP_CIPHER *enc, - char *kstr, int klen, - pem_password_cb *cb, void *u) -{ - X509_SIG *p8; - PKCS8_PRIV_KEY_INFO *p8inf; - char buf[PEM_BUFSIZE]; - int ret; - if(!(p8inf = EVP_PKEY2PKCS8(x))) { - PEMerr(PEM_F_PEM_WRITE_BIO_PKCS8PRIVATEKEY, - PEM_R_ERROR_CONVERTING_PRIVATE_KEY); - return 0; - } - if(enc || (nid != -1)) { - if(!kstr) { - if(!cb) klen = def_callback(buf, PEM_BUFSIZE, 1, u); - else klen = cb(buf, PEM_BUFSIZE, 1, u); - if(klen <= 0) { - PEMerr(PEM_F_PEM_WRITE_BIO_PKCS8PRIVATEKEY, - PEM_R_READ_KEY); - PKCS8_PRIV_KEY_INFO_free(p8inf); - return 0; - } - - kstr = buf; - } - p8 = PKCS8_encrypt(nid, enc, kstr, klen, NULL, 0, 0, p8inf); - if(kstr == buf) memset(buf, 0, klen); - PKCS8_PRIV_KEY_INFO_free(p8inf); - if(isder) ret = i2d_PKCS8_bio(bp, p8); - else ret = PEM_write_bio_PKCS8(bp, p8); - X509_SIG_free(p8); - return ret; - } else { - if(isder) ret = i2d_PKCS8_PRIV_KEY_INFO_bio(bp, p8inf); - else ret = PEM_write_bio_PKCS8_PRIV_KEY_INFO(bp, p8inf); - PKCS8_PRIV_KEY_INFO_free(p8inf); - return ret; - } -} - -/* Finally the DER version to read PKCS#8 encrypted private keys. It has to be - * here to access the default callback. - */ - -EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u) -{ - PKCS8_PRIV_KEY_INFO *p8inf = NULL; - X509_SIG *p8 = NULL; - int klen; - EVP_PKEY *ret; - char psbuf[PEM_BUFSIZE]; - p8 = d2i_PKCS8_bio(bp, NULL); - if(!p8) return NULL; - if (cb) klen=cb(psbuf,PEM_BUFSIZE,0,u); - else klen=def_callback(psbuf,PEM_BUFSIZE,0,u); - if (klen <= 0) { - PEMerr(PEM_F_D2I_PKCS8PRIVATEKEY_BIO, PEM_R_BAD_PASSWORD_READ); - X509_SIG_free(p8); - return NULL; - } - p8inf = M_PKCS8_decrypt(p8, psbuf, klen); - X509_SIG_free(p8); - if(!p8inf) return NULL; - ret = EVP_PKCS82PKEY(p8inf); - PKCS8_PRIV_KEY_INFO_free(p8inf); - if(!ret) return NULL; - if(x) { - if(*x) EVP_PKEY_free(*x); - *x = ret; - } - return ret; -} - -#ifndef NO_FP_API - -int i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc, - char *kstr, int klen, - pem_password_cb *cb, void *u) -{ - return do_pk8pkey_fp(fp, x, 1, -1, enc, kstr, klen, cb, u); -} - -int i2d_PKCS8PrivateKey_nid_fp(FILE *fp, EVP_PKEY *x, int nid, - char *kstr, int klen, - pem_password_cb *cb, void *u) -{ - return do_pk8pkey_fp(fp, x, 1, nid, NULL, kstr, klen, cb, u); -} - -int PEM_write_PKCS8PrivateKey_nid(FILE *fp, EVP_PKEY *x, int nid, - char *kstr, int klen, - pem_password_cb *cb, void *u) -{ - return do_pk8pkey_fp(fp, x, 0, nid, NULL, kstr, klen, cb, u); -} - -int PEM_write_PKCS8PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc, - char *kstr, int klen, pem_password_cb *cb, void *u) -{ - return do_pk8pkey_fp(fp, x, 0, -1, enc, kstr, klen, cb, u); -} - -static int do_pk8pkey_fp(FILE *fp, EVP_PKEY *x, int isder, int nid, const EVP_CIPHER *enc, - char *kstr, int klen, - pem_password_cb *cb, void *u) -{ - BIO *bp; - int ret; - if(!(bp = BIO_new_fp(fp, BIO_NOCLOSE))) { - PEMerr(PEM_F_PEM_F_DO_PK8KEY_FP,ERR_R_BUF_LIB); - return(0); - } - ret = do_pk8pkey(bp, x, isder, nid, enc, kstr, klen, cb, u); - BIO_free(bp); - return ret; -} - -EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void *u) -{ - BIO *bp; - EVP_PKEY *ret; - if(!(bp = BIO_new_fp(fp, BIO_NOCLOSE))) { - PEMerr(PEM_F_D2I_PKCS8PRIVATEKEY_FP,ERR_R_BUF_LIB); - return NULL; - } - ret = d2i_PKCS8PrivateKey_bio(bp, x, cb, u); - BIO_free(bp); - return ret; -} - -#endif diff --git a/src/lib/libcrypto/pem/pem_seal.c b/src/lib/libcrypto/pem/pem_seal.c deleted file mode 100644 index 2a6c513348..0000000000 --- a/src/lib/libcrypto/pem/pem_seal.c +++ /dev/null @@ -1,184 +0,0 @@ -/* crypto/pem/pem_seal.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef NO_RSA -#include -#include "cryptlib.h" -#include -#include -#include -#include -#include - -int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type, - unsigned char **ek, int *ekl, unsigned char *iv, EVP_PKEY **pubk, - int npubk) - { - unsigned char key[EVP_MAX_KEY_LENGTH]; - int ret= -1; - int i,j,max=0; - char *s=NULL; - - for (i=0; itype != EVP_PKEY_RSA) - { - PEMerr(PEM_F_PEM_SEALINIT,PEM_R_PUBLIC_KEY_NO_RSA); - goto err; - } - j=RSA_size(pubk[i]->pkey.rsa); - if (j > max) max=j; - } - s=(char *)OPENSSL_malloc(max*2); - if (s == NULL) - { - PEMerr(PEM_F_PEM_SEALINIT,ERR_R_MALLOC_FAILURE); - goto err; - } - - EVP_EncodeInit(&(ctx->encode)); - EVP_SignInit(&(ctx->md),md_type); - - ret=EVP_SealInit(&(ctx->cipher),type,ek,ekl,iv,pubk,npubk); - if (!ret) goto err; - - /* base64 encode the keys */ - for (i=0; ipkey.rsa)); - ekl[i]=j; - memcpy(ek[i],s,j+1); - } - - ret=npubk; -err: - if (s != NULL) OPENSSL_free(s); - memset(key,0,EVP_MAX_KEY_LENGTH); - return(ret); - } - -void PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl, - unsigned char *in, int inl) - { - unsigned char buffer[1600]; - int i,j; - - *outl=0; - EVP_SignUpdate(&(ctx->md),in,inl); - for (;;) - { - if (inl <= 0) break; - if (inl > 1200) - i=1200; - else - i=inl; - EVP_EncryptUpdate(&(ctx->cipher),buffer,&j,in,i); - EVP_EncodeUpdate(&(ctx->encode),out,&j,buffer,j); - *outl+=j; - out+=j; - in+=i; - inl-=i; - } - } - -int PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl, - unsigned char *out, int *outl, EVP_PKEY *priv) - { - unsigned char *s=NULL; - int ret=0,j; - unsigned int i; - - if (priv->type != EVP_PKEY_RSA) - { - PEMerr(PEM_F_PEM_SEALFINAL,PEM_R_PUBLIC_KEY_NO_RSA); - goto err; - } - i=RSA_size(priv->pkey.rsa); - if (i < 100) i=100; - s=(unsigned char *)OPENSSL_malloc(i*2); - if (s == NULL) - { - PEMerr(PEM_F_PEM_SEALFINAL,ERR_R_MALLOC_FAILURE); - goto err; - } - - EVP_EncryptFinal(&(ctx->cipher),s,(int *)&i); - EVP_EncodeUpdate(&(ctx->encode),out,&j,s,i); - *outl=j; - out+=j; - EVP_EncodeFinal(&(ctx->encode),out,&j); - *outl+=j; - - if (!EVP_SignFinal(&(ctx->md),s,&i,priv)) goto err; - *sigl=EVP_EncodeBlock(sig,s,i); - - ret=1; -err: - memset((char *)&(ctx->md),0,sizeof(ctx->md)); - memset((char *)&(ctx->cipher),0,sizeof(ctx->cipher)); - if (s != NULL) OPENSSL_free(s); - return(ret); - } -#else /* !NO_RSA */ - -# if PEDANTIC -static void *dummy=&dummy; -# endif - -#endif diff --git a/src/lib/libcrypto/pem/pem_sign.c b/src/lib/libcrypto/pem/pem_sign.c deleted file mode 100644 index 42d598dd78..0000000000 --- a/src/lib/libcrypto/pem/pem_sign.c +++ /dev/null @@ -1,102 +0,0 @@ -/* crypto/pem/pem_sign.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include -#include -#include -#include - -void PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type) - { - EVP_DigestInit(ctx,type); - } - -void PEM_SignUpdate(EVP_MD_CTX *ctx, unsigned char *data, - unsigned int count) - { - EVP_DigestUpdate(ctx,data,count); - } - -int PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen, - EVP_PKEY *pkey) - { - unsigned char *m; - int i,ret=0; - unsigned int m_len; - - m=(unsigned char *)OPENSSL_malloc(EVP_PKEY_size(pkey)+2); - if (m == NULL) - { - PEMerr(PEM_F_PEM_SIGNFINAL,ERR_R_MALLOC_FAILURE); - goto err; - } - - if (EVP_SignFinal(ctx,m,&m_len,pkey) <= 0) goto err; - - i=EVP_EncodeBlock(sigret,m,m_len); - *siglen=i; - ret=1; -err: - /* ctx has been zeroed by EVP_SignFinal() */ - if (m != NULL) OPENSSL_free(m); - return(ret); - } - diff --git a/src/lib/libcrypto/pem/pkcs7.lis b/src/lib/libcrypto/pem/pkcs7.lis deleted file mode 100644 index be90c5d87f..0000000000 --- a/src/lib/libcrypto/pem/pkcs7.lis +++ /dev/null @@ -1,22 +0,0 @@ -21 0:d=0 hl=2 l= 0 cons: univ: SEQUENCE - 00 2:d=0 hl=2 l= 9 prim: univ: OBJECT_IDENTIFIER :pkcs-7-signedData - 21 13:d=0 hl=2 l= 0 cons: cont: 00 # explicit tag - 21 15:d=0 hl=2 l= 0 cons: univ: SEQUENCE - 00 17:d=0 hl=2 l= 1 prim: univ: INTEGER # version - 20 20:d=0 hl=2 l= 0 cons: univ: SET - 21 22:d=0 hl=2 l= 0 cons: univ: SEQUENCE - 00 24:d=0 hl=2 l= 9 prim: univ: OBJECT_IDENTIFIER :pkcs-7-data - 00 35:d=0 hl=2 l= 0 prim: univ: EOC - 21 37:d=0 hl=2 l= 0 cons: cont: 00 # cert tag - 20 39:d=0 hl=4 l=545 cons: univ: SEQUENCE - 20 588:d=0 hl=4 l=524 cons: univ: SEQUENCE - 00 1116:d=0 hl=2 l= 0 prim: univ: EOC - 21 1118:d=0 hl=2 l= 0 cons: cont: 01 # crl tag - 20 1120:d=0 hl=4 l=653 cons: univ: SEQUENCE - 20 1777:d=0 hl=4 l=285 cons: univ: SEQUENCE - 00 2066:d=0 hl=2 l= 0 prim: univ: EOC - 21 2068:d=0 hl=2 l= 0 cons: univ: SET # signers - 00 2070:d=0 hl=2 l= 0 prim: univ: EOC - 00 2072:d=0 hl=2 l= 0 prim: univ: EOC - 00 2074:d=0 hl=2 l= 0 prim: univ: EOC -00 2076:d=0 hl=2 l= 0 prim: univ: EOC diff --git a/src/lib/libcrypto/perlasm/cbc.pl b/src/lib/libcrypto/perlasm/cbc.pl deleted file mode 100644 index 0145c4f0cc..0000000000 --- a/src/lib/libcrypto/perlasm/cbc.pl +++ /dev/null @@ -1,342 +0,0 @@ -#!/usr/local/bin/perl - -# void des_ncbc_encrypt(input, output, length, schedule, ivec, enc) -# des_cblock (*input); -# des_cblock (*output); -# long length; -# des_key_schedule schedule; -# des_cblock (*ivec); -# int enc; -# -# calls -# des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT); -# - -#&cbc("des_ncbc_encrypt","des_encrypt",0); -#&cbc("BF_cbc_encrypt","BF_encrypt","BF_encrypt", -# 1,4,5,3,5,-1); -#&cbc("des_ncbc_encrypt","des_encrypt","des_encrypt", -# 0,4,5,3,5,-1); -#&cbc("des_ede3_cbc_encrypt","des_encrypt3","des_decrypt3", -# 0,6,7,3,4,5); -# -# When doing a cipher that needs bigendian order, -# for encrypt, the iv is kept in bigendian form, -# while for decrypt, it is kept in little endian. -sub cbc - { - local($name,$enc_func,$dec_func,$swap,$iv_off,$enc_off,$p1,$p2,$p3)=@_; - # name is the function name - # enc_func and dec_func and the functions to call for encrypt/decrypt - # swap is true if byte order needs to be reversed - # iv_off is parameter number for the iv - # enc_off is parameter number for the encrypt/decrypt flag - # p1,p2,p3 are the offsets for parameters to be passed to the - # underlying calls. - - &function_begin_B($name,""); - &comment(""); - - $in="esi"; - $out="edi"; - $count="ebp"; - - &push("ebp"); - &push("ebx"); - &push("esi"); - &push("edi"); - - $data_off=4; - $data_off+=4 if ($p1 > 0); - $data_off+=4 if ($p2 > 0); - $data_off+=4 if ($p3 > 0); - - &mov($count, &wparam(2)); # length - - &comment("getting iv ptr from parameter $iv_off"); - &mov("ebx", &wparam($iv_off)); # Get iv ptr - - &mov($in, &DWP(0,"ebx","",0));# iv[0] - &mov($out, &DWP(4,"ebx","",0));# iv[1] - - &push($out); - &push($in); - &push($out); # used in decrypt for iv[1] - &push($in); # used in decrypt for iv[0] - - &mov("ebx", "esp"); # This is the address of tin[2] - - &mov($in, &wparam(0)); # in - &mov($out, &wparam(1)); # out - - # We have loaded them all, how lets push things - &comment("getting encrypt flag from parameter $enc_off"); - &mov("ecx", &wparam($enc_off)); # Get enc flag - if ($p3 > 0) - { - &comment("get and push parameter $p3"); - if ($enc_off != $p3) - { &mov("eax", &wparam($p3)); &push("eax"); } - else { &push("ecx"); } - } - if ($p2 > 0) - { - &comment("get and push parameter $p2"); - if ($enc_off != $p2) - { &mov("eax", &wparam($p2)); &push("eax"); } - else { &push("ecx"); } - } - if ($p1 > 0) - { - &comment("get and push parameter $p1"); - if ($enc_off != $p1) - { &mov("eax", &wparam($p1)); &push("eax"); } - else { &push("ecx"); } - } - &push("ebx"); # push data/iv - - &cmp("ecx",0); - &jz(&label("decrypt")); - - &and($count,0xfffffff8); - &mov("eax", &DWP($data_off,"esp","",0)); # load iv[0] - &mov("ebx", &DWP($data_off+4,"esp","",0)); # load iv[1] - - &jz(&label("encrypt_finish")); - - ############################################################# - - &set_label("encrypt_loop"); - # encrypt start - # "eax" and "ebx" hold iv (or the last cipher text) - - &mov("ecx", &DWP(0,$in,"",0)); # load first 4 bytes - &mov("edx", &DWP(4,$in,"",0)); # second 4 bytes - - &xor("eax", "ecx"); - &xor("ebx", "edx"); - - &bswap("eax") if $swap; - &bswap("ebx") if $swap; - - &mov(&DWP($data_off,"esp","",0), "eax"); # put in array for call - &mov(&DWP($data_off+4,"esp","",0), "ebx"); # - - &call($enc_func); - - &mov("eax", &DWP($data_off,"esp","",0)); - &mov("ebx", &DWP($data_off+4,"esp","",0)); - - &bswap("eax") if $swap; - &bswap("ebx") if $swap; - - &mov(&DWP(0,$out,"",0),"eax"); - &mov(&DWP(4,$out,"",0),"ebx"); - - # eax and ebx are the next iv. - - &add($in, 8); - &add($out, 8); - - &sub($count, 8); - &jnz(&label("encrypt_loop")); - -###################################################################3 - &set_label("encrypt_finish"); - &mov($count, &wparam(2)); # length - &and($count, 7); - &jz(&label("finish")); - &xor("ecx","ecx"); - &xor("edx","edx"); - &mov($count,&DWP(&label("cbc_enc_jmp_table"),"",$count,4)); - &jmp_ptr($count); - -&set_label("ej7"); - &xor("edx", "edx") if $ppro; # ppro friendly - &movb(&HB("edx"), &BP(6,$in,"",0)); - &shl("edx",8); -&set_label("ej6"); - &movb(&HB("edx"), &BP(5,$in,"",0)); -&set_label("ej5"); - &movb(&LB("edx"), &BP(4,$in,"",0)); -&set_label("ej4"); - &mov("ecx", &DWP(0,$in,"",0)); - &jmp(&label("ejend")); -&set_label("ej3"); - &movb(&HB("ecx"), &BP(2,$in,"",0)); - &xor("ecx", "ecx") if $ppro; # ppro friendly - &shl("ecx",8); -&set_label("ej2"); - &movb(&HB("ecx"), &BP(1,$in,"",0)); -&set_label("ej1"); - &movb(&LB("ecx"), &BP(0,$in,"",0)); -&set_label("ejend"); - - &xor("eax", "ecx"); - &xor("ebx", "edx"); - - &bswap("eax") if $swap; - &bswap("ebx") if $swap; - - &mov(&DWP($data_off,"esp","",0), "eax"); # put in array for call - &mov(&DWP($data_off+4,"esp","",0), "ebx"); # - - &call($enc_func); - - &mov("eax", &DWP($data_off,"esp","",0)); - &mov("ebx", &DWP($data_off+4,"esp","",0)); - - &bswap("eax") if $swap; - &bswap("ebx") if $swap; - - &mov(&DWP(0,$out,"",0),"eax"); - &mov(&DWP(4,$out,"",0),"ebx"); - - &jmp(&label("finish")); - - ############################################################# - ############################################################# - &set_label("decrypt",1); - # decrypt start - &and($count,0xfffffff8); - # The next 2 instructions are only for if the jz is taken - &mov("eax", &DWP($data_off+8,"esp","",0)); # get iv[0] - &mov("ebx", &DWP($data_off+12,"esp","",0)); # get iv[1] - &jz(&label("decrypt_finish")); - - &set_label("decrypt_loop"); - &mov("eax", &DWP(0,$in,"",0)); # load first 4 bytes - &mov("ebx", &DWP(4,$in,"",0)); # second 4 bytes - - &bswap("eax") if $swap; - &bswap("ebx") if $swap; - - &mov(&DWP($data_off,"esp","",0), "eax"); # put back - &mov(&DWP($data_off+4,"esp","",0), "ebx"); # - - &call($dec_func); - - &mov("eax", &DWP($data_off,"esp","",0)); # get return - &mov("ebx", &DWP($data_off+4,"esp","",0)); # - - &bswap("eax") if $swap; - &bswap("ebx") if $swap; - - &mov("ecx", &DWP($data_off+8,"esp","",0)); # get iv[0] - &mov("edx", &DWP($data_off+12,"esp","",0)); # get iv[1] - - &xor("ecx", "eax"); - &xor("edx", "ebx"); - - &mov("eax", &DWP(0,$in,"",0)); # get old cipher text, - &mov("ebx", &DWP(4,$in,"",0)); # next iv actually - - &mov(&DWP(0,$out,"",0),"ecx"); - &mov(&DWP(4,$out,"",0),"edx"); - - &mov(&DWP($data_off+8,"esp","",0), "eax"); # save iv - &mov(&DWP($data_off+12,"esp","",0), "ebx"); # - - &add($in, 8); - &add($out, 8); - - &sub($count, 8); - &jnz(&label("decrypt_loop")); -############################ ENDIT #######################3 - &set_label("decrypt_finish"); - &mov($count, &wparam(2)); # length - &and($count, 7); - &jz(&label("finish")); - - &mov("eax", &DWP(0,$in,"",0)); # load first 4 bytes - &mov("ebx", &DWP(4,$in,"",0)); # second 4 bytes - - &bswap("eax") if $swap; - &bswap("ebx") if $swap; - - &mov(&DWP($data_off,"esp","",0), "eax"); # put back - &mov(&DWP($data_off+4,"esp","",0), "ebx"); # - - &call($dec_func); - - &mov("eax", &DWP($data_off,"esp","",0)); # get return - &mov("ebx", &DWP($data_off+4,"esp","",0)); # - - &bswap("eax") if $swap; - &bswap("ebx") if $swap; - - &mov("ecx", &DWP($data_off+8,"esp","",0)); # get iv[0] - &mov("edx", &DWP($data_off+12,"esp","",0)); # get iv[1] - - &xor("ecx", "eax"); - &xor("edx", "ebx"); - - # this is for when we exit - &mov("eax", &DWP(0,$in,"",0)); # get old cipher text, - &mov("ebx", &DWP(4,$in,"",0)); # next iv actually - -&set_label("dj7"); - &rotr("edx", 16); - &movb(&BP(6,$out,"",0), &LB("edx")); - &shr("edx",16); -&set_label("dj6"); - &movb(&BP(5,$out,"",0), &HB("edx")); -&set_label("dj5"); - &movb(&BP(4,$out,"",0), &LB("edx")); -&set_label("dj4"); - &mov(&DWP(0,$out,"",0), "ecx"); - &jmp(&label("djend")); -&set_label("dj3"); - &rotr("ecx", 16); - &movb(&BP(2,$out,"",0), &LB("ecx")); - &shl("ecx",16); -&set_label("dj2"); - &movb(&BP(1,$in,"",0), &HB("ecx")); -&set_label("dj1"); - &movb(&BP(0,$in,"",0), &LB("ecx")); -&set_label("djend"); - - # final iv is still in eax:ebx - &jmp(&label("finish")); - - -############################ FINISH #######################3 - &set_label("finish",1); - &mov("ecx", &wparam($iv_off)); # Get iv ptr - - ################################################# - $total=16+4; - $total+=4 if ($p1 > 0); - $total+=4 if ($p2 > 0); - $total+=4 if ($p3 > 0); - &add("esp",$total); - - &mov(&DWP(0,"ecx","",0), "eax"); # save iv - &mov(&DWP(4,"ecx","",0), "ebx"); # save iv - - &function_end_A($name); - - &set_label("cbc_enc_jmp_table",1); - &data_word("0"); - &data_word(&label("ej1")); - &data_word(&label("ej2")); - &data_word(&label("ej3")); - &data_word(&label("ej4")); - &data_word(&label("ej5")); - &data_word(&label("ej6")); - &data_word(&label("ej7")); - &set_label("cbc_dec_jmp_table",1); - &data_word("0"); - &data_word(&label("dj1")); - &data_word(&label("dj2")); - &data_word(&label("dj3")); - &data_word(&label("dj4")); - &data_word(&label("dj5")); - &data_word(&label("dj6")); - &data_word(&label("dj7")); - - &function_end_B($name); - - } - -1; diff --git a/src/lib/libcrypto/perlasm/readme b/src/lib/libcrypto/perlasm/readme deleted file mode 100644 index f02bbee75a..0000000000 --- a/src/lib/libcrypto/perlasm/readme +++ /dev/null @@ -1,124 +0,0 @@ -The perl scripts in this directory are my 'hack' to generate -multiple different assembler formats via the one origional script. - -The way to use this library is to start with adding the path to this directory -and then include it. - -push(@INC,"perlasm","../../perlasm"); -require "x86asm.pl"; - -The first thing we do is setup the file and type of assember - -&asm_init($ARGV[0],$0); - -The first argument is the 'type'. Currently -'cpp', 'sol', 'a.out', 'elf' or 'win32'. -Argument 2 is the file name. - -The reciprocal function is -&asm_finish() which should be called at the end. - -There are 2 main 'packages'. x86ms.pl, which is the microsoft assembler, -and x86unix.pl which is the unix (gas) version. - -Functions of interest are: -&external_label("des_SPtrans"); declare and external variable -&LB(reg); Low byte for a register -&HB(reg); High byte for a register -&BP(off,base,index,scale) Byte pointer addressing -&DWP(off,base,index,scale) Word pointer addressing -&stack_push(num) Basically a 'sub esp, num*4' with extra -&stack_pop(num) inverse of stack_push -&function_begin(name,extra) Start a function with pushing of - edi, esi, ebx and ebp. extra is extra win32 - external info that may be required. -&function_begin_B(name,extra) Same as norma function_begin but no pushing. -&function_end(name) Call at end of function. -&function_end_A(name) Standard pop and ret, for use inside functions -&function_end_B(name) Call at end but with poping or 'ret'. -&swtmp(num) Address on stack temp word. -&wparam(num) Parameter number num, that was push - in C convention. This all works over pushes - and pops. -&comment("hello there") Put in a comment. -&label("loop") Refer to a label, normally a jmp target. -&set_label("loop") Set a label at this point. -&data_word(word) Put in a word of data. - -So how does this all hold together? Given - -int calc(int len, int *data) - { - int i,j=0; - - for (i=0; i"); -&comment(""); - - $filename =~ s/\.pl$//; - &file($filename); - } - -sub asm_finish_cpp - { - return unless $cpp; - - local($tmp,$i); - foreach $i (&get_labels()) - { - $tmp.="#define $i _$i\n"; - } - print <<"EOF"; -/* Run the C pre-processor over this file with one of the following defined - * ELF - elf object files, - * OUT - a.out object files, - * BSDI - BSDI style a.out object files - * SOL - Solaris style elf - */ - -#define TYPE(a,b) .type a,b -#define SIZE(a,b) .size a,b - -#if defined(OUT) || (defined(BSDI) && !defined(ELF)) -$tmp -#endif - -#ifdef OUT -#define OK 1 -#define ALIGN 4 -#endif - -#if defined(BSDI) && !defined(ELF) -#define OK 1 -#define ALIGN 4 -#undef SIZE -#undef TYPE -#define SIZE(a,b) -#define TYPE(a,b) -#endif - -#if defined(ELF) || defined(SOL) -#define OK 1 -#define ALIGN 16 -#endif - -#ifndef OK -You need to define one of -ELF - elf systems - linux-elf, NetBSD and DG-UX -OUT - a.out systems - linux-a.out and FreeBSD -SOL - solaris systems, which are elf with strange comment lines -BSDI - a.out with a very primative version of as. -#endif - -/* Let the Assembler begin :-) */ -EOF - } - -1; diff --git a/src/lib/libcrypto/pkcs12/p12_add.c b/src/lib/libcrypto/pkcs12/p12_add.c deleted file mode 100644 index b563656895..0000000000 --- a/src/lib/libcrypto/pkcs12/p12_add.c +++ /dev/null @@ -1,218 +0,0 @@ -/* p12_add.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include "cryptlib.h" -#include - -/* Pack an object into an OCTET STRING and turn into a safebag */ - -PKCS12_SAFEBAG *PKCS12_pack_safebag (char *obj, int (*i2d)(), int nid1, - int nid2) -{ - PKCS12_BAGS *bag; - PKCS12_SAFEBAG *safebag; - if (!(bag = PKCS12_BAGS_new ())) { - PKCS12err(PKCS12_F_PKCS12_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE); - return NULL; - } - bag->type = OBJ_nid2obj(nid1); - if (!ASN1_pack_string(obj, i2d, &bag->value.octet)) { - PKCS12err(PKCS12_F_PKCS12_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE); - return NULL; - } - if (!(safebag = PKCS12_SAFEBAG_new ())) { - PKCS12err(PKCS12_F_PKCS12_PACK_SAFEBAG, ERR_R_MALLOC_FAILURE); - return NULL; - } - safebag->value.bag = bag; - safebag->type = OBJ_nid2obj(nid2); - return safebag; -} - -/* Turn PKCS8 object into a keybag */ - -PKCS12_SAFEBAG *PKCS12_MAKE_KEYBAG (PKCS8_PRIV_KEY_INFO *p8) -{ - PKCS12_SAFEBAG *bag; - if (!(bag = PKCS12_SAFEBAG_new())) { - PKCS12err(PKCS12_F_PKCS12_MAKE_KEYBAG,ERR_R_MALLOC_FAILURE); - return NULL; - } - bag->type = OBJ_nid2obj(NID_keyBag); - bag->value.keybag = p8; - return bag; -} - -/* Turn PKCS8 object into a shrouded keybag */ - -PKCS12_SAFEBAG *PKCS12_MAKE_SHKEYBAG (int pbe_nid, const char *pass, - int passlen, unsigned char *salt, int saltlen, int iter, - PKCS8_PRIV_KEY_INFO *p8) -{ - PKCS12_SAFEBAG *bag; - - /* Set up the safe bag */ - if (!(bag = PKCS12_SAFEBAG_new ())) { - PKCS12err(PKCS12_F_PKCS12_MAKE_SHKEYBAG, ERR_R_MALLOC_FAILURE); - return NULL; - } - - bag->type = OBJ_nid2obj(NID_pkcs8ShroudedKeyBag); - if (!(bag->value.shkeybag = - PKCS8_encrypt(pbe_nid, NULL, pass, passlen, salt, saltlen, iter, - p8))) { - PKCS12err(PKCS12_F_PKCS12_MAKE_SHKEYBAG, ERR_R_MALLOC_FAILURE); - return NULL; - } - - return bag; -} - -/* Turn a stack of SAFEBAGS into a PKCS#7 data Contentinfo */ -PKCS7 *PKCS12_pack_p7data (STACK_OF(PKCS12_SAFEBAG) *sk) -{ - PKCS7 *p7; - if (!(p7 = PKCS7_new())) { - PKCS12err(PKCS12_F_PKCS12_PACK_P7DATA, ERR_R_MALLOC_FAILURE); - return NULL; - } - p7->type = OBJ_nid2obj(NID_pkcs7_data); - if (!(p7->d.data = M_ASN1_OCTET_STRING_new())) { - PKCS12err(PKCS12_F_PKCS12_PACK_P7DATA, ERR_R_MALLOC_FAILURE); - return NULL; - } - - if (!ASN1_seq_pack_PKCS12_SAFEBAG(sk, i2d_PKCS12_SAFEBAG, - &p7->d.data->data, - &p7->d.data->length)) { - PKCS12err(PKCS12_F_PKCS12_PACK_P7DATA, PKCS12_R_CANT_PACK_STRUCTURE); - return NULL; - } - return p7; -} - -/* Turn a stack of SAFEBAGS into a PKCS#7 encrypted data ContentInfo */ - -PKCS7 *PKCS12_pack_p7encdata (int pbe_nid, const char *pass, int passlen, - unsigned char *salt, int saltlen, int iter, - STACK_OF(PKCS12_SAFEBAG) *bags) -{ - PKCS7 *p7; - X509_ALGOR *pbe; - if (!(p7 = PKCS7_new())) { - PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE); - return NULL; - } - if(!PKCS7_set_type(p7, NID_pkcs7_encrypted)) { - PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, - PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE); - return NULL; - } - if (!(pbe = PKCS5_pbe_set (pbe_nid, iter, salt, saltlen))) { - PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE); - return NULL; - } - X509_ALGOR_free(p7->d.encrypted->enc_data->algorithm); - p7->d.encrypted->enc_data->algorithm = pbe; - M_ASN1_OCTET_STRING_free(p7->d.encrypted->enc_data->enc_data); - if (!(p7->d.encrypted->enc_data->enc_data = - PKCS12_i2d_encrypt (pbe, i2d_PKCS12_SAFEBAG, pass, passlen, - (char *)bags, 1))) { - PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, PKCS12_R_ENCRYPT_ERROR); - return NULL; - } - - return p7; -} - -X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher, - const char *pass, int passlen, - unsigned char *salt, int saltlen, int iter, - PKCS8_PRIV_KEY_INFO *p8inf) -{ - X509_SIG *p8; - X509_ALGOR *pbe; - - if (!(p8 = X509_SIG_new())) { - PKCS12err(PKCS12_F_PKCS8_ENCRYPT, ERR_R_MALLOC_FAILURE); - goto err; - } - - if(pbe_nid == -1) pbe = PKCS5_pbe2_set(cipher, iter, salt, saltlen); - else pbe = PKCS5_pbe_set(pbe_nid, iter, salt, saltlen); - if(!pbe) { - PKCS12err(PKCS12_F_PKCS8_ENCRYPT, ERR_R_ASN1_LIB); - goto err; - } - X509_ALGOR_free(p8->algor); - p8->algor = pbe; - M_ASN1_OCTET_STRING_free(p8->digest); - if (!(p8->digest = - PKCS12_i2d_encrypt (pbe, i2d_PKCS8_PRIV_KEY_INFO, pass, passlen, - (char *)p8inf, 0))) { - PKCS12err(PKCS12_F_PKCS8_ENCRYPT, PKCS12_R_ENCRYPT_ERROR); - goto err; - } - - return p8; - - err: - X509_SIG_free(p8); - return NULL; -} diff --git a/src/lib/libcrypto/pkcs12/p12_attr.c b/src/lib/libcrypto/pkcs12/p12_attr.c deleted file mode 100644 index f1a210b5d2..0000000000 --- a/src/lib/libcrypto/pkcs12/p12_attr.c +++ /dev/null @@ -1,238 +0,0 @@ -/* p12_attr.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include "cryptlib.h" -#include - -/* Add a local keyid to a safebag */ - -int PKCS12_add_localkeyid (PKCS12_SAFEBAG *bag, unsigned char *name, - int namelen) -{ - X509_ATTRIBUTE *attrib; - ASN1_BMPSTRING *oct; - ASN1_TYPE *keyid; - if (!(keyid = ASN1_TYPE_new ())) { - PKCS12err(PKCS12_F_PKCS12_ADD_LOCALKEYID, ERR_R_MALLOC_FAILURE); - return 0; - } - keyid->type = V_ASN1_OCTET_STRING; - if (!(oct = M_ASN1_OCTET_STRING_new())) { - PKCS12err(PKCS12_F_PKCS12_ADD_LOCALKEYID, ERR_R_MALLOC_FAILURE); - return 0; - } - if (!M_ASN1_OCTET_STRING_set(oct, name, namelen)) { - PKCS12err(PKCS12_F_PKCS12_ADD_LOCALKEYID, ERR_R_MALLOC_FAILURE); - return 0; - } - keyid->value.octet_string = oct; - if (!(attrib = X509_ATTRIBUTE_new ())) { - PKCS12err(PKCS12_F_PKCS12_ADD_LOCALKEYID, ERR_R_MALLOC_FAILURE); - return 0; - } - attrib->object = OBJ_nid2obj(NID_localKeyID); - if (!(attrib->value.set = sk_ASN1_TYPE_new_null())) { - PKCS12err(PKCS12_F_PKCS12_ADD_LOCALKEYID, ERR_R_MALLOC_FAILURE); - return 0; - } - sk_ASN1_TYPE_push (attrib->value.set,keyid); - attrib->set = 1; - if (!bag->attrib && !(bag->attrib = sk_X509_ATTRIBUTE_new_null ())) { - PKCS12err(PKCS12_F_PKCS12_ADD_LOCALKEYID, ERR_R_MALLOC_FAILURE); - return 0; - } - sk_X509_ATTRIBUTE_push (bag->attrib, attrib); - return 1; -} - -/* Add key usage to PKCS#8 structure */ - -int PKCS8_add_keyusage (PKCS8_PRIV_KEY_INFO *p8, int usage) -{ - X509_ATTRIBUTE *attrib; - ASN1_BIT_STRING *bstr; - ASN1_TYPE *keyid; - unsigned char us_val; - us_val = (unsigned char) usage; - if (!(keyid = ASN1_TYPE_new ())) { - PKCS12err(PKCS12_F_PKCS8_ADD_KEYUSAGE, ERR_R_MALLOC_FAILURE); - return 0; - } - keyid->type = V_ASN1_BIT_STRING; - if (!(bstr = M_ASN1_BIT_STRING_new())) { - PKCS12err(PKCS12_F_PKCS8_ADD_KEYUSAGE, ERR_R_MALLOC_FAILURE); - return 0; - } - if (!M_ASN1_BIT_STRING_set(bstr, &us_val, 1)) { - PKCS12err(PKCS12_F_PKCS8_ADD_KEYUSAGE, ERR_R_MALLOC_FAILURE); - return 0; - } - keyid->value.bit_string = bstr; - if (!(attrib = X509_ATTRIBUTE_new ())) { - PKCS12err(PKCS12_F_PKCS8_ADD_KEYUSAGE, ERR_R_MALLOC_FAILURE); - return 0; - } - attrib->object = OBJ_nid2obj(NID_key_usage); - if (!(attrib->value.set = sk_ASN1_TYPE_new_null())) { - PKCS12err(PKCS12_F_PKCS8_ADD_KEYUSAGE, ERR_R_MALLOC_FAILURE); - return 0; - } - sk_ASN1_TYPE_push (attrib->value.set,keyid); - attrib->set = 1; - if (!p8->attributes - && !(p8->attributes = sk_X509_ATTRIBUTE_new_null ())) { - PKCS12err(PKCS12_F_PKCS8_ADD_KEYUSAGE, ERR_R_MALLOC_FAILURE); - return 0; - } - sk_X509_ATTRIBUTE_push (p8->attributes, attrib); - return 1; -} - -/* Add a friendlyname to a safebag */ - -int PKCS12_add_friendlyname_asc (PKCS12_SAFEBAG *bag, const char *name, - int namelen) -{ - unsigned char *uniname; - int ret, unilen; - if (!asc2uni(name, &uniname, &unilen)) { - PKCS12err(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_ASC, - ERR_R_MALLOC_FAILURE); - return 0; - } - ret = PKCS12_add_friendlyname_uni (bag, uniname, unilen); - OPENSSL_free(uniname); - return ret; -} - - -int PKCS12_add_friendlyname_uni (PKCS12_SAFEBAG *bag, - const unsigned char *name, int namelen) -{ - X509_ATTRIBUTE *attrib; - ASN1_BMPSTRING *bmp; - ASN1_TYPE *fname; - /* Zap ending double null if included */ - if(!name[namelen - 1] && !name[namelen - 2]) namelen -= 2; - if (!(fname = ASN1_TYPE_new ())) { - PKCS12err(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI, - ERR_R_MALLOC_FAILURE); - return 0; - } - fname->type = V_ASN1_BMPSTRING; - if (!(bmp = M_ASN1_BMPSTRING_new())) { - PKCS12err(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI, - ERR_R_MALLOC_FAILURE); - return 0; - } - if (!(bmp->data = OPENSSL_malloc (namelen))) { - PKCS12err(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI, - ERR_R_MALLOC_FAILURE); - return 0; - } - memcpy (bmp->data, name, namelen); - bmp->length = namelen; - fname->value.bmpstring = bmp; - if (!(attrib = X509_ATTRIBUTE_new ())) { - PKCS12err(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI, - ERR_R_MALLOC_FAILURE); - return 0; - } - attrib->object = OBJ_nid2obj(NID_friendlyName); - if (!(attrib->value.set = sk_ASN1_TYPE_new_null())) { - PKCS12err(PKCS12_F_PKCS12_ADD_FRIENDLYNAME, - ERR_R_MALLOC_FAILURE); - return 0; - } - sk_ASN1_TYPE_push (attrib->value.set,fname); - attrib->set = 1; - if (!bag->attrib && !(bag->attrib = sk_X509_ATTRIBUTE_new_null ())) { - PKCS12err(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI, - ERR_R_MALLOC_FAILURE); - return 0; - } - sk_X509_ATTRIBUTE_push (bag->attrib, attrib); - return PKCS12_OK; -} - -ASN1_TYPE *PKCS12_get_attr_gen (STACK_OF(X509_ATTRIBUTE) *attrs, int attr_nid) -{ - X509_ATTRIBUTE *attrib; - int i; - if (!attrs) return NULL; - for (i = 0; i < sk_X509_ATTRIBUTE_num (attrs); i++) { - attrib = sk_X509_ATTRIBUTE_value (attrs, i); - if (OBJ_obj2nid (attrib->object) == attr_nid) { - if (sk_ASN1_TYPE_num (attrib->value.set)) - return sk_ASN1_TYPE_value(attrib->value.set, 0); - else return NULL; - } - } - return NULL; -} - -char *PKCS12_get_friendlyname(PKCS12_SAFEBAG *bag) -{ - ASN1_TYPE *atype; - if (!(atype = PKCS12_get_attr(bag, NID_friendlyName))) return NULL; - if (atype->type != V_ASN1_BMPSTRING) return NULL; - return uni2asc(atype->value.bmpstring->data, - atype->value.bmpstring->length); -} - diff --git a/src/lib/libcrypto/pkcs12/p12_crpt.c b/src/lib/libcrypto/pkcs12/p12_crpt.c deleted file mode 100644 index 7b96584f07..0000000000 --- a/src/lib/libcrypto/pkcs12/p12_crpt.c +++ /dev/null @@ -1,124 +0,0 @@ -/* p12_crpt.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include "cryptlib.h" -#include - -/* PKCS#12 specific PBE functions */ - -void PKCS12_PBE_add(void) -{ -#ifndef NO_RC4 -EVP_PBE_alg_add(NID_pbe_WithSHA1And128BitRC4, EVP_rc4(), EVP_sha1(), - PKCS12_PBE_keyivgen); -EVP_PBE_alg_add(NID_pbe_WithSHA1And40BitRC4, EVP_rc4_40(), EVP_sha1(), - PKCS12_PBE_keyivgen); -#endif -#ifndef NO_DES -EVP_PBE_alg_add(NID_pbe_WithSHA1And3_Key_TripleDES_CBC, - EVP_des_ede3_cbc(), EVP_sha1(), PKCS12_PBE_keyivgen); -EVP_PBE_alg_add(NID_pbe_WithSHA1And2_Key_TripleDES_CBC, - EVP_des_ede_cbc(), EVP_sha1(), PKCS12_PBE_keyivgen); -#endif -#ifndef NO_RC2 -EVP_PBE_alg_add(NID_pbe_WithSHA1And128BitRC2_CBC, EVP_rc2_cbc(), - EVP_sha1(), PKCS12_PBE_keyivgen); -EVP_PBE_alg_add(NID_pbe_WithSHA1And40BitRC2_CBC, EVP_rc2_40_cbc(), - EVP_sha1(), PKCS12_PBE_keyivgen); -#endif -} - -int PKCS12_PBE_keyivgen (EVP_CIPHER_CTX *ctx, const char *pass, int passlen, - ASN1_TYPE *param, EVP_CIPHER *cipher, EVP_MD *md, int en_de) -{ - PBEPARAM *pbe; - int saltlen, iter; - unsigned char *salt, *pbuf; - unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH]; - - /* Extract useful info from parameter */ - pbuf = param->value.sequence->data; - if (!param || (param->type != V_ASN1_SEQUENCE) || - !(pbe = d2i_PBEPARAM (NULL, &pbuf, param->value.sequence->length))) { - EVPerr(PKCS12_F_PKCS12_PBE_KEYIVGEN,EVP_R_DECODE_ERROR); - return 0; - } - - if (!pbe->iter) iter = 1; - else iter = ASN1_INTEGER_get (pbe->iter); - salt = pbe->salt->data; - saltlen = pbe->salt->length; - if (!PKCS12_key_gen (pass, passlen, salt, saltlen, PKCS12_KEY_ID, - iter, EVP_CIPHER_key_length(cipher), key, md)) { - PKCS12err(PKCS12_F_PKCS12_PBE_KEYIVGEN,PKCS12_R_KEY_GEN_ERROR); - PBEPARAM_free(pbe); - return 0; - } - if (!PKCS12_key_gen (pass, passlen, salt, saltlen, PKCS12_IV_ID, - iter, EVP_CIPHER_iv_length(cipher), iv, md)) { - PKCS12err(PKCS12_F_PKCS12_PBE_KEYIVGEN,PKCS12_R_IV_GEN_ERROR); - PBEPARAM_free(pbe); - return 0; - } - PBEPARAM_free(pbe); - EVP_CipherInit(ctx, cipher, key, iv, en_de); - memset(key, 0, EVP_MAX_KEY_LENGTH); - memset(iv, 0, EVP_MAX_IV_LENGTH); - return 1; -} diff --git a/src/lib/libcrypto/pkcs12/p12_crt.c b/src/lib/libcrypto/pkcs12/p12_crt.c deleted file mode 100644 index a8f7b48882..0000000000 --- a/src/lib/libcrypto/pkcs12/p12_crt.c +++ /dev/null @@ -1,164 +0,0 @@ -/* p12_crt.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include "cryptlib.h" -#include - -PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert, - STACK_OF(X509) *ca, int nid_key, int nid_cert, int iter, int mac_iter, - int keytype) -{ - PKCS12 *p12; - STACK_OF(PKCS12_SAFEBAG) *bags; - STACK_OF(PKCS7) *safes; - PKCS12_SAFEBAG *bag; - PKCS8_PRIV_KEY_INFO *p8; - PKCS7 *authsafe; - X509 *tcert; - int i; - unsigned char keyid[EVP_MAX_MD_SIZE]; - unsigned int keyidlen; - - /* Set defaults */ - if(!nid_cert) nid_cert = NID_pbe_WithSHA1And40BitRC2_CBC; - if(!nid_key) nid_key = NID_pbe_WithSHA1And3_Key_TripleDES_CBC; - if(!iter) iter = PKCS12_DEFAULT_ITER; - if(!mac_iter) mac_iter = 1; - - if(!pkey || !cert) { - PKCS12err(PKCS12_F_PKCS12_CREATE,PKCS12_R_INVALID_NULL_ARGUMENT); - return NULL; - } - - if(!X509_check_private_key(cert, pkey)) return NULL; - - if(!(bags = sk_PKCS12_SAFEBAG_new_null ())) { - PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE); - return NULL; - } - - /* Add user certificate */ - if(!(bag = M_PKCS12_x5092certbag(cert))) return NULL; - if(name && !PKCS12_add_friendlyname(bag, name, -1)) return NULL; - X509_digest(cert, EVP_sha1(), keyid, &keyidlen); - if(!PKCS12_add_localkeyid(bag, keyid, keyidlen)) return NULL; - - if(!sk_PKCS12_SAFEBAG_push(bags, bag)) { - PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE); - return NULL; - } - - /* Add all other certificates */ - if(ca) { - for(i = 0; i < sk_X509_num(ca); i++) { - tcert = sk_X509_value(ca, i); - if(!(bag = M_PKCS12_x5092certbag(tcert))) return NULL; - if(!sk_PKCS12_SAFEBAG_push(bags, bag)) { - PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE); - return NULL; - } - } - } - - /* Turn certbags into encrypted authsafe */ - authsafe = PKCS12_pack_p7encdata (nid_cert, pass, -1, NULL, 0, - iter, bags); - sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free); - - if (!authsafe) return NULL; - - if(!(safes = sk_PKCS7_new_null ()) - || !sk_PKCS7_push(safes, authsafe)) { - PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE); - return NULL; - } - - /* Make a shrouded key bag */ - if(!(p8 = EVP_PKEY2PKCS8 (pkey))) return NULL; - if(keytype && !PKCS8_add_keyusage(p8, keytype)) return NULL; - bag = PKCS12_MAKE_SHKEYBAG (nid_key, pass, -1, NULL, 0, iter, p8); - if(!bag) return NULL; - PKCS8_PRIV_KEY_INFO_free(p8); - if (name && !PKCS12_add_friendlyname (bag, name, -1)) return NULL; - if(!PKCS12_add_localkeyid (bag, keyid, keyidlen)) return NULL; - if(!(bags = sk_PKCS12_SAFEBAG_new_null()) - || !sk_PKCS12_SAFEBAG_push (bags, bag)) { - PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE); - return NULL; - } - /* Turn it into unencrypted safe bag */ - if(!(authsafe = PKCS12_pack_p7data (bags))) return NULL; - sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free); - if(!sk_PKCS7_push(safes, authsafe)) { - PKCS12err(PKCS12_F_PKCS12_CREATE,ERR_R_MALLOC_FAILURE); - return NULL; - } - - if(!(p12 = PKCS12_init (NID_pkcs7_data))) return NULL; - - if(!M_PKCS12_pack_authsafes (p12, safes)) return NULL; - - sk_PKCS7_pop_free(safes, PKCS7_free); - - if(!PKCS12_set_mac (p12, pass, -1, NULL, 0, mac_iter, NULL)) - return NULL; - - return p12; - -} diff --git a/src/lib/libcrypto/pkcs12/p12_decr.c b/src/lib/libcrypto/pkcs12/p12_decr.c deleted file mode 100644 index 8cd7e2f414..0000000000 --- a/src/lib/libcrypto/pkcs12/p12_decr.c +++ /dev/null @@ -1,187 +0,0 @@ -/* p12_decr.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include "cryptlib.h" -#include - -/* Define this to dump decrypted output to files called DERnnn */ -/*#define DEBUG_DECRYPT*/ - - -/* Encrypt/Decrypt a buffer based on password and algor, result in a - * OPENSSL_malloc'ed buffer - */ - -unsigned char * PKCS12_pbe_crypt (X509_ALGOR *algor, const char *pass, - int passlen, unsigned char *in, int inlen, unsigned char **data, - int *datalen, int en_de) -{ - unsigned char *out; - int outlen, i; - EVP_CIPHER_CTX ctx; - - /* Decrypt data */ - if (!EVP_PBE_CipherInit (algor->algorithm, pass, passlen, - algor->parameter, &ctx, en_de)) { - PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT,PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR); - return NULL; - } - - if(!(out = OPENSSL_malloc (inlen + EVP_CIPHER_CTX_block_size(&ctx)))) { - PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT,ERR_R_MALLOC_FAILURE); - return NULL; - } - - EVP_CipherUpdate (&ctx, out, &i, in, inlen); - outlen = i; - if(!EVP_CipherFinal (&ctx, out + i, &i)) { - OPENSSL_free (out); - PKCS12err(PKCS12_F_PKCS12_PBE_CRYPT,PKCS12_R_PKCS12_CIPHERFINAL_ERROR); - return NULL; - } - outlen += i; - if (datalen) *datalen = outlen; - if (data) *data = out; - return out; - -} - -/* Decrypt an OCTET STRING and decode ASN1 structure - * if seq & 1 'obj' is a stack of structures to be encoded - * if seq & 2 zero buffer after use - * as a sequence. - */ - -char * PKCS12_decrypt_d2i (X509_ALGOR *algor, char * (*d2i)(), - void (*free_func)(void *), const char *pass, int passlen, - ASN1_OCTET_STRING *oct, int seq) -{ - unsigned char *out, *p; - char *ret; - int outlen; - - if (!PKCS12_pbe_crypt (algor, pass, passlen, oct->data, oct->length, - &out, &outlen, 0)) { - PKCS12err(PKCS12_F_PKCS12_DECRYPT_D2I,PKCS12_R_PKCS12_PBE_CRYPT_ERROR); - return NULL; - } - p = out; -#ifdef DEBUG_DECRYPT - { - FILE *op; - - char fname[30]; - static int fnm = 1; - sprintf(fname, "DER%d", fnm++); - op = fopen(fname, "wb"); - fwrite (p, 1, outlen, op); - fclose(op); - } -#endif - if (seq & 1) ret = (char *) d2i_ASN1_SET(NULL, &p, outlen, d2i, - free_func, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL); - else ret = d2i(NULL, &p, outlen); - if (seq & 2) memset(out, 0, outlen); - if(!ret) PKCS12err(PKCS12_F_PKCS12_DECRYPT_D2I,PKCS12_R_DECODE_ERROR); - OPENSSL_free (out); - return ret; -} - -/* Encode ASN1 structure and encrypt, return OCTET STRING - * if 'seq' is non-zero 'obj' is a stack of structures to be encoded - * as a sequence - */ - -ASN1_OCTET_STRING *PKCS12_i2d_encrypt (X509_ALGOR *algor, int (*i2d)(), - const char *pass, int passlen, - char *obj, int seq) -{ - ASN1_OCTET_STRING *oct; - unsigned char *in, *p; - int inlen; - if (!(oct = M_ASN1_OCTET_STRING_new ())) { - PKCS12err(PKCS12_F_PKCS12_I2D_ENCRYPT,ERR_R_MALLOC_FAILURE); - return NULL; - } - if (seq) inlen = i2d_ASN1_SET((STACK *)obj, NULL, i2d, V_ASN1_SEQUENCE, - V_ASN1_UNIVERSAL, IS_SEQUENCE); - else inlen = i2d (obj, NULL); - if (!inlen) { - PKCS12err(PKCS12_F_PKCS12_I2D_ENCRYPT,PKCS12_R_ENCODE_ERROR); - return NULL; - } - if (!(in = OPENSSL_malloc (inlen))) { - PKCS12err(PKCS12_F_PKCS12_I2D_ENCRYPT,ERR_R_MALLOC_FAILURE); - return NULL; - } - p = in; - if (seq) i2d_ASN1_SET((STACK *)obj, &p, i2d, V_ASN1_SEQUENCE, - V_ASN1_UNIVERSAL, IS_SEQUENCE); - else i2d (obj, &p); - if (!PKCS12_pbe_crypt (algor, pass, passlen, in, inlen, &oct->data, - &oct->length, 1)) { - PKCS12err(PKCS12_F_PKCS12_I2D_ENCRYPT,PKCS12_R_ENCRYPT_ERROR); - OPENSSL_free(in); - return NULL; - } - OPENSSL_free (in); - return oct; -} - -IMPLEMENT_PKCS12_STACK_OF(PKCS7) diff --git a/src/lib/libcrypto/pkcs12/p12_init.c b/src/lib/libcrypto/pkcs12/p12_init.c deleted file mode 100644 index d5d4884c82..0000000000 --- a/src/lib/libcrypto/pkcs12/p12_init.c +++ /dev/null @@ -1,98 +0,0 @@ -/* p12_init.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include "cryptlib.h" -#include - -/* Initialise a PKCS12 structure to take data */ - -PKCS12 *PKCS12_init (int mode) -{ - PKCS12 *pkcs12; - if (!(pkcs12 = PKCS12_new())) { - PKCS12err(PKCS12_F_PKCS12_INIT,ERR_R_MALLOC_FAILURE); - return NULL; - } - if (!(pkcs12->version = M_ASN1_INTEGER_new ())) { - PKCS12err(PKCS12_F_PKCS12_INIT,ERR_R_MALLOC_FAILURE); - return NULL; - } - ASN1_INTEGER_set(pkcs12->version, 3); - if (!(pkcs12->authsafes = PKCS7_new())) { - PKCS12err(PKCS12_F_PKCS12_INIT,ERR_R_MALLOC_FAILURE); - return NULL; - } - pkcs12->authsafes->type = OBJ_nid2obj(mode); - switch (mode) { - case NID_pkcs7_data: - if (!(pkcs12->authsafes->d.data = - M_ASN1_OCTET_STRING_new())) { - PKCS12err(PKCS12_F_PKCS12_INIT,ERR_R_MALLOC_FAILURE); - return NULL; - } - break; - default: - PKCS12err(PKCS12_F_PKCS12_INIT,PKCS12_R_UNSUPPORTED_PKCS12_MODE); - PKCS12_free(pkcs12); - return NULL; - break; - } - - return pkcs12; -} diff --git a/src/lib/libcrypto/pkcs12/p12_key.c b/src/lib/libcrypto/pkcs12/p12_key.c deleted file mode 100644 index b042dcf05c..0000000000 --- a/src/lib/libcrypto/pkcs12/p12_key.c +++ /dev/null @@ -1,197 +0,0 @@ -/* p12_key.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include "cryptlib.h" -#include - - -/* Uncomment out this line to get debugging info about key generation */ -/*#define DEBUG_KEYGEN*/ -#ifdef DEBUG_KEYGEN -#include -extern BIO *bio_err; -void h__dump (unsigned char *p, int len); -#endif - -/* PKCS12 compatible key/IV generation */ -#ifndef min -#define min(a,b) ((a) < (b) ? (a) : (b)) -#endif - -int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt, - int saltlen, int id, int iter, int n, unsigned char *out, - const EVP_MD *md_type) -{ - int ret; - unsigned char *unipass; - int uniplen; - if(!pass) { - unipass = NULL; - uniplen = 0; - } else if (!asc2uni(pass, &unipass, &uniplen)) { - PKCS12err(PKCS12_F_PKCS12_KEY_GEN_ASC,ERR_R_MALLOC_FAILURE); - return 0; - } - ret = PKCS12_key_gen_uni(unipass, uniplen, salt, saltlen, - id, iter, n, out, md_type); - if(unipass) { - memset(unipass, 0, uniplen); /* Clear password from memory */ - OPENSSL_free(unipass); - } - return ret; -} - -int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt, - int saltlen, int id, int iter, int n, unsigned char *out, - const EVP_MD *md_type) -{ - unsigned char *B, *D, *I, *p, *Ai; - int Slen, Plen, Ilen; - int i, j, u, v; - BIGNUM *Ij, *Bpl1; /* These hold Ij and B + 1 */ - EVP_MD_CTX ctx; -#ifdef DEBUG_KEYGEN - unsigned char *tmpout = out; - int tmpn = n; -#endif - -#if 0 - if (!pass) { - PKCS12err(PKCS12_F_PKCS12_KEY_GEN_UNI,ERR_R_PASSED_NULL_PARAMETER); - return 0; - } -#endif - -#ifdef DEBUG_KEYGEN - fprintf(stderr, "KEYGEN DEBUG\n"); - fprintf(stderr, "ID %d, ITER %d\n", id, iter); - fprintf(stderr, "Password (length %d):\n", passlen); - h__dump(pass, passlen); - fprintf(stderr, "Salt (length %d):\n", saltlen); - h__dump(salt, saltlen); -#endif - v = EVP_MD_block_size (md_type); - u = EVP_MD_size (md_type); - D = OPENSSL_malloc (v); - Ai = OPENSSL_malloc (u); - B = OPENSSL_malloc (v + 1); - Slen = v * ((saltlen+v-1)/v); - if(passlen) Plen = v * ((passlen+v-1)/v); - else Plen = 0; - Ilen = Slen + Plen; - I = OPENSSL_malloc (Ilen); - Ij = BN_new(); - Bpl1 = BN_new(); - if (!D || !Ai || !B || !I || !Ij || !Bpl1) { - PKCS12err(PKCS12_F_PKCS12_KEY_GEN_UNI,ERR_R_MALLOC_FAILURE); - return 0; - } - for (i = 0; i < v; i++) D[i] = id; - p = I; - for (i = 0; i < Slen; i++) *p++ = salt[i % saltlen]; - for (i = 0; i < Plen; i++) *p++ = pass[i % passlen]; - for (;;) { - EVP_DigestInit (&ctx, md_type); - EVP_DigestUpdate (&ctx, D, v); - EVP_DigestUpdate (&ctx, I, Ilen); - EVP_DigestFinal (&ctx, Ai, NULL); - for (j = 1; j < iter; j++) { - EVP_DigestInit (&ctx, md_type); - EVP_DigestUpdate (&ctx, Ai, u); - EVP_DigestFinal (&ctx, Ai, NULL); - } - memcpy (out, Ai, min (n, u)); - if (u >= n) { - OPENSSL_free (Ai); - OPENSSL_free (B); - OPENSSL_free (D); - OPENSSL_free (I); - BN_free (Ij); - BN_free (Bpl1); -#ifdef DEBUG_KEYGEN - fprintf(stderr, "Output KEY (length %d)\n", tmpn); - h__dump(tmpout, tmpn); -#endif - return 1; - } - n -= u; - out += u; - for (j = 0; j < v; j++) B[j] = Ai[j % u]; - /* Work out B + 1 first then can use B as tmp space */ - BN_bin2bn (B, v, Bpl1); - BN_add_word (Bpl1, 1); - for (j = 0; j < Ilen ; j+=v) { - BN_bin2bn (I + j, v, Ij); - BN_add (Ij, Ij, Bpl1); - BN_bn2bin (Ij, B); - /* If more than 2^(v*8) - 1 cut off MSB */ - if (BN_num_bytes (Ij) > v) { - BN_bn2bin (Ij, B); - memcpy (I + j, B + 1, v); - } else BN_bn2bin (Ij, I + j); - } - } -} -#ifdef DEBUG_KEYGEN -void h__dump (unsigned char *p, int len) -{ - for (; len --; p++) fprintf(stderr, "%02X", *p); - fprintf(stderr, "\n"); -} -#endif diff --git a/src/lib/libcrypto/pkcs12/p12_kiss.c b/src/lib/libcrypto/pkcs12/p12_kiss.c deleted file mode 100644 index 1fbbd6c99f..0000000000 --- a/src/lib/libcrypto/pkcs12/p12_kiss.c +++ /dev/null @@ -1,284 +0,0 @@ -/* p12_kiss.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include "cryptlib.h" -#include - -/* Simplified PKCS#12 routines */ - -static int parse_pk12( PKCS12 *p12, const char *pass, int passlen, - EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca); - -static int parse_bags( STACK_OF(PKCS12_SAFEBAG) *bags, const char *pass, - int passlen, EVP_PKEY **pkey, X509 **cert, - STACK_OF(X509) **ca, ASN1_OCTET_STRING **keyid, - char *keymatch); - -static int parse_bag( PKCS12_SAFEBAG *bag, const char *pass, int passlen, - EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca, - ASN1_OCTET_STRING **keyid, char *keymatch); - -/* Parse and decrypt a PKCS#12 structure returning user key, user cert - * and other (CA) certs. Note either ca should be NULL, *ca should be NULL, - * or it should point to a valid STACK structure. pkey and cert can be - * passed unitialised. - */ - -int PKCS12_parse (PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, - STACK_OF(X509) **ca) -{ - - /* Check for NULL PKCS12 structure */ - - if(!p12) { - PKCS12err(PKCS12_F_PKCS12_PARSE,PKCS12_R_INVALID_NULL_PKCS12_POINTER); - return 0; - } - - /* Allocate stack for ca certificates if needed */ - if ((ca != NULL) && (*ca == NULL)) { - if (!(*ca = sk_X509_new_null())) { - PKCS12err(PKCS12_F_PKCS12_PARSE,ERR_R_MALLOC_FAILURE); - return 0; - } - } - - if(pkey) *pkey = NULL; - if(cert) *cert = NULL; - - /* Check the mac */ - - /* If password is zero length or NULL then try verifying both cases - * to determine which password is correct. The reason for this is that - * under PKCS#12 password based encryption no password and a zero length - * password are two different things... - */ - - if(!pass || !*pass) { - if(PKCS12_verify_mac(p12, NULL, 0)) pass = NULL; - else if(PKCS12_verify_mac(p12, "", 0)) pass = ""; - else { - PKCS12err(PKCS12_F_PKCS12_PARSE,PKCS12_R_MAC_VERIFY_FAILURE); - goto err; - } - } else if (!PKCS12_verify_mac(p12, pass, -1)) { - PKCS12err(PKCS12_F_PKCS12_PARSE,PKCS12_R_MAC_VERIFY_FAILURE); - goto err; - } - - if (!parse_pk12 (p12, pass, -1, pkey, cert, ca)) - { - PKCS12err(PKCS12_F_PKCS12_PARSE,PKCS12_R_PARSE_ERROR); - goto err; - } - - return 1; - - err: - - if (pkey && *pkey) EVP_PKEY_free(*pkey); - if (cert && *cert) X509_free(*cert); - if (ca) sk_X509_pop_free(*ca, X509_free); - return 0; - -} - -/* Parse the outer PKCS#12 structure */ - -static int parse_pk12 (PKCS12 *p12, const char *pass, int passlen, - EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca) -{ - STACK_OF(PKCS7) *asafes; - STACK_OF(PKCS12_SAFEBAG) *bags; - int i, bagnid; - PKCS7 *p7; - ASN1_OCTET_STRING *keyid = NULL; - - char keymatch = 0; - if (!( asafes = M_PKCS12_unpack_authsafes (p12))) return 0; - for (i = 0; i < sk_PKCS7_num (asafes); i++) { - p7 = sk_PKCS7_value (asafes, i); - bagnid = OBJ_obj2nid (p7->type); - if (bagnid == NID_pkcs7_data) { - bags = M_PKCS12_unpack_p7data(p7); - } else if (bagnid == NID_pkcs7_encrypted) { - bags = M_PKCS12_unpack_p7encdata(p7, pass, passlen); - } else continue; - if (!bags) { - sk_PKCS7_pop_free(asafes, PKCS7_free); - return 0; - } - if (!parse_bags(bags, pass, passlen, pkey, cert, ca, - &keyid, &keymatch)) { - sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free); - sk_PKCS7_pop_free(asafes, PKCS7_free); - return 0; - } - sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free); - } - sk_PKCS7_pop_free(asafes, PKCS7_free); - if (keyid) M_ASN1_OCTET_STRING_free(keyid); - return 1; -} - - -static int parse_bags (STACK_OF(PKCS12_SAFEBAG) *bags, const char *pass, - int passlen, EVP_PKEY **pkey, X509 **cert, - STACK_OF(X509) **ca, ASN1_OCTET_STRING **keyid, - char *keymatch) -{ - int i; - for (i = 0; i < sk_PKCS12_SAFEBAG_num(bags); i++) { - if (!parse_bag(sk_PKCS12_SAFEBAG_value (bags, i), - pass, passlen, pkey, cert, ca, keyid, - keymatch)) return 0; - } - return 1; -} - -#define MATCH_KEY 0x1 -#define MATCH_CERT 0x2 -#define MATCH_ALL 0x3 - -static int parse_bag(PKCS12_SAFEBAG *bag, const char *pass, int passlen, - EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca, - ASN1_OCTET_STRING **keyid, - char *keymatch) -{ - PKCS8_PRIV_KEY_INFO *p8; - X509 *x509; - ASN1_OCTET_STRING *lkey = NULL, *ckid = NULL; - ASN1_TYPE *attrib; - ASN1_BMPSTRING *fname = NULL; - - if ((attrib = PKCS12_get_attr (bag, NID_friendlyName))) - fname = attrib->value.bmpstring; - - if ((attrib = PKCS12_get_attr (bag, NID_localKeyID))) { - lkey = attrib->value.octet_string; - ckid = lkey; - } - - /* Check for any local key id matching (if needed) */ - if (lkey && ((*keymatch & MATCH_ALL) != MATCH_ALL)) { - if (*keyid) { - if (M_ASN1_OCTET_STRING_cmp(*keyid, lkey)) lkey = NULL; - } else { - if (!(*keyid = M_ASN1_OCTET_STRING_dup(lkey))) { - PKCS12err(PKCS12_F_PARSE_BAGS,ERR_R_MALLOC_FAILURE); - return 0; - } - } - } - - switch (M_PKCS12_bag_type(bag)) - { - case NID_keyBag: - if (!lkey || !pkey) return 1; - if (!(*pkey = EVP_PKCS82PKEY(bag->value.keybag))) return 0; - *keymatch |= MATCH_KEY; - break; - - case NID_pkcs8ShroudedKeyBag: - if (!lkey || !pkey) return 1; - if (!(p8 = M_PKCS12_decrypt_skey(bag, pass, passlen))) - return 0; - *pkey = EVP_PKCS82PKEY(p8); - PKCS8_PRIV_KEY_INFO_free(p8); - if (!(*pkey)) return 0; - *keymatch |= MATCH_KEY; - break; - - case NID_certBag: - if (M_PKCS12_cert_bag_type(bag) != NID_x509Certificate ) - return 1; - if (!(x509 = M_PKCS12_certbag2x509(bag))) return 0; - if(ckid) X509_keyid_set1(x509, ckid->data, ckid->length); - if(fname) { - int len; - unsigned char *data; - len = ASN1_STRING_to_UTF8(&data, fname); - if(len > 0) { - X509_alias_set1(x509, data, len); - OPENSSL_free(data); - } - } - - - if (lkey) { - *keymatch |= MATCH_CERT; - if (cert) *cert = x509; - } else { - if(ca) sk_X509_push (*ca, x509); - else X509_free(x509); - } - break; - - case NID_safeContentsBag: - return parse_bags(bag->value.safes, pass, passlen, - pkey, cert, ca, keyid, keymatch); - break; - - default: - return 1; - break; - } - return 1; -} - diff --git a/src/lib/libcrypto/pkcs12/p12_mutl.c b/src/lib/libcrypto/pkcs12/p12_mutl.c deleted file mode 100644 index 13d866da51..0000000000 --- a/src/lib/libcrypto/pkcs12/p12_mutl.c +++ /dev/null @@ -1,170 +0,0 @@ -/* p12_mutl.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef NO_HMAC -#include -#include "cryptlib.h" -#include -#include -#include - -/* Generate a MAC */ -int PKCS12_gen_mac (PKCS12 *p12, const char *pass, int passlen, - unsigned char *mac, unsigned int *maclen) -{ - const EVP_MD *md_type; - HMAC_CTX hmac; - unsigned char key[PKCS12_MAC_KEY_LENGTH], *salt; - int saltlen, iter; - salt = p12->mac->salt->data; - saltlen = p12->mac->salt->length; - if (!p12->mac->iter) iter = 1; - else iter = ASN1_INTEGER_get (p12->mac->iter); - if(!(md_type = - EVP_get_digestbyobj (p12->mac->dinfo->algor->algorithm))) { - PKCS12err(PKCS12_F_PKCS12_GEN_MAC,PKCS12_R_UNKNOWN_DIGEST_ALGORITHM); - return 0; - } - if(!PKCS12_key_gen (pass, passlen, salt, saltlen, PKCS12_MAC_ID, iter, - PKCS12_MAC_KEY_LENGTH, key, md_type)) { - PKCS12err(PKCS12_F_PKCS12_GEN_MAC,PKCS12_R_KEY_GEN_ERROR); - return 0; - } - HMAC_Init (&hmac, key, PKCS12_MAC_KEY_LENGTH, md_type); - HMAC_Update (&hmac, p12->authsafes->d.data->data, - p12->authsafes->d.data->length); - HMAC_Final (&hmac, mac, maclen); - return 1; -} - -/* Verify the mac */ -int PKCS12_verify_mac (PKCS12 *p12, const char *pass, int passlen) -{ - unsigned char mac[EVP_MAX_MD_SIZE]; - unsigned int maclen; - if(p12->mac == NULL) { - PKCS12err(PKCS12_F_VERIFY_MAC,PKCS12_R_MAC_ABSENT); - return 0; - } - if (!PKCS12_gen_mac (p12, pass, passlen, mac, &maclen)) { - PKCS12err(PKCS12_F_VERIFY_MAC,PKCS12_R_MAC_GENERATION_ERROR); - return 0; - } - if ((maclen != (unsigned int)p12->mac->dinfo->digest->length) - || memcmp (mac, p12->mac->dinfo->digest->data, maclen)) return 0; - return 1; -} - -/* Set a mac */ - -int PKCS12_set_mac (PKCS12 *p12, const char *pass, int passlen, - unsigned char *salt, int saltlen, int iter, EVP_MD *md_type) -{ - unsigned char mac[EVP_MAX_MD_SIZE]; - unsigned int maclen; - - if (!md_type) md_type = EVP_sha1(); - if (PKCS12_setup_mac (p12, iter, salt, saltlen, md_type) == - PKCS12_ERROR) { - PKCS12err(PKCS12_F_PKCS12_SET_MAC,PKCS12_R_MAC_SETUP_ERROR); - return 0; - } - if (!PKCS12_gen_mac (p12, pass, passlen, mac, &maclen)) { - PKCS12err(PKCS12_F_PKCS12_SET_MAC,PKCS12_R_MAC_GENERATION_ERROR); - return 0; - } - if (!(M_ASN1_OCTET_STRING_set (p12->mac->dinfo->digest, mac, maclen))) { - PKCS12err(PKCS12_F_PKCS12_SET_MAC,PKCS12_R_MAC_STRING_SET_ERROR); - return 0; - } - return 1; -} - -/* Set up a mac structure */ -int PKCS12_setup_mac (PKCS12 *p12, int iter, unsigned char *salt, int saltlen, - EVP_MD *md_type) -{ - if (!(p12->mac = PKCS12_MAC_DATA_new())) return PKCS12_ERROR; - if (iter > 1) { - if(!(p12->mac->iter = M_ASN1_INTEGER_new())) { - PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE); - return 0; - } - ASN1_INTEGER_set(p12->mac->iter, iter); - } - if (!saltlen) saltlen = PKCS12_SALT_LEN; - p12->mac->salt->length = saltlen; - if (!(p12->mac->salt->data = OPENSSL_malloc (saltlen))) { - PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE); - return 0; - } - if (!salt) { - if (RAND_pseudo_bytes (p12->mac->salt->data, saltlen) < 0) - return 0; - } - else memcpy (p12->mac->salt->data, salt, saltlen); - p12->mac->dinfo->algor->algorithm = OBJ_nid2obj(EVP_MD_type(md_type)); - if (!(p12->mac->dinfo->algor->parameter = ASN1_TYPE_new())) { - PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE); - return 0; - } - p12->mac->dinfo->algor->parameter->type = V_ASN1_NULL; - - return 1; -} -#endif diff --git a/src/lib/libcrypto/pkcs12/p12_npas.c b/src/lib/libcrypto/pkcs12/p12_npas.c deleted file mode 100644 index 84e31a7f21..0000000000 --- a/src/lib/libcrypto/pkcs12/p12_npas.c +++ /dev/null @@ -1,217 +0,0 @@ -/* p12_npas.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include -#include -#include -#include - -/* PKCS#12 password change routine */ - -static int newpass_p12(PKCS12 *p12, char *oldpass, char *newpass); -static int newpass_bags(STACK_OF(PKCS12_SAFEBAG) *bags, char *oldpass, - char *newpass); -static int newpass_bag(PKCS12_SAFEBAG *bag, char *oldpass, char *newpass); -static int alg_get(X509_ALGOR *alg, int *pnid, int *piter, int *psaltlen); - -/* - * Change the password on a PKCS#12 structure. - */ - -int PKCS12_newpass(PKCS12 *p12, char *oldpass, char *newpass) -{ - -/* Check for NULL PKCS12 structure */ - -if(!p12) { - PKCS12err(PKCS12_F_PKCS12_NEWPASS,PKCS12_R_INVALID_NULL_PKCS12_POINTER); - return 0; -} - -/* Check the mac */ - -if (!PKCS12_verify_mac(p12, oldpass, -1)) { - PKCS12err(PKCS12_F_PKCS12_NEWPASS,PKCS12_R_MAC_VERIFY_FAILURE); - return 0; -} - -if (!newpass_p12(p12, oldpass, newpass)) { - PKCS12err(PKCS12_F_PKCS12_NEWPASS,PKCS12_R_PARSE_ERROR); - return 0; -} - -return 1; - -} - -/* Parse the outer PKCS#12 structure */ - -static int newpass_p12(PKCS12 *p12, char *oldpass, char *newpass) -{ - STACK_OF(PKCS7) *asafes, *newsafes; - STACK_OF(PKCS12_SAFEBAG) *bags; - int i, bagnid, pbe_nid, pbe_iter, pbe_saltlen; - PKCS7 *p7, *p7new; - ASN1_OCTET_STRING *p12_data_tmp = NULL, *macnew = NULL; - unsigned char mac[EVP_MAX_MD_SIZE]; - unsigned int maclen; - - if (!(asafes = M_PKCS12_unpack_authsafes(p12))) return 0; - if(!(newsafes = sk_PKCS7_new_null())) return 0; - for (i = 0; i < sk_PKCS7_num (asafes); i++) { - p7 = sk_PKCS7_value(asafes, i); - bagnid = OBJ_obj2nid(p7->type); - if (bagnid == NID_pkcs7_data) { - bags = M_PKCS12_unpack_p7data(p7); - } else if (bagnid == NID_pkcs7_encrypted) { - bags = M_PKCS12_unpack_p7encdata(p7, oldpass, -1); - alg_get(p7->d.encrypted->enc_data->algorithm, - &pbe_nid, &pbe_iter, &pbe_saltlen); - } else continue; - if (!bags) { - sk_PKCS7_pop_free(asafes, PKCS7_free); - return 0; - } - if (!newpass_bags(bags, oldpass, newpass)) { - sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free); - sk_PKCS7_pop_free(asafes, PKCS7_free); - return 0; - } - /* Repack bag in same form with new password */ - if (bagnid == NID_pkcs7_data) p7new = PKCS12_pack_p7data(bags); - else p7new = PKCS12_pack_p7encdata(pbe_nid, newpass, -1, NULL, - pbe_saltlen, pbe_iter, bags); - sk_PKCS12_SAFEBAG_pop_free(bags, PKCS12_SAFEBAG_free); - if(!p7new) { - sk_PKCS7_pop_free(asafes, PKCS7_free); - return 0; - } - sk_PKCS7_push(newsafes, p7new); - } - sk_PKCS7_pop_free(asafes, PKCS7_free); - - /* Repack safe: save old safe in case of error */ - - p12_data_tmp = p12->authsafes->d.data; - if(!(p12->authsafes->d.data = ASN1_OCTET_STRING_new())) goto saferr; - if(!M_PKCS12_pack_authsafes(p12, newsafes)) goto saferr; - - if(!PKCS12_gen_mac(p12, newpass, -1, mac, &maclen)) goto saferr; - if(!(macnew = ASN1_OCTET_STRING_new())) goto saferr; - if(!ASN1_OCTET_STRING_set(macnew, mac, maclen)) goto saferr; - ASN1_OCTET_STRING_free(p12->mac->dinfo->digest); - p12->mac->dinfo->digest = macnew; - ASN1_OCTET_STRING_free(p12_data_tmp); - - return 1; - - saferr: - /* Restore old safe */ - ASN1_OCTET_STRING_free(p12->authsafes->d.data); - ASN1_OCTET_STRING_free(macnew); - p12->authsafes->d.data = p12_data_tmp; - return 0; - -} - - -static int newpass_bags(STACK_OF(PKCS12_SAFEBAG) *bags, char *oldpass, - char *newpass) -{ - int i; - for (i = 0; i < sk_PKCS12_SAFEBAG_num(bags); i++) { - if (!newpass_bag(sk_PKCS12_SAFEBAG_value(bags, i), - oldpass, newpass)) - return 0; - } - return 1; -} - -/* Change password of safebag: only needs handle shrouded keybags */ - -static int newpass_bag(PKCS12_SAFEBAG *bag, char *oldpass, char *newpass) -{ - PKCS8_PRIV_KEY_INFO *p8; - X509_SIG *p8new; - int p8_nid, p8_saltlen, p8_iter; - - if(M_PKCS12_bag_type(bag) != NID_pkcs8ShroudedKeyBag) return 1; - - if (!(p8 = M_PKCS12_decrypt_skey(bag, oldpass, -1))) return 0; - alg_get(bag->value.shkeybag->algor, &p8_nid, &p8_iter, &p8_saltlen); - if(!(p8new = PKCS8_encrypt(p8_nid, NULL, newpass, -1, NULL, p8_saltlen, - p8_iter, p8))) return 0; - X509_SIG_free(bag->value.shkeybag); - bag->value.shkeybag = p8new; - return 1; -} - -static int alg_get(X509_ALGOR *alg, int *pnid, int *piter, int *psaltlen) -{ - PBEPARAM *pbe; - unsigned char *p; - p = alg->parameter->value.sequence->data; - pbe = d2i_PBEPARAM(NULL, &p, alg->parameter->value.sequence->length); - *pnid = OBJ_obj2nid(alg->algorithm); - *piter = ASN1_INTEGER_get(pbe->iter); - *psaltlen = pbe->salt->length; - PBEPARAM_free(pbe); - return 0; -} diff --git a/src/lib/libcrypto/pkcs12/p12_utl.c b/src/lib/libcrypto/pkcs12/p12_utl.c deleted file mode 100644 index 17f41b4549..0000000000 --- a/src/lib/libcrypto/pkcs12/p12_utl.c +++ /dev/null @@ -1,118 +0,0 @@ -/* p12_utl.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include "cryptlib.h" -#include - -/* Cheap and nasty Unicode stuff */ - -unsigned char *asc2uni (const char *asc, unsigned char **uni, int *unilen) -{ - int ulen, i; - unsigned char *unitmp; - ulen = strlen(asc)*2 + 2; - if (!(unitmp = OPENSSL_malloc (ulen))) return NULL; - for (i = 0; i < ulen; i+=2) { - unitmp[i] = 0; - unitmp[i + 1] = asc[i>>1]; - } - if (unilen) *unilen = ulen; - if (uni) *uni = unitmp; - return unitmp; -} - -char *uni2asc (unsigned char *uni, int unilen) -{ - int asclen, i; - char *asctmp; - asclen = unilen / 2; - /* If no terminating zero allow for one */ - if (uni[unilen - 1]) asclen++; - uni++; - if (!(asctmp = OPENSSL_malloc (asclen))) return NULL; - for (i = 0; i < unilen; i+=2) asctmp[i>>1] = uni[i]; - asctmp[asclen - 1] = 0; - return asctmp; -} - -int i2d_PKCS12_bio(BIO *bp, PKCS12 *p12) -{ - return ASN1_i2d_bio((int(*)())i2d_PKCS12, bp, (unsigned char *)p12); -} - -#ifndef NO_FP_API -int i2d_PKCS12_fp(FILE *fp, PKCS12 *p12) -{ - return ASN1_i2d_fp((int(*)())i2d_PKCS12, fp, (unsigned char *)p12); -} -#endif - -PKCS12 *d2i_PKCS12_bio(BIO *bp, PKCS12 **p12) -{ - return (PKCS12 *)ASN1_d2i_bio((char *(*)())PKCS12_new, - (char *(*)())d2i_PKCS12, bp, (unsigned char **)p12); -} -#ifndef NO_FP_API -PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **p12) -{ - return (PKCS12 *)ASN1_d2i_fp((char *(*)())PKCS12_new, - (char *(*)())d2i_PKCS12, fp, (unsigned char **)(p12)); -} -#endif - diff --git a/src/lib/libcrypto/pkcs12/pk12err.c b/src/lib/libcrypto/pkcs12/pk12err.c deleted file mode 100644 index 12db54f49e..0000000000 --- a/src/lib/libcrypto/pkcs12/pk12err.c +++ /dev/null @@ -1,139 +0,0 @@ -/* crypto/pkcs12/pk12err.c */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* NOTE: this file was auto generated by the mkerr.pl script: any changes - * made to it will be overwritten when the script next updates this file, - * only reason strings will be preserved. - */ - -#include -#include -#include - -/* BEGIN ERROR CODES */ -#ifndef NO_ERR -static ERR_STRING_DATA PKCS12_str_functs[]= - { -{ERR_PACK(0,PKCS12_F_PARSE_BAGS,0), "PARSE_BAGS"}, -{ERR_PACK(0,PKCS12_F_PKCS12_ADD_FRIENDLYNAME,0), "PKCS12_ADD_FRIENDLYNAME"}, -{ERR_PACK(0,PKCS12_F_PKCS12_ADD_FRIENDLYNAME_ASC,0), "PKCS12_add_friendlyname_asc"}, -{ERR_PACK(0,PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI,0), "PKCS12_add_friendlyname_uni"}, -{ERR_PACK(0,PKCS12_F_PKCS12_ADD_LOCALKEYID,0), "PKCS12_add_localkeyid"}, -{ERR_PACK(0,PKCS12_F_PKCS12_CREATE,0), "PKCS12_create"}, -{ERR_PACK(0,PKCS12_F_PKCS12_DECRYPT_D2I,0), "PKCS12_decrypt_d2i"}, -{ERR_PACK(0,PKCS12_F_PKCS12_GEN_MAC,0), "PKCS12_gen_mac"}, -{ERR_PACK(0,PKCS12_F_PKCS12_I2D_ENCRYPT,0), "PKCS12_i2d_encrypt"}, -{ERR_PACK(0,PKCS12_F_PKCS12_INIT,0), "PKCS12_init"}, -{ERR_PACK(0,PKCS12_F_PKCS12_KEY_GEN_ASC,0), "PKCS12_key_gen_asc"}, -{ERR_PACK(0,PKCS12_F_PKCS12_KEY_GEN_UNI,0), "PKCS12_key_gen_uni"}, -{ERR_PACK(0,PKCS12_F_PKCS12_MAKE_KEYBAG,0), "PKCS12_MAKE_KEYBAG"}, -{ERR_PACK(0,PKCS12_F_PKCS12_MAKE_SHKEYBAG,0), "PKCS12_MAKE_SHKEYBAG"}, -{ERR_PACK(0,PKCS12_F_PKCS12_NEWPASS,0), "PKCS12_newpass"}, -{ERR_PACK(0,PKCS12_F_PKCS12_PACK_P7DATA,0), "PKCS12_pack_p7data"}, -{ERR_PACK(0,PKCS12_F_PKCS12_PACK_P7ENCDATA,0), "PKCS12_pack_p7encdata"}, -{ERR_PACK(0,PKCS12_F_PKCS12_PACK_SAFEBAG,0), "PKCS12_pack_safebag"}, -{ERR_PACK(0,PKCS12_F_PKCS12_PARSE,0), "PKCS12_parse"}, -{ERR_PACK(0,PKCS12_F_PKCS12_PBE_CRYPT,0), "PKCS12_pbe_crypt"}, -{ERR_PACK(0,PKCS12_F_PKCS12_PBE_KEYIVGEN,0), "PKCS12_PBE_keyivgen"}, -{ERR_PACK(0,PKCS12_F_PKCS12_SETUP_MAC,0), "PKCS12_setup_mac"}, -{ERR_PACK(0,PKCS12_F_PKCS12_SET_MAC,0), "PKCS12_set_mac"}, -{ERR_PACK(0,PKCS12_F_PKCS8_ADD_KEYUSAGE,0), "PKCS8_add_keyusage"}, -{ERR_PACK(0,PKCS12_F_PKCS8_ENCRYPT,0), "PKCS8_encrypt"}, -{ERR_PACK(0,PKCS12_F_VERIFY_MAC,0), "VERIFY_MAC"}, -{0,NULL} - }; - -static ERR_STRING_DATA PKCS12_str_reasons[]= - { -{PKCS12_R_CANT_PACK_STRUCTURE ,"cant pack structure"}, -{PKCS12_R_DECODE_ERROR ,"decode error"}, -{PKCS12_R_ENCODE_ERROR ,"encode error"}, -{PKCS12_R_ENCRYPT_ERROR ,"encrypt error"}, -{PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE,"error setting encrypted data type"}, -{PKCS12_R_INVALID_NULL_ARGUMENT ,"invalid null argument"}, -{PKCS12_R_INVALID_NULL_PKCS12_POINTER ,"invalid null pkcs12 pointer"}, -{PKCS12_R_IV_GEN_ERROR ,"iv gen error"}, -{PKCS12_R_KEY_GEN_ERROR ,"key gen error"}, -{PKCS12_R_MAC_ABSENT ,"mac absent"}, -{PKCS12_R_MAC_GENERATION_ERROR ,"mac generation error"}, -{PKCS12_R_MAC_SETUP_ERROR ,"mac setup error"}, -{PKCS12_R_MAC_STRING_SET_ERROR ,"mac string set error"}, -{PKCS12_R_MAC_VERIFY_ERROR ,"mac verify error"}, -{PKCS12_R_MAC_VERIFY_FAILURE ,"mac verify failure"}, -{PKCS12_R_PARSE_ERROR ,"parse error"}, -{PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR ,"pkcs12 algor cipherinit error"}, -{PKCS12_R_PKCS12_CIPHERFINAL_ERROR ,"pkcs12 cipherfinal error"}, -{PKCS12_R_PKCS12_PBE_CRYPT_ERROR ,"pkcs12 pbe crypt error"}, -{PKCS12_R_UNKNOWN_DIGEST_ALGORITHM ,"unknown digest algorithm"}, -{PKCS12_R_UNSUPPORTED_PKCS12_MODE ,"unsupported pkcs12 mode"}, -{0,NULL} - }; - -#endif - -void ERR_load_PKCS12_strings(void) - { - static int init=1; - - if (init) - { - init=0; -#ifndef NO_ERR - ERR_load_strings(ERR_LIB_PKCS12,PKCS12_str_functs); - ERR_load_strings(ERR_LIB_PKCS12,PKCS12_str_reasons); -#endif - - } - } diff --git a/src/lib/libcrypto/pkcs12/pkcs12.h b/src/lib/libcrypto/pkcs12/pkcs12.h deleted file mode 100644 index 502fceff95..0000000000 --- a/src/lib/libcrypto/pkcs12/pkcs12.h +++ /dev/null @@ -1,345 +0,0 @@ -/* pkcs12.h */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_PKCS12_H -#define HEADER_PKCS12_H - -#include -#include - -#ifdef __cplusplus -extern "C" { -#endif - -#define PKCS12_KEY_ID 1 -#define PKCS12_IV_ID 2 -#define PKCS12_MAC_ID 3 - -/* Default iteration count */ -#ifndef PKCS12_DEFAULT_ITER -#define PKCS12_DEFAULT_ITER PKCS5_DEFAULT_ITER -#endif - -#define PKCS12_MAC_KEY_LENGTH 20 - -#define PKCS12_SALT_LEN 8 - -/* Uncomment out next line for unicode password and names, otherwise ASCII */ - -/*#define PBE_UNICODE*/ - -#ifdef PBE_UNICODE -#define PKCS12_key_gen PKCS12_key_gen_uni -#define PKCS12_add_friendlyname PKCS12_add_friendlyname_uni -#else -#define PKCS12_key_gen PKCS12_key_gen_asc -#define PKCS12_add_friendlyname PKCS12_add_friendlyname_asc -#endif - -/* MS key usage constants */ - -#define KEY_EX 0x10 -#define KEY_SIG 0x80 - -typedef struct { -X509_SIG *dinfo; -ASN1_OCTET_STRING *salt; -ASN1_INTEGER *iter; /* defaults to 1 */ -} PKCS12_MAC_DATA; - -typedef struct { -ASN1_INTEGER *version; -PKCS12_MAC_DATA *mac; -PKCS7 *authsafes; -} PKCS12; - -PREDECLARE_STACK_OF(PKCS12_SAFEBAG) - -typedef struct { -ASN1_OBJECT *type; -union { - struct pkcs12_bag_st *bag; /* secret, crl and certbag */ - struct pkcs8_priv_key_info_st *keybag; /* keybag */ - X509_SIG *shkeybag; /* shrouded key bag */ - STACK_OF(PKCS12_SAFEBAG) *safes; - ASN1_TYPE *other; -}value; -STACK_OF(X509_ATTRIBUTE) *attrib; -ASN1_TYPE *rest; -} PKCS12_SAFEBAG; - -DECLARE_STACK_OF(PKCS12_SAFEBAG) -DECLARE_ASN1_SET_OF(PKCS12_SAFEBAG) -DECLARE_PKCS12_STACK_OF(PKCS12_SAFEBAG) - -typedef struct pkcs12_bag_st { -ASN1_OBJECT *type; -union { - ASN1_OCTET_STRING *x509cert; - ASN1_OCTET_STRING *x509crl; - ASN1_OCTET_STRING *octet; - ASN1_IA5STRING *sdsicert; - ASN1_TYPE *other; /* Secret or other bag */ -}value; -} PKCS12_BAGS; - -#define PKCS12_ERROR 0 -#define PKCS12_OK 1 - -#define M_PKCS12_bag_type(bag) OBJ_obj2nid(bag->type) -#define M_PKCS12_cert_bag_type(bag) OBJ_obj2nid(bag->value.bag->type) -#define M_PKCS12_crl_bag_type M_PKCS12_cert_bag_type - -#define M_PKCS12_x5092certbag(x509) \ -PKCS12_pack_safebag((char *)(x509), i2d_X509, NID_x509Certificate, NID_certBag) - -#define M_PKCS12_x509crl2certbag(crl) \ -PKCS12_pack_safebag((char *)(crl), i2d_X509CRL, NID_x509Crl, NID_crlBag) - -#define M_PKCS12_certbag2x509(bg) \ -(X509 *) ASN1_unpack_string((bg)->value.bag->value.octet, \ -(char *(*)())d2i_X509) - -#define M_PKCS12_certbag2x509crl(bg) \ -(X509CRL *) ASN1_unpack_string((bg)->value.bag->value.octet, \ -(char *(*)())d2i_X509CRL) - -/*#define M_PKCS12_pkcs82rsa(p8) \ -(RSA *) ASN1_unpack_string((p8)->pkey, (char *(*)())d2i_RSAPrivateKey)*/ - -#define M_PKCS12_unpack_p7data(p7) \ -ASN1_seq_unpack_PKCS12_SAFEBAG((p7)->d.data->data, p7->d.data->length, \ - d2i_PKCS12_SAFEBAG, PKCS12_SAFEBAG_free) - -#define M_PKCS12_pack_authsafes(p12, safes) \ -ASN1_seq_pack_PKCS7((safes), i2d_PKCS7,\ - &(p12)->authsafes->d.data->data, &(p12)->authsafes->d.data->length) - -#define M_PKCS12_unpack_authsafes(p12) \ -ASN1_seq_unpack_PKCS7((p12)->authsafes->d.data->data, \ - (p12)->authsafes->d.data->length, d2i_PKCS7, PKCS7_free) - -#define M_PKCS12_unpack_p7encdata(p7, pass, passlen) \ -PKCS12_decrypt_d2i_PKCS12_SAFEBAG((p7)->d.encrypted->enc_data->algorithm,\ - d2i_PKCS12_SAFEBAG, PKCS12_SAFEBAG_free, \ - (pass), (passlen), \ - (p7)->d.encrypted->enc_data->enc_data, 3) - -#define M_PKCS12_decrypt_skey(bag, pass, passlen) \ -(PKCS8_PRIV_KEY_INFO *) PKCS12_decrypt_d2i((bag)->value.shkeybag->algor, \ -(char *(*)())d2i_PKCS8_PRIV_KEY_INFO, (void (*)(void *))PKCS8_PRIV_KEY_INFO_free, \ - (pass), (passlen), \ - (bag)->value.shkeybag->digest, 2) - -#define M_PKCS8_decrypt(p8, pass, passlen) \ -(PKCS8_PRIV_KEY_INFO *) PKCS12_decrypt_d2i((p8)->algor, \ -(char *(*)())d2i_PKCS8_PRIV_KEY_INFO, (void (*)(void *))PKCS8_PRIV_KEY_INFO_free,\ - (pass), (passlen), (p8)->digest, 2) - -#define PKCS12_get_attr(bag, attr_nid) \ - PKCS12_get_attr_gen(bag->attrib, attr_nid) - -#define PKCS8_get_attr(p8, attr_nid) \ - PKCS12_get_attr_gen(p8->attributes, attr_nid) - -#define PKCS12_mac_present(p12) ((p12)->mac ? 1 : 0) - - -PKCS12_SAFEBAG *PKCS12_pack_safebag(char *obj, int (*i2d)(), int nid1, int nid2); -PKCS12_SAFEBAG *PKCS12_MAKE_KEYBAG(PKCS8_PRIV_KEY_INFO *p8); -X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher, - const char *pass, int passlen, - unsigned char *salt, int saltlen, int iter, - PKCS8_PRIV_KEY_INFO *p8); -PKCS12_SAFEBAG *PKCS12_MAKE_SHKEYBAG(int pbe_nid, const char *pass, - int passlen, unsigned char *salt, - int saltlen, int iter, - PKCS8_PRIV_KEY_INFO *p8); -PKCS7 *PKCS12_pack_p7data(STACK_OF(PKCS12_SAFEBAG) *sk); -PKCS7 *PKCS12_pack_p7encdata(int pbe_nid, const char *pass, int passlen, - unsigned char *salt, int saltlen, int iter, - STACK_OF(PKCS12_SAFEBAG) *bags); -int PKCS12_add_localkeyid(PKCS12_SAFEBAG *bag, unsigned char *name, int namelen); -int PKCS12_add_friendlyname_asc(PKCS12_SAFEBAG *bag, const char *name, - int namelen); -int PKCS12_add_friendlyname_uni(PKCS12_SAFEBAG *bag, const unsigned char *name, - int namelen); -int PKCS8_add_keyusage(PKCS8_PRIV_KEY_INFO *p8, int usage); -ASN1_TYPE *PKCS12_get_attr_gen(STACK_OF(X509_ATTRIBUTE) *attrs, int attr_nid); -char *PKCS12_get_friendlyname(PKCS12_SAFEBAG *bag); -unsigned char *PKCS12_pbe_crypt(X509_ALGOR *algor, const char *pass, - int passlen, unsigned char *in, int inlen, - unsigned char **data, int *datalen, int en_de); -char *PKCS12_decrypt_d2i(X509_ALGOR *algor, char *(*d2i)(), - void (*free_func)(void *), const char *pass, int passlen, - ASN1_STRING *oct, int seq); -ASN1_STRING *PKCS12_i2d_encrypt(X509_ALGOR *algor, int (*i2d)(), - const char *pass, int passlen, char *obj, - int seq); -PKCS12 *PKCS12_init(int mode); -int PKCS12_key_gen_asc(const char *pass, int passlen, unsigned char *salt, - int saltlen, int id, int iter, int n, - unsigned char *out, const EVP_MD *md_type); -int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt, int saltlen, int id, int iter, int n, unsigned char *out, const EVP_MD *md_type); -int PKCS12_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, - ASN1_TYPE *param, EVP_CIPHER *cipher, EVP_MD *md_type, - int en_de); -int PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen, - unsigned char *mac, unsigned int *maclen); -int PKCS12_verify_mac(PKCS12 *p12, const char *pass, int passlen); -int PKCS12_set_mac(PKCS12 *p12, const char *pass, int passlen, - unsigned char *salt, int saltlen, int iter, - EVP_MD *md_type); -int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt, - int saltlen, EVP_MD *md_type); -unsigned char *asc2uni(const char *asc, unsigned char **uni, int *unilen); -char *uni2asc(unsigned char *uni, int unilen); -int i2d_PKCS12_BAGS(PKCS12_BAGS *a, unsigned char **pp); -PKCS12_BAGS *PKCS12_BAGS_new(void); -PKCS12_BAGS *d2i_PKCS12_BAGS(PKCS12_BAGS **a, unsigned char **pp, long length); -void PKCS12_BAGS_free(PKCS12_BAGS *a); -int i2d_PKCS12(PKCS12 *a, unsigned char **pp); -PKCS12 *d2i_PKCS12(PKCS12 **a, unsigned char **pp, long length); -PKCS12 *PKCS12_new(void); -void PKCS12_free(PKCS12 *a); -int i2d_PKCS12_MAC_DATA(PKCS12_MAC_DATA *a, unsigned char **pp); -PKCS12_MAC_DATA *PKCS12_MAC_DATA_new(void); -PKCS12_MAC_DATA *d2i_PKCS12_MAC_DATA(PKCS12_MAC_DATA **a, unsigned char **pp, - long length); -void PKCS12_MAC_DATA_free(PKCS12_MAC_DATA *a); -int i2d_PKCS12_SAFEBAG(PKCS12_SAFEBAG *a, unsigned char **pp); -PKCS12_SAFEBAG *PKCS12_SAFEBAG_new(void); -PKCS12_SAFEBAG *d2i_PKCS12_SAFEBAG(PKCS12_SAFEBAG **a, unsigned char **pp, - long length); -void PKCS12_SAFEBAG_free(PKCS12_SAFEBAG *a); -void ERR_load_PKCS12_strings(void); -void PKCS12_PBE_add(void); -int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, - STACK_OF(X509) **ca); -PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert, - STACK_OF(X509) *ca, int nid_key, int nid_cert, int iter, - int mac_iter, int keytype); -int i2d_PKCS12_bio(BIO *bp, PKCS12 *p12); -int i2d_PKCS12_fp(FILE *fp, PKCS12 *p12); -PKCS12 *d2i_PKCS12_bio(BIO *bp, PKCS12 **p12); -PKCS12 *d2i_PKCS12_fp(FILE *fp, PKCS12 **p12); -int PKCS12_newpass(PKCS12 *p12, char *oldpass, char *newpass); - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ - -/* Error codes for the PKCS12 functions. */ - -/* Function codes. */ -#define PKCS12_F_PARSE_BAGS 103 -#define PKCS12_F_PKCS12_ADD_FRIENDLYNAME 100 -#define PKCS12_F_PKCS12_ADD_FRIENDLYNAME_ASC 127 -#define PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI 102 -#define PKCS12_F_PKCS12_ADD_LOCALKEYID 104 -#define PKCS12_F_PKCS12_CREATE 105 -#define PKCS12_F_PKCS12_DECRYPT_D2I 106 -#define PKCS12_F_PKCS12_GEN_MAC 107 -#define PKCS12_F_PKCS12_I2D_ENCRYPT 108 -#define PKCS12_F_PKCS12_INIT 109 -#define PKCS12_F_PKCS12_KEY_GEN_ASC 110 -#define PKCS12_F_PKCS12_KEY_GEN_UNI 111 -#define PKCS12_F_PKCS12_MAKE_KEYBAG 112 -#define PKCS12_F_PKCS12_MAKE_SHKEYBAG 113 -#define PKCS12_F_PKCS12_NEWPASS 128 -#define PKCS12_F_PKCS12_PACK_P7DATA 114 -#define PKCS12_F_PKCS12_PACK_P7ENCDATA 115 -#define PKCS12_F_PKCS12_PACK_SAFEBAG 117 -#define PKCS12_F_PKCS12_PARSE 118 -#define PKCS12_F_PKCS12_PBE_CRYPT 119 -#define PKCS12_F_PKCS12_PBE_KEYIVGEN 120 -#define PKCS12_F_PKCS12_SETUP_MAC 122 -#define PKCS12_F_PKCS12_SET_MAC 123 -#define PKCS12_F_PKCS8_ADD_KEYUSAGE 124 -#define PKCS12_F_PKCS8_ENCRYPT 125 -#define PKCS12_F_VERIFY_MAC 126 - -/* Reason codes. */ -#define PKCS12_R_CANT_PACK_STRUCTURE 100 -#define PKCS12_R_DECODE_ERROR 101 -#define PKCS12_R_ENCODE_ERROR 102 -#define PKCS12_R_ENCRYPT_ERROR 103 -#define PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE 120 -#define PKCS12_R_INVALID_NULL_ARGUMENT 104 -#define PKCS12_R_INVALID_NULL_PKCS12_POINTER 105 -#define PKCS12_R_IV_GEN_ERROR 106 -#define PKCS12_R_KEY_GEN_ERROR 107 -#define PKCS12_R_MAC_ABSENT 108 -#define PKCS12_R_MAC_GENERATION_ERROR 109 -#define PKCS12_R_MAC_SETUP_ERROR 110 -#define PKCS12_R_MAC_STRING_SET_ERROR 111 -#define PKCS12_R_MAC_VERIFY_ERROR 112 -#define PKCS12_R_MAC_VERIFY_FAILURE 113 -#define PKCS12_R_PARSE_ERROR 114 -#define PKCS12_R_PKCS12_ALGOR_CIPHERINIT_ERROR 115 -#define PKCS12_R_PKCS12_CIPHERFINAL_ERROR 116 -#define PKCS12_R_PKCS12_PBE_CRYPT_ERROR 117 -#define PKCS12_R_UNKNOWN_DIGEST_ALGORITHM 118 -#define PKCS12_R_UNSUPPORTED_PKCS12_MODE 119 - -#ifdef __cplusplus -} -#endif -#endif - diff --git a/src/lib/libcrypto/pkcs7/pk7_attr.c b/src/lib/libcrypto/pkcs7/pk7_attr.c deleted file mode 100644 index 6ae264cbf9..0000000000 --- a/src/lib/libcrypto/pkcs7/pk7_attr.c +++ /dev/null @@ -1,89 +0,0 @@ -/* pk7_attr.c */ -/* S/MIME code. - * Copyright (C) 1997-8 Dr S N Henson (shenson@bigfoot.com) - * All Rights Reserved. - * Redistribution of this code without the authors permission is expressly - * prohibited. - */ - -#include -#include -#include -#include -#include -#include -#include -#include - -int PKCS7_add_attrib_smimecap(PKCS7_SIGNER_INFO *si, STACK_OF(X509_ALGOR) *cap) -{ - ASN1_STRING *seq; - unsigned char *p, *pp; - int len; - len=i2d_ASN1_SET_OF_X509_ALGOR(cap,NULL,i2d_X509_ALGOR, - V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL, - IS_SEQUENCE); - if(!(pp=(unsigned char *)OPENSSL_malloc(len))) { - PKCS7err(PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP,ERR_R_MALLOC_FAILURE); - return 0; - } - p=pp; - i2d_ASN1_SET_OF_X509_ALGOR(cap,&p,i2d_X509_ALGOR, V_ASN1_SEQUENCE, - V_ASN1_UNIVERSAL, IS_SEQUENCE); - if(!(seq = ASN1_STRING_new())) { - PKCS7err(PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP,ERR_R_MALLOC_FAILURE); - return 0; - } - if(!ASN1_STRING_set (seq, pp, len)) { - PKCS7err(PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP,ERR_R_MALLOC_FAILURE); - return 0; - } - OPENSSL_free (pp); - return PKCS7_add_signed_attribute(si, NID_SMIMECapabilities, - V_ASN1_SEQUENCE, seq); -} - -STACK_OF(X509_ALGOR) *PKCS7_get_smimecap(PKCS7_SIGNER_INFO *si) -{ - ASN1_TYPE *cap; - unsigned char *p; - cap = PKCS7_get_signed_attribute(si, NID_SMIMECapabilities); - if (!cap) return NULL; - p = cap->value.sequence->data; - return d2i_ASN1_SET_OF_X509_ALGOR(NULL, &p, - cap->value.sequence->length, - d2i_X509_ALGOR, X509_ALGOR_free, - V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL); -} - -/* Basic smime-capabilities OID and optional integer arg */ -int PKCS7_simple_smimecap(STACK_OF(X509_ALGOR) *sk, int nid, int arg) -{ - X509_ALGOR *alg; - - if(!(alg = X509_ALGOR_new())) { - PKCS7err(PKCS7_F_PKCS7_SIMPLE_SMIMECAP,ERR_R_MALLOC_FAILURE); - return 0; - } - ASN1_OBJECT_free(alg->algorithm); - alg->algorithm = OBJ_nid2obj (nid); - if (arg > 0) { - ASN1_INTEGER *nbit; - if(!(alg->parameter = ASN1_TYPE_new())) { - PKCS7err(PKCS7_F_PKCS7_SIMPLE_SMIMECAP,ERR_R_MALLOC_FAILURE); - return 0; - } - if(!(nbit = ASN1_INTEGER_new())) { - PKCS7err(PKCS7_F_PKCS7_SIMPLE_SMIMECAP,ERR_R_MALLOC_FAILURE); - return 0; - } - if(!ASN1_INTEGER_set (nbit, arg)) { - PKCS7err(PKCS7_F_PKCS7_SIMPLE_SMIMECAP,ERR_R_MALLOC_FAILURE); - return 0; - } - alg->parameter->value.integer = nbit; - alg->parameter->type = V_ASN1_INTEGER; - } - sk_X509_ALGOR_push (sk, alg); - return 1; -} diff --git a/src/lib/libcrypto/pkcs7/pk7_doit.c b/src/lib/libcrypto/pkcs7/pk7_doit.c deleted file mode 100644 index 099e9651c1..0000000000 --- a/src/lib/libcrypto/pkcs7/pk7_doit.c +++ /dev/null @@ -1,937 +0,0 @@ -/* crypto/pkcs7/pk7_doit.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include -#include -#include - -static int add_attribute(STACK_OF(X509_ATTRIBUTE) **sk, int nid, int atrtype, - void *value); -static ASN1_TYPE *get_attribute(STACK_OF(X509_ATTRIBUTE) *sk, int nid); - -BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio) - { - int i,j; - BIO *out=NULL,*btmp=NULL; - X509_ALGOR *xa; - const EVP_MD *evp_md; - const EVP_CIPHER *evp_cipher=NULL; - STACK_OF(X509_ALGOR) *md_sk=NULL; - STACK_OF(PKCS7_RECIP_INFO) *rsk=NULL; - X509_ALGOR *xalg=NULL; - PKCS7_RECIP_INFO *ri=NULL; - EVP_PKEY *pkey; - - i=OBJ_obj2nid(p7->type); - p7->state=PKCS7_S_HEADER; - - switch (i) - { - case NID_pkcs7_signed: - md_sk=p7->d.sign->md_algs; - break; - case NID_pkcs7_signedAndEnveloped: - rsk=p7->d.signed_and_enveloped->recipientinfo; - md_sk=p7->d.signed_and_enveloped->md_algs; - xalg=p7->d.signed_and_enveloped->enc_data->algorithm; - evp_cipher=p7->d.signed_and_enveloped->enc_data->cipher; - if (evp_cipher == NULL) - { - PKCS7err(PKCS7_F_PKCS7_DATAINIT, - PKCS7_R_CIPHER_NOT_INITIALIZED); - goto err; - } - break; - case NID_pkcs7_enveloped: - rsk=p7->d.enveloped->recipientinfo; - xalg=p7->d.enveloped->enc_data->algorithm; - evp_cipher=p7->d.enveloped->enc_data->cipher; - if (evp_cipher == NULL) - { - PKCS7err(PKCS7_F_PKCS7_DATAINIT, - PKCS7_R_CIPHER_NOT_INITIALIZED); - goto err; - } - break; - default: - PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_UNSUPPORTED_CONTENT_TYPE); - goto err; - } - - if (md_sk != NULL) - { - for (i=0; ialgorithm); - evp_md=EVP_get_digestbyname(OBJ_nid2sn(j)); - if (evp_md == NULL) - { - PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_UNKNOWN_DIGEST_TYPE); - goto err; - } - - BIO_set_md(btmp,evp_md); - if (out == NULL) - out=btmp; - else - BIO_push(out,btmp); - btmp=NULL; - } - } - - if (evp_cipher != NULL) - { - unsigned char key[EVP_MAX_KEY_LENGTH]; - unsigned char iv[EVP_MAX_IV_LENGTH]; - int keylen,ivlen; - int jj,max; - unsigned char *tmp; - EVP_CIPHER_CTX *ctx; - - if ((btmp=BIO_new(BIO_f_cipher())) == NULL) - { - PKCS7err(PKCS7_F_PKCS7_DATAINIT,ERR_R_BIO_LIB); - goto err; - } - BIO_get_cipher_ctx(btmp, &ctx); - keylen=EVP_CIPHER_key_length(evp_cipher); - ivlen=EVP_CIPHER_iv_length(evp_cipher); - if (RAND_bytes(key,keylen) <= 0) - goto err; - xalg->algorithm = OBJ_nid2obj(EVP_CIPHER_type(evp_cipher)); - if (ivlen > 0) RAND_pseudo_bytes(iv,ivlen); - EVP_CipherInit(ctx, evp_cipher, key, iv, 1); - - if (ivlen > 0) { - if (xalg->parameter == NULL) - xalg->parameter=ASN1_TYPE_new(); - if(EVP_CIPHER_param_to_asn1(ctx, xalg->parameter) < 0) - goto err; - } - - /* Lets do the pub key stuff :-) */ - max=0; - for (i=0; icert == NULL) - { - PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_MISSING_CERIPEND_INFO); - goto err; - } - pkey=X509_get_pubkey(ri->cert); - jj=EVP_PKEY_size(pkey); - EVP_PKEY_free(pkey); - if (max < jj) max=jj; - } - if ((tmp=(unsigned char *)OPENSSL_malloc(max)) == NULL) - { - PKCS7err(PKCS7_F_PKCS7_DATAINIT,ERR_R_MALLOC_FAILURE); - goto err; - } - for (i=0; icert); - jj=EVP_PKEY_encrypt(tmp,key,keylen,pkey); - EVP_PKEY_free(pkey); - if (jj <= 0) - { - PKCS7err(PKCS7_F_PKCS7_DATAINIT,ERR_R_EVP_LIB); - OPENSSL_free(tmp); - goto err; - } - M_ASN1_OCTET_STRING_set(ri->enc_key,tmp,jj); - } - OPENSSL_free(tmp); - memset(key, 0, keylen); - - if (out == NULL) - out=btmp; - else - BIO_push(out,btmp); - btmp=NULL; - } - - if (bio == NULL) { - if (p7->detached) - bio=BIO_new(BIO_s_null()); - else { - if (PKCS7_type_is_signed(p7) && - PKCS7_type_is_data(p7->d.sign->contents)) { - ASN1_OCTET_STRING *os; - os=p7->d.sign->contents->d.data; - if (os->length > 0) bio = - BIO_new_mem_buf(os->data, os->length); - } - if(bio == NULL) { - bio=BIO_new(BIO_s_mem()); - BIO_set_mem_eof_return(bio,0); - } - } - } - BIO_push(out,bio); - bio=NULL; - if (0) - { -err: - if (out != NULL) - BIO_free_all(out); - if (btmp != NULL) - BIO_free_all(btmp); - out=NULL; - } - return(out); - } - -/* int */ -BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert) - { - int i,j; - BIO *out=NULL,*btmp=NULL,*etmp=NULL,*bio=NULL; - unsigned char *tmp=NULL; - X509_ALGOR *xa; - ASN1_OCTET_STRING *data_body=NULL; - const EVP_MD *evp_md; - const EVP_CIPHER *evp_cipher=NULL; - EVP_CIPHER_CTX *evp_ctx=NULL; - X509_ALGOR *enc_alg=NULL; - STACK_OF(X509_ALGOR) *md_sk=NULL; - STACK_OF(PKCS7_RECIP_INFO) *rsk=NULL; - X509_ALGOR *xalg=NULL; - PKCS7_RECIP_INFO *ri=NULL; - - i=OBJ_obj2nid(p7->type); - p7->state=PKCS7_S_HEADER; - - switch (i) - { - case NID_pkcs7_signed: - data_body=p7->d.sign->contents->d.data; - md_sk=p7->d.sign->md_algs; - break; - case NID_pkcs7_signedAndEnveloped: - rsk=p7->d.signed_and_enveloped->recipientinfo; - md_sk=p7->d.signed_and_enveloped->md_algs; - data_body=p7->d.signed_and_enveloped->enc_data->enc_data; - enc_alg=p7->d.signed_and_enveloped->enc_data->algorithm; - evp_cipher=EVP_get_cipherbyname(OBJ_nid2sn(OBJ_obj2nid(enc_alg->algorithm))); - if (evp_cipher == NULL) - { - PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CIPHER_TYPE); - goto err; - } - xalg=p7->d.signed_and_enveloped->enc_data->algorithm; - break; - case NID_pkcs7_enveloped: - rsk=p7->d.enveloped->recipientinfo; - enc_alg=p7->d.enveloped->enc_data->algorithm; - data_body=p7->d.enveloped->enc_data->enc_data; - evp_cipher=EVP_get_cipherbyname(OBJ_nid2sn(OBJ_obj2nid(enc_alg->algorithm))); - if (evp_cipher == NULL) - { - PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CIPHER_TYPE); - goto err; - } - xalg=p7->d.enveloped->enc_data->algorithm; - break; - default: - PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CONTENT_TYPE); - goto err; - } - - /* We will be checking the signature */ - if (md_sk != NULL) - { - for (i=0; ialgorithm); - evp_md=EVP_get_digestbyname(OBJ_nid2sn(j)); - if (evp_md == NULL) - { - PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNKNOWN_DIGEST_TYPE); - goto err; - } - - BIO_set_md(btmp,evp_md); - if (out == NULL) - out=btmp; - else - BIO_push(out,btmp); - btmp=NULL; - } - } - - if (evp_cipher != NULL) - { -#if 0 - unsigned char key[EVP_MAX_KEY_LENGTH]; - unsigned char iv[EVP_MAX_IV_LENGTH]; - unsigned char *p; - int keylen,ivlen; - int max; - X509_OBJECT ret; -#endif - int jj; - - if ((etmp=BIO_new(BIO_f_cipher())) == NULL) - { - PKCS7err(PKCS7_F_PKCS7_DATADECODE,ERR_R_BIO_LIB); - goto err; - } - - /* It was encrypted, we need to decrypt the secret key - * with the private key */ - - /* Find the recipientInfo which matches the passed certificate - * (if any) - */ - - for (i=0; iissuer_and_serial->issuer, - pcert->cert_info->issuer) && - !M_ASN1_INTEGER_cmp(pcert->cert_info->serialNumber, - ri->issuer_and_serial->serial)) break; - ri=NULL; - } - if (ri == NULL) { - PKCS7err(PKCS7_F_PKCS7_DATADECODE, - PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE); - return(NULL); - } - - jj=EVP_PKEY_size(pkey); - tmp=(unsigned char *)OPENSSL_malloc(jj+10); - if (tmp == NULL) - { - PKCS7err(PKCS7_F_PKCS7_DATADECODE,ERR_R_MALLOC_FAILURE); - goto err; - } - - jj=EVP_PKEY_decrypt(tmp, M_ASN1_STRING_data(ri->enc_key), - M_ASN1_STRING_length(ri->enc_key), pkey); - if (jj <= 0) - { - PKCS7err(PKCS7_F_PKCS7_DATADECODE,ERR_R_EVP_LIB); - goto err; - } - - evp_ctx=NULL; - BIO_get_cipher_ctx(etmp,&evp_ctx); - EVP_CipherInit(evp_ctx,evp_cipher,NULL,NULL,0); - if (EVP_CIPHER_asn1_to_param(evp_ctx,enc_alg->parameter) < 0) - return(NULL); - - if (jj != EVP_CIPHER_CTX_key_length(evp_ctx)) { - /* Some S/MIME clients don't use the same key - * and effective key length. The key length is - * determined by the size of the decrypted RSA key. - */ - if(!EVP_CIPHER_CTX_set_key_length(evp_ctx, jj)) - { - PKCS7err(PKCS7_F_PKCS7_DATADECODE, - PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH); - goto err; - } - } - EVP_CipherInit(evp_ctx,NULL,tmp,NULL,0); - - memset(tmp,0,jj); - - if (out == NULL) - out=etmp; - else - BIO_push(out,etmp); - etmp=NULL; - } - -#if 1 - if (p7->detached || (in_bio != NULL)) - { - bio=in_bio; - } - else - { -#if 0 - bio=BIO_new(BIO_s_mem()); - /* We need to set this so that when we have read all - * the data, the encrypt BIO, if present, will read - * EOF and encode the last few bytes */ - BIO_set_mem_eof_return(bio,0); - - if (data_body->length > 0) - BIO_write(bio,(char *)data_body->data,data_body->length); -#else - if (data_body->length > 0) - bio = BIO_new_mem_buf(data_body->data,data_body->length); - else { - bio=BIO_new(BIO_s_mem()); - BIO_set_mem_eof_return(bio,0); - } -#endif - } - BIO_push(out,bio); - bio=NULL; -#endif - if (0) - { -err: - if (out != NULL) BIO_free_all(out); - if (btmp != NULL) BIO_free_all(btmp); - if (etmp != NULL) BIO_free_all(etmp); - if (bio != NULL) BIO_free_all(bio); - out=NULL; - } - if (tmp != NULL) - OPENSSL_free(tmp); - return(out); - } - -int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) - { - int ret=0; - int i,j; - BIO *btmp; - BUF_MEM *buf_mem=NULL; - BUF_MEM *buf=NULL; - PKCS7_SIGNER_INFO *si; - EVP_MD_CTX *mdc,ctx_tmp; - STACK_OF(X509_ATTRIBUTE) *sk; - STACK_OF(PKCS7_SIGNER_INFO) *si_sk=NULL; - unsigned char *p,*pp=NULL; - int x; - ASN1_OCTET_STRING *os=NULL; - - i=OBJ_obj2nid(p7->type); - p7->state=PKCS7_S_HEADER; - - switch (i) - { - case NID_pkcs7_signedAndEnveloped: - /* XXXXXXXXXXXXXXXX */ - si_sk=p7->d.signed_and_enveloped->signer_info; - os=M_ASN1_OCTET_STRING_new(); - p7->d.signed_and_enveloped->enc_data->enc_data=os; - break; - case NID_pkcs7_enveloped: - /* XXXXXXXXXXXXXXXX */ - os=M_ASN1_OCTET_STRING_new(); - p7->d.enveloped->enc_data->enc_data=os; - break; - case NID_pkcs7_signed: - si_sk=p7->d.sign->signer_info; - os=p7->d.sign->contents->d.data; - /* If detached data then the content is excluded */ - if(p7->detached) { - M_ASN1_OCTET_STRING_free(os); - p7->d.sign->contents->d.data = NULL; - } - break; - } - - if (si_sk != NULL) - { - if ((buf=BUF_MEM_new()) == NULL) - { - PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_BIO_LIB); - goto err; - } - for (i=0; ipkey == NULL) continue; - - j=OBJ_obj2nid(si->digest_alg->algorithm); - - btmp=bio; - for (;;) - { - if ((btmp=BIO_find_type(btmp,BIO_TYPE_MD)) - == NULL) - { - PKCS7err(PKCS7_F_PKCS7_DATASIGN,PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST); - goto err; - } - BIO_get_md_ctx(btmp,&mdc); - if (mdc == NULL) - { - PKCS7err(PKCS7_F_PKCS7_DATASIGN,PKCS7_R_INTERNAL_ERROR); - goto err; - } - if (EVP_MD_CTX_type(mdc) == j) - break; - else - btmp=BIO_next(btmp); - } - - /* We now have the EVP_MD_CTX, lets do the - * signing. */ - memcpy(&ctx_tmp,mdc,sizeof(ctx_tmp)); - if (!BUF_MEM_grow(buf,EVP_PKEY_size(si->pkey))) - { - PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_BIO_LIB); - goto err; - } - - sk=si->auth_attr; - - /* If there are attributes, we add the digest - * attribute and only sign the attributes */ - if ((sk != NULL) && (sk_X509_ATTRIBUTE_num(sk) != 0)) - { - unsigned char md_data[EVP_MAX_MD_SIZE]; - unsigned int md_len; - ASN1_OCTET_STRING *digest; - ASN1_UTCTIME *sign_time; - const EVP_MD *md_tmp; - - /* Add signing time */ - sign_time=X509_gmtime_adj(NULL,0); - PKCS7_add_signed_attribute(si, - NID_pkcs9_signingTime, - V_ASN1_UTCTIME,sign_time); - - /* Add digest */ - md_tmp=EVP_MD_CTX_md(&ctx_tmp); - EVP_DigestFinal(&ctx_tmp,md_data,&md_len); - digest=M_ASN1_OCTET_STRING_new(); - M_ASN1_OCTET_STRING_set(digest,md_data,md_len); - PKCS7_add_signed_attribute(si, - NID_pkcs9_messageDigest, - V_ASN1_OCTET_STRING,digest); - - /* Now sign the mess */ - EVP_SignInit(&ctx_tmp,md_tmp); - x=i2d_ASN1_SET_OF_X509_ATTRIBUTE(sk,NULL, - i2d_X509_ATTRIBUTE, - V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET); - pp=(unsigned char *)OPENSSL_malloc(x); - p=pp; - i2d_ASN1_SET_OF_X509_ATTRIBUTE(sk,&p, - i2d_X509_ATTRIBUTE, - V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET); - EVP_SignUpdate(&ctx_tmp,pp,x); - OPENSSL_free(pp); - pp=NULL; - } - - if (si->pkey->type == EVP_PKEY_DSA) - ctx_tmp.digest=EVP_dss1(); - - if (!EVP_SignFinal(&ctx_tmp,(unsigned char *)buf->data, - (unsigned int *)&buf->length,si->pkey)) - { - PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_EVP_LIB); - goto err; - } - if (!ASN1_STRING_set(si->enc_digest, - (unsigned char *)buf->data,buf->length)) - { - PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_ASN1_LIB); - goto err; - } - } - } - - if (!p7->detached) - { - btmp=BIO_find_type(bio,BIO_TYPE_MEM); - if (btmp == NULL) - { - PKCS7err(PKCS7_F_PKCS7_DATASIGN,PKCS7_R_UNABLE_TO_FIND_MEM_BIO); - goto err; - } - BIO_get_mem_ptr(btmp,&buf_mem); - /* Mark the BIO read only then we can use its copy of the data - * instead of making an extra copy. - */ - BIO_set_flags(btmp, BIO_FLAGS_MEM_RDONLY); - BIO_set_mem_eof_return(btmp, 0); - os->data = (unsigned char *)buf_mem->data; - os->length = buf_mem->length; -#if 0 - M_ASN1_OCTET_STRING_set(os, - (unsigned char *)buf_mem->data,buf_mem->length); -#endif - } - if (pp != NULL) OPENSSL_free(pp); - pp=NULL; - - ret=1; -err: - if (buf != NULL) BUF_MEM_free(buf); - return(ret); - } - -int PKCS7_dataVerify(X509_STORE *cert_store, X509_STORE_CTX *ctx, BIO *bio, - PKCS7 *p7, PKCS7_SIGNER_INFO *si) - { - PKCS7_ISSUER_AND_SERIAL *ias; - int ret=0,i; - STACK_OF(X509) *cert; - X509 *x509; - - if (PKCS7_type_is_signed(p7)) - { - cert=p7->d.sign->cert; - } - else if (PKCS7_type_is_signedAndEnveloped(p7)) - { - cert=p7->d.signed_and_enveloped->cert; - } - else - { - PKCS7err(PKCS7_F_PKCS7_DATAVERIFY,PKCS7_R_WRONG_PKCS7_TYPE); - goto err; - } - /* XXXXXXXXXXXXXXXXXXXXXXX */ - ias=si->issuer_and_serial; - - x509=X509_find_by_issuer_and_serial(cert,ias->issuer,ias->serial); - - /* were we able to find the cert in passed to us */ - if (x509 == NULL) - { - PKCS7err(PKCS7_F_PKCS7_DATAVERIFY,PKCS7_R_UNABLE_TO_FIND_CERTIFICATE); - goto err; - } - - /* Lets verify */ - X509_STORE_CTX_init(ctx,cert_store,x509,cert); - X509_STORE_CTX_set_purpose(ctx, X509_PURPOSE_SMIME_SIGN); - i=X509_verify_cert(ctx); - if (i <= 0) - { - PKCS7err(PKCS7_F_PKCS7_DATAVERIFY,ERR_R_X509_LIB); - X509_STORE_CTX_cleanup(ctx); - goto err; - } - X509_STORE_CTX_cleanup(ctx); - - return PKCS7_signatureVerify(bio, p7, si, x509); - err: - return ret; - } - -int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si, - X509 *x509) - { - ASN1_OCTET_STRING *os; - EVP_MD_CTX mdc_tmp,*mdc; - unsigned char *pp,*p; - int ret=0,i; - int md_type; - STACK_OF(X509_ATTRIBUTE) *sk; - BIO *btmp; - EVP_PKEY *pkey; - - if (!PKCS7_type_is_signed(p7) && - !PKCS7_type_is_signedAndEnveloped(p7)) { - PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, - PKCS7_R_WRONG_PKCS7_TYPE); - goto err; - } - - md_type=OBJ_obj2nid(si->digest_alg->algorithm); - - btmp=bio; - for (;;) - { - if ((btmp == NULL) || - ((btmp=BIO_find_type(btmp,BIO_TYPE_MD)) == NULL)) - { - PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, - PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST); - goto err; - } - BIO_get_md_ctx(btmp,&mdc); - if (mdc == NULL) - { - PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, - PKCS7_R_INTERNAL_ERROR); - goto err; - } - if (EVP_MD_CTX_type(mdc) == md_type) - break; - btmp=BIO_next(btmp); - } - - /* mdc is the digest ctx that we want, unless there are attributes, - * in which case the digest is the signed attributes */ - memcpy(&mdc_tmp,mdc,sizeof(mdc_tmp)); - - sk=si->auth_attr; - if ((sk != NULL) && (sk_X509_ATTRIBUTE_num(sk) != 0)) - { - unsigned char md_dat[EVP_MAX_MD_SIZE]; - unsigned int md_len; - ASN1_OCTET_STRING *message_digest; - - EVP_DigestFinal(&mdc_tmp,md_dat,&md_len); - message_digest=PKCS7_digest_from_attributes(sk); - if (!message_digest) - { - PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, - PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST); - goto err; - } - if ((message_digest->length != (int)md_len) || - (memcmp(message_digest->data,md_dat,md_len))) - { -#if 0 -{ -int ii; -for (ii=0; iilength; ii++) - printf("%02X",message_digest->data[ii]); printf(" sent\n"); -for (ii=0; iienc_digest; - pkey = X509_get_pubkey(x509); - if(pkey->type == EVP_PKEY_DSA) mdc_tmp.digest=EVP_dss1(); - - i=EVP_VerifyFinal(&mdc_tmp,os->data,os->length, pkey); - EVP_PKEY_free(pkey); - if (i <= 0) - { - PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, - PKCS7_R_SIGNATURE_FAILURE); - ret= -1; - goto err; - } - else - ret=1; -err: - return(ret); - } - -PKCS7_ISSUER_AND_SERIAL *PKCS7_get_issuer_and_serial(PKCS7 *p7, int idx) - { - STACK_OF(PKCS7_RECIP_INFO) *rsk; - PKCS7_RECIP_INFO *ri; - int i; - - i=OBJ_obj2nid(p7->type); - if (i != NID_pkcs7_signedAndEnveloped) return(NULL); - rsk=p7->d.signed_and_enveloped->recipientinfo; - ri=sk_PKCS7_RECIP_INFO_value(rsk,0); - if (sk_PKCS7_RECIP_INFO_num(rsk) <= idx) return(NULL); - ri=sk_PKCS7_RECIP_INFO_value(rsk,idx); - return(ri->issuer_and_serial); - } - -ASN1_TYPE *PKCS7_get_signed_attribute(PKCS7_SIGNER_INFO *si, int nid) - { - return(get_attribute(si->auth_attr,nid)); - } - -ASN1_TYPE *PKCS7_get_attribute(PKCS7_SIGNER_INFO *si, int nid) - { - return(get_attribute(si->unauth_attr,nid)); - } - -static ASN1_TYPE *get_attribute(STACK_OF(X509_ATTRIBUTE) *sk, int nid) - { - int i; - X509_ATTRIBUTE *xa; - ASN1_OBJECT *o; - - o=OBJ_nid2obj(nid); - if (!o || !sk) return(NULL); - for (i=0; iobject,o) == 0) - { - if (xa->set && sk_ASN1_TYPE_num(xa->value.set)) - return(sk_ASN1_TYPE_value(xa->value.set,0)); - else - return(NULL); - } - } - return(NULL); - } - -ASN1_OCTET_STRING *PKCS7_digest_from_attributes(STACK_OF(X509_ATTRIBUTE) *sk) -{ - ASN1_TYPE *astype; - if(!(astype = get_attribute(sk, NID_pkcs9_messageDigest))) return NULL; - return astype->value.octet_string; -} - -int PKCS7_set_signed_attributes(PKCS7_SIGNER_INFO *p7si, - STACK_OF(X509_ATTRIBUTE) *sk) - { - int i; - - if (p7si->auth_attr != NULL) - sk_X509_ATTRIBUTE_pop_free(p7si->auth_attr,X509_ATTRIBUTE_free); - p7si->auth_attr=sk_X509_ATTRIBUTE_dup(sk); - for (i=0; iauth_attr,i, - X509_ATTRIBUTE_dup(sk_X509_ATTRIBUTE_value(sk,i)))) - == NULL) - return(0); - } - return(1); - } - -int PKCS7_set_attributes(PKCS7_SIGNER_INFO *p7si, STACK_OF(X509_ATTRIBUTE) *sk) - { - int i; - - if (p7si->unauth_attr != NULL) - sk_X509_ATTRIBUTE_pop_free(p7si->unauth_attr, - X509_ATTRIBUTE_free); - p7si->unauth_attr=sk_X509_ATTRIBUTE_dup(sk); - for (i=0; iunauth_attr,i, - X509_ATTRIBUTE_dup(sk_X509_ATTRIBUTE_value(sk,i)))) - == NULL) - return(0); - } - return(1); - } - -int PKCS7_add_signed_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int atrtype, - void *value) - { - return(add_attribute(&(p7si->auth_attr),nid,atrtype,value)); - } - -int PKCS7_add_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int atrtype, - void *value) - { - return(add_attribute(&(p7si->unauth_attr),nid,atrtype,value)); - } - -static int add_attribute(STACK_OF(X509_ATTRIBUTE) **sk, int nid, int atrtype, - void *value) - { - X509_ATTRIBUTE *attr=NULL; - - if (*sk == NULL) - { - *sk = sk_X509_ATTRIBUTE_new_null(); -new_attrib: - attr=X509_ATTRIBUTE_create(nid,atrtype,value); - sk_X509_ATTRIBUTE_push(*sk,attr); - } - else - { - int i; - - for (i=0; iobject) == nid) - { - X509_ATTRIBUTE_free(attr); - attr=X509_ATTRIBUTE_create(nid,atrtype,value); - sk_X509_ATTRIBUTE_set(*sk,i,attr); - goto end; - } - } - goto new_attrib; - } -end: - return(1); - } - diff --git a/src/lib/libcrypto/pkcs7/pk7_lib.c b/src/lib/libcrypto/pkcs7/pk7_lib.c deleted file mode 100644 index 45973fe850..0000000000 --- a/src/lib/libcrypto/pkcs7/pk7_lib.c +++ /dev/null @@ -1,469 +0,0 @@ -/* crypto/pkcs7/pk7_lib.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include - -long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg) - { - int nid; - long ret; - - nid=OBJ_obj2nid(p7->type); - - switch (cmd) - { - case PKCS7_OP_SET_DETACHED_SIGNATURE: - if (nid == NID_pkcs7_signed) - { - ret=p7->detached=(int)larg; - } - else - { - PKCS7err(PKCS7_F_PKCS7_CTRL,PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE); - ret=0; - } - break; - case PKCS7_OP_GET_DETACHED_SIGNATURE: - if (nid == NID_pkcs7_signed) - { - ret=p7->detached; - } - else - { - PKCS7err(PKCS7_F_PKCS7_CTRL,PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE); - ret=0; - } - - break; - default: - PKCS7err(PKCS7_F_PKCS7_CTRL,PKCS7_R_UNKNOWN_OPERATION); - ret=0; - } - return(ret); - } - -int PKCS7_content_new(PKCS7 *p7, int type) - { - PKCS7 *ret=NULL; - - if ((ret=PKCS7_new()) == NULL) goto err; - if (!PKCS7_set_type(ret,type)) goto err; - if (!PKCS7_set_content(p7,ret)) goto err; - - return(1); -err: - if (ret != NULL) PKCS7_free(ret); - return(0); - } - -int PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data) - { - int i; - - i=OBJ_obj2nid(p7->type); - switch (i) - { - case NID_pkcs7_signed: - if (p7->d.sign->contents != NULL) - PKCS7_free(p7->d.sign->contents); - p7->d.sign->contents=p7_data; - break; - case NID_pkcs7_digest: - case NID_pkcs7_data: - case NID_pkcs7_enveloped: - case NID_pkcs7_signedAndEnveloped: - case NID_pkcs7_encrypted: - default: - PKCS7err(PKCS7_F_PKCS7_SET_CONTENT,PKCS7_R_UNSUPPORTED_CONTENT_TYPE); - goto err; - } - return(1); -err: - return(0); - } - -int PKCS7_set_type(PKCS7 *p7, int type) - { - ASN1_OBJECT *obj; - - PKCS7_content_free(p7); - obj=OBJ_nid2obj(type); /* will not fail */ - - switch (type) - { - case NID_pkcs7_signed: - p7->type=obj; - if ((p7->d.sign=PKCS7_SIGNED_new()) == NULL) - goto err; - ASN1_INTEGER_set(p7->d.sign->version,1); - break; - case NID_pkcs7_data: - p7->type=obj; - if ((p7->d.data=M_ASN1_OCTET_STRING_new()) == NULL) - goto err; - break; - case NID_pkcs7_signedAndEnveloped: - p7->type=obj; - if ((p7->d.signed_and_enveloped=PKCS7_SIGN_ENVELOPE_new()) - == NULL) goto err; - ASN1_INTEGER_set(p7->d.signed_and_enveloped->version,1); - break; - case NID_pkcs7_enveloped: - p7->type=obj; - if ((p7->d.enveloped=PKCS7_ENVELOPE_new()) - == NULL) goto err; - ASN1_INTEGER_set(p7->d.enveloped->version,0); - break; - case NID_pkcs7_encrypted: - p7->type=obj; - if ((p7->d.encrypted=PKCS7_ENCRYPT_new()) - == NULL) goto err; - ASN1_INTEGER_set(p7->d.encrypted->version,0); - break; - - case NID_pkcs7_digest: - default: - PKCS7err(PKCS7_F_PKCS7_SET_TYPE,PKCS7_R_UNSUPPORTED_CONTENT_TYPE); - goto err; - } - return(1); -err: - return(0); - } - -int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *psi) - { - int i,j,nid; - X509_ALGOR *alg; - STACK_OF(PKCS7_SIGNER_INFO) *signer_sk; - STACK_OF(X509_ALGOR) *md_sk; - - i=OBJ_obj2nid(p7->type); - switch (i) - { - case NID_pkcs7_signed: - signer_sk= p7->d.sign->signer_info; - md_sk= p7->d.sign->md_algs; - break; - case NID_pkcs7_signedAndEnveloped: - signer_sk= p7->d.signed_and_enveloped->signer_info; - md_sk= p7->d.signed_and_enveloped->md_algs; - break; - default: - PKCS7err(PKCS7_F_PKCS7_ADD_SIGNER,PKCS7_R_WRONG_CONTENT_TYPE); - return(0); - } - - nid=OBJ_obj2nid(psi->digest_alg->algorithm); - - /* If the digest is not currently listed, add it */ - j=0; - for (i=0; ialgorithm) == nid) - { - j=1; - break; - } - } - if (!j) /* we need to add another algorithm */ - { - if(!(alg=X509_ALGOR_new()) - || !(alg->parameter = ASN1_TYPE_new())) { - PKCS7err(PKCS7_F_PKCS7_ADD_SIGNER,ERR_R_MALLOC_FAILURE); - return(0); - } - alg->algorithm=OBJ_nid2obj(nid); - alg->parameter->type = V_ASN1_NULL; - sk_X509_ALGOR_push(md_sk,alg); - } - - sk_PKCS7_SIGNER_INFO_push(signer_sk,psi); - return(1); - } - -int PKCS7_add_certificate(PKCS7 *p7, X509 *x509) - { - int i; - STACK_OF(X509) **sk; - - i=OBJ_obj2nid(p7->type); - switch (i) - { - case NID_pkcs7_signed: - sk= &(p7->d.sign->cert); - break; - case NID_pkcs7_signedAndEnveloped: - sk= &(p7->d.signed_and_enveloped->cert); - break; - default: - PKCS7err(PKCS7_F_PKCS7_ADD_CERTIFICATE,PKCS7_R_WRONG_CONTENT_TYPE); - return(0); - } - - if (*sk == NULL) - *sk=sk_X509_new_null(); - CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509); - sk_X509_push(*sk,x509); - return(1); - } - -int PKCS7_add_crl(PKCS7 *p7, X509_CRL *crl) - { - int i; - STACK_OF(X509_CRL) **sk; - - i=OBJ_obj2nid(p7->type); - switch (i) - { - case NID_pkcs7_signed: - sk= &(p7->d.sign->crl); - break; - case NID_pkcs7_signedAndEnveloped: - sk= &(p7->d.signed_and_enveloped->crl); - break; - default: - PKCS7err(PKCS7_F_PKCS7_ADD_CRL,PKCS7_R_WRONG_CONTENT_TYPE); - return(0); - } - - if (*sk == NULL) - *sk=sk_X509_CRL_new_null(); - - CRYPTO_add(&crl->references,1,CRYPTO_LOCK_X509_CRL); - sk_X509_CRL_push(*sk,crl); - return(1); - } - -int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey, - EVP_MD *dgst) - { - char is_dsa; - if (pkey->type == EVP_PKEY_DSA) is_dsa = 1; - else is_dsa = 0; - /* We now need to add another PKCS7_SIGNER_INFO entry */ - ASN1_INTEGER_set(p7i->version,1); - X509_NAME_set(&p7i->issuer_and_serial->issuer, - X509_get_issuer_name(x509)); - - /* because ASN1_INTEGER_set is used to set a 'long' we will do - * things the ugly way. */ - M_ASN1_INTEGER_free(p7i->issuer_and_serial->serial); - p7i->issuer_and_serial->serial= - M_ASN1_INTEGER_dup(X509_get_serialNumber(x509)); - - /* lets keep the pkey around for a while */ - CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY); - p7i->pkey=pkey; - - /* Set the algorithms */ - if (is_dsa) p7i->digest_alg->algorithm=OBJ_nid2obj(NID_sha1); - else - p7i->digest_alg->algorithm=OBJ_nid2obj(EVP_MD_type(dgst)); - - if (p7i->digest_alg->parameter != NULL) - ASN1_TYPE_free(p7i->digest_alg->parameter); - if ((p7i->digest_alg->parameter=ASN1_TYPE_new()) == NULL) - goto err; - p7i->digest_alg->parameter->type=V_ASN1_NULL; - - p7i->digest_enc_alg->algorithm=OBJ_nid2obj(EVP_PKEY_type(pkey->type)); - - if (p7i->digest_enc_alg->parameter != NULL) - ASN1_TYPE_free(p7i->digest_enc_alg->parameter); - if(is_dsa) p7i->digest_enc_alg->parameter = NULL; - else { - if (!(p7i->digest_enc_alg->parameter=ASN1_TYPE_new())) - goto err; - p7i->digest_enc_alg->parameter->type=V_ASN1_NULL; - } - - return(1); -err: - return(0); - } - -PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509, EVP_PKEY *pkey, - EVP_MD *dgst) - { - PKCS7_SIGNER_INFO *si; - - if ((si=PKCS7_SIGNER_INFO_new()) == NULL) goto err; - if (!PKCS7_SIGNER_INFO_set(si,x509,pkey,dgst)) goto err; - if (!PKCS7_add_signer(p7,si)) goto err; - return(si); -err: - return(NULL); - } - -STACK_OF(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7 *p7) - { - if (PKCS7_type_is_signed(p7)) - { - return(p7->d.sign->signer_info); - } - else if (PKCS7_type_is_signedAndEnveloped(p7)) - { - return(p7->d.signed_and_enveloped->signer_info); - } - else - return(NULL); - } - -PKCS7_RECIP_INFO *PKCS7_add_recipient(PKCS7 *p7, X509 *x509) - { - PKCS7_RECIP_INFO *ri; - - if ((ri=PKCS7_RECIP_INFO_new()) == NULL) goto err; - if (!PKCS7_RECIP_INFO_set(ri,x509)) goto err; - if (!PKCS7_add_recipient_info(p7,ri)) goto err; - return(ri); -err: - return(NULL); - } - -int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri) - { - int i; - STACK_OF(PKCS7_RECIP_INFO) *sk; - - i=OBJ_obj2nid(p7->type); - switch (i) - { - case NID_pkcs7_signedAndEnveloped: - sk= p7->d.signed_and_enveloped->recipientinfo; - break; - case NID_pkcs7_enveloped: - sk= p7->d.enveloped->recipientinfo; - break; - default: - PKCS7err(PKCS7_F_PKCS7_ADD_RECIPIENT_INFO,PKCS7_R_WRONG_CONTENT_TYPE); - return(0); - } - - sk_PKCS7_RECIP_INFO_push(sk,ri); - return(1); - } - -int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509) - { - ASN1_INTEGER_set(p7i->version,0); - X509_NAME_set(&p7i->issuer_and_serial->issuer, - X509_get_issuer_name(x509)); - - M_ASN1_INTEGER_free(p7i->issuer_and_serial->serial); - p7i->issuer_and_serial->serial= - M_ASN1_INTEGER_dup(X509_get_serialNumber(x509)); - - X509_ALGOR_free(p7i->key_enc_algor); - p7i->key_enc_algor=(X509_ALGOR *)ASN1_dup(i2d_X509_ALGOR, - (char *(*)())d2i_X509_ALGOR, - (char *)x509->cert_info->key->algor); - - CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509); - p7i->cert=x509; - - return(1); - } - -X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si) - { - if (PKCS7_type_is_signed(p7)) - return(X509_find_by_issuer_and_serial(p7->d.sign->cert, - si->issuer_and_serial->issuer, - si->issuer_and_serial->serial)); - else - return(NULL); - } - -int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher) - { - int i; - ASN1_OBJECT *objtmp; - PKCS7_ENC_CONTENT *ec; - - i=OBJ_obj2nid(p7->type); - switch (i) - { - case NID_pkcs7_signedAndEnveloped: - ec=p7->d.signed_and_enveloped->enc_data; - break; - case NID_pkcs7_enveloped: - ec=p7->d.enveloped->enc_data; - break; - default: - PKCS7err(PKCS7_F_PKCS7_SET_CIPHER,PKCS7_R_WRONG_CONTENT_TYPE); - return(0); - } - - /* Check cipher OID exists and has data in it*/ - i = EVP_CIPHER_type(cipher); - if(i == NID_undef) { - PKCS7err(PKCS7_F_PKCS7_SET_CIPHER,PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER); - return(0); - } - objtmp = OBJ_nid2obj(i); - - ec->cipher = cipher; - return 1; - } - diff --git a/src/lib/libcrypto/pkcs7/pk7_mime.c b/src/lib/libcrypto/pkcs7/pk7_mime.c deleted file mode 100644 index 994473c0bd..0000000000 --- a/src/lib/libcrypto/pkcs7/pk7_mime.c +++ /dev/null @@ -1,685 +0,0 @@ -/* pk7_mime.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include "cryptlib.h" -#include -#include - -/* MIME and related routines */ - -/* MIME format structures - * Note that all are translated to lower case apart from - * parameter values. Quotes are stripped off - */ - -typedef struct { -char *param_name; /* Param name e.g. "micalg" */ -char *param_value; /* Param value e.g. "sha1" */ -} MIME_PARAM; - -DECLARE_STACK_OF(MIME_PARAM) -IMPLEMENT_STACK_OF(MIME_PARAM) - -typedef struct { -char *name; /* Name of line e.g. "content-type" */ -char *value; /* Value of line e.g. "text/plain" */ -STACK_OF(MIME_PARAM) *params; /* Zero or more parameters */ -} MIME_HEADER; - -DECLARE_STACK_OF(MIME_HEADER) -IMPLEMENT_STACK_OF(MIME_HEADER) - -static int B64_write_PKCS7(BIO *bio, PKCS7 *p7); -static PKCS7 *B64_read_PKCS7(BIO *bio); -static char * strip_ends(char *name); -static char * strip_start(char *name); -static char * strip_end(char *name); -static MIME_HEADER *mime_hdr_new(char *name, char *value); -static int mime_hdr_addparam(MIME_HEADER *mhdr, char *name, char *value); -static STACK_OF(MIME_HEADER) *mime_parse_hdr(BIO *bio); -static int mime_hdr_cmp(const MIME_HEADER * const *a, - const MIME_HEADER * const *b); -static int mime_param_cmp(const MIME_PARAM * const *a, - const MIME_PARAM * const *b); -static void mime_param_free(MIME_PARAM *param); -static int mime_bound_check(char *line, int linelen, char *bound, int blen); -static int multi_split(BIO *bio, char *bound, STACK_OF(BIO) **ret); -static int iscrlf(char c); -static MIME_HEADER *mime_hdr_find(STACK_OF(MIME_HEADER) *hdrs, char *name); -static MIME_PARAM *mime_param_find(MIME_HEADER *hdr, char *name); -static void mime_hdr_free(MIME_HEADER *hdr); - -#define MAX_SMLEN 1024 -#define mime_debug(x) /* x */ - - -typedef void (*stkfree)(); - -/* Base 64 read and write of PKCS#7 structure */ - -static int B64_write_PKCS7(BIO *bio, PKCS7 *p7) -{ - BIO *b64; - if(!(b64 = BIO_new(BIO_f_base64()))) { - PKCS7err(PKCS7_F_B64_WRITE_PKCS7,ERR_R_MALLOC_FAILURE); - return 0; - } - bio = BIO_push(b64, bio); - i2d_PKCS7_bio(bio, p7); - BIO_flush(bio); - bio = BIO_pop(bio); - BIO_free(b64); - return 1; -} - -static PKCS7 *B64_read_PKCS7(BIO *bio) -{ - BIO *b64; - PKCS7 *p7; - if(!(b64 = BIO_new(BIO_f_base64()))) { - PKCS7err(PKCS7_F_B64_READ_PKCS7,ERR_R_MALLOC_FAILURE); - return 0; - } - bio = BIO_push(b64, bio); - if(!(p7 = d2i_PKCS7_bio(bio, NULL))) - PKCS7err(PKCS7_F_B64_READ_PKCS7,PKCS7_R_DECODE_ERROR); - BIO_flush(bio); - bio = BIO_pop(bio); - BIO_free(b64); - return p7; -} - -/* SMIME sender */ - -int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags) -{ - char linebuf[MAX_SMLEN]; - char bound[33], c; - int i; - if((flags & PKCS7_DETACHED) && data) { - /* We want multipart/signed */ - /* Generate a random boundary */ - RAND_pseudo_bytes((unsigned char *)bound, 32); - for(i = 0; i < 32; i++) { - c = bound[i] & 0xf; - if(c < 10) c += '0'; - else c += 'A' - 10; - bound[i] = c; - } - bound[32] = 0; - BIO_printf(bio, "MIME-Version: 1.0\n"); - BIO_printf(bio, "Content-Type: multipart/signed ; "); - BIO_printf(bio, "protocol=\"application/x-pkcs7-signature\" ; "); - BIO_printf(bio, "micalg=sha1 ; boundary=\"----%s\"\n\n", bound); - BIO_printf(bio, "This is an S/MIME signed message\n\n"); - /* Now write out the first part */ - BIO_printf(bio, "------%s\n", bound); - if(flags & PKCS7_TEXT) BIO_printf(bio, "Content-Type: text/plain\n\n"); - while((i = BIO_read(data, linebuf, MAX_SMLEN)) > 0) - BIO_write(bio, linebuf, i); - BIO_printf(bio, "\n------%s\n", bound); - - /* Headers for signature */ - - BIO_printf(bio, "Content-Type: application/x-pkcs7-signature; name=\"smime.p7s\"\n"); - BIO_printf(bio, "Content-Transfer-Encoding: base64\n"); - BIO_printf(bio, "Content-Disposition: attachment; filename=\"smime.p7s\"\n\n"); - B64_write_PKCS7(bio, p7); - BIO_printf(bio,"\n------%s--\n\n", bound); - return 1; - } - /* MIME headers */ - BIO_printf(bio, "MIME-Version: 1.0\n"); - BIO_printf(bio, "Content-Disposition: attachment; filename=\"smime.p7m\"\n"); - BIO_printf(bio, "Content-Type: application/x-pkcs7-mime; name=\"smime.p7m\"\n"); - BIO_printf(bio, "Content-Transfer-Encoding: base64\n\n"); - B64_write_PKCS7(bio, p7); - BIO_printf(bio, "\n"); - return 1; -} - -/* SMIME reader: handle multipart/signed and opaque signing. - * in multipart case the content is placed in a memory BIO - * pointed to by "bcont". In opaque this is set to NULL - */ - -PKCS7 *SMIME_read_PKCS7(BIO *bio, BIO **bcont) -{ - BIO *p7in; - STACK_OF(MIME_HEADER) *headers = NULL; - STACK_OF(BIO) *parts = NULL; - MIME_HEADER *hdr; - MIME_PARAM *prm; - PKCS7 *p7; - int ret; - - if(bcont) *bcont = NULL; - - if (!(headers = mime_parse_hdr(bio))) { - PKCS7err(PKCS7_F_SMIME_READ_PKCS7,PKCS7_R_MIME_PARSE_ERROR); - return NULL; - } - - if(!(hdr = mime_hdr_find(headers, "content-type")) || !hdr->value) { - sk_MIME_HEADER_pop_free(headers, mime_hdr_free); - PKCS7err(PKCS7_F_SMIME_READ_PKCS7, PKCS7_R_NO_CONTENT_TYPE); - return NULL; - } - - /* Handle multipart/signed */ - - if(!strcmp(hdr->value, "multipart/signed")) { - /* Split into two parts */ - prm = mime_param_find(hdr, "boundary"); - if(!prm || !prm->param_value) { - sk_MIME_HEADER_pop_free(headers, mime_hdr_free); - PKCS7err(PKCS7_F_SMIME_READ_PKCS7, PKCS7_R_NO_MULTIPART_BOUNDARY); - return NULL; - } - ret = multi_split(bio, prm->param_value, &parts); - sk_MIME_HEADER_pop_free(headers, mime_hdr_free); - if(!ret || (sk_BIO_num(parts) != 2) ) { - PKCS7err(PKCS7_F_SMIME_READ_PKCS7, PKCS7_R_NO_MULTIPART_BODY_FAILURE); - sk_BIO_pop_free(parts, BIO_vfree); - return NULL; - } - - /* Parse the signature piece */ - p7in = sk_BIO_value(parts, 1); - - if (!(headers = mime_parse_hdr(p7in))) { - PKCS7err(PKCS7_F_SMIME_READ_PKCS7,PKCS7_R_MIME_SIG_PARSE_ERROR); - sk_BIO_pop_free(parts, BIO_vfree); - return NULL; - } - - /* Get content type */ - - if(!(hdr = mime_hdr_find(headers, "content-type")) || - !hdr->value) { - sk_MIME_HEADER_pop_free(headers, mime_hdr_free); - PKCS7err(PKCS7_F_SMIME_READ_PKCS7, PKCS7_R_NO_SIG_CONTENT_TYPE); - return NULL; - } - - if(strcmp(hdr->value, "application/x-pkcs7-signature") && - strcmp(hdr->value, "application/pkcs7-signature")) { - sk_MIME_HEADER_pop_free(headers, mime_hdr_free); - PKCS7err(PKCS7_F_SMIME_READ_PKCS7,PKCS7_R_SIG_INVALID_MIME_TYPE); - ERR_add_error_data(2, "type: ", hdr->value); - sk_BIO_pop_free(parts, BIO_vfree); - return NULL; - } - sk_MIME_HEADER_pop_free(headers, mime_hdr_free); - /* Read in PKCS#7 */ - if(!(p7 = B64_read_PKCS7(p7in))) { - PKCS7err(PKCS7_F_SMIME_READ_PKCS7,PKCS7_R_PKCS7_SIG_PARSE_ERROR); - sk_BIO_pop_free(parts, BIO_vfree); - return NULL; - } - - if(bcont) { - *bcont = sk_BIO_value(parts, 0); - BIO_free(p7in); - sk_BIO_free(parts); - } else sk_BIO_pop_free(parts, BIO_vfree); - return p7; - } - - /* OK, if not multipart/signed try opaque signature */ - - if (strcmp (hdr->value, "application/x-pkcs7-mime") && - strcmp (hdr->value, "application/pkcs7-mime")) { - PKCS7err(PKCS7_F_SMIME_READ_PKCS7,PKCS7_R_INVALID_MIME_TYPE); - ERR_add_error_data(2, "type: ", hdr->value); - sk_MIME_HEADER_pop_free(headers, mime_hdr_free); - return NULL; - } - - sk_MIME_HEADER_pop_free(headers, mime_hdr_free); - - if(!(p7 = B64_read_PKCS7(bio))) { - PKCS7err(PKCS7_F_SMIME_READ_PKCS7, PKCS7_R_PKCS7_PARSE_ERROR); - return NULL; - } - return p7; - -} - -/* Copy text from one BIO to another making the output CRLF at EOL */ -int SMIME_crlf_copy(BIO *in, BIO *out, int flags) -{ - char eol; - int len; - char linebuf[MAX_SMLEN]; - if(flags & PKCS7_BINARY) { - while((len = BIO_read(in, linebuf, MAX_SMLEN)) > 0) - BIO_write(out, linebuf, len); - return 1; - } - if(flags & PKCS7_TEXT) BIO_printf(out, "Content-Type: text/plain\r\n\r\n"); - while ((len = BIO_gets(in, linebuf, MAX_SMLEN)) > 0) { - eol = 0; - while(iscrlf(linebuf[len - 1])) { - len--; - eol = 1; - } - BIO_write(out, linebuf, len); - if(eol) BIO_write(out, "\r\n", 2); - } - return 1; -} - -/* Strip off headers if they are text/plain */ -int SMIME_text(BIO *in, BIO *out) -{ - char iobuf[4096]; - int len; - STACK_OF(MIME_HEADER) *headers; - MIME_HEADER *hdr; - - if (!(headers = mime_parse_hdr(in))) { - PKCS7err(PKCS7_F_SMIME_TEXT,PKCS7_R_MIME_PARSE_ERROR); - return 0; - } - if(!(hdr = mime_hdr_find(headers, "content-type")) || !hdr->value) { - PKCS7err(PKCS7_F_SMIME_TEXT,PKCS7_R_MIME_NO_CONTENT_TYPE); - sk_MIME_HEADER_pop_free(headers, mime_hdr_free); - return 0; - } - if (strcmp (hdr->value, "text/plain")) { - PKCS7err(PKCS7_F_SMIME_TEXT,PKCS7_R_INVALID_MIME_TYPE); - ERR_add_error_data(2, "type: ", hdr->value); - sk_MIME_HEADER_pop_free(headers, mime_hdr_free); - return 0; - } - sk_MIME_HEADER_pop_free(headers, mime_hdr_free); - while ((len = BIO_read(in, iobuf, sizeof(iobuf))) > 0) - BIO_write(out, iobuf, len); - return 1; -} - -/* Split a multipart/XXX message body into component parts: result is - * canonical parts in a STACK of bios - */ - -static int multi_split(BIO *bio, char *bound, STACK_OF(BIO) **ret) -{ - char linebuf[MAX_SMLEN]; - int len, blen; - BIO *bpart = NULL; - STACK_OF(BIO) *parts; - char state, part, first; - - blen = strlen(bound); - part = 0; - state = 0; - first = 1; - parts = sk_BIO_new_null(); - *ret = parts; - while ((len = BIO_gets(bio, linebuf, MAX_SMLEN)) > 0) { - state = mime_bound_check(linebuf, len, bound, blen); - if(state == 1) { - first = 1; - part++; - } else if(state == 2) { - sk_BIO_push(parts, bpart); - return 1; - } else if(part) { - if(first) { - first = 0; - if(bpart) sk_BIO_push(parts, bpart); - bpart = BIO_new(BIO_s_mem()); - - } else BIO_write(bpart, "\r\n", 2); - /* Strip CR+LF from linebuf */ - while(iscrlf(linebuf[len - 1])) len--; - BIO_write(bpart, linebuf, len); - } - } - return 0; -} - -static int iscrlf(char c) -{ - if(c == '\r' || c == '\n') return 1; - return 0; -} - -/* This is the big one: parse MIME header lines up to message body */ - -#define MIME_INVALID 0 -#define MIME_START 1 -#define MIME_TYPE 2 -#define MIME_NAME 3 -#define MIME_VALUE 4 -#define MIME_QUOTE 5 -#define MIME_COMMENT 6 - - -static STACK_OF(MIME_HEADER) *mime_parse_hdr(BIO *bio) -{ - char *p, *q, c; - char *ntmp; - char linebuf[MAX_SMLEN]; - MIME_HEADER *mhdr = NULL; - STACK_OF(MIME_HEADER) *headers; - int len, state, save_state = 0; - - headers = sk_MIME_HEADER_new(mime_hdr_cmp); - while ((len = BIO_gets(bio, linebuf, MAX_SMLEN)) > 0) { - /* If whitespace at line start then continuation line */ - if(mhdr && isspace((unsigned char)linebuf[0])) state = MIME_NAME; - else state = MIME_START; - ntmp = NULL; - /* Go through all characters */ - for(p = linebuf, q = linebuf; (c = *p) && (c!='\r') && (c!='\n'); p++) { - - /* State machine to handle MIME headers - * if this looks horrible that's because it *is* - */ - - switch(state) { - case MIME_START: - if(c == ':') { - state = MIME_TYPE; - *p = 0; - ntmp = strip_ends(q); - q = p + 1; - } - break; - - case MIME_TYPE: - if(c == ';') { - mime_debug("Found End Value\n"); - *p = 0; - mhdr = mime_hdr_new(ntmp, strip_ends(q)); - sk_MIME_HEADER_push(headers, mhdr); - ntmp = NULL; - q = p + 1; - state = MIME_NAME; - } else if(c == '(') { - save_state = state; - state = MIME_COMMENT; - } - break; - - case MIME_COMMENT: - if(c == ')') { - state = save_state; - } - break; - - case MIME_NAME: - if(c == '=') { - state = MIME_VALUE; - *p = 0; - ntmp = strip_ends(q); - q = p + 1; - } - break ; - - case MIME_VALUE: - if(c == ';') { - state = MIME_NAME; - *p = 0; - mime_hdr_addparam(mhdr, ntmp, strip_ends(q)); - ntmp = NULL; - q = p + 1; - } else if (c == '"') { - mime_debug("Found Quote\n"); - state = MIME_QUOTE; - } else if(c == '(') { - save_state = state; - state = MIME_COMMENT; - } - break; - - case MIME_QUOTE: - if(c == '"') { - mime_debug("Found Match Quote\n"); - state = MIME_VALUE; - } - break; - } - } - - if(state == MIME_TYPE) { - mhdr = mime_hdr_new(ntmp, strip_ends(q)); - sk_MIME_HEADER_push(headers, mhdr); - } else if(state == MIME_VALUE) - mime_hdr_addparam(mhdr, ntmp, strip_ends(q)); - if(p == linebuf) break; /* Blank line means end of headers */ -} - -return headers; - -} - -static char *strip_ends(char *name) -{ - return strip_end(strip_start(name)); -} - -/* Strip a parameter of whitespace from start of param */ -static char *strip_start(char *name) -{ - char *p, c; - /* Look for first non white space or quote */ - for(p = name; (c = *p) ;p++) { - if(c == '"') { - /* Next char is start of string if non null */ - if(p[1]) return p + 1; - /* Else null string */ - return NULL; - } - if(!isspace((unsigned char)c)) return p; - } - return NULL; -} - -/* As above but strip from end of string : maybe should handle brackets? */ -static char *strip_end(char *name) -{ - char *p, c; - if(!name) return NULL; - /* Look for first non white space or quote */ - for(p = name + strlen(name) - 1; p >= name ;p--) { - c = *p; - if(c == '"') { - if(p - 1 == name) return NULL; - *p = 0; - return name; - } - if(isspace((unsigned char)c)) *p = 0; - else return name; - } - return NULL; -} - -static MIME_HEADER *mime_hdr_new(char *name, char *value) -{ - MIME_HEADER *mhdr; - char *tmpname, *tmpval, *p; - int c; - if(name) { - if(!(tmpname = BUF_strdup(name))) return NULL; - for(p = tmpname ; *p; p++) { - c = *p; - if(isupper(c)) { - c = tolower(c); - *p = c; - } - } - } else tmpname = NULL; - if(value) { - if(!(tmpval = BUF_strdup(value))) return NULL; - for(p = tmpval ; *p; p++) { - c = *p; - if(isupper(c)) { - c = tolower(c); - *p = c; - } - } - } else tmpval = NULL; - mhdr = (MIME_HEADER *) OPENSSL_malloc(sizeof(MIME_HEADER)); - if(!mhdr) return NULL; - mhdr->name = tmpname; - mhdr->value = tmpval; - if(!(mhdr->params = sk_MIME_PARAM_new(mime_param_cmp))) return NULL; - return mhdr; -} - -static int mime_hdr_addparam(MIME_HEADER *mhdr, char *name, char *value) -{ - char *tmpname, *tmpval, *p; - int c; - MIME_PARAM *mparam; - if(name) { - tmpname = BUF_strdup(name); - if(!tmpname) return 0; - for(p = tmpname ; *p; p++) { - c = *p; - if(isupper(c)) { - c = tolower(c); - *p = c; - } - } - } else tmpname = NULL; - if(value) { - tmpval = BUF_strdup(value); - if(!tmpval) return 0; - } else tmpval = NULL; - /* Parameter values are case sensitive so leave as is */ - mparam = (MIME_PARAM *) OPENSSL_malloc(sizeof(MIME_PARAM)); - if(!mparam) return 0; - mparam->param_name = tmpname; - mparam->param_value = tmpval; - sk_MIME_PARAM_push(mhdr->params, mparam); - return 1; -} - -static int mime_hdr_cmp(const MIME_HEADER * const *a, - const MIME_HEADER * const *b) -{ - return(strcmp((*a)->name, (*b)->name)); -} - -static int mime_param_cmp(const MIME_PARAM * const *a, - const MIME_PARAM * const *b) -{ - return(strcmp((*a)->param_name, (*b)->param_name)); -} - -/* Find a header with a given name (if possible) */ - -static MIME_HEADER *mime_hdr_find(STACK_OF(MIME_HEADER) *hdrs, char *name) -{ - MIME_HEADER htmp; - int idx; - htmp.name = name; - idx = sk_MIME_HEADER_find(hdrs, &htmp); - if(idx < 0) return NULL; - return sk_MIME_HEADER_value(hdrs, idx); -} - -static MIME_PARAM *mime_param_find(MIME_HEADER *hdr, char *name) -{ - MIME_PARAM param; - int idx; - param.param_name = name; - idx = sk_MIME_PARAM_find(hdr->params, ¶m); - if(idx < 0) return NULL; - return sk_MIME_PARAM_value(hdr->params, idx); -} - -static void mime_hdr_free(MIME_HEADER *hdr) -{ - if(hdr->name) OPENSSL_free(hdr->name); - if(hdr->value) OPENSSL_free(hdr->value); - if(hdr->params) sk_MIME_PARAM_pop_free(hdr->params, mime_param_free); - OPENSSL_free(hdr); -} - -static void mime_param_free(MIME_PARAM *param) -{ - if(param->param_name) OPENSSL_free(param->param_name); - if(param->param_value) OPENSSL_free(param->param_value); - OPENSSL_free(param); -} - -/* Check for a multipart boundary. Returns: - * 0 : no boundary - * 1 : part boundary - * 2 : final boundary - */ -static int mime_bound_check(char *line, int linelen, char *bound, int blen) -{ - if(linelen == -1) linelen = strlen(line); - if(blen == -1) blen = strlen(bound); - /* Quickly eliminate if line length too short */ - if(blen + 2 > linelen) return 0; - /* Check for part boundary */ - if(!strncmp(line, "--", 2) && !strncmp(line + 2, bound, blen)) { - if(!strncmp(line + blen + 2, "--", 2)) return 2; - else return 1; - } - return 0; -} diff --git a/src/lib/libcrypto/pkcs7/pk7_smime.c b/src/lib/libcrypto/pkcs7/pk7_smime.c deleted file mode 100644 index d716f9faeb..0000000000 --- a/src/lib/libcrypto/pkcs7/pk7_smime.c +++ /dev/null @@ -1,435 +0,0 @@ -/* pk7_smime.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* Simple PKCS#7 processing functions */ - -#include -#include "cryptlib.h" -#include -#include - -PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, - BIO *data, int flags) -{ - PKCS7 *p7; - PKCS7_SIGNER_INFO *si; - BIO *p7bio; - STACK_OF(X509_ALGOR) *smcap; - int i; - - if(!X509_check_private_key(signcert, pkey)) { - PKCS7err(PKCS7_F_PKCS7_SIGN,PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE); - return NULL; - } - - if(!(p7 = PKCS7_new())) { - PKCS7err(PKCS7_F_PKCS7_SIGN,ERR_R_MALLOC_FAILURE); - return NULL; - } - - PKCS7_set_type(p7, NID_pkcs7_signed); - - PKCS7_content_new(p7, NID_pkcs7_data); - - if (!(si = PKCS7_add_signature(p7,signcert,pkey,EVP_sha1()))) { - PKCS7err(PKCS7_F_PKCS7_SIGN,PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR); - return NULL; - } - - if(!(flags & PKCS7_NOCERTS)) { - PKCS7_add_certificate(p7, signcert); - if(certs) for(i = 0; i < sk_X509_num(certs); i++) - PKCS7_add_certificate(p7, sk_X509_value(certs, i)); - } - - if(!(p7bio = PKCS7_dataInit(p7, NULL))) { - PKCS7err(PKCS7_F_PKCS7_SIGN,ERR_R_MALLOC_FAILURE); - return NULL; - } - - - SMIME_crlf_copy(data, p7bio, flags); - - if(!(flags & PKCS7_NOATTR)) { - PKCS7_add_signed_attribute(si, NID_pkcs9_contentType, - V_ASN1_OBJECT, OBJ_nid2obj(NID_pkcs7_data)); - /* Add SMIMECapabilities */ - if(!(flags & PKCS7_NOSMIMECAP)) - { - if(!(smcap = sk_X509_ALGOR_new_null())) { - PKCS7err(PKCS7_F_PKCS7_SIGN,ERR_R_MALLOC_FAILURE); - return NULL; - } -#ifndef NO_DES - PKCS7_simple_smimecap (smcap, NID_des_ede3_cbc, -1); -#endif -#ifndef NO_RC2 - PKCS7_simple_smimecap (smcap, NID_rc2_cbc, 128); - PKCS7_simple_smimecap (smcap, NID_rc2_cbc, 64); -#endif -#ifndef NO_DES - PKCS7_simple_smimecap (smcap, NID_des_cbc, -1); -#endif -#ifndef NO_RC2 - PKCS7_simple_smimecap (smcap, NID_rc2_cbc, 40); -#endif - PKCS7_add_attrib_smimecap (si, smcap); - sk_X509_ALGOR_pop_free(smcap, X509_ALGOR_free); - } - } - - if(flags & PKCS7_DETACHED)PKCS7_set_detached(p7, 1); - - if (!PKCS7_dataFinal(p7,p7bio)) { - PKCS7err(PKCS7_F_PKCS7_SIGN,PKCS7_R_PKCS7_DATASIGN); - return NULL; - } - - BIO_free_all(p7bio); - return p7; -} - -int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, - BIO *indata, BIO *out, int flags) -{ - STACK_OF(X509) *signers; - X509 *signer; - STACK_OF(PKCS7_SIGNER_INFO) *sinfos; - PKCS7_SIGNER_INFO *si; - X509_STORE_CTX cert_ctx; - char buf[4096]; - int i, j=0, k; - BIO *p7bio; - BIO *tmpout; - - if(!p7) { - PKCS7err(PKCS7_F_PKCS7_VERIFY,PKCS7_R_INVALID_NULL_POINTER); - return 0; - } - - if(!PKCS7_type_is_signed(p7)) { - PKCS7err(PKCS7_F_PKCS7_VERIFY,PKCS7_R_WRONG_CONTENT_TYPE); - return 0; - } - - /* Check for no data and no content: no data to verify signature */ - if(PKCS7_get_detached(p7) && !indata) { - PKCS7err(PKCS7_F_PKCS7_VERIFY,PKCS7_R_NO_CONTENT); - return 0; - } -#if 0 - /* NB: this test commented out because some versions of Netscape - * illegally include zero length content when signing data. - */ - - /* Check for data and content: two sets of data */ - if(!PKCS7_get_detached(p7) && indata) { - PKCS7err(PKCS7_F_PKCS7_VERIFY,PKCS7_R_CONTENT_AND_DATA_PRESENT); - return 0; - } -#endif - - sinfos = PKCS7_get_signer_info(p7); - - if(!sinfos || !sk_PKCS7_SIGNER_INFO_num(sinfos)) { - PKCS7err(PKCS7_F_PKCS7_VERIFY,PKCS7_R_NO_SIGNATURES_ON_DATA); - return 0; - } - - - signers = PKCS7_get0_signers(p7, certs, flags); - - if(!signers) return 0; - - /* Now verify the certificates */ - - if (!(flags & PKCS7_NOVERIFY)) for (k = 0; k < sk_X509_num(signers); k++) { - signer = sk_X509_value (signers, k); - if (!(flags & PKCS7_NOCHAIN)) { - X509_STORE_CTX_init(&cert_ctx, store, signer, - p7->d.sign->cert); - X509_STORE_CTX_set_purpose(&cert_ctx, - X509_PURPOSE_SMIME_SIGN); - } else X509_STORE_CTX_init (&cert_ctx, store, signer, NULL); - i = X509_verify_cert(&cert_ctx); - if (i <= 0) j = X509_STORE_CTX_get_error(&cert_ctx); - X509_STORE_CTX_cleanup(&cert_ctx); - if (i <= 0) { - PKCS7err(PKCS7_F_PKCS7_VERIFY,PKCS7_R_CERTIFICATE_VERIFY_ERROR); - ERR_add_error_data(2, "Verify error:", - X509_verify_cert_error_string(j)); - sk_X509_free(signers); - return 0; - } - /* Check for revocation status here */ - } - - p7bio=PKCS7_dataInit(p7,indata); - - if(flags & PKCS7_TEXT) { - if(!(tmpout = BIO_new(BIO_s_mem()))) { - PKCS7err(PKCS7_F_PKCS7_VERIFY,ERR_R_MALLOC_FAILURE); - goto err; - } - } else tmpout = out; - - /* We now have to 'read' from p7bio to calculate digests etc. */ - for (;;) - { - i=BIO_read(p7bio,buf,sizeof(buf)); - if (i <= 0) break; - if (tmpout) BIO_write(tmpout, buf, i); - } - - if(flags & PKCS7_TEXT) { - if(!SMIME_text(tmpout, out)) { - PKCS7err(PKCS7_F_PKCS7_VERIFY,PKCS7_R_SMIME_TEXT_ERROR); - BIO_free(tmpout); - goto err; - } - BIO_free(tmpout); - } - - /* Now Verify All Signatures */ - if (!(flags & PKCS7_NOSIGS)) - for (i=0; iissuer_and_serial; - signer = NULL; - /* If any certificates passed they take priority */ - if (certs) signer = X509_find_by_issuer_and_serial (certs, - ias->issuer, ias->serial); - if (!signer && !(flags & PKCS7_NOINTERN) - && p7->d.sign->cert) signer = - X509_find_by_issuer_and_serial (p7->d.sign->cert, - ias->issuer, ias->serial); - if (!signer) { - PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS,PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND); - sk_X509_free(signers); - return 0; - } - - sk_X509_push(signers, signer); - } - return signers; -} - - -/* Build a complete PKCS#7 enveloped data */ - -PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, EVP_CIPHER *cipher, - int flags) -{ - PKCS7 *p7; - BIO *p7bio = NULL; - int i; - X509 *x509; - if(!(p7 = PKCS7_new())) { - PKCS7err(PKCS7_F_PKCS7_ENCRYPT,ERR_R_MALLOC_FAILURE); - return NULL; - } - - PKCS7_set_type(p7, NID_pkcs7_enveloped); - if(!PKCS7_set_cipher(p7, cipher)) { - PKCS7err(PKCS7_F_PKCS7_ENCRYPT,PKCS7_R_ERROR_SETTING_CIPHER); - goto err; - } - - for(i = 0; i < sk_X509_num(certs); i++) { - x509 = sk_X509_value(certs, i); - if(!PKCS7_add_recipient(p7, x509)) { - PKCS7err(PKCS7_F_PKCS7_ENCRYPT, - PKCS7_R_ERROR_ADDING_RECIPIENT); - goto err; - } - } - - if(!(p7bio = PKCS7_dataInit(p7, NULL))) { - PKCS7err(PKCS7_F_PKCS7_ENCRYPT,ERR_R_MALLOC_FAILURE); - goto err; - } - - SMIME_crlf_copy(in, p7bio, flags); - - BIO_flush(p7bio); - - if (!PKCS7_dataFinal(p7,p7bio)) { - PKCS7err(PKCS7_F_PKCS7_ENCRYPT,PKCS7_R_PKCS7_DATAFINAL_ERROR); - goto err; - } - BIO_free_all(p7bio); - - return p7; - - err: - - BIO_free(p7bio); - PKCS7_free(p7); - return NULL; - -} - -int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags) -{ - BIO *tmpmem; - int ret, i; - char buf[4096]; - - if(!p7) { - PKCS7err(PKCS7_F_PKCS7_DECRYPT,PKCS7_R_INVALID_NULL_POINTER); - return 0; - } - - if(!PKCS7_type_is_enveloped(p7)) { - PKCS7err(PKCS7_F_PKCS7_DECRYPT,PKCS7_R_WRONG_CONTENT_TYPE); - return 0; - } - - if(!X509_check_private_key(cert, pkey)) { - PKCS7err(PKCS7_F_PKCS7_DECRYPT, - PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE); - return 0; - } - - if(!(tmpmem = PKCS7_dataDecode(p7, pkey, NULL, cert))) { - PKCS7err(PKCS7_F_PKCS7_DECRYPT, PKCS7_R_DECRYPT_ERROR); - return 0; - } - - if (flags & PKCS7_TEXT) { - BIO *tmpbuf, *bread; - /* Encrypt BIOs can't do BIO_gets() so add a buffer BIO */ - if(!(tmpbuf = BIO_new(BIO_f_buffer()))) { - PKCS7err(PKCS7_F_PKCS7_DECRYPT, ERR_R_MALLOC_FAILURE); - return 0; - } - if(!(bread = BIO_push(tmpbuf, tmpmem))) { - PKCS7err(PKCS7_F_PKCS7_DECRYPT, ERR_R_MALLOC_FAILURE); - return 0; - } - ret = SMIME_text(bread, data); - BIO_free_all(bread); - return ret; - } else { - for(;;) { - i = BIO_read(tmpmem, buf, sizeof(buf)); - if(i <= 0) break; - BIO_write(data, buf, i); - } - BIO_free_all(tmpmem); - return 1; - } -} diff --git a/src/lib/libcrypto/pkcs7/pkcs7.h b/src/lib/libcrypto/pkcs7/pkcs7.h deleted file mode 100644 index 1b817e605d..0000000000 --- a/src/lib/libcrypto/pkcs7/pkcs7.h +++ /dev/null @@ -1,505 +0,0 @@ -/* crypto/pkcs7/pkcs7.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_PKCS7_H -#define HEADER_PKCS7_H - -#include -#include - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -#ifdef WIN32 -/* Under Win32 thes are defined in wincrypt.h */ -#undef PKCS7_ISSUER_AND_SERIAL -#undef PKCS7_SIGNER_INFO -#endif - -/* -Encryption_ID DES-CBC -Digest_ID MD5 -Digest_Encryption_ID rsaEncryption -Key_Encryption_ID rsaEncryption -*/ - -typedef struct pkcs7_issuer_and_serial_st - { - X509_NAME *issuer; - ASN1_INTEGER *serial; - } PKCS7_ISSUER_AND_SERIAL; - -typedef struct pkcs7_signer_info_st - { - ASN1_INTEGER *version; /* version 1 */ - PKCS7_ISSUER_AND_SERIAL *issuer_and_serial; - X509_ALGOR *digest_alg; - STACK_OF(X509_ATTRIBUTE) *auth_attr; /* [ 0 ] */ - X509_ALGOR *digest_enc_alg; - ASN1_OCTET_STRING *enc_digest; - STACK_OF(X509_ATTRIBUTE) *unauth_attr; /* [ 1 ] */ - - /* The private key to sign with */ - EVP_PKEY *pkey; - } PKCS7_SIGNER_INFO; - -DECLARE_STACK_OF(PKCS7_SIGNER_INFO) -DECLARE_ASN1_SET_OF(PKCS7_SIGNER_INFO) - -typedef struct pkcs7_recip_info_st - { - ASN1_INTEGER *version; /* version 0 */ - PKCS7_ISSUER_AND_SERIAL *issuer_and_serial; - X509_ALGOR *key_enc_algor; - ASN1_OCTET_STRING *enc_key; - X509 *cert; /* get the pub-key from this */ - } PKCS7_RECIP_INFO; - -DECLARE_STACK_OF(PKCS7_RECIP_INFO) -DECLARE_ASN1_SET_OF(PKCS7_RECIP_INFO) - -typedef struct pkcs7_signed_st - { - ASN1_INTEGER *version; /* version 1 */ - STACK_OF(X509_ALGOR) *md_algs; /* md used */ - STACK_OF(X509) *cert; /* [ 0 ] */ - STACK_OF(X509_CRL) *crl; /* [ 1 ] */ - STACK_OF(PKCS7_SIGNER_INFO) *signer_info; - - struct pkcs7_st *contents; - } PKCS7_SIGNED; -/* The above structure is very very similar to PKCS7_SIGN_ENVELOPE. - * How about merging the two */ - -typedef struct pkcs7_enc_content_st - { - ASN1_OBJECT *content_type; - X509_ALGOR *algorithm; - ASN1_OCTET_STRING *enc_data; /* [ 0 ] */ - const EVP_CIPHER *cipher; - } PKCS7_ENC_CONTENT; - -typedef struct pkcs7_enveloped_st - { - ASN1_INTEGER *version; /* version 0 */ - STACK_OF(PKCS7_RECIP_INFO) *recipientinfo; - PKCS7_ENC_CONTENT *enc_data; - } PKCS7_ENVELOPE; - -typedef struct pkcs7_signedandenveloped_st - { - ASN1_INTEGER *version; /* version 1 */ - STACK_OF(X509_ALGOR) *md_algs; /* md used */ - STACK_OF(X509) *cert; /* [ 0 ] */ - STACK_OF(X509_CRL) *crl; /* [ 1 ] */ - STACK_OF(PKCS7_SIGNER_INFO) *signer_info; - - PKCS7_ENC_CONTENT *enc_data; - STACK_OF(PKCS7_RECIP_INFO) *recipientinfo; - } PKCS7_SIGN_ENVELOPE; - -typedef struct pkcs7_digest_st - { - ASN1_INTEGER *version; /* version 0 */ - X509_ALGOR *md; /* md used */ - struct pkcs7_st *contents; - ASN1_OCTET_STRING *digest; - } PKCS7_DIGEST; - -typedef struct pkcs7_encrypted_st - { - ASN1_INTEGER *version; /* version 0 */ - PKCS7_ENC_CONTENT *enc_data; - } PKCS7_ENCRYPT; - -typedef struct pkcs7_st - { - /* The following is non NULL if it contains ASN1 encoding of - * this structure */ - unsigned char *asn1; - long length; - -#define PKCS7_S_HEADER 0 -#define PKCS7_S_BODY 1 -#define PKCS7_S_TAIL 2 - int state; /* used during processing */ - - int detached; - - ASN1_OBJECT *type; - /* content as defined by the type */ - /* all encryption/message digests are applied to the 'contents', - * leaving out the 'type' field. */ - union { - char *ptr; - - /* NID_pkcs7_data */ - ASN1_OCTET_STRING *data; - - /* NID_pkcs7_signed */ - PKCS7_SIGNED *sign; - - /* NID_pkcs7_enveloped */ - PKCS7_ENVELOPE *enveloped; - - /* NID_pkcs7_signedAndEnveloped */ - PKCS7_SIGN_ENVELOPE *signed_and_enveloped; - - /* NID_pkcs7_digest */ - PKCS7_DIGEST *digest; - - /* NID_pkcs7_encrypted */ - PKCS7_ENCRYPT *encrypted; - - /* Anything else */ - ASN1_TYPE *other; - } d; - } PKCS7; - -DECLARE_STACK_OF(PKCS7) -DECLARE_ASN1_SET_OF(PKCS7) -DECLARE_PKCS12_STACK_OF(PKCS7) - -#define PKCS7_OP_SET_DETACHED_SIGNATURE 1 -#define PKCS7_OP_GET_DETACHED_SIGNATURE 2 - -#define PKCS7_get_signed_attributes(si) ((si)->auth_attr) -#define PKCS7_get_attributes(si) ((si)->unauth_attr) - -#define PKCS7_type_is_signed(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_signed) -#define PKCS7_type_is_enveloped(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_enveloped) -#define PKCS7_type_is_signedAndEnveloped(a) \ - (OBJ_obj2nid((a)->type) == NID_pkcs7_signedAndEnveloped) -#define PKCS7_type_is_data(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_data) - -#define PKCS7_set_detached(p,v) \ - PKCS7_ctrl(p,PKCS7_OP_SET_DETACHED_SIGNATURE,v,NULL) -#define PKCS7_get_detached(p) \ - PKCS7_ctrl(p,PKCS7_OP_GET_DETACHED_SIGNATURE,0,NULL) - -#ifdef SSLEAY_MACROS -#ifndef PKCS7_ISSUER_AND_SERIAL_digest -#define PKCS7_ISSUER_AND_SERIAL_digest(data,type,md,len) \ - ASN1_digest((int (*)())i2d_PKCS7_ISSUER_AND_SERIAL,type,\ - (char *)data,md,len) -#endif -#endif - -/* S/MIME related flags */ - -#define PKCS7_TEXT 0x1 -#define PKCS7_NOCERTS 0x2 -#define PKCS7_NOSIGS 0x4 -#define PKCS7_NOCHAIN 0x8 -#define PKCS7_NOINTERN 0x10 -#define PKCS7_NOVERIFY 0x20 -#define PKCS7_DETACHED 0x40 -#define PKCS7_BINARY 0x80 -#define PKCS7_NOATTR 0x100 -#define PKCS7_NOSMIMECAP 0x200 - -/* Flags: for compatibility with older code */ - -#define SMIME_TEXT PKCS7_TEXT -#define SMIME_NOCERTS PKCS7_NOCERTS -#define SMIME_NOSIGS PKCS7_NOSIGS -#define SMIME_NOCHAIN PKCS7_NOCHAIN -#define SMIME_NOINTERN PKCS7_NOINTERN -#define SMIME_NOVERIFY PKCS7_NOVERIFY -#define SMIME_DETACHED PKCS7_DETACHED -#define SMIME_BINARY PKCS7_BINARY -#define SMIME_NOATTR PKCS7_NOATTR - -PKCS7_ISSUER_AND_SERIAL *PKCS7_ISSUER_AND_SERIAL_new(void ); -void PKCS7_ISSUER_AND_SERIAL_free( - PKCS7_ISSUER_AND_SERIAL *a); -int i2d_PKCS7_ISSUER_AND_SERIAL( - PKCS7_ISSUER_AND_SERIAL *a,unsigned char **pp); -PKCS7_ISSUER_AND_SERIAL *d2i_PKCS7_ISSUER_AND_SERIAL( - PKCS7_ISSUER_AND_SERIAL **a, - unsigned char **pp, long length); - -#ifndef SSLEAY_MACROS -int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data,const EVP_MD *type, - unsigned char *md,unsigned int *len); -#ifndef NO_FP_API -PKCS7 *d2i_PKCS7_fp(FILE *fp,PKCS7 **p7); -int i2d_PKCS7_fp(FILE *fp,PKCS7 *p7); -#endif -PKCS7 *PKCS7_dup(PKCS7 *p7); -PKCS7 *d2i_PKCS7_bio(BIO *bp,PKCS7 **p7); -int i2d_PKCS7_bio(BIO *bp,PKCS7 *p7); -#endif - -PKCS7_SIGNER_INFO *PKCS7_SIGNER_INFO_new(void); -void PKCS7_SIGNER_INFO_free(PKCS7_SIGNER_INFO *a); -int i2d_PKCS7_SIGNER_INFO(PKCS7_SIGNER_INFO *a, - unsigned char **pp); -PKCS7_SIGNER_INFO *d2i_PKCS7_SIGNER_INFO(PKCS7_SIGNER_INFO **a, - unsigned char **pp,long length); - -PKCS7_RECIP_INFO *PKCS7_RECIP_INFO_new(void); -void PKCS7_RECIP_INFO_free(PKCS7_RECIP_INFO *a); -int i2d_PKCS7_RECIP_INFO(PKCS7_RECIP_INFO *a, - unsigned char **pp); -PKCS7_RECIP_INFO *d2i_PKCS7_RECIP_INFO(PKCS7_RECIP_INFO **a, - unsigned char **pp,long length); - -PKCS7_SIGNED *PKCS7_SIGNED_new(void); -void PKCS7_SIGNED_free(PKCS7_SIGNED *a); -int i2d_PKCS7_SIGNED(PKCS7_SIGNED *a, - unsigned char **pp); -PKCS7_SIGNED *d2i_PKCS7_SIGNED(PKCS7_SIGNED **a, - unsigned char **pp,long length); - -PKCS7_ENC_CONTENT *PKCS7_ENC_CONTENT_new(void); -void PKCS7_ENC_CONTENT_free(PKCS7_ENC_CONTENT *a); -int i2d_PKCS7_ENC_CONTENT(PKCS7_ENC_CONTENT *a, - unsigned char **pp); -PKCS7_ENC_CONTENT *d2i_PKCS7_ENC_CONTENT(PKCS7_ENC_CONTENT **a, - unsigned char **pp,long length); - -PKCS7_ENVELOPE *PKCS7_ENVELOPE_new(void); -void PKCS7_ENVELOPE_free(PKCS7_ENVELOPE *a); -int i2d_PKCS7_ENVELOPE(PKCS7_ENVELOPE *a, - unsigned char **pp); -PKCS7_ENVELOPE *d2i_PKCS7_ENVELOPE(PKCS7_ENVELOPE **a, - unsigned char **pp,long length); - -PKCS7_SIGN_ENVELOPE *PKCS7_SIGN_ENVELOPE_new(void); -void PKCS7_SIGN_ENVELOPE_free(PKCS7_SIGN_ENVELOPE *a); -int i2d_PKCS7_SIGN_ENVELOPE(PKCS7_SIGN_ENVELOPE *a, - unsigned char **pp); -PKCS7_SIGN_ENVELOPE *d2i_PKCS7_SIGN_ENVELOPE(PKCS7_SIGN_ENVELOPE **a, - unsigned char **pp,long length); - -PKCS7_DIGEST *PKCS7_DIGEST_new(void); -void PKCS7_DIGEST_free(PKCS7_DIGEST *a); -int i2d_PKCS7_DIGEST(PKCS7_DIGEST *a, - unsigned char **pp); -PKCS7_DIGEST *d2i_PKCS7_DIGEST(PKCS7_DIGEST **a, - unsigned char **pp,long length); - -PKCS7_ENCRYPT *PKCS7_ENCRYPT_new(void); -void PKCS7_ENCRYPT_free(PKCS7_ENCRYPT *a); -int i2d_PKCS7_ENCRYPT(PKCS7_ENCRYPT *a, - unsigned char **pp); -PKCS7_ENCRYPT *d2i_PKCS7_ENCRYPT(PKCS7_ENCRYPT **a, - unsigned char **pp,long length); - -PKCS7 *PKCS7_new(void); -void PKCS7_free(PKCS7 *a); -void PKCS7_content_free(PKCS7 *a); -int i2d_PKCS7(PKCS7 *a, - unsigned char **pp); -PKCS7 *d2i_PKCS7(PKCS7 **a, - unsigned char **pp,long length); - -void ERR_load_PKCS7_strings(void); - - -long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg); - -int PKCS7_set_type(PKCS7 *p7, int type); -int PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data); -int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey, - EVP_MD *dgst); -int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *p7i); -int PKCS7_add_certificate(PKCS7 *p7, X509 *x509); -int PKCS7_add_crl(PKCS7 *p7, X509_CRL *x509); -int PKCS7_content_new(PKCS7 *p7, int nid); -int PKCS7_dataVerify(X509_STORE *cert_store, X509_STORE_CTX *ctx, - BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si); -int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si, - X509 *x509); - -BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio); -int PKCS7_dataFinal(PKCS7 *p7, BIO *bio); -BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert); - - -PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509, - EVP_PKEY *pkey, EVP_MD *dgst); -X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si); -STACK_OF(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7 *p7); - -PKCS7_RECIP_INFO *PKCS7_add_recipient(PKCS7 *p7, X509 *x509); -int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri); -int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509); -int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher); - -PKCS7_ISSUER_AND_SERIAL *PKCS7_get_issuer_and_serial(PKCS7 *p7, int idx); -ASN1_OCTET_STRING *PKCS7_digest_from_attributes(STACK_OF(X509_ATTRIBUTE) *sk); -int PKCS7_add_signed_attribute(PKCS7_SIGNER_INFO *p7si,int nid,int type, - void *data); -int PKCS7_add_attribute (PKCS7_SIGNER_INFO *p7si, int nid, int atrtype, - void *value); -ASN1_TYPE *PKCS7_get_attribute(PKCS7_SIGNER_INFO *si, int nid); -ASN1_TYPE *PKCS7_get_signed_attribute(PKCS7_SIGNER_INFO *si, int nid); -int PKCS7_set_signed_attributes(PKCS7_SIGNER_INFO *p7si, - STACK_OF(X509_ATTRIBUTE) *sk); -int PKCS7_set_attributes(PKCS7_SIGNER_INFO *p7si,STACK_OF(X509_ATTRIBUTE) *sk); - - -PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, - BIO *data, int flags); -int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, - BIO *indata, BIO *out, int flags); -STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags); -PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, EVP_CIPHER *cipher, - int flags); -int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags); - -int PKCS7_add_attrib_smimecap(PKCS7_SIGNER_INFO *si, - STACK_OF(X509_ALGOR) *cap); -STACK_OF(X509_ALGOR) *PKCS7_get_smimecap(PKCS7_SIGNER_INFO *si); -int PKCS7_simple_smimecap(STACK_OF(X509_ALGOR) *sk, int nid, int arg); - -int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags); -PKCS7 *SMIME_read_PKCS7(BIO *bio, BIO **bcont); -int SMIME_crlf_copy(BIO *in, BIO *out, int flags); -int SMIME_text(BIO *in, BIO *out); - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ - -/* Error codes for the PKCS7 functions. */ - -/* Function codes. */ -#define PKCS7_F_B64_READ_PKCS7 120 -#define PKCS7_F_B64_WRITE_PKCS7 121 -#define PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP 118 -#define PKCS7_F_PKCS7_ADD_CERTIFICATE 100 -#define PKCS7_F_PKCS7_ADD_CRL 101 -#define PKCS7_F_PKCS7_ADD_RECIPIENT_INFO 102 -#define PKCS7_F_PKCS7_ADD_SIGNER 103 -#define PKCS7_F_PKCS7_CTRL 104 -#define PKCS7_F_PKCS7_DATADECODE 112 -#define PKCS7_F_PKCS7_DATAINIT 105 -#define PKCS7_F_PKCS7_DATASIGN 106 -#define PKCS7_F_PKCS7_DATAVERIFY 107 -#define PKCS7_F_PKCS7_DECRYPT 114 -#define PKCS7_F_PKCS7_ENCRYPT 115 -#define PKCS7_F_PKCS7_GET0_SIGNERS 124 -#define PKCS7_F_PKCS7_SET_CIPHER 108 -#define PKCS7_F_PKCS7_SET_CONTENT 109 -#define PKCS7_F_PKCS7_SET_TYPE 110 -#define PKCS7_F_PKCS7_SIGN 116 -#define PKCS7_F_PKCS7_SIGNATUREVERIFY 113 -#define PKCS7_F_PKCS7_SIMPLE_SMIMECAP 119 -#define PKCS7_F_PKCS7_VERIFY 117 -#define PKCS7_F_SMIME_READ_PKCS7 122 -#define PKCS7_F_SMIME_TEXT 123 - -/* Reason codes. */ -#define PKCS7_R_CERTIFICATE_VERIFY_ERROR 117 -#define PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER 144 -#define PKCS7_R_CIPHER_NOT_INITIALIZED 116 -#define PKCS7_R_CONTENT_AND_DATA_PRESENT 118 -#define PKCS7_R_DECODE_ERROR 130 -#define PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH 100 -#define PKCS7_R_DECRYPT_ERROR 119 -#define PKCS7_R_DIGEST_FAILURE 101 -#define PKCS7_R_ERROR_ADDING_RECIPIENT 120 -#define PKCS7_R_ERROR_SETTING_CIPHER 121 -#define PKCS7_R_INTERNAL_ERROR 102 -#define PKCS7_R_INVALID_MIME_TYPE 131 -#define PKCS7_R_INVALID_NULL_POINTER 143 -#define PKCS7_R_MIME_NO_CONTENT_TYPE 132 -#define PKCS7_R_MIME_PARSE_ERROR 133 -#define PKCS7_R_MIME_SIG_PARSE_ERROR 134 -#define PKCS7_R_MISSING_CERIPEND_INFO 103 -#define PKCS7_R_NO_CONTENT 122 -#define PKCS7_R_NO_CONTENT_TYPE 135 -#define PKCS7_R_NO_MULTIPART_BODY_FAILURE 136 -#define PKCS7_R_NO_MULTIPART_BOUNDARY 137 -#define PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE 115 -#define PKCS7_R_NO_SIGNATURES_ON_DATA 123 -#define PKCS7_R_NO_SIGNERS 142 -#define PKCS7_R_NO_SIG_CONTENT_TYPE 138 -#define PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE 104 -#define PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR 124 -#define PKCS7_R_PKCS7_DATAFINAL_ERROR 125 -#define PKCS7_R_PKCS7_DATASIGN 126 -#define PKCS7_R_PKCS7_PARSE_ERROR 139 -#define PKCS7_R_PKCS7_SIG_PARSE_ERROR 140 -#define PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 127 -#define PKCS7_R_SIGNATURE_FAILURE 105 -#define PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND 128 -#define PKCS7_R_SIG_INVALID_MIME_TYPE 141 -#define PKCS7_R_SMIME_TEXT_ERROR 129 -#define PKCS7_R_UNABLE_TO_FIND_CERTIFICATE 106 -#define PKCS7_R_UNABLE_TO_FIND_MEM_BIO 107 -#define PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST 108 -#define PKCS7_R_UNKNOWN_DIGEST_TYPE 109 -#define PKCS7_R_UNKNOWN_OPERATION 110 -#define PKCS7_R_UNSUPPORTED_CIPHER_TYPE 111 -#define PKCS7_R_UNSUPPORTED_CONTENT_TYPE 112 -#define PKCS7_R_WRONG_CONTENT_TYPE 113 -#define PKCS7_R_WRONG_PKCS7_TYPE 114 - -#ifdef __cplusplus -} -#endif -#endif - diff --git a/src/lib/libcrypto/pkcs7/pkcs7err.c b/src/lib/libcrypto/pkcs7/pkcs7err.c deleted file mode 100644 index 8ded8913db..0000000000 --- a/src/lib/libcrypto/pkcs7/pkcs7err.c +++ /dev/null @@ -1,161 +0,0 @@ -/* crypto/pkcs7/pkcs7err.c */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* NOTE: this file was auto generated by the mkerr.pl script: any changes - * made to it will be overwritten when the script next updates this file, - * only reason strings will be preserved. - */ - -#include -#include -#include - -/* BEGIN ERROR CODES */ -#ifndef NO_ERR -static ERR_STRING_DATA PKCS7_str_functs[]= - { -{ERR_PACK(0,PKCS7_F_B64_READ_PKCS7,0), "B64_READ_PKCS7"}, -{ERR_PACK(0,PKCS7_F_B64_WRITE_PKCS7,0), "B64_WRITE_PKCS7"}, -{ERR_PACK(0,PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP,0), "PKCS7_add_attrib_smimecap"}, -{ERR_PACK(0,PKCS7_F_PKCS7_ADD_CERTIFICATE,0), "PKCS7_add_certificate"}, -{ERR_PACK(0,PKCS7_F_PKCS7_ADD_CRL,0), "PKCS7_add_crl"}, -{ERR_PACK(0,PKCS7_F_PKCS7_ADD_RECIPIENT_INFO,0), "PKCS7_add_recipient_info"}, -{ERR_PACK(0,PKCS7_F_PKCS7_ADD_SIGNER,0), "PKCS7_add_signer"}, -{ERR_PACK(0,PKCS7_F_PKCS7_CTRL,0), "PKCS7_ctrl"}, -{ERR_PACK(0,PKCS7_F_PKCS7_DATADECODE,0), "PKCS7_dataDecode"}, -{ERR_PACK(0,PKCS7_F_PKCS7_DATAINIT,0), "PKCS7_dataInit"}, -{ERR_PACK(0,PKCS7_F_PKCS7_DATASIGN,0), "PKCS7_DATASIGN"}, -{ERR_PACK(0,PKCS7_F_PKCS7_DATAVERIFY,0), "PKCS7_dataVerify"}, -{ERR_PACK(0,PKCS7_F_PKCS7_DECRYPT,0), "PKCS7_decrypt"}, -{ERR_PACK(0,PKCS7_F_PKCS7_ENCRYPT,0), "PKCS7_encrypt"}, -{ERR_PACK(0,PKCS7_F_PKCS7_GET0_SIGNERS,0), "PKCS7_get0_signers"}, -{ERR_PACK(0,PKCS7_F_PKCS7_SET_CIPHER,0), "PKCS7_set_cipher"}, -{ERR_PACK(0,PKCS7_F_PKCS7_SET_CONTENT,0), "PKCS7_set_content"}, -{ERR_PACK(0,PKCS7_F_PKCS7_SET_TYPE,0), "PKCS7_set_type"}, -{ERR_PACK(0,PKCS7_F_PKCS7_SIGN,0), "PKCS7_sign"}, -{ERR_PACK(0,PKCS7_F_PKCS7_SIGNATUREVERIFY,0), "PKCS7_signatureVerify"}, -{ERR_PACK(0,PKCS7_F_PKCS7_SIMPLE_SMIMECAP,0), "PKCS7_simple_smimecap"}, -{ERR_PACK(0,PKCS7_F_PKCS7_VERIFY,0), "PKCS7_verify"}, -{ERR_PACK(0,PKCS7_F_SMIME_READ_PKCS7,0), "SMIME_read_PKCS7"}, -{ERR_PACK(0,PKCS7_F_SMIME_TEXT,0), "SMIME_text"}, -{0,NULL} - }; - -static ERR_STRING_DATA PKCS7_str_reasons[]= - { -{PKCS7_R_CERTIFICATE_VERIFY_ERROR ,"certificate verify error"}, -{PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER ,"cipher has no object identifier"}, -{PKCS7_R_CIPHER_NOT_INITIALIZED ,"cipher not initialized"}, -{PKCS7_R_CONTENT_AND_DATA_PRESENT ,"content and data present"}, -{PKCS7_R_DECODE_ERROR ,"decode error"}, -{PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH ,"decrypted key is wrong length"}, -{PKCS7_R_DECRYPT_ERROR ,"decrypt error"}, -{PKCS7_R_DIGEST_FAILURE ,"digest failure"}, -{PKCS7_R_ERROR_ADDING_RECIPIENT ,"error adding recipient"}, -{PKCS7_R_ERROR_SETTING_CIPHER ,"error setting cipher"}, -{PKCS7_R_INTERNAL_ERROR ,"internal error"}, -{PKCS7_R_INVALID_MIME_TYPE ,"invalid mime type"}, -{PKCS7_R_INVALID_NULL_POINTER ,"invalid null pointer"}, -{PKCS7_R_MIME_NO_CONTENT_TYPE ,"mime no content type"}, -{PKCS7_R_MIME_PARSE_ERROR ,"mime parse error"}, -{PKCS7_R_MIME_SIG_PARSE_ERROR ,"mime sig parse error"}, -{PKCS7_R_MISSING_CERIPEND_INFO ,"missing ceripend info"}, -{PKCS7_R_NO_CONTENT ,"no content"}, -{PKCS7_R_NO_CONTENT_TYPE ,"no content type"}, -{PKCS7_R_NO_MULTIPART_BODY_FAILURE ,"no multipart body failure"}, -{PKCS7_R_NO_MULTIPART_BOUNDARY ,"no multipart boundary"}, -{PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE,"no recipient matches certificate"}, -{PKCS7_R_NO_SIGNATURES_ON_DATA ,"no signatures on data"}, -{PKCS7_R_NO_SIGNERS ,"no signers"}, -{PKCS7_R_NO_SIG_CONTENT_TYPE ,"no sig content type"}, -{PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE,"operation not supported on this type"}, -{PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR ,"pkcs7 add signature error"}, -{PKCS7_R_PKCS7_DATAFINAL_ERROR ,"pkcs7 datafinal error"}, -{PKCS7_R_PKCS7_DATASIGN ,"pkcs7 datasign"}, -{PKCS7_R_PKCS7_PARSE_ERROR ,"pkcs7 parse error"}, -{PKCS7_R_PKCS7_SIG_PARSE_ERROR ,"pkcs7 sig parse error"}, -{PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE,"private key does not match certificate"}, -{PKCS7_R_SIGNATURE_FAILURE ,"signature failure"}, -{PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND ,"signer certificate not found"}, -{PKCS7_R_SIG_INVALID_MIME_TYPE ,"sig invalid mime type"}, -{PKCS7_R_SMIME_TEXT_ERROR ,"smime text error"}, -{PKCS7_R_UNABLE_TO_FIND_CERTIFICATE ,"unable to find certificate"}, -{PKCS7_R_UNABLE_TO_FIND_MEM_BIO ,"unable to find mem bio"}, -{PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST ,"unable to find message digest"}, -{PKCS7_R_UNKNOWN_DIGEST_TYPE ,"unknown digest type"}, -{PKCS7_R_UNKNOWN_OPERATION ,"unknown operation"}, -{PKCS7_R_UNSUPPORTED_CIPHER_TYPE ,"unsupported cipher type"}, -{PKCS7_R_UNSUPPORTED_CONTENT_TYPE ,"unsupported content type"}, -{PKCS7_R_WRONG_CONTENT_TYPE ,"wrong content type"}, -{PKCS7_R_WRONG_PKCS7_TYPE ,"wrong pkcs7 type"}, -{0,NULL} - }; - -#endif - -void ERR_load_PKCS7_strings(void) - { - static int init=1; - - if (init) - { - init=0; -#ifndef NO_ERR - ERR_load_strings(ERR_LIB_PKCS7,PKCS7_str_functs); - ERR_load_strings(ERR_LIB_PKCS7,PKCS7_str_reasons); -#endif - - } - } diff --git a/src/lib/libcrypto/rand/rand.h b/src/lib/libcrypto/rand/rand.h deleted file mode 100644 index eb9c8c034d..0000000000 --- a/src/lib/libcrypto/rand/rand.h +++ /dev/null @@ -1,132 +0,0 @@ -/* crypto/rand/rand.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_RAND_H -#define HEADER_RAND_H - -#ifdef __cplusplus -extern "C" { -#endif - -typedef struct rand_meth_st - { - void (*seed)(const void *buf, int num); - int (*bytes)(unsigned char *buf, int num); - void (*cleanup)(void); - void (*add)(const void *buf, int num, double entropy); - int (*pseudorand)(unsigned char *buf, int num); - int (*status)(void); - } RAND_METHOD; - -#ifdef BN_DEBUG -extern int rand_predictable; -#endif - -struct engine_st; - -int RAND_set_rand_method(struct engine_st *meth); -RAND_METHOD *RAND_get_rand_method(void ); -RAND_METHOD *RAND_SSLeay(void); -void RAND_cleanup(void ); -int RAND_bytes(unsigned char *buf,int num); -int RAND_pseudo_bytes(unsigned char *buf,int num); -void RAND_seed(const void *buf,int num); -void RAND_add(const void *buf,int num,double entropy); -int RAND_load_file(const char *file,long max_bytes); -int RAND_write_file(const char *file); -const char *RAND_file_name(char *file,int num); -int RAND_status(void); -int RAND_egd(const char *path); -int RAND_egd_bytes(const char *path,int bytes); -void ERR_load_RAND_strings(void); -int RAND_poll(void); - -#ifdef __cplusplus -} -#endif - -#if defined(WINDOWS) || defined(WIN32) -#include - -#ifdef __cplusplus -extern "C" { -#endif - -void RAND_screen(void); -int RAND_event(UINT, WPARAM, LPARAM); - -#ifdef __cplusplus -} -#endif -#endif - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ - -/* Error codes for the RAND functions. */ - -/* Function codes. */ -#define RAND_F_SSLEAY_RAND_BYTES 100 - -/* Reason codes. */ -#define RAND_R_PRNG_NOT_SEEDED 100 - -#endif - diff --git a/src/lib/libcrypto/rand/rand_err.c b/src/lib/libcrypto/rand/rand_err.c deleted file mode 100644 index 1af0aa0b8a..0000000000 --- a/src/lib/libcrypto/rand/rand_err.c +++ /dev/null @@ -1,94 +0,0 @@ -/* crypto/rand/rand_err.c */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* NOTE: this file was auto generated by the mkerr.pl script: any changes - * made to it will be overwritten when the script next updates this file, - * only reason strings will be preserved. - */ - -#include -#include -#include - -/* BEGIN ERROR CODES */ -#ifndef NO_ERR -static ERR_STRING_DATA RAND_str_functs[]= - { -{ERR_PACK(0,RAND_F_SSLEAY_RAND_BYTES,0), "SSLEAY_RAND_BYTES"}, -{0,NULL} - }; - -static ERR_STRING_DATA RAND_str_reasons[]= - { -{RAND_R_PRNG_NOT_SEEDED ,"PRNG not seeded"}, -{0,NULL} - }; - -#endif - -void ERR_load_RAND_strings(void) - { - static int init=1; - - if (init) - { - init=0; -#ifndef NO_ERR - ERR_load_strings(ERR_LIB_RAND,RAND_str_functs); - ERR_load_strings(ERR_LIB_RAND,RAND_str_reasons); -#endif - - } - } diff --git a/src/lib/libcrypto/rand/rand_lib.c b/src/lib/libcrypto/rand/rand_lib.c deleted file mode 100644 index 57eff0f132..0000000000 --- a/src/lib/libcrypto/rand/rand_lib.c +++ /dev/null @@ -1,136 +0,0 @@ -/* crypto/rand/rand_lib.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include - -static ENGINE *rand_engine=NULL; - -#if 0 -void RAND_set_rand_method(RAND_METHOD *meth) - { - rand_meth=meth; - } -#else -int RAND_set_rand_method(ENGINE *engine) - { - ENGINE *mtmp; - mtmp = rand_engine; - if (!ENGINE_init(engine)) - return 0; - rand_engine = engine; - /* SHOULD ERROR CHECK THIS!!! */ - ENGINE_finish(mtmp); - return 1; - } -#endif - -RAND_METHOD *RAND_get_rand_method(void) - { - if (rand_engine == NULL - && (rand_engine = ENGINE_get_default_RAND()) == NULL) - return NULL; - return ENGINE_get_RAND(rand_engine); - } - -void RAND_cleanup(void) - { - RAND_METHOD *meth = RAND_get_rand_method(); - if (meth && meth->cleanup) - meth->cleanup(); - } - -void RAND_seed(const void *buf, int num) - { - RAND_METHOD *meth = RAND_get_rand_method(); - if (meth && meth->seed) - meth->seed(buf,num); - } - -void RAND_add(const void *buf, int num, double entropy) - { - RAND_METHOD *meth = RAND_get_rand_method(); - if (meth && meth->add) - meth->add(buf,num,entropy); - } - -int RAND_bytes(unsigned char *buf, int num) - { - RAND_METHOD *meth = RAND_get_rand_method(); - if (meth && meth->bytes) - return meth->bytes(buf,num); - return(-1); - } - -int RAND_pseudo_bytes(unsigned char *buf, int num) - { - RAND_METHOD *meth = RAND_get_rand_method(); - if (meth && meth->pseudorand) - return meth->pseudorand(buf,num); - return(-1); - } - -int RAND_status(void) - { - RAND_METHOD *meth = RAND_get_rand_method(); - if (meth && meth->status) - return meth->status(); - return 0; - } diff --git a/src/lib/libcrypto/rand/randfile.c b/src/lib/libcrypto/rand/randfile.c deleted file mode 100644 index 663a36cb70..0000000000 --- a/src/lib/libcrypto/rand/randfile.c +++ /dev/null @@ -1,259 +0,0 @@ -/* crypto/rand/randfile.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include - -#ifdef VMS -#include -#endif -#ifndef NO_SYS_TYPES_H -# include -#endif -#ifdef MAC_OS_pre_X -# include -#else -# include -#endif - -#include -#include -#include - -#undef BUFSIZE -#define BUFSIZE 1024 -#define RAND_DATA 1024 - -/* #define RFILE ".rnd" - defined in ../../e_os.h */ - -int RAND_load_file(const char *file, long bytes) - { - /* If bytes >= 0, read up to 'bytes' bytes. - * if bytes == -1, read complete file. */ - - MS_STATIC unsigned char buf[BUFSIZE]; - struct stat sb; - int i,ret=0,n; - FILE *in; - - if (file == NULL) return(0); - - i=stat(file,&sb); - if (i < 0) { - /* If the state fails, put some crap in anyway */ - RAND_add(&sb,sizeof(sb),0); - return(0); - } - if (bytes == 0) return(ret); - in=fopen(file,"rb"); - if (in == NULL) goto err; - if (sb.st_mode & (S_IFBLK | S_IFCHR)) { - /* this file is a device. we don't want read an infinite number - * of bytes from a random device, nor do we want to use buffered - * I/O because we will waste system entropy. - */ - bytes = (bytes == -1) ? 2048 : bytes; /* ok, is 2048 enough? */ - setvbuf(in, NULL, _IONBF, 0); /* don't do buffered reads */ - } - for (;;) - { - if (bytes > 0) - n = (bytes < BUFSIZE)?(int)bytes:BUFSIZE; - else - n = BUFSIZE; - i=fread(buf,1,n,in); - if (i <= 0) break; - /* even if n != i, use the full array */ - RAND_add(buf,n,i); - ret+=i; - if (bytes > 0) - { - bytes-=n; - if (bytes <= 0) break; - } - } - fclose(in); - memset(buf,0,BUFSIZE); -err: - return(ret); - } - -int RAND_write_file(const char *file) - { - unsigned char buf[BUFSIZE]; - int i,ret=0,rand_err=0; - FILE *out = NULL; - int n; - struct stat sb; - - i=stat(file,&sb); - if (i != -1) { - if (sb.st_mode & (S_IFBLK | S_IFCHR)) { - /* this file is a device. we don't write back to it. - * we "succeed" on the assumption this is some sort - * of random device. Otherwise attempting to write to - * and chmod the device causes problems. - */ - return(1); - } - } - -#if defined(O_CREAT) && !defined(WIN32) - /* For some reason Win32 can't write to files created this way */ - - /* chmod(..., 0600) is too late to protect the file, - * permissions should be restrictive from the start */ - int fd = open(file, O_CREAT, 0600); - if (fd != -1) - out = fdopen(fd, "wb"); -#endif - if (out == NULL) - out = fopen(file,"wb"); - if (out == NULL) goto err; - -#ifndef NO_CHMOD - chmod(file,0600); -#endif - n=RAND_DATA; - for (;;) - { - i=(n > BUFSIZE)?BUFSIZE:n; - n-=BUFSIZE; - if (RAND_bytes(buf,i) <= 0) - rand_err=1; - i=fwrite(buf,1,i,out); - if (i <= 0) - { - ret=0; - break; - } - ret+=i; - if (n <= 0) break; - } -#ifdef VMS - /* Try to delete older versions of the file, until there aren't - any */ - { - char *tmpf; - - tmpf = OPENSSL_malloc(strlen(file) + 4); /* to add ";-1" and a nul */ - if (tmpf) - { - strcpy(tmpf, file); - strcat(tmpf, ";-1"); - while(delete(tmpf) == 0) - ; - rename(file,";1"); /* Make sure it's version 1, or we - will reach the limit (32767) at - some point... */ - } - } -#endif /* VMS */ - - fclose(out); - memset(buf,0,BUFSIZE); -err: - return (rand_err ? -1 : ret); - } - -const char *RAND_file_name(char *buf, int size) - { - char *s = NULL; - char *ret=NULL; - struct stat sb; - - if (issetugid() == 0) - s = getenv("RANDFILE"); - if (s != NULL && *s && strlen(s) + 1 < size) - { - strlcpy(buf,s,size); - ret=buf; - } - else - { - if (issetugid() == 0) - s=getenv("HOME"); - if (s && *s && strlen(s)+strlen(RFILE)+2 < size) - { - strlcpy(buf,s,size); -#ifndef VMS - strcat(buf,"/"); -#endif - strlcat(buf,RFILE,size); - ret=buf; - } - } - -#ifdef DEVRANDOM - /* given that all random loads just fail if the file can't be - * seen on a stat, we stat the file we're returning, if it - * fails, use DEVRANDOM instead. the allows the user to - * use their own source for good random data, but defaults - * to something hopefully decent if that isn't available. - */ - - if (ret == NULL) - ret = DEVRANDOM; - - if (stat(ret,&sb) == -1) - ret = DEVRANDOM; -#endif - return(ret); - } diff --git a/src/lib/libcrypto/rc2/rc2.h b/src/lib/libcrypto/rc2/rc2.h deleted file mode 100644 index 076c0a067c..0000000000 --- a/src/lib/libcrypto/rc2/rc2.h +++ /dev/null @@ -1,101 +0,0 @@ -/* crypto/rc2/rc2.h */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_RC2_H -#define HEADER_RC2_H - -#ifdef NO_RC2 -#error RC2 is disabled. -#endif - -#define RC2_ENCRYPT 1 -#define RC2_DECRYPT 0 - -#include /* RC2_INT */ -#define RC2_BLOCK 8 -#define RC2_KEY_LENGTH 16 - -#ifdef __cplusplus -extern "C" { -#endif - -typedef struct rc2_key_st - { - RC2_INT data[64]; - } RC2_KEY; - - -void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data,int bits); -void RC2_ecb_encrypt(const unsigned char *in,unsigned char *out,RC2_KEY *key, - int enc); -void RC2_encrypt(unsigned long *data,RC2_KEY *key); -void RC2_decrypt(unsigned long *data,RC2_KEY *key); -void RC2_cbc_encrypt(const unsigned char *in, unsigned char *out, long length, - RC2_KEY *ks, unsigned char *iv, int enc); -void RC2_cfb64_encrypt(const unsigned char *in, unsigned char *out, - long length, RC2_KEY *schedule, unsigned char *ivec, - int *num, int enc); -void RC2_ofb64_encrypt(const unsigned char *in, unsigned char *out, - long length, RC2_KEY *schedule, unsigned char *ivec, - int *num); - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/src/lib/libcrypto/rc2/rc2_cbc.c b/src/lib/libcrypto/rc2/rc2_cbc.c deleted file mode 100644 index 74f48d3d87..0000000000 --- a/src/lib/libcrypto/rc2/rc2_cbc.c +++ /dev/null @@ -1,226 +0,0 @@ -/* crypto/rc2/rc2_cbc.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "rc2_locl.h" - -void RC2_cbc_encrypt(const unsigned char *in, unsigned char *out, long length, - RC2_KEY *ks, unsigned char *iv, int encrypt) - { - register unsigned long tin0,tin1; - register unsigned long tout0,tout1,xor0,xor1; - register long l=length; - unsigned long tin[2]; - - if (encrypt) - { - c2l(iv,tout0); - c2l(iv,tout1); - iv-=8; - for (l-=8; l>=0; l-=8) - { - c2l(in,tin0); - c2l(in,tin1); - tin0^=tout0; - tin1^=tout1; - tin[0]=tin0; - tin[1]=tin1; - RC2_encrypt(tin,ks); - tout0=tin[0]; l2c(tout0,out); - tout1=tin[1]; l2c(tout1,out); - } - if (l != -8) - { - c2ln(in,tin0,tin1,l+8); - tin0^=tout0; - tin1^=tout1; - tin[0]=tin0; - tin[1]=tin1; - RC2_encrypt(tin,ks); - tout0=tin[0]; l2c(tout0,out); - tout1=tin[1]; l2c(tout1,out); - } - l2c(tout0,iv); - l2c(tout1,iv); - } - else - { - c2l(iv,xor0); - c2l(iv,xor1); - iv-=8; - for (l-=8; l>=0; l-=8) - { - c2l(in,tin0); tin[0]=tin0; - c2l(in,tin1); tin[1]=tin1; - RC2_decrypt(tin,ks); - tout0=tin[0]^xor0; - tout1=tin[1]^xor1; - l2c(tout0,out); - l2c(tout1,out); - xor0=tin0; - xor1=tin1; - } - if (l != -8) - { - c2l(in,tin0); tin[0]=tin0; - c2l(in,tin1); tin[1]=tin1; - RC2_decrypt(tin,ks); - tout0=tin[0]^xor0; - tout1=tin[1]^xor1; - l2cn(tout0,tout1,out,l+8); - xor0=tin0; - xor1=tin1; - } - l2c(xor0,iv); - l2c(xor1,iv); - } - tin0=tin1=tout0=tout1=xor0=xor1=0; - tin[0]=tin[1]=0; - } - -void RC2_encrypt(unsigned long *d, RC2_KEY *key) - { - int i,n; - register RC2_INT *p0,*p1; - register RC2_INT x0,x1,x2,x3,t; - unsigned long l; - - l=d[0]; - x0=(RC2_INT)l&0xffff; - x1=(RC2_INT)(l>>16L); - l=d[1]; - x2=(RC2_INT)l&0xffff; - x3=(RC2_INT)(l>>16L); - - n=3; - i=5; - - p0=p1= &(key->data[0]); - for (;;) - { - t=(x0+(x1& ~x3)+(x2&x3)+ *(p0++))&0xffff; - x0=(t<<1)|(t>>15); - t=(x1+(x2& ~x0)+(x3&x0)+ *(p0++))&0xffff; - x1=(t<<2)|(t>>14); - t=(x2+(x3& ~x1)+(x0&x1)+ *(p0++))&0xffff; - x2=(t<<3)|(t>>13); - t=(x3+(x0& ~x2)+(x1&x2)+ *(p0++))&0xffff; - x3=(t<<5)|(t>>11); - - if (--i == 0) - { - if (--n == 0) break; - i=(n == 2)?6:5; - - x0+=p1[x3&0x3f]; - x1+=p1[x0&0x3f]; - x2+=p1[x1&0x3f]; - x3+=p1[x2&0x3f]; - } - } - - d[0]=(unsigned long)(x0&0xffff)|((unsigned long)(x1&0xffff)<<16L); - d[1]=(unsigned long)(x2&0xffff)|((unsigned long)(x3&0xffff)<<16L); - } - -void RC2_decrypt(unsigned long *d, RC2_KEY *key) - { - int i,n; - register RC2_INT *p0,*p1; - register RC2_INT x0,x1,x2,x3,t; - unsigned long l; - - l=d[0]; - x0=(RC2_INT)l&0xffff; - x1=(RC2_INT)(l>>16L); - l=d[1]; - x2=(RC2_INT)l&0xffff; - x3=(RC2_INT)(l>>16L); - - n=3; - i=5; - - p0= &(key->data[63]); - p1= &(key->data[0]); - for (;;) - { - t=((x3<<11)|(x3>>5))&0xffff; - x3=(t-(x0& ~x2)-(x1&x2)- *(p0--))&0xffff; - t=((x2<<13)|(x2>>3))&0xffff; - x2=(t-(x3& ~x1)-(x0&x1)- *(p0--))&0xffff; - t=((x1<<14)|(x1>>2))&0xffff; - x1=(t-(x2& ~x0)-(x3&x0)- *(p0--))&0xffff; - t=((x0<<15)|(x0>>1))&0xffff; - x0=(t-(x1& ~x3)-(x2&x3)- *(p0--))&0xffff; - - if (--i == 0) - { - if (--n == 0) break; - i=(n == 2)?6:5; - - x3=(x3-p1[x2&0x3f])&0xffff; - x2=(x2-p1[x1&0x3f])&0xffff; - x1=(x1-p1[x0&0x3f])&0xffff; - x0=(x0-p1[x3&0x3f])&0xffff; - } - } - - d[0]=(unsigned long)(x0&0xffff)|((unsigned long)(x1&0xffff)<<16L); - d[1]=(unsigned long)(x2&0xffff)|((unsigned long)(x3&0xffff)<<16L); - } - diff --git a/src/lib/libcrypto/rc2/rc2_ecb.c b/src/lib/libcrypto/rc2/rc2_ecb.c deleted file mode 100644 index d3e8c2718a..0000000000 --- a/src/lib/libcrypto/rc2/rc2_ecb.c +++ /dev/null @@ -1,88 +0,0 @@ -/* crypto/rc2/rc2_ecb.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "rc2_locl.h" -#include - -const char *RC2_version="RC2" OPENSSL_VERSION_PTEXT; - -/* RC2 as implemented frm a posting from - * Newsgroups: sci.crypt - * Sender: pgut01@cs.auckland.ac.nz (Peter Gutmann) - * Subject: Specification for Ron Rivests Cipher No.2 - * Message-ID: <4fk39f$f70@net.auckland.ac.nz> - * Date: 11 Feb 1996 06:45:03 GMT - */ - -void RC2_ecb_encrypt(const unsigned char *in, unsigned char *out, RC2_KEY *ks, - int encrypt) - { - unsigned long l,d[2]; - - c2l(in,l); d[0]=l; - c2l(in,l); d[1]=l; - if (encrypt) - RC2_encrypt(d,ks); - else - RC2_decrypt(d,ks); - l=d[0]; l2c(l,out); - l=d[1]; l2c(l,out); - l=d[0]=d[1]=0; - } - diff --git a/src/lib/libcrypto/rc2/rc2_locl.h b/src/lib/libcrypto/rc2/rc2_locl.h deleted file mode 100644 index 565cd17619..0000000000 --- a/src/lib/libcrypto/rc2/rc2_locl.h +++ /dev/null @@ -1,156 +0,0 @@ -/* crypto/rc2/rc2_locl.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#undef c2l -#define c2l(c,l) (l =((unsigned long)(*((c)++))) , \ - l|=((unsigned long)(*((c)++)))<< 8L, \ - l|=((unsigned long)(*((c)++)))<<16L, \ - l|=((unsigned long)(*((c)++)))<<24L) - -/* NOTE - c is not incremented as per c2l */ -#undef c2ln -#define c2ln(c,l1,l2,n) { \ - c+=n; \ - l1=l2=0; \ - switch (n) { \ - case 8: l2 =((unsigned long)(*(--(c))))<<24L; \ - case 7: l2|=((unsigned long)(*(--(c))))<<16L; \ - case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \ - case 5: l2|=((unsigned long)(*(--(c)))); \ - case 4: l1 =((unsigned long)(*(--(c))))<<24L; \ - case 3: l1|=((unsigned long)(*(--(c))))<<16L; \ - case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \ - case 1: l1|=((unsigned long)(*(--(c)))); \ - } \ - } - -#undef l2c -#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \ - *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \ - *((c)++)=(unsigned char)(((l)>>16L)&0xff), \ - *((c)++)=(unsigned char)(((l)>>24L)&0xff)) - -/* NOTE - c is not incremented as per l2c */ -#undef l2cn -#define l2cn(l1,l2,c,n) { \ - c+=n; \ - switch (n) { \ - case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \ - case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \ - case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \ - case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \ - case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \ - case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \ - case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \ - case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \ - } \ - } - -/* NOTE - c is not incremented as per n2l */ -#define n2ln(c,l1,l2,n) { \ - c+=n; \ - l1=l2=0; \ - switch (n) { \ - case 8: l2 =((unsigned long)(*(--(c)))) ; \ - case 7: l2|=((unsigned long)(*(--(c))))<< 8; \ - case 6: l2|=((unsigned long)(*(--(c))))<<16; \ - case 5: l2|=((unsigned long)(*(--(c))))<<24; \ - case 4: l1 =((unsigned long)(*(--(c)))) ; \ - case 3: l1|=((unsigned long)(*(--(c))))<< 8; \ - case 2: l1|=((unsigned long)(*(--(c))))<<16; \ - case 1: l1|=((unsigned long)(*(--(c))))<<24; \ - } \ - } - -/* NOTE - c is not incremented as per l2n */ -#define l2nn(l1,l2,c,n) { \ - c+=n; \ - switch (n) { \ - case 8: *(--(c))=(unsigned char)(((l2) )&0xff); \ - case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \ - case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \ - case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \ - case 4: *(--(c))=(unsigned char)(((l1) )&0xff); \ - case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \ - case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \ - case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \ - } \ - } - -#undef n2l -#define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24L, \ - l|=((unsigned long)(*((c)++)))<<16L, \ - l|=((unsigned long)(*((c)++)))<< 8L, \ - l|=((unsigned long)(*((c)++)))) - -#undef l2n -#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \ - *((c)++)=(unsigned char)(((l)>>16L)&0xff), \ - *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \ - *((c)++)=(unsigned char)(((l) )&0xff)) - -#define C_RC2(n) \ - t=(x0+(x1& ~x3)+(x2&x3)+ *(p0++))&0xffff; \ - x0=(t<<1)|(t>>15); \ - t=(x1+(x2& ~x0)+(x3&x0)+ *(p0++))&0xffff; \ - x1=(t<<2)|(t>>14); \ - t=(x2+(x3& ~x1)+(x0&x1)+ *(p0++))&0xffff; \ - x2=(t<<3)|(t>>13); \ - t=(x3+(x0& ~x2)+(x1&x2)+ *(p0++))&0xffff; \ - x3=(t<<5)|(t>>11); - diff --git a/src/lib/libcrypto/rc2/rc2_skey.c b/src/lib/libcrypto/rc2/rc2_skey.c deleted file mode 100644 index cab3080c73..0000000000 --- a/src/lib/libcrypto/rc2/rc2_skey.c +++ /dev/null @@ -1,138 +0,0 @@ -/* crypto/rc2/rc2_skey.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "rc2_locl.h" - -static unsigned char key_table[256]={ - 0xd9,0x78,0xf9,0xc4,0x19,0xdd,0xb5,0xed,0x28,0xe9,0xfd,0x79, - 0x4a,0xa0,0xd8,0x9d,0xc6,0x7e,0x37,0x83,0x2b,0x76,0x53,0x8e, - 0x62,0x4c,0x64,0x88,0x44,0x8b,0xfb,0xa2,0x17,0x9a,0x59,0xf5, - 0x87,0xb3,0x4f,0x13,0x61,0x45,0x6d,0x8d,0x09,0x81,0x7d,0x32, - 0xbd,0x8f,0x40,0xeb,0x86,0xb7,0x7b,0x0b,0xf0,0x95,0x21,0x22, - 0x5c,0x6b,0x4e,0x82,0x54,0xd6,0x65,0x93,0xce,0x60,0xb2,0x1c, - 0x73,0x56,0xc0,0x14,0xa7,0x8c,0xf1,0xdc,0x12,0x75,0xca,0x1f, - 0x3b,0xbe,0xe4,0xd1,0x42,0x3d,0xd4,0x30,0xa3,0x3c,0xb6,0x26, - 0x6f,0xbf,0x0e,0xda,0x46,0x69,0x07,0x57,0x27,0xf2,0x1d,0x9b, - 0xbc,0x94,0x43,0x03,0xf8,0x11,0xc7,0xf6,0x90,0xef,0x3e,0xe7, - 0x06,0xc3,0xd5,0x2f,0xc8,0x66,0x1e,0xd7,0x08,0xe8,0xea,0xde, - 0x80,0x52,0xee,0xf7,0x84,0xaa,0x72,0xac,0x35,0x4d,0x6a,0x2a, - 0x96,0x1a,0xd2,0x71,0x5a,0x15,0x49,0x74,0x4b,0x9f,0xd0,0x5e, - 0x04,0x18,0xa4,0xec,0xc2,0xe0,0x41,0x6e,0x0f,0x51,0xcb,0xcc, - 0x24,0x91,0xaf,0x50,0xa1,0xf4,0x70,0x39,0x99,0x7c,0x3a,0x85, - 0x23,0xb8,0xb4,0x7a,0xfc,0x02,0x36,0x5b,0x25,0x55,0x97,0x31, - 0x2d,0x5d,0xfa,0x98,0xe3,0x8a,0x92,0xae,0x05,0xdf,0x29,0x10, - 0x67,0x6c,0xba,0xc9,0xd3,0x00,0xe6,0xcf,0xe1,0x9e,0xa8,0x2c, - 0x63,0x16,0x01,0x3f,0x58,0xe2,0x89,0xa9,0x0d,0x38,0x34,0x1b, - 0xab,0x33,0xff,0xb0,0xbb,0x48,0x0c,0x5f,0xb9,0xb1,0xcd,0x2e, - 0xc5,0xf3,0xdb,0x47,0xe5,0xa5,0x9c,0x77,0x0a,0xa6,0x20,0x68, - 0xfe,0x7f,0xc1,0xad, - }; - -/* It has come to my attention that there are 2 versions of the RC2 - * key schedule. One which is normal, and anther which has a hook to - * use a reduced key length. - * BSAFE uses the 'retarded' version. What I previously shipped is - * the same as specifying 1024 for the 'bits' parameter. Bsafe uses - * a version where the bits parameter is the same as len*8 */ -void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits) - { - int i,j; - unsigned char *k; - RC2_INT *ki; - unsigned int c,d; - - k= (unsigned char *)&(key->data[0]); - *k=0; /* for if there is a zero length key */ - - if (len > 128) len=128; - if (bits <= 0) bits=1024; - if (bits > 1024) bits=1024; - - for (i=0; i>3; - i=128-j; - c= (0xff>>(-bits & 0x07)); - - d=key_table[k[i]&c]; - k[i]=d; - while (i--) - { - d=key_table[k[i+j]^d]; - k[i]=d; - } - - /* copy from bytes into RC2_INT's */ - ki= &(key->data[63]); - for (i=127; i>=0; i-=2) - *(ki--)=((k[i]<<8)|k[i-1])&0xffff; - } - diff --git a/src/lib/libcrypto/rc2/rc2cfb64.c b/src/lib/libcrypto/rc2/rc2cfb64.c deleted file mode 100644 index b3a0158a6e..0000000000 --- a/src/lib/libcrypto/rc2/rc2cfb64.c +++ /dev/null @@ -1,122 +0,0 @@ -/* crypto/rc2/rc2cfb64.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "rc2_locl.h" - -/* The input and output encrypted as though 64bit cfb mode is being - * used. The extra state information to record how much of the - * 64bit block we have used is contained in *num; - */ - -void RC2_cfb64_encrypt(const unsigned char *in, unsigned char *out, - long length, RC2_KEY *schedule, unsigned char *ivec, - int *num, int encrypt) - { - register unsigned long v0,v1,t; - register int n= *num; - register long l=length; - unsigned long ti[2]; - unsigned char *iv,c,cc; - - iv=(unsigned char *)ivec; - if (encrypt) - { - while (l--) - { - if (n == 0) - { - c2l(iv,v0); ti[0]=v0; - c2l(iv,v1); ti[1]=v1; - RC2_encrypt((unsigned long *)ti,schedule); - iv=(unsigned char *)ivec; - t=ti[0]; l2c(t,iv); - t=ti[1]; l2c(t,iv); - iv=(unsigned char *)ivec; - } - c= *(in++)^iv[n]; - *(out++)=c; - iv[n]=c; - n=(n+1)&0x07; - } - } - else - { - while (l--) - { - if (n == 0) - { - c2l(iv,v0); ti[0]=v0; - c2l(iv,v1); ti[1]=v1; - RC2_encrypt((unsigned long *)ti,schedule); - iv=(unsigned char *)ivec; - t=ti[0]; l2c(t,iv); - t=ti[1]; l2c(t,iv); - iv=(unsigned char *)ivec; - } - cc= *(in++); - c=iv[n]; - iv[n]=cc; - *(out++)=c^cc; - n=(n+1)&0x07; - } - } - v0=v1=ti[0]=ti[1]=t=c=cc=0; - *num=n; - } - diff --git a/src/lib/libcrypto/rc2/rc2ofb64.c b/src/lib/libcrypto/rc2/rc2ofb64.c deleted file mode 100644 index 9e297867ed..0000000000 --- a/src/lib/libcrypto/rc2/rc2ofb64.c +++ /dev/null @@ -1,111 +0,0 @@ -/* crypto/rc2/rc2ofb64.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "rc2_locl.h" - -/* The input and output encrypted as though 64bit ofb mode is being - * used. The extra state information to record how much of the - * 64bit block we have used is contained in *num; - */ -void RC2_ofb64_encrypt(const unsigned char *in, unsigned char *out, - long length, RC2_KEY *schedule, unsigned char *ivec, - int *num) - { - register unsigned long v0,v1,t; - register int n= *num; - register long l=length; - unsigned char d[8]; - register char *dp; - unsigned long ti[2]; - unsigned char *iv; - int save=0; - - iv=(unsigned char *)ivec; - c2l(iv,v0); - c2l(iv,v1); - ti[0]=v0; - ti[1]=v1; - dp=(char *)d; - l2c(v0,dp); - l2c(v1,dp); - while (l--) - { - if (n == 0) - { - RC2_encrypt((unsigned long *)ti,schedule); - dp=(char *)d; - t=ti[0]; l2c(t,dp); - t=ti[1]; l2c(t,dp); - save++; - } - *(out++)= *(in++)^d[n]; - n=(n+1)&0x07; - } - if (save) - { - v0=ti[0]; - v1=ti[1]; - iv=(unsigned char *)ivec; - l2c(v0,iv); - l2c(v1,iv); - } - t=v0=v1=ti[0]=ti[1]=0; - *num=n; - } - diff --git a/src/lib/libcrypto/rc2/rrc2.doc b/src/lib/libcrypto/rc2/rrc2.doc deleted file mode 100644 index f93ee003d2..0000000000 --- a/src/lib/libcrypto/rc2/rrc2.doc +++ /dev/null @@ -1,219 +0,0 @@ ->From cygnus.mincom.oz.au!minbne.mincom.oz.au!bunyip.cc.uq.oz.au!munnari.OZ.AU!comp.vuw.ac.nz!waikato!auckland.ac.nz!news Mon Feb 12 18:48:17 EST 1996 -Article 23601 of sci.crypt: -Path: cygnus.mincom.oz.au!minbne.mincom.oz.au!bunyip.cc.uq.oz.au!munnari.OZ.AU!comp.vuw.ac.nz!waikato!auckland.ac.nz!news ->From: pgut01@cs.auckland.ac.nz (Peter Gutmann) -Newsgroups: sci.crypt -Subject: Specification for Ron Rivests Cipher No.2 -Date: 11 Feb 1996 06:45:03 GMT -Organization: University of Auckland -Lines: 203 -Sender: pgut01@cs.auckland.ac.nz (Peter Gutmann) -Message-ID: <4fk39f$f70@net.auckland.ac.nz> -NNTP-Posting-Host: cs26.cs.auckland.ac.nz -X-Newsreader: NN version 6.5.0 #3 (NOV) - - - - - Ron Rivest's Cipher No.2 - ------------------------ - -Ron Rivest's Cipher No.2 (hereafter referred to as RRC.2, other people may -refer to it by other names) is word oriented, operating on a block of 64 bits -divided into four 16-bit words, with a key table of 64 words. All data units -are little-endian. This functional description of the algorithm is based in -the paper "The RC5 Encryption Algorithm" (RC5 is a trademark of RSADSI), using -the same general layout, terminology, and pseudocode style. - - -Notation and RRC.2 Primitive Operations - -RRC.2 uses the following primitive operations: - -1. Two's-complement addition of words, denoted by "+". The inverse operation, - subtraction, is denoted by "-". -2. Bitwise exclusive OR, denoted by "^". -3. Bitwise AND, denoted by "&". -4. Bitwise NOT, denoted by "~". -5. A left-rotation of words; the rotation of word x left by y is denoted - x <<< y. The inverse operation, right-rotation, is denoted x >>> y. - -These operations are directly and efficiently supported by most processors. - - -The RRC.2 Algorithm - -RRC.2 consists of three components, a *key expansion* algorithm, an -*encryption* algorithm, and a *decryption* algorithm. - - -Key Expansion - -The purpose of the key-expansion routine is to expand the user's key K to fill -the expanded key array S, so S resembles an array of random binary words -determined by the user's secret key K. - -Initialising the S-box - -RRC.2 uses a single 256-byte S-box derived from the ciphertext contents of -Beale Cipher No.1 XOR'd with a one-time pad. The Beale Ciphers predate modern -cryptography by enough time that there should be no concerns about trapdoors -hidden in the data. They have been published widely, and the S-box can be -easily recreated from the one-time pad values and the Beale Cipher data taken -from a standard source. To initialise the S-box: - - for i = 0 to 255 do - sBox[ i ] = ( beale[ i ] mod 256 ) ^ pad[ i ] - -The contents of Beale Cipher No.1 and the necessary one-time pad are given as -an appendix at the end of this document. For efficiency, implementors may wish -to skip the Beale Cipher expansion and store the sBox table directly. - -Expanding the Secret Key to 128 Bytes - -The secret key is first expanded to fill 128 bytes (64 words). The expansion -consists of taking the sum of the first and last bytes in the user key, looking -up the sum (modulo 256) in the S-box, and appending the result to the key. The -operation is repeated with the second byte and new last byte of the key until -all 128 bytes have been generated. Note that the following pseudocode treats -the S array as an array of 128 bytes rather than 64 words. - - for j = 0 to length-1 do - S[ j ] = K[ j ] - for j = length to 127 do - s[ j ] = sBox[ ( S[ j-length ] + S[ j-1 ] ) mod 256 ]; - -At this point it is possible to perform a truncation of the effective key -length to ease the creation of espionage-enabled software products. However -since the author cannot conceive why anyone would want to do this, it will not -be considered further. - -The final phase of the key expansion involves replacing the first byte of S -with the entry selected from the S-box: - - S[ 0 ] = sBox[ S[ 0 ] ] - - -Encryption - -The cipher has 16 full rounds, each divided into 4 subrounds. Two of the full -rounds perform an additional transformation on the data. Note that the -following pseudocode treats the S array as an array of 64 words rather than 128 -bytes. - - for i = 0 to 15 do - j = i * 4; - word0 = ( word0 + ( word1 & ~word3 ) + ( word2 & word3 ) + S[ j+0 ] ) <<< 1 - word1 = ( word1 + ( word2 & ~word0 ) + ( word3 & word0 ) + S[ j+1 ] ) <<< 2 - word2 = ( word2 + ( word3 & ~word1 ) + ( word0 & word1 ) + S[ j+2 ] ) <<< 3 - word3 = ( word3 + ( word0 & ~word2 ) + ( word1 & word2 ) + S[ j+3 ] ) <<< 5 - -In addition the fifth and eleventh rounds add the contents of the S-box indexed -by one of the data words to another of the data words following the four -subrounds as follows: - - word0 = word0 + S[ word3 & 63 ]; - word1 = word1 + S[ word0 & 63 ]; - word2 = word2 + S[ word1 & 63 ]; - word3 = word3 + S[ word2 & 63 ]; - - -Decryption - -The decryption operation is simply the inverse of the encryption operation. -Note that the following pseudocode treats the S array as an array of 64 words -rather than 128 bytes. - - for i = 15 downto 0 do - j = i * 4; - word3 = ( word3 >>> 5 ) - ( word0 & ~word2 ) - ( word1 & word2 ) - S[ j+3 ] - word2 = ( word2 >>> 3 ) - ( word3 & ~word1 ) - ( word0 & word1 ) - S[ j+2 ] - word1 = ( word1 >>> 2 ) - ( word2 & ~word0 ) - ( word3 & word0 ) - S[ j+1 ] - word0 = ( word0 >>> 1 ) - ( word1 & ~word3 ) - ( word2 & word3 ) - S[ j+0 ] - -In addition the fifth and eleventh rounds subtract the contents of the S-box -indexed by one of the data words from another one of the data words following -the four subrounds as follows: - - word3 = word3 - S[ word2 & 63 ] - word2 = word2 - S[ word1 & 63 ] - word1 = word1 - S[ word0 & 63 ] - word0 = word0 - S[ word3 & 63 ] - - -Test Vectors - -The following test vectors may be used to test the correctness of an RRC.2 -implementation: - - Key: 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 - Plain: 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 - Cipher: 0x1C, 0x19, 0x8A, 0x83, 0x8D, 0xF0, 0x28, 0xB7 - - Key: 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 - Plain: 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 - Cipher: 0x21, 0x82, 0x9C, 0x78, 0xA9, 0xF9, 0xC0, 0x74 - - Key: 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 - Plain: 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF - Cipher: 0x13, 0xDB, 0x35, 0x17, 0xD3, 0x21, 0x86, 0x9E - - Key: 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, - 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F - Plain: 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 - Cipher: 0x50, 0xDC, 0x01, 0x62, 0xBD, 0x75, 0x7F, 0x31 - - -Appendix: Beale Cipher No.1, "The Locality of the Vault", and One-time Pad for - Creating the S-Box - -Beale Cipher No.1. - - 71, 194, 38,1701, 89, 76, 11, 83,1629, 48, 94, 63, 132, 16, 111, 95, - 84, 341, 975, 14, 40, 64, 27, 81, 139, 213, 63, 90,1120, 8, 15, 3, - 126,2018, 40, 74, 758, 485, 604, 230, 436, 664, 582, 150, 251, 284, 308, 231, - 124, 211, 486, 225, 401, 370, 11, 101, 305, 139, 189, 17, 33, 88, 208, 193, - 145, 1, 94, 73, 416, 918, 263, 28, 500, 538, 356, 117, 136, 219, 27, 176, - 130, 10, 460, 25, 485, 18, 436, 65, 84, 200, 283, 118, 320, 138, 36, 416, - 280, 15, 71, 224, 961, 44, 16, 401, 39, 88, 61, 304, 12, 21, 24, 283, - 134, 92, 63, 246, 486, 682, 7, 219, 184, 360, 780, 18, 64, 463, 474, 131, - 160, 79, 73, 440, 95, 18, 64, 581, 34, 69, 128, 367, 460, 17, 81, 12, - 103, 820, 62, 110, 97, 103, 862, 70, 60,1317, 471, 540, 208, 121, 890, 346, - 36, 150, 59, 568, 614, 13, 120, 63, 219, 812,2160,1780, 99, 35, 18, 21, - 136, 872, 15, 28, 170, 88, 4, 30, 44, 112, 18, 147, 436, 195, 320, 37, - 122, 113, 6, 140, 8, 120, 305, 42, 58, 461, 44, 106, 301, 13, 408, 680, - 93, 86, 116, 530, 82, 568, 9, 102, 38, 416, 89, 71, 216, 728, 965, 818, - 2, 38, 121, 195, 14, 326, 148, 234, 18, 55, 131, 234, 361, 824, 5, 81, - 623, 48, 961, 19, 26, 33, 10,1101, 365, 92, 88, 181, 275, 346, 201, 206 - -One-time Pad. - - 158, 186, 223, 97, 64, 145, 190, 190, 117, 217, 163, 70, 206, 176, 183, 194, - 146, 43, 248, 141, 3, 54, 72, 223, 233, 153, 91, 210, 36, 131, 244, 161, - 105, 120, 113, 191, 113, 86, 19, 245, 213, 221, 43, 27, 242, 157, 73, 213, - 193, 92, 166, 10, 23, 197, 112, 110, 193, 30, 156, 51, 125, 51, 158, 67, - 197, 215, 59, 218, 110, 246, 181, 0, 135, 76, 164, 97, 47, 87, 234, 108, - 144, 127, 6, 6, 222, 172, 80, 144, 22, 245, 207, 70, 227, 182, 146, 134, - 119, 176, 73, 58, 135, 69, 23, 198, 0, 170, 32, 171, 176, 129, 91, 24, - 126, 77, 248, 0, 118, 69, 57, 60, 190, 171, 217, 61, 136, 169, 196, 84, - 168, 167, 163, 102, 223, 64, 174, 178, 166, 239, 242, 195, 249, 92, 59, 38, - 241, 46, 236, 31, 59, 114, 23, 50, 119, 186, 7, 66, 212, 97, 222, 182, - 230, 118, 122, 86, 105, 92, 179, 243, 255, 189, 223, 164, 194, 215, 98, 44, - 17, 20, 53, 153, 137, 224, 176, 100, 208, 114, 36, 200, 145, 150, 215, 20, - 87, 44, 252, 20, 235, 242, 163, 132, 63, 18, 5, 122, 74, 97, 34, 97, - 142, 86, 146, 221, 179, 166, 161, 74, 69, 182, 88, 120, 128, 58, 76, 155, - 15, 30, 77, 216, 165, 117, 107, 90, 169, 127, 143, 181, 208, 137, 200, 127, - 170, 195, 26, 84, 255, 132, 150, 58, 103, 250, 120, 221, 237, 37, 8, 99 - - -Implementation - -A non-US based programmer who has never seen any encryption code before will -shortly be implementing RRC.2 based solely on this specification and not on -knowledge of any other encryption algorithms. Stand by. - - - diff --git a/src/lib/libcrypto/rc2/version b/src/lib/libcrypto/rc2/version deleted file mode 100644 index 6f89d595f1..0000000000 --- a/src/lib/libcrypto/rc2/version +++ /dev/null @@ -1,22 +0,0 @@ -1.1 23/08/96 - eay - Changed RC2_set_key() so it now takes another argument. Many - thanks to Peter Gutmann for the - clarification and origional specification of RC2. BSAFE uses - this last parameter, 'bits'. It the key is 128 bits, BSAFE - also sets this parameter to 128. The old behaviour can be - duplicated by setting this parameter to 1024. - -1.0 08/04/96 - eay - First version of SSLeay with rc2. This has been written from the spec - posted sci.crypt. It is in this directory under rrc2.doc - I have no test values for any mode other than ecb, my wrappers for the - other modes should be ok since they are basically the same as - the ones taken from idea and des :-). I have implemented them as - little-endian operators. - While rc2 is included because it is used with SSL, I don't know how - far I trust it. It is about the same speed as IDEA and DES. - So if you are paranoid, used Tripple DES, else IDEA. If RC2 - does get used more, perhaps more people will look for weaknesses in - it. - - diff --git a/src/lib/libcrypto/rc4/asm/rc4-586.pl b/src/lib/libcrypto/rc4/asm/rc4-586.pl deleted file mode 100644 index 7ef889e5a1..0000000000 --- a/src/lib/libcrypto/rc4/asm/rc4-586.pl +++ /dev/null @@ -1,173 +0,0 @@ -#!/usr/local/bin/perl - -# define for pentium pro friendly version - -push(@INC,"perlasm","../../perlasm"); -require "x86asm.pl"; - -&asm_init($ARGV[0],"rc4-586.pl"); - -$tx="eax"; -$ty="ebx"; -$x="ecx"; -$y="edx"; -$in="esi"; -$out="edi"; -$d="ebp"; - -&RC4("RC4"); - -&asm_finish(); - -sub RC4_loop - { - local($n,$p,$char)=@_; - - &comment("Round $n"); - - if ($char) - { - if ($p >= 0) - { - &mov($ty, &swtmp(2)); - &cmp($ty, $in); - &jle(&label("finished")); - &inc($in); - } - else - { - &add($ty, 8); - &inc($in); - &cmp($ty, $in); - &jl(&label("finished")); - &mov(&swtmp(2), $ty); - } - } - # Moved out - # &mov( $tx, &DWP(0,$d,$x,4)) if $p < 0; - - &add( $y, $tx); - &and( $y, 0xff); - &inc( $x); # NEXT ROUND - &mov( $ty, &DWP(0,$d,$y,4)); - # XXX - &mov( &DWP(-4,$d,$x,4),$ty); # AGI - &add( $ty, $tx); - &and( $x, 0xff); # NEXT ROUND - &and( $ty, 0xff); - &mov( &DWP(0,$d,$y,4),$tx); - &nop(); - &mov( $ty, &DWP(0,$d,$ty,4)); - &mov( $tx, &DWP(0,$d,$x,4)) if $p < 1; # NEXT ROUND - # XXX - - if (!$char) - { - #moved up into last round - if ($p >= 1) - { - &add( $out, 8) - } - &movb( &BP($n,"esp","",0), &LB($ty)); - } - else - { - # Note in+=8 has occured - &movb( &HB($ty), &BP(-1,$in,"",0)); - # XXX - &xorb(&LB($ty), &HB($ty)); - # XXX - &movb(&BP($n,$out,"",0),&LB($ty)); - } - } - - -sub RC4 - { - local($name)=@_; - - &function_begin_B($name,""); - - &comment(""); - - &push("ebp"); - &push("ebx"); - &mov( $d, &wparam(0)); # key - &mov( $ty, &wparam(1)); # num - &push("esi"); - &push("edi"); - - &mov( $x, &DWP(0,$d,"",1)); - &mov( $y, &DWP(4,$d,"",1)); - - &mov( $in, &wparam(2)); - &inc( $x); - - &stack_push(3); # 3 temp variables - &add( $d, 8); - &and( $x, 0xff); - - &lea( $ty, &DWP(-8,$ty,$in)); - - # check for 0 length input - - &mov( $out, &wparam(3)); - &mov( &swtmp(2), $ty); # this is now address to exit at - &mov( $tx, &DWP(0,$d,$x,4)); - - &cmp( $ty, $in); - &jl( &label("end")); # less than 8 bytes - - &set_label("start"); - - # filling DELAY SLOT - &add( $in, 8); - - &RC4_loop(0,-1,0); - &RC4_loop(1,0,0); - &RC4_loop(2,0,0); - &RC4_loop(3,0,0); - &RC4_loop(4,0,0); - &RC4_loop(5,0,0); - &RC4_loop(6,0,0); - &RC4_loop(7,1,0); - - &comment("apply the cipher text"); - # xor the cipher data with input - - #&add( $out, 8); #moved up into last round - - &mov( $tx, &swtmp(0)); - &mov( $ty, &DWP(-8,$in,"",0)); - &xor( $tx, $ty); - &mov( $ty, &DWP(-4,$in,"",0)); - &mov( &DWP(-8,$out,"",0), $tx); - &mov( $tx, &swtmp(1)); - &xor( $tx, $ty); - &mov( $ty, &swtmp(2)); # load end ptr; - &mov( &DWP(-4,$out,"",0), $tx); - &mov( $tx, &DWP(0,$d,$x,4)); - &cmp($in, $ty); - &jle(&label("start")); - - &set_label("end"); - - # There is quite a bit of extra crap in RC4_loop() for this - # first round - &RC4_loop(0,-1,1); - &RC4_loop(1,0,1); - &RC4_loop(2,0,1); - &RC4_loop(3,0,1); - &RC4_loop(4,0,1); - &RC4_loop(5,0,1); - &RC4_loop(6,1,1); - - &set_label("finished"); - &dec( $x); - &stack_pop(3); - &mov( &DWP(-4,$d,"",0),$y); - &movb( &BP(-8,$d,"",0),&LB($x)); - - &function_end($name); - } - diff --git a/src/lib/libcrypto/rc4/rc4.h b/src/lib/libcrypto/rc4/rc4.h deleted file mode 100644 index 40251024a4..0000000000 --- a/src/lib/libcrypto/rc4/rc4.h +++ /dev/null @@ -1,88 +0,0 @@ -/* crypto/rc4/rc4.h */ -/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_RC4_H -#define HEADER_RC4_H - -#ifdef NO_RC4 -#error RC4 is disabled. -#endif - -#include /* RC4_INT */ - -#ifdef __cplusplus -extern "C" { -#endif - -typedef struct rc4_key_st - { - RC4_INT x,y; - RC4_INT data[256]; - } RC4_KEY; - - -const char *RC4_options(void); -void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data); -void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata, - unsigned char *outdata); - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/src/lib/libcrypto/rc4/rc4_enc.c b/src/lib/libcrypto/rc4/rc4_enc.c deleted file mode 100644 index d5f18a3a70..0000000000 --- a/src/lib/libcrypto/rc4/rc4_enc.c +++ /dev/null @@ -1,315 +0,0 @@ -/* crypto/rc4/rc4_enc.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "rc4_locl.h" - -/* RC4 as implemented from a posting from - * Newsgroups: sci.crypt - * From: sterndark@netcom.com (David Sterndark) - * Subject: RC4 Algorithm revealed. - * Message-ID: - * Date: Wed, 14 Sep 1994 06:35:31 GMT - */ - -void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata, - unsigned char *outdata) - { - register RC4_INT *d; - register RC4_INT x,y,tx,ty; - int i; - - x=key->x; - y=key->y; - d=key->data; - -#if defined(RC4_CHUNK) - /* - * The original reason for implementing this(*) was the fact that - * pre-21164a Alpha CPUs don't have byte load/store instructions - * and e.g. a byte store has to be done with 64-bit load, shift, - * and, or and finally 64-bit store. Peaking data and operating - * at natural word size made it possible to reduce amount of - * instructions as well as to perform early read-ahead without - * suffering from RAW (read-after-write) hazard. This resulted - * in ~40%(**) performance improvement on 21064 box with gcc. - * But it's not only Alpha users who win here:-) Thanks to the - * early-n-wide read-ahead this implementation also exhibits - * >40% speed-up on SPARC and 20-30% on 64-bit MIPS (depending - * on sizeof(RC4_INT)). - * - * (*) "this" means code which recognizes the case when input - * and output pointers appear to be aligned at natural CPU - * word boundary - * (**) i.e. according to 'apps/openssl speed rc4' benchmark, - * crypto/rc4/rc4speed.c exhibits almost 70% speed-up... - * - * Cavets. - * - * - RC4_CHUNK="unsigned long long" should be a #1 choice for - * UltraSPARC. Unfortunately gcc generates very slow code - * (2.5-3 times slower than one generated by Sun's WorkShop - * C) and therefore gcc (at least 2.95 and earlier) should - * always be told that RC4_CHUNK="unsigned long". - * - * - */ - -# define RC4_STEP ( \ - x=(x+1) &0xff, \ - tx=d[x], \ - y=(tx+y)&0xff, \ - ty=d[y], \ - d[y]=tx, \ - d[x]=ty, \ - (RC4_CHUNK)d[(tx+ty)&0xff]\ - ) - - if ( ( ((unsigned long)indata & (sizeof(RC4_CHUNK)-1)) | - ((unsigned long)outdata & (sizeof(RC4_CHUNK)-1)) ) == 0 ) - { - RC4_CHUNK ichunk,otp; - const union { long one; char little; } is_endian = {1}; - - /* - * I reckon we can afford to implement both endian - * cases and to decide which way to take at run-time - * because the machine code appears to be very compact - * and redundant 1-2KB is perfectly tolerable (i.e. - * in case the compiler fails to eliminate it:-). By - * suggestion from Terrel Larson - * who also stands for the is_endian union:-) - * - * Special notes. - * - * - is_endian is declared automatic as doing otherwise - * (declaring static) prevents gcc from eliminating - * the redundant code; - * - compilers (those I've tried) don't seem to have - * problems eliminating either the operators guarded - * by "if (sizeof(RC4_CHUNK)==8)" or the condition - * expressions themselves so I've got 'em to replace - * corresponding #ifdefs from the previous version; - * - I chose to let the redundant switch cases when - * sizeof(RC4_CHUNK)!=8 be (were also #ifdefed - * before); - * - in case you wonder "&(sizeof(RC4_CHUNK)*8-1)" in - * [LB]ESHFT guards against "shift is out of range" - * warnings when sizeof(RC4_CHUNK)!=8 - * - * - */ - if (!is_endian.little) - { /* BIG-ENDIAN CASE */ -# define BESHFT(c) (((sizeof(RC4_CHUNK)-(c)-1)*8)&(sizeof(RC4_CHUNK)*8-1)) - for (;len&-sizeof(RC4_CHUNK);len-=sizeof(RC4_CHUNK)) - { - ichunk = *(RC4_CHUNK *)indata; - otp = RC4_STEP<x=x; - key->y=y; - return; - } - else - { /* LITTLE-ENDIAN CASE */ -# define LESHFT(c) (((c)*8)&(sizeof(RC4_CHUNK)*8-1)) - for (;len&-sizeof(RC4_CHUNK);len-=sizeof(RC4_CHUNK)) - { - ichunk = *(RC4_CHUNK *)indata; - otp = RC4_STEP; - otp |= RC4_STEP<<8; - otp |= RC4_STEP<<16; - otp |= RC4_STEP<<24; - if (sizeof(RC4_CHUNK)==8) - { - otp |= RC4_STEP<>= (sizeof(RC4_CHUNK)-len)<<3; - switch (len&(sizeof(RC4_CHUNK)-1)) - { - case 7: otp = RC4_STEP, i+=8; - case 6: otp |= RC4_STEP<x=x; - key->y=y; - return; - } - } -#endif -#define LOOP(in,out) \ - x=((x+1)&0xff); \ - tx=d[x]; \ - y=(tx+y)&0xff; \ - d[x]=ty=d[y]; \ - d[y]=tx; \ - (out) = d[(tx+ty)&0xff]^ (in); - -#ifndef RC4_INDEX -#define RC4_LOOP(a,b,i) LOOP(*((a)++),*((b)++)) -#else -#define RC4_LOOP(a,b,i) LOOP(a[i],b[i]) -#endif - - i=(int)(len>>3L); - if (i) - { - for (;;) - { - RC4_LOOP(indata,outdata,0); - RC4_LOOP(indata,outdata,1); - RC4_LOOP(indata,outdata,2); - RC4_LOOP(indata,outdata,3); - RC4_LOOP(indata,outdata,4); - RC4_LOOP(indata,outdata,5); - RC4_LOOP(indata,outdata,6); - RC4_LOOP(indata,outdata,7); -#ifdef RC4_INDEX - indata+=8; - outdata+=8; -#endif - if (--i == 0) break; - } - } - i=(int)len&0x07; - if (i) - { - for (;;) - { - RC4_LOOP(indata,outdata,0); if (--i == 0) break; - RC4_LOOP(indata,outdata,1); if (--i == 0) break; - RC4_LOOP(indata,outdata,2); if (--i == 0) break; - RC4_LOOP(indata,outdata,3); if (--i == 0) break; - RC4_LOOP(indata,outdata,4); if (--i == 0) break; - RC4_LOOP(indata,outdata,5); if (--i == 0) break; - RC4_LOOP(indata,outdata,6); if (--i == 0) break; - } - } - key->x=x; - key->y=y; - } diff --git a/src/lib/libcrypto/rc4/rc4_locl.h b/src/lib/libcrypto/rc4/rc4_locl.h deleted file mode 100644 index 3bb80b6ce9..0000000000 --- a/src/lib/libcrypto/rc4/rc4_locl.h +++ /dev/null @@ -1,4 +0,0 @@ -#ifndef HEADER_RC4_LOCL_H -#define HEADER_RC4_LOCL_H -#include -#endif diff --git a/src/lib/libcrypto/rc4/rc4_skey.c b/src/lib/libcrypto/rc4/rc4_skey.c deleted file mode 100644 index bb10c1ebe2..0000000000 --- a/src/lib/libcrypto/rc4/rc4_skey.c +++ /dev/null @@ -1,117 +0,0 @@ -/* crypto/rc4/rc4_skey.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "rc4_locl.h" -#include - -const char *RC4_version="RC4" OPENSSL_VERSION_PTEXT; - -const char *RC4_options(void) - { -#ifdef RC4_INDEX - if (sizeof(RC4_INT) == 1) - return("rc4(idx,char)"); - else - return("rc4(idx,int)"); -#else - if (sizeof(RC4_INT) == 1) - return("rc4(ptr,char)"); - else - return("rc4(ptr,int)"); -#endif - } - -/* RC4 as implemented from a posting from - * Newsgroups: sci.crypt - * From: sterndark@netcom.com (David Sterndark) - * Subject: RC4 Algorithm revealed. - * Message-ID: - * Date: Wed, 14 Sep 1994 06:35:31 GMT - */ - -void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data) - { - register RC4_INT tmp; - register int id1,id2; - register RC4_INT *d; - unsigned int i; - - d= &(key->data[0]); - for (i=0; i<256; i++) - d[i]=i; - key->x = 0; - key->y = 0; - id1=id2=0; - -#define SK_LOOP(n) { \ - tmp=d[(n)]; \ - id2 = (data[id1] + tmp + id2) & 0xff; \ - if (++id1 == len) id1=0; \ - d[(n)]=d[id2]; \ - d[id2]=tmp; } - - for (i=0; i < 256; i+=4) - { - SK_LOOP(i+0); - SK_LOOP(i+1); - SK_LOOP(i+2); - SK_LOOP(i+3); - } - } - diff --git a/src/lib/libcrypto/ripemd/README b/src/lib/libcrypto/ripemd/README deleted file mode 100644 index 7097707264..0000000000 --- a/src/lib/libcrypto/ripemd/README +++ /dev/null @@ -1,15 +0,0 @@ -RIPEMD-160 -http://www.esat.kuleuven.ac.be/~bosselae/ripemd160.html - -This is my implementation of RIPEMD-160. The pentium assember is a little -off the pace since I only get 1050 cycles, while the best is 1013. -I have a few ideas for how to get another 20 or so cycles, but at -this point I will not bother right now. I belive the trick will be -to remove my 'copy X array onto stack' until inside the RIP1() finctions the -first time round. To do this I need another register and will only have one -temporary one. A bit tricky.... I can also cleanup the saving of the 5 words -after the first half of the calculation. I should read the origional -value, add then write. Currently I just save the new and read the origioal. -I then read both at the end. Bad. - -eric (20-Jan-1998) diff --git a/src/lib/libcrypto/ripemd/asm/rmd-586.pl b/src/lib/libcrypto/ripemd/asm/rmd-586.pl deleted file mode 100644 index 0ab6f76bff..0000000000 --- a/src/lib/libcrypto/ripemd/asm/rmd-586.pl +++ /dev/null @@ -1,590 +0,0 @@ -#!/usr/local/bin/perl - -# Normal is the -# ripemd160_block_asm_host_order(RIPEMD160_CTX *c, ULONG *X,int blocks); - -$normal=0; - -push(@INC,"perlasm","../../perlasm"); -require "x86asm.pl"; - -&asm_init($ARGV[0],$0); - -$A="ecx"; -$B="esi"; -$C="edi"; -$D="ebx"; -$E="ebp"; -$tmp1="eax"; -$tmp2="edx"; - -$KL1=0x5A827999; -$KL2=0x6ED9EBA1; -$KL3=0x8F1BBCDC; -$KL4=0xA953FD4E; -$KR0=0x50A28BE6; -$KR1=0x5C4DD124; -$KR2=0x6D703EF3; -$KR3=0x7A6D76E9; - - -@wl=( 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,10,11,12,13,14,15, - 7, 4,13, 1,10, 6,15, 3,12, 0, 9, 5, 2,14,11, 8, - 3,10,14, 4, 9,15, 8, 1, 2, 7, 0, 6,13,11, 5,12, - 1, 9,11,10, 0, 8,12, 4,13, 3, 7,15,14, 5, 6, 2, - 4, 0, 5, 9, 7,12, 2,10,14, 1, 3, 8,11, 6,15,13, - ); - -@wr=( 5,14, 7, 0, 9, 2,11, 4,13, 6,15, 8, 1,10, 3,12, - 6,11, 3, 7, 0,13, 5,10,14,15, 8,12, 4, 9, 1, 2, - 15, 5, 1, 3, 7,14, 6, 9,11, 8,12, 2,10, 0, 4,13, - 8, 6, 4, 1, 3,11,15, 0, 5,12, 2,13, 9, 7,10,14, - 12,15,10, 4, 1, 5, 8, 7, 6, 2,13,14, 0, 3, 9,11, - ); - -@sl=( 11,14,15,12, 5, 8, 7, 9,11,13,14,15, 6, 7, 9, 8, - 7, 6, 8,13,11, 9, 7,15, 7,12,15, 9,11, 7,13,12, - 11,13, 6, 7,14, 9,13,15,14, 8,13, 6, 5,12, 7, 5, - 11,12,14,15,14,15, 9, 8, 9,14, 5, 6, 8, 6, 5,12, - 9,15, 5,11, 6, 8,13,12, 5,12,13,14,11, 8, 5, 6, - ); - -@sr=( 8, 9, 9,11,13,15,15, 5, 7, 7, 8,11,14,14,12, 6, - 9,13,15, 7,12, 8, 9,11, 7, 7,12, 7, 6,15,13,11, - 9, 7,15,11, 8, 6, 6,14,12,13, 5,14,13,13, 7, 5, - 15, 5, 8,11,14,14, 6,14, 6, 9,12, 9,12, 5,15, 8, - 8, 5,12, 9,12, 5,14, 6, 8,13, 6, 5,15,13,11,11, - ); - -&ripemd160_block("ripemd160_block_asm_host_order"); -&asm_finish(); - -sub Xv - { - local($n)=@_; - return(&swtmp($n)); - # tmp on stack - } - -sub Np - { - local($p)=@_; - local(%n)=($A,$E,$B,$A,$C,$B,$D,$C,$E,$D); - return($n{$p}); - } - -sub RIP1 - { - local($a,$b,$c,$d,$e,$pos,$s,$o,$pos2)=@_; - - &comment($p++); - if ($p & 1) - { - #&mov($tmp1, $c) if $o == -1; - &xor($tmp1, $d) if $o == -1; - &mov($tmp2, &Xv($pos)); - &xor($tmp1, $b); - &add($a, $tmp2); - &rotl($c, 10); - &add($a, $tmp1); - &mov($tmp1, &Np($c)); # NEXT - # XXX - &rotl($a, $s); - &add($a, $e); - } - else - { - &xor($tmp1, $d); - &mov($tmp2, &Xv($pos)); - &xor($tmp1, $b); - &add($a, $tmp1); - &mov($tmp1, &Np($c)) if $o <= 0; - &mov($tmp1, -1) if $o == 1; - # XXX if $o == 2; - &rotl($c, 10); - &add($a, $tmp2); - &xor($tmp1, &Np($d)) if $o <= 0; - &mov($tmp2, &Xv($pos2)) if $o == 1; - &mov($tmp2, &wparam(0)) if $o == 2; - &rotl($a, $s); - &add($a, $e); - } - } - -sub RIP2 - { - local($a,$b,$c,$d,$e,$pos,$pos2,$s,$K,$o)=@_; - -# XXXXXX - &comment($p++); - if ($p & 1) - { -# &mov($tmp2, &Xv($pos)) if $o < -1; -# &mov($tmp1, -1) if $o < -1; - - &add($a, $tmp2); - &mov($tmp2, $c); - &sub($tmp1, $b); - &and($tmp2, $b); - &and($tmp1, $d); - &or($tmp2, $tmp1); - &mov($tmp1, &Xv($pos2)) if $o <= 0; # XXXXXXXXXXXXXX - # XXX - &rotl($c, 10); - &lea($a, &DWP($K,$a,$tmp2,1)); - &mov($tmp2, -1) if $o <= 0; - # XXX - &rotl($a, $s); - &add($a, $e); - } - else - { - # XXX - &add($a, $tmp1); - &mov($tmp1, $c); - &sub($tmp2, $b); - &and($tmp1, $b); - &and($tmp2, $d); - if ($o != 2) - { - &or($tmp1, $tmp2); - &mov($tmp2, &Xv($pos2)) if $o <= 0; - &mov($tmp2, -1) if $o == 1; - &rotl($c, 10); - &lea($a, &DWP($K,$a,$tmp1,1)); - &mov($tmp1, -1) if $o <= 0; - &sub($tmp2, &Np($c)) if $o == 1; - } else { - &or($tmp2, $tmp1); - &mov($tmp1, &Np($c)); - &rotl($c, 10); - &lea($a, &DWP($K,$a,$tmp2,1)); - &xor($tmp1, &Np($d)); - } - &rotl($a, $s); - &add($a, $e); - } - } - -sub RIP3 - { - local($a,$b,$c,$d,$e,$pos,$s,$K,$o,$pos2)=@_; - - &comment($p++); - if ($p & 1) - { -# &mov($tmp2, -1) if $o < -1; -# &sub($tmp2, $c) if $o < -1; - &mov($tmp1, &Xv($pos)); - &or($tmp2, $b); - &add($a, $tmp1); - &xor($tmp2, $d); - &mov($tmp1, -1) if $o <= 0; # NEXT - # XXX - &rotl($c, 10); - &lea($a, &DWP($K,$a,$tmp2,1)); - &sub($tmp1, &Np($c)) if $o <= 0; # NEXT - # XXX - &rotl($a, $s); - &add($a, $e); - } - else - { - &mov($tmp2, &Xv($pos)); - &or($tmp1, $b); - &add($a, $tmp2); - &xor($tmp1, $d); - &mov($tmp2, -1) if $o <= 0; # NEXT - &mov($tmp2, -1) if $o == 1; - &mov($tmp2, &Xv($pos2)) if $o == 2; - &rotl($c, 10); - &lea($a, &DWP($K,$a,$tmp1,1)); - &sub($tmp2, &Np($c)) if $o <= 0; # NEXT - &mov($tmp1, &Np($d)) if $o == 1; - &mov($tmp1, -1) if $o == 2; - &rotl($a, $s); - &add($a, $e); - } - } - -sub RIP4 - { - local($a,$b,$c,$d,$e,$pos,$s,$K,$o)=@_; - - &comment($p++); - if ($p & 1) - { -# &mov($tmp2, -1) if $o == -2; -# &mov($tmp1, $d) if $o == -2; - &sub($tmp2, $d); - &and($tmp1, $b); - &and($tmp2, $c); - &or($tmp2, $tmp1); - &mov($tmp1, &Xv($pos)); - &rotl($c, 10); - &lea($a, &DWP($K,$a,$tmp2)); - &mov($tmp2, -1) unless $o > 0; # NEXT - # XXX - &add($a, $tmp1); - &mov($tmp1, &Np($d)) unless $o > 0; # NEXT - # XXX - &rotl($a, $s); - &add($a, $e); - } - else - { - &sub($tmp2, $d); - &and($tmp1, $b); - &and($tmp2, $c); - &or($tmp2, $tmp1); - &mov($tmp1, &Xv($pos)); - &rotl($c, 10); - &lea($a, &DWP($K,$a,$tmp2)); - &mov($tmp2, -1) if $o == 0; # NEXT - &mov($tmp2, -1) if $o == 1; - &mov($tmp2, -1) if $o == 2; - # XXX - &add($a, $tmp1); - &mov($tmp1, &Np($d)) if $o == 0; # NEXT - &sub($tmp2, &Np($d)) if $o == 1; - &sub($tmp2, &Np($c)) if $o == 2; - # XXX - &rotl($a, $s); - &add($a, $e); - } - } - -sub RIP5 - { - local($a,$b,$c,$d,$e,$pos,$s,$K,$o)=@_; - - &comment($p++); - if ($p & 1) - { - &mov($tmp2, -1) if $o == -2; - &sub($tmp2, $d) if $o == -2; - &mov($tmp1, &Xv($pos)); - &or($tmp2, $c); - &add($a, $tmp1); - &xor($tmp2, $b); - &mov($tmp1, -1) if $o <= 0; - # XXX - &rotl($c, 10); - &lea($a, &DWP($K,$a,$tmp2,1)); - &sub($tmp1, &Np($d)) if $o <= 0; - # XXX - &rotl($a, $s); - &add($a, $e); - } - else - { - &mov($tmp2, &Xv($pos)); - &or($tmp1, $c); - &add($a, $tmp2); - &xor($tmp1, $b); - &mov($tmp2, -1) if $o <= 0; - &mov($tmp2, &wparam(0)) if $o == 1; # Middle code - &mov($tmp2, -1) if $o == 2; - &rotl($c, 10); - &lea($a, &DWP($K,$a,$tmp1,1)); - &sub($tmp2, &Np($d)) if $o <= 0; - &mov(&swtmp(16), $A) if $o == 1; - &mov($tmp1, &Np($d)) if $o == 2; - &rotl($a, $s); - &add($a, $e); - } - } - -sub ripemd160_block - { - local($name)=@_; - - &function_begin_B($name,"",3); - - # parameter 1 is the RIPEMD160_CTX structure. - # A 0 - # B 4 - # C 8 - # D 12 - # E 16 - - &mov($tmp2, &wparam(0)); - &mov($tmp1, &wparam(1)); - &push("esi"); - &mov($A, &DWP( 0,$tmp2,"",0)); - &push("edi"); - &mov($B, &DWP( 4,$tmp2,"",0)); - &push("ebp"); - &mov($C, &DWP( 8,$tmp2,"",0)); - &push("ebx"); - &stack_push(16+5+6); - # Special comment about the figure of 6. - # Idea is to pad the current frame so - # that the top of the stack gets fairly - # aligned. Well, as you realize it would - # always depend on how the frame below is - # aligned. The good news are that gcc-2.95 - # and later does keep first argument at - # least double-wise aligned. - # - - &set_label("start") unless $normal; - &comment(""); - - # &mov($tmp1, &wparam(1)); # Done at end of loop - # &mov($tmp2, &wparam(0)); # Done at end of loop - - for ($z=0; $z<16; $z+=2) - { - &mov($D, &DWP( $z*4,$tmp1,"",0)); - &mov($E, &DWP( ($z+1)*4,$tmp1,"",0)); - &mov(&swtmp($z), $D); - &mov(&swtmp($z+1), $E); - } - &mov($tmp1, $C); - &mov($D, &DWP(12,$tmp2,"",0)); - &mov($E, &DWP(16,$tmp2,"",0)); - - &RIP1($A,$B,$C,$D,$E,$wl[ 0],$sl[ 0],-1); - &RIP1($E,$A,$B,$C,$D,$wl[ 1],$sl[ 1],0); - &RIP1($D,$E,$A,$B,$C,$wl[ 2],$sl[ 2],0); - &RIP1($C,$D,$E,$A,$B,$wl[ 3],$sl[ 3],0); - &RIP1($B,$C,$D,$E,$A,$wl[ 4],$sl[ 4],0); - &RIP1($A,$B,$C,$D,$E,$wl[ 5],$sl[ 5],0); - &RIP1($E,$A,$B,$C,$D,$wl[ 6],$sl[ 6],0); - &RIP1($D,$E,$A,$B,$C,$wl[ 7],$sl[ 7],0); - &RIP1($C,$D,$E,$A,$B,$wl[ 8],$sl[ 8],0); - &RIP1($B,$C,$D,$E,$A,$wl[ 9],$sl[ 9],0); - &RIP1($A,$B,$C,$D,$E,$wl[10],$sl[10],0); - &RIP1($E,$A,$B,$C,$D,$wl[11],$sl[11],0); - &RIP1($D,$E,$A,$B,$C,$wl[12],$sl[12],0); - &RIP1($C,$D,$E,$A,$B,$wl[13],$sl[13],0); - &RIP1($B,$C,$D,$E,$A,$wl[14],$sl[14],0); - &RIP1($A,$B,$C,$D,$E,$wl[15],$sl[15],1,$wl[16]); - - &RIP2($E,$A,$B,$C,$D,$wl[16],$wl[17],$sl[16],$KL1,-1); - &RIP2($D,$E,$A,$B,$C,$wl[17],$wl[18],$sl[17],$KL1,0); - &RIP2($C,$D,$E,$A,$B,$wl[18],$wl[19],$sl[18],$KL1,0); - &RIP2($B,$C,$D,$E,$A,$wl[19],$wl[20],$sl[19],$KL1,0); - &RIP2($A,$B,$C,$D,$E,$wl[20],$wl[21],$sl[20],$KL1,0); - &RIP2($E,$A,$B,$C,$D,$wl[21],$wl[22],$sl[21],$KL1,0); - &RIP2($D,$E,$A,$B,$C,$wl[22],$wl[23],$sl[22],$KL1,0); - &RIP2($C,$D,$E,$A,$B,$wl[23],$wl[24],$sl[23],$KL1,0); - &RIP2($B,$C,$D,$E,$A,$wl[24],$wl[25],$sl[24],$KL1,0); - &RIP2($A,$B,$C,$D,$E,$wl[25],$wl[26],$sl[25],$KL1,0); - &RIP2($E,$A,$B,$C,$D,$wl[26],$wl[27],$sl[26],$KL1,0); - &RIP2($D,$E,$A,$B,$C,$wl[27],$wl[28],$sl[27],$KL1,0); - &RIP2($C,$D,$E,$A,$B,$wl[28],$wl[29],$sl[28],$KL1,0); - &RIP2($B,$C,$D,$E,$A,$wl[29],$wl[30],$sl[29],$KL1,0); - &RIP2($A,$B,$C,$D,$E,$wl[30],$wl[31],$sl[30],$KL1,0); - &RIP2($E,$A,$B,$C,$D,$wl[31],$wl[32],$sl[31],$KL1,1); - - &RIP3($D,$E,$A,$B,$C,$wl[32],$sl[32],$KL2,-1); - &RIP3($C,$D,$E,$A,$B,$wl[33],$sl[33],$KL2,0); - &RIP3($B,$C,$D,$E,$A,$wl[34],$sl[34],$KL2,0); - &RIP3($A,$B,$C,$D,$E,$wl[35],$sl[35],$KL2,0); - &RIP3($E,$A,$B,$C,$D,$wl[36],$sl[36],$KL2,0); - &RIP3($D,$E,$A,$B,$C,$wl[37],$sl[37],$KL2,0); - &RIP3($C,$D,$E,$A,$B,$wl[38],$sl[38],$KL2,0); - &RIP3($B,$C,$D,$E,$A,$wl[39],$sl[39],$KL2,0); - &RIP3($A,$B,$C,$D,$E,$wl[40],$sl[40],$KL2,0); - &RIP3($E,$A,$B,$C,$D,$wl[41],$sl[41],$KL2,0); - &RIP3($D,$E,$A,$B,$C,$wl[42],$sl[42],$KL2,0); - &RIP3($C,$D,$E,$A,$B,$wl[43],$sl[43],$KL2,0); - &RIP3($B,$C,$D,$E,$A,$wl[44],$sl[44],$KL2,0); - &RIP3($A,$B,$C,$D,$E,$wl[45],$sl[45],$KL2,0); - &RIP3($E,$A,$B,$C,$D,$wl[46],$sl[46],$KL2,0); - &RIP3($D,$E,$A,$B,$C,$wl[47],$sl[47],$KL2,1); - - &RIP4($C,$D,$E,$A,$B,$wl[48],$sl[48],$KL3,-1); - &RIP4($B,$C,$D,$E,$A,$wl[49],$sl[49],$KL3,0); - &RIP4($A,$B,$C,$D,$E,$wl[50],$sl[50],$KL3,0); - &RIP4($E,$A,$B,$C,$D,$wl[51],$sl[51],$KL3,0); - &RIP4($D,$E,$A,$B,$C,$wl[52],$sl[52],$KL3,0); - &RIP4($C,$D,$E,$A,$B,$wl[53],$sl[53],$KL3,0); - &RIP4($B,$C,$D,$E,$A,$wl[54],$sl[54],$KL3,0); - &RIP4($A,$B,$C,$D,$E,$wl[55],$sl[55],$KL3,0); - &RIP4($E,$A,$B,$C,$D,$wl[56],$sl[56],$KL3,0); - &RIP4($D,$E,$A,$B,$C,$wl[57],$sl[57],$KL3,0); - &RIP4($C,$D,$E,$A,$B,$wl[58],$sl[58],$KL3,0); - &RIP4($B,$C,$D,$E,$A,$wl[59],$sl[59],$KL3,0); - &RIP4($A,$B,$C,$D,$E,$wl[60],$sl[60],$KL3,0); - &RIP4($E,$A,$B,$C,$D,$wl[61],$sl[61],$KL3,0); - &RIP4($D,$E,$A,$B,$C,$wl[62],$sl[62],$KL3,0); - &RIP4($C,$D,$E,$A,$B,$wl[63],$sl[63],$KL3,1); - - &RIP5($B,$C,$D,$E,$A,$wl[64],$sl[64],$KL4,-1); - &RIP5($A,$B,$C,$D,$E,$wl[65],$sl[65],$KL4,0); - &RIP5($E,$A,$B,$C,$D,$wl[66],$sl[66],$KL4,0); - &RIP5($D,$E,$A,$B,$C,$wl[67],$sl[67],$KL4,0); - &RIP5($C,$D,$E,$A,$B,$wl[68],$sl[68],$KL4,0); - &RIP5($B,$C,$D,$E,$A,$wl[69],$sl[69],$KL4,0); - &RIP5($A,$B,$C,$D,$E,$wl[70],$sl[70],$KL4,0); - &RIP5($E,$A,$B,$C,$D,$wl[71],$sl[71],$KL4,0); - &RIP5($D,$E,$A,$B,$C,$wl[72],$sl[72],$KL4,0); - &RIP5($C,$D,$E,$A,$B,$wl[73],$sl[73],$KL4,0); - &RIP5($B,$C,$D,$E,$A,$wl[74],$sl[74],$KL4,0); - &RIP5($A,$B,$C,$D,$E,$wl[75],$sl[75],$KL4,0); - &RIP5($E,$A,$B,$C,$D,$wl[76],$sl[76],$KL4,0); - &RIP5($D,$E,$A,$B,$C,$wl[77],$sl[77],$KL4,0); - &RIP5($C,$D,$E,$A,$B,$wl[78],$sl[78],$KL4,0); - &RIP5($B,$C,$D,$E,$A,$wl[79],$sl[79],$KL4,1); - - # &mov($tmp2, &wparam(0)); # moved into last RIP5 - # &mov(&swtmp(16), $A); - &mov($A, &DWP( 0,$tmp2,"",0)); - &mov(&swtmp(16+1), $B); - &mov(&swtmp(16+2), $C); - &mov($B, &DWP( 4,$tmp2,"",0)); - &mov(&swtmp(16+3), $D); - &mov($C, &DWP( 8,$tmp2,"",0)); - &mov(&swtmp(16+4), $E); - &mov($D, &DWP(12,$tmp2,"",0)); - &mov($E, &DWP(16,$tmp2,"",0)); - - &RIP5($A,$B,$C,$D,$E,$wr[ 0],$sr[ 0],$KR0,-2); - &RIP5($E,$A,$B,$C,$D,$wr[ 1],$sr[ 1],$KR0,0); - &RIP5($D,$E,$A,$B,$C,$wr[ 2],$sr[ 2],$KR0,0); - &RIP5($C,$D,$E,$A,$B,$wr[ 3],$sr[ 3],$KR0,0); - &RIP5($B,$C,$D,$E,$A,$wr[ 4],$sr[ 4],$KR0,0); - &RIP5($A,$B,$C,$D,$E,$wr[ 5],$sr[ 5],$KR0,0); - &RIP5($E,$A,$B,$C,$D,$wr[ 6],$sr[ 6],$KR0,0); - &RIP5($D,$E,$A,$B,$C,$wr[ 7],$sr[ 7],$KR0,0); - &RIP5($C,$D,$E,$A,$B,$wr[ 8],$sr[ 8],$KR0,0); - &RIP5($B,$C,$D,$E,$A,$wr[ 9],$sr[ 9],$KR0,0); - &RIP5($A,$B,$C,$D,$E,$wr[10],$sr[10],$KR0,0); - &RIP5($E,$A,$B,$C,$D,$wr[11],$sr[11],$KR0,0); - &RIP5($D,$E,$A,$B,$C,$wr[12],$sr[12],$KR0,0); - &RIP5($C,$D,$E,$A,$B,$wr[13],$sr[13],$KR0,0); - &RIP5($B,$C,$D,$E,$A,$wr[14],$sr[14],$KR0,0); - &RIP5($A,$B,$C,$D,$E,$wr[15],$sr[15],$KR0,2); - - &RIP4($E,$A,$B,$C,$D,$wr[16],$sr[16],$KR1,-2); - &RIP4($D,$E,$A,$B,$C,$wr[17],$sr[17],$KR1,0); - &RIP4($C,$D,$E,$A,$B,$wr[18],$sr[18],$KR1,0); - &RIP4($B,$C,$D,$E,$A,$wr[19],$sr[19],$KR1,0); - &RIP4($A,$B,$C,$D,$E,$wr[20],$sr[20],$KR1,0); - &RIP4($E,$A,$B,$C,$D,$wr[21],$sr[21],$KR1,0); - &RIP4($D,$E,$A,$B,$C,$wr[22],$sr[22],$KR1,0); - &RIP4($C,$D,$E,$A,$B,$wr[23],$sr[23],$KR1,0); - &RIP4($B,$C,$D,$E,$A,$wr[24],$sr[24],$KR1,0); - &RIP4($A,$B,$C,$D,$E,$wr[25],$sr[25],$KR1,0); - &RIP4($E,$A,$B,$C,$D,$wr[26],$sr[26],$KR1,0); - &RIP4($D,$E,$A,$B,$C,$wr[27],$sr[27],$KR1,0); - &RIP4($C,$D,$E,$A,$B,$wr[28],$sr[28],$KR1,0); - &RIP4($B,$C,$D,$E,$A,$wr[29],$sr[29],$KR1,0); - &RIP4($A,$B,$C,$D,$E,$wr[30],$sr[30],$KR1,0); - &RIP4($E,$A,$B,$C,$D,$wr[31],$sr[31],$KR1,2); - - &RIP3($D,$E,$A,$B,$C,$wr[32],$sr[32],$KR2,-2); - &RIP3($C,$D,$E,$A,$B,$wr[33],$sr[33],$KR2,0); - &RIP3($B,$C,$D,$E,$A,$wr[34],$sr[34],$KR2,0); - &RIP3($A,$B,$C,$D,$E,$wr[35],$sr[35],$KR2,0); - &RIP3($E,$A,$B,$C,$D,$wr[36],$sr[36],$KR2,0); - &RIP3($D,$E,$A,$B,$C,$wr[37],$sr[37],$KR2,0); - &RIP3($C,$D,$E,$A,$B,$wr[38],$sr[38],$KR2,0); - &RIP3($B,$C,$D,$E,$A,$wr[39],$sr[39],$KR2,0); - &RIP3($A,$B,$C,$D,$E,$wr[40],$sr[40],$KR2,0); - &RIP3($E,$A,$B,$C,$D,$wr[41],$sr[41],$KR2,0); - &RIP3($D,$E,$A,$B,$C,$wr[42],$sr[42],$KR2,0); - &RIP3($C,$D,$E,$A,$B,$wr[43],$sr[43],$KR2,0); - &RIP3($B,$C,$D,$E,$A,$wr[44],$sr[44],$KR2,0); - &RIP3($A,$B,$C,$D,$E,$wr[45],$sr[45],$KR2,0); - &RIP3($E,$A,$B,$C,$D,$wr[46],$sr[46],$KR2,0); - &RIP3($D,$E,$A,$B,$C,$wr[47],$sr[47],$KR2,2,$wr[48]); - - &RIP2($C,$D,$E,$A,$B,$wr[48],$wr[49],$sr[48],$KR3,-2); - &RIP2($B,$C,$D,$E,$A,$wr[49],$wr[50],$sr[49],$KR3,0); - &RIP2($A,$B,$C,$D,$E,$wr[50],$wr[51],$sr[50],$KR3,0); - &RIP2($E,$A,$B,$C,$D,$wr[51],$wr[52],$sr[51],$KR3,0); - &RIP2($D,$E,$A,$B,$C,$wr[52],$wr[53],$sr[52],$KR3,0); - &RIP2($C,$D,$E,$A,$B,$wr[53],$wr[54],$sr[53],$KR3,0); - &RIP2($B,$C,$D,$E,$A,$wr[54],$wr[55],$sr[54],$KR3,0); - &RIP2($A,$B,$C,$D,$E,$wr[55],$wr[56],$sr[55],$KR3,0); - &RIP2($E,$A,$B,$C,$D,$wr[56],$wr[57],$sr[56],$KR3,0); - &RIP2($D,$E,$A,$B,$C,$wr[57],$wr[58],$sr[57],$KR3,0); - &RIP2($C,$D,$E,$A,$B,$wr[58],$wr[59],$sr[58],$KR3,0); - &RIP2($B,$C,$D,$E,$A,$wr[59],$wr[60],$sr[59],$KR3,0); - &RIP2($A,$B,$C,$D,$E,$wr[60],$wr[61],$sr[60],$KR3,0); - &RIP2($E,$A,$B,$C,$D,$wr[61],$wr[62],$sr[61],$KR3,0); - &RIP2($D,$E,$A,$B,$C,$wr[62],$wr[63],$sr[62],$KR3,0); - &RIP2($C,$D,$E,$A,$B,$wr[63],$wr[64],$sr[63],$KR3,2); - - &RIP1($B,$C,$D,$E,$A,$wr[64],$sr[64],-2); - &RIP1($A,$B,$C,$D,$E,$wr[65],$sr[65],0); - &RIP1($E,$A,$B,$C,$D,$wr[66],$sr[66],0); - &RIP1($D,$E,$A,$B,$C,$wr[67],$sr[67],0); - &RIP1($C,$D,$E,$A,$B,$wr[68],$sr[68],0); - &RIP1($B,$C,$D,$E,$A,$wr[69],$sr[69],0); - &RIP1($A,$B,$C,$D,$E,$wr[70],$sr[70],0); - &RIP1($E,$A,$B,$C,$D,$wr[71],$sr[71],0); - &RIP1($D,$E,$A,$B,$C,$wr[72],$sr[72],0); - &RIP1($C,$D,$E,$A,$B,$wr[73],$sr[73],0); - &RIP1($B,$C,$D,$E,$A,$wr[74],$sr[74],0); - &RIP1($A,$B,$C,$D,$E,$wr[75],$sr[75],0); - &RIP1($E,$A,$B,$C,$D,$wr[76],$sr[76],0); - &RIP1($D,$E,$A,$B,$C,$wr[77],$sr[77],0); - &RIP1($C,$D,$E,$A,$B,$wr[78],$sr[78],0); - &RIP1($B,$C,$D,$E,$A,$wr[79],$sr[79],2); - - # &mov($tmp2, &wparam(0)); # Moved into last round - - &mov($tmp1, &DWP( 4,$tmp2,"",0)); # ctx->B - &add($D, $tmp1); - &mov($tmp1, &swtmp(16+2)); # $c - &add($D, $tmp1); - - &mov($tmp1, &DWP( 8,$tmp2,"",0)); # ctx->C - &add($E, $tmp1); - &mov($tmp1, &swtmp(16+3)); # $d - &add($E, $tmp1); - - &mov($tmp1, &DWP(12,$tmp2,"",0)); # ctx->D - &add($A, $tmp1); - &mov($tmp1, &swtmp(16+4)); # $e - &add($A, $tmp1); - - - &mov($tmp1, &DWP(16,$tmp2,"",0)); # ctx->E - &add($B, $tmp1); - &mov($tmp1, &swtmp(16+0)); # $a - &add($B, $tmp1); - - &mov($tmp1, &DWP( 0,$tmp2,"",0)); # ctx->A - &add($C, $tmp1); - &mov($tmp1, &swtmp(16+1)); # $b - &add($C, $tmp1); - - &mov($tmp1, &wparam(2)); - - &mov(&DWP( 0,$tmp2,"",0), $D); - &mov(&DWP( 4,$tmp2,"",0), $E); - &mov(&DWP( 8,$tmp2,"",0), $A); - &sub($tmp1,1); - &mov(&DWP(12,$tmp2,"",0), $B); - &mov(&DWP(16,$tmp2,"",0), $C); - - &jle(&label("get_out")); - - &mov(&wparam(2),$tmp1); - &mov($C, $A); - &mov($tmp1, &wparam(1)); - &mov($A, $D); - &add($tmp1, 64); - &mov($B, $E); - &mov(&wparam(1),$tmp1); - - &jmp(&label("start")); - - &set_label("get_out"); - - &stack_pop(16+5+6); - - &pop("ebx"); - &pop("ebp"); - &pop("edi"); - &pop("esi"); - &ret(); - &function_end_B($name); - } - diff --git a/src/lib/libcrypto/ripemd/ripemd.h b/src/lib/libcrypto/ripemd/ripemd.h deleted file mode 100644 index dd1627cf40..0000000000 --- a/src/lib/libcrypto/ripemd/ripemd.h +++ /dev/null @@ -1,101 +0,0 @@ -/* crypto/ripemd/ripemd.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_RIPEMD_H -#define HEADER_RIPEMD_H - -#ifdef __cplusplus -extern "C" { -#endif - -#ifdef NO_RIPEMD -#error RIPEMD is disabled. -#endif - -#if defined(WIN16) || defined(__LP32__) -#define RIPEMD160_LONG unsigned long -#elif defined(_CRAY) || defined(__ILP64__) -#define RIPEMD160_LONG unsigned long -#define RIPEMD160_LONG_LOG2 3 -#else -#define RIPEMD160_LONG unsigned int -#endif - -#define RIPEMD160_CBLOCK 64 -#define RIPEMD160_LBLOCK (RIPEMD160_CBLOCK/4) -#define RIPEMD160_DIGEST_LENGTH 20 - -typedef struct RIPEMD160state_st - { - RIPEMD160_LONG A,B,C,D,E; - RIPEMD160_LONG Nl,Nh; - RIPEMD160_LONG data[RIPEMD160_LBLOCK]; - int num; - } RIPEMD160_CTX; - -void RIPEMD160_Init(RIPEMD160_CTX *c); -void RIPEMD160_Update(RIPEMD160_CTX *c, const void *data, unsigned long len); -void RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX *c); -unsigned char *RIPEMD160(const unsigned char *d, unsigned long n, - unsigned char *md); -void RIPEMD160_Transform(RIPEMD160_CTX *c, const unsigned char *b); -#ifdef __cplusplus -} -#endif - -#endif diff --git a/src/lib/libcrypto/ripemd/rmd_dgst.c b/src/lib/libcrypto/ripemd/rmd_dgst.c deleted file mode 100644 index bdfae270b6..0000000000 --- a/src/lib/libcrypto/ripemd/rmd_dgst.c +++ /dev/null @@ -1,493 +0,0 @@ -/* crypto/ripemd/rmd_dgst.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "rmd_locl.h" -#include - -const char *RMD160_version="RIPE-MD160" OPENSSL_VERSION_PTEXT; - -# ifdef RMD160_ASM - void ripemd160_block_x86(RIPEMD160_CTX *c, unsigned long *p,int num); -# define ripemd160_block ripemd160_block_x86 -# else - void ripemd160_block(RIPEMD160_CTX *c, unsigned long *p,int num); -# endif - -void RIPEMD160_Init(RIPEMD160_CTX *c) - { - c->A=RIPEMD160_A; - c->B=RIPEMD160_B; - c->C=RIPEMD160_C; - c->D=RIPEMD160_D; - c->E=RIPEMD160_E; - c->Nl=0; - c->Nh=0; - c->num=0; - } - -#ifndef ripemd160_block_host_order -#ifdef X -#undef X -#endif -#define X(i) XX[i] -void ripemd160_block_host_order (RIPEMD160_CTX *ctx, const void *p, int num) - { - const RIPEMD160_LONG *XX=p; - register unsigned long A,B,C,D,E; - register unsigned long a,b,c,d,e; - - for (;num--;XX+=HASH_LBLOCK) - { - - A=ctx->A; B=ctx->B; C=ctx->C; D=ctx->D; E=ctx->E; - - RIP1(A,B,C,D,E,WL00,SL00); - RIP1(E,A,B,C,D,WL01,SL01); - RIP1(D,E,A,B,C,WL02,SL02); - RIP1(C,D,E,A,B,WL03,SL03); - RIP1(B,C,D,E,A,WL04,SL04); - RIP1(A,B,C,D,E,WL05,SL05); - RIP1(E,A,B,C,D,WL06,SL06); - RIP1(D,E,A,B,C,WL07,SL07); - RIP1(C,D,E,A,B,WL08,SL08); - RIP1(B,C,D,E,A,WL09,SL09); - RIP1(A,B,C,D,E,WL10,SL10); - RIP1(E,A,B,C,D,WL11,SL11); - RIP1(D,E,A,B,C,WL12,SL12); - RIP1(C,D,E,A,B,WL13,SL13); - RIP1(B,C,D,E,A,WL14,SL14); - RIP1(A,B,C,D,E,WL15,SL15); - - RIP2(E,A,B,C,D,WL16,SL16,KL1); - RIP2(D,E,A,B,C,WL17,SL17,KL1); - RIP2(C,D,E,A,B,WL18,SL18,KL1); - RIP2(B,C,D,E,A,WL19,SL19,KL1); - RIP2(A,B,C,D,E,WL20,SL20,KL1); - RIP2(E,A,B,C,D,WL21,SL21,KL1); - RIP2(D,E,A,B,C,WL22,SL22,KL1); - RIP2(C,D,E,A,B,WL23,SL23,KL1); - RIP2(B,C,D,E,A,WL24,SL24,KL1); - RIP2(A,B,C,D,E,WL25,SL25,KL1); - RIP2(E,A,B,C,D,WL26,SL26,KL1); - RIP2(D,E,A,B,C,WL27,SL27,KL1); - RIP2(C,D,E,A,B,WL28,SL28,KL1); - RIP2(B,C,D,E,A,WL29,SL29,KL1); - RIP2(A,B,C,D,E,WL30,SL30,KL1); - RIP2(E,A,B,C,D,WL31,SL31,KL1); - - RIP3(D,E,A,B,C,WL32,SL32,KL2); - RIP3(C,D,E,A,B,WL33,SL33,KL2); - RIP3(B,C,D,E,A,WL34,SL34,KL2); - RIP3(A,B,C,D,E,WL35,SL35,KL2); - RIP3(E,A,B,C,D,WL36,SL36,KL2); - RIP3(D,E,A,B,C,WL37,SL37,KL2); - RIP3(C,D,E,A,B,WL38,SL38,KL2); - RIP3(B,C,D,E,A,WL39,SL39,KL2); - RIP3(A,B,C,D,E,WL40,SL40,KL2); - RIP3(E,A,B,C,D,WL41,SL41,KL2); - RIP3(D,E,A,B,C,WL42,SL42,KL2); - RIP3(C,D,E,A,B,WL43,SL43,KL2); - RIP3(B,C,D,E,A,WL44,SL44,KL2); - RIP3(A,B,C,D,E,WL45,SL45,KL2); - RIP3(E,A,B,C,D,WL46,SL46,KL2); - RIP3(D,E,A,B,C,WL47,SL47,KL2); - - RIP4(C,D,E,A,B,WL48,SL48,KL3); - RIP4(B,C,D,E,A,WL49,SL49,KL3); - RIP4(A,B,C,D,E,WL50,SL50,KL3); - RIP4(E,A,B,C,D,WL51,SL51,KL3); - RIP4(D,E,A,B,C,WL52,SL52,KL3); - RIP4(C,D,E,A,B,WL53,SL53,KL3); - RIP4(B,C,D,E,A,WL54,SL54,KL3); - RIP4(A,B,C,D,E,WL55,SL55,KL3); - RIP4(E,A,B,C,D,WL56,SL56,KL3); - RIP4(D,E,A,B,C,WL57,SL57,KL3); - RIP4(C,D,E,A,B,WL58,SL58,KL3); - RIP4(B,C,D,E,A,WL59,SL59,KL3); - RIP4(A,B,C,D,E,WL60,SL60,KL3); - RIP4(E,A,B,C,D,WL61,SL61,KL3); - RIP4(D,E,A,B,C,WL62,SL62,KL3); - RIP4(C,D,E,A,B,WL63,SL63,KL3); - - RIP5(B,C,D,E,A,WL64,SL64,KL4); - RIP5(A,B,C,D,E,WL65,SL65,KL4); - RIP5(E,A,B,C,D,WL66,SL66,KL4); - RIP5(D,E,A,B,C,WL67,SL67,KL4); - RIP5(C,D,E,A,B,WL68,SL68,KL4); - RIP5(B,C,D,E,A,WL69,SL69,KL4); - RIP5(A,B,C,D,E,WL70,SL70,KL4); - RIP5(E,A,B,C,D,WL71,SL71,KL4); - RIP5(D,E,A,B,C,WL72,SL72,KL4); - RIP5(C,D,E,A,B,WL73,SL73,KL4); - RIP5(B,C,D,E,A,WL74,SL74,KL4); - RIP5(A,B,C,D,E,WL75,SL75,KL4); - RIP5(E,A,B,C,D,WL76,SL76,KL4); - RIP5(D,E,A,B,C,WL77,SL77,KL4); - RIP5(C,D,E,A,B,WL78,SL78,KL4); - RIP5(B,C,D,E,A,WL79,SL79,KL4); - - a=A; b=B; c=C; d=D; e=E; - /* Do other half */ - A=ctx->A; B=ctx->B; C=ctx->C; D=ctx->D; E=ctx->E; - - RIP5(A,B,C,D,E,WR00,SR00,KR0); - RIP5(E,A,B,C,D,WR01,SR01,KR0); - RIP5(D,E,A,B,C,WR02,SR02,KR0); - RIP5(C,D,E,A,B,WR03,SR03,KR0); - RIP5(B,C,D,E,A,WR04,SR04,KR0); - RIP5(A,B,C,D,E,WR05,SR05,KR0); - RIP5(E,A,B,C,D,WR06,SR06,KR0); - RIP5(D,E,A,B,C,WR07,SR07,KR0); - RIP5(C,D,E,A,B,WR08,SR08,KR0); - RIP5(B,C,D,E,A,WR09,SR09,KR0); - RIP5(A,B,C,D,E,WR10,SR10,KR0); - RIP5(E,A,B,C,D,WR11,SR11,KR0); - RIP5(D,E,A,B,C,WR12,SR12,KR0); - RIP5(C,D,E,A,B,WR13,SR13,KR0); - RIP5(B,C,D,E,A,WR14,SR14,KR0); - RIP5(A,B,C,D,E,WR15,SR15,KR0); - - RIP4(E,A,B,C,D,WR16,SR16,KR1); - RIP4(D,E,A,B,C,WR17,SR17,KR1); - RIP4(C,D,E,A,B,WR18,SR18,KR1); - RIP4(B,C,D,E,A,WR19,SR19,KR1); - RIP4(A,B,C,D,E,WR20,SR20,KR1); - RIP4(E,A,B,C,D,WR21,SR21,KR1); - RIP4(D,E,A,B,C,WR22,SR22,KR1); - RIP4(C,D,E,A,B,WR23,SR23,KR1); - RIP4(B,C,D,E,A,WR24,SR24,KR1); - RIP4(A,B,C,D,E,WR25,SR25,KR1); - RIP4(E,A,B,C,D,WR26,SR26,KR1); - RIP4(D,E,A,B,C,WR27,SR27,KR1); - RIP4(C,D,E,A,B,WR28,SR28,KR1); - RIP4(B,C,D,E,A,WR29,SR29,KR1); - RIP4(A,B,C,D,E,WR30,SR30,KR1); - RIP4(E,A,B,C,D,WR31,SR31,KR1); - - RIP3(D,E,A,B,C,WR32,SR32,KR2); - RIP3(C,D,E,A,B,WR33,SR33,KR2); - RIP3(B,C,D,E,A,WR34,SR34,KR2); - RIP3(A,B,C,D,E,WR35,SR35,KR2); - RIP3(E,A,B,C,D,WR36,SR36,KR2); - RIP3(D,E,A,B,C,WR37,SR37,KR2); - RIP3(C,D,E,A,B,WR38,SR38,KR2); - RIP3(B,C,D,E,A,WR39,SR39,KR2); - RIP3(A,B,C,D,E,WR40,SR40,KR2); - RIP3(E,A,B,C,D,WR41,SR41,KR2); - RIP3(D,E,A,B,C,WR42,SR42,KR2); - RIP3(C,D,E,A,B,WR43,SR43,KR2); - RIP3(B,C,D,E,A,WR44,SR44,KR2); - RIP3(A,B,C,D,E,WR45,SR45,KR2); - RIP3(E,A,B,C,D,WR46,SR46,KR2); - RIP3(D,E,A,B,C,WR47,SR47,KR2); - - RIP2(C,D,E,A,B,WR48,SR48,KR3); - RIP2(B,C,D,E,A,WR49,SR49,KR3); - RIP2(A,B,C,D,E,WR50,SR50,KR3); - RIP2(E,A,B,C,D,WR51,SR51,KR3); - RIP2(D,E,A,B,C,WR52,SR52,KR3); - RIP2(C,D,E,A,B,WR53,SR53,KR3); - RIP2(B,C,D,E,A,WR54,SR54,KR3); - RIP2(A,B,C,D,E,WR55,SR55,KR3); - RIP2(E,A,B,C,D,WR56,SR56,KR3); - RIP2(D,E,A,B,C,WR57,SR57,KR3); - RIP2(C,D,E,A,B,WR58,SR58,KR3); - RIP2(B,C,D,E,A,WR59,SR59,KR3); - RIP2(A,B,C,D,E,WR60,SR60,KR3); - RIP2(E,A,B,C,D,WR61,SR61,KR3); - RIP2(D,E,A,B,C,WR62,SR62,KR3); - RIP2(C,D,E,A,B,WR63,SR63,KR3); - - RIP1(B,C,D,E,A,WR64,SR64); - RIP1(A,B,C,D,E,WR65,SR65); - RIP1(E,A,B,C,D,WR66,SR66); - RIP1(D,E,A,B,C,WR67,SR67); - RIP1(C,D,E,A,B,WR68,SR68); - RIP1(B,C,D,E,A,WR69,SR69); - RIP1(A,B,C,D,E,WR70,SR70); - RIP1(E,A,B,C,D,WR71,SR71); - RIP1(D,E,A,B,C,WR72,SR72); - RIP1(C,D,E,A,B,WR73,SR73); - RIP1(B,C,D,E,A,WR74,SR74); - RIP1(A,B,C,D,E,WR75,SR75); - RIP1(E,A,B,C,D,WR76,SR76); - RIP1(D,E,A,B,C,WR77,SR77); - RIP1(C,D,E,A,B,WR78,SR78); - RIP1(B,C,D,E,A,WR79,SR79); - - D =ctx->B+c+D; - ctx->B=ctx->C+d+E; - ctx->C=ctx->D+e+A; - ctx->D=ctx->E+a+B; - ctx->E=ctx->A+b+C; - ctx->A=D; - - } - } -#endif - -#ifndef ripemd160_block_data_order -#ifdef X -#undef X -#endif -void ripemd160_block_data_order (RIPEMD160_CTX *ctx, const void *p, int num) - { - const unsigned char *data=p; - register unsigned long A,B,C,D,E; - unsigned long a,b,c,d,e,l; -#ifndef MD32_XARRAY - /* See comment in crypto/sha/sha_locl.h for details. */ - unsigned long XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7, - XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15; -# define X(i) XX##i -#else - RIPEMD160_LONG XX[16]; -# define X(i) XX[i] -#endif - - for (;num--;) - { - - A=ctx->A; B=ctx->B; C=ctx->C; D=ctx->D; E=ctx->E; - - HOST_c2l(data,l); X( 0)=l; HOST_c2l(data,l); X( 1)=l; - RIP1(A,B,C,D,E,WL00,SL00); HOST_c2l(data,l); X( 2)=l; - RIP1(E,A,B,C,D,WL01,SL01); HOST_c2l(data,l); X( 3)=l; - RIP1(D,E,A,B,C,WL02,SL02); HOST_c2l(data,l); X( 4)=l; - RIP1(C,D,E,A,B,WL03,SL03); HOST_c2l(data,l); X( 5)=l; - RIP1(B,C,D,E,A,WL04,SL04); HOST_c2l(data,l); X( 6)=l; - RIP1(A,B,C,D,E,WL05,SL05); HOST_c2l(data,l); X( 7)=l; - RIP1(E,A,B,C,D,WL06,SL06); HOST_c2l(data,l); X( 8)=l; - RIP1(D,E,A,B,C,WL07,SL07); HOST_c2l(data,l); X( 9)=l; - RIP1(C,D,E,A,B,WL08,SL08); HOST_c2l(data,l); X(10)=l; - RIP1(B,C,D,E,A,WL09,SL09); HOST_c2l(data,l); X(11)=l; - RIP1(A,B,C,D,E,WL10,SL10); HOST_c2l(data,l); X(12)=l; - RIP1(E,A,B,C,D,WL11,SL11); HOST_c2l(data,l); X(13)=l; - RIP1(D,E,A,B,C,WL12,SL12); HOST_c2l(data,l); X(14)=l; - RIP1(C,D,E,A,B,WL13,SL13); HOST_c2l(data,l); X(15)=l; - RIP1(B,C,D,E,A,WL14,SL14); - RIP1(A,B,C,D,E,WL15,SL15); - - RIP2(E,A,B,C,D,WL16,SL16,KL1); - RIP2(D,E,A,B,C,WL17,SL17,KL1); - RIP2(C,D,E,A,B,WL18,SL18,KL1); - RIP2(B,C,D,E,A,WL19,SL19,KL1); - RIP2(A,B,C,D,E,WL20,SL20,KL1); - RIP2(E,A,B,C,D,WL21,SL21,KL1); - RIP2(D,E,A,B,C,WL22,SL22,KL1); - RIP2(C,D,E,A,B,WL23,SL23,KL1); - RIP2(B,C,D,E,A,WL24,SL24,KL1); - RIP2(A,B,C,D,E,WL25,SL25,KL1); - RIP2(E,A,B,C,D,WL26,SL26,KL1); - RIP2(D,E,A,B,C,WL27,SL27,KL1); - RIP2(C,D,E,A,B,WL28,SL28,KL1); - RIP2(B,C,D,E,A,WL29,SL29,KL1); - RIP2(A,B,C,D,E,WL30,SL30,KL1); - RIP2(E,A,B,C,D,WL31,SL31,KL1); - - RIP3(D,E,A,B,C,WL32,SL32,KL2); - RIP3(C,D,E,A,B,WL33,SL33,KL2); - RIP3(B,C,D,E,A,WL34,SL34,KL2); - RIP3(A,B,C,D,E,WL35,SL35,KL2); - RIP3(E,A,B,C,D,WL36,SL36,KL2); - RIP3(D,E,A,B,C,WL37,SL37,KL2); - RIP3(C,D,E,A,B,WL38,SL38,KL2); - RIP3(B,C,D,E,A,WL39,SL39,KL2); - RIP3(A,B,C,D,E,WL40,SL40,KL2); - RIP3(E,A,B,C,D,WL41,SL41,KL2); - RIP3(D,E,A,B,C,WL42,SL42,KL2); - RIP3(C,D,E,A,B,WL43,SL43,KL2); - RIP3(B,C,D,E,A,WL44,SL44,KL2); - RIP3(A,B,C,D,E,WL45,SL45,KL2); - RIP3(E,A,B,C,D,WL46,SL46,KL2); - RIP3(D,E,A,B,C,WL47,SL47,KL2); - - RIP4(C,D,E,A,B,WL48,SL48,KL3); - RIP4(B,C,D,E,A,WL49,SL49,KL3); - RIP4(A,B,C,D,E,WL50,SL50,KL3); - RIP4(E,A,B,C,D,WL51,SL51,KL3); - RIP4(D,E,A,B,C,WL52,SL52,KL3); - RIP4(C,D,E,A,B,WL53,SL53,KL3); - RIP4(B,C,D,E,A,WL54,SL54,KL3); - RIP4(A,B,C,D,E,WL55,SL55,KL3); - RIP4(E,A,B,C,D,WL56,SL56,KL3); - RIP4(D,E,A,B,C,WL57,SL57,KL3); - RIP4(C,D,E,A,B,WL58,SL58,KL3); - RIP4(B,C,D,E,A,WL59,SL59,KL3); - RIP4(A,B,C,D,E,WL60,SL60,KL3); - RIP4(E,A,B,C,D,WL61,SL61,KL3); - RIP4(D,E,A,B,C,WL62,SL62,KL3); - RIP4(C,D,E,A,B,WL63,SL63,KL3); - - RIP5(B,C,D,E,A,WL64,SL64,KL4); - RIP5(A,B,C,D,E,WL65,SL65,KL4); - RIP5(E,A,B,C,D,WL66,SL66,KL4); - RIP5(D,E,A,B,C,WL67,SL67,KL4); - RIP5(C,D,E,A,B,WL68,SL68,KL4); - RIP5(B,C,D,E,A,WL69,SL69,KL4); - RIP5(A,B,C,D,E,WL70,SL70,KL4); - RIP5(E,A,B,C,D,WL71,SL71,KL4); - RIP5(D,E,A,B,C,WL72,SL72,KL4); - RIP5(C,D,E,A,B,WL73,SL73,KL4); - RIP5(B,C,D,E,A,WL74,SL74,KL4); - RIP5(A,B,C,D,E,WL75,SL75,KL4); - RIP5(E,A,B,C,D,WL76,SL76,KL4); - RIP5(D,E,A,B,C,WL77,SL77,KL4); - RIP5(C,D,E,A,B,WL78,SL78,KL4); - RIP5(B,C,D,E,A,WL79,SL79,KL4); - - a=A; b=B; c=C; d=D; e=E; - /* Do other half */ - A=ctx->A; B=ctx->B; C=ctx->C; D=ctx->D; E=ctx->E; - - RIP5(A,B,C,D,E,WR00,SR00,KR0); - RIP5(E,A,B,C,D,WR01,SR01,KR0); - RIP5(D,E,A,B,C,WR02,SR02,KR0); - RIP5(C,D,E,A,B,WR03,SR03,KR0); - RIP5(B,C,D,E,A,WR04,SR04,KR0); - RIP5(A,B,C,D,E,WR05,SR05,KR0); - RIP5(E,A,B,C,D,WR06,SR06,KR0); - RIP5(D,E,A,B,C,WR07,SR07,KR0); - RIP5(C,D,E,A,B,WR08,SR08,KR0); - RIP5(B,C,D,E,A,WR09,SR09,KR0); - RIP5(A,B,C,D,E,WR10,SR10,KR0); - RIP5(E,A,B,C,D,WR11,SR11,KR0); - RIP5(D,E,A,B,C,WR12,SR12,KR0); - RIP5(C,D,E,A,B,WR13,SR13,KR0); - RIP5(B,C,D,E,A,WR14,SR14,KR0); - RIP5(A,B,C,D,E,WR15,SR15,KR0); - - RIP4(E,A,B,C,D,WR16,SR16,KR1); - RIP4(D,E,A,B,C,WR17,SR17,KR1); - RIP4(C,D,E,A,B,WR18,SR18,KR1); - RIP4(B,C,D,E,A,WR19,SR19,KR1); - RIP4(A,B,C,D,E,WR20,SR20,KR1); - RIP4(E,A,B,C,D,WR21,SR21,KR1); - RIP4(D,E,A,B,C,WR22,SR22,KR1); - RIP4(C,D,E,A,B,WR23,SR23,KR1); - RIP4(B,C,D,E,A,WR24,SR24,KR1); - RIP4(A,B,C,D,E,WR25,SR25,KR1); - RIP4(E,A,B,C,D,WR26,SR26,KR1); - RIP4(D,E,A,B,C,WR27,SR27,KR1); - RIP4(C,D,E,A,B,WR28,SR28,KR1); - RIP4(B,C,D,E,A,WR29,SR29,KR1); - RIP4(A,B,C,D,E,WR30,SR30,KR1); - RIP4(E,A,B,C,D,WR31,SR31,KR1); - - RIP3(D,E,A,B,C,WR32,SR32,KR2); - RIP3(C,D,E,A,B,WR33,SR33,KR2); - RIP3(B,C,D,E,A,WR34,SR34,KR2); - RIP3(A,B,C,D,E,WR35,SR35,KR2); - RIP3(E,A,B,C,D,WR36,SR36,KR2); - RIP3(D,E,A,B,C,WR37,SR37,KR2); - RIP3(C,D,E,A,B,WR38,SR38,KR2); - RIP3(B,C,D,E,A,WR39,SR39,KR2); - RIP3(A,B,C,D,E,WR40,SR40,KR2); - RIP3(E,A,B,C,D,WR41,SR41,KR2); - RIP3(D,E,A,B,C,WR42,SR42,KR2); - RIP3(C,D,E,A,B,WR43,SR43,KR2); - RIP3(B,C,D,E,A,WR44,SR44,KR2); - RIP3(A,B,C,D,E,WR45,SR45,KR2); - RIP3(E,A,B,C,D,WR46,SR46,KR2); - RIP3(D,E,A,B,C,WR47,SR47,KR2); - - RIP2(C,D,E,A,B,WR48,SR48,KR3); - RIP2(B,C,D,E,A,WR49,SR49,KR3); - RIP2(A,B,C,D,E,WR50,SR50,KR3); - RIP2(E,A,B,C,D,WR51,SR51,KR3); - RIP2(D,E,A,B,C,WR52,SR52,KR3); - RIP2(C,D,E,A,B,WR53,SR53,KR3); - RIP2(B,C,D,E,A,WR54,SR54,KR3); - RIP2(A,B,C,D,E,WR55,SR55,KR3); - RIP2(E,A,B,C,D,WR56,SR56,KR3); - RIP2(D,E,A,B,C,WR57,SR57,KR3); - RIP2(C,D,E,A,B,WR58,SR58,KR3); - RIP2(B,C,D,E,A,WR59,SR59,KR3); - RIP2(A,B,C,D,E,WR60,SR60,KR3); - RIP2(E,A,B,C,D,WR61,SR61,KR3); - RIP2(D,E,A,B,C,WR62,SR62,KR3); - RIP2(C,D,E,A,B,WR63,SR63,KR3); - - RIP1(B,C,D,E,A,WR64,SR64); - RIP1(A,B,C,D,E,WR65,SR65); - RIP1(E,A,B,C,D,WR66,SR66); - RIP1(D,E,A,B,C,WR67,SR67); - RIP1(C,D,E,A,B,WR68,SR68); - RIP1(B,C,D,E,A,WR69,SR69); - RIP1(A,B,C,D,E,WR70,SR70); - RIP1(E,A,B,C,D,WR71,SR71); - RIP1(D,E,A,B,C,WR72,SR72); - RIP1(C,D,E,A,B,WR73,SR73); - RIP1(B,C,D,E,A,WR74,SR74); - RIP1(A,B,C,D,E,WR75,SR75); - RIP1(E,A,B,C,D,WR76,SR76); - RIP1(D,E,A,B,C,WR77,SR77); - RIP1(C,D,E,A,B,WR78,SR78); - RIP1(B,C,D,E,A,WR79,SR79); - - D =ctx->B+c+D; - ctx->B=ctx->C+d+E; - ctx->C=ctx->D+e+A; - ctx->D=ctx->E+a+B; - ctx->E=ctx->A+b+C; - ctx->A=D; - - } - } -#endif diff --git a/src/lib/libcrypto/ripemd/rmd_locl.h b/src/lib/libcrypto/ripemd/rmd_locl.h deleted file mode 100644 index f537b88867..0000000000 --- a/src/lib/libcrypto/ripemd/rmd_locl.h +++ /dev/null @@ -1,160 +0,0 @@ -/* crypto/ripemd/rmd_locl.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include - -#ifndef RIPEMD160_LONG_LOG2 -#define RIPEMD160_LONG_LOG2 2 /* default to 32 bits */ -#endif - -/* - * DO EXAMINE COMMENTS IN crypto/md5/md5_locl.h & crypto/md5/md5_dgst.c - * FOR EXPLANATIONS ON FOLLOWING "CODE." - * - */ -#ifdef RMD160_ASM -# if defined(__i386) || defined(_M_IX86) || defined(__INTEL__) -# define ripemd160_block_host_order ripemd160_block_asm_host_order -# endif -#endif - -void ripemd160_block_host_order (RIPEMD160_CTX *c, const void *p,int num); -void ripemd160_block_data_order (RIPEMD160_CTX *c, const void *p,int num); - -#if defined(__i386) || defined(_M_IX86) || defined(__INTEL__) -#define ripemd160_block_data_order ripemd160_block_host_order -#endif - -#define DATA_ORDER_IS_LITTLE_ENDIAN - -#define HASH_LONG RIPEMD160_LONG -#define HASH_LONG_LOG2 RIPEMD160_LONG_LOG2 -#define HASH_CTX RIPEMD160_CTX -#define HASH_CBLOCK RIPEMD160_CBLOCK -#define HASH_LBLOCK RIPEMD160_LBLOCK -#define HASH_UPDATE RIPEMD160_Update -#define HASH_TRANSFORM RIPEMD160_Transform -#define HASH_FINAL RIPEMD160_Final -#define HASH_BLOCK_HOST_ORDER ripemd160_block_host_order -#define HASH_MAKE_STRING(c,s) do { \ - unsigned long ll; \ - ll=(c)->A; HOST_l2c(ll,(s)); \ - ll=(c)->B; HOST_l2c(ll,(s)); \ - ll=(c)->C; HOST_l2c(ll,(s)); \ - ll=(c)->D; HOST_l2c(ll,(s)); \ - ll=(c)->E; HOST_l2c(ll,(s)); \ - } while (0) -#if !defined(L_ENDIAN) || defined(ripemd160_block_data_order) -#define HASH_BLOCK_DATA_ORDER ripemd160_block_data_order -#endif - -#include "md32_common.h" - -#if 0 -#define F1(x,y,z) ((x)^(y)^(z)) -#define F2(x,y,z) (((x)&(y))|((~x)&z)) -#define F3(x,y,z) (((x)|(~y))^(z)) -#define F4(x,y,z) (((x)&(z))|((y)&(~(z)))) -#define F5(x,y,z) ((x)^((y)|(~(z)))) -#else -/* - * Transformed F2 and F4 are courtesy of Wei Dai - */ -#define F1(x,y,z) ((x) ^ (y) ^ (z)) -#define F2(x,y,z) ((((y) ^ (z)) & (x)) ^ (z)) -#define F3(x,y,z) (((~(y)) | (x)) ^ (z)) -#define F4(x,y,z) ((((x) ^ (y)) & (z)) ^ (y)) -#define F5(x,y,z) (((~(z)) | (y)) ^ (x)) -#endif - -#define RIPEMD160_A 0x67452301L -#define RIPEMD160_B 0xEFCDAB89L -#define RIPEMD160_C 0x98BADCFEL -#define RIPEMD160_D 0x10325476L -#define RIPEMD160_E 0xC3D2E1F0L - -#include "rmdconst.h" - -#define RIP1(a,b,c,d,e,w,s) { \ - a+=F1(b,c,d)+X(w); \ - a=ROTATE(a,s)+e; \ - c=ROTATE(c,10); } - -#define RIP2(a,b,c,d,e,w,s,K) { \ - a+=F2(b,c,d)+X(w)+K; \ - a=ROTATE(a,s)+e; \ - c=ROTATE(c,10); } - -#define RIP3(a,b,c,d,e,w,s,K) { \ - a+=F3(b,c,d)+X(w)+K; \ - a=ROTATE(a,s)+e; \ - c=ROTATE(c,10); } - -#define RIP4(a,b,c,d,e,w,s,K) { \ - a+=F4(b,c,d)+X(w)+K; \ - a=ROTATE(a,s)+e; \ - c=ROTATE(c,10); } - -#define RIP5(a,b,c,d,e,w,s,K) { \ - a+=F5(b,c,d)+X(w)+K; \ - a=ROTATE(a,s)+e; \ - c=ROTATE(c,10); } - diff --git a/src/lib/libcrypto/ripemd/rmd_one.c b/src/lib/libcrypto/ripemd/rmd_one.c deleted file mode 100644 index efdf2dd6ef..0000000000 --- a/src/lib/libcrypto/ripemd/rmd_one.c +++ /dev/null @@ -1,76 +0,0 @@ -/* crypto/ripemd/rmd_one.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include - -unsigned char *RIPEMD160(const unsigned char *d, unsigned long n, - unsigned char *md) - { - RIPEMD160_CTX c; - static unsigned char m[RIPEMD160_DIGEST_LENGTH]; - - if (md == NULL) md=m; - RIPEMD160_Init(&c); - RIPEMD160_Update(&c,d,n); - RIPEMD160_Final(md,&c); - memset(&c,0,sizeof(c)); /* security consideration */ - return(md); - } - diff --git a/src/lib/libcrypto/ripemd/rmdconst.h b/src/lib/libcrypto/ripemd/rmdconst.h deleted file mode 100644 index 59c48dead1..0000000000 --- a/src/lib/libcrypto/ripemd/rmdconst.h +++ /dev/null @@ -1,399 +0,0 @@ -/* crypto/ripemd/rmdconst.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -#define KL0 0x00000000L -#define KL1 0x5A827999L -#define KL2 0x6ED9EBA1L -#define KL3 0x8F1BBCDCL -#define KL4 0xA953FD4EL - -#define KR0 0x50A28BE6L -#define KR1 0x5C4DD124L -#define KR2 0x6D703EF3L -#define KR3 0x7A6D76E9L -#define KR4 0x00000000L - -#define WL00 0 -#define SL00 11 -#define WL01 1 -#define SL01 14 -#define WL02 2 -#define SL02 15 -#define WL03 3 -#define SL03 12 -#define WL04 4 -#define SL04 5 -#define WL05 5 -#define SL05 8 -#define WL06 6 -#define SL06 7 -#define WL07 7 -#define SL07 9 -#define WL08 8 -#define SL08 11 -#define WL09 9 -#define SL09 13 -#define WL10 10 -#define SL10 14 -#define WL11 11 -#define SL11 15 -#define WL12 12 -#define SL12 6 -#define WL13 13 -#define SL13 7 -#define WL14 14 -#define SL14 9 -#define WL15 15 -#define SL15 8 - -#define WL16 7 -#define SL16 7 -#define WL17 4 -#define SL17 6 -#define WL18 13 -#define SL18 8 -#define WL19 1 -#define SL19 13 -#define WL20 10 -#define SL20 11 -#define WL21 6 -#define SL21 9 -#define WL22 15 -#define SL22 7 -#define WL23 3 -#define SL23 15 -#define WL24 12 -#define SL24 7 -#define WL25 0 -#define SL25 12 -#define WL26 9 -#define SL26 15 -#define WL27 5 -#define SL27 9 -#define WL28 2 -#define SL28 11 -#define WL29 14 -#define SL29 7 -#define WL30 11 -#define SL30 13 -#define WL31 8 -#define SL31 12 - -#define WL32 3 -#define SL32 11 -#define WL33 10 -#define SL33 13 -#define WL34 14 -#define SL34 6 -#define WL35 4 -#define SL35 7 -#define WL36 9 -#define SL36 14 -#define WL37 15 -#define SL37 9 -#define WL38 8 -#define SL38 13 -#define WL39 1 -#define SL39 15 -#define WL40 2 -#define SL40 14 -#define WL41 7 -#define SL41 8 -#define WL42 0 -#define SL42 13 -#define WL43 6 -#define SL43 6 -#define WL44 13 -#define SL44 5 -#define WL45 11 -#define SL45 12 -#define WL46 5 -#define SL46 7 -#define WL47 12 -#define SL47 5 - -#define WL48 1 -#define SL48 11 -#define WL49 9 -#define SL49 12 -#define WL50 11 -#define SL50 14 -#define WL51 10 -#define SL51 15 -#define WL52 0 -#define SL52 14 -#define WL53 8 -#define SL53 15 -#define WL54 12 -#define SL54 9 -#define WL55 4 -#define SL55 8 -#define WL56 13 -#define SL56 9 -#define WL57 3 -#define SL57 14 -#define WL58 7 -#define SL58 5 -#define WL59 15 -#define SL59 6 -#define WL60 14 -#define SL60 8 -#define WL61 5 -#define SL61 6 -#define WL62 6 -#define SL62 5 -#define WL63 2 -#define SL63 12 - -#define WL64 4 -#define SL64 9 -#define WL65 0 -#define SL65 15 -#define WL66 5 -#define SL66 5 -#define WL67 9 -#define SL67 11 -#define WL68 7 -#define SL68 6 -#define WL69 12 -#define SL69 8 -#define WL70 2 -#define SL70 13 -#define WL71 10 -#define SL71 12 -#define WL72 14 -#define SL72 5 -#define WL73 1 -#define SL73 12 -#define WL74 3 -#define SL74 13 -#define WL75 8 -#define SL75 14 -#define WL76 11 -#define SL76 11 -#define WL77 6 -#define SL77 8 -#define WL78 15 -#define SL78 5 -#define WL79 13 -#define SL79 6 - -#define WR00 5 -#define SR00 8 -#define WR01 14 -#define SR01 9 -#define WR02 7 -#define SR02 9 -#define WR03 0 -#define SR03 11 -#define WR04 9 -#define SR04 13 -#define WR05 2 -#define SR05 15 -#define WR06 11 -#define SR06 15 -#define WR07 4 -#define SR07 5 -#define WR08 13 -#define SR08 7 -#define WR09 6 -#define SR09 7 -#define WR10 15 -#define SR10 8 -#define WR11 8 -#define SR11 11 -#define WR12 1 -#define SR12 14 -#define WR13 10 -#define SR13 14 -#define WR14 3 -#define SR14 12 -#define WR15 12 -#define SR15 6 - -#define WR16 6 -#define SR16 9 -#define WR17 11 -#define SR17 13 -#define WR18 3 -#define SR18 15 -#define WR19 7 -#define SR19 7 -#define WR20 0 -#define SR20 12 -#define WR21 13 -#define SR21 8 -#define WR22 5 -#define SR22 9 -#define WR23 10 -#define SR23 11 -#define WR24 14 -#define SR24 7 -#define WR25 15 -#define SR25 7 -#define WR26 8 -#define SR26 12 -#define WR27 12 -#define SR27 7 -#define WR28 4 -#define SR28 6 -#define WR29 9 -#define SR29 15 -#define WR30 1 -#define SR30 13 -#define WR31 2 -#define SR31 11 - -#define WR32 15 -#define SR32 9 -#define WR33 5 -#define SR33 7 -#define WR34 1 -#define SR34 15 -#define WR35 3 -#define SR35 11 -#define WR36 7 -#define SR36 8 -#define WR37 14 -#define SR37 6 -#define WR38 6 -#define SR38 6 -#define WR39 9 -#define SR39 14 -#define WR40 11 -#define SR40 12 -#define WR41 8 -#define SR41 13 -#define WR42 12 -#define SR42 5 -#define WR43 2 -#define SR43 14 -#define WR44 10 -#define SR44 13 -#define WR45 0 -#define SR45 13 -#define WR46 4 -#define SR46 7 -#define WR47 13 -#define SR47 5 - -#define WR48 8 -#define SR48 15 -#define WR49 6 -#define SR49 5 -#define WR50 4 -#define SR50 8 -#define WR51 1 -#define SR51 11 -#define WR52 3 -#define SR52 14 -#define WR53 11 -#define SR53 14 -#define WR54 15 -#define SR54 6 -#define WR55 0 -#define SR55 14 -#define WR56 5 -#define SR56 6 -#define WR57 12 -#define SR57 9 -#define WR58 2 -#define SR58 12 -#define WR59 13 -#define SR59 9 -#define WR60 9 -#define SR60 12 -#define WR61 7 -#define SR61 5 -#define WR62 10 -#define SR62 15 -#define WR63 14 -#define SR63 8 - -#define WR64 12 -#define SR64 8 -#define WR65 15 -#define SR65 5 -#define WR66 10 -#define SR66 12 -#define WR67 4 -#define SR67 9 -#define WR68 1 -#define SR68 12 -#define WR69 5 -#define SR69 5 -#define WR70 8 -#define SR70 14 -#define WR71 7 -#define SR71 6 -#define WR72 6 -#define SR72 8 -#define WR73 2 -#define SR73 13 -#define WR74 13 -#define SR74 6 -#define WR75 14 -#define SR75 5 -#define WR76 0 -#define SR76 15 -#define WR77 3 -#define SR77 13 -#define WR78 9 -#define SR78 11 -#define WR79 11 -#define SR79 11 - diff --git a/src/lib/libcrypto/rsa/rsa.h b/src/lib/libcrypto/rsa/rsa.h deleted file mode 100644 index bda636a365..0000000000 --- a/src/lib/libcrypto/rsa/rsa.h +++ /dev/null @@ -1,357 +0,0 @@ -/* crypto/rsa/rsa.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_RSA_H -#define HEADER_RSA_H - -#ifndef NO_BIO -#include -#endif -#include -#include - -#ifdef NO_RSA -#error RSA is disabled. -#endif - -#ifdef __cplusplus -extern "C" { -#endif - -typedef struct rsa_st RSA; - -typedef struct rsa_meth_st - { - const char *name; - int (*rsa_pub_enc)(int flen,unsigned char *from,unsigned char *to, - RSA *rsa,int padding); - int (*rsa_pub_dec)(int flen,unsigned char *from,unsigned char *to, - RSA *rsa,int padding); - int (*rsa_priv_enc)(int flen,unsigned char *from,unsigned char *to, - RSA *rsa,int padding); - int (*rsa_priv_dec)(int flen,unsigned char *from,unsigned char *to, - RSA *rsa,int padding); - int (*rsa_mod_exp)(BIGNUM *r0,BIGNUM *I,RSA *rsa); /* Can be null */ - int (*bn_mod_exp)(BIGNUM *r, BIGNUM *a, const BIGNUM *p, - const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx); /* Can be null */ - int (*init)(RSA *rsa); /* called at new */ - int (*finish)(RSA *rsa); /* called at free */ - int flags; /* RSA_METHOD_FLAG_* things */ - char *app_data; /* may be needed! */ -/* New sign and verify functions: some libraries don't allow arbitrary data - * to be signed/verified: this allows them to be used. Note: for this to work - * the RSA_public_decrypt() and RSA_private_encrypt() should *NOT* be used - * RSA_sign(), RSA_verify() should be used instead. Note: for backwards - * compatibility this functionality is only enabled if the RSA_FLAG_SIGN_VER - * option is set in 'flags'. - */ - int (*rsa_sign)(int type, unsigned char *m, unsigned int m_len, - unsigned char *sigret, unsigned int *siglen, RSA *rsa); - int (*rsa_verify)(int dtype, unsigned char *m, unsigned int m_len, - unsigned char *sigbuf, unsigned int siglen, RSA *rsa); - - } RSA_METHOD; - -struct rsa_st - { - /* The first parameter is used to pickup errors where - * this is passed instead of aEVP_PKEY, it is set to 0 */ - int pad; - int version; -#if 0 - RSA_METHOD *meth; -#else - struct engine_st *engine; -#endif - BIGNUM *n; - BIGNUM *e; - BIGNUM *d; - BIGNUM *p; - BIGNUM *q; - BIGNUM *dmp1; - BIGNUM *dmq1; - BIGNUM *iqmp; - /* be careful using this if the RSA structure is shared */ - CRYPTO_EX_DATA ex_data; - int references; - int flags; - - /* Used to cache montgomery values */ - BN_MONT_CTX *_method_mod_n; - BN_MONT_CTX *_method_mod_p; - BN_MONT_CTX *_method_mod_q; - - /* all BIGNUM values are actually in the following data, if it is not - * NULL */ - char *bignum_data; - BN_BLINDING *blinding; - }; - -#define RSA_3 0x3L -#define RSA_F4 0x10001L - -#define RSA_METHOD_FLAG_NO_CHECK 0x01 /* don't check pub/private match */ - -#define RSA_FLAG_CACHE_PUBLIC 0x02 -#define RSA_FLAG_CACHE_PRIVATE 0x04 -#define RSA_FLAG_BLINDING 0x08 -#define RSA_FLAG_THREAD_SAFE 0x10 -/* This flag means the private key operations will be handled by rsa_mod_exp - * and that they do not depend on the private key components being present: - * for example a key stored in external hardware. Without this flag bn_mod_exp - * gets called when private key components are absent. - */ -#define RSA_FLAG_EXT_PKEY 0x20 - -/* This flag in the RSA_METHOD enables the new rsa_sign, rsa_verify functions. - */ -#define RSA_FLAG_SIGN_VER 0x40 - -#define RSA_PKCS1_PADDING 1 -#define RSA_SSLV23_PADDING 2 -#define RSA_NO_PADDING 3 -#define RSA_PKCS1_OAEP_PADDING 4 - -#define RSA_set_app_data(s,arg) RSA_set_ex_data(s,0,arg) -#define RSA_get_app_data(s) RSA_get_ex_data(s,0) - -RSA * RSA_new(void); -#if 0 -RSA * RSA_new_method(RSA_METHOD *method); -#else -RSA * RSA_new_method(struct engine_st *engine); -#endif -int RSA_size(RSA *); -RSA * RSA_generate_key(int bits, unsigned long e,void - (*callback)(int,int,void *),void *cb_arg); -int RSA_check_key(RSA *); - /* next 4 return -1 on error */ -int RSA_public_encrypt(int flen, unsigned char *from, - unsigned char *to, RSA *rsa,int padding); -int RSA_private_encrypt(int flen, unsigned char *from, - unsigned char *to, RSA *rsa,int padding); -int RSA_public_decrypt(int flen, unsigned char *from, - unsigned char *to, RSA *rsa,int padding); -int RSA_private_decrypt(int flen, unsigned char *from, - unsigned char *to, RSA *rsa,int padding); -void RSA_free (RSA *r); - -int RSA_flags(RSA *r); - -void RSA_set_default_openssl_method(RSA_METHOD *meth); -RSA_METHOD *RSA_get_default_openssl_method(void); -RSA_METHOD *RSA_get_method(RSA *rsa); -#if 0 -RSA_METHOD *RSA_set_method(RSA *rsa, RSA_METHOD *meth); -#else -int RSA_set_method(RSA *rsa, struct engine_st *engine); -#endif - -/* This function needs the memory locking malloc callbacks to be installed */ -int RSA_memory_lock(RSA *r); - -/* If you have RSAref compiled in. */ -RSA_METHOD *RSA_PKCS1_RSAref(void); - -/* these are the actual SSLeay RSA functions */ -RSA_METHOD *RSA_PKCS1_SSLeay(void); - -RSA_METHOD *RSA_null_method(void); - -void ERR_load_RSA_strings(void ); - -RSA * d2i_RSAPublicKey(RSA **a, unsigned char **pp, long length); -int i2d_RSAPublicKey(RSA *a, unsigned char **pp); -RSA * d2i_RSAPrivateKey(RSA **a, unsigned char **pp, long length); -int i2d_RSAPrivateKey(RSA *a, unsigned char **pp); -#ifndef NO_FP_API -int RSA_print_fp(FILE *fp, RSA *r,int offset); -#endif - -#ifndef NO_BIO -int RSA_print(BIO *bp, RSA *r,int offset); -#endif - -int i2d_RSA_NET(RSA *a, unsigned char **pp, int (*cb)(), int sgckey); -RSA *d2i_RSA_NET(RSA **a, unsigned char **pp, long length, int (*cb)(), int sgckey); -RSA *d2i_RSA_NET_2(RSA **a, unsigned char **pp, long length, int (*cb)(), int sgckey); - -int i2d_Netscape_RSA(RSA *a, unsigned char **pp, int (*cb)()); -RSA *d2i_Netscape_RSA(RSA **a, unsigned char **pp, long length, int (*cb)()); -/* Naughty internal function required elsewhere, to handle a MS structure - * that is the same as the netscape one :-) */ -RSA *d2i_Netscape_RSA_2(RSA **a, unsigned char **pp, long length, int (*cb)()); - -/* The following 2 functions sign and verify a X509_SIG ASN1 object - * inside PKCS#1 padded RSA encryption */ -int RSA_sign(int type, unsigned char *m, unsigned int m_len, - unsigned char *sigret, unsigned int *siglen, RSA *rsa); -int RSA_verify(int type, unsigned char *m, unsigned int m_len, - unsigned char *sigbuf, unsigned int siglen, RSA *rsa); - -/* The following 2 function sign and verify a ASN1_OCTET_STRING - * object inside PKCS#1 padded RSA encryption */ -int RSA_sign_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len, - unsigned char *sigret, unsigned int *siglen, RSA *rsa); -int RSA_verify_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len, - unsigned char *sigbuf, unsigned int siglen, RSA *rsa); - -int RSA_blinding_on(RSA *rsa, BN_CTX *ctx); -void RSA_blinding_off(RSA *rsa); - -int RSA_padding_add_PKCS1_type_1(unsigned char *to,int tlen, - unsigned char *f,int fl); -int RSA_padding_check_PKCS1_type_1(unsigned char *to,int tlen, - unsigned char *f,int fl,int rsa_len); -int RSA_padding_add_PKCS1_type_2(unsigned char *to,int tlen, - unsigned char *f,int fl); -int RSA_padding_check_PKCS1_type_2(unsigned char *to,int tlen, - unsigned char *f,int fl,int rsa_len); -int RSA_padding_add_PKCS1_OAEP(unsigned char *to,int tlen, - unsigned char *f,int fl,unsigned char *p, - int pl); -int RSA_padding_check_PKCS1_OAEP(unsigned char *to,int tlen, - unsigned char *f,int fl,int rsa_len, - unsigned char *p,int pl); -int RSA_padding_add_SSLv23(unsigned char *to,int tlen, - unsigned char *f,int fl); -int RSA_padding_check_SSLv23(unsigned char *to,int tlen, - unsigned char *f,int fl,int rsa_len); -int RSA_padding_add_none(unsigned char *to,int tlen, - unsigned char *f,int fl); -int RSA_padding_check_none(unsigned char *to,int tlen, - unsigned char *f,int fl,int rsa_len); - -int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); -int RSA_set_ex_data(RSA *r,int idx,void *arg); -void *RSA_get_ex_data(RSA *r, int idx); - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ - -/* Error codes for the RSA functions. */ - -/* Function codes. */ -#define RSA_F_MEMORY_LOCK 100 -#define RSA_F_RSA_CHECK_KEY 123 -#define RSA_F_RSA_EAY_PRIVATE_DECRYPT 101 -#define RSA_F_RSA_EAY_PRIVATE_ENCRYPT 102 -#define RSA_F_RSA_EAY_PUBLIC_DECRYPT 103 -#define RSA_F_RSA_EAY_PUBLIC_ENCRYPT 104 -#define RSA_F_RSA_GENERATE_KEY 105 -#define RSA_F_RSA_NEW_METHOD 106 -#define RSA_F_RSA_NULL 124 -#define RSA_F_RSA_PADDING_ADD_NONE 107 -#define RSA_F_RSA_PADDING_ADD_PKCS1_OAEP 121 -#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1 108 -#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2 109 -#define RSA_F_RSA_PADDING_ADD_SSLV23 110 -#define RSA_F_RSA_PADDING_CHECK_NONE 111 -#define RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP 122 -#define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1 112 -#define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2 113 -#define RSA_F_RSA_PADDING_CHECK_SSLV23 114 -#define RSA_F_RSA_PRINT 115 -#define RSA_F_RSA_PRINT_FP 116 -#define RSA_F_RSA_SIGN 117 -#define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 118 -#define RSA_F_RSA_VERIFY 119 -#define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING 120 - -/* Reason codes. */ -#define RSA_R_ALGORITHM_MISMATCH 100 -#define RSA_R_BAD_E_VALUE 101 -#define RSA_R_BAD_FIXED_HEADER_DECRYPT 102 -#define RSA_R_BAD_PAD_BYTE_COUNT 103 -#define RSA_R_BAD_SIGNATURE 104 -#define RSA_R_BLOCK_TYPE_IS_NOT_01 106 -#define RSA_R_BLOCK_TYPE_IS_NOT_02 107 -#define RSA_R_DATA_GREATER_THAN_MOD_LEN 108 -#define RSA_R_DATA_TOO_LARGE 109 -#define RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 110 -#define RSA_R_DATA_TOO_SMALL 111 -#define RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE 122 -#define RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY 112 -#define RSA_R_DMP1_NOT_CONGRUENT_TO_D 124 -#define RSA_R_DMQ1_NOT_CONGRUENT_TO_D 125 -#define RSA_R_D_E_NOT_CONGRUENT_TO_1 123 -#define RSA_R_INVALID_MESSAGE_LENGTH 131 -#define RSA_R_IQMP_NOT_INVERSE_OF_Q 126 -#define RSA_R_KEY_SIZE_TOO_SMALL 120 -#define RSA_R_NULL_BEFORE_BLOCK_MISSING 113 -#define RSA_R_N_DOES_NOT_EQUAL_P_Q 127 -#define RSA_R_OAEP_DECODING_ERROR 121 -#define RSA_R_PADDING_CHECK_FAILED 114 -#define RSA_R_P_NOT_PRIME 128 -#define RSA_R_Q_NOT_PRIME 129 -#define RSA_R_RSA_OPERATIONS_NOT_SUPPORTED 130 -#define RSA_R_SSLV3_ROLLBACK_ATTACK 115 -#define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116 -#define RSA_R_UNKNOWN_ALGORITHM_TYPE 117 -#define RSA_R_UNKNOWN_PADDING_TYPE 118 -#define RSA_R_WRONG_SIGNATURE_LENGTH 119 - -#ifdef __cplusplus -} -#endif -#endif - diff --git a/src/lib/libcrypto/rsa/rsa_chk.c b/src/lib/libcrypto/rsa/rsa_chk.c deleted file mode 100644 index 91b9115798..0000000000 --- a/src/lib/libcrypto/rsa/rsa_chk.c +++ /dev/null @@ -1,184 +0,0 @@ -/* crypto/rsa/rsa_chk.c -*- Mode: C; c-file-style: "eay" -*- */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#include -#include -#include - - -int RSA_check_key(RSA *key) - { - BIGNUM *i, *j, *k, *l, *m; - BN_CTX *ctx; - int r; - int ret=1; - - i = BN_new(); - j = BN_new(); - k = BN_new(); - l = BN_new(); - m = BN_new(); - ctx = BN_CTX_new(); - if (i == NULL || j == NULL || k == NULL || l == NULL || - m == NULL || ctx == NULL) - { - ret = -1; - RSAerr(RSA_F_RSA_CHECK_KEY, ERR_R_MALLOC_FAILURE); - goto err; - } - - /* p prime? */ - r = BN_is_prime(key->p, BN_prime_checks, NULL, NULL, NULL); - if (r != 1) - { - ret = r; - if (r != 0) - goto err; - RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_P_NOT_PRIME); - } - - /* q prime? */ - r = BN_is_prime(key->q, BN_prime_checks, NULL, NULL, NULL); - if (r != 1) - { - ret = r; - if (r != 0) - goto err; - RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_Q_NOT_PRIME); - } - - /* n = p*q? */ - r = BN_mul(i, key->p, key->q, ctx); - if (!r) { ret = -1; goto err; } - - if (BN_cmp(i, key->n) != 0) - { - ret = 0; - RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_N_DOES_NOT_EQUAL_P_Q); - } - - /* d*e = 1 mod lcm(p-1,q-1)? */ - - r = BN_sub(i, key->p, BN_value_one()); - if (!r) { ret = -1; goto err; } - r = BN_sub(j, key->q, BN_value_one()); - if (!r) { ret = -1; goto err; } - - /* now compute k = lcm(i,j) */ - r = BN_mul(l, i, j, ctx); - if (!r) { ret = -1; goto err; } - r = BN_gcd(m, i, j, ctx); - if (!r) { ret = -1; goto err; } - r = BN_div(k, NULL, l, m, ctx); /* remainder is 0 */ - if (!r) { ret = -1; goto err; } - - r = BN_mod_mul(i, key->d, key->e, k, ctx); - if (!r) { ret = -1; goto err; } - - if (!BN_is_one(i)) - { - ret = 0; - RSAerr(RSA_F_RSA_CHECK_KEY, RSA_R_D_E_NOT_CONGRUENT_TO_1); - } - - if (key->dmp1 != NULL && key->dmq1 != NULL && key->iqmp != NULL) - { - /* dmp1 = d mod (p-1)? */ - r = BN_sub(i, key->p, BN_value_one()); - if (!r) { ret = -1; goto err; } - - r = BN_mod(j, key->d, i, ctx); - if (!r) { ret = -1; goto err; } - - if (BN_cmp(j, key->dmp1) != 0) - { - ret = 0; - RSAerr(RSA_F_RSA_CHECK_KEY, - RSA_R_DMP1_NOT_CONGRUENT_TO_D); - } - - /* dmq1 = d mod (q-1)? */ - r = BN_sub(i, key->q, BN_value_one()); - if (!r) { ret = -1; goto err; } - - r = BN_mod(j, key->d, i, ctx); - if (!r) { ret = -1; goto err; } - - if (BN_cmp(j, key->dmq1) != 0) - { - ret = 0; - RSAerr(RSA_F_RSA_CHECK_KEY, - RSA_R_DMQ1_NOT_CONGRUENT_TO_D); - } - - /* iqmp = q^-1 mod p? */ - if(!BN_mod_inverse(i, key->q, key->p, ctx)) - { - ret = -1; - goto err; - } - - if (BN_cmp(i, key->iqmp) != 0) - { - ret = 0; - RSAerr(RSA_F_RSA_CHECK_KEY, - RSA_R_IQMP_NOT_INVERSE_OF_Q); - } - } - - err: - if (i != NULL) BN_free(i); - if (j != NULL) BN_free(j); - if (k != NULL) BN_free(k); - if (l != NULL) BN_free(l); - if (m != NULL) BN_free(m); - if (ctx != NULL) BN_CTX_free(ctx); - return (ret); - } diff --git a/src/lib/libcrypto/rsa/rsa_eay.c b/src/lib/libcrypto/rsa/rsa_eay.c deleted file mode 100644 index ccaa62b239..0000000000 --- a/src/lib/libcrypto/rsa/rsa_eay.c +++ /dev/null @@ -1,512 +0,0 @@ -/* crypto/rsa/rsa_eay.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include -#include -#include - -#ifndef RSA_NULL - -static int RSA_eay_public_encrypt(int flen, unsigned char *from, - unsigned char *to, RSA *rsa,int padding); -static int RSA_eay_private_encrypt(int flen, unsigned char *from, - unsigned char *to, RSA *rsa,int padding); -static int RSA_eay_public_decrypt(int flen, unsigned char *from, - unsigned char *to, RSA *rsa,int padding); -static int RSA_eay_private_decrypt(int flen, unsigned char *from, - unsigned char *to, RSA *rsa,int padding); -static int RSA_eay_mod_exp(BIGNUM *r0, BIGNUM *i, RSA *rsa); -static int RSA_eay_init(RSA *rsa); -static int RSA_eay_finish(RSA *rsa); -static RSA_METHOD rsa_pkcs1_eay_meth={ - "Eric Young's PKCS#1 RSA", - RSA_eay_public_encrypt, - RSA_eay_public_decrypt, - RSA_eay_private_encrypt, - RSA_eay_private_decrypt, - RSA_eay_mod_exp, - BN_mod_exp_mont, - RSA_eay_init, - RSA_eay_finish, - 0, - NULL, - }; - -RSA_METHOD *RSA_PKCS1_SSLeay(void) - { - return(&rsa_pkcs1_eay_meth); - } - -static int RSA_eay_public_encrypt(int flen, unsigned char *from, - unsigned char *to, RSA *rsa, int padding) - { - const RSA_METHOD *meth; - BIGNUM f,ret; - int i,j,k,num=0,r= -1; - unsigned char *buf=NULL; - BN_CTX *ctx=NULL; - - meth = ENGINE_get_RSA(rsa->engine); - BN_init(&f); - BN_init(&ret); - if ((ctx=BN_CTX_new()) == NULL) goto err; - num=BN_num_bytes(rsa->n); - if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL) - { - RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,ERR_R_MALLOC_FAILURE); - goto err; - } - - switch (padding) - { - case RSA_PKCS1_PADDING: - i=RSA_padding_add_PKCS1_type_2(buf,num,from,flen); - break; -#ifndef NO_SHA - case RSA_PKCS1_OAEP_PADDING: - i=RSA_padding_add_PKCS1_OAEP(buf,num,from,flen,NULL,0); - break; -#endif - case RSA_SSLV23_PADDING: - i=RSA_padding_add_SSLv23(buf,num,from,flen); - break; - case RSA_NO_PADDING: - i=RSA_padding_add_none(buf,num,from,flen); - break; - default: - RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,RSA_R_UNKNOWN_PADDING_TYPE); - goto err; - } - if (i <= 0) goto err; - - if (BN_bin2bn(buf,num,&f) == NULL) goto err; - - if ((rsa->_method_mod_n == NULL) && (rsa->flags & RSA_FLAG_CACHE_PUBLIC)) - { - if ((rsa->_method_mod_n=BN_MONT_CTX_new()) != NULL) - if (!BN_MONT_CTX_set(rsa->_method_mod_n,rsa->n,ctx)) - goto err; - } - - if (!meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx, - rsa->_method_mod_n)) goto err; - - /* put in leading 0 bytes if the number is less than the - * length of the modulus */ - j=BN_num_bytes(&ret); - i=BN_bn2bin(&ret,&(to[num-j])); - for (k=0; k<(num-i); k++) - to[k]=0; - - r=num; -err: - if (ctx != NULL) BN_CTX_free(ctx); - BN_clear_free(&f); - BN_clear_free(&ret); - if (buf != NULL) - { - memset(buf,0,num); - OPENSSL_free(buf); - } - return(r); - } - -static int RSA_eay_private_encrypt(int flen, unsigned char *from, - unsigned char *to, RSA *rsa, int padding) - { - const RSA_METHOD *meth; - BIGNUM f,ret; - int i,j,k,num=0,r= -1; - unsigned char *buf=NULL; - BN_CTX *ctx=NULL; - - meth = ENGINE_get_RSA(rsa->engine); - BN_init(&f); - BN_init(&ret); - - if ((ctx=BN_CTX_new()) == NULL) goto err; - num=BN_num_bytes(rsa->n); - if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL) - { - RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,ERR_R_MALLOC_FAILURE); - goto err; - } - - switch (padding) - { - case RSA_PKCS1_PADDING: - i=RSA_padding_add_PKCS1_type_1(buf,num,from,flen); - break; - case RSA_NO_PADDING: - i=RSA_padding_add_none(buf,num,from,flen); - break; - case RSA_SSLV23_PADDING: - default: - RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,RSA_R_UNKNOWN_PADDING_TYPE); - goto err; - } - if (i <= 0) goto err; - - if (BN_bin2bn(buf,num,&f) == NULL) goto err; - - if ((rsa->flags & RSA_FLAG_BLINDING) && (rsa->blinding == NULL)) - RSA_blinding_on(rsa,ctx); - if (rsa->flags & RSA_FLAG_BLINDING) - if (!BN_BLINDING_convert(&f,rsa->blinding,ctx)) goto err; - - if ( (rsa->flags & RSA_FLAG_EXT_PKEY) || - ((rsa->p != NULL) && - (rsa->q != NULL) && - (rsa->dmp1 != NULL) && - (rsa->dmq1 != NULL) && - (rsa->iqmp != NULL)) ) - { if (!meth->rsa_mod_exp(&ret,&f,rsa)) goto err; } - else - { - if (!meth->bn_mod_exp(&ret,&f,rsa->d,rsa->n,ctx,NULL)) goto err; - } - - if (rsa->flags & RSA_FLAG_BLINDING) - if (!BN_BLINDING_invert(&ret,rsa->blinding,ctx)) goto err; - - /* put in leading 0 bytes if the number is less than the - * length of the modulus */ - j=BN_num_bytes(&ret); - i=BN_bn2bin(&ret,&(to[num-j])); - for (k=0; k<(num-i); k++) - to[k]=0; - - r=num; -err: - if (ctx != NULL) BN_CTX_free(ctx); - BN_clear_free(&ret); - BN_clear_free(&f); - if (buf != NULL) - { - memset(buf,0,num); - OPENSSL_free(buf); - } - return(r); - } - -static int RSA_eay_private_decrypt(int flen, unsigned char *from, - unsigned char *to, RSA *rsa, int padding) - { - const RSA_METHOD *meth; - BIGNUM f,ret; - int j,num=0,r= -1; - unsigned char *p; - unsigned char *buf=NULL; - BN_CTX *ctx=NULL; - - meth = ENGINE_get_RSA(rsa->engine); - BN_init(&f); - BN_init(&ret); - ctx=BN_CTX_new(); - if (ctx == NULL) goto err; - - num=BN_num_bytes(rsa->n); - - if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL) - { - RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,ERR_R_MALLOC_FAILURE); - goto err; - } - - /* This check was for equality but PGP does evil things - * and chops off the top '0' bytes */ - if (flen > num) - { - RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_DATA_GREATER_THAN_MOD_LEN); - goto err; - } - - /* make data into a big number */ - if (BN_bin2bn(from,(int)flen,&f) == NULL) goto err; - - if ((rsa->flags & RSA_FLAG_BLINDING) && (rsa->blinding == NULL)) - RSA_blinding_on(rsa,ctx); - if (rsa->flags & RSA_FLAG_BLINDING) - if (!BN_BLINDING_convert(&f,rsa->blinding,ctx)) goto err; - - /* do the decrypt */ - if ( (rsa->flags & RSA_FLAG_EXT_PKEY) || - ((rsa->p != NULL) && - (rsa->q != NULL) && - (rsa->dmp1 != NULL) && - (rsa->dmq1 != NULL) && - (rsa->iqmp != NULL)) ) - { if (!meth->rsa_mod_exp(&ret,&f,rsa)) goto err; } - else - { - if (!meth->bn_mod_exp(&ret,&f,rsa->d,rsa->n,ctx,NULL)) - goto err; - } - - if (rsa->flags & RSA_FLAG_BLINDING) - if (!BN_BLINDING_invert(&ret,rsa->blinding,ctx)) goto err; - - p=buf; - j=BN_bn2bin(&ret,p); /* j is only used with no-padding mode */ - - switch (padding) - { - case RSA_PKCS1_PADDING: - r=RSA_padding_check_PKCS1_type_2(to,num,buf,j,num); - break; -#ifndef NO_SHA - case RSA_PKCS1_OAEP_PADDING: - r=RSA_padding_check_PKCS1_OAEP(to,num,buf,j,num,NULL,0); - break; -#endif - case RSA_SSLV23_PADDING: - r=RSA_padding_check_SSLv23(to,num,buf,j,num); - break; - case RSA_NO_PADDING: - r=RSA_padding_check_none(to,num,buf,j,num); - break; - default: - RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_UNKNOWN_PADDING_TYPE); - goto err; - } - if (r < 0) - RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_PADDING_CHECK_FAILED); - -err: - if (ctx != NULL) BN_CTX_free(ctx); - BN_clear_free(&f); - BN_clear_free(&ret); - if (buf != NULL) - { - memset(buf,0,num); - OPENSSL_free(buf); - } - return(r); - } - -static int RSA_eay_public_decrypt(int flen, unsigned char *from, - unsigned char *to, RSA *rsa, int padding) - { - const RSA_METHOD *meth; - BIGNUM f,ret; - int i,num=0,r= -1; - unsigned char *p; - unsigned char *buf=NULL; - BN_CTX *ctx=NULL; - - meth = ENGINE_get_RSA(rsa->engine); - BN_init(&f); - BN_init(&ret); - ctx=BN_CTX_new(); - if (ctx == NULL) goto err; - - num=BN_num_bytes(rsa->n); - buf=(unsigned char *)OPENSSL_malloc(num); - if (buf == NULL) - { - RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,ERR_R_MALLOC_FAILURE); - goto err; - } - - /* This check was for equality but PGP does evil things - * and chops off the top '0' bytes */ - if (flen > num) - { - RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_DATA_GREATER_THAN_MOD_LEN); - goto err; - } - - if (BN_bin2bn(from,flen,&f) == NULL) goto err; - /* do the decrypt */ - if ((rsa->_method_mod_n == NULL) && (rsa->flags & RSA_FLAG_CACHE_PUBLIC)) - { - if ((rsa->_method_mod_n=BN_MONT_CTX_new()) != NULL) - if (!BN_MONT_CTX_set(rsa->_method_mod_n,rsa->n,ctx)) - goto err; - } - - if (!meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx, - rsa->_method_mod_n)) goto err; - - p=buf; - i=BN_bn2bin(&ret,p); - - switch (padding) - { - case RSA_PKCS1_PADDING: - r=RSA_padding_check_PKCS1_type_1(to,num,buf,i,num); - break; - case RSA_NO_PADDING: - r=RSA_padding_check_none(to,num,buf,i,num); - break; - default: - RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_UNKNOWN_PADDING_TYPE); - goto err; - } - if (r < 0) - RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_PADDING_CHECK_FAILED); - -err: - if (ctx != NULL) BN_CTX_free(ctx); - BN_clear_free(&f); - BN_clear_free(&ret); - if (buf != NULL) - { - memset(buf,0,num); - OPENSSL_free(buf); - } - return(r); - } - -static int RSA_eay_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa) - { - const RSA_METHOD *meth; - BIGNUM r1,m1,vrfy; - int ret=0; - BN_CTX *ctx; - - meth = ENGINE_get_RSA(rsa->engine); - if ((ctx=BN_CTX_new()) == NULL) goto err; - BN_init(&m1); - BN_init(&r1); - BN_init(&vrfy); - - if (rsa->flags & RSA_FLAG_CACHE_PRIVATE) - { - if (rsa->_method_mod_p == NULL) - { - if ((rsa->_method_mod_p=BN_MONT_CTX_new()) != NULL) - if (!BN_MONT_CTX_set(rsa->_method_mod_p,rsa->p, - ctx)) - goto err; - } - if (rsa->_method_mod_q == NULL) - { - if ((rsa->_method_mod_q=BN_MONT_CTX_new()) != NULL) - if (!BN_MONT_CTX_set(rsa->_method_mod_q,rsa->q, - ctx)) - goto err; - } - } - - if (!BN_mod(&r1,I,rsa->q,ctx)) goto err; - if (!meth->bn_mod_exp(&m1,&r1,rsa->dmq1,rsa->q,ctx, - rsa->_method_mod_q)) goto err; - - if (!BN_mod(&r1,I,rsa->p,ctx)) goto err; - if (!meth->bn_mod_exp(r0,&r1,rsa->dmp1,rsa->p,ctx, - rsa->_method_mod_p)) goto err; - - if (!BN_sub(r0,r0,&m1)) goto err; - /* This will help stop the size of r0 increasing, which does - * affect the multiply if it optimised for a power of 2 size */ - if (r0->neg) - if (!BN_add(r0,r0,rsa->p)) goto err; - - if (!BN_mul(&r1,r0,rsa->iqmp,ctx)) goto err; - if (!BN_mod(r0,&r1,rsa->p,ctx)) goto err; - /* If p < q it is occasionally possible for the correction of - * adding 'p' if r0 is negative above to leave the result still - * negative. This can break the private key operations: the following - * second correction should *always* correct this rare occurrence. - * This will *never* happen with OpenSSL generated keys because - * they ensure p > q [steve] - */ - if (r0->neg) - if (!BN_add(r0,r0,rsa->p)) goto err; - if (!BN_mul(&r1,r0,rsa->q,ctx)) goto err; - if (!BN_add(r0,&r1,&m1)) goto err; - - if (rsa->e && rsa->n) - { - if (!meth->bn_mod_exp(&vrfy,r0,rsa->e,rsa->n,ctx,NULL)) goto err; - if (BN_cmp(I, &vrfy) != 0) - { - if (!meth->bn_mod_exp(r0,I,rsa->d,rsa->n,ctx,NULL)) goto err; - } - } - ret=1; -err: - BN_clear_free(&m1); - BN_clear_free(&r1); - BN_clear_free(&vrfy); - BN_CTX_free(ctx); - return(ret); - } - -static int RSA_eay_init(RSA *rsa) - { - rsa->flags|=RSA_FLAG_CACHE_PUBLIC|RSA_FLAG_CACHE_PRIVATE; - return(1); - } - -static int RSA_eay_finish(RSA *rsa) - { - if (rsa->_method_mod_n != NULL) - BN_MONT_CTX_free(rsa->_method_mod_n); - if (rsa->_method_mod_p != NULL) - BN_MONT_CTX_free(rsa->_method_mod_p); - if (rsa->_method_mod_q != NULL) - BN_MONT_CTX_free(rsa->_method_mod_q); - return(1); - } - -#endif diff --git a/src/lib/libcrypto/rsa/rsa_err.c b/src/lib/libcrypto/rsa/rsa_err.c deleted file mode 100644 index 1cde7c0da4..0000000000 --- a/src/lib/libcrypto/rsa/rsa_err.c +++ /dev/null @@ -1,148 +0,0 @@ -/* crypto/rsa/rsa_err.c */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* NOTE: this file was auto generated by the mkerr.pl script: any changes - * made to it will be overwritten when the script next updates this file, - * only reason strings will be preserved. - */ - -#include -#include -#include - -/* BEGIN ERROR CODES */ -#ifndef NO_ERR -static ERR_STRING_DATA RSA_str_functs[]= - { -{ERR_PACK(0,RSA_F_MEMORY_LOCK,0), "MEMORY_LOCK"}, -{ERR_PACK(0,RSA_F_RSA_CHECK_KEY,0), "RSA_check_key"}, -{ERR_PACK(0,RSA_F_RSA_EAY_PRIVATE_DECRYPT,0), "RSA_EAY_PRIVATE_DECRYPT"}, -{ERR_PACK(0,RSA_F_RSA_EAY_PRIVATE_ENCRYPT,0), "RSA_EAY_PRIVATE_ENCRYPT"}, -{ERR_PACK(0,RSA_F_RSA_EAY_PUBLIC_DECRYPT,0), "RSA_EAY_PUBLIC_DECRYPT"}, -{ERR_PACK(0,RSA_F_RSA_EAY_PUBLIC_ENCRYPT,0), "RSA_EAY_PUBLIC_ENCRYPT"}, -{ERR_PACK(0,RSA_F_RSA_GENERATE_KEY,0), "RSA_generate_key"}, -{ERR_PACK(0,RSA_F_RSA_NEW_METHOD,0), "RSA_new_method"}, -{ERR_PACK(0,RSA_F_RSA_NULL,0), "RSA_NULL"}, -{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_NONE,0), "RSA_padding_add_none"}, -{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_PKCS1_OAEP,0), "RSA_padding_add_PKCS1_OAEP"}, -{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1,0), "RSA_padding_add_PKCS1_type_1"}, -{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2,0), "RSA_padding_add_PKCS1_type_2"}, -{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_SSLV23,0), "RSA_padding_add_SSLv23"}, -{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_NONE,0), "RSA_padding_check_none"}, -{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP,0), "RSA_padding_check_PKCS1_OAEP"}, -{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,0), "RSA_padding_check_PKCS1_type_1"}, -{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,0), "RSA_padding_check_PKCS1_type_2"}, -{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_SSLV23,0), "RSA_padding_check_SSLv23"}, -{ERR_PACK(0,RSA_F_RSA_PRINT,0), "RSA_print"}, -{ERR_PACK(0,RSA_F_RSA_PRINT_FP,0), "RSA_print_fp"}, -{ERR_PACK(0,RSA_F_RSA_SIGN,0), "RSA_sign"}, -{ERR_PACK(0,RSA_F_RSA_SIGN_ASN1_OCTET_STRING,0), "RSA_sign_ASN1_OCTET_STRING"}, -{ERR_PACK(0,RSA_F_RSA_VERIFY,0), "RSA_verify"}, -{ERR_PACK(0,RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,0), "RSA_verify_ASN1_OCTET_STRING"}, -{0,NULL} - }; - -static ERR_STRING_DATA RSA_str_reasons[]= - { -{RSA_R_ALGORITHM_MISMATCH ,"algorithm mismatch"}, -{RSA_R_BAD_E_VALUE ,"bad e value"}, -{RSA_R_BAD_FIXED_HEADER_DECRYPT ,"bad fixed header decrypt"}, -{RSA_R_BAD_PAD_BYTE_COUNT ,"bad pad byte count"}, -{RSA_R_BAD_SIGNATURE ,"bad signature"}, -{RSA_R_BLOCK_TYPE_IS_NOT_01 ,"block type is not 01"}, -{RSA_R_BLOCK_TYPE_IS_NOT_02 ,"block type is not 02"}, -{RSA_R_DATA_GREATER_THAN_MOD_LEN ,"data greater than mod len"}, -{RSA_R_DATA_TOO_LARGE ,"data too large"}, -{RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE ,"data too large for key size"}, -{RSA_R_DATA_TOO_SMALL ,"data too small"}, -{RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE ,"data too small for key size"}, -{RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY ,"digest too big for rsa key"}, -{RSA_R_DMP1_NOT_CONGRUENT_TO_D ,"dmp1 not congruent to d"}, -{RSA_R_DMQ1_NOT_CONGRUENT_TO_D ,"dmq1 not congruent to d"}, -{RSA_R_D_E_NOT_CONGRUENT_TO_1 ,"d e not congruent to 1"}, -{RSA_R_INVALID_MESSAGE_LENGTH ,"invalid message length"}, -{RSA_R_IQMP_NOT_INVERSE_OF_Q ,"iqmp not inverse of q"}, -{RSA_R_KEY_SIZE_TOO_SMALL ,"key size too small"}, -{RSA_R_NULL_BEFORE_BLOCK_MISSING ,"null before block missing"}, -{RSA_R_N_DOES_NOT_EQUAL_P_Q ,"n does not equal p q"}, -{RSA_R_OAEP_DECODING_ERROR ,"oaep decoding error"}, -{RSA_R_PADDING_CHECK_FAILED ,"padding check failed"}, -{RSA_R_P_NOT_PRIME ,"p not prime"}, -{RSA_R_Q_NOT_PRIME ,"q not prime"}, -{RSA_R_RSA_OPERATIONS_NOT_SUPPORTED ,"rsa operations not supported"}, -{RSA_R_SSLV3_ROLLBACK_ATTACK ,"sslv3 rollback attack"}, -{RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD,"the asn1 object identifier is not known for this md"}, -{RSA_R_UNKNOWN_ALGORITHM_TYPE ,"unknown algorithm type"}, -{RSA_R_UNKNOWN_PADDING_TYPE ,"unknown padding type"}, -{RSA_R_WRONG_SIGNATURE_LENGTH ,"wrong signature length"}, -{0,NULL} - }; - -#endif - -void ERR_load_RSA_strings(void) - { - static int init=1; - - if (init) - { - init=0; -#ifndef NO_ERR - ERR_load_strings(ERR_LIB_RSA,RSA_str_functs); - ERR_load_strings(ERR_LIB_RSA,RSA_str_reasons); -#endif - - } - } diff --git a/src/lib/libcrypto/rsa/rsa_gen.c b/src/lib/libcrypto/rsa/rsa_gen.c deleted file mode 100644 index 00c25adbc5..0000000000 --- a/src/lib/libcrypto/rsa/rsa_gen.c +++ /dev/null @@ -1,197 +0,0 @@ -/* crypto/rsa/rsa_gen.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include "cryptlib.h" -#include -#include - -RSA *RSA_generate_key(int bits, unsigned long e_value, - void (*callback)(int,int,void *), void *cb_arg) - { - RSA *rsa=NULL; - BIGNUM *r0=NULL,*r1=NULL,*r2=NULL,*r3=NULL,*tmp; - int bitsp,bitsq,ok= -1,n=0,i; - BN_CTX *ctx=NULL,*ctx2=NULL; - - ctx=BN_CTX_new(); - if (ctx == NULL) goto err; - ctx2=BN_CTX_new(); - if (ctx2 == NULL) goto err; - BN_CTX_start(ctx); - r0 = BN_CTX_get(ctx); - r1 = BN_CTX_get(ctx); - r2 = BN_CTX_get(ctx); - r3 = BN_CTX_get(ctx); - if (r3 == NULL) goto err; - - bitsp=(bits+1)/2; - bitsq=bits-bitsp; - rsa=RSA_new(); - if (rsa == NULL) goto err; - - /* set e */ - rsa->e=BN_new(); - if (rsa->e == NULL) goto err; - -#if 1 - /* The problem is when building with 8, 16, or 32 BN_ULONG, - * unsigned long can be larger */ - for (i=0; ie,i); - } -#else - if (!BN_set_word(rsa->e,e_value)) goto err; -#endif - - /* generate p and q */ - for (;;) - { - rsa->p=BN_generate_prime(NULL,bitsp,0,NULL,NULL,callback,cb_arg); - if (rsa->p == NULL) goto err; - if (!BN_sub(r2,rsa->p,BN_value_one())) goto err; - if (!BN_gcd(r1,r2,rsa->e,ctx)) goto err; - if (BN_is_one(r1)) break; - if (callback != NULL) callback(2,n++,cb_arg); - BN_free(rsa->p); - } - if (callback != NULL) callback(3,0,cb_arg); - for (;;) - { - rsa->q=BN_generate_prime(NULL,bitsq,0,NULL,NULL,callback,cb_arg); - if (rsa->q == NULL) goto err; - if (!BN_sub(r2,rsa->q,BN_value_one())) goto err; - if (!BN_gcd(r1,r2,rsa->e,ctx)) goto err; - if (BN_is_one(r1) && (BN_cmp(rsa->p,rsa->q) != 0)) - break; - if (callback != NULL) callback(2,n++,cb_arg); - BN_free(rsa->q); - } - if (callback != NULL) callback(3,1,cb_arg); - if (BN_cmp(rsa->p,rsa->q) < 0) - { - tmp=rsa->p; - rsa->p=rsa->q; - rsa->q=tmp; - } - - /* calculate n */ - rsa->n=BN_new(); - if (rsa->n == NULL) goto err; - if (!BN_mul(rsa->n,rsa->p,rsa->q,ctx)) goto err; - - /* calculate d */ - if (!BN_sub(r1,rsa->p,BN_value_one())) goto err; /* p-1 */ - if (!BN_sub(r2,rsa->q,BN_value_one())) goto err; /* q-1 */ - if (!BN_mul(r0,r1,r2,ctx)) goto err; /* (p-1)(q-1) */ - -/* should not be needed, since gcd(p-1,e) == 1 and gcd(q-1,e) == 1 */ -/* for (;;) - { - if (!BN_gcd(r3,r0,rsa->e,ctx)) goto err; - if (BN_is_one(r3)) break; - - if (1) - { - if (!BN_add_word(rsa->e,2L)) goto err; - continue; - } - RSAerr(RSA_F_RSA_GENERATE_KEY,RSA_R_BAD_E_VALUE); - goto err; - } -*/ - rsa->d=BN_mod_inverse(NULL,rsa->e,r0,ctx2); /* d */ - if (rsa->d == NULL) goto err; - - /* calculate d mod (p-1) */ - rsa->dmp1=BN_new(); - if (rsa->dmp1 == NULL) goto err; - if (!BN_mod(rsa->dmp1,rsa->d,r1,ctx)) goto err; - - /* calculate d mod (q-1) */ - rsa->dmq1=BN_new(); - if (rsa->dmq1 == NULL) goto err; - if (!BN_mod(rsa->dmq1,rsa->d,r2,ctx)) goto err; - - /* calculate inverse of q mod p */ - rsa->iqmp=BN_mod_inverse(NULL,rsa->q,rsa->p,ctx2); - if (rsa->iqmp == NULL) goto err; - - ok=1; -err: - if (ok == -1) - { - RSAerr(RSA_F_RSA_GENERATE_KEY,ERR_LIB_BN); - ok=0; - } - BN_CTX_end(ctx); - BN_CTX_free(ctx); - BN_CTX_free(ctx2); - - if (!ok) - { - if (rsa != NULL) RSA_free(rsa); - return(NULL); - } - else - return(rsa); - } - diff --git a/src/lib/libcrypto/rsa/rsa_lib.c b/src/lib/libcrypto/rsa/rsa_lib.c deleted file mode 100644 index 5e1e8fcdf3..0000000000 --- a/src/lib/libcrypto/rsa/rsa_lib.c +++ /dev/null @@ -1,388 +0,0 @@ -/* crypto/rsa/rsa_lib.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include "cryptlib.h" -#include -#include -#include -#include - -const char *RSA_version="RSA" OPENSSL_VERSION_PTEXT; - -static RSA_METHOD *default_RSA_meth=NULL; -static int rsa_meth_num=0; -static STACK_OF(CRYPTO_EX_DATA_FUNCS) *rsa_meth=NULL; - -RSA *RSA_new(void) - { - return(RSA_new_method(NULL)); - } - -void RSA_set_default_openssl_method(RSA_METHOD *meth) - { - ENGINE *e; - /* We'll need to notify the "openssl" ENGINE of this - * change too. We won't bother locking things down at - * our end as there was never any locking in these - * functions! */ - if(default_RSA_meth != meth) - { - default_RSA_meth = meth; - e = ENGINE_by_id("openssl"); - if(e) - { - ENGINE_set_RSA(e, meth); - ENGINE_free(e); - } - } - } - -RSA_METHOD *RSA_get_default_openssl_method(void) -{ - if (default_RSA_meth == NULL) - { -#ifdef RSA_NULL - default_RSA_meth=RSA_null_method(); -#else -#ifdef RSAref - default_RSA_meth=RSA_PKCS1_RSAref(); -#else - default_RSA_meth=RSA_PKCS1_SSLeay(); -#endif -#endif - } - - return default_RSA_meth; -} - -RSA_METHOD *RSA_get_method(RSA *rsa) -{ - return ENGINE_get_RSA(rsa->engine); -} - -#if 0 -RSA_METHOD *RSA_set_method(RSA *rsa, RSA_METHOD *meth) -{ - RSA_METHOD *mtmp; - mtmp = rsa->meth; - if (mtmp->finish) mtmp->finish(rsa); - rsa->meth = meth; - if (meth->init) meth->init(rsa); - return mtmp; -} -#else -int RSA_set_method(RSA *rsa, ENGINE *engine) -{ - ENGINE *mtmp; - RSA_METHOD *meth; - mtmp = rsa->engine; - meth = ENGINE_get_RSA(mtmp); - if (!ENGINE_init(engine)) - return 0; - if (meth->finish) meth->finish(rsa); - rsa->engine = engine; - meth = ENGINE_get_RSA(engine); - if (meth->init) meth->init(rsa); - /* SHOULD ERROR CHECK THIS!!! */ - ENGINE_finish(mtmp); - return 1; -} -#endif - -#if 0 -RSA *RSA_new_method(RSA_METHOD *meth) -#else -RSA *RSA_new_method(ENGINE *engine) -#endif - { - RSA_METHOD *meth; - RSA *ret; - - ret=(RSA *)OPENSSL_malloc(sizeof(RSA)); - if (ret == NULL) - { - RSAerr(RSA_F_RSA_NEW_METHOD,ERR_R_MALLOC_FAILURE); - return(NULL); - } - - if (engine == NULL) - { - if((ret->engine=ENGINE_get_default_RSA()) == NULL) - { - OPENSSL_free(ret); - return NULL; - } - } - else - ret->engine=engine; - meth = ENGINE_get_RSA(ret->engine); - - ret->pad=0; - ret->version=0; - ret->n=NULL; - ret->e=NULL; - ret->d=NULL; - ret->p=NULL; - ret->q=NULL; - ret->dmp1=NULL; - ret->dmq1=NULL; - ret->iqmp=NULL; - ret->references=1; - ret->_method_mod_n=NULL; - ret->_method_mod_p=NULL; - ret->_method_mod_q=NULL; - ret->blinding=NULL; - ret->bignum_data=NULL; - ret->flags=meth->flags; - if ((meth->init != NULL) && !meth->init(ret)) - { - OPENSSL_free(ret); - ret=NULL; - } - else - CRYPTO_new_ex_data(rsa_meth,ret,&ret->ex_data); - return(ret); - } - -void RSA_free(RSA *r) - { - RSA_METHOD *meth; - int i; - - if (r == NULL) return; - - i=CRYPTO_add(&r->references,-1,CRYPTO_LOCK_RSA); -#ifdef REF_PRINT - REF_PRINT("RSA",r); -#endif - if (i > 0) return; -#ifdef REF_CHECK - if (i < 0) - { - fprintf(stderr,"RSA_free, bad reference count\n"); - abort(); - } -#endif - - CRYPTO_free_ex_data(rsa_meth,r,&r->ex_data); - - meth = ENGINE_get_RSA(r->engine); - if (meth->finish != NULL) - meth->finish(r); - ENGINE_finish(r->engine); - - if (r->n != NULL) BN_clear_free(r->n); - if (r->e != NULL) BN_clear_free(r->e); - if (r->d != NULL) BN_clear_free(r->d); - if (r->p != NULL) BN_clear_free(r->p); - if (r->q != NULL) BN_clear_free(r->q); - if (r->dmp1 != NULL) BN_clear_free(r->dmp1); - if (r->dmq1 != NULL) BN_clear_free(r->dmq1); - if (r->iqmp != NULL) BN_clear_free(r->iqmp); - if (r->blinding != NULL) BN_BLINDING_free(r->blinding); - if (r->bignum_data != NULL) OPENSSL_free_locked(r->bignum_data); - OPENSSL_free(r); - } - -int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) - { - rsa_meth_num++; - return(CRYPTO_get_ex_new_index(rsa_meth_num-1, - &rsa_meth,argl,argp,new_func,dup_func,free_func)); - } - -int RSA_set_ex_data(RSA *r, int idx, void *arg) - { - return(CRYPTO_set_ex_data(&r->ex_data,idx,arg)); - } - -void *RSA_get_ex_data(RSA *r, int idx) - { - return(CRYPTO_get_ex_data(&r->ex_data,idx)); - } - -int RSA_size(RSA *r) - { - return(BN_num_bytes(r->n)); - } - -int RSA_public_encrypt(int flen, unsigned char *from, unsigned char *to, - RSA *rsa, int padding) - { - return(ENGINE_get_RSA(rsa->engine)->rsa_pub_enc(flen, - from, to, rsa, padding)); - } - -int RSA_private_encrypt(int flen, unsigned char *from, unsigned char *to, - RSA *rsa, int padding) - { - return(ENGINE_get_RSA(rsa->engine)->rsa_priv_enc(flen, - from, to, rsa, padding)); - } - -int RSA_private_decrypt(int flen, unsigned char *from, unsigned char *to, - RSA *rsa, int padding) - { - return(ENGINE_get_RSA(rsa->engine)->rsa_priv_dec(flen, - from, to, rsa, padding)); - } - -int RSA_public_decrypt(int flen, unsigned char *from, unsigned char *to, - RSA *rsa, int padding) - { - return(ENGINE_get_RSA(rsa->engine)->rsa_pub_dec(flen, - from, to, rsa, padding)); - } - -int RSA_flags(RSA *r) - { - return((r == NULL)?0:ENGINE_get_RSA(r->engine)->flags); - } - -void RSA_blinding_off(RSA *rsa) - { - if (rsa->blinding != NULL) - { - BN_BLINDING_free(rsa->blinding); - rsa->blinding=NULL; - } - rsa->flags&= ~RSA_FLAG_BLINDING; - } - -int RSA_blinding_on(RSA *rsa, BN_CTX *p_ctx) - { - BIGNUM *A,*Ai; - BN_CTX *ctx; - int ret=0; - - if (p_ctx == NULL) - { - if ((ctx=BN_CTX_new()) == NULL) goto err; - } - else - ctx=p_ctx; - - if (rsa->blinding != NULL) - BN_BLINDING_free(rsa->blinding); - - BN_CTX_start(ctx); - A = BN_CTX_get(ctx); - if (!BN_rand(A,BN_num_bits(rsa->n)-1,1,0)) goto err; - if ((Ai=BN_mod_inverse(NULL,A,rsa->n,ctx)) == NULL) goto err; - - if (!ENGINE_get_RSA(rsa->engine)->bn_mod_exp(A,A, - rsa->e,rsa->n,ctx,rsa->_method_mod_n)) - goto err; - rsa->blinding=BN_BLINDING_new(A,Ai,rsa->n); - rsa->flags|=RSA_FLAG_BLINDING; - BN_free(Ai); - ret=1; -err: - BN_CTX_end(ctx); - if (ctx != p_ctx) BN_CTX_free(ctx); - return(ret); - } - -int RSA_memory_lock(RSA *r) - { - int i,j,k,off; - char *p; - BIGNUM *bn,**t[6],*b; - BN_ULONG *ul; - - if (r->d == NULL) return(1); - t[0]= &r->d; - t[1]= &r->p; - t[2]= &r->q; - t[3]= &r->dmp1; - t[4]= &r->dmq1; - t[5]= &r->iqmp; - k=sizeof(BIGNUM)*6; - off=k/sizeof(BN_ULONG)+1; - j=1; - for (i=0; i<6; i++) - j+= (*t[i])->top; - if ((p=OPENSSL_malloc_locked((off+j)*sizeof(BN_ULONG))) == NULL) - { - RSAerr(RSA_F_MEMORY_LOCK,ERR_R_MALLOC_FAILURE); - return(0); - } - bn=(BIGNUM *)p; - ul=(BN_ULONG *)&(p[off]); - for (i=0; i<6; i++) - { - b= *(t[i]); - *(t[i])= &(bn[i]); - memcpy((char *)&(bn[i]),(char *)b,sizeof(BIGNUM)); - bn[i].flags=BN_FLG_STATIC_DATA; - bn[i].d=ul; - memcpy((char *)ul,b->d,sizeof(BN_ULONG)*b->top); - ul+=b->top; - BN_clear_free(b); - } - - /* I should fix this so it can still be done */ - r->flags&= ~(RSA_FLAG_CACHE_PRIVATE|RSA_FLAG_CACHE_PUBLIC); - - r->bignum_data=p; - return(1); - } - diff --git a/src/lib/libcrypto/rsa/rsa_none.c b/src/lib/libcrypto/rsa/rsa_none.c deleted file mode 100644 index f22fce5016..0000000000 --- a/src/lib/libcrypto/rsa/rsa_none.c +++ /dev/null @@ -1,98 +0,0 @@ -/* crypto/rsa/rsa_none.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include -#include - -int RSA_padding_add_none(unsigned char *to, int tlen, unsigned char *from, - int flen) - { - if (flen > tlen) - { - RSAerr(RSA_F_RSA_PADDING_ADD_NONE,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); - return(0); - } - - if (flen < tlen) - { - RSAerr(RSA_F_RSA_PADDING_ADD_NONE,RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE); - return(0); - } - - memcpy(to,from,(unsigned int)flen); - return(1); - } - -int RSA_padding_check_none(unsigned char *to, int tlen, unsigned char *from, - int flen, int num) - { - - if (flen > tlen) - { - RSAerr(RSA_F_RSA_PADDING_CHECK_NONE,RSA_R_DATA_TOO_LARGE); - return(-1); - } - - memset(to,0,tlen-flen); - memcpy(to+tlen-flen,from,flen); - return(tlen); - } - diff --git a/src/lib/libcrypto/rsa/rsa_oaep.c b/src/lib/libcrypto/rsa/rsa_oaep.c deleted file mode 100644 index fd0b7f361f..0000000000 --- a/src/lib/libcrypto/rsa/rsa_oaep.c +++ /dev/null @@ -1,163 +0,0 @@ -/* crypto/rsa/rsa_oaep.c */ -/* Written by Ulf Moeller. This software is distributed on an "AS IS" - basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. */ - -/* EME_OAEP as defined in RFC 2437 (PKCS #1 v2.0) */ - -#if !defined(NO_SHA) && !defined(NO_SHA1) -#include -#include "cryptlib.h" -#include -#include -#include -#include - -int MGF1(unsigned char *mask, long len, unsigned char *seed, long seedlen); - -int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen, - unsigned char *from, int flen, unsigned char *param, int plen) - { - int i, emlen = tlen - 1; - unsigned char *db, *seed; - unsigned char *dbmask, seedmask[SHA_DIGEST_LENGTH]; - - if (flen > emlen - 2 * SHA_DIGEST_LENGTH - 1) - { - RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP, - RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); - return (0); - } - - if (emlen < 2 * SHA_DIGEST_LENGTH + 1) - { - RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP, RSA_R_KEY_SIZE_TOO_SMALL); - return (0); - } - - dbmask = OPENSSL_malloc(emlen - SHA_DIGEST_LENGTH); - if (dbmask == NULL) - { - RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP, ERR_R_MALLOC_FAILURE); - return (0); - } - - to[0] = 0; - seed = to + 1; - db = to + SHA_DIGEST_LENGTH + 1; - - SHA1(param, plen, db); - memset(db + SHA_DIGEST_LENGTH, 0, - emlen - flen - 2 * SHA_DIGEST_LENGTH - 1); - db[emlen - flen - SHA_DIGEST_LENGTH - 1] = 0x01; - memcpy(db + emlen - flen - SHA_DIGEST_LENGTH, from, (unsigned int) flen); - if (RAND_bytes(seed, SHA_DIGEST_LENGTH) <= 0) - return (0); -#ifdef PKCS_TESTVECT - memcpy(seed, - "\xaa\xfd\x12\xf6\x59\xca\xe6\x34\x89\xb4\x79\xe5\x07\x6d\xde\xc2\xf0\x6c\xb5\x8f", - 20); -#endif - - MGF1(dbmask, emlen - SHA_DIGEST_LENGTH, seed, SHA_DIGEST_LENGTH); - for (i = 0; i < emlen - SHA_DIGEST_LENGTH; i++) - db[i] ^= dbmask[i]; - - MGF1(seedmask, SHA_DIGEST_LENGTH, db, emlen - SHA_DIGEST_LENGTH); - for (i = 0; i < SHA_DIGEST_LENGTH; i++) - seed[i] ^= seedmask[i]; - - OPENSSL_free(dbmask); - return (1); - } - -int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen, - unsigned char *from, int flen, int num, unsigned char *param, - int plen) - { - int i, dblen, mlen = -1; - unsigned char *maskeddb; - int lzero; - unsigned char *db, seed[SHA_DIGEST_LENGTH], phash[SHA_DIGEST_LENGTH]; - - if (--num < 2 * SHA_DIGEST_LENGTH + 1) - { - RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP, RSA_R_OAEP_DECODING_ERROR); - return (-1); - } - - dblen = num - SHA_DIGEST_LENGTH; - db = OPENSSL_malloc(dblen); - if (db == NULL) - { - RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP, ERR_R_MALLOC_FAILURE); - return (-1); - } - - lzero = num - flen; - maskeddb = from - lzero + SHA_DIGEST_LENGTH; - - MGF1(seed, SHA_DIGEST_LENGTH, maskeddb, dblen); - for (i = lzero; i < SHA_DIGEST_LENGTH; i++) - seed[i] ^= from[i - lzero]; - - MGF1(db, dblen, seed, SHA_DIGEST_LENGTH); - for (i = 0; i < dblen; i++) - db[i] ^= maskeddb[i]; - - SHA1(param, plen, phash); - - if (memcmp(db, phash, SHA_DIGEST_LENGTH) != 0) - RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP, RSA_R_OAEP_DECODING_ERROR); - else - { - for (i = SHA_DIGEST_LENGTH; i < dblen; i++) - if (db[i] != 0x00) - break; - if (db[i] != 0x01 || i++ >= dblen) - RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_OAEP, - RSA_R_OAEP_DECODING_ERROR); - else - { - mlen = dblen - i; - if (tlen < mlen) - { - RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_OAEP, RSA_R_DATA_TOO_LARGE); - mlen = -1; - } - else - memcpy(to, db + i, mlen); - } - } - OPENSSL_free(db); - return (mlen); - } - -int MGF1(unsigned char *mask, long len, unsigned char *seed, long seedlen) - { - long i, outlen = 0; - unsigned char cnt[4]; - SHA_CTX c; - unsigned char md[SHA_DIGEST_LENGTH]; - - for (i = 0; outlen < len; i++) - { - cnt[0] = (i >> 24) & 255, cnt[1] = (i >> 16) & 255, - cnt[2] = (i >> 8) & 255, cnt[3] = i & 255; - SHA1_Init(&c); - SHA1_Update(&c, seed, seedlen); - SHA1_Update(&c, cnt, 4); - if (outlen + SHA_DIGEST_LENGTH <= len) - { - SHA1_Final(mask + outlen, &c); - outlen += SHA_DIGEST_LENGTH; - } - else - { - SHA1_Final(md, &c); - memcpy(mask + outlen, md, len - outlen); - outlen = len; - } - } - return (0); - } -#endif diff --git a/src/lib/libcrypto/rsa/rsa_pk1.c b/src/lib/libcrypto/rsa/rsa_pk1.c deleted file mode 100644 index 48a32bc264..0000000000 --- a/src/lib/libcrypto/rsa/rsa_pk1.c +++ /dev/null @@ -1,224 +0,0 @@ -/* crypto/rsa/rsa_pk1.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include -#include - -int RSA_padding_add_PKCS1_type_1(unsigned char *to, int tlen, - unsigned char *from, int flen) - { - int j; - unsigned char *p; - - if (flen > (tlen-11)) - { - RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); - return(0); - } - - p=(unsigned char *)to; - - *(p++)=0; - *(p++)=1; /* Private Key BT (Block Type) */ - - /* pad out with 0xff data */ - j=tlen-3-flen; - memset(p,0xff,j); - p+=j; - *(p++)='\0'; - memcpy(p,from,(unsigned int)flen); - return(1); - } - -int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen, - unsigned char *from, int flen, int num) - { - int i,j; - unsigned char *p; - - p=from; - if ((num != (flen+1)) || (*(p++) != 01)) - { - RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,RSA_R_BLOCK_TYPE_IS_NOT_01); - return(-1); - } - - /* scan over padding data */ - j=flen-1; /* one for type. */ - for (i=0; i tlen) - { - RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,RSA_R_DATA_TOO_LARGE); - return(-1); - } - memcpy(to,p,(unsigned int)j); - - return(j); - } - -int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen, - unsigned char *from, int flen) - { - int i,j; - unsigned char *p; - - if (flen > (tlen-11)) - { - RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); - return(0); - } - - p=(unsigned char *)to; - - *(p++)=0; - *(p++)=2; /* Public Key BT (Block Type) */ - - /* pad out with non-zero random data */ - j=tlen-3-flen; - - if (RAND_bytes(p,j) <= 0) - return(0); - for (i=0; i tlen) - { - RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,RSA_R_DATA_TOO_LARGE); - return(-1); - } - memcpy(to,p,(unsigned int)j); - - return(j); - } - diff --git a/src/lib/libcrypto/rsa/rsa_saos.c b/src/lib/libcrypto/rsa/rsa_saos.c deleted file mode 100644 index c77f4381ff..0000000000 --- a/src/lib/libcrypto/rsa/rsa_saos.c +++ /dev/null @@ -1,144 +0,0 @@ -/* crypto/rsa/rsa_saos.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include -#include -#include - -int RSA_sign_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len, - unsigned char *sigret, unsigned int *siglen, RSA *rsa) - { - ASN1_OCTET_STRING sig; - int i,j,ret=1; - unsigned char *p,*s; - - sig.type=V_ASN1_OCTET_STRING; - sig.length=m_len; - sig.data=m; - - i=i2d_ASN1_OCTET_STRING(&sig,NULL); - j=RSA_size(rsa); - if ((i-RSA_PKCS1_PADDING) > j) - { - RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY); - return(0); - } - s=(unsigned char *)OPENSSL_malloc((unsigned int)j+1); - if (s == NULL) - { - RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING,ERR_R_MALLOC_FAILURE); - return(0); - } - p=s; - i2d_ASN1_OCTET_STRING(&sig,&p); - i=RSA_private_encrypt(i,s,sigret,rsa,RSA_PKCS1_PADDING); - if (i <= 0) - ret=0; - else - *siglen=i; - - memset(s,0,(unsigned int)j+1); - OPENSSL_free(s); - return(ret); - } - -int RSA_verify_ASN1_OCTET_STRING(int dtype, unsigned char *m, - unsigned int m_len, unsigned char *sigbuf, unsigned int siglen, - RSA *rsa) - { - int i,ret=0; - unsigned char *p,*s; - ASN1_OCTET_STRING *sig=NULL; - - if (siglen != (unsigned int)RSA_size(rsa)) - { - RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,RSA_R_WRONG_SIGNATURE_LENGTH); - return(0); - } - - s=(unsigned char *)OPENSSL_malloc((unsigned int)siglen); - if (s == NULL) - { - RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,ERR_R_MALLOC_FAILURE); - goto err; - } - i=RSA_public_decrypt((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING); - - if (i <= 0) goto err; - - p=s; - sig=d2i_ASN1_OCTET_STRING(NULL,&p,(long)i); - if (sig == NULL) goto err; - - if ( ((unsigned int)sig->length != m_len) || - (memcmp(m,sig->data,m_len) != 0)) - { - RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,RSA_R_BAD_SIGNATURE); - } - else - ret=1; -err: - if (sig != NULL) M_ASN1_OCTET_STRING_free(sig); - memset(s,0,(unsigned int)siglen); - OPENSSL_free(s); - return(ret); - } - diff --git a/src/lib/libcrypto/rsa/rsa_sign.c b/src/lib/libcrypto/rsa/rsa_sign.c deleted file mode 100644 index cf00876292..0000000000 --- a/src/lib/libcrypto/rsa/rsa_sign.c +++ /dev/null @@ -1,224 +0,0 @@ -/* crypto/rsa/rsa_sign.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include -#include -#include -#include - -/* Size of an SSL signature: MD5+SHA1 */ -#define SSL_SIG_LENGTH 36 - -int RSA_sign(int type, unsigned char *m, unsigned int m_len, - unsigned char *sigret, unsigned int *siglen, RSA *rsa) - { - X509_SIG sig; - ASN1_TYPE parameter; - int i,j,ret=1; - unsigned char *p,*s = NULL; - X509_ALGOR algor; - ASN1_OCTET_STRING digest; - if(rsa->flags & RSA_FLAG_SIGN_VER) - return ENGINE_get_RSA(rsa->engine)->rsa_sign(type, - m, m_len, sigret, siglen, rsa); - /* Special case: SSL signature, just check the length */ - if(type == NID_md5_sha1) { - if(m_len != SSL_SIG_LENGTH) { - RSAerr(RSA_F_RSA_SIGN,RSA_R_INVALID_MESSAGE_LENGTH); - return(0); - } - i = SSL_SIG_LENGTH; - s = m; - } else { - sig.algor= &algor; - sig.algor->algorithm=OBJ_nid2obj(type); - if (sig.algor->algorithm == NULL) - { - RSAerr(RSA_F_RSA_SIGN,RSA_R_UNKNOWN_ALGORITHM_TYPE); - return(0); - } - if (sig.algor->algorithm->length == 0) - { - RSAerr(RSA_F_RSA_SIGN,RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD); - return(0); - } - parameter.type=V_ASN1_NULL; - parameter.value.ptr=NULL; - sig.algor->parameter= ¶meter; - - sig.digest= &digest; - sig.digest->data=m; - sig.digest->length=m_len; - - i=i2d_X509_SIG(&sig,NULL); - } - j=RSA_size(rsa); - if ((i-RSA_PKCS1_PADDING) > j) - { - RSAerr(RSA_F_RSA_SIGN,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY); - return(0); - } - if(type != NID_md5_sha1) { - s=(unsigned char *)OPENSSL_malloc((unsigned int)j+1); - if (s == NULL) - { - RSAerr(RSA_F_RSA_SIGN,ERR_R_MALLOC_FAILURE); - return(0); - } - p=s; - i2d_X509_SIG(&sig,&p); - } - i=RSA_private_encrypt(i,s,sigret,rsa,RSA_PKCS1_PADDING); - if (i <= 0) - ret=0; - else - *siglen=i; - - if(type != NID_md5_sha1) { - memset(s,0,(unsigned int)j+1); - OPENSSL_free(s); - } - return(ret); - } - -int RSA_verify(int dtype, unsigned char *m, unsigned int m_len, - unsigned char *sigbuf, unsigned int siglen, RSA *rsa) - { - int i,ret=0,sigtype; - unsigned char *p,*s; - X509_SIG *sig=NULL; - - if (siglen != (unsigned int)RSA_size(rsa)) - { - RSAerr(RSA_F_RSA_VERIFY,RSA_R_WRONG_SIGNATURE_LENGTH); - return(0); - } - - if(rsa->flags & RSA_FLAG_SIGN_VER) - return ENGINE_get_RSA(rsa->engine)->rsa_verify(dtype, - m, m_len, sigbuf, siglen, rsa); - - s=(unsigned char *)OPENSSL_malloc((unsigned int)siglen); - if (s == NULL) - { - RSAerr(RSA_F_RSA_VERIFY,ERR_R_MALLOC_FAILURE); - goto err; - } - if((dtype == NID_md5_sha1) && (m_len != SSL_SIG_LENGTH) ) { - RSAerr(RSA_F_RSA_VERIFY,RSA_R_INVALID_MESSAGE_LENGTH); - return(0); - } - i=RSA_public_decrypt((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING); - - if (i <= 0) goto err; - - /* Special case: SSL signature */ - if(dtype == NID_md5_sha1) { - if((i != SSL_SIG_LENGTH) || memcmp(s, m, SSL_SIG_LENGTH)) - RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE); - else ret = 1; - } else { - p=s; - sig=d2i_X509_SIG(NULL,&p,(long)i); - - if (sig == NULL) goto err; - sigtype=OBJ_obj2nid(sig->algor->algorithm); - - - #ifdef RSA_DEBUG - /* put a backward compatibility flag in EAY */ - fprintf(stderr,"in(%s) expect(%s)\n",OBJ_nid2ln(sigtype), - OBJ_nid2ln(dtype)); - #endif - if (sigtype != dtype) - { - if (((dtype == NID_md5) && - (sigtype == NID_md5WithRSAEncryption)) || - ((dtype == NID_md2) && - (sigtype == NID_md2WithRSAEncryption))) - { - /* ok, we will let it through */ - #if !defined(NO_STDIO) && !defined(WIN16) - fprintf(stderr,"signature has problems, re-make with post SSLeay045\n"); - #endif - } - else - { - RSAerr(RSA_F_RSA_VERIFY, - RSA_R_ALGORITHM_MISMATCH); - goto err; - } - } - if ( ((unsigned int)sig->digest->length != m_len) || - (memcmp(m,sig->digest->data,m_len) != 0)) - { - RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE); - } - else - ret=1; - } -err: - if (sig != NULL) X509_SIG_free(sig); - memset(s,0,(unsigned int)siglen); - OPENSSL_free(s); - return(ret); - } - diff --git a/src/lib/libcrypto/rsa/rsa_ssl.c b/src/lib/libcrypto/rsa/rsa_ssl.c deleted file mode 100644 index 482f4a8273..0000000000 --- a/src/lib/libcrypto/rsa/rsa_ssl.c +++ /dev/null @@ -1,154 +0,0 @@ -/* crypto/rsa/rsa_ssl.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include -#include - -int RSA_padding_add_SSLv23(unsigned char *to, int tlen, unsigned char *from, - int flen) - { - int i,j; - unsigned char *p; - - if (flen > (tlen-11)) - { - RSAerr(RSA_F_RSA_PADDING_ADD_SSLV23,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); - return(0); - } - - p=(unsigned char *)to; - - *(p++)=0; - *(p++)=2; /* Public Key BT (Block Type) */ - - /* pad out with non-zero random data */ - j=tlen-3-8-flen; - - if (RAND_bytes(p,j) <= 0) - return(0); - for (i=0; i tlen) - { - RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_DATA_TOO_LARGE); - return(-1); - } - memcpy(to,p,(unsigned int)j); - - return(j); - } - diff --git a/src/lib/libcrypto/sha/asm/sha1-586.pl b/src/lib/libcrypto/sha/asm/sha1-586.pl deleted file mode 100644 index 09df993ecd..0000000000 --- a/src/lib/libcrypto/sha/asm/sha1-586.pl +++ /dev/null @@ -1,538 +0,0 @@ -#!/usr/local/bin/perl - -$normal=0; - -push(@INC,"perlasm","../../perlasm"); -require "x86asm.pl"; - -&asm_init($ARGV[0],"sha1-586.pl",$ARGV[$#ARGV] eq "386"); - -$A="eax"; -$B="ecx"; -$C="ebx"; -$D="edx"; -$E="edi"; -$T="esi"; -$tmp1="ebp"; - -$off=9*4; - -@K=(0x5a827999,0x6ed9eba1,0x8f1bbcdc,0xca62c1d6); - -&sha1_block_data("sha1_block_asm_data_order"); - -&asm_finish(); - -sub Nn - { - local($p)=@_; - local(%n)=($A,$T,$B,$A,$C,$B,$D,$C,$E,$D,$T,$E); - return($n{$p}); - } - -sub Np - { - local($p)=@_; - local(%n)=($A,$T,$B,$A,$C,$B,$D,$C,$E,$D,$T,$E); - local(%n)=($A,$B,$B,$C,$C,$D,$D,$E,$E,$T,$T,$A); - return($n{$p}); - } - -sub Na - { - local($n)=@_; - return( (($n )&0x0f), - (($n+ 2)&0x0f), - (($n+ 8)&0x0f), - (($n+13)&0x0f), - (($n+ 1)&0x0f)); - } - -sub X_expand - { - local($in)=@_; - - &comment("First, load the words onto the stack in network byte order"); - for ($i=0; $i<16; $i+=2) - { - &mov($A,&DWP(($i+0)*4,$in,"",0));# unless $i == 0; - &mov($B,&DWP(($i+1)*4,$in,"",0)); - &bswap($A); - &bswap($B); - &mov(&swtmp($i+0),$A); - &mov(&swtmp($i+1),$B); - } - - &comment("We now have the X array on the stack"); - &comment("starting at sp-4"); - } - -# Rules of engagement -# F is always trashable at the start, the running total. -# E becomes the next F so it can be trashed after it has been 'accumulated' -# F becomes A in the next round. We don't need to access it much. -# During the X update part, the result ends up in $X[$n0]. - -sub BODY_00_15 - { - local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_; - -return if $n & 1; - &comment("00_15 $n"); - - &mov($f,$c); - - &mov($tmp1,$a); - &xor($f,$d); # F2 - - &rotl($tmp1,5); # A2 - - &and($f,$b); # F3 - &add($tmp1,$e); - - &rotr($b,1); # B1 <- F - &mov($e,&swtmp($n)); # G1 - - &rotr($b,1); # B1 <- F - &xor($f,$d); # F4 - - &lea($tmp1,&DWP($K,$tmp1,$e,1)); - -############################ -# &BODY_40_59( 0,$K[2],$X,42,$A,$B,$C,$D,$E,$T); -# &BODY_40_59( 0,$K[2],$X,43,$T,$A,$B,$C,$D,$E); -$n++; - local($n0,$n1,$n2,$n3,$np)=&Na($n); - ($b,$c,$d,$e,$f,$a)=($a,$b,$c,$d,$e,$f); - - &mov($f,$c); - - &add($a,$tmp1); # MOVED DOWN - &xor($f,$d); # F2 - - &mov($tmp1,$a); - &and($f,$b); # F3 - - &rotl($tmp1,5); # A2 - - &add($tmp1,$e); - &mov($e,&swtmp($n)); # G1 - - &rotr($b,1); # B1 <- F - &xor($f,$d); # F4 - - &rotr($b,1); # B1 <- F - &lea($tmp1,&DWP($K,$tmp1,$e,1)); - - &add($f,$tmp1); - } - -sub BODY_16_19 - { - local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_; - local($n0,$n1,$n2,$n3,$np)=&Na($n); - -return if $n & 1; - &comment("16_19 $n"); - - &nop() if ($pos < 0); -&mov($tmp1,&swtmp($n0)); # X1 - &mov($f,&swtmp($n1)); # X2 -&xor($f,$tmp1); # X3 - &mov($tmp1,&swtmp($n2)); # X4 -&xor($f,$tmp1); # X5 - &mov($tmp1,&swtmp($n3)); # X6 -&xor($f,$tmp1); # X7 - slot - &mov($tmp1,$c); # F1 -&rotl($f,1); # X8 - slot - &xor($tmp1,$d); # F2 -&mov(&swtmp($n0),$f); # X9 - anytime - &and($tmp1,$b); # F3 -&lea($f,&DWP($K,$f,$e,1)); # tot=X+K+e - &xor($tmp1,$d); # F4 -&mov($e,$a); # A1 - &add($f,$tmp1); # tot+=F(); - -&rotl($e,5); # A2 - -&rotr($b,1); # B1 <- F - &add($f,$e); # tot+=a - -############################ -# &BODY_40_59( 0,$K[2],$X,42,$A,$B,$C,$D,$E,$T); -# &BODY_40_59( 0,$K[2],$X,43,$T,$A,$B,$C,$D,$E); -$n++; - local($n0,$n1,$n2,$n3,$np)=&Na($n); - ($b,$c,$d,$e,$f,$a)=($a,$b,$c,$d,$e,$f); - - -&mov($f,&swtmp($n0)); # X1 - &mov($tmp1,&swtmp($n1)); # X2 -&xor($f,$tmp1); # X3 - &mov($tmp1,&swtmp($n2)); # X4 -&xor($f,$tmp1); # X5 - &mov($tmp1,&swtmp($n3)); # X6 -&rotr($c,1); #&rotr($b,1); # B1 <- F # MOVED DOWN - &xor($f,$tmp1); # X7 - slot -&rotl($f,1); # X8 - slot - &mov($tmp1,$c); # F1 -&xor($tmp1,$d); # F2 - &mov(&swtmp($n0),$f); # X9 - anytime -&and($tmp1,$b); # F3 - &lea($f,&DWP($K,$f,$e,1)); # tot=X+K+e - -&xor($tmp1,$d); # F4 - &mov($e,$a); # A1 - -&rotl($e,5); # A2 - -&rotr($b,1); # B1 <- F - &add($f,$e); # tot+=a - -&rotr($b,1); # B1 <- F - &add($f,$tmp1); # tot+=F(); - - } - -sub BODY_20_39 - { - local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_; - - &comment("20_39 $n"); - local($n0,$n1,$n2,$n3,$np)=&Na($n); - -&mov($f,&swtmp($n0)); # X1 - &mov($tmp1,&swtmp($n1)); # X2 -&xor($f,$tmp1); # X3 - &mov($tmp1,&swtmp($n2)); # X4 -&xor($f,$tmp1); # X5 - &mov($tmp1,&swtmp($n3)); # X6 -&xor($f,$tmp1); # X7 - slot - &mov($tmp1,$b); # F1 -&rotl($f,1); # X8 - slot - &xor($tmp1,$c); # F2 -&mov(&swtmp($n0),$f); # X9 - anytime - &xor($tmp1,$d); # F3 - -&lea($f,&DWP($K,$f,$e,1)); # tot=X+K+e - &mov($e,$a); # A1 - -&rotl($e,5); # A2 - -if ($n != 79) # last loop - { - &rotr($b,1); # B1 <- F - &add($e,$tmp1); # tmp1=F()+a - - &rotr($b,1); # B2 <- F - &add($f,$e); # tot+=tmp1; - } -else - { - &add($e,$tmp1); # tmp1=F()+a - &mov($tmp1,&wparam(0)); - - &rotr($b,1); # B1 <- F - &add($f,$e); # tot+=tmp1; - - &rotr($b,1); # B2 <- F - } - } - -sub BODY_40_59 - { - local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_; - - &comment("40_59 $n"); - return if $n & 1; - local($n0,$n1,$n2,$n3,$np)=&Na($n); - -&mov($f,&swtmp($n0)); # X1 - &mov($tmp1,&swtmp($n1)); # X2 -&xor($f,$tmp1); # X3 - &mov($tmp1,&swtmp($n2)); # X4 -&xor($f,$tmp1); # X5 - &mov($tmp1,&swtmp($n3)); # X6 -&xor($f,$tmp1); # X7 - slot - &mov($tmp1,$b); # F1 -&rotl($f,1); # X8 - slot - &or($tmp1,$c); # F2 -&mov(&swtmp($n0),$f); # X9 - anytime - &and($tmp1,$d); # F3 - -&lea($f,&DWP($K,$f,$e,1)); # tot=X+K+e - &mov($e,$b); # F4 - -&rotr($b,1); # B1 <- F - &and($e,$c); # F5 - -&or($tmp1,$e); # F6 - &mov($e,$a); # A1 - -&rotl($e,5); # A2 - -&add($tmp1,$e); # tmp1=F()+a - -############################ -# &BODY_40_59( 0,$K[2],$X,42,$A,$B,$C,$D,$E,$T); -# &BODY_40_59( 0,$K[2],$X,43,$T,$A,$B,$C,$D,$E); -$n++; - local($n0,$n1,$n2,$n3,$np)=&Na($n); - ($b,$c,$d,$e,$f,$a)=($a,$b,$c,$d,$e,$f); - - &mov($f,&swtmp($n0)); # X1 -&add($a,$tmp1); # tot+=tmp1; # moved was add f,tmp1 - &mov($tmp1,&swtmp($n1)); # X2 -&xor($f,$tmp1); # X3 - &mov($tmp1,&swtmp($n2)); # X4 -&xor($f,$tmp1); # X5 - &mov($tmp1,&swtmp($n3)); # X6 -&rotr($c,1); # B2 <- F # moved was rotr b,1 - &xor($f,$tmp1); # X7 - slot -&rotl($f,1); # X8 - slot - &mov($tmp1,$b); # F1 -&mov(&swtmp($n0),$f); # X9 - anytime - &or($tmp1,$c); # F2 -&lea($f,&DWP($K,$f,$e,1)); # tot=X+K+e - &mov($e,$b); # F4 -&and($tmp1,$d); # F3 - &and($e,$c); # F5 - -&or($tmp1,$e); # F6 - &mov($e,$a); # A1 - -&rotl($e,5); # A2 - -&rotr($b,1); # B1 <- F - &add($tmp1,$e); # tmp1=F()+a - -&rotr($b,1); # B2 <- F - &add($f,$tmp1); # tot+=tmp1; - } - -sub BODY_60_79 - { - &BODY_20_39(@_); - } - -sub sha1_block_host - { - local($name)=@_; - - &function_begin_B($name,""); - - # parameter 1 is the MD5_CTX structure. - # A 0 - # B 4 - # C 8 - # D 12 - # E 16 - - &mov("ecx", &wparam(2)); - &push("esi"); - &shl("ecx",6); - &mov("esi", &wparam(1)); - &push("ebp"); - &add("ecx","esi"); # offset to leave on - &push("ebx"); - &mov("ebp", &wparam(0)); - &push("edi"); - &mov($D, &DWP(12,"ebp","",0)); - &stack_push(18+9); - &mov($E, &DWP(16,"ebp","",0)); - &mov($C, &DWP( 8,"ebp","",0)); - &mov(&swtmp(17),"ecx"); - - &comment("First we need to setup the X array"); - - for ($i=0; $i<16; $i+=2) - { - &mov($A,&DWP(($i+0)*4,"esi","",0));# unless $i == 0; - &mov($B,&DWP(($i+1)*4,"esi","",0)); - &mov(&swtmp($i+0),$A); - &mov(&swtmp($i+1),$B); - } - &jmp(&label("shortcut")); - &function_end_B($name); - } - - -sub sha1_block_data - { - local($name)=@_; - - &function_begin_B($name,""); - - # parameter 1 is the MD5_CTX structure. - # A 0 - # B 4 - # C 8 - # D 12 - # E 16 - - &mov("ecx", &wparam(2)); - &push("esi"); - &shl("ecx",6); - &mov("esi", &wparam(1)); - &push("ebp"); - &add("ecx","esi"); # offset to leave on - &push("ebx"); - &mov("ebp", &wparam(0)); - &push("edi"); - &mov($D, &DWP(12,"ebp","",0)); - &stack_push(18+9); - &mov($E, &DWP(16,"ebp","",0)); - &mov($C, &DWP( 8,"ebp","",0)); - &mov(&swtmp(17),"ecx"); - - &comment("First we need to setup the X array"); - - &set_label("start") unless $normal; - - &X_expand("esi"); - &mov(&wparam(1),"esi"); - - &set_label("shortcut", 0, 1); - &comment(""); - &comment("Start processing"); - - # odd start - &mov($A, &DWP( 0,"ebp","",0)); - &mov($B, &DWP( 4,"ebp","",0)); - $X="esp"; - &BODY_00_15(-2,$K[0],$X, 0,$A,$B,$C,$D,$E,$T); - &BODY_00_15( 0,$K[0],$X, 1,$T,$A,$B,$C,$D,$E); - &BODY_00_15( 0,$K[0],$X, 2,$E,$T,$A,$B,$C,$D); - &BODY_00_15( 0,$K[0],$X, 3,$D,$E,$T,$A,$B,$C); - &BODY_00_15( 0,$K[0],$X, 4,$C,$D,$E,$T,$A,$B); - &BODY_00_15( 0,$K[0],$X, 5,$B,$C,$D,$E,$T,$A); - &BODY_00_15( 0,$K[0],$X, 6,$A,$B,$C,$D,$E,$T); - &BODY_00_15( 0,$K[0],$X, 7,$T,$A,$B,$C,$D,$E); - &BODY_00_15( 0,$K[0],$X, 8,$E,$T,$A,$B,$C,$D); - &BODY_00_15( 0,$K[0],$X, 9,$D,$E,$T,$A,$B,$C); - &BODY_00_15( 0,$K[0],$X,10,$C,$D,$E,$T,$A,$B); - &BODY_00_15( 0,$K[0],$X,11,$B,$C,$D,$E,$T,$A); - &BODY_00_15( 0,$K[0],$X,12,$A,$B,$C,$D,$E,$T); - &BODY_00_15( 0,$K[0],$X,13,$T,$A,$B,$C,$D,$E); - &BODY_00_15( 0,$K[0],$X,14,$E,$T,$A,$B,$C,$D); - &BODY_00_15( 1,$K[0],$X,15,$D,$E,$T,$A,$B,$C); - &BODY_16_19(-1,$K[0],$X,16,$C,$D,$E,$T,$A,$B); - &BODY_16_19( 0,$K[0],$X,17,$B,$C,$D,$E,$T,$A); - &BODY_16_19( 0,$K[0],$X,18,$A,$B,$C,$D,$E,$T); - &BODY_16_19( 1,$K[0],$X,19,$T,$A,$B,$C,$D,$E); - - &BODY_20_39(-1,$K[1],$X,20,$E,$T,$A,$B,$C,$D); - &BODY_20_39( 0,$K[1],$X,21,$D,$E,$T,$A,$B,$C); - &BODY_20_39( 0,$K[1],$X,22,$C,$D,$E,$T,$A,$B); - &BODY_20_39( 0,$K[1],$X,23,$B,$C,$D,$E,$T,$A); - &BODY_20_39( 0,$K[1],$X,24,$A,$B,$C,$D,$E,$T); - &BODY_20_39( 0,$K[1],$X,25,$T,$A,$B,$C,$D,$E); - &BODY_20_39( 0,$K[1],$X,26,$E,$T,$A,$B,$C,$D); - &BODY_20_39( 0,$K[1],$X,27,$D,$E,$T,$A,$B,$C); - &BODY_20_39( 0,$K[1],$X,28,$C,$D,$E,$T,$A,$B); - &BODY_20_39( 0,$K[1],$X,29,$B,$C,$D,$E,$T,$A); - &BODY_20_39( 0,$K[1],$X,30,$A,$B,$C,$D,$E,$T); - &BODY_20_39( 0,$K[1],$X,31,$T,$A,$B,$C,$D,$E); - &BODY_20_39( 0,$K[1],$X,32,$E,$T,$A,$B,$C,$D); - &BODY_20_39( 0,$K[1],$X,33,$D,$E,$T,$A,$B,$C); - &BODY_20_39( 0,$K[1],$X,34,$C,$D,$E,$T,$A,$B); - &BODY_20_39( 0,$K[1],$X,35,$B,$C,$D,$E,$T,$A); - &BODY_20_39( 0,$K[1],$X,36,$A,$B,$C,$D,$E,$T); - &BODY_20_39( 0,$K[1],$X,37,$T,$A,$B,$C,$D,$E); - &BODY_20_39( 0,$K[1],$X,38,$E,$T,$A,$B,$C,$D); - &BODY_20_39( 1,$K[1],$X,39,$D,$E,$T,$A,$B,$C); - - &BODY_40_59(-1,$K[2],$X,40,$C,$D,$E,$T,$A,$B); - &BODY_40_59( 0,$K[2],$X,41,$B,$C,$D,$E,$T,$A); - &BODY_40_59( 0,$K[2],$X,42,$A,$B,$C,$D,$E,$T); - &BODY_40_59( 0,$K[2],$X,43,$T,$A,$B,$C,$D,$E); - &BODY_40_59( 0,$K[2],$X,44,$E,$T,$A,$B,$C,$D); - &BODY_40_59( 0,$K[2],$X,45,$D,$E,$T,$A,$B,$C); - &BODY_40_59( 0,$K[2],$X,46,$C,$D,$E,$T,$A,$B); - &BODY_40_59( 0,$K[2],$X,47,$B,$C,$D,$E,$T,$A); - &BODY_40_59( 0,$K[2],$X,48,$A,$B,$C,$D,$E,$T); - &BODY_40_59( 0,$K[2],$X,49,$T,$A,$B,$C,$D,$E); - &BODY_40_59( 0,$K[2],$X,50,$E,$T,$A,$B,$C,$D); - &BODY_40_59( 0,$K[2],$X,51,$D,$E,$T,$A,$B,$C); - &BODY_40_59( 0,$K[2],$X,52,$C,$D,$E,$T,$A,$B); - &BODY_40_59( 0,$K[2],$X,53,$B,$C,$D,$E,$T,$A); - &BODY_40_59( 0,$K[2],$X,54,$A,$B,$C,$D,$E,$T); - &BODY_40_59( 0,$K[2],$X,55,$T,$A,$B,$C,$D,$E); - &BODY_40_59( 0,$K[2],$X,56,$E,$T,$A,$B,$C,$D); - &BODY_40_59( 0,$K[2],$X,57,$D,$E,$T,$A,$B,$C); - &BODY_40_59( 0,$K[2],$X,58,$C,$D,$E,$T,$A,$B); - &BODY_40_59( 1,$K[2],$X,59,$B,$C,$D,$E,$T,$A); - - &BODY_60_79(-1,$K[3],$X,60,$A,$B,$C,$D,$E,$T); - &BODY_60_79( 0,$K[3],$X,61,$T,$A,$B,$C,$D,$E); - &BODY_60_79( 0,$K[3],$X,62,$E,$T,$A,$B,$C,$D); - &BODY_60_79( 0,$K[3],$X,63,$D,$E,$T,$A,$B,$C); - &BODY_60_79( 0,$K[3],$X,64,$C,$D,$E,$T,$A,$B); - &BODY_60_79( 0,$K[3],$X,65,$B,$C,$D,$E,$T,$A); - &BODY_60_79( 0,$K[3],$X,66,$A,$B,$C,$D,$E,$T); - &BODY_60_79( 0,$K[3],$X,67,$T,$A,$B,$C,$D,$E); - &BODY_60_79( 0,$K[3],$X,68,$E,$T,$A,$B,$C,$D); - &BODY_60_79( 0,$K[3],$X,69,$D,$E,$T,$A,$B,$C); - &BODY_60_79( 0,$K[3],$X,70,$C,$D,$E,$T,$A,$B); - &BODY_60_79( 0,$K[3],$X,71,$B,$C,$D,$E,$T,$A); - &BODY_60_79( 0,$K[3],$X,72,$A,$B,$C,$D,$E,$T); - &BODY_60_79( 0,$K[3],$X,73,$T,$A,$B,$C,$D,$E); - &BODY_60_79( 0,$K[3],$X,74,$E,$T,$A,$B,$C,$D); - &BODY_60_79( 0,$K[3],$X,75,$D,$E,$T,$A,$B,$C); - &BODY_60_79( 0,$K[3],$X,76,$C,$D,$E,$T,$A,$B); - &BODY_60_79( 0,$K[3],$X,77,$B,$C,$D,$E,$T,$A); - &BODY_60_79( 0,$K[3],$X,78,$A,$B,$C,$D,$E,$T); - &BODY_60_79( 2,$K[3],$X,79,$T,$A,$B,$C,$D,$E); - - &comment("End processing"); - &comment(""); - # D is the tmp value - - # E -> A - # T -> B - # A -> C - # B -> D - # C -> E - # D -> T - - # The last 2 have been moved into the last loop - # &mov($tmp1,&wparam(0)); - - &mov($D, &DWP(12,$tmp1,"",0)); - &add($D,$B); - &mov($B, &DWP( 4,$tmp1,"",0)); - &add($B,$T); - &mov($T, $A); - &mov($A, &DWP( 0,$tmp1,"",0)); - &mov(&DWP(12,$tmp1,"",0),$D); - - &add($A,$E); - &mov($E, &DWP(16,$tmp1,"",0)); - &add($E,$C); - &mov($C, &DWP( 8,$tmp1,"",0)); - &add($C,$T); - - &mov(&DWP( 0,$tmp1,"",0),$A); - &mov("esi",&wparam(1)); - &mov(&DWP( 8,$tmp1,"",0),$C); - &add("esi",64); - &mov("eax",&swtmp(17)); - &mov(&DWP(16,$tmp1,"",0),$E); - &cmp("esi","eax"); - &mov(&DWP( 4,$tmp1,"",0),$B); - &jl(&label("start")); - - &stack_pop(18+9); - &pop("edi"); - &pop("ebx"); - &pop("ebp"); - &pop("esi"); - &ret(); - - # it has to reside within sha1_block_asm_host_order body - # because it calls &jmp(&label("shortcut")); - &sha1_block_host("sha1_block_asm_host_order"); - - &function_end_B($name); - } - diff --git a/src/lib/libcrypto/sha/sha.h b/src/lib/libcrypto/sha/sha.h deleted file mode 100644 index 77f6d9695e..0000000000 --- a/src/lib/libcrypto/sha/sha.h +++ /dev/null @@ -1,119 +0,0 @@ -/* crypto/sha/sha.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_SHA_H -#define HEADER_SHA_H - -#ifdef __cplusplus -extern "C" { -#endif - -#if defined(NO_SHA) || (defined(NO_SHA0) && defined(NO_SHA1)) -#error SHA is disabled. -#endif - -/* - * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - * ! SHA_LONG has to be at least 32 bits wide. If it's wider, then ! - * ! SHA_LONG_LOG2 has to be defined along. ! - * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - */ - -#if defined(WIN16) || defined(__LP32__) -#define SHA_LONG unsigned long -#elif defined(_CRAY) || defined(__ILP64__) -#define SHA_LONG unsigned long -#define SHA_LONG_LOG2 3 -#else -#define SHA_LONG unsigned int -#endif - -#define SHA_LBLOCK 16 -#define SHA_CBLOCK (SHA_LBLOCK*4) /* SHA treats input data as a - * contiguous array of 32 bit - * wide big-endian values. */ -#define SHA_LAST_BLOCK (SHA_CBLOCK-8) -#define SHA_DIGEST_LENGTH 20 - -typedef struct SHAstate_st - { - SHA_LONG h0,h1,h2,h3,h4; - SHA_LONG Nl,Nh; - SHA_LONG data[SHA_LBLOCK]; - int num; - } SHA_CTX; - -#ifndef NO_SHA0 -void SHA_Init(SHA_CTX *c); -void SHA_Update(SHA_CTX *c, const void *data, unsigned long len); -void SHA_Final(unsigned char *md, SHA_CTX *c); -unsigned char *SHA(const unsigned char *d, unsigned long n,unsigned char *md); -void SHA_Transform(SHA_CTX *c, const unsigned char *data); -#endif -#ifndef NO_SHA1 -void SHA1_Init(SHA_CTX *c); -void SHA1_Update(SHA_CTX *c, const void *data, unsigned long len); -void SHA1_Final(unsigned char *md, SHA_CTX *c); -unsigned char *SHA1(const unsigned char *d, unsigned long n,unsigned char *md); -void SHA1_Transform(SHA_CTX *c, const unsigned char *data); -#endif -#ifdef __cplusplus -} -#endif - -#endif diff --git a/src/lib/libcrypto/sha/sha1_one.c b/src/lib/libcrypto/sha/sha1_one.c deleted file mode 100644 index 861752eaa7..0000000000 --- a/src/lib/libcrypto/sha/sha1_one.c +++ /dev/null @@ -1,76 +0,0 @@ -/* crypto/sha/sha1_one.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include - -#ifndef NO_SHA1 -unsigned char *SHA1(const unsigned char *d, unsigned long n, unsigned char *md) - { - SHA_CTX c; - static unsigned char m[SHA_DIGEST_LENGTH]; - - if (md == NULL) md=m; - SHA1_Init(&c); - SHA1_Update(&c,d,n); - SHA1_Final(md,&c); - memset(&c,0,sizeof(c)); - return(md); - } -#endif diff --git a/src/lib/libcrypto/sha/sha1dgst.c b/src/lib/libcrypto/sha/sha1dgst.c deleted file mode 100644 index c09edb4cd7..0000000000 --- a/src/lib/libcrypto/sha/sha1dgst.c +++ /dev/null @@ -1,73 +0,0 @@ -/* crypto/sha/sha1dgst.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#if !defined(NO_SHA1) && !defined(NO_SHA) - -#undef SHA_0 -#define SHA_1 - -#include - -const char *SHA1_version="SHA1" OPENSSL_VERSION_PTEXT; - -/* The implementation is in ../md32_common.h */ - -#include "sha_locl.h" - -#endif - diff --git a/src/lib/libcrypto/sha/sha_locl.h b/src/lib/libcrypto/sha/sha_locl.h deleted file mode 100644 index 2f8aef83f3..0000000000 --- a/src/lib/libcrypto/sha/sha_locl.h +++ /dev/null @@ -1,471 +0,0 @@ -/* crypto/sha/sha_locl.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include - -#include -#include - -#ifndef SHA_LONG_LOG2 -#define SHA_LONG_LOG2 2 /* default to 32 bits */ -#endif - -#define DATA_ORDER_IS_BIG_ENDIAN - -#define HASH_LONG SHA_LONG -#define HASH_LONG_LOG2 SHA_LONG_LOG2 -#define HASH_CTX SHA_CTX -#define HASH_CBLOCK SHA_CBLOCK -#define HASH_LBLOCK SHA_LBLOCK -#define HASH_MAKE_STRING(c,s) do { \ - unsigned long ll; \ - ll=(c)->h0; HOST_l2c(ll,(s)); \ - ll=(c)->h1; HOST_l2c(ll,(s)); \ - ll=(c)->h2; HOST_l2c(ll,(s)); \ - ll=(c)->h3; HOST_l2c(ll,(s)); \ - ll=(c)->h4; HOST_l2c(ll,(s)); \ - } while (0) - -#if defined(SHA_0) - -# define HASH_UPDATE SHA_Update -# define HASH_TRANSFORM SHA_Transform -# define HASH_FINAL SHA_Final -# define HASH_INIT SHA_Init -# define HASH_BLOCK_HOST_ORDER sha_block_host_order -# define HASH_BLOCK_DATA_ORDER sha_block_data_order -# define Xupdate(a,ix,ia,ib,ic,id) (ix=(a)=(ia^ib^ic^id)) - - void sha_block_host_order (SHA_CTX *c, const void *p,int num); - void sha_block_data_order (SHA_CTX *c, const void *p,int num); - -#elif defined(SHA_1) - -# define HASH_UPDATE SHA1_Update -# define HASH_TRANSFORM SHA1_Transform -# define HASH_FINAL SHA1_Final -# define HASH_INIT SHA1_Init -# define HASH_BLOCK_HOST_ORDER sha1_block_host_order -# define HASH_BLOCK_DATA_ORDER sha1_block_data_order -# if defined(__MWERKS__) && defined(__MC68K__) - /* Metrowerks for Motorola fails otherwise:-( */ -# define Xupdate(a,ix,ia,ib,ic,id) do { (a)=(ia^ib^ic^id); \ - ix=(a)=ROTATE((a),1); \ - } while (0) -# else -# define Xupdate(a,ix,ia,ib,ic,id) ( (a)=(ia^ib^ic^id), \ - ix=(a)=ROTATE((a),1) \ - ) -# endif - -# ifdef SHA1_ASM -# if defined(__i386) || defined(_M_IX86) || defined(__INTEL__) -# define sha1_block_host_order sha1_block_asm_host_order -# define DONT_IMPLEMENT_BLOCK_HOST_ORDER -# define sha1_block_data_order sha1_block_asm_data_order -# define DONT_IMPLEMENT_BLOCK_DATA_ORDER -# define HASH_BLOCK_DATA_ORDER_ALIGNED sha1_block_asm_data_order -# endif -# endif - void sha1_block_host_order (SHA_CTX *c, const void *p,int num); - void sha1_block_data_order (SHA_CTX *c, const void *p,int num); - -#else -# error "Either SHA_0 or SHA_1 must be defined." -#endif - -#include "md32_common.h" - -#define INIT_DATA_h0 0x67452301UL -#define INIT_DATA_h1 0xefcdab89UL -#define INIT_DATA_h2 0x98badcfeUL -#define INIT_DATA_h3 0x10325476UL -#define INIT_DATA_h4 0xc3d2e1f0UL - -void HASH_INIT (SHA_CTX *c) - { - c->h0=INIT_DATA_h0; - c->h1=INIT_DATA_h1; - c->h2=INIT_DATA_h2; - c->h3=INIT_DATA_h3; - c->h4=INIT_DATA_h4; - c->Nl=0; - c->Nh=0; - c->num=0; - } - -#define K_00_19 0x5a827999UL -#define K_20_39 0x6ed9eba1UL -#define K_40_59 0x8f1bbcdcUL -#define K_60_79 0xca62c1d6UL - -/* As pointed out by Wei Dai , F() below can be - * simplified to the code in F_00_19. Wei attributes these optimisations - * to Peter Gutmann's SHS code, and he attributes it to Rich Schroeppel. - * #define F(x,y,z) (((x) & (y)) | ((~(x)) & (z))) - * I've just become aware of another tweak to be made, again from Wei Dai, - * in F_40_59, (x&a)|(y&a) -> (x|y)&a - */ -#define F_00_19(b,c,d) ((((c) ^ (d)) & (b)) ^ (d)) -#define F_20_39(b,c,d) ((b) ^ (c) ^ (d)) -#define F_40_59(b,c,d) (((b) & (c)) | (((b)|(c)) & (d))) -#define F_60_79(b,c,d) F_20_39(b,c,d) - -#define BODY_00_15(i,a,b,c,d,e,f,xi) \ - (f)=xi+(e)+K_00_19+ROTATE((a),5)+F_00_19((b),(c),(d)); \ - (b)=ROTATE((b),30); - -#define BODY_16_19(i,a,b,c,d,e,f,xi,xa,xb,xc,xd) \ - Xupdate(f,xi,xa,xb,xc,xd); \ - (f)+=(e)+K_00_19+ROTATE((a),5)+F_00_19((b),(c),(d)); \ - (b)=ROTATE((b),30); - -#define BODY_20_31(i,a,b,c,d,e,f,xi,xa,xb,xc,xd) \ - Xupdate(f,xi,xa,xb,xc,xd); \ - (f)+=(e)+K_20_39+ROTATE((a),5)+F_20_39((b),(c),(d)); \ - (b)=ROTATE((b),30); - -#define BODY_32_39(i,a,b,c,d,e,f,xa,xb,xc,xd) \ - Xupdate(f,xa,xa,xb,xc,xd); \ - (f)+=(e)+K_20_39+ROTATE((a),5)+F_20_39((b),(c),(d)); \ - (b)=ROTATE((b),30); - -#define BODY_40_59(i,a,b,c,d,e,f,xa,xb,xc,xd) \ - Xupdate(f,xa,xa,xb,xc,xd); \ - (f)+=(e)+K_40_59+ROTATE((a),5)+F_40_59((b),(c),(d)); \ - (b)=ROTATE((b),30); - -#define BODY_60_79(i,a,b,c,d,e,f,xa,xb,xc,xd) \ - Xupdate(f,xa,xa,xb,xc,xd); \ - (f)=xa+(e)+K_60_79+ROTATE((a),5)+F_60_79((b),(c),(d)); \ - (b)=ROTATE((b),30); - -#ifdef X -#undef X -#endif -#ifndef MD32_XARRAY - /* - * Originally X was an array. As it's automatic it's natural - * to expect RISC compiler to accomodate at least part of it in - * the register bank, isn't it? Unfortunately not all compilers - * "find" this expectation reasonable:-( On order to make such - * compilers generate better code I replace X[] with a bunch of - * X0, X1, etc. See the function body below... - * - */ -# define X(i) XX##i -#else - /* - * However! Some compilers (most notably HP C) get overwhelmed by - * that many local variables so that we have to have the way to - * fall down to the original behavior. - */ -# define X(i) XX[i] -#endif - -#ifndef DONT_IMPLEMENT_BLOCK_HOST_ORDER -void HASH_BLOCK_HOST_ORDER (SHA_CTX *c, const void *d, int num) - { - const SHA_LONG *W=d; - register unsigned long A,B,C,D,E,T; -#ifndef MD32_XARRAY - unsigned long XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7, - XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15; -#else - SHA_LONG XX[16]; -#endif - - A=c->h0; - B=c->h1; - C=c->h2; - D=c->h3; - E=c->h4; - - for (;;) - { - BODY_00_15( 0,A,B,C,D,E,T,W[ 0]); - BODY_00_15( 1,T,A,B,C,D,E,W[ 1]); - BODY_00_15( 2,E,T,A,B,C,D,W[ 2]); - BODY_00_15( 3,D,E,T,A,B,C,W[ 3]); - BODY_00_15( 4,C,D,E,T,A,B,W[ 4]); - BODY_00_15( 5,B,C,D,E,T,A,W[ 5]); - BODY_00_15( 6,A,B,C,D,E,T,W[ 6]); - BODY_00_15( 7,T,A,B,C,D,E,W[ 7]); - BODY_00_15( 8,E,T,A,B,C,D,W[ 8]); - BODY_00_15( 9,D,E,T,A,B,C,W[ 9]); - BODY_00_15(10,C,D,E,T,A,B,W[10]); - BODY_00_15(11,B,C,D,E,T,A,W[11]); - BODY_00_15(12,A,B,C,D,E,T,W[12]); - BODY_00_15(13,T,A,B,C,D,E,W[13]); - BODY_00_15(14,E,T,A,B,C,D,W[14]); - BODY_00_15(15,D,E,T,A,B,C,W[15]); - - BODY_16_19(16,C,D,E,T,A,B,X( 0),W[ 0],W[ 2],W[ 8],W[13]); - BODY_16_19(17,B,C,D,E,T,A,X( 1),W[ 1],W[ 3],W[ 9],W[14]); - BODY_16_19(18,A,B,C,D,E,T,X( 2),W[ 2],W[ 4],W[10],W[15]); - BODY_16_19(19,T,A,B,C,D,E,X( 3),W[ 3],W[ 5],W[11],X( 0)); - - BODY_20_31(20,E,T,A,B,C,D,X( 4),W[ 4],W[ 6],W[12],X( 1)); - BODY_20_31(21,D,E,T,A,B,C,X( 5),W[ 5],W[ 7],W[13],X( 2)); - BODY_20_31(22,C,D,E,T,A,B,X( 6),W[ 6],W[ 8],W[14],X( 3)); - BODY_20_31(23,B,C,D,E,T,A,X( 7),W[ 7],W[ 9],W[15],X( 4)); - BODY_20_31(24,A,B,C,D,E,T,X( 8),W[ 8],W[10],X( 0),X( 5)); - BODY_20_31(25,T,A,B,C,D,E,X( 9),W[ 9],W[11],X( 1),X( 6)); - BODY_20_31(26,E,T,A,B,C,D,X(10),W[10],W[12],X( 2),X( 7)); - BODY_20_31(27,D,E,T,A,B,C,X(11),W[11],W[13],X( 3),X( 8)); - BODY_20_31(28,C,D,E,T,A,B,X(12),W[12],W[14],X( 4),X( 9)); - BODY_20_31(29,B,C,D,E,T,A,X(13),W[13],W[15],X( 5),X(10)); - BODY_20_31(30,A,B,C,D,E,T,X(14),W[14],X( 0),X( 6),X(11)); - BODY_20_31(31,T,A,B,C,D,E,X(15),W[15],X( 1),X( 7),X(12)); - - BODY_32_39(32,E,T,A,B,C,D,X( 0),X( 2),X( 8),X(13)); - BODY_32_39(33,D,E,T,A,B,C,X( 1),X( 3),X( 9),X(14)); - BODY_32_39(34,C,D,E,T,A,B,X( 2),X( 4),X(10),X(15)); - BODY_32_39(35,B,C,D,E,T,A,X( 3),X( 5),X(11),X( 0)); - BODY_32_39(36,A,B,C,D,E,T,X( 4),X( 6),X(12),X( 1)); - BODY_32_39(37,T,A,B,C,D,E,X( 5),X( 7),X(13),X( 2)); - BODY_32_39(38,E,T,A,B,C,D,X( 6),X( 8),X(14),X( 3)); - BODY_32_39(39,D,E,T,A,B,C,X( 7),X( 9),X(15),X( 4)); - - BODY_40_59(40,C,D,E,T,A,B,X( 8),X(10),X( 0),X( 5)); - BODY_40_59(41,B,C,D,E,T,A,X( 9),X(11),X( 1),X( 6)); - BODY_40_59(42,A,B,C,D,E,T,X(10),X(12),X( 2),X( 7)); - BODY_40_59(43,T,A,B,C,D,E,X(11),X(13),X( 3),X( 8)); - BODY_40_59(44,E,T,A,B,C,D,X(12),X(14),X( 4),X( 9)); - BODY_40_59(45,D,E,T,A,B,C,X(13),X(15),X( 5),X(10)); - BODY_40_59(46,C,D,E,T,A,B,X(14),X( 0),X( 6),X(11)); - BODY_40_59(47,B,C,D,E,T,A,X(15),X( 1),X( 7),X(12)); - BODY_40_59(48,A,B,C,D,E,T,X( 0),X( 2),X( 8),X(13)); - BODY_40_59(49,T,A,B,C,D,E,X( 1),X( 3),X( 9),X(14)); - BODY_40_59(50,E,T,A,B,C,D,X( 2),X( 4),X(10),X(15)); - BODY_40_59(51,D,E,T,A,B,C,X( 3),X( 5),X(11),X( 0)); - BODY_40_59(52,C,D,E,T,A,B,X( 4),X( 6),X(12),X( 1)); - BODY_40_59(53,B,C,D,E,T,A,X( 5),X( 7),X(13),X( 2)); - BODY_40_59(54,A,B,C,D,E,T,X( 6),X( 8),X(14),X( 3)); - BODY_40_59(55,T,A,B,C,D,E,X( 7),X( 9),X(15),X( 4)); - BODY_40_59(56,E,T,A,B,C,D,X( 8),X(10),X( 0),X( 5)); - BODY_40_59(57,D,E,T,A,B,C,X( 9),X(11),X( 1),X( 6)); - BODY_40_59(58,C,D,E,T,A,B,X(10),X(12),X( 2),X( 7)); - BODY_40_59(59,B,C,D,E,T,A,X(11),X(13),X( 3),X( 8)); - - BODY_60_79(60,A,B,C,D,E,T,X(12),X(14),X( 4),X( 9)); - BODY_60_79(61,T,A,B,C,D,E,X(13),X(15),X( 5),X(10)); - BODY_60_79(62,E,T,A,B,C,D,X(14),X( 0),X( 6),X(11)); - BODY_60_79(63,D,E,T,A,B,C,X(15),X( 1),X( 7),X(12)); - BODY_60_79(64,C,D,E,T,A,B,X( 0),X( 2),X( 8),X(13)); - BODY_60_79(65,B,C,D,E,T,A,X( 1),X( 3),X( 9),X(14)); - BODY_60_79(66,A,B,C,D,E,T,X( 2),X( 4),X(10),X(15)); - BODY_60_79(67,T,A,B,C,D,E,X( 3),X( 5),X(11),X( 0)); - BODY_60_79(68,E,T,A,B,C,D,X( 4),X( 6),X(12),X( 1)); - BODY_60_79(69,D,E,T,A,B,C,X( 5),X( 7),X(13),X( 2)); - BODY_60_79(70,C,D,E,T,A,B,X( 6),X( 8),X(14),X( 3)); - BODY_60_79(71,B,C,D,E,T,A,X( 7),X( 9),X(15),X( 4)); - BODY_60_79(72,A,B,C,D,E,T,X( 8),X(10),X( 0),X( 5)); - BODY_60_79(73,T,A,B,C,D,E,X( 9),X(11),X( 1),X( 6)); - BODY_60_79(74,E,T,A,B,C,D,X(10),X(12),X( 2),X( 7)); - BODY_60_79(75,D,E,T,A,B,C,X(11),X(13),X( 3),X( 8)); - BODY_60_79(76,C,D,E,T,A,B,X(12),X(14),X( 4),X( 9)); - BODY_60_79(77,B,C,D,E,T,A,X(13),X(15),X( 5),X(10)); - BODY_60_79(78,A,B,C,D,E,T,X(14),X( 0),X( 6),X(11)); - BODY_60_79(79,T,A,B,C,D,E,X(15),X( 1),X( 7),X(12)); - - c->h0=(c->h0+E)&0xffffffffL; - c->h1=(c->h1+T)&0xffffffffL; - c->h2=(c->h2+A)&0xffffffffL; - c->h3=(c->h3+B)&0xffffffffL; - c->h4=(c->h4+C)&0xffffffffL; - - if (--num <= 0) break; - - A=c->h0; - B=c->h1; - C=c->h2; - D=c->h3; - E=c->h4; - - W+=SHA_LBLOCK; - } - } -#endif - -#ifndef DONT_IMPLEMENT_BLOCK_DATA_ORDER -void HASH_BLOCK_DATA_ORDER (SHA_CTX *c, const void *p, int num) - { - const unsigned char *data=p; - register unsigned long A,B,C,D,E,T,l; -#ifndef MD32_XARRAY - unsigned long XX0, XX1, XX2, XX3, XX4, XX5, XX6, XX7, - XX8, XX9,XX10,XX11,XX12,XX13,XX14,XX15; -#else - SHA_LONG XX[16]; -#endif - - A=c->h0; - B=c->h1; - C=c->h2; - D=c->h3; - E=c->h4; - - for (;;) - { - - HOST_c2l(data,l); X( 0)=l; HOST_c2l(data,l); X( 1)=l; - BODY_00_15( 0,A,B,C,D,E,T,X( 0)); HOST_c2l(data,l); X( 2)=l; - BODY_00_15( 1,T,A,B,C,D,E,X( 1)); HOST_c2l(data,l); X( 3)=l; - BODY_00_15( 2,E,T,A,B,C,D,X( 2)); HOST_c2l(data,l); X( 4)=l; - BODY_00_15( 3,D,E,T,A,B,C,X( 3)); HOST_c2l(data,l); X( 5)=l; - BODY_00_15( 4,C,D,E,T,A,B,X( 4)); HOST_c2l(data,l); X( 6)=l; - BODY_00_15( 5,B,C,D,E,T,A,X( 5)); HOST_c2l(data,l); X( 7)=l; - BODY_00_15( 6,A,B,C,D,E,T,X( 6)); HOST_c2l(data,l); X( 8)=l; - BODY_00_15( 7,T,A,B,C,D,E,X( 7)); HOST_c2l(data,l); X( 9)=l; - BODY_00_15( 8,E,T,A,B,C,D,X( 8)); HOST_c2l(data,l); X(10)=l; - BODY_00_15( 9,D,E,T,A,B,C,X( 9)); HOST_c2l(data,l); X(11)=l; - BODY_00_15(10,C,D,E,T,A,B,X(10)); HOST_c2l(data,l); X(12)=l; - BODY_00_15(11,B,C,D,E,T,A,X(11)); HOST_c2l(data,l); X(13)=l; - BODY_00_15(12,A,B,C,D,E,T,X(12)); HOST_c2l(data,l); X(14)=l; - BODY_00_15(13,T,A,B,C,D,E,X(13)); HOST_c2l(data,l); X(15)=l; - BODY_00_15(14,E,T,A,B,C,D,X(14)); - BODY_00_15(15,D,E,T,A,B,C,X(15)); - - BODY_16_19(16,C,D,E,T,A,B,X( 0),X( 0),X( 2),X( 8),X(13)); - BODY_16_19(17,B,C,D,E,T,A,X( 1),X( 1),X( 3),X( 9),X(14)); - BODY_16_19(18,A,B,C,D,E,T,X( 2),X( 2),X( 4),X(10),X(15)); - BODY_16_19(19,T,A,B,C,D,E,X( 3),X( 3),X( 5),X(11),X( 0)); - - BODY_20_31(20,E,T,A,B,C,D,X( 4),X( 4),X( 6),X(12),X( 1)); - BODY_20_31(21,D,E,T,A,B,C,X( 5),X( 5),X( 7),X(13),X( 2)); - BODY_20_31(22,C,D,E,T,A,B,X( 6),X( 6),X( 8),X(14),X( 3)); - BODY_20_31(23,B,C,D,E,T,A,X( 7),X( 7),X( 9),X(15),X( 4)); - BODY_20_31(24,A,B,C,D,E,T,X( 8),X( 8),X(10),X( 0),X( 5)); - BODY_20_31(25,T,A,B,C,D,E,X( 9),X( 9),X(11),X( 1),X( 6)); - BODY_20_31(26,E,T,A,B,C,D,X(10),X(10),X(12),X( 2),X( 7)); - BODY_20_31(27,D,E,T,A,B,C,X(11),X(11),X(13),X( 3),X( 8)); - BODY_20_31(28,C,D,E,T,A,B,X(12),X(12),X(14),X( 4),X( 9)); - BODY_20_31(29,B,C,D,E,T,A,X(13),X(13),X(15),X( 5),X(10)); - BODY_20_31(30,A,B,C,D,E,T,X(14),X(14),X( 0),X( 6),X(11)); - BODY_20_31(31,T,A,B,C,D,E,X(15),X(15),X( 1),X( 7),X(12)); - - BODY_32_39(32,E,T,A,B,C,D,X( 0),X( 2),X( 8),X(13)); - BODY_32_39(33,D,E,T,A,B,C,X( 1),X( 3),X( 9),X(14)); - BODY_32_39(34,C,D,E,T,A,B,X( 2),X( 4),X(10),X(15)); - BODY_32_39(35,B,C,D,E,T,A,X( 3),X( 5),X(11),X( 0)); - BODY_32_39(36,A,B,C,D,E,T,X( 4),X( 6),X(12),X( 1)); - BODY_32_39(37,T,A,B,C,D,E,X( 5),X( 7),X(13),X( 2)); - BODY_32_39(38,E,T,A,B,C,D,X( 6),X( 8),X(14),X( 3)); - BODY_32_39(39,D,E,T,A,B,C,X( 7),X( 9),X(15),X( 4)); - - BODY_40_59(40,C,D,E,T,A,B,X( 8),X(10),X( 0),X( 5)); - BODY_40_59(41,B,C,D,E,T,A,X( 9),X(11),X( 1),X( 6)); - BODY_40_59(42,A,B,C,D,E,T,X(10),X(12),X( 2),X( 7)); - BODY_40_59(43,T,A,B,C,D,E,X(11),X(13),X( 3),X( 8)); - BODY_40_59(44,E,T,A,B,C,D,X(12),X(14),X( 4),X( 9)); - BODY_40_59(45,D,E,T,A,B,C,X(13),X(15),X( 5),X(10)); - BODY_40_59(46,C,D,E,T,A,B,X(14),X( 0),X( 6),X(11)); - BODY_40_59(47,B,C,D,E,T,A,X(15),X( 1),X( 7),X(12)); - BODY_40_59(48,A,B,C,D,E,T,X( 0),X( 2),X( 8),X(13)); - BODY_40_59(49,T,A,B,C,D,E,X( 1),X( 3),X( 9),X(14)); - BODY_40_59(50,E,T,A,B,C,D,X( 2),X( 4),X(10),X(15)); - BODY_40_59(51,D,E,T,A,B,C,X( 3),X( 5),X(11),X( 0)); - BODY_40_59(52,C,D,E,T,A,B,X( 4),X( 6),X(12),X( 1)); - BODY_40_59(53,B,C,D,E,T,A,X( 5),X( 7),X(13),X( 2)); - BODY_40_59(54,A,B,C,D,E,T,X( 6),X( 8),X(14),X( 3)); - BODY_40_59(55,T,A,B,C,D,E,X( 7),X( 9),X(15),X( 4)); - BODY_40_59(56,E,T,A,B,C,D,X( 8),X(10),X( 0),X( 5)); - BODY_40_59(57,D,E,T,A,B,C,X( 9),X(11),X( 1),X( 6)); - BODY_40_59(58,C,D,E,T,A,B,X(10),X(12),X( 2),X( 7)); - BODY_40_59(59,B,C,D,E,T,A,X(11),X(13),X( 3),X( 8)); - - BODY_60_79(60,A,B,C,D,E,T,X(12),X(14),X( 4),X( 9)); - BODY_60_79(61,T,A,B,C,D,E,X(13),X(15),X( 5),X(10)); - BODY_60_79(62,E,T,A,B,C,D,X(14),X( 0),X( 6),X(11)); - BODY_60_79(63,D,E,T,A,B,C,X(15),X( 1),X( 7),X(12)); - BODY_60_79(64,C,D,E,T,A,B,X( 0),X( 2),X( 8),X(13)); - BODY_60_79(65,B,C,D,E,T,A,X( 1),X( 3),X( 9),X(14)); - BODY_60_79(66,A,B,C,D,E,T,X( 2),X( 4),X(10),X(15)); - BODY_60_79(67,T,A,B,C,D,E,X( 3),X( 5),X(11),X( 0)); - BODY_60_79(68,E,T,A,B,C,D,X( 4),X( 6),X(12),X( 1)); - BODY_60_79(69,D,E,T,A,B,C,X( 5),X( 7),X(13),X( 2)); - BODY_60_79(70,C,D,E,T,A,B,X( 6),X( 8),X(14),X( 3)); - BODY_60_79(71,B,C,D,E,T,A,X( 7),X( 9),X(15),X( 4)); - BODY_60_79(72,A,B,C,D,E,T,X( 8),X(10),X( 0),X( 5)); - BODY_60_79(73,T,A,B,C,D,E,X( 9),X(11),X( 1),X( 6)); - BODY_60_79(74,E,T,A,B,C,D,X(10),X(12),X( 2),X( 7)); - BODY_60_79(75,D,E,T,A,B,C,X(11),X(13),X( 3),X( 8)); - BODY_60_79(76,C,D,E,T,A,B,X(12),X(14),X( 4),X( 9)); - BODY_60_79(77,B,C,D,E,T,A,X(13),X(15),X( 5),X(10)); - BODY_60_79(78,A,B,C,D,E,T,X(14),X( 0),X( 6),X(11)); - BODY_60_79(79,T,A,B,C,D,E,X(15),X( 1),X( 7),X(12)); - - c->h0=(c->h0+E)&0xffffffffL; - c->h1=(c->h1+T)&0xffffffffL; - c->h2=(c->h2+A)&0xffffffffL; - c->h3=(c->h3+B)&0xffffffffL; - c->h4=(c->h4+C)&0xffffffffL; - - if (--num <= 0) break; - - A=c->h0; - B=c->h1; - C=c->h2; - D=c->h3; - E=c->h4; - - } - } -#endif diff --git a/src/lib/libcrypto/stack/safestack.h b/src/lib/libcrypto/stack/safestack.h deleted file mode 100644 index 9fa63e1be5..0000000000 --- a/src/lib/libcrypto/stack/safestack.h +++ /dev/null @@ -1,1134 +0,0 @@ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#ifndef HEADER_SAFESTACK_H -#define HEADER_SAFESTACK_H - -#include - -#ifdef DEBUG_SAFESTACK - -#define STACK_OF(type) struct stack_st_##type -#define PREDECLARE_STACK_OF(type) STACK_OF(type); - -#define DECLARE_STACK_OF(type) \ -STACK_OF(type) \ - { \ - STACK stack; \ - }; - -#define IMPLEMENT_STACK_OF(type) /* nada (obsolete in new safestack approach)*/ - -/* SKM_sk_... stack macros are internal to safestack.h: - * never use them directly, use sk__... instead */ -#define SKM_sk_new(type, cmp) \ - ((STACK_OF(type) * (*)(int (*)(const type * const *, const type * const *)))sk_new)(cmp) -#define SKM_sk_new_null(type) \ - ((STACK_OF(type) * (*)(void))sk_new_null)() -#define SKM_sk_free(type, st) \ - ((void (*)(STACK_OF(type) *))sk_free)(st) -#define SKM_sk_num(type, st) \ - ((int (*)(const STACK_OF(type) *))sk_num)(st) -#define SKM_sk_value(type, st,i) \ - ((type * (*)(const STACK_OF(type) *, int))sk_value)(st, i) -#define SKM_sk_set(type, st,i,val) \ - ((type * (*)(STACK_OF(type) *, int, type *))sk_set)(st, i, val) -#define SKM_sk_zero(type, st) \ - ((void (*)(STACK_OF(type) *))sk_zero)(st) -#define SKM_sk_push(type, st,val) \ - ((int (*)(STACK_OF(type) *, type *))sk_push)(st, val) -#define SKM_sk_unshift(type, st,val) \ - ((int (*)(STACK_OF(type) *, type *))sk_unshift)(st, val) -#define SKM_sk_find(type, st,val) \ - ((int (*)(STACK_OF(type) *, type *))sk_find)(st, val) -#define SKM_sk_delete(type, st,i) \ - ((type * (*)(STACK_OF(type) *, int))sk_delete)(st, i) -#define SKM_sk_delete_ptr(type, st,ptr) \ - ((type * (*)(STACK_OF(type) *, type *))sk_delete_ptr)(st, ptr) -#define SKM_sk_insert(type, st,val,i) \ - ((int (*)(STACK_OF(type) *, type *, int))sk_insert)(st, val, i) -#define SKM_sk_set_cmp_func(type, st,cmp) \ - ((int (*(*)(STACK_OF(type) *, int (*)(const type * const *, const type * const *))) \ - (const type * const *, const type * const *))sk_set_cmp_func)\ - (st, cmp) -#define SKM_sk_dup(type, st) \ - ((STACK_OF(type) *(*)(STACK_OF(type) *))sk_dup)(st) -#define SKM_sk_pop_free(type, st,free_func) \ - ((void (*)(STACK_OF(type) *, void (*)(type *)))sk_pop_free)\ - (st, free_func) -#define SKM_sk_shift(type, st) \ - ((type * (*)(STACK_OF(type) *))sk_shift)(st) -#define SKM_sk_pop(type, st) \ - ((type * (*)(STACK_OF(type) *))sk_pop)(st) -#define SKM_sk_sort(type, st) \ - ((void (*)(STACK_OF(type) *))sk_sort)(st) - -#define SKM_ASN1_SET_OF_d2i(type, st, pp, length, d2i_func, free_func, ex_tag, ex_class) \ - ((STACK_OF(type) * (*) (STACK_OF(type) **,unsigned char **, long , \ - type *(*)(type **, unsigned char **,long), \ - void (*)(type *), int ,int )) d2i_ASN1_SET) \ - (st,pp,length, d2i_func, free_func, ex_tag,ex_class) -#define SKM_ASN1_SET_OF_i2d(type, st, pp, i2d_func, ex_tag, ex_class, is_set) \ - ((int (*)(STACK_OF(type) *,unsigned char **, \ - int (*)(type *,unsigned char **), int , int , int)) i2d_ASN1_SET) \ - (st,pp,i2d_func,ex_tag,ex_class,is_set) - -#define SKM_ASN1_seq_pack(type, st, i2d_func, buf, len) \ - ((unsigned char *(*)(STACK_OF(type) *, \ - int (*)(type *,unsigned char **), unsigned char **,int *)) ASN1_seq_pack) \ - (st, i2d_func, buf, len) -#define SKM_ASN1_seq_unpack(type, buf, len, d2i_func, free_func) \ - ((STACK_OF(type) * (*)(unsigned char *,int, \ - type *(*)(type **,unsigned char **, long), \ - void (*)(type *)))ASN1_seq_unpack) \ - (buf,len,d2i_func, free_func) - -#define SKM_PKCS12_decrypt_d2i(type, algor, d2i_func, free_func, pass, passlen, oct, seq) \ - ((STACK_OF(type) * (*)(X509_ALGOR *, \ - type *(*)(type **, unsigned char **, long), void (*)(type *), \ - const char *, int, \ - ASN1_STRING *, int))PKCS12_decrypt_d2i) \ - (algor,d2i_func,free_func,pass,passlen,oct,seq) - -#else - -#define STACK_OF(type) STACK -#define PREDECLARE_STACK_OF(type) /* nada */ -#define DECLARE_STACK_OF(type) /* nada */ -#define IMPLEMENT_STACK_OF(type) /* nada */ - -#define SKM_sk_new(type, cmp) \ - sk_new((int (*)(const char * const *, const char * const *))(cmp)) -#define SKM_sk_new_null(type) \ - sk_new_null() -#define SKM_sk_free(type, st) \ - sk_free(st) -#define SKM_sk_num(type, st) \ - sk_num(st) -#define SKM_sk_value(type, st,i) \ - ((type *)sk_value(st, i)) -#define SKM_sk_set(type, st,i,val) \ - ((type *)sk_set(st, i,(char *)val)) -#define SKM_sk_zero(type, st) \ - sk_zero(st) -#define SKM_sk_push(type, st,val) \ - sk_push(st, (char *)val) -#define SKM_sk_unshift(type, st,val) \ - sk_unshift(st, val) -#define SKM_sk_find(type, st,val) \ - sk_find(st, (char *)val) -#define SKM_sk_delete(type, st,i) \ - ((type *)sk_delete(st, i)) -#define SKM_sk_delete_ptr(type, st,ptr) \ - ((type *)sk_delete_ptr(st,(char *)ptr)) -#define SKM_sk_insert(type, st,val,i) \ - sk_insert(st, (char *)val, i) -#define SKM_sk_set_cmp_func(type, st,cmp) \ - ((int (*)(const type * const *,const type * const *)) \ - sk_set_cmp_func(st, (int (*)(const char * const *, const char * const *))(cmp))) -#define SKM_sk_dup(type, st) \ - sk_dup(st) -#define SKM_sk_pop_free(type, st,free_func) \ - sk_pop_free(st, (void (*)(void *))free_func) -#define SKM_sk_shift(type, st) \ - ((type *)sk_shift(st)) -#define SKM_sk_pop(type, st) \ - ((type *)sk_pop(st)) -#define SKM_sk_sort(type, st) \ - sk_sort(st) - -#define SKM_ASN1_SET_OF_d2i(type, st, pp, length, d2i_func, free_func, ex_tag, ex_class) \ - d2i_ASN1_SET(st,pp,length, (char *(*)())d2i_func, (void (*)(void *))free_func, ex_tag,ex_class) -#define SKM_ASN1_SET_OF_i2d(type, st, pp, i2d_func, ex_tag, ex_class, is_set) \ - i2d_ASN1_SET(st,pp,i2d_func,ex_tag,ex_class,is_set) - -#define SKM_ASN1_seq_pack(type, st, i2d_func, buf, len) \ - ASN1_seq_pack(st, i2d_func, buf, len) -#define SKM_ASN1_seq_unpack(type, buf, len, d2i_func, free_func) \ - ASN1_seq_unpack(buf,len,(char *(*)())d2i_func, (void(*)(void *))free_func) - -#define SKM_PKCS12_decrypt_d2i(type, algor, d2i_func, free_func, pass, passlen, oct, seq) \ - ((STACK *)PKCS12_decrypt_d2i(algor,(char *(*)())d2i_func, (void(*)(void *))free_func,pass,passlen,oct,seq)) - -#endif - -/* This block of defines is updated by util/mkstack.pl, please do not touch! */ -#define sk_ACCESS_DESCRIPTION_new(st) SKM_sk_new(ACCESS_DESCRIPTION, (st)) -#define sk_ACCESS_DESCRIPTION_new_null() SKM_sk_new_null(ACCESS_DESCRIPTION) -#define sk_ACCESS_DESCRIPTION_free(st) SKM_sk_free(ACCESS_DESCRIPTION, (st)) -#define sk_ACCESS_DESCRIPTION_num(st) SKM_sk_num(ACCESS_DESCRIPTION, (st)) -#define sk_ACCESS_DESCRIPTION_value(st, i) SKM_sk_value(ACCESS_DESCRIPTION, (st), (i)) -#define sk_ACCESS_DESCRIPTION_set(st, i, val) SKM_sk_set(ACCESS_DESCRIPTION, (st), (i), (val)) -#define sk_ACCESS_DESCRIPTION_zero(st) SKM_sk_zero(ACCESS_DESCRIPTION, (st)) -#define sk_ACCESS_DESCRIPTION_push(st, val) SKM_sk_push(ACCESS_DESCRIPTION, (st), (val)) -#define sk_ACCESS_DESCRIPTION_unshift(st, val) SKM_sk_unshift(ACCESS_DESCRIPTION, (st), (val)) -#define sk_ACCESS_DESCRIPTION_find(st, val) SKM_sk_find(ACCESS_DESCRIPTION, (st), (val)) -#define sk_ACCESS_DESCRIPTION_delete(st, i) SKM_sk_delete(ACCESS_DESCRIPTION, (st), (i)) -#define sk_ACCESS_DESCRIPTION_delete_ptr(st, ptr) SKM_sk_delete_ptr(ACCESS_DESCRIPTION, (st), (ptr)) -#define sk_ACCESS_DESCRIPTION_insert(st, val, i) SKM_sk_insert(ACCESS_DESCRIPTION, (st), (val), (i)) -#define sk_ACCESS_DESCRIPTION_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ACCESS_DESCRIPTION, (st), (cmp)) -#define sk_ACCESS_DESCRIPTION_dup(st) SKM_sk_dup(ACCESS_DESCRIPTION, st) -#define sk_ACCESS_DESCRIPTION_pop_free(st, free_func) SKM_sk_pop_free(ACCESS_DESCRIPTION, (st), (free_func)) -#define sk_ACCESS_DESCRIPTION_shift(st) SKM_sk_shift(ACCESS_DESCRIPTION, (st)) -#define sk_ACCESS_DESCRIPTION_pop(st) SKM_sk_pop(ACCESS_DESCRIPTION, (st)) -#define sk_ACCESS_DESCRIPTION_sort(st) SKM_sk_sort(ACCESS_DESCRIPTION, (st)) - -#define sk_ASN1_INTEGER_new(st) SKM_sk_new(ASN1_INTEGER, (st)) -#define sk_ASN1_INTEGER_new_null() SKM_sk_new_null(ASN1_INTEGER) -#define sk_ASN1_INTEGER_free(st) SKM_sk_free(ASN1_INTEGER, (st)) -#define sk_ASN1_INTEGER_num(st) SKM_sk_num(ASN1_INTEGER, (st)) -#define sk_ASN1_INTEGER_value(st, i) SKM_sk_value(ASN1_INTEGER, (st), (i)) -#define sk_ASN1_INTEGER_set(st, i, val) SKM_sk_set(ASN1_INTEGER, (st), (i), (val)) -#define sk_ASN1_INTEGER_zero(st) SKM_sk_zero(ASN1_INTEGER, (st)) -#define sk_ASN1_INTEGER_push(st, val) SKM_sk_push(ASN1_INTEGER, (st), (val)) -#define sk_ASN1_INTEGER_unshift(st, val) SKM_sk_unshift(ASN1_INTEGER, (st), (val)) -#define sk_ASN1_INTEGER_find(st, val) SKM_sk_find(ASN1_INTEGER, (st), (val)) -#define sk_ASN1_INTEGER_delete(st, i) SKM_sk_delete(ASN1_INTEGER, (st), (i)) -#define sk_ASN1_INTEGER_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_INTEGER, (st), (ptr)) -#define sk_ASN1_INTEGER_insert(st, val, i) SKM_sk_insert(ASN1_INTEGER, (st), (val), (i)) -#define sk_ASN1_INTEGER_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_INTEGER, (st), (cmp)) -#define sk_ASN1_INTEGER_dup(st) SKM_sk_dup(ASN1_INTEGER, st) -#define sk_ASN1_INTEGER_pop_free(st, free_func) SKM_sk_pop_free(ASN1_INTEGER, (st), (free_func)) -#define sk_ASN1_INTEGER_shift(st) SKM_sk_shift(ASN1_INTEGER, (st)) -#define sk_ASN1_INTEGER_pop(st) SKM_sk_pop(ASN1_INTEGER, (st)) -#define sk_ASN1_INTEGER_sort(st) SKM_sk_sort(ASN1_INTEGER, (st)) - -#define sk_ASN1_OBJECT_new(st) SKM_sk_new(ASN1_OBJECT, (st)) -#define sk_ASN1_OBJECT_new_null() SKM_sk_new_null(ASN1_OBJECT) -#define sk_ASN1_OBJECT_free(st) SKM_sk_free(ASN1_OBJECT, (st)) -#define sk_ASN1_OBJECT_num(st) SKM_sk_num(ASN1_OBJECT, (st)) -#define sk_ASN1_OBJECT_value(st, i) SKM_sk_value(ASN1_OBJECT, (st), (i)) -#define sk_ASN1_OBJECT_set(st, i, val) SKM_sk_set(ASN1_OBJECT, (st), (i), (val)) -#define sk_ASN1_OBJECT_zero(st) SKM_sk_zero(ASN1_OBJECT, (st)) -#define sk_ASN1_OBJECT_push(st, val) SKM_sk_push(ASN1_OBJECT, (st), (val)) -#define sk_ASN1_OBJECT_unshift(st, val) SKM_sk_unshift(ASN1_OBJECT, (st), (val)) -#define sk_ASN1_OBJECT_find(st, val) SKM_sk_find(ASN1_OBJECT, (st), (val)) -#define sk_ASN1_OBJECT_delete(st, i) SKM_sk_delete(ASN1_OBJECT, (st), (i)) -#define sk_ASN1_OBJECT_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_OBJECT, (st), (ptr)) -#define sk_ASN1_OBJECT_insert(st, val, i) SKM_sk_insert(ASN1_OBJECT, (st), (val), (i)) -#define sk_ASN1_OBJECT_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_OBJECT, (st), (cmp)) -#define sk_ASN1_OBJECT_dup(st) SKM_sk_dup(ASN1_OBJECT, st) -#define sk_ASN1_OBJECT_pop_free(st, free_func) SKM_sk_pop_free(ASN1_OBJECT, (st), (free_func)) -#define sk_ASN1_OBJECT_shift(st) SKM_sk_shift(ASN1_OBJECT, (st)) -#define sk_ASN1_OBJECT_pop(st) SKM_sk_pop(ASN1_OBJECT, (st)) -#define sk_ASN1_OBJECT_sort(st) SKM_sk_sort(ASN1_OBJECT, (st)) - -#define sk_ASN1_STRING_TABLE_new(st) SKM_sk_new(ASN1_STRING_TABLE, (st)) -#define sk_ASN1_STRING_TABLE_new_null() SKM_sk_new_null(ASN1_STRING_TABLE) -#define sk_ASN1_STRING_TABLE_free(st) SKM_sk_free(ASN1_STRING_TABLE, (st)) -#define sk_ASN1_STRING_TABLE_num(st) SKM_sk_num(ASN1_STRING_TABLE, (st)) -#define sk_ASN1_STRING_TABLE_value(st, i) SKM_sk_value(ASN1_STRING_TABLE, (st), (i)) -#define sk_ASN1_STRING_TABLE_set(st, i, val) SKM_sk_set(ASN1_STRING_TABLE, (st), (i), (val)) -#define sk_ASN1_STRING_TABLE_zero(st) SKM_sk_zero(ASN1_STRING_TABLE, (st)) -#define sk_ASN1_STRING_TABLE_push(st, val) SKM_sk_push(ASN1_STRING_TABLE, (st), (val)) -#define sk_ASN1_STRING_TABLE_unshift(st, val) SKM_sk_unshift(ASN1_STRING_TABLE, (st), (val)) -#define sk_ASN1_STRING_TABLE_find(st, val) SKM_sk_find(ASN1_STRING_TABLE, (st), (val)) -#define sk_ASN1_STRING_TABLE_delete(st, i) SKM_sk_delete(ASN1_STRING_TABLE, (st), (i)) -#define sk_ASN1_STRING_TABLE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_STRING_TABLE, (st), (ptr)) -#define sk_ASN1_STRING_TABLE_insert(st, val, i) SKM_sk_insert(ASN1_STRING_TABLE, (st), (val), (i)) -#define sk_ASN1_STRING_TABLE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_STRING_TABLE, (st), (cmp)) -#define sk_ASN1_STRING_TABLE_dup(st) SKM_sk_dup(ASN1_STRING_TABLE, st) -#define sk_ASN1_STRING_TABLE_pop_free(st, free_func) SKM_sk_pop_free(ASN1_STRING_TABLE, (st), (free_func)) -#define sk_ASN1_STRING_TABLE_shift(st) SKM_sk_shift(ASN1_STRING_TABLE, (st)) -#define sk_ASN1_STRING_TABLE_pop(st) SKM_sk_pop(ASN1_STRING_TABLE, (st)) -#define sk_ASN1_STRING_TABLE_sort(st) SKM_sk_sort(ASN1_STRING_TABLE, (st)) - -#define sk_ASN1_TYPE_new(st) SKM_sk_new(ASN1_TYPE, (st)) -#define sk_ASN1_TYPE_new_null() SKM_sk_new_null(ASN1_TYPE) -#define sk_ASN1_TYPE_free(st) SKM_sk_free(ASN1_TYPE, (st)) -#define sk_ASN1_TYPE_num(st) SKM_sk_num(ASN1_TYPE, (st)) -#define sk_ASN1_TYPE_value(st, i) SKM_sk_value(ASN1_TYPE, (st), (i)) -#define sk_ASN1_TYPE_set(st, i, val) SKM_sk_set(ASN1_TYPE, (st), (i), (val)) -#define sk_ASN1_TYPE_zero(st) SKM_sk_zero(ASN1_TYPE, (st)) -#define sk_ASN1_TYPE_push(st, val) SKM_sk_push(ASN1_TYPE, (st), (val)) -#define sk_ASN1_TYPE_unshift(st, val) SKM_sk_unshift(ASN1_TYPE, (st), (val)) -#define sk_ASN1_TYPE_find(st, val) SKM_sk_find(ASN1_TYPE, (st), (val)) -#define sk_ASN1_TYPE_delete(st, i) SKM_sk_delete(ASN1_TYPE, (st), (i)) -#define sk_ASN1_TYPE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_TYPE, (st), (ptr)) -#define sk_ASN1_TYPE_insert(st, val, i) SKM_sk_insert(ASN1_TYPE, (st), (val), (i)) -#define sk_ASN1_TYPE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_TYPE, (st), (cmp)) -#define sk_ASN1_TYPE_dup(st) SKM_sk_dup(ASN1_TYPE, st) -#define sk_ASN1_TYPE_pop_free(st, free_func) SKM_sk_pop_free(ASN1_TYPE, (st), (free_func)) -#define sk_ASN1_TYPE_shift(st) SKM_sk_shift(ASN1_TYPE, (st)) -#define sk_ASN1_TYPE_pop(st) SKM_sk_pop(ASN1_TYPE, (st)) -#define sk_ASN1_TYPE_sort(st) SKM_sk_sort(ASN1_TYPE, (st)) - -#define sk_BIO_new(st) SKM_sk_new(BIO, (st)) -#define sk_BIO_new_null() SKM_sk_new_null(BIO) -#define sk_BIO_free(st) SKM_sk_free(BIO, (st)) -#define sk_BIO_num(st) SKM_sk_num(BIO, (st)) -#define sk_BIO_value(st, i) SKM_sk_value(BIO, (st), (i)) -#define sk_BIO_set(st, i, val) SKM_sk_set(BIO, (st), (i), (val)) -#define sk_BIO_zero(st) SKM_sk_zero(BIO, (st)) -#define sk_BIO_push(st, val) SKM_sk_push(BIO, (st), (val)) -#define sk_BIO_unshift(st, val) SKM_sk_unshift(BIO, (st), (val)) -#define sk_BIO_find(st, val) SKM_sk_find(BIO, (st), (val)) -#define sk_BIO_delete(st, i) SKM_sk_delete(BIO, (st), (i)) -#define sk_BIO_delete_ptr(st, ptr) SKM_sk_delete_ptr(BIO, (st), (ptr)) -#define sk_BIO_insert(st, val, i) SKM_sk_insert(BIO, (st), (val), (i)) -#define sk_BIO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(BIO, (st), (cmp)) -#define sk_BIO_dup(st) SKM_sk_dup(BIO, st) -#define sk_BIO_pop_free(st, free_func) SKM_sk_pop_free(BIO, (st), (free_func)) -#define sk_BIO_shift(st) SKM_sk_shift(BIO, (st)) -#define sk_BIO_pop(st) SKM_sk_pop(BIO, (st)) -#define sk_BIO_sort(st) SKM_sk_sort(BIO, (st)) - -#define sk_CONF_VALUE_new(st) SKM_sk_new(CONF_VALUE, (st)) -#define sk_CONF_VALUE_new_null() SKM_sk_new_null(CONF_VALUE) -#define sk_CONF_VALUE_free(st) SKM_sk_free(CONF_VALUE, (st)) -#define sk_CONF_VALUE_num(st) SKM_sk_num(CONF_VALUE, (st)) -#define sk_CONF_VALUE_value(st, i) SKM_sk_value(CONF_VALUE, (st), (i)) -#define sk_CONF_VALUE_set(st, i, val) SKM_sk_set(CONF_VALUE, (st), (i), (val)) -#define sk_CONF_VALUE_zero(st) SKM_sk_zero(CONF_VALUE, (st)) -#define sk_CONF_VALUE_push(st, val) SKM_sk_push(CONF_VALUE, (st), (val)) -#define sk_CONF_VALUE_unshift(st, val) SKM_sk_unshift(CONF_VALUE, (st), (val)) -#define sk_CONF_VALUE_find(st, val) SKM_sk_find(CONF_VALUE, (st), (val)) -#define sk_CONF_VALUE_delete(st, i) SKM_sk_delete(CONF_VALUE, (st), (i)) -#define sk_CONF_VALUE_delete_ptr(st, ptr) SKM_sk_delete_ptr(CONF_VALUE, (st), (ptr)) -#define sk_CONF_VALUE_insert(st, val, i) SKM_sk_insert(CONF_VALUE, (st), (val), (i)) -#define sk_CONF_VALUE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CONF_VALUE, (st), (cmp)) -#define sk_CONF_VALUE_dup(st) SKM_sk_dup(CONF_VALUE, st) -#define sk_CONF_VALUE_pop_free(st, free_func) SKM_sk_pop_free(CONF_VALUE, (st), (free_func)) -#define sk_CONF_VALUE_shift(st) SKM_sk_shift(CONF_VALUE, (st)) -#define sk_CONF_VALUE_pop(st) SKM_sk_pop(CONF_VALUE, (st)) -#define sk_CONF_VALUE_sort(st) SKM_sk_sort(CONF_VALUE, (st)) - -#define sk_CRYPTO_EX_DATA_FUNCS_new(st) SKM_sk_new(CRYPTO_EX_DATA_FUNCS, (st)) -#define sk_CRYPTO_EX_DATA_FUNCS_new_null() SKM_sk_new_null(CRYPTO_EX_DATA_FUNCS) -#define sk_CRYPTO_EX_DATA_FUNCS_free(st) SKM_sk_free(CRYPTO_EX_DATA_FUNCS, (st)) -#define sk_CRYPTO_EX_DATA_FUNCS_num(st) SKM_sk_num(CRYPTO_EX_DATA_FUNCS, (st)) -#define sk_CRYPTO_EX_DATA_FUNCS_value(st, i) SKM_sk_value(CRYPTO_EX_DATA_FUNCS, (st), (i)) -#define sk_CRYPTO_EX_DATA_FUNCS_set(st, i, val) SKM_sk_set(CRYPTO_EX_DATA_FUNCS, (st), (i), (val)) -#define sk_CRYPTO_EX_DATA_FUNCS_zero(st) SKM_sk_zero(CRYPTO_EX_DATA_FUNCS, (st)) -#define sk_CRYPTO_EX_DATA_FUNCS_push(st, val) SKM_sk_push(CRYPTO_EX_DATA_FUNCS, (st), (val)) -#define sk_CRYPTO_EX_DATA_FUNCS_unshift(st, val) SKM_sk_unshift(CRYPTO_EX_DATA_FUNCS, (st), (val)) -#define sk_CRYPTO_EX_DATA_FUNCS_find(st, val) SKM_sk_find(CRYPTO_EX_DATA_FUNCS, (st), (val)) -#define sk_CRYPTO_EX_DATA_FUNCS_delete(st, i) SKM_sk_delete(CRYPTO_EX_DATA_FUNCS, (st), (i)) -#define sk_CRYPTO_EX_DATA_FUNCS_delete_ptr(st, ptr) SKM_sk_delete_ptr(CRYPTO_EX_DATA_FUNCS, (st), (ptr)) -#define sk_CRYPTO_EX_DATA_FUNCS_insert(st, val, i) SKM_sk_insert(CRYPTO_EX_DATA_FUNCS, (st), (val), (i)) -#define sk_CRYPTO_EX_DATA_FUNCS_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CRYPTO_EX_DATA_FUNCS, (st), (cmp)) -#define sk_CRYPTO_EX_DATA_FUNCS_dup(st) SKM_sk_dup(CRYPTO_EX_DATA_FUNCS, st) -#define sk_CRYPTO_EX_DATA_FUNCS_pop_free(st, free_func) SKM_sk_pop_free(CRYPTO_EX_DATA_FUNCS, (st), (free_func)) -#define sk_CRYPTO_EX_DATA_FUNCS_shift(st) SKM_sk_shift(CRYPTO_EX_DATA_FUNCS, (st)) -#define sk_CRYPTO_EX_DATA_FUNCS_pop(st) SKM_sk_pop(CRYPTO_EX_DATA_FUNCS, (st)) -#define sk_CRYPTO_EX_DATA_FUNCS_sort(st) SKM_sk_sort(CRYPTO_EX_DATA_FUNCS, (st)) - -#define sk_CRYPTO_dynlock_new(st) SKM_sk_new(CRYPTO_dynlock, (st)) -#define sk_CRYPTO_dynlock_new_null() SKM_sk_new_null(CRYPTO_dynlock) -#define sk_CRYPTO_dynlock_free(st) SKM_sk_free(CRYPTO_dynlock, (st)) -#define sk_CRYPTO_dynlock_num(st) SKM_sk_num(CRYPTO_dynlock, (st)) -#define sk_CRYPTO_dynlock_value(st, i) SKM_sk_value(CRYPTO_dynlock, (st), (i)) -#define sk_CRYPTO_dynlock_set(st, i, val) SKM_sk_set(CRYPTO_dynlock, (st), (i), (val)) -#define sk_CRYPTO_dynlock_zero(st) SKM_sk_zero(CRYPTO_dynlock, (st)) -#define sk_CRYPTO_dynlock_push(st, val) SKM_sk_push(CRYPTO_dynlock, (st), (val)) -#define sk_CRYPTO_dynlock_unshift(st, val) SKM_sk_unshift(CRYPTO_dynlock, (st), (val)) -#define sk_CRYPTO_dynlock_find(st, val) SKM_sk_find(CRYPTO_dynlock, (st), (val)) -#define sk_CRYPTO_dynlock_delete(st, i) SKM_sk_delete(CRYPTO_dynlock, (st), (i)) -#define sk_CRYPTO_dynlock_delete_ptr(st, ptr) SKM_sk_delete_ptr(CRYPTO_dynlock, (st), (ptr)) -#define sk_CRYPTO_dynlock_insert(st, val, i) SKM_sk_insert(CRYPTO_dynlock, (st), (val), (i)) -#define sk_CRYPTO_dynlock_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(CRYPTO_dynlock, (st), (cmp)) -#define sk_CRYPTO_dynlock_dup(st) SKM_sk_dup(CRYPTO_dynlock, st) -#define sk_CRYPTO_dynlock_pop_free(st, free_func) SKM_sk_pop_free(CRYPTO_dynlock, (st), (free_func)) -#define sk_CRYPTO_dynlock_shift(st) SKM_sk_shift(CRYPTO_dynlock, (st)) -#define sk_CRYPTO_dynlock_pop(st) SKM_sk_pop(CRYPTO_dynlock, (st)) -#define sk_CRYPTO_dynlock_sort(st) SKM_sk_sort(CRYPTO_dynlock, (st)) - -#define sk_DIST_POINT_new(st) SKM_sk_new(DIST_POINT, (st)) -#define sk_DIST_POINT_new_null() SKM_sk_new_null(DIST_POINT) -#define sk_DIST_POINT_free(st) SKM_sk_free(DIST_POINT, (st)) -#define sk_DIST_POINT_num(st) SKM_sk_num(DIST_POINT, (st)) -#define sk_DIST_POINT_value(st, i) SKM_sk_value(DIST_POINT, (st), (i)) -#define sk_DIST_POINT_set(st, i, val) SKM_sk_set(DIST_POINT, (st), (i), (val)) -#define sk_DIST_POINT_zero(st) SKM_sk_zero(DIST_POINT, (st)) -#define sk_DIST_POINT_push(st, val) SKM_sk_push(DIST_POINT, (st), (val)) -#define sk_DIST_POINT_unshift(st, val) SKM_sk_unshift(DIST_POINT, (st), (val)) -#define sk_DIST_POINT_find(st, val) SKM_sk_find(DIST_POINT, (st), (val)) -#define sk_DIST_POINT_delete(st, i) SKM_sk_delete(DIST_POINT, (st), (i)) -#define sk_DIST_POINT_delete_ptr(st, ptr) SKM_sk_delete_ptr(DIST_POINT, (st), (ptr)) -#define sk_DIST_POINT_insert(st, val, i) SKM_sk_insert(DIST_POINT, (st), (val), (i)) -#define sk_DIST_POINT_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(DIST_POINT, (st), (cmp)) -#define sk_DIST_POINT_dup(st) SKM_sk_dup(DIST_POINT, st) -#define sk_DIST_POINT_pop_free(st, free_func) SKM_sk_pop_free(DIST_POINT, (st), (free_func)) -#define sk_DIST_POINT_shift(st) SKM_sk_shift(DIST_POINT, (st)) -#define sk_DIST_POINT_pop(st) SKM_sk_pop(DIST_POINT, (st)) -#define sk_DIST_POINT_sort(st) SKM_sk_sort(DIST_POINT, (st)) - -#define sk_GENERAL_NAME_new(st) SKM_sk_new(GENERAL_NAME, (st)) -#define sk_GENERAL_NAME_new_null() SKM_sk_new_null(GENERAL_NAME) -#define sk_GENERAL_NAME_free(st) SKM_sk_free(GENERAL_NAME, (st)) -#define sk_GENERAL_NAME_num(st) SKM_sk_num(GENERAL_NAME, (st)) -#define sk_GENERAL_NAME_value(st, i) SKM_sk_value(GENERAL_NAME, (st), (i)) -#define sk_GENERAL_NAME_set(st, i, val) SKM_sk_set(GENERAL_NAME, (st), (i), (val)) -#define sk_GENERAL_NAME_zero(st) SKM_sk_zero(GENERAL_NAME, (st)) -#define sk_GENERAL_NAME_push(st, val) SKM_sk_push(GENERAL_NAME, (st), (val)) -#define sk_GENERAL_NAME_unshift(st, val) SKM_sk_unshift(GENERAL_NAME, (st), (val)) -#define sk_GENERAL_NAME_find(st, val) SKM_sk_find(GENERAL_NAME, (st), (val)) -#define sk_GENERAL_NAME_delete(st, i) SKM_sk_delete(GENERAL_NAME, (st), (i)) -#define sk_GENERAL_NAME_delete_ptr(st, ptr) SKM_sk_delete_ptr(GENERAL_NAME, (st), (ptr)) -#define sk_GENERAL_NAME_insert(st, val, i) SKM_sk_insert(GENERAL_NAME, (st), (val), (i)) -#define sk_GENERAL_NAME_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(GENERAL_NAME, (st), (cmp)) -#define sk_GENERAL_NAME_dup(st) SKM_sk_dup(GENERAL_NAME, st) -#define sk_GENERAL_NAME_pop_free(st, free_func) SKM_sk_pop_free(GENERAL_NAME, (st), (free_func)) -#define sk_GENERAL_NAME_shift(st) SKM_sk_shift(GENERAL_NAME, (st)) -#define sk_GENERAL_NAME_pop(st) SKM_sk_pop(GENERAL_NAME, (st)) -#define sk_GENERAL_NAME_sort(st) SKM_sk_sort(GENERAL_NAME, (st)) - -#define sk_MIME_HEADER_new(st) SKM_sk_new(MIME_HEADER, (st)) -#define sk_MIME_HEADER_new_null() SKM_sk_new_null(MIME_HEADER) -#define sk_MIME_HEADER_free(st) SKM_sk_free(MIME_HEADER, (st)) -#define sk_MIME_HEADER_num(st) SKM_sk_num(MIME_HEADER, (st)) -#define sk_MIME_HEADER_value(st, i) SKM_sk_value(MIME_HEADER, (st), (i)) -#define sk_MIME_HEADER_set(st, i, val) SKM_sk_set(MIME_HEADER, (st), (i), (val)) -#define sk_MIME_HEADER_zero(st) SKM_sk_zero(MIME_HEADER, (st)) -#define sk_MIME_HEADER_push(st, val) SKM_sk_push(MIME_HEADER, (st), (val)) -#define sk_MIME_HEADER_unshift(st, val) SKM_sk_unshift(MIME_HEADER, (st), (val)) -#define sk_MIME_HEADER_find(st, val) SKM_sk_find(MIME_HEADER, (st), (val)) -#define sk_MIME_HEADER_delete(st, i) SKM_sk_delete(MIME_HEADER, (st), (i)) -#define sk_MIME_HEADER_delete_ptr(st, ptr) SKM_sk_delete_ptr(MIME_HEADER, (st), (ptr)) -#define sk_MIME_HEADER_insert(st, val, i) SKM_sk_insert(MIME_HEADER, (st), (val), (i)) -#define sk_MIME_HEADER_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(MIME_HEADER, (st), (cmp)) -#define sk_MIME_HEADER_dup(st) SKM_sk_dup(MIME_HEADER, st) -#define sk_MIME_HEADER_pop_free(st, free_func) SKM_sk_pop_free(MIME_HEADER, (st), (free_func)) -#define sk_MIME_HEADER_shift(st) SKM_sk_shift(MIME_HEADER, (st)) -#define sk_MIME_HEADER_pop(st) SKM_sk_pop(MIME_HEADER, (st)) -#define sk_MIME_HEADER_sort(st) SKM_sk_sort(MIME_HEADER, (st)) - -#define sk_MIME_PARAM_new(st) SKM_sk_new(MIME_PARAM, (st)) -#define sk_MIME_PARAM_new_null() SKM_sk_new_null(MIME_PARAM) -#define sk_MIME_PARAM_free(st) SKM_sk_free(MIME_PARAM, (st)) -#define sk_MIME_PARAM_num(st) SKM_sk_num(MIME_PARAM, (st)) -#define sk_MIME_PARAM_value(st, i) SKM_sk_value(MIME_PARAM, (st), (i)) -#define sk_MIME_PARAM_set(st, i, val) SKM_sk_set(MIME_PARAM, (st), (i), (val)) -#define sk_MIME_PARAM_zero(st) SKM_sk_zero(MIME_PARAM, (st)) -#define sk_MIME_PARAM_push(st, val) SKM_sk_push(MIME_PARAM, (st), (val)) -#define sk_MIME_PARAM_unshift(st, val) SKM_sk_unshift(MIME_PARAM, (st), (val)) -#define sk_MIME_PARAM_find(st, val) SKM_sk_find(MIME_PARAM, (st), (val)) -#define sk_MIME_PARAM_delete(st, i) SKM_sk_delete(MIME_PARAM, (st), (i)) -#define sk_MIME_PARAM_delete_ptr(st, ptr) SKM_sk_delete_ptr(MIME_PARAM, (st), (ptr)) -#define sk_MIME_PARAM_insert(st, val, i) SKM_sk_insert(MIME_PARAM, (st), (val), (i)) -#define sk_MIME_PARAM_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(MIME_PARAM, (st), (cmp)) -#define sk_MIME_PARAM_dup(st) SKM_sk_dup(MIME_PARAM, st) -#define sk_MIME_PARAM_pop_free(st, free_func) SKM_sk_pop_free(MIME_PARAM, (st), (free_func)) -#define sk_MIME_PARAM_shift(st) SKM_sk_shift(MIME_PARAM, (st)) -#define sk_MIME_PARAM_pop(st) SKM_sk_pop(MIME_PARAM, (st)) -#define sk_MIME_PARAM_sort(st) SKM_sk_sort(MIME_PARAM, (st)) - -#define sk_NAME_FUNCS_new(st) SKM_sk_new(NAME_FUNCS, (st)) -#define sk_NAME_FUNCS_new_null() SKM_sk_new_null(NAME_FUNCS) -#define sk_NAME_FUNCS_free(st) SKM_sk_free(NAME_FUNCS, (st)) -#define sk_NAME_FUNCS_num(st) SKM_sk_num(NAME_FUNCS, (st)) -#define sk_NAME_FUNCS_value(st, i) SKM_sk_value(NAME_FUNCS, (st), (i)) -#define sk_NAME_FUNCS_set(st, i, val) SKM_sk_set(NAME_FUNCS, (st), (i), (val)) -#define sk_NAME_FUNCS_zero(st) SKM_sk_zero(NAME_FUNCS, (st)) -#define sk_NAME_FUNCS_push(st, val) SKM_sk_push(NAME_FUNCS, (st), (val)) -#define sk_NAME_FUNCS_unshift(st, val) SKM_sk_unshift(NAME_FUNCS, (st), (val)) -#define sk_NAME_FUNCS_find(st, val) SKM_sk_find(NAME_FUNCS, (st), (val)) -#define sk_NAME_FUNCS_delete(st, i) SKM_sk_delete(NAME_FUNCS, (st), (i)) -#define sk_NAME_FUNCS_delete_ptr(st, ptr) SKM_sk_delete_ptr(NAME_FUNCS, (st), (ptr)) -#define sk_NAME_FUNCS_insert(st, val, i) SKM_sk_insert(NAME_FUNCS, (st), (val), (i)) -#define sk_NAME_FUNCS_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(NAME_FUNCS, (st), (cmp)) -#define sk_NAME_FUNCS_dup(st) SKM_sk_dup(NAME_FUNCS, st) -#define sk_NAME_FUNCS_pop_free(st, free_func) SKM_sk_pop_free(NAME_FUNCS, (st), (free_func)) -#define sk_NAME_FUNCS_shift(st) SKM_sk_shift(NAME_FUNCS, (st)) -#define sk_NAME_FUNCS_pop(st) SKM_sk_pop(NAME_FUNCS, (st)) -#define sk_NAME_FUNCS_sort(st) SKM_sk_sort(NAME_FUNCS, (st)) - -#define sk_PKCS12_SAFEBAG_new(st) SKM_sk_new(PKCS12_SAFEBAG, (st)) -#define sk_PKCS12_SAFEBAG_new_null() SKM_sk_new_null(PKCS12_SAFEBAG) -#define sk_PKCS12_SAFEBAG_free(st) SKM_sk_free(PKCS12_SAFEBAG, (st)) -#define sk_PKCS12_SAFEBAG_num(st) SKM_sk_num(PKCS12_SAFEBAG, (st)) -#define sk_PKCS12_SAFEBAG_value(st, i) SKM_sk_value(PKCS12_SAFEBAG, (st), (i)) -#define sk_PKCS12_SAFEBAG_set(st, i, val) SKM_sk_set(PKCS12_SAFEBAG, (st), (i), (val)) -#define sk_PKCS12_SAFEBAG_zero(st) SKM_sk_zero(PKCS12_SAFEBAG, (st)) -#define sk_PKCS12_SAFEBAG_push(st, val) SKM_sk_push(PKCS12_SAFEBAG, (st), (val)) -#define sk_PKCS12_SAFEBAG_unshift(st, val) SKM_sk_unshift(PKCS12_SAFEBAG, (st), (val)) -#define sk_PKCS12_SAFEBAG_find(st, val) SKM_sk_find(PKCS12_SAFEBAG, (st), (val)) -#define sk_PKCS12_SAFEBAG_delete(st, i) SKM_sk_delete(PKCS12_SAFEBAG, (st), (i)) -#define sk_PKCS12_SAFEBAG_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS12_SAFEBAG, (st), (ptr)) -#define sk_PKCS12_SAFEBAG_insert(st, val, i) SKM_sk_insert(PKCS12_SAFEBAG, (st), (val), (i)) -#define sk_PKCS12_SAFEBAG_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(PKCS12_SAFEBAG, (st), (cmp)) -#define sk_PKCS12_SAFEBAG_dup(st) SKM_sk_dup(PKCS12_SAFEBAG, st) -#define sk_PKCS12_SAFEBAG_pop_free(st, free_func) SKM_sk_pop_free(PKCS12_SAFEBAG, (st), (free_func)) -#define sk_PKCS12_SAFEBAG_shift(st) SKM_sk_shift(PKCS12_SAFEBAG, (st)) -#define sk_PKCS12_SAFEBAG_pop(st) SKM_sk_pop(PKCS12_SAFEBAG, (st)) -#define sk_PKCS12_SAFEBAG_sort(st) SKM_sk_sort(PKCS12_SAFEBAG, (st)) - -#define sk_PKCS7_new(st) SKM_sk_new(PKCS7, (st)) -#define sk_PKCS7_new_null() SKM_sk_new_null(PKCS7) -#define sk_PKCS7_free(st) SKM_sk_free(PKCS7, (st)) -#define sk_PKCS7_num(st) SKM_sk_num(PKCS7, (st)) -#define sk_PKCS7_value(st, i) SKM_sk_value(PKCS7, (st), (i)) -#define sk_PKCS7_set(st, i, val) SKM_sk_set(PKCS7, (st), (i), (val)) -#define sk_PKCS7_zero(st) SKM_sk_zero(PKCS7, (st)) -#define sk_PKCS7_push(st, val) SKM_sk_push(PKCS7, (st), (val)) -#define sk_PKCS7_unshift(st, val) SKM_sk_unshift(PKCS7, (st), (val)) -#define sk_PKCS7_find(st, val) SKM_sk_find(PKCS7, (st), (val)) -#define sk_PKCS7_delete(st, i) SKM_sk_delete(PKCS7, (st), (i)) -#define sk_PKCS7_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS7, (st), (ptr)) -#define sk_PKCS7_insert(st, val, i) SKM_sk_insert(PKCS7, (st), (val), (i)) -#define sk_PKCS7_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(PKCS7, (st), (cmp)) -#define sk_PKCS7_dup(st) SKM_sk_dup(PKCS7, st) -#define sk_PKCS7_pop_free(st, free_func) SKM_sk_pop_free(PKCS7, (st), (free_func)) -#define sk_PKCS7_shift(st) SKM_sk_shift(PKCS7, (st)) -#define sk_PKCS7_pop(st) SKM_sk_pop(PKCS7, (st)) -#define sk_PKCS7_sort(st) SKM_sk_sort(PKCS7, (st)) - -#define sk_PKCS7_RECIP_INFO_new(st) SKM_sk_new(PKCS7_RECIP_INFO, (st)) -#define sk_PKCS7_RECIP_INFO_new_null() SKM_sk_new_null(PKCS7_RECIP_INFO) -#define sk_PKCS7_RECIP_INFO_free(st) SKM_sk_free(PKCS7_RECIP_INFO, (st)) -#define sk_PKCS7_RECIP_INFO_num(st) SKM_sk_num(PKCS7_RECIP_INFO, (st)) -#define sk_PKCS7_RECIP_INFO_value(st, i) SKM_sk_value(PKCS7_RECIP_INFO, (st), (i)) -#define sk_PKCS7_RECIP_INFO_set(st, i, val) SKM_sk_set(PKCS7_RECIP_INFO, (st), (i), (val)) -#define sk_PKCS7_RECIP_INFO_zero(st) SKM_sk_zero(PKCS7_RECIP_INFO, (st)) -#define sk_PKCS7_RECIP_INFO_push(st, val) SKM_sk_push(PKCS7_RECIP_INFO, (st), (val)) -#define sk_PKCS7_RECIP_INFO_unshift(st, val) SKM_sk_unshift(PKCS7_RECIP_INFO, (st), (val)) -#define sk_PKCS7_RECIP_INFO_find(st, val) SKM_sk_find(PKCS7_RECIP_INFO, (st), (val)) -#define sk_PKCS7_RECIP_INFO_delete(st, i) SKM_sk_delete(PKCS7_RECIP_INFO, (st), (i)) -#define sk_PKCS7_RECIP_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS7_RECIP_INFO, (st), (ptr)) -#define sk_PKCS7_RECIP_INFO_insert(st, val, i) SKM_sk_insert(PKCS7_RECIP_INFO, (st), (val), (i)) -#define sk_PKCS7_RECIP_INFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(PKCS7_RECIP_INFO, (st), (cmp)) -#define sk_PKCS7_RECIP_INFO_dup(st) SKM_sk_dup(PKCS7_RECIP_INFO, st) -#define sk_PKCS7_RECIP_INFO_pop_free(st, free_func) SKM_sk_pop_free(PKCS7_RECIP_INFO, (st), (free_func)) -#define sk_PKCS7_RECIP_INFO_shift(st) SKM_sk_shift(PKCS7_RECIP_INFO, (st)) -#define sk_PKCS7_RECIP_INFO_pop(st) SKM_sk_pop(PKCS7_RECIP_INFO, (st)) -#define sk_PKCS7_RECIP_INFO_sort(st) SKM_sk_sort(PKCS7_RECIP_INFO, (st)) - -#define sk_PKCS7_SIGNER_INFO_new(st) SKM_sk_new(PKCS7_SIGNER_INFO, (st)) -#define sk_PKCS7_SIGNER_INFO_new_null() SKM_sk_new_null(PKCS7_SIGNER_INFO) -#define sk_PKCS7_SIGNER_INFO_free(st) SKM_sk_free(PKCS7_SIGNER_INFO, (st)) -#define sk_PKCS7_SIGNER_INFO_num(st) SKM_sk_num(PKCS7_SIGNER_INFO, (st)) -#define sk_PKCS7_SIGNER_INFO_value(st, i) SKM_sk_value(PKCS7_SIGNER_INFO, (st), (i)) -#define sk_PKCS7_SIGNER_INFO_set(st, i, val) SKM_sk_set(PKCS7_SIGNER_INFO, (st), (i), (val)) -#define sk_PKCS7_SIGNER_INFO_zero(st) SKM_sk_zero(PKCS7_SIGNER_INFO, (st)) -#define sk_PKCS7_SIGNER_INFO_push(st, val) SKM_sk_push(PKCS7_SIGNER_INFO, (st), (val)) -#define sk_PKCS7_SIGNER_INFO_unshift(st, val) SKM_sk_unshift(PKCS7_SIGNER_INFO, (st), (val)) -#define sk_PKCS7_SIGNER_INFO_find(st, val) SKM_sk_find(PKCS7_SIGNER_INFO, (st), (val)) -#define sk_PKCS7_SIGNER_INFO_delete(st, i) SKM_sk_delete(PKCS7_SIGNER_INFO, (st), (i)) -#define sk_PKCS7_SIGNER_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(PKCS7_SIGNER_INFO, (st), (ptr)) -#define sk_PKCS7_SIGNER_INFO_insert(st, val, i) SKM_sk_insert(PKCS7_SIGNER_INFO, (st), (val), (i)) -#define sk_PKCS7_SIGNER_INFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(PKCS7_SIGNER_INFO, (st), (cmp)) -#define sk_PKCS7_SIGNER_INFO_dup(st) SKM_sk_dup(PKCS7_SIGNER_INFO, st) -#define sk_PKCS7_SIGNER_INFO_pop_free(st, free_func) SKM_sk_pop_free(PKCS7_SIGNER_INFO, (st), (free_func)) -#define sk_PKCS7_SIGNER_INFO_shift(st) SKM_sk_shift(PKCS7_SIGNER_INFO, (st)) -#define sk_PKCS7_SIGNER_INFO_pop(st) SKM_sk_pop(PKCS7_SIGNER_INFO, (st)) -#define sk_PKCS7_SIGNER_INFO_sort(st) SKM_sk_sort(PKCS7_SIGNER_INFO, (st)) - -#define sk_POLICYINFO_new(st) SKM_sk_new(POLICYINFO, (st)) -#define sk_POLICYINFO_new_null() SKM_sk_new_null(POLICYINFO) -#define sk_POLICYINFO_free(st) SKM_sk_free(POLICYINFO, (st)) -#define sk_POLICYINFO_num(st) SKM_sk_num(POLICYINFO, (st)) -#define sk_POLICYINFO_value(st, i) SKM_sk_value(POLICYINFO, (st), (i)) -#define sk_POLICYINFO_set(st, i, val) SKM_sk_set(POLICYINFO, (st), (i), (val)) -#define sk_POLICYINFO_zero(st) SKM_sk_zero(POLICYINFO, (st)) -#define sk_POLICYINFO_push(st, val) SKM_sk_push(POLICYINFO, (st), (val)) -#define sk_POLICYINFO_unshift(st, val) SKM_sk_unshift(POLICYINFO, (st), (val)) -#define sk_POLICYINFO_find(st, val) SKM_sk_find(POLICYINFO, (st), (val)) -#define sk_POLICYINFO_delete(st, i) SKM_sk_delete(POLICYINFO, (st), (i)) -#define sk_POLICYINFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(POLICYINFO, (st), (ptr)) -#define sk_POLICYINFO_insert(st, val, i) SKM_sk_insert(POLICYINFO, (st), (val), (i)) -#define sk_POLICYINFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(POLICYINFO, (st), (cmp)) -#define sk_POLICYINFO_dup(st) SKM_sk_dup(POLICYINFO, st) -#define sk_POLICYINFO_pop_free(st, free_func) SKM_sk_pop_free(POLICYINFO, (st), (free_func)) -#define sk_POLICYINFO_shift(st) SKM_sk_shift(POLICYINFO, (st)) -#define sk_POLICYINFO_pop(st) SKM_sk_pop(POLICYINFO, (st)) -#define sk_POLICYINFO_sort(st) SKM_sk_sort(POLICYINFO, (st)) - -#define sk_POLICYQUALINFO_new(st) SKM_sk_new(POLICYQUALINFO, (st)) -#define sk_POLICYQUALINFO_new_null() SKM_sk_new_null(POLICYQUALINFO) -#define sk_POLICYQUALINFO_free(st) SKM_sk_free(POLICYQUALINFO, (st)) -#define sk_POLICYQUALINFO_num(st) SKM_sk_num(POLICYQUALINFO, (st)) -#define sk_POLICYQUALINFO_value(st, i) SKM_sk_value(POLICYQUALINFO, (st), (i)) -#define sk_POLICYQUALINFO_set(st, i, val) SKM_sk_set(POLICYQUALINFO, (st), (i), (val)) -#define sk_POLICYQUALINFO_zero(st) SKM_sk_zero(POLICYQUALINFO, (st)) -#define sk_POLICYQUALINFO_push(st, val) SKM_sk_push(POLICYQUALINFO, (st), (val)) -#define sk_POLICYQUALINFO_unshift(st, val) SKM_sk_unshift(POLICYQUALINFO, (st), (val)) -#define sk_POLICYQUALINFO_find(st, val) SKM_sk_find(POLICYQUALINFO, (st), (val)) -#define sk_POLICYQUALINFO_delete(st, i) SKM_sk_delete(POLICYQUALINFO, (st), (i)) -#define sk_POLICYQUALINFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(POLICYQUALINFO, (st), (ptr)) -#define sk_POLICYQUALINFO_insert(st, val, i) SKM_sk_insert(POLICYQUALINFO, (st), (val), (i)) -#define sk_POLICYQUALINFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(POLICYQUALINFO, (st), (cmp)) -#define sk_POLICYQUALINFO_dup(st) SKM_sk_dup(POLICYQUALINFO, st) -#define sk_POLICYQUALINFO_pop_free(st, free_func) SKM_sk_pop_free(POLICYQUALINFO, (st), (free_func)) -#define sk_POLICYQUALINFO_shift(st) SKM_sk_shift(POLICYQUALINFO, (st)) -#define sk_POLICYQUALINFO_pop(st) SKM_sk_pop(POLICYQUALINFO, (st)) -#define sk_POLICYQUALINFO_sort(st) SKM_sk_sort(POLICYQUALINFO, (st)) - -#define sk_SSL_CIPHER_new(st) SKM_sk_new(SSL_CIPHER, (st)) -#define sk_SSL_CIPHER_new_null() SKM_sk_new_null(SSL_CIPHER) -#define sk_SSL_CIPHER_free(st) SKM_sk_free(SSL_CIPHER, (st)) -#define sk_SSL_CIPHER_num(st) SKM_sk_num(SSL_CIPHER, (st)) -#define sk_SSL_CIPHER_value(st, i) SKM_sk_value(SSL_CIPHER, (st), (i)) -#define sk_SSL_CIPHER_set(st, i, val) SKM_sk_set(SSL_CIPHER, (st), (i), (val)) -#define sk_SSL_CIPHER_zero(st) SKM_sk_zero(SSL_CIPHER, (st)) -#define sk_SSL_CIPHER_push(st, val) SKM_sk_push(SSL_CIPHER, (st), (val)) -#define sk_SSL_CIPHER_unshift(st, val) SKM_sk_unshift(SSL_CIPHER, (st), (val)) -#define sk_SSL_CIPHER_find(st, val) SKM_sk_find(SSL_CIPHER, (st), (val)) -#define sk_SSL_CIPHER_delete(st, i) SKM_sk_delete(SSL_CIPHER, (st), (i)) -#define sk_SSL_CIPHER_delete_ptr(st, ptr) SKM_sk_delete_ptr(SSL_CIPHER, (st), (ptr)) -#define sk_SSL_CIPHER_insert(st, val, i) SKM_sk_insert(SSL_CIPHER, (st), (val), (i)) -#define sk_SSL_CIPHER_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SSL_CIPHER, (st), (cmp)) -#define sk_SSL_CIPHER_dup(st) SKM_sk_dup(SSL_CIPHER, st) -#define sk_SSL_CIPHER_pop_free(st, free_func) SKM_sk_pop_free(SSL_CIPHER, (st), (free_func)) -#define sk_SSL_CIPHER_shift(st) SKM_sk_shift(SSL_CIPHER, (st)) -#define sk_SSL_CIPHER_pop(st) SKM_sk_pop(SSL_CIPHER, (st)) -#define sk_SSL_CIPHER_sort(st) SKM_sk_sort(SSL_CIPHER, (st)) - -#define sk_SSL_COMP_new(st) SKM_sk_new(SSL_COMP, (st)) -#define sk_SSL_COMP_new_null() SKM_sk_new_null(SSL_COMP) -#define sk_SSL_COMP_free(st) SKM_sk_free(SSL_COMP, (st)) -#define sk_SSL_COMP_num(st) SKM_sk_num(SSL_COMP, (st)) -#define sk_SSL_COMP_value(st, i) SKM_sk_value(SSL_COMP, (st), (i)) -#define sk_SSL_COMP_set(st, i, val) SKM_sk_set(SSL_COMP, (st), (i), (val)) -#define sk_SSL_COMP_zero(st) SKM_sk_zero(SSL_COMP, (st)) -#define sk_SSL_COMP_push(st, val) SKM_sk_push(SSL_COMP, (st), (val)) -#define sk_SSL_COMP_unshift(st, val) SKM_sk_unshift(SSL_COMP, (st), (val)) -#define sk_SSL_COMP_find(st, val) SKM_sk_find(SSL_COMP, (st), (val)) -#define sk_SSL_COMP_delete(st, i) SKM_sk_delete(SSL_COMP, (st), (i)) -#define sk_SSL_COMP_delete_ptr(st, ptr) SKM_sk_delete_ptr(SSL_COMP, (st), (ptr)) -#define sk_SSL_COMP_insert(st, val, i) SKM_sk_insert(SSL_COMP, (st), (val), (i)) -#define sk_SSL_COMP_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SSL_COMP, (st), (cmp)) -#define sk_SSL_COMP_dup(st) SKM_sk_dup(SSL_COMP, st) -#define sk_SSL_COMP_pop_free(st, free_func) SKM_sk_pop_free(SSL_COMP, (st), (free_func)) -#define sk_SSL_COMP_shift(st) SKM_sk_shift(SSL_COMP, (st)) -#define sk_SSL_COMP_pop(st) SKM_sk_pop(SSL_COMP, (st)) -#define sk_SSL_COMP_sort(st) SKM_sk_sort(SSL_COMP, (st)) - -#define sk_SXNETID_new(st) SKM_sk_new(SXNETID, (st)) -#define sk_SXNETID_new_null() SKM_sk_new_null(SXNETID) -#define sk_SXNETID_free(st) SKM_sk_free(SXNETID, (st)) -#define sk_SXNETID_num(st) SKM_sk_num(SXNETID, (st)) -#define sk_SXNETID_value(st, i) SKM_sk_value(SXNETID, (st), (i)) -#define sk_SXNETID_set(st, i, val) SKM_sk_set(SXNETID, (st), (i), (val)) -#define sk_SXNETID_zero(st) SKM_sk_zero(SXNETID, (st)) -#define sk_SXNETID_push(st, val) SKM_sk_push(SXNETID, (st), (val)) -#define sk_SXNETID_unshift(st, val) SKM_sk_unshift(SXNETID, (st), (val)) -#define sk_SXNETID_find(st, val) SKM_sk_find(SXNETID, (st), (val)) -#define sk_SXNETID_delete(st, i) SKM_sk_delete(SXNETID, (st), (i)) -#define sk_SXNETID_delete_ptr(st, ptr) SKM_sk_delete_ptr(SXNETID, (st), (ptr)) -#define sk_SXNETID_insert(st, val, i) SKM_sk_insert(SXNETID, (st), (val), (i)) -#define sk_SXNETID_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(SXNETID, (st), (cmp)) -#define sk_SXNETID_dup(st) SKM_sk_dup(SXNETID, st) -#define sk_SXNETID_pop_free(st, free_func) SKM_sk_pop_free(SXNETID, (st), (free_func)) -#define sk_SXNETID_shift(st) SKM_sk_shift(SXNETID, (st)) -#define sk_SXNETID_pop(st) SKM_sk_pop(SXNETID, (st)) -#define sk_SXNETID_sort(st) SKM_sk_sort(SXNETID, (st)) - -#define sk_X509_new(st) SKM_sk_new(X509, (st)) -#define sk_X509_new_null() SKM_sk_new_null(X509) -#define sk_X509_free(st) SKM_sk_free(X509, (st)) -#define sk_X509_num(st) SKM_sk_num(X509, (st)) -#define sk_X509_value(st, i) SKM_sk_value(X509, (st), (i)) -#define sk_X509_set(st, i, val) SKM_sk_set(X509, (st), (i), (val)) -#define sk_X509_zero(st) SKM_sk_zero(X509, (st)) -#define sk_X509_push(st, val) SKM_sk_push(X509, (st), (val)) -#define sk_X509_unshift(st, val) SKM_sk_unshift(X509, (st), (val)) -#define sk_X509_find(st, val) SKM_sk_find(X509, (st), (val)) -#define sk_X509_delete(st, i) SKM_sk_delete(X509, (st), (i)) -#define sk_X509_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509, (st), (ptr)) -#define sk_X509_insert(st, val, i) SKM_sk_insert(X509, (st), (val), (i)) -#define sk_X509_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509, (st), (cmp)) -#define sk_X509_dup(st) SKM_sk_dup(X509, st) -#define sk_X509_pop_free(st, free_func) SKM_sk_pop_free(X509, (st), (free_func)) -#define sk_X509_shift(st) SKM_sk_shift(X509, (st)) -#define sk_X509_pop(st) SKM_sk_pop(X509, (st)) -#define sk_X509_sort(st) SKM_sk_sort(X509, (st)) - -#define sk_X509V3_EXT_METHOD_new(st) SKM_sk_new(X509V3_EXT_METHOD, (st)) -#define sk_X509V3_EXT_METHOD_new_null() SKM_sk_new_null(X509V3_EXT_METHOD) -#define sk_X509V3_EXT_METHOD_free(st) SKM_sk_free(X509V3_EXT_METHOD, (st)) -#define sk_X509V3_EXT_METHOD_num(st) SKM_sk_num(X509V3_EXT_METHOD, (st)) -#define sk_X509V3_EXT_METHOD_value(st, i) SKM_sk_value(X509V3_EXT_METHOD, (st), (i)) -#define sk_X509V3_EXT_METHOD_set(st, i, val) SKM_sk_set(X509V3_EXT_METHOD, (st), (i), (val)) -#define sk_X509V3_EXT_METHOD_zero(st) SKM_sk_zero(X509V3_EXT_METHOD, (st)) -#define sk_X509V3_EXT_METHOD_push(st, val) SKM_sk_push(X509V3_EXT_METHOD, (st), (val)) -#define sk_X509V3_EXT_METHOD_unshift(st, val) SKM_sk_unshift(X509V3_EXT_METHOD, (st), (val)) -#define sk_X509V3_EXT_METHOD_find(st, val) SKM_sk_find(X509V3_EXT_METHOD, (st), (val)) -#define sk_X509V3_EXT_METHOD_delete(st, i) SKM_sk_delete(X509V3_EXT_METHOD, (st), (i)) -#define sk_X509V3_EXT_METHOD_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509V3_EXT_METHOD, (st), (ptr)) -#define sk_X509V3_EXT_METHOD_insert(st, val, i) SKM_sk_insert(X509V3_EXT_METHOD, (st), (val), (i)) -#define sk_X509V3_EXT_METHOD_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509V3_EXT_METHOD, (st), (cmp)) -#define sk_X509V3_EXT_METHOD_dup(st) SKM_sk_dup(X509V3_EXT_METHOD, st) -#define sk_X509V3_EXT_METHOD_pop_free(st, free_func) SKM_sk_pop_free(X509V3_EXT_METHOD, (st), (free_func)) -#define sk_X509V3_EXT_METHOD_shift(st) SKM_sk_shift(X509V3_EXT_METHOD, (st)) -#define sk_X509V3_EXT_METHOD_pop(st) SKM_sk_pop(X509V3_EXT_METHOD, (st)) -#define sk_X509V3_EXT_METHOD_sort(st) SKM_sk_sort(X509V3_EXT_METHOD, (st)) - -#define sk_X509_ALGOR_new(st) SKM_sk_new(X509_ALGOR, (st)) -#define sk_X509_ALGOR_new_null() SKM_sk_new_null(X509_ALGOR) -#define sk_X509_ALGOR_free(st) SKM_sk_free(X509_ALGOR, (st)) -#define sk_X509_ALGOR_num(st) SKM_sk_num(X509_ALGOR, (st)) -#define sk_X509_ALGOR_value(st, i) SKM_sk_value(X509_ALGOR, (st), (i)) -#define sk_X509_ALGOR_set(st, i, val) SKM_sk_set(X509_ALGOR, (st), (i), (val)) -#define sk_X509_ALGOR_zero(st) SKM_sk_zero(X509_ALGOR, (st)) -#define sk_X509_ALGOR_push(st, val) SKM_sk_push(X509_ALGOR, (st), (val)) -#define sk_X509_ALGOR_unshift(st, val) SKM_sk_unshift(X509_ALGOR, (st), (val)) -#define sk_X509_ALGOR_find(st, val) SKM_sk_find(X509_ALGOR, (st), (val)) -#define sk_X509_ALGOR_delete(st, i) SKM_sk_delete(X509_ALGOR, (st), (i)) -#define sk_X509_ALGOR_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_ALGOR, (st), (ptr)) -#define sk_X509_ALGOR_insert(st, val, i) SKM_sk_insert(X509_ALGOR, (st), (val), (i)) -#define sk_X509_ALGOR_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_ALGOR, (st), (cmp)) -#define sk_X509_ALGOR_dup(st) SKM_sk_dup(X509_ALGOR, st) -#define sk_X509_ALGOR_pop_free(st, free_func) SKM_sk_pop_free(X509_ALGOR, (st), (free_func)) -#define sk_X509_ALGOR_shift(st) SKM_sk_shift(X509_ALGOR, (st)) -#define sk_X509_ALGOR_pop(st) SKM_sk_pop(X509_ALGOR, (st)) -#define sk_X509_ALGOR_sort(st) SKM_sk_sort(X509_ALGOR, (st)) - -#define sk_X509_ATTRIBUTE_new(st) SKM_sk_new(X509_ATTRIBUTE, (st)) -#define sk_X509_ATTRIBUTE_new_null() SKM_sk_new_null(X509_ATTRIBUTE) -#define sk_X509_ATTRIBUTE_free(st) SKM_sk_free(X509_ATTRIBUTE, (st)) -#define sk_X509_ATTRIBUTE_num(st) SKM_sk_num(X509_ATTRIBUTE, (st)) -#define sk_X509_ATTRIBUTE_value(st, i) SKM_sk_value(X509_ATTRIBUTE, (st), (i)) -#define sk_X509_ATTRIBUTE_set(st, i, val) SKM_sk_set(X509_ATTRIBUTE, (st), (i), (val)) -#define sk_X509_ATTRIBUTE_zero(st) SKM_sk_zero(X509_ATTRIBUTE, (st)) -#define sk_X509_ATTRIBUTE_push(st, val) SKM_sk_push(X509_ATTRIBUTE, (st), (val)) -#define sk_X509_ATTRIBUTE_unshift(st, val) SKM_sk_unshift(X509_ATTRIBUTE, (st), (val)) -#define sk_X509_ATTRIBUTE_find(st, val) SKM_sk_find(X509_ATTRIBUTE, (st), (val)) -#define sk_X509_ATTRIBUTE_delete(st, i) SKM_sk_delete(X509_ATTRIBUTE, (st), (i)) -#define sk_X509_ATTRIBUTE_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_ATTRIBUTE, (st), (ptr)) -#define sk_X509_ATTRIBUTE_insert(st, val, i) SKM_sk_insert(X509_ATTRIBUTE, (st), (val), (i)) -#define sk_X509_ATTRIBUTE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_ATTRIBUTE, (st), (cmp)) -#define sk_X509_ATTRIBUTE_dup(st) SKM_sk_dup(X509_ATTRIBUTE, st) -#define sk_X509_ATTRIBUTE_pop_free(st, free_func) SKM_sk_pop_free(X509_ATTRIBUTE, (st), (free_func)) -#define sk_X509_ATTRIBUTE_shift(st) SKM_sk_shift(X509_ATTRIBUTE, (st)) -#define sk_X509_ATTRIBUTE_pop(st) SKM_sk_pop(X509_ATTRIBUTE, (st)) -#define sk_X509_ATTRIBUTE_sort(st) SKM_sk_sort(X509_ATTRIBUTE, (st)) - -#define sk_X509_CRL_new(st) SKM_sk_new(X509_CRL, (st)) -#define sk_X509_CRL_new_null() SKM_sk_new_null(X509_CRL) -#define sk_X509_CRL_free(st) SKM_sk_free(X509_CRL, (st)) -#define sk_X509_CRL_num(st) SKM_sk_num(X509_CRL, (st)) -#define sk_X509_CRL_value(st, i) SKM_sk_value(X509_CRL, (st), (i)) -#define sk_X509_CRL_set(st, i, val) SKM_sk_set(X509_CRL, (st), (i), (val)) -#define sk_X509_CRL_zero(st) SKM_sk_zero(X509_CRL, (st)) -#define sk_X509_CRL_push(st, val) SKM_sk_push(X509_CRL, (st), (val)) -#define sk_X509_CRL_unshift(st, val) SKM_sk_unshift(X509_CRL, (st), (val)) -#define sk_X509_CRL_find(st, val) SKM_sk_find(X509_CRL, (st), (val)) -#define sk_X509_CRL_delete(st, i) SKM_sk_delete(X509_CRL, (st), (i)) -#define sk_X509_CRL_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_CRL, (st), (ptr)) -#define sk_X509_CRL_insert(st, val, i) SKM_sk_insert(X509_CRL, (st), (val), (i)) -#define sk_X509_CRL_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_CRL, (st), (cmp)) -#define sk_X509_CRL_dup(st) SKM_sk_dup(X509_CRL, st) -#define sk_X509_CRL_pop_free(st, free_func) SKM_sk_pop_free(X509_CRL, (st), (free_func)) -#define sk_X509_CRL_shift(st) SKM_sk_shift(X509_CRL, (st)) -#define sk_X509_CRL_pop(st) SKM_sk_pop(X509_CRL, (st)) -#define sk_X509_CRL_sort(st) SKM_sk_sort(X509_CRL, (st)) - -#define sk_X509_EXTENSION_new(st) SKM_sk_new(X509_EXTENSION, (st)) -#define sk_X509_EXTENSION_new_null() SKM_sk_new_null(X509_EXTENSION) -#define sk_X509_EXTENSION_free(st) SKM_sk_free(X509_EXTENSION, (st)) -#define sk_X509_EXTENSION_num(st) SKM_sk_num(X509_EXTENSION, (st)) -#define sk_X509_EXTENSION_value(st, i) SKM_sk_value(X509_EXTENSION, (st), (i)) -#define sk_X509_EXTENSION_set(st, i, val) SKM_sk_set(X509_EXTENSION, (st), (i), (val)) -#define sk_X509_EXTENSION_zero(st) SKM_sk_zero(X509_EXTENSION, (st)) -#define sk_X509_EXTENSION_push(st, val) SKM_sk_push(X509_EXTENSION, (st), (val)) -#define sk_X509_EXTENSION_unshift(st, val) SKM_sk_unshift(X509_EXTENSION, (st), (val)) -#define sk_X509_EXTENSION_find(st, val) SKM_sk_find(X509_EXTENSION, (st), (val)) -#define sk_X509_EXTENSION_delete(st, i) SKM_sk_delete(X509_EXTENSION, (st), (i)) -#define sk_X509_EXTENSION_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_EXTENSION, (st), (ptr)) -#define sk_X509_EXTENSION_insert(st, val, i) SKM_sk_insert(X509_EXTENSION, (st), (val), (i)) -#define sk_X509_EXTENSION_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_EXTENSION, (st), (cmp)) -#define sk_X509_EXTENSION_dup(st) SKM_sk_dup(X509_EXTENSION, st) -#define sk_X509_EXTENSION_pop_free(st, free_func) SKM_sk_pop_free(X509_EXTENSION, (st), (free_func)) -#define sk_X509_EXTENSION_shift(st) SKM_sk_shift(X509_EXTENSION, (st)) -#define sk_X509_EXTENSION_pop(st) SKM_sk_pop(X509_EXTENSION, (st)) -#define sk_X509_EXTENSION_sort(st) SKM_sk_sort(X509_EXTENSION, (st)) - -#define sk_X509_INFO_new(st) SKM_sk_new(X509_INFO, (st)) -#define sk_X509_INFO_new_null() SKM_sk_new_null(X509_INFO) -#define sk_X509_INFO_free(st) SKM_sk_free(X509_INFO, (st)) -#define sk_X509_INFO_num(st) SKM_sk_num(X509_INFO, (st)) -#define sk_X509_INFO_value(st, i) SKM_sk_value(X509_INFO, (st), (i)) -#define sk_X509_INFO_set(st, i, val) SKM_sk_set(X509_INFO, (st), (i), (val)) -#define sk_X509_INFO_zero(st) SKM_sk_zero(X509_INFO, (st)) -#define sk_X509_INFO_push(st, val) SKM_sk_push(X509_INFO, (st), (val)) -#define sk_X509_INFO_unshift(st, val) SKM_sk_unshift(X509_INFO, (st), (val)) -#define sk_X509_INFO_find(st, val) SKM_sk_find(X509_INFO, (st), (val)) -#define sk_X509_INFO_delete(st, i) SKM_sk_delete(X509_INFO, (st), (i)) -#define sk_X509_INFO_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_INFO, (st), (ptr)) -#define sk_X509_INFO_insert(st, val, i) SKM_sk_insert(X509_INFO, (st), (val), (i)) -#define sk_X509_INFO_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_INFO, (st), (cmp)) -#define sk_X509_INFO_dup(st) SKM_sk_dup(X509_INFO, st) -#define sk_X509_INFO_pop_free(st, free_func) SKM_sk_pop_free(X509_INFO, (st), (free_func)) -#define sk_X509_INFO_shift(st) SKM_sk_shift(X509_INFO, (st)) -#define sk_X509_INFO_pop(st) SKM_sk_pop(X509_INFO, (st)) -#define sk_X509_INFO_sort(st) SKM_sk_sort(X509_INFO, (st)) - -#define sk_X509_LOOKUP_new(st) SKM_sk_new(X509_LOOKUP, (st)) -#define sk_X509_LOOKUP_new_null() SKM_sk_new_null(X509_LOOKUP) -#define sk_X509_LOOKUP_free(st) SKM_sk_free(X509_LOOKUP, (st)) -#define sk_X509_LOOKUP_num(st) SKM_sk_num(X509_LOOKUP, (st)) -#define sk_X509_LOOKUP_value(st, i) SKM_sk_value(X509_LOOKUP, (st), (i)) -#define sk_X509_LOOKUP_set(st, i, val) SKM_sk_set(X509_LOOKUP, (st), (i), (val)) -#define sk_X509_LOOKUP_zero(st) SKM_sk_zero(X509_LOOKUP, (st)) -#define sk_X509_LOOKUP_push(st, val) SKM_sk_push(X509_LOOKUP, (st), (val)) -#define sk_X509_LOOKUP_unshift(st, val) SKM_sk_unshift(X509_LOOKUP, (st), (val)) -#define sk_X509_LOOKUP_find(st, val) SKM_sk_find(X509_LOOKUP, (st), (val)) -#define sk_X509_LOOKUP_delete(st, i) SKM_sk_delete(X509_LOOKUP, (st), (i)) -#define sk_X509_LOOKUP_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_LOOKUP, (st), (ptr)) -#define sk_X509_LOOKUP_insert(st, val, i) SKM_sk_insert(X509_LOOKUP, (st), (val), (i)) -#define sk_X509_LOOKUP_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_LOOKUP, (st), (cmp)) -#define sk_X509_LOOKUP_dup(st) SKM_sk_dup(X509_LOOKUP, st) -#define sk_X509_LOOKUP_pop_free(st, free_func) SKM_sk_pop_free(X509_LOOKUP, (st), (free_func)) -#define sk_X509_LOOKUP_shift(st) SKM_sk_shift(X509_LOOKUP, (st)) -#define sk_X509_LOOKUP_pop(st) SKM_sk_pop(X509_LOOKUP, (st)) -#define sk_X509_LOOKUP_sort(st) SKM_sk_sort(X509_LOOKUP, (st)) - -#define sk_X509_NAME_new(st) SKM_sk_new(X509_NAME, (st)) -#define sk_X509_NAME_new_null() SKM_sk_new_null(X509_NAME) -#define sk_X509_NAME_free(st) SKM_sk_free(X509_NAME, (st)) -#define sk_X509_NAME_num(st) SKM_sk_num(X509_NAME, (st)) -#define sk_X509_NAME_value(st, i) SKM_sk_value(X509_NAME, (st), (i)) -#define sk_X509_NAME_set(st, i, val) SKM_sk_set(X509_NAME, (st), (i), (val)) -#define sk_X509_NAME_zero(st) SKM_sk_zero(X509_NAME, (st)) -#define sk_X509_NAME_push(st, val) SKM_sk_push(X509_NAME, (st), (val)) -#define sk_X509_NAME_unshift(st, val) SKM_sk_unshift(X509_NAME, (st), (val)) -#define sk_X509_NAME_find(st, val) SKM_sk_find(X509_NAME, (st), (val)) -#define sk_X509_NAME_delete(st, i) SKM_sk_delete(X509_NAME, (st), (i)) -#define sk_X509_NAME_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_NAME, (st), (ptr)) -#define sk_X509_NAME_insert(st, val, i) SKM_sk_insert(X509_NAME, (st), (val), (i)) -#define sk_X509_NAME_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_NAME, (st), (cmp)) -#define sk_X509_NAME_dup(st) SKM_sk_dup(X509_NAME, st) -#define sk_X509_NAME_pop_free(st, free_func) SKM_sk_pop_free(X509_NAME, (st), (free_func)) -#define sk_X509_NAME_shift(st) SKM_sk_shift(X509_NAME, (st)) -#define sk_X509_NAME_pop(st) SKM_sk_pop(X509_NAME, (st)) -#define sk_X509_NAME_sort(st) SKM_sk_sort(X509_NAME, (st)) - -#define sk_X509_NAME_ENTRY_new(st) SKM_sk_new(X509_NAME_ENTRY, (st)) -#define sk_X509_NAME_ENTRY_new_null() SKM_sk_new_null(X509_NAME_ENTRY) -#define sk_X509_NAME_ENTRY_free(st) SKM_sk_free(X509_NAME_ENTRY, (st)) -#define sk_X509_NAME_ENTRY_num(st) SKM_sk_num(X509_NAME_ENTRY, (st)) -#define sk_X509_NAME_ENTRY_value(st, i) SKM_sk_value(X509_NAME_ENTRY, (st), (i)) -#define sk_X509_NAME_ENTRY_set(st, i, val) SKM_sk_set(X509_NAME_ENTRY, (st), (i), (val)) -#define sk_X509_NAME_ENTRY_zero(st) SKM_sk_zero(X509_NAME_ENTRY, (st)) -#define sk_X509_NAME_ENTRY_push(st, val) SKM_sk_push(X509_NAME_ENTRY, (st), (val)) -#define sk_X509_NAME_ENTRY_unshift(st, val) SKM_sk_unshift(X509_NAME_ENTRY, (st), (val)) -#define sk_X509_NAME_ENTRY_find(st, val) SKM_sk_find(X509_NAME_ENTRY, (st), (val)) -#define sk_X509_NAME_ENTRY_delete(st, i) SKM_sk_delete(X509_NAME_ENTRY, (st), (i)) -#define sk_X509_NAME_ENTRY_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_NAME_ENTRY, (st), (ptr)) -#define sk_X509_NAME_ENTRY_insert(st, val, i) SKM_sk_insert(X509_NAME_ENTRY, (st), (val), (i)) -#define sk_X509_NAME_ENTRY_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_NAME_ENTRY, (st), (cmp)) -#define sk_X509_NAME_ENTRY_dup(st) SKM_sk_dup(X509_NAME_ENTRY, st) -#define sk_X509_NAME_ENTRY_pop_free(st, free_func) SKM_sk_pop_free(X509_NAME_ENTRY, (st), (free_func)) -#define sk_X509_NAME_ENTRY_shift(st) SKM_sk_shift(X509_NAME_ENTRY, (st)) -#define sk_X509_NAME_ENTRY_pop(st) SKM_sk_pop(X509_NAME_ENTRY, (st)) -#define sk_X509_NAME_ENTRY_sort(st) SKM_sk_sort(X509_NAME_ENTRY, (st)) - -#define sk_X509_OBJECT_new(st) SKM_sk_new(X509_OBJECT, (st)) -#define sk_X509_OBJECT_new_null() SKM_sk_new_null(X509_OBJECT) -#define sk_X509_OBJECT_free(st) SKM_sk_free(X509_OBJECT, (st)) -#define sk_X509_OBJECT_num(st) SKM_sk_num(X509_OBJECT, (st)) -#define sk_X509_OBJECT_value(st, i) SKM_sk_value(X509_OBJECT, (st), (i)) -#define sk_X509_OBJECT_set(st, i, val) SKM_sk_set(X509_OBJECT, (st), (i), (val)) -#define sk_X509_OBJECT_zero(st) SKM_sk_zero(X509_OBJECT, (st)) -#define sk_X509_OBJECT_push(st, val) SKM_sk_push(X509_OBJECT, (st), (val)) -#define sk_X509_OBJECT_unshift(st, val) SKM_sk_unshift(X509_OBJECT, (st), (val)) -#define sk_X509_OBJECT_find(st, val) SKM_sk_find(X509_OBJECT, (st), (val)) -#define sk_X509_OBJECT_delete(st, i) SKM_sk_delete(X509_OBJECT, (st), (i)) -#define sk_X509_OBJECT_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_OBJECT, (st), (ptr)) -#define sk_X509_OBJECT_insert(st, val, i) SKM_sk_insert(X509_OBJECT, (st), (val), (i)) -#define sk_X509_OBJECT_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_OBJECT, (st), (cmp)) -#define sk_X509_OBJECT_dup(st) SKM_sk_dup(X509_OBJECT, st) -#define sk_X509_OBJECT_pop_free(st, free_func) SKM_sk_pop_free(X509_OBJECT, (st), (free_func)) -#define sk_X509_OBJECT_shift(st) SKM_sk_shift(X509_OBJECT, (st)) -#define sk_X509_OBJECT_pop(st) SKM_sk_pop(X509_OBJECT, (st)) -#define sk_X509_OBJECT_sort(st) SKM_sk_sort(X509_OBJECT, (st)) - -#define sk_X509_PURPOSE_new(st) SKM_sk_new(X509_PURPOSE, (st)) -#define sk_X509_PURPOSE_new_null() SKM_sk_new_null(X509_PURPOSE) -#define sk_X509_PURPOSE_free(st) SKM_sk_free(X509_PURPOSE, (st)) -#define sk_X509_PURPOSE_num(st) SKM_sk_num(X509_PURPOSE, (st)) -#define sk_X509_PURPOSE_value(st, i) SKM_sk_value(X509_PURPOSE, (st), (i)) -#define sk_X509_PURPOSE_set(st, i, val) SKM_sk_set(X509_PURPOSE, (st), (i), (val)) -#define sk_X509_PURPOSE_zero(st) SKM_sk_zero(X509_PURPOSE, (st)) -#define sk_X509_PURPOSE_push(st, val) SKM_sk_push(X509_PURPOSE, (st), (val)) -#define sk_X509_PURPOSE_unshift(st, val) SKM_sk_unshift(X509_PURPOSE, (st), (val)) -#define sk_X509_PURPOSE_find(st, val) SKM_sk_find(X509_PURPOSE, (st), (val)) -#define sk_X509_PURPOSE_delete(st, i) SKM_sk_delete(X509_PURPOSE, (st), (i)) -#define sk_X509_PURPOSE_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_PURPOSE, (st), (ptr)) -#define sk_X509_PURPOSE_insert(st, val, i) SKM_sk_insert(X509_PURPOSE, (st), (val), (i)) -#define sk_X509_PURPOSE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_PURPOSE, (st), (cmp)) -#define sk_X509_PURPOSE_dup(st) SKM_sk_dup(X509_PURPOSE, st) -#define sk_X509_PURPOSE_pop_free(st, free_func) SKM_sk_pop_free(X509_PURPOSE, (st), (free_func)) -#define sk_X509_PURPOSE_shift(st) SKM_sk_shift(X509_PURPOSE, (st)) -#define sk_X509_PURPOSE_pop(st) SKM_sk_pop(X509_PURPOSE, (st)) -#define sk_X509_PURPOSE_sort(st) SKM_sk_sort(X509_PURPOSE, (st)) - -#define sk_X509_REVOKED_new(st) SKM_sk_new(X509_REVOKED, (st)) -#define sk_X509_REVOKED_new_null() SKM_sk_new_null(X509_REVOKED) -#define sk_X509_REVOKED_free(st) SKM_sk_free(X509_REVOKED, (st)) -#define sk_X509_REVOKED_num(st) SKM_sk_num(X509_REVOKED, (st)) -#define sk_X509_REVOKED_value(st, i) SKM_sk_value(X509_REVOKED, (st), (i)) -#define sk_X509_REVOKED_set(st, i, val) SKM_sk_set(X509_REVOKED, (st), (i), (val)) -#define sk_X509_REVOKED_zero(st) SKM_sk_zero(X509_REVOKED, (st)) -#define sk_X509_REVOKED_push(st, val) SKM_sk_push(X509_REVOKED, (st), (val)) -#define sk_X509_REVOKED_unshift(st, val) SKM_sk_unshift(X509_REVOKED, (st), (val)) -#define sk_X509_REVOKED_find(st, val) SKM_sk_find(X509_REVOKED, (st), (val)) -#define sk_X509_REVOKED_delete(st, i) SKM_sk_delete(X509_REVOKED, (st), (i)) -#define sk_X509_REVOKED_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_REVOKED, (st), (ptr)) -#define sk_X509_REVOKED_insert(st, val, i) SKM_sk_insert(X509_REVOKED, (st), (val), (i)) -#define sk_X509_REVOKED_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_REVOKED, (st), (cmp)) -#define sk_X509_REVOKED_dup(st) SKM_sk_dup(X509_REVOKED, st) -#define sk_X509_REVOKED_pop_free(st, free_func) SKM_sk_pop_free(X509_REVOKED, (st), (free_func)) -#define sk_X509_REVOKED_shift(st) SKM_sk_shift(X509_REVOKED, (st)) -#define sk_X509_REVOKED_pop(st) SKM_sk_pop(X509_REVOKED, (st)) -#define sk_X509_REVOKED_sort(st) SKM_sk_sort(X509_REVOKED, (st)) - -#define sk_X509_TRUST_new(st) SKM_sk_new(X509_TRUST, (st)) -#define sk_X509_TRUST_new_null() SKM_sk_new_null(X509_TRUST) -#define sk_X509_TRUST_free(st) SKM_sk_free(X509_TRUST, (st)) -#define sk_X509_TRUST_num(st) SKM_sk_num(X509_TRUST, (st)) -#define sk_X509_TRUST_value(st, i) SKM_sk_value(X509_TRUST, (st), (i)) -#define sk_X509_TRUST_set(st, i, val) SKM_sk_set(X509_TRUST, (st), (i), (val)) -#define sk_X509_TRUST_zero(st) SKM_sk_zero(X509_TRUST, (st)) -#define sk_X509_TRUST_push(st, val) SKM_sk_push(X509_TRUST, (st), (val)) -#define sk_X509_TRUST_unshift(st, val) SKM_sk_unshift(X509_TRUST, (st), (val)) -#define sk_X509_TRUST_find(st, val) SKM_sk_find(X509_TRUST, (st), (val)) -#define sk_X509_TRUST_delete(st, i) SKM_sk_delete(X509_TRUST, (st), (i)) -#define sk_X509_TRUST_delete_ptr(st, ptr) SKM_sk_delete_ptr(X509_TRUST, (st), (ptr)) -#define sk_X509_TRUST_insert(st, val, i) SKM_sk_insert(X509_TRUST, (st), (val), (i)) -#define sk_X509_TRUST_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(X509_TRUST, (st), (cmp)) -#define sk_X509_TRUST_dup(st) SKM_sk_dup(X509_TRUST, st) -#define sk_X509_TRUST_pop_free(st, free_func) SKM_sk_pop_free(X509_TRUST, (st), (free_func)) -#define sk_X509_TRUST_shift(st) SKM_sk_shift(X509_TRUST, (st)) -#define sk_X509_TRUST_pop(st) SKM_sk_pop(X509_TRUST, (st)) -#define sk_X509_TRUST_sort(st) SKM_sk_sort(X509_TRUST, (st)) - -#define d2i_ASN1_SET_OF_ACCESS_DESCRIPTION(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \ - SKM_ASN1_SET_OF_d2i(ACCESS_DESCRIPTION, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) -#define i2d_ASN1_SET_OF_ACCESS_DESCRIPTION(st, pp, i2d_func, ex_tag, ex_class, is_set) \ - SKM_ASN1_SET_OF_i2d(ACCESS_DESCRIPTION, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set)) -#define ASN1_seq_pack_ACCESS_DESCRIPTION(st, i2d_func, buf, len) \ - SKM_ASN1_seq_pack(ACCESS_DESCRIPTION, (st), (i2d_func), (buf), (len)) -#define ASN1_seq_unpack_ACCESS_DESCRIPTION(buf, len, d2i_func, free_func) \ - SKM_ASN1_seq_unpack(ACCESS_DESCRIPTION, (buf), (len), (d2i_func), (free_func)) - -#define d2i_ASN1_SET_OF_ASN1_INTEGER(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \ - SKM_ASN1_SET_OF_d2i(ASN1_INTEGER, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) -#define i2d_ASN1_SET_OF_ASN1_INTEGER(st, pp, i2d_func, ex_tag, ex_class, is_set) \ - SKM_ASN1_SET_OF_i2d(ASN1_INTEGER, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set)) -#define ASN1_seq_pack_ASN1_INTEGER(st, i2d_func, buf, len) \ - SKM_ASN1_seq_pack(ASN1_INTEGER, (st), (i2d_func), (buf), (len)) -#define ASN1_seq_unpack_ASN1_INTEGER(buf, len, d2i_func, free_func) \ - SKM_ASN1_seq_unpack(ASN1_INTEGER, (buf), (len), (d2i_func), (free_func)) - -#define d2i_ASN1_SET_OF_ASN1_OBJECT(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \ - SKM_ASN1_SET_OF_d2i(ASN1_OBJECT, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) -#define i2d_ASN1_SET_OF_ASN1_OBJECT(st, pp, i2d_func, ex_tag, ex_class, is_set) \ - SKM_ASN1_SET_OF_i2d(ASN1_OBJECT, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set)) -#define ASN1_seq_pack_ASN1_OBJECT(st, i2d_func, buf, len) \ - SKM_ASN1_seq_pack(ASN1_OBJECT, (st), (i2d_func), (buf), (len)) -#define ASN1_seq_unpack_ASN1_OBJECT(buf, len, d2i_func, free_func) \ - SKM_ASN1_seq_unpack(ASN1_OBJECT, (buf), (len), (d2i_func), (free_func)) - -#define d2i_ASN1_SET_OF_ASN1_TYPE(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \ - SKM_ASN1_SET_OF_d2i(ASN1_TYPE, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) -#define i2d_ASN1_SET_OF_ASN1_TYPE(st, pp, i2d_func, ex_tag, ex_class, is_set) \ - SKM_ASN1_SET_OF_i2d(ASN1_TYPE, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set)) -#define ASN1_seq_pack_ASN1_TYPE(st, i2d_func, buf, len) \ - SKM_ASN1_seq_pack(ASN1_TYPE, (st), (i2d_func), (buf), (len)) -#define ASN1_seq_unpack_ASN1_TYPE(buf, len, d2i_func, free_func) \ - SKM_ASN1_seq_unpack(ASN1_TYPE, (buf), (len), (d2i_func), (free_func)) - -#define d2i_ASN1_SET_OF_DIST_POINT(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \ - SKM_ASN1_SET_OF_d2i(DIST_POINT, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) -#define i2d_ASN1_SET_OF_DIST_POINT(st, pp, i2d_func, ex_tag, ex_class, is_set) \ - SKM_ASN1_SET_OF_i2d(DIST_POINT, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set)) -#define ASN1_seq_pack_DIST_POINT(st, i2d_func, buf, len) \ - SKM_ASN1_seq_pack(DIST_POINT, (st), (i2d_func), (buf), (len)) -#define ASN1_seq_unpack_DIST_POINT(buf, len, d2i_func, free_func) \ - SKM_ASN1_seq_unpack(DIST_POINT, (buf), (len), (d2i_func), (free_func)) - -#define d2i_ASN1_SET_OF_GENERAL_NAME(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \ - SKM_ASN1_SET_OF_d2i(GENERAL_NAME, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) -#define i2d_ASN1_SET_OF_GENERAL_NAME(st, pp, i2d_func, ex_tag, ex_class, is_set) \ - SKM_ASN1_SET_OF_i2d(GENERAL_NAME, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set)) -#define ASN1_seq_pack_GENERAL_NAME(st, i2d_func, buf, len) \ - SKM_ASN1_seq_pack(GENERAL_NAME, (st), (i2d_func), (buf), (len)) -#define ASN1_seq_unpack_GENERAL_NAME(buf, len, d2i_func, free_func) \ - SKM_ASN1_seq_unpack(GENERAL_NAME, (buf), (len), (d2i_func), (free_func)) - -#define d2i_ASN1_SET_OF_PKCS12_SAFEBAG(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \ - SKM_ASN1_SET_OF_d2i(PKCS12_SAFEBAG, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) -#define i2d_ASN1_SET_OF_PKCS12_SAFEBAG(st, pp, i2d_func, ex_tag, ex_class, is_set) \ - SKM_ASN1_SET_OF_i2d(PKCS12_SAFEBAG, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set)) -#define ASN1_seq_pack_PKCS12_SAFEBAG(st, i2d_func, buf, len) \ - SKM_ASN1_seq_pack(PKCS12_SAFEBAG, (st), (i2d_func), (buf), (len)) -#define ASN1_seq_unpack_PKCS12_SAFEBAG(buf, len, d2i_func, free_func) \ - SKM_ASN1_seq_unpack(PKCS12_SAFEBAG, (buf), (len), (d2i_func), (free_func)) - -#define d2i_ASN1_SET_OF_PKCS7(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \ - SKM_ASN1_SET_OF_d2i(PKCS7, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) -#define i2d_ASN1_SET_OF_PKCS7(st, pp, i2d_func, ex_tag, ex_class, is_set) \ - SKM_ASN1_SET_OF_i2d(PKCS7, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set)) -#define ASN1_seq_pack_PKCS7(st, i2d_func, buf, len) \ - SKM_ASN1_seq_pack(PKCS7, (st), (i2d_func), (buf), (len)) -#define ASN1_seq_unpack_PKCS7(buf, len, d2i_func, free_func) \ - SKM_ASN1_seq_unpack(PKCS7, (buf), (len), (d2i_func), (free_func)) - -#define d2i_ASN1_SET_OF_PKCS7_RECIP_INFO(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \ - SKM_ASN1_SET_OF_d2i(PKCS7_RECIP_INFO, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) -#define i2d_ASN1_SET_OF_PKCS7_RECIP_INFO(st, pp, i2d_func, ex_tag, ex_class, is_set) \ - SKM_ASN1_SET_OF_i2d(PKCS7_RECIP_INFO, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set)) -#define ASN1_seq_pack_PKCS7_RECIP_INFO(st, i2d_func, buf, len) \ - SKM_ASN1_seq_pack(PKCS7_RECIP_INFO, (st), (i2d_func), (buf), (len)) -#define ASN1_seq_unpack_PKCS7_RECIP_INFO(buf, len, d2i_func, free_func) \ - SKM_ASN1_seq_unpack(PKCS7_RECIP_INFO, (buf), (len), (d2i_func), (free_func)) - -#define d2i_ASN1_SET_OF_PKCS7_SIGNER_INFO(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \ - SKM_ASN1_SET_OF_d2i(PKCS7_SIGNER_INFO, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) -#define i2d_ASN1_SET_OF_PKCS7_SIGNER_INFO(st, pp, i2d_func, ex_tag, ex_class, is_set) \ - SKM_ASN1_SET_OF_i2d(PKCS7_SIGNER_INFO, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set)) -#define ASN1_seq_pack_PKCS7_SIGNER_INFO(st, i2d_func, buf, len) \ - SKM_ASN1_seq_pack(PKCS7_SIGNER_INFO, (st), (i2d_func), (buf), (len)) -#define ASN1_seq_unpack_PKCS7_SIGNER_INFO(buf, len, d2i_func, free_func) \ - SKM_ASN1_seq_unpack(PKCS7_SIGNER_INFO, (buf), (len), (d2i_func), (free_func)) - -#define d2i_ASN1_SET_OF_POLICYINFO(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \ - SKM_ASN1_SET_OF_d2i(POLICYINFO, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) -#define i2d_ASN1_SET_OF_POLICYINFO(st, pp, i2d_func, ex_tag, ex_class, is_set) \ - SKM_ASN1_SET_OF_i2d(POLICYINFO, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set)) -#define ASN1_seq_pack_POLICYINFO(st, i2d_func, buf, len) \ - SKM_ASN1_seq_pack(POLICYINFO, (st), (i2d_func), (buf), (len)) -#define ASN1_seq_unpack_POLICYINFO(buf, len, d2i_func, free_func) \ - SKM_ASN1_seq_unpack(POLICYINFO, (buf), (len), (d2i_func), (free_func)) - -#define d2i_ASN1_SET_OF_POLICYQUALINFO(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \ - SKM_ASN1_SET_OF_d2i(POLICYQUALINFO, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) -#define i2d_ASN1_SET_OF_POLICYQUALINFO(st, pp, i2d_func, ex_tag, ex_class, is_set) \ - SKM_ASN1_SET_OF_i2d(POLICYQUALINFO, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set)) -#define ASN1_seq_pack_POLICYQUALINFO(st, i2d_func, buf, len) \ - SKM_ASN1_seq_pack(POLICYQUALINFO, (st), (i2d_func), (buf), (len)) -#define ASN1_seq_unpack_POLICYQUALINFO(buf, len, d2i_func, free_func) \ - SKM_ASN1_seq_unpack(POLICYQUALINFO, (buf), (len), (d2i_func), (free_func)) - -#define d2i_ASN1_SET_OF_SXNETID(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \ - SKM_ASN1_SET_OF_d2i(SXNETID, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) -#define i2d_ASN1_SET_OF_SXNETID(st, pp, i2d_func, ex_tag, ex_class, is_set) \ - SKM_ASN1_SET_OF_i2d(SXNETID, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set)) -#define ASN1_seq_pack_SXNETID(st, i2d_func, buf, len) \ - SKM_ASN1_seq_pack(SXNETID, (st), (i2d_func), (buf), (len)) -#define ASN1_seq_unpack_SXNETID(buf, len, d2i_func, free_func) \ - SKM_ASN1_seq_unpack(SXNETID, (buf), (len), (d2i_func), (free_func)) - -#define d2i_ASN1_SET_OF_X509(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \ - SKM_ASN1_SET_OF_d2i(X509, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) -#define i2d_ASN1_SET_OF_X509(st, pp, i2d_func, ex_tag, ex_class, is_set) \ - SKM_ASN1_SET_OF_i2d(X509, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set)) -#define ASN1_seq_pack_X509(st, i2d_func, buf, len) \ - SKM_ASN1_seq_pack(X509, (st), (i2d_func), (buf), (len)) -#define ASN1_seq_unpack_X509(buf, len, d2i_func, free_func) \ - SKM_ASN1_seq_unpack(X509, (buf), (len), (d2i_func), (free_func)) - -#define d2i_ASN1_SET_OF_X509_ALGOR(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \ - SKM_ASN1_SET_OF_d2i(X509_ALGOR, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) -#define i2d_ASN1_SET_OF_X509_ALGOR(st, pp, i2d_func, ex_tag, ex_class, is_set) \ - SKM_ASN1_SET_OF_i2d(X509_ALGOR, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set)) -#define ASN1_seq_pack_X509_ALGOR(st, i2d_func, buf, len) \ - SKM_ASN1_seq_pack(X509_ALGOR, (st), (i2d_func), (buf), (len)) -#define ASN1_seq_unpack_X509_ALGOR(buf, len, d2i_func, free_func) \ - SKM_ASN1_seq_unpack(X509_ALGOR, (buf), (len), (d2i_func), (free_func)) - -#define d2i_ASN1_SET_OF_X509_ATTRIBUTE(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \ - SKM_ASN1_SET_OF_d2i(X509_ATTRIBUTE, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) -#define i2d_ASN1_SET_OF_X509_ATTRIBUTE(st, pp, i2d_func, ex_tag, ex_class, is_set) \ - SKM_ASN1_SET_OF_i2d(X509_ATTRIBUTE, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set)) -#define ASN1_seq_pack_X509_ATTRIBUTE(st, i2d_func, buf, len) \ - SKM_ASN1_seq_pack(X509_ATTRIBUTE, (st), (i2d_func), (buf), (len)) -#define ASN1_seq_unpack_X509_ATTRIBUTE(buf, len, d2i_func, free_func) \ - SKM_ASN1_seq_unpack(X509_ATTRIBUTE, (buf), (len), (d2i_func), (free_func)) - -#define d2i_ASN1_SET_OF_X509_CRL(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \ - SKM_ASN1_SET_OF_d2i(X509_CRL, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) -#define i2d_ASN1_SET_OF_X509_CRL(st, pp, i2d_func, ex_tag, ex_class, is_set) \ - SKM_ASN1_SET_OF_i2d(X509_CRL, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set)) -#define ASN1_seq_pack_X509_CRL(st, i2d_func, buf, len) \ - SKM_ASN1_seq_pack(X509_CRL, (st), (i2d_func), (buf), (len)) -#define ASN1_seq_unpack_X509_CRL(buf, len, d2i_func, free_func) \ - SKM_ASN1_seq_unpack(X509_CRL, (buf), (len), (d2i_func), (free_func)) - -#define d2i_ASN1_SET_OF_X509_EXTENSION(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \ - SKM_ASN1_SET_OF_d2i(X509_EXTENSION, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) -#define i2d_ASN1_SET_OF_X509_EXTENSION(st, pp, i2d_func, ex_tag, ex_class, is_set) \ - SKM_ASN1_SET_OF_i2d(X509_EXTENSION, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set)) -#define ASN1_seq_pack_X509_EXTENSION(st, i2d_func, buf, len) \ - SKM_ASN1_seq_pack(X509_EXTENSION, (st), (i2d_func), (buf), (len)) -#define ASN1_seq_unpack_X509_EXTENSION(buf, len, d2i_func, free_func) \ - SKM_ASN1_seq_unpack(X509_EXTENSION, (buf), (len), (d2i_func), (free_func)) - -#define d2i_ASN1_SET_OF_X509_NAME_ENTRY(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \ - SKM_ASN1_SET_OF_d2i(X509_NAME_ENTRY, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) -#define i2d_ASN1_SET_OF_X509_NAME_ENTRY(st, pp, i2d_func, ex_tag, ex_class, is_set) \ - SKM_ASN1_SET_OF_i2d(X509_NAME_ENTRY, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set)) -#define ASN1_seq_pack_X509_NAME_ENTRY(st, i2d_func, buf, len) \ - SKM_ASN1_seq_pack(X509_NAME_ENTRY, (st), (i2d_func), (buf), (len)) -#define ASN1_seq_unpack_X509_NAME_ENTRY(buf, len, d2i_func, free_func) \ - SKM_ASN1_seq_unpack(X509_NAME_ENTRY, (buf), (len), (d2i_func), (free_func)) - -#define d2i_ASN1_SET_OF_X509_REVOKED(st, pp, length, d2i_func, free_func, ex_tag, ex_class) \ - SKM_ASN1_SET_OF_d2i(X509_REVOKED, (st), (pp), (length), (d2i_func), (free_func), (ex_tag), (ex_class)) -#define i2d_ASN1_SET_OF_X509_REVOKED(st, pp, i2d_func, ex_tag, ex_class, is_set) \ - SKM_ASN1_SET_OF_i2d(X509_REVOKED, (st), (pp), (i2d_func), (ex_tag), (ex_class), (is_set)) -#define ASN1_seq_pack_X509_REVOKED(st, i2d_func, buf, len) \ - SKM_ASN1_seq_pack(X509_REVOKED, (st), (i2d_func), (buf), (len)) -#define ASN1_seq_unpack_X509_REVOKED(buf, len, d2i_func, free_func) \ - SKM_ASN1_seq_unpack(X509_REVOKED, (buf), (len), (d2i_func), (free_func)) - -#define PKCS12_decrypt_d2i_PKCS12_SAFEBAG(algor, d2i_func, free_func, pass, passlen, oct, seq) \ - SKM_PKCS12_decrypt_d2i(PKCS12_SAFEBAG, (algor), (d2i_func), (free_func), (pass), (passlen), (oct), (seq)) - -#define PKCS12_decrypt_d2i_PKCS7(algor, d2i_func, free_func, pass, passlen, oct, seq) \ - SKM_PKCS12_decrypt_d2i(PKCS7, (algor), (d2i_func), (free_func), (pass), (passlen), (oct), (seq)) -/* End of util/mkstack.pl block, you may now edit :-) */ - -#endif /* !defined HEADER_SAFESTACK_H */ diff --git a/src/lib/libcrypto/stack/stack.c b/src/lib/libcrypto/stack/stack.c deleted file mode 100644 index 02857f0446..0000000000 --- a/src/lib/libcrypto/stack/stack.c +++ /dev/null @@ -1,332 +0,0 @@ -/* crypto/stack/stack.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -/* Code for stacks - * Author - Eric Young v 1.0 - * 1.2 eay 12-Mar-97 - Modified sk_find so that it _DOES_ return the - * lowest index for the searched item. - * - * 1.1 eay - Take from netdb and added to SSLeay - * - * 1.0 eay - First version 29/07/92 - */ -#include -#include "cryptlib.h" -#include - -#undef MIN_NODES -#define MIN_NODES 4 - -const char *STACK_version="Stack" OPENSSL_VERSION_PTEXT; - -#include - -int (*sk_set_cmp_func(STACK *sk, int (*c)(const char * const *,const char * const *))) - (const char * const *, const char * const *) - { - int (*old)(const char * const *,const char * const *)=sk->comp; - - if (sk->comp != c) - sk->sorted=0; - sk->comp=c; - - return old; - } - -STACK *sk_dup(STACK *sk) - { - STACK *ret; - char **s; - - if ((ret=sk_new(sk->comp)) == NULL) goto err; - s=(char **)OPENSSL_realloc((char *)ret->data, - (unsigned int)sizeof(char *)*sk->num_alloc); - if (s == NULL) goto err; - ret->data=s; - - ret->num=sk->num; - memcpy(ret->data,sk->data,sizeof(char *)*sk->num); - ret->sorted=sk->sorted; - ret->num_alloc=sk->num_alloc; - ret->comp=sk->comp; - return(ret); -err: - return(NULL); - } - -STACK *sk_new_null(void) - { - return sk_new((int (*)(const char * const *, const char * const *))0); - } - -STACK *sk_new(int (*c)(const char * const *, const char * const *)) - { - STACK *ret; - int i; - - if ((ret=(STACK *)OPENSSL_malloc(sizeof(STACK))) == NULL) - goto err0; - if ((ret->data=(char **)OPENSSL_malloc(sizeof(char *)*MIN_NODES)) == NULL) - goto err1; - for (i=0; idata[i]=NULL; - ret->comp=c; - ret->num_alloc=MIN_NODES; - ret->num=0; - ret->sorted=0; - return(ret); -err1: - OPENSSL_free(ret); -err0: - return(NULL); - } - -int sk_insert(STACK *st, char *data, int loc) - { - char **s; - - if(st == NULL) return 0; - if (st->num_alloc <= st->num+1) - { - s=(char **)OPENSSL_realloc((char *)st->data, - (unsigned int)sizeof(char *)*st->num_alloc*2); - if (s == NULL) - return(0); - st->data=s; - st->num_alloc*=2; - } - if ((loc >= (int)st->num) || (loc < 0)) - st->data[st->num]=data; - else - { - int i; - char **f,**t; - - f=(char **)st->data; - t=(char **)&(st->data[1]); - for (i=st->num; i>=loc; i--) - t[i]=f[i]; - -#ifdef undef /* no memmove on sunos :-( */ - memmove( (char *)&(st->data[loc+1]), - (char *)&(st->data[loc]), - sizeof(char *)*(st->num-loc)); -#endif - st->data[loc]=data; - } - st->num++; - st->sorted=0; - return(st->num); - } - -char *sk_delete_ptr(STACK *st, char *p) - { - int i; - - for (i=0; inum; i++) - if (st->data[i] == p) - return(sk_delete(st,i)); - return(NULL); - } - -char *sk_delete(STACK *st, int loc) - { - char *ret; - int i,j; - - if ((st == NULL) || (st->num == 0) || (loc < 0) - || (loc >= st->num)) return(NULL); - - ret=st->data[loc]; - if (loc != st->num-1) - { - j=st->num-1; - for (i=loc; idata[i]=st->data[i+1]; - /* In theory memcpy is not safe for this - * memcpy( &(st->data[loc]), - * &(st->data[loc+1]), - * sizeof(char *)*(st->num-loc-1)); - */ - } - st->num--; - return(ret); - } - -int sk_find(STACK *st, char *data) - { - char **r; - int i; - int (*comp_func)(const void *,const void *); - if(st == NULL) return -1; - - if (st->comp == NULL) - { - for (i=0; inum; i++) - if (st->data[i] == data) - return(i); - return(-1); - } - sk_sort(st); - if (data == NULL) return(-1); - /* This (and the "qsort" below) are the two places in OpenSSL - * where we need to convert from our standard (type **,type **) - * compare callback type to the (void *,void *) type required by - * bsearch. However, the "data" it is being called(back) with are - * not (type *) pointers, but the *pointers* to (type *) pointers, - * so we get our extra level of pointer dereferencing that way. */ - comp_func=(int (*)(const void *,const void *))(st->comp); - r=(char **)bsearch(&data,(char *)st->data, - st->num,sizeof(char *), comp_func); - if (r == NULL) return(-1); - i=(int)(r-st->data); - for ( ; i>0; i--) - /* This needs a cast because the type being pointed to from - * the "&" expressions are (char *) rather than (const char *). - * For an explanation, read: - * http://www.eskimo.com/~scs/C-faq/q11.10.html :-) */ - if ((*st->comp)((const char * const *)&(st->data[i-1]), - (const char * const *)&data) < 0) - break; - return(i); - } - -int sk_push(STACK *st, char *data) - { - return(sk_insert(st,data,st->num)); - } - -int sk_unshift(STACK *st, char *data) - { - return(sk_insert(st,data,0)); - } - -char *sk_shift(STACK *st) - { - if (st == NULL) return(NULL); - if (st->num <= 0) return(NULL); - return(sk_delete(st,0)); - } - -char *sk_pop(STACK *st) - { - if (st == NULL) return(NULL); - if (st->num <= 0) return(NULL); - return(sk_delete(st,st->num-1)); - } - -void sk_zero(STACK *st) - { - if (st == NULL) return; - if (st->num <= 0) return; - memset((char *)st->data,0,sizeof(st->data)*st->num); - st->num=0; - } - -void sk_pop_free(STACK *st, void (*func)(void *)) - { - int i; - - if (st == NULL) return; - for (i=0; inum; i++) - if (st->data[i] != NULL) - func(st->data[i]); - sk_free(st); - } - -void sk_free(STACK *st) - { - if (st == NULL) return; - if (st->data != NULL) OPENSSL_free(st->data); - OPENSSL_free(st); - } - -int sk_num(const STACK *st) -{ - if(st == NULL) return -1; - return st->num; -} - -char *sk_value(const STACK *st, int i) -{ - if(st == NULL) return NULL; - return st->data[i]; -} - -char *sk_set(STACK *st, int i, char *value) -{ - if(st == NULL) return NULL; - return (st->data[i] = value); -} - -void sk_sort(STACK *st) - { - if (!st->sorted) - { - int (*comp_func)(const void *,const void *); - - /* same comment as in sk_find ... previously st->comp was declared - * as a (void*,void*) callback type, but this made the population - * of the callback pointer illogical - our callbacks compare - * type** with type**, so we leave the casting until absolutely - * necessary (ie. "now"). */ - comp_func=(int (*)(const void *,const void *))(st->comp); - qsort(st->data,st->num,sizeof(char *), comp_func); - st->sorted=1; - } - } diff --git a/src/lib/libcrypto/stack/stack.h b/src/lib/libcrypto/stack/stack.h deleted file mode 100644 index 8b436ca4b9..0000000000 --- a/src/lib/libcrypto/stack/stack.h +++ /dev/null @@ -1,107 +0,0 @@ -/* crypto/stack/stack.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_STACK_H -#define HEADER_STACK_H - -#ifdef __cplusplus -extern "C" { -#endif - -typedef struct stack_st - { - int num; - char **data; - int sorted; - - int num_alloc; - int (*comp)(const char * const *, const char * const *); - } STACK; - -#define M_sk_num(sk) ((sk) ? (sk)->num:-1) -#define M_sk_value(sk,n) ((sk) ? (sk)->data[n] : NULL) - -int sk_num(const STACK *); -char *sk_value(const STACK *, int); - -char *sk_set(STACK *, int, char *); - -STACK *sk_new(int (*cmp)(const char * const *, const char * const *)); -STACK *sk_new_null(void); -void sk_free(STACK *); -void sk_pop_free(STACK *st, void (*func)(void *)); -int sk_insert(STACK *sk,char *data,int where); -char *sk_delete(STACK *st,int loc); -char *sk_delete_ptr(STACK *st, char *p); -int sk_find(STACK *st,char *data); -int sk_push(STACK *st,char *data); -int sk_unshift(STACK *st,char *data); -char *sk_shift(STACK *st); -char *sk_pop(STACK *st); -void sk_zero(STACK *st); -int (*sk_set_cmp_func(STACK *sk, int (*c)(const char * const *, - const char * const *))) - (const char * const *, const char * const *); -STACK *sk_dup(STACK *st); -void sk_sort(STACK *st); - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/src/lib/libcrypto/txt_db/txt_db.c b/src/lib/libcrypto/txt_db/txt_db.c deleted file mode 100644 index 3b04fe280c..0000000000 --- a/src/lib/libcrypto/txt_db/txt_db.c +++ /dev/null @@ -1,383 +0,0 @@ -/* crypto/txt_db/txt_db.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include "cryptlib.h" -#include -#include - -#undef BUFSIZE -#define BUFSIZE 512 - -const char *TXT_DB_version="TXT_DB" OPENSSL_VERSION_PTEXT; - -TXT_DB *TXT_DB_read(BIO *in, int num) - { - TXT_DB *ret=NULL; - int er=1; - int esc=0; - long ln=0; - int i,add,n; - int size=BUFSIZE; - int offset=0; - char *p,**pp,*f; - BUF_MEM *buf=NULL; - - if ((buf=BUF_MEM_new()) == NULL) goto err; - if (!BUF_MEM_grow(buf,size)) goto err; - - if ((ret=(TXT_DB *)OPENSSL_malloc(sizeof(TXT_DB))) == NULL) - goto err; - ret->num_fields=num; - ret->index=NULL; - ret->qual=NULL; - if ((ret->data=sk_new_null()) == NULL) - goto err; - if ((ret->index=(LHASH **)OPENSSL_malloc(sizeof(LHASH *)*num)) == NULL) - goto err; - if ((ret->qual=(int (**)())OPENSSL_malloc(sizeof(int (**)())*num)) == NULL) - goto err; - for (i=0; iindex[i]=NULL; - ret->qual[i]=NULL; - } - - add=(num+1)*sizeof(char *); - buf->data[size-1]='\0'; - offset=0; - for (;;) - { - if (offset != 0) - { - size+=BUFSIZE; - if (!BUF_MEM_grow(buf,size)) goto err; - } - buf->data[offset]='\0'; - BIO_gets(in,&(buf->data[offset]),size-offset); - ln++; - if (buf->data[offset] == '\0') break; - if ((offset == 0) && (buf->data[0] == '#')) continue; - i=strlen(&(buf->data[offset])); - offset+=i; - if (buf->data[offset-1] != '\n') - continue; - else - { - buf->data[offset-1]='\0'; /* blat the '\n' */ - p=(char *)OPENSSL_malloc(add+offset); - offset=0; - } - pp=(char **)p; - p+=add; - n=0; - pp[n++]=p; - i=0; - f=buf->data; - - esc=0; - for (;;) - { - if (*f == '\0') break; - if (*f == '\t') - { - if (esc) - p--; - else - { - *(p++)='\0'; - f++; - if (n >= num) break; - pp[n++]=p; - continue; - } - } - esc=(*f == '\\'); - *(p++)= *(f++); - } - *(p++)='\0'; - if ((n != num) || (*f != '\0')) - { -#if !defined(NO_STDIO) && !defined(WIN16) /* temporaty fix :-( */ - fprintf(stderr,"wrong number of fields on line %ld (looking for field %d, got %d, '%s' left)\n",ln,num,n,f); -#endif - er=2; - goto err; - } - pp[n]=p; - if (!sk_push(ret->data,(char *)pp)) - { -#if !defined(NO_STDIO) && !defined(WIN16) /* temporaty fix :-( */ - fprintf(stderr,"failure in sk_push\n"); -#endif - er=2; - goto err; - } - } - er=0; -err: - BUF_MEM_free(buf); - if (er) - { -#if !defined(NO_STDIO) && !defined(WIN16) - if (er == 1) fprintf(stderr,"OPENSSL_malloc failure\n"); -#endif - if (ret->data != NULL) sk_free(ret->data); - if (ret->index != NULL) OPENSSL_free(ret->index); - if (ret->qual != NULL) OPENSSL_free(ret->qual); - if (ret != NULL) OPENSSL_free(ret); - return(NULL); - } - else - return(ret); - } - -char **TXT_DB_get_by_index(TXT_DB *db, int idx, char **value) - { - char **ret; - LHASH *lh; - - if (idx >= db->num_fields) - { - db->error=DB_ERROR_INDEX_OUT_OF_RANGE; - return(NULL); - } - lh=db->index[idx]; - if (lh == NULL) - { - db->error=DB_ERROR_NO_INDEX; - return(NULL); - } - ret=(char **)lh_retrieve(lh,value); - db->error=DB_ERROR_OK; - return(ret); - } - -int TXT_DB_create_index(TXT_DB *db, int field, int (*qual)(), - unsigned long (*hash)(), int (*cmp)()) - { - LHASH *idx; - char *r; - int i,n; - - if (field >= db->num_fields) - { - db->error=DB_ERROR_INDEX_OUT_OF_RANGE; - return(0); - } - if ((idx=lh_new(hash,cmp)) == NULL) - { - db->error=DB_ERROR_MALLOC; - return(0); - } - n=sk_num(db->data); - for (i=0; idata,i); - if ((qual != NULL) && (qual(r) == 0)) continue; - if ((r=lh_insert(idx,r)) != NULL) - { - db->error=DB_ERROR_INDEX_CLASH; - db->arg1=sk_find(db->data,r); - db->arg2=i; - lh_free(idx); - return(0); - } - } - if (db->index[field] != NULL) lh_free(db->index[field]); - db->index[field]=idx; - db->qual[field]=qual; - return(1); - } - -long TXT_DB_write(BIO *out, TXT_DB *db) - { - long i,j,n,nn,l,tot=0; - char *p,**pp,*f; - BUF_MEM *buf=NULL; - long ret= -1; - - if ((buf=BUF_MEM_new()) == NULL) - goto err; - n=sk_num(db->data); - nn=db->num_fields; - for (i=0; idata,i); - - l=0; - for (j=0; jdata; - for (j=0; jdata; - if (BIO_write(out,buf->data,(int)j) != j) - goto err; - tot+=j; - } - ret=tot; -err: - if (buf != NULL) BUF_MEM_free(buf); - return(ret); - } - -int TXT_DB_insert(TXT_DB *db, char **row) - { - int i; - char **r; - - for (i=0; inum_fields; i++) - { - if (db->index[i] != NULL) - { - if ((db->qual[i] != NULL) && - (db->qual[i](row) == 0)) continue; - r=(char **)lh_retrieve(db->index[i],row); - if (r != NULL) - { - db->error=DB_ERROR_INDEX_CLASH; - db->arg1=i; - db->arg_row=r; - goto err; - } - } - } - /* We have passed the index checks, now just append and insert */ - if (!sk_push(db->data,(char *)row)) - { - db->error=DB_ERROR_MALLOC; - goto err; - } - - for (i=0; inum_fields; i++) - { - if (db->index[i] != NULL) - { - if ((db->qual[i] != NULL) && - (db->qual[i](row) == 0)) continue; - lh_insert(db->index[i],row); - } - } - return(1); -err: - return(0); - } - -void TXT_DB_free(TXT_DB *db) - { - int i,n; - char **p,*max; - - if(db == NULL) - return; - - if (db->index != NULL) - { - for (i=db->num_fields-1; i>=0; i--) - if (db->index[i] != NULL) lh_free(db->index[i]); - OPENSSL_free(db->index); - } - if (db->qual != NULL) - OPENSSL_free(db->qual); - if (db->data != NULL) - { - for (i=sk_num(db->data)-1; i>=0; i--) - { - /* check if any 'fields' have been allocated - * from outside of the initial block */ - p=(char **)sk_value(db->data,i); - max=p[db->num_fields]; /* last address */ - if (max == NULL) /* new row */ - { - for (n=0; nnum_fields; n++) - if (p[n] != NULL) OPENSSL_free(p[n]); - } - else - { - for (n=0; nnum_fields; n++) - { - if (((p[n] < (char *)p) || (p[n] > max)) - && (p[n] != NULL)) - OPENSSL_free(p[n]); - } - } - OPENSSL_free(sk_value(db->data,i)); - } - sk_free(db->data); - } - OPENSSL_free(db); - } diff --git a/src/lib/libcrypto/txt_db/txt_db.h b/src/lib/libcrypto/txt_db/txt_db.h deleted file mode 100644 index 342533d40d..0000000000 --- a/src/lib/libcrypto/txt_db/txt_db.h +++ /dev/null @@ -1,108 +0,0 @@ -/* crypto/txt_db/txt_db.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_TXT_DB_H -#define HEADER_TXT_DB_H - -#ifndef NO_BIO -#include -#endif -#include -#include - -#define DB_ERROR_OK 0 -#define DB_ERROR_MALLOC 1 -#define DB_ERROR_INDEX_CLASH 2 -#define DB_ERROR_INDEX_OUT_OF_RANGE 3 -#define DB_ERROR_NO_INDEX 4 -#define DB_ERROR_INSERT_INDEX_CLASH 5 - -#ifdef __cplusplus -extern "C" { -#endif - -typedef struct txt_db_st - { - int num_fields; - STACK /* char ** */ *data; - LHASH **index; - int (**qual)(); - long error; - long arg1; - long arg2; - char **arg_row; - } TXT_DB; - -#ifndef NO_BIO -TXT_DB *TXT_DB_read(BIO *in, int num); -long TXT_DB_write(BIO *out, TXT_DB *db); -#else -TXT_DB *TXT_DB_read(char *in, int num); -long TXT_DB_write(char *out, TXT_DB *db); -#endif -int TXT_DB_create_index(TXT_DB *db,int field,int (*qual)(), - unsigned long (*hash)(),int (*cmp)()); -void TXT_DB_free(TXT_DB *db); -char **TXT_DB_get_by_index(TXT_DB *db, int idx, char **value); -int TXT_DB_insert(TXT_DB *db,char **value); - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/src/lib/libcrypto/util/mkerr.pl b/src/lib/libcrypto/util/mkerr.pl deleted file mode 100644 index 7d98b5234d..0000000000 --- a/src/lib/libcrypto/util/mkerr.pl +++ /dev/null @@ -1,529 +0,0 @@ -#!/usr/local/bin/perl -w - -my $config = "crypto/err/openssl.ec"; -my $debug = 0; -my $rebuild = 0; -my $static = 1; -my $recurse = 0; -my $reindex = 0; -my $dowrite = 0; - - -while (@ARGV) { - my $arg = $ARGV[0]; - if($arg eq "-conf") { - shift @ARGV; - $config = shift @ARGV; - } elsif($arg eq "-debug") { - $debug = 1; - shift @ARGV; - } elsif($arg eq "-rebuild") { - $rebuild = 1; - shift @ARGV; - } elsif($arg eq "-recurse") { - $recurse = 1; - shift @ARGV; - } elsif($arg eq "-reindex") { - $reindex = 1; - shift @ARGV; - } elsif($arg eq "-nostatic") { - $static = 0; - shift @ARGV; - } elsif($arg eq "-write") { - $dowrite = 1; - shift @ARGV; - } else { - last; - } -} - -if($recurse) { - @source = (, , , ); -} else { - @source = @ARGV; -} - -# Read in the config file - -open(IN, "<$config") || die "Can't open config file $config"; - -# Parse config file - -while() -{ - if(/^L\s+(\S+)\s+(\S+)\s+(\S+)/) { - $hinc{$1} = $2; - $cskip{$3} = $1; - if($3 ne "NONE") { - $csrc{$1} = $3; - $fmax{$1} = 99; - $rmax{$1} = 99; - $fnew{$1} = 0; - $rnew{$1} = 0; - } - } elsif (/^F\s+(\S+)/) { - # Add extra function with $1 - } elsif (/^R\s+(\S+)\s+(\S+)/) { - $rextra{$1} = $2; - $rcodes{$1} = $2; - } -} - -close IN; - -# Scan each header file in turn and make a list of error codes -# and function names - -while (($lib, $hdr) = each %hinc) -{ - next if($hdr eq "NONE"); - print STDERR "Scanning header file $hdr\n" if $debug; - open(IN, "<$hdr") || die "Can't open Header file $hdr\n"; - my $line = "", $def= "", $linenr = 0; - while() { - $linenr++; - print STDERR "line: $linenr\r" if $debug; - - last if(/BEGIN\s+ERROR\s+CODES/); - if ($line ne '') { - $_ = $line . $_; - $line = ''; - } - - if (/\\$/) { - $line = $_; - next; - } - - $cpp = 1 if /^#.*ifdef.*cplusplus/; # skip "C" declaration - if ($cpp) { - $cpp = 0 if /^#.*endif/; - next; - } - - next if (/^#/); # skip preprocessor directives - - s/\/\*.*?\*\///gs; # ignore comments - s/{[^{}]*}//gs; # ignore {} blocks - - if (/{|\/\*/) { # Add a } so editor works... - $line = $_; - } else { - $def .= $_; - } - } - - print STDERR " \r" if $debug; - $defnr = 0; - foreach (split /;/, $def) { - $defnr++; - print STDERR "def: $defnr\r" if $debug; - - s/^[\n\s]*//g; - s/[\n\s]*$//g; - next if(/typedef\W/); - if (/\(\*(\w*)\([^\)]+/) { - my $name = $1; - $name =~ tr/[a-z]/[A-Z]/; - $ftrans{$name} = $1; - } elsif (/\w+\W+(\w+)\W*\(\s*\)$/s){ - # K&R C - next ; - } elsif (/\w+\W+\w+\W*\(.*\)$/s) { - while (not /\(\)$/s) { - s/[^\(\)]*\)$/\)/s; - s/\([^\(\)]*\)\)$/\)/s; - } - s/\(void\)//; - /(\w+)\W*\(\)/s; - my $name = $1; - $name =~ tr/[a-z]/[A-Z]/; - $ftrans{$name} = $1; - } elsif (/\(/ and not (/=/ or /DECLARE_STACK/)) { - print STDERR "Header $hdr: cannot parse: $_;\n"; - } - } - - print STDERR " \r" if $debug; - - next if $reindex; - - # Scan function and reason codes and store them: keep a note of the - # maximum code used. - - while() { - if(/^#define\s+(\S+)\s+(\S+)/) { - $name = $1; - $code = $2; - unless($name =~ /^${lib}_([RF])_(\w+)$/) { - print STDERR "Invalid error code $name\n"; - next; - } - if($1 eq "R") { - $rcodes{$name} = $code; - if(!(exists $rextra{$name}) && - ($code > $rmax{$lib}) ) { - $rmax{$lib} = $code; - } - } else { - if($code > $fmax{$lib}) { - $fmax{$lib} = $code; - } - $fcodes{$name} = $code; - } - } - } - close IN; -} - -# Scan each C source file and look for function and reason codes -# This is done by looking for strings that "look like" function or -# reason codes: basically anything consisting of all upper case and -# numerics which has _F_ or _R_ in it and which has the name of an -# error library at the start. This seems to work fine except for the -# oddly named structure BIO_F_CTX which needs to be ignored. -# If a code doesn't exist in list compiled from headers then mark it -# with the value "X" as a place holder to give it a value later. -# Store all function and reason codes found in %ufcodes and %urcodes -# so all those unreferenced can be printed out. - - -foreach $file (@source) { - # Don't parse the error source file. - next if exists $cskip{$file}; - open(IN, "<$file") || die "Can't open source file $file\n"; - while() { - if(/(([A-Z0-9]+)_F_([A-Z0-9_]+))/) { - next unless exists $csrc{$2}; - next if($1 eq "BIO_F_BUFFER_CTX"); - $ufcodes{$1} = 1; - if(!exists $fcodes{$1}) { - $fcodes{$1} = "X"; - $fnew{$2}++; - } - $notrans{$1} = 1 unless exists $ftrans{$3}; - } - if(/(([A-Z0-9]+)_R_[A-Z0-9_]+)/) { - next unless exists $csrc{$2}; - $urcodes{$1} = 1; - if(!exists $rcodes{$1}) { - $rcodes{$1} = "X"; - $rnew{$2}++; - } - } - } - close IN; -} - -# Now process each library in turn. - -foreach $lib (keys %csrc) -{ - my $hfile = $hinc{$lib}; - my $cfile = $csrc{$lib}; - if(!$fnew{$lib} && !$rnew{$lib}) { - print STDERR "$lib:\t\tNo new error codes\n"; - next unless $rebuild; - } else { - print STDERR "$lib:\t\t$fnew{$lib} New Functions,"; - print STDERR " $rnew{$lib} New Reasons.\n"; - next unless $dowrite; - } - - # If we get here then we have some new error codes so we - # need to rebuild the header file and C file. - - # Make a sorted list of error and reason codes for later use. - - my @function = sort grep(/^${lib}_/,keys %fcodes); - my @reasons = sort grep(/^${lib}_/,keys %rcodes); - - # Rewrite the header file - - open(IN, "<$hfile") || die "Can't Open Header File $hfile\n"; - - # Copy across the old file - while() { - push @out, $_; - last if (/BEGIN ERROR CODES/); - } - close IN; - - open (OUT, ">$hfile") || die "Can't Open File $hfile for writing\n"; - - print OUT @out; - undef @out; - print OUT <<"EOF"; -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ - -/* Error codes for the $lib functions. */ - -/* Function codes. */ -EOF - - foreach $i (@function) { - $z=6-int(length($i)/8); - if($fcodes{$i} eq "X") { - $fcodes{$i} = ++$fmax{$lib}; - print STDERR "New Function code $i\n" if $debug; - } - printf OUT "#define $i%s $fcodes{$i}\n","\t" x $z; - } - - print OUT "\n/* Reason codes. */\n"; - - foreach $i (@reasons) { - $z=6-int(length($i)/8); - if($rcodes{$i} eq "X") { - $rcodes{$i} = ++$rmax{$lib}; - print STDERR "New Reason code $i\n" if $debug; - } - printf OUT "#define $i%s $rcodes{$i}\n","\t" x $z; - } - print OUT <<"EOF"; - -#ifdef __cplusplus -} -#endif -#endif - -EOF - close OUT; - - # Rewrite the C source file containing the error details. - - # First, read any existing reason string definitions: - my %err_reason_strings; - if (open(IN,"<$cfile")) { - while () { - if (/\b(${lib}_R_\w*)\b.*\"(.*)\"/) { - $err_reason_strings{$1} = $2; - } - } - close(IN); - } - - my $hincf; - if($static) { - $hfile =~ /([^\/]+)$/; - $hincf = ""; - } else { - $hincf = "\"$hfile\""; - } - - - open (OUT,">$cfile") || die "Can't open $cfile for writing"; - - print OUT <<"EOF"; -/* $cfile */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core\@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay\@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh\@cryptsoft.com). - * - */ - -/* NOTE: this file was auto generated by the mkerr.pl script: any changes - * made to it will be overwritten when the script next updates this file, - * only reason strings will be preserved. - */ - -#include -#include -#include $hincf - -/* BEGIN ERROR CODES */ -#ifndef NO_ERR -static ERR_STRING_DATA ${lib}_str_functs[]= - { -EOF - # Add each function code: if a function name is found then use it. - foreach $i (@function) { - my $fn; - $i =~ /^${lib}_F_(\S+)$/; - $fn = $1; - if(exists $ftrans{$fn}) { - $fn = $ftrans{$fn}; - } - print OUT "{ERR_PACK(0,$i,0),\t\"$fn\"},\n"; - } - print OUT <<"EOF"; -{0,NULL} - }; - -static ERR_STRING_DATA ${lib}_str_reasons[]= - { -EOF - # Add each reason code. - foreach $i (@reasons) { - my $rn; - my $nspc = 0; - if (exists $err_reason_strings{$i}) { - $rn = $err_reason_strings{$i}; - } else { - $i =~ /^${lib}_R_(\S+)$/; - $rn = $1; - $rn =~ tr/_[A-Z]/ [a-z]/; - } - $nspc = 40 - length($i) unless length($i) > 40; - $nspc = " " x $nspc; - print OUT "{${i}${nspc},\"$rn\"},\n"; - } -if($static) { - print OUT <<"EOF"; -{0,NULL} - }; - -#endif - -void ERR_load_${lib}_strings(void) - { - static int init=1; - - if (init) - { - init=0; -#ifndef NO_ERR - ERR_load_strings(ERR_LIB_${lib},${lib}_str_functs); - ERR_load_strings(ERR_LIB_${lib},${lib}_str_reasons); -#endif - - } - } -EOF -} else { - print OUT <<"EOF"; -{0,NULL} - }; - -#endif - -#ifdef ${lib}_LIB_NAME -static ERR_STRING_DATA ${lib}_lib_name[]= - { -{0 ,${lib}_LIB_NAME}, -{0,NULL} - }; -#endif - - -int ${lib}_lib_error_code=0; - -void ERR_load_${lib}_strings(void) - { - static int init=1; - - if (${lib}_lib_error_code == 0) - ${lib}_lib_error_code=ERR_get_next_error_library(); - - if (init) - { - init=0; -#ifndef NO_ERR - ERR_load_strings(${lib}_lib_error_code,${lib}_str_functs); - ERR_load_strings(${lib}_lib_error_code,${lib}_str_reasons); -#endif - -#ifdef ${lib}_LIB_NAME - ${lib}_lib_name->error = ERR_PACK(${lib}_lib_error_code,0,0); - ERR_load_strings(0,${lib}_lib_name); -#endif - } - } - -void ERR_${lib}_error(int function, int reason, char *file, int line) - { - if (${lib}_lib_error_code == 0) - ${lib}_lib_error_code=ERR_get_next_error_library(); - ERR_PUT_error(${lib}_lib_error_code,function,reason,file,line); - } -EOF - -} - - close OUT; - undef %err_reason_strings; -} - -if($debug && defined(%notrans)) { - print STDERR "The following function codes were not translated:\n"; - foreach(sort keys %notrans) - { - print STDERR "$_\n"; - } -} - -# Make a list of unreferenced function and reason codes - -foreach (keys %fcodes) { - push (@funref, $_) unless exists $ufcodes{$_}; -} - -foreach (keys %rcodes) { - push (@runref, $_) unless exists $urcodes{$_}; -} - -if($debug && defined(@funref) ) { - print STDERR "The following function codes were not referenced:\n"; - foreach(sort @funref) - { - print STDERR "$_\n"; - } -} - -if($debug && defined(@runref) ) { - print STDERR "The following reason codes were not referenced:\n"; - foreach(sort @runref) - { - print STDERR "$_\n"; - } -} diff --git a/src/lib/libcrypto/util/mkstack.pl b/src/lib/libcrypto/util/mkstack.pl deleted file mode 100644 index 3ee13fe7c9..0000000000 --- a/src/lib/libcrypto/util/mkstack.pl +++ /dev/null @@ -1,124 +0,0 @@ -#!/usr/local/bin/perl -w - -# This is a utility that searches out "DECLARE_STACK_OF()" -# declarations in .h and .c files, and updates/creates/replaces -# the corresponding macro declarations in crypto/stack/safestack.h. -# As it's not generally possible to have macros that generate macros, -# we need to control this from the "outside", here in this script. -# -# Geoff Thorpe, June, 2000 (with massive Perl-hacking -# help from Steve Robb) - -my $safestack = "crypto/stack/safestack"; - -my $do_write; -while (@ARGV) { - my $arg = $ARGV[0]; - if($arg eq "-write") { - $do_write = 1; - } - shift @ARGV; -} - - -@source = (, , , ); -foreach $file (@source) { - next if -l $file; - - # Open the .c/.h file for reading - open(IN, "< $file") || die "Can't open $file for reading: $!"; - - while() { - if (/^DECLARE_STACK_OF\(([^)]+)\)/) { - push @stacklst, $1; - } if (/^DECLARE_ASN1_SET_OF\(([^)]+)\)/) { - push @asn1setlst, $1; - } if (/^DECLARE_PKCS12_STACK_OF\(([^)]+)\)/) { - push @p12stklst, $1; - } - } - close(IN); -} - - - -my $old_stackfile = ""; -my $new_stackfile = ""; -my $inside_block = 0; -my $type_thing; - -open(IN, "< $safestack.h") || die "Can't open input file: $!"; -while() { - $old_stackfile .= $_; - - if (m|^/\* This block of defines is updated by util/mkstack.pl, please do not touch! \*/|) { - $inside_block = 1; - } - if (m|^/\* End of util/mkstack.pl block, you may now edit :-\) \*/|) { - $inside_block = 0; - } elsif ($inside_block == 0) { - $new_stackfile .= $_; - } - next if($inside_block != 1); - $new_stackfile .= "/* This block of defines is updated by util/mkstack.pl, please do not touch! */"; - - foreach $type_thing (sort @stacklst) { - $new_stackfile .= <$safestack.h" || die "Can't open output file"; - print OUT $new_stackfile; - close OUT; -} diff --git a/src/lib/libcrypto/x509/by_dir.c b/src/lib/libcrypto/x509/by_dir.c deleted file mode 100644 index cac64a6f40..0000000000 --- a/src/lib/libcrypto/x509/by_dir.c +++ /dev/null @@ -1,351 +0,0 @@ -/* crypto/x509/by_dir.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include - -#include "cryptlib.h" - -#ifndef NO_SYS_TYPES_H -# include -#endif -#ifdef MAC_OS_pre_X -# include -#else -# include -#endif - -#include -#include - -typedef struct lookup_dir_st - { - BUF_MEM *buffer; - int num_dirs; - char **dirs; - int *dirs_type; - int num_dirs_alloced; - } BY_DIR; - -static int dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl, - char **ret); -static int new_dir(X509_LOOKUP *lu); -static void free_dir(X509_LOOKUP *lu); -static int add_cert_dir(BY_DIR *ctx,const char *dir,int type); -static int get_cert_by_subject(X509_LOOKUP *xl,int type,X509_NAME *name, - X509_OBJECT *ret); -X509_LOOKUP_METHOD x509_dir_lookup= - { - "Load certs from files in a directory", - new_dir, /* new */ - free_dir, /* free */ - NULL, /* init */ - NULL, /* shutdown */ - dir_ctrl, /* ctrl */ - get_cert_by_subject, /* get_by_subject */ - NULL, /* get_by_issuer_serial */ - NULL, /* get_by_fingerprint */ - NULL, /* get_by_alias */ - }; - -X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void) - { - return(&x509_dir_lookup); - } - -static int dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl, - char **retp) - { - int ret=0; - BY_DIR *ld; - char *dir; - - ld=(BY_DIR *)ctx->method_data; - - switch (cmd) - { - case X509_L_ADD_DIR: - if (argl == X509_FILETYPE_DEFAULT) - { - ret=add_cert_dir(ld,X509_get_default_cert_dir(), - X509_FILETYPE_PEM); - if (!ret) - { - X509err(X509_F_DIR_CTRL,X509_R_LOADING_CERT_DIR); - } - else - { - dir=(char *)Getenv(X509_get_default_cert_dir_env()); - ret=add_cert_dir(ld,dir,X509_FILETYPE_PEM); - } - } - else - ret=add_cert_dir(ld,argp,(int)argl); - break; - } - return(ret); - } - -static int new_dir(X509_LOOKUP *lu) - { - BY_DIR *a; - - if ((a=(BY_DIR *)OPENSSL_malloc(sizeof(BY_DIR))) == NULL) - return(0); - if ((a->buffer=BUF_MEM_new()) == NULL) - { - OPENSSL_free(a); - return(0); - } - a->num_dirs=0; - a->dirs=NULL; - a->dirs_type=NULL; - a->num_dirs_alloced=0; - lu->method_data=(char *)a; - return(1); - } - -static void free_dir(X509_LOOKUP *lu) - { - BY_DIR *a; - int i; - - a=(BY_DIR *)lu->method_data; - for (i=0; inum_dirs; i++) - if (a->dirs[i] != NULL) OPENSSL_free(a->dirs[i]); - if (a->dirs != NULL) OPENSSL_free(a->dirs); - if (a->dirs_type != NULL) OPENSSL_free(a->dirs_type); - if (a->buffer != NULL) BUF_MEM_free(a->buffer); - OPENSSL_free(a); - } - -static int add_cert_dir(BY_DIR *ctx, const char *dir, int type) - { - int j,len; - int *ip; - const char *s,*ss,*p; - char **pp; - - if (dir == NULL || !*dir) - { - X509err(X509_F_ADD_CERT_DIR,X509_R_INVALID_DIRECTORY); - return 0; - } - - s=dir; - p=s; - for (;;) - { - if ((*p == LIST_SEPARATOR_CHAR) || (*p == '\0')) - { - ss=s; - s=p+1; - len=(int)(p-ss); - if (len == 0) continue; - for (j=0; jnum_dirs; j++) - if (strncmp(ctx->dirs[j],ss,(unsigned int)len) == 0) - continue; - if (ctx->num_dirs_alloced < (ctx->num_dirs+1)) - { - ctx->num_dirs_alloced+=10; - pp=(char **)OPENSSL_malloc(ctx->num_dirs_alloced* - sizeof(char *)); - ip=(int *)OPENSSL_malloc(ctx->num_dirs_alloced* - sizeof(int)); - if ((pp == NULL) || (ip == NULL)) - { - X509err(X509_F_ADD_CERT_DIR,ERR_R_MALLOC_FAILURE); - return(0); - } - memcpy(pp,ctx->dirs,(ctx->num_dirs_alloced-10)* - sizeof(char *)); - memcpy(ip,ctx->dirs_type,(ctx->num_dirs_alloced-10)* - sizeof(int)); - if (ctx->dirs != NULL) - OPENSSL_free(ctx->dirs); - if (ctx->dirs_type != NULL) - OPENSSL_free(ctx->dirs_type); - ctx->dirs=pp; - ctx->dirs_type=ip; - } - ctx->dirs_type[ctx->num_dirs]=type; - ctx->dirs[ctx->num_dirs]=(char *)OPENSSL_malloc((unsigned int)len+1); - if (ctx->dirs[ctx->num_dirs] == NULL) return(0); - strncpy(ctx->dirs[ctx->num_dirs],ss,(unsigned int)len); - ctx->dirs[ctx->num_dirs][len]='\0'; - ctx->num_dirs++; - } - if (*p == '\0') break; - p++; - } - return(1); - } - -static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name, - X509_OBJECT *ret) - { - BY_DIR *ctx; - union { - struct { - X509 st_x509; - X509_CINF st_x509_cinf; - } x509; - struct { - X509_CRL st_crl; - X509_CRL_INFO st_crl_info; - } crl; - } data; - int ok=0; - int i,j,k; - unsigned long h; - BUF_MEM *b=NULL; - struct stat st; - X509_OBJECT stmp,*tmp; - const char *postfix=""; - - if (name == NULL) return(0); - - stmp.type=type; - if (type == X509_LU_X509) - { - data.x509.st_x509.cert_info= &data.x509.st_x509_cinf; - data.x509.st_x509_cinf.subject=name; - stmp.data.x509= &data.x509.st_x509; - postfix=""; - } - else if (type == X509_LU_CRL) - { - data.crl.st_crl.crl= &data.crl.st_crl_info; - data.crl.st_crl_info.issuer=name; - stmp.data.crl= &data.crl.st_crl; - postfix="r"; - } - else - { - X509err(X509_F_GET_CERT_BY_SUBJECT,X509_R_WRONG_LOOKUP_TYPE); - goto finish; - } - - if ((b=BUF_MEM_new()) == NULL) - { - X509err(X509_F_GET_CERT_BY_SUBJECT,ERR_R_BUF_LIB); - goto finish; - } - - ctx=(BY_DIR *)xl->method_data; - - h=X509_NAME_hash(name); - for (i=0; inum_dirs; i++) - { - j=strlen(ctx->dirs[i])+1+8+6+1+1; - if (!BUF_MEM_grow(b,j)) - { - X509err(X509_F_GET_CERT_BY_SUBJECT,ERR_R_MALLOC_FAILURE); - goto finish; - } - k=0; - for (;;) - { - sprintf(b->data,"%s/%08lx.%s%d",ctx->dirs[i],h, - postfix,k); - k++; - if (stat(b->data,&st) < 0) - break; - /* found one. */ - if (type == X509_LU_X509) - { - if ((X509_load_cert_file(xl,b->data, - ctx->dirs_type[i])) == 0) - break; - } - else if (type == X509_LU_CRL) - { - if ((X509_load_crl_file(xl,b->data, - ctx->dirs_type[i])) == 0) - break; - } - /* else case will caught higher up */ - } - - /* we have added it to the cache so now pull - * it out again */ - CRYPTO_r_lock(CRYPTO_LOCK_X509_STORE); - j = sk_X509_OBJECT_find(xl->store_ctx->objs,&stmp); - if(j != -1) tmp=sk_X509_OBJECT_value(xl->store_ctx->objs,i); - else tmp = NULL; - CRYPTO_r_unlock(CRYPTO_LOCK_X509_STORE); - - if (tmp != NULL) - { - ok=1; - ret->type=tmp->type; - memcpy(&ret->data,&tmp->data,sizeof(ret->data)); - /* If we were going to up the reference count, - * we would need to do it on a perl 'type' - * basis */ - /* CRYPTO_add(&tmp->data.x509->references,1, - CRYPTO_LOCK_X509);*/ - goto finish; - } - } -finish: - if (b != NULL) BUF_MEM_free(b); - return(ok); - } - diff --git a/src/lib/libcrypto/x509/by_file.c b/src/lib/libcrypto/x509/by_file.c deleted file mode 100644 index 78e9240a8d..0000000000 --- a/src/lib/libcrypto/x509/by_file.c +++ /dev/null @@ -1,298 +0,0 @@ -/* crypto/x509/by_file.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include - -#include "cryptlib.h" -#include -#include -#include -#include - -#ifndef NO_STDIO - -static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, - long argl, char **ret); -X509_LOOKUP_METHOD x509_file_lookup= - { - "Load file into cache", - NULL, /* new */ - NULL, /* free */ - NULL, /* init */ - NULL, /* shutdown */ - by_file_ctrl, /* ctrl */ - NULL, /* get_by_subject */ - NULL, /* get_by_issuer_serial */ - NULL, /* get_by_fingerprint */ - NULL, /* get_by_alias */ - }; - -X509_LOOKUP_METHOD *X509_LOOKUP_file(void) - { - return(&x509_file_lookup); - } - -static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl, - char **ret) - { - int ok=0; - char *file; - - switch (cmd) - { - case X509_L_FILE_LOAD: - if (argl == X509_FILETYPE_DEFAULT) - { - ok = (X509_load_cert_crl_file(ctx,X509_get_default_cert_file(), - X509_FILETYPE_PEM) != 0); - if (!ok) - { - X509err(X509_F_BY_FILE_CTRL,X509_R_LOADING_DEFAULTS); - } - else - { - file=(char *)Getenv(X509_get_default_cert_file_env()); - ok = (X509_load_cert_crl_file(ctx,file, - X509_FILETYPE_PEM) != 0); - } - } - else - { - if(argl == X509_FILETYPE_PEM) - ok = (X509_load_cert_crl_file(ctx,argp, - X509_FILETYPE_PEM) != 0); - else - ok = (X509_load_cert_file(ctx,argp,(int)argl) != 0); - } - break; - } - return(ok); - } - -int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type) - { - int ret=0; - BIO *in=NULL; - int i,count=0; - X509 *x=NULL; - - if (file == NULL) return(1); - in=BIO_new(BIO_s_file_internal()); - - if ((in == NULL) || (BIO_read_filename(in,file) <= 0)) - { - X509err(X509_F_X509_LOAD_CERT_FILE,ERR_R_SYS_LIB); - goto err; - } - - if (type == X509_FILETYPE_PEM) - { - for (;;) - { - x=PEM_read_bio_X509_AUX(in,NULL,NULL,NULL); - if (x == NULL) - { - if ((ERR_GET_REASON(ERR_peek_error()) == - PEM_R_NO_START_LINE) && (count > 0)) - { - ERR_clear_error(); - break; - } - else - { - X509err(X509_F_X509_LOAD_CERT_FILE, - ERR_R_PEM_LIB); - goto err; - } - } - i=X509_STORE_add_cert(ctx->store_ctx,x); - if (!i) goto err; - count++; - X509_free(x); - x=NULL; - } - ret=count; - } - else if (type == X509_FILETYPE_ASN1) - { - x=d2i_X509_bio(in,NULL); - if (x == NULL) - { - X509err(X509_F_X509_LOAD_CERT_FILE,ERR_R_ASN1_LIB); - goto err; - } - i=X509_STORE_add_cert(ctx->store_ctx,x); - if (!i) goto err; - ret=i; - } - else - { - X509err(X509_F_X509_LOAD_CERT_FILE,X509_R_BAD_X509_FILETYPE); - goto err; - } -err: - if (x != NULL) X509_free(x); - if (in != NULL) BIO_free(in); - return(ret); - } - -int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type) - { - int ret=0; - BIO *in=NULL; - int i,count=0; - X509_CRL *x=NULL; - - if (file == NULL) return(1); - in=BIO_new(BIO_s_file_internal()); - - if ((in == NULL) || (BIO_read_filename(in,file) <= 0)) - { - X509err(X509_F_X509_LOAD_CRL_FILE,ERR_R_SYS_LIB); - goto err; - } - - if (type == X509_FILETYPE_PEM) - { - for (;;) - { - x=PEM_read_bio_X509_CRL(in,NULL,NULL,NULL); - if (x == NULL) - { - if ((ERR_GET_REASON(ERR_peek_error()) == - PEM_R_NO_START_LINE) && (count > 0)) - { - ERR_clear_error(); - break; - } - else - { - X509err(X509_F_X509_LOAD_CRL_FILE, - ERR_R_PEM_LIB); - goto err; - } - } - i=X509_STORE_add_crl(ctx->store_ctx,x); - if (!i) goto err; - count++; - X509_CRL_free(x); - x=NULL; - } - ret=count; - } - else if (type == X509_FILETYPE_ASN1) - { - x=d2i_X509_CRL_bio(in,NULL); - if (x == NULL) - { - X509err(X509_F_X509_LOAD_CRL_FILE,ERR_R_ASN1_LIB); - goto err; - } - i=X509_STORE_add_crl(ctx->store_ctx,x); - if (!i) goto err; - ret=i; - } - else - { - X509err(X509_F_X509_LOAD_CRL_FILE,X509_R_BAD_X509_FILETYPE); - goto err; - } -err: - if (x != NULL) X509_CRL_free(x); - if (in != NULL) BIO_free(in); - return(ret); - } - -int X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type) -{ - STACK_OF(X509_INFO) *inf; - X509_INFO *itmp; - BIO *in; - int i, count = 0; - if(type != X509_FILETYPE_PEM) - return X509_load_cert_file(ctx, file, type); - in = BIO_new_file(file, "r"); - if(!in) { - X509err(X509_F_X509_LOAD_CERT_CRL_FILE,ERR_R_SYS_LIB); - return 0; - } - inf = PEM_X509_INFO_read_bio(in, NULL, NULL, NULL); - BIO_free(in); - if(!inf) { - X509err(X509_F_X509_LOAD_CERT_CRL_FILE,ERR_R_PEM_LIB); - return 0; - } - for(i = 0; i < sk_X509_INFO_num(inf); i++) { - itmp = sk_X509_INFO_value(inf, i); - if(itmp->x509) { - X509_STORE_add_cert(ctx->store_ctx, itmp->x509); - count++; - } else if(itmp->crl) { - X509_STORE_add_crl(ctx->store_ctx, itmp->crl); - count++; - } - } - sk_X509_INFO_pop_free(inf, X509_INFO_free); - return count; -} - - -#endif /* NO_STDIO */ - diff --git a/src/lib/libcrypto/x509/x509.h b/src/lib/libcrypto/x509/x509.h deleted file mode 100644 index 813c8adffd..0000000000 --- a/src/lib/libcrypto/x509/x509.h +++ /dev/null @@ -1,1294 +0,0 @@ -/* crypto/x509/x509.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_X509_H -#define HEADER_X509_H - -#include -#ifndef NO_BUFFER -#include -#endif -#ifndef NO_EVP -#include -#endif -#ifndef NO_BIO -#include -#endif -#include -#include -#include - -#ifndef NO_RSA -#include -#endif - -#ifndef NO_DSA -#include -#endif - -#ifndef NO_DH -#include -#endif - -#include - - -#ifdef __cplusplus -extern "C" { -#endif - -#ifdef WIN32 -/* Under Win32 this is defined in wincrypt.h */ -#undef X509_NAME -#endif - - /* If placed in pkcs12.h, we end up with a circular depency with pkcs7.h */ -#define DECLARE_PKCS12_STACK_OF(type) /* Nothing */ -#define IMPLEMENT_PKCS12_STACK_OF(type) /* Nothing */ - -#define X509_FILETYPE_PEM 1 -#define X509_FILETYPE_ASN1 2 -#define X509_FILETYPE_DEFAULT 3 - -#define X509v3_KU_DIGITAL_SIGNATURE 0x0080 -#define X509v3_KU_NON_REPUDIATION 0x0040 -#define X509v3_KU_KEY_ENCIPHERMENT 0x0020 -#define X509v3_KU_DATA_ENCIPHERMENT 0x0010 -#define X509v3_KU_KEY_AGREEMENT 0x0008 -#define X509v3_KU_KEY_CERT_SIGN 0x0004 -#define X509v3_KU_CRL_SIGN 0x0002 -#define X509v3_KU_ENCIPHER_ONLY 0x0001 -#define X509v3_KU_DECIPHER_ONLY 0x8000 -#define X509v3_KU_UNDEF 0xffff - -typedef struct X509_objects_st - { - int nid; - int (*a2i)(); - int (*i2a)(); - } X509_OBJECTS; - -typedef struct X509_algor_st - { - ASN1_OBJECT *algorithm; - ASN1_TYPE *parameter; - } X509_ALGOR; - -DECLARE_STACK_OF(X509_ALGOR) -DECLARE_ASN1_SET_OF(X509_ALGOR) - -typedef struct X509_val_st - { - ASN1_TIME *notBefore; - ASN1_TIME *notAfter; - } X509_VAL; - -typedef struct X509_pubkey_st - { - X509_ALGOR *algor; - ASN1_BIT_STRING *public_key; - EVP_PKEY *pkey; - } X509_PUBKEY; - -typedef struct X509_sig_st - { - X509_ALGOR *algor; - ASN1_OCTET_STRING *digest; - } X509_SIG; - -typedef struct X509_name_entry_st - { - ASN1_OBJECT *object; - ASN1_STRING *value; - int set; - int size; /* temp variable */ - } X509_NAME_ENTRY; - -DECLARE_STACK_OF(X509_NAME_ENTRY) -DECLARE_ASN1_SET_OF(X509_NAME_ENTRY) - -/* we always keep X509_NAMEs in 2 forms. */ -typedef struct X509_name_st - { - STACK_OF(X509_NAME_ENTRY) *entries; - int modified; /* true if 'bytes' needs to be built */ -#ifndef NO_BUFFER - BUF_MEM *bytes; -#else - char *bytes; -#endif - unsigned long hash; /* Keep the hash around for lookups */ - } X509_NAME; - -DECLARE_STACK_OF(X509_NAME) - -#define X509_EX_V_NETSCAPE_HACK 0x8000 -#define X509_EX_V_INIT 0x0001 -typedef struct X509_extension_st - { - ASN1_OBJECT *object; - short critical; - short netscape_hack; - ASN1_OCTET_STRING *value; - struct v3_ext_method *method; /* V3 method to use */ - void *ext_val; /* extension value */ - } X509_EXTENSION; - -DECLARE_STACK_OF(X509_EXTENSION) -DECLARE_ASN1_SET_OF(X509_EXTENSION) - -/* a sequence of these are used */ -typedef struct x509_attributes_st - { - ASN1_OBJECT *object; - int set; /* 1 for a set, 0 for a single item (which is wrong) */ - union { - char *ptr; -/* 1 */ STACK_OF(ASN1_TYPE) *set; -/* 0 */ ASN1_TYPE *single; - } value; - } X509_ATTRIBUTE; - -DECLARE_STACK_OF(X509_ATTRIBUTE) -DECLARE_ASN1_SET_OF(X509_ATTRIBUTE) - -typedef struct X509_req_info_st - { - unsigned char *asn1; - int length; - ASN1_INTEGER *version; - X509_NAME *subject; - X509_PUBKEY *pubkey; - /* d=2 hl=2 l= 0 cons: cont: 00 */ - STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */ - int req_kludge; - } X509_REQ_INFO; - -typedef struct X509_req_st - { - X509_REQ_INFO *req_info; - X509_ALGOR *sig_alg; - ASN1_BIT_STRING *signature; - int references; - } X509_REQ; - -typedef struct x509_cinf_st - { - ASN1_INTEGER *version; /* [ 0 ] default of v1 */ - ASN1_INTEGER *serialNumber; - X509_ALGOR *signature; - X509_NAME *issuer; - X509_VAL *validity; - X509_NAME *subject; - X509_PUBKEY *key; - ASN1_BIT_STRING *issuerUID; /* [ 1 ] optional in v2 */ - ASN1_BIT_STRING *subjectUID; /* [ 2 ] optional in v2 */ - STACK_OF(X509_EXTENSION) *extensions; /* [ 3 ] optional in v3 */ - } X509_CINF; - -/* This stuff is certificate "auxiliary info" - * it contains details which are useful in certificate - * stores and databases. When used this is tagged onto - * the end of the certificate itself - */ - -typedef struct x509_cert_aux_st - { - STACK_OF(ASN1_OBJECT) *trust; /* trusted uses */ - STACK_OF(ASN1_OBJECT) *reject; /* rejected uses */ - ASN1_UTF8STRING *alias; /* "friendly name" */ - ASN1_OCTET_STRING *keyid; /* key id of private key */ - STACK_OF(X509_ALGOR) *other; /* other unspecified info */ - } X509_CERT_AUX; - -typedef struct x509_st - { - X509_CINF *cert_info; - X509_ALGOR *sig_alg; - ASN1_BIT_STRING *signature; - int valid; - int references; - char *name; - CRYPTO_EX_DATA ex_data; - /* These contain copies of various extension values */ - long ex_pathlen; - unsigned long ex_flags; - unsigned long ex_kusage; - unsigned long ex_xkusage; - unsigned long ex_nscert; - ASN1_OCTET_STRING *skid; - struct AUTHORITY_KEYID_st *akid; -#ifndef NO_SHA - unsigned char sha1_hash[SHA_DIGEST_LENGTH]; -#endif - X509_CERT_AUX *aux; - } X509; - -DECLARE_STACK_OF(X509) -DECLARE_ASN1_SET_OF(X509) - -/* This is used for a table of trust checking functions */ - -typedef struct x509_trust_st { - int trust; - int flags; - int (*check_trust)(struct x509_trust_st *, X509 *, int); - char *name; - int arg1; - void *arg2; -} X509_TRUST; - -DECLARE_STACK_OF(X509_TRUST) - -/* standard trust ids */ - -#define X509_TRUST_DEFAULT -1 /* Only valid in purpose settings */ - -#define X509_TRUST_COMPAT 1 -#define X509_TRUST_SSL_CLIENT 2 -#define X509_TRUST_SSL_SERVER 3 -#define X509_TRUST_EMAIL 4 -#define X509_TRUST_OBJECT_SIGN 5 - -/* Keep these up to date! */ -#define X509_TRUST_MIN 1 -#define X509_TRUST_MAX 5 - - -/* trust_flags values */ -#define X509_TRUST_DYNAMIC 1 -#define X509_TRUST_DYNAMIC_NAME 2 - -/* check_trust return codes */ - -#define X509_TRUST_TRUSTED 1 -#define X509_TRUST_REJECTED 2 -#define X509_TRUST_UNTRUSTED 3 - -/* Flags specific to X509_NAME_print_ex() */ - -/* The field separator information */ - -#define XN_FLAG_SEP_MASK (0xf << 16) - -#define XN_FLAG_COMPAT 0 /* Traditional SSLeay: use old X509_NAME_print */ -#define XN_FLAG_SEP_COMMA_PLUS (1 << 16) /* RFC2253 ,+ */ -#define XN_FLAG_SEP_CPLUS_SPC (2 << 16) /* ,+ spaced: more readable */ -#define XN_FLAG_SEP_SPLUS_SPC (3 << 16) /* ;+ spaced */ -#define XN_FLAG_SEP_MULTILINE (4 << 16) /* One line per field */ - -#define XN_FLAG_DN_REV (1 << 20) /* Reverse DN order */ - -/* How the field name is shown */ - -#define XN_FLAG_FN_MASK (0x3 << 21) - -#define XN_FLAG_FN_SN 0 /* Object short name */ -#define XN_FLAG_FN_LN (1 << 21) /* Object long name */ -#define XN_FLAG_FN_OID (2 << 21) /* Always use OIDs */ -#define XN_FLAG_FN_NONE (3 << 21) /* No field names */ - -#define XN_FLAG_SPC_EQ (1 << 23) /* Put spaces round '=' */ - -/* This determines if we dump fields we don't recognise: - * RFC2253 requires this. - */ - -#define XN_FLAG_DUMP_UNKNOWN_FIELDS (1 << 24) - -/* Complete set of RFC2253 flags */ - -#define XN_FLAG_RFC2253 (ASN1_STRFLGS_RFC2253 | \ - XN_FLAG_SEP_COMMA_PLUS | \ - XN_FLAG_DN_REV | \ - XN_FLAG_FN_SN | \ - XN_FLAG_DUMP_UNKNOWN_FIELDS) - -/* readable oneline form */ - -#define XN_FLAG_ONELINE (ASN1_STRFLGS_RFC2253 | \ - ASN1_STRFLGS_ESC_QUOTE | \ - XN_FLAG_SEP_CPLUS_SPC | \ - XN_FLAG_SPC_EQ | \ - XN_FLAG_FN_SN) - -/* readable multiline form */ - -#define XN_FLAG_MULTILINE (ASN1_STRFLGS_ESC_CTRL | \ - ASN1_STRFLGS_ESC_MSB | \ - XN_FLAG_SEP_MULTILINE | \ - XN_FLAG_SPC_EQ | \ - XN_FLAG_FN_LN) - -typedef struct X509_revoked_st - { - ASN1_INTEGER *serialNumber; - ASN1_TIME *revocationDate; - STACK_OF(X509_EXTENSION) /* optional */ *extensions; - int sequence; /* load sequence */ - } X509_REVOKED; - -DECLARE_STACK_OF(X509_REVOKED) -DECLARE_ASN1_SET_OF(X509_REVOKED) - -typedef struct X509_crl_info_st - { - ASN1_INTEGER *version; - X509_ALGOR *sig_alg; - X509_NAME *issuer; - ASN1_TIME *lastUpdate; - ASN1_TIME *nextUpdate; - STACK_OF(X509_REVOKED) *revoked; - STACK_OF(X509_EXTENSION) /* [0] */ *extensions; - } X509_CRL_INFO; - -typedef struct X509_crl_st - { - /* actual signature */ - X509_CRL_INFO *crl; - X509_ALGOR *sig_alg; - ASN1_BIT_STRING *signature; - int references; - } X509_CRL; - -DECLARE_STACK_OF(X509_CRL) -DECLARE_ASN1_SET_OF(X509_CRL) - -typedef struct private_key_st - { - int version; - /* The PKCS#8 data types */ - X509_ALGOR *enc_algor; - ASN1_OCTET_STRING *enc_pkey; /* encrypted pub key */ - - /* When decrypted, the following will not be NULL */ - EVP_PKEY *dec_pkey; - - /* used to encrypt and decrypt */ - int key_length; - char *key_data; - int key_free; /* true if we should auto free key_data */ - - /* expanded version of 'enc_algor' */ - EVP_CIPHER_INFO cipher; - - int references; - } X509_PKEY; - -#ifndef NO_EVP -typedef struct X509_info_st - { - X509 *x509; - X509_CRL *crl; - X509_PKEY *x_pkey; - - EVP_CIPHER_INFO enc_cipher; - int enc_len; - char *enc_data; - - int references; - } X509_INFO; - -DECLARE_STACK_OF(X509_INFO) -#endif - -/* The next 2 structures and their 8 routines were sent to me by - * Pat Richard and are used to manipulate - * Netscapes spki structures - useful if you are writing a CA web page - */ -typedef struct Netscape_spkac_st - { - X509_PUBKEY *pubkey; - ASN1_IA5STRING *challenge; /* challenge sent in atlas >= PR2 */ - } NETSCAPE_SPKAC; - -typedef struct Netscape_spki_st - { - NETSCAPE_SPKAC *spkac; /* signed public key and challenge */ - X509_ALGOR *sig_algor; - ASN1_BIT_STRING *signature; - } NETSCAPE_SPKI; - -/* Netscape certificate sequence structure */ -typedef struct Netscape_certificate_sequence - { - ASN1_OBJECT *type; - STACK_OF(X509) *certs; - } NETSCAPE_CERT_SEQUENCE; - -typedef struct CBCParameter_st - { - unsigned char iv[8]; - } CBC_PARAM; - -/* Password based encryption structure */ - -typedef struct PBEPARAM_st { -ASN1_OCTET_STRING *salt; -ASN1_INTEGER *iter; -} PBEPARAM; - -/* Password based encryption V2 structures */ - -typedef struct PBE2PARAM_st { -X509_ALGOR *keyfunc; -X509_ALGOR *encryption; -} PBE2PARAM; - -typedef struct PBKDF2PARAM_st { -ASN1_TYPE *salt; /* Usually OCTET STRING but could be anything */ -ASN1_INTEGER *iter; -ASN1_INTEGER *keylength; -X509_ALGOR *prf; -} PBKDF2PARAM; - - -/* PKCS#8 private key info structure */ - -typedef struct pkcs8_priv_key_info_st - { - int broken; /* Flag for various broken formats */ -#define PKCS8_OK 0 -#define PKCS8_NO_OCTET 1 -#define PKCS8_EMBEDDED_PARAM 2 -#define PKCS8_NS_DB 3 - ASN1_INTEGER *version; - X509_ALGOR *pkeyalg; - ASN1_TYPE *pkey; /* Should be OCTET STRING but some are broken */ - STACK_OF(X509_ATTRIBUTE) *attributes; - } PKCS8_PRIV_KEY_INFO; - -#ifdef __cplusplus -} -#endif - -#include -#include - -#ifdef __cplusplus -extern "C" { -#endif - -#ifdef SSLEAY_MACROS -#define X509_verify(a,r) ASN1_verify((int (*)())i2d_X509_CINF,a->sig_alg,\ - a->signature,(char *)a->cert_info,r) -#define X509_REQ_verify(a,r) ASN1_verify((int (*)())i2d_X509_REQ_INFO, \ - a->sig_alg,a->signature,(char *)a->req_info,r) -#define X509_CRL_verify(a,r) ASN1_verify((int (*)())i2d_X509_CRL_INFO, \ - a->sig_alg, a->signature,(char *)a->crl,r) - -#define X509_sign(x,pkey,md) \ - ASN1_sign((int (*)())i2d_X509_CINF, x->cert_info->signature, \ - x->sig_alg, x->signature, (char *)x->cert_info,pkey,md) -#define X509_REQ_sign(x,pkey,md) \ - ASN1_sign((int (*)())i2d_X509_REQ_INFO,x->sig_alg, NULL, \ - x->signature, (char *)x->req_info,pkey,md) -#define X509_CRL_sign(x,pkey,md) \ - ASN1_sign((int (*)())i2d_X509_CRL_INFO,x->crl->sig_alg,x->sig_alg, \ - x->signature, (char *)x->crl,pkey,md) -#define NETSCAPE_SPKI_sign(x,pkey,md) \ - ASN1_sign((int (*)())i2d_NETSCAPE_SPKAC, x->sig_algor,NULL, \ - x->signature, (char *)x->spkac,pkey,md) - -#define X509_dup(x509) (X509 *)ASN1_dup((int (*)())i2d_X509, \ - (char *(*)())d2i_X509,(char *)x509) -#define X509_ATTRIBUTE_dup(xa) (X509_ATTRIBUTE *)ASN1_dup(\ - (int (*)())i2d_X509_ATTRIBUTE, \ - (char *(*)())d2i_X509_ATTRIBUTE,(char *)xa) -#define X509_EXTENSION_dup(ex) (X509_EXTENSION *)ASN1_dup( \ - (int (*)())i2d_X509_EXTENSION, \ - (char *(*)())d2i_X509_EXTENSION,(char *)ex) -#define d2i_X509_fp(fp,x509) (X509 *)ASN1_d2i_fp((char *(*)())X509_new, \ - (char *(*)())d2i_X509, (fp),(unsigned char **)(x509)) -#define i2d_X509_fp(fp,x509) ASN1_i2d_fp(i2d_X509,fp,(unsigned char *)x509) -#define d2i_X509_bio(bp,x509) (X509 *)ASN1_d2i_bio((char *(*)())X509_new, \ - (char *(*)())d2i_X509, (bp),(unsigned char **)(x509)) -#define i2d_X509_bio(bp,x509) ASN1_i2d_bio(i2d_X509,bp,(unsigned char *)x509) - -#define X509_CRL_dup(crl) (X509_CRL *)ASN1_dup((int (*)())i2d_X509_CRL, \ - (char *(*)())d2i_X509_CRL,(char *)crl) -#define d2i_X509_CRL_fp(fp,crl) (X509_CRL *)ASN1_d2i_fp((char *(*)()) \ - X509_CRL_new,(char *(*)())d2i_X509_CRL, (fp),\ - (unsigned char **)(crl)) -#define i2d_X509_CRL_fp(fp,crl) ASN1_i2d_fp(i2d_X509_CRL,fp,\ - (unsigned char *)crl) -#define d2i_X509_CRL_bio(bp,crl) (X509_CRL *)ASN1_d2i_bio((char *(*)()) \ - X509_CRL_new,(char *(*)())d2i_X509_CRL, (bp),\ - (unsigned char **)(crl)) -#define i2d_X509_CRL_bio(bp,crl) ASN1_i2d_bio(i2d_X509_CRL,bp,\ - (unsigned char *)crl) - -#define PKCS7_dup(p7) (PKCS7 *)ASN1_dup((int (*)())i2d_PKCS7, \ - (char *(*)())d2i_PKCS7,(char *)p7) -#define d2i_PKCS7_fp(fp,p7) (PKCS7 *)ASN1_d2i_fp((char *(*)()) \ - PKCS7_new,(char *(*)())d2i_PKCS7, (fp),\ - (unsigned char **)(p7)) -#define i2d_PKCS7_fp(fp,p7) ASN1_i2d_fp(i2d_PKCS7,fp,\ - (unsigned char *)p7) -#define d2i_PKCS7_bio(bp,p7) (PKCS7 *)ASN1_d2i_bio((char *(*)()) \ - PKCS7_new,(char *(*)())d2i_PKCS7, (bp),\ - (unsigned char **)(p7)) -#define i2d_PKCS7_bio(bp,p7) ASN1_i2d_bio(i2d_PKCS7,bp,\ - (unsigned char *)p7) - -#define X509_REQ_dup(req) (X509_REQ *)ASN1_dup((int (*)())i2d_X509_REQ, \ - (char *(*)())d2i_X509_REQ,(char *)req) -#define d2i_X509_REQ_fp(fp,req) (X509_REQ *)ASN1_d2i_fp((char *(*)())\ - X509_REQ_new, (char *(*)())d2i_X509_REQ, (fp),\ - (unsigned char **)(req)) -#define i2d_X509_REQ_fp(fp,req) ASN1_i2d_fp(i2d_X509_REQ,fp,\ - (unsigned char *)req) -#define d2i_X509_REQ_bio(bp,req) (X509_REQ *)ASN1_d2i_bio((char *(*)())\ - X509_REQ_new, (char *(*)())d2i_X509_REQ, (bp),\ - (unsigned char **)(req)) -#define i2d_X509_REQ_bio(bp,req) ASN1_i2d_bio(i2d_X509_REQ,bp,\ - (unsigned char *)req) - -#define RSAPublicKey_dup(rsa) (RSA *)ASN1_dup((int (*)())i2d_RSAPublicKey, \ - (char *(*)())d2i_RSAPublicKey,(char *)rsa) -#define RSAPrivateKey_dup(rsa) (RSA *)ASN1_dup((int (*)())i2d_RSAPrivateKey, \ - (char *(*)())d2i_RSAPrivateKey,(char *)rsa) - -#define d2i_RSAPrivateKey_fp(fp,rsa) (RSA *)ASN1_d2i_fp((char *(*)())\ - RSA_new,(char *(*)())d2i_RSAPrivateKey, (fp), \ - (unsigned char **)(rsa)) -#define i2d_RSAPrivateKey_fp(fp,rsa) ASN1_i2d_fp(i2d_RSAPrivateKey,fp, \ - (unsigned char *)rsa) -#define d2i_RSAPrivateKey_bio(bp,rsa) (RSA *)ASN1_d2i_bio((char *(*)())\ - RSA_new,(char *(*)())d2i_RSAPrivateKey, (bp), \ - (unsigned char **)(rsa)) -#define i2d_RSAPrivateKey_bio(bp,rsa) ASN1_i2d_bio(i2d_RSAPrivateKey,bp, \ - (unsigned char *)rsa) - -#define d2i_RSAPublicKey_fp(fp,rsa) (RSA *)ASN1_d2i_fp((char *(*)())\ - RSA_new,(char *(*)())d2i_RSAPublicKey, (fp), \ - (unsigned char **)(rsa)) -#define i2d_RSAPublicKey_fp(fp,rsa) ASN1_i2d_fp(i2d_RSAPublicKey,fp, \ - (unsigned char *)rsa) -#define d2i_RSAPublicKey_bio(bp,rsa) (RSA *)ASN1_d2i_bio((char *(*)())\ - RSA_new,(char *(*)())d2i_RSAPublicKey, (bp), \ - (unsigned char **)(rsa)) -#define i2d_RSAPublicKey_bio(bp,rsa) ASN1_i2d_bio(i2d_RSAPublicKey,bp, \ - (unsigned char *)rsa) - -#define d2i_DSAPrivateKey_fp(fp,dsa) (DSA *)ASN1_d2i_fp((char *(*)())\ - DSA_new,(char *(*)())d2i_DSAPrivateKey, (fp), \ - (unsigned char **)(dsa)) -#define i2d_DSAPrivateKey_fp(fp,dsa) ASN1_i2d_fp(i2d_DSAPrivateKey,fp, \ - (unsigned char *)dsa) -#define d2i_DSAPrivateKey_bio(bp,dsa) (DSA *)ASN1_d2i_bio((char *(*)())\ - DSA_new,(char *(*)())d2i_DSAPrivateKey, (bp), \ - (unsigned char **)(dsa)) -#define i2d_DSAPrivateKey_bio(bp,dsa) ASN1_i2d_bio(i2d_DSAPrivateKey,bp, \ - (unsigned char *)dsa) - -#define X509_ALGOR_dup(xn) (X509_ALGOR *)ASN1_dup((int (*)())i2d_X509_ALGOR,\ - (char *(*)())d2i_X509_ALGOR,(char *)xn) - -#define X509_NAME_dup(xn) (X509_NAME *)ASN1_dup((int (*)())i2d_X509_NAME, \ - (char *(*)())d2i_X509_NAME,(char *)xn) -#define X509_NAME_ENTRY_dup(ne) (X509_NAME_ENTRY *)ASN1_dup( \ - (int (*)())i2d_X509_NAME_ENTRY, \ - (char *(*)())d2i_X509_NAME_ENTRY,\ - (char *)ne) - -#define X509_digest(data,type,md,len) \ - ASN1_digest((int (*)())i2d_X509,type,(char *)data,md,len) -#define X509_NAME_digest(data,type,md,len) \ - ASN1_digest((int (*)())i2d_X509_NAME,type,(char *)data,md,len) -#ifndef PKCS7_ISSUER_AND_SERIAL_digest -#define PKCS7_ISSUER_AND_SERIAL_digest(data,type,md,len) \ - ASN1_digest((int (*)())i2d_PKCS7_ISSUER_AND_SERIAL,type,\ - (char *)data,md,len) -#endif -#endif - -#define X509_EXT_PACK_UNKNOWN 1 -#define X509_EXT_PACK_STRING 2 - -#define X509_get_version(x) ASN1_INTEGER_get((x)->cert_info->version) -/* #define X509_get_serialNumber(x) ((x)->cert_info->serialNumber) */ -#define X509_get_notBefore(x) ((x)->cert_info->validity->notBefore) -#define X509_get_notAfter(x) ((x)->cert_info->validity->notAfter) -#define X509_extract_key(x) X509_get_pubkey(x) /*****/ -#define X509_REQ_get_version(x) ASN1_INTEGER_get((x)->req_info->version) -#define X509_REQ_get_subject_name(x) ((x)->req_info->subject) -#define X509_REQ_extract_key(a) X509_REQ_get_pubkey(a) -#define X509_name_cmp(a,b) X509_NAME_cmp((a),(b)) -#define X509_get_signature_type(x) EVP_PKEY_type(OBJ_obj2nid((x)->sig_alg->algorithm)) - -#define X509_CRL_get_version(x) ASN1_INTEGER_get((x)->crl->version) -#define X509_CRL_get_lastUpdate(x) ((x)->crl->lastUpdate) -#define X509_CRL_get_nextUpdate(x) ((x)->crl->nextUpdate) -#define X509_CRL_get_issuer(x) ((x)->crl->issuer) -#define X509_CRL_get_REVOKED(x) ((x)->crl->revoked) - -/* This one is only used so that a binary form can output, as in - * i2d_X509_NAME(X509_get_X509_PUBKEY(x),&buf) */ -#define X509_get_X509_PUBKEY(x) ((x)->cert_info->key) - - -const char *X509_verify_cert_error_string(long n); - -#ifndef SSLEAY_MACROS -#ifndef NO_EVP -int X509_verify(X509 *a, EVP_PKEY *r); - -int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r); -int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r); -int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r); - -NETSCAPE_SPKI * NETSCAPE_SPKI_b64_decode(const char *str, int len); -char * NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *x); -EVP_PKEY *NETSCAPE_SPKI_get_pubkey(NETSCAPE_SPKI *x); -int NETSCAPE_SPKI_set_pubkey(NETSCAPE_SPKI *x, EVP_PKEY *pkey); - -int NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki); - -int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md); -int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md); -int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md); -int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md); - -int X509_digest(const X509 *data,const EVP_MD *type, - unsigned char *md, unsigned int *len); -int X509_CRL_digest(const X509_CRL *data,const EVP_MD *type, - unsigned char *md, unsigned int *len); -int X509_REQ_digest(const X509_REQ *data,const EVP_MD *type, - unsigned char *md, unsigned int *len); -int X509_NAME_digest(const X509_NAME *data,const EVP_MD *type, - unsigned char *md, unsigned int *len); -#endif - -#ifndef NO_FP_API -X509 *d2i_X509_fp(FILE *fp, X509 **x509); -int i2d_X509_fp(FILE *fp,X509 *x509); -X509_CRL *d2i_X509_CRL_fp(FILE *fp,X509_CRL **crl); -int i2d_X509_CRL_fp(FILE *fp,X509_CRL *crl); -X509_REQ *d2i_X509_REQ_fp(FILE *fp,X509_REQ **req); -int i2d_X509_REQ_fp(FILE *fp,X509_REQ *req); -#ifndef NO_RSA -RSA *d2i_RSAPrivateKey_fp(FILE *fp,RSA **rsa); -int i2d_RSAPrivateKey_fp(FILE *fp,RSA *rsa); -RSA *d2i_RSAPublicKey_fp(FILE *fp,RSA **rsa); -int i2d_RSAPublicKey_fp(FILE *fp,RSA *rsa); -RSA *d2i_RSA_PUBKEY_fp(FILE *fp,RSA **rsa); -int i2d_RSA_PUBKEY_fp(FILE *fp,RSA *rsa); -#endif -#ifndef NO_DSA -DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa); -int i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa); -DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa); -int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa); -#endif -X509_SIG *d2i_PKCS8_fp(FILE *fp,X509_SIG **p8); -int i2d_PKCS8_fp(FILE *fp,X509_SIG *p8); -PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, - PKCS8_PRIV_KEY_INFO **p8inf); -int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,PKCS8_PRIV_KEY_INFO *p8inf); -int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key); -int i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *pkey); -EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a); -int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey); -EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a); -#endif - -#ifndef NO_BIO -X509 *d2i_X509_bio(BIO *bp,X509 **x509); -int i2d_X509_bio(BIO *bp,X509 *x509); -X509_CRL *d2i_X509_CRL_bio(BIO *bp,X509_CRL **crl); -int i2d_X509_CRL_bio(BIO *bp,X509_CRL *crl); -X509_REQ *d2i_X509_REQ_bio(BIO *bp,X509_REQ **req); -int i2d_X509_REQ_bio(BIO *bp,X509_REQ *req); -#ifndef NO_RSA -RSA *d2i_RSAPrivateKey_bio(BIO *bp,RSA **rsa); -int i2d_RSAPrivateKey_bio(BIO *bp,RSA *rsa); -RSA *d2i_RSAPublicKey_bio(BIO *bp,RSA **rsa); -int i2d_RSAPublicKey_bio(BIO *bp,RSA *rsa); -RSA *d2i_RSA_PUBKEY_bio(BIO *bp,RSA **rsa); -int i2d_RSA_PUBKEY_bio(BIO *bp,RSA *rsa); -#endif -#ifndef NO_DSA -DSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa); -int i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa); -DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa); -int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa); -#endif -X509_SIG *d2i_PKCS8_bio(BIO *bp,X509_SIG **p8); -int i2d_PKCS8_bio(BIO *bp,X509_SIG *p8); -PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, - PKCS8_PRIV_KEY_INFO **p8inf); -int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp,PKCS8_PRIV_KEY_INFO *p8inf); -int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, EVP_PKEY *key); -int i2d_PrivateKey_bio(BIO *bp, EVP_PKEY *pkey); -EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a); -int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey); -EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a); -#endif - -X509 *X509_dup(X509 *x509); -X509_ATTRIBUTE *X509_ATTRIBUTE_dup(X509_ATTRIBUTE *xa); -X509_EXTENSION *X509_EXTENSION_dup(X509_EXTENSION *ex); -X509_CRL *X509_CRL_dup(X509_CRL *crl); -X509_REQ *X509_REQ_dup(X509_REQ *req); -X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn); -X509_NAME *X509_NAME_dup(X509_NAME *xn); -X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne); -#ifndef NO_RSA -RSA *RSAPublicKey_dup(RSA *rsa); -RSA *RSAPrivateKey_dup(RSA *rsa); -#endif - -#endif /* !SSLEAY_MACROS */ - -int X509_cmp_time(ASN1_TIME *s, time_t *t); -int X509_cmp_current_time(ASN1_TIME *s); -ASN1_TIME * X509_time_adj(ASN1_TIME *s, long adj, time_t *t); -ASN1_TIME * X509_gmtime_adj(ASN1_TIME *s, long adj); - -const char * X509_get_default_cert_area(void ); -const char * X509_get_default_cert_dir(void ); -const char * X509_get_default_cert_file(void ); -const char * X509_get_default_cert_dir_env(void ); -const char * X509_get_default_cert_file_env(void ); -const char * X509_get_default_private_dir(void ); - -X509_REQ * X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md); -X509 * X509_REQ_to_X509(X509_REQ *r, int days,EVP_PKEY *pkey); -void ERR_load_X509_strings(void ); - -X509_ALGOR * X509_ALGOR_new(void ); -void X509_ALGOR_free(X509_ALGOR *a); -int i2d_X509_ALGOR(X509_ALGOR *a,unsigned char **pp); -X509_ALGOR * d2i_X509_ALGOR(X509_ALGOR **a,unsigned char **pp, - long length); - -X509_VAL * X509_VAL_new(void ); -void X509_VAL_free(X509_VAL *a); -int i2d_X509_VAL(X509_VAL *a,unsigned char **pp); -X509_VAL * d2i_X509_VAL(X509_VAL **a,unsigned char **pp, - long length); - -X509_PUBKEY * X509_PUBKEY_new(void ); -void X509_PUBKEY_free(X509_PUBKEY *a); -int i2d_X509_PUBKEY(X509_PUBKEY *a,unsigned char **pp); -X509_PUBKEY * d2i_X509_PUBKEY(X509_PUBKEY **a,unsigned char **pp, - long length); -int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey); -EVP_PKEY * X509_PUBKEY_get(X509_PUBKEY *key); -int X509_get_pubkey_parameters(EVP_PKEY *pkey, - STACK_OF(X509) *chain); -int i2d_PUBKEY(EVP_PKEY *a,unsigned char **pp); -EVP_PKEY * d2i_PUBKEY(EVP_PKEY **a,unsigned char **pp, - long length); -#ifndef NO_RSA -int i2d_RSA_PUBKEY(RSA *a,unsigned char **pp); -RSA * d2i_RSA_PUBKEY(RSA **a,unsigned char **pp, - long length); -#endif -#ifndef NO_DSA -int i2d_DSA_PUBKEY(DSA *a,unsigned char **pp); -DSA * d2i_DSA_PUBKEY(DSA **a,unsigned char **pp, - long length); -#endif - -X509_SIG * X509_SIG_new(void ); -void X509_SIG_free(X509_SIG *a); -int i2d_X509_SIG(X509_SIG *a,unsigned char **pp); -X509_SIG * d2i_X509_SIG(X509_SIG **a,unsigned char **pp,long length); - -X509_REQ_INFO *X509_REQ_INFO_new(void); -void X509_REQ_INFO_free(X509_REQ_INFO *a); -int i2d_X509_REQ_INFO(X509_REQ_INFO *a,unsigned char **pp); -X509_REQ_INFO *d2i_X509_REQ_INFO(X509_REQ_INFO **a,unsigned char **pp, - long length); - -X509_REQ * X509_REQ_new(void); -void X509_REQ_free(X509_REQ *a); -int i2d_X509_REQ(X509_REQ *a,unsigned char **pp); -X509_REQ * d2i_X509_REQ(X509_REQ **a,unsigned char **pp,long length); - -X509_ATTRIBUTE *X509_ATTRIBUTE_new(void ); -void X509_ATTRIBUTE_free(X509_ATTRIBUTE *a); -int i2d_X509_ATTRIBUTE(X509_ATTRIBUTE *a,unsigned char **pp); -X509_ATTRIBUTE *d2i_X509_ATTRIBUTE(X509_ATTRIBUTE **a,unsigned char **pp, - long length); -X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value); - - -X509_EXTENSION *X509_EXTENSION_new(void ); -void X509_EXTENSION_free(X509_EXTENSION *a); -int i2d_X509_EXTENSION(X509_EXTENSION *a,unsigned char **pp); -X509_EXTENSION *d2i_X509_EXTENSION(X509_EXTENSION **a,unsigned char **pp, - long length); - -X509_NAME_ENTRY *X509_NAME_ENTRY_new(void); -void X509_NAME_ENTRY_free(X509_NAME_ENTRY *a); -int i2d_X509_NAME_ENTRY(X509_NAME_ENTRY *a,unsigned char **pp); -X509_NAME_ENTRY *d2i_X509_NAME_ENTRY(X509_NAME_ENTRY **a,unsigned char **pp, - long length); - -X509_NAME * X509_NAME_new(void); -void X509_NAME_free(X509_NAME *a); -int i2d_X509_NAME(X509_NAME *a,unsigned char **pp); -X509_NAME * d2i_X509_NAME(X509_NAME **a,unsigned char **pp,long length); -int X509_NAME_set(X509_NAME **xn, X509_NAME *name); - - -X509_CINF * X509_CINF_new(void); -void X509_CINF_free(X509_CINF *a); -int i2d_X509_CINF(X509_CINF *a,unsigned char **pp); -X509_CINF * d2i_X509_CINF(X509_CINF **a,unsigned char **pp,long length); - -X509 * X509_new(void); -void X509_free(X509 *a); -int i2d_X509(X509 *a,unsigned char **pp); -X509 * d2i_X509(X509 **a,unsigned char **pp,long length); -int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); -int X509_set_ex_data(X509 *r, int idx, void *arg); -void *X509_get_ex_data(X509 *r, int idx); -int i2d_X509_AUX(X509 *a,unsigned char **pp); -X509 * d2i_X509_AUX(X509 **a,unsigned char **pp,long length); - -X509_CERT_AUX * X509_CERT_AUX_new(void); -void X509_CERT_AUX_free(X509_CERT_AUX *a); -int i2d_X509_CERT_AUX(X509_CERT_AUX *a,unsigned char **pp); -X509_CERT_AUX * d2i_X509_CERT_AUX(X509_CERT_AUX **a,unsigned char **pp, - long length); -int X509_alias_set1(X509 *x, unsigned char *name, int len); -int X509_keyid_set1(X509 *x, unsigned char *id, int len); -unsigned char * X509_alias_get0(X509 *x, int *len); -int (*X509_TRUST_set_default(int (*trust)(int , X509 *, int)))(int, X509 *, int); -int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj); -int X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj); -void X509_trust_clear(X509 *x); -void X509_reject_clear(X509 *x); - -X509_REVOKED * X509_REVOKED_new(void); -void X509_REVOKED_free(X509_REVOKED *a); -int i2d_X509_REVOKED(X509_REVOKED *a,unsigned char **pp); -X509_REVOKED * d2i_X509_REVOKED(X509_REVOKED **a,unsigned char **pp,long length); - -X509_CRL_INFO *X509_CRL_INFO_new(void); -void X509_CRL_INFO_free(X509_CRL_INFO *a); -int i2d_X509_CRL_INFO(X509_CRL_INFO *a,unsigned char **pp); -X509_CRL_INFO *d2i_X509_CRL_INFO(X509_CRL_INFO **a,unsigned char **pp, - long length); - -X509_CRL * X509_CRL_new(void); -void X509_CRL_free(X509_CRL *a); -int i2d_X509_CRL(X509_CRL *a,unsigned char **pp); -X509_CRL * d2i_X509_CRL(X509_CRL **a,unsigned char **pp,long length); - -X509_PKEY * X509_PKEY_new(void ); -void X509_PKEY_free(X509_PKEY *a); -int i2d_X509_PKEY(X509_PKEY *a,unsigned char **pp); -X509_PKEY * d2i_X509_PKEY(X509_PKEY **a,unsigned char **pp,long length); - -NETSCAPE_SPKI * NETSCAPE_SPKI_new(void ); -void NETSCAPE_SPKI_free(NETSCAPE_SPKI *a); -int i2d_NETSCAPE_SPKI(NETSCAPE_SPKI *a,unsigned char **pp); -NETSCAPE_SPKI * d2i_NETSCAPE_SPKI(NETSCAPE_SPKI **a,unsigned char **pp, - long length); - -NETSCAPE_SPKAC *NETSCAPE_SPKAC_new(void ); -void NETSCAPE_SPKAC_free(NETSCAPE_SPKAC *a); -int i2d_NETSCAPE_SPKAC(NETSCAPE_SPKAC *a,unsigned char **pp); -NETSCAPE_SPKAC *d2i_NETSCAPE_SPKAC(NETSCAPE_SPKAC **a,unsigned char **pp, - long length); - - -int i2d_NETSCAPE_CERT_SEQUENCE(NETSCAPE_CERT_SEQUENCE *a, unsigned char **pp); -NETSCAPE_CERT_SEQUENCE *NETSCAPE_CERT_SEQUENCE_new(void); -NETSCAPE_CERT_SEQUENCE *d2i_NETSCAPE_CERT_SEQUENCE(NETSCAPE_CERT_SEQUENCE **a, unsigned char **pp, long length); -void NETSCAPE_CERT_SEQUENCE_free(NETSCAPE_CERT_SEQUENCE *a); - -#ifndef NO_EVP -X509_INFO * X509_INFO_new(void); -void X509_INFO_free(X509_INFO *a); -char * X509_NAME_oneline(X509_NAME *a,char *buf,int size); - -int ASN1_verify(int (*i2d)(), X509_ALGOR *algor1, - ASN1_BIT_STRING *signature,char *data,EVP_PKEY *pkey); - -int ASN1_digest(int (*i2d)(),const EVP_MD *type,char *data, - unsigned char *md,unsigned int *len); - -int ASN1_sign(int (*i2d)(), X509_ALGOR *algor1, X509_ALGOR *algor2, - ASN1_BIT_STRING *signature, - char *data,EVP_PKEY *pkey, const EVP_MD *type); -#endif - -int X509_set_version(X509 *x,long version); -int X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial); -ASN1_INTEGER * X509_get_serialNumber(X509 *x); -int X509_set_issuer_name(X509 *x, X509_NAME *name); -X509_NAME * X509_get_issuer_name(X509 *a); -int X509_set_subject_name(X509 *x, X509_NAME *name); -X509_NAME * X509_get_subject_name(X509 *a); -int X509_set_notBefore(X509 *x, ASN1_TIME *tm); -int X509_set_notAfter(X509 *x, ASN1_TIME *tm); -int X509_set_pubkey(X509 *x, EVP_PKEY *pkey); -EVP_PKEY * X509_get_pubkey(X509 *x); -int X509_certificate_type(X509 *x,EVP_PKEY *pubkey /* optional */); - -int X509_REQ_set_version(X509_REQ *x,long version); -int X509_REQ_set_subject_name(X509_REQ *req,X509_NAME *name); -int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey); -EVP_PKEY * X509_REQ_get_pubkey(X509_REQ *req); -int X509_REQ_extension_nid(int nid); -int * X509_REQ_get_extension_nids(void); -void X509_REQ_set_extension_nids(int *nids); -STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req); -int X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts, - int nid); -int X509_REQ_add_extensions(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts); -int X509_REQ_get_attr_count(const X509_REQ *req); -int X509_REQ_get_attr_by_NID(const X509_REQ *req, int nid, - int lastpos); -int X509_REQ_get_attr_by_OBJ(const X509_REQ *req, ASN1_OBJECT *obj, - int lastpos); -X509_ATTRIBUTE *X509_REQ_get_attr(const X509_REQ *req, int loc); -X509_ATTRIBUTE *X509_REQ_delete_attr(X509_REQ *req, int loc); -int X509_REQ_add1_attr(X509_REQ *req, X509_ATTRIBUTE *attr); -int X509_REQ_add1_attr_by_OBJ(X509_REQ *req, - ASN1_OBJECT *obj, int type, - unsigned char *bytes, int len); -int X509_REQ_add1_attr_by_NID(X509_REQ *req, - int nid, int type, - unsigned char *bytes, int len); -int X509_REQ_add1_attr_by_txt(X509_REQ *req, - char *attrname, int type, - unsigned char *bytes, int len); - -int X509_check_private_key(X509 *x509,EVP_PKEY *pkey); - -int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b); -unsigned long X509_issuer_and_serial_hash(X509 *a); - -int X509_issuer_name_cmp(const X509 *a, const X509 *b); -unsigned long X509_issuer_name_hash(X509 *a); - -int X509_subject_name_cmp(const X509 *a, const X509 *b); -unsigned long X509_subject_name_hash(X509 *x); - -int X509_cmp(const X509 *a, const X509 *b); -int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b); -unsigned long X509_NAME_hash(X509_NAME *x); - -int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b); -#ifndef NO_FP_API -int X509_print_fp(FILE *bp,X509 *x); -int X509_CRL_print_fp(FILE *bp,X509_CRL *x); -int X509_REQ_print_fp(FILE *bp,X509_REQ *req); -int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent, unsigned long flags); -#endif - -#ifndef NO_BIO -int X509_NAME_print(BIO *bp, X509_NAME *name, int obase); -int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent, unsigned long flags); -int X509_print(BIO *bp,X509 *x); -int X509_CERT_AUX_print(BIO *bp,X509_CERT_AUX *x, int indent); -int X509_CRL_print(BIO *bp,X509_CRL *x); -int X509_REQ_print(BIO *bp,X509_REQ *req); -#endif - -int X509_NAME_entry_count(X509_NAME *name); -int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, - char *buf,int len); -int X509_NAME_get_text_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, - char *buf,int len); - -/* NOTE: you should be passsing -1, not 0 as lastpos. The functions that use - * lastpos, search after that position on. */ -int X509_NAME_get_index_by_NID(X509_NAME *name,int nid,int lastpos); -int X509_NAME_get_index_by_OBJ(X509_NAME *name,ASN1_OBJECT *obj, - int lastpos); -X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc); -X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc); -int X509_NAME_add_entry(X509_NAME *name,X509_NAME_ENTRY *ne, - int loc, int set); -int X509_NAME_add_entry_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, int type, - unsigned char *bytes, int len, int loc, int set); -int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type, - unsigned char *bytes, int len, int loc, int set); -X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne, - char *field, int type, unsigned char *bytes, int len); -X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid, - int type,unsigned char *bytes, int len); -int X509_NAME_add_entry_by_txt(X509_NAME *name, char *field, int type, - unsigned char *bytes, int len, int loc, int set); -X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne, - ASN1_OBJECT *obj, int type,unsigned char *bytes, - int len); -int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, - ASN1_OBJECT *obj); -int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type, - unsigned char *bytes, int len); -ASN1_OBJECT * X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne); -ASN1_STRING * X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne); - -int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x); -int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x, - int nid, int lastpos); -int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x, - ASN1_OBJECT *obj,int lastpos); -int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x, - int crit, int lastpos); -X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc); -X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc); -STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x, - X509_EXTENSION *ex, int loc); - -int X509_get_ext_count(X509 *x); -int X509_get_ext_by_NID(X509 *x, int nid, int lastpos); -int X509_get_ext_by_OBJ(X509 *x,ASN1_OBJECT *obj,int lastpos); -int X509_get_ext_by_critical(X509 *x, int crit, int lastpos); -X509_EXTENSION *X509_get_ext(X509 *x, int loc); -X509_EXTENSION *X509_delete_ext(X509 *x, int loc); -int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc); -void * X509_get_ext_d2i(X509 *x, int nid, int *crit, int *idx); - -int X509_CRL_get_ext_count(X509_CRL *x); -int X509_CRL_get_ext_by_NID(X509_CRL *x, int nid, int lastpos); -int X509_CRL_get_ext_by_OBJ(X509_CRL *x,ASN1_OBJECT *obj,int lastpos); -int X509_CRL_get_ext_by_critical(X509_CRL *x, int crit, int lastpos); -X509_EXTENSION *X509_CRL_get_ext(X509_CRL *x, int loc); -X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc); -int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc); -void * X509_CRL_get_ext_d2i(X509_CRL *x, int nid, int *crit, int *idx); - -int X509_REVOKED_get_ext_count(X509_REVOKED *x); -int X509_REVOKED_get_ext_by_NID(X509_REVOKED *x, int nid, int lastpos); -int X509_REVOKED_get_ext_by_OBJ(X509_REVOKED *x,ASN1_OBJECT *obj,int lastpos); -int X509_REVOKED_get_ext_by_critical(X509_REVOKED *x, int crit, int lastpos); -X509_EXTENSION *X509_REVOKED_get_ext(X509_REVOKED *x, int loc); -X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc); -int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc); -void * X509_REVOKED_get_ext_d2i(X509_REVOKED *x, int nid, int *crit, int *idx); - -X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex, - int nid, int crit, ASN1_OCTET_STRING *data); -X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex, - ASN1_OBJECT *obj,int crit,ASN1_OCTET_STRING *data); -int X509_EXTENSION_set_object(X509_EXTENSION *ex,ASN1_OBJECT *obj); -int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit); -int X509_EXTENSION_set_data(X509_EXTENSION *ex, - ASN1_OCTET_STRING *data); -ASN1_OBJECT * X509_EXTENSION_get_object(X509_EXTENSION *ex); -ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ne); -int X509_EXTENSION_get_critical(X509_EXTENSION *ex); - -int X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x); -int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid, - int lastpos); -int X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk, ASN1_OBJECT *obj, - int lastpos); -X509_ATTRIBUTE *X509at_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, int loc); -X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc); -STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x, - X509_ATTRIBUTE *attr); -STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) **x, - ASN1_OBJECT *obj, int type, - unsigned char *bytes, int len); -STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x, - int nid, int type, - unsigned char *bytes, int len); -STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x, - char *attrname, int type, - unsigned char *bytes, int len); -X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid, - int atrtype, void *data, int len); -X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr, - ASN1_OBJECT *obj, int atrtype, void *data, int len); -X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr, - char *atrname, int type, unsigned char *bytes, int len); -int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, ASN1_OBJECT *obj); -int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, void *data, int len); -void *X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx, - int atrtype, void *data); -int X509_ATTRIBUTE_count(X509_ATTRIBUTE *attr); -ASN1_OBJECT *X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE *attr); -ASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx); - -int X509_verify_cert(X509_STORE_CTX *ctx); - -/* lookup a cert from a X509 STACK */ -X509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *sk,X509_NAME *name, - ASN1_INTEGER *serial); -X509 *X509_find_by_subject(STACK_OF(X509) *sk,X509_NAME *name); - -int i2d_PBEPARAM(PBEPARAM *a, unsigned char **pp); -PBEPARAM *PBEPARAM_new(void); -PBEPARAM *d2i_PBEPARAM(PBEPARAM **a, unsigned char **pp, long length); -void PBEPARAM_free(PBEPARAM *a); -X509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt, int saltlen); -X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, - unsigned char *salt, int saltlen); - -int i2d_PBKDF2PARAM(PBKDF2PARAM *a, unsigned char **pp); -PBKDF2PARAM *PBKDF2PARAM_new(void); -PBKDF2PARAM *d2i_PBKDF2PARAM(PBKDF2PARAM **a, unsigned char **pp, long length); -void PBKDF2PARAM_free(PBKDF2PARAM *a); - -int i2d_PBE2PARAM(PBE2PARAM *a, unsigned char **pp); -PBE2PARAM *PBE2PARAM_new(void); -PBE2PARAM *d2i_PBE2PARAM(PBE2PARAM **a, unsigned char **pp, long length); -void PBE2PARAM_free(PBE2PARAM *a); - -/* PKCS#8 utilities */ - -int i2d_PKCS8_PRIV_KEY_INFO(PKCS8_PRIV_KEY_INFO *a, unsigned char **pp); -PKCS8_PRIV_KEY_INFO *PKCS8_PRIV_KEY_INFO_new(void); -PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO(PKCS8_PRIV_KEY_INFO **a, - unsigned char **pp, long length); -void PKCS8_PRIV_KEY_INFO_free(PKCS8_PRIV_KEY_INFO *a); - -EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8); -PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey); -PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken); -PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken); - -int X509_check_trust(X509 *x, int id, int flags); -int X509_TRUST_get_count(void); -X509_TRUST * X509_TRUST_get0(int idx); -int X509_TRUST_get_by_id(int id); -int X509_TRUST_add(int id, int flags, int (*ck)(X509_TRUST *, X509 *, int), - char *name, int arg1, void *arg2); -void X509_TRUST_cleanup(void); -int X509_TRUST_get_flags(X509_TRUST *xp); -char *X509_TRUST_get0_name(X509_TRUST *xp); -int X509_TRUST_get_trust(X509_TRUST *xp); - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ - -/* Error codes for the X509 functions. */ - -/* Function codes. */ -#define X509_F_ADD_CERT_DIR 100 -#define X509_F_BY_FILE_CTRL 101 -#define X509_F_DIR_CTRL 102 -#define X509_F_GET_CERT_BY_SUBJECT 103 -#define X509_F_NETSCAPE_SPKI_B64_DECODE 129 -#define X509_F_NETSCAPE_SPKI_B64_ENCODE 130 -#define X509_F_X509V3_ADD_EXT 104 -#define X509_F_X509_ADD_ATTR 135 -#define X509_F_X509_ATTRIBUTE_CREATE_BY_NID 136 -#define X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ 137 -#define X509_F_X509_ATTRIBUTE_CREATE_BY_TXT 140 -#define X509_F_X509_ATTRIBUTE_GET0_DATA 139 -#define X509_F_X509_ATTRIBUTE_SET1_DATA 138 -#define X509_F_X509_CHECK_PRIVATE_KEY 128 -#define X509_F_X509_EXTENSION_CREATE_BY_NID 108 -#define X509_F_X509_EXTENSION_CREATE_BY_OBJ 109 -#define X509_F_X509_GET_PUBKEY_PARAMETERS 110 -#define X509_F_X509_LOAD_CERT_CRL_FILE 132 -#define X509_F_X509_LOAD_CERT_FILE 111 -#define X509_F_X509_LOAD_CRL_FILE 112 -#define X509_F_X509_NAME_ADD_ENTRY 113 -#define X509_F_X509_NAME_ENTRY_CREATE_BY_NID 114 -#define X509_F_X509_NAME_ENTRY_CREATE_BY_TXT 131 -#define X509_F_X509_NAME_ENTRY_SET_OBJECT 115 -#define X509_F_X509_NAME_ONELINE 116 -#define X509_F_X509_NAME_PRINT 117 -#define X509_F_X509_PRINT_FP 118 -#define X509_F_X509_PUBKEY_GET 119 -#define X509_F_X509_PUBKEY_SET 120 -#define X509_F_X509_REQ_PRINT 121 -#define X509_F_X509_REQ_PRINT_FP 122 -#define X509_F_X509_REQ_TO_X509 123 -#define X509_F_X509_STORE_ADD_CERT 124 -#define X509_F_X509_STORE_ADD_CRL 125 -#define X509_F_X509_STORE_CTX_PURPOSE_INHERIT 134 -#define X509_F_X509_TO_X509_REQ 126 -#define X509_F_X509_TRUST_ADD 133 -#define X509_F_X509_VERIFY_CERT 127 - -/* Reason codes. */ -#define X509_R_BAD_X509_FILETYPE 100 -#define X509_R_BASE64_DECODE_ERROR 118 -#define X509_R_CANT_CHECK_DH_KEY 114 -#define X509_R_CERT_ALREADY_IN_HASH_TABLE 101 -#define X509_R_ERR_ASN1_LIB 102 -#define X509_R_INVALID_DIRECTORY 113 -#define X509_R_INVALID_FIELD_NAME 119 -#define X509_R_KEY_TYPE_MISMATCH 115 -#define X509_R_KEY_VALUES_MISMATCH 116 -#define X509_R_LOADING_CERT_DIR 103 -#define X509_R_LOADING_DEFAULTS 104 -#define X509_R_NO_CERT_SET_FOR_US_TO_VERIFY 105 -#define X509_R_SHOULD_RETRY 106 -#define X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN 107 -#define X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY 108 -#define X509_R_UNKNOWN_KEY_TYPE 117 -#define X509_R_UNKNOWN_NID 109 -#define X509_R_UNKNOWN_PURPOSE_ID 121 -#define X509_R_UNKNOWN_TRUST_ID 120 -#define X509_R_UNSUPPORTED_ALGORITHM 111 -#define X509_R_WRONG_LOOKUP_TYPE 112 -#define X509_R_WRONG_TYPE 122 - -#ifdef __cplusplus -} -#endif -#endif - diff --git a/src/lib/libcrypto/x509/x509_att.c b/src/lib/libcrypto/x509/x509_att.c deleted file mode 100644 index caafde658f..0000000000 --- a/src/lib/libcrypto/x509/x509_att.c +++ /dev/null @@ -1,326 +0,0 @@ -/* crypto/x509/x509_att.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include "cryptlib.h" -#include -#include -#include -#include -#include - -int X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x) -{ - if (!x) return 0; - return(sk_X509_ATTRIBUTE_num(x)); -} - -int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid, - int lastpos) -{ - ASN1_OBJECT *obj; - - obj=OBJ_nid2obj(nid); - if (obj == NULL) return(-2); - return(X509at_get_attr_by_OBJ(x,obj,lastpos)); -} - -int X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk, ASN1_OBJECT *obj, - int lastpos) -{ - int n; - X509_ATTRIBUTE *ex; - - if (sk == NULL) return(-1); - lastpos++; - if (lastpos < 0) - lastpos=0; - n=sk_X509_ATTRIBUTE_num(sk); - for ( ; lastpos < n; lastpos++) - { - ex=sk_X509_ATTRIBUTE_value(sk,lastpos); - if (OBJ_cmp(ex->object,obj) == 0) - return(lastpos); - } - return(-1); -} - -X509_ATTRIBUTE *X509at_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, int loc) -{ - if (x == NULL || sk_X509_ATTRIBUTE_num(x) <= loc || loc < 0) - return NULL; - else - return sk_X509_ATTRIBUTE_value(x,loc); -} - -X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc) -{ - X509_ATTRIBUTE *ret; - - if (x == NULL || sk_X509_ATTRIBUTE_num(x) <= loc || loc < 0) - return(NULL); - ret=sk_X509_ATTRIBUTE_delete(x,loc); - return(ret); -} - -STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x, - X509_ATTRIBUTE *attr) -{ - X509_ATTRIBUTE *new_attr=NULL; - STACK_OF(X509_ATTRIBUTE) *sk=NULL; - - if ((x != NULL) && (*x == NULL)) - { - if ((sk=sk_X509_ATTRIBUTE_new_null()) == NULL) - goto err; - } - else - sk= *x; - - if ((new_attr=X509_ATTRIBUTE_dup(attr)) == NULL) - goto err2; - if (!sk_X509_ATTRIBUTE_push(sk,new_attr)) - goto err; - if ((x != NULL) && (*x == NULL)) - *x=sk; - return(sk); -err: - X509err(X509_F_X509_ADD_ATTR,ERR_R_MALLOC_FAILURE); -err2: - if (new_attr != NULL) X509_ATTRIBUTE_free(new_attr); - if (sk != NULL) sk_X509_ATTRIBUTE_free(sk); - return(NULL); -} - -STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) **x, - ASN1_OBJECT *obj, int type, - unsigned char *bytes, int len) -{ - X509_ATTRIBUTE *attr; - STACK_OF(X509_ATTRIBUTE) *ret; - attr = X509_ATTRIBUTE_create_by_OBJ(NULL, obj, type, bytes, len); - if(!attr) return 0; - ret = X509at_add1_attr(x, attr); - X509_ATTRIBUTE_free(attr); - return ret; -} - -STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x, - int nid, int type, - unsigned char *bytes, int len) -{ - X509_ATTRIBUTE *attr; - STACK_OF(X509_ATTRIBUTE) *ret; - attr = X509_ATTRIBUTE_create_by_NID(NULL, nid, type, bytes, len); - if(!attr) return 0; - ret = X509at_add1_attr(x, attr); - X509_ATTRIBUTE_free(attr); - return ret; -} - -STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x, - char *attrname, int type, - unsigned char *bytes, int len) -{ - X509_ATTRIBUTE *attr; - STACK_OF(X509_ATTRIBUTE) *ret; - attr = X509_ATTRIBUTE_create_by_txt(NULL, attrname, type, bytes, len); - if(!attr) return 0; - ret = X509at_add1_attr(x, attr); - X509_ATTRIBUTE_free(attr); - return ret; -} - -X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid, - int atrtype, void *data, int len) -{ - ASN1_OBJECT *obj; - X509_ATTRIBUTE *ret; - - obj=OBJ_nid2obj(nid); - if (obj == NULL) - { - X509err(X509_F_X509_ATTRIBUTE_CREATE_BY_NID,X509_R_UNKNOWN_NID); - return(NULL); - } - ret=X509_ATTRIBUTE_create_by_OBJ(attr,obj,atrtype,data,len); - if (ret == NULL) ASN1_OBJECT_free(obj); - return(ret); -} - -X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr, - ASN1_OBJECT *obj, int atrtype, void *data, int len) -{ - X509_ATTRIBUTE *ret; - - if ((attr == NULL) || (*attr == NULL)) - { - if ((ret=X509_ATTRIBUTE_new()) == NULL) - { - X509err(X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ,ERR_R_MALLOC_FAILURE); - return(NULL); - } - } - else - ret= *attr; - - if (!X509_ATTRIBUTE_set1_object(ret,obj)) - goto err; - if (!X509_ATTRIBUTE_set1_data(ret,atrtype,data,len)) - goto err; - - if ((attr != NULL) && (*attr == NULL)) *attr=ret; - return(ret); -err: - if ((attr == NULL) || (ret != *attr)) - X509_ATTRIBUTE_free(ret); - return(NULL); -} - -X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr, - char *atrname, int type, unsigned char *bytes, int len) - { - ASN1_OBJECT *obj; - X509_ATTRIBUTE *nattr; - - obj=OBJ_txt2obj(atrname, 0); - if (obj == NULL) - { - X509err(X509_F_X509_ATTRIBUTE_CREATE_BY_TXT, - X509_R_INVALID_FIELD_NAME); - ERR_add_error_data(2, "name=", atrname); - return(NULL); - } - nattr = X509_ATTRIBUTE_create_by_OBJ(attr,obj,type,bytes,len); - ASN1_OBJECT_free(obj); - return nattr; - } - -int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, ASN1_OBJECT *obj) -{ - if ((attr == NULL) || (obj == NULL)) - return(0); - ASN1_OBJECT_free(attr->object); - attr->object=OBJ_dup(obj); - return(1); -} - -int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, void *data, int len) -{ - ASN1_TYPE *ttmp; - ASN1_STRING *stmp; - int atype; - if (!attr) return 0; - if(attrtype & MBSTRING_FLAG) { - stmp = ASN1_STRING_set_by_NID(NULL, data, len, attrtype, - OBJ_obj2nid(attr->object)); - if(!stmp) { - X509err(X509_F_X509_ATTRIBUTE_SET1_DATA, ERR_R_ASN1_LIB); - return 0; - } - atype = stmp->type; - } else { - if(!(stmp = ASN1_STRING_type_new(attrtype))) goto err; - if(!ASN1_STRING_set(stmp, data, len)) goto err; - atype = attrtype; - } - if(!(attr->value.set = sk_ASN1_TYPE_new_null())) goto err; - if(!(ttmp = ASN1_TYPE_new())) goto err; - if(!sk_ASN1_TYPE_push(attr->value.set, ttmp)) goto err; - attr->set = 1; - ASN1_TYPE_set(ttmp, atype, stmp); - return 1; - err: - X509err(X509_F_X509_ATTRIBUTE_SET1_DATA, ERR_R_MALLOC_FAILURE); - return 0; -} - -int X509_ATTRIBUTE_count(X509_ATTRIBUTE *attr) -{ - if(attr->set) return sk_ASN1_TYPE_num(attr->value.set); - if(attr->value.single) return 1; - return 0; -} - -ASN1_OBJECT *X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE *attr) -{ - if (attr == NULL) return(NULL); - return(attr->object); -} - -void *X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx, - int atrtype, void *data) -{ - ASN1_TYPE *ttmp; - ttmp = X509_ATTRIBUTE_get0_type(attr, idx); - if(!ttmp) return NULL; - if(atrtype != ASN1_TYPE_get(ttmp)){ - X509err(X509_F_X509_ATTRIBUTE_GET0_DATA, X509_R_WRONG_TYPE); - return NULL; - } - return ttmp->value.ptr; -} - -ASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx) -{ - if (attr == NULL) return(NULL); - if(idx >= X509_ATTRIBUTE_count(attr)) return NULL; - if(attr->set) return sk_ASN1_TYPE_value(attr->value.set, idx); - else return attr->value.single; -} diff --git a/src/lib/libcrypto/x509/x509_cmp.c b/src/lib/libcrypto/x509/x509_cmp.c deleted file mode 100644 index b147d573d2..0000000000 --- a/src/lib/libcrypto/x509/x509_cmp.c +++ /dev/null @@ -1,314 +0,0 @@ -/* crypto/x509/x509_cmp.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include -#include -#include - -int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b) - { - int i; - X509_CINF *ai,*bi; - - ai=a->cert_info; - bi=b->cert_info; - i=M_ASN1_INTEGER_cmp(ai->serialNumber,bi->serialNumber); - if (i) return(i); - return(X509_NAME_cmp(ai->issuer,bi->issuer)); - } - -#ifndef NO_MD5 -unsigned long X509_issuer_and_serial_hash(X509 *a) - { - unsigned long ret=0; - MD5_CTX ctx; - unsigned char md[16]; - char str[256]; - - X509_NAME_oneline(a->cert_info->issuer,str,256); - ret=strlen(str); - MD5_Init(&ctx); - MD5_Update(&ctx,(unsigned char *)str,ret); - MD5_Update(&ctx,(unsigned char *)a->cert_info->serialNumber->data, - (unsigned long)a->cert_info->serialNumber->length); - MD5_Final(&(md[0]),&ctx); - ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)| - ((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L) - )&0xffffffffL; - return(ret); - } -#endif - -int X509_issuer_name_cmp(const X509 *a, const X509 *b) - { - return(X509_NAME_cmp(a->cert_info->issuer,b->cert_info->issuer)); - } - -int X509_subject_name_cmp(const X509 *a, const X509 *b) - { - return(X509_NAME_cmp(a->cert_info->subject,b->cert_info->subject)); - } - -int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b) - { - return(X509_NAME_cmp(a->crl->issuer,b->crl->issuer)); - } - -X509_NAME *X509_get_issuer_name(X509 *a) - { - return(a->cert_info->issuer); - } - -unsigned long X509_issuer_name_hash(X509 *x) - { - return(X509_NAME_hash(x->cert_info->issuer)); - } - -X509_NAME *X509_get_subject_name(X509 *a) - { - return(a->cert_info->subject); - } - -ASN1_INTEGER *X509_get_serialNumber(X509 *a) - { - return(a->cert_info->serialNumber); - } - -unsigned long X509_subject_name_hash(X509 *x) - { - return(X509_NAME_hash(x->cert_info->subject)); - } - -#ifndef NO_SHA -/* Compare two certificates: they must be identical for - * this to work. NB: Although "cmp" operations are generally - * prototyped to take "const" arguments (eg. for use in - * STACKs), the way X509 handling is - these operations may - * involve ensuring the hashes are up-to-date and ensuring - * certain cert information is cached. So this is the point - * where the "depth-first" constification tree has to halt - * with an evil cast. - */ -int X509_cmp(const X509 *a, const X509 *b) -{ - /* ensure hash is valid */ - X509_check_purpose((X509 *)a, -1, 0); - X509_check_purpose((X509 *)b, -1, 0); - - return memcmp(a->sha1_hash, b->sha1_hash, SHA_DIGEST_LENGTH); -} -#endif - -int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b) - { - int i,j; - X509_NAME_ENTRY *na,*nb; - - if (sk_X509_NAME_ENTRY_num(a->entries) - != sk_X509_NAME_ENTRY_num(b->entries)) - return sk_X509_NAME_ENTRY_num(a->entries) - -sk_X509_NAME_ENTRY_num(b->entries); - for (i=sk_X509_NAME_ENTRY_num(a->entries)-1; i>=0; i--) - { - na=sk_X509_NAME_ENTRY_value(a->entries,i); - nb=sk_X509_NAME_ENTRY_value(b->entries,i); - j=na->value->length-nb->value->length; - if (j) return(j); - j=memcmp(na->value->data,nb->value->data, - na->value->length); - if (j) return(j); - j=na->set-nb->set; - if (j) return(j); - } - - /* We will check the object types after checking the values - * since the values will more often be different than the object - * types. */ - for (i=sk_X509_NAME_ENTRY_num(a->entries)-1; i>=0; i--) - { - na=sk_X509_NAME_ENTRY_value(a->entries,i); - nb=sk_X509_NAME_ENTRY_value(b->entries,i); - j=OBJ_cmp(na->object,nb->object); - if (j) return(j); - } - return(0); - } - -#ifndef NO_MD5 -/* I now DER encode the name and hash it. Since I cache the DER encoding, - * this is reasonably efficient. */ -unsigned long X509_NAME_hash(X509_NAME *x) - { - unsigned long ret=0; - unsigned char md[16]; - unsigned char str[256],*p,*pp; - int i; - - i=i2d_X509_NAME(x,NULL); - if (i > sizeof(str)) - p=OPENSSL_malloc(i); - else - p=str; - - pp=p; - i2d_X509_NAME(x,&pp); - MD5((unsigned char *)p,i,&(md[0])); - if (p != str) OPENSSL_free(p); - - ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)| - ((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L) - )&0xffffffffL; - return(ret); - } -#endif - -/* Search a stack of X509 for a match */ -X509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *sk, X509_NAME *name, - ASN1_INTEGER *serial) - { - int i; - X509_CINF cinf; - X509 x,*x509=NULL; - - if(!sk) return NULL; - - x.cert_info= &cinf; - cinf.serialNumber=serial; - cinf.issuer=name; - - for (i=0; icert_info == NULL)) - return(NULL); - return(X509_PUBKEY_get(x->cert_info->key)); - } - -int X509_check_private_key(X509 *x, EVP_PKEY *k) - { - EVP_PKEY *xk=NULL; - int ok=0; - - xk=X509_get_pubkey(x); - if (xk->type != k->type) - { - X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_TYPE_MISMATCH); - goto err; - } - switch (k->type) - { -#ifndef NO_RSA - case EVP_PKEY_RSA: - if (BN_cmp(xk->pkey.rsa->n,k->pkey.rsa->n) != 0 - || BN_cmp(xk->pkey.rsa->e,k->pkey.rsa->e) != 0) - { - X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_VALUES_MISMATCH); - goto err; - } - break; -#endif -#ifndef NO_DSA - case EVP_PKEY_DSA: - if (BN_cmp(xk->pkey.dsa->pub_key,k->pkey.dsa->pub_key) != 0) - { - X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_VALUES_MISMATCH); - goto err; - } - break; -#endif -#ifndef NO_DH - case EVP_PKEY_DH: - /* No idea */ - X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_CANT_CHECK_DH_KEY); - goto err; -#endif - default: - X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_UNKNOWN_KEY_TYPE); - goto err; - } - - ok=1; -err: - EVP_PKEY_free(xk); - return(ok); - } diff --git a/src/lib/libcrypto/x509/x509_d2.c b/src/lib/libcrypto/x509/x509_d2.c deleted file mode 100644 index 753d53eb43..0000000000 --- a/src/lib/libcrypto/x509/x509_d2.c +++ /dev/null @@ -1,107 +0,0 @@ -/* crypto/x509/x509_d2.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include - -#ifndef NO_STDIO -int X509_STORE_set_default_paths(X509_STORE *ctx) - { - X509_LOOKUP *lookup; - - lookup=X509_STORE_add_lookup(ctx,X509_LOOKUP_file()); - if (lookup == NULL) return(0); - X509_LOOKUP_load_file(lookup,NULL,X509_FILETYPE_DEFAULT); - - lookup=X509_STORE_add_lookup(ctx,X509_LOOKUP_hash_dir()); - if (lookup == NULL) return(0); - X509_LOOKUP_add_dir(lookup,NULL,X509_FILETYPE_DEFAULT); - - /* clear any errors */ - ERR_clear_error(); - - return(1); - } - -int X509_STORE_load_locations(X509_STORE *ctx, const char *file, - const char *path) - { - X509_LOOKUP *lookup; - - if (file != NULL) - { - lookup=X509_STORE_add_lookup(ctx,X509_LOOKUP_file()); - if (lookup == NULL) return(0); - if (X509_LOOKUP_load_file(lookup,file,X509_FILETYPE_PEM) != 1) - return(0); - } - if (path != NULL) - { - lookup=X509_STORE_add_lookup(ctx,X509_LOOKUP_hash_dir()); - if (lookup == NULL) return(0); - if (X509_LOOKUP_add_dir(lookup,path,X509_FILETYPE_PEM) != 1) - return(0); - } - if ((path == NULL) && (file == NULL)) - return(0); - return(1); - } - -#endif diff --git a/src/lib/libcrypto/x509/x509_def.c b/src/lib/libcrypto/x509/x509_def.c deleted file mode 100644 index e0ac151a76..0000000000 --- a/src/lib/libcrypto/x509/x509_def.c +++ /dev/null @@ -1,81 +0,0 @@ -/* crypto/x509/x509_def.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include - -const char *X509_get_default_private_dir(void) - { return(X509_PRIVATE_DIR); } - -const char *X509_get_default_cert_area(void) - { return(X509_CERT_AREA); } - -const char *X509_get_default_cert_dir(void) - { return(X509_CERT_DIR); } - -const char *X509_get_default_cert_file(void) - { return(X509_CERT_FILE); } - -const char *X509_get_default_cert_dir_env(void) - { return(X509_CERT_DIR_EVP); } - -const char *X509_get_default_cert_file_env(void) - { return(X509_CERT_FILE_EVP); } - diff --git a/src/lib/libcrypto/x509/x509_err.c b/src/lib/libcrypto/x509/x509_err.c deleted file mode 100644 index 848add56e9..0000000000 --- a/src/lib/libcrypto/x509/x509_err.c +++ /dev/null @@ -1,152 +0,0 @@ -/* crypto/x509/x509_err.c */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* NOTE: this file was auto generated by the mkerr.pl script: any changes - * made to it will be overwritten when the script next updates this file, - * only reason strings will be preserved. - */ - -#include -#include -#include - -/* BEGIN ERROR CODES */ -#ifndef NO_ERR -static ERR_STRING_DATA X509_str_functs[]= - { -{ERR_PACK(0,X509_F_ADD_CERT_DIR,0), "ADD_CERT_DIR"}, -{ERR_PACK(0,X509_F_BY_FILE_CTRL,0), "BY_FILE_CTRL"}, -{ERR_PACK(0,X509_F_DIR_CTRL,0), "DIR_CTRL"}, -{ERR_PACK(0,X509_F_GET_CERT_BY_SUBJECT,0), "GET_CERT_BY_SUBJECT"}, -{ERR_PACK(0,X509_F_NETSCAPE_SPKI_B64_DECODE,0), "NETSCAPE_SPKI_b64_decode"}, -{ERR_PACK(0,X509_F_NETSCAPE_SPKI_B64_ENCODE,0), "NETSCAPE_SPKI_b64_encode"}, -{ERR_PACK(0,X509_F_X509V3_ADD_EXT,0), "X509v3_add_ext"}, -{ERR_PACK(0,X509_F_X509_ADD_ATTR,0), "X509_ADD_ATTR"}, -{ERR_PACK(0,X509_F_X509_ATTRIBUTE_CREATE_BY_NID,0), "X509_ATTRIBUTE_create_by_NID"}, -{ERR_PACK(0,X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ,0), "X509_ATTRIBUTE_create_by_OBJ"}, -{ERR_PACK(0,X509_F_X509_ATTRIBUTE_CREATE_BY_TXT,0), "X509_ATTRIBUTE_create_by_txt"}, -{ERR_PACK(0,X509_F_X509_ATTRIBUTE_GET0_DATA,0), "X509_ATTRIBUTE_get0_data"}, -{ERR_PACK(0,X509_F_X509_ATTRIBUTE_SET1_DATA,0), "X509_ATTRIBUTE_set1_data"}, -{ERR_PACK(0,X509_F_X509_CHECK_PRIVATE_KEY,0), "X509_check_private_key"}, -{ERR_PACK(0,X509_F_X509_EXTENSION_CREATE_BY_NID,0), "X509_EXTENSION_create_by_NID"}, -{ERR_PACK(0,X509_F_X509_EXTENSION_CREATE_BY_OBJ,0), "X509_EXTENSION_create_by_OBJ"}, -{ERR_PACK(0,X509_F_X509_GET_PUBKEY_PARAMETERS,0), "X509_get_pubkey_parameters"}, -{ERR_PACK(0,X509_F_X509_LOAD_CERT_CRL_FILE,0), "X509_load_cert_crl_file"}, -{ERR_PACK(0,X509_F_X509_LOAD_CERT_FILE,0), "X509_load_cert_file"}, -{ERR_PACK(0,X509_F_X509_LOAD_CRL_FILE,0), "X509_load_crl_file"}, -{ERR_PACK(0,X509_F_X509_NAME_ADD_ENTRY,0), "X509_NAME_add_entry"}, -{ERR_PACK(0,X509_F_X509_NAME_ENTRY_CREATE_BY_NID,0), "X509_NAME_ENTRY_create_by_NID"}, -{ERR_PACK(0,X509_F_X509_NAME_ENTRY_CREATE_BY_TXT,0), "X509_NAME_ENTRY_create_by_txt"}, -{ERR_PACK(0,X509_F_X509_NAME_ENTRY_SET_OBJECT,0), "X509_NAME_ENTRY_set_object"}, -{ERR_PACK(0,X509_F_X509_NAME_ONELINE,0), "X509_NAME_oneline"}, -{ERR_PACK(0,X509_F_X509_NAME_PRINT,0), "X509_NAME_print"}, -{ERR_PACK(0,X509_F_X509_PRINT_FP,0), "X509_print_fp"}, -{ERR_PACK(0,X509_F_X509_PUBKEY_GET,0), "X509_PUBKEY_get"}, -{ERR_PACK(0,X509_F_X509_PUBKEY_SET,0), "X509_PUBKEY_set"}, -{ERR_PACK(0,X509_F_X509_REQ_PRINT,0), "X509_REQ_print"}, -{ERR_PACK(0,X509_F_X509_REQ_PRINT_FP,0), "X509_REQ_print_fp"}, -{ERR_PACK(0,X509_F_X509_REQ_TO_X509,0), "X509_REQ_to_X509"}, -{ERR_PACK(0,X509_F_X509_STORE_ADD_CERT,0), "X509_STORE_add_cert"}, -{ERR_PACK(0,X509_F_X509_STORE_ADD_CRL,0), "X509_STORE_add_crl"}, -{ERR_PACK(0,X509_F_X509_STORE_CTX_PURPOSE_INHERIT,0), "X509_STORE_CTX_purpose_inherit"}, -{ERR_PACK(0,X509_F_X509_TO_X509_REQ,0), "X509_to_X509_REQ"}, -{ERR_PACK(0,X509_F_X509_TRUST_ADD,0), "X509_TRUST_add"}, -{ERR_PACK(0,X509_F_X509_VERIFY_CERT,0), "X509_verify_cert"}, -{0,NULL} - }; - -static ERR_STRING_DATA X509_str_reasons[]= - { -{X509_R_BAD_X509_FILETYPE ,"bad x509 filetype"}, -{X509_R_BASE64_DECODE_ERROR ,"base64 decode error"}, -{X509_R_CANT_CHECK_DH_KEY ,"cant check dh key"}, -{X509_R_CERT_ALREADY_IN_HASH_TABLE ,"cert already in hash table"}, -{X509_R_ERR_ASN1_LIB ,"err asn1 lib"}, -{X509_R_INVALID_DIRECTORY ,"invalid directory"}, -{X509_R_INVALID_FIELD_NAME ,"invalid field name"}, -{X509_R_KEY_TYPE_MISMATCH ,"key type mismatch"}, -{X509_R_KEY_VALUES_MISMATCH ,"key values mismatch"}, -{X509_R_LOADING_CERT_DIR ,"loading cert dir"}, -{X509_R_LOADING_DEFAULTS ,"loading defaults"}, -{X509_R_NO_CERT_SET_FOR_US_TO_VERIFY ,"no cert set for us to verify"}, -{X509_R_SHOULD_RETRY ,"should retry"}, -{X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN,"unable to find parameters in chain"}, -{X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY ,"unable to get certs public key"}, -{X509_R_UNKNOWN_KEY_TYPE ,"unknown key type"}, -{X509_R_UNKNOWN_NID ,"unknown nid"}, -{X509_R_UNKNOWN_PURPOSE_ID ,"unknown purpose id"}, -{X509_R_UNKNOWN_TRUST_ID ,"unknown trust id"}, -{X509_R_UNSUPPORTED_ALGORITHM ,"unsupported algorithm"}, -{X509_R_WRONG_LOOKUP_TYPE ,"wrong lookup type"}, -{X509_R_WRONG_TYPE ,"wrong type"}, -{0,NULL} - }; - -#endif - -void ERR_load_X509_strings(void) - { - static int init=1; - - if (init) - { - init=0; -#ifndef NO_ERR - ERR_load_strings(ERR_LIB_X509,X509_str_functs); - ERR_load_strings(ERR_LIB_X509,X509_str_reasons); -#endif - - } - } diff --git a/src/lib/libcrypto/x509/x509_ext.c b/src/lib/libcrypto/x509/x509_ext.c deleted file mode 100644 index 2955989807..0000000000 --- a/src/lib/libcrypto/x509/x509_ext.c +++ /dev/null @@ -1,191 +0,0 @@ -/* crypto/x509/x509_ext.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include "cryptlib.h" -#include -#include -#include -#include -#include - - -int X509_CRL_get_ext_count(X509_CRL *x) - { - return(X509v3_get_ext_count(x->crl->extensions)); - } - -int X509_CRL_get_ext_by_NID(X509_CRL *x, int nid, int lastpos) - { - return(X509v3_get_ext_by_NID(x->crl->extensions,nid,lastpos)); - } - -int X509_CRL_get_ext_by_OBJ(X509_CRL *x, ASN1_OBJECT *obj, int lastpos) - { - return(X509v3_get_ext_by_OBJ(x->crl->extensions,obj,lastpos)); - } - -int X509_CRL_get_ext_by_critical(X509_CRL *x, int crit, int lastpos) - { - return(X509v3_get_ext_by_critical(x->crl->extensions,crit,lastpos)); - } - -X509_EXTENSION *X509_CRL_get_ext(X509_CRL *x, int loc) - { - return(X509v3_get_ext(x->crl->extensions,loc)); - } - -X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc) - { - return(X509v3_delete_ext(x->crl->extensions,loc)); - } - -void *X509_CRL_get_ext_d2i(X509_CRL *x, int nid, int *crit, int *idx) -{ - return X509V3_get_d2i(x->crl->extensions, nid, crit, idx); -} - -int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc) - { - return(X509v3_add_ext(&(x->crl->extensions),ex,loc) != NULL); - } - -int X509_get_ext_count(X509 *x) - { - return(X509v3_get_ext_count(x->cert_info->extensions)); - } - -int X509_get_ext_by_NID(X509 *x, int nid, int lastpos) - { - return(X509v3_get_ext_by_NID(x->cert_info->extensions,nid,lastpos)); - } - -int X509_get_ext_by_OBJ(X509 *x, ASN1_OBJECT *obj, int lastpos) - { - return(X509v3_get_ext_by_OBJ(x->cert_info->extensions,obj,lastpos)); - } - -int X509_get_ext_by_critical(X509 *x, int crit, int lastpos) - { - return(X509v3_get_ext_by_critical(x->cert_info->extensions,crit,lastpos)); - } - -X509_EXTENSION *X509_get_ext(X509 *x, int loc) - { - return(X509v3_get_ext(x->cert_info->extensions,loc)); - } - -X509_EXTENSION *X509_delete_ext(X509 *x, int loc) - { - return(X509v3_delete_ext(x->cert_info->extensions,loc)); - } - -int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc) - { - return(X509v3_add_ext(&(x->cert_info->extensions),ex,loc) != NULL); - } - -void *X509_get_ext_d2i(X509 *x, int nid, int *crit, int *idx) -{ - return X509V3_get_d2i(x->cert_info->extensions, nid, crit, idx); -} - -int X509_REVOKED_get_ext_count(X509_REVOKED *x) - { - return(X509v3_get_ext_count(x->extensions)); - } - -int X509_REVOKED_get_ext_by_NID(X509_REVOKED *x, int nid, int lastpos) - { - return(X509v3_get_ext_by_NID(x->extensions,nid,lastpos)); - } - -int X509_REVOKED_get_ext_by_OBJ(X509_REVOKED *x, ASN1_OBJECT *obj, - int lastpos) - { - return(X509v3_get_ext_by_OBJ(x->extensions,obj,lastpos)); - } - -int X509_REVOKED_get_ext_by_critical(X509_REVOKED *x, int crit, int lastpos) - { - return(X509v3_get_ext_by_critical(x->extensions,crit,lastpos)); - } - -X509_EXTENSION *X509_REVOKED_get_ext(X509_REVOKED *x, int loc) - { - return(X509v3_get_ext(x->extensions,loc)); - } - -X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc) - { - return(X509v3_delete_ext(x->extensions,loc)); - } - -int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc) - { - return(X509v3_add_ext(&(x->extensions),ex,loc) != NULL); - } - -void *X509_REVOKED_get_ext_d2i(X509_REVOKED *x, int nid, int *crit, int *idx) -{ - return X509V3_get_d2i(x->extensions, nid, crit, idx); -} - -IMPLEMENT_STACK_OF(X509_EXTENSION) -IMPLEMENT_ASN1_SET_OF(X509_EXTENSION) diff --git a/src/lib/libcrypto/x509/x509_lu.c b/src/lib/libcrypto/x509/x509_lu.c deleted file mode 100644 index 863c738cad..0000000000 --- a/src/lib/libcrypto/x509/x509_lu.c +++ /dev/null @@ -1,529 +0,0 @@ -/* crypto/x509/x509_lu.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include - -static STACK_OF(CRYPTO_EX_DATA_FUNCS) *x509_store_meth=NULL; - -X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method) - { - X509_LOOKUP *ret; - - ret=(X509_LOOKUP *)OPENSSL_malloc(sizeof(X509_LOOKUP)); - if (ret == NULL) return NULL; - - ret->init=0; - ret->skip=0; - ret->method=method; - ret->method_data=NULL; - ret->store_ctx=NULL; - if ((method->new_item != NULL) && !method->new_item(ret)) - { - OPENSSL_free(ret); - return NULL; - } - return ret; - } - -void X509_LOOKUP_free(X509_LOOKUP *ctx) - { - if (ctx == NULL) return; - if ( (ctx->method != NULL) && - (ctx->method->free != NULL)) - ctx->method->free(ctx); - OPENSSL_free(ctx); - } - -int X509_LOOKUP_init(X509_LOOKUP *ctx) - { - if (ctx->method == NULL) return 0; - if (ctx->method->init != NULL) - return ctx->method->init(ctx); - else - return 1; - } - -int X509_LOOKUP_shutdown(X509_LOOKUP *ctx) - { - if (ctx->method == NULL) return 0; - if (ctx->method->shutdown != NULL) - return ctx->method->shutdown(ctx); - else - return 1; - } - -int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, long argl, - char **ret) - { - if (ctx->method == NULL) return -1; - if (ctx->method->ctrl != NULL) - return ctx->method->ctrl(ctx,cmd,argc,argl,ret); - else - return 1; - } - -int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, int type, X509_NAME *name, - X509_OBJECT *ret) - { - if ((ctx->method == NULL) || (ctx->method->get_by_subject == NULL)) - return X509_LU_FAIL; - if (ctx->skip) return 0; - return ctx->method->get_by_subject(ctx,type,name,ret); - } - -int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, int type, X509_NAME *name, - ASN1_INTEGER *serial, X509_OBJECT *ret) - { - if ((ctx->method == NULL) || - (ctx->method->get_by_issuer_serial == NULL)) - return X509_LU_FAIL; - return ctx->method->get_by_issuer_serial(ctx,type,name,serial,ret); - } - -int X509_LOOKUP_by_fingerprint(X509_LOOKUP *ctx, int type, - unsigned char *bytes, int len, X509_OBJECT *ret) - { - if ((ctx->method == NULL) || (ctx->method->get_by_fingerprint == NULL)) - return X509_LU_FAIL; - return ctx->method->get_by_fingerprint(ctx,type,bytes,len,ret); - } - -int X509_LOOKUP_by_alias(X509_LOOKUP *ctx, int type, char *str, int len, - X509_OBJECT *ret) - { - if ((ctx->method == NULL) || (ctx->method->get_by_alias == NULL)) - return X509_LU_FAIL; - return ctx->method->get_by_alias(ctx,type,str,len,ret); - } - - -static int x509_object_cmp(const X509_OBJECT * const *a, const X509_OBJECT * const *b) - { - int ret; - - ret=((*a)->type - (*b)->type); - if (ret) return ret; - switch ((*a)->type) - { - case X509_LU_X509: - ret=X509_subject_name_cmp((*a)->data.x509,(*b)->data.x509); - break; - case X509_LU_CRL: - ret=X509_CRL_cmp((*a)->data.crl,(*b)->data.crl); - break; - default: - /* abort(); */ - return 0; - } - return ret; - } - -X509_STORE *X509_STORE_new(void) - { - X509_STORE *ret; - - if ((ret=(X509_STORE *)OPENSSL_malloc(sizeof(X509_STORE))) == NULL) - return NULL; - ret->objs = sk_X509_OBJECT_new(x509_object_cmp); - ret->cache=1; - ret->get_cert_methods=sk_X509_LOOKUP_new_null(); - ret->verify=NULL; - ret->verify_cb=NULL; - memset(&ret->ex_data,0,sizeof(CRYPTO_EX_DATA)); - ret->references=1; - ret->depth=0; - return ret; - } - -static void cleanup(X509_OBJECT *a) - { - if (a->type == X509_LU_X509) - { - X509_free(a->data.x509); - } - else if (a->type == X509_LU_CRL) - { - X509_CRL_free(a->data.crl); - } - else - { - /* abort(); */ - } - - OPENSSL_free(a); - } - -void X509_STORE_free(X509_STORE *vfy) - { - int i; - STACK_OF(X509_LOOKUP) *sk; - X509_LOOKUP *lu; - - if (vfy == NULL) - return; - - sk=vfy->get_cert_methods; - for (i=0; iobjs, cleanup); - - CRYPTO_free_ex_data(x509_store_meth,vfy,&vfy->ex_data); - OPENSSL_free(vfy); - } - -X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m) - { - int i; - STACK_OF(X509_LOOKUP) *sk; - X509_LOOKUP *lu; - - sk=v->get_cert_methods; - for (i=0; imethod) - { - return lu; - } - } - /* a new one */ - lu=X509_LOOKUP_new(m); - if (lu == NULL) - return NULL; - else - { - lu->store_ctx=v; - if (sk_X509_LOOKUP_push(v->get_cert_methods,lu)) - return lu; - else - { - X509_LOOKUP_free(lu); - return NULL; - } - } - } - -int X509_STORE_get_by_subject(X509_STORE_CTX *vs, int type, X509_NAME *name, - X509_OBJECT *ret) - { - X509_STORE *ctx=vs->ctx; - X509_LOOKUP *lu; - X509_OBJECT stmp,*tmp; - int i,j; - - tmp=X509_OBJECT_retrieve_by_subject(ctx->objs,type,name); - - if (tmp == NULL) - { - for (i=vs->current_method; iget_cert_methods); i++) - { - lu=sk_X509_LOOKUP_value(ctx->get_cert_methods,i); - j=X509_LOOKUP_by_subject(lu,type,name,&stmp); - if (j < 0) - { - vs->current_method=j; - return j; - } - else if (j) - { - tmp= &stmp; - break; - } - } - vs->current_method=0; - if (tmp == NULL) - return 0; - } - -/* if (ret->data.ptr != NULL) - X509_OBJECT_free_contents(ret); */ - - ret->type=tmp->type; - ret->data.ptr=tmp->data.ptr; - - X509_OBJECT_up_ref_count(ret); - - return 1; - } - -int X509_STORE_add_cert(X509_STORE *ctx, X509 *x) - { - X509_OBJECT *obj; - int ret=1; - - if (x == NULL) return 0; - obj=(X509_OBJECT *)OPENSSL_malloc(sizeof(X509_OBJECT)); - if (obj == NULL) - { - X509err(X509_F_X509_STORE_ADD_CERT,ERR_R_MALLOC_FAILURE); - return 0; - } - obj->type=X509_LU_X509; - obj->data.x509=x; - - CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE); - - X509_OBJECT_up_ref_count(obj); - - - if (X509_OBJECT_retrieve_match(ctx->objs, obj)) - { - X509_OBJECT_free_contents(obj); - OPENSSL_free(obj); - X509err(X509_F_X509_STORE_ADD_CERT,X509_R_CERT_ALREADY_IN_HASH_TABLE); - ret=0; - } - else sk_X509_OBJECT_push(ctx->objs, obj); - - CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); - - return ret; - } - -int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x) - { - X509_OBJECT *obj; - int ret=1; - - if (x == NULL) return 0; - obj=(X509_OBJECT *)OPENSSL_malloc(sizeof(X509_OBJECT)); - if (obj == NULL) - { - X509err(X509_F_X509_STORE_ADD_CRL,ERR_R_MALLOC_FAILURE); - return 0; - } - obj->type=X509_LU_CRL; - obj->data.crl=x; - - CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE); - - X509_OBJECT_up_ref_count(obj); - - if (X509_OBJECT_retrieve_match(ctx->objs, obj)) - { - X509_OBJECT_free_contents(obj); - OPENSSL_free(obj); - X509err(X509_F_X509_STORE_ADD_CRL,X509_R_CERT_ALREADY_IN_HASH_TABLE); - ret=0; - } - else sk_X509_OBJECT_push(ctx->objs, obj); - - CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); - - return ret; - } - -void X509_OBJECT_up_ref_count(X509_OBJECT *a) - { - switch (a->type) - { - case X509_LU_X509: - CRYPTO_add(&a->data.x509->references,1,CRYPTO_LOCK_X509); - break; - case X509_LU_CRL: - CRYPTO_add(&a->data.crl->references,1,CRYPTO_LOCK_X509_CRL); - break; - } - } - -void X509_OBJECT_free_contents(X509_OBJECT *a) - { - switch (a->type) - { - case X509_LU_X509: - X509_free(a->data.x509); - break; - case X509_LU_CRL: - X509_CRL_free(a->data.crl); - break; - } - } - -int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, int type, - X509_NAME *name) - { - X509_OBJECT stmp; - X509 x509_s; - X509_CINF cinf_s; - X509_CRL crl_s; - X509_CRL_INFO crl_info_s; - - stmp.type=type; - switch (type) - { - case X509_LU_X509: - stmp.data.x509= &x509_s; - x509_s.cert_info= &cinf_s; - cinf_s.subject=name; - break; - case X509_LU_CRL: - stmp.data.crl= &crl_s; - crl_s.crl= &crl_info_s; - crl_info_s.issuer=name; - break; - default: - /* abort(); */ - return -1; - } - - return sk_X509_OBJECT_find(h,&stmp); - } - -X509_OBJECT *X509_OBJECT_retrieve_by_subject(STACK_OF(X509_OBJECT) *h, int type, - X509_NAME *name) -{ - int idx; - idx = X509_OBJECT_idx_by_subject(h, type, name); - if (idx==-1) return NULL; - return sk_X509_OBJECT_value(h, idx); -} - -X509_OBJECT *X509_OBJECT_retrieve_match(STACK_OF(X509_OBJECT) *h, X509_OBJECT *x) -{ - int idx, i; - X509_OBJECT *obj; - idx = sk_X509_OBJECT_find(h, x); - if (idx == -1) return NULL; - if (x->type != X509_LU_X509) return sk_X509_OBJECT_value(h, idx); - for (i = idx; i < sk_X509_OBJECT_num(h); i++) - { - obj = sk_X509_OBJECT_value(h, i); - if (x509_object_cmp((const X509_OBJECT **)&obj, (const X509_OBJECT **)&x)) - return NULL; - if ((x->type != X509_LU_X509) || !X509_cmp(obj->data.x509, x->data.x509)) - return obj; - } - return NULL; -} - - -/* Try to get issuer certificate from store. Due to limitations - * of the API this can only retrieve a single certificate matching - * a given subject name. However it will fill the cache with all - * matching certificates, so we can examine the cache for all - * matches. - * - * Return values are: - * 1 lookup successful. - * 0 certificate not found. - * -1 some other error. - */ - - -int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x) -{ - X509_NAME *xn; - X509_OBJECT obj, *pobj; - int i, ok, idx; - xn=X509_get_issuer_name(x); - ok=X509_STORE_get_by_subject(ctx,X509_LU_X509,xn,&obj); - if (ok != X509_LU_X509) - { - if (ok == X509_LU_RETRY) - { - X509_OBJECT_free_contents(&obj); - X509err(X509_F_X509_VERIFY_CERT,X509_R_SHOULD_RETRY); - return -1; - } - else if (ok != X509_LU_FAIL) - { - X509_OBJECT_free_contents(&obj); - /* not good :-(, break anyway */ - return -1; - } - return 0; - } - /* If certificate matches all OK */ - if (ctx->check_issued(ctx, x, obj.data.x509)) - { - *issuer = obj.data.x509; - return 1; - } - X509_OBJECT_free_contents(&obj); - /* Else find index of first matching cert */ - idx = X509_OBJECT_idx_by_subject(ctx->ctx->objs, X509_LU_X509, xn); - /* This shouldn't normally happen since we already have one match */ - if (idx == -1) return 0; - - /* Look through all matching certificates for a suitable issuer */ - for (i = idx; i < sk_X509_OBJECT_num(ctx->ctx->objs); i++) - { - pobj = sk_X509_OBJECT_value(ctx->ctx->objs, i); - /* See if we've ran out of matches */ - if (pobj->type != X509_LU_X509) return 0; - if (X509_NAME_cmp(xn, X509_get_subject_name(pobj->data.x509))) return 0; - if (ctx->check_issued(ctx, x, pobj->data.x509)) - { - *issuer = pobj->data.x509; - X509_OBJECT_up_ref_count(pobj); - return 1; - } - } - return 0; -} - -IMPLEMENT_STACK_OF(X509_LOOKUP) -IMPLEMENT_STACK_OF(X509_OBJECT) diff --git a/src/lib/libcrypto/x509/x509_obj.c b/src/lib/libcrypto/x509/x509_obj.c deleted file mode 100644 index 6a3ba8eb15..0000000000 --- a/src/lib/libcrypto/x509/x509_obj.c +++ /dev/null @@ -1,223 +0,0 @@ -/* crypto/x509/x509_obj.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include -#include -#include - -char *X509_NAME_oneline(X509_NAME *a, char *buf, int len) - { - X509_NAME_ENTRY *ne; -int i; - int n,lold,l,l1,l2,num,j,type; - const char *s; - char *p; - unsigned char *q; - BUF_MEM *b=NULL; - static char hex[17]="0123456789ABCDEF"; - int gs_doit[4]; - char tmp_buf[80]; -#ifdef CHARSET_EBCDIC - char ebcdic_buf[1024]; -#endif - - if (buf == NULL) - { - if ((b=BUF_MEM_new()) == NULL) goto err; - if (!BUF_MEM_grow(b,200)) goto err; - b->data[0]='\0'; - len=200; - } - if (a == NULL) - { - if(b) - { - buf=b->data; - OPENSSL_free(b); - } - strncpy(buf,"NO X509_NAME",len); - return buf; - } - - len--; /* space for '\0' */ - l=0; - for (i=0; ientries); i++) - { - ne=sk_X509_NAME_ENTRY_value(a->entries,i); - n=OBJ_obj2nid(ne->object); - if ((n == NID_undef) || ((s=OBJ_nid2sn(n)) == NULL)) - { - i2t_ASN1_OBJECT(tmp_buf,sizeof(tmp_buf),ne->object); - s=tmp_buf; - } - l1=strlen(s); - - type=ne->value->type; - num=ne->value->length; - q=ne->value->data; -#ifdef CHARSET_EBCDIC - if (type == V_ASN1_GENERALSTRING || - type == V_ASN1_VISIBLESTRING || - type == V_ASN1_PRINTABLESTRING || - type == V_ASN1_TELETEXSTRING || - type == V_ASN1_VISIBLESTRING || - type == V_ASN1_IA5STRING) { - ascii2ebcdic(ebcdic_buf, q, - (num > sizeof ebcdic_buf) - ? sizeof ebcdic_buf : num); - q=ebcdic_buf; - } -#endif - - if ((type == V_ASN1_GENERALSTRING) && ((num%4) == 0)) - { - gs_doit[0]=gs_doit[1]=gs_doit[2]=gs_doit[3]=0; - for (j=0; j '~')) l2+=3; -#else - if ((os_toascii[q[j]] < os_toascii[' ']) || - (os_toascii[q[j]] > os_toascii['~'])) l2+=3; -#endif - } - - lold=l; - l+=1+l1+1+l2; - if (b != NULL) - { - if (!BUF_MEM_grow(b,l+1)) goto err; - p= &(b->data[lold]); - } - else if (l > len) - { - break; - } - else - p= &(buf[lold]); - *(p++)='/'; - memcpy(p,s,(unsigned int)l1); p+=l1; - *(p++)='='; - -#ifndef CHARSET_EBCDIC /* q was assigned above already. */ - q=ne->value->data; -#endif - - for (j=0; j '~')) - { - *(p++)='\\'; - *(p++)='x'; - *(p++)=hex[(n>>4)&0x0f]; - *(p++)=hex[n&0x0f]; - } - else - *(p++)=n; -#else - n=os_toascii[q[j]]; - if ((n < os_toascii[' ']) || - (n > os_toascii['~'])) - { - *(p++)='\\'; - *(p++)='x'; - *(p++)=hex[(n>>4)&0x0f]; - *(p++)=hex[n&0x0f]; - } - else - *(p++)=q[j]; -#endif - } - *p='\0'; - } - if (b != NULL) - { - p=b->data; - OPENSSL_free(b); - } - else - p=buf; - return(p); -err: - X509err(X509_F_X509_NAME_ONELINE,ERR_R_MALLOC_FAILURE); - if (b != NULL) BUF_MEM_free(b); - return(NULL); - } - diff --git a/src/lib/libcrypto/x509/x509_r2x.c b/src/lib/libcrypto/x509/x509_r2x.c deleted file mode 100644 index db051033d9..0000000000 --- a/src/lib/libcrypto/x509/x509_r2x.c +++ /dev/null @@ -1,110 +0,0 @@ -/* crypto/x509/x509_r2x.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include -#include -#include -#include -#include - -X509 *X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey) - { - X509 *ret=NULL; - X509_CINF *xi=NULL; - X509_NAME *xn; - - if ((ret=X509_new()) == NULL) - { - X509err(X509_F_X509_REQ_TO_X509,ERR_R_MALLOC_FAILURE); - goto err; - } - - /* duplicate the request */ - xi=ret->cert_info; - - if (sk_X509_ATTRIBUTE_num(r->req_info->attributes) != 0) - { - if ((xi->version=M_ASN1_INTEGER_new()) == NULL) goto err; - if (!ASN1_INTEGER_set(xi->version,2)) goto err; -/* xi->extensions=ri->attributes; <- bad, should not ever be done - ri->attributes=NULL; */ - } - - xn=X509_REQ_get_subject_name(r); - X509_set_subject_name(ret,X509_NAME_dup(xn)); - X509_set_issuer_name(ret,X509_NAME_dup(xn)); - - X509_gmtime_adj(xi->validity->notBefore,0); - X509_gmtime_adj(xi->validity->notAfter,(long)60*60*24*days); - - X509_set_pubkey(ret,X509_REQ_get_pubkey(r)); - - if (!X509_sign(ret,pkey,EVP_md5())) - goto err; - if (0) - { -err: - X509_free(ret); - ret=NULL; - } - return(ret); - } - diff --git a/src/lib/libcrypto/x509/x509_req.c b/src/lib/libcrypto/x509/x509_req.c deleted file mode 100644 index 7eca1bd57a..0000000000 --- a/src/lib/libcrypto/x509/x509_req.c +++ /dev/null @@ -1,278 +0,0 @@ -/* crypto/x509/x509_req.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include -#include -#include -#include -#include -#include - -X509_REQ *X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md) - { - X509_REQ *ret; - X509_REQ_INFO *ri; - int i; - EVP_PKEY *pktmp; - - ret=X509_REQ_new(); - if (ret == NULL) - { - X509err(X509_F_X509_TO_X509_REQ,ERR_R_MALLOC_FAILURE); - goto err; - } - - ri=ret->req_info; - - ri->version->length=1; - ri->version->data=(unsigned char *)OPENSSL_malloc(1); - if (ri->version->data == NULL) goto err; - ri->version->data[0]=0; /* version == 0 */ - - if (!X509_REQ_set_subject_name(ret,X509_get_subject_name(x))) - goto err; - - pktmp = X509_get_pubkey(x); - i=X509_REQ_set_pubkey(ret,pktmp); - EVP_PKEY_free(pktmp); - if (!i) goto err; - - if (pkey != NULL) - { - if (!X509_REQ_sign(ret,pkey,md)) - goto err; - } - return(ret); -err: - X509_REQ_free(ret); - return(NULL); - } - -EVP_PKEY *X509_REQ_get_pubkey(X509_REQ *req) - { - if ((req == NULL) || (req->req_info == NULL)) - return(NULL); - return(X509_PUBKEY_get(req->req_info->pubkey)); - } - -/* It seems several organisations had the same idea of including a list of - * extensions in a certificate request. There are at least two OIDs that are - * used and there may be more: so the list is configurable. - */ - -static int ext_nid_list[] = { NID_ms_ext_req, NID_ext_req, NID_undef}; - -static int *ext_nids = ext_nid_list; - -int X509_REQ_extension_nid(int req_nid) -{ - int i, nid; - for(i = 0; ; i++) { - nid = ext_nids[i]; - if(nid == NID_undef) return 0; - else if (req_nid == nid) return 1; - } -} - -int *X509_REQ_get_extension_nids(void) -{ - return ext_nids; -} - -void X509_REQ_set_extension_nids(int *nids) -{ - ext_nids = nids; -} - -STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req) -{ - X509_ATTRIBUTE *attr; - STACK_OF(X509_ATTRIBUTE) *sk; - ASN1_TYPE *ext = NULL; - int i; - unsigned char *p; - if ((req == NULL) || (req->req_info == NULL)) - return(NULL); - sk=req->req_info->attributes; - if (!sk) return NULL; - for(i = 0; i < sk_X509_ATTRIBUTE_num(sk); i++) { - attr = sk_X509_ATTRIBUTE_value(sk, i); - if(X509_REQ_extension_nid(OBJ_obj2nid(attr->object))) { - if(attr->set && sk_ASN1_TYPE_num(attr->value.set)) - ext = sk_ASN1_TYPE_value(attr->value.set, 0); - else ext = attr->value.single; - break; - } - } - if(!ext || (ext->type != V_ASN1_SEQUENCE)) return NULL; - p = ext->value.sequence->data; - return d2i_ASN1_SET_OF_X509_EXTENSION(NULL, &p, - ext->value.sequence->length, - d2i_X509_EXTENSION, X509_EXTENSION_free, - V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL); -} - -/* Add a STACK_OF extensions to a certificate request: allow alternative OIDs - * in case we want to create a non standard one. - */ - -int X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts, - int nid) -{ - unsigned char *p = NULL, *q; - long len; - ASN1_TYPE *at = NULL; - X509_ATTRIBUTE *attr = NULL; - if(!(at = ASN1_TYPE_new()) || - !(at->value.sequence = ASN1_STRING_new())) goto err; - - at->type = V_ASN1_SEQUENCE; - /* Generate encoding of extensions */ - len = i2d_ASN1_SET_OF_X509_EXTENSION(exts, NULL, i2d_X509_EXTENSION, - V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL, IS_SEQUENCE); - if(!(p = OPENSSL_malloc(len))) goto err; - q = p; - i2d_ASN1_SET_OF_X509_EXTENSION(exts, &q, i2d_X509_EXTENSION, - V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL, IS_SEQUENCE); - at->value.sequence->data = p; - p = NULL; - at->value.sequence->length = len; - if(!(attr = X509_ATTRIBUTE_new())) goto err; - if(!(attr->value.set = sk_ASN1_TYPE_new_null())) goto err; - if(!sk_ASN1_TYPE_push(attr->value.set, at)) goto err; - at = NULL; - attr->set = 1; - attr->object = OBJ_nid2obj(nid); - if(!sk_X509_ATTRIBUTE_push(req->req_info->attributes, attr)) goto err; - return 1; - err: - if(p) OPENSSL_free(p); - X509_ATTRIBUTE_free(attr); - ASN1_TYPE_free(at); - return 0; -} -/* This is the normal usage: use the "official" OID */ -int X509_REQ_add_extensions(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts) -{ - return X509_REQ_add_extensions_nid(req, exts, NID_ext_req); -} - -/* Request attribute functions */ - -int X509_REQ_get_attr_count(const X509_REQ *req) -{ - return X509at_get_attr_count(req->req_info->attributes); -} - -int X509_REQ_get_attr_by_NID(const X509_REQ *req, int nid, - int lastpos) -{ - return X509at_get_attr_by_NID(req->req_info->attributes, nid, lastpos); -} - -int X509_REQ_get_attr_by_OBJ(const X509_REQ *req, ASN1_OBJECT *obj, - int lastpos) -{ - return X509at_get_attr_by_OBJ(req->req_info->attributes, obj, lastpos); -} - -X509_ATTRIBUTE *X509_REQ_get_attr(const X509_REQ *req, int loc) -{ - return X509at_get_attr(req->req_info->attributes, loc); -} - -X509_ATTRIBUTE *X509_REQ_delete_attr(X509_REQ *req, int loc) -{ - return X509at_delete_attr(req->req_info->attributes, loc); -} - -int X509_REQ_add1_attr(X509_REQ *req, X509_ATTRIBUTE *attr) -{ - if(X509at_add1_attr(&req->req_info->attributes, attr)) return 1; - return 0; -} - -int X509_REQ_add1_attr_by_OBJ(X509_REQ *req, - ASN1_OBJECT *obj, int type, - unsigned char *bytes, int len) -{ - if(X509at_add1_attr_by_OBJ(&req->req_info->attributes, obj, - type, bytes, len)) return 1; - return 0; -} - -int X509_REQ_add1_attr_by_NID(X509_REQ *req, - int nid, int type, - unsigned char *bytes, int len) -{ - if(X509at_add1_attr_by_NID(&req->req_info->attributes, nid, - type, bytes, len)) return 1; - return 0; -} - -int X509_REQ_add1_attr_by_txt(X509_REQ *req, - char *attrname, int type, - unsigned char *bytes, int len) -{ - if(X509at_add1_attr_by_txt(&req->req_info->attributes, attrname, - type, bytes, len)) return 1; - return 0; -} diff --git a/src/lib/libcrypto/x509/x509_set.c b/src/lib/libcrypto/x509/x509_set.c deleted file mode 100644 index aaf61ca062..0000000000 --- a/src/lib/libcrypto/x509/x509_set.c +++ /dev/null @@ -1,150 +0,0 @@ -/* crypto/x509/x509_set.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include -#include -#include - -int X509_set_version(X509 *x, long version) - { - if (x == NULL) return(0); - if (x->cert_info->version == NULL) - { - if ((x->cert_info->version=M_ASN1_INTEGER_new()) == NULL) - return(0); - } - return(ASN1_INTEGER_set(x->cert_info->version,version)); - } - -int X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial) - { - ASN1_INTEGER *in; - - if (x == NULL) return(0); - in=x->cert_info->serialNumber; - if (in != serial) - { - in=M_ASN1_INTEGER_dup(serial); - if (in != NULL) - { - M_ASN1_INTEGER_free(x->cert_info->serialNumber); - x->cert_info->serialNumber=in; - } - } - return(in != NULL); - } - -int X509_set_issuer_name(X509 *x, X509_NAME *name) - { - if ((x == NULL) || (x->cert_info == NULL)) return(0); - return(X509_NAME_set(&x->cert_info->issuer,name)); - } - -int X509_set_subject_name(X509 *x, X509_NAME *name) - { - if ((x == NULL) || (x->cert_info == NULL)) return(0); - return(X509_NAME_set(&x->cert_info->subject,name)); - } - -int X509_set_notBefore(X509 *x, ASN1_TIME *tm) - { - ASN1_TIME *in; - - if ((x == NULL) || (x->cert_info->validity == NULL)) return(0); - in=x->cert_info->validity->notBefore; - if (in != tm) - { - in=M_ASN1_TIME_dup(tm); - if (in != NULL) - { - M_ASN1_TIME_free(x->cert_info->validity->notBefore); - x->cert_info->validity->notBefore=in; - } - } - return(in != NULL); - } - -int X509_set_notAfter(X509 *x, ASN1_TIME *tm) - { - ASN1_TIME *in; - - if ((x == NULL) || (x->cert_info->validity == NULL)) return(0); - in=x->cert_info->validity->notAfter; - if (in != tm) - { - in=M_ASN1_TIME_dup(tm); - if (in != NULL) - { - M_ASN1_TIME_free(x->cert_info->validity->notAfter); - x->cert_info->validity->notAfter=in; - } - } - return(in != NULL); - } - -int X509_set_pubkey(X509 *x, EVP_PKEY *pkey) - { - if ((x == NULL) || (x->cert_info == NULL)) return(0); - return(X509_PUBKEY_set(&(x->cert_info->key),pkey)); - } - - - diff --git a/src/lib/libcrypto/x509/x509_trs.c b/src/lib/libcrypto/x509/x509_trs.c deleted file mode 100644 index a7b1543461..0000000000 --- a/src/lib/libcrypto/x509/x509_trs.c +++ /dev/null @@ -1,266 +0,0 @@ -/* x509_trs.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include "cryptlib.h" -#include - - -static int tr_cmp(const X509_TRUST * const *a, - const X509_TRUST * const *b); -static void trtable_free(X509_TRUST *p); - -static int trust_1oidany(X509_TRUST *trust, X509 *x, int flags); -static int trust_compat(X509_TRUST *trust, X509 *x, int flags); - -static int obj_trust(int id, X509 *x, int flags); -static int (*default_trust)(int id, X509 *x, int flags) = obj_trust; - -/* WARNING: the following table should be kept in order of trust - * and without any gaps so we can just subtract the minimum trust - * value to get an index into the table - */ - -static X509_TRUST trstandard[] = { -{X509_TRUST_COMPAT, 0, trust_compat, "compatible", 0, NULL}, -{X509_TRUST_SSL_CLIENT, 0, trust_1oidany, "SSL Client", NID_client_auth, NULL}, -{X509_TRUST_SSL_SERVER, 0, trust_1oidany, "SSL Client", NID_server_auth, NULL}, -{X509_TRUST_EMAIL, 0, trust_1oidany, "S/MIME email", NID_email_protect, NULL}, -}; - -#define X509_TRUST_COUNT (sizeof(trstandard)/sizeof(X509_TRUST)) - -IMPLEMENT_STACK_OF(X509_TRUST) - -static STACK_OF(X509_TRUST) *trtable = NULL; - -static int tr_cmp(const X509_TRUST * const *a, - const X509_TRUST * const *b) -{ - return (*a)->trust - (*b)->trust; -} - -int (*X509_TRUST_set_default(int (*trust)(int , X509 *, int)))(int, X509 *, int) -{ -int (*oldtrust)(int , X509 *, int); -oldtrust = default_trust; -default_trust = trust; -return oldtrust; -} - - -int X509_check_trust(X509 *x, int id, int flags) -{ - X509_TRUST *pt; - int idx; - if(id == -1) return 1; - idx = X509_TRUST_get_by_id(id); - if(idx == -1) return default_trust(id, x, flags); - pt = X509_TRUST_get0(idx); - return pt->check_trust(pt, x, flags); -} - -int X509_TRUST_get_count(void) -{ - if(!trtable) return X509_TRUST_COUNT; - return sk_X509_TRUST_num(trtable) + X509_TRUST_COUNT; -} - -X509_TRUST * X509_TRUST_get0(int idx) -{ - if(idx < 0) return NULL; - if(idx < X509_TRUST_COUNT) return trstandard + idx; - return sk_X509_TRUST_value(trtable, idx - X509_TRUST_COUNT); -} - -int X509_TRUST_get_by_id(int id) -{ - X509_TRUST tmp; - int idx; - if((id >= X509_TRUST_MIN) && (id <= X509_TRUST_MAX)) - return id - X509_TRUST_MIN; - tmp.trust = id; - if(!trtable) return -1; - idx = sk_X509_TRUST_find(trtable, &tmp); - if(idx == -1) return -1; - return idx + X509_TRUST_COUNT; -} - -int X509_TRUST_add(int id, int flags, int (*ck)(X509_TRUST *, X509 *, int), - char *name, int arg1, void *arg2) -{ - int idx; - X509_TRUST *trtmp; - /* This is set according to what we change: application can't set it */ - flags &= ~X509_TRUST_DYNAMIC; - /* This will always be set for application modified trust entries */ - flags |= X509_TRUST_DYNAMIC_NAME; - /* Get existing entry if any */ - idx = X509_TRUST_get_by_id(id); - /* Need a new entry */ - if(idx == -1) { - if(!(trtmp = OPENSSL_malloc(sizeof(X509_TRUST)))) { - X509err(X509_F_X509_TRUST_ADD,ERR_R_MALLOC_FAILURE); - return 0; - } - trtmp->flags = X509_TRUST_DYNAMIC; - } else trtmp = X509_TRUST_get0(idx); - - /* OPENSSL_free existing name if dynamic */ - if(trtmp->flags & X509_TRUST_DYNAMIC_NAME) OPENSSL_free(trtmp->name); - /* dup supplied name */ - if(!(trtmp->name = BUF_strdup(name))) { - X509err(X509_F_X509_TRUST_ADD,ERR_R_MALLOC_FAILURE); - return 0; - } - /* Keep the dynamic flag of existing entry */ - trtmp->flags &= X509_TRUST_DYNAMIC; - /* Set all other flags */ - trtmp->flags |= flags; - - trtmp->trust = id; - trtmp->check_trust = ck; - trtmp->arg1 = arg1; - trtmp->arg2 = arg2; - - /* If its a new entry manage the dynamic table */ - if(idx == -1) { - if(!trtable && !(trtable = sk_X509_TRUST_new(tr_cmp))) { - X509err(X509_F_X509_TRUST_ADD,ERR_R_MALLOC_FAILURE); - return 0; - } - if (!sk_X509_TRUST_push(trtable, trtmp)) { - X509err(X509_F_X509_TRUST_ADD,ERR_R_MALLOC_FAILURE); - return 0; - } - } - return 1; -} - -static void trtable_free(X509_TRUST *p) - { - if(!p) return; - if (p->flags & X509_TRUST_DYNAMIC) - { - if (p->flags & X509_TRUST_DYNAMIC_NAME) - OPENSSL_free(p->name); - OPENSSL_free(p); - } - } - -void X509_TRUST_cleanup(void) -{ - int i; - for(i = 0; i < X509_TRUST_COUNT; i++) trtable_free(trstandard + i); - sk_X509_TRUST_pop_free(trtable, trtable_free); - trtable = NULL; -} - -int X509_TRUST_get_flags(X509_TRUST *xp) -{ - return xp->flags; -} - -char *X509_TRUST_get0_name(X509_TRUST *xp) -{ - return xp->name; -} - -int X509_TRUST_get_trust(X509_TRUST *xp) -{ - return xp->trust; -} - -static int trust_1oidany(X509_TRUST *trust, X509 *x, int flags) -{ - if(x->aux) return obj_trust(trust->arg1, x, flags); - /* we don't have any trust settings: for compatibility - * we return trusted if it is self signed - */ - return trust_compat(trust, x, flags); -} - -static int trust_compat(X509_TRUST *trust, X509 *x, int flags) -{ - X509_check_purpose(x, -1, 0); - if(x->ex_flags & EXFLAG_SS) return X509_TRUST_TRUSTED; - else return X509_TRUST_UNTRUSTED; -} - -static int obj_trust(int id, X509 *x, int flags) -{ - ASN1_OBJECT *obj; - int i; - X509_CERT_AUX *ax; - ax = x->aux; - if(!ax) return X509_TRUST_UNTRUSTED; - if(ax->reject) { - for(i = 0; i < sk_ASN1_OBJECT_num(ax->reject); i++) { - obj = sk_ASN1_OBJECT_value(ax->reject, i); - if(OBJ_obj2nid(obj) == id) return X509_TRUST_REJECTED; - } - } - if(ax->trust) { - for(i = 0; i < sk_ASN1_OBJECT_num(ax->trust); i++) { - obj = sk_ASN1_OBJECT_value(ax->trust, i); - if(OBJ_obj2nid(obj) == id) return X509_TRUST_TRUSTED; - } - } - return X509_TRUST_UNTRUSTED; -} - diff --git a/src/lib/libcrypto/x509/x509_txt.c b/src/lib/libcrypto/x509/x509_txt.c deleted file mode 100644 index cfb478d4bc..0000000000 --- a/src/lib/libcrypto/x509/x509_txt.c +++ /dev/null @@ -1,150 +0,0 @@ -/* crypto/x509/x509_txt.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include - -#include "cryptlib.h" -#include -#include -#include -#include -#include -#include - -const char *X509_verify_cert_error_string(long n) - { - static char buf[100]; - - switch ((int)n) - { - case X509_V_OK: - return("ok"); - case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: - return("unable to get issuer certificate"); - case X509_V_ERR_UNABLE_TO_GET_CRL: - return("unable to get certificate CRL"); - case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: - return("unable to decrypt certificate's signature"); - case X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE: - return("unable to decrypt CRL's's signature"); - case X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY: - return("unable to decode issuer public key"); - case X509_V_ERR_CERT_SIGNATURE_FAILURE: - return("certificate signature failure"); - case X509_V_ERR_CRL_SIGNATURE_FAILURE: - return("CRL signature failure"); - case X509_V_ERR_CERT_NOT_YET_VALID: - return("certificate is not yet valid"); - case X509_V_ERR_CRL_NOT_YET_VALID: - return("CRL is not yet valid"); - case X509_V_ERR_CERT_HAS_EXPIRED: - return("Certificate has expired"); - case X509_V_ERR_CRL_HAS_EXPIRED: - return("CRL has expired"); - case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: - return("format error in certificate's notBefore field"); - case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: - return("format error in certificate's notAfter field"); - case X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD: - return("format error in CRL's lastUpdate field"); - case X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD: - return("format error in CRL's nextUpdate field"); - case X509_V_ERR_OUT_OF_MEM: - return("out of memory"); - case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: - return("self signed certificate"); - case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: - return("self signed certificate in certificate chain"); - case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: - return("unable to get local issuer certificate"); - case X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: - return("unable to verify the first certificate"); - case X509_V_ERR_CERT_CHAIN_TOO_LONG: - return("certificate chain too long"); - case X509_V_ERR_CERT_REVOKED: - return("certificate revoked"); - case X509_V_ERR_INVALID_CA: - return ("invalid CA certificate"); - case X509_V_ERR_PATH_LENGTH_EXCEEDED: - return ("path length constraint exceeded"); - case X509_V_ERR_INVALID_PURPOSE: - return ("unsupported certificate purpose"); - case X509_V_ERR_CERT_UNTRUSTED: - return ("certificate not trusted"); - case X509_V_ERR_CERT_REJECTED: - return ("certificate rejected"); - case X509_V_ERR_APPLICATION_VERIFICATION: - return("application verification failure"); - case X509_V_ERR_SUBJECT_ISSUER_MISMATCH: - return("subject issuer mismatch"); - case X509_V_ERR_AKID_SKID_MISMATCH: - return("authority and subject key identifier mismatch"); - case X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH: - return("authority and issuer serial number mismatch"); - case X509_V_ERR_KEYUSAGE_NO_CERTSIGN: - return("key usage does not include certificate signing"); - - default: - sprintf(buf,"error number %ld",n); - return(buf); - } - } - - diff --git a/src/lib/libcrypto/x509/x509_v3.c b/src/lib/libcrypto/x509/x509_v3.c deleted file mode 100644 index 52887986fe..0000000000 --- a/src/lib/libcrypto/x509/x509_v3.c +++ /dev/null @@ -1,267 +0,0 @@ -/* crypto/x509/x509_v3.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include "cryptlib.h" -#include -#include -#include -#include -#include - -int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x) - { - if (x == NULL) return(0); - return(sk_X509_EXTENSION_num(x)); - } - -int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x, int nid, - int lastpos) - { - ASN1_OBJECT *obj; - - obj=OBJ_nid2obj(nid); - if (obj == NULL) return(-2); - return(X509v3_get_ext_by_OBJ(x,obj,lastpos)); - } - -int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *sk, ASN1_OBJECT *obj, - int lastpos) - { - int n; - X509_EXTENSION *ex; - - if (sk == NULL) return(-1); - lastpos++; - if (lastpos < 0) - lastpos=0; - n=sk_X509_EXTENSION_num(sk); - for ( ; lastpos < n; lastpos++) - { - ex=sk_X509_EXTENSION_value(sk,lastpos); - if (OBJ_cmp(ex->object,obj) == 0) - return(lastpos); - } - return(-1); - } - -int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *sk, int crit, - int lastpos) - { - int n; - X509_EXTENSION *ex; - - if (sk == NULL) return(-1); - lastpos++; - if (lastpos < 0) - lastpos=0; - n=sk_X509_EXTENSION_num(sk); - for ( ; lastpos < n; lastpos++) - { - ex=sk_X509_EXTENSION_value(sk,lastpos); - if ( (ex->critical && crit) || - (!ex->critical && !crit)) - return(lastpos); - } - return(-1); - } - -X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc) - { - if (x == NULL || sk_X509_EXTENSION_num(x) <= loc || loc < 0) - return NULL; - else - return sk_X509_EXTENSION_value(x,loc); - } - -X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc) - { - X509_EXTENSION *ret; - - if (x == NULL || sk_X509_EXTENSION_num(x) <= loc || loc < 0) - return(NULL); - ret=sk_X509_EXTENSION_delete(x,loc); - return(ret); - } - -STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x, - X509_EXTENSION *ex, int loc) - { - X509_EXTENSION *new_ex=NULL; - int n; - STACK_OF(X509_EXTENSION) *sk=NULL; - - if ((x != NULL) && (*x == NULL)) - { - if ((sk=sk_X509_EXTENSION_new_null()) == NULL) - goto err; - } - else - sk= *x; - - n=sk_X509_EXTENSION_num(sk); - if (loc > n) loc=n; - else if (loc < 0) loc=n; - - if ((new_ex=X509_EXTENSION_dup(ex)) == NULL) - goto err2; - if (!sk_X509_EXTENSION_insert(sk,new_ex,loc)) - goto err; - if ((x != NULL) && (*x == NULL)) - *x=sk; - return(sk); -err: - X509err(X509_F_X509V3_ADD_EXT,ERR_R_MALLOC_FAILURE); -err2: - if (new_ex != NULL) X509_EXTENSION_free(new_ex); - if (sk != NULL) sk_X509_EXTENSION_free(sk); - return(NULL); - } - -X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex, int nid, - int crit, ASN1_OCTET_STRING *data) - { - ASN1_OBJECT *obj; - X509_EXTENSION *ret; - - obj=OBJ_nid2obj(nid); - if (obj == NULL) - { - X509err(X509_F_X509_EXTENSION_CREATE_BY_NID,X509_R_UNKNOWN_NID); - return(NULL); - } - ret=X509_EXTENSION_create_by_OBJ(ex,obj,crit,data); - if (ret == NULL) ASN1_OBJECT_free(obj); - return(ret); - } - -X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex, - ASN1_OBJECT *obj, int crit, ASN1_OCTET_STRING *data) - { - X509_EXTENSION *ret; - - if ((ex == NULL) || (*ex == NULL)) - { - if ((ret=X509_EXTENSION_new()) == NULL) - { - X509err(X509_F_X509_EXTENSION_CREATE_BY_OBJ,ERR_R_MALLOC_FAILURE); - return(NULL); - } - } - else - ret= *ex; - - if (!X509_EXTENSION_set_object(ret,obj)) - goto err; - if (!X509_EXTENSION_set_critical(ret,crit)) - goto err; - if (!X509_EXTENSION_set_data(ret,data)) - goto err; - - if ((ex != NULL) && (*ex == NULL)) *ex=ret; - return(ret); -err: - if ((ex == NULL) || (ret != *ex)) - X509_EXTENSION_free(ret); - return(NULL); - } - -int X509_EXTENSION_set_object(X509_EXTENSION *ex, ASN1_OBJECT *obj) - { - if ((ex == NULL) || (obj == NULL)) - return(0); - ASN1_OBJECT_free(ex->object); - ex->object=OBJ_dup(obj); - return(1); - } - -int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit) - { - if (ex == NULL) return(0); - ex->critical=(crit)?0xFF:0; - return(1); - } - -int X509_EXTENSION_set_data(X509_EXTENSION *ex, ASN1_OCTET_STRING *data) - { - int i; - - if (ex == NULL) return(0); - i=M_ASN1_OCTET_STRING_set(ex->value,data->data,data->length); - if (!i) return(0); - return(1); - } - -ASN1_OBJECT *X509_EXTENSION_get_object(X509_EXTENSION *ex) - { - if (ex == NULL) return(NULL); - return(ex->object); - } - -ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ex) - { - if (ex == NULL) return(NULL); - return(ex->value); - } - -int X509_EXTENSION_get_critical(X509_EXTENSION *ex) - { - if (ex == NULL) return(0); - return(ex->critical); - } diff --git a/src/lib/libcrypto/x509/x509_vfy.c b/src/lib/libcrypto/x509/x509_vfy.c deleted file mode 100644 index 0f4110cc64..0000000000 --- a/src/lib/libcrypto/x509/x509_vfy.c +++ /dev/null @@ -1,920 +0,0 @@ -/* crypto/x509/x509_vfy.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include - -#include "cryptlib.h" -#include -#include -#include -#include -#include -#include -#include -#include - -static int null_callback(int ok,X509_STORE_CTX *e); -static int check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer); -static X509 *find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x); -static int check_chain_purpose(X509_STORE_CTX *ctx); -static int check_trust(X509_STORE_CTX *ctx); -static int internal_verify(X509_STORE_CTX *ctx); -const char *X509_version="X.509" OPENSSL_VERSION_PTEXT; - -static STACK_OF(CRYPTO_EX_DATA_FUNCS) *x509_store_ctx_method=NULL; -static int x509_store_ctx_num=0; -#if 0 -static int x509_store_num=1; -static STACK *x509_store_method=NULL; -#endif - -static int null_callback(int ok, X509_STORE_CTX *e) - { - return ok; - } - -#if 0 -static int x509_subject_cmp(X509 **a, X509 **b) - { - return X509_subject_name_cmp(*a,*b); - } -#endif - -int X509_verify_cert(X509_STORE_CTX *ctx) - { - X509 *x,*xtmp,*chain_ss=NULL; - X509_NAME *xn; - int depth,i,ok=0; - int num; - int (*cb)(); - STACK_OF(X509) *sktmp=NULL; - - if (ctx->cert == NULL) - { - X509err(X509_F_X509_VERIFY_CERT,X509_R_NO_CERT_SET_FOR_US_TO_VERIFY); - return -1; - } - - cb=ctx->verify_cb; - if (cb == NULL) cb=null_callback; - - /* first we make sure the chain we are going to build is - * present and that the first entry is in place */ - if (ctx->chain == NULL) - { - if ( ((ctx->chain=sk_X509_new_null()) == NULL) || - (!sk_X509_push(ctx->chain,ctx->cert))) - { - X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE); - goto end; - } - CRYPTO_add(&ctx->cert->references,1,CRYPTO_LOCK_X509); - ctx->last_untrusted=1; - } - - /* We use a temporary STACK so we can chop and hack at it */ - if (ctx->untrusted != NULL - && (sktmp=sk_X509_dup(ctx->untrusted)) == NULL) - { - X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE); - goto end; - } - - num=sk_X509_num(ctx->chain); - x=sk_X509_value(ctx->chain,num-1); - depth=ctx->depth; - - - for (;;) - { - /* If we have enough, we break */ - if (depth < num) break; /* FIXME: If this happens, we should take - * note of it and, if appropriate, use the - * X509_V_ERR_CERT_CHAIN_TOO_LONG error - * code later. - */ - - /* If we are self signed, we break */ - xn=X509_get_issuer_name(x); - if (ctx->check_issued(ctx, x,x)) break; - - /* If we were passed a cert chain, use it first */ - if (ctx->untrusted != NULL) - { - xtmp=find_issuer(ctx, sktmp,x); - if (xtmp != NULL) - { - if (!sk_X509_push(ctx->chain,xtmp)) - { - X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE); - goto end; - } - CRYPTO_add(&xtmp->references,1,CRYPTO_LOCK_X509); - sk_X509_delete_ptr(sktmp,xtmp); - ctx->last_untrusted++; - x=xtmp; - num++; - /* reparse the full chain for - * the next one */ - continue; - } - } - break; - } - - /* at this point, chain should contain a list of untrusted - * certificates. We now need to add at least one trusted one, - * if possible, otherwise we complain. */ - - /* Examine last certificate in chain and see if it - * is self signed. - */ - - i=sk_X509_num(ctx->chain); - x=sk_X509_value(ctx->chain,i-1); - xn = X509_get_subject_name(x); - if (ctx->check_issued(ctx, x, x)) - { - /* we have a self signed certificate */ - if (sk_X509_num(ctx->chain) == 1) - { - /* We have a single self signed certificate: see if - * we can find it in the store. We must have an exact - * match to avoid possible impersonation. - */ - ok = ctx->get_issuer(&xtmp, ctx, x); - if ((ok <= 0) || X509_cmp(x, xtmp)) - { - ctx->error=X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT; - ctx->current_cert=x; - ctx->error_depth=i-1; - if (ok == 1) X509_free(xtmp); - ok=cb(0,ctx); - if (!ok) goto end; - } - else - { - /* We have a match: replace certificate with store version - * so we get any trust settings. - */ - X509_free(x); - x = xtmp; - sk_X509_set(ctx->chain, i - 1, x); - ctx->last_untrusted=0; - } - } - else - { - /* extract and save self signed certificate for later use */ - chain_ss=sk_X509_pop(ctx->chain); - ctx->last_untrusted--; - num--; - x=sk_X509_value(ctx->chain,num-1); - } - } - - /* We now lookup certs from the certificate store */ - for (;;) - { - /* If we have enough, we break */ - if (depth < num) break; - - /* If we are self signed, we break */ - xn=X509_get_issuer_name(x); - if (ctx->check_issued(ctx,x,x)) break; - - ok = ctx->get_issuer(&xtmp, ctx, x); - - if (ok < 0) return ok; - if (ok == 0) break; - - x = xtmp; - if (!sk_X509_push(ctx->chain,x)) - { - X509_free(xtmp); - X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE); - return 0; - } - num++; - } - - /* we now have our chain, lets check it... */ - xn=X509_get_issuer_name(x); - - /* Is last certificate looked up self signed? */ - if (!ctx->check_issued(ctx,x,x)) - { - if ((chain_ss == NULL) || !ctx->check_issued(ctx, x, chain_ss)) - { - if (ctx->last_untrusted >= num) - ctx->error=X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY; - else - ctx->error=X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT; - ctx->current_cert=x; - } - else - { - - sk_X509_push(ctx->chain,chain_ss); - num++; - ctx->last_untrusted=num; - ctx->current_cert=chain_ss; - ctx->error=X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN; - chain_ss=NULL; - } - - ctx->error_depth=num-1; - ok=cb(0,ctx); - if (!ok) goto end; - } - - /* We have the chain complete: now we need to check its purpose */ - if (ctx->purpose > 0) ok = check_chain_purpose(ctx); - - if (!ok) goto end; - - /* The chain extensions are OK: check trust */ - - if (ctx->trust > 0) ok = check_trust(ctx); - - if (!ok) goto end; - - /* We may as well copy down any DSA parameters that are required */ - X509_get_pubkey_parameters(NULL,ctx->chain); - - /* At this point, we have a chain and just need to verify it */ - if (ctx->verify != NULL) - ok=ctx->verify(ctx); - else - ok=internal_verify(ctx); - if (0) - { -end: - X509_get_pubkey_parameters(NULL,ctx->chain); - } - if (sktmp != NULL) sk_X509_free(sktmp); - if (chain_ss != NULL) X509_free(chain_ss); - return ok; - } - - -/* Given a STACK_OF(X509) find the issuer of cert (if any) - */ - -static X509 *find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x) -{ - int i; - X509 *issuer; - for (i = 0; i < sk_X509_num(sk); i++) - { - issuer = sk_X509_value(sk, i); - if (ctx->check_issued(ctx, x, issuer)) - return issuer; - } - return NULL; -} - -/* Given a possible certificate and issuer check them */ - -static int check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer) -{ - int ret; - ret = X509_check_issued(issuer, x); - if (ret == X509_V_OK) - return 1; - /* If we haven't asked for issuer errors don't set ctx */ - if (!(ctx->flags & X509_V_FLAG_CB_ISSUER_CHECK)) - return 0; - - ctx->error = ret; - ctx->current_cert = x; - ctx->current_issuer = issuer; - if (ctx->verify_cb) - return ctx->verify_cb(0, ctx); - return 0; -} - -/* Alternative lookup method: look from a STACK stored in other_ctx */ - -static int get_issuer_sk(X509 **issuer, X509_STORE_CTX *ctx, X509 *x) -{ - *issuer = find_issuer(ctx, ctx->other_ctx, x); - if (*issuer) - { - CRYPTO_add(&(*issuer)->references,1,CRYPTO_LOCK_X509); - return 1; - } - else - return 0; -} - - -/* Check a certificate chains extensions for consistency - * with the supplied purpose - */ - -static int check_chain_purpose(X509_STORE_CTX *ctx) -{ -#ifdef NO_CHAIN_VERIFY - return 1; -#else - int i, ok=0; - X509 *x; - int (*cb)(); - cb=ctx->verify_cb; - if (cb == NULL) cb=null_callback; - /* Check all untrusted certificates */ - for (i = 0; i < ctx->last_untrusted; i++) - { - x = sk_X509_value(ctx->chain, i); - if (!X509_check_purpose(x, ctx->purpose, i)) - { - if (i) - ctx->error = X509_V_ERR_INVALID_CA; - else - ctx->error = X509_V_ERR_INVALID_PURPOSE; - ctx->error_depth = i; - ctx->current_cert = x; - ok=cb(0,ctx); - if (!ok) goto end; - } - /* Check pathlen */ - if ((i > 1) && (x->ex_pathlen != -1) - && (i > (x->ex_pathlen + 1))) - { - ctx->error = X509_V_ERR_PATH_LENGTH_EXCEEDED; - ctx->error_depth = i; - ctx->current_cert = x; - ok=cb(0,ctx); - if (!ok) goto end; - } - } - ok = 1; - end: - return ok; -#endif -} - -static int check_trust(X509_STORE_CTX *ctx) -{ -#ifdef NO_CHAIN_VERIFY - return 1; -#else - int i, ok; - X509 *x; - int (*cb)(); - cb=ctx->verify_cb; - if (cb == NULL) cb=null_callback; -/* For now just check the last certificate in the chain */ - i = sk_X509_num(ctx->chain) - 1; - x = sk_X509_value(ctx->chain, i); - ok = X509_check_trust(x, ctx->trust, 0); - if (ok == X509_TRUST_TRUSTED) - return 1; - ctx->error_depth = sk_X509_num(ctx->chain) - 1; - ctx->current_cert = x; - if (ok == X509_TRUST_REJECTED) - ctx->error = X509_V_ERR_CERT_REJECTED; - else - ctx->error = X509_V_ERR_CERT_UNTRUSTED; - ok = cb(0, ctx); - return ok; -#endif -} - -static int internal_verify(X509_STORE_CTX *ctx) - { - int i,ok=0,n; - X509 *xs,*xi; - EVP_PKEY *pkey=NULL; - time_t *ptime; - int (*cb)(); - - cb=ctx->verify_cb; - if (cb == NULL) cb=null_callback; - - n=sk_X509_num(ctx->chain); - ctx->error_depth=n-1; - n--; - xi=sk_X509_value(ctx->chain,n); - if (ctx->flags & X509_V_FLAG_USE_CHECK_TIME) - ptime = &ctx->check_time; - else - ptime = NULL; - if (ctx->check_issued(ctx, xi, xi)) - xs=xi; - else - { - if (n <= 0) - { - ctx->error=X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE; - ctx->current_cert=xi; - ok=cb(0,ctx); - goto end; - } - else - { - n--; - ctx->error_depth=n; - xs=sk_X509_value(ctx->chain,n); - } - } - -/* ctx->error=0; not needed */ - while (n >= 0) - { - ctx->error_depth=n; - if (!xs->valid) - { - if ((pkey=X509_get_pubkey(xi)) == NULL) - { - ctx->error=X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY; - ctx->current_cert=xi; - ok=(*cb)(0,ctx); - if (!ok) goto end; - } - if (X509_verify(xs,pkey) <= 0) - { - ctx->error=X509_V_ERR_CERT_SIGNATURE_FAILURE; - ctx->current_cert=xs; - ok=(*cb)(0,ctx); - if (!ok) - { - EVP_PKEY_free(pkey); - goto end; - } - } - EVP_PKEY_free(pkey); - pkey=NULL; - - i=X509_cmp_time(X509_get_notBefore(xs), ptime); - if (i == 0) - { - ctx->error=X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD; - ctx->current_cert=xs; - ok=(*cb)(0,ctx); - if (!ok) goto end; - } - if (i > 0) - { - ctx->error=X509_V_ERR_CERT_NOT_YET_VALID; - ctx->current_cert=xs; - ok=(*cb)(0,ctx); - if (!ok) goto end; - } - xs->valid=1; - } - - i=X509_cmp_time(X509_get_notAfter(xs), ptime); - if (i == 0) - { - ctx->error=X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD; - ctx->current_cert=xs; - ok=(*cb)(0,ctx); - if (!ok) goto end; - } - - if (i < 0) - { - ctx->error=X509_V_ERR_CERT_HAS_EXPIRED; - ctx->current_cert=xs; - ok=(*cb)(0,ctx); - if (!ok) goto end; - } - - /* CRL CHECK */ - - /* The last error (if any) is still in the error value */ - ctx->current_cert=xs; - ok=(*cb)(1,ctx); - if (!ok) goto end; - - n--; - if (n >= 0) - { - xi=xs; - xs=sk_X509_value(ctx->chain,n); - } - } - ok=1; -end: - return ok; - } - -int X509_cmp_current_time(ASN1_TIME *ctm) -{ - return X509_cmp_time(ctm, NULL); -} - -int X509_cmp_time(ASN1_TIME *ctm, time_t *cmp_time) - { - char *str; - ASN1_TIME atm; - time_t offset; - char buff1[24],buff2[24],*p; - int i,j; - - p=buff1; - i=ctm->length; - str=(char *)ctm->data; - if (ctm->type == V_ASN1_UTCTIME) - { - if ((i < 11) || (i > 17)) return 0; - memcpy(p,str,10); - p+=10; - str+=10; - } - else - { - if (i < 13) return 0; - memcpy(p,str,12); - p+=12; - str+=12; - } - - if ((*str == 'Z') || (*str == '-') || (*str == '+')) - { *(p++)='0'; *(p++)='0'; } - else - { - *(p++)= *(str++); - *(p++)= *(str++); - /* Skip any fractional seconds... */ - if (*str == '.') - { - str++; - while ((*str >= '0') && (*str <= '9')) str++; - } - - } - *(p++)='Z'; - *(p++)='\0'; - - if (*str == 'Z') - offset=0; - else - { - if ((*str != '+') && (str[5] != '-')) - return 0; - offset=((str[1]-'0')*10+(str[2]-'0'))*60; - offset+=(str[3]-'0')*10+(str[4]-'0'); - if (*str == '-') - offset= -offset; - } - atm.type=ctm->type; - atm.length=sizeof(buff2); - atm.data=(unsigned char *)buff2; - - X509_time_adj(&atm,-offset*60, cmp_time); - - if (ctm->type == V_ASN1_UTCTIME) - { - i=(buff1[0]-'0')*10+(buff1[1]-'0'); - if (i < 50) i+=100; /* cf. RFC 2459 */ - j=(buff2[0]-'0')*10+(buff2[1]-'0'); - if (j < 50) j+=100; - - if (i < j) return -1; - if (i > j) return 1; - } - i=strcmp(buff1,buff2); - if (i == 0) /* wait a second then return younger :-) */ - return -1; - else - return i; - } - -ASN1_TIME *X509_gmtime_adj(ASN1_TIME *s, long adj) -{ - return X509_time_adj(s, adj, NULL); -} - -ASN1_TIME *X509_time_adj(ASN1_TIME *s, long adj, time_t *in_tm) - { - time_t t; - - if (in_tm) t = *in_tm; - else time(&t); - - t+=adj; - if (!s) return ASN1_TIME_set(s, t); - if (s->type == V_ASN1_UTCTIME) return ASN1_UTCTIME_set(s,t); - return ASN1_GENERALIZEDTIME_set(s, t); - } - -int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain) - { - EVP_PKEY *ktmp=NULL,*ktmp2; - int i,j; - - if ((pkey != NULL) && !EVP_PKEY_missing_parameters(pkey)) return 1; - - for (i=0; i= 0; j--) - { - ktmp2=X509_get_pubkey(sk_X509_value(chain,j)); - EVP_PKEY_copy_parameters(ktmp2,ktmp); - EVP_PKEY_free(ktmp2); - } - - if (pkey != NULL) EVP_PKEY_copy_parameters(pkey,ktmp); - EVP_PKEY_free(ktmp); - return 1; - } - -int X509_STORE_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) - { - x509_store_ctx_num++; - return CRYPTO_get_ex_new_index(x509_store_ctx_num-1, - &x509_store_ctx_method, - argl,argp,new_func,dup_func,free_func); - } - -int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx, int idx, void *data) - { - return CRYPTO_set_ex_data(&ctx->ex_data,idx,data); - } - -void *X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx, int idx) - { - return CRYPTO_get_ex_data(&ctx->ex_data,idx); - } - -int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx) - { - return ctx->error; - } - -void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int err) - { - ctx->error=err; - } - -int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx) - { - return ctx->error_depth; - } - -X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx) - { - return ctx->current_cert; - } - -STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx) - { - return ctx->chain; - } - -STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx) - { - int i; - X509 *x; - STACK_OF(X509) *chain; - if (!ctx->chain || !(chain = sk_X509_dup(ctx->chain))) return NULL; - for (i = 0; i < sk_X509_num(chain); i++) - { - x = sk_X509_value(chain, i); - CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509); - } - return chain; - } - -void X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *x) - { - ctx->cert=x; - } - -void X509_STORE_CTX_set_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *sk) - { - ctx->untrusted=sk; - } - -int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose) - { - return X509_STORE_CTX_purpose_inherit(ctx, 0, purpose, 0); - } - -int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust) - { - return X509_STORE_CTX_purpose_inherit(ctx, 0, 0, trust); - } - -/* This function is used to set the X509_STORE_CTX purpose and trust - * values. This is intended to be used when another structure has its - * own trust and purpose values which (if set) will be inherited by - * the ctx. If they aren't set then we will usually have a default - * purpose in mind which should then be used to set the trust value. - * An example of this is SSL use: an SSL structure will have its own - * purpose and trust settings which the application can set: if they - * aren't set then we use the default of SSL client/server. - */ - -int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose, - int purpose, int trust) -{ - int idx; - /* If purpose not set use default */ - if (!purpose) purpose = def_purpose; - /* If we have a purpose then check it is valid */ - if (purpose) - { - X509_PURPOSE *ptmp; - idx = X509_PURPOSE_get_by_id(purpose); - if (idx == -1) - { - X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT, - X509_R_UNKNOWN_PURPOSE_ID); - return 0; - } - ptmp = X509_PURPOSE_get0(idx); - if (ptmp->trust == X509_TRUST_DEFAULT) - { - idx = X509_PURPOSE_get_by_id(def_purpose); - if (idx == -1) - { - X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT, - X509_R_UNKNOWN_PURPOSE_ID); - return 0; - } - ptmp = X509_PURPOSE_get0(idx); - } - /* If trust not set then get from purpose default */ - if (!trust) trust = ptmp->trust; - } - if (trust) - { - idx = X509_TRUST_get_by_id(trust); - if (idx == -1) - { - X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT, - X509_R_UNKNOWN_TRUST_ID); - return 0; - } - } - - if (purpose) ctx->purpose = purpose; - if (trust) ctx->trust = trust; - return 1; -} - -X509_STORE_CTX *X509_STORE_CTX_new(void) -{ - X509_STORE_CTX *ctx; - ctx = (X509_STORE_CTX *)OPENSSL_malloc(sizeof(X509_STORE_CTX)); - if (ctx) memset(ctx, 0, sizeof(X509_STORE_CTX)); - return ctx; -} - -void X509_STORE_CTX_free(X509_STORE_CTX *ctx) -{ - X509_STORE_CTX_cleanup(ctx); - OPENSSL_free(ctx); -} - -void X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509, - STACK_OF(X509) *chain) - { - ctx->ctx=store; - ctx->current_method=0; - ctx->cert=x509; - ctx->untrusted=chain; - ctx->last_untrusted=0; - ctx->purpose=0; - ctx->trust=0; - ctx->check_time=0; - ctx->flags=0; - ctx->other_ctx=NULL; - ctx->valid=0; - ctx->chain=NULL; - ctx->depth=9; - ctx->error=0; - ctx->error_depth=0; - ctx->current_cert=NULL; - ctx->current_issuer=NULL; - ctx->check_issued = check_issued; - ctx->get_issuer = X509_STORE_CTX_get1_issuer; - ctx->verify_cb = store->verify_cb; - ctx->verify = store->verify; - ctx->cleanup = 0; - memset(&(ctx->ex_data),0,sizeof(CRYPTO_EX_DATA)); - } - -/* Set alternative lookup method: just a STACK of trusted certificates. - * This avoids X509_STORE nastiness where it isn't needed. - */ - -void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk) -{ - ctx->other_ctx = sk; - ctx->get_issuer = get_issuer_sk; -} - -void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx) - { - if (ctx->cleanup) ctx->cleanup(ctx); - if (ctx->chain != NULL) - { - sk_X509_pop_free(ctx->chain,X509_free); - ctx->chain=NULL; - } - CRYPTO_free_ex_data(x509_store_ctx_method,ctx,&(ctx->ex_data)); - memset(&ctx->ex_data,0,sizeof(CRYPTO_EX_DATA)); - } - -void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, long flags) - { - ctx->flags |= flags; - } - -void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, long flags, time_t t) - { - ctx->check_time = t; - ctx->flags |= X509_V_FLAG_USE_CHECK_TIME; - } - -IMPLEMENT_STACK_OF(X509) -IMPLEMENT_ASN1_SET_OF(X509) - -IMPLEMENT_STACK_OF(X509_NAME) - -IMPLEMENT_STACK_OF(X509_ATTRIBUTE) -IMPLEMENT_ASN1_SET_OF(X509_ATTRIBUTE) diff --git a/src/lib/libcrypto/x509/x509_vfy.h b/src/lib/libcrypto/x509/x509_vfy.h deleted file mode 100644 index e289d5309a..0000000000 --- a/src/lib/libcrypto/x509/x509_vfy.h +++ /dev/null @@ -1,390 +0,0 @@ -/* crypto/x509/x509_vfy.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_X509_H -#include -/* openssl/x509.h ends up #include-ing this file at about the only - * appropriate moment. */ -#endif - -#ifndef HEADER_X509_VFY_H -#define HEADER_X509_VFY_H - -#ifndef NO_LHASH -#include -#endif -#include -#include - -#ifdef __cplusplus -extern "C" { -#endif - -/* Outer object */ -typedef struct x509_hash_dir_st - { - int num_dirs; - char **dirs; - int *dirs_type; - int num_dirs_alloced; - } X509_HASH_DIR_CTX; - -typedef struct x509_file_st - { - int num_paths; /* number of paths to files or directories */ - int num_alloced; - char **paths; /* the list of paths or directories */ - int *path_type; - } X509_CERT_FILE_CTX; - -/*******************************/ -/* -SSL_CTX -> X509_STORE - -> X509_LOOKUP - ->X509_LOOKUP_METHOD - -> X509_LOOKUP - ->X509_LOOKUP_METHOD - -SSL -> X509_STORE_CTX - ->X509_STORE - -The X509_STORE holds the tables etc for verification stuff. -A X509_STORE_CTX is used while validating a single certificate. -The X509_STORE has X509_LOOKUPs for looking up certs. -The X509_STORE then calls a function to actually verify the -certificate chain. -*/ - -#define X509_LU_RETRY -1 -#define X509_LU_FAIL 0 -#define X509_LU_X509 1 -#define X509_LU_CRL 2 -#define X509_LU_PKEY 3 - -typedef struct x509_object_st - { - /* one of the above types */ - int type; - union { - char *ptr; - X509 *x509; - X509_CRL *crl; - EVP_PKEY *pkey; - } data; - } X509_OBJECT; - -typedef struct x509_lookup_st X509_LOOKUP; - -DECLARE_STACK_OF(X509_LOOKUP) -DECLARE_STACK_OF(X509_OBJECT) - -/* This is a static that defines the function interface */ -typedef struct x509_lookup_method_st - { - const char *name; - int (*new_item)(X509_LOOKUP *ctx); - void (*free)(X509_LOOKUP *ctx); - int (*init)(X509_LOOKUP *ctx); - int (*shutdown)(X509_LOOKUP *ctx); - int (*ctrl)(X509_LOOKUP *ctx,int cmd,const char *argc,long argl, - char **ret); - int (*get_by_subject)(X509_LOOKUP *ctx,int type,X509_NAME *name, - X509_OBJECT *ret); - int (*get_by_issuer_serial)(X509_LOOKUP *ctx,int type,X509_NAME *name, - ASN1_INTEGER *serial,X509_OBJECT *ret); - int (*get_by_fingerprint)(X509_LOOKUP *ctx,int type, - unsigned char *bytes,int len, - X509_OBJECT *ret); - int (*get_by_alias)(X509_LOOKUP *ctx,int type,char *str,int len, - X509_OBJECT *ret); - } X509_LOOKUP_METHOD; - -typedef struct x509_store_ctx_st X509_STORE_CTX; - -/* This is used to hold everything. It is used for all certificate - * validation. Once we have a certificate chain, the 'verify' - * function is then called to actually check the cert chain. */ -typedef struct x509_store_st - { - /* The following is a cache of trusted certs */ - int cache; /* if true, stash any hits */ - STACK_OF(X509_OBJECT) *objs; /* Cache of all objects */ - - /* These are external lookup methods */ - STACK_OF(X509_LOOKUP) *get_cert_methods; - int (*verify)(X509_STORE_CTX *ctx); /* called to verify a certificate */ - int (*verify_cb)(int ok,X509_STORE_CTX *ctx); /* error callback */ - - CRYPTO_EX_DATA ex_data; - int references; - int depth; /* how deep to look (still unused -- X509_STORE_CTX's depth is used) */ - } X509_STORE; - -#define X509_STORE_set_depth(ctx,d) ((ctx)->depth=(d)) - -#define X509_STORE_set_verify_cb_func(ctx,func) ((ctx)->verify_cb=(func)) -#define X509_STORE_set_verify_func(ctx,func) ((ctx)->verify=(func)) - -/* This is the functions plus an instance of the local variables. */ -struct x509_lookup_st - { - int init; /* have we been started */ - int skip; /* don't use us. */ - X509_LOOKUP_METHOD *method; /* the functions */ - char *method_data; /* method data */ - - X509_STORE *store_ctx; /* who owns us */ - }; - -/* This is a used when verifying cert chains. Since the - * gathering of the cert chain can take some time (and have to be - * 'retried', this needs to be kept and passed around. */ -struct x509_store_ctx_st /* X509_STORE_CTX */ - { - X509_STORE *ctx; - int current_method; /* used when looking up certs */ - - /* The following are set by the caller */ - X509 *cert; /* The cert to check */ - STACK_OF(X509) *untrusted; /* chain of X509s - untrusted - passed in */ - int purpose; /* purpose to check untrusted certificates */ - int trust; /* trust setting to check */ - time_t check_time; /* time to make verify at */ - unsigned long flags; /* Various verify flags */ - void *other_ctx; /* Other info for use with get_issuer() */ - - /* Callbacks for various operations */ - int (*verify)(X509_STORE_CTX *ctx); /* called to verify a certificate */ - int (*verify_cb)(int ok,X509_STORE_CTX *ctx); /* error callback */ - int (*get_issuer)(X509 **issuer, X509_STORE_CTX *ctx, X509 *x); /* get issuers cert from ctx */ - int (*check_issued)(X509_STORE_CTX *ctx, X509 *x, X509 *issuer); /* check issued */ - int (*cleanup)(X509_STORE_CTX *ctx); - - /* The following is built up */ - int depth; /* how far to go looking up certs */ - int valid; /* if 0, rebuild chain */ - int last_untrusted; /* index of last untrusted cert */ - STACK_OF(X509) *chain; /* chain of X509s - built up and trusted */ - - /* When something goes wrong, this is why */ - int error_depth; - int error; - X509 *current_cert; - X509 *current_issuer; /* cert currently being tested as valid issuer */ - - CRYPTO_EX_DATA ex_data; - }; - -#define X509_STORE_CTX_set_depth(ctx,d) ((ctx)->depth=(d)) - -#define X509_STORE_CTX_set_app_data(ctx,data) \ - X509_STORE_CTX_set_ex_data(ctx,0,data) -#define X509_STORE_CTX_get_app_data(ctx) \ - X509_STORE_CTX_get_ex_data(ctx,0) - -#define X509_L_FILE_LOAD 1 -#define X509_L_ADD_DIR 2 - -#define X509_LOOKUP_load_file(x,name,type) \ - X509_LOOKUP_ctrl((x),X509_L_FILE_LOAD,(name),(long)(type),NULL) - -#define X509_LOOKUP_add_dir(x,name,type) \ - X509_LOOKUP_ctrl((x),X509_L_ADD_DIR,(name),(long)(type),NULL) - -#define X509_V_OK 0 -/* illegal error (for uninitialized values, to avoid X509_V_OK): 1 */ - -#define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT 2 -#define X509_V_ERR_UNABLE_TO_GET_CRL 3 -#define X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE 4 -#define X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE 5 -#define X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY 6 -#define X509_V_ERR_CERT_SIGNATURE_FAILURE 7 -#define X509_V_ERR_CRL_SIGNATURE_FAILURE 8 -#define X509_V_ERR_CERT_NOT_YET_VALID 9 -#define X509_V_ERR_CERT_HAS_EXPIRED 10 -#define X509_V_ERR_CRL_NOT_YET_VALID 11 -#define X509_V_ERR_CRL_HAS_EXPIRED 12 -#define X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD 13 -#define X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD 14 -#define X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD 15 -#define X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD 16 -#define X509_V_ERR_OUT_OF_MEM 17 -#define X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT 18 -#define X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN 19 -#define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY 20 -#define X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE 21 -#define X509_V_ERR_CERT_CHAIN_TOO_LONG 22 -#define X509_V_ERR_CERT_REVOKED 23 -#define X509_V_ERR_INVALID_CA 24 -#define X509_V_ERR_PATH_LENGTH_EXCEEDED 25 -#define X509_V_ERR_INVALID_PURPOSE 26 -#define X509_V_ERR_CERT_UNTRUSTED 27 -#define X509_V_ERR_CERT_REJECTED 28 -/* These are 'informational' when looking for issuer cert */ -#define X509_V_ERR_SUBJECT_ISSUER_MISMATCH 29 -#define X509_V_ERR_AKID_SKID_MISMATCH 30 -#define X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH 31 -#define X509_V_ERR_KEYUSAGE_NO_CERTSIGN 32 - -/* The application is not happy */ -#define X509_V_ERR_APPLICATION_VERIFICATION 50 - -/* Certificate verify flags */ - -#define X509_V_FLAG_CB_ISSUER_CHECK 0x1 /* Send issuer+subject checks to verify_cb */ -#define X509_V_FLAG_USE_CHECK_TIME 0x2 /* Use check time instead of current time */ - - /* These functions are being redefined in another directory, - and clash when the linker is case-insensitive, so let's - hide them a little, by giving them an extra 'o' at the - beginning of the name... */ -#ifdef VMS -#undef X509v3_cleanup_extensions -#define X509v3_cleanup_extensions oX509v3_cleanup_extensions -#undef X509v3_add_extension -#define X509v3_add_extension oX509v3_add_extension -#undef X509v3_add_netscape_extensions -#define X509v3_add_netscape_extensions oX509v3_add_netscape_extensions -#undef X509v3_add_standard_extensions -#define X509v3_add_standard_extensions oX509v3_add_standard_extensions -#endif - -int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, int type, - X509_NAME *name); -X509_OBJECT *X509_OBJECT_retrieve_by_subject(STACK_OF(X509_OBJECT) *h,int type,X509_NAME *name); -X509_OBJECT *X509_OBJECT_retrieve_match(STACK_OF(X509_OBJECT) *h, X509_OBJECT *x); -void X509_OBJECT_up_ref_count(X509_OBJECT *a); -void X509_OBJECT_free_contents(X509_OBJECT *a); -X509_STORE *X509_STORE_new(void ); -void X509_STORE_free(X509_STORE *v); - -X509_STORE_CTX *X509_STORE_CTX_new(void); - -int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x); - -void X509_STORE_CTX_free(X509_STORE_CTX *ctx); -void X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, - X509 *x509, STACK_OF(X509) *chain); -void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk); -void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx); - -X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m); - -X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void); -X509_LOOKUP_METHOD *X509_LOOKUP_file(void); - -int X509_STORE_add_cert(X509_STORE *ctx, X509 *x); -int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x); - -int X509_STORE_get_by_subject(X509_STORE_CTX *vs,int type,X509_NAME *name, - X509_OBJECT *ret); - -int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, - long argl, char **ret); - -#ifndef NO_STDIO -int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type); -int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type); -int X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type); -#endif - - -X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method); -void X509_LOOKUP_free(X509_LOOKUP *ctx); -int X509_LOOKUP_init(X509_LOOKUP *ctx); -int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, int type, X509_NAME *name, - X509_OBJECT *ret); -int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, int type, X509_NAME *name, - ASN1_INTEGER *serial, X509_OBJECT *ret); -int X509_LOOKUP_by_fingerprint(X509_LOOKUP *ctx, int type, - unsigned char *bytes, int len, X509_OBJECT *ret); -int X509_LOOKUP_by_alias(X509_LOOKUP *ctx, int type, char *str, - int len, X509_OBJECT *ret); -int X509_LOOKUP_shutdown(X509_LOOKUP *ctx); - -#ifndef NO_STDIO -int X509_STORE_load_locations (X509_STORE *ctx, - const char *file, const char *dir); -int X509_STORE_set_default_paths(X509_STORE *ctx); -#endif - -int X509_STORE_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); -int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx,int idx,void *data); -void * X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx,int idx); -int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx); -void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx,int s); -int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx); -X509 * X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx); -STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx); -STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx); -void X509_STORE_CTX_set_cert(X509_STORE_CTX *c,X509 *x); -void X509_STORE_CTX_set_chain(X509_STORE_CTX *c,STACK_OF(X509) *sk); -int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose); -int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust); -int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose, - int purpose, int trust); -void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, long flags); -void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, long flags, time_t t); - -#ifdef __cplusplus -} -#endif -#endif - diff --git a/src/lib/libcrypto/x509/x509name.c b/src/lib/libcrypto/x509/x509name.c deleted file mode 100644 index 4c20e03ece..0000000000 --- a/src/lib/libcrypto/x509/x509name.c +++ /dev/null @@ -1,383 +0,0 @@ -/* crypto/x509/x509name.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include "cryptlib.h" -#include -#include -#include -#include - -int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, char *buf, int len) - { - ASN1_OBJECT *obj; - - obj=OBJ_nid2obj(nid); - if (obj == NULL) return(-1); - return(X509_NAME_get_text_by_OBJ(name,obj,buf,len)); - } - -int X509_NAME_get_text_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, char *buf, - int len) - { - int i; - ASN1_STRING *data; - - i=X509_NAME_get_index_by_OBJ(name,obj,-1); - if (i < 0) return(-1); - data=X509_NAME_ENTRY_get_data(X509_NAME_get_entry(name,i)); - i=(data->length > (len-1))?(len-1):data->length; - if (buf == NULL) return(data->length); - memcpy(buf,data->data,i); - buf[i]='\0'; - return(i); - } - -int X509_NAME_entry_count(X509_NAME *name) - { - if (name == NULL) return(0); - return(sk_X509_NAME_ENTRY_num(name->entries)); - } - -int X509_NAME_get_index_by_NID(X509_NAME *name, int nid, int lastpos) - { - ASN1_OBJECT *obj; - - obj=OBJ_nid2obj(nid); - if (obj == NULL) return(-2); - return(X509_NAME_get_index_by_OBJ(name,obj,lastpos)); - } - -/* NOTE: you should be passsing -1, not 0 as lastpos */ -int X509_NAME_get_index_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, - int lastpos) - { - int n; - X509_NAME_ENTRY *ne; - STACK_OF(X509_NAME_ENTRY) *sk; - - if (name == NULL) return(-1); - if (lastpos < 0) - lastpos= -1; - sk=name->entries; - n=sk_X509_NAME_ENTRY_num(sk); - for (lastpos++; lastpos < n; lastpos++) - { - ne=sk_X509_NAME_ENTRY_value(sk,lastpos); - if (OBJ_cmp(ne->object,obj) == 0) - return(lastpos); - } - return(-1); - } - -X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc) - { - if(name == NULL || sk_X509_NAME_ENTRY_num(name->entries) <= loc - || loc < 0) - return(NULL); - else - return(sk_X509_NAME_ENTRY_value(name->entries,loc)); - } - -X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc) - { - X509_NAME_ENTRY *ret; - int i,n,set_prev,set_next; - STACK_OF(X509_NAME_ENTRY) *sk; - - if (name == NULL || sk_X509_NAME_ENTRY_num(name->entries) <= loc - || loc < 0) - return(NULL); - sk=name->entries; - ret=sk_X509_NAME_ENTRY_delete(sk,loc); - n=sk_X509_NAME_ENTRY_num(sk); - name->modified=1; - if (loc == n) return(ret); - - /* else we need to fixup the set field */ - if (loc != 0) - set_prev=(sk_X509_NAME_ENTRY_value(sk,loc-1))->set; - else - set_prev=ret->set-1; - set_next=sk_X509_NAME_ENTRY_value(sk,loc)->set; - - /* set_prev is the previous set - * set is the current set - * set_next is the following - * prev 1 1 1 1 1 1 1 1 - * set 1 1 2 2 - * next 1 1 2 2 2 2 3 2 - * so basically only if prev and next differ by 2, then - * re-number down by 1 */ - if (set_prev+1 < set_next) - for (i=loc; iset--; - return(ret); - } - -int X509_NAME_add_entry_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, int type, - unsigned char *bytes, int len, int loc, int set) -{ - X509_NAME_ENTRY *ne; - int ret; - ne = X509_NAME_ENTRY_create_by_OBJ(NULL, obj, type, bytes, len); - if(!ne) return 0; - ret = X509_NAME_add_entry(name, ne, loc, set); - X509_NAME_ENTRY_free(ne); - return ret; -} - -int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type, - unsigned char *bytes, int len, int loc, int set) -{ - X509_NAME_ENTRY *ne; - int ret; - ne = X509_NAME_ENTRY_create_by_NID(NULL, nid, type, bytes, len); - if(!ne) return 0; - ret = X509_NAME_add_entry(name, ne, loc, set); - X509_NAME_ENTRY_free(ne); - return ret; -} - -int X509_NAME_add_entry_by_txt(X509_NAME *name, char *field, int type, - unsigned char *bytes, int len, int loc, int set) -{ - X509_NAME_ENTRY *ne; - int ret; - ne = X509_NAME_ENTRY_create_by_txt(NULL, field, type, bytes, len); - if(!ne) return 0; - ret = X509_NAME_add_entry(name, ne, loc, set); - X509_NAME_ENTRY_free(ne); - return ret; -} - -/* if set is -1, append to previous set, 0 'a new one', and 1, - * prepend to the guy we are about to stomp on. */ -int X509_NAME_add_entry(X509_NAME *name, X509_NAME_ENTRY *ne, int loc, - int set) - { - X509_NAME_ENTRY *new_name=NULL; - int n,i,inc; - STACK_OF(X509_NAME_ENTRY) *sk; - - if (name == NULL) return(0); - sk=name->entries; - n=sk_X509_NAME_ENTRY_num(sk); - if (loc > n) loc=n; - else if (loc < 0) loc=n; - - name->modified=1; - - if (set == -1) - { - if (loc == 0) - { - set=0; - inc=1; - } - else - { - set=sk_X509_NAME_ENTRY_value(sk,loc-1)->set; - inc=0; - } - } - else /* if (set >= 0) */ - { - if (loc >= n) - { - if (loc != 0) - set=sk_X509_NAME_ENTRY_value(sk,loc-1)->set+1; - else - set=0; - } - else - set=sk_X509_NAME_ENTRY_value(sk,loc)->set; - inc=(set == 0)?1:0; - } - - if ((new_name=X509_NAME_ENTRY_dup(ne)) == NULL) - goto err; - new_name->set=set; - if (!sk_X509_NAME_ENTRY_insert(sk,new_name,loc)) - { - X509err(X509_F_X509_NAME_ADD_ENTRY,ERR_R_MALLOC_FAILURE); - goto err; - } - if (inc) - { - n=sk_X509_NAME_ENTRY_num(sk); - for (i=loc+1; iset+=1; - } - return(1); -err: - if (new_name != NULL) - X509_NAME_ENTRY_free(new_name); - return(0); - } - -X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne, - char *field, int type, unsigned char *bytes, int len) - { - ASN1_OBJECT *obj; - X509_NAME_ENTRY *nentry; - - obj=OBJ_txt2obj(field, 0); - if (obj == NULL) - { - X509err(X509_F_X509_NAME_ENTRY_CREATE_BY_TXT, - X509_R_INVALID_FIELD_NAME); - ERR_add_error_data(2, "name=", field); - return(NULL); - } - nentry = X509_NAME_ENTRY_create_by_OBJ(ne,obj,type,bytes,len); - ASN1_OBJECT_free(obj); - return nentry; - } - -X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid, - int type, unsigned char *bytes, int len) - { - ASN1_OBJECT *obj; - X509_NAME_ENTRY *nentry; - - obj=OBJ_nid2obj(nid); - if (obj == NULL) - { - X509err(X509_F_X509_NAME_ENTRY_CREATE_BY_NID,X509_R_UNKNOWN_NID); - return(NULL); - } - nentry = X509_NAME_ENTRY_create_by_OBJ(ne,obj,type,bytes,len); - ASN1_OBJECT_free(obj); - return nentry; - } - -X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne, - ASN1_OBJECT *obj, int type, unsigned char *bytes, int len) - { - X509_NAME_ENTRY *ret; - - if ((ne == NULL) || (*ne == NULL)) - { - if ((ret=X509_NAME_ENTRY_new()) == NULL) - return(NULL); - } - else - ret= *ne; - - if (!X509_NAME_ENTRY_set_object(ret,obj)) - goto err; - if (!X509_NAME_ENTRY_set_data(ret,type,bytes,len)) - goto err; - - if ((ne != NULL) && (*ne == NULL)) *ne=ret; - return(ret); -err: - if ((ne == NULL) || (ret != *ne)) - X509_NAME_ENTRY_free(ret); - return(NULL); - } - -int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, ASN1_OBJECT *obj) - { - if ((ne == NULL) || (obj == NULL)) - { - X509err(X509_F_X509_NAME_ENTRY_SET_OBJECT,ERR_R_PASSED_NULL_PARAMETER); - return(0); - } - ASN1_OBJECT_free(ne->object); - ne->object=OBJ_dup(obj); - return((ne->object == NULL)?0:1); - } - -int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type, - unsigned char *bytes, int len) - { - int i; - - if ((ne == NULL) || ((bytes == NULL) && (len != 0))) return(0); - if((type > 0) && (type & MBSTRING_FLAG)) - return ASN1_STRING_set_by_NID(&ne->value, bytes, - len, type, - OBJ_obj2nid(ne->object)) ? 1 : 0; - if (len < 0) len=strlen((char *)bytes); - i=ASN1_STRING_set(ne->value,bytes,len); - if (!i) return(0); - if (type != V_ASN1_UNDEF) - { - if (type == V_ASN1_APP_CHOOSE) - ne->value->type=ASN1_PRINTABLE_type(bytes,len); - else - ne->value->type=type; - } - return(1); - } - -ASN1_OBJECT *X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne) - { - if (ne == NULL) return(NULL); - return(ne->object); - } - -ASN1_STRING *X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne) - { - if (ne == NULL) return(NULL); - return(ne->value); - } - diff --git a/src/lib/libcrypto/x509/x509rset.c b/src/lib/libcrypto/x509/x509rset.c deleted file mode 100644 index d9f6b57372..0000000000 --- a/src/lib/libcrypto/x509/x509rset.c +++ /dev/null @@ -1,83 +0,0 @@ -/* crypto/x509/x509rset.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include -#include -#include - -int X509_REQ_set_version(X509_REQ *x, long version) - { - if (x == NULL) return(0); - return(ASN1_INTEGER_set(x->req_info->version,version)); - } - -int X509_REQ_set_subject_name(X509_REQ *x, X509_NAME *name) - { - if ((x == NULL) || (x->req_info == NULL)) return(0); - return(X509_NAME_set(&x->req_info->subject,name)); - } - -int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey) - { - if ((x == NULL) || (x->req_info == NULL)) return(0); - return(X509_PUBKEY_set(&x->req_info->pubkey,pkey)); - } - diff --git a/src/lib/libcrypto/x509/x509spki.c b/src/lib/libcrypto/x509/x509spki.c deleted file mode 100644 index fd0a534d88..0000000000 --- a/src/lib/libcrypto/x509/x509spki.c +++ /dev/null @@ -1,121 +0,0 @@ -/* x509spki.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include "cryptlib.h" -#include -#include - -int NETSCAPE_SPKI_set_pubkey(NETSCAPE_SPKI *x, EVP_PKEY *pkey) -{ - if ((x == NULL) || (x->spkac == NULL)) return(0); - return(X509_PUBKEY_set(&(x->spkac->pubkey),pkey)); -} - -EVP_PKEY *NETSCAPE_SPKI_get_pubkey(NETSCAPE_SPKI *x) -{ - if ((x == NULL) || (x->spkac == NULL)) - return(NULL); - return(X509_PUBKEY_get(x->spkac->pubkey)); -} - -/* Load a Netscape SPKI from a base64 encoded string */ - -NETSCAPE_SPKI * NETSCAPE_SPKI_b64_decode(const char *str, int len) -{ - unsigned char *spki_der, *p; - int spki_len; - NETSCAPE_SPKI *spki; - if(len <= 0) len = strlen(str); - if (!(spki_der = OPENSSL_malloc(len + 1))) { - X509err(X509_F_NETSCAPE_SPKI_B64_DECODE, ERR_R_MALLOC_FAILURE); - return NULL; - } - spki_len = EVP_DecodeBlock(spki_der, (const unsigned char *)str, len); - if(spki_len < 0) { - X509err(X509_F_NETSCAPE_SPKI_B64_DECODE, - X509_R_BASE64_DECODE_ERROR); - OPENSSL_free(spki_der); - return NULL; - } - p = spki_der; - spki = d2i_NETSCAPE_SPKI(NULL, &p, spki_len); - OPENSSL_free(spki_der); - return spki; -} - -/* Generate a base64 encoded string from an SPKI */ - -char * NETSCAPE_SPKI_b64_encode(NETSCAPE_SPKI *spki) -{ - unsigned char *der_spki, *p; - char *b64_str; - int der_len; - der_len = i2d_NETSCAPE_SPKI(spki, NULL); - der_spki = OPENSSL_malloc(der_len); - b64_str = OPENSSL_malloc(der_len * 2); - if(!der_spki || !b64_str) { - X509err(X509_F_NETSCAPE_SPKI_B64_ENCODE, ERR_R_MALLOC_FAILURE); - return NULL; - } - p = der_spki; - i2d_NETSCAPE_SPKI(spki, &p); - EVP_EncodeBlock((unsigned char *)b64_str, der_spki, der_len); - OPENSSL_free(der_spki); - return b64_str; -} diff --git a/src/lib/libcrypto/x509/x509type.c b/src/lib/libcrypto/x509/x509type.c deleted file mode 100644 index 8e78b34458..0000000000 --- a/src/lib/libcrypto/x509/x509type.c +++ /dev/null @@ -1,114 +0,0 @@ -/* crypto/x509/x509type.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "cryptlib.h" -#include -#include -#include - -int X509_certificate_type(X509 *x, EVP_PKEY *pkey) - { - EVP_PKEY *pk; - int ret=0,i; - - if (x == NULL) return(0); - - if (pkey == NULL) - pk=X509_get_pubkey(x); - else - pk=pkey; - - if (pk == NULL) return(0); - - switch (pk->type) - { - case EVP_PKEY_RSA: - ret=EVP_PK_RSA|EVP_PKT_SIGN; -/* if (!sign only extension) */ - ret|=EVP_PKT_ENC; - break; - case EVP_PKEY_DSA: - ret=EVP_PK_DSA|EVP_PKT_SIGN; - break; - case EVP_PKEY_DH: - ret=EVP_PK_DH|EVP_PKT_EXCH; - break; - default: - break; - } - - i=X509_get_signature_type(x); - switch (i) - { - case EVP_PKEY_RSA: - ret|=EVP_PKS_RSA; - break; - case EVP_PKS_DSA: - ret|=EVP_PKS_DSA; - break; - default: - break; - } - - if (EVP_PKEY_size(pk) <= 512) - ret|=EVP_PKT_EXP; - if(pkey==NULL) EVP_PKEY_free(pk); - return(ret); - } - diff --git a/src/lib/libcrypto/x509/x_all.c b/src/lib/libcrypto/x509/x_all.c deleted file mode 100644 index 9bd6e2a39b..0000000000 --- a/src/lib/libcrypto/x509/x_all.c +++ /dev/null @@ -1,565 +0,0 @@ -/* crypto/x509/x_all.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#undef SSLEAY_MACROS -#include -#include "cryptlib.h" -#include -#include -#include -#include - -int X509_verify(X509 *a, EVP_PKEY *r) - { - return(ASN1_verify((int (*)())i2d_X509_CINF,a->sig_alg, - a->signature,(char *)a->cert_info,r)); - } - -int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r) - { - return( ASN1_verify((int (*)())i2d_X509_REQ_INFO, - a->sig_alg,a->signature,(char *)a->req_info,r)); - } - -int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r) - { - return(ASN1_verify((int (*)())i2d_X509_CRL_INFO, - a->sig_alg, a->signature,(char *)a->crl,r)); - } - -int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r) - { - return(ASN1_verify((int (*)())i2d_NETSCAPE_SPKAC, - a->sig_algor,a->signature, (char *)a->spkac,r)); - } - -int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md) - { - return(ASN1_sign((int (*)())i2d_X509_CINF, x->cert_info->signature, - x->sig_alg, x->signature, (char *)x->cert_info,pkey,md)); - } - -int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md) - { - return(ASN1_sign((int (*)())i2d_X509_REQ_INFO,x->sig_alg, NULL, - x->signature, (char *)x->req_info,pkey,md)); - } - -int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md) - { - return(ASN1_sign((int (*)())i2d_X509_CRL_INFO,x->crl->sig_alg, - x->sig_alg, x->signature, (char *)x->crl,pkey,md)); - } - -int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md) - { - return(ASN1_sign((int (*)())i2d_NETSCAPE_SPKAC, x->sig_algor,NULL, - x->signature, (char *)x->spkac,pkey,md)); - } - -X509_ATTRIBUTE *X509_ATTRIBUTE_dup(X509_ATTRIBUTE *xa) - { - return((X509_ATTRIBUTE *)ASN1_dup((int (*)())i2d_X509_ATTRIBUTE, - (char *(*)())d2i_X509_ATTRIBUTE,(char *)xa)); - } - -X509 *X509_dup(X509 *x509) - { - return((X509 *)ASN1_dup((int (*)())i2d_X509, - (char *(*)())d2i_X509,(char *)x509)); - } - -X509_EXTENSION *X509_EXTENSION_dup(X509_EXTENSION *ex) - { - return((X509_EXTENSION *)ASN1_dup( - (int (*)())i2d_X509_EXTENSION, - (char *(*)())d2i_X509_EXTENSION,(char *)ex)); - } - -#ifndef NO_FP_API -X509 *d2i_X509_fp(FILE *fp, X509 **x509) - { - return((X509 *)ASN1_d2i_fp((char *(*)())X509_new, - (char *(*)())d2i_X509, (fp),(unsigned char **)(x509))); - } - -int i2d_X509_fp(FILE *fp, X509 *x509) - { - return(ASN1_i2d_fp(i2d_X509,fp,(unsigned char *)x509)); - } -#endif - -X509 *d2i_X509_bio(BIO *bp, X509 **x509) - { - return((X509 *)ASN1_d2i_bio((char *(*)())X509_new, - (char *(*)())d2i_X509, (bp),(unsigned char **)(x509))); - } - -int i2d_X509_bio(BIO *bp, X509 *x509) - { - return(ASN1_i2d_bio(i2d_X509,bp,(unsigned char *)x509)); - } - -X509_CRL *X509_CRL_dup(X509_CRL *crl) - { - return((X509_CRL *)ASN1_dup((int (*)())i2d_X509_CRL, - (char *(*)())d2i_X509_CRL,(char *)crl)); - } - -#ifndef NO_FP_API -X509_CRL *d2i_X509_CRL_fp(FILE *fp, X509_CRL **crl) - { - return((X509_CRL *)ASN1_d2i_fp((char *(*)()) - X509_CRL_new,(char *(*)())d2i_X509_CRL, (fp), - (unsigned char **)(crl))); - } - -int i2d_X509_CRL_fp(FILE *fp, X509_CRL *crl) - { - return(ASN1_i2d_fp(i2d_X509_CRL,fp,(unsigned char *)crl)); - } -#endif - -X509_CRL *d2i_X509_CRL_bio(BIO *bp, X509_CRL **crl) - { - return((X509_CRL *)ASN1_d2i_bio((char *(*)()) - X509_CRL_new,(char *(*)())d2i_X509_CRL, (bp), - (unsigned char **)(crl))); - } - -int i2d_X509_CRL_bio(BIO *bp, X509_CRL *crl) - { - return(ASN1_i2d_bio(i2d_X509_CRL,bp,(unsigned char *)crl)); - } - -PKCS7 *PKCS7_dup(PKCS7 *p7) - { - return((PKCS7 *)ASN1_dup((int (*)())i2d_PKCS7, - (char *(*)())d2i_PKCS7,(char *)p7)); - } - -#ifndef NO_FP_API -PKCS7 *d2i_PKCS7_fp(FILE *fp, PKCS7 **p7) - { - return((PKCS7 *)ASN1_d2i_fp((char *(*)()) - PKCS7_new,(char *(*)())d2i_PKCS7, (fp), - (unsigned char **)(p7))); - } - -int i2d_PKCS7_fp(FILE *fp, PKCS7 *p7) - { - return(ASN1_i2d_fp(i2d_PKCS7,fp,(unsigned char *)p7)); - } -#endif - -PKCS7 *d2i_PKCS7_bio(BIO *bp, PKCS7 **p7) - { - return((PKCS7 *)ASN1_d2i_bio((char *(*)()) - PKCS7_new,(char *(*)())d2i_PKCS7, (bp), - (unsigned char **)(p7))); - } - -int i2d_PKCS7_bio(BIO *bp, PKCS7 *p7) - { - return(ASN1_i2d_bio(i2d_PKCS7,bp,(unsigned char *)p7)); - } - -X509_REQ *X509_REQ_dup(X509_REQ *req) - { - return((X509_REQ *)ASN1_dup((int (*)())i2d_X509_REQ, - (char *(*)())d2i_X509_REQ,(char *)req)); - } - -#ifndef NO_FP_API -X509_REQ *d2i_X509_REQ_fp(FILE *fp, X509_REQ **req) - { - return((X509_REQ *)ASN1_d2i_fp((char *(*)()) - X509_REQ_new, (char *(*)())d2i_X509_REQ, (fp), - (unsigned char **)(req))); - } - -int i2d_X509_REQ_fp(FILE *fp, X509_REQ *req) - { - return(ASN1_i2d_fp(i2d_X509_REQ,fp,(unsigned char *)req)); - } -#endif - -X509_REQ *d2i_X509_REQ_bio(BIO *bp, X509_REQ **req) - { - return((X509_REQ *)ASN1_d2i_bio((char *(*)()) - X509_REQ_new, (char *(*)())d2i_X509_REQ, (bp), - (unsigned char **)(req))); - } - -int i2d_X509_REQ_bio(BIO *bp, X509_REQ *req) - { - return(ASN1_i2d_bio(i2d_X509_REQ,bp,(unsigned char *)req)); - } - -#ifndef NO_RSA -RSA *RSAPublicKey_dup(RSA *rsa) - { - return((RSA *)ASN1_dup((int (*)())i2d_RSAPublicKey, - (char *(*)())d2i_RSAPublicKey,(char *)rsa)); - } - -RSA *RSAPrivateKey_dup(RSA *rsa) - { - return((RSA *)ASN1_dup((int (*)())i2d_RSAPrivateKey, - (char *(*)())d2i_RSAPrivateKey,(char *)rsa)); - } - -#ifndef NO_FP_API -RSA *d2i_RSAPrivateKey_fp(FILE *fp, RSA **rsa) - { - return((RSA *)ASN1_d2i_fp((char *(*)()) - RSA_new,(char *(*)())d2i_RSAPrivateKey, (fp), - (unsigned char **)(rsa))); - } - -int i2d_RSAPrivateKey_fp(FILE *fp, RSA *rsa) - { - return(ASN1_i2d_fp(i2d_RSAPrivateKey,fp,(unsigned char *)rsa)); - } - -RSA *d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa) - { - return((RSA *)ASN1_d2i_fp((char *(*)()) - RSA_new,(char *(*)())d2i_RSAPublicKey, (fp), - (unsigned char **)(rsa))); - } - -RSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa) - { - return((RSA *)ASN1_d2i_fp((char *(*)()) - RSA_new,(char *(*)())d2i_RSA_PUBKEY, (fp), - (unsigned char **)(rsa))); - } - -int i2d_RSAPublicKey_fp(FILE *fp, RSA *rsa) - { - return(ASN1_i2d_fp(i2d_RSAPublicKey,fp,(unsigned char *)rsa)); - } - -int i2d_RSA_PUBKEY_fp(FILE *fp, RSA *rsa) - { - return(ASN1_i2d_fp(i2d_RSA_PUBKEY,fp,(unsigned char *)rsa)); - } -#endif - -RSA *d2i_RSAPrivateKey_bio(BIO *bp, RSA **rsa) - { - return((RSA *)ASN1_d2i_bio((char *(*)()) - RSA_new,(char *(*)())d2i_RSAPrivateKey, (bp), - (unsigned char **)(rsa))); - } - -int i2d_RSAPrivateKey_bio(BIO *bp, RSA *rsa) - { - return(ASN1_i2d_bio(i2d_RSAPrivateKey,bp,(unsigned char *)rsa)); - } - -RSA *d2i_RSAPublicKey_bio(BIO *bp, RSA **rsa) - { - return((RSA *)ASN1_d2i_bio((char *(*)()) - RSA_new,(char *(*)())d2i_RSAPublicKey, (bp), - (unsigned char **)(rsa))); - } - -RSA *d2i_RSA_PUBKEY_bio(BIO *bp, RSA **rsa) - { - return((RSA *)ASN1_d2i_bio((char *(*)()) - RSA_new,(char *(*)())d2i_RSA_PUBKEY, (bp), - (unsigned char **)(rsa))); - } - -int i2d_RSAPublicKey_bio(BIO *bp, RSA *rsa) - { - return(ASN1_i2d_bio(i2d_RSAPublicKey,bp,(unsigned char *)rsa)); - } - -int i2d_RSA_PUBKEY_bio(BIO *bp, RSA *rsa) - { - return(ASN1_i2d_bio(i2d_RSA_PUBKEY,bp,(unsigned char *)rsa)); - } -#endif - -#ifndef NO_DSA -#ifndef NO_FP_API -DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa) - { - return((DSA *)ASN1_d2i_fp((char *(*)()) - DSA_new,(char *(*)())d2i_DSAPrivateKey, (fp), - (unsigned char **)(dsa))); - } - -int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa) - { - return(ASN1_i2d_fp(i2d_DSAPrivateKey,fp,(unsigned char *)dsa)); - } - -DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa) - { - return((DSA *)ASN1_d2i_fp((char *(*)()) - DSA_new,(char *(*)())d2i_DSA_PUBKEY, (fp), - (unsigned char **)(dsa))); - } - -int i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa) - { - return(ASN1_i2d_fp(i2d_DSA_PUBKEY,fp,(unsigned char *)dsa)); - } -#endif - -DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa) - { - return((DSA *)ASN1_d2i_bio((char *(*)()) - DSA_new,(char *(*)())d2i_DSAPrivateKey, (bp), - (unsigned char **)(dsa))); - } - -int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa) - { - return(ASN1_i2d_bio(i2d_DSAPrivateKey,bp,(unsigned char *)dsa)); - } - -DSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa) - { - return((DSA *)ASN1_d2i_bio((char *(*)()) - DSA_new,(char *(*)())d2i_DSA_PUBKEY, (bp), - (unsigned char **)(dsa))); - } - -int i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa) - { - return(ASN1_i2d_bio(i2d_DSA_PUBKEY,bp,(unsigned char *)dsa)); - } - -#endif - -X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn) - { - return((X509_ALGOR *)ASN1_dup((int (*)())i2d_X509_ALGOR, - (char *(*)())d2i_X509_ALGOR,(char *)xn)); - } - -X509_NAME *X509_NAME_dup(X509_NAME *xn) - { - return((X509_NAME *)ASN1_dup((int (*)())i2d_X509_NAME, - (char *(*)())d2i_X509_NAME,(char *)xn)); - } - -X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne) - { - return((X509_NAME_ENTRY *)ASN1_dup((int (*)())i2d_X509_NAME_ENTRY, - (char *(*)())d2i_X509_NAME_ENTRY,(char *)ne)); - } - -int X509_digest(const X509 *data, const EVP_MD *type, unsigned char *md, - unsigned int *len) - { - return(ASN1_digest((int (*)())i2d_X509,type,(char *)data,md,len)); - } - -int X509_CRL_digest(const X509_CRL *data, const EVP_MD *type, unsigned char *md, - unsigned int *len) - { - return(ASN1_digest((int (*)())i2d_X509_CRL,type,(char *)data,md,len)); - } - -int X509_REQ_digest(const X509_REQ *data, const EVP_MD *type, unsigned char *md, - unsigned int *len) - { - return(ASN1_digest((int (*)())i2d_X509_REQ,type,(char *)data,md,len)); - } - -int X509_NAME_digest(const X509_NAME *data, const EVP_MD *type, unsigned char *md, - unsigned int *len) - { - return(ASN1_digest((int (*)())i2d_X509_NAME,type,(char *)data,md,len)); - } - -int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data, const EVP_MD *type, - unsigned char *md, unsigned int *len) - { - return(ASN1_digest((int (*)())i2d_PKCS7_ISSUER_AND_SERIAL,type, - (char *)data,md,len)); - } - - -#ifndef NO_FP_API -X509_SIG *d2i_PKCS8_fp(FILE *fp, X509_SIG **p8) - { - return((X509_SIG *)ASN1_d2i_fp((char *(*)())X509_SIG_new, - (char *(*)())d2i_X509_SIG, (fp),(unsigned char **)(p8))); - } - -int i2d_PKCS8_fp(FILE *fp, X509_SIG *p8) - { - return(ASN1_i2d_fp(i2d_X509_SIG,fp,(unsigned char *)p8)); - } -#endif - -X509_SIG *d2i_PKCS8_bio(BIO *bp, X509_SIG **p8) - { - return((X509_SIG *)ASN1_d2i_bio((char *(*)())X509_SIG_new, - (char *(*)())d2i_X509_SIG, (bp),(unsigned char **)(p8))); - } - -int i2d_PKCS8_bio(BIO *bp, X509_SIG *p8) - { - return(ASN1_i2d_bio(i2d_X509_SIG,bp,(unsigned char *)p8)); - } - -#ifndef NO_FP_API -PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, - PKCS8_PRIV_KEY_INFO **p8inf) - { - return((PKCS8_PRIV_KEY_INFO *)ASN1_d2i_fp( - (char *(*)())PKCS8_PRIV_KEY_INFO_new, - (char *(*)())d2i_PKCS8_PRIV_KEY_INFO, (fp), - (unsigned char **)(p8inf))); - } - -int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, PKCS8_PRIV_KEY_INFO *p8inf) - { - return(ASN1_i2d_fp(i2d_PKCS8_PRIV_KEY_INFO,fp,(unsigned char *)p8inf)); - } - -int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key) - { - PKCS8_PRIV_KEY_INFO *p8inf; - int ret; - p8inf = EVP_PKEY2PKCS8(key); - if(!p8inf) return 0; - ret = i2d_PKCS8_PRIV_KEY_INFO_fp(fp, p8inf); - PKCS8_PRIV_KEY_INFO_free(p8inf); - return ret; - } - -int i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *pkey) - { - return(ASN1_i2d_fp(i2d_PrivateKey,fp,(unsigned char *)pkey)); - } - -EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a) -{ - return((EVP_PKEY *)ASN1_d2i_fp((char *(*)())EVP_PKEY_new, - (char *(*)())d2i_AutoPrivateKey, (fp),(unsigned char **)(a))); -} - -int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey) - { - return(ASN1_i2d_fp(i2d_PUBKEY,fp,(unsigned char *)pkey)); - } - -EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a) -{ - return((EVP_PKEY *)ASN1_d2i_fp((char *(*)())EVP_PKEY_new, - (char *(*)())d2i_PUBKEY, (fp),(unsigned char **)(a))); -} - -#endif - -PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, - PKCS8_PRIV_KEY_INFO **p8inf) - { - return((PKCS8_PRIV_KEY_INFO *)ASN1_d2i_bio( - (char *(*)())PKCS8_PRIV_KEY_INFO_new, - (char *(*)())d2i_PKCS8_PRIV_KEY_INFO, (bp), - (unsigned char **)(p8inf))); - } - -int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, PKCS8_PRIV_KEY_INFO *p8inf) - { - return(ASN1_i2d_bio(i2d_PKCS8_PRIV_KEY_INFO,bp,(unsigned char *)p8inf)); - } - -int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, EVP_PKEY *key) - { - PKCS8_PRIV_KEY_INFO *p8inf; - int ret; - p8inf = EVP_PKEY2PKCS8(key); - if(!p8inf) return 0; - ret = i2d_PKCS8_PRIV_KEY_INFO_bio(bp, p8inf); - PKCS8_PRIV_KEY_INFO_free(p8inf); - return ret; - } - -int i2d_PrivateKey_bio(BIO *bp, EVP_PKEY *pkey) - { - return(ASN1_i2d_bio(i2d_PrivateKey,bp,(unsigned char *)pkey)); - } - -EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a) - { - return((EVP_PKEY *)ASN1_d2i_bio((char *(*)())EVP_PKEY_new, - (char *(*)())d2i_AutoPrivateKey, (bp),(unsigned char **)(a))); - } - -int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey) - { - return(ASN1_i2d_bio(i2d_PUBKEY,bp,(unsigned char *)pkey)); - } - -EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a) - { - return((EVP_PKEY *)ASN1_d2i_bio((char *(*)())EVP_PKEY_new, - (char *(*)())d2i_PUBKEY, (bp),(unsigned char **)(a))); - } diff --git a/src/lib/libcrypto/x509v3/ext_dat.h b/src/lib/libcrypto/x509v3/ext_dat.h deleted file mode 100644 index 801a585a52..0000000000 --- a/src/lib/libcrypto/x509v3/ext_dat.h +++ /dev/null @@ -1,97 +0,0 @@ -/* ext_dat.h */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -/* This file contains a table of "standard" extensions */ - -extern X509V3_EXT_METHOD v3_bcons, v3_nscert, v3_key_usage, v3_ext_ku; -extern X509V3_EXT_METHOD v3_pkey_usage_period, v3_sxnet, v3_info; -extern X509V3_EXT_METHOD v3_ns_ia5_list[], v3_alt[], v3_skey_id, v3_akey_id; -extern X509V3_EXT_METHOD v3_crl_num, v3_crl_reason, v3_cpols, v3_crld; - -/* This table will be searched using OBJ_bsearch so it *must* kept in - * order of the ext_nid values. - */ - -static X509V3_EXT_METHOD *standard_exts[] = { -&v3_nscert, -&v3_ns_ia5_list[0], -&v3_ns_ia5_list[1], -&v3_ns_ia5_list[2], -&v3_ns_ia5_list[3], -&v3_ns_ia5_list[4], -&v3_ns_ia5_list[5], -&v3_ns_ia5_list[6], -&v3_skey_id, -&v3_key_usage, -&v3_pkey_usage_period, -&v3_alt[0], -&v3_alt[1], -&v3_bcons, -&v3_crl_num, -&v3_cpols, -&v3_akey_id, -&v3_crld, -&v3_ext_ku, -&v3_crl_reason, -&v3_sxnet, -&v3_info, -}; - -/* Number of standard extensions */ - -#define STANDARD_EXTENSION_COUNT (sizeof(standard_exts)/sizeof(X509V3_EXT_METHOD *)) - diff --git a/src/lib/libcrypto/x509v3/v3_akey.c b/src/lib/libcrypto/x509v3/v3_akey.c deleted file mode 100644 index 0889a18993..0000000000 --- a/src/lib/libcrypto/x509v3/v3_akey.c +++ /dev/null @@ -1,249 +0,0 @@ -/* v3_akey.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include "cryptlib.h" -#include -#include -#include -#include - -static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, - AUTHORITY_KEYID *akeyid, STACK_OF(CONF_VALUE) *extlist); -static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values); - -X509V3_EXT_METHOD v3_akey_id = { -NID_authority_key_identifier, X509V3_EXT_MULTILINE, -(X509V3_EXT_NEW)AUTHORITY_KEYID_new, -(X509V3_EXT_FREE)AUTHORITY_KEYID_free, -(X509V3_EXT_D2I)d2i_AUTHORITY_KEYID, -(X509V3_EXT_I2D)i2d_AUTHORITY_KEYID, -NULL, NULL, -(X509V3_EXT_I2V)i2v_AUTHORITY_KEYID, -(X509V3_EXT_V2I)v2i_AUTHORITY_KEYID, -NULL,NULL, -NULL -}; - - -int i2d_AUTHORITY_KEYID(AUTHORITY_KEYID *a, unsigned char **pp) -{ - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len_IMP_opt (a->keyid, i2d_ASN1_OCTET_STRING); - M_ASN1_I2D_len_IMP_opt (a->issuer, i2d_GENERAL_NAMES); - M_ASN1_I2D_len_IMP_opt (a->serial, i2d_ASN1_INTEGER); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put_IMP_opt (a->keyid, i2d_ASN1_OCTET_STRING, 0); - M_ASN1_I2D_put_IMP_opt (a->issuer, i2d_GENERAL_NAMES, 1); - M_ASN1_I2D_put_IMP_opt (a->serial, i2d_ASN1_INTEGER, 2); - - M_ASN1_I2D_finish(); -} - -AUTHORITY_KEYID *AUTHORITY_KEYID_new(void) -{ - AUTHORITY_KEYID *ret=NULL; - ASN1_CTX c; - M_ASN1_New_Malloc(ret, AUTHORITY_KEYID); - ret->keyid = NULL; - ret->issuer = NULL; - ret->serial = NULL; - return (ret); - M_ASN1_New_Error(ASN1_F_AUTHORITY_KEYID_NEW); -} - -AUTHORITY_KEYID *d2i_AUTHORITY_KEYID(AUTHORITY_KEYID **a, unsigned char **pp, - long length) -{ - M_ASN1_D2I_vars(a,AUTHORITY_KEYID *,AUTHORITY_KEYID_new); - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get_IMP_opt (ret->keyid, d2i_ASN1_OCTET_STRING, 0, - V_ASN1_OCTET_STRING); - M_ASN1_D2I_get_IMP_opt (ret->issuer, d2i_GENERAL_NAMES, 1, - V_ASN1_SEQUENCE); - M_ASN1_D2I_get_IMP_opt (ret->serial, d2i_ASN1_INTEGER, 2, - V_ASN1_INTEGER); - M_ASN1_D2I_Finish(a, AUTHORITY_KEYID_free, ASN1_F_D2I_AUTHORITY_KEYID); -} - -void AUTHORITY_KEYID_free(AUTHORITY_KEYID *a) -{ - if (a == NULL) return; - M_ASN1_OCTET_STRING_free(a->keyid); - sk_GENERAL_NAME_pop_free(a->issuer, GENERAL_NAME_free); - M_ASN1_INTEGER_free (a->serial); - OPENSSL_free (a); -} - -static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, - AUTHORITY_KEYID *akeyid, STACK_OF(CONF_VALUE) *extlist) -{ - char *tmp; - if(akeyid->keyid) { - tmp = hex_to_string(akeyid->keyid->data, akeyid->keyid->length); - X509V3_add_value("keyid", tmp, &extlist); - OPENSSL_free(tmp); - } - if(akeyid->issuer) - extlist = i2v_GENERAL_NAMES(NULL, akeyid->issuer, extlist); - if(akeyid->serial) { - tmp = hex_to_string(akeyid->serial->data, - akeyid->serial->length); - X509V3_add_value("serial", tmp, &extlist); - OPENSSL_free(tmp); - } - return extlist; -} - -/* Currently two options: - * keyid: use the issuers subject keyid, the value 'always' means its is - * an error if the issuer certificate doesn't have a key id. - * issuer: use the issuers cert issuer and serial number. The default is - * to only use this if keyid is not present. With the option 'always' - * this is always included. - */ - -static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values) -{ -char keyid=0, issuer=0; -int i; -CONF_VALUE *cnf; -ASN1_OCTET_STRING *ikeyid = NULL; -X509_NAME *isname = NULL; -STACK_OF(GENERAL_NAME) * gens = NULL; -GENERAL_NAME *gen = NULL; -ASN1_INTEGER *serial = NULL; -X509_EXTENSION *ext; -X509 *cert; -AUTHORITY_KEYID *akeyid; -for(i = 0; i < sk_CONF_VALUE_num(values); i++) { - cnf = sk_CONF_VALUE_value(values, i); - if(!strcmp(cnf->name, "keyid")) { - keyid = 1; - if(cnf->value && !strcmp(cnf->value, "always")) keyid = 2; - } else if(!strcmp(cnf->name, "issuer")) { - issuer = 1; - if(cnf->value && !strcmp(cnf->value, "always")) issuer = 2; - } else { - X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_UNKNOWN_OPTION); - ERR_add_error_data(2, "name=", cnf->name); - return NULL; - } -} - - - -if(!ctx || !ctx->issuer_cert) { - if(ctx && (ctx->flags==CTX_TEST)) return AUTHORITY_KEYID_new(); - X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_NO_ISSUER_CERTIFICATE); - return NULL; -} - -cert = ctx->issuer_cert; - -if(keyid) { - i = X509_get_ext_by_NID(cert, NID_subject_key_identifier, -1); - if((i >= 0) && (ext = X509_get_ext(cert, i))) - ikeyid = X509V3_EXT_d2i(ext); - if(keyid==2 && !ikeyid) { - X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_UNABLE_TO_GET_ISSUER_KEYID); - return NULL; - } -} - -if((issuer && !ikeyid) || (issuer == 2)) { - isname = X509_NAME_dup(X509_get_issuer_name(cert)); - serial = M_ASN1_INTEGER_dup(X509_get_serialNumber(cert)); - if(!isname || !serial) { - X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS); - goto err; - } -} - -if(!(akeyid = AUTHORITY_KEYID_new())) goto err; - -if(isname) { - if(!(gens = sk_GENERAL_NAME_new_null()) || !(gen = GENERAL_NAME_new()) - || !sk_GENERAL_NAME_push(gens, gen)) { - X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,ERR_R_MALLOC_FAILURE); - goto err; - } - gen->type = GEN_DIRNAME; - gen->d.dirn = isname; -} - -akeyid->issuer = gens; -akeyid->serial = serial; -akeyid->keyid = ikeyid; - -return akeyid; - -err: -X509_NAME_free(isname); -M_ASN1_INTEGER_free(serial); -M_ASN1_OCTET_STRING_free(ikeyid); -return NULL; - -} - diff --git a/src/lib/libcrypto/x509v3/v3_alt.c b/src/lib/libcrypto/x509v3/v3_alt.c deleted file mode 100644 index 733919f250..0000000000 --- a/src/lib/libcrypto/x509v3/v3_alt.c +++ /dev/null @@ -1,401 +0,0 @@ -/* v3_alt.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include "cryptlib.h" -#include -#include - -static STACK_OF(GENERAL_NAME) *v2i_subject_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); -static STACK_OF(GENERAL_NAME) *v2i_issuer_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); -static int copy_email(X509V3_CTX *ctx, STACK_OF(GENERAL_NAME) *gens); -static int copy_issuer(X509V3_CTX *ctx, STACK_OF(GENERAL_NAME) *gens); -X509V3_EXT_METHOD v3_alt[] = { -{ NID_subject_alt_name, 0, -(X509V3_EXT_NEW)GENERAL_NAMES_new, -(X509V3_EXT_FREE)GENERAL_NAMES_free, -(X509V3_EXT_D2I)d2i_GENERAL_NAMES, -(X509V3_EXT_I2D)i2d_GENERAL_NAMES, -NULL, NULL, -(X509V3_EXT_I2V)i2v_GENERAL_NAMES, -(X509V3_EXT_V2I)v2i_subject_alt, -NULL, NULL, NULL}, -{ NID_issuer_alt_name, 0, -(X509V3_EXT_NEW)GENERAL_NAMES_new, -(X509V3_EXT_FREE)GENERAL_NAMES_free, -(X509V3_EXT_D2I)d2i_GENERAL_NAMES, -(X509V3_EXT_I2D)i2d_GENERAL_NAMES, -NULL, NULL, -(X509V3_EXT_I2V)i2v_GENERAL_NAMES, -(X509V3_EXT_V2I)v2i_issuer_alt, -NULL, NULL, NULL}, -}; - -STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method, - STACK_OF(GENERAL_NAME) *gens, STACK_OF(CONF_VALUE) *ret) -{ - int i; - GENERAL_NAME *gen; - for(i = 0; i < sk_GENERAL_NAME_num(gens); i++) { - gen = sk_GENERAL_NAME_value(gens, i); - ret = i2v_GENERAL_NAME(method, gen, ret); - } - if(!ret) return sk_CONF_VALUE_new_null(); - return ret; -} - -STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method, - GENERAL_NAME *gen, STACK_OF(CONF_VALUE) *ret) -{ - char oline[256]; - unsigned char *p; - switch (gen->type) - { - case GEN_OTHERNAME: - X509V3_add_value("othername","", &ret); - break; - - case GEN_X400: - X509V3_add_value("X400Name","", &ret); - break; - - case GEN_EDIPARTY: - X509V3_add_value("EdiPartyName","", &ret); - break; - - case GEN_EMAIL: - X509V3_add_value_uchar("email",gen->d.ia5->data, &ret); - break; - - case GEN_DNS: - X509V3_add_value_uchar("DNS",gen->d.ia5->data, &ret); - break; - - case GEN_URI: - X509V3_add_value_uchar("URI",gen->d.ia5->data, &ret); - break; - - case GEN_DIRNAME: - X509_NAME_oneline(gen->d.dirn, oline, 256); - X509V3_add_value("DirName",oline, &ret); - break; - - case GEN_IPADD: - p = gen->d.ip->data; - /* BUG: doesn't support IPV6 */ - if(gen->d.ip->length != 4) { - X509V3_add_value("IP Address","", &ret); - break; - } - sprintf(oline, "%d.%d.%d.%d", p[0], p[1], p[2], p[3]); - X509V3_add_value("IP Address",oline, &ret); - break; - - case GEN_RID: - i2t_ASN1_OBJECT(oline, 256, gen->d.rid); - X509V3_add_value("Registered ID",oline, &ret); - break; - } - return ret; -} - -static STACK_OF(GENERAL_NAME) *v2i_issuer_alt(X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval) -{ - STACK_OF(GENERAL_NAME) *gens = NULL; - CONF_VALUE *cnf; - int i; - if(!(gens = sk_GENERAL_NAME_new_null())) { - X509V3err(X509V3_F_V2I_GENERAL_NAMES,ERR_R_MALLOC_FAILURE); - return NULL; - } - for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { - cnf = sk_CONF_VALUE_value(nval, i); - if(!name_cmp(cnf->name, "issuer") && cnf->value && - !strcmp(cnf->value, "copy")) { - if(!copy_issuer(ctx, gens)) goto err; - } else { - GENERAL_NAME *gen; - if(!(gen = v2i_GENERAL_NAME(method, ctx, cnf))) - goto err; - sk_GENERAL_NAME_push(gens, gen); - } - } - return gens; - err: - sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free); - return NULL; -} - -/* Append subject altname of issuer to issuer alt name of subject */ - -static int copy_issuer(X509V3_CTX *ctx, STACK_OF(GENERAL_NAME) *gens) -{ - STACK_OF(GENERAL_NAME) *ialt; - GENERAL_NAME *gen; - X509_EXTENSION *ext; - int i; - if(ctx && (ctx->flags == CTX_TEST)) return 1; - if(!ctx || !ctx->issuer_cert) { - X509V3err(X509V3_F_COPY_ISSUER,X509V3_R_NO_ISSUER_DETAILS); - goto err; - } - i = X509_get_ext_by_NID(ctx->issuer_cert, NID_subject_alt_name, -1); - if(i < 0) return 1; - if(!(ext = X509_get_ext(ctx->issuer_cert, i)) || - !(ialt = X509V3_EXT_d2i(ext)) ) { - X509V3err(X509V3_F_COPY_ISSUER,X509V3_R_ISSUER_DECODE_ERROR); - goto err; - } - - for(i = 0; i < sk_GENERAL_NAME_num(ialt); i++) { - gen = sk_GENERAL_NAME_value(ialt, i); - if(!sk_GENERAL_NAME_push(gens, gen)) { - X509V3err(X509V3_F_COPY_ISSUER,ERR_R_MALLOC_FAILURE); - goto err; - } - } - sk_GENERAL_NAME_free(ialt); - - return 1; - - err: - return 0; - -} - -static STACK_OF(GENERAL_NAME) *v2i_subject_alt(X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval) -{ - STACK_OF(GENERAL_NAME) *gens = NULL; - CONF_VALUE *cnf; - int i; - if(!(gens = sk_GENERAL_NAME_new_null())) { - X509V3err(X509V3_F_V2I_GENERAL_NAMES,ERR_R_MALLOC_FAILURE); - return NULL; - } - for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { - cnf = sk_CONF_VALUE_value(nval, i); - if(!name_cmp(cnf->name, "email") && cnf->value && - !strcmp(cnf->value, "copy")) { - if(!copy_email(ctx, gens)) goto err; - } else { - GENERAL_NAME *gen; - if(!(gen = v2i_GENERAL_NAME(method, ctx, cnf))) - goto err; - sk_GENERAL_NAME_push(gens, gen); - } - } - return gens; - err: - sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free); - return NULL; -} - -/* Copy any email addresses in a certificate or request to - * GENERAL_NAMES - */ - -static int copy_email(X509V3_CTX *ctx, STACK_OF(GENERAL_NAME) *gens) -{ - X509_NAME *nm; - ASN1_IA5STRING *email = NULL; - X509_NAME_ENTRY *ne; - GENERAL_NAME *gen = NULL; - int i; - if(ctx->flags == CTX_TEST) return 1; - if(!ctx || (!ctx->subject_cert && !ctx->subject_req)) { - X509V3err(X509V3_F_COPY_EMAIL,X509V3_R_NO_SUBJECT_DETAILS); - goto err; - } - /* Find the subject name */ - if(ctx->subject_cert) nm = X509_get_subject_name(ctx->subject_cert); - else nm = X509_REQ_get_subject_name(ctx->subject_req); - - /* Now add any email address(es) to STACK */ - i = -1; - while((i = X509_NAME_get_index_by_NID(nm, - NID_pkcs9_emailAddress, i)) > 0) { - ne = X509_NAME_get_entry(nm, i); - email = M_ASN1_IA5STRING_dup(X509_NAME_ENTRY_get_data(ne)); - if(!email || !(gen = GENERAL_NAME_new())) { - X509V3err(X509V3_F_COPY_EMAIL,ERR_R_MALLOC_FAILURE); - goto err; - } - gen->d.ia5 = email; - email = NULL; - gen->type = GEN_EMAIL; - if(!sk_GENERAL_NAME_push(gens, gen)) { - X509V3err(X509V3_F_COPY_EMAIL,ERR_R_MALLOC_FAILURE); - goto err; - } - gen = NULL; - } - - - return 1; - - err: - GENERAL_NAME_free(gen); - M_ASN1_IA5STRING_free(email); - return 0; - -} - -STACK_OF(GENERAL_NAME) *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval) -{ - GENERAL_NAME *gen; - STACK_OF(GENERAL_NAME) *gens = NULL; - CONF_VALUE *cnf; - int i; - if(!(gens = sk_GENERAL_NAME_new_null())) { - X509V3err(X509V3_F_V2I_GENERAL_NAMES,ERR_R_MALLOC_FAILURE); - return NULL; - } - for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { - cnf = sk_CONF_VALUE_value(nval, i); - if(!(gen = v2i_GENERAL_NAME(method, ctx, cnf))) goto err; - sk_GENERAL_NAME_push(gens, gen); - } - return gens; - err: - sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free); - return NULL; -} - -GENERAL_NAME *v2i_GENERAL_NAME(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, - CONF_VALUE *cnf) -{ -char is_string = 0; -int type; -GENERAL_NAME *gen = NULL; - -char *name, *value; - -name = cnf->name; -value = cnf->value; - -if(!value) { - X509V3err(X509V3_F_V2I_GENERAL_NAME,X509V3_R_MISSING_VALUE); - return NULL; -} - -if(!(gen = GENERAL_NAME_new())) { - X509V3err(X509V3_F_V2I_GENERAL_NAME,ERR_R_MALLOC_FAILURE); - return NULL; -} - -if(!name_cmp(name, "email")) { - is_string = 1; - type = GEN_EMAIL; -} else if(!name_cmp(name, "URI")) { - is_string = 1; - type = GEN_URI; -} else if(!name_cmp(name, "DNS")) { - is_string = 1; - type = GEN_DNS; -} else if(!name_cmp(name, "RID")) { - ASN1_OBJECT *obj; - if(!(obj = OBJ_txt2obj(value,0))) { - X509V3err(X509V3_F_V2I_GENERAL_NAME,X509V3_R_BAD_OBJECT); - ERR_add_error_data(2, "value=", value); - goto err; - } - gen->d.rid = obj; - type = GEN_RID; -} else if(!name_cmp(name, "IP")) { - int i1,i2,i3,i4; - unsigned char ip[4]; - if((sscanf(value, "%d.%d.%d.%d",&i1,&i2,&i3,&i4) != 4) || - (i1 < 0) || (i1 > 255) || (i2 < 0) || (i2 > 255) || - (i3 < 0) || (i3 > 255) || (i4 < 0) || (i4 > 255) ) { - X509V3err(X509V3_F_V2I_GENERAL_NAME,X509V3_R_BAD_IP_ADDRESS); - ERR_add_error_data(2, "value=", value); - goto err; - } - ip[0] = i1; ip[1] = i2 ; ip[2] = i3 ; ip[3] = i4; - if(!(gen->d.ip = M_ASN1_OCTET_STRING_new()) || - !ASN1_STRING_set(gen->d.ip, ip, 4)) { - X509V3err(X509V3_F_V2I_GENERAL_NAME,ERR_R_MALLOC_FAILURE); - goto err; - } - type = GEN_IPADD; -} else { - X509V3err(X509V3_F_V2I_GENERAL_NAME,X509V3_R_UNSUPPORTED_OPTION); - ERR_add_error_data(2, "name=", name); - goto err; -} - -if(is_string) { - if(!(gen->d.ia5 = M_ASN1_IA5STRING_new()) || - !ASN1_STRING_set(gen->d.ia5, (unsigned char*)value, - strlen(value))) { - X509V3err(X509V3_F_V2I_GENERAL_NAME,ERR_R_MALLOC_FAILURE); - goto err; - } -} - -gen->type = type; - -return gen; - -err: -GENERAL_NAME_free(gen); -return NULL; -} diff --git a/src/lib/libcrypto/x509v3/v3_bcons.c b/src/lib/libcrypto/x509v3/v3_bcons.c deleted file mode 100644 index c576b8e955..0000000000 --- a/src/lib/libcrypto/x509v3/v3_bcons.c +++ /dev/null @@ -1,164 +0,0 @@ -/* v3_bcons.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - - -#include -#include "cryptlib.h" -#include -#include -#include -#include - -static STACK_OF(CONF_VALUE) *i2v_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method, BASIC_CONSTRAINTS *bcons, STACK_OF(CONF_VALUE) *extlist); -static BASIC_CONSTRAINTS *v2i_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values); - -X509V3_EXT_METHOD v3_bcons = { -NID_basic_constraints, 0, -(X509V3_EXT_NEW)BASIC_CONSTRAINTS_new, -(X509V3_EXT_FREE)BASIC_CONSTRAINTS_free, -(X509V3_EXT_D2I)d2i_BASIC_CONSTRAINTS, -(X509V3_EXT_I2D)i2d_BASIC_CONSTRAINTS, -NULL, NULL, -(X509V3_EXT_I2V)i2v_BASIC_CONSTRAINTS, -(X509V3_EXT_V2I)v2i_BASIC_CONSTRAINTS, -NULL,NULL, -NULL -}; - - -int i2d_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS *a, unsigned char **pp) -{ - M_ASN1_I2D_vars(a); - if(a->ca) M_ASN1_I2D_len (a->ca, i2d_ASN1_BOOLEAN); - M_ASN1_I2D_len (a->pathlen, i2d_ASN1_INTEGER); - - M_ASN1_I2D_seq_total(); - - if (a->ca) M_ASN1_I2D_put (a->ca, i2d_ASN1_BOOLEAN); - M_ASN1_I2D_put (a->pathlen, i2d_ASN1_INTEGER); - M_ASN1_I2D_finish(); -} - -BASIC_CONSTRAINTS *BASIC_CONSTRAINTS_new(void) -{ - BASIC_CONSTRAINTS *ret=NULL; - ASN1_CTX c; - M_ASN1_New_Malloc(ret, BASIC_CONSTRAINTS); - ret->ca = 0; - ret->pathlen = NULL; - return (ret); - M_ASN1_New_Error(ASN1_F_BASIC_CONSTRAINTS_NEW); -} - -BASIC_CONSTRAINTS *d2i_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS **a, - unsigned char **pp, long length) -{ - M_ASN1_D2I_vars(a,BASIC_CONSTRAINTS *,BASIC_CONSTRAINTS_new); - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - if((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) == - (V_ASN1_UNIVERSAL|V_ASN1_BOOLEAN) ) { - M_ASN1_D2I_get_int (ret->ca, d2i_ASN1_BOOLEAN); - } - M_ASN1_D2I_get_opt (ret->pathlen, d2i_ASN1_INTEGER, V_ASN1_INTEGER); - M_ASN1_D2I_Finish(a, BASIC_CONSTRAINTS_free, ASN1_F_D2I_BASIC_CONSTRAINTS); -} - -void BASIC_CONSTRAINTS_free(BASIC_CONSTRAINTS *a) -{ - if (a == NULL) return; - M_ASN1_INTEGER_free (a->pathlen); - OPENSSL_free (a); -} - -static STACK_OF(CONF_VALUE) *i2v_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method, - BASIC_CONSTRAINTS *bcons, STACK_OF(CONF_VALUE) *extlist) -{ - X509V3_add_value_bool("CA", bcons->ca, &extlist); - X509V3_add_value_int("pathlen", bcons->pathlen, &extlist); - return extlist; -} - -static BASIC_CONSTRAINTS *v2i_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values) -{ - BASIC_CONSTRAINTS *bcons=NULL; - CONF_VALUE *val; - int i; - if(!(bcons = BASIC_CONSTRAINTS_new())) { - X509V3err(X509V3_F_V2I_BASIC_CONSTRAINTS, ERR_R_MALLOC_FAILURE); - return NULL; - } - for(i = 0; i < sk_CONF_VALUE_num(values); i++) { - val = sk_CONF_VALUE_value(values, i); - if(!strcmp(val->name, "CA")) { - if(!X509V3_get_value_bool(val, &bcons->ca)) goto err; - } else if(!strcmp(val->name, "pathlen")) { - if(!X509V3_get_value_int(val, &bcons->pathlen)) goto err; - } else { - X509V3err(X509V3_F_V2I_BASIC_CONSTRAINTS, X509V3_R_INVALID_NAME); - X509V3_conf_err(val); - goto err; - } - } - return bcons; - err: - BASIC_CONSTRAINTS_free(bcons); - return NULL; -} - diff --git a/src/lib/libcrypto/x509v3/v3_bitst.c b/src/lib/libcrypto/x509v3/v3_bitst.c deleted file mode 100644 index 0e1167d05c..0000000000 --- a/src/lib/libcrypto/x509v3/v3_bitst.c +++ /dev/null @@ -1,141 +0,0 @@ -/* v3_bitst.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include "cryptlib.h" -#include -#include - -static ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); -static STACK_OF(CONF_VALUE) *i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, - ASN1_BIT_STRING *bits, - STACK_OF(CONF_VALUE) *extlist); -static BIT_STRING_BITNAME ns_cert_type_table[] = { -{0, "SSL Client", "client"}, -{1, "SSL Server", "server"}, -{2, "S/MIME", "email"}, -{3, "Object Signing", "objsign"}, -{4, "Unused", "reserved"}, -{5, "SSL CA", "sslCA"}, -{6, "S/MIME CA", "emailCA"}, -{7, "Object Signing CA", "objCA"}, -{-1, NULL, NULL} -}; - -static BIT_STRING_BITNAME key_usage_type_table[] = { -{0, "Digital Signature", "digitalSignature"}, -{1, "Non Repudiation", "nonRepudiation"}, -{2, "Key Encipherment", "keyEncipherment"}, -{3, "Data Encipherment", "dataEncipherment"}, -{4, "Key Agreement", "keyAgreement"}, -{5, "Certificate Sign", "keyCertSign"}, -{6, "CRL Sign", "cRLSign"}, -{7, "Encipher Only", "encipherOnly"}, -{8, "Decipher Only", "decipherOnly"}, -{-1, NULL, NULL} -}; - - - -X509V3_EXT_METHOD v3_nscert = EXT_BITSTRING(NID_netscape_cert_type, ns_cert_type_table); -X509V3_EXT_METHOD v3_key_usage = EXT_BITSTRING(NID_key_usage, key_usage_type_table); - -static STACK_OF(CONF_VALUE) *i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, - ASN1_BIT_STRING *bits, STACK_OF(CONF_VALUE) *ret) -{ - BIT_STRING_BITNAME *bnam; - for(bnam =method->usr_data; bnam->lname; bnam++) { - if(ASN1_BIT_STRING_get_bit(bits, bnam->bitnum)) - X509V3_add_value(bnam->lname, NULL, &ret); - } - return ret; -} - -static ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval) -{ - CONF_VALUE *val; - ASN1_BIT_STRING *bs; - int i; - BIT_STRING_BITNAME *bnam; - if(!(bs = M_ASN1_BIT_STRING_new())) { - X509V3err(X509V3_F_V2I_ASN1_BIT_STRING,ERR_R_MALLOC_FAILURE); - return NULL; - } - for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { - val = sk_CONF_VALUE_value(nval, i); - for(bnam = method->usr_data; bnam->lname; bnam++) { - if(!strcmp(bnam->sname, val->name) || - !strcmp(bnam->lname, val->name) ) { - ASN1_BIT_STRING_set_bit(bs, bnam->bitnum, 1); - break; - } - } - if(!bnam->lname) { - X509V3err(X509V3_F_V2I_ASN1_BIT_STRING, - X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT); - X509V3_conf_err(val); - M_ASN1_BIT_STRING_free(bs); - return NULL; - } - } - return bs; -} - - diff --git a/src/lib/libcrypto/x509v3/v3_conf.c b/src/lib/libcrypto/x509v3/v3_conf.c deleted file mode 100644 index bdc9c1cbc1..0000000000 --- a/src/lib/libcrypto/x509v3/v3_conf.c +++ /dev/null @@ -1,390 +0,0 @@ -/* v3_conf.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -/* extension creation utilities */ - - - -#include -#include -#include "cryptlib.h" -#include -#include -#include - -static int v3_check_critical(char **value); -static int v3_check_generic(char **value); -static X509_EXTENSION *do_ext_conf(LHASH *conf, X509V3_CTX *ctx, int ext_nid, int crit, char *value); -static X509_EXTENSION *v3_generic_extension(const char *ext, char *value, int crit, int type); -static char *conf_lhash_get_string(void *db, char *section, char *value); -static STACK_OF(CONF_VALUE) *conf_lhash_get_section(void *db, char *section); -static X509_EXTENSION *do_ext_i2d(X509V3_EXT_METHOD *method, int ext_nid, - int crit, void *ext_struc); -/* LHASH *conf: Config file */ -/* char *name: Name */ -/* char *value: Value */ -X509_EXTENSION *X509V3_EXT_conf(LHASH *conf, X509V3_CTX *ctx, char *name, - char *value) -{ - int crit; - int ext_type; - X509_EXTENSION *ret; - crit = v3_check_critical(&value); - if((ext_type = v3_check_generic(&value))) - return v3_generic_extension(name, value, crit, ext_type); - ret = do_ext_conf(conf, ctx, OBJ_sn2nid(name), crit, value); - if(!ret) { - X509V3err(X509V3_F_X509V3_EXT_CONF,X509V3_R_ERROR_IN_EXTENSION); - ERR_add_error_data(4,"name=", name, ", value=", value); - } - return ret; -} - -/* LHASH *conf: Config file */ -/* char *value: Value */ -X509_EXTENSION *X509V3_EXT_conf_nid(LHASH *conf, X509V3_CTX *ctx, int ext_nid, - char *value) -{ - int crit; - int ext_type; - crit = v3_check_critical(&value); - if((ext_type = v3_check_generic(&value))) - return v3_generic_extension(OBJ_nid2sn(ext_nid), - value, crit, ext_type); - return do_ext_conf(conf, ctx, ext_nid, crit, value); -} - -/* LHASH *conf: Config file */ -/* char *value: Value */ -static X509_EXTENSION *do_ext_conf(LHASH *conf, X509V3_CTX *ctx, int ext_nid, - int crit, char *value) -{ - X509V3_EXT_METHOD *method; - X509_EXTENSION *ext; - STACK_OF(CONF_VALUE) *nval; - void *ext_struc; - if(ext_nid == NID_undef) { - X509V3err(X509V3_F_DO_EXT_CONF,X509V3_R_UNKNOWN_EXTENSION_NAME); - return NULL; - } - if(!(method = X509V3_EXT_get_nid(ext_nid))) { - X509V3err(X509V3_F_DO_EXT_CONF,X509V3_R_UNKNOWN_EXTENSION); - return NULL; - } - /* Now get internal extension representation based on type */ - if(method->v2i) { - if(*value == '@') nval = CONF_get_section(conf, value + 1); - else nval = X509V3_parse_list(value); - if(!nval) { - X509V3err(X509V3_F_X509V3_EXT_CONF,X509V3_R_INVALID_EXTENSION_STRING); - ERR_add_error_data(4, "name=", OBJ_nid2sn(ext_nid), ",section=", value); - return NULL; - } - ext_struc = method->v2i(method, ctx, nval); - if(*value != '@') sk_CONF_VALUE_pop_free(nval, - X509V3_conf_free); - if(!ext_struc) return NULL; - } else if(method->s2i) { - if(!(ext_struc = method->s2i(method, ctx, value))) return NULL; - } else if(method->r2i) { - if(!ctx->db) { - X509V3err(X509V3_F_X509V3_EXT_CONF,X509V3_R_NO_CONFIG_DATABASE); - return NULL; - } - if(!(ext_struc = method->r2i(method, ctx, value))) return NULL; - } else { - X509V3err(X509V3_F_X509V3_EXT_CONF,X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED); - ERR_add_error_data(2, "name=", OBJ_nid2sn(ext_nid)); - return NULL; - } - - ext = do_ext_i2d(method, ext_nid, crit, ext_struc); - method->ext_free(ext_struc); - return ext; - -} - -static X509_EXTENSION *do_ext_i2d(X509V3_EXT_METHOD *method, int ext_nid, - int crit, void *ext_struc) -{ - unsigned char *ext_der, *p; - int ext_len; - ASN1_OCTET_STRING *ext_oct; - X509_EXTENSION *ext; - /* Convert internal representation to DER */ - ext_len = method->i2d(ext_struc, NULL); - if(!(ext_der = OPENSSL_malloc(ext_len))) goto merr; - p = ext_der; - method->i2d(ext_struc, &p); - if(!(ext_oct = M_ASN1_OCTET_STRING_new())) goto merr; - ext_oct->data = ext_der; - ext_oct->length = ext_len; - - ext = X509_EXTENSION_create_by_NID(NULL, ext_nid, crit, ext_oct); - if(!ext) goto merr; - M_ASN1_OCTET_STRING_free(ext_oct); - - return ext; - - merr: - X509V3err(X509V3_F_DO_EXT_I2D,ERR_R_MALLOC_FAILURE); - return NULL; - -} - -/* Given an internal structure, nid and critical flag create an extension */ - -X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc) -{ - X509V3_EXT_METHOD *method; - if(!(method = X509V3_EXT_get_nid(ext_nid))) { - X509V3err(X509V3_F_X509V3_EXT_I2D,X509V3_R_UNKNOWN_EXTENSION); - return NULL; - } - return do_ext_i2d(method, ext_nid, crit, ext_struc); -} - -/* Check the extension string for critical flag */ -static int v3_check_critical(char **value) -{ - char *p = *value; - if((strlen(p) < 9) || strncmp(p, "critical,", 9)) return 0; - p+=9; - while(isspace((unsigned char)*p)) p++; - *value = p; - return 1; -} - -/* Check extension string for generic extension and return the type */ -static int v3_check_generic(char **value) -{ - char *p = *value; - if((strlen(p) < 4) || strncmp(p, "DER:,", 4)) return 0; - p+=4; - while(isspace((unsigned char)*p)) p++; - *value = p; - return 1; -} - -/* Create a generic extension: for now just handle DER type */ -static X509_EXTENSION *v3_generic_extension(const char *ext, char *value, - int crit, int type) -{ -unsigned char *ext_der=NULL; -long ext_len; -ASN1_OBJECT *obj=NULL; -ASN1_OCTET_STRING *oct=NULL; -X509_EXTENSION *extension=NULL; -if(!(obj = OBJ_txt2obj(ext, 0))) { - X509V3err(X509V3_F_V3_GENERIC_EXTENSION,X509V3_R_EXTENSION_NAME_ERROR); - ERR_add_error_data(2, "name=", ext); - goto err; -} - -if(!(ext_der = string_to_hex(value, &ext_len))) { - X509V3err(X509V3_F_V3_GENERIC_EXTENSION,X509V3_R_EXTENSION_VALUE_ERROR); - ERR_add_error_data(2, "value=", value); - goto err; -} - -if(!(oct = M_ASN1_OCTET_STRING_new())) { - X509V3err(X509V3_F_V3_GENERIC_EXTENSION,ERR_R_MALLOC_FAILURE); - goto err; -} - -oct->data = ext_der; -oct->length = ext_len; -ext_der = NULL; - -extension = X509_EXTENSION_create_by_OBJ(NULL, obj, crit, oct); - -err: -ASN1_OBJECT_free(obj); -M_ASN1_OCTET_STRING_free(oct); -if(ext_der) OPENSSL_free(ext_der); -return extension; -} - - -/* This is the main function: add a bunch of extensions based on a config file - * section - */ - -int X509V3_EXT_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, - X509 *cert) -{ - X509_EXTENSION *ext; - STACK_OF(CONF_VALUE) *nval; - CONF_VALUE *val; - int i; - if(!(nval = CONF_get_section(conf, section))) return 0; - for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { - val = sk_CONF_VALUE_value(nval, i); - if(!(ext = X509V3_EXT_conf(conf, ctx, val->name, val->value))) - return 0; - if(cert) X509_add_ext(cert, ext, -1); - X509_EXTENSION_free(ext); - } - return 1; -} - -/* Same as above but for a CRL */ - -int X509V3_EXT_CRL_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, - X509_CRL *crl) -{ - X509_EXTENSION *ext; - STACK_OF(CONF_VALUE) *nval; - CONF_VALUE *val; - int i; - if(!(nval = CONF_get_section(conf, section))) return 0; - for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { - val = sk_CONF_VALUE_value(nval, i); - if(!(ext = X509V3_EXT_conf(conf, ctx, val->name, val->value))) - return 0; - if(crl) X509_CRL_add_ext(crl, ext, -1); - X509_EXTENSION_free(ext); - } - return 1; -} - -/* Add extensions to certificate request */ - -int X509V3_EXT_REQ_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, - X509_REQ *req) -{ - X509_EXTENSION *ext; - STACK_OF(X509_EXTENSION) *extlist = NULL; - STACK_OF(CONF_VALUE) *nval; - CONF_VALUE *val; - int i; - if(!(nval = CONF_get_section(conf, section))) return 0; - for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { - val = sk_CONF_VALUE_value(nval, i); - if(!(ext = X509V3_EXT_conf(conf, ctx, val->name, val->value))) - return 0; - if(!extlist) extlist = sk_X509_EXTENSION_new_null(); - sk_X509_EXTENSION_push(extlist, ext); - } - if(req) i = X509_REQ_add_extensions(req, extlist); - else i = 1; - sk_X509_EXTENSION_pop_free(extlist, X509_EXTENSION_free); - return i; -} - -/* Config database functions */ - -char * X509V3_get_string(X509V3_CTX *ctx, char *name, char *section) -{ - if(ctx->db_meth->get_string) - return ctx->db_meth->get_string(ctx->db, name, section); - return NULL; -} - -STACK_OF(CONF_VALUE) * X509V3_get_section(X509V3_CTX *ctx, char *section) -{ - if(ctx->db_meth->get_section) - return ctx->db_meth->get_section(ctx->db, section); - return NULL; -} - -void X509V3_string_free(X509V3_CTX *ctx, char *str) -{ - if(!str) return; - if(ctx->db_meth->free_string) - ctx->db_meth->free_string(ctx->db, str); -} - -void X509V3_section_free(X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *section) -{ - if(!section) return; - if(ctx->db_meth->free_section) - ctx->db_meth->free_section(ctx->db, section); -} - -static char *conf_lhash_get_string(void *db, char *section, char *value) -{ - return CONF_get_string(db, section, value); -} - -static STACK_OF(CONF_VALUE) *conf_lhash_get_section(void *db, char *section) -{ - return CONF_get_section(db, section); -} - -static X509V3_CONF_METHOD conf_lhash_method = { -conf_lhash_get_string, -conf_lhash_get_section, -NULL, -NULL -}; - -void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH *lhash) -{ - ctx->db_meth = &conf_lhash_method; - ctx->db = lhash; -} - -void X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subj, X509_REQ *req, - X509_CRL *crl, int flags) -{ - ctx->issuer_cert = issuer; - ctx->subject_cert = subj; - ctx->crl = crl; - ctx->subject_req = req; - ctx->flags = flags; -} diff --git a/src/lib/libcrypto/x509v3/v3_cpols.c b/src/lib/libcrypto/x509v3/v3_cpols.c deleted file mode 100644 index 8203ed7571..0000000000 --- a/src/lib/libcrypto/x509v3/v3_cpols.c +++ /dev/null @@ -1,660 +0,0 @@ -/* v3_cpols.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include "cryptlib.h" -#include -#include -#include -#include - -/* Certificate policies extension support: this one is a bit complex... */ - -static int i2r_certpol(X509V3_EXT_METHOD *method, STACK_OF(POLICYINFO) *pol, BIO *out, int indent); -static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *value); -static void print_qualifiers(BIO *out, STACK_OF(POLICYQUALINFO) *quals, int indent); -static void print_notice(BIO *out, USERNOTICE *notice, int indent); -static POLICYINFO *policy_section(X509V3_CTX *ctx, - STACK_OF(CONF_VALUE) *polstrs, int ia5org); -static POLICYQUALINFO *notice_section(X509V3_CTX *ctx, - STACK_OF(CONF_VALUE) *unot, int ia5org); -static STACK_OF(ASN1_INTEGER) *nref_nos(STACK_OF(CONF_VALUE) *nos); - -X509V3_EXT_METHOD v3_cpols = { -NID_certificate_policies, 0, -(X509V3_EXT_NEW)CERTIFICATEPOLICIES_new, -(X509V3_EXT_FREE)CERTIFICATEPOLICIES_free, -(X509V3_EXT_D2I)d2i_CERTIFICATEPOLICIES, -(X509V3_EXT_I2D)i2d_CERTIFICATEPOLICIES, -NULL, NULL, -NULL, NULL, -(X509V3_EXT_I2R)i2r_certpol, -(X509V3_EXT_R2I)r2i_certpol, -NULL -}; - - -static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, char *value) -{ - STACK_OF(POLICYINFO) *pols = NULL; - char *pstr; - POLICYINFO *pol; - ASN1_OBJECT *pobj; - STACK_OF(CONF_VALUE) *vals; - CONF_VALUE *cnf; - int i, ia5org; - pols = sk_POLICYINFO_new_null(); - vals = X509V3_parse_list(value); - ia5org = 0; - for(i = 0; i < sk_CONF_VALUE_num(vals); i++) { - cnf = sk_CONF_VALUE_value(vals, i); - if(cnf->value || !cnf->name ) { - X509V3err(X509V3_F_R2I_CERTPOL,X509V3_R_INVALID_POLICY_IDENTIFIER); - X509V3_conf_err(cnf); - goto err; - } - pstr = cnf->name; - if(!strcmp(pstr,"ia5org")) { - ia5org = 1; - continue; - } else if(*pstr == '@') { - STACK_OF(CONF_VALUE) *polsect; - polsect = X509V3_get_section(ctx, pstr + 1); - if(!polsect) { - X509V3err(X509V3_F_R2I_CERTPOL,X509V3_R_INVALID_SECTION); - - X509V3_conf_err(cnf); - goto err; - } - pol = policy_section(ctx, polsect, ia5org); - X509V3_section_free(ctx, polsect); - if(!pol) goto err; - } else { - if(!(pobj = OBJ_txt2obj(cnf->name, 0))) { - X509V3err(X509V3_F_R2I_CERTPOL,X509V3_R_INVALID_OBJECT_IDENTIFIER); - X509V3_conf_err(cnf); - goto err; - } - pol = POLICYINFO_new(); - pol->policyid = pobj; - } - sk_POLICYINFO_push(pols, pol); - } - sk_CONF_VALUE_pop_free(vals, X509V3_conf_free); - return pols; - err: - sk_POLICYINFO_pop_free(pols, POLICYINFO_free); - return NULL; -} - -static POLICYINFO *policy_section(X509V3_CTX *ctx, - STACK_OF(CONF_VALUE) *polstrs, int ia5org) -{ - int i; - CONF_VALUE *cnf; - POLICYINFO *pol; - POLICYQUALINFO *qual; - if(!(pol = POLICYINFO_new())) goto merr; - for(i = 0; i < sk_CONF_VALUE_num(polstrs); i++) { - cnf = sk_CONF_VALUE_value(polstrs, i); - if(!strcmp(cnf->name, "policyIdentifier")) { - ASN1_OBJECT *pobj; - if(!(pobj = OBJ_txt2obj(cnf->value, 0))) { - X509V3err(X509V3_F_POLICY_SECTION,X509V3_R_INVALID_OBJECT_IDENTIFIER); - X509V3_conf_err(cnf); - goto err; - } - pol->policyid = pobj; - - } else if(!name_cmp(cnf->name, "CPS")) { - if(!pol->qualifiers) pol->qualifiers = - sk_POLICYQUALINFO_new_null(); - if(!(qual = POLICYQUALINFO_new())) goto merr; - if(!sk_POLICYQUALINFO_push(pol->qualifiers, qual)) - goto merr; - qual->pqualid = OBJ_nid2obj(NID_id_qt_cps); - qual->d.cpsuri = M_ASN1_IA5STRING_new(); - if(!ASN1_STRING_set(qual->d.cpsuri, cnf->value, - strlen(cnf->value))) goto merr; - } else if(!name_cmp(cnf->name, "userNotice")) { - STACK_OF(CONF_VALUE) *unot; - if(*cnf->value != '@') { - X509V3err(X509V3_F_POLICY_SECTION,X509V3_R_EXPECTED_A_SECTION_NAME); - X509V3_conf_err(cnf); - goto err; - } - unot = X509V3_get_section(ctx, cnf->value + 1); - if(!unot) { - X509V3err(X509V3_F_POLICY_SECTION,X509V3_R_INVALID_SECTION); - - X509V3_conf_err(cnf); - goto err; - } - qual = notice_section(ctx, unot, ia5org); - X509V3_section_free(ctx, unot); - if(!qual) goto err; - if(!sk_POLICYQUALINFO_push(pol->qualifiers, qual)) - goto merr; - } else { - X509V3err(X509V3_F_POLICY_SECTION,X509V3_R_INVALID_OPTION); - - X509V3_conf_err(cnf); - goto err; - } - } - if(!pol->policyid) { - X509V3err(X509V3_F_POLICY_SECTION,X509V3_R_NO_POLICY_IDENTIFIER); - goto err; - } - - return pol; - - merr: - X509V3err(X509V3_F_POLICY_SECTION,ERR_R_MALLOC_FAILURE); - - err: - POLICYINFO_free(pol); - return NULL; - - -} - -static POLICYQUALINFO *notice_section(X509V3_CTX *ctx, - STACK_OF(CONF_VALUE) *unot, int ia5org) -{ - int i; - CONF_VALUE *cnf; - USERNOTICE *not; - POLICYQUALINFO *qual; - if(!(qual = POLICYQUALINFO_new())) goto merr; - qual->pqualid = OBJ_nid2obj(NID_id_qt_unotice); - if(!(not = USERNOTICE_new())) goto merr; - qual->d.usernotice = not; - for(i = 0; i < sk_CONF_VALUE_num(unot); i++) { - cnf = sk_CONF_VALUE_value(unot, i); - if(!strcmp(cnf->name, "explicitText")) { - not->exptext = M_ASN1_VISIBLESTRING_new(); - if(!ASN1_STRING_set(not->exptext, cnf->value, - strlen(cnf->value))) goto merr; - } else if(!strcmp(cnf->name, "organization")) { - NOTICEREF *nref; - if(!not->noticeref) { - if(!(nref = NOTICEREF_new())) goto merr; - not->noticeref = nref; - } else nref = not->noticeref; - if(ia5org) nref->organization = M_ASN1_IA5STRING_new(); - else nref->organization = M_ASN1_VISIBLESTRING_new(); - if(!ASN1_STRING_set(nref->organization, cnf->value, - strlen(cnf->value))) goto merr; - } else if(!strcmp(cnf->name, "noticeNumbers")) { - NOTICEREF *nref; - STACK_OF(CONF_VALUE) *nos; - if(!not->noticeref) { - if(!(nref = NOTICEREF_new())) goto merr; - not->noticeref = nref; - } else nref = not->noticeref; - nos = X509V3_parse_list(cnf->value); - if(!nos || !sk_CONF_VALUE_num(nos)) { - X509V3err(X509V3_F_NOTICE_SECTION,X509V3_R_INVALID_NUMBERS); - X509V3_conf_err(cnf); - goto err; - } - nref->noticenos = nref_nos(nos); - sk_CONF_VALUE_pop_free(nos, X509V3_conf_free); - if(!nref->noticenos) goto err; - } else { - X509V3err(X509V3_F_NOTICE_SECTION,X509V3_R_INVALID_OPTION); - - X509V3_conf_err(cnf); - goto err; - } - } - - if(not->noticeref && - (!not->noticeref->noticenos || !not->noticeref->organization)) { - X509V3err(X509V3_F_NOTICE_SECTION,X509V3_R_NEED_ORGANIZATION_AND_NUMBERS); - goto err; - } - - return qual; - - merr: - X509V3err(X509V3_F_NOTICE_SECTION,ERR_R_MALLOC_FAILURE); - - err: - POLICYQUALINFO_free(qual); - return NULL; -} - -static STACK_OF(ASN1_INTEGER) *nref_nos(STACK_OF(CONF_VALUE) *nos) -{ - STACK_OF(ASN1_INTEGER) *nnums; - CONF_VALUE *cnf; - ASN1_INTEGER *aint; - - int i; - - if(!(nnums = sk_ASN1_INTEGER_new_null())) goto merr; - for(i = 0; i < sk_CONF_VALUE_num(nos); i++) { - cnf = sk_CONF_VALUE_value(nos, i); - if(!(aint = s2i_ASN1_INTEGER(NULL, cnf->name))) { - X509V3err(X509V3_F_NREF_NOS,X509V3_R_INVALID_NUMBER); - goto err; - } - if(!sk_ASN1_INTEGER_push(nnums, aint)) goto merr; - } - return nnums; - - merr: - X509V3err(X509V3_F_NOTICE_SECTION,ERR_R_MALLOC_FAILURE); - - err: - sk_ASN1_INTEGER_pop_free(nnums, ASN1_STRING_free); - return NULL; -} - - -static int i2r_certpol(X509V3_EXT_METHOD *method, STACK_OF(POLICYINFO) *pol, - BIO *out, int indent) -{ - int i; - POLICYINFO *pinfo; - /* First print out the policy OIDs */ - for(i = 0; i < sk_POLICYINFO_num(pol); i++) { - pinfo = sk_POLICYINFO_value(pol, i); - BIO_printf(out, "%*sPolicy: ", indent, ""); - i2a_ASN1_OBJECT(out, pinfo->policyid); - BIO_puts(out, "\n"); - if(pinfo->qualifiers) - print_qualifiers(out, pinfo->qualifiers, indent + 2); - } - return 1; -} - - -int i2d_CERTIFICATEPOLICIES(STACK_OF(POLICYINFO) *a, unsigned char **pp) -{ - -return i2d_ASN1_SET_OF_POLICYINFO(a, pp, i2d_POLICYINFO, V_ASN1_SEQUENCE, - V_ASN1_UNIVERSAL, IS_SEQUENCE);} - -STACK_OF(POLICYINFO) *CERTIFICATEPOLICIES_new(void) -{ - return sk_POLICYINFO_new_null(); -} - -void CERTIFICATEPOLICIES_free(STACK_OF(POLICYINFO) *a) -{ - sk_POLICYINFO_pop_free(a, POLICYINFO_free); -} - -STACK_OF(POLICYINFO) *d2i_CERTIFICATEPOLICIES(STACK_OF(POLICYINFO) **a, - unsigned char **pp,long length) -{ -return d2i_ASN1_SET_OF_POLICYINFO(a, pp, length, d2i_POLICYINFO, - POLICYINFO_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL); - -} - -IMPLEMENT_STACK_OF(POLICYINFO) -IMPLEMENT_ASN1_SET_OF(POLICYINFO) - -int i2d_POLICYINFO(POLICYINFO *a, unsigned char **pp) -{ - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len (a->policyid, i2d_ASN1_OBJECT); - M_ASN1_I2D_len_SEQUENCE_type(POLICYQUALINFO, a->qualifiers, - i2d_POLICYQUALINFO); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put (a->policyid, i2d_ASN1_OBJECT); - M_ASN1_I2D_put_SEQUENCE_type(POLICYQUALINFO, a->qualifiers, - i2d_POLICYQUALINFO); - - M_ASN1_I2D_finish(); -} - -POLICYINFO *POLICYINFO_new(void) -{ - POLICYINFO *ret=NULL; - ASN1_CTX c; - M_ASN1_New_Malloc(ret, POLICYINFO); - ret->policyid = NULL; - ret->qualifiers = NULL; - return (ret); - M_ASN1_New_Error(ASN1_F_POLICYINFO_NEW); -} - -POLICYINFO *d2i_POLICYINFO(POLICYINFO **a, unsigned char **pp,long length) -{ - M_ASN1_D2I_vars(a,POLICYINFO *,POLICYINFO_new); - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->policyid, d2i_ASN1_OBJECT); - if(!M_ASN1_D2I_end_sequence()) { - M_ASN1_D2I_get_seq_type (POLICYQUALINFO, ret->qualifiers, - d2i_POLICYQUALINFO, POLICYQUALINFO_free); - } - M_ASN1_D2I_Finish(a, POLICYINFO_free, ASN1_F_D2I_POLICYINFO); -} - -void POLICYINFO_free(POLICYINFO *a) -{ - if (a == NULL) return; - ASN1_OBJECT_free(a->policyid); - sk_POLICYQUALINFO_pop_free(a->qualifiers, POLICYQUALINFO_free); - OPENSSL_free (a); -} - -static void print_qualifiers(BIO *out, STACK_OF(POLICYQUALINFO) *quals, - int indent) -{ - POLICYQUALINFO *qualinfo; - int i; - for(i = 0; i < sk_POLICYQUALINFO_num(quals); i++) { - qualinfo = sk_POLICYQUALINFO_value(quals, i); - switch(OBJ_obj2nid(qualinfo->pqualid)) - { - case NID_id_qt_cps: - BIO_printf(out, "%*sCPS: %s\n", indent, "", - qualinfo->d.cpsuri->data); - break; - - case NID_id_qt_unotice: - BIO_printf(out, "%*sUser Notice:\n", indent, ""); - print_notice(out, qualinfo->d.usernotice, indent + 2); - break; - - default: - BIO_printf(out, "%*sUnknown Qualifier: ", - indent + 2, ""); - - i2a_ASN1_OBJECT(out, qualinfo->pqualid); - BIO_puts(out, "\n"); - break; - } - } -} - -static void print_notice(BIO *out, USERNOTICE *notice, int indent) -{ - int i; - if(notice->noticeref) { - NOTICEREF *ref; - ref = notice->noticeref; - BIO_printf(out, "%*sOrganization: %s\n", indent, "", - ref->organization->data); - BIO_printf(out, "%*sNumber%s: ", indent, "", - sk_ASN1_INTEGER_num(ref->noticenos) > 1 ? "s" : ""); - for(i = 0; i < sk_ASN1_INTEGER_num(ref->noticenos); i++) { - ASN1_INTEGER *num; - char *tmp; - num = sk_ASN1_INTEGER_value(ref->noticenos, i); - if(i) BIO_puts(out, ", "); - tmp = i2s_ASN1_INTEGER(NULL, num); - BIO_puts(out, tmp); - OPENSSL_free(tmp); - } - BIO_puts(out, "\n"); - } - if(notice->exptext) - BIO_printf(out, "%*sExplicit Text: %s\n", indent, "", - notice->exptext->data); -} - - - -int i2d_POLICYQUALINFO(POLICYQUALINFO *a, unsigned char **pp) -{ - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len (a->pqualid, i2d_ASN1_OBJECT); - switch(OBJ_obj2nid(a->pqualid)) { - case NID_id_qt_cps: - M_ASN1_I2D_len(a->d.cpsuri, i2d_ASN1_IA5STRING); - break; - - case NID_id_qt_unotice: - M_ASN1_I2D_len(a->d.usernotice, i2d_USERNOTICE); - break; - - default: - M_ASN1_I2D_len(a->d.other, i2d_ASN1_TYPE); - break; - } - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put (a->pqualid, i2d_ASN1_OBJECT); - switch(OBJ_obj2nid(a->pqualid)) { - case NID_id_qt_cps: - M_ASN1_I2D_put(a->d.cpsuri, i2d_ASN1_IA5STRING); - break; - - case NID_id_qt_unotice: - M_ASN1_I2D_put(a->d.usernotice, i2d_USERNOTICE); - break; - - default: - M_ASN1_I2D_put(a->d.other, i2d_ASN1_TYPE); - break; - } - - M_ASN1_I2D_finish(); -} - -POLICYQUALINFO *POLICYQUALINFO_new(void) -{ - POLICYQUALINFO *ret=NULL; - ASN1_CTX c; - M_ASN1_New_Malloc(ret, POLICYQUALINFO); - ret->pqualid = NULL; - ret->d.other = NULL; - return (ret); - M_ASN1_New_Error(ASN1_F_POLICYQUALINFO_NEW); -} - -POLICYQUALINFO *d2i_POLICYQUALINFO(POLICYQUALINFO **a, unsigned char **pp, - long length) -{ - M_ASN1_D2I_vars(a,POLICYQUALINFO *,POLICYQUALINFO_new); - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get (ret->pqualid, d2i_ASN1_OBJECT); - switch(OBJ_obj2nid(ret->pqualid)) { - case NID_id_qt_cps: - M_ASN1_D2I_get(ret->d.cpsuri, d2i_ASN1_IA5STRING); - break; - - case NID_id_qt_unotice: - M_ASN1_D2I_get(ret->d.usernotice, d2i_USERNOTICE); - break; - - default: - M_ASN1_D2I_get(ret->d.other, d2i_ASN1_TYPE); - break; - } - M_ASN1_D2I_Finish(a, POLICYQUALINFO_free, ASN1_F_D2I_POLICYQUALINFO); -} - -void POLICYQUALINFO_free(POLICYQUALINFO *a) -{ - if (a == NULL) return; - switch(OBJ_obj2nid(a->pqualid)) { - case NID_id_qt_cps: - M_ASN1_IA5STRING_free(a->d.cpsuri); - break; - - case NID_id_qt_unotice: - USERNOTICE_free(a->d.usernotice); - break; - - default: - ASN1_TYPE_free(a->d.other); - break; - } - - ASN1_OBJECT_free(a->pqualid); - OPENSSL_free (a); -} - -int i2d_USERNOTICE(USERNOTICE *a, unsigned char **pp) -{ - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len (a->noticeref, i2d_NOTICEREF); - M_ASN1_I2D_len (a->exptext, i2d_DISPLAYTEXT); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put (a->noticeref, i2d_NOTICEREF); - M_ASN1_I2D_put (a->exptext, i2d_DISPLAYTEXT); - - M_ASN1_I2D_finish(); -} - -USERNOTICE *USERNOTICE_new(void) -{ - USERNOTICE *ret=NULL; - ASN1_CTX c; - M_ASN1_New_Malloc(ret, USERNOTICE); - ret->noticeref = NULL; - ret->exptext = NULL; - return (ret); - M_ASN1_New_Error(ASN1_F_USERNOTICE_NEW); -} - -USERNOTICE *d2i_USERNOTICE(USERNOTICE **a, unsigned char **pp,long length) -{ - M_ASN1_D2I_vars(a,USERNOTICE *,USERNOTICE_new); - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get_opt(ret->noticeref, d2i_NOTICEREF, V_ASN1_SEQUENCE); - if (!M_ASN1_D2I_end_sequence()) { - M_ASN1_D2I_get(ret->exptext, d2i_DISPLAYTEXT); - } - M_ASN1_D2I_Finish(a, USERNOTICE_free, ASN1_F_D2I_USERNOTICE); -} - -void USERNOTICE_free(USERNOTICE *a) -{ - if (a == NULL) return; - NOTICEREF_free(a->noticeref); - M_DISPLAYTEXT_free(a->exptext); - OPENSSL_free (a); -} - -int i2d_NOTICEREF(NOTICEREF *a, unsigned char **pp) -{ - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len (a->organization, i2d_DISPLAYTEXT); - M_ASN1_I2D_len_SEQUENCE_type(ASN1_INTEGER, a->noticenos, - i2d_ASN1_INTEGER); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put (a->organization, i2d_DISPLAYTEXT); - M_ASN1_I2D_put_SEQUENCE_type(ASN1_INTEGER, a->noticenos, - i2d_ASN1_INTEGER); - - M_ASN1_I2D_finish(); -} - -NOTICEREF *NOTICEREF_new(void) -{ - NOTICEREF *ret=NULL; - ASN1_CTX c; - M_ASN1_New_Malloc(ret, NOTICEREF); - ret->organization = NULL; - ret->noticenos = NULL; - return (ret); - M_ASN1_New_Error(ASN1_F_NOTICEREF_NEW); -} - -NOTICEREF *d2i_NOTICEREF(NOTICEREF **a, unsigned char **pp,long length) -{ - M_ASN1_D2I_vars(a,NOTICEREF *,NOTICEREF_new); - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - /* This is to cope with some broken encodings that use IA5STRING for - * the organization field - */ - M_ASN1_D2I_get_opt(ret->organization, d2i_ASN1_IA5STRING, - V_ASN1_IA5STRING); - if(!ret->organization) { - M_ASN1_D2I_get(ret->organization, d2i_DISPLAYTEXT); - } - M_ASN1_D2I_get_seq_type(ASN1_INTEGER, ret->noticenos, d2i_ASN1_INTEGER, - ASN1_STRING_free); - M_ASN1_D2I_Finish(a, NOTICEREF_free, ASN1_F_D2I_NOTICEREF); -} - -void NOTICEREF_free(NOTICEREF *a) -{ - if (a == NULL) return; - M_DISPLAYTEXT_free(a->organization); - sk_ASN1_INTEGER_pop_free(a->noticenos, ASN1_STRING_free); - OPENSSL_free (a); -} - -IMPLEMENT_STACK_OF(POLICYQUALINFO) -IMPLEMENT_ASN1_SET_OF(POLICYQUALINFO) diff --git a/src/lib/libcrypto/x509v3/v3_crld.c b/src/lib/libcrypto/x509v3/v3_crld.c deleted file mode 100644 index 67feea4017..0000000000 --- a/src/lib/libcrypto/x509v3/v3_crld.c +++ /dev/null @@ -1,285 +0,0 @@ -/* v3_crld.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include "cryptlib.h" -#include -#include -#include -#include - -static STACK_OF(CONF_VALUE) *i2v_crld(X509V3_EXT_METHOD *method, - STACK_OF(DIST_POINT) *crld, STACK_OF(CONF_VALUE) *extlist); -static STACK_OF(DIST_POINT) *v2i_crld(X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); - -X509V3_EXT_METHOD v3_crld = { -NID_crl_distribution_points, X509V3_EXT_MULTILINE, -(X509V3_EXT_NEW)CRL_DIST_POINTS_new, -(X509V3_EXT_FREE)CRL_DIST_POINTS_free, -(X509V3_EXT_D2I)d2i_CRL_DIST_POINTS, -(X509V3_EXT_I2D)i2d_CRL_DIST_POINTS, -NULL, NULL, -(X509V3_EXT_I2V)i2v_crld, -(X509V3_EXT_V2I)v2i_crld, -NULL, NULL, NULL -}; - -static STACK_OF(CONF_VALUE) *i2v_crld(X509V3_EXT_METHOD *method, - STACK_OF(DIST_POINT) *crld, STACK_OF(CONF_VALUE) *exts) -{ - DIST_POINT *point; - int i; - for(i = 0; i < sk_DIST_POINT_num(crld); i++) { - point = sk_DIST_POINT_value(crld, i); - if(point->distpoint && point->distpoint->fullname) { - exts = i2v_GENERAL_NAMES(NULL, - point->distpoint->fullname, exts); - } - if(point->reasons) - X509V3_add_value("reasons","", &exts); - if(point->CRLissuer) - X509V3_add_value("CRLissuer","", &exts); - if(point->distpoint && point->distpoint->relativename) - X509V3_add_value("RelativeName","", &exts); - } - return exts; -} - -static STACK_OF(DIST_POINT) *v2i_crld(X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval) -{ - STACK_OF(DIST_POINT) *crld = NULL; - STACK_OF(GENERAL_NAME) *gens = NULL; - GENERAL_NAME *gen = NULL; - CONF_VALUE *cnf; - int i; - if(!(crld = sk_DIST_POINT_new_null())) goto merr; - for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { - DIST_POINT *point; - cnf = sk_CONF_VALUE_value(nval, i); - if(!(gen = v2i_GENERAL_NAME(method, ctx, cnf))) goto err; - if(!(gens = GENERAL_NAMES_new())) goto merr; - if(!sk_GENERAL_NAME_push(gens, gen)) goto merr; - gen = NULL; - if(!(point = DIST_POINT_new())) goto merr; - if(!sk_DIST_POINT_push(crld, point)) { - DIST_POINT_free(point); - goto merr; - } - if(!(point->distpoint = DIST_POINT_NAME_new())) goto merr; - point->distpoint->fullname = gens; - gens = NULL; - } - return crld; - - merr: - X509V3err(X509V3_F_V2I_CRLD,ERR_R_MALLOC_FAILURE); - err: - GENERAL_NAME_free(gen); - GENERAL_NAMES_free(gens); - sk_DIST_POINT_pop_free(crld, DIST_POINT_free); - return NULL; -} - -int i2d_CRL_DIST_POINTS(STACK_OF(DIST_POINT) *a, unsigned char **pp) -{ - -return i2d_ASN1_SET_OF_DIST_POINT(a, pp, i2d_DIST_POINT, V_ASN1_SEQUENCE, - V_ASN1_UNIVERSAL, IS_SEQUENCE);} - -STACK_OF(DIST_POINT) *CRL_DIST_POINTS_new(void) -{ - return sk_DIST_POINT_new_null(); -} - -void CRL_DIST_POINTS_free(STACK_OF(DIST_POINT) *a) -{ - sk_DIST_POINT_pop_free(a, DIST_POINT_free); -} - -STACK_OF(DIST_POINT) *d2i_CRL_DIST_POINTS(STACK_OF(DIST_POINT) **a, - unsigned char **pp,long length) -{ -return d2i_ASN1_SET_OF_DIST_POINT(a, pp, length, d2i_DIST_POINT, - DIST_POINT_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL); - -} - -IMPLEMENT_STACK_OF(DIST_POINT) -IMPLEMENT_ASN1_SET_OF(DIST_POINT) - -int i2d_DIST_POINT(DIST_POINT *a, unsigned char **pp) -{ - int v = 0; - M_ASN1_I2D_vars(a); - /* NB: underlying type is a CHOICE so need EXPLICIT tagging */ - M_ASN1_I2D_len_EXP_opt (a->distpoint, i2d_DIST_POINT_NAME, 0, v); - M_ASN1_I2D_len_IMP_opt (a->reasons, i2d_ASN1_BIT_STRING); - M_ASN1_I2D_len_IMP_opt (a->CRLissuer, i2d_GENERAL_NAMES); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put_EXP_opt (a->distpoint, i2d_DIST_POINT_NAME, 0, v); - M_ASN1_I2D_put_IMP_opt (a->reasons, i2d_ASN1_BIT_STRING, 1); - M_ASN1_I2D_put_IMP_opt (a->CRLissuer, i2d_GENERAL_NAMES, 2); - - M_ASN1_I2D_finish(); -} - -DIST_POINT *DIST_POINT_new(void) -{ - DIST_POINT *ret=NULL; - ASN1_CTX c; - M_ASN1_New_Malloc(ret, DIST_POINT); - ret->distpoint = NULL; - ret->reasons = NULL; - ret->CRLissuer = NULL; - return (ret); - M_ASN1_New_Error(ASN1_F_DIST_POINT_NEW); -} - -DIST_POINT *d2i_DIST_POINT(DIST_POINT **a, unsigned char **pp, long length) -{ - M_ASN1_D2I_vars(a,DIST_POINT *,DIST_POINT_new); - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get_EXP_opt (ret->distpoint, d2i_DIST_POINT_NAME, 0); - M_ASN1_D2I_get_IMP_opt (ret->reasons, d2i_ASN1_BIT_STRING, 1, - V_ASN1_BIT_STRING); - M_ASN1_D2I_get_IMP_opt (ret->CRLissuer, d2i_GENERAL_NAMES, 2, - V_ASN1_SEQUENCE); - M_ASN1_D2I_Finish(a, DIST_POINT_free, ASN1_F_D2I_DIST_POINT); -} - -void DIST_POINT_free(DIST_POINT *a) -{ - if (a == NULL) return; - DIST_POINT_NAME_free(a->distpoint); - M_ASN1_BIT_STRING_free(a->reasons); - sk_GENERAL_NAME_pop_free(a->CRLissuer, GENERAL_NAME_free); - OPENSSL_free (a); -} - -int i2d_DIST_POINT_NAME(DIST_POINT_NAME *a, unsigned char **pp) -{ - M_ASN1_I2D_vars(a); - - if(a->fullname) { - M_ASN1_I2D_len_IMP_opt (a->fullname, i2d_GENERAL_NAMES); - } else { - M_ASN1_I2D_len_IMP_SET_opt_type(X509_NAME_ENTRY, - a->relativename, i2d_X509_NAME_ENTRY, 1); - } - - /* Don't want a SEQUENCE so... */ - if(pp == NULL) return ret; - p = *pp; - - if(a->fullname) { - M_ASN1_I2D_put_IMP_opt (a->fullname, i2d_GENERAL_NAMES, 0); - } else { - M_ASN1_I2D_put_IMP_SET_opt_type(X509_NAME_ENTRY, - a->relativename, i2d_X509_NAME_ENTRY, 1); - } - M_ASN1_I2D_finish(); -} - -DIST_POINT_NAME *DIST_POINT_NAME_new(void) -{ - DIST_POINT_NAME *ret=NULL; - ASN1_CTX c; - M_ASN1_New_Malloc(ret, DIST_POINT_NAME); - ret->fullname = NULL; - ret->relativename = NULL; - return (ret); - M_ASN1_New_Error(ASN1_F_DIST_POINT_NAME_NEW); -} - -void DIST_POINT_NAME_free(DIST_POINT_NAME *a) -{ - if (a == NULL) return; - sk_X509_NAME_ENTRY_pop_free(a->relativename, X509_NAME_ENTRY_free); - sk_GENERAL_NAME_pop_free(a->fullname, GENERAL_NAME_free); - OPENSSL_free (a); -} - -DIST_POINT_NAME *d2i_DIST_POINT_NAME(DIST_POINT_NAME **a, unsigned char **pp, - long length) -{ - unsigned char _tmp, tag; - M_ASN1_D2I_vars(a,DIST_POINT_NAME *,DIST_POINT_NAME_new); - M_ASN1_D2I_Init(); - c.slen = length; - - _tmp = M_ASN1_next; - tag = _tmp & ~V_ASN1_CONSTRUCTED; - - if(tag == (0|V_ASN1_CONTEXT_SPECIFIC)) { - M_ASN1_D2I_get_imp(ret->fullname, d2i_GENERAL_NAMES, - V_ASN1_SEQUENCE); - } else if (tag == (1|V_ASN1_CONTEXT_SPECIFIC)) { - M_ASN1_D2I_get_IMP_set_opt_type (X509_NAME_ENTRY, - ret->relativename, d2i_X509_NAME_ENTRY, X509_NAME_ENTRY_free, 1); - } else { - c.error = ASN1_R_BAD_TAG; - goto err; - } - - M_ASN1_D2I_Finish(a, DIST_POINT_NAME_free, ASN1_F_D2I_DIST_POINT_NAME); -} diff --git a/src/lib/libcrypto/x509v3/v3_enum.c b/src/lib/libcrypto/x509v3/v3_enum.c deleted file mode 100644 index aecfdc87f8..0000000000 --- a/src/lib/libcrypto/x509v3/v3_enum.c +++ /dev/null @@ -1,96 +0,0 @@ -/* v3_enum.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include "cryptlib.h" -#include - -static ENUMERATED_NAMES crl_reasons[] = { -{0, "Unspecified", "unspecified"}, -{1, "Key Compromise", "keyCompromise"}, -{2, "CA Compromise", "CACompromise"}, -{3, "Affiliation Changed", "affiliationChanged"}, -{4, "Superseded", "superseded"}, -{5, "Cessation Of Operation", "cessationOfOperation"}, -{6, "Certificate Hold", "certificateHold"}, -{8, "Remove From CRL", "removeFromCRL"}, -{-1, NULL, NULL} -}; - -X509V3_EXT_METHOD v3_crl_reason = { -NID_crl_reason, 0, -(X509V3_EXT_NEW)ASN1_ENUMERATED_new, -(X509V3_EXT_FREE)ASN1_ENUMERATED_free, -(X509V3_EXT_D2I)d2i_ASN1_ENUMERATED, -(X509V3_EXT_I2D)i2d_ASN1_ENUMERATED, -(X509V3_EXT_I2S)i2s_ASN1_ENUMERATED_TABLE, -(X509V3_EXT_S2I)0, -NULL, NULL, NULL, NULL, crl_reasons}; - - -char *i2s_ASN1_ENUMERATED_TABLE(X509V3_EXT_METHOD *method, - ASN1_ENUMERATED *e) -{ - ENUMERATED_NAMES *enam; - long strval; - strval = ASN1_ENUMERATED_get(e); - for(enam = method->usr_data; enam->lname; enam++) { - if(strval == enam->bitnum) return BUF_strdup(enam->lname); - } - return i2s_ASN1_ENUMERATED(method, e); -} diff --git a/src/lib/libcrypto/x509v3/v3_extku.c b/src/lib/libcrypto/x509v3/v3_extku.c deleted file mode 100644 index 53ec40a027..0000000000 --- a/src/lib/libcrypto/x509v3/v3_extku.c +++ /dev/null @@ -1,150 +0,0 @@ -/* v3_extku.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - - -#include -#include "cryptlib.h" -#include -#include -#include - -static STACK_OF(ASN1_OBJECT) *v2i_ext_ku(X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); -static STACK_OF(CONF_VALUE) *i2v_ext_ku(X509V3_EXT_METHOD *method, - STACK_OF(ASN1_OBJECT) *eku, STACK_OF(CONF_VALUE) *extlist); -X509V3_EXT_METHOD v3_ext_ku = { -NID_ext_key_usage, 0, -(X509V3_EXT_NEW)ext_ku_new, -(X509V3_EXT_FREE)ext_ku_free, -(X509V3_EXT_D2I)d2i_ext_ku, -(X509V3_EXT_I2D)i2d_ext_ku, -NULL, NULL, -(X509V3_EXT_I2V)i2v_ext_ku, -(X509V3_EXT_V2I)v2i_ext_ku, -NULL,NULL, -NULL -}; - -STACK_OF(ASN1_OBJECT) *ext_ku_new(void) -{ - return sk_ASN1_OBJECT_new_null(); -} - -void ext_ku_free(STACK_OF(ASN1_OBJECT) *eku) -{ - sk_ASN1_OBJECT_pop_free(eku, ASN1_OBJECT_free); - return; -} - -int i2d_ext_ku(STACK_OF(ASN1_OBJECT) *a, unsigned char **pp) -{ - return i2d_ASN1_SET_OF_ASN1_OBJECT(a, pp, i2d_ASN1_OBJECT, - V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL, IS_SEQUENCE); -} - -STACK_OF(ASN1_OBJECT) *d2i_ext_ku(STACK_OF(ASN1_OBJECT) **a, - unsigned char **pp, long length) -{ - return d2i_ASN1_SET_OF_ASN1_OBJECT(a, pp, length, d2i_ASN1_OBJECT, - ASN1_OBJECT_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL); -} - - - -static STACK_OF(CONF_VALUE) *i2v_ext_ku(X509V3_EXT_METHOD *method, - STACK_OF(ASN1_OBJECT) *eku, STACK_OF(CONF_VALUE) *ext_list) -{ -int i; -ASN1_OBJECT *obj; -char obj_tmp[80]; -for(i = 0; i < sk_ASN1_OBJECT_num(eku); i++) { - obj = sk_ASN1_OBJECT_value(eku, i); - i2t_ASN1_OBJECT(obj_tmp, 80, obj); - X509V3_add_value(NULL, obj_tmp, &ext_list); -} -return ext_list; -} - -static STACK_OF(ASN1_OBJECT) *v2i_ext_ku(X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval) -{ -STACK_OF(ASN1_OBJECT) *extku; -char *extval; -ASN1_OBJECT *objtmp; -CONF_VALUE *val; -int i; - -if(!(extku = sk_ASN1_OBJECT_new_null())) { - X509V3err(X509V3_F_V2I_EXT_KU,ERR_R_MALLOC_FAILURE); - return NULL; -} - -for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { - val = sk_CONF_VALUE_value(nval, i); - if(val->value) extval = val->value; - else extval = val->name; - if(!(objtmp = OBJ_txt2obj(extval, 0))) { - sk_ASN1_OBJECT_pop_free(extku, ASN1_OBJECT_free); - X509V3err(X509V3_F_V2I_EXT_KU,X509V3_R_INVALID_OBJECT_IDENTIFIER); - X509V3_conf_err(val); - return NULL; - } - sk_ASN1_OBJECT_push(extku, objtmp); -} -return extku; -} diff --git a/src/lib/libcrypto/x509v3/v3_genn.c b/src/lib/libcrypto/x509v3/v3_genn.c deleted file mode 100644 index d44751458e..0000000000 --- a/src/lib/libcrypto/x509v3/v3_genn.c +++ /dev/null @@ -1,291 +0,0 @@ -/* v3_genn.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - - -#include -#include "cryptlib.h" -#include -#include -#include -#include - -int i2d_GENERAL_NAME(GENERAL_NAME *a, unsigned char **pp) -{ - unsigned char *p; - int ret; - - ret = 0; - - /* Save the location of initial TAG */ - if(pp) p = *pp; - else p = NULL; - - /* GEN_DNAME needs special treatment because of EXPLICIT tag */ - - if(a->type == GEN_DIRNAME) { - int v = 0; - M_ASN1_I2D_len_EXP_opt(a->d.dirn, i2d_X509_NAME, 4, v); - if(!p) return ret; - M_ASN1_I2D_put_EXP_opt(a->d.dirn, i2d_X509_NAME, 4, v); - *pp = p; - return ret; - } - - switch(a->type) { - - case GEN_X400: - case GEN_EDIPARTY: - ret = i2d_ASN1_TYPE(a->d.other, pp); - break; - - case GEN_OTHERNAME: - ret = i2d_OTHERNAME(a->d.otherName, pp); - break; - - case GEN_EMAIL: - case GEN_DNS: - case GEN_URI: - ret = i2d_ASN1_IA5STRING(a->d.ia5, pp); - break; - - case GEN_IPADD: - ret = i2d_ASN1_OCTET_STRING(a->d.ip, pp); - break; - - case GEN_RID: - ret = i2d_ASN1_OBJECT(a->d.rid, pp); - break; - } - /* Replace TAG with IMPLICIT value */ - if(p) *p = (*p & V_ASN1_CONSTRUCTED) | a->type; - return ret; -} - -GENERAL_NAME *GENERAL_NAME_new() -{ - GENERAL_NAME *ret=NULL; - ASN1_CTX c; - M_ASN1_New_Malloc(ret, GENERAL_NAME); - ret->type = -1; - ret->d.ptr = NULL; - return (ret); - M_ASN1_New_Error(ASN1_F_GENERAL_NAME_NEW); -} - -GENERAL_NAME *d2i_GENERAL_NAME(GENERAL_NAME **a, unsigned char **pp, - long length) -{ - unsigned char _tmp; - M_ASN1_D2I_vars(a,GENERAL_NAME *,GENERAL_NAME_new); - M_ASN1_D2I_Init(); - c.slen = length; - - _tmp = M_ASN1_next; - ret->type = _tmp & ~V_ASN1_CONSTRUCTED; - - switch(ret->type) { - /* Just put these in a "blob" for now */ - case GEN_X400: - case GEN_EDIPARTY: - M_ASN1_D2I_get_imp(ret->d.other, d2i_ASN1_TYPE,V_ASN1_SEQUENCE); - break; - - case GEN_OTHERNAME: - M_ASN1_D2I_get_imp(ret->d.otherName, d2i_OTHERNAME,V_ASN1_SEQUENCE); - break; - - case GEN_EMAIL: - case GEN_DNS: - case GEN_URI: - M_ASN1_D2I_get_imp(ret->d.ia5, d2i_ASN1_IA5STRING, - V_ASN1_IA5STRING); - break; - - case GEN_DIRNAME: - M_ASN1_D2I_get_EXP_opt(ret->d.dirn, d2i_X509_NAME, 4); - break; - - case GEN_IPADD: - M_ASN1_D2I_get_imp(ret->d.ip, d2i_ASN1_OCTET_STRING, - V_ASN1_OCTET_STRING); - break; - - case GEN_RID: - M_ASN1_D2I_get_imp(ret->d.rid, d2i_ASN1_OBJECT,V_ASN1_OBJECT); - break; - - default: - c.error = ASN1_R_BAD_TAG; - goto err; - } - - c.slen = 0; - M_ASN1_D2I_Finish(a, GENERAL_NAME_free, ASN1_F_D2I_GENERAL_NAME); -} - -void GENERAL_NAME_free(GENERAL_NAME *a) -{ - if (a == NULL) return; - switch(a->type) { - case GEN_X400: - case GEN_EDIPARTY: - ASN1_TYPE_free(a->d.other); - break; - - case GEN_OTHERNAME: - OTHERNAME_free(a->d.otherName); - break; - - case GEN_EMAIL: - case GEN_DNS: - case GEN_URI: - - M_ASN1_IA5STRING_free(a->d.ia5); - break; - - case GEN_DIRNAME: - X509_NAME_free(a->d.dirn); - break; - - case GEN_IPADD: - M_ASN1_OCTET_STRING_free(a->d.ip); - break; - - case GEN_RID: - ASN1_OBJECT_free(a->d.rid); - break; - - } - OPENSSL_free (a); -} - -/* Now the GeneralNames versions: a SEQUENCE OF GeneralName. These are needed as - * explicit functions. - */ - -STACK_OF(GENERAL_NAME) *GENERAL_NAMES_new() -{ - return sk_GENERAL_NAME_new_null(); -} - -void GENERAL_NAMES_free(STACK_OF(GENERAL_NAME) *a) -{ - sk_GENERAL_NAME_pop_free(a, GENERAL_NAME_free); -} - -STACK_OF(GENERAL_NAME) *d2i_GENERAL_NAMES(STACK_OF(GENERAL_NAME) **a, - unsigned char **pp, long length) -{ -return d2i_ASN1_SET_OF_GENERAL_NAME(a, pp, length, d2i_GENERAL_NAME, - GENERAL_NAME_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL); -} - -int i2d_GENERAL_NAMES(STACK_OF(GENERAL_NAME) *a, unsigned char **pp) -{ -return i2d_ASN1_SET_OF_GENERAL_NAME(a, pp, i2d_GENERAL_NAME, V_ASN1_SEQUENCE, - V_ASN1_UNIVERSAL, IS_SEQUENCE); -} - -IMPLEMENT_STACK_OF(GENERAL_NAME) -IMPLEMENT_ASN1_SET_OF(GENERAL_NAME) - -int i2d_OTHERNAME(OTHERNAME *a, unsigned char **pp) -{ - int v = 0; - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len(a->type_id, i2d_ASN1_OBJECT); - M_ASN1_I2D_len_EXP_opt(a->value, i2d_ASN1_TYPE, 0, v); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put(a->type_id, i2d_ASN1_OBJECT); - M_ASN1_I2D_put_EXP_opt(a->value, i2d_ASN1_TYPE, 0, v); - - M_ASN1_I2D_finish(); -} - -OTHERNAME *OTHERNAME_new(void) -{ - OTHERNAME *ret=NULL; - ASN1_CTX c; - M_ASN1_New_Malloc(ret, OTHERNAME); - ret->type_id = OBJ_nid2obj(NID_undef); - M_ASN1_New(ret->value, ASN1_TYPE_new); - return (ret); - M_ASN1_New_Error(ASN1_F_OTHERNAME_NEW); -} - -OTHERNAME *d2i_OTHERNAME(OTHERNAME **a, unsigned char **pp, long length) -{ - M_ASN1_D2I_vars(a,OTHERNAME *,OTHERNAME_new); - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->type_id, d2i_ASN1_OBJECT); - M_ASN1_D2I_get_EXP_opt(ret->value, d2i_ASN1_TYPE, 0); - M_ASN1_D2I_Finish(a, OTHERNAME_free, ASN1_F_D2I_OTHERNAME); -} - -void OTHERNAME_free(OTHERNAME *a) -{ - if (a == NULL) return; - ASN1_OBJECT_free(a->type_id); - ASN1_TYPE_free(a->value); - OPENSSL_free (a); -} - diff --git a/src/lib/libcrypto/x509v3/v3_ia5.c b/src/lib/libcrypto/x509v3/v3_ia5.c deleted file mode 100644 index f3bba38269..0000000000 --- a/src/lib/libcrypto/x509v3/v3_ia5.c +++ /dev/null @@ -1,113 +0,0 @@ -/* v3_ia5.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - - -#include -#include "cryptlib.h" -#include -#include -#include - -static char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method, ASN1_IA5STRING *ia5); -static ASN1_IA5STRING *s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str); -X509V3_EXT_METHOD v3_ns_ia5_list[] = { -EXT_IA5STRING(NID_netscape_base_url), -EXT_IA5STRING(NID_netscape_revocation_url), -EXT_IA5STRING(NID_netscape_ca_revocation_url), -EXT_IA5STRING(NID_netscape_renewal_url), -EXT_IA5STRING(NID_netscape_ca_policy_url), -EXT_IA5STRING(NID_netscape_ssl_server_name), -EXT_IA5STRING(NID_netscape_comment), -EXT_END -}; - - -static char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method, - ASN1_IA5STRING *ia5) -{ - char *tmp; - if(!ia5 || !ia5->length) return NULL; - tmp = OPENSSL_malloc(ia5->length + 1); - memcpy(tmp, ia5->data, ia5->length); - tmp[ia5->length] = 0; - return tmp; -} - -static ASN1_IA5STRING *s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, char *str) -{ - ASN1_IA5STRING *ia5; - if(!str) { - X509V3err(X509V3_F_S2I_ASN1_IA5STRING,X509V3_R_INVALID_NULL_ARGUMENT); - return NULL; - } - if(!(ia5 = M_ASN1_IA5STRING_new())) goto err; - if(!ASN1_STRING_set((ASN1_STRING *)ia5, (unsigned char*)str, - strlen(str))) { - M_ASN1_IA5STRING_free(ia5); - goto err; - } -#ifdef CHARSET_EBCDIC - ebcdic2ascii(ia5->data, ia5->data, ia5->length); -#endif /*CHARSET_EBCDIC*/ - return ia5; - err: - X509V3err(X509V3_F_S2I_ASN1_IA5STRING,ERR_R_MALLOC_FAILURE); - return NULL; -} - diff --git a/src/lib/libcrypto/x509v3/v3_info.c b/src/lib/libcrypto/x509v3/v3_info.c deleted file mode 100644 index a045a629ee..0000000000 --- a/src/lib/libcrypto/x509v3/v3_info.c +++ /dev/null @@ -1,236 +0,0 @@ -/* v3_info.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include "cryptlib.h" -#include -#include -#include -#include - -static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method, - STACK_OF(ACCESS_DESCRIPTION) *ainfo, - STACK_OF(CONF_VALUE) *ret); -static STACK_OF(ACCESS_DESCRIPTION) *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); - -X509V3_EXT_METHOD v3_info = -{ NID_info_access, X509V3_EXT_MULTILINE, -(X509V3_EXT_NEW)AUTHORITY_INFO_ACCESS_new, -(X509V3_EXT_FREE)AUTHORITY_INFO_ACCESS_free, -(X509V3_EXT_D2I)d2i_AUTHORITY_INFO_ACCESS, -(X509V3_EXT_I2D)i2d_AUTHORITY_INFO_ACCESS, -NULL, NULL, -(X509V3_EXT_I2V)i2v_AUTHORITY_INFO_ACCESS, -(X509V3_EXT_V2I)v2i_AUTHORITY_INFO_ACCESS, -NULL, NULL, NULL}; - -static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method, - STACK_OF(ACCESS_DESCRIPTION) *ainfo, - STACK_OF(CONF_VALUE) *ret) -{ - ACCESS_DESCRIPTION *desc; - int i; - char objtmp[80], *ntmp; - CONF_VALUE *vtmp; - for(i = 0; i < sk_ACCESS_DESCRIPTION_num(ainfo); i++) { - desc = sk_ACCESS_DESCRIPTION_value(ainfo, i); - ret = i2v_GENERAL_NAME(method, desc->location, ret); - if(!ret) break; - vtmp = sk_CONF_VALUE_value(ret, i); - i2t_ASN1_OBJECT(objtmp, 80, desc->method); - ntmp = OPENSSL_malloc(strlen(objtmp) + strlen(vtmp->name) + 5); - if(!ntmp) { - X509V3err(X509V3_F_I2V_AUTHORITY_INFO_ACCESS, - ERR_R_MALLOC_FAILURE); - return NULL; - } - strcpy(ntmp, objtmp); - strcat(ntmp, " - "); - strcat(ntmp, vtmp->name); - OPENSSL_free(vtmp->name); - vtmp->name = ntmp; - - } - if(!ret) return sk_CONF_VALUE_new_null(); - return ret; -} - -static STACK_OF(ACCESS_DESCRIPTION) *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval) -{ - STACK_OF(ACCESS_DESCRIPTION) *ainfo = NULL; - CONF_VALUE *cnf, ctmp; - ACCESS_DESCRIPTION *acc; - int i, objlen; - char *objtmp, *ptmp; - if(!(ainfo = sk_ACCESS_DESCRIPTION_new_null())) { - X509V3err(X509V3_F_V2I_ACCESS_DESCRIPTION,ERR_R_MALLOC_FAILURE); - return NULL; - } - for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { - cnf = sk_CONF_VALUE_value(nval, i); - if(!(acc = ACCESS_DESCRIPTION_new()) - || !sk_ACCESS_DESCRIPTION_push(ainfo, acc)) { - X509V3err(X509V3_F_V2I_ACCESS_DESCRIPTION,ERR_R_MALLOC_FAILURE); - goto err; - } - ptmp = strchr(cnf->name, ';'); - if(!ptmp) { - X509V3err(X509V3_F_V2I_ACCESS_DESCRIPTION,X509V3_R_INVALID_SYNTAX); - goto err; - } - objlen = ptmp - cnf->name; - ctmp.name = ptmp + 1; - ctmp.value = cnf->value; - if(!(acc->location = v2i_GENERAL_NAME(method, ctx, &ctmp))) - goto err; - if(!(objtmp = OPENSSL_malloc(objlen + 1))) { - X509V3err(X509V3_F_V2I_ACCESS_DESCRIPTION,ERR_R_MALLOC_FAILURE); - goto err; - } - strncpy(objtmp, cnf->name, objlen); - objtmp[objlen] = 0; - acc->method = OBJ_txt2obj(objtmp, 0); - if(!acc->method) { - X509V3err(X509V3_F_V2I_ACCESS_DESCRIPTION,X509V3_R_BAD_OBJECT); - ERR_add_error_data(2, "value=", objtmp); - OPENSSL_free(objtmp); - goto err; - } - OPENSSL_free(objtmp); - - } - return ainfo; - err: - sk_ACCESS_DESCRIPTION_pop_free(ainfo, ACCESS_DESCRIPTION_free); - return NULL; -} - -int i2d_ACCESS_DESCRIPTION(ACCESS_DESCRIPTION *a, unsigned char **pp) -{ - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len(a->method, i2d_ASN1_OBJECT); - M_ASN1_I2D_len(a->location, i2d_GENERAL_NAME); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put(a->method, i2d_ASN1_OBJECT); - M_ASN1_I2D_put(a->location, i2d_GENERAL_NAME); - - M_ASN1_I2D_finish(); -} - -ACCESS_DESCRIPTION *ACCESS_DESCRIPTION_new(void) -{ - ACCESS_DESCRIPTION *ret=NULL; - ASN1_CTX c; - M_ASN1_New_Malloc(ret, ACCESS_DESCRIPTION); - ret->method = OBJ_nid2obj(NID_undef); - ret->location = NULL; - return (ret); - M_ASN1_New_Error(ASN1_F_ACCESS_DESCRIPTION_NEW); -} - -ACCESS_DESCRIPTION *d2i_ACCESS_DESCRIPTION(ACCESS_DESCRIPTION **a, unsigned char **pp, - long length) -{ - M_ASN1_D2I_vars(a,ACCESS_DESCRIPTION *,ACCESS_DESCRIPTION_new); - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->method, d2i_ASN1_OBJECT); - M_ASN1_D2I_get(ret->location, d2i_GENERAL_NAME); - M_ASN1_D2I_Finish(a, ACCESS_DESCRIPTION_free, ASN1_F_D2I_ACCESS_DESCRIPTION); -} - -void ACCESS_DESCRIPTION_free(ACCESS_DESCRIPTION *a) -{ - if (a == NULL) return; - ASN1_OBJECT_free(a->method); - GENERAL_NAME_free(a->location); - OPENSSL_free (a); -} - -STACK_OF(ACCESS_DESCRIPTION) *AUTHORITY_INFO_ACCESS_new(void) -{ - return sk_ACCESS_DESCRIPTION_new_null(); -} - -void AUTHORITY_INFO_ACCESS_free(STACK_OF(ACCESS_DESCRIPTION) *a) -{ - sk_ACCESS_DESCRIPTION_pop_free(a, ACCESS_DESCRIPTION_free); -} - -STACK_OF(ACCESS_DESCRIPTION) *d2i_AUTHORITY_INFO_ACCESS(STACK_OF(ACCESS_DESCRIPTION) **a, - unsigned char **pp, long length) -{ -return d2i_ASN1_SET_OF_ACCESS_DESCRIPTION(a, pp, length, d2i_ACCESS_DESCRIPTION, - ACCESS_DESCRIPTION_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL); -} - -int i2d_AUTHORITY_INFO_ACCESS(STACK_OF(ACCESS_DESCRIPTION) *a, unsigned char **pp) -{ -return i2d_ASN1_SET_OF_ACCESS_DESCRIPTION(a, pp, i2d_ACCESS_DESCRIPTION, V_ASN1_SEQUENCE, - V_ASN1_UNIVERSAL, IS_SEQUENCE); -} - -IMPLEMENT_STACK_OF(ACCESS_DESCRIPTION) -IMPLEMENT_ASN1_SET_OF(ACCESS_DESCRIPTION) - - diff --git a/src/lib/libcrypto/x509v3/v3_int.c b/src/lib/libcrypto/x509v3/v3_int.c deleted file mode 100644 index 63c201e5f4..0000000000 --- a/src/lib/libcrypto/x509v3/v3_int.c +++ /dev/null @@ -1,72 +0,0 @@ -/* v3_int.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include "cryptlib.h" -#include - -X509V3_EXT_METHOD v3_crl_num = { -NID_crl_number, 0, -(X509V3_EXT_NEW)ASN1_INTEGER_new, -(X509V3_EXT_FREE)ASN1_INTEGER_free, -(X509V3_EXT_D2I)d2i_ASN1_INTEGER, -(X509V3_EXT_I2D)i2d_ASN1_INTEGER, -(X509V3_EXT_I2S)i2s_ASN1_INTEGER, -(X509V3_EXT_S2I)0, -NULL, NULL, NULL, NULL, NULL}; - diff --git a/src/lib/libcrypto/x509v3/v3_lib.c b/src/lib/libcrypto/x509v3/v3_lib.c deleted file mode 100644 index ea86b9ebb9..0000000000 --- a/src/lib/libcrypto/x509v3/v3_lib.c +++ /dev/null @@ -1,225 +0,0 @@ -/* v3_lib.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -/* X509 v3 extension utilities */ - -#include -#include "cryptlib.h" -#include -#include - -#include "ext_dat.h" - -static STACK_OF(X509V3_EXT_METHOD) *ext_list = NULL; - -static int ext_cmp(const X509V3_EXT_METHOD * const *a, - const X509V3_EXT_METHOD * const *b); -static void ext_list_free(X509V3_EXT_METHOD *ext); - -int X509V3_EXT_add(X509V3_EXT_METHOD *ext) -{ - if(!ext_list && !(ext_list = sk_X509V3_EXT_METHOD_new(ext_cmp))) { - X509V3err(X509V3_F_X509V3_EXT_ADD,ERR_R_MALLOC_FAILURE); - return 0; - } - if(!sk_X509V3_EXT_METHOD_push(ext_list, ext)) { - X509V3err(X509V3_F_X509V3_EXT_ADD,ERR_R_MALLOC_FAILURE); - return 0; - } - return 1; -} - -static int ext_cmp(const X509V3_EXT_METHOD * const *a, - const X509V3_EXT_METHOD * const *b) -{ - return ((*a)->ext_nid - (*b)->ext_nid); -} - -X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid) -{ - X509V3_EXT_METHOD tmp, *t = &tmp, **ret; - int idx; - if(nid < 0) return NULL; - tmp.ext_nid = nid; - ret = (X509V3_EXT_METHOD **) OBJ_bsearch((char *)&t, - (char *)standard_exts, STANDARD_EXTENSION_COUNT, - sizeof(X509V3_EXT_METHOD *), (int (*)(const void *, const void *))ext_cmp); - if(ret) return *ret; - if(!ext_list) return NULL; - idx = sk_X509V3_EXT_METHOD_find(ext_list, &tmp); - if(idx == -1) return NULL; - return sk_X509V3_EXT_METHOD_value(ext_list, idx); -} - -X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *ext) -{ - int nid; - if((nid = OBJ_obj2nid(ext->object)) == NID_undef) return NULL; - return X509V3_EXT_get_nid(nid); -} - - -int X509V3_EXT_add_list(X509V3_EXT_METHOD *extlist) -{ - for(;extlist->ext_nid!=-1;extlist++) - if(!X509V3_EXT_add(extlist)) return 0; - return 1; -} - -int X509V3_EXT_add_alias(int nid_to, int nid_from) -{ - X509V3_EXT_METHOD *ext, *tmpext; - if(!(ext = X509V3_EXT_get_nid(nid_from))) { - X509V3err(X509V3_F_X509V3_EXT_ADD_ALIAS,X509V3_R_EXTENSION_NOT_FOUND); - return 0; - } - if(!(tmpext = (X509V3_EXT_METHOD *)OPENSSL_malloc(sizeof(X509V3_EXT_METHOD)))) { - X509V3err(X509V3_F_X509V3_EXT_ADD_ALIAS,ERR_R_MALLOC_FAILURE); - return 0; - } - *tmpext = *ext; - tmpext->ext_nid = nid_to; - tmpext->ext_flags |= X509V3_EXT_DYNAMIC; - return X509V3_EXT_add(tmpext); -} - -void X509V3_EXT_cleanup(void) -{ - sk_X509V3_EXT_METHOD_pop_free(ext_list, ext_list_free); - ext_list = NULL; -} - -static void ext_list_free(X509V3_EXT_METHOD *ext) -{ - if(ext->ext_flags & X509V3_EXT_DYNAMIC) OPENSSL_free(ext); -} - -/* Legacy function: we don't need to add standard extensions - * any more because they are now kept in ext_dat.h. - */ - -int X509V3_add_standard_extensions(void) -{ - return 1; -} - -/* Return an extension internal structure */ - -void *X509V3_EXT_d2i(X509_EXTENSION *ext) -{ - X509V3_EXT_METHOD *method; - unsigned char *p; - if(!(method = X509V3_EXT_get(ext)) || !method->d2i) return NULL; - p = ext->value->data; - return method->d2i(NULL, &p, ext->value->length); -} - -/* Get critical flag and decoded version of extension from a NID. - * The "idx" variable returns the last found extension and can - * be used to retrieve multiple extensions of the same NID. - * However multiple extensions with the same NID is usually - * due to a badly encoded certificate so if idx is NULL we - * choke if multiple extensions exist. - * The "crit" variable is set to the critical value. - * The return value is the decoded extension or NULL on - * error. The actual error can have several different causes, - * the value of *crit reflects the cause: - * >= 0, extension found but not decoded (reflects critical value). - * -1 extension not found. - * -2 extension occurs more than once. - */ - -void *X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit, int *idx) -{ - int lastpos, i; - X509_EXTENSION *ex, *found_ex = NULL; - if(!x) { - if(idx) *idx = -1; - if(crit) *crit = -1; - return NULL; - } - if(idx) lastpos = *idx + 1; - else lastpos = 0; - if(lastpos < 0) lastpos = 0; - for(i = lastpos; i < sk_X509_EXTENSION_num(x); i++) - { - ex = sk_X509_EXTENSION_value(x, i); - if(OBJ_obj2nid(ex->object) == nid) { - if(idx) { - *idx = i; - break; - } else if(found_ex) { - /* Found more than one */ - if(crit) *crit = -2; - return NULL; - } - found_ex = ex; - } - } - if(found_ex) { - /* Found it */ - if(crit) *crit = found_ex->critical; - return X509V3_EXT_d2i(found_ex); - } - - /* Extension not found */ - if(idx) *idx = -1; - if(crit) *crit = -1; - return NULL; -} - -IMPLEMENT_STACK_OF(X509V3_EXT_METHOD) diff --git a/src/lib/libcrypto/x509v3/v3_pku.c b/src/lib/libcrypto/x509v3/v3_pku.c deleted file mode 100644 index 47f9e8f123..0000000000 --- a/src/lib/libcrypto/x509v3/v3_pku.c +++ /dev/null @@ -1,151 +0,0 @@ -/* v3_pku.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include "cryptlib.h" -#include -#include -#include - -static int i2r_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method, PKEY_USAGE_PERIOD *usage, BIO *out, int indent); -/* -static PKEY_USAGE_PERIOD *v2i_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values); -*/ -X509V3_EXT_METHOD v3_pkey_usage_period = { -NID_private_key_usage_period, 0, -(X509V3_EXT_NEW)PKEY_USAGE_PERIOD_new, -(X509V3_EXT_FREE)PKEY_USAGE_PERIOD_free, -(X509V3_EXT_D2I)d2i_PKEY_USAGE_PERIOD, -(X509V3_EXT_I2D)i2d_PKEY_USAGE_PERIOD, -NULL, NULL, NULL, NULL, -(X509V3_EXT_I2R)i2r_PKEY_USAGE_PERIOD, NULL, -NULL -}; - -int i2d_PKEY_USAGE_PERIOD(PKEY_USAGE_PERIOD *a, unsigned char **pp) -{ - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len_IMP_opt (a->notBefore, i2d_ASN1_GENERALIZEDTIME); - M_ASN1_I2D_len_IMP_opt (a->notAfter, i2d_ASN1_GENERALIZEDTIME); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put_IMP_opt (a->notBefore, i2d_ASN1_GENERALIZEDTIME, 0); - M_ASN1_I2D_put_IMP_opt (a->notAfter, i2d_ASN1_GENERALIZEDTIME, 1); - - M_ASN1_I2D_finish(); -} - -PKEY_USAGE_PERIOD *PKEY_USAGE_PERIOD_new(void) -{ - PKEY_USAGE_PERIOD *ret=NULL; - ASN1_CTX c; - M_ASN1_New_Malloc(ret, PKEY_USAGE_PERIOD); - ret->notBefore = NULL; - ret->notAfter = NULL; - return (ret); - M_ASN1_New_Error(ASN1_F_PKEY_USAGE_PERIOD_NEW); -} - -PKEY_USAGE_PERIOD *d2i_PKEY_USAGE_PERIOD(PKEY_USAGE_PERIOD **a, - unsigned char **pp, long length) -{ - M_ASN1_D2I_vars(a,PKEY_USAGE_PERIOD *,PKEY_USAGE_PERIOD_new); - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get_IMP_opt (ret->notBefore, d2i_ASN1_GENERALIZEDTIME, 0, - V_ASN1_GENERALIZEDTIME); - M_ASN1_D2I_get_IMP_opt (ret->notAfter, d2i_ASN1_GENERALIZEDTIME, 1, - V_ASN1_GENERALIZEDTIME); - M_ASN1_D2I_Finish(a, PKEY_USAGE_PERIOD_free, ASN1_F_D2I_PKEY_USAGE_PERIOD); -} - -void PKEY_USAGE_PERIOD_free(PKEY_USAGE_PERIOD *a) -{ - if (a == NULL) return; - M_ASN1_GENERALIZEDTIME_free(a->notBefore); - M_ASN1_GENERALIZEDTIME_free(a->notAfter); - OPENSSL_free (a); -} - -static int i2r_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method, - PKEY_USAGE_PERIOD *usage, BIO *out, int indent) -{ - BIO_printf(out, "%*s", indent, ""); - if(usage->notBefore) { - BIO_write(out, "Not Before: ", 12); - ASN1_GENERALIZEDTIME_print(out, usage->notBefore); - if(usage->notAfter) BIO_write(out, ", ", 2); - } - if(usage->notAfter) { - BIO_write(out, "Not After: ", 11); - ASN1_GENERALIZEDTIME_print(out, usage->notAfter); - } - return 1; -} - -/* -static PKEY_USAGE_PERIOD *v2i_PKEY_USAGE_PERIOD(method, ctx, values) -X509V3_EXT_METHOD *method; -X509V3_CTX *ctx; -STACK_OF(CONF_VALUE) *values; -{ -return NULL; -} -*/ diff --git a/src/lib/libcrypto/x509v3/v3_prn.c b/src/lib/libcrypto/x509v3/v3_prn.c deleted file mode 100644 index dbc4fb1f16..0000000000 --- a/src/lib/libcrypto/x509v3/v3_prn.c +++ /dev/null @@ -1,151 +0,0 @@ -/* v3_prn.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -/* X509 v3 extension utilities */ - -#include -#include "cryptlib.h" -#include -#include - -/* Extension printing routines */ - -/* Print out a name+value stack */ - -void X509V3_EXT_val_prn(BIO *out, STACK_OF(CONF_VALUE) *val, int indent, int ml) -{ - int i; - CONF_VALUE *nval; - if(!val) return; - if(!ml || !sk_CONF_VALUE_num(val)) { - BIO_printf(out, "%*s", indent, ""); - if(!sk_CONF_VALUE_num(val)) BIO_puts(out, "\n"); - } - for(i = 0; i < sk_CONF_VALUE_num(val); i++) { - if(ml) BIO_printf(out, "%*s", indent, ""); - else if(i > 0) BIO_printf(out, ", "); - nval = sk_CONF_VALUE_value(val, i); - if(!nval->name) BIO_puts(out, nval->value); - else if(!nval->value) BIO_puts(out, nval->name); -#ifndef CHARSET_EBCDIC - else BIO_printf(out, "%s:%s", nval->name, nval->value); -#else - else { - char tmp[10240]; /* 10k is BIO_printf's limit anyway */ - ascii2ebcdic(tmp, nval->value, strlen(nval->value)+1); - BIO_printf(out, "%s:%s", nval->name, tmp); - } -#endif - if(ml) BIO_puts(out, "\n"); - } -} - -/* Main routine: print out a general extension */ - -int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, int flag, int indent) -{ - char *ext_str = NULL, *value = NULL; - unsigned char *p; - X509V3_EXT_METHOD *method; - STACK_OF(CONF_VALUE) *nval = NULL; - int ok = 1; - if(!(method = X509V3_EXT_get(ext))) return 0; - p = ext->value->data; - if(!(ext_str = method->d2i(NULL, &p, ext->value->length))) return 0; - if(method->i2s) { - if(!(value = method->i2s(method, ext_str))) { - ok = 0; - goto err; - } -#ifndef CHARSET_EBCDIC - BIO_printf(out, "%*s%s", indent, "", value); -#else - { - char tmp[10240]; /* 10k is BIO_printf's limit anyway */ - ascii2ebcdic(tmp, value, strlen(value)+1); - BIO_printf(out, "%*s%s", indent, "", tmp); - } -#endif - } else if(method->i2v) { - if(!(nval = method->i2v(method, ext_str, NULL))) { - ok = 0; - goto err; - } - X509V3_EXT_val_prn(out, nval, indent, - method->ext_flags & X509V3_EXT_MULTILINE); - } else if(method->i2r) { - if(!method->i2r(method, ext_str, out, indent)) ok = 0; - } else ok = 0; - - err: - sk_CONF_VALUE_pop_free(nval, X509V3_conf_free); - if(value) OPENSSL_free(value); - method->ext_free(ext_str); - return ok; -} - -#ifndef NO_FP_API -int X509V3_EXT_print_fp(FILE *fp, X509_EXTENSION *ext, int flag, int indent) -{ - BIO *bio_tmp; - int ret; - if(!(bio_tmp = BIO_new_fp(fp, BIO_NOCLOSE))) return 0; - ret = X509V3_EXT_print(bio_tmp, ext, flag, indent); - BIO_free(bio_tmp); - return ret; -} -#endif diff --git a/src/lib/libcrypto/x509v3/v3_purp.c b/src/lib/libcrypto/x509v3/v3_purp.c deleted file mode 100644 index 867699b26f..0000000000 --- a/src/lib/libcrypto/x509v3/v3_purp.c +++ /dev/null @@ -1,533 +0,0 @@ -/* v3_purp.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include "cryptlib.h" -#include -#include - - -static void x509v3_cache_extensions(X509 *x); - -static int ca_check(const X509 *x); -static int check_ssl_ca(const X509 *x); -static int check_purpose_ssl_client(const X509_PURPOSE *xp, const X509 *x, int ca); -static int check_purpose_ssl_server(const X509_PURPOSE *xp, const X509 *x, int ca); -static int check_purpose_ns_ssl_server(const X509_PURPOSE *xp, const X509 *x, int ca); -static int purpose_smime(const X509 *x, int ca); -static int check_purpose_smime_sign(const X509_PURPOSE *xp, const X509 *x, int ca); -static int check_purpose_smime_encrypt(const X509_PURPOSE *xp, const X509 *x, int ca); -static int check_purpose_crl_sign(const X509_PURPOSE *xp, const X509 *x, int ca); -static int no_check(const X509_PURPOSE *xp, const X509 *x, int ca); - -static int xp_cmp(const X509_PURPOSE * const *a, - const X509_PURPOSE * const *b); -static void xptable_free(X509_PURPOSE *p); - -static X509_PURPOSE xstandard[] = { - {X509_PURPOSE_SSL_CLIENT, X509_TRUST_SSL_CLIENT, 0, check_purpose_ssl_client, "SSL client", "sslclient", NULL}, - {X509_PURPOSE_SSL_SERVER, X509_TRUST_SSL_SERVER, 0, check_purpose_ssl_server, "SSL server", "sslserver", NULL}, - {X509_PURPOSE_NS_SSL_SERVER, X509_TRUST_SSL_SERVER, 0, check_purpose_ns_ssl_server, "Netscape SSL server", "nssslserver", NULL}, - {X509_PURPOSE_SMIME_SIGN, X509_TRUST_EMAIL, 0, check_purpose_smime_sign, "S/MIME signing", "smimesign", NULL}, - {X509_PURPOSE_SMIME_ENCRYPT, X509_TRUST_EMAIL, 0, check_purpose_smime_encrypt, "S/MIME encryption", "smimeencrypt", NULL}, - {X509_PURPOSE_CRL_SIGN, X509_TRUST_COMPAT, 0, check_purpose_crl_sign, "CRL signing", "crlsign", NULL}, - {X509_PURPOSE_ANY, X509_TRUST_DEFAULT, 0, no_check, "Any Purpose", "any", NULL}, -}; - -#define X509_PURPOSE_COUNT (sizeof(xstandard)/sizeof(X509_PURPOSE)) - -IMPLEMENT_STACK_OF(X509_PURPOSE) - -static STACK_OF(X509_PURPOSE) *xptable = NULL; - -static int xp_cmp(const X509_PURPOSE * const *a, - const X509_PURPOSE * const *b) -{ - return (*a)->purpose - (*b)->purpose; -} - -/* As much as I'd like to make X509_check_purpose use a "const" X509* - * I really can't because it does recalculate hashes and do other non-const - * things. */ -int X509_check_purpose(X509 *x, int id, int ca) -{ - int idx; - const X509_PURPOSE *pt; - if(!(x->ex_flags & EXFLAG_SET)) { - CRYPTO_w_lock(CRYPTO_LOCK_X509); - x509v3_cache_extensions(x); - CRYPTO_w_unlock(CRYPTO_LOCK_X509); - } - if(id == -1) return 1; - idx = X509_PURPOSE_get_by_id(id); - if(idx == -1) return -1; - pt = X509_PURPOSE_get0(idx); - return pt->check_purpose(pt, x, ca); -} - -int X509_PURPOSE_get_count(void) -{ - if(!xptable) return X509_PURPOSE_COUNT; - return sk_X509_PURPOSE_num(xptable) + X509_PURPOSE_COUNT; -} - -X509_PURPOSE * X509_PURPOSE_get0(int idx) -{ - if(idx < 0) return NULL; - if(idx < X509_PURPOSE_COUNT) return xstandard + idx; - return sk_X509_PURPOSE_value(xptable, idx - X509_PURPOSE_COUNT); -} - -int X509_PURPOSE_get_by_sname(char *sname) -{ - int i; - X509_PURPOSE *xptmp; - for(i = 0; i < X509_PURPOSE_get_count(); i++) { - xptmp = X509_PURPOSE_get0(i); - if(!strcmp(xptmp->sname, sname)) return i; - } - return -1; -} - - -int X509_PURPOSE_get_by_id(int purpose) -{ - X509_PURPOSE tmp; - int idx; - if((purpose >= X509_PURPOSE_MIN) && (purpose <= X509_PURPOSE_MAX)) - return purpose - X509_PURPOSE_MIN; - tmp.purpose = purpose; - if(!xptable) return -1; - idx = sk_X509_PURPOSE_find(xptable, &tmp); - if(idx == -1) return -1; - return idx + X509_PURPOSE_COUNT; -} - -int X509_PURPOSE_add(int id, int trust, int flags, - int (*ck)(const X509_PURPOSE *, const X509 *, int), - char *name, char *sname, void *arg) -{ - int idx; - X509_PURPOSE *ptmp; - /* This is set according to what we change: application can't set it */ - flags &= ~X509_PURPOSE_DYNAMIC; - /* This will always be set for application modified trust entries */ - flags |= X509_PURPOSE_DYNAMIC_NAME; - /* Get existing entry if any */ - idx = X509_PURPOSE_get_by_id(id); - /* Need a new entry */ - if(idx == -1) { - if(!(ptmp = OPENSSL_malloc(sizeof(X509_PURPOSE)))) { - X509V3err(X509V3_F_X509_PURPOSE_ADD,ERR_R_MALLOC_FAILURE); - return 0; - } - ptmp->flags = X509_PURPOSE_DYNAMIC; - } else ptmp = X509_PURPOSE_get0(idx); - - /* OPENSSL_free existing name if dynamic */ - if(ptmp->flags & X509_PURPOSE_DYNAMIC_NAME) { - OPENSSL_free(ptmp->name); - OPENSSL_free(ptmp->sname); - } - /* dup supplied name */ - ptmp->name = BUF_strdup(name); - ptmp->sname = BUF_strdup(sname); - if(!ptmp->name || !ptmp->sname) { - X509V3err(X509V3_F_X509_PURPOSE_ADD,ERR_R_MALLOC_FAILURE); - return 0; - } - /* Keep the dynamic flag of existing entry */ - ptmp->flags &= X509_PURPOSE_DYNAMIC; - /* Set all other flags */ - ptmp->flags |= flags; - - ptmp->purpose = id; - ptmp->trust = trust; - ptmp->check_purpose = ck; - ptmp->usr_data = arg; - - /* If its a new entry manage the dynamic table */ - if(idx == -1) { - if(!xptable && !(xptable = sk_X509_PURPOSE_new(xp_cmp))) { - X509V3err(X509V3_F_X509_PURPOSE_ADD,ERR_R_MALLOC_FAILURE); - return 0; - } - if (!sk_X509_PURPOSE_push(xptable, ptmp)) { - X509V3err(X509V3_F_X509_PURPOSE_ADD,ERR_R_MALLOC_FAILURE); - return 0; - } - } - return 1; -} - -static void xptable_free(X509_PURPOSE *p) - { - if(!p) return; - if (p->flags & X509_PURPOSE_DYNAMIC) - { - if (p->flags & X509_PURPOSE_DYNAMIC_NAME) { - OPENSSL_free(p->name); - OPENSSL_free(p->sname); - } - OPENSSL_free(p); - } - } - -void X509_PURPOSE_cleanup(void) -{ - int i; - sk_X509_PURPOSE_pop_free(xptable, xptable_free); - for(i = 0; i < X509_PURPOSE_COUNT; i++) xptable_free(xstandard + i); - xptable = NULL; -} - -int X509_PURPOSE_get_id(X509_PURPOSE *xp) -{ - return xp->purpose; -} - -char *X509_PURPOSE_get0_name(X509_PURPOSE *xp) -{ - return xp->name; -} - -char *X509_PURPOSE_get0_sname(X509_PURPOSE *xp) -{ - return xp->sname; -} - -int X509_PURPOSE_get_trust(X509_PURPOSE *xp) -{ - return xp->trust; -} - -static void x509v3_cache_extensions(X509 *x) -{ - BASIC_CONSTRAINTS *bs; - ASN1_BIT_STRING *usage; - ASN1_BIT_STRING *ns; - STACK_OF(ASN1_OBJECT) *extusage; - - int i; - if(x->ex_flags & EXFLAG_SET) return; -#ifndef NO_SHA - X509_digest(x, EVP_sha1(), x->sha1_hash, NULL); -#endif - /* Does subject name match issuer ? */ - if(!X509_NAME_cmp(X509_get_subject_name(x), X509_get_issuer_name(x))) - x->ex_flags |= EXFLAG_SS; - /* V1 should mean no extensions ... */ - if(!X509_get_version(x)) x->ex_flags |= EXFLAG_V1; - /* Handle basic constraints */ - if((bs=X509_get_ext_d2i(x, NID_basic_constraints, NULL, NULL))) { - if(bs->ca) x->ex_flags |= EXFLAG_CA; - if(bs->pathlen) { - if((bs->pathlen->type == V_ASN1_NEG_INTEGER) - || !bs->ca) { - x->ex_flags |= EXFLAG_INVALID; - x->ex_pathlen = 0; - } else x->ex_pathlen = ASN1_INTEGER_get(bs->pathlen); - } else x->ex_pathlen = -1; - BASIC_CONSTRAINTS_free(bs); - x->ex_flags |= EXFLAG_BCONS; - } - /* Handle key usage */ - if((usage=X509_get_ext_d2i(x, NID_key_usage, NULL, NULL))) { - if(usage->length > 0) { - x->ex_kusage = usage->data[0]; - if(usage->length > 1) - x->ex_kusage |= usage->data[1] << 8; - } else x->ex_kusage = 0; - x->ex_flags |= EXFLAG_KUSAGE; - ASN1_BIT_STRING_free(usage); - } - x->ex_xkusage = 0; - if((extusage=X509_get_ext_d2i(x, NID_ext_key_usage, NULL, NULL))) { - x->ex_flags |= EXFLAG_XKUSAGE; - for(i = 0; i < sk_ASN1_OBJECT_num(extusage); i++) { - switch(OBJ_obj2nid(sk_ASN1_OBJECT_value(extusage,i))) { - case NID_server_auth: - x->ex_xkusage |= XKU_SSL_SERVER; - break; - - case NID_client_auth: - x->ex_xkusage |= XKU_SSL_CLIENT; - break; - - case NID_email_protect: - x->ex_xkusage |= XKU_SMIME; - break; - - case NID_code_sign: - x->ex_xkusage |= XKU_CODE_SIGN; - break; - - case NID_ms_sgc: - case NID_ns_sgc: - x->ex_xkusage |= XKU_SGC; - } - } - sk_ASN1_OBJECT_pop_free(extusage, ASN1_OBJECT_free); - } - - if((ns=X509_get_ext_d2i(x, NID_netscape_cert_type, NULL, NULL))) { - if(ns->length > 0) x->ex_nscert = ns->data[0]; - else x->ex_nscert = 0; - x->ex_flags |= EXFLAG_NSCERT; - ASN1_BIT_STRING_free(ns); - } - x->skid =X509_get_ext_d2i(x, NID_subject_key_identifier, NULL, NULL); - x->akid =X509_get_ext_d2i(x, NID_authority_key_identifier, NULL, NULL); - x->ex_flags |= EXFLAG_SET; -} - -/* CA checks common to all purposes - * return codes: - * 0 not a CA - * 1 is a CA - * 2 basicConstraints absent so "maybe" a CA - * 3 basicConstraints absent but self signed V1. - */ - -#define V1_ROOT (EXFLAG_V1|EXFLAG_SS) -#define ku_reject(x, usage) \ - (((x)->ex_flags & EXFLAG_KUSAGE) && !((x)->ex_kusage & (usage))) -#define xku_reject(x, usage) \ - (((x)->ex_flags & EXFLAG_XKUSAGE) && !((x)->ex_xkusage & (usage))) -#define ns_reject(x, usage) \ - (((x)->ex_flags & EXFLAG_NSCERT) && !((x)->ex_nscert & (usage))) - -static int ca_check(const X509 *x) -{ - /* keyUsage if present should allow cert signing */ - if(ku_reject(x, KU_KEY_CERT_SIGN)) return 0; - if(x->ex_flags & EXFLAG_BCONS) { - if(x->ex_flags & EXFLAG_CA) return 1; - /* If basicConstraints says not a CA then say so */ - else return 0; - } else { - if((x->ex_flags & V1_ROOT) == V1_ROOT) return 3; - else return 2; - } -} - -/* Check SSL CA: common checks for SSL client and server */ -static int check_ssl_ca(const X509 *x) -{ - int ca_ret; - ca_ret = ca_check(x); - if(!ca_ret) return 0; - /* check nsCertType if present */ - if(x->ex_flags & EXFLAG_NSCERT) { - if(x->ex_nscert & NS_SSL_CA) return ca_ret; - return 0; - } - if(ca_ret != 2) return ca_ret; - else return 0; -} - - -static int check_purpose_ssl_client(const X509_PURPOSE *xp, const X509 *x, int ca) -{ - if(xku_reject(x,XKU_SSL_CLIENT)) return 0; - if(ca) return check_ssl_ca(x); - /* We need to do digital signatures with it */ - if(ku_reject(x,KU_DIGITAL_SIGNATURE)) return 0; - /* nsCertType if present should allow SSL client use */ - if(ns_reject(x, NS_SSL_CLIENT)) return 0; - return 1; -} - -static int check_purpose_ssl_server(const X509_PURPOSE *xp, const X509 *x, int ca) -{ - if(xku_reject(x,XKU_SSL_SERVER|XKU_SGC)) return 0; - if(ca) return check_ssl_ca(x); - - if(ns_reject(x, NS_SSL_SERVER)) return 0; - /* Now as for keyUsage: we'll at least need to sign OR encipher */ - if(ku_reject(x, KU_DIGITAL_SIGNATURE|KU_KEY_ENCIPHERMENT)) return 0; - - return 1; - -} - -static int check_purpose_ns_ssl_server(const X509_PURPOSE *xp, const X509 *x, int ca) -{ - int ret; - ret = check_purpose_ssl_server(xp, x, ca); - if(!ret || ca) return ret; - /* We need to encipher or Netscape complains */ - if(ku_reject(x, KU_KEY_ENCIPHERMENT)) return 0; - return ret; -} - -/* common S/MIME checks */ -static int purpose_smime(const X509 *x, int ca) -{ - if(xku_reject(x,XKU_SMIME)) return 0; - if(ca) { - int ca_ret; - ca_ret = ca_check(x); - if(!ca_ret) return 0; - /* check nsCertType if present */ - if(x->ex_flags & EXFLAG_NSCERT) { - if(x->ex_nscert & NS_SMIME_CA) return ca_ret; - return 0; - } - if(ca_ret != 2) return ca_ret; - else return 0; - } - if(x->ex_flags & EXFLAG_NSCERT) { - if(x->ex_nscert & NS_SMIME) return 1; - /* Workaround for some buggy certificates */ - if(x->ex_nscert & NS_SSL_CLIENT) return 2; - return 0; - } - return 1; -} - -static int check_purpose_smime_sign(const X509_PURPOSE *xp, const X509 *x, int ca) -{ - int ret; - ret = purpose_smime(x, ca); - if(!ret || ca) return ret; - if(ku_reject(x, KU_DIGITAL_SIGNATURE)) return 0; - return ret; -} - -static int check_purpose_smime_encrypt(const X509_PURPOSE *xp, const X509 *x, int ca) -{ - int ret; - ret = purpose_smime(x, ca); - if(!ret || ca) return ret; - if(ku_reject(x, KU_KEY_ENCIPHERMENT)) return 0; - return ret; -} - -static int check_purpose_crl_sign(const X509_PURPOSE *xp, const X509 *x, int ca) -{ - if(ca) { - int ca_ret; - if((ca_ret = ca_check(x)) != 2) return ca_ret; - else return 0; - } - if(ku_reject(x, KU_CRL_SIGN)) return 0; - return 1; -} - -static int no_check(const X509_PURPOSE *xp, const X509 *x, int ca) -{ - return 1; -} - -/* Various checks to see if one certificate issued the second. - * This can be used to prune a set of possible issuer certificates - * which have been looked up using some simple method such as by - * subject name. - * These are: - * 1. Check issuer_name(subject) == subject_name(issuer) - * 2. If akid(subject) exists check it matches issuer - * 3. If key_usage(issuer) exists check it supports certificate signing - * returns 0 for OK, positive for reason for mismatch, reasons match - * codes for X509_verify_cert() - */ - -int X509_check_issued(X509 *issuer, X509 *subject) -{ - if(X509_NAME_cmp(X509_get_subject_name(issuer), - X509_get_issuer_name(subject))) - return X509_V_ERR_SUBJECT_ISSUER_MISMATCH; - x509v3_cache_extensions(issuer); - x509v3_cache_extensions(subject); - if(subject->akid) { - /* Check key ids (if present) */ - if(subject->akid->keyid && issuer->skid && - ASN1_OCTET_STRING_cmp(subject->akid->keyid, issuer->skid) ) - return X509_V_ERR_AKID_SKID_MISMATCH; - /* Check serial number */ - if(subject->akid->serial && - ASN1_INTEGER_cmp(X509_get_serialNumber(issuer), - subject->akid->serial)) - return X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH; - /* Check issuer name */ - if(subject->akid->issuer) { - /* Ugh, for some peculiar reason AKID includes - * SEQUENCE OF GeneralName. So look for a DirName. - * There may be more than one but we only take any - * notice of the first. - */ - STACK_OF(GENERAL_NAME) *gens; - GENERAL_NAME *gen; - X509_NAME *nm = NULL; - int i; - gens = subject->akid->issuer; - for(i = 0; i < sk_GENERAL_NAME_num(gens); i++) { - gen = sk_GENERAL_NAME_value(gens, i); - if(gen->type == GEN_DIRNAME) { - nm = gen->d.dirn; - break; - } - } - if(nm && X509_NAME_cmp(nm, X509_get_issuer_name(issuer))) - return X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH; - } - } - if(ku_reject(issuer, KU_KEY_CERT_SIGN)) return X509_V_ERR_KEYUSAGE_NO_CERTSIGN; - return X509_V_OK; -} - diff --git a/src/lib/libcrypto/x509v3/v3_skey.c b/src/lib/libcrypto/x509v3/v3_skey.c deleted file mode 100644 index 939845fa8f..0000000000 --- a/src/lib/libcrypto/x509v3/v3_skey.c +++ /dev/null @@ -1,149 +0,0 @@ -/* v3_skey.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - - -#include -#include "cryptlib.h" -#include - -static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str); -X509V3_EXT_METHOD v3_skey_id = { -NID_subject_key_identifier, 0, -(X509V3_EXT_NEW)ASN1_OCTET_STRING_new, -(X509V3_EXT_FREE)ASN1_OCTET_STRING_free, -(X509V3_EXT_D2I)d2i_ASN1_OCTET_STRING, -(X509V3_EXT_I2D)i2d_ASN1_OCTET_STRING, -(X509V3_EXT_I2S)i2s_ASN1_OCTET_STRING, -(X509V3_EXT_S2I)s2i_skey_id, -NULL, NULL, NULL, NULL, NULL}; - -char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, - ASN1_OCTET_STRING *oct) -{ - return hex_to_string(oct->data, oct->length); -} - -ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, char *str) -{ - ASN1_OCTET_STRING *oct; - long length; - - if(!(oct = M_ASN1_OCTET_STRING_new())) { - X509V3err(X509V3_F_S2I_ASN1_OCTET_STRING,ERR_R_MALLOC_FAILURE); - return NULL; - } - - if(!(oct->data = string_to_hex(str, &length))) { - M_ASN1_OCTET_STRING_free(oct); - return NULL; - } - - oct->length = length; - - return oct; - -} - -static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, char *str) -{ - ASN1_OCTET_STRING *oct; - ASN1_BIT_STRING *pk; - unsigned char pkey_dig[EVP_MAX_MD_SIZE]; - EVP_MD_CTX md; - unsigned int diglen; - - if(strcmp(str, "hash")) return s2i_ASN1_OCTET_STRING(method, ctx, str); - - if(!(oct = M_ASN1_OCTET_STRING_new())) { - X509V3err(X509V3_F_S2I_S2I_SKEY_ID,ERR_R_MALLOC_FAILURE); - return NULL; - } - - if(ctx && (ctx->flags == CTX_TEST)) return oct; - - if(!ctx || (!ctx->subject_req && !ctx->subject_cert)) { - X509V3err(X509V3_F_S2I_ASN1_SKEY_ID,X509V3_R_NO_PUBLIC_KEY); - goto err; - } - - if(ctx->subject_req) - pk = ctx->subject_req->req_info->pubkey->public_key; - else pk = ctx->subject_cert->cert_info->key->public_key; - - if(!pk) { - X509V3err(X509V3_F_S2I_ASN1_SKEY_ID,X509V3_R_NO_PUBLIC_KEY); - goto err; - } - - EVP_DigestInit(&md, EVP_sha1()); - EVP_DigestUpdate(&md, pk->data, pk->length); - EVP_DigestFinal(&md, pkey_dig, &diglen); - - if(!M_ASN1_OCTET_STRING_set(oct, pkey_dig, diglen)) { - X509V3err(X509V3_F_S2I_S2I_SKEY_ID,ERR_R_MALLOC_FAILURE); - goto err; - } - - return oct; - - err: - M_ASN1_OCTET_STRING_free(oct); - return NULL; -} diff --git a/src/lib/libcrypto/x509v3/v3_sxnet.c b/src/lib/libcrypto/x509v3/v3_sxnet.c deleted file mode 100644 index bfecacd336..0000000000 --- a/src/lib/libcrypto/x509v3/v3_sxnet.c +++ /dev/null @@ -1,340 +0,0 @@ -/* v3_sxnet.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include "cryptlib.h" -#include -#include -#include -#include - -/* Support for Thawte strong extranet extension */ - -#define SXNET_TEST - -static int sxnet_i2r(X509V3_EXT_METHOD *method, SXNET *sx, BIO *out, int indent); -#ifdef SXNET_TEST -static SXNET * sxnet_v2i(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, - STACK_OF(CONF_VALUE) *nval); -#endif -X509V3_EXT_METHOD v3_sxnet = { -NID_sxnet, X509V3_EXT_MULTILINE, -(X509V3_EXT_NEW)SXNET_new, -(X509V3_EXT_FREE)SXNET_free, -(X509V3_EXT_D2I)d2i_SXNET, -(X509V3_EXT_I2D)i2d_SXNET, -NULL, NULL, -NULL, -#ifdef SXNET_TEST -(X509V3_EXT_V2I)sxnet_v2i, -#else -NULL, -#endif -(X509V3_EXT_I2R)sxnet_i2r, -NULL, -NULL -}; - - -int i2d_SXNET(SXNET *a, unsigned char **pp) -{ - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len (a->version, i2d_ASN1_INTEGER); - M_ASN1_I2D_len_SEQUENCE_type (SXNETID, a->ids, i2d_SXNETID); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put (a->version, i2d_ASN1_INTEGER); - M_ASN1_I2D_put_SEQUENCE_type (SXNETID, a->ids, i2d_SXNETID); - - M_ASN1_I2D_finish(); -} - -SXNET *SXNET_new(void) -{ - SXNET *ret=NULL; - ASN1_CTX c; - M_ASN1_New_Malloc(ret, SXNET); - M_ASN1_New(ret->version,M_ASN1_INTEGER_new); - M_ASN1_New(ret->ids,sk_SXNETID_new_null); - return (ret); - M_ASN1_New_Error(ASN1_F_SXNET_NEW); -} - -SXNET *d2i_SXNET(SXNET **a, unsigned char **pp, long length) -{ - M_ASN1_D2I_vars(a,SXNET *,SXNET_new); - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get (ret->version, d2i_ASN1_INTEGER); - M_ASN1_D2I_get_seq_type (SXNETID, ret->ids, d2i_SXNETID, SXNETID_free); - M_ASN1_D2I_Finish(a, SXNET_free, ASN1_F_D2I_SXNET); -} - -void SXNET_free(SXNET *a) -{ - if (a == NULL) return; - M_ASN1_INTEGER_free(a->version); - sk_SXNETID_pop_free(a->ids, SXNETID_free); - OPENSSL_free (a); -} - -int i2d_SXNETID(SXNETID *a, unsigned char **pp) -{ - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len (a->zone, i2d_ASN1_INTEGER); - M_ASN1_I2D_len (a->user, i2d_ASN1_OCTET_STRING); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put (a->zone, i2d_ASN1_INTEGER); - M_ASN1_I2D_put (a->user, i2d_ASN1_OCTET_STRING); - - M_ASN1_I2D_finish(); -} - -SXNETID *SXNETID_new(void) -{ - SXNETID *ret=NULL; - ASN1_CTX c; - M_ASN1_New_Malloc(ret, SXNETID); - ret->zone = NULL; - M_ASN1_New(ret->user,M_ASN1_OCTET_STRING_new); - return (ret); - M_ASN1_New_Error(ASN1_F_SXNETID_NEW); -} - -SXNETID *d2i_SXNETID(SXNETID **a, unsigned char **pp, long length) -{ - M_ASN1_D2I_vars(a,SXNETID *,SXNETID_new); - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->zone, d2i_ASN1_INTEGER); - M_ASN1_D2I_get(ret->user, d2i_ASN1_OCTET_STRING); - M_ASN1_D2I_Finish(a, SXNETID_free, ASN1_F_D2I_SXNETID); -} - -void SXNETID_free(SXNETID *a) -{ - if (a == NULL) return; - M_ASN1_INTEGER_free(a->zone); - M_ASN1_OCTET_STRING_free(a->user); - OPENSSL_free (a); -} - -static int sxnet_i2r(X509V3_EXT_METHOD *method, SXNET *sx, BIO *out, - int indent) -{ - long v; - char *tmp; - SXNETID *id; - int i; - v = ASN1_INTEGER_get(sx->version); - BIO_printf(out, "%*sVersion: %d (0x%X)", indent, "", v + 1, v); - for(i = 0; i < sk_SXNETID_num(sx->ids); i++) { - id = sk_SXNETID_value(sx->ids, i); - tmp = i2s_ASN1_INTEGER(NULL, id->zone); - BIO_printf(out, "\n%*sZone: %s, User: ", indent, "", tmp); - OPENSSL_free(tmp); - M_ASN1_OCTET_STRING_print(out, id->user); - } - return 1; -} - -#ifdef SXNET_TEST - -/* NBB: this is used for testing only. It should *not* be used for anything - * else because it will just take static IDs from the configuration file and - * they should really be separate values for each user. - */ - - -static SXNET * sxnet_v2i(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, - STACK_OF(CONF_VALUE) *nval) -{ - CONF_VALUE *cnf; - SXNET *sx = NULL; - int i; - for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { - cnf = sk_CONF_VALUE_value(nval, i); - if(!SXNET_add_id_asc(&sx, cnf->name, cnf->value, -1)) - return NULL; - } - return sx; -} - - -#endif - -/* Strong Extranet utility functions */ - -/* Add an id given the zone as an ASCII number */ - -int SXNET_add_id_asc(SXNET **psx, char *zone, char *user, - int userlen) -{ - ASN1_INTEGER *izone = NULL; - if(!(izone = s2i_ASN1_INTEGER(NULL, zone))) { - X509V3err(X509V3_F_SXNET_ADD_ASC,X509V3_R_ERROR_CONVERTING_ZONE); - return 0; - } - return SXNET_add_id_INTEGER(psx, izone, user, userlen); -} - -/* Add an id given the zone as an unsigned long */ - -int SXNET_add_id_ulong(SXNET **psx, unsigned long lzone, char *user, - int userlen) -{ - ASN1_INTEGER *izone = NULL; - if(!(izone = M_ASN1_INTEGER_new()) || !ASN1_INTEGER_set(izone, lzone)) { - X509V3err(X509V3_F_SXNET_ADD_ID_ULONG,ERR_R_MALLOC_FAILURE); - M_ASN1_INTEGER_free(izone); - return 0; - } - return SXNET_add_id_INTEGER(psx, izone, user, userlen); - -} - -/* Add an id given the zone as an ASN1_INTEGER. - * Note this version uses the passed integer and doesn't make a copy so don't - * free it up afterwards. - */ - -int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *zone, char *user, - int userlen) -{ - SXNET *sx = NULL; - SXNETID *id = NULL; - if(!psx || !zone || !user) { - X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER,X509V3_R_INVALID_NULL_ARGUMENT); - return 0; - } - if(userlen == -1) userlen = strlen(user); - if(userlen > 64) { - X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER,X509V3_R_USER_TOO_LONG); - return 0; - } - if(!*psx) { - if(!(sx = SXNET_new())) goto err; - if(!ASN1_INTEGER_set(sx->version, 0)) goto err; - *psx = sx; - } else sx = *psx; - if(SXNET_get_id_INTEGER(sx, zone)) { - X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER,X509V3_R_DUPLICATE_ZONE_ID); - return 0; - } - - if(!(id = SXNETID_new())) goto err; - if(userlen == -1) userlen = strlen(user); - - if(!M_ASN1_OCTET_STRING_set(id->user, user, userlen)) goto err; - if(!sk_SXNETID_push(sx->ids, id)) goto err; - id->zone = zone; - return 1; - - err: - X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER,ERR_R_MALLOC_FAILURE); - SXNETID_free(id); - SXNET_free(sx); - *psx = NULL; - return 0; -} - -ASN1_OCTET_STRING *SXNET_get_id_asc(SXNET *sx, char *zone) -{ - ASN1_INTEGER *izone = NULL; - ASN1_OCTET_STRING *oct; - if(!(izone = s2i_ASN1_INTEGER(NULL, zone))) { - X509V3err(X509V3_F_SXNET_GET_ID_ASC,X509V3_R_ERROR_CONVERTING_ZONE); - return NULL; - } - oct = SXNET_get_id_INTEGER(sx, izone); - M_ASN1_INTEGER_free(izone); - return oct; -} - -ASN1_OCTET_STRING *SXNET_get_id_ulong(SXNET *sx, unsigned long lzone) -{ - ASN1_INTEGER *izone = NULL; - ASN1_OCTET_STRING *oct; - if(!(izone = M_ASN1_INTEGER_new()) || !ASN1_INTEGER_set(izone, lzone)) { - X509V3err(X509V3_F_SXNET_GET_ID_ULONG,ERR_R_MALLOC_FAILURE); - M_ASN1_INTEGER_free(izone); - return NULL; - } - oct = SXNET_get_id_INTEGER(sx, izone); - M_ASN1_INTEGER_free(izone); - return oct; -} - -ASN1_OCTET_STRING *SXNET_get_id_INTEGER(SXNET *sx, ASN1_INTEGER *zone) -{ - SXNETID *id; - int i; - for(i = 0; i < sk_SXNETID_num(sx->ids); i++) { - id = sk_SXNETID_value(sx->ids, i); - if(!M_ASN1_INTEGER_cmp(id->zone, zone)) return id->user; - } - return NULL; -} - -IMPLEMENT_STACK_OF(SXNETID) -IMPLEMENT_ASN1_SET_OF(SXNETID) diff --git a/src/lib/libcrypto/x509v3/v3_utl.c b/src/lib/libcrypto/x509v3/v3_utl.c deleted file mode 100644 index 619f161b58..0000000000 --- a/src/lib/libcrypto/x509v3/v3_utl.c +++ /dev/null @@ -1,516 +0,0 @@ -/* v3_utl.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -/* X509 v3 extension utilities */ - - -#include -#include -#include "cryptlib.h" -#include -#include - -static char *strip_spaces(char *name); -static int sk_strcmp(const char * const *a, const char * const *b); -static STACK *get_email(X509_NAME *name, STACK_OF(GENERAL_NAME) *gens); -static void str_free(void *str); -static int append_ia5(STACK **sk, ASN1_IA5STRING *email); - -/* Add a CONF_VALUE name value pair to stack */ - -int X509V3_add_value(const char *name, const char *value, - STACK_OF(CONF_VALUE) **extlist) -{ - CONF_VALUE *vtmp = NULL; - char *tname = NULL, *tvalue = NULL; - if(name && !(tname = BUF_strdup(name))) goto err; - if(value && !(tvalue = BUF_strdup(value))) goto err;; - if(!(vtmp = (CONF_VALUE *)OPENSSL_malloc(sizeof(CONF_VALUE)))) goto err; - if(!*extlist && !(*extlist = sk_CONF_VALUE_new_null())) goto err; - vtmp->section = NULL; - vtmp->name = tname; - vtmp->value = tvalue; - if(!sk_CONF_VALUE_push(*extlist, vtmp)) goto err; - return 1; - err: - X509V3err(X509V3_F_X509V3_ADD_VALUE,ERR_R_MALLOC_FAILURE); - if(vtmp) OPENSSL_free(vtmp); - if(tname) OPENSSL_free(tname); - if(tvalue) OPENSSL_free(tvalue); - return 0; -} - -int X509V3_add_value_uchar(const char *name, const unsigned char *value, - STACK_OF(CONF_VALUE) **extlist) - { - return X509V3_add_value(name,(const char *)value,extlist); - } - -/* Free function for STACK_OF(CONF_VALUE) */ - -void X509V3_conf_free(CONF_VALUE *conf) -{ - if(!conf) return; - if(conf->name) OPENSSL_free(conf->name); - if(conf->value) OPENSSL_free(conf->value); - if(conf->section) OPENSSL_free(conf->section); - OPENSSL_free(conf); -} - -int X509V3_add_value_bool(const char *name, int asn1_bool, - STACK_OF(CONF_VALUE) **extlist) -{ - if(asn1_bool) return X509V3_add_value(name, "TRUE", extlist); - return X509V3_add_value(name, "FALSE", extlist); -} - -int X509V3_add_value_bool_nf(char *name, int asn1_bool, - STACK_OF(CONF_VALUE) **extlist) -{ - if(asn1_bool) return X509V3_add_value(name, "TRUE", extlist); - return 1; -} - - -char *i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *method, ASN1_ENUMERATED *a) -{ - BIGNUM *bntmp = NULL; - char *strtmp = NULL; - if(!a) return NULL; - if(!(bntmp = ASN1_ENUMERATED_to_BN(a, NULL)) || - !(strtmp = BN_bn2dec(bntmp)) ) - X509V3err(X509V3_F_I2S_ASN1_ENUMERATED,ERR_R_MALLOC_FAILURE); - BN_free(bntmp); - return strtmp; -} - -char *i2s_ASN1_INTEGER(X509V3_EXT_METHOD *method, ASN1_INTEGER *a) -{ - BIGNUM *bntmp = NULL; - char *strtmp = NULL; - if(!a) return NULL; - if(!(bntmp = ASN1_INTEGER_to_BN(a, NULL)) || - !(strtmp = BN_bn2dec(bntmp)) ) - X509V3err(X509V3_F_I2S_ASN1_INTEGER,ERR_R_MALLOC_FAILURE); - BN_free(bntmp); - return strtmp; -} - -ASN1_INTEGER *s2i_ASN1_INTEGER(X509V3_EXT_METHOD *method, char *value) -{ - BIGNUM *bn = NULL; - ASN1_INTEGER *aint; - bn = BN_new(); - if(!value) { - X509V3err(X509V3_F_S2I_ASN1_INTEGER,X509V3_R_INVALID_NULL_VALUE); - return 0; - } - if(!BN_dec2bn(&bn, value)) { - X509V3err(X509V3_F_S2I_ASN1_INTEGER,X509V3_R_BN_DEC2BN_ERROR); - return 0; - } - - if(!(aint = BN_to_ASN1_INTEGER(bn, NULL))) { - X509V3err(X509V3_F_S2I_ASN1_INTEGER,X509V3_R_BN_TO_ASN1_INTEGER_ERROR); - return 0; - } - BN_free(bn); - return aint; -} - -int X509V3_add_value_int(const char *name, ASN1_INTEGER *aint, - STACK_OF(CONF_VALUE) **extlist) -{ - char *strtmp; - int ret; - if(!aint) return 1; - if(!(strtmp = i2s_ASN1_INTEGER(NULL, aint))) return 0; - ret = X509V3_add_value(name, strtmp, extlist); - OPENSSL_free(strtmp); - return ret; -} - -int X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool) -{ - char *btmp; - if(!(btmp = value->value)) goto err; - if(!strcmp(btmp, "TRUE") || !strcmp(btmp, "true") - || !strcmp(btmp, "Y") || !strcmp(btmp, "y") - || !strcmp(btmp, "YES") || !strcmp(btmp, "yes")) { - *asn1_bool = 0xff; - return 1; - } else if(!strcmp(btmp, "FALSE") || !strcmp(btmp, "false") - || !strcmp(btmp, "N") || !strcmp(btmp, "n") - || !strcmp(btmp, "NO") || !strcmp(btmp, "no")) { - *asn1_bool = 0; - return 1; - } - err: - X509V3err(X509V3_F_X509V3_GET_VALUE_BOOL,X509V3_R_INVALID_BOOLEAN_STRING); - X509V3_conf_err(value); - return 0; -} - -int X509V3_get_value_int(CONF_VALUE *value, ASN1_INTEGER **aint) -{ - ASN1_INTEGER *itmp; - if(!(itmp = s2i_ASN1_INTEGER(NULL, value->value))) { - X509V3_conf_err(value); - return 0; - } - *aint = itmp; - return 1; -} - -#define HDR_NAME 1 -#define HDR_VALUE 2 - -/*#define DEBUG*/ - -STACK_OF(CONF_VALUE) *X509V3_parse_list(char *line) -{ - char *p, *q, c; - char *ntmp, *vtmp; - STACK_OF(CONF_VALUE) *values = NULL; - char *linebuf; - int state; - /* We are going to modify the line so copy it first */ - linebuf = BUF_strdup(line); - state = HDR_NAME; - ntmp = NULL; - /* Go through all characters */ - for(p = linebuf, q = linebuf; (c = *p) && (c!='\r') && (c!='\n'); p++) { - - switch(state) { - case HDR_NAME: - if(c == ':') { - state = HDR_VALUE; - *p = 0; - ntmp = strip_spaces(q); - if(!ntmp) { - X509V3err(X509V3_F_X509V3_PARSE_LIST, X509V3_R_INVALID_NULL_NAME); - goto err; - } - q = p + 1; - } else if(c == ',') { - *p = 0; - ntmp = strip_spaces(q); - q = p + 1; -#ifdef DEBUG - printf("%s\n", ntmp); -#endif - if(!ntmp) { - X509V3err(X509V3_F_X509V3_PARSE_LIST, X509V3_R_INVALID_NULL_NAME); - goto err; - } - X509V3_add_value(ntmp, NULL, &values); - } - break ; - - case HDR_VALUE: - if(c == ',') { - state = HDR_NAME; - *p = 0; - vtmp = strip_spaces(q); -#ifdef DEBUG - printf("%s\n", ntmp); -#endif - if(!vtmp) { - X509V3err(X509V3_F_X509V3_PARSE_LIST, X509V3_R_INVALID_NULL_VALUE); - goto err; - } - X509V3_add_value(ntmp, vtmp, &values); - ntmp = NULL; - q = p + 1; - } - - } - } - - if(state == HDR_VALUE) { - vtmp = strip_spaces(q); -#ifdef DEBUG - printf("%s=%s\n", ntmp, vtmp); -#endif - if(!vtmp) { - X509V3err(X509V3_F_X509V3_PARSE_LIST, X509V3_R_INVALID_NULL_VALUE); - goto err; - } - X509V3_add_value(ntmp, vtmp, &values); - } else { - ntmp = strip_spaces(q); -#ifdef DEBUG - printf("%s\n", ntmp); -#endif - if(!ntmp) { - X509V3err(X509V3_F_X509V3_PARSE_LIST, X509V3_R_INVALID_NULL_NAME); - goto err; - } - X509V3_add_value(ntmp, NULL, &values); - } -OPENSSL_free(linebuf); -return values; - -err: -OPENSSL_free(linebuf); -sk_CONF_VALUE_pop_free(values, X509V3_conf_free); -return NULL; - -} - -/* Delete leading and trailing spaces from a string */ -static char *strip_spaces(char *name) -{ - char *p, *q; - /* Skip over leading spaces */ - p = name; - while(*p && isspace((unsigned char)*p)) p++; - if(!*p) return NULL; - q = p + strlen(p) - 1; - while((q != p) && isspace((unsigned char)*q)) q--; - if(p != q) q[1] = 0; - if(!*p) return NULL; - return p; -} - -/* hex string utilities */ - -/* Given a buffer of length 'len' return a OPENSSL_malloc'ed string with its - * hex representation - * @@@ (Contents of buffer are always kept in ASCII, also on EBCDIC machines) - */ - -char *hex_to_string(unsigned char *buffer, long len) -{ - char *tmp, *q; - unsigned char *p; - int i; - static char hexdig[] = "0123456789ABCDEF"; - if(!buffer || !len) return NULL; - if(!(tmp = OPENSSL_malloc(len * 3 + 1))) { - X509V3err(X509V3_F_HEX_TO_STRING,ERR_R_MALLOC_FAILURE); - return NULL; - } - q = tmp; - for(i = 0, p = buffer; i < len; i++,p++) { - *q++ = hexdig[(*p >> 4) & 0xf]; - *q++ = hexdig[*p & 0xf]; - *q++ = ':'; - } - q[-1] = 0; -#ifdef CHARSET_EBCDIC - ebcdic2ascii(tmp, tmp, q - tmp - 1); -#endif - - return tmp; -} - -/* Give a string of hex digits convert to - * a buffer - */ - -unsigned char *string_to_hex(char *str, long *len) -{ - unsigned char *hexbuf, *q; - unsigned char ch, cl, *p; - if(!str) { - X509V3err(X509V3_F_STRING_TO_HEX,X509V3_R_INVALID_NULL_ARGUMENT); - return NULL; - } - if(!(hexbuf = OPENSSL_malloc(strlen(str) >> 1))) goto err; - for(p = (unsigned char *)str, q = hexbuf; *p;) { - ch = *p++; -#ifdef CHARSET_EBCDIC - ch = os_toebcdic[ch]; -#endif - if(ch == ':') continue; - cl = *p++; -#ifdef CHARSET_EBCDIC - cl = os_toebcdic[cl]; -#endif - if(!cl) { - X509V3err(X509V3_F_STRING_TO_HEX,X509V3_R_ODD_NUMBER_OF_DIGITS); - OPENSSL_free(hexbuf); - return NULL; - } - if(isupper(ch)) ch = tolower(ch); - if(isupper(cl)) cl = tolower(cl); - - if((ch >= '0') && (ch <= '9')) ch -= '0'; - else if ((ch >= 'a') && (ch <= 'f')) ch -= 'a' - 10; - else goto badhex; - - if((cl >= '0') && (cl <= '9')) cl -= '0'; - else if ((cl >= 'a') && (cl <= 'f')) cl -= 'a' - 10; - else goto badhex; - - *q++ = (ch << 4) | cl; - } - - if(len) *len = q - hexbuf; - - return hexbuf; - - err: - if(hexbuf) OPENSSL_free(hexbuf); - X509V3err(X509V3_F_STRING_TO_HEX,ERR_R_MALLOC_FAILURE); - return NULL; - - badhex: - OPENSSL_free(hexbuf); - X509V3err(X509V3_F_STRING_TO_HEX,X509V3_R_ILLEGAL_HEX_DIGIT); - return NULL; - -} - -/* V2I name comparison function: returns zero if 'name' matches - * cmp or cmp.* - */ - -int name_cmp(const char *name, const char *cmp) -{ - int len, ret; - char c; - len = strlen(cmp); - if((ret = strncmp(name, cmp, len))) return ret; - c = name[len]; - if(!c || (c=='.')) return 0; - return 1; -} - -static int sk_strcmp(const char * const *a, const char * const *b) -{ - return strcmp(*a, *b); -} - -STACK *X509_get1_email(X509 *x) -{ - STACK_OF(GENERAL_NAME) *gens; - STACK *ret; - gens = X509_get_ext_d2i(x, NID_subject_alt_name, NULL, NULL); - ret = get_email(X509_get_subject_name(x), gens); - sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free); - return ret; -} - -STACK *X509_REQ_get1_email(X509_REQ *x) -{ - STACK_OF(GENERAL_NAME) *gens; - STACK_OF(X509_EXTENSION) *exts; - STACK *ret; - exts = X509_REQ_get_extensions(x); - gens = X509V3_get_d2i(exts, NID_subject_alt_name, NULL, NULL); - ret = get_email(X509_REQ_get_subject_name(x), gens); - sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free); - sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free); - return ret; -} - - -static STACK *get_email(X509_NAME *name, STACK_OF(GENERAL_NAME) *gens) -{ - STACK *ret = NULL; - X509_NAME_ENTRY *ne; - ASN1_IA5STRING *email; - GENERAL_NAME *gen; - int i; - /* Now add any email address(es) to STACK */ - i = -1; - /* First supplied X509_NAME */ - while((i = X509_NAME_get_index_by_NID(name, - NID_pkcs9_emailAddress, i)) > 0) { - ne = X509_NAME_get_entry(name, i); - email = X509_NAME_ENTRY_get_data(ne); - if(!append_ia5(&ret, email)) return NULL; - } - for(i = 0; i < sk_GENERAL_NAME_num(gens); i++) - { - gen = sk_GENERAL_NAME_value(gens, i); - if(gen->type != GEN_EMAIL) continue; - if(!append_ia5(&ret, gen->d.ia5)) return NULL; - } - return ret; -} - -static void str_free(void *str) -{ - OPENSSL_free(str); -} - -static int append_ia5(STACK **sk, ASN1_IA5STRING *email) -{ - char *emtmp; - /* First some sanity checks */ - if(email->type != V_ASN1_IA5STRING) return 1; - if(!email->data || !email->length) return 1; - if(!*sk) *sk = sk_new(sk_strcmp); - if(!*sk) return 0; - /* Don't add duplicates */ - if(sk_find(*sk, (char *)email->data) != -1) return 1; - emtmp = BUF_strdup((char *)email->data); - if(!emtmp || !sk_push(*sk, emtmp)) { - X509_email_free(*sk); - *sk = NULL; - return 0; - } - return 1; -} - -void X509_email_free(STACK *sk) -{ - sk_pop_free(sk, str_free); -} diff --git a/src/lib/libcrypto/x509v3/v3err.c b/src/lib/libcrypto/x509v3/v3err.c deleted file mode 100644 index aa4a605dc4..0000000000 --- a/src/lib/libcrypto/x509v3/v3err.c +++ /dev/null @@ -1,176 +0,0 @@ -/* crypto/x509v3/v3err.c */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* NOTE: this file was auto generated by the mkerr.pl script: any changes - * made to it will be overwritten when the script next updates this file, - * only reason strings will be preserved. - */ - -#include -#include -#include - -/* BEGIN ERROR CODES */ -#ifndef NO_ERR -static ERR_STRING_DATA X509V3_str_functs[]= - { -{ERR_PACK(0,X509V3_F_COPY_EMAIL,0), "COPY_EMAIL"}, -{ERR_PACK(0,X509V3_F_COPY_ISSUER,0), "COPY_ISSUER"}, -{ERR_PACK(0,X509V3_F_DO_EXT_CONF,0), "DO_EXT_CONF"}, -{ERR_PACK(0,X509V3_F_DO_EXT_I2D,0), "DO_EXT_I2D"}, -{ERR_PACK(0,X509V3_F_HEX_TO_STRING,0), "hex_to_string"}, -{ERR_PACK(0,X509V3_F_I2S_ASN1_ENUMERATED,0), "i2s_ASN1_ENUMERATED"}, -{ERR_PACK(0,X509V3_F_I2S_ASN1_INTEGER,0), "i2s_ASN1_INTEGER"}, -{ERR_PACK(0,X509V3_F_I2V_AUTHORITY_INFO_ACCESS,0), "I2V_AUTHORITY_INFO_ACCESS"}, -{ERR_PACK(0,X509V3_F_NOTICE_SECTION,0), "NOTICE_SECTION"}, -{ERR_PACK(0,X509V3_F_NREF_NOS,0), "NREF_NOS"}, -{ERR_PACK(0,X509V3_F_POLICY_SECTION,0), "POLICY_SECTION"}, -{ERR_PACK(0,X509V3_F_R2I_CERTPOL,0), "R2I_CERTPOL"}, -{ERR_PACK(0,X509V3_F_S2I_ASN1_IA5STRING,0), "S2I_ASN1_IA5STRING"}, -{ERR_PACK(0,X509V3_F_S2I_ASN1_INTEGER,0), "s2i_ASN1_INTEGER"}, -{ERR_PACK(0,X509V3_F_S2I_ASN1_OCTET_STRING,0), "s2i_ASN1_OCTET_STRING"}, -{ERR_PACK(0,X509V3_F_S2I_ASN1_SKEY_ID,0), "S2I_ASN1_SKEY_ID"}, -{ERR_PACK(0,X509V3_F_S2I_S2I_SKEY_ID,0), "S2I_S2I_SKEY_ID"}, -{ERR_PACK(0,X509V3_F_STRING_TO_HEX,0), "string_to_hex"}, -{ERR_PACK(0,X509V3_F_SXNET_ADD_ASC,0), "SXNET_ADD_ASC"}, -{ERR_PACK(0,X509V3_F_SXNET_ADD_ID_INTEGER,0), "SXNET_add_id_INTEGER"}, -{ERR_PACK(0,X509V3_F_SXNET_ADD_ID_ULONG,0), "SXNET_add_id_ulong"}, -{ERR_PACK(0,X509V3_F_SXNET_GET_ID_ASC,0), "SXNET_get_id_asc"}, -{ERR_PACK(0,X509V3_F_SXNET_GET_ID_ULONG,0), "SXNET_get_id_ulong"}, -{ERR_PACK(0,X509V3_F_V2I_ACCESS_DESCRIPTION,0), "V2I_ACCESS_DESCRIPTION"}, -{ERR_PACK(0,X509V3_F_V2I_ASN1_BIT_STRING,0), "V2I_ASN1_BIT_STRING"}, -{ERR_PACK(0,X509V3_F_V2I_AUTHORITY_KEYID,0), "V2I_AUTHORITY_KEYID"}, -{ERR_PACK(0,X509V3_F_V2I_BASIC_CONSTRAINTS,0), "V2I_BASIC_CONSTRAINTS"}, -{ERR_PACK(0,X509V3_F_V2I_CRLD,0), "V2I_CRLD"}, -{ERR_PACK(0,X509V3_F_V2I_EXT_KU,0), "V2I_EXT_KU"}, -{ERR_PACK(0,X509V3_F_V2I_GENERAL_NAME,0), "v2i_GENERAL_NAME"}, -{ERR_PACK(0,X509V3_F_V2I_GENERAL_NAMES,0), "v2i_GENERAL_NAMES"}, -{ERR_PACK(0,X509V3_F_V3_GENERIC_EXTENSION,0), "V3_GENERIC_EXTENSION"}, -{ERR_PACK(0,X509V3_F_X509V3_ADD_VALUE,0), "X509V3_add_value"}, -{ERR_PACK(0,X509V3_F_X509V3_EXT_ADD,0), "X509V3_EXT_add"}, -{ERR_PACK(0,X509V3_F_X509V3_EXT_ADD_ALIAS,0), "X509V3_EXT_add_alias"}, -{ERR_PACK(0,X509V3_F_X509V3_EXT_CONF,0), "X509V3_EXT_conf"}, -{ERR_PACK(0,X509V3_F_X509V3_EXT_I2D,0), "X509V3_EXT_i2d"}, -{ERR_PACK(0,X509V3_F_X509V3_GET_VALUE_BOOL,0), "X509V3_get_value_bool"}, -{ERR_PACK(0,X509V3_F_X509V3_PARSE_LIST,0), "X509V3_parse_list"}, -{ERR_PACK(0,X509V3_F_X509_PURPOSE_ADD,0), "X509_PURPOSE_add"}, -{0,NULL} - }; - -static ERR_STRING_DATA X509V3_str_reasons[]= - { -{X509V3_R_BAD_IP_ADDRESS ,"bad ip address"}, -{X509V3_R_BAD_OBJECT ,"bad object"}, -{X509V3_R_BN_DEC2BN_ERROR ,"bn dec2bn error"}, -{X509V3_R_BN_TO_ASN1_INTEGER_ERROR ,"bn to asn1 integer error"}, -{X509V3_R_DUPLICATE_ZONE_ID ,"duplicate zone id"}, -{X509V3_R_ERROR_CONVERTING_ZONE ,"error converting zone"}, -{X509V3_R_ERROR_IN_EXTENSION ,"error in extension"}, -{X509V3_R_EXPECTED_A_SECTION_NAME ,"expected a section name"}, -{X509V3_R_EXTENSION_NAME_ERROR ,"extension name error"}, -{X509V3_R_EXTENSION_NOT_FOUND ,"extension not found"}, -{X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED,"extension setting not supported"}, -{X509V3_R_EXTENSION_VALUE_ERROR ,"extension value error"}, -{X509V3_R_ILLEGAL_HEX_DIGIT ,"illegal hex digit"}, -{X509V3_R_INVALID_BOOLEAN_STRING ,"invalid boolean string"}, -{X509V3_R_INVALID_EXTENSION_STRING ,"invalid extension string"}, -{X509V3_R_INVALID_NAME ,"invalid name"}, -{X509V3_R_INVALID_NULL_ARGUMENT ,"invalid null argument"}, -{X509V3_R_INVALID_NULL_NAME ,"invalid null name"}, -{X509V3_R_INVALID_NULL_VALUE ,"invalid null value"}, -{X509V3_R_INVALID_NUMBER ,"invalid number"}, -{X509V3_R_INVALID_NUMBERS ,"invalid numbers"}, -{X509V3_R_INVALID_OBJECT_IDENTIFIER ,"invalid object identifier"}, -{X509V3_R_INVALID_OPTION ,"invalid option"}, -{X509V3_R_INVALID_POLICY_IDENTIFIER ,"invalid policy identifier"}, -{X509V3_R_INVALID_SECTION ,"invalid section"}, -{X509V3_R_INVALID_SYNTAX ,"invalid syntax"}, -{X509V3_R_ISSUER_DECODE_ERROR ,"issuer decode error"}, -{X509V3_R_MISSING_VALUE ,"missing value"}, -{X509V3_R_NEED_ORGANIZATION_AND_NUMBERS ,"need organization and numbers"}, -{X509V3_R_NO_CONFIG_DATABASE ,"no config database"}, -{X509V3_R_NO_ISSUER_CERTIFICATE ,"no issuer certificate"}, -{X509V3_R_NO_ISSUER_DETAILS ,"no issuer details"}, -{X509V3_R_NO_POLICY_IDENTIFIER ,"no policy identifier"}, -{X509V3_R_NO_PUBLIC_KEY ,"no public key"}, -{X509V3_R_NO_SUBJECT_DETAILS ,"no subject details"}, -{X509V3_R_ODD_NUMBER_OF_DIGITS ,"odd number of digits"}, -{X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS ,"unable to get issuer details"}, -{X509V3_R_UNABLE_TO_GET_ISSUER_KEYID ,"unable to get issuer keyid"}, -{X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT ,"unknown bit string argument"}, -{X509V3_R_UNKNOWN_EXTENSION ,"unknown extension"}, -{X509V3_R_UNKNOWN_EXTENSION_NAME ,"unknown extension name"}, -{X509V3_R_UNKNOWN_OPTION ,"unknown option"}, -{X509V3_R_UNSUPPORTED_OPTION ,"unsupported option"}, -{X509V3_R_USER_TOO_LONG ,"user too long"}, -{0,NULL} - }; - -#endif - -void ERR_load_X509V3_strings(void) - { - static int init=1; - - if (init) - { - init=0; -#ifndef NO_ERR - ERR_load_strings(ERR_LIB_X509V3,X509V3_str_functs); - ERR_load_strings(ERR_LIB_X509V3,X509V3_str_reasons); -#endif - - } - } diff --git a/src/lib/libcrypto/x509v3/x509v3.h b/src/lib/libcrypto/x509v3/x509v3.h deleted file mode 100644 index 0453b12d63..0000000000 --- a/src/lib/libcrypto/x509v3/x509v3.h +++ /dev/null @@ -1,653 +0,0 @@ -/* x509v3.h */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -#ifndef HEADER_X509V3_H -#define HEADER_X509V3_H - -#include -#include -#include - -#ifdef __cplusplus -extern "C" { -#endif - -/* Forward reference */ -struct v3_ext_method; -struct v3_ext_ctx; - -/* Useful typedefs */ - -typedef void * (*X509V3_EXT_NEW)(void); -typedef void (*X509V3_EXT_FREE)(void *); -typedef void * (*X509V3_EXT_D2I)(void *, unsigned char ** , long); -typedef int (*X509V3_EXT_I2D)(void *, unsigned char **); -typedef STACK_OF(CONF_VALUE) * (*X509V3_EXT_I2V)(struct v3_ext_method *method, void *ext, STACK_OF(CONF_VALUE) *extlist); -typedef void * (*X509V3_EXT_V2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, STACK_OF(CONF_VALUE) *values); -typedef char * (*X509V3_EXT_I2S)(struct v3_ext_method *method, void *ext); -typedef void * (*X509V3_EXT_S2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, char *str); -typedef int (*X509V3_EXT_I2R)(struct v3_ext_method *method, void *ext, BIO *out, int indent); -typedef void * (*X509V3_EXT_R2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, char *str); - -/* V3 extension structure */ - -struct v3_ext_method { -int ext_nid; -int ext_flags; -X509V3_EXT_NEW ext_new; -X509V3_EXT_FREE ext_free; -X509V3_EXT_D2I d2i; -X509V3_EXT_I2D i2d; - -/* The following pair is used for string extensions */ -X509V3_EXT_I2S i2s; -X509V3_EXT_S2I s2i; - -/* The following pair is used for multi-valued extensions */ -X509V3_EXT_I2V i2v; -X509V3_EXT_V2I v2i; - -/* The following are used for raw extensions */ -X509V3_EXT_I2R i2r; -X509V3_EXT_R2I r2i; - -void *usr_data; /* Any extension specific data */ -}; - -typedef struct X509V3_CONF_METHOD_st { -char * (*get_string)(void *db, char *section, char *value); -STACK_OF(CONF_VALUE) * (*get_section)(void *db, char *section); -void (*free_string)(void *db, char * string); -void (*free_section)(void *db, STACK_OF(CONF_VALUE) *section); -} X509V3_CONF_METHOD; - -/* Context specific info */ -struct v3_ext_ctx { -#define CTX_TEST 0x1 -int flags; -X509 *issuer_cert; -X509 *subject_cert; -X509_REQ *subject_req; -X509_CRL *crl; -X509V3_CONF_METHOD *db_meth; -void *db; -/* Maybe more here */ -}; - -typedef struct v3_ext_method X509V3_EXT_METHOD; -typedef struct v3_ext_ctx X509V3_CTX; - -DECLARE_STACK_OF(X509V3_EXT_METHOD) - -/* ext_flags values */ -#define X509V3_EXT_DYNAMIC 0x1 -#define X509V3_EXT_CTX_DEP 0x2 -#define X509V3_EXT_MULTILINE 0x4 - -typedef BIT_STRING_BITNAME ENUMERATED_NAMES; - -typedef struct BASIC_CONSTRAINTS_st { -int ca; -ASN1_INTEGER *pathlen; -} BASIC_CONSTRAINTS; - - -typedef struct PKEY_USAGE_PERIOD_st { -ASN1_GENERALIZEDTIME *notBefore; -ASN1_GENERALIZEDTIME *notAfter; -} PKEY_USAGE_PERIOD; - -typedef struct otherName_st { -ASN1_OBJECT *type_id; -ASN1_TYPE *value; -} OTHERNAME; - -typedef struct GENERAL_NAME_st { - -#define GEN_OTHERNAME (0|V_ASN1_CONTEXT_SPECIFIC) -#define GEN_EMAIL (1|V_ASN1_CONTEXT_SPECIFIC) -#define GEN_DNS (2|V_ASN1_CONTEXT_SPECIFIC) -#define GEN_X400 (3|V_ASN1_CONTEXT_SPECIFIC) -#define GEN_DIRNAME (4|V_ASN1_CONTEXT_SPECIFIC) -#define GEN_EDIPARTY (5|V_ASN1_CONTEXT_SPECIFIC) -#define GEN_URI (6|V_ASN1_CONTEXT_SPECIFIC) -#define GEN_IPADD (7|V_ASN1_CONTEXT_SPECIFIC) -#define GEN_RID (8|V_ASN1_CONTEXT_SPECIFIC) - -int type; -union { - char *ptr; - ASN1_IA5STRING *ia5;/* rfc822Name, dNSName, uniformResourceIdentifier */ - ASN1_OCTET_STRING *ip; /* iPAddress */ - X509_NAME *dirn; /* dirn */ - ASN1_OBJECT *rid; /* registeredID */ - OTHERNAME *otherName; /* otherName */ - ASN1_TYPE *other; /* ediPartyName, x400Address */ -} d; -} GENERAL_NAME; - -typedef struct ACCESS_DESCRIPTION_st { - ASN1_OBJECT *method; - GENERAL_NAME *location; -} ACCESS_DESCRIPTION; - -DECLARE_STACK_OF(GENERAL_NAME) -DECLARE_ASN1_SET_OF(GENERAL_NAME) - -DECLARE_STACK_OF(ACCESS_DESCRIPTION) -DECLARE_ASN1_SET_OF(ACCESS_DESCRIPTION) - -typedef struct DIST_POINT_NAME_st { -/* NB: this is a CHOICE type and only one of these should be set */ -STACK_OF(GENERAL_NAME) *fullname; -STACK_OF(X509_NAME_ENTRY) *relativename; -} DIST_POINT_NAME; - -typedef struct DIST_POINT_st { -DIST_POINT_NAME *distpoint; -ASN1_BIT_STRING *reasons; -STACK_OF(GENERAL_NAME) *CRLissuer; -} DIST_POINT; - -DECLARE_STACK_OF(DIST_POINT) -DECLARE_ASN1_SET_OF(DIST_POINT) - -typedef struct AUTHORITY_KEYID_st { -ASN1_OCTET_STRING *keyid; -STACK_OF(GENERAL_NAME) *issuer; -ASN1_INTEGER *serial; -} AUTHORITY_KEYID; - -/* Strong extranet structures */ - -typedef struct SXNET_ID_st { - ASN1_INTEGER *zone; - ASN1_OCTET_STRING *user; -} SXNETID; - -DECLARE_STACK_OF(SXNETID) -DECLARE_ASN1_SET_OF(SXNETID) - -typedef struct SXNET_st { - ASN1_INTEGER *version; - STACK_OF(SXNETID) *ids; -} SXNET; - -typedef struct NOTICEREF_st { - ASN1_STRING *organization; - STACK_OF(ASN1_INTEGER) *noticenos; -} NOTICEREF; - -typedef struct USERNOTICE_st { - NOTICEREF *noticeref; - ASN1_STRING *exptext; -} USERNOTICE; - -typedef struct POLICYQUALINFO_st { - ASN1_OBJECT *pqualid; - union { - ASN1_IA5STRING *cpsuri; - USERNOTICE *usernotice; - ASN1_TYPE *other; - } d; -} POLICYQUALINFO; - -DECLARE_STACK_OF(POLICYQUALINFO) -DECLARE_ASN1_SET_OF(POLICYQUALINFO) - -typedef struct POLICYINFO_st { - ASN1_OBJECT *policyid; - STACK_OF(POLICYQUALINFO) *qualifiers; -} POLICYINFO; - -DECLARE_STACK_OF(POLICYINFO) -DECLARE_ASN1_SET_OF(POLICYINFO) - -#define X509V3_conf_err(val) ERR_add_error_data(6, "section:", val->section, \ -",name:", val->name, ",value:", val->value); - -#define X509V3_set_ctx_test(ctx) \ - X509V3_set_ctx(ctx, NULL, NULL, NULL, NULL, CTX_TEST) -#define X509V3_set_ctx_nodb(ctx) ctx->db = NULL; - -#define EXT_BITSTRING(nid, table) { nid, 0, \ - (X509V3_EXT_NEW)ASN1_BIT_STRING_new, \ - (X509V3_EXT_FREE)ASN1_BIT_STRING_free, \ - (X509V3_EXT_D2I)d2i_ASN1_BIT_STRING, \ - (X509V3_EXT_I2D)i2d_ASN1_BIT_STRING, \ - NULL, NULL, \ - (X509V3_EXT_I2V)i2v_ASN1_BIT_STRING, \ - (X509V3_EXT_V2I)v2i_ASN1_BIT_STRING, \ - NULL, NULL, \ - (char *)table} - -#define EXT_IA5STRING(nid) { nid, 0, \ - (X509V3_EXT_NEW)ASN1_IA5STRING_new, \ - (X509V3_EXT_FREE)ASN1_IA5STRING_free, \ - (X509V3_EXT_D2I)d2i_ASN1_IA5STRING, \ - (X509V3_EXT_I2D)i2d_ASN1_IA5STRING, \ - (X509V3_EXT_I2S)i2s_ASN1_IA5STRING, \ - (X509V3_EXT_S2I)s2i_ASN1_IA5STRING, \ - NULL, NULL, NULL, NULL, \ - NULL} - -#define EXT_END { -1, 0, NULL, NULL, NULL, NULL, NULL, NULL, \ - NULL, NULL, NULL, NULL, \ - NULL} - - -/* X509_PURPOSE stuff */ - -#define EXFLAG_BCONS 0x1 -#define EXFLAG_KUSAGE 0x2 -#define EXFLAG_XKUSAGE 0x4 -#define EXFLAG_NSCERT 0x8 - -#define EXFLAG_CA 0x10 -#define EXFLAG_SS 0x20 -#define EXFLAG_V1 0x40 -#define EXFLAG_INVALID 0x80 -#define EXFLAG_SET 0x100 - -#define KU_DIGITAL_SIGNATURE 0x0080 -#define KU_NON_REPUDIATION 0x0040 -#define KU_KEY_ENCIPHERMENT 0x0020 -#define KU_DATA_ENCIPHERMENT 0x0010 -#define KU_KEY_AGREEMENT 0x0008 -#define KU_KEY_CERT_SIGN 0x0004 -#define KU_CRL_SIGN 0x0002 -#define KU_ENCIPHER_ONLY 0x0001 -#define KU_DECIPHER_ONLY 0x8000 - -#define NS_SSL_CLIENT 0x80 -#define NS_SSL_SERVER 0x40 -#define NS_SMIME 0x20 -#define NS_OBJSIGN 0x10 -#define NS_SSL_CA 0x04 -#define NS_SMIME_CA 0x02 -#define NS_OBJSIGN_CA 0x01 - -#define XKU_SSL_SERVER 0x1 -#define XKU_SSL_CLIENT 0x2 -#define XKU_SMIME 0x4 -#define XKU_CODE_SIGN 0x8 -#define XKU_SGC 0x10 - -#define X509_PURPOSE_DYNAMIC 0x1 -#define X509_PURPOSE_DYNAMIC_NAME 0x2 - -typedef struct x509_purpose_st { - int purpose; - int trust; /* Default trust ID */ - int flags; - int (*check_purpose)(const struct x509_purpose_st *, - const X509 *, int); - char *name; - char *sname; - void *usr_data; -} X509_PURPOSE; - -#define X509_PURPOSE_SSL_CLIENT 1 -#define X509_PURPOSE_SSL_SERVER 2 -#define X509_PURPOSE_NS_SSL_SERVER 3 -#define X509_PURPOSE_SMIME_SIGN 4 -#define X509_PURPOSE_SMIME_ENCRYPT 5 -#define X509_PURPOSE_CRL_SIGN 6 -#define X509_PURPOSE_ANY 7 - -#define X509_PURPOSE_MIN 1 -#define X509_PURPOSE_MAX 7 - -DECLARE_STACK_OF(X509_PURPOSE) - -void ERR_load_X509V3_strings(void); -int i2d_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS *a, unsigned char **pp); -BASIC_CONSTRAINTS *d2i_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS **a, unsigned char **pp, long length); -BASIC_CONSTRAINTS *BASIC_CONSTRAINTS_new(void); -void BASIC_CONSTRAINTS_free(BASIC_CONSTRAINTS *a); - -int i2d_GENERAL_NAME(GENERAL_NAME *a, unsigned char **pp); -GENERAL_NAME *d2i_GENERAL_NAME(GENERAL_NAME **a, unsigned char **pp, long length); -GENERAL_NAME *GENERAL_NAME_new(void); -void GENERAL_NAME_free(GENERAL_NAME *a); -STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method, GENERAL_NAME *gen, STACK_OF(CONF_VALUE) *ret); - -int i2d_SXNET(SXNET *a, unsigned char **pp); -SXNET *d2i_SXNET(SXNET **a, unsigned char **pp, long length); -SXNET *SXNET_new(void); -void SXNET_free(SXNET *a); - -int i2d_SXNETID(SXNETID *a, unsigned char **pp); -SXNETID *d2i_SXNETID(SXNETID **a, unsigned char **pp, long length); -SXNETID *SXNETID_new(void); -void SXNETID_free(SXNETID *a); - -int SXNET_add_id_asc(SXNET **psx, char *zone, char *user, int userlen); -int SXNET_add_id_ulong(SXNET **psx, unsigned long lzone, char *user, int userlen); -int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *izone, char *user, int userlen); - -ASN1_OCTET_STRING *SXNET_get_id_asc(SXNET *sx, char *zone); -ASN1_OCTET_STRING *SXNET_get_id_ulong(SXNET *sx, unsigned long lzone); -ASN1_OCTET_STRING *SXNET_get_id_INTEGER(SXNET *sx, ASN1_INTEGER *zone); - -int i2d_AUTHORITY_KEYID(AUTHORITY_KEYID *a, unsigned char **pp); -AUTHORITY_KEYID *d2i_AUTHORITY_KEYID(AUTHORITY_KEYID **a, unsigned char **pp, long length); -AUTHORITY_KEYID *AUTHORITY_KEYID_new(void); -void AUTHORITY_KEYID_free(AUTHORITY_KEYID *a); - -int i2d_PKEY_USAGE_PERIOD(PKEY_USAGE_PERIOD *a, unsigned char **pp); -PKEY_USAGE_PERIOD *d2i_PKEY_USAGE_PERIOD(PKEY_USAGE_PERIOD **a, unsigned char **pp, long length); -PKEY_USAGE_PERIOD *PKEY_USAGE_PERIOD_new(void); -void PKEY_USAGE_PERIOD_free(PKEY_USAGE_PERIOD *a); - -STACK_OF(GENERAL_NAME) *GENERAL_NAMES_new(void); -void GENERAL_NAMES_free(STACK_OF(GENERAL_NAME) *a); -STACK_OF(GENERAL_NAME) *d2i_GENERAL_NAMES(STACK_OF(GENERAL_NAME) **a, unsigned char **pp, long length); -int i2d_GENERAL_NAMES(STACK_OF(GENERAL_NAME) *a, unsigned char **pp); -STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method, - STACK_OF(GENERAL_NAME) *gen, STACK_OF(CONF_VALUE) *extlist); -STACK_OF(GENERAL_NAME) *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); - -int i2d_OTHERNAME(OTHERNAME *a, unsigned char **pp); -OTHERNAME *OTHERNAME_new(void); -OTHERNAME *d2i_OTHERNAME(OTHERNAME **a, unsigned char **pp, long length); -void OTHERNAME_free(OTHERNAME *a); - -char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *ia5); -ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str); - -int i2d_ext_ku(STACK_OF(ASN1_OBJECT) *a, unsigned char **pp); -STACK_OF(ASN1_OBJECT) *d2i_ext_ku(STACK_OF(ASN1_OBJECT) **a, - unsigned char **pp, long length); -void ext_ku_free(STACK_OF(ASN1_OBJECT) *a); -STACK_OF(ASN1_OBJECT) *ext_ku_new(void); - -int i2d_CERTIFICATEPOLICIES(STACK_OF(POLICYINFO) *a, unsigned char **pp); -STACK_OF(POLICYINFO) *CERTIFICATEPOLICIES_new(void); -void CERTIFICATEPOLICIES_free(STACK_OF(POLICYINFO) *a); -STACK_OF(POLICYINFO) *d2i_CERTIFICATEPOLICIES(STACK_OF(POLICYINFO) **a, unsigned char **pp, long length); - -int i2d_POLICYINFO(POLICYINFO *a, unsigned char **pp); -POLICYINFO *POLICYINFO_new(void); -POLICYINFO *d2i_POLICYINFO(POLICYINFO **a, unsigned char **pp, long length); -void POLICYINFO_free(POLICYINFO *a); - -int i2d_POLICYQUALINFO(POLICYQUALINFO *a, unsigned char **pp); -POLICYQUALINFO *POLICYQUALINFO_new(void); -POLICYQUALINFO *d2i_POLICYQUALINFO(POLICYQUALINFO **a, unsigned char **pp, - long length); -void POLICYQUALINFO_free(POLICYQUALINFO *a); - -int i2d_USERNOTICE(USERNOTICE *a, unsigned char **pp); -USERNOTICE *USERNOTICE_new(void); -USERNOTICE *d2i_USERNOTICE(USERNOTICE **a, unsigned char **pp, long length); -void USERNOTICE_free(USERNOTICE *a); - -int i2d_NOTICEREF(NOTICEREF *a, unsigned char **pp); -NOTICEREF *NOTICEREF_new(void); -NOTICEREF *d2i_NOTICEREF(NOTICEREF **a, unsigned char **pp, long length); -void NOTICEREF_free(NOTICEREF *a); - -int i2d_CRL_DIST_POINTS(STACK_OF(DIST_POINT) *a, unsigned char **pp); -STACK_OF(DIST_POINT) *CRL_DIST_POINTS_new(void); -void CRL_DIST_POINTS_free(STACK_OF(DIST_POINT) *a); -STACK_OF(DIST_POINT) *d2i_CRL_DIST_POINTS(STACK_OF(DIST_POINT) **a, - unsigned char **pp,long length); - -int i2d_DIST_POINT(DIST_POINT *a, unsigned char **pp); -DIST_POINT *DIST_POINT_new(void); -DIST_POINT *d2i_DIST_POINT(DIST_POINT **a, unsigned char **pp, long length); -void DIST_POINT_free(DIST_POINT *a); - -int i2d_DIST_POINT_NAME(DIST_POINT_NAME *a, unsigned char **pp); -DIST_POINT_NAME *DIST_POINT_NAME_new(void); -void DIST_POINT_NAME_free(DIST_POINT_NAME *a); -DIST_POINT_NAME *d2i_DIST_POINT_NAME(DIST_POINT_NAME **a, unsigned char **pp, - long length); - -int i2d_ACCESS_DESCRIPTION(ACCESS_DESCRIPTION *a, unsigned char **pp); -ACCESS_DESCRIPTION *ACCESS_DESCRIPTION_new(void); -void ACCESS_DESCRIPTION_free(ACCESS_DESCRIPTION *a); -ACCESS_DESCRIPTION *d2i_ACCESS_DESCRIPTION(ACCESS_DESCRIPTION **a, unsigned char **pp, - long length); - -STACK_OF(ACCESS_DESCRIPTION) *AUTHORITY_INFO_ACCESS_new(void); -void AUTHORITY_INFO_ACCESS_free(STACK_OF(ACCESS_DESCRIPTION) *a); -STACK_OF(ACCESS_DESCRIPTION) *d2i_AUTHORITY_INFO_ACCESS(STACK_OF(ACCESS_DESCRIPTION) **a, - unsigned char **pp, long length); -int i2d_AUTHORITY_INFO_ACCESS(STACK_OF(ACCESS_DESCRIPTION) *a, unsigned char **pp); - - - -#ifdef HEADER_CONF_H -GENERAL_NAME *v2i_GENERAL_NAME(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, CONF_VALUE *cnf); -void X509V3_conf_free(CONF_VALUE *val); -X509_EXTENSION *X509V3_EXT_conf_nid(LHASH *conf, X509V3_CTX *ctx, int ext_nid, char *value); -X509_EXTENSION *X509V3_EXT_conf(LHASH *conf, X509V3_CTX *ctx, char *name, char *value); -int X509V3_EXT_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, X509 *cert); -int X509V3_EXT_REQ_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, X509_REQ *req); -int X509V3_EXT_CRL_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, X509_CRL *crl); -int X509V3_add_value_bool_nf(char *name, int asn1_bool, - STACK_OF(CONF_VALUE) **extlist); -int X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool); -int X509V3_get_value_int(CONF_VALUE *value, ASN1_INTEGER **aint); -void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH *lhash); -#endif - -char * X509V3_get_string(X509V3_CTX *ctx, char *name, char *section); -STACK_OF(CONF_VALUE) * X509V3_get_section(X509V3_CTX *ctx, char *section); -void X509V3_string_free(X509V3_CTX *ctx, char *str); -void X509V3_section_free( X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *section); -void X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subject, - X509_REQ *req, X509_CRL *crl, int flags); - -int X509V3_add_value(const char *name, const char *value, - STACK_OF(CONF_VALUE) **extlist); -int X509V3_add_value_uchar(const char *name, const unsigned char *value, - STACK_OF(CONF_VALUE) **extlist); -int X509V3_add_value_bool(const char *name, int asn1_bool, - STACK_OF(CONF_VALUE) **extlist); -int X509V3_add_value_int(const char *name, ASN1_INTEGER *aint, - STACK_OF(CONF_VALUE) **extlist); -char * i2s_ASN1_INTEGER(X509V3_EXT_METHOD *meth, ASN1_INTEGER *aint); -ASN1_INTEGER * s2i_ASN1_INTEGER(X509V3_EXT_METHOD *meth, char *value); -char * i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *meth, ASN1_ENUMERATED *aint); -char * i2s_ASN1_ENUMERATED_TABLE(X509V3_EXT_METHOD *meth, ASN1_ENUMERATED *aint); -int X509V3_EXT_add(X509V3_EXT_METHOD *ext); -int X509V3_EXT_add_list(X509V3_EXT_METHOD *extlist); -int X509V3_EXT_add_alias(int nid_to, int nid_from); -void X509V3_EXT_cleanup(void); - -X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *ext); -X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid); -int X509V3_add_standard_extensions(void); -STACK_OF(CONF_VALUE) *X509V3_parse_list(char *line); -void *X509V3_EXT_d2i(X509_EXTENSION *ext); -void *X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit, int *idx); - -X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc); - -char *hex_to_string(unsigned char *buffer, long len); -unsigned char *string_to_hex(char *str, long *len); -int name_cmp(const char *name, const char *cmp); - -void X509V3_EXT_val_prn(BIO *out, STACK_OF(CONF_VALUE) *val, int indent, - int ml); -int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, int flag, int indent); -int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag, int indent); - -int X509_check_purpose(X509 *x, int id, int ca); -int X509_check_issued(X509 *issuer, X509 *subject); -int X509_PURPOSE_get_count(void); -X509_PURPOSE * X509_PURPOSE_get0(int idx); -int X509_PURPOSE_get_by_sname(char *sname); -int X509_PURPOSE_get_by_id(int id); -int X509_PURPOSE_add(int id, int trust, int flags, - int (*ck)(const X509_PURPOSE *, const X509 *, int), - char *name, char *sname, void *arg); -char *X509_PURPOSE_get0_name(X509_PURPOSE *xp); -char *X509_PURPOSE_get0_sname(X509_PURPOSE *xp); -int X509_PURPOSE_get_trust(X509_PURPOSE *xp); -void X509_PURPOSE_cleanup(void); -int X509_PURPOSE_get_id(X509_PURPOSE *); - -STACK *X509_get1_email(X509 *x); -STACK *X509_REQ_get1_email(X509_REQ *x); -void X509_email_free(STACK *sk); - - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ - -/* Error codes for the X509V3 functions. */ - -/* Function codes. */ -#define X509V3_F_COPY_EMAIL 122 -#define X509V3_F_COPY_ISSUER 123 -#define X509V3_F_DO_EXT_CONF 124 -#define X509V3_F_DO_EXT_I2D 135 -#define X509V3_F_HEX_TO_STRING 111 -#define X509V3_F_I2S_ASN1_ENUMERATED 121 -#define X509V3_F_I2S_ASN1_INTEGER 120 -#define X509V3_F_I2V_AUTHORITY_INFO_ACCESS 138 -#define X509V3_F_NOTICE_SECTION 132 -#define X509V3_F_NREF_NOS 133 -#define X509V3_F_POLICY_SECTION 131 -#define X509V3_F_R2I_CERTPOL 130 -#define X509V3_F_S2I_ASN1_IA5STRING 100 -#define X509V3_F_S2I_ASN1_INTEGER 108 -#define X509V3_F_S2I_ASN1_OCTET_STRING 112 -#define X509V3_F_S2I_ASN1_SKEY_ID 114 -#define X509V3_F_S2I_S2I_SKEY_ID 115 -#define X509V3_F_STRING_TO_HEX 113 -#define X509V3_F_SXNET_ADD_ASC 125 -#define X509V3_F_SXNET_ADD_ID_INTEGER 126 -#define X509V3_F_SXNET_ADD_ID_ULONG 127 -#define X509V3_F_SXNET_GET_ID_ASC 128 -#define X509V3_F_SXNET_GET_ID_ULONG 129 -#define X509V3_F_V2I_ACCESS_DESCRIPTION 139 -#define X509V3_F_V2I_ASN1_BIT_STRING 101 -#define X509V3_F_V2I_AUTHORITY_KEYID 119 -#define X509V3_F_V2I_BASIC_CONSTRAINTS 102 -#define X509V3_F_V2I_CRLD 134 -#define X509V3_F_V2I_EXT_KU 103 -#define X509V3_F_V2I_GENERAL_NAME 117 -#define X509V3_F_V2I_GENERAL_NAMES 118 -#define X509V3_F_V3_GENERIC_EXTENSION 116 -#define X509V3_F_X509V3_ADD_VALUE 105 -#define X509V3_F_X509V3_EXT_ADD 104 -#define X509V3_F_X509V3_EXT_ADD_ALIAS 106 -#define X509V3_F_X509V3_EXT_CONF 107 -#define X509V3_F_X509V3_EXT_I2D 136 -#define X509V3_F_X509V3_GET_VALUE_BOOL 110 -#define X509V3_F_X509V3_PARSE_LIST 109 -#define X509V3_F_X509_PURPOSE_ADD 137 - -/* Reason codes. */ -#define X509V3_R_BAD_IP_ADDRESS 118 -#define X509V3_R_BAD_OBJECT 119 -#define X509V3_R_BN_DEC2BN_ERROR 100 -#define X509V3_R_BN_TO_ASN1_INTEGER_ERROR 101 -#define X509V3_R_DUPLICATE_ZONE_ID 133 -#define X509V3_R_ERROR_CONVERTING_ZONE 131 -#define X509V3_R_ERROR_IN_EXTENSION 128 -#define X509V3_R_EXPECTED_A_SECTION_NAME 137 -#define X509V3_R_EXTENSION_NAME_ERROR 115 -#define X509V3_R_EXTENSION_NOT_FOUND 102 -#define X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED 103 -#define X509V3_R_EXTENSION_VALUE_ERROR 116 -#define X509V3_R_ILLEGAL_HEX_DIGIT 113 -#define X509V3_R_INVALID_BOOLEAN_STRING 104 -#define X509V3_R_INVALID_EXTENSION_STRING 105 -#define X509V3_R_INVALID_NAME 106 -#define X509V3_R_INVALID_NULL_ARGUMENT 107 -#define X509V3_R_INVALID_NULL_NAME 108 -#define X509V3_R_INVALID_NULL_VALUE 109 -#define X509V3_R_INVALID_NUMBER 140 -#define X509V3_R_INVALID_NUMBERS 141 -#define X509V3_R_INVALID_OBJECT_IDENTIFIER 110 -#define X509V3_R_INVALID_OPTION 138 -#define X509V3_R_INVALID_POLICY_IDENTIFIER 134 -#define X509V3_R_INVALID_SECTION 135 -#define X509V3_R_INVALID_SYNTAX 143 -#define X509V3_R_ISSUER_DECODE_ERROR 126 -#define X509V3_R_MISSING_VALUE 124 -#define X509V3_R_NEED_ORGANIZATION_AND_NUMBERS 142 -#define X509V3_R_NO_CONFIG_DATABASE 136 -#define X509V3_R_NO_ISSUER_CERTIFICATE 121 -#define X509V3_R_NO_ISSUER_DETAILS 127 -#define X509V3_R_NO_POLICY_IDENTIFIER 139 -#define X509V3_R_NO_PUBLIC_KEY 114 -#define X509V3_R_NO_SUBJECT_DETAILS 125 -#define X509V3_R_ODD_NUMBER_OF_DIGITS 112 -#define X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS 122 -#define X509V3_R_UNABLE_TO_GET_ISSUER_KEYID 123 -#define X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT 111 -#define X509V3_R_UNKNOWN_EXTENSION 129 -#define X509V3_R_UNKNOWN_EXTENSION_NAME 130 -#define X509V3_R_UNKNOWN_OPTION 120 -#define X509V3_R_UNSUPPORTED_OPTION 117 -#define X509V3_R_USER_TOO_LONG 132 - -#ifdef __cplusplus -} -#endif -#endif - diff --git a/src/lib/libssl/LICENSE b/src/lib/libssl/LICENSE deleted file mode 100644 index bdd5f7bdd0..0000000000 --- a/src/lib/libssl/LICENSE +++ /dev/null @@ -1,127 +0,0 @@ - - LICENSE ISSUES - ============== - - The OpenSSL toolkit stays under a dual license, i.e. both the conditions of - the OpenSSL License and the original SSLeay license apply to the toolkit. - See below for the actual license texts. Actually both licenses are BSD-style - Open Source licenses. In case of any license issues related to OpenSSL - please contact openssl-core@openssl.org. - - OpenSSL License - --------------- - -/* ==================================================================== - * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - - Original SSLeay License - ----------------------- - -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - diff --git a/src/lib/libssl/bio_ssl.c b/src/lib/libssl/bio_ssl.c deleted file mode 100644 index d85555a7e6..0000000000 --- a/src/lib/libssl/bio_ssl.c +++ /dev/null @@ -1,586 +0,0 @@ -/* ssl/bio_ssl.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include -#include -#include -#include -#include - -static int ssl_write(BIO *h, const char *buf, int num); -static int ssl_read(BIO *h, char *buf, int size); -static int ssl_puts(BIO *h, const char *str); -static long ssl_ctrl(BIO *h, int cmd, long arg1, void *arg2); -static int ssl_new(BIO *h); -static int ssl_free(BIO *data); -static long ssl_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp); -typedef struct bio_ssl_st - { - SSL *ssl; /* The ssl handle :-) */ - /* re-negotiate every time the total number of bytes is this size */ - int num_renegotiates; - unsigned long renegotiate_count; - unsigned long byte_count; - unsigned long renegotiate_timeout; - unsigned long last_time; - } BIO_SSL; - -static BIO_METHOD methods_sslp= - { - BIO_TYPE_SSL,"ssl", - ssl_write, - ssl_read, - ssl_puts, - NULL, /* ssl_gets, */ - ssl_ctrl, - ssl_new, - ssl_free, - ssl_callback_ctrl, - }; - -BIO_METHOD *BIO_f_ssl(void) - { - return(&methods_sslp); - } - -static int ssl_new(BIO *bi) - { - BIO_SSL *bs; - - bs=(BIO_SSL *)OPENSSL_malloc(sizeof(BIO_SSL)); - if (bs == NULL) - { - BIOerr(BIO_F_SSL_NEW,ERR_R_MALLOC_FAILURE); - return(0); - } - memset(bs,0,sizeof(BIO_SSL)); - bi->init=0; - bi->ptr=(char *)bs; - bi->flags=0; - return(1); - } - -static int ssl_free(BIO *a) - { - BIO_SSL *bs; - - if (a == NULL) return(0); - bs=(BIO_SSL *)a->ptr; - if (bs->ssl != NULL) SSL_shutdown(bs->ssl); - if (a->shutdown) - { - if (a->init && (bs->ssl != NULL)) - SSL_free(bs->ssl); - a->init=0; - a->flags=0; - } - if (a->ptr != NULL) - OPENSSL_free(a->ptr); - return(1); - } - -static int ssl_read(BIO *b, char *out, int outl) - { - int ret=1; - BIO_SSL *sb; - SSL *ssl; - int retry_reason=0; - int r=0; - - if (out == NULL) return(0); - sb=(BIO_SSL *)b->ptr; - ssl=sb->ssl; - - BIO_clear_retry_flags(b); - -#if 0 - if (!SSL_is_init_finished(ssl)) - { -/* ret=SSL_do_handshake(ssl); */ - if (ret > 0) - { - - outflags=(BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY); - ret= -1; - goto end; - } - } -#endif -/* if (ret > 0) */ - ret=SSL_read(ssl,out,outl); - - switch (SSL_get_error(ssl,ret)) - { - case SSL_ERROR_NONE: - if (ret <= 0) break; - if (sb->renegotiate_count > 0) - { - sb->byte_count+=ret; - if (sb->byte_count > sb->renegotiate_count) - { - sb->byte_count=0; - sb->num_renegotiates++; - SSL_renegotiate(ssl); - r=1; - } - } - if ((sb->renegotiate_timeout > 0) && (!r)) - { - unsigned long tm; - - tm=(unsigned long)time(NULL); - if (tm > sb->last_time+sb->renegotiate_timeout) - { - sb->last_time=tm; - sb->num_renegotiates++; - SSL_renegotiate(ssl); - } - } - - break; - case SSL_ERROR_WANT_READ: - BIO_set_retry_read(b); - break; - case SSL_ERROR_WANT_WRITE: - BIO_set_retry_write(b); - break; - case SSL_ERROR_WANT_X509_LOOKUP: - BIO_set_retry_special(b); - retry_reason=BIO_RR_SSL_X509_LOOKUP; - break; - case SSL_ERROR_WANT_CONNECT: - BIO_set_retry_special(b); - retry_reason=BIO_RR_CONNECT; - break; - case SSL_ERROR_SYSCALL: - case SSL_ERROR_SSL: - case SSL_ERROR_ZERO_RETURN: - default: - break; - } - - b->retry_reason=retry_reason; - return(ret); - } - -static int ssl_write(BIO *b, const char *out, int outl) - { - int ret,r=0; - int retry_reason=0; - SSL *ssl; - BIO_SSL *bs; - - if (out == NULL) return(0); - bs=(BIO_SSL *)b->ptr; - ssl=bs->ssl; - - BIO_clear_retry_flags(b); - -/* ret=SSL_do_handshake(ssl); - if (ret > 0) */ - ret=SSL_write(ssl,out,outl); - - switch (SSL_get_error(ssl,ret)) - { - case SSL_ERROR_NONE: - if (ret <= 0) break; - if (bs->renegotiate_count > 0) - { - bs->byte_count+=ret; - if (bs->byte_count > bs->renegotiate_count) - { - bs->byte_count=0; - bs->num_renegotiates++; - SSL_renegotiate(ssl); - r=1; - } - } - if ((bs->renegotiate_timeout > 0) && (!r)) - { - unsigned long tm; - - tm=(unsigned long)time(NULL); - if (tm > bs->last_time+bs->renegotiate_timeout) - { - bs->last_time=tm; - bs->num_renegotiates++; - SSL_renegotiate(ssl); - } - } - break; - case SSL_ERROR_WANT_WRITE: - BIO_set_retry_write(b); - break; - case SSL_ERROR_WANT_READ: - BIO_set_retry_read(b); - break; - case SSL_ERROR_WANT_X509_LOOKUP: - BIO_set_retry_special(b); - retry_reason=BIO_RR_SSL_X509_LOOKUP; - break; - case SSL_ERROR_WANT_CONNECT: - BIO_set_retry_special(b); - retry_reason=BIO_RR_CONNECT; - case SSL_ERROR_SYSCALL: - case SSL_ERROR_SSL: - default: - break; - } - - b->retry_reason=retry_reason; - return(ret); - } - -static long ssl_ctrl(BIO *b, int cmd, long num, void *ptr) - { - SSL **sslp,*ssl; - BIO_SSL *bs; - BIO *dbio,*bio; - long ret=1; - - bs=(BIO_SSL *)b->ptr; - ssl=bs->ssl; - if ((ssl == NULL) && (cmd != BIO_C_SET_SSL)) - return(0); - switch (cmd) - { - case BIO_CTRL_RESET: - SSL_shutdown(ssl); - - if (ssl->handshake_func == ssl->method->ssl_connect) - SSL_set_connect_state(ssl); - else if (ssl->handshake_func == ssl->method->ssl_accept) - SSL_set_accept_state(ssl); - - SSL_clear(ssl); - - if (b->next_bio != NULL) - ret=BIO_ctrl(b->next_bio,cmd,num,ptr); - else if (ssl->rbio != NULL) - ret=BIO_ctrl(ssl->rbio,cmd,num,ptr); - else - ret=1; - break; - case BIO_CTRL_INFO: - ret=0; - break; - case BIO_C_SSL_MODE: - if (num) /* client mode */ - SSL_set_connect_state(ssl); - else - SSL_set_accept_state(ssl); - break; - case BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT: - ret=bs->renegotiate_timeout; - if (num < 60) num=5; - bs->renegotiate_timeout=(unsigned long)num; - bs->last_time=(unsigned long)time(NULL); - break; - case BIO_C_SET_SSL_RENEGOTIATE_BYTES: - ret=bs->renegotiate_count; - if ((long)num >=512) - bs->renegotiate_count=(unsigned long)num; - break; - case BIO_C_GET_SSL_NUM_RENEGOTIATES: - ret=bs->num_renegotiates; - break; - case BIO_C_SET_SSL: - if (ssl != NULL) - ssl_free(b); - b->shutdown=(int)num; - ssl=(SSL *)ptr; - ((BIO_SSL *)b->ptr)->ssl=ssl; - bio=SSL_get_rbio(ssl); - if (bio != NULL) - { - if (b->next_bio != NULL) - BIO_push(bio,b->next_bio); - b->next_bio=bio; - CRYPTO_add(&bio->references,1,CRYPTO_LOCK_BIO); - } - b->init=1; - break; - case BIO_C_GET_SSL: - if (ptr != NULL) - { - sslp=(SSL **)ptr; - *sslp=ssl; - } - else - ret=0; - break; - case BIO_CTRL_GET_CLOSE: - ret=b->shutdown; - break; - case BIO_CTRL_SET_CLOSE: - b->shutdown=(int)num; - break; - case BIO_CTRL_WPENDING: - ret=BIO_ctrl(ssl->wbio,cmd,num,ptr); - break; - case BIO_CTRL_PENDING: - ret=SSL_pending(ssl); - if (ret == 0) - ret=BIO_pending(ssl->rbio); - break; - case BIO_CTRL_FLUSH: - BIO_clear_retry_flags(b); - ret=BIO_ctrl(ssl->wbio,cmd,num,ptr); - BIO_copy_next_retry(b); - break; - case BIO_CTRL_PUSH: - if ((b->next_bio != NULL) && (b->next_bio != ssl->rbio)) - { - SSL_set_bio(ssl,b->next_bio,b->next_bio); - CRYPTO_add(&b->next_bio->references,1,CRYPTO_LOCK_BIO); - } - break; - case BIO_CTRL_POP: - /* ugly bit of a hack */ - if (ssl->rbio != ssl->wbio) /* we are in trouble :-( */ - { - BIO_free_all(ssl->wbio); - } - ssl->wbio=NULL; - ssl->rbio=NULL; - break; - case BIO_C_DO_STATE_MACHINE: - BIO_clear_retry_flags(b); - - b->retry_reason=0; - ret=(int)SSL_do_handshake(ssl); - - switch (SSL_get_error(ssl,(int)ret)) - { - case SSL_ERROR_WANT_READ: - BIO_set_flags(b, - BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY); - break; - case SSL_ERROR_WANT_WRITE: - BIO_set_flags(b, - BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY); - break; - case SSL_ERROR_WANT_CONNECT: - BIO_set_flags(b, - BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY); - b->retry_reason=b->next_bio->retry_reason; - break; - default: - break; - } - break; - case BIO_CTRL_DUP: - dbio=(BIO *)ptr; - if (((BIO_SSL *)dbio->ptr)->ssl != NULL) - SSL_free(((BIO_SSL *)dbio->ptr)->ssl); - ((BIO_SSL *)dbio->ptr)->ssl=SSL_dup(ssl); - ((BIO_SSL *)dbio->ptr)->renegotiate_count= - ((BIO_SSL *)b->ptr)->renegotiate_count; - ((BIO_SSL *)dbio->ptr)->byte_count= - ((BIO_SSL *)b->ptr)->byte_count; - ((BIO_SSL *)dbio->ptr)->renegotiate_timeout= - ((BIO_SSL *)b->ptr)->renegotiate_timeout; - ((BIO_SSL *)dbio->ptr)->last_time= - ((BIO_SSL *)b->ptr)->last_time; - ret=(((BIO_SSL *)dbio->ptr)->ssl != NULL); - break; - case BIO_C_GET_FD: - ret=BIO_ctrl(ssl->rbio,cmd,num,ptr); - break; - case BIO_CTRL_SET_CALLBACK: - { -#if 0 /* FIXME: Should this be used? -- Richard Levitte */ - BIOerr(SSL_F_SSL_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); - ret = -1; -#else - ret=0; -#endif - } - break; - case BIO_CTRL_GET_CALLBACK: - { - void (**fptr)(); - - fptr=(void (**)())ptr; - *fptr=SSL_get_info_callback(ssl); - } - break; - default: - ret=BIO_ctrl(ssl->rbio,cmd,num,ptr); - break; - } - return(ret); - } - -static long ssl_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp) - { - SSL *ssl; - BIO_SSL *bs; - long ret=1; - - bs=(BIO_SSL *)b->ptr; - ssl=bs->ssl; - switch (cmd) - { - case BIO_CTRL_SET_CALLBACK: - { - SSL_set_info_callback(ssl,fp); - } - break; - default: - ret=BIO_callback_ctrl(ssl->rbio,cmd,fp); - break; - } - return(ret); - } - -static int ssl_puts(BIO *bp, const char *str) - { - int n,ret; - - n=strlen(str); - ret=BIO_write(bp,str,n); - return(ret); - } - -BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx) - { - BIO *ret=NULL,*buf=NULL,*ssl=NULL; - - if ((buf=BIO_new(BIO_f_buffer())) == NULL) - return(NULL); - if ((ssl=BIO_new_ssl_connect(ctx)) == NULL) - goto err; - if ((ret=BIO_push(buf,ssl)) == NULL) - goto err; - return(ret); -err: - if (buf != NULL) BIO_free(buf); - if (ssl != NULL) BIO_free(ssl); - return(NULL); - } - -BIO *BIO_new_ssl_connect(SSL_CTX *ctx) - { - BIO *ret=NULL,*con=NULL,*ssl=NULL; - - if ((con=BIO_new(BIO_s_connect())) == NULL) - return(NULL); - if ((ssl=BIO_new_ssl(ctx,1)) == NULL) - goto err; - if ((ret=BIO_push(ssl,con)) == NULL) - goto err; - return(ret); -err: - if (con != NULL) BIO_free(con); - if (ret != NULL) BIO_free(ret); - return(NULL); - } - -BIO *BIO_new_ssl(SSL_CTX *ctx, int client) - { - BIO *ret; - SSL *ssl; - - if ((ret=BIO_new(BIO_f_ssl())) == NULL) - return(NULL); - if ((ssl=SSL_new(ctx)) == NULL) - { - BIO_free(ret); - return(NULL); - } - if (client) - SSL_set_connect_state(ssl); - else - SSL_set_accept_state(ssl); - - BIO_set_ssl(ret,ssl,BIO_CLOSE); - return(ret); - } - -int BIO_ssl_copy_session_id(BIO *t, BIO *f) - { - t=BIO_find_type(t,BIO_TYPE_SSL); - f=BIO_find_type(f,BIO_TYPE_SSL); - if ((t == NULL) || (f == NULL)) - return(0); - if ( (((BIO_SSL *)t->ptr)->ssl == NULL) || - (((BIO_SSL *)f->ptr)->ssl == NULL)) - return(0); - SSL_copy_session_id(((BIO_SSL *)t->ptr)->ssl,((BIO_SSL *)f->ptr)->ssl); - return(1); - } - -void BIO_ssl_shutdown(BIO *b) - { - SSL *s; - - while (b != NULL) - { - if (b->method->type == BIO_TYPE_SSL) - { - s=((BIO_SSL *)b->ptr)->ssl; - SSL_shutdown(s); - break; - } - b=b->next_bio; - } - } diff --git a/src/lib/libssl/doc/openssl.cnf b/src/lib/libssl/doc/openssl.cnf deleted file mode 100644 index dbe8cbefe0..0000000000 --- a/src/lib/libssl/doc/openssl.cnf +++ /dev/null @@ -1,244 +0,0 @@ -# -# OpenSSL example configuration file. -# This is mostly being used for generation of certificate requests. -# - -# This definition stops the following lines choking if HOME isn't -# defined. -HOME = . -RANDFILE = $ENV::HOME/.rnd - -# Extra OBJECT IDENTIFIER info: -#oid_file = $ENV::HOME/.oid -oid_section = new_oids - -# To use this configuration file with the "-extfile" option of the -# "openssl x509" utility, name here the section containing the -# X.509v3 extensions to use: -# extensions = -# (Alternatively, use a configuration file that has only -# X.509v3 extensions in its main [= default] section.) - -[ new_oids ] - -# We can add new OIDs in here for use by 'ca' and 'req'. -# Add a simple OID like this: -# testoid1=1.2.3.4 -# Or use config file substitution like this: -# testoid2=${testoid1}.5.6 - -#################################################################### -[ ca ] -default_ca = CA_default # The default ca section - -#################################################################### -[ CA_default ] - -dir = ./demoCA # Where everything is kept -certs = $dir/certs # Where the issued certs are kept -crl_dir = $dir/crl # Where the issued crl are kept -database = $dir/index.txt # database index file. -new_certs_dir = $dir/newcerts # default place for new certs. - -certificate = $dir/cacert.pem # The CA certificate -serial = $dir/serial # The current serial number -crl = $dir/crl.pem # The current CRL -private_key = $dir/private/cakey.pem# The private key -RANDFILE = $dir/private/.rand # private random number file - -x509_extensions = usr_cert # The extentions to add to the cert - -# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs -# so this is commented out by default to leave a V1 CRL. -# crl_extensions = crl_ext - -default_days = 365 # how long to certify for -default_crl_days= 30 # how long before next CRL -default_md = md5 # which md to use. -preserve = no # keep passed DN ordering - -# A few difference way of specifying how similar the request should look -# For type CA, the listed attributes must be the same, and the optional -# and supplied fields are just that :-) -policy = policy_match - -# For the CA policy -[ policy_match ] -countryName = match -stateOrProvinceName = match -organizationName = match -organizationalUnitName = optional -commonName = supplied -emailAddress = optional - -# For the 'anything' policy -# At this point in time, you must list all acceptable 'object' -# types. -[ policy_anything ] -countryName = optional -stateOrProvinceName = optional -localityName = optional -organizationName = optional -organizationalUnitName = optional -commonName = supplied -emailAddress = optional - -#################################################################### -[ req ] -default_bits = 1024 -default_keyfile = privkey.pem -distinguished_name = req_distinguished_name -attributes = req_attributes -x509_extensions = v3_ca # The extentions to add to the self signed cert - -# Passwords for private keys if not present they will be prompted for -# input_password = secret -# output_password = secret - -# This sets a mask for permitted string types. There are several options. -# default: PrintableString, T61String, BMPString. -# pkix : PrintableString, BMPString. -# utf8only: only UTF8Strings. -# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings). -# MASK:XXXX a literal mask value. -# WARNING: current versions of Netscape crash on BMPStrings or UTF8Strings -# so use this option with caution! -string_mask = nombstr - -# req_extensions = v3_req # The extensions to add to a certificate request - -[ req_distinguished_name ] -countryName = Country Name (2 letter code) -countryName_default = AU -countryName_min = 2 -countryName_max = 2 - -stateOrProvinceName = State or Province Name (full name) -stateOrProvinceName_default = Some-State - -localityName = Locality Name (eg, city) - -0.organizationName = Organization Name (eg, company) -0.organizationName_default = Internet Widgits Pty Ltd - -# we can do this but it is not needed normally :-) -#1.organizationName = Second Organization Name (eg, company) -#1.organizationName_default = World Wide Web Pty Ltd - -organizationalUnitName = Organizational Unit Name (eg, section) -#organizationalUnitName_default = - -commonName = Common Name (eg, YOUR name) -commonName_max = 64 - -emailAddress = Email Address -emailAddress_max = 40 - -# SET-ex3 = SET extension number 3 - -[ req_attributes ] -challengePassword = A challenge password -challengePassword_min = 4 -challengePassword_max = 20 - -unstructuredName = An optional company name - -[ usr_cert ] - -# These extensions are added when 'ca' signs a request. - -# This goes against PKIX guidelines but some CAs do it and some software -# requires this to avoid interpreting an end user certificate as a CA. - -basicConstraints=CA:FALSE - -# Here are some examples of the usage of nsCertType. If it is omitted -# the certificate can be used for anything *except* object signing. - -# This is OK for an SSL server. -# nsCertType = server - -# For an object signing certificate this would be used. -# nsCertType = objsign - -# For normal client use this is typical -# nsCertType = client, email - -# and for everything including object signing: -# nsCertType = client, email, objsign - -# This is typical in keyUsage for a client certificate. -# keyUsage = nonRepudiation, digitalSignature, keyEncipherment - -# This will be displayed in Netscape's comment listbox. -nsComment = "OpenSSL Generated Certificate" - -# PKIX recommendations harmless if included in all certificates. -subjectKeyIdentifier=hash -authorityKeyIdentifier=keyid,issuer:always - -# This stuff is for subjectAltName and issuerAltname. -# Import the email address. -# subjectAltName=email:copy - -# Copy subject details -# issuerAltName=issuer:copy - -#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem -#nsBaseUrl -#nsRevocationUrl -#nsRenewalUrl -#nsCaPolicyUrl -#nsSslServerName - -[ v3_req ] - -# Extensions to add to a certificate request - -basicConstraints = CA:FALSE -keyUsage = nonRepudiation, digitalSignature, keyEncipherment - -[ v3_ca ] - - -# Extensions for a typical CA - - -# PKIX recommendation. - -subjectKeyIdentifier=hash - -authorityKeyIdentifier=keyid:always,issuer:always - -# This is what PKIX recommends but some broken software chokes on critical -# extensions. -#basicConstraints = critical,CA:true -# So we do this instead. -basicConstraints = CA:true - -# Key usage: this is typical for a CA certificate. However since it will -# prevent it being used as an test self-signed certificate it is best -# left out by default. -# keyUsage = cRLSign, keyCertSign - -# Some might want this also -# nsCertType = sslCA, emailCA - -# Include email address in subject alt name: another PKIX recommendation -# subjectAltName=email:copy -# Copy issuer details -# issuerAltName=issuer:copy - -# DER hex encoding of an extension: beware experts only! -# obj=DER:02:03 -# Where 'obj' is a standard or added object -# You can even override a supported extension: -# basicConstraints= critical, DER:30:03:01:01:FF - -[ crl_ext ] - -# CRL extensions. -# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL. - -# issuerAltName=issuer:copy -authorityKeyIdentifier=keyid:always,issuer:always diff --git a/src/lib/libssl/doc/openssl.txt b/src/lib/libssl/doc/openssl.txt deleted file mode 100644 index 5da519e7e4..0000000000 --- a/src/lib/libssl/doc/openssl.txt +++ /dev/null @@ -1,1235 +0,0 @@ - -This is some preliminary documentation for OpenSSL. - -Contents: - - OpenSSL X509V3 extension configuration - X509V3 Extension code: programmers guide - PKCS#12 Library - - -============================================================================== - OpenSSL X509V3 extension configuration -============================================================================== - -OpenSSL X509V3 extension configuration: preliminary documentation. - -INTRODUCTION. - -For OpenSSL 0.9.2 the extension code has be considerably enhanced. It is now -possible to add and print out common X509 V3 certificate and CRL extensions. - -BEGINNERS NOTE - -For most simple applications you don't need to know too much about extensions: -the default openssl.cnf values will usually do sensible things. - -If you want to know more you can initially quickly look through the sections -describing how the standard OpenSSL utilities display and add extensions and -then the list of supported extensions. - -For more technical information about the meaning of extensions see: - -http://www.imc.org/ietf-pkix/ -http://home.netscape.com/eng/security/certs.html - -PRINTING EXTENSIONS. - -Extension values are automatically printed out for supported extensions. - -openssl x509 -in cert.pem -text -openssl crl -in crl.pem -text - -will give information in the extension printout, for example: - - X509v3 extensions: - X509v3 Basic Constraints: - CA:TRUE - X509v3 Subject Key Identifier: - 73:FE:F7:59:A7:E1:26:84:44:D6:44:36:EE:79:1A:95:7C:B1:4B:15 - X509v3 Authority Key Identifier: - keyid:73:FE:F7:59:A7:E1:26:84:44:D6:44:36:EE:79:1A:95:7C:B1:4B:15, DirName:/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/Email=email@1.address/Email=email@2.address, serial:00 - X509v3 Key Usage: - Certificate Sign, CRL Sign - X509v3 Subject Alternative Name: - email:email@1.address, email:email@2.address - -CONFIGURATION FILES. - -The OpenSSL utilities 'ca' and 'req' can now have extension sections listing -which certificate extensions to include. In each case a line: - -x509_extensions = extension_section - -indicates which section contains the extensions. In the case of 'req' the -extension section is used when the -x509 option is present to create a -self signed root certificate. - -The 'x509' utility also supports extensions when it signs a certificate. -The -extfile option is used to set the configuration file containing the -extensions. In this case a line with: - -extensions = extension_section - -in the nameless (default) section is used. If no such line is included then -it uses the default section. - -You can also add extensions to CRLs: a line - -crl_extensions = crl_extension_section - -will include extensions when the -gencrl option is used with the 'ca' utility. -You can add any extension to a CRL but of the supported extensions only -issuerAltName and authorityKeyIdentifier make any real sense. Note: these are -CRL extensions NOT CRL *entry* extensions which cannot currently be generated. -CRL entry extensions can be displayed. - -NB. At this time Netscape Communicator rejects V2 CRLs: to get an old V1 CRL -you should not include a crl_extensions line in the configuration file. - -As with all configuration files you can use the inbuilt environment expansion -to allow the values to be passed in the environment. Therefore if you have -several extension sections used for different purposes you can have a line: - -x509_extensions = $ENV::ENV_EXT - -and set the ENV_EXT environment variable before calling the relevant utility. - -EXTENSION SYNTAX. - -Extensions have the basic form: - -extension_name=[critical,] extension_options - -the use of the critical option makes the extension critical. Extreme caution -should be made when using the critical flag. If an extension is marked -as critical then any client that does not understand the extension should -reject it as invalid. Some broken software will reject certificates which -have *any* critical extensions (these violates PKIX but we have to live -with it). - -There are three main types of extension: string extensions, multi-valued -extensions, and raw extensions. - -String extensions simply have a string which contains either the value itself -or how it is obtained. - -For example: - -nsComment="This is a Comment" - -Multi-valued extensions have a short form and a long form. The short form -is a list of names and values: - -basicConstraints=critical,CA:true,pathlen:1 - -The long form allows the values to be placed in a separate section: - -basicConstraints=critical,@bs_section - -[bs_section] - -CA=true -pathlen=1 - -Both forms are equivalent. However it should be noted that in some cases the -same name can appear multiple times, for example, - -subjectAltName=email:steve@here,email:steve@there - -in this case an equivalent long form is: - -subjectAltName=@alt_section - -[alt_section] - -email.1=steve@here -email.2=steve@there - -This is because the configuration file code cannot handle the same name -occurring twice in the same section. - -The syntax of raw extensions is governed by the extension code: it can -for example contain data in multiple sections. The correct syntax to -use is defined by the extension code itself: check out the certificate -policies extension for an example. - -In addition it is also possible to use the word DER to include arbitrary -data in any extension. - -1.2.3.4=critical,DER:01:02:03:04 -1.2.3.4=DER:01020304 - -The value following DER is a hex dump of the DER encoding of the extension -Any extension can be placed in this form to override the default behaviour. -For example: - -basicConstraints=critical,DER:00:01:02:03 - -WARNING: DER should be used with caution. It is possible to create totally -invalid extensions unless care is taken. - -CURRENTLY SUPPORTED EXTENSIONS. - -If you aren't sure about extensions then they can be largely ignored: its only -when you want to do things like restrict certificate usage when you need to -worry about them. - -The only extension that a beginner might want to look at is Basic Constraints. -If in addition you want to try Netscape object signing the you should also -look at Netscape Certificate Type. - -Literal String extensions. - -In each case the 'value' of the extension is placed directly in the -extension. Currently supported extensions in this category are: nsBaseUrl, -nsRevocationUrl, nsCaRevocationUrl, nsRenewalUrl, nsCaPolicyUrl, -nsSslServerName and nsComment. - -For example: - -nsComment="This is a test comment" - -Bit Strings. - -Bit string extensions just consist of a list of supported bits, currently -two extensions are in this category: PKIX keyUsage and the Netscape specific -nsCertType. - -nsCertType (netscape certificate type) takes the flags: client, server, email, -objsign, reserved, sslCA, emailCA, objCA. - -keyUsage (PKIX key usage) takes the flags: digitalSignature, nonRepudiation, -keyEncipherment, dataEncipherment, keyAgreement, keyCertSign, cRLSign, -encipherOnly, decipherOnly. - -For example: - -nsCertType=server - -keyUsage=digitalSignature, nonRepudiation - -Hints on Netscape Certificate Type. - -Other than Basic Constraints this is the only extension a beginner might -want to use, if you want to try Netscape object signing, otherwise it can -be ignored. - -If you want a certificate that can be used just for object signing then: - -nsCertType=objsign - -will do the job. If you want to use it as a normal end user and server -certificate as well then - -nsCertType=objsign,email,server - -is more appropriate. You cannot use a self signed certificate for object -signing (well Netscape signtool can but it cheats!) so you need to create -a CA certificate and sign an end user certificate with it. - -Side note: If you want to conform to the Netscape specifications then you -should really also set: - -nsCertType=objCA - -in the *CA* certificate for just an object signing CA and - -nsCertType=objCA,emailCA,sslCA - -for everything. Current Netscape software doesn't enforce this so it can -be omitted. - -Basic Constraints. - -This is generally the only extension you need to worry about for simple -applications. If you want your certificate to be usable as a CA certificate -(in addition to an end user certificate) then you set this to: - -basicConstraints=CA:TRUE - -if you want to be certain the certificate cannot be used as a CA then do: - -basicConstraints=CA:FALSE - -The rest of this section describes more advanced usage. - -Basic constraints is a multi-valued extension that supports a CA and an -optional pathlen option. The CA option takes the values true and false and -pathlen takes an integer. Note if the CA option is false the pathlen option -should be omitted. - -The pathlen parameter indicates the maximum number of CAs that can appear -below this one in a chain. So if you have a CA with a pathlen of zero it can -only be used to sign end user certificates and not further CAs. This all -assumes that the software correctly interprets this extension of course. - -Examples: - -basicConstraints=CA:TRUE -basicConstraints=critical,CA:TRUE, pathlen:0 - -NOTE: for a CA to be considered valid it must have the CA option set to -TRUE. An end user certificate MUST NOT have the CA value set to true. -According to PKIX recommendations it should exclude the extension entirely, -however some software may require CA set to FALSE for end entity certificates. - -Extended Key Usage. - -This extensions consists of a list of usages. - -These can either be object short names of the dotted numerical form of OIDs. -While any OID can be used only certain values make sense. In particular the -following PKIX, NS and MS values are meaningful: - -Value Meaning ------ ------- -serverAuth SSL/TLS Web Server Authentication. -clientAuth SSL/TLS Web Client Authentication. -codeSigning Code signing. -emailProtection E-mail Protection (S/MIME). -timeStamping Trusted Timestamping -msCodeInd Microsoft Individual Code Signing (authenticode) -msCodeCom Microsoft Commercial Code Signing (authenticode) -msCTLSign Microsoft Trust List Signing -msSGC Microsoft Server Gated Crypto -msEFS Microsoft Encrypted File System -nsSGC Netscape Server Gated Crypto - -For example, under IE5 a CA can be used for any purpose: by including a list -of the above usages the CA can be restricted to only authorised uses. - -Note: software packages may place additional interpretations on certificate -use, in particular some usages may only work for selected CAs. Don't for example -expect just including msSGC or nsSGC will automatically mean that a certificate -can be used for SGC ("step up" encryption) otherwise anyone could use it. - -Examples: - -extendedKeyUsage=critical,codeSigning,1.2.3.4 -extendedKeyUsage=nsSGC,msSGC - -Subject Key Identifier. - -This is really a string extension and can take two possible values. Either -a hex string giving details of the extension value to include or the word -'hash' which then automatically follow PKIX guidelines in selecting and -appropriate key identifier. The use of the hex string is strongly discouraged. - -Example: subjectKeyIdentifier=hash - -Authority Key Identifier. - -The authority key identifier extension permits two options. keyid and issuer: -both can take the optional value "always". - -If the keyid option is present an attempt is made to copy the subject key -identifier from the parent certificate. If the value "always" is present -then an error is returned if the option fails. - -The issuer option copies the issuer and serial number from the issuer -certificate. Normally this will only be done if the keyid option fails or -is not included: the "always" flag will always include the value. - -Subject Alternative Name. - -The subject alternative name extension allows various literal values to be -included in the configuration file. These include "email" (an email address) -"URI" a uniform resource indicator, "DNS" (a DNS domain name), RID (a -registered ID: OBJECT IDENTIFIER) and IP (and IP address). - -Also the email option include a special 'copy' value. This will automatically -include and email addresses contained in the certificate subject name in -the extension. - -Examples: - -subjectAltName=email:copy,email:my@other.address,URL:http://my.url.here/ -subjectAltName=email:my@other.address,RID:1.2.3.4 - -Issuer Alternative Name. - -The issuer alternative name option supports all the literal options of -subject alternative name. It does *not* support the email:copy option because -that would not make sense. It does support an additional issuer:copy option -that will copy all the subject alternative name values from the issuer -certificate (if possible). - -Example: - -issuserAltName = issuer:copy - -Authority Info Access. - -The authority information access extension gives details about how to access -certain information relating to the CA. Its syntax is accessOID;location -where 'location' has the same syntax as subject alternative name (except -that email:copy is not supported). accessOID can be any valid OID but only -certain values are meaningful for example OCSP and caIssuers. OCSP gives the -location of an OCSP responder: this is used by Netscape PSM and other software. - -Example: - -authorityInfoAccess = OCSP;URI:http://ocsp.my.host/ -authorityInfoAccess = caIssuers;URI:http://my.ca/ca.html - -CRL distribution points. - -This is a multi-valued extension that supports all the literal options of -subject alternative name. Of the few software packages that currently interpret -this extension most only interpret the URI option. - -Currently each option will set a new DistributionPoint with the fullName -field set to the given value. - -Other fields like cRLissuer and reasons cannot currently be set or displayed: -at this time no examples were available that used these fields. - -If you see this extension with when you attempt to print it out -or it doesn't appear to display correctly then let me know, including the -certificate (mail me at steve@openssl.org) . - -Examples: - -crlDistributionPoints=URI:http://www.myhost.com/myca.crl -crlDistributionPoints=URI:http://www.my.com/my.crl,URI:http://www.oth.com/my.crl - -Certificate Policies. - -This is a RAW extension. It attempts to display the contents of this extension: -unfortunately this extension is often improperly encoded. - -The certificate policies extension will rarely be used in practice: few -software packages interpret it correctly or at all. IE5 does partially -support this extension: but it needs the 'ia5org' option because it will -only correctly support a broken encoding. Of the options below only the -policy OID, explicitText and CPS options are displayed with IE5. - -All the fields of this extension can be set by using the appropriate syntax. - -If you follow the PKIX recommendations of not including any qualifiers and just -using only one OID then you just include the value of that OID. Multiple OIDs -can be set separated by commas, for example: - -certificatePolicies= 1.2.4.5, 1.1.3.4 - -If you wish to include qualifiers then the policy OID and qualifiers need to -be specified in a separate section: this is done by using the @section syntax -instead of a literal OID value. - -The section referred to must include the policy OID using the name -policyIdentifier, cPSuri qualifiers can be included using the syntax: - -CPS.nnn=value - -userNotice qualifiers can be set using the syntax: - -userNotice.nnn=@notice - -The value of the userNotice qualifier is specified in the relevant section. -This section can include explicitText, organization and noticeNumbers -options. explicitText and organization are text strings, noticeNumbers is a -comma separated list of numbers. The organization and noticeNumbers options -(if included) must BOTH be present. If you use the userNotice option with IE5 -then you need the 'ia5org' option at the top level to modify the encoding: -otherwise it will not be interpreted properly. - -Example: - -certificatePolicies=ia5org,1.2.3.4,1.5.6.7.8,@polsect - -[polsect] - -policyIdentifier = 1.3.5.8 -CPS.1="http://my.host.name/" -CPS.2="http://my.your.name/" -userNotice.1=@notice - -[notice] - -explicitText="Explicit Text Here" -organization="Organisation Name" -noticeNumbers=1,2,3,4 - -TECHNICAL NOTE: the ia5org option changes the type of the 'organization' field, -according to PKIX it should be of type DisplayText but Verisign uses an -IA5STRING and IE5 needs this too. - -Display only extensions. - -Some extensions are only partially supported and currently are only displayed -but cannot be set. These include private key usage period, CRL number, and -CRL reason. - -============================================================================== - X509V3 Extension code: programmers guide -============================================================================== - -The purpose of the extension code is twofold. It allows an extension to be -created from a string or structure describing its contents and it prints out an -extension in a human or machine readable form. - -1. Initialisation and cleanup. - -No special initialisation is needed before calling the extension functions. -You used to have to call X509V3_add_standard_extensions(); but this is no longer -required and this function no longer does anything. - -void X509V3_EXT_cleanup(void); - -This function should be called to cleanup the extension code if any custom -extensions have been added. If no custom extensions have been added then this -call does nothing. After this call all custom extension code is freed up but -you can still use the standard extensions. - -2. Printing and parsing extensions. - -The simplest way to print out extensions is via the standard X509 printing -routines: if you use the standard X509_print() function, the supported -extensions will be printed out automatically. - -The following functions allow finer control over extension display: - -int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, int flag, int indent); -int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag, int indent); - -These two functions print out an individual extension to a BIO or FILE pointer. -Currently the flag argument is unused and should be set to 0. The 'indent' -argument is the number of spaces to indent each line. - -void *X509V3_EXT_d2i(X509_EXTENSION *ext); - -This function parses an extension and returns its internal structure. The -precise structure you get back depends on the extension being parsed. If the -extension if basicConstraints you will get back a pointer to a -BASIC_CONSTRAINTS structure. Check out the source in crypto/x509v3 for more -details about the structures returned. The returned structure should be freed -after use using the relevant free function, BASIC_CONSTRAINTS_free() for -example. - -void * X509_get_ext_d2i(X509 *x, int nid, int *crit, int *idx); -void * X509_CRL_get_ext_d2i(X509_CRL *x, int nid, int *crit, int *idx); -void * X509_REVOKED_get_ext_d2i(X509_REVOKED *x, int nid, int *crit, int *idx); -void * X509V3_get_d2i(STACK_OF(X509_EXTENSION) *x, int nid, int *crit, int *idx); - -These functions combine the operations of searching for extensions and -parsing them. They search a certificate, a CRL a CRL entry or a stack -of extensions respectively for extension whose NID is 'nid' and return -the parsed result of NULL if an error occurred. For example: - -BASIC_CONSTRAINTS *bs; -bs = X509_get_ext_d2i(cert, NID_basic_constraints, NULL, NULL); - -This will search for the basicConstraints extension and either return -it value or NULL. NULL can mean either the extension was not found, it -occurred more than once or it could not be parsed. - -If 'idx' is NULL then an extension is only parsed if it occurs precisely -once. This is standard behaviour because extensions normally cannot occur -more than once. If however more than one extension of the same type can -occur it can be used to parse successive extensions for example: - -int i; -void *ext; - -i = -1; -for(;;) { - ext = X509_get_ext_d2i(x, nid, crit, &idx); - if(ext == NULL) break; - /* Do something with ext */ -} - -If 'crit' is not NULL and the extension was found then the int it points to -is set to 1 for critical extensions and 0 for non critical. Therefore if the -function returns NULL but 'crit' is set to 0 or 1 then the extension was -found but it could not be parsed. - -The int pointed to by crit will be set to -1 if the extension was not found -and -2 if the extension occurred more than once (this will only happen if -idx is NULL). In both cases the function will return NULL. - -3. Generating extensions. - -An extension will typically be generated from a configuration file, or some -other kind of configuration database. - -int X509V3_EXT_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, - X509 *cert); -int X509V3_EXT_CRL_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, - X509_CRL *crl); - -These functions add all the extensions in the given section to the given -certificate or CRL. They will normally be called just before the certificate -or CRL is due to be signed. Both return 0 on error on non zero for success. - -In each case 'conf' is the LHASH pointer of the configuration file to use -and 'section' is the section containing the extension details. - -See the 'context functions' section for a description of the ctx parameter. - - -X509_EXTENSION *X509V3_EXT_conf(LHASH *conf, X509V3_CTX *ctx, char *name, - char *value); - -This function returns an extension based on a name and value pair, if the -pair will not need to access other sections in a config file (or there is no -config file) then the 'conf' parameter can be set to NULL. - -X509_EXTENSION *X509V3_EXT_conf_nid(char *conf, X509V3_CTX *ctx, int nid, - char *value); - -This function creates an extension in the same way as X509V3_EXT_conf() but -takes the NID of the extension rather than its name. - -For example to produce basicConstraints with the CA flag and a path length of -10: - -x = X509V3_EXT_conf_nid(NULL, NULL, NID_basic_constraints,"CA:TRUE,pathlen:10"); - - -X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc); - -This function sets up an extension from its internal structure. The ext_nid -parameter is the NID of the extension and 'crit' is the critical flag. - -4. Context functions. - -The following functions set and manipulate an extension context structure. -The purpose of the extension context is to allow the extension code to -access various structures relating to the "environment" of the certificate: -for example the issuers certificate or the certificate request. - -void X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subject, - X509_REQ *req, X509_CRL *crl, int flags); - -This function sets up an X509V3_CTX structure with details of the certificate -environment: specifically the issuers certificate, the subject certificate, -the certificate request and the CRL: if these are not relevant or not -available then they can be set to NULL. The 'flags' parameter should be set -to zero. - -X509V3_set_ctx_test(ctx) - -This macro is used to set the 'ctx' structure to a 'test' value: this is to -allow the syntax of an extension (or configuration file) to be tested. - -X509V3_set_ctx_nodb(ctx) - -This macro is used when no configuration database is present. - -void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH *lhash); - -This function is used to set the configuration database when it is an LHASH -structure: typically a configuration file. - -The following functions are used to access a configuration database: they -should only be used in RAW extensions. - -char * X509V3_get_string(X509V3_CTX *ctx, char *name, char *section); - -This function returns the value of the parameter "name" in "section", or NULL -if there has been an error. - -void X509V3_string_free(X509V3_CTX *ctx, char *str); - -This function frees up the string returned by the above function. - -STACK_OF(CONF_VALUE) * X509V3_get_section(X509V3_CTX *ctx, char *section); - -This function returns a whole section as a STACK_OF(CONF_VALUE) . - -void X509V3_section_free( X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *section); - -This function frees up the STACK returned by the above function. - -Note: it is possible to use the extension code with a custom configuration -database. To do this the "db_meth" element of the X509V3_CTX structure should -be set to an X509V3_CTX_METHOD structure. This structure contains the following -function pointers: - -char * (*get_string)(void *db, char *section, char *value); -STACK_OF(CONF_VALUE) * (*get_section)(void *db, char *section); -void (*free_string)(void *db, char * string); -void (*free_section)(void *db, STACK_OF(CONF_VALUE) *section); - -these will be called and passed the 'db' element in the X509V3_CTX structure -to access the database. If a given function is not implemented or not required -it can be set to NULL. - -5. String helper functions. - -There are several "i2s" and "s2i" functions that convert structures to and -from ASCII strings. In all the "i2s" cases the returned string should be -freed using Free() after use. Since some of these are part of other extension -code they may take a 'method' parameter. Unless otherwise stated it can be -safely set to NULL. - -char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *oct); - -This returns a hex string from an ASN1_OCTET_STRING. - -char * i2s_ASN1_INTEGER(X509V3_EXT_METHOD *meth, ASN1_INTEGER *aint); -char * i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *meth, ASN1_ENUMERATED *aint); - -These return a string decimal representations of an ASN1_INTEGER and an -ASN1_ENUMERATED type, respectively. - -ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, char *str); - -This converts an ASCII hex string to an ASN1_OCTET_STRING. - -ASN1_INTEGER * s2i_ASN1_INTEGER(X509V3_EXT_METHOD *meth, char *value); - -This converts a decimal ASCII string into an ASN1_INTEGER. - -6. Multi valued extension helper functions. - -The following functions can be used to manipulate STACKs of CONF_VALUE -structures, as used by multi valued extensions. - -int X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool); - -This function expects a boolean value in 'value' and sets 'asn1_bool' to -it. That is it sets it to 0 for FALSE or 0xff for TRUE. The following -strings are acceptable: "TRUE", "true", "Y", "y", "YES", "yes", "FALSE" -"false", "N", "n", "NO" or "no". - -int X509V3_get_value_int(CONF_VALUE *value, ASN1_INTEGER **aint); - -This accepts a decimal integer of arbitrary length and sets an ASN1_INTEGER. - -int X509V3_add_value(const char *name, const char *value, - STACK_OF(CONF_VALUE) **extlist); - -This simply adds a string name and value pair. - -int X509V3_add_value_uchar(const char *name, const unsigned char *value, - STACK_OF(CONF_VALUE) **extlist); - -The same as above but for an unsigned character value. - -int X509V3_add_value_bool(const char *name, int asn1_bool, - STACK_OF(CONF_VALUE) **extlist); - -This adds either "TRUE" or "FALSE" depending on the value of 'asn1_bool' - -int X509V3_add_value_bool_nf(char *name, int asn1_bool, - STACK_OF(CONF_VALUE) **extlist); - -This is the same as above except it adds nothing if asn1_bool is FALSE. - -int X509V3_add_value_int(const char *name, ASN1_INTEGER *aint, - STACK_OF(CONF_VALUE) **extlist); - -This function adds the value of the ASN1_INTEGER in decimal form. - -7. Other helper functions. - - - -ADDING CUSTOM EXTENSIONS. - -Currently there are three types of supported extensions. - -String extensions are simple strings where the value is placed directly in the -extensions, and the string returned is printed out. - -Multi value extensions are passed a STACK_OF(CONF_VALUE) name and value pairs -or return a STACK_OF(CONF_VALUE). - -Raw extensions are just passed a BIO or a value and it is the extensions -responsibility to handle all the necessary printing. - -There are two ways to add an extension. One is simply as an alias to an already -existing extension. An alias is an extension that is identical in ASN1 structure -to an existing extension but has a different OBJECT IDENTIFIER. This can be -done by calling: - -int X509V3_EXT_add_alias(int nid_to, int nid_from); - -'nid_to' is the new extension NID and 'nid_from' is the already existing -extension NID. - -Alternatively an extension can be written from scratch. This involves writing -the ASN1 code to encode and decode the extension and functions to print out and -generate the extension from strings. The relevant functions are then placed in -a X509V3_EXT_METHOD structure and int X509V3_EXT_add(X509V3_EXT_METHOD *ext); -called. - -The X509V3_EXT_METHOD structure is described below. - -strut { -int ext_nid; -int ext_flags; -X509V3_EXT_NEW ext_new; -X509V3_EXT_FREE ext_free; -X509V3_EXT_D2I d2i; -X509V3_EXT_I2D i2d; -X509V3_EXT_I2S i2s; -X509V3_EXT_S2I s2i; -X509V3_EXT_I2V i2v; -X509V3_EXT_V2I v2i; -X509V3_EXT_R2I r2i; -X509V3_EXT_I2R i2r; - -void *usr_data; -}; - -The elements have the following meanings. - -ext_nid is the NID of the object identifier of the extension. - -ext_flags is set of flags. Currently the only external flag is - X509V3_EXT_MULTILINE which means a multi valued extensions - should be printed on separate lines. - -usr_data is an extension specific pointer to any relevant data. This - allows extensions to share identical code but have different - uses. An example of this is the bit string extension which uses - usr_data to contain a list of the bit names. - -All the remaining elements are function pointers. - -ext_new is a pointer to a function that allocates memory for the - extension ASN1 structure: for example ASN1_OBJECT_new(). - -ext_free is a pointer to a function that free up memory of the extension - ASN1 structure: for example ASN1_OBJECT_free(). - -d2i is the standard ASN1 function that converts a DER buffer into - the internal ASN1 structure: for example d2i_ASN1_IA5STRING(). - -i2d is the standard ASN1 function that converts the internal - structure into the DER representation: for example - i2d_ASN1_IA5STRING(). - -The remaining functions are depend on the type of extension. One i2X and -one X2i should be set and the rest set to NULL. The types set do not need -to match up, for example the extension could be set using the multi valued -v2i function and printed out using the raw i2r. - -All functions have the X509V3_EXT_METHOD passed to them in the 'method' -parameter and an X509V3_CTX structure. Extension code can then access the -parent structure via the 'method' parameter to for example make use of the value -of usr_data. If the code needs to use detail relating to the request it can -use the 'ctx' parameter. - -A note should be given here about the 'flags' member of the 'ctx' parameter. -If it has the value CTX_TEST then the configuration syntax is being checked -and no actual certificate or CRL exists. Therefore any attempt in the config -file to access such information should silently succeed. If the syntax is OK -then it should simply return a (possibly bogus) extension, otherwise it -should return NULL. - -char *i2s(struct v3_ext_method *method, void *ext); - -This function takes the internal structure in the ext parameter and returns -a Malloc'ed string representing its value. - -void * s2i(struct v3_ext_method *method, struct v3_ext_ctx *ctx, char *str); - -This function takes the string representation in the ext parameter and returns -an allocated internal structure: ext_free() will be used on this internal -structure after use. - -i2v and v2i handle a STACK_OF(CONF_VALUE): - -typedef struct -{ - char *section; - char *name; - char *value; -} CONF_VALUE; - -Only the name and value members are currently used. - -STACK_OF(CONF_VALUE) * i2v(struct v3_ext_method *method, void *ext); - -This function is passed the internal structure in the ext parameter and -returns a STACK of CONF_VALUE structures. The values of name, value, -section and the structure itself will be freed up with Free after use. -Several helper functions are available to add values to this STACK. - -void * v2i(struct v3_ext_method *method, struct v3_ext_ctx *ctx, - STACK_OF(CONF_VALUE) *values); - -This function takes a STACK_OF(CONF_VALUE) structures and should set the -values of the external structure. This typically uses the name element to -determine which structure element to set and the value element to determine -what to set it to. Several helper functions are available for this -purpose (see above). - -int i2r(struct v3_ext_method *method, void *ext, BIO *out, int indent); - -This function is passed the internal extension structure in the ext parameter -and sends out a human readable version of the extension to out. The 'indent' -parameter should be noted to determine the necessary amount of indentation -needed on the output. - -void * r2i(struct v3_ext_method *method, struct v3_ext_ctx *ctx, char *str); - -This is just passed the string representation of the extension. It is intended -to be used for more elaborate extensions where the standard single and multi -valued options are insufficient. They can use the 'ctx' parameter to parse the -configuration database themselves. See the context functions section for details -of how to do this. - -Note: although this type takes the same parameters as the "r2s" function there -is a subtle difference. Whereas an "r2i" function can access a configuration -database an "s2i" function MUST NOT. This is so the internal code can safely -assume that an "s2i" function will work without a configuration database. - -============================================================================== - PKCS#12 Library -============================================================================== - -This section describes the internal PKCS#12 support. There are very few -differences between the old external library and the new internal code at -present. This may well change because the external library will not be updated -much in future. - -This version now includes a couple of high level PKCS#12 functions which -generally "do the right thing" and should make it much easier to handle PKCS#12 -structures. - -HIGH LEVEL FUNCTIONS. - -For most applications you only need concern yourself with the high level -functions. They can parse and generate simple PKCS#12 files as produced by -Netscape and MSIE or indeed any compliant PKCS#12 file containing a single -private key and certificate pair. - -1. Initialisation and cleanup. - -No special initialisation is needed for the internal PKCS#12 library: the -standard SSLeay_add_all_algorithms() is sufficient. If you do not wish to -add all algorithms (you should at least add SHA1 though) then you can manually -initialise the PKCS#12 library with: - -PKCS12_PBE_add(); - -The memory allocated by the PKCS#12 library is freed up when EVP_cleanup() is -called or it can be directly freed with: - -EVP_PBE_cleanup(); - -after this call (or EVP_cleanup() ) no more PKCS#12 library functions should -be called. - -2. I/O functions. - -i2d_PKCS12_bio(bp, p12) - -This writes out a PKCS12 structure to a BIO. - -i2d_PKCS12_fp(fp, p12) - -This is the same but for a FILE pointer. - -d2i_PKCS12_bio(bp, p12) - -This reads in a PKCS12 structure from a BIO. - -d2i_PKCS12_fp(fp, p12) - -This is the same but for a FILE pointer. - -3. High level functions. - -3.1 Parsing with PKCS12_parse(). - -int PKCS12_parse(PKCS12 *p12, char *pass, EVP_PKEY **pkey, X509 **cert, - STACK **ca); - -This function takes a PKCS12 structure and a password (ASCII, null terminated) -and returns the private key, the corresponding certificate and any CA -certificates. If any of these is not required it can be passed as a NULL. -The 'ca' parameter should be either NULL, a pointer to NULL or a valid STACK -structure. Typically to read in a PKCS#12 file you might do: - -p12 = d2i_PKCS12_fp(fp, NULL); -PKCS12_parse(p12, password, &pkey, &cert, NULL); /* CAs not wanted */ -PKCS12_free(p12); - -3.2 PKCS#12 creation with PKCS12_create(). - -PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert, - STACK *ca, int nid_key, int nid_cert, int iter, - int mac_iter, int keytype); - -This function will create a PKCS12 structure from a given password, name, -private key, certificate and optional STACK of CA certificates. The remaining -5 parameters can be set to 0 and sensible defaults will be used. - -The parameters nid_key and nid_cert are the key and certificate encryption -algorithms, iter is the encryption iteration count, mac_iter is the MAC -iteration count and keytype is the type of private key. If you really want -to know what these last 5 parameters do then read the low level section. - -Typically to create a PKCS#12 file the following could be used: - -p12 = PKCS12_create(pass, "My Certificate", pkey, cert, NULL, 0,0,0,0,0); -i2d_PKCS12_fp(fp, p12); -PKCS12_free(p12); - -3.3 Changing a PKCS#12 structure password. - -int PKCS12_newpass(PKCS12 *p12, char *oldpass, char *newpass); - -This changes the password of an already existing PKCS#12 structure. oldpass -is the old password and newpass is the new one. An error occurs if the old -password is incorrect. - -LOW LEVEL FUNCTIONS. - -In some cases the high level functions do not provide the necessary -functionality. For example if you want to generate or parse more complex -PKCS#12 files. The sample pkcs12 application uses the low level functions -to display details about the internal structure of a PKCS#12 file. - -Introduction. - -This is a brief description of how a PKCS#12 file is represented internally: -some knowledge of PKCS#12 is assumed. - -A PKCS#12 object contains several levels. - -At the lowest level is a PKCS12_SAFEBAG. This can contain a certificate, a -CRL, a private key, encrypted or unencrypted, a set of safebags (so the -structure can be nested) or other secrets (not documented at present). -A safebag can optionally have attributes, currently these are: a unicode -friendlyName (a Unicode string) or a localKeyID (a string of bytes). - -At the next level is an authSafe which is a set of safebags collected into -a PKCS#7 ContentInfo. This can be just plain data, or encrypted itself. - -At the top level is the PKCS12 structure itself which contains a set of -authSafes in an embedded PKCS#7 Contentinfo of type data. In addition it -contains a MAC which is a kind of password protected digest to preserve -integrity (so any unencrypted stuff below can't be tampered with). - -The reason for these levels is so various objects can be encrypted in various -ways. For example you might want to encrypt a set of private keys with -triple-DES and then include the related certificates either unencrypted or -with lower encryption. Yes it's the dreaded crypto laws at work again which -allow strong encryption on private keys and only weak encryption on other -stuff. - -To build one of these things you turn all certificates and keys into safebags -(with optional attributes). You collect the safebags into (one or more) STACKS -and convert these into authsafes (encrypted or unencrypted). The authsafes -are collected into a STACK and added to a PKCS12 structure. Finally a MAC -inserted. - -Pulling one apart is basically the reverse process. The MAC is verified against -the given password. The authsafes are extracted and each authsafe split into -a set of safebags (possibly involving decryption). Finally the safebags are -decomposed into the original keys and certificates and the attributes used to -match up private key and certificate pairs. - -Anyway here are the functions that do the dirty work. - -1. Construction functions. - -1.1 Safebag functions. - -M_PKCS12_x5092certbag(x509) - -This macro takes an X509 structure and returns a certificate bag. The -X509 structure can be freed up after calling this function. - -M_PKCS12_x509crl2certbag(crl) - -As above but for a CRL. - -PKCS8_PRIV_KEY_INFO *PKEY2PKCS8(EVP_PKEY *pkey) - -Take a private key and convert it into a PKCS#8 PrivateKeyInfo structure. -Works for both RSA and DSA private keys. NB since the PKCS#8 PrivateKeyInfo -structure contains a private key data in plain text form it should be free'd -up as soon as it has been encrypted for security reasons (freeing up the -structure zeros out the sensitive data). This can be done with -PKCS8_PRIV_KEY_INFO_free(). - -PKCS8_add_keyusage(PKCS8_PRIV_KEY_INFO *p8, int usage) - -This sets the key type when a key is imported into MSIE or Outlook 98. Two -values are currently supported: KEY_EX and KEY_SIG. KEY_EX is an exchange type -key that can also be used for signing but its size is limited in the export -versions of MS software to 512 bits, it is also the default. KEY_SIG is a -signing only key but the keysize is unlimited (well 16K is supposed to work). -If you are using the domestic version of MSIE then you can ignore this because -KEY_EX is not limited and can be used for both. - -PKCS12_SAFEBAG *PKCS12_MAKE_KEYBAG(PKCS8_PRIV_KEY_INFO *p8) - -Convert a PKCS8 private key structure into a keybag. This routine embeds the -p8 structure in the keybag so p8 should not be freed up or used after it is -called. The p8 structure will be freed up when the safebag is freed. - -PKCS12_SAFEBAG *PKCS12_MAKE_SHKEYBAG(int pbe_nid, unsigned char *pass, int passlen, unsigned char *salt, int saltlen, int iter, PKCS8_PRIV_KEY_INFO *p8) - -Convert a PKCS#8 structure into a shrouded key bag (encrypted). p8 is not -embedded and can be freed up after use. - -int PKCS12_add_localkeyid(PKCS12_SAFEBAG *bag, unsigned char *name, int namelen) -int PKCS12_add_friendlyname(PKCS12_SAFEBAG *bag, unsigned char *name, int namelen) - -Add a local key id or a friendlyname to a safebag. - -1.2 Authsafe functions. - -PKCS7 *PKCS12_pack_p7data(STACK *sk) -Take a stack of safebags and convert them into an unencrypted authsafe. The -stack of safebags can be freed up after calling this function. - -PKCS7 *PKCS12_pack_p7encdata(int pbe_nid, unsigned char *pass, int passlen, unsigned char *salt, int saltlen, int iter, STACK *bags); - -As above but encrypted. - -1.3 PKCS12 functions. - -PKCS12 *PKCS12_init(int mode) - -Initialise a PKCS12 structure (currently mode should be NID_pkcs7_data). - -M_PKCS12_pack_authsafes(p12, safes) - -This macro takes a STACK of authsafes and adds them to a PKCS#12 structure. - -int PKCS12_set_mac(PKCS12 *p12, unsigned char *pass, int passlen, unsigned char *salt, int saltlen, int iter, EVP_MD *md_type); - -Add a MAC to a PKCS12 structure. If EVP_MD is NULL use SHA-1, the spec suggests -that SHA-1 should be used. - -2. Extraction Functions. - -2.1 Safebags. - -M_PKCS12_bag_type(bag) - -Return the type of "bag". Returns one of the following - -NID_keyBag -NID_pkcs8ShroudedKeyBag 7 -NID_certBag 8 -NID_crlBag 9 -NID_secretBag 10 -NID_safeContentsBag 11 - -M_PKCS12_cert_bag_type(bag) - -Returns type of certificate bag, following are understood. - -NID_x509Certificate 14 -NID_sdsiCertificate 15 - -M_PKCS12_crl_bag_type(bag) - -Returns crl bag type, currently only NID_crlBag is recognised. - -M_PKCS12_certbag2x509(bag) - -This macro extracts an X509 certificate from a certificate bag. - -M_PKCS12_certbag2x509crl(bag) - -As above but for a CRL. - -EVP_PKEY * PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8) - -Extract a private key from a PKCS8 private key info structure. - -M_PKCS12_decrypt_skey(bag, pass, passlen) - -Decrypt a shrouded key bag and return a PKCS8 private key info structure. -Works with both RSA and DSA keys - -char *PKCS12_get_friendlyname(bag) - -Returns the friendlyName of a bag if present or NULL if none. The returned -string is a null terminated ASCII string allocated with Malloc(). It should -thus be freed up with Free() after use. - -2.2 AuthSafe functions. - -M_PKCS12_unpack_p7data(p7) - -Extract a STACK of safe bags from a PKCS#7 data ContentInfo. - -#define M_PKCS12_unpack_p7encdata(p7, pass, passlen) - -As above but for an encrypted content info. - -2.3 PKCS12 functions. - -M_PKCS12_unpack_authsafes(p12) - -Extract a STACK of authsafes from a PKCS12 structure. - -M_PKCS12_mac_present(p12) - -Check to see if a MAC is present. - -int PKCS12_verify_mac(PKCS12 *p12, unsigned char *pass, int passlen) - -Verify a MAC on a PKCS12 structure. Returns an error if MAC not present. - - -Notes. - -1. All the function return 0 or NULL on error. -2. Encryption based functions take a common set of parameters. These are -described below. - -pass, passlen -ASCII password and length. The password on the MAC is called the "integrity -password" the encryption password is called the "privacy password" in the -PKCS#12 documentation. The passwords do not have to be the same. If -1 is -passed for the length it is worked out by the function itself (currently -this is sometimes done whatever is passed as the length but that may change). - -salt, saltlen -A 'salt' if salt is NULL a random salt is used. If saltlen is also zero a -default length is used. - -iter -Iteration count. This is a measure of how many times an internal function is -called to encrypt the data. The larger this value is the longer it takes, it -makes dictionary attacks on passwords harder. NOTE: Some implementations do -not support an iteration count on the MAC. If the password for the MAC and -encryption is the same then there is no point in having a high iteration -count for encryption if the MAC has no count. The MAC could be attacked -and the password used for the main decryption. - -pbe_nid -This is the NID of the password based encryption method used. The following are -supported. -NID_pbe_WithSHA1And128BitRC4 -NID_pbe_WithSHA1And40BitRC4 -NID_pbe_WithSHA1And3_Key_TripleDES_CBC -NID_pbe_WithSHA1And2_Key_TripleDES_CBC -NID_pbe_WithSHA1And128BitRC2_CBC -NID_pbe_WithSHA1And40BitRC2_CBC - -Which you use depends on the implementation you are exporting to. "Export -grade" (i.e. cryptographically challenged) products cannot support all -algorithms. Typically you may be able to use any encryption on shrouded key -bags but they must then be placed in an unencrypted authsafe. Other authsafes -may only support 40bit encryption. Of course if you are using SSLeay -throughout you can strongly encrypt everything and have high iteration counts -on everything. - -3. For decryption routines only the password and length are needed. - -4. Unlike the external version the nid's of objects are the values of the -constants: that is NID_certBag is the real nid, therefore there is no -PKCS12_obj_offset() function. Note the object constants are not the same as -those of the external version. If you use these constants then you will need -to recompile your code. - -5. With the exception of PKCS12_MAKE_KEYBAG(), after calling any function or -macro of the form PKCS12_MAKE_SOMETHING(other) the "other" structure can be -reused or freed up safely. - diff --git a/src/lib/libssl/doc/standards.txt b/src/lib/libssl/doc/standards.txt deleted file mode 100644 index 61ccc5d7e0..0000000000 --- a/src/lib/libssl/doc/standards.txt +++ /dev/null @@ -1,121 +0,0 @@ -Standards related to OpenSSL -============================ - -[Please, this is currently a draft. I made a first try at finding - documents that describe parts of what OpenSSL implements. There are - big gaps, and I've most certainly done something wrong. Please - correct whatever is... Also, this note should be removed when this - file is reaching a somewhat correct state. -- Richard Levitte] - - -All pointers in here will be either URL's or blobs of text borrowed -from miscellaneous indexes, like rfc-index.txt (index of RFCs), -1id-index.txt (index of Internet drafts) and the like. - -To find the latest possible RFCs, it's recommended to either browse -ftp://ftp.isi.edu/in-notes/ or go to http://www.rfc-editor.org/ and -use the search mechanism found there. -To find the latest possible Internet drafts, it's recommended to -browse ftp://ftp.isi.edu/internet-drafts/. -To find the latest possible PKCS, it's recommended to browse -http://www.rsasecurity.com/rsalabs/pkcs/. - - -Implemented: ------------- - -These are documents that describe things that are implemented in OpenSSL. - -1319 The MD2 Message-Digest Algorithm. B. Kaliski. April 1992. - (Format: TXT=25661 bytes) (Status: INFORMATIONAL) - -1320 The MD4 Message-Digest Algorithm. R. Rivest. April 1992. (Format: - TXT=32407 bytes) (Status: INFORMATIONAL) - -1321 The MD5 Message-Digest Algorithm. R. Rivest. April 1992. (Format: - TXT=35222 bytes) (Status: INFORMATIONAL) - -2246 The TLS Protocol Version 1.0. T. Dierks, C. Allen. January 1999. - (Format: TXT=170401 bytes) (Status: PROPOSED STANDARD) - -2268 A Description of the RC2(r) Encryption Algorithm. R. Rivest. - January 1998. (Format: TXT=19048 bytes) (Status: INFORMATIONAL) - -2314 PKCS 10: Certification Request Syntax Version 1.5. B. Kaliski. - March 1998. (Format: TXT=15814 bytes) (Status: INFORMATIONAL) - -2315 PKCS 7: Cryptographic Message Syntax Version 1.5. B. Kaliski. - March 1998. (Format: TXT=69679 bytes) (Status: INFORMATIONAL) - -2437 PKCS #1: RSA Cryptography Specifications Version 2.0. B. Kaliski, - J. Staddon. October 1998. (Format: TXT=73529 bytes) (Obsoletes - RFC2313) (Status: INFORMATIONAL) - -2459 Internet X.509 Public Key Infrastructure Certificate and CRL - Profile. R. Housley, W. Ford, W. Polk, D. Solo. January 1999. - (Format: TXT=278438 bytes) (Status: PROPOSED STANDARD) - -PKCS#8: Private-Key Information Syntax Standard - -PKCS#12: Personal Information Exchange Syntax Standard, version 1.0. - - -Related: --------- - -These are documents that are close to OpenSSL, for example the -STARTTLS documents. - -1421 Privacy Enhancement for Internet Electronic Mail: Part I: Message - Encryption and Authentication Procedures. J. Linn. February 1993. - (Format: TXT=103894 bytes) (Obsoletes RFC1113) (Status: PROPOSED - STANDARD) - -1422 Privacy Enhancement for Internet Electronic Mail: Part II: - Certificate-Based Key Management. S. Kent. February 1993. (Format: - TXT=86085 bytes) (Obsoletes RFC1114) (Status: PROPOSED STANDARD) - -1423 Privacy Enhancement for Internet Electronic Mail: Part III: - Algorithms, Modes, and Identifiers. D. Balenson. February 1993. - (Format: TXT=33277 bytes) (Obsoletes RFC1115) (Status: PROPOSED - STANDARD) - -1424 Privacy Enhancement for Internet Electronic Mail: Part IV: Key - Certification and Related Services. B. Kaliski. February 1993. - (Format: TXT=17537 bytes) (Status: PROPOSED STANDARD) - -2487 SMTP Service Extension for Secure SMTP over TLS. P. Hoffman. - January 1999. (Format: TXT=15120 bytes) (Status: PROPOSED STANDARD) - -2585 Internet X.509 Public Key Infrastructure Operational Protocols: - FTP and HTTP. R. Housley, P. Hoffman. May 1999. (Format: TXT=14813 - bytes) (Status: PROPOSED STANDARD) - -2595 Using TLS with IMAP, POP3 and ACAP. C. Newman. June 1999. - (Format: TXT=32440 bytes) (Status: PROPOSED STANDARD) - -2712 Addition of Kerberos Cipher Suites to Transport Layer Security - (TLS). A. Medvinsky, M. Hur. October 1999. (Format: TXT=13763 bytes) - (Status: PROPOSED STANDARD) - -2817 Upgrading to TLS Within HTTP/1.1. R. Khare, S. Lawrence. May - 2000. (Format: TXT=27598 bytes) (Updates RFC2616) (Status: PROPOSED - STANDARD) - -2818 HTTP Over TLS. E. Rescorla. May 2000. (Format: TXT=15170 bytes) - (Status: INFORMATIONAL) - - "Securing FTP with TLS", 01/27/2000, - - -To be implemented: ------------------- - -These are documents that describe things that are planed to be -implemented in the hopefully short future. - -2560 X.509 Internet Public Key Infrastructure Online Certificate - Status Protocol - OCSP. M. Myers, R. Ankney, A. Malpani, S. Galperin, - C. Adams. June 1999. (Format: TXT=43243 bytes) (Status: PROPOSED - STANDARD) - diff --git a/src/lib/libssl/s23_clnt.c b/src/lib/libssl/s23_clnt.c deleted file mode 100644 index 5050a13ef2..0000000000 --- a/src/lib/libssl/s23_clnt.c +++ /dev/null @@ -1,475 +0,0 @@ -/* ssl/s23_clnt.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include -#include -#include "ssl_locl.h" - -static SSL_METHOD *ssl23_get_client_method(int ver); -static int ssl23_client_hello(SSL *s); -static int ssl23_get_server_hello(SSL *s); -static SSL_METHOD *ssl23_get_client_method(int ver) - { -#ifndef NO_SSL2 - if (ver == SSL2_VERSION) - return(SSLv2_client_method()); -#endif - if (ver == SSL3_VERSION) - return(SSLv3_client_method()); - else if (ver == TLS1_VERSION) - return(TLSv1_client_method()); - else - return(NULL); - } - -SSL_METHOD *SSLv23_client_method(void) - { - static int init=1; - static SSL_METHOD SSLv23_client_data; - - if (init) - { - memcpy((char *)&SSLv23_client_data, - (char *)sslv23_base_method(),sizeof(SSL_METHOD)); - SSLv23_client_data.ssl_connect=ssl23_connect; - SSLv23_client_data.get_ssl_method=ssl23_get_client_method; - init=0; - } - return(&SSLv23_client_data); - } - -int ssl23_connect(SSL *s) - { - BUF_MEM *buf; - unsigned long Time=time(NULL); - void (*cb)()=NULL; - int ret= -1; - int new_state,state; - - RAND_add(&Time,sizeof(Time),0); - ERR_clear_error(); - clear_sys_error(); - - if (s->info_callback != NULL) - cb=s->info_callback; - else if (s->ctx->info_callback != NULL) - cb=s->ctx->info_callback; - - if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s); - s->in_handshake++; - - for (;;) - { - state=s->state; - - switch(s->state) - { - case SSL_ST_BEFORE: - case SSL_ST_CONNECT: - case SSL_ST_BEFORE|SSL_ST_CONNECT: - case SSL_ST_OK|SSL_ST_CONNECT: - - if (s->session != NULL) - { - SSLerr(SSL_F_SSL23_CONNECT,SSL_R_SSL23_DOING_SESSION_ID_REUSE); - ret= -1; - goto end; - } - s->server=0; - if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1); - - /* s->version=TLS1_VERSION; */ - s->type=SSL_ST_CONNECT; - - if (s->init_buf == NULL) - { - if ((buf=BUF_MEM_new()) == NULL) - { - ret= -1; - goto end; - } - if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH)) - { - ret= -1; - goto end; - } - s->init_buf=buf; - } - - if (!ssl3_setup_buffers(s)) { ret= -1; goto end; } - - ssl3_init_finished_mac(s); - - s->state=SSL23_ST_CW_CLNT_HELLO_A; - s->ctx->stats.sess_connect++; - s->init_num=0; - break; - - case SSL23_ST_CW_CLNT_HELLO_A: - case SSL23_ST_CW_CLNT_HELLO_B: - - s->shutdown=0; - ret=ssl23_client_hello(s); - if (ret <= 0) goto end; - s->state=SSL23_ST_CR_SRVR_HELLO_A; - s->init_num=0; - - break; - - case SSL23_ST_CR_SRVR_HELLO_A: - case SSL23_ST_CR_SRVR_HELLO_B: - ret=ssl23_get_server_hello(s); - if (ret >= 0) cb=NULL; - goto end; - /* break; */ - - default: - SSLerr(SSL_F_SSL23_CONNECT,SSL_R_UNKNOWN_STATE); - ret= -1; - goto end; - /* break; */ - } - - if (s->debug) { (void)BIO_flush(s->wbio); } - - if ((cb != NULL) && (s->state != state)) - { - new_state=s->state; - s->state=state; - cb(s,SSL_CB_CONNECT_LOOP,1); - s->state=new_state; - } - } -end: - s->in_handshake--; - if (cb != NULL) - cb(s,SSL_CB_CONNECT_EXIT,ret); - return(ret); - } - - -static int ssl23_client_hello(SSL *s) - { - unsigned char *buf; - unsigned char *p,*d; - int i,ch_len; - - buf=(unsigned char *)s->init_buf->data; - if (s->state == SSL23_ST_CW_CLNT_HELLO_A) - { -#if 0 - /* don't reuse session-id's */ - if (!ssl_get_new_session(s,0)) - { - return(-1); - } -#endif - - p=s->s3->client_random; - RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE); - - /* Do the message type and length last */ - d= &(buf[2]); - p=d+9; - - *(d++)=SSL2_MT_CLIENT_HELLO; - if (!(s->options & SSL_OP_NO_TLSv1)) - { - *(d++)=TLS1_VERSION_MAJOR; - *(d++)=TLS1_VERSION_MINOR; - s->client_version=TLS1_VERSION; - } - else if (!(s->options & SSL_OP_NO_SSLv3)) - { - *(d++)=SSL3_VERSION_MAJOR; - *(d++)=SSL3_VERSION_MINOR; - s->client_version=SSL3_VERSION; - } - else if (!(s->options & SSL_OP_NO_SSLv2)) - { - *(d++)=SSL2_VERSION_MAJOR; - *(d++)=SSL2_VERSION_MINOR; - s->client_version=SSL2_VERSION; - } - else - { - SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_PROTOCOLS_AVAILABLE); - return(-1); - } - - /* Ciphers supported */ - i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),p); - if (i == 0) - { - /* no ciphers */ - SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE); - return(-1); - } - s2n(i,d); - p+=i; - - /* put in the session-id, zero since there is no - * reuse. */ -#if 0 - s->session->session_id_length=0; -#endif - s2n(0,d); - - if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG) - ch_len=SSL2_CHALLENGE_LENGTH; - else - ch_len=SSL2_MAX_CHALLENGE_LENGTH; - - /* write out sslv2 challenge */ - if (SSL3_RANDOM_SIZE < ch_len) - i=SSL3_RANDOM_SIZE; - else - i=ch_len; - s2n(i,d); - memset(&(s->s3->client_random[0]),0,SSL3_RANDOM_SIZE); - RAND_pseudo_bytes(&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i); - memcpy(p,&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i); - p+=i; - - i= p- &(buf[2]); - buf[0]=((i>>8)&0xff)|0x80; - buf[1]=(i&0xff); - - s->state=SSL23_ST_CW_CLNT_HELLO_B; - /* number of bytes to write */ - s->init_num=i+2; - s->init_off=0; - - ssl3_finish_mac(s,&(buf[2]),i); - } - - /* SSL3_ST_CW_CLNT_HELLO_B */ - return(ssl23_write_bytes(s)); - } - -static int ssl23_get_server_hello(SSL *s) - { - char buf[8]; - unsigned char *p; - int i; - int n; - - n=ssl23_read_bytes(s,7); - - if (n != 7) return(n); - p=s->packet; - - memcpy(buf,p,n); - - if ((p[0] & 0x80) && (p[2] == SSL2_MT_SERVER_HELLO) && - (p[5] == 0x00) && (p[6] == 0x02)) - { -#ifdef NO_SSL2 - SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL); - goto err; -#else - /* we are talking sslv2 */ - /* we need to clean up the SSLv3 setup and put in the - * sslv2 stuff. */ - int ch_len; - - if (s->options & SSL_OP_NO_SSLv2) - { - SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL); - goto err; - } - if (s->s2 == NULL) - { - if (!ssl2_new(s)) - goto err; - } - else - ssl2_clear(s); - - if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG) - ch_len=SSL2_CHALLENGE_LENGTH; - else - ch_len=SSL2_MAX_CHALLENGE_LENGTH; - - /* write out sslv2 challenge */ - i=(SSL3_RANDOM_SIZE < ch_len) - ?SSL3_RANDOM_SIZE:ch_len; - s->s2->challenge_length=i; - memcpy(s->s2->challenge, - &(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i); - - if (s->s3 != NULL) ssl3_free(s); - - if (!BUF_MEM_grow(s->init_buf, - SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) - { - SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,ERR_R_BUF_LIB); - goto err; - } - - s->state=SSL2_ST_GET_SERVER_HELLO_A; - if (!(s->client_version == SSL2_VERSION)) - /* use special padding (SSL 3.0 draft/RFC 2246, App. E.2) */ - s->s2->ssl2_rollback=1; - - /* setup the 5 bytes we have read so we get them from - * the sslv2 buffer */ - s->rstate=SSL_ST_READ_HEADER; - s->packet_length=n; - s->packet= &(s->s2->rbuf[0]); - memcpy(s->packet,buf,n); - s->s2->rbuf_left=n; - s->s2->rbuf_offs=0; - - /* we have already written one */ - s->s2->write_sequence=1; - - s->method=SSLv2_client_method(); - s->handshake_func=s->method->ssl_connect; -#endif - } - else if ((p[0] == SSL3_RT_HANDSHAKE) && - (p[1] == SSL3_VERSION_MAJOR) && - ((p[2] == SSL3_VERSION_MINOR) || - (p[2] == TLS1_VERSION_MINOR)) && - (p[5] == SSL3_MT_SERVER_HELLO)) - { - /* we have sslv3 or tls1 */ - - if (!ssl_init_wbio_buffer(s,1)) goto err; - - /* we are in this state */ - s->state=SSL3_ST_CR_SRVR_HELLO_A; - - /* put the 5 bytes we have read into the input buffer - * for SSLv3 */ - s->rstate=SSL_ST_READ_HEADER; - s->packet_length=n; - s->packet= &(s->s3->rbuf.buf[0]); - memcpy(s->packet,buf,n); - s->s3->rbuf.left=n; - s->s3->rbuf.offset=0; - - if ((p[2] == SSL3_VERSION_MINOR) && - !(s->options & SSL_OP_NO_SSLv3)) - { - s->version=SSL3_VERSION; - s->method=SSLv3_client_method(); - } - else if ((p[2] == TLS1_VERSION_MINOR) && - !(s->options & SSL_OP_NO_TLSv1)) - { - s->version=TLS1_VERSION; - s->method=TLSv1_client_method(); - } - else - { - SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL); - goto err; - } - - s->handshake_func=s->method->ssl_connect; - } - else if ((p[0] == SSL3_RT_ALERT) && - (p[1] == SSL3_VERSION_MAJOR) && - ((p[2] == SSL3_VERSION_MINOR) || - (p[2] == TLS1_VERSION_MINOR)) && - (p[3] == 0) && - (p[4] == 2)) - { - void (*cb)()=NULL; - int j; - - /* An alert */ - if (s->info_callback != NULL) - cb=s->info_callback; - else if (s->ctx->info_callback != NULL) - cb=s->ctx->info_callback; - - i=p[5]; - if (cb != NULL) - { - j=(i<<8)|p[6]; - cb(s,SSL_CB_READ_ALERT,j); - } - - s->rwstate=SSL_NOTHING; - SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_AD_REASON_OFFSET+p[6]); - goto err; - } - else - { - SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNKNOWN_PROTOCOL); - goto err; - } - s->init_num=0; - - /* Since, if we are sending a ssl23 client hello, we are not - * reusing a session-id */ - if (!ssl_get_new_session(s,0)) - goto err; - - s->first_packet=1; - return(SSL_connect(s)); -err: - return(-1); - } - diff --git a/src/lib/libssl/s23_lib.c b/src/lib/libssl/s23_lib.c deleted file mode 100644 index dded7a19c5..0000000000 --- a/src/lib/libssl/s23_lib.c +++ /dev/null @@ -1,226 +0,0 @@ -/* ssl/s23_lib.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include "ssl_locl.h" - -static int ssl23_num_ciphers(void ); -static SSL_CIPHER *ssl23_get_cipher(unsigned int u); -static int ssl23_read(SSL *s, void *buf, int len); -static int ssl23_write(SSL *s, const void *buf, int len); -static long ssl23_default_timeout(void ); -static int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p); -static SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p); -const char *SSL23_version_str="SSLv2/3 compatibility" OPENSSL_VERSION_PTEXT; - -static SSL_METHOD SSLv23_data= { - TLS1_VERSION, - tls1_new, - tls1_clear, - tls1_free, - ssl_undefined_function, - ssl_undefined_function, - ssl23_read, - (int (*)(struct ssl_st *, char *, int))ssl_undefined_function, - ssl23_write, - ssl_undefined_function, - ssl_undefined_function, - ssl_ok, - ssl3_ctrl, - ssl3_ctx_ctrl, - ssl23_get_cipher_by_char, - ssl23_put_cipher_by_char, - ssl_undefined_function, - ssl23_num_ciphers, - ssl23_get_cipher, - ssl_bad_method, - ssl23_default_timeout, - &ssl3_undef_enc_method, - ssl_undefined_function, - ssl3_callback_ctrl, - ssl3_ctx_callback_ctrl, - }; - -static long ssl23_default_timeout(void) - { - return(300); - } - -SSL_METHOD *sslv23_base_method(void) - { - return(&SSLv23_data); - } - -static int ssl23_num_ciphers(void) - { - return(ssl3_num_ciphers() -#ifndef NO_SSL2 - + ssl2_num_ciphers() -#endif - ); - } - -static SSL_CIPHER *ssl23_get_cipher(unsigned int u) - { - unsigned int uu=ssl3_num_ciphers(); - - if (u < uu) - return(ssl3_get_cipher(u)); - else -#ifndef NO_SSL2 - return(ssl2_get_cipher(u-uu)); -#else - return(NULL); -#endif - } - -/* This function needs to check if the ciphers required are actually - * available */ -static SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p) - { - SSL_CIPHER c,*cp; - unsigned long id; - int n; - - n=ssl3_num_ciphers(); - id=0x03000000|((unsigned long)p[0]<<16L)| - ((unsigned long)p[1]<<8L)|(unsigned long)p[2]; - c.id=id; - cp=ssl3_get_cipher_by_char(p); -#ifndef NO_SSL2 - if (cp == NULL) - cp=ssl2_get_cipher_by_char(p); -#endif - return(cp); - } - -static int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p) - { - long l; - - /* We can write SSLv2 and SSLv3 ciphers */ - if (p != NULL) - { - l=c->id; - p[0]=((unsigned char)(l>>16L))&0xFF; - p[1]=((unsigned char)(l>> 8L))&0xFF; - p[2]=((unsigned char)(l ))&0xFF; - } - return(3); - } - -static int ssl23_read(SSL *s, void *buf, int len) - { - int n; - -#if 0 - if (s->shutdown & SSL_RECEIVED_SHUTDOWN) - { - s->rwstate=SSL_NOTHING; - return(0); - } -#endif - clear_sys_error(); - if (SSL_in_init(s) && (!s->in_handshake)) - { - n=s->handshake_func(s); - if (n < 0) return(n); - if (n == 0) - { - SSLerr(SSL_F_SSL23_READ,SSL_R_SSL_HANDSHAKE_FAILURE); - return(-1); - } - return(SSL_read(s,buf,len)); - } - else - { - ssl_undefined_function(s); - return(-1); - } - } - -static int ssl23_write(SSL *s, const void *buf, int len) - { - int n; - -#if 0 - if (s->shutdown & SSL_SENT_SHUTDOWN) - { - s->rwstate=SSL_NOTHING; - return(0); - } -#endif - clear_sys_error(); - if (SSL_in_init(s) && (!s->in_handshake)) - { - n=s->handshake_func(s); - if (n < 0) return(n); - if (n == 0) - { - SSLerr(SSL_F_SSL23_WRITE,SSL_R_SSL_HANDSHAKE_FAILURE); - return(-1); - } - return(SSL_write(s,buf,len)); - } - else - { - ssl_undefined_function(s); - return(-1); - } - } diff --git a/src/lib/libssl/s23_pkt.c b/src/lib/libssl/s23_pkt.c deleted file mode 100644 index f45e1ce3d8..0000000000 --- a/src/lib/libssl/s23_pkt.c +++ /dev/null @@ -1,117 +0,0 @@ -/* ssl/s23_pkt.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#define USE_SOCKETS -#include -#include -#include "ssl_locl.h" - -int ssl23_write_bytes(SSL *s) - { - int i,num,tot; - char *buf; - - buf=s->init_buf->data; - tot=s->init_off; - num=s->init_num; - for (;;) - { - s->rwstate=SSL_WRITING; - i=BIO_write(s->wbio,&(buf[tot]),num); - if (i <= 0) - { - s->init_off=tot; - s->init_num=num; - return(i); - } - s->rwstate=SSL_NOTHING; - if (i == num) return(tot+i); - - num-=i; - tot+=i; - } - } - -/* return regularly only when we have read (at least) 'n' bytes */ -int ssl23_read_bytes(SSL *s, int n) - { - unsigned char *p; - int j; - - if (s->packet_length < (unsigned int)n) - { - p=s->packet; - - for (;;) - { - s->rwstate=SSL_READING; - j=BIO_read(s->rbio,(char *)&(p[s->packet_length]), - n-s->packet_length); - if (j <= 0) - return(j); - s->rwstate=SSL_NOTHING; - s->packet_length+=j; - if (s->packet_length >= (unsigned int)n) - return(s->packet_length); - } - } - return(n); - } - diff --git a/src/lib/libssl/s23_srvr.c b/src/lib/libssl/s23_srvr.c deleted file mode 100644 index 050618235f..0000000000 --- a/src/lib/libssl/s23_srvr.c +++ /dev/null @@ -1,576 +0,0 @@ -/* ssl/s23_srvr.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include -#include -#include "ssl_locl.h" - -static SSL_METHOD *ssl23_get_server_method(int ver); -int ssl23_get_client_hello(SSL *s); -static SSL_METHOD *ssl23_get_server_method(int ver) - { -#ifndef NO_SSL2 - if (ver == SSL2_VERSION) - return(SSLv2_server_method()); -#endif - if (ver == SSL3_VERSION) - return(SSLv3_server_method()); - else if (ver == TLS1_VERSION) - return(TLSv1_server_method()); - else - return(NULL); - } - -SSL_METHOD *SSLv23_server_method(void) - { - static int init=1; - static SSL_METHOD SSLv23_server_data; - - if (init) - { - memcpy((char *)&SSLv23_server_data, - (char *)sslv23_base_method(),sizeof(SSL_METHOD)); - SSLv23_server_data.ssl_accept=ssl23_accept; - SSLv23_server_data.get_ssl_method=ssl23_get_server_method; - init=0; - } - return(&SSLv23_server_data); - } - -int ssl23_accept(SSL *s) - { - BUF_MEM *buf; - unsigned long Time=time(NULL); - void (*cb)()=NULL; - int ret= -1; - int new_state,state; - - RAND_add(&Time,sizeof(Time),0); - ERR_clear_error(); - clear_sys_error(); - - if (s->info_callback != NULL) - cb=s->info_callback; - else if (s->ctx->info_callback != NULL) - cb=s->ctx->info_callback; - - if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s); - s->in_handshake++; - - for (;;) - { - state=s->state; - - switch(s->state) - { - case SSL_ST_BEFORE: - case SSL_ST_ACCEPT: - case SSL_ST_BEFORE|SSL_ST_ACCEPT: - case SSL_ST_OK|SSL_ST_ACCEPT: - - s->server=1; - if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1); - - /* s->version=SSL3_VERSION; */ - s->type=SSL_ST_ACCEPT; - - if (s->init_buf == NULL) - { - if ((buf=BUF_MEM_new()) == NULL) - { - ret= -1; - goto end; - } - if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH)) - { - ret= -1; - goto end; - } - s->init_buf=buf; - } - - ssl3_init_finished_mac(s); - - s->state=SSL23_ST_SR_CLNT_HELLO_A; - s->ctx->stats.sess_accept++; - s->init_num=0; - break; - - case SSL23_ST_SR_CLNT_HELLO_A: - case SSL23_ST_SR_CLNT_HELLO_B: - - s->shutdown=0; - ret=ssl23_get_client_hello(s); - if (ret >= 0) cb=NULL; - goto end; - /* break; */ - - default: - SSLerr(SSL_F_SSL23_ACCEPT,SSL_R_UNKNOWN_STATE); - ret= -1; - goto end; - /* break; */ - } - - if ((cb != NULL) && (s->state != state)) - { - new_state=s->state; - s->state=state; - cb(s,SSL_CB_ACCEPT_LOOP,1); - s->state=new_state; - } - } -end: - if (cb != NULL) - cb(s,SSL_CB_ACCEPT_EXIT,ret); - s->in_handshake--; - return(ret); - } - - -int ssl23_get_client_hello(SSL *s) - { - char buf_space[11]; /* Request this many bytes in initial read. - * We can detect SSL 3.0/TLS 1.0 Client Hellos - * ('type == 3') correctly only when the following - * is in a single record, which is not guaranteed by - * the protocol specification: - * Byte Content - * 0 type \ - * 1/2 version > record header - * 3/4 length / - * 5 msg_type \ - * 6-8 length > Client Hello message - * 9/10 client_version / - */ - char *buf= &(buf_space[0]); - unsigned char *p,*d,*dd; - unsigned int i; - unsigned int csl,sil,cl; - int n=0,j; - int type=0; - int v[2]; -#ifndef NO_RSA - int use_sslv2_strong=0; -#endif - - if (s->state == SSL23_ST_SR_CLNT_HELLO_A) - { - /* read the initial header */ - v[0]=v[1]=0; - - if (!ssl3_setup_buffers(s)) goto err; - - n=ssl23_read_bytes(s, sizeof buf_space); - if (n != sizeof buf_space) return(n); /* n == -1 || n == 0 */ - - p=s->packet; - - memcpy(buf,p,n); - - if ((p[0] & 0x80) && (p[2] == SSL2_MT_CLIENT_HELLO)) - { - /* - * SSLv2 header - */ - if ((p[3] == 0x00) && (p[4] == 0x02)) - { - v[0]=p[3]; v[1]=p[4]; - /* SSLv2 */ - if (!(s->options & SSL_OP_NO_SSLv2)) - type=1; - } - else if (p[3] == SSL3_VERSION_MAJOR) - { - v[0]=p[3]; v[1]=p[4]; - /* SSLv3/TLSv1 */ - if (p[4] >= TLS1_VERSION_MINOR) - { - if (!(s->options & SSL_OP_NO_TLSv1)) - { - s->version=TLS1_VERSION; - /* type=2; */ /* done later to survive restarts */ - s->state=SSL23_ST_SR_CLNT_HELLO_B; - } - else if (!(s->options & SSL_OP_NO_SSLv3)) - { - s->version=SSL3_VERSION; - /* type=2; */ - s->state=SSL23_ST_SR_CLNT_HELLO_B; - } - else if (!(s->options & SSL_OP_NO_SSLv2)) - { - type=1; - } - } - else if (!(s->options & SSL_OP_NO_SSLv3)) - { - s->version=SSL3_VERSION; - /* type=2; */ - s->state=SSL23_ST_SR_CLNT_HELLO_B; - } - else if (!(s->options & SSL_OP_NO_SSLv2)) - type=1; - - if (s->options & SSL_OP_NON_EXPORT_FIRST) - /* Not only utterly confusing, but broken - * ('fractured programming'?) -- the details - * of this block nearly make it work - * as intended in this environment, but on one - * of the fine points (w.r.t. restarts) it fails. - * The obvious fix would be even more devastating - * to program structure; if you want the functionality, - * throw this away and implement it in a way - * that makes sense */ - { -#if 0 - STACK_OF(SSL_CIPHER) *sk; - SSL_CIPHER *c; - int ne2,ne3; - - j=((p[0]&0x7f)<<8)|p[1]; - if (j > (1024*4)) - { - SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_LARGE); - goto err; - } - - n=ssl23_read_bytes(s,j+2); - if (n <= 0) return(n); - p=s->packet; - - if ((buf=OPENSSL_malloc(n)) == NULL) - { - SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,ERR_R_MALLOC_FAILURE); - goto err; - } - memcpy(buf,p,n); - - p+=5; - n2s(p,csl); - p+=4; - - sk=ssl_bytes_to_cipher_list( - s,p,csl,NULL); - if (sk != NULL) - { - ne2=ne3=0; - for (j=0; jid>>24L) == 2L) - ne2=1; - else - ne3=1; - } - } - if (ne2 && !ne3) - { - type=1; - use_sslv2_strong=1; - goto next_bit; - } - } -#else - SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNSUPPORTED_OPTION); - goto err; -#endif - } - } - } - else if ((p[0] == SSL3_RT_HANDSHAKE) && - (p[1] == SSL3_VERSION_MAJOR) && - (p[5] == SSL3_MT_CLIENT_HELLO) && - ((p[3] == 0 && p[4] < 5 /* silly record length? */) - || (p[9] == p[1]))) - { - /* - * SSLv3 or tls1 header - */ - - v[0]=p[1]; /* major version (= SSL3_VERSION_MAJOR) */ - /* We must look at client_version inside the Client Hello message - * to get the correct minor version. - * However if we have only a pathologically small fragment of the - * Client Hello message, this would be difficult, we'd have - * to read at least one additional record to find out. - * This doesn't usually happen in real life, so we just complain - * for now. - */ - if (p[3] == 0 && p[4] < 6) - { - SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_SMALL); - goto err; - } - v[1]=p[10]; /* minor version according to client_version */ - if (v[1] >= TLS1_VERSION_MINOR) - { - if (!(s->options & SSL_OP_NO_TLSv1)) - { - s->version=TLS1_VERSION; - type=3; - } - else if (!(s->options & SSL_OP_NO_SSLv3)) - { - s->version=SSL3_VERSION; - type=3; - } - } - else if (!(s->options & SSL_OP_NO_SSLv3)) - { - s->version=SSL3_VERSION; - type=3; - } - } - else if ((strncmp("GET ", (char *)p,4) == 0) || - (strncmp("POST ",(char *)p,5) == 0) || - (strncmp("HEAD ",(char *)p,5) == 0) || - (strncmp("PUT ", (char *)p,4) == 0)) - { - SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_HTTP_REQUEST); - goto err; - } - else if (strncmp("CONNECT",(char *)p,7) == 0) - { - SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_HTTPS_PROXY_REQUEST); - goto err; - } - } - - if (s->state == SSL23_ST_SR_CLNT_HELLO_B) - { - /* we have SSLv3/TLSv1 in an SSLv2 header - * (other cases skip this state) */ - - type=2; - p=s->packet; - v[0] = p[3]; /* == SSL3_VERSION_MAJOR */ - v[1] = p[4]; - - n=((p[0]&0x7f)<<8)|p[1]; - if (n > (1024*4)) - { - SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_LARGE); - goto err; - } - - j=ssl23_read_bytes(s,n+2); - if (j <= 0) return(j); - - ssl3_finish_mac(s,&(s->packet[2]),s->packet_length-2); - - p=s->packet; - p+=5; - n2s(p,csl); - n2s(p,sil); - n2s(p,cl); - d=(unsigned char *)s->init_buf->data; - if ((csl+sil+cl+11) != s->packet_length) - { - SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_LENGTH_MISMATCH); - goto err; - } - - *(d++) = SSL3_VERSION_MAJOR; /* == v[0] */ - *(d++) = v[1]; - - /* lets populate the random area */ - /* get the challenge_length */ - i=(cl > SSL3_RANDOM_SIZE)?SSL3_RANDOM_SIZE:cl; - memset(d,0,SSL3_RANDOM_SIZE); - memcpy(&(d[SSL3_RANDOM_SIZE-i]),&(p[csl+sil]),i); - d+=SSL3_RANDOM_SIZE; - - /* no session-id reuse */ - *(d++)=0; - - /* ciphers */ - j=0; - dd=d; - d+=2; - for (i=0; iinit_buf->data); - - /* get the data reused from the init_buf */ - s->s3->tmp.reuse_message=1; - s->s3->tmp.message_type=SSL3_MT_CLIENT_HELLO; - s->s3->tmp.message_size=i; - } - - /* imaginary new state (for program structure): */ - /* s->state = SSL23_SR_CLNT_HELLO_C */ - - if (type == 1) - { -#ifdef NO_SSL2 - SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNSUPPORTED_PROTOCOL); - goto err; -#else - /* we are talking sslv2 */ - /* we need to clean up the SSLv3/TLSv1 setup and put in the - * sslv2 stuff. */ - - if (s->s2 == NULL) - { - if (!ssl2_new(s)) - goto err; - } - else - ssl2_clear(s); - - if (s->s3 != NULL) ssl3_free(s); - - if (!BUF_MEM_grow(s->init_buf, - SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER)) - { - goto err; - } - - s->state=SSL2_ST_GET_CLIENT_HELLO_A; - if ((s->options & SSL_OP_MSIE_SSLV2_RSA_PADDING) || - use_sslv2_strong || - (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3)) - s->s2->ssl2_rollback=0; - else - /* reject SSL 2.0 session if client supports SSL 3.0 or TLS 1.0 - * (SSL 3.0 draft/RFC 2246, App. E.2) */ - s->s2->ssl2_rollback=1; - - /* setup the n bytes we have read so we get them from - * the sslv2 buffer */ - s->rstate=SSL_ST_READ_HEADER; - s->packet_length=n; - s->packet= &(s->s2->rbuf[0]); - memcpy(s->packet,buf,n); - s->s2->rbuf_left=n; - s->s2->rbuf_offs=0; - - s->method=SSLv2_server_method(); - s->handshake_func=s->method->ssl_accept; -#endif - } - - if ((type == 2) || (type == 3)) - { - /* we have SSLv3/TLSv1 (type 2: SSL2 style, type 3: SSL3/TLS style) */ - - if (!ssl_init_wbio_buffer(s,1)) goto err; - - /* we are in this state */ - s->state=SSL3_ST_SR_CLNT_HELLO_A; - - if (type == 3) - { - /* put the 'n' bytes we have read into the input buffer - * for SSLv3 */ - s->rstate=SSL_ST_READ_HEADER; - s->packet_length=n; - s->packet= &(s->s3->rbuf.buf[0]); - memcpy(s->packet,buf,n); - s->s3->rbuf.left=n; - s->s3->rbuf.offset=0; - } - else - { - s->packet_length=0; - s->s3->rbuf.left=0; - s->s3->rbuf.offset=0; - } - - if (s->version == TLS1_VERSION) - s->method = TLSv1_server_method(); - else - s->method = SSLv3_server_method(); -#if 0 /* ssl3_get_client_hello does this */ - s->client_version=(v[0]<<8)|v[1]; -#endif - s->handshake_func=s->method->ssl_accept; - } - - if ((type < 1) || (type > 3)) - { - /* bad, very bad */ - SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNKNOWN_PROTOCOL); - goto err; - } - s->init_num=0; - - if (buf != buf_space) OPENSSL_free(buf); - s->first_packet=1; - return(SSL_accept(s)); -err: - if (buf != buf_space) OPENSSL_free(buf); - return(-1); - } diff --git a/src/lib/libssl/s3_both.c b/src/lib/libssl/s3_both.c deleted file mode 100644 index d92c164b0f..0000000000 --- a/src/lib/libssl/s3_both.c +++ /dev/null @@ -1,588 +0,0 @@ -/* ssl/s3_both.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#include -#include -#include -#include -#include -#include "ssl_locl.h" - -/* send s->init_buf in records of type 'type' */ -int ssl3_do_write(SSL *s, int type) - { - int ret; - - ret=ssl3_write_bytes(s,type,&s->init_buf->data[s->init_off], - s->init_num); - if (ret < 0) return(-1); - if (type == SSL3_RT_HANDSHAKE) - /* should not be done for 'Hello Request's, but in that case - * we'll ignore the result anyway */ - ssl3_finish_mac(s,(unsigned char *)&s->init_buf->data[s->init_off],ret); - - if (ret == s->init_num) - return(1); - s->init_off+=ret; - s->init_num-=ret; - return(0); - } - -int ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen) - { - unsigned char *p,*d; - int i; - unsigned long l; - - if (s->state == a) - { - d=(unsigned char *)s->init_buf->data; - p= &(d[4]); - - i=s->method->ssl3_enc->final_finish_mac(s, - &(s->s3->finish_dgst1), - &(s->s3->finish_dgst2), - sender,slen,s->s3->tmp.finish_md); - s->s3->tmp.finish_md_len = i; - memcpy(p, s->s3->tmp.finish_md, i); - p+=i; - l=i; - -#ifdef WIN16 - /* MSVC 1.5 does not clear the top bytes of the word unless - * I do this. - */ - l&=0xffff; -#endif - - *(d++)=SSL3_MT_FINISHED; - l2n3(l,d); - s->init_num=(int)l+4; - s->init_off=0; - - s->state=b; - } - - /* SSL3_ST_SEND_xxxxxx_HELLO_B */ - return(ssl3_do_write(s,SSL3_RT_HANDSHAKE)); - } - -int ssl3_get_finished(SSL *s, int a, int b) - { - int al,i,ok; - long n; - unsigned char *p; - - /* the mac has already been generated when we received the - * change cipher spec message and is in s->s3->tmp.peer_finish_md - */ - - n=ssl3_get_message(s, - a, - b, - SSL3_MT_FINISHED, - 64, /* should actually be 36+4 :-) */ - &ok); - - if (!ok) return((int)n); - - /* If this occurs, we have missed a message */ - if (!s->s3->change_cipher_spec) - { - al=SSL_AD_UNEXPECTED_MESSAGE; - SSLerr(SSL_F_SSL3_GET_FINISHED,SSL_R_GOT_A_FIN_BEFORE_A_CCS); - goto f_err; - } - s->s3->change_cipher_spec=0; - - p = (unsigned char *)s->init_buf->data; - i = s->s3->tmp.peer_finish_md_len; - - if (i != n) - { - al=SSL_AD_DECODE_ERROR; - SSLerr(SSL_F_SSL3_GET_FINISHED,SSL_R_BAD_DIGEST_LENGTH); - goto f_err; - } - - if (memcmp(p, s->s3->tmp.peer_finish_md, i) != 0) - { - al=SSL_AD_DECRYPT_ERROR; - SSLerr(SSL_F_SSL3_GET_FINISHED,SSL_R_DIGEST_CHECK_FAILED); - goto f_err; - } - - return(1); -f_err: - ssl3_send_alert(s,SSL3_AL_FATAL,al); - return(0); - } - -/* for these 2 messages, we need to - * ssl->enc_read_ctx re-init - * ssl->s3->read_sequence zero - * ssl->s3->read_mac_secret re-init - * ssl->session->read_sym_enc assign - * ssl->session->read_compression assign - * ssl->session->read_hash assign - */ -int ssl3_send_change_cipher_spec(SSL *s, int a, int b) - { - unsigned char *p; - - if (s->state == a) - { - p=(unsigned char *)s->init_buf->data; - *p=SSL3_MT_CCS; - s->init_num=1; - s->init_off=0; - - s->state=b; - } - - /* SSL3_ST_CW_CHANGE_B */ - return(ssl3_do_write(s,SSL3_RT_CHANGE_CIPHER_SPEC)); - } - -unsigned long ssl3_output_cert_chain(SSL *s, X509 *x) - { - unsigned char *p; - int n,i; - unsigned long l=7; - BUF_MEM *buf; - X509_STORE_CTX xs_ctx; - X509_OBJECT obj; - - /* TLSv1 sends a chain with nothing in it, instead of an alert */ - buf=s->init_buf; - if (!BUF_MEM_grow(buf,(int)(10))) - { - SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB); - return(0); - } - if (x != NULL) - { - X509_STORE_CTX_init(&xs_ctx,s->ctx->cert_store,NULL,NULL); - - for (;;) - { - n=i2d_X509(x,NULL); - if (!BUF_MEM_grow(buf,(int)(n+l+3))) - { - SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB); - return(0); - } - p=(unsigned char *)&(buf->data[l]); - l2n3(n,p); - i2d_X509(x,&p); - l+=n+3; - if (X509_NAME_cmp(X509_get_subject_name(x), - X509_get_issuer_name(x)) == 0) break; - - i=X509_STORE_get_by_subject(&xs_ctx,X509_LU_X509, - X509_get_issuer_name(x),&obj); - if (i <= 0) break; - x=obj.data.x509; - /* Count is one too high since the X509_STORE_get uped the - * ref count */ - X509_free(x); - } - - X509_STORE_CTX_cleanup(&xs_ctx); - } - - /* Thawte special :-) */ - if (s->ctx->extra_certs != NULL) - for (i=0; ictx->extra_certs); i++) - { - x=sk_X509_value(s->ctx->extra_certs,i); - n=i2d_X509(x,NULL); - if (!BUF_MEM_grow(buf,(int)(n+l+3))) - { - SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB); - return(0); - } - p=(unsigned char *)&(buf->data[l]); - l2n3(n,p); - i2d_X509(x,&p); - l+=n+3; - } - - l-=7; - p=(unsigned char *)&(buf->data[4]); - l2n3(l,p); - l+=3; - p=(unsigned char *)&(buf->data[0]); - *(p++)=SSL3_MT_CERTIFICATE; - l2n3(l,p); - l+=4; - return(l); - } - -/* Obtain handshake message of message type 'mt' (any if mt == -1), - * maximum acceptable body length 'max'. - * The first four bytes (msg_type and length) are read in state 'st1', - * the body is read in state 'stn'. - */ -long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok) - { - unsigned char *p; - unsigned long l; - long n; - int i,al; - - if (s->s3->tmp.reuse_message) - { - s->s3->tmp.reuse_message=0; - if ((mt >= 0) && (s->s3->tmp.message_type != mt)) - { - al=SSL_AD_UNEXPECTED_MESSAGE; - SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_UNEXPECTED_MESSAGE); - goto f_err; - } - *ok=1; - return((int)s->s3->tmp.message_size); - } - - p=(unsigned char *)s->init_buf->data; - - if (s->state == st1) /* s->init_num < 4 */ - { - int skip_message; - - do - { - while (s->init_num < 4) - { - i=ssl3_read_bytes(s,SSL3_RT_HANDSHAKE,&p[s->init_num], - 4 - s->init_num); - if (i <= 0) - { - s->rwstate=SSL_READING; - *ok = 0; - return i; - } - s->init_num+=i; - } - - skip_message = 0; - if (!s->server) - if (p[0] == SSL3_MT_HELLO_REQUEST) - /* The server may always send 'Hello Request' messages -- - * we are doing a handshake anyway now, so ignore them - * if their format is correct. Does not count for - * 'Finished' MAC. */ - if (p[1] == 0 && p[2] == 0 &&p[3] == 0) - skip_message = 1; - } - while (skip_message); - - /* s->init_num == 4 */ - - if ((mt >= 0) && (*p != mt)) - { - al=SSL_AD_UNEXPECTED_MESSAGE; - SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_UNEXPECTED_MESSAGE); - goto f_err; - } - if ((mt < 0) && (*p == SSL3_MT_CLIENT_HELLO) && - (st1 == SSL3_ST_SR_CERT_A) && - (stn == SSL3_ST_SR_CERT_B)) - { - /* At this point we have got an MS SGC second client - * hello (maybe we should always allow the client to - * start a new handshake?). We need to restart the mac. - * Don't increment {num,total}_renegotiations because - * we have not completed the handshake. */ - ssl3_init_finished_mac(s); - } - - ssl3_finish_mac(s, (unsigned char *)s->init_buf->data, 4); - - s->s3->tmp.message_type= *(p++); - - n2l3(p,l); - if (l > (unsigned long)max) - { - al=SSL_AD_ILLEGAL_PARAMETER; - SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_EXCESSIVE_MESSAGE_SIZE); - goto f_err; - } - if (l && !BUF_MEM_grow(s->init_buf,(int)l)) - { - SSLerr(SSL_F_SSL3_GET_MESSAGE,ERR_R_BUF_LIB); - goto err; - } - s->s3->tmp.message_size=l; - s->state=stn; - - s->init_num=0; - } - - /* next state (stn) */ - p=(unsigned char *)s->init_buf->data; - n=s->s3->tmp.message_size; - while (n > 0) - { - i=ssl3_read_bytes(s,SSL3_RT_HANDSHAKE,&p[s->init_num],n); - if (i <= 0) - { - s->rwstate=SSL_READING; - *ok = 0; - return i; - } - s->init_num += i; - n -= i; - } - ssl3_finish_mac(s, (unsigned char *)s->init_buf->data, s->init_num); - *ok=1; - return s->init_num; -f_err: - ssl3_send_alert(s,SSL3_AL_FATAL,al); -err: - *ok=0; - return(-1); - } - -int ssl_cert_type(X509 *x, EVP_PKEY *pkey) - { - EVP_PKEY *pk; - int ret= -1,i,j; - - if (pkey == NULL) - pk=X509_get_pubkey(x); - else - pk=pkey; - if (pk == NULL) goto err; - - i=pk->type; - if (i == EVP_PKEY_RSA) - { - ret=SSL_PKEY_RSA_ENC; - if (x != NULL) - { - j=X509_get_ext_count(x); - /* check to see if this is a signing only certificate */ - /* EAY EAY EAY EAY */ - } - } - else if (i == EVP_PKEY_DSA) - { - ret=SSL_PKEY_DSA_SIGN; - } - else if (i == EVP_PKEY_DH) - { - /* if we just have a key, we needs to be guess */ - - if (x == NULL) - ret=SSL_PKEY_DH_DSA; - else - { - j=X509_get_signature_type(x); - if (j == EVP_PKEY_RSA) - ret=SSL_PKEY_DH_RSA; - else if (j== EVP_PKEY_DSA) - ret=SSL_PKEY_DH_DSA; - else ret= -1; - } - } - else - ret= -1; - -err: - if(!pkey) EVP_PKEY_free(pk); - return(ret); - } - -int ssl_verify_alarm_type(long type) - { - int al; - - switch(type) - { - case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: - case X509_V_ERR_UNABLE_TO_GET_CRL: - al=SSL_AD_UNKNOWN_CA; - break; - case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: - case X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE: - case X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY: - case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: - case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: - case X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD: - case X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD: - case X509_V_ERR_CERT_NOT_YET_VALID: - case X509_V_ERR_CRL_NOT_YET_VALID: - al=SSL_AD_BAD_CERTIFICATE; - break; - case X509_V_ERR_CERT_SIGNATURE_FAILURE: - case X509_V_ERR_CRL_SIGNATURE_FAILURE: - al=SSL_AD_DECRYPT_ERROR; - break; - case X509_V_ERR_CERT_HAS_EXPIRED: - case X509_V_ERR_CRL_HAS_EXPIRED: - al=SSL_AD_CERTIFICATE_EXPIRED; - break; - case X509_V_ERR_CERT_REVOKED: - al=SSL_AD_CERTIFICATE_REVOKED; - break; - case X509_V_ERR_OUT_OF_MEM: - al=SSL_AD_INTERNAL_ERROR; - break; - case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: - case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: - case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: - case X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: - case X509_V_ERR_CERT_CHAIN_TOO_LONG: - al=SSL_AD_UNKNOWN_CA; - break; - case X509_V_ERR_APPLICATION_VERIFICATION: - al=SSL_AD_HANDSHAKE_FAILURE; - break; - default: - al=SSL_AD_CERTIFICATE_UNKNOWN; - break; - } - return(al); - } - -int ssl3_setup_buffers(SSL *s) - { - unsigned char *p; - unsigned int extra; - - if (s->s3->rbuf.buf == NULL) - { - if (s->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER) - extra=SSL3_RT_MAX_EXTRA; - else - extra=0; - if ((p=OPENSSL_malloc(SSL3_RT_MAX_PACKET_SIZE+extra)) - == NULL) - goto err; - s->s3->rbuf.buf=p; - } - - if (s->s3->wbuf.buf == NULL) - { - if ((p=OPENSSL_malloc(SSL3_RT_MAX_PACKET_SIZE)) - == NULL) - goto err; - s->s3->wbuf.buf=p; - } - s->packet= &(s->s3->rbuf.buf[0]); - return(1); -err: - SSLerr(SSL_F_SSL3_SETUP_BUFFERS,ERR_R_MALLOC_FAILURE); - return(0); - } diff --git a/src/lib/libssl/s3_clnt.c b/src/lib/libssl/s3_clnt.c deleted file mode 100644 index 62040f9f1d..0000000000 --- a/src/lib/libssl/s3_clnt.c +++ /dev/null @@ -1,1740 +0,0 @@ -/* ssl/s3_clnt.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include -#include -#include -#include -#include "ssl_locl.h" - -static SSL_METHOD *ssl3_get_client_method(int ver); -static int ssl3_client_hello(SSL *s); -static int ssl3_get_server_hello(SSL *s); -static int ssl3_get_certificate_request(SSL *s); -static int ca_dn_cmp(const X509_NAME * const *a,const X509_NAME * const *b); -static int ssl3_get_server_done(SSL *s); -static int ssl3_send_client_verify(SSL *s); -static int ssl3_send_client_certificate(SSL *s); -static int ssl3_send_client_key_exchange(SSL *s); -static int ssl3_get_key_exchange(SSL *s); -static int ssl3_get_server_certificate(SSL *s); -static int ssl3_check_cert_and_algorithm(SSL *s); -static SSL_METHOD *ssl3_get_client_method(int ver) - { - if (ver == SSL3_VERSION) - return(SSLv3_client_method()); - else - return(NULL); - } - -SSL_METHOD *SSLv3_client_method(void) - { - static int init=1; - static SSL_METHOD SSLv3_client_data; - - if (init) - { - init=0; - memcpy((char *)&SSLv3_client_data,(char *)sslv3_base_method(), - sizeof(SSL_METHOD)); - SSLv3_client_data.ssl_connect=ssl3_connect; - SSLv3_client_data.get_ssl_method=ssl3_get_client_method; - } - return(&SSLv3_client_data); - } - -int ssl3_connect(SSL *s) - { - BUF_MEM *buf; - unsigned long Time=time(NULL),l; - long num1; - void (*cb)()=NULL; - int ret= -1; - int new_state,state,skip=0;; - - RAND_add(&Time,sizeof(Time),0); - ERR_clear_error(); - clear_sys_error(); - - if (s->info_callback != NULL) - cb=s->info_callback; - else if (s->ctx->info_callback != NULL) - cb=s->ctx->info_callback; - - if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s); - s->in_handshake++; - - for (;;) - { - state=s->state; - - switch(s->state) - { - case SSL_ST_RENEGOTIATE: - s->new_session=1; - s->state=SSL_ST_CONNECT; - s->ctx->stats.sess_connect_renegotiate++; - /* break */ - case SSL_ST_BEFORE: - case SSL_ST_CONNECT: - case SSL_ST_BEFORE|SSL_ST_CONNECT: - case SSL_ST_OK|SSL_ST_CONNECT: - - s->server=0; - if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1); - - if ((s->version & 0xff00 ) != 0x0300) - { - SSLerr(SSL_F_SSL3_CONNECT, SSL_R_INTERNAL_ERROR); - ret = -1; - goto end; - } - - /* s->version=SSL3_VERSION; */ - s->type=SSL_ST_CONNECT; - - if (s->init_buf == NULL) - { - if ((buf=BUF_MEM_new()) == NULL) - { - ret= -1; - goto end; - } - if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH)) - { - ret= -1; - goto end; - } - s->init_buf=buf; - } - - if (!ssl3_setup_buffers(s)) { ret= -1; goto end; } - - /* setup buffing BIO */ - if (!ssl_init_wbio_buffer(s,0)) { ret= -1; goto end; } - - /* don't push the buffering BIO quite yet */ - - ssl3_init_finished_mac(s); - - s->state=SSL3_ST_CW_CLNT_HELLO_A; - s->ctx->stats.sess_connect++; - s->init_num=0; - break; - - case SSL3_ST_CW_CLNT_HELLO_A: - case SSL3_ST_CW_CLNT_HELLO_B: - - s->shutdown=0; - ret=ssl3_client_hello(s); - if (ret <= 0) goto end; - s->state=SSL3_ST_CR_SRVR_HELLO_A; - s->init_num=0; - - /* turn on buffering for the next lot of output */ - if (s->bbio != s->wbio) - s->wbio=BIO_push(s->bbio,s->wbio); - - break; - - case SSL3_ST_CR_SRVR_HELLO_A: - case SSL3_ST_CR_SRVR_HELLO_B: - ret=ssl3_get_server_hello(s); - if (ret <= 0) goto end; - if (s->hit) - s->state=SSL3_ST_CR_FINISHED_A; - else - s->state=SSL3_ST_CR_CERT_A; - s->init_num=0; - break; - - case SSL3_ST_CR_CERT_A: - case SSL3_ST_CR_CERT_B: - /* Check if it is anon DH */ - if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL)) - { - ret=ssl3_get_server_certificate(s); - if (ret <= 0) goto end; - } - else - skip=1; - s->state=SSL3_ST_CR_KEY_EXCH_A; - s->init_num=0; - break; - - case SSL3_ST_CR_KEY_EXCH_A: - case SSL3_ST_CR_KEY_EXCH_B: - ret=ssl3_get_key_exchange(s); - if (ret <= 0) goto end; - s->state=SSL3_ST_CR_CERT_REQ_A; - s->init_num=0; - - /* at this point we check that we have the - * required stuff from the server */ - if (!ssl3_check_cert_and_algorithm(s)) - { - ret= -1; - goto end; - } - break; - - case SSL3_ST_CR_CERT_REQ_A: - case SSL3_ST_CR_CERT_REQ_B: - ret=ssl3_get_certificate_request(s); - if (ret <= 0) goto end; - s->state=SSL3_ST_CR_SRVR_DONE_A; - s->init_num=0; - break; - - case SSL3_ST_CR_SRVR_DONE_A: - case SSL3_ST_CR_SRVR_DONE_B: - ret=ssl3_get_server_done(s); - if (ret <= 0) goto end; - if (s->s3->tmp.cert_req) - s->state=SSL3_ST_CW_CERT_A; - else - s->state=SSL3_ST_CW_KEY_EXCH_A; - s->init_num=0; - - break; - - case SSL3_ST_CW_CERT_A: - case SSL3_ST_CW_CERT_B: - case SSL3_ST_CW_CERT_C: - case SSL3_ST_CW_CERT_D: - ret=ssl3_send_client_certificate(s); - if (ret <= 0) goto end; - s->state=SSL3_ST_CW_KEY_EXCH_A; - s->init_num=0; - break; - - case SSL3_ST_CW_KEY_EXCH_A: - case SSL3_ST_CW_KEY_EXCH_B: - ret=ssl3_send_client_key_exchange(s); - if (ret <= 0) goto end; - l=s->s3->tmp.new_cipher->algorithms; - /* EAY EAY EAY need to check for DH fix cert - * sent back */ - /* For TLS, cert_req is set to 2, so a cert chain - * of nothing is sent, but no verify packet is sent */ - if (s->s3->tmp.cert_req == 1) - { - s->state=SSL3_ST_CW_CERT_VRFY_A; - } - else - { - s->state=SSL3_ST_CW_CHANGE_A; - s->s3->change_cipher_spec=0; - } - - s->init_num=0; - break; - - case SSL3_ST_CW_CERT_VRFY_A: - case SSL3_ST_CW_CERT_VRFY_B: - ret=ssl3_send_client_verify(s); - if (ret <= 0) goto end; - s->state=SSL3_ST_CW_CHANGE_A; - s->init_num=0; - s->s3->change_cipher_spec=0; - break; - - case SSL3_ST_CW_CHANGE_A: - case SSL3_ST_CW_CHANGE_B: - ret=ssl3_send_change_cipher_spec(s, - SSL3_ST_CW_CHANGE_A,SSL3_ST_CW_CHANGE_B); - if (ret <= 0) goto end; - s->state=SSL3_ST_CW_FINISHED_A; - s->init_num=0; - - s->session->cipher=s->s3->tmp.new_cipher; - if (s->s3->tmp.new_compression == NULL) - s->session->compress_meth=0; - else - s->session->compress_meth= - s->s3->tmp.new_compression->id; - if (!s->method->ssl3_enc->setup_key_block(s)) - { - ret= -1; - goto end; - } - - if (!s->method->ssl3_enc->change_cipher_state(s, - SSL3_CHANGE_CIPHER_CLIENT_WRITE)) - { - ret= -1; - goto end; - } - - break; - - case SSL3_ST_CW_FINISHED_A: - case SSL3_ST_CW_FINISHED_B: - ret=ssl3_send_finished(s, - SSL3_ST_CW_FINISHED_A,SSL3_ST_CW_FINISHED_B, - s->method->ssl3_enc->client_finished_label, - s->method->ssl3_enc->client_finished_label_len); - if (ret <= 0) goto end; - s->state=SSL3_ST_CW_FLUSH; - - /* clear flags */ - s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER; - if (s->hit) - { - s->s3->tmp.next_state=SSL_ST_OK; - if (s->s3->flags & SSL3_FLAGS_DELAY_CLIENT_FINISHED) - { - s->state=SSL_ST_OK; - s->s3->flags|=SSL3_FLAGS_POP_BUFFER; - s->s3->delay_buf_pop_ret=0; - } - } - else - { - s->s3->tmp.next_state=SSL3_ST_CR_FINISHED_A; - } - s->init_num=0; - break; - - case SSL3_ST_CR_FINISHED_A: - case SSL3_ST_CR_FINISHED_B: - - ret=ssl3_get_finished(s,SSL3_ST_CR_FINISHED_A, - SSL3_ST_CR_FINISHED_B); - if (ret <= 0) goto end; - - if (s->hit) - s->state=SSL3_ST_CW_CHANGE_A; - else - s->state=SSL_ST_OK; - s->init_num=0; - break; - - case SSL3_ST_CW_FLUSH: - /* number of bytes to be flushed */ - num1=BIO_ctrl(s->wbio,BIO_CTRL_INFO,0,NULL); - if (num1 > 0) - { - s->rwstate=SSL_WRITING; - num1=BIO_flush(s->wbio); - if (num1 <= 0) { ret= -1; goto end; } - s->rwstate=SSL_NOTHING; - } - - s->state=s->s3->tmp.next_state; - break; - - case SSL_ST_OK: - /* clean a few things up */ - ssl3_cleanup_key_block(s); - - if (s->init_buf != NULL) - { - BUF_MEM_free(s->init_buf); - s->init_buf=NULL; - } - - /* If we are not 'joining' the last two packets, - * remove the buffering now */ - if (!(s->s3->flags & SSL3_FLAGS_POP_BUFFER)) - ssl_free_wbio_buffer(s); - /* else do it later in ssl3_write */ - - s->init_num=0; - s->new_session=0; - - ssl_update_cache(s,SSL_SESS_CACHE_CLIENT); - if (s->hit) s->ctx->stats.sess_hit++; - - ret=1; - /* s->server=0; */ - s->handshake_func=ssl3_connect; - s->ctx->stats.sess_connect_good++; - - if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1); - - goto end; - /* break; */ - - default: - SSLerr(SSL_F_SSL3_CONNECT,SSL_R_UNKNOWN_STATE); - ret= -1; - goto end; - /* break; */ - } - - /* did we do anything */ - if (!s->s3->tmp.reuse_message && !skip) - { - if (s->debug) - { - if ((ret=BIO_flush(s->wbio)) <= 0) - goto end; - } - - if ((cb != NULL) && (s->state != state)) - { - new_state=s->state; - s->state=state; - cb(s,SSL_CB_CONNECT_LOOP,1); - s->state=new_state; - } - } - skip=0; - } -end: - if (cb != NULL) - cb(s,SSL_CB_CONNECT_EXIT,ret); - s->in_handshake--; - return(ret); - } - - -static int ssl3_client_hello(SSL *s) - { - unsigned char *buf; - unsigned char *p,*d; - int i,j; - unsigned long Time,l; - SSL_COMP *comp; - - buf=(unsigned char *)s->init_buf->data; - if (s->state == SSL3_ST_CW_CLNT_HELLO_A) - { - if ((s->session == NULL) || - (s->session->ssl_version != s->version) || - (s->session->not_resumable)) - { - if (!ssl_get_new_session(s,0)) - goto err; - } - /* else use the pre-loaded session */ - - p=s->s3->client_random; - Time=time(NULL); /* Time */ - l2n(Time,p); - RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-sizeof(Time)); - - /* Do the message type and length last */ - d=p= &(buf[4]); - - *(p++)=s->version>>8; - *(p++)=s->version&0xff; - s->client_version=s->version; - - /* Random stuff */ - memcpy(p,s->s3->client_random,SSL3_RANDOM_SIZE); - p+=SSL3_RANDOM_SIZE; - - /* Session ID */ - if (s->new_session) - i=0; - else - i=s->session->session_id_length; - *(p++)=i; - if (i != 0) - { - memcpy(p,s->session->session_id,i); - p+=i; - } - - /* Ciphers supported */ - i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),&(p[2])); - if (i == 0) - { - SSLerr(SSL_F_SSL3_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE); - goto err; - } - s2n(i,p); - p+=i; - - /* COMPRESSION */ - if (s->ctx->comp_methods == NULL) - j=0; - else - j=sk_SSL_COMP_num(s->ctx->comp_methods); - *(p++)=1+j; - for (i=0; ictx->comp_methods,i); - *(p++)=comp->id; - } - *(p++)=0; /* Add the NULL method */ - - l=(p-d); - d=buf; - *(d++)=SSL3_MT_CLIENT_HELLO; - l2n3(l,d); - - s->state=SSL3_ST_CW_CLNT_HELLO_B; - /* number of bytes to write */ - s->init_num=p-buf; - s->init_off=0; - } - - /* SSL3_ST_CW_CLNT_HELLO_B */ - return(ssl3_do_write(s,SSL3_RT_HANDSHAKE)); -err: - return(-1); - } - -static int ssl3_get_server_hello(SSL *s) - { - STACK_OF(SSL_CIPHER) *sk; - SSL_CIPHER *c; - unsigned char *p,*d; - int i,al,ok; - unsigned int j; - long n; - SSL_COMP *comp; - - n=ssl3_get_message(s, - SSL3_ST_CR_SRVR_HELLO_A, - SSL3_ST_CR_SRVR_HELLO_B, - SSL3_MT_SERVER_HELLO, - 300, /* ?? */ - &ok); - - if (!ok) return((int)n); - d=p=(unsigned char *)s->init_buf->data; - - if ((p[0] != (s->version>>8)) || (p[1] != (s->version&0xff))) - { - SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_WRONG_SSL_VERSION); - s->version=(s->version&0xff00)|p[1]; - al=SSL_AD_PROTOCOL_VERSION; - goto f_err; - } - p+=2; - - /* load the server hello data */ - /* load the server random */ - memcpy(s->s3->server_random,p,SSL3_RANDOM_SIZE); - p+=SSL3_RANDOM_SIZE; - - /* get the session-id */ - j= *(p++); - - if ((j != 0) && (j != SSL3_SESSION_ID_SIZE)) - { - /* SSLref returns 16 :-( */ - if (j < SSL2_SSL_SESSION_ID_LENGTH) - { - al=SSL_AD_ILLEGAL_PARAMETER; - SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_SSL3_SESSION_ID_TOO_SHORT); - goto f_err; - } - } - if (j != 0 && j == s->session->session_id_length - && memcmp(p,s->session->session_id,j) == 0) - { - if(s->sid_ctx_length != s->session->sid_ctx_length - || memcmp(s->session->sid_ctx,s->sid_ctx,s->sid_ctx_length)) - { - al=SSL_AD_ILLEGAL_PARAMETER; - SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT); - goto f_err; - } - s->hit=1; - } - else /* a miss or crap from the other end */ - { - /* If we were trying for session-id reuse, make a new - * SSL_SESSION so we don't stuff up other people */ - s->hit=0; - if (s->session->session_id_length > 0) - { - if (!ssl_get_new_session(s,0)) - { - al=SSL_AD_INTERNAL_ERROR; - goto f_err; - } - } - s->session->session_id_length=j; - memcpy(s->session->session_id,p,j); /* j could be 0 */ - } - p+=j; - c=ssl_get_cipher_by_char(s,p); - if (c == NULL) - { - /* unknown cipher */ - al=SSL_AD_ILLEGAL_PARAMETER; - SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_UNKNOWN_CIPHER_RETURNED); - goto f_err; - } - p+=ssl_put_cipher_by_char(s,NULL,NULL); - - sk=ssl_get_ciphers_by_id(s); - i=sk_SSL_CIPHER_find(sk,c); - if (i < 0) - { - /* we did not say we would use this cipher */ - al=SSL_AD_ILLEGAL_PARAMETER; - SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_WRONG_CIPHER_RETURNED); - goto f_err; - } - - if (s->hit && (s->session->cipher != c)) - { - if (!(s->options & - SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG)) - { - al=SSL_AD_ILLEGAL_PARAMETER; - SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED); - goto f_err; - } - } - s->s3->tmp.new_cipher=c; - - /* lets get the compression algorithm */ - /* COMPRESSION */ - j= *(p++); - if (j == 0) - comp=NULL; - else - comp=ssl3_comp_find(s->ctx->comp_methods,j); - - if ((j != 0) && (comp == NULL)) - { - al=SSL_AD_ILLEGAL_PARAMETER; - SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM); - goto f_err; - } - else - { - s->s3->tmp.new_compression=comp; - } - - if (p != (d+n)) - { - /* wrong packet length */ - al=SSL_AD_DECODE_ERROR; - SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_BAD_PACKET_LENGTH); - goto err; - } - - return(1); -f_err: - ssl3_send_alert(s,SSL3_AL_FATAL,al); -err: - return(-1); - } - -static int ssl3_get_server_certificate(SSL *s) - { - int al,i,ok,ret= -1; - unsigned long n,nc,llen,l; - X509 *x=NULL; - unsigned char *p,*d,*q; - STACK_OF(X509) *sk=NULL; - SESS_CERT *sc; - EVP_PKEY *pkey=NULL; - - n=ssl3_get_message(s, - SSL3_ST_CR_CERT_A, - SSL3_ST_CR_CERT_B, - -1, -#if defined(MSDOS) && !defined(WIN32) - 1024*30, /* 30k max cert list :-) */ -#else - 1024*100, /* 100k max cert list :-) */ -#endif - &ok); - - if (!ok) return((int)n); - - if (s->s3->tmp.message_type == SSL3_MT_SERVER_KEY_EXCHANGE) - { - s->s3->tmp.reuse_message=1; - return(1); - } - - if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE) - { - al=SSL_AD_UNEXPECTED_MESSAGE; - SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_BAD_MESSAGE_TYPE); - goto f_err; - } - d=p=(unsigned char *)s->init_buf->data; - - if ((sk=sk_X509_new_null()) == NULL) - { - SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,ERR_R_MALLOC_FAILURE); - goto err; - } - - n2l3(p,llen); - if (llen+3 != n) - { - al=SSL_AD_DECODE_ERROR; - SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_LENGTH_MISMATCH); - goto f_err; - } - for (nc=0; nc llen) - { - al=SSL_AD_DECODE_ERROR; - SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH); - goto f_err; - } - - q=p; - x=d2i_X509(NULL,&q,l); - if (x == NULL) - { - al=SSL_AD_BAD_CERTIFICATE; - SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,ERR_R_ASN1_LIB); - goto f_err; - } - if (q != (p+l)) - { - al=SSL_AD_DECODE_ERROR; - SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH); - goto f_err; - } - if (!sk_X509_push(sk,x)) - { - SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,ERR_R_MALLOC_FAILURE); - goto err; - } - x=NULL; - nc+=l+3; - p=q; - } - - i=ssl_verify_cert_chain(s,sk); - if ((s->verify_mode != SSL_VERIFY_NONE) && (!i)) - { - al=ssl_verify_alarm_type(s->verify_result); - SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_CERTIFICATE_VERIFY_FAILED); - goto f_err; - } - ERR_clear_error(); /* but we keep s->verify_result */ - - sc=ssl_sess_cert_new(); - if (sc == NULL) goto err; - - if (s->session->sess_cert) ssl_sess_cert_free(s->session->sess_cert); - s->session->sess_cert=sc; - - sc->cert_chain=sk; - /* Inconsistency alert: cert_chain does include the peer's - * certificate, which we don't include in s3_srvr.c */ - x=sk_X509_value(sk,0); - sk=NULL; - - pkey=X509_get_pubkey(x); - - if ((pkey == NULL) || EVP_PKEY_missing_parameters(pkey)) - { - x=NULL; - al=SSL3_AL_FATAL; - SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS); - goto f_err; - } - - i=ssl_cert_type(x,pkey); - if (i < 0) - { - x=NULL; - al=SSL3_AL_FATAL; - SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_UNKNOWN_CERTIFICATE_TYPE); - goto f_err; - } - - sc->peer_cert_type=i; - CRYPTO_add(&x->references,1,CRYPTO_LOCK_X509); - if (sc->peer_pkeys[i].x509 != NULL) /* Why would this ever happen? - * We just created sc a couple of - * lines ago. */ - X509_free(sc->peer_pkeys[i].x509); - sc->peer_pkeys[i].x509=x; - sc->peer_key= &(sc->peer_pkeys[i]); - - if (s->session->peer != NULL) - X509_free(s->session->peer); - CRYPTO_add(&x->references,1,CRYPTO_LOCK_X509); - s->session->peer=x; - - x=NULL; - ret=1; - - if (0) - { -f_err: - ssl3_send_alert(s,SSL3_AL_FATAL,al); - } -err: - EVP_PKEY_free(pkey); - X509_free(x); - sk_X509_pop_free(sk,X509_free); - return(ret); - } - -static int ssl3_get_key_exchange(SSL *s) - { -#ifndef NO_RSA - unsigned char *q,md_buf[EVP_MAX_MD_SIZE*2]; -#endif - EVP_MD_CTX md_ctx; - unsigned char *param,*p; - int al,i,j,param_len,ok; - long n,alg; - EVP_PKEY *pkey=NULL; -#ifndef NO_RSA - RSA *rsa=NULL; -#endif -#ifndef NO_DH - DH *dh=NULL; -#endif - - n=ssl3_get_message(s, - SSL3_ST_CR_KEY_EXCH_A, - SSL3_ST_CR_KEY_EXCH_B, - -1, - 1024*8, /* ?? */ - &ok); - - if (!ok) return((int)n); - - if (s->s3->tmp.message_type != SSL3_MT_SERVER_KEY_EXCHANGE) - { - s->s3->tmp.reuse_message=1; - return(1); - } - - param=p=(unsigned char *)s->init_buf->data; - - if (s->session->sess_cert != NULL) - { -#ifndef NO_RSA - if (s->session->sess_cert->peer_rsa_tmp != NULL) - { - RSA_free(s->session->sess_cert->peer_rsa_tmp); - s->session->sess_cert->peer_rsa_tmp=NULL; - } -#endif -#ifndef NO_DH - if (s->session->sess_cert->peer_dh_tmp) - { - DH_free(s->session->sess_cert->peer_dh_tmp); - s->session->sess_cert->peer_dh_tmp=NULL; - } -#endif - } - else - { - s->session->sess_cert=ssl_sess_cert_new(); - } - - param_len=0; - alg=s->s3->tmp.new_cipher->algorithms; - -#ifndef NO_RSA - if (alg & SSL_kRSA) - { - if ((rsa=RSA_new()) == NULL) - { - SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_MALLOC_FAILURE); - goto err; - } - n2s(p,i); - param_len=i+2; - if (param_len > n) - { - al=SSL_AD_DECODE_ERROR; - SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_RSA_MODULUS_LENGTH); - goto f_err; - } - if (!(rsa->n=BN_bin2bn(p,i,rsa->n))) - { - SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB); - goto err; - } - p+=i; - - n2s(p,i); - param_len+=i+2; - if (param_len > n) - { - al=SSL_AD_DECODE_ERROR; - SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_RSA_E_LENGTH); - goto f_err; - } - if (!(rsa->e=BN_bin2bn(p,i,rsa->e))) - { - SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB); - goto err; - } - p+=i; - n-=param_len; - - /* this should be because we are using an export cipher */ - if (alg & SSL_aRSA) - pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509); - else - { - SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_INTERNAL_ERROR); - goto err; - } - s->session->sess_cert->peer_rsa_tmp=rsa; - rsa=NULL; - } -#else /* NO_RSA */ - if (0) - ; -#endif -#ifndef NO_DH - else if (alg & SSL_kEDH) - { - if ((dh=DH_new()) == NULL) - { - SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_DH_LIB); - goto err; - } - n2s(p,i); - param_len=i+2; - if (param_len > n) - { - al=SSL_AD_DECODE_ERROR; - SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_DH_P_LENGTH); - goto f_err; - } - if (!(dh->p=BN_bin2bn(p,i,NULL))) - { - SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB); - goto err; - } - p+=i; - - n2s(p,i); - param_len+=i+2; - if (param_len > n) - { - al=SSL_AD_DECODE_ERROR; - SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_DH_G_LENGTH); - goto f_err; - } - if (!(dh->g=BN_bin2bn(p,i,NULL))) - { - SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB); - goto err; - } - p+=i; - - n2s(p,i); - param_len+=i+2; - if (param_len > n) - { - al=SSL_AD_DECODE_ERROR; - SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_DH_PUB_KEY_LENGTH); - goto f_err; - } - if (!(dh->pub_key=BN_bin2bn(p,i,NULL))) - { - SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB); - goto err; - } - p+=i; - n-=param_len; - -#ifndef NO_RSA - if (alg & SSL_aRSA) - pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509); -#else - if (0) - ; -#endif -#ifndef NO_DSA - else if (alg & SSL_aDSS) - pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_DSA_SIGN].x509); -#endif - /* else anonymous DH, so no certificate or pkey. */ - - s->session->sess_cert->peer_dh_tmp=dh; - dh=NULL; - } - else if ((alg & SSL_kDHr) || (alg & SSL_kDHd)) - { - al=SSL_AD_ILLEGAL_PARAMETER; - SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER); - goto f_err; - } -#endif /* !NO_DH */ - if (alg & SSL_aFZA) - { - al=SSL_AD_HANDSHAKE_FAILURE; - SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER); - goto f_err; - } - - - /* p points to the next byte, there are 'n' bytes left */ - - - /* if it was signed, check the signature */ - if (pkey != NULL) - { - n2s(p,i); - n-=2; - j=EVP_PKEY_size(pkey); - - if ((i != n) || (n > j) || (n <= 0)) - { - /* wrong packet length */ - al=SSL_AD_DECODE_ERROR; - SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_WRONG_SIGNATURE_LENGTH); - goto f_err; - } - -#ifndef NO_RSA - if (pkey->type == EVP_PKEY_RSA) - { - int num; - - j=0; - q=md_buf; - for (num=2; num > 0; num--) - { - EVP_DigestInit(&md_ctx,(num == 2) - ?s->ctx->md5:s->ctx->sha1); - EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE); - EVP_DigestUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE); - EVP_DigestUpdate(&md_ctx,param,param_len); - EVP_DigestFinal(&md_ctx,q,(unsigned int *)&i); - q+=i; - j+=i; - } - i=RSA_verify(NID_md5_sha1, md_buf, j, p, n, - pkey->pkey.rsa); - if (i < 0) - { - al=SSL_AD_DECRYPT_ERROR; - SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_RSA_DECRYPT); - goto f_err; - } - if (i == 0) - { - /* bad signature */ - al=SSL_AD_DECRYPT_ERROR; - SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SIGNATURE); - goto f_err; - } - } - else -#endif -#ifndef NO_DSA - if (pkey->type == EVP_PKEY_DSA) - { - /* lets do DSS */ - EVP_VerifyInit(&md_ctx,EVP_dss1()); - EVP_VerifyUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE); - EVP_VerifyUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE); - EVP_VerifyUpdate(&md_ctx,param,param_len); - if (!EVP_VerifyFinal(&md_ctx,p,(int)n,pkey)) - { - /* bad signature */ - al=SSL_AD_DECRYPT_ERROR; - SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SIGNATURE); - goto f_err; - } - } - else -#endif - { - SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_INTERNAL_ERROR); - goto err; - } - } - else - { - /* still data left over */ - if (!(alg & SSL_aNULL)) - { - SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_INTERNAL_ERROR); - goto err; - } - if (n != 0) - { - al=SSL_AD_DECODE_ERROR; - SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_EXTRA_DATA_IN_MESSAGE); - goto f_err; - } - } - EVP_PKEY_free(pkey); - return(1); -f_err: - ssl3_send_alert(s,SSL3_AL_FATAL,al); -err: - EVP_PKEY_free(pkey); -#ifndef NO_RSA - if (rsa != NULL) - RSA_free(rsa); -#endif -#ifndef NO_DH - if (dh != NULL) - DH_free(dh); -#endif - return(-1); - } - -static int ssl3_get_certificate_request(SSL *s) - { - int ok,ret=0; - unsigned long n,nc,l; - unsigned int llen,ctype_num,i; - X509_NAME *xn=NULL; - unsigned char *p,*d,*q; - STACK_OF(X509_NAME) *ca_sk=NULL; - - n=ssl3_get_message(s, - SSL3_ST_CR_CERT_REQ_A, - SSL3_ST_CR_CERT_REQ_B, - -1, -#if defined(MSDOS) && !defined(WIN32) - 1024*30, /* 30k max cert list :-) */ -#else - 1024*100, /* 100k max cert list :-) */ -#endif - &ok); - - if (!ok) return((int)n); - - s->s3->tmp.cert_req=0; - - if (s->s3->tmp.message_type == SSL3_MT_SERVER_DONE) - { - s->s3->tmp.reuse_message=1; - return(1); - } - - if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE_REQUEST) - { - ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE); - SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_WRONG_MESSAGE_TYPE); - goto err; - } - - /* TLS does not like anon-DH with client cert */ - if (s->version > SSL3_VERSION) - { - l=s->s3->tmp.new_cipher->algorithms; - if (l & SSL_aNULL) - { - ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE); - SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER); - goto err; - } - } - - d=p=(unsigned char *)s->init_buf->data; - - if ((ca_sk=sk_X509_NAME_new(ca_dn_cmp)) == NULL) - { - SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,ERR_R_MALLOC_FAILURE); - goto err; - } - - /* get the certificate types */ - ctype_num= *(p++); - if (ctype_num > SSL3_CT_NUMBER) - ctype_num=SSL3_CT_NUMBER; - for (i=0; is3->tmp.ctype[i]= p[i]; - p+=ctype_num; - - /* get the CA RDNs */ - n2s(p,llen); -#if 0 -{ -FILE *out; -out=fopen("/tmp/vsign.der","w"); -fwrite(p,1,llen,out); -fclose(out); -} -#endif - - if ((llen+ctype_num+2+1) != n) - { - ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR); - SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_LENGTH_MISMATCH); - goto err; - } - - for (nc=0; nc llen) - { - if ((s->options & SSL_OP_NETSCAPE_CA_DN_BUG)) - goto cont; /* netscape bugs */ - ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR); - SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_CA_DN_TOO_LONG); - goto err; - } - - q=p; - - if ((xn=d2i_X509_NAME(NULL,&q,l)) == NULL) - { - /* If netscape tolerance is on, ignore errors */ - if (s->options & SSL_OP_NETSCAPE_CA_DN_BUG) - goto cont; - else - { - ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR); - SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,ERR_R_ASN1_LIB); - goto err; - } - } - - if (q != (p+l)) - { - ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR); - SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_CA_DN_LENGTH_MISMATCH); - goto err; - } - if (!sk_X509_NAME_push(ca_sk,xn)) - { - SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,ERR_R_MALLOC_FAILURE); - goto err; - } - - p+=l; - nc+=l+2; - } - - if (0) - { -cont: - ERR_clear_error(); - } - - /* we should setup a certificate to return.... */ - s->s3->tmp.cert_req=1; - s->s3->tmp.ctype_num=ctype_num; - if (s->s3->tmp.ca_names != NULL) - sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free); - s->s3->tmp.ca_names=ca_sk; - ca_sk=NULL; - - ret=1; -err: - if (ca_sk != NULL) sk_X509_NAME_pop_free(ca_sk,X509_NAME_free); - return(ret); - } - -static int ca_dn_cmp(const X509_NAME * const *a, const X509_NAME * const *b) - { - return(X509_NAME_cmp(*a,*b)); - } - -static int ssl3_get_server_done(SSL *s) - { - int ok,ret=0; - long n; - - n=ssl3_get_message(s, - SSL3_ST_CR_SRVR_DONE_A, - SSL3_ST_CR_SRVR_DONE_B, - SSL3_MT_SERVER_DONE, - 30, /* should be very small, like 0 :-) */ - &ok); - - if (!ok) return((int)n); - if (n > 0) - { - /* should contain no data */ - ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR); - SSLerr(SSL_F_SSL3_GET_SERVER_DONE,SSL_R_LENGTH_MISMATCH); - } - ret=1; - return(ret); - } - -static int ssl3_send_client_key_exchange(SSL *s) - { - unsigned char *p,*d; - int n; - unsigned long l; -#ifndef NO_RSA - unsigned char *q; - EVP_PKEY *pkey=NULL; -#endif - - if (s->state == SSL3_ST_CW_KEY_EXCH_A) - { - d=(unsigned char *)s->init_buf->data; - p= &(d[4]); - - l=s->s3->tmp.new_cipher->algorithms; - -#ifndef NO_RSA - if (l & SSL_kRSA) - { - RSA *rsa; - unsigned char tmp_buf[SSL_MAX_MASTER_KEY_LENGTH]; - - if (s->session->sess_cert->peer_rsa_tmp != NULL) - rsa=s->session->sess_cert->peer_rsa_tmp; - else - { - pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_RSA_ENC].x509); - if ((pkey == NULL) || - (pkey->type != EVP_PKEY_RSA) || - (pkey->pkey.rsa == NULL)) - { - SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_INTERNAL_ERROR); - goto err; - } - rsa=pkey->pkey.rsa; - EVP_PKEY_free(pkey); - } - - tmp_buf[0]=s->client_version>>8; - tmp_buf[1]=s->client_version&0xff; - if (RAND_bytes(&(tmp_buf[2]),SSL_MAX_MASTER_KEY_LENGTH-2) <= 0) - goto err; - - s->session->master_key_length=SSL_MAX_MASTER_KEY_LENGTH; - - q=p; - /* Fix buf for TLS and beyond */ - if (s->version > SSL3_VERSION) - p+=2; - n=RSA_public_encrypt(SSL_MAX_MASTER_KEY_LENGTH, - tmp_buf,p,rsa,RSA_PKCS1_PADDING); -#ifdef PKCS1_CHECK - if (s->options & SSL_OP_PKCS1_CHECK_1) p[1]++; - if (s->options & SSL_OP_PKCS1_CHECK_2) tmp_buf[0]=0x70; -#endif - if (n <= 0) - { - SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_BAD_RSA_ENCRYPT); - goto err; - } - - /* Fix buf for TLS and beyond */ - if (s->version > SSL3_VERSION) - { - s2n(n,q); - n+=2; - } - - s->session->master_key_length= - s->method->ssl3_enc->generate_master_secret(s, - s->session->master_key, - tmp_buf,SSL_MAX_MASTER_KEY_LENGTH); - memset(tmp_buf,0,SSL_MAX_MASTER_KEY_LENGTH); - } - else -#endif -#ifndef NO_DH - if (l & (SSL_kEDH|SSL_kDHr|SSL_kDHd)) - { - DH *dh_srvr,*dh_clnt; - - if (s->session->sess_cert->peer_dh_tmp != NULL) - dh_srvr=s->session->sess_cert->peer_dh_tmp; - else - { - /* we get them from the cert */ - ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE); - SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_UNABLE_TO_FIND_DH_PARAMETERS); - goto err; - } - - /* generate a new random key */ - if ((dh_clnt=DHparams_dup(dh_srvr)) == NULL) - { - SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB); - goto err; - } - if (!DH_generate_key(dh_clnt)) - { - SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB); - goto err; - } - - /* use the 'p' output buffer for the DH key, but - * make sure to clear it out afterwards */ - - n=DH_compute_key(p,dh_srvr->pub_key,dh_clnt); - - if (n <= 0) - { - SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB); - goto err; - } - - /* generate master key from the result */ - s->session->master_key_length= - s->method->ssl3_enc->generate_master_secret(s, - s->session->master_key,p,n); - /* clean up */ - memset(p,0,n); - - /* send off the data */ - n=BN_num_bytes(dh_clnt->pub_key); - s2n(n,p); - BN_bn2bin(dh_clnt->pub_key,p); - n+=2; - - DH_free(dh_clnt); - - /* perhaps clean things up a bit EAY EAY EAY EAY*/ - } - else -#endif - { - ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE); - SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_INTERNAL_ERROR); - goto err; - } - - *(d++)=SSL3_MT_CLIENT_KEY_EXCHANGE; - l2n3(n,d); - - s->state=SSL3_ST_CW_KEY_EXCH_B; - /* number of bytes to write */ - s->init_num=n+4; - s->init_off=0; - } - - /* SSL3_ST_CW_KEY_EXCH_B */ - return(ssl3_do_write(s,SSL3_RT_HANDSHAKE)); -err: - return(-1); - } - -static int ssl3_send_client_verify(SSL *s) - { - unsigned char *p,*d; - unsigned char data[MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH]; - EVP_PKEY *pkey; -#ifndef NO_RSA - unsigned u=0; -#endif - unsigned long n; -#ifndef NO_DSA - int j; -#endif - - if (s->state == SSL3_ST_CW_CERT_VRFY_A) - { - d=(unsigned char *)s->init_buf->data; - p= &(d[4]); - pkey=s->cert->key->privatekey; - - s->method->ssl3_enc->cert_verify_mac(s,&(s->s3->finish_dgst2), - &(data[MD5_DIGEST_LENGTH])); - -#ifndef NO_RSA - if (pkey->type == EVP_PKEY_RSA) - { - s->method->ssl3_enc->cert_verify_mac(s, - &(s->s3->finish_dgst1),&(data[0])); - if (RSA_sign(NID_md5_sha1, data, - MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH, - &(p[2]), &u, pkey->pkey.rsa) <= 0 ) - { - SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,ERR_R_RSA_LIB); - goto err; - } - s2n(u,p); - n=u+2; - } - else -#endif -#ifndef NO_DSA - if (pkey->type == EVP_PKEY_DSA) - { - if (!DSA_sign(pkey->save_type, - &(data[MD5_DIGEST_LENGTH]), - SHA_DIGEST_LENGTH,&(p[2]), - (unsigned int *)&j,pkey->pkey.dsa)) - { - SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,ERR_R_DSA_LIB); - goto err; - } - s2n(j,p); - n=j+2; - } - else -#endif - { - SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,SSL_R_INTERNAL_ERROR); - goto err; - } - *(d++)=SSL3_MT_CERTIFICATE_VERIFY; - l2n3(n,d); - - s->init_num=(int)n+4; - s->init_off=0; - } - return(ssl3_do_write(s,SSL3_RT_HANDSHAKE)); -err: - return(-1); - } - -static int ssl3_send_client_certificate(SSL *s) - { - X509 *x509=NULL; - EVP_PKEY *pkey=NULL; - int i; - unsigned long l; - - if (s->state == SSL3_ST_CW_CERT_A) - { - if ((s->cert == NULL) || - (s->cert->key->x509 == NULL) || - (s->cert->key->privatekey == NULL)) - s->state=SSL3_ST_CW_CERT_B; - else - s->state=SSL3_ST_CW_CERT_C; - } - - /* We need to get a client cert */ - if (s->state == SSL3_ST_CW_CERT_B) - { - /* If we get an error, we need to - * ssl->rwstate=SSL_X509_LOOKUP; return(-1); - * We then get retied later */ - i=0; - if (s->ctx->client_cert_cb != NULL) - i=s->ctx->client_cert_cb(s,&(x509),&(pkey)); - if (i < 0) - { - s->rwstate=SSL_X509_LOOKUP; - return(-1); - } - s->rwstate=SSL_NOTHING; - if ((i == 1) && (pkey != NULL) && (x509 != NULL)) - { - s->state=SSL3_ST_CW_CERT_B; - if ( !SSL_use_certificate(s,x509) || - !SSL_use_PrivateKey(s,pkey)) - i=0; - } - else if (i == 1) - { - i=0; - SSLerr(SSL_F_SSL3_SEND_CLIENT_CERTIFICATE,SSL_R_BAD_DATA_RETURNED_BY_CALLBACK); - } - - if (x509 != NULL) X509_free(x509); - if (pkey != NULL) EVP_PKEY_free(pkey); - if (i == 0) - { - if (s->version == SSL3_VERSION) - { - s->s3->tmp.cert_req=0; - ssl3_send_alert(s,SSL3_AL_WARNING,SSL_AD_NO_CERTIFICATE); - return(1); - } - else - { - s->s3->tmp.cert_req=2; - } - } - - /* Ok, we have a cert */ - s->state=SSL3_ST_CW_CERT_C; - } - - if (s->state == SSL3_ST_CW_CERT_C) - { - s->state=SSL3_ST_CW_CERT_D; - l=ssl3_output_cert_chain(s, - (s->s3->tmp.cert_req == 2)?NULL:s->cert->key->x509); - s->init_num=(int)l; - s->init_off=0; - } - /* SSL3_ST_CW_CERT_D */ - return(ssl3_do_write(s,SSL3_RT_HANDSHAKE)); - } - -#define has_bits(i,m) (((i)&(m)) == (m)) - -static int ssl3_check_cert_and_algorithm(SSL *s) - { - int i,idx; - long algs; - EVP_PKEY *pkey=NULL; - SESS_CERT *sc; -#ifndef NO_RSA - RSA *rsa; -#endif -#ifndef NO_DH - DH *dh; -#endif - - sc=s->session->sess_cert; - - if (sc == NULL) - { - SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_INTERNAL_ERROR); - goto err; - } - - algs=s->s3->tmp.new_cipher->algorithms; - - /* we don't have a certificate */ - if (algs & (SSL_aDH|SSL_aNULL)) - return(1); - -#ifndef NO_RSA - rsa=s->session->sess_cert->peer_rsa_tmp; -#endif -#ifndef NO_DH - dh=s->session->sess_cert->peer_dh_tmp; -#endif - - /* This is the passed certificate */ - - idx=sc->peer_cert_type; - pkey=X509_get_pubkey(sc->peer_pkeys[idx].x509); - i=X509_certificate_type(sc->peer_pkeys[idx].x509,pkey); - EVP_PKEY_free(pkey); - - - /* Check that we have a certificate if we require one */ - if ((algs & SSL_aRSA) && !has_bits(i,EVP_PK_RSA|EVP_PKT_SIGN)) - { - SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_RSA_SIGNING_CERT); - goto f_err; - } -#ifndef NO_DSA - else if ((algs & SSL_aDSS) && !has_bits(i,EVP_PK_DSA|EVP_PKT_SIGN)) - { - SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DSA_SIGNING_CERT); - goto f_err; - } -#endif -#ifndef NO_RSA - if ((algs & SSL_kRSA) && - !(has_bits(i,EVP_PK_RSA|EVP_PKT_ENC) || (rsa != NULL))) - { - SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_RSA_ENCRYPTING_CERT); - goto f_err; - } -#endif -#ifndef NO_DH - if ((algs & SSL_kEDH) && - !(has_bits(i,EVP_PK_DH|EVP_PKT_EXCH) || (dh != NULL))) - { - SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_KEY); - goto f_err; - } - else if ((algs & SSL_kDHr) && !has_bits(i,EVP_PK_DH|EVP_PKS_RSA)) - { - SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_RSA_CERT); - goto f_err; - } -#ifndef NO_DSA - else if ((algs & SSL_kDHd) && !has_bits(i,EVP_PK_DH|EVP_PKS_DSA)) - { - SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_DSA_CERT); - goto f_err; - } -#endif -#endif - - if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) && !has_bits(i,EVP_PKT_EXP)) - { -#ifndef NO_RSA - if (algs & SSL_kRSA) - { - if (rsa == NULL - || RSA_size(rsa) > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)) - { - SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_EXPORT_TMP_RSA_KEY); - goto f_err; - } - } - else -#endif -#ifndef NO_DH - if (algs & (SSL_kEDH|SSL_kDHr|SSL_kDHd)) - { - if (dh == NULL - || DH_size(dh) > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)) - { - SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_EXPORT_TMP_DH_KEY); - goto f_err; - } - } - else -#endif - { - SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE); - goto f_err; - } - } - return(1); -f_err: - ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE); -err: - return(0); - } - diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c deleted file mode 100644 index cee2021b6b..0000000000 --- a/src/lib/libssl/s3_lib.c +++ /dev/null @@ -1,1339 +0,0 @@ -/* ssl/s3_lib.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include -#include "ssl_locl.h" - -const char *ssl3_version_str="SSLv3" OPENSSL_VERSION_PTEXT; - -#define SSL3_NUM_CIPHERS (sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER)) - -static long ssl3_default_timeout(void ); - -OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]={ -/* The RSA ciphers */ -/* Cipher 01 */ - { - 1, - SSL3_TXT_RSA_NULL_MD5, - SSL3_CK_RSA_NULL_MD5, - SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_MD5|SSL_SSLV3, - SSL_NOT_EXP, - 0, - 0, - 0, - SSL_ALL_CIPHERS, - SSL_ALL_STRENGTHS, - }, -/* Cipher 02 */ - { - 1, - SSL3_TXT_RSA_NULL_SHA, - SSL3_CK_RSA_NULL_SHA, - SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_SHA1|SSL_SSLV3, - SSL_NOT_EXP, - 0, - 0, - 0, - SSL_ALL_CIPHERS, - SSL_ALL_STRENGTHS, - }, - -/* anon DH */ -/* Cipher 17 */ - { - 1, - SSL3_TXT_ADH_RC4_40_MD5, - SSL3_CK_ADH_RC4_40_MD5, - SSL_kEDH |SSL_aNULL|SSL_RC4 |SSL_MD5 |SSL_SSLV3, - SSL_EXPORT|SSL_EXP40, - 0, - 40, - 128, - SSL_ALL_CIPHERS, - SSL_ALL_STRENGTHS, - }, -/* Cipher 18 */ - { - 1, - SSL3_TXT_ADH_RC4_128_MD5, - SSL3_CK_ADH_RC4_128_MD5, - SSL_kEDH |SSL_aNULL|SSL_RC4 |SSL_MD5 |SSL_SSLV3, - SSL_NOT_EXP, - 0, - 128, - 128, - SSL_ALL_CIPHERS, - SSL_ALL_STRENGTHS, - }, -/* Cipher 19 */ - { - 1, - SSL3_TXT_ADH_DES_40_CBC_SHA, - SSL3_CK_ADH_DES_40_CBC_SHA, - SSL_kEDH |SSL_aNULL|SSL_DES|SSL_SHA1|SSL_SSLV3, - SSL_EXPORT|SSL_EXP40, - 0, - 40, - 128, - SSL_ALL_CIPHERS, - SSL_ALL_STRENGTHS, - }, -/* Cipher 1A */ - { - 1, - SSL3_TXT_ADH_DES_64_CBC_SHA, - SSL3_CK_ADH_DES_64_CBC_SHA, - SSL_kEDH |SSL_aNULL|SSL_DES |SSL_SHA1|SSL_SSLV3, - SSL_NOT_EXP, - 0, - 56, - 56, - SSL_ALL_CIPHERS, - SSL_ALL_STRENGTHS, - }, -/* Cipher 1B */ - { - 1, - SSL3_TXT_ADH_DES_192_CBC_SHA, - SSL3_CK_ADH_DES_192_CBC_SHA, - SSL_kEDH |SSL_aNULL|SSL_3DES |SSL_SHA1|SSL_SSLV3, - SSL_NOT_EXP, - 0, - 168, - 168, - SSL_ALL_CIPHERS, - SSL_ALL_STRENGTHS, - }, - -/* RSA again */ -/* Cipher 03 */ - { - 1, - SSL3_TXT_RSA_RC4_40_MD5, - SSL3_CK_RSA_RC4_40_MD5, - SSL_kRSA|SSL_aRSA|SSL_RC4 |SSL_MD5 |SSL_SSLV3, - SSL_EXPORT|SSL_EXP40, - 0, - 40, - 128, - SSL_ALL_CIPHERS, - SSL_ALL_STRENGTHS, - }, -/* Cipher 04 */ - { - 1, - SSL3_TXT_RSA_RC4_128_MD5, - SSL3_CK_RSA_RC4_128_MD5, - SSL_kRSA|SSL_aRSA|SSL_RC4 |SSL_MD5|SSL_SSLV3, - SSL_NOT_EXP|SSL_MEDIUM, - 0, - 128, - 128, - SSL_ALL_CIPHERS, - SSL_ALL_STRENGTHS, - }, -/* Cipher 05 */ - { - 1, - SSL3_TXT_RSA_RC4_128_SHA, - SSL3_CK_RSA_RC4_128_SHA, - SSL_kRSA|SSL_aRSA|SSL_RC4 |SSL_SHA1|SSL_SSLV3, - SSL_NOT_EXP|SSL_MEDIUM, - 0, - 128, - 128, - SSL_ALL_CIPHERS, - SSL_ALL_STRENGTHS, - }, -/* Cipher 06 */ - { - 1, - SSL3_TXT_RSA_RC2_40_MD5, - SSL3_CK_RSA_RC2_40_MD5, - SSL_kRSA|SSL_aRSA|SSL_RC2 |SSL_MD5 |SSL_SSLV3, - SSL_EXPORT|SSL_EXP40, - 0, - 40, - 128, - SSL_ALL_CIPHERS, - SSL_ALL_STRENGTHS, - }, -/* Cipher 07 */ - { - 1, - SSL3_TXT_RSA_IDEA_128_SHA, - SSL3_CK_RSA_IDEA_128_SHA, - SSL_kRSA|SSL_aRSA|SSL_IDEA |SSL_SHA1|SSL_SSLV3, - SSL_NOT_EXP|SSL_MEDIUM, - 0, - 128, - 128, - SSL_ALL_CIPHERS, - SSL_ALL_STRENGTHS, - }, -/* Cipher 08 */ - { - 1, - SSL3_TXT_RSA_DES_40_CBC_SHA, - SSL3_CK_RSA_DES_40_CBC_SHA, - SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_SSLV3, - SSL_EXPORT|SSL_EXP40, - 0, - 40, - 56, - SSL_ALL_CIPHERS, - SSL_ALL_STRENGTHS, - }, -/* Cipher 09 */ - { - 1, - SSL3_TXT_RSA_DES_64_CBC_SHA, - SSL3_CK_RSA_DES_64_CBC_SHA, - SSL_kRSA|SSL_aRSA|SSL_DES |SSL_SHA1|SSL_SSLV3, - SSL_NOT_EXP|SSL_LOW, - 0, - 56, - 56, - SSL_ALL_CIPHERS, - SSL_ALL_STRENGTHS, - }, -/* Cipher 0A */ - { - 1, - SSL3_TXT_RSA_DES_192_CBC3_SHA, - SSL3_CK_RSA_DES_192_CBC3_SHA, - SSL_kRSA|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_SSLV3, - SSL_NOT_EXP|SSL_HIGH, - 0, - 168, - 168, - SSL_ALL_CIPHERS, - SSL_ALL_STRENGTHS, - }, - -/* The DH ciphers */ -/* Cipher 0B */ - { - 0, - SSL3_TXT_DH_DSS_DES_40_CBC_SHA, - SSL3_CK_DH_DSS_DES_40_CBC_SHA, - SSL_kDHd |SSL_aDH|SSL_DES|SSL_SHA1|SSL_SSLV3, - SSL_EXPORT|SSL_EXP40, - 0, - 40, - 56, - SSL_ALL_CIPHERS, - SSL_ALL_STRENGTHS, - }, -/* Cipher 0C */ - { - 0, - SSL3_TXT_DH_DSS_DES_64_CBC_SHA, - SSL3_CK_DH_DSS_DES_64_CBC_SHA, - SSL_kDHd |SSL_aDH|SSL_DES |SSL_SHA1|SSL_SSLV3, - SSL_NOT_EXP|SSL_LOW, - 0, - 56, - 56, - SSL_ALL_CIPHERS, - SSL_ALL_STRENGTHS, - }, -/* Cipher 0D */ - { - 0, - SSL3_TXT_DH_DSS_DES_192_CBC3_SHA, - SSL3_CK_DH_DSS_DES_192_CBC3_SHA, - SSL_kDHd |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_SSLV3, - SSL_NOT_EXP|SSL_HIGH, - 0, - 168, - 168, - SSL_ALL_CIPHERS, - SSL_ALL_STRENGTHS, - }, -/* Cipher 0E */ - { - 0, - SSL3_TXT_DH_RSA_DES_40_CBC_SHA, - SSL3_CK_DH_RSA_DES_40_CBC_SHA, - SSL_kDHr |SSL_aDH|SSL_DES|SSL_SHA1|SSL_SSLV3, - SSL_EXPORT|SSL_EXP40, - 0, - 40, - 56, - SSL_ALL_CIPHERS, - SSL_ALL_STRENGTHS, - }, -/* Cipher 0F */ - { - 0, - SSL3_TXT_DH_RSA_DES_64_CBC_SHA, - SSL3_CK_DH_RSA_DES_64_CBC_SHA, - SSL_kDHr |SSL_aDH|SSL_DES |SSL_SHA1|SSL_SSLV3, - SSL_NOT_EXP|SSL_LOW, - 0, - 56, - 56, - SSL_ALL_CIPHERS, - SSL_ALL_STRENGTHS, - }, -/* Cipher 10 */ - { - 0, - SSL3_TXT_DH_RSA_DES_192_CBC3_SHA, - SSL3_CK_DH_RSA_DES_192_CBC3_SHA, - SSL_kDHr |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_SSLV3, - SSL_NOT_EXP|SSL_HIGH, - 0, - 168, - 168, - SSL_ALL_CIPHERS, - SSL_ALL_STRENGTHS, - }, - -/* The Ephemeral DH ciphers */ -/* Cipher 11 */ - { - 1, - SSL3_TXT_EDH_DSS_DES_40_CBC_SHA, - SSL3_CK_EDH_DSS_DES_40_CBC_SHA, - SSL_kEDH|SSL_aDSS|SSL_DES|SSL_SHA1|SSL_SSLV3, - SSL_EXPORT|SSL_EXP40, - 0, - 40, - 56, - SSL_ALL_CIPHERS, - SSL_ALL_STRENGTHS, - }, -/* Cipher 12 */ - { - 1, - SSL3_TXT_EDH_DSS_DES_64_CBC_SHA, - SSL3_CK_EDH_DSS_DES_64_CBC_SHA, - SSL_kEDH|SSL_aDSS|SSL_DES |SSL_SHA1|SSL_SSLV3, - SSL_NOT_EXP|SSL_LOW, - 0, - 56, - 56, - SSL_ALL_CIPHERS, - SSL_ALL_STRENGTHS, - }, -/* Cipher 13 */ - { - 1, - SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA, - SSL3_CK_EDH_DSS_DES_192_CBC3_SHA, - SSL_kEDH|SSL_aDSS|SSL_3DES |SSL_SHA1|SSL_SSLV3, - SSL_NOT_EXP|SSL_HIGH, - 0, - 168, - 168, - SSL_ALL_CIPHERS, - SSL_ALL_STRENGTHS, - }, -/* Cipher 14 */ - { - 1, - SSL3_TXT_EDH_RSA_DES_40_CBC_SHA, - SSL3_CK_EDH_RSA_DES_40_CBC_SHA, - SSL_kEDH|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_SSLV3, - SSL_EXPORT|SSL_EXP40, - 0, - 40, - 56, - SSL_ALL_CIPHERS, - SSL_ALL_STRENGTHS, - }, -/* Cipher 15 */ - { - 1, - SSL3_TXT_EDH_RSA_DES_64_CBC_SHA, - SSL3_CK_EDH_RSA_DES_64_CBC_SHA, - SSL_kEDH|SSL_aRSA|SSL_DES |SSL_SHA1|SSL_SSLV3, - SSL_NOT_EXP|SSL_LOW, - 0, - 56, - 56, - SSL_ALL_CIPHERS, - SSL_ALL_STRENGTHS, - }, -/* Cipher 16 */ - { - 1, - SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA, - SSL3_CK_EDH_RSA_DES_192_CBC3_SHA, - SSL_kEDH|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_SSLV3, - SSL_NOT_EXP|SSL_HIGH, - 0, - 168, - 168, - SSL_ALL_CIPHERS, - SSL_ALL_STRENGTHS, - }, - -/* Fortezza */ -/* Cipher 1C */ - { - 0, - SSL3_TXT_FZA_DMS_NULL_SHA, - SSL3_CK_FZA_DMS_NULL_SHA, - SSL_kFZA|SSL_aFZA |SSL_eNULL |SSL_SHA1|SSL_SSLV3, - SSL_NOT_EXP, - 0, - 0, - 0, - SSL_ALL_CIPHERS, - SSL_ALL_STRENGTHS, - }, - -/* Cipher 1D */ - { - 0, - SSL3_TXT_FZA_DMS_FZA_SHA, - SSL3_CK_FZA_DMS_FZA_SHA, - SSL_kFZA|SSL_aFZA |SSL_eFZA |SSL_SHA1|SSL_SSLV3, - SSL_NOT_EXP, - 0, - 0, - 0, - SSL_ALL_CIPHERS, - SSL_ALL_STRENGTHS, - }, - -/* Cipher 1E */ - { - 0, - SSL3_TXT_FZA_DMS_RC4_SHA, - SSL3_CK_FZA_DMS_RC4_SHA, - SSL_kFZA|SSL_aFZA |SSL_RC4 |SSL_SHA1|SSL_SSLV3, - SSL_NOT_EXP, - 0, - 128, - 128, - SSL_ALL_CIPHERS, - SSL_ALL_STRENGTHS, - }, - -#if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES - /* New TLS Export CipherSuites */ - /* Cipher 60 */ - { - 1, - TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5, - TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5, - SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_TLSV1, - SSL_EXPORT|SSL_EXP56, - 0, - 56, - 128, - SSL_ALL_CIPHERS, - SSL_ALL_STRENGTHS, - }, - /* Cipher 61 */ - { - 1, - TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5, - TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5, - SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_TLSV1, - SSL_EXPORT|SSL_EXP56, - 0, - 56, - 128, - SSL_ALL_CIPHERS, - SSL_ALL_STRENGTHS, - }, - /* Cipher 62 */ - { - 1, - TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA, - TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA, - SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA|SSL_TLSV1, - SSL_EXPORT|SSL_EXP56, - 0, - 56, - 56, - SSL_ALL_CIPHERS, - SSL_ALL_STRENGTHS, - }, - /* Cipher 63 */ - { - 1, - TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA, - TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA, - SSL_kEDH|SSL_aDSS|SSL_DES|SSL_SHA|SSL_TLSV1, - SSL_EXPORT|SSL_EXP56, - 0, - 56, - 56, - SSL_ALL_CIPHERS, - SSL_ALL_STRENGTHS, - }, - /* Cipher 64 */ - { - 1, - TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA, - TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA, - SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_SHA|SSL_TLSV1, - SSL_EXPORT|SSL_EXP56, - 0, - 56, - 128, - SSL_ALL_CIPHERS, - SSL_ALL_STRENGTHS, - }, - /* Cipher 65 */ - { - 1, - TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA, - TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA, - SSL_kEDH|SSL_aDSS|SSL_RC4|SSL_SHA|SSL_TLSV1, - SSL_EXPORT|SSL_EXP56, - 0, - 56, - 128, - SSL_ALL_CIPHERS, - SSL_ALL_STRENGTHS, - }, - /* Cipher 66 */ - { - 1, - TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA, - TLS1_CK_DHE_DSS_WITH_RC4_128_SHA, - SSL_kEDH|SSL_aDSS|SSL_RC4|SSL_SHA|SSL_TLSV1, - SSL_NOT_EXP, - 0, - 128, - 128, - SSL_ALL_CIPHERS, - SSL_ALL_STRENGTHS - }, -#endif - -/* end of list */ - }; - -static SSL3_ENC_METHOD SSLv3_enc_data={ - ssl3_enc, - ssl3_mac, - ssl3_setup_key_block, - ssl3_generate_master_secret, - ssl3_change_cipher_state, - ssl3_final_finish_mac, - MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH, - ssl3_cert_verify_mac, - SSL3_MD_CLIENT_FINISHED_CONST,4, - SSL3_MD_SERVER_FINISHED_CONST,4, - ssl3_alert_code, - }; - -static SSL_METHOD SSLv3_data= { - SSL3_VERSION, - ssl3_new, - ssl3_clear, - ssl3_free, - ssl_undefined_function, - ssl_undefined_function, - ssl3_read, - ssl3_peek, - ssl3_write, - ssl3_shutdown, - ssl3_renegotiate, - ssl3_renegotiate_check, - ssl3_ctrl, - ssl3_ctx_ctrl, - ssl3_get_cipher_by_char, - ssl3_put_cipher_by_char, - ssl3_pending, - ssl3_num_ciphers, - ssl3_get_cipher, - ssl_bad_method, - ssl3_default_timeout, - &SSLv3_enc_data, - ssl_undefined_function, - ssl3_callback_ctrl, - ssl3_ctx_callback_ctrl, - }; - -static long ssl3_default_timeout(void) - { - /* 2 hours, the 24 hours mentioned in the SSLv3 spec - * is way too long for http, the cache would over fill */ - return(60*60*2); - } - -SSL_METHOD *sslv3_base_method(void) - { - return(&SSLv3_data); - } - -int ssl3_num_ciphers(void) - { - return(SSL3_NUM_CIPHERS); - } - -SSL_CIPHER *ssl3_get_cipher(unsigned int u) - { - if (u < SSL3_NUM_CIPHERS) - return(&(ssl3_ciphers[SSL3_NUM_CIPHERS-1-u])); - else - return(NULL); - } - -/* The problem is that it may not be the correct record type */ -int ssl3_pending(SSL *s) - { - return(s->s3->rrec.length); - } - -int ssl3_new(SSL *s) - { - SSL3_STATE *s3; - - if ((s3=OPENSSL_malloc(sizeof *s3)) == NULL) goto err; - memset(s3,0,sizeof *s3); - - s->s3=s3; - - s->method->ssl_clear(s); - return(1); -err: - return(0); - } - -void ssl3_free(SSL *s) - { - if(s == NULL) - return; - - ssl3_cleanup_key_block(s); - if (s->s3->rbuf.buf != NULL) - OPENSSL_free(s->s3->rbuf.buf); - if (s->s3->wbuf.buf != NULL) - OPENSSL_free(s->s3->wbuf.buf); - if (s->s3->rrec.comp != NULL) - OPENSSL_free(s->s3->rrec.comp); -#ifndef NO_DH - if (s->s3->tmp.dh != NULL) - DH_free(s->s3->tmp.dh); -#endif - if (s->s3->tmp.ca_names != NULL) - sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free); - memset(s->s3,0,sizeof *s->s3); - OPENSSL_free(s->s3); - s->s3=NULL; - } - -void ssl3_clear(SSL *s) - { - unsigned char *rp,*wp; - - ssl3_cleanup_key_block(s); - if (s->s3->tmp.ca_names != NULL) - sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free); - - if (s->s3->rrec.comp != NULL) - { - OPENSSL_free(s->s3->rrec.comp); - s->s3->rrec.comp=NULL; - } -#ifndef NO_DH - if (s->s3->tmp.dh != NULL) - DH_free(s->s3->tmp.dh); -#endif - - rp=s->s3->rbuf.buf; - wp=s->s3->wbuf.buf; - - memset(s->s3,0,sizeof *s->s3); - if (rp != NULL) s->s3->rbuf.buf=rp; - if (wp != NULL) s->s3->wbuf.buf=wp; - - ssl_free_wbio_buffer(s); - - s->packet_length=0; - s->s3->renegotiate=0; - s->s3->total_renegotiations=0; - s->s3->num_renegotiations=0; - s->s3->in_read_app_data=0; - s->version=SSL3_VERSION; - } - -long ssl3_ctrl(SSL *s, int cmd, long larg, char *parg) - { - int ret=0; - -#if !defined(NO_DSA) || !defined(NO_RSA) - if ( -#ifndef NO_RSA - cmd == SSL_CTRL_SET_TMP_RSA || - cmd == SSL_CTRL_SET_TMP_RSA_CB || -#endif -#ifndef NO_DSA - cmd == SSL_CTRL_SET_TMP_DH || - cmd == SSL_CTRL_SET_TMP_DH_CB || -#endif - 0) - { - if (!ssl_cert_inst(&s->cert)) - { - SSLerr(SSL_F_SSL3_CTRL, ERR_R_MALLOC_FAILURE); - return(0); - } - } -#endif - - switch (cmd) - { - case SSL_CTRL_GET_SESSION_REUSED: - ret=s->hit; - break; - case SSL_CTRL_GET_CLIENT_CERT_REQUEST: - break; - case SSL_CTRL_GET_NUM_RENEGOTIATIONS: - ret=s->s3->num_renegotiations; - break; - case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS: - ret=s->s3->num_renegotiations; - s->s3->num_renegotiations=0; - break; - case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS: - ret=s->s3->total_renegotiations; - break; - case SSL_CTRL_GET_FLAGS: - ret=(int)(s->s3->flags); - break; -#ifndef NO_RSA - case SSL_CTRL_NEED_TMP_RSA: - if ((s->cert != NULL) && (s->cert->rsa_tmp == NULL) && - ((s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) || - (EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8)))) - ret = 1; - break; - case SSL_CTRL_SET_TMP_RSA: - { - RSA *rsa = (RSA *)parg; - if (rsa == NULL) - { - SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER); - return(ret); - } - if ((rsa = RSAPrivateKey_dup(rsa)) == NULL) - { - SSLerr(SSL_F_SSL3_CTRL, ERR_R_RSA_LIB); - return(ret); - } - if (s->cert->rsa_tmp != NULL) - RSA_free(s->cert->rsa_tmp); - s->cert->rsa_tmp = rsa; - ret = 1; - } - break; - case SSL_CTRL_SET_TMP_RSA_CB: - { - SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); - return(ret); - } - break; -#endif -#ifndef NO_DH - case SSL_CTRL_SET_TMP_DH: - { - DH *dh = (DH *)parg; - if (dh == NULL) - { - SSLerr(SSL_F_SSL3_CTRL, ERR_R_PASSED_NULL_PARAMETER); - return(ret); - } - if ((dh = DHparams_dup(dh)) == NULL) - { - SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB); - return(ret); - } - if (!(s->options & SSL_OP_SINGLE_DH_USE)) - { - if (!DH_generate_key(dh)) - { - DH_free(dh); - SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB); - return(ret); - } - } - if (s->cert->dh_tmp != NULL) - DH_free(s->cert->dh_tmp); - s->cert->dh_tmp = dh; - ret = 1; - } - break; - case SSL_CTRL_SET_TMP_DH_CB: - { - SSLerr(SSL_F_SSL3_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); - return(ret); - } - break; -#endif - default: - break; - } - return(ret); - } - -long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)()) - { - int ret=0; - -#if !defined(NO_DSA) || !defined(NO_RSA) - if ( -#ifndef NO_RSA - cmd == SSL_CTRL_SET_TMP_RSA_CB || -#endif -#ifndef NO_DSA - cmd == SSL_CTRL_SET_TMP_DH_CB || -#endif - 0) - { - if (!ssl_cert_inst(&s->cert)) - { - SSLerr(SSL_F_SSL3_CALLBACK_CTRL, ERR_R_MALLOC_FAILURE); - return(0); - } - } -#endif - - switch (cmd) - { -#ifndef NO_RSA - case SSL_CTRL_SET_TMP_RSA_CB: - { - s->cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp; - } - break; -#endif -#ifndef NO_DH - case SSL_CTRL_SET_TMP_DH_CB: - { - s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp; - } - break; -#endif - default: - break; - } - return(ret); - } - -long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, char *parg) - { - CERT *cert; - - cert=ctx->cert; - - switch (cmd) - { -#ifndef NO_RSA - case SSL_CTRL_NEED_TMP_RSA: - if ( (cert->rsa_tmp == NULL) && - ((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) || - (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8))) - ) - return(1); - else - return(0); - /* break; */ - case SSL_CTRL_SET_TMP_RSA: - { - RSA *rsa; - int i; - - rsa=(RSA *)parg; - i=1; - if (rsa == NULL) - i=0; - else - { - if ((rsa=RSAPrivateKey_dup(rsa)) == NULL) - i=0; - } - if (!i) - { - SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_RSA_LIB); - return(0); - } - else - { - if (cert->rsa_tmp != NULL) - RSA_free(cert->rsa_tmp); - cert->rsa_tmp=rsa; - return(1); - } - } - /* break; */ - case SSL_CTRL_SET_TMP_RSA_CB: - { - SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); - return(0); - } - break; -#endif -#ifndef NO_DH - case SSL_CTRL_SET_TMP_DH: - { - DH *new=NULL,*dh; - - dh=(DH *)parg; - if ((new=DHparams_dup(dh)) == NULL) - { - SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB); - return 0; - } - if (!(ctx->options & SSL_OP_SINGLE_DH_USE)) - { - if (!DH_generate_key(new)) - { - SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB); - DH_free(new); - return 0; - } - } - if (cert->dh_tmp != NULL) - DH_free(cert->dh_tmp); - cert->dh_tmp=new; - return 1; - } - /*break; */ - case SSL_CTRL_SET_TMP_DH_CB: - { - SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); - return(0); - } - break; -#endif - /* A Thawte special :-) */ - case SSL_CTRL_EXTRA_CHAIN_CERT: - if (ctx->extra_certs == NULL) - { - if ((ctx->extra_certs=sk_X509_new_null()) == NULL) - return(0); - } - sk_X509_push(ctx->extra_certs,(X509 *)parg); - break; - - default: - return(0); - } - return(1); - } - -long ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)()) - { - CERT *cert; - - cert=ctx->cert; - - switch (cmd) - { -#ifndef NO_RSA - case SSL_CTRL_SET_TMP_RSA_CB: - { - cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp; - } - break; -#endif -#ifndef NO_DH - case SSL_CTRL_SET_TMP_DH_CB: - { - cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp; - } - break; -#endif - default: - return(0); - } - return(1); - } - -/* This function needs to check if the ciphers required are actually - * available */ -SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p) - { - static int init=1; - static SSL_CIPHER *sorted[SSL3_NUM_CIPHERS]; - SSL_CIPHER c,*cp= &c,**cpp; - unsigned long id; - int i; - - if (init) - { - CRYPTO_w_lock(CRYPTO_LOCK_SSL); - - for (i=0; ivalid) - return(NULL); - else - return(*cpp); - } - -int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p) - { - long l; - - if (p != NULL) - { - l=c->id; - if ((l & 0xff000000) != 0x03000000) return(0); - p[0]=((unsigned char)(l>> 8L))&0xFF; - p[1]=((unsigned char)(l ))&0xFF; - } - return(2); - } - -SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *have, - STACK_OF(SSL_CIPHER) *pref) - { - SSL_CIPHER *c,*ret=NULL; - int i,j,ok; - CERT *cert; - unsigned long alg,mask,emask; - - /* Let's see which ciphers we can support */ - cert=s->cert; - - sk_SSL_CIPHER_set_cmp_func(pref,ssl_cipher_ptr_id_cmp); - -#ifdef CIPHER_DEBUG - printf("Have:\n"); - for(i=0 ; i < sk_num(pref) ; ++i) - { - c=(SSL_CIPHER *)sk_value(pref,i); - printf("%p:%s\n",c,c->name); - } -#endif - - for (i=0; imask; - emask=cert->export_mask; - - alg=c->algorithms&(SSL_MKEY_MASK|SSL_AUTH_MASK); - if (SSL_C_IS_EXPORT(c)) - { - ok=((alg & emask) == alg)?1:0; -#ifdef CIPHER_DEBUG - printf("%d:[%08lX:%08lX]%p:%s (export)\n",ok,alg,emask, - c,c->name); -#endif - } - else - { - ok=((alg & mask) == alg)?1:0; -#ifdef CIPHER_DEBUG - printf("%d:[%08lX:%08lX]%p:%s\n",ok,alg,mask,c, - c->name); -#endif - } - - if (!ok) continue; - - j=sk_SSL_CIPHER_find(pref,c); - if (j >= 0) - { - ret=sk_SSL_CIPHER_value(pref,j); - break; - } - } - return(ret); - } - -int ssl3_get_req_cert_type(SSL *s, unsigned char *p) - { - int ret=0; - unsigned long alg; - - alg=s->s3->tmp.new_cipher->algorithms; - -#ifndef NO_DH - if (alg & (SSL_kDHr|SSL_kEDH)) - { -# ifndef NO_RSA - p[ret++]=SSL3_CT_RSA_FIXED_DH; -# endif -# ifndef NO_DSA - p[ret++]=SSL3_CT_DSS_FIXED_DH; -# endif - } - if ((s->version == SSL3_VERSION) && - (alg & (SSL_kEDH|SSL_kDHd|SSL_kDHr))) - { -# ifndef NO_RSA - p[ret++]=SSL3_CT_RSA_EPHEMERAL_DH; -# endif -# ifndef NO_DSA - p[ret++]=SSL3_CT_DSS_EPHEMERAL_DH; -# endif - } -#endif /* !NO_DH */ -#ifndef NO_RSA - p[ret++]=SSL3_CT_RSA_SIGN; -#endif -#ifndef NO_DSA - p[ret++]=SSL3_CT_DSS_SIGN; -#endif - return(ret); - } - -int ssl3_shutdown(SSL *s) - { - - /* Don't do anything much if we have not done the handshake or - * we don't want to send messages :-) */ - if ((s->quiet_shutdown) || (s->state == SSL_ST_BEFORE)) - { - s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN); - return(1); - } - - if (!(s->shutdown & SSL_SENT_SHUTDOWN)) - { - s->shutdown|=SSL_SENT_SHUTDOWN; -#if 1 - ssl3_send_alert(s,SSL3_AL_WARNING,SSL_AD_CLOSE_NOTIFY); -#endif - /* our shutdown alert has been sent now, and if it still needs - * to be written, s->s3->alert_dispatch will be true */ - } - else if (s->s3->alert_dispatch) - { - /* resend it if not sent */ -#if 1 - ssl3_dispatch_alert(s); -#endif - } - else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) - { - /* If we are waiting for a close from our peer, we are closed */ - ssl3_read_bytes(s,0,NULL,0); - } - - if ((s->shutdown == (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN)) && - !s->s3->alert_dispatch) - return(1); - else - return(0); - } - -int ssl3_write(SSL *s, const void *buf, int len) - { - int ret,n; - -#if 0 - if (s->shutdown & SSL_SEND_SHUTDOWN) - { - s->rwstate=SSL_NOTHING; - return(0); - } -#endif - clear_sys_error(); - if (s->s3->renegotiate) ssl3_renegotiate_check(s); - - /* This is an experimental flag that sends the - * last handshake message in the same packet as the first - * use data - used to see if it helps the TCP protocol during - * session-id reuse */ - /* The second test is because the buffer may have been removed */ - if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio)) - { - /* First time through, we write into the buffer */ - if (s->s3->delay_buf_pop_ret == 0) - { - ret=ssl3_write_bytes(s,SSL3_RT_APPLICATION_DATA, - buf,len); - if (ret <= 0) return(ret); - - s->s3->delay_buf_pop_ret=ret; - } - - s->rwstate=SSL_WRITING; - n=BIO_flush(s->wbio); - if (n <= 0) return(n); - s->rwstate=SSL_NOTHING; - - /* We have flushed the buffer, so remove it */ - ssl_free_wbio_buffer(s); - s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER; - - ret=s->s3->delay_buf_pop_ret; - s->s3->delay_buf_pop_ret=0; - } - else - { - ret=ssl3_write_bytes(s,SSL3_RT_APPLICATION_DATA, - buf,len); - if (ret <= 0) return(ret); - } - - return(ret); - } - -int ssl3_read(SSL *s, void *buf, int len) - { - int ret; - - clear_sys_error(); - if (s->s3->renegotiate) ssl3_renegotiate_check(s); - s->s3->in_read_app_data=1; - ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len); - if ((ret == -1) && (s->s3->in_read_app_data == 0)) - { - /* ssl3_read_bytes decided to call s->handshake_func, which - * called ssl3_read_bytes to read handshake data. - * However, ssl3_read_bytes actually found application data - * and thinks that application data makes sense here (signalled - * by resetting 'in_read_app_data', strangely); so disable - * handshake processing and try to read application data again. */ - s->in_handshake++; - ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len); - s->in_handshake--; - } - else - s->s3->in_read_app_data=0; - - return(ret); - } - -int ssl3_peek(SSL *s, char *buf, int len) - { - SSL3_RECORD *rr; - int n; - - rr= &(s->s3->rrec); - if ((rr->length == 0) || (rr->type != SSL3_RT_APPLICATION_DATA)) - { - n=ssl3_read(s,buf,1); - if (n <= 0) return(n); - rr->length++; - rr->off--; - } - - if ((unsigned int)len > rr->length) - n=rr->length; - else - n=len; - memcpy(buf,&(rr->data[rr->off]),(unsigned int)n); - return(n); - } - -int ssl3_renegotiate(SSL *s) - { - if (s->handshake_func == NULL) - return(1); - - if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) - return(0); - - s->s3->renegotiate=1; - return(1); - } - -int ssl3_renegotiate_check(SSL *s) - { - int ret=0; - - if (s->s3->renegotiate) - { - if ( (s->s3->rbuf.left == 0) && - (s->s3->wbuf.left == 0) && - !SSL_in_init(s)) - { -/* -if we are the server, and we have sent a 'RENEGOTIATE' message, we -need to go to SSL_ST_ACCEPT. -*/ - /* SSL_ST_ACCEPT */ - s->state=SSL_ST_RENEGOTIATE; - s->s3->renegotiate=0; - s->s3->num_renegotiations++; - s->s3->total_renegotiations++; - ret=1; - } - } - return(ret); - } - diff --git a/src/lib/libssl/s3_pkt.c b/src/lib/libssl/s3_pkt.c deleted file mode 100644 index 1414079853..0000000000 --- a/src/lib/libssl/s3_pkt.c +++ /dev/null @@ -1,1198 +0,0 @@ -/* ssl/s3_pkt.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include -#include -#define USE_SOCKETS -#include -#include -#include "ssl_locl.h" - -static int do_ssl3_write(SSL *s, int type, const unsigned char *buf, - unsigned int len); -static int ssl3_write_pending(SSL *s, int type, const unsigned char *buf, - unsigned int len); -static int ssl3_get_record(SSL *s); -static int do_compress(SSL *ssl); -static int do_uncompress(SSL *ssl); -static int do_change_cipher_spec(SSL *ssl); - -/* used only by ssl3_get_record */ -static int ssl3_read_n(SSL *s, int n, int max, int extend) - { - /* If extend == 0, obtain new n-byte packet; if extend == 1, increase - * packet by another n bytes. - * The packet will be in the sub-array of s->s3->rbuf.buf specified - * by s->packet and s->packet_length. - * (If s->read_ahead is set, 'max' bytes may be stored in rbuf - * [plus s->packet_length bytes if extend == 1].) - */ - int i,off,newb; - - if (!extend) - { - /* start with empty packet ... */ - if (s->s3->rbuf.left == 0) - s->s3->rbuf.offset = 0; - s->packet = s->s3->rbuf.buf + s->s3->rbuf.offset; - s->packet_length = 0; - /* ... now we can act as if 'extend' was set */ - } - - /* if there is enough in the buffer from a previous read, take some */ - if (s->s3->rbuf.left >= (int)n) - { - s->packet_length+=n; - s->s3->rbuf.left-=n; - s->s3->rbuf.offset+=n; - return(n); - } - - /* else we need to read more data */ - if (!s->read_ahead) - max=n; - - { - /* avoid buffer overflow */ - int max_max = SSL3_RT_MAX_PACKET_SIZE - s->packet_length; - if (s->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER) - max_max += SSL3_RT_MAX_EXTRA; - if (max > max_max) - max = max_max; - } - if (n > max) /* does not happen */ - { - SSLerr(SSL_F_SSL3_READ_N,SSL_R_INTERNAL_ERROR); - return -1; - } - - off = s->packet_length; - newb = s->s3->rbuf.left; - /* Move any available bytes to front of buffer: - * 'off' bytes already pointed to by 'packet', - * 'newb' extra ones at the end */ - if (s->packet != s->s3->rbuf.buf) - { - /* off > 0 */ - memmove(s->s3->rbuf.buf, s->packet, off+newb); - s->packet = s->s3->rbuf.buf; - } - - while (newb < n) - { - /* Now we have off+newb bytes at the front of s->s3->rbuf.buf and need - * to read in more until we have off+n (up to off+max if possible) */ - - clear_sys_error(); - if (s->rbio != NULL) - { - s->rwstate=SSL_READING; - i=BIO_read(s->rbio, &(s->s3->rbuf.buf[off+newb]), max-newb); - } - else - { - SSLerr(SSL_F_SSL3_READ_N,SSL_R_READ_BIO_NOT_SET); - i = -1; - } - - if (i <= 0) - { - s->s3->rbuf.left = newb; - return(i); - } - newb+=i; - } - - /* done reading, now the book-keeping */ - s->s3->rbuf.offset = off + n; - s->s3->rbuf.left = newb - n; - s->packet_length += n; - s->rwstate=SSL_NOTHING; - return(n); - } - -/* Call this to get a new input record. - * It will return <= 0 if more data is needed, normally due to an error - * or non-blocking IO. - * When it finishes, one packet has been decoded and can be found in - * ssl->s3->rrec.type - is the type of record - * ssl->s3->rrec.data, - data - * ssl->s3->rrec.length, - number of bytes - */ -/* used only by ssl3_read_bytes */ -static int ssl3_get_record(SSL *s) - { - int ssl_major,ssl_minor,al; - int n,i,ret= -1; - SSL3_RECORD *rr; - SSL_SESSION *sess; - unsigned char *p; - unsigned char md[EVP_MAX_MD_SIZE]; - short version; - unsigned int mac_size; - int clear=0,extra; - - rr= &(s->s3->rrec); - sess=s->session; - - if (s->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER) - extra=SSL3_RT_MAX_EXTRA; - else - extra=0; - -again: - /* check if we have the header */ - if ( (s->rstate != SSL_ST_READ_BODY) || - (s->packet_length < SSL3_RT_HEADER_LENGTH)) - { - n=ssl3_read_n(s,SSL3_RT_HEADER_LENGTH, - SSL3_RT_MAX_PACKET_SIZE,0); - if (n <= 0) return(n); /* error or non-blocking */ - s->rstate=SSL_ST_READ_BODY; - - p=s->packet; - - /* Pull apart the header into the SSL3_RECORD */ - rr->type= *(p++); - ssl_major= *(p++); - ssl_minor= *(p++); - version=(ssl_major<<8)|ssl_minor; - n2s(p,rr->length); - - /* Lets check version */ - if (s->first_packet) - { - s->first_packet=0; - } - else - { - if (version != s->version) - { - SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER); - /* Send back error using their - * version number :-) */ - s->version=version; - al=SSL_AD_PROTOCOL_VERSION; - goto f_err; - } - } - - if ((version>>8) != SSL3_VERSION_MAJOR) - { - SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER); - goto err; - } - - if (rr->length > - (unsigned int)SSL3_RT_MAX_ENCRYPTED_LENGTH+extra) - { - al=SSL_AD_RECORD_OVERFLOW; - SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_PACKET_LENGTH_TOO_LONG); - goto f_err; - } - - /* now s->rstate == SSL_ST_READ_BODY */ - } - - /* s->rstate == SSL_ST_READ_BODY, get and decode the data */ - - if (rr->length > (s->packet_length-SSL3_RT_HEADER_LENGTH)) - { - /* now s->packet_length == SSL3_RT_HEADER_LENGTH */ - i=rr->length; - n=ssl3_read_n(s,i,i,1); - if (n <= 0) return(n); /* error or non-blocking io */ - /* now n == rr->length, - * and s->packet_length == SSL3_RT_HEADER_LENGTH + rr->length */ - } - - s->rstate=SSL_ST_READ_HEADER; /* set state for later operations */ - - /* At this point, s->packet_length == SSL3_RT_HEADER_LNGTH + rr->length, - * and we have that many bytes in s->packet - */ - rr->input= &(s->packet[SSL3_RT_HEADER_LENGTH]); - - /* ok, we can now read from 's->packet' data into 'rr' - * rr->input points at rr->length bytes, which - * need to be copied into rr->data by either - * the decryption or by the decompression - * When the data is 'copied' into the rr->data buffer, - * rr->input will be pointed at the new buffer */ - - /* We now have - encrypted [ MAC [ compressed [ plain ] ] ] - * rr->length bytes of encrypted compressed stuff. */ - - /* check is not needed I believe */ - if (rr->length > (unsigned int)SSL3_RT_MAX_ENCRYPTED_LENGTH+extra) - { - al=SSL_AD_RECORD_OVERFLOW; - SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_ENCRYPTED_LENGTH_TOO_LONG); - goto f_err; - } - - /* decrypt in place in 'rr->input' */ - rr->data=rr->input; - - if (!s->method->ssl3_enc->enc(s,0)) - { - al=SSL_AD_DECRYPT_ERROR; - goto f_err; - } -#ifdef TLS_DEBUG -printf("dec %d\n",rr->length); -{ unsigned int z; for (z=0; zlength; z++) printf("%02X%c",rr->data[z],((z+1)%16)?' ':'\n'); } -printf("\n"); -#endif - /* r->length is now the compressed data plus mac */ - if ( (sess == NULL) || - (s->enc_read_ctx == NULL) || - (s->read_hash == NULL)) - clear=1; - - if (!clear) - { - mac_size=EVP_MD_size(s->read_hash); - - if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+extra+mac_size) - { - al=SSL_AD_RECORD_OVERFLOW; - SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_PRE_MAC_LENGTH_TOO_LONG); - goto f_err; - } - /* check the MAC for rr->input (it's in mac_size bytes at the tail) */ - if (rr->length < mac_size) - { - al=SSL_AD_DECODE_ERROR; - SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_LENGTH_TOO_SHORT); - goto f_err; - } - rr->length-=mac_size; - i=s->method->ssl3_enc->mac(s,md,0); - if (memcmp(md,&(rr->data[rr->length]),mac_size) != 0) - { - al=SSL_AD_BAD_RECORD_MAC; - SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_BAD_MAC_DECODE); - ret= -1; - goto f_err; - } - } - - /* r->length is now just compressed */ - if (s->expand != NULL) - { - if (rr->length > - (unsigned int)SSL3_RT_MAX_COMPRESSED_LENGTH+extra) - { - al=SSL_AD_RECORD_OVERFLOW; - SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_COMPRESSED_LENGTH_TOO_LONG); - goto f_err; - } - if (!do_uncompress(s)) - { - al=SSL_AD_DECOMPRESSION_FAILURE; - SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_BAD_DECOMPRESSION); - goto f_err; - } - } - - if (rr->length > (unsigned int)SSL3_RT_MAX_PLAIN_LENGTH+extra) - { - al=SSL_AD_RECORD_OVERFLOW; - SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_DATA_LENGTH_TOO_LONG); - goto f_err; - } - - rr->off=0; - /* So at this point the following is true - * ssl->s3->rrec.type is the type of record - * ssl->s3->rrec.length == number of bytes in record - * ssl->s3->rrec.off == offset to first valid byte - * ssl->s3->rrec.data == where to take bytes from, increment - * after use :-). - */ - - /* we have pulled in a full packet so zero things */ - s->packet_length=0; - - /* just read a 0 length packet */ - if (rr->length == 0) goto again; - - return(1); -f_err: - ssl3_send_alert(s,SSL3_AL_FATAL,al); -err: - return(ret); - } - -static int do_uncompress(SSL *ssl) - { - int i; - SSL3_RECORD *rr; - - rr= &(ssl->s3->rrec); - i=COMP_expand_block(ssl->expand,rr->comp, - SSL3_RT_MAX_PLAIN_LENGTH,rr->data,(int)rr->length); - if (i < 0) - return(0); - else - rr->length=i; - rr->data=rr->comp; - - return(1); - } - -static int do_compress(SSL *ssl) - { - int i; - SSL3_RECORD *wr; - - wr= &(ssl->s3->wrec); - i=COMP_compress_block(ssl->compress,wr->data, - SSL3_RT_MAX_COMPRESSED_LENGTH, - wr->input,(int)wr->length); - if (i < 0) - return(0); - else - wr->length=i; - - wr->input=wr->data; - return(1); - } - -/* Call this to write data in records of type 'type' - * It will return <= 0 if not all data has been sent or non-blocking IO. - */ -int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len) - { - const unsigned char *buf=buf_; - unsigned int tot,n,nw; - int i; - - s->rwstate=SSL_NOTHING; - tot=s->s3->wnum; - s->s3->wnum=0; - - if (SSL_in_init(s) && !s->in_handshake) - { - i=s->handshake_func(s); - if (i < 0) return(i); - if (i == 0) - { - SSLerr(SSL_F_SSL3_WRITE_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE); - return(-1); - } - } - - n=(len-tot); - for (;;) - { - if (n > SSL3_RT_MAX_PLAIN_LENGTH) - nw=SSL3_RT_MAX_PLAIN_LENGTH; - else - nw=n; - - i=do_ssl3_write(s,type,&(buf[tot]),nw); - if (i <= 0) - { - s->s3->wnum=tot; - return(i); - } - - if ((i == (int)n) || - (type == SSL3_RT_APPLICATION_DATA && - (s->mode & SSL_MODE_ENABLE_PARTIAL_WRITE))) - { - return(tot+i); - } - - n-=i; - tot+=i; - } - } - -static int do_ssl3_write(SSL *s, int type, const unsigned char *buf, - unsigned int len) - { - unsigned char *p,*plen; - int i,mac_size,clear=0; - SSL3_RECORD *wr; - SSL3_BUFFER *wb; - SSL_SESSION *sess; - - /* first check is there is a SSL3_RECORD still being written - * out. This will happen with non blocking IO */ - if (s->s3->wbuf.left != 0) - return(ssl3_write_pending(s,type,buf,len)); - - /* If we have an alert to send, lets send it */ - if (s->s3->alert_dispatch) - { - i=ssl3_dispatch_alert(s); - if (i <= 0) - return(i); - /* if it went, fall through and send more stuff */ - } - - if (len == 0) return(len); - - wr= &(s->s3->wrec); - wb= &(s->s3->wbuf); - sess=s->session; - - if ( (sess == NULL) || - (s->enc_write_ctx == NULL) || - (s->write_hash == NULL)) - clear=1; - - if (clear) - mac_size=0; - else - mac_size=EVP_MD_size(s->write_hash); - - p=wb->buf; - - /* write the header */ - *(p++)=type&0xff; - wr->type=type; - - *(p++)=(s->version>>8); - *(p++)=s->version&0xff; - - /* record where we are to write out packet length */ - plen=p; - p+=2; - - /* lets setup the record stuff. */ - wr->data=p; - wr->length=(int)len; - wr->input=(unsigned char *)buf; - - /* we now 'read' from wr->input, wr->length bytes into - * wr->data */ - - /* first we compress */ - if (s->compress != NULL) - { - if (!do_compress(s)) - { - SSLerr(SSL_F_DO_SSL3_WRITE,SSL_R_COMPRESSION_FAILURE); - goto err; - } - } - else - { - memcpy(wr->data,wr->input,wr->length); - wr->input=wr->data; - } - - /* we should still have the output to wr->data and the input - * from wr->input. Length should be wr->length. - * wr->data still points in the wb->buf */ - - if (mac_size != 0) - { - s->method->ssl3_enc->mac(s,&(p[wr->length]),1); - wr->length+=mac_size; - wr->input=p; - wr->data=p; - } - - /* ssl3_enc can only have an error on read */ - s->method->ssl3_enc->enc(s,1); - - /* record length after mac and block padding */ - s2n(wr->length,plen); - - /* we should now have - * wr->data pointing to the encrypted data, which is - * wr->length long */ - wr->type=type; /* not needed but helps for debugging */ - wr->length+=SSL3_RT_HEADER_LENGTH; - - /* Now lets setup wb */ - wb->left=wr->length; - wb->offset=0; - - s->s3->wpend_tot=len; - s->s3->wpend_buf=buf; - s->s3->wpend_type=type; - s->s3->wpend_ret=len; - - /* we now just need to write the buffer */ - return(ssl3_write_pending(s,type,buf,len)); -err: - return(-1); - } - -/* if s->s3->wbuf.left != 0, we need to call this */ -static int ssl3_write_pending(SSL *s, int type, const unsigned char *buf, - unsigned int len) - { - int i; - -/* XXXX */ - if ((s->s3->wpend_tot > (int)len) - || ((s->s3->wpend_buf != buf) && - !(s->mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER)) - || (s->s3->wpend_type != type)) - { - SSLerr(SSL_F_SSL3_WRITE_PENDING,SSL_R_BAD_WRITE_RETRY); - return(-1); - } - - for (;;) - { - clear_sys_error(); - if (s->wbio != NULL) - { - s->rwstate=SSL_WRITING; - i=BIO_write(s->wbio, - (char *)&(s->s3->wbuf.buf[s->s3->wbuf.offset]), - (unsigned int)s->s3->wbuf.left); - } - else - { - SSLerr(SSL_F_SSL3_WRITE_PENDING,SSL_R_BIO_NOT_SET); - i= -1; - } - if (i == s->s3->wbuf.left) - { - s->s3->wbuf.left=0; - s->rwstate=SSL_NOTHING; - return(s->s3->wpend_ret); - } - else if (i <= 0) - return(i); - s->s3->wbuf.offset+=i; - s->s3->wbuf.left-=i; - } - } - -/* Return up to 'len' payload bytes received in 'type' records. - * 'type' is one of the following: - * - * - SSL3_RT_HANDSHAKE (when ssl3_get_message calls us) - * - SSL3_RT_APPLICATION_DATA (when ssl3_read calls us) - * - 0 (during a shutdown, no data has to be returned) - * - * If we don't have stored data to work from, read a SSL/TLS record first - * (possibly multiple records if we still don't have anything to return). - * - * This function must handle any surprises the peer may have for us, such as - * Alert records (e.g. close_notify), ChangeCipherSpec records (not really - * a surprise, but handled as if it were), or renegotiation requests. - * Also if record payloads contain fragments too small to process, we store - * them until there is enough for the respective protocol (the record protocol - * may use arbitrary fragmentation and even interleaving): - * Change cipher spec protocol - * just 1 byte needed, no need for keeping anything stored - * Alert protocol - * 2 bytes needed (AlertLevel, AlertDescription) - * Handshake protocol - * 4 bytes needed (HandshakeType, uint24 length) -- we just have - * to detect unexpected Client Hello and Hello Request messages - * here, anything else is handled by higher layers - * Application data protocol - * none of our business - */ -int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len) - { - int al,i,j,ret; - unsigned int n; - SSL3_RECORD *rr; - void (*cb)()=NULL; - - if (s->s3->rbuf.buf == NULL) /* Not initialized yet */ - if (!ssl3_setup_buffers(s)) - return(-1); - - if ((type != SSL3_RT_APPLICATION_DATA) && (type != SSL3_RT_HANDSHAKE) && type) - { - SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_INTERNAL_ERROR); - return -1; - } - - if ((type == SSL3_RT_HANDSHAKE) && (s->s3->handshake_fragment_len > 0)) - /* (partially) satisfy request from storage */ - { - unsigned char *src = s->s3->handshake_fragment; - unsigned char *dst = buf; - unsigned int k; - - n = 0; - while ((len > 0) && (s->s3->handshake_fragment_len > 0)) - { - *dst++ = *src++; - len--; s->s3->handshake_fragment_len--; - n++; - } - /* move any remaining fragment bytes: */ - for (k = 0; k < s->s3->handshake_fragment_len; k++) - s->s3->handshake_fragment[k] = *src++; - return n; - } - - /* Now s->s3->handshake_fragment_len == 0 if type == SSL3_RT_HANDSHAKE. */ - - if (!s->in_handshake && SSL_in_init(s)) - { - /* type == SSL3_RT_APPLICATION_DATA */ - i=s->handshake_func(s); - if (i < 0) return(i); - if (i == 0) - { - SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE); - return(-1); - } - } -start: - s->rwstate=SSL_NOTHING; - - /* s->s3->rrec.type - is the type of record - * s->s3->rrec.data, - data - * s->s3->rrec.off, - offset into 'data' for next read - * s->s3->rrec.length, - number of bytes. */ - rr = &(s->s3->rrec); - - /* get new packet */ - if ((rr->length == 0) || (s->rstate == SSL_ST_READ_BODY)) - { - ret=ssl3_get_record(s); - if (ret <= 0) return(ret); - } - - /* we now have a packet which can be read and processed */ - - if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec, - * reset by ssl3_get_finished */ - && (rr->type != SSL3_RT_HANDSHAKE)) - { - al=SSL_AD_UNEXPECTED_MESSAGE; - SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_DATA_BETWEEN_CCS_AND_FINISHED); - goto err; - } - - /* If the other end has shutdown, throw anything we read away */ - if (s->shutdown & SSL_RECEIVED_SHUTDOWN) - { - rr->length=0; - s->rwstate=SSL_NOTHING; - return(0); - } - - - if (type == rr->type) /* SSL3_RT_APPLICATION_DATA or SSL3_RT_HANDSHAKE */ - { - /* make sure that we are not getting application data when we - * are doing a handshake for the first time */ - if (SSL_in_init(s) && (type == SSL3_RT_APPLICATION_DATA) && - (s->enc_read_ctx == NULL)) - { - al=SSL_AD_UNEXPECTED_MESSAGE; - SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_APP_DATA_IN_HANDSHAKE); - goto f_err; - } - - if (len <= 0) return(len); - - if ((unsigned int)len > rr->length) - n = rr->length; - else - n = (unsigned int)len; - - memcpy(buf,&(rr->data[rr->off]),n); - rr->length-=n; - rr->off+=n; - if (rr->length == 0) - { - s->rstate=SSL_ST_READ_HEADER; - rr->off=0; - } - return(n); - } - - - /* If we get here, then type != rr->type; if we have a handshake - * message, then it was unexpected (Hello Request or Client Hello). */ - - /* In case of record types for which we have 'fragment' storage, - * fill that so that we can process the data at a fixed place. - */ - { - unsigned int dest_maxlen = 0; - unsigned char *dest = NULL; - unsigned int *dest_len = NULL; - - if (rr->type == SSL3_RT_HANDSHAKE) - { - dest_maxlen = sizeof s->s3->handshake_fragment; - dest = s->s3->handshake_fragment; - dest_len = &s->s3->handshake_fragment_len; - } - else if (rr->type == SSL3_RT_ALERT) - { - dest_maxlen = sizeof s->s3->alert_fragment; - dest = s->s3->alert_fragment; - dest_len = &s->s3->alert_fragment_len; - } - - if (dest_maxlen > 0) - { - n = dest_maxlen - *dest_len; /* available space in 'dest' */ - if (rr->length < n) - n = rr->length; /* available bytes */ - - /* now move 'n' bytes: */ - while (n-- > 0) - { - dest[(*dest_len)++] = rr->data[rr->off++]; - rr->length--; - } - - if (*dest_len < dest_maxlen) - goto start; /* fragment was too small */ - } - } - - /* s->s3->handshake_fragment_len == 4 iff rr->type == SSL3_RT_HANDSHAKE; - * s->s3->alert_fragment_len == 2 iff rr->type == SSL3_RT_ALERT. - * (Possibly rr is 'empty' now, i.e. rr->length may be 0.) */ - - /* If we are a client, check for an incoming 'Hello Request': */ - if ((!s->server) && - (s->s3->handshake_fragment_len >= 4) && - (s->s3->handshake_fragment[0] == SSL3_MT_HELLO_REQUEST) && - (s->session != NULL) && (s->session->cipher != NULL)) - { - s->s3->handshake_fragment_len = 0; - - if ((s->s3->handshake_fragment[1] != 0) || - (s->s3->handshake_fragment[2] != 0) || - (s->s3->handshake_fragment[3] != 0)) - { - al=SSL_AD_DECODE_ERROR; - SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_BAD_HELLO_REQUEST); - goto err; - } - - if (SSL_is_init_finished(s) && - !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) && - !s->s3->renegotiate) - { - ssl3_renegotiate(s); - if (ssl3_renegotiate_check(s)) - { - i=s->handshake_func(s); - if (i < 0) return(i); - if (i == 0) - { - SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE); - return(-1); - } - - if (!(s->mode & SSL_MODE_AUTO_RETRY)) - { - if (s->s3->rbuf.left == 0) /* no read-ahead left? */ - { - BIO *bio; - /* In the case where we try to read application data, - * but we trigger an SSL handshake, we return -1 with - * the retry option set. Otherwise renegotiation may - * cause nasty problems in the blocking world */ - s->rwstate=SSL_READING; - bio=SSL_get_rbio(s); - BIO_clear_retry_flags(bio); - BIO_set_retry_read(bio); - return(-1); - } - } - } - } - /* we either finished a handshake or ignored the request, - * now try again to obtain the (application) data we were asked for */ - goto start; - } - - if (s->s3->alert_fragment_len >= 2) - { - int alert_level = s->s3->alert_fragment[0]; - int alert_descr = s->s3->alert_fragment[1]; - - s->s3->alert_fragment_len = 0; - - if (s->info_callback != NULL) - cb=s->info_callback; - else if (s->ctx->info_callback != NULL) - cb=s->ctx->info_callback; - - if (cb != NULL) - { - j = (alert_level << 8) | alert_descr; - cb(s, SSL_CB_READ_ALERT, j); - } - - if (alert_level == 1) /* warning */ - { - s->s3->warn_alert = alert_descr; - if (alert_descr == SSL_AD_CLOSE_NOTIFY) - { - s->shutdown |= SSL_RECEIVED_SHUTDOWN; - return(0); - } - } - else if (alert_level == 2) /* fatal */ - { - char tmp[16]; - - s->rwstate=SSL_NOTHING; - s->s3->fatal_alert = alert_descr; - SSLerr(SSL_F_SSL3_READ_BYTES, SSL_AD_REASON_OFFSET + alert_descr); - BIO_snprintf(tmp,sizeof tmp,"%d",alert_descr); - ERR_add_error_data(2,"SSL alert number ",tmp); - s->shutdown|=SSL_RECEIVED_SHUTDOWN; - SSL_CTX_remove_session(s->ctx,s->session); - return(0); - } - else - { - al=SSL_AD_ILLEGAL_PARAMETER; - SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_UNKNOWN_ALERT_TYPE); - goto f_err; - } - - goto start; - } - - if (s->shutdown & SSL_SENT_SHUTDOWN) /* but we have not received a shutdown */ - { - s->rwstate=SSL_NOTHING; - rr->length=0; - return(0); - } - - if (rr->type == SSL3_RT_CHANGE_CIPHER_SPEC) - { - /* 'Change Cipher Spec' is just a single byte, so we know - * exactly what the record payload has to look like */ - if ( (rr->length != 1) || (rr->off != 0) || - (rr->data[0] != SSL3_MT_CCS)) - { - i=SSL_AD_ILLEGAL_PARAMETER; - SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_BAD_CHANGE_CIPHER_SPEC); - goto err; - } - - rr->length=0; - s->s3->change_cipher_spec=1; - if (!do_change_cipher_spec(s)) - goto err; - else - goto start; - } - - /* Unexpected handshake message (Client Hello, or protocol violation) */ - if ((s->s3->handshake_fragment_len >= 4) && !s->in_handshake) - { - if (((s->state&SSL_ST_MASK) == SSL_ST_OK) && - !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)) - { -#if 0 /* worked only because C operator preferences are not as expected (and - * because this is not really needed for clients except for detecting - * protocol violations): */ - s->state=SSL_ST_BEFORE|(s->server) - ?SSL_ST_ACCEPT - :SSL_ST_CONNECT; -#else - s->state = s->server ? SSL_ST_ACCEPT : SSL_ST_CONNECT; -#endif - s->new_session=1; - } - i=s->handshake_func(s); - if (i < 0) return(i); - if (i == 0) - { - SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE); - return(-1); - } - - if (!(s->mode & SSL_MODE_AUTO_RETRY)) - { - if (s->s3->rbuf.left == 0) /* no read-ahead left? */ - { - BIO *bio; - /* In the case where we try to read application data, - * but we trigger an SSL handshake, we return -1 with - * the retry option set. Otherwise renegotiation may - * cause nasty problems in the blocking world */ - s->rwstate=SSL_READING; - bio=SSL_get_rbio(s); - BIO_clear_retry_flags(bio); - BIO_set_retry_read(bio); - return(-1); - } - } - goto start; - } - - switch (rr->type) - { - default: -#ifndef NO_TLS - /* TLS just ignores unknown message types */ - if (s->version == TLS1_VERSION) - { - goto start; - } -#endif - al=SSL_AD_UNEXPECTED_MESSAGE; - SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_UNEXPECTED_RECORD); - goto f_err; - case SSL3_RT_CHANGE_CIPHER_SPEC: - case SSL3_RT_ALERT: - case SSL3_RT_HANDSHAKE: - /* we already handled all of these, with the possible exception - * of SSL3_RT_HANDSHAKE when s->in_handshake is set, but that - * should not happen when type != rr->type */ - al=SSL_AD_UNEXPECTED_MESSAGE; - SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_INTERNAL_ERROR); - goto f_err; - case SSL3_RT_APPLICATION_DATA: - /* At this point, we were expecting handshake data, - * but have application data. If the library was - * running inside ssl3_read() (i.e. in_read_app_data - * is set) and it makes sense to read application data - * at this point (session renegotiation not yet started), - * we will indulge it. - */ - if (s->s3->in_read_app_data && - (s->s3->total_renegotiations != 0) && - (( - (s->state & SSL_ST_CONNECT) && - (s->state >= SSL3_ST_CW_CLNT_HELLO_A) && - (s->state <= SSL3_ST_CR_SRVR_HELLO_A) - ) || ( - (s->state & SSL_ST_ACCEPT) && - (s->state <= SSL3_ST_SW_HELLO_REQ_A) && - (s->state >= SSL3_ST_SR_CLNT_HELLO_A) - ) - )) - { - s->s3->in_read_app_data=0; - return(-1); - } - else - { - al=SSL_AD_UNEXPECTED_MESSAGE; - SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_UNEXPECTED_RECORD); - goto f_err; - } - } - /* not reached */ - -f_err: - ssl3_send_alert(s,SSL3_AL_FATAL,al); -err: - return(-1); - } - -static int do_change_cipher_spec(SSL *s) - { - int i; - const char *sender; - int slen; - - if (s->state & SSL_ST_ACCEPT) - i=SSL3_CHANGE_CIPHER_SERVER_READ; - else - i=SSL3_CHANGE_CIPHER_CLIENT_READ; - - if (s->s3->tmp.key_block == NULL) - { - s->session->cipher=s->s3->tmp.new_cipher; - if (!s->method->ssl3_enc->setup_key_block(s)) return(0); - } - - if (!s->method->ssl3_enc->change_cipher_state(s,i)) - return(0); - - /* we have to record the message digest at - * this point so we can get it before we read - * the finished message */ - if (s->state & SSL_ST_CONNECT) - { - sender=s->method->ssl3_enc->server_finished_label; - slen=s->method->ssl3_enc->server_finished_label_len; - } - else - { - sender=s->method->ssl3_enc->client_finished_label; - slen=s->method->ssl3_enc->client_finished_label_len; - } - - s->s3->tmp.peer_finish_md_len = s->method->ssl3_enc->final_finish_mac(s, - &(s->s3->finish_dgst1), - &(s->s3->finish_dgst2), - sender,slen,s->s3->tmp.peer_finish_md); - - return(1); - } - -void ssl3_send_alert(SSL *s, int level, int desc) - { - /* Map tls/ssl alert value to correct one */ - desc=s->method->ssl3_enc->alert_value(desc); - if (desc < 0) return; - /* If a fatal one, remove from cache */ - if ((level == 2) && (s->session != NULL)) - SSL_CTX_remove_session(s->ctx,s->session); - - s->s3->alert_dispatch=1; - s->s3->send_alert[0]=level; - s->s3->send_alert[1]=desc; - if (s->s3->wbuf.left == 0) /* data still being written out */ - ssl3_dispatch_alert(s); - /* else data is still being written out, we will get written - * some time in the future */ - } - -int ssl3_dispatch_alert(SSL *s) - { - int i,j; - void (*cb)()=NULL; - - s->s3->alert_dispatch=0; - i=do_ssl3_write(s,SSL3_RT_ALERT,&s->s3->send_alert[0],2); - if (i <= 0) - { - s->s3->alert_dispatch=1; - } - else - { - /* If it is important, send it now. If the message - * does not get sent due to non-blocking IO, we will - * not worry too much. */ - if (s->s3->send_alert[0] == SSL3_AL_FATAL) - (void)BIO_flush(s->wbio); - - if (s->info_callback != NULL) - cb=s->info_callback; - else if (s->ctx->info_callback != NULL) - cb=s->ctx->info_callback; - - if (cb != NULL) - { - j=(s->s3->send_alert[0]<<8)|s->s3->send_alert[1]; - cb(s,SSL_CB_WRITE_ALERT,j); - } - } - return(i); - } diff --git a/src/lib/libssl/s3_srvr.c b/src/lib/libssl/s3_srvr.c deleted file mode 100644 index d04232960e..0000000000 --- a/src/lib/libssl/s3_srvr.c +++ /dev/null @@ -1,1755 +0,0 @@ -/* ssl/s3_srvr.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#define REUSE_CIPHER_BUG -#define NETSCAPE_HANG_BUG - - -#include -#include -#include -#include -#include -#include -#include -#include -#include "ssl_locl.h" - -static SSL_METHOD *ssl3_get_server_method(int ver); -static int ssl3_get_client_hello(SSL *s); -static int ssl3_check_client_hello(SSL *s); -static int ssl3_send_server_hello(SSL *s); -static int ssl3_send_server_key_exchange(SSL *s); -static int ssl3_send_certificate_request(SSL *s); -static int ssl3_send_server_done(SSL *s); -static int ssl3_get_client_key_exchange(SSL *s); -static int ssl3_get_client_certificate(SSL *s); -static int ssl3_get_cert_verify(SSL *s); -static int ssl3_send_hello_request(SSL *s); - -static SSL_METHOD *ssl3_get_server_method(int ver) - { - if (ver == SSL3_VERSION) - return(SSLv3_server_method()); - else - return(NULL); - } - -SSL_METHOD *SSLv3_server_method(void) - { - static int init=1; - static SSL_METHOD SSLv3_server_data; - - if (init) - { - memcpy((char *)&SSLv3_server_data,(char *)sslv3_base_method(), - sizeof(SSL_METHOD)); - SSLv3_server_data.ssl_accept=ssl3_accept; - SSLv3_server_data.get_ssl_method=ssl3_get_server_method; - init=0; - } - return(&SSLv3_server_data); - } - -int ssl3_accept(SSL *s) - { - BUF_MEM *buf; - unsigned long l,Time=time(NULL); - void (*cb)()=NULL; - long num1; - int ret= -1; - int new_state,state,skip=0; - - RAND_add(&Time,sizeof(Time),0); - ERR_clear_error(); - clear_sys_error(); - - if (s->info_callback != NULL) - cb=s->info_callback; - else if (s->ctx->info_callback != NULL) - cb=s->ctx->info_callback; - - /* init things to blank */ - if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s); - s->in_handshake++; - - if (s->cert == NULL) - { - SSLerr(SSL_F_SSL3_ACCEPT,SSL_R_NO_CERTIFICATE_SET); - return(-1); - } - - for (;;) - { - state=s->state; - - switch (s->state) - { - case SSL_ST_RENEGOTIATE: - s->new_session=1; - /* s->state=SSL_ST_ACCEPT; */ - - case SSL_ST_BEFORE: - case SSL_ST_ACCEPT: - case SSL_ST_BEFORE|SSL_ST_ACCEPT: - case SSL_ST_OK|SSL_ST_ACCEPT: - - s->server=1; - if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1); - - if ((s->version>>8) != 3) - { - SSLerr(SSL_F_SSL3_ACCEPT, SSL_R_INTERNAL_ERROR); - return -1; - } - s->type=SSL_ST_ACCEPT; - - if (s->init_buf == NULL) - { - if ((buf=BUF_MEM_new()) == NULL) - { - ret= -1; - goto end; - } - if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH)) - { - ret= -1; - goto end; - } - s->init_buf=buf; - } - - if (!ssl3_setup_buffers(s)) - { - ret= -1; - goto end; - } - - /* Ok, we now need to push on a buffering BIO so that - * the output is sent in a way that TCP likes :-) - */ - if (!ssl_init_wbio_buffer(s,1)) { ret= -1; goto end; } - - s->init_num=0; - - if (s->state != SSL_ST_RENEGOTIATE) - { - ssl3_init_finished_mac(s); - s->state=SSL3_ST_SR_CLNT_HELLO_A; - s->ctx->stats.sess_accept++; - } - else - { - s->ctx->stats.sess_accept_renegotiate++; - s->state=SSL3_ST_SW_HELLO_REQ_A; - } - break; - - case SSL3_ST_SW_HELLO_REQ_A: - case SSL3_ST_SW_HELLO_REQ_B: - - s->shutdown=0; - ret=ssl3_send_hello_request(s); - if (ret <= 0) goto end; - s->s3->tmp.next_state=SSL3_ST_SW_HELLO_REQ_C; - s->state=SSL3_ST_SW_FLUSH; - s->init_num=0; - - ssl3_init_finished_mac(s); - break; - - case SSL3_ST_SW_HELLO_REQ_C: - s->state=SSL_ST_OK; - ret=1; - goto end; - /* break; */ - - case SSL3_ST_SR_CLNT_HELLO_A: - case SSL3_ST_SR_CLNT_HELLO_B: - case SSL3_ST_SR_CLNT_HELLO_C: - - s->shutdown=0; - ret=ssl3_get_client_hello(s); - if (ret <= 0) goto end; - s->state=SSL3_ST_SW_SRVR_HELLO_A; - s->init_num=0; - break; - - case SSL3_ST_SW_SRVR_HELLO_A: - case SSL3_ST_SW_SRVR_HELLO_B: - ret=ssl3_send_server_hello(s); - if (ret <= 0) goto end; - - if (s->hit) - s->state=SSL3_ST_SW_CHANGE_A; - else - s->state=SSL3_ST_SW_CERT_A; - s->init_num=0; - break; - - case SSL3_ST_SW_CERT_A: - case SSL3_ST_SW_CERT_B: - /* Check if it is anon DH */ - if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL)) - { - ret=ssl3_send_server_certificate(s); - if (ret <= 0) goto end; - } - else - skip=1; - s->state=SSL3_ST_SW_KEY_EXCH_A; - s->init_num=0; - break; - - case SSL3_ST_SW_KEY_EXCH_A: - case SSL3_ST_SW_KEY_EXCH_B: - l=s->s3->tmp.new_cipher->algorithms; - - /* clear this, it may get reset by - * send_server_key_exchange */ - if (s->options & SSL_OP_EPHEMERAL_RSA) - s->s3->tmp.use_rsa_tmp=1; - else - s->s3->tmp.use_rsa_tmp=0; - - /* only send if a DH key exchange, fortezza or - * RSA but we have a sign only certificate */ - if (s->s3->tmp.use_rsa_tmp - || (l & (SSL_DH|SSL_kFZA)) - || ((l & SSL_kRSA) - && (s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL - || (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) - && EVP_PKEY_size(s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey)*8 > SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher) - ) - ) - ) - ) - { - ret=ssl3_send_server_key_exchange(s); - if (ret <= 0) goto end; - } - else - skip=1; - - s->state=SSL3_ST_SW_CERT_REQ_A; - s->init_num=0; - break; - - case SSL3_ST_SW_CERT_REQ_A: - case SSL3_ST_SW_CERT_REQ_B: - if (/* don't request cert unless asked for it: */ - !(s->verify_mode & SSL_VERIFY_PEER) || - /* if SSL_VERIFY_CLIENT_ONCE is set, - * don't request cert during re-negotiation: */ - ((s->session->peer != NULL) && - (s->verify_mode & SSL_VERIFY_CLIENT_ONCE)) || - /* never request cert in anonymous ciphersuites - * (see section "Certificate request" in SSL 3 drafts - * and in RFC 2246): */ - ((s->s3->tmp.new_cipher->algorithms & SSL_aNULL) && - /* ... except when the application insists on verification - * (against the specs, but s3_clnt.c accepts this for SSL 3) */ - !(s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT))) - { - /* no cert request */ - skip=1; - s->s3->tmp.cert_request=0; - s->state=SSL3_ST_SW_SRVR_DONE_A; - } - else - { - s->s3->tmp.cert_request=1; - ret=ssl3_send_certificate_request(s); - if (ret <= 0) goto end; -#ifndef NETSCAPE_HANG_BUG - s->state=SSL3_ST_SW_SRVR_DONE_A; -#else - s->state=SSL3_ST_SW_FLUSH; - s->s3->tmp.next_state=SSL3_ST_SR_CERT_A; -#endif - s->init_num=0; - } - break; - - case SSL3_ST_SW_SRVR_DONE_A: - case SSL3_ST_SW_SRVR_DONE_B: - ret=ssl3_send_server_done(s); - if (ret <= 0) goto end; - s->s3->tmp.next_state=SSL3_ST_SR_CERT_A; - s->state=SSL3_ST_SW_FLUSH; - s->init_num=0; - break; - - case SSL3_ST_SW_FLUSH: - /* number of bytes to be flushed */ - num1=BIO_ctrl(s->wbio,BIO_CTRL_INFO,0,NULL); - if (num1 > 0) - { - s->rwstate=SSL_WRITING; - num1=BIO_flush(s->wbio); - if (num1 <= 0) { ret= -1; goto end; } - s->rwstate=SSL_NOTHING; - } - - s->state=s->s3->tmp.next_state; - break; - - case SSL3_ST_SR_CERT_A: - case SSL3_ST_SR_CERT_B: - /* Check for second client hello (MS SGC) */ - ret = ssl3_check_client_hello(s); - if (ret <= 0) - goto end; - if (ret == 2) - s->state = SSL3_ST_SR_CLNT_HELLO_C; - else { - /* could be sent for a DH cert, even if we - * have not asked for it :-) */ - ret=ssl3_get_client_certificate(s); - if (ret <= 0) goto end; - s->init_num=0; - s->state=SSL3_ST_SR_KEY_EXCH_A; - } - break; - - case SSL3_ST_SR_KEY_EXCH_A: - case SSL3_ST_SR_KEY_EXCH_B: - ret=ssl3_get_client_key_exchange(s); - if (ret <= 0) goto end; - s->state=SSL3_ST_SR_CERT_VRFY_A; - s->init_num=0; - - /* We need to get hashes here so if there is - * a client cert, it can be verified */ - s->method->ssl3_enc->cert_verify_mac(s, - &(s->s3->finish_dgst1), - &(s->s3->tmp.cert_verify_md[0])); - s->method->ssl3_enc->cert_verify_mac(s, - &(s->s3->finish_dgst2), - &(s->s3->tmp.cert_verify_md[MD5_DIGEST_LENGTH])); - - break; - - case SSL3_ST_SR_CERT_VRFY_A: - case SSL3_ST_SR_CERT_VRFY_B: - - /* we should decide if we expected this one */ - ret=ssl3_get_cert_verify(s); - if (ret <= 0) goto end; - - s->state=SSL3_ST_SR_FINISHED_A; - s->init_num=0; - break; - - case SSL3_ST_SR_FINISHED_A: - case SSL3_ST_SR_FINISHED_B: - ret=ssl3_get_finished(s,SSL3_ST_SR_FINISHED_A, - SSL3_ST_SR_FINISHED_B); - if (ret <= 0) goto end; - if (s->hit) - s->state=SSL_ST_OK; - else - s->state=SSL3_ST_SW_CHANGE_A; - s->init_num=0; - break; - - case SSL3_ST_SW_CHANGE_A: - case SSL3_ST_SW_CHANGE_B: - - s->session->cipher=s->s3->tmp.new_cipher; - if (!s->method->ssl3_enc->setup_key_block(s)) - { ret= -1; goto end; } - - ret=ssl3_send_change_cipher_spec(s, - SSL3_ST_SW_CHANGE_A,SSL3_ST_SW_CHANGE_B); - - if (ret <= 0) goto end; - s->state=SSL3_ST_SW_FINISHED_A; - s->init_num=0; - - if (!s->method->ssl3_enc->change_cipher_state(s, - SSL3_CHANGE_CIPHER_SERVER_WRITE)) - { - ret= -1; - goto end; - } - - break; - - case SSL3_ST_SW_FINISHED_A: - case SSL3_ST_SW_FINISHED_B: - ret=ssl3_send_finished(s, - SSL3_ST_SW_FINISHED_A,SSL3_ST_SW_FINISHED_B, - s->method->ssl3_enc->server_finished_label, - s->method->ssl3_enc->server_finished_label_len); - if (ret <= 0) goto end; - s->state=SSL3_ST_SW_FLUSH; - if (s->hit) - s->s3->tmp.next_state=SSL3_ST_SR_FINISHED_A; - else - s->s3->tmp.next_state=SSL_ST_OK; - s->init_num=0; - break; - - case SSL_ST_OK: - /* clean a few things up */ - ssl3_cleanup_key_block(s); - - BUF_MEM_free(s->init_buf); - s->init_buf=NULL; - - /* remove buffering on output */ - ssl_free_wbio_buffer(s); - - s->new_session=0; - s->init_num=0; - - ssl_update_cache(s,SSL_SESS_CACHE_SERVER); - - s->ctx->stats.sess_accept_good++; - /* s->server=1; */ - s->handshake_func=ssl3_accept; - ret=1; - - if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1); - - goto end; - /* break; */ - - default: - SSLerr(SSL_F_SSL3_ACCEPT,SSL_R_UNKNOWN_STATE); - ret= -1; - goto end; - /* break; */ - } - - if (!s->s3->tmp.reuse_message && !skip) - { - if (s->debug) - { - if ((ret=BIO_flush(s->wbio)) <= 0) - goto end; - } - - - if ((cb != NULL) && (s->state != state)) - { - new_state=s->state; - s->state=state; - cb(s,SSL_CB_ACCEPT_LOOP,1); - s->state=new_state; - } - } - skip=0; - } -end: - /* BIO_flush(s->wbio); */ - - if (cb != NULL) - cb(s,SSL_CB_ACCEPT_EXIT,ret); - s->in_handshake--; - return(ret); - } - -static int ssl3_send_hello_request(SSL *s) - { - unsigned char *p; - - if (s->state == SSL3_ST_SW_HELLO_REQ_A) - { - p=(unsigned char *)s->init_buf->data; - *(p++)=SSL3_MT_HELLO_REQUEST; - *(p++)=0; - *(p++)=0; - *(p++)=0; - - s->state=SSL3_ST_SW_HELLO_REQ_B; - /* number of bytes to write */ - s->init_num=4; - s->init_off=0; - } - - /* SSL3_ST_SW_HELLO_REQ_B */ - return(ssl3_do_write(s,SSL3_RT_HANDSHAKE)); - } - -static int ssl3_check_client_hello(SSL *s) - { - int ok; - long n; - - n=ssl3_get_message(s, - SSL3_ST_SR_CERT_A, - SSL3_ST_SR_CERT_B, - -1, - SSL3_RT_MAX_PLAIN_LENGTH, - &ok); - if (!ok) return((int)n); - s->s3->tmp.reuse_message = 1; - if (s->s3->tmp.message_type == SSL3_MT_CLIENT_HELLO) - { - /* Throw away what we have done so far in the current handshake, - * which will now be aborted. (A full SSL_clear would be too much.) - * I hope that tmp.dh is the only thing that may need to be cleared - * when a handshake is not completed ... */ -#ifndef NO_DH - if (s->s3->tmp.dh != NULL) - { - DH_free(s->s3->tmp.dh); - s->s3->tmp.dh = NULL; - } -#endif - return 2; - } - return 1; -} - -static int ssl3_get_client_hello(SSL *s) - { - int i,j,ok,al,ret= -1; - long n; - unsigned long id; - unsigned char *p,*d,*q; - SSL_CIPHER *c; - SSL_COMP *comp=NULL; - STACK_OF(SSL_CIPHER) *ciphers=NULL; - - /* We do this so that we will respond with our native type. - * If we are TLSv1 and we get SSLv3, we will respond with TLSv1, - * This down switching should be handled by a different method. - * If we are SSLv3, we will respond with SSLv3, even if prompted with - * TLSv1. - */ - if (s->state == SSL3_ST_SR_CLNT_HELLO_A) - { - s->first_packet=1; - s->state=SSL3_ST_SR_CLNT_HELLO_B; - } - n=ssl3_get_message(s, - SSL3_ST_SR_CLNT_HELLO_B, - SSL3_ST_SR_CLNT_HELLO_C, - SSL3_MT_CLIENT_HELLO, - SSL3_RT_MAX_PLAIN_LENGTH, - &ok); - - if (!ok) return((int)n); - d=p=(unsigned char *)s->init_buf->data; - - /* use version from inside client hello, not from record header - * (may differ: see RFC 2246, Appendix E, second paragraph) */ - s->client_version=(((int)p[0])<<8)|(int)p[1]; - p+=2; - - /* load the client random */ - memcpy(s->s3->client_random,p,SSL3_RANDOM_SIZE); - p+=SSL3_RANDOM_SIZE; - - /* get the session-id */ - j= *(p++); - - s->hit=0; - if (j == 0) - { - if (!ssl_get_new_session(s,1)) - goto err; - } - else - { - i=ssl_get_prev_session(s,p,j); - if (i == 1) - { /* previous session */ - s->hit=1; - } - else if (i == -1) - goto err; - else /* i == 0 */ - { - if (!ssl_get_new_session(s,1)) - goto err; - } - } - - p+=j; - n2s(p,i); - if ((i == 0) && (j != 0)) - { - /* we need a cipher if we are not resuming a session */ - al=SSL_AD_ILLEGAL_PARAMETER; - SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_CIPHERS_SPECIFIED); - goto f_err; - } - if ((i+p) > (d+n)) - { - /* not enough data */ - al=SSL_AD_DECODE_ERROR; - SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_LENGTH_MISMATCH); - goto f_err; - } - if ((i > 0) && (ssl_bytes_to_cipher_list(s,p,i,&(ciphers)) - == NULL)) - { - goto err; - } - p+=i; - - /* If it is a hit, check that the cipher is in the list */ - if ((s->hit) && (i > 0)) - { - j=0; - id=s->session->cipher->id; - -#ifdef CIPHER_DEBUG - printf("client sent %d ciphers\n",sk_num(ciphers)); -#endif - for (i=0; iid == id) - { - j=1; - break; - } - } - if (j == 0) - { - if ((s->options & SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG) && (sk_SSL_CIPHER_num(ciphers) == 1)) - { - /* Very bad for multi-threading.... */ - s->session->cipher=sk_SSL_CIPHER_value(ciphers, - 0); - } - else - { - /* we need to have the cipher in the cipher - * list if we are asked to reuse it */ - al=SSL_AD_ILLEGAL_PARAMETER; - SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_REQUIRED_CIPHER_MISSING); - goto f_err; - } - } - } - - /* compression */ - i= *(p++); - q=p; - for (j=0; j= i) - { - /* no compress */ - al=SSL_AD_DECODE_ERROR; - SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_COMPRESSION_SPECIFIED); - goto f_err; - } - - /* Worst case, we will use the NULL compression, but if we have other - * options, we will now look for them. We have i-1 compression - * algorithms from the client, starting at q. */ - s->s3->tmp.new_compression=NULL; - if (s->ctx->comp_methods != NULL) - { /* See if we have a match */ - int m,nn,o,v,done=0; - - nn=sk_SSL_COMP_num(s->ctx->comp_methods); - for (m=0; mctx->comp_methods,m); - v=comp->id; - for (o=0; os3->tmp.new_compression=comp; - else - comp=NULL; - } - - /* TLS does not mind if there is extra stuff */ - if (s->version == SSL3_VERSION) - { - if (p > (d+n)) - { - /* wrong number of bytes, - * there could be more to follow */ - al=SSL_AD_DECODE_ERROR; - SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_LENGTH_MISMATCH); - goto f_err; - } - } - - /* Given s->session->ciphers and ssl_get_ciphers_by_id(s), we must - * pick a cipher */ - - if (!s->hit) - { - s->session->compress_meth=(comp == NULL)?0:comp->id; - if (s->session->ciphers != NULL) - sk_SSL_CIPHER_free(s->session->ciphers); - s->session->ciphers=ciphers; - if (ciphers == NULL) - { - al=SSL_AD_ILLEGAL_PARAMETER; - SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_CIPHERS_PASSED); - goto f_err; - } - ciphers=NULL; - c=ssl3_choose_cipher(s,s->session->ciphers, - ssl_get_ciphers_by_id(s)); - - if (c == NULL) - { - al=SSL_AD_HANDSHAKE_FAILURE; - SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_SHARED_CIPHER); - goto f_err; - } - s->s3->tmp.new_cipher=c; - } - else - { - /* Session-id reuse */ -#ifdef REUSE_CIPHER_BUG - STACK_OF(SSL_CIPHER) *sk; - SSL_CIPHER *nc=NULL; - SSL_CIPHER *ec=NULL; - - if (s->options & SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG) - { - sk=s->session->ciphers; - for (i=0; ialgorithms & SSL_eNULL) - nc=c; - if (SSL_C_IS_EXPORT(c)) - ec=c; - } - if (nc != NULL) - s->s3->tmp.new_cipher=nc; - else if (ec != NULL) - s->s3->tmp.new_cipher=ec; - else - s->s3->tmp.new_cipher=s->session->cipher; - } - else -#endif - s->s3->tmp.new_cipher=s->session->cipher; - } - - /* we now have the following setup. - * client_random - * cipher_list - our prefered list of ciphers - * ciphers - the clients prefered list of ciphers - * compression - basically ignored right now - * ssl version is set - sslv3 - * s->session - The ssl session has been setup. - * s->hit - session reuse flag - * s->tmp.new_cipher - the new cipher to use. - */ - - ret=1; - if (0) - { -f_err: - ssl3_send_alert(s,SSL3_AL_FATAL,al); - } -err: - if (ciphers != NULL) sk_SSL_CIPHER_free(ciphers); - return(ret); - } - -static int ssl3_send_server_hello(SSL *s) - { - unsigned char *buf; - unsigned char *p,*d; - int i,sl; - unsigned long l,Time; - - if (s->state == SSL3_ST_SW_SRVR_HELLO_A) - { - buf=(unsigned char *)s->init_buf->data; - p=s->s3->server_random; - Time=time(NULL); /* Time */ - l2n(Time,p); - RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-sizeof(Time)); - /* Do the message type and length last */ - d=p= &(buf[4]); - - *(p++)=s->version>>8; - *(p++)=s->version&0xff; - - /* Random stuff */ - memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE); - p+=SSL3_RANDOM_SIZE; - - /* now in theory we have 3 options to sending back the - * session id. If it is a re-use, we send back the - * old session-id, if it is a new session, we send - * back the new session-id or we send back a 0 length - * session-id if we want it to be single use. - * Currently I will not implement the '0' length session-id - * 12-Jan-98 - I'll now support the '0' length stuff. - */ - if (!(s->ctx->session_cache_mode & SSL_SESS_CACHE_SERVER)) - s->session->session_id_length=0; - - sl=s->session->session_id_length; - *(p++)=sl; - memcpy(p,s->session->session_id,sl); - p+=sl; - - /* put the cipher */ - i=ssl3_put_cipher_by_char(s->s3->tmp.new_cipher,p); - p+=i; - - /* put the compression method */ - if (s->s3->tmp.new_compression == NULL) - *(p++)=0; - else - *(p++)=s->s3->tmp.new_compression->id; - - /* do the header */ - l=(p-d); - d=buf; - *(d++)=SSL3_MT_SERVER_HELLO; - l2n3(l,d); - - s->state=SSL3_ST_CW_CLNT_HELLO_B; - /* number of bytes to write */ - s->init_num=p-buf; - s->init_off=0; - } - - /* SSL3_ST_CW_CLNT_HELLO_B */ - return(ssl3_do_write(s,SSL3_RT_HANDSHAKE)); - } - -static int ssl3_send_server_done(SSL *s) - { - unsigned char *p; - - if (s->state == SSL3_ST_SW_SRVR_DONE_A) - { - p=(unsigned char *)s->init_buf->data; - - /* do the header */ - *(p++)=SSL3_MT_SERVER_DONE; - *(p++)=0; - *(p++)=0; - *(p++)=0; - - s->state=SSL3_ST_SW_SRVR_DONE_B; - /* number of bytes to write */ - s->init_num=4; - s->init_off=0; - } - - /* SSL3_ST_CW_CLNT_HELLO_B */ - return(ssl3_do_write(s,SSL3_RT_HANDSHAKE)); - } - -static int ssl3_send_server_key_exchange(SSL *s) - { -#ifndef NO_RSA - unsigned char *q; - int j,num; - RSA *rsa; - unsigned char md_buf[MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH]; - unsigned int u; -#endif -#ifndef NO_DH - DH *dh=NULL,*dhp; -#endif - EVP_PKEY *pkey; - unsigned char *p,*d; - int al,i; - unsigned long type; - int n; - CERT *cert; - BIGNUM *r[4]; - int nr[4],kn; - BUF_MEM *buf; - EVP_MD_CTX md_ctx; - - if (s->state == SSL3_ST_SW_KEY_EXCH_A) - { - type=s->s3->tmp.new_cipher->algorithms & SSL_MKEY_MASK; - cert=s->cert; - - buf=s->init_buf; - - r[0]=r[1]=r[2]=r[3]=NULL; - n=0; -#ifndef NO_RSA - if (type & SSL_kRSA) - { - rsa=cert->rsa_tmp; - if ((rsa == NULL) && (s->cert->rsa_tmp_cb != NULL)) - { - rsa=s->cert->rsa_tmp_cb(s, - SSL_C_IS_EXPORT(s->s3->tmp.new_cipher), - SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)); - if(rsa == NULL) - { - al=SSL_AD_HANDSHAKE_FAILURE; - SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_ERROR_GENERATING_TMP_RSA_KEY); - goto f_err; - } - CRYPTO_add(&rsa->references,1,CRYPTO_LOCK_RSA); - cert->rsa_tmp=rsa; - } - if (rsa == NULL) - { - al=SSL_AD_HANDSHAKE_FAILURE; - SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_MISSING_TMP_RSA_KEY); - goto f_err; - } - r[0]=rsa->n; - r[1]=rsa->e; - s->s3->tmp.use_rsa_tmp=1; - } - else -#endif -#ifndef NO_DH - if (type & SSL_kEDH) - { - dhp=cert->dh_tmp; - if ((dhp == NULL) && (s->cert->dh_tmp_cb != NULL)) - dhp=s->cert->dh_tmp_cb(s, - SSL_C_IS_EXPORT(s->s3->tmp.new_cipher), - SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)); - if (dhp == NULL) - { - al=SSL_AD_HANDSHAKE_FAILURE; - SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_MISSING_TMP_DH_KEY); - goto f_err; - } - - if (s->s3->tmp.dh != NULL) - { - DH_free(dh); - SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, SSL_R_INTERNAL_ERROR); - goto err; - } - - if ((dh=DHparams_dup(dhp)) == NULL) - { - SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_DH_LIB); - goto err; - } - - s->s3->tmp.dh=dh; - if ((dhp->pub_key == NULL || - dhp->priv_key == NULL || - (s->options & SSL_OP_SINGLE_DH_USE))) - { - if(!DH_generate_key(dh)) - { - SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, - ERR_R_DH_LIB); - goto err; - } - } - else - { - dh->pub_key=BN_dup(dhp->pub_key); - dh->priv_key=BN_dup(dhp->priv_key); - if ((dh->pub_key == NULL) || - (dh->priv_key == NULL)) - { - SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_DH_LIB); - goto err; - } - } - r[0]=dh->p; - r[1]=dh->g; - r[2]=dh->pub_key; - } - else -#endif - { - al=SSL_AD_HANDSHAKE_FAILURE; - SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE); - goto f_err; - } - for (i=0; r[i] != NULL; i++) - { - nr[i]=BN_num_bytes(r[i]); - n+=2+nr[i]; - } - - if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL)) - { - if ((pkey=ssl_get_sign_pkey(s,s->s3->tmp.new_cipher)) - == NULL) - { - al=SSL_AD_DECODE_ERROR; - goto f_err; - } - kn=EVP_PKEY_size(pkey); - } - else - { - pkey=NULL; - kn=0; - } - - if (!BUF_MEM_grow(buf,n+4+kn)) - { - SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_BUF); - goto err; - } - d=(unsigned char *)s->init_buf->data; - p= &(d[4]); - - for (i=0; r[i] != NULL; i++) - { - s2n(nr[i],p); - BN_bn2bin(r[i],p); - p+=nr[i]; - } - - /* not anonymous */ - if (pkey != NULL) - { - /* n is the length of the params, they start at &(d[4]) - * and p points to the space at the end. */ -#ifndef NO_RSA - if (pkey->type == EVP_PKEY_RSA) - { - q=md_buf; - j=0; - for (num=2; num > 0; num--) - { - EVP_DigestInit(&md_ctx,(num == 2) - ?s->ctx->md5:s->ctx->sha1); - EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE); - EVP_DigestUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE); - EVP_DigestUpdate(&md_ctx,&(d[4]),n); - EVP_DigestFinal(&md_ctx,q, - (unsigned int *)&i); - q+=i; - j+=i; - } - if (RSA_sign(NID_md5_sha1, md_buf, j, - &(p[2]), &u, pkey->pkey.rsa) <= 0) - { - SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_RSA); - goto err; - } - s2n(u,p); - n+=u+2; - } - else -#endif -#if !defined(NO_DSA) - if (pkey->type == EVP_PKEY_DSA) - { - /* lets do DSS */ - EVP_SignInit(&md_ctx,EVP_dss1()); - EVP_SignUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE); - EVP_SignUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE); - EVP_SignUpdate(&md_ctx,&(d[4]),n); - if (!EVP_SignFinal(&md_ctx,&(p[2]), - (unsigned int *)&i,pkey)) - { - SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_DSA); - goto err; - } - s2n(i,p); - n+=i+2; - } - else -#endif - { - /* Is this error check actually needed? */ - al=SSL_AD_HANDSHAKE_FAILURE; - SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_UNKNOWN_PKEY_TYPE); - goto f_err; - } - } - - *(d++)=SSL3_MT_SERVER_KEY_EXCHANGE; - l2n3(n,d); - - /* we should now have things packed up, so lets send - * it off */ - s->init_num=n+4; - s->init_off=0; - } - - s->state = SSL3_ST_SW_KEY_EXCH_B; - return(ssl3_do_write(s,SSL3_RT_HANDSHAKE)); -f_err: - ssl3_send_alert(s,SSL3_AL_FATAL,al); -err: - return(-1); - } - -static int ssl3_send_certificate_request(SSL *s) - { - unsigned char *p,*d; - int i,j,nl,off,n; - STACK_OF(X509_NAME) *sk=NULL; - X509_NAME *name; - BUF_MEM *buf; - - if (s->state == SSL3_ST_SW_CERT_REQ_A) - { - buf=s->init_buf; - - d=p=(unsigned char *)&(buf->data[4]); - - /* get the list of acceptable cert types */ - p++; - n=ssl3_get_req_cert_type(s,p); - d[0]=n; - p+=n; - n++; - - off=n; - p+=2; - n+=2; - - sk=SSL_get_client_CA_list(s); - nl=0; - if (sk != NULL) - { - for (i=0; idata[4+n]); - if (!(s->options & SSL_OP_NETSCAPE_CA_DN_BUG)) - { - s2n(j,p); - i2d_X509_NAME(name,&p); - n+=2+j; - nl+=2+j; - } - else - { - d=p; - i2d_X509_NAME(name,&p); - j-=2; s2n(j,d); j+=2; - n+=j; - nl+=j; - } - } - } - /* else no CA names */ - p=(unsigned char *)&(buf->data[4+off]); - s2n(nl,p); - - d=(unsigned char *)buf->data; - *(d++)=SSL3_MT_CERTIFICATE_REQUEST; - l2n3(n,d); - - /* we should now have things packed up, so lets send - * it off */ - - s->init_num=n+4; - s->init_off=0; -#ifdef NETSCAPE_HANG_BUG - p=(unsigned char *)s->init_buf->data + s->init_num; - - /* do the header */ - *(p++)=SSL3_MT_SERVER_DONE; - *(p++)=0; - *(p++)=0; - *(p++)=0; - s->init_num += 4; -#endif - - } - - /* SSL3_ST_SW_CERT_REQ_B */ - return(ssl3_do_write(s,SSL3_RT_HANDSHAKE)); -err: - return(-1); - } - -static int ssl3_get_client_key_exchange(SSL *s) - { - int i,al,ok; - long n; - unsigned long l; - unsigned char *p; -#ifndef NO_RSA - RSA *rsa=NULL; - EVP_PKEY *pkey=NULL; -#endif -#ifndef NO_DH - BIGNUM *pub=NULL; - DH *dh_srvr; -#endif - - n=ssl3_get_message(s, - SSL3_ST_SR_KEY_EXCH_A, - SSL3_ST_SR_KEY_EXCH_B, - SSL3_MT_CLIENT_KEY_EXCHANGE, - 400, /* ???? */ - &ok); - - if (!ok) return((int)n); - p=(unsigned char *)s->init_buf->data; - - l=s->s3->tmp.new_cipher->algorithms; - -#ifndef NO_RSA - if (l & SSL_kRSA) - { - /* FIX THIS UP EAY EAY EAY EAY */ - if (s->s3->tmp.use_rsa_tmp) - { - if ((s->cert != NULL) && (s->cert->rsa_tmp != NULL)) - rsa=s->cert->rsa_tmp; - /* Don't do a callback because rsa_tmp should - * be sent already */ - if (rsa == NULL) - { - al=SSL_AD_HANDSHAKE_FAILURE; - SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_TMP_RSA_PKEY); - goto f_err; - - } - } - else - { - pkey=s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey; - if ( (pkey == NULL) || - (pkey->type != EVP_PKEY_RSA) || - (pkey->pkey.rsa == NULL)) - { - al=SSL_AD_HANDSHAKE_FAILURE; - SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_RSA_CERTIFICATE); - goto f_err; - } - rsa=pkey->pkey.rsa; - } - - /* TLS */ - if (s->version > SSL3_VERSION) - { - n2s(p,i); - if (n != i+2) - { - if (!(s->options & SSL_OP_TLS_D5_BUG)) - { - SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG); - goto err; - } - else - p-=2; - } - else - n=i; - } - - i=RSA_private_decrypt((int)n,p,p,rsa,RSA_PKCS1_PADDING); - - if (i != SSL_MAX_MASTER_KEY_LENGTH) - { - al=SSL_AD_DECODE_ERROR; - SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BAD_RSA_DECRYPT); - goto f_err; - } - - if (!((p[0] == (s->client_version>>8)) && (p[1] == (s->client_version & 0xff)))) - { - /* The premaster secret must contain the same version number as the - * ClientHello to detect version rollback attacks (strangely, the - * protocol does not offer such protection for DH ciphersuites). - * However, buggy clients exist that send the negotiated protocol - * version instead if the server does not support the requested - * protocol version. - * If SSL_OP_TLS_ROLLBACK_BUG is set, tolerate such clients. */ - if (!((s->options & SSL_OP_TLS_ROLLBACK_BUG) && - (p[0] == (s->version>>8)) && (p[1] == (s->version & 0xff)))) - { - al=SSL_AD_DECODE_ERROR; - SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BAD_PROTOCOL_VERSION_NUMBER); - goto f_err; - } - } - - s->session->master_key_length= - s->method->ssl3_enc->generate_master_secret(s, - s->session->master_key, - p,i); - memset(p,0,i); - } - else -#endif -#ifndef NO_DH - if (l & (SSL_kEDH|SSL_kDHr|SSL_kDHd)) - { - n2s(p,i); - if (n != i+2) - { - if (!(s->options & SSL_OP_SSLEAY_080_CLIENT_DH_BUG)) - { - SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG); - goto err; - } - else - { - p-=2; - i=(int)n; - } - } - - if (n == 0L) /* the parameters are in the cert */ - { - al=SSL_AD_HANDSHAKE_FAILURE; - SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_UNABLE_TO_DECODE_DH_CERTS); - goto f_err; - } - else - { - if (s->s3->tmp.dh == NULL) - { - al=SSL_AD_HANDSHAKE_FAILURE; - SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_TMP_DH_KEY); - goto f_err; - } - else - dh_srvr=s->s3->tmp.dh; - } - - pub=BN_bin2bn(p,i,NULL); - if (pub == NULL) - { - SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BN_LIB); - goto err; - } - - i=DH_compute_key(p,pub,dh_srvr); - - if (i <= 0) - { - SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB); - goto err; - } - - DH_free(s->s3->tmp.dh); - s->s3->tmp.dh=NULL; - - BN_clear_free(pub); - pub=NULL; - s->session->master_key_length= - s->method->ssl3_enc->generate_master_secret(s, - s->session->master_key,p,i); - memset(p,0,i); - } - else -#endif - { - al=SSL_AD_HANDSHAKE_FAILURE; - SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_UNKNOWN_CIPHER_TYPE); - goto f_err; - } - - return(1); -f_err: - ssl3_send_alert(s,SSL3_AL_FATAL,al); -#if !defined(NO_DH) || !defined(NO_RSA) -err: -#endif - return(-1); - } - -static int ssl3_get_cert_verify(SSL *s) - { - EVP_PKEY *pkey=NULL; - unsigned char *p; - int al,ok,ret=0; - long n; - int type=0,i,j; - X509 *peer; - - n=ssl3_get_message(s, - SSL3_ST_SR_CERT_VRFY_A, - SSL3_ST_SR_CERT_VRFY_B, - -1, - 512, /* 512? */ - &ok); - - if (!ok) return((int)n); - - if (s->session->peer != NULL) - { - peer=s->session->peer; - pkey=X509_get_pubkey(peer); - type=X509_certificate_type(peer,pkey); - } - else - { - peer=NULL; - pkey=NULL; - } - - if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE_VERIFY) - { - s->s3->tmp.reuse_message=1; - if ((peer != NULL) && (type | EVP_PKT_SIGN)) - { - al=SSL_AD_UNEXPECTED_MESSAGE; - SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_MISSING_VERIFY_MESSAGE); - goto f_err; - } - ret=1; - goto end; - } - - if (peer == NULL) - { - SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_NO_CLIENT_CERT_RECEIVED); - al=SSL_AD_UNEXPECTED_MESSAGE; - goto f_err; - } - - if (!(type & EVP_PKT_SIGN)) - { - SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE); - al=SSL_AD_ILLEGAL_PARAMETER; - goto f_err; - } - - if (s->s3->change_cipher_spec) - { - SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_CCS_RECEIVED_EARLY); - al=SSL_AD_UNEXPECTED_MESSAGE; - goto f_err; - } - - /* we now have a signature that we need to verify */ - p=(unsigned char *)s->init_buf->data; - n2s(p,i); - n-=2; - if (i > n) - { - SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_LENGTH_MISMATCH); - al=SSL_AD_DECODE_ERROR; - goto f_err; - } - - j=EVP_PKEY_size(pkey); - if ((i > j) || (n > j) || (n <= 0)) - { - SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_WRONG_SIGNATURE_SIZE); - al=SSL_AD_DECODE_ERROR; - goto f_err; - } - -#ifndef NO_RSA - if (pkey->type == EVP_PKEY_RSA) - { - i=RSA_verify(NID_md5_sha1, s->s3->tmp.cert_verify_md, - MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH, p, i, - pkey->pkey.rsa); - if (i < 0) - { - al=SSL_AD_DECRYPT_ERROR; - SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_BAD_RSA_DECRYPT); - goto f_err; - } - if (i == 0) - { - al=SSL_AD_DECRYPT_ERROR; - SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_BAD_RSA_SIGNATURE); - goto f_err; - } - } - else -#endif -#ifndef NO_DSA - if (pkey->type == EVP_PKEY_DSA) - { - j=DSA_verify(pkey->save_type, - &(s->s3->tmp.cert_verify_md[MD5_DIGEST_LENGTH]), - SHA_DIGEST_LENGTH,p,i,pkey->pkey.dsa); - if (j <= 0) - { - /* bad signature */ - al=SSL_AD_DECRYPT_ERROR; - SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_BAD_DSA_SIGNATURE); - goto f_err; - } - } - else -#endif - { - SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_INTERNAL_ERROR); - al=SSL_AD_UNSUPPORTED_CERTIFICATE; - goto f_err; - } - - - ret=1; - if (0) - { -f_err: - ssl3_send_alert(s,SSL3_AL_FATAL,al); - } -end: - EVP_PKEY_free(pkey); - return(ret); - } - -static int ssl3_get_client_certificate(SSL *s) - { - int i,ok,al,ret= -1; - X509 *x=NULL; - unsigned long l,nc,llen,n; - unsigned char *p,*d,*q; - STACK_OF(X509) *sk=NULL; - - n=ssl3_get_message(s, - SSL3_ST_SR_CERT_A, - SSL3_ST_SR_CERT_B, - -1, -#if defined(MSDOS) && !defined(WIN32) - 1024*30, /* 30k max cert list :-) */ -#else - 1024*100, /* 100k max cert list :-) */ -#endif - &ok); - - if (!ok) return((int)n); - - if (s->s3->tmp.message_type == SSL3_MT_CLIENT_KEY_EXCHANGE) - { - if ( (s->verify_mode & SSL_VERIFY_PEER) && - (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) - { - SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE); - al=SSL_AD_HANDSHAKE_FAILURE; - goto f_err; - } - /* If tls asked for a client cert, the client must return a 0 list */ - if ((s->version > SSL3_VERSION) && s->s3->tmp.cert_request) - { - SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST); - al=SSL_AD_UNEXPECTED_MESSAGE; - goto f_err; - } - s->s3->tmp.reuse_message=1; - return(1); - } - - if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE) - { - al=SSL_AD_UNEXPECTED_MESSAGE; - SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_WRONG_MESSAGE_TYPE); - goto f_err; - } - d=p=(unsigned char *)s->init_buf->data; - - if ((sk=sk_X509_new_null()) == NULL) - { - SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,ERR_R_MALLOC_FAILURE); - goto err; - } - - n2l3(p,llen); - if (llen+3 != n) - { - al=SSL_AD_DECODE_ERROR; - SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_LENGTH_MISMATCH); - goto f_err; - } - for (nc=0; nc llen) - { - al=SSL_AD_DECODE_ERROR; - SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH); - goto f_err; - } - - q=p; - x=d2i_X509(NULL,&p,l); - if (x == NULL) - { - SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,ERR_R_ASN1_LIB); - goto err; - } - if (p != (q+l)) - { - al=SSL_AD_DECODE_ERROR; - SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH); - goto f_err; - } - if (!sk_X509_push(sk,x)) - { - SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,ERR_R_MALLOC_FAILURE); - goto err; - } - x=NULL; - nc+=l+3; - } - - if (sk_X509_num(sk) <= 0) - { - /* TLS does not mind 0 certs returned */ - if (s->version == SSL3_VERSION) - { - al=SSL_AD_HANDSHAKE_FAILURE; - SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_NO_CERTIFICATES_RETURNED); - goto f_err; - } - /* Fail for TLS only if we required a certificate */ - else if ((s->verify_mode & SSL_VERIFY_PEER) && - (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)) - { - SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE); - al=SSL_AD_HANDSHAKE_FAILURE; - goto f_err; - } - } - else - { - i=ssl_verify_cert_chain(s,sk); - if (!i) - { - al=ssl_verify_alarm_type(s->verify_result); - SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_NO_CERTIFICATE_RETURNED); - goto f_err; - } - } - - if (s->session->peer != NULL) /* This should not be needed */ - X509_free(s->session->peer); - s->session->peer=sk_X509_shift(sk); - s->session->verify_result = s->verify_result; - - /* With the current implementation, sess_cert will always be NULL - * when we arrive here. */ - if (s->session->sess_cert == NULL) - { - s->session->sess_cert = ssl_sess_cert_new(); - if (s->session->sess_cert == NULL) - { - SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, ERR_R_MALLOC_FAILURE); - goto err; - } - } - if (s->session->sess_cert->cert_chain != NULL) - sk_X509_pop_free(s->session->sess_cert->cert_chain, X509_free); - s->session->sess_cert->cert_chain=sk; - /* Inconsistency alert: cert_chain does *not* include the - * peer's own certificate, while we do include it in s3_clnt.c */ - - sk=NULL; - - ret=1; - if (0) - { -f_err: - ssl3_send_alert(s,SSL3_AL_FATAL,al); - } -err: - if (x != NULL) X509_free(x); - if (sk != NULL) sk_X509_pop_free(sk,X509_free); - return(ret); - } - -int ssl3_send_server_certificate(SSL *s) - { - unsigned long l; - X509 *x; - - if (s->state == SSL3_ST_SW_CERT_A) - { - x=ssl_get_server_send_cert(s); - if (x == NULL) - { - SSLerr(SSL_F_SSL3_SEND_SERVER_CERTIFICATE,SSL_R_INTERNAL_ERROR); - return(0); - } - - l=ssl3_output_cert_chain(s,x); - s->state=SSL3_ST_SW_CERT_B; - s->init_num=(int)l; - s->init_off=0; - } - - /* SSL3_ST_SW_CERT_B */ - return(ssl3_do_write(s,SSL3_RT_HANDSHAKE)); - } diff --git a/src/lib/libssl/shlib_version b/src/lib/libssl/shlib_version deleted file mode 100644 index 890c57389b..0000000000 --- a/src/lib/libssl/shlib_version +++ /dev/null @@ -1,2 +0,0 @@ -major=4 -minor=1 diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h deleted file mode 100644 index fdbdc70ba7..0000000000 --- a/src/lib/libssl/ssl.h +++ /dev/null @@ -1,1562 +0,0 @@ -/* ssl/ssl.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_SSL_H -#define HEADER_SSL_H - -#ifndef NO_COMP -#include -#endif -#ifndef NO_BIO -#include -#endif -#ifndef NO_X509 -#include -#endif -#include - -#ifdef __cplusplus -extern "C" { -#endif - -/* SSLeay version number for ASN.1 encoding of the session information */ -/* Version 0 - initial version - * Version 1 - added the optional peer certificate - */ -#define SSL_SESSION_ASN1_VERSION 0x0001 - -/* text strings for the ciphers */ -#define SSL_TXT_NULL_WITH_MD5 SSL2_TXT_NULL_WITH_MD5 -#define SSL_TXT_RC4_128_WITH_MD5 SSL2_TXT_RC4_128_WITH_MD5 -#define SSL_TXT_RC4_128_EXPORT40_WITH_MD5 SSL2_TXT_RC4_128_EXPORT40_WITH_MD5 -#define SSL_TXT_RC2_128_CBC_WITH_MD5 SSL2_TXT_RC2_128_CBC_WITH_MD5 -#define SSL_TXT_RC2_128_CBC_EXPORT40_WITH_MD5 SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5 -#define SSL_TXT_IDEA_128_CBC_WITH_MD5 SSL2_TXT_IDEA_128_CBC_WITH_MD5 -#define SSL_TXT_DES_64_CBC_WITH_MD5 SSL2_TXT_DES_64_CBC_WITH_MD5 -#define SSL_TXT_DES_64_CBC_WITH_SHA SSL2_TXT_DES_64_CBC_WITH_SHA -#define SSL_TXT_DES_192_EDE3_CBC_WITH_MD5 SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5 -#define SSL_TXT_DES_192_EDE3_CBC_WITH_SHA SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA - -#define SSL_MAX_SSL_SESSION_ID_LENGTH 32 -#define SSL_MAX_SID_CTX_LENGTH 32 - -#define SSL_MIN_RSA_MODULUS_LENGTH_IN_BYTES (512/8) -#define SSL_MAX_KEY_ARG_LENGTH 8 -#define SSL_MAX_MASTER_KEY_LENGTH 48 - -/* These are used to specify which ciphers to use and not to use */ -#define SSL_TXT_LOW "LOW" -#define SSL_TXT_MEDIUM "MEDIUM" -#define SSL_TXT_HIGH "HIGH" -#define SSL_TXT_kFZA "kFZA" -#define SSL_TXT_aFZA "aFZA" -#define SSL_TXT_eFZA "eFZA" -#define SSL_TXT_FZA "FZA" - -#define SSL_TXT_aNULL "aNULL" -#define SSL_TXT_eNULL "eNULL" -#define SSL_TXT_NULL "NULL" - -#define SSL_TXT_kRSA "kRSA" -#define SSL_TXT_kDHr "kDHr" -#define SSL_TXT_kDHd "kDHd" -#define SSL_TXT_kEDH "kEDH" -#define SSL_TXT_aRSA "aRSA" -#define SSL_TXT_aDSS "aDSS" -#define SSL_TXT_aDH "aDH" -#define SSL_TXT_DSS "DSS" -#define SSL_TXT_DH "DH" -#define SSL_TXT_EDH "EDH" -#define SSL_TXT_ADH "ADH" -#define SSL_TXT_RSA "RSA" -#define SSL_TXT_DES "DES" -#define SSL_TXT_3DES "3DES" -#define SSL_TXT_RC4 "RC4" -#define SSL_TXT_RC2 "RC2" -#define SSL_TXT_IDEA "IDEA" -#define SSL_TXT_MD5 "MD5" -#define SSL_TXT_SHA1 "SHA1" -#define SSL_TXT_SHA "SHA" -#define SSL_TXT_EXP "EXP" -#define SSL_TXT_EXPORT "EXPORT" -#define SSL_TXT_EXP40 "EXPORT40" -#define SSL_TXT_EXP56 "EXPORT56" -#define SSL_TXT_SSLV2 "SSLv2" -#define SSL_TXT_SSLV3 "SSLv3" -#define SSL_TXT_TLSV1 "TLSv1" -#define SSL_TXT_ALL "ALL" - -/* 'DEFAULT' at the start of the cipher list insert the following string - * in addition to this being the default cipher string */ -#define SSL_DEFAULT_CIPHER_LIST "ALL:!ADH:RC4+RSA:+SSLv2:@STRENGTH" - -/* Used in SSL_set_shutdown()/SSL_get_shutdown(); */ -#define SSL_SENT_SHUTDOWN 1 -#define SSL_RECEIVED_SHUTDOWN 2 - -#ifdef __cplusplus -} -#endif - -#include -#include -#include -#include -#include -#include - -#ifdef __cplusplus -extern "C" { -#endif - -#if (defined(NO_RSA) || defined(NO_MD5)) && !defined(NO_SSL2) -#define NO_SSL2 -#endif - -#define SSL_FILETYPE_ASN1 X509_FILETYPE_ASN1 -#define SSL_FILETYPE_PEM X509_FILETYPE_PEM - -/* This is needed to stop compilers complaining about the - * 'struct ssl_st *' function parameters used to prototype callbacks - * in SSL_CTX. */ -typedef struct ssl_st *ssl_crock_st; - -/* used to hold info on the particular ciphers used */ -typedef struct ssl_cipher_st - { - int valid; - const char *name; /* text name */ - unsigned long id; /* id, 4 bytes, first is version */ - unsigned long algorithms; /* what ciphers are used */ - unsigned long algo_strength; /* strength and export flags */ - unsigned long algorithm2; /* Extra flags */ - int strength_bits; /* Number of bits really used */ - int alg_bits; /* Number of bits for algorithm */ - unsigned long mask; /* used for matching */ - unsigned long mask_strength; /* also used for matching */ - } SSL_CIPHER; - -DECLARE_STACK_OF(SSL_CIPHER) - -typedef struct ssl_st SSL; -typedef struct ssl_ctx_st SSL_CTX; - -/* Used to hold functions for SSLv2 or SSLv3/TLSv1 functions */ -typedef struct ssl_method_st - { - int version; - int (*ssl_new)(SSL *s); - void (*ssl_clear)(SSL *s); - void (*ssl_free)(SSL *s); - int (*ssl_accept)(SSL *s); - int (*ssl_connect)(SSL *s); - int (*ssl_read)(SSL *s,void *buf,int len); - int (*ssl_peek)(SSL *s,char *buf,int len); - int (*ssl_write)(SSL *s,const void *buf,int len); - int (*ssl_shutdown)(SSL *s); - int (*ssl_renegotiate)(SSL *s); - int (*ssl_renegotiate_check)(SSL *s); - long (*ssl_ctrl)(SSL *s,int cmd,long larg,char *parg); - long (*ssl_ctx_ctrl)(SSL_CTX *ctx,int cmd,long larg,char *parg); - SSL_CIPHER *(*get_cipher_by_char)(const unsigned char *ptr); - int (*put_cipher_by_char)(const SSL_CIPHER *cipher,unsigned char *ptr); - int (*ssl_pending)(SSL *s); - int (*num_ciphers)(void); - SSL_CIPHER *(*get_cipher)(unsigned ncipher); - struct ssl_method_st *(*get_ssl_method)(int version); - long (*get_timeout)(void); - struct ssl3_enc_method *ssl3_enc; /* Extra SSLv3/TLS stuff */ - int (*ssl_version)(); - long (*ssl_callback_ctrl)(SSL *s, int cb_id, void (*fp)()); - long (*ssl_ctx_callback_ctrl)(SSL_CTX *s, int cb_id, void (*fp)()); - } SSL_METHOD; - -/* Lets make this into an ASN.1 type structure as follows - * SSL_SESSION_ID ::= SEQUENCE { - * version INTEGER, -- structure version number - * SSLversion INTEGER, -- SSL version number - * Cipher OCTET_STRING, -- the 3 byte cipher ID - * Session_ID OCTET_STRING, -- the Session ID - * Master_key OCTET_STRING, -- the master key - * Key_Arg [ 0 ] IMPLICIT OCTET_STRING, -- the optional Key argument - * Time [ 1 ] EXPLICIT INTEGER, -- optional Start Time - * Timeout [ 2 ] EXPLICIT INTEGER, -- optional Timeout ins seconds - * Peer [ 3 ] EXPLICIT X509, -- optional Peer Certificate - * Session_ID_context [ 4 ] EXPLICIT OCTET_STRING, -- the Session ID context - * Verify_result [ 5 ] EXPLICIT INTEGER -- X509_V_... code for `Peer' - * Compression [6] IMPLICIT ASN1_OBJECT -- compression OID XXXXX - * } - * Look in ssl/ssl_asn1.c for more details - * I'm using EXPLICIT tags so I can read the damn things using asn1parse :-). - */ -typedef struct ssl_session_st - { - int ssl_version; /* what ssl version session info is - * being kept in here? */ - - /* only really used in SSLv2 */ - unsigned int key_arg_length; - unsigned char key_arg[SSL_MAX_KEY_ARG_LENGTH]; - int master_key_length; - unsigned char master_key[SSL_MAX_MASTER_KEY_LENGTH]; - /* session_id - valid? */ - unsigned int session_id_length; - unsigned char session_id[SSL_MAX_SSL_SESSION_ID_LENGTH]; - /* this is used to determine whether the session is being reused in - * the appropriate context. It is up to the application to set this, - * via SSL_new */ - unsigned int sid_ctx_length; - unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH]; - - int not_resumable; - - /* The cert is the certificate used to establish this connection */ - struct sess_cert_st /* SESS_CERT */ *sess_cert; - - /* This is the cert for the other end. - * On clients, it will be the same as sess_cert->peer_key->x509 - * (the latter is not enough as sess_cert is not retained - * in the external representation of sessions, see ssl_asn1.c). */ - X509 *peer; - /* when app_verify_callback accepts a session where the peer's certificate - * is not ok, we must remember the error for session reuse: */ - long verify_result; /* only for servers */ - - int references; - long timeout; - long time; - - int compress_meth; /* Need to lookup the method */ - - SSL_CIPHER *cipher; - unsigned long cipher_id; /* when ASN.1 loaded, this - * needs to be used to load - * the 'cipher' structure */ - - STACK_OF(SSL_CIPHER) *ciphers; /* shared ciphers? */ - - CRYPTO_EX_DATA ex_data; /* application specific data */ - - /* These are used to make removal of session-ids more - * efficient and to implement a maximum cache size. */ - struct ssl_session_st *prev,*next; - } SSL_SESSION; - -#define SSL_OP_MICROSOFT_SESS_ID_BUG 0x00000001L -#define SSL_OP_NETSCAPE_CHALLENGE_BUG 0x00000002L -#define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x00000008L -#define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x00000010L -#define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x00000020L -#define SSL_OP_MSIE_SSLV2_RSA_PADDING 0x00000040L -#define SSL_OP_SSLEAY_080_CLIENT_DH_BUG 0x00000080L -#define SSL_OP_TLS_D5_BUG 0x00000100L -#define SSL_OP_TLS_BLOCK_PADDING_BUG 0x00000200L -#define SSL_OP_TLS_ROLLBACK_BUG 0x00000400L - -/* If set, always create a new key when using tmp_dh parameters */ -#define SSL_OP_SINGLE_DH_USE 0x00100000L -/* Set to also use the tmp_rsa key when doing RSA operations. */ -#define SSL_OP_EPHEMERAL_RSA 0x00200000L - -/* The next flag deliberately changes the ciphertest, this is a check - * for the PKCS#1 attack */ -#define SSL_OP_PKCS1_CHECK_1 0x08000000L -#define SSL_OP_PKCS1_CHECK_2 0x10000000L -#define SSL_OP_NETSCAPE_CA_DN_BUG 0x20000000L -/* SSL_OP_NON_EXPORT_FIRST looks utterly broken .. */ -#define SSL_OP_NON_EXPORT_FIRST 0x40000000L -#define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG 0x80000000L -#define SSL_OP_ALL 0x000FFFFFL - -#define SSL_OP_NO_SSLv2 0x01000000L -#define SSL_OP_NO_SSLv3 0x02000000L -#define SSL_OP_NO_TLSv1 0x04000000L - -/* Allow SSL_write(..., n) to return r with 0 < r < n (i.e. report success - * when just a single record has been written): */ -#define SSL_MODE_ENABLE_PARTIAL_WRITE 0x00000001L -/* Make it possible to retry SSL_write() with changed buffer location - * (buffer contents must stay the same!); this is not the default to avoid - * the misconception that non-blocking SSL_write() behaves like - * non-blocking write(): */ -#define SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER 0x00000002L -/* Never bother the application with retries if the transport - * is blocking: */ -#define SSL_MODE_AUTO_RETRY 0x00000004L - -/* Note: SSL[_CTX]_set_{options,mode} use |= op on the previous value, - * they cannot be used to clear bits. */ - -#define SSL_CTX_set_options(ctx,op) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_OPTIONS,op,NULL) -#define SSL_CTX_get_options(ctx) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_OPTIONS,0,NULL) -#define SSL_set_options(ssl,op) \ - SSL_ctrl(ssl,SSL_CTRL_OPTIONS,op,NULL) -#define SSL_get_options(ssl) \ - SSL_ctrl(ssl,SSL_CTRL_OPTIONS,0,NULL) - -#define SSL_CTX_set_mode(ctx,op) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_MODE,op,NULL) -#define SSL_CTX_get_mode(ctx) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_MODE,0,NULL) -#define SSL_set_mode(ssl,op) \ - SSL_ctrl(ssl,SSL_CTRL_MODE,op,NULL) -#define SSL_get_mode(ssl) \ - SSL_ctrl(ssl,SSL_CTRL_MODE,0,NULL) - -#define SSL_SESSION_CACHE_MAX_SIZE_DEFAULT (1024*20) - -typedef struct ssl_comp_st - { - int id; - char *name; -#ifndef NO_COMP - COMP_METHOD *method; -#else - char *method; -#endif - } SSL_COMP; - -DECLARE_STACK_OF(SSL_COMP) - -struct ssl_ctx_st - { - SSL_METHOD *method; - unsigned long options; - unsigned long mode; - - STACK_OF(SSL_CIPHER) *cipher_list; - /* same as above but sorted for lookup */ - STACK_OF(SSL_CIPHER) *cipher_list_by_id; - - struct x509_store_st /* X509_STORE */ *cert_store; - struct lhash_st /* LHASH */ *sessions; /* a set of SSL_SESSIONs */ - /* Most session-ids that will be cached, default is - * SSL_SESSION_CACHE_MAX_SIZE_DEFAULT. 0 is unlimited. */ - unsigned long session_cache_size; - struct ssl_session_st *session_cache_head; - struct ssl_session_st *session_cache_tail; - - /* This can have one of 2 values, ored together, - * SSL_SESS_CACHE_CLIENT, - * SSL_SESS_CACHE_SERVER, - * Default is SSL_SESSION_CACHE_SERVER, which means only - * SSL_accept which cache SSL_SESSIONS. */ - int session_cache_mode; - - /* If timeout is not 0, it is the default timeout value set - * when SSL_new() is called. This has been put in to make - * life easier to set things up */ - long session_timeout; - - /* If this callback is not null, it will be called each - * time a session id is added to the cache. If this function - * returns 1, it means that the callback will do a - * SSL_SESSION_free() when it has finished using it. Otherwise, - * on 0, it means the callback has finished with it. - * If remove_session_cb is not null, it will be called when - * a session-id is removed from the cache. After the call, - * OpenSSL will SSL_SESSION_free() it. */ - int (*new_session_cb)(struct ssl_st *ssl,SSL_SESSION *sess); - void (*remove_session_cb)(struct ssl_ctx_st *ctx,SSL_SESSION *sess); - SSL_SESSION *(*get_session_cb)(struct ssl_st *ssl, - unsigned char *data,int len,int *copy); - struct - { - int sess_connect; /* SSL new conn - started */ - int sess_connect_renegotiate;/* SSL reneg - requested */ - int sess_connect_good; /* SSL new conne/reneg - finished */ - int sess_accept; /* SSL new accept - started */ - int sess_accept_renegotiate;/* SSL reneg - requested */ - int sess_accept_good; /* SSL accept/reneg - finished */ - int sess_miss; /* session lookup misses */ - int sess_timeout; /* reuse attempt on timeouted session */ - int sess_cache_full; /* session removed due to full cache */ - int sess_hit; /* session reuse actually done */ - int sess_cb_hit; /* session-id that was not - * in the cache was - * passed back via the callback. This - * indicates that the application is - * supplying session-id's from other - * processes - spooky :-) */ - } stats; - - int references; - -/**/ void (*info_callback)(); - - /* if defined, these override the X509_verify_cert() calls */ -/**/ int (*app_verify_callback)(); -/**/ char *app_verify_arg; /* never used; should be void * */ - - /* default values to use in SSL structures */ -/**/ struct cert_st /* CERT */ *cert; -/**/ int read_ahead; -/**/ int verify_mode; -/**/ int verify_depth; -/**/ unsigned int sid_ctx_length; -/**/ unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH]; -/**/ int (*default_verify_callback)(int ok,X509_STORE_CTX *ctx); - - int purpose; /* Purpose setting */ - int trust; /* Trust setting */ - - /* Default password callback. */ -/**/ pem_password_cb *default_passwd_callback; - - /* Default password callback user data. */ -/**/ void *default_passwd_callback_userdata; - - /* get client cert callback */ -/**/ int (*client_cert_cb)(/* SSL *ssl, X509 **x509, EVP_PKEY **pkey */); - - /* what we put in client cert requests */ - STACK_OF(X509_NAME) *client_CA; - -/**/ int quiet_shutdown; - - CRYPTO_EX_DATA ex_data; - - const EVP_MD *rsa_md5;/* For SSLv2 - name is 'ssl2-md5' */ - const EVP_MD *md5; /* For SSLv3/TLSv1 'ssl3-md5' */ - const EVP_MD *sha1; /* For SSLv3/TLSv1 'ssl3->sha1' */ - - STACK_OF(X509) *extra_certs; - STACK_OF(SSL_COMP) *comp_methods; /* stack of SSL_COMP, SSLv3/TLSv1 */ - }; - -#define SSL_SESS_CACHE_OFF 0x0000 -#define SSL_SESS_CACHE_CLIENT 0x0001 -#define SSL_SESS_CACHE_SERVER 0x0002 -#define SSL_SESS_CACHE_BOTH (SSL_SESS_CACHE_CLIENT|SSL_SESS_CACHE_SERVER) -#define SSL_SESS_CACHE_NO_AUTO_CLEAR 0x0080 -/* This one, when set, makes the server session-id lookup not look - * in the cache. If there is an application get_session callback - * defined, this will still get called. */ -#define SSL_SESS_CACHE_NO_INTERNAL_LOOKUP 0x0100 - - struct lhash_st *SSL_CTX_sessions(SSL_CTX *ctx); -#define SSL_CTX_sess_number(ctx) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_NUMBER,0,NULL) -#define SSL_CTX_sess_connect(ctx) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT,0,NULL) -#define SSL_CTX_sess_connect_good(ctx) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT_GOOD,0,NULL) -#define SSL_CTX_sess_connect_renegotiate(ctx) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CONNECT_RENEGOTIATE,0,NULL) -#define SSL_CTX_sess_accept(ctx) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT,0,NULL) -#define SSL_CTX_sess_accept_renegotiate(ctx) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT_RENEGOTIATE,0,NULL) -#define SSL_CTX_sess_accept_good(ctx) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_ACCEPT_GOOD,0,NULL) -#define SSL_CTX_sess_hits(ctx) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_HIT,0,NULL) -#define SSL_CTX_sess_cb_hits(ctx) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CB_HIT,0,NULL) -#define SSL_CTX_sess_misses(ctx) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_MISSES,0,NULL) -#define SSL_CTX_sess_timeouts(ctx) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_TIMEOUTS,0,NULL) -#define SSL_CTX_sess_cache_full(ctx) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CACHE_FULL,0,NULL) - -#define SSL_CTX_sess_set_new_cb(ctx,cb) ((ctx)->new_session_cb=(cb)) -#define SSL_CTX_sess_get_new_cb(ctx) ((ctx)->new_session_cb) -#define SSL_CTX_sess_set_remove_cb(ctx,cb) ((ctx)->remove_session_cb=(cb)) -#define SSL_CTX_sess_get_remove_cb(ctx) ((ctx)->remove_session_cb) -#define SSL_CTX_sess_set_get_cb(ctx,cb) ((ctx)->get_session_cb=(cb)) -#define SSL_CTX_sess_get_get_cb(ctx) ((ctx)->get_session_cb) -#define SSL_CTX_set_info_callback(ctx,cb) ((ctx)->info_callback=(cb)) -#define SSL_CTX_get_info_callback(ctx) ((ctx)->info_callback) -#define SSL_CTX_set_client_cert_cb(ctx,cb) ((ctx)->client_cert_cb=(cb)) -#define SSL_CTX_get_client_cert_cb(ctx) ((ctx)->client_cert_cb) - -#define SSL_NOTHING 1 -#define SSL_WRITING 2 -#define SSL_READING 3 -#define SSL_X509_LOOKUP 4 - -/* These will only be used when doing non-blocking IO */ -#define SSL_want_nothing(s) (SSL_want(s) == SSL_NOTHING) -#define SSL_want_read(s) (SSL_want(s) == SSL_READING) -#define SSL_want_write(s) (SSL_want(s) == SSL_WRITING) -#define SSL_want_x509_lookup(s) (SSL_want(s) == SSL_X509_LOOKUP) - -struct ssl_st - { - /* protocol version - * (one of SSL2_VERSION, SSL3_VERSION, TLS1_VERSION) - */ - int version; - int type; /* SSL_ST_CONNECT or SSL_ST_ACCEPT */ - - SSL_METHOD *method; /* SSLv3 */ - - /* There are 2 BIO's even though they are normally both the - * same. This is so data can be read and written to different - * handlers */ - -#ifndef NO_BIO - BIO *rbio; /* used by SSL_read */ - BIO *wbio; /* used by SSL_write */ - BIO *bbio; /* used during session-id reuse to concatenate - * messages */ -#else - char *rbio; /* used by SSL_read */ - char *wbio; /* used by SSL_write */ - char *bbio; -#endif - /* This holds a variable that indicates what we were doing - * when a 0 or -1 is returned. This is needed for - * non-blocking IO so we know what request needs re-doing when - * in SSL_accept or SSL_connect */ - int rwstate; - - /* true when we are actually in SSL_accept() or SSL_connect() */ - int in_handshake; - int (*handshake_func)(); - - /* Imagine that here's a boolean member "init" that is - * switched as soon as SSL_set_{accept/connect}_state - * is called for the first time, so that "state" and - * "handshake_func" are properly initialized. But as - * handshake_func is == 0 until then, we use this - * test instead of an "init" member. - */ - - int server; /* are we the server side? - mostly used by SSL_clear*/ - - int new_session;/* 1 if we are to use a new session */ - int quiet_shutdown;/* don't send shutdown packets */ - int shutdown; /* we have shut things down, 0x01 sent, 0x02 - * for received */ - int state; /* where we are */ - int rstate; /* where we are when reading */ - - BUF_MEM *init_buf; /* buffer used during init */ - int init_num; /* amount read/written */ - int init_off; /* amount read/written */ - - /* used internally to point at a raw packet */ - unsigned char *packet; - unsigned int packet_length; - - struct ssl2_state_st *s2; /* SSLv2 variables */ - struct ssl3_state_st *s3; /* SSLv3 variables */ - - int read_ahead; /* Read as many input bytes as possible - * (for non-blocking reads) */ - int hit; /* reusing a previous session */ - - int purpose; /* Purpose setting */ - int trust; /* Trust setting */ - - /* crypto */ - STACK_OF(SSL_CIPHER) *cipher_list; - STACK_OF(SSL_CIPHER) *cipher_list_by_id; - - /* These are the ones being used, the ones in SSL_SESSION are - * the ones to be 'copied' into these ones */ - - EVP_CIPHER_CTX *enc_read_ctx; /* cryptographic state */ - const EVP_MD *read_hash; /* used for mac generation */ -#ifndef NO_COMP - COMP_CTX *expand; /* uncompress */ -#else - char *expand; -#endif - - EVP_CIPHER_CTX *enc_write_ctx; /* cryptographic state */ - const EVP_MD *write_hash; /* used for mac generation */ -#ifndef NO_COMP - COMP_CTX *compress; /* compression */ -#else - char *compress; -#endif - - /* session info */ - - /* client cert? */ - /* This is used to hold the server certificate used */ - struct cert_st /* CERT */ *cert; - - /* the session_id_context is used to ensure sessions are only reused - * in the appropriate context */ - unsigned int sid_ctx_length; - unsigned char sid_ctx[SSL_MAX_SID_CTX_LENGTH]; - - /* This can also be in the session once a session is established */ - SSL_SESSION *session; - - /* Used in SSL2 and SSL3 */ - int verify_mode; /* 0 don't care about verify failure. - * 1 fail if verify fails */ - int verify_depth; - int (*verify_callback)(int ok,X509_STORE_CTX *ctx); /* fail if callback returns 0 */ - void (*info_callback)(); /* optional informational callback */ - - int error; /* error bytes to be written */ - int error_code; /* actual code */ - - SSL_CTX *ctx; - /* set this flag to 1 and a sleep(1) is put into all SSL_read() - * and SSL_write() calls, good for nbio debuging :-) */ - int debug; - - /* extra application data */ - long verify_result; - CRYPTO_EX_DATA ex_data; - - /* for server side, keep the list of CA_dn we can use */ - STACK_OF(X509_NAME) *client_CA; - - int references; - unsigned long options; /* protocol behaviour */ - unsigned long mode; /* API behaviour */ - int first_packet; - int client_version; /* what was passed, used for - * SSLv3/TLS rollback check */ - }; - -#ifdef __cplusplus -} -#endif - -#include -#include -#include /* This is mostly sslv3 with a few tweaks */ -#include - -#ifdef __cplusplus -extern "C" { -#endif - -/* compatibility */ -#define SSL_set_app_data(s,arg) (SSL_set_ex_data(s,0,(char *)arg)) -#define SSL_get_app_data(s) (SSL_get_ex_data(s,0)) -#define SSL_SESSION_set_app_data(s,a) (SSL_SESSION_set_ex_data(s,0,(char *)a)) -#define SSL_SESSION_get_app_data(s) (SSL_SESSION_get_ex_data(s,0)) -#define SSL_CTX_get_app_data(ctx) (SSL_CTX_get_ex_data(ctx,0)) -#define SSL_CTX_set_app_data(ctx,arg) (SSL_CTX_set_ex_data(ctx,0,(char *)arg)) - -/* The following are the possible values for ssl->state are are - * used to indicate where we are up to in the SSL connection establishment. - * The macros that follow are about the only things you should need to use - * and even then, only when using non-blocking IO. - * It can also be useful to work out where you were when the connection - * failed */ - -#define SSL_ST_CONNECT 0x1000 -#define SSL_ST_ACCEPT 0x2000 -#define SSL_ST_MASK 0x0FFF -#define SSL_ST_INIT (SSL_ST_CONNECT|SSL_ST_ACCEPT) -#define SSL_ST_BEFORE 0x4000 -#define SSL_ST_OK 0x03 -#define SSL_ST_RENEGOTIATE (0x04|SSL_ST_INIT) - -#define SSL_CB_LOOP 0x01 -#define SSL_CB_EXIT 0x02 -#define SSL_CB_READ 0x04 -#define SSL_CB_WRITE 0x08 -#define SSL_CB_ALERT 0x4000 /* used in callback */ -#define SSL_CB_READ_ALERT (SSL_CB_ALERT|SSL_CB_READ) -#define SSL_CB_WRITE_ALERT (SSL_CB_ALERT|SSL_CB_WRITE) -#define SSL_CB_ACCEPT_LOOP (SSL_ST_ACCEPT|SSL_CB_LOOP) -#define SSL_CB_ACCEPT_EXIT (SSL_ST_ACCEPT|SSL_CB_EXIT) -#define SSL_CB_CONNECT_LOOP (SSL_ST_CONNECT|SSL_CB_LOOP) -#define SSL_CB_CONNECT_EXIT (SSL_ST_CONNECT|SSL_CB_EXIT) -#define SSL_CB_HANDSHAKE_START 0x10 -#define SSL_CB_HANDSHAKE_DONE 0x20 - -/* Is the SSL_connection established? */ -#define SSL_get_state(a) SSL_state(a) -#define SSL_is_init_finished(a) (SSL_state(a) == SSL_ST_OK) -#define SSL_in_init(a) (SSL_state(a)&SSL_ST_INIT) -#define SSL_in_before(a) (SSL_state(a)&SSL_ST_BEFORE) -#define SSL_in_connect_init(a) (SSL_state(a)&SSL_ST_CONNECT) -#define SSL_in_accept_init(a) (SSL_state(a)&SSL_ST_ACCEPT) - -/* The following 2 states are kept in ssl->rstate when reads fail, - * you should not need these */ -#define SSL_ST_READ_HEADER 0xF0 -#define SSL_ST_READ_BODY 0xF1 -#define SSL_ST_READ_DONE 0xF2 - -/* Obtain latest Finished message - * -- that we sent (SSL_get_finished) - * -- that we expected from peer (SSL_get_peer_finished). - * Returns length (0 == no Finished so far), copies up to 'count' bytes. */ -size_t SSL_get_finished(SSL *s, void *buf, size_t count); -size_t SSL_get_peer_finished(SSL *s, void *buf, size_t count); - -/* use either SSL_VERIFY_NONE or SSL_VERIFY_PEER, the last 2 options - * are 'ored' with SSL_VERIFY_PEER if they are desired */ -#define SSL_VERIFY_NONE 0x00 -#define SSL_VERIFY_PEER 0x01 -#define SSL_VERIFY_FAIL_IF_NO_PEER_CERT 0x02 -#define SSL_VERIFY_CLIENT_ONCE 0x04 - -#define OpenSSL_add_ssl_algorithms() SSL_library_init() -#define SSLeay_add_ssl_algorithms() SSL_library_init() - -/* this is for backward compatibility */ -#if 0 /* NEW_SSLEAY */ -#define SSL_CTX_set_default_verify(a,b,c) SSL_CTX_set_verify(a,b,c) -#define SSL_set_pref_cipher(c,n) SSL_set_cipher_list(c,n) -#define SSL_add_session(a,b) SSL_CTX_add_session((a),(b)) -#define SSL_remove_session(a,b) SSL_CTX_remove_session((a),(b)) -#define SSL_flush_sessions(a,b) SSL_CTX_flush_sessions((a),(b)) -#endif -/* More backward compatibility */ -#define SSL_get_cipher(s) \ - SSL_CIPHER_get_name(SSL_get_current_cipher(s)) -#define SSL_get_cipher_bits(s,np) \ - SSL_CIPHER_get_bits(SSL_get_current_cipher(s),np) -#define SSL_get_cipher_version(s) \ - SSL_CIPHER_get_version(SSL_get_current_cipher(s)) -#define SSL_get_cipher_name(s) \ - SSL_CIPHER_get_name(SSL_get_current_cipher(s)) -#define SSL_get_time(a) SSL_SESSION_get_time(a) -#define SSL_set_time(a,b) SSL_SESSION_set_time((a),(b)) -#define SSL_get_timeout(a) SSL_SESSION_get_timeout(a) -#define SSL_set_timeout(a,b) SSL_SESSION_set_timeout((a),(b)) - -#if 1 /*SSLEAY_MACROS*/ -#define d2i_SSL_SESSION_bio(bp,s_id) (SSL_SESSION *)ASN1_d2i_bio( \ - (char *(*)())SSL_SESSION_new,(char *(*)())d2i_SSL_SESSION, \ - (bp),(unsigned char **)(s_id)) -#define i2d_SSL_SESSION_bio(bp,s_id) ASN1_i2d_bio(i2d_SSL_SESSION, \ - bp,(unsigned char *)s_id) -#define PEM_read_SSL_SESSION(fp,x,cb,u) (SSL_SESSION *)PEM_ASN1_read( \ - (char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,fp,(char **)x,cb,u) -#define PEM_read_bio_SSL_SESSION(bp,x,cb,u) (SSL_SESSION *)PEM_ASN1_read_bio( \ - (char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,bp,(char **)x,cb,u) -#define PEM_write_SSL_SESSION(fp,x) \ - PEM_ASN1_write((int (*)())i2d_SSL_SESSION, \ - PEM_STRING_SSL_SESSION,fp, (char *)x, NULL,NULL,0,NULL,NULL) -#define PEM_write_bio_SSL_SESSION(bp,x) \ - PEM_ASN1_write_bio((int (*)())i2d_SSL_SESSION, \ - PEM_STRING_SSL_SESSION,bp, (char *)x, NULL,NULL,0,NULL,NULL) -#endif - -#define SSL_AD_REASON_OFFSET 1000 -/* These alert types are for SSLv3 and TLSv1 */ -#define SSL_AD_CLOSE_NOTIFY SSL3_AD_CLOSE_NOTIFY -#define SSL_AD_UNEXPECTED_MESSAGE SSL3_AD_UNEXPECTED_MESSAGE /* fatal */ -#define SSL_AD_BAD_RECORD_MAC SSL3_AD_BAD_RECORD_MAC /* fatal */ -#define SSL_AD_DECRYPTION_FAILED TLS1_AD_DECRYPTION_FAILED -#define SSL_AD_RECORD_OVERFLOW TLS1_AD_RECORD_OVERFLOW -#define SSL_AD_DECOMPRESSION_FAILURE SSL3_AD_DECOMPRESSION_FAILURE/* fatal */ -#define SSL_AD_HANDSHAKE_FAILURE SSL3_AD_HANDSHAKE_FAILURE/* fatal */ -#define SSL_AD_NO_CERTIFICATE SSL3_AD_NO_CERTIFICATE /* Not for TLS */ -#define SSL_AD_BAD_CERTIFICATE SSL3_AD_BAD_CERTIFICATE -#define SSL_AD_UNSUPPORTED_CERTIFICATE SSL3_AD_UNSUPPORTED_CERTIFICATE -#define SSL_AD_CERTIFICATE_REVOKED SSL3_AD_CERTIFICATE_REVOKED -#define SSL_AD_CERTIFICATE_EXPIRED SSL3_AD_CERTIFICATE_EXPIRED -#define SSL_AD_CERTIFICATE_UNKNOWN SSL3_AD_CERTIFICATE_UNKNOWN -#define SSL_AD_ILLEGAL_PARAMETER SSL3_AD_ILLEGAL_PARAMETER /* fatal */ -#define SSL_AD_UNKNOWN_CA TLS1_AD_UNKNOWN_CA /* fatal */ -#define SSL_AD_ACCESS_DENIED TLS1_AD_ACCESS_DENIED /* fatal */ -#define SSL_AD_DECODE_ERROR TLS1_AD_DECODE_ERROR /* fatal */ -#define SSL_AD_DECRYPT_ERROR TLS1_AD_DECRYPT_ERROR -#define SSL_AD_EXPORT_RESTRICTION TLS1_AD_EXPORT_RESTRICTION/* fatal */ -#define SSL_AD_PROTOCOL_VERSION TLS1_AD_PROTOCOL_VERSION /* fatal */ -#define SSL_AD_INSUFFICIENT_SECURITY TLS1_AD_INSUFFICIENT_SECURITY/* fatal */ -#define SSL_AD_INTERNAL_ERROR TLS1_AD_INTERNAL_ERROR /* fatal */ -#define SSL_AD_USER_CANCELLED TLS1_AD_USER_CANCELLED -#define SSL_AD_NO_RENEGOTIATION TLS1_AD_NO_RENEGOTIATION - -#define SSL_ERROR_NONE 0 -#define SSL_ERROR_SSL 1 -#define SSL_ERROR_WANT_READ 2 -#define SSL_ERROR_WANT_WRITE 3 -#define SSL_ERROR_WANT_X509_LOOKUP 4 -#define SSL_ERROR_SYSCALL 5 /* look at error stack/return value/errno */ -#define SSL_ERROR_ZERO_RETURN 6 -#define SSL_ERROR_WANT_CONNECT 7 - -#define SSL_CTRL_NEED_TMP_RSA 1 -#define SSL_CTRL_SET_TMP_RSA 2 -#define SSL_CTRL_SET_TMP_DH 3 -#define SSL_CTRL_SET_TMP_RSA_CB 4 -#define SSL_CTRL_SET_TMP_DH_CB 5 -/* Add these ones */ -#define SSL_CTRL_GET_SESSION_REUSED 6 -#define SSL_CTRL_GET_CLIENT_CERT_REQUEST 7 -#define SSL_CTRL_GET_NUM_RENEGOTIATIONS 8 -#define SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS 9 -#define SSL_CTRL_GET_TOTAL_RENEGOTIATIONS 10 -#define SSL_CTRL_GET_FLAGS 11 -#define SSL_CTRL_EXTRA_CHAIN_CERT 12 - -/* Stats */ -#define SSL_CTRL_SESS_NUMBER 20 -#define SSL_CTRL_SESS_CONNECT 21 -#define SSL_CTRL_SESS_CONNECT_GOOD 22 -#define SSL_CTRL_SESS_CONNECT_RENEGOTIATE 23 -#define SSL_CTRL_SESS_ACCEPT 24 -#define SSL_CTRL_SESS_ACCEPT_GOOD 25 -#define SSL_CTRL_SESS_ACCEPT_RENEGOTIATE 26 -#define SSL_CTRL_SESS_HIT 27 -#define SSL_CTRL_SESS_CB_HIT 28 -#define SSL_CTRL_SESS_MISSES 29 -#define SSL_CTRL_SESS_TIMEOUTS 30 -#define SSL_CTRL_SESS_CACHE_FULL 31 -#define SSL_CTRL_OPTIONS 32 -#define SSL_CTRL_MODE 33 - -#define SSL_CTRL_GET_READ_AHEAD 40 -#define SSL_CTRL_SET_READ_AHEAD 41 -#define SSL_CTRL_SET_SESS_CACHE_SIZE 42 -#define SSL_CTRL_GET_SESS_CACHE_SIZE 43 -#define SSL_CTRL_SET_SESS_CACHE_MODE 44 -#define SSL_CTRL_GET_SESS_CACHE_MODE 45 - -#define SSL_session_reused(ssl) \ - SSL_ctrl((ssl),SSL_CTRL_GET_SESSION_REUSED,0,NULL) -#define SSL_num_renegotiations(ssl) \ - SSL_ctrl((ssl),SSL_CTRL_GET_NUM_RENEGOTIATIONS,0,NULL) -#define SSL_clear_num_renegotiations(ssl) \ - SSL_ctrl((ssl),SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS,0,NULL) -#define SSL_total_renegotiations(ssl) \ - SSL_ctrl((ssl),SSL_CTRL_GET_TOTAL_RENEGOTIATIONS,0,NULL) - -#define SSL_CTX_need_tmp_RSA(ctx) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_NEED_TMP_RSA,0,NULL) -#define SSL_CTX_set_tmp_rsa(ctx,rsa) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_RSA,0,(char *)rsa) -#define SSL_CTX_set_tmp_dh(ctx,dh) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH,0,(char *)dh) - -#define SSL_need_tmp_RSA(ssl) \ - SSL_ctrl(ssl,SSL_CTRL_NEED_TMP_RSA,0,NULL) -#define SSL_set_tmp_rsa(ssl,rsa) \ - SSL_ctrl(ssl,SSL_CTRL_SET_TMP_RSA,0,(char *)rsa) -#define SSL_set_tmp_dh(ssl,dh) \ - SSL_ctrl(ssl,SSL_CTRL_SET_TMP_DH,0,(char *)dh) - -#define SSL_CTX_add_extra_chain_cert(ctx,x509) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,(char *)x509) - -/* VMS uses only 31 characters for symbols. */ -#ifdef VMS -#undef SSL_CTX_set_cert_verify_callback -#define SSL_CTX_set_cert_verify_callback SSL_CTX_set_cert_verify_cb -#undef SSL_CTX_use_certificate_chain_file -#define SSL_CTX_use_certificate_chain_file SSL_CTX_use_cert_chain_file -#undef SSL_CTX_set_default_verify_paths -#define SSL_CTX_set_default_verify_paths SSL_CTX_set_def_verify_paths -#undef SSL_get_ex_data_X509_STORE_CTX_idx -#define SSL_get_ex_data_X509_STORE_CTX_idx SSL_get_ex_data_X509_STOR_CTX_i -#undef SSL_add_file_cert_subjects_to_stack -#define SSL_add_file_cert_subjects_to_stack SSL_add_file_cert_sub_to_stack -#undef SSL_add_dir_cert_subjects_to_stack -#define SSL_add_dir_cert_subjects_to_stack SSL_add_dir_cert_sub_to_stack -#endif - -#ifndef NO_BIO -BIO_METHOD *BIO_f_ssl(void); -BIO *BIO_new_ssl(SSL_CTX *ctx,int client); -BIO *BIO_new_ssl_connect(SSL_CTX *ctx); -BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx); -int BIO_ssl_copy_session_id(BIO *to,BIO *from); -void BIO_ssl_shutdown(BIO *ssl_bio); - -#endif - -int SSL_CTX_set_cipher_list(SSL_CTX *,const char *str); -SSL_CTX *SSL_CTX_new(SSL_METHOD *meth); -void SSL_CTX_free(SSL_CTX *); -long SSL_CTX_set_timeout(SSL_CTX *ctx,long t); -long SSL_CTX_get_timeout(SSL_CTX *ctx); -X509_STORE *SSL_CTX_get_cert_store(SSL_CTX *); -void SSL_CTX_set_cert_store(SSL_CTX *,X509_STORE *); -int SSL_want(SSL *s); -int SSL_clear(SSL *s); - -void SSL_CTX_flush_sessions(SSL_CTX *ctx,long tm); - -SSL_CIPHER *SSL_get_current_cipher(SSL *s); -int SSL_CIPHER_get_bits(SSL_CIPHER *c,int *alg_bits); -char * SSL_CIPHER_get_version(SSL_CIPHER *c); -const char * SSL_CIPHER_get_name(SSL_CIPHER *c); - -int SSL_get_fd(SSL *s); -const char * SSL_get_cipher_list(SSL *s,int n); -char * SSL_get_shared_ciphers(SSL *s, char *buf, int len); -int SSL_get_read_ahead(SSL * s); -int SSL_pending(SSL *s); -#ifndef NO_SOCK -int SSL_set_fd(SSL *s, int fd); -int SSL_set_rfd(SSL *s, int fd); -int SSL_set_wfd(SSL *s, int fd); -#endif -#ifndef NO_BIO -void SSL_set_bio(SSL *s, BIO *rbio,BIO *wbio); -BIO * SSL_get_rbio(SSL *s); -BIO * SSL_get_wbio(SSL *s); -#endif -int SSL_set_cipher_list(SSL *s, const char *str); -void SSL_set_read_ahead(SSL *s, int yes); -int SSL_get_verify_mode(SSL *s); -int SSL_get_verify_depth(SSL *s); -int (*SSL_get_verify_callback(SSL *s))(int,X509_STORE_CTX *); -void SSL_set_verify(SSL *s, int mode, - int (*callback)(int ok,X509_STORE_CTX *ctx)); -void SSL_set_verify_depth(SSL *s, int depth); -#ifndef NO_RSA -int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa); -#endif -int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len); -int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey); -int SSL_use_PrivateKey_ASN1(int pk,SSL *ssl, unsigned char *d, long len); -int SSL_use_certificate(SSL *ssl, X509 *x); -int SSL_use_certificate_ASN1(SSL *ssl, unsigned char *d, int len); - -#ifndef NO_STDIO -int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type); -int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type); -int SSL_use_certificate_file(SSL *ssl, const char *file, int type); -int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type); -int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type); -int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type); -int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file); /* PEM type */ -STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file); -int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs, - const char *file); -int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs, - const char *dir); -#endif - -void ERR_load_SSL_strings(void ); -void SSL_load_error_strings(void ); -char * SSL_state_string(SSL *s); -char * SSL_rstate_string(SSL *s); -char * SSL_state_string_long(SSL *s); -char * SSL_rstate_string_long(SSL *s); -long SSL_SESSION_get_time(SSL_SESSION *s); -long SSL_SESSION_set_time(SSL_SESSION *s, long t); -long SSL_SESSION_get_timeout(SSL_SESSION *s); -long SSL_SESSION_set_timeout(SSL_SESSION *s, long t); -void SSL_copy_session_id(SSL *to,SSL *from); - -SSL_SESSION *SSL_SESSION_new(void); -unsigned long SSL_SESSION_hash(SSL_SESSION *a); -int SSL_SESSION_cmp(SSL_SESSION *a,SSL_SESSION *b); -#ifndef NO_FP_API -int SSL_SESSION_print_fp(FILE *fp,SSL_SESSION *ses); -#endif -#ifndef NO_BIO -int SSL_SESSION_print(BIO *fp,SSL_SESSION *ses); -#endif -void SSL_SESSION_free(SSL_SESSION *ses); -int i2d_SSL_SESSION(SSL_SESSION *in,unsigned char **pp); -int SSL_set_session(SSL *to, SSL_SESSION *session); -int SSL_CTX_add_session(SSL_CTX *s, SSL_SESSION *c); -int SSL_CTX_remove_session(SSL_CTX *,SSL_SESSION *c); -SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a,unsigned char **pp,long length); - -#ifdef HEADER_X509_H -X509 * SSL_get_peer_certificate(SSL *s); -#endif - -STACK_OF(X509) *SSL_get_peer_cert_chain(SSL *s); - -#ifdef VMS -#define SSL_CTX_set_default_passwd_cb_userdata SSL_CTX_set_def_passwd_cb_ud -#endif - -int SSL_CTX_get_verify_mode(SSL_CTX *ctx); -int SSL_CTX_get_verify_depth(SSL_CTX *ctx); -int (*SSL_CTX_get_verify_callback(SSL_CTX *ctx))(int,X509_STORE_CTX *); -void SSL_CTX_set_verify(SSL_CTX *ctx,int mode, - int (*callback)(int, X509_STORE_CTX *)); -void SSL_CTX_set_verify_depth(SSL_CTX *ctx,int depth); -void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx, int (*cb)(),char *arg); -#ifndef NO_RSA -int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa); -#endif -int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len); -int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey); -int SSL_CTX_use_PrivateKey_ASN1(int pk,SSL_CTX *ctx, - unsigned char *d, long len); -int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x); -int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d); - -void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb); -void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u); - -int SSL_CTX_check_private_key(SSL_CTX *ctx); -int SSL_check_private_key(SSL *ctx); - -int SSL_CTX_set_session_id_context(SSL_CTX *ctx,const unsigned char *sid_ctx, - unsigned int sid_ctx_len); - -SSL * SSL_new(SSL_CTX *ctx); -int SSL_set_session_id_context(SSL *ssl,const unsigned char *sid_ctx, - unsigned int sid_ctx_len); - -int SSL_CTX_set_purpose(SSL_CTX *s, int purpose); -int SSL_set_purpose(SSL *s, int purpose); -int SSL_CTX_set_trust(SSL_CTX *s, int trust); -int SSL_set_trust(SSL *s, int trust); - -void SSL_free(SSL *ssl); -int SSL_accept(SSL *ssl); -int SSL_connect(SSL *ssl); -int SSL_read(SSL *ssl,char *buf,int num); -int SSL_peek(SSL *ssl,char *buf,int num); -int SSL_write(SSL *ssl,const char *buf,int num); -long SSL_ctrl(SSL *ssl,int cmd, long larg, char *parg); -long SSL_callback_ctrl(SSL *, int, void (*)()); -long SSL_CTX_ctrl(SSL_CTX *ctx,int cmd, long larg, char *parg); -long SSL_CTX_callback_ctrl(SSL_CTX *, int, void (*)()); - -int SSL_get_error(SSL *s,int ret_code); -const char *SSL_get_version(SSL *s); - -/* This sets the 'default' SSL version that SSL_new() will create */ -int SSL_CTX_set_ssl_version(SSL_CTX *ctx,SSL_METHOD *meth); - -SSL_METHOD *SSLv2_method(void); /* SSLv2 */ -SSL_METHOD *SSLv2_server_method(void); /* SSLv2 */ -SSL_METHOD *SSLv2_client_method(void); /* SSLv2 */ - -SSL_METHOD *SSLv3_method(void); /* SSLv3 */ -SSL_METHOD *SSLv3_server_method(void); /* SSLv3 */ -SSL_METHOD *SSLv3_client_method(void); /* SSLv3 */ - -SSL_METHOD *SSLv23_method(void); /* SSLv3 but can rollback to v2 */ -SSL_METHOD *SSLv23_server_method(void); /* SSLv3 but can rollback to v2 */ -SSL_METHOD *SSLv23_client_method(void); /* SSLv3 but can rollback to v2 */ - -SSL_METHOD *TLSv1_method(void); /* TLSv1.0 */ -SSL_METHOD *TLSv1_server_method(void); /* TLSv1.0 */ -SSL_METHOD *TLSv1_client_method(void); /* TLSv1.0 */ - -STACK_OF(SSL_CIPHER) *SSL_get_ciphers(SSL *s); - -int SSL_do_handshake(SSL *s); -int SSL_renegotiate(SSL *s); -int SSL_shutdown(SSL *s); - -SSL_METHOD *SSL_get_ssl_method(SSL *s); -int SSL_set_ssl_method(SSL *s,SSL_METHOD *method); -char *SSL_alert_type_string_long(int value); -char *SSL_alert_type_string(int value); -char *SSL_alert_desc_string_long(int value); -char *SSL_alert_desc_string(int value); - -void SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *list); -void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *list); -STACK_OF(X509_NAME) *SSL_get_client_CA_list(SSL *s); -STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(SSL_CTX *s); -int SSL_add_client_CA(SSL *ssl,X509 *x); -int SSL_CTX_add_client_CA(SSL_CTX *ctx,X509 *x); - -void SSL_set_connect_state(SSL *s); -void SSL_set_accept_state(SSL *s); - -long SSL_get_default_timeout(SSL *s); - -int SSL_library_init(void ); - -char *SSL_CIPHER_description(SSL_CIPHER *,char *buf,int size); -STACK_OF(X509_NAME) *SSL_dup_CA_list(STACK_OF(X509_NAME) *sk); - -SSL *SSL_dup(SSL *ssl); - -X509 *SSL_get_certificate(SSL *ssl); -/* EVP_PKEY */ struct evp_pkey_st *SSL_get_privatekey(SSL *ssl); - -void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx,int mode); -int SSL_CTX_get_quiet_shutdown(SSL_CTX *ctx); -void SSL_set_quiet_shutdown(SSL *ssl,int mode); -int SSL_get_quiet_shutdown(SSL *ssl); -void SSL_set_shutdown(SSL *ssl,int mode); -int SSL_get_shutdown(SSL *ssl); -int SSL_version(SSL *ssl); -int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx); -int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile, - const char *CApath); -#define SSL_get0_session SSL_get_session /* just peek at pointer */ -SSL_SESSION *SSL_get_session(SSL *ssl); -SSL_SESSION *SSL_get1_session(SSL *ssl); /* obtain a reference count */ -SSL_CTX *SSL_get_SSL_CTX(SSL *ssl); -void SSL_set_info_callback(SSL *ssl,void (*cb)()); -void (*SSL_get_info_callback(SSL *ssl))(); -int SSL_state(SSL *ssl); - -void SSL_set_verify_result(SSL *ssl,long v); -long SSL_get_verify_result(SSL *ssl); - -int SSL_set_ex_data(SSL *ssl,int idx,void *data); -void *SSL_get_ex_data(SSL *ssl,int idx); -int SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); - -int SSL_SESSION_set_ex_data(SSL_SESSION *ss,int idx,void *data); -void *SSL_SESSION_get_ex_data(SSL_SESSION *ss,int idx); -int SSL_SESSION_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); - -int SSL_CTX_set_ex_data(SSL_CTX *ssl,int idx,void *data); -void *SSL_CTX_get_ex_data(SSL_CTX *ssl,int idx); -int SSL_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); - -int SSL_get_ex_data_X509_STORE_CTX_idx(void ); - -#define SSL_CTX_sess_set_cache_size(ctx,t) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SESS_CACHE_SIZE,t,NULL) -#define SSL_CTX_sess_get_cache_size(ctx) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_GET_SESS_CACHE_SIZE,0,NULL) -#define SSL_CTX_set_session_cache_mode(ctx,m) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SESS_CACHE_MODE,m,NULL) -#define SSL_CTX_get_session_cache_mode(ctx) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_GET_SESS_CACHE_MODE,0,NULL) - -#define SSL_CTX_get_default_read_ahead(ctx) SSL_CTX_get_read_ahead(ctx) -#define SSL_CTX_set_default_read_ahead(ctx,m) SSL_CTX_set_read_ahead(ctx,m) -#define SSL_CTX_get_read_ahead(ctx) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_GET_READ_AHEAD,0,NULL) -#define SSL_CTX_set_read_ahead(ctx,m) \ - SSL_CTX_ctrl(ctx,SSL_CTRL_SET_READ_AHEAD,0,NULL) - - /* NB: the keylength is only applicable when is_export is true */ -#ifndef NO_RSA -void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx, - RSA *(*cb)(SSL *ssl,int is_export, - int keylength)); - -void SSL_set_tmp_rsa_callback(SSL *ssl, - RSA *(*cb)(SSL *ssl,int is_export, - int keylength)); -#endif -#ifndef NO_DH -void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx, - DH *(*dh)(SSL *ssl,int is_export, - int keylength)); -void SSL_set_tmp_dh_callback(SSL *ssl, - DH *(*dh)(SSL *ssl,int is_export, - int keylength)); -#endif - -#ifndef NO_COMP -int SSL_COMP_add_compression_method(int id,COMP_METHOD *cm); -#else -int SSL_COMP_add_compression_method(int id,char *cm); -#endif - -/* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ - -/* Error codes for the SSL functions. */ - -/* Function codes. */ -#define SSL_F_CLIENT_CERTIFICATE 100 -#define SSL_F_CLIENT_HELLO 101 -#define SSL_F_CLIENT_MASTER_KEY 102 -#define SSL_F_D2I_SSL_SESSION 103 -#define SSL_F_DO_SSL3_WRITE 104 -#define SSL_F_GET_CLIENT_FINISHED 105 -#define SSL_F_GET_CLIENT_HELLO 106 -#define SSL_F_GET_CLIENT_MASTER_KEY 107 -#define SSL_F_GET_SERVER_FINISHED 108 -#define SSL_F_GET_SERVER_HELLO 109 -#define SSL_F_GET_SERVER_VERIFY 110 -#define SSL_F_I2D_SSL_SESSION 111 -#define SSL_F_READ_N 112 -#define SSL_F_REQUEST_CERTIFICATE 113 -#define SSL_F_SERVER_HELLO 114 -#define SSL_F_SSL23_ACCEPT 115 -#define SSL_F_SSL23_CLIENT_HELLO 116 -#define SSL_F_SSL23_CONNECT 117 -#define SSL_F_SSL23_GET_CLIENT_HELLO 118 -#define SSL_F_SSL23_GET_SERVER_HELLO 119 -#define SSL_F_SSL23_READ 120 -#define SSL_F_SSL23_WRITE 121 -#define SSL_F_SSL2_ACCEPT 122 -#define SSL_F_SSL2_CONNECT 123 -#define SSL_F_SSL2_ENC_INIT 124 -#define SSL_F_SSL2_READ 125 -#define SSL_F_SSL2_SET_CERTIFICATE 126 -#define SSL_F_SSL2_WRITE 127 -#define SSL_F_SSL3_ACCEPT 128 -#define SSL_F_SSL3_CALLBACK_CTRL 233 -#define SSL_F_SSL3_CHANGE_CIPHER_STATE 129 -#define SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM 130 -#define SSL_F_SSL3_CLIENT_HELLO 131 -#define SSL_F_SSL3_CONNECT 132 -#define SSL_F_SSL3_CTRL 213 -#define SSL_F_SSL3_CTX_CTRL 133 -#define SSL_F_SSL3_ENC 134 -#define SSL_F_SSL3_GET_CERTIFICATE_REQUEST 135 -#define SSL_F_SSL3_GET_CERT_VERIFY 136 -#define SSL_F_SSL3_GET_CLIENT_CERTIFICATE 137 -#define SSL_F_SSL3_GET_CLIENT_HELLO 138 -#define SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE 139 -#define SSL_F_SSL3_GET_FINISHED 140 -#define SSL_F_SSL3_GET_KEY_EXCHANGE 141 -#define SSL_F_SSL3_GET_MESSAGE 142 -#define SSL_F_SSL3_GET_RECORD 143 -#define SSL_F_SSL3_GET_SERVER_CERTIFICATE 144 -#define SSL_F_SSL3_GET_SERVER_DONE 145 -#define SSL_F_SSL3_GET_SERVER_HELLO 146 -#define SSL_F_SSL3_OUTPUT_CERT_CHAIN 147 -#define SSL_F_SSL3_READ_BYTES 148 -#define SSL_F_SSL3_READ_N 149 -#define SSL_F_SSL3_SEND_CERTIFICATE_REQUEST 150 -#define SSL_F_SSL3_SEND_CLIENT_CERTIFICATE 151 -#define SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE 152 -#define SSL_F_SSL3_SEND_CLIENT_VERIFY 153 -#define SSL_F_SSL3_SEND_SERVER_CERTIFICATE 154 -#define SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE 155 -#define SSL_F_SSL3_SETUP_BUFFERS 156 -#define SSL_F_SSL3_SETUP_KEY_BLOCK 157 -#define SSL_F_SSL3_WRITE_BYTES 158 -#define SSL_F_SSL3_WRITE_PENDING 159 -#define SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK 215 -#define SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK 216 -#define SSL_F_SSL_BAD_METHOD 160 -#define SSL_F_SSL_BYTES_TO_CIPHER_LIST 161 -#define SSL_F_SSL_CERT_DUP 221 -#define SSL_F_SSL_CERT_INST 222 -#define SSL_F_SSL_CERT_INSTANTIATE 214 -#define SSL_F_SSL_CERT_NEW 162 -#define SSL_F_SSL_CHECK_PRIVATE_KEY 163 -#define SSL_F_SSL_CIPHER_PROCESS_RULESTR 230 -#define SSL_F_SSL_CIPHER_STRENGTH_SORT 231 -#define SSL_F_SSL_CLEAR 164 -#define SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD 165 -#define SSL_F_SSL_CREATE_CIPHER_LIST 166 -#define SSL_F_SSL_CTRL 232 -#define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY 168 -#define SSL_F_SSL_CTX_NEW 169 -#define SSL_F_SSL_CTX_SET_PURPOSE 226 -#define SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT 219 -#define SSL_F_SSL_CTX_SET_SSL_VERSION 170 -#define SSL_F_SSL_CTX_SET_TRUST 229 -#define SSL_F_SSL_CTX_USE_CERTIFICATE 171 -#define SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1 172 -#define SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE 220 -#define SSL_F_SSL_CTX_USE_CERTIFICATE_FILE 173 -#define SSL_F_SSL_CTX_USE_PRIVATEKEY 174 -#define SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1 175 -#define SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE 176 -#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY 177 -#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1 178 -#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE 179 -#define SSL_F_SSL_DO_HANDSHAKE 180 -#define SSL_F_SSL_GET_NEW_SESSION 181 -#define SSL_F_SSL_GET_PREV_SESSION 217 -#define SSL_F_SSL_GET_SERVER_SEND_CERT 182 -#define SSL_F_SSL_GET_SIGN_PKEY 183 -#define SSL_F_SSL_INIT_WBIO_BUFFER 184 -#define SSL_F_SSL_LOAD_CLIENT_CA_FILE 185 -#define SSL_F_SSL_NEW 186 -#define SSL_F_SSL_READ 223 -#define SSL_F_SSL_RSA_PRIVATE_DECRYPT 187 -#define SSL_F_SSL_RSA_PUBLIC_ENCRYPT 188 -#define SSL_F_SSL_SESSION_NEW 189 -#define SSL_F_SSL_SESSION_PRINT_FP 190 -#define SSL_F_SSL_SESS_CERT_NEW 225 -#define SSL_F_SSL_SET_CERT 191 -#define SSL_F_SSL_SET_FD 192 -#define SSL_F_SSL_SET_PKEY 193 -#define SSL_F_SSL_SET_PURPOSE 227 -#define SSL_F_SSL_SET_RFD 194 -#define SSL_F_SSL_SET_SESSION 195 -#define SSL_F_SSL_SET_SESSION_ID_CONTEXT 218 -#define SSL_F_SSL_SET_TRUST 228 -#define SSL_F_SSL_SET_WFD 196 -#define SSL_F_SSL_SHUTDOWN 224 -#define SSL_F_SSL_UNDEFINED_FUNCTION 197 -#define SSL_F_SSL_USE_CERTIFICATE 198 -#define SSL_F_SSL_USE_CERTIFICATE_ASN1 199 -#define SSL_F_SSL_USE_CERTIFICATE_FILE 200 -#define SSL_F_SSL_USE_PRIVATEKEY 201 -#define SSL_F_SSL_USE_PRIVATEKEY_ASN1 202 -#define SSL_F_SSL_USE_PRIVATEKEY_FILE 203 -#define SSL_F_SSL_USE_RSAPRIVATEKEY 204 -#define SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1 205 -#define SSL_F_SSL_USE_RSAPRIVATEKEY_FILE 206 -#define SSL_F_SSL_VERIFY_CERT_CHAIN 207 -#define SSL_F_SSL_WRITE 208 -#define SSL_F_TLS1_CHANGE_CIPHER_STATE 209 -#define SSL_F_TLS1_ENC 210 -#define SSL_F_TLS1_SETUP_KEY_BLOCK 211 -#define SSL_F_WRITE_PENDING 212 - -/* Reason codes. */ -#define SSL_R_APP_DATA_IN_HANDSHAKE 100 -#define SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT 272 -#define SSL_R_BAD_ALERT_RECORD 101 -#define SSL_R_BAD_AUTHENTICATION_TYPE 102 -#define SSL_R_BAD_CHANGE_CIPHER_SPEC 103 -#define SSL_R_BAD_CHECKSUM 104 -#define SSL_R_BAD_DATA_RETURNED_BY_CALLBACK 106 -#define SSL_R_BAD_DECOMPRESSION 107 -#define SSL_R_BAD_DH_G_LENGTH 108 -#define SSL_R_BAD_DH_PUB_KEY_LENGTH 109 -#define SSL_R_BAD_DH_P_LENGTH 110 -#define SSL_R_BAD_DIGEST_LENGTH 111 -#define SSL_R_BAD_DSA_SIGNATURE 112 -#define SSL_R_BAD_HELLO_REQUEST 105 -#define SSL_R_BAD_LENGTH 271 -#define SSL_R_BAD_MAC_DECODE 113 -#define SSL_R_BAD_MESSAGE_TYPE 114 -#define SSL_R_BAD_PACKET_LENGTH 115 -#define SSL_R_BAD_PROTOCOL_VERSION_NUMBER 116 -#define SSL_R_BAD_RESPONSE_ARGUMENT 117 -#define SSL_R_BAD_RSA_DECRYPT 118 -#define SSL_R_BAD_RSA_ENCRYPT 119 -#define SSL_R_BAD_RSA_E_LENGTH 120 -#define SSL_R_BAD_RSA_MODULUS_LENGTH 121 -#define SSL_R_BAD_RSA_SIGNATURE 122 -#define SSL_R_BAD_SIGNATURE 123 -#define SSL_R_BAD_SSL_FILETYPE 124 -#define SSL_R_BAD_SSL_SESSION_ID_LENGTH 125 -#define SSL_R_BAD_STATE 126 -#define SSL_R_BAD_WRITE_RETRY 127 -#define SSL_R_BIO_NOT_SET 128 -#define SSL_R_BLOCK_CIPHER_PAD_IS_WRONG 129 -#define SSL_R_BN_LIB 130 -#define SSL_R_CA_DN_LENGTH_MISMATCH 131 -#define SSL_R_CA_DN_TOO_LONG 132 -#define SSL_R_CCS_RECEIVED_EARLY 133 -#define SSL_R_CERTIFICATE_VERIFY_FAILED 134 -#define SSL_R_CERT_LENGTH_MISMATCH 135 -#define SSL_R_CHALLENGE_IS_DIFFERENT 136 -#define SSL_R_CIPHER_CODE_WRONG_LENGTH 137 -#define SSL_R_CIPHER_OR_HASH_UNAVAILABLE 138 -#define SSL_R_CIPHER_TABLE_SRC_ERROR 139 -#define SSL_R_COMPRESSED_LENGTH_TOO_LONG 140 -#define SSL_R_COMPRESSION_FAILURE 141 -#define SSL_R_COMPRESSION_LIBRARY_ERROR 142 -#define SSL_R_CONNECTION_ID_IS_DIFFERENT 143 -#define SSL_R_CONNECTION_TYPE_NOT_SET 144 -#define SSL_R_DATA_BETWEEN_CCS_AND_FINISHED 145 -#define SSL_R_DATA_LENGTH_TOO_LONG 146 -#define SSL_R_DECRYPTION_FAILED 147 -#define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG 148 -#define SSL_R_DIGEST_CHECK_FAILED 149 -#define SSL_R_ENCRYPTED_LENGTH_TOO_LONG 150 -#define SSL_R_ERROR_GENERATING_TMP_RSA_KEY 1092 -#define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST 151 -#define SSL_R_EXCESSIVE_MESSAGE_SIZE 152 -#define SSL_R_EXTRA_DATA_IN_MESSAGE 153 -#define SSL_R_GOT_A_FIN_BEFORE_A_CCS 154 -#define SSL_R_HTTPS_PROXY_REQUEST 155 -#define SSL_R_HTTP_REQUEST 156 -#define SSL_R_INTERNAL_ERROR 157 -#define SSL_R_INVALID_CHALLENGE_LENGTH 158 -#define SSL_R_INVALID_COMMAND 280 -#define SSL_R_INVALID_PURPOSE 278 -#define SSL_R_INVALID_TRUST 279 -#define SSL_R_LENGTH_MISMATCH 159 -#define SSL_R_LENGTH_TOO_SHORT 160 -#define SSL_R_LIBRARY_BUG 274 -#define SSL_R_LIBRARY_HAS_NO_CIPHERS 161 -#define SSL_R_MISSING_DH_DSA_CERT 162 -#define SSL_R_MISSING_DH_KEY 163 -#define SSL_R_MISSING_DH_RSA_CERT 164 -#define SSL_R_MISSING_DSA_SIGNING_CERT 165 -#define SSL_R_MISSING_EXPORT_TMP_DH_KEY 166 -#define SSL_R_MISSING_EXPORT_TMP_RSA_KEY 167 -#define SSL_R_MISSING_RSA_CERTIFICATE 168 -#define SSL_R_MISSING_RSA_ENCRYPTING_CERT 169 -#define SSL_R_MISSING_RSA_SIGNING_CERT 170 -#define SSL_R_MISSING_TMP_DH_KEY 171 -#define SSL_R_MISSING_TMP_RSA_KEY 172 -#define SSL_R_MISSING_TMP_RSA_PKEY 173 -#define SSL_R_MISSING_VERIFY_MESSAGE 174 -#define SSL_R_NON_SSLV2_INITIAL_PACKET 175 -#define SSL_R_NO_CERTIFICATES_RETURNED 176 -#define SSL_R_NO_CERTIFICATE_ASSIGNED 177 -#define SSL_R_NO_CERTIFICATE_RETURNED 178 -#define SSL_R_NO_CERTIFICATE_SET 179 -#define SSL_R_NO_CERTIFICATE_SPECIFIED 180 -#define SSL_R_NO_CIPHERS_AVAILABLE 181 -#define SSL_R_NO_CIPHERS_PASSED 182 -#define SSL_R_NO_CIPHERS_SPECIFIED 183 -#define SSL_R_NO_CIPHER_LIST 184 -#define SSL_R_NO_CIPHER_MATCH 185 -#define SSL_R_NO_CLIENT_CERT_RECEIVED 186 -#define SSL_R_NO_COMPRESSION_SPECIFIED 187 -#define SSL_R_NO_METHOD_SPECIFIED 188 -#define SSL_R_NO_PRIVATEKEY 189 -#define SSL_R_NO_PRIVATE_KEY_ASSIGNED 190 -#define SSL_R_NO_PROTOCOLS_AVAILABLE 191 -#define SSL_R_NO_PUBLICKEY 192 -#define SSL_R_NO_SHARED_CIPHER 193 -#define SSL_R_NO_VERIFY_CALLBACK 194 -#define SSL_R_NULL_SSL_CTX 195 -#define SSL_R_NULL_SSL_METHOD_PASSED 196 -#define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED 197 -#define SSL_R_PACKET_LENGTH_TOO_LONG 198 -#define SSL_R_PATH_TOO_LONG 270 -#define SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE 199 -#define SSL_R_PEER_ERROR 200 -#define SSL_R_PEER_ERROR_CERTIFICATE 201 -#define SSL_R_PEER_ERROR_NO_CERTIFICATE 202 -#define SSL_R_PEER_ERROR_NO_CIPHER 203 -#define SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 204 -#define SSL_R_PRE_MAC_LENGTH_TOO_LONG 205 -#define SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS 206 -#define SSL_R_PROTOCOL_IS_SHUTDOWN 207 -#define SSL_R_PUBLIC_KEY_ENCRYPT_ERROR 208 -#define SSL_R_PUBLIC_KEY_IS_NOT_RSA 209 -#define SSL_R_PUBLIC_KEY_NOT_RSA 210 -#define SSL_R_READ_BIO_NOT_SET 211 -#define SSL_R_READ_WRONG_PACKET_TYPE 212 -#define SSL_R_RECORD_LENGTH_MISMATCH 213 -#define SSL_R_RECORD_TOO_LARGE 214 -#define SSL_R_RECORD_TOO_SMALL 1093 -#define SSL_R_REQUIRED_CIPHER_MISSING 215 -#define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO 216 -#define SSL_R_REUSE_CERT_TYPE_NOT_ZERO 217 -#define SSL_R_REUSE_CIPHER_LIST_NOT_ZERO 218 -#define SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED 277 -#define SSL_R_SHORT_READ 219 -#define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 220 -#define SSL_R_SSL23_DOING_SESSION_ID_REUSE 221 -#define SSL_R_SSL3_SESSION_ID_TOO_SHORT 222 -#define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE 1042 -#define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC 1020 -#define SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED 1045 -#define SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED 1044 -#define SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN 1046 -#define SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE 1030 -#define SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE 1040 -#define SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER 1047 -#define SSL_R_SSLV3_ALERT_NO_CERTIFICATE 1041 -#define SSL_R_SSLV3_ALERT_PEER_ERROR_CERTIFICATE 223 -#define SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CERTIFICATE 224 -#define SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CIPHER 225 -#define SSL_R_SSLV3_ALERT_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 226 -#define SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE 1010 -#define SSL_R_SSLV3_ALERT_UNKNOWN_REMOTE_ERROR_TYPE 227 -#define SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE 1043 -#define SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION 228 -#define SSL_R_SSL_HANDSHAKE_FAILURE 229 -#define SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS 230 -#define SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG 273 -#define SSL_R_SSL_SESSION_ID_IS_DIFFERENT 231 -#define SSL_R_TLSV1_ALERT_ACCESS_DENIED 1049 -#define SSL_R_TLSV1_ALERT_DECODE_ERROR 1050 -#define SSL_R_TLSV1_ALERT_DECRYPTION_FAILED 1021 -#define SSL_R_TLSV1_ALERT_DECRYPT_ERROR 1051 -#define SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION 1060 -#define SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY 1071 -#define SSL_R_TLSV1_ALERT_INTERNAL_ERROR 1080 -#define SSL_R_TLSV1_ALERT_NO_RENEGOTIATION 1100 -#define SSL_R_TLSV1_ALERT_PROTOCOL_VERSION 1070 -#define SSL_R_TLSV1_ALERT_RECORD_OVERFLOW 1022 -#define SSL_R_TLSV1_ALERT_UNKNOWN_CA 1048 -#define SSL_R_TLSV1_ALERT_USER_CANCELLED 1090 -#define SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER 232 -#define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 233 -#define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG 234 -#define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER 235 -#define SSL_R_UNABLE_TO_DECODE_DH_CERTS 236 -#define SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY 237 -#define SSL_R_UNABLE_TO_FIND_DH_PARAMETERS 238 -#define SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS 239 -#define SSL_R_UNABLE_TO_FIND_SSL_METHOD 240 -#define SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES 241 -#define SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES 242 -#define SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES 243 -#define SSL_R_UNEXPECTED_MESSAGE 244 -#define SSL_R_UNEXPECTED_RECORD 245 -#define SSL_R_UNINITIALIZED 276 -#define SSL_R_UNKNOWN_ALERT_TYPE 246 -#define SSL_R_UNKNOWN_CERTIFICATE_TYPE 247 -#define SSL_R_UNKNOWN_CIPHER_RETURNED 248 -#define SSL_R_UNKNOWN_CIPHER_TYPE 249 -#define SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE 250 -#define SSL_R_UNKNOWN_PKEY_TYPE 251 -#define SSL_R_UNKNOWN_PROTOCOL 252 -#define SSL_R_UNKNOWN_REMOTE_ERROR_TYPE 253 -#define SSL_R_UNKNOWN_SSL_VERSION 254 -#define SSL_R_UNKNOWN_STATE 255 -#define SSL_R_UNSUPPORTED_CIPHER 256 -#define SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM 257 -#define SSL_R_UNSUPPORTED_OPTION 1091 -#define SSL_R_UNSUPPORTED_PROTOCOL 258 -#define SSL_R_UNSUPPORTED_SSL_VERSION 259 -#define SSL_R_WRITE_BIO_NOT_SET 260 -#define SSL_R_WRONG_CIPHER_RETURNED 261 -#define SSL_R_WRONG_MESSAGE_TYPE 262 -#define SSL_R_WRONG_NUMBER_OF_KEY_BITS 263 -#define SSL_R_WRONG_SIGNATURE_LENGTH 264 -#define SSL_R_WRONG_SIGNATURE_SIZE 265 -#define SSL_R_WRONG_SSL_VERSION 266 -#define SSL_R_WRONG_VERSION_NUMBER 267 -#define SSL_R_X509_LIB 268 -#define SSL_R_X509_VERIFICATION_SETUP_PROBLEMS 269 - -#ifdef __cplusplus -} -#endif -#endif - diff --git a/src/lib/libssl/ssl2.h b/src/lib/libssl/ssl2.h deleted file mode 100644 index df7d03c18f..0000000000 --- a/src/lib/libssl/ssl2.h +++ /dev/null @@ -1,269 +0,0 @@ -/* ssl/ssl2.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_SSL2_H -#define HEADER_SSL2_H - -#ifdef __cplusplus -extern "C" { -#endif - -/* Protocol Version Codes */ -#define SSL2_VERSION 0x0002 -#define SSL2_VERSION_MAJOR 0x00 -#define SSL2_VERSION_MINOR 0x02 -/* #define SSL2_CLIENT_VERSION 0x0002 */ -/* #define SSL2_SERVER_VERSION 0x0002 */ - -/* Protocol Message Codes */ -#define SSL2_MT_ERROR 0 -#define SSL2_MT_CLIENT_HELLO 1 -#define SSL2_MT_CLIENT_MASTER_KEY 2 -#define SSL2_MT_CLIENT_FINISHED 3 -#define SSL2_MT_SERVER_HELLO 4 -#define SSL2_MT_SERVER_VERIFY 5 -#define SSL2_MT_SERVER_FINISHED 6 -#define SSL2_MT_REQUEST_CERTIFICATE 7 -#define SSL2_MT_CLIENT_CERTIFICATE 8 - -/* Error Message Codes */ -#define SSL2_PE_UNDEFINED_ERROR 0x0000 -#define SSL2_PE_NO_CIPHER 0x0001 -#define SSL2_PE_NO_CERTIFICATE 0x0002 -#define SSL2_PE_BAD_CERTIFICATE 0x0004 -#define SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE 0x0006 - -/* Cipher Kind Values */ -#define SSL2_CK_NULL_WITH_MD5 0x02000000 /* v3 */ -#define SSL2_CK_RC4_128_WITH_MD5 0x02010080 -#define SSL2_CK_RC4_128_EXPORT40_WITH_MD5 0x02020080 -#define SSL2_CK_RC2_128_CBC_WITH_MD5 0x02030080 -#define SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5 0x02040080 -#define SSL2_CK_IDEA_128_CBC_WITH_MD5 0x02050080 -#define SSL2_CK_DES_64_CBC_WITH_MD5 0x02060040 -#define SSL2_CK_DES_64_CBC_WITH_SHA 0x02060140 /* v3 */ -#define SSL2_CK_DES_192_EDE3_CBC_WITH_MD5 0x020700c0 -#define SSL2_CK_DES_192_EDE3_CBC_WITH_SHA 0x020701c0 /* v3 */ -#define SSL2_CK_RC4_64_WITH_MD5 0x02080080 /* MS hack */ - -#define SSL2_CK_DES_64_CFB64_WITH_MD5_1 0x02ff0800 /* SSLeay */ -#define SSL2_CK_NULL 0x02ff0810 /* SSLeay */ - -#define SSL2_TXT_DES_64_CFB64_WITH_MD5_1 "DES-CFB-M1" -#define SSL2_TXT_NULL_WITH_MD5 "NULL-MD5" -#define SSL2_TXT_RC4_128_WITH_MD5 "RC4-MD5" -#define SSL2_TXT_RC4_128_EXPORT40_WITH_MD5 "EXP-RC4-MD5" -#define SSL2_TXT_RC2_128_CBC_WITH_MD5 "RC2-CBC-MD5" -#define SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5 "EXP-RC2-CBC-MD5" -#define SSL2_TXT_IDEA_128_CBC_WITH_MD5 "IDEA-CBC-MD5" -#define SSL2_TXT_DES_64_CBC_WITH_MD5 "DES-CBC-MD5" -#define SSL2_TXT_DES_64_CBC_WITH_SHA "DES-CBC-SHA" -#define SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5 "DES-CBC3-MD5" -#define SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA "DES-CBC3-SHA" -#define SSL2_TXT_RC4_64_WITH_MD5 "RC4-64-MD5" - -#define SSL2_TXT_NULL "NULL" - -/* Flags for the SSL_CIPHER.algorithm2 field */ -#define SSL2_CF_5_BYTE_ENC 0x01 -#define SSL2_CF_8_BYTE_ENC 0x02 - -/* Certificate Type Codes */ -#define SSL2_CT_X509_CERTIFICATE 0x01 - -/* Authentication Type Code */ -#define SSL2_AT_MD5_WITH_RSA_ENCRYPTION 0x01 - -#define SSL2_MAX_SSL_SESSION_ID_LENGTH 32 - -/* Upper/Lower Bounds */ -#define SSL2_MAX_MASTER_KEY_LENGTH_IN_BITS 256 -#ifdef MPE -#define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER (unsigned int)29998 -#else -#define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER (unsigned int)32767 -#endif -#define SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER 16383 /**/ - -#define SSL2_CHALLENGE_LENGTH 16 -/*#define SSL2_CHALLENGE_LENGTH 32 */ -#define SSL2_MIN_CHALLENGE_LENGTH 16 -#define SSL2_MAX_CHALLENGE_LENGTH 32 -#define SSL2_CONNECTION_ID_LENGTH 16 -#define SSL2_MAX_CONNECTION_ID_LENGTH 16 -#define SSL2_SSL_SESSION_ID_LENGTH 16 -#define SSL2_MAX_CERT_CHALLENGE_LENGTH 32 -#define SSL2_MIN_CERT_CHALLENGE_LENGTH 16 -#define SSL2_MAX_KEY_MATERIAL_LENGTH 24 - -#ifndef HEADER_SSL_LOCL_H -#define CERT char -#endif - -typedef struct ssl2_state_st - { - int three_byte_header; - int clear_text; /* clear text */ - int escape; /* not used in SSLv2 */ - int ssl2_rollback; /* used if SSLv23 rolled back to SSLv2 */ - - /* non-blocking io info, used to make sure the same - * args were passwd */ - unsigned int wnum; /* number of bytes sent so far */ - int wpend_tot; - const unsigned char *wpend_buf; - - int wpend_off; /* offset to data to write */ - int wpend_len; /* number of bytes passwd to write */ - int wpend_ret; /* number of bytes to return to caller */ - - /* buffer raw data */ - int rbuf_left; - int rbuf_offs; - unsigned char *rbuf; - unsigned char *wbuf; - - unsigned char *write_ptr;/* used to point to the start due to - * 2/3 byte header. */ - - unsigned int padding; - unsigned int rlength; /* passed to ssl2_enc */ - int ract_data_length; /* Set when things are encrypted. */ - unsigned int wlength; /* passed to ssl2_enc */ - int wact_data_length; /* Set when things are decrypted. */ - unsigned char *ract_data; - unsigned char *wact_data; - unsigned char *mac_data; - unsigned char *pad_data; - - unsigned char *read_key; - unsigned char *write_key; - - /* Stuff specifically to do with this SSL session */ - unsigned int challenge_length; - unsigned char challenge[SSL2_MAX_CHALLENGE_LENGTH]; - unsigned int conn_id_length; - unsigned char conn_id[SSL2_MAX_CONNECTION_ID_LENGTH]; - unsigned int key_material_length; - unsigned char key_material[SSL2_MAX_KEY_MATERIAL_LENGTH*2]; - - unsigned long read_sequence; - unsigned long write_sequence; - - struct { - unsigned int conn_id_length; - unsigned int cert_type; - unsigned int cert_length; - int csl; - int clear; - unsigned int enc; - unsigned char ccl[SSL2_MAX_CERT_CHALLENGE_LENGTH]; - int cipher_spec_length; - unsigned int session_id_length; - unsigned int clen; - unsigned int rlen; - } tmp; - } SSL2_STATE; - -/* SSLv2 */ -/* client */ -#define SSL2_ST_SEND_CLIENT_HELLO_A (0x10|SSL_ST_CONNECT) -#define SSL2_ST_SEND_CLIENT_HELLO_B (0x11|SSL_ST_CONNECT) -#define SSL2_ST_GET_SERVER_HELLO_A (0x20|SSL_ST_CONNECT) -#define SSL2_ST_GET_SERVER_HELLO_B (0x21|SSL_ST_CONNECT) -#define SSL2_ST_SEND_CLIENT_MASTER_KEY_A (0x30|SSL_ST_CONNECT) -#define SSL2_ST_SEND_CLIENT_MASTER_KEY_B (0x31|SSL_ST_CONNECT) -#define SSL2_ST_SEND_CLIENT_FINISHED_A (0x40|SSL_ST_CONNECT) -#define SSL2_ST_SEND_CLIENT_FINISHED_B (0x41|SSL_ST_CONNECT) -#define SSL2_ST_SEND_CLIENT_CERTIFICATE_A (0x50|SSL_ST_CONNECT) -#define SSL2_ST_SEND_CLIENT_CERTIFICATE_B (0x51|SSL_ST_CONNECT) -#define SSL2_ST_SEND_CLIENT_CERTIFICATE_C (0x52|SSL_ST_CONNECT) -#define SSL2_ST_SEND_CLIENT_CERTIFICATE_D (0x53|SSL_ST_CONNECT) -#define SSL2_ST_GET_SERVER_VERIFY_A (0x60|SSL_ST_CONNECT) -#define SSL2_ST_GET_SERVER_VERIFY_B (0x61|SSL_ST_CONNECT) -#define SSL2_ST_GET_SERVER_FINISHED_A (0x70|SSL_ST_CONNECT) -#define SSL2_ST_GET_SERVER_FINISHED_B (0x71|SSL_ST_CONNECT) -#define SSL2_ST_CLIENT_START_ENCRYPTION (0x80|SSL_ST_CONNECT) -#define SSL2_ST_X509_GET_CLIENT_CERTIFICATE (0x90|SSL_ST_CONNECT) -/* server */ -#define SSL2_ST_GET_CLIENT_HELLO_A (0x10|SSL_ST_ACCEPT) -#define SSL2_ST_GET_CLIENT_HELLO_B (0x11|SSL_ST_ACCEPT) -#define SSL2_ST_GET_CLIENT_HELLO_C (0x12|SSL_ST_ACCEPT) -#define SSL2_ST_SEND_SERVER_HELLO_A (0x20|SSL_ST_ACCEPT) -#define SSL2_ST_SEND_SERVER_HELLO_B (0x21|SSL_ST_ACCEPT) -#define SSL2_ST_GET_CLIENT_MASTER_KEY_A (0x30|SSL_ST_ACCEPT) -#define SSL2_ST_GET_CLIENT_MASTER_KEY_B (0x31|SSL_ST_ACCEPT) -#define SSL2_ST_SEND_SERVER_VERIFY_A (0x40|SSL_ST_ACCEPT) -#define SSL2_ST_SEND_SERVER_VERIFY_B (0x41|SSL_ST_ACCEPT) -#define SSL2_ST_SEND_SERVER_VERIFY_C (0x42|SSL_ST_ACCEPT) -#define SSL2_ST_GET_CLIENT_FINISHED_A (0x50|SSL_ST_ACCEPT) -#define SSL2_ST_GET_CLIENT_FINISHED_B (0x51|SSL_ST_ACCEPT) -#define SSL2_ST_SEND_SERVER_FINISHED_A (0x60|SSL_ST_ACCEPT) -#define SSL2_ST_SEND_SERVER_FINISHED_B (0x61|SSL_ST_ACCEPT) -#define SSL2_ST_SEND_REQUEST_CERTIFICATE_A (0x70|SSL_ST_ACCEPT) -#define SSL2_ST_SEND_REQUEST_CERTIFICATE_B (0x71|SSL_ST_ACCEPT) -#define SSL2_ST_SEND_REQUEST_CERTIFICATE_C (0x72|SSL_ST_ACCEPT) -#define SSL2_ST_SEND_REQUEST_CERTIFICATE_D (0x73|SSL_ST_ACCEPT) -#define SSL2_ST_SERVER_START_ENCRYPTION (0x80|SSL_ST_ACCEPT) -#define SSL2_ST_X509_GET_SERVER_CERTIFICATE (0x90|SSL_ST_ACCEPT) - -#ifdef __cplusplus -} -#endif -#endif - diff --git a/src/lib/libssl/ssl23.h b/src/lib/libssl/ssl23.h deleted file mode 100644 index d3228983c7..0000000000 --- a/src/lib/libssl/ssl23.h +++ /dev/null @@ -1,83 +0,0 @@ -/* ssl/ssl23.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_SSL23_H -#define HEADER_SSL23_H - -#ifdef __cplusplus -extern "C" { -#endif - -/*client */ -/* write to server */ -#define SSL23_ST_CW_CLNT_HELLO_A (0x210|SSL_ST_CONNECT) -#define SSL23_ST_CW_CLNT_HELLO_B (0x211|SSL_ST_CONNECT) -/* read from server */ -#define SSL23_ST_CR_SRVR_HELLO_A (0x220|SSL_ST_CONNECT) -#define SSL23_ST_CR_SRVR_HELLO_B (0x221|SSL_ST_CONNECT) - -/* server */ -/* read from client */ -#define SSL23_ST_SR_CLNT_HELLO_A (0x210|SSL_ST_ACCEPT) -#define SSL23_ST_SR_CLNT_HELLO_B (0x211|SSL_ST_ACCEPT) - -#ifdef __cplusplus -} -#endif -#endif - diff --git a/src/lib/libssl/ssl3.h b/src/lib/libssl/ssl3.h deleted file mode 100644 index 7ee1feaa67..0000000000 --- a/src/lib/libssl/ssl3.h +++ /dev/null @@ -1,429 +0,0 @@ -/* ssl/ssl3.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_SSL3_H -#define HEADER_SSL3_H - -#ifndef NO_COMP -#include -#endif -#include -#include -#include - -#ifdef __cplusplus -extern "C" { -#endif - -#define SSL3_CK_RSA_NULL_MD5 0x03000001 -#define SSL3_CK_RSA_NULL_SHA 0x03000002 -#define SSL3_CK_RSA_RC4_40_MD5 0x03000003 -#define SSL3_CK_RSA_RC4_128_MD5 0x03000004 -#define SSL3_CK_RSA_RC4_128_SHA 0x03000005 -#define SSL3_CK_RSA_RC2_40_MD5 0x03000006 -#define SSL3_CK_RSA_IDEA_128_SHA 0x03000007 -#define SSL3_CK_RSA_DES_40_CBC_SHA 0x03000008 -#define SSL3_CK_RSA_DES_64_CBC_SHA 0x03000009 -#define SSL3_CK_RSA_DES_192_CBC3_SHA 0x0300000A - -#define SSL3_CK_DH_DSS_DES_40_CBC_SHA 0x0300000B -#define SSL3_CK_DH_DSS_DES_64_CBC_SHA 0x0300000C -#define SSL3_CK_DH_DSS_DES_192_CBC3_SHA 0x0300000D -#define SSL3_CK_DH_RSA_DES_40_CBC_SHA 0x0300000E -#define SSL3_CK_DH_RSA_DES_64_CBC_SHA 0x0300000F -#define SSL3_CK_DH_RSA_DES_192_CBC3_SHA 0x03000010 - -#define SSL3_CK_EDH_DSS_DES_40_CBC_SHA 0x03000011 -#define SSL3_CK_EDH_DSS_DES_64_CBC_SHA 0x03000012 -#define SSL3_CK_EDH_DSS_DES_192_CBC3_SHA 0x03000013 -#define SSL3_CK_EDH_RSA_DES_40_CBC_SHA 0x03000014 -#define SSL3_CK_EDH_RSA_DES_64_CBC_SHA 0x03000015 -#define SSL3_CK_EDH_RSA_DES_192_CBC3_SHA 0x03000016 - -#define SSL3_CK_ADH_RC4_40_MD5 0x03000017 -#define SSL3_CK_ADH_RC4_128_MD5 0x03000018 -#define SSL3_CK_ADH_DES_40_CBC_SHA 0x03000019 -#define SSL3_CK_ADH_DES_64_CBC_SHA 0x0300001A -#define SSL3_CK_ADH_DES_192_CBC_SHA 0x0300001B - -#define SSL3_CK_FZA_DMS_NULL_SHA 0x0300001C -#define SSL3_CK_FZA_DMS_FZA_SHA 0x0300001D -#define SSL3_CK_FZA_DMS_RC4_SHA 0x0300001E - -#define SSL3_TXT_RSA_NULL_MD5 "NULL-MD5" -#define SSL3_TXT_RSA_NULL_SHA "NULL-SHA" -#define SSL3_TXT_RSA_RC4_40_MD5 "EXP-RC4-MD5" -#define SSL3_TXT_RSA_RC4_128_MD5 "RC4-MD5" -#define SSL3_TXT_RSA_RC4_128_SHA "RC4-SHA" -#define SSL3_TXT_RSA_RC2_40_MD5 "EXP-RC2-CBC-MD5" -#define SSL3_TXT_RSA_IDEA_128_SHA "IDEA-CBC-SHA" -#define SSL3_TXT_RSA_DES_40_CBC_SHA "EXP-DES-CBC-SHA" -#define SSL3_TXT_RSA_DES_64_CBC_SHA "DES-CBC-SHA" -#define SSL3_TXT_RSA_DES_192_CBC3_SHA "DES-CBC3-SHA" - -#define SSL3_TXT_DH_DSS_DES_40_CBC_SHA "EXP-DH-DSS-DES-CBC-SHA" -#define SSL3_TXT_DH_DSS_DES_64_CBC_SHA "DH-DSS-DES-CBC-SHA" -#define SSL3_TXT_DH_DSS_DES_192_CBC3_SHA "DH-DSS-DES-CBC3-SHA" -#define SSL3_TXT_DH_RSA_DES_40_CBC_SHA "EXP-DH-RSA-DES-CBC-SHA" -#define SSL3_TXT_DH_RSA_DES_64_CBC_SHA "DH-RSA-DES-CBC-SHA" -#define SSL3_TXT_DH_RSA_DES_192_CBC3_SHA "DH-RSA-DES-CBC3-SHA" - -#define SSL3_TXT_EDH_DSS_DES_40_CBC_SHA "EXP-EDH-DSS-DES-CBC-SHA" -#define SSL3_TXT_EDH_DSS_DES_64_CBC_SHA "EDH-DSS-DES-CBC-SHA" -#define SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA "EDH-DSS-DES-CBC3-SHA" -#define SSL3_TXT_EDH_RSA_DES_40_CBC_SHA "EXP-EDH-RSA-DES-CBC-SHA" -#define SSL3_TXT_EDH_RSA_DES_64_CBC_SHA "EDH-RSA-DES-CBC-SHA" -#define SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA "EDH-RSA-DES-CBC3-SHA" - -#define SSL3_TXT_ADH_RC4_40_MD5 "EXP-ADH-RC4-MD5" -#define SSL3_TXT_ADH_RC4_128_MD5 "ADH-RC4-MD5" -#define SSL3_TXT_ADH_DES_40_CBC_SHA "EXP-ADH-DES-CBC-SHA" -#define SSL3_TXT_ADH_DES_64_CBC_SHA "ADH-DES-CBC-SHA" -#define SSL3_TXT_ADH_DES_192_CBC_SHA "ADH-DES-CBC3-SHA" - -#define SSL3_TXT_FZA_DMS_NULL_SHA "FZA-NULL-SHA" -#define SSL3_TXT_FZA_DMS_FZA_SHA "FZA-FZA-CBC-SHA" -#define SSL3_TXT_FZA_DMS_RC4_SHA "FZA-RC4-SHA" - -#define SSL3_SSL_SESSION_ID_LENGTH 32 -#define SSL3_MAX_SSL_SESSION_ID_LENGTH 32 - -#define SSL3_MASTER_SECRET_SIZE 48 -#define SSL3_RANDOM_SIZE 32 -#define SSL3_SESSION_ID_SIZE 32 -#define SSL3_RT_HEADER_LENGTH 5 - -/* Due to MS stuffing up, this can change.... */ -#if defined(WIN16) || (defined(MSDOS) && !defined(WIN32)) -#define SSL3_RT_MAX_EXTRA (14000) -#else -#define SSL3_RT_MAX_EXTRA (16384) -#endif - -#define SSL3_RT_MAX_PLAIN_LENGTH 16384 -#define SSL3_RT_MAX_COMPRESSED_LENGTH (1024+SSL3_RT_MAX_PLAIN_LENGTH) -#define SSL3_RT_MAX_ENCRYPTED_LENGTH (1024+SSL3_RT_MAX_COMPRESSED_LENGTH) -#define SSL3_RT_MAX_PACKET_SIZE (SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH) -#define SSL3_RT_MAX_DATA_SIZE (1024*1024) - -#define SSL3_MD_CLIENT_FINISHED_CONST "\x43\x4C\x4E\x54" -#define SSL3_MD_SERVER_FINISHED_CONST "\x53\x52\x56\x52" - -#define SSL3_VERSION 0x0300 -#define SSL3_VERSION_MAJOR 0x03 -#define SSL3_VERSION_MINOR 0x00 - -#define SSL3_RT_CHANGE_CIPHER_SPEC 20 -#define SSL3_RT_ALERT 21 -#define SSL3_RT_HANDSHAKE 22 -#define SSL3_RT_APPLICATION_DATA 23 - -#define SSL3_AL_WARNING 1 -#define SSL3_AL_FATAL 2 - -#define SSL3_AD_CLOSE_NOTIFY 0 -#define SSL3_AD_UNEXPECTED_MESSAGE 10 /* fatal */ -#define SSL3_AD_BAD_RECORD_MAC 20 /* fatal */ -#define SSL3_AD_DECOMPRESSION_FAILURE 30 /* fatal */ -#define SSL3_AD_HANDSHAKE_FAILURE 40 /* fatal */ -#define SSL3_AD_NO_CERTIFICATE 41 -#define SSL3_AD_BAD_CERTIFICATE 42 -#define SSL3_AD_UNSUPPORTED_CERTIFICATE 43 -#define SSL3_AD_CERTIFICATE_REVOKED 44 -#define SSL3_AD_CERTIFICATE_EXPIRED 45 -#define SSL3_AD_CERTIFICATE_UNKNOWN 46 -#define SSL3_AD_ILLEGAL_PARAMETER 47 /* fatal */ - -typedef struct ssl3_record_st - { -/*r */ int type; /* type of record */ -/*rw*/ unsigned int length; /* How many bytes available */ -/*r */ unsigned int off; /* read/write offset into 'buf' */ -/*rw*/ unsigned char *data; /* pointer to the record data */ -/*rw*/ unsigned char *input; /* where the decode bytes are */ -/*r */ unsigned char *comp; /* only used with decompression - malloc()ed */ - } SSL3_RECORD; - -typedef struct ssl3_buffer_st - { - unsigned char *buf; /* SSL3_RT_MAX_PACKET_SIZE bytes (more if - * SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER is set) */ - int offset; /* where to 'copy from' */ - int left; /* how many bytes left */ - } SSL3_BUFFER; - -#define SSL3_CT_RSA_SIGN 1 -#define SSL3_CT_DSS_SIGN 2 -#define SSL3_CT_RSA_FIXED_DH 3 -#define SSL3_CT_DSS_FIXED_DH 4 -#define SSL3_CT_RSA_EPHEMERAL_DH 5 -#define SSL3_CT_DSS_EPHEMERAL_DH 6 -#define SSL3_CT_FORTEZZA_DMS 20 -#define SSL3_CT_NUMBER 7 - -#define SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS 0x0001 -#define SSL3_FLAGS_DELAY_CLIENT_FINISHED 0x0002 -#define SSL3_FLAGS_POP_BUFFER 0x0004 -#define TLS1_FLAGS_TLS_PADDING_BUG 0x0008 - -typedef struct ssl3_state_st - { - long flags; - int delay_buf_pop_ret; - - unsigned char read_sequence[8]; - unsigned char read_mac_secret[EVP_MAX_MD_SIZE]; - unsigned char write_sequence[8]; - unsigned char write_mac_secret[EVP_MAX_MD_SIZE]; - - unsigned char server_random[SSL3_RANDOM_SIZE]; - unsigned char client_random[SSL3_RANDOM_SIZE]; - - SSL3_BUFFER rbuf; /* read IO goes into here */ - SSL3_BUFFER wbuf; /* write IO goes into here */ - - SSL3_RECORD rrec; /* each decoded record goes in here */ - SSL3_RECORD wrec; /* goes out from here */ - - /* storage for Alert/Handshake protocol data received but not - * yet processed by ssl3_read_bytes: */ - unsigned char alert_fragment[2]; - unsigned int alert_fragment_len; - unsigned char handshake_fragment[4]; - unsigned int handshake_fragment_len; - - /* partial write - check the numbers match */ - unsigned int wnum; /* number of bytes sent so far */ - int wpend_tot; /* number bytes written */ - int wpend_type; - int wpend_ret; /* number of bytes submitted */ - const unsigned char *wpend_buf; - - /* used during startup, digest all incoming/outgoing packets */ - EVP_MD_CTX finish_dgst1; - EVP_MD_CTX finish_dgst2; - - /* this is set whenerver we see a change_cipher_spec message - * come in when we are not looking for one */ - int change_cipher_spec; - - int warn_alert; - int fatal_alert; - /* we allow one fatal and one warning alert to be outstanding, - * send close alert via the warning alert */ - int alert_dispatch; - unsigned char send_alert[2]; - - /* This flag is set when we should renegotiate ASAP, basically when - * there is no more data in the read or write buffers */ - int renegotiate; - int total_renegotiations; - int num_renegotiations; - - int in_read_app_data; - - struct { - /* actually only needs to be 16+20 */ - unsigned char cert_verify_md[EVP_MAX_MD_SIZE*2]; - - /* actually only need to be 16+20 for SSLv3 and 12 for TLS */ - unsigned char finish_md[EVP_MAX_MD_SIZE*2]; - int finish_md_len; - unsigned char peer_finish_md[EVP_MAX_MD_SIZE*2]; - int peer_finish_md_len; - - unsigned long message_size; - int message_type; - - /* used to hold the new cipher we are going to use */ - SSL_CIPHER *new_cipher; -#ifndef NO_DH - DH *dh; -#endif - /* used when SSL_ST_FLUSH_DATA is entered */ - int next_state; - - int reuse_message; - - /* used for certificate requests */ - int cert_req; - int ctype_num; - char ctype[SSL3_CT_NUMBER]; - STACK_OF(X509_NAME) *ca_names; - - int use_rsa_tmp; - - int key_block_length; - unsigned char *key_block; - - const EVP_CIPHER *new_sym_enc; - const EVP_MD *new_hash; -#ifndef NO_COMP - const SSL_COMP *new_compression; -#else - char *new_compression; -#endif - int cert_request; - } tmp; - - } SSL3_STATE; - -/* SSLv3 */ -/*client */ -/* extra state */ -#define SSL3_ST_CW_FLUSH (0x100|SSL_ST_CONNECT) -/* write to server */ -#define SSL3_ST_CW_CLNT_HELLO_A (0x110|SSL_ST_CONNECT) -#define SSL3_ST_CW_CLNT_HELLO_B (0x111|SSL_ST_CONNECT) -/* read from server */ -#define SSL3_ST_CR_SRVR_HELLO_A (0x120|SSL_ST_CONNECT) -#define SSL3_ST_CR_SRVR_HELLO_B (0x121|SSL_ST_CONNECT) -#define SSL3_ST_CR_CERT_A (0x130|SSL_ST_CONNECT) -#define SSL3_ST_CR_CERT_B (0x131|SSL_ST_CONNECT) -#define SSL3_ST_CR_KEY_EXCH_A (0x140|SSL_ST_CONNECT) -#define SSL3_ST_CR_KEY_EXCH_B (0x141|SSL_ST_CONNECT) -#define SSL3_ST_CR_CERT_REQ_A (0x150|SSL_ST_CONNECT) -#define SSL3_ST_CR_CERT_REQ_B (0x151|SSL_ST_CONNECT) -#define SSL3_ST_CR_SRVR_DONE_A (0x160|SSL_ST_CONNECT) -#define SSL3_ST_CR_SRVR_DONE_B (0x161|SSL_ST_CONNECT) -/* write to server */ -#define SSL3_ST_CW_CERT_A (0x170|SSL_ST_CONNECT) -#define SSL3_ST_CW_CERT_B (0x171|SSL_ST_CONNECT) -#define SSL3_ST_CW_CERT_C (0x172|SSL_ST_CONNECT) -#define SSL3_ST_CW_CERT_D (0x173|SSL_ST_CONNECT) -#define SSL3_ST_CW_KEY_EXCH_A (0x180|SSL_ST_CONNECT) -#define SSL3_ST_CW_KEY_EXCH_B (0x181|SSL_ST_CONNECT) -#define SSL3_ST_CW_CERT_VRFY_A (0x190|SSL_ST_CONNECT) -#define SSL3_ST_CW_CERT_VRFY_B (0x191|SSL_ST_CONNECT) -#define SSL3_ST_CW_CHANGE_A (0x1A0|SSL_ST_CONNECT) -#define SSL3_ST_CW_CHANGE_B (0x1A1|SSL_ST_CONNECT) -#define SSL3_ST_CW_FINISHED_A (0x1B0|SSL_ST_CONNECT) -#define SSL3_ST_CW_FINISHED_B (0x1B1|SSL_ST_CONNECT) -/* read from server */ -#define SSL3_ST_CR_CHANGE_A (0x1C0|SSL_ST_CONNECT) -#define SSL3_ST_CR_CHANGE_B (0x1C1|SSL_ST_CONNECT) -#define SSL3_ST_CR_FINISHED_A (0x1D0|SSL_ST_CONNECT) -#define SSL3_ST_CR_FINISHED_B (0x1D1|SSL_ST_CONNECT) - -/* server */ -/* extra state */ -#define SSL3_ST_SW_FLUSH (0x100|SSL_ST_ACCEPT) -/* read from client */ -/* Do not change the number values, they do matter */ -#define SSL3_ST_SR_CLNT_HELLO_A (0x110|SSL_ST_ACCEPT) -#define SSL3_ST_SR_CLNT_HELLO_B (0x111|SSL_ST_ACCEPT) -#define SSL3_ST_SR_CLNT_HELLO_C (0x112|SSL_ST_ACCEPT) -/* write to client */ -#define SSL3_ST_SW_HELLO_REQ_A (0x120|SSL_ST_ACCEPT) -#define SSL3_ST_SW_HELLO_REQ_B (0x121|SSL_ST_ACCEPT) -#define SSL3_ST_SW_HELLO_REQ_C (0x122|SSL_ST_ACCEPT) -#define SSL3_ST_SW_SRVR_HELLO_A (0x130|SSL_ST_ACCEPT) -#define SSL3_ST_SW_SRVR_HELLO_B (0x131|SSL_ST_ACCEPT) -#define SSL3_ST_SW_CERT_A (0x140|SSL_ST_ACCEPT) -#define SSL3_ST_SW_CERT_B (0x141|SSL_ST_ACCEPT) -#define SSL3_ST_SW_KEY_EXCH_A (0x150|SSL_ST_ACCEPT) -#define SSL3_ST_SW_KEY_EXCH_B (0x151|SSL_ST_ACCEPT) -#define SSL3_ST_SW_CERT_REQ_A (0x160|SSL_ST_ACCEPT) -#define SSL3_ST_SW_CERT_REQ_B (0x161|SSL_ST_ACCEPT) -#define SSL3_ST_SW_SRVR_DONE_A (0x170|SSL_ST_ACCEPT) -#define SSL3_ST_SW_SRVR_DONE_B (0x171|SSL_ST_ACCEPT) -/* read from client */ -#define SSL3_ST_SR_CERT_A (0x180|SSL_ST_ACCEPT) -#define SSL3_ST_SR_CERT_B (0x181|SSL_ST_ACCEPT) -#define SSL3_ST_SR_KEY_EXCH_A (0x190|SSL_ST_ACCEPT) -#define SSL3_ST_SR_KEY_EXCH_B (0x191|SSL_ST_ACCEPT) -#define SSL3_ST_SR_CERT_VRFY_A (0x1A0|SSL_ST_ACCEPT) -#define SSL3_ST_SR_CERT_VRFY_B (0x1A1|SSL_ST_ACCEPT) -#define SSL3_ST_SR_CHANGE_A (0x1B0|SSL_ST_ACCEPT) -#define SSL3_ST_SR_CHANGE_B (0x1B1|SSL_ST_ACCEPT) -#define SSL3_ST_SR_FINISHED_A (0x1C0|SSL_ST_ACCEPT) -#define SSL3_ST_SR_FINISHED_B (0x1C1|SSL_ST_ACCEPT) -/* write to client */ -#define SSL3_ST_SW_CHANGE_A (0x1D0|SSL_ST_ACCEPT) -#define SSL3_ST_SW_CHANGE_B (0x1D1|SSL_ST_ACCEPT) -#define SSL3_ST_SW_FINISHED_A (0x1E0|SSL_ST_ACCEPT) -#define SSL3_ST_SW_FINISHED_B (0x1E1|SSL_ST_ACCEPT) - -#define SSL3_MT_HELLO_REQUEST 0 -#define SSL3_MT_CLIENT_HELLO 1 -#define SSL3_MT_SERVER_HELLO 2 -#define SSL3_MT_CERTIFICATE 11 -#define SSL3_MT_SERVER_KEY_EXCHANGE 12 -#define SSL3_MT_CERTIFICATE_REQUEST 13 -#define SSL3_MT_SERVER_DONE 14 -#define SSL3_MT_CERTIFICATE_VERIFY 15 -#define SSL3_MT_CLIENT_KEY_EXCHANGE 16 -#define SSL3_MT_FINISHED 20 - -#define SSL3_MT_CCS 1 - -/* These are used when changing over to a new cipher */ -#define SSL3_CC_READ 0x01 -#define SSL3_CC_WRITE 0x02 -#define SSL3_CC_CLIENT 0x10 -#define SSL3_CC_SERVER 0x20 -#define SSL3_CHANGE_CIPHER_CLIENT_WRITE (SSL3_CC_CLIENT|SSL3_CC_WRITE) -#define SSL3_CHANGE_CIPHER_SERVER_READ (SSL3_CC_SERVER|SSL3_CC_READ) -#define SSL3_CHANGE_CIPHER_CLIENT_READ (SSL3_CC_CLIENT|SSL3_CC_READ) -#define SSL3_CHANGE_CIPHER_SERVER_WRITE (SSL3_CC_SERVER|SSL3_CC_WRITE) - -#ifdef __cplusplus -} -#endif -#endif - diff --git a/src/lib/libssl/ssl_algs.c b/src/lib/libssl/ssl_algs.c deleted file mode 100644 index a91ee6d22e..0000000000 --- a/src/lib/libssl/ssl_algs.c +++ /dev/null @@ -1,103 +0,0 @@ -/* ssl/ssl_algs.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include "ssl_locl.h" - -int SSL_library_init(void) - { -#ifndef NO_DES - EVP_add_cipher(EVP_des_cbc()); - EVP_add_cipher(EVP_des_ede3_cbc()); -#endif -#ifndef NO_IDEA - EVP_add_cipher(EVP_idea_cbc()); -#endif -#ifndef NO_RC4 - EVP_add_cipher(EVP_rc4()); -#endif -#ifndef NO_RC2 - EVP_add_cipher(EVP_rc2_cbc()); -#endif - -#ifndef NO_MD2 - EVP_add_digest(EVP_md2()); -#endif -#ifndef NO_MD5 - EVP_add_digest(EVP_md5()); - EVP_add_digest_alias(SN_md5,"ssl2-md5"); - EVP_add_digest_alias(SN_md5,"ssl3-md5"); -#endif -#ifndef NO_SHA - EVP_add_digest(EVP_sha1()); /* RSA with sha1 */ - EVP_add_digest_alias(SN_sha1,"ssl3-sha1"); -#endif -#if !defined(NO_SHA) && !defined(NO_DSA) - EVP_add_digest(EVP_dss1()); /* DSA with sha1 */ -#endif - - /* If you want support for phased out ciphers, add the following */ -#if 0 - EVP_add_digest(EVP_sha()); - EVP_add_digest(EVP_dss()); -#endif - return(1); - } - diff --git a/src/lib/libssl/ssl_asn1.c b/src/lib/libssl/ssl_asn1.c deleted file mode 100644 index fa6456e4f5..0000000000 --- a/src/lib/libssl/ssl_asn1.c +++ /dev/null @@ -1,349 +0,0 @@ -/* ssl/ssl_asn1.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include -#include -#include "ssl_locl.h" - -typedef struct ssl_session_asn1_st - { - ASN1_INTEGER version; - ASN1_INTEGER ssl_version; - ASN1_OCTET_STRING cipher; - ASN1_OCTET_STRING master_key; - ASN1_OCTET_STRING session_id; - ASN1_OCTET_STRING session_id_context; - ASN1_OCTET_STRING key_arg; - ASN1_INTEGER time; - ASN1_INTEGER timeout; - ASN1_INTEGER verify_result; - } SSL_SESSION_ASN1; - -int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp) - { -#define LSIZE2 (sizeof(long)*2) - int v1=0,v2=0,v3=0,v4=0,v5=0; - unsigned char buf[4],ibuf1[LSIZE2],ibuf2[LSIZE2]; - unsigned char ibuf3[LSIZE2],ibuf4[LSIZE2],ibuf5[LSIZE2]; - long l; - SSL_SESSION_ASN1 a; - M_ASN1_I2D_vars(in); - - if ((in == NULL) || ((in->cipher == NULL) && (in->cipher_id == 0))) - return(0); - - /* Note that I cheat in the following 2 assignments. I know - * that if the ASN1_INTEGER passed to ASN1_INTEGER_set - * is > sizeof(long)+1, the buffer will not be re-OPENSSL_malloc()ed. - * This is a bit evil but makes things simple, no dynamic allocation - * to clean up :-) */ - a.version.length=LSIZE2; - a.version.type=V_ASN1_INTEGER; - a.version.data=ibuf1; - ASN1_INTEGER_set(&(a.version),SSL_SESSION_ASN1_VERSION); - - a.ssl_version.length=LSIZE2; - a.ssl_version.type=V_ASN1_INTEGER; - a.ssl_version.data=ibuf2; - ASN1_INTEGER_set(&(a.ssl_version),in->ssl_version); - - a.cipher.type=V_ASN1_OCTET_STRING; - a.cipher.data=buf; - - if (in->cipher == NULL) - l=in->cipher_id; - else - l=in->cipher->id; - if (in->ssl_version == SSL2_VERSION) - { - a.cipher.length=3; - buf[0]=((unsigned char)(l>>16L))&0xff; - buf[1]=((unsigned char)(l>> 8L))&0xff; - buf[2]=((unsigned char)(l ))&0xff; - } - else - { - a.cipher.length=2; - buf[0]=((unsigned char)(l>>8L))&0xff; - buf[1]=((unsigned char)(l ))&0xff; - } - - a.master_key.length=in->master_key_length; - a.master_key.type=V_ASN1_OCTET_STRING; - a.master_key.data=in->master_key; - - a.session_id.length=in->session_id_length; - a.session_id.type=V_ASN1_OCTET_STRING; - a.session_id.data=in->session_id; - - a.session_id_context.length=in->sid_ctx_length; - a.session_id_context.type=V_ASN1_OCTET_STRING; - a.session_id_context.data=in->sid_ctx; - - a.key_arg.length=in->key_arg_length; - a.key_arg.type=V_ASN1_OCTET_STRING; - a.key_arg.data=in->key_arg; - - if (in->time != 0L) - { - a.time.length=LSIZE2; - a.time.type=V_ASN1_INTEGER; - a.time.data=ibuf3; - ASN1_INTEGER_set(&(a.time),in->time); - } - - if (in->timeout != 0L) - { - a.timeout.length=LSIZE2; - a.timeout.type=V_ASN1_INTEGER; - a.timeout.data=ibuf4; - ASN1_INTEGER_set(&(a.timeout),in->timeout); - } - - if (in->verify_result != X509_V_OK) - { - a.verify_result.length=LSIZE2; - a.verify_result.type=V_ASN1_INTEGER; - a.verify_result.data=ibuf5; - ASN1_INTEGER_set(&a.verify_result,in->verify_result); - } - - M_ASN1_I2D_len(&(a.version), i2d_ASN1_INTEGER); - M_ASN1_I2D_len(&(a.ssl_version), i2d_ASN1_INTEGER); - M_ASN1_I2D_len(&(a.cipher), i2d_ASN1_OCTET_STRING); - M_ASN1_I2D_len(&(a.session_id), i2d_ASN1_OCTET_STRING); - M_ASN1_I2D_len(&(a.master_key), i2d_ASN1_OCTET_STRING); - if (in->key_arg_length > 0) - M_ASN1_I2D_len_IMP_opt(&(a.key_arg),i2d_ASN1_OCTET_STRING); - if (in->time != 0L) - M_ASN1_I2D_len_EXP_opt(&(a.time),i2d_ASN1_INTEGER,1,v1); - if (in->timeout != 0L) - M_ASN1_I2D_len_EXP_opt(&(a.timeout),i2d_ASN1_INTEGER,2,v2); - if (in->peer != NULL) - M_ASN1_I2D_len_EXP_opt(in->peer,i2d_X509,3,v3); - M_ASN1_I2D_len_EXP_opt(&a.session_id_context,i2d_ASN1_OCTET_STRING,4,v4); - if (in->verify_result != X509_V_OK) - M_ASN1_I2D_len_EXP_opt(&(a.verify_result),i2d_ASN1_INTEGER,5,v5); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put(&(a.version), i2d_ASN1_INTEGER); - M_ASN1_I2D_put(&(a.ssl_version), i2d_ASN1_INTEGER); - M_ASN1_I2D_put(&(a.cipher), i2d_ASN1_OCTET_STRING); - M_ASN1_I2D_put(&(a.session_id), i2d_ASN1_OCTET_STRING); - M_ASN1_I2D_put(&(a.master_key), i2d_ASN1_OCTET_STRING); - if (in->key_arg_length > 0) - M_ASN1_I2D_put_IMP_opt(&(a.key_arg),i2d_ASN1_OCTET_STRING,0); - if (in->time != 0L) - M_ASN1_I2D_put_EXP_opt(&(a.time),i2d_ASN1_INTEGER,1,v1); - if (in->timeout != 0L) - M_ASN1_I2D_put_EXP_opt(&(a.timeout),i2d_ASN1_INTEGER,2,v2); - if (in->peer != NULL) - M_ASN1_I2D_put_EXP_opt(in->peer,i2d_X509,3,v3); - M_ASN1_I2D_put_EXP_opt(&a.session_id_context,i2d_ASN1_OCTET_STRING,4, - v4); - if (in->verify_result != X509_V_OK) - M_ASN1_I2D_put_EXP_opt(&a.verify_result,i2d_ASN1_INTEGER,5,v5); - M_ASN1_I2D_finish(); - } - -SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, unsigned char **pp, - long length) - { - int version,ssl_version=0,i; - long id; - ASN1_INTEGER ai,*aip; - ASN1_OCTET_STRING os,*osp; - M_ASN1_D2I_vars(a,SSL_SESSION *,SSL_SESSION_new); - - aip= &ai; - osp= &os; - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - - ai.data=NULL; ai.length=0; - M_ASN1_D2I_get(aip,d2i_ASN1_INTEGER); - version=(int)ASN1_INTEGER_get(aip); - if (ai.data != NULL) { OPENSSL_free(ai.data); ai.data=NULL; ai.length=0; } - - /* we don't care about the version right now :-) */ - M_ASN1_D2I_get(aip,d2i_ASN1_INTEGER); - ssl_version=(int)ASN1_INTEGER_get(aip); - ret->ssl_version=ssl_version; - if (ai.data != NULL) { OPENSSL_free(ai.data); ai.data=NULL; ai.length=0; } - - os.data=NULL; os.length=0; - M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING); - if (ssl_version == SSL2_VERSION) - { - if (os.length != 3) - { - c.error=SSL_R_CIPHER_CODE_WRONG_LENGTH; - goto err; - } - id=0x02000000L| - ((unsigned long)os.data[0]<<16L)| - ((unsigned long)os.data[1]<< 8L)| - (unsigned long)os.data[2]; - } - else if ((ssl_version>>8) == 3) - { - if (os.length != 2) - { - c.error=SSL_R_CIPHER_CODE_WRONG_LENGTH; - goto err; - } - id=0x03000000L| - ((unsigned long)os.data[0]<<8L)| - (unsigned long)os.data[1]; - } - else - { - SSLerr(SSL_F_D2I_SSL_SESSION,SSL_R_UNKNOWN_SSL_VERSION); - return(NULL); - } - - ret->cipher=NULL; - ret->cipher_id=id; - - M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING); - if ((ssl_version>>8) == SSL3_VERSION) - i=SSL3_MAX_SSL_SESSION_ID_LENGTH; - else /* if (ssl_version == SSL2_VERSION) */ - i=SSL2_MAX_SSL_SESSION_ID_LENGTH; - - if (os.length > i) - os.length=i; - - ret->session_id_length=os.length; - memcpy(ret->session_id,os.data,os.length); - - M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING); - if (ret->master_key_length > SSL_MAX_MASTER_KEY_LENGTH) - ret->master_key_length=SSL_MAX_MASTER_KEY_LENGTH; - else - ret->master_key_length=os.length; - memcpy(ret->master_key,os.data,ret->master_key_length); - - os.length=0; - M_ASN1_D2I_get_IMP_opt(osp,d2i_ASN1_OCTET_STRING,0,V_ASN1_OCTET_STRING); - if (os.length > SSL_MAX_KEY_ARG_LENGTH) - ret->key_arg_length=SSL_MAX_KEY_ARG_LENGTH; - else - ret->key_arg_length=os.length; - memcpy(ret->key_arg,os.data,ret->key_arg_length); - if (os.data != NULL) OPENSSL_free(os.data); - - ai.length=0; - M_ASN1_D2I_get_EXP_opt(aip,d2i_ASN1_INTEGER,1); - if (ai.data != NULL) - { - ret->time=ASN1_INTEGER_get(aip); - OPENSSL_free(ai.data); ai.data=NULL; ai.length=0; - } - else - ret->time=time(NULL); - - ai.length=0; - M_ASN1_D2I_get_EXP_opt(aip,d2i_ASN1_INTEGER,2); - if (ai.data != NULL) - { - ret->timeout=ASN1_INTEGER_get(aip); - OPENSSL_free(ai.data); ai.data=NULL; ai.length=0; - } - else - ret->timeout=3; - - if (ret->peer != NULL) - { - X509_free(ret->peer); - ret->peer=NULL; - } - M_ASN1_D2I_get_EXP_opt(ret->peer,d2i_X509,3); - - os.length=0; - os.data=NULL; - M_ASN1_D2I_get_EXP_opt(osp,d2i_ASN1_OCTET_STRING,4); - - if(os.data != NULL) - { - if (os.length > SSL_MAX_SID_CTX_LENGTH) - SSLerr(SSL_F_D2I_SSL_SESSION,SSL_R_BAD_LENGTH); - ret->sid_ctx_length=os.length; - memcpy(ret->sid_ctx,os.data,os.length); - OPENSSL_free(os.data); os.data=NULL; os.length=0; - } - else - ret->sid_ctx_length=0; - - ai.length=0; - M_ASN1_D2I_get_EXP_opt(aip,d2i_ASN1_INTEGER,5); - if (ai.data != NULL) - { - ret->verify_result=ASN1_INTEGER_get(aip); - OPENSSL_free(ai.data); ai.data=NULL; ai.length=0; - } - else - ret->verify_result=X509_V_OK; - - M_ASN1_D2I_Finish(a,SSL_SESSION_free,SSL_F_D2I_SSL_SESSION); - } diff --git a/src/lib/libssl/ssl_cert.c b/src/lib/libssl/ssl_cert.c deleted file mode 100644 index c26df62c20..0000000000 --- a/src/lib/libssl/ssl_cert.c +++ /dev/null @@ -1,755 +0,0 @@ -/*! \file ssl/ssl_cert.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - */ - -#include - -#include "openssl/e_os.h" - -#ifndef NO_SYS_TYPES_H -# include -#endif - -#if !defined(WIN32) && !defined(VSM) && !defined(NeXT) && !defined(MAC_OS_pre_X) -#include -#endif - -#ifdef NeXT -#include -#define dirent direct -#endif - -#include -#include -#include -#include -#include "ssl_locl.h" - -int SSL_get_ex_data_X509_STORE_CTX_idx(void) - { - static int ssl_x509_store_ctx_idx= -1; - - if (ssl_x509_store_ctx_idx < 0) - { - ssl_x509_store_ctx_idx=X509_STORE_CTX_get_ex_new_index( - 0,"SSL for verify callback",NULL,NULL,NULL); - } - return(ssl_x509_store_ctx_idx); - } - -CERT *ssl_cert_new(void) - { - CERT *ret; - - ret=(CERT *)OPENSSL_malloc(sizeof(CERT)); - if (ret == NULL) - { - SSLerr(SSL_F_SSL_CERT_NEW,ERR_R_MALLOC_FAILURE); - return(NULL); - } - memset(ret,0,sizeof(CERT)); - - ret->key= &(ret->pkeys[SSL_PKEY_RSA_ENC]); - ret->references=1; - - return(ret); - } - -CERT *ssl_cert_dup(CERT *cert) - { - CERT *ret; - int i; - - ret = (CERT *)OPENSSL_malloc(sizeof(CERT)); - if (ret == NULL) - { - SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_MALLOC_FAILURE); - return(NULL); - } - - memset(ret, 0, sizeof(CERT)); - - ret->key = &ret->pkeys[cert->key - &cert->pkeys[0]]; - /* or ret->key = ret->pkeys + (cert->key - cert->pkeys), - * if you find that more readable */ - - ret->valid = cert->valid; - ret->mask = cert->mask; - ret->export_mask = cert->export_mask; - -#ifndef NO_RSA - if (cert->rsa_tmp != NULL) - { - ret->rsa_tmp = cert->rsa_tmp; - CRYPTO_add(&ret->rsa_tmp->references, 1, CRYPTO_LOCK_RSA); - } - ret->rsa_tmp_cb = cert->rsa_tmp_cb; -#endif - -#ifndef NO_DH - if (cert->dh_tmp != NULL) - { - /* DH parameters don't have a reference count */ - ret->dh_tmp = DHparams_dup(cert->dh_tmp); - if (ret->dh_tmp == NULL) - { - SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_DH_LIB); - goto err; - } - if (cert->dh_tmp->priv_key) - { - BIGNUM *b = BN_dup(cert->dh_tmp->priv_key); - if (!b) - { - SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_BN_LIB); - goto err; - } - ret->dh_tmp->priv_key = b; - } - if (cert->dh_tmp->pub_key) - { - BIGNUM *b = BN_dup(cert->dh_tmp->pub_key); - if (!b) - { - SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_BN_LIB); - goto err; - } - ret->dh_tmp->pub_key = b; - } - } - ret->dh_tmp_cb = cert->dh_tmp_cb; -#endif - - for (i = 0; i < SSL_PKEY_NUM; i++) - { - if (cert->pkeys[i].x509 != NULL) - { - ret->pkeys[i].x509 = cert->pkeys[i].x509; - CRYPTO_add(&ret->pkeys[i].x509->references, 1, - CRYPTO_LOCK_X509); - } - - if (cert->pkeys[i].privatekey != NULL) - { - ret->pkeys[i].privatekey = cert->pkeys[i].privatekey; - CRYPTO_add(&ret->pkeys[i].privatekey->references, 1, - CRYPTO_LOCK_EVP_PKEY); - - switch(i) - { - /* If there was anything special to do for - * certain types of keys, we'd do it here. - * (Nothing at the moment, I think.) */ - - case SSL_PKEY_RSA_ENC: - case SSL_PKEY_RSA_SIGN: - /* We have an RSA key. */ - break; - - case SSL_PKEY_DSA_SIGN: - /* We have a DSA key. */ - break; - - case SSL_PKEY_DH_RSA: - case SSL_PKEY_DH_DSA: - /* We have a DH key. */ - break; - - default: - /* Can't happen. */ - SSLerr(SSL_F_SSL_CERT_DUP, SSL_R_LIBRARY_BUG); - } - } - } - - /* ret->extra_certs *should* exist, but currently the own certificate - * chain is held inside SSL_CTX */ - - ret->references=1; - - return(ret); - -err: -#ifndef NO_RSA - if (ret->rsa_tmp != NULL) - RSA_free(ret->rsa_tmp); -#endif -#ifndef NO_DH - if (ret->dh_tmp != NULL) - DH_free(ret->dh_tmp); -#endif - - for (i = 0; i < SSL_PKEY_NUM; i++) - { - if (ret->pkeys[i].x509 != NULL) - X509_free(ret->pkeys[i].x509); - if (ret->pkeys[i].privatekey != NULL) - EVP_PKEY_free(ret->pkeys[i].privatekey); - } - - return NULL; - } - - -void ssl_cert_free(CERT *c) - { - int i; - - if(c == NULL) - return; - - i=CRYPTO_add(&c->references,-1,CRYPTO_LOCK_SSL_CERT); -#ifdef REF_PRINT - REF_PRINT("CERT",c); -#endif - if (i > 0) return; -#ifdef REF_CHECK - if (i < 0) - { - fprintf(stderr,"ssl_cert_free, bad reference count\n"); - abort(); /* ok */ - } -#endif - -#ifndef NO_RSA - if (c->rsa_tmp) RSA_free(c->rsa_tmp); -#endif -#ifndef NO_DH - if (c->dh_tmp) DH_free(c->dh_tmp); -#endif - - for (i=0; ipkeys[i].x509 != NULL) - X509_free(c->pkeys[i].x509); - if (c->pkeys[i].privatekey != NULL) - EVP_PKEY_free(c->pkeys[i].privatekey); -#if 0 - if (c->pkeys[i].publickey != NULL) - EVP_PKEY_free(c->pkeys[i].publickey); -#endif - } - OPENSSL_free(c); - } - -int ssl_cert_inst(CERT **o) - { - /* Create a CERT if there isn't already one - * (which cannot really happen, as it is initially created in - * SSL_CTX_new; but the earlier code usually allows for that one - * being non-existant, so we follow that behaviour, as it might - * turn out that there actually is a reason for it -- but I'm - * not sure that *all* of the existing code could cope with - * s->cert being NULL, otherwise we could do without the - * initialization in SSL_CTX_new). - */ - - if (o == NULL) - { - SSLerr(SSL_F_SSL_CERT_INST, ERR_R_PASSED_NULL_PARAMETER); - return(0); - } - if (*o == NULL) - { - if ((*o = ssl_cert_new()) == NULL) - { - SSLerr(SSL_F_SSL_CERT_INST, ERR_R_MALLOC_FAILURE); - return(0); - } - } - return(1); - } - - -SESS_CERT *ssl_sess_cert_new(void) - { - SESS_CERT *ret; - - ret = OPENSSL_malloc(sizeof *ret); - if (ret == NULL) - { - SSLerr(SSL_F_SSL_SESS_CERT_NEW, ERR_R_MALLOC_FAILURE); - return NULL; - } - - memset(ret, 0 ,sizeof *ret); - ret->peer_key = &(ret->peer_pkeys[SSL_PKEY_RSA_ENC]); - ret->references = 1; - - return ret; - } - -void ssl_sess_cert_free(SESS_CERT *sc) - { - int i; - - if (sc == NULL) - return; - - i = CRYPTO_add(&sc->references, -1, CRYPTO_LOCK_SSL_SESS_CERT); -#ifdef REF_PRINT - REF_PRINT("SESS_CERT", sc); -#endif - if (i > 0) - return; -#ifdef REF_CHECK - if (i < 0) - { - fprintf(stderr,"ssl_sess_cert_free, bad reference count\n"); - abort(); /* ok */ - } -#endif - - /* i == 0 */ - if (sc->cert_chain != NULL) - sk_X509_pop_free(sc->cert_chain, X509_free); - for (i = 0; i < SSL_PKEY_NUM; i++) - { - if (sc->peer_pkeys[i].x509 != NULL) - X509_free(sc->peer_pkeys[i].x509); -#if 0 /* We don't have the peer's private key. These lines are just - * here as a reminder that we're still using a not-quite-appropriate - * data structure. */ - if (sc->peer_pkeys[i].privatekey != NULL) - EVP_PKEY_free(sc->peer_pkeys[i].privatekey); -#endif - } - -#ifndef NO_RSA - if (sc->peer_rsa_tmp != NULL) - RSA_free(sc->peer_rsa_tmp); -#endif -#ifndef NO_DH - if (sc->peer_dh_tmp != NULL) - DH_free(sc->peer_dh_tmp); -#endif - - OPENSSL_free(sc); - } - -int ssl_set_peer_cert_type(SESS_CERT *sc,int type) - { - sc->peer_cert_type = type; - return(1); - } - -int ssl_verify_cert_chain(SSL *s,STACK_OF(X509) *sk) - { - X509 *x; - int i; - X509_STORE_CTX ctx; - - if ((sk == NULL) || (sk_X509_num(sk) == 0)) - return(0); - - x=sk_X509_value(sk,0); - X509_STORE_CTX_init(&ctx,s->ctx->cert_store,x,sk); - if (SSL_get_verify_depth(s) >= 0) - X509_STORE_CTX_set_depth(&ctx, SSL_get_verify_depth(s)); - X509_STORE_CTX_set_ex_data(&ctx,SSL_get_ex_data_X509_STORE_CTX_idx(),s); - /* We need to set the verify purpose. The purpose can be determined by - * the context: if its a server it will verify SSL client certificates - * or vice versa. - */ - - if(s->server) i = X509_PURPOSE_SSL_CLIENT; - else i = X509_PURPOSE_SSL_SERVER; - - X509_STORE_CTX_purpose_inherit(&ctx, i, s->purpose, s->trust); - - if (s->ctx->app_verify_callback != NULL) - i=s->ctx->app_verify_callback(&ctx); /* should pass app_verify_arg */ - else - { -#ifndef NO_X509_VERIFY - i=X509_verify_cert(&ctx); -#else - i=0; - ctx.error=X509_V_ERR_APPLICATION_VERIFICATION; - SSLerr(SSL_F_SSL_VERIFY_CERT_CHAIN,SSL_R_NO_VERIFY_CALLBACK); -#endif - } - - s->verify_result=ctx.error; - X509_STORE_CTX_cleanup(&ctx); - - return(i); - } - -static void set_client_CA_list(STACK_OF(X509_NAME) **ca_list,STACK_OF(X509_NAME) *list) - { - if (*ca_list != NULL) - sk_X509_NAME_pop_free(*ca_list,X509_NAME_free); - - *ca_list=list; - } - -STACK_OF(X509_NAME) *SSL_dup_CA_list(STACK_OF(X509_NAME) *sk) - { - int i; - STACK_OF(X509_NAME) *ret; - X509_NAME *name; - - ret=sk_X509_NAME_new_null(); - for (i=0; iclient_CA),list); - } - -void SSL_CTX_set_client_CA_list(SSL_CTX *ctx,STACK_OF(X509_NAME) *list) - { - set_client_CA_list(&(ctx->client_CA),list); - } - -STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(SSL_CTX *ctx) - { - return(ctx->client_CA); - } - -STACK_OF(X509_NAME) *SSL_get_client_CA_list(SSL *s) - { - if (s->type == SSL_ST_CONNECT) - { /* we are in the client */ - if (((s->version>>8) == SSL3_VERSION_MAJOR) && - (s->s3 != NULL)) - return(s->s3->tmp.ca_names); - else - return(NULL); - } - else - { - if (s->client_CA != NULL) - return(s->client_CA); - else - return(s->ctx->client_CA); - } - } - -static int add_client_CA(STACK_OF(X509_NAME) **sk,X509 *x) - { - X509_NAME *name; - - if (x == NULL) return(0); - if ((*sk == NULL) && ((*sk=sk_X509_NAME_new_null()) == NULL)) - return(0); - - if ((name=X509_NAME_dup(X509_get_subject_name(x))) == NULL) - return(0); - - if (!sk_X509_NAME_push(*sk,name)) - { - X509_NAME_free(name); - return(0); - } - return(1); - } - -int SSL_add_client_CA(SSL *ssl,X509 *x) - { - return(add_client_CA(&(ssl->client_CA),x)); - } - -int SSL_CTX_add_client_CA(SSL_CTX *ctx,X509 *x) - { - return(add_client_CA(&(ctx->client_CA),x)); - } - -static int xname_cmp(const X509_NAME * const *a, const X509_NAME * const *b) - { - return(X509_NAME_cmp(*a,*b)); - } - -#ifndef NO_STDIO -/*! - * Load CA certs from a file into a ::STACK. Note that it is somewhat misnamed; - * it doesn't really have anything to do with clients (except that a common use - * for a stack of CAs is to send it to the client). Actually, it doesn't have - * much to do with CAs, either, since it will load any old cert. - * \param file the file containing one or more certs. - * \return a ::STACK containing the certs. - */ -STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file) - { - BIO *in; - X509 *x=NULL; - X509_NAME *xn=NULL; - STACK_OF(X509_NAME) *ret,*sk; - - ret=sk_X509_NAME_new_null(); - sk=sk_X509_NAME_new(xname_cmp); - - in=BIO_new(BIO_s_file_internal()); - - if ((ret == NULL) || (sk == NULL) || (in == NULL)) - { - SSLerr(SSL_F_SSL_LOAD_CLIENT_CA_FILE,ERR_R_MALLOC_FAILURE); - goto err; - } - - if (!BIO_read_filename(in,file)) - goto err; - - for (;;) - { - if (PEM_read_bio_X509(in,&x,NULL,NULL) == NULL) - break; - if ((xn=X509_get_subject_name(x)) == NULL) goto err; - /* check for duplicates */ - xn=X509_NAME_dup(xn); - if (xn == NULL) goto err; - if (sk_X509_NAME_find(sk,xn) >= 0) - X509_NAME_free(xn); - else - { - sk_X509_NAME_push(sk,xn); - sk_X509_NAME_push(ret,xn); - } - } - - if (0) - { -err: - if (ret != NULL) sk_X509_NAME_pop_free(ret,X509_NAME_free); - ret=NULL; - } - if (sk != NULL) sk_X509_NAME_free(sk); - if (in != NULL) BIO_free(in); - if (x != NULL) X509_free(x); - return(ret); - } -#endif - -/*! - * Add a file of certs to a stack. - * \param stack the stack to add to. - * \param file the file to add from. All certs in this file that are not - * already in the stack will be added. - * \return 1 for success, 0 for failure. Note that in the case of failure some - * certs may have been added to \c stack. - */ - -int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack, - const char *file) - { - BIO *in; - X509 *x=NULL; - X509_NAME *xn=NULL; - int ret=1; - int (*oldcmp)(const X509_NAME * const *a, const X509_NAME * const *b); - - oldcmp=sk_X509_NAME_set_cmp_func(stack,xname_cmp); - - in=BIO_new(BIO_s_file_internal()); - - if (in == NULL) - { - SSLerr(SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK,ERR_R_MALLOC_FAILURE); - goto err; - } - - if (!BIO_read_filename(in,file)) - goto err; - - for (;;) - { - if (PEM_read_bio_X509(in,&x,NULL,NULL) == NULL) - break; - if ((xn=X509_get_subject_name(x)) == NULL) goto err; - xn=X509_NAME_dup(xn); - if (xn == NULL) goto err; - if (sk_X509_NAME_find(stack,xn) >= 0) - X509_NAME_free(xn); - else - sk_X509_NAME_push(stack,xn); - } - - if (0) - { -err: - ret=0; - } - if(in != NULL) - BIO_free(in); - if(x != NULL) - X509_free(x); - - sk_X509_NAME_set_cmp_func(stack,oldcmp); - - return ret; - } - -/*! - * Add a directory of certs to a stack. - * \param stack the stack to append to. - * \param dir the directory to append from. All files in this directory will be - * examined as potential certs. Any that are acceptable to - * SSL_add_dir_cert_subjects_to_stack() that are not already in the stack will be - * included. - * \return 1 for success, 0 for failure. Note that in the case of failure some - * certs may have been added to \c stack. - */ - -#ifndef WIN32 -#ifndef VMS /* XXXX This may be fixed in the future */ -#ifndef MAC_OS_pre_X - -int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack, - const char *dir) - { - DIR *d; - struct dirent *dstruct; - int ret = 0; - - CRYPTO_w_lock(CRYPTO_LOCK_READDIR); - d = opendir(dir); - - /* Note that a side effect is that the CAs will be sorted by name */ - if(!d) - { - SYSerr(SYS_F_OPENDIR, get_last_sys_error()); - ERR_add_error_data(3, "opendir('", dir, "')"); - SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK, ERR_R_SYS_LIB); - goto err; - } - - while((dstruct=readdir(d))) - { - char buf[1024]; - int r; - - if(strlen(dir)+strlen(dstruct->d_name)+2 > sizeof buf) - { - SSLerr(SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK,SSL_R_PATH_TOO_LONG); - goto err; - } - - r = BIO_snprintf(buf,sizeof buf,"%s/%s",dir,dstruct->d_name); - if (r <= 0 || r >= sizeof buf) - goto err; - if(!SSL_add_file_cert_subjects_to_stack(stack,buf)) - goto err; - } - ret = 1; - -err: - CRYPTO_w_unlock(CRYPTO_LOCK_READDIR); - return ret; - } - -#endif -#endif -#endif diff --git a/src/lib/libssl/ssl_ciph.c b/src/lib/libssl/ssl_ciph.c deleted file mode 100644 index f63163f26c..0000000000 --- a/src/lib/libssl/ssl_ciph.c +++ /dev/null @@ -1,1071 +0,0 @@ -/* ssl/ssl_ciph.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include "ssl_locl.h" - -#define SSL_ENC_DES_IDX 0 -#define SSL_ENC_3DES_IDX 1 -#define SSL_ENC_RC4_IDX 2 -#define SSL_ENC_RC2_IDX 3 -#define SSL_ENC_IDEA_IDX 4 -#define SSL_ENC_eFZA_IDX 5 -#define SSL_ENC_NULL_IDX 6 -#define SSL_ENC_NUM_IDX 7 - -static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX]={ - NULL,NULL,NULL,NULL,NULL,NULL, - }; - -static STACK_OF(SSL_COMP) *ssl_comp_methods=NULL; - -#define SSL_MD_MD5_IDX 0 -#define SSL_MD_SHA1_IDX 1 -#define SSL_MD_NUM_IDX 2 -static const EVP_MD *ssl_digest_methods[SSL_MD_NUM_IDX]={ - NULL,NULL, - }; - -#define CIPHER_ADD 1 -#define CIPHER_KILL 2 -#define CIPHER_DEL 3 -#define CIPHER_ORD 4 -#define CIPHER_SPECIAL 5 - -typedef struct cipher_order_st - { - SSL_CIPHER *cipher; - int active; - int dead; - struct cipher_order_st *next,*prev; - } CIPHER_ORDER; - -static const SSL_CIPHER cipher_aliases[]={ - /* Don't include eNULL unless specifically enabled */ - {0,SSL_TXT_ALL, 0,SSL_ALL & ~SSL_eNULL, SSL_ALL ,0,0,0,SSL_ALL,SSL_ALL}, /* must be first */ - {0,SSL_TXT_kRSA,0,SSL_kRSA, 0,0,0,0,SSL_MKEY_MASK,0}, - {0,SSL_TXT_kDHr,0,SSL_kDHr, 0,0,0,0,SSL_MKEY_MASK,0}, - {0,SSL_TXT_kDHd,0,SSL_kDHd, 0,0,0,0,SSL_MKEY_MASK,0}, - {0,SSL_TXT_kEDH,0,SSL_kEDH, 0,0,0,0,SSL_MKEY_MASK,0}, - {0,SSL_TXT_kFZA,0,SSL_kFZA, 0,0,0,0,SSL_MKEY_MASK,0}, - {0,SSL_TXT_DH, 0,SSL_DH, 0,0,0,0,SSL_MKEY_MASK,0}, - {0,SSL_TXT_EDH, 0,SSL_EDH, 0,0,0,0,SSL_MKEY_MASK|SSL_AUTH_MASK,0}, - - {0,SSL_TXT_aRSA,0,SSL_aRSA, 0,0,0,0,SSL_AUTH_MASK,0}, - {0,SSL_TXT_aDSS,0,SSL_aDSS, 0,0,0,0,SSL_AUTH_MASK,0}, - {0,SSL_TXT_aFZA,0,SSL_aFZA, 0,0,0,0,SSL_AUTH_MASK,0}, - {0,SSL_TXT_aNULL,0,SSL_aNULL,0,0,0,0,SSL_AUTH_MASK,0}, - {0,SSL_TXT_aDH, 0,SSL_aDH, 0,0,0,0,SSL_AUTH_MASK,0}, - {0,SSL_TXT_DSS, 0,SSL_DSS, 0,0,0,0,SSL_AUTH_MASK,0}, - - {0,SSL_TXT_DES, 0,SSL_DES, 0,0,0,0,SSL_ENC_MASK,0}, - {0,SSL_TXT_3DES,0,SSL_3DES, 0,0,0,0,SSL_ENC_MASK,0}, - {0,SSL_TXT_RC4, 0,SSL_RC4, 0,0,0,0,SSL_ENC_MASK,0}, - {0,SSL_TXT_RC2, 0,SSL_RC2, 0,0,0,0,SSL_ENC_MASK,0}, - {0,SSL_TXT_IDEA,0,SSL_IDEA, 0,0,0,0,SSL_ENC_MASK,0}, - {0,SSL_TXT_eNULL,0,SSL_eNULL,0,0,0,0,SSL_ENC_MASK,0}, - {0,SSL_TXT_eFZA,0,SSL_eFZA, 0,0,0,0,SSL_ENC_MASK,0}, - - {0,SSL_TXT_MD5, 0,SSL_MD5, 0,0,0,0,SSL_MAC_MASK,0}, - {0,SSL_TXT_SHA1,0,SSL_SHA1, 0,0,0,0,SSL_MAC_MASK,0}, - {0,SSL_TXT_SHA, 0,SSL_SHA, 0,0,0,0,SSL_MAC_MASK,0}, - - {0,SSL_TXT_NULL,0,SSL_NULL, 0,0,0,0,SSL_ENC_MASK,0}, - {0,SSL_TXT_RSA, 0,SSL_RSA, 0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK,0}, - {0,SSL_TXT_ADH, 0,SSL_ADH, 0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK,0}, - {0,SSL_TXT_FZA, 0,SSL_FZA, 0,0,0,0,SSL_AUTH_MASK|SSL_MKEY_MASK|SSL_ENC_MASK,0}, - - {0,SSL_TXT_SSLV2, 0,SSL_SSLV2, 0,0,0,0,SSL_SSL_MASK,0}, - {0,SSL_TXT_SSLV3, 0,SSL_SSLV3, 0,0,0,0,SSL_SSL_MASK,0}, - {0,SSL_TXT_TLSV1, 0,SSL_TLSV1, 0,0,0,0,SSL_SSL_MASK,0}, - - {0,SSL_TXT_EXP ,0, 0,SSL_EXPORT, 0,0,0,0,SSL_EXP_MASK}, - {0,SSL_TXT_EXPORT,0, 0,SSL_EXPORT, 0,0,0,0,SSL_EXP_MASK}, - {0,SSL_TXT_EXP40, 0, 0, SSL_EXP40, 0,0,0,0,SSL_STRONG_MASK}, - {0,SSL_TXT_EXP56, 0, 0, SSL_EXP56, 0,0,0,0,SSL_STRONG_MASK}, - {0,SSL_TXT_LOW, 0, 0, SSL_LOW, 0,0,0,0,SSL_STRONG_MASK}, - {0,SSL_TXT_MEDIUM,0, 0,SSL_MEDIUM, 0,0,0,0,SSL_STRONG_MASK}, - {0,SSL_TXT_HIGH, 0, 0, SSL_HIGH, 0,0,0,0,SSL_STRONG_MASK}, - }; - -static int init_ciphers=1; - -static void load_ciphers(void) - { - init_ciphers=0; - ssl_cipher_methods[SSL_ENC_DES_IDX]= - EVP_get_cipherbyname(SN_des_cbc); - ssl_cipher_methods[SSL_ENC_3DES_IDX]= - EVP_get_cipherbyname(SN_des_ede3_cbc); - ssl_cipher_methods[SSL_ENC_RC4_IDX]= - EVP_get_cipherbyname(SN_rc4); - ssl_cipher_methods[SSL_ENC_RC2_IDX]= - EVP_get_cipherbyname(SN_rc2_cbc); - ssl_cipher_methods[SSL_ENC_IDEA_IDX]= - EVP_get_cipherbyname(SN_idea_cbc); - - ssl_digest_methods[SSL_MD_MD5_IDX]= - EVP_get_digestbyname(SN_md5); - ssl_digest_methods[SSL_MD_SHA1_IDX]= - EVP_get_digestbyname(SN_sha1); - } - -int ssl_cipher_get_evp(SSL_SESSION *s, const EVP_CIPHER **enc, - const EVP_MD **md, SSL_COMP **comp) - { - int i; - SSL_CIPHER *c; - - c=s->cipher; - if (c == NULL) return(0); - if (comp != NULL) - { - SSL_COMP ctmp; - - if (s->compress_meth == 0) - *comp=NULL; - else if (ssl_comp_methods == NULL) - { - /* bad */ - *comp=NULL; - } - else - { - - ctmp.id=s->compress_meth; - i=sk_SSL_COMP_find(ssl_comp_methods,&ctmp); - if (i >= 0) - *comp=sk_SSL_COMP_value(ssl_comp_methods,i); - else - *comp=NULL; - } - } - - if ((enc == NULL) || (md == NULL)) return(0); - - switch (c->algorithms & SSL_ENC_MASK) - { - case SSL_DES: - i=SSL_ENC_DES_IDX; - break; - case SSL_3DES: - i=SSL_ENC_3DES_IDX; - break; - case SSL_RC4: - i=SSL_ENC_RC4_IDX; - break; - case SSL_RC2: - i=SSL_ENC_RC2_IDX; - break; - case SSL_IDEA: - i=SSL_ENC_IDEA_IDX; - break; - case SSL_eNULL: - i=SSL_ENC_NULL_IDX; - break; - default: - i= -1; - break; - } - - if ((i < 0) || (i > SSL_ENC_NUM_IDX)) - *enc=NULL; - else - { - if (i == SSL_ENC_NULL_IDX) - *enc=EVP_enc_null(); - else - *enc=ssl_cipher_methods[i]; - } - - switch (c->algorithms & SSL_MAC_MASK) - { - case SSL_MD5: - i=SSL_MD_MD5_IDX; - break; - case SSL_SHA1: - i=SSL_MD_SHA1_IDX; - break; - default: - i= -1; - break; - } - if ((i < 0) || (i > SSL_MD_NUM_IDX)) - *md=NULL; - else - *md=ssl_digest_methods[i]; - - if ((*enc != NULL) && (*md != NULL)) - return(1); - else - return(0); - } - -#define ITEM_SEP(a) \ - (((a) == ':') || ((a) == ' ') || ((a) == ';') || ((a) == ',')) - -static void ll_append_tail(CIPHER_ORDER **head, CIPHER_ORDER *curr, - CIPHER_ORDER **tail) - { - if (curr == *tail) return; - if (curr == *head) - *head=curr->next; - if (curr->prev != NULL) - curr->prev->next=curr->next; - if (curr->next != NULL) /* should always be true */ - curr->next->prev=curr->prev; - (*tail)->next=curr; - curr->prev= *tail; - curr->next=NULL; - *tail=curr; - } - -static unsigned long ssl_cipher_get_disabled(void) - { - unsigned long mask; - - mask = SSL_kFZA; -#ifdef NO_RSA - mask |= SSL_aRSA|SSL_kRSA; -#endif -#ifdef NO_DSA - mask |= SSL_aDSS; -#endif -#ifdef NO_DH - mask |= SSL_kDHr|SSL_kDHd|SSL_kEDH|SSL_aDH; -#endif - -#ifdef SSL_FORBID_ENULL - mask |= SSL_eNULL; -#endif - - mask |= (ssl_cipher_methods[SSL_ENC_DES_IDX ] == NULL) ? SSL_DES :0; - mask |= (ssl_cipher_methods[SSL_ENC_3DES_IDX] == NULL) ? SSL_3DES:0; - mask |= (ssl_cipher_methods[SSL_ENC_RC4_IDX ] == NULL) ? SSL_RC4 :0; - mask |= (ssl_cipher_methods[SSL_ENC_RC2_IDX ] == NULL) ? SSL_RC2 :0; - mask |= (ssl_cipher_methods[SSL_ENC_IDEA_IDX] == NULL) ? SSL_IDEA:0; - mask |= (ssl_cipher_methods[SSL_ENC_eFZA_IDX] == NULL) ? SSL_eFZA:0; - - mask |= (ssl_digest_methods[SSL_MD_MD5_IDX ] == NULL) ? SSL_MD5 :0; - mask |= (ssl_digest_methods[SSL_MD_SHA1_IDX] == NULL) ? SSL_SHA1:0; - - return(mask); - } - -static void ssl_cipher_collect_ciphers(const SSL_METHOD *ssl_method, - int num_of_ciphers, unsigned long mask, CIPHER_ORDER *list, - CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p) - { - int i, list_num; - SSL_CIPHER *c; - - /* - * We have num_of_ciphers descriptions compiled in, depending on the - * method selected (SSLv2 and/or SSLv3, TLSv1 etc). - * These will later be sorted in a linked list with at most num - * entries. - */ - - /* Get the initial list of ciphers */ - list_num = 0; /* actual count of ciphers */ - for (i = 0; i < num_of_ciphers; i++) - { - c = ssl_method->get_cipher(i); - /* drop those that use any of that is not available */ - if ((c != NULL) && c->valid && !(c->algorithms & mask)) - { - list[list_num].cipher = c; - list[list_num].next = NULL; - list[list_num].prev = NULL; - list[list_num].active = 0; - list_num++; - /* - if (!sk_push(ca_list,(char *)c)) goto err; - */ - } - } - - /* - * Prepare linked list from list entries - */ - for (i = 1; i < list_num - 1; i++) - { - list[i].prev = &(list[i-1]); - list[i].next = &(list[i+1]); - } - if (list_num > 0) - { - (*head_p) = &(list[0]); - (*head_p)->prev = NULL; - (*head_p)->next = &(list[1]); - (*tail_p) = &(list[list_num - 1]); - (*tail_p)->prev = &(list[list_num - 2]); - (*tail_p)->next = NULL; - } - } - -static void ssl_cipher_collect_aliases(SSL_CIPHER **ca_list, - int num_of_group_aliases, unsigned long mask, - CIPHER_ORDER *head) - { - CIPHER_ORDER *ciph_curr; - SSL_CIPHER **ca_curr; - int i; - - /* - * First, add the real ciphers as already collected - */ - ciph_curr = head; - ca_curr = ca_list; - while (ciph_curr != NULL) - { - *ca_curr = ciph_curr->cipher; - ca_curr++; - ciph_curr = ciph_curr->next; - } - - /* - * Now we add the available ones from the cipher_aliases[] table. - * They represent either an algorithm, that must be fully - * supported (not match any bit in mask) or represent a cipher - * strength value (will be added in any case because algorithms=0). - */ - for (i = 0; i < num_of_group_aliases; i++) - { - if ((i == 0) || /* always fetch "ALL" */ - !(cipher_aliases[i].algorithms & mask)) - { - *ca_curr = (SSL_CIPHER *)(cipher_aliases + i); - ca_curr++; - } - } - - *ca_curr = NULL; /* end of list */ - } - -static void ssl_cipher_apply_rule(unsigned long algorithms, unsigned long mask, - unsigned long algo_strength, unsigned long mask_strength, - int rule, int strength_bits, CIPHER_ORDER *list, - CIPHER_ORDER **head_p, CIPHER_ORDER **tail_p) - { - CIPHER_ORDER *head, *tail, *curr, *curr2, *tail2; - SSL_CIPHER *cp; - unsigned long ma, ma_s; - -#ifdef CIPHER_DEBUG - printf("Applying rule %d with %08lx %08lx %08lx %08lx (%d)\n", - rule, algorithms, mask, algo_strength, mask_strength, - strength_bits); -#endif - - curr = head = *head_p; - curr2 = head; - tail2 = tail = *tail_p; - for (;;) - { - if ((curr == NULL) || (curr == tail2)) break; - curr = curr2; - curr2 = curr->next; - - cp = curr->cipher; - - /* - * Selection criteria is either the number of strength_bits - * or the algorithm used. - */ - if (strength_bits == -1) - { - ma = mask & cp->algorithms; - ma_s = mask_strength & cp->algo_strength; - -#ifdef CIPHER_DEBUG - printf("\nName: %s:\nAlgo = %08lx Algo_strength = %08lx\nMask = %08lx Mask_strength %08lx\n", cp->name, cp->algorithms, cp->algo_strength, mask, mask_strength); - printf("ma = %08lx ma_s %08lx, ma&algo=%08lx, ma_s&algos=%08lx\n", ma, ma_s, ma&algorithms, ma_s&algo_strength); -#endif - /* - * Select: if none of the mask bit was met from the - * cipher or not all of the bits were met, the - * selection does not apply. - */ - if (((ma == 0) && (ma_s == 0)) || - ((ma & algorithms) != ma) || - ((ma_s & algo_strength) != ma_s)) - continue; /* does not apply */ - } - else if (strength_bits != cp->strength_bits) - continue; /* does not apply */ - -#ifdef CIPHER_DEBUG - printf("Action = %d\n", rule); -#endif - - /* add the cipher if it has not been added yet. */ - if (rule == CIPHER_ADD) - { - if (!curr->active) - { - ll_append_tail(&head, curr, &tail); - curr->active = 1; - } - } - /* Move the added cipher to this location */ - else if (rule == CIPHER_ORD) - { - if (curr->active) - { - ll_append_tail(&head, curr, &tail); - } - } - else if (rule == CIPHER_DEL) - curr->active = 0; - else if (rule == CIPHER_KILL) - { - if (head == curr) - head = curr->next; - else - curr->prev->next = curr->next; - if (tail == curr) - tail = curr->prev; - curr->active = 0; - if (curr->next != NULL) - curr->next->prev = curr->prev; - if (curr->prev != NULL) - curr->prev->next = curr->next; - curr->next = NULL; - curr->prev = NULL; - } - } - - *head_p = head; - *tail_p = tail; - } - -static int ssl_cipher_strength_sort(CIPHER_ORDER *list, CIPHER_ORDER **head_p, - CIPHER_ORDER **tail_p) - { - int max_strength_bits, i, *number_uses; - CIPHER_ORDER *curr; - - /* - * This routine sorts the ciphers with descending strength. The sorting - * must keep the pre-sorted sequence, so we apply the normal sorting - * routine as '+' movement to the end of the list. - */ - max_strength_bits = 0; - curr = *head_p; - while (curr != NULL) - { - if (curr->active && - (curr->cipher->strength_bits > max_strength_bits)) - max_strength_bits = curr->cipher->strength_bits; - curr = curr->next; - } - - number_uses = OPENSSL_malloc((max_strength_bits + 1) * sizeof(int)); - if (!number_uses) - { - SSLerr(SSL_F_SSL_CIPHER_STRENGTH_SORT,ERR_R_MALLOC_FAILURE); - return(0); - } - memset(number_uses, 0, (max_strength_bits + 1) * sizeof(int)); - - /* - * Now find the strength_bits values actually used - */ - curr = *head_p; - while (curr != NULL) - { - if (curr->active) - number_uses[curr->cipher->strength_bits]++; - curr = curr->next; - } - /* - * Go through the list of used strength_bits values in descending - * order. - */ - for (i = max_strength_bits; i >= 0; i--) - if (number_uses[i] > 0) - ssl_cipher_apply_rule(0, 0, 0, 0, CIPHER_ORD, i, - list, head_p, tail_p); - - OPENSSL_free(number_uses); - return(1); - } - -static int ssl_cipher_process_rulestr(const char *rule_str, - CIPHER_ORDER *list, CIPHER_ORDER **head_p, - CIPHER_ORDER **tail_p, SSL_CIPHER **ca_list) - { - unsigned long algorithms, mask, algo_strength, mask_strength; - const char *l, *start, *buf; - int j, multi, found, rule, retval, ok, buflen; - char ch; - - retval = 1; - l = rule_str; - for (;;) - { - ch = *l; - - if (ch == '\0') - break; /* done */ - if (ch == '-') - { rule = CIPHER_DEL; l++; } - else if (ch == '+') - { rule = CIPHER_ORD; l++; } - else if (ch == '!') - { rule = CIPHER_KILL; l++; } - else if (ch == '@') - { rule = CIPHER_SPECIAL; l++; } - else - { rule = CIPHER_ADD; } - - if (ITEM_SEP(ch)) - { - l++; - continue; - } - - algorithms = mask = algo_strength = mask_strength = 0; - - start=l; - for (;;) - { - ch = *l; - buf = l; - buflen = 0; -#ifndef CHARSET_EBCDIC - while ( ((ch >= 'A') && (ch <= 'Z')) || - ((ch >= '0') && (ch <= '9')) || - ((ch >= 'a') && (ch <= 'z')) || - (ch == '-')) -#else - while ( isalnum(ch) || (ch == '-')) -#endif - { - ch = *(++l); - buflen++; - } - - if (buflen == 0) - { - /* - * We hit something we cannot deal with, - * it is no command or separator nor - * alphanumeric, so we call this an error. - */ - SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR, - SSL_R_INVALID_COMMAND); - retval = found = 0; - l++; - break; - } - - if (rule == CIPHER_SPECIAL) - { - found = 0; /* unused -- avoid compiler warning */ - break; /* special treatment */ - } - - /* check for multi-part specification */ - if (ch == '+') - { - multi=1; - l++; - } - else - multi=0; - - /* - * Now search for the cipher alias in the ca_list. Be careful - * with the strncmp, because the "buflen" limitation - * will make the rule "ADH:SOME" and the cipher - * "ADH-MY-CIPHER" look like a match for buflen=3. - * So additionally check whether the cipher name found - * has the correct length. We can save a strlen() call: - * just checking for the '\0' at the right place is - * sufficient, we have to strncmp() anyway. - */ - j = found = 0; - while (ca_list[j]) - { - if ((ca_list[j]->name[buflen] == '\0') && - !strncmp(buf, ca_list[j]->name, buflen)) - { - found = 1; - break; - } - else - j++; - } - if (!found) - break; /* ignore this entry */ - - algorithms |= ca_list[j]->algorithms; - mask |= ca_list[j]->mask; - algo_strength |= ca_list[j]->algo_strength; - mask_strength |= ca_list[j]->mask_strength; - - if (!multi) break; - } - - /* - * Ok, we have the rule, now apply it - */ - if (rule == CIPHER_SPECIAL) - { /* special command */ - ok = 0; - if ((buflen == 8) && - !strncmp(buf, "STRENGTH", 8)) - ok = ssl_cipher_strength_sort(list, - head_p, tail_p); - else - SSLerr(SSL_F_SSL_CIPHER_PROCESS_RULESTR, - SSL_R_INVALID_COMMAND); - if (ok == 0) - retval = 0; - /* - * We do not support any "multi" options - * together with "@", so throw away the - * rest of the command, if any left, until - * end or ':' is found. - */ - while ((*l != '\0') && ITEM_SEP(*l)) - l++; - } - else if (found) - { - ssl_cipher_apply_rule(algorithms, mask, - algo_strength, mask_strength, rule, -1, - list, head_p, tail_p); - } - else - { - while ((*l != '\0') && ITEM_SEP(*l)) - l++; - } - if (*l == '\0') break; /* done */ - } - - return(retval); - } - -STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method, - STACK_OF(SSL_CIPHER) **cipher_list, - STACK_OF(SSL_CIPHER) **cipher_list_by_id, - const char *rule_str) - { - int ok, num_of_ciphers, num_of_alias_max, num_of_group_aliases; - unsigned long disabled_mask; - STACK_OF(SSL_CIPHER) *cipherstack; - const char *rule_p; - CIPHER_ORDER *list = NULL, *head = NULL, *tail = NULL, *curr; - SSL_CIPHER **ca_list = NULL; - - /* - * Return with error if nothing to do. - */ - if (rule_str == NULL) return(NULL); - - if (init_ciphers) load_ciphers(); - - /* - * To reduce the work to do we only want to process the compiled - * in algorithms, so we first get the mask of disabled ciphers. - */ - disabled_mask = ssl_cipher_get_disabled(); - - /* - * Now we have to collect the available ciphers from the compiled - * in ciphers. We cannot get more than the number compiled in, so - * it is used for allocation. - */ - num_of_ciphers = ssl_method->num_ciphers(); - list = (CIPHER_ORDER *)OPENSSL_malloc(sizeof(CIPHER_ORDER) * num_of_ciphers); - if (list == NULL) - { - SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST,ERR_R_MALLOC_FAILURE); - return(NULL); /* Failure */ - } - - ssl_cipher_collect_ciphers(ssl_method, num_of_ciphers, disabled_mask, - list, &head, &tail); - - /* - * We also need cipher aliases for selecting based on the rule_str. - * There might be two types of entries in the rule_str: 1) names - * of ciphers themselves 2) aliases for groups of ciphers. - * For 1) we need the available ciphers and for 2) the cipher - * groups of cipher_aliases added together in one list (otherwise - * we would be happy with just the cipher_aliases table). - */ - num_of_group_aliases = sizeof(cipher_aliases) / sizeof(SSL_CIPHER); - num_of_alias_max = num_of_ciphers + num_of_group_aliases + 1; - ca_list = - (SSL_CIPHER **)OPENSSL_malloc(sizeof(SSL_CIPHER *) * num_of_alias_max); - if (ca_list == NULL) - { - OPENSSL_free(list); - SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST,ERR_R_MALLOC_FAILURE); - return(NULL); /* Failure */ - } - ssl_cipher_collect_aliases(ca_list, num_of_group_aliases, disabled_mask, - head); - - /* - * If the rule_string begins with DEFAULT, apply the default rule - * before using the (possibly available) additional rules. - */ - ok = 1; - rule_p = rule_str; - if (strncmp(rule_str,"DEFAULT",7) == 0) - { - ok = ssl_cipher_process_rulestr(SSL_DEFAULT_CIPHER_LIST, - list, &head, &tail, ca_list); - rule_p += 7; - if (*rule_p == ':') - rule_p++; - } - - if (ok && (strlen(rule_p) > 0)) - ok = ssl_cipher_process_rulestr(rule_p, list, &head, &tail, - ca_list); - - OPENSSL_free(ca_list); /* Not needed anymore */ - - if (!ok) - { /* Rule processing failure */ - OPENSSL_free(list); - return(NULL); - } - /* - * Allocate new "cipherstack" for the result, return with error - * if we cannot get one. - */ - if ((cipherstack = sk_SSL_CIPHER_new_null()) == NULL) - { - OPENSSL_free(list); - return(NULL); - } - - /* - * The cipher selection for the list is done. The ciphers are added - * to the resulting precedence to the STACK_OF(SSL_CIPHER). - */ - for (curr = head; curr != NULL; curr = curr->next) - { - if (curr->active) - { - sk_SSL_CIPHER_push(cipherstack, curr->cipher); -#ifdef CIPHER_DEBUG - printf("<%s>\n",curr->cipher->name); -#endif - } - } - OPENSSL_free(list); /* Not needed any longer */ - - /* - * The following passage is a little bit odd. If pointer variables - * were supplied to hold STACK_OF(SSL_CIPHER) return information, - * the old memory pointed to is free()ed. Then, however, the - * cipher_list entry will be assigned just a copy of the returned - * cipher stack. For cipher_list_by_id a copy of the cipher stack - * will be created. See next comment... - */ - if (cipher_list != NULL) - { - if (*cipher_list != NULL) - sk_SSL_CIPHER_free(*cipher_list); - *cipher_list = cipherstack; - } - - if (cipher_list_by_id != NULL) - { - if (*cipher_list_by_id != NULL) - sk_SSL_CIPHER_free(*cipher_list_by_id); - *cipher_list_by_id = sk_SSL_CIPHER_dup(cipherstack); - } - - /* - * Now it is getting really strange. If something failed during - * the previous pointer assignment or if one of the pointers was - * not requested, the error condition is met. That might be - * discussable. The strange thing is however that in this case - * the memory "ret" pointed to is "free()ed" and hence the pointer - * cipher_list becomes wild. The memory reserved for - * cipher_list_by_id however is not "free()ed" and stays intact. - */ - if ( (cipher_list_by_id == NULL) || - (*cipher_list_by_id == NULL) || - (cipher_list == NULL) || - (*cipher_list == NULL)) - { - sk_SSL_CIPHER_free(cipherstack); - return(NULL); - } - - sk_SSL_CIPHER_set_cmp_func(*cipher_list_by_id,ssl_cipher_ptr_id_cmp); - - return(cipherstack); - } - -char *SSL_CIPHER_description(SSL_CIPHER *cipher, char *buf, int len) - { - int is_export,pkl,kl; - char *ver,*exp; - char *kx,*au,*enc,*mac; - unsigned long alg,alg2,alg_s; - static char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s\n"; - - alg=cipher->algorithms; - alg_s=cipher->algo_strength; - alg2=cipher->algorithm2; - - is_export=SSL_C_IS_EXPORT(cipher); - pkl=SSL_C_EXPORT_PKEYLENGTH(cipher); - kl=SSL_C_EXPORT_KEYLENGTH(cipher); - exp=is_export?" export":""; - - if (alg & SSL_SSLV2) - ver="SSLv2"; - else if (alg & SSL_SSLV3) - ver="SSLv3"; - else - ver="unknown"; - - switch (alg&SSL_MKEY_MASK) - { - case SSL_kRSA: - kx=is_export?(pkl == 512 ? "RSA(512)" : "RSA(1024)"):"RSA"; - break; - case SSL_kDHr: - kx="DH/RSA"; - break; - case SSL_kDHd: - kx="DH/DSS"; - break; - case SSL_kFZA: - kx="Fortezza"; - break; - case SSL_kEDH: - kx=is_export?(pkl == 512 ? "DH(512)" : "DH(1024)"):"DH"; - break; - default: - kx="unknown"; - } - - switch (alg&SSL_AUTH_MASK) - { - case SSL_aRSA: - au="RSA"; - break; - case SSL_aDSS: - au="DSS"; - break; - case SSL_aDH: - au="DH"; - break; - case SSL_aFZA: - case SSL_aNULL: - au="None"; - break; - default: - au="unknown"; - break; - } - - switch (alg&SSL_ENC_MASK) - { - case SSL_DES: - enc=(is_export && kl == 5)?"DES(40)":"DES(56)"; - break; - case SSL_3DES: - enc="3DES(168)"; - break; - case SSL_RC4: - enc=is_export?(kl == 5 ? "RC4(40)" : "RC4(56)") - :((alg2&SSL2_CF_8_BYTE_ENC)?"RC4(64)":"RC4(128)"); - break; - case SSL_RC2: - enc=is_export?(kl == 5 ? "RC2(40)" : "RC2(56)"):"RC2(128)"; - break; - case SSL_IDEA: - enc="IDEA(128)"; - break; - case SSL_eFZA: - enc="Fortezza"; - break; - case SSL_eNULL: - enc="None"; - break; - default: - enc="unknown"; - break; - } - - switch (alg&SSL_MAC_MASK) - { - case SSL_MD5: - mac="MD5"; - break; - case SSL_SHA1: - mac="SHA1"; - break; - default: - mac="unknown"; - break; - } - - if (buf == NULL) - { - len=128; - buf=OPENSSL_malloc(len); - if (buf == NULL) return("OPENSSL_malloc Error"); - } - else if (len < 128) - return("Buffer too small"); - - BIO_snprintf(buf,len,format,cipher->name,ver,kx,au,enc,mac,exp); - return(buf); - } - -char *SSL_CIPHER_get_version(SSL_CIPHER *c) - { - int i; - - if (c == NULL) return("(NONE)"); - i=(int)(c->id>>24L); - if (i == 3) - return("TLSv1/SSLv3"); - else if (i == 2) - return("SSLv2"); - else - return("unknown"); - } - -/* return the actual cipher being used */ -const char *SSL_CIPHER_get_name(SSL_CIPHER *c) - { - if (c != NULL) - return(c->name); - return("(NONE)"); - } - -/* number of bits for symmetric cipher */ -int SSL_CIPHER_get_bits(SSL_CIPHER *c, int *alg_bits) - { - int ret=0; - - if (c != NULL) - { - if (alg_bits != NULL) *alg_bits = c->alg_bits; - ret = c->strength_bits; - } - return(ret); - } - -SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n) - { - SSL_COMP *ctmp; - int i,nn; - - if ((n == 0) || (sk == NULL)) return(NULL); - nn=sk_SSL_COMP_num(sk); - for (i=0; iid == n) - return(ctmp); - } - return(NULL); - } - -static int sk_comp_cmp(const SSL_COMP * const *a, - const SSL_COMP * const *b) - { - return((*a)->id-(*b)->id); - } - -STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void) - { - return(ssl_comp_methods); - } - -int SSL_COMP_add_compression_method(int id, COMP_METHOD *cm) - { - SSL_COMP *comp; - STACK_OF(SSL_COMP) *sk; - - comp=(SSL_COMP *)OPENSSL_malloc(sizeof(SSL_COMP)); - comp->id=id; - comp->method=cm; - if (ssl_comp_methods == NULL) - sk=ssl_comp_methods=sk_SSL_COMP_new(sk_comp_cmp); - else - sk=ssl_comp_methods; - if ((sk == NULL) || !sk_SSL_COMP_push(sk,comp)) - { - SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,ERR_R_MALLOC_FAILURE); - return(0); - } - else - return(1); - } - diff --git a/src/lib/libssl/ssl_err.c b/src/lib/libssl/ssl_err.c deleted file mode 100644 index 17b4caf528..0000000000 --- a/src/lib/libssl/ssl_err.c +++ /dev/null @@ -1,431 +0,0 @@ -/* ssl/ssl_err.c */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* NOTE: this file was auto generated by the mkerr.pl script: any changes - * made to it will be overwritten when the script next updates this file, - * only reason strings will be preserved. - */ - -#include -#include -#include - -/* BEGIN ERROR CODES */ -#ifndef NO_ERR -static ERR_STRING_DATA SSL_str_functs[]= - { -{ERR_PACK(0,SSL_F_CLIENT_CERTIFICATE,0), "CLIENT_CERTIFICATE"}, -{ERR_PACK(0,SSL_F_CLIENT_HELLO,0), "CLIENT_HELLO"}, -{ERR_PACK(0,SSL_F_CLIENT_MASTER_KEY,0), "CLIENT_MASTER_KEY"}, -{ERR_PACK(0,SSL_F_D2I_SSL_SESSION,0), "d2i_SSL_SESSION"}, -{ERR_PACK(0,SSL_F_DO_SSL3_WRITE,0), "DO_SSL3_WRITE"}, -{ERR_PACK(0,SSL_F_GET_CLIENT_FINISHED,0), "GET_CLIENT_FINISHED"}, -{ERR_PACK(0,SSL_F_GET_CLIENT_HELLO,0), "GET_CLIENT_HELLO"}, -{ERR_PACK(0,SSL_F_GET_CLIENT_MASTER_KEY,0), "GET_CLIENT_MASTER_KEY"}, -{ERR_PACK(0,SSL_F_GET_SERVER_FINISHED,0), "GET_SERVER_FINISHED"}, -{ERR_PACK(0,SSL_F_GET_SERVER_HELLO,0), "GET_SERVER_HELLO"}, -{ERR_PACK(0,SSL_F_GET_SERVER_VERIFY,0), "GET_SERVER_VERIFY"}, -{ERR_PACK(0,SSL_F_I2D_SSL_SESSION,0), "i2d_SSL_SESSION"}, -{ERR_PACK(0,SSL_F_READ_N,0), "READ_N"}, -{ERR_PACK(0,SSL_F_REQUEST_CERTIFICATE,0), "REQUEST_CERTIFICATE"}, -{ERR_PACK(0,SSL_F_SERVER_HELLO,0), "SERVER_HELLO"}, -{ERR_PACK(0,SSL_F_SSL23_ACCEPT,0), "SSL23_ACCEPT"}, -{ERR_PACK(0,SSL_F_SSL23_CLIENT_HELLO,0), "SSL23_CLIENT_HELLO"}, -{ERR_PACK(0,SSL_F_SSL23_CONNECT,0), "SSL23_CONNECT"}, -{ERR_PACK(0,SSL_F_SSL23_GET_CLIENT_HELLO,0), "SSL23_GET_CLIENT_HELLO"}, -{ERR_PACK(0,SSL_F_SSL23_GET_SERVER_HELLO,0), "SSL23_GET_SERVER_HELLO"}, -{ERR_PACK(0,SSL_F_SSL23_READ,0), "SSL23_READ"}, -{ERR_PACK(0,SSL_F_SSL23_WRITE,0), "SSL23_WRITE"}, -{ERR_PACK(0,SSL_F_SSL2_ACCEPT,0), "SSL2_ACCEPT"}, -{ERR_PACK(0,SSL_F_SSL2_CONNECT,0), "SSL2_CONNECT"}, -{ERR_PACK(0,SSL_F_SSL2_ENC_INIT,0), "SSL2_ENC_INIT"}, -{ERR_PACK(0,SSL_F_SSL2_READ,0), "SSL2_READ"}, -{ERR_PACK(0,SSL_F_SSL2_SET_CERTIFICATE,0), "SSL2_SET_CERTIFICATE"}, -{ERR_PACK(0,SSL_F_SSL2_WRITE,0), "SSL2_WRITE"}, -{ERR_PACK(0,SSL_F_SSL3_ACCEPT,0), "SSL3_ACCEPT"}, -{ERR_PACK(0,SSL_F_SSL3_CALLBACK_CTRL,0), "SSL3_CALLBACK_CTRL"}, -{ERR_PACK(0,SSL_F_SSL3_CHANGE_CIPHER_STATE,0), "SSL3_CHANGE_CIPHER_STATE"}, -{ERR_PACK(0,SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,0), "SSL3_CHECK_CERT_AND_ALGORITHM"}, -{ERR_PACK(0,SSL_F_SSL3_CLIENT_HELLO,0), "SSL3_CLIENT_HELLO"}, -{ERR_PACK(0,SSL_F_SSL3_CONNECT,0), "SSL3_CONNECT"}, -{ERR_PACK(0,SSL_F_SSL3_CTRL,0), "SSL3_CTRL"}, -{ERR_PACK(0,SSL_F_SSL3_CTX_CTRL,0), "SSL3_CTX_CTRL"}, -{ERR_PACK(0,SSL_F_SSL3_ENC,0), "SSL3_ENC"}, -{ERR_PACK(0,SSL_F_SSL3_GET_CERTIFICATE_REQUEST,0), "SSL3_GET_CERTIFICATE_REQUEST"}, -{ERR_PACK(0,SSL_F_SSL3_GET_CERT_VERIFY,0), "SSL3_GET_CERT_VERIFY"}, -{ERR_PACK(0,SSL_F_SSL3_GET_CLIENT_CERTIFICATE,0), "SSL3_GET_CLIENT_CERTIFICATE"}, -{ERR_PACK(0,SSL_F_SSL3_GET_CLIENT_HELLO,0), "SSL3_GET_CLIENT_HELLO"}, -{ERR_PACK(0,SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,0), "SSL3_GET_CLIENT_KEY_EXCHANGE"}, -{ERR_PACK(0,SSL_F_SSL3_GET_FINISHED,0), "SSL3_GET_FINISHED"}, -{ERR_PACK(0,SSL_F_SSL3_GET_KEY_EXCHANGE,0), "SSL3_GET_KEY_EXCHANGE"}, -{ERR_PACK(0,SSL_F_SSL3_GET_MESSAGE,0), "SSL3_GET_MESSAGE"}, -{ERR_PACK(0,SSL_F_SSL3_GET_RECORD,0), "SSL3_GET_RECORD"}, -{ERR_PACK(0,SSL_F_SSL3_GET_SERVER_CERTIFICATE,0), "SSL3_GET_SERVER_CERTIFICATE"}, -{ERR_PACK(0,SSL_F_SSL3_GET_SERVER_DONE,0), "SSL3_GET_SERVER_DONE"}, -{ERR_PACK(0,SSL_F_SSL3_GET_SERVER_HELLO,0), "SSL3_GET_SERVER_HELLO"}, -{ERR_PACK(0,SSL_F_SSL3_OUTPUT_CERT_CHAIN,0), "SSL3_OUTPUT_CERT_CHAIN"}, -{ERR_PACK(0,SSL_F_SSL3_READ_BYTES,0), "SSL3_READ_BYTES"}, -{ERR_PACK(0,SSL_F_SSL3_READ_N,0), "SSL3_READ_N"}, -{ERR_PACK(0,SSL_F_SSL3_SEND_CERTIFICATE_REQUEST,0), "SSL3_SEND_CERTIFICATE_REQUEST"}, -{ERR_PACK(0,SSL_F_SSL3_SEND_CLIENT_CERTIFICATE,0), "SSL3_SEND_CLIENT_CERTIFICATE"}, -{ERR_PACK(0,SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,0), "SSL3_SEND_CLIENT_KEY_EXCHANGE"}, -{ERR_PACK(0,SSL_F_SSL3_SEND_CLIENT_VERIFY,0), "SSL3_SEND_CLIENT_VERIFY"}, -{ERR_PACK(0,SSL_F_SSL3_SEND_SERVER_CERTIFICATE,0), "SSL3_SEND_SERVER_CERTIFICATE"}, -{ERR_PACK(0,SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,0), "SSL3_SEND_SERVER_KEY_EXCHANGE"}, -{ERR_PACK(0,SSL_F_SSL3_SETUP_BUFFERS,0), "SSL3_SETUP_BUFFERS"}, -{ERR_PACK(0,SSL_F_SSL3_SETUP_KEY_BLOCK,0), "SSL3_SETUP_KEY_BLOCK"}, -{ERR_PACK(0,SSL_F_SSL3_WRITE_BYTES,0), "SSL3_WRITE_BYTES"}, -{ERR_PACK(0,SSL_F_SSL3_WRITE_PENDING,0), "SSL3_WRITE_PENDING"}, -{ERR_PACK(0,SSL_F_SSL_ADD_DIR_CERT_SUBJECTS_TO_STACK,0), "SSL_add_dir_cert_subjects_to_stack"}, -{ERR_PACK(0,SSL_F_SSL_ADD_FILE_CERT_SUBJECTS_TO_STACK,0), "SSL_add_file_cert_subjects_to_stack"}, -{ERR_PACK(0,SSL_F_SSL_BAD_METHOD,0), "SSL_BAD_METHOD"}, -{ERR_PACK(0,SSL_F_SSL_BYTES_TO_CIPHER_LIST,0), "SSL_BYTES_TO_CIPHER_LIST"}, -{ERR_PACK(0,SSL_F_SSL_CERT_DUP,0), "SSL_CERT_DUP"}, -{ERR_PACK(0,SSL_F_SSL_CERT_INST,0), "SSL_CERT_INST"}, -{ERR_PACK(0,SSL_F_SSL_CERT_INSTANTIATE,0), "SSL_CERT_INSTANTIATE"}, -{ERR_PACK(0,SSL_F_SSL_CERT_NEW,0), "SSL_CERT_NEW"}, -{ERR_PACK(0,SSL_F_SSL_CHECK_PRIVATE_KEY,0), "SSL_check_private_key"}, -{ERR_PACK(0,SSL_F_SSL_CIPHER_PROCESS_RULESTR,0), "SSL_CIPHER_PROCESS_RULESTR"}, -{ERR_PACK(0,SSL_F_SSL_CIPHER_STRENGTH_SORT,0), "SSL_CIPHER_STRENGTH_SORT"}, -{ERR_PACK(0,SSL_F_SSL_CLEAR,0), "SSL_clear"}, -{ERR_PACK(0,SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,0), "SSL_COMP_add_compression_method"}, -{ERR_PACK(0,SSL_F_SSL_CREATE_CIPHER_LIST,0), "SSL_CREATE_CIPHER_LIST"}, -{ERR_PACK(0,SSL_F_SSL_CTRL,0), "SSL_ctrl"}, -{ERR_PACK(0,SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,0), "SSL_CTX_check_private_key"}, -{ERR_PACK(0,SSL_F_SSL_CTX_NEW,0), "SSL_CTX_new"}, -{ERR_PACK(0,SSL_F_SSL_CTX_SET_PURPOSE,0), "SSL_CTX_set_purpose"}, -{ERR_PACK(0,SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT,0), "SSL_CTX_set_session_id_context"}, -{ERR_PACK(0,SSL_F_SSL_CTX_SET_SSL_VERSION,0), "SSL_CTX_set_ssl_version"}, -{ERR_PACK(0,SSL_F_SSL_CTX_SET_TRUST,0), "SSL_CTX_set_trust"}, -{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE,0), "SSL_CTX_use_certificate"}, -{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1,0), "SSL_CTX_use_certificate_ASN1"}, -{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE,0), "SSL_CTX_use_certificate_chain_file"}, -{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,0), "SSL_CTX_use_certificate_file"}, -{ERR_PACK(0,SSL_F_SSL_CTX_USE_PRIVATEKEY,0), "SSL_CTX_use_PrivateKey"}, -{ERR_PACK(0,SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1,0), "SSL_CTX_use_PrivateKey_ASN1"}, -{ERR_PACK(0,SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,0), "SSL_CTX_use_PrivateKey_file"}, -{ERR_PACK(0,SSL_F_SSL_CTX_USE_RSAPRIVATEKEY,0), "SSL_CTX_use_RSAPrivateKey"}, -{ERR_PACK(0,SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1,0), "SSL_CTX_use_RSAPrivateKey_ASN1"}, -{ERR_PACK(0,SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,0), "SSL_CTX_use_RSAPrivateKey_file"}, -{ERR_PACK(0,SSL_F_SSL_DO_HANDSHAKE,0), "SSL_do_handshake"}, -{ERR_PACK(0,SSL_F_SSL_GET_NEW_SESSION,0), "SSL_GET_NEW_SESSION"}, -{ERR_PACK(0,SSL_F_SSL_GET_PREV_SESSION,0), "SSL_GET_PREV_SESSION"}, -{ERR_PACK(0,SSL_F_SSL_GET_SERVER_SEND_CERT,0), "SSL_GET_SERVER_SEND_CERT"}, -{ERR_PACK(0,SSL_F_SSL_GET_SIGN_PKEY,0), "SSL_GET_SIGN_PKEY"}, -{ERR_PACK(0,SSL_F_SSL_INIT_WBIO_BUFFER,0), "SSL_INIT_WBIO_BUFFER"}, -{ERR_PACK(0,SSL_F_SSL_LOAD_CLIENT_CA_FILE,0), "SSL_load_client_CA_file"}, -{ERR_PACK(0,SSL_F_SSL_NEW,0), "SSL_new"}, -{ERR_PACK(0,SSL_F_SSL_READ,0), "SSL_read"}, -{ERR_PACK(0,SSL_F_SSL_RSA_PRIVATE_DECRYPT,0), "SSL_RSA_PRIVATE_DECRYPT"}, -{ERR_PACK(0,SSL_F_SSL_RSA_PUBLIC_ENCRYPT,0), "SSL_RSA_PUBLIC_ENCRYPT"}, -{ERR_PACK(0,SSL_F_SSL_SESSION_NEW,0), "SSL_SESSION_new"}, -{ERR_PACK(0,SSL_F_SSL_SESSION_PRINT_FP,0), "SSL_SESSION_print_fp"}, -{ERR_PACK(0,SSL_F_SSL_SESS_CERT_NEW,0), "SSL_SESS_CERT_NEW"}, -{ERR_PACK(0,SSL_F_SSL_SET_CERT,0), "SSL_SET_CERT"}, -{ERR_PACK(0,SSL_F_SSL_SET_FD,0), "SSL_set_fd"}, -{ERR_PACK(0,SSL_F_SSL_SET_PKEY,0), "SSL_SET_PKEY"}, -{ERR_PACK(0,SSL_F_SSL_SET_PURPOSE,0), "SSL_set_purpose"}, -{ERR_PACK(0,SSL_F_SSL_SET_RFD,0), "SSL_set_rfd"}, -{ERR_PACK(0,SSL_F_SSL_SET_SESSION,0), "SSL_set_session"}, -{ERR_PACK(0,SSL_F_SSL_SET_SESSION_ID_CONTEXT,0), "SSL_set_session_id_context"}, -{ERR_PACK(0,SSL_F_SSL_SET_TRUST,0), "SSL_set_trust"}, -{ERR_PACK(0,SSL_F_SSL_SET_WFD,0), "SSL_set_wfd"}, -{ERR_PACK(0,SSL_F_SSL_SHUTDOWN,0), "SSL_shutdown"}, -{ERR_PACK(0,SSL_F_SSL_UNDEFINED_FUNCTION,0), "SSL_UNDEFINED_FUNCTION"}, -{ERR_PACK(0,SSL_F_SSL_USE_CERTIFICATE,0), "SSL_use_certificate"}, -{ERR_PACK(0,SSL_F_SSL_USE_CERTIFICATE_ASN1,0), "SSL_use_certificate_ASN1"}, -{ERR_PACK(0,SSL_F_SSL_USE_CERTIFICATE_FILE,0), "SSL_use_certificate_file"}, -{ERR_PACK(0,SSL_F_SSL_USE_PRIVATEKEY,0), "SSL_use_PrivateKey"}, -{ERR_PACK(0,SSL_F_SSL_USE_PRIVATEKEY_ASN1,0), "SSL_use_PrivateKey_ASN1"}, -{ERR_PACK(0,SSL_F_SSL_USE_PRIVATEKEY_FILE,0), "SSL_use_PrivateKey_file"}, -{ERR_PACK(0,SSL_F_SSL_USE_RSAPRIVATEKEY,0), "SSL_use_RSAPrivateKey"}, -{ERR_PACK(0,SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1,0), "SSL_use_RSAPrivateKey_ASN1"}, -{ERR_PACK(0,SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,0), "SSL_use_RSAPrivateKey_file"}, -{ERR_PACK(0,SSL_F_SSL_VERIFY_CERT_CHAIN,0), "SSL_VERIFY_CERT_CHAIN"}, -{ERR_PACK(0,SSL_F_SSL_WRITE,0), "SSL_write"}, -{ERR_PACK(0,SSL_F_TLS1_CHANGE_CIPHER_STATE,0), "TLS1_CHANGE_CIPHER_STATE"}, -{ERR_PACK(0,SSL_F_TLS1_ENC,0), "TLS1_ENC"}, -{ERR_PACK(0,SSL_F_TLS1_SETUP_KEY_BLOCK,0), "TLS1_SETUP_KEY_BLOCK"}, -{ERR_PACK(0,SSL_F_WRITE_PENDING,0), "WRITE_PENDING"}, -{0,NULL} - }; - -static ERR_STRING_DATA SSL_str_reasons[]= - { -{SSL_R_APP_DATA_IN_HANDSHAKE ,"app data in handshake"}, -{SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT,"attempt to reuse session in different context"}, -{SSL_R_BAD_ALERT_RECORD ,"bad alert record"}, -{SSL_R_BAD_AUTHENTICATION_TYPE ,"bad authentication type"}, -{SSL_R_BAD_CHANGE_CIPHER_SPEC ,"bad change cipher spec"}, -{SSL_R_BAD_CHECKSUM ,"bad checksum"}, -{SSL_R_BAD_DATA_RETURNED_BY_CALLBACK ,"bad data returned by callback"}, -{SSL_R_BAD_DECOMPRESSION ,"bad decompression"}, -{SSL_R_BAD_DH_G_LENGTH ,"bad dh g length"}, -{SSL_R_BAD_DH_PUB_KEY_LENGTH ,"bad dh pub key length"}, -{SSL_R_BAD_DH_P_LENGTH ,"bad dh p length"}, -{SSL_R_BAD_DIGEST_LENGTH ,"bad digest length"}, -{SSL_R_BAD_DSA_SIGNATURE ,"bad dsa signature"}, -{SSL_R_BAD_HELLO_REQUEST ,"bad hello request"}, -{SSL_R_BAD_LENGTH ,"bad length"}, -{SSL_R_BAD_MAC_DECODE ,"bad mac decode"}, -{SSL_R_BAD_MESSAGE_TYPE ,"bad message type"}, -{SSL_R_BAD_PACKET_LENGTH ,"bad packet length"}, -{SSL_R_BAD_PROTOCOL_VERSION_NUMBER ,"bad protocol version number"}, -{SSL_R_BAD_RESPONSE_ARGUMENT ,"bad response argument"}, -{SSL_R_BAD_RSA_DECRYPT ,"bad rsa decrypt"}, -{SSL_R_BAD_RSA_ENCRYPT ,"bad rsa encrypt"}, -{SSL_R_BAD_RSA_E_LENGTH ,"bad rsa e length"}, -{SSL_R_BAD_RSA_MODULUS_LENGTH ,"bad rsa modulus length"}, -{SSL_R_BAD_RSA_SIGNATURE ,"bad rsa signature"}, -{SSL_R_BAD_SIGNATURE ,"bad signature"}, -{SSL_R_BAD_SSL_FILETYPE ,"bad ssl filetype"}, -{SSL_R_BAD_SSL_SESSION_ID_LENGTH ,"bad ssl session id length"}, -{SSL_R_BAD_STATE ,"bad state"}, -{SSL_R_BAD_WRITE_RETRY ,"bad write retry"}, -{SSL_R_BIO_NOT_SET ,"bio not set"}, -{SSL_R_BLOCK_CIPHER_PAD_IS_WRONG ,"block cipher pad is wrong"}, -{SSL_R_BN_LIB ,"bn lib"}, -{SSL_R_CA_DN_LENGTH_MISMATCH ,"ca dn length mismatch"}, -{SSL_R_CA_DN_TOO_LONG ,"ca dn too long"}, -{SSL_R_CCS_RECEIVED_EARLY ,"ccs received early"}, -{SSL_R_CERTIFICATE_VERIFY_FAILED ,"certificate verify failed"}, -{SSL_R_CERT_LENGTH_MISMATCH ,"cert length mismatch"}, -{SSL_R_CHALLENGE_IS_DIFFERENT ,"challenge is different"}, -{SSL_R_CIPHER_CODE_WRONG_LENGTH ,"cipher code wrong length"}, -{SSL_R_CIPHER_OR_HASH_UNAVAILABLE ,"cipher or hash unavailable"}, -{SSL_R_CIPHER_TABLE_SRC_ERROR ,"cipher table src error"}, -{SSL_R_COMPRESSED_LENGTH_TOO_LONG ,"compressed length too long"}, -{SSL_R_COMPRESSION_FAILURE ,"compression failure"}, -{SSL_R_COMPRESSION_LIBRARY_ERROR ,"compression library error"}, -{SSL_R_CONNECTION_ID_IS_DIFFERENT ,"connection id is different"}, -{SSL_R_CONNECTION_TYPE_NOT_SET ,"connection type not set"}, -{SSL_R_DATA_BETWEEN_CCS_AND_FINISHED ,"data between ccs and finished"}, -{SSL_R_DATA_LENGTH_TOO_LONG ,"data length too long"}, -{SSL_R_DECRYPTION_FAILED ,"decryption failed"}, -{SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG ,"dh public value length is wrong"}, -{SSL_R_DIGEST_CHECK_FAILED ,"digest check failed"}, -{SSL_R_ENCRYPTED_LENGTH_TOO_LONG ,"encrypted length too long"}, -{SSL_R_ERROR_GENERATING_TMP_RSA_KEY ,"error generating tmp rsa key"}, -{SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST ,"error in received cipher list"}, -{SSL_R_EXCESSIVE_MESSAGE_SIZE ,"excessive message size"}, -{SSL_R_EXTRA_DATA_IN_MESSAGE ,"extra data in message"}, -{SSL_R_GOT_A_FIN_BEFORE_A_CCS ,"got a fin before a ccs"}, -{SSL_R_HTTPS_PROXY_REQUEST ,"https proxy request"}, -{SSL_R_HTTP_REQUEST ,"http request"}, -{SSL_R_INTERNAL_ERROR ,"internal error"}, -{SSL_R_INVALID_CHALLENGE_LENGTH ,"invalid challenge length"}, -{SSL_R_INVALID_COMMAND ,"invalid command"}, -{SSL_R_INVALID_PURPOSE ,"invalid purpose"}, -{SSL_R_INVALID_TRUST ,"invalid trust"}, -{SSL_R_LENGTH_MISMATCH ,"length mismatch"}, -{SSL_R_LENGTH_TOO_SHORT ,"length too short"}, -{SSL_R_LIBRARY_BUG ,"library bug"}, -{SSL_R_LIBRARY_HAS_NO_CIPHERS ,"library has no ciphers"}, -{SSL_R_MISSING_DH_DSA_CERT ,"missing dh dsa cert"}, -{SSL_R_MISSING_DH_KEY ,"missing dh key"}, -{SSL_R_MISSING_DH_RSA_CERT ,"missing dh rsa cert"}, -{SSL_R_MISSING_DSA_SIGNING_CERT ,"missing dsa signing cert"}, -{SSL_R_MISSING_EXPORT_TMP_DH_KEY ,"missing export tmp dh key"}, -{SSL_R_MISSING_EXPORT_TMP_RSA_KEY ,"missing export tmp rsa key"}, -{SSL_R_MISSING_RSA_CERTIFICATE ,"missing rsa certificate"}, -{SSL_R_MISSING_RSA_ENCRYPTING_CERT ,"missing rsa encrypting cert"}, -{SSL_R_MISSING_RSA_SIGNING_CERT ,"missing rsa signing cert"}, -{SSL_R_MISSING_TMP_DH_KEY ,"missing tmp dh key"}, -{SSL_R_MISSING_TMP_RSA_KEY ,"missing tmp rsa key"}, -{SSL_R_MISSING_TMP_RSA_PKEY ,"missing tmp rsa pkey"}, -{SSL_R_MISSING_VERIFY_MESSAGE ,"missing verify message"}, -{SSL_R_NON_SSLV2_INITIAL_PACKET ,"non sslv2 initial packet"}, -{SSL_R_NO_CERTIFICATES_RETURNED ,"no certificates returned"}, -{SSL_R_NO_CERTIFICATE_ASSIGNED ,"no certificate assigned"}, -{SSL_R_NO_CERTIFICATE_RETURNED ,"no certificate returned"}, -{SSL_R_NO_CERTIFICATE_SET ,"no certificate set"}, -{SSL_R_NO_CERTIFICATE_SPECIFIED ,"no certificate specified"}, -{SSL_R_NO_CIPHERS_AVAILABLE ,"no ciphers available"}, -{SSL_R_NO_CIPHERS_PASSED ,"no ciphers passed"}, -{SSL_R_NO_CIPHERS_SPECIFIED ,"no ciphers specified"}, -{SSL_R_NO_CIPHER_LIST ,"no cipher list"}, -{SSL_R_NO_CIPHER_MATCH ,"no cipher match"}, -{SSL_R_NO_CLIENT_CERT_RECEIVED ,"no client cert received"}, -{SSL_R_NO_COMPRESSION_SPECIFIED ,"no compression specified"}, -{SSL_R_NO_METHOD_SPECIFIED ,"no method specified"}, -{SSL_R_NO_PRIVATEKEY ,"no privatekey"}, -{SSL_R_NO_PRIVATE_KEY_ASSIGNED ,"no private key assigned"}, -{SSL_R_NO_PROTOCOLS_AVAILABLE ,"no protocols available"}, -{SSL_R_NO_PUBLICKEY ,"no publickey"}, -{SSL_R_NO_SHARED_CIPHER ,"no shared cipher"}, -{SSL_R_NO_VERIFY_CALLBACK ,"no verify callback"}, -{SSL_R_NULL_SSL_CTX ,"null ssl ctx"}, -{SSL_R_NULL_SSL_METHOD_PASSED ,"null ssl method passed"}, -{SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED ,"old session cipher not returned"}, -{SSL_R_PACKET_LENGTH_TOO_LONG ,"packet length too long"}, -{SSL_R_PATH_TOO_LONG ,"path too long"}, -{SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE ,"peer did not return a certificate"}, -{SSL_R_PEER_ERROR ,"peer error"}, -{SSL_R_PEER_ERROR_CERTIFICATE ,"peer error certificate"}, -{SSL_R_PEER_ERROR_NO_CERTIFICATE ,"peer error no certificate"}, -{SSL_R_PEER_ERROR_NO_CIPHER ,"peer error no cipher"}, -{SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE,"peer error unsupported certificate type"}, -{SSL_R_PRE_MAC_LENGTH_TOO_LONG ,"pre mac length too long"}, -{SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS ,"problems mapping cipher functions"}, -{SSL_R_PROTOCOL_IS_SHUTDOWN ,"protocol is shutdown"}, -{SSL_R_PUBLIC_KEY_ENCRYPT_ERROR ,"public key encrypt error"}, -{SSL_R_PUBLIC_KEY_IS_NOT_RSA ,"public key is not rsa"}, -{SSL_R_PUBLIC_KEY_NOT_RSA ,"public key not rsa"}, -{SSL_R_READ_BIO_NOT_SET ,"read bio not set"}, -{SSL_R_READ_WRONG_PACKET_TYPE ,"read wrong packet type"}, -{SSL_R_RECORD_LENGTH_MISMATCH ,"record length mismatch"}, -{SSL_R_RECORD_TOO_LARGE ,"record too large"}, -{SSL_R_RECORD_TOO_SMALL ,"record too small"}, -{SSL_R_REQUIRED_CIPHER_MISSING ,"required cipher missing"}, -{SSL_R_REUSE_CERT_LENGTH_NOT_ZERO ,"reuse cert length not zero"}, -{SSL_R_REUSE_CERT_TYPE_NOT_ZERO ,"reuse cert type not zero"}, -{SSL_R_REUSE_CIPHER_LIST_NOT_ZERO ,"reuse cipher list not zero"}, -{SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED ,"session id context uninitialized"}, -{SSL_R_SHORT_READ ,"short read"}, -{SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE,"signature for non signing certificate"}, -{SSL_R_SSL23_DOING_SESSION_ID_REUSE ,"ssl23 doing session id reuse"}, -{SSL_R_SSL3_SESSION_ID_TOO_SHORT ,"ssl3 session id too short"}, -{SSL_R_SSLV3_ALERT_BAD_CERTIFICATE ,"sslv3 alert bad certificate"}, -{SSL_R_SSLV3_ALERT_BAD_RECORD_MAC ,"sslv3 alert bad record mac"}, -{SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED ,"sslv3 alert certificate expired"}, -{SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED ,"sslv3 alert certificate revoked"}, -{SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN ,"sslv3 alert certificate unknown"}, -{SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE ,"sslv3 alert decompression failure"}, -{SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE ,"sslv3 alert handshake failure"}, -{SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER ,"sslv3 alert illegal parameter"}, -{SSL_R_SSLV3_ALERT_NO_CERTIFICATE ,"sslv3 alert no certificate"}, -{SSL_R_SSLV3_ALERT_PEER_ERROR_CERTIFICATE,"sslv3 alert peer error certificate"}, -{SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CERTIFICATE,"sslv3 alert peer error no certificate"}, -{SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CIPHER ,"sslv3 alert peer error no cipher"}, -{SSL_R_SSLV3_ALERT_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE,"sslv3 alert peer error unsupported certificate type"}, -{SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE ,"sslv3 alert unexpected message"}, -{SSL_R_SSLV3_ALERT_UNKNOWN_REMOTE_ERROR_TYPE,"sslv3 alert unknown remote error type"}, -{SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE,"sslv3 alert unsupported certificate"}, -{SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION,"ssl ctx has no default ssl version"}, -{SSL_R_SSL_HANDSHAKE_FAILURE ,"ssl handshake failure"}, -{SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS ,"ssl library has no ciphers"}, -{SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG ,"ssl session id context too long"}, -{SSL_R_SSL_SESSION_ID_IS_DIFFERENT ,"ssl session id is different"}, -{SSL_R_TLSV1_ALERT_ACCESS_DENIED ,"tlsv1 alert access denied"}, -{SSL_R_TLSV1_ALERT_DECODE_ERROR ,"tlsv1 alert decode error"}, -{SSL_R_TLSV1_ALERT_DECRYPTION_FAILED ,"tlsv1 alert decryption failed"}, -{SSL_R_TLSV1_ALERT_DECRYPT_ERROR ,"tlsv1 alert decrypt error"}, -{SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION ,"tlsv1 alert export restriction"}, -{SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY ,"tlsv1 alert insufficient security"}, -{SSL_R_TLSV1_ALERT_INTERNAL_ERROR ,"tlsv1 alert internal error"}, -{SSL_R_TLSV1_ALERT_NO_RENEGOTIATION ,"tlsv1 alert no renegotiation"}, -{SSL_R_TLSV1_ALERT_PROTOCOL_VERSION ,"tlsv1 alert protocol version"}, -{SSL_R_TLSV1_ALERT_RECORD_OVERFLOW ,"tlsv1 alert record overflow"}, -{SSL_R_TLSV1_ALERT_UNKNOWN_CA ,"tlsv1 alert unknown ca"}, -{SSL_R_TLSV1_ALERT_USER_CANCELLED ,"tlsv1 alert user cancelled"}, -{SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER,"tls client cert req with anon cipher"}, -{SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST,"tls peer did not respond with certificate list"}, -{SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG,"tls rsa encrypted value length is wrong"}, -{SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER ,"tried to use unsupported cipher"}, -{SSL_R_UNABLE_TO_DECODE_DH_CERTS ,"unable to decode dh certs"}, -{SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY ,"unable to extract public key"}, -{SSL_R_UNABLE_TO_FIND_DH_PARAMETERS ,"unable to find dh parameters"}, -{SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS,"unable to find public key parameters"}, -{SSL_R_UNABLE_TO_FIND_SSL_METHOD ,"unable to find ssl method"}, -{SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES ,"unable to load ssl2 md5 routines"}, -{SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES ,"unable to load ssl3 md5 routines"}, -{SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES ,"unable to load ssl3 sha1 routines"}, -{SSL_R_UNEXPECTED_MESSAGE ,"unexpected message"}, -{SSL_R_UNEXPECTED_RECORD ,"unexpected record"}, -{SSL_R_UNINITIALIZED ,"uninitialized"}, -{SSL_R_UNKNOWN_ALERT_TYPE ,"unknown alert type"}, -{SSL_R_UNKNOWN_CERTIFICATE_TYPE ,"unknown certificate type"}, -{SSL_R_UNKNOWN_CIPHER_RETURNED ,"unknown cipher returned"}, -{SSL_R_UNKNOWN_CIPHER_TYPE ,"unknown cipher type"}, -{SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE ,"unknown key exchange type"}, -{SSL_R_UNKNOWN_PKEY_TYPE ,"unknown pkey type"}, -{SSL_R_UNKNOWN_PROTOCOL ,"unknown protocol"}, -{SSL_R_UNKNOWN_REMOTE_ERROR_TYPE ,"unknown remote error type"}, -{SSL_R_UNKNOWN_SSL_VERSION ,"unknown ssl version"}, -{SSL_R_UNKNOWN_STATE ,"unknown state"}, -{SSL_R_UNSUPPORTED_CIPHER ,"unsupported cipher"}, -{SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM ,"unsupported compression algorithm"}, -{SSL_R_UNSUPPORTED_OPTION ,"unsupported option"}, -{SSL_R_UNSUPPORTED_PROTOCOL ,"unsupported protocol"}, -{SSL_R_UNSUPPORTED_SSL_VERSION ,"unsupported ssl version"}, -{SSL_R_WRITE_BIO_NOT_SET ,"write bio not set"}, -{SSL_R_WRONG_CIPHER_RETURNED ,"wrong cipher returned"}, -{SSL_R_WRONG_MESSAGE_TYPE ,"wrong message type"}, -{SSL_R_WRONG_NUMBER_OF_KEY_BITS ,"wrong number of key bits"}, -{SSL_R_WRONG_SIGNATURE_LENGTH ,"wrong signature length"}, -{SSL_R_WRONG_SIGNATURE_SIZE ,"wrong signature size"}, -{SSL_R_WRONG_SSL_VERSION ,"wrong ssl version"}, -{SSL_R_WRONG_VERSION_NUMBER ,"wrong version number"}, -{SSL_R_X509_LIB ,"x509 lib"}, -{SSL_R_X509_VERIFICATION_SETUP_PROBLEMS ,"x509 verification setup problems"}, -{0,NULL} - }; - -#endif - -void ERR_load_SSL_strings(void) - { - static int init=1; - - if (init) - { - init=0; -#ifndef NO_ERR - ERR_load_strings(ERR_LIB_SSL,SSL_str_functs); - ERR_load_strings(ERR_LIB_SSL,SSL_str_reasons); -#endif - - } - } diff --git a/src/lib/libssl/ssl_err2.c b/src/lib/libssl/ssl_err2.c deleted file mode 100644 index cc089a612b..0000000000 --- a/src/lib/libssl/ssl_err2.c +++ /dev/null @@ -1,70 +0,0 @@ -/* ssl/ssl_err2.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include - -void SSL_load_error_strings(void) - { -#ifndef NO_ERR - ERR_load_crypto_strings(); - ERR_load_SSL_strings(); -#endif - } - diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c deleted file mode 100644 index 635b25062e..0000000000 --- a/src/lib/libssl/ssl_lib.c +++ /dev/null @@ -1,2061 +0,0 @@ -/*! \file ssl/ssl_lib.c - * \brief Version independent SSL functions. - */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - - -#include -#include -#include -#include -#include -#include "ssl_locl.h" - -const char *SSL_version_str=OPENSSL_VERSION_TEXT; - -static STACK_OF(CRYPTO_EX_DATA_FUNCS) *ssl_meth=NULL; -static STACK_OF(CRYPTO_EX_DATA_FUNCS) *ssl_ctx_meth=NULL; -static int ssl_meth_num=0; -static int ssl_ctx_meth_num=0; - -OPENSSL_GLOBAL SSL3_ENC_METHOD ssl3_undef_enc_method={ - /* evil casts, but these functions are only called if there's a library bug */ - (int (*)(SSL *,int))ssl_undefined_function, - (int (*)(SSL *, unsigned char *, int))ssl_undefined_function, - ssl_undefined_function, - (int (*)(SSL *, unsigned char *, unsigned char *, int))ssl_undefined_function, - (int (*)(SSL*, int))ssl_undefined_function, - (int (*)(SSL *, EVP_MD_CTX *, EVP_MD_CTX *, const char*, int, unsigned char *))ssl_undefined_function - }; - -int SSL_clear(SSL *s) - { - int state; - - if (s->method == NULL) - { - SSLerr(SSL_F_SSL_CLEAR,SSL_R_NO_METHOD_SPECIFIED); - return(0); - } - - s->error=0; - s->hit=0; - s->shutdown=0; - -#if 0 /* Disabled since version 1.10 of this file (early return not - * needed because SSL_clear is not called when doing renegotiation) */ - /* This is set if we are doing dynamic renegotiation so keep - * the old cipher. It is sort of a SSL_clear_lite :-) */ - if (s->new_session) return(1); -#else - if (s->new_session) - { - SSLerr(SSL_F_SSL_CLEAR,SSL_R_INTERNAL_ERROR); - return 0; - } -#endif - - state=s->state; /* Keep to check if we throw away the session-id */ - s->type=0; - - s->state=SSL_ST_BEFORE|((s->server)?SSL_ST_ACCEPT:SSL_ST_CONNECT); - - s->version=s->method->version; - s->client_version=s->version; - s->rwstate=SSL_NOTHING; - s->rstate=SSL_ST_READ_HEADER; - s->read_ahead=s->ctx->read_ahead; - - if (s->init_buf != NULL) - { - BUF_MEM_free(s->init_buf); - s->init_buf=NULL; - } - - ssl_clear_cipher_ctx(s); - - if (ssl_clear_bad_session(s)) - { - SSL_SESSION_free(s->session); - s->session=NULL; - } - - s->first_packet=0; - -#if 1 - /* Check to see if we were changed into a different method, if - * so, revert back if we are not doing session-id reuse. */ - if ((s->session == NULL) && (s->method != s->ctx->method)) - { - s->method->ssl_free(s); - s->method=s->ctx->method; - if (!s->method->ssl_new(s)) - return(0); - } - else -#endif - s->method->ssl_clear(s); - return(1); - } - -/** Used to change an SSL_CTXs default SSL method type */ -int SSL_CTX_set_ssl_version(SSL_CTX *ctx,SSL_METHOD *meth) - { - STACK_OF(SSL_CIPHER) *sk; - - ctx->method=meth; - - sk=ssl_create_cipher_list(ctx->method,&(ctx->cipher_list), - &(ctx->cipher_list_by_id),SSL_DEFAULT_CIPHER_LIST); - if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0)) - { - SSLerr(SSL_F_SSL_CTX_SET_SSL_VERSION,SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS); - return(0); - } - return(1); - } - -SSL *SSL_new(SSL_CTX *ctx) - { - SSL *s; - - if (ctx == NULL) - { - SSLerr(SSL_F_SSL_NEW,SSL_R_NULL_SSL_CTX); - return(NULL); - } - if (ctx->method == NULL) - { - SSLerr(SSL_F_SSL_NEW,SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION); - return(NULL); - } - - s=(SSL *)OPENSSL_malloc(sizeof(SSL)); - if (s == NULL) goto err; - memset(s,0,sizeof(SSL)); - - if (ctx->cert != NULL) - { - /* Earlier library versions used to copy the pointer to - * the CERT, not its contents; only when setting new - * parameters for the per-SSL copy, ssl_cert_new would be - * called (and the direct reference to the per-SSL_CTX - * settings would be lost, but those still were indirectly - * accessed for various purposes, and for that reason they - * used to be known as s->ctx->default_cert). - * Now we don't look at the SSL_CTX's CERT after having - * duplicated it once. */ - - s->cert = ssl_cert_dup(ctx->cert); - if (s->cert == NULL) - goto err; - } - else - s->cert=NULL; /* Cannot really happen (see SSL_CTX_new) */ - s->sid_ctx_length=ctx->sid_ctx_length; - memcpy(&s->sid_ctx,&ctx->sid_ctx,sizeof(s->sid_ctx)); - s->verify_mode=ctx->verify_mode; - s->verify_depth=ctx->verify_depth; - s->verify_callback=ctx->default_verify_callback; - s->purpose = ctx->purpose; - s->trust = ctx->trust; - CRYPTO_add(&ctx->references,1,CRYPTO_LOCK_SSL_CTX); - s->ctx=ctx; - - s->verify_result=X509_V_OK; - - s->method=ctx->method; - - if (!s->method->ssl_new(s)) - goto err; - - s->quiet_shutdown=ctx->quiet_shutdown; - s->references=1; - s->server=(ctx->method->ssl_accept == ssl_undefined_function)?0:1; - s->options=ctx->options; - s->mode=ctx->mode; - SSL_clear(s); - - CRYPTO_new_ex_data(ssl_meth,s,&s->ex_data); - - return(s); -err: - if (s != NULL) - { - if (s->cert != NULL) - ssl_cert_free(s->cert); - if (s->ctx != NULL) - SSL_CTX_free(s->ctx); /* decrement reference count */ - OPENSSL_free(s); - } - SSLerr(SSL_F_SSL_NEW,ERR_R_MALLOC_FAILURE); - return(NULL); - } - -int SSL_CTX_set_session_id_context(SSL_CTX *ctx,const unsigned char *sid_ctx, - unsigned int sid_ctx_len) - { - if(sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) - { - SSLerr(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT,SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG); - return 0; - } - ctx->sid_ctx_length=sid_ctx_len; - memcpy(ctx->sid_ctx,sid_ctx,sid_ctx_len); - - return 1; - } - -int SSL_set_session_id_context(SSL *ssl,const unsigned char *sid_ctx, - unsigned int sid_ctx_len) - { - if(sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) - { - SSLerr(SSL_F_SSL_SET_SESSION_ID_CONTEXT,SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG); - return 0; - } - ssl->sid_ctx_length=sid_ctx_len; - memcpy(ssl->sid_ctx,sid_ctx,sid_ctx_len); - - return 1; - } - -int SSL_CTX_set_purpose(SSL_CTX *s, int purpose) -{ - if(X509_PURPOSE_get_by_id(purpose) == -1) { - SSLerr(SSL_F_SSL_CTX_SET_PURPOSE, SSL_R_INVALID_PURPOSE); - return 0; - } - s->purpose = purpose; - return 1; -} - -int SSL_set_purpose(SSL *s, int purpose) -{ - if(X509_PURPOSE_get_by_id(purpose) == -1) { - SSLerr(SSL_F_SSL_SET_PURPOSE, SSL_R_INVALID_PURPOSE); - return 0; - } - s->purpose = purpose; - return 1; -} - -int SSL_CTX_set_trust(SSL_CTX *s, int trust) -{ - if(X509_TRUST_get_by_id(trust) == -1) { - SSLerr(SSL_F_SSL_CTX_SET_TRUST, SSL_R_INVALID_TRUST); - return 0; - } - s->trust = trust; - return 1; -} - -int SSL_set_trust(SSL *s, int trust) -{ - if(X509_TRUST_get_by_id(trust) == -1) { - SSLerr(SSL_F_SSL_SET_TRUST, SSL_R_INVALID_TRUST); - return 0; - } - s->trust = trust; - return 1; -} - -void SSL_free(SSL *s) - { - int i; - - if(s == NULL) - return; - - i=CRYPTO_add(&s->references,-1,CRYPTO_LOCK_SSL); -#ifdef REF_PRINT - REF_PRINT("SSL",s); -#endif - if (i > 0) return; -#ifdef REF_CHECK - if (i < 0) - { - fprintf(stderr,"SSL_free, bad reference count\n"); - abort(); /* ok */ - } -#endif - - CRYPTO_free_ex_data(ssl_meth,(char *)s,&s->ex_data); - - if (s->bbio != NULL) - { - /* If the buffering BIO is in place, pop it off */ - if (s->bbio == s->wbio) - { - s->wbio=BIO_pop(s->wbio); - } - BIO_free(s->bbio); - s->bbio=NULL; - } - if (s->rbio != NULL) - BIO_free_all(s->rbio); - if ((s->wbio != NULL) && (s->wbio != s->rbio)) - BIO_free_all(s->wbio); - - if (s->init_buf != NULL) BUF_MEM_free(s->init_buf); - - /* add extra stuff */ - if (s->cipher_list != NULL) sk_SSL_CIPHER_free(s->cipher_list); - if (s->cipher_list_by_id != NULL) sk_SSL_CIPHER_free(s->cipher_list_by_id); - - /* Make the next call work :-) */ - if (s->session != NULL) - { - ssl_clear_bad_session(s); - SSL_SESSION_free(s->session); - } - - ssl_clear_cipher_ctx(s); - - if (s->cert != NULL) ssl_cert_free(s->cert); - /* Free up if allocated */ - - if (s->ctx) SSL_CTX_free(s->ctx); - - if (s->client_CA != NULL) - sk_X509_NAME_pop_free(s->client_CA,X509_NAME_free); - - if (s->method != NULL) s->method->ssl_free(s); - - OPENSSL_free(s); - } - -void SSL_set_bio(SSL *s,BIO *rbio,BIO *wbio) - { - /* If the output buffering BIO is still in place, remove it - */ - if (s->bbio != NULL) - { - if (s->wbio == s->bbio) - { - s->wbio=s->wbio->next_bio; - s->bbio->next_bio=NULL; - } - } - if ((s->rbio != NULL) && (s->rbio != rbio)) - BIO_free_all(s->rbio); - if ((s->wbio != NULL) && (s->wbio != wbio) && (s->rbio != s->wbio)) - BIO_free_all(s->wbio); - s->rbio=rbio; - s->wbio=wbio; - } - -BIO *SSL_get_rbio(SSL *s) - { return(s->rbio); } - -BIO *SSL_get_wbio(SSL *s) - { return(s->wbio); } - -int SSL_get_fd(SSL *s) - { - int ret= -1; - BIO *b,*r; - - b=SSL_get_rbio(s); - r=BIO_find_type(b,BIO_TYPE_DESCRIPTOR); - if (r != NULL) - BIO_get_fd(r,&ret); - return(ret); - } - -#ifndef NO_SOCK -int SSL_set_fd(SSL *s,int fd) - { - int ret=0; - BIO *bio=NULL; - - bio=BIO_new(BIO_s_socket()); - - if (bio == NULL) - { - SSLerr(SSL_F_SSL_SET_FD,ERR_R_BUF_LIB); - goto err; - } - BIO_set_fd(bio,fd,BIO_NOCLOSE); - SSL_set_bio(s,bio,bio); - ret=1; -err: - return(ret); - } - -int SSL_set_wfd(SSL *s,int fd) - { - int ret=0; - BIO *bio=NULL; - - if ((s->rbio == NULL) || (BIO_method_type(s->rbio) != BIO_TYPE_SOCKET) - || ((int)BIO_get_fd(s->rbio,NULL) != fd)) - { - bio=BIO_new(BIO_s_socket()); - - if (bio == NULL) - { SSLerr(SSL_F_SSL_SET_WFD,ERR_R_BUF_LIB); goto err; } - BIO_set_fd(bio,fd,BIO_NOCLOSE); - SSL_set_bio(s,SSL_get_rbio(s),bio); - } - else - SSL_set_bio(s,SSL_get_rbio(s),SSL_get_rbio(s)); - ret=1; -err: - return(ret); - } - -int SSL_set_rfd(SSL *s,int fd) - { - int ret=0; - BIO *bio=NULL; - - if ((s->wbio == NULL) || (BIO_method_type(s->wbio) != BIO_TYPE_SOCKET) - || ((int)BIO_get_fd(s->wbio,NULL) != fd)) - { - bio=BIO_new(BIO_s_socket()); - - if (bio == NULL) - { - SSLerr(SSL_F_SSL_SET_RFD,ERR_R_BUF_LIB); - goto err; - } - BIO_set_fd(bio,fd,BIO_NOCLOSE); - SSL_set_bio(s,bio,SSL_get_wbio(s)); - } - else - SSL_set_bio(s,SSL_get_wbio(s),SSL_get_wbio(s)); - ret=1; -err: - return(ret); - } -#endif - - -/* return length of latest Finished message we sent, copy to 'buf' */ -size_t SSL_get_finished(SSL *s, void *buf, size_t count) - { - size_t ret = 0; - - if (s->s3 != NULL) - { - ret = s->s3->tmp.finish_md_len; - if (count > ret) - count = ret; - memcpy(buf, s->s3->tmp.finish_md, count); - } - return ret; - } - -/* return length of latest Finished message we expected, copy to 'buf' */ -size_t SSL_get_peer_finished(SSL *s, void *buf, size_t count) - { - size_t ret = 0; - - if (s->s3 != NULL) - { - ret = s->s3->tmp.peer_finish_md_len; - if (count > ret) - count = ret; - memcpy(buf, s->s3->tmp.peer_finish_md, count); - } - return ret; - } - - -int SSL_get_verify_mode(SSL *s) - { - return(s->verify_mode); - } - -int SSL_get_verify_depth(SSL *s) - { - return(s->verify_depth); - } - -int (*SSL_get_verify_callback(SSL *s))(int,X509_STORE_CTX *) - { - return(s->verify_callback); - } - -int SSL_CTX_get_verify_mode(SSL_CTX *ctx) - { - return(ctx->verify_mode); - } - -int SSL_CTX_get_verify_depth(SSL_CTX *ctx) - { - return(ctx->verify_depth); - } - -int (*SSL_CTX_get_verify_callback(SSL_CTX *ctx))(int,X509_STORE_CTX *) - { - return(ctx->default_verify_callback); - } - -void SSL_set_verify(SSL *s,int mode, - int (*callback)(int ok,X509_STORE_CTX *ctx)) - { - s->verify_mode=mode; - if (callback != NULL) - s->verify_callback=callback; - } - -void SSL_set_verify_depth(SSL *s,int depth) - { - s->verify_depth=depth; - } - -void SSL_set_read_ahead(SSL *s,int yes) - { - s->read_ahead=yes; - } - -int SSL_get_read_ahead(SSL *s) - { - return(s->read_ahead); - } - -int SSL_pending(SSL *s) - { - return(s->method->ssl_pending(s)); - } - -X509 *SSL_get_peer_certificate(SSL *s) - { - X509 *r; - - if ((s == NULL) || (s->session == NULL)) - r=NULL; - else - r=s->session->peer; - - if (r == NULL) return(r); - - CRYPTO_add(&r->references,1,CRYPTO_LOCK_X509); - - return(r); - } - -STACK_OF(X509) *SSL_get_peer_cert_chain(SSL *s) - { - STACK_OF(X509) *r; - - if ((s == NULL) || (s->session == NULL) || (s->session->sess_cert == NULL)) - r=NULL; - else - r=s->session->sess_cert->cert_chain; - - /* If we are a client, cert_chain includes the peer's own - * certificate; if we are a server, it does not. */ - - return(r); - } - -/* Now in theory, since the calling process own 't' it should be safe to - * modify. We need to be able to read f without being hassled */ -void SSL_copy_session_id(SSL *t,SSL *f) - { - CERT *tmp; - - /* Do we need to to SSL locking? */ - SSL_set_session(t,SSL_get_session(f)); - - /* what if we are setup as SSLv2 but want to talk SSLv3 or - * vice-versa */ - if (t->method != f->method) - { - t->method->ssl_free(t); /* cleanup current */ - t->method=f->method; /* change method */ - t->method->ssl_new(t); /* setup new */ - } - - tmp=t->cert; - if (f->cert != NULL) - { - CRYPTO_add(&f->cert->references,1,CRYPTO_LOCK_SSL_CERT); - t->cert=f->cert; - } - else - t->cert=NULL; - if (tmp != NULL) ssl_cert_free(tmp); - SSL_set_session_id_context(t,f->sid_ctx,f->sid_ctx_length); - } - -/* Fix this so it checks all the valid key/cert options */ -int SSL_CTX_check_private_key(SSL_CTX *ctx) - { - if ( (ctx == NULL) || - (ctx->cert == NULL) || - (ctx->cert->key->x509 == NULL)) - { - SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,SSL_R_NO_CERTIFICATE_ASSIGNED); - return(0); - } - if (ctx->cert->key->privatekey == NULL) - { - SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,SSL_R_NO_PRIVATE_KEY_ASSIGNED); - return(0); - } - return(X509_check_private_key(ctx->cert->key->x509, ctx->cert->key->privatekey)); - } - -/* Fix this function so that it takes an optional type parameter */ -int SSL_check_private_key(SSL *ssl) - { - if (ssl == NULL) - { - SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,ERR_R_PASSED_NULL_PARAMETER); - return(0); - } - if (ssl->cert == NULL) - { - SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,SSL_R_NO_CERTIFICATE_ASSIGNED); - return 0; - } - if (ssl->cert->key->x509 == NULL) - { - SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,SSL_R_NO_CERTIFICATE_ASSIGNED); - return(0); - } - if (ssl->cert->key->privatekey == NULL) - { - SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,SSL_R_NO_PRIVATE_KEY_ASSIGNED); - return(0); - } - return(X509_check_private_key(ssl->cert->key->x509, - ssl->cert->key->privatekey)); - } - -int SSL_accept(SSL *s) - { - if (s->handshake_func == 0) - /* Not properly initialized yet */ - SSL_set_accept_state(s); - - return(s->method->ssl_accept(s)); - } - -int SSL_connect(SSL *s) - { - if (s->handshake_func == 0) - /* Not properly initialized yet */ - SSL_set_connect_state(s); - - return(s->method->ssl_connect(s)); - } - -long SSL_get_default_timeout(SSL *s) - { - return(s->method->get_timeout()); - } - -int SSL_read(SSL *s,char *buf,int num) - { - if (s->handshake_func == 0) - { - SSLerr(SSL_F_SSL_READ, SSL_R_UNINITIALIZED); - return -1; - } - - if (s->shutdown & SSL_RECEIVED_SHUTDOWN) - { - s->rwstate=SSL_NOTHING; - return(0); - } - return(s->method->ssl_read(s,buf,num)); - } - -int SSL_peek(SSL *s,char *buf,int num) - { - if (s->shutdown & SSL_RECEIVED_SHUTDOWN) - { - return(0); - } - return(s->method->ssl_peek(s,buf,num)); - } - -int SSL_write(SSL *s,const char *buf,int num) - { - if (s->handshake_func == 0) - { - SSLerr(SSL_F_SSL_WRITE, SSL_R_UNINITIALIZED); - return -1; - } - - if (s->shutdown & SSL_SENT_SHUTDOWN) - { - s->rwstate=SSL_NOTHING; - SSLerr(SSL_F_SSL_WRITE,SSL_R_PROTOCOL_IS_SHUTDOWN); - return(-1); - } - return(s->method->ssl_write(s,buf,num)); - } - -int SSL_shutdown(SSL *s) - { - /* Note that this function behaves differently from what one might - * expect. Return values are 0 for no success (yet), - * 1 for success; but calling it once is usually not enough, - * even if blocking I/O is used (see ssl3_shutdown). - */ - - if (s->handshake_func == 0) - { - SSLerr(SSL_F_SSL_SHUTDOWN, SSL_R_UNINITIALIZED); - return -1; - } - - if ((s != NULL) && !SSL_in_init(s)) - return(s->method->ssl_shutdown(s)); - else - return(1); - } - -int SSL_renegotiate(SSL *s) - { - s->new_session=1; - return(s->method->ssl_renegotiate(s)); - } - -long SSL_ctrl(SSL *s,int cmd,long larg,char *parg) - { - long l; - - switch (cmd) - { - case SSL_CTRL_GET_READ_AHEAD: - return(s->read_ahead); - case SSL_CTRL_SET_READ_AHEAD: - l=s->read_ahead; - s->read_ahead=larg; - return(l); - case SSL_CTRL_OPTIONS: - return(s->options|=larg); - case SSL_CTRL_MODE: - return(s->mode|=larg); - default: - return(s->method->ssl_ctrl(s,cmd,larg,parg)); - } - } - -long SSL_callback_ctrl(SSL *s, int cmd, void (*fp)()) - { - switch(cmd) - { - default: - return(s->method->ssl_callback_ctrl(s,cmd,fp)); - } - } - -struct lhash_st *SSL_CTX_sessions(SSL_CTX *ctx) - { - return ctx->sessions; - } - -long SSL_CTX_ctrl(SSL_CTX *ctx,int cmd,long larg,char *parg) - { - long l; - - switch (cmd) - { - case SSL_CTRL_GET_READ_AHEAD: - return(ctx->read_ahead); - case SSL_CTRL_SET_READ_AHEAD: - l=ctx->read_ahead; - ctx->read_ahead=larg; - return(l); - - case SSL_CTRL_SET_SESS_CACHE_SIZE: - l=ctx->session_cache_size; - ctx->session_cache_size=larg; - return(l); - case SSL_CTRL_GET_SESS_CACHE_SIZE: - return(ctx->session_cache_size); - case SSL_CTRL_SET_SESS_CACHE_MODE: - l=ctx->session_cache_mode; - ctx->session_cache_mode=larg; - return(l); - case SSL_CTRL_GET_SESS_CACHE_MODE: - return(ctx->session_cache_mode); - - case SSL_CTRL_SESS_NUMBER: - return(ctx->sessions->num_items); - case SSL_CTRL_SESS_CONNECT: - return(ctx->stats.sess_connect); - case SSL_CTRL_SESS_CONNECT_GOOD: - return(ctx->stats.sess_connect_good); - case SSL_CTRL_SESS_CONNECT_RENEGOTIATE: - return(ctx->stats.sess_connect_renegotiate); - case SSL_CTRL_SESS_ACCEPT: - return(ctx->stats.sess_accept); - case SSL_CTRL_SESS_ACCEPT_GOOD: - return(ctx->stats.sess_accept_good); - case SSL_CTRL_SESS_ACCEPT_RENEGOTIATE: - return(ctx->stats.sess_accept_renegotiate); - case SSL_CTRL_SESS_HIT: - return(ctx->stats.sess_hit); - case SSL_CTRL_SESS_CB_HIT: - return(ctx->stats.sess_cb_hit); - case SSL_CTRL_SESS_MISSES: - return(ctx->stats.sess_miss); - case SSL_CTRL_SESS_TIMEOUTS: - return(ctx->stats.sess_timeout); - case SSL_CTRL_SESS_CACHE_FULL: - return(ctx->stats.sess_cache_full); - case SSL_CTRL_OPTIONS: - return(ctx->options|=larg); - case SSL_CTRL_MODE: - return(ctx->mode|=larg); - default: - return(ctx->method->ssl_ctx_ctrl(ctx,cmd,larg,parg)); - } - } - -long SSL_CTX_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)()) - { - switch(cmd) - { - default: - return(ctx->method->ssl_ctx_callback_ctrl(ctx,cmd,fp)); - } - } - -int ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b) - { - long l; - - l=a->id-b->id; - if (l == 0L) - return(0); - else - return((l > 0)?1:-1); - } - -int ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap, - const SSL_CIPHER * const *bp) - { - long l; - - l=(*ap)->id-(*bp)->id; - if (l == 0L) - return(0); - else - return((l > 0)?1:-1); - } - -/** return a STACK of the ciphers available for the SSL and in order of - * preference */ -STACK_OF(SSL_CIPHER) *SSL_get_ciphers(SSL *s) - { - if ((s != NULL) && (s->cipher_list != NULL)) - { - return(s->cipher_list); - } - else if ((s->ctx != NULL) && - (s->ctx->cipher_list != NULL)) - { - return(s->ctx->cipher_list); - } - return(NULL); - } - -/** return a STACK of the ciphers available for the SSL and in order of - * algorithm id */ -STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s) - { - if ((s != NULL) && (s->cipher_list_by_id != NULL)) - { - return(s->cipher_list_by_id); - } - else if ((s != NULL) && (s->ctx != NULL) && - (s->ctx->cipher_list_by_id != NULL)) - { - return(s->ctx->cipher_list_by_id); - } - return(NULL); - } - -/** The old interface to get the same thing as SSL_get_ciphers() */ -const char *SSL_get_cipher_list(SSL *s,int n) - { - SSL_CIPHER *c; - STACK_OF(SSL_CIPHER) *sk; - - if (s == NULL) return(NULL); - sk=SSL_get_ciphers(s); - if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= n)) - return(NULL); - c=sk_SSL_CIPHER_value(sk,n); - if (c == NULL) return(NULL); - return(c->name); - } - -/** specify the ciphers to be used by default by the SSL_CTX */ -int SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str) - { - STACK_OF(SSL_CIPHER) *sk; - - sk=ssl_create_cipher_list(ctx->method,&ctx->cipher_list, - &ctx->cipher_list_by_id,str); -/* XXXX */ - return((sk == NULL)?0:1); - } - -/** specify the ciphers to be used by the SSL */ -int SSL_set_cipher_list(SSL *s,const char *str) - { - STACK_OF(SSL_CIPHER) *sk; - - sk=ssl_create_cipher_list(s->ctx->method,&s->cipher_list, - &s->cipher_list_by_id,str); -/* XXXX */ - return((sk == NULL)?0:1); - } - -/* works well for SSLv2, not so good for SSLv3 */ -char *SSL_get_shared_ciphers(SSL *s,char *buf,int len) - { - char *p; - const char *cp; - STACK_OF(SSL_CIPHER) *sk; - SSL_CIPHER *c; - int i; - - if ((s->session == NULL) || (s->session->ciphers == NULL) || - (len < 2)) - return(NULL); - - p=buf; - sk=s->session->ciphers; - for (i=0; iname; *cp; ) - { - if (len-- == 0) - { - *p='\0'; - return(buf); - } - else - *(p++)= *(cp++); - } - *(p++)=':'; - } - p[-1]='\0'; - return(buf); - } - -int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p) - { - int i,j=0; - SSL_CIPHER *c; - unsigned char *q; - - if (sk == NULL) return(0); - q=p; - - for (i=0; isession_id[0] )| - ((unsigned int) a->session_id[1]<< 8L)| - ((unsigned long)a->session_id[2]<<16L)| - ((unsigned long)a->session_id[3]<<24L); - return(l); - } - -int SSL_SESSION_cmp(SSL_SESSION *a,SSL_SESSION *b) - { - if (a->ssl_version != b->ssl_version) - return(1); - if (a->session_id_length != b->session_id_length) - return(1); - return(memcmp(a->session_id,b->session_id,a->session_id_length)); - } - -SSL_CTX *SSL_CTX_new(SSL_METHOD *meth) - { - SSL_CTX *ret=NULL; - - if (meth == NULL) - { - SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_NULL_SSL_METHOD_PASSED); - return(NULL); - } - - if (SSL_get_ex_data_X509_STORE_CTX_idx() < 0) - { - SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_X509_VERIFICATION_SETUP_PROBLEMS); - goto err; - } - ret=(SSL_CTX *)OPENSSL_malloc(sizeof(SSL_CTX)); - if (ret == NULL) - goto err; - - memset(ret,0,sizeof(SSL_CTX)); - - ret->method=meth; - - ret->cert_store=NULL; - ret->session_cache_mode=SSL_SESS_CACHE_SERVER; - ret->session_cache_size=SSL_SESSION_CACHE_MAX_SIZE_DEFAULT; - ret->session_cache_head=NULL; - ret->session_cache_tail=NULL; - - /* We take the system default */ - ret->session_timeout=meth->get_timeout(); - - ret->new_session_cb=NULL; - ret->remove_session_cb=NULL; - ret->get_session_cb=NULL; - - memset((char *)&ret->stats,0,sizeof(ret->stats)); - - ret->references=1; - ret->quiet_shutdown=0; - -/* ret->cipher=NULL;*/ -/* ret->s2->challenge=NULL; - ret->master_key=NULL; - ret->key_arg=NULL; - ret->s2->conn_id=NULL; */ - - ret->info_callback=NULL; - - ret->app_verify_callback=NULL; - ret->app_verify_arg=NULL; - - ret->read_ahead=0; - ret->verify_mode=SSL_VERIFY_NONE; - ret->verify_depth=-1; /* Don't impose a limit (but x509_lu.c does) */ - ret->default_verify_callback=NULL; - if ((ret->cert=ssl_cert_new()) == NULL) - goto err; - - ret->default_passwd_callback=NULL; - ret->default_passwd_callback_userdata=NULL; - ret->client_cert_cb=NULL; - - ret->sessions=lh_new(SSL_SESSION_hash,SSL_SESSION_cmp); - if (ret->sessions == NULL) goto err; - ret->cert_store=X509_STORE_new(); - if (ret->cert_store == NULL) goto err; - - ssl_create_cipher_list(ret->method, - &ret->cipher_list,&ret->cipher_list_by_id, - SSL_DEFAULT_CIPHER_LIST); - if (ret->cipher_list == NULL - || sk_SSL_CIPHER_num(ret->cipher_list) <= 0) - { - SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_LIBRARY_HAS_NO_CIPHERS); - goto err2; - } - - if ((ret->rsa_md5=EVP_get_digestbyname("ssl2-md5")) == NULL) - { - SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES); - goto err2; - } - if ((ret->md5=EVP_get_digestbyname("ssl3-md5")) == NULL) - { - SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES); - goto err2; - } - if ((ret->sha1=EVP_get_digestbyname("ssl3-sha1")) == NULL) - { - SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES); - goto err2; - } - - if ((ret->client_CA=sk_X509_NAME_new_null()) == NULL) - goto err; - - CRYPTO_new_ex_data(ssl_ctx_meth,(char *)ret,&ret->ex_data); - - ret->extra_certs=NULL; - ret->comp_methods=SSL_COMP_get_compression_methods(); - - return(ret); -err: - SSLerr(SSL_F_SSL_CTX_NEW,ERR_R_MALLOC_FAILURE); -err2: - if (ret != NULL) SSL_CTX_free(ret); - return(NULL); - } - -static void SSL_COMP_free(SSL_COMP *comp) - { OPENSSL_free(comp); } - -void SSL_CTX_free(SSL_CTX *a) - { - int i; - - if (a == NULL) return; - - i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_SSL_CTX); -#ifdef REF_PRINT - REF_PRINT("SSL_CTX",a); -#endif - if (i > 0) return; -#ifdef REF_CHECK - if (i < 0) - { - fprintf(stderr,"SSL_CTX_free, bad reference count\n"); - abort(); /* ok */ - } -#endif - CRYPTO_free_ex_data(ssl_ctx_meth,(char *)a,&a->ex_data); - - if (a->sessions != NULL) - { - SSL_CTX_flush_sessions(a,0); - lh_free(a->sessions); - } - if (a->cert_store != NULL) - X509_STORE_free(a->cert_store); - if (a->cipher_list != NULL) - sk_SSL_CIPHER_free(a->cipher_list); - if (a->cipher_list_by_id != NULL) - sk_SSL_CIPHER_free(a->cipher_list_by_id); - if (a->cert != NULL) - ssl_cert_free(a->cert); - if (a->client_CA != NULL) - sk_X509_NAME_pop_free(a->client_CA,X509_NAME_free); - if (a->extra_certs != NULL) - sk_X509_pop_free(a->extra_certs,X509_free); - if (a->comp_methods != NULL) - sk_SSL_COMP_pop_free(a->comp_methods,SSL_COMP_free); - OPENSSL_free(a); - } - -void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb) - { - ctx->default_passwd_callback=cb; - } - -void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx,void *u) - { - ctx->default_passwd_callback_userdata=u; - } - -void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx,int (*cb)(),char *arg) - { - /* now - * int (*cb)(X509_STORE_CTX *), - * but should be - * int (*cb)(X509_STORE_CTX *, void *arg) - */ - ctx->app_verify_callback=cb; - ctx->app_verify_arg=arg; /* never used */ - } - -void SSL_CTX_set_verify(SSL_CTX *ctx,int mode,int (*cb)(int, X509_STORE_CTX *)) - { - ctx->verify_mode=mode; - ctx->default_verify_callback=cb; - /* This needs cleaning up EAY EAY EAY */ - X509_STORE_set_verify_cb_func(ctx->cert_store,cb); - } - -void SSL_CTX_set_verify_depth(SSL_CTX *ctx,int depth) - { - ctx->verify_depth=depth; - } - -void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher) - { - CERT_PKEY *cpk; - int rsa_enc,rsa_tmp,rsa_sign,dh_tmp,dh_rsa,dh_dsa,dsa_sign; - int rsa_enc_export,dh_rsa_export,dh_dsa_export; - int rsa_tmp_export,dh_tmp_export,kl; - unsigned long mask,emask; - - if (c == NULL) return; - - kl=SSL_C_EXPORT_PKEYLENGTH(cipher); - -#ifndef NO_RSA - rsa_tmp=(c->rsa_tmp != NULL || c->rsa_tmp_cb != NULL); - rsa_tmp_export=(c->rsa_tmp_cb != NULL || - (rsa_tmp && RSA_size(c->rsa_tmp)*8 <= kl)); -#else - rsa_tmp=rsa_tmp_export=0; -#endif -#ifndef NO_DH - dh_tmp=(c->dh_tmp != NULL || c->dh_tmp_cb != NULL); - dh_tmp_export=(c->dh_tmp_cb != NULL || - (dh_tmp && DH_size(c->dh_tmp)*8 <= kl)); -#else - dh_tmp=dh_tmp_export=0; -#endif - - cpk= &(c->pkeys[SSL_PKEY_RSA_ENC]); - rsa_enc= (cpk->x509 != NULL && cpk->privatekey != NULL); - rsa_enc_export=(rsa_enc && EVP_PKEY_size(cpk->privatekey)*8 <= kl); - cpk= &(c->pkeys[SSL_PKEY_RSA_SIGN]); - rsa_sign=(cpk->x509 != NULL && cpk->privatekey != NULL); - cpk= &(c->pkeys[SSL_PKEY_DSA_SIGN]); - dsa_sign=(cpk->x509 != NULL && cpk->privatekey != NULL); - cpk= &(c->pkeys[SSL_PKEY_DH_RSA]); - dh_rsa= (cpk->x509 != NULL && cpk->privatekey != NULL); - dh_rsa_export=(dh_rsa && EVP_PKEY_size(cpk->privatekey)*8 <= kl); - cpk= &(c->pkeys[SSL_PKEY_DH_DSA]); -/* FIX THIS EAY EAY EAY */ - dh_dsa= (cpk->x509 != NULL && cpk->privatekey != NULL); - dh_dsa_export=(dh_dsa && EVP_PKEY_size(cpk->privatekey)*8 <= kl); - - mask=0; - emask=0; - -#ifdef CIPHER_DEBUG - printf("rt=%d rte=%d dht=%d re=%d ree=%d rs=%d ds=%d dhr=%d dhd=%d\n", - rsa_tmp,rsa_tmp_export,dh_tmp, - rsa_enc,rsa_enc_export,rsa_sign,dsa_sign,dh_rsa,dh_dsa); -#endif - - if (rsa_enc || (rsa_tmp && rsa_sign)) - mask|=SSL_kRSA; - if (rsa_enc_export || (rsa_tmp_export && (rsa_sign || rsa_enc))) - emask|=SSL_kRSA; - -#if 0 - /* The match needs to be both kEDH and aRSA or aDSA, so don't worry */ - if ( (dh_tmp || dh_rsa || dh_dsa) && - (rsa_enc || rsa_sign || dsa_sign)) - mask|=SSL_kEDH; - if ((dh_tmp_export || dh_rsa_export || dh_dsa_export) && - (rsa_enc || rsa_sign || dsa_sign)) - emask|=SSL_kEDH; -#endif - - if (dh_tmp_export) - emask|=SSL_kEDH; - - if (dh_tmp) - mask|=SSL_kEDH; - - if (dh_rsa) mask|=SSL_kDHr; - if (dh_rsa_export) emask|=SSL_kDHr; - - if (dh_dsa) mask|=SSL_kDHd; - if (dh_dsa_export) emask|=SSL_kDHd; - - if (rsa_enc || rsa_sign) - { - mask|=SSL_aRSA; - emask|=SSL_aRSA; - } - - if (dsa_sign) - { - mask|=SSL_aDSS; - emask|=SSL_aDSS; - } - - mask|=SSL_aNULL; - emask|=SSL_aNULL; - - c->mask=mask; - c->export_mask=emask; - c->valid=1; - } - -/* THIS NEEDS CLEANING UP */ -X509 *ssl_get_server_send_cert(SSL *s) - { - unsigned long alg,mask,kalg; - CERT *c; - int i,is_export; - - c=s->cert; - ssl_set_cert_masks(c, s->s3->tmp.new_cipher); - alg=s->s3->tmp.new_cipher->algorithms; - is_export=SSL_C_IS_EXPORT(s->s3->tmp.new_cipher); - mask=is_export?c->export_mask:c->mask; - kalg=alg&(SSL_MKEY_MASK|SSL_AUTH_MASK); - - if (kalg & SSL_kDHr) - i=SSL_PKEY_DH_RSA; - else if (kalg & SSL_kDHd) - i=SSL_PKEY_DH_DSA; - else if (kalg & SSL_aDSS) - i=SSL_PKEY_DSA_SIGN; - else if (kalg & SSL_aRSA) - { - if (c->pkeys[SSL_PKEY_RSA_ENC].x509 == NULL) - i=SSL_PKEY_RSA_SIGN; - else - i=SSL_PKEY_RSA_ENC; - } - else /* if (kalg & SSL_aNULL) */ - { - SSLerr(SSL_F_SSL_GET_SERVER_SEND_CERT,SSL_R_INTERNAL_ERROR); - return(NULL); - } - if (c->pkeys[i].x509 == NULL) return(NULL); - return(c->pkeys[i].x509); - } - -EVP_PKEY *ssl_get_sign_pkey(SSL *s,SSL_CIPHER *cipher) - { - unsigned long alg; - CERT *c; - - alg=cipher->algorithms; - c=s->cert; - - if ((alg & SSL_aDSS) && - (c->pkeys[SSL_PKEY_DSA_SIGN].privatekey != NULL)) - return(c->pkeys[SSL_PKEY_DSA_SIGN].privatekey); - else if (alg & SSL_aRSA) - { - if (c->pkeys[SSL_PKEY_RSA_SIGN].privatekey != NULL) - return(c->pkeys[SSL_PKEY_RSA_SIGN].privatekey); - else if (c->pkeys[SSL_PKEY_RSA_ENC].privatekey != NULL) - return(c->pkeys[SSL_PKEY_RSA_ENC].privatekey); - else - return(NULL); - } - else /* if (alg & SSL_aNULL) */ - { - SSLerr(SSL_F_SSL_GET_SIGN_PKEY,SSL_R_INTERNAL_ERROR); - return(NULL); - } - } - -void ssl_update_cache(SSL *s,int mode) - { - int i; - - /* If the session_id_length is 0, we are not supposed to cache it, - * and it would be rather hard to do anyway :-) */ - if (s->session->session_id_length == 0) return; - - if ((s->ctx->session_cache_mode & mode) - && (!s->hit) - && SSL_CTX_add_session(s->ctx,s->session) - && (s->ctx->new_session_cb != NULL)) - { - CRYPTO_add(&s->session->references,1,CRYPTO_LOCK_SSL_SESSION); - if (!s->ctx->new_session_cb(s,s->session)) - SSL_SESSION_free(s->session); - } - - /* auto flush every 255 connections */ - i=s->ctx->session_cache_mode; - if ((!(i & SSL_SESS_CACHE_NO_AUTO_CLEAR)) && - ((i & mode) == mode)) - { - if ( (((mode & SSL_SESS_CACHE_CLIENT) - ?s->ctx->stats.sess_connect_good - :s->ctx->stats.sess_accept_good) & 0xff) == 0xff) - { - SSL_CTX_flush_sessions(s->ctx,time(NULL)); - } - } - } - -SSL_METHOD *SSL_get_ssl_method(SSL *s) - { - return(s->method); - } - -int SSL_set_ssl_method(SSL *s,SSL_METHOD *meth) - { - int conn= -1; - int ret=1; - - if (s->method != meth) - { - if (s->handshake_func != NULL) - conn=(s->handshake_func == s->method->ssl_connect); - - if (s->method->version == meth->version) - s->method=meth; - else - { - s->method->ssl_free(s); - s->method=meth; - ret=s->method->ssl_new(s); - } - - if (conn == 1) - s->handshake_func=meth->ssl_connect; - else if (conn == 0) - s->handshake_func=meth->ssl_accept; - } - return(ret); - } - -int SSL_get_error(SSL *s,int i) - { - int reason; - unsigned long l; - BIO *bio; - - if (i > 0) return(SSL_ERROR_NONE); - - /* Make things return SSL_ERROR_SYSCALL when doing SSL_do_handshake - * etc, where we do encode the error */ - if ((l=ERR_peek_error()) != 0) - { - if (ERR_GET_LIB(l) == ERR_LIB_SYS) - return(SSL_ERROR_SYSCALL); - else - return(SSL_ERROR_SSL); - } - - if ((i < 0) && SSL_want_read(s)) - { - bio=SSL_get_rbio(s); - if (BIO_should_read(bio)) - return(SSL_ERROR_WANT_READ); - else if (BIO_should_write(bio)) - /* This one doesn't make too much sense ... We never try - * to write to the rbio, and an application program where - * rbio and wbio are separate couldn't even know what it - * should wait for. - * However if we ever set s->rwstate incorrectly - * (so that we have SSL_want_read(s) instead of - * SSL_want_write(s)) and rbio and wbio *are* the same, - * this test works around that bug; so it might be safer - * to keep it. */ - return(SSL_ERROR_WANT_WRITE); - else if (BIO_should_io_special(bio)) - { - reason=BIO_get_retry_reason(bio); - if (reason == BIO_RR_CONNECT) - return(SSL_ERROR_WANT_CONNECT); - else - return(SSL_ERROR_SYSCALL); /* unknown */ - } - } - - if ((i < 0) && SSL_want_write(s)) - { - bio=SSL_get_wbio(s); - if (BIO_should_write(bio)) - return(SSL_ERROR_WANT_WRITE); - else if (BIO_should_read(bio)) - /* See above (SSL_want_read(s) with BIO_should_write(bio)) */ - return(SSL_ERROR_WANT_READ); - else if (BIO_should_io_special(bio)) - { - reason=BIO_get_retry_reason(bio); - if (reason == BIO_RR_CONNECT) - return(SSL_ERROR_WANT_CONNECT); - else - return(SSL_ERROR_SYSCALL); - } - } - if ((i < 0) && SSL_want_x509_lookup(s)) - { - return(SSL_ERROR_WANT_X509_LOOKUP); - } - - if (i == 0) - { - if (s->version == SSL2_VERSION) - { - /* assume it is the socket being closed */ - return(SSL_ERROR_ZERO_RETURN); - } - else - { - if ((s->shutdown & SSL_RECEIVED_SHUTDOWN) && - (s->s3->warn_alert == SSL_AD_CLOSE_NOTIFY)) - return(SSL_ERROR_ZERO_RETURN); - } - } - return(SSL_ERROR_SYSCALL); - } - -int SSL_do_handshake(SSL *s) - { - int ret=1; - - if (s->handshake_func == NULL) - { - SSLerr(SSL_F_SSL_DO_HANDSHAKE,SSL_R_CONNECTION_TYPE_NOT_SET); - return(-1); - } - - s->method->ssl_renegotiate_check(s); - - if (SSL_in_init(s) || SSL_in_before(s)) - { - ret=s->handshake_func(s); - } - return(ret); - } - -/* For the next 2 functions, SSL_clear() sets shutdown and so - * one of these calls will reset it */ -void SSL_set_accept_state(SSL *s) - { - s->server=1; - s->shutdown=0; - s->state=SSL_ST_ACCEPT|SSL_ST_BEFORE; - s->handshake_func=s->method->ssl_accept; - /* clear the current cipher */ - ssl_clear_cipher_ctx(s); - } - -void SSL_set_connect_state(SSL *s) - { - s->server=0; - s->shutdown=0; - s->state=SSL_ST_CONNECT|SSL_ST_BEFORE; - s->handshake_func=s->method->ssl_connect; - /* clear the current cipher */ - ssl_clear_cipher_ctx(s); - } - -int ssl_undefined_function(SSL *s) - { - SSLerr(SSL_F_SSL_UNDEFINED_FUNCTION,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); - return(0); - } - -SSL_METHOD *ssl_bad_method(int ver) - { - SSLerr(SSL_F_SSL_BAD_METHOD,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); - return(NULL); - } - -const char *SSL_get_version(SSL *s) - { - if (s->version == TLS1_VERSION) - return("TLSv1"); - else if (s->version == SSL3_VERSION) - return("SSLv3"); - else if (s->version == SSL2_VERSION) - return("SSLv2"); - else - return("unknown"); - } - -SSL *SSL_dup(SSL *s) - { - STACK_OF(X509_NAME) *sk; - X509_NAME *xn; - SSL *ret; - int i; - - if ((ret=SSL_new(SSL_get_SSL_CTX(s))) == NULL) - return(NULL); - - if (s->session != NULL) - { - /* This copies session-id, SSL_METHOD, sid_ctx, and 'cert' */ - SSL_copy_session_id(ret,s); - } - else - { - /* No session has been established yet, so we have to expect - * that s->cert or ret->cert will be changed later -- - * they should not both point to the same object, - * and thus we can't use SSL_copy_session_id. */ - - ret->method = s->method; - ret->method->ssl_new(ret); - - if (s->cert != NULL) - { - ret->cert = ssl_cert_dup(s->cert); - if (ret->cert == NULL) - goto err; - } - - SSL_set_session_id_context(ret, - s->sid_ctx, s->sid_ctx_length); - } - - SSL_set_read_ahead(ret,SSL_get_read_ahead(s)); - SSL_set_verify(ret,SSL_get_verify_mode(s), - SSL_get_verify_callback(s)); - SSL_set_verify_depth(ret,SSL_get_verify_depth(s)); - - SSL_set_info_callback(ret,SSL_get_info_callback(s)); - - ret->debug=s->debug; - ret->options=s->options; - - /* copy app data, a little dangerous perhaps */ - if (!CRYPTO_dup_ex_data(ssl_meth,&ret->ex_data,&s->ex_data)) - goto err; - - /* setup rbio, and wbio */ - if (s->rbio != NULL) - { - if (!BIO_dup_state(s->rbio,(char *)&ret->rbio)) - goto err; - } - if (s->wbio != NULL) - { - if (s->wbio != s->rbio) - { - if (!BIO_dup_state(s->wbio,(char *)&ret->wbio)) - goto err; - } - else - ret->wbio=ret->rbio; - } - - /* dup the cipher_list and cipher_list_by_id stacks */ - if (s->cipher_list != NULL) - { - if ((ret->cipher_list=sk_SSL_CIPHER_dup(s->cipher_list)) == NULL) - goto err; - } - if (s->cipher_list_by_id != NULL) - if ((ret->cipher_list_by_id=sk_SSL_CIPHER_dup(s->cipher_list_by_id)) - == NULL) - goto err; - - /* Dup the client_CA list */ - if (s->client_CA != NULL) - { - if ((sk=sk_X509_NAME_dup(s->client_CA)) == NULL) goto err; - ret->client_CA=sk; - for (i=0; ishutdown=s->shutdown; - ret->state=s->state; - ret->handshake_func=s->handshake_func; - ret->server=s->server; - - if (0) - { -err: - if (ret != NULL) SSL_free(ret); - ret=NULL; - } - return(ret); - } - -void ssl_clear_cipher_ctx(SSL *s) - { - if (s->enc_read_ctx != NULL) - { - EVP_CIPHER_CTX_cleanup(s->enc_read_ctx); - OPENSSL_free(s->enc_read_ctx); - s->enc_read_ctx=NULL; - } - if (s->enc_write_ctx != NULL) - { - EVP_CIPHER_CTX_cleanup(s->enc_write_ctx); - OPENSSL_free(s->enc_write_ctx); - s->enc_write_ctx=NULL; - } - if (s->expand != NULL) - { - COMP_CTX_free(s->expand); - s->expand=NULL; - } - if (s->compress != NULL) - { - COMP_CTX_free(s->compress); - s->compress=NULL; - } - } - -/* Fix this function so that it takes an optional type parameter */ -X509 *SSL_get_certificate(SSL *s) - { - if (s->cert != NULL) - return(s->cert->key->x509); - else - return(NULL); - } - -/* Fix this function so that it takes an optional type parameter */ -EVP_PKEY *SSL_get_privatekey(SSL *s) - { - if (s->cert != NULL) - return(s->cert->key->privatekey); - else - return(NULL); - } - -SSL_CIPHER *SSL_get_current_cipher(SSL *s) - { - if ((s->session != NULL) && (s->session->cipher != NULL)) - return(s->session->cipher); - return(NULL); - } - -int ssl_init_wbio_buffer(SSL *s,int push) - { - BIO *bbio; - - if (s->bbio == NULL) - { - bbio=BIO_new(BIO_f_buffer()); - if (bbio == NULL) return(0); - s->bbio=bbio; - } - else - { - bbio=s->bbio; - if (s->bbio == s->wbio) - s->wbio=BIO_pop(s->wbio); - } - (void)BIO_reset(bbio); -/* if (!BIO_set_write_buffer_size(bbio,16*1024)) */ - if (!BIO_set_read_buffer_size(bbio,1)) - { - SSLerr(SSL_F_SSL_INIT_WBIO_BUFFER,ERR_R_BUF_LIB); - return(0); - } - if (push) - { - if (s->wbio != bbio) - s->wbio=BIO_push(bbio,s->wbio); - } - else - { - if (s->wbio == bbio) - s->wbio=BIO_pop(bbio); - } - return(1); - } - -void ssl_free_wbio_buffer(SSL *s) - { - if (s->bbio == NULL) return; - - if (s->bbio == s->wbio) - { - /* remove buffering */ - s->wbio=BIO_pop(s->wbio); -#ifdef REF_CHECK /* not the usual REF_CHECK, but this avoids adding one more preprocessor symbol */ - assert(s->wbio != NULL); -#endif - } - BIO_free(s->bbio); - s->bbio=NULL; - } - -void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx,int mode) - { - ctx->quiet_shutdown=mode; - } - -int SSL_CTX_get_quiet_shutdown(SSL_CTX *ctx) - { - return(ctx->quiet_shutdown); - } - -void SSL_set_quiet_shutdown(SSL *s,int mode) - { - s->quiet_shutdown=mode; - } - -int SSL_get_quiet_shutdown(SSL *s) - { - return(s->quiet_shutdown); - } - -void SSL_set_shutdown(SSL *s,int mode) - { - s->shutdown=mode; - } - -int SSL_get_shutdown(SSL *s) - { - return(s->shutdown); - } - -int SSL_version(SSL *s) - { - return(s->version); - } - -SSL_CTX *SSL_get_SSL_CTX(SSL *ssl) - { - return(ssl->ctx); - } - -#ifndef NO_STDIO -int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx) - { - return(X509_STORE_set_default_paths(ctx->cert_store)); - } - -int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile, - const char *CApath) - { - return(X509_STORE_load_locations(ctx->cert_store,CAfile,CApath)); - } -#endif - -void SSL_set_info_callback(SSL *ssl,void (*cb)()) - { - ssl->info_callback=cb; - } - -void (*SSL_get_info_callback(SSL *ssl))(void) - { - return((void (*)())ssl->info_callback); - } - -int SSL_state(SSL *ssl) - { - return(ssl->state); - } - -void SSL_set_verify_result(SSL *ssl,long arg) - { - ssl->verify_result=arg; - } - -long SSL_get_verify_result(SSL *ssl) - { - return(ssl->verify_result); - } - -int SSL_get_ex_new_index(long argl,void *argp,CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func,CRYPTO_EX_free *free_func) - { - ssl_meth_num++; - return(CRYPTO_get_ex_new_index(ssl_meth_num-1, - &ssl_meth,argl,argp,new_func,dup_func,free_func)); - } - -int SSL_set_ex_data(SSL *s,int idx,void *arg) - { - return(CRYPTO_set_ex_data(&s->ex_data,idx,arg)); - } - -void *SSL_get_ex_data(SSL *s,int idx) - { - return(CRYPTO_get_ex_data(&s->ex_data,idx)); - } - -int SSL_CTX_get_ex_new_index(long argl,void *argp,CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func,CRYPTO_EX_free *free_func) - { - ssl_ctx_meth_num++; - return(CRYPTO_get_ex_new_index(ssl_ctx_meth_num-1, - &ssl_ctx_meth,argl,argp,new_func,dup_func,free_func)); - } - -int SSL_CTX_set_ex_data(SSL_CTX *s,int idx,void *arg) - { - return(CRYPTO_set_ex_data(&s->ex_data,idx,arg)); - } - -void *SSL_CTX_get_ex_data(SSL_CTX *s,int idx) - { - return(CRYPTO_get_ex_data(&s->ex_data,idx)); - } - -int ssl_ok(SSL *s) - { - return(1); - } - -X509_STORE *SSL_CTX_get_cert_store(SSL_CTX *ctx) - { - return(ctx->cert_store); - } - -void SSL_CTX_set_cert_store(SSL_CTX *ctx,X509_STORE *store) - { - if (ctx->cert_store != NULL) - X509_STORE_free(ctx->cert_store); - ctx->cert_store=store; - } - -int SSL_want(SSL *s) - { - return(s->rwstate); - } - -/*! - * \brief Set the callback for generating temporary RSA keys. - * \param ctx the SSL context. - * \param cb the callback - */ - -#ifndef NO_RSA -void SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx,RSA *(*cb)(SSL *ssl, - int is_export, - int keylength)) - { - SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TMP_RSA_CB,(void (*)())cb); - } - -void SSL_set_tmp_rsa_callback(SSL *ssl,RSA *(*cb)(SSL *ssl, - int is_export, - int keylength)) - { - SSL_callback_ctrl(ssl,SSL_CTRL_SET_TMP_RSA_CB,(void (*)())cb); - } -#endif - -#ifdef DOXYGEN -/*! - * \brief The RSA temporary key callback function. - * \param ssl the SSL session. - * \param is_export \c TRUE if the temp RSA key is for an export ciphersuite. - * \param keylength if \c is_export is \c TRUE, then \c keylength is the size - * of the required key in bits. - * \return the temporary RSA key. - * \sa SSL_CTX_set_tmp_rsa_callback, SSL_set_tmp_rsa_callback - */ - -RSA *cb(SSL *ssl,int is_export,int keylength) - {} -#endif - -/*! - * \brief Set the callback for generating temporary DH keys. - * \param ctx the SSL context. - * \param dh the callback - */ - -#ifndef NO_DH -void SSL_CTX_set_tmp_dh_callback(SSL_CTX *ctx,DH *(*dh)(SSL *ssl,int is_export, - int keylength)) - { - SSL_CTX_callback_ctrl(ctx,SSL_CTRL_SET_TMP_DH_CB,(void (*)())dh); - } - -void SSL_set_tmp_dh_callback(SSL *ssl,DH *(*dh)(SSL *ssl,int is_export, - int keylength)) - { - SSL_callback_ctrl(ssl,SSL_CTRL_SET_TMP_DH_CB,(void (*)())dh); - } -#endif - -#if defined(_WINDLL) && defined(WIN16) -#include "../crypto/bio/bss_file.c" -#endif - -IMPLEMENT_STACK_OF(SSL_CIPHER) -IMPLEMENT_STACK_OF(SSL_COMP) diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h deleted file mode 100644 index d70fff4627..0000000000 --- a/src/lib/libssl/ssl_locl.h +++ /dev/null @@ -1,556 +0,0 @@ -/* ssl/ssl_locl.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_SSL_LOCL_H -#define HEADER_SSL_LOCL_H -#include -#include -#include -#include - -#include "openssl/e_os.h" - -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#define PKCS1_CHECK - -#define c2l(c,l) (l = ((unsigned long)(*((c)++))) , \ - l|=(((unsigned long)(*((c)++)))<< 8), \ - l|=(((unsigned long)(*((c)++)))<<16), \ - l|=(((unsigned long)(*((c)++)))<<24)) - -/* NOTE - c is not incremented as per c2l */ -#define c2ln(c,l1,l2,n) { \ - c+=n; \ - l1=l2=0; \ - switch (n) { \ - case 8: l2 =((unsigned long)(*(--(c))))<<24; \ - case 7: l2|=((unsigned long)(*(--(c))))<<16; \ - case 6: l2|=((unsigned long)(*(--(c))))<< 8; \ - case 5: l2|=((unsigned long)(*(--(c)))); \ - case 4: l1 =((unsigned long)(*(--(c))))<<24; \ - case 3: l1|=((unsigned long)(*(--(c))))<<16; \ - case 2: l1|=((unsigned long)(*(--(c))))<< 8; \ - case 1: l1|=((unsigned long)(*(--(c)))); \ - } \ - } - -#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \ - *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ - *((c)++)=(unsigned char)(((l)>>16)&0xff), \ - *((c)++)=(unsigned char)(((l)>>24)&0xff)) - -#define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24, \ - l|=((unsigned long)(*((c)++)))<<16, \ - l|=((unsigned long)(*((c)++)))<< 8, \ - l|=((unsigned long)(*((c)++)))) - -#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \ - *((c)++)=(unsigned char)(((l)>>16)&0xff), \ - *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ - *((c)++)=(unsigned char)(((l) )&0xff)) - -/* NOTE - c is not incremented as per l2c */ -#define l2cn(l1,l2,c,n) { \ - c+=n; \ - switch (n) { \ - case 8: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \ - case 7: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \ - case 6: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \ - case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \ - case 4: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \ - case 3: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \ - case 2: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \ - case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \ - } \ - } - -#define n2s(c,s) ((s=(((unsigned int)(c[0]))<< 8)| \ - (((unsigned int)(c[1])) )),c+=2) -#define s2n(s,c) ((c[0]=(unsigned char)(((s)>> 8)&0xff), \ - c[1]=(unsigned char)(((s) )&0xff)),c+=2) - -#define n2l3(c,l) ((l =(((unsigned long)(c[0]))<<16)| \ - (((unsigned long)(c[1]))<< 8)| \ - (((unsigned long)(c[2])) )),c+=3) - -#define l2n3(l,c) ((c[0]=(unsigned char)(((l)>>16)&0xff), \ - c[1]=(unsigned char)(((l)>> 8)&0xff), \ - c[2]=(unsigned char)(((l) )&0xff)),c+=3) - -/* LOCAL STUFF */ - -#define SSL_DECRYPT 0 -#define SSL_ENCRYPT 1 - -#define TWO_BYTE_BIT 0x80 -#define SEC_ESC_BIT 0x40 -#define TWO_BYTE_MASK 0x7fff -#define THREE_BYTE_MASK 0x3fff - -#define INC32(a) ((a)=((a)+1)&0xffffffffL) -#define DEC32(a) ((a)=((a)-1)&0xffffffffL) -#define MAX_MAC_SIZE 20 /* up from 16 for SSLv3 */ - -/* - * Define the Bitmasks for SSL_CIPHER.algorithms. - * This bits are used packed as dense as possible. If new methods/ciphers - * etc will be added, the bits a likely to change, so this information - * is for internal library use only, even though SSL_CIPHER.algorithms - * can be publicly accessed. - * Use the according functions for cipher management instead. - * - * The bit mask handling in the selection and sorting scheme in - * ssl_create_cipher_list() has only limited capabilities, reflecting - * that the different entities within are mutually exclusive: - * ONLY ONE BIT PER MASK CAN BE SET AT A TIME. - */ -#define SSL_MKEY_MASK 0x0000001FL -#define SSL_kRSA 0x00000001L /* RSA key exchange */ -#define SSL_kDHr 0x00000002L /* DH cert RSA CA cert */ -#define SSL_kDHd 0x00000004L /* DH cert DSA CA cert */ -#define SSL_kFZA 0x00000008L -#define SSL_kEDH 0x00000010L /* tmp DH key no DH cert */ -#define SSL_EDH (SSL_kEDH|(SSL_AUTH_MASK^SSL_aNULL)) - -#define SSL_AUTH_MASK 0x000003e0L -#define SSL_aRSA 0x00000020L /* Authenticate with RSA */ -#define SSL_aDSS 0x00000040L /* Authenticate with DSS */ -#define SSL_DSS SSL_aDSS -#define SSL_aFZA 0x00000080L -#define SSL_aNULL 0x00000100L /* no Authenticate, ADH */ -#define SSL_aDH 0x00000200L /* no Authenticate, ADH */ - -#define SSL_NULL (SSL_eNULL) -#define SSL_ADH (SSL_kEDH|SSL_aNULL) -#define SSL_RSA (SSL_kRSA|SSL_aRSA) -#define SSL_DH (SSL_kDHr|SSL_kDHd|SSL_kEDH) -#define SSL_FZA (SSL_aFZA|SSL_kFZA|SSL_eFZA) - -#define SSL_ENC_MASK 0x0001Fc00L -#define SSL_DES 0x00000400L -#define SSL_3DES 0x00000800L -#define SSL_RC4 0x00001000L -#define SSL_RC2 0x00002000L -#define SSL_IDEA 0x00004000L -#define SSL_eFZA 0x00008000L -#define SSL_eNULL 0x00010000L - -#define SSL_MAC_MASK 0x00060000L -#define SSL_MD5 0x00020000L -#define SSL_SHA1 0x00040000L -#define SSL_SHA (SSL_SHA1) - -#define SSL_SSL_MASK 0x00180000L -#define SSL_SSLV2 0x00080000L -#define SSL_SSLV3 0x00100000L -#define SSL_TLSV1 SSL_SSLV3 /* for now */ - -/* we have used 001fffff - 11 bits left to go */ - -/* - * Export and cipher strength information. For each cipher we have to decide - * whether it is exportable or not. This information is likely to change - * over time, since the export control rules are no static technical issue. - * - * Independent of the export flag the cipher strength is sorted into classes. - * SSL_EXP40 was denoting the 40bit US export limit of past times, which now - * is at 56bit (SSL_EXP56). If the exportable cipher class is going to change - * again (eg. to 64bit) the use of "SSL_EXP*" becomes blurred even more, - * since SSL_EXP64 could be similar to SSL_LOW. - * For this reason SSL_MICRO and SSL_MINI macros are included to widen the - * namespace of SSL_LOW-SSL_HIGH to lower values. As development of speed - * and ciphers goes, another extension to SSL_SUPER and/or SSL_ULTRA would - * be possible. - */ -#define SSL_EXP_MASK 0x00000003L -#define SSL_NOT_EXP 0x00000001L -#define SSL_EXPORT 0x00000002L - -#define SSL_STRONG_MASK 0x0000007cL -#define SSL_EXP40 0x00000004L -#define SSL_MICRO (SSL_EXP40) -#define SSL_EXP56 0x00000008L -#define SSL_MINI (SSL_EXP56) -#define SSL_LOW 0x00000010L -#define SSL_MEDIUM 0x00000020L -#define SSL_HIGH 0x00000040L - -/* we have used 0000007f - 25 bits left to go */ - -/* - * Macros to check the export status and cipher strength for export ciphers. - * Even though the macros for EXPORT and EXPORT40/56 have similar names, - * their meaning is different: - * *_EXPORT macros check the 'exportable' status. - * *_EXPORT40/56 macros are used to check whether a certain cipher strength - * is given. - * Since the SSL_IS_EXPORT* and SSL_EXPORT* macros depend on the correct - * algorithm structure element to be passed (algorithms, algo_strength) and no - * typechecking can be done as they are all of type unsigned long, their - * direct usage is discouraged. - * Use the SSL_C_* macros instead. - */ -#define SSL_IS_EXPORT(a) ((a)&SSL_EXPORT) -#define SSL_IS_EXPORT56(a) ((a)&SSL_EXP56) -#define SSL_IS_EXPORT40(a) ((a)&SSL_EXP40) -#define SSL_C_IS_EXPORT(c) SSL_IS_EXPORT((c)->algo_strength) -#define SSL_C_IS_EXPORT56(c) SSL_IS_EXPORT56((c)->algo_strength) -#define SSL_C_IS_EXPORT40(c) SSL_IS_EXPORT40((c)->algo_strength) - -#define SSL_EXPORT_KEYLENGTH(a,s) (SSL_IS_EXPORT40(s) ? 5 : \ - ((a)&SSL_ENC_MASK) == SSL_DES ? 8 : 7) -#define SSL_EXPORT_PKEYLENGTH(a) (SSL_IS_EXPORT40(a) ? 512 : 1024) -#define SSL_C_EXPORT_KEYLENGTH(c) SSL_EXPORT_KEYLENGTH((c)->algorithms, \ - (c)->algo_strength) -#define SSL_C_EXPORT_PKEYLENGTH(c) SSL_EXPORT_PKEYLENGTH((c)->algo_strength) - - -#define SSL_ALL 0xffffffffL -#define SSL_ALL_CIPHERS (SSL_MKEY_MASK|SSL_AUTH_MASK|SSL_ENC_MASK|\ - SSL_MAC_MASK) -#define SSL_ALL_STRENGTHS (SSL_EXP_MASK|SSL_STRONG_MASK) - -/* Mostly for SSLv3 */ -#define SSL_PKEY_RSA_ENC 0 -#define SSL_PKEY_RSA_SIGN 1 -#define SSL_PKEY_DSA_SIGN 2 -#define SSL_PKEY_DH_RSA 3 -#define SSL_PKEY_DH_DSA 4 -#define SSL_PKEY_NUM 5 - -/* SSL_kRSA <- RSA_ENC | (RSA_TMP & RSA_SIGN) | - * <- (EXPORT & (RSA_ENC | RSA_TMP) & RSA_SIGN) - * SSL_kDH <- DH_ENC & (RSA_ENC | RSA_SIGN | DSA_SIGN) - * SSL_kEDH <- RSA_ENC | RSA_SIGN | DSA_SIGN - * SSL_aRSA <- RSA_ENC | RSA_SIGN - * SSL_aDSS <- DSA_SIGN - */ - -/* -#define CERT_INVALID 0 -#define CERT_PUBLIC_KEY 1 -#define CERT_PRIVATE_KEY 2 -*/ - -typedef struct cert_pkey_st - { - X509 *x509; - EVP_PKEY *privatekey; - } CERT_PKEY; - -typedef struct cert_st - { - /* Current active set */ - CERT_PKEY *key; /* ALWAYS points to an element of the pkeys array - * Probably it would make more sense to store - * an index, not a pointer. */ - - /* The following masks are for the key and auth - * algorithms that are supported by the certs below */ - int valid; - unsigned long mask; - unsigned long export_mask; -#ifndef NO_RSA - RSA *rsa_tmp; - RSA *(*rsa_tmp_cb)(SSL *ssl,int is_export,int keysize); -#endif -#ifndef NO_DH - DH *dh_tmp; - DH *(*dh_tmp_cb)(SSL *ssl,int is_export,int keysize); -#endif - - CERT_PKEY pkeys[SSL_PKEY_NUM]; - - int references; /* >1 only if SSL_copy_session_id is used */ - } CERT; - - -typedef struct sess_cert_st - { - STACK_OF(X509) *cert_chain; /* as received from peer (not for SSL2) */ - - /* The 'peer_...' members are used only by clients. */ - int peer_cert_type; - - CERT_PKEY *peer_key; /* points to an element of peer_pkeys (never NULL!) */ - CERT_PKEY peer_pkeys[SSL_PKEY_NUM]; - /* Obviously we don't have the private keys of these, - * so maybe we shouldn't even use the CERT_PKEY type here. */ - -#ifndef NO_RSA - RSA *peer_rsa_tmp; /* not used for SSL 2 */ -#endif -#ifndef NO_DH - DH *peer_dh_tmp; /* not used for SSL 2 */ -#endif - - int references; /* actually always 1 at the moment */ - } SESS_CERT; - - -/*#define MAC_DEBUG */ - -/*#define ERR_DEBUG */ -/*#define ABORT_DEBUG */ -/*#define PKT_DEBUG 1 */ -/*#define DES_DEBUG */ -/*#define DES_OFB_DEBUG */ -/*#define SSL_DEBUG */ -/*#define RSA_DEBUG */ -/*#define IDEA_DEBUG */ - -#define FP_ICC (int (*)(const void *,const void *)) -#define ssl_put_cipher_by_char(ssl,ciph,ptr) \ - ((ssl)->method->put_cipher_by_char((ciph),(ptr))) -#define ssl_get_cipher_by_char(ssl,ptr) \ - ((ssl)->method->get_cipher_by_char(ptr)) - -/* This is for the SSLv3/TLSv1.0 differences in crypto/hash stuff - * It is a bit of a mess of functions, but hell, think of it as - * an opaque structure :-) */ -typedef struct ssl3_enc_method - { - int (*enc)(SSL *, int); - int (*mac)(SSL *, unsigned char *, int); - int (*setup_key_block)(SSL *); - int (*generate_master_secret)(SSL *, unsigned char *, unsigned char *, int); - int (*change_cipher_state)(SSL *, int); - int (*final_finish_mac)(SSL *, EVP_MD_CTX *, EVP_MD_CTX *, const char *, int, unsigned char *); - int finish_mac_length; - int (*cert_verify_mac)(SSL *, EVP_MD_CTX *, unsigned char *); - const char *client_finished_label; - int client_finished_label_len; - const char *server_finished_label; - int server_finished_label_len; - int (*alert_value)(int); - } SSL3_ENC_METHOD; - -/* Used for holding the relevant compression methods loaded into SSL_CTX */ -typedef struct ssl3_comp_st - { - int comp_id; /* The identifier byte for this compression type */ - char *name; /* Text name used for the compression type */ - COMP_METHOD *method; /* The method :-) */ - } SSL3_COMP; - -OPENSSL_EXTERN SSL3_ENC_METHOD ssl3_undef_enc_method; -OPENSSL_EXTERN SSL_CIPHER ssl2_ciphers[]; -OPENSSL_EXTERN SSL_CIPHER ssl3_ciphers[]; - -#ifdef VMS -#undef SSL_COMP_get_compression_methods -#define SSL_COMP_get_compression_methods SSL_COMP_get_compress_methods -#endif - - -SSL_METHOD *ssl_bad_method(int ver); -SSL_METHOD *sslv2_base_method(void); -SSL_METHOD *sslv23_base_method(void); -SSL_METHOD *sslv3_base_method(void); - -void ssl_clear_cipher_ctx(SSL *s); -int ssl_clear_bad_session(SSL *s); -CERT *ssl_cert_new(void); -CERT *ssl_cert_dup(CERT *cert); -int ssl_cert_inst(CERT **o); -void ssl_cert_free(CERT *c); -SESS_CERT *ssl_sess_cert_new(void); -void ssl_sess_cert_free(SESS_CERT *sc); -int ssl_set_peer_cert_type(SESS_CERT *c, int type); -int ssl_get_new_session(SSL *s, int session); -int ssl_get_prev_session(SSL *s, unsigned char *session,int len); -int ssl_cipher_id_cmp(const SSL_CIPHER *a,const SSL_CIPHER *b); -int ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap, - const SSL_CIPHER * const *bp); -STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num, - STACK_OF(SSL_CIPHER) **skp); -int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p); -STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *meth, - STACK_OF(SSL_CIPHER) **pref, - STACK_OF(SSL_CIPHER) **sorted, - const char *rule_str); -void ssl_update_cache(SSL *s, int mode); -int ssl_cipher_get_evp(SSL_SESSION *s,const EVP_CIPHER **enc,const EVP_MD **md, - SSL_COMP **comp); -int ssl_verify_cert_chain(SSL *s,STACK_OF(X509) *sk); -int ssl_undefined_function(SSL *s); -X509 *ssl_get_server_send_cert(SSL *); -EVP_PKEY *ssl_get_sign_pkey(SSL *,SSL_CIPHER *); -int ssl_cert_type(X509 *x,EVP_PKEY *pkey); -void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher); -STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s); -int ssl_verify_alarm_type(long type); - -int ssl2_enc_init(SSL *s, int client); -void ssl2_generate_key_material(SSL *s); -void ssl2_enc(SSL *s,int send_data); -void ssl2_mac(SSL *s,unsigned char *mac,int send_data); -SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p); -int ssl2_put_cipher_by_char(const SSL_CIPHER *c,unsigned char *p); -int ssl2_part_read(SSL *s, unsigned long f, int i); -int ssl2_do_write(SSL *s); -int ssl2_set_certificate(SSL *s, int type, int len, unsigned char *data); -void ssl2_return_error(SSL *s,int reason); -void ssl2_write_error(SSL *s); -int ssl2_num_ciphers(void); -SSL_CIPHER *ssl2_get_cipher(unsigned int u); -int ssl2_new(SSL *s); -void ssl2_free(SSL *s); -int ssl2_accept(SSL *s); -int ssl2_connect(SSL *s); -int ssl2_read(SSL *s, void *buf, int len); -int ssl2_peek(SSL *s, char *buf, int len); -int ssl2_write(SSL *s, const void *buf, int len); -int ssl2_shutdown(SSL *s); -void ssl2_clear(SSL *s); -long ssl2_ctrl(SSL *s,int cmd, long larg, char *parg); -long ssl2_ctx_ctrl(SSL_CTX *s,int cmd, long larg, char *parg); -long ssl2_callback_ctrl(SSL *s,int cmd, void (*fp)()); -long ssl2_ctx_callback_ctrl(SSL_CTX *s,int cmd, void (*fp)()); -int ssl2_pending(SSL *s); - -SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p); -int ssl3_put_cipher_by_char(const SSL_CIPHER *c,unsigned char *p); -void ssl3_init_finished_mac(SSL *s); -int ssl3_send_server_certificate(SSL *s); -int ssl3_get_finished(SSL *s,int state_a,int state_b); -int ssl3_setup_key_block(SSL *s); -int ssl3_send_change_cipher_spec(SSL *s,int state_a,int state_b); -int ssl3_change_cipher_state(SSL *s,int which); -void ssl3_cleanup_key_block(SSL *s); -int ssl3_do_write(SSL *s,int type); -void ssl3_send_alert(SSL *s,int level, int desc); -int ssl3_generate_master_secret(SSL *s, unsigned char *out, - unsigned char *p, int len); -int ssl3_get_req_cert_type(SSL *s,unsigned char *p); -long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok); -int ssl3_send_finished(SSL *s, int a, int b, const char *sender,int slen); -int ssl3_num_ciphers(void); -SSL_CIPHER *ssl3_get_cipher(unsigned int u); -int ssl3_renegotiate(SSL *ssl); -int ssl3_renegotiate_check(SSL *ssl); -int ssl3_dispatch_alert(SSL *s); -int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len); -int ssl3_write_bytes(SSL *s, int type, const void *buf, int len); -int ssl3_final_finish_mac(SSL *s, EVP_MD_CTX *ctx1, EVP_MD_CTX *ctx2, - const char *sender, int slen,unsigned char *p); -int ssl3_cert_verify_mac(SSL *s, EVP_MD_CTX *in, unsigned char *p); -void ssl3_finish_mac(SSL *s, const unsigned char *buf, int len); -int ssl3_enc(SSL *s, int send_data); -int ssl3_mac(SSL *ssl, unsigned char *md, int send_data); -unsigned long ssl3_output_cert_chain(SSL *s, X509 *x); -SSL_CIPHER *ssl3_choose_cipher(SSL *ssl,STACK_OF(SSL_CIPHER) *have, - STACK_OF(SSL_CIPHER) *pref); -int ssl3_setup_buffers(SSL *s); -int ssl3_new(SSL *s); -void ssl3_free(SSL *s); -int ssl3_accept(SSL *s); -int ssl3_connect(SSL *s); -int ssl3_read(SSL *s, void *buf, int len); -int ssl3_peek(SSL *s,char *buf, int len); -int ssl3_write(SSL *s, const void *buf, int len); -int ssl3_shutdown(SSL *s); -void ssl3_clear(SSL *s); -long ssl3_ctrl(SSL *s,int cmd, long larg, char *parg); -long ssl3_ctx_ctrl(SSL_CTX *s,int cmd, long larg, char *parg); -long ssl3_callback_ctrl(SSL *s,int cmd, void (*fp)()); -long ssl3_ctx_callback_ctrl(SSL_CTX *s,int cmd, void (*fp)()); -int ssl3_pending(SSL *s); - -int ssl23_accept(SSL *s); -int ssl23_connect(SSL *s); -int ssl23_read_bytes(SSL *s, int n); -int ssl23_write_bytes(SSL *s); - -int tls1_new(SSL *s); -void tls1_free(SSL *s); -void tls1_clear(SSL *s); -long tls1_ctrl(SSL *s,int cmd, long larg, char *parg); -long tls1_callback_ctrl(SSL *s,int cmd, void (*fp)()); -SSL_METHOD *tlsv1_base_method(void ); - -int ssl_init_wbio_buffer(SSL *s, int push); -void ssl_free_wbio_buffer(SSL *s); - -int tls1_change_cipher_state(SSL *s, int which); -int tls1_setup_key_block(SSL *s); -int tls1_enc(SSL *s, int snd); -int tls1_final_finish_mac(SSL *s, EVP_MD_CTX *in1_ctx, EVP_MD_CTX *in2_ctx, - const char *str, int slen, unsigned char *p); -int tls1_cert_verify_mac(SSL *s, EVP_MD_CTX *in, unsigned char *p); -int tls1_mac(SSL *ssl, unsigned char *md, int snd); -int tls1_generate_master_secret(SSL *s, unsigned char *out, - unsigned char *p, int len); -int tls1_alert_code(int code); -int ssl3_alert_code(int code); -int ssl_ok(SSL *s); - -SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n); -STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void); - - -#endif diff --git a/src/lib/libssl/ssl_rsa.c b/src/lib/libssl/ssl_rsa.c deleted file mode 100644 index 6ec7a5cdb1..0000000000 --- a/src/lib/libssl/ssl_rsa.c +++ /dev/null @@ -1,815 +0,0 @@ -/* ssl/ssl_rsa.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include -#include -#include -#include "ssl_locl.h" - -static int ssl_set_cert(CERT *c, X509 *x509); -static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey); -int SSL_use_certificate(SSL *ssl, X509 *x) - { - if (x == NULL) - { - SSLerr(SSL_F_SSL_USE_CERTIFICATE,ERR_R_PASSED_NULL_PARAMETER); - return(0); - } - if (!ssl_cert_inst(&ssl->cert)) - { - SSLerr(SSL_F_SSL_USE_CERTIFICATE,ERR_R_MALLOC_FAILURE); - return(0); - } - return(ssl_set_cert(ssl->cert,x)); - } - -#ifndef NO_STDIO -int SSL_use_certificate_file(SSL *ssl, const char *file, int type) - { - int j; - BIO *in; - int ret=0; - X509 *x=NULL; - - in=BIO_new(BIO_s_file_internal()); - if (in == NULL) - { - SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE,ERR_R_BUF_LIB); - goto end; - } - - if (BIO_read_filename(in,file) <= 0) - { - SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE,ERR_R_SYS_LIB); - goto end; - } - if (type == SSL_FILETYPE_ASN1) - { - j=ERR_R_ASN1_LIB; - x=d2i_X509_bio(in,NULL); - } - else if (type == SSL_FILETYPE_PEM) - { - j=ERR_R_PEM_LIB; - x=PEM_read_bio_X509(in,NULL,ssl->ctx->default_passwd_callback,ssl->ctx->default_passwd_callback_userdata); - } - else - { - SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE,SSL_R_BAD_SSL_FILETYPE); - goto end; - } - - if (x == NULL) - { - SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE,j); - goto end; - } - - ret=SSL_use_certificate(ssl,x); -end: - if (x != NULL) X509_free(x); - if (in != NULL) BIO_free(in); - return(ret); - } -#endif - -int SSL_use_certificate_ASN1(SSL *ssl, unsigned char *d, int len) - { - X509 *x; - int ret; - - x=d2i_X509(NULL,&d,(long)len); - if (x == NULL) - { - SSLerr(SSL_F_SSL_USE_CERTIFICATE_ASN1,ERR_R_ASN1_LIB); - return(0); - } - - ret=SSL_use_certificate(ssl,x); - X509_free(x); - return(ret); - } - -#ifndef NO_RSA -int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa) - { - EVP_PKEY *pkey; - int ret; - - if (rsa == NULL) - { - SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY,ERR_R_PASSED_NULL_PARAMETER); - return(0); - } - if (!ssl_cert_inst(&ssl->cert)) - { - SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY,ERR_R_MALLOC_FAILURE); - return(0); - } - if ((pkey=EVP_PKEY_new()) == NULL) - { - SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY,ERR_R_EVP_LIB); - return(0); - } - - CRYPTO_add(&rsa->references,1,CRYPTO_LOCK_RSA); - EVP_PKEY_assign_RSA(pkey,rsa); - - ret=ssl_set_pkey(ssl->cert,pkey); - EVP_PKEY_free(pkey); - return(ret); - } -#endif - -static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey) - { - int i,ok=0,bad=0; - - i=ssl_cert_type(NULL,pkey); - if (i < 0) - { - SSLerr(SSL_F_SSL_SET_PKEY,SSL_R_UNKNOWN_CERTIFICATE_TYPE); - return(0); - } - - if (c->pkeys[i].x509 != NULL) - { - EVP_PKEY *pktmp; - pktmp = X509_get_pubkey(c->pkeys[i].x509); - EVP_PKEY_copy_parameters(pktmp,pkey); - EVP_PKEY_free(pktmp); - ERR_clear_error(); - -#ifndef NO_RSA - /* Don't check the public/private key, this is mostly - * for smart cards. */ - if ((pkey->type == EVP_PKEY_RSA) && - (RSA_flags(pkey->pkey.rsa) & - RSA_METHOD_FLAG_NO_CHECK)) - ok=1; - else -#endif - if (!X509_check_private_key(c->pkeys[i].x509,pkey)) - { - if ((i == SSL_PKEY_DH_RSA) || (i == SSL_PKEY_DH_DSA)) - { - i=(i == SSL_PKEY_DH_RSA)? - SSL_PKEY_DH_DSA:SSL_PKEY_DH_RSA; - - if (c->pkeys[i].x509 == NULL) - ok=1; - else - { - if (!X509_check_private_key( - c->pkeys[i].x509,pkey)) - bad=1; - else - ok=1; - } - } - else - bad=1; - } - else - ok=1; - } - else - ok=1; - - if (bad) - { - X509_free(c->pkeys[i].x509); - c->pkeys[i].x509=NULL; - return(0); - } - - if (c->pkeys[i].privatekey != NULL) - EVP_PKEY_free(c->pkeys[i].privatekey); - CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY); - c->pkeys[i].privatekey=pkey; - c->key= &(c->pkeys[i]); - - c->valid=0; - return(1); - } - -#ifndef NO_RSA -#ifndef NO_STDIO -int SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type) - { - int j,ret=0; - BIO *in; - RSA *rsa=NULL; - - in=BIO_new(BIO_s_file_internal()); - if (in == NULL) - { - SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,ERR_R_BUF_LIB); - goto end; - } - - if (BIO_read_filename(in,file) <= 0) - { - SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,ERR_R_SYS_LIB); - goto end; - } - if (type == SSL_FILETYPE_ASN1) - { - j=ERR_R_ASN1_LIB; - rsa=d2i_RSAPrivateKey_bio(in,NULL); - } - else if (type == SSL_FILETYPE_PEM) - { - j=ERR_R_PEM_LIB; - rsa=PEM_read_bio_RSAPrivateKey(in,NULL, - ssl->ctx->default_passwd_callback,ssl->ctx->default_passwd_callback_userdata); - } - else - { - SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE); - goto end; - } - if (rsa == NULL) - { - SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,j); - goto end; - } - ret=SSL_use_RSAPrivateKey(ssl,rsa); - RSA_free(rsa); -end: - if (in != NULL) BIO_free(in); - return(ret); - } -#endif - -int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len) - { - int ret; - unsigned char *p; - RSA *rsa; - - p=d; - if ((rsa=d2i_RSAPrivateKey(NULL,&p,(long)len)) == NULL) - { - SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1,ERR_R_ASN1_LIB); - return(0); - } - - ret=SSL_use_RSAPrivateKey(ssl,rsa); - RSA_free(rsa); - return(ret); - } -#endif /* !NO_RSA */ - -int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey) - { - int ret; - - if (pkey == NULL) - { - SSLerr(SSL_F_SSL_USE_PRIVATEKEY,ERR_R_PASSED_NULL_PARAMETER); - return(0); - } - if (!ssl_cert_inst(&ssl->cert)) - { - SSLerr(SSL_F_SSL_USE_PRIVATEKEY,ERR_R_MALLOC_FAILURE); - return(0); - } - ret=ssl_set_pkey(ssl->cert,pkey); - return(ret); - } - -#ifndef NO_STDIO -int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type) - { - int j,ret=0; - BIO *in; - EVP_PKEY *pkey=NULL; - - in=BIO_new(BIO_s_file_internal()); - if (in == NULL) - { - SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,ERR_R_BUF_LIB); - goto end; - } - - if (BIO_read_filename(in,file) <= 0) - { - SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,ERR_R_SYS_LIB); - goto end; - } - if (type == SSL_FILETYPE_PEM) - { - j=ERR_R_PEM_LIB; - pkey=PEM_read_bio_PrivateKey(in,NULL, - ssl->ctx->default_passwd_callback,ssl->ctx->default_passwd_callback_userdata); - } - else - { - SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE); - goto end; - } - if (pkey == NULL) - { - SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,j); - goto end; - } - ret=SSL_use_PrivateKey(ssl,pkey); - EVP_PKEY_free(pkey); -end: - if (in != NULL) BIO_free(in); - return(ret); - } -#endif - -int SSL_use_PrivateKey_ASN1(int type, SSL *ssl, unsigned char *d, long len) - { - int ret; - unsigned char *p; - EVP_PKEY *pkey; - - p=d; - if ((pkey=d2i_PrivateKey(type,NULL,&p,(long)len)) == NULL) - { - SSLerr(SSL_F_SSL_USE_PRIVATEKEY_ASN1,ERR_R_ASN1_LIB); - return(0); - } - - ret=SSL_use_PrivateKey(ssl,pkey); - EVP_PKEY_free(pkey); - return(ret); - } - -int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x) - { - if (x == NULL) - { - SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE,ERR_R_PASSED_NULL_PARAMETER); - return(0); - } - if (!ssl_cert_inst(&ctx->cert)) - { - SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE,ERR_R_MALLOC_FAILURE); - return(0); - } - return(ssl_set_cert(ctx->cert, x)); - } - -static int ssl_set_cert(CERT *c, X509 *x) - { - EVP_PKEY *pkey; - int i,ok=0,bad=0; - - pkey=X509_get_pubkey(x); - if (pkey == NULL) - { - SSLerr(SSL_F_SSL_SET_CERT,SSL_R_X509_LIB); - return(0); - } - - i=ssl_cert_type(x,pkey); - if (i < 0) - { - SSLerr(SSL_F_SSL_SET_CERT,SSL_R_UNKNOWN_CERTIFICATE_TYPE); - EVP_PKEY_free(pkey); - return(0); - } - - if (c->pkeys[i].privatekey != NULL) - { - EVP_PKEY_copy_parameters(pkey,c->pkeys[i].privatekey); - ERR_clear_error(); - -#ifndef NO_RSA - /* Don't check the public/private key, this is mostly - * for smart cards. */ - if ((c->pkeys[i].privatekey->type == EVP_PKEY_RSA) && - (RSA_flags(c->pkeys[i].privatekey->pkey.rsa) & - RSA_METHOD_FLAG_NO_CHECK)) - ok=1; - else -#endif - { - if (!X509_check_private_key(x,c->pkeys[i].privatekey)) - { - if ((i == SSL_PKEY_DH_RSA) || (i == SSL_PKEY_DH_DSA)) - { - i=(i == SSL_PKEY_DH_RSA)? - SSL_PKEY_DH_DSA:SSL_PKEY_DH_RSA; - - if (c->pkeys[i].privatekey == NULL) - ok=1; - else - { - if (!X509_check_private_key(x, - c->pkeys[i].privatekey)) - bad=1; - else - ok=1; - } - } - else - bad=1; - } - else - ok=1; - } /* NO_RSA */ - } - else - ok=1; - - EVP_PKEY_free(pkey); - if (bad) - { - EVP_PKEY_free(c->pkeys[i].privatekey); - c->pkeys[i].privatekey=NULL; - } - - if (c->pkeys[i].x509 != NULL) - X509_free(c->pkeys[i].x509); - CRYPTO_add(&x->references,1,CRYPTO_LOCK_X509); - c->pkeys[i].x509=x; - c->key= &(c->pkeys[i]); - - c->valid=0; - return(1); - } - -#ifndef NO_STDIO -int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type) - { - int j; - BIO *in; - int ret=0; - X509 *x=NULL; - - in=BIO_new(BIO_s_file_internal()); - if (in == NULL) - { - SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,ERR_R_BUF_LIB); - goto end; - } - - if (BIO_read_filename(in,file) <= 0) - { - SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,ERR_R_SYS_LIB); - goto end; - } - if (type == SSL_FILETYPE_ASN1) - { - j=ERR_R_ASN1_LIB; - x=d2i_X509_bio(in,NULL); - } - else if (type == SSL_FILETYPE_PEM) - { - j=ERR_R_PEM_LIB; - x=PEM_read_bio_X509(in,NULL,ctx->default_passwd_callback,ctx->default_passwd_callback_userdata); - } - else - { - SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,SSL_R_BAD_SSL_FILETYPE); - goto end; - } - - if (x == NULL) - { - SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,j); - goto end; - } - - ret=SSL_CTX_use_certificate(ctx,x); -end: - if (x != NULL) X509_free(x); - if (in != NULL) BIO_free(in); - return(ret); - } -#endif - -int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d) - { - X509 *x; - int ret; - - x=d2i_X509(NULL,&d,(long)len); - if (x == NULL) - { - SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1,ERR_R_ASN1_LIB); - return(0); - } - - ret=SSL_CTX_use_certificate(ctx,x); - X509_free(x); - return(ret); - } - -#ifndef NO_RSA -int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa) - { - int ret; - EVP_PKEY *pkey; - - if (rsa == NULL) - { - SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY,ERR_R_PASSED_NULL_PARAMETER); - return(0); - } - if (!ssl_cert_inst(&ctx->cert)) - { - SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY,ERR_R_MALLOC_FAILURE); - return(0); - } - if ((pkey=EVP_PKEY_new()) == NULL) - { - SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY,ERR_R_EVP_LIB); - return(0); - } - - CRYPTO_add(&rsa->references,1,CRYPTO_LOCK_RSA); - EVP_PKEY_assign_RSA(pkey,rsa); - - ret=ssl_set_pkey(ctx->cert, pkey); - EVP_PKEY_free(pkey); - return(ret); - } - -#ifndef NO_STDIO -int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type) - { - int j,ret=0; - BIO *in; - RSA *rsa=NULL; - - in=BIO_new(BIO_s_file_internal()); - if (in == NULL) - { - SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,ERR_R_BUF_LIB); - goto end; - } - - if (BIO_read_filename(in,file) <= 0) - { - SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,ERR_R_SYS_LIB); - goto end; - } - if (type == SSL_FILETYPE_ASN1) - { - j=ERR_R_ASN1_LIB; - rsa=d2i_RSAPrivateKey_bio(in,NULL); - } - else if (type == SSL_FILETYPE_PEM) - { - j=ERR_R_PEM_LIB; - rsa=PEM_read_bio_RSAPrivateKey(in,NULL, - ctx->default_passwd_callback,ctx->default_passwd_callback_userdata); - } - else - { - SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE); - goto end; - } - if (rsa == NULL) - { - SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,j); - goto end; - } - ret=SSL_CTX_use_RSAPrivateKey(ctx,rsa); - RSA_free(rsa); -end: - if (in != NULL) BIO_free(in); - return(ret); - } -#endif - -int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len) - { - int ret; - unsigned char *p; - RSA *rsa; - - p=d; - if ((rsa=d2i_RSAPrivateKey(NULL,&p,(long)len)) == NULL) - { - SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1,ERR_R_ASN1_LIB); - return(0); - } - - ret=SSL_CTX_use_RSAPrivateKey(ctx,rsa); - RSA_free(rsa); - return(ret); - } -#endif /* !NO_RSA */ - -int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey) - { - if (pkey == NULL) - { - SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY,ERR_R_PASSED_NULL_PARAMETER); - return(0); - } - if (!ssl_cert_inst(&ctx->cert)) - { - SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY,ERR_R_MALLOC_FAILURE); - return(0); - } - return(ssl_set_pkey(ctx->cert,pkey)); - } - -#ifndef NO_STDIO -int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type) - { - int j,ret=0; - BIO *in; - EVP_PKEY *pkey=NULL; - - in=BIO_new(BIO_s_file_internal()); - if (in == NULL) - { - SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,ERR_R_BUF_LIB); - goto end; - } - - if (BIO_read_filename(in,file) <= 0) - { - SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,ERR_R_SYS_LIB); - goto end; - } - if (type == SSL_FILETYPE_PEM) - { - j=ERR_R_PEM_LIB; - pkey=PEM_read_bio_PrivateKey(in,NULL, - ctx->default_passwd_callback,ctx->default_passwd_callback_userdata); - } - else - { - SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE); - goto end; - } - if (pkey == NULL) - { - SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,j); - goto end; - } - ret=SSL_CTX_use_PrivateKey(ctx,pkey); - EVP_PKEY_free(pkey); -end: - if (in != NULL) BIO_free(in); - return(ret); - } -#endif - -int SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx, unsigned char *d, - long len) - { - int ret; - unsigned char *p; - EVP_PKEY *pkey; - - p=d; - if ((pkey=d2i_PrivateKey(type,NULL,&p,(long)len)) == NULL) - { - SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1,ERR_R_ASN1_LIB); - return(0); - } - - ret=SSL_CTX_use_PrivateKey(ctx,pkey); - EVP_PKEY_free(pkey); - return(ret); - } - - -#ifndef NO_STDIO -/* Read a file that contains our certificate in "PEM" format, - * possibly followed by a sequence of CA certificates that should be - * sent to the peer in the Certificate message. - */ -int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file) - { - BIO *in; - int ret=0; - X509 *x=NULL; - - in=BIO_new(BIO_s_file_internal()); - if (in == NULL) - { - SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE,ERR_R_BUF_LIB); - goto end; - } - - if (BIO_read_filename(in,file) <= 0) - { - SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE,ERR_R_SYS_LIB); - goto end; - } - - x=PEM_read_bio_X509(in,NULL,ctx->default_passwd_callback,ctx->default_passwd_callback_userdata); - if (x == NULL) - { - SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE,ERR_R_PEM_LIB); - goto end; - } - - ret=SSL_CTX_use_certificate(ctx,x); - if (ERR_peek_error() != 0) - ret = 0; /* Key/certificate mismatch doesn't imply ret==0 ... */ - if (ret) - { - /* If we could set up our certificate, now proceed to - * the CA certificates. - */ - X509 *ca; - int r; - unsigned long err; - - if (ctx->extra_certs != NULL) - { - sk_X509_pop_free(ctx->extra_certs, X509_free); - ctx->extra_certs = NULL; - } - - while ((ca = PEM_read_bio_X509(in,NULL,ctx->default_passwd_callback,ctx->default_passwd_callback_userdata)) - != NULL) - { - r = SSL_CTX_add_extra_chain_cert(ctx, ca); - if (!r) - { - X509_free(ca); - ret = 0; - goto end; - } - /* Note that we must not free r if it was successfully - * added to the chain (while we must free the main - * certificate, since its reference count is increased - * by SSL_CTX_use_certificate). */ - } - /* When the while loop ends, it's usually just EOF. */ - err = ERR_peek_error(); - if (ERR_GET_LIB(err) == ERR_LIB_PEM && ERR_GET_REASON(err) == PEM_R_NO_START_LINE) - (void) ERR_get_error(); - else - ret = 0; /* some real error */ - } - -end: - if (x != NULL) X509_free(x); - if (in != NULL) BIO_free(in); - return(ret); - } -#endif diff --git a/src/lib/libssl/ssl_sess.c b/src/lib/libssl/ssl_sess.c deleted file mode 100644 index 416def8908..0000000000 --- a/src/lib/libssl/ssl_sess.c +++ /dev/null @@ -1,680 +0,0 @@ -/* ssl/ssl_sess.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include "ssl_locl.h" - -static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s); -static void SSL_SESSION_list_add(SSL_CTX *ctx,SSL_SESSION *s); -static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck); -static int ssl_session_num=0; -static STACK_OF(CRYPTO_EX_DATA_FUNCS) *ssl_session_meth=NULL; - -SSL_SESSION *SSL_get_session(SSL *ssl) -/* aka SSL_get0_session; gets 0 objects, just returns a copy of the pointer */ - { - return(ssl->session); - } - -SSL_SESSION *SSL_get1_session(SSL *ssl) -/* variant of SSL_get_session: caller really gets something */ - { - SSL_SESSION *sess; - /* Need to lock this all up rather than just use CRYPTO_add so that - * somebody doesn't free ssl->session between when we check it's - * non-null and when we up the reference count. */ - CRYPTO_r_lock(CRYPTO_LOCK_SSL_SESSION); - sess = ssl->session; - if(sess) - sess->references++; - CRYPTO_r_unlock(CRYPTO_LOCK_SSL_SESSION); - return(sess); - } - -int SSL_SESSION_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) - { - ssl_session_num++; - return(CRYPTO_get_ex_new_index(ssl_session_num-1, - &ssl_session_meth, - argl,argp,new_func,dup_func,free_func)); - } - -int SSL_SESSION_set_ex_data(SSL_SESSION *s, int idx, void *arg) - { - return(CRYPTO_set_ex_data(&s->ex_data,idx,arg)); - } - -void *SSL_SESSION_get_ex_data(SSL_SESSION *s, int idx) - { - return(CRYPTO_get_ex_data(&s->ex_data,idx)); - } - -SSL_SESSION *SSL_SESSION_new(void) - { - SSL_SESSION *ss; - - ss=(SSL_SESSION *)OPENSSL_malloc(sizeof(SSL_SESSION)); - if (ss == NULL) - { - SSLerr(SSL_F_SSL_SESSION_NEW,ERR_R_MALLOC_FAILURE); - return(0); - } - memset(ss,0,sizeof(SSL_SESSION)); - - ss->verify_result = 1; /* avoid 0 (= X509_V_OK) just in case */ - ss->references=1; - ss->timeout=60*5+4; /* 5 minute timeout by default */ - ss->time=time(NULL); - ss->prev=NULL; - ss->next=NULL; - ss->compress_meth=0; - CRYPTO_new_ex_data(ssl_session_meth,ss,&ss->ex_data); - return(ss); - } - -int ssl_get_new_session(SSL *s, int session) - { - /* This gets used by clients and servers. */ - - SSL_SESSION *ss=NULL; - - if ((ss=SSL_SESSION_new()) == NULL) return(0); - - /* If the context has a default timeout, use it */ - if (s->ctx->session_timeout == 0) - ss->timeout=SSL_get_default_timeout(s); - else - ss->timeout=s->ctx->session_timeout; - - if (s->session != NULL) - { - SSL_SESSION_free(s->session); - s->session=NULL; - } - - if (session) - { - if (s->version == SSL2_VERSION) - { - ss->ssl_version=SSL2_VERSION; - ss->session_id_length=SSL2_SSL_SESSION_ID_LENGTH; - } - else if (s->version == SSL3_VERSION) - { - ss->ssl_version=SSL3_VERSION; - ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH; - } - else if (s->version == TLS1_VERSION) - { - ss->ssl_version=TLS1_VERSION; - ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH; - } - else - { - SSLerr(SSL_F_SSL_GET_NEW_SESSION,SSL_R_UNSUPPORTED_SSL_VERSION); - SSL_SESSION_free(ss); - return(0); - } - - for (;;) - { - SSL_SESSION *r; - - RAND_pseudo_bytes(ss->session_id,ss->session_id_length); - CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX); - r=(SSL_SESSION *)lh_retrieve(s->ctx->sessions, ss); - CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX); - if (r == NULL) break; - /* else - woops a session_id match */ - /* XXX We should also check the external cache -- - * but the probability of a collision is negligible, and - * we could not prevent the concurrent creation of sessions - * with identical IDs since we currently don't have means - * to atomically check whether a session ID already exists - * and make a reservation for it if it does not - * (this problem applies to the internal cache as well). - */ - } - } - else - { - ss->session_id_length=0; - } - - memcpy(ss->sid_ctx,s->sid_ctx,s->sid_ctx_length); - ss->sid_ctx_length=s->sid_ctx_length; - s->session=ss; - ss->ssl_version=s->version; - ss->verify_result = X509_V_OK; - - return(1); - } - -int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len) - { - /* This is used only by servers. */ - - SSL_SESSION *ret=NULL,data; - int fatal = 0; - - data.ssl_version=s->version; - data.session_id_length=len; - if (len > SSL_MAX_SSL_SESSION_ID_LENGTH) - goto err; - memcpy(data.session_id,session_id,len); - - if (!(s->ctx->session_cache_mode & SSL_SESS_CACHE_NO_INTERNAL_LOOKUP)) - { - CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX); - ret=(SSL_SESSION *)lh_retrieve(s->ctx->sessions,&data); - if (ret != NULL) - /* don't allow other threads to steal it: */ - CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION); - CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX); - } - - if (ret == NULL) - { - int copy=1; - - s->ctx->stats.sess_miss++; - ret=NULL; - if (s->ctx->get_session_cb != NULL - && (ret=s->ctx->get_session_cb(s,session_id,len,©)) - != NULL) - { - s->ctx->stats.sess_cb_hit++; - - /* Increment reference count now if the session callback - * asks us to do so (note that if the session structures - * returned by the callback are shared between threads, - * it must handle the reference count itself [i.e. copy == 0], - * or things won't be thread-safe). */ - if (copy) - CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION); - - /* The following should not return 1, otherwise, - * things are very strange */ - SSL_CTX_add_session(s->ctx,ret); - } - if (ret == NULL) - goto err; - } - - /* Now ret is non-NULL, and we own one of its reference counts. */ - - if((s->verify_mode&SSL_VERIFY_PEER) - && (!s->sid_ctx_length || ret->sid_ctx_length != s->sid_ctx_length - || memcmp(ret->sid_ctx,s->sid_ctx,ret->sid_ctx_length))) - { - /* We've found the session named by the client, but we don't - * want to use it in this context. */ - - if (s->sid_ctx_length == 0) - { - /* application should have used SSL[_CTX]_set_session_id_context - * -- we could tolerate this and just pretend we never heard - * of this session, but then applications could effectively - * disable the session cache by accident without anyone noticing */ - - SSLerr(SSL_F_SSL_GET_PREV_SESSION,SSL_R_SESSION_ID_CONTEXT_UNINITIALIZED); - fatal = 1; - goto err; - } - else - { -#if 0 /* The client cannot always know when a session is not appropriate, - * so we shouldn't generate an error message. */ - - SSLerr(SSL_F_SSL_GET_PREV_SESSION,SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT); -#endif - goto err; /* treat like cache miss */ - } - } - - if (ret->cipher == NULL) - { - unsigned char buf[5],*p; - unsigned long l; - - p=buf; - l=ret->cipher_id; - l2n(l,p); - if ((ret->ssl_version>>8) == SSL3_VERSION_MAJOR) - ret->cipher=ssl_get_cipher_by_char(s,&(buf[2])); - else - ret->cipher=ssl_get_cipher_by_char(s,&(buf[1])); - if (ret->cipher == NULL) - goto err; - } - - -#if 0 /* This is way too late. */ - - /* If a thread got the session, then 'swaped', and another got - * it and then due to a time-out decided to 'OPENSSL_free' it we could - * be in trouble. So I'll increment it now, then double decrement - * later - am I speaking rubbish?. */ - CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION); -#endif - - if ((long)(ret->time+ret->timeout) < (long)time(NULL)) /* timeout */ - { - s->ctx->stats.sess_timeout++; - /* remove it from the cache */ - SSL_CTX_remove_session(s->ctx,ret); - goto err; - } - - s->ctx->stats.sess_hit++; - - /* ret->time=time(NULL); */ /* rezero timeout? */ - /* again, just leave the session - * if it is the same session, we have just incremented and - * then decremented the reference count :-) */ - if (s->session != NULL) - SSL_SESSION_free(s->session); - s->session=ret; - s->verify_result = s->session->verify_result; - return(1); - - err: - if (ret != NULL) - SSL_SESSION_free(ret); - if (fatal) - return -1; - else - return 0; - } - -int SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c) - { - int ret=0; - SSL_SESSION *s; - - /* add just 1 reference count for the SSL_CTX's session cache - * even though it has two ways of access: each session is in a - * doubly linked list and an lhash */ - CRYPTO_add(&c->references,1,CRYPTO_LOCK_SSL_SESSION); - /* if session c is in already in cache, we take back the increment later */ - - CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX); - s=(SSL_SESSION *)lh_insert(ctx->sessions,c); - - /* s != NULL iff we already had a session with the given PID. - * In this case, s == c should hold (then we did not really modify - * ctx->sessions), or we're in trouble. */ - if (s != NULL && s != c) - { - /* We *are* in trouble ... */ - SSL_SESSION_list_remove(ctx,s); - SSL_SESSION_free(s); - /* ... so pretend the other session did not exist in cache - * (we cannot handle two SSL_SESSION structures with identical - * session ID in the same cache, which could happen e.g. when - * two threads concurrently obtain the same session from an external - * cache) */ - s = NULL; - } - - /* Put at the head of the queue unless it is already in the cache */ - if (s == NULL) - SSL_SESSION_list_add(ctx,c); - - if (s != NULL) - { - /* existing cache entry -- decrement previously incremented reference - * count because it already takes into account the cache */ - - SSL_SESSION_free(s); /* s == c */ - ret=0; - } - else - { - /* new cache entry -- remove old ones if cache has become too large */ - - ret=1; - - if (SSL_CTX_sess_get_cache_size(ctx) > 0) - { - while (SSL_CTX_sess_number(ctx) > - SSL_CTX_sess_get_cache_size(ctx)) - { - if (!remove_session_lock(ctx, - ctx->session_cache_tail, 0)) - break; - else - ctx->stats.sess_cache_full++; - } - } - } - CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX); - return(ret); - } - -int SSL_CTX_remove_session(SSL_CTX *ctx, SSL_SESSION *c) -{ - return remove_session_lock(ctx, c, 1); -} - -static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck) - { - SSL_SESSION *r; - int ret=0; - - if ((c != NULL) && (c->session_id_length != 0)) - { - if(lck) CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX); - r=(SSL_SESSION *)lh_delete(ctx->sessions,c); - if (r != NULL) - { - ret=1; - SSL_SESSION_list_remove(ctx,c); - } - - if(lck) CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX); - - if (ret) - { - r->not_resumable=1; - if (ctx->remove_session_cb != NULL) - ctx->remove_session_cb(ctx,r); - SSL_SESSION_free(r); - } - } - else - ret=0; - return(ret); - } - -void SSL_SESSION_free(SSL_SESSION *ss) - { - int i; - - if(ss == NULL) - return; - - i=CRYPTO_add(&ss->references,-1,CRYPTO_LOCK_SSL_SESSION); -#ifdef REF_PRINT - REF_PRINT("SSL_SESSION",ss); -#endif - if (i > 0) return; -#ifdef REF_CHECK - if (i < 0) - { - fprintf(stderr,"SSL_SESSION_free, bad reference count\n"); - abort(); /* ok */ - } -#endif - - CRYPTO_free_ex_data(ssl_session_meth,ss,&ss->ex_data); - - memset(ss->key_arg,0,SSL_MAX_KEY_ARG_LENGTH); - memset(ss->master_key,0,SSL_MAX_MASTER_KEY_LENGTH); - memset(ss->session_id,0,SSL_MAX_SSL_SESSION_ID_LENGTH); - if (ss->sess_cert != NULL) ssl_sess_cert_free(ss->sess_cert); - if (ss->peer != NULL) X509_free(ss->peer); - if (ss->ciphers != NULL) sk_SSL_CIPHER_free(ss->ciphers); - memset(ss,0,sizeof(*ss)); - OPENSSL_free(ss); - } - -int SSL_set_session(SSL *s, SSL_SESSION *session) - { - int ret=0; - SSL_METHOD *meth; - - if (session != NULL) - { - meth=s->ctx->method->get_ssl_method(session->ssl_version); - if (meth == NULL) - meth=s->method->get_ssl_method(session->ssl_version); - if (meth == NULL) - { - SSLerr(SSL_F_SSL_SET_SESSION,SSL_R_UNABLE_TO_FIND_SSL_METHOD); - return(0); - } - - if (meth != s->method) - { - if (!SSL_set_ssl_method(s,meth)) - return(0); - if (s->ctx->session_timeout == 0) - session->timeout=SSL_get_default_timeout(s); - else - session->timeout=s->ctx->session_timeout; - } - - /* CRYPTO_w_lock(CRYPTO_LOCK_SSL);*/ - CRYPTO_add(&session->references,1,CRYPTO_LOCK_SSL_SESSION); - if (s->session != NULL) - SSL_SESSION_free(s->session); - s->session=session; - /* CRYPTO_w_unlock(CRYPTO_LOCK_SSL);*/ - ret=1; - } - else - { - if (s->session != NULL) - { - SSL_SESSION_free(s->session); - s->session=NULL; - } - - meth=s->ctx->method; - if (meth != s->method) - { - if (!SSL_set_ssl_method(s,meth)) - return(0); - } - ret=1; - } - return(ret); - } - -long SSL_SESSION_set_timeout(SSL_SESSION *s, long t) - { - if (s == NULL) return(0); - s->timeout=t; - return(1); - } - -long SSL_SESSION_get_timeout(SSL_SESSION *s) - { - if (s == NULL) return(0); - return(s->timeout); - } - -long SSL_SESSION_get_time(SSL_SESSION *s) - { - if (s == NULL) return(0); - return(s->time); - } - -long SSL_SESSION_set_time(SSL_SESSION *s, long t) - { - if (s == NULL) return(0); - s->time=t; - return(t); - } - -long SSL_CTX_set_timeout(SSL_CTX *s, long t) - { - long l; - if (s == NULL) return(0); - l=s->session_timeout; - s->session_timeout=t; - return(l); - } - -long SSL_CTX_get_timeout(SSL_CTX *s) - { - if (s == NULL) return(0); - return(s->session_timeout); - } - -typedef struct timeout_param_st - { - SSL_CTX *ctx; - long time; - LHASH *cache; - } TIMEOUT_PARAM; - -static void timeout(SSL_SESSION *s, TIMEOUT_PARAM *p) - { - if ((p->time == 0) || (p->time > (s->time+s->timeout))) /* timeout */ - { - /* The reason we don't call SSL_CTX_remove_session() is to - * save on locking overhead */ - lh_delete(p->cache,s); - SSL_SESSION_list_remove(p->ctx,s); - s->not_resumable=1; - if (p->ctx->remove_session_cb != NULL) - p->ctx->remove_session_cb(p->ctx,s); - SSL_SESSION_free(s); - } - } - -void SSL_CTX_flush_sessions(SSL_CTX *s, long t) - { - unsigned long i; - TIMEOUT_PARAM tp; - - tp.ctx=s; - tp.cache=s->sessions; - if (tp.cache == NULL) return; - tp.time=t; - CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX); - i=tp.cache->down_load; - tp.cache->down_load=0; - lh_doall_arg(tp.cache,(void (*)())timeout,&tp); - tp.cache->down_load=i; - CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX); - } - -int ssl_clear_bad_session(SSL *s) - { - if ( (s->session != NULL) && - !(s->shutdown & SSL_SENT_SHUTDOWN) && - !(SSL_in_init(s) || SSL_in_before(s))) - { - SSL_CTX_remove_session(s->ctx,s->session); - return(1); - } - else - return(0); - } - -/* locked by SSL_CTX in the calling function */ -static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s) - { - if ((s->next == NULL) || (s->prev == NULL)) return; - - if (s->next == (SSL_SESSION *)&(ctx->session_cache_tail)) - { /* last element in list */ - if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head)) - { /* only one element in list */ - ctx->session_cache_head=NULL; - ctx->session_cache_tail=NULL; - } - else - { - ctx->session_cache_tail=s->prev; - s->prev->next=(SSL_SESSION *)&(ctx->session_cache_tail); - } - } - else - { - if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head)) - { /* first element in list */ - ctx->session_cache_head=s->next; - s->next->prev=(SSL_SESSION *)&(ctx->session_cache_head); - } - else - { /* middle of list */ - s->next->prev=s->prev; - s->prev->next=s->next; - } - } - s->prev=s->next=NULL; - } - -static void SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s) - { - if ((s->next != NULL) && (s->prev != NULL)) - SSL_SESSION_list_remove(ctx,s); - - if (ctx->session_cache_head == NULL) - { - ctx->session_cache_head=s; - ctx->session_cache_tail=s; - s->prev=(SSL_SESSION *)&(ctx->session_cache_head); - s->next=(SSL_SESSION *)&(ctx->session_cache_tail); - } - else - { - s->next=ctx->session_cache_head; - s->next->prev=s; - s->prev=(SSL_SESSION *)&(ctx->session_cache_head); - ctx->session_cache_head=s; - } - } - diff --git a/src/lib/libssl/ssl_stat.c b/src/lib/libssl/ssl_stat.c deleted file mode 100644 index 8e12461f3b..0000000000 --- a/src/lib/libssl/ssl_stat.c +++ /dev/null @@ -1,454 +0,0 @@ -/* ssl/ssl_stat.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include "ssl_locl.h" - -char *SSL_state_string_long(SSL *s) - { - char *str; - - switch (s->state) - { -case SSL_ST_BEFORE: str="before SSL initialization"; break; -case SSL_ST_ACCEPT: str="before accept initialization"; break; -case SSL_ST_CONNECT: str="before connect initialization"; break; -case SSL_ST_OK: str="SSL negotiation finished successfully"; break; -case SSL_ST_RENEGOTIATE: str="SSL renegotiate ciphers"; break; -case SSL_ST_BEFORE|SSL_ST_CONNECT: str="before/connect initialization"; break; -case SSL_ST_OK|SSL_ST_CONNECT: str="ok/connect SSL initialization"; break; -case SSL_ST_BEFORE|SSL_ST_ACCEPT: str="before/accept initialization"; break; -case SSL_ST_OK|SSL_ST_ACCEPT: str="ok/accept SSL initialization"; break; -#ifndef NO_SSL2 -case SSL2_ST_CLIENT_START_ENCRYPTION: str="SSLv2 client start encryption"; break; -case SSL2_ST_SERVER_START_ENCRYPTION: str="SSLv2 server start encryption"; break; -case SSL2_ST_SEND_CLIENT_HELLO_A: str="SSLv2 write client hello A"; break; -case SSL2_ST_SEND_CLIENT_HELLO_B: str="SSLv2 write client hello B"; break; -case SSL2_ST_GET_SERVER_HELLO_A: str="SSLv2 read server hello A"; break; -case SSL2_ST_GET_SERVER_HELLO_B: str="SSLv2 read server hello B"; break; -case SSL2_ST_SEND_CLIENT_MASTER_KEY_A: str="SSLv2 write client master key A"; break; -case SSL2_ST_SEND_CLIENT_MASTER_KEY_B: str="SSLv2 write client master key B"; break; -case SSL2_ST_SEND_CLIENT_FINISHED_A: str="SSLv2 write client finished A"; break; -case SSL2_ST_SEND_CLIENT_FINISHED_B: str="SSLv2 write client finished B"; break; -case SSL2_ST_SEND_CLIENT_CERTIFICATE_A: str="SSLv2 write client certificate A"; break; -case SSL2_ST_SEND_CLIENT_CERTIFICATE_B: str="SSLv2 write client certificate B"; break; -case SSL2_ST_SEND_CLIENT_CERTIFICATE_C: str="SSLv2 write client certificate C"; break; -case SSL2_ST_SEND_CLIENT_CERTIFICATE_D: str="SSLv2 write client certificate D"; break; -case SSL2_ST_GET_SERVER_VERIFY_A: str="SSLv2 read server verify A"; break; -case SSL2_ST_GET_SERVER_VERIFY_B: str="SSLv2 read server verify B"; break; -case SSL2_ST_GET_SERVER_FINISHED_A: str="SSLv2 read server finished A"; break; -case SSL2_ST_GET_SERVER_FINISHED_B: str="SSLv2 read server finished B"; break; -case SSL2_ST_GET_CLIENT_HELLO_A: str="SSLv2 read client hello A"; break; -case SSL2_ST_GET_CLIENT_HELLO_B: str="SSLv2 read client hello B"; break; -case SSL2_ST_GET_CLIENT_HELLO_C: str="SSLv2 read client hello C"; break; -case SSL2_ST_SEND_SERVER_HELLO_A: str="SSLv2 write server hello A"; break; -case SSL2_ST_SEND_SERVER_HELLO_B: str="SSLv2 write server hello B"; break; -case SSL2_ST_GET_CLIENT_MASTER_KEY_A: str="SSLv2 read client master key A"; break; -case SSL2_ST_GET_CLIENT_MASTER_KEY_B: str="SSLv2 read client master key B"; break; -case SSL2_ST_SEND_SERVER_VERIFY_A: str="SSLv2 write server verify A"; break; -case SSL2_ST_SEND_SERVER_VERIFY_B: str="SSLv2 write server verify B"; break; -case SSL2_ST_SEND_SERVER_VERIFY_C: str="SSLv2 write server verify C"; break; -case SSL2_ST_GET_CLIENT_FINISHED_A: str="SSLv2 read client finished A"; break; -case SSL2_ST_GET_CLIENT_FINISHED_B: str="SSLv2 read client finished B"; break; -case SSL2_ST_SEND_SERVER_FINISHED_A: str="SSLv2 write server finished A"; break; -case SSL2_ST_SEND_SERVER_FINISHED_B: str="SSLv2 write server finished B"; break; -case SSL2_ST_SEND_REQUEST_CERTIFICATE_A: str="SSLv2 write request certificate A"; break; -case SSL2_ST_SEND_REQUEST_CERTIFICATE_B: str="SSLv2 write request certificate B"; break; -case SSL2_ST_SEND_REQUEST_CERTIFICATE_C: str="SSLv2 write request certificate C"; break; -case SSL2_ST_SEND_REQUEST_CERTIFICATE_D: str="SSLv2 write request certificate D"; break; -case SSL2_ST_X509_GET_SERVER_CERTIFICATE: str="SSLv2 X509 read server certificate"; break; -case SSL2_ST_X509_GET_CLIENT_CERTIFICATE: str="SSLv2 X509 read client certificate"; break; -#endif - -#ifndef NO_SSL3 -/* SSLv3 additions */ -case SSL3_ST_CW_CLNT_HELLO_A: str="SSLv3 write client hello A"; break; -case SSL3_ST_CW_CLNT_HELLO_B: str="SSLv3 write client hello B"; break; -case SSL3_ST_CR_SRVR_HELLO_A: str="SSLv3 read server hello A"; break; -case SSL3_ST_CR_SRVR_HELLO_B: str="SSLv3 read server hello B"; break; -case SSL3_ST_CR_CERT_A: str="SSLv3 read server certificate A"; break; -case SSL3_ST_CR_CERT_B: str="SSLv3 read server certificate B"; break; -case SSL3_ST_CR_KEY_EXCH_A: str="SSLv3 read server key exchange A"; break; -case SSL3_ST_CR_KEY_EXCH_B: str="SSLv3 read server key exchange B"; break; -case SSL3_ST_CR_CERT_REQ_A: str="SSLv3 read server certificate request A"; break; -case SSL3_ST_CR_CERT_REQ_B: str="SSLv3 read server certificate request B"; break; -case SSL3_ST_CR_SRVR_DONE_A: str="SSLv3 read server done A"; break; -case SSL3_ST_CR_SRVR_DONE_B: str="SSLv3 read server done B"; break; -case SSL3_ST_CW_CERT_A: str="SSLv3 write client certificate A"; break; -case SSL3_ST_CW_CERT_B: str="SSLv3 write client certificate B"; break; -case SSL3_ST_CW_CERT_C: str="SSLv3 write client certificate C"; break; -case SSL3_ST_CW_CERT_D: str="SSLv3 write client certificate D"; break; -case SSL3_ST_CW_KEY_EXCH_A: str="SSLv3 write client key exchange A"; break; -case SSL3_ST_CW_KEY_EXCH_B: str="SSLv3 write client key exchange B"; break; -case SSL3_ST_CW_CERT_VRFY_A: str="SSLv3 write certificate verify A"; break; -case SSL3_ST_CW_CERT_VRFY_B: str="SSLv3 write certificate verify A"; break; - -case SSL3_ST_CW_CHANGE_A: -case SSL3_ST_SW_CHANGE_A: str="SSLv3 write change cipher spec A"; break; -case SSL3_ST_CW_CHANGE_B: -case SSL3_ST_SW_CHANGE_B: str="SSLv3 write change cipher spec B"; break; -case SSL3_ST_CW_FINISHED_A: -case SSL3_ST_SW_FINISHED_A: str="SSLv3 write finished A"; break; -case SSL3_ST_CW_FINISHED_B: -case SSL3_ST_SW_FINISHED_B: str="SSLv3 write finished A"; break; -case SSL3_ST_CR_CHANGE_A: -case SSL3_ST_SR_CHANGE_A: str="SSLv3 read change cipher spec A"; break; -case SSL3_ST_CR_CHANGE_B: -case SSL3_ST_SR_CHANGE_B: str="SSLv3 read change cipher spec B"; break; -case SSL3_ST_CR_FINISHED_A: -case SSL3_ST_SR_FINISHED_A: str="SSLv3 read finished A"; break; -case SSL3_ST_CR_FINISHED_B: -case SSL3_ST_SR_FINISHED_B: str="SSLv3 read finished B"; break; - -case SSL3_ST_CW_FLUSH: -case SSL3_ST_SW_FLUSH: str="SSLv3 flush data"; break; - -case SSL3_ST_SR_CLNT_HELLO_A: str="SSLv3 read client hello A"; break; -case SSL3_ST_SR_CLNT_HELLO_B: str="SSLv3 read client hello B"; break; -case SSL3_ST_SR_CLNT_HELLO_C: str="SSLv3 read client hello C"; break; -case SSL3_ST_SW_HELLO_REQ_A: str="SSLv3 write hello request A"; break; -case SSL3_ST_SW_HELLO_REQ_B: str="SSLv3 write hello request B"; break; -case SSL3_ST_SW_HELLO_REQ_C: str="SSLv3 write hello request C"; break; -case SSL3_ST_SW_SRVR_HELLO_A: str="SSLv3 write server hello A"; break; -case SSL3_ST_SW_SRVR_HELLO_B: str="SSLv3 write server hello B"; break; -case SSL3_ST_SW_CERT_A: str="SSLv3 write certificate A"; break; -case SSL3_ST_SW_CERT_B: str="SSLv3 write certificate B"; break; -case SSL3_ST_SW_KEY_EXCH_A: str="SSLv3 write key exchange A"; break; -case SSL3_ST_SW_KEY_EXCH_B: str="SSLv3 write key exchange B"; break; -case SSL3_ST_SW_CERT_REQ_A: str="SSLv3 write certificate request A"; break; -case SSL3_ST_SW_CERT_REQ_B: str="SSLv3 write certificate request B"; break; -case SSL3_ST_SW_SRVR_DONE_A: str="SSLv3 write server done A"; break; -case SSL3_ST_SW_SRVR_DONE_B: str="SSLv3 write server done B"; break; -case SSL3_ST_SR_CERT_A: str="SSLv3 read client certificate A"; break; -case SSL3_ST_SR_CERT_B: str="SSLv3 read client certificate B"; break; -case SSL3_ST_SR_KEY_EXCH_A: str="SSLv3 read client key exchange A"; break; -case SSL3_ST_SR_KEY_EXCH_B: str="SSLv3 read client key exchange B"; break; -case SSL3_ST_SR_CERT_VRFY_A: str="SSLv3 read certificate verify A"; break; -case SSL3_ST_SR_CERT_VRFY_B: str="SSLv3 read certificate verify B"; break; -#endif - -#if !defined(NO_SSL2) && !defined(NO_SSL3) -/* SSLv2/v3 compatibility states */ -/* client */ -case SSL23_ST_CW_CLNT_HELLO_A: str="SSLv2/v3 write client hello A"; break; -case SSL23_ST_CW_CLNT_HELLO_B: str="SSLv2/v3 write client hello B"; break; -case SSL23_ST_CR_SRVR_HELLO_A: str="SSLv2/v3 read server hello A"; break; -case SSL23_ST_CR_SRVR_HELLO_B: str="SSLv2/v3 read server hello B"; break; -/* server */ -case SSL23_ST_SR_CLNT_HELLO_A: str="SSLv2/v3 read client hello A"; break; -case SSL23_ST_SR_CLNT_HELLO_B: str="SSLv2/v3 read client hello B"; break; -#endif - -default: str="unknown state"; break; - } - return(str); - } - -char *SSL_rstate_string_long(SSL *s) - { - char *str; - - switch (s->rstate) - { - case SSL_ST_READ_HEADER: str="read header"; break; - case SSL_ST_READ_BODY: str="read body"; break; - case SSL_ST_READ_DONE: str="read done"; break; - default: str="unknown"; break; - } - return(str); - } - -char *SSL_state_string(SSL *s) - { - char *str; - - switch (s->state) - { -case SSL_ST_BEFORE: str="PINIT "; break; -case SSL_ST_ACCEPT: str="AINIT "; break; -case SSL_ST_CONNECT: str="CINIT "; break; -case SSL_ST_OK: str="SSLOK "; break; -#ifndef NO_SSL2 -case SSL2_ST_CLIENT_START_ENCRYPTION: str="2CSENC"; break; -case SSL2_ST_SERVER_START_ENCRYPTION: str="2SSENC"; break; -case SSL2_ST_SEND_CLIENT_HELLO_A: str="2SCH_A"; break; -case SSL2_ST_SEND_CLIENT_HELLO_B: str="2SCH_B"; break; -case SSL2_ST_GET_SERVER_HELLO_A: str="2GSH_A"; break; -case SSL2_ST_GET_SERVER_HELLO_B: str="2GSH_B"; break; -case SSL2_ST_SEND_CLIENT_MASTER_KEY_A: str="2SCMKA"; break; -case SSL2_ST_SEND_CLIENT_MASTER_KEY_B: str="2SCMKB"; break; -case SSL2_ST_SEND_CLIENT_FINISHED_A: str="2SCF_A"; break; -case SSL2_ST_SEND_CLIENT_FINISHED_B: str="2SCF_B"; break; -case SSL2_ST_SEND_CLIENT_CERTIFICATE_A: str="2SCC_A"; break; -case SSL2_ST_SEND_CLIENT_CERTIFICATE_B: str="2SCC_B"; break; -case SSL2_ST_SEND_CLIENT_CERTIFICATE_C: str="2SCC_C"; break; -case SSL2_ST_SEND_CLIENT_CERTIFICATE_D: str="2SCC_D"; break; -case SSL2_ST_GET_SERVER_VERIFY_A: str="2GSV_A"; break; -case SSL2_ST_GET_SERVER_VERIFY_B: str="2GSV_B"; break; -case SSL2_ST_GET_SERVER_FINISHED_A: str="2GSF_A"; break; -case SSL2_ST_GET_SERVER_FINISHED_B: str="2GSF_B"; break; -case SSL2_ST_GET_CLIENT_HELLO_A: str="2GCH_A"; break; -case SSL2_ST_GET_CLIENT_HELLO_B: str="2GCH_B"; break; -case SSL2_ST_GET_CLIENT_HELLO_C: str="2GCH_C"; break; -case SSL2_ST_SEND_SERVER_HELLO_A: str="2SSH_A"; break; -case SSL2_ST_SEND_SERVER_HELLO_B: str="2SSH_B"; break; -case SSL2_ST_GET_CLIENT_MASTER_KEY_A: str="2GCMKA"; break; -case SSL2_ST_GET_CLIENT_MASTER_KEY_B: str="2GCMKA"; break; -case SSL2_ST_SEND_SERVER_VERIFY_A: str="2SSV_A"; break; -case SSL2_ST_SEND_SERVER_VERIFY_B: str="2SSV_B"; break; -case SSL2_ST_SEND_SERVER_VERIFY_C: str="2SSV_C"; break; -case SSL2_ST_GET_CLIENT_FINISHED_A: str="2GCF_A"; break; -case SSL2_ST_GET_CLIENT_FINISHED_B: str="2GCF_B"; break; -case SSL2_ST_SEND_SERVER_FINISHED_A: str="2SSF_A"; break; -case SSL2_ST_SEND_SERVER_FINISHED_B: str="2SSF_B"; break; -case SSL2_ST_SEND_REQUEST_CERTIFICATE_A: str="2SRC_A"; break; -case SSL2_ST_SEND_REQUEST_CERTIFICATE_B: str="2SRC_B"; break; -case SSL2_ST_SEND_REQUEST_CERTIFICATE_C: str="2SRC_C"; break; -case SSL2_ST_SEND_REQUEST_CERTIFICATE_D: str="2SRC_D"; break; -case SSL2_ST_X509_GET_SERVER_CERTIFICATE: str="2X9GSC"; break; -case SSL2_ST_X509_GET_CLIENT_CERTIFICATE: str="2X9GCC"; break; -#endif - -#ifndef NO_SSL3 -/* SSLv3 additions */ -case SSL3_ST_SW_FLUSH: -case SSL3_ST_CW_FLUSH: str="3FLUSH"; break; -case SSL3_ST_CW_CLNT_HELLO_A: str="3WCH_A"; break; -case SSL3_ST_CW_CLNT_HELLO_B: str="3WCH_B"; break; -case SSL3_ST_CR_SRVR_HELLO_A: str="3RSH_A"; break; -case SSL3_ST_CR_SRVR_HELLO_B: str="3RSH_B"; break; -case SSL3_ST_CR_CERT_A: str="3RSC_A"; break; -case SSL3_ST_CR_CERT_B: str="3RSC_B"; break; -case SSL3_ST_CR_KEY_EXCH_A: str="3RSKEA"; break; -case SSL3_ST_CR_KEY_EXCH_B: str="3RSKEB"; break; -case SSL3_ST_CR_CERT_REQ_A: str="3RCR_A"; break; -case SSL3_ST_CR_CERT_REQ_B: str="3RCR_B"; break; -case SSL3_ST_CR_SRVR_DONE_A: str="3RSD_A"; break; -case SSL3_ST_CR_SRVR_DONE_B: str="3RSD_B"; break; -case SSL3_ST_CW_CERT_A: str="3WCC_A"; break; -case SSL3_ST_CW_CERT_B: str="3WCC_B"; break; -case SSL3_ST_CW_CERT_C: str="3WCC_C"; break; -case SSL3_ST_CW_CERT_D: str="3WCC_D"; break; -case SSL3_ST_CW_KEY_EXCH_A: str="3WCKEA"; break; -case SSL3_ST_CW_KEY_EXCH_B: str="3WCKEB"; break; -case SSL3_ST_CW_CERT_VRFY_A: str="3WCV_A"; break; -case SSL3_ST_CW_CERT_VRFY_B: str="3WCV_B"; break; - -case SSL3_ST_SW_CHANGE_A: -case SSL3_ST_CW_CHANGE_A: str="3WCCSA"; break; -case SSL3_ST_SW_CHANGE_B: -case SSL3_ST_CW_CHANGE_B: str="3WCCSB"; break; -case SSL3_ST_SW_FINISHED_A: -case SSL3_ST_CW_FINISHED_A: str="3WFINA"; break; -case SSL3_ST_SW_FINISHED_B: -case SSL3_ST_CW_FINISHED_B: str="3WFINB"; break; -case SSL3_ST_SR_CHANGE_A: -case SSL3_ST_CR_CHANGE_A: str="3RCCSA"; break; -case SSL3_ST_SR_CHANGE_B: -case SSL3_ST_CR_CHANGE_B: str="3RCCSB"; break; -case SSL3_ST_SR_FINISHED_A: -case SSL3_ST_CR_FINISHED_A: str="3RFINA"; break; -case SSL3_ST_SR_FINISHED_B: -case SSL3_ST_CR_FINISHED_B: str="3RFINB"; break; - -case SSL3_ST_SW_HELLO_REQ_A: str="3WHR_A"; break; -case SSL3_ST_SW_HELLO_REQ_B: str="3WHR_B"; break; -case SSL3_ST_SW_HELLO_REQ_C: str="3WHR_C"; break; -case SSL3_ST_SR_CLNT_HELLO_A: str="3RCH_A"; break; -case SSL3_ST_SR_CLNT_HELLO_B: str="3RCH_B"; break; -case SSL3_ST_SR_CLNT_HELLO_C: str="3RCH_C"; break; -case SSL3_ST_SW_SRVR_HELLO_A: str="3WSH_A"; break; -case SSL3_ST_SW_SRVR_HELLO_B: str="3WSH_B"; break; -case SSL3_ST_SW_CERT_A: str="3WSC_A"; break; -case SSL3_ST_SW_CERT_B: str="3WSC_B"; break; -case SSL3_ST_SW_KEY_EXCH_A: str="3WSKEA"; break; -case SSL3_ST_SW_KEY_EXCH_B: str="3WSKEB"; break; -case SSL3_ST_SW_CERT_REQ_A: str="3WCR_A"; break; -case SSL3_ST_SW_CERT_REQ_B: str="3WCR_B"; break; -case SSL3_ST_SW_SRVR_DONE_A: str="3WSD_A"; break; -case SSL3_ST_SW_SRVR_DONE_B: str="3WSD_B"; break; -case SSL3_ST_SR_CERT_A: str="3RCC_A"; break; -case SSL3_ST_SR_CERT_B: str="3RCC_B"; break; -case SSL3_ST_SR_KEY_EXCH_A: str="3RCKEA"; break; -case SSL3_ST_SR_KEY_EXCH_B: str="3RCKEB"; break; -case SSL3_ST_SR_CERT_VRFY_A: str="3RCV_A"; break; -case SSL3_ST_SR_CERT_VRFY_B: str="3RCV_B"; break; -#endif - -#if !defined(NO_SSL2) && !defined(NO_SSL3) -/* SSLv2/v3 compatibility states */ -/* client */ -case SSL23_ST_CW_CLNT_HELLO_A: str="23WCHA"; break; -case SSL23_ST_CW_CLNT_HELLO_B: str="23WCHB"; break; -case SSL23_ST_CR_SRVR_HELLO_A: str="23RSHA"; break; -case SSL23_ST_CR_SRVR_HELLO_B: str="23RSHA"; break; -/* server */ -case SSL23_ST_SR_CLNT_HELLO_A: str="23RCHA"; break; -case SSL23_ST_SR_CLNT_HELLO_B: str="23RCHB"; break; -#endif - -default: str="UNKWN "; break; - } - return(str); - } - -char *SSL_alert_type_string_long(int value) - { - value>>=8; - if (value == SSL3_AL_WARNING) - return("warning"); - else if (value == SSL3_AL_FATAL) - return("fatal"); - else - return("unknown"); - } - -char *SSL_alert_type_string(int value) - { - value>>=8; - if (value == SSL3_AL_WARNING) - return("W"); - else if (value == SSL3_AL_FATAL) - return("F"); - else - return("U"); - } - -char *SSL_alert_desc_string(int value) - { - char *str; - - switch (value & 0xff) - { - case SSL3_AD_CLOSE_NOTIFY: str="CN"; break; - case SSL3_AD_UNEXPECTED_MESSAGE: str="UM"; break; - case SSL3_AD_BAD_RECORD_MAC: str="BM"; break; - case SSL3_AD_DECOMPRESSION_FAILURE: str="DF"; break; - case SSL3_AD_HANDSHAKE_FAILURE: str="HF"; break; - case SSL3_AD_NO_CERTIFICATE: str="NC"; break; - case SSL3_AD_BAD_CERTIFICATE: str="BC"; break; - case SSL3_AD_UNSUPPORTED_CERTIFICATE: str="UC"; break; - case SSL3_AD_CERTIFICATE_REVOKED: str="CR"; break; - case SSL3_AD_CERTIFICATE_EXPIRED: str="CE"; break; - case SSL3_AD_CERTIFICATE_UNKNOWN: str="CU"; break; - case SSL3_AD_ILLEGAL_PARAMETER: str="IP"; break; - default: str="UK"; break; - } - return(str); - } - -char *SSL_alert_desc_string_long(int value) - { - char *str; - - switch (value & 0xff) - { - case SSL3_AD_CLOSE_NOTIFY: - str="close notify"; - break; - case SSL3_AD_UNEXPECTED_MESSAGE: - str="unexpected_message"; - break; - case SSL3_AD_BAD_RECORD_MAC: - str="bad record mac"; - break; - case SSL3_AD_DECOMPRESSION_FAILURE: - str="decompression failure"; - break; - case SSL3_AD_HANDSHAKE_FAILURE: - str="handshake failure"; - break; - case SSL3_AD_NO_CERTIFICATE: - str="no certificate"; - break; - case SSL3_AD_BAD_CERTIFICATE: - str="bad certificate"; - break; - case SSL3_AD_UNSUPPORTED_CERTIFICATE: - str="unsupported certificate"; - break; - case SSL3_AD_CERTIFICATE_REVOKED: - str="certificate revoked"; - break; - case SSL3_AD_CERTIFICATE_EXPIRED: - str="certificate expired"; - break; - case SSL3_AD_CERTIFICATE_UNKNOWN: - str="certificate unknown"; - break; - case SSL3_AD_ILLEGAL_PARAMETER: - str="illegal parameter"; - break; - default: str="unknown"; break; - } - return(str); - } - -char *SSL_rstate_string(SSL *s) - { - char *str; - - switch (s->rstate) - { - case SSL_ST_READ_HEADER:str="RH"; break; - case SSL_ST_READ_BODY: str="RB"; break; - case SSL_ST_READ_DONE: str="RD"; break; - default: str="unknown"; break; - } - return(str); - } diff --git a/src/lib/libssl/ssl_txt.c b/src/lib/libssl/ssl_txt.c deleted file mode 100644 index 6e33eec3e4..0000000000 --- a/src/lib/libssl/ssl_txt.c +++ /dev/null @@ -1,174 +0,0 @@ -/* ssl/ssl_txt.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include "ssl_locl.h" - -#ifndef NO_FP_API -int SSL_SESSION_print_fp(FILE *fp, SSL_SESSION *x) - { - BIO *b; - int ret; - - if ((b=BIO_new(BIO_s_file_internal())) == NULL) - { - SSLerr(SSL_F_SSL_SESSION_PRINT_FP,ERR_R_BUF_LIB); - return(0); - } - BIO_set_fp(b,fp,BIO_NOCLOSE); - ret=SSL_SESSION_print(b,x); - BIO_free(b); - return(ret); - } -#endif - -int SSL_SESSION_print(BIO *bp, SSL_SESSION *x) - { - unsigned int i; - char *s; - - if (x == NULL) goto err; - if (BIO_puts(bp,"SSL-Session:\n") <= 0) goto err; - if (x->ssl_version == SSL2_VERSION) - s="SSLv2"; - else if (x->ssl_version == SSL3_VERSION) - s="SSLv3"; - else if (x->ssl_version == TLS1_VERSION) - s="TLSv1"; - else - s="unknown"; - if (BIO_printf(bp," Protocol : %s\n",s) <= 0) goto err; - - if (x->cipher == NULL) - { - if (((x->cipher_id) & 0xff000000) == 0x02000000) - { - if (BIO_printf(bp," Cipher : %06lX\n",x->cipher_id&0xffffff) <= 0) - goto err; - } - else - { - if (BIO_printf(bp," Cipher : %04lX\n",x->cipher_id&0xffff) <= 0) - goto err; - } - } - else - { - if (BIO_printf(bp," Cipher : %s\n",((x->cipher == NULL)?"unknown":x->cipher->name)) <= 0) - goto err; - } - if (BIO_puts(bp," Session-ID: ") <= 0) goto err; - for (i=0; isession_id_length; i++) - { - if (BIO_printf(bp,"%02X",x->session_id[i]) <= 0) goto err; - } - if (BIO_puts(bp,"\n Session-ID-ctx: ") <= 0) goto err; - for (i=0; isid_ctx_length; i++) - { - if (BIO_printf(bp,"%02X",x->sid_ctx[i]) <= 0) - goto err; - } - if (BIO_puts(bp,"\n Master-Key: ") <= 0) goto err; - for (i=0; i<(unsigned int)x->master_key_length; i++) - { - if (BIO_printf(bp,"%02X",x->master_key[i]) <= 0) goto err; - } - if (BIO_puts(bp,"\n Key-Arg : ") <= 0) goto err; - if (x->key_arg_length == 0) - { - if (BIO_puts(bp,"None") <= 0) goto err; - } - else - for (i=0; ikey_arg_length; i++) - { - if (BIO_printf(bp,"%02X",x->key_arg[i]) <= 0) goto err; - } - if (x->compress_meth != 0) - { - SSL_COMP *comp; - - ssl_cipher_get_evp(x,NULL,NULL,&comp); - if (comp == NULL) - { - if (BIO_printf(bp,"\n Compression: %d",x->compress_meth) <= 0) goto err; - } - else - { - if (BIO_printf(bp,"\n Compression: %d (%s)", comp->id,comp->method->name) <= 0) goto err; - } - } - if (x->time != 0L) - { - if (BIO_printf(bp, "\n Start Time: %ld",x->time) <= 0) goto err; - } - if (x->timeout != 0L) - { - if (BIO_printf(bp, "\n Timeout : %ld (sec)",x->timeout) <= 0) goto err; - } - if (BIO_puts(bp,"\n") <= 0) goto err; - - if (BIO_puts(bp, " Verify return code: ") <= 0) goto err; - if (BIO_printf(bp, "%ld (%s)\n", x->verify_result, - X509_verify_cert_error_string(x->verify_result)) <= 0) goto err; - - return(1); -err: - return(0); - } - diff --git a/src/lib/libssl/t1_clnt.c b/src/lib/libssl/t1_clnt.c deleted file mode 100644 index 9745630a00..0000000000 --- a/src/lib/libssl/t1_clnt.c +++ /dev/null @@ -1,90 +0,0 @@ -/* ssl/t1_clnt.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include -#include -#include "ssl_locl.h" - -static SSL_METHOD *tls1_get_client_method(int ver); -static SSL_METHOD *tls1_get_client_method(int ver) - { - if (ver == TLS1_VERSION) - return(TLSv1_client_method()); - else - return(NULL); - } - -SSL_METHOD *TLSv1_client_method(void) - { - static int init=1; - static SSL_METHOD TLSv1_client_data; - - if (init) - { - memcpy((char *)&TLSv1_client_data,(char *)tlsv1_base_method(), - sizeof(SSL_METHOD)); - TLSv1_client_data.ssl_connect=ssl3_connect; - TLSv1_client_data.get_ssl_method=tls1_get_client_method; - init=0; - } - return(&TLSv1_client_data); - } - diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c deleted file mode 100644 index 0d34357eb4..0000000000 --- a/src/lib/libssl/t1_enc.c +++ /dev/null @@ -1,633 +0,0 @@ -/* ssl/t1_enc.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include -#include -#include -#include "ssl_locl.h" - -static void tls1_P_hash(const EVP_MD *md, const unsigned char *sec, - int sec_len, unsigned char *seed, int seed_len, - unsigned char *out, int olen) - { - int chunk,n; - unsigned int j; - HMAC_CTX ctx; - HMAC_CTX ctx_tmp; - unsigned char A1[HMAC_MAX_MD_CBLOCK]; - unsigned int A1_len; - - chunk=EVP_MD_size(md); - - HMAC_Init(&ctx,sec,sec_len,md); - HMAC_Update(&ctx,seed,seed_len); - HMAC_Final(&ctx,A1,&A1_len); - - n=0; - for (;;) - { - HMAC_Init(&ctx,NULL,0,NULL); /* re-init */ - HMAC_Update(&ctx,A1,A1_len); - memcpy(&ctx_tmp,&ctx,sizeof(ctx)); /* Copy for A2 */ /* not needed for last one */ - HMAC_Update(&ctx,seed,seed_len); - - if (olen > chunk) - { - HMAC_Final(&ctx,out,&j); - out+=j; - olen-=j; - HMAC_Final(&ctx_tmp,A1,&A1_len); /* calc the next A1 value */ - } - else /* last one */ - { - HMAC_Final(&ctx,A1,&A1_len); - memcpy(out,A1,olen); - break; - } - } - HMAC_cleanup(&ctx); - HMAC_cleanup(&ctx_tmp); - memset(A1,0,sizeof(A1)); - } - -static void tls1_PRF(const EVP_MD *md5, const EVP_MD *sha1, - unsigned char *label, int label_len, - const unsigned char *sec, int slen, unsigned char *out1, - unsigned char *out2, int olen) - { - int len,i; - const unsigned char *S1,*S2; - - len=slen/2; - S1=sec; - S2= &(sec[len]); - len+=(slen&1); /* add for odd, make longer */ - - - tls1_P_hash(md5 ,S1,len,label,label_len,out1,olen); - tls1_P_hash(sha1,S2,len,label,label_len,out2,olen); - - for (i=0; is3->server_random,SSL3_RANDOM_SIZE); - p+=SSL3_RANDOM_SIZE; - memcpy(p,s->s3->client_random,SSL3_RANDOM_SIZE); - p+=SSL3_RANDOM_SIZE; - - tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,(int)(p-buf), - s->session->master_key,s->session->master_key_length, - km,tmp,num); - } - -int tls1_change_cipher_state(SSL *s, int which) - { - static const unsigned char empty[]=""; - unsigned char *p,*key_block,*mac_secret; - unsigned char *exp_label,buf[TLS_MD_MAX_CONST_SIZE+ - SSL3_RANDOM_SIZE*2]; - unsigned char tmp1[EVP_MAX_KEY_LENGTH]; - unsigned char tmp2[EVP_MAX_KEY_LENGTH]; - unsigned char iv1[EVP_MAX_IV_LENGTH*2]; - unsigned char iv2[EVP_MAX_IV_LENGTH*2]; - unsigned char *ms,*key,*iv,*er1,*er2; - int client_write; - EVP_CIPHER_CTX *dd; - const EVP_CIPHER *c; - const SSL_COMP *comp; - const EVP_MD *m; - int _exp,n,i,j,k,exp_label_len,cl; - - _exp=SSL_C_IS_EXPORT(s->s3->tmp.new_cipher); - c=s->s3->tmp.new_sym_enc; - m=s->s3->tmp.new_hash; - comp=s->s3->tmp.new_compression; - key_block=s->s3->tmp.key_block; - - if (which & SSL3_CC_READ) - { - if ((s->enc_read_ctx == NULL) && - ((s->enc_read_ctx=(EVP_CIPHER_CTX *) - OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)) - goto err; - dd= s->enc_read_ctx; - s->read_hash=m; - if (s->expand != NULL) - { - COMP_CTX_free(s->expand); - s->expand=NULL; - } - if (comp != NULL) - { - s->expand=COMP_CTX_new(comp->method); - if (s->expand == NULL) - { - SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,SSL_R_COMPRESSION_LIBRARY_ERROR); - goto err2; - } - if (s->s3->rrec.comp == NULL) - s->s3->rrec.comp=(unsigned char *) - OPENSSL_malloc(SSL3_RT_MAX_ENCRYPTED_LENGTH); - if (s->s3->rrec.comp == NULL) - goto err; - } - memset(&(s->s3->read_sequence[0]),0,8); - mac_secret= &(s->s3->read_mac_secret[0]); - } - else - { - if ((s->enc_write_ctx == NULL) && - ((s->enc_write_ctx=(EVP_CIPHER_CTX *) - OPENSSL_malloc(sizeof(EVP_CIPHER_CTX))) == NULL)) - goto err; - dd= s->enc_write_ctx; - s->write_hash=m; - if (s->compress != NULL) - { - COMP_CTX_free(s->compress); - s->compress=NULL; - } - if (comp != NULL) - { - s->compress=COMP_CTX_new(comp->method); - if (s->compress == NULL) - { - SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,SSL_R_COMPRESSION_LIBRARY_ERROR); - goto err2; - } - } - memset(&(s->s3->write_sequence[0]),0,8); - mac_secret= &(s->s3->write_mac_secret[0]); - } - - EVP_CIPHER_CTX_init(dd); - - p=s->s3->tmp.key_block; - i=EVP_MD_size(m); - cl=EVP_CIPHER_key_length(c); - j=_exp ? (cl < SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher) ? - cl : SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher)) : cl; - /* Was j=(exp)?5:EVP_CIPHER_key_length(c); */ - k=EVP_CIPHER_iv_length(c); - er1= &(s->s3->client_random[0]); - er2= &(s->s3->server_random[0]); - if ( (which == SSL3_CHANGE_CIPHER_CLIENT_WRITE) || - (which == SSL3_CHANGE_CIPHER_SERVER_READ)) - { - ms= &(p[ 0]); n=i+i; - key= &(p[ n]); n+=j+j; - iv= &(p[ n]); n+=k+k; - exp_label=(unsigned char *)TLS_MD_CLIENT_WRITE_KEY_CONST; - exp_label_len=TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE; - client_write=1; - } - else - { - n=i; - ms= &(p[ n]); n+=i+j; - key= &(p[ n]); n+=j+k; - iv= &(p[ n]); n+=k; - exp_label=(unsigned char *)TLS_MD_SERVER_WRITE_KEY_CONST; - exp_label_len=TLS_MD_SERVER_WRITE_KEY_CONST_SIZE; - client_write=0; - } - - if (n > s->s3->tmp.key_block_length) - { - SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,SSL_R_INTERNAL_ERROR); - goto err2; - } - - memcpy(mac_secret,ms,i); -#ifdef TLS_DEBUG -printf("which = %04X\nmac key=",which); -{ int z; for (z=0; zs3->client_random,SSL3_RANDOM_SIZE); - p+=SSL3_RANDOM_SIZE; - memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE); - p+=SSL3_RANDOM_SIZE; - tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,(int)(p-buf),key,j, - tmp1,tmp2,EVP_CIPHER_key_length(c)); - key=tmp1; - - if (k > 0) - { - p=buf; - memcpy(p,TLS_MD_IV_BLOCK_CONST, - TLS_MD_IV_BLOCK_CONST_SIZE); - p+=TLS_MD_IV_BLOCK_CONST_SIZE; - memcpy(p,s->s3->client_random,SSL3_RANDOM_SIZE); - p+=SSL3_RANDOM_SIZE; - memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE); - p+=SSL3_RANDOM_SIZE; - tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,p-buf,empty,0, - iv1,iv2,k*2); - if (client_write) - iv=iv1; - else - iv= &(iv1[k]); - } - } - - s->session->key_arg_length=0; - - EVP_CipherInit(dd,c,key,iv,(which & SSL3_CC_WRITE)); -#ifdef TLS_DEBUG -printf("which = %04X\nkey=",which); -{ int z; for (z=0; zs3->tmp.key_block_length != 0) - return(1); - - if (!ssl_cipher_get_evp(s->session,&c,&hash,&comp)) - { - SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK,SSL_R_CIPHER_OR_HASH_UNAVAILABLE); - return(0); - } - - s->s3->tmp.new_sym_enc=c; - s->s3->tmp.new_hash=hash; - - num=EVP_CIPHER_key_length(c)+EVP_MD_size(hash)+EVP_CIPHER_iv_length(c); - num*=2; - - ssl3_cleanup_key_block(s); - - if ((p1=(unsigned char *)OPENSSL_malloc(num)) == NULL) - goto err; - if ((p2=(unsigned char *)OPENSSL_malloc(num)) == NULL) - goto err; - - s->s3->tmp.key_block_length=num; - s->s3->tmp.key_block=p1; - - -#ifdef TLS_DEBUG -printf("client random\n"); -{ int z; for (z=0; zs3->client_random[z],((z+1)%16)?' ':'\n'); } -printf("server random\n"); -{ int z; for (z=0; zs3->server_random[z],((z+1)%16)?' ':'\n'); } -printf("pre-master\n"); -{ int z; for (z=0; zsession->master_key_length; z++) printf("%02X%c",s->session->master_key[z],((z+1)%16)?' ':'\n'); } -#endif - tls1_generate_key_block(s,p1,p2,num); - memset(p2,0,num); - OPENSSL_free(p2); -#ifdef TLS_DEBUG -printf("\nkey block\n"); -{ int z; for (z=0; zwrite_hash != NULL) - n=EVP_MD_size(s->write_hash); - ds=s->enc_write_ctx; - rec= &(s->s3->wrec); - if (s->enc_write_ctx == NULL) - enc=NULL; - else - enc=EVP_CIPHER_CTX_cipher(s->enc_write_ctx); - } - else - { - if (s->read_hash != NULL) - n=EVP_MD_size(s->read_hash); - ds=s->enc_read_ctx; - rec= &(s->s3->rrec); - if (s->enc_read_ctx == NULL) - enc=NULL; - else - enc=EVP_CIPHER_CTX_cipher(s->enc_read_ctx); - } - - if ((s->session == NULL) || (ds == NULL) || - (enc == NULL)) - { - memcpy(rec->data,rec->input,rec->length); - rec->input=rec->data; - } - else - { - l=rec->length; - bs=EVP_CIPHER_block_size(ds->cipher); - - if ((bs != 1) && send) - { - i=bs-((int)l%bs); - - /* Add weird padding of upto 256 bytes */ - - /* we need to add 'i' padding bytes of value j */ - j=i-1; - if (s->options & SSL_OP_TLS_BLOCK_PADDING_BUG) - { - if (s->s3->flags & TLS1_FLAGS_TLS_PADDING_BUG) - j++; - } - for (k=(int)l; k<(int)(l+i); k++) - rec->input[k]=j; - l+=i; - rec->length+=i; - } - - EVP_Cipher(ds,rec->data,rec->input,l); - - if ((bs != 1) && !send) - { - ii=i=rec->data[l-1]; - i++; - if (s->options&SSL_OP_TLS_BLOCK_PADDING_BUG) - { - /* First packet is even in size, so check */ - if ((memcmp(s->s3->read_sequence, - "\0\0\0\0\0\0\0\0",8) == 0) && !(ii & 1)) - s->s3->flags|=TLS1_FLAGS_TLS_PADDING_BUG; - if (s->s3->flags & TLS1_FLAGS_TLS_PADDING_BUG) - i--; - } - if (i > (int)rec->length) - { - SSLerr(SSL_F_TLS1_ENC,SSL_R_BLOCK_CIPHER_PAD_IS_WRONG); - ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECRYPTION_FAILED); - return(0); - } - for (j=(int)(l-i); j<(int)l; j++) - { - if (rec->data[j] != ii) - { - SSLerr(SSL_F_TLS1_ENC,SSL_R_DECRYPTION_FAILED); - ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECRYPTION_FAILED); - return(0); - } - } - rec->length-=i; - } - } - return(1); - } - -int tls1_cert_verify_mac(SSL *s, EVP_MD_CTX *in_ctx, unsigned char *out) - { - unsigned int ret; - EVP_MD_CTX ctx; - - EVP_MD_CTX_copy(&ctx,in_ctx); - EVP_DigestFinal(&ctx,out,&ret); - return((int)ret); - } - -int tls1_final_finish_mac(SSL *s, EVP_MD_CTX *in1_ctx, EVP_MD_CTX *in2_ctx, - const char *str, int slen, unsigned char *out) - { - unsigned int i; - EVP_MD_CTX ctx; - unsigned char buf[TLS_MD_MAX_CONST_SIZE+MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH]; - unsigned char *q,buf2[12]; - - q=buf; - memcpy(q,str,slen); - q+=slen; - - EVP_MD_CTX_copy(&ctx,in1_ctx); - EVP_DigestFinal(&ctx,q,&i); - q+=i; - EVP_MD_CTX_copy(&ctx,in2_ctx); - EVP_DigestFinal(&ctx,q,&i); - q+=i; - - tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,(int)(q-buf), - s->session->master_key,s->session->master_key_length, - out,buf2,12); - memset(&ctx,0,sizeof(EVP_MD_CTX)); - - return((int)12); - } - -int tls1_mac(SSL *ssl, unsigned char *md, int send) - { - SSL3_RECORD *rec; - unsigned char *mac_sec,*seq; - const EVP_MD *hash; - unsigned int md_size; - int i; - HMAC_CTX hmac; - unsigned char buf[5]; - - if (send) - { - rec= &(ssl->s3->wrec); - mac_sec= &(ssl->s3->write_mac_secret[0]); - seq= &(ssl->s3->write_sequence[0]); - hash=ssl->write_hash; - } - else - { - rec= &(ssl->s3->rrec); - mac_sec= &(ssl->s3->read_mac_secret[0]); - seq= &(ssl->s3->read_sequence[0]); - hash=ssl->read_hash; - } - - md_size=EVP_MD_size(hash); - - buf[0]=rec->type; - buf[1]=TLS1_VERSION_MAJOR; - buf[2]=TLS1_VERSION_MINOR; - buf[3]=rec->length>>8; - buf[4]=rec->length&0xff; - - /* I should fix this up TLS TLS TLS TLS TLS XXXXXXXX */ - HMAC_Init(&hmac,mac_sec,EVP_MD_size(hash),hash); - HMAC_Update(&hmac,seq,8); - HMAC_Update(&hmac,buf,5); - HMAC_Update(&hmac,rec->input,rec->length); - HMAC_Final(&hmac,md,&md_size); - -#ifdef TLS_DEBUG -printf("sec="); -{unsigned int z; for (z=0; z=0; i--) - if (++seq[i]) break; - -#ifdef TLS_DEBUG -{unsigned int z; for (z=0; zs3->client_random,SSL3_RANDOM_SIZE); - memcpy(&(buf[SSL3_RANDOM_SIZE+TLS_MD_MASTER_SECRET_CONST_SIZE]), - s->s3->server_random,SSL3_RANDOM_SIZE); - tls1_PRF(s->ctx->md5,s->ctx->sha1, - buf,TLS_MD_MASTER_SECRET_CONST_SIZE+SSL3_RANDOM_SIZE*2,p,len, - s->session->master_key,buff,SSL3_MASTER_SECRET_SIZE); - return(SSL3_MASTER_SECRET_SIZE); - } - -int tls1_alert_code(int code) - { - switch (code) - { - case SSL_AD_CLOSE_NOTIFY: return(SSL3_AD_CLOSE_NOTIFY); - case SSL_AD_UNEXPECTED_MESSAGE: return(SSL3_AD_UNEXPECTED_MESSAGE); - case SSL_AD_BAD_RECORD_MAC: return(SSL3_AD_BAD_RECORD_MAC); - case SSL_AD_DECRYPTION_FAILED: return(TLS1_AD_DECRYPTION_FAILED); - case SSL_AD_RECORD_OVERFLOW: return(TLS1_AD_RECORD_OVERFLOW); - case SSL_AD_DECOMPRESSION_FAILURE:return(SSL3_AD_DECOMPRESSION_FAILURE); - case SSL_AD_HANDSHAKE_FAILURE: return(SSL3_AD_HANDSHAKE_FAILURE); - case SSL_AD_NO_CERTIFICATE: return(-1); - case SSL_AD_BAD_CERTIFICATE: return(SSL3_AD_BAD_CERTIFICATE); - case SSL_AD_UNSUPPORTED_CERTIFICATE:return(SSL3_AD_UNSUPPORTED_CERTIFICATE); - case SSL_AD_CERTIFICATE_REVOKED:return(SSL3_AD_CERTIFICATE_REVOKED); - case SSL_AD_CERTIFICATE_EXPIRED:return(SSL3_AD_CERTIFICATE_EXPIRED); - case SSL_AD_CERTIFICATE_UNKNOWN:return(SSL3_AD_CERTIFICATE_UNKNOWN); - case SSL_AD_ILLEGAL_PARAMETER: return(SSL3_AD_ILLEGAL_PARAMETER); - case SSL_AD_UNKNOWN_CA: return(TLS1_AD_UNKNOWN_CA); - case SSL_AD_ACCESS_DENIED: return(TLS1_AD_ACCESS_DENIED); - case SSL_AD_DECODE_ERROR: return(TLS1_AD_DECODE_ERROR); - case SSL_AD_DECRYPT_ERROR: return(TLS1_AD_DECRYPT_ERROR); - case SSL_AD_EXPORT_RESTRICTION: return(TLS1_AD_EXPORT_RESTRICTION); - case SSL_AD_PROTOCOL_VERSION: return(TLS1_AD_PROTOCOL_VERSION); - case SSL_AD_INSUFFICIENT_SECURITY:return(TLS1_AD_INSUFFICIENT_SECURITY); - case SSL_AD_INTERNAL_ERROR: return(TLS1_AD_INTERNAL_ERROR); - case SSL_AD_USER_CANCELLED: return(TLS1_AD_USER_CANCELLED); - case SSL_AD_NO_RENEGOTIATION: return(TLS1_AD_NO_RENEGOTIATION); - default: return(-1); - } - } - diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c deleted file mode 100644 index ca6c03d5af..0000000000 --- a/src/lib/libssl/t1_lib.c +++ /dev/null @@ -1,149 +0,0 @@ -/* ssl/t1_lib.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include "ssl_locl.h" - -const char *tls1_version_str="TLSv1" OPENSSL_VERSION_PTEXT; - -static long tls1_default_timeout(void); - -static SSL3_ENC_METHOD TLSv1_enc_data={ - tls1_enc, - tls1_mac, - tls1_setup_key_block, - tls1_generate_master_secret, - tls1_change_cipher_state, - tls1_final_finish_mac, - TLS1_FINISH_MAC_LENGTH, - tls1_cert_verify_mac, - TLS_MD_CLIENT_FINISH_CONST,TLS_MD_CLIENT_FINISH_CONST_SIZE, - TLS_MD_SERVER_FINISH_CONST,TLS_MD_SERVER_FINISH_CONST_SIZE, - tls1_alert_code, - }; - -static SSL_METHOD TLSv1_data= { - TLS1_VERSION, - tls1_new, - tls1_clear, - tls1_free, - ssl_undefined_function, - ssl_undefined_function, - ssl3_read, - ssl3_peek, - ssl3_write, - ssl3_shutdown, - ssl3_renegotiate, - ssl3_renegotiate_check, - ssl3_ctrl, - ssl3_ctx_ctrl, - ssl3_get_cipher_by_char, - ssl3_put_cipher_by_char, - ssl3_pending, - ssl3_num_ciphers, - ssl3_get_cipher, - ssl_bad_method, - tls1_default_timeout, - &TLSv1_enc_data, - ssl_undefined_function, - ssl3_callback_ctrl, - ssl3_ctx_callback_ctrl, - }; - -static long tls1_default_timeout(void) - { - /* 2 hours, the 24 hours mentioned in the TLSv1 spec - * is way too long for http, the cache would over fill */ - return(60*60*2); - } - -SSL_METHOD *tlsv1_base_method(void) - { - return(&TLSv1_data); - } - -int tls1_new(SSL *s) - { - if (!ssl3_new(s)) return(0); - s->method->ssl_clear(s); - return(1); - } - -void tls1_free(SSL *s) - { - ssl3_free(s); - } - -void tls1_clear(SSL *s) - { - ssl3_clear(s); - s->version=TLS1_VERSION; - } - -#if 0 -long tls1_ctrl(SSL *s, int cmd, long larg, char *parg) - { - return(0); - } - -long tls1_callback_ctrl(SSL *s, int cmd, void *(*fp)()) - { - return(0); - } -#endif diff --git a/src/lib/libssl/t1_meth.c b/src/lib/libssl/t1_meth.c deleted file mode 100644 index 9bb36a7d1c..0000000000 --- a/src/lib/libssl/t1_meth.c +++ /dev/null @@ -1,88 +0,0 @@ -/* ssl/t1_meth.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include "ssl_locl.h" - -static SSL_METHOD *tls1_get_method(int ver); -static SSL_METHOD *tls1_get_method(int ver) - { - if (ver == TLS1_VERSION) - return(TLSv1_method()); - else - return(NULL); - } - -SSL_METHOD *TLSv1_method(void) - { - static int init=1; - static SSL_METHOD TLSv1_data; - - if (init) - { - memcpy((char *)&TLSv1_data,(char *)tlsv1_base_method(), - sizeof(SSL_METHOD)); - TLSv1_data.ssl_connect=ssl3_connect; - TLSv1_data.ssl_accept=ssl3_accept; - TLSv1_data.get_ssl_method=tls1_get_method; - init=0; - } - return(&TLSv1_data); - } - diff --git a/src/lib/libssl/t1_srvr.c b/src/lib/libssl/t1_srvr.c deleted file mode 100644 index 996b7ca8e2..0000000000 --- a/src/lib/libssl/t1_srvr.c +++ /dev/null @@ -1,91 +0,0 @@ -/* ssl/t1_srvr.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include -#include -#include -#include "ssl_locl.h" - -static SSL_METHOD *tls1_get_server_method(int ver); -static SSL_METHOD *tls1_get_server_method(int ver) - { - if (ver == TLS1_VERSION) - return(TLSv1_server_method()); - else - return(NULL); - } - -SSL_METHOD *TLSv1_server_method(void) - { - static int init=1; - static SSL_METHOD TLSv1_server_data; - - if (init) - { - memcpy((char *)&TLSv1_server_data,(char *)tlsv1_base_method(), - sizeof(SSL_METHOD)); - TLSv1_server_data.ssl_accept=ssl3_accept; - TLSv1_server_data.get_ssl_method=tls1_get_server_method; - init=0; - } - return(&TLSv1_server_data); - } - diff --git a/src/lib/libssl/test/CAss.cnf b/src/lib/libssl/test/CAss.cnf deleted file mode 100644 index b941b7ae15..0000000000 --- a/src/lib/libssl/test/CAss.cnf +++ /dev/null @@ -1,25 +0,0 @@ -# -# SSLeay example configuration file. -# This is mostly being used for generation of certificate requests. -# - -RANDFILE = ./.rnd - -#################################################################### -[ req ] -default_bits = 512 -default_keyfile = keySS.pem -distinguished_name = req_distinguished_name -encrypt_rsa_key = no -default_md = sha1 - -[ req_distinguished_name ] -countryName = Country Name (2 letter code) -countryName_default = AU -countryName_value = AU - -organizationName = Organization Name (eg, company) -organizationName_value = Dodgy Brothers - -commonName = Common Name (eg, YOUR name) -commonName_value = Dodgy CA diff --git a/src/lib/libssl/test/CAssdh.cnf b/src/lib/libssl/test/CAssdh.cnf deleted file mode 100644 index 4e0a908679..0000000000 --- a/src/lib/libssl/test/CAssdh.cnf +++ /dev/null @@ -1,24 +0,0 @@ -# -# SSLeay example configuration file. -# This is mostly being used for generation of certificate requests. -# -# hacked by iang to do DH certs - CA - -RANDFILE = ./.rnd - -#################################################################### -[ req ] -distinguished_name = req_distinguished_name -encrypt_rsa_key = no - -[ req_distinguished_name ] -countryName = Country Name (2 letter code) -countryName_default = CU -countryName_value = CU - -organizationName = Organization Name (eg, company) -organizationName_value = La Junta de la Revolucion - -commonName = Common Name (eg, YOUR name) -commonName_value = Junta - diff --git a/src/lib/libssl/test/CAssdsa.cnf b/src/lib/libssl/test/CAssdsa.cnf deleted file mode 100644 index a6b4d1810c..0000000000 --- a/src/lib/libssl/test/CAssdsa.cnf +++ /dev/null @@ -1,23 +0,0 @@ -# -# SSLeay example configuration file. -# This is mostly being used for generation of certificate requests. -# -# hacked by iang to do DSA certs - CA - -RANDFILE = ./.rnd - -#################################################################### -[ req ] -distinguished_name = req_distinguished_name -encrypt_rsa_key = no - -[ req_distinguished_name ] -countryName = Country Name (2 letter code) -countryName_default = ES -countryName_value = ES - -organizationName = Organization Name (eg, company) -organizationName_value = Hermanos Locos - -commonName = Common Name (eg, YOUR name) -commonName_value = Hermanos Locos CA diff --git a/src/lib/libssl/test/CAssrsa.cnf b/src/lib/libssl/test/CAssrsa.cnf deleted file mode 100644 index eb24a6dfc0..0000000000 --- a/src/lib/libssl/test/CAssrsa.cnf +++ /dev/null @@ -1,24 +0,0 @@ -# -# SSLeay example configuration file. -# This is mostly being used for generation of certificate requests. -# -# create RSA certs - CA - -RANDFILE = ./.rnd - -#################################################################### -[ req ] -distinguished_name = req_distinguished_name -encrypt_key = no - -[ req_distinguished_name ] -countryName = Country Name (2 letter code) -countryName_default = ES -countryName_value = ES - -organizationName = Organization Name (eg, company) -organizationName_value = Hermanos Locos - -commonName = Common Name (eg, YOUR name) -commonName_value = Hermanos Locos CA - diff --git a/src/lib/libssl/test/Sssdsa.cnf b/src/lib/libssl/test/Sssdsa.cnf deleted file mode 100644 index 8e170a28ef..0000000000 --- a/src/lib/libssl/test/Sssdsa.cnf +++ /dev/null @@ -1,27 +0,0 @@ -# -# SSLeay example configuration file. -# This is mostly being used for generation of certificate requests. -# -# hacked by iang to do DSA certs - Server - -RANDFILE = ./.rnd - -#################################################################### -[ req ] -distinguished_name = req_distinguished_name -encrypt_rsa_key = no - -[ req_distinguished_name ] -countryName = Country Name (2 letter code) -countryName_default = ES -countryName_value = ES - -organizationName = Organization Name (eg, company) -organizationName_value = Tortilleras S.A. - -0.commonName = Common Name (eg, YOUR name) -0.commonName_value = Torti - -1.commonName = Common Name (eg, YOUR name) -1.commonName_value = Gordita - diff --git a/src/lib/libssl/test/Sssrsa.cnf b/src/lib/libssl/test/Sssrsa.cnf deleted file mode 100644 index 8c79a03fca..0000000000 --- a/src/lib/libssl/test/Sssrsa.cnf +++ /dev/null @@ -1,26 +0,0 @@ -# -# SSLeay example configuration file. -# This is mostly being used for generation of certificate requests. -# -# create RSA certs - Server - -RANDFILE = ./.rnd - -#################################################################### -[ req ] -distinguished_name = req_distinguished_name -encrypt_key = no - -[ req_distinguished_name ] -countryName = Country Name (2 letter code) -countryName_default = ES -countryName_value = ES - -organizationName = Organization Name (eg, company) -organizationName_value = Tortilleras S.A. - -0.commonName = Common Name (eg, YOUR name) -0.commonName_value = Torti - -1.commonName = Common Name (eg, YOUR name) -1.commonName_value = Gordita diff --git a/src/lib/libssl/test/Uss.cnf b/src/lib/libssl/test/Uss.cnf deleted file mode 100644 index c89692d519..0000000000 --- a/src/lib/libssl/test/Uss.cnf +++ /dev/null @@ -1,28 +0,0 @@ -# -# SSLeay example configuration file. -# This is mostly being used for generation of certificate requests. -# - -RANDFILE = ./.rnd - -#################################################################### -[ req ] -default_bits = 512 -default_keyfile = keySS.pem -distinguished_name = req_distinguished_name -encrypt_rsa_key = no -default_md = md2 - -[ req_distinguished_name ] -countryName = Country Name (2 letter code) -countryName_default = AU -countryName_value = AU - -organizationName = Organization Name (eg, company) -organizationName_value = Dodgy Brothers - -0.commonName = Common Name (eg, YOUR name) -0.commonName_value = Brother 1 - -1.commonName = Common Name (eg, YOUR name) -1.commonName_value = Brother 2 diff --git a/src/lib/libssl/test/VMSca-response.1 b/src/lib/libssl/test/VMSca-response.1 deleted file mode 100644 index 8b13789179..0000000000 --- a/src/lib/libssl/test/VMSca-response.1 +++ /dev/null @@ -1 +0,0 @@ - diff --git a/src/lib/libssl/test/VMSca-response.2 b/src/lib/libssl/test/VMSca-response.2 deleted file mode 100644 index 9b48ee4cf9..0000000000 --- a/src/lib/libssl/test/VMSca-response.2 +++ /dev/null @@ -1,2 +0,0 @@ -y -y diff --git a/src/lib/libssl/test/methtest.c b/src/lib/libssl/test/methtest.c deleted file mode 100644 index 06ccb3b310..0000000000 --- a/src/lib/libssl/test/methtest.c +++ /dev/null @@ -1,105 +0,0 @@ -/* test/methtest.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include -#include "meth.h" -#include - -int main(argc,argv) -int argc; -char *argv[]; - { - METHOD_CTX *top,*tmp1,*tmp2; - - top=METH_new(x509_lookup()); /* get a top level context */ - if (top == NULL) goto err; - - tmp1=METH_new(x509_by_file()); - if (top == NULL) goto err; - METH_arg(tmp1,METH_TYPE_FILE,"cafile1"); - METH_arg(tmp1,METH_TYPE_FILE,"cafile2"); - METH_push(top,METH_X509_CA_BY_SUBJECT,tmp1); - - tmp2=METH_new(x509_by_dir()); - METH_arg(tmp2,METH_TYPE_DIR,"/home/eay/.CAcerts"); - METH_arg(tmp2,METH_TYPE_DIR,"/home/eay/SSLeay/certs"); - METH_arg(tmp2,METH_TYPE_DIR,"/usr/local/ssl/certs"); - METH_push(top,METH_X509_CA_BY_SUBJECT,tmp2); - -/* tmp=METH_new(x509_by_issuer_dir); - METH_arg(tmp,METH_TYPE_DIR,"/home/eay/.mycerts"); - METH_push(top,METH_X509_BY_ISSUER,tmp); - - tmp=METH_new(x509_by_issuer_primary); - METH_arg(tmp,METH_TYPE_FILE,"/home/eay/.mycerts/primary.pem"); - METH_push(top,METH_X509_BY_ISSUER,tmp); -*/ - - METH_init(top); - METH_control(tmp1,METH_CONTROL_DUMP,stdout); - METH_control(tmp2,METH_CONTROL_DUMP,stdout); - exit(0); -err: - ERR_load_crypto_strings(); - ERR_print_errors_fp(stderr); - exit(1); - return(0); - } diff --git a/src/lib/libssl/test/pkcs7-1.pem b/src/lib/libssl/test/pkcs7-1.pem deleted file mode 100644 index c47b27af88..0000000000 --- a/src/lib/libssl/test/pkcs7-1.pem +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN PKCS7----- -MIICUAYJKoZIhvcNAQcCoIICQTCCAj0CAQExDjAMBggqhkiG9w0CAgUAMCgGCSqG -SIb3DQEHAaAbBBlFdmVyeW9uZSBnZXRzIEZyaWRheSBvZmYuoIIBXjCCAVowggEE -AgQUAAApMA0GCSqGSIb3DQEBAgUAMCwxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRF -eGFtcGxlIE9yZ2FuaXphdGlvbjAeFw05MjA5MDkyMjE4MDZaFw05NDA5MDkyMjE4 -MDVaMEIxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRFeGFtcGxlIE9yZ2FuaXphdGlv -bjEUMBIGA1UEAxMLVGVzdCBVc2VyIDEwWzANBgkqhkiG9w0BAQEFAANKADBHAkAK -ZnkdxpiBaN56t3QZu3+wwAHGJxAnAHUUKULhmo2MUdBTs+N4Kh3l3Fr06+mUaBcB -FKHf5nzcmpr1XWVWILurAgMBAAEwDQYJKoZIhvcNAQECBQADQQBFGqHhqncgSl/N -9XYGnQL3MsJvNnsNV4puZPOakR9Hld8JlDQFEaDR30ogsmp3TMrvdfxpLlTCoZN8 -BxEmnZsWMYGbMIGYAgEBMDQwLDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFEV4YW1w -bGUgT3JnYW5pemF0aW9uAgQUAAApMAwGCCqGSIb3DQICBQAwDQYJKoZIhvcNAQEB -BQAEQAX6aoEvx9+L9PJUJQngPoRuEbnGIL4gCe+0QO+8xmkhaZSsBPNBtX0FIC1C -j7Kie1x339mxW/w9VZNTUDQQweHh ------END PKCS7----- diff --git a/src/lib/libssl/test/pkcs7.pem b/src/lib/libssl/test/pkcs7.pem deleted file mode 100644 index d55c60b94e..0000000000 --- a/src/lib/libssl/test/pkcs7.pem +++ /dev/null @@ -1,54 +0,0 @@ - MIAGCSqGSIb3DQEHAqCAMIACAQExADCABgkqhkiG9w0BBwEAAKCAMIIE+DCCBGGg - AwIBAgIQaGSF/JpbS1C223+yrc+N1DANBgkqhkiG9w0BAQQFADBiMREwDwYDVQQH - EwhJbnRlcm5ldDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNDAyBgNVBAsTK1Zl - cmlTaWduIENsYXNzIDEgQ0EgLSBJbmRpdmlkdWFsIFN1YnNjcmliZXIwHhcNOTYw - ODEyMDAwMDAwWhcNOTYwODE3MjM1OTU5WjCCASAxETAPBgNVBAcTCEludGVybmV0 - MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xh - c3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjE3MDUGA1UECxMuRGlnaXRh - bCBJRCBDbGFzcyAxIC0gU01JTUUgVmVyaVNpZ24sIEluYy4gVEVTVDFGMEQGA1UE - CxM9d3d3LnZlcmlzaWduLmNvbS9yZXBvc2l0b3J5L0NQUyBJbmNvcnAuIGJ5IFJl - Zi4sTElBQi5MVEQoYyk5NjEZMBcGA1UEAxMQQWxleGFuZHJlIERlYWNvbjEgMB4G - CSqGSIb3DQEJARYRYWxleEB2ZXJpc2lnbi5jb20wWzANBgkqhkiG9w0BAQEFAANK - ADBHAkAOy7xxCAIkOfuIA2LyRpxgKlDORl8htdXYhF5iBGUx1GYaK6KF+bK/CCI0 - l4j2OfWGFBUrwGoWqxTNcWgTfMzRAgMBAAGjggIyMIICLjAJBgNVHRMEAjAAMIIC - HwYDVR0DBIICFjCCAhIwggIOMIICCgYLYIZIAYb4RQEHAQEwggH5FoIBp1RoaXMg - Y2VydGlmaWNhdGUgaW5jb3Jwb3JhdGVzIGJ5IHJlZmVyZW5jZSwgYW5kIGl0cyB1 - c2UgaXMgc3RyaWN0bHkgc3ViamVjdCB0bywgdGhlIFZlcmlTaWduIENlcnRpZmlj - YXRpb24gUHJhY3RpY2UgU3RhdGVtZW50IChDUFMpLCBhdmFpbGFibGUgYXQ6IGh0 - dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9DUFM7IGJ5IEUtbWFpbCBhdCBDUFMtcmVx - dWVzdHNAdmVyaXNpZ24uY29tOyBvciBieSBtYWlsIGF0IFZlcmlTaWduLCBJbmMu - LCAyNTkzIENvYXN0IEF2ZS4sIE1vdW50YWluIFZpZXcsIENBIDk0MDQzIFVTQSBU - ZWwuICsxICg0MTUpIDk2MS04ODMwIENvcHlyaWdodCAoYykgMTk5NiBWZXJpU2ln - biwgSW5jLiAgQWxsIFJpZ2h0cyBSZXNlcnZlZC4gQ0VSVEFJTiBXQVJSQU5USUVT - IERJU0NMQUlNRUQgYW5kIExJQUJJTElUWSBMSU1JVEVELqAOBgxghkgBhvhFAQcB - AQGhDgYMYIZIAYb4RQEHAQECMCwwKhYoaHR0cHM6Ly93d3cudmVyaXNpZ24uY29t - L3JlcG9zaXRvcnkvQ1BTIDANBgkqhkiG9w0BAQQFAAOBgQAimWMGQwwwxk+b3KAL - HlSWXtU7LWHe29CEG8XeVNTvrqs6SBqT7OoENOkGxpfdpVgZ3Qw2SKjxDvbvpfSF - slsqcxWSgB/hWuaVuZCkvTw/dYGGOxkTJGxvDCfl1PZjX4dKbatslsi9Z9HpGWT7 - ttItRwKqcBKgmCJvKi1pGWED0zCCAnkwggHioAMCAQICEDURpVKQb+fQKaRAGdQR - /D4wDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlT - aWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAxIFB1YmxpYyBQcmltYXJ5IENlcnRp - ZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2MDYyNzAwMDAwMFoXDTk3MDYyNzIzNTk1 - OVowYjERMA8GA1UEBxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMu - MTQwMgYDVQQLEytWZXJpU2lnbiBDbGFzcyAxIENBIC0gSW5kaXZpZHVhbCBTdWJz - Y3JpYmVyMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2FKbPTdAFDdjKI9Bv - qrQpkmOOLPhvltcunXZLEbE2jVfJw/0cxrr+Hgi6M8qV6r7jW80GqLd5HUQq7XPy - sVKDaBBwZJHXPmv5912dFEObbpdFmIFH0S3L3bty10w/cariQPJUObwW7s987Lrb - P2wqsxaxhhKdrpM01bjV0Pc+qQIDAQABozMwMTAPBgNVHRMECDAGAQH/AgEBMAsG - A1UdDwQEAwIBBjARBglghkgBhvhCAQEEBAMCAgQwDQYJKoZIhvcNAQECBQADgYEA - KeXHoBmnbxRCgk0jM9e9mDppdxpsipIna/J8DOHEUuD4nONAr4+xOg73SBl026n7 - Bk55A2wvAMGo7+kKTZ+rHaFDDcmq4O+rzFri2RIOeGAncj1IcGptAQhvXoIhFMG4 - Jlzg1KlHZHqy7D3jex78zcSU7kKOu8f5tAX1jC3+sToAAKGAMIIBJzCBkTANBgkq - hkiG9w0BAQIFADBiMREwDwYDVQQHEwhJbnRlcm5ldDEXMBUGA1UEChMOVmVyaVNp - Z24sIEluYy4xNDAyBgNVBAsTK1ZlcmlTaWduIENsYXNzIDEgQ0EgLSBJbmRpdmlk - dWFsIFN1YnNjcmliZXIXDTk2MDcwMTE3MzA0MFoXDTk3MDcwMTAwMDAwMFowDQYJ - KoZIhvcNAQECBQADgYEAGLuQ6PX8A7AiqBEtWzYtl6lZNSDI0bR5YUo+D2Jzkw30 - dxQnJSbKXEc6XYuzAW5HvrzATXu5c19WWPT4cRDwmjH71i9QcDysWwf/wE0qGTiW - I3tQT0I5VGh7jIJD07nlBw3R4Xl8dH9kr85JsWinqDH5YKpIo9o8knY5n7+qjOow - ggEkMIGOMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5W - ZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMSBQdWJsaWMgUHJpbWFyeSBD - ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eRcNOTYwNzE2MjMxMTI5WhcNOTYwODE1MDAw - MDAwWjANBgkqhkiG9w0BAQIFAAOBgQAXsLE4vnsY6sY67QrmWec7iaU2ehzxanEK - /9wKHZNuhlNzk+qGZZw2evxfUe2OaRbYpl8zuZvhK9BHD3ad14OSe9/zx5hOPgP/ - DQXt6R4R8Q/1JheBrolrgbavjvI2wKS8/Psp2prBrkF4T48+AKRmS8Zzh1guxgvP - b+xSu/jH0gAAMYAAAAAAAAAAAA== diff --git a/src/lib/libssl/test/r160test.c b/src/lib/libssl/test/r160test.c deleted file mode 100644 index a172e393ca..0000000000 --- a/src/lib/libssl/test/r160test.c +++ /dev/null @@ -1,57 +0,0 @@ -/* test/r160test.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ diff --git a/src/lib/libssl/test/tcrl b/src/lib/libssl/test/tcrl deleted file mode 100644 index acaf8f3c47..0000000000 --- a/src/lib/libssl/test/tcrl +++ /dev/null @@ -1,81 +0,0 @@ -#!/bin/sh - -PATH=../apps:$PATH -export PATH - -cmd='../apps/openssl crl' - -if [ "$1"x != "x" ]; then - t=$1 -else - t=testcrl.pem -fi - -echo testing crl conversions -cp $t fff.p - -echo "p -> d" -$cmd -in fff.p -inform p -outform d >f.d -if [ $? != 0 ]; then exit 1; fi -#echo "p -> t" -#$cmd -in fff.p -inform p -outform t >f.t -#if [ $? != 0 ]; then exit 1; fi -echo "p -> p" -$cmd -in fff.p -inform p -outform p >f.p -if [ $? != 0 ]; then exit 1; fi - -echo "d -> d" -$cmd -in f.d -inform d -outform d >ff.d1 -if [ $? != 0 ]; then exit 1; fi -#echo "t -> d" -#$cmd -in f.t -inform t -outform d >ff.d2 -#if [ $? != 0 ]; then exit 1; fi -echo "p -> d" -$cmd -in f.p -inform p -outform d >ff.d3 -if [ $? != 0 ]; then exit 1; fi - -#echo "d -> t" -#$cmd -in f.d -inform d -outform t >ff.t1 -#if [ $? != 0 ]; then exit 1; fi -#echo "t -> t" -#$cmd -in f.t -inform t -outform t >ff.t2 -#if [ $? != 0 ]; then exit 1; fi -#echo "p -> t" -#$cmd -in f.p -inform p -outform t >ff.t3 -#if [ $? != 0 ]; then exit 1; fi - -echo "d -> p" -$cmd -in f.d -inform d -outform p >ff.p1 -if [ $? != 0 ]; then exit 1; fi -#echo "t -> p" -#$cmd -in f.t -inform t -outform p >ff.p2 -#if [ $? != 0 ]; then exit 1; fi -echo "p -> p" -$cmd -in f.p -inform p -outform p >ff.p3 -if [ $? != 0 ]; then exit 1; fi - -cmp fff.p f.p -if [ $? != 0 ]; then exit 1; fi -cmp fff.p ff.p1 -if [ $? != 0 ]; then exit 1; fi -#cmp fff.p ff.p2 -#if [ $? != 0 ]; then exit 1; fi -cmp fff.p ff.p3 -if [ $? != 0 ]; then exit 1; fi - -#cmp f.t ff.t1 -#if [ $? != 0 ]; then exit 1; fi -#cmp f.t ff.t2 -#if [ $? != 0 ]; then exit 1; fi -#cmp f.t ff.t3 -#if [ $? != 0 ]; then exit 1; fi - -cmp f.p ff.p1 -if [ $? != 0 ]; then exit 1; fi -#cmp f.p ff.p2 -#if [ $? != 0 ]; then exit 1; fi -cmp f.p ff.p3 -if [ $? != 0 ]; then exit 1; fi - -/bin/rm -f f.* ff.* fff.* -exit 0 diff --git a/src/lib/libssl/test/test.cnf b/src/lib/libssl/test/test.cnf deleted file mode 100644 index faad3914a8..0000000000 --- a/src/lib/libssl/test/test.cnf +++ /dev/null @@ -1,88 +0,0 @@ -# -# SSLeay example configuration file. -# This is mostly being used for generation of certificate requests. -# - -RANDFILE = ./.rnd - -#################################################################### -[ ca ] -default_ca = CA_default # The default ca section - -#################################################################### -[ CA_default ] - -dir = ./demoCA # Where everything is kept -certs = $dir/certs # Where the issued certs are kept -crl_dir = $dir/crl # Where the issued crl are kept -database = $dir/index.txt # database index file. -new_certs_dir = $dir/new_certs # default place for new certs. - -certificate = $dir/CAcert.pem # The CA certificate -serial = $dir/serial # The current serial number -crl = $dir/crl.pem # The current CRL -private_key = $dir/private/CAkey.pem# The private key -RANDFILE = $dir/private/.rand # private random number file - -default_days = 365 # how long to certify for -default_crl_days= 30 # how long before next CRL -default_md = md5 # which md to use. - -# A few difference way of specifying how similar the request should look -# For type CA, the listed attributes must be the same, and the optional -# and supplied fields are just that :-) -policy = policy_match - -# For the CA policy -[ policy_match ] -countryName = match -stateOrProvinceName = match -organizationName = match -organizationalUnitName = optional -commonName = supplied -emailAddress = optional - -# For the 'anything' policy -# At this point in time, you must list all acceptable 'object' -# types. -[ policy_anything ] -countryName = optional -stateOrProvinceName = optional -localityName = optional -organizationName = optional -organizationalUnitName = optional -commonName = supplied -emailAddress = optional - -#################################################################### -[ req ] -default_bits = 512 -default_keyfile = testkey.pem -distinguished_name = req_distinguished_name -encrypt_rsa_key = no - -[ req_distinguished_name ] -countryName = Country Name (2 letter code) -countryName_default = AU -countryName_value = AU - -stateOrProvinceName = State or Province Name (full name) -stateOrProvinceName_default = Queensland -stateOrProvinceName_value = - -localityName = Locality Name (eg, city) -localityName_value = Brisbane - -organizationName = Organization Name (eg, company) -organizationName_default = -organizationName_value = CryptSoft Pty Ltd - -organizationalUnitName = Organizational Unit Name (eg, section) -organizationalUnitName_default = -organizationalUnitName_value = . - -commonName = Common Name (eg, YOUR name) -commonName_value = Eric Young - -emailAddress = Email Address -emailAddress_value = eay@mincom.oz.au diff --git a/src/lib/libssl/test/testca b/src/lib/libssl/test/testca deleted file mode 100644 index 88c186b6ab..0000000000 --- a/src/lib/libssl/test/testca +++ /dev/null @@ -1,44 +0,0 @@ -#!/bin/sh - -SH="/bin/sh" -PATH=../apps:$PATH -export SH PATH - -SSLEAY_CONFIG="-config CAss.cnf" -export SSLEAY_CONFIG - -/bin/rm -fr demoCA -$SH ../apps/CA.sh -newca <$test; - -echo cat -$cmd enc < $test > $test.cipher -$cmd enc < $test.cipher >$test.clear -cmp $test $test.clear -if [ $? != 0 ] -then - exit 1 -else - /bin/rm $test.cipher $test.clear -fi -echo base64 -$cmd enc -a -e < $test > $test.cipher -$cmd enc -a -d < $test.cipher >$test.clear -cmp $test $test.clear -if [ $? != 0 ] -then - exit 1 -else - /bin/rm $test.cipher $test.clear -fi - -for i in `$cmd list-cipher-commands` -do - echo $i - $cmd $i -bufsize 113 -e -k test < $test > $test.$i.cipher - $cmd $i -bufsize 157 -d -k test < $test.$i.cipher >$test.$i.clear - cmp $test $test.$i.clear - if [ $? != 0 ] - then - exit 1 - else - /bin/rm $test.$i.cipher $test.$i.clear - fi - - echo $i base64 - $cmd $i -bufsize 113 -a -e -k test < $test > $test.$i.cipher - $cmd $i -bufsize 157 -a -d -k test < $test.$i.cipher >$test.$i.clear - cmp $test $test.$i.clear - if [ $? != 0 ] - then - exit 1 - else - /bin/rm $test.$i.cipher $test.$i.clear - fi -done -rm -f $test diff --git a/src/lib/libssl/test/testgen b/src/lib/libssl/test/testgen deleted file mode 100644 index c5f61b582b..0000000000 --- a/src/lib/libssl/test/testgen +++ /dev/null @@ -1,32 +0,0 @@ -#!/bin/sh - -T=testcert -KEY=512 -CA=../certs/testca.pem - -/bin/rm -f $T.1 $T.2 $T.key - -PATH=../apps:$PATH; -export PATH - -echo "generating certificate request" - -echo "There should be a 2 sequences of .'s and some +'s." -echo "There should not be more that at most 80 per line" -echo "This could take some time." - -echo "string to make the random number generator think it has entropy" >> ./.rnd - -../apps/openssl req -config test.cnf -new -out testreq.pem -if [ $? != 0 ]; then -echo problems creating request -exit 1 -fi - -../apps/openssl req -config test.cnf -verify -in testreq.pem -noout -if [ $? != 0 ]; then -echo signature on req is wrong -exit 1 -fi - -exit 0 diff --git a/src/lib/libssl/test/testp7.pem b/src/lib/libssl/test/testp7.pem deleted file mode 100644 index e5b7866c31..0000000000 --- a/src/lib/libssl/test/testp7.pem +++ /dev/null @@ -1,46 +0,0 @@ ------BEGIN PKCS7----- -MIIIGAYJKoZIhvcNAQcCoIIICTCCCAUCAQExADALBgkqhkiG9w0BBwGgggY8MIIE -cjCCBBygAwIBAgIQeS+OJfWJUZAx6cX0eAiMjzANBgkqhkiG9w0BAQQFADBiMREw -DwYDVQQHEwhJbnRlcm5ldDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNDAyBgNV -BAsTK1ZlcmlTaWduIENsYXNzIDEgQ0EgLSBJbmRpdmlkdWFsIFN1YnNjcmliZXIw -HhcNOTYwNzE5MDAwMDAwWhcNOTcwMzMwMjM1OTU5WjCB1TERMA8GA1UEBxMISW50 -ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytWZXJpU2ln -biBDbGFzcyAxIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyMSgwJgYDVQQLEx9E -aWdpdGFsIElEIENsYXNzIDEgLSBTTUlNRSBUZXN0MUcwRQYDVQQLEz53d3cudmVy -aXNpZ24uY29tL3JlcG9zaXRvcnkvQ1BTLTEuMCBJbmMuIGJ5IFJlZi4sTElBQi5M -VEQoYyk5NjBbMA0GCSqGSIb3DQEBAQUAA0oAMEcCQA7LvHEIAiQ5+4gDYvJGnGAq -UM5GXyG11diEXmIEZTHUZhorooX5sr8IIjSXiPY59YYUFSvAaharFM1xaBN8zNEC -AwEAAaOCAjkwggI1MAkGA1UdEwQCMAAwggImBgNVHQMEggIdMIICGTCCAhUwggIR -BgtghkgBhvhFAQcBATCCAgAWggGrVGhpcyBjZXJ0aWZpY2F0ZSBpbmNvcnBvcmF0 -ZXMgYnkgcmVmZXJlbmNlLCBhbmQgaXRzIHVzZSBpcyBzdHJpY3RseSBzdWJqZWN0 -IHRvLCB0aGUgVmVyaVNpZ24gQ2VydGlmaWNhdGlvbiBQcmFjdGljZSBTdGF0ZW1l -bnQgKENQUyksIGF2YWlsYWJsZSBhdDogaHR0cHM6Ly93d3cudmVyaXNpZ24uY29t -L0NQUy0xLjA7IGJ5IEUtbWFpbCBhdCBDUFMtcmVxdWVzdHNAdmVyaXNpZ24uY29t -OyBvciBieSBtYWlsIGF0IFZlcmlTaWduLCBJbmMuLCAyNTkzIENvYXN0IEF2ZS4s -IE1vdW50YWluIFZpZXcsIENBIDk0MDQzIFVTQSBUZWwuICsxICg0MTUpIDk2MS04 -ODMwIENvcHlyaWdodCAoYykgMTk5NiBWZXJpU2lnbiwgSW5jLiAgQWxsIFJpZ2h0 -cyBSZXNlcnZlZC4gQ0VSVEFJTiBXQVJSQU5USUVTIERJU0NMQUlNRUQgYW5kIExJ -QUJJTElUWSBMSU1JVEVELqAOBgxghkgBhvhFAQcBAQGhDgYMYIZIAYb4RQEHAQEC -MC8wLRYraHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JlcG9zaXRvcnkvQ1BTLTEu -AzANBgkqhkiG9w0BAQQFAANBAMCYDuSb/eIlYSxY31nZZTaCZkCSfHjlacMofExr -cF+A2yHoEuT+eCQkqM0pMNHXddUeoQ9RjV+VuMBNmm63DUYwggHCMIIBbKADAgEC -AhB8CYTq1bkRFJBYOd67cp9JMA0GCSqGSIb3DQEBAgUAMD4xCzAJBgNVBAYTAlVT -MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEWMBQGA1UECxMNVEVTVCBSb290IFBD -QTAeFw05NjA3MTcwMDAwMDBaFw05NzA3MTcyMzU5NTlaMGIxETAPBgNVBAcTCElu -dGVybmV0MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNp -Z24gQ2xhc3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjBcMA0GCSqGSIb3 -DQEBAQUAA0sAMEgCQQDsVzrNgnDhbAJZrWeLd9g1vMZJA2W67D33TTbga6yMt+ES -TWEywhS6RNP+fzLGg7utinjH4tL60cXa0G27GDsLAgMBAAGjIjAgMAsGA1UdDwQE -AwIBBjARBglghkgBhvhCAQEEBAMCAgQwDQYJKoZIhvcNAQECBQADQQAUp6bRwkaD -2d1MBs/mjUcgTI2fXVmW8tTm/Ud6OzUwpC3vYgybiOOA4f6mOC5dbyUHrLOsrihU -47ZQ0Jo1DUfboYIBrTCBwTBtMA0GCSqGSIb3DQEBAgUAMD4xCzAJBgNVBAYTAlVT -MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEWMBQGA1UECxMNVEVTVCBSb290IFBD -QRcNOTYwNzE3MTc0NDA5WhcNOTgwNzE3MDAwMDAwWjANBgkqhkiG9w0BAQIFAANB -AHitA0/xAukCjHzeh1AMT/l2oC68N+yFb+aJPHBBMxc6gG2MaKjBNwb5hcXUllMl -ExONA3ju10f7owIq3s3wx10wgeYwgZEwDQYJKoZIhvcNAQECBQAwYjERMA8GA1UE -BxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytW -ZXJpU2lnbiBDbGFzcyAxIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyFw05NjA3 -MTcxNzU5MjlaFw05NzA3MTgwMDAwMDBaMA0GCSqGSIb3DQEBAgUAA0EAubVWYTsW -sQmste9f+UgMw8BkjDlM25fwQLrCfmmnLxjewey10kSROypUaJLb+r4oRALc0fG9 -XfZsaiiIgotQHjEA ------END PKCS7----- diff --git a/src/lib/libssl/test/testreq2.pem b/src/lib/libssl/test/testreq2.pem deleted file mode 100644 index c3cdcffcbc..0000000000 --- a/src/lib/libssl/test/testreq2.pem +++ /dev/null @@ -1,7 +0,0 @@ ------BEGIN CERTIFICATE REQUEST----- -MIHaMIGFAgEAMA4xDDAKBgNVBAMTA2NuNDBcMA0GCSqGSIb3DQEBAQUAA0sAMEgC -QQCQsnkyUGDY2R3mYoeTprFJKgWuJ3f1jUjlIuW5+wfAUoeMt35c4vcFZ2mIBpEG -DtzkNQN1kr2O9ldm9zYnYhyhAgMBAAGgEjAQBgorBgEEAYI3AgEOMQIwADANBgkq -hkiG9w0BAQQFAANBAAb2szZgVIxg3vK6kYLjGSBISyuzcXJ6IvuPW6M+yzi1Qgoi -gQhazHTJp91T8ItZEzUJGZSZl2e5iXlnffWB+/U= ------END CERTIFICATE REQUEST----- diff --git a/src/lib/libssl/test/testrsa.pem b/src/lib/libssl/test/testrsa.pem deleted file mode 100644 index aad21067a8..0000000000 --- a/src/lib/libssl/test/testrsa.pem +++ /dev/null @@ -1,9 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIBPAIBAAJBAKrbeqkuRk8VcRmWFmtP+LviMB3+6dizWW3DwaffznyHGAFwUJ/I -Tv0XtbsCyl3QoyKGhrOAy3RvPK5M38iuXT0CAwEAAQJAZ3cnzaHXM/bxGaR5CR1R -rD1qFBAVfoQFiOH9uPJgMaoAuoQEisPHVcZDKcOv4wEg6/TInAIXBnEigtqvRzuy -oQIhAPcgZzUq3yVooAaoov8UbXPxqHlwo6GBMqnv20xzkf6ZAiEAsP4BnIaQTM8S -mvcpHZwQJdmdHHkGKAs37Dfxi67HbkUCIQCeZGliHXFa071Fp06ZeWlR2ADonTZz -rJBhdTe0v5pCeQIhAIZfkiGgGBX4cIuuckzEm43g9WMUjxP/0GlK39vIyihxAiEA -mymehFRT0MvqW5xAKAx7Pgkt8HVKwVhc2LwGKHE0DZM= ------END RSA PRIVATE KEY----- diff --git a/src/lib/libssl/test/testsid.pem b/src/lib/libssl/test/testsid.pem deleted file mode 100644 index 7ffd008f66..0000000000 --- a/src/lib/libssl/test/testsid.pem +++ /dev/null @@ -1,12 +0,0 @@ ------BEGIN SSL SESSION PARAMETERS----- -MIIB1gIBAQIBAgQDAQCABBCi11xa5qkOP8xrr02K/NQCBBBkIYQZM0Bt95W0EHNV -bA58oQYCBDIBr7WiBAICASyjggGGMIIBgjCCASwCAQMwDQYJKoZIhvcNAQEEBQAw -ODELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3Jz -YSB0ZXN0IENBMB4XDTk1MTAwOTIzMzEzNFoXDTk4MDcwNTIzMzEzNFowYDELMAkG -A1UEBhMCQVUxDDAKBgNVBAgTA1FMRDEZMBcGA1UEChMQTWluY29tIFB0eS4gTHRk -LjELMAkGA1UECxMCQ1MxGzAZBgNVBAMTElNTTGVheSBkZW1vIGNsaWVudDBcMA0G -CSqGSIb3DQEBAQUAA0sAMEgCQQC4pcXEL1lgVA+B5Q3TcuW/O3LZHoA73IYm8oFD -TezgCDhL2RTMn+seKWF36UtJKRIOBU9jZHCVVd0Me5ls6BEjAgMBAAEwDQYJKoZI -hvcNAQEEBQADQQBoIpOcwUY1qlVF7j3ROSGvUsbvByOBFmYWkIBgsCqR+9qo1A7L -CrWF5i8LWt/vLwAHaxWNx2YuBJMFyuK81fTvpA0EC3Rlc3Rjb250ZXh0 ------END SSL SESSION PARAMETERS----- diff --git a/src/lib/libssl/test/testss b/src/lib/libssl/test/testss deleted file mode 100644 index da62997a5f..0000000000 --- a/src/lib/libssl/test/testss +++ /dev/null @@ -1,90 +0,0 @@ -#!/bin/sh - -digest='-mdc2' -reqcmd="../apps/openssl req" -x509cmd="../apps/openssl x509 $digest" -verifycmd="../apps/openssl verify" -dummycnf="../apps/openssl.cnf" - -CAkey="keyCA.ss" -CAcert="certCA.ss" -CAreq="reqCA.ss" -CAconf="CAss.cnf" -CAreq2="req2CA.ss" # temp - -Uconf="Uss.cnf" -Ukey="keyU.ss" -Ureq="reqU.ss" -Ucert="certU.ss" - -echo -echo "make a certificate request using 'req'" -$reqcmd -config $CAconf -out $CAreq -keyout $CAkey -new #>err.ss -if [ $? != 0 ]; then - echo "error using 'req' to generate a certificate request" - exit 1 -fi -echo -echo "convert the certificate request into a self signed certificate using 'x509'" -$x509cmd -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey >err.ss -if [ $? != 0 ]; then - echo "error using 'x509' to self sign a certificate request" - exit 1 -fi - -echo -echo "convert a certificate into a certificate request using 'x509'" -$x509cmd -in $CAcert -x509toreq -signkey $CAkey -out $CAreq2 >err.ss -if [ $? != 0 ]; then - echo "error using 'x509' convert a certificate to a certificate request" - exit 1 -fi - -$reqcmd -config $dummycnf -verify -in $CAreq -noout -if [ $? != 0 ]; then - echo first generated request is invalid - exit 1 -fi - -$reqcmd -config $dummycnf -verify -in $CAreq2 -noout -if [ $? != 0 ]; then - echo second generated request is invalid - exit 1 -fi - -$verifycmd -CAfile $CAcert $CAcert -if [ $? != 0 ]; then - echo first generated cert is invalid - exit 1 -fi - -echo -echo "make another certificate request using 'req'" -$reqcmd -config $Uconf -out $Ureq -keyout $Ukey -new >err.ss -if [ $? != 0 ]; then - echo "error using 'req' to generate a certificate request" - exit 1 -fi - -echo -echo "sign certificate request with the just created CA via 'x509'" -$x509cmd -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey >err.ss -if [ $? != 0 ]; then - echo "error using 'x509' to sign a certificate request" - exit 1 -fi - -$verifycmd -CAfile $CAcert $Ucert -echo -echo "Certificate details" -$x509cmd -subject -issuer -startdate -enddate -noout -in $Ucert - -echo -echo The generated CA certificate is $CAcert -echo The generated CA private key is $CAkey - -echo The generated user certificate is $Ucert -echo The generated user private key is $Ukey - -/bin/rm err.ss -exit 0 diff --git a/src/lib/libssl/test/testssl b/src/lib/libssl/test/testssl deleted file mode 100644 index a88e290c57..0000000000 --- a/src/lib/libssl/test/testssl +++ /dev/null @@ -1,81 +0,0 @@ -#!/bin/sh - -echo test sslv2 -./ssltest -ssl2 || exit 1 - -echo test sslv2 with server authentication -./ssltest -ssl2 -server_auth -CApath ../certs || exit 1 - -echo test sslv2 with client authentication -./ssltest -ssl2 -client_auth -CApath ../certs || exit 1 - -echo test sslv2 with both client and server authentication -./ssltest -ssl2 -server_auth -client_auth -CApath ../certs || exit 1 - -echo test sslv3 -./ssltest -ssl3 || exit 1 - -echo test sslv3 with server authentication -./ssltest -ssl3 -server_auth -CApath ../certs || exit 1 - -echo test sslv3 with client authentication -./ssltest -ssl3 -client_auth -CApath ../certs || exit 1 - -echo test sslv3 with both client and server authentication -./ssltest -ssl3 -server_auth -client_auth -CApath ../certs || exit 1 - -echo test sslv2/sslv3 -./ssltest || exit 1 - -echo test sslv2/sslv3 with server authentication -./ssltest -server_auth -CApath ../certs || exit 1 - -echo test sslv2/sslv3 with client authentication -./ssltest -client_auth -CApath ../certs || exit 1 - -echo test sslv2/sslv3 with both client and server authentication -./ssltest -server_auth -client_auth -CApath ../certs || exit 1 - -echo test sslv2 via BIO pair -./ssltest -bio_pair -ssl2 || exit 1 - -echo test sslv2 with server authentication via BIO pair -./ssltest -bio_pair -ssl2 -server_auth -CApath ../certs || exit 1 - -echo test sslv2 with client authentication via BIO pair -./ssltest -bio_pair -ssl2 -client_auth -CApath ../certs || exit 1 - -echo test sslv2 with both client and server authentication via BIO pair -./ssltest -bio_pair -ssl2 -server_auth -client_auth -CApath ../certs || exit 1 - -echo test sslv3 via BIO pair -./ssltest -bio_pair -ssl3 || exit 1 - -echo test sslv3 with server authentication via BIO pair -./ssltest -bio_pair -ssl3 -server_auth -CApath ../certs || exit 1 - -echo test sslv3 with client authentication via BIO pair -./ssltest -bio_pair -ssl3 -client_auth -CApath ../certs || exit 1 - -echo test sslv3 with both client and server authentication via BIO pair -./ssltest -bio_pair -ssl3 -server_auth -client_auth -CApath ../certs || exit 1 - -echo test sslv2/sslv3 via BIO pair -./ssltest || exit 1 - -echo test sslv2/sslv3 w/o DHE via BIO pair -./ssltest -bio_pair -no_dhe || exit 1 - -echo test sslv2/sslv3 with 1024bit DHE -./ssltest -bio_pair -dhe1024 -v || exit 1 - -echo test sslv2/sslv3 with server authentication -./ssltest -bio_pair -server_auth -CApath ../certs || exit 1 - -echo test sslv2/sslv3 with client authentication via BIO pair -./ssltest -bio_pair -client_auth -CApath ../certs || exit 1 - -echo test sslv2/sslv3 with both client and server authentication via BIO pair -./ssltest -bio_pair -server_auth -client_auth -CApath ../certs || exit 1 - -exit 0 diff --git a/src/lib/libssl/test/testx509.pem b/src/lib/libssl/test/testx509.pem deleted file mode 100644 index 8a85d14964..0000000000 --- a/src/lib/libssl/test/testx509.pem +++ /dev/null @@ -1,10 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIBWzCCAQYCARgwDQYJKoZIhvcNAQEEBQAwODELMAkGA1UEBhMCQVUxDDAKBgNV -BAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3JzYSB0ZXN0IENBMB4XDTk1MDYxOTIz -MzMxMloXDTk1MDcxNzIzMzMxMlowOjELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FM -RDEdMBsGA1UEAxMUU1NMZWF5L3JzYSB0ZXN0IGNlcnQwXDANBgkqhkiG9w0BAQEF -AANLADBIAkEAqtt6qS5GTxVxGZYWa0/4u+IwHf7p2LNZbcPBp9/OfIcYAXBQn8hO -/Re1uwLKXdCjIoaGs4DLdG88rkzfyK5dPQIDAQABMAwGCCqGSIb3DQIFBQADQQAE -Wc7EcF8po2/ZO6kNCwK/ICH6DobgLekA5lSLr5EvuioZniZp5lFzAw4+YzPQ7XKJ -zl9HYIMxATFyqSiD9jsx ------END CERTIFICATE----- diff --git a/src/lib/libssl/test/times b/src/lib/libssl/test/times deleted file mode 100644 index 49aeebf216..0000000000 --- a/src/lib/libssl/test/times +++ /dev/null @@ -1,113 +0,0 @@ - -More number for the questions about SSL overheads.... - -The following numbers were generated on a pentium pro 200, running linux. -They give an indication of the SSL protocol and encryption overheads. - -The program that generated them is an unreleased version of ssl/ssltest.c -which is the SSLeay ssl protocol testing program. It is a single process that -talks both sides of the SSL protocol via a non-blocking memory buffer -interface. - -How do I read this? The protocol and cipher are reasonable obvious. -The next number is the number of connections being made. The next is the -number of bytes exchanged bewteen the client and server side of the protocol. -This is the number of bytes that the client sends to the server, and then -the server sends back. Because this is all happening in one process, -the data is being encrypted, decrypted, encrypted and then decrypted again. -It is a round trip of that many bytes. Because the one process performs -both the client and server sides of the protocol and it sends this many bytes -each direction, multiply this number by 4 to generate the number -of bytes encrypted/decrypted/MACed. The first time value is how many seconds -elapsed doing a full SSL handshake, the second is the cost of one -full handshake and the rest being session-id reuse. - -SSLv2 RC4-MD5 1000 x 1 12.83s 0.70s -SSLv3 NULL-MD5 1000 x 1 14.35s 1.47s -SSLv3 RC4-MD5 1000 x 1 14.46s 1.56s -SSLv3 RC4-MD5 1000 x 1 51.93s 1.62s 1024bit RSA -SSLv3 RC4-SHA 1000 x 1 14.61s 1.83s -SSLv3 DES-CBC-SHA 1000 x 1 14.70s 1.89s -SSLv3 DES-CBC3-SHA 1000 x 1 15.16s 2.16s - -SSLv2 RC4-MD5 1000 x 1024 13.72s 1.27s -SSLv3 NULL-MD5 1000 x 1024 14.79s 1.92s -SSLv3 RC4-MD5 1000 x 1024 52.58s 2.29s 1024bit RSA -SSLv3 RC4-SHA 1000 x 1024 15.39s 2.67s -SSLv3 DES-CBC-SHA 1000 x 1024 16.45s 3.55s -SSLv3 DES-CBC3-SHA 1000 x 1024 18.21s 5.38s - -SSLv2 RC4-MD5 1000 x 10240 18.97s 6.52s -SSLv3 NULL-MD5 1000 x 10240 17.79s 5.11s -SSLv3 RC4-MD5 1000 x 10240 20.25s 7.90s -SSLv3 RC4-MD5 1000 x 10240 58.26s 8.08s 1024bit RSA -SSLv3 RC4-SHA 1000 x 10240 22.96s 11.44s -SSLv3 DES-CBC-SHA 1000 x 10240 30.65s 18.41s -SSLv3 DES-CBC3-SHA 1000 x 10240 47.04s 34.53s - -SSLv2 RC4-MD5 1000 x 102400 70.22s 57.74s -SSLv3 NULL-MD5 1000 x 102400 43.73s 31.03s -SSLv3 RC4-MD5 1000 x 102400 71.32s 58.83s -SSLv3 RC4-MD5 1000 x 102400 109.66s 59.20s 1024bit RSA -SSLv3 RC4-SHA 1000 x 102400 95.88s 82.21s -SSLv3 DES-CBC-SHA 1000 x 102400 173.22s 160.55s -SSLv3 DES-CBC3-SHA 1000 x 102400 336.61s 323.82s - -What does this all mean? Well for a server, with no session-id reuse, with -a transfer size of 10240 bytes, using RC4-MD5 and a 512bit server key, -a pentium pro 200 running linux can handle the SSLv3 protocol overheads of -about 49 connections a second. Reality will be quite different :-). - -Remeber the first number is 1000 full ssl handshakes, the second is -1 full and 999 with session-id reuse. The RSA overheads for each exchange -would be one public and one private operation, but the protocol/MAC/cipher -cost would be quite similar in both the client and server. - -eric (adding numbers to speculation) - ---- Appendix --- -- The time measured is user time but these number a very rough. -- Remember this is the cost of both client and server sides of the protocol. -- The TCP/kernal overhead of connection establishment is normally the - killer in SSL. Often delays in the TCP protocol will make session-id - reuse look slower that new sessions, but this would not be the case on - a loaded server. -- The TCP round trip latencies, while slowing indervidual connections, - would have minimal impact on throughput. -- Instead of sending one 102400 byte buffer, one 8k buffer is sent until -- the required number of bytes are processed. -- The SSLv3 connections were actually SSLv2 compatable SSLv3 headers. -- A 512bit server key was being used except where noted. -- No server key verification was being performed on the client side of the - protocol. This would slow things down very little. -- The library being used is SSLeay 0.8.x. -- The normal mesauring system was commands of the form - time ./ssltest -num 1000 -bytes 102400 -cipher DES-CBC-SHA -reuse - This modified version of ssltest should be in the next public release of - SSLeay. - -The general cipher performace number for this platform are - -SSLeay 0.8.2a 04-Sep-1997 -built on Fri Sep 5 17:37:05 EST 1997 -options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2) -C flags:gcc -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -The 'numbers' are in 1000s of bytes per second processed. -type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes -md2 131.02k 368.41k 500.57k 549.21k 566.09k -mdc2 535.60k 589.10k 595.88k 595.97k 594.54k -md5 1801.53k 9674.77k 17484.03k 21849.43k 23592.96k -sha 1261.63k 5533.25k 9285.63k 11187.88k 11913.90k -sha1 1103.13k 4782.53k 7933.78k 9472.34k 10070.70k -rc4 10722.53k 14443.93k 15215.79k 15299.24k 15219.59k -des cbc 3286.57k 3827.73k 3913.39k 3931.82k 3926.70k -des ede3 1443.50k 1549.08k 1561.17k 1566.38k 1564.67k -idea cbc 2203.64k 2508.16k 2538.33k 2543.62k 2547.71k -rc2 cbc 1430.94k 1511.59k 1524.82k 1527.13k 1523.33k -blowfish cbc 4716.07k 5965.82k 6190.17k 6243.67k 6234.11k - sign verify -rsa 512 bits 0.0100s 0.0011s -rsa 1024 bits 0.0451s 0.0012s -rsa 2048 bits 0.2605s 0.0086s -rsa 4096 bits 1.6883s 0.0302s - diff --git a/src/lib/libssl/test/tpkcs7 b/src/lib/libssl/test/tpkcs7 deleted file mode 100644 index 15bbba42c0..0000000000 --- a/src/lib/libssl/test/tpkcs7 +++ /dev/null @@ -1,51 +0,0 @@ -#!/bin/sh - -PATH=../apps:$PATH -export PATH - -cmd='../apps/openssl pkcs7' - -if [ "$1"x != "x" ]; then - t=$1 -else - t=testp7.pem -fi - -echo testing pkcs7 conversions -cp $t fff.p - -echo "p -> d" -$cmd -in fff.p -inform p -outform d >f.d -if [ $? != 0 ]; then exit 1; fi -echo "p -> p" -$cmd -in fff.p -inform p -outform p >f.p -if [ $? != 0 ]; then exit 1; fi - -echo "d -> d" -$cmd -in f.d -inform d -outform d >ff.d1 -if [ $? != 0 ]; then exit 1; fi -echo "p -> d" -$cmd -in f.p -inform p -outform d >ff.d3 -if [ $? != 0 ]; then exit 1; fi - -echo "d -> p" -$cmd -in f.d -inform d -outform p >ff.p1 -if [ $? != 0 ]; then exit 1; fi -echo "p -> p" -$cmd -in f.p -inform p -outform p >ff.p3 -if [ $? != 0 ]; then exit 1; fi - -cmp fff.p f.p -if [ $? != 0 ]; then exit 1; fi -cmp fff.p ff.p1 -if [ $? != 0 ]; then exit 1; fi -cmp fff.p ff.p3 -if [ $? != 0 ]; then exit 1; fi - -cmp f.p ff.p1 -if [ $? != 0 ]; then exit 1; fi -cmp f.p ff.p3 -if [ $? != 0 ]; then exit 1; fi - -/bin/rm -f f.* ff.* fff.* -exit 0 diff --git a/src/lib/libssl/test/tpkcs7d b/src/lib/libssl/test/tpkcs7d deleted file mode 100644 index 46e5aa2bd6..0000000000 --- a/src/lib/libssl/test/tpkcs7d +++ /dev/null @@ -1,44 +0,0 @@ -#!/bin/sh - -PATH=../apps:$PATH -export PATH - -cmd='../apps/openssl pkcs7' - -if [ "$1"x != "x" ]; then - t=$1 -else - t=pkcs7-1.pem -fi - -echo "testing pkcs7 conversions (2)" -cp $t fff.p - -echo "p -> d" -$cmd -in fff.p -inform p -outform d >f.d -if [ $? != 0 ]; then exit 1; fi -echo "p -> p" -$cmd -in fff.p -inform p -outform p >f.p -if [ $? != 0 ]; then exit 1; fi - -echo "d -> d" -$cmd -in f.d -inform d -outform d >ff.d1 -if [ $? != 0 ]; then exit 1; fi -echo "p -> d" -$cmd -in f.p -inform p -outform d >ff.d3 -if [ $? != 0 ]; then exit 1; fi - -echo "d -> p" -$cmd -in f.d -inform d -outform p >ff.p1 -if [ $? != 0 ]; then exit 1; fi -echo "p -> p" -$cmd -in f.p -inform p -outform p >ff.p3 -if [ $? != 0 ]; then exit 1; fi - -cmp f.p ff.p1 -if [ $? != 0 ]; then exit 1; fi -cmp f.p ff.p3 -if [ $? != 0 ]; then exit 1; fi - -/bin/rm -f f.* ff.* fff.* -exit 0 diff --git a/src/lib/libssl/test/treq b/src/lib/libssl/test/treq deleted file mode 100644 index 0464c9d902..0000000000 --- a/src/lib/libssl/test/treq +++ /dev/null @@ -1,81 +0,0 @@ -#!/bin/sh - -PATH=../apps:$PATH -export PATH - -cmd='../apps/openssl req -config ../apps/openssl.cnf' - -if [ "$1"x != "x" ]; then - t=$1 -else - t=testreq.pem -fi - -echo testing req conversions -cp $t fff.p - -echo "p -> d" -$cmd -in fff.p -inform p -outform d >f.d -if [ $? != 0 ]; then exit 1; fi -#echo "p -> t" -#$cmd -in fff.p -inform p -outform t >f.t -#if [ $? != 0 ]; then exit 1; fi -echo "p -> p" -$cmd -in fff.p -inform p -outform p >f.p -if [ $? != 0 ]; then exit 1; fi - -echo "d -> d" -$cmd -verify -in f.d -inform d -outform d >ff.d1 -if [ $? != 0 ]; then exit 1; fi -#echo "t -> d" -#$cmd -in f.t -inform t -outform d >ff.d2 -#if [ $? != 0 ]; then exit 1; fi -echo "p -> d" -$cmd -verify -in f.p -inform p -outform d >ff.d3 -if [ $? != 0 ]; then exit 1; fi - -#echo "d -> t" -#$cmd -in f.d -inform d -outform t >ff.t1 -#if [ $? != 0 ]; then exit 1; fi -#echo "t -> t" -#$cmd -in f.t -inform t -outform t >ff.t2 -#if [ $? != 0 ]; then exit 1; fi -#echo "p -> t" -#$cmd -in f.p -inform p -outform t >ff.t3 -#if [ $? != 0 ]; then exit 1; fi - -echo "d -> p" -$cmd -in f.d -inform d -outform p >ff.p1 -if [ $? != 0 ]; then exit 1; fi -#echo "t -> p" -#$cmd -in f.t -inform t -outform p >ff.p2 -#if [ $? != 0 ]; then exit 1; fi -echo "p -> p" -$cmd -in f.p -inform p -outform p >ff.p3 -if [ $? != 0 ]; then exit 1; fi - -cmp fff.p f.p -if [ $? != 0 ]; then exit 1; fi -cmp fff.p ff.p1 -if [ $? != 0 ]; then exit 1; fi -#cmp fff.p ff.p2 -#if [ $? != 0 ]; then exit 1; fi -cmp fff.p ff.p3 -if [ $? != 0 ]; then exit 1; fi - -#cmp f.t ff.t1 -#if [ $? != 0 ]; then exit 1; fi -#cmp f.t ff.t2 -#if [ $? != 0 ]; then exit 1; fi -#cmp f.t ff.t3 -#if [ $? != 0 ]; then exit 1; fi - -cmp f.p ff.p1 -if [ $? != 0 ]; then exit 1; fi -#cmp f.p ff.p2 -#if [ $? != 0 ]; then exit 1; fi -cmp f.p ff.p3 -if [ $? != 0 ]; then exit 1; fi - -/bin/rm -f f.* ff.* fff.* -exit 0 diff --git a/src/lib/libssl/test/trsa b/src/lib/libssl/test/trsa deleted file mode 100644 index d6a4dd826d..0000000000 --- a/src/lib/libssl/test/trsa +++ /dev/null @@ -1,81 +0,0 @@ -#!/bin/sh - -PATH=../apps:$PATH -export PATH - -cmd='../apps/openssl rsa' - -if [ "$1"x != "x" ]; then - t=$1 -else - t=testrsa.pem -fi - -echo testing rsa conversions -cp $t fff.p - -echo "p -> d" -$cmd -in fff.p -inform p -outform d >f.d -if [ $? != 0 ]; then exit 1; fi -#echo "p -> t" -#$cmd -in fff.p -inform p -outform t >f.t -#if [ $? != 0 ]; then exit 1; fi -echo "p -> p" -$cmd -in fff.p -inform p -outform p >f.p -if [ $? != 0 ]; then exit 1; fi - -echo "d -> d" -$cmd -in f.d -inform d -outform d >ff.d1 -if [ $? != 0 ]; then exit 1; fi -#echo "t -> d" -#$cmd -in f.t -inform t -outform d >ff.d2 -#if [ $? != 0 ]; then exit 1; fi -echo "p -> d" -$cmd -in f.p -inform p -outform d >ff.d3 -if [ $? != 0 ]; then exit 1; fi - -#echo "d -> t" -#$cmd -in f.d -inform d -outform t >ff.t1 -#if [ $? != 0 ]; then exit 1; fi -#echo "t -> t" -#$cmd -in f.t -inform t -outform t >ff.t2 -#if [ $? != 0 ]; then exit 1; fi -#echo "p -> t" -#$cmd -in f.p -inform p -outform t >ff.t3 -#if [ $? != 0 ]; then exit 1; fi - -echo "d -> p" -$cmd -in f.d -inform d -outform p >ff.p1 -if [ $? != 0 ]; then exit 1; fi -#echo "t -> p" -#$cmd -in f.t -inform t -outform p >ff.p2 -#if [ $? != 0 ]; then exit 1; fi -echo "p -> p" -$cmd -in f.p -inform p -outform p >ff.p3 -if [ $? != 0 ]; then exit 1; fi - -cmp fff.p f.p -if [ $? != 0 ]; then exit 1; fi -cmp fff.p ff.p1 -if [ $? != 0 ]; then exit 1; fi -#cmp fff.p ff.p2 -#if [ $? != 0 ]; then exit 1; fi -cmp fff.p ff.p3 -if [ $? != 0 ]; then exit 1; fi - -#cmp f.t ff.t1 -#if [ $? != 0 ]; then exit 1; fi -#cmp f.t ff.t2 -#if [ $? != 0 ]; then exit 1; fi -#cmp f.t ff.t3 -#if [ $? != 0 ]; then exit 1; fi - -cmp f.p ff.p1 -if [ $? != 0 ]; then exit 1; fi -#cmp f.p ff.p2 -#if [ $? != 0 ]; then exit 1; fi -cmp f.p ff.p3 -if [ $? != 0 ]; then exit 1; fi - -/bin/rm -f f.* ff.* fff.* -exit 0 diff --git a/src/lib/libssl/test/tsid b/src/lib/libssl/test/tsid deleted file mode 100644 index 9e0854516c..0000000000 --- a/src/lib/libssl/test/tsid +++ /dev/null @@ -1,81 +0,0 @@ -#!/bin/sh - -PATH=../apps:$PATH -export PATH - -cmd='../apps/openssl sess_id' - -if [ "$1"x != "x" ]; then - t=$1 -else - t=testsid.pem -fi - -echo testing session-id conversions -cp $t fff.p - -echo "p -> d" -$cmd -in fff.p -inform p -outform d >f.d -if [ $? != 0 ]; then exit 1; fi -#echo "p -> t" -#$cmd -in fff.p -inform p -outform t >f.t -#if [ $? != 0 ]; then exit 1; fi -echo "p -> p" -$cmd -in fff.p -inform p -outform p >f.p -if [ $? != 0 ]; then exit 1; fi - -echo "d -> d" -$cmd -in f.d -inform d -outform d >ff.d1 -if [ $? != 0 ]; then exit 1; fi -#echo "t -> d" -#$cmd -in f.t -inform t -outform d >ff.d2 -#if [ $? != 0 ]; then exit 1; fi -echo "p -> d" -$cmd -in f.p -inform p -outform d >ff.d3 -if [ $? != 0 ]; then exit 1; fi - -#echo "d -> t" -#$cmd -in f.d -inform d -outform t >ff.t1 -#if [ $? != 0 ]; then exit 1; fi -#echo "t -> t" -#$cmd -in f.t -inform t -outform t >ff.t2 -#if [ $? != 0 ]; then exit 1; fi -#echo "p -> t" -#$cmd -in f.p -inform p -outform t >ff.t3 -#if [ $? != 0 ]; then exit 1; fi - -echo "d -> p" -$cmd -in f.d -inform d -outform p >ff.p1 -if [ $? != 0 ]; then exit 1; fi -#echo "t -> p" -#$cmd -in f.t -inform t -outform p >ff.p2 -#if [ $? != 0 ]; then exit 1; fi -echo "p -> p" -$cmd -in f.p -inform p -outform p >ff.p3 -if [ $? != 0 ]; then exit 1; fi - -cmp fff.p f.p -if [ $? != 0 ]; then exit 1; fi -cmp fff.p ff.p1 -if [ $? != 0 ]; then exit 1; fi -#cmp fff.p ff.p2 -#if [ $? != 0 ]; then exit 1; fi -cmp fff.p ff.p3 -if [ $? != 0 ]; then exit 1; fi - -#cmp f.t ff.t1 -#if [ $? != 0 ]; then exit 1; fi -#cmp f.t ff.t2 -#if [ $? != 0 ]; then exit 1; fi -#cmp f.t ff.t3 -#if [ $? != 0 ]; then exit 1; fi - -cmp f.p ff.p1 -if [ $? != 0 ]; then exit 1; fi -#cmp f.p ff.p2 -#if [ $? != 0 ]; then exit 1; fi -cmp f.p ff.p3 -if [ $? != 0 ]; then exit 1; fi - -/bin/rm -f f.* ff.* fff.* -exit 0 diff --git a/src/lib/libssl/test/tx509 b/src/lib/libssl/test/tx509 deleted file mode 100644 index 35169f3a43..0000000000 --- a/src/lib/libssl/test/tx509 +++ /dev/null @@ -1,81 +0,0 @@ -#!/bin/sh - -PATH=../apps:$PATH -export PATH - -cmd='../apps/openssl x509' - -if [ "$1"x != "x" ]; then - t=$1 -else - t=testx509.pem -fi - -echo testing X509 conversions -cp $t fff.p - -echo "p -> d" -$cmd -in fff.p -inform p -outform d >f.d -if [ $? != 0 ]; then exit 1; fi -echo "p -> n" -$cmd -in fff.p -inform p -outform n >f.n -if [ $? != 0 ]; then exit 1; fi -echo "p -> p" -$cmd -in fff.p -inform p -outform p >f.p -if [ $? != 0 ]; then exit 1; fi - -echo "d -> d" -$cmd -in f.d -inform d -outform d >ff.d1 -if [ $? != 0 ]; then exit 1; fi -echo "n -> d" -$cmd -in f.n -inform n -outform d >ff.d2 -if [ $? != 0 ]; then exit 1; fi -echo "p -> d" -$cmd -in f.p -inform p -outform d >ff.d3 -if [ $? != 0 ]; then exit 1; fi - -echo "d -> n" -$cmd -in f.d -inform d -outform n >ff.n1 -if [ $? != 0 ]; then exit 1; fi -echo "n -> n" -$cmd -in f.n -inform n -outform n >ff.n2 -if [ $? != 0 ]; then exit 1; fi -echo "p -> n" -$cmd -in f.p -inform p -outform n >ff.n3 -if [ $? != 0 ]; then exit 1; fi - -echo "d -> p" -$cmd -in f.d -inform d -outform p >ff.p1 -if [ $? != 0 ]; then exit 1; fi -echo "n -> p" -$cmd -in f.n -inform n -outform p >ff.p2 -if [ $? != 0 ]; then exit 1; fi -echo "p -> p" -$cmd -in f.p -inform p -outform p >ff.p3 -if [ $? != 0 ]; then exit 1; fi - -cmp fff.p f.p -if [ $? != 0 ]; then exit 1; fi -cmp fff.p ff.p1 -if [ $? != 0 ]; then exit 1; fi -cmp fff.p ff.p2 -if [ $? != 0 ]; then exit 1; fi -cmp fff.p ff.p3 -if [ $? != 0 ]; then exit 1; fi - -cmp f.n ff.n1 -if [ $? != 0 ]; then exit 1; fi -cmp f.n ff.n2 -if [ $? != 0 ]; then exit 1; fi -cmp f.n ff.n3 -if [ $? != 0 ]; then exit 1; fi - -cmp f.p ff.p1 -if [ $? != 0 ]; then exit 1; fi -cmp f.p ff.p2 -if [ $? != 0 ]; then exit 1; fi -cmp f.p ff.p3 -if [ $? != 0 ]; then exit 1; fi - -/bin/rm -f f.* ff.* fff.* -exit 0 diff --git a/src/lib/libssl/test/v3-cert1.pem b/src/lib/libssl/test/v3-cert1.pem deleted file mode 100644 index 0da253d5c3..0000000000 --- a/src/lib/libssl/test/v3-cert1.pem +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICjTCCAfigAwIBAgIEMaYgRzALBgkqhkiG9w0BAQQwRTELMAkGA1UEBhMCVVMx -NjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFuZCBTcGFjZSBBZG1pbmlz -dHJhdGlvbjAmFxE5NjA1MjgxMzQ5MDUrMDgwMBcROTgwNTI4MTM0OTA1KzA4MDAw -ZzELMAkGA1UEBhMCVVMxNjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFu -ZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEgMAkGA1UEBRMCMTYwEwYDVQQDEwxTdGV2 -ZSBTY2hvY2gwWDALBgkqhkiG9w0BAQEDSQAwRgJBALrAwyYdgxmzNP/ts0Uyf6Bp -miJYktU/w4NG67ULaN4B5CnEz7k57s9o3YY3LecETgQ5iQHmkwlYDTL2fTgVfw0C -AQOjgaswgagwZAYDVR0ZAQH/BFowWDBWMFQxCzAJBgNVBAYTAlVTMTYwNAYDVQQK -Ey1OYXRpb25hbCBBZXJvbmF1dGljcyBhbmQgU3BhY2UgQWRtaW5pc3RyYXRpb24x -DTALBgNVBAMTBENSTDEwFwYDVR0BAQH/BA0wC4AJODMyOTcwODEwMBgGA1UdAgQR -MA8ECTgzMjk3MDgyM4ACBSAwDQYDVR0KBAYwBAMCBkAwCwYJKoZIhvcNAQEEA4GB -AH2y1VCEw/A4zaXzSYZJTTUi3uawbbFiS2yxHvgf28+8Js0OHXk1H1w2d6qOHH21 -X82tZXd/0JtG0g1T9usFFBDvYK8O0ebgz/P5ELJnBL2+atObEuJy1ZZ0pBDWINR3 -WkDNLCGiTkCKp0F5EWIrVDwh54NNevkCQRZita+z4IBO ------END CERTIFICATE----- diff --git a/src/lib/libssl/test/v3-cert2.pem b/src/lib/libssl/test/v3-cert2.pem deleted file mode 100644 index de0723ff8d..0000000000 --- a/src/lib/libssl/test/v3-cert2.pem +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICiTCCAfKgAwIBAgIEMeZfHzANBgkqhkiG9w0BAQQFADB9MQswCQYDVQQGEwJD -YTEPMA0GA1UEBxMGTmVwZWFuMR4wHAYDVQQLExVObyBMaWFiaWxpdHkgQWNjZXB0 -ZWQxHzAdBgNVBAoTFkZvciBEZW1vIFB1cnBvc2VzIE9ubHkxHDAaBgNVBAMTE0Vu -dHJ1c3QgRGVtbyBXZWIgQ0EwHhcNOTYwNzEyMTQyMDE1WhcNOTYxMDEyMTQyMDE1 -WjB0MSQwIgYJKoZIhvcNAQkBExVjb29rZUBpc3NsLmF0bC5ocC5jb20xCzAJBgNV -BAYTAlVTMScwJQYDVQQLEx5IZXdsZXR0IFBhY2thcmQgQ29tcGFueSAoSVNTTCkx -FjAUBgNVBAMTDVBhdWwgQS4gQ29va2UwXDANBgkqhkiG9w0BAQEFAANLADBIAkEA -6ceSq9a9AU6g+zBwaL/yVmW1/9EE8s5you1mgjHnj0wAILuoB3L6rm6jmFRy7QZT -G43IhVZdDua4e+5/n1ZslwIDAQABo2MwYTARBglghkgBhvhCAQEEBAMCB4AwTAYJ -YIZIAYb4QgENBD8WPVRoaXMgY2VydGlmaWNhdGUgaXMgb25seSBpbnRlbmRlZCBm -b3IgZGVtb25zdHJhdGlvbiBwdXJwb3Nlcy4wDQYJKoZIhvcNAQEEBQADgYEAi8qc -F3zfFqy1sV8NhjwLVwOKuSfhR/Z8mbIEUeSTlnH3QbYt3HWZQ+vXI8mvtZoBc2Fz -lexKeIkAZXCesqGbs6z6nCt16P6tmdfbZF3I3AWzLquPcOXjPf4HgstkyvVBn0Ap -jAFN418KF/Cx4qyHB4cjdvLrRjjQLnb2+ibo7QU= ------END CERTIFICATE----- diff --git a/src/lib/libssl/tls1.h b/src/lib/libssl/tls1.h deleted file mode 100644 index cf92ae034f..0000000000 --- a/src/lib/libssl/tls1.h +++ /dev/null @@ -1,164 +0,0 @@ -/* ssl/tls1.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_TLS1_H -#define HEADER_TLS1_H - -#include - -#ifdef __cplusplus -extern "C" { -#endif - -#define TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES 1 - -#define TLS1_VERSION 0x0301 -#define TLS1_VERSION_MAJOR 0x03 -#define TLS1_VERSION_MINOR 0x01 - -#define TLS1_AD_DECRYPTION_FAILED 21 -#define TLS1_AD_RECORD_OVERFLOW 22 -#define TLS1_AD_UNKNOWN_CA 48 /* fatal */ -#define TLS1_AD_ACCESS_DENIED 49 /* fatal */ -#define TLS1_AD_DECODE_ERROR 50 /* fatal */ -#define TLS1_AD_DECRYPT_ERROR 51 -#define TLS1_AD_EXPORT_RESTRICTION 60 /* fatal */ -#define TLS1_AD_PROTOCOL_VERSION 70 /* fatal */ -#define TLS1_AD_INSUFFICIENT_SECURITY 71 /* fatal */ -#define TLS1_AD_INTERNAL_ERROR 80 /* fatal */ -#define TLS1_AD_USER_CANCELLED 90 -#define TLS1_AD_NO_RENEGOTIATION 100 - -/* Additional TLS ciphersuites from draft-ietf-tls-56-bit-ciphersuites-00.txt - * (available if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES is defined, see - * s3_lib.c). We actually treat them like SSL 3.0 ciphers, which we probably - * shouldn't. */ -#define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5 0x03000060 -#define TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 0x03000061 -#define TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA 0x03000062 -#define TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA 0x03000063 -#define TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA 0x03000064 -#define TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA 0x03000065 -#define TLS1_CK_DHE_DSS_WITH_RC4_128_SHA 0x03000066 - -/* XXX - * Inconsistency alert: - * The OpenSSL names of ciphers with ephemeral DH here include the string - * "DHE", while elsewhere it has always been "EDH". - * (The alias for the list of all such ciphers also is "EDH".) - * The specifications speak of "EDH"; maybe we should allow both forms - * for everything. */ -#define TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_MD5 "EXP1024-RC4-MD5" -#define TLS1_TXT_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 "EXP1024-RC2-CBC-MD5" -#define TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA "EXP1024-DES-CBC-SHA" -#define TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA "EXP1024-DHE-DSS-DES-CBC-SHA" -#define TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA "EXP1024-RC4-SHA" -#define TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA "EXP1024-DHE-DSS-RC4-SHA" -#define TLS1_TXT_DHE_DSS_WITH_RC4_128_SHA "DHE-DSS-RC4-SHA" - - -#define TLS_CT_RSA_SIGN 1 -#define TLS_CT_DSS_SIGN 2 -#define TLS_CT_RSA_FIXED_DH 3 -#define TLS_CT_DSS_FIXED_DH 4 -#define TLS_CT_NUMBER 4 - -#define TLS1_FINISH_MAC_LENGTH 12 - -#define TLS_MD_MAX_CONST_SIZE 20 -#define TLS_MD_CLIENT_FINISH_CONST "client finished" -#define TLS_MD_CLIENT_FINISH_CONST_SIZE 15 -#define TLS_MD_SERVER_FINISH_CONST "server finished" -#define TLS_MD_SERVER_FINISH_CONST_SIZE 15 -#define TLS_MD_SERVER_WRITE_KEY_CONST "server write key" -#define TLS_MD_SERVER_WRITE_KEY_CONST_SIZE 16 -#define TLS_MD_KEY_EXPANSION_CONST "key expansion" -#define TLS_MD_KEY_EXPANSION_CONST_SIZE 13 -#define TLS_MD_CLIENT_WRITE_KEY_CONST "client write key" -#define TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE 16 -#define TLS_MD_SERVER_WRITE_KEY_CONST "server write key" -#define TLS_MD_SERVER_WRITE_KEY_CONST_SIZE 16 -#define TLS_MD_IV_BLOCK_CONST "IV block" -#define TLS_MD_IV_BLOCK_CONST_SIZE 8 -#define TLS_MD_MASTER_SECRET_CONST "master secret" -#define TLS_MD_MASTER_SECRET_CONST_SIZE 13 - -#ifdef CHARSET_EBCDIC -#undef TLS_MD_CLIENT_FINISH_CONST -#define TLS_MD_CLIENT_FINISH_CONST "\x63\x6c\x69\x65\x6e\x74\x20\x66\x69\x6e\x69\x73\x68\x65\x64" /*client finished*/ -#undef TLS_MD_SERVER_FINISH_CONST -#define TLS_MD_SERVER_FINISH_CONST "\x73\x65\x72\x76\x65\x72\x20\x66\x69\x6e\x69\x73\x68\x65\x64" /*server finished*/ -#undef TLS_MD_SERVER_WRITE_KEY_CONST -#define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79" /*server write key*/ -#undef TLS_MD_KEY_EXPANSION_CONST -#define TLS_MD_KEY_EXPANSION_CONST "\x6b\x65\x79\x20\x65\x78\x70\x61\x6e\x73\x69\x6f\x6e" /*key expansion*/ -#undef TLS_MD_CLIENT_WRITE_KEY_CONST -#define TLS_MD_CLIENT_WRITE_KEY_CONST "\x63\x6c\x69\x65\x6e\x74\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79" /*client write key*/ -#undef TLS_MD_SERVER_WRITE_KEY_CONST -#define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79" /*server write key*/ -#undef TLS_MD_IV_BLOCK_CONST -#define TLS_MD_IV_BLOCK_CONST "\x49\x56\x20\x62\x6c\x6f\x63\x6b" /*IV block*/ -#undef TLS_MD_MASTER_SECRET_CONST -#define TLS_MD_MASTER_SECRET_CONST "\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74" /*master secret*/ -#endif - -#ifdef __cplusplus -} -#endif -#endif - -- cgit v1.2.3-55-g6feb