From 536c76cbb863bab152f19842ab88772c01e922c7 Mon Sep 17 00:00:00 2001
From: ryker <>
Date: Mon, 5 Oct 1998 20:13:15 +0000
Subject: Import of SSLeay-0.9.0b with RSA and IDEA stubbed + OpenBSD build
functionality for shared libs.
Note that routines such as sslv2_init and friends that use RSA will
not work due to lack of RSA in this library.
Needs documentation and help from ports for easy upgrade to full
functionality where legally possible.
---
src/lib/libcrypto/Attic/Makefile | 133 ++
src/lib/libcrypto/asn1/a_hdr.c | 130 ++
src/lib/libcrypto/asn1/a_meth.c | 84 +
src/lib/libcrypto/asn1/a_utctm.c | 212 +++
src/lib/libcrypto/bf/asm/bf-686.pl | 128 ++
src/lib/libcrypto/bf/asm/readme | 10 +
src/lib/libcrypto/bf/bf_opts.c | 347 ++++
src/lib/libcrypto/bf/bfs.cpp | 67 +
src/lib/libcrypto/bf/bfspeed.c | 293 +++
src/lib/libcrypto/bf/bftest.c | 521 ++++++
src/lib/libcrypto/bio/bss_rtcp.c | 297 ++++
src/lib/libcrypto/bn/asm/README | 30 +
src/lib/libcrypto/bn/asm/alpha.s | 344 ++++
src/lib/libcrypto/bn/asm/pa-risc.s | 710 ++++++++
src/lib/libcrypto/bn/asm/r3000.s | 646 +++++++
src/lib/libcrypto/bn/bnspeed.c | 248 +++
src/lib/libcrypto/bn/bntest.c | 777 ++++++++
src/lib/libcrypto/bn/expspeed.c | 230 +++
src/lib/libcrypto/bn/exptest.c | 148 ++
src/lib/libcrypto/cast/asm/readme | 7 +
src/lib/libcrypto/cast/cast_spd.c | 294 ++++
src/lib/libcrypto/cast/castopts.c | 358 ++++
src/lib/libcrypto/cast/casts.cpp | 70 +
src/lib/libcrypto/cast/casttest.c | 223 +++
src/lib/libcrypto/conf/cnf_save.c | 106 ++
src/lib/libcrypto/conf/test.c | 91 +
src/lib/libcrypto/des/DES.pm | 19 +
src/lib/libcrypto/des/DES.xs | 268 +++
src/lib/libcrypto/des/INSTALL | 69 +
src/lib/libcrypto/des/Imakefile | 35 +
src/lib/libcrypto/des/KERBEROS | 41 +
src/lib/libcrypto/des/README | 54 +
src/lib/libcrypto/des/VERSION | 411 +++++
src/lib/libcrypto/des/asm/des686.pl | 230 +++
src/lib/libcrypto/des/asm/readme | 131 ++
src/lib/libcrypto/des/cbc3_enc.c | 99 ++
src/lib/libcrypto/des/des.c | 964 ++++++++++
src/lib/libcrypto/des/des3s.cpp | 67 +
src/lib/libcrypto/des/des_opts.c | 620 +++++++
src/lib/libcrypto/des/des_ver.h | 60 +
src/lib/libcrypto/des/dess.cpp | 67 +
src/lib/libcrypto/des/destest.c | 882 ++++++++++
src/lib/libcrypto/des/makefile.bc | 50 +
src/lib/libcrypto/des/options.txt | 39 +
src/lib/libcrypto/des/read2pwd.c | 90 +
src/lib/libcrypto/des/read_pwd.c | 459 +++++
src/lib/libcrypto/des/rpc_des.h | 131 ++
src/lib/libcrypto/des/rpc_enc.c | 107 ++
src/lib/libcrypto/des/rpw.c | 101 ++
src/lib/libcrypto/des/speed.c | 329 ++++
src/lib/libcrypto/des/t/test | 27 +
src/lib/libcrypto/des/times/486-50.sol | 16 +
src/lib/libcrypto/des/times/586-100.lnx | 20 +
src/lib/libcrypto/des/times/686-200.fre | 18 +
src/lib/libcrypto/des/times/aix.cc | 26 +
src/lib/libcrypto/des/times/alpha.cc | 18 +
src/lib/libcrypto/des/times/hpux.cc | 17 +
src/lib/libcrypto/des/times/sparc.gcc | 17 +
src/lib/libcrypto/des/times/usparc.cc | 31 +
src/lib/libcrypto/des/typemap | 34 +
src/lib/libcrypto/dh/dh1024.pem | 5 +
src/lib/libcrypto/dh/dh192.pem | 3 +
src/lib/libcrypto/dh/dh2048.pem | 16 +
src/lib/libcrypto/dh/dh4096.pem | 14 +
src/lib/libcrypto/dh/dh512.pem | 4 +
src/lib/libcrypto/dh/dhtest.c | 188 ++
src/lib/libcrypto/dh/example | 50 +
src/lib/libcrypto/dh/generate | 65 +
src/lib/libcrypto/dh/p1024.c | 92 +
src/lib/libcrypto/dh/p192.c | 80 +
src/lib/libcrypto/dh/p512.c | 85 +
src/lib/libcrypto/dsa/README | 4 +
src/lib/libcrypto/dsa/dsagen.c | 112 ++
src/lib/libcrypto/dsa/dsatest.c | 214 +++
src/lib/libcrypto/dsa/fips186a.txt | 122 ++
src/lib/libcrypto/evp/e_dsa.c | 71 +
src/lib/libcrypto/evp/m_md2.c | 82 +
src/lib/libcrypto/evp/m_mdc2.c | 81 +
src/lib/libcrypto/evp/m_sha.c | 82 +
src/lib/libcrypto/hmac/hmactest.c | 147 ++
src/lib/libcrypto/lhash/lh_test.c | 89 +
src/lib/libcrypto/lhash/num.pl | 17 +
src/lib/libcrypto/md2/md2.c | 136 ++
src/lib/libcrypto/md2/md2_dgst.c | 235 +++
src/lib/libcrypto/md2/md2_one.c | 80 +
src/lib/libcrypto/md2/md2test.c | 130 ++
src/lib/libcrypto/md5/md5.c | 135 ++
src/lib/libcrypto/md5/md5s.cpp | 78 +
src/lib/libcrypto/md5/md5test.c | 130 ++
src/lib/libcrypto/mdc2/mdc2.h | 100 ++
src/lib/libcrypto/mem.c | 353 ++++
src/lib/libcrypto/objects/obj_dat.h | 656 +++++++
src/lib/libcrypto/perlasm/x86ms.pl | 348 ++++
src/lib/libcrypto/perlasm/x86unix.pl | 429 +++++
src/lib/libcrypto/pkcs7/doc | 24 +
src/lib/libcrypto/pkcs7/enc.c | 144 ++
src/lib/libcrypto/pkcs7/p7/a1 | 2 +
src/lib/libcrypto/pkcs7/p7/a2 | 1 +
src/lib/libcrypto/pkcs7/p7/cert.p7c | Bin 0 -> 1728 bytes
src/lib/libcrypto/pkcs7/p7/smime.p7m | Bin 0 -> 4894 bytes
src/lib/libcrypto/pkcs7/p7/smime.p7s | Bin 0 -> 2625 bytes
src/lib/libcrypto/pkcs7/pk7_dgst.c | 66 +
src/lib/libcrypto/pkcs7/pk7_enc.c | 76 +
src/lib/libcrypto/pkcs7/server.pem | 24 +
src/lib/libcrypto/pkcs7/sign.c | 140 ++
src/lib/libcrypto/pkcs7/verify.c | 238 +++
src/lib/libcrypto/rand/md_rand.c | 405 +++++
src/lib/libcrypto/rand/randtest.c | 207 +++
src/lib/libcrypto/rc2/rc2speed.c | 293 +++
src/lib/libcrypto/rc2/rc2test.c | 270 +++
src/lib/libcrypto/rc4/rc4.c | 194 ++
src/lib/libcrypto/rc4/rc4s.cpp | 73 +
src/lib/libcrypto/rc4/rc4speed.c | 269 +++
src/lib/libcrypto/rc4/rc4test.c | 195 ++
src/lib/libcrypto/rc4/rrc4.doc | 278 +++
src/lib/libcrypto/rc5/rc5.h | 122 ++
src/lib/libcrypto/ripemd/asm/rips.cpp | 78 +
src/lib/libcrypto/ripemd/rmd160.c | 135 ++
src/lib/libcrypto/ripemd/rmdtest.c | 133 ++
src/lib/libcrypto/sha/asm/README | 1 +
src/lib/libcrypto/sha/sha.c | 135 ++
src/lib/libcrypto/sha/sha1.c | 135 ++
src/lib/libcrypto/sha/sha1s.cpp | 79 +
src/lib/libcrypto/sha/sha1test.c | 155 ++
src/lib/libcrypto/sha/sha_dgst.c | 442 +++++
src/lib/libcrypto/sha/sha_one.c | 77 +
src/lib/libcrypto/sha/shatest.c | 155 ++
src/lib/libcrypto/threads/mttest.c | 1115 ++++++++++++
src/lib/libcrypto/threads/th-lock.c | 399 +++++
src/lib/libcrypto/tmdiff.c | 217 +++
src/lib/libcrypto/util/FreeBSD.sh | 6 +
src/lib/libcrypto/util/add_cr.pl | 123 ++
src/lib/libcrypto/util/bat.sh | 132 ++
src/lib/libcrypto/util/ck_errf.pl | 44 +
src/lib/libcrypto/util/deleof.pl | 7 +
src/lib/libcrypto/util/do_ms.sh | 17 +
src/lib/libcrypto/util/err-ins.pl | 33 +
src/lib/libcrypto/util/files.pl | 61 +
src/lib/libcrypto/util/fixNT.sh | 14 +
src/lib/libcrypto/util/install.sh | 108 ++
src/lib/libcrypto/util/libeay.num | 1065 +++++++++++
src/lib/libcrypto/util/mk1mf.pl | 793 +++++++++
src/lib/libcrypto/util/mkcerts.sh | 220 +++
src/lib/libcrypto/util/mkdef.pl | 292 +++
src/lib/libcrypto/util/perlpath.pl | 30 +
src/lib/libcrypto/util/pl/BC-16.pl | 146 ++
src/lib/libcrypto/util/pl/BC-32.pl | 135 ++
src/lib/libcrypto/util/pl/VC-16.pl | 173 ++
src/lib/libcrypto/util/pl/VC-32.pl | 133 ++
src/lib/libcrypto/util/pl/linux.pl | 96 +
src/lib/libcrypto/util/pl/unix.pl | 83 +
src/lib/libcrypto/util/point.sh | 4 +
src/lib/libcrypto/util/sp-diff.pl | 80 +
src/lib/libcrypto/util/speed.sh | 39 +
src/lib/libcrypto/util/src-dep.pl | 147 ++
src/lib/libcrypto/util/ssleay.num | 156 ++
src/lib/libcrypto/util/tab_num.pl | 17 +
src/lib/libcrypto/util/x86asm.sh | 42 +
src/lib/libssl/src/Configure | 569 ++++++
src/lib/libssl/src/INSTALL | 128 ++
src/lib/libssl/src/PROBLEMS | 50 +
src/lib/libssl/src/README | 173 ++
src/lib/libssl/src/apps/CA.sh | 132 ++
src/lib/libssl/src/apps/apps.c | 320 ++++
src/lib/libssl/src/apps/apps.h | 150 ++
src/lib/libssl/src/apps/asn1pars.c | 238 +++
src/lib/libssl/src/apps/ca-cert.srl | 1 +
src/lib/libssl/src/apps/ca-key.pem | 15 +
src/lib/libssl/src/apps/ca-req.pem | 11 +
src/lib/libssl/src/apps/ca.c | 2056 ++++++++++++++++++++++
src/lib/libssl/src/apps/cert.pem | 11 +
src/lib/libssl/src/apps/ciphers.c | 191 ++
src/lib/libssl/src/apps/client.pem | 24 +
src/lib/libssl/src/apps/crl.c | 335 ++++
src/lib/libssl/src/apps/crl2p7.c | 334 ++++
src/lib/libssl/src/apps/demoCA/cacert.pem | 14 +
src/lib/libssl/src/apps/demoCA/index.txt | 39 +
src/lib/libssl/src/apps/demoCA/private/cakey.pem | 24 +
src/lib/libssl/src/apps/demoCA/serial | 1 +
src/lib/libssl/src/apps/dgst.c | 227 +++
src/lib/libssl/src/apps/dh.c | 312 ++++
src/lib/libssl/src/apps/dh1024.pem | 5 +
src/lib/libssl/src/apps/dsa-ca.pem | 43 +
src/lib/libssl/src/apps/dsa-pca.pem | 49 +
src/lib/libssl/src/apps/dsa.c | 257 +++
src/lib/libssl/src/apps/dsa1024.pem | 9 +
src/lib/libssl/src/apps/dsa512.pem | 6 +
src/lib/libssl/src/apps/dsap.pem | 6 +
src/lib/libssl/src/apps/dsaparam.c | 342 ++++
src/lib/libssl/src/apps/enc.c | 561 ++++++
src/lib/libssl/src/apps/errstr.c | 116 ++
src/lib/libssl/src/apps/gendh.c | 235 +++
src/lib/libssl/src/apps/gendsa.c | 220 +++
src/lib/libssl/src/apps/genrsa.c | 278 +++
src/lib/libssl/src/apps/pca-cert.srl | 1 +
src/lib/libssl/src/apps/pca-key.pem | 15 +
src/lib/libssl/src/apps/pca-req.pem | 11 +
src/lib/libssl/src/apps/pkcs7.c | 315 ++++
src/lib/libssl/src/apps/privkey.pem | 11 +
src/lib/libssl/src/apps/progs.h | 251 +++
src/lib/libssl/src/apps/req.c | 1137 ++++++++++++
src/lib/libssl/src/apps/req.pem | 11 +
src/lib/libssl/src/apps/rsa.c | 303 ++++
src/lib/libssl/src/apps/rsa8192.pem | 101 ++
src/lib/libssl/src/apps/s1024key.pem | 15 +
src/lib/libssl/src/apps/s1024req.pem | 11 +
src/lib/libssl/src/apps/s512-key.pem | 9 +
src/lib/libssl/src/apps/s512-req.pem | 8 +
src/lib/libssl/src/apps/s_apps.h | 119 ++
src/lib/libssl/src/apps/s_cb.c | 242 +++
src/lib/libssl/src/apps/s_client.c | 746 ++++++++
src/lib/libssl/src/apps/s_server.c | 1225 +++++++++++++
src/lib/libssl/src/apps/s_socket.c | 669 +++++++
src/lib/libssl/src/apps/s_time.c | 703 ++++++++
src/lib/libssl/src/apps/server.pem | 369 ++++
src/lib/libssl/src/apps/server.srl | 1 +
src/lib/libssl/src/apps/server2.pem | 376 ++++
src/lib/libssl/src/apps/sess_id.c | 305 ++++
src/lib/libssl/src/apps/set/set-g-ca.pem | 21 +
src/lib/libssl/src/apps/set/set-m-ca.pem | 21 +
src/lib/libssl/src/apps/set/set_b_ca.pem | 23 +
src/lib/libssl/src/apps/set/set_c_ca.pem | 21 +
src/lib/libssl/src/apps/set/set_d_ct.pem | 21 +
src/lib/libssl/src/apps/set/set_root.pem | 21 +
src/lib/libssl/src/apps/speed.c | 1212 +++++++++++++
src/lib/libssl/src/apps/testCA.pem | 8 +
src/lib/libssl/src/apps/testdsa.h | 155 ++
src/lib/libssl/src/apps/testrsa.h | 517 ++++++
src/lib/libssl/src/apps/verify.c | 240 +++
src/lib/libssl/src/apps/version.c | 129 ++
src/lib/libssl/src/apps/x509.c | 1044 +++++++++++
src/lib/libssl/src/bugs/MS | 7 +
src/lib/libssl/src/bugs/SSLv3 | 41 +
src/lib/libssl/src/bugs/VC16.bug | 18 +
src/lib/libssl/src/bugs/alpha.c | 91 +
src/lib/libssl/src/bugs/dggccbug.c | 45 +
src/lib/libssl/src/bugs/sgiccbug.c | 55 +
src/lib/libssl/src/bugs/sslref.dif | 26 +
src/lib/libssl/src/bugs/stream.c | 131 ++
src/lib/libssl/src/certs/thawteCb.pem | 19 +
src/lib/libssl/src/certs/thawteCp.pem | 19 +
src/lib/libssl/src/certs/vsign1.pem | 15 +
src/lib/libssl/src/certs/vsign3.pem | 16 +
src/lib/libssl/src/config | 327 ++++
src/lib/libssl/src/crypto/Makefile | 133 ++
src/lib/libssl/src/crypto/asn1/a_bitstr.c | 204 +++
src/lib/libssl/src/crypto/asn1/a_bool.c | 121 ++
src/lib/libssl/src/crypto/asn1/a_bytes.c | 346 ++++
src/lib/libssl/src/crypto/asn1/a_d2i_fp.c | 201 +++
src/lib/libssl/src/crypto/asn1/a_digest.c | 91 +
src/lib/libssl/src/crypto/asn1/a_dup.c | 86 +
src/lib/libssl/src/crypto/asn1/a_hdr.c | 130 ++
src/lib/libssl/src/crypto/asn1/a_i2d_fp.c | 119 ++
src/lib/libssl/src/crypto/asn1/a_int.c | 305 ++++
src/lib/libssl/src/crypto/asn1/a_meth.c | 84 +
src/lib/libssl/src/crypto/asn1/a_object.c | 389 ++++
src/lib/libssl/src/crypto/asn1/a_octet.c | 90 +
src/lib/libssl/src/crypto/asn1/a_print.c | 161 ++
src/lib/libssl/src/crypto/asn1/a_set.c | 149 ++
src/lib/libssl/src/crypto/asn1/a_sign.c | 147 ++
src/lib/libssl/src/crypto/asn1/a_type.c | 325 ++++
src/lib/libssl/src/crypto/asn1/a_utctm.c | 212 +++
src/lib/libssl/src/crypto/asn1/a_verify.c | 121 ++
src/lib/libssl/src/crypto/asn1/asn1.h | 859 +++++++++
src/lib/libssl/src/crypto/asn1/asn1_err.c | 266 +++
src/lib/libssl/src/crypto/asn1/asn1_lib.c | 444 +++++
src/lib/libssl/src/crypto/asn1/asn1_mac.h | 321 ++++
src/lib/libssl/src/crypto/asn1/asn1_par.c | 393 +++++
src/lib/libssl/src/crypto/asn1/d2i_pr.c | 117 ++
src/lib/libssl/src/crypto/asn1/d2i_pu.c | 117 ++
src/lib/libssl/src/crypto/asn1/evp_asn1.c | 193 ++
src/lib/libssl/src/crypto/asn1/f_int.c | 211 +++
src/lib/libssl/src/crypto/asn1/f_string.c | 210 +++
src/lib/libssl/src/crypto/asn1/i2d_pr.c | 86 +
src/lib/libssl/src/crypto/asn1/i2d_pu.c | 84 +
src/lib/libssl/src/crypto/asn1/n_pkey.c | 365 ++++
src/lib/libssl/src/crypto/asn1/t_pkey.c | 392 +++++
src/lib/libssl/src/crypto/asn1/t_req.c | 226 +++
src/lib/libssl/src/crypto/asn1/t_x509.c | 386 ++++
src/lib/libssl/src/crypto/asn1/x_algor.c | 126 ++
src/lib/libssl/src/crypto/asn1/x_attrib.c | 152 ++
src/lib/libssl/src/crypto/asn1/x_crl.c | 353 ++++
src/lib/libssl/src/crypto/asn1/x_exten.c | 156 ++
src/lib/libssl/src/crypto/asn1/x_info.c | 111 ++
src/lib/libssl/src/crypto/asn1/x_name.c | 295 ++++
src/lib/libssl/src/crypto/asn1/x_pkey.c | 156 ++
src/lib/libssl/src/crypto/asn1/x_pubkey.c | 256 +++
src/lib/libssl/src/crypto/asn1/x_req.c | 247 +++
src/lib/libssl/src/crypto/asn1/x_sig.c | 119 ++
src/lib/libssl/src/crypto/asn1/x_spki.c | 181 ++
src/lib/libssl/src/crypto/asn1/x_val.c | 118 ++
src/lib/libssl/src/crypto/asn1/x_x509.c | 158 ++
src/lib/libssl/src/crypto/bf/COPYRIGHT | 46 +
src/lib/libssl/src/crypto/bf/INSTALL | 14 +
src/lib/libssl/src/crypto/bf/README | 8 +
src/lib/libssl/src/crypto/bf/VERSION | 6 +
src/lib/libssl/src/crypto/bf/asm/bf-586.pl | 136 ++
src/lib/libssl/src/crypto/bf/asm/bf-686.pl | 128 ++
src/lib/libssl/src/crypto/bf/asm/readme | 10 +
src/lib/libssl/src/crypto/bf/bf_cbc.c | 148 ++
src/lib/libssl/src/crypto/bf/bf_cfb64.c | 127 ++
src/lib/libssl/src/crypto/bf/bf_ecb.c | 98 ++
src/lib/libssl/src/crypto/bf/bf_enc.c | 241 +++
src/lib/libssl/src/crypto/bf/bf_ofb64.c | 115 ++
src/lib/libssl/src/crypto/bf/bf_opts.c | 347 ++++
src/lib/libssl/src/crypto/bf/bf_pi.h | 325 ++++
src/lib/libssl/src/crypto/bf/bf_skey.c | 119 ++
src/lib/libssl/src/crypto/bf/bfs.cpp | 67 +
src/lib/libssl/src/crypto/bf/bfspeed.c | 293 +++
src/lib/libssl/src/crypto/bf/bftest.c | 521 ++++++
src/lib/libssl/src/crypto/bf/blowfish.h | 116 ++
src/lib/libssl/src/crypto/bio/b_dump.c | 125 ++
src/lib/libssl/src/crypto/bio/b_print.c | 92 +
src/lib/libssl/src/crypto/bio/b_sock.c | 628 +++++++
src/lib/libssl/src/crypto/bio/bf_buff.c | 512 ++++++
src/lib/libssl/src/crypto/bio/bf_nbio.c | 268 +++
src/lib/libssl/src/crypto/bio/bf_null.c | 196 +++
src/lib/libssl/src/crypto/bio/bio.h | 688 ++++++++
src/lib/libssl/src/crypto/bio/bio_cb.c | 138 ++
src/lib/libssl/src/crypto/bio/bio_err.c | 130 ++
src/lib/libssl/src/crypto/bio/bio_lib.c | 519 ++++++
src/lib/libssl/src/crypto/bio/bss_acpt.c | 500 ++++++
src/lib/libssl/src/crypto/bio/bss_conn.c | 648 +++++++
src/lib/libssl/src/crypto/bio/bss_fd.c | 62 +
src/lib/libssl/src/crypto/bio/bss_file.c | 339 ++++
src/lib/libssl/src/crypto/bio/bss_mem.c | 297 ++++
src/lib/libssl/src/crypto/bio/bss_null.c | 177 ++
src/lib/libssl/src/crypto/bio/bss_rtcp.c | 297 ++++
src/lib/libssl/src/crypto/bio/bss_sock.c | 461 +++++
src/lib/libssl/src/crypto/bn/asm/README | 30 +
src/lib/libssl/src/crypto/bn/asm/alpha.s | 344 ++++
src/lib/libssl/src/crypto/bn/asm/bn-586.pl | 314 ++++
src/lib/libssl/src/crypto/bn/asm/pa-risc.s | 710 ++++++++
src/lib/libssl/src/crypto/bn/asm/pa-risc2.s | 416 +++++
src/lib/libssl/src/crypto/bn/asm/r3000.s | 646 +++++++
src/lib/libssl/src/crypto/bn/bn_add.c | 167 ++
src/lib/libssl/src/crypto/bn/bn_blind.c | 143 ++
src/lib/libssl/src/crypto/bn/bn_div.c | 286 +++
src/lib/libssl/src/crypto/bn/bn_err.c | 111 ++
src/lib/libssl/src/crypto/bn/bn_exp.c | 553 ++++++
src/lib/libssl/src/crypto/bn/bn_gcd.c | 203 +++
src/lib/libssl/src/crypto/bn/bn_lcl.h | 199 +++
src/lib/libssl/src/crypto/bn/bn_lib.c | 611 +++++++
src/lib/libssl/src/crypto/bn/bn_mod.c | 97 +
src/lib/libssl/src/crypto/bn/bn_mont.c | 306 ++++
src/lib/libssl/src/crypto/bn/bn_mpi.c | 134 ++
src/lib/libssl/src/crypto/bn/bn_mul.c | 209 +++
src/lib/libssl/src/crypto/bn/bn_prime.c | 473 +++++
src/lib/libssl/src/crypto/bn/bn_prime.h | 325 ++++
src/lib/libssl/src/crypto/bn/bn_prime.pl | 56 +
src/lib/libssl/src/crypto/bn/bn_print.c | 333 ++++
src/lib/libssl/src/crypto/bn/bn_rand.c | 121 ++
src/lib/libssl/src/crypto/bn/bn_recp.c | 125 ++
src/lib/libssl/src/crypto/bn/bn_shift.c | 210 +++
src/lib/libssl/src/crypto/bn/bn_sqr.c | 122 ++
src/lib/libssl/src/crypto/bn/bn_word.c | 204 +++
src/lib/libssl/src/crypto/bn/bnspeed.c | 248 +++
src/lib/libssl/src/crypto/bn/bntest.c | 777 ++++++++
src/lib/libssl/src/crypto/bn/expspeed.c | 230 +++
src/lib/libssl/src/crypto/bn/exptest.c | 148 ++
src/lib/libssl/src/crypto/buffer/buf_err.c | 87 +
src/lib/libssl/src/crypto/buffer/buffer.c | 145 ++
src/lib/libssl/src/crypto/buffer/buffer.h | 107 ++
src/lib/libssl/src/crypto/cast/asm/cast-586.pl | 167 ++
src/lib/libssl/src/crypto/cast/asm/readme | 7 +
src/lib/libssl/src/crypto/cast/c_cfb64.c | 127 ++
src/lib/libssl/src/crypto/cast/c_ecb.c | 82 +
src/lib/libssl/src/crypto/cast/c_enc.c | 210 +++
src/lib/libssl/src/crypto/cast/c_ofb64.c | 115 ++
src/lib/libssl/src/crypto/cast/c_skey.c | 165 ++
src/lib/libssl/src/crypto/cast/cast.h | 109 ++
src/lib/libssl/src/crypto/cast/cast_lcl.h | 224 +++
src/lib/libssl/src/crypto/cast/cast_s.h | 585 ++++++
src/lib/libssl/src/crypto/cast/cast_spd.c | 294 ++++
src/lib/libssl/src/crypto/cast/castopts.c | 358 ++++
src/lib/libssl/src/crypto/cast/casts.cpp | 70 +
src/lib/libssl/src/crypto/cast/casttest.c | 223 +++
src/lib/libssl/src/crypto/conf/cnf_save.c | 106 ++
src/lib/libssl/src/crypto/conf/conf.h | 114 ++
src/lib/libssl/src/crypto/conf/conf_err.c | 96 +
src/lib/libssl/src/crypto/conf/keysets.pl | 61 +
src/lib/libssl/src/crypto/conf/ssleay.cnf | 78 +
src/lib/libssl/src/crypto/conf/test.c | 91 +
src/lib/libssl/src/crypto/cpt_err.c | 86 +
src/lib/libssl/src/crypto/cryptlib.c | 307 ++++
src/lib/libssl/src/crypto/cryptlib.h | 100 ++
src/lib/libssl/src/crypto/crypto.h | 319 ++++
src/lib/libssl/src/crypto/cversion.c | 99 ++
src/lib/libssl/src/crypto/des/COPYRIGHT | 50 +
src/lib/libssl/src/crypto/des/DES.pm | 19 +
src/lib/libssl/src/crypto/des/DES.xs | 268 +++
src/lib/libssl/src/crypto/des/INSTALL | 69 +
src/lib/libssl/src/crypto/des/Imakefile | 35 +
src/lib/libssl/src/crypto/des/KERBEROS | 41 +
src/lib/libssl/src/crypto/des/README | 54 +
src/lib/libssl/src/crypto/des/VERSION | 411 +++++
src/lib/libssl/src/crypto/des/asm/crypt586.pl | 204 +++
src/lib/libssl/src/crypto/des/asm/des-586.pl | 251 +++
src/lib/libssl/src/crypto/des/asm/des686.pl | 230 +++
src/lib/libssl/src/crypto/des/asm/desboth.pl | 79 +
src/lib/libssl/src/crypto/des/asm/readme | 131 ++
src/lib/libssl/src/crypto/des/cbc3_enc.c | 99 ++
src/lib/libssl/src/crypto/des/cbc_cksm.c | 103 ++
src/lib/libssl/src/crypto/des/cbc_enc.c | 135 ++
src/lib/libssl/src/crypto/des/cfb64ede.c | 151 ++
src/lib/libssl/src/crypto/des/cfb64enc.c | 128 ++
src/lib/libssl/src/crypto/des/cfb_enc.c | 171 ++
src/lib/libssl/src/crypto/des/des.c | 964 ++++++++++
src/lib/libssl/src/crypto/des/des3s.cpp | 67 +
src/lib/libssl/src/crypto/des/des_enc.c | 502 ++++++
src/lib/libssl/src/crypto/des/des_opts.c | 620 +++++++
src/lib/libssl/src/crypto/des/des_ver.h | 60 +
src/lib/libssl/src/crypto/des/dess.cpp | 67 +
src/lib/libssl/src/crypto/des/destest.c | 882 ++++++++++
src/lib/libssl/src/crypto/des/ecb3_enc.c | 87 +
src/lib/libssl/src/crypto/des/ecb_enc.c | 124 ++
src/lib/libssl/src/crypto/des/enc_read.c | 218 +++
src/lib/libssl/src/crypto/des/enc_writ.c | 160 ++
src/lib/libssl/src/crypto/des/fcrypt.c | 153 ++
src/lib/libssl/src/crypto/des/fcrypt_b.c | 148 ++
src/lib/libssl/src/crypto/des/makefile.bc | 50 +
src/lib/libssl/src/crypto/des/ncbc_enc.c | 130 ++
src/lib/libssl/src/crypto/des/ofb64ede.c | 131 ++
src/lib/libssl/src/crypto/des/ofb64enc.c | 114 ++
src/lib/libssl/src/crypto/des/ofb_enc.c | 139 ++
src/lib/libssl/src/crypto/des/options.txt | 39 +
src/lib/libssl/src/crypto/des/pcbc_enc.c | 126 ++
src/lib/libssl/src/crypto/des/qud_cksm.c | 144 ++
src/lib/libssl/src/crypto/des/rand_key.c | 118 ++
src/lib/libssl/src/crypto/des/read2pwd.c | 90 +
src/lib/libssl/src/crypto/des/read_pwd.c | 459 +++++
src/lib/libssl/src/crypto/des/rpc_des.h | 131 ++
src/lib/libssl/src/crypto/des/rpc_enc.c | 107 ++
src/lib/libssl/src/crypto/des/rpw.c | 101 ++
src/lib/libssl/src/crypto/des/set_key.c | 246 +++
src/lib/libssl/src/crypto/des/speed.c | 329 ++++
src/lib/libssl/src/crypto/des/spr.h | 204 +++
src/lib/libssl/src/crypto/des/str2key.c | 171 ++
src/lib/libssl/src/crypto/des/t/test | 27 +
src/lib/libssl/src/crypto/des/times/486-50.sol | 16 +
src/lib/libssl/src/crypto/des/times/586-100.lnx | 20 +
src/lib/libssl/src/crypto/des/times/686-200.fre | 18 +
src/lib/libssl/src/crypto/des/times/aix.cc | 26 +
src/lib/libssl/src/crypto/des/times/alpha.cc | 18 +
src/lib/libssl/src/crypto/des/times/hpux.cc | 17 +
src/lib/libssl/src/crypto/des/times/sparc.gcc | 17 +
src/lib/libssl/src/crypto/des/times/usparc.cc | 31 +
src/lib/libssl/src/crypto/des/typemap | 34 +
src/lib/libssl/src/crypto/des/xcbc_enc.c | 206 +++
src/lib/libssl/src/crypto/dh/dh.h | 162 ++
src/lib/libssl/src/crypto/dh/dh1024.pem | 5 +
src/lib/libssl/src/crypto/dh/dh192.pem | 3 +
src/lib/libssl/src/crypto/dh/dh2048.pem | 16 +
src/lib/libssl/src/crypto/dh/dh4096.pem | 14 +
src/lib/libssl/src/crypto/dh/dh512.pem | 4 +
src/lib/libssl/src/crypto/dh/dh_check.c | 120 ++
src/lib/libssl/src/crypto/dh/dh_err.c | 96 +
src/lib/libssl/src/crypto/dh/dh_gen.c | 150 ++
src/lib/libssl/src/crypto/dh/dh_key.c | 142 ++
src/lib/libssl/src/crypto/dh/dh_lib.c | 100 ++
src/lib/libssl/src/crypto/dh/dhtest.c | 188 ++
src/lib/libssl/src/crypto/dh/example | 50 +
src/lib/libssl/src/crypto/dh/generate | 65 +
src/lib/libssl/src/crypto/dh/p1024.c | 92 +
src/lib/libssl/src/crypto/dh/p192.c | 80 +
src/lib/libssl/src/crypto/dh/p512.c | 85 +
src/lib/libssl/src/crypto/dsa/README | 4 +
src/lib/libssl/src/crypto/dsa/dsa.h | 194 ++
src/lib/libssl/src/crypto/dsa/dsa_err.c | 99 ++
src/lib/libssl/src/crypto/dsa/dsa_gen.c | 328 ++++
src/lib/libssl/src/crypto/dsa/dsa_key.c | 112 ++
src/lib/libssl/src/crypto/dsa/dsa_lib.c | 145 ++
src/lib/libssl/src/crypto/dsa/dsa_sign.c | 215 +++
src/lib/libssl/src/crypto/dsa/dsa_vrf.c | 152 ++
src/lib/libssl/src/crypto/dsa/dsagen.c | 112 ++
src/lib/libssl/src/crypto/dsa/dsatest.c | 214 +++
src/lib/libssl/src/crypto/dsa/fips186a.txt | 122 ++
src/lib/libssl/src/crypto/err/err.c | 642 +++++++
src/lib/libssl/src/crypto/err/err.h | 287 +++
src/lib/libssl/src/crypto/err/err_all.c | 116 ++
src/lib/libssl/src/crypto/err/err_prn.c | 107 ++
src/lib/libssl/src/crypto/evp/bio_b64.c | 547 ++++++
src/lib/libssl/src/crypto/evp/bio_enc.c | 423 +++++
src/lib/libssl/src/crypto/evp/bio_md.c | 270 +++
src/lib/libssl/src/crypto/evp/c_all.c | 190 ++
src/lib/libssl/src/crypto/evp/digest.c | 89 +
src/lib/libssl/src/crypto/evp/e_dsa.c | 71 +
src/lib/libssl/src/crypto/evp/e_null.c | 109 ++
src/lib/libssl/src/crypto/evp/e_rc4.c | 127 ++
src/lib/libssl/src/crypto/evp/e_xcbc_d.c | 122 ++
src/lib/libssl/src/crypto/evp/encode.c | 438 +++++
src/lib/libssl/src/crypto/evp/evp.h | 793 +++++++++
src/lib/libssl/src/crypto/evp/evp_enc.c | 303 ++++
src/lib/libssl/src/crypto/evp/evp_err.c | 108 ++
src/lib/libssl/src/crypto/evp/evp_key.c | 167 ++
src/lib/libssl/src/crypto/evp/evp_lib.c | 117 ++
src/lib/libssl/src/crypto/evp/m_dss.c | 82 +
src/lib/libssl/src/crypto/evp/m_dss1.c | 81 +
src/lib/libssl/src/crypto/evp/m_md2.c | 82 +
src/lib/libssl/src/crypto/evp/m_md5.c | 81 +
src/lib/libssl/src/crypto/evp/m_mdc2.c | 81 +
src/lib/libssl/src/crypto/evp/m_null.c | 88 +
src/lib/libssl/src/crypto/evp/m_ripemd.c | 81 +
src/lib/libssl/src/crypto/evp/m_sha.c | 82 +
src/lib/libssl/src/crypto/evp/m_sha1.c | 81 +
src/lib/libssl/src/crypto/evp/names.c | 285 +++
src/lib/libssl/src/crypto/evp/p_dec.c | 84 +
src/lib/libssl/src/crypto/evp/p_enc.c | 83 +
src/lib/libssl/src/crypto/evp/p_lib.c | 294 ++++
src/lib/libssl/src/crypto/evp/p_open.c | 119 ++
src/lib/libssl/src/crypto/evp/p_seal.c | 115 ++
src/lib/libssl/src/crypto/evp/p_sign.c | 119 ++
src/lib/libssl/src/crypto/evp/p_verify.c | 102 ++
src/lib/libssl/src/crypto/ex_data.c | 236 +++
src/lib/libssl/src/crypto/hmac/hmac.c | 165 ++
src/lib/libssl/src/crypto/hmac/hmac.h | 106 ++
src/lib/libssl/src/crypto/hmac/hmactest.c | 147 ++
src/lib/libssl/src/crypto/lhash/lh_stats.c | 289 +++
src/lib/libssl/src/crypto/lhash/lh_test.c | 89 +
src/lib/libssl/src/crypto/lhash/lhash.c | 489 +++++
src/lib/libssl/src/crypto/lhash/lhash.h | 155 ++
src/lib/libssl/src/crypto/lhash/num.pl | 17 +
src/lib/libssl/src/crypto/md2/md2.c | 136 ++
src/lib/libssl/src/crypto/md2/md2_dgst.c | 235 +++
src/lib/libssl/src/crypto/md2/md2_one.c | 80 +
src/lib/libssl/src/crypto/md2/md2test.c | 130 ++
src/lib/libssl/src/crypto/md5/asm/md5-586.pl | 304 ++++
src/lib/libssl/src/crypto/md5/md5.c | 135 ++
src/lib/libssl/src/crypto/md5/md5.h | 99 ++
src/lib/libssl/src/crypto/md5/md5_dgst.c | 440 +++++
src/lib/libssl/src/crypto/md5/md5_locl.h | 195 ++
src/lib/libssl/src/crypto/md5/md5_one.c | 77 +
src/lib/libssl/src/crypto/md5/md5s.cpp | 78 +
src/lib/libssl/src/crypto/md5/md5test.c | 130 ++
src/lib/libssl/src/crypto/mdc2/mdc2.h | 100 ++
src/lib/libssl/src/crypto/mem.c | 353 ++++
src/lib/libssl/src/crypto/objects/obj_dat.c | 578 ++++++
src/lib/libssl/src/crypto/objects/obj_dat.h | 656 +++++++
src/lib/libssl/src/crypto/objects/obj_dat.pl | 269 +++
src/lib/libssl/src/crypto/objects/obj_err.c | 96 +
src/lib/libssl/src/crypto/objects/obj_lib.c | 126 ++
src/lib/libssl/src/crypto/objects/objects.h | 724 ++++++++
src/lib/libssl/src/crypto/objects/objects.txt | 40 +
src/lib/libssl/src/crypto/pem/message | 16 +
src/lib/libssl/src/crypto/pem/pem.h | 562 ++++++
src/lib/libssl/src/crypto/pem/pem_all.c | 488 +++++
src/lib/libssl/src/crypto/pem/pem_err.c | 122 ++
src/lib/libssl/src/crypto/pem/pem_info.c | 365 ++++
src/lib/libssl/src/crypto/pem/pem_lib.c | 762 ++++++++
src/lib/libssl/src/crypto/pem/pem_seal.c | 191 ++
src/lib/libssl/src/crypto/pem/pem_sign.c | 109 ++
src/lib/libssl/src/crypto/pem/pkcs7.lis | 22 +
src/lib/libssl/src/crypto/perlasm/cbc.pl | 342 ++++
src/lib/libssl/src/crypto/perlasm/readme | 124 ++
src/lib/libssl/src/crypto/perlasm/x86asm.pl | 113 ++
src/lib/libssl/src/crypto/perlasm/x86ms.pl | 348 ++++
src/lib/libssl/src/crypto/perlasm/x86unix.pl | 429 +++++
src/lib/libssl/src/crypto/pkcs7/doc | 24 +
src/lib/libssl/src/crypto/pkcs7/enc.c | 144 ++
src/lib/libssl/src/crypto/pkcs7/p7/a1 | 2 +
src/lib/libssl/src/crypto/pkcs7/p7/a2 | 1 +
src/lib/libssl/src/crypto/pkcs7/p7/cert.p7c | Bin 0 -> 1728 bytes
src/lib/libssl/src/crypto/pkcs7/p7/smime.p7m | Bin 0 -> 4894 bytes
src/lib/libssl/src/crypto/pkcs7/p7/smime.p7s | Bin 0 -> 2625 bytes
src/lib/libssl/src/crypto/pkcs7/pk7_dgst.c | 66 +
src/lib/libssl/src/crypto/pkcs7/pk7_doit.c | 408 +++++
src/lib/libssl/src/crypto/pkcs7/pk7_enc.c | 76 +
src/lib/libssl/src/crypto/pkcs7/pk7_lib.c | 449 +++++
src/lib/libssl/src/crypto/pkcs7/pkcs7.h | 449 +++++
src/lib/libssl/src/crypto/pkcs7/pkcs7err.c | 110 ++
src/lib/libssl/src/crypto/pkcs7/server.pem | 24 +
src/lib/libssl/src/crypto/pkcs7/sign.c | 140 ++
src/lib/libssl/src/crypto/pkcs7/verify.c | 238 +++
src/lib/libssl/src/crypto/rand/md_rand.c | 405 +++++
src/lib/libssl/src/crypto/rand/rand.h | 92 +
src/lib/libssl/src/crypto/rand/randfile.c | 166 ++
src/lib/libssl/src/crypto/rand/randtest.c | 207 +++
src/lib/libssl/src/crypto/rc2/rc2_cbc.c | 235 +++
src/lib/libssl/src/crypto/rc2/rc2_ecb.c | 90 +
src/lib/libssl/src/crypto/rc2/rc2_locl.h | 156 ++
src/lib/libssl/src/crypto/rc2/rc2_skey.c | 142 ++
src/lib/libssl/src/crypto/rc2/rc2cfb64.c | 127 ++
src/lib/libssl/src/crypto/rc2/rc2ofb64.c | 115 ++
src/lib/libssl/src/crypto/rc2/rc2speed.c | 293 +++
src/lib/libssl/src/crypto/rc2/rc2test.c | 270 +++
src/lib/libssl/src/crypto/rc2/rrc2.doc | 219 +++
src/lib/libssl/src/crypto/rc2/version | 22 +
src/lib/libssl/src/crypto/rc4/asm/rc4-586.pl | 173 ++
src/lib/libssl/src/crypto/rc4/rc4.c | 194 ++
src/lib/libssl/src/crypto/rc4/rc4_enc.c | 135 ++
src/lib/libssl/src/crypto/rc4/rc4_skey.c | 119 ++
src/lib/libssl/src/crypto/rc4/rc4s.cpp | 73 +
src/lib/libssl/src/crypto/rc4/rc4speed.c | 269 +++
src/lib/libssl/src/crypto/rc4/rc4test.c | 195 ++
src/lib/libssl/src/crypto/rc4/rrc4.doc | 278 +++
src/lib/libssl/src/crypto/rc5/rc5.h | 122 ++
src/lib/libssl/src/crypto/ripemd/README | 15 +
src/lib/libssl/src/crypto/ripemd/asm/rips.cpp | 78 +
src/lib/libssl/src/crypto/ripemd/asm/rmd-586.pl | 582 ++++++
src/lib/libssl/src/crypto/ripemd/ripemd.h | 99 ++
src/lib/libssl/src/crypto/ripemd/rmd160.c | 135 ++
src/lib/libssl/src/crypto/ripemd/rmd_dgst.c | 535 ++++++
src/lib/libssl/src/crypto/ripemd/rmd_locl.h | 226 +++
src/lib/libssl/src/crypto/ripemd/rmd_one.c | 77 +
src/lib/libssl/src/crypto/ripemd/rmdconst.h | 399 +++++
src/lib/libssl/src/crypto/ripemd/rmdtest.c | 133 ++
src/lib/libssl/src/crypto/rsa/rsa.h | 324 ++++
src/lib/libssl/src/crypto/rsa/rsa_eay.c | 274 +++
src/lib/libssl/src/crypto/rsa/rsa_err.c | 129 ++
src/lib/libssl/src/crypto/rsa/rsa_gen.c | 101 ++
src/lib/libssl/src/crypto/rsa/rsa_lib.c | 294 ++++
src/lib/libssl/src/crypto/rsa/rsa_none.c | 109 ++
src/lib/libssl/src/crypto/rsa/rsa_pk1.c | 233 +++
src/lib/libssl/src/crypto/rsa/rsa_saos.c | 153 ++
src/lib/libssl/src/crypto/rsa/rsa_sign.c | 196 +++
src/lib/libssl/src/crypto/rsa/rsa_ssl.c | 153 ++
src/lib/libssl/src/crypto/sha/asm/README | 1 +
src/lib/libssl/src/crypto/sha/asm/sha1-586.pl | 491 ++++++
src/lib/libssl/src/crypto/sha/sha.c | 135 ++
src/lib/libssl/src/crypto/sha/sha.h | 109 ++
src/lib/libssl/src/crypto/sha/sha1.c | 135 ++
src/lib/libssl/src/crypto/sha/sha1_one.c | 77 +
src/lib/libssl/src/crypto/sha/sha1dgst.c | 468 +++++
src/lib/libssl/src/crypto/sha/sha1s.cpp | 79 +
src/lib/libssl/src/crypto/sha/sha1test.c | 155 ++
src/lib/libssl/src/crypto/sha/sha_dgst.c | 442 +++++
src/lib/libssl/src/crypto/sha/sha_locl.h | 246 +++
src/lib/libssl/src/crypto/sha/sha_one.c | 77 +
src/lib/libssl/src/crypto/sha/shatest.c | 155 ++
src/lib/libssl/src/crypto/stack/stack.c | 307 ++++
src/lib/libssl/src/crypto/stack/stack.h | 120 ++
src/lib/libssl/src/crypto/threads/mttest.c | 1115 ++++++++++++
src/lib/libssl/src/crypto/threads/th-lock.c | 399 +++++
src/lib/libssl/src/crypto/tmdiff.c | 217 +++
src/lib/libssl/src/crypto/txt_db/txt_db.c | 394 +++++
src/lib/libssl/src/crypto/txt_db/txt_db.h | 117 ++
src/lib/libssl/src/crypto/x509/by_dir.c | 359 ++++
src/lib/libssl/src/crypto/x509/by_file.c | 282 +++
src/lib/libssl/src/crypto/x509/x509.h | 1152 ++++++++++++
src/lib/libssl/src/crypto/x509/x509_cmp.c | 257 +++
src/lib/libssl/src/crypto/x509/x509_d2.c | 110 ++
src/lib/libssl/src/crypto/x509/x509_def.c | 83 +
src/lib/libssl/src/crypto/x509/x509_err.c | 130 ++
src/lib/libssl/src/crypto/x509/x509_ext.c | 222 +++
src/lib/libssl/src/crypto/x509/x509_lu.c | 446 +++++
src/lib/libssl/src/crypto/x509/x509_obj.c | 179 ++
src/lib/libssl/src/crypto/x509/x509_r2x.c | 122 ++
src/lib/libssl/src/crypto/x509/x509_req.c | 116 ++
src/lib/libssl/src/crypto/x509/x509_set.c | 164 ++
src/lib/libssl/src/crypto/x509/x509_txt.c | 132 ++
src/lib/libssl/src/crypto/x509/x509_v3.c | 409 +++++
src/lib/libssl/src/crypto/x509/x509_vfy.c | 704 ++++++++
src/lib/libssl/src/crypto/x509/x509_vfy.h | 378 ++++
src/lib/libssl/src/crypto/x509/x509name.c | 358 ++++
src/lib/libssl/src/crypto/x509/x509rset.c | 89 +
src/lib/libssl/src/crypto/x509/x509type.c | 115 ++
src/lib/libssl/src/crypto/x509/x_all.c | 465 +++++
src/lib/libssl/src/crypto/x509v3/x509v3.h | 87 +
src/lib/libssl/src/demos/README | 3 +
src/lib/libssl/src/demos/b64.c | 270 +++
src/lib/libssl/src/demos/b64.pl | 20 +
src/lib/libssl/src/demos/bio/README | 3 +
src/lib/libssl/src/demos/bio/saccept.c | 107 ++
src/lib/libssl/src/demos/bio/sconnect.c | 115 ++
src/lib/libssl/src/demos/bio/server.pem | 30 +
src/lib/libssl/src/demos/maurice/Makefile | 23 +
src/lib/libssl/src/demos/maurice/README | 34 +
src/lib/libssl/src/demos/maurice/cert.pem | 77 +
src/lib/libssl/src/demos/maurice/example1.c | 200 +++
src/lib/libssl/src/demos/maurice/example2.c | 77 +
src/lib/libssl/src/demos/maurice/example3.c | 86 +
src/lib/libssl/src/demos/maurice/example4.c | 122 ++
src/lib/libssl/src/demos/maurice/loadkeys.c | 77 +
src/lib/libssl/src/demos/maurice/loadkeys.h | 19 +
src/lib/libssl/src/demos/maurice/privkey.pem | 27 +
src/lib/libssl/src/demos/prime/prime.c | 100 ++
src/lib/libssl/src/demos/privkey.pem | 9 +
src/lib/libssl/src/demos/selfsign.c | 168 ++
src/lib/libssl/src/demos/sign/cert.pem | 14 +
src/lib/libssl/src/demos/sign/key.pem | 9 +
src/lib/libssl/src/demos/sign/sig.txt | 158 ++
src/lib/libssl/src/demos/sign/sign.c | 137 ++
src/lib/libssl/src/demos/sign/sign.txt | 170 ++
src/lib/libssl/src/demos/spkigen.c | 160 ++
src/lib/libssl/src/demos/ssl/cli.cpp | 102 ++
src/lib/libssl/src/demos/ssl/inetdsrv.cpp | 98 ++
src/lib/libssl/src/demos/ssl/serv.cpp | 126 ++
src/lib/libssl/src/e_os.h | 322 ++++
src/lib/libssl/src/makevms.com | 65 +
src/lib/libssl/src/ms/.rnd | Bin 0 -> 1019 bytes
src/lib/libssl/src/ms/16all.bat | 12 +
src/lib/libssl/src/ms/32all.bat | 12 +
src/lib/libssl/src/ms/README | 18 +
src/lib/libssl/src/ms/certCA.srl | 1 +
src/lib/libssl/src/ms/certCA.ss | 10 +
src/lib/libssl/src/ms/certU.ss | 10 +
src/lib/libssl/src/ms/cmp.pl | 47 +
src/lib/libssl/src/ms/do_ms.bat | 11 +
src/lib/libssl/src/ms/keyCA.ss | 9 +
src/lib/libssl/src/ms/keyU.ss | 9 +
src/lib/libssl/src/ms/req2CA.ss | 29 +
src/lib/libssl/src/ms/reqCA.ss | 8 +
src/lib/libssl/src/ms/reqU.ss | 8 +
src/lib/libssl/src/ms/speed16.bat | 38 +
src/lib/libssl/src/ms/speed32.bat | 37 +
src/lib/libssl/src/ms/tenc.bat | 14 +
src/lib/libssl/src/ms/test.bat | 134 ++
src/lib/libssl/src/ms/testenc.bat | 93 +
src/lib/libssl/src/ms/testpem.bat | 36 +
src/lib/libssl/src/ms/testss.bat | 98 ++
src/lib/libssl/src/ms/tpem.bat | 6 +
src/lib/libssl/src/shlib/README | 1 +
src/lib/libssl/src/shlib/irix.sh | 7 +
src/lib/libssl/src/shlib/solaris.sh | 36 +
src/lib/libssl/src/shlib/sun.sh | 8 +
src/lib/libssl/src/shlib/win32.bat | 18 +
src/lib/libssl/src/shlib/win32dll.bat | 13 +
src/lib/libssl/src/ssl/bio_ssl.c | 585 ++++++
src/lib/libssl/src/ssl/s23_clnt.c | 466 +++++
src/lib/libssl/src/ssl/s23_lib.c | 233 +++
src/lib/libssl/src/ssl/s23_meth.c | 92 +
src/lib/libssl/src/ssl/s23_pkt.c | 120 ++
src/lib/libssl/src/ssl/s23_srvr.c | 499 ++++++
src/lib/libssl/src/ssl/s2_clnt.c | 983 +++++++++++
src/lib/libssl/src/ssl/s2_enc.c | 187 ++
src/lib/libssl/src/ssl/s2_lib.c | 444 +++++
src/lib/libssl/src/ssl/s2_meth.c | 88 +
src/lib/libssl/src/ssl/s2_pkt.c | 651 +++++++
src/lib/libssl/src/ssl/s2_srvr.c | 964 ++++++++++
src/lib/libssl/src/ssl/s3_both.c | 469 +++++
src/lib/libssl/src/ssl/s3_clnt.c | 1678 ++++++++++++++++++
src/lib/libssl/src/ssl/s3_enc.c | 573 ++++++
src/lib/libssl/src/ssl/s3_lib.c | 961 ++++++++++
src/lib/libssl/src/ssl/s3_meth.c | 88 +
src/lib/libssl/src/ssl/s3_pkt.c | 1061 +++++++++++
src/lib/libssl/src/ssl/s3_srvr.c | 1675 ++++++++++++++++++
src/lib/libssl/src/ssl/ssl.h | 1453 +++++++++++++++
src/lib/libssl/src/ssl/ssl2.h | 265 +++
src/lib/libssl/src/ssl/ssl23.h | 83 +
src/lib/libssl/src/ssl/ssl3.h | 455 +++++
src/lib/libssl/src/ssl/ssl_algs.c | 102 ++
src/lib/libssl/src/ssl/ssl_asn1.c | 313 ++++
src/lib/libssl/src/ssl/ssl_cert.c | 329 ++++
src/lib/libssl/src/ssl/ssl_ciph.c | 758 ++++++++
src/lib/libssl/src/ssl/ssl_err.c | 374 ++++
src/lib/libssl/src/ssl/ssl_err2.c | 70 +
src/lib/libssl/src/ssl/ssl_lib.c | 1721 ++++++++++++++++++
src/lib/libssl/src/ssl/ssl_locl.h | 558 ++++++
src/lib/libssl/src/ssl/ssl_rsa.c | 831 +++++++++
src/lib/libssl/src/ssl/ssl_sess.c | 582 ++++++
src/lib/libssl/src/ssl/ssl_stat.c | 458 +++++
src/lib/libssl/src/ssl/ssl_task.c | 359 ++++
src/lib/libssl/src/ssl/ssl_txt.c | 152 ++
src/lib/libssl/src/ssl/ssltest.c | 751 ++++++++
src/lib/libssl/src/ssl/t1_clnt.c | 90 +
src/lib/libssl/src/ssl/t1_enc.c | 635 +++++++
src/lib/libssl/src/ssl/t1_lib.c | 151 ++
src/lib/libssl/src/ssl/t1_meth.c | 88 +
src/lib/libssl/src/ssl/t1_srvr.c | 91 +
src/lib/libssl/src/ssl/tls1.h | 115 ++
src/lib/libssl/src/test/CAss.cnf | 25 +
src/lib/libssl/src/test/CAssdh.cnf | 24 +
src/lib/libssl/src/test/CAssdsa.cnf | 23 +
src/lib/libssl/src/test/CAssrsa.cnf | 24 +
src/lib/libssl/src/test/Sssdsa.cnf | 27 +
src/lib/libssl/src/test/Sssrsa.cnf | 26 +
src/lib/libssl/src/test/Uss.cnf | 28 +
src/lib/libssl/src/test/methtest.c | 105 ++
src/lib/libssl/src/test/pkcs7-1.pem | 15 +
src/lib/libssl/src/test/pkcs7.pem | 54 +
src/lib/libssl/src/test/r160test.c | 57 +
src/lib/libssl/src/test/tcrl | 81 +
src/lib/libssl/src/test/test.cnf | 88 +
src/lib/libssl/src/test/testca | 44 +
src/lib/libssl/src/test/testcrl.pem | 16 +
src/lib/libssl/src/test/testenc | 62 +
src/lib/libssl/src/test/testgen | 30 +
src/lib/libssl/src/test/testp7.pem | 46 +
src/lib/libssl/src/test/testreq2.pem | 7 +
src/lib/libssl/src/test/testrsa.pem | 9 +
src/lib/libssl/src/test/testsid.pem | 12 +
src/lib/libssl/src/test/testss | 89 +
src/lib/libssl/src/test/testssl | 40 +
src/lib/libssl/src/test/testx509.pem | 10 +
src/lib/libssl/src/test/times | 113 ++
src/lib/libssl/src/test/tpkcs7 | 51 +
src/lib/libssl/src/test/tpkcs7d | 44 +
src/lib/libssl/src/test/treq | 81 +
src/lib/libssl/src/test/trsa | 81 +
src/lib/libssl/src/test/tsid | 81 +
src/lib/libssl/src/test/tx509 | 81 +
src/lib/libssl/src/test/v3-cert1.pem | 16 +
src/lib/libssl/src/test/v3-cert2.pem | 16 +
src/lib/libssl/src/times/090/586-100.nt | 32 +
src/lib/libssl/src/times/100.lnx | 32 +
src/lib/libssl/src/times/100.nt | 29 +
src/lib/libssl/src/times/200.lnx | 30 +
src/lib/libssl/src/times/486-66.dos | 22 +
src/lib/libssl/src/times/486-66.nt | 22 +
src/lib/libssl/src/times/486-66.w31 | 23 +
src/lib/libssl/src/times/5.lnx | 29 +
src/lib/libssl/src/times/586-085i.nt | 29 +
src/lib/libssl/src/times/586-100.LN3 | 26 +
src/lib/libssl/src/times/586-100.NT2 | 26 +
src/lib/libssl/src/times/586-100.dos | 24 +
src/lib/libssl/src/times/586-100.ln4 | 26 +
src/lib/libssl/src/times/586-100.lnx | 23 +
src/lib/libssl/src/times/586-100.nt | 23 +
src/lib/libssl/src/times/586-100.ntx | 30 +
src/lib/libssl/src/times/586-100.w31 | 27 +
src/lib/libssl/src/times/586-1002.lnx | 26 +
src/lib/libssl/src/times/586p-100.lnx | 26 +
src/lib/libssl/src/times/686-200.bsd | 25 +
src/lib/libssl/src/times/686-200.lnx | 26 +
src/lib/libssl/src/times/686-200.nt | 24 +
src/lib/libssl/src/times/L1 | 27 +
src/lib/libssl/src/times/R10000.t | 24 +
src/lib/libssl/src/times/R4400.t | 26 +
src/lib/libssl/src/times/aix.t | 34 +
src/lib/libssl/src/times/aixold.t | 23 +
src/lib/libssl/src/times/alpha.t | 81 +
src/lib/libssl/src/times/alpha400.t | 25 +
src/lib/libssl/src/times/cyrix100.lnx | 22 +
src/lib/libssl/src/times/dgux-x86.t | 23 +
src/lib/libssl/src/times/dgux.t | 17 +
src/lib/libssl/src/times/hpux-acc.t | 25 +
src/lib/libssl/src/times/hpux-kr.t | 23 +
src/lib/libssl/src/times/hpux.t | 86 +
src/lib/libssl/src/times/p2.w95 | 22 +
src/lib/libssl/src/times/pent2.t | 24 +
src/lib/libssl/src/times/readme | 11 +
src/lib/libssl/src/times/s586-100.lnx | 25 +
src/lib/libssl/src/times/s586-100.nt | 23 +
src/lib/libssl/src/times/sgi.t | 29 +
src/lib/libssl/src/times/sparc.t | 26 +
src/lib/libssl/src/times/sparc2 | 21 +
src/lib/libssl/src/times/sparcLX.t | 22 +
src/lib/libssl/src/times/usparc.t | 25 +
src/lib/libssl/src/times/x86/bfs.cpp | 67 +
src/lib/libssl/src/times/x86/casts.cpp | 67 +
src/lib/libssl/src/times/x86/des3s.cpp | 67 +
src/lib/libssl/src/times/x86/dess.cpp | 67 +
src/lib/libssl/src/times/x86/md5s.cpp | 78 +
src/lib/libssl/src/times/x86/rc4s.cpp | 73 +
src/lib/libssl/src/times/x86/sha1s.cpp | 79 +
src/lib/libssl/src/tools/c_hash | 9 +
src/lib/libssl/src/tools/c_info | 12 +
src/lib/libssl/src/tools/c_issuer | 10 +
src/lib/libssl/src/tools/c_name | 10 +
src/lib/libssl/src/tools/c_rehash | 47 +
src/lib/libssl/src/util/FreeBSD.sh | 6 +
src/lib/libssl/src/util/add_cr.pl | 123 ++
src/lib/libssl/src/util/bat.sh | 132 ++
src/lib/libssl/src/util/ck_errf.pl | 44 +
src/lib/libssl/src/util/deleof.pl | 7 +
src/lib/libssl/src/util/do_ms.sh | 17 +
src/lib/libssl/src/util/err-ins.pl | 33 +
src/lib/libssl/src/util/files.pl | 61 +
src/lib/libssl/src/util/fixNT.sh | 14 +
src/lib/libssl/src/util/install.sh | 108 ++
src/lib/libssl/src/util/libeay.num | 1065 +++++++++++
src/lib/libssl/src/util/mk1mf.pl | 793 +++++++++
src/lib/libssl/src/util/mkcerts.sh | 220 +++
src/lib/libssl/src/util/mkdef.pl | 292 +++
src/lib/libssl/src/util/perlpath.pl | 30 +
src/lib/libssl/src/util/pl/BC-16.pl | 146 ++
src/lib/libssl/src/util/pl/BC-32.pl | 135 ++
src/lib/libssl/src/util/pl/VC-16.pl | 173 ++
src/lib/libssl/src/util/pl/VC-32.pl | 133 ++
src/lib/libssl/src/util/pl/linux.pl | 96 +
src/lib/libssl/src/util/pl/unix.pl | 83 +
src/lib/libssl/src/util/point.sh | 4 +
src/lib/libssl/src/util/sp-diff.pl | 80 +
src/lib/libssl/src/util/speed.sh | 39 +
src/lib/libssl/src/util/src-dep.pl | 147 ++
src/lib/libssl/src/util/ssleay.num | 156 ++
src/lib/libssl/src/util/tab_num.pl | 17 +
src/lib/libssl/src/util/x86asm.sh | 42 +
878 files changed, 164970 insertions(+)
create mode 100644 src/lib/libcrypto/Attic/Makefile
create mode 100644 src/lib/libcrypto/asn1/a_hdr.c
create mode 100644 src/lib/libcrypto/asn1/a_meth.c
create mode 100644 src/lib/libcrypto/asn1/a_utctm.c
create mode 100644 src/lib/libcrypto/bf/asm/bf-686.pl
create mode 100644 src/lib/libcrypto/bf/asm/readme
create mode 100644 src/lib/libcrypto/bf/bf_opts.c
create mode 100644 src/lib/libcrypto/bf/bfs.cpp
create mode 100644 src/lib/libcrypto/bf/bfspeed.c
create mode 100644 src/lib/libcrypto/bf/bftest.c
create mode 100644 src/lib/libcrypto/bio/bss_rtcp.c
create mode 100644 src/lib/libcrypto/bn/asm/README
create mode 100644 src/lib/libcrypto/bn/asm/alpha.s
create mode 100644 src/lib/libcrypto/bn/asm/pa-risc.s
create mode 100644 src/lib/libcrypto/bn/asm/r3000.s
create mode 100644 src/lib/libcrypto/bn/bnspeed.c
create mode 100644 src/lib/libcrypto/bn/bntest.c
create mode 100644 src/lib/libcrypto/bn/expspeed.c
create mode 100644 src/lib/libcrypto/bn/exptest.c
create mode 100644 src/lib/libcrypto/cast/asm/readme
create mode 100644 src/lib/libcrypto/cast/cast_spd.c
create mode 100644 src/lib/libcrypto/cast/castopts.c
create mode 100644 src/lib/libcrypto/cast/casts.cpp
create mode 100644 src/lib/libcrypto/cast/casttest.c
create mode 100644 src/lib/libcrypto/conf/cnf_save.c
create mode 100644 src/lib/libcrypto/conf/test.c
create mode 100644 src/lib/libcrypto/des/DES.pm
create mode 100644 src/lib/libcrypto/des/DES.xs
create mode 100644 src/lib/libcrypto/des/INSTALL
create mode 100644 src/lib/libcrypto/des/Imakefile
create mode 100644 src/lib/libcrypto/des/KERBEROS
create mode 100644 src/lib/libcrypto/des/README
create mode 100644 src/lib/libcrypto/des/VERSION
create mode 100644 src/lib/libcrypto/des/asm/des686.pl
create mode 100644 src/lib/libcrypto/des/asm/readme
create mode 100644 src/lib/libcrypto/des/cbc3_enc.c
create mode 100644 src/lib/libcrypto/des/des.c
create mode 100644 src/lib/libcrypto/des/des3s.cpp
create mode 100644 src/lib/libcrypto/des/des_opts.c
create mode 100644 src/lib/libcrypto/des/des_ver.h
create mode 100644 src/lib/libcrypto/des/dess.cpp
create mode 100644 src/lib/libcrypto/des/destest.c
create mode 100644 src/lib/libcrypto/des/makefile.bc
create mode 100644 src/lib/libcrypto/des/options.txt
create mode 100644 src/lib/libcrypto/des/read2pwd.c
create mode 100644 src/lib/libcrypto/des/read_pwd.c
create mode 100644 src/lib/libcrypto/des/rpc_des.h
create mode 100644 src/lib/libcrypto/des/rpc_enc.c
create mode 100644 src/lib/libcrypto/des/rpw.c
create mode 100644 src/lib/libcrypto/des/speed.c
create mode 100644 src/lib/libcrypto/des/t/test
create mode 100644 src/lib/libcrypto/des/times/486-50.sol
create mode 100644 src/lib/libcrypto/des/times/586-100.lnx
create mode 100644 src/lib/libcrypto/des/times/686-200.fre
create mode 100644 src/lib/libcrypto/des/times/aix.cc
create mode 100644 src/lib/libcrypto/des/times/alpha.cc
create mode 100644 src/lib/libcrypto/des/times/hpux.cc
create mode 100644 src/lib/libcrypto/des/times/sparc.gcc
create mode 100644 src/lib/libcrypto/des/times/usparc.cc
create mode 100644 src/lib/libcrypto/des/typemap
create mode 100644 src/lib/libcrypto/dh/dh1024.pem
create mode 100644 src/lib/libcrypto/dh/dh192.pem
create mode 100644 src/lib/libcrypto/dh/dh2048.pem
create mode 100644 src/lib/libcrypto/dh/dh4096.pem
create mode 100644 src/lib/libcrypto/dh/dh512.pem
create mode 100644 src/lib/libcrypto/dh/dhtest.c
create mode 100644 src/lib/libcrypto/dh/example
create mode 100644 src/lib/libcrypto/dh/generate
create mode 100644 src/lib/libcrypto/dh/p1024.c
create mode 100644 src/lib/libcrypto/dh/p192.c
create mode 100644 src/lib/libcrypto/dh/p512.c
create mode 100644 src/lib/libcrypto/dsa/README
create mode 100644 src/lib/libcrypto/dsa/dsagen.c
create mode 100644 src/lib/libcrypto/dsa/dsatest.c
create mode 100644 src/lib/libcrypto/dsa/fips186a.txt
create mode 100644 src/lib/libcrypto/evp/e_dsa.c
create mode 100644 src/lib/libcrypto/evp/m_md2.c
create mode 100644 src/lib/libcrypto/evp/m_mdc2.c
create mode 100644 src/lib/libcrypto/evp/m_sha.c
create mode 100644 src/lib/libcrypto/hmac/hmactest.c
create mode 100644 src/lib/libcrypto/lhash/lh_test.c
create mode 100644 src/lib/libcrypto/lhash/num.pl
create mode 100644 src/lib/libcrypto/md2/md2.c
create mode 100644 src/lib/libcrypto/md2/md2_dgst.c
create mode 100644 src/lib/libcrypto/md2/md2_one.c
create mode 100644 src/lib/libcrypto/md2/md2test.c
create mode 100644 src/lib/libcrypto/md5/md5.c
create mode 100644 src/lib/libcrypto/md5/md5s.cpp
create mode 100644 src/lib/libcrypto/md5/md5test.c
create mode 100644 src/lib/libcrypto/mdc2/mdc2.h
create mode 100644 src/lib/libcrypto/mem.c
create mode 100644 src/lib/libcrypto/objects/obj_dat.h
create mode 100644 src/lib/libcrypto/perlasm/x86ms.pl
create mode 100644 src/lib/libcrypto/perlasm/x86unix.pl
create mode 100644 src/lib/libcrypto/pkcs7/doc
create mode 100644 src/lib/libcrypto/pkcs7/enc.c
create mode 100644 src/lib/libcrypto/pkcs7/p7/a1
create mode 100644 src/lib/libcrypto/pkcs7/p7/a2
create mode 100644 src/lib/libcrypto/pkcs7/p7/cert.p7c
create mode 100644 src/lib/libcrypto/pkcs7/p7/smime.p7m
create mode 100644 src/lib/libcrypto/pkcs7/p7/smime.p7s
create mode 100644 src/lib/libcrypto/pkcs7/pk7_dgst.c
create mode 100644 src/lib/libcrypto/pkcs7/pk7_enc.c
create mode 100644 src/lib/libcrypto/pkcs7/server.pem
create mode 100644 src/lib/libcrypto/pkcs7/sign.c
create mode 100644 src/lib/libcrypto/pkcs7/verify.c
create mode 100644 src/lib/libcrypto/rand/md_rand.c
create mode 100644 src/lib/libcrypto/rand/randtest.c
create mode 100644 src/lib/libcrypto/rc2/rc2speed.c
create mode 100644 src/lib/libcrypto/rc2/rc2test.c
create mode 100644 src/lib/libcrypto/rc4/rc4.c
create mode 100644 src/lib/libcrypto/rc4/rc4s.cpp
create mode 100644 src/lib/libcrypto/rc4/rc4speed.c
create mode 100644 src/lib/libcrypto/rc4/rc4test.c
create mode 100644 src/lib/libcrypto/rc4/rrc4.doc
create mode 100644 src/lib/libcrypto/rc5/rc5.h
create mode 100644 src/lib/libcrypto/ripemd/asm/rips.cpp
create mode 100644 src/lib/libcrypto/ripemd/rmd160.c
create mode 100644 src/lib/libcrypto/ripemd/rmdtest.c
create mode 100644 src/lib/libcrypto/sha/asm/README
create mode 100644 src/lib/libcrypto/sha/sha.c
create mode 100644 src/lib/libcrypto/sha/sha1.c
create mode 100644 src/lib/libcrypto/sha/sha1s.cpp
create mode 100644 src/lib/libcrypto/sha/sha1test.c
create mode 100644 src/lib/libcrypto/sha/sha_dgst.c
create mode 100644 src/lib/libcrypto/sha/sha_one.c
create mode 100644 src/lib/libcrypto/sha/shatest.c
create mode 100644 src/lib/libcrypto/threads/mttest.c
create mode 100644 src/lib/libcrypto/threads/th-lock.c
create mode 100644 src/lib/libcrypto/tmdiff.c
create mode 100644 src/lib/libcrypto/util/FreeBSD.sh
create mode 100644 src/lib/libcrypto/util/add_cr.pl
create mode 100644 src/lib/libcrypto/util/bat.sh
create mode 100644 src/lib/libcrypto/util/ck_errf.pl
create mode 100644 src/lib/libcrypto/util/deleof.pl
create mode 100644 src/lib/libcrypto/util/do_ms.sh
create mode 100644 src/lib/libcrypto/util/err-ins.pl
create mode 100644 src/lib/libcrypto/util/files.pl
create mode 100644 src/lib/libcrypto/util/fixNT.sh
create mode 100644 src/lib/libcrypto/util/install.sh
create mode 100644 src/lib/libcrypto/util/libeay.num
create mode 100644 src/lib/libcrypto/util/mk1mf.pl
create mode 100644 src/lib/libcrypto/util/mkcerts.sh
create mode 100644 src/lib/libcrypto/util/mkdef.pl
create mode 100644 src/lib/libcrypto/util/perlpath.pl
create mode 100644 src/lib/libcrypto/util/pl/BC-16.pl
create mode 100644 src/lib/libcrypto/util/pl/BC-32.pl
create mode 100644 src/lib/libcrypto/util/pl/VC-16.pl
create mode 100644 src/lib/libcrypto/util/pl/VC-32.pl
create mode 100644 src/lib/libcrypto/util/pl/linux.pl
create mode 100644 src/lib/libcrypto/util/pl/unix.pl
create mode 100644 src/lib/libcrypto/util/point.sh
create mode 100644 src/lib/libcrypto/util/sp-diff.pl
create mode 100644 src/lib/libcrypto/util/speed.sh
create mode 100644 src/lib/libcrypto/util/src-dep.pl
create mode 100644 src/lib/libcrypto/util/ssleay.num
create mode 100644 src/lib/libcrypto/util/tab_num.pl
create mode 100644 src/lib/libcrypto/util/x86asm.sh
create mode 100644 src/lib/libssl/src/Configure
create mode 100644 src/lib/libssl/src/INSTALL
create mode 100644 src/lib/libssl/src/PROBLEMS
create mode 100644 src/lib/libssl/src/README
create mode 100644 src/lib/libssl/src/apps/CA.sh
create mode 100644 src/lib/libssl/src/apps/apps.c
create mode 100644 src/lib/libssl/src/apps/apps.h
create mode 100644 src/lib/libssl/src/apps/asn1pars.c
create mode 100644 src/lib/libssl/src/apps/ca-cert.srl
create mode 100644 src/lib/libssl/src/apps/ca-key.pem
create mode 100644 src/lib/libssl/src/apps/ca-req.pem
create mode 100644 src/lib/libssl/src/apps/ca.c
create mode 100644 src/lib/libssl/src/apps/cert.pem
create mode 100644 src/lib/libssl/src/apps/ciphers.c
create mode 100644 src/lib/libssl/src/apps/client.pem
create mode 100644 src/lib/libssl/src/apps/crl.c
create mode 100644 src/lib/libssl/src/apps/crl2p7.c
create mode 100644 src/lib/libssl/src/apps/demoCA/cacert.pem
create mode 100644 src/lib/libssl/src/apps/demoCA/index.txt
create mode 100644 src/lib/libssl/src/apps/demoCA/private/cakey.pem
create mode 100644 src/lib/libssl/src/apps/demoCA/serial
create mode 100644 src/lib/libssl/src/apps/dgst.c
create mode 100644 src/lib/libssl/src/apps/dh.c
create mode 100644 src/lib/libssl/src/apps/dh1024.pem
create mode 100644 src/lib/libssl/src/apps/dsa-ca.pem
create mode 100644 src/lib/libssl/src/apps/dsa-pca.pem
create mode 100644 src/lib/libssl/src/apps/dsa.c
create mode 100644 src/lib/libssl/src/apps/dsa1024.pem
create mode 100644 src/lib/libssl/src/apps/dsa512.pem
create mode 100644 src/lib/libssl/src/apps/dsap.pem
create mode 100644 src/lib/libssl/src/apps/dsaparam.c
create mode 100644 src/lib/libssl/src/apps/enc.c
create mode 100644 src/lib/libssl/src/apps/errstr.c
create mode 100644 src/lib/libssl/src/apps/gendh.c
create mode 100644 src/lib/libssl/src/apps/gendsa.c
create mode 100644 src/lib/libssl/src/apps/genrsa.c
create mode 100644 src/lib/libssl/src/apps/pca-cert.srl
create mode 100644 src/lib/libssl/src/apps/pca-key.pem
create mode 100644 src/lib/libssl/src/apps/pca-req.pem
create mode 100644 src/lib/libssl/src/apps/pkcs7.c
create mode 100644 src/lib/libssl/src/apps/privkey.pem
create mode 100644 src/lib/libssl/src/apps/progs.h
create mode 100644 src/lib/libssl/src/apps/req.c
create mode 100644 src/lib/libssl/src/apps/req.pem
create mode 100644 src/lib/libssl/src/apps/rsa.c
create mode 100644 src/lib/libssl/src/apps/rsa8192.pem
create mode 100644 src/lib/libssl/src/apps/s1024key.pem
create mode 100644 src/lib/libssl/src/apps/s1024req.pem
create mode 100644 src/lib/libssl/src/apps/s512-key.pem
create mode 100644 src/lib/libssl/src/apps/s512-req.pem
create mode 100644 src/lib/libssl/src/apps/s_apps.h
create mode 100644 src/lib/libssl/src/apps/s_cb.c
create mode 100644 src/lib/libssl/src/apps/s_client.c
create mode 100644 src/lib/libssl/src/apps/s_server.c
create mode 100644 src/lib/libssl/src/apps/s_socket.c
create mode 100644 src/lib/libssl/src/apps/s_time.c
create mode 100644 src/lib/libssl/src/apps/server.pem
create mode 100644 src/lib/libssl/src/apps/server.srl
create mode 100644 src/lib/libssl/src/apps/server2.pem
create mode 100644 src/lib/libssl/src/apps/sess_id.c
create mode 100644 src/lib/libssl/src/apps/set/set-g-ca.pem
create mode 100644 src/lib/libssl/src/apps/set/set-m-ca.pem
create mode 100644 src/lib/libssl/src/apps/set/set_b_ca.pem
create mode 100644 src/lib/libssl/src/apps/set/set_c_ca.pem
create mode 100644 src/lib/libssl/src/apps/set/set_d_ct.pem
create mode 100644 src/lib/libssl/src/apps/set/set_root.pem
create mode 100644 src/lib/libssl/src/apps/speed.c
create mode 100644 src/lib/libssl/src/apps/testCA.pem
create mode 100644 src/lib/libssl/src/apps/testdsa.h
create mode 100644 src/lib/libssl/src/apps/testrsa.h
create mode 100644 src/lib/libssl/src/apps/verify.c
create mode 100644 src/lib/libssl/src/apps/version.c
create mode 100644 src/lib/libssl/src/apps/x509.c
create mode 100644 src/lib/libssl/src/bugs/MS
create mode 100644 src/lib/libssl/src/bugs/SSLv3
create mode 100644 src/lib/libssl/src/bugs/VC16.bug
create mode 100644 src/lib/libssl/src/bugs/alpha.c
create mode 100644 src/lib/libssl/src/bugs/dggccbug.c
create mode 100644 src/lib/libssl/src/bugs/sgiccbug.c
create mode 100644 src/lib/libssl/src/bugs/sslref.dif
create mode 100644 src/lib/libssl/src/bugs/stream.c
create mode 100644 src/lib/libssl/src/certs/thawteCb.pem
create mode 100644 src/lib/libssl/src/certs/thawteCp.pem
create mode 100644 src/lib/libssl/src/certs/vsign1.pem
create mode 100644 src/lib/libssl/src/certs/vsign3.pem
create mode 100644 src/lib/libssl/src/config
create mode 100644 src/lib/libssl/src/crypto/Makefile
create mode 100644 src/lib/libssl/src/crypto/asn1/a_bitstr.c
create mode 100644 src/lib/libssl/src/crypto/asn1/a_bool.c
create mode 100644 src/lib/libssl/src/crypto/asn1/a_bytes.c
create mode 100644 src/lib/libssl/src/crypto/asn1/a_d2i_fp.c
create mode 100644 src/lib/libssl/src/crypto/asn1/a_digest.c
create mode 100644 src/lib/libssl/src/crypto/asn1/a_dup.c
create mode 100644 src/lib/libssl/src/crypto/asn1/a_hdr.c
create mode 100644 src/lib/libssl/src/crypto/asn1/a_i2d_fp.c
create mode 100644 src/lib/libssl/src/crypto/asn1/a_int.c
create mode 100644 src/lib/libssl/src/crypto/asn1/a_meth.c
create mode 100644 src/lib/libssl/src/crypto/asn1/a_object.c
create mode 100644 src/lib/libssl/src/crypto/asn1/a_octet.c
create mode 100644 src/lib/libssl/src/crypto/asn1/a_print.c
create mode 100644 src/lib/libssl/src/crypto/asn1/a_set.c
create mode 100644 src/lib/libssl/src/crypto/asn1/a_sign.c
create mode 100644 src/lib/libssl/src/crypto/asn1/a_type.c
create mode 100644 src/lib/libssl/src/crypto/asn1/a_utctm.c
create mode 100644 src/lib/libssl/src/crypto/asn1/a_verify.c
create mode 100644 src/lib/libssl/src/crypto/asn1/asn1.h
create mode 100644 src/lib/libssl/src/crypto/asn1/asn1_err.c
create mode 100644 src/lib/libssl/src/crypto/asn1/asn1_lib.c
create mode 100644 src/lib/libssl/src/crypto/asn1/asn1_mac.h
create mode 100644 src/lib/libssl/src/crypto/asn1/asn1_par.c
create mode 100644 src/lib/libssl/src/crypto/asn1/d2i_pr.c
create mode 100644 src/lib/libssl/src/crypto/asn1/d2i_pu.c
create mode 100644 src/lib/libssl/src/crypto/asn1/evp_asn1.c
create mode 100644 src/lib/libssl/src/crypto/asn1/f_int.c
create mode 100644 src/lib/libssl/src/crypto/asn1/f_string.c
create mode 100644 src/lib/libssl/src/crypto/asn1/i2d_pr.c
create mode 100644 src/lib/libssl/src/crypto/asn1/i2d_pu.c
create mode 100644 src/lib/libssl/src/crypto/asn1/n_pkey.c
create mode 100644 src/lib/libssl/src/crypto/asn1/t_pkey.c
create mode 100644 src/lib/libssl/src/crypto/asn1/t_req.c
create mode 100644 src/lib/libssl/src/crypto/asn1/t_x509.c
create mode 100644 src/lib/libssl/src/crypto/asn1/x_algor.c
create mode 100644 src/lib/libssl/src/crypto/asn1/x_attrib.c
create mode 100644 src/lib/libssl/src/crypto/asn1/x_crl.c
create mode 100644 src/lib/libssl/src/crypto/asn1/x_exten.c
create mode 100644 src/lib/libssl/src/crypto/asn1/x_info.c
create mode 100644 src/lib/libssl/src/crypto/asn1/x_name.c
create mode 100644 src/lib/libssl/src/crypto/asn1/x_pkey.c
create mode 100644 src/lib/libssl/src/crypto/asn1/x_pubkey.c
create mode 100644 src/lib/libssl/src/crypto/asn1/x_req.c
create mode 100644 src/lib/libssl/src/crypto/asn1/x_sig.c
create mode 100644 src/lib/libssl/src/crypto/asn1/x_spki.c
create mode 100644 src/lib/libssl/src/crypto/asn1/x_val.c
create mode 100644 src/lib/libssl/src/crypto/asn1/x_x509.c
create mode 100644 src/lib/libssl/src/crypto/bf/COPYRIGHT
create mode 100644 src/lib/libssl/src/crypto/bf/INSTALL
create mode 100644 src/lib/libssl/src/crypto/bf/README
create mode 100644 src/lib/libssl/src/crypto/bf/VERSION
create mode 100644 src/lib/libssl/src/crypto/bf/asm/bf-586.pl
create mode 100644 src/lib/libssl/src/crypto/bf/asm/bf-686.pl
create mode 100644 src/lib/libssl/src/crypto/bf/asm/readme
create mode 100644 src/lib/libssl/src/crypto/bf/bf_cbc.c
create mode 100644 src/lib/libssl/src/crypto/bf/bf_cfb64.c
create mode 100644 src/lib/libssl/src/crypto/bf/bf_ecb.c
create mode 100644 src/lib/libssl/src/crypto/bf/bf_enc.c
create mode 100644 src/lib/libssl/src/crypto/bf/bf_ofb64.c
create mode 100644 src/lib/libssl/src/crypto/bf/bf_opts.c
create mode 100644 src/lib/libssl/src/crypto/bf/bf_pi.h
create mode 100644 src/lib/libssl/src/crypto/bf/bf_skey.c
create mode 100644 src/lib/libssl/src/crypto/bf/bfs.cpp
create mode 100644 src/lib/libssl/src/crypto/bf/bfspeed.c
create mode 100644 src/lib/libssl/src/crypto/bf/bftest.c
create mode 100644 src/lib/libssl/src/crypto/bf/blowfish.h
create mode 100644 src/lib/libssl/src/crypto/bio/b_dump.c
create mode 100644 src/lib/libssl/src/crypto/bio/b_print.c
create mode 100644 src/lib/libssl/src/crypto/bio/b_sock.c
create mode 100644 src/lib/libssl/src/crypto/bio/bf_buff.c
create mode 100644 src/lib/libssl/src/crypto/bio/bf_nbio.c
create mode 100644 src/lib/libssl/src/crypto/bio/bf_null.c
create mode 100644 src/lib/libssl/src/crypto/bio/bio.h
create mode 100644 src/lib/libssl/src/crypto/bio/bio_cb.c
create mode 100644 src/lib/libssl/src/crypto/bio/bio_err.c
create mode 100644 src/lib/libssl/src/crypto/bio/bio_lib.c
create mode 100644 src/lib/libssl/src/crypto/bio/bss_acpt.c
create mode 100644 src/lib/libssl/src/crypto/bio/bss_conn.c
create mode 100644 src/lib/libssl/src/crypto/bio/bss_fd.c
create mode 100644 src/lib/libssl/src/crypto/bio/bss_file.c
create mode 100644 src/lib/libssl/src/crypto/bio/bss_mem.c
create mode 100644 src/lib/libssl/src/crypto/bio/bss_null.c
create mode 100644 src/lib/libssl/src/crypto/bio/bss_rtcp.c
create mode 100644 src/lib/libssl/src/crypto/bio/bss_sock.c
create mode 100644 src/lib/libssl/src/crypto/bn/asm/README
create mode 100644 src/lib/libssl/src/crypto/bn/asm/alpha.s
create mode 100644 src/lib/libssl/src/crypto/bn/asm/bn-586.pl
create mode 100644 src/lib/libssl/src/crypto/bn/asm/pa-risc.s
create mode 100644 src/lib/libssl/src/crypto/bn/asm/pa-risc2.s
create mode 100644 src/lib/libssl/src/crypto/bn/asm/r3000.s
create mode 100644 src/lib/libssl/src/crypto/bn/bn_add.c
create mode 100644 src/lib/libssl/src/crypto/bn/bn_blind.c
create mode 100644 src/lib/libssl/src/crypto/bn/bn_div.c
create mode 100644 src/lib/libssl/src/crypto/bn/bn_err.c
create mode 100644 src/lib/libssl/src/crypto/bn/bn_exp.c
create mode 100644 src/lib/libssl/src/crypto/bn/bn_gcd.c
create mode 100644 src/lib/libssl/src/crypto/bn/bn_lcl.h
create mode 100644 src/lib/libssl/src/crypto/bn/bn_lib.c
create mode 100644 src/lib/libssl/src/crypto/bn/bn_mod.c
create mode 100644 src/lib/libssl/src/crypto/bn/bn_mont.c
create mode 100644 src/lib/libssl/src/crypto/bn/bn_mpi.c
create mode 100644 src/lib/libssl/src/crypto/bn/bn_mul.c
create mode 100644 src/lib/libssl/src/crypto/bn/bn_prime.c
create mode 100644 src/lib/libssl/src/crypto/bn/bn_prime.h
create mode 100644 src/lib/libssl/src/crypto/bn/bn_prime.pl
create mode 100644 src/lib/libssl/src/crypto/bn/bn_print.c
create mode 100644 src/lib/libssl/src/crypto/bn/bn_rand.c
create mode 100644 src/lib/libssl/src/crypto/bn/bn_recp.c
create mode 100644 src/lib/libssl/src/crypto/bn/bn_shift.c
create mode 100644 src/lib/libssl/src/crypto/bn/bn_sqr.c
create mode 100644 src/lib/libssl/src/crypto/bn/bn_word.c
create mode 100644 src/lib/libssl/src/crypto/bn/bnspeed.c
create mode 100644 src/lib/libssl/src/crypto/bn/bntest.c
create mode 100644 src/lib/libssl/src/crypto/bn/expspeed.c
create mode 100644 src/lib/libssl/src/crypto/bn/exptest.c
create mode 100644 src/lib/libssl/src/crypto/buffer/buf_err.c
create mode 100644 src/lib/libssl/src/crypto/buffer/buffer.c
create mode 100644 src/lib/libssl/src/crypto/buffer/buffer.h
create mode 100644 src/lib/libssl/src/crypto/cast/asm/cast-586.pl
create mode 100644 src/lib/libssl/src/crypto/cast/asm/readme
create mode 100644 src/lib/libssl/src/crypto/cast/c_cfb64.c
create mode 100644 src/lib/libssl/src/crypto/cast/c_ecb.c
create mode 100644 src/lib/libssl/src/crypto/cast/c_enc.c
create mode 100644 src/lib/libssl/src/crypto/cast/c_ofb64.c
create mode 100644 src/lib/libssl/src/crypto/cast/c_skey.c
create mode 100644 src/lib/libssl/src/crypto/cast/cast.h
create mode 100644 src/lib/libssl/src/crypto/cast/cast_lcl.h
create mode 100644 src/lib/libssl/src/crypto/cast/cast_s.h
create mode 100644 src/lib/libssl/src/crypto/cast/cast_spd.c
create mode 100644 src/lib/libssl/src/crypto/cast/castopts.c
create mode 100644 src/lib/libssl/src/crypto/cast/casts.cpp
create mode 100644 src/lib/libssl/src/crypto/cast/casttest.c
create mode 100644 src/lib/libssl/src/crypto/conf/cnf_save.c
create mode 100644 src/lib/libssl/src/crypto/conf/conf.h
create mode 100644 src/lib/libssl/src/crypto/conf/conf_err.c
create mode 100644 src/lib/libssl/src/crypto/conf/keysets.pl
create mode 100644 src/lib/libssl/src/crypto/conf/ssleay.cnf
create mode 100644 src/lib/libssl/src/crypto/conf/test.c
create mode 100644 src/lib/libssl/src/crypto/cpt_err.c
create mode 100644 src/lib/libssl/src/crypto/cryptlib.c
create mode 100644 src/lib/libssl/src/crypto/cryptlib.h
create mode 100644 src/lib/libssl/src/crypto/crypto.h
create mode 100644 src/lib/libssl/src/crypto/cversion.c
create mode 100644 src/lib/libssl/src/crypto/des/COPYRIGHT
create mode 100644 src/lib/libssl/src/crypto/des/DES.pm
create mode 100644 src/lib/libssl/src/crypto/des/DES.xs
create mode 100644 src/lib/libssl/src/crypto/des/INSTALL
create mode 100644 src/lib/libssl/src/crypto/des/Imakefile
create mode 100644 src/lib/libssl/src/crypto/des/KERBEROS
create mode 100644 src/lib/libssl/src/crypto/des/README
create mode 100644 src/lib/libssl/src/crypto/des/VERSION
create mode 100644 src/lib/libssl/src/crypto/des/asm/crypt586.pl
create mode 100644 src/lib/libssl/src/crypto/des/asm/des-586.pl
create mode 100644 src/lib/libssl/src/crypto/des/asm/des686.pl
create mode 100644 src/lib/libssl/src/crypto/des/asm/desboth.pl
create mode 100644 src/lib/libssl/src/crypto/des/asm/readme
create mode 100644 src/lib/libssl/src/crypto/des/cbc3_enc.c
create mode 100644 src/lib/libssl/src/crypto/des/cbc_cksm.c
create mode 100644 src/lib/libssl/src/crypto/des/cbc_enc.c
create mode 100644 src/lib/libssl/src/crypto/des/cfb64ede.c
create mode 100644 src/lib/libssl/src/crypto/des/cfb64enc.c
create mode 100644 src/lib/libssl/src/crypto/des/cfb_enc.c
create mode 100644 src/lib/libssl/src/crypto/des/des.c
create mode 100644 src/lib/libssl/src/crypto/des/des3s.cpp
create mode 100644 src/lib/libssl/src/crypto/des/des_enc.c
create mode 100644 src/lib/libssl/src/crypto/des/des_opts.c
create mode 100644 src/lib/libssl/src/crypto/des/des_ver.h
create mode 100644 src/lib/libssl/src/crypto/des/dess.cpp
create mode 100644 src/lib/libssl/src/crypto/des/destest.c
create mode 100644 src/lib/libssl/src/crypto/des/ecb3_enc.c
create mode 100644 src/lib/libssl/src/crypto/des/ecb_enc.c
create mode 100644 src/lib/libssl/src/crypto/des/enc_read.c
create mode 100644 src/lib/libssl/src/crypto/des/enc_writ.c
create mode 100644 src/lib/libssl/src/crypto/des/fcrypt.c
create mode 100644 src/lib/libssl/src/crypto/des/fcrypt_b.c
create mode 100644 src/lib/libssl/src/crypto/des/makefile.bc
create mode 100644 src/lib/libssl/src/crypto/des/ncbc_enc.c
create mode 100644 src/lib/libssl/src/crypto/des/ofb64ede.c
create mode 100644 src/lib/libssl/src/crypto/des/ofb64enc.c
create mode 100644 src/lib/libssl/src/crypto/des/ofb_enc.c
create mode 100644 src/lib/libssl/src/crypto/des/options.txt
create mode 100644 src/lib/libssl/src/crypto/des/pcbc_enc.c
create mode 100644 src/lib/libssl/src/crypto/des/qud_cksm.c
create mode 100644 src/lib/libssl/src/crypto/des/rand_key.c
create mode 100644 src/lib/libssl/src/crypto/des/read2pwd.c
create mode 100644 src/lib/libssl/src/crypto/des/read_pwd.c
create mode 100644 src/lib/libssl/src/crypto/des/rpc_des.h
create mode 100644 src/lib/libssl/src/crypto/des/rpc_enc.c
create mode 100644 src/lib/libssl/src/crypto/des/rpw.c
create mode 100644 src/lib/libssl/src/crypto/des/set_key.c
create mode 100644 src/lib/libssl/src/crypto/des/speed.c
create mode 100644 src/lib/libssl/src/crypto/des/spr.h
create mode 100644 src/lib/libssl/src/crypto/des/str2key.c
create mode 100644 src/lib/libssl/src/crypto/des/t/test
create mode 100644 src/lib/libssl/src/crypto/des/times/486-50.sol
create mode 100644 src/lib/libssl/src/crypto/des/times/586-100.lnx
create mode 100644 src/lib/libssl/src/crypto/des/times/686-200.fre
create mode 100644 src/lib/libssl/src/crypto/des/times/aix.cc
create mode 100644 src/lib/libssl/src/crypto/des/times/alpha.cc
create mode 100644 src/lib/libssl/src/crypto/des/times/hpux.cc
create mode 100644 src/lib/libssl/src/crypto/des/times/sparc.gcc
create mode 100644 src/lib/libssl/src/crypto/des/times/usparc.cc
create mode 100644 src/lib/libssl/src/crypto/des/typemap
create mode 100644 src/lib/libssl/src/crypto/des/xcbc_enc.c
create mode 100644 src/lib/libssl/src/crypto/dh/dh.h
create mode 100644 src/lib/libssl/src/crypto/dh/dh1024.pem
create mode 100644 src/lib/libssl/src/crypto/dh/dh192.pem
create mode 100644 src/lib/libssl/src/crypto/dh/dh2048.pem
create mode 100644 src/lib/libssl/src/crypto/dh/dh4096.pem
create mode 100644 src/lib/libssl/src/crypto/dh/dh512.pem
create mode 100644 src/lib/libssl/src/crypto/dh/dh_check.c
create mode 100644 src/lib/libssl/src/crypto/dh/dh_err.c
create mode 100644 src/lib/libssl/src/crypto/dh/dh_gen.c
create mode 100644 src/lib/libssl/src/crypto/dh/dh_key.c
create mode 100644 src/lib/libssl/src/crypto/dh/dh_lib.c
create mode 100644 src/lib/libssl/src/crypto/dh/dhtest.c
create mode 100644 src/lib/libssl/src/crypto/dh/example
create mode 100644 src/lib/libssl/src/crypto/dh/generate
create mode 100644 src/lib/libssl/src/crypto/dh/p1024.c
create mode 100644 src/lib/libssl/src/crypto/dh/p192.c
create mode 100644 src/lib/libssl/src/crypto/dh/p512.c
create mode 100644 src/lib/libssl/src/crypto/dsa/README
create mode 100644 src/lib/libssl/src/crypto/dsa/dsa.h
create mode 100644 src/lib/libssl/src/crypto/dsa/dsa_err.c
create mode 100644 src/lib/libssl/src/crypto/dsa/dsa_gen.c
create mode 100644 src/lib/libssl/src/crypto/dsa/dsa_key.c
create mode 100644 src/lib/libssl/src/crypto/dsa/dsa_lib.c
create mode 100644 src/lib/libssl/src/crypto/dsa/dsa_sign.c
create mode 100644 src/lib/libssl/src/crypto/dsa/dsa_vrf.c
create mode 100644 src/lib/libssl/src/crypto/dsa/dsagen.c
create mode 100644 src/lib/libssl/src/crypto/dsa/dsatest.c
create mode 100644 src/lib/libssl/src/crypto/dsa/fips186a.txt
create mode 100644 src/lib/libssl/src/crypto/err/err.c
create mode 100644 src/lib/libssl/src/crypto/err/err.h
create mode 100644 src/lib/libssl/src/crypto/err/err_all.c
create mode 100644 src/lib/libssl/src/crypto/err/err_prn.c
create mode 100644 src/lib/libssl/src/crypto/evp/bio_b64.c
create mode 100644 src/lib/libssl/src/crypto/evp/bio_enc.c
create mode 100644 src/lib/libssl/src/crypto/evp/bio_md.c
create mode 100644 src/lib/libssl/src/crypto/evp/c_all.c
create mode 100644 src/lib/libssl/src/crypto/evp/digest.c
create mode 100644 src/lib/libssl/src/crypto/evp/e_dsa.c
create mode 100644 src/lib/libssl/src/crypto/evp/e_null.c
create mode 100644 src/lib/libssl/src/crypto/evp/e_rc4.c
create mode 100644 src/lib/libssl/src/crypto/evp/e_xcbc_d.c
create mode 100644 src/lib/libssl/src/crypto/evp/encode.c
create mode 100644 src/lib/libssl/src/crypto/evp/evp.h
create mode 100644 src/lib/libssl/src/crypto/evp/evp_enc.c
create mode 100644 src/lib/libssl/src/crypto/evp/evp_err.c
create mode 100644 src/lib/libssl/src/crypto/evp/evp_key.c
create mode 100644 src/lib/libssl/src/crypto/evp/evp_lib.c
create mode 100644 src/lib/libssl/src/crypto/evp/m_dss.c
create mode 100644 src/lib/libssl/src/crypto/evp/m_dss1.c
create mode 100644 src/lib/libssl/src/crypto/evp/m_md2.c
create mode 100644 src/lib/libssl/src/crypto/evp/m_md5.c
create mode 100644 src/lib/libssl/src/crypto/evp/m_mdc2.c
create mode 100644 src/lib/libssl/src/crypto/evp/m_null.c
create mode 100644 src/lib/libssl/src/crypto/evp/m_ripemd.c
create mode 100644 src/lib/libssl/src/crypto/evp/m_sha.c
create mode 100644 src/lib/libssl/src/crypto/evp/m_sha1.c
create mode 100644 src/lib/libssl/src/crypto/evp/names.c
create mode 100644 src/lib/libssl/src/crypto/evp/p_dec.c
create mode 100644 src/lib/libssl/src/crypto/evp/p_enc.c
create mode 100644 src/lib/libssl/src/crypto/evp/p_lib.c
create mode 100644 src/lib/libssl/src/crypto/evp/p_open.c
create mode 100644 src/lib/libssl/src/crypto/evp/p_seal.c
create mode 100644 src/lib/libssl/src/crypto/evp/p_sign.c
create mode 100644 src/lib/libssl/src/crypto/evp/p_verify.c
create mode 100644 src/lib/libssl/src/crypto/ex_data.c
create mode 100644 src/lib/libssl/src/crypto/hmac/hmac.c
create mode 100644 src/lib/libssl/src/crypto/hmac/hmac.h
create mode 100644 src/lib/libssl/src/crypto/hmac/hmactest.c
create mode 100644 src/lib/libssl/src/crypto/lhash/lh_stats.c
create mode 100644 src/lib/libssl/src/crypto/lhash/lh_test.c
create mode 100644 src/lib/libssl/src/crypto/lhash/lhash.c
create mode 100644 src/lib/libssl/src/crypto/lhash/lhash.h
create mode 100644 src/lib/libssl/src/crypto/lhash/num.pl
create mode 100644 src/lib/libssl/src/crypto/md2/md2.c
create mode 100644 src/lib/libssl/src/crypto/md2/md2_dgst.c
create mode 100644 src/lib/libssl/src/crypto/md2/md2_one.c
create mode 100644 src/lib/libssl/src/crypto/md2/md2test.c
create mode 100644 src/lib/libssl/src/crypto/md5/asm/md5-586.pl
create mode 100644 src/lib/libssl/src/crypto/md5/md5.c
create mode 100644 src/lib/libssl/src/crypto/md5/md5.h
create mode 100644 src/lib/libssl/src/crypto/md5/md5_dgst.c
create mode 100644 src/lib/libssl/src/crypto/md5/md5_locl.h
create mode 100644 src/lib/libssl/src/crypto/md5/md5_one.c
create mode 100644 src/lib/libssl/src/crypto/md5/md5s.cpp
create mode 100644 src/lib/libssl/src/crypto/md5/md5test.c
create mode 100644 src/lib/libssl/src/crypto/mdc2/mdc2.h
create mode 100644 src/lib/libssl/src/crypto/mem.c
create mode 100644 src/lib/libssl/src/crypto/objects/obj_dat.c
create mode 100644 src/lib/libssl/src/crypto/objects/obj_dat.h
create mode 100644 src/lib/libssl/src/crypto/objects/obj_dat.pl
create mode 100644 src/lib/libssl/src/crypto/objects/obj_err.c
create mode 100644 src/lib/libssl/src/crypto/objects/obj_lib.c
create mode 100644 src/lib/libssl/src/crypto/objects/objects.h
create mode 100644 src/lib/libssl/src/crypto/objects/objects.txt
create mode 100644 src/lib/libssl/src/crypto/pem/message
create mode 100644 src/lib/libssl/src/crypto/pem/pem.h
create mode 100644 src/lib/libssl/src/crypto/pem/pem_all.c
create mode 100644 src/lib/libssl/src/crypto/pem/pem_err.c
create mode 100644 src/lib/libssl/src/crypto/pem/pem_info.c
create mode 100644 src/lib/libssl/src/crypto/pem/pem_lib.c
create mode 100644 src/lib/libssl/src/crypto/pem/pem_seal.c
create mode 100644 src/lib/libssl/src/crypto/pem/pem_sign.c
create mode 100644 src/lib/libssl/src/crypto/pem/pkcs7.lis
create mode 100644 src/lib/libssl/src/crypto/perlasm/cbc.pl
create mode 100644 src/lib/libssl/src/crypto/perlasm/readme
create mode 100644 src/lib/libssl/src/crypto/perlasm/x86asm.pl
create mode 100644 src/lib/libssl/src/crypto/perlasm/x86ms.pl
create mode 100644 src/lib/libssl/src/crypto/perlasm/x86unix.pl
create mode 100644 src/lib/libssl/src/crypto/pkcs7/doc
create mode 100644 src/lib/libssl/src/crypto/pkcs7/enc.c
create mode 100644 src/lib/libssl/src/crypto/pkcs7/p7/a1
create mode 100644 src/lib/libssl/src/crypto/pkcs7/p7/a2
create mode 100644 src/lib/libssl/src/crypto/pkcs7/p7/cert.p7c
create mode 100644 src/lib/libssl/src/crypto/pkcs7/p7/smime.p7m
create mode 100644 src/lib/libssl/src/crypto/pkcs7/p7/smime.p7s
create mode 100644 src/lib/libssl/src/crypto/pkcs7/pk7_dgst.c
create mode 100644 src/lib/libssl/src/crypto/pkcs7/pk7_doit.c
create mode 100644 src/lib/libssl/src/crypto/pkcs7/pk7_enc.c
create mode 100644 src/lib/libssl/src/crypto/pkcs7/pk7_lib.c
create mode 100644 src/lib/libssl/src/crypto/pkcs7/pkcs7.h
create mode 100644 src/lib/libssl/src/crypto/pkcs7/pkcs7err.c
create mode 100644 src/lib/libssl/src/crypto/pkcs7/server.pem
create mode 100644 src/lib/libssl/src/crypto/pkcs7/sign.c
create mode 100644 src/lib/libssl/src/crypto/pkcs7/verify.c
create mode 100644 src/lib/libssl/src/crypto/rand/md_rand.c
create mode 100644 src/lib/libssl/src/crypto/rand/rand.h
create mode 100644 src/lib/libssl/src/crypto/rand/randfile.c
create mode 100644 src/lib/libssl/src/crypto/rand/randtest.c
create mode 100644 src/lib/libssl/src/crypto/rc2/rc2_cbc.c
create mode 100644 src/lib/libssl/src/crypto/rc2/rc2_ecb.c
create mode 100644 src/lib/libssl/src/crypto/rc2/rc2_locl.h
create mode 100644 src/lib/libssl/src/crypto/rc2/rc2_skey.c
create mode 100644 src/lib/libssl/src/crypto/rc2/rc2cfb64.c
create mode 100644 src/lib/libssl/src/crypto/rc2/rc2ofb64.c
create mode 100644 src/lib/libssl/src/crypto/rc2/rc2speed.c
create mode 100644 src/lib/libssl/src/crypto/rc2/rc2test.c
create mode 100644 src/lib/libssl/src/crypto/rc2/rrc2.doc
create mode 100644 src/lib/libssl/src/crypto/rc2/version
create mode 100644 src/lib/libssl/src/crypto/rc4/asm/rc4-586.pl
create mode 100644 src/lib/libssl/src/crypto/rc4/rc4.c
create mode 100644 src/lib/libssl/src/crypto/rc4/rc4_enc.c
create mode 100644 src/lib/libssl/src/crypto/rc4/rc4_skey.c
create mode 100644 src/lib/libssl/src/crypto/rc4/rc4s.cpp
create mode 100644 src/lib/libssl/src/crypto/rc4/rc4speed.c
create mode 100644 src/lib/libssl/src/crypto/rc4/rc4test.c
create mode 100644 src/lib/libssl/src/crypto/rc4/rrc4.doc
create mode 100644 src/lib/libssl/src/crypto/rc5/rc5.h
create mode 100644 src/lib/libssl/src/crypto/ripemd/README
create mode 100644 src/lib/libssl/src/crypto/ripemd/asm/rips.cpp
create mode 100644 src/lib/libssl/src/crypto/ripemd/asm/rmd-586.pl
create mode 100644 src/lib/libssl/src/crypto/ripemd/ripemd.h
create mode 100644 src/lib/libssl/src/crypto/ripemd/rmd160.c
create mode 100644 src/lib/libssl/src/crypto/ripemd/rmd_dgst.c
create mode 100644 src/lib/libssl/src/crypto/ripemd/rmd_locl.h
create mode 100644 src/lib/libssl/src/crypto/ripemd/rmd_one.c
create mode 100644 src/lib/libssl/src/crypto/ripemd/rmdconst.h
create mode 100644 src/lib/libssl/src/crypto/ripemd/rmdtest.c
create mode 100644 src/lib/libssl/src/crypto/rsa/rsa.h
create mode 100644 src/lib/libssl/src/crypto/rsa/rsa_eay.c
create mode 100644 src/lib/libssl/src/crypto/rsa/rsa_err.c
create mode 100644 src/lib/libssl/src/crypto/rsa/rsa_gen.c
create mode 100644 src/lib/libssl/src/crypto/rsa/rsa_lib.c
create mode 100644 src/lib/libssl/src/crypto/rsa/rsa_none.c
create mode 100644 src/lib/libssl/src/crypto/rsa/rsa_pk1.c
create mode 100644 src/lib/libssl/src/crypto/rsa/rsa_saos.c
create mode 100644 src/lib/libssl/src/crypto/rsa/rsa_sign.c
create mode 100644 src/lib/libssl/src/crypto/rsa/rsa_ssl.c
create mode 100644 src/lib/libssl/src/crypto/sha/asm/README
create mode 100644 src/lib/libssl/src/crypto/sha/asm/sha1-586.pl
create mode 100644 src/lib/libssl/src/crypto/sha/sha.c
create mode 100644 src/lib/libssl/src/crypto/sha/sha.h
create mode 100644 src/lib/libssl/src/crypto/sha/sha1.c
create mode 100644 src/lib/libssl/src/crypto/sha/sha1_one.c
create mode 100644 src/lib/libssl/src/crypto/sha/sha1dgst.c
create mode 100644 src/lib/libssl/src/crypto/sha/sha1s.cpp
create mode 100644 src/lib/libssl/src/crypto/sha/sha1test.c
create mode 100644 src/lib/libssl/src/crypto/sha/sha_dgst.c
create mode 100644 src/lib/libssl/src/crypto/sha/sha_locl.h
create mode 100644 src/lib/libssl/src/crypto/sha/sha_one.c
create mode 100644 src/lib/libssl/src/crypto/sha/shatest.c
create mode 100644 src/lib/libssl/src/crypto/stack/stack.c
create mode 100644 src/lib/libssl/src/crypto/stack/stack.h
create mode 100644 src/lib/libssl/src/crypto/threads/mttest.c
create mode 100644 src/lib/libssl/src/crypto/threads/th-lock.c
create mode 100644 src/lib/libssl/src/crypto/tmdiff.c
create mode 100644 src/lib/libssl/src/crypto/txt_db/txt_db.c
create mode 100644 src/lib/libssl/src/crypto/txt_db/txt_db.h
create mode 100644 src/lib/libssl/src/crypto/x509/by_dir.c
create mode 100644 src/lib/libssl/src/crypto/x509/by_file.c
create mode 100644 src/lib/libssl/src/crypto/x509/x509.h
create mode 100644 src/lib/libssl/src/crypto/x509/x509_cmp.c
create mode 100644 src/lib/libssl/src/crypto/x509/x509_d2.c
create mode 100644 src/lib/libssl/src/crypto/x509/x509_def.c
create mode 100644 src/lib/libssl/src/crypto/x509/x509_err.c
create mode 100644 src/lib/libssl/src/crypto/x509/x509_ext.c
create mode 100644 src/lib/libssl/src/crypto/x509/x509_lu.c
create mode 100644 src/lib/libssl/src/crypto/x509/x509_obj.c
create mode 100644 src/lib/libssl/src/crypto/x509/x509_r2x.c
create mode 100644 src/lib/libssl/src/crypto/x509/x509_req.c
create mode 100644 src/lib/libssl/src/crypto/x509/x509_set.c
create mode 100644 src/lib/libssl/src/crypto/x509/x509_txt.c
create mode 100644 src/lib/libssl/src/crypto/x509/x509_v3.c
create mode 100644 src/lib/libssl/src/crypto/x509/x509_vfy.c
create mode 100644 src/lib/libssl/src/crypto/x509/x509_vfy.h
create mode 100644 src/lib/libssl/src/crypto/x509/x509name.c
create mode 100644 src/lib/libssl/src/crypto/x509/x509rset.c
create mode 100644 src/lib/libssl/src/crypto/x509/x509type.c
create mode 100644 src/lib/libssl/src/crypto/x509/x_all.c
create mode 100644 src/lib/libssl/src/crypto/x509v3/x509v3.h
create mode 100644 src/lib/libssl/src/demos/README
create mode 100644 src/lib/libssl/src/demos/b64.c
create mode 100644 src/lib/libssl/src/demos/b64.pl
create mode 100644 src/lib/libssl/src/demos/bio/README
create mode 100644 src/lib/libssl/src/demos/bio/saccept.c
create mode 100644 src/lib/libssl/src/demos/bio/sconnect.c
create mode 100644 src/lib/libssl/src/demos/bio/server.pem
create mode 100644 src/lib/libssl/src/demos/maurice/Makefile
create mode 100644 src/lib/libssl/src/demos/maurice/README
create mode 100644 src/lib/libssl/src/demos/maurice/cert.pem
create mode 100644 src/lib/libssl/src/demos/maurice/example1.c
create mode 100644 src/lib/libssl/src/demos/maurice/example2.c
create mode 100644 src/lib/libssl/src/demos/maurice/example3.c
create mode 100644 src/lib/libssl/src/demos/maurice/example4.c
create mode 100644 src/lib/libssl/src/demos/maurice/loadkeys.c
create mode 100644 src/lib/libssl/src/demos/maurice/loadkeys.h
create mode 100644 src/lib/libssl/src/demos/maurice/privkey.pem
create mode 100644 src/lib/libssl/src/demos/prime/prime.c
create mode 100644 src/lib/libssl/src/demos/privkey.pem
create mode 100644 src/lib/libssl/src/demos/selfsign.c
create mode 100644 src/lib/libssl/src/demos/sign/cert.pem
create mode 100644 src/lib/libssl/src/demos/sign/key.pem
create mode 100644 src/lib/libssl/src/demos/sign/sig.txt
create mode 100644 src/lib/libssl/src/demos/sign/sign.c
create mode 100644 src/lib/libssl/src/demos/sign/sign.txt
create mode 100644 src/lib/libssl/src/demos/spkigen.c
create mode 100644 src/lib/libssl/src/demos/ssl/cli.cpp
create mode 100644 src/lib/libssl/src/demos/ssl/inetdsrv.cpp
create mode 100644 src/lib/libssl/src/demos/ssl/serv.cpp
create mode 100644 src/lib/libssl/src/e_os.h
create mode 100644 src/lib/libssl/src/makevms.com
create mode 100644 src/lib/libssl/src/ms/.rnd
create mode 100644 src/lib/libssl/src/ms/16all.bat
create mode 100644 src/lib/libssl/src/ms/32all.bat
create mode 100644 src/lib/libssl/src/ms/README
create mode 100644 src/lib/libssl/src/ms/certCA.srl
create mode 100644 src/lib/libssl/src/ms/certCA.ss
create mode 100644 src/lib/libssl/src/ms/certU.ss
create mode 100644 src/lib/libssl/src/ms/cmp.pl
create mode 100644 src/lib/libssl/src/ms/do_ms.bat
create mode 100644 src/lib/libssl/src/ms/keyCA.ss
create mode 100644 src/lib/libssl/src/ms/keyU.ss
create mode 100644 src/lib/libssl/src/ms/req2CA.ss
create mode 100644 src/lib/libssl/src/ms/reqCA.ss
create mode 100644 src/lib/libssl/src/ms/reqU.ss
create mode 100644 src/lib/libssl/src/ms/speed16.bat
create mode 100644 src/lib/libssl/src/ms/speed32.bat
create mode 100644 src/lib/libssl/src/ms/tenc.bat
create mode 100644 src/lib/libssl/src/ms/test.bat
create mode 100644 src/lib/libssl/src/ms/testenc.bat
create mode 100644 src/lib/libssl/src/ms/testpem.bat
create mode 100644 src/lib/libssl/src/ms/testss.bat
create mode 100644 src/lib/libssl/src/ms/tpem.bat
create mode 100644 src/lib/libssl/src/shlib/README
create mode 100644 src/lib/libssl/src/shlib/irix.sh
create mode 100644 src/lib/libssl/src/shlib/solaris.sh
create mode 100644 src/lib/libssl/src/shlib/sun.sh
create mode 100644 src/lib/libssl/src/shlib/win32.bat
create mode 100644 src/lib/libssl/src/shlib/win32dll.bat
create mode 100644 src/lib/libssl/src/ssl/bio_ssl.c
create mode 100644 src/lib/libssl/src/ssl/s23_clnt.c
create mode 100644 src/lib/libssl/src/ssl/s23_lib.c
create mode 100644 src/lib/libssl/src/ssl/s23_meth.c
create mode 100644 src/lib/libssl/src/ssl/s23_pkt.c
create mode 100644 src/lib/libssl/src/ssl/s23_srvr.c
create mode 100644 src/lib/libssl/src/ssl/s2_clnt.c
create mode 100644 src/lib/libssl/src/ssl/s2_enc.c
create mode 100644 src/lib/libssl/src/ssl/s2_lib.c
create mode 100644 src/lib/libssl/src/ssl/s2_meth.c
create mode 100644 src/lib/libssl/src/ssl/s2_pkt.c
create mode 100644 src/lib/libssl/src/ssl/s2_srvr.c
create mode 100644 src/lib/libssl/src/ssl/s3_both.c
create mode 100644 src/lib/libssl/src/ssl/s3_clnt.c
create mode 100644 src/lib/libssl/src/ssl/s3_enc.c
create mode 100644 src/lib/libssl/src/ssl/s3_lib.c
create mode 100644 src/lib/libssl/src/ssl/s3_meth.c
create mode 100644 src/lib/libssl/src/ssl/s3_pkt.c
create mode 100644 src/lib/libssl/src/ssl/s3_srvr.c
create mode 100644 src/lib/libssl/src/ssl/ssl.h
create mode 100644 src/lib/libssl/src/ssl/ssl2.h
create mode 100644 src/lib/libssl/src/ssl/ssl23.h
create mode 100644 src/lib/libssl/src/ssl/ssl3.h
create mode 100644 src/lib/libssl/src/ssl/ssl_algs.c
create mode 100644 src/lib/libssl/src/ssl/ssl_asn1.c
create mode 100644 src/lib/libssl/src/ssl/ssl_cert.c
create mode 100644 src/lib/libssl/src/ssl/ssl_ciph.c
create mode 100644 src/lib/libssl/src/ssl/ssl_err.c
create mode 100644 src/lib/libssl/src/ssl/ssl_err2.c
create mode 100644 src/lib/libssl/src/ssl/ssl_lib.c
create mode 100644 src/lib/libssl/src/ssl/ssl_locl.h
create mode 100644 src/lib/libssl/src/ssl/ssl_rsa.c
create mode 100644 src/lib/libssl/src/ssl/ssl_sess.c
create mode 100644 src/lib/libssl/src/ssl/ssl_stat.c
create mode 100644 src/lib/libssl/src/ssl/ssl_task.c
create mode 100644 src/lib/libssl/src/ssl/ssl_txt.c
create mode 100644 src/lib/libssl/src/ssl/ssltest.c
create mode 100644 src/lib/libssl/src/ssl/t1_clnt.c
create mode 100644 src/lib/libssl/src/ssl/t1_enc.c
create mode 100644 src/lib/libssl/src/ssl/t1_lib.c
create mode 100644 src/lib/libssl/src/ssl/t1_meth.c
create mode 100644 src/lib/libssl/src/ssl/t1_srvr.c
create mode 100644 src/lib/libssl/src/ssl/tls1.h
create mode 100644 src/lib/libssl/src/test/CAss.cnf
create mode 100644 src/lib/libssl/src/test/CAssdh.cnf
create mode 100644 src/lib/libssl/src/test/CAssdsa.cnf
create mode 100644 src/lib/libssl/src/test/CAssrsa.cnf
create mode 100644 src/lib/libssl/src/test/Sssdsa.cnf
create mode 100644 src/lib/libssl/src/test/Sssrsa.cnf
create mode 100644 src/lib/libssl/src/test/Uss.cnf
create mode 100644 src/lib/libssl/src/test/methtest.c
create mode 100644 src/lib/libssl/src/test/pkcs7-1.pem
create mode 100644 src/lib/libssl/src/test/pkcs7.pem
create mode 100644 src/lib/libssl/src/test/r160test.c
create mode 100644 src/lib/libssl/src/test/tcrl
create mode 100644 src/lib/libssl/src/test/test.cnf
create mode 100644 src/lib/libssl/src/test/testca
create mode 100644 src/lib/libssl/src/test/testcrl.pem
create mode 100644 src/lib/libssl/src/test/testenc
create mode 100644 src/lib/libssl/src/test/testgen
create mode 100644 src/lib/libssl/src/test/testp7.pem
create mode 100644 src/lib/libssl/src/test/testreq2.pem
create mode 100644 src/lib/libssl/src/test/testrsa.pem
create mode 100644 src/lib/libssl/src/test/testsid.pem
create mode 100644 src/lib/libssl/src/test/testss
create mode 100644 src/lib/libssl/src/test/testssl
create mode 100644 src/lib/libssl/src/test/testx509.pem
create mode 100644 src/lib/libssl/src/test/times
create mode 100644 src/lib/libssl/src/test/tpkcs7
create mode 100644 src/lib/libssl/src/test/tpkcs7d
create mode 100644 src/lib/libssl/src/test/treq
create mode 100644 src/lib/libssl/src/test/trsa
create mode 100644 src/lib/libssl/src/test/tsid
create mode 100644 src/lib/libssl/src/test/tx509
create mode 100644 src/lib/libssl/src/test/v3-cert1.pem
create mode 100644 src/lib/libssl/src/test/v3-cert2.pem
create mode 100644 src/lib/libssl/src/times/090/586-100.nt
create mode 100644 src/lib/libssl/src/times/100.lnx
create mode 100644 src/lib/libssl/src/times/100.nt
create mode 100644 src/lib/libssl/src/times/200.lnx
create mode 100644 src/lib/libssl/src/times/486-66.dos
create mode 100644 src/lib/libssl/src/times/486-66.nt
create mode 100644 src/lib/libssl/src/times/486-66.w31
create mode 100644 src/lib/libssl/src/times/5.lnx
create mode 100644 src/lib/libssl/src/times/586-085i.nt
create mode 100644 src/lib/libssl/src/times/586-100.LN3
create mode 100644 src/lib/libssl/src/times/586-100.NT2
create mode 100644 src/lib/libssl/src/times/586-100.dos
create mode 100644 src/lib/libssl/src/times/586-100.ln4
create mode 100644 src/lib/libssl/src/times/586-100.lnx
create mode 100644 src/lib/libssl/src/times/586-100.nt
create mode 100644 src/lib/libssl/src/times/586-100.ntx
create mode 100644 src/lib/libssl/src/times/586-100.w31
create mode 100644 src/lib/libssl/src/times/586-1002.lnx
create mode 100644 src/lib/libssl/src/times/586p-100.lnx
create mode 100644 src/lib/libssl/src/times/686-200.bsd
create mode 100644 src/lib/libssl/src/times/686-200.lnx
create mode 100644 src/lib/libssl/src/times/686-200.nt
create mode 100644 src/lib/libssl/src/times/L1
create mode 100644 src/lib/libssl/src/times/R10000.t
create mode 100644 src/lib/libssl/src/times/R4400.t
create mode 100644 src/lib/libssl/src/times/aix.t
create mode 100644 src/lib/libssl/src/times/aixold.t
create mode 100644 src/lib/libssl/src/times/alpha.t
create mode 100644 src/lib/libssl/src/times/alpha400.t
create mode 100644 src/lib/libssl/src/times/cyrix100.lnx
create mode 100644 src/lib/libssl/src/times/dgux-x86.t
create mode 100644 src/lib/libssl/src/times/dgux.t
create mode 100644 src/lib/libssl/src/times/hpux-acc.t
create mode 100644 src/lib/libssl/src/times/hpux-kr.t
create mode 100644 src/lib/libssl/src/times/hpux.t
create mode 100644 src/lib/libssl/src/times/p2.w95
create mode 100644 src/lib/libssl/src/times/pent2.t
create mode 100644 src/lib/libssl/src/times/readme
create mode 100644 src/lib/libssl/src/times/s586-100.lnx
create mode 100644 src/lib/libssl/src/times/s586-100.nt
create mode 100644 src/lib/libssl/src/times/sgi.t
create mode 100644 src/lib/libssl/src/times/sparc.t
create mode 100644 src/lib/libssl/src/times/sparc2
create mode 100644 src/lib/libssl/src/times/sparcLX.t
create mode 100644 src/lib/libssl/src/times/usparc.t
create mode 100644 src/lib/libssl/src/times/x86/bfs.cpp
create mode 100644 src/lib/libssl/src/times/x86/casts.cpp
create mode 100644 src/lib/libssl/src/times/x86/des3s.cpp
create mode 100644 src/lib/libssl/src/times/x86/dess.cpp
create mode 100644 src/lib/libssl/src/times/x86/md5s.cpp
create mode 100644 src/lib/libssl/src/times/x86/rc4s.cpp
create mode 100644 src/lib/libssl/src/times/x86/sha1s.cpp
create mode 100644 src/lib/libssl/src/tools/c_hash
create mode 100644 src/lib/libssl/src/tools/c_info
create mode 100644 src/lib/libssl/src/tools/c_issuer
create mode 100644 src/lib/libssl/src/tools/c_name
create mode 100644 src/lib/libssl/src/tools/c_rehash
create mode 100644 src/lib/libssl/src/util/FreeBSD.sh
create mode 100644 src/lib/libssl/src/util/add_cr.pl
create mode 100644 src/lib/libssl/src/util/bat.sh
create mode 100644 src/lib/libssl/src/util/ck_errf.pl
create mode 100644 src/lib/libssl/src/util/deleof.pl
create mode 100644 src/lib/libssl/src/util/do_ms.sh
create mode 100644 src/lib/libssl/src/util/err-ins.pl
create mode 100644 src/lib/libssl/src/util/files.pl
create mode 100644 src/lib/libssl/src/util/fixNT.sh
create mode 100644 src/lib/libssl/src/util/install.sh
create mode 100644 src/lib/libssl/src/util/libeay.num
create mode 100644 src/lib/libssl/src/util/mk1mf.pl
create mode 100644 src/lib/libssl/src/util/mkcerts.sh
create mode 100644 src/lib/libssl/src/util/mkdef.pl
create mode 100644 src/lib/libssl/src/util/perlpath.pl
create mode 100644 src/lib/libssl/src/util/pl/BC-16.pl
create mode 100644 src/lib/libssl/src/util/pl/BC-32.pl
create mode 100644 src/lib/libssl/src/util/pl/VC-16.pl
create mode 100644 src/lib/libssl/src/util/pl/VC-32.pl
create mode 100644 src/lib/libssl/src/util/pl/linux.pl
create mode 100644 src/lib/libssl/src/util/pl/unix.pl
create mode 100644 src/lib/libssl/src/util/point.sh
create mode 100644 src/lib/libssl/src/util/sp-diff.pl
create mode 100644 src/lib/libssl/src/util/speed.sh
create mode 100644 src/lib/libssl/src/util/src-dep.pl
create mode 100644 src/lib/libssl/src/util/ssleay.num
create mode 100644 src/lib/libssl/src/util/tab_num.pl
create mode 100644 src/lib/libssl/src/util/x86asm.sh
diff --git a/src/lib/libcrypto/Attic/Makefile b/src/lib/libcrypto/Attic/Makefile
new file mode 100644
index 0000000000..eb49323ad5
--- /dev/null
+++ b/src/lib/libcrypto/Attic/Makefile
@@ -0,0 +1,133 @@
+LIB= crypto
+CFLAGS+= -DNO_IDEA -DTERMIOS -DL_ENDIAN -DANSI_SOURCE
+CFLAGS+= -I${.CURDIR}/../include
+SRCS+= cryptlib.c mem.c cversion.c ex_data.c cpt_err.c
+CFLAGS+= -I${.CURDIR}/md2
+SRCS+= md2_dgst.c md2_one.c
+CFLAGS+= -I${.CURDIR}/md5
+SRCS+= md5_dgst.c md5_one.c
+CFLAGS+= -I${.CURDIR}/sha
+SRCS+= sha_dgst.c sha1dgst.c sha_one.c sha1_one.c
+CFLAGS+= -I${.CURDIR}/mdc2
+SRCS+= mdc2dgst.c mdc2_one.c
+CFLAGS+= -I${.CURDIR}/hmac
+SRCS+= hmac.c
+CFLAGS+= -I${.CURDIR}/ripemd
+SRCS+= rmd_dgst.c rmd_one.c
+CFLAGS+= -I${.CURDIR}/des
+SRCS+= set_key.c ecb_enc.c cbc_enc.c ecb3_enc.c
+SRCS+= cfb64enc.c cfb64ede.c cfb_enc.c ofb64ede.c
+SRCS+= enc_read.c enc_writ.c ofb64enc.c ofb_enc.c
+SRCS+= str2key.c pcbc_enc.c qud_cksm.c rand_key.c
+SRCS+= read2pwd.c fcrypt.c xcbc_enc.c read_pwd.c
+SRCS+= rpc_enc.c cbc_cksm.c supp.c
+CFLAGS+= -I${.CURDIR}/rc2
+SRCS+= rc2_ecb.c rc2_skey.c rc2_cbc.c rc2cfb64.c
+SRCS+= rc2ofb64.c
+CFLAGS+= -I${.CURDIR}/rc4
+SRCS+= rc4_skey.c
+CFLAGS+= -I${.CURDIR}/rc5
+SRCS+= rc5_skey.c rc5_ecb.c rc5cfb64.c rc5cfb64.c
+SRCS+= rc5ofb64.c
+CFLAGS+= -I${.CURDIR}/idea
+SRCS+= i_cbc.c i_cfb64.c i_ofb64.c i_ecb.c
+SRCS+= i_skey.c
+CFLAGS+= -I${.CURDIR}/bf
+SRCS+= bf_skey.c bf_ecb.c bf_cfb64.c bf_ofb64.c
+CFLAGS+= -I${.CURDIR}/cast
+SRCS+= c_skey.c c_ecb.c c_cfb64.c c_ofb64.c
+CFLAGS+= -I${.CURDIR}/bn
+SRCS+= bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mod.c
+SRCS+= bn_mul.c bn_print.c bn_rand.c bn_shift.c bn_sub.c
+SRCS+= bn_word.c bn_blind.c bn_gcd.c bn_prime.c bn_err.c
+SRCS+= bn_sqr.c bn_recp.c bn_mont.c bn_mpi.c
+CFLAGS+= -I${.CURDIR}/rsa
+SRCS+= rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c
+SRCS+= rsa_saos.c rsa_err.c rsa_pk1.c rsa_ssl.c
+SRCS+= rsa_none.c
+CFLAGS+= -I${.CURDIR}/dsa
+SRCS+= dsa_gen.c dsa_key.c dsa_lib.c dsa_vrf.c
+SRCS+= dsa_sign.c dsa_err.c
+CFLAGS+= -I${.CURDIR}/dh
+SRCS+= dh_gen.c dh_key.c dh_lib.c dh_check.c dh_err.c
+CFLAGS+= -I${.CURDIR}/buffer
+SRCS+= buffer.c buf_err.c
+CFLAGS+= -I${.CURDIR}/bio
+SRCS+= bio_lib.c bio_cb.c bio_err.c bss_mem.c
+SRCS+= bss_null.c bss_fd.c bss_file.c bss_sock.c
+SRCS+= bss_conn.c bf_null.c bf_buff.c
+SRCS+= b_print.c b_dump.c b_sock.c bss_acpt.c
+SRCS+= bf_nbio.c
+CFLAGS+= -I${.CURDIR}/stack
+SRCS+= stack.c
+CFLAGS+= -I${.CURDIR}/lhash
+SRCS+= lhash.c lh_stats.c
+CFLAGS+= -I${.CURDIR}/rand
+SRCS+= md_rand.c randfile.c
+CFLAGS+= -I${.CURDIR}/err
+SRCS+= err.c err_all.c err_prn.c
+CFLAGS+= -I${.CURDIR}/objects
+SRCS+= obj_dat.c obj_lib.c obj_err.c
+CFLAGS+= -I${.CURDIR}/evp
+SRCS+= encode.c digest.c evp_enc.c evp_key.c
+SRCS+= e_ecb_d.c e_cbc_d.c e_cfb_d.c e_ofb_d.c
+SRCS+= e_ecb_i.c e_cbc_i.c e_cfb_i.c e_ofb_i.c
+SRCS+= e_ecb_3d.c e_cbc_3d.c e_rc4.c names.c
+SRCS+= e_cfb_3d.c e_ofb_3d.c e_xcbc_d.c e_ecb_r2.c
+SRCS+= e_cbc_r2.c e_cfb_r2.c e_ofb_r2.c e_ecb_bf.c
+SRCS+= e_cbc_bf.c e_cfb_bf.c e_ofb_bf.c e_ecb_c.c
+SRCS+= e_cbc_c.c e_cfb_c.c e_ofb_c.c e_ecb_r5.c
+SRCS+= e_cbc_r5.c e_cfb_r5.c e_ofb_r5.c m_null.c
+SRCS+= m_md2.c m_md5.c m_sha.c m_sha1.c m_dss.c
+SRCS+= m_dss1.c m_mdc2.c m_ripemd.c p_open.c
+SRCS+= p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c
+SRCS+= p_dec.c bio_md.c bio_b64.c bio_enc.c
+SRCS+= evp_err.c e_null.c c_all.c evp_lib.c
+CFLAGS+= -I${.CURDIR}/pem
+SRCS+= pem_sign.c pem_seal.c pem_info.c pem_lib.c
+SRCS+= pem_all.c pem_err.c
+CFLAGS+= -I${.CURDIR}/asn1
+SRCS+= a_object.c a_bitstr.c a_utctm.c a_int.c
+SRCS+= a_octet.c a_print.c a_type.c a_set.c
+SRCS+= a_dup.c a_d2i_fp.c a_i2d_fp.c a_sign.c
+SRCS+= a_digest.c a_verify.c x_algor.c x_val.c
+SRCS+= x_pubkey.c x_sig.c x_req.c x_attrib.c
+SRCS+= x_name.c x_cinf.c x_x509.c x_crl.c
+SRCS+= x_info.c x_spki.c d2i_r_pr.c i2d_r_pr.c
+SRCS+= d2i_r_pu.c i2d_r_pu.c d2i_s_pr.c i2d_s_pr.c
+SRCS+= d2i_s_pu.c i2d_s_pu.c d2i_pu.c d2i_pr.c
+SRCS+= i2d_pu.c i2d_pr.c t_req.c t_x509.c
+SRCS+= t_pkey.c p7_i_s.c p7_signi.c p7_signd.c
+SRCS+= p7_recip.c p7_enc_c.c p7_evp.c p7_dgst.c
+SRCS+= p7_s_e.c p7_enc.c p7_lib.c f_int.c
+SRCS+= f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c
+SRCS+= d2i_dsap.c n_pkey.c a_hdr.c x_pkey.c
+SRCS+= a_bool.c x_exten.c asn1_par.c asn1_lib.c
+SRCS+= asn1_err.c a_meth.c a_bytes.c evp_asn1.c
+CFLAGS+= -I${.CURDIR}/x509
+SRCS+= x509_def.c x509_d2.c x509_r2x.c x509_cmp.c
+SRCS+= x509_obj.c x509_req.c x509_vfy.c x509_set.c
+SRCS+= x509rset.c x509_err.c x509name.c x509_v3.c
+SRCS+= x509_ext.c x509pack.c x509type.c x509_lu.c
+SRCS+= x_all.c x509_txt.c by_file.c by_dir.c
+SRCS+= v3_net.c v3_x509.c
+CFLAGS+= -I${.CURDIR}/conf
+SRCS+= conf.c conf_err.c
+CFLAGS+= -I${.CURDIR}/txt_db
+SRCS+= txt_db.c
+CFLAGS+= -I${.CURDIR}/pkcs7
+SRCS+= pk7_lib.c pkcs7err.c pk7_doit.c
+
+.PATH: ${.CURDIR}/md2 ${.CURDIR}/md5 ${.CURDIR}/sha ${.CURDIR}/mdc2 \
+ ${.CURDIR}/hmac ${.CURDIR}/ripemd ${.CURDIR}/des ${.CURDIR}/rc2 \
+ ${.CURDIR}/rc4 ${.CURDIR}/rc5 ${.CURDIR}/idea ${.CURDIR}/bf \
+ ${.CURDIR}/cast ${.CURDIR}/bn ${.CURDIR}/rsa ${.CURDIR}/dsa \
+ ${.CURDIR}/dh ${.CURDIR}/buffer ${.CURDIR}/bio ${.CURDIR}/stack \
+ ${.CURDIR}/lhash ${.CURDIR}/rand ${.CURDIR}/err ${.CURDIR}/objects \
+ ${.CURDIR}/evp ${.CURDIR}/pem ${.CURDIR}/asn1 ${.CURDIR}/asn1 \
+ ${.CURDIR}/x509 ${.CURDIR}/conf txt_db/txt_db.c ${.CURDIR}/pkcs7 \
+ ${.CURDIR}/txt_db
+
+.include <bsd.lib.mk>
+
+
diff --git a/src/lib/libcrypto/asn1/a_hdr.c b/src/lib/libcrypto/asn1/a_hdr.c
new file mode 100644
index 0000000000..4fb7a5fa75
--- /dev/null
+++ b/src/lib/libcrypto/asn1/a_hdr.c
@@ -0,0 +1,130 @@
+/* crypto/asn1/a_hdr.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+#include "asn1.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_ASN1_HEADER,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_I2D_ASN1_HEADER,ASN1_R_BAD_GET_OBJECT);
+ * ASN1err(ASN1_F_I2D_ASN1_HEADER,ASN1_R_BAD_GET_OBJECT);
+ * ASN1err(ASN1_F_ASN1_HEADER_NEW,ASN1_R_BAD_GET_OBJECT);
+ */
+
+int i2d_ASN1_HEADER(a,pp)
+ASN1_HEADER *a;
+unsigned char **pp;
+ {
+ M_ASN1_I2D_vars(a);
+
+ M_ASN1_I2D_len(a->header, i2d_ASN1_OCTET_STRING);
+ M_ASN1_I2D_len(a->data, a->meth->i2d);
+
+ M_ASN1_I2D_seq_total();
+
+ M_ASN1_I2D_put(a->header, i2d_ASN1_OCTET_STRING);
+ M_ASN1_I2D_put(a->data, a->meth->i2d);
+
+ M_ASN1_I2D_finish();
+ }
+
+ASN1_HEADER *d2i_ASN1_HEADER(a,pp,length)
+ASN1_HEADER **a;
+unsigned char **pp;
+long length;
+ {
+ M_ASN1_D2I_vars(a,ASN1_HEADER *,ASN1_HEADER_new);
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(ret->header,d2i_ASN1_OCTET_STRING);
+ if (ret->meth != NULL)
+ {
+ M_ASN1_D2I_get(ret->data,ret->meth->d2i);
+ }
+ else
+ {
+ if (a != NULL) (*a)=ret;
+ return(ret);
+ }
+ M_ASN1_D2I_Finish(a,ASN1_HEADER_free,ASN1_F_D2I_ASN1_HEADER);
+ }
+
+ASN1_HEADER *ASN1_HEADER_new()
+ {
+ ASN1_HEADER *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,ASN1_HEADER);
+ M_ASN1_New(ret->header,ASN1_OCTET_STRING_new);
+ ret->meth=NULL;
+ ret->data=NULL;
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_ASN1_HEADER_NEW);
+ }
+
+void ASN1_HEADER_free(a)
+ASN1_HEADER *a;
+ {
+ if (a == NULL) return;
+ ASN1_OCTET_STRING_free(a->header);
+ if (a->meth != NULL)
+ a->meth->destroy(a->data);
+ Free((char *)a);
+ }
diff --git a/src/lib/libcrypto/asn1/a_meth.c b/src/lib/libcrypto/asn1/a_meth.c
new file mode 100644
index 0000000000..513625c305
--- /dev/null
+++ b/src/lib/libcrypto/asn1/a_meth.c
@@ -0,0 +1,84 @@
+/* crypto/asn1/a_meth.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "buffer.h"
+#include "x509.h"
+
+static ASN1_METHOD ia5string_meth={
+ (int (*)()) i2d_ASN1_IA5STRING,
+ (char *(*)()) d2i_ASN1_IA5STRING,
+ (char *(*)()) ASN1_STRING_new,
+ (void (*)()) ASN1_STRING_free};
+
+static ASN1_METHOD bit_string_meth={
+ (int (*)()) i2d_ASN1_BIT_STRING,
+ (char *(*)()) d2i_ASN1_BIT_STRING,
+ (char *(*)()) ASN1_STRING_new,
+ (void (*)()) ASN1_STRING_free};
+
+ASN1_METHOD *ASN1_IA5STRING_asn1_meth()
+ {
+ return(&ia5string_meth);
+ }
+
+ASN1_METHOD *ASN1_BIT_STRING_asn1_meth()
+ {
+ return(&bit_string_meth);
+ }
diff --git a/src/lib/libcrypto/asn1/a_utctm.c b/src/lib/libcrypto/asn1/a_utctm.c
new file mode 100644
index 0000000000..17a7abbb67
--- /dev/null
+++ b/src/lib/libcrypto/asn1/a_utctm.c
@@ -0,0 +1,212 @@
+/* crypto/asn1/a_utctm.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include "cryptlib.h"
+#include "asn1.h"
+
+/* ASN1err(ASN1_F_ASN1_UTCTIME_NEW,ASN1_R_UTCTIME_TOO_LONG);
+ * ASN1err(ASN1_F_D2I_ASN1_UTCTIME,ASN1_R_EXPECTING_A_UTCTIME);
+ */
+
+int i2d_ASN1_UTCTIME(a,pp)
+ASN1_UTCTIME *a;
+unsigned char **pp;
+ {
+ return(i2d_ASN1_bytes((ASN1_STRING *)a,pp,
+ V_ASN1_UTCTIME,V_ASN1_UNIVERSAL));
+ }
+
+
+ASN1_UTCTIME *d2i_ASN1_UTCTIME(a, pp, length)
+ASN1_UTCTIME **a;
+unsigned char **pp;
+long length;
+ {
+ ASN1_UTCTIME *ret=NULL;
+
+ ret=(ASN1_UTCTIME *)d2i_ASN1_bytes((ASN1_STRING **)a,pp,length,
+ V_ASN1_UTCTIME,V_ASN1_UNIVERSAL);
+ if (ret == NULL)
+ {
+ ASN1err(ASN1_F_D2I_ASN1_UTCTIME,ASN1_R_ERROR_STACK);
+ return(NULL);
+ }
+ if (!ASN1_UTCTIME_check(ret))
+ {
+ ASN1err(ASN1_F_D2I_ASN1_UTCTIME,ASN1_R_INVALID_TIME_FORMAT);
+ goto err;
+ }
+
+ return(ret);
+err:
+ if ((ret != NULL) && ((a == NULL) || (*a != ret)))
+ ASN1_UTCTIME_free(ret);
+ return(NULL);
+ }
+
+int ASN1_UTCTIME_check(d)
+ASN1_UTCTIME *d;
+ {
+ static int min[8]={ 0, 1, 1, 0, 0, 0, 0, 0};
+ static int max[8]={99,12,31,23,59,59,12,59};
+ char *a;
+ int n,i,l,o;
+
+ if (d->type != V_ASN1_UTCTIME) return(0);
+ l=d->length;
+ a=(char *)d->data;
+ o=0;
+
+ if (l < 11) goto err;
+ for (i=0; i<6; i++)
+ {
+ if ((i == 5) && ((a[o] == 'Z') ||
+ (a[o] == '+') || (a[o] == '-')))
+ { i++; break; }
+ if ((a[o] < '0') || (a[o] > '9')) goto err;
+ n= a[o]-'0';
+ if (++o > l) goto err;
+
+ if ((a[o] < '0') || (a[o] > '9')) goto err;
+ n=(n*10)+ a[o]-'0';
+ if (++o > l) goto err;
+
+ if ((n < min[i]) || (n > max[i])) goto err;
+ }
+ if (a[o] == 'Z')
+ o++;
+ else if ((a[o] == '+') || (a[o] == '-'))
+ {
+ o++;
+ if (o+4 > l) goto err;
+ for (i=6; i<8; i++)
+ {
+ if ((a[o] < '0') || (a[o] > '9')) goto err;
+ n= a[o]-'0';
+ o++;
+ if ((a[o] < '0') || (a[o] > '9')) goto err;
+ n=(n*10)+ a[o]-'0';
+ if ((n < min[i]) || (n > max[i])) goto err;
+ o++;
+ }
+ }
+ return(o == l);
+err:
+ return(0);
+ }
+
+int ASN1_UTCTIME_set_string(s,str)
+ASN1_UTCTIME *s;
+char *str;
+ {
+ ASN1_UTCTIME t;
+
+ t.type=V_ASN1_UTCTIME;
+ t.length=strlen(str);
+ t.data=(unsigned char *)str;
+ if (ASN1_UTCTIME_check(&t))
+ {
+ if (s != NULL)
+ {
+ ASN1_STRING_set((ASN1_STRING *)s,
+ (unsigned char *)str,t.length);
+ }
+ return(1);
+ }
+ else
+ return(0);
+ }
+
+ASN1_UTCTIME *ASN1_UTCTIME_set(s, t)
+ASN1_UTCTIME *s;
+time_t t;
+ {
+ char *p;
+ struct tm *ts;
+#if defined(THREADS)
+ struct tm data;
+#endif
+
+ if (s == NULL)
+ s=ASN1_UTCTIME_new();
+ if (s == NULL)
+ return(NULL);
+
+#if defined(THREADS)
+ ts=(struct tm *)gmtime_r(&t,&data);
+#else
+ ts=(struct tm *)gmtime(&t);
+#endif
+ p=(char *)s->data;
+ if ((p == NULL) || (s->length < 14))
+ {
+ p=Malloc(20);
+ if (p == NULL) return(NULL);
+ if (s->data != NULL)
+ Free(s->data);
+ s->data=(unsigned char *)p;
+ }
+
+ sprintf(p,"%02d%02d%02d%02d%02d%02dZ",ts->tm_year%100,
+ ts->tm_mon+1,ts->tm_mday,ts->tm_hour,ts->tm_min,ts->tm_sec);
+ s->length=strlen(p);
+ s->type=V_ASN1_UTCTIME;
+ return(s);
+ }
diff --git a/src/lib/libcrypto/bf/asm/bf-686.pl b/src/lib/libcrypto/bf/asm/bf-686.pl
new file mode 100644
index 0000000000..bed303d786
--- /dev/null
+++ b/src/lib/libcrypto/bf/asm/bf-686.pl
@@ -0,0 +1,128 @@
+#!/usr/bin/perl
+#!/usr/local/bin/perl
+
+push(@INC,"perlasm","../../perlasm");
+require "x86asm.pl";
+require "cbc.pl";
+
+&asm_init($ARGV[0],"bf-686.pl");
+
+$BF_ROUNDS=16;
+$BF_OFF=($BF_ROUNDS+2)*4;
+$L="ecx";
+$R="edx";
+$P="edi";
+$tot="esi";
+$tmp1="eax";
+$tmp2="ebx";
+$tmp3="ebp";
+
+&des_encrypt("BF_encrypt",1);
+&des_encrypt("BF_decrypt",0);
+&cbc("BF_cbc_encrypt","BF_encrypt","BF_decrypt",1,4,5,3,-1,-1);
+
+&asm_finish();
+
+&file_end();
+
+sub des_encrypt
+ {
+ local($name,$enc)=@_;
+
+ &function_begin($name,"");
+
+ &comment("");
+ &comment("Load the 2 words");
+ &mov("eax",&wparam(0));
+ &mov($L,&DWP(0,"eax","",0));
+ &mov($R,&DWP(4,"eax","",0));
+
+ &comment("");
+ &comment("P pointer, s and enc flag");
+ &mov($P,&wparam(1));
+
+ &xor( $tmp1, $tmp1);
+ &xor( $tmp2, $tmp2);
+
+ # encrypting part
+
+ if ($enc)
+ {
+ &xor($L,&DWP(0,$P,"",0));
+ for ($i=0; $i<$BF_ROUNDS; $i+=2)
+ {
+ &comment("");
+ &comment("Round $i");
+ &BF_ENCRYPT($i+1,$R,$L,$P,$tot,$tmp1,$tmp2,$tmp3);
+
+ &comment("");
+ &comment("Round ".sprintf("%d",$i+1));
+ &BF_ENCRYPT($i+2,$L,$R,$P,$tot,$tmp1,$tmp2,$tmp3);
+ }
+ &xor($R,&DWP(($BF_ROUNDS+1)*4,$P,"",0));
+
+ &mov("eax",&wparam(0));
+ &mov(&DWP(0,"eax","",0),$R);
+ &mov(&DWP(4,"eax","",0),$L);
+ &function_end_A($name);
+ }
+ else
+ {
+ &xor($L,&DWP(($BF_ROUNDS+1)*4,$P,"",0));
+ for ($i=$BF_ROUNDS; $i>0; $i-=2)
+ {
+ &comment("");
+ &comment("Round $i");
+ &BF_ENCRYPT($i,$R,$L,$P,$tot,$tmp1,$tmp2,$tmp3);
+ &comment("");
+ &comment("Round ".sprintf("%d",$i-1));
+ &BF_ENCRYPT($i-1,$L,$R,$P,$tot,$tmp1,$tmp2,$tmp3);
+ }
+ &xor($R,&DWP(0,$P,"",0));
+
+ &mov("eax",&wparam(0));
+ &mov(&DWP(0,"eax","",0),$R);
+ &mov(&DWP(4,"eax","",0),$L);
+ &function_end_A($name);
+ }
+
+ &function_end_B($name);
+ }
+
+sub BF_ENCRYPT
+ {
+ local($i,$L,$R,$P,$tot,$tmp1,$tmp2,$tmp3)=@_;
+
+ &rotr( $R, 16);
+ &mov( $tot, &DWP(&n2a($i*4),$P,"",0));
+
+ &movb( &LB($tmp1), &HB($R));
+ &movb( &LB($tmp2), &LB($R));
+
+ &rotr( $R, 16);
+ &xor( $L, $tot);
+
+ &mov( $tot, &DWP(&n2a($BF_OFF+0x0000),$P,$tmp1,4));
+ &mov( $tmp3, &DWP(&n2a($BF_OFF+0x0400),$P,$tmp2,4));
+
+ &movb( &LB($tmp1), &HB($R));
+ &movb( &LB($tmp2), &LB($R));
+
+ &add( $tot, $tmp3);
+ &mov( $tmp1, &DWP(&n2a($BF_OFF+0x0800),$P,$tmp1,4)); # delay
+
+ &xor( $tot, $tmp1);
+ &mov( $tmp3, &DWP(&n2a($BF_OFF+0x0C00),$P,$tmp2,4));
+
+ &add( $tot, $tmp3);
+ &xor( $tmp1, $tmp1);
+
+ &xor( $L, $tot);
+ # delay
+ }
+
+sub n2a
+ {
+ sprintf("%d",$_[0]);
+ }
+
diff --git a/src/lib/libcrypto/bf/asm/readme b/src/lib/libcrypto/bf/asm/readme
new file mode 100644
index 0000000000..2385fa3812
--- /dev/null
+++ b/src/lib/libcrypto/bf/asm/readme
@@ -0,0 +1,10 @@
+There are blowfish assembler generation scripts.
+bf-586.pl version is for the pentium and
+bf-686.pl is my original version, which is faster on the pentium pro.
+
+When using a bf-586.pl, the pentium pro/II is %8 slower than using
+bf-686.pl. When using a bf-686.pl, the pentium is %16 slower
+than bf-586.pl
+
+So the default is bf-586.pl
+
diff --git a/src/lib/libcrypto/bf/bf_opts.c b/src/lib/libcrypto/bf/bf_opts.c
new file mode 100644
index 0000000000..5cfa60c537
--- /dev/null
+++ b/src/lib/libcrypto/bf/bf_opts.c
@@ -0,0 +1,347 @@
+/* crypto/bf/bf_opts.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* define PART1, PART2, PART3 or PART4 to build only with a few of the options.
+ * This is for machines with 64k code segment size restrictions. */
+
+#ifndef MSDOS
+#define TIMES
+#endif
+
+#include <stdio.h>
+#ifndef MSDOS
+#include <unistd.h>
+#else
+#include <io.h>
+extern void exit();
+#endif
+#include <signal.h>
+#ifndef VMS
+#ifndef _IRIX
+#include <time.h>
+#endif
+#ifdef TIMES
+#include <sys/types.h>
+#include <sys/times.h>
+#endif
+#else /* VMS */
+#include <types.h>
+struct tms {
+ time_t tms_utime;
+ time_t tms_stime;
+ time_t tms_uchild; /* I dunno... */
+ time_t tms_uchildsys; /* so these names are a guess :-) */
+ }
+#endif
+#ifndef TIMES
+#include <sys/timeb.h>
+#endif
+
+#ifdef sun
+#include <limits.h>
+#include <sys/param.h>
+#endif
+
+#include "blowfish.h"
+
+#define BF_DEFAULT_OPTIONS
+
+#undef BF_ENC
+#define BF_encrypt BF_encrypt_normal
+#undef HEADER_BF_LOCL_H
+#include "bf_enc.c"
+
+#define BF_PTR
+#undef BF_PTR2
+#undef BF_ENC
+#undef BF_encrypt
+#define BF_encrypt BF_encrypt_ptr
+#undef HEADER_BF_LOCL_H
+#include "bf_enc.c"
+
+#undef BF_PTR
+#define BF_PTR2
+#undef BF_ENC
+#undef BF_encrypt
+#define BF_encrypt BF_encrypt_ptr2
+#undef HEADER_BF_LOCL_H
+#include "bf_enc.c"
+
+/* The following if from times(3) man page. It may need to be changed */
+#ifndef HZ
+# ifndef CLK_TCK
+# ifndef _BSD_CLK_TCK_ /* FreeBSD fix */
+# ifndef VMS
+# define HZ 100.0
+# else /* VMS */
+# define HZ 100.0
+# endif
+# else /* _BSD_CLK_TCK_ */
+# define HZ ((double)_BSD_CLK_TCK_)
+# endif
+# else /* CLK_TCK */
+# define HZ ((double)CLK_TCK)
+# endif
+#endif
+
+#define BUFSIZE ((long)1024)
+long run=0;
+
+#ifndef NOPROTO
+double Time_F(int s);
+#else
+double Time_F();
+#endif
+
+#ifdef SIGALRM
+#if defined(__STDC__) || defined(sgi)
+#define SIGRETTYPE void
+#else
+#define SIGRETTYPE int
+#endif
+
+#ifndef NOPROTO
+SIGRETTYPE sig_done(int sig);
+#else
+SIGRETTYPE sig_done();
+#endif
+
+SIGRETTYPE sig_done(sig)
+int sig;
+ {
+ signal(SIGALRM,sig_done);
+ run=0;
+#ifdef LINT
+ sig=sig;
+#endif
+ }
+#endif
+
+#define START 0
+#define STOP 1
+
+double Time_F(s)
+int s;
+ {
+ double ret;
+#ifdef TIMES
+ static struct tms tstart,tend;
+
+ if (s == START)
+ {
+ times(&tstart);
+ return(0);
+ }
+ else
+ {
+ times(&tend);
+ ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
+ return((ret == 0.0)?1e-6:ret);
+ }
+#else /* !times() */
+ static struct timeb tstart,tend;
+ long i;
+
+ if (s == START)
+ {
+ ftime(&tstart);
+ return(0);
+ }
+ else
+ {
+ ftime(&tend);
+ i=(long)tend.millitm-(long)tstart.millitm;
+ ret=((double)(tend.time-tstart.time))+((double)i)/1000.0;
+ return((ret == 0.0)?1e-6:ret);
+ }
+#endif
+ }
+
+#ifdef SIGALRM
+#define print_name(name) fprintf(stderr,"Doing %s's for 10 seconds\n",name); alarm(10);
+#else
+#define print_name(name) fprintf(stderr,"Doing %s %ld times\n",name,cb);
+#endif
+
+#define time_it(func,name,index) \
+ print_name(name); \
+ Time_F(START); \
+ for (count=0,run=1; COND(cb); count+=4) \
+ { \
+ unsigned long d[2]; \
+ func(d,&sch); \
+ func(d,&sch); \
+ func(d,&sch); \
+ func(d,&sch); \
+ } \
+ tm[index]=Time_F(STOP); \
+ fprintf(stderr,"%ld %s's in %.2f second\n",count,name,tm[index]); \
+ tm[index]=((double)COUNT(cb))/tm[index];
+
+#define print_it(name,index) \
+ fprintf(stderr,"%s bytes per sec = %12.2f (%5.1fuS)\n",name, \
+ tm[index]*8,1.0e6/tm[index]);
+
+int main(argc,argv)
+int argc;
+char **argv;
+ {
+ long count;
+ static unsigned char buf[BUFSIZE];
+ static char key[16]={ 0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,
+ 0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0};
+ BF_KEY sch;
+ double d,tm[16],max=0;
+ int rank[16];
+ char *str[16];
+ int max_idx=0,i,num=0,j;
+#ifndef SIGALARM
+ long ca,cb,cc,cd,ce;
+#endif
+
+ for (i=0; i<12; i++)
+ {
+ tm[i]=0.0;
+ rank[i]=0;
+ }
+
+#ifndef TIMES
+ fprintf(stderr,"To get the most acurate results, try to run this\n");
+ fprintf(stderr,"program when this computer is idle.\n");
+#endif
+
+ BF_set_key(&sch,16,key);
+
+#ifndef SIGALRM
+ fprintf(stderr,"First we calculate the approximate speed ...\n");
+ count=10;
+ do {
+ long i;
+ unsigned long data[2];
+
+ count*=2;
+ Time_F(START);
+ for (i=count; i; i--)
+ BF_encrypt(data,&sch);
+ d=Time_F(STOP);
+ } while (d < 3.0);
+ ca=count;
+ cb=count*3;
+ cc=count*3*8/BUFSIZE+1;
+ cd=count*8/BUFSIZE+1;
+
+ ce=count/20+1;
+#define COND(d) (count != (d))
+#define COUNT(d) (d)
+#else
+#define COND(c) (run)
+#define COUNT(d) (count)
+ signal(SIGALRM,sig_done);
+ alarm(10);
+#endif
+
+ time_it(BF_encrypt_normal, "BF_encrypt_normal ", 0);
+ time_it(BF_encrypt_ptr, "BF_encrypt_ptr ", 1);
+ time_it(BF_encrypt_ptr2, "BF_encrypt_ptr2 ", 2);
+ num+=3;
+
+ str[0]="<nothing>";
+ print_it("BF_encrypt_normal ",0);
+ max=tm[0];
+ max_idx=0;
+ str[1]="ptr ";
+ print_it("BF_encrypt_ptr ",1);
+ if (max < tm[1]) { max=tm[1]; max_idx=1; }
+ str[2]="ptr2 ";
+ print_it("BF_encrypt_ptr2 ",2);
+ if (max < tm[2]) { max=tm[2]; max_idx=2; }
+
+ printf("options BF ecb/s\n");
+ printf("%s %12.2f 100.0%%\n",str[max_idx],tm[max_idx]);
+ d=tm[max_idx];
+ tm[max_idx]= -2.0;
+ max= -1.0;
+ for (;;)
+ {
+ for (i=0; i<3; i++)
+ {
+ if (max < tm[i]) { max=tm[i]; j=i; }
+ }
+ if (max < 0.0) break;
+ printf("%s %12.2f %4.1f%%\n",str[j],tm[j],tm[j]/d*100.0);
+ tm[j]= -2.0;
+ max= -1.0;
+ }
+
+ switch (max_idx)
+ {
+ case 0:
+ printf("-DBF_DEFAULT_OPTIONS\n");
+ break;
+ case 1:
+ printf("-DBF_PTR\n");
+ break;
+ case 2:
+ printf("-DBF_PTR2\n");
+ break;
+ }
+ exit(0);
+#if defined(LINT) || defined(MSDOS)
+ return(0);
+#endif
+ }
diff --git a/src/lib/libcrypto/bf/bfs.cpp b/src/lib/libcrypto/bf/bfs.cpp
new file mode 100644
index 0000000000..272ed2f978
--- /dev/null
+++ b/src/lib/libcrypto/bf/bfs.cpp
@@ -0,0 +1,67 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+ asm volatile(".byte 15, 49\n\t"
+ : "=eax" (tsc)
+ :
+ : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+ unsigned long a;
+ __asm _emit 0fh
+ __asm _emit 31h
+ __asm mov a, eax;
+ tsc=a;
+}
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "blowfish.h"
+
+void main(int argc,char *argv[])
+ {
+ BF_KEY key;
+ unsigned long s1,s2,e1,e2;
+ unsigned long data[2];
+ int i,j;
+
+ for (j=0; j<6; j++)
+ {
+ for (i=0; i<1000; i++) /**/
+ {
+ BF_encrypt(&data[0],&key);
+ GetTSC(s1);
+ BF_encrypt(&data[0],&key);
+ BF_encrypt(&data[0],&key);
+ BF_encrypt(&data[0],&key);
+ GetTSC(e1);
+ GetTSC(s2);
+ BF_encrypt(&data[0],&key);
+ BF_encrypt(&data[0],&key);
+ BF_encrypt(&data[0],&key);
+ BF_encrypt(&data[0],&key);
+ GetTSC(e2);
+ BF_encrypt(&data[0],&key);
+ }
+
+ printf("blowfish %d %d (%d)\n",
+ e1-s1,e2-s2,((e2-s2)-(e1-s1)));
+ }
+ }
+
diff --git a/src/lib/libcrypto/bf/bfspeed.c b/src/lib/libcrypto/bf/bfspeed.c
new file mode 100644
index 0000000000..640d820dd3
--- /dev/null
+++ b/src/lib/libcrypto/bf/bfspeed.c
@@ -0,0 +1,293 @@
+/* crypto/bf/bfspeed.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* 11-Sep-92 Andrew Daviel Support for Silicon Graphics IRIX added */
+/* 06-Apr-92 Luke Brennan Support for VMS and add extra signal calls */
+
+#ifndef MSDOS
+#define TIMES
+#endif
+
+#include <stdio.h>
+#ifndef MSDOS
+#include <unistd.h>
+#else
+#include <io.h>
+extern int exit();
+#endif
+#include <signal.h>
+#ifndef VMS
+#ifndef _IRIX
+#include <time.h>
+#endif
+#ifdef TIMES
+#include <sys/types.h>
+#include <sys/times.h>
+#endif
+#else /* VMS */
+#include <types.h>
+struct tms {
+ time_t tms_utime;
+ time_t tms_stime;
+ time_t tms_uchild; /* I dunno... */
+ time_t tms_uchildsys; /* so these names are a guess :-) */
+ }
+#endif
+#ifndef TIMES
+#include <sys/timeb.h>
+#endif
+
+#ifdef sun
+#include <limits.h>
+#include <sys/param.h>
+#endif
+
+#include "blowfish.h"
+
+/* The following if from times(3) man page. It may need to be changed */
+#ifndef HZ
+#ifndef CLK_TCK
+#ifndef VMS
+#define HZ 100.0
+#else /* VMS */
+#define HZ 100.0
+#endif
+#else /* CLK_TCK */
+#define HZ ((double)CLK_TCK)
+#endif
+#endif
+
+#define BUFSIZE ((long)1024)
+long run=0;
+
+#ifndef NOPROTO
+double Time_F(int s);
+#else
+double Time_F();
+#endif
+
+#ifdef SIGALRM
+#if defined(__STDC__) || defined(sgi) || defined(_AIX)
+#define SIGRETTYPE void
+#else
+#define SIGRETTYPE int
+#endif
+
+#ifndef NOPROTO
+SIGRETTYPE sig_done(int sig);
+#else
+SIGRETTYPE sig_done();
+#endif
+
+SIGRETTYPE sig_done(sig)
+int sig;
+ {
+ signal(SIGALRM,sig_done);
+ run=0;
+#ifdef LINT
+ sig=sig;
+#endif
+ }
+#endif
+
+#define START 0
+#define STOP 1
+
+double Time_F(s)
+int s;
+ {
+ double ret;
+#ifdef TIMES
+ static struct tms tstart,tend;
+
+ if (s == START)
+ {
+ times(&tstart);
+ return(0);
+ }
+ else
+ {
+ times(&tend);
+ ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
+ return((ret == 0.0)?1e-6:ret);
+ }
+#else /* !times() */
+ static struct timeb tstart,tend;
+ long i;
+
+ if (s == START)
+ {
+ ftime(&tstart);
+ return(0);
+ }
+ else
+ {
+ ftime(&tend);
+ i=(long)tend.millitm-(long)tstart.millitm;
+ ret=((double)(tend.time-tstart.time))+((double)i)/1e3;
+ return((ret == 0.0)?1e-6:ret);
+ }
+#endif
+ }
+
+int main(argc,argv)
+int argc;
+char **argv;
+ {
+ long count;
+ static unsigned char buf[BUFSIZE];
+ static unsigned char key[] ={
+ 0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,
+ 0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10,
+ };
+ BF_KEY sch;
+ double a,b,c,d;
+#ifndef SIGALRM
+ long ca,cb,cc;
+#endif
+
+#ifndef TIMES
+ printf("To get the most acurate results, try to run this\n");
+ printf("program when this computer is idle.\n");
+#endif
+
+#ifndef SIGALRM
+ printf("First we calculate the approximate speed ...\n");
+ BF_set_key(&sch,16,key);
+ count=10;
+ do {
+ long i;
+ BF_LONG data[2];
+
+ count*=2;
+ Time_F(START);
+ for (i=count; i; i--)
+ BF_encrypt(data,&sch);
+ d=Time_F(STOP);
+ } while (d < 3.0);
+ ca=count/512;
+ cb=count;
+ cc=count*8/BUFSIZE+1;
+ printf("Doing BF_set_key %ld times\n",ca);
+#define COND(d) (count != (d))
+#define COUNT(d) (d)
+#else
+#define COND(c) (run)
+#define COUNT(d) (count)
+ signal(SIGALRM,sig_done);
+ printf("Doing BF_set_key for 10 seconds\n");
+ alarm(10);
+#endif
+
+ Time_F(START);
+ for (count=0,run=1; COND(ca); count+=4)
+ {
+ BF_set_key(&sch,16,key);
+ BF_set_key(&sch,16,key);
+ BF_set_key(&sch,16,key);
+ BF_set_key(&sch,16,key);
+ }
+ d=Time_F(STOP);
+ printf("%ld BF_set_key's in %.2f seconds\n",count,d);
+ a=((double)COUNT(ca))/d;
+
+#ifdef SIGALRM
+ printf("Doing BF_encrypt's for 10 seconds\n");
+ alarm(10);
+#else
+ printf("Doing BF_encrypt %ld times\n",cb);
+#endif
+ Time_F(START);
+ for (count=0,run=1; COND(cb); count+=4)
+ {
+ BF_LONG data[2];
+
+ BF_encrypt(data,&sch);
+ BF_encrypt(data,&sch);
+ BF_encrypt(data,&sch);
+ BF_encrypt(data,&sch);
+ }
+ d=Time_F(STOP);
+ printf("%ld BF_encrypt's in %.2f second\n",count,d);
+ b=((double)COUNT(cb)*8)/d;
+
+#ifdef SIGALRM
+ printf("Doing BF_cbc_encrypt on %ld byte blocks for 10 seconds\n",
+ BUFSIZE);
+ alarm(10);
+#else
+ printf("Doing BF_cbc_encrypt %ld times on %ld byte blocks\n",cc,
+ BUFSIZE);
+#endif
+ Time_F(START);
+ for (count=0,run=1; COND(cc); count++)
+ BF_cbc_encrypt(buf,buf,BUFSIZE,&sch,
+ &(key[0]),BF_ENCRYPT);
+ d=Time_F(STOP);
+ printf("%ld BF_cbc_encrypt's of %ld byte blocks in %.2f second\n",
+ count,BUFSIZE,d);
+ c=((double)COUNT(cc)*BUFSIZE)/d;
+
+ printf("Blowfish set_key per sec = %12.3f (%9.3fuS)\n",a,1.0e6/a);
+ printf("Blowfish raw ecb bytes per sec = %12.3f (%9.3fuS)\n",b,8.0e6/b);
+ printf("Blowfish cbc bytes per sec = %12.3f (%9.3fuS)\n",c,8.0e6/c);
+ exit(0);
+#if defined(LINT) || defined(MSDOS)
+ return(0);
+#endif
+ }
diff --git a/src/lib/libcrypto/bf/bftest.c b/src/lib/libcrypto/bf/bftest.c
new file mode 100644
index 0000000000..9266cf813a
--- /dev/null
+++ b/src/lib/libcrypto/bf/bftest.c
@@ -0,0 +1,521 @@
+/* crypto/bf/bftest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* This has been a quickly hacked 'ideatest.c'. When I add tests for other
+ * RC2 modes, more of the code will be uncommented. */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include "blowfish.h"
+
+char *bf_key[2]={
+ "abcdefghijklmnopqrstuvwxyz",
+ "Who is John Galt?"
+ };
+
+/* big endian */
+BF_LONG bf_plain[2][2]={
+ {0x424c4f57L,0x46495348L},
+ {0xfedcba98L,0x76543210L}
+ };
+
+BF_LONG bf_cipher[2][2]={
+ {0x324ed0feL,0xf413a203L},
+ {0xcc91732bL,0x8022f684L}
+ };
+/************/
+
+/* Lets use the DES test vectors :-) */
+#define NUM_TESTS 34
+static unsigned char ecb_data[NUM_TESTS][8]={
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
+ {0x30,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11},
+ {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+ {0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11},
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10},
+ {0x7C,0xA1,0x10,0x45,0x4A,0x1A,0x6E,0x57},
+ {0x01,0x31,0xD9,0x61,0x9D,0xC1,0x37,0x6E},
+ {0x07,0xA1,0x13,0x3E,0x4A,0x0B,0x26,0x86},
+ {0x38,0x49,0x67,0x4C,0x26,0x02,0x31,0x9E},
+ {0x04,0xB9,0x15,0xBA,0x43,0xFE,0xB5,0xB6},
+ {0x01,0x13,0xB9,0x70,0xFD,0x34,0xF2,0xCE},
+ {0x01,0x70,0xF1,0x75,0x46,0x8F,0xB5,0xE6},
+ {0x43,0x29,0x7F,0xAD,0x38,0xE3,0x73,0xFE},
+ {0x07,0xA7,0x13,0x70,0x45,0xDA,0x2A,0x16},
+ {0x04,0x68,0x91,0x04,0xC2,0xFD,0x3B,0x2F},
+ {0x37,0xD0,0x6B,0xB5,0x16,0xCB,0x75,0x46},
+ {0x1F,0x08,0x26,0x0D,0x1A,0xC2,0x46,0x5E},
+ {0x58,0x40,0x23,0x64,0x1A,0xBA,0x61,0x76},
+ {0x02,0x58,0x16,0x16,0x46,0x29,0xB0,0x07},
+ {0x49,0x79,0x3E,0xBC,0x79,0xB3,0x25,0x8F},
+ {0x4F,0xB0,0x5E,0x15,0x15,0xAB,0x73,0xA7},
+ {0x49,0xE9,0x5D,0x6D,0x4C,0xA2,0x29,0xBF},
+ {0x01,0x83,0x10,0xDC,0x40,0x9B,0x26,0xD6},
+ {0x1C,0x58,0x7F,0x1C,0x13,0x92,0x4F,0xEF},
+ {0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01},
+ {0x1F,0x1F,0x1F,0x1F,0x0E,0x0E,0x0E,0x0E},
+ {0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1,0xFE},
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
+ {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+ {0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10}};
+
+static unsigned char plain_data[NUM_TESTS][8]={
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
+ {0x10,0x00,0x00,0x00,0x00,0x00,0x00,0x01},
+ {0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11},
+ {0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11},
+ {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+ {0x01,0xA1,0xD6,0xD0,0x39,0x77,0x67,0x42},
+ {0x5C,0xD5,0x4C,0xA8,0x3D,0xEF,0x57,0xDA},
+ {0x02,0x48,0xD4,0x38,0x06,0xF6,0x71,0x72},
+ {0x51,0x45,0x4B,0x58,0x2D,0xDF,0x44,0x0A},
+ {0x42,0xFD,0x44,0x30,0x59,0x57,0x7F,0xA2},
+ {0x05,0x9B,0x5E,0x08,0x51,0xCF,0x14,0x3A},
+ {0x07,0x56,0xD8,0xE0,0x77,0x47,0x61,0xD2},
+ {0x76,0x25,0x14,0xB8,0x29,0xBF,0x48,0x6A},
+ {0x3B,0xDD,0x11,0x90,0x49,0x37,0x28,0x02},
+ {0x26,0x95,0x5F,0x68,0x35,0xAF,0x60,0x9A},
+ {0x16,0x4D,0x5E,0x40,0x4F,0x27,0x52,0x32},
+ {0x6B,0x05,0x6E,0x18,0x75,0x9F,0x5C,0xCA},
+ {0x00,0x4B,0xD6,0xEF,0x09,0x17,0x60,0x62},
+ {0x48,0x0D,0x39,0x00,0x6E,0xE7,0x62,0xF2},
+ {0x43,0x75,0x40,0xC8,0x69,0x8F,0x3C,0xFA},
+ {0x07,0x2D,0x43,0xA0,0x77,0x07,0x52,0x92},
+ {0x02,0xFE,0x55,0x77,0x81,0x17,0xF1,0x2A},
+ {0x1D,0x9D,0x5C,0x50,0x18,0xF7,0x28,0xC2},
+ {0x30,0x55,0x32,0x28,0x6D,0x6F,0x29,0x5A},
+ {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+ {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+ {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+ {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF}};
+
+static unsigned char cipher_data[NUM_TESTS][8]={
+ {0x4E,0xF9,0x97,0x45,0x61,0x98,0xDD,0x78},
+ {0x51,0x86,0x6F,0xD5,0xB8,0x5E,0xCB,0x8A},
+ {0x7D,0x85,0x6F,0x9A,0x61,0x30,0x63,0xF2},
+ {0x24,0x66,0xDD,0x87,0x8B,0x96,0x3C,0x9D},
+ {0x61,0xF9,0xC3,0x80,0x22,0x81,0xB0,0x96},
+ {0x7D,0x0C,0xC6,0x30,0xAF,0xDA,0x1E,0xC7},
+ {0x4E,0xF9,0x97,0x45,0x61,0x98,0xDD,0x78},
+ {0x0A,0xCE,0xAB,0x0F,0xC6,0xA0,0xA2,0x8D},
+ {0x59,0xC6,0x82,0x45,0xEB,0x05,0x28,0x2B},
+ {0xB1,0xB8,0xCC,0x0B,0x25,0x0F,0x09,0xA0},
+ {0x17,0x30,0xE5,0x77,0x8B,0xEA,0x1D,0xA4},
+ {0xA2,0x5E,0x78,0x56,0xCF,0x26,0x51,0xEB},
+ {0x35,0x38,0x82,0xB1,0x09,0xCE,0x8F,0x1A},
+ {0x48,0xF4,0xD0,0x88,0x4C,0x37,0x99,0x18},
+ {0x43,0x21,0x93,0xB7,0x89,0x51,0xFC,0x98},
+ {0x13,0xF0,0x41,0x54,0xD6,0x9D,0x1A,0xE5},
+ {0x2E,0xED,0xDA,0x93,0xFF,0xD3,0x9C,0x79},
+ {0xD8,0x87,0xE0,0x39,0x3C,0x2D,0xA6,0xE3},
+ {0x5F,0x99,0xD0,0x4F,0x5B,0x16,0x39,0x69},
+ {0x4A,0x05,0x7A,0x3B,0x24,0xD3,0x97,0x7B},
+ {0x45,0x20,0x31,0xC1,0xE4,0xFA,0xDA,0x8E},
+ {0x75,0x55,0xAE,0x39,0xF5,0x9B,0x87,0xBD},
+ {0x53,0xC5,0x5F,0x9C,0xB4,0x9F,0xC0,0x19},
+ {0x7A,0x8E,0x7B,0xFA,0x93,0x7E,0x89,0xA3},
+ {0xCF,0x9C,0x5D,0x7A,0x49,0x86,0xAD,0xB5},
+ {0xD1,0xAB,0xB2,0x90,0x65,0x8B,0xC7,0x78},
+ {0x55,0xCB,0x37,0x74,0xD1,0x3E,0xF2,0x01},
+ {0xFA,0x34,0xEC,0x48,0x47,0xB2,0x68,0xB2},
+ {0xA7,0x90,0x79,0x51,0x08,0xEA,0x3C,0xAE},
+ {0xC3,0x9E,0x07,0x2D,0x9F,0xAC,0x63,0x1D},
+ {0x01,0x49,0x33,0xE0,0xCD,0xAF,0xF6,0xE4},
+ {0xF2,0x1E,0x9A,0x77,0xB7,0x1C,0x49,0xBC},
+ {0x24,0x59,0x46,0x88,0x57,0x54,0x36,0x9A},
+ {0x6B,0x5C,0x5A,0x9C,0x5D,0x9E,0x0A,0x5A},
+ };
+
+static unsigned char cbc_key [16]={
+ 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,
+ 0xf0,0xe1,0xd2,0xc3,0xb4,0xa5,0x96,0x87};
+static unsigned char cbc_iv [8]={0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10};
+static char cbc_data[40]="7654321 Now is the time for ";
+static unsigned char cbc_ok[32]={
+ 0x6B,0x77,0xB4,0xD6,0x30,0x06,0xDE,0xE6,
+ 0x05,0xB1,0x56,0xE2,0x74,0x03,0x97,0x93,
+ 0x58,0xDE,0xB9,0xE7,0x15,0x46,0x16,0xD9,
+ 0x59,0xF1,0x65,0x2B,0xD5,0xFF,0x92,0xCC};
+
+static unsigned char cfb64_ok[]={
+ 0xE7,0x32,0x14,0xA2,0x82,0x21,0x39,0xCA,
+ 0xF2,0x6E,0xCF,0x6D,0x2E,0xB9,0xE7,0x6E,
+ 0x3D,0xA3,0xDE,0x04,0xD1,0x51,0x72,0x00,
+ 0x51,0x9D,0x57,0xA6,0xC3};
+
+static unsigned char ofb64_ok[]={
+ 0xE7,0x32,0x14,0xA2,0x82,0x21,0x39,0xCA,
+ 0x62,0xB3,0x43,0xCC,0x5B,0x65,0x58,0x73,
+ 0x10,0xDD,0x90,0x8D,0x0C,0x24,0x1B,0x22,
+ 0x63,0xC2,0xCF,0x80,0xDA};
+
+#define KEY_TEST_NUM 25
+unsigned char key_test[KEY_TEST_NUM]={
+ 0xf0,0xe1,0xd2,0xc3,0xb4,0xa5,0x96,0x87,
+ 0x78,0x69,0x5a,0x4b,0x3c,0x2d,0x1e,0x0f,
+ 0x00,0x11,0x22,0x33,0x44,0x55,0x66,0x77,
+ 0x88};
+
+unsigned char key_data[8]=
+ {0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10};
+
+unsigned char key_out[KEY_TEST_NUM][8]={
+ {0xF9,0xAD,0x59,0x7C,0x49,0xDB,0x00,0x5E},
+ {0xE9,0x1D,0x21,0xC1,0xD9,0x61,0xA6,0xD6},
+ {0xE9,0xC2,0xB7,0x0A,0x1B,0xC6,0x5C,0xF3},
+ {0xBE,0x1E,0x63,0x94,0x08,0x64,0x0F,0x05},
+ {0xB3,0x9E,0x44,0x48,0x1B,0xDB,0x1E,0x6E},
+ {0x94,0x57,0xAA,0x83,0xB1,0x92,0x8C,0x0D},
+ {0x8B,0xB7,0x70,0x32,0xF9,0x60,0x62,0x9D},
+ {0xE8,0x7A,0x24,0x4E,0x2C,0xC8,0x5E,0x82},
+ {0x15,0x75,0x0E,0x7A,0x4F,0x4E,0xC5,0x77},
+ {0x12,0x2B,0xA7,0x0B,0x3A,0xB6,0x4A,0xE0},
+ {0x3A,0x83,0x3C,0x9A,0xFF,0xC5,0x37,0xF6},
+ {0x94,0x09,0xDA,0x87,0xA9,0x0F,0x6B,0xF2},
+ {0x88,0x4F,0x80,0x62,0x50,0x60,0xB8,0xB4},
+ {0x1F,0x85,0x03,0x1C,0x19,0xE1,0x19,0x68},
+ {0x79,0xD9,0x37,0x3A,0x71,0x4C,0xA3,0x4F},
+ {0x93,0x14,0x28,0x87,0xEE,0x3B,0xE1,0x5C},
+ {0x03,0x42,0x9E,0x83,0x8C,0xE2,0xD1,0x4B},
+ {0xA4,0x29,0x9E,0x27,0x46,0x9F,0xF6,0x7B},
+ {0xAF,0xD5,0xAE,0xD1,0xC1,0xBC,0x96,0xA8},
+ {0x10,0x85,0x1C,0x0E,0x38,0x58,0xDA,0x9F},
+ {0xE6,0xF5,0x1E,0xD7,0x9B,0x9D,0xB2,0x1F},
+ {0x64,0xA6,0xE1,0x4A,0xFD,0x36,0xB4,0x6F},
+ {0x80,0xC7,0xD7,0xD4,0x5A,0x54,0x79,0xAD},
+ {0x05,0x04,0x4B,0x62,0xFA,0x52,0xD0,0x80},
+ };
+
+#ifndef NOPROTO
+static int test(void );
+static int print_test_data(void );
+#else
+static int test();
+static int print_test_data();
+#endif
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ int ret;
+
+ if (argc > 1)
+ ret=print_test_data();
+ else
+ ret=test();
+
+ exit(ret);
+ return(0);
+ }
+
+static int print_test_data()
+ {
+ unsigned int i,j;
+
+ printf("ecb test data\n");
+ printf("key bytes\t\tclear bytes\t\tcipher bytes\n");
+ for (i=0; i<NUM_TESTS; i++)
+ {
+ for (j=0; j<8; j++)
+ printf("%02X",ecb_data[i][j]);
+ printf("\t");
+ for (j=0; j<8; j++)
+ printf("%02X",plain_data[i][j]);
+ printf("\t");
+ for (j=0; j<8; j++)
+ printf("%02X",cipher_data[i][j]);
+ printf("\n");
+ }
+
+ printf("set_key test data\n");
+ printf("data[8]= ");
+ for (j=0; j<8; j++)
+ printf("%02X",key_data[j]);
+ printf("\n");
+ for (i=0; i<KEY_TEST_NUM-1; i++)
+ {
+ printf("c=");
+ for (j=0; j<8; j++)
+ printf("%02X",key_out[i][j]);
+ printf(" k[%2d]=",i+1);
+ for (j=0; j<i+1; j++)
+ printf("%02X",key_test[j]);
+ printf("\n");
+ }
+
+ printf("\nchaining mode test data\n");
+ printf("key[16] = ");
+ for (j=0; j<16; j++)
+ printf("%02X",cbc_key[j]);
+ printf("\niv[8] = ");
+ for (j=0; j<8; j++)
+ printf("%02X",cbc_iv[j]);
+ printf("\ndata[%d] = '%s'",(int)strlen(cbc_data)+1,cbc_data);
+ printf("\ndata[%d] = ",(int)strlen(cbc_data)+1);
+ for (j=0; j<strlen(cbc_data)+1; j++)
+ printf("%02X",cbc_data[j]);
+ printf("\n");
+ printf("cbc cipher text\n");
+ printf("cipher[%d]= ",32);
+ for (j=0; j<32; j++)
+ printf("%02X",cbc_ok[j]);
+ printf("\n");
+
+ printf("cfb64 cipher text\n");
+ printf("cipher[%d]= ",(int)strlen(cbc_data)+1);
+ for (j=0; j<strlen(cbc_data)+1; j++)
+ printf("%02X",cfb64_ok[j]);
+ printf("\n");
+
+ printf("ofb64 cipher text\n");
+ printf("cipher[%d]= ",(int)strlen(cbc_data)+1);
+ for (j=0; j<strlen(cbc_data)+1; j++)
+ printf("%02X",ofb64_ok[j]);
+ printf("\n");
+ return(0);
+ }
+
+static int test()
+ {
+ unsigned char cbc_in[40],cbc_out[40],iv[8];
+ int i,n,err=0;
+ BF_KEY key;
+ BF_LONG data[2];
+ unsigned char out[8];
+ BF_LONG len;
+
+ printf("testing blowfish in raw ecb mode\n");
+ for (n=0; n<2; n++)
+ {
+ BF_set_key(&key,strlen(bf_key[n]),(unsigned char *)bf_key[n]);
+
+ data[0]=bf_plain[n][0];
+ data[1]=bf_plain[n][1];
+ BF_encrypt(data,&key);
+ if (memcmp(&(bf_cipher[n][0]),&(data[0]),8) != 0)
+ {
+ printf("BF_encrypt error encrypting\n");
+ printf("got :");
+ for (i=0; i<2; i++)
+ printf("%08lX ",data[i]);
+ printf("\n");
+ printf("expected:");
+ for (i=0; i<2; i++)
+ printf("%08lX ",bf_cipher[n][i]);
+ err=1;
+ printf("\n");
+ }
+
+ BF_decrypt(&(data[0]),&key);
+ if (memcmp(&(bf_plain[n][0]),&(data[0]),8) != 0)
+ {
+ printf("BF_encrypt error decrypting\n");
+ printf("got :");
+ for (i=0; i<2; i++)
+ printf("%08lX ",data[i]);
+ printf("\n");
+ printf("expected:");
+ for (i=0; i<2; i++)
+ printf("%08lX ",bf_plain[n][i]);
+ printf("\n");
+ err=1;
+ }
+ }
+
+ printf("testing blowfish in ecb mode\n");
+
+ for (n=0; n<NUM_TESTS; n++)
+ {
+ BF_set_key(&key,8,ecb_data[n]);
+
+ BF_ecb_encrypt(&(plain_data[n][0]),out,&key,BF_ENCRYPT);
+ if (memcmp(&(cipher_data[n][0]),out,8) != 0)
+ {
+ printf("BF_ecb_encrypt blowfish error encrypting\n");
+ printf("got :");
+ for (i=0; i<8; i++)
+ printf("%02X ",out[i]);
+ printf("\n");
+ printf("expected:");
+ for (i=0; i<8; i++)
+ printf("%02X ",cipher_data[n][i]);
+ err=1;
+ printf("\n");
+ }
+
+ BF_ecb_encrypt(out,out,&key,BF_DECRYPT);
+ if (memcmp(&(plain_data[n][0]),out,8) != 0)
+ {
+ printf("BF_ecb_encrypt error decrypting\n");
+ printf("got :");
+ for (i=0; i<8; i++)
+ printf("%02X ",out[i]);
+ printf("\n");
+ printf("expected:");
+ for (i=0; i<8; i++)
+ printf("%02X ",plain_data[n][i]);
+ printf("\n");
+ err=1;
+ }
+ }
+
+ printf("testing blowfish set_key\n");
+ for (n=1; n<KEY_TEST_NUM; n++)
+ {
+ BF_set_key(&key,n,key_test);
+ BF_ecb_encrypt(key_data,out,&key,BF_ENCRYPT);
+ if (memcmp(out,&(key_out[n-1][0]),8) != 0)
+ {
+ printf("blowfish setkey error\n");
+ err=1;
+ }
+ }
+
+ printf("testing blowfish in cbc mode\n");
+ len=strlen(cbc_data)+1;
+
+ BF_set_key(&key,16,cbc_key);
+ memset(cbc_in,0,40);
+ memset(cbc_out,0,40);
+ memcpy(iv,cbc_iv,8);
+ BF_cbc_encrypt((unsigned char *)cbc_data,cbc_out,len,
+ &key,iv,BF_ENCRYPT);
+ if (memcmp(cbc_out,cbc_ok,32) != 0)
+ {
+ err=1;
+ printf("BF_cbc_encrypt encrypt error\n");
+ for (i=0; i<32; i++) printf("0x%02X,",cbc_out[i]);
+ }
+ memcpy(iv,cbc_iv,8);
+ BF_cbc_encrypt(cbc_out,cbc_in,len,
+ &key,iv,BF_DECRYPT);
+ if (memcmp(cbc_in,cbc_data,strlen(cbc_data)+1) != 0)
+ {
+ printf("BF_cbc_encrypt decrypt error\n");
+ err=1;
+ }
+
+ printf("testing blowfish in cfb64 mode\n");
+
+ BF_set_key(&key,16,cbc_key);
+ memset(cbc_in,0,40);
+ memset(cbc_out,0,40);
+ memcpy(iv,cbc_iv,8);
+ n=0;
+ BF_cfb64_encrypt((unsigned char *)cbc_data,cbc_out,(long)13,
+ &key,iv,&n,BF_ENCRYPT);
+ BF_cfb64_encrypt((unsigned char *)&(cbc_data[13]),&(cbc_out[13]),len-13,
+ &key,iv,&n,BF_ENCRYPT);
+ if (memcmp(cbc_out,cfb64_ok,(int)len) != 0)
+ {
+ err=1;
+ printf("BF_cfb64_encrypt encrypt error\n");
+ for (i=0; i<(int)len; i++) printf("0x%02X,",cbc_out[i]);
+ }
+ n=0;
+ memcpy(iv,cbc_iv,8);
+ BF_cfb64_encrypt(cbc_out,cbc_in,17,
+ &key,iv,&n,BF_DECRYPT);
+ BF_cfb64_encrypt(&(cbc_out[17]),&(cbc_in[17]),len-17,
+ &key,iv,&n,BF_DECRYPT);
+ if (memcmp(cbc_in,cbc_data,(int)len) != 0)
+ {
+ printf("BF_cfb64_encrypt decrypt error\n");
+ err=1;
+ }
+
+ printf("testing blowfish in ofb64\n");
+
+ BF_set_key(&key,16,cbc_key);
+ memset(cbc_in,0,40);
+ memset(cbc_out,0,40);
+ memcpy(iv,cbc_iv,8);
+ n=0;
+ BF_ofb64_encrypt((unsigned char *)cbc_data,cbc_out,(long)13,&key,iv,&n);
+ BF_ofb64_encrypt((unsigned char *)&(cbc_data[13]),
+ &(cbc_out[13]),len-13,&key,iv,&n);
+ if (memcmp(cbc_out,ofb64_ok,(int)len) != 0)
+ {
+ err=1;
+ printf("BF_ofb64_encrypt encrypt error\n");
+ for (i=0; i<(int)len; i++) printf("0x%02X,",cbc_out[i]);
+ }
+ n=0;
+ memcpy(iv,cbc_iv,8);
+ BF_ofb64_encrypt(cbc_out,cbc_in,17,&key,iv,&n);
+ BF_ofb64_encrypt(&(cbc_out[17]),&(cbc_in[17]),len-17,&key,iv,&n);
+ if (memcmp(cbc_in,cbc_data,(int)len) != 0)
+ {
+ printf("BF_ofb64_encrypt decrypt error\n");
+ err=1;
+ }
+
+ return(err);
+ }
diff --git a/src/lib/libcrypto/bio/bss_rtcp.c b/src/lib/libcrypto/bio/bss_rtcp.c
new file mode 100644
index 0000000000..6eb434dee8
--- /dev/null
+++ b/src/lib/libcrypto/bio/bss_rtcp.c
@@ -0,0 +1,297 @@
+/* crypto/bio/bss_rtcp.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* Written by David L. Jones <jonesd@kcgl1.eng.ohio-state.edu>
+ * Date: 22-JUL-1996
+ */
+/* VMS */
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include "bio.h"
+
+#include <iodef.h> /* VMS IO$_ definitions */
+extern int SYS$QIOW();
+typedef unsigned short io_channel;
+/*************************************************************************/
+struct io_status { short status, count; long flags; };
+
+struct rpc_msg { /* Should have member alignment inhibited */
+ char channel; /* 'A'-app data. 'R'-remote client 'G'-global */
+ char function; /* 'G'-get, 'P'-put, 'C'-confirm, 'X'-close */
+ unsigned short int length; /* Amount of data returned or max to return */
+ char data[4092]; /* variable data */
+};
+#define RPC_HDR_SIZE (sizeof(struct rpc_msg) - 4092)
+
+struct rpc_ctx {
+ int filled, pos;
+ struct rpc_msg msg;
+};
+
+static int rtcp_write(BIO *h,char *buf,int num);
+static int rtcp_read(BIO *h,char *buf,int size);
+static int rtcp_puts(BIO *h,char *str);
+static int rtcp_gets(BIO *h,char *str,int size);
+static long rtcp_ctrl(BIO *h,int cmd,long arg1,char *arg2);
+static int rtcp_new(BIO *h);
+static int rtcp_free(BIO *data);
+
+static BIO_METHOD rtcp_method=
+ {
+ BIO_TYPE_FD,
+ "RTCP",
+ rtcp_write,
+ rtcp_read,
+ rtcp_puts,
+ rtcp_gets,
+ rtcp_ctrl,
+ rtcp_new,
+ rtcp_free,
+ };
+
+BIO_METHOD *BIO_s_rtcp()
+ {
+ return(&rtcp_method);
+ }
+/*****************************************************************************/
+/* Decnet I/O routines.
+ */
+static int get ( io_channel chan, char *buffer, int maxlen, int *length )
+{
+ int status;
+ struct io_status iosb;
+ status = SYS$QIOW ( 0, chan, IO$_READVBLK, &iosb, 0, 0,
+ buffer, maxlen, 0, 0, 0, 0 );
+ if ( (status&1) == 1 ) status = iosb.status;
+ if ( (status&1) == 1 ) *length = iosb.count;
+ return status;
+}
+
+static int put ( io_channel chan, char *buffer, int length )
+{
+ int status;
+ struct io_status iosb;
+ status = SYS$QIOW ( 0, chan, IO$_WRITEVBLK, &iosb, 0, 0,
+ buffer, length, 0, 0, 0, 0 );
+ if ( (status&1) == 1 ) status = iosb.status;
+ return status;
+}
+/***************************************************************************/
+
+static int rtcp_new(bi)
+BIO *bi;
+{
+ struct rpc_ctx *ctx;
+ bi->init=1;
+ bi->num=0;
+ bi->flags = 0;
+ bi->ptr=Malloc(sizeof(struct rpc_ctx));
+ ctx = (struct rpc_ctx *) bi->ptr;
+ ctx->filled = 0;
+ ctx->pos = 0;
+ return(1);
+}
+
+static int rtcp_free(a)
+BIO *a;
+{
+ if (a == NULL) return(0);
+ if ( a->ptr ) Free ( a->ptr );
+ a->ptr = NULL;
+ return(1);
+}
+
+static int rtcp_read(b,out,outl)
+BIO *b;
+char *out;
+int outl;
+{
+ int status, length;
+ struct rpc_ctx *ctx;
+ /*
+ * read data, return existing.
+ */
+ ctx = (struct rpc_ctx *) b->ptr;
+ if ( ctx->pos < ctx->filled ) {
+ length = ctx->filled - ctx->pos;
+ if ( length > outl ) length = outl;
+ memmove ( out, &ctx->msg.data[ctx->pos], length );
+ ctx->pos += length;
+ return length;
+ }
+ /*
+ * Requst more data from R channel.
+ */
+ ctx->msg.channel = 'R';
+ ctx->msg.function = 'G';
+ ctx->msg.length = sizeof(ctx->msg.data);
+ status = put ( b->num, (char *) &ctx->msg, RPC_HDR_SIZE );
+ if ( (status&1) == 0 ) {
+ return -1;
+ }
+ /*
+ * Read.
+ */
+ ctx->pos = ctx->filled = 0;
+ status = get ( b->num, (char *) &ctx->msg, sizeof(ctx->msg), &length );
+ if ( (status&1) == 0 ) length = -1;
+ if ( ctx->msg.channel != 'R' || ctx->msg.function != 'C' ) {
+ length = -1;
+ }
+ ctx->filled = length - RPC_HDR_SIZE;
+
+ if ( ctx->pos < ctx->filled ) {
+ length = ctx->filled - ctx->pos;
+ if ( length > outl ) length = outl;
+ memmove ( out, ctx->msg.data, length );
+ ctx->pos += length;
+ return length;
+ }
+
+ return length;
+}
+
+static int rtcp_write(b,in,inl)
+BIO *b;
+char *in;
+int inl;
+{
+ int status, i, segment, length;
+ struct rpc_ctx *ctx;
+ /*
+ * Output data, send in chunks no larger that sizeof(ctx->msg.data).
+ */
+ ctx = (struct rpc_ctx *) b->ptr;
+ for ( i = 0; i < inl; i += segment ) {
+ segment = inl - i;
+ if ( segment > sizeof(ctx->msg.data) ) segment = sizeof(ctx->msg.data);
+ ctx->msg.channel = 'R';
+ ctx->msg.function = 'P';
+ ctx->msg.length = segment;
+ memmove ( ctx->msg.data, &in[i], segment );
+ status = put ( b->num, (char *) &ctx->msg, segment + RPC_HDR_SIZE );
+ if ((status&1) == 0 ) { i = -1; break; }
+
+ status = get ( b->num, (char *) &ctx->msg, sizeof(ctx->msg), &length );
+ if ( ((status&1) == 0) || (length < RPC_HDR_SIZE) ) { i = -1; break; }
+ if ( (ctx->msg.channel != 'R') || (ctx->msg.function != 'C') ) {
+ printf("unexpected response when confirming put %c %c\n",
+ ctx->msg.channel, ctx->msg.function );
+
+ }
+ }
+ return(i);
+}
+
+static long rtcp_ctrl(b,cmd,num,ptr)
+BIO *b;
+int cmd;
+long num;
+char *ptr;
+ {
+ long ret=1;
+
+ switch (cmd)
+ {
+ case BIO_CTRL_RESET:
+ case BIO_CTRL_EOF:
+ ret = 1;
+ break;
+ case BIO_CTRL_SET:
+ b->num = num;
+ ret = 1;
+ break;
+ case BIO_CTRL_SET_CLOSE:
+ case BIO_CTRL_FLUSH:
+ case BIO_CTRL_DUP:
+ ret=1;
+ break;
+ case BIO_CTRL_GET_CLOSE:
+ case BIO_CTRL_INFO:
+ case BIO_CTRL_GET:
+ case BIO_CTRL_PENDING:
+ case BIO_CTRL_WPENDING:
+ default:
+ ret=0;
+ break;
+ }
+ return(ret);
+ }
+
+static int rtcp_gets(bp,buf,size)
+BIO *bp;
+char *buf;
+int size;
+ {
+ return(0);
+ }
+
+static int rtcp_puts(bp,str)
+BIO *bp;
+char *str;
+{
+ int length;
+ if (str == NULL) return(0);
+ length = strlen ( str );
+ if ( length == 0 ) return (0);
+ return rtcp_write ( bp,str, length );
+}
+
diff --git a/src/lib/libcrypto/bn/asm/README b/src/lib/libcrypto/bn/asm/README
new file mode 100644
index 0000000000..d93fbff77f
--- /dev/null
+++ b/src/lib/libcrypto/bn/asm/README
@@ -0,0 +1,30 @@
+All assember in this directory are just version of the file
+crypto/bn/bn_mulw.c.
+
+Quite a few of these files are just the assember output from gcc since on
+quite a few machines they are 2 times faster than the system compiler.
+
+For the x86, I have hand written assember because of the bad job all
+compilers seem to do on it. This normally gives a 2 time speed up in the RSA
+routines.
+
+For the DEC alpha, I also hand wrote the assember (except the division which
+is just the output from the C compiler pasted on the end of the file).
+On the 2 alpha C compilers I had access to, it was not possible to do
+64b x 64b -> 128b calculations (both long and the long long data types
+were 64 bits). So the hand assember gives access to the 128 bit result and
+a 2 times speedup :-).
+
+The x86xxxx.obj files are the assembled version of x86xxxx.asm files.
+I had such a hard time finding a macro assember for Microsoft, I decided to
+include the object file to save others the hassle :-).
+
+I have also included uu encoded versions of the .obj incase they get
+trashed.
+
+There are 2 versions of assember for the HP PA-RISC.
+pa-risc.s is the origional one which works fine.
+pa-risc2.s is a new version that often generates warnings but if the
+tests pass, it gives performance that is over 2 times faster than
+pa-risc.s.
+Both were generated using gcc :-)
diff --git a/src/lib/libcrypto/bn/asm/alpha.s b/src/lib/libcrypto/bn/asm/alpha.s
new file mode 100644
index 0000000000..1d17b1d619
--- /dev/null
+++ b/src/lib/libcrypto/bn/asm/alpha.s
@@ -0,0 +1,344 @@
+ # DEC Alpha assember
+ # The bn_div64 is actually gcc output but the other parts are hand done.
+ # Thanks to tzeruch@ceddec.com for sending me the gcc output for
+ # bn_div64.
+ .file 1 "bn_mulw.c"
+ .set noat
+gcc2_compiled.:
+__gnu_compiled_c:
+ .text
+ .align 3
+ .globl bn_mul_add_words
+ .ent bn_mul_add_words
+bn_mul_add_words:
+bn_mul_add_words..ng:
+ .frame $30,0,$26,0
+ .prologue 0
+ subq $18,2,$25 # num=-2
+ bis $31,$31,$0
+ blt $25,$42
+ .align 5
+$142:
+ subq $18,2,$18 # num-=2
+ subq $25,2,$25 # num-=2
+
+ ldq $1,0($17) # a[0]
+ ldq $2,8($17) # a[1]
+
+ mulq $19,$1,$3 # a[0]*w low part r3
+ umulh $19,$1,$1 # a[0]*w high part r1
+ mulq $19,$2,$4 # a[1]*w low part r4
+ umulh $19,$2,$2 # a[1]*w high part r2
+
+ ldq $22,0($16) # r[0] r22
+ ldq $23,8($16) # r[1] r23
+
+ addq $3,$22,$3 # a0 low part + r[0]
+ addq $4,$23,$4 # a1 low part + r[1]
+ cmpult $3,$22,$5 # overflow?
+ cmpult $4,$23,$6 # overflow?
+ addq $5,$1,$1 # high part + overflow
+ addq $6,$2,$2 # high part + overflow
+
+ addq $3,$0,$3 # add c
+ cmpult $3,$0,$5 # overflow?
+ stq $3,0($16)
+ addq $5,$1,$0 # c=high part + overflow
+
+ addq $4,$0,$4 # add c
+ cmpult $4,$0,$5 # overflow?
+ stq $4,8($16)
+ addq $5,$2,$0 # c=high part + overflow
+
+ ble $18,$43
+
+ addq $16,16,$16
+ addq $17,16,$17
+ blt $25,$42
+
+ br $31,$142
+$42:
+ ldq $1,0($17) # a[0]
+ umulh $19,$1,$3 # a[0]*w high part
+ mulq $19,$1,$1 # a[0]*w low part
+ ldq $2,0($16) # r[0]
+ addq $1,$2,$1 # low part + r[0]
+ cmpult $1,$2,$4 # overflow?
+ addq $4,$3,$3 # high part + overflow
+ addq $1,$0,$1 # add c
+ cmpult $1,$0,$4 # overflow?
+ addq $4,$3,$0 # c=high part + overflow
+ stq $1,0($16)
+
+ .align 4
+$43:
+ ret $31,($26),1
+ .end bn_mul_add_words
+ .align 3
+ .globl bn_mul_words
+ .ent bn_mul_words
+bn_mul_words:
+bn_mul_words..ng:
+ .frame $30,0,$26,0
+ .prologue 0
+ subq $18,2,$25 # num=-2
+ bis $31,$31,$0
+ blt $25,$242
+ .align 5
+$342:
+ subq $18,2,$18 # num-=2
+ subq $25,2,$25 # num-=2
+
+ ldq $1,0($17) # a[0]
+ ldq $2,8($17) # a[1]
+
+ mulq $19,$1,$3 # a[0]*w low part r3
+ umulh $19,$1,$1 # a[0]*w high part r1
+ mulq $19,$2,$4 # a[1]*w low part r4
+ umulh $19,$2,$2 # a[1]*w high part r2
+
+ addq $3,$0,$3 # add c
+ cmpult $3,$0,$5 # overflow?
+ stq $3,0($16)
+ addq $5,$1,$0 # c=high part + overflow
+
+ addq $4,$0,$4 # add c
+ cmpult $4,$0,$5 # overflow?
+ stq $4,8($16)
+ addq $5,$2,$0 # c=high part + overflow
+
+ ble $18,$243
+
+ addq $16,16,$16
+ addq $17,16,$17
+ blt $25,$242
+
+ br $31,$342
+$242:
+ ldq $1,0($17) # a[0]
+ umulh $19,$1,$3 # a[0]*w high part
+ mulq $19,$1,$1 # a[0]*w low part
+ addq $1,$0,$1 # add c
+ cmpult $1,$0,$4 # overflow?
+ addq $4,$3,$0 # c=high part + overflow
+ stq $1,0($16)
+$243:
+ ret $31,($26),1
+ .end bn_mul_words
+ .align 3
+ .globl bn_sqr_words
+ .ent bn_sqr_words
+bn_sqr_words:
+bn_sqr_words..ng:
+ .frame $30,0,$26,0
+ .prologue 0
+
+ subq $18,2,$25 # num=-2
+ blt $25,$442
+ .align 5
+$542:
+ subq $18,2,$18 # num-=2
+ subq $25,2,$25 # num-=2
+
+ ldq $1,0($17) # a[0]
+ ldq $4,8($17) # a[1]
+
+ mulq $1,$1,$2 # a[0]*w low part r2
+ umulh $1,$1,$3 # a[0]*w high part r3
+ mulq $4,$4,$5 # a[1]*w low part r5
+ umulh $4,$4,$6 # a[1]*w high part r6
+
+ stq $2,0($16) # r[0]
+ stq $3,8($16) # r[1]
+ stq $5,16($16) # r[3]
+ stq $6,24($16) # r[4]
+
+ ble $18,$443
+
+ addq $16,32,$16
+ addq $17,16,$17
+ blt $25,$442
+ br $31,$542
+
+$442:
+ ldq $1,0($17) # a[0]
+ mulq $1,$1,$2 # a[0]*w low part r2
+ umulh $1,$1,$3 # a[0]*w high part r3
+ stq $2,0($16) # r[0]
+ stq $3,8($16) # r[1]
+
+ .align 4
+$443:
+ ret $31,($26),1
+ .end bn_sqr_words
+
+ .align 3
+ .globl bn_add_words
+ .ent bn_add_words
+bn_add_words:
+bn_add_words..ng:
+ .frame $30,0,$26,0
+ .prologue 0
+
+ bis $31,$31,$8 # carry = 0
+ ble $19,$900
+$901:
+ ldq $0,0($17) # a[0]
+ ldq $1,0($18) # a[1]
+
+ addq $0,$1,$3 # c=a+b;
+ addq $17,8,$17 # a++
+
+ cmpult $3,$1,$7 # did we overflow?
+ addq $18,8,$18 # b++
+
+ addq $8,$3,$3 # c+=carry
+
+ cmpult $3,$8,$8 # did we overflow?
+ stq $3,($16) # r[0]=c
+
+ addq $7,$8,$8 # add into overflow
+ subq $19,1,$19 # loop--
+
+ addq $16,8,$16 # r++
+ bgt $19,$901
+$900:
+ bis $8,$8,$0 # return carry
+ ret $31,($26),1
+ .end bn_add_words
+
+ #
+ # What follows was taken directly from the C compiler with a few
+ # hacks to redo the lables.
+ #
+.text
+ .align 3
+ .globl bn_div64
+ .ent bn_div64
+bn_div64:
+ ldgp $29,0($27)
+bn_div64..ng:
+ lda $30,-48($30)
+ .frame $30,48,$26,0
+ stq $26,0($30)
+ stq $9,8($30)
+ stq $10,16($30)
+ stq $11,24($30)
+ stq $12,32($30)
+ stq $13,40($30)
+ .mask 0x4003e00,-48
+ .prologue 1
+ bis $16,$16,$9
+ bis $17,$17,$10
+ bis $18,$18,$11
+ bis $31,$31,$13
+ bis $31,2,$12
+ bne $11,$119
+ lda $0,-1
+ br $31,$136
+ .align 4
+$119:
+ bis $11,$11,$16
+ jsr $26,BN_num_bits_word
+ ldgp $29,0($26)
+ subq $0,64,$1
+ beq $1,$120
+ bis $31,1,$1
+ sll $1,$0,$1
+ cmpule $9,$1,$1
+ bne $1,$120
+ # lda $16,_IO_stderr_
+ # lda $17,$C32
+ # bis $0,$0,$18
+ # jsr $26,fprintf
+ # ldgp $29,0($26)
+ jsr $26,abort
+ ldgp $29,0($26)
+ .align 4
+$120:
+ bis $31,64,$3
+ cmpult $9,$11,$2
+ subq $3,$0,$1
+ addl $1,$31,$0
+ subq $9,$11,$1
+ cmoveq $2,$1,$9
+ beq $0,$122
+ zapnot $0,15,$2
+ subq $3,$0,$1
+ sll $11,$2,$11
+ sll $9,$2,$3
+ srl $10,$1,$1
+ sll $10,$2,$10
+ bis $3,$1,$9
+$122:
+ srl $11,32,$5
+ zapnot $11,15,$6
+ lda $7,-1
+ .align 5
+$123:
+ srl $9,32,$1
+ subq $1,$5,$1
+ bne $1,$126
+ zapnot $7,15,$27
+ br $31,$127
+ .align 4
+$126:
+ bis $9,$9,$24
+ bis $5,$5,$25
+ divqu $24,$25,$27
+$127:
+ srl $10,32,$4
+ .align 5
+$128:
+ mulq $27,$5,$1
+ subq $9,$1,$3
+ zapnot $3,240,$1
+ bne $1,$129
+ mulq $6,$27,$2
+ sll $3,32,$1
+ addq $1,$4,$1
+ cmpule $2,$1,$2
+ bne $2,$129
+ subq $27,1,$27
+ br $31,$128
+ .align 4
+$129:
+ mulq $27,$6,$1
+ mulq $27,$5,$4
+ srl $1,32,$3
+ sll $1,32,$1
+ addq $4,$3,$4
+ cmpult $10,$1,$2
+ subq $10,$1,$10
+ addq $2,$4,$2
+ cmpult $9,$2,$1
+ bis $2,$2,$4
+ beq $1,$134
+ addq $9,$11,$9
+ subq $27,1,$27
+$134:
+ subl $12,1,$12
+ subq $9,$4,$9
+ beq $12,$124
+ sll $27,32,$13
+ sll $9,32,$2
+ srl $10,32,$1
+ sll $10,32,$10
+ bis $2,$1,$9
+ br $31,$123
+ .align 4
+$124:
+ bis $13,$27,$0
+$136:
+ ldq $26,0($30)
+ ldq $9,8($30)
+ ldq $10,16($30)
+ ldq $11,24($30)
+ ldq $12,32($30)
+ ldq $13,40($30)
+ addq $30,48,$30
+ ret $31,($26),1
+ .end bn_div64
+ .ident "GCC: (GNU) 2.7.2.1"
+
+
diff --git a/src/lib/libcrypto/bn/asm/pa-risc.s b/src/lib/libcrypto/bn/asm/pa-risc.s
new file mode 100644
index 0000000000..775130a191
--- /dev/null
+++ b/src/lib/libcrypto/bn/asm/pa-risc.s
@@ -0,0 +1,710 @@
+ .SPACE $PRIVATE$
+ .SUBSPA $DATA$,QUAD=1,ALIGN=8,ACCESS=31
+ .SUBSPA $BSS$,QUAD=1,ALIGN=8,ACCESS=31,ZERO,SORT=82
+ .SPACE $TEXT$
+ .SUBSPA $LIT$,QUAD=0,ALIGN=8,ACCESS=44
+ .SUBSPA $CODE$,QUAD=0,ALIGN=8,ACCESS=44,CODE_ONLY
+ .IMPORT $global$,DATA
+ .IMPORT $$dyncall,MILLICODE
+; gcc_compiled.:
+ .SPACE $TEXT$
+ .SUBSPA $CODE$
+
+ .align 4
+ .EXPORT bn_mul_add_words,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,RTNVAL=GR
+bn_mul_add_words
+ .PROC
+ .CALLINFO FRAME=0,CALLS,SAVE_RP
+ .ENTRY
+ stw %r2,-20(0,%r30)
+ ldi 0,%r28
+ extru %r23,31,16,%r2
+ stw %r2,-16(0,%r30)
+ extru %r23,15,16,%r23
+ ldil L'65536,%r31
+ fldws -16(0,%r30),%fr11R
+ stw %r23,-16(0,%r30)
+ ldo 12(%r25),%r29
+ ldo 12(%r26),%r23
+ fldws -16(0,%r30),%fr11L
+L$0002
+ ldw 0(0,%r25),%r19
+ extru %r19,31,16,%r20
+ stw %r20,-16(0,%r30)
+ extru %r19,15,16,%r19
+ fldws -16(0,%r30),%fr22L
+ stw %r19,-16(0,%r30)
+ xmpyu %fr22L,%fr11R,%fr8
+ fldws -16(0,%r30),%fr22L
+ fstws %fr8R,-16(0,%r30)
+ xmpyu %fr11R,%fr22L,%fr10
+ ldw -16(0,%r30),%r2
+ stw %r20,-16(0,%r30)
+ xmpyu %fr22L,%fr11L,%fr9
+ fldws -16(0,%r30),%fr22L
+ fstws %fr10R,-16(0,%r30)
+ copy %r2,%r22
+ ldw -16(0,%r30),%r2
+ fstws %fr9R,-16(0,%r30)
+ xmpyu %fr11L,%fr22L,%fr8
+ copy %r2,%r19
+ ldw -16(0,%r30),%r2
+ fstws %fr8R,-16(0,%r30)
+ copy %r2,%r20
+ ldw -16(0,%r30),%r2
+ addl %r2,%r19,%r21
+ comclr,<<= %r19,%r21,0
+ addl %r20,%r31,%r20
+L$0005
+ extru %r21,15,16,%r19
+ addl %r20,%r19,%r20
+ zdep %r21,15,16,%r19
+ addl %r22,%r19,%r22
+ comclr,<<= %r19,%r22,0
+ addi,tr 1,%r20,%r19
+ copy %r20,%r19
+ addl %r22,%r28,%r20
+ comclr,<<= %r28,%r20,0
+ addi 1,%r19,%r19
+ ldw 0(0,%r26),%r28
+ addl %r20,%r28,%r20
+ comclr,<<= %r28,%r20,0
+ addi,tr 1,%r19,%r28
+ copy %r19,%r28
+ addib,= -1,%r24,L$0003
+ stw %r20,0(0,%r26)
+ ldw -8(0,%r29),%r19
+ extru %r19,31,16,%r20
+ stw %r20,-16(0,%r30)
+ extru %r19,15,16,%r19
+ fldws -16(0,%r30),%fr22L
+ stw %r19,-16(0,%r30)
+ xmpyu %fr22L,%fr11R,%fr8
+ fldws -16(0,%r30),%fr22L
+ fstws %fr8R,-16(0,%r30)
+ xmpyu %fr11R,%fr22L,%fr10
+ ldw -16(0,%r30),%r2
+ stw %r20,-16(0,%r30)
+ xmpyu %fr22L,%fr11L,%fr9
+ fldws -16(0,%r30),%fr22L
+ fstws %fr10R,-16(0,%r30)
+ copy %r2,%r22
+ ldw -16(0,%r30),%r2
+ fstws %fr9R,-16(0,%r30)
+ xmpyu %fr11L,%fr22L,%fr8
+ copy %r2,%r19
+ ldw -16(0,%r30),%r2
+ fstws %fr8R,-16(0,%r30)
+ copy %r2,%r20
+ ldw -16(0,%r30),%r2
+ addl %r2,%r19,%r21
+ comclr,<<= %r19,%r21,0
+ addl %r20,%r31,%r20
+L$0010
+ extru %r21,15,16,%r19
+ addl %r20,%r19,%r20
+ zdep %r21,15,16,%r19
+ addl %r22,%r19,%r22
+ comclr,<<= %r19,%r22,0
+ addi,tr 1,%r20,%r19
+ copy %r20,%r19
+ addl %r22,%r28,%r20
+ comclr,<<= %r28,%r20,0
+ addi 1,%r19,%r19
+ ldw -8(0,%r23),%r28
+ addl %r20,%r28,%r20
+ comclr,<<= %r28,%r20,0
+ addi,tr 1,%r19,%r28
+ copy %r19,%r28
+ addib,= -1,%r24,L$0003
+ stw %r20,-8(0,%r23)
+ ldw -4(0,%r29),%r19
+ extru %r19,31,16,%r20
+ stw %r20,-16(0,%r30)
+ extru %r19,15,16,%r19
+ fldws -16(0,%r30),%fr22L
+ stw %r19,-16(0,%r30)
+ xmpyu %fr22L,%fr11R,%fr8
+ fldws -16(0,%r30),%fr22L
+ fstws %fr8R,-16(0,%r30)
+ xmpyu %fr11R,%fr22L,%fr10
+ ldw -16(0,%r30),%r2
+ stw %r20,-16(0,%r30)
+ xmpyu %fr22L,%fr11L,%fr9
+ fldws -16(0,%r30),%fr22L
+ fstws %fr10R,-16(0,%r30)
+ copy %r2,%r22
+ ldw -16(0,%r30),%r2
+ fstws %fr9R,-16(0,%r30)
+ xmpyu %fr11L,%fr22L,%fr8
+ copy %r2,%r19
+ ldw -16(0,%r30),%r2
+ fstws %fr8R,-16(0,%r30)
+ copy %r2,%r20
+ ldw -16(0,%r30),%r2
+ addl %r2,%r19,%r21
+ comclr,<<= %r19,%r21,0
+ addl %r20,%r31,%r20
+L$0015
+ extru %r21,15,16,%r19
+ addl %r20,%r19,%r20
+ zdep %r21,15,16,%r19
+ addl %r22,%r19,%r22
+ comclr,<<= %r19,%r22,0
+ addi,tr 1,%r20,%r19
+ copy %r20,%r19
+ addl %r22,%r28,%r20
+ comclr,<<= %r28,%r20,0
+ addi 1,%r19,%r19
+ ldw -4(0,%r23),%r28
+ addl %r20,%r28,%r20
+ comclr,<<= %r28,%r20,0
+ addi,tr 1,%r19,%r28
+ copy %r19,%r28
+ addib,= -1,%r24,L$0003
+ stw %r20,-4(0,%r23)
+ ldw 0(0,%r29),%r19
+ extru %r19,31,16,%r20
+ stw %r20,-16(0,%r30)
+ extru %r19,15,16,%r19
+ fldws -16(0,%r30),%fr22L
+ stw %r19,-16(0,%r30)
+ xmpyu %fr22L,%fr11R,%fr8
+ fldws -16(0,%r30),%fr22L
+ fstws %fr8R,-16(0,%r30)
+ xmpyu %fr11R,%fr22L,%fr10
+ ldw -16(0,%r30),%r2
+ stw %r20,-16(0,%r30)
+ xmpyu %fr22L,%fr11L,%fr9
+ fldws -16(0,%r30),%fr22L
+ fstws %fr10R,-16(0,%r30)
+ copy %r2,%r22
+ ldw -16(0,%r30),%r2
+ fstws %fr9R,-16(0,%r30)
+ xmpyu %fr11L,%fr22L,%fr8
+ copy %r2,%r19
+ ldw -16(0,%r30),%r2
+ fstws %fr8R,-16(0,%r30)
+ copy %r2,%r20
+ ldw -16(0,%r30),%r2
+ addl %r2,%r19,%r21
+ comclr,<<= %r19,%r21,0
+ addl %r20,%r31,%r20
+L$0020
+ extru %r21,15,16,%r19
+ addl %r20,%r19,%r20
+ zdep %r21,15,16,%r19
+ addl %r22,%r19,%r22
+ comclr,<<= %r19,%r22,0
+ addi,tr 1,%r20,%r19
+ copy %r20,%r19
+ addl %r22,%r28,%r20
+ comclr,<<= %r28,%r20,0
+ addi 1,%r19,%r19
+ ldw 0(0,%r23),%r28
+ addl %r20,%r28,%r20
+ comclr,<<= %r28,%r20,0
+ addi,tr 1,%r19,%r28
+ copy %r19,%r28
+ addib,= -1,%r24,L$0003
+ stw %r20,0(0,%r23)
+ ldo 16(%r29),%r29
+ ldo 16(%r25),%r25
+ ldo 16(%r23),%r23
+ bl L$0002,0
+ ldo 16(%r26),%r26
+L$0003
+ ldw -20(0,%r30),%r2
+ bv,n 0(%r2)
+ .EXIT
+ .PROCEND
+ .align 4
+ .EXPORT bn_mul_words,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,RTNVAL=GR
+bn_mul_words
+ .PROC
+ .CALLINFO FRAME=0,CALLS,SAVE_RP
+ .ENTRY
+ stw %r2,-20(0,%r30)
+ ldi 0,%r28
+ extru %r23,31,16,%r2
+ stw %r2,-16(0,%r30)
+ extru %r23,15,16,%r23
+ ldil L'65536,%r31
+ fldws -16(0,%r30),%fr11R
+ stw %r23,-16(0,%r30)
+ ldo 12(%r26),%r29
+ ldo 12(%r25),%r23
+ fldws -16(0,%r30),%fr11L
+L$0026
+ ldw 0(0,%r25),%r19
+ extru %r19,31,16,%r20
+ stw %r20,-16(0,%r30)
+ extru %r19,15,16,%r19
+ fldws -16(0,%r30),%fr22L
+ stw %r19,-16(0,%r30)
+ xmpyu %fr22L,%fr11R,%fr8
+ fldws -16(0,%r30),%fr22L
+ fstws %fr8R,-16(0,%r30)
+ xmpyu %fr11R,%fr22L,%fr10
+ ldw -16(0,%r30),%r2
+ stw %r20,-16(0,%r30)
+ xmpyu %fr22L,%fr11L,%fr9
+ fldws -16(0,%r30),%fr22L
+ fstws %fr10R,-16(0,%r30)
+ copy %r2,%r22
+ ldw -16(0,%r30),%r2
+ fstws %fr9R,-16(0,%r30)
+ xmpyu %fr11L,%fr22L,%fr8
+ copy %r2,%r19
+ ldw -16(0,%r30),%r2
+ fstws %fr8R,-16(0,%r30)
+ copy %r2,%r20
+ ldw -16(0,%r30),%r2
+ addl %r2,%r19,%r21
+ comclr,<<= %r19,%r21,0
+ addl %r20,%r31,%r20
+L$0029
+ extru %r21,15,16,%r19
+ addl %r20,%r19,%r20
+ zdep %r21,15,16,%r19
+ addl %r22,%r19,%r22
+ comclr,<<= %r19,%r22,0
+ addi,tr 1,%r20,%r19
+ copy %r20,%r19
+ addl %r22,%r28,%r20
+ comclr,<<= %r28,%r20,0
+ addi,tr 1,%r19,%r28
+ copy %r19,%r28
+ addib,= -1,%r24,L$0027
+ stw %r20,0(0,%r26)
+ ldw -8(0,%r23),%r19
+ extru %r19,31,16,%r20
+ stw %r20,-16(0,%r30)
+ extru %r19,15,16,%r19
+ fldws -16(0,%r30),%fr22L
+ stw %r19,-16(0,%r30)
+ xmpyu %fr22L,%fr11R,%fr8
+ fldws -16(0,%r30),%fr22L
+ fstws %fr8R,-16(0,%r30)
+ xmpyu %fr11R,%fr22L,%fr10
+ ldw -16(0,%r30),%r2
+ stw %r20,-16(0,%r30)
+ xmpyu %fr22L,%fr11L,%fr9
+ fldws -16(0,%r30),%fr22L
+ fstws %fr10R,-16(0,%r30)
+ copy %r2,%r22
+ ldw -16(0,%r30),%r2
+ fstws %fr9R,-16(0,%r30)
+ xmpyu %fr11L,%fr22L,%fr8
+ copy %r2,%r19
+ ldw -16(0,%r30),%r2
+ fstws %fr8R,-16(0,%r30)
+ copy %r2,%r20
+ ldw -16(0,%r30),%r2
+ addl %r2,%r19,%r21
+ comclr,<<= %r19,%r21,0
+ addl %r20,%r31,%r20
+L$0033
+ extru %r21,15,16,%r19
+ addl %r20,%r19,%r20
+ zdep %r21,15,16,%r19
+ addl %r22,%r19,%r22
+ comclr,<<= %r19,%r22,0
+ addi,tr 1,%r20,%r19
+ copy %r20,%r19
+ addl %r22,%r28,%r20
+ comclr,<<= %r28,%r20,0
+ addi,tr 1,%r19,%r28
+ copy %r19,%r28
+ addib,= -1,%r24,L$0027
+ stw %r20,-8(0,%r29)
+ ldw -4(0,%r23),%r19
+ extru %r19,31,16,%r20
+ stw %r20,-16(0,%r30)
+ extru %r19,15,16,%r19
+ fldws -16(0,%r30),%fr22L
+ stw %r19,-16(0,%r30)
+ xmpyu %fr22L,%fr11R,%fr8
+ fldws -16(0,%r30),%fr22L
+ fstws %fr8R,-16(0,%r30)
+ xmpyu %fr11R,%fr22L,%fr10
+ ldw -16(0,%r30),%r2
+ stw %r20,-16(0,%r30)
+ xmpyu %fr22L,%fr11L,%fr9
+ fldws -16(0,%r30),%fr22L
+ fstws %fr10R,-16(0,%r30)
+ copy %r2,%r22
+ ldw -16(0,%r30),%r2
+ fstws %fr9R,-16(0,%r30)
+ xmpyu %fr11L,%fr22L,%fr8
+ copy %r2,%r19
+ ldw -16(0,%r30),%r2
+ fstws %fr8R,-16(0,%r30)
+ copy %r2,%r20
+ ldw -16(0,%r30),%r2
+ addl %r2,%r19,%r21
+ comclr,<<= %r19,%r21,0
+ addl %r20,%r31,%r20
+L$0037
+ extru %r21,15,16,%r19
+ addl %r20,%r19,%r20
+ zdep %r21,15,16,%r19
+ addl %r22,%r19,%r22
+ comclr,<<= %r19,%r22,0
+ addi,tr 1,%r20,%r19
+ copy %r20,%r19
+ addl %r22,%r28,%r20
+ comclr,<<= %r28,%r20,0
+ addi,tr 1,%r19,%r28
+ copy %r19,%r28
+ addib,= -1,%r24,L$0027
+ stw %r20,-4(0,%r29)
+ ldw 0(0,%r23),%r19
+ extru %r19,31,16,%r20
+ stw %r20,-16(0,%r30)
+ extru %r19,15,16,%r19
+ fldws -16(0,%r30),%fr22L
+ stw %r19,-16(0,%r30)
+ xmpyu %fr22L,%fr11R,%fr8
+ fldws -16(0,%r30),%fr22L
+ fstws %fr8R,-16(0,%r30)
+ xmpyu %fr11R,%fr22L,%fr10
+ ldw -16(0,%r30),%r2
+ stw %r20,-16(0,%r30)
+ xmpyu %fr22L,%fr11L,%fr9
+ fldws -16(0,%r30),%fr22L
+ fstws %fr10R,-16(0,%r30)
+ copy %r2,%r22
+ ldw -16(0,%r30),%r2
+ fstws %fr9R,-16(0,%r30)
+ xmpyu %fr11L,%fr22L,%fr8
+ copy %r2,%r19
+ ldw -16(0,%r30),%r2
+ fstws %fr8R,-16(0,%r30)
+ copy %r2,%r20
+ ldw -16(0,%r30),%r2
+ addl %r2,%r19,%r21
+ comclr,<<= %r19,%r21,0
+ addl %r20,%r31,%r20
+L$0041
+ extru %r21,15,16,%r19
+ addl %r20,%r19,%r20
+ zdep %r21,15,16,%r19
+ addl %r22,%r19,%r22
+ comclr,<<= %r19,%r22,0
+ addi,tr 1,%r20,%r19
+ copy %r20,%r19
+ addl %r22,%r28,%r20
+ comclr,<<= %r28,%r20,0
+ addi,tr 1,%r19,%r28
+ copy %r19,%r28
+ addib,= -1,%r24,L$0027
+ stw %r20,0(0,%r29)
+ ldo 16(%r23),%r23
+ ldo 16(%r25),%r25
+ ldo 16(%r29),%r29
+ bl L$0026,0
+ ldo 16(%r26),%r26
+L$0027
+ ldw -20(0,%r30),%r2
+ bv,n 0(%r2)
+ .EXIT
+ .PROCEND
+ .align 4
+ .EXPORT bn_sqr_words,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR
+bn_sqr_words
+ .PROC
+ .CALLINFO FRAME=0,NO_CALLS
+ .ENTRY
+ ldo 28(%r26),%r23
+ ldo 12(%r25),%r28
+L$0046
+ ldw 0(0,%r25),%r21
+ extru %r21,31,16,%r22
+ stw %r22,-16(0,%r30)
+ extru %r21,15,16,%r21
+ fldws -16(0,%r30),%fr10L
+ stw %r21,-16(0,%r30)
+ fldws -16(0,%r30),%fr10R
+ xmpyu %fr10L,%fr10R,%fr8
+ fstws %fr8R,-16(0,%r30)
+ ldw -16(0,%r30),%r29
+ stw %r22,-16(0,%r30)
+ fldws -16(0,%r30),%fr10R
+ stw %r21,-16(0,%r30)
+ copy %r29,%r19
+ xmpyu %fr10L,%fr10R,%fr8
+ fldws -16(0,%r30),%fr10L
+ stw %r21,-16(0,%r30)
+ fldws -16(0,%r30),%fr10R
+ fstws %fr8R,-16(0,%r30)
+ extru %r19,16,17,%r20
+ zdep %r19,14,15,%r19
+ ldw -16(0,%r30),%r29
+ xmpyu %fr10L,%fr10R,%fr9
+ addl %r29,%r19,%r22
+ stw %r22,0(0,%r26)
+ fstws %fr9R,-16(0,%r30)
+ ldw -16(0,%r30),%r29
+ addl %r29,%r20,%r21
+ comclr,<<= %r19,%r22,0
+ addi 1,%r21,%r21
+ addib,= -1,%r24,L$0057
+ stw %r21,-24(0,%r23)
+ ldw -8(0,%r28),%r21
+ extru %r21,31,16,%r22
+ stw %r22,-16(0,%r30)
+ extru %r21,15,16,%r21
+ fldws -16(0,%r30),%fr10L
+ stw %r21,-16(0,%r30)
+ fldws -16(0,%r30),%fr10R
+ xmpyu %fr10L,%fr10R,%fr8
+ fstws %fr8R,-16(0,%r30)
+ ldw -16(0,%r30),%r29
+ stw %r22,-16(0,%r30)
+ fldws -16(0,%r30),%fr10R
+ stw %r21,-16(0,%r30)
+ copy %r29,%r19
+ xmpyu %fr10L,%fr10R,%fr8
+ fldws -16(0,%r30),%fr10L
+ stw %r21,-16(0,%r30)
+ fldws -16(0,%r30),%fr10R
+ fstws %fr8R,-16(0,%r30)
+ extru %r19,16,17,%r20
+ zdep %r19,14,15,%r19
+ ldw -16(0,%r30),%r29
+ xmpyu %fr10L,%fr10R,%fr9
+ addl %r29,%r19,%r22
+ stw %r22,-20(0,%r23)
+ fstws %fr9R,-16(0,%r30)
+ ldw -16(0,%r30),%r29
+ addl %r29,%r20,%r21
+ comclr,<<= %r19,%r22,0
+ addi 1,%r21,%r21
+ addib,= -1,%r24,L$0057
+ stw %r21,-16(0,%r23)
+ ldw -4(0,%r28),%r21
+ extru %r21,31,16,%r22
+ stw %r22,-16(0,%r30)
+ extru %r21,15,16,%r21
+ fldws -16(0,%r30),%fr10L
+ stw %r21,-16(0,%r30)
+ fldws -16(0,%r30),%fr10R
+ xmpyu %fr10L,%fr10R,%fr8
+ fstws %fr8R,-16(0,%r30)
+ ldw -16(0,%r30),%r29
+ stw %r22,-16(0,%r30)
+ fldws -16(0,%r30),%fr10R
+ stw %r21,-16(0,%r30)
+ copy %r29,%r19
+ xmpyu %fr10L,%fr10R,%fr8
+ fldws -16(0,%r30),%fr10L
+ stw %r21,-16(0,%r30)
+ fldws -16(0,%r30),%fr10R
+ fstws %fr8R,-16(0,%r30)
+ extru %r19,16,17,%r20
+ zdep %r19,14,15,%r19
+ ldw -16(0,%r30),%r29
+ xmpyu %fr10L,%fr10R,%fr9
+ addl %r29,%r19,%r22
+ stw %r22,-12(0,%r23)
+ fstws %fr9R,-16(0,%r30)
+ ldw -16(0,%r30),%r29
+ addl %r29,%r20,%r21
+ comclr,<<= %r19,%r22,0
+ addi 1,%r21,%r21
+ addib,= -1,%r24,L$0057
+ stw %r21,-8(0,%r23)
+ ldw 0(0,%r28),%r21
+ extru %r21,31,16,%r22
+ stw %r22,-16(0,%r30)
+ extru %r21,15,16,%r21
+ fldws -16(0,%r30),%fr10L
+ stw %r21,-16(0,%r30)
+ fldws -16(0,%r30),%fr10R
+ xmpyu %fr10L,%fr10R,%fr8
+ fstws %fr8R,-16(0,%r30)
+ ldw -16(0,%r30),%r29
+ stw %r22,-16(0,%r30)
+ fldws -16(0,%r30),%fr10R
+ stw %r21,-16(0,%r30)
+ copy %r29,%r19
+ xmpyu %fr10L,%fr10R,%fr8
+ fldws -16(0,%r30),%fr10L
+ stw %r21,-16(0,%r30)
+ fldws -16(0,%r30),%fr10R
+ fstws %fr8R,-16(0,%r30)
+ extru %r19,16,17,%r20
+ zdep %r19,14,15,%r19
+ ldw -16(0,%r30),%r29
+ xmpyu %fr10L,%fr10R,%fr9
+ addl %r29,%r19,%r22
+ stw %r22,-4(0,%r23)
+ fstws %fr9R,-16(0,%r30)
+ ldw -16(0,%r30),%r29
+ addl %r29,%r20,%r21
+ comclr,<<= %r19,%r22,0
+ addi 1,%r21,%r21
+ addib,= -1,%r24,L$0057
+ stw %r21,0(0,%r23)
+ ldo 16(%r28),%r28
+ ldo 16(%r25),%r25
+ ldo 32(%r23),%r23
+ bl L$0046,0
+ ldo 32(%r26),%r26
+L$0057
+ bv,n 0(%r2)
+ .EXIT
+ .PROCEND
+ .IMPORT BN_num_bits_word,CODE
+ .IMPORT fprintf,CODE
+ .IMPORT __iob,DATA
+ .SPACE $TEXT$
+ .SUBSPA $LIT$
+
+ .align 4
+L$C0000
+ .STRING "Division would overflow\x0a\x00"
+ .IMPORT abort,CODE
+ .SPACE $TEXT$
+ .SUBSPA $CODE$
+
+ .align 4
+ .EXPORT bn_div64,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,RTNVAL=GR
+bn_div64
+ .PROC
+ .CALLINFO FRAME=128,CALLS,SAVE_RP,ENTRY_GR=8
+ .ENTRY
+ stw %r2,-20(0,%r30)
+ stwm %r8,128(0,%r30)
+ stw %r7,-124(0,%r30)
+ stw %r4,-112(0,%r30)
+ stw %r3,-108(0,%r30)
+ copy %r26,%r3
+ copy %r25,%r4
+ stw %r6,-120(0,%r30)
+ ldi 0,%r7
+ stw %r5,-116(0,%r30)
+ movb,<> %r24,%r5,L$0059
+ ldi 2,%r6
+ bl L$0076,0
+ ldi -1,%r28
+L$0059
+ .CALL ARGW0=GR
+ bl BN_num_bits_word,%r2
+ copy %r5,%r26
+ ldi 32,%r19
+ comb,= %r19,%r28,L$0060
+ subi 31,%r28,%r19
+ mtsar %r19
+ zvdepi 1,32,%r19
+ comb,>>= %r19,%r3,L$0060
+ addil LR'__iob-$global$+32,%r27
+ ldo RR'__iob-$global$+32(%r1),%r26
+ ldil LR'L$C0000,%r25
+ .CALL ARGW0=GR,ARGW1=GR
+ bl fprintf,%r2
+ ldo RR'L$C0000(%r25),%r25
+ .CALL
+ bl abort,%r2
+ nop
+L$0060
+ comb,>> %r5,%r3,L$0061
+ subi 32,%r28,%r28
+ sub %r3,%r5,%r3
+L$0061
+ comib,= 0,%r28,L$0062
+ subi 31,%r28,%r19
+ mtsar %r19
+ zvdep %r5,32,%r5
+ zvdep %r3,32,%r21
+ subi 32,%r28,%r20
+ mtsar %r20
+ vshd 0,%r4,%r20
+ or %r21,%r20,%r3
+ mtsar %r19
+ zvdep %r4,32,%r4
+L$0062
+ extru %r5,15,16,%r23
+ extru %r5,31,16,%r28
+L$0063
+ extru %r3,15,16,%r19
+ comb,<> %r23,%r19,L$0066
+ copy %r3,%r26
+ bl L$0067,0
+ zdepi -1,31,16,%r29
+L$0066
+ .IMPORT $$divU,MILLICODE
+ bl $$divU,%r31
+ copy %r23,%r25
+L$0067
+ stw %r29,-16(0,%r30)
+ fldws -16(0,%r30),%fr10L
+ stw %r28,-16(0,%r30)
+ fldws -16(0,%r30),%fr10R
+ stw %r23,-16(0,%r30)
+ xmpyu %fr10L,%fr10R,%fr8
+ fldws -16(0,%r30),%fr10R
+ fstws %fr8R,-16(0,%r30)
+ xmpyu %fr10L,%fr10R,%fr9
+ ldw -16(0,%r30),%r8
+ fstws %fr9R,-16(0,%r30)
+ copy %r8,%r22
+ ldw -16(0,%r30),%r8
+ extru %r4,15,16,%r24
+ copy %r8,%r21
+L$0068
+ sub %r3,%r21,%r20
+ copy %r20,%r19
+ depi 0,31,16,%r19
+ comib,<> 0,%r19,L$0069
+ zdep %r20,15,16,%r19
+ addl %r19,%r24,%r19
+ comb,>>= %r19,%r22,L$0069
+ sub %r22,%r28,%r22
+ sub %r21,%r23,%r21
+ bl L$0068,0
+ ldo -1(%r29),%r29
+L$0069
+ stw %r29,-16(0,%r30)
+ fldws -16(0,%r30),%fr10L
+ stw %r28,-16(0,%r30)
+ fldws -16(0,%r30),%fr10R
+ xmpyu %fr10L,%fr10R,%fr8
+ fstws %fr8R,-16(0,%r30)
+ ldw -16(0,%r30),%r8
+ stw %r23,-16(0,%r30)
+ fldws -16(0,%r30),%fr10R
+ copy %r8,%r19
+ xmpyu %fr10L,%fr10R,%fr8
+ fstws %fr8R,-16(0,%r30)
+ extru %r19,15,16,%r20
+ ldw -16(0,%r30),%r8
+ zdep %r19,15,16,%r19
+ addl %r8,%r20,%r20
+ comclr,<<= %r19,%r4,0
+ addi 1,%r20,%r20
+ comb,<<= %r20,%r3,L$0074
+ sub %r4,%r19,%r4
+ addl %r3,%r5,%r3
+ ldo -1(%r29),%r29
+L$0074
+ addib,= -1,%r6,L$0064
+ sub %r3,%r20,%r3
+ zdep %r29,15,16,%r7
+ shd %r3,%r4,16,%r3
+ bl L$0063,0
+ zdep %r4,15,16,%r4
+L$0064
+ or %r7,%r29,%r28
+L$0076
+ ldw -148(0,%r30),%r2
+ ldw -124(0,%r30),%r7
+ ldw -120(0,%r30),%r6
+ ldw -116(0,%r30),%r5
+ ldw -112(0,%r30),%r4
+ ldw -108(0,%r30),%r3
+ bv 0(%r2)
+ ldwm -128(0,%r30),%r8
+ .EXIT
+ .PROCEND
diff --git a/src/lib/libcrypto/bn/asm/r3000.s b/src/lib/libcrypto/bn/asm/r3000.s
new file mode 100644
index 0000000000..e95269afa3
--- /dev/null
+++ b/src/lib/libcrypto/bn/asm/r3000.s
@@ -0,0 +1,646 @@
+ .file 1 "../bn_mulw.c"
+ .set nobopt
+ .option pic2
+
+ # GNU C 2.6.3 [AL 1.1, MM 40] SGI running IRIX 5.0 compiled by GNU C
+
+ # Cc1 defaults:
+ # -mabicalls
+
+ # Cc1 arguments (-G value = 0, Cpu = 3000, ISA = 1):
+ # -quiet -dumpbase -O2 -o
+
+gcc2_compiled.:
+__gnu_compiled_c:
+ .rdata
+
+ .byte 0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
+ .byte 0x6e,0x3a,0x20,0x31,0x2e,0x34,0x39,0x20
+ .byte 0x24,0x0
+
+ .byte 0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
+ .byte 0x6e,0x3a,0x20,0x31,0x2e,0x33,0x34,0x20
+ .byte 0x24,0x0
+
+ .byte 0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
+ .byte 0x6e,0x3a,0x20,0x31,0x2e,0x35,0x20,0x24
+ .byte 0x0
+
+ .byte 0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
+ .byte 0x6e,0x3a,0x20,0x31,0x2e,0x38,0x20,0x24
+ .byte 0x0
+
+ .byte 0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
+ .byte 0x6e,0x3a,0x20,0x31,0x2e,0x32,0x33,0x20
+ .byte 0x24,0x0
+
+ .byte 0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
+ .byte 0x6e,0x3a,0x20,0x31,0x2e,0x37,0x38,0x20
+ .byte 0x24,0x0
+
+ .byte 0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
+ .byte 0x6e,0x3a,0x20,0x33,0x2e,0x37,0x30,0x20
+ .byte 0x24,0x0
+
+ .byte 0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
+ .byte 0x6e,0x3a,0x20,0x31,0x2e,0x32,0x20,0x24
+ .byte 0x0
+
+ .byte 0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
+ .byte 0x6e,0x3a,0x20,0x31,0x2e,0x34,0x20,0x24
+ .byte 0x0
+
+ .byte 0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
+ .byte 0x6e,0x3a,0x20,0x31,0x2e,0x38,0x20,0x24
+ .byte 0x0
+ .text
+ .align 2
+ .globl bn_mul_add_words
+ .ent bn_mul_add_words
+bn_mul_add_words:
+ .frame $sp,0,$31 # vars= 0, regs= 0/0, args= 0, extra= 0
+ .mask 0x00000000,0
+ .fmask 0x00000000,0
+ .set noreorder
+ .cpload $25
+ .set reorder
+ move $12,$4
+ move $14,$5
+ move $9,$6
+ move $13,$7
+ move $8,$0
+ addu $10,$12,12
+ addu $11,$14,12
+$L2:
+ lw $6,0($14)
+ #nop
+ multu $13,$6
+ mfhi $6
+ mflo $7
+ #nop
+ move $5,$8
+ move $4,$0
+ lw $3,0($12)
+ addu $9,$9,-1
+ move $2,$0
+ addu $7,$7,$3
+ sltu $8,$7,$3
+ addu $6,$6,$2
+ addu $6,$6,$8
+ addu $7,$7,$5
+ sltu $2,$7,$5
+ addu $6,$6,$4
+ addu $6,$6,$2
+ srl $3,$6,0
+ move $2,$0
+ move $8,$3
+ .set noreorder
+ .set nomacro
+ beq $9,$0,$L3
+ sw $7,0($12)
+ .set macro
+ .set reorder
+
+ lw $6,-8($11)
+ #nop
+ multu $13,$6
+ mfhi $6
+ mflo $7
+ #nop
+ move $5,$8
+ move $4,$0
+ lw $3,-8($10)
+ addu $9,$9,-1
+ move $2,$0
+ addu $7,$7,$3
+ sltu $8,$7,$3
+ addu $6,$6,$2
+ addu $6,$6,$8
+ addu $7,$7,$5
+ sltu $2,$7,$5
+ addu $6,$6,$4
+ addu $6,$6,$2
+ srl $3,$6,0
+ move $2,$0
+ move $8,$3
+ .set noreorder
+ .set nomacro
+ beq $9,$0,$L3
+ sw $7,-8($10)
+ .set macro
+ .set reorder
+
+ lw $6,-4($11)
+ #nop
+ multu $13,$6
+ mfhi $6
+ mflo $7
+ #nop
+ move $5,$8
+ move $4,$0
+ lw $3,-4($10)
+ addu $9,$9,-1
+ move $2,$0
+ addu $7,$7,$3
+ sltu $8,$7,$3
+ addu $6,$6,$2
+ addu $6,$6,$8
+ addu $7,$7,$5
+ sltu $2,$7,$5
+ addu $6,$6,$4
+ addu $6,$6,$2
+ srl $3,$6,0
+ move $2,$0
+ move $8,$3
+ .set noreorder
+ .set nomacro
+ beq $9,$0,$L3
+ sw $7,-4($10)
+ .set macro
+ .set reorder
+
+ lw $6,0($11)
+ #nop
+ multu $13,$6
+ mfhi $6
+ mflo $7
+ #nop
+ move $5,$8
+ move $4,$0
+ lw $3,0($10)
+ addu $9,$9,-1
+ move $2,$0
+ addu $7,$7,$3
+ sltu $8,$7,$3
+ addu $6,$6,$2
+ addu $6,$6,$8
+ addu $7,$7,$5
+ sltu $2,$7,$5
+ addu $6,$6,$4
+ addu $6,$6,$2
+ srl $3,$6,0
+ move $2,$0
+ move $8,$3
+ .set noreorder
+ .set nomacro
+ beq $9,$0,$L3
+ sw $7,0($10)
+ .set macro
+ .set reorder
+
+ addu $11,$11,16
+ addu $14,$14,16
+ addu $10,$10,16
+ .set noreorder
+ .set nomacro
+ j $L2
+ addu $12,$12,16
+ .set macro
+ .set reorder
+
+$L3:
+ .set noreorder
+ .set nomacro
+ j $31
+ move $2,$8
+ .set macro
+ .set reorder
+
+ .end bn_mul_add_words
+ .align 2
+ .globl bn_mul_words
+ .ent bn_mul_words
+bn_mul_words:
+ .frame $sp,0,$31 # vars= 0, regs= 0/0, args= 0, extra= 0
+ .mask 0x00000000,0
+ .fmask 0x00000000,0
+ .set noreorder
+ .cpload $25
+ .set reorder
+ move $11,$4
+ move $12,$5
+ move $8,$6
+ move $6,$0
+ addu $10,$11,12
+ addu $9,$12,12
+$L10:
+ lw $4,0($12)
+ #nop
+ multu $7,$4
+ mfhi $4
+ mflo $5
+ #nop
+ move $3,$6
+ move $2,$0
+ addu $8,$8,-1
+ addu $5,$5,$3
+ sltu $6,$5,$3
+ addu $4,$4,$2
+ addu $4,$4,$6
+ srl $3,$4,0
+ move $2,$0
+ move $6,$3
+ .set noreorder
+ .set nomacro
+ beq $8,$0,$L11
+ sw $5,0($11)
+ .set macro
+ .set reorder
+
+ lw $4,-8($9)
+ #nop
+ multu $7,$4
+ mfhi $4
+ mflo $5
+ #nop
+ move $3,$6
+ move $2,$0
+ addu $8,$8,-1
+ addu $5,$5,$3
+ sltu $6,$5,$3
+ addu $4,$4,$2
+ addu $4,$4,$6
+ srl $3,$4,0
+ move $2,$0
+ move $6,$3
+ .set noreorder
+ .set nomacro
+ beq $8,$0,$L11
+ sw $5,-8($10)
+ .set macro
+ .set reorder
+
+ lw $4,-4($9)
+ #nop
+ multu $7,$4
+ mfhi $4
+ mflo $5
+ #nop
+ move $3,$6
+ move $2,$0
+ addu $8,$8,-1
+ addu $5,$5,$3
+ sltu $6,$5,$3
+ addu $4,$4,$2
+ addu $4,$4,$6
+ srl $3,$4,0
+ move $2,$0
+ move $6,$3
+ .set noreorder
+ .set nomacro
+ beq $8,$0,$L11
+ sw $5,-4($10)
+ .set macro
+ .set reorder
+
+ lw $4,0($9)
+ #nop
+ multu $7,$4
+ mfhi $4
+ mflo $5
+ #nop
+ move $3,$6
+ move $2,$0
+ addu $8,$8,-1
+ addu $5,$5,$3
+ sltu $6,$5,$3
+ addu $4,$4,$2
+ addu $4,$4,$6
+ srl $3,$4,0
+ move $2,$0
+ move $6,$3
+ .set noreorder
+ .set nomacro
+ beq $8,$0,$L11
+ sw $5,0($10)
+ .set macro
+ .set reorder
+
+ addu $9,$9,16
+ addu $12,$12,16
+ addu $10,$10,16
+ .set noreorder
+ .set nomacro
+ j $L10
+ addu $11,$11,16
+ .set macro
+ .set reorder
+
+$L11:
+ .set noreorder
+ .set nomacro
+ j $31
+ move $2,$6
+ .set macro
+ .set reorder
+
+ .end bn_mul_words
+ .align 2
+ .globl bn_sqr_words
+ .ent bn_sqr_words
+bn_sqr_words:
+ .frame $sp,0,$31 # vars= 0, regs= 0/0, args= 0, extra= 0
+ .mask 0x00000000,0
+ .fmask 0x00000000,0
+ .set noreorder
+ .cpload $25
+ .set reorder
+ move $9,$4
+ addu $7,$9,28
+ addu $8,$5,12
+$L18:
+ lw $2,0($5)
+ #nop
+ multu $2,$2
+ mfhi $2
+ mflo $3
+ #nop
+ addu $6,$6,-1
+ sw $3,0($9)
+ srl $3,$2,0
+ move $2,$0
+ .set noreorder
+ .set nomacro
+ beq $6,$0,$L19
+ sw $3,-24($7)
+ .set macro
+ .set reorder
+
+ lw $2,-8($8)
+ #nop
+ multu $2,$2
+ mfhi $2
+ mflo $3
+ #nop
+ addu $6,$6,-1
+ sw $3,-20($7)
+ srl $3,$2,0
+ move $2,$0
+ .set noreorder
+ .set nomacro
+ beq $6,$0,$L19
+ sw $3,-16($7)
+ .set macro
+ .set reorder
+
+ lw $2,-4($8)
+ #nop
+ multu $2,$2
+ mfhi $2
+ mflo $3
+ #nop
+ addu $6,$6,-1
+ sw $3,-12($7)
+ srl $3,$2,0
+ move $2,$0
+ .set noreorder
+ .set nomacro
+ beq $6,$0,$L19
+ sw $3,-8($7)
+ .set macro
+ .set reorder
+
+ lw $2,0($8)
+ #nop
+ multu $2,$2
+ mfhi $2
+ mflo $3
+ #nop
+ addu $6,$6,-1
+ sw $3,-4($7)
+ srl $3,$2,0
+ move $2,$0
+ .set noreorder
+ .set nomacro
+ beq $6,$0,$L19
+ sw $3,0($7)
+ .set macro
+ .set reorder
+
+ addu $8,$8,16
+ addu $5,$5,16
+ addu $7,$7,32
+ .set noreorder
+ .set nomacro
+ j $L18
+ addu $9,$9,32
+ .set macro
+ .set reorder
+
+$L19:
+ j $31
+ .end bn_sqr_words
+ .rdata
+ .align 2
+$LC0:
+
+ .byte 0x44,0x69,0x76,0x69,0x73,0x69,0x6f,0x6e
+ .byte 0x20,0x77,0x6f,0x75,0x6c,0x64,0x20,0x6f
+ .byte 0x76,0x65,0x72,0x66,0x6c,0x6f,0x77,0xa
+ .byte 0x0
+ .text
+ .align 2
+ .globl bn_div64
+ .ent bn_div64
+bn_div64:
+ .frame $sp,56,$31 # vars= 0, regs= 7/0, args= 16, extra= 8
+ .mask 0x901f0000,-8
+ .fmask 0x00000000,0
+ .set noreorder
+ .cpload $25
+ .set reorder
+ subu $sp,$sp,56
+ .cprestore 16
+ sw $16,24($sp)
+ move $16,$4
+ sw $17,28($sp)
+ move $17,$5
+ sw $18,32($sp)
+ move $18,$6
+ sw $20,40($sp)
+ move $20,$0
+ sw $19,36($sp)
+ li $19,0x00000002 # 2
+ sw $31,48($sp)
+ .set noreorder
+ .set nomacro
+ bne $18,$0,$L26
+ sw $28,44($sp)
+ .set macro
+ .set reorder
+
+ .set noreorder
+ .set nomacro
+ j $L43
+ li $2,-1 # 0xffffffff
+ .set macro
+ .set reorder
+
+$L26:
+ move $4,$18
+ jal BN_num_bits_word
+ move $4,$2
+ li $2,0x00000020 # 32
+ .set noreorder
+ .set nomacro
+ beq $4,$2,$L27
+ li $2,0x00000001 # 1
+ .set macro
+ .set reorder
+
+ sll $2,$2,$4
+ sltu $2,$2,$16
+ .set noreorder
+ .set nomacro
+ beq $2,$0,$L44
+ li $5,0x00000020 # 32
+ .set macro
+ .set reorder
+
+ la $4,__iob+32
+ la $5,$LC0
+ jal fprintf
+ jal abort
+$L27:
+ li $5,0x00000020 # 32
+$L44:
+ sltu $2,$16,$18
+ .set noreorder
+ .set nomacro
+ bne $2,$0,$L28
+ subu $4,$5,$4
+ .set macro
+ .set reorder
+
+ subu $16,$16,$18
+$L28:
+ .set noreorder
+ .set nomacro
+ beq $4,$0,$L29
+ li $10,-65536 # 0xffff0000
+ .set macro
+ .set reorder
+
+ sll $18,$18,$4
+ sll $3,$16,$4
+ subu $2,$5,$4
+ srl $2,$17,$2
+ or $16,$3,$2
+ sll $17,$17,$4
+$L29:
+ srl $7,$18,16
+ andi $9,$18,0xffff
+$L30:
+ srl $2,$16,16
+ .set noreorder
+ .set nomacro
+ beq $2,$7,$L34
+ li $6,0x0000ffff # 65535
+ .set macro
+ .set reorder
+
+ divu $6,$16,$7
+$L34:
+ mult $6,$9
+ mflo $5
+ #nop
+ #nop
+ mult $6,$7
+ and $2,$17,$10
+ srl $8,$2,16
+ mflo $4
+$L35:
+ subu $3,$16,$4
+ and $2,$3,$10
+ .set noreorder
+ .set nomacro
+ bne $2,$0,$L36
+ sll $2,$3,16
+ .set macro
+ .set reorder
+
+ addu $2,$2,$8
+ sltu $2,$2,$5
+ .set noreorder
+ .set nomacro
+ beq $2,$0,$L36
+ subu $5,$5,$9
+ .set macro
+ .set reorder
+
+ subu $4,$4,$7
+ .set noreorder
+ .set nomacro
+ j $L35
+ addu $6,$6,-1
+ .set macro
+ .set reorder
+
+$L36:
+ mult $6,$7
+ mflo $5
+ #nop
+ #nop
+ mult $6,$9
+ mflo $4
+ #nop
+ #nop
+ srl $3,$4,16
+ sll $2,$4,16
+ and $4,$2,$10
+ sltu $2,$17,$4
+ .set noreorder
+ .set nomacro
+ beq $2,$0,$L40
+ addu $5,$5,$3
+ .set macro
+ .set reorder
+
+ addu $5,$5,1
+$L40:
+ sltu $2,$16,$5
+ .set noreorder
+ .set nomacro
+ beq $2,$0,$L41
+ subu $17,$17,$4
+ .set macro
+ .set reorder
+
+ addu $16,$16,$18
+ addu $6,$6,-1
+$L41:
+ addu $19,$19,-1
+ .set noreorder
+ .set nomacro
+ beq $19,$0,$L31
+ subu $16,$16,$5
+ .set macro
+ .set reorder
+
+ sll $20,$6,16
+ sll $3,$16,16
+ srl $2,$17,16
+ or $16,$3,$2
+ .set noreorder
+ .set nomacro
+ j $L30
+ sll $17,$17,16
+ .set macro
+ .set reorder
+
+$L31:
+ or $2,$20,$6
+$L43:
+ lw $31,48($sp)
+ lw $20,40($sp)
+ lw $19,36($sp)
+ lw $18,32($sp)
+ lw $17,28($sp)
+ lw $16,24($sp)
+ addu $sp,$sp,56
+ j $31
+ .end bn_div64
+
+ .globl abort .text
+ .globl fprintf .text
+ .globl BN_num_bits_word .text
diff --git a/src/lib/libcrypto/bn/bnspeed.c b/src/lib/libcrypto/bn/bnspeed.c
new file mode 100644
index 0000000000..f7c2790fff
--- /dev/null
+++ b/src/lib/libcrypto/bn/bnspeed.c
@@ -0,0 +1,248 @@
+/* crypto/bn/bnspeed.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* most of this code has been pilfered from my libdes speed.c program */
+
+#define BASENUM 1000000
+#undef PROG
+#define PROG bnspeed_main
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <signal.h>
+#include <string.h>
+#include "crypto.h"
+#include "err.h"
+
+#ifndef MSDOS
+#define TIMES
+#endif
+
+#ifndef VMS
+#ifndef _IRIX
+#include <time.h>
+#endif
+#ifdef TIMES
+#include <sys/types.h>
+#include <sys/times.h>
+#endif
+#else /* VMS */
+#include <types.h>
+struct tms {
+ time_t tms_utime;
+ time_t tms_stime;
+ time_t tms_uchild; /* I dunno... */
+ time_t tms_uchildsys; /* so these names are a guess :-) */
+ }
+#endif
+#ifndef TIMES
+#include <sys/timeb.h>
+#endif
+
+#ifdef sun
+#include <limits.h>
+#include <sys/param.h>
+#endif
+
+#include "bn.h"
+#include "x509.h"
+
+/* The following if from times(3) man page. It may need to be changed */
+#ifndef HZ
+# ifndef CLK_TCK
+# ifndef _BSD_CLK_TCK_ /* FreeBSD hack */
+# ifndef VMS
+# define HZ 100.0
+# else /* VMS */
+# define HZ 100.0
+# endif
+# else /* _BSD_CLK_TCK_ */
+# define HZ ((double)_BSD_CLK_TCK_)
+# endif
+# else /* CLK_TCK */
+# define HZ ((double)CLK_TCK)
+# endif
+#endif
+
+#undef BUFSIZE
+#define BUFSIZE ((long)1024*8)
+int run=0;
+
+#ifndef NOPROTO
+static double Time_F(int s);
+#else
+static double Time_F();
+#endif
+
+#define START 0
+#define STOP 1
+
+static double Time_F(s)
+int s;
+ {
+ double ret;
+#ifdef TIMES
+ static struct tms tstart,tend;
+
+ if (s == START)
+ {
+ times(&tstart);
+ return(0);
+ }
+ else
+ {
+ times(&tend);
+ ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
+ return((ret < 1e-3)?1e-3:ret);
+ }
+#else /* !times() */
+ static struct timeb tstart,tend;
+ long i;
+
+ if (s == START)
+ {
+ ftime(&tstart);
+ return(0);
+ }
+ else
+ {
+ ftime(&tend);
+ i=(long)tend.millitm-(long)tstart.millitm;
+ ret=((double)(tend.time-tstart.time))+((double)i)/1000.0;
+ return((ret < 0.001)?0.001:ret);
+ }
+#endif
+ }
+
+#define NUM_SIZES 5
+static int sizes[NUM_SIZES]={128,256,512,1024,2048};
+/*static int sizes[NUM_SIZES]={59,179,299,419,539}; */
+
+void do_mul(BIGNUM *r,BIGNUM *a,BIGNUM *b,BN_CTX *ctx);
+
+int main(argc,argv)
+int argc;
+char **argv;
+ {
+ BN_CTX *ctx;
+ BIGNUM *a,*b,*c,*r;
+
+ ctx=BN_CTX_new();
+ a=BN_new();
+ b=BN_new();
+ c=BN_new();
+ r=BN_new();
+
+ do_mul(a,b,c,ctx);
+ }
+
+void do_mul(r,a,b,ctx)
+BIGNUM *r;
+BIGNUM *a;
+BIGNUM *b;
+BN_CTX *ctx;
+ {
+ int i,j,k;
+ double tm;
+ long num;
+
+ for (i=0; i<NUM_SIZES; i++)
+ {
+ num=BASENUM;
+ if (i) num/=(i*3);
+ BN_rand(a,sizes[i],1,0);
+ for (j=i; j<NUM_SIZES; j++)
+ {
+ BN_rand(b,sizes[j],1,0);
+ Time_F(START);
+ for (k=0; k<num; k++)
+ BN_mul(r,b,a);
+ tm=Time_F(STOP);
+ printf("mul %4d x %4d -> %8.3fms\n",sizes[i],sizes[j],tm*1000.0/num);
+ }
+ }
+
+ for (i=0; i<NUM_SIZES; i++)
+ {
+ num=BASENUM;
+ if (i) num/=(i*3);
+ BN_rand(a,sizes[i],1,0);
+ Time_F(START);
+ for (k=0; k<num; k++)
+ BN_sqr(r,a,ctx);
+ tm=Time_F(STOP);
+ printf("sqr %4d x %4d -> %8.3fms\n",sizes[i],sizes[i],tm*1000.0/num);
+ }
+
+ for (i=0; i<NUM_SIZES; i++)
+ {
+ num=BASENUM/10;
+ if (i) num/=(i*3);
+ BN_rand(a,sizes[i]-1,1,0);
+ for (j=i; j<NUM_SIZES; j++)
+ {
+ BN_rand(b,sizes[j],1,0);
+ Time_F(START);
+ for (k=0; k<100000; k++)
+ BN_div(r, NULL, b, a,ctx);
+ tm=Time_F(STOP);
+ printf("div %4d / %4d -> %8.3fms\n",sizes[j],sizes[i]-1,tm*1000.0/num);
+ }
+ }
+ }
+
diff --git a/src/lib/libcrypto/bn/bntest.c b/src/lib/libcrypto/bn/bntest.c
new file mode 100644
index 0000000000..9ebd68b429
--- /dev/null
+++ b/src/lib/libcrypto/bn/bntest.c
@@ -0,0 +1,777 @@
+/* crypto/bn/bntest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "e_os.h"
+#include "bio.h"
+#include "bn.h"
+#include "rand.h"
+#include "x509.h"
+#include "err.h"
+
+#ifdef WINDOWS
+#include "../bio/bss_file.c"
+#endif
+
+#ifndef NOPROTO
+int test_add (BIO *bp);
+int test_sub (BIO *bp);
+int test_lshift1 (BIO *bp);
+int test_lshift (BIO *bp);
+int test_rshift1 (BIO *bp);
+int test_rshift (BIO *bp);
+int test_div (BIO *bp,BN_CTX *ctx);
+int test_mul (BIO *bp);
+int test_sqr (BIO *bp,BN_CTX *ctx);
+int test_mont (BIO *bp,BN_CTX *ctx);
+int test_mod (BIO *bp,BN_CTX *ctx);
+int test_mod_mul (BIO *bp,BN_CTX *ctx);
+int test_mod_exp (BIO *bp,BN_CTX *ctx);
+int rand_neg(void);
+#else
+int test_add ();
+int test_sub ();
+int test_lshift1 ();
+int test_lshift ();
+int test_rshift1 ();
+int test_rshift ();
+int test_div ();
+int test_mul ();
+int test_sqr ();
+int test_mont ();
+int test_mod ();
+int test_mod_mul ();
+int test_mod_exp ();
+int rand_neg();
+#endif
+
+static int results=0;
+
+#ifdef NO_STDIO
+#define APPS_WIN16
+#include "bss_file.c"
+#endif
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ BN_CTX *ctx;
+ BIO *out;
+ char *outfile=NULL;
+
+ srand((unsigned int)time(NULL));
+
+ argc--;
+ argv++;
+ while (argc >= 1)
+ {
+ if (strcmp(*argv,"-results") == 0)
+ results=1;
+ else if (strcmp(*argv,"-out") == 0)
+ {
+ if (--argc < 1) break;
+ outfile= *(++argv);
+ }
+ argc--;
+ argv++;
+ }
+
+
+ ctx=BN_CTX_new();
+ if (ctx == NULL) exit(1);
+
+ out=BIO_new(BIO_s_file());
+ if (out == NULL) exit(1);
+ if (outfile == NULL)
+ {
+ BIO_set_fp(out,stdout,BIO_NOCLOSE);
+ }
+ else
+ {
+ if (!BIO_write_filename(out,outfile))
+ {
+ perror(outfile);
+ exit(1);
+ }
+ }
+
+ if (!results)
+ BIO_puts(out,"obase=16\nibase=16\n");
+
+ fprintf(stderr,"test BN_add\n");
+ if (!test_add(out)) goto err;
+ fflush(stdout);
+
+ fprintf(stderr,"test BN_sub\n");
+ if (!test_sub(out)) goto err;
+ fflush(stdout);
+
+ fprintf(stderr,"test BN_lshift1\n");
+ if (!test_lshift1(out)) goto err;
+ fflush(stdout);
+
+ fprintf(stderr,"test BN_lshift\n");
+ if (!test_lshift(out)) goto err;
+ fflush(stdout);
+
+ fprintf(stderr,"test BN_rshift1\n");
+ if (!test_rshift1(out)) goto err;
+ fflush(stdout);
+
+ fprintf(stderr,"test BN_rshift\n");
+ if (!test_rshift(out)) goto err;
+ fflush(stdout);
+
+ fprintf(stderr,"test BN_sqr\n");
+ if (!test_sqr(out,ctx)) goto err;
+ fflush(stdout);
+
+ fprintf(stderr,"test BN_mul\n");
+ if (!test_mul(out)) goto err;
+ fflush(stdout);
+
+ fprintf(stderr,"test BN_div\n");
+ if (!test_div(out,ctx)) goto err;
+ fflush(stdout);
+
+ fprintf(stderr,"test BN_mod\n");
+ if (!test_mod(out,ctx)) goto err;
+ fflush(stdout);
+
+ fprintf(stderr,"test BN_mod_mul\n");
+ if (!test_mod_mul(out,ctx)) goto err;
+ fflush(stdout);
+
+/*
+ fprintf(stderr,"test BN_mont\n");
+ if (!test_mont(out,ctx)) goto err;
+ fflush(stdout);
+*/
+ fprintf(stderr,"test BN_mod_exp\n");
+ if (!test_mod_exp(out,ctx)) goto err;
+ fflush(stdout);
+
+/**/
+ exit(0);
+err:
+ ERR_load_crypto_strings();
+ ERR_print_errors(out);
+ exit(1);
+ return(1);
+ }
+
+int test_add(bp)
+BIO *bp;
+ {
+ BIGNUM *a,*b,*c;
+ int i;
+ int j;
+
+ a=BN_new();
+ b=BN_new();
+ c=BN_new();
+
+ BN_rand(a,512,0,0);
+ for (i=0; i<100; i++)
+ {
+ BN_rand(b,450+i,0,0);
+ a->neg=rand_neg();
+ b->neg=rand_neg();
+ if (bp == NULL)
+ for (j=0; j<10000; j++)
+ BN_add(c,a,b);
+ BN_add(c,a,b);
+ if (bp != NULL)
+ {
+ if (!results)
+ {
+ BN_print(bp,a);
+ BIO_puts(bp," + ");
+ BN_print(bp,b);
+ BIO_puts(bp," - ");
+ }
+ BN_print(bp,c);
+ BIO_puts(bp,"\n");
+ }
+ }
+ BN_free(a);
+ BN_free(b);
+ BN_free(c);
+ return(1);
+ }
+
+int test_sub(bp)
+BIO *bp;
+ {
+ BIGNUM *a,*b,*c;
+ int i;
+ int j;
+
+ a=BN_new();
+ b=BN_new();
+ c=BN_new();
+
+ BN_rand(a,512,0,0);
+ for (i=0; i<100; i++)
+ {
+ BN_rand(b,400+i,0,0);
+ a->neg=rand_neg();
+ b->neg=rand_neg();
+ if (bp == NULL)
+ for (j=0; j<10000; j++)
+ BN_sub(c,a,b);
+ BN_sub(c,a,b);
+ if (bp != NULL)
+ {
+ if (!results)
+ {
+ BN_print(bp,a);
+ BIO_puts(bp," - ");
+ BN_print(bp,b);
+ BIO_puts(bp," - ");
+ }
+ BN_print(bp,c);
+ BIO_puts(bp,"\n");
+ }
+ }
+ BN_free(a);
+ BN_free(b);
+ BN_free(c);
+ return(1);
+ }
+
+int test_div(bp,ctx)
+BIO *bp;
+BN_CTX *ctx;
+ {
+ BIGNUM *a,*b,*c,*d;
+ int i;
+ int j;
+
+ a=BN_new();
+ b=BN_new();
+ c=BN_new();
+ d=BN_new();
+
+ BN_rand(a,400,0,0);
+ for (i=0; i<100; i++)
+ {
+ BN_rand(b,50+i,0,0);
+ a->neg=rand_neg();
+ b->neg=rand_neg();
+ if (bp == NULL)
+ for (j=0; j<100; j++)
+ BN_div(d,c,a,b,ctx);
+ BN_div(d,c,a,b,ctx);
+ if (bp != NULL)
+ {
+ if (!results)
+ {
+ BN_print(bp,a);
+ BIO_puts(bp," / ");
+ BN_print(bp,b);
+ BIO_puts(bp," - ");
+ }
+ BN_print(bp,d);
+ BIO_puts(bp,"\n");
+
+ if (!results)
+ {
+ BN_print(bp,a);
+ BIO_puts(bp," % ");
+ BN_print(bp,b);
+ BIO_puts(bp," - ");
+ }
+ BN_print(bp,c);
+ BIO_puts(bp,"\n");
+ }
+ }
+ BN_free(a);
+ BN_free(b);
+ BN_free(c);
+ BN_free(d);
+ return(1);
+ }
+
+int test_mul(bp)
+BIO *bp;
+ {
+ BIGNUM *a,*b,*c;
+ int i;
+ int j;
+
+ a=BN_new();
+ b=BN_new();
+ c=BN_new();
+
+ BN_rand(a,200,0,0);
+ for (i=0; i<100; i++)
+ {
+ BN_rand(b,250+i,0,0);
+ a->neg=rand_neg();
+ b->neg=rand_neg();
+ if (bp == NULL)
+ for (j=0; j<100; j++)
+ BN_mul(c,a,b);
+ BN_mul(c,a,b);
+ if (bp != NULL)
+ {
+ if (!results)
+ {
+ BN_print(bp,a);
+ BIO_puts(bp," * ");
+ BN_print(bp,b);
+ BIO_puts(bp," - ");
+ }
+ BN_print(bp,c);
+ BIO_puts(bp,"\n");
+ }
+ }
+ BN_free(a);
+ BN_free(b);
+ BN_free(c);
+ return(1);
+ }
+
+int test_sqr(bp,ctx)
+BIO *bp;
+BN_CTX *ctx;
+ {
+ BIGNUM *a,*c;
+ int i;
+ int j;
+
+ a=BN_new();
+ c=BN_new();
+
+ for (i=0; i<40; i++)
+ {
+ BN_rand(a,40+i*10,0,0);
+ a->neg=rand_neg();
+ if (bp == NULL)
+ for (j=0; j<100; j++)
+ BN_sqr(c,a,ctx);
+ BN_sqr(c,a,ctx);
+ if (bp != NULL)
+ {
+ if (!results)
+ {
+ BN_print(bp,a);
+ BIO_puts(bp," * ");
+ BN_print(bp,a);
+ BIO_puts(bp," - ");
+ }
+ BN_print(bp,c);
+ BIO_puts(bp,"\n");
+ }
+ }
+ BN_free(a);
+ BN_free(c);
+ return(1);
+ }
+
+int test_mont(bp,ctx)
+BIO *bp;
+BN_CTX *ctx;
+ {
+ BIGNUM *a,*b,*c,*A,*B;
+ BIGNUM *n;
+ int i;
+ int j;
+ BN_MONT_CTX *mont;
+
+ a=BN_new();
+ b=BN_new();
+ c=BN_new();
+ A=BN_new();
+ B=BN_new();
+ n=BN_new();
+
+ mont=BN_MONT_CTX_new();
+
+ BN_rand(a,100,0,0); /**/
+ BN_rand(b,100,0,0); /**/
+ for (i=0; i<10; i++)
+ {
+ BN_rand(n,(100%BN_BITS2+1)*BN_BITS2*i*BN_BITS2,0,1); /**/
+ BN_MONT_CTX_set(mont,n,ctx);
+
+ BN_to_montgomery(A,a,mont,ctx);
+ BN_to_montgomery(B,b,mont,ctx);
+
+ if (bp == NULL)
+ for (j=0; j<100; j++)
+ BN_mod_mul_montgomery(c,A,B,mont,ctx);/**/
+ BN_mod_mul_montgomery(c,A,B,mont,ctx);/**/
+ BN_from_montgomery(A,c,mont,ctx);/**/
+ if (bp != NULL)
+ {
+ if (!results)
+ {
+#ifdef undef
+fprintf(stderr,"%d * %d %% %d\n",
+BN_num_bits(a),
+BN_num_bits(b),
+BN_num_bits(mont->N));
+#endif
+ BN_print(bp,a);
+ BIO_puts(bp," * ");
+ BN_print(bp,b);
+ BIO_puts(bp," % ");
+ BN_print(bp,mont->N);
+ BIO_puts(bp," - ");
+ }
+ BN_print(bp,A);
+ BIO_puts(bp,"\n");
+ }
+ }
+ BN_MONT_CTX_free(mont);
+ BN_free(a);
+ BN_free(b);
+ BN_free(c);
+ return(1);
+ }
+
+int test_mod(bp,ctx)
+BIO *bp;
+BN_CTX *ctx;
+ {
+ BIGNUM *a,*b,*c;
+ int i;
+ int j;
+
+ a=BN_new();
+ b=BN_new();
+ c=BN_new();
+
+ BN_rand(a,1024,0,0); /**/
+ for (i=0; i<20; i++)
+ {
+ BN_rand(b,450+i*10,0,0); /**/
+ a->neg=rand_neg();
+ b->neg=rand_neg();
+ if (bp == NULL)
+ for (j=0; j<100; j++)
+ BN_mod(c,a,b,ctx);/**/
+ BN_mod(c,a,b,ctx);/**/
+ if (bp != NULL)
+ {
+ if (!results)
+ {
+ BN_print(bp,a);
+ BIO_puts(bp," % ");
+ BN_print(bp,b);
+ BIO_puts(bp," - ");
+ }
+ BN_print(bp,c);
+ BIO_puts(bp,"\n");
+ }
+ }
+ BN_free(a);
+ BN_free(b);
+ BN_free(c);
+ return(1);
+ }
+
+int test_mod_mul(bp,ctx)
+BIO *bp;
+BN_CTX *ctx;
+ {
+ BIGNUM *a,*b,*c,*d,*e;
+ int i;
+
+ a=BN_new();
+ b=BN_new();
+ c=BN_new();
+ d=BN_new();
+ e=BN_new();
+
+ BN_rand(c,1024,0,0); /**/
+ for (i=0; i<10; i++)
+ {
+ BN_rand(a,475+i*10,0,0); /**/
+ BN_rand(b,425+i*10,0,0); /**/
+ a->neg=rand_neg();
+ b->neg=rand_neg();
+ /* if (bp == NULL)
+ for (j=0; j<100; j++)
+ BN_mod_mul(d,a,b,c,ctx);*/ /**/
+
+ if (!BN_mod_mul(e,a,b,c,ctx))
+ {
+ unsigned long l;
+
+ while ((l=ERR_get_error()))
+ fprintf(stderr,"ERROR:%s\n",
+ ERR_error_string(l,NULL));
+ exit(1);
+ }
+ if (bp != NULL)
+ {
+ if (!results)
+ {
+ BN_print(bp,a);
+ BIO_puts(bp," * ");
+ BN_print(bp,b);
+ BIO_puts(bp," % ");
+ BN_print(bp,c);
+ BIO_puts(bp," - ");
+ }
+ BN_print(bp,e);
+ BIO_puts(bp,"\n");
+ }
+ }
+ BN_free(a);
+ BN_free(b);
+ BN_free(c);
+ BN_free(d);
+ BN_free(e);
+ return(1);
+ }
+
+int test_mod_exp(bp,ctx)
+BIO *bp;
+BN_CTX *ctx;
+ {
+ BIGNUM *a,*b,*c,*d,*e;
+ int i;
+
+ a=BN_new();
+ b=BN_new();
+ c=BN_new();
+ d=BN_new();
+ e=BN_new();
+
+ BN_rand(c,30,0,1); /* must be odd for montgomery */
+ for (i=0; i<6; i++)
+ {
+ BN_rand(a,20+i*5,0,0); /**/
+ BN_rand(b,2+i,0,0); /**/
+
+ if (!BN_mod_exp(d,a,b,c,ctx))
+ return(00);
+
+ if (bp != NULL)
+ {
+ if (!results)
+ {
+ BN_print(bp,a);
+ BIO_puts(bp," ^ ");
+ BN_print(bp,b);
+ BIO_puts(bp," % ");
+ BN_print(bp,c);
+ BIO_puts(bp," - ");
+ }
+ BN_print(bp,d);
+ BIO_puts(bp,"\n");
+ }
+ }
+ BN_free(a);
+ BN_free(b);
+ BN_free(c);
+ BN_free(d);
+ BN_free(e);
+ return(1);
+ }
+
+int test_lshift(bp)
+BIO *bp;
+ {
+ BIGNUM *a,*b,*c;
+ int i;
+
+ a=BN_new();
+ b=BN_new();
+ c=BN_new();
+ BN_one(c);
+
+ BN_rand(a,200,0,0); /**/
+ a->neg=rand_neg();
+ for (i=0; i<70; i++)
+ {
+ BN_lshift(b,a,i+1);
+ BN_add(c,c,c);
+ if (bp != NULL)
+ {
+ if (!results)
+ {
+ BN_print(bp,a);
+ BIO_puts(bp," * ");
+ BN_print(bp,c);
+ BIO_puts(bp," - ");
+ }
+ BN_print(bp,b);
+ BIO_puts(bp,"\n");
+ }
+ }
+ BN_free(a);
+ BN_free(b);
+ BN_free(c);
+ return(1);
+ }
+
+int test_lshift1(bp)
+BIO *bp;
+ {
+ BIGNUM *a,*b;
+ int i;
+
+ a=BN_new();
+ b=BN_new();
+
+ BN_rand(a,200,0,0); /**/
+ a->neg=rand_neg();
+ for (i=0; i<70; i++)
+ {
+ BN_lshift1(b,a);
+ if (bp != NULL)
+ {
+ if (!results)
+ {
+ BN_print(bp,a);
+ BIO_puts(bp," * 2");
+ BIO_puts(bp," - ");
+ }
+ BN_print(bp,b);
+ BIO_puts(bp,"\n");
+ }
+ BN_copy(a,b);
+ }
+ BN_free(a);
+ BN_free(b);
+ return(1);
+ }
+
+int test_rshift(bp)
+BIO *bp;
+ {
+ BIGNUM *a,*b,*c;
+ int i;
+
+ a=BN_new();
+ b=BN_new();
+ c=BN_new();
+ BN_one(c);
+
+ BN_rand(a,200,0,0); /**/
+ a->neg=rand_neg();
+ for (i=0; i<70; i++)
+ {
+ BN_rshift(b,a,i+1);
+ BN_add(c,c,c);
+ if (bp != NULL)
+ {
+ if (!results)
+ {
+ BN_print(bp,a);
+ BIO_puts(bp," / ");
+ BN_print(bp,c);
+ BIO_puts(bp," - ");
+ }
+ BN_print(bp,b);
+ BIO_puts(bp,"\n");
+ }
+ }
+ BN_free(a);
+ BN_free(b);
+ BN_free(c);
+ return(1);
+ }
+
+int test_rshift1(bp)
+BIO *bp;
+ {
+ BIGNUM *a,*b;
+ int i;
+
+ a=BN_new();
+ b=BN_new();
+
+ BN_rand(a,200,0,0); /**/
+ a->neg=rand_neg();
+ for (i=0; i<70; i++)
+ {
+ BN_rshift1(b,a);
+ if (bp != NULL)
+ {
+ if (!results)
+ {
+ BN_print(bp,a);
+ BIO_puts(bp," / 2");
+ BIO_puts(bp," - ");
+ }
+ BN_print(bp,b);
+ BIO_puts(bp,"\n");
+ }
+ BN_copy(a,b);
+ }
+ BN_free(a);
+ BN_free(b);
+ return(1);
+ }
+
+int rand_neg()
+ {
+ static unsigned int neg=0;
+ static int sign[8]={0,0,0,1,1,0,1,1};
+
+ return(sign[(neg++)%8]);
+ }
diff --git a/src/lib/libcrypto/bn/expspeed.c b/src/lib/libcrypto/bn/expspeed.c
new file mode 100644
index 0000000000..344f883d35
--- /dev/null
+++ b/src/lib/libcrypto/bn/expspeed.c
@@ -0,0 +1,230 @@
+/* crypto/bn/expspeed.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* most of this code has been pilfered from my libdes speed.c program */
+
+#define BASENUM 5000
+#undef PROG
+#define PROG bnspeed_main
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <signal.h>
+#include <string.h>
+#include "crypto.h"
+#include "err.h"
+
+#ifndef MSDOS
+#define TIMES
+#endif
+
+#ifndef VMS
+#ifndef _IRIX
+#include <time.h>
+#endif
+#ifdef TIMES
+#include <sys/types.h>
+#include <sys/times.h>
+#endif
+#else /* VMS */
+#include <types.h>
+struct tms {
+ time_t tms_utime;
+ time_t tms_stime;
+ time_t tms_uchild; /* I dunno... */
+ time_t tms_uchildsys; /* so these names are a guess :-) */
+ }
+#endif
+#ifndef TIMES
+#include <sys/timeb.h>
+#endif
+
+#ifdef sun
+#include <limits.h>
+#include <sys/param.h>
+#endif
+
+#include "bn.h"
+#include "x509.h"
+
+/* The following if from times(3) man page. It may need to be changed */
+#ifndef HZ
+# ifndef CLK_TCK
+# ifndef _BSD_CLK_TCK_ /* FreeBSD hack */
+# ifndef VMS
+# define HZ 100.0
+# else /* VMS */
+# define HZ 100.0
+# endif
+# else /* _BSD_CLK_TCK_ */
+# define HZ ((double)_BSD_CLK_TCK_)
+# endif
+# else /* CLK_TCK */
+# define HZ ((double)CLK_TCK)
+# endif
+#endif
+
+#undef BUFSIZE
+#define BUFSIZE ((long)1024*8)
+int run=0;
+
+#ifndef NOPROTO
+static double Time_F(int s);
+#else
+static double Time_F();
+#endif
+
+#define START 0
+#define STOP 1
+
+static double Time_F(s)
+int s;
+ {
+ double ret;
+#ifdef TIMES
+ static struct tms tstart,tend;
+
+ if (s == START)
+ {
+ times(&tstart);
+ return(0);
+ }
+ else
+ {
+ times(&tend);
+ ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
+ return((ret < 1e-3)?1e-3:ret);
+ }
+#else /* !times() */
+ static struct timeb tstart,tend;
+ long i;
+
+ if (s == START)
+ {
+ ftime(&tstart);
+ return(0);
+ }
+ else
+ {
+ ftime(&tend);
+ i=(long)tend.millitm-(long)tstart.millitm;
+ ret=((double)(tend.time-tstart.time))+((double)i)/1000.0;
+ return((ret < 0.001)?0.001:ret);
+ }
+#endif
+ }
+
+#define NUM_SIZES 6
+static int sizes[NUM_SIZES]={256,512,1024,2048,4096,8192};
+static int mul_c[NUM_SIZES]={8*8*8*8*8,8*8*8*8,8*8*8,8*8,8,1};
+/*static int sizes[NUM_SIZES]={59,179,299,419,539}; */
+
+void do_mul_exp(BIGNUM *r,BIGNUM *a,BIGNUM *b,BIGNUM *c,BN_CTX *ctx);
+
+int main(argc,argv)
+int argc;
+char **argv;
+ {
+ BN_CTX *ctx;
+ BIGNUM *a,*b,*c,*r;
+
+ ctx=BN_CTX_new();
+ a=BN_new();
+ b=BN_new();
+ c=BN_new();
+ r=BN_new();
+
+ do_mul_exp(r,a,b,c,ctx);
+ }
+
+void do_mul_exp(r,a,b,c,ctx)
+BIGNUM *r;
+BIGNUM *a;
+BIGNUM *b;
+BIGNUM *c;
+BN_CTX *ctx;
+ {
+ int i,k;
+ double tm;
+ long num;
+ BN_MONT_CTX m;
+
+ memset(&m,0,sizeof(m));
+
+ num=BASENUM;
+ for (i=0; i<NUM_SIZES; i++)
+ {
+ BN_rand(a,sizes[i],1,0);
+ BN_rand(b,sizes[i],1,0);
+ BN_rand(c,sizes[i],1,1);
+ BN_mod(a,a,c,ctx);
+ BN_mod(b,b,c,ctx);
+
+ BN_MONT_CTX_set(&m,c,ctx);
+
+ Time_F(START);
+ for (k=0; k<num; k++)
+ BN_mod_exp_mont(r,a,b,c,ctx,&m);
+ tm=Time_F(STOP);
+ printf("mul %4d ^ %4d %% %d -> %8.3fms %5.1f\n",sizes[i],sizes[i],sizes[i],tm*1000.0/num,tm*mul_c[i]/num);
+ num/=7;
+ if (num <= 0) num=1;
+ }
+
+ }
+
diff --git a/src/lib/libcrypto/bn/exptest.c b/src/lib/libcrypto/bn/exptest.c
new file mode 100644
index 0000000000..67dc95d726
--- /dev/null
+++ b/src/lib/libcrypto/bn/exptest.c
@@ -0,0 +1,148 @@
+/* crypto/bn/exptest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "bio.h"
+#include "bn.h"
+#include "rand.h"
+#include "err.h"
+#ifdef WINDOWS
+#include "../bio/bss_file.c"
+#endif
+
+#define NUM_BITS (BN_BITS*2)
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ BN_CTX *ctx;
+ BIO *out=NULL;
+ int i,ret;
+ unsigned char c;
+ BIGNUM *r_mont,*r_recp,*a,*b,*m;
+
+ ctx=BN_CTX_new();
+ if (ctx == NULL) exit(1);
+ r_mont=BN_new();
+ r_recp=BN_new();
+ a=BN_new();
+ b=BN_new();
+ m=BN_new();
+ if ( (r_mont == NULL) || (r_recp == NULL) ||
+ (a == NULL) || (b == NULL))
+ goto err;
+
+ out=BIO_new(BIO_s_file());
+
+ if (out == NULL) exit(1);
+ BIO_set_fp(out,stdout,BIO_NOCLOSE);
+
+ for (i=0; i<200; i++)
+ {
+ RAND_bytes(&c,1);
+ c=(c%BN_BITS)-BN_BITS2;
+ BN_rand(a,NUM_BITS+c,0,0);
+
+ RAND_bytes(&c,1);
+ c=(c%BN_BITS)-BN_BITS2;
+ BN_rand(b,NUM_BITS+c,0,0);
+
+ RAND_bytes(&c,1);
+ c=(c%BN_BITS)-BN_BITS2;
+ BN_rand(m,NUM_BITS+c,0,1);
+
+ BN_mod(a,a,m,ctx);
+ BN_mod(b,b,m,ctx);
+
+ ret=BN_mod_exp_mont(r_mont,a,b,m,ctx,NULL);
+ if (ret <= 0)
+ { printf("BN_mod_exp_mont() problems\n"); exit(1); }
+
+ ret=BN_mod_exp_recp(r_recp,a,b,m,ctx);
+ if (ret <= 0)
+ { printf("BN_mod_exp_recp() problems\n"); exit(1); }
+
+ if (BN_cmp(r_mont,r_recp) != 0)
+ {
+ printf("\nmont and recp results differ\n");
+ printf("a (%3d) = ",BN_num_bits(a)); BN_print(out,a);
+ printf("\nb (%3d) = ",BN_num_bits(b)); BN_print(out,b);
+ printf("\nm (%3d) = ",BN_num_bits(m)); BN_print(out,m);
+ printf("\nrecp ="); BN_print(out,r_recp);
+ printf("\nmont ="); BN_print(out,r_mont);
+ printf("\n");
+ exit(1);
+ }
+ else
+ {
+ printf(".");
+ fflush(stdout);
+ }
+ }
+ printf(" done\n");
+ exit(0);
+err:
+ ERR_load_crypto_strings();
+ ERR_print_errors(out);
+ exit(1);
+ return(1);
+ }
+
diff --git a/src/lib/libcrypto/cast/asm/readme b/src/lib/libcrypto/cast/asm/readme
new file mode 100644
index 0000000000..fbcd76289e
--- /dev/null
+++ b/src/lib/libcrypto/cast/asm/readme
@@ -0,0 +1,7 @@
+There is a ppro flag in cast-586 which turns on/off
+generation of pentium pro/II friendly code
+
+This flag makes the inner loop one cycle longer, but generates
+code that runs %30 faster on the pentium pro/II, while only %7 slower
+on the pentium. By default, this flag is on.
+
diff --git a/src/lib/libcrypto/cast/cast_spd.c b/src/lib/libcrypto/cast/cast_spd.c
new file mode 100644
index 0000000000..ab75e65386
--- /dev/null
+++ b/src/lib/libcrypto/cast/cast_spd.c
@@ -0,0 +1,294 @@
+/* crypto/cast/cast_spd.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* 11-Sep-92 Andrew Daviel Support for Silicon Graphics IRIX added */
+/* 06-Apr-92 Luke Brennan Support for VMS and add extra signal calls */
+
+#ifndef MSDOS
+#define TIMES
+#endif
+
+#include <stdio.h>
+#ifndef MSDOS
+#include <unistd.h>
+#else
+#include <io.h>
+extern int exit();
+#endif
+#include <signal.h>
+#ifndef VMS
+#ifndef _IRIX
+#include <time.h>
+#endif
+#ifdef TIMES
+#include <sys/types.h>
+#include <sys/times.h>
+#endif
+#else /* VMS */
+#include <types.h>
+struct tms {
+ time_t tms_utime;
+ time_t tms_stime;
+ time_t tms_uchild; /* I dunno... */
+ time_t tms_uchildsys; /* so these names are a guess :-) */
+ }
+#endif
+#ifndef TIMES
+#include <sys/timeb.h>
+#endif
+
+#ifdef sun
+#include <limits.h>
+#include <sys/param.h>
+#endif
+
+#include "cast.h"
+
+/* The following if from times(3) man page. It may need to be changed */
+#ifndef HZ
+#ifndef CLK_TCK
+#ifndef VMS
+#define HZ 100.0
+#else /* VMS */
+#define HZ 100.0
+#endif
+#else /* CLK_TCK */
+#define HZ ((double)CLK_TCK)
+#endif
+#endif
+
+#define BUFSIZE ((long)1024)
+long run=0;
+
+#ifndef NOPROTO
+double Time_F(int s);
+#else
+double Time_F();
+#endif
+
+#ifdef SIGALRM
+#if defined(__STDC__) || defined(sgi) || defined(_AIX)
+#define SIGRETTYPE void
+#else
+#define SIGRETTYPE int
+#endif
+
+#ifndef NOPROTO
+SIGRETTYPE sig_done(int sig);
+#else
+SIGRETTYPE sig_done();
+#endif
+
+SIGRETTYPE sig_done(sig)
+int sig;
+ {
+ signal(SIGALRM,sig_done);
+ run=0;
+#ifdef LINT
+ sig=sig;
+#endif
+ }
+#endif
+
+#define START 0
+#define STOP 1
+
+double Time_F(s)
+int s;
+ {
+ double ret;
+#ifdef TIMES
+ static struct tms tstart,tend;
+
+ if (s == START)
+ {
+ times(&tstart);
+ return(0);
+ }
+ else
+ {
+ times(&tend);
+ ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
+ return((ret == 0.0)?1e-6:ret);
+ }
+#else /* !times() */
+ static struct timeb tstart,tend;
+ long i;
+
+ if (s == START)
+ {
+ ftime(&tstart);
+ return(0);
+ }
+ else
+ {
+ ftime(&tend);
+ i=(long)tend.millitm-(long)tstart.millitm;
+ ret=((double)(tend.time-tstart.time))+((double)i)/1e3;
+ return((ret == 0.0)?1e-6:ret);
+ }
+#endif
+ }
+
+int main(argc,argv)
+int argc;
+char **argv;
+ {
+ long count;
+ static unsigned char buf[BUFSIZE];
+ static unsigned char key[] ={
+ 0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,
+ 0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10,
+ };
+ CAST_KEY sch;
+ double a,b,c,d;
+#ifndef SIGALRM
+ long ca,cb,cc;
+#endif
+
+#ifndef TIMES
+ printf("To get the most acurate results, try to run this\n");
+ printf("program when this computer is idle.\n");
+#endif
+
+#ifndef SIGALRM
+ printf("First we calculate the approximate speed ...\n");
+ CAST_set_key(&sch,16,key);
+ count=10;
+ do {
+ long i;
+ CAST_LONG data[2];
+
+ count*=2;
+ Time_F(START);
+ for (i=count; i; i--)
+ CAST_encrypt(data,&sch);
+ d=Time_F(STOP);
+ } while (d < 3.0);
+ ca=count/512;
+ cb=count;
+ cc=count*8/BUFSIZE+1;
+ printf("Doing CAST_set_key %ld times\n",ca);
+#define COND(d) (count != (d))
+#define COUNT(d) (d)
+#else
+#define COND(c) (run)
+#define COUNT(d) (count)
+ signal(SIGALRM,sig_done);
+ printf("Doing CAST_set_key for 10 seconds\n");
+ alarm(10);
+#endif
+
+ Time_F(START);
+ for (count=0,run=1; COND(ca); count+=4)
+ {
+ CAST_set_key(&sch,16,key);
+ CAST_set_key(&sch,16,key);
+ CAST_set_key(&sch,16,key);
+ CAST_set_key(&sch,16,key);
+ }
+ d=Time_F(STOP);
+ printf("%ld cast set_key's in %.2f seconds\n",count,d);
+ a=((double)COUNT(ca))/d;
+
+#ifdef SIGALRM
+ printf("Doing CAST_encrypt's for 10 seconds\n");
+ alarm(10);
+#else
+ printf("Doing CAST_encrypt %ld times\n",cb);
+#endif
+ Time_F(START);
+ for (count=0,run=1; COND(cb); count+=4)
+ {
+ CAST_LONG data[2];
+
+ CAST_encrypt(data,&sch);
+ CAST_encrypt(data,&sch);
+ CAST_encrypt(data,&sch);
+ CAST_encrypt(data,&sch);
+ }
+ d=Time_F(STOP);
+ printf("%ld CAST_encrypt's in %.2f second\n",count,d);
+ b=((double)COUNT(cb)*8)/d;
+
+#ifdef SIGALRM
+ printf("Doing CAST_cbc_encrypt on %ld byte blocks for 10 seconds\n",
+ BUFSIZE);
+ alarm(10);
+#else
+ printf("Doing CAST_cbc_encrypt %ld times on %ld byte blocks\n",cc,
+ BUFSIZE);
+#endif
+ Time_F(START);
+ for (count=0,run=1; COND(cc); count++)
+ CAST_cbc_encrypt(buf,buf,BUFSIZE,&sch,
+ &(key[0]),CAST_ENCRYPT);
+ d=Time_F(STOP);
+ printf("%ld CAST_cbc_encrypt's of %ld byte blocks in %.2f second\n",
+ count,BUFSIZE,d);
+ c=((double)COUNT(cc)*BUFSIZE)/d;
+
+ printf("CAST set_key per sec = %12.2f (%9.3fuS)\n",a,1.0e6/a);
+ printf("CAST raw ecb bytes per sec = %12.2f (%9.3fuS)\n",b,8.0e6/b);
+ printf("CAST cbc bytes per sec = %12.2f (%9.3fuS)\n",c,8.0e6/c);
+ exit(0);
+#if defined(LINT) || defined(MSDOS)
+ return(0);
+#endif
+ }
+
diff --git a/src/lib/libcrypto/cast/castopts.c b/src/lib/libcrypto/cast/castopts.c
new file mode 100644
index 0000000000..68cf5a4a60
--- /dev/null
+++ b/src/lib/libcrypto/cast/castopts.c
@@ -0,0 +1,358 @@
+/* crypto/cast/castopts.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* define PART1, PART2, PART3 or PART4 to build only with a few of the options.
+ * This is for machines with 64k code segment size restrictions. */
+
+#ifndef MSDOS
+#define TIMES
+#endif
+
+#include <stdio.h>
+#ifndef MSDOS
+#include <unistd.h>
+#else
+#include <io.h>
+extern void exit();
+#endif
+#include <signal.h>
+#ifndef VMS
+#ifndef _IRIX
+#include <time.h>
+#endif
+#ifdef TIMES
+#include <sys/types.h>
+#include <sys/times.h>
+#endif
+#else /* VMS */
+#include <types.h>
+struct tms {
+ time_t tms_utime;
+ time_t tms_stime;
+ time_t tms_uchild; /* I dunno... */
+ time_t tms_uchildsys; /* so these names are a guess :-) */
+ }
+#endif
+#ifndef TIMES
+#include <sys/timeb.h>
+#endif
+
+#ifdef sun
+#include <limits.h>
+#include <sys/param.h>
+#endif
+
+#include "cast.h"
+
+#define CAST_DEFAULT_OPTIONS
+
+#undef E_CAST
+#define CAST_encrypt CAST_encrypt_normal
+#define CAST_decrypt CAST_decrypt_normal
+#define CAST_cbc_encrypt CAST_cbc_encrypt_normal
+#undef HEADER_CAST_LOCL_H
+#include "c_enc.c"
+
+#define CAST_PTR
+#undef CAST_PTR2
+#undef E_CAST
+#undef CAST_encrypt
+#undef CAST_decrypt
+#undef CAST_cbc_encrypt
+#define CAST_encrypt CAST_encrypt_ptr
+#define CAST_decrypt CAST_decrypt_ptr
+#define CAST_cbc_encrypt CAST_cbc_encrypt_ptr
+#undef HEADER_CAST_LOCL_H
+#include "c_enc.c"
+
+#undef CAST_PTR
+#define CAST_PTR2
+#undef E_CAST
+#undef CAST_encrypt
+#undef CAST_decrypt
+#undef CAST_cbc_encrypt
+#define CAST_encrypt CAST_encrypt_ptr2
+#define CAST_decrypt CAST_decrypt_ptr2
+#define CAST_cbc_encrypt CAST_cbc_encrypt_ptr2
+#undef HEADER_CAST_LOCL_H
+#include "c_enc.c"
+
+/* The following if from times(3) man page. It may need to be changed */
+#ifndef HZ
+# ifndef CLK_TCK
+# ifndef _BSD_CLK_TCK_ /* FreeBSD fix */
+# ifndef VMS
+# define HZ 100.0
+# else /* VMS */
+# define HZ 100.0
+# endif
+# else /* _BSD_CLK_TCK_ */
+# define HZ ((double)_BSD_CLK_TCK_)
+# endif
+# else /* CLK_TCK */
+# define HZ ((double)CLK_TCK)
+# endif
+#endif
+
+#define BUFSIZE ((long)1024)
+long run=0;
+
+#ifndef NOPROTO
+double Time_F(int s);
+#else
+double Time_F();
+#endif
+
+#ifdef SIGALRM
+#if defined(__STDC__) || defined(sgi)
+#define SIGRETTYPE void
+#else
+#define SIGRETTYPE int
+#endif
+
+#ifndef NOPROTO
+SIGRETTYPE sig_done(int sig);
+#else
+SIGRETTYPE sig_done();
+#endif
+
+SIGRETTYPE sig_done(sig)
+int sig;
+ {
+ signal(SIGALRM,sig_done);
+ run=0;
+#ifdef LINT
+ sig=sig;
+#endif
+ }
+#endif
+
+#define START 0
+#define STOP 1
+
+double Time_F(s)
+int s;
+ {
+ double ret;
+#ifdef TIMES
+ static struct tms tstart,tend;
+
+ if (s == START)
+ {
+ times(&tstart);
+ return(0);
+ }
+ else
+ {
+ times(&tend);
+ ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
+ return((ret == 0.0)?1e-6:ret);
+ }
+#else /* !times() */
+ static struct timeb tstart,tend;
+ long i;
+
+ if (s == START)
+ {
+ ftime(&tstart);
+ return(0);
+ }
+ else
+ {
+ ftime(&tend);
+ i=(long)tend.millitm-(long)tstart.millitm;
+ ret=((double)(tend.time-tstart.time))+((double)i)/1000.0;
+ return((ret == 0.0)?1e-6:ret);
+ }
+#endif
+ }
+
+#ifdef SIGALRM
+#define print_name(name) fprintf(stderr,"Doing %s's for 10 seconds\n",name); alarm(10);
+#else
+#define print_name(name) fprintf(stderr,"Doing %s %ld times\n",name,cb);
+#endif
+
+#define time_it(func,name,index) \
+ print_name(name); \
+ Time_F(START); \
+ for (count=0,run=1; COND(cb); count+=4) \
+ { \
+ unsigned long d[2]; \
+ func(d,&sch); \
+ func(d,&sch); \
+ func(d,&sch); \
+ func(d,&sch); \
+ } \
+ tm[index]=Time_F(STOP); \
+ fprintf(stderr,"%ld %s's in %.2f second\n",count,name,tm[index]); \
+ tm[index]=((double)COUNT(cb))/tm[index];
+
+#define print_it(name,index) \
+ fprintf(stderr,"%s bytes per sec = %12.2f (%5.1fuS)\n",name, \
+ tm[index]*8,1.0e6/tm[index]);
+
+int main(argc,argv)
+int argc;
+char **argv;
+ {
+ long count;
+ static unsigned char buf[BUFSIZE];
+ static char key[16]={ 0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,
+ 0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0};
+ CAST_KEY sch;
+ double d,tm[16],max=0;
+ int rank[16];
+ char *str[16];
+ int max_idx=0,i,num=0,j;
+#ifndef SIGALARM
+ long ca,cb,cc,cd,ce;
+#endif
+
+ for (i=0; i<12; i++)
+ {
+ tm[i]=0.0;
+ rank[i]=0;
+ }
+
+#ifndef TIMES
+ fprintf(stderr,"To get the most acurate results, try to run this\n");
+ fprintf(stderr,"program when this computer is idle.\n");
+#endif
+
+ CAST_set_key(&sch,16,key);
+
+#ifndef SIGALRM
+ fprintf(stderr,"First we calculate the approximate speed ...\n");
+ count=10;
+ do {
+ long i;
+ unsigned long data[2];
+
+ count*=2;
+ Time_F(START);
+ for (i=count; i; i--)
+ CAST_encrypt(data,&sch);
+ d=Time_F(STOP);
+ } while (d < 3.0);
+ ca=count;
+ cb=count*3;
+ cc=count*3*8/BUFSIZE+1;
+ cd=count*8/BUFSIZE+1;
+
+ ce=count/20+1;
+#define COND(d) (count != (d))
+#define COUNT(d) (d)
+#else
+#define COND(c) (run)
+#define COUNT(d) (count)
+ signal(SIGALRM,sig_done);
+ alarm(10);
+#endif
+
+ time_it(CAST_encrypt_normal, "CAST_encrypt_normal ", 0);
+ time_it(CAST_encrypt_ptr, "CAST_encrypt_ptr ", 1);
+ time_it(CAST_encrypt_ptr2, "CAST_encrypt_ptr2 ", 2);
+ num+=3;
+
+ str[0]="<nothing>";
+ print_it("CAST_encrypt_normal ",0);
+ max=tm[0];
+ max_idx=0;
+ str[1]="ptr ";
+ print_it("CAST_encrypt_ptr ",1);
+ if (max < tm[1]) { max=tm[1]; max_idx=1; }
+ str[2]="ptr2 ";
+ print_it("CAST_encrypt_ptr2 ",2);
+ if (max < tm[2]) { max=tm[2]; max_idx=2; }
+
+ printf("options CAST ecb/s\n");
+ printf("%s %12.2f 100.0%%\n",str[max_idx],tm[max_idx]);
+ d=tm[max_idx];
+ tm[max_idx]= -2.0;
+ max= -1.0;
+ for (;;)
+ {
+ for (i=0; i<3; i++)
+ {
+ if (max < tm[i]) { max=tm[i]; j=i; }
+ }
+ if (max < 0.0) break;
+ printf("%s %12.2f %4.1f%%\n",str[j],tm[j],tm[j]/d*100.0);
+ tm[j]= -2.0;
+ max= -1.0;
+ }
+
+ switch (max_idx)
+ {
+ case 0:
+ printf("-DCAST_DEFAULT_OPTIONS\n");
+ break;
+ case 1:
+ printf("-DCAST_PTR\n");
+ break;
+ case 2:
+ printf("-DCAST_PTR2\n");
+ break;
+ }
+ exit(0);
+#if defined(LINT) || defined(MSDOS)
+ return(0);
+#endif
+ }
+
diff --git a/src/lib/libcrypto/cast/casts.cpp b/src/lib/libcrypto/cast/casts.cpp
new file mode 100644
index 0000000000..bac7be2c9c
--- /dev/null
+++ b/src/lib/libcrypto/cast/casts.cpp
@@ -0,0 +1,70 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+ asm volatile(".byte 15, 49\n\t"
+ : "=eax" (tsc)
+ :
+ : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+ unsigned long a;
+ __asm _emit 0fh
+ __asm _emit 31h
+ __asm mov a, eax;
+ tsc=a;
+}
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "cast.h"
+
+void main(int argc,char *argv[])
+ {
+ CAST_KEY key;
+ unsigned long s1,s2,e1,e2;
+ unsigned long data[2];
+ int i,j;
+ static unsigned char d[16]={0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF};
+
+ CAST_set_key(&key, 16,d);
+
+ for (j=0; j<6; j++)
+ {
+ for (i=0; i<1000; i++) /**/
+ {
+ CAST_encrypt(&data[0],&key);
+ GetTSC(s1);
+ CAST_encrypt(&data[0],&key);
+ CAST_encrypt(&data[0],&key);
+ CAST_encrypt(&data[0],&key);
+ GetTSC(e1);
+ GetTSC(s2);
+ CAST_encrypt(&data[0],&key);
+ CAST_encrypt(&data[0],&key);
+ CAST_encrypt(&data[0],&key);
+ CAST_encrypt(&data[0],&key);
+ GetTSC(e2);
+ CAST_encrypt(&data[0],&key);
+ }
+
+ printf("cast %d %d (%d)\n",
+ e1-s1,e2-s2,((e2-s2)-(e1-s1)));
+ }
+ }
+
diff --git a/src/lib/libcrypto/cast/casttest.c b/src/lib/libcrypto/cast/casttest.c
new file mode 100644
index 0000000000..8b009bc249
--- /dev/null
+++ b/src/lib/libcrypto/cast/casttest.c
@@ -0,0 +1,223 @@
+/* crypto/cast/casttest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include "cast.h"
+
+/* #define FULL_TEST */
+
+unsigned char k[16]={
+ 0x01,0x23,0x45,0x67,0x12,0x34,0x56,0x78,
+ 0x23,0x45,0x67,0x89,0x34,0x56,0x78,0x9A
+ };
+
+unsigned char in[8]={ 0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF};
+
+int k_len[3]={16,10};
+unsigned char c[3][8]={
+ {0x23,0x8B,0x4F,0xE5,0x84,0x7E,0x44,0xB2},
+ {0xEB,0x6A,0x71,0x1A,0x2C,0x02,0x27,0x1B},
+ {0x7A,0xC8,0x16,0xD1,0x6E,0x9B,0x30,0x2E},
+ };
+unsigned char out[80];
+
+unsigned char in_a[16]={
+ 0x01,0x23,0x45,0x67,0x12,0x34,0x56,0x78,
+ 0x23,0x45,0x67,0x89,0x34,0x56,0x78,0x9A};
+unsigned char in_b[16]={
+ 0x01,0x23,0x45,0x67,0x12,0x34,0x56,0x78,
+ 0x23,0x45,0x67,0x89,0x34,0x56,0x78,0x9A};
+
+unsigned char c_a[16]={
+ 0xEE,0xA9,0xD0,0xA2,0x49,0xFD,0x3B,0xA6,
+ 0xB3,0x43,0x6F,0xB8,0x9D,0x6D,0xCA,0x92};
+unsigned char c_b[16]={
+ 0xB2,0xC9,0x5E,0xB0,0x0C,0x31,0xAD,0x71,
+ 0x80,0xAC,0x05,0xB8,0xE8,0x3D,0x69,0x6E};
+
+#if 0
+char *text="Hello to all people out there";
+
+static unsigned char cfb_key[16]={
+ 0xe1,0xf0,0xc3,0xd2,0xa5,0xb4,0x87,0x96,
+ 0x69,0x78,0x4b,0x5a,0x2d,0x3c,0x0f,0x1e,
+ };
+static unsigned char cfb_iv[80]={0x34,0x12,0x78,0x56,0xab,0x90,0xef,0xcd};
+static unsigned char cfb_buf1[40],cfb_buf2[40],cfb_tmp[8];
+#define CFB_TEST_SIZE 24
+static unsigned char plain[CFB_TEST_SIZE]=
+ {
+ 0x4e,0x6f,0x77,0x20,0x69,0x73,
+ 0x20,0x74,0x68,0x65,0x20,0x74,
+ 0x69,0x6d,0x65,0x20,0x66,0x6f,
+ 0x72,0x20,0x61,0x6c,0x6c,0x20
+ };
+static unsigned char cfb_cipher64[CFB_TEST_SIZE]={
+ 0x59,0xD8,0xE2,0x65,0x00,0x58,0x6C,0x3F,
+ 0x2C,0x17,0x25,0xD0,0x1A,0x38,0xB7,0x2A,
+ 0x39,0x61,0x37,0xDC,0x79,0xFB,0x9F,0x45
+
+/* 0xF9,0x78,0x32,0xB5,0x42,0x1A,0x6B,0x38,
+ 0x9A,0x44,0xD6,0x04,0x19,0x43,0xC4,0xD9,
+ 0x3D,0x1E,0xAE,0x47,0xFC,0xCF,0x29,0x0B,*/
+ };
+#endif
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+#ifdef FULL_TEST
+ long l;
+ CAST_KEY key_b;
+#endif
+ int i,z,err=0;
+ CAST_KEY key;
+
+ for (z=0; z<1; z++)
+ {
+ CAST_set_key(&key,k_len[z],k);
+
+ CAST_ecb_encrypt(in,out,&key,CAST_ENCRYPT);
+ if (memcmp(out,&(c[z][0]),8) != 0)
+ {
+ printf("ecb cast error encrypting\n");
+ printf("got :");
+ for (i=0; i<8; i++)
+ printf("%02X ",out[i]);
+ printf("\n");
+ printf("expected:");
+ for (i=0; i<8; i++)
+ printf("%02X ",c[z][i]);
+ err=20;
+ printf("\n");
+ }
+
+ CAST_ecb_encrypt(out,out,&key,CAST_DECRYPT);
+ if (memcmp(out,in,8) != 0)
+ {
+ printf("ecb cast error decrypting\n");
+ printf("got :");
+ for (i=0; i<8; i++)
+ printf("%02X ",out[i]);
+ printf("\n");
+ printf("expected:");
+ for (i=0; i<8; i++)
+ printf("%02X ",in[i]);
+ printf("\n");
+ err=3;
+ }
+ }
+ if (err == 0) printf("ecb cast5 ok\n");
+
+#ifdef FULL_TEST
+ {
+ unsigned char out_a[16],out_b[16];
+ static char *hex="0123456789ABCDEF";
+
+ printf("This test will take some time....");
+ fflush(stdout);
+ memcpy(out_a,in_a,sizeof(in_a));
+ memcpy(out_b,in_b,sizeof(in_b));
+ i=1;
+
+ for (l=0; l<1000000L; l++)
+ {
+ CAST_set_key(&key_b,16,out_b);
+ CAST_ecb_encrypt(&(out_a[0]),&(out_a[0]),&key_b,CAST_ENCRYPT);
+ CAST_ecb_encrypt(&(out_a[8]),&(out_a[8]),&key_b,CAST_ENCRYPT);
+ CAST_set_key(&key,16,out_a);
+ CAST_ecb_encrypt(&(out_b[0]),&(out_b[0]),&key,CAST_ENCRYPT);
+ CAST_ecb_encrypt(&(out_b[8]),&(out_b[8]),&key,CAST_ENCRYPT);
+ if ((l & 0xffff) == 0xffff)
+ {
+ printf("%c",hex[i&0x0f]);
+ fflush(stdout);
+ i++;
+ }
+ }
+
+ if ( (memcmp(out_a,c_a,sizeof(c_a)) != 0) ||
+ (memcmp(out_b,c_b,sizeof(c_b)) != 0))
+ {
+ printf("\n");
+ printf("Error\n");
+
+ printf("A out =");
+ for (i=0; i<16; i++) printf("%02X ",out_a[i]);
+ printf("\nactual=");
+ for (i=0; i<16; i++) printf("%02X ",c_a[i]);
+ printf("\n");
+
+ printf("B out =");
+ for (i=0; i<16; i++) printf("%02X ",out_b[i]);
+ printf("\nactual=");
+ for (i=0; i<16; i++) printf("%02X ",c_b[i]);
+ printf("\n");
+ }
+ else
+ printf(" ok\n");
+ }
+#endif
+
+ exit(err);
+ return(err);
+ }
+
diff --git a/src/lib/libcrypto/conf/cnf_save.c b/src/lib/libcrypto/conf/cnf_save.c
new file mode 100644
index 0000000000..c9018de10e
--- /dev/null
+++ b/src/lib/libcrypto/conf/cnf_save.c
@@ -0,0 +1,106 @@
+/* crypto/conf/cnf_save.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "conf.h"
+
+void print_conf(CONF_VALUE *cv);
+
+main()
+ {
+ LHASH *conf;
+ long l;
+
+ conf=CONF_load(NULL,"../../apps/ssleay.cnf",&l);
+ if (conf == NULL)
+ {
+ fprintf(stderr,"error loading config, line %ld\n",l);
+ exit(1);
+ }
+
+ lh_doall(conf,print_conf);
+ }
+
+
+void print_conf(cv)
+CONF_VALUE *cv;
+ {
+ int i;
+ CONF_VALUE *v;
+ char *section;
+ char *name;
+ char *value;
+ STACK *s;
+
+ /* If it is a single entry, return */
+
+ if (cv->name != NULL) return;
+
+ printf("[ %s ]\n",cv->section);
+ s=(STACK *)cv->value;
+
+ for (i=0; i<sk_num(s); i++)
+ {
+ v=(CONF_VALUE *)sk_value(s,i);
+ section=(v->section == NULL)?"None":v->section;
+ name=(v->name == NULL)?"None":v->name;
+ value=(v->value == NULL)?"None":v->value;
+ printf("%s=%s\n",name,value);
+ }
+ printf("\n");
+ }
diff --git a/src/lib/libcrypto/conf/test.c b/src/lib/libcrypto/conf/test.c
new file mode 100644
index 0000000000..899ee2a067
--- /dev/null
+++ b/src/lib/libcrypto/conf/test.c
@@ -0,0 +1,91 @@
+/* crypto/conf/test.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "conf.h"
+
+main()
+ {
+ LHASH *conf;
+ long eline;
+ char *s,*s2;
+
+ conf=CONF_load(NULL,"ssleay.conf",&eline);
+ if (conf == NULL)
+ {
+ ERR_load_crypto_strings();
+ printf("unable to load configuration, line %ld\n",eline);
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+ lh_stats(conf,stdout);
+ lh_node_stats(conf,stdout);
+ lh_node_usage_stats(conf,stdout);
+
+ s=CONF_get_string(conf,NULL,"init2");
+ printf("init2=%s\n",(s == NULL)?"NULL":s);
+
+ s=CONF_get_string(conf,NULL,"cipher1");
+ printf("cipher1=%s\n",(s == NULL)?"NULL":s);
+
+ s=CONF_get_string(conf,"s_client","cipher1");
+ printf("s_client:cipher1=%s\n",(s == NULL)?"NULL":s);
+
+ exit(0);
+ }
diff --git a/src/lib/libcrypto/des/DES.pm b/src/lib/libcrypto/des/DES.pm
new file mode 100644
index 0000000000..6a175b6ca4
--- /dev/null
+++ b/src/lib/libcrypto/des/DES.pm
@@ -0,0 +1,19 @@
+package DES;
+
+require Exporter;
+require DynaLoader;
+@ISA = qw(Exporter DynaLoader);
+# Items to export into callers namespace by default
+# (move infrequently used names to @EXPORT_OK below)
+@EXPORT = qw(
+);
+# Other items we are prepared to export if requested
+@EXPORT_OK = qw(
+crypt
+);
+
+# Preloaded methods go here. Autoload methods go after __END__, and are
+# processed by the autosplit program.
+bootstrap DES;
+1;
+__END__
diff --git a/src/lib/libcrypto/des/DES.xs b/src/lib/libcrypto/des/DES.xs
new file mode 100644
index 0000000000..b8050b9edf
--- /dev/null
+++ b/src/lib/libcrypto/des/DES.xs
@@ -0,0 +1,268 @@
+#include "EXTERN.h"
+#include "perl.h"
+#include "XSUB.h"
+#include "des.h"
+
+#define deschar char
+static STRLEN len;
+
+static int
+not_here(s)
+char *s;
+{
+ croak("%s not implemented on this architecture", s);
+ return -1;
+}
+
+MODULE = DES PACKAGE = DES PREFIX = des_
+
+char *
+des_crypt(buf,salt)
+ char * buf
+ char * salt
+
+void
+des_set_odd_parity(key)
+ des_cblock * key
+PPCODE:
+ {
+ SV *s;
+
+ s=sv_newmortal();
+ sv_setpvn(s,(char *)key,8);
+ des_set_odd_parity((des_cblock *)SvPV(s,na));
+ PUSHs(s);
+ }
+
+int
+des_is_weak_key(key)
+ des_cblock * key
+
+des_key_schedule
+des_set_key(key)
+ des_cblock * key
+CODE:
+ des_set_key(key,RETVAL);
+OUTPUT:
+RETVAL
+
+des_cblock
+des_ecb_encrypt(input,ks,encrypt)
+ des_cblock * input
+ des_key_schedule * ks
+ int encrypt
+CODE:
+ des_ecb_encrypt(input,&RETVAL,*ks,encrypt);
+OUTPUT:
+RETVAL
+
+void
+des_cbc_encrypt(input,ks,ivec,encrypt)
+ char * input
+ des_key_schedule * ks
+ des_cblock * ivec
+ int encrypt
+PPCODE:
+ {
+ SV *s;
+ STRLEN len,l;
+ char *c;
+
+ l=SvCUR(ST(0));
+ len=((((unsigned long)l)+7)/8)*8;
+ s=sv_newmortal();
+ sv_setpvn(s,"",0);
+ SvGROW(s,len);
+ SvCUR_set(s,len);
+ c=(char *)SvPV(s,na);
+ des_cbc_encrypt((des_cblock *)input,(des_cblock *)c,
+ l,*ks,ivec,encrypt);
+ sv_setpvn(ST(2),(char *)c[len-8],8);
+ PUSHs(s);
+ }
+
+void
+des_cbc3_encrypt(input,ks1,ks2,ivec1,ivec2,encrypt)
+ char * input
+ des_key_schedule * ks1
+ des_key_schedule * ks2
+ des_cblock * ivec1
+ des_cblock * ivec2
+ int encrypt
+PPCODE:
+ {
+ SV *s;
+ STRLEN len,l;
+
+ l=SvCUR(ST(0));
+ len=((((unsigned long)l)+7)/8)*8;
+ s=sv_newmortal();
+ sv_setpvn(s,"",0);
+ SvGROW(s,len);
+ SvCUR_set(s,len);
+ des_3cbc_encrypt((des_cblock *)input,(des_cblock *)SvPV(s,na),
+ l,*ks1,*ks2,ivec1,ivec2,encrypt);
+ sv_setpvn(ST(3),(char *)ivec1,8);
+ sv_setpvn(ST(4),(char *)ivec2,8);
+ PUSHs(s);
+ }
+
+void
+des_cbc_cksum(input,ks,ivec)
+ char * input
+ des_key_schedule * ks
+ des_cblock * ivec
+PPCODE:
+ {
+ SV *s1,*s2;
+ STRLEN len,l;
+ des_cblock c;
+ unsigned long i1,i2;
+
+ s1=sv_newmortal();
+ s2=sv_newmortal();
+ l=SvCUR(ST(0));
+ des_cbc_cksum((des_cblock *)input,(des_cblock *)c,
+ l,*ks,ivec);
+ i1=c[4]|(c[5]<<8)|(c[6]<<16)|(c[7]<<24);
+ i2=c[0]|(c[1]<<8)|(c[2]<<16)|(c[3]<<24);
+ sv_setiv(s1,i1);
+ sv_setiv(s2,i2);
+ sv_setpvn(ST(2),(char *)c,8);
+ PUSHs(s1);
+ PUSHs(s2);
+ }
+
+void
+des_cfb_encrypt(input,numbits,ks,ivec,encrypt)
+ char * input
+ int numbits
+ des_key_schedule * ks
+ des_cblock * ivec
+ int encrypt
+PPCODE:
+ {
+ SV *s;
+ STRLEN len;
+ char *c;
+
+ len=SvCUR(ST(0));
+ s=sv_newmortal();
+ sv_setpvn(s,"",0);
+ SvGROW(s,len);
+ SvCUR_set(s,len);
+ c=(char *)SvPV(s,na);
+ des_cfb_encrypt((unsigned char *)input,(unsigned char *)c,
+ (int)numbits,(long)len,*ks,ivec,encrypt);
+ sv_setpvn(ST(3),(char *)ivec,8);
+ PUSHs(s);
+ }
+
+des_cblock *
+des_ecb3_encrypt(input,ks1,ks2,encrypt)
+ des_cblock * input
+ des_key_schedule * ks1
+ des_key_schedule * ks2
+ int encrypt
+CODE:
+ {
+ des_cblock c;
+
+ des_ecb3_encrypt((des_cblock *)input,(des_cblock *)&c,
+ *ks1,*ks2,encrypt);
+ RETVAL= &c;
+ }
+OUTPUT:
+RETVAL
+
+void
+des_ofb_encrypt(input,numbits,ks,ivec)
+ unsigned char * input
+ int numbits
+ des_key_schedule * ks
+ des_cblock * ivec
+PPCODE:
+ {
+ SV *s;
+ STRLEN len,l;
+ unsigned char *c;
+
+ len=SvCUR(ST(0));
+ s=sv_newmortal();
+ sv_setpvn(s,"",0);
+ SvGROW(s,len);
+ SvCUR_set(s,len);
+ c=(unsigned char *)SvPV(s,na);
+ des_ofb_encrypt((unsigned char *)input,(unsigned char *)c,
+ numbits,len,*ks,ivec);
+ sv_setpvn(ST(3),(char *)ivec,8);
+ PUSHs(s);
+ }
+
+void
+des_pcbc_encrypt(input,ks,ivec,encrypt)
+ char * input
+ des_key_schedule * ks
+ des_cblock * ivec
+ int encrypt
+PPCODE:
+ {
+ SV *s;
+ STRLEN len,l;
+ char *c;
+
+ l=SvCUR(ST(0));
+ len=((((unsigned long)l)+7)/8)*8;
+ s=sv_newmortal();
+ sv_setpvn(s,"",0);
+ SvGROW(s,len);
+ SvCUR_set(s,len);
+ c=(char *)SvPV(s,na);
+ des_pcbc_encrypt((des_cblock *)input,(des_cblock *)c,
+ l,*ks,ivec,encrypt);
+ sv_setpvn(ST(2),(char *)c[len-8],8);
+ PUSHs(s);
+ }
+
+des_cblock *
+des_random_key()
+CODE:
+ {
+ des_cblock c;
+
+ des_random_key(c);
+ RETVAL=&c;
+ }
+OUTPUT:
+RETVAL
+
+des_cblock *
+des_string_to_key(str)
+char * str
+CODE:
+ {
+ des_cblock c;
+
+ des_string_to_key(str,&c);
+ RETVAL=&c;
+ }
+OUTPUT:
+RETVAL
+
+void
+des_string_to_2keys(str)
+char * str
+PPCODE:
+ {
+ des_cblock c1,c2;
+ SV *s1,*s2;
+
+ des_string_to_2keys(str,&c1,&c2);
+ EXTEND(sp,2);
+ s1=sv_newmortal();
+ sv_setpvn(s1,(char *)c1,8);
+ s2=sv_newmortal();
+ sv_setpvn(s2,(char *)c2,8);
+ PUSHs(s1);
+ PUSHs(s2);
+ }
diff --git a/src/lib/libcrypto/des/INSTALL b/src/lib/libcrypto/des/INSTALL
new file mode 100644
index 0000000000..32457d775c
--- /dev/null
+++ b/src/lib/libcrypto/des/INSTALL
@@ -0,0 +1,69 @@
+Check the CC and CFLAGS lines in the makefile
+
+If your C library does not support the times(3) function, change the
+#define TIMES to
+#undef TIMES in speed.c
+If it does, check the HZ value for the times(3) function.
+If your system does not define CLK_TCK it will be assumed to
+be 100.0.
+
+If possible use gcc v 2.7.?
+Turn on the maximum optimising (normally '-O3 -fomit-frame-pointer' for gcc)
+In recent times, some system compilers give better performace.
+
+type 'make'
+
+run './destest' to check things are ok.
+run './rpw' to check the tty code for reading passwords works.
+run './speed' to see how fast those optimisations make the library run :-)
+run './des_opts' to determin the best compile time options.
+
+The output from des_opts should be put in the makefile options and des_enc.c
+should be rebuilt. For 64 bit computers, do not use the DES_PTR option.
+For the DEC Alpha, edit des.h and change DES_LONG to 'unsigned int'
+and then you can use the 'DES_PTR' option.
+
+The file options.txt has the options listed for best speed on quite a
+few systems. Look and the options (UNROLL, PTR, RISC2 etc) and then
+turn on the relevent option in the Makefile
+
+There are some special Makefile targets that make life easier.
+make cc - standard cc build
+make gcc - standard gcc build
+make x86-elf - x86 assembler (elf), linux-elf.
+make x86-out - x86 assembler (a.out), FreeBSD
+make x86-solaris- x86 assembler
+make x86-bsdi - x86 assembler (a.out with primative assembler).
+
+If at all possible use the assembler (for Windows NT/95, use
+asm/win32.obj to link with). The x86 assembler is very very fast.
+
+A make install will by default install
+libdes.a in /usr/local/lib/libdes.a
+des in /usr/local/bin/des
+des_crypt.man in /usr/local/man/man3/des_crypt.3
+des.man in /usr/local/man/man1/des.1
+des.h in /usr/include/des.h
+
+des(1) should be compatible with sunOS's but I have been unable to
+test it.
+
+These routines should compile on MSDOS, most 32bit and 64bit version
+of Unix (BSD and SYSV) and VMS, without modification.
+The only problems should be #include files that are in the wrong places.
+
+These routines can be compiled under MSDOS.
+I have successfully encrypted files using des(1) under MSDOS and then
+decrypted the files on a SparcStation.
+I have been able to compile and test the routines with
+Microsoft C v 5.1 and Turbo C v 2.0.
+The code in this library is in no way optimised for the 16bit
+operation of MSDOS.
+
+When building for glibc, ignore all of the above and just unpack into
+glibc-1.??/des and then gmake as per normal.
+
+As a final note on performace. Certain CPUs like sparcs and Alpha often give
+a %10 speed difference depending on the link order. It is rather anoying
+when one program reports 'x' DES encrypts a second and another reports
+'x*0.9' the speed.
diff --git a/src/lib/libcrypto/des/Imakefile b/src/lib/libcrypto/des/Imakefile
new file mode 100644
index 0000000000..1b9b5629e1
--- /dev/null
+++ b/src/lib/libcrypto/des/Imakefile
@@ -0,0 +1,35 @@
+# This Imakefile has not been tested for a while but it should still
+# work when placed in the correct directory in the kerberos v 4 distribution
+
+SRCS= cbc_cksm.c cbc_enc.c ecb_enc.c pcbc_enc.c \
+ qud_cksm.c rand_key.c read_pwd.c set_key.c str2key.c \
+ enc_read.c enc_writ.c fcrypt.c cfb_enc.c \
+ ecb3_enc.c ofb_enc.c ofb64enc.c
+
+OBJS= cbc_cksm.o cbc_enc.o ecb_enc.o pcbc_enc.o \
+ qud_cksm.o rand_key.o read_pwd.o set_key.o str2key.o \
+ enc_read.o enc_writ.o fcrypt.o cfb_enc.o \
+ ecb3_enc.o ofb_enc.o ofb64enc.o
+
+GENERAL=COPYRIGHT FILES INSTALL Imakefile README VERSION makefile times \
+ vms.com KERBEROS
+DES= des.c des.man
+TESTING=destest.c speed.c rpw.c
+LIBDES= des_crypt.man des.h des_locl.h podd.h sk.h spr.h
+
+PERL= des.pl testdes.pl doIP doPC1 doPC2 PC1 PC2 shifts.pl
+
+CODE= $(GENERAL) $(DES) $(TESTING) $(SRCS) $(LIBDES) $(PERL)
+
+SRCDIR=$(SRCTOP)/lib/des
+
+DBG= -O
+INCLUDE= -I$(SRCDIR)
+CC= cc
+
+library_obj_rule()
+
+install_library_target(des,$(OBJS),$(SRCS),)
+
+test(destest,libdes.a,)
+test(rpw,libdes.a,)
diff --git a/src/lib/libcrypto/des/KERBEROS b/src/lib/libcrypto/des/KERBEROS
new file mode 100644
index 0000000000..f401b10014
--- /dev/null
+++ b/src/lib/libcrypto/des/KERBEROS
@@ -0,0 +1,41 @@
+ [ This is an old file, I don't know if it is true anymore
+ but I will leave the file here - eay 21/11/95 ]
+
+To use this library with Bones (kerberos without DES):
+1) Get my modified Bones - eBones. It can be found on
+ gondwana.ecr.mu.oz.au (128.250.1.63) /pub/athena/eBones-p9.tar.Z
+ and
+ nic.funet.fi (128.214.6.100) /pub/unix/security/Kerberos/eBones-p9.tar.Z
+
+2) Unpack this library in src/lib/des, makeing sure it is version
+ 3.00 or greater (libdes.tar.93-10-07.Z). This versions differences
+ from the version in comp.sources.misc volume 29 patchlevel2.
+ The primarily difference is that it should compile under kerberos :-).
+ It can be found at.
+ ftp.psy.uq.oz.au (130.102.32.1) /pub/DES/libdes.tar.93-10-07.Z
+
+Now do a normal kerberos build and things should work.
+
+One problem I found when I was build on my local sun.
+---
+For sunOS 4.1.1 apply the following patch to src/util/ss/make_commands.c
+
+*** make_commands.c.orig Fri Jul 3 04:18:35 1987
+--- make_commands.c Wed May 20 08:47:42 1992
+***************
+*** 98,104 ****
+ if (!rename(o_file, z_file)) {
+ if (!vfork()) {
+ chdir("/tmp");
+! execl("/bin/ld", "ld", "-o", o_file+5, "-s", "-r", "-n",
+ z_file+5, 0);
+ perror("/bin/ld");
+ _exit(1);
+--- 98,104 ----
+ if (!rename(o_file, z_file)) {
+ if (!vfork()) {
+ chdir("/tmp");
+! execl("/bin/ld", "ld", "-o", o_file+5, "-s", "-r",
+ z_file+5, 0);
+ perror("/bin/ld");
+ _exit(1);
diff --git a/src/lib/libcrypto/des/README b/src/lib/libcrypto/des/README
new file mode 100644
index 0000000000..621a5ab467
--- /dev/null
+++ b/src/lib/libcrypto/des/README
@@ -0,0 +1,54 @@
+
+ libdes, Version 4.01 10-Jan-97
+
+ Copyright (c) 1997, Eric Young
+ All rights reserved.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms specified in COPYRIGHT.
+
+--
+The primary ftp site for this library is
+ftp://ftp.psy.uq.oz.au/pub/Crypto/DES/libdes-x.xx.tar.gz
+libdes is now also shipped with SSLeay. Primary ftp site of
+ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL/SSLeay-x.x.x.tar.gz
+
+The best way to build this library is to build it as part of SSLeay.
+
+This kit builds a DES encryption library and a DES encryption program.
+It supports ecb, cbc, ofb, cfb, triple ecb, triple cbc, triple ofb,
+triple cfb, desx, and MIT's pcbc encryption modes and also has a fast
+implementation of crypt(3).
+It contains support routines to read keys from a terminal,
+generate a random key, generate a key from an arbitrary length string,
+read/write encrypted data from/to a file descriptor.
+
+The implementation was written so as to conform with the manual entry
+for the des_crypt(3) library routines from MIT's project Athena.
+
+destest should be run after compilation to test the des routines.
+rpw should be run after compilation to test the read password routines.
+The des program is a replacement for the sun des command. I believe it
+conforms to the sun version.
+
+The Imakefile is setup for use in the kerberos distribution.
+
+These routines are best compiled with gcc or any other good
+optimising compiler.
+Just turn you optimiser up to the highest settings and run destest
+after the build to make sure everything works.
+
+I believe these routines are close to the fastest and most portable DES
+routines that use small lookup tables (4.5k) that are publicly available.
+The fcrypt routine is faster than ufc's fcrypt (when compiling with
+gcc2 -O2) on the sparc 2 (1410 vs 1270) but is not so good on other machines
+(on a sun3/260 168 vs 336). It is a function of CPU on chip cache size.
+[ 10-Jan-97 and a function of an incorrect speed testing program in
+ ufc which gave much better test figures that reality ].
+
+It is worth noting that on sparc and Alpha CPUs, performance of the DES
+library can vary by upto %10 due to the positioning of files after application
+linkage.
+
+Eric Young (eay@cryptsoft.com)
+
diff --git a/src/lib/libcrypto/des/VERSION b/src/lib/libcrypto/des/VERSION
new file mode 100644
index 0000000000..f62d8bdac0
--- /dev/null
+++ b/src/lib/libcrypto/des/VERSION
@@ -0,0 +1,411 @@
+ Defining SIGACTION causes sigaction() to be used instead of signal().
+ SIGUSR1/SIGUSR2 are no longer mapped in the read tty stuff because it
+ can cause problems. This should hopefully not affect normal
+ applications.
+
+Version 4.04
+ Fixed a few tests in destest. Also added x86 assember for
+ des_ncbc_encrypt() which is the standard cbc mode function.
+ This makes a very very large performace difference.
+ Ariel Glenn ariel@columbia.edu reports that the terminal
+ 'turn echo off' can return (errno == EINVAL) under solaris
+ when redirection is used. So I now catch that as well as ENOTTY.
+
+
+Version 4.03
+ Left a static out of enc_write.c, which caused to buffer to be
+ continiously malloc()ed. Does anyone use these functions? I keep
+ on feeling like removing them since I only had these in there
+ for a version of kerberised login. Anyway, this was pointed out
+ by Theo de Raadt <deraadt@cvs.openbsd.org>
+ The 'n' bit ofb code was wrong, it was not shifting the shift
+ register. It worked correctly for n == 64. Thanks to
+ Gigi Ankeny <Gigi.Ankeny@Eng.Sun.COM> for pointing this one out.
+
+Version 4.02
+ I was doing 'if (memcmp(weak_keys[i],key,sizeof(key)) == 0)'
+ when checking for weak keys which is wrong :-(, pointed out by
+ Markus F.X.J. Oberhumer <markus.oberhumer@jk.uni-linz.ac.at>.
+
+Version 4.01
+ Even faster inner loop in the DES assembler for x86 and a modification
+ for IP/FP which is faster on x86. Both of these changes are
+ from Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>. His
+ changes make the assembler run %40 faster on a pentium. This is just
+ a case of getting the instruction sequence 'just right'.
+ All credit to 'Svend' :-)
+ Quite a few special x86 'make' targets.
+ A libdes-l (lite) distribution.
+
+Version 4.00
+ After a bit of a pause, I'll up the major version number since this
+ is mostly a performace release. I've added x86 assembler and
+ added more options for performance. A %28 speedup for gcc
+ on a pentium and the assembler is a %50 speedup.
+ MIPS CPU's, sparc and Alpha are the main CPU's with speedups.
+ Run des_opts to work out which options should be used.
+ DES_RISC1/DES_RISC2 use alternative inner loops which use
+ more registers but should give speedups on any CPU that does
+ dual issue (pentium). DES_UNROLL unrolls the inner loop,
+ which costs in code size.
+
+Version 3.26
+ I've finally removed one of the shifts in D_ENCRYPT. This
+ meant I've changed the des_SPtrans table (spr.h), the set_key()
+ function and some things in des_enc.c. This has definitly
+ made things faster :-). I've known about this one for some
+ time but I've been too lazy to follow it up :-).
+ Noticed that in the D_ENCRYPT() macro, we can just do L^=(..)^(..)^..
+ instead of L^=((..)|(..)|(..).. This should save a register at
+ least.
+ Assember for x86. The file to replace is des_enc.c, which is replaced
+ by one of the assembler files found in asm. Look at des/asm/readme
+ for more info.
+
+ /* Modification to fcrypt so it can be compiled to support
+ HPUX 10.x's long password format, define -DLONGCRYPT to use this.
+ Thanks to Jens Kupferschmidt <bt1cu@hpboot.rz.uni-leipzig.de>. */
+
+ SIGWINCH case put in des_read_passwd() so the function does not
+ 'exit' if this function is recieved.
+
+Version 3.25 17/07/96
+ Modified read_pwd.c so that stdin can be read if not a tty.
+ Thanks to Jeff Barber <jeffb@issl.atl.hp.com> for the patches.
+ des_init_random_number_generator() shortened due to VMS linker
+ limits.
+ Added RSA's DESX cbc mode. It is a form of cbc encryption, with 2
+ 8 byte quantites xored before and after encryption.
+ des_xcbc_encryption() - the name is funny to preserve the des_
+ prefix on all functions.
+
+Version 3.24 20/04/96
+ The DES_PTR macro option checked and used by SSLeay configuration
+
+Version 3.23 11/04/96
+ Added DES_LONG. If defined to 'unsigned int' on the DEC Alpha,
+ it gives a %20 speedup :-)
+ Fixed the problem with des.pl under perl5. The patches were
+ sent by Ed Kubaitis (ejk@uiuc.edu).
+ if fcrypt.c, changed values to handle illegal salt values the way
+ normal crypt() implementations do. Some programs apparently use
+ them :-(. The patch was sent by Bjorn Gronvall <bg@sics.se>
+
+Version 3.22 29/11/95
+ Bug in des(1), an error with the uuencoding stuff when the
+ 'data' is small, thanks to Geoff Keating <keagchon@mehta.anu.edu.au>
+ for the patch.
+
+Version 3.21 22/11/95
+ After some emailing back and forth with
+ Colin Plumb <colin@nyx10.cs.du.edu>, I've tweaked a few things
+ and in a future version I will probably put in some of the
+ optimisation he suggested for use with the DES_USE_PTR option.
+ Extra routines from Mark Murray <mark@grondar.za> for use in
+ freeBSD. They mostly involve random number generation for use
+ with kerberos. They involve evil machine specific system calls
+ etc so I would normally suggest pushing this stuff into the
+ application and/or using RAND_seed()/RAND_bytes() if you are
+ using this DES library as part of SSLeay.
+ Redone the read_pw() function so that it is cleaner and
+ supports termios, thanks to Sameer Parekh <sameer@c2.org>
+ for the initial patches for this.
+ Renamed 3ecb_encrypt() to ecb3_encrypt(). This has been
+ done just to make things more consistent.
+ I have also now added triple DES versions of cfb and ofb.
+
+Version 3.20
+ Damn, Damn, Damn, as pointed out by Mike_Spreitzer.PARC@xerox.com,
+ my des_random_seed() function was only copying 4 bytes of the
+ passed seed into the init structure. It is now fixed to copy 8.
+ My own suggestion is to used something like MD5 :-)
+
+Version 3.19
+ While looking at my code one day, I though, why do I keep on
+ calling des_encrypt(in,out,ks,enc) when every function that
+ calls it has in and out the same. So I dropped the 'out'
+ parameter, people should not be using this function.
+
+Version 3.18 30/08/95
+ Fixed a few bit with the distribution and the filenames.
+ 3.17 had been munged via a move to DOS and back again.
+ NO CODE CHANGES
+
+Version 3.17 14/07/95
+ Fixed ede3 cbc which I had broken in 3.16. I have also
+ removed some unneeded variables in 7-8 of the routines.
+
+Version 3.16 26/06/95
+ Added des_encrypt2() which does not use IP/FP, used by triple
+ des routines. Tweaked things a bit elsewhere. %13 speedup on
+ sparc and %6 on a R4400 for ede3 cbc mode.
+
+Version 3.15 06/06/95
+ Added des_ncbc_encrypt(), it is des_cbc mode except that it is
+ 'normal' and copies the new iv value back over the top of the
+ passed parameter.
+ CHANGED des_ede3_cbc_encrypt() so that it too now overwrites
+ the iv. THIS WILL BREAK EXISTING CODE, but since this function
+ only new, I feel I can change it, not so with des_cbc_encrypt :-(.
+ I need to update the documentation.
+
+Version 3.14 31/05/95
+ New release upon the world, as part of my SSL implementation.
+ New copyright and usage stuff. Basically free for all to use
+ as long as you say it came from me :-)
+
+Version 3.13 31/05/95
+ A fix in speed.c, if HZ is not defined, I set it to 100.0
+ which is reasonable for most unixes except SunOS 4.x.
+ I now have a #ifdef sun but timing for SunOS 4.x looked very
+ good :-(. At my last job where I used SunOS 4.x, it was
+ defined to be 60.0 (look at the old INSTALL documentation), at
+ the last release had it changed to 100.0 since I now work with
+ Solaris2 and SVR4 boxes.
+ Thanks to Rory Chisholm <rchishol@math.ethz.ch> for pointing this
+ one out.
+
+Version 3.12 08/05/95
+ As pointed out by The Crypt Keeper <tck@bend.UCSD.EDU>,
+ my D_ENCRYPT macro in crypt() had an un-necessary variable.
+ It has been removed.
+
+Version 3.11 03/05/95
+ Added des_ede3_cbc_encrypt() which is cbc mode des with 3 keys
+ and one iv. It is a standard and I needed it for my SSL code.
+ It makes more sense to use this for triple DES than
+ 3cbc_encrypt(). I have also added (or should I say tested :-)
+ cfb64_encrypt() which is cfb64 but it will encrypt a partial
+ number of bytes - 3 bytes in 3 bytes out. Again this is for
+ my SSL library, as a form of encryption to use with SSL
+ telnet.
+
+Version 3.10 22/03/95
+ Fixed a bug in 3cbc_encrypt() :-(. When making repeated calls
+ to cbc3_encrypt, the 2 iv values that were being returned to
+ be used in the next call were reversed :-(.
+ Many thanks to Bill Wade <wade@Stoner.COM> for pointing out
+ this error.
+
+Version 3.09 01/02/95
+ Fixed des_random_key to far more random, it was rather feeble
+ with regards to picking the initial seed. The problem was
+ pointed out by Olaf Kirch <okir@monad.swb.de>.
+
+Version 3.08 14/12/94
+ Added Makefile.PL so libdes can be built into perl5.
+ Changed des_locl.h so RAND is always defined.
+
+Version 3.07 05/12/94
+ Added GNUmake and stuff so the library can be build with
+ glibc.
+
+Version 3.06 30/08/94
+ Added rpc_enc.c which contains _des_crypt. This is for use in
+ secure_rpc v 4.0
+ Finally fixed the cfb_enc problems.
+ Fixed a few parameter parsing bugs in des (-3 and -b), thanks
+ to Rob McMillan <R.McMillan@its.gu.edu.au>
+
+Version 3.05 21/04/94
+ for unsigned long l; gcc does not produce ((l>>34) == 0)
+ This causes bugs in cfb_enc.
+ Thanks to Hadmut Danisch <danisch@ira.uka.de>
+
+Version 3.04 20/04/94
+ Added a version number to des.c and libdes.a
+
+Version 3.03 12/01/94
+ Fixed a bug in non zero iv in 3cbc_enc.
+
+Version 3.02 29/10/93
+ I now work in a place where there are 6+ architectures and 14+
+ OS versions :-).
+ Fixed TERMIO definition so the most sys V boxes will work :-)
+
+Release upon comp.sources.misc
+Version 3.01 08/10/93
+ Added des_3cbc_encrypt()
+
+Version 3.00 07/10/93
+ Fixed up documentation.
+ quad_cksum definitely compatible with MIT's now.
+
+Version 2.30 24/08/93
+ Triple DES now defaults to triple cbc but can do triple ecb
+ with the -b flag.
+ Fixed some MSDOS uuen/uudecoding problems, thanks to
+ Added prototypes.
+
+Version 2.22 29/06/93
+ Fixed a bug in des_is_weak_key() which stopped it working :-(
+ thanks to engineering@MorningStar.Com.
+
+Version 2.21 03/06/93
+ des(1) with no arguments gives quite a bit of help.
+ Added -c (generate ckecksum) flag to des(1).
+ Added -3 (triple DES) flag to des(1).
+ Added cfb and ofb routines to the library.
+
+Version 2.20 11/03/93
+ Added -u (uuencode) flag to des(1).
+ I have been playing with byte order in quad_cksum to make it
+ compatible with MIT's version. All I can say is avid this
+ function if possible since MIT's output is endian dependent.
+
+Version 2.12 14/10/92
+ Added MSDOS specific macro in ecb_encrypt which gives a %70
+ speed up when the code is compiled with turbo C.
+
+Version 2.11 12/10/92
+ Speedup in set_key (recoding of PC-1)
+ I now do it in 47 simple operations, down from 60.
+ Thanks to John Fletcher (john_fletcher@lccmail.ocf.llnl.gov)
+ for motivating me to look for a faster system :-)
+ The speedup is probably less that 1% but it is still 13
+ instructions less :-).
+
+Version 2.10 06/10/92
+ The code now works on the 64bit ETA10 and CRAY without modifications or
+ #defines. I believe the code should work on any machine that
+ defines long, int or short to be 8 bytes long.
+ Thanks to Shabbir J. Safdar (shabby@mentor.cc.purdue.edu)
+ for helping me fix the code to run on 64bit machines (he had
+ access to an ETA10).
+ Thanks also to John Fletcher <john_fletcher@lccmail.ocf.llnl.gov>
+ for testing the routines on a CRAY.
+ read_password.c has been renamed to read_passwd.c
+ string_to_key.c has been renamed to string2key.c
+
+Version 2.00 14/09/92
+ Made mods so that the library should work on 64bit CPU's.
+ Removed all my uchar and ulong defs. To many different
+ versions of unix define them in their header files in too many
+ different combinations :-)
+ IRIX - Sillicon Graphics mods (mostly in read_password.c).
+ Thanks to Andrew Daviel (advax@erich.triumf.ca)
+
+Version 1.99 26/08/92
+ Fixed a bug or 2 in enc_read.c
+ Fixed a bug in enc_write.c
+ Fixed a pseudo bug in fcrypt.c (very obscure).
+
+Version 1.98 31/07/92
+ Support for the ETA10. This is a strange machine that defines
+ longs and ints as 8 bytes and shorts as 4 bytes.
+ Since I do evil things with long * that assume that they are 4
+ bytes. Look in the Makefile for the option to compile for
+ this machine. quad_cksum appears to have problems but I
+ will don't have the time to fix it right now, and this is not
+ a function that uses DES and so will not effect the main uses
+ of the library.
+
+Version 1.97 20/05/92 eay
+ Fixed the Imakefile and made some changes to des.h to fix some
+ problems when building this package with Kerberos v 4.
+
+Version 1.96 18/05/92 eay
+ Fixed a small bug in string_to_key() where problems could
+ occur if des_check_key was set to true and the string
+ generated a weak key.
+
+Patch2 posted to comp.sources.misc
+Version 1.95 13/05/92 eay
+ Added an alternative version of the D_ENCRYPT macro in
+ ecb_encrypt and fcrypt. Depending on the compiler, one version or the
+ other will be faster. This was inspired by
+ Dana How <how@isl.stanford.edu>, and her pointers about doing the
+ *(ulong *)((uchar *)ptr+(value&0xfc))
+ vs
+ ptr[value&0x3f]
+ to stop the C compiler doing a <<2 to convert the long array index.
+
+Version 1.94 05/05/92 eay
+ Fixed an incompatibility between my string_to_key and the MIT
+ version. When the key is longer than 8 chars, I was wrapping
+ with a different method. To use the old version, define
+ OLD_STR_TO_KEY in the makefile. Thanks to
+ viktor@newsu.shearson.com (Viktor Dukhovni).
+
+Version 1.93 28/04/92 eay
+ Fixed the VMS mods so that echo is now turned off in
+ read_password. Thanks again to brennan@coco.cchs.su.oz.AU.
+ MSDOS support added. The routines can be compiled with
+ Turbo C (v2.0) and MSC (v5.1). Make sure MSDOS is defined.
+
+Patch1 posted to comp.sources.misc
+Version 1.92 13/04/92 eay
+ Changed D_ENCRYPT so that the rotation of R occurs outside of
+ the loop. This required rotating all the longs in sp.h (now
+ called spr.h). Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
+ speed.c has been changed so it will work without SIGALRM. If
+ times(3) is not present it will try to use ftime() instead.
+
+Version 1.91 08/04/92 eay
+ Added -E/-D options to des(1) so it can use string_to_key.
+ Added SVR4 mods suggested by witr@rwwa.COM
+ Added VMS mods suggested by brennan@coco.cchs.su.oz.AU. If
+ anyone knows how to turn of tty echo in VMS please tell me or
+ implement it yourself :-).
+ Changed FILE *IN/*OUT to *DES_IN/*DES_OUT since it appears VMS
+ does not like IN/OUT being used.
+
+Libdes posted to comp.sources.misc
+Version 1.9 24/03/92 eay
+ Now contains a fast small crypt replacement.
+ Added des(1) command.
+ Added des_rw_mode so people can use cbc encryption with
+ enc_read and enc_write.
+
+Version 1.8 15/10/91 eay
+ Bug in cbc_cksum.
+ Many thanks to Keith Reynolds (keithr@sco.COM) for pointing this
+ one out.
+
+Version 1.7 24/09/91 eay
+ Fixed set_key :-)
+ set_key is 4 times faster and takes less space.
+ There are a few minor changes that could be made.
+
+Version 1.6 19/09/1991 eay
+ Finally go IP and FP finished.
+ Now I need to fix set_key.
+ This version is quite a bit faster that 1.51
+
+Version 1.52 15/06/1991 eay
+ 20% speedup in ecb_encrypt by changing the E bit selection
+ to use 2 32bit words. This also required modification of the
+ sp table. There is still a way to speedup the IP and IP-1
+ (hints from outer@sq.com) still working on this one :-(.
+
+Version 1.51 07/06/1991 eay
+ Faster des_encrypt by loop unrolling
+ Fixed bug in quad_cksum.c (thanks to hughes@logos.ucs.indiana.edu)
+
+Version 1.50 28/05/1991 eay
+ Optimised the code a bit more for the sparc. I have improved the
+ speed of the inner des_encrypt by speeding up the initial and
+ final permutations.
+
+Version 1.40 23/10/1990 eay
+ Fixed des_random_key, it did not produce a random key :-(
+
+Version 1.30 2/10/1990 eay
+ Have made des_quad_cksum the same as MIT's, the full package
+ should be compatible with MIT's
+ Have tested on a DECstation 3100
+ Still need to fix des_set_key (make it faster).
+ Does des_cbc_encrypts at 70.5k/sec on a 3100.
+
+Version 1.20 18/09/1990 eay
+ Fixed byte order dependencies.
+ Fixed (I hope) all the word alignment problems.
+ Speedup in des_ecb_encrypt.
+
+Version 1.10 11/09/1990 eay
+ Added des_enc_read and des_enc_write.
+ Still need to fix des_quad_cksum.
+ Still need to document des_enc_read and des_enc_write.
+
+Version 1.00 27/08/1990 eay
+
diff --git a/src/lib/libcrypto/des/asm/des686.pl b/src/lib/libcrypto/des/asm/des686.pl
new file mode 100644
index 0000000000..cf1a82fb5c
--- /dev/null
+++ b/src/lib/libcrypto/des/asm/des686.pl
@@ -0,0 +1,230 @@
+#!/usr/bin/perl
+
+$prog="des686.pl";
+
+# base code is in microsft
+# op dest, source
+# format.
+#
+
+# WILL NOT WORK ANYMORE WITH desboth.pl
+require "desboth.pl";
+
+if ( ($ARGV[0] eq "elf"))
+ { require "x86unix.pl"; }
+elsif ( ($ARGV[0] eq "a.out"))
+ { $aout=1; require "x86unix.pl"; }
+elsif ( ($ARGV[0] eq "sol"))
+ { $sol=1; require "x86unix.pl"; }
+elsif ( ($ARGV[0] eq "cpp"))
+ { $cpp=1; require "x86unix.pl"; }
+elsif ( ($ARGV[0] eq "win32"))
+ { require "x86ms.pl"; }
+else
+ {
+ print STDERR <<"EOF";
+Pick one target type from
+ elf - linux, FreeBSD etc
+ a.out - old linux
+ sol - x86 solaris
+ cpp - format so x86unix.cpp can be used
+ win32 - Windows 95/Windows NT
+EOF
+ exit(1);
+ }
+
+&comment("Don't even think of reading this code");
+&comment("It was automatically generated by $prog");
+&comment("Which is a perl program used to generate the x86 assember for");
+&comment("any of elf, a.out, Win32, or Solaris");
+&comment("It can be found in SSLeay 0.6.5+ or in libdes 3.26+");
+&comment("eric <eay\@cryptsoft.com>");
+&comment("");
+
+&file("dx86xxxx");
+
+$L="edi";
+$R="esi";
+
+&des_encrypt("des_encrypt",1);
+&des_encrypt("des_encrypt2",0);
+
+&des_encrypt3("des_encrypt3",1);
+&des_encrypt3("des_decrypt3",0);
+
+&file_end();
+
+sub des_encrypt
+ {
+ local($name,$do_ip)=@_;
+
+ &function_begin($name,"EXTRN _des_SPtrans:DWORD");
+
+ &comment("");
+ &comment("Load the 2 words");
+ &mov("eax",&wparam(0));
+ &mov($L,&DWP(0,"eax","",0));
+ &mov($R,&DWP(4,"eax","",0));
+
+ $ksp=&wparam(1);
+
+ if ($do_ip)
+ {
+ &comment("");
+ &comment("IP");
+ &IP_new($L,$R,"eax");
+ }
+
+ &comment("");
+ &comment("fixup rotate");
+ &rotl($R,3);
+ &rotl($L,3);
+ &exch($L,$R);
+
+ &comment("");
+ &comment("load counter, key_schedule and enc flag");
+ &mov("eax",&wparam(2)); # get encrypt flag
+ &mov("ebp",&wparam(1)); # get ks
+ &cmp("eax","0");
+ &je(&label("start_decrypt"));
+
+ # encrypting part
+
+ for ($i=0; $i<16; $i+=2)
+ {
+ &comment("");
+ &comment("Round $i");
+ &D_ENCRYPT($L,$R,$i*2,"ebp","des_SPtrans","ecx","edx","eax","ebx");
+
+ &comment("");
+ &comment("Round ".sprintf("%d",$i+1));
+ &D_ENCRYPT($R,$L,($i+1)*2,"ebp","des_SPtrans","ecx","edx","eax","ebx");
+ }
+ &jmp(&label("end"));
+
+ &set_label("start_decrypt");
+
+ for ($i=15; $i>0; $i-=2)
+ {
+ &comment("");
+ &comment("Round $i");
+ &D_ENCRYPT($L,$R,$i*2,"ebp","des_SPtrans","ecx","edx","eax","ebx");
+ &comment("");
+ &comment("Round ".sprintf("%d",$i-1));
+ &D_ENCRYPT($R,$L,($i-1)*2,"ebp","des_SPtrans","ecx","edx","eax","ebx");
+ }
+
+ &set_label("end");
+
+ &comment("");
+ &comment("Fixup");
+ &rotr($L,3); # r
+ &rotr($R,3); # l
+
+ if ($do_ip)
+ {
+ &comment("");
+ &comment("FP");
+ &FP_new($R,$L,"eax");
+ }
+
+ &mov("eax",&wparam(0));
+ &mov(&DWP(0,"eax","",0),$L);
+ &mov(&DWP(4,"eax","",0),$R);
+
+ &function_end($name);
+ }
+
+
+# The logic is to load R into 2 registers and operate on both at the same time.
+# We also load the 2 R's into 2 more registers so we can do the 'move word down a byte'
+# while also masking the other copy and doing a lookup. We then also accumulate the
+# L value in 2 registers then combine them at the end.
+sub D_ENCRYPT
+ {
+ local($L,$R,$S,$ks,$desSP,$u,$t,$tmp1,$tmp2,$tmp3)=@_;
+
+ &mov( $u, &DWP(&n2a($S*4),$ks,"",0));
+ &mov( $t, &DWP(&n2a(($S+1)*4),$ks,"",0));
+ &xor( $u, $R );
+ &xor( $t, $R );
+ &rotr( $t, 4 );
+
+ # the numbers at the end of the line are origional instruction order
+ &mov( $tmp2, $u ); # 1 2
+ &mov( $tmp1, $t ); # 1 1
+ &and( $tmp2, "0xfc" ); # 1 4
+ &and( $tmp1, "0xfc" ); # 1 3
+ &shr( $t, 8 ); # 1 5
+ &xor( $L, &DWP("0x100+$desSP",$tmp1,"",0)); # 1 7
+ &shr( $u, 8 ); # 1 6
+ &mov( $tmp1, &DWP(" $desSP",$tmp2,"",0)); # 1 8
+
+ &mov( $tmp2, $u ); # 2 2
+ &xor( $L, $tmp1 ); # 1 9
+ &and( $tmp2, "0xfc" ); # 2 4
+ &mov( $tmp1, $t ); # 2 1
+ &and( $tmp1, "0xfc" ); # 2 3
+ &shr( $t, 8 ); # 2 5
+ &xor( $L, &DWP("0x300+$desSP",$tmp1,"",0)); # 2 7
+ &shr( $u, 8 ); # 2 6
+ &mov( $tmp1, &DWP("0x200+$desSP",$tmp2,"",0)); # 2 8
+ &mov( $tmp2, $u ); # 3 2
+
+ &xor( $L, $tmp1 ); # 2 9
+ &and( $tmp2, "0xfc" ); # 3 4
+
+ &mov( $tmp1, $t ); # 3 1
+ &shr( $u, 8 ); # 3 6
+ &and( $tmp1, "0xfc" ); # 3 3
+ &shr( $t, 8 ); # 3 5
+ &xor( $L, &DWP("0x500+$desSP",$tmp1,"",0)); # 3 7
+ &mov( $tmp1, &DWP("0x400+$desSP",$tmp2,"",0)); # 3 8
+
+ &and( $t, "0xfc" ); # 4 1
+ &xor( $L, $tmp1 ); # 3 9
+
+ &and( $u, "0xfc" ); # 4 2
+ &xor( $L, &DWP("0x700+$desSP",$t,"",0)); # 4 3
+ &xor( $L, &DWP("0x600+$desSP",$u,"",0)); # 4 4
+ }
+
+sub PERM_OP
+ {
+ local($a,$b,$tt,$shift,$mask)=@_;
+
+ &mov( $tt, $a );
+ &shr( $tt, $shift );
+ &xor( $tt, $b );
+ &and( $tt, $mask );
+ &xor( $b, $tt );
+ &shl( $tt, $shift );
+ &xor( $a, $tt );
+ }
+
+sub IP_new
+ {
+ local($l,$r,$tt)=@_;
+
+ &PERM_OP($r,$l,$tt, 4,"0x0f0f0f0f");
+ &PERM_OP($l,$r,$tt,16,"0x0000ffff");
+ &PERM_OP($r,$l,$tt, 2,"0x33333333");
+ &PERM_OP($l,$r,$tt, 8,"0x00ff00ff");
+ &PERM_OP($r,$l,$tt, 1,"0x55555555");
+ }
+
+sub FP_new
+ {
+ local($l,$r,$tt)=@_;
+
+ &PERM_OP($l,$r,$tt, 1,"0x55555555");
+ &PERM_OP($r,$l,$tt, 8,"0x00ff00ff");
+ &PERM_OP($l,$r,$tt, 2,"0x33333333");
+ &PERM_OP($r,$l,$tt,16,"0x0000ffff");
+ &PERM_OP($l,$r,$tt, 4,"0x0f0f0f0f");
+ }
+
+sub n2a
+ {
+ sprintf("%d",$_[0]);
+ }
diff --git a/src/lib/libcrypto/des/asm/readme b/src/lib/libcrypto/des/asm/readme
new file mode 100644
index 0000000000..f8529d9307
--- /dev/null
+++ b/src/lib/libcrypto/des/asm/readme
@@ -0,0 +1,131 @@
+First up, let me say I don't like writing in assembler. It is not portable,
+dependant on the particular CPU architecture release and is generally a pig
+to debug and get right. Having said that, the x86 architecture is probably
+the most important for speed due to number of boxes and since
+it appears to be the worst architecture to to get
+good C compilers for. So due to this, I have lowered myself to do
+assembler for the inner DES routines in libdes :-).
+
+The file to implement in assembler is des_enc.c. Replace the following
+4 functions
+des_encrypt(DES_LONG data[2],des_key_schedule ks, int encrypt);
+des_encrypt2(DES_LONG data[2],des_key_schedule ks, int encrypt);
+des_encrypt3(DES_LONG data[2],des_key_schedule ks1,ks2,ks3);
+des_decrypt3(DES_LONG data[2],des_key_schedule ks1,ks2,ks3);
+
+They encrypt/decrypt the 64 bits held in 'data' using
+the 'ks' key schedules. The only difference between the 4 functions is that
+des_encrypt2() does not perform IP() or FP() on the data (this is an
+optimization for when doing triple DES and des_encrypt3() and des_decrypt3()
+perform triple des. The triple DES routines are in here because it does
+make a big difference to have them located near the des_encrypt2 function
+at link time..
+
+Now as we all know, there are lots of different operating systems running on
+x86 boxes, and unfortunately they normally try to make sure their assembler
+formating is not the same as the other peoples.
+The 4 main formats I know of are
+Microsoft Windows 95/Windows NT
+Elf Includes Linux and FreeBSD(?).
+a.out The older Linux.
+Solaris Same as Elf but different comments :-(.
+
+Now I was not overly keen to write 4 different copies of the same code,
+so I wrote a few perl routines to output the correct assembler, given
+a target assembler type. This code is ugly and is just a hack.
+The libraries are x86unix.pl and x86ms.pl.
+des586.pl, des686.pl and des-som[23].pl are the programs to actually
+generate the assembler.
+
+So to generate elf assembler
+perl des-som3.pl elf >dx86-elf.s
+For Windows 95/NT
+perl des-som2.pl win32 >win32.asm
+
+[ update 4 Jan 1996 ]
+I have added another way to do things.
+perl des-som3.pl cpp >dx86-cpp.s
+generates a file that will be included by dx86unix.cpp when it is compiled.
+To build for elf, a.out, solaris, bsdi etc,
+cc -E -DELF asm/dx86unix.cpp | as -o asm/dx86-elf.o
+cc -E -DSOL asm/dx86unix.cpp | as -o asm/dx86-sol.o
+cc -E -DOUT asm/dx86unix.cpp | as -o asm/dx86-out.o
+cc -E -DBSDI asm/dx86unix.cpp | as -o asm/dx86bsdi.o
+This was done to cut down the number of files in the distribution.
+
+Now the ugly part. I acquired my copy of Intels
+"Optimization's For Intel's 32-Bit Processors" and found a few interesting
+things. First, the aim of the exersize is to 'extract' one byte at a time
+from a word and do an array lookup. This involves getting the byte from
+the 4 locations in the word and moving it to a new word and doing the lookup.
+The most obvious way to do this is
+xor eax, eax # clear word
+movb al, cl # get low byte
+xor edi DWORD PTR 0x100+des_SP[eax] # xor in word
+movb al, ch # get next byte
+xor edi DWORD PTR 0x300+des_SP[eax] # xor in word
+shr ecx 16
+which seems ok. For the pentium, this system appears to be the best.
+One has to do instruction interleaving to keep both functional units
+operating, but it is basically very efficient.
+
+Now the crunch. When a full register is used after a partial write, eg.
+mov al, cl
+xor edi, DWORD PTR 0x100+des_SP[eax]
+386 - 1 cycle stall
+486 - 1 cycle stall
+586 - 0 cycle stall
+686 - at least 7 cycle stall (page 22 of the above mentioned document).
+
+So the technique that produces the best results on a pentium, according to
+the documentation, will produce hideous results on a pentium pro.
+
+To get around this, des686.pl will generate code that is not as fast on
+a pentium, should be very good on a pentium pro.
+mov eax, ecx # copy word
+shr ecx, 8 # line up next byte
+and eax, 0fch # mask byte
+xor edi DWORD PTR 0x100+des_SP[eax] # xor in array lookup
+mov eax, ecx # get word
+shr ecx 8 # line up next byte
+and eax, 0fch # mask byte
+xor edi DWORD PTR 0x300+des_SP[eax] # xor in array lookup
+
+Due to the execution units in the pentium, this actually works quite well.
+For a pentium pro it should be very good. This is the type of output
+Visual C++ generates.
+
+There is a third option. instead of using
+mov al, ch
+which is bad on the pentium pro, one may be able to use
+movzx eax, ch
+which may not incur the partial write penalty. On the pentium,
+this instruction takes 4 cycles so is not worth using but on the
+pentium pro it appears it may be worth while. I need access to one to
+experiment :-).
+
+eric (20 Oct 1996)
+
+22 Nov 1996 - I have asked people to run the 2 different version on pentium
+pros and it appears that the intel documentation is wrong. The
+mov al,bh is still faster on a pentium pro, so just use the des586.pl
+install des686.pl
+
+3 Dec 1996 - I added des_encrypt3/des_decrypt3 because I have moved these
+functions into des_enc.c because it does make a massive performance
+difference on some boxes to have the functions code located close to
+the des_encrypt2() function.
+
+9 Jan 1997 - des-som2.pl is now the correct perl script to use for
+pentiums. It contains an inner loop from
+Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk> which does raw ecb DES calls at
+273,000 per second. He had a previous version at 250,000 and the best
+I was able to get was 203,000. The content has not changed, this is all
+due to instruction sequencing (and actual instructions choice) which is able
+to keep both functional units of the pentium going.
+We may have lost the ugly register usage restrictions when x86 went 32 bit
+but for the pentium it has been replaced by evil instruction ordering tricks.
+
+13 Jan 1997 - des-som3.pl, more optimizations from Svend Olaf.
+raw DES at 281,000 per second on a pentium 100.
+
diff --git a/src/lib/libcrypto/des/cbc3_enc.c b/src/lib/libcrypto/des/cbc3_enc.c
new file mode 100644
index 0000000000..92a78b05d6
--- /dev/null
+++ b/src/lib/libcrypto/des/cbc3_enc.c
@@ -0,0 +1,99 @@
+/* crypto/des/cbc3_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+/* HAS BUGS? DON'T USE - this is only present for use in des.c */
+void des_3cbc_encrypt(input, output, length, ks1, ks2, iv1, iv2, enc)
+des_cblock (*input);
+des_cblock (*output);
+long length;
+des_key_schedule ks1;
+des_key_schedule ks2;
+des_cblock (*iv1);
+des_cblock (*iv2);
+int enc;
+ {
+ int off=((int)length-1)/8;
+ long l8=((length+7)/8)*8;
+ des_cblock niv1,niv2;
+
+ if (enc == DES_ENCRYPT)
+ {
+ des_cbc_encrypt(input,output,length,ks1,iv1,enc);
+ if (length >= sizeof(des_cblock))
+ memcpy(niv1,output[off],sizeof(des_cblock));
+ des_cbc_encrypt(output,output,l8,ks2,iv1,!enc);
+ des_cbc_encrypt(output,output,l8,ks1,iv2, enc);
+ if (length >= sizeof(des_cblock))
+ memcpy(niv2,output[off],sizeof(des_cblock));
+ }
+ else
+ {
+ if (length >= sizeof(des_cblock))
+ memcpy(niv2,input[off],sizeof(des_cblock));
+ des_cbc_encrypt(input,output,l8,ks1,iv2,enc);
+ des_cbc_encrypt(output,output,l8,ks2,iv1,!enc);
+ if (length >= sizeof(des_cblock))
+ memcpy(niv1,output[off],sizeof(des_cblock));
+ des_cbc_encrypt(output,output,length,ks1,iv1, enc);
+ }
+ memcpy(*iv1,niv1,sizeof(des_cblock));
+ memcpy(*iv2,niv2,sizeof(des_cblock));
+ }
+
diff --git a/src/lib/libcrypto/des/des.c b/src/lib/libcrypto/des/des.c
new file mode 100644
index 0000000000..c1e5005474
--- /dev/null
+++ b/src/lib/libcrypto/des/des.c
@@ -0,0 +1,964 @@
+/* crypto/des/des.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#ifndef MSDOS
+#include <unistd.h>
+#else
+#include <io.h>
+#define RAND
+#endif
+
+#include <time.h>
+#include "des_ver.h"
+
+#ifdef VMS
+#include <types.h>
+#include <stat.h>
+#else
+#ifndef _IRIX
+#include <sys/types.h>
+#endif
+#include <sys/stat.h>
+#endif
+#if defined(NOCONST)
+#define const
+#endif
+#include "des.h"
+
+#if defined(__STDC__) || defined(VMS) || defined(M_XENIX) || defined(MSDOS)
+#include <string.h>
+#endif
+
+#ifdef RAND
+#define random rand
+#define srandom(s) srand(s)
+#endif
+
+#ifndef NOPROTO
+void usage(void);
+void doencryption(void);
+int uufwrite(unsigned char *data, int size, unsigned int num, FILE *fp);
+void uufwriteEnd(FILE *fp);
+int uufread(unsigned char *out,int size,unsigned int num,FILE *fp);
+int uuencode(unsigned char *in,int num,unsigned char *out);
+int uudecode(unsigned char *in,int num,unsigned char *out);
+void des_3cbc_encrypt(des_cblock *input,des_cblock *output,long length,
+ des_key_schedule sk1,des_key_schedule sk2,
+ des_cblock *ivec1,des_cblock *ivec2,int enc);
+#else
+void usage();
+void doencryption();
+int uufwrite();
+void uufwriteEnd();
+int uufread();
+int uuencode();
+int uudecode();
+void des_3cbc_encrypt();
+#endif
+
+#ifdef VMS
+#define EXIT(a) exit(a&0x10000000L)
+#else
+#define EXIT(a) exit(a)
+#endif
+
+#define BUFSIZE (8*1024)
+#define VERIFY 1
+#define KEYSIZ 8
+#define KEYSIZB 1024 /* should hit tty line limit first :-) */
+char key[KEYSIZB+1];
+int do_encrypt,longk=0;
+FILE *DES_IN,*DES_OUT,*CKSUM_OUT;
+char uuname[200];
+unsigned char uubuf[50];
+int uubufnum=0;
+#define INUUBUFN (45*100)
+#define OUTUUBUF (65*100)
+unsigned char b[OUTUUBUF];
+unsigned char bb[300];
+des_cblock cksum={0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
+char cksumname[200]="";
+
+int vflag,cflag,eflag,dflag,kflag,bflag,fflag,sflag,uflag,flag3,hflag,error;
+
+int main(argc, argv)
+int argc;
+char **argv;
+ {
+ int i;
+ struct stat ins,outs;
+ char *p;
+ char *in=NULL,*out=NULL;
+
+ vflag=cflag=eflag=dflag=kflag=hflag=bflag=fflag=sflag=uflag=flag3=0;
+ error=0;
+ memset(key,0,sizeof(key));
+
+ for (i=1; i<argc; i++)
+ {
+ p=argv[i];
+ if ((p[0] == '-') && (p[1] != '\0'))
+ {
+ p++;
+ while (*p)
+ {
+ switch (*(p++))
+ {
+ case '3':
+ flag3=1;
+ longk=1;
+ break;
+ case 'c':
+ cflag=1;
+ strncpy(cksumname,p,200);
+ p+=strlen(cksumname);
+ break;
+ case 'C':
+ cflag=1;
+ longk=1;
+ strncpy(cksumname,p,200);
+ p+=strlen(cksumname);
+ break;
+ case 'e':
+ eflag=1;
+ break;
+ case 'v':
+ vflag=1;
+ break;
+ case 'E':
+ eflag=1;
+ longk=1;
+ break;
+ case 'd':
+ dflag=1;
+ break;
+ case 'D':
+ dflag=1;
+ longk=1;
+ break;
+ case 'b':
+ bflag=1;
+ break;
+ case 'f':
+ fflag=1;
+ break;
+ case 's':
+ sflag=1;
+ break;
+ case 'u':
+ uflag=1;
+ strncpy(uuname,p,200);
+ p+=strlen(uuname);
+ break;
+ case 'h':
+ hflag=1;
+ break;
+ case 'k':
+ kflag=1;
+ if ((i+1) == argc)
+ {
+ fputs("must have a key with the -k option\n",stderr);
+ error=1;
+ }
+ else
+ {
+ int j;
+
+ i++;
+ strncpy(key,argv[i],KEYSIZB);
+ for (j=strlen(argv[i])-1; j>=0; j--)
+ argv[i][j]='\0';
+ }
+ break;
+ default:
+ fprintf(stderr,"'%c' unknown flag\n",p[-1]);
+ error=1;
+ break;
+ }
+ }
+ }
+ else
+ {
+ if (in == NULL)
+ in=argv[i];
+ else if (out == NULL)
+ out=argv[i];
+ else
+ error=1;
+ }
+ }
+ if (error) usage();
+ /* We either
+ * do checksum or
+ * do encrypt or
+ * do decrypt or
+ * do decrypt then ckecksum or
+ * do checksum then encrypt
+ */
+ if (((eflag+dflag) == 1) || cflag)
+ {
+ if (eflag) do_encrypt=DES_ENCRYPT;
+ if (dflag) do_encrypt=DES_DECRYPT;
+ }
+ else
+ {
+ if (vflag)
+ {
+#ifndef _Windows
+ fprintf(stderr,"des(1) built with %s\n",libdes_version);
+#endif
+ EXIT(1);
+ }
+ else usage();
+ }
+
+#ifndef _Windows
+ if (vflag) fprintf(stderr,"des(1) built with %s\n",libdes_version);
+#endif
+ if ( (in != NULL) &&
+ (out != NULL) &&
+#ifndef MSDOS
+ (stat(in,&ins) != -1) &&
+ (stat(out,&outs) != -1) &&
+ (ins.st_dev == outs.st_dev) &&
+ (ins.st_ino == outs.st_ino))
+#else /* MSDOS */
+ (strcmp(in,out) == 0))
+#endif
+ {
+ fputs("input and output file are the same\n",stderr);
+ EXIT(3);
+ }
+
+ if (!kflag)
+ if (des_read_pw_string(key,KEYSIZB+1,"Enter key:",eflag?VERIFY:0))
+ {
+ fputs("password error\n",stderr);
+ EXIT(2);
+ }
+
+ if (in == NULL)
+ DES_IN=stdin;
+ else if ((DES_IN=fopen(in,"r")) == NULL)
+ {
+ perror("opening input file");
+ EXIT(4);
+ }
+
+ CKSUM_OUT=stdout;
+ if (out == NULL)
+ {
+ DES_OUT=stdout;
+ CKSUM_OUT=stderr;
+ }
+ else if ((DES_OUT=fopen(out,"w")) == NULL)
+ {
+ perror("opening output file");
+ EXIT(5);
+ }
+
+#ifdef MSDOS
+ /* This should set the file to binary mode. */
+ {
+#include <fcntl.h>
+ if (!(uflag && dflag))
+ setmode(fileno(DES_IN),O_BINARY);
+ if (!(uflag && eflag))
+ setmode(fileno(DES_OUT),O_BINARY);
+ }
+#endif
+
+ doencryption();
+ fclose(DES_IN);
+ fclose(DES_OUT);
+ EXIT(0);
+ }
+
+void usage()
+ {
+ char **u;
+ static const char *Usage[]={
+"des <options> [input-file [output-file]]",
+"options:",
+"-v : des(1) version number",
+"-e : encrypt using sunOS compatible user key to DES key conversion.",
+"-E : encrypt ",
+"-d : decrypt using sunOS compatible user key to DES key conversion.",
+"-D : decrypt ",
+"-c[ckname] : generate a cbc_cksum using sunOS compatible user key to",
+" DES key conversion and output to ckname (stdout default,",
+" stderr if data being output on stdout). The checksum is",
+" generated before encryption and after decryption if used",
+" in conjunction with -[eEdD].",
+"-C[ckname] : generate a cbc_cksum as for -c but compatible with -[ED].",
+"-k key : use key 'key'",
+"-h : the key that is entered will be a hexidecimal number",
+" that is used directly as the des key",
+"-u[uuname] : input file is uudecoded if -[dD] or output uuencoded data if -[eE]",
+" (uuname is the filename to put in the uuencode header).",
+"-b : encrypt using DES in ecb encryption mode, the defaut is cbc mode.",
+"-3 : encrypt using tripple DES encryption. This uses 2 keys",
+" generated from the input key. If the input key is less",
+" than 8 characters long, this is equivelent to normal",
+" encryption. Default is tripple cbc, -b makes it tripple ecb.",
+NULL
+};
+ for (u=(char **)Usage; *u; u++)
+ {
+ fputs(*u,stderr);
+ fputc('\n',stderr);
+ }
+
+ EXIT(1);
+ }
+
+void doencryption()
+ {
+#ifdef _LIBC
+ extern int srandom();
+ extern int random();
+ extern unsigned long time();
+#endif
+
+ register int i;
+ des_key_schedule ks,ks2;
+ unsigned char iv[8],iv2[8];
+ char *p;
+ int num=0,j,k,l,rem,ll,len,last,ex=0;
+ des_cblock kk,k2;
+ FILE *O;
+ int Exit=0;
+#ifndef MSDOS
+ static unsigned char buf[BUFSIZE+8],obuf[BUFSIZE+8];
+#else
+ static unsigned char *buf=NULL,*obuf=NULL;
+
+ if (buf == NULL)
+ {
+ if ( (( buf=(unsigned char *)Malloc(BUFSIZE+8)) == NULL) ||
+ ((obuf=(unsigned char *)Malloc(BUFSIZE+8)) == NULL))
+ {
+ fputs("Not enough memory\n",stderr);
+ Exit=10;
+ goto problems;
+ }
+ }
+#endif
+
+ if (hflag)
+ {
+ j=(flag3?16:8);
+ p=key;
+ for (i=0; i<j; i++)
+ {
+ k=0;
+ if ((*p <= '9') && (*p >= '0'))
+ k=(*p-'0')<<4;
+ else if ((*p <= 'f') && (*p >= 'a'))
+ k=(*p-'a'+10)<<4;
+ else if ((*p <= 'F') && (*p >= 'A'))
+ k=(*p-'A'+10)<<4;
+ else
+ {
+ fputs("Bad hex key\n",stderr);
+ Exit=9;
+ goto problems;
+ }
+ p++;
+ if ((*p <= '9') && (*p >= '0'))
+ k|=(*p-'0');
+ else if ((*p <= 'f') && (*p >= 'a'))
+ k|=(*p-'a'+10);
+ else if ((*p <= 'F') && (*p >= 'A'))
+ k|=(*p-'A'+10);
+ else
+ {
+ fputs("Bad hex key\n",stderr);
+ Exit=9;
+ goto problems;
+ }
+ p++;
+ if (i < 8)
+ kk[i]=k;
+ else
+ k2[i-8]=k;
+ }
+ des_set_key((C_Block *)k2,ks2);
+ memset(k2,0,sizeof(k2));
+ }
+ else if (longk || flag3)
+ {
+ if (flag3)
+ {
+ des_string_to_2keys(key,(C_Block *)kk,(C_Block *)k2);
+ des_set_key((C_Block *)k2,ks2);
+ memset(k2,0,sizeof(k2));
+ }
+ else
+ des_string_to_key(key,(C_Block *)kk);
+ }
+ else
+ for (i=0; i<KEYSIZ; i++)
+ {
+ l=0;
+ k=key[i];
+ for (j=0; j<8; j++)
+ {
+ if (k&1) l++;
+ k>>=1;
+ }
+ if (l & 1)
+ kk[i]=key[i]&0x7f;
+ else
+ kk[i]=key[i]|0x80;
+ }
+
+ des_set_key((C_Block *)kk,ks);
+ memset(key,0,sizeof(key));
+ memset(kk,0,sizeof(kk));
+ /* woops - A bug that does not showup under unix :-( */
+ memset(iv,0,sizeof(iv));
+ memset(iv2,0,sizeof(iv2));
+
+ l=1;
+ rem=0;
+ /* first read */
+ if (eflag || (!dflag && cflag))
+ {
+ for (;;)
+ {
+ num=l=fread(&(buf[rem]),1,BUFSIZE,DES_IN);
+ l+=rem;
+ num+=rem;
+ if (l < 0)
+ {
+ perror("read error");
+ Exit=6;
+ goto problems;
+ }
+
+ rem=l%8;
+ len=l-rem;
+ if (feof(DES_IN))
+ {
+ srandom((unsigned int)time(NULL));
+ for (i=7-rem; i>0; i--)
+ buf[l++]=random()&0xff;
+ buf[l++]=rem;
+ ex=1;
+ len+=rem;
+ }
+ else
+ l-=rem;
+
+ if (cflag)
+ {
+ des_cbc_cksum((C_Block *)buf,(C_Block *)cksum,
+ (long)len,ks,(C_Block *)cksum);
+ if (!eflag)
+ {
+ if (feof(DES_IN)) break;
+ else continue;
+ }
+ }
+
+ if (bflag && !flag3)
+ for (i=0; i<l; i+=8)
+ des_ecb_encrypt(
+ (des_cblock *)&(buf[i]),
+ (des_cblock *)&(obuf[i]),
+ ks,do_encrypt);
+ else if (flag3 && bflag)
+ for (i=0; i<l; i+=8)
+ des_ecb2_encrypt(
+ (des_cblock *)&(buf[i]),
+ (des_cblock *)&(obuf[i]),
+ ks,ks2,do_encrypt);
+ else if (flag3 && !bflag)
+ {
+ char tmpbuf[8];
+
+ if (rem) memcpy(tmpbuf,&(buf[l]),
+ (unsigned int)rem);
+ des_3cbc_encrypt(
+ (des_cblock *)buf,(des_cblock *)obuf,
+ (long)l,ks,ks2,(des_cblock *)iv,
+ (des_cblock *)iv2,do_encrypt);
+ if (rem) memcpy(&(buf[l]),tmpbuf,
+ (unsigned int)rem);
+ }
+ else
+ {
+ des_cbc_encrypt(
+ (des_cblock *)buf,(des_cblock *)obuf,
+ (long)l,ks,(des_cblock *)iv,do_encrypt);
+ if (l >= 8) memcpy(iv,&(obuf[l-8]),8);
+ }
+ if (rem) memcpy(buf,&(buf[l]),(unsigned int)rem);
+
+ i=0;
+ while (i < l)
+ {
+ if (uflag)
+ j=uufwrite(obuf,1,(unsigned int)l-i,
+ DES_OUT);
+ else
+ j=fwrite(obuf,1,(unsigned int)l-i,
+ DES_OUT);
+ if (j == -1)
+ {
+ perror("Write error");
+ Exit=7;
+ goto problems;
+ }
+ i+=j;
+ }
+ if (feof(DES_IN))
+ {
+ if (uflag) uufwriteEnd(DES_OUT);
+ break;
+ }
+ }
+ }
+ else /* decrypt */
+ {
+ ex=1;
+ for (;;)
+ {
+ if (ex) {
+ if (uflag)
+ l=uufread(buf,1,BUFSIZE,DES_IN);
+ else
+ l=fread(buf,1,BUFSIZE,DES_IN);
+ ex=0;
+ rem=l%8;
+ l-=rem;
+ }
+ if (l < 0)
+ {
+ perror("read error");
+ Exit=6;
+ goto problems;
+ }
+
+ if (bflag && !flag3)
+ for (i=0; i<l; i+=8)
+ des_ecb_encrypt(
+ (des_cblock *)&(buf[i]),
+ (des_cblock *)&(obuf[i]),
+ ks,do_encrypt);
+ else if (flag3 && bflag)
+ for (i=0; i<l; i+=8)
+ des_ecb2_encrypt(
+ (des_cblock *)&(buf[i]),
+ (des_cblock *)&(obuf[i]),
+ ks,ks2,do_encrypt);
+ else if (flag3 && !bflag)
+ {
+ des_3cbc_encrypt(
+ (des_cblock *)buf,(des_cblock *)obuf,
+ (long)l,ks,ks2,(des_cblock *)iv,
+ (des_cblock *)iv2,do_encrypt);
+ }
+ else
+ {
+ des_cbc_encrypt(
+ (des_cblock *)buf,(des_cblock *)obuf,
+ (long)l,ks,(des_cblock *)iv,do_encrypt);
+ if (l >= 8) memcpy(iv,&(buf[l-8]),8);
+ }
+
+ if (uflag)
+ ll=uufread(&(buf[rem]),1,BUFSIZE,DES_IN);
+ else
+ ll=fread(&(buf[rem]),1,BUFSIZE,DES_IN);
+ ll+=rem;
+ rem=ll%8;
+ ll-=rem;
+ if (feof(DES_IN) && (ll == 0))
+ {
+ last=obuf[l-1];
+
+ if ((last > 7) || (last < 0))
+ {
+ fputs("The file was not decrypted correctly.\n",
+ stderr);
+ Exit=8;
+ last=0;
+ }
+ l=l-8+last;
+ }
+ i=0;
+ if (cflag) des_cbc_cksum((C_Block *)obuf,
+ (C_Block *)cksum,(long)l/8*8,ks,
+ (C_Block *)cksum);
+ while (i != l)
+ {
+ j=fwrite(obuf,1,(unsigned int)l-i,DES_OUT);
+ if (j == -1)
+ {
+ perror("Write error");
+ Exit=7;
+ goto problems;
+ }
+ i+=j;
+ }
+ l=ll;
+ if ((l == 0) && feof(DES_IN)) break;
+ }
+ }
+ if (cflag)
+ {
+ l=0;
+ if (cksumname[0] != '\0')
+ {
+ if ((O=fopen(cksumname,"w")) != NULL)
+ {
+ CKSUM_OUT=O;
+ l=1;
+ }
+ }
+ for (i=0; i<8; i++)
+ fprintf(CKSUM_OUT,"%02X",cksum[i]);
+ fprintf(CKSUM_OUT,"\n");
+ if (l) fclose(CKSUM_OUT);
+ }
+problems:
+ memset(buf,0,sizeof(buf));
+ memset(obuf,0,sizeof(obuf));
+ memset(ks,0,sizeof(ks));
+ memset(ks2,0,sizeof(ks2));
+ memset(iv,0,sizeof(iv));
+ memset(iv2,0,sizeof(iv2));
+ memset(kk,0,sizeof(kk));
+ memset(k2,0,sizeof(k2));
+ memset(uubuf,0,sizeof(uubuf));
+ memset(b,0,sizeof(b));
+ memset(bb,0,sizeof(bb));
+ memset(cksum,0,sizeof(cksum));
+ if (Exit) EXIT(Exit);
+ }
+
+int uufwrite(data, size, num, fp)
+unsigned char *data;
+int size;
+unsigned int num;
+FILE *fp;
+
+ /* We ignore this parameter but it should be > ~50 I believe */
+
+
+ {
+ int i,j,left,rem,ret=num;
+ static int start=1;
+
+ if (start)
+ {
+ fprintf(fp,"begin 600 %s\n",
+ (uuname[0] == '\0')?"text.d":uuname);
+ start=0;
+ }
+
+ if (uubufnum)
+ {
+ if (uubufnum+num < 45)
+ {
+ memcpy(&(uubuf[uubufnum]),data,(unsigned int)num);
+ uubufnum+=num;
+ return(num);
+ }
+ else
+ {
+ i=45-uubufnum;
+ memcpy(&(uubuf[uubufnum]),data,(unsigned int)i);
+ j=uuencode((unsigned char *)uubuf,45,b);
+ fwrite(b,1,(unsigned int)j,fp);
+ uubufnum=0;
+ data+=i;
+ num-=i;
+ }
+ }
+
+ for (i=0; i<(((int)num)-INUUBUFN); i+=INUUBUFN)
+ {
+ j=uuencode(&(data[i]),INUUBUFN,b);
+ fwrite(b,1,(unsigned int)j,fp);
+ }
+ rem=(num-i)%45;
+ left=(num-i-rem);
+ if (left)
+ {
+ j=uuencode(&(data[i]),left,b);
+ fwrite(b,1,(unsigned int)j,fp);
+ i+=left;
+ }
+ if (i != num)
+ {
+ memcpy(uubuf,&(data[i]),(unsigned int)rem);
+ uubufnum=rem;
+ }
+ return(ret);
+ }
+
+void uufwriteEnd(fp)
+FILE *fp;
+ {
+ int j;
+ static const char *end=" \nend\n";
+
+ if (uubufnum != 0)
+ {
+ uubuf[uubufnum]='\0';
+ uubuf[uubufnum+1]='\0';
+ uubuf[uubufnum+2]='\0';
+ j=uuencode(uubuf,uubufnum,b);
+ fwrite(b,1,(unsigned int)j,fp);
+ }
+ fwrite(end,1,strlen(end),fp);
+ }
+
+int uufread(out, size, num, fp)
+unsigned char *out;
+int size; /* should always be > ~ 60; I actually ignore this parameter :-) */
+unsigned int num;
+FILE *fp;
+ {
+ int i,j,tot;
+ static int done=0;
+ static int valid=0;
+ static int start=1;
+
+ if (start)
+ {
+ for (;;)
+ {
+ b[0]='\0';
+ fgets((char *)b,300,fp);
+ if (b[0] == '\0')
+ {
+ fprintf(stderr,"no 'begin' found in uuencoded input\n");
+ return(-1);
+ }
+ if (strncmp((char *)b,"begin ",6) == 0) break;
+ }
+ start=0;
+ }
+ if (done) return(0);
+ tot=0;
+ if (valid)
+ {
+ memcpy(out,bb,(unsigned int)valid);
+ tot=valid;
+ valid=0;
+ }
+ for (;;)
+ {
+ b[0]='\0';
+ fgets((char *)b,300,fp);
+ if (b[0] == '\0') break;
+ i=strlen((char *)b);
+ if ((b[0] == 'e') && (b[1] == 'n') && (b[2] == 'd'))
+ {
+ done=1;
+ while (!feof(fp))
+ {
+ fgets((char *)b,300,fp);
+ }
+ break;
+ }
+ i=uudecode(b,i,bb);
+ if (i < 0) break;
+ if ((i+tot+8) > num)
+ {
+ /* num to copy to make it a multiple of 8 */
+ j=(num/8*8)-tot-8;
+ memcpy(&(out[tot]),bb,(unsigned int)j);
+ tot+=j;
+ memcpy(bb,&(bb[j]),(unsigned int)i-j);
+ valid=i-j;
+ break;
+ }
+ memcpy(&(out[tot]),bb,(unsigned int)i);
+ tot+=i;
+ }
+ return(tot);
+ }
+
+#define ccc2l(c,l) (l =((DES_LONG)(*((c)++)))<<16, \
+ l|=((DES_LONG)(*((c)++)))<< 8, \
+ l|=((DES_LONG)(*((c)++))))
+
+#define l2ccc(l,c) (*((c)++)=(unsigned char)(((l)>>16)&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
+ *((c)++)=(unsigned char)(((l) )&0xff))
+
+
+int uuencode(in, num, out)
+unsigned char *in;
+int num;
+unsigned char *out;
+ {
+ int j,i,n,tot=0;
+ DES_LONG l;
+ register unsigned char *p;
+ p=out;
+
+ for (j=0; j<num; j+=45)
+ {
+ if (j+45 > num)
+ i=(num-j);
+ else i=45;
+ *(p++)=i+' ';
+ for (n=0; n<i; n+=3)
+ {
+ ccc2l(in,l);
+ *(p++)=((l>>18)&0x3f)+' ';
+ *(p++)=((l>>12)&0x3f)+' ';
+ *(p++)=((l>> 6)&0x3f)+' ';
+ *(p++)=((l )&0x3f)+' ';
+ tot+=4;
+ }
+ *(p++)='\n';
+ tot+=2;
+ }
+ *p='\0';
+ l=0;
+ return(tot);
+ }
+
+int uudecode(in, num, out)
+unsigned char *in;
+int num;
+unsigned char *out;
+ {
+ int j,i,k;
+ unsigned int n=0,space=0;
+ DES_LONG l;
+ DES_LONG w,x,y,z;
+ unsigned int blank=(unsigned int)'\n'-' ';
+
+ for (j=0; j<num; )
+ {
+ n= *(in++)-' ';
+ if (n == blank)
+ {
+ n=0;
+ in--;
+ }
+ if (n > 60)
+ {
+ fprintf(stderr,"uuencoded line length too long\n");
+ return(-1);
+ }
+ j++;
+
+ for (i=0; i<n; j+=4,i+=3)
+ {
+ /* the following is for cases where spaces are
+ * removed from lines.
+ */
+ if (space)
+ {
+ w=x=y=z=0;
+ }
+ else
+ {
+ w= *(in++)-' ';
+ x= *(in++)-' ';
+ y= *(in++)-' ';
+ z= *(in++)-' ';
+ }
+ if ((w > 63) || (x > 63) || (y > 63) || (z > 63))
+ {
+ k=0;
+ if (w == blank) k=1;
+ if (x == blank) k=2;
+ if (y == blank) k=3;
+ if (z == blank) k=4;
+ space=1;
+ switch (k) {
+ case 1: w=0; in--;
+ case 2: x=0; in--;
+ case 3: y=0; in--;
+ case 4: z=0; in--;
+ break;
+ case 0:
+ space=0;
+ fprintf(stderr,"bad uuencoded data values\n");
+ w=x=y=z=0;
+ return(-1);
+ break;
+ }
+ }
+ l=(w<<18)|(x<<12)|(y<< 6)|(z );
+ l2ccc(l,out);
+ }
+ if (*(in++) != '\n')
+ {
+ fprintf(stderr,"missing nl in uuencoded line\n");
+ w=x=y=z=0;
+ return(-1);
+ }
+ j++;
+ }
+ *out='\0';
+ w=x=y=z=0;
+ return(n);
+ }
diff --git a/src/lib/libcrypto/des/des3s.cpp b/src/lib/libcrypto/des/des3s.cpp
new file mode 100644
index 0000000000..9aff6494d9
--- /dev/null
+++ b/src/lib/libcrypto/des/des3s.cpp
@@ -0,0 +1,67 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+ asm volatile(".byte 15, 49\n\t"
+ : "=eax" (tsc)
+ :
+ : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+ unsigned long a;
+ __asm _emit 0fh
+ __asm _emit 31h
+ __asm mov a, eax;
+ tsc=a;
+}
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "des.h"
+
+void main(int argc,char *argv[])
+ {
+ des_key_schedule key1,key2,key3;
+ unsigned long s1,s2,e1,e2;
+ unsigned long data[2];
+ int i,j;
+
+ for (j=0; j<6; j++)
+ {
+ for (i=0; i<1000; i++) /**/
+ {
+ des_encrypt3(&data[0],key1,key2,key3);
+ GetTSC(s1);
+ des_encrypt3(&data[0],key1,key2,key3);
+ des_encrypt3(&data[0],key1,key2,key3);
+ des_encrypt3(&data[0],key1,key2,key3);
+ GetTSC(e1);
+ GetTSC(s2);
+ des_encrypt3(&data[0],key1,key2,key3);
+ des_encrypt3(&data[0],key1,key2,key3);
+ des_encrypt3(&data[0],key1,key2,key3);
+ des_encrypt3(&data[0],key1,key2,key3);
+ GetTSC(e2);
+ des_encrypt3(&data[0],key1,key2,key3);
+ }
+
+ printf("des %d %d (%d)\n",
+ e1-s1,e2-s2,((e2-s2)-(e1-s1)));
+ }
+ }
+
diff --git a/src/lib/libcrypto/des/des_opts.c b/src/lib/libcrypto/des/des_opts.c
new file mode 100644
index 0000000000..fdf0fbf461
--- /dev/null
+++ b/src/lib/libcrypto/des/des_opts.c
@@ -0,0 +1,620 @@
+/* crypto/des/des_opts.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* define PART1, PART2, PART3 or PART4 to build only with a few of the options.
+ * This is for machines with 64k code segment size restrictions. */
+
+#ifndef MSDOS
+#define TIMES
+#endif
+
+#include <stdio.h>
+#ifndef MSDOS
+#include <unistd.h>
+#else
+#include <io.h>
+extern void exit();
+#endif
+#include <signal.h>
+#ifndef VMS
+#ifndef _IRIX
+#include <time.h>
+#endif
+#ifdef TIMES
+#include <sys/types.h>
+#include <sys/times.h>
+#endif
+#else /* VMS */
+#include <types.h>
+struct tms {
+ time_t tms_utime;
+ time_t tms_stime;
+ time_t tms_uchild; /* I dunno... */
+ time_t tms_uchildsys; /* so these names are a guess :-) */
+ }
+#endif
+#ifndef TIMES
+#include <sys/timeb.h>
+#endif
+
+#ifdef sun
+#include <limits.h>
+#include <sys/param.h>
+#endif
+
+#include "des.h"
+#include "spr.h"
+
+#define DES_DEFAULT_OPTIONS
+
+#if !defined(PART1) && !defined(PART2) && !defined(PART3) && !defined(PART4)
+#define PART1
+#define PART2
+#define PART3
+#define PART4
+#endif
+
+#ifdef PART1
+
+#undef DES_UNROLL
+#undef DES_RISC1
+#undef DES_RISC2
+#undef DES_PTR
+#undef D_ENCRYPT
+#define des_encrypt des_encrypt_u4_cisc_idx
+#define des_encrypt2 des_encrypt2_u4_cisc_idx
+#define des_encrypt3 des_encrypt3_u4_cisc_idx
+#define des_decrypt3 des_decrypt3_u4_cisc_idx
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#define DES_UNROLL
+#undef DES_RISC1
+#undef DES_RISC2
+#undef DES_PTR
+#undef D_ENCRYPT
+#undef des_encrypt
+#undef des_encrypt2
+#undef des_encrypt3
+#undef des_decrypt3
+#define des_encrypt des_encrypt_u16_cisc_idx
+#define des_encrypt2 des_encrypt2_u16_cisc_idx
+#define des_encrypt3 des_encrypt3_u16_cisc_idx
+#define des_decrypt3 des_decrypt3_u16_cisc_idx
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#undef DES_UNROLL
+#define DES_RISC1
+#undef DES_RISC2
+#undef DES_PTR
+#undef D_ENCRYPT
+#undef des_encrypt
+#undef des_encrypt2
+#undef des_encrypt3
+#undef des_decrypt3
+#define des_encrypt des_encrypt_u4_risc1_idx
+#define des_encrypt2 des_encrypt2_u4_risc1_idx
+#define des_encrypt3 des_encrypt3_u4_risc1_idx
+#define des_decrypt3 des_decrypt3_u4_risc1_idx
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#endif
+
+#ifdef PART2
+
+#undef DES_UNROLL
+#undef DES_RISC1
+#define DES_RISC2
+#undef DES_PTR
+#undef D_ENCRYPT
+#undef des_encrypt
+#undef des_encrypt2
+#undef des_encrypt3
+#undef des_decrypt3
+#define des_encrypt des_encrypt_u4_risc2_idx
+#define des_encrypt2 des_encrypt2_u4_risc2_idx
+#define des_encrypt3 des_encrypt3_u4_risc2_idx
+#define des_decrypt3 des_decrypt3_u4_risc2_idx
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#define DES_UNROLL
+#define DES_RISC1
+#undef DES_RISC2
+#undef DES_PTR
+#undef D_ENCRYPT
+#undef des_encrypt
+#undef des_encrypt2
+#undef des_encrypt3
+#undef des_decrypt3
+#define des_encrypt des_encrypt_u16_risc1_idx
+#define des_encrypt2 des_encrypt2_u16_risc1_idx
+#define des_encrypt3 des_encrypt3_u16_risc1_idx
+#define des_decrypt3 des_decrypt3_u16_risc1_idx
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#define DES_UNROLL
+#undef DES_RISC1
+#define DES_RISC2
+#undef DES_PTR
+#undef D_ENCRYPT
+#undef des_encrypt
+#undef des_encrypt2
+#undef des_encrypt3
+#undef des_decrypt3
+#define des_encrypt des_encrypt_u16_risc2_idx
+#define des_encrypt2 des_encrypt2_u16_risc2_idx
+#define des_encrypt3 des_encrypt3_u16_risc2_idx
+#define des_decrypt3 des_decrypt3_u16_risc2_idx
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#endif
+
+#ifdef PART3
+
+#undef DES_UNROLL
+#undef DES_RISC1
+#undef DES_RISC2
+#define DES_PTR
+#undef D_ENCRYPT
+#undef des_encrypt
+#undef des_encrypt2
+#undef des_encrypt3
+#undef des_decrypt3
+#define des_encrypt des_encrypt_u4_cisc_ptr
+#define des_encrypt2 des_encrypt2_u4_cisc_ptr
+#define des_encrypt3 des_encrypt3_u4_cisc_ptr
+#define des_decrypt3 des_decrypt3_u4_cisc_ptr
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#define DES_UNROLL
+#undef DES_RISC1
+#undef DES_RISC2
+#define DES_PTR
+#undef D_ENCRYPT
+#undef des_encrypt
+#undef des_encrypt2
+#undef des_encrypt3
+#undef des_decrypt3
+#define des_encrypt des_encrypt_u16_cisc_ptr
+#define des_encrypt2 des_encrypt2_u16_cisc_ptr
+#define des_encrypt3 des_encrypt3_u16_cisc_ptr
+#define des_decrypt3 des_decrypt3_u16_cisc_ptr
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#undef DES_UNROLL
+#define DES_RISC1
+#undef DES_RISC2
+#define DES_PTR
+#undef D_ENCRYPT
+#undef des_encrypt
+#undef des_encrypt2
+#undef des_encrypt3
+#undef des_decrypt3
+#define des_encrypt des_encrypt_u4_risc1_ptr
+#define des_encrypt2 des_encrypt2_u4_risc1_ptr
+#define des_encrypt3 des_encrypt3_u4_risc1_ptr
+#define des_decrypt3 des_decrypt3_u4_risc1_ptr
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#endif
+
+#ifdef PART4
+
+#undef DES_UNROLL
+#undef DES_RISC1
+#define DES_RISC2
+#define DES_PTR
+#undef D_ENCRYPT
+#undef des_encrypt
+#undef des_encrypt2
+#undef des_encrypt3
+#undef des_decrypt3
+#define des_encrypt des_encrypt_u4_risc2_ptr
+#define des_encrypt2 des_encrypt2_u4_risc2_ptr
+#define des_encrypt3 des_encrypt3_u4_risc2_ptr
+#define des_decrypt3 des_decrypt3_u4_risc2_ptr
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#define DES_UNROLL
+#define DES_RISC1
+#undef DES_RISC2
+#define DES_PTR
+#undef D_ENCRYPT
+#undef des_encrypt
+#undef des_encrypt2
+#undef des_encrypt3
+#undef des_decrypt3
+#define des_encrypt des_encrypt_u16_risc1_ptr
+#define des_encrypt2 des_encrypt2_u16_risc1_ptr
+#define des_encrypt3 des_encrypt3_u16_risc1_ptr
+#define des_decrypt3 des_decrypt3_u16_risc1_ptr
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#define DES_UNROLL
+#undef DES_RISC1
+#define DES_RISC2
+#define DES_PTR
+#undef D_ENCRYPT
+#undef des_encrypt
+#undef des_encrypt2
+#undef des_encrypt3
+#undef des_decrypt3
+#define des_encrypt des_encrypt_u16_risc2_ptr
+#define des_encrypt2 des_encrypt2_u16_risc2_ptr
+#define des_encrypt3 des_encrypt3_u16_risc2_ptr
+#define des_decrypt3 des_decrypt3_u16_risc2_ptr
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#endif
+
+/* The following if from times(3) man page. It may need to be changed */
+#ifndef HZ
+# ifndef CLK_TCK
+# ifndef _BSD_CLK_TCK_ /* FreeBSD fix */
+# ifndef VMS
+# define HZ 100.0
+# else /* VMS */
+# define HZ 100.0
+# endif
+# else /* _BSD_CLK_TCK_ */
+# define HZ ((double)_BSD_CLK_TCK_)
+# endif
+# else /* CLK_TCK */
+# define HZ ((double)CLK_TCK)
+# endif
+#endif
+
+#define BUFSIZE ((long)1024)
+long run=0;
+
+#ifndef NOPROTO
+double Time_F(int s);
+#else
+double Time_F();
+#endif
+
+#ifdef SIGALRM
+#if defined(__STDC__) || defined(sgi)
+#define SIGRETTYPE void
+#else
+#define SIGRETTYPE int
+#endif
+
+#ifndef NOPROTO
+SIGRETTYPE sig_done(int sig);
+#else
+SIGRETTYPE sig_done();
+#endif
+
+SIGRETTYPE sig_done(sig)
+int sig;
+ {
+ signal(SIGALRM,sig_done);
+ run=0;
+#ifdef LINT
+ sig=sig;
+#endif
+ }
+#endif
+
+#define START 0
+#define STOP 1
+
+double Time_F(s)
+int s;
+ {
+ double ret;
+#ifdef TIMES
+ static struct tms tstart,tend;
+
+ if (s == START)
+ {
+ times(&tstart);
+ return(0);
+ }
+ else
+ {
+ times(&tend);
+ ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
+ return((ret == 0.0)?1e-6:ret);
+ }
+#else /* !times() */
+ static struct timeb tstart,tend;
+ long i;
+
+ if (s == START)
+ {
+ ftime(&tstart);
+ return(0);
+ }
+ else
+ {
+ ftime(&tend);
+ i=(long)tend.millitm-(long)tstart.millitm;
+ ret=((double)(tend.time-tstart.time))+((double)i)/1000.0;
+ return((ret == 0.0)?1e-6:ret);
+ }
+#endif
+ }
+
+#ifdef SIGALRM
+#define print_name(name) fprintf(stderr,"Doing %s's for 10 seconds\n",name); alarm(10);
+#else
+#define print_name(name) fprintf(stderr,"Doing %s %ld times\n",name,cb);
+#endif
+
+#define time_it(func,name,index) \
+ print_name(name); \
+ Time_F(START); \
+ for (count=0,run=1; COND(cb); count++) \
+ { \
+ unsigned long d[2]; \
+ func(d,&(sch[0]),DES_ENCRYPT); \
+ } \
+ tm[index]=Time_F(STOP); \
+ fprintf(stderr,"%ld %s's in %.2f second\n",count,name,tm[index]); \
+ tm[index]=((double)COUNT(cb))/tm[index];
+
+#define print_it(name,index) \
+ fprintf(stderr,"%s bytes per sec = %12.2f (%5.1fuS)\n",name, \
+ tm[index]*8,1.0e6/tm[index]);
+
+int main(argc,argv)
+int argc;
+char **argv;
+ {
+ long count;
+ static unsigned char buf[BUFSIZE];
+ static des_cblock key ={0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0};
+ static des_cblock key2={0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12};
+ static des_cblock key3={0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34};
+ des_key_schedule sch,sch2,sch3;
+ double d,tm[16],max=0;
+ int rank[16];
+ char *str[16];
+ int max_idx=0,i,num=0,j;
+#ifndef SIGALARM
+ long ca,cb,cc,cd,ce;
+#endif
+
+ for (i=0; i<12; i++)
+ {
+ tm[i]=0.0;
+ rank[i]=0;
+ }
+
+#ifndef TIMES
+ fprintf(stderr,"To get the most acurate results, try to run this\n");
+ fprintf(stderr,"program when this computer is idle.\n");
+#endif
+
+ des_set_key((C_Block *)key,sch);
+ des_set_key((C_Block *)key2,sch2);
+ des_set_key((C_Block *)key3,sch3);
+
+#ifndef SIGALRM
+ fprintf(stderr,"First we calculate the approximate speed ...\n");
+ des_set_key((C_Block *)key,sch);
+ count=10;
+ do {
+ long i;
+ unsigned long data[2];
+
+ count*=2;
+ Time_F(START);
+ for (i=count; i; i--)
+ des_encrypt(data,&(sch[0]),DES_ENCRYPT);
+ d=Time_F(STOP);
+ } while (d < 3.0);
+ ca=count;
+ cb=count*3;
+ cc=count*3*8/BUFSIZE+1;
+ cd=count*8/BUFSIZE+1;
+
+ ce=count/20+1;
+#define COND(d) (count != (d))
+#define COUNT(d) (d)
+#else
+#define COND(c) (run)
+#define COUNT(d) (count)
+ signal(SIGALRM,sig_done);
+ alarm(10);
+#endif
+
+#ifdef PART1
+ time_it(des_encrypt_u4_cisc_idx, "des_encrypt_u4_cisc_idx ", 0);
+ time_it(des_encrypt_u16_cisc_idx, "des_encrypt_u16_cisc_idx ", 1);
+ time_it(des_encrypt_u4_risc1_idx, "des_encrypt_u4_risc1_idx ", 2);
+ num+=3;
+#endif
+#ifdef PART2
+ time_it(des_encrypt_u16_risc1_idx,"des_encrypt_u16_risc1_idx", 3);
+ time_it(des_encrypt_u4_risc2_idx, "des_encrypt_u4_risc2_idx ", 4);
+ time_it(des_encrypt_u16_risc2_idx,"des_encrypt_u16_risc2_idx", 5);
+ num+=3;
+#endif
+#ifdef PART3
+ time_it(des_encrypt_u4_cisc_ptr, "des_encrypt_u4_cisc_ptr ", 6);
+ time_it(des_encrypt_u16_cisc_ptr, "des_encrypt_u16_cisc_ptr ", 7);
+ time_it(des_encrypt_u4_risc1_ptr, "des_encrypt_u4_risc1_ptr ", 8);
+ num+=3;
+#endif
+#ifdef PART4
+ time_it(des_encrypt_u16_risc1_ptr,"des_encrypt_u16_risc1_ptr", 9);
+ time_it(des_encrypt_u4_risc2_ptr, "des_encrypt_u4_risc2_ptr ",10);
+ time_it(des_encrypt_u16_risc2_ptr,"des_encrypt_u16_risc2_ptr",11);
+ num+=3;
+#endif
+
+#ifdef PART1
+ str[0]=" 4 c i";
+ print_it("des_encrypt_u4_cisc_idx ",0);
+ max=tm[0];
+ max_idx=0;
+ str[1]="16 c i";
+ print_it("des_encrypt_u16_cisc_idx ",1);
+ if (max < tm[1]) { max=tm[1]; max_idx=1; }
+ str[2]=" 4 r1 i";
+ print_it("des_encrypt_u4_risc1_idx ",2);
+ if (max < tm[2]) { max=tm[2]; max_idx=2; }
+#endif
+#ifdef PART2
+ str[3]="16 r1 i";
+ print_it("des_encrypt_u16_risc1_idx",3);
+ if (max < tm[3]) { max=tm[3]; max_idx=3; }
+ str[4]=" 4 r2 i";
+ print_it("des_encrypt_u4_risc2_idx ",4);
+ if (max < tm[4]) { max=tm[4]; max_idx=4; }
+ str[5]="16 r2 i";
+ print_it("des_encrypt_u16_risc2_idx",5);
+ if (max < tm[5]) { max=tm[5]; max_idx=5; }
+#endif
+#ifdef PART3
+ str[6]=" 4 c p";
+ print_it("des_encrypt_u4_cisc_ptr ",6);
+ if (max < tm[6]) { max=tm[6]; max_idx=6; }
+ str[7]="16 c p";
+ print_it("des_encrypt_u16_cisc_ptr ",7);
+ if (max < tm[7]) { max=tm[7]; max_idx=7; }
+ str[8]=" 4 r1 p";
+ print_it("des_encrypt_u4_risc1_ptr ",8);
+ if (max < tm[8]) { max=tm[8]; max_idx=8; }
+#endif
+#ifdef PART4
+ str[9]="16 r1 p";
+ print_it("des_encrypt_u16_risc1_ptr",9);
+ if (max < tm[9]) { max=tm[9]; max_idx=9; }
+ str[10]=" 4 r2 p";
+ print_it("des_encrypt_u4_risc2_ptr ",10);
+ if (max < tm[10]) { max=tm[10]; max_idx=10; }
+ str[11]="16 r2 p";
+ print_it("des_encrypt_u16_risc2_ptr",11);
+ if (max < tm[11]) { max=tm[11]; max_idx=11; }
+#endif
+ printf("options des ecb/s\n");
+ printf("%s %12.2f 100.0%%\n",str[max_idx],tm[max_idx]);
+ d=tm[max_idx];
+ tm[max_idx]= -2.0;
+ max= -1.0;
+ for (;;)
+ {
+ for (i=0; i<12; i++)
+ {
+ if (max < tm[i]) { max=tm[i]; j=i; }
+ }
+ if (max < 0.0) break;
+ printf("%s %12.2f %4.1f%%\n",str[j],tm[j],tm[j]/d*100.0);
+ tm[j]= -2.0;
+ max= -1.0;
+ }
+
+ switch (max_idx)
+ {
+ case 0:
+ printf("-DDES_DEFAULT_OPTIONS\n");
+ break;
+ case 1:
+ printf("-DDES_UNROLL\n");
+ break;
+ case 2:
+ printf("-DDES_RISC1\n");
+ break;
+ case 3:
+ printf("-DDES_UNROLL -DDES_RISC1\n");
+ break;
+ case 4:
+ printf("-DDES_RISC2\n");
+ break;
+ case 5:
+ printf("-DDES_UNROLL -DDES_RISC2\n");
+ break;
+ case 6:
+ printf("-DDES_PTR\n");
+ break;
+ case 7:
+ printf("-DDES_UNROLL -DDES_PTR\n");
+ break;
+ case 8:
+ printf("-DDES_RISC1 -DDES_PTR\n");
+ break;
+ case 9:
+ printf("-DDES_UNROLL -DDES_RISC1 -DDES_PTR\n");
+ break;
+ case 10:
+ printf("-DDES_RISC2 -DDES_PTR\n");
+ break;
+ case 11:
+ printf("-DDES_UNROLL -DDES_RISC2 -DDES_PTR\n");
+ break;
+ }
+ exit(0);
+#if defined(LINT) || defined(MSDOS)
+ return(0);
+#endif
+ }
diff --git a/src/lib/libcrypto/des/des_ver.h b/src/lib/libcrypto/des/des_ver.h
new file mode 100644
index 0000000000..7041a9271d
--- /dev/null
+++ b/src/lib/libcrypto/des/des_ver.h
@@ -0,0 +1,60 @@
+/* crypto/des/des_ver.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+extern char *DES_version; /* SSLeay version string */
+extern char *libdes_version; /* old libdes version string */
diff --git a/src/lib/libcrypto/des/dess.cpp b/src/lib/libcrypto/des/dess.cpp
new file mode 100644
index 0000000000..7fb5987314
--- /dev/null
+++ b/src/lib/libcrypto/des/dess.cpp
@@ -0,0 +1,67 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+ asm volatile(".byte 15, 49\n\t"
+ : "=eax" (tsc)
+ :
+ : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+ unsigned long a;
+ __asm _emit 0fh
+ __asm _emit 31h
+ __asm mov a, eax;
+ tsc=a;
+}
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "des.h"
+
+void main(int argc,char *argv[])
+ {
+ des_key_schedule key;
+ unsigned long s1,s2,e1,e2;
+ unsigned long data[2];
+ int i,j;
+
+ for (j=0; j<6; j++)
+ {
+ for (i=0; i<1000; i++) /**/
+ {
+ des_encrypt(&data[0],key,1);
+ GetTSC(s1);
+ des_encrypt(&data[0],key,1);
+ des_encrypt(&data[0],key,1);
+ des_encrypt(&data[0],key,1);
+ GetTSC(e1);
+ GetTSC(s2);
+ des_encrypt(&data[0],key,1);
+ des_encrypt(&data[0],key,1);
+ des_encrypt(&data[0],key,1);
+ des_encrypt(&data[0],key,1);
+ GetTSC(e2);
+ des_encrypt(&data[0],key,1);
+ }
+
+ printf("des %d %d (%d)\n",
+ e1-s1,e2-s2,((e2-s2)-(e1-s1)));
+ }
+ }
+
diff --git a/src/lib/libcrypto/des/destest.c b/src/lib/libcrypto/des/destest.c
new file mode 100644
index 0000000000..620c13ba6f
--- /dev/null
+++ b/src/lib/libcrypto/des/destest.c
@@ -0,0 +1,882 @@
+/* crypto/des/destest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#if defined(WIN32) || defined(WIN16) || defined(WINDOWS)
+#ifndef MSDOS
+#define MSDOS
+#endif
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#ifndef MSDOS
+#include <unistd.h>
+#else
+#include <io.h>
+#endif
+#include <string.h>
+#include "des.h"
+
+/* tisk tisk - the test keys don't all have odd parity :-( */
+/* test data */
+#define NUM_TESTS 34
+static unsigned char key_data[NUM_TESTS][8]={
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
+ {0x30,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11},
+ {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+ {0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11},
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10},
+ {0x7C,0xA1,0x10,0x45,0x4A,0x1A,0x6E,0x57},
+ {0x01,0x31,0xD9,0x61,0x9D,0xC1,0x37,0x6E},
+ {0x07,0xA1,0x13,0x3E,0x4A,0x0B,0x26,0x86},
+ {0x38,0x49,0x67,0x4C,0x26,0x02,0x31,0x9E},
+ {0x04,0xB9,0x15,0xBA,0x43,0xFE,0xB5,0xB6},
+ {0x01,0x13,0xB9,0x70,0xFD,0x34,0xF2,0xCE},
+ {0x01,0x70,0xF1,0x75,0x46,0x8F,0xB5,0xE6},
+ {0x43,0x29,0x7F,0xAD,0x38,0xE3,0x73,0xFE},
+ {0x07,0xA7,0x13,0x70,0x45,0xDA,0x2A,0x16},
+ {0x04,0x68,0x91,0x04,0xC2,0xFD,0x3B,0x2F},
+ {0x37,0xD0,0x6B,0xB5,0x16,0xCB,0x75,0x46},
+ {0x1F,0x08,0x26,0x0D,0x1A,0xC2,0x46,0x5E},
+ {0x58,0x40,0x23,0x64,0x1A,0xBA,0x61,0x76},
+ {0x02,0x58,0x16,0x16,0x46,0x29,0xB0,0x07},
+ {0x49,0x79,0x3E,0xBC,0x79,0xB3,0x25,0x8F},
+ {0x4F,0xB0,0x5E,0x15,0x15,0xAB,0x73,0xA7},
+ {0x49,0xE9,0x5D,0x6D,0x4C,0xA2,0x29,0xBF},
+ {0x01,0x83,0x10,0xDC,0x40,0x9B,0x26,0xD6},
+ {0x1C,0x58,0x7F,0x1C,0x13,0x92,0x4F,0xEF},
+ {0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01},
+ {0x1F,0x1F,0x1F,0x1F,0x0E,0x0E,0x0E,0x0E},
+ {0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1,0xFE},
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
+ {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+ {0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10}};
+
+static unsigned char plain_data[NUM_TESTS][8]={
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
+ {0x10,0x00,0x00,0x00,0x00,0x00,0x00,0x01},
+ {0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11},
+ {0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11},
+ {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+ {0x01,0xA1,0xD6,0xD0,0x39,0x77,0x67,0x42},
+ {0x5C,0xD5,0x4C,0xA8,0x3D,0xEF,0x57,0xDA},
+ {0x02,0x48,0xD4,0x38,0x06,0xF6,0x71,0x72},
+ {0x51,0x45,0x4B,0x58,0x2D,0xDF,0x44,0x0A},
+ {0x42,0xFD,0x44,0x30,0x59,0x57,0x7F,0xA2},
+ {0x05,0x9B,0x5E,0x08,0x51,0xCF,0x14,0x3A},
+ {0x07,0x56,0xD8,0xE0,0x77,0x47,0x61,0xD2},
+ {0x76,0x25,0x14,0xB8,0x29,0xBF,0x48,0x6A},
+ {0x3B,0xDD,0x11,0x90,0x49,0x37,0x28,0x02},
+ {0x26,0x95,0x5F,0x68,0x35,0xAF,0x60,0x9A},
+ {0x16,0x4D,0x5E,0x40,0x4F,0x27,0x52,0x32},
+ {0x6B,0x05,0x6E,0x18,0x75,0x9F,0x5C,0xCA},
+ {0x00,0x4B,0xD6,0xEF,0x09,0x17,0x60,0x62},
+ {0x48,0x0D,0x39,0x00,0x6E,0xE7,0x62,0xF2},
+ {0x43,0x75,0x40,0xC8,0x69,0x8F,0x3C,0xFA},
+ {0x07,0x2D,0x43,0xA0,0x77,0x07,0x52,0x92},
+ {0x02,0xFE,0x55,0x77,0x81,0x17,0xF1,0x2A},
+ {0x1D,0x9D,0x5C,0x50,0x18,0xF7,0x28,0xC2},
+ {0x30,0x55,0x32,0x28,0x6D,0x6F,0x29,0x5A},
+ {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+ {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+ {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+ {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF}};
+
+static unsigned char cipher_data[NUM_TESTS][8]={
+ {0x8C,0xA6,0x4D,0xE9,0xC1,0xB1,0x23,0xA7},
+ {0x73,0x59,0xB2,0x16,0x3E,0x4E,0xDC,0x58},
+ {0x95,0x8E,0x6E,0x62,0x7A,0x05,0x55,0x7B},
+ {0xF4,0x03,0x79,0xAB,0x9E,0x0E,0xC5,0x33},
+ {0x17,0x66,0x8D,0xFC,0x72,0x92,0x53,0x2D},
+ {0x8A,0x5A,0xE1,0xF8,0x1A,0xB8,0xF2,0xDD},
+ {0x8C,0xA6,0x4D,0xE9,0xC1,0xB1,0x23,0xA7},
+ {0xED,0x39,0xD9,0x50,0xFA,0x74,0xBC,0xC4},
+ {0x69,0x0F,0x5B,0x0D,0x9A,0x26,0x93,0x9B},
+ {0x7A,0x38,0x9D,0x10,0x35,0x4B,0xD2,0x71},
+ {0x86,0x8E,0xBB,0x51,0xCA,0xB4,0x59,0x9A},
+ {0x71,0x78,0x87,0x6E,0x01,0xF1,0x9B,0x2A},
+ {0xAF,0x37,0xFB,0x42,0x1F,0x8C,0x40,0x95},
+ {0x86,0xA5,0x60,0xF1,0x0E,0xC6,0xD8,0x5B},
+ {0x0C,0xD3,0xDA,0x02,0x00,0x21,0xDC,0x09},
+ {0xEA,0x67,0x6B,0x2C,0xB7,0xDB,0x2B,0x7A},
+ {0xDF,0xD6,0x4A,0x81,0x5C,0xAF,0x1A,0x0F},
+ {0x5C,0x51,0x3C,0x9C,0x48,0x86,0xC0,0x88},
+ {0x0A,0x2A,0xEE,0xAE,0x3F,0xF4,0xAB,0x77},
+ {0xEF,0x1B,0xF0,0x3E,0x5D,0xFA,0x57,0x5A},
+ {0x88,0xBF,0x0D,0xB6,0xD7,0x0D,0xEE,0x56},
+ {0xA1,0xF9,0x91,0x55,0x41,0x02,0x0B,0x56},
+ {0x6F,0xBF,0x1C,0xAF,0xCF,0xFD,0x05,0x56},
+ {0x2F,0x22,0xE4,0x9B,0xAB,0x7C,0xA1,0xAC},
+ {0x5A,0x6B,0x61,0x2C,0xC2,0x6C,0xCE,0x4A},
+ {0x5F,0x4C,0x03,0x8E,0xD1,0x2B,0x2E,0x41},
+ {0x63,0xFA,0xC0,0xD0,0x34,0xD9,0xF7,0x93},
+ {0x61,0x7B,0x3A,0x0C,0xE8,0xF0,0x71,0x00},
+ {0xDB,0x95,0x86,0x05,0xF8,0xC8,0xC6,0x06},
+ {0xED,0xBF,0xD1,0xC6,0x6C,0x29,0xCC,0xC7},
+ {0x35,0x55,0x50,0xB2,0x15,0x0E,0x24,0x51},
+ {0xCA,0xAA,0xAF,0x4D,0xEA,0xF1,0xDB,0xAE},
+ {0xD5,0xD4,0x4F,0xF7,0x20,0x68,0x3D,0x0D},
+ {0x2A,0x2B,0xB0,0x08,0xDF,0x97,0xC2,0xF2}};
+
+static unsigned char cipher_ecb2[NUM_TESTS-1][8]={
+ {0x92,0x95,0xB5,0x9B,0xB3,0x84,0x73,0x6E},
+ {0x19,0x9E,0x9D,0x6D,0xF3,0x9A,0xA8,0x16},
+ {0x2A,0x4B,0x4D,0x24,0x52,0x43,0x84,0x27},
+ {0x35,0x84,0x3C,0x01,0x9D,0x18,0xC5,0xB6},
+ {0x4A,0x5B,0x2F,0x42,0xAA,0x77,0x19,0x25},
+ {0xA0,0x6B,0xA9,0xB8,0xCA,0x5B,0x17,0x8A},
+ {0xAB,0x9D,0xB7,0xFB,0xED,0x95,0xF2,0x74},
+ {0x3D,0x25,0x6C,0x23,0xA7,0x25,0x2F,0xD6},
+ {0xB7,0x6F,0xAB,0x4F,0xBD,0xBD,0xB7,0x67},
+ {0x8F,0x68,0x27,0xD6,0x9C,0xF4,0x1A,0x10},
+ {0x82,0x57,0xA1,0xD6,0x50,0x5E,0x81,0x85},
+ {0xA2,0x0F,0x0A,0xCD,0x80,0x89,0x7D,0xFA},
+ {0xCD,0x2A,0x53,0x3A,0xDB,0x0D,0x7E,0xF3},
+ {0xD2,0xC2,0xBE,0x27,0xE8,0x1B,0x68,0xE3},
+ {0xE9,0x24,0xCF,0x4F,0x89,0x3C,0x5B,0x0A},
+ {0xA7,0x18,0xC3,0x9F,0xFA,0x9F,0xD7,0x69},
+ {0x77,0x2C,0x79,0xB1,0xD2,0x31,0x7E,0xB1},
+ {0x49,0xAB,0x92,0x7F,0xD0,0x22,0x00,0xB7},
+ {0xCE,0x1C,0x6C,0x7D,0x85,0xE3,0x4A,0x6F},
+ {0xBE,0x91,0xD6,0xE1,0x27,0xB2,0xE9,0x87},
+ {0x70,0x28,0xAE,0x8F,0xD1,0xF5,0x74,0x1A},
+ {0xAA,0x37,0x80,0xBB,0xF3,0x22,0x1D,0xDE},
+ {0xA6,0xC4,0xD2,0x5E,0x28,0x93,0xAC,0xB3},
+ {0x22,0x07,0x81,0x5A,0xE4,0xB7,0x1A,0xAD},
+ {0xDC,0xCE,0x05,0xE7,0x07,0xBD,0xF5,0x84},
+ {0x26,0x1D,0x39,0x2C,0xB3,0xBA,0xA5,0x85},
+ {0xB4,0xF7,0x0F,0x72,0xFB,0x04,0xF0,0xDC},
+ {0x95,0xBA,0xA9,0x4E,0x87,0x36,0xF2,0x89},
+ {0xD4,0x07,0x3A,0xF1,0x5A,0x17,0x82,0x0E},
+ {0xEF,0x6F,0xAF,0xA7,0x66,0x1A,0x7E,0x89},
+ {0xC1,0x97,0xF5,0x58,0x74,0x8A,0x20,0xE7},
+ {0x43,0x34,0xCF,0xDA,0x22,0xC4,0x86,0xC8},
+ {0x08,0xD7,0xB4,0xFB,0x62,0x9D,0x08,0x85}};
+
+static unsigned char cbc_key [8]={0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef};
+static unsigned char cbc2_key[8]={0xf0,0xe1,0xd2,0xc3,0xb4,0xa5,0x96,0x87};
+static unsigned char cbc3_key[8]={0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10};
+static unsigned char cbc_iv [8]={0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10};
+/* Changed the following text constant to binary so it will work on ebcdic
+ * machines :-) */
+/* static char cbc_data[40]="7654321 Now is the time for \0001"; */
+static char cbc_data[40]={
+ 0x37,0x36,0x35,0x34,0x33,0x32,0x31,0x20,
+ 0x4E,0x6F,0x77,0x20,0x69,0x73,0x20,0x74,
+ 0x68,0x65,0x20,0x74,0x69,0x6D,0x65,0x20,
+ 0x66,0x6F,0x72,0x20,0x00,0x31,0x00,0x00,
+ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+ };
+
+static unsigned char cbc_ok[32]={
+ 0xcc,0xd1,0x73,0xff,0xab,0x20,0x39,0xf4,
+ 0xac,0xd8,0xae,0xfd,0xdf,0xd8,0xa1,0xeb,
+ 0x46,0x8e,0x91,0x15,0x78,0x88,0xba,0x68,
+ 0x1d,0x26,0x93,0x97,0xf7,0xfe,0x62,0xb4};
+
+static unsigned char xcbc_ok[32]={
+ 0x86,0x74,0x81,0x0D,0x61,0xA4,0xA5,0x48,
+ 0xB9,0x93,0x03,0xE1,0xB8,0xBB,0xBD,0xBD,
+ 0x64,0x30,0x0B,0xB9,0x06,0x65,0x81,0x76,
+ 0x04,0x1D,0x77,0x62,0x17,0xCA,0x2B,0xD2,
+ };
+
+static unsigned char cbc3_ok[32]={
+ 0x3F,0xE3,0x01,0xC9,0x62,0xAC,0x01,0xD0,
+ 0x22,0x13,0x76,0x3C,0x1C,0xBD,0x4C,0xDC,
+ 0x79,0x96,0x57,0xC0,0x64,0xEC,0xF5,0xD4,
+ 0x1C,0x67,0x38,0x12,0xCF,0xDE,0x96,0x75};
+
+static unsigned char pcbc_ok[32]={
+ 0xcc,0xd1,0x73,0xff,0xab,0x20,0x39,0xf4,
+ 0x6d,0xec,0xb4,0x70,0xa0,0xe5,0x6b,0x15,
+ 0xae,0xa6,0xbf,0x61,0xed,0x7d,0x9c,0x9f,
+ 0xf7,0x17,0x46,0x3b,0x8a,0xb3,0xcc,0x88};
+
+static unsigned char cfb_key[8]={0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef};
+static unsigned char cfb_iv[8]={0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef};
+static unsigned char cfb_buf1[40],cfb_buf2[40],cfb_tmp[8];
+static unsigned char plain[24]=
+ {
+ 0x4e,0x6f,0x77,0x20,0x69,0x73,
+ 0x20,0x74,0x68,0x65,0x20,0x74,
+ 0x69,0x6d,0x65,0x20,0x66,0x6f,
+ 0x72,0x20,0x61,0x6c,0x6c,0x20
+ };
+static unsigned char cfb_cipher8[24]= {
+ 0xf3,0x1f,0xda,0x07,0x01,0x14, 0x62,0xee,0x18,0x7f,0x43,0xd8,
+ 0x0a,0x7c,0xd9,0xb5,0xb0,0xd2, 0x90,0xda,0x6e,0x5b,0x9a,0x87 };
+static unsigned char cfb_cipher16[24]={
+ 0xF3,0x09,0x87,0x87,0x7F,0x57, 0xF7,0x3C,0x36,0xB6,0xDB,0x70,
+ 0xD8,0xD5,0x34,0x19,0xD3,0x86, 0xB2,0x23,0xB7,0xB2,0xAD,0x1B };
+static unsigned char cfb_cipher32[24]={
+ 0xF3,0x09,0x62,0x49,0xA4,0xDF, 0xA4,0x9F,0x33,0xDC,0x7B,0xAD,
+ 0x4C,0xC8,0x9F,0x64,0xE4,0x53, 0xE5,0xEC,0x67,0x20,0xDA,0xB6 };
+static unsigned char cfb_cipher48[24]={
+ 0xF3,0x09,0x62,0x49,0xC7,0xF4, 0x30,0xB5,0x15,0xEC,0xBB,0x85,
+ 0x97,0x5A,0x13,0x8C,0x68,0x60, 0xE2,0x38,0x34,0x3C,0xDC,0x1F };
+static unsigned char cfb_cipher64[24]={
+ 0xF3,0x09,0x62,0x49,0xC7,0xF4, 0x6E,0x51,0xA6,0x9E,0x83,0x9B,
+ 0x1A,0x92,0xF7,0x84,0x03,0x46, 0x71,0x33,0x89,0x8E,0xA6,0x22 };
+
+static unsigned char ofb_key[8]={0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef};
+static unsigned char ofb_iv[8]={0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef};
+static unsigned char ofb_buf1[24],ofb_buf2[24],ofb_tmp[8];
+static unsigned char ofb_cipher[24]=
+ {
+ 0xf3,0x09,0x62,0x49,0xc7,0xf4,0x6e,0x51,
+ 0x35,0xf2,0x4a,0x24,0x2e,0xeb,0x3d,0x3f,
+ 0x3d,0x6d,0x5b,0xe3,0x25,0x5a,0xf8,0xc3
+ };
+
+DES_LONG cbc_cksum_ret=0xB462FEF7L;
+unsigned char cbc_cksum_data[8]={0x1D,0x26,0x93,0x97,0xf7,0xfe,0x62,0xb4};
+
+#ifndef NOPROTO
+static char *pt(unsigned char *p);
+static int cfb_test(int bits, unsigned char *cfb_cipher);
+static int cfb64_test(unsigned char *cfb_cipher);
+static int ede_cfb64_test(unsigned char *cfb_cipher);
+#else
+static char *pt();
+static int cfb_test();
+static int cfb64_test();
+static int ede_cfb64_test();
+#endif
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ int i,j,err=0;
+ des_cblock in,out,outin,iv3;
+ des_key_schedule ks,ks2,ks3;
+ unsigned char cbc_in[40];
+ unsigned char cbc_out[40];
+ DES_LONG cs;
+ unsigned char qret[4][4],cret[8];
+ DES_LONG lqret[4];
+ int num;
+ char *str;
+
+ printf("Doing ecb\n");
+ for (i=0; i<NUM_TESTS; i++)
+ {
+ if ((j=des_key_sched((C_Block *)(key_data[i]),ks)) != 0)
+ {
+ printf("Key error %2d:%d\n",i+1,j);
+ err=1;
+ }
+ memcpy(in,plain_data[i],8);
+ memset(out,0,8);
+ memset(outin,0,8);
+ des_ecb_encrypt((C_Block *)in,(C_Block *)out,ks,DES_ENCRYPT);
+ des_ecb_encrypt((C_Block *)out,(C_Block *)outin,ks,DES_DECRYPT);
+
+ if (memcmp(out,cipher_data[i],8) != 0)
+ {
+ printf("Encryption error %2d\nk=%s p=%s o=%s act=%s\n",
+ i+1,pt(key_data[i]),pt(in),pt(cipher_data[i]),
+ pt(out));
+ err=1;
+ }
+ if (memcmp(in,outin,8) != 0)
+ {
+ printf("Decryption error %2d\nk=%s p=%s o=%s act=%s\n",
+ i+1,pt(key_data[i]),pt(out),pt(in),pt(outin));
+ err=1;
+ }
+ }
+
+#ifndef LIBDES_LIT
+ printf("Doing ede ecb\n");
+ for (i=0; i<(NUM_TESTS-1); i++)
+ {
+ if ((j=des_key_sched((C_Block *)(key_data[i]),ks)) != 0)
+ {
+ err=1;
+ printf("Key error %2d:%d\n",i+1,j);
+ }
+ if ((j=des_key_sched((C_Block *)(key_data[i+1]),ks2)) != 0)
+ {
+ printf("Key error %2d:%d\n",i+2,j);
+ err=1;
+ }
+ if ((j=des_key_sched((C_Block *)(key_data[i+2]),ks3)) != 0)
+ {
+ printf("Key error %2d:%d\n",i+3,j);
+ err=1;
+ }
+ memcpy(in,plain_data[i],8);
+ memset(out,0,8);
+ memset(outin,0,8);
+ des_ecb2_encrypt((C_Block *)in,(C_Block *)out,ks,ks2,
+ DES_ENCRYPT);
+ des_ecb2_encrypt((C_Block *)out,(C_Block *)outin,ks,ks2,
+ DES_DECRYPT);
+
+ if (memcmp(out,cipher_ecb2[i],8) != 0)
+ {
+ printf("Encryption error %2d\nk=%s p=%s o=%s act=%s\n",
+ i+1,pt(key_data[i]),pt(in),pt(cipher_ecb2[i]),
+ pt(out));
+ err=1;
+ }
+ if (memcmp(in,outin,8) != 0)
+ {
+ printf("Decryption error %2d\nk=%s p=%s o=%s act=%s\n",
+ i+1,pt(key_data[i]),pt(out),pt(in),pt(outin));
+ err=1;
+ }
+ }
+#endif
+
+ printf("Doing cbc\n");
+ if ((j=des_key_sched((C_Block *)cbc_key,ks)) != 0)
+ {
+ printf("Key error %d\n",j);
+ err=1;
+ }
+ memset(cbc_out,0,40);
+ memset(cbc_in,0,40);
+ memcpy(iv3,cbc_iv,sizeof(cbc_iv));
+ des_ncbc_encrypt((C_Block *)cbc_data,(C_Block *)cbc_out,
+ (long)strlen((char *)cbc_data)+1,ks,
+ (C_Block *)iv3,DES_ENCRYPT);
+ if (memcmp(cbc_out,cbc_ok,32) != 0)
+ printf("cbc_encrypt encrypt error\n");
+
+ memcpy(iv3,cbc_iv,sizeof(cbc_iv));
+ des_ncbc_encrypt((C_Block *)cbc_out,(C_Block *)cbc_in,
+ (long)strlen((char *)cbc_data)+1,ks,
+ (C_Block *)iv3,DES_DECRYPT);
+ if (memcmp(cbc_in,cbc_data,strlen((char *)cbc_data)) != 0)
+ {
+ printf("cbc_encrypt decrypt error\n");
+ err=1;
+ }
+
+#ifndef LIBDES_LIT
+ printf("Doing desx cbc\n");
+ if ((j=des_key_sched((C_Block *)cbc_key,ks)) != 0)
+ {
+ printf("Key error %d\n",j);
+ err=1;
+ }
+ memset(cbc_out,0,40);
+ memset(cbc_in,0,40);
+ memcpy(iv3,cbc_iv,sizeof(cbc_iv));
+ des_xcbc_encrypt((C_Block *)cbc_data,(C_Block *)cbc_out,
+ (long)strlen((char *)cbc_data)+1,ks,
+ (C_Block *)iv3,
+ (C_Block *)cbc2_key, (C_Block *)cbc3_key, DES_ENCRYPT);
+ if (memcmp(cbc_out,xcbc_ok,32) != 0)
+ {
+ printf("des_xcbc_encrypt encrypt error\n");
+ }
+ memcpy(iv3,cbc_iv,sizeof(cbc_iv));
+ des_xcbc_encrypt((C_Block *)cbc_out,(C_Block *)cbc_in,
+ (long)strlen((char *)cbc_data)+1,ks,
+ (C_Block *)iv3,
+ (C_Block *)cbc2_key, (C_Block *)cbc3_key, DES_DECRYPT);
+ if (memcmp(cbc_in,cbc_data,strlen((char *)cbc_data)+1) != 0)
+ {
+ printf("des_xcbc_encrypt decrypt error\n");
+ err=1;
+ }
+#endif
+
+ printf("Doing ede cbc\n");
+ if ((j=des_key_sched((C_Block *)cbc_key,ks)) != 0)
+ {
+ printf("Key error %d\n",j);
+ err=1;
+ }
+ if ((j=des_key_sched((C_Block *)cbc2_key,ks2)) != 0)
+ {
+ printf("Key error %d\n",j);
+ err=1;
+ }
+ if ((j=des_key_sched((C_Block *)cbc3_key,ks3)) != 0)
+ {
+ printf("Key error %d\n",j);
+ err=1;
+ }
+ memset(cbc_out,0,40);
+ memset(cbc_in,0,40);
+ i=strlen((char *)cbc_data)+1;
+ /* i=((i+7)/8)*8; */
+ memcpy(iv3,cbc_iv,sizeof(cbc_iv));
+
+ des_ede3_cbc_encrypt((C_Block *)cbc_data,(C_Block *)cbc_out,
+ 16L,ks,ks2,ks3,(C_Block *)iv3,DES_ENCRYPT);
+ des_ede3_cbc_encrypt((C_Block *)&(cbc_data[16]),
+ (C_Block *)&(cbc_out[16]),
+ (long)i-16,ks,ks2,ks3,(C_Block *)iv3,DES_ENCRYPT);
+ if (memcmp(cbc_out,cbc3_ok,
+ (unsigned int)(strlen((char *)cbc_data)+1+7)/8*8) != 0)
+ {
+ printf("des_ede3_cbc_encrypt encrypt error\n");
+ err=1;
+ }
+
+ memcpy(iv3,cbc_iv,sizeof(cbc_iv));
+ des_ede3_cbc_encrypt((C_Block *)cbc_out,(C_Block *)cbc_in,
+ (long)i,ks,ks2,ks3,(C_Block *)iv3,DES_DECRYPT);
+ if (memcmp(cbc_in,cbc_data,strlen(cbc_data)+1) != 0)
+ {
+ printf("des_ede3_cbc_encrypt decrypt error\n");
+ err=1;
+ }
+
+#ifndef LIBDES_LIT
+ printf("Doing pcbc\n");
+ if ((j=des_key_sched((C_Block *)cbc_key,ks)) != 0)
+ {
+ printf("Key error %d\n",j);
+ err=1;
+ }
+ memset(cbc_out,0,40);
+ memset(cbc_in,0,40);
+ des_pcbc_encrypt((C_Block *)cbc_data,(C_Block *)cbc_out,
+ (long)strlen(cbc_data)+1,ks,(C_Block *)cbc_iv,DES_ENCRYPT);
+ if (memcmp(cbc_out,pcbc_ok,32) != 0)
+ {
+ printf("pcbc_encrypt encrypt error\n");
+ err=1;
+ }
+ des_pcbc_encrypt((C_Block *)cbc_out,(C_Block *)cbc_in,
+ (long)strlen(cbc_data)+1,ks,(C_Block *)cbc_iv,DES_DECRYPT);
+ if (memcmp(cbc_in,cbc_data,strlen(cbc_data)+1) != 0)
+ {
+ printf("pcbc_encrypt decrypt error\n");
+ err=1;
+ }
+
+ printf("Doing ");
+ printf("cfb8 ");
+ err+=cfb_test(8,cfb_cipher8);
+ printf("cfb16 ");
+ err+=cfb_test(16,cfb_cipher16);
+ printf("cfb32 ");
+ err+=cfb_test(32,cfb_cipher32);
+ printf("cfb48 ");
+ err+=cfb_test(48,cfb_cipher48);
+ printf("cfb64 ");
+ err+=cfb_test(64,cfb_cipher64);
+
+ printf("cfb64() ");
+ err+=cfb64_test(cfb_cipher64);
+
+ memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
+ for (i=0; i<sizeof(plain); i++)
+ des_cfb_encrypt(&(plain[i]),&(cfb_buf1[i]),
+ 8,(long)1,ks,(C_Block *)cfb_tmp,DES_ENCRYPT);
+ if (memcmp(cfb_cipher8,cfb_buf1,sizeof(plain)) != 0)
+ {
+ printf("cfb_encrypt small encrypt error\n");
+ err=1;
+ }
+
+ memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
+ for (i=0; i<sizeof(plain); i++)
+ des_cfb_encrypt(&(cfb_buf1[i]),&(cfb_buf2[i]),
+ 8,(long)1,ks,(C_Block *)cfb_tmp,DES_DECRYPT);
+ if (memcmp(plain,cfb_buf2,sizeof(plain)) != 0)
+ {
+ printf("cfb_encrypt small decrypt error\n");
+ err=1;
+ }
+
+ printf("ede_cfb64() ");
+ err+=ede_cfb64_test(cfb_cipher64);
+
+ printf("done\n");
+
+ printf("Doing ofb\n");
+ des_key_sched((C_Block *)ofb_key,ks);
+ memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
+ des_ofb_encrypt(plain,ofb_buf1,64,(long)sizeof(plain)/8,ks,
+ (C_Block *)ofb_tmp);
+ if (memcmp(ofb_cipher,ofb_buf1,sizeof(ofb_buf1)) != 0)
+ {
+ printf("ofb_encrypt encrypt error\n");
+printf("%02X %02X %02X %02X %02X %02X %02X %02X\n",
+ofb_buf1[8+0], ofb_buf1[8+1], ofb_buf1[8+2], ofb_buf1[8+3],
+ofb_buf1[8+4], ofb_buf1[8+5], ofb_buf1[8+6], ofb_buf1[8+7]);
+printf("%02X %02X %02X %02X %02X %02X %02X %02X\n",
+ofb_buf1[8+0], ofb_cipher[8+1], ofb_cipher[8+2], ofb_cipher[8+3],
+ofb_buf1[8+4], ofb_cipher[8+5], ofb_cipher[8+6], ofb_cipher[8+7]);
+ err=1;
+ }
+ memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
+ des_ofb_encrypt(ofb_buf1,ofb_buf2,64,(long)sizeof(ofb_buf1)/8,ks,
+ (C_Block *)ofb_tmp);
+ if (memcmp(plain,ofb_buf2,sizeof(ofb_buf2)) != 0)
+ {
+ printf("ofb_encrypt decrypt error\n");
+printf("%02X %02X %02X %02X %02X %02X %02X %02X\n",
+ofb_buf2[8+0], ofb_buf2[8+1], ofb_buf2[8+2], ofb_buf2[8+3],
+ofb_buf2[8+4], ofb_buf2[8+5], ofb_buf2[8+6], ofb_buf2[8+7]);
+printf("%02X %02X %02X %02X %02X %02X %02X %02X\n",
+plain[8+0], plain[8+1], plain[8+2], plain[8+3],
+plain[8+4], plain[8+5], plain[8+6], plain[8+7]);
+ err=1;
+ }
+
+ printf("Doing ofb64\n");
+ des_key_sched((C_Block *)ofb_key,ks);
+ memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
+ memset(ofb_buf1,0,sizeof(ofb_buf1));
+ memset(ofb_buf2,0,sizeof(ofb_buf1));
+ num=0;
+ for (i=0; i<sizeof(plain); i++)
+ {
+ des_ofb64_encrypt(&(plain[i]),&(ofb_buf1[i]),1,ks,
+ (C_Block *)ofb_tmp,&num);
+ }
+ if (memcmp(ofb_cipher,ofb_buf1,sizeof(ofb_buf1)) != 0)
+ {
+ printf("ofb64_encrypt encrypt error\n");
+ err=1;
+ }
+ memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
+ num=0;
+ des_ofb64_encrypt(ofb_buf1,ofb_buf2,(long)sizeof(ofb_buf1),ks,
+ (C_Block *)ofb_tmp,&num);
+ if (memcmp(plain,ofb_buf2,sizeof(ofb_buf2)) != 0)
+ {
+ printf("ofb64_encrypt decrypt error\n");
+ err=1;
+ }
+
+ printf("Doing ede_ofb64\n");
+ des_key_sched((C_Block *)ofb_key,ks);
+ memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
+ memset(ofb_buf1,0,sizeof(ofb_buf1));
+ memset(ofb_buf2,0,sizeof(ofb_buf1));
+ num=0;
+ for (i=0; i<sizeof(plain); i++)
+ {
+ des_ede3_ofb64_encrypt(&(plain[i]),&(ofb_buf1[i]),1,ks,ks,ks,
+ (C_Block *)ofb_tmp,&num);
+ }
+ if (memcmp(ofb_cipher,ofb_buf1,sizeof(ofb_buf1)) != 0)
+ {
+ printf("ede_ofb64_encrypt encrypt error\n");
+ err=1;
+ }
+ memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
+ num=0;
+ des_ede3_ofb64_encrypt(ofb_buf1,ofb_buf2,(long)sizeof(ofb_buf1),ks,
+ ks,ks,(C_Block *)ofb_tmp,&num);
+ if (memcmp(plain,ofb_buf2,sizeof(ofb_buf2)) != 0)
+ {
+ printf("ede_ofb64_encrypt decrypt error\n");
+ err=1;
+ }
+
+ printf("Doing cbc_cksum\n");
+ des_key_sched((C_Block *)cbc_key,ks);
+ cs=des_cbc_cksum((C_Block *)cbc_data,(C_Block *)cret,
+ (long)strlen(cbc_data),ks,(C_Block *)cbc_iv);
+ if (cs != cbc_cksum_ret)
+ {
+ printf("bad return value (%08lX), should be %08lX\n",
+ (unsigned long)cs,(unsigned long)cbc_cksum_ret);
+ err=1;
+ }
+ if (memcmp(cret,cbc_cksum_data,8) != 0)
+ {
+ printf("bad cbc_cksum block returned\n");
+ err=1;
+ }
+
+ printf("Doing quad_cksum\n");
+ cs=quad_cksum((C_Block *)cbc_data,(C_Block *)qret,
+ (long)strlen(cbc_data),2,(C_Block *)cbc_iv);
+ j=sizeof(lqret[0])-4;
+ for (i=0; i<4; i++)
+ {
+ lqret[i]=0;
+ memcpy(&(lqret[i]),&(qret[i][0]),4);
+ if (j > 0) lqret[i]=lqret[i]>>(j*8); /* For Cray */
+ }
+ { /* Big-endian fix */
+ static DES_LONG l=1;
+ static unsigned char *c=(unsigned char *)&l;
+ DES_LONG ll;
+
+ if (!c[0])
+ {
+ ll=lqret[0]^lqret[3];
+ lqret[0]^=ll;
+ lqret[3]^=ll;
+ ll=lqret[1]^lqret[2];
+ lqret[1]^=ll;
+ lqret[2]^=ll;
+ }
+ }
+ if (cs != 0x70d7a63aL)
+ {
+ printf("quad_cksum error, ret %08lx should be 70d7a63a\n",
+ (unsigned long)cs);
+ err=1;
+ }
+ if (lqret[0] != 0x327eba8dL)
+ {
+ printf("quad_cksum error, out[0] %08lx is not %08lx\n",
+ (unsigned long)lqret[0],0x327eba8dL);
+ err=1;
+ }
+ if (lqret[1] != 0x201a49ccL)
+ {
+ printf("quad_cksum error, out[1] %08lx is not %08lx\n",
+ (unsigned long)lqret[1],0x201a49ccL);
+ err=1;
+ }
+ if (lqret[2] != 0x70d7a63aL)
+ {
+ printf("quad_cksum error, out[2] %08lx is not %08lx\n",
+ (unsigned long)lqret[2],0x70d7a63aL);
+ err=1;
+ }
+ if (lqret[3] != 0x501c2c26L)
+ {
+ printf("quad_cksum error, out[3] %08lx is not %08lx\n",
+ (unsigned long)lqret[3],0x501c2c26L);
+ err=1;
+ }
+#endif
+
+ printf("input word alignment test");
+ for (i=0; i<4; i++)
+ {
+ printf(" %d",i);
+ des_ncbc_encrypt((C_Block *)&(cbc_out[i]),(C_Block *)cbc_in,
+ (long)strlen(cbc_data)+1,ks,(C_Block *)cbc_iv,
+ DES_ENCRYPT);
+ }
+ printf("\noutput word alignment test");
+ for (i=0; i<4; i++)
+ {
+ printf(" %d",i);
+ des_ncbc_encrypt((C_Block *)cbc_out,(C_Block *)&(cbc_in[i]),
+ (long)strlen(cbc_data)+1,ks,(C_Block *)cbc_iv,
+ DES_ENCRYPT);
+ }
+ printf("\n");
+ printf("fast crypt test ");
+ str=crypt("testing","ef");
+ if (strcmp("efGnQx2725bI2",str) != 0)
+ {
+ printf("fast crypt error, %s should be efGnQx2725bI2\n",str);
+ err=1;
+ }
+ str=crypt("bca76;23","yA");
+ if (strcmp("yA1Rp/1hZXIJk",str) != 0)
+ {
+ printf("fast crypt error, %s should be yA1Rp/1hZXIJk\n",str);
+ err=1;
+ }
+ printf("\n");
+ exit(err);
+ return(0);
+ }
+
+static char *pt(p)
+unsigned char *p;
+ {
+ static char bufs[10][20];
+ static int bnum=0;
+ char *ret;
+ int i;
+ static char *f="0123456789ABCDEF";
+
+ ret= &(bufs[bnum++][0]);
+ bnum%=10;
+ for (i=0; i<8; i++)
+ {
+ ret[i*2]=f[(p[i]>>4)&0xf];
+ ret[i*2+1]=f[p[i]&0xf];
+ }
+ ret[16]='\0';
+ return(ret);
+ }
+
+#ifndef LIBDES_LIT
+
+static int cfb_test(bits, cfb_cipher)
+int bits;
+unsigned char *cfb_cipher;
+ {
+ des_key_schedule ks;
+ int i,err=0;
+
+ des_key_sched((C_Block *)cfb_key,ks);
+ memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
+ des_cfb_encrypt(plain,cfb_buf1,bits,(long)sizeof(plain),ks,
+ (C_Block *)cfb_tmp,DES_ENCRYPT);
+ if (memcmp(cfb_cipher,cfb_buf1,sizeof(plain)) != 0)
+ {
+ err=1;
+ printf("cfb_encrypt encrypt error\n");
+ for (i=0; i<24; i+=8)
+ printf("%s\n",pt(&(cfb_buf1[i])));
+ }
+ memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
+ des_cfb_encrypt(cfb_buf1,cfb_buf2,bits,(long)sizeof(plain),ks,
+ (C_Block *)cfb_tmp,DES_DECRYPT);
+ if (memcmp(plain,cfb_buf2,sizeof(plain)) != 0)
+ {
+ err=1;
+ printf("cfb_encrypt decrypt error\n");
+ for (i=0; i<24; i+=8)
+ printf("%s\n",pt(&(cfb_buf1[i])));
+ }
+ return(err);
+ }
+
+static int cfb64_test(cfb_cipher)
+unsigned char *cfb_cipher;
+ {
+ des_key_schedule ks;
+ int err=0,i,n;
+
+ des_key_sched((C_Block *)cfb_key,ks);
+ memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
+ n=0;
+ des_cfb64_encrypt(plain,cfb_buf1,(long)12,ks,
+ (C_Block *)cfb_tmp,&n,DES_ENCRYPT);
+ des_cfb64_encrypt(&(plain[12]),&(cfb_buf1[12]),
+ (long)sizeof(plain)-12,ks,
+ (C_Block *)cfb_tmp,&n,DES_ENCRYPT);
+ if (memcmp(cfb_cipher,cfb_buf1,sizeof(plain)) != 0)
+ {
+ err=1;
+ printf("cfb_encrypt encrypt error\n");
+ for (i=0; i<24; i+=8)
+ printf("%s\n",pt(&(cfb_buf1[i])));
+ }
+ memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
+ n=0;
+ des_cfb64_encrypt(cfb_buf1,cfb_buf2,(long)17,ks,
+ (C_Block *)cfb_tmp,&n,DES_DECRYPT);
+ des_cfb64_encrypt(&(cfb_buf1[17]),&(cfb_buf2[17]),
+ (long)sizeof(plain)-17,ks,
+ (C_Block *)cfb_tmp,&n,DES_DECRYPT);
+ if (memcmp(plain,cfb_buf2,sizeof(plain)) != 0)
+ {
+ err=1;
+ printf("cfb_encrypt decrypt error\n");
+ for (i=0; i<24; i+=8)
+ printf("%s\n",pt(&(cfb_buf2[i])));
+ }
+ return(err);
+ }
+
+static int ede_cfb64_test(cfb_cipher)
+unsigned char *cfb_cipher;
+ {
+ des_key_schedule ks;
+ int err=0,i,n;
+
+ des_key_sched((C_Block *)cfb_key,ks);
+ memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
+ n=0;
+ des_ede3_cfb64_encrypt(plain,cfb_buf1,(long)12,ks,ks,ks,
+ (C_Block *)cfb_tmp,&n,DES_ENCRYPT);
+ des_ede3_cfb64_encrypt(&(plain[12]),&(cfb_buf1[12]),
+ (long)sizeof(plain)-12,ks,ks,ks,
+ (C_Block *)cfb_tmp,&n,DES_ENCRYPT);
+ if (memcmp(cfb_cipher,cfb_buf1,sizeof(plain)) != 0)
+ {
+ err=1;
+ printf("ede_cfb_encrypt encrypt error\n");
+ for (i=0; i<24; i+=8)
+ printf("%s\n",pt(&(cfb_buf1[i])));
+ }
+ memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
+ n=0;
+ des_ede3_cfb64_encrypt(cfb_buf1,cfb_buf2,(long)17,ks,ks,ks,
+ (C_Block *)cfb_tmp,&n,DES_DECRYPT);
+ des_ede3_cfb64_encrypt(&(cfb_buf1[17]),&(cfb_buf2[17]),
+ (long)sizeof(plain)-17,ks,ks,ks,
+ (C_Block *)cfb_tmp,&n,DES_DECRYPT);
+ if (memcmp(plain,cfb_buf2,sizeof(plain)) != 0)
+ {
+ err=1;
+ printf("ede_cfb_encrypt decrypt error\n");
+ for (i=0; i<24; i+=8)
+ printf("%s\n",pt(&(cfb_buf2[i])));
+ }
+ return(err);
+ }
+
+#endif
+
diff --git a/src/lib/libcrypto/des/makefile.bc b/src/lib/libcrypto/des/makefile.bc
new file mode 100644
index 0000000000..1fe6d4915a
--- /dev/null
+++ b/src/lib/libcrypto/des/makefile.bc
@@ -0,0 +1,50 @@
+#
+# Origional BC Makefile from Teun <Teun.Nijssen@kub.nl>
+#
+#
+CC = bcc
+TLIB = tlib /0 /C
+# note: the -3 flag produces code for 386, 486, Pentium etc; omit it for 286s
+OPTIMIZE= -3 -O2
+#WINDOWS= -W
+CFLAGS = -c -ml -d $(OPTIMIZE) $(WINDOWS) -DMSDOS
+LFLAGS = -ml $(WINDOWS)
+
+.c.obj:
+ $(CC) $(CFLAGS) $*.c
+
+.obj.exe:
+ $(CC) $(LFLAGS) -e$*.exe $*.obj libdes.lib
+
+all: $(LIB) destest.exe rpw.exe des.exe speed.exe
+
+# "make clean": use a directory containing only libdes .exe and .obj files...
+clean:
+ del *.exe
+ del *.obj
+ del libdes.lib
+ del libdes.rsp
+
+OBJS= cbc_cksm.obj cbc_enc.obj ecb_enc.obj pcbc_enc.obj \
+ qud_cksm.obj rand_key.obj set_key.obj str2key.obj \
+ enc_read.obj enc_writ.obj fcrypt.obj cfb_enc.obj \
+ ecb3_enc.obj ofb_enc.obj cbc3_enc.obj read_pwd.obj\
+ cfb64enc.obj ofb64enc.obj ede_enc.obj cfb64ede.obj\
+ ofb64ede.obj supp.obj
+
+LIB= libdes.lib
+
+$(LIB): $(OBJS)
+ del $(LIB)
+ makersp "+%s &\n" &&|
+ $(OBJS)
+| >libdes.rsp
+ $(TLIB) libdes.lib @libdes.rsp,nul
+ del libdes.rsp
+
+destest.exe: destest.obj libdes.lib
+rpw.exe: rpw.obj libdes.lib
+speed.exe: speed.obj libdes.lib
+des.exe: des.obj libdes.lib
+
+
diff --git a/src/lib/libcrypto/des/options.txt b/src/lib/libcrypto/des/options.txt
new file mode 100644
index 0000000000..6e2b50f765
--- /dev/null
+++ b/src/lib/libcrypto/des/options.txt
@@ -0,0 +1,39 @@
+Note that the UNROLL option makes the 'inner' des loop unroll all 16 rounds
+instead of the default 4.
+RISC1 and RISC2 are 2 alternatives for the inner loop and
+PTR means to use pointers arithmatic instead of arrays.
+
+FreeBSD - Pentium Pro 200mhz - gcc 2.7.2.2 - assembler 577,000 4620k/s
+IRIX 6.2 - R10000 195mhz - cc (-O3 -n32) - UNROLL RISC2 PTR 496,000 3968k/s
+solaris 2.5.1 usparc 167mhz?? - SC4.0 - UNROLL RISC1 PTR [1] 459,400 3672k/s
+FreeBSD - Pentium Pro 200mhz - gcc 2.7.2.2 - UNROLL RISC1 433,000 3468k/s
+solaris 2.5.1 usparc 167mhz?? - gcc 2.7.2 - UNROLL 380,000 3041k/s
+linux - pentium 100mhz - gcc 2.7.0 - assembler 281,000 2250k/s
+NT 4.0 - pentium 100mhz - VC 4.2 - assembler 281,000 2250k/s
+AIX 4.1? - PPC604 100mhz - cc - UNROLL 275,000 2200k/s
+IRIX 5.3 - R4400 200mhz - gcc 2.6.3 - UNROLL RISC2 PTR 235,300 1882k/s
+IRIX 5.3 - R4400 200mhz - cc - UNROLL RISC2 PTR 233,700 1869k/s
+NT 4.0 - pentium 100mhz - VC 4.2 - UNROLL RISC1 PTR 191,000 1528k/s
+DEC Alpha 165mhz?? - cc - RISC2 PTR [2] 181,000 1448k/s
+linux - pentium 100mhz - gcc 2.7.0 - UNROLL RISC1 PTR 158,500 1268k/s
+HPUX 10 - 9000/887 - cc - UNROLL [3] 148,000 1190k/s
+solaris 2.5.1 - sparc 10 50mhz - gcc 2.7.2 - UNROLL 123,600 989k/s
+IRIX 5.3 - R4000 100mhz - cc - UNROLL RISC2 PTR 101,000 808k/s
+DGUX - 88100 50mhz(?) - gcc 2.6.3 - UNROLL 81,000 648k/s
+solaris 2.4 486 50mhz - gcc 2.6.3 - assembler 65,000 522k/s
+HPUX 10 - 9000/887 - k&r cc (default compiler) - UNROLL PTR 76,000 608k/s
+solaris 2.4 486 50mhz - gcc 2.6.3 - UNROLL RISC2 43,500 344k/s
+AIX - old slow one :-) - cc - 39,000 312k/s
+
+Notes.
+[1] For the ultra sparc, SunC 4.0
+ cc -xtarget=ultra -xarch=v8plus -Xa -xO5, running 'des_opts'
+ gives a speed of 344,000 des/s while 'speed' gives 459,000 des/s.
+ I'll record the higher since it is coming from the library but it
+ is all rather weird.
+[2] Similar to the ultra sparc ([1]), 181,000 for 'des_opts' vs 175,000.
+[3] I was unable to get access to this machine when it was not heavily loaded.
+ As such, my timing program was never able to get more that %30 of the CPU.
+ This would cause the program to give much lower speed numbers because
+ it would be 'fighting' to stay in the cache with the other CPU burning
+ processes.
diff --git a/src/lib/libcrypto/des/read2pwd.c b/src/lib/libcrypto/des/read2pwd.c
new file mode 100644
index 0000000000..a0d53793e4
--- /dev/null
+++ b/src/lib/libcrypto/des/read2pwd.c
@@ -0,0 +1,90 @@
+/* crypto/des/read2pwd.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+int des_read_password(key, prompt, verify)
+des_cblock (*key);
+char *prompt;
+int verify;
+ {
+ int ok;
+ char buf[BUFSIZ],buff[BUFSIZ];
+
+ if ((ok=des_read_pw(buf,buff,BUFSIZ,prompt,verify)) == 0)
+ des_string_to_key(buf,key);
+ memset(buf,0,BUFSIZ);
+ memset(buff,0,BUFSIZ);
+ return(ok);
+ }
+
+int des_read_2passwords(key1, key2, prompt, verify)
+des_cblock (*key1);
+des_cblock (*key2);
+char *prompt;
+int verify;
+ {
+ int ok;
+ char buf[BUFSIZ],buff[BUFSIZ];
+
+ if ((ok=des_read_pw(buf,buff,BUFSIZ,prompt,verify)) == 0)
+ des_string_to_2keys(buf,key1,key2);
+ memset(buf,0,BUFSIZ);
+ memset(buff,0,BUFSIZ);
+ return(ok);
+ }
diff --git a/src/lib/libcrypto/des/read_pwd.c b/src/lib/libcrypto/des/read_pwd.c
new file mode 100644
index 0000000000..99920f2f86
--- /dev/null
+++ b/src/lib/libcrypto/des/read_pwd.c
@@ -0,0 +1,459 @@
+/* crypto/des/read_pwd.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* #define SIGACTION */ /* Define this if you have sigaction() */
+#ifdef WIN16TTY
+#undef WIN16
+#undef _WINDOWS
+#include <graph.h>
+#endif
+
+/* 06-Apr-92 Luke Brennan Support for VMS */
+#include "des_locl.h"
+#include <signal.h>
+#include <string.h>
+#include <setjmp.h>
+#include <errno.h>
+
+/* There are 5 types of terminal interface supported,
+ * TERMIO, TERMIOS, VMS, MSDOS and SGTTY
+ */
+
+#if defined(__sgi) && !defined(TERMIOS)
+#define TERMIOS
+#undef TERMIO
+#undef SGTTY
+#endif
+
+#if defined(linux) && !defined(TERMIO)
+#undef TERMIOS
+#define TERMIO
+#undef SGTTY
+#endif
+
+#ifdef _LIBC
+#undef TERMIOS
+#define TERMIO
+#undef SGTTY
+#endif
+
+#if !defined(TERMIO) && !defined(TERMIOS) && !defined(VMS) && !defined(MSDOS)
+#undef TERMIOS
+#undef TERMIO
+#define SGTTY
+#endif
+
+#ifdef TERMIOS
+#include <termios.h>
+#define TTY_STRUCT struct termios
+#define TTY_FLAGS c_lflag
+#define TTY_get(tty,data) tcgetattr(tty,data)
+#define TTY_set(tty,data) tcsetattr(tty,TCSANOW,data)
+#endif
+
+#ifdef TERMIO
+#include <termio.h>
+#define TTY_STRUCT struct termio
+#define TTY_FLAGS c_lflag
+#define TTY_get(tty,data) ioctl(tty,TCGETA,data)
+#define TTY_set(tty,data) ioctl(tty,TCSETA,data)
+#endif
+
+#ifdef SGTTY
+#include <sgtty.h>
+#define TTY_STRUCT struct sgttyb
+#define TTY_FLAGS sg_flags
+#define TTY_get(tty,data) ioctl(tty,TIOCGETP,data)
+#define TTY_set(tty,data) ioctl(tty,TIOCSETP,data)
+#endif
+
+#if !defined(_LIBC) && !defined(MSDOS) && !defined(VMS)
+#include <sys/ioctl.h>
+#endif
+
+#ifdef MSDOS
+#include <conio.h>
+#define fgets(a,b,c) noecho_fgets(a,b,c)
+#endif
+
+#ifdef VMS
+#include <ssdef.h>
+#include <iodef.h>
+#include <ttdef.h>
+#include <descrip.h>
+struct IOSB {
+ short iosb$w_value;
+ short iosb$w_count;
+ long iosb$l_info;
+ };
+#endif
+
+#ifndef NX509_SIG
+#define NX509_SIG 32
+#endif
+
+#ifndef NOPROTO
+static void read_till_nl(FILE *);
+static void recsig(int);
+static void pushsig(void);
+static void popsig(void);
+#if defined(MSDOS) && !defined(WIN16)
+static int noecho_fgets(char *buf, int size, FILE *tty);
+#endif
+#else
+static void read_till_nl();
+static void recsig();
+static void pushsig();
+static void popsig();
+#if defined(MSDOS) && !defined(WIN16)
+static int noecho_fgets();
+#endif
+#endif
+
+#ifdef SIGACTION
+ static struct sigaction savsig[NX509_SIG];
+#else
+# ifndef NOPROTO
+ static void (*savsig[NX509_SIG])(int );
+# else
+ static void (*savsig[NX509_SIG])();
+# endif
+#endif
+static jmp_buf save;
+
+int des_read_pw_string(buf, length, prompt, verify)
+char *buf;
+int length;
+char *prompt;
+int verify;
+ {
+ char buff[BUFSIZ];
+ int ret;
+
+ ret=des_read_pw(buf,buff,(length>BUFSIZ)?BUFSIZ:length,prompt,verify);
+ memset(buff,0,BUFSIZ);
+ return(ret);
+ }
+
+#ifndef WIN16
+
+static void read_till_nl(in)
+FILE *in;
+ {
+#define SIZE 4
+ char buf[SIZE+1];
+
+ do {
+ fgets(buf,SIZE,in);
+ } while (strchr(buf,'\n') == NULL);
+ }
+
+
+/* return 0 if ok, 1 (or -1) otherwise */
+int des_read_pw(buf, buff, size, prompt, verify)
+char *buf;
+char *buff;
+int size;
+char *prompt;
+int verify;
+ {
+#ifdef VMS
+ struct IOSB iosb;
+ $DESCRIPTOR(terminal,"TT");
+ long tty_orig[3], tty_new[3];
+ long status;
+ unsigned short channel = 0;
+#else
+#ifndef MSDOS
+ TTY_STRUCT tty_orig,tty_new;
+#endif
+#endif
+ int number=5;
+ int ok=0;
+ int ps=0;
+ int is_a_tty=1;
+
+ FILE *tty=NULL;
+ char *p;
+
+#ifndef MSDOS
+ if ((tty=fopen("/dev/tty","r")) == NULL)
+ tty=stdin;
+#else /* MSDOS */
+ if ((tty=fopen("con","r")) == NULL)
+ tty=stdin;
+#endif /* MSDOS */
+
+#if defined(TTY_get) && !defined(VMS)
+ if (TTY_get(fileno(tty),&tty_orig) == -1)
+ {
+#ifdef ENOTTY
+ if (errno == ENOTTY)
+ is_a_tty=0;
+ else
+#endif
+#ifdef EINVAL
+ /* Ariel Glenn ariel@columbia.edu reports that solaris
+ * can return EINVAL instead. This should be ok */
+ if (errno == EINVAL)
+ is_a_tty=0;
+ else
+#endif
+ return(-1);
+ }
+ memcpy(&(tty_new),&(tty_orig),sizeof(tty_orig));
+#endif
+#ifdef VMS
+ status = SYS$ASSIGN(&terminal,&channel,0,0);
+ if (status != SS$_NORMAL)
+ return(-1);
+ status=SYS$QIOW(0,channel,IO$_SENSEMODE,&iosb,0,0,tty_orig,12,0,0,0,0);
+ if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL))
+ return(-1);
+#endif
+
+ if (setjmp(save))
+ {
+ ok=0;
+ goto error;
+ }
+ pushsig();
+ ps=1;
+
+#ifdef TTY_FLAGS
+ tty_new.TTY_FLAGS &= ~ECHO;
+#endif
+
+#if defined(TTY_set) && !defined(VMS)
+ if (is_a_tty && (TTY_set(fileno(tty),&tty_new) == -1))
+ return(-1);
+#endif
+#ifdef VMS
+ tty_new[0] = tty_orig[0];
+ tty_new[1] = tty_orig[1] | TT$M_NOECHO;
+ tty_new[2] = tty_orig[2];
+ status = SYS$QIOW(0,channel,IO$_SETMODE,&iosb,0,0,tty_new,12,0,0,0,0);
+ if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL))
+ return(-1);
+#endif
+ ps=2;
+
+ while ((!ok) && (number--))
+ {
+ fputs(prompt,stderr);
+ fflush(stderr);
+
+ buf[0]='\0';
+ fgets(buf,size,tty);
+ if (feof(tty)) goto error;
+ if (ferror(tty)) goto error;
+ if ((p=(char *)strchr(buf,'\n')) != NULL)
+ *p='\0';
+ else read_till_nl(tty);
+ if (verify)
+ {
+ fprintf(stderr,"\nVerifying password - %s",prompt);
+ fflush(stderr);
+ buff[0]='\0';
+ fgets(buff,size,tty);
+ if (feof(tty)) goto error;
+ if ((p=(char *)strchr(buff,'\n')) != NULL)
+ *p='\0';
+ else read_till_nl(tty);
+
+ if (strcmp(buf,buff) != 0)
+ {
+ fprintf(stderr,"\nVerify failure");
+ fflush(stderr);
+ break;
+ /* continue; */
+ }
+ }
+ ok=1;
+ }
+
+error:
+ fprintf(stderr,"\n");
+#ifdef DEBUG
+ perror("fgets(tty)");
+#endif
+ /* What can we do if there is an error? */
+#if defined(TTY_set) && !defined(VMS)
+ if (ps >= 2) TTY_set(fileno(tty),&tty_orig);
+#endif
+#ifdef VMS
+ if (ps >= 2)
+ status = SYS$QIOW(0,channel,IO$_SETMODE,&iosb,0,0
+ ,tty_orig,12,0,0,0,0);
+#endif
+
+ if (ps >= 1) popsig();
+ if (stdin != tty) fclose(tty);
+#ifdef VMS
+ status = SYS$DASSGN(channel);
+#endif
+ return(!ok);
+ }
+
+#else /* WIN16 */
+
+int des_read_pw(buf, buff, size, prompt, verify)
+char *buf;
+char *buff;
+int size;
+char *prompt;
+int verify;
+ {
+ memset(buf,0,size);
+ memset(buff,0,size);
+ return(0);
+ }
+
+#endif
+
+static void pushsig()
+ {
+ int i;
+
+ for (i=1; i<NX509_SIG; i++)
+ {
+#ifdef SIGUSR1
+ if (i == SIGUSR1)
+ continue;
+#endif
+#ifdef SIGUSR2
+ if (i == SIGUSR2)
+ continue;
+#endif
+#ifdef SIGACTION
+ sigaction(i,NULL,&savsig[i]);
+#else
+ savsig[i]=signal(i,recsig);
+#endif
+ }
+
+#ifdef SIGWINCH
+ signal(SIGWINCH,SIG_DFL);
+#endif
+ }
+
+static void popsig()
+ {
+ int i;
+
+ for (i=1; i<NX509_SIG; i++)
+ {
+#ifdef SIGUSR1
+ if (i == SIGUSR1)
+ continue;
+#endif
+#ifdef SIGUSR2
+ if (i == SIGUSR2)
+ continue;
+#endif
+#ifdef SIGACTION
+ sigaction(i,&savsig[i],NULL);
+#else
+ signal(i,savsig[i]);
+#endif
+ }
+ }
+
+static void recsig(i)
+int i;
+ {
+ longjmp(save,1);
+#ifdef LINT
+ i=i;
+#endif
+ }
+
+#if defined(MSDOS) && !defined(WIN16)
+static int noecho_fgets(buf,size,tty)
+char *buf;
+int size;
+FILE *tty;
+ {
+ int i;
+ char *p;
+
+ p=buf;
+ for (;;)
+ {
+ if (size == 0)
+ {
+ *p='\0';
+ break;
+ }
+ size--;
+#ifdef WIN16TTY
+ i=_inchar();
+#else
+ i=getch();
+#endif
+ if (i == '\r') i='\n';
+ *(p++)=i;
+ if (i == '\n')
+ {
+ *p='\0';
+ break;
+ }
+ }
+ return(strlen(buf));
+ }
+#endif
diff --git a/src/lib/libcrypto/des/rpc_des.h b/src/lib/libcrypto/des/rpc_des.h
new file mode 100644
index 0000000000..4cbb4d2dcd
--- /dev/null
+++ b/src/lib/libcrypto/des/rpc_des.h
@@ -0,0 +1,131 @@
+/* crypto/des/rpc_des.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* @(#)des.h 2.2 88/08/10 4.0 RPCSRC; from 2.7 88/02/08 SMI */
+/*
+ * Sun RPC is a product of Sun Microsystems, Inc. and is provided for
+ * unrestricted use provided that this legend is included on all tape
+ * media and as a part of the software program in whole or part. Users
+ * may copy or modify Sun RPC without charge, but are not authorized
+ * to license or distribute it to anyone else except as part of a product or
+ * program developed by the user.
+ *
+ * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE
+ * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE.
+ *
+ * Sun RPC is provided with no support and without any obligation on the
+ * part of Sun Microsystems, Inc. to assist in its use, correction,
+ * modification or enhancement.
+ *
+ * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE
+ * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC
+ * OR ANY PART THEREOF.
+ *
+ * In no event will Sun Microsystems, Inc. be liable for any lost revenue
+ * or profits or other special, indirect and consequential damages, even if
+ * Sun has been advised of the possibility of such damages.
+ *
+ * Sun Microsystems, Inc.
+ * 2550 Garcia Avenue
+ * Mountain View, California 94043
+ */
+/*
+ * Generic DES driver interface
+ * Keep this file hardware independent!
+ * Copyright (c) 1986 by Sun Microsystems, Inc.
+ */
+
+#define DES_MAXLEN 65536 /* maximum # of bytes to encrypt */
+#define DES_QUICKLEN 16 /* maximum # of bytes to encrypt quickly */
+
+#ifdef HEADER_DES_H
+#undef ENCRYPT
+#undef DECRYPT
+#endif
+
+enum desdir { ENCRYPT, DECRYPT };
+enum desmode { CBC, ECB };
+
+/*
+ * parameters to ioctl call
+ */
+struct desparams {
+ unsigned char des_key[8]; /* key (with low bit parity) */
+ enum desdir des_dir; /* direction */
+ enum desmode des_mode; /* mode */
+ unsigned char des_ivec[8]; /* input vector */
+ unsigned des_len; /* number of bytes to crypt */
+ union {
+ unsigned char UDES_data[DES_QUICKLEN];
+ unsigned char *UDES_buf;
+ } UDES;
+# define des_data UDES.UDES_data /* direct data here if quick */
+# define des_buf UDES.UDES_buf /* otherwise, pointer to data */
+};
+
+/*
+ * Encrypt an arbitrary sized buffer
+ */
+#define DESIOCBLOCK _IOWR(d, 6, struct desparams)
+
+/*
+ * Encrypt of small amount of data, quickly
+ */
+#define DESIOCQUICK _IOWR(d, 7, struct desparams)
+
diff --git a/src/lib/libcrypto/des/rpc_enc.c b/src/lib/libcrypto/des/rpc_enc.c
new file mode 100644
index 0000000000..7c1da1f538
--- /dev/null
+++ b/src/lib/libcrypto/des/rpc_enc.c
@@ -0,0 +1,107 @@
+/* crypto/des/rpc_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "rpc_des.h"
+#include "des_locl.h"
+#include "des_ver.h"
+
+#ifndef NOPROTO
+int _des_crypt(char *buf,int len,struct desparams *desp);
+#else
+int _des_crypt();
+#endif
+
+int _des_crypt(buf, len, desp)
+char *buf;
+int len;
+struct desparams *desp;
+ {
+ des_key_schedule ks;
+ int enc;
+
+ des_set_key((des_cblock *)desp->des_key,ks);
+ enc=(desp->des_dir == ENCRYPT)?DES_ENCRYPT:DES_DECRYPT;
+
+ if (desp->des_mode == CBC)
+ des_ecb_encrypt((des_cblock *)desp->UDES.UDES_buf,
+ (des_cblock *)desp->UDES.UDES_buf,ks,enc);
+ else
+ {
+ des_ncbc_encrypt((des_cblock *)desp->UDES.UDES_buf,
+ (des_cblock *)desp->UDES.UDES_buf,
+ (long)len,ks,
+ (des_cblock *)desp->des_ivec,enc);
+#ifdef undef
+ /* len will always be %8 if called from common_crypt
+ * in secure_rpc.
+ * Libdes's cbc encrypt does not copy back the iv,
+ * so we have to do it here. */
+ /* It does now :-) eay 20/09/95 */
+
+ a=(char *)&(desp->UDES.UDES_buf[len-8]);
+ b=(char *)&(desp->des_ivec[0]);
+
+ *(a++)= *(b++); *(a++)= *(b++);
+ *(a++)= *(b++); *(a++)= *(b++);
+ *(a++)= *(b++); *(a++)= *(b++);
+ *(a++)= *(b++); *(a++)= *(b++);
+#endif
+ }
+ return(1);
+ }
+
diff --git a/src/lib/libcrypto/des/rpw.c b/src/lib/libcrypto/des/rpw.c
new file mode 100644
index 0000000000..6447ed9cf0
--- /dev/null
+++ b/src/lib/libcrypto/des/rpw.c
@@ -0,0 +1,101 @@
+/* crypto/des/rpw.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "des.h"
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ des_cblock k,k1;
+ int i;
+
+ printf("read passwd\n");
+ if ((i=des_read_password((C_Block *)k,"Enter password:",0)) == 0)
+ {
+ printf("password = ");
+ for (i=0; i<8; i++)
+ printf("%02x ",k[i]);
+ }
+ else
+ printf("error %d\n",i);
+ printf("\n");
+ printf("read 2passwds and verify\n");
+ if ((i=des_read_2passwords((C_Block *)k,(C_Block *)k1,
+ "Enter verified password:",1)) == 0)
+ {
+ printf("password1 = ");
+ for (i=0; i<8; i++)
+ printf("%02x ",k[i]);
+ printf("\n");
+ printf("password2 = ");
+ for (i=0; i<8; i++)
+ printf("%02x ",k1[i]);
+ printf("\n");
+ exit(1);
+ }
+ else
+ {
+ printf("error %d\n",i);
+ exit(0);
+ }
+#ifdef LINT
+ return(0);
+#endif
+ }
diff --git a/src/lib/libcrypto/des/speed.c b/src/lib/libcrypto/des/speed.c
new file mode 100644
index 0000000000..5bbe8b01d6
--- /dev/null
+++ b/src/lib/libcrypto/des/speed.c
@@ -0,0 +1,329 @@
+/* crypto/des/speed.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* 11-Sep-92 Andrew Daviel Support for Silicon Graphics IRIX added */
+/* 06-Apr-92 Luke Brennan Support for VMS and add extra signal calls */
+
+#ifndef MSDOS
+#define TIMES
+#endif
+
+#include <stdio.h>
+#ifndef MSDOS
+#include <unistd.h>
+#else
+#include <io.h>
+extern int exit();
+#endif
+#include <signal.h>
+#ifndef VMS
+#ifndef _IRIX
+#include <time.h>
+#endif
+#ifdef TIMES
+#include <sys/types.h>
+#include <sys/times.h>
+#endif
+#else /* VMS */
+#include <types.h>
+struct tms {
+ time_t tms_utime;
+ time_t tms_stime;
+ time_t tms_uchild; /* I dunno... */
+ time_t tms_uchildsys; /* so these names are a guess :-) */
+ }
+#endif
+#ifndef TIMES
+#include <sys/timeb.h>
+#endif
+
+#ifdef sun
+#include <limits.h>
+#include <sys/param.h>
+#endif
+
+#include "des.h"
+
+/* The following if from times(3) man page. It may need to be changed */
+#ifndef HZ
+# ifndef CLK_TCK
+# ifndef _BSD_CLK_TCK_ /* FreeBSD fix */
+# ifndef VMS
+# define HZ 100.0
+# else /* VMS */
+# define HZ 100.0
+# endif
+# else /* _BSD_CLK_TCK_ */
+# define HZ ((double)_BSD_CLK_TCK_)
+# endif
+# else /* CLK_TCK */
+# define HZ ((double)CLK_TCK)
+# endif
+#endif
+
+#define BUFSIZE ((long)1024)
+long run=0;
+
+#ifndef NOPROTO
+double Time_F(int s);
+#else
+double Time_F();
+#endif
+
+#ifdef SIGALRM
+#if defined(__STDC__) || defined(sgi) || defined(_AIX)
+#define SIGRETTYPE void
+#else
+#define SIGRETTYPE int
+#endif
+
+#ifndef NOPROTO
+SIGRETTYPE sig_done(int sig);
+#else
+SIGRETTYPE sig_done();
+#endif
+
+SIGRETTYPE sig_done(sig)
+int sig;
+ {
+ signal(SIGALRM,sig_done);
+ run=0;
+#ifdef LINT
+ sig=sig;
+#endif
+ }
+#endif
+
+#define START 0
+#define STOP 1
+
+double Time_F(s)
+int s;
+ {
+ double ret;
+#ifdef TIMES
+ static struct tms tstart,tend;
+
+ if (s == START)
+ {
+ times(&tstart);
+ return(0);
+ }
+ else
+ {
+ times(&tend);
+ ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
+ return((ret == 0.0)?1e-6:ret);
+ }
+#else /* !times() */
+ static struct timeb tstart,tend;
+ long i;
+
+ if (s == START)
+ {
+ ftime(&tstart);
+ return(0);
+ }
+ else
+ {
+ ftime(&tend);
+ i=(long)tend.millitm-(long)tstart.millitm;
+ ret=((double)(tend.time-tstart.time))+((double)i)/1e3;
+ return((ret == 0.0)?1e-6:ret);
+ }
+#endif
+ }
+
+int main(argc,argv)
+int argc;
+char **argv;
+ {
+ long count;
+ static unsigned char buf[BUFSIZE];
+ static des_cblock key ={0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0};
+ static des_cblock key2={0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12};
+ static des_cblock key3={0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34};
+ des_key_schedule sch,sch2,sch3;
+ double a,b,c,d,e;
+#ifndef SIGALRM
+ long ca,cb,cc,cd,ce;
+#endif
+
+#ifndef TIMES
+ printf("To get the most acurate results, try to run this\n");
+ printf("program when this computer is idle.\n");
+#endif
+
+ des_set_key((C_Block *)key2,sch2);
+ des_set_key((C_Block *)key3,sch3);
+
+#ifndef SIGALRM
+ printf("First we calculate the approximate speed ...\n");
+ des_set_key((C_Block *)key,sch);
+ count=10;
+ do {
+ long i;
+ DES_LONG data[2];
+
+ count*=2;
+ Time_F(START);
+ for (i=count; i; i--)
+ des_encrypt(data,&(sch[0]),DES_ENCRYPT);
+ d=Time_F(STOP);
+ } while (d < 3.0);
+ ca=count;
+ cb=count*3;
+ cc=count*3*8/BUFSIZE+1;
+ cd=count*8/BUFSIZE+1;
+ ce=count/20+1;
+ printf("Doing set_key %ld times\n",ca);
+#define COND(d) (count != (d))
+#define COUNT(d) (d)
+#else
+#define COND(c) (run)
+#define COUNT(d) (count)
+ signal(SIGALRM,sig_done);
+ printf("Doing set_key for 10 seconds\n");
+ alarm(10);
+#endif
+
+ Time_F(START);
+ for (count=0,run=1; COND(ca); count++)
+ des_set_key((C_Block *)key,sch);
+ d=Time_F(STOP);
+ printf("%ld set_key's in %.2f seconds\n",count,d);
+ a=((double)COUNT(ca))/d;
+
+#ifdef SIGALRM
+ printf("Doing des_encrypt's for 10 seconds\n");
+ alarm(10);
+#else
+ printf("Doing des_encrypt %ld times\n",cb);
+#endif
+ Time_F(START);
+ for (count=0,run=1; COND(cb); count++)
+ {
+ DES_LONG data[2];
+
+ des_encrypt(data,&(sch[0]),DES_ENCRYPT);
+ }
+ d=Time_F(STOP);
+ printf("%ld des_encrypt's in %.2f second\n",count,d);
+ b=((double)COUNT(cb)*8)/d;
+
+#ifdef SIGALRM
+ printf("Doing des_cbc_encrypt on %ld byte blocks for 10 seconds\n",
+ BUFSIZE);
+ alarm(10);
+#else
+ printf("Doing des_cbc_encrypt %ld times on %ld byte blocks\n",cc,
+ BUFSIZE);
+#endif
+ Time_F(START);
+ for (count=0,run=1; COND(cc); count++)
+ des_ncbc_encrypt((C_Block *)buf,(C_Block *)buf,BUFSIZE,&(sch[0]),
+ (C_Block *)&(key[0]),DES_ENCRYPT);
+ d=Time_F(STOP);
+ printf("%ld des_cbc_encrypt's of %ld byte blocks in %.2f second\n",
+ count,BUFSIZE,d);
+ c=((double)COUNT(cc)*BUFSIZE)/d;
+
+#ifdef SIGALRM
+ printf("Doing des_ede_cbc_encrypt on %ld byte blocks for 10 seconds\n",
+ BUFSIZE);
+ alarm(10);
+#else
+ printf("Doing des_ede_cbc_encrypt %ld times on %ld byte blocks\n",cd,
+ BUFSIZE);
+#endif
+ Time_F(START);
+ for (count=0,run=1; COND(cd); count++)
+ des_ede3_cbc_encrypt((C_Block *)buf,(C_Block *)buf,BUFSIZE,
+ &(sch[0]),
+ &(sch2[0]),
+ &(sch3[0]),
+ (C_Block *)&(key[0]),
+ DES_ENCRYPT);
+ d=Time_F(STOP);
+ printf("%ld des_ede_cbc_encrypt's of %ld byte blocks in %.2f second\n",
+ count,BUFSIZE,d);
+ d=((double)COUNT(cd)*BUFSIZE)/d;
+
+#ifdef SIGALRM
+ printf("Doing crypt for 10 seconds\n");
+ alarm(10);
+#else
+ printf("Doing crypt %ld times\n",ce);
+#endif
+ Time_F(START);
+ for (count=0,run=1; COND(ce); count++)
+ crypt("testing1","ef");
+ e=Time_F(STOP);
+ printf("%ld crypts in %.2f second\n",count,e);
+ e=((double)COUNT(ce))/e;
+
+ printf("set_key per sec = %12.2f (%9.3fuS)\n",a,1.0e6/a);
+ printf("DES raw ecb bytes per sec = %12.2f (%9.3fuS)\n",b,8.0e6/b);
+ printf("DES cbc bytes per sec = %12.2f (%9.3fuS)\n",c,8.0e6/c);
+ printf("DES ede cbc bytes per sec = %12.2f (%9.3fuS)\n",d,8.0e6/d);
+ printf("crypt per sec = %12.2f (%9.3fuS)\n",e,1.0e6/e);
+ exit(0);
+#if defined(LINT) || defined(MSDOS)
+ return(0);
+#endif
+ }
diff --git a/src/lib/libcrypto/des/t/test b/src/lib/libcrypto/des/t/test
new file mode 100644
index 0000000000..97acd0552e
--- /dev/null
+++ b/src/lib/libcrypto/des/t/test
@@ -0,0 +1,27 @@
+#!./perl
+
+BEGIN { push(@INC, qw(../../../lib ../../lib ../lib lib)); }
+
+use DES;
+
+$key='00000000';
+$ks=DES::set_key($key);
+@a=split(//,$ks);
+foreach (@a) { printf "%02x-",ord($_); }
+print "\n";
+
+
+$key=DES::random_key();
+print "($_)\n";
+@a=split(//,$key);
+foreach (@a) { printf "%02x-",ord($_); }
+print "\n";
+$str="this is and again into the breach";
+($k1,$k2)=DES::string_to_2keys($str);
+@a=split(//,$k1);
+foreach (@a) { printf "%02x-",ord($_); }
+print "\n";
+@a=split(//,$k2);
+foreach (@a) { printf "%02x-",ord($_); }
+print "\n";
+
diff --git a/src/lib/libcrypto/des/times/486-50.sol b/src/lib/libcrypto/des/times/486-50.sol
new file mode 100644
index 0000000000..0de62d6db3
--- /dev/null
+++ b/src/lib/libcrypto/des/times/486-50.sol
@@ -0,0 +1,16 @@
+Solaris 2.4, 486 50mhz, gcc 2.6.3
+options des ecb/s
+16 r2 i 43552.51 100.0%
+16 r1 i 43487.45 99.9%
+16 c p 43003.23 98.7%
+16 r2 p 42339.00 97.2%
+16 c i 41900.91 96.2%
+16 r1 p 41360.64 95.0%
+ 4 c i 38728.48 88.9%
+ 4 c p 38225.63 87.8%
+ 4 r1 i 38085.79 87.4%
+ 4 r2 i 37825.64 86.9%
+ 4 r2 p 34611.00 79.5%
+ 4 r1 p 31802.00 73.0%
+-DDES_UNROLL -DDES_RISC2
+
diff --git a/src/lib/libcrypto/des/times/586-100.lnx b/src/lib/libcrypto/des/times/586-100.lnx
new file mode 100644
index 0000000000..4323914a11
--- /dev/null
+++ b/src/lib/libcrypto/des/times/586-100.lnx
@@ -0,0 +1,20 @@
+Pentium 100
+Linux 2 kernel
+gcc 2.7.0 -O3 -fomit-frame-pointer
+No X server running, just a console, it makes the top speed jump from 151,000
+to 158,000 :-).
+options des ecb/s
+assember 281000.00 177.1%
+16 r1 p 158667.40 100.0%
+16 r1 i 148471.70 93.6%
+16 r2 p 143961.80 90.7%
+16 r2 i 141689.20 89.3%
+ 4 r1 i 140100.00 88.3%
+ 4 r2 i 134049.40 84.5%
+16 c i 124145.20 78.2%
+16 c p 121584.20 76.6%
+ 4 c i 118116.00 74.4%
+ 4 r2 p 117977.90 74.4%
+ 4 c p 114971.40 72.5%
+ 4 r1 p 114578.40 72.2%
+-DDES_UNROLL -DDES_RISC1 -DDES_PTR
diff --git a/src/lib/libcrypto/des/times/686-200.fre b/src/lib/libcrypto/des/times/686-200.fre
new file mode 100644
index 0000000000..7d83f6adee
--- /dev/null
+++ b/src/lib/libcrypto/des/times/686-200.fre
@@ -0,0 +1,18 @@
+Pentium 100
+Free BSD 2.1.5 kernel
+gcc 2.7.2.2 -O3 -fomit-frame-pointer
+options des ecb/s
+assember 578000.00 133.1%
+16 r2 i 434454.80 100.0%
+16 r1 i 433621.43 99.8%
+16 r2 p 431375.69 99.3%
+ 4 r1 i 423722.30 97.5%
+ 4 r2 i 422399.40 97.2%
+16 r1 p 421739.40 97.1%
+16 c i 399027.94 91.8%
+16 c p 372251.70 85.7%
+ 4 c i 365118.35 84.0%
+ 4 c p 352880.51 81.2%
+ 4 r2 p 255104.90 58.7%
+ 4 r1 p 251289.18 57.8%
+-DDES_UNROLL -DDES_RISC2
diff --git a/src/lib/libcrypto/des/times/aix.cc b/src/lib/libcrypto/des/times/aix.cc
new file mode 100644
index 0000000000..d96b74e2ce
--- /dev/null
+++ b/src/lib/libcrypto/des/times/aix.cc
@@ -0,0 +1,26 @@
+From: Paco Garcia <pgarcia@cam.es>
+
+This machine is a Bull Estrella Minitower Model MT604-100
+Processor : PPC604
+P.Speed : 100Mhz
+Data/Instr Cache : 16 K
+L2 Cache : 256 K
+PCI BUS Speed : 33 Mhz
+TransfRate PCI : 132 MB/s
+Memory : 96 MB
+
+options des ecb/s
+ 4 c p 275118.61 100.0%
+ 4 c i 273545.07 99.4%
+ 4 r2 p 270441.02 98.3%
+ 4 r1 p 253052.15 92.0%
+ 4 r2 i 240842.97 87.5%
+ 4 r1 i 240556.66 87.4%
+16 c i 224603.99 81.6%
+16 c p 224483.98 81.6%
+16 r2 p 215691.19 78.4%
+16 r1 p 208332.83 75.7%
+16 r1 i 199206.50 72.4%
+16 r2 i 198963.70 72.3%
+-DDES_PTR
+
diff --git a/src/lib/libcrypto/des/times/alpha.cc b/src/lib/libcrypto/des/times/alpha.cc
new file mode 100644
index 0000000000..95c17efae7
--- /dev/null
+++ b/src/lib/libcrypto/des/times/alpha.cc
@@ -0,0 +1,18 @@
+cc -O2
+DES_LONG is 'unsigned int'
+
+options des ecb/s
+ 4 r2 p 181146.14 100.0%
+16 r2 p 172102.94 95.0%
+ 4 r2 i 165424.11 91.3%
+16 c p 160468.64 88.6%
+ 4 c p 156653.59 86.5%
+ 4 c i 155245.18 85.7%
+ 4 r1 p 154729.68 85.4%
+16 r2 i 154137.69 85.1%
+16 r1 p 152357.96 84.1%
+16 c i 148743.91 82.1%
+ 4 r1 i 146695.59 81.0%
+16 r1 i 144961.00 80.0%
+-DDES_RISC2 -DDES_PTR
+
diff --git a/src/lib/libcrypto/des/times/hpux.cc b/src/lib/libcrypto/des/times/hpux.cc
new file mode 100644
index 0000000000..3de856ddac
--- /dev/null
+++ b/src/lib/libcrypto/des/times/hpux.cc
@@ -0,0 +1,17 @@
+HPUX 10 - 9000/887 - cc -D_HPUX_SOURCE -Aa +ESlit +O2 -Wl,-a,archive
+
+options des ecb/s
+16 c i 149448.90 100.0%
+ 4 c i 145861.79 97.6%
+16 r2 i 141710.96 94.8%
+16 r1 i 139455.33 93.3%
+ 4 r2 i 138800.00 92.9%
+ 4 r1 i 136692.65 91.5%
+16 r2 p 110228.17 73.8%
+16 r1 p 109397.07 73.2%
+16 c p 109209.89 73.1%
+ 4 c p 108014.71 72.3%
+ 4 r2 p 107873.88 72.2%
+ 4 r1 p 107685.83 72.1%
+-DDES_UNROLL
+
diff --git a/src/lib/libcrypto/des/times/sparc.gcc b/src/lib/libcrypto/des/times/sparc.gcc
new file mode 100644
index 0000000000..8eaa042104
--- /dev/null
+++ b/src/lib/libcrypto/des/times/sparc.gcc
@@ -0,0 +1,17 @@
+solaris 2.5.1 - sparc 10 50mhz - gcc 2.7.2
+
+options des ecb/s
+16 c i 124382.70 100.0%
+ 4 c i 118884.68 95.6%
+16 c p 112261.20 90.3%
+16 r2 i 111777.10 89.9%
+16 r2 p 108896.30 87.5%
+16 r1 p 108791.59 87.5%
+ 4 c p 107290.10 86.3%
+ 4 r1 p 104583.80 84.1%
+16 r1 i 104206.20 83.8%
+ 4 r2 p 103709.80 83.4%
+ 4 r2 i 98306.43 79.0%
+ 4 r1 i 91525.80 73.6%
+-DDES_UNROLL
+
diff --git a/src/lib/libcrypto/des/times/usparc.cc b/src/lib/libcrypto/des/times/usparc.cc
new file mode 100644
index 0000000000..f6ec8e8831
--- /dev/null
+++ b/src/lib/libcrypto/des/times/usparc.cc
@@ -0,0 +1,31 @@
+solaris 2.5.1 usparc 167mhz?? - SC4.0 cc -fast -Xa -xO5
+
+For the ultra sparc, SunC 4.0 cc -fast -Xa -xO5, running 'des_opts'
+gives a speed of 475,000 des/s while 'speed' gives 417,000 des/s.
+I belive the difference is tied up in optimisation that the compiler
+is able to perform when the code is 'inlined'. For 'speed', the DES
+routines are being linked from a library. I'll record the higher
+speed since if performance is everything, you can always inline
+'des_enc.c'.
+
+[ 16-Jan-06 - I've been playing with the
+ '-xtarget=ultra -xarch=v8plus -Xa -xO5 -Xa'
+ and while it makes the des_opts numbers much slower, it makes the
+ actual 'speed' numbers look better which is a realistic version of
+ using the libraries. ]
+
+options des ecb/s
+16 r1 p 475516.90 100.0%
+16 r2 p 439388.10 92.4%
+16 c i 427001.40 89.8%
+16 c p 419516.50 88.2%
+ 4 r2 p 409491.70 86.1%
+ 4 r1 p 404266.90 85.0%
+ 4 c p 398121.00 83.7%
+ 4 c i 370588.40 77.9%
+ 4 r1 i 362742.20 76.3%
+16 r2 i 331275.50 69.7%
+16 r1 i 324730.60 68.3%
+ 4 r2 i 63535.10 13.4% <-- very very weird, must be cache problems.
+-DDES_UNROLL -DDES_RISC1 -DDES_PTR
+
diff --git a/src/lib/libcrypto/des/typemap b/src/lib/libcrypto/des/typemap
new file mode 100644
index 0000000000..a524f53634
--- /dev/null
+++ b/src/lib/libcrypto/des/typemap
@@ -0,0 +1,34 @@
+#
+# DES SECTION
+#
+deschar * T_DESCHARP
+des_cblock * T_CBLOCK
+des_cblock T_CBLOCK
+des_key_schedule T_SCHEDULE
+des_key_schedule * T_SCHEDULE
+
+INPUT
+T_CBLOCK
+ $var=(des_cblock *)SvPV($arg,len);
+ if (len < DES_KEY_SZ)
+ {
+ croak(\"$var needs to be at least %u bytes long\",DES_KEY_SZ);
+ }
+
+T_SCHEDULE
+ $var=(des_key_schedule *)SvPV($arg,len);
+ if (len < DES_SCHEDULE_SZ)
+ {
+ croak(\"$var needs to be at least %u bytes long\",
+ DES_SCHEDULE_SZ);
+ }
+
+OUTPUT
+T_CBLOCK
+ sv_setpvn($arg,(char *)$var,DES_KEY_SZ);
+
+T_SCHEDULE
+ sv_setpvn($arg,(char *)$var,DES_SCHEDULE_SZ);
+
+T_DESCHARP
+ sv_setpvn($arg,(char *)$var,len);
diff --git a/src/lib/libcrypto/dh/dh1024.pem b/src/lib/libcrypto/dh/dh1024.pem
new file mode 100644
index 0000000000..81d43f6a3e
--- /dev/null
+++ b/src/lib/libcrypto/dh/dh1024.pem
@@ -0,0 +1,5 @@
+-----BEGIN DH PARAMETERS-----
+MIGHAoGBAJf2QmHKtQXdKCjhPx1ottPb0PMTBH9A6FbaWMsTuKG/K3g6TG1Z1fkq
+/Gz/PWk/eLI9TzFgqVAuPvr3q14a1aZeVUMTgo2oO5/y2UHe6VaJ+trqCTat3xlx
+/mNbIK9HA2RgPC3gWfVLZQrY+gz3ASHHR5nXWHEyvpuZm7m3h+irAgEC
+-----END DH PARAMETERS-----
diff --git a/src/lib/libcrypto/dh/dh192.pem b/src/lib/libcrypto/dh/dh192.pem
new file mode 100644
index 0000000000..521c07271d
--- /dev/null
+++ b/src/lib/libcrypto/dh/dh192.pem
@@ -0,0 +1,3 @@
+-----BEGIN DH PARAMETERS-----
+MB4CGQDUoLoCULb9LsYm5+/WN992xxbiLQlEuIsCAQM=
+-----END DH PARAMETERS-----
diff --git a/src/lib/libcrypto/dh/dh2048.pem b/src/lib/libcrypto/dh/dh2048.pem
new file mode 100644
index 0000000000..295460f508
--- /dev/null
+++ b/src/lib/libcrypto/dh/dh2048.pem
@@ -0,0 +1,16 @@
+-----BEGIN DH PARAMETERS-----
+MIIBCAKCAQEA7ZKJNYJFVcs7+6J2WmkEYb8h86tT0s0h2v94GRFS8Q7B4lW9aG9o
+AFO5Imov5Jo0H2XMWTKKvbHbSe3fpxJmw/0hBHAY8H/W91hRGXKCeyKpNBgdL8sh
+z22SrkO2qCnHJ6PLAMXy5fsKpFmFor2tRfCzrfnggTXu2YOzzK7q62bmqVdmufEo
+pT8igNcLpvZxk5uBDvhakObMym9mX3rAEBoe8PwttggMYiiw7NuJKO4MqD1llGkW
+aVM8U2ATsCun1IKHrRxynkE1/MJ86VHeYYX8GZt2YA8z+GuzylIOKcMH6JAWzMwA
+Gbatw6QwizOhr9iMjZ0B26TE3X8LvW84wwIBAg==
+-----END DH PARAMETERS-----
+-----BEGIN DH PARAMETERS-----
+MIIBCAKCAQEArtA3w73zP6Lu3EOQtwogiXt3AXXpuS6yD4BhzNS1pZFyPHk0/an5
+8ydEkPhQZHKDW+BZJxxPLANaTudWo2YT8TgtvUdN6KSgMiEi6McwqDw+SADuvW+F
+SKUYFxG6VFIxyEP6xBdf+vhJxEDbRG2EYsHDRRtJ76gp9cSKTHusf2R+4AAVGqnt
+gRAbNqtcOar/7FSj+Pl8G3v0Bty0LcCSpbqgYlnv6z+rErQmmC6PPvSz97TDMCok
+yKpCE9hFA1zkqK3TH4FmFvGeIaXJUIBZf4mArWuBTjWFW3nmhESRUn1VK3K3x42N
+a5k6c2+EhrMFiLjxuH6JZoqL0/E93FF9SwIBAg==
+-----END DH PARAMETERS-----
diff --git a/src/lib/libcrypto/dh/dh4096.pem b/src/lib/libcrypto/dh/dh4096.pem
new file mode 100644
index 0000000000..390943a21d
--- /dev/null
+++ b/src/lib/libcrypto/dh/dh4096.pem
@@ -0,0 +1,14 @@
+-----BEGIN DH PARAMETERS-----
+MIICCAKCAgEA/urRnb6vkPYc/KEGXWnbCIOaKitq7ySIq9dTH7s+Ri59zs77zty7
+vfVlSe6VFTBWgYjD2XKUFmtqq6CqXMhVX5ElUDoYDpAyTH85xqNFLzFC7nKrff/H
+TFKNttp22cZE9V0IPpzedPfnQkE7aUdmF9JnDyv21Z/818O93u1B4r0szdnmEvEF
+bKuIxEHX+bp0ZR7RqE1AeifXGJX3d6tsd2PMAObxwwsv55RGkn50vHO4QxtTARr1
+rRUV5j3B3oPMgC7Offxx+98Xn45B1/G0Prp11anDsR1PGwtaCYipqsvMwQUSJtyE
+EOQWk+yFkeMe4vWv367eEi0Sd/wnC+TSXBE3pYvpYerJ8n1MceI5GQTdarJ77OW9
+bGTHmxRsLSCM1jpLdPja5jjb4siAa6EHc4qN9c/iFKS3PQPJEnX7pXKBRs5f7AF3
+W3RIGt+G9IVNZfXaS7Z/iCpgzgvKCs0VeqN38QsJGtC1aIkwOeyjPNy2G6jJ4yqH
+ovXYt/0mc00vCWeSNS1wren0pR2EiLxX0ypjjgsU1mk/Z3b/+zVf7fZSIB+nDLjb
+NPtUlJCVGnAeBK1J1nG3TQicqowOXoM6ISkdaXj5GPJdXHab2+S7cqhKGv5qC7rR
+jT6sx7RUr0CNTxzLI7muV2/a4tGmj0PSdXQdsZ7tw7gbXlaWT1+MM2MCAQI=
+-----END DH PARAMETERS-----
+
diff --git a/src/lib/libcrypto/dh/dh512.pem b/src/lib/libcrypto/dh/dh512.pem
new file mode 100644
index 0000000000..0a4d863ebe
--- /dev/null
+++ b/src/lib/libcrypto/dh/dh512.pem
@@ -0,0 +1,4 @@
+-----BEGIN DH PARAMETERS-----
+MEYCQQDaWDwW2YUiidDkr3VvTMqS3UvlM7gE+w/tlO+cikQD7VdGUNNpmdsp13Yn
+a6LT1BLiGPTdHghM9tgAPnxHdOgzAgEC
+-----END DH PARAMETERS-----
diff --git a/src/lib/libcrypto/dh/dhtest.c b/src/lib/libcrypto/dh/dhtest.c
new file mode 100644
index 0000000000..488f10fd41
--- /dev/null
+++ b/src/lib/libcrypto/dh/dhtest.c
@@ -0,0 +1,188 @@
+/* crypto/dh/dhtest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#ifdef WINDOWS
+#include "../bio/bss_file.c"
+#endif
+#include "crypto.h"
+#include "bio.h"
+#include "bn.h"
+#include "dh.h"
+
+#ifdef WIN16
+#define MS_CALLBACK _far _loadds
+#else
+#define MS_CALLBACK
+#endif
+
+#ifndef NOPROTO
+static void MS_CALLBACK cb(int p, int n, char *arg);
+#else
+static void MS_CALLBACK cb();
+#endif
+
+#ifdef NO_STDIO
+#define APPS_WIN16
+#include "bss_file.c"
+#endif
+
+BIO *out=NULL;
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ DH *a,*b;
+ char buf[12];
+ unsigned char *abuf=NULL,*bbuf=NULL;
+ int i,alen,blen,aout,bout,ret=1;
+
+#ifdef WIN32
+ CRYPTO_malloc_init();
+#endif
+
+ out=BIO_new(BIO_s_file());
+ if (out == NULL) exit(1);
+ BIO_set_fp(out,stdout,BIO_NOCLOSE);
+
+ a=DH_generate_parameters(64,DH_GENERATOR_5,cb,(char *)out);
+ if (a == NULL) goto err;
+
+ BIO_puts(out,"\np =");
+ BN_print(out,a->p);
+ BIO_puts(out,"\ng =");
+ BN_print(out,a->g);
+ BIO_puts(out,"\n");
+
+ b=DH_new();
+ if (b == NULL) goto err;
+
+ b->p=BN_dup(a->p);
+ b->g=BN_dup(a->g);
+ if ((b->p == NULL) || (b->g == NULL)) goto err;
+
+ if (!DH_generate_key(a)) goto err;
+ BIO_puts(out,"pri 1=");
+ BN_print(out,a->priv_key);
+ BIO_puts(out,"\npub 1=");
+ BN_print(out,a->pub_key);
+ BIO_puts(out,"\n");
+
+ if (!DH_generate_key(b)) goto err;
+ BIO_puts(out,"pri 2=");
+ BN_print(out,b->priv_key);
+ BIO_puts(out,"\npub 2=");
+ BN_print(out,b->pub_key);
+ BIO_puts(out,"\n");
+
+ alen=DH_size(a);
+ abuf=(unsigned char *)Malloc(alen);
+ aout=DH_compute_key(abuf,b->pub_key,a);
+
+ BIO_puts(out,"key1 =");
+ for (i=0; i<aout; i++)
+ {
+ sprintf(buf,"%02X",abuf[i]);
+ BIO_puts(out,buf);
+ }
+ BIO_puts(out,"\n");
+
+ blen=DH_size(b);
+ bbuf=(unsigned char *)Malloc(blen);
+ bout=DH_compute_key(bbuf,a->pub_key,b);
+
+ BIO_puts(out,"key2 =");
+ for (i=0; i<bout; i++)
+ {
+ sprintf(buf,"%02X",bbuf[i]);
+ BIO_puts(out,buf);
+ }
+ BIO_puts(out,"\n");
+ if ((aout < 4) || (bout != aout) || (memcmp(abuf,bbuf,aout) != 0))
+ {
+ fprintf(stderr,"Error in DH routines\n");
+ ret=1;
+ }
+ else
+ ret=0;
+err:
+ if (abuf != NULL) Free(abuf);
+ if (bbuf != NULL) Free(bbuf);
+ exit(ret);
+ return(ret);
+ }
+
+static void MS_CALLBACK cb(p, n,arg)
+int p;
+int n;
+char *arg;
+ {
+ char c='*';
+
+ if (p == 0) c='.';
+ if (p == 1) c='+';
+ if (p == 2) c='*';
+ if (p == 3) c='\n';
+ BIO_write((BIO *)arg,&c,1);
+#ifdef LINT
+ p=n;
+#endif
+ }
diff --git a/src/lib/libcrypto/dh/example b/src/lib/libcrypto/dh/example
new file mode 100644
index 0000000000..16a33d2910
--- /dev/null
+++ b/src/lib/libcrypto/dh/example
@@ -0,0 +1,50 @@
+From owner-cypherpunks@toad.com Mon Sep 25 10:50:51 1995
+Received: from minbne.mincom.oz.au by orb.mincom.oz.au with SMTP id AA10562
+ (5.65c/IDA-1.4.4 for eay); Wed, 27 Sep 1995 19:41:55 +1000
+Received: by minbne.mincom.oz.au id AA19958
+ (5.65c/IDA-1.4.4 for eay@orb.mincom.oz.au); Wed, 27 Sep 1995 19:34:59 +1000
+Received: from relay3.UU.NET by bunyip.cc.uq.oz.au with SMTP (PP);
+ Wed, 27 Sep 1995 19:13:05 +1000
+Received: from toad.com by relay3.UU.NET with SMTP id QQzizb16156;
+ Wed, 27 Sep 1995 04:48:46 -0400
+Received: by toad.com id AA07905; Tue, 26 Sep 95 06:31:45 PDT
+Received: from by toad.com id AB07851; Tue, 26 Sep 95 06:31:40 PDT
+Received: from servo.qualcomm.com (servo.qualcomm.com [129.46.128.14])
+ by cygnus.com (8.6.12/8.6.9) with ESMTP id RAA18442
+ for <cypherpunks@toad.com>; Mon, 25 Sep 1995 17:52:47 -0700
+Received: (karn@localhost) by servo.qualcomm.com (8.6.12/QC-BSD-2.5.1)
+ id RAA14732; Mon, 25 Sep 1995 17:50:51 -0700
+Date: Mon, 25 Sep 1995 17:50:51 -0700
+From: Phil Karn <karn@qualcomm.com>
+Message-Id: <199509260050.RAA14732@servo.qualcomm.com>
+To: cypherpunks@toad.com, ipsec-dev@eit.com
+Subject: Primality verification needed
+Sender: owner-cypherpunks@toad.com
+Precedence: bulk
+Status: RO
+X-Status:
+
+Hi. I've generated a 2047-bit "strong" prime number that I would like to
+use with Diffie-Hellman key exchange. I assert that not only is this number
+'p' prime, but so is (p-1)/2.
+
+I've used the mpz_probab_prime() function in the Gnu Math Package (GMP) version
+1.3.2 to test this number. This function uses the Miller-Rabin primality test.
+However, to increase my confidence that this number really is a strong prime,
+I'd like to ask others to confirm it with other tests. Here's the number in hex:
+
+72a925f760b2f954ed287f1b0953f3e6aef92e456172f9fe86fdd8822241b9c9788fbc289982743e
+fbcd2ccf062b242d7a567ba8bbb40d79bca7b8e0b6c05f835a5b938d985816bc648985adcff5402a
+a76756b36c845a840a1d059ce02707e19cf47af0b5a882f32315c19d1b86a56c5389c5e9bee16b65
+fde7b1a8d74a7675de9b707d4c5a4633c0290c95ff30a605aeb7ae864ff48370f13cf01d49adb9f2
+3d19a439f753ee7703cf342d87f431105c843c78ca4df639931f3458fae8a94d1687e99a76ed99d0
+ba87189f42fd31ad8262c54a8cf5914ae6c28c540d714a5f6087a171fb74f4814c6f968d72386ef3
+56a05180c3bec7ddd5ef6fe76b1f717b
+
+The generator, g, for this prime is 2.
+
+Thanks!
+
+Phil Karn
+
+
diff --git a/src/lib/libcrypto/dh/generate b/src/lib/libcrypto/dh/generate
new file mode 100644
index 0000000000..5d407231df
--- /dev/null
+++ b/src/lib/libcrypto/dh/generate
@@ -0,0 +1,65 @@
+From: stewarts@ix.netcom.com (Bill Stewart)
+Newsgroups: sci.crypt
+Subject: Re: Diffie-Hellman key exchange
+Date: Wed, 11 Oct 1995 23:08:28 GMT
+Organization: Freelance Information Architect
+Lines: 32
+Message-ID: <45hir2$7l8@ixnews7.ix.netcom.com>
+References: <458rhn$76m$1@mhadf.production.compuserve.com>
+NNTP-Posting-Host: ix-pl4-16.ix.netcom.com
+X-NETCOM-Date: Wed Oct 11 4:09:22 PM PDT 1995
+X-Newsreader: Forte Free Agent 1.0.82
+
+Kent Briggs <72124.3234@CompuServe.COM> wrote:
+
+>I have a copy of the 1976 IEEE article describing the
+>Diffie-Hellman public key exchange algorithm: y=a^x mod q. I'm
+>looking for sources that give examples of secure a,q pairs and
+>possible some source code that I could examine.
+
+q should be prime, and ideally should be a "strong prime",
+which means it's of the form 2n+1 where n is also prime.
+q also needs to be long enough to prevent the attacks LaMacchia and
+Odlyzko described (some variant on a factoring attack which generates
+a large pile of simultaneous equations and then solves them);
+long enough is about the same size as factoring, so 512 bits may not
+be secure enough for most applications. (The 192 bits used by
+"secure NFS" was certainly not long enough.)
+
+a should be a generator for q, which means it needs to be
+relatively prime to q-1. Usually a small prime like 2, 3 or 5 will
+work.
+
+....
+
+Date: Tue, 26 Sep 1995 13:52:36 MST
+From: "Richard Schroeppel" <rcs@cs.arizona.edu>
+To: karn
+Cc: ho@cs.arizona.edu
+Subject: random large primes
+
+Since your prime is really random, proving it is hard.
+My personal limit on rigorously proved primes is ~350 digits.
+If you really want a proof, we should talk to Francois Morain,
+or the Australian group.
+
+If you want 2 to be a generator (mod P), then you need it
+to be a non-square. If (P-1)/2 is also prime, then
+non-square == primitive-root for bases << P.
+
+In the case at hand, this means 2 is a generator iff P = 11 (mod 24).
+If you want this, you should restrict your sieve accordingly.
+
+3 is a generator iff P = 5 (mod 12).
+
+5 is a generator iff P = 3 or 7 (mod 10).
+
+2 is perfectly usable as a base even if it's a non-generator, since
+it still covers half the space of possible residues. And an
+eavesdropper can always determine the low-bit of your exponent for
+a generator anyway.
+
+Rich rcs@cs.arizona.edu
+
+
+
diff --git a/src/lib/libcrypto/dh/p1024.c b/src/lib/libcrypto/dh/p1024.c
new file mode 100644
index 0000000000..0c50c24cfb
--- /dev/null
+++ b/src/lib/libcrypto/dh/p1024.c
@@ -0,0 +1,92 @@
+/* crypto/dh/p1024.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "bn.h"
+#include "asn1.h"
+#include "dh.h"
+#include "pem.h"
+
+unsigned char data[]={0x97,0xF6,0x42,0x61,0xCA,0xB5,0x05,0xDD,
+ 0x28,0x28,0xE1,0x3F,0x1D,0x68,0xB6,0xD3,
+ 0xDB,0xD0,0xF3,0x13,0x04,0x7F,0x40,0xE8,
+ 0x56,0xDA,0x58,0xCB,0x13,0xB8,0xA1,0xBF,
+ 0x2B,0x78,0x3A,0x4C,0x6D,0x59,0xD5,0xF9,
+ 0x2A,0xFC,0x6C,0xFF,0x3D,0x69,0x3F,0x78,
+ 0xB2,0x3D,0x4F,0x31,0x60,0xA9,0x50,0x2E,
+ 0x3E,0xFA,0xF7,0xAB,0x5E,0x1A,0xD5,0xA6,
+ 0x5E,0x55,0x43,0x13,0x82,0x8D,0xA8,0x3B,
+ 0x9F,0xF2,0xD9,0x41,0xDE,0xE9,0x56,0x89,
+ 0xFA,0xDA,0xEA,0x09,0x36,0xAD,0xDF,0x19,
+ 0x71,0xFE,0x63,0x5B,0x20,0xAF,0x47,0x03,
+ 0x64,0x60,0x3C,0x2D,0xE0,0x59,0xF5,0x4B,
+ 0x65,0x0A,0xD8,0xFA,0x0C,0xF7,0x01,0x21,
+ 0xC7,0x47,0x99,0xD7,0x58,0x71,0x32,0xBE,
+ 0x9B,0x99,0x9B,0xB9,0xB7,0x87,0xE8,0xAB,
+ };
+
+main()
+ {
+ DH *dh;
+
+ dh=DH_new();
+ dh->p=BN_bin2bn(data,sizeof(data),NULL);
+ dh->g=BN_new();
+ BN_set_word(dh->g,2);
+ PEM_write_DHparams(stdout,dh);
+ }
diff --git a/src/lib/libcrypto/dh/p192.c b/src/lib/libcrypto/dh/p192.c
new file mode 100644
index 0000000000..881908169a
--- /dev/null
+++ b/src/lib/libcrypto/dh/p192.c
@@ -0,0 +1,80 @@
+/* crypto/dh/p192.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "bn.h"
+#include "asn1.h"
+#include "dh.h"
+#include "pem.h"
+
+unsigned char data[]={
+0xD4,0xA0,0xBA,0x02,0x50,0xB6,0xFD,0x2E,
+0xC6,0x26,0xE7,0xEF,0xD6,0x37,0xDF,0x76,
+0xC7,0x16,0xE2,0x2D,0x09,0x44,0xB8,0x8B,
+ };
+
+main()
+ {
+ DH *dh;
+
+ dh=DH_new();
+ dh->p=BN_bin2bn(data,sizeof(data),NULL);
+ dh->g=BN_new();
+ BN_set_word(dh->g,3);
+ PEM_write_DHparams(stdout,dh);
+ }
diff --git a/src/lib/libcrypto/dh/p512.c b/src/lib/libcrypto/dh/p512.c
new file mode 100644
index 0000000000..cc84e8e50e
--- /dev/null
+++ b/src/lib/libcrypto/dh/p512.c
@@ -0,0 +1,85 @@
+/* crypto/dh/p512.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "bn.h"
+#include "asn1.h"
+#include "dh.h"
+#include "pem.h"
+
+unsigned char data[]={
+0xDA,0x58,0x3C,0x16,0xD9,0x85,0x22,0x89,
+0xD0,0xE4,0xAF,0x75,0x6F,0x4C,0xCA,0x92,
+0xDD,0x4B,0xE5,0x33,0xB8,0x04,0xFB,0x0F,
+0xED,0x94,0xEF,0x9C,0x8A,0x44,0x03,0xED,
+0x57,0x46,0x50,0xD3,0x69,0x99,0xDB,0x29,
+0xD7,0x76,0x27,0x6B,0xA2,0xD3,0xD4,0x12,
+0xE2,0x18,0xF4,0xDD,0x1E,0x08,0x4C,0xF6,
+0xD8,0x00,0x3E,0x7C,0x47,0x74,0xE8,0x33,
+ };
+
+main()
+ {
+ DH *dh;
+
+ dh=DH_new();
+ dh->p=BN_bin2bn(data,sizeof(data),NULL);
+ dh->g=BN_new();
+ BN_set_word(dh->g,2);
+ PEM_write_DHparams(stdout,dh);
+ }
diff --git a/src/lib/libcrypto/dsa/README b/src/lib/libcrypto/dsa/README
new file mode 100644
index 0000000000..6a7e9c170a
--- /dev/null
+++ b/src/lib/libcrypto/dsa/README
@@ -0,0 +1,4 @@
+The stuff in here is based on patches supplied to me by
+Steven Schoch <schoch@sheba.arc.nasa.gov> to do DSS.
+I have since modified a them a little but a debt of gratitude
+is due for doing the initial work.
diff --git a/src/lib/libcrypto/dsa/dsagen.c b/src/lib/libcrypto/dsa/dsagen.c
new file mode 100644
index 0000000000..20335de250
--- /dev/null
+++ b/src/lib/libcrypto/dsa/dsagen.c
@@ -0,0 +1,112 @@
+/* crypto/dsa/dsagen.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "dsa.h"
+
+#define TEST
+#define GENUINE_DSA
+
+#ifdef GENUINE_DSA
+#define LAST_VALUE 0xbd
+#else
+#define LAST_VALUE 0xd3
+#endif
+
+#ifdef TEST
+unsigned char seed[20]={
+ 0xd5,0x01,0x4e,0x4b,
+ 0x60,0xef,0x2b,0xa8,
+ 0xb6,0x21,0x1b,0x40,
+ 0x62,0xba,0x32,0x24,
+ 0xe0,0x42,0x7d,LAST_VALUE};
+#endif
+
+int cb(p,n)
+int p,n;
+ {
+ char c='*';
+
+ if (p == 0) c='.';
+ if (p == 1) c='+';
+ if (p == 2) c='*';
+ if (p == 3) c='\n';
+ printf("%c",c);
+ fflush(stdout);
+ }
+
+main()
+ {
+ int i;
+ BIGNUM *n;
+ BN_CTX *ctx;
+ unsigned char seed_buf[20];
+ DSA *dsa;
+ int counter,h;
+ BIO *bio_err=NULL;
+
+ if (bio_err == NULL)
+ bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
+
+ memcpy(seed_buf,seed,20);
+ dsa=DSA_generate_parameters(1024,seed,20,&counter,&h,cb);
+
+ if (dsa == NULL)
+ DSA_print(bio_err,dsa,0);
+ }
+
diff --git a/src/lib/libcrypto/dsa/dsatest.c b/src/lib/libcrypto/dsa/dsatest.c
new file mode 100644
index 0000000000..39bb712c4a
--- /dev/null
+++ b/src/lib/libcrypto/dsa/dsatest.c
@@ -0,0 +1,214 @@
+/* crypto/dsa/dsatest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include "crypto.h"
+#include "rand.h"
+#include "bio.h"
+#include "err.h"
+#include "dsa.h"
+#ifdef WINDOWS
+#include "../bio/bss_file.c"
+#endif
+
+#ifdef WIN16
+#define MS_CALLBACK _far _loadds
+#else
+#define MS_CALLBACK
+#endif
+
+#ifndef NOPROTO
+static void MS_CALLBACK dsa_cb(int p, int n, char *arg);
+#else
+static void MS_CALLBACK dsa_cb();
+#endif
+
+static unsigned char seed[20]={
+ 0xd5,0x01,0x4e,0x4b,0x60,0xef,0x2b,0xa8,0xb6,0x21,0x1b,0x40,
+ 0x62,0xba,0x32,0x24,0xe0,0x42,0x7d,0xd3,
+ };
+
+static unsigned char out_p[]={
+ 0x8d,0xf2,0xa4,0x94,0x49,0x22,0x76,0xaa,
+ 0x3d,0x25,0x75,0x9b,0xb0,0x68,0x69,0xcb,
+ 0xea,0xc0,0xd8,0x3a,0xfb,0x8d,0x0c,0xf7,
+ 0xcb,0xb8,0x32,0x4f,0x0d,0x78,0x82,0xe5,
+ 0xd0,0x76,0x2f,0xc5,0xb7,0x21,0x0e,0xaf,
+ 0xc2,0xe9,0xad,0xac,0x32,0xab,0x7a,0xac,
+ 0x49,0x69,0x3d,0xfb,0xf8,0x37,0x24,0xc2,
+ 0xec,0x07,0x36,0xee,0x31,0xc8,0x02,0x91,
+ };
+
+static unsigned char out_q[]={
+ 0xc7,0x73,0x21,0x8c,0x73,0x7e,0xc8,0xee,
+ 0x99,0x3b,0x4f,0x2d,0xed,0x30,0xf4,0x8e,
+ 0xda,0xce,0x91,0x5f,
+ };
+
+static unsigned char out_g[]={
+ 0x62,0x6d,0x02,0x78,0x39,0xea,0x0a,0x13,
+ 0x41,0x31,0x63,0xa5,0x5b,0x4c,0xb5,0x00,
+ 0x29,0x9d,0x55,0x22,0x95,0x6c,0xef,0xcb,
+ 0x3b,0xff,0x10,0xf3,0x99,0xce,0x2c,0x2e,
+ 0x71,0xcb,0x9d,0xe5,0xfa,0x24,0xba,0xbf,
+ 0x58,0xe5,0xb7,0x95,0x21,0x92,0x5c,0x9c,
+ 0xc4,0x2e,0x9f,0x6f,0x46,0x4b,0x08,0x8c,
+ 0xc5,0x72,0xaf,0x53,0xe6,0xd7,0x88,0x02,
+ };
+
+static BIO *bio_err=NULL;
+
+int main(argc, argv)
+int argc;
+char **argv;
+ {
+ DSA *dsa=NULL;
+ int counter,ret=0,i,j;
+ unsigned char buf[256];
+ unsigned long h;
+
+ if (bio_err == NULL)
+ bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
+
+ BIO_printf(bio_err,"test generation of DSA parameters\n");
+ BIO_printf(bio_err,"expect '.*' followed by 5 lines of '.'s and '+'s\n");
+ dsa=DSA_generate_parameters(512,seed,20,&counter,&h,dsa_cb,
+ (char *)bio_err);
+
+ BIO_printf(bio_err,"seed\n");
+ for (i=0; i<20; i+=4)
+ {
+ BIO_printf(bio_err,"%02X%02X%02X%02X ",
+ seed[i],seed[i+1],seed[i+2],seed[i+3]);
+ }
+ BIO_printf(bio_err,"\ncounter=%d h=%d\n",counter,h);
+
+ if (dsa == NULL) goto end;
+ DSA_print(bio_err,dsa,0);
+ if (counter != 105)
+ {
+ BIO_printf(bio_err,"counter should be 105\n");
+ goto end;
+ }
+ if (h != 2)
+ {
+ BIO_printf(bio_err,"h should be 2\n");
+ goto end;
+ }
+
+ i=BN_bn2bin(dsa->q,buf);
+ j=sizeof(out_q);
+ if ((i != j) || (memcmp(buf,out_q,i) != 0))
+ {
+ BIO_printf(bio_err,"q value is wrong\n");
+ goto end;
+ }
+
+ i=BN_bn2bin(dsa->p,buf);
+ j=sizeof(out_p);
+ if ((i != j) || (memcmp(buf,out_p,i) != 0))
+ {
+ BIO_printf(bio_err,"p value is wrong\n");
+ goto end;
+ }
+
+ i=BN_bn2bin(dsa->g,buf);
+ j=sizeof(out_g);
+ if ((i != j) || (memcmp(buf,out_g,i) != 0))
+ {
+ BIO_printf(bio_err,"g value is wrong\n");
+ goto end;
+ }
+
+ ret=1;
+end:
+ if (!ret)
+ ERR_print_errors(bio_err);
+ if (bio_err != NULL) BIO_free(bio_err);
+ if (dsa != NULL) DSA_free(dsa);
+ exit(!ret);
+ return(0);
+ }
+
+static void MS_CALLBACK dsa_cb(p, n, arg)
+int p;
+int n;
+char *arg;
+ {
+ char c='*';
+ static int ok=0,num=0;
+
+ if (p == 0) { c='.'; num++; };
+ if (p == 1) c='+';
+ if (p == 2) { c='*'; ok++; }
+ if (p == 3) c='\n';
+ BIO_write((BIO *)arg,&c,1);
+ BIO_flush((BIO *)arg);
+
+ if (!ok && (p == 0) && (num > 1))
+ {
+ BIO_printf((BIO *)arg,"error in dsatest\n");
+ exit(1);
+ }
+ }
+
+
diff --git a/src/lib/libcrypto/dsa/fips186a.txt b/src/lib/libcrypto/dsa/fips186a.txt
new file mode 100644
index 0000000000..3a2e0a0d51
--- /dev/null
+++ b/src/lib/libcrypto/dsa/fips186a.txt
@@ -0,0 +1,122 @@
+The origional FIPE 180 used SHA-0 (FIPS 180) for its appendix 5
+examples. This is an updated version that uses SHA-1 (FIPS 180-1)
+supplied to me by Wei Dai
+--
+ APPENDIX 5. EXAMPLE OF THE DSA
+
+
+This appendix is for informational purposes only and is not required to meet
+the standard.
+
+Let L = 512 (size of p). The values in this example are expressed in
+hexadecimal notation. The p and q given here were generated by the prime
+generation standard described in appendix 2 using the 160-bit SEED:
+
+ d5014e4b 60ef2ba8 b6211b40 62ba3224 e0427dd3
+
+With this SEED, the algorithm found p and q when the counter was at 105.
+
+x was generated by the algorithm described in appendix 3, section 3.1, using
+the SHA to construct G (as in appendix 3, section 3.3) and a 160-bit XSEED:
+
+XSEED =
+
+ bd029bbe 7f51960b cf9edb2b 61f06f0f eb5a38b6
+
+t =
+ 67452301 EFCDAB89 98BADCFE 10325476 C3D2E1F0
+
+x = G(t,XSEED) mod q
+
+k was generated by the algorithm described in appendix 3, section 3.2, using
+the SHA to construct G (as in appendix 3, section 3.3) and a 160-bit KSEED:
+
+KSEED =
+
+ 687a66d9 0648f993 867e121f 4ddf9ddb 01205584
+
+t =
+ EFCDAB89 98BADCFE 10325476 C3D2E1F0 67452301
+
+k = G(t,KSEED) mod q
+
+Finally:
+
+h = 2
+
+p =
+ 8df2a494 492276aa 3d25759b b06869cb eac0d83a fb8d0cf7
+ cbb8324f 0d7882e5 d0762fc5 b7210eaf c2e9adac 32ab7aac
+ 49693dfb f83724c2 ec0736ee 31c80291
+
+
+q =
+ c773218c 737ec8ee 993b4f2d ed30f48e dace915f
+
+
+g =
+ 626d0278 39ea0a13 413163a5 5b4cb500 299d5522 956cefcb
+ 3bff10f3 99ce2c2e 71cb9de5 fa24babf 58e5b795 21925c9c
+ c42e9f6f 464b088c c572af53 e6d78802
+
+
+x =
+ 2070b322 3dba372f de1c0ffc 7b2e3b49 8b260614
+
+
+k =
+ 358dad57 1462710f 50e254cf 1a376b2b deaadfbf
+
+
+kinv =
+
+ 0d516729 8202e49b 4116ac10 4fc3f415 ae52f917
+
+M = ASCII form of "abc" (See FIPS PUB 180-1, Appendix A)
+
+SHA(M) =
+
+ a9993e36 4706816a ba3e2571 7850c26c 9cd0d89d
+
+
+y =
+
+ 19131871 d75b1612 a819f29d 78d1b0d7 346f7aa7 7bb62a85
+ 9bfd6c56 75da9d21 2d3a36ef 1672ef66 0b8c7c25 5cc0ec74
+ 858fba33 f44c0669 9630a76b 030ee333
+
+
+r =
+ 8bac1ab6 6410435c b7181f95 b16ab97c 92b341c0
+
+s =
+ 41e2345f 1f56df24 58f426d1 55b4ba2d b6dcd8c8
+
+
+w =
+ 9df4ece5 826be95f ed406d41 b43edc0b 1c18841b
+
+
+u1 =
+ bf655bd0 46f0b35e c791b004 804afcbb 8ef7d69d
+
+
+u2 =
+ 821a9263 12e97ade abcc8d08 2b527897 8a2df4b0
+
+
+gu1 mod p =
+
+ 51b1bf86 7888e5f3 af6fb476 9dd016bc fe667a65 aafc2753
+ 9063bd3d 2b138b4c e02cc0c0 2ec62bb6 7306c63e 4db95bbf
+ 6f96662a 1987a21b e4ec1071 010b6069
+
+
+yu2 mod p =
+
+ 8b510071 2957e950 50d6b8fd 376a668e 4b0d633c 1e46e665
+ 5c611a72 e2b28483 be52c74d 4b30de61 a668966e dc307a67
+ c19441f4 22bf3c34 08aeba1f 0a4dbec7
+
+v =
+ 8bac1ab6 6410435c b7181f95 b16ab97c 92b341c0
diff --git a/src/lib/libcrypto/evp/e_dsa.c b/src/lib/libcrypto/evp/e_dsa.c
new file mode 100644
index 0000000000..6715c3e95e
--- /dev/null
+++ b/src/lib/libcrypto/evp/e_dsa.c
@@ -0,0 +1,71 @@
+/* crypto/evp/e_dsa.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+static EVP_PKEY_METHOD dss_method=
+ {
+ DSA_sign,
+ DSA_verify,
+ {EVP_PKEY_DSA,EVP_PKEY_DSA2,EVP_PKEY_DSA3,NULL},
+ };
+
diff --git a/src/lib/libcrypto/evp/m_md2.c b/src/lib/libcrypto/evp/m_md2.c
new file mode 100644
index 0000000000..2209416142
--- /dev/null
+++ b/src/lib/libcrypto/evp/m_md2.c
@@ -0,0 +1,82 @@
+/* crypto/evp/m_md2.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+static EVP_MD md2_md=
+ {
+ NID_md2,
+ NID_md2WithRSAEncryption,
+ MD2_DIGEST_LENGTH,
+ MD2_Init,
+ MD2_Update,
+ MD2_Final,
+ EVP_PKEY_RSA_method,
+ MD2_BLOCK,
+ sizeof(EVP_MD *)+sizeof(MD2_CTX),
+ };
+
+EVP_MD *EVP_md2()
+ {
+ return(&md2_md);
+ }
+
diff --git a/src/lib/libcrypto/evp/m_mdc2.c b/src/lib/libcrypto/evp/m_mdc2.c
new file mode 100644
index 0000000000..64a853eb7f
--- /dev/null
+++ b/src/lib/libcrypto/evp/m_mdc2.c
@@ -0,0 +1,81 @@
+/* crypto/evp/m_mdc2.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+static EVP_MD mdc2_md=
+ {
+ NID_mdc2,
+ NID_mdc2WithRSA,
+ MDC2_DIGEST_LENGTH,
+ MDC2_Init,
+ MDC2_Update,
+ MDC2_Final,
+ EVP_PKEY_RSA_ASN1_OCTET_STRING_method,
+ MDC2_BLOCK,
+ sizeof(EVP_MD *)+sizeof(MDC2_CTX),
+ };
+
+EVP_MD *EVP_mdc2()
+ {
+ return(&mdc2_md);
+ }
diff --git a/src/lib/libcrypto/evp/m_sha.c b/src/lib/libcrypto/evp/m_sha.c
new file mode 100644
index 0000000000..af4e434a22
--- /dev/null
+++ b/src/lib/libcrypto/evp/m_sha.c
@@ -0,0 +1,82 @@
+/* crypto/evp/m_sha.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+static EVP_MD sha_md=
+ {
+ NID_sha,
+ NID_shaWithRSAEncryption,
+ SHA_DIGEST_LENGTH,
+ SHA_Init,
+ SHA_Update,
+ SHA_Final,
+ EVP_PKEY_RSA_method,
+ SHA_CBLOCK,
+ sizeof(EVP_MD *)+sizeof(SHA_CTX),
+ };
+
+EVP_MD *EVP_sha()
+ {
+ return(&sha_md);
+ }
+
diff --git a/src/lib/libcrypto/hmac/hmactest.c b/src/lib/libcrypto/hmac/hmactest.c
new file mode 100644
index 0000000000..5938e375dc
--- /dev/null
+++ b/src/lib/libcrypto/hmac/hmactest.c
@@ -0,0 +1,147 @@
+/* crypto/hmac/hmactest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include "hmac.h"
+
+struct test_st
+ {
+ unsigned char key[16];
+ int key_len;
+ unsigned char data[64];
+ int data_len;
+ unsigned char *digest;
+ } test[4]={
+ { "",
+ 0,
+ "More text test vectors to stuff up EBCDIC machines :-)",
+ 54,
+ (unsigned char *)"e9139d1e6ee064ef8cf514fc7dc83e86",
+ },{ {0x0b,0x0b,0x0b,0x0b,0x0b,0x0b,0x0b,0x0b,
+ 0x0b,0x0b,0x0b,0x0b,0x0b,0x0b,0x0b,0x0b,},
+ 16,
+ "Hi There",
+ 8,
+ (unsigned char *)"9294727a3638bb1c13f48ef8158bfc9d",
+ },{ "Jefe",
+ 4,
+ "what do ya want for nothing?",
+ 28,
+ (unsigned char *)"750c783e6ab0b503eaa86e310a5db738",
+ },{
+ {0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,
+ 0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,},
+ 16,
+ {0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,
+ 0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,
+ 0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,
+ 0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,
+ 0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,
+ 0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,
+ 0xdd,0xdd},
+ 50,
+ (unsigned char *)"56be34521d144c88dbb8c733f0e8b3f6",
+ },
+ };
+
+
+#ifndef NOPROTO
+static char *pt(unsigned char *md);
+#else
+static char *pt();
+#endif
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ int i,err=0;
+ char *p;
+
+ for (i=0; i<4; i++)
+ {
+ p=pt(HMAC(EVP_md5(),
+ test[i].key, test[i].key_len,
+ test[i].data, test[i].data_len,
+ NULL,NULL));
+
+ if (strcmp(p,(char *)test[i].digest) != 0)
+ {
+ printf("error calculating HMAC on %d entry'\n",i);
+ printf("got %s instead of %s\n",p,test[i].digest);
+ err++;
+ }
+ else
+ printf("test %d ok\n",i);
+ }
+ exit(err);
+ return(0);
+ }
+
+static char *pt(md)
+unsigned char *md;
+ {
+ int i;
+ static char buf[80];
+
+ for (i=0; i<MD5_DIGEST_LENGTH; i++)
+ sprintf(&(buf[i*2]),"%02x",md[i]);
+ return(buf);
+ }
diff --git a/src/lib/libcrypto/lhash/lh_test.c b/src/lib/libcrypto/lhash/lh_test.c
new file mode 100644
index 0000000000..294b42bc82
--- /dev/null
+++ b/src/lib/libcrypto/lhash/lh_test.c
@@ -0,0 +1,89 @@
+/* crypto/lhash/lh_test.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "lhash.h"
+
+main()
+ {
+ LHASH *conf;
+ char buf[256];
+ int i;
+
+ conf=lh_new(lh_strhash,strcmp);
+ for (;;)
+ {
+ char *p;
+
+ buf[0]='\0';
+ fgets(buf,256,stdin);
+ if (buf[0] == '\0') break;
+ buf[256]='\0';
+ i=strlen(buf);
+ p=Malloc(i+1);
+ memcpy(p,buf,i+1);
+ lh_insert(conf,p);
+ }
+
+ lh_node_stats(conf,stdout);
+ lh_stats(conf,stdout);
+ lh_node_usage_stats(conf,stdout);
+ exit(0);
+ }
diff --git a/src/lib/libcrypto/lhash/num.pl b/src/lib/libcrypto/lhash/num.pl
new file mode 100644
index 0000000000..4d937c1f90
--- /dev/null
+++ b/src/lib/libcrypto/lhash/num.pl
@@ -0,0 +1,17 @@
+#!/usr/bin/perl
+
+#node 10 -> 4
+
+while (<>)
+ {
+ next unless /^node/;
+ chop;
+ @a=split;
+ $num{$a[3]}++;
+ }
+
+@a=sort {$a <=> $b } keys %num;
+foreach (0 .. $a[$#a])
+ {
+ printf "%4d:%4d\n",$_,$num{$_};
+ }
diff --git a/src/lib/libcrypto/md2/md2.c b/src/lib/libcrypto/md2/md2.c
new file mode 100644
index 0000000000..7f3ab64a43
--- /dev/null
+++ b/src/lib/libcrypto/md2/md2.c
@@ -0,0 +1,136 @@
+/* crypto/md2/md2.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "md2.h"
+
+#define BUFSIZE 1024*16
+
+#ifndef NOPROTO
+void do_fp(FILE *f);
+void pt(unsigned char *md);
+int read(int, void *, unsigned int);
+void exit(int);
+#else
+void do_fp();
+void pt();
+int read();
+void exit();
+#endif
+
+int main(argc, argv)
+int argc;
+char *argv[];
+ {
+ int i,err=0;
+ FILE *IN;
+
+ if (argc == 1)
+ {
+ do_fp(stdin);
+ }
+ else
+ {
+ for (i=1; i<argc; i++)
+ {
+ IN=fopen(argv[i],"r");
+ if (IN == NULL)
+ {
+ perror(argv[i]);
+ err++;
+ continue;
+ }
+ printf("MD2(%s)= ",argv[i]);
+ do_fp(IN);
+ fclose(IN);
+ }
+ }
+ exit(err);
+ return(err);
+ }
+
+void do_fp(f)
+FILE *f;
+ {
+ MD2_CTX c;
+ unsigned char md[MD2_DIGEST_LENGTH];
+ int fd,i;
+ static unsigned char buf[BUFSIZE];
+
+ fd=fileno(f);
+ MD2_Init(&c);
+ for (;;)
+ {
+ i=read(fd,buf,BUFSIZE);
+ if (i <= 0) break;
+ MD2_Update(&c,buf,(unsigned long)i);
+ }
+ MD2_Final(&(md[0]),&c);
+ pt(md);
+ }
+
+void pt(md)
+unsigned char *md;
+ {
+ int i;
+
+ for (i=0; i<MD2_DIGEST_LENGTH; i++)
+ printf("%02x",md[i]);
+ printf("\n");
+ }
diff --git a/src/lib/libcrypto/md2/md2_dgst.c b/src/lib/libcrypto/md2/md2_dgst.c
new file mode 100644
index 0000000000..5cbd36f3fe
--- /dev/null
+++ b/src/lib/libcrypto/md2/md2_dgst.c
@@ -0,0 +1,235 @@
+/* crypto/md2/md2_dgst.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "md2.h"
+
+char *MD2_version="MD2 part of SSLeay 0.9.0b 29-Jun-1998";
+
+/* Implemented from RFC1319 The MD2 Message-Digest Algorithm
+ */
+
+#define UCHAR unsigned char
+
+#ifndef NOPROTO
+static void md2_block(MD2_CTX *c, unsigned char *d);
+#else
+static void md2_block();
+#endif
+
+/* The magic S table - I have converted it to hex since it is
+ * basicaly just a random byte string. */
+static MD2_INT S[256]={
+ 0x29, 0x2E, 0x43, 0xC9, 0xA2, 0xD8, 0x7C, 0x01,
+ 0x3D, 0x36, 0x54, 0xA1, 0xEC, 0xF0, 0x06, 0x13,
+ 0x62, 0xA7, 0x05, 0xF3, 0xC0, 0xC7, 0x73, 0x8C,
+ 0x98, 0x93, 0x2B, 0xD9, 0xBC, 0x4C, 0x82, 0xCA,
+ 0x1E, 0x9B, 0x57, 0x3C, 0xFD, 0xD4, 0xE0, 0x16,
+ 0x67, 0x42, 0x6F, 0x18, 0x8A, 0x17, 0xE5, 0x12,
+ 0xBE, 0x4E, 0xC4, 0xD6, 0xDA, 0x9E, 0xDE, 0x49,
+ 0xA0, 0xFB, 0xF5, 0x8E, 0xBB, 0x2F, 0xEE, 0x7A,
+ 0xA9, 0x68, 0x79, 0x91, 0x15, 0xB2, 0x07, 0x3F,
+ 0x94, 0xC2, 0x10, 0x89, 0x0B, 0x22, 0x5F, 0x21,
+ 0x80, 0x7F, 0x5D, 0x9A, 0x5A, 0x90, 0x32, 0x27,
+ 0x35, 0x3E, 0xCC, 0xE7, 0xBF, 0xF7, 0x97, 0x03,
+ 0xFF, 0x19, 0x30, 0xB3, 0x48, 0xA5, 0xB5, 0xD1,
+ 0xD7, 0x5E, 0x92, 0x2A, 0xAC, 0x56, 0xAA, 0xC6,
+ 0x4F, 0xB8, 0x38, 0xD2, 0x96, 0xA4, 0x7D, 0xB6,
+ 0x76, 0xFC, 0x6B, 0xE2, 0x9C, 0x74, 0x04, 0xF1,
+ 0x45, 0x9D, 0x70, 0x59, 0x64, 0x71, 0x87, 0x20,
+ 0x86, 0x5B, 0xCF, 0x65, 0xE6, 0x2D, 0xA8, 0x02,
+ 0x1B, 0x60, 0x25, 0xAD, 0xAE, 0xB0, 0xB9, 0xF6,
+ 0x1C, 0x46, 0x61, 0x69, 0x34, 0x40, 0x7E, 0x0F,
+ 0x55, 0x47, 0xA3, 0x23, 0xDD, 0x51, 0xAF, 0x3A,
+ 0xC3, 0x5C, 0xF9, 0xCE, 0xBA, 0xC5, 0xEA, 0x26,
+ 0x2C, 0x53, 0x0D, 0x6E, 0x85, 0x28, 0x84, 0x09,
+ 0xD3, 0xDF, 0xCD, 0xF4, 0x41, 0x81, 0x4D, 0x52,
+ 0x6A, 0xDC, 0x37, 0xC8, 0x6C, 0xC1, 0xAB, 0xFA,
+ 0x24, 0xE1, 0x7B, 0x08, 0x0C, 0xBD, 0xB1, 0x4A,
+ 0x78, 0x88, 0x95, 0x8B, 0xE3, 0x63, 0xE8, 0x6D,
+ 0xE9, 0xCB, 0xD5, 0xFE, 0x3B, 0x00, 0x1D, 0x39,
+ 0xF2, 0xEF, 0xB7, 0x0E, 0x66, 0x58, 0xD0, 0xE4,
+ 0xA6, 0x77, 0x72, 0xF8, 0xEB, 0x75, 0x4B, 0x0A,
+ 0x31, 0x44, 0x50, 0xB4, 0x8F, 0xED, 0x1F, 0x1A,
+ 0xDB, 0x99, 0x8D, 0x33, 0x9F, 0x11, 0x83, 0x14,
+ };
+
+char *MD2_options()
+ {
+ if (sizeof(MD2_INT) == 1)
+ return("md2(char)");
+ else
+ return("md2(int)");
+ }
+
+void MD2_Init(c)
+MD2_CTX *c;
+ {
+ c->num=0;
+ memset(c->state,0,MD2_BLOCK*sizeof(MD2_INT));
+ memset(c->cksm,0,MD2_BLOCK*sizeof(MD2_INT));
+ memset(c->data,0,MD2_BLOCK);
+ }
+
+void MD2_Update(c, data, len)
+MD2_CTX *c;
+register unsigned char *data;
+unsigned long len;
+ {
+ register UCHAR *p;
+
+ if (len == 0) return;
+
+ p=c->data;
+ if (c->num != 0)
+ {
+ if ((c->num+len) >= MD2_BLOCK)
+ {
+ memcpy(&(p[c->num]),data,MD2_BLOCK-c->num);
+ md2_block(c,c->data);
+ data+=(MD2_BLOCK - c->num);
+ len-=(MD2_BLOCK - c->num);
+ c->num=0;
+ /* drop through and do the rest */
+ }
+ else
+ {
+ memcpy(&(p[c->num]),data,(int)len);
+ /* data+=len; */
+ c->num+=(int)len;
+ return;
+ }
+ }
+ /* we now can process the input data in blocks of MD2_BLOCK
+ * chars and save the leftovers to c->data. */
+ while (len >= MD2_BLOCK)
+ {
+ md2_block(c,data);
+ data+=MD2_BLOCK;
+ len-=MD2_BLOCK;
+ }
+ memcpy(p,data,(int)len);
+ c->num=(int)len;
+ }
+
+static void md2_block(c, d)
+MD2_CTX *c;
+unsigned char *d;
+ {
+ register MD2_INT t,*sp1,*sp2;
+ register int i,j;
+ MD2_INT state[48];
+
+ sp1=c->state;
+ sp2=c->cksm;
+ j=sp2[MD2_BLOCK-1];
+ for (i=0; i<16; i++)
+ {
+ state[i]=sp1[i];
+ state[i+16]=t=d[i];
+ state[i+32]=(t^sp1[i]);
+ j=sp2[i]^=S[t^j];
+ }
+ t=0;
+ for (i=0; i<18; i++)
+ {
+ for (j=0; j<48; j+=8)
+ {
+ t= state[j+ 0]^=S[t];
+ t= state[j+ 1]^=S[t];
+ t= state[j+ 2]^=S[t];
+ t= state[j+ 3]^=S[t];
+ t= state[j+ 4]^=S[t];
+ t= state[j+ 5]^=S[t];
+ t= state[j+ 6]^=S[t];
+ t= state[j+ 7]^=S[t];
+ }
+ t=(t+i)&0xff;
+ }
+ memcpy(sp1,state,16*sizeof(MD2_INT));
+ memset(state,0,48*sizeof(MD2_INT));
+ }
+
+void MD2_Final(md, c)
+unsigned char *md;
+MD2_CTX *c;
+ {
+ int i,v;
+ register UCHAR *cp;
+ register MD2_INT *p1,*p2;
+
+ cp=c->data;
+ p1=c->state;
+ p2=c->cksm;
+ v=MD2_BLOCK-c->num;
+ for (i=c->num; i<MD2_BLOCK; i++)
+ cp[i]=(UCHAR)v;
+
+ md2_block(c,cp);
+
+ for (i=0; i<MD2_BLOCK; i++)
+ cp[i]=(UCHAR)p2[i];
+ md2_block(c,cp);
+
+ for (i=0; i<16; i++)
+ md[i]=(UCHAR)(p1[i]&0xff);
+ memset((char *)&c,0,sizeof(c));
+ }
+
diff --git a/src/lib/libcrypto/md2/md2_one.c b/src/lib/libcrypto/md2/md2_one.c
new file mode 100644
index 0000000000..513bf62fdb
--- /dev/null
+++ b/src/lib/libcrypto/md2/md2_one.c
@@ -0,0 +1,80 @@
+/* crypto/md2/md2_one.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "md2.h"
+
+/* This is a separate file so that #defines in cryptlib.h can
+ * map my MD functions to different names */
+
+unsigned char *MD2(d, n, md)
+unsigned char *d;
+unsigned long n;
+unsigned char *md;
+ {
+ MD2_CTX c;
+ static unsigned char m[MD2_DIGEST_LENGTH];
+
+ if (md == NULL) md=m;
+ MD2_Init(&c);
+ MD2_Update(&c,d,n);
+ MD2_Final(md,&c);
+ memset(&c,0,sizeof(c)); /* Security consideration */
+ return(md);
+ }
diff --git a/src/lib/libcrypto/md2/md2test.c b/src/lib/libcrypto/md2/md2test.c
new file mode 100644
index 0000000000..55924d44cd
--- /dev/null
+++ b/src/lib/libcrypto/md2/md2test.c
@@ -0,0 +1,130 @@
+/* crypto/md2/md2test.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "md2.h"
+
+char *test[]={
+ "",
+ "a",
+ "abc",
+ "message digest",
+ "abcdefghijklmnopqrstuvwxyz",
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
+ "12345678901234567890123456789012345678901234567890123456789012345678901234567890",
+ NULL,
+ };
+
+char *ret[]={
+ "8350e5a3e24c153df2275c9f80692773",
+ "32ec01ec4a6dac72c0ab96fb34c0b5d1",
+ "da853b0d3f88d99b30283a69e6ded6bb",
+ "ab4f496bfb2a530b219ff33031fe06b0",
+ "4e8ddff3650292ab5a4108c3aa47940b",
+ "da33def2a42df13975352846c30338cd",
+ "d5976f79d83d3a0dc9806c3c66f3efd8",
+ };
+
+#ifndef NOPROTO
+static char *pt(unsigned char *md);
+#else
+static char *pt();
+#endif
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ int i,err=0;
+ char **P,**R;
+ char *p;
+
+ P=test;
+ R=ret;
+ i=1;
+ while (*P != NULL)
+ {
+ p=pt(MD2((unsigned char *)*P,(unsigned long)strlen(*P),NULL));
+ if (strcmp(p,*R) != 0)
+ {
+ printf("error calculating MD2 on '%s'\n",*P);
+ printf("got %s instead of %s\n",p,*R);
+ err++;
+ }
+ else
+ printf("test %d ok\n",i);
+ i++;
+ R++;
+ P++;
+ }
+ exit(err);
+ return(0);
+ }
+
+static char *pt(md)
+unsigned char *md;
+ {
+ int i;
+ static char buf[80];
+
+ for (i=0; i<MD2_DIGEST_LENGTH; i++)
+ sprintf(&(buf[i*2]),"%02x",md[i]);
+ return(buf);
+ }
diff --git a/src/lib/libcrypto/md5/md5.c b/src/lib/libcrypto/md5/md5.c
new file mode 100644
index 0000000000..9d6f5a6003
--- /dev/null
+++ b/src/lib/libcrypto/md5/md5.c
@@ -0,0 +1,135 @@
+/* crypto/md5/md5.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "md5.h"
+
+#define BUFSIZE 1024*16
+
+#ifndef NOPROTO
+void do_fp(FILE *f);
+void pt(unsigned char *md);
+int read(int, void *, unsigned int);
+#else
+void do_fp();
+void pt();
+int read();
+#endif
+
+int main(argc, argv)
+int argc;
+char **argv;
+ {
+ int i,err=0;
+ FILE *IN;
+
+ if (argc == 1)
+ {
+ do_fp(stdin);
+ }
+ else
+ {
+ for (i=1; i<argc; i++)
+ {
+ IN=fopen(argv[i],"r");
+ if (IN == NULL)
+ {
+ perror(argv[i]);
+ err++;
+ continue;
+ }
+ printf("MD5(%s)= ",argv[i]);
+ do_fp(IN);
+ fclose(IN);
+ }
+ }
+ exit(err);
+ }
+
+void do_fp(f)
+FILE *f;
+ {
+ MD5_CTX c;
+ unsigned char md[MD5_DIGEST_LENGTH];
+ int fd;
+ int i;
+ static unsigned char buf[BUFSIZE];
+
+ fd=fileno(f);
+ MD5_Init(&c);
+ for (;;)
+ {
+ i=read(fd,buf,BUFSIZE);
+ if (i <= 0) break;
+ MD5_Update(&c,buf,(unsigned long)i);
+ }
+ MD5_Final(&(md[0]),&c);
+ pt(md);
+ }
+
+void pt(md)
+unsigned char *md;
+ {
+ int i;
+
+ for (i=0; i<MD5_DIGEST_LENGTH; i++)
+ printf("%02x",md[i]);
+ printf("\n");
+ }
+
diff --git a/src/lib/libcrypto/md5/md5s.cpp b/src/lib/libcrypto/md5/md5s.cpp
new file mode 100644
index 0000000000..ef8e175df0
--- /dev/null
+++ b/src/lib/libcrypto/md5/md5s.cpp
@@ -0,0 +1,78 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+ asm volatile(".byte 15, 49\n\t"
+ : "=eax" (tsc)
+ :
+ : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+ unsigned long a;
+ __asm _emit 0fh
+ __asm _emit 31h
+ __asm mov a, eax;
+ tsc=a;
+}
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "md5.h"
+
+extern "C" {
+void md5_block_x86(MD5_CTX *ctx, unsigned char *buffer,int num);
+}
+
+void main(int argc,char *argv[])
+ {
+ unsigned char buffer[64*256];
+ MD5_CTX ctx;
+ unsigned long s1,s2,e1,e2;
+ unsigned char k[16];
+ unsigned long data[2];
+ unsigned char iv[8];
+ int i,num=0,numm;
+ int j=0;
+
+ if (argc >= 2)
+ num=atoi(argv[1]);
+
+ if (num == 0) num=16;
+ if (num > 250) num=16;
+ numm=num+2;
+ num*=64;
+ numm*=64;
+
+ for (j=0; j<6; j++)
+ {
+ for (i=0; i<10; i++) /**/
+ {
+ md5_block_x86(&ctx,buffer,numm);
+ GetTSC(s1);
+ md5_block_x86(&ctx,buffer,numm);
+ GetTSC(e1);
+ GetTSC(s2);
+ md5_block_x86(&ctx,buffer,num);
+ GetTSC(e2);
+ md5_block_x86(&ctx,buffer,num);
+ }
+ printf("md5 (%d bytes) %d %d (%.2f)\n",num,
+ e1-s1,e2-s2,(double)((e1-s1)-(e2-s2))/2);
+ }
+ }
+
diff --git a/src/lib/libcrypto/md5/md5test.c b/src/lib/libcrypto/md5/md5test.c
new file mode 100644
index 0000000000..74b84bc67f
--- /dev/null
+++ b/src/lib/libcrypto/md5/md5test.c
@@ -0,0 +1,130 @@
+/* crypto/md5/md5test.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include "md5.h"
+
+char *test[]={
+ "",
+ "a",
+ "abc",
+ "message digest",
+ "abcdefghijklmnopqrstuvwxyz",
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
+ "12345678901234567890123456789012345678901234567890123456789012345678901234567890",
+ NULL,
+ };
+
+char *ret[]={
+ "d41d8cd98f00b204e9800998ecf8427e",
+ "0cc175b9c0f1b6a831c399e269772661",
+ "900150983cd24fb0d6963f7d28e17f72",
+ "f96b697d7cb7938d525a2f31aaf161d0",
+ "c3fcd3d76192e4007dfb496cca67e13b",
+ "d174ab98d277d9f5a5611c2c9f419d9f",
+ "57edf4a22be3c955ac49da2e2107b67a",
+ };
+
+#ifndef NOPROTO
+static char *pt(unsigned char *md);
+#else
+static char *pt();
+#endif
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ int i,err=0;
+ unsigned char **P,**R;
+ char *p;
+
+ P=(unsigned char **)test;
+ R=(unsigned char **)ret;
+ i=1;
+ while (*P != NULL)
+ {
+ p=pt(MD5(&(P[0][0]),(unsigned long)strlen((char *)*P),NULL));
+ if (strcmp(p,(char *)*R) != 0)
+ {
+ printf("error calculating MD5 on '%s'\n",*P);
+ printf("got %s instead of %s\n",p,*R);
+ err++;
+ }
+ else
+ printf("test %d ok\n",i);
+ i++;
+ R++;
+ P++;
+ }
+ exit(err);
+ return(0);
+ }
+
+static char *pt(md)
+unsigned char *md;
+ {
+ int i;
+ static char buf[80];
+
+ for (i=0; i<MD5_DIGEST_LENGTH; i++)
+ sprintf(&(buf[i*2]),"%02x",md[i]);
+ return(buf);
+ }
diff --git a/src/lib/libcrypto/mdc2/mdc2.h b/src/lib/libcrypto/mdc2/mdc2.h
new file mode 100644
index 0000000000..0b104be184
--- /dev/null
+++ b/src/lib/libcrypto/mdc2/mdc2.h
@@ -0,0 +1,100 @@
+/* crypto/mdc2/mdc2.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_MDC2_H
+#define HEADER_MDC2_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include "des.h"
+
+#define MDC2_BLOCK 8
+#define MDC2_DIGEST_LENGTH 16
+
+typedef struct mdc2_ctx_st
+ {
+ int num;
+ unsigned char data[MDC2_BLOCK];
+ des_cblock h,hh;
+ int pad_type; /* either 1 or 2, default 1 */
+ } MDC2_CTX;
+
+#ifndef NOPROTO
+
+void MDC2_Init(MDC2_CTX *c);
+void MDC2_Update(MDC2_CTX *c, unsigned char *data, unsigned long len);
+void MDC2_Final(unsigned char *md, MDC2_CTX *c);
+unsigned char *MDC2(unsigned char *d, unsigned long n, unsigned char *md);
+
+#else
+
+void MDC2_Init();
+void MDC2_Update();
+void MDC2_Final();
+unsigned char *MDC2();
+
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
+
diff --git a/src/lib/libcrypto/mem.c b/src/lib/libcrypto/mem.c
new file mode 100644
index 0000000000..72e501ad0f
--- /dev/null
+++ b/src/lib/libcrypto/mem.c
@@ -0,0 +1,353 @@
+/* crypto/mem.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "buffer.h"
+#include "bio.h"
+#include "lhash.h"
+#include "cryptlib.h"
+
+static int mh_mode=CRYPTO_MEM_CHECK_OFF;
+static unsigned long order=0;
+
+static LHASH *mh=NULL;
+
+typedef struct mem_st
+ {
+ char *addr;
+ int num;
+ char *file;
+ int line;
+ unsigned long order;
+ } MEM;
+
+int CRYPTO_mem_ctrl(mode)
+int mode;
+ {
+ int ret=mh_mode;
+
+ CRYPTO_w_lock(CRYPTO_LOCK_MALLOC);
+ switch (mode)
+ {
+ case CRYPTO_MEM_CHECK_ON:
+ mh_mode|=CRYPTO_MEM_CHECK_ON;
+ break;
+ case CRYPTO_MEM_CHECK_OFF:
+ mh_mode&= ~CRYPTO_MEM_CHECK_ON;
+ break;
+ default:
+ break;
+ }
+ CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC);
+ return(ret);
+ }
+
+static int mem_cmp(a,b)
+MEM *a,*b;
+ {
+ return(a->addr - b->addr);
+ }
+
+static unsigned long mem_hash(a)
+MEM *a;
+ {
+ unsigned long ret;
+
+ ret=(unsigned long)a->addr;
+
+ ret=ret*17851+(ret>>14)*7+(ret>>4)*251;
+ return(ret);
+ }
+
+static char *(*malloc_func)()= (char *(*)())malloc;
+static char *(*realloc_func)()= (char *(*)())realloc;
+static void (*free_func)()= (void (*)())free;
+
+void CRYPTO_set_mem_functions(m,r,f)
+char *(*m)();
+char *(*r)();
+void (*f)();
+ {
+ if ((m == NULL) || (r == NULL) || (f == NULL)) return;
+ malloc_func=m;
+ realloc_func=r;
+ free_func=f;
+ }
+
+void CRYPTO_get_mem_functions(m,r,f)
+char *(**m)();
+char *(**r)();
+void (**f)();
+ {
+ if (m != NULL) *m=malloc_func;
+ if (r != NULL) *r=realloc_func;
+ if (f != NULL) *f=free_func;
+ }
+
+char *CRYPTO_malloc(num)
+int num;
+ {
+ return(malloc_func(num));
+ }
+
+char *CRYPTO_realloc(str,num)
+char *str;
+int num;
+ {
+ return(realloc_func(str,num));
+ }
+
+void CRYPTO_free(str)
+char *str;
+ {
+ free_func(str);
+ }
+
+char *CRYPTO_dbg_malloc(num,file,line)
+int num;
+char *file;
+int line;
+ {
+ char *ret;
+ MEM *m,*mm;
+
+ if ((ret=malloc_func(num)) == NULL)
+ return(NULL);
+
+ if (mh_mode & CRYPTO_MEM_CHECK_ON)
+ {
+ if ((m=(MEM *)malloc(sizeof(MEM))) == NULL)
+ {
+ free(ret);
+ return(NULL);
+ }
+ CRYPTO_w_lock(CRYPTO_LOCK_MALLOC);
+ if (mh == NULL)
+ {
+ if ((mh=lh_new(mem_hash,mem_cmp)) == NULL)
+ {
+ free(ret);
+ free(m);
+ return(NULL);
+ }
+ }
+
+ m->addr=ret;
+ m->file=file;
+ m->line=line;
+ m->num=num;
+ m->order=order++;
+ if ((mm=(MEM *)lh_insert(mh,(char *)m)) != NULL)
+ {
+ /* Not good, but don't sweat it */
+ free(mm);
+ }
+ CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC);
+ }
+ return(ret);
+ }
+
+void CRYPTO_dbg_free(addr)
+char *addr;
+ {
+ MEM m,*mp;
+
+ if ((mh_mode & CRYPTO_MEM_CHECK_ON) && (mh != NULL))
+ {
+ CRYPTO_w_lock(CRYPTO_LOCK_MALLOC);
+ m.addr=addr;
+ mp=(MEM *)lh_delete(mh,(char *)&m);
+ if (mp != NULL)
+ free(mp);
+ CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC);
+ }
+ free_func(addr);
+ }
+
+char *CRYPTO_dbg_realloc(addr,num,file,line)
+char *addr;
+int num;
+char *file;
+int line;
+ {
+ char *ret;
+ MEM m,*mp;
+
+ ret=realloc_func(addr,num);
+ if (ret == addr) return(ret);
+
+ if (mh_mode & CRYPTO_MEM_CHECK_ON)
+ {
+ if (ret == NULL) return(NULL);
+ m.addr=addr;
+ CRYPTO_w_lock(CRYPTO_LOCK_MALLOC);
+ mp=(MEM *)lh_delete(mh,(char *)&m);
+ if (mp != NULL)
+ {
+ mp->addr=ret;
+ lh_insert(mh,(char *)mp);
+ }
+ CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC);
+ }
+ return(ret);
+ }
+
+char *CRYPTO_remalloc(a,n)
+char *a;
+int n;
+ {
+ if (a != NULL) Free(a);
+ a=(char *)Malloc(n);
+ return(a);
+ }
+
+char *CRYPTO_dbg_remalloc(a,n,file,line)
+char *a;
+int n;
+char *file;
+int line;
+ {
+ if (a != NULL) CRYPTO_dbg_free(a);
+ a=(char *)CRYPTO_dbg_malloc(n,file,line);
+ return(a);
+ }
+
+
+typedef struct mem_leak_st
+ {
+ BIO *bio;
+ int chunks;
+ long bytes;
+ } MEM_LEAK;
+
+static void print_leak(m,l)
+MEM *m;
+MEM_LEAK *l;
+ {
+ char buf[128];
+
+ sprintf(buf,"%5ld file=%s, line=%d, number=%d, address=%08lX\n",
+ m->order,m->file,m->line,m->num,(long)m->addr);
+ BIO_puts(l->bio,buf);
+ l->chunks++;
+ l->bytes+=m->num;
+ }
+
+void CRYPTO_mem_leaks(b)
+BIO *b;
+ {
+ MEM_LEAK ml;
+ char buf[80];
+
+ if (mh == NULL) return;
+ ml.bio=b;
+ ml.bytes=0;
+ ml.chunks=0;
+ CRYPTO_w_lock(CRYPTO_LOCK_MALLOC);
+ lh_doall_arg(mh,(void (*)())print_leak,(char *)&ml);
+ CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC);
+ if (ml.chunks != 0)
+ {
+ sprintf(buf,"%ld bytes leaked in %d chunks\n",
+ ml.bytes,ml.chunks);
+ BIO_puts(b,buf);
+ }
+ /*
+ lh_stats_bio(mh,b);
+ lh_node_stats_bio(mh,b);
+ lh_node_usage_stats_bio(mh,b);
+ */
+ }
+
+static void (*mem_cb)()=NULL;
+
+static void cb_leak(m,cb)
+MEM *m;
+char *cb;
+ {
+ void (*mem_callback)()=(void (*)())cb;
+ mem_callback(m->order,m->file,m->line,m->num,m->addr);
+ }
+
+void CRYPTO_mem_leaks_cb(cb)
+void (*cb)();
+ {
+ if (mh == NULL) return;
+ CRYPTO_w_lock(CRYPTO_LOCK_MALLOC);
+ mem_cb=cb;
+ lh_doall_arg(mh,(void (*)())cb_leak,(char *)mem_cb);
+ mem_cb=NULL;
+ CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC);
+ }
+
+#ifndef NO_FP_API
+void CRYPTO_mem_leaks_fp(fp)
+FILE *fp;
+ {
+ BIO *b;
+
+ if (mh == NULL) return;
+ if ((b=BIO_new(BIO_s_file())) == NULL)
+ return;
+ BIO_set_fp(b,fp,BIO_NOCLOSE);
+ CRYPTO_mem_leaks(b);
+ BIO_free(b);
+ }
+#endif
+
diff --git a/src/lib/libcrypto/objects/obj_dat.h b/src/lib/libcrypto/objects/obj_dat.h
new file mode 100644
index 0000000000..48143ae3c7
--- /dev/null
+++ b/src/lib/libcrypto/objects/obj_dat.h
@@ -0,0 +1,656 @@
+/* lib/obj/obj_dat.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* THIS FILE IS GENERATED FROM Objects.h by obj_dat.pl via the
+ * following command:
+ * perl obj_dat.pl < objects.h > obj_dat.h
+ */
+
+#define NUM_NID 124
+#define NUM_SN 95
+#define NUM_LN 122
+#define NUM_OBJ 95
+
+static unsigned char lvalues[600]={
+0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 0] OBJ_rsadsi */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 6] OBJ_pkcs */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02, /* [ 13] OBJ_md2 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x05, /* [ 21] OBJ_md5 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x04, /* [ 29] OBJ_rc4 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x01,/* [ 37] OBJ_rsaEncryption */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x02,/* [ 46] OBJ_md2WithRSAEncryption */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x04,/* [ 55] OBJ_md5WithRSAEncryption */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x01,/* [ 64] OBJ_pbeWithMD2AndDES_CBC */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x03,/* [ 73] OBJ_pbeWithMD5AndDES_CBC */
+0x55, /* [ 82] OBJ_X500 */
+0x55,0x04, /* [ 83] OBJ_X509 */
+0x55,0x04,0x03, /* [ 85] OBJ_commonName */
+0x55,0x04,0x06, /* [ 88] OBJ_countryName */
+0x55,0x04,0x07, /* [ 91] OBJ_localityName */
+0x55,0x04,0x08, /* [ 94] OBJ_stateOrProvinceName */
+0x55,0x04,0x0A, /* [ 97] OBJ_organizationName */
+0x55,0x04,0x0B, /* [100] OBJ_organizationalUnitName */
+0x55,0x08,0x01,0x01, /* [103] OBJ_rsa */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07, /* [107] OBJ_pkcs7 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x01,/* [115] OBJ_pkcs7_data */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x02,/* [124] OBJ_pkcs7_signed */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x03,/* [133] OBJ_pkcs7_enveloped */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x04,/* [142] OBJ_pkcs7_signedAndEnveloped */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x05,/* [151] OBJ_pkcs7_digest */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x06,/* [160] OBJ_pkcs7_encrypted */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x03, /* [169] OBJ_pkcs3 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x03,0x01,/* [177] OBJ_dhKeyAgreement */
+0x2B,0x0E,0x03,0x02,0x06, /* [186] OBJ_des_ecb */
+0x2B,0x0E,0x03,0x02,0x09, /* [191] OBJ_des_cfb64 */
+0x2B,0x0E,0x03,0x02,0x07, /* [196] OBJ_des_cbc */
+0x2B,0x0E,0x03,0x02,0x11, /* [201] OBJ_des_ede */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x02, /* [206] OBJ_rc2_cbc */
+0x2B,0x0E,0x03,0x02,0x12, /* [214] OBJ_sha */
+0x2B,0x0E,0x03,0x02,0x0F, /* [219] OBJ_shaWithRSAEncryption */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x07, /* [224] OBJ_des_ede3_cbc */
+0x2B,0x0E,0x03,0x02,0x08, /* [232] OBJ_des_ofb64 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09, /* [237] OBJ_pkcs9 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x01,/* [245] OBJ_pkcs9_emailAddress */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x02,/* [254] OBJ_pkcs9_unstructuredName */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x03,/* [263] OBJ_pkcs9_contentType */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x04,/* [272] OBJ_pkcs9_messageDigest */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x05,/* [281] OBJ_pkcs9_signingTime */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x06,/* [290] OBJ_pkcs9_countersignature */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x07,/* [299] OBJ_pkcs9_challengePassword */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x08,/* [308] OBJ_pkcs9_unstructuredAddress */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x09,/* [317] OBJ_pkcs9_extCertAttributes */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42, /* [326] OBJ_netscape */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01, /* [333] OBJ_netscape_cert_extension */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x02, /* [341] OBJ_netscape_data_type */
+0x2B,0x0E,0x03,0x02,0x1A, /* [349] OBJ_sha1 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x05,/* [354] OBJ_sha1WithRSAEncryption */
+0x2B,0x0E,0x03,0x02,0x0D, /* [363] OBJ_dsaWithSHA */
+0x2B,0x0E,0x03,0x02,0x0C, /* [368] OBJ_dsa_2 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0B,/* [373] OBJ_pbeWithSHA1AndRC2_CBC */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0C,/* [382] OBJ_pbeWithSHA1AndRC4 */
+0x2B,0x0E,0x03,0x02,0x1B, /* [391] OBJ_dsaWithSHA1_2 */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x01,/* [396] OBJ_netscape_cert_type */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x02,/* [405] OBJ_netscape_base_url */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x03,/* [414] OBJ_netscape_revocation_url */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x04,/* [423] OBJ_netscape_ca_revocation_url */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x07,/* [432] OBJ_netscape_renewal_url */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x08,/* [441] OBJ_netscape_ca_policy_url */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x0C,/* [450] OBJ_netscape_ssl_server_name */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x0D,/* [459] OBJ_netscape_comment */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x02,0x05,/* [468] OBJ_netscape_cert_sequence */
+0x55,0x1D, /* [477] OBJ_ld_ce */
+0x55,0x1D,0x0E, /* [479] OBJ_subject_key_identifier */
+0x55,0x1D,0x0F, /* [482] OBJ_key_usage */
+0x55,0x1D,0x10, /* [485] OBJ_private_key_usage_period */
+0x55,0x1D,0x11, /* [488] OBJ_subject_alt_name */
+0x55,0x1D,0x12, /* [491] OBJ_issuer_alt_name */
+0x55,0x1D,0x13, /* [494] OBJ_basic_constraints */
+0x55,0x1D,0x14, /* [497] OBJ_crl_number */
+0x55,0x1D,0x20, /* [500] OBJ_certificate_policies */
+0x55,0x1D,0x23, /* [503] OBJ_authority_key_identifier */
+0x55,0x08,0x03,0x65, /* [506] OBJ_mdc2 */
+0x55,0x08,0x03,0x64, /* [510] OBJ_mdc2WithRSA */
+0x55,0x04,0x2A, /* [514] OBJ_givenName */
+0x55,0x04,0x04, /* [517] OBJ_surname */
+0x55,0x04,0x2B, /* [520] OBJ_initials */
+0x55,0x04,0x2D, /* [523] OBJ_uniqueIdentifier */
+0x55,0x1D,0x1F, /* [526] OBJ_crl_distribution_points */
+0x2B,0x0E,0x03,0x02,0x03, /* [529] OBJ_md5WithRSA */
+0x55,0x04,0x05, /* [534] OBJ_serialNumber */
+0x55,0x04,0x0C, /* [537] OBJ_title */
+0x55,0x04,0x0D, /* [540] OBJ_description */
+0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0A,/* [543] OBJ_cast5_cbc */
+0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0C,/* [552] OBJ_pbeWithMD5AndCast5_CBC */
+0x2A,0x86,0x48,0xCE,0x38,0x04,0x03, /* [561] OBJ_dsaWithSHA1 */
+0x2B,0x0E,0x03,0x02,0x1D, /* [568] OBJ_sha1WithRSA */
+0x2A,0x86,0x48,0xCE,0x38,0x04,0x01, /* [573] OBJ_dsa */
+0x2B,0x24,0x03,0x02,0x01, /* [580] OBJ_ripemd160 */
+0x2B,0x24,0x03,0x03,0x01,0x02, /* [585] OBJ_ripemd160WithRSA */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x08, /* [591] OBJ_rc5_cbc */
+};
+
+static ASN1_OBJECT nid_objs[NUM_NID]={
+{"UNDEF","undefined",NID_undef,0,NULL},
+{"rsadsi","rsadsi",NID_rsadsi,6,&(lvalues[0]),0},
+{"pkcs","pkcs",NID_pkcs,7,&(lvalues[6]),0},
+{"MD2","md2",NID_md2,8,&(lvalues[13]),0},
+{"MD5","md5",NID_md5,8,&(lvalues[21]),0},
+{"RC4","rc4",NID_rc4,8,&(lvalues[29]),0},
+{"rsaEncryption","rsaEncryption",NID_rsaEncryption,9,&(lvalues[37]),0},
+{"RSA-MD2","md2WithRSAEncryption",NID_md2WithRSAEncryption,9,
+ &(lvalues[46]),0},
+{"RSA-MD5","md5WithRSAEncryption",NID_md5WithRSAEncryption,9,
+ &(lvalues[55]),0},
+{"pbeWithMD2AndDES-CBC","pbeWithMD2AndDES-CBC",
+ NID_pbeWithMD2AndDES_CBC,9,&(lvalues[64]),0},
+{"pbeWithMD5AndDES-CBC","pbeWithMD5AndDES-CBC",
+ NID_pbeWithMD5AndDES_CBC,9,&(lvalues[73]),0},
+{"X500","X500",NID_X500,1,&(lvalues[82]),0},
+{"X509","X509",NID_X509,2,&(lvalues[83]),0},
+{"CN","commonName",NID_commonName,3,&(lvalues[85]),0},
+{"C","countryName",NID_countryName,3,&(lvalues[88]),0},
+{"L","localityName",NID_localityName,3,&(lvalues[91]),0},
+{"ST","stateOrProvinceName",NID_stateOrProvinceName,3,&(lvalues[94]),0},
+{"O","organizationName",NID_organizationName,3,&(lvalues[97]),0},
+{"OU","organizationalUnitName",NID_organizationalUnitName,3,
+ &(lvalues[100]),0},
+{"RSA","rsa",NID_rsa,4,&(lvalues[103]),0},
+{"pkcs7","pkcs7",NID_pkcs7,8,&(lvalues[107]),0},
+{"pkcs7-data","pkcs7-data",NID_pkcs7_data,9,&(lvalues[115]),0},
+{"pkcs7-signedData","pkcs7-signedData",NID_pkcs7_signed,9,
+ &(lvalues[124]),0},
+{"pkcs7-envelopedData","pkcs7-envelopedData",NID_pkcs7_enveloped,9,
+ &(lvalues[133]),0},
+{"pkcs7-signedAndEnvelopedData","pkcs7-signedAndEnvelopedData",
+ NID_pkcs7_signedAndEnveloped,9,&(lvalues[142]),0},
+{"pkcs7-digestData","pkcs7-digestData",NID_pkcs7_digest,9,
+ &(lvalues[151]),0},
+{"pkcs7-encryptedData","pkcs7-encryptedData",NID_pkcs7_encrypted,9,
+ &(lvalues[160]),0},
+{"pkcs3","pkcs3",NID_pkcs3,8,&(lvalues[169]),0},
+{"dhKeyAgreement","dhKeyAgreement",NID_dhKeyAgreement,9,
+ &(lvalues[177]),0},
+{"DES-ECB","des-ecb",NID_des_ecb,5,&(lvalues[186]),0},
+{"DES-CFB","des-cfb",NID_des_cfb64,5,&(lvalues[191]),0},
+{"DES-CBC","des-cbc",NID_des_cbc,5,&(lvalues[196]),0},
+{"DES-EDE","des-ede",NID_des_ede,5,&(lvalues[201]),0},
+{"DES-EDE3","des-ede3",NID_des_ede3,0,NULL},
+{"IDEA-CBC","idea-cbc",NID_idea_cbc,0,NULL},
+{"IDEA-CFB","idea-cfb",NID_idea_cfb64,0,NULL},
+{"IDEA-ECB","idea-ecb",NID_idea_ecb,0,NULL},
+{"RC2-CBC","rc2-cbc",NID_rc2_cbc,8,&(lvalues[206]),0},
+{"RC2-ECB","rc2-ecb",NID_rc2_ecb,0,NULL},
+{"RC2-CFB","rc2-cfb",NID_rc2_cfb64,0,NULL},
+{"RC2-OFB","rc2-ofb",NID_rc2_ofb64,0,NULL},
+{"SHA","sha",NID_sha,5,&(lvalues[214]),0},
+{"RSA-SHA","shaWithRSAEncryption",NID_shaWithRSAEncryption,5,
+ &(lvalues[219]),0},
+{"DES-EDE-CBC","des-ede-cbc",NID_des_ede_cbc,0,NULL},
+{"DES-EDE3-CBC","des-ede3-cbc",NID_des_ede3_cbc,8,&(lvalues[224]),0},
+{"DES-OFB","des-ofb",NID_des_ofb64,5,&(lvalues[232]),0},
+{"IDEA-OFB","idea-ofb",NID_idea_ofb64,0,NULL},
+{"pkcs9","pkcs9",NID_pkcs9,8,&(lvalues[237]),0},
+{"Email","emailAddress",NID_pkcs9_emailAddress,9,&(lvalues[245]),0},
+{"unstructuredName","unstructuredName",NID_pkcs9_unstructuredName,9,
+ &(lvalues[254]),0},
+{"contentType","contentType",NID_pkcs9_contentType,9,&(lvalues[263]),0},
+{"messageDigest","messageDigest",NID_pkcs9_messageDigest,9,
+ &(lvalues[272]),0},
+{"signingTime","signingTime",NID_pkcs9_signingTime,9,&(lvalues[281]),0},
+{"countersignature","countersignature",NID_pkcs9_countersignature,9,
+ &(lvalues[290]),0},
+{"challengePassword","challengePassword",NID_pkcs9_challengePassword,
+ 9,&(lvalues[299]),0},
+{"unstructuredAddress","unstructuredAddress",
+ NID_pkcs9_unstructuredAddress,9,&(lvalues[308]),0},
+{"extendedCertificateAttributes","extendedCertificateAttributes",
+ NID_pkcs9_extCertAttributes,9,&(lvalues[317]),0},
+{"Netscape","Netscape Communications Corp.",NID_netscape,7,
+ &(lvalues[326]),0},
+{"nsCertExt","Netscape Certificate Extension",
+ NID_netscape_cert_extension,8,&(lvalues[333]),0},
+{"nsDataType","Netscape Data Type",NID_netscape_data_type,8,
+ &(lvalues[341]),0},
+{"DES-EDE-CFB","des-ede-cfb",NID_des_ede_cfb64,0,NULL},
+{"DES-EDE3-CFB","des-ede3-cfb",NID_des_ede3_cfb64,0,NULL},
+{"DES-EDE-OFB","des-ede-ofb",NID_des_ede_ofb64,0,NULL},
+{"DES-EDE3-OFB","des-ede3-ofb",NID_des_ede3_ofb64,0,NULL},
+{"SHA1","sha1",NID_sha1,5,&(lvalues[349]),0},
+{"RSA-SHA1","sha1WithRSAEncryption",NID_sha1WithRSAEncryption,9,
+ &(lvalues[354]),0},
+{"DSA-SHA","dsaWithSHA",NID_dsaWithSHA,5,&(lvalues[363]),0},
+{"DSA-old","dsaEncryption-old",NID_dsa_2,5,&(lvalues[368]),0},
+{"pbeWithSHA1AndRC2-CBC","pbeWithSHA1AndRC2-CBC",
+ NID_pbeWithSHA1AndRC2_CBC,9,&(lvalues[373]),0},
+{"pbeWithSHA1AndRC4","pbeWithSHA1AndRC4",NID_pbeWithSHA1AndRC4,9,
+ &(lvalues[382]),0},
+{"DSA-SHA1-old","dsaWithSHA1",NID_dsaWithSHA1_2,5,&(lvalues[391]),0},
+{"nsCertType","Netscape Cert Type",NID_netscape_cert_type,9,
+ &(lvalues[396]),0},
+{"nsBaseUrl","Netscape Base Url",NID_netscape_base_url,9,
+ &(lvalues[405]),0},
+{"nsRevocationUrl","Netscape Revocation Url",
+ NID_netscape_revocation_url,9,&(lvalues[414]),0},
+{"nsCaRevocationUrl","Netscape CA Revocation Url",
+ NID_netscape_ca_revocation_url,9,&(lvalues[423]),0},
+{"nsRenewalUrl","Netscape Renewal Url",NID_netscape_renewal_url,9,
+ &(lvalues[432]),0},
+{"nsCaPolicyUrl","Netscape CA Policy Url",NID_netscape_ca_policy_url,
+ 9,&(lvalues[441]),0},
+{"nsSslServerName","Netscape SSL Server Name",
+ NID_netscape_ssl_server_name,9,&(lvalues[450]),0},
+{"nsComment","Netscape Comment",NID_netscape_comment,9,&(lvalues[459]),0},
+{"nsCertSequence","Netscape Certificate Sequence",
+ NID_netscape_cert_sequence,9,&(lvalues[468]),0},
+{"DESX-CBC","desx-cbc",NID_desx_cbc,0,NULL},
+{"ld-ce","ld-ce",NID_ld_ce,2,&(lvalues[477]),0},
+{"subjectKeyIdentifier","X509v3 Subject Key Identifier",
+ NID_subject_key_identifier,3,&(lvalues[479]),0},
+{"keyUsage","X509v3 Key Usage",NID_key_usage,3,&(lvalues[482]),0},
+{"privateKeyUsagePeriod","X509v3 Private Key Usage Period",
+ NID_private_key_usage_period,3,&(lvalues[485]),0},
+{"subjectAltName","X509v3 Subject Alternative Name",
+ NID_subject_alt_name,3,&(lvalues[488]),0},
+{"issuerAltName","X509v3 Issuer Alternative Name",NID_issuer_alt_name,
+ 3,&(lvalues[491]),0},
+{"basicConstraints","X509v3 Basic Constraints",NID_basic_constraints,
+ 3,&(lvalues[494]),0},
+{"crlNumber","X509v3 CRL Number",NID_crl_number,3,&(lvalues[497]),0},
+{"certificatePolicies","X509v3 Certificate Policies",
+ NID_certificate_policies,3,&(lvalues[500]),0},
+{"authorityKeyIdentifier","X509v3 Authority Key Identifier",
+ NID_authority_key_identifier,3,&(lvalues[503]),0},
+{"BF-CBC","bf-cbc",NID_bf_cbc,0,NULL},
+{"BF-ECB","bf-ecb",NID_bf_ecb,0,NULL},
+{"BF-CFB","bf-cfb",NID_bf_cfb64,0,NULL},
+{"BF-OFB","bf-ofb",NID_bf_ofb64,0,NULL},
+{"MDC2","mdc2",NID_mdc2,4,&(lvalues[506]),0},
+{"RSA-MDC2","mdc2withRSA",NID_mdc2WithRSA,4,&(lvalues[510]),0},
+{"RC4-40","rc4-40",NID_rc4_40,0,NULL},
+{"RC2-40-CBC","rc2-40-cbc",NID_rc2_40_cbc,0,NULL},
+{"G","givenName",NID_givenName,3,&(lvalues[514]),0},
+{"S","surname",NID_surname,3,&(lvalues[517]),0},
+{"I","initials",NID_initials,3,&(lvalues[520]),0},
+{"UID","uniqueIdentifier",NID_uniqueIdentifier,3,&(lvalues[523]),0},
+{"crlDistributionPoints","X509v3 CRL Distribution Points",
+ NID_crl_distribution_points,3,&(lvalues[526]),0},
+{"RSA-NP-MD5","md5WithRSA",NID_md5WithRSA,5,&(lvalues[529]),0},
+{"SN","serialNumber",NID_serialNumber,3,&(lvalues[534]),0},
+{"T","title",NID_title,3,&(lvalues[537]),0},
+{"D","description",NID_description,3,&(lvalues[540]),0},
+{"CAST5-CBC","cast5-cbc",NID_cast5_cbc,9,&(lvalues[543]),0},
+{"CAST5-ECB","cast5-ecb",NID_cast5_ecb,0,NULL},
+{"CAST5-CFB","cast5-cfb",NID_cast5_cfb64,0,NULL},
+{"CAST5-OFB","cast5-ofb",NID_cast5_ofb64,0,NULL},
+{"pbeWithMD5AndCast5CBC","pbeWithMD5AndCast5CBC",
+ NID_pbeWithMD5AndCast5_CBC,9,&(lvalues[552]),0},
+{"DSA-SHA1","dsaWithSHA1",NID_dsaWithSHA1,7,&(lvalues[561]),0},
+{"MD5-SHA1","md5-sha1",NID_md5_sha1,0,NULL},
+{"RSA-SHA1-2","sha1WithRSA",NID_sha1WithRSA,5,&(lvalues[568]),0},
+{"DSA","dsaEncryption",NID_dsa,7,&(lvalues[573]),0},
+{"RIPEMD160","ripemd160",NID_ripemd160,5,&(lvalues[580]),0},
+{NULL,NULL,NID_undef,0,NULL},
+{"RSA-RIPEMD160","ripemd160WithRSA",NID_ripemd160WithRSA,6,
+ &(lvalues[585]),0},
+{"RC5-CBC","rc5-cbc",NID_rc5_cbc,8,&(lvalues[591]),0},
+{"RC5-ECB","rc5-ecb",NID_rc5_ecb,0,NULL},
+{"RC5-CFB","rc5-cfb",NID_rc5_cfb64,0,NULL},
+{"RC5-OFB","rc5-ofb",NID_rc5_ofb64,0,NULL},
+};
+
+static ASN1_OBJECT *sn_objs[NUM_SN]={
+&(nid_objs[91]),/* "BF-CBC" */
+&(nid_objs[93]),/* "BF-CFB" */
+&(nid_objs[92]),/* "BF-ECB" */
+&(nid_objs[94]),/* "BF-OFB" */
+&(nid_objs[14]),/* "C" */
+&(nid_objs[108]),/* "CAST5-CBC" */
+&(nid_objs[110]),/* "CAST5-CFB" */
+&(nid_objs[109]),/* "CAST5-ECB" */
+&(nid_objs[111]),/* "CAST5-OFB" */
+&(nid_objs[13]),/* "CN" */
+&(nid_objs[107]),/* "D" */
+&(nid_objs[31]),/* "DES-CBC" */
+&(nid_objs[30]),/* "DES-CFB" */
+&(nid_objs[29]),/* "DES-ECB" */
+&(nid_objs[32]),/* "DES-EDE" */
+&(nid_objs[43]),/* "DES-EDE-CBC" */
+&(nid_objs[60]),/* "DES-EDE-CFB" */
+&(nid_objs[62]),/* "DES-EDE-OFB" */
+&(nid_objs[33]),/* "DES-EDE3" */
+&(nid_objs[44]),/* "DES-EDE3-CBC" */
+&(nid_objs[61]),/* "DES-EDE3-CFB" */
+&(nid_objs[63]),/* "DES-EDE3-OFB" */
+&(nid_objs[45]),/* "DES-OFB" */
+&(nid_objs[80]),/* "DESX-CBC" */
+&(nid_objs[116]),/* "DSA" */
+&(nid_objs[66]),/* "DSA-SHA" */
+&(nid_objs[113]),/* "DSA-SHA1" */
+&(nid_objs[70]),/* "DSA-SHA1-old" */
+&(nid_objs[67]),/* "DSA-old" */
+&(nid_objs[48]),/* "Email" */
+&(nid_objs[99]),/* "G" */
+&(nid_objs[101]),/* "I" */
+&(nid_objs[34]),/* "IDEA-CBC" */
+&(nid_objs[35]),/* "IDEA-CFB" */
+&(nid_objs[36]),/* "IDEA-ECB" */
+&(nid_objs[46]),/* "IDEA-OFB" */
+&(nid_objs[15]),/* "L" */
+&(nid_objs[ 3]),/* "MD2" */
+&(nid_objs[ 4]),/* "MD5" */
+&(nid_objs[114]),/* "MD5-SHA1" */
+&(nid_objs[95]),/* "MDC2" */
+&(nid_objs[57]),/* "Netscape" */
+&(nid_objs[17]),/* "O" */
+&(nid_objs[18]),/* "OU" */
+&(nid_objs[98]),/* "RC2-40-CBC" */
+&(nid_objs[37]),/* "RC2-CBC" */
+&(nid_objs[39]),/* "RC2-CFB" */
+&(nid_objs[38]),/* "RC2-ECB" */
+&(nid_objs[40]),/* "RC2-OFB" */
+&(nid_objs[ 5]),/* "RC4" */
+&(nid_objs[97]),/* "RC4-40" */
+&(nid_objs[120]),/* "RC5-CBC" */
+&(nid_objs[122]),/* "RC5-CFB" */
+&(nid_objs[121]),/* "RC5-ECB" */
+&(nid_objs[123]),/* "RC5-OFB" */
+&(nid_objs[117]),/* "RIPEMD160" */
+&(nid_objs[19]),/* "RSA" */
+&(nid_objs[ 7]),/* "RSA-MD2" */
+&(nid_objs[ 8]),/* "RSA-MD5" */
+&(nid_objs[96]),/* "RSA-MDC2" */
+&(nid_objs[104]),/* "RSA-NP-MD5" */
+&(nid_objs[119]),/* "RSA-RIPEMD160" */
+&(nid_objs[42]),/* "RSA-SHA" */
+&(nid_objs[65]),/* "RSA-SHA1" */
+&(nid_objs[115]),/* "RSA-SHA1-2" */
+&(nid_objs[100]),/* "S" */
+&(nid_objs[41]),/* "SHA" */
+&(nid_objs[64]),/* "SHA1" */
+&(nid_objs[105]),/* "SN" */
+&(nid_objs[16]),/* "ST" */
+&(nid_objs[106]),/* "T" */
+&(nid_objs[102]),/* "UID" */
+&(nid_objs[ 0]),/* "UNDEF" */
+&(nid_objs[90]),/* "authorityKeyIdentifier" */
+&(nid_objs[87]),/* "basicConstraints" */
+&(nid_objs[89]),/* "certificatePolicies" */
+&(nid_objs[103]),/* "crlDistributionPoints" */
+&(nid_objs[88]),/* "crlNumber" */
+&(nid_objs[86]),/* "issuerAltName" */
+&(nid_objs[83]),/* "keyUsage" */
+&(nid_objs[81]),/* "ld-ce" */
+&(nid_objs[72]),/* "nsBaseUrl" */
+&(nid_objs[76]),/* "nsCaPolicyUrl" */
+&(nid_objs[74]),/* "nsCaRevocationUrl" */
+&(nid_objs[58]),/* "nsCertExt" */
+&(nid_objs[79]),/* "nsCertSequence" */
+&(nid_objs[71]),/* "nsCertType" */
+&(nid_objs[78]),/* "nsComment" */
+&(nid_objs[59]),/* "nsDataType" */
+&(nid_objs[75]),/* "nsRenewalUrl" */
+&(nid_objs[73]),/* "nsRevocationUrl" */
+&(nid_objs[77]),/* "nsSslServerName" */
+&(nid_objs[84]),/* "privateKeyUsagePeriod" */
+&(nid_objs[85]),/* "subjectAltName" */
+&(nid_objs[82]),/* "subjectKeyIdentifier" */
+};
+
+static ASN1_OBJECT *ln_objs[NUM_LN]={
+&(nid_objs[72]),/* "Netscape Base Url" */
+&(nid_objs[76]),/* "Netscape CA Policy Url" */
+&(nid_objs[74]),/* "Netscape CA Revocation Url" */
+&(nid_objs[71]),/* "Netscape Cert Type" */
+&(nid_objs[58]),/* "Netscape Certificate Extension" */
+&(nid_objs[79]),/* "Netscape Certificate Sequence" */
+&(nid_objs[78]),/* "Netscape Comment" */
+&(nid_objs[57]),/* "Netscape Communications Corp." */
+&(nid_objs[59]),/* "Netscape Data Type" */
+&(nid_objs[75]),/* "Netscape Renewal Url" */
+&(nid_objs[73]),/* "Netscape Revocation Url" */
+&(nid_objs[77]),/* "Netscape SSL Server Name" */
+&(nid_objs[11]),/* "X500" */
+&(nid_objs[12]),/* "X509" */
+&(nid_objs[90]),/* "X509v3 Authority Key Identifier" */
+&(nid_objs[87]),/* "X509v3 Basic Constraints" */
+&(nid_objs[103]),/* "X509v3 CRL Distribution Points" */
+&(nid_objs[88]),/* "X509v3 CRL Number" */
+&(nid_objs[89]),/* "X509v3 Certificate Policies" */
+&(nid_objs[86]),/* "X509v3 Issuer Alternative Name" */
+&(nid_objs[83]),/* "X509v3 Key Usage" */
+&(nid_objs[84]),/* "X509v3 Private Key Usage Period" */
+&(nid_objs[85]),/* "X509v3 Subject Alternative Name" */
+&(nid_objs[82]),/* "X509v3 Subject Key Identifier" */
+&(nid_objs[91]),/* "bf-cbc" */
+&(nid_objs[93]),/* "bf-cfb" */
+&(nid_objs[92]),/* "bf-ecb" */
+&(nid_objs[94]),/* "bf-ofb" */
+&(nid_objs[108]),/* "cast5-cbc" */
+&(nid_objs[110]),/* "cast5-cfb" */
+&(nid_objs[109]),/* "cast5-ecb" */
+&(nid_objs[111]),/* "cast5-ofb" */
+&(nid_objs[54]),/* "challengePassword" */
+&(nid_objs[13]),/* "commonName" */
+&(nid_objs[50]),/* "contentType" */
+&(nid_objs[53]),/* "countersignature" */
+&(nid_objs[14]),/* "countryName" */
+&(nid_objs[31]),/* "des-cbc" */
+&(nid_objs[30]),/* "des-cfb" */
+&(nid_objs[29]),/* "des-ecb" */
+&(nid_objs[32]),/* "des-ede" */
+&(nid_objs[43]),/* "des-ede-cbc" */
+&(nid_objs[60]),/* "des-ede-cfb" */
+&(nid_objs[62]),/* "des-ede-ofb" */
+&(nid_objs[33]),/* "des-ede3" */
+&(nid_objs[44]),/* "des-ede3-cbc" */
+&(nid_objs[61]),/* "des-ede3-cfb" */
+&(nid_objs[63]),/* "des-ede3-ofb" */
+&(nid_objs[45]),/* "des-ofb" */
+&(nid_objs[107]),/* "description" */
+&(nid_objs[80]),/* "desx-cbc" */
+&(nid_objs[28]),/* "dhKeyAgreement" */
+&(nid_objs[116]),/* "dsaEncryption" */
+&(nid_objs[67]),/* "dsaEncryption-old" */
+&(nid_objs[66]),/* "dsaWithSHA" */
+&(nid_objs[113]),/* "dsaWithSHA1" */
+&(nid_objs[70]),/* "dsaWithSHA1" */
+&(nid_objs[48]),/* "emailAddress" */
+&(nid_objs[56]),/* "extendedCertificateAttributes" */
+&(nid_objs[99]),/* "givenName" */
+&(nid_objs[34]),/* "idea-cbc" */
+&(nid_objs[35]),/* "idea-cfb" */
+&(nid_objs[36]),/* "idea-ecb" */
+&(nid_objs[46]),/* "idea-ofb" */
+&(nid_objs[101]),/* "initials" */
+&(nid_objs[15]),/* "localityName" */
+&(nid_objs[ 3]),/* "md2" */
+&(nid_objs[ 7]),/* "md2WithRSAEncryption" */
+&(nid_objs[ 4]),/* "md5" */
+&(nid_objs[114]),/* "md5-sha1" */
+&(nid_objs[104]),/* "md5WithRSA" */
+&(nid_objs[ 8]),/* "md5WithRSAEncryption" */
+&(nid_objs[95]),/* "mdc2" */
+&(nid_objs[96]),/* "mdc2withRSA" */
+&(nid_objs[51]),/* "messageDigest" */
+&(nid_objs[17]),/* "organizationName" */
+&(nid_objs[18]),/* "organizationalUnitName" */
+&(nid_objs[ 9]),/* "pbeWithMD2AndDES-CBC" */
+&(nid_objs[112]),/* "pbeWithMD5AndCast5CBC" */
+&(nid_objs[10]),/* "pbeWithMD5AndDES-CBC" */
+&(nid_objs[68]),/* "pbeWithSHA1AndRC2-CBC" */
+&(nid_objs[69]),/* "pbeWithSHA1AndRC4" */
+&(nid_objs[ 2]),/* "pkcs" */
+&(nid_objs[27]),/* "pkcs3" */
+&(nid_objs[20]),/* "pkcs7" */
+&(nid_objs[21]),/* "pkcs7-data" */
+&(nid_objs[25]),/* "pkcs7-digestData" */
+&(nid_objs[26]),/* "pkcs7-encryptedData" */
+&(nid_objs[23]),/* "pkcs7-envelopedData" */
+&(nid_objs[24]),/* "pkcs7-signedAndEnvelopedData" */
+&(nid_objs[22]),/* "pkcs7-signedData" */
+&(nid_objs[47]),/* "pkcs9" */
+&(nid_objs[98]),/* "rc2-40-cbc" */
+&(nid_objs[37]),/* "rc2-cbc" */
+&(nid_objs[39]),/* "rc2-cfb" */
+&(nid_objs[38]),/* "rc2-ecb" */
+&(nid_objs[40]),/* "rc2-ofb" */
+&(nid_objs[ 5]),/* "rc4" */
+&(nid_objs[97]),/* "rc4-40" */
+&(nid_objs[120]),/* "rc5-cbc" */
+&(nid_objs[122]),/* "rc5-cfb" */
+&(nid_objs[121]),/* "rc5-ecb" */
+&(nid_objs[123]),/* "rc5-ofb" */
+&(nid_objs[117]),/* "ripemd160" */
+&(nid_objs[119]),/* "ripemd160WithRSA" */
+&(nid_objs[19]),/* "rsa" */
+&(nid_objs[ 6]),/* "rsaEncryption" */
+&(nid_objs[ 1]),/* "rsadsi" */
+&(nid_objs[105]),/* "serialNumber" */
+&(nid_objs[41]),/* "sha" */
+&(nid_objs[64]),/* "sha1" */
+&(nid_objs[115]),/* "sha1WithRSA" */
+&(nid_objs[65]),/* "sha1WithRSAEncryption" */
+&(nid_objs[42]),/* "shaWithRSAEncryption" */
+&(nid_objs[52]),/* "signingTime" */
+&(nid_objs[16]),/* "stateOrProvinceName" */
+&(nid_objs[100]),/* "surname" */
+&(nid_objs[106]),/* "title" */
+&(nid_objs[ 0]),/* "undefined" */
+&(nid_objs[102]),/* "uniqueIdentifier" */
+&(nid_objs[55]),/* "unstructuredAddress" */
+&(nid_objs[49]),/* "unstructuredName" */
+};
+
+static ASN1_OBJECT *obj_objs[NUM_OBJ]={
+&(nid_objs[11]),/* OBJ_X500 2 5 */
+&(nid_objs[12]),/* OBJ_X509 2 5 4 */
+&(nid_objs[81]),/* OBJ_ld_ce 2 5 29 */
+&(nid_objs[13]),/* OBJ_commonName 2 5 4 3 */
+&(nid_objs[100]),/* OBJ_surname 2 5 4 4 */
+&(nid_objs[105]),/* OBJ_serialNumber 2 5 4 5 */
+&(nid_objs[14]),/* OBJ_countryName 2 5 4 6 */
+&(nid_objs[15]),/* OBJ_localityName 2 5 4 7 */
+&(nid_objs[16]),/* OBJ_stateOrProvinceName 2 5 4 8 */
+&(nid_objs[17]),/* OBJ_organizationName 2 5 4 10 */
+&(nid_objs[18]),/* OBJ_organizationalUnitName 2 5 4 11 */
+&(nid_objs[106]),/* OBJ_title 2 5 4 12 */
+&(nid_objs[107]),/* OBJ_description 2 5 4 13 */
+&(nid_objs[99]),/* OBJ_givenName 2 5 4 42 */
+&(nid_objs[101]),/* OBJ_initials 2 5 4 43 */
+&(nid_objs[102]),/* OBJ_uniqueIdentifier 2 5 4 45 */
+&(nid_objs[82]),/* OBJ_subject_key_identifier 2 5 29 14 */
+&(nid_objs[83]),/* OBJ_key_usage 2 5 29 15 */
+&(nid_objs[84]),/* OBJ_private_key_usage_period 2 5 29 16 */
+&(nid_objs[85]),/* OBJ_subject_alt_name 2 5 29 17 */
+&(nid_objs[86]),/* OBJ_issuer_alt_name 2 5 29 18 */
+&(nid_objs[87]),/* OBJ_basic_constraints 2 5 29 19 */
+&(nid_objs[88]),/* OBJ_crl_number 2 5 29 20 */
+&(nid_objs[103]),/* OBJ_crl_distribution_points 2 5 29 31 */
+&(nid_objs[89]),/* OBJ_certificate_policies 2 5 29 32 */
+&(nid_objs[90]),/* OBJ_authority_key_identifier 2 5 29 35 */
+&(nid_objs[19]),/* OBJ_rsa 2 5 8 1 1 */
+&(nid_objs[96]),/* OBJ_mdc2WithRSA 2 5 8 3 100 */
+&(nid_objs[95]),/* OBJ_mdc2 2 5 8 3 101 */
+&(nid_objs[104]),/* OBJ_md5WithRSA 1 3 14 3 2 3 */
+&(nid_objs[29]),/* OBJ_des_ecb 1 3 14 3 2 6 */
+&(nid_objs[31]),/* OBJ_des_cbc 1 3 14 3 2 7 */
+&(nid_objs[45]),/* OBJ_des_ofb64 1 3 14 3 2 8 */
+&(nid_objs[30]),/* OBJ_des_cfb64 1 3 14 3 2 9 */
+&(nid_objs[67]),/* OBJ_dsa_2 1 3 14 3 2 12 */
+&(nid_objs[66]),/* OBJ_dsaWithSHA 1 3 14 3 2 13 */
+&(nid_objs[42]),/* OBJ_shaWithRSAEncryption 1 3 14 3 2 15 */
+&(nid_objs[32]),/* OBJ_des_ede 1 3 14 3 2 17 */
+&(nid_objs[41]),/* OBJ_sha 1 3 14 3 2 18 */
+&(nid_objs[64]),/* OBJ_sha1 1 3 14 3 2 26 */
+&(nid_objs[70]),/* OBJ_dsaWithSHA1_2 1 3 14 3 2 27 */
+&(nid_objs[115]),/* OBJ_sha1WithRSA 1 3 14 3 2 29 */
+&(nid_objs[117]),/* OBJ_ripemd160 1 3 36 3 2 1 */
+&(nid_objs[ 1]),/* OBJ_rsadsi 1 2 840 113549 */
+&(nid_objs[119]),/* OBJ_ripemd160WithRSA 1 3 36 3 3 1 2 */
+&(nid_objs[ 2]),/* OBJ_pkcs 1 2 840 113549 1 */
+&(nid_objs[116]),/* OBJ_dsa 1 2 840 10040 4 1 */
+&(nid_objs[113]),/* OBJ_dsaWithSHA1 1 2 840 10040 4 3 */
+&(nid_objs[57]),/* OBJ_netscape 2 16 840 1 113730 */
+&(nid_objs[27]),/* OBJ_pkcs3 1 2 840 113549 1 3 */
+&(nid_objs[20]),/* OBJ_pkcs7 1 2 840 113549 1 7 */
+&(nid_objs[47]),/* OBJ_pkcs9 1 2 840 113549 1 9 */
+&(nid_objs[ 3]),/* OBJ_md2 1 2 840 113549 2 2 */
+&(nid_objs[ 4]),/* OBJ_md5 1 2 840 113549 2 5 */
+&(nid_objs[37]),/* OBJ_rc2_cbc 1 2 840 113549 3 2 */
+&(nid_objs[ 5]),/* OBJ_rc4 1 2 840 113549 3 4 */
+&(nid_objs[44]),/* OBJ_des_ede3_cbc 1 2 840 113549 3 7 */
+&(nid_objs[120]),/* OBJ_rc5_cbc 1 2 840 113549 3 8 */
+&(nid_objs[58]),/* OBJ_netscape_cert_extension 2 16 840 1 113730 1 */
+&(nid_objs[59]),/* OBJ_netscape_data_type 2 16 840 1 113730 2 */
+&(nid_objs[108]),/* OBJ_cast5_cbc 1 2 840 113533 7 66 10 */
+&(nid_objs[112]),/* OBJ_pbeWithMD5AndCast5_CBC 1 2 840 113533 7 66 12 */
+&(nid_objs[ 6]),/* OBJ_rsaEncryption 1 2 840 113549 1 1 1 */
+&(nid_objs[ 7]),/* OBJ_md2WithRSAEncryption 1 2 840 113549 1 1 2 */
+&(nid_objs[ 8]),/* OBJ_md5WithRSAEncryption 1 2 840 113549 1 1 4 */
+&(nid_objs[65]),/* OBJ_sha1WithRSAEncryption 1 2 840 113549 1 1 5 */
+&(nid_objs[28]),/* OBJ_dhKeyAgreement 1 2 840 113549 1 3 1 */
+&(nid_objs[ 9]),/* OBJ_pbeWithMD2AndDES_CBC 1 2 840 113549 1 5 1 */
+&(nid_objs[10]),/* OBJ_pbeWithMD5AndDES_CBC 1 2 840 113549 1 5 3 */
+&(nid_objs[68]),/* OBJ_pbeWithSHA1AndRC2_CBC 1 2 840 113549 1 5 11 */
+&(nid_objs[69]),/* OBJ_pbeWithSHA1AndRC4 1 2 840 113549 1 5 12 */
+&(nid_objs[21]),/* OBJ_pkcs7_data 1 2 840 113549 1 7 1 */
+&(nid_objs[22]),/* OBJ_pkcs7_signed 1 2 840 113549 1 7 2 */
+&(nid_objs[23]),/* OBJ_pkcs7_enveloped 1 2 840 113549 1 7 3 */
+&(nid_objs[24]),/* OBJ_pkcs7_signedAndEnveloped 1 2 840 113549 1 7 4 */
+&(nid_objs[25]),/* OBJ_pkcs7_digest 1 2 840 113549 1 7 5 */
+&(nid_objs[26]),/* OBJ_pkcs7_encrypted 1 2 840 113549 1 7 6 */
+&(nid_objs[48]),/* OBJ_pkcs9_emailAddress 1 2 840 113549 1 9 1 */
+&(nid_objs[49]),/* OBJ_pkcs9_unstructuredName 1 2 840 113549 1 9 2 */
+&(nid_objs[50]),/* OBJ_pkcs9_contentType 1 2 840 113549 1 9 3 */
+&(nid_objs[51]),/* OBJ_pkcs9_messageDigest 1 2 840 113549 1 9 4 */
+&(nid_objs[52]),/* OBJ_pkcs9_signingTime 1 2 840 113549 1 9 5 */
+&(nid_objs[53]),/* OBJ_pkcs9_countersignature 1 2 840 113549 1 9 6 */
+&(nid_objs[54]),/* OBJ_pkcs9_challengePassword 1 2 840 113549 1 9 7 */
+&(nid_objs[55]),/* OBJ_pkcs9_unstructuredAddress 1 2 840 113549 1 9 8 */
+&(nid_objs[56]),/* OBJ_pkcs9_extCertAttributes 1 2 840 113549 1 9 9 */
+&(nid_objs[71]),/* OBJ_netscape_cert_type 2 16 840 1 113730 1 1 */
+&(nid_objs[72]),/* OBJ_netscape_base_url 2 16 840 1 113730 1 2 */
+&(nid_objs[73]),/* OBJ_netscape_revocation_url 2 16 840 1 113730 1 3 */
+&(nid_objs[74]),/* OBJ_netscape_ca_revocation_url 2 16 840 1 113730 1 4 */
+&(nid_objs[75]),/* OBJ_netscape_renewal_url 2 16 840 1 113730 1 7 */
+&(nid_objs[76]),/* OBJ_netscape_ca_policy_url 2 16 840 1 113730 1 8 */
+&(nid_objs[77]),/* OBJ_netscape_ssl_server_name 2 16 840 1 113730 1 12 */
+&(nid_objs[78]),/* OBJ_netscape_comment 2 16 840 1 113730 1 13 */
+&(nid_objs[79]),/* OBJ_netscape_cert_sequence 2 16 840 1 113730 2 5 */
+};
+
diff --git a/src/lib/libcrypto/perlasm/x86ms.pl b/src/lib/libcrypto/perlasm/x86ms.pl
new file mode 100644
index 0000000000..893b50b1a4
--- /dev/null
+++ b/src/lib/libcrypto/perlasm/x86ms.pl
@@ -0,0 +1,348 @@
+#!/usr/bin/perl
+
+package x86ms;
+
+$label="L000";
+
+%lb=( 'eax', 'al',
+ 'ebx', 'bl',
+ 'ecx', 'cl',
+ 'edx', 'dl',
+ 'ax', 'al',
+ 'bx', 'bl',
+ 'cx', 'cl',
+ 'dx', 'dl',
+ );
+
+%hb=( 'eax', 'ah',
+ 'ebx', 'bh',
+ 'ecx', 'ch',
+ 'edx', 'dh',
+ 'ax', 'ah',
+ 'bx', 'bh',
+ 'cx', 'ch',
+ 'dx', 'dh',
+ );
+
+sub main'asm_init_output { @out=(); }
+sub main'asm_get_output { return(@out); }
+sub main'get_labels { return(@labels); }
+sub main'external_label { push(@labels,@_); }
+
+sub main'LB
+ {
+ (defined($lb{$_[0]})) || die "$_[0] does not have a 'low byte'\n";
+ return($lb{$_[0]});
+ }
+
+sub main'HB
+ {
+ (defined($hb{$_[0]})) || die "$_[0] does not have a 'high byte'\n";
+ return($hb{$_[0]});
+ }
+
+sub main'BP
+ {
+ &get_mem("BYTE",@_);
+ }
+
+sub main'DWP
+ {
+ &get_mem("DWORD",@_);
+ }
+
+sub main'stack_push
+ {
+ local($num)=@_;
+ $stack+=$num*4;
+ &main'sub("esp",$num*4);
+ }
+
+sub main'stack_pop
+ {
+ local($num)=@_;
+ $stack-=$num*4;
+ &main'add("esp",$num*4);
+ }
+
+sub get_mem
+ {
+ local($size,$addr,$reg1,$reg2,$idx)=@_;
+ local($t,$post);
+ local($ret)="$size PTR ";
+
+ $addr =~ s/^\s+//;
+ if ($addr =~ /^(.+)\+(.+)$/)
+ {
+ $reg2=&conv($1);
+ $addr="_$2";
+ }
+ elsif ($addr =~ /^[_a-zA-Z]/)
+ {
+ $addr="_$addr";
+ }
+
+ $reg1="$regs{$reg1}" if defined($regs{$reg1});
+ $reg2="$regs{$reg2}" if defined($regs{$reg2});
+ if (($addr ne "") && ($addr ne 0))
+ {
+ if ($addr !~ /^-/)
+ { $ret.=$addr; }
+ else { $post=$addr; }
+ }
+ if ($reg2 ne "")
+ {
+ $t="";
+ $t="*$idx" if ($idx != 0);
+ $reg1="+".$reg1 if ("$reg1$post" ne "");
+ $ret.="[$reg2$t$reg1$post]";
+ }
+ else
+ {
+ $ret.="[$reg1$post]"
+ }
+ return($ret);
+ }
+
+sub main'mov { &out2("mov",@_); }
+sub main'movb { &out2("mov",@_); }
+sub main'and { &out2("and",@_); }
+sub main'or { &out2("or",@_); }
+sub main'shl { &out2("shl",@_); }
+sub main'shr { &out2("shr",@_); }
+sub main'xor { &out2("xor",@_); }
+sub main'xorb { &out2("xor",@_); }
+sub main'add { &out2("add",@_); }
+sub main'adc { &out2("adc",@_); }
+sub main'sub { &out2("sub",@_); }
+sub main'rotl { &out2("rol",@_); }
+sub main'rotr { &out2("ror",@_); }
+sub main'exch { &out2("xchg",@_); }
+sub main'cmp { &out2("cmp",@_); }
+sub main'lea { &out2("lea",@_); }
+sub main'mul { &out1("mul",@_); }
+sub main'div { &out1("div",@_); }
+sub main'dec { &out1("dec",@_); }
+sub main'inc { &out1("inc",@_); }
+sub main'jmp { &out1("jmp",@_); }
+sub main'jmp_ptr { &out1p("jmp",@_); }
+sub main'je { &out1("je",@_); }
+sub main'jle { &out1("jle",@_); }
+sub main'jz { &out1("jz",@_); }
+sub main'jge { &out1("jge",@_); }
+sub main'jl { &out1("jl",@_); }
+sub main'jb { &out1("jb",@_); }
+sub main'jc { &out1("jc",@_); }
+sub main'jnc { &out1("jnc",@_); }
+sub main'jnz { &out1("jnz",@_); }
+sub main'jne { &out1("jne",@_); }
+sub main'jno { &out1("jno",@_); }
+sub main'push { &out1("push",@_); $stack+=4; }
+sub main'pop { &out1("pop",@_); $stack-=4; }
+sub main'bswap { &out1("bswap",@_); &using486(); }
+sub main'not { &out1("not",@_); }
+sub main'call { &out1("call",'_'.$_[0]); }
+sub main'ret { &out0("ret"); }
+sub main'nop { &out0("nop"); }
+
+sub out2
+ {
+ local($name,$p1,$p2)=@_;
+ local($l,$t);
+
+ push(@out,"\t$name\t");
+ $t=&conv($p1).",";
+ $l=length($t);
+ push(@out,$t);
+ $l=4-($l+9)/8;
+ push(@out,"\t" x $l);
+ push(@out,&conv($p2));
+ push(@out,"\n");
+ }
+
+sub out0
+ {
+ local($name)=@_;
+
+ push(@out,"\t$name\n");
+ }
+
+sub out1
+ {
+ local($name,$p1)=@_;
+ local($l,$t);
+
+ push(@out,"\t$name\t".&conv($p1)."\n");
+ }
+
+sub conv
+ {
+ local($p)=@_;
+
+ $p =~ s/0x([0-9A-Fa-f]+)/0$1h/;
+ return $p;
+ }
+
+sub using486
+ {
+ return if $using486;
+ $using486++;
+ grep(s/\.386/\.486/,@out);
+ }
+
+sub main'file
+ {
+ local($file)=@_;
+
+ local($tmp)=<<"EOF";
+ TITLE $file.asm
+ .386
+.model FLAT
+EOF
+ push(@out,$tmp);
+ }
+
+sub main'function_begin
+ {
+ local($func,$extra)=@_;
+
+ push(@labels,$func);
+
+ local($tmp)=<<"EOF";
+_TEXT SEGMENT
+PUBLIC _$func
+$extra
+_$func PROC NEAR
+ push ebp
+ push ebx
+ push esi
+ push edi
+EOF
+ push(@out,$tmp);
+ $stack=20;
+ }
+
+sub main'function_begin_B
+ {
+ local($func,$extra)=@_;
+
+ local($tmp)=<<"EOF";
+_TEXT SEGMENT
+PUBLIC _$func
+$extra
+_$func PROC NEAR
+EOF
+ push(@out,$tmp);
+ $stack=4;
+ }
+
+sub main'function_end
+ {
+ local($func)=@_;
+
+ local($tmp)=<<"EOF";
+ pop edi
+ pop esi
+ pop ebx
+ pop ebp
+ ret
+_$func ENDP
+_TEXT ENDS
+EOF
+ push(@out,$tmp);
+ $stack=0;
+ %label=();
+ }
+
+sub main'function_end_B
+ {
+ local($func)=@_;
+
+ local($tmp)=<<"EOF";
+_$func ENDP
+_TEXT ENDS
+EOF
+ push(@out,$tmp);
+ $stack=0;
+ %label=();
+ }
+
+sub main'function_end_A
+ {
+ local($func)=@_;
+
+ local($tmp)=<<"EOF";
+ pop edi
+ pop esi
+ pop ebx
+ pop ebp
+ ret
+EOF
+ push(@out,$tmp);
+ }
+
+sub main'file_end
+ {
+ push(@out,"END\n");
+ }
+
+sub main'wparam
+ {
+ local($num)=@_;
+
+ return(&main'DWP($stack+$num*4,"esp","",0));
+ }
+
+sub main'swtmp
+ {
+ return(&main'DWP($_[0]*4,"esp","",0));
+ }
+
+# Should use swtmp, which is above esp. Linix can trash the stack above esp
+#sub main'wtmp
+# {
+# local($num)=@_;
+#
+# return(&main'DWP(-(($num+1)*4),"esp","",0));
+# }
+
+sub main'comment
+ {
+ foreach (@_)
+ {
+ push(@out,"\t; $_\n");
+ }
+ }
+
+sub main'label
+ {
+ if (!defined($label{$_[0]}))
+ {
+ $label{$_[0]}="\$${label}${_[0]}";
+ $label++;
+ }
+ return($label{$_[0]});
+ }
+
+sub main'set_label
+ {
+ if (!defined($label{$_[0]}))
+ {
+ $label{$_[0]}="${label}${_[0]}";
+ $label++;
+ }
+ push(@out,"$label{$_[0]}:\n");
+ }
+
+sub main'data_word
+ {
+ push(@out,"\tDD\t$_[0]\n");
+ }
+
+sub out1p
+ {
+ local($name,$p1)=@_;
+ local($l,$t);
+
+ push(@out,"\t$name\t ".&conv($p1)."\n");
+ }
diff --git a/src/lib/libcrypto/perlasm/x86unix.pl b/src/lib/libcrypto/perlasm/x86unix.pl
new file mode 100644
index 0000000000..6ee4dd3245
--- /dev/null
+++ b/src/lib/libcrypto/perlasm/x86unix.pl
@@ -0,0 +1,429 @@
+#!/usr/bin/perl
+
+# Because the bswapl instruction is not supported for old assembers
+# (it was a new instruction for the 486), I've added .byte xxxx code
+# to put it in.
+# eric 24-Apr-1998
+#
+
+package x86unix;
+
+$label="L000";
+
+$align=($main'aout)?"4":"16";
+$under=($main'aout)?"_":"";
+$com_start=($main'sol)?"/":"#";
+
+sub main'asm_init_output { @out=(); }
+sub main'asm_get_output { return(@out); }
+sub main'get_labels { return(@labels); }
+sub main'external_label { push(@labels,@_); }
+
+if ($main'cpp)
+ {
+ $align="ALIGN";
+ $under="";
+ $com_start='/*';
+ $com_end='*/';
+ }
+
+%lb=( 'eax', '%al',
+ 'ebx', '%bl',
+ 'ecx', '%cl',
+ 'edx', '%dl',
+ 'ax', '%al',
+ 'bx', '%bl',
+ 'cx', '%cl',
+ 'dx', '%dl',
+ );
+
+%hb=( 'eax', '%ah',
+ 'ebx', '%bh',
+ 'ecx', '%ch',
+ 'edx', '%dh',
+ 'ax', '%ah',
+ 'bx', '%bh',
+ 'cx', '%ch',
+ 'dx', '%dh',
+ );
+
+%regs=( 'eax', '%eax',
+ 'ebx', '%ebx',
+ 'ecx', '%ecx',
+ 'edx', '%edx',
+ 'esi', '%esi',
+ 'edi', '%edi',
+ 'ebp', '%ebp',
+ 'esp', '%esp',
+ );
+
+%reg_val=(
+ 'eax', 0x00,
+ 'ebx', 0x03,
+ 'ecx', 0x01,
+ 'edx', 0x02,
+ 'esi', 0x06,
+ 'edi', 0x07,
+ 'ebp', 0x05,
+ 'esp', 0x04,
+ );
+
+sub main'LB
+ {
+ (defined($lb{$_[0]})) || die "$_[0] does not have a 'low byte'\n";
+ return($lb{$_[0]});
+ }
+
+sub main'HB
+ {
+ (defined($hb{$_[0]})) || die "$_[0] does not have a 'high byte'\n";
+ return($hb{$_[0]});
+ }
+
+sub main'DWP
+ {
+ local($addr,$reg1,$reg2,$idx)=@_;
+
+ $ret="";
+ $addr =~ s/(^|[+ \t])([A-Za-z_]+)($|[+ \t])/$1$under$2$3/;
+ $reg1="$regs{$reg1}" if defined($regs{$reg1});
+ $reg2="$regs{$reg2}" if defined($regs{$reg2});
+ $ret.=$addr if ($addr ne "") && ($addr ne 0);
+ if ($reg2 ne "")
+ { $ret.="($reg1,$reg2,$idx)"; }
+ else
+ { $ret.="($reg1)" }
+ return($ret);
+ }
+
+sub main'BP
+ {
+ return(&main'DWP(@_));
+ }
+
+#sub main'BP
+# {
+# local($addr,$reg1,$reg2,$idx)=@_;
+#
+# $ret="";
+#
+# $addr =~ s/(^|[+ \t])([A-Za-z_]+)($|[+ \t])/$1$under$2$3/;
+# $reg1="$regs{$reg1}" if defined($regs{$reg1});
+# $reg2="$regs{$reg2}" if defined($regs{$reg2});
+# $ret.=$addr if ($addr ne "") && ($addr ne 0);
+# if ($reg2 ne "")
+# { $ret.="($reg1,$reg2,$idx)"; }
+# else
+# { $ret.="($reg1)" }
+# return($ret);
+# }
+
+sub main'mov { &out2("movl",@_); }
+sub main'movb { &out2("movb",@_); }
+sub main'and { &out2("andl",@_); }
+sub main'or { &out2("orl",@_); }
+sub main'shl { &out2("sall",@_); }
+sub main'shr { &out2("shrl",@_); }
+sub main'xor { &out2("xorl",@_); }
+sub main'xorb { &out2("xorb",@_); }
+sub main'add { &out2("addl",@_); }
+sub main'adc { &out2("adcl",@_); }
+sub main'sub { &out2("subl",@_); }
+sub main'rotl { &out2("roll",@_); }
+sub main'rotr { &out2("rorl",@_); }
+sub main'exch { &out2("xchg",@_); }
+sub main'cmp { &out2("cmpl",@_); }
+sub main'lea { &out2("leal",@_); }
+sub main'mul { &out1("mull",@_); }
+sub main'div { &out1("divl",@_); }
+sub main'jmp { &out1("jmp",@_); }
+sub main'jmp_ptr { &out1p("jmp",@_); }
+sub main'je { &out1("je",@_); }
+sub main'jle { &out1("jle",@_); }
+sub main'jne { &out1("jne",@_); }
+sub main'jnz { &out1("jnz",@_); }
+sub main'jz { &out1("jz",@_); }
+sub main'jge { &out1("jge",@_); }
+sub main'jl { &out1("jl",@_); }
+sub main'jb { &out1("jb",@_); }
+sub main'jc { &out1("jc",@_); }
+sub main'jnc { &out1("jnc",@_); }
+sub main'jno { &out1("jno",@_); }
+sub main'dec { &out1("decl",@_); }
+sub main'inc { &out1("incl",@_); }
+sub main'push { &out1("pushl",@_); $stack+=4; }
+sub main'pop { &out1("popl",@_); $stack-=4; }
+sub main'bswap { &out1("bswapl",@_); }
+sub main'not { &out1("notl",@_); }
+sub main'call { &out1("call",$under.$_[0]); }
+sub main'ret { &out0("ret"); }
+sub main'nop { &out0("nop"); }
+
+sub out2
+ {
+ local($name,$p1,$p2)=@_;
+ local($l,$ll,$t);
+ local(%special)=( "roll",0xD1C0,"rorl",0xD1C8,
+ "rcll",0xD1D0,"rcrl",0xD1D8,
+ "shll",0xD1E0,"shrl",0xD1E8,
+ "sarl",0xD1F8);
+
+ if ((defined($special{$name})) && defined($regs{$p1}) && ($p2 == 1))
+ {
+ $op=$special{$name}|$reg_val{$p1};
+ $tmp1=sprintf(".byte %d\n",($op>>8)&0xff);
+ $tmp2=sprintf(".byte %d\t",$op &0xff);
+ push(@out,$tmp1);
+ push(@out,$tmp2);
+
+ $p2=&conv($p2);
+ $p1=&conv($p1);
+ &main'comment("$name $p2 $p1");
+ return;
+ }
+
+ push(@out,"\t$name\t");
+ $t=&conv($p2).",";
+ $l=length($t);
+ push(@out,$t);
+ $ll=4-($l+9)/8;
+ $tmp1=sprintf("\t" x $ll);
+ push(@out,$tmp1);
+ push(@out,&conv($p1)."\n");
+ }
+
+sub out1
+ {
+ local($name,$p1)=@_;
+ local($l,$t);
+ local(%special)=("bswapl",0x0FC8);
+
+ if ((defined($special{$name})) && defined($regs{$p1}))
+ {
+ $op=$special{$name}|$reg_val{$p1};
+ $tmp1=sprintf(".byte %d\n",($op>>8)&0xff);
+ $tmp2=sprintf(".byte %d\t",$op &0xff);
+ push(@out,$tmp1);
+ push(@out,$tmp2);
+
+ $p2=&conv($p2);
+ $p1=&conv($p1);
+ &main'comment("$name $p2 $p1");
+ return;
+ }
+
+ push(@out,"\t$name\t".&conv($p1)."\n");
+ }
+
+sub out1p
+ {
+ local($name,$p1)=@_;
+ local($l,$t);
+
+ push(@out,"\t$name\t*".&conv($p1)."\n");
+ }
+
+sub out0
+ {
+ push(@out,"\t$_[0]\n");
+ }
+
+sub conv
+ {
+ local($p)=@_;
+
+# $p =~ s/0x([0-9A-Fa-f]+)/0$1h/;
+
+ $p=$regs{$p} if (defined($regs{$p}));
+
+ $p =~ s/^(-{0,1}[0-9A-Fa-f]+)$/\$$1/;
+ $p =~ s/^(0x[0-9A-Fa-f]+)$/\$$1/;
+ return $p;
+ }
+
+sub main'file
+ {
+ local($file)=@_;
+
+ local($tmp)=<<"EOF";
+ .file "$file.s"
+ .version "01.01"
+gcc2_compiled.:
+EOF
+ push(@out,$tmp);
+ }
+
+sub main'function_begin
+ {
+ local($func)=@_;
+
+ &main'external_label($func);
+ $func=$under.$func;
+
+ local($tmp)=<<"EOF";
+.text
+ .align $align
+.globl $func
+EOF
+ push(@out,$tmp);
+ if ($main'cpp)
+ { $tmp=push(@out,"\tTYPE($func,\@function)\n"); }
+ else { $tmp=push(@out,"\t.type\t$func,\@function\n"); }
+ push(@out,"$func:\n");
+ $tmp=<<"EOF";
+ pushl %ebp
+ pushl %ebx
+ pushl %esi
+ pushl %edi
+
+EOF
+ push(@out,$tmp);
+ $stack=20;
+ }
+
+sub main'function_begin_B
+ {
+ local($func,$extra)=@_;
+
+ &main'external_label($func);
+ $func=$under.$func;
+
+ local($tmp)=<<"EOF";
+.text
+ .align $align
+.globl $func
+EOF
+ push(@out,$tmp);
+ if ($main'cpp)
+ { push(@out,"\tTYPE($func,\@function)\n"); }
+ else { push(@out,"\t.type $func,\@function\n"); }
+ push(@out,"$func:\n");
+ $stack=4;
+ }
+
+sub main'function_end
+ {
+ local($func)=@_;
+
+ $func=$under.$func;
+
+ local($tmp)=<<"EOF";
+ popl %edi
+ popl %esi
+ popl %ebx
+ popl %ebp
+ ret
+.${func}_end:
+EOF
+ push(@out,$tmp);
+ if ($main'cpp)
+ { push(@out,"\tSIZE($func,.${func}_end-$func)\n"); }
+ else { push(@out,"\t.size\t$func,.${func}_end-$func\n"); }
+ push(@out,".ident \"$func\"\n");
+ $stack=0;
+ %label=();
+ }
+
+sub main'function_end_A
+ {
+ local($func)=@_;
+
+ local($tmp)=<<"EOF";
+ popl %edi
+ popl %esi
+ popl %ebx
+ popl %ebp
+ ret
+EOF
+ push(@out,$tmp);
+ }
+
+sub main'function_end_B
+ {
+ local($func)=@_;
+
+ $func=$under.$func;
+
+ push(@out,".${func}_end:\n");
+ if ($main'cpp)
+ { push(@out,"\tSIZE($func,.${func}_end-$func)\n"); }
+ else { push(@out,"\t.size\t$func,.${func}_end-$func\n"); }
+ push(@out,".ident \"desasm.pl\"\n");
+ $stack=0;
+ %label=();
+ }
+
+sub main'wparam
+ {
+ local($num)=@_;
+
+ return(&main'DWP($stack+$num*4,"esp","",0));
+ }
+
+sub main'stack_push
+ {
+ local($num)=@_;
+ $stack+=$num*4;
+ &main'sub("esp",$num*4);
+ }
+
+sub main'stack_pop
+ {
+ local($num)=@_;
+ $stack-=$num*4;
+ &main'add("esp",$num*4);
+ }
+
+sub main'swtmp
+ {
+ return(&main'DWP($_[0]*4,"esp","",0));
+ }
+
+# Should use swtmp, which is above esp. Linix can trash the stack above esp
+#sub main'wtmp
+# {
+# local($num)=@_;
+#
+# return(&main'DWP(-($num+1)*4,"esp","",0));
+# }
+
+sub main'comment
+ {
+ foreach (@_)
+ {
+ if (/^\s*$/)
+ { push(@out,"\n"); }
+ else
+ { push(@out,"\t$com_start $_ $com_end\n"); }
+ }
+ }
+
+sub main'label
+ {
+ if (!defined($label{$_[0]}))
+ {
+ $label{$_[0]}=".${label}${_[0]}";
+ $label++;
+ }
+ return($label{$_[0]});
+ }
+
+sub main'set_label
+ {
+ if (!defined($label{$_[0]}))
+ {
+ $label{$_[0]}=".${label}${_[0]}";
+ $label++;
+ }
+ push(@out,".align $align\n") if ($_[1] != 0);
+ push(@out,"$label{$_[0]}:\n");
+ }
+
+sub main'file_end
+ {
+ }
+
+sub main'data_word
+ {
+ push(@out,"\t.long $_[0]\n");
+ }
diff --git a/src/lib/libcrypto/pkcs7/doc b/src/lib/libcrypto/pkcs7/doc
new file mode 100644
index 0000000000..d2e8b7b2a3
--- /dev/null
+++ b/src/lib/libcrypto/pkcs7/doc
@@ -0,0 +1,24 @@
+int PKCS7_set_content_type(PKCS7 *p7, int type);
+Call to set the type of PKCS7 object we are working on
+
+int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
+ EVP_MD *dgst);
+Use this to setup a signer info
+There will also be functions to add signed and unsigned attributes.
+
+int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *p7i);
+Add a signer info to the content.
+
+int PKCS7_add_certificae(PKCS7 *p7, X509 *x509);
+int PKCS7_add_crl(PKCS7 *p7, X509_CRL *x509);
+
+----
+
+p7=PKCS7_new();
+PKCS7_set_content_type(p7,NID_pkcs7_signed);
+
+signer=PKCS7_SINGNER_INFO_new();
+PKCS7_SIGNER_INFO_set(signer,x509,pkey,EVP_md5());
+PKCS7_add_signer(py,signer);
+
+we are now setup.
diff --git a/src/lib/libcrypto/pkcs7/enc.c b/src/lib/libcrypto/pkcs7/enc.c
new file mode 100644
index 0000000000..625a7c2285
--- /dev/null
+++ b/src/lib/libcrypto/pkcs7/enc.c
@@ -0,0 +1,144 @@
+/* crypto/pkcs7/enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include "bio.h"
+#include "x509.h"
+#include "pem.h"
+
+main(argc,argv)
+int argc;
+char *argv[];
+ {
+ X509 *x509;
+ EVP_PKEY *pkey;
+ PKCS7 *p7;
+ PKCS7 *p7_data;
+ PKCS7_SIGNER_INFO *si;
+ BIO *in;
+ BIO *data,*p7bio;
+ char buf[1024*4];
+ int i,j;
+ int nodetach=0;
+
+ EVP_add_digest(EVP_sha1());
+ EVP_add_cipher(EVP_des_cbc());
+
+ data=BIO_new(BIO_s_file());
+again:
+ if (argc > 1)
+ {
+ if (strcmp(argv[1],"-nd") == 0)
+ {
+ nodetach=1;
+ argv++; argc--;
+ goto again;
+ }
+ if (!BIO_read_filename(data,argv[1]))
+ goto err;
+ }
+ else
+ BIO_set_fp(data,stdin,BIO_NOCLOSE);
+
+ if ((in=BIO_new_file("server.pem","r")) == NULL) goto err;
+ if ((x509=PEM_read_bio_X509(in,NULL,NULL)) == NULL) goto err;
+ BIO_reset(in);
+ if ((pkey=PEM_read_bio_PrivateKey(in,NULL,NULL)) == NULL) goto err;
+ BIO_free(in);
+
+ p7=PKCS7_new();
+ PKCS7_set_type(p7,NID_pkcs7_signedAndEnveloped);
+
+ if (PKCS7_add_signature(p7,x509,pkey,EVP_sha1()) == NULL) goto err;
+
+ if (!PKCS7_set_cipher(p7,EVP_des_cbc())) goto err;
+ if (PKCS7_add_recipient(p7,x509) == NULL) goto err;
+
+ /* we may want to add more */
+ PKCS7_add_certificate(p7,x509);
+
+
+ /* Set the content of the signed to 'data' */
+ /* PKCS7_content_new(p7,NID_pkcs7_data); not used in envelope */
+
+ /* could be used, but not in this version :-)
+ if (!nodetach) PKCS7_set_detached(p7,1);
+ */
+
+ if ((p7bio=PKCS7_dataInit(p7,NULL)) == NULL) goto err;
+
+ for (;;)
+ {
+ i=BIO_read(data,buf,sizeof(buf));
+ if (i <= 0) break;
+ BIO_write(p7bio,buf,i);
+ }
+ BIO_flush(p7bio);
+
+ if (!PKCS7_dataSign(p7,p7bio)) goto err;
+ BIO_free(p7bio);
+
+ PEM_write_PKCS7(stdout,p7);
+ PKCS7_free(p7);
+
+ exit(0);
+err:
+ ERR_load_crypto_strings();
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
diff --git a/src/lib/libcrypto/pkcs7/p7/a1 b/src/lib/libcrypto/pkcs7/p7/a1
new file mode 100644
index 0000000000..56ca943762
--- /dev/null
+++ b/src/lib/libcrypto/pkcs7/p7/a1
@@ -0,0 +1,2 @@
+j,�H>�_����_�D�z���E�L� VJ��觬�����E3��Y��x%�_�k
+3�)DLSc�8�%��M
\ No newline at end of file
diff --git a/src/lib/libcrypto/pkcs7/p7/a2 b/src/lib/libcrypto/pkcs7/p7/a2
new file mode 100644
index 0000000000..23d8fb5e93
--- /dev/null
+++ b/src/lib/libcrypto/pkcs7/p7/a2
@@ -0,0 +1 @@
+k~@a�,N�M���� �<O( KP�騠�K�>���U�o_����Bqrm�?٠t?t��ρ�Id�2��
\ No newline at end of file
diff --git a/src/lib/libcrypto/pkcs7/p7/cert.p7c b/src/lib/libcrypto/pkcs7/p7/cert.p7c
new file mode 100644
index 0000000000..2b75ec05f7
Binary files /dev/null and b/src/lib/libcrypto/pkcs7/p7/cert.p7c differ
diff --git a/src/lib/libcrypto/pkcs7/p7/smime.p7m b/src/lib/libcrypto/pkcs7/p7/smime.p7m
new file mode 100644
index 0000000000..2b6e6f82ba
Binary files /dev/null and b/src/lib/libcrypto/pkcs7/p7/smime.p7m differ
diff --git a/src/lib/libcrypto/pkcs7/p7/smime.p7s b/src/lib/libcrypto/pkcs7/p7/smime.p7s
new file mode 100644
index 0000000000..2b5d4fb0e3
Binary files /dev/null and b/src/lib/libcrypto/pkcs7/p7/smime.p7s differ
diff --git a/src/lib/libcrypto/pkcs7/pk7_dgst.c b/src/lib/libcrypto/pkcs7/pk7_dgst.c
new file mode 100644
index 0000000000..7769abeb1e
--- /dev/null
+++ b/src/lib/libcrypto/pkcs7/pk7_dgst.c
@@ -0,0 +1,66 @@
+/* crypto/pkcs7/pk7_dgst.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "rand.h"
+#include "objects.h"
+#include "x509.h"
+#include "pkcs7.h"
+
diff --git a/src/lib/libcrypto/pkcs7/pk7_enc.c b/src/lib/libcrypto/pkcs7/pk7_enc.c
new file mode 100644
index 0000000000..a5b6dc463f
--- /dev/null
+++ b/src/lib/libcrypto/pkcs7/pk7_enc.c
@@ -0,0 +1,76 @@
+/* crypto/pkcs7/pk7_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "rand.h"
+#include "objects.h"
+#include "x509.h"
+#include "pkcs7.h"
+
+PKCS7_in_bio(PKCS7 *p7,BIO *in);
+PKCS7_out_bio(PKCS7 *p7,BIO *out);
+
+PKCS7_add_signer(PKCS7 *p7,X509 *cert,EVP_PKEY *key);
+PKCS7_cipher(PKCS7 *p7,EVP_CIPHER *cipher);
+
+PKCS7_Init(PKCS7 *p7);
+PKCS7_Update(PKCS7 *p7);
+PKCS7_Finish(PKCS7 *p7);
+
diff --git a/src/lib/libcrypto/pkcs7/server.pem b/src/lib/libcrypto/pkcs7/server.pem
new file mode 100644
index 0000000000..750aac2094
--- /dev/null
+++ b/src/lib/libcrypto/pkcs7/server.pem
@@ -0,0 +1,24 @@
+issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
+subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Server test cert (512 bit)
+-----BEGIN CERTIFICATE-----
+MIIB6TCCAVICAQAwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV
+BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYD
+VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNOTcwNjA5MTM1NzQ2WhcNOTgwNjA5
+MTM1NzQ2WjBjMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG
+A1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxIzAhBgNVBAMTGlNlcnZlciB0ZXN0IGNl
+cnQgKDUxMiBiaXQpMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJ+zw4Qnlf8SMVIP
+Fe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVDTGiXav6ooKXfX3j/7tdkuD8Ey2//
+Kv7+ue0CAwEAATANBgkqhkiG9w0BAQQFAAOBgQB4TMR2CvacKE9wAsu9jyCX8YiW
+mgCM+YoP6kt4Zkj2z5IRfm7WrycKsnpnOR+tGeqAjkCeZ6/36o9l91RvPnN1VJ/i
+xQv2df0KFeMr00IkDdTNAdIWqFkSsZTAY2QAdgenb7MB1joejquYzO2DQIO7+wpH
+irObpESxAZLySCmPPg==
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIIBPAIBAAJBAJ+zw4Qnlf8SMVIPFe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVD
+TGiXav6ooKXfX3j/7tdkuD8Ey2//Kv7+ue0CAwEAAQJAN6W31vDEP2DjdqhzCDDu
+OA4NACqoiFqyblo7yc2tM4h4xMbC3Yx5UKMN9ZkCtX0gzrz6DyF47bdKcWBzNWCj
+gQIhANEoojVt7hq+SQ6MCN6FTAysGgQf56Q3TYoJMoWvdiXVAiEAw3e3rc+VJpOz
+rHuDo6bgpjUAAXM+v3fcpsfZSNO6V7kCIQCtbVjanpUwvZkMI9by02oUk9taki3b
+PzPfAfNPYAbCJQIhAJXNQDWyqwn/lGmR11cqY2y9nZ1+5w3yHGatLrcDnQHxAiEA
+vnlEGo8K85u+KwIOimM48ZG8oTk7iFdkqLJR1utT3aU=
+-----END RSA PRIVATE KEY-----
diff --git a/src/lib/libcrypto/pkcs7/sign.c b/src/lib/libcrypto/pkcs7/sign.c
new file mode 100644
index 0000000000..ead1cb65ca
--- /dev/null
+++ b/src/lib/libcrypto/pkcs7/sign.c
@@ -0,0 +1,140 @@
+/* crypto/pkcs7/sign.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include "bio.h"
+#include "x509.h"
+#include "pem.h"
+
+main(argc,argv)
+int argc;
+char *argv[];
+ {
+ X509 *x509;
+ EVP_PKEY *pkey;
+ PKCS7 *p7;
+ PKCS7 *p7_data;
+ PKCS7_SIGNER_INFO *si;
+ BIO *in;
+ BIO *data,*p7bio;
+ char buf[1024*4];
+ int i,j;
+ int nodetach=0;
+
+ EVP_add_digest(EVP_md2());
+ EVP_add_digest(EVP_md5());
+ EVP_add_digest(EVP_sha1());
+ EVP_add_digest(EVP_mdc2());
+
+ data=BIO_new(BIO_s_file());
+again:
+ if (argc > 1)
+ {
+ if (strcmp(argv[1],"-nd") == 0)
+ {
+ nodetach=1;
+ argv++; argc--;
+ goto again;
+ }
+ if (!BIO_read_filename(data,argv[1]))
+ goto err;
+ }
+ else
+ BIO_set_fp(data,stdin,BIO_NOCLOSE);
+
+ if ((in=BIO_new_file("server.pem","r")) == NULL) goto err;
+ if ((x509=PEM_read_bio_X509(in,NULL,NULL)) == NULL) goto err;
+ BIO_reset(in);
+ if ((pkey=PEM_read_bio_PrivateKey(in,NULL,NULL)) == NULL) goto err;
+ BIO_free(in);
+
+ p7=PKCS7_new();
+ PKCS7_set_type(p7,NID_pkcs7_signed);
+
+ if (PKCS7_add_signature(p7,x509,pkey,EVP_sha1()) == NULL) goto err;
+
+ /* we may want to add more */
+ PKCS7_add_certificate(p7,x509);
+
+ /* Set the content of the signed to 'data' */
+ PKCS7_content_new(p7,NID_pkcs7_data);
+
+ if (!nodetach)
+ PKCS7_set_detached(p7,1);
+
+ if ((p7bio=PKCS7_dataInit(p7,NULL)) == NULL) goto err;
+
+ for (;;)
+ {
+ i=BIO_read(data,buf,sizeof(buf));
+ if (i <= 0) break;
+ BIO_write(p7bio,buf,i);
+ }
+
+ if (!PKCS7_dataSign(p7,p7bio)) goto err;
+ BIO_free(p7bio);
+
+ PEM_write_PKCS7(stdout,p7);
+ PKCS7_free(p7);
+
+ exit(0);
+err:
+ ERR_load_crypto_strings();
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
diff --git a/src/lib/libcrypto/pkcs7/verify.c b/src/lib/libcrypto/pkcs7/verify.c
new file mode 100644
index 0000000000..0e1c1b26dc
--- /dev/null
+++ b/src/lib/libcrypto/pkcs7/verify.c
@@ -0,0 +1,238 @@
+/* crypto/pkcs7/verify.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include "asn1.h"
+#include "bio.h"
+#include "x509.h"
+#include "pem.h"
+
+int verify_callback(int ok, X509_STORE_CTX *ctx);
+
+BIO *bio_err=NULL;
+
+main(argc,argv)
+int argc;
+char *argv[];
+ {
+ X509 *x509,*x;
+ PKCS7 *p7;
+ PKCS7_SIGNED *s;
+ PKCS7_SIGNER_INFO *si;
+ PKCS7_ISSUER_AND_SERIAL *ias;
+ X509_STORE_CTX cert_ctx;
+ X509_STORE *cert_store=NULL;
+ X509_LOOKUP *lookup=NULL;
+ BIO *data,*detached=NULL,*p7bio=NULL;
+ char buf[1024*4];
+ unsigned char *p,*pp;
+ int i,j,printit=0;
+ STACK *sk;
+
+ bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
+ EVP_add_digest(EVP_md2());
+ EVP_add_digest(EVP_md5());
+ EVP_add_digest(EVP_sha1());
+ EVP_add_digest(EVP_mdc2());
+
+ data=BIO_new(BIO_s_file());
+again:
+ pp=NULL;
+ while (argc > 1)
+ {
+ argc--;
+ argv++;
+ if (strcmp(argv[0],"-p") == 0)
+ {
+ printit=1;
+ }
+ else if ((strcmp(argv[0],"-d") == 0) && (argc >= 2))
+ {
+ detached=BIO_new(BIO_s_file());
+ if (!BIO_read_filename(detached,argv[1]))
+ goto err;
+ argc--;
+ argv++;
+ }
+ else
+ {
+ pp=argv[0];
+ if (!BIO_read_filename(data,argv[0]))
+ goto err;
+ }
+ }
+
+ if (pp == NULL)
+ BIO_set_fp(data,stdin,BIO_NOCLOSE);
+
+
+ /* Load the PKCS7 object from a file */
+ if ((p7=PEM_read_bio_PKCS7(data,NULL,NULL)) == NULL) goto err;
+
+ /* This stuff is being setup for certificate verification.
+ * When using SSL, it could be replaced with a
+ * cert_stre=SSL_CTX_get_cert_store(ssl_ctx); */
+ cert_store=X509_STORE_new();
+ X509_STORE_set_default_paths(cert_store);
+ X509_STORE_load_locations(cert_store,NULL,"../../certs");
+ X509_STORE_set_verify_cb_func(cert_store,verify_callback);
+
+ ERR_clear_errors();
+
+ /* We need to process the data */
+ if (PKCS7_get_detached(p7))
+ {
+ if (detached == NULL)
+ {
+ printf("no data to verify the signature on\n");
+ exit(1);
+ }
+ else
+ p7bio=PKCS7_dataInit(p7,detached);
+ }
+ else
+ {
+ p7bio=PKCS7_dataInit(p7,NULL);
+ }
+
+ /* We now have to 'read' from p7bio to calculate digests etc. */
+ for (;;)
+ {
+ i=BIO_read(p7bio,buf,sizeof(buf));
+ /* print it? */
+ if (i <= 0) break;
+ }
+
+ /* We can now verify signatures */
+ sk=PKCS7_get_signer_info(p7);
+ if (sk == NULL)
+ {
+ printf("there are no signatures on this data\n");
+ exit(1);
+ }
+
+ /* Ok, first we need to, for each subject entry, see if we can verify */
+ for (i=0; i<sk_num(sk); i++)
+ {
+ si=(PKCS7_SIGNER_INFO *)sk_value(sk,i);
+ i=PKCS7_dataVerify(cert_store,&cert_ctx,p7bio,p7,si);
+ if (i <= 0)
+ goto err;
+ }
+
+ X509_STORE_free(cert_store);
+
+ printf("done\n");
+ exit(0);
+err:
+ ERR_load_crypto_strings();
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+/* should be X509 * but we can just have them as char *. */
+int verify_callback(ok, ctx)
+int ok;
+X509_STORE_CTX *ctx;
+ {
+ char buf[256];
+ X509 *err_cert;
+ int err,depth;
+
+ err_cert=X509_STORE_CTX_get_current_cert(ctx);
+ err= X509_STORE_CTX_get_error(ctx);
+ depth= X509_STORE_CTX_get_error_depth(ctx);
+
+ X509_NAME_oneline(X509_get_subject_name(err_cert),buf,256);
+ BIO_printf(bio_err,"depth=%d %s\n",depth,buf);
+ if (!ok)
+ {
+ BIO_printf(bio_err,"verify error:num=%d:%s\n",err,
+ X509_verify_cert_error_string(err));
+ if (depth < 6)
+ {
+ ok=1;
+ X509_STORE_CTX_set_error(ctx,X509_V_OK);
+ }
+ else
+ {
+ ok=0;
+ X509_STORE_CTX_set_error(ctx,X509_V_ERR_CERT_CHAIN_TOO_LONG);
+ }
+ }
+ switch (ctx->error)
+ {
+ case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
+ X509_NAME_oneline(X509_get_issuer_name(ctx->current_cert),buf,256);
+ BIO_printf(bio_err,"issuer= %s\n",buf);
+ break;
+ case X509_V_ERR_CERT_NOT_YET_VALID:
+ case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
+ BIO_printf(bio_err,"notBefore=");
+ ASN1_UTCTIME_print(bio_err,X509_get_notBefore(ctx->current_cert));
+ BIO_printf(bio_err,"\n");
+ break;
+ case X509_V_ERR_CERT_HAS_EXPIRED:
+ case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
+ BIO_printf(bio_err,"notAfter=");
+ ASN1_UTCTIME_print(bio_err,X509_get_notAfter(ctx->current_cert));
+ BIO_printf(bio_err,"\n");
+ break;
+ }
+ BIO_printf(bio_err,"verify return:%d\n",ok);
+ return(ok);
+ }
diff --git a/src/lib/libcrypto/rand/md_rand.c b/src/lib/libcrypto/rand/md_rand.c
new file mode 100644
index 0000000000..f44b36a8b9
--- /dev/null
+++ b/src/lib/libcrypto/rand/md_rand.c
@@ -0,0 +1,405 @@
+/* crypto/rand/md_rand.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <sys/types.h>
+#include <time.h>
+
+#if !defined(USE_MD5_RAND) && !defined(USE_SHA1_RAND) && !defined(USE_MDC2_RAND) && !defined(USE_MD2_RAND)
+#ifndef NO_MD5
+#define USE_MD5_RAND
+#elif !defined(NO_SHA1)
+#define USE_SHA1_RAND
+#elif !defined(NO_MDC2)
+#define USE_MDC2_RAND
+#elif !defined(NO_MD2)
+#define USE_MD2_RAND
+#else
+We need a message digest of some type
+#endif
+#endif
+
+/* Changed how the state buffer used. I now attempt to 'wrap' such
+ * that I don't run over the same locations the next time go through
+ * the 1023 bytes - many thanks to
+ * Robert J. LeBlanc <rjl@renaissoft.com> for his comments
+ */
+
+#if defined(USE_MD5_RAND)
+#include "md5.h"
+#define MD_DIGEST_LENGTH MD5_DIGEST_LENGTH
+#define MD_CTX MD5_CTX
+#define MD_Init(a) MD5_Init(a)
+#define MD_Update(a,b,c) MD5_Update(a,b,c)
+#define MD_Final(a,b) MD5_Final(a,b)
+#elif defined(USE_SHA1_RAND)
+#include "sha.h"
+#define MD_DIGEST_LENGTH SHA_DIGEST_LENGTH
+#define MD_CTX SHA_CTX
+#define MD_Init(a) SHA1_Init(a)
+#define MD_Update(a,b,c) SHA1_Update(a,b,c)
+#define MD_Final(a,b) SHA1_Final(a,b)
+#elif defined(USE_MDC2_RAND)
+#include "mdc2.h"
+#define MD_DIGEST_LENGTH MDC2_DIGEST_LENGTH
+#define MD_CTX MDC2_CTX
+#define MD_Init(a) MDC2_Init(a)
+#define MD_Update(a,b,c) MDC2_Update(a,b,c)
+#define MD_Final(a,b) MDC2_Final(a,b)
+#elif defined(USE_MD2_RAND)
+#include "md2.h"
+#define MD_DIGEST_LENGTH MD2_DIGEST_LENGTH
+#define MD_CTX MD2_CTX
+#define MD_Init(a) MD2_Init(a)
+#define MD_Update(a,b,c) MD2_Update(a,b,c)
+#define MD_Final(a,b) MD2_Final(a,b)
+#endif
+
+#include "rand.h"
+
+/*#define NORAND 1 */
+/*#define PREDICT 1 */
+
+#define STATE_SIZE 1023
+static int state_num=0,state_index=0;
+static unsigned char state[STATE_SIZE+MD_DIGEST_LENGTH];
+static unsigned char md[MD_DIGEST_LENGTH];
+static int md_count=0;
+
+char *RAND_version="RAND part of SSLeay 0.9.0b 29-Jun-1998";
+
+void RAND_cleanup()
+ {
+ memset(state,0,sizeof(state));
+ state_num=0;
+ state_index=0;
+ memset(md,0,MD_DIGEST_LENGTH);
+ md_count=0;
+ }
+
+void RAND_seed(buf,num)
+unsigned char *buf;
+int num;
+ {
+ int i,j,k,st_idx,st_num;
+ MD_CTX m;
+
+#ifdef NORAND
+ return;
+#endif
+
+ CRYPTO_w_lock(CRYPTO_LOCK_RAND);
+ st_idx=state_index;
+ st_num=state_num;
+
+ state_index=(state_index+num);
+ if (state_index >= STATE_SIZE)
+ {
+ state_index%=STATE_SIZE;
+ state_num=STATE_SIZE;
+ }
+ else if (state_num < STATE_SIZE)
+ {
+ if (state_index > state_num)
+ state_num=state_index;
+ }
+ CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
+
+ for (i=0; i<num; i+=MD_DIGEST_LENGTH)
+ {
+ j=(num-i);
+ j=(j > MD_DIGEST_LENGTH)?MD_DIGEST_LENGTH:j;
+
+ MD_Init(&m);
+ MD_Update(&m,md,MD_DIGEST_LENGTH);
+ k=(st_idx+j)-STATE_SIZE;
+ if (k > 0)
+ {
+ MD_Update(&m,&(state[st_idx]),j-k);
+ MD_Update(&m,&(state[0]),k);
+ }
+ else
+ MD_Update(&m,&(state[st_idx]),j);
+
+ MD_Update(&m,buf,j);
+ MD_Final(md,&m);
+
+ buf+=j;
+
+ for (k=0; k<j; k++)
+ {
+ state[st_idx++]^=md[k];
+ if (st_idx >= STATE_SIZE)
+ {
+ st_idx=0;
+ st_num=STATE_SIZE;
+ }
+ }
+ }
+ memset((char *)&m,0,sizeof(m));
+ }
+
+void RAND_bytes(buf,num)
+unsigned char *buf;
+int num;
+ {
+ int i,j,k,st_num,st_idx;
+ MD_CTX m;
+ static int init=1;
+ unsigned long l;
+#ifdef DEVRANDOM
+ FILE *fh;
+#endif
+
+#ifdef PREDICT
+ {
+ static unsigned char val=0;
+
+ for (i=0; i<num; i++)
+ buf[i]=val++;
+ return;
+ }
+#endif
+
+ CRYPTO_w_lock(CRYPTO_LOCK_RAND);
+
+ if (init)
+ {
+ init=0;
+ CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
+ /* put in some default random data, we need more than
+ * just this */
+ RAND_seed((unsigned char *)&m,sizeof(m));
+#ifndef MSDOS
+ l=getpid();
+ RAND_seed((unsigned char *)&l,sizeof(l));
+ l=getuid();
+ RAND_seed((unsigned char *)&l,sizeof(l));
+#endif
+ l=time(NULL);
+ RAND_seed((unsigned char *)&l,sizeof(l));
+
+/* #ifdef DEVRANDOM */
+ /*
+ * Use a random entropy pool device.
+ * Linux 1.3.x and FreeBSD-Current has
+ * this. Use /dev/urandom if you can
+ * as /dev/random will block if it runs out
+ * of random entries.
+ */
+ if ((fh = fopen(DEVRANDOM, "r")) != NULL)
+ {
+ unsigned char tmpbuf[32];
+
+ fread((unsigned char *)tmpbuf,1,32,fh);
+ /* we don't care how many bytes we read,
+ * we will just copy the 'stack' if there is
+ * nothing else :-) */
+ fclose(fh);
+ RAND_seed(tmpbuf,32);
+ memset(tmpbuf,0,32);
+ }
+/* #endif */
+#ifdef PURIFY
+ memset(state,0,STATE_SIZE);
+ memset(md,0,MD_DIGEST_LENGTH);
+#endif
+ CRYPTO_w_lock(CRYPTO_LOCK_RAND);
+ }
+
+ st_idx=state_index;
+ st_num=state_num;
+ state_index+=num;
+ if (state_index > state_num)
+ state_index=(state_index%state_num);
+
+ CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
+
+ while (num > 0)
+ {
+ j=(num >= MD_DIGEST_LENGTH/2)?MD_DIGEST_LENGTH/2:num;
+ num-=j;
+ MD_Init(&m);
+ MD_Update(&m,&(md[MD_DIGEST_LENGTH/2]),MD_DIGEST_LENGTH/2);
+#ifndef PURIFY
+ MD_Update(&m,buf,j); /* purify complains */
+#endif
+ k=(st_idx+j)-st_num;
+ if (k > 0)
+ {
+ MD_Update(&m,&(state[st_idx]),j-k);
+ MD_Update(&m,&(state[0]),k);
+ }
+ else
+ MD_Update(&m,&(state[st_idx]),j);
+ MD_Final(md,&m);
+
+ for (i=0; i<j; i++)
+ {
+ if (st_idx >= st_num)
+ st_idx=0;
+ state[st_idx++]^=md[i];
+ *(buf++)=md[i+MD_DIGEST_LENGTH/2];
+ }
+ }
+
+ MD_Init(&m);
+ MD_Update(&m,(unsigned char *)&md_count,sizeof(md_count)); md_count++;
+ MD_Update(&m,md,MD_DIGEST_LENGTH);
+ MD_Final(md,&m);
+ memset(&m,0,sizeof(m));
+ }
+
+#ifdef WINDOWS
+#include <windows.h>
+#include <rand.h>
+
+/*****************************************************************************
+ * Initialisation function for the SSL random generator. Takes the contents
+ * of the screen as random seed.
+ *
+ * Created 960901 by Gertjan van Oosten, gertjan@West.NL, West Consulting B.V.
+ *
+ * Code adapted from
+ * <URL:http://www.microsoft.com/kb/developr/win_dk/q97193.htm>;
+ * the original copyright message is:
+ *
+// (C) Copyright Microsoft Corp. 1993. All rights reserved.
+//
+// You have a royalty-free right to use, modify, reproduce and
+// distribute the Sample Files (and/or any modified version) in
+// any way you find useful, provided that you agree that
+// Microsoft has no warranty obligations or liability for any
+// Sample Application Files which are modified.
+ */
+/*
+ * I have modified the loading of bytes via RAND_seed() mechanism since
+ * the origional would have been very very CPU intensive since RAND_seed()
+ * does an MD5 per 16 bytes of input. The cost to digest 16 bytes is the same
+ * as that to digest 56 bytes. So under the old system, a screen of
+ * 1024*768*256 would have been CPU cost of approximatly 49,000 56 byte MD5
+ * digests or digesting 2.7 mbytes. What I have put in place would
+ * be 48 16k MD5 digests, or efectivly 48*16+48 MD5 bytes or 816 kbytes
+ * or about 3.5 times as much.
+ * - eric
+ */
+void RAND_screen(void)
+{
+ HDC hScrDC; /* screen DC */
+ HDC hMemDC; /* memory DC */
+ HBITMAP hBitmap; /* handle for our bitmap */
+ HBITMAP hOldBitmap; /* handle for previous bitmap */
+ BITMAP bm; /* bitmap properties */
+ unsigned int size; /* size of bitmap */
+ char *bmbits; /* contents of bitmap */
+ int w; /* screen width */
+ int h; /* screen height */
+ int y; /* y-coordinate of screen lines to grab */
+ int n = 16; /* number of screen lines to grab at a time */
+
+ /* Create a screen DC and a memory DC compatible to screen DC */
+ hScrDC = CreateDC("DISPLAY", NULL, NULL, NULL);
+ hMemDC = CreateCompatibleDC(hScrDC);
+
+ /* Get screen resolution */
+ w = GetDeviceCaps(hScrDC, HORZRES);
+ h = GetDeviceCaps(hScrDC, VERTRES);
+
+ /* Create a bitmap compatible with the screen DC */
+ hBitmap = CreateCompatibleBitmap(hScrDC, w, n);
+
+ /* Select new bitmap into memory DC */
+ hOldBitmap = SelectObject(hMemDC, hBitmap);
+
+ /* Get bitmap properties */
+ GetObject(hBitmap, sizeof(BITMAP), (LPSTR)&bm);
+ size = (unsigned int)bm.bmWidthBytes * bm.bmHeight * bm.bmPlanes;
+
+ bmbits = Malloc(size);
+ if (bmbits) {
+ /* Now go through the whole screen, repeatedly grabbing n lines */
+ for (y = 0; y < h-n; y += n)
+ {
+ unsigned char md[MD_DIGEST_LENGTH];
+
+ /* Bitblt screen DC to memory DC */
+ BitBlt(hMemDC, 0, 0, w, n, hScrDC, 0, y, SRCCOPY);
+
+ /* Copy bitmap bits from memory DC to bmbits */
+ GetBitmapBits(hBitmap, size, bmbits);
+
+ /* Get the MD5 of the bitmap */
+ MD5(bmbits,size,md);
+
+ /* Seed the random generator with the MD5 digest */
+ RAND_seed(md, MD_DIGEST_LENGTH);
+ }
+
+ Free(bmbits);
+ }
+
+ /* Select old bitmap back into memory DC */
+ hBitmap = SelectObject(hMemDC, hOldBitmap);
+
+ /* Clean up */
+ DeleteObject(hBitmap);
+ DeleteDC(hMemDC);
+ DeleteDC(hScrDC);
+}
+#endif
diff --git a/src/lib/libcrypto/rand/randtest.c b/src/lib/libcrypto/rand/randtest.c
new file mode 100644
index 0000000000..e0ba61e123
--- /dev/null
+++ b/src/lib/libcrypto/rand/randtest.c
@@ -0,0 +1,207 @@
+/* crypto/rand/randtest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "rand.h"
+
+/* some FIPS 140-1 random number test */
+/* some simple tests */
+
+int main()
+ {
+ unsigned char buf[2500];
+ int i,j,k,s,sign,nsign,err=0;
+ unsigned long n1;
+ unsigned long n2[16];
+ unsigned long runs[2][34];
+ /*double d; */
+ long d;
+
+ RAND_bytes(buf,2500);
+
+ n1=0;
+ for (i=0; i<16; i++) n2[i]=0;
+ for (i=0; i<34; i++) runs[0][i]=runs[1][i]=0;
+
+ /* test 1 and 2 */
+ sign=0;
+ nsign=0;
+ for (i=0; i<2500; i++)
+ {
+ j=buf[i];
+
+ n2[j&0x0f]++;
+ n2[(j>>4)&0x0f]++;
+
+ for (k=0; k<8; k++)
+ {
+ s=(j&0x01);
+ if (s == sign)
+ nsign++;
+ else
+ {
+ if (nsign > 34) nsign=34;
+ if (nsign != 0)
+ {
+ runs[sign][nsign-1]++;
+ if (nsign > 6)
+ runs[sign][5]++;
+ }
+ sign=s;
+ nsign=1;
+ }
+
+ if (s) n1++;
+ j>>=1;
+ }
+ }
+ if (nsign > 34) nsign=34;
+ if (nsign != 0) runs[sign][nsign-1]++;
+
+ /* test 1 */
+ if (!((9654 < n1) && (n1 < 10346)))
+ {
+ printf("test 1 failed, X=%ld\n",n1);
+ err++;
+ }
+ printf("test 1 done\n");
+
+ /* test 2 */
+#ifdef undef
+ d=0;
+ for (i=0; i<16; i++)
+ d+=n2[i]*n2[i];
+ d=d*16.0/5000.0-5000.0;
+ if (!((1.03 < d) && (d < 57.4)))
+ {
+ printf("test 2 failed, X=%.2f\n",d);
+ err++;
+ }
+#endif
+ d=0;
+ for (i=0; i<16; i++)
+ d+=n2[i]*n2[i];
+ d=(d*8)/25-500000;
+ if (!((103 < d) && (d < 5740)))
+ {
+ printf("test 2 failed, X=%ld.%02ld\n",d/100L,d%100L);
+ err++;
+ }
+ printf("test 2 done\n");
+
+ /* test 3 */
+ for (i=0; i<2; i++)
+ {
+ if (!((2267 < runs[i][0]) && (runs[i][0] < 2733)))
+ {
+ printf("test 3 failed, bit=%d run=%d num=%ld\n",
+ i,1,runs[i][0]);
+ err++;
+ }
+ if (!((1079 < runs[i][1]) && (runs[i][1] < 1421)))
+ {
+ printf("test 3 failed, bit=%d run=%d num=%ld\n",
+ i,2,runs[i][1]);
+ err++;
+ }
+ if (!(( 502 < runs[i][2]) && (runs[i][2] < 748)))
+ {
+ printf("test 3 failed, bit=%d run=%d num=%ld\n",
+ i,3,runs[i][2]);
+ err++;
+ }
+ if (!(( 223 < runs[i][3]) && (runs[i][3] < 402)))
+ {
+ printf("test 3 failed, bit=%d run=%d num=%ld\n",
+ i,4,runs[i][3]);
+ err++;
+ }
+ if (!(( 90 < runs[i][4]) && (runs[i][4] < 223)))
+ {
+ printf("test 3 failed, bit=%d run=%d num=%ld\n",
+ i,5,runs[i][4]);
+ err++;
+ }
+ if (!(( 90 < runs[i][5]) && (runs[i][5] < 223)))
+ {
+ printf("test 3 failed, bit=%d run=%d num=%ld\n",
+ i,6,runs[i][5]);
+ err++;
+ }
+ }
+ printf("test 3 done\n");
+
+ /* test 4 */
+ if (runs[0][33] != 0)
+ {
+ printf("test 4 failed, bit=%d run=%d num=%ld\n",
+ 0,34,runs[0][33]);
+ err++;
+ }
+ if (runs[1][33] != 0)
+ {
+ printf("test 4 failed, bit=%d run=%d num=%ld\n",
+ 1,34,runs[1][33]);
+ err++;
+ }
+ printf("test 4 done\n");
+ err=((err)?1:0);
+ exit(err);
+ return(err);
+ }
diff --git a/src/lib/libcrypto/rc2/rc2speed.c b/src/lib/libcrypto/rc2/rc2speed.c
new file mode 100644
index 0000000000..6cd8ea8f27
--- /dev/null
+++ b/src/lib/libcrypto/rc2/rc2speed.c
@@ -0,0 +1,293 @@
+/* crypto/rc2/rc2speed.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* 11-Sep-92 Andrew Daviel Support for Silicon Graphics IRIX added */
+/* 06-Apr-92 Luke Brennan Support for VMS and add extra signal calls */
+
+#ifndef MSDOS
+#define TIMES
+#endif
+
+#include <stdio.h>
+#ifndef MSDOS
+#include <unistd.h>
+#else
+#include <io.h>
+extern int exit();
+#endif
+#include <signal.h>
+#ifndef VMS
+#ifndef _IRIX
+#include <time.h>
+#endif
+#ifdef TIMES
+#include <sys/types.h>
+#include <sys/times.h>
+#endif
+#else /* VMS */
+#include <types.h>
+struct tms {
+ time_t tms_utime;
+ time_t tms_stime;
+ time_t tms_uchild; /* I dunno... */
+ time_t tms_uchildsys; /* so these names are a guess :-) */
+ }
+#endif
+#ifndef TIMES
+#include <sys/timeb.h>
+#endif
+
+#ifdef sun
+#include <limits.h>
+#include <sys/param.h>
+#endif
+
+#include "rc2.h"
+
+/* The following if from times(3) man page. It may need to be changed */
+#ifndef HZ
+#ifndef CLK_TCK
+#ifndef VMS
+#define HZ 100.0
+#else /* VMS */
+#define HZ 100.0
+#endif
+#else /* CLK_TCK */
+#define HZ ((double)CLK_TCK)
+#endif
+#endif
+
+#define BUFSIZE ((long)1024)
+long run=0;
+
+#ifndef NOPROTO
+double Time_F(int s);
+#else
+double Time_F();
+#endif
+
+#ifdef SIGALRM
+#if defined(__STDC__) || defined(sgi) || defined(_AIX)
+#define SIGRETTYPE void
+#else
+#define SIGRETTYPE int
+#endif
+
+#ifndef NOPROTO
+SIGRETTYPE sig_done(int sig);
+#else
+SIGRETTYPE sig_done();
+#endif
+
+SIGRETTYPE sig_done(sig)
+int sig;
+ {
+ signal(SIGALRM,sig_done);
+ run=0;
+#ifdef LINT
+ sig=sig;
+#endif
+ }
+#endif
+
+#define START 0
+#define STOP 1
+
+double Time_F(s)
+int s;
+ {
+ double ret;
+#ifdef TIMES
+ static struct tms tstart,tend;
+
+ if (s == START)
+ {
+ times(&tstart);
+ return(0);
+ }
+ else
+ {
+ times(&tend);
+ ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
+ return((ret == 0.0)?1e-6:ret);
+ }
+#else /* !times() */
+ static struct timeb tstart,tend;
+ long i;
+
+ if (s == START)
+ {
+ ftime(&tstart);
+ return(0);
+ }
+ else
+ {
+ ftime(&tend);
+ i=(long)tend.millitm-(long)tstart.millitm;
+ ret=((double)(tend.time-tstart.time))+((double)i)/1e3;
+ return((ret == 0.0)?1e-6:ret);
+ }
+#endif
+ }
+
+int main(argc,argv)
+int argc;
+char **argv;
+ {
+ long count;
+ static unsigned char buf[BUFSIZE];
+ static unsigned char key[] ={
+ 0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,
+ 0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10,
+ };
+ RC2_KEY sch;
+ double a,b,c,d;
+#ifndef SIGALRM
+ long ca,cb,cc;
+#endif
+
+#ifndef TIMES
+ printf("To get the most acurate results, try to run this\n");
+ printf("program when this computer is idle.\n");
+#endif
+
+#ifndef SIGALRM
+ printf("First we calculate the approximate speed ...\n");
+ RC2_set_key(&sch,16,key,128);
+ count=10;
+ do {
+ long i;
+ unsigned long data[2];
+
+ count*=2;
+ Time_F(START);
+ for (i=count; i; i--)
+ RC2_encrypt(data,&sch);
+ d=Time_F(STOP);
+ } while (d < 3.0);
+ ca=count/512;
+ cb=count;
+ cc=count*8/BUFSIZE+1;
+ printf("Doing RC2_set_key %ld times\n",ca);
+#define COND(d) (count != (d))
+#define COUNT(d) (d)
+#else
+#define COND(c) (run)
+#define COUNT(d) (count)
+ signal(SIGALRM,sig_done);
+ printf("Doing RC2_set_key for 10 seconds\n");
+ alarm(10);
+#endif
+
+ Time_F(START);
+ for (count=0,run=1; COND(ca); count+=4)
+ {
+ RC2_set_key(&sch,16,key,128);
+ RC2_set_key(&sch,16,key,128);
+ RC2_set_key(&sch,16,key,128);
+ RC2_set_key(&sch,16,key,128);
+ }
+ d=Time_F(STOP);
+ printf("%ld RC2_set_key's in %.2f seconds\n",count,d);
+ a=((double)COUNT(ca))/d;
+
+#ifdef SIGALRM
+ printf("Doing RC2_encrypt's for 10 seconds\n");
+ alarm(10);
+#else
+ printf("Doing RC2_encrypt %ld times\n",cb);
+#endif
+ Time_F(START);
+ for (count=0,run=1; COND(cb); count+=4)
+ {
+ unsigned long data[2];
+
+ RC2_encrypt(data,&sch);
+ RC2_encrypt(data,&sch);
+ RC2_encrypt(data,&sch);
+ RC2_encrypt(data,&sch);
+ }
+ d=Time_F(STOP);
+ printf("%ld RC2_encrypt's in %.2f second\n",count,d);
+ b=((double)COUNT(cb)*8)/d;
+
+#ifdef SIGALRM
+ printf("Doing RC2_cbc_encrypt on %ld byte blocks for 10 seconds\n",
+ BUFSIZE);
+ alarm(10);
+#else
+ printf("Doing RC2_cbc_encrypt %ld times on %ld byte blocks\n",cc,
+ BUFSIZE);
+#endif
+ Time_F(START);
+ for (count=0,run=1; COND(cc); count++)
+ RC2_cbc_encrypt(buf,buf,BUFSIZE,&sch,
+ &(key[0]),RC2_ENCRYPT);
+ d=Time_F(STOP);
+ printf("%ld RC2_cbc_encrypt's of %ld byte blocks in %.2f second\n",
+ count,BUFSIZE,d);
+ c=((double)COUNT(cc)*BUFSIZE)/d;
+
+ printf("RC2 set_key per sec = %12.2f (%9.3fuS)\n",a,1.0e6/a);
+ printf("RC2 raw ecb bytes per sec = %12.2f (%9.3fuS)\n",b,8.0e6/b);
+ printf("RC2 cbc bytes per sec = %12.2f (%9.3fuS)\n",c,8.0e6/c);
+ exit(0);
+#if defined(LINT) || defined(MSDOS)
+ return(0);
+#endif
+ }
diff --git a/src/lib/libcrypto/rc2/rc2test.c b/src/lib/libcrypto/rc2/rc2test.c
new file mode 100644
index 0000000000..9d0f8016ec
--- /dev/null
+++ b/src/lib/libcrypto/rc2/rc2test.c
@@ -0,0 +1,270 @@
+/* crypto/rc2/rc2test.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* This has been a quickly hacked 'ideatest.c'. When I add tests for other
+ * RC2 modes, more of the code will be uncommented. */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include "rc2.h"
+
+unsigned char RC2key[4][16]={
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01},
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
+ 0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,0x0F},
+ };
+
+unsigned char RC2plain[4][8]={
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ };
+
+unsigned char RC2cipher[4][8]={
+ {0x1C,0x19,0x8A,0x83,0x8D,0xF0,0x28,0xB7},
+ {0x21,0x82,0x9C,0x78,0xA9,0xF9,0xC0,0x74},
+ {0x13,0xDB,0x35,0x17,0xD3,0x21,0x86,0x9E},
+ {0x50,0xDC,0x01,0x62,0xBD,0x75,0x7F,0x31},
+ };
+/************/
+#ifdef undef
+unsigned char k[16]={
+ 0x00,0x01,0x00,0x02,0x00,0x03,0x00,0x04,
+ 0x00,0x05,0x00,0x06,0x00,0x07,0x00,0x08};
+
+unsigned char in[8]={0x00,0x00,0x00,0x01,0x00,0x02,0x00,0x03};
+unsigned char c[8]={0x11,0xFB,0xED,0x2B,0x01,0x98,0x6D,0xE5};
+unsigned char out[80];
+
+char *text="Hello to all people out there";
+
+static unsigned char cfb_key[16]={
+ 0xe1,0xf0,0xc3,0xd2,0xa5,0xb4,0x87,0x96,
+ 0x69,0x78,0x4b,0x5a,0x2d,0x3c,0x0f,0x1e,
+ };
+static unsigned char cfb_iv[80]={0x34,0x12,0x78,0x56,0xab,0x90,0xef,0xcd};
+static unsigned char cfb_buf1[40],cfb_buf2[40],cfb_tmp[8];
+#define CFB_TEST_SIZE 24
+static unsigned char plain[CFB_TEST_SIZE]=
+ {
+ 0x4e,0x6f,0x77,0x20,0x69,0x73,
+ 0x20,0x74,0x68,0x65,0x20,0x74,
+ 0x69,0x6d,0x65,0x20,0x66,0x6f,
+ 0x72,0x20,0x61,0x6c,0x6c,0x20
+ };
+static unsigned char cfb_cipher64[CFB_TEST_SIZE]={
+ 0x59,0xD8,0xE2,0x65,0x00,0x58,0x6C,0x3F,
+ 0x2C,0x17,0x25,0xD0,0x1A,0x38,0xB7,0x2A,
+ 0x39,0x61,0x37,0xDC,0x79,0xFB,0x9F,0x45
+
+/* 0xF9,0x78,0x32,0xB5,0x42,0x1A,0x6B,0x38,
+ 0x9A,0x44,0xD6,0x04,0x19,0x43,0xC4,0xD9,
+ 0x3D,0x1E,0xAE,0x47,0xFC,0xCF,0x29,0x0B,*/
+ };
+
+
+#ifndef NOPROTO
+/*static int cfb64_test(unsigned char *cfb_cipher);*/
+static char *pt(unsigned char *p);
+#else
+/*static int cfb64_test(); */
+static char *pt();
+#endif
+
+#endif
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ int i,n,err=0;
+ RC2_KEY key;
+ unsigned char buf[8],buf2[8];
+
+ for (n=0; n<4; n++)
+ {
+ RC2_set_key(&key,16,&(RC2key[n][0]),0 /* or 1024 */);
+
+ RC2_ecb_encrypt(&(RC2plain[n][0]),buf,&key,RC2_ENCRYPT);
+ if (memcmp(&(RC2cipher[n][0]),buf,8) != 0)
+ {
+ printf("ecb rc2 error encrypting\n");
+ printf("got :");
+ for (i=0; i<8; i++)
+ printf("%02X ",buf[i]);
+ printf("\n");
+ printf("expected:");
+ for (i=0; i<8; i++)
+ printf("%02X ",RC2cipher[n][i]);
+ err=20;
+ printf("\n");
+ }
+
+ RC2_ecb_encrypt(buf,buf2,&key,RC2_DECRYPT);
+ if (memcmp(&(RC2plain[n][0]),buf2,8) != 0)
+ {
+ printf("ecb RC2 error decrypting\n");
+ printf("got :");
+ for (i=0; i<8; i++)
+ printf("%02X ",buf[i]);
+ printf("\n");
+ printf("expected:");
+ for (i=0; i<8; i++)
+ printf("%02X ",RC2plain[n][i]);
+ printf("\n");
+ err=3;
+ }
+ }
+
+ if (err == 0) printf("ecb RC2 ok\n");
+#ifdef undef
+ memcpy(iv,k,8);
+ idea_cbc_encrypt((unsigned char *)text,out,strlen(text)+1,&key,iv,1);
+ memcpy(iv,k,8);
+ idea_cbc_encrypt(out,out,8,&dkey,iv,0);
+ idea_cbc_encrypt(&(out[8]),&(out[8]),strlen(text)+1-8,&dkey,iv,0);
+ if (memcmp(text,out,strlen(text)+1) != 0)
+ {
+ printf("cbc idea bad\n");
+ err=4;
+ }
+ else
+ printf("cbc idea ok\n");
+
+ printf("cfb64 idea ");
+ if (cfb64_test(cfb_cipher64))
+ {
+ printf("bad\n");
+ err=5;
+ }
+ else
+ printf("ok\n");
+#endif
+
+ exit(err);
+ return(err);
+ }
+
+#ifdef undef
+static int cfb64_test(cfb_cipher)
+unsigned char *cfb_cipher;
+ {
+ IDEA_KEY_SCHEDULE eks,dks;
+ int err=0,i,n;
+
+ idea_set_encrypt_key(cfb_key,&eks);
+ idea_set_decrypt_key(&eks,&dks);
+ memcpy(cfb_tmp,cfb_iv,8);
+ n=0;
+ idea_cfb64_encrypt(plain,cfb_buf1,(long)12,&eks,
+ cfb_tmp,&n,IDEA_ENCRYPT);
+ idea_cfb64_encrypt(&(plain[12]),&(cfb_buf1[12]),
+ (long)CFB_TEST_SIZE-12,&eks,
+ cfb_tmp,&n,IDEA_ENCRYPT);
+ if (memcmp(cfb_cipher,cfb_buf1,CFB_TEST_SIZE) != 0)
+ {
+ err=1;
+ printf("idea_cfb64_encrypt encrypt error\n");
+ for (i=0; i<CFB_TEST_SIZE; i+=8)
+ printf("%s\n",pt(&(cfb_buf1[i])));
+ }
+ memcpy(cfb_tmp,cfb_iv,8);
+ n=0;
+ idea_cfb64_encrypt(cfb_buf1,cfb_buf2,(long)17,&eks,
+ cfb_tmp,&n,IDEA_DECRYPT);
+ idea_cfb64_encrypt(&(cfb_buf1[17]),&(cfb_buf2[17]),
+ (long)CFB_TEST_SIZE-17,&dks,
+ cfb_tmp,&n,IDEA_DECRYPT);
+ if (memcmp(plain,cfb_buf2,CFB_TEST_SIZE) != 0)
+ {
+ err=1;
+ printf("idea_cfb_encrypt decrypt error\n");
+ for (i=0; i<24; i+=8)
+ printf("%s\n",pt(&(cfb_buf2[i])));
+ }
+ return(err);
+ }
+
+static char *pt(p)
+unsigned char *p;
+ {
+ static char bufs[10][20];
+ static int bnum=0;
+ char *ret;
+ int i;
+ static char *f="0123456789ABCDEF";
+
+ ret= &(bufs[bnum++][0]);
+ bnum%=10;
+ for (i=0; i<8; i++)
+ {
+ ret[i*2]=f[(p[i]>>4)&0xf];
+ ret[i*2+1]=f[p[i]&0xf];
+ }
+ ret[16]='\0';
+ return(ret);
+ }
+
+#endif
diff --git a/src/lib/libcrypto/rc4/rc4.c b/src/lib/libcrypto/rc4/rc4.c
new file mode 100644
index 0000000000..127e8a5093
--- /dev/null
+++ b/src/lib/libcrypto/rc4/rc4.c
@@ -0,0 +1,194 @@
+/* crypto/rc4/rc4.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "rc4.h"
+
+char *usage[]={
+"usage: rc4 args\n",
+"\n",
+" -in arg - input file - default stdin\n",
+" -out arg - output file - default stdout\n",
+" -key key - password\n",
+NULL
+};
+
+int main(argc, argv)
+int argc;
+char *argv[];
+ {
+ FILE *in=NULL,*out=NULL;
+ char *infile=NULL,*outfile=NULL,*keystr=NULL;
+ RC4_KEY key;
+ char buf[BUFSIZ];
+ int badops=0,i;
+ char **pp;
+ unsigned char md[MD5_DIGEST_LENGTH];
+
+ argc--;
+ argv++;
+ while (argc >= 1)
+ {
+ if (strcmp(*argv,"-in") == 0)
+ {
+ if (--argc < 1) goto bad;
+ infile= *(++argv);
+ }
+ else if (strcmp(*argv,"-out") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-key") == 0)
+ {
+ if (--argc < 1) goto bad;
+ keystr= *(++argv);
+ }
+ else
+ {
+ fprintf(stderr,"unknown option %s\n",*argv);
+ badops=1;
+ break;
+ }
+ argc--;
+ argv++;
+ }
+
+ if (badops)
+ {
+bad:
+ for (pp=usage; (*pp != NULL); pp++)
+ fprintf(stderr,*pp);
+ exit(1);
+ }
+
+ if (infile == NULL)
+ in=stdin;
+ else
+ {
+ in=fopen(infile,"r");
+ if (in == NULL)
+ {
+ perror("open");
+ exit(1);
+ }
+
+ }
+ if (outfile == NULL)
+ out=stdout;
+ else
+ {
+ out=fopen(outfile,"w");
+ if (out == NULL)
+ {
+ perror("open");
+ exit(1);
+ }
+ }
+
+#ifdef MSDOS
+ /* This should set the file to binary mode. */
+ {
+#include <fcntl.h>
+ setmode(fileno(in),O_BINARY);
+ setmode(fileno(out),O_BINARY);
+ }
+#endif
+
+ if (keystr == NULL)
+ { /* get key */
+ i=EVP_read_pw_string(buf,BUFSIZ,"Enter RC4 password:",0);
+ if (i != 0)
+ {
+ memset(buf,0,BUFSIZ);
+ fprintf(stderr,"bad password read\n");
+ exit(1);
+ }
+ keystr=buf;
+ }
+
+ MD5((unsigned char *)keystr,(unsigned long)strlen(keystr),md);
+ memset(keystr,0,strlen(keystr));
+ RC4_set_key(&key,MD5_DIGEST_LENGTH,md);
+
+ for(;;)
+ {
+ i=fread(buf,1,BUFSIZ,in);
+ if (i == 0) break;
+ if (i < 0)
+ {
+ perror("read");
+ exit(1);
+ }
+ RC4(&key,(unsigned int)i,(unsigned char *)buf,
+ (unsigned char *)buf);
+ i=fwrite(buf,(unsigned int)i,1,out);
+ if (i != 1)
+ {
+ perror("write");
+ exit(1);
+ }
+ }
+ fclose(out);
+ fclose(in);
+ exit(0);
+ return(1);
+ }
+
diff --git a/src/lib/libcrypto/rc4/rc4s.cpp b/src/lib/libcrypto/rc4/rc4s.cpp
new file mode 100644
index 0000000000..39f1727dd3
--- /dev/null
+++ b/src/lib/libcrypto/rc4/rc4s.cpp
@@ -0,0 +1,73 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+ asm volatile(".byte 15, 49\n\t"
+ : "=eax" (tsc)
+ :
+ : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+ unsigned long a;
+ __asm _emit 0fh
+ __asm _emit 31h
+ __asm mov a, eax;
+ tsc=a;
+}
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "rc4.h"
+
+void main(int argc,char *argv[])
+ {
+ unsigned char buffer[1024];
+ RC4_KEY ctx;
+ unsigned long s1,s2,e1,e2;
+ unsigned char k[16];
+ unsigned long data[2];
+ unsigned char iv[8];
+ int i,num=64,numm;
+ int j=0;
+
+ if (argc >= 2)
+ num=atoi(argv[1]);
+
+ if (num == 0) num=256;
+ if (num > 1024-16) num=1024-16;
+ numm=num+8;
+
+ for (j=0; j<6; j++)
+ {
+ for (i=0; i<10; i++) /**/
+ {
+ RC4(&ctx,numm,buffer,buffer);
+ GetTSC(s1);
+ RC4(&ctx,numm,buffer,buffer);
+ GetTSC(e1);
+ GetTSC(s2);
+ RC4(&ctx,num,buffer,buffer);
+ GetTSC(e2);
+ RC4(&ctx,num,buffer,buffer);
+ }
+
+ printf("RC4 (%d bytes) %d %d (%d) - 8 bytes\n",num,
+ e1-s1,e2-s2,(e1-s1)-(e2-s2));
+ }
+ }
+
diff --git a/src/lib/libcrypto/rc4/rc4speed.c b/src/lib/libcrypto/rc4/rc4speed.c
new file mode 100644
index 0000000000..5298dad6d0
--- /dev/null
+++ b/src/lib/libcrypto/rc4/rc4speed.c
@@ -0,0 +1,269 @@
+/* crypto/rc4/rc4speed.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* 11-Sep-92 Andrew Daviel Support for Silicon Graphics IRIX added */
+/* 06-Apr-92 Luke Brennan Support for VMS and add extra signal calls */
+
+#ifndef MSDOS
+#define TIMES
+#endif
+
+#include <stdio.h>
+#ifndef MSDOS
+#include <unistd.h>
+#else
+#include <io.h>
+extern int exit();
+#endif
+#include <signal.h>
+#ifndef VMS
+#ifndef _IRIX
+#include <time.h>
+#endif
+#ifdef TIMES
+#include <sys/types.h>
+#include <sys/times.h>
+#endif
+#else /* VMS */
+#include <types.h>
+struct tms {
+ time_t tms_utime;
+ time_t tms_stime;
+ time_t tms_uchild; /* I dunno... */
+ time_t tms_uchildsys; /* so these names are a guess :-) */
+ }
+#endif
+#ifndef TIMES
+#include <sys/timeb.h>
+#endif
+
+#ifdef sun
+#include <limits.h>
+#include <sys/param.h>
+#endif
+
+#include "rc4.h"
+
+/* The following if from times(3) man page. It may need to be changed */
+#ifndef HZ
+#ifndef CLK_TCK
+#ifndef VMS
+#define HZ 100.0
+#else /* VMS */
+#define HZ 100.0
+#endif
+#else /* CLK_TCK */
+#define HZ ((double)CLK_TCK)
+#endif
+#endif
+
+#define BUFSIZE ((long)1024)
+long run=0;
+
+#ifndef NOPROTO
+double Time_F(int s);
+#else
+double Time_F();
+#endif
+
+#ifdef SIGALRM
+#if defined(__STDC__) || defined(sgi) || defined(_AIX)
+#define SIGRETTYPE void
+#else
+#define SIGRETTYPE int
+#endif
+
+#ifndef NOPROTO
+SIGRETTYPE sig_done(int sig);
+#else
+SIGRETTYPE sig_done();
+#endif
+
+SIGRETTYPE sig_done(sig)
+int sig;
+ {
+ signal(SIGALRM,sig_done);
+ run=0;
+#ifdef LINT
+ sig=sig;
+#endif
+ }
+#endif
+
+#define START 0
+#define STOP 1
+
+double Time_F(s)
+int s;
+ {
+ double ret;
+#ifdef TIMES
+ static struct tms tstart,tend;
+
+ if (s == START)
+ {
+ times(&tstart);
+ return(0);
+ }
+ else
+ {
+ times(&tend);
+ ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
+ return((ret == 0.0)?1e-6:ret);
+ }
+#else /* !times() */
+ static struct timeb tstart,tend;
+ long i;
+
+ if (s == START)
+ {
+ ftime(&tstart);
+ return(0);
+ }
+ else
+ {
+ ftime(&tend);
+ i=(long)tend.millitm-(long)tstart.millitm;
+ ret=((double)(tend.time-tstart.time))+((double)i)/1e3;
+ return((ret == 0.0)?1e-6:ret);
+ }
+#endif
+ }
+
+int main(argc,argv)
+int argc;
+char **argv;
+ {
+ long count;
+ static unsigned char buf[BUFSIZE];
+ static unsigned char key[] ={
+ 0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,
+ 0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10,
+ };
+ RC4_KEY sch;
+ double a,b,c,d;
+#ifndef SIGALRM
+ long ca,cb,cc;
+#endif
+
+#ifndef TIMES
+ printf("To get the most acurate results, try to run this\n");
+ printf("program when this computer is idle.\n");
+#endif
+
+#ifndef SIGALRM
+ printf("First we calculate the approximate speed ...\n");
+ RC4_set_key(&sch,16,key);
+ count=10;
+ do {
+ long i;
+ unsigned long data[2];
+
+ count*=2;
+ Time_F(START);
+ for (i=count; i; i--)
+ RC4(&sch,8,buf,buf);
+ d=Time_F(STOP);
+ } while (d < 3.0);
+ ca=count/512;
+ cc=count*8/BUFSIZE+1;
+ printf("Doing RC4_set_key %ld times\n",ca);
+#define COND(d) (count != (d))
+#define COUNT(d) (d)
+#else
+#define COND(c) (run)
+#define COUNT(d) (count)
+ signal(SIGALRM,sig_done);
+ printf("Doing RC4_set_key for 10 seconds\n");
+ alarm(10);
+#endif
+
+ Time_F(START);
+ for (count=0,run=1; COND(ca); count+=4)
+ {
+ RC4_set_key(&sch,16,key);
+ RC4_set_key(&sch,16,key);
+ RC4_set_key(&sch,16,key);
+ RC4_set_key(&sch,16,key);
+ }
+ d=Time_F(STOP);
+ printf("%ld RC4_set_key's in %.2f seconds\n",count,d);
+ a=((double)COUNT(ca))/d;
+
+#ifdef SIGALRM
+ printf("Doing RC4 on %ld byte blocks for 10 seconds\n",BUFSIZE);
+ alarm(10);
+#else
+ printf("Doing RC4 %ld times on %ld byte blocks\n",cc,BUFSIZE);
+#endif
+ Time_F(START);
+ for (count=0,run=1; COND(cc); count++)
+ RC4(&sch,BUFSIZE,buf,buf);
+ d=Time_F(STOP);
+ printf("%ld RC4's of %ld byte blocks in %.2f second\n",
+ count,BUFSIZE,d);
+ c=((double)COUNT(cc)*BUFSIZE)/d;
+
+ printf("RC4 set_key per sec = %12.2f (%9.3fuS)\n",a,1.0e6/a);
+ printf("RC4 bytes per sec = %12.2f (%9.3fuS)\n",c,8.0e6/c);
+ exit(0);
+#if defined(LINT) || defined(MSDOS)
+ return(0);
+#endif
+ }
+
diff --git a/src/lib/libcrypto/rc4/rc4test.c b/src/lib/libcrypto/rc4/rc4test.c
new file mode 100644
index 0000000000..041e1aff95
--- /dev/null
+++ b/src/lib/libcrypto/rc4/rc4test.c
@@ -0,0 +1,195 @@
+/* crypto/rc4/rc4test.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "rc4.h"
+
+unsigned char keys[7][30]={
+ {8,0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef},
+ {8,0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef},
+ {8,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {4,0xef,0x01,0x23,0x45},
+ {8,0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef},
+ {4,0xef,0x01,0x23,0x45},
+ };
+
+unsigned char data_len[7]={8,8,8,20,28,10};
+unsigned char data[7][30]={
+ {0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,0xff},
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff},
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff},
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+ 0x00,0x00,0x00,0x00,0xff},
+ {0x12,0x34,0x56,0x78,0x9A,0xBC,0xDE,0xF0,
+ 0x12,0x34,0x56,0x78,0x9A,0xBC,0xDE,0xF0,
+ 0x12,0x34,0x56,0x78,0x9A,0xBC,0xDE,0xF0,
+ 0x12,0x34,0x56,0x78,0xff},
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff},
+ {0},
+ };
+
+unsigned char output[7][30]={
+ {0x75,0xb7,0x87,0x80,0x99,0xe0,0xc5,0x96,0x00},
+ {0x74,0x94,0xc2,0xe7,0x10,0x4b,0x08,0x79,0x00},
+ {0xde,0x18,0x89,0x41,0xa3,0x37,0x5d,0x3a,0x00},
+ {0xd6,0xa1,0x41,0xa7,0xec,0x3c,0x38,0xdf,
+ 0xbd,0x61,0x5a,0x11,0x62,0xe1,0xc7,0xba,
+ 0x36,0xb6,0x78,0x58,0x00},
+ {0x66,0xa0,0x94,0x9f,0x8a,0xf7,0xd6,0x89,
+ 0x1f,0x7f,0x83,0x2b,0xa8,0x33,0xc0,0x0c,
+ 0x89,0x2e,0xbe,0x30,0x14,0x3c,0xe2,0x87,
+ 0x40,0x01,0x1e,0xcf,0x00},
+ {0xd6,0xa1,0x41,0xa7,0xec,0x3c,0x38,0xdf,0xbd,0x61,0x00},
+ {0},
+ };
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ int i,err=0;
+ int j;
+ unsigned char *p;
+ RC4_KEY key;
+ unsigned char buf[512],obuf[512];
+
+ for (i=0; i<512; i++) buf[i]=0x01;
+
+ for (i=0; i<6; i++)
+ {
+ RC4_set_key(&key,keys[i][0],&(keys[i][1]));
+ memset(obuf,0x00,sizeof(obuf));
+ RC4(&key,data_len[i],&(data[i][0]),obuf);
+ if (memcmp(obuf,output[i],data_len[i]+1) != 0)
+ {
+ printf("error calculating RC4\n");
+ printf("output:");
+ for (j=0; j<data_len[i]+1; j++)
+ printf(" %02x",obuf[j]);
+ printf("\n");
+ printf("expect:");
+ p= &(output[i][0]);
+ for (j=0; j<data_len[i]+1; j++)
+ printf(" %02x",*(p++));
+ printf("\n");
+ err++;
+ }
+ else
+ printf("test %d ok\n",i);
+ }
+ printf("test end processing ");
+ for (i=0; i<data_len[3]; i++)
+ {
+ RC4_set_key(&key,keys[3][0],&(keys[3][1]));
+ memset(obuf,0x00,sizeof(obuf));
+ RC4(&key,i,&(data[3][0]),obuf);
+ if ((memcmp(obuf,output[3],i) != 0) || (obuf[i] != 0))
+ {
+ printf("error in RC4 length processing\n");
+ printf("output:");
+ for (j=0; j<i+1; j++)
+ printf(" %02x",obuf[j]);
+ printf("\n");
+ printf("expect:");
+ p= &(output[3][0]);
+ for (j=0; j<i; j++)
+ printf(" %02x",*(p++));
+ printf(" 00\n");
+ err++;
+ }
+ else
+ {
+ printf(".");
+ fflush(stdout);
+ }
+ }
+ printf("done\n");
+ printf("test multi-call ");
+ for (i=0; i<data_len[3]; i++)
+ {
+ RC4_set_key(&key,keys[3][0],&(keys[3][1]));
+ memset(obuf,0x00,sizeof(obuf));
+ RC4(&key,i,&(data[3][0]),obuf);
+ RC4(&key,data_len[3]-i,&(data[3][i]),&(obuf[i]));
+ if (memcmp(obuf,output[3],data_len[3]+1) != 0)
+ {
+ printf("error in RC4 multi-call processing\n");
+ printf("output:");
+ for (j=0; j<data_len[3]+1; j++)
+ printf(" %02x",obuf[j]);
+ printf("\n");
+ printf("expect:");
+ p= &(output[3][0]);
+ for (j=0; j<data_len[3]+1; j++)
+ printf(" %02x",*(p++));
+ err++;
+ }
+ else
+ {
+ printf(".");
+ fflush(stdout);
+ }
+ }
+ printf("done\n");
+ exit(err);
+ return(0);
+ }
+
diff --git a/src/lib/libcrypto/rc4/rrc4.doc b/src/lib/libcrypto/rc4/rrc4.doc
new file mode 100644
index 0000000000..2f9a953c12
--- /dev/null
+++ b/src/lib/libcrypto/rc4/rrc4.doc
@@ -0,0 +1,278 @@
+Newsgroups: sci.crypt,alt.security,comp.security.misc,alt.privacy
+Path: ghost.dsi.unimi.it!univ-lyon1.fr!jussieu.fr!zaphod.crihan.fr!warwick!clyde.open.ac.uk!strath-cs!bnr.co.uk!bt!pipex!howland.reston.ans.net!europa.eng.gtefsd.com!MathWorks.Com!yeshua.marcam.com!charnel.ecst.csuchico.edu!csusac!csus.edu!netcom.com!sterndark
+From: sterndark@netcom.com (David Sterndark)
+Subject: RC4 Algorithm revealed.
+Message-ID: <sternCvKL4B.Hyy@netcom.com>
+Sender: sterndark@netcom.com
+Organization: NETCOM On-line Communication Services (408 261-4700 guest)
+X-Newsreader: TIN [version 1.2 PL1]
+Date: Wed, 14 Sep 1994 06:35:31 GMT
+Lines: 263
+Xref: ghost.dsi.unimi.it sci.crypt:27332 alt.security:14732 comp.security.misc:11701 alt.privacy:16026
+
+I am shocked, shocked, I tell you, shocked, to discover
+that the cypherpunks have illegaly and criminally revealed
+a crucial RSA trade secret and harmed the security of
+America by reverse engineering the RC4 algorithm and
+publishing it to the world.
+
+On Saturday morning an anonymous cypherpunk wrote:
+
+
+ SUBJECT: RC4 Source Code
+
+
+ I've tested this. It is compatible with the RC4 object module
+ that comes in the various RSA toolkits.
+
+ /* rc4.h */
+ typedef struct rc4_key
+ {
+ unsigned char state[256];
+ unsigned char x;
+ unsigned char y;
+ } rc4_key;
+ void prepare_key(unsigned char *key_data_ptr,int key_data_len,
+ rc4_key *key);
+ void rc4(unsigned char *buffer_ptr,int buffer_len,rc4_key * key);
+
+
+ /*rc4.c */
+ #include "rc4.h"
+ static void swap_byte(unsigned char *a, unsigned char *b);
+ void prepare_key(unsigned char *key_data_ptr, int key_data_len,
+ rc4_key *key)
+ {
+ unsigned char swapByte;
+ unsigned char index1;
+ unsigned char index2;
+ unsigned char* state;
+ short counter;
+
+ state = &key->state[0];
+ for(counter = 0; counter < 256; counter++)
+ state[counter] = counter;
+ key->x = 0;
+ key->y = 0;
+ index1 = 0;
+ index2 = 0;
+ for(counter = 0; counter < 256; counter++)
+ {
+ index2 = (key_data_ptr[index1] + state[counter] +
+ index2) % 256;
+ swap_byte(&state[counter], &state[index2]);
+
+ index1 = (index1 + 1) % key_data_len;
+ }
+ }
+
+ void rc4(unsigned char *buffer_ptr, int buffer_len, rc4_key *key)
+ {
+ unsigned char x;
+ unsigned char y;
+ unsigned char* state;
+ unsigned char xorIndex;
+ short counter;
+
+ x = key->x;
+ y = key->y;
+
+ state = &key->state[0];
+ for(counter = 0; counter < buffer_len; counter ++)
+ {
+ x = (x + 1) % 256;
+ y = (state[x] + y) % 256;
+ swap_byte(&state[x], &state[y]);
+
+ xorIndex = (state[x] + state[y]) % 256;
+
+ buffer_ptr[counter] ^= state[xorIndex];
+ }
+ key->x = x;
+ key->y = y;
+ }
+
+ static void swap_byte(unsigned char *a, unsigned char *b)
+ {
+ unsigned char swapByte;
+
+ swapByte = *a;
+ *a = *b;
+ *b = swapByte;
+ }
+
+
+
+Another cypherpunk, this one not anonymous, tested the
+output from this algorithm against the output from
+official RC4 object code
+
+
+ Date: Tue, 13 Sep 94 18:37:56 PDT
+ From: ekr@eit.COM (Eric Rescorla)
+ Message-Id: <9409140137.AA17743@eitech.eit.com>
+ Subject: RC4 compatibility testing
+ Cc: cypherpunks@toad.com
+
+ One data point:
+
+ I can't say anything about the internals of RC4 versus the
+ algorithm that Bill Sommerfeld is rightly calling 'Alleged RC4',
+ since I don't know anything about RC4's internals.
+
+ However, I do have a (legitimately acquired) copy of BSAFE2 and
+ so I'm able to compare the output of this algorithm to the output
+ of genuine RC4 as found in BSAFE. I chose a set of test vectors
+ and ran them through both algorithms. The algorithms appear to
+ give identical results, at least with these key/plaintext pairs.
+
+ I note that this is the algorithm _without_ Hal Finney's
+ proposed modification
+
+ (see <199409130605.XAA24133@jobe.shell.portal.com>).
+
+ The vectors I used (together with the ciphertext they produce)
+ follow at the end of this message.
+
+ -Ekr
+
+ Disclaimer: This posting does not reflect the opinions of EIT.
+
+ --------------------results follow--------------
+ Test vector 0
+ Key: 0x01 0x23 0x45 0x67 0x89 0xab 0xcd 0xef
+ Input: 0x01 0x23 0x45 0x67 0x89 0xab 0xcd 0xef
+ 0 Output: 0x75 0xb7 0x87 0x80 0x99 0xe0 0xc5 0x96
+
+ Test vector 1
+ Key: 0x01 0x23 0x45 0x67 0x89 0xab 0xcd 0xef
+ Input: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
+ 0 Output: 0x74 0x94 0xc2 0xe7 0x10 0x4b 0x08 0x79
+
+ Test vector 2
+ Key: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
+ Input: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
+ 0 Output: 0xde 0x18 0x89 0x41 0xa3 0x37 0x5d 0x3a
+
+ Test vector 3
+ Key: 0xef 0x01 0x23 0x45
+ Input: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
+ 0 Output: 0xd6 0xa1 0x41 0xa7 0xec 0x3c 0x38 0xdf 0xbd 0x61
+
+ Test vector 4
+ Key: 0x01 0x23 0x45 0x67 0x89 0xab 0xcd 0xef
+ Input: 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01
+ 0 Output: 0x75 0x95 0xc3 0xe6 0x11 0x4a 0x09 0x78 0x0c 0x4a 0xd4
+ 0x52 0x33 0x8e 0x1f 0xfd 0x9a 0x1b 0xe9 0x49 0x8f
+ 0x81 0x3d 0x76 0x53 0x34 0x49 0xb6 0x77 0x8d 0xca
+ 0xd8 0xc7 0x8a 0x8d 0x2b 0xa9 0xac 0x66 0x08 0x5d
+ 0x0e 0x53 0xd5 0x9c 0x26 0xc2 0xd1 0xc4 0x90 0xc1
+ 0xeb 0xbe 0x0c 0xe6 0x6d 0x1b 0x6b 0x1b 0x13 0xb6
+ 0xb9 0x19 0xb8 0x47 0xc2 0x5a 0x91 0x44 0x7a 0x95
+ 0xe7 0x5e 0x4e 0xf1 0x67 0x79 0xcd 0xe8 0xbf 0x0a
+ 0x95 0x85 0x0e 0x32 0xaf 0x96 0x89 0x44 0x4f 0xd3
+ 0x77 0x10 0x8f 0x98 0xfd 0xcb 0xd4 0xe7 0x26 0x56
+ 0x75 0x00 0x99 0x0b 0xcc 0x7e 0x0c 0xa3 0xc4 0xaa
+ 0xa3 0x04 0xa3 0x87 0xd2 0x0f 0x3b 0x8f 0xbb 0xcd
+ 0x42 0xa1 0xbd 0x31 0x1d 0x7a 0x43 0x03 0xdd 0xa5
+ 0xab 0x07 0x88 0x96 0xae 0x80 0xc1 0x8b 0x0a 0xf6
+ 0x6d 0xff 0x31 0x96 0x16 0xeb 0x78 0x4e 0x49 0x5a
+ 0xd2 0xce 0x90 0xd7 0xf7 0x72 0xa8 0x17 0x47 0xb6
+ 0x5f 0x62 0x09 0x3b 0x1e 0x0d 0xb9 0xe5 0xba 0x53
+ 0x2f 0xaf 0xec 0x47 0x50 0x83 0x23 0xe6 0x71 0x32
+ 0x7d 0xf9 0x44 0x44 0x32 0xcb 0x73 0x67 0xce 0xc8
+ 0x2f 0x5d 0x44 0xc0 0xd0 0x0b 0x67 0xd6 0x50 0xa0
+ 0x75 0xcd 0x4b 0x70 0xde 0xdd 0x77 0xeb 0x9b 0x10
+ 0x23 0x1b 0x6b 0x5b 0x74 0x13 0x47 0x39 0x6d 0x62
+ 0x89 0x74 0x21 0xd4 0x3d 0xf9 0xb4 0x2e 0x44 0x6e
+ 0x35 0x8e 0x9c 0x11 0xa9 0xb2 0x18 0x4e 0xcb 0xef
+ 0x0c 0xd8 0xe7 0xa8 0x77 0xef 0x96 0x8f 0x13 0x90
+ 0xec 0x9b 0x3d 0x35 0xa5 0x58 0x5c 0xb0 0x09 0x29
+ 0x0e 0x2f 0xcd 0xe7 0xb5 0xec 0x66 0xd9 0x08 0x4b
+ 0xe4 0x40 0x55 0xa6 0x19 0xd9 0xdd 0x7f 0xc3 0x16
+ 0x6f 0x94 0x87 0xf7 0xcb 0x27 0x29 0x12 0x42 0x64
+ 0x45 0x99 0x85 0x14 0xc1 0x5d 0x53 0xa1 0x8c 0x86
+ 0x4c 0xe3 0xa2 0xb7 0x55 0x57 0x93 0x98 0x81 0x26
+ 0x52 0x0e 0xac 0xf2 0xe3 0x06 0x6e 0x23 0x0c 0x91
+ 0xbe 0xe4 0xdd 0x53 0x04 0xf5 0xfd 0x04 0x05 0xb3
+ 0x5b 0xd9 0x9c 0x73 0x13 0x5d 0x3d 0x9b 0xc3 0x35
+ 0xee 0x04 0x9e 0xf6 0x9b 0x38 0x67 0xbf 0x2d 0x7b
+ 0xd1 0xea 0xa5 0x95 0xd8 0xbf 0xc0 0x06 0x6f 0xf8
+ 0xd3 0x15 0x09 0xeb 0x0c 0x6c 0xaa 0x00 0x6c 0x80
+ 0x7a 0x62 0x3e 0xf8 0x4c 0x3d 0x33 0xc1 0x95 0xd2
+ 0x3e 0xe3 0x20 0xc4 0x0d 0xe0 0x55 0x81 0x57 0xc8
+ 0x22 0xd4 0xb8 0xc5 0x69 0xd8 0x49 0xae 0xd5 0x9d
+ 0x4e 0x0f 0xd7 0xf3 0x79 0x58 0x6b 0x4b 0x7f 0xf6
+ 0x84 0xed 0x6a 0x18 0x9f 0x74 0x86 0xd4 0x9b 0x9c
+ 0x4b 0xad 0x9b 0xa2 0x4b 0x96 0xab 0xf9 0x24 0x37
+ 0x2c 0x8a 0x8f 0xff 0xb1 0x0d 0x55 0x35 0x49 0x00
+ 0xa7 0x7a 0x3d 0xb5 0xf2 0x05 0xe1 0xb9 0x9f 0xcd
+ 0x86 0x60 0x86 0x3a 0x15 0x9a 0xd4 0xab 0xe4 0x0f
+ 0xa4 0x89 0x34 0x16 0x3d 0xdd 0xe5 0x42 0xa6 0x58
+ 0x55 0x40 0xfd 0x68 0x3c 0xbf 0xd8 0xc0 0x0f 0x12
+ 0x12 0x9a 0x28 0x4d 0xea 0xcc 0x4c 0xde 0xfe 0x58
+ 0xbe 0x71 0x37 0x54 0x1c 0x04 0x71 0x26 0xc8 0xd4
+ 0x9e 0x27 0x55 0xab 0x18 0x1a 0xb7 0xe9 0x40 0xb0
+ 0xc0
+
+
+
+--
+ ---------------------------------------------------------------------
+We have the right to defend ourselves and our
+property, because of the kind of animals that we James A. Donald
+are. True law derives from this right, not from
+the arbitrary power of the omnipotent state. jamesd@netcom.com
+
+
diff --git a/src/lib/libcrypto/rc5/rc5.h b/src/lib/libcrypto/rc5/rc5.h
new file mode 100644
index 0000000000..5fd64e3f10
--- /dev/null
+++ b/src/lib/libcrypto/rc5/rc5.h
@@ -0,0 +1,122 @@
+/* crypto/rc5/rc5.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_RC5_H
+#define HEADER_RC5_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define RC5_ENCRYPT 1
+#define RC5_DECRYPT 0
+
+/* 32 bit. For Alpha, things may get weird */
+#define RC5_32_INT unsigned long
+
+#define RC5_32_BLOCK 8
+#define RC5_32_KEY_LENGTH 16 /* This is a default, max is 255 */
+
+/* This are the only values supported. Tweak the code if you want more
+ * The most supported modes will be
+ * RC5-32/12/16
+ * RC5-32/16/8
+ */
+#define RC5_8_ROUNDS 8
+#define RC5_12_ROUNDS 12
+#define RC5_16_ROUNDS 16
+
+typedef struct rc5_key_st
+ {
+ /* Number of rounds */
+ int rounds;
+ RC5_32_INT data[2*(RC5_16_ROUNDS+1)];
+ } RC5_32_KEY;
+
+#ifndef NOPROTO
+
+void RC5_32_set_key(RC5_32_KEY *key, int len, unsigned char *data,
+ int rounds);
+void RC5_32_ecb_encrypt(unsigned char *in,unsigned char *out,RC5_32_KEY *key,
+ int enc);
+void RC5_32_encrypt(unsigned long *data,RC5_32_KEY *key);
+void RC5_32_decrypt(unsigned long *data,RC5_32_KEY *key);
+void RC5_32_cbc_encrypt(unsigned char *in, unsigned char *out, long length,
+ RC5_32_KEY *ks, unsigned char *iv, int enc);
+void RC5_32_cfb64_encrypt(unsigned char *in, unsigned char *out, long length,
+ RC5_32_KEY *schedule, unsigned char *ivec, int *num, int enc);
+void RC5_32_ofb64_encrypt(unsigned char *in, unsigned char *out, long length,
+ RC5_32_KEY *schedule, unsigned char *ivec, int *num);
+
+#else
+
+void RC5_32_set_key();
+void RC5_32_ecb_encrypt();
+void RC5_32_encrypt();
+void RC5_32_decrypt();
+void RC5_32_cbc_encrypt();
+void RC5_32_cfb64_encrypt();
+void RC5_32_ofb64_encrypt();
+
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/src/lib/libcrypto/ripemd/asm/rips.cpp b/src/lib/libcrypto/ripemd/asm/rips.cpp
new file mode 100644
index 0000000000..78a933c448
--- /dev/null
+++ b/src/lib/libcrypto/ripemd/asm/rips.cpp
@@ -0,0 +1,78 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+ asm volatile(".byte 15, 49\n\t"
+ : "=eax" (tsc)
+ :
+ : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+ unsigned long a;
+ __asm _emit 0fh
+ __asm _emit 31h
+ __asm mov a, eax;
+ tsc=a;
+}
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "ripemd.h"
+
+extern "C" {
+void ripemd160_block_x86(RIPEMD160_CTX *ctx, unsigned char *buffer,int num);
+}
+
+void main(int argc,char *argv[])
+ {
+ unsigned char buffer[64*256];
+ RIPEMD160_CTX ctx;
+ unsigned long s1,s2,e1,e2;
+ unsigned char k[16];
+ unsigned long data[2];
+ unsigned char iv[8];
+ int i,num=0,numm;
+ int j=0;
+
+ if (argc >= 2)
+ num=atoi(argv[1]);
+
+ if (num == 0) num=16;
+ if (num > 250) num=16;
+ numm=num+2;
+ num*=64;
+ numm*=64;
+
+ for (j=0; j<6; j++)
+ {
+ for (i=0; i<10; i++) /**/
+ {
+ ripemd160_block_x86(&ctx,buffer,numm);
+ GetTSC(s1);
+ ripemd160_block_x86(&ctx,buffer,numm);
+ GetTSC(e1);
+ GetTSC(s2);
+ ripemd160_block_x86(&ctx,buffer,num);
+ GetTSC(e2);
+ ripemd160_block_x86(&ctx,buffer,num);
+ }
+ printf("ripemd160 (%d bytes) %d %d (%.2f)\n",num,
+ e1-s1,e2-s2,(double)((e1-s1)-(e2-s2))/2);
+ }
+ }
+
diff --git a/src/lib/libcrypto/ripemd/rmd160.c b/src/lib/libcrypto/ripemd/rmd160.c
new file mode 100644
index 0000000000..3fa1b8096e
--- /dev/null
+++ b/src/lib/libcrypto/ripemd/rmd160.c
@@ -0,0 +1,135 @@
+/* crypto/ripemd/rmd160.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "ripemd.h"
+
+#define BUFSIZE 1024*16
+
+#ifndef NOPROTO
+void do_fp(FILE *f);
+void pt(unsigned char *md);
+int read(int, void *, unsigned int);
+#else
+void do_fp();
+void pt();
+int read();
+#endif
+
+int main(argc, argv)
+int argc;
+char **argv;
+ {
+ int i,err=0;
+ FILE *IN;
+
+ if (argc == 1)
+ {
+ do_fp(stdin);
+ }
+ else
+ {
+ for (i=1; i<argc; i++)
+ {
+ IN=fopen(argv[i],"r");
+ if (IN == NULL)
+ {
+ perror(argv[i]);
+ err++;
+ continue;
+ }
+ printf("RIPEMD160(%s)= ",argv[i]);
+ do_fp(IN);
+ fclose(IN);
+ }
+ }
+ exit(err);
+ }
+
+void do_fp(f)
+FILE *f;
+ {
+ RIPEMD160_CTX c;
+ unsigned char md[RIPEMD160_DIGEST_LENGTH];
+ int fd;
+ int i;
+ static unsigned char buf[BUFSIZE];
+
+ fd=fileno(f);
+ RIPEMD160_Init(&c);
+ for (;;)
+ {
+ i=read(fd,buf,BUFSIZE);
+ if (i <= 0) break;
+ RIPEMD160_Update(&c,buf,(unsigned long)i);
+ }
+ RIPEMD160_Final(&(md[0]),&c);
+ pt(md);
+ }
+
+void pt(md)
+unsigned char *md;
+ {
+ int i;
+
+ for (i=0; i<RIPEMD160_DIGEST_LENGTH; i++)
+ printf("%02x",md[i]);
+ printf("\n");
+ }
+
diff --git a/src/lib/libcrypto/ripemd/rmdtest.c b/src/lib/libcrypto/ripemd/rmdtest.c
new file mode 100644
index 0000000000..6a0297f975
--- /dev/null
+++ b/src/lib/libcrypto/ripemd/rmdtest.c
@@ -0,0 +1,133 @@
+/* crypto/ripemd/rmdtest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include "ripemd.h"
+
+char *test[]={
+ "",
+ "a",
+ "abc",
+ "message digest",
+ "abcdefghijklmnopqrstuvwxyz",
+ "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
+ "12345678901234567890123456789012345678901234567890123456789012345678901234567890",
+ NULL,
+ };
+
+char *ret[]={
+ "9c1185a5c5e9fc54612808977ee8f548b2258d31",
+ "0bdc9d2d256b3ee9daae347be6f4dc835a467ffe",
+ "8eb208f7e05d987a9b044a8e98c6b087f15a0bfc",
+ "5d0689ef49d2fae572b881b123a85ffa21595f36",
+ "f71c27109c692c1b56bbdceb5b9d2865b3708dbc",
+ "12a053384a9c0c88e405a06c27dcf49ada62eb2b",
+ "b0e20b6e3116640286ed3a87a5713079b21f5189",
+ "9b752e45573d4b39f4dbd3323cab82bf63326bfb",
+ };
+
+#ifndef NOPROTO
+static char *pt(unsigned char *md);
+#else
+static char *pt();
+#endif
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ int i,err=0;
+ unsigned char **P,**R;
+ char *p;
+
+ P=(unsigned char **)test;
+ R=(unsigned char **)ret;
+ i=1;
+ while (*P != NULL)
+ {
+ p=pt(RIPEMD160(&(P[0][0]),(unsigned long)strlen((char *)*P),NULL));
+ if (strcmp(p,(char *)*R) != 0)
+ {
+ printf("error calculating RIPEMD160 on '%s'\n",*P);
+ printf("got %s instead of %s\n",p,*R);
+ err++;
+ }
+ else
+ printf("test %d ok\n",i);
+ i++;
+ R++;
+ P++;
+ }
+ exit(err);
+ return(0);
+ }
+
+static char *pt(md)
+unsigned char *md;
+ {
+ int i;
+ static char buf[80];
+
+ for (i=0; i<RIPEMD160_DIGEST_LENGTH; i++)
+ sprintf(&(buf[i*2]),"%02x",md[i]);
+ return(buf);
+ }
+
diff --git a/src/lib/libcrypto/sha/asm/README b/src/lib/libcrypto/sha/asm/README
new file mode 100644
index 0000000000..b7e755765f
--- /dev/null
+++ b/src/lib/libcrypto/sha/asm/README
@@ -0,0 +1 @@
+C2.pl works
diff --git a/src/lib/libcrypto/sha/sha.c b/src/lib/libcrypto/sha/sha.c
new file mode 100644
index 0000000000..713fec3610
--- /dev/null
+++ b/src/lib/libcrypto/sha/sha.c
@@ -0,0 +1,135 @@
+/* crypto/sha/sha.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "sha.h"
+
+#define BUFSIZE 1024*16
+
+#ifndef NOPROTO
+void do_fp(FILE *f);
+void pt(unsigned char *md);
+int read(int, void *, unsigned int);
+#else
+void do_fp();
+void pt();
+int read();
+#endif
+
+int main(argc, argv)
+int argc;
+char **argv;
+ {
+ int i,err=0;
+ FILE *IN;
+
+ if (argc == 1)
+ {
+ do_fp(stdin);
+ }
+ else
+ {
+ for (i=1; i<argc; i++)
+ {
+ IN=fopen(argv[i],"r");
+ if (IN == NULL)
+ {
+ perror(argv[i]);
+ err++;
+ continue;
+ }
+ printf("SHA(%s)= ",argv[i]);
+ do_fp(IN);
+ fclose(IN);
+ }
+ }
+ exit(err);
+ }
+
+void do_fp(f)
+FILE *f;
+ {
+ SHA_CTX c;
+ unsigned char md[SHA_DIGEST_LENGTH];
+ int fd;
+ int i;
+ unsigned char buf[BUFSIZE];
+
+ fd=fileno(f);
+ SHA_Init(&c);
+ for (;;)
+ {
+ i=read(fd,buf,BUFSIZE);
+ if (i <= 0) break;
+ SHA_Update(&c,buf,(unsigned long)i);
+ }
+ SHA_Final(&(md[0]),&c);
+ pt(md);
+ }
+
+void pt(md)
+unsigned char *md;
+ {
+ int i;
+
+ for (i=0; i<SHA_DIGEST_LENGTH; i++)
+ printf("%02x",md[i]);
+ printf("\n");
+ }
+
diff --git a/src/lib/libcrypto/sha/sha1.c b/src/lib/libcrypto/sha/sha1.c
new file mode 100644
index 0000000000..a4739ac9fd
--- /dev/null
+++ b/src/lib/libcrypto/sha/sha1.c
@@ -0,0 +1,135 @@
+/* crypto/sha/sha1.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "sha.h"
+
+#define BUFSIZE 1024*16
+
+#ifndef NOPROTO
+void do_fp(FILE *f);
+void pt(unsigned char *md);
+int read(int, void *, unsigned int);
+#else
+void do_fp();
+void pt();
+int read();
+#endif
+
+int main(argc, argv)
+int argc;
+char **argv;
+ {
+ int i,err=0;
+ FILE *IN;
+
+ if (argc == 1)
+ {
+ do_fp(stdin);
+ }
+ else
+ {
+ for (i=1; i<argc; i++)
+ {
+ IN=fopen(argv[i],"r");
+ if (IN == NULL)
+ {
+ perror(argv[i]);
+ err++;
+ continue;
+ }
+ printf("SHA1(%s)= ",argv[i]);
+ do_fp(IN);
+ fclose(IN);
+ }
+ }
+ exit(err);
+ }
+
+void do_fp(f)
+FILE *f;
+ {
+ SHA_CTX c;
+ unsigned char md[SHA_DIGEST_LENGTH];
+ int fd;
+ int i;
+ unsigned char buf[BUFSIZE];
+
+ fd=fileno(f);
+ SHA1_Init(&c);
+ for (;;)
+ {
+ i=read(fd,buf,BUFSIZE);
+ if (i <= 0) break;
+ SHA1_Update(&c,buf,(unsigned long)i);
+ }
+ SHA1_Final(&(md[0]),&c);
+ pt(md);
+ }
+
+void pt(md)
+unsigned char *md;
+ {
+ int i;
+
+ for (i=0; i<SHA_DIGEST_LENGTH; i++)
+ printf("%02x",md[i]);
+ printf("\n");
+ }
+
diff --git a/src/lib/libcrypto/sha/sha1s.cpp b/src/lib/libcrypto/sha/sha1s.cpp
new file mode 100644
index 0000000000..0163377de6
--- /dev/null
+++ b/src/lib/libcrypto/sha/sha1s.cpp
@@ -0,0 +1,79 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+ asm volatile(".byte 15, 49\n\t"
+ : "=eax" (tsc)
+ :
+ : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+ unsigned long a;
+ __asm _emit 0fh
+ __asm _emit 31h
+ __asm mov a, eax;
+ tsc=a;
+}
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "sha.h"
+
+extern "C" {
+void sha1_block_x86(SHA_CTX *ctx, unsigned char *buffer,int num);
+}
+
+void main(int argc,char *argv[])
+ {
+ unsigned char buffer[64*256];
+ SHA_CTX ctx;
+ unsigned long s1,s2,e1,e2;
+ unsigned char k[16];
+ unsigned long data[2];
+ unsigned char iv[8];
+ int i,num=0,numm;
+ int j=0;
+
+ if (argc >= 2)
+ num=atoi(argv[1]);
+
+ if (num == 0) num=16;
+ if (num > 250) num=16;
+ numm=num+2;
+ num*=64;
+ numm*=64;
+
+ for (j=0; j<6; j++)
+ {
+ for (i=0; i<10; i++) /**/
+ {
+ sha1_block_x86(&ctx,buffer,numm);
+ GetTSC(s1);
+ sha1_block_x86(&ctx,buffer,numm);
+ GetTSC(e1);
+ GetTSC(s2);
+ sha1_block_x86(&ctx,buffer,num);
+ GetTSC(e2);
+ sha1_block_x86(&ctx,buffer,num);
+ }
+
+ printf("sha1 (%d bytes) %d %d (%.2f)\n",num,
+ e1-s1,e2-s2,(double)((e1-s1)-(e2-s2))/2);
+ }
+ }
+
diff --git a/src/lib/libcrypto/sha/sha1test.c b/src/lib/libcrypto/sha/sha1test.c
new file mode 100644
index 0000000000..3c62a218b4
--- /dev/null
+++ b/src/lib/libcrypto/sha/sha1test.c
@@ -0,0 +1,155 @@
+/* crypto/sha/sha1test.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include "sha.h"
+
+#undef SHA_0 /* FIPS 180 */
+#define SHA_1 /* FIPS 180-1 */
+
+char *test[]={
+ "abc",
+ "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
+ NULL,
+ };
+
+#ifdef SHA_0
+char *ret[]={
+ "0164b8a914cd2a5e74c4f7ff082c4d97f1edf880",
+ "d2516ee1acfa5baf33dfc1c471e438449ef134c8",
+ };
+char *bigret=
+ "3232affa48628a26653b5aaa44541fd90d690603";
+#endif
+#ifdef SHA_1
+char *ret[]={
+ "a9993e364706816aba3e25717850c26c9cd0d89d",
+ "84983e441c3bd26ebaae4aa1f95129e5e54670f1",
+ };
+char *bigret=
+ "34aa973cd4c4daa4f61eeb2bdbad27316534016f";
+#endif
+
+#ifndef NOPROTO
+static char *pt(unsigned char *md);
+#else
+static char *pt();
+#endif
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ int i,err=0;
+ unsigned char **P,**R;
+ static unsigned char buf[1000];
+ char *p,*r;
+ SHA_CTX c;
+ unsigned char md[SHA_DIGEST_LENGTH];
+
+ P=(unsigned char **)test;
+ R=(unsigned char **)ret;
+ i=1;
+ while (*P != NULL)
+ {
+ p=pt(SHA1(*P,(unsigned long)strlen((char *)*P),NULL));
+ if (strcmp(p,(char *)*R) != 0)
+ {
+ printf("error calculating SHA1 on '%s'\n",*P);
+ printf("got %s instead of %s\n",p,*R);
+ err++;
+ }
+ else
+ printf("test %d ok\n",i);
+ i++;
+ R++;
+ P++;
+ }
+
+ memset(buf,'a',1000);
+ SHA1_Init(&c);
+ for (i=0; i<1000; i++)
+ SHA1_Update(&c,buf,1000);
+ SHA1_Final(md,&c);
+ p=pt(md);
+
+ r=bigret;
+ if (strcmp(p,r) != 0)
+ {
+ printf("error calculating SHA1 on 'a' * 1000\n");
+ printf("got %s instead of %s\n",p,r);
+ err++;
+ }
+ else
+ printf("test 3 ok\n");
+ exit(err);
+ return(0);
+ }
+
+static char *pt(md)
+unsigned char *md;
+ {
+ int i;
+ static char buf[80];
+
+ for (i=0; i<SHA_DIGEST_LENGTH; i++)
+ sprintf(&(buf[i*2]),"%02x",md[i]);
+ return(buf);
+ }
diff --git a/src/lib/libcrypto/sha/sha_dgst.c b/src/lib/libcrypto/sha/sha_dgst.c
new file mode 100644
index 0000000000..8ed533ea26
--- /dev/null
+++ b/src/lib/libcrypto/sha/sha_dgst.c
@@ -0,0 +1,442 @@
+/* crypto/sha/sha_dgst.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#define SHA_0
+#undef SHA_1
+#include "sha.h"
+#include "sha_locl.h"
+
+char *SHA_version="SHA part of SSLeay 0.9.0b 29-Jun-1998";
+
+/* Implemented from SHA-0 document - The Secure Hash Algorithm
+ */
+
+#define INIT_DATA_h0 (unsigned long)0x67452301L
+#define INIT_DATA_h1 (unsigned long)0xefcdab89L
+#define INIT_DATA_h2 (unsigned long)0x98badcfeL
+#define INIT_DATA_h3 (unsigned long)0x10325476L
+#define INIT_DATA_h4 (unsigned long)0xc3d2e1f0L
+
+#define K_00_19 0x5a827999L
+#define K_20_39 0x6ed9eba1L
+#define K_40_59 0x8f1bbcdcL
+#define K_60_79 0xca62c1d6L
+
+#ifndef NOPROTO
+ void sha_block(SHA_CTX *c, register unsigned long *p, int num);
+#else
+ void sha_block();
+#endif
+
+#define M_c2nl c2nl
+#define M_p_c2nl p_c2nl
+#define M_c2nl_p c2nl_p
+#define M_p_c2nl_p p_c2nl_p
+#define M_nl2c nl2c
+
+void SHA_Init(c)
+SHA_CTX *c;
+ {
+ c->h0=INIT_DATA_h0;
+ c->h1=INIT_DATA_h1;
+ c->h2=INIT_DATA_h2;
+ c->h3=INIT_DATA_h3;
+ c->h4=INIT_DATA_h4;
+ c->Nl=0;
+ c->Nh=0;
+ c->num=0;
+ }
+
+void SHA_Update(c, data, len)
+SHA_CTX *c;
+register unsigned char *data;
+unsigned long len;
+ {
+ register ULONG *p;
+ int ew,ec,sw,sc;
+ ULONG l;
+
+ if (len == 0) return;
+
+ l=(c->Nl+(len<<3))&0xffffffffL;
+ if (l < c->Nl) /* overflow */
+ c->Nh++;
+ c->Nh+=(len>>29);
+ c->Nl=l;
+
+ if (c->num != 0)
+ {
+ p=c->data;
+ sw=c->num>>2;
+ sc=c->num&0x03;
+
+ if ((c->num+len) >= SHA_CBLOCK)
+ {
+ l= p[sw];
+ M_p_c2nl(data,l,sc);
+ p[sw++]=l;
+ for (; sw<SHA_LBLOCK; sw++)
+ {
+ M_c2nl(data,l);
+ p[sw]=l;
+ }
+ len-=(SHA_CBLOCK-c->num);
+
+ sha_block(c,p,64);
+ c->num=0;
+ /* drop through and do the rest */
+ }
+ else
+ {
+ c->num+=(int)len;
+ if ((sc+len) < 4) /* ugly, add char's to a word */
+ {
+ l= p[sw];
+ M_p_c2nl_p(data,l,sc,len);
+ p[sw]=l;
+ }
+ else
+ {
+ ew=(c->num>>2);
+ ec=(c->num&0x03);
+ l= p[sw];
+ M_p_c2nl(data,l,sc);
+ p[sw++]=l;
+ for (; sw < ew; sw++)
+ { M_c2nl(data,l); p[sw]=l; }
+ if (ec)
+ {
+ M_c2nl_p(data,l,ec);
+ p[sw]=l;
+ }
+ }
+ return;
+ }
+ }
+ /* We can only do the following code for assember, the reason
+ * being that the sha_block 'C' version changes the values
+ * in the 'data' array. The assember code avoids this and
+ * copies it to a local array. I should be able to do this for
+ * the C version as well....
+ */
+#if 1
+#if defined(B_ENDIAN) || defined(SHA_ASM)
+ if ((((unsigned int)data)%sizeof(ULONG)) == 0)
+ {
+ sw=len/SHA_CBLOCK;
+ if (sw)
+ {
+ sw*=SHA_CBLOCK;
+ sha_block(c,(ULONG *)data,sw);
+ data+=sw;
+ len-=sw;
+ }
+ }
+#endif
+#endif
+ /* we now can process the input data in blocks of SHA_CBLOCK
+ * chars and save the leftovers to c->data. */
+ p=c->data;
+ while (len >= SHA_CBLOCK)
+ {
+#if defined(B_ENDIAN) || defined(L_ENDIAN)
+ if (p != (unsigned long *)data)
+ memcpy(p,data,SHA_CBLOCK);
+ data+=SHA_CBLOCK;
+# ifdef L_ENDIAN
+# ifndef SHA_ASM /* Will not happen */
+ for (sw=(SHA_LBLOCK/4); sw; sw--)
+ {
+ Endian_Reverse32(p[0]);
+ Endian_Reverse32(p[1]);
+ Endian_Reverse32(p[2]);
+ Endian_Reverse32(p[3]);
+ p+=4;
+ }
+ p=c->data;
+# endif
+# endif
+#else
+ for (sw=(SHA_BLOCK/4); sw; sw--)
+ {
+ M_c2nl(data,l); *(p++)=l;
+ M_c2nl(data,l); *(p++)=l;
+ M_c2nl(data,l); *(p++)=l;
+ M_c2nl(data,l); *(p++)=l;
+ }
+ p=c->data;
+#endif
+ sha_block(c,p,64);
+ len-=SHA_CBLOCK;
+ }
+ ec=(int)len;
+ c->num=ec;
+ ew=(ec>>2);
+ ec&=0x03;
+
+ for (sw=0; sw < ew; sw++)
+ { M_c2nl(data,l); p[sw]=l; }
+ M_c2nl_p(data,l,ec);
+ p[sw]=l;
+ }
+
+void SHA_Transform(c,b)
+SHA_CTX *c;
+unsigned char *b;
+ {
+ ULONG p[16];
+#if !defined(B_ENDIAN)
+ ULONG *q;
+ int i;
+#endif
+
+#if defined(B_ENDIAN) || defined(L_ENDIAN)
+ memcpy(p,b,64);
+#ifdef L_ENDIAN
+ q=p;
+ for (i=(SHA_LBLOCK/4); i; i--)
+ {
+ Endian_Reverse32(q[0]);
+ Endian_Reverse32(q[1]);
+ Endian_Reverse32(q[2]);
+ Endian_Reverse32(q[3]);
+ q+=4;
+ }
+#endif
+#else
+ q=p;
+ for (i=(SHA_LBLOCK/4); i; i--)
+ {
+ ULONG l;
+ c2nl(b,l); *(q++)=l;
+ c2nl(b,l); *(q++)=l;
+ c2nl(b,l); *(q++)=l;
+ c2nl(b,l); *(q++)=l;
+ }
+#endif
+ sha_block(c,p,64);
+ }
+
+void sha_block(c, W, num)
+SHA_CTX *c;
+register unsigned long *W;
+int num;
+ {
+ register ULONG A,B,C,D,E,T;
+ ULONG X[16];
+
+ A=c->h0;
+ B=c->h1;
+ C=c->h2;
+ D=c->h3;
+ E=c->h4;
+
+ for (;;)
+ {
+ BODY_00_15( 0,A,B,C,D,E,T,W);
+ BODY_00_15( 1,T,A,B,C,D,E,W);
+ BODY_00_15( 2,E,T,A,B,C,D,W);
+ BODY_00_15( 3,D,E,T,A,B,C,W);
+ BODY_00_15( 4,C,D,E,T,A,B,W);
+ BODY_00_15( 5,B,C,D,E,T,A,W);
+ BODY_00_15( 6,A,B,C,D,E,T,W);
+ BODY_00_15( 7,T,A,B,C,D,E,W);
+ BODY_00_15( 8,E,T,A,B,C,D,W);
+ BODY_00_15( 9,D,E,T,A,B,C,W);
+ BODY_00_15(10,C,D,E,T,A,B,W);
+ BODY_00_15(11,B,C,D,E,T,A,W);
+ BODY_00_15(12,A,B,C,D,E,T,W);
+ BODY_00_15(13,T,A,B,C,D,E,W);
+ BODY_00_15(14,E,T,A,B,C,D,W);
+ BODY_00_15(15,D,E,T,A,B,C,W);
+ BODY_16_19(16,C,D,E,T,A,B,W,W,W,W);
+ BODY_16_19(17,B,C,D,E,T,A,W,W,W,W);
+ BODY_16_19(18,A,B,C,D,E,T,W,W,W,W);
+ BODY_16_19(19,T,A,B,C,D,E,W,W,W,X);
+
+ BODY_20_31(20,E,T,A,B,C,D,W,W,W,X);
+ BODY_20_31(21,D,E,T,A,B,C,W,W,W,X);
+ BODY_20_31(22,C,D,E,T,A,B,W,W,W,X);
+ BODY_20_31(23,B,C,D,E,T,A,W,W,W,X);
+ BODY_20_31(24,A,B,C,D,E,T,W,W,X,X);
+ BODY_20_31(25,T,A,B,C,D,E,W,W,X,X);
+ BODY_20_31(26,E,T,A,B,C,D,W,W,X,X);
+ BODY_20_31(27,D,E,T,A,B,C,W,W,X,X);
+ BODY_20_31(28,C,D,E,T,A,B,W,W,X,X);
+ BODY_20_31(29,B,C,D,E,T,A,W,W,X,X);
+ BODY_20_31(30,A,B,C,D,E,T,W,X,X,X);
+ BODY_20_31(31,T,A,B,C,D,E,W,X,X,X);
+ BODY_32_39(32,E,T,A,B,C,D,X);
+ BODY_32_39(33,D,E,T,A,B,C,X);
+ BODY_32_39(34,C,D,E,T,A,B,X);
+ BODY_32_39(35,B,C,D,E,T,A,X);
+ BODY_32_39(36,A,B,C,D,E,T,X);
+ BODY_32_39(37,T,A,B,C,D,E,X);
+ BODY_32_39(38,E,T,A,B,C,D,X);
+ BODY_32_39(39,D,E,T,A,B,C,X);
+
+ BODY_40_59(40,C,D,E,T,A,B,X);
+ BODY_40_59(41,B,C,D,E,T,A,X);
+ BODY_40_59(42,A,B,C,D,E,T,X);
+ BODY_40_59(43,T,A,B,C,D,E,X);
+ BODY_40_59(44,E,T,A,B,C,D,X);
+ BODY_40_59(45,D,E,T,A,B,C,X);
+ BODY_40_59(46,C,D,E,T,A,B,X);
+ BODY_40_59(47,B,C,D,E,T,A,X);
+ BODY_40_59(48,A,B,C,D,E,T,X);
+ BODY_40_59(49,T,A,B,C,D,E,X);
+ BODY_40_59(50,E,T,A,B,C,D,X);
+ BODY_40_59(51,D,E,T,A,B,C,X);
+ BODY_40_59(52,C,D,E,T,A,B,X);
+ BODY_40_59(53,B,C,D,E,T,A,X);
+ BODY_40_59(54,A,B,C,D,E,T,X);
+ BODY_40_59(55,T,A,B,C,D,E,X);
+ BODY_40_59(56,E,T,A,B,C,D,X);
+ BODY_40_59(57,D,E,T,A,B,C,X);
+ BODY_40_59(58,C,D,E,T,A,B,X);
+ BODY_40_59(59,B,C,D,E,T,A,X);
+
+ BODY_60_79(60,A,B,C,D,E,T,X);
+ BODY_60_79(61,T,A,B,C,D,E,X);
+ BODY_60_79(62,E,T,A,B,C,D,X);
+ BODY_60_79(63,D,E,T,A,B,C,X);
+ BODY_60_79(64,C,D,E,T,A,B,X);
+ BODY_60_79(65,B,C,D,E,T,A,X);
+ BODY_60_79(66,A,B,C,D,E,T,X);
+ BODY_60_79(67,T,A,B,C,D,E,X);
+ BODY_60_79(68,E,T,A,B,C,D,X);
+ BODY_60_79(69,D,E,T,A,B,C,X);
+ BODY_60_79(70,C,D,E,T,A,B,X);
+ BODY_60_79(71,B,C,D,E,T,A,X);
+ BODY_60_79(72,A,B,C,D,E,T,X);
+ BODY_60_79(73,T,A,B,C,D,E,X);
+ BODY_60_79(74,E,T,A,B,C,D,X);
+ BODY_60_79(75,D,E,T,A,B,C,X);
+ BODY_60_79(76,C,D,E,T,A,B,X);
+ BODY_60_79(77,B,C,D,E,T,A,X);
+ BODY_60_79(78,A,B,C,D,E,T,X);
+ BODY_60_79(79,T,A,B,C,D,E,X);
+
+ c->h0=(c->h0+E)&0xffffffffL;
+ c->h1=(c->h1+T)&0xffffffffL;
+ c->h2=(c->h2+A)&0xffffffffL;
+ c->h3=(c->h3+B)&0xffffffffL;
+ c->h4=(c->h4+C)&0xffffffffL;
+
+ num-=64;
+ if (num <= 0) break;
+
+ A=c->h0;
+ B=c->h1;
+ C=c->h2;
+ D=c->h3;
+ E=c->h4;
+
+ W+=16;
+ }
+ }
+
+void SHA_Final(md, c)
+unsigned char *md;
+SHA_CTX *c;
+ {
+ register int i,j;
+ register ULONG l;
+ register ULONG *p;
+ static unsigned char end[4]={0x80,0x00,0x00,0x00};
+ unsigned char *cp=end;
+
+ /* c->num should definitly have room for at least one more byte. */
+ p=c->data;
+ j=c->num;
+ i=j>>2;
+#ifdef PURIFY
+ if ((j&0x03) == 0) p[i]=0;
+#endif
+ l=p[i];
+ M_p_c2nl(cp,l,j&0x03);
+ p[i]=l;
+ i++;
+ /* i is the next 'undefined word' */
+ if (c->num >= SHA_LAST_BLOCK)
+ {
+ for (; i<SHA_LBLOCK; i++)
+ p[i]=0;
+ sha_block(c,p,64);
+ i=0;
+ }
+ for (; i<(SHA_LBLOCK-2); i++)
+ p[i]=0;
+ p[SHA_LBLOCK-2]=c->Nh;
+ p[SHA_LBLOCK-1]=c->Nl;
+ sha_block(c,p,64);
+ cp=md;
+ l=c->h0; nl2c(l,cp);
+ l=c->h1; nl2c(l,cp);
+ l=c->h2; nl2c(l,cp);
+ l=c->h3; nl2c(l,cp);
+ l=c->h4; nl2c(l,cp);
+
+ /* clear stuff, sha_block may be leaving some stuff on the stack
+ * but I'm not worried :-) */
+ c->num=0;
+/* memset((char *)&c,0,sizeof(c));*/
+ }
+
diff --git a/src/lib/libcrypto/sha/sha_one.c b/src/lib/libcrypto/sha/sha_one.c
new file mode 100644
index 0000000000..18ab7f61bc
--- /dev/null
+++ b/src/lib/libcrypto/sha/sha_one.c
@@ -0,0 +1,77 @@
+/* crypto/sha/sha_one.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include "sha.h"
+
+unsigned char *SHA(d, n, md)
+unsigned char *d;
+unsigned long n;
+unsigned char *md;
+ {
+ SHA_CTX c;
+ static unsigned char m[SHA_DIGEST_LENGTH];
+
+ if (md == NULL) md=m;
+ SHA_Init(&c);
+ SHA_Update(&c,d,n);
+ SHA_Final(md,&c);
+ memset(&c,0,sizeof(c));
+ return(md);
+ }
diff --git a/src/lib/libcrypto/sha/shatest.c b/src/lib/libcrypto/sha/shatest.c
new file mode 100644
index 0000000000..03816e9b39
--- /dev/null
+++ b/src/lib/libcrypto/sha/shatest.c
@@ -0,0 +1,155 @@
+/* crypto/sha/shatest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include "sha.h"
+
+#define SHA_0 /* FIPS 180 */
+#undef SHA_1 /* FIPS 180-1 */
+
+char *test[]={
+ "abc",
+ "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
+ NULL,
+ };
+
+#ifdef SHA_0
+char *ret[]={
+ "0164b8a914cd2a5e74c4f7ff082c4d97f1edf880",
+ "d2516ee1acfa5baf33dfc1c471e438449ef134c8",
+ };
+char *bigret=
+ "3232affa48628a26653b5aaa44541fd90d690603";
+#endif
+#ifdef SHA_1
+char *ret[]={
+ "a9993e364706816aba3e25717850c26c9cd0d89d",
+ "84983e441c3bd26ebaae4aa1f95129e5e54670f1",
+ };
+char *bigret=
+ "34aa973cd4c4daa4f61eeb2bdbad27316534016f";
+#endif
+
+#ifndef NOPROTO
+static char *pt(unsigned char *md);
+#else
+static char *pt();
+#endif
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ int i,err=0;
+ unsigned char **P,**R;
+ static unsigned char buf[1000];
+ char *p,*r;
+ SHA_CTX c;
+ unsigned char md[SHA_DIGEST_LENGTH];
+
+ P=(unsigned char **)test;
+ R=(unsigned char **)ret;
+ i=1;
+ while (*P != NULL)
+ {
+ p=pt(SHA(*P,(unsigned long)strlen((char *)*P),NULL));
+ if (strcmp(p,(char *)*R) != 0)
+ {
+ printf("error calculating SHA on '%s'\n",*P);
+ printf("got %s instead of %s\n",p,*R);
+ err++;
+ }
+ else
+ printf("test %d ok\n",i);
+ i++;
+ R++;
+ P++;
+ }
+
+ memset(buf,'a',1000);
+ SHA_Init(&c);
+ for (i=0; i<1000; i++)
+ SHA_Update(&c,buf,1000);
+ SHA_Final(md,&c);
+ p=pt(md);
+
+ r=bigret;
+ if (strcmp(p,r) != 0)
+ {
+ printf("error calculating SHA on '%s'\n",p);
+ printf("got %s instead of %s\n",p,r);
+ err++;
+ }
+ else
+ printf("test 3 ok\n");
+ exit(err);
+ return(0);
+ }
+
+static char *pt(md)
+unsigned char *md;
+ {
+ int i;
+ static char buf[80];
+
+ for (i=0; i<SHA_DIGEST_LENGTH; i++)
+ sprintf(&(buf[i*2]),"%02x",md[i]);
+ return(buf);
+ }
diff --git a/src/lib/libcrypto/threads/mttest.c b/src/lib/libcrypto/threads/mttest.c
new file mode 100644
index 0000000000..be395f2bc4
--- /dev/null
+++ b/src/lib/libcrypto/threads/mttest.c
@@ -0,0 +1,1115 @@
+/* crypto/threads/mttest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#ifdef LINUX
+#include <typedefs.h>
+#endif
+#ifdef WIN32
+#include <windows.h>
+#endif
+#ifdef SOLARIS
+#include <synch.h>
+#include <thread.h>
+#endif
+#ifdef IRIX
+#include <ulocks.h>
+#include <sys/prctl.h>
+#endif
+#include "lhash.h"
+#include "crypto.h"
+#include "buffer.h"
+#include "../e_os.h"
+#include "x509.h"
+#include "ssl.h"
+#include "err.h"
+
+#ifdef NO_FP_API
+#define APPS_WIN16
+#include "../crypto/buffer/bss_file.c"
+#endif
+
+#define TEST_SERVER_CERT "../apps/server.pem"
+#define TEST_CLIENT_CERT "../apps/client.pem"
+
+#define MAX_THREAD_NUMBER 100
+
+#ifndef NOPROTO
+int MS_CALLBACK verify_callback(int ok, X509 *xs, X509 *xi, int depth,
+ int error,char *arg);
+void thread_setup(void);
+void thread_cleanup(void);
+void do_threads(SSL_CTX *s_ctx,SSL_CTX *c_ctx);
+
+void irix_locking_callback(int mode,int type,char *file,int line);
+void solaris_locking_callback(int mode,int type,char *file,int line);
+void win32_locking_callback(int mode,int type,char *file,int line);
+void pthreads_locking_callback(int mode,int type,char *file,int line);
+
+unsigned long irix_thread_id(void );
+unsigned long solaris_thread_id(void );
+unsigned long pthreads_thread_id(void );
+
+#else
+int MS_CALLBACK verify_callback();
+void thread_setup();
+void thread_cleanup();
+void do_threads();
+
+void irix_locking_callback();
+void solaris_locking_callback();
+void win32_locking_callback();
+void pthreads_locking_callback();
+
+unsigned long irix_thread_id();
+unsigned long solaris_thread_id();
+unsigned long pthreads_thread_id();
+
+#endif
+
+BIO *bio_err=NULL;
+BIO *bio_stdout=NULL;
+
+static char *cipher=NULL;
+int verbose=0;
+#ifdef FIONBIO
+static int s_nbio=0;
+#endif
+
+int thread_number=10;
+int number_of_loops=10;
+int reconnect=0;
+int cache_stats=0;
+
+#ifndef NOPROTO
+int doit(char *ctx[4]);
+#else
+int doit();
+#endif
+
+static void print_stats(fp,ctx)
+FILE *fp;
+SSL_CTX *ctx;
+{
+ fprintf(fp,"%4ld items in the session cache\n",
+ SSL_CTX_sess_number(ctx));
+ fprintf(fp,"%4d client connects (SSL_connect())\n",
+ SSL_CTX_sess_connect(ctx));
+ fprintf(fp,"%4d client connects that finished\n",
+ SSL_CTX_sess_connect_good(ctx));
+ fprintf(fp,"%4d server connects (SSL_accept())\n",
+ SSL_CTX_sess_accept(ctx));
+ fprintf(fp,"%4d server connects that finished\n",
+ SSL_CTX_sess_accept_good(ctx));
+ fprintf(fp,"%4d session cache hits\n",SSL_CTX_sess_hits(ctx));
+ fprintf(fp,"%4d session cache misses\n",SSL_CTX_sess_misses(ctx));
+ fprintf(fp,"%4d session cache timeouts\n",SSL_CTX_sess_timeouts(ctx));
+ }
+
+static void sv_usage()
+ {
+ fprintf(stderr,"usage: ssltest [args ...]\n");
+ fprintf(stderr,"\n");
+ fprintf(stderr," -server_auth - check server certificate\n");
+ fprintf(stderr," -client_auth - do client authentication\n");
+ fprintf(stderr," -v - more output\n");
+ fprintf(stderr," -CApath arg - PEM format directory of CA's\n");
+ fprintf(stderr," -CAfile arg - PEM format file of CA's\n");
+ fprintf(stderr," -threads arg - number of threads\n");
+ fprintf(stderr," -loops arg - number of 'connections', per thread\n");
+ fprintf(stderr," -reconnect - reuse session-id's\n");
+ fprintf(stderr," -stats - server session-id cache stats\n");
+ fprintf(stderr," -cert arg - server certificate/key\n");
+ fprintf(stderr," -ccert arg - client certificate/key\n");
+ fprintf(stderr," -ssl3 - just SSLv3n\n");
+ }
+
+int main(argc, argv)
+int argc;
+char *argv[];
+ {
+ char *CApath=NULL,*CAfile=NULL;
+ int badop=0;
+ int ret=1;
+ int client_auth=0;
+ int server_auth=0;
+ SSL_CTX *s_ctx=NULL;
+ SSL_CTX *c_ctx=NULL;
+ char *scert=TEST_SERVER_CERT;
+ char *ccert=TEST_CLIENT_CERT;
+ SSL_METHOD *ssl_method=SSLv23_method();
+
+ if (bio_err == NULL)
+ bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
+ if (bio_stdout == NULL)
+ bio_stdout=BIO_new_fp(stdout,BIO_NOCLOSE);
+ argc--;
+ argv++;
+
+ while (argc >= 1)
+ {
+ if (strcmp(*argv,"-server_auth") == 0)
+ server_auth=1;
+ else if (strcmp(*argv,"-client_auth") == 0)
+ client_auth=1;
+ else if (strcmp(*argv,"-reconnect") == 0)
+ reconnect=1;
+ else if (strcmp(*argv,"-stats") == 0)
+ cache_stats=1;
+ else if (strcmp(*argv,"-ssl3") == 0)
+ ssl_method=SSLv3_method();
+ else if (strcmp(*argv,"-ssl2") == 0)
+ ssl_method=SSLv2_method();
+ else if (strcmp(*argv,"-CApath") == 0)
+ {
+ if (--argc < 1) goto bad;
+ CApath= *(++argv);
+ }
+ else if (strcmp(*argv,"-CAfile") == 0)
+ {
+ if (--argc < 1) goto bad;
+ CAfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-cert") == 0)
+ {
+ if (--argc < 1) goto bad;
+ scert= *(++argv);
+ }
+ else if (strcmp(*argv,"-ccert") == 0)
+ {
+ if (--argc < 1) goto bad;
+ ccert= *(++argv);
+ }
+ else if (strcmp(*argv,"-threads") == 0)
+ {
+ if (--argc < 1) goto bad;
+ thread_number= atoi(*(++argv));
+ if (thread_number == 0) thread_number=1;
+ if (thread_number > MAX_THREAD_NUMBER)
+ thread_number=MAX_THREAD_NUMBER;
+ }
+ else if (strcmp(*argv,"-loops") == 0)
+ {
+ if (--argc < 1) goto bad;
+ number_of_loops= atoi(*(++argv));
+ if (number_of_loops == 0) number_of_loops=1;
+ }
+ else
+ {
+ fprintf(stderr,"unknown option %s\n",*argv);
+ badop=1;
+ break;
+ }
+ argc--;
+ argv++;
+ }
+ if (badop)
+ {
+bad:
+ sv_usage();
+ goto end;
+ }
+
+ if (cipher == NULL) cipher=getenv("SSL_CIPHER");
+
+ SSL_load_error_strings();
+ SSLeay_add_ssl_algorithms();
+
+ c_ctx=SSL_CTX_new(ssl_method);
+ s_ctx=SSL_CTX_new(ssl_method);
+ if ((c_ctx == NULL) || (s_ctx == NULL))
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ SSL_CTX_set_session_cache_mode(s_ctx,
+ SSL_SESS_CACHE_NO_AUTO_CLEAR|SSL_SESS_CACHE_SERVER);
+ SSL_CTX_set_session_cache_mode(c_ctx,
+ SSL_SESS_CACHE_NO_AUTO_CLEAR|SSL_SESS_CACHE_SERVER);
+
+ SSL_CTX_use_certificate_file(s_ctx,scert,SSL_FILETYPE_PEM);
+ SSL_CTX_use_RSAPrivateKey_file(s_ctx,scert,SSL_FILETYPE_PEM);
+
+ if (client_auth)
+ {
+ SSL_CTX_use_certificate_file(c_ctx,ccert,
+ SSL_FILETYPE_PEM);
+ SSL_CTX_use_RSAPrivateKey_file(c_ctx,ccert,
+ SSL_FILETYPE_PEM);
+ }
+
+ if ( (!SSL_CTX_load_verify_locations(s_ctx,CAfile,CApath)) ||
+ (!SSL_CTX_set_default_verify_paths(s_ctx)) ||
+ (!SSL_CTX_load_verify_locations(c_ctx,CAfile,CApath)) ||
+ (!SSL_CTX_set_default_verify_paths(c_ctx)))
+ {
+ fprintf(stderr,"SSL_load_verify_locations\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (client_auth)
+ {
+ fprintf(stderr,"client authentication\n");
+ SSL_CTX_set_verify(s_ctx,
+ SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
+ verify_callback);
+ }
+ if (server_auth)
+ {
+ fprintf(stderr,"server authentication\n");
+ SSL_CTX_set_verify(c_ctx,SSL_VERIFY_PEER,
+ verify_callback);
+ }
+
+ thread_setup();
+ do_threads(s_ctx,c_ctx);
+ thread_cleanup();
+end:
+
+ if (c_ctx != NULL)
+ {
+ fprintf(stderr,"Client SSL_CTX stats then free it\n");
+ print_stats(stderr,c_ctx);
+ SSL_CTX_free(c_ctx);
+ }
+ if (s_ctx != NULL)
+ {
+ fprintf(stderr,"Server SSL_CTX stats then free it\n");
+ print_stats(stderr,s_ctx);
+ if (cache_stats)
+ {
+ fprintf(stderr,"-----\n");
+ lh_stats(SSL_CTX_sessions(s_ctx),stderr);
+ fprintf(stderr,"-----\n");
+ /* lh_node_stats(SSL_CTX_sessions(s_ctx),stderr);
+ fprintf(stderr,"-----\n"); */
+ lh_node_usage_stats(SSL_CTX_sessions(s_ctx),stderr);
+ fprintf(stderr,"-----\n");
+ }
+ SSL_CTX_free(s_ctx);
+ fprintf(stderr,"done free\n");
+ }
+ exit(ret);
+ return(0);
+ }
+
+#define W_READ 1
+#define W_WRITE 2
+#define C_DONE 1
+#define S_DONE 2
+
+int ndoit(ssl_ctx)
+SSL_CTX *ssl_ctx[2];
+ {
+ int i;
+ int ret;
+ char *ctx[4];
+
+ ctx[0]=(char *)ssl_ctx[0];
+ ctx[1]=(char *)ssl_ctx[1];
+
+ if (reconnect)
+ {
+ ctx[2]=(char *)SSL_new(ssl_ctx[0]);
+ ctx[3]=(char *)SSL_new(ssl_ctx[1]);
+ }
+ else
+ {
+ ctx[2]=NULL;
+ ctx[3]=NULL;
+ }
+
+ fprintf(stdout,"started thread %lu\n",CRYPTO_thread_id());
+ for (i=0; i<number_of_loops; i++)
+ {
+/* fprintf(stderr,"%4d %2d ctx->ref (%3d,%3d)\n",
+ CRYPTO_thread_id(),i,
+ ssl_ctx[0]->references,
+ ssl_ctx[1]->references); */
+ /* pthread_delay_np(&tm);*/
+
+ ret=doit(ctx);
+ if (ret != 0)
+ {
+ fprintf(stdout,"error[%d] %lu - %d\n",
+ i,CRYPTO_thread_id(),ret);
+ return(ret);
+ }
+ }
+ fprintf(stdout,"DONE %lu\n",CRYPTO_thread_id());
+ if (reconnect)
+ {
+ SSL_free((SSL *)ctx[2]);
+ SSL_free((SSL *)ctx[3]);
+ }
+ return(0);
+ }
+
+int doit(ctx)
+char *ctx[4];
+ {
+ SSL_CTX *s_ctx,*c_ctx;
+ static char cbuf[200],sbuf[200];
+ SSL *c_ssl=NULL;
+ SSL *s_ssl=NULL;
+ BIO *c_to_s=NULL;
+ BIO *s_to_c=NULL;
+ BIO *c_bio=NULL;
+ BIO *s_bio=NULL;
+ int c_r,c_w,s_r,s_w;
+ int c_want,s_want;
+ int i;
+ int done=0;
+ int c_write,s_write;
+ int do_server=0,do_client=0;
+
+ s_ctx=(SSL_CTX *)ctx[0];
+ c_ctx=(SSL_CTX *)ctx[1];
+
+ if (ctx[2] != NULL)
+ s_ssl=(SSL *)ctx[2];
+ else
+ s_ssl=SSL_new(s_ctx);
+
+ if (ctx[3] != NULL)
+ c_ssl=(SSL *)ctx[3];
+ else
+ c_ssl=SSL_new(c_ctx);
+
+ if ((s_ssl == NULL) || (c_ssl == NULL)) goto err;
+
+ c_to_s=BIO_new(BIO_s_mem());
+ s_to_c=BIO_new(BIO_s_mem());
+ if ((s_to_c == NULL) || (c_to_s == NULL)) goto err;
+
+ c_bio=BIO_new(BIO_f_ssl());
+ s_bio=BIO_new(BIO_f_ssl());
+ if ((c_bio == NULL) || (s_bio == NULL)) goto err;
+
+ SSL_set_connect_state(c_ssl);
+ SSL_set_bio(c_ssl,s_to_c,c_to_s);
+ BIO_set_ssl(c_bio,c_ssl,(ctx[2] == NULL)?BIO_CLOSE:BIO_NOCLOSE);
+
+ SSL_set_accept_state(s_ssl);
+ SSL_set_bio(s_ssl,c_to_s,s_to_c);
+ BIO_set_ssl(s_bio,s_ssl,(ctx[3] == NULL)?BIO_CLOSE:BIO_NOCLOSE);
+
+ c_r=0; s_r=1;
+ c_w=1; s_w=0;
+ c_want=W_WRITE;
+ s_want=0;
+ c_write=1,s_write=0;
+
+ /* We can always do writes */
+ for (;;)
+ {
+ do_server=0;
+ do_client=0;
+
+ i=(int)BIO_pending(s_bio);
+ if ((i && s_r) || s_w) do_server=1;
+
+ i=(int)BIO_pending(c_bio);
+ if ((i && c_r) || c_w) do_client=1;
+
+ if (do_server && verbose)
+ {
+ if (SSL_in_init(s_ssl))
+ printf("server waiting in SSL_accept - %s\n",
+ SSL_state_string_long(s_ssl));
+ else if (s_write)
+ printf("server:SSL_write()\n");
+ else
+ printf("server:SSL_read()\n");
+ }
+
+ if (do_client && verbose)
+ {
+ if (SSL_in_init(c_ssl))
+ printf("client waiting in SSL_connect - %s\n",
+ SSL_state_string_long(c_ssl));
+ else if (c_write)
+ printf("client:SSL_write()\n");
+ else
+ printf("client:SSL_read()\n");
+ }
+
+ if (!do_client && !do_server)
+ {
+ fprintf(stdout,"ERROR IN STARTUP\n");
+ break;
+ }
+ if (do_client && !(done & C_DONE))
+ {
+ if (c_write)
+ {
+ i=BIO_write(c_bio,"hello from client\n",18);
+ if (i < 0)
+ {
+ c_r=0;
+ c_w=0;
+ if (BIO_should_retry(c_bio))
+ {
+ if (BIO_should_read(c_bio))
+ c_r=1;
+ if (BIO_should_write(c_bio))
+ c_w=1;
+ }
+ else
+ {
+ fprintf(stderr,"ERROR in CLIENT\n");
+ return(1);
+ }
+ }
+ else if (i == 0)
+ {
+ fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
+ return(1);
+ }
+ else
+ {
+ /* ok */
+ c_write=0;
+ }
+ }
+ else
+ {
+ i=BIO_read(c_bio,cbuf,100);
+ if (i < 0)
+ {
+ c_r=0;
+ c_w=0;
+ if (BIO_should_retry(c_bio))
+ {
+ if (BIO_should_read(c_bio))
+ c_r=1;
+ if (BIO_should_write(c_bio))
+ c_w=1;
+ }
+ else
+ {
+ fprintf(stderr,"ERROR in CLIENT\n");
+ return(1);
+ }
+ }
+ else if (i == 0)
+ {
+ fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
+ return(1);
+ }
+ else
+ {
+ done|=C_DONE;
+#ifdef undef
+ fprintf(stdout,"CLIENT:from server:");
+ fwrite(cbuf,1,i,stdout);
+ fflush(stdout);
+#endif
+ }
+ }
+ }
+
+ if (do_server && !(done & S_DONE))
+ {
+ if (!s_write)
+ {
+ i=BIO_read(s_bio,sbuf,100);
+ if (i < 0)
+ {
+ s_r=0;
+ s_w=0;
+ if (BIO_should_retry(s_bio))
+ {
+ if (BIO_should_read(s_bio))
+ s_r=1;
+ if (BIO_should_write(s_bio))
+ s_w=1;
+ }
+ else
+ {
+ fprintf(stderr,"ERROR in SERVER\n");
+ ERR_print_errors_fp(stderr);
+ return(1);
+ }
+ }
+ else if (i == 0)
+ {
+ fprintf(stderr,"SSL SERVER STARTUP FAILED\n");
+ return(1);
+ }
+ else
+ {
+ s_write=1;
+ s_w=1;
+#ifdef undef
+ fprintf(stdout,"SERVER:from client:");
+ fwrite(sbuf,1,i,stdout);
+ fflush(stdout);
+#endif
+ }
+ }
+ else
+ {
+ i=BIO_write(s_bio,"hello from server\n",18);
+ if (i < 0)
+ {
+ s_r=0;
+ s_w=0;
+ if (BIO_should_retry(s_bio))
+ {
+ if (BIO_should_read(s_bio))
+ s_r=1;
+ if (BIO_should_write(s_bio))
+ s_w=1;
+ }
+ else
+ {
+ fprintf(stderr,"ERROR in SERVER\n");
+ ERR_print_errors_fp(stderr);
+ return(1);
+ }
+ }
+ else if (i == 0)
+ {
+ fprintf(stderr,"SSL SERVER STARTUP FAILED\n");
+ return(1);
+ }
+ else
+ {
+ s_write=0;
+ s_r=1;
+ done|=S_DONE;
+ }
+ }
+ }
+
+ if ((done & S_DONE) && (done & C_DONE)) break;
+ }
+
+ SSL_set_shutdown(c_ssl,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
+ SSL_set_shutdown(s_ssl,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
+
+#ifdef undef
+ fprintf(stdout,"DONE\n");
+#endif
+err:
+ /* We have to set the BIO's to NULL otherwise they will be
+ * free()ed twice. Once when th s_ssl is SSL_free()ed and
+ * again when c_ssl is SSL_free()ed.
+ * This is a hack required because s_ssl and c_ssl are sharing the same
+ * BIO structure and SSL_set_bio() and SSL_free() automatically
+ * BIO_free non NULL entries.
+ * You should not normally do this or be required to do this */
+
+ if (s_ssl != NULL)
+ {
+ s_ssl->rbio=NULL;
+ s_ssl->wbio=NULL;
+ }
+ if (c_ssl != NULL)
+ {
+ c_ssl->rbio=NULL;
+ c_ssl->wbio=NULL;
+ }
+
+ /* The SSL's are optionally freed in the following calls */
+ if (c_to_s != NULL) BIO_free(c_to_s);
+ if (s_to_c != NULL) BIO_free(s_to_c);
+
+ if (c_bio != NULL) BIO_free(c_bio);
+ if (s_bio != NULL) BIO_free(s_bio);
+ return(0);
+ }
+
+int MS_CALLBACK verify_callback(ok, xs, xi, depth, error, arg)
+int ok;
+X509 *xs;
+X509 *xi;
+int depth;
+int error;
+char *arg;
+ {
+ char buf[256];
+
+ if (verbose)
+ {
+ X509_NAME_oneline(X509_get_subject_name(xs),buf,256);
+ if (ok)
+ fprintf(stderr,"depth=%d %s\n",depth,buf);
+ else
+ fprintf(stderr,"depth=%d error=%d %s\n",depth,error,buf);
+ }
+ return(ok);
+ }
+
+#define THREAD_STACK_SIZE (16*1024)
+
+#ifdef WIN32
+
+static HANDLE lock_cs[CRYPTO_NUM_LOCKS];
+
+void thread_setup()
+ {
+ int i;
+
+ for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+ {
+ lock_cs[i]=CreateMutex(NULL,FALSE,NULL);
+ }
+
+ CRYPTO_set_locking_callback((void (*)(int,int,char *,int))win32_locking_callback);
+ /* id callback defined */
+ }
+
+void thread_cleanup()
+ {
+ int i;
+
+ CRYPTO_set_locking_callback(NULL);
+ for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+ CloseHandle(lock_cs[i]);
+ }
+
+void win32_locking_callback(mode,type,file,line)
+int mode;
+int type;
+char *file;
+int line;
+ {
+ if (mode & CRYPTO_LOCK)
+ {
+ WaitForSingleObject(lock_cs[type],INFINITE);
+ }
+ else
+ {
+ ReleaseMutex(lock_cs[type]);
+ }
+ }
+
+void do_threads(s_ctx,c_ctx)
+SSL_CTX *s_ctx,*c_ctx;
+ {
+ double ret;
+ SSL_CTX *ssl_ctx[2];
+ DWORD thread_id[MAX_THREAD_NUMBER];
+ HANDLE thread_handle[MAX_THREAD_NUMBER];
+ int i;
+ SYSTEMTIME start,end;
+
+ ssl_ctx[0]=s_ctx;
+ ssl_ctx[1]=c_ctx;
+
+ GetSystemTime(&start);
+ for (i=0; i<thread_number; i++)
+ {
+ thread_handle[i]=CreateThread(NULL,
+ THREAD_STACK_SIZE,
+ (LPTHREAD_START_ROUTINE)ndoit,
+ (void *)ssl_ctx,
+ 0L,
+ &(thread_id[i]));
+ }
+
+ printf("reaping\n");
+ for (i=0; i<thread_number; i+=50)
+ {
+ int j;
+
+ j=(thread_number < (i+50))?(thread_number-i):50;
+
+ if (WaitForMultipleObjects(j,
+ (CONST HANDLE *)&(thread_handle[i]),TRUE,INFINITE)
+ == WAIT_FAILED)
+ {
+ fprintf(stderr,"WaitForMultipleObjects failed:%d\n",GetLastError());
+ exit(1);
+ }
+ }
+ GetSystemTime(&end);
+
+ if (start.wDayOfWeek > end.wDayOfWeek) end.wDayOfWeek+=7;
+ ret=(end.wDayOfWeek-start.wDayOfWeek)*24;
+
+ ret=(ret+end.wHour-start.wHour)*60;
+ ret=(ret+end.wMinute-start.wMinute)*60;
+ ret=(ret+end.wSecond-start.wSecond);
+ ret+=(end.wMilliseconds-start.wMilliseconds)/1000.0;
+
+ printf("win32 threads done - %.3f seconds\n",ret);
+ }
+
+#endif /* WIN32 */
+
+#ifdef SOLARIS
+
+static mutex_t lock_cs[CRYPTO_NUM_LOCKS];
+/*static rwlock_t lock_cs[CRYPTO_NUM_LOCKS]; */
+static long lock_count[CRYPTO_NUM_LOCKS];
+
+void thread_setup()
+ {
+ int i;
+
+ for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+ {
+ lock_count[i]=0;
+ /* rwlock_init(&(lock_cs[i]),USYNC_THREAD,NULL); */
+ mutex_init(&(lock_cs[i]),USYNC_THREAD,NULL);
+ }
+
+ CRYPTO_set_id_callback((unsigned long (*)())solaris_thread_id);
+ CRYPTO_set_locking_callback((void (*)())solaris_locking_callback);
+ }
+
+void thread_cleanup()
+ {
+ int i;
+
+ CRYPTO_set_locking_callback(NULL);
+fprintf(stderr,"cleanup\n");
+ for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+ {
+ /* rwlock_destroy(&(lock_cs[i])); */
+ mutex_destroy(&(lock_cs[i]));
+ fprintf(stderr,"%8ld:%s\n",lock_count[i],CRYPTO_get_lock_name(i));
+ }
+fprintf(stderr,"done cleanup\n");
+ }
+
+void solaris_locking_callback(mode,type,file,line)
+int mode;
+int type;
+char *file;
+int line;
+ {
+#ifdef undef
+fprintf(stderr,"thread=%4d mode=%s lock=%s %s:%d\n",
+ CRYPTO_thread_id(),
+ (mode&CRYPTO_LOCK)?"l":"u",
+ (type&CRYPTO_READ)?"r":"w",file,line);
+#endif
+
+/*
+if (CRYPTO_LOCK_SSL_CERT == type)
+ fprintf(stderr,"(t,m,f,l) %ld %d %s %d\n",
+ CRYPTO_thread_id(),
+ mode,file,line);
+*/
+ if (mode & CRYPTO_LOCK)
+ {
+ /* if (mode & CRYPTO_READ)
+ rw_rdlock(&(lock_cs[type]));
+ else
+ rw_wrlock(&(lock_cs[type])); */
+
+ mutex_lock(&(lock_cs[type]));
+ lock_count[type]++;
+ }
+ else
+ {
+/* rw_unlock(&(lock_cs[type])); */
+ mutex_unlock(&(lock_cs[type]));
+ }
+ }
+
+void do_threads(s_ctx,c_ctx)
+SSL_CTX *s_ctx,*c_ctx;
+ {
+ SSL_CTX *ssl_ctx[2];
+ thread_t thread_ctx[MAX_THREAD_NUMBER];
+ int i;
+
+ ssl_ctx[0]=s_ctx;
+ ssl_ctx[1]=c_ctx;
+
+ thr_setconcurrency(thread_number);
+ for (i=0; i<thread_number; i++)
+ {
+ thr_create(NULL, THREAD_STACK_SIZE,
+ (void *(*)())ndoit,
+ (void *)ssl_ctx,
+ 0L,
+ &(thread_ctx[i]));
+ }
+
+ printf("reaping\n");
+ for (i=0; i<thread_number; i++)
+ {
+ thr_join(thread_ctx[i],NULL,NULL);
+ }
+
+ printf("solaris threads done (%d,%d)\n",
+ s_ctx->references,c_ctx->references);
+ }
+
+unsigned long solaris_thread_id()
+ {
+ unsigned long ret;
+
+ ret=(unsigned long)thr_self();
+ return(ret);
+ }
+#endif /* SOLARIS */
+
+#ifdef IRIX
+
+
+static usptr_t *arena;
+static usema_t *lock_cs[CRYPTO_NUM_LOCKS];
+
+void thread_setup()
+ {
+ int i;
+ char filename[20];
+
+ strcpy(filename,"/tmp/mttest.XXXXXX");
+ mktemp(filename);
+
+ usconfig(CONF_STHREADIOOFF);
+ usconfig(CONF_STHREADMALLOCOFF);
+ usconfig(CONF_INITUSERS,100);
+ usconfig(CONF_LOCKTYPE,US_DEBUGPLUS);
+ arena=usinit(filename);
+ unlink(filename);
+
+ for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+ {
+ lock_cs[i]=usnewsema(arena,1);
+ }
+
+ CRYPTO_set_id_callback((unsigned long (*)())irix_thread_id);
+ CRYPTO_set_locking_callback((void (*)())irix_locking_callback);
+ }
+
+void thread_cleanup()
+ {
+ int i;
+
+ CRYPTO_set_locking_callback(NULL);
+ for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+ {
+ char buf[10];
+
+ sprintf(buf,"%2d:",i);
+ usdumpsema(lock_cs[i],stdout,buf);
+ usfreesema(lock_cs[i],arena);
+ }
+ }
+
+void irix_locking_callback(mode,type,file,line)
+int mode;
+int type;
+char *file;
+int line;
+ {
+ if (mode & CRYPTO_LOCK)
+ {
+ printf("lock %d\n",type);
+ uspsema(lock_cs[type]);
+ }
+ else
+ {
+ printf("unlock %d\n",type);
+ usvsema(lock_cs[type]);
+ }
+ }
+
+void do_threads(s_ctx,c_ctx)
+SSL_CTX *s_ctx,*c_ctx;
+ {
+ SSL_CTX *ssl_ctx[2];
+ int thread_ctx[MAX_THREAD_NUMBER];
+ int i;
+
+ ssl_ctx[0]=s_ctx;
+ ssl_ctx[1]=c_ctx;
+
+ for (i=0; i<thread_number; i++)
+ {
+ thread_ctx[i]=sproc((void (*)())ndoit,
+ PR_SADDR|PR_SFDS,(void *)ssl_ctx);
+ }
+
+ printf("reaping\n");
+ for (i=0; i<thread_number; i++)
+ {
+ wait(NULL);
+ }
+
+ printf("irix threads done (%d,%d)\n",
+ s_ctx->references,c_ctx->references);
+ }
+
+unsigned long irix_thread_id()
+ {
+ unsigned long ret;
+
+ ret=(unsigned long)getpid();
+ return(ret);
+ }
+#endif /* IRIX */
+
+#ifdef PTHREADS
+
+static pthread_mutex_t lock_cs[CRYPTO_NUM_LOCKS];
+static long lock_count[CRYPTO_NUM_LOCKS];
+
+void thread_setup()
+ {
+ int i;
+
+ for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+ {
+ lock_count[i]=0;
+ pthread_mutex_init(&(lock_cs[i]),NULL);
+ }
+
+ CRYPTO_set_id_callback((unsigned long (*)())pthreads_thread_id);
+ CRYPTO_set_locking_callback((void (*)())pthreads_locking_callback);
+ }
+
+void thread_cleanup()
+ {
+ int i;
+
+ CRYPTO_set_locking_callback(NULL);
+ fprintf(stderr,"cleanup\n");
+ for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+ {
+ pthread_mutex_destroy(&(lock_cs[i]));
+ fprintf(stderr,"%8ld:%s\n",lock_count[i],
+ CRYPTO_get_lock_name(i));
+ }
+ fprintf(stderr,"done cleanup\n");
+ }
+
+void pthreads_locking_callback(mode,type,file,line)
+int mode;
+int type;
+char *file;
+int line;
+ {
+#ifdef undef
+ fprintf(stderr,"thread=%4d mode=%s lock=%s %s:%d\n",
+ CRYPTO_thread_id(),
+ (mode&CRYPTO_LOCK)?"l":"u",
+ (type&CRYPTO_READ)?"r":"w",file,line);
+#endif
+/*
+ if (CRYPTO_LOCK_SSL_CERT == type)
+ fprintf(stderr,"(t,m,f,l) %ld %d %s %d\n",
+ CRYPTO_thread_id(),
+ mode,file,line);
+*/
+ if (mode & CRYPTO_LOCK)
+ {
+ pthread_mutex_lock(&(lock_cs[type]));
+ lock_count[type]++;
+ }
+ else
+ {
+ pthread_mutex_unlock(&(lock_cs[type]));
+ }
+ }
+
+void do_threads(s_ctx,c_ctx)
+SSL_CTX *s_ctx,*c_ctx;
+ {
+ SSL_CTX *ssl_ctx[2];
+ pthread_t thread_ctx[MAX_THREAD_NUMBER];
+ int i;
+
+ ssl_ctx[0]=s_ctx;
+ ssl_ctx[1]=c_ctx;
+
+ /*
+ thr_setconcurrency(thread_number);
+ */
+ for (i=0; i<thread_number; i++)
+ {
+ pthread_create(&(thread_ctx[i]), NULL,
+ (void *(*)())ndoit, (void *)ssl_ctx);
+ }
+
+ printf("reaping\n");
+ for (i=0; i<thread_number; i++)
+ {
+ pthread_join(thread_ctx[i],NULL);
+ }
+
+ printf("pthreads threads done (%d,%d)\n",
+ s_ctx->references,c_ctx->references);
+ }
+
+unsigned long pthreads_thread_id()
+ {
+ unsigned long ret;
+
+ ret=(unsigned long)pthread_self();
+ return(ret);
+ }
+
+#endif /* PTHREADS */
+
+
+
diff --git a/src/lib/libcrypto/threads/th-lock.c b/src/lib/libcrypto/threads/th-lock.c
new file mode 100644
index 0000000000..039022446d
--- /dev/null
+++ b/src/lib/libcrypto/threads/th-lock.c
@@ -0,0 +1,399 @@
+/* crypto/threads/th-lock.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#ifdef LINUX
+#include <typedefs.h>
+#endif
+#ifdef WIN32
+#include <windows.h>
+#endif
+#ifdef SOLARIS
+#include <synch.h>
+#include <thread.h>
+#endif
+#ifdef IRIX
+#include <ulocks.h>
+#include <sys/prctl.h>
+#endif
+#include "lhash.h"
+#include "crypto.h"
+#include "buffer.h"
+#include "e_os.h"
+#include "x509.h"
+#include "ssl.h"
+#include "err.h"
+
+#ifndef NOPROTO
+int CRYPTO_thread_setup(void);
+void CRYPTO_thread_cleanup(void);
+
+static void irix_locking_callback(int mode,int type,char *file,int line);
+static void solaris_locking_callback(int mode,int type,char *file,int line);
+static void win32_locking_callback(int mode,int type,char *file,int line);
+static void pthreads_locking_callback(int mode,int type,char *file,int line);
+
+static unsigned long irix_thread_id(void );
+static unsigned long solaris_thread_id(void );
+static unsigned long pthreads_thread_id(void );
+
+#else
+int CRYPOTO_thread_setup();
+void CRYPTO_cleanup();
+
+static void irix_locking_callback();
+static void solaris_locking_callback();
+static void win32_locking_callback();
+static void pthreads_locking_callback();
+
+static unsigned long irix_thread_id();
+static unsigned long solaris_thread_id();
+static unsigned long pthreads_thread_id();
+
+#endif
+
+/* usage:
+ * CRYPTO_thread_setup();
+ * applicaion code
+ * CRYPTO_thread_cleanup();
+ */
+
+#define THREAD_STACK_SIZE (16*1024)
+
+#ifdef WIN32
+
+static HANDLE lock_cs[CRYPTO_NUM_LOCKS];
+
+int CRYPTO_thread_setup()
+ {
+ int i;
+
+ for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+ {
+ lock_cs[i]=CreateMutex(NULL,FALSE,NULL);
+ }
+
+ CRYPTO_set_locking_callback((void (*)(int,int,char *,int))win32_locking_callback);
+ /* id callback defined */
+ return(1);
+ }
+
+static void CRYPTO_thread_cleanup()
+ {
+ int i;
+
+ CRYPTO_set_locking_callback(NULL);
+ for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+ CloseHandle(lock_cs[i]);
+ }
+
+void win32_locking_callback(mode,type,file,line)
+int mode;
+int type;
+char *file;
+int line;
+ {
+ if (mode & CRYPTO_LOCK)
+ {
+ WaitForSingleObject(lock_cs[type],INFINITE);
+ }
+ else
+ {
+ ReleaseMutex(lock_cs[type]);
+ }
+ }
+
+#endif /* WIN32 */
+
+#ifdef SOLARIS
+
+#define USE_MUTEX
+
+static mutex_t lock_cs[CRYPTO_NUM_LOCKS];
+#ifdef USE_MUTEX
+static long lock_count[CRYPTO_NUM_LOCKS];
+#else
+static rwlock_t lock_cs[CRYPTO_NUM_LOCKS];
+#endif
+
+void CRYPTO_thread_setup()
+ {
+ int i;
+
+ for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+ {
+ lock_count[i]=0;
+#ifdef USE_MUTEX
+ mutex_init(&(lock_cs[i]),USYNC_THREAD,NULL);
+#else
+ rwlock_init(&(lock_cs[i]),USYNC_THREAD,NULL);
+#endif
+ }
+
+ CRYPTO_set_id_callback((unsigned long (*)())solaris_thread_id);
+ CRYPTO_set_locking_callback((void (*)())solaris_locking_callback);
+ }
+
+void CRYPTO_thread_cleanup()
+ {
+ int i;
+
+ CRYPTO_set_locking_callback(NULL);
+ for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+ {
+#ifdef USE_MUTEX
+ mutex_destroy(&(lock_cs[i]));
+#else
+ rwlock_destroy(&(lock_cs[i]));
+#endif
+ }
+ }
+
+void solaris_locking_callback(mode,type,file,line)
+int mode;
+int type;
+char *file;
+int line;
+ {
+#if 0
+ fprintf(stderr,"thread=%4d mode=%s lock=%s %s:%d\n",
+ CRYPTO_thread_id(),
+ (mode&CRYPTO_LOCK)?"l":"u",
+ (type&CRYPTO_READ)?"r":"w",file,line);
+#endif
+
+#if 0
+ if (CRYPTO_LOCK_SSL_CERT == type)
+ fprintf(stderr,"(t,m,f,l) %ld %d %s %d\n",
+ CRYPTO_thread_id(),
+ mode,file,line);
+#endif
+ if (mode & CRYPTO_LOCK)
+ {
+#ifdef USE_MUTEX
+ mutex_lock(&(lock_cs[type]));
+#else
+ if (mode & CRYPTO_READ)
+ rw_rdlock(&(lock_cs[type]));
+ else
+ rw_wrlock(&(lock_cs[type]));
+#endif
+ lock_count[type]++;
+ }
+ else
+ {
+#ifdef USE_MUTEX
+ mutex_unlock(&(lock_cs[type]));
+#else
+ rw_unlock(&(lock_cs[type]));
+#endif
+ }
+ }
+
+unsigned long solaris_thread_id()
+ {
+ unsigned long ret;
+
+ ret=(unsigned long)thr_self();
+ return(ret);
+ }
+#endif /* SOLARIS */
+
+#ifdef IRIX
+/* I don't think this works..... */
+
+static usptr_t *arena;
+static usema_t *lock_cs[CRYPTO_NUM_LOCKS];
+
+void CRYPTO_thread_setup()
+ {
+ int i;
+ char filename[20];
+
+ strcpy(filename,"/tmp/mttest.XXXXXX");
+ mktemp(filename);
+
+ usconfig(CONF_STHREADIOOFF);
+ usconfig(CONF_STHREADMALLOCOFF);
+ usconfig(CONF_INITUSERS,100);
+ usconfig(CONF_LOCKTYPE,US_DEBUGPLUS);
+ arena=usinit(filename);
+ unlink(filename);
+
+ for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+ {
+ lock_cs[i]=usnewsema(arena,1);
+ }
+
+ CRYPTO_set_id_callback((unsigned long (*)())irix_thread_id);
+ CRYPTO_set_locking_callback((void (*)())irix_locking_callback);
+ }
+
+void CRYPTO_thread_cleanup()
+ {
+ int i;
+
+ CRYPTO_set_locking_callback(NULL);
+ for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+ {
+ char buf[10];
+
+ sprintf(buf,"%2d:",i);
+ usdumpsema(lock_cs[i],stdout,buf);
+ usfreesema(lock_cs[i],arena);
+ }
+ }
+
+void irix_locking_callback(mode,type,file,line)
+int mode;
+int type;
+char *file;
+int line;
+ {
+ if (mode & CRYPTO_LOCK)
+ {
+ uspsema(lock_cs[type]);
+ }
+ else
+ {
+ usvsema(lock_cs[type]);
+ }
+ }
+
+unsigned long irix_thread_id()
+ {
+ unsigned long ret;
+
+ ret=(unsigned long)getpid();
+ return(ret);
+ }
+#endif /* IRIX */
+
+/* Linux and a few others */
+#ifdef PTHREADS
+
+static pthread_mutex_t lock_cs[CRYPTO_NUM_LOCKS];
+static long lock_count[CRYPTO_NUM_LOCKS];
+
+void CRYPTO_thread_setup()
+ {
+ int i;
+
+ for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+ {
+ lock_count[i]=0;
+ pthread_mutex_init(&(lock_cs[i]),NULL);
+ }
+
+ CRYPTO_set_id_callback((unsigned long (*)())pthreads_thread_id);
+ CRYPTO_set_locking_callback((void (*)())pthreads_locking_callback);
+ }
+
+void thread_cleanup()
+ {
+ int i;
+
+ CRYPTO_set_locking_callback(NULL);
+ for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+ {
+ pthread_mutex_destroy(&(lock_cs[i]));
+ }
+ }
+
+void pthreads_locking_callback(mode,type,file,line)
+int mode;
+int type;
+char *file;
+int line;
+ {
+#if 0
+ fprintf(stderr,"thread=%4d mode=%s lock=%s %s:%d\n",
+ CRYPTO_thread_id(),
+ (mode&CRYPTO_LOCK)?"l":"u",
+ (type&CRYPTO_READ)?"r":"w",file,line);
+#endif
+#if 0
+ if (CRYPTO_LOCK_SSL_CERT == type)
+ fprintf(stderr,"(t,m,f,l) %ld %d %s %d\n",
+ CRYPTO_thread_id(),
+ mode,file,line);
+#endif
+ if (mode & CRYPTO_LOCK)
+ {
+ pthread_mutex_lock(&(lock_cs[type]));
+ lock_count[type]++;
+ }
+ else
+ {
+ pthread_mutex_unlock(&(lock_cs[type]));
+ }
+ }
+
+unsigned long pthreads_thread_id()
+ {
+ unsigned long ret;
+
+ ret=(unsigned long)pthread_self();
+ return(ret);
+ }
+
+#endif /* PTHREADS */
+
diff --git a/src/lib/libcrypto/tmdiff.c b/src/lib/libcrypto/tmdiff.c
new file mode 100644
index 0000000000..b93799fc03
--- /dev/null
+++ b/src/lib/libcrypto/tmdiff.c
@@ -0,0 +1,217 @@
+/* crypto/tmdiff.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include <stdlib.h>
+
+#ifndef MSDOS
+# ifndef WIN32
+# define TIMES
+# endif
+#endif
+
+#ifndef VMS
+# ifndef _IRIX
+# include <time.h>
+# endif
+# ifdef TIMES
+# include <sys/types.h>
+# include <sys/times.h>
+# endif
+#else /* VMS */
+# include <types.h>
+ struct tms {
+ time_t tms_utime;
+ time_t tms_stime;
+ time_t tms_uchild; /* I dunno... */
+ time_t tms_uchildsys; /* so these names are a guess :-) */
+ }
+#endif /* VMS */
+
+#ifdef sun
+#include <limits.h>
+#include <sys/param.h>
+#endif
+
+#ifndef TIMES
+#include <sys/timeb.h>
+#endif
+
+#ifdef WIN32
+#include <windows.h>
+#endif
+
+/* The following if from times(3) man page. It may need to be changed */
+#ifndef HZ
+# ifndef CLK_TCK
+# ifndef _BSD_CLK_TCK_ /* FreeBSD hack */
+# ifndef VMS
+# define HZ 100.0
+# else /* VMS */
+# define HZ 100.0
+# endif
+# else /* _BSD_CLK_TCK_ */
+# define HZ ((double)_BSD_CLK_TCK_)
+# endif
+# else /* CLK_TCK */
+# define HZ ((double)CLK_TCK)
+# endif
+#endif
+
+typedef struct ms_tm
+ {
+#ifdef TIMES
+ struct tms ms_tms;
+#else
+# ifdef WIN32
+ HANDLE thread_id;
+ FILETIME ms_win32;
+# else
+ struct timeb ms_timeb;
+# endif
+#endif
+ } MS_TM;
+
+char *ms_time_init()
+ {
+ MS_TM *ret;
+
+ ret=malloc(sizeof(MS_TM));
+ if (ret == NULL)
+ return(NULL);
+ memset(ret,0,sizeof(MS_TM));
+#ifdef WIN32
+ ret->thread_id=GetCurrentThread();
+#endif
+ return((char *)ret);
+ }
+
+void ms_time_final(a)
+char *a;
+ {
+ if (a != NULL)
+ free(a);
+ }
+
+void ms_time_get(a)
+char *a;
+ {
+ MS_TM *tm=(MS_TM *)a;
+ FILETIME tmpa,tmpb,tmpc;
+
+#ifdef TIMES
+ printf("AAA\n");
+ times(&tm->ms_tms);
+#else
+# ifdef WIN32
+ GetThreadTimes(tm->thread_id,&tmpa,&tmpb,&tmpc,&(tm->ms_win32));
+# else
+ printf("CCC\n");
+ ftime(tm->ms_timeb);
+# endif
+#endif
+ }
+
+double ms_time_diff(ap,bp)
+char *ap,*bp;
+ {
+ MS_TM *a=(MS_TM *)ap;
+ MS_TM *b=(MS_TM *)bp;
+ double ret;
+
+#ifdef TIMES
+ ret=(b->ms_tms.tms_utime-a->ms_tms.tms_utime)/HZ;
+#else
+# ifdef WIN32
+ ret =(double)(b->ms_win32.dwHighDateTime&0x000fffff)*10+
+ b->ms_win32.dwLowDateTime/1e7;
+ ret-=(double)(a->ms_win32.dwHighDateTime&0x000fffff)*10+a->ms_win32.dwLowDateTime/1e7;
+# else
+ ret= (double)(b->time-a->time)+
+ ((double)((unsigned long)b->mullitm-(unsigned long)))/1000.0;
+# endif
+#endif
+ return((ret < 0.0000001)?0.0000001:ret);
+ }
+
+int ms_time_cmp(ap,bp)
+char *ap,*bp;
+ {
+ MS_TM *a=(MS_TM *)ap,*b=(MS_TM *)bp;
+ double d;
+ int ret;
+
+#ifdef TIMES
+ d=(b->ms_tms.tms_utime-a->ms_tms.tms_utime)/HZ;
+#else
+# ifdef WIN32
+ d =(b->ms_win32.dwHighDateTime&0x000fffff)*10+b->ms_win32.dwLowDateTime/1e7;
+ d-=(a->ms_win32.dwHighDateTime&0x000fffff)*10+a->ms_win32.dwLowDateTime/1e7;
+# else
+ d= (double)(b->time-a->time)+
+ ((double)((unsigned long)b->mullitm-(unsigned long)))/1000.0;
+# endif
+#endif
+ if (d == 0.0)
+ ret=0;
+ else if (d < 0)
+ ret= -1;
+ else
+ ret=1;
+ return(ret);
+ }
+
diff --git a/src/lib/libcrypto/util/FreeBSD.sh b/src/lib/libcrypto/util/FreeBSD.sh
new file mode 100644
index 0000000000..db8edfc6aa
--- /dev/null
+++ b/src/lib/libcrypto/util/FreeBSD.sh
@@ -0,0 +1,6 @@
+#!/bin/sh
+
+perl util/perlpath.pl /usr/bin
+perl util/ssldir.pl /usr/local
+perl util/mk1mf.pl FreeBSD >Makefile.FreeBSD
+perl Configure FreeBSD
diff --git a/src/lib/libcrypto/util/add_cr.pl b/src/lib/libcrypto/util/add_cr.pl
new file mode 100644
index 0000000000..ddd6d61e2d
--- /dev/null
+++ b/src/lib/libcrypto/util/add_cr.pl
@@ -0,0 +1,123 @@
+#!/usr/bin/perl
+#
+# This adds a copyright message to a souce code file.
+# It also gets the file name correct.
+#
+# perl util/add_cr.pl *.[ch] */*.[ch] */*/*.[ch]
+#
+
+foreach (@ARGV)
+ {
+ &dofile($_);
+ }
+
+sub dofile
+ {
+ local($file)=@_;
+
+ open(IN,"<$file") || die "unable to open $file:$!\n";
+
+ print STDERR "doing $file\n";
+ @in=<IN>;
+
+ return(1) if ($in[0] =~ / NOCW /);
+
+ @out=();
+ open(OUT,">$file.out") || die "unable to open $file.$$:$!\n";
+ push(@out,"/* $file */\n");
+ if (($in[1] !~ /^\/\* Copyright \(C\) [0-9-]+ Eric Young \(eay\@cryptsoft.com\)/))
+ {
+ push(@out,&Copyright);
+ $i=2;
+ @a=grep(/ Copyright \(C\) /,@in);
+ if ($#a >= 0)
+ {
+ while (($i <= $#in) && ($in[$i] ne " */\n"))
+ { $i++; }
+ $i++ if ($in[$i] eq " */\n");
+
+ while (($i <= $#in) && ($in[$i] =~ /^\s*$/))
+ { $i++; }
+
+ push(@out,"\n");
+ for ( ; $i <= $#in; $i++)
+ { push(@out,$in[$i]); }
+ }
+ else
+ { push(@out,@in); }
+ }
+ else
+ {
+ shift(@in);
+ push(@out,@in);
+ }
+ print OUT @out;
+ close(IN);
+ close(OUT);
+ rename("$file","$file.orig") || die "unable to rename $file:$!\n";
+ rename("$file.out",$file) || die "unable to rename $file.out:$!\n";
+ }
+
+
+
+sub Copyright
+ {
+ return <<'EOF';
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+EOF
+ }
diff --git a/src/lib/libcrypto/util/bat.sh b/src/lib/libcrypto/util/bat.sh
new file mode 100644
index 0000000000..c6f48e8a7b
--- /dev/null
+++ b/src/lib/libcrypto/util/bat.sh
@@ -0,0 +1,132 @@
+#!/usr/local/bin/perl
+
+$infile="/home/eay/ssl/SSLeay/MINFO";
+
+open(IN,"<$infile") || die "unable to open $infile:$!\n";
+$_=<IN>;
+for (;;)
+ {
+ chop;
+
+ ($key,$val)=/^([^=]+)=(.*)/;
+ if ($key eq "RELATIVE_DIRECTORY")
+ {
+ if ($lib ne "")
+ {
+ $uc=$lib;
+ $uc =~ s/^lib(.*)\.a/$1/;
+ $uc =~ tr/a-z/A-Z/;
+ $lib_nam{$uc}=$uc;
+ $lib_obj{$uc}.=$libobj." ";
+ }
+ last if ($val eq "FINISHED");
+ $lib="";
+ $libobj="";
+ $dir=$val;
+ }
+
+ if ($key eq "TEST")
+ { $test.=&var_add($dir,$val); }
+
+ if (($key eq "PROGS") || ($key eq "E_OBJ"))
+ { $e_exe.=&var_add($dir,$val); }
+
+ if ($key eq "LIB")
+ {
+ $lib=$val;
+ $lib =~ s/^.*\/([^\/]+)$/$1/;
+ }
+
+ if ($key eq "EXHEADER")
+ { $exheader.=&var_add($dir,$val); }
+
+ if ($key eq "HEADER")
+ { $header.=&var_add($dir,$val); }
+
+ if ($key eq "LIBSRC")
+ { $libsrc.=&var_add($dir,$val); }
+
+ if (!($_=<IN>))
+ { $_="RELATIVE_DIRECTORY=FINISHED\n"; }
+ }
+close(IN);
+
+@a=split(/\s+/,$libsrc);
+foreach (@a)
+ {
+ print "${_}.c\n";
+ }
+
+sub var_add
+ {
+ local($dir,$val)=@_;
+ local(@a,$_,$ret);
+
+ return("") if $no_idea && $dir =~ /\/idea/;
+ return("") if $no_rc2 && $dir =~ /\/rc2/;
+ return("") if $no_rc4 && $dir =~ /\/rc4/;
+ return("") if $no_rsa && $dir =~ /\/rsa/;
+ return("") if $no_rsa && $dir =~ /^rsaref/;
+ return("") if $no_dsa && $dir =~ /\/dsa/;
+ return("") if $no_dh && $dir =~ /\/dh/;
+ if ($no_des && $dir =~ /\/des/)
+ {
+ if ($val =~ /read_pwd/)
+ { return("$dir/read_pwd "); }
+ else
+ { return(""); }
+ }
+ return("") if $no_mdc2 && $dir =~ /\/mdc2/;
+ return("") if $no_sock && $dir =~ /\/proxy/;
+ return("") if $no_bf && $dir =~ /\/bf/;
+ return("") if $no_cast && $dir =~ /\/cast/;
+
+ $val =~ s/^\s*(.*)\s*$/$1/;
+ @a=split(/\s+/,$val);
+ grep(s/\.[och]$//,@a);
+
+ @a=grep(!/^e_.*_3d$/,@a) if $no_des;
+ @a=grep(!/^e_.*_d$/,@a) if $no_des;
+ @a=grep(!/^e_.*_i$/,@a) if $no_idea;
+ @a=grep(!/^e_.*_r2$/,@a) if $no_rc2;
+ @a=grep(!/^e_.*_bf$/,@a) if $no_bf;
+ @a=grep(!/^e_.*_c$/,@a) if $no_cast;
+ @a=grep(!/^e_rc4$/,@a) if $no_rc4;
+
+ @a=grep(!/(^s2_)|(^s23_)/,@a) if $no_ssl2;
+ @a=grep(!/(^s3_)|(^s23_)/,@a) if $no_ssl3;
+
+ @a=grep(!/(_sock$)|(_acpt$)|(_conn$)|(^pxy_)/,@a) if $no_sock;
+
+ @a=grep(!/(^md2)|(_md2$)/,@a) if $no_md2;
+ @a=grep(!/(^md5)|(_md5$)/,@a) if $no_md5;
+
+ @a=grep(!/(^d2i_r_)|(^i2d_r_)/,@a) if $no_rsa;
+ @a=grep(!/(^p_open$)|(^p_seal$)/,@a) if $no_rsa;
+ @a=grep(!/(^pem_seal$)/,@a) if $no_rsa;
+
+ @a=grep(!/(m_dss$)|(m_dss1$)/,@a) if $no_dsa;
+ @a=grep(!/(^d2i_s_)|(^i2d_s_)|(_dsap$)/,@a) if $no_dsa;
+
+ @a=grep(!/^n_pkey$/,@a) if $no_rsa || $no_rc4;
+
+ @a=grep(!/_dhp$/,@a) if $no_dh;
+
+ @a=grep(!/(^sha[^1])|(_sha$)|(m_dss$)/,@a) if $no_sha;
+ @a=grep(!/(^sha1)|(_sha1$)|(m_dss1$)/,@a) if $no_sha1;
+ @a=grep(!/_mdc2$/,@a) if $no_mdc2;
+
+ @a=grep(!/(^rsa$)|(^genrsa$)|(^req$)|(^ca$)/,@a) if $no_rsa;
+ @a=grep(!/(^dsa$)|(^gendsa$)|(^dsaparam$)/,@a) if $no_dsa;
+ @a=grep(!/^gendsa$/,@a) if $no_sha1;
+ @a=grep(!/(^dh$)|(^gendh$)/,@a) if $no_dh;
+
+ @a=grep(!/(^dh)|(_sha1$)|(m_dss1$)/,@a) if $no_sha1;
+
+ grep($_="$dir/$_",@a);
+ @a=grep(!/(^|\/)s_/,@a) if $no_sock;
+ @a=grep(!/(^|\/)bio_sock/,@a) if $no_sock;
+ $ret=join(' ',@a)." ";
+ return($ret);
+ }
+
diff --git a/src/lib/libcrypto/util/ck_errf.pl b/src/lib/libcrypto/util/ck_errf.pl
new file mode 100644
index 0000000000..c5764e40df
--- /dev/null
+++ b/src/lib/libcrypto/util/ck_errf.pl
@@ -0,0 +1,44 @@
+#!/usr/bin/perl
+#
+# This is just a quick script to scan for cases where the 'error'
+# function name in a XXXerr() macro is wrong.
+#
+# Run in the top level by going
+# perl util/ck_errf.pl */*.c */*/*.c
+#
+
+foreach $file (@ARGV)
+ {
+ open(IN,"<$file") || die "unable to open $file\n";
+ $func="";
+ while (<IN>)
+ {
+ if (/^[a-zA-Z].+[\s*]([A-Za-z_0-9]+)\(.*\)/)
+ {
+ $func=$1;
+ $func =~ tr/A-Z/a-z/;
+ }
+ if (/([A-Z0-9]+)err\(([^,]+)/)
+ {
+ next if ($func eq "");
+ $errlib=$1;
+ $n=$2;
+ if ($n !~ /([^_]+)_F_(.+)$/)
+ {
+ # print "check -$file:$.:$func:$n\n";
+ next;
+ }
+ $lib=$1;
+ $n=$2;
+
+ if ($lib ne $errlib)
+ { print "$file:$.:$func:$n\n"; next; }
+
+ $n =~ tr/A-Z/a-z/;
+ if (($n ne $func) && ($errlib ne "SYS"))
+ { print "$file:$.:$func:$n\n"; next; }
+ # print "$func:$1\n";
+ }
+ }
+ }
+
diff --git a/src/lib/libcrypto/util/deleof.pl b/src/lib/libcrypto/util/deleof.pl
new file mode 100644
index 0000000000..04f30f0e47
--- /dev/null
+++ b/src/lib/libcrypto/util/deleof.pl
@@ -0,0 +1,7 @@
+#!/usr/bin/perl
+
+while (<>)
+ {
+ print
+ last if (/^# DO NOT DELETE THIS LINE/);
+ }
diff --git a/src/lib/libcrypto/util/do_ms.sh b/src/lib/libcrypto/util/do_ms.sh
new file mode 100644
index 0000000000..f498d842b7
--- /dev/null
+++ b/src/lib/libcrypto/util/do_ms.sh
@@ -0,0 +1,17 @@
+#!/bin/sh
+#
+# generate the Microsoft makefiles and .def files
+#
+
+PATH=util:../util:$PATH
+
+# perl util/mk1mf.pl VC-MSDOS no-sock >ms/msdos.mak
+# perl util/mk1mf.pl VC-W31-32 >ms/w31.mak
+perl util/mk1mf.pl VC-WIN16 dll >ms/w31dll.mak
+# perl util/mk1mf.pl VC-WIN32 >ms/nt.mak
+perl util/mk1mf.pl VC-WIN32 dll >ms/ntdll.mak
+
+perl util/mkdef.pl 16 libeay > ms/libeay16.def
+perl util/mkdef.pl 32 libeay > ms/libeay32.def
+perl util/mkdef.pl 16 ssleay > ms/ssleay16.def
+perl util/mkdef.pl 32 ssleay > ms/ssleay32.def
diff --git a/src/lib/libcrypto/util/err-ins.pl b/src/lib/libcrypto/util/err-ins.pl
new file mode 100644
index 0000000000..db1bb48275
--- /dev/null
+++ b/src/lib/libcrypto/util/err-ins.pl
@@ -0,0 +1,33 @@
+#!/usr/bin/perl
+#
+# tack error codes onto the end of a file
+#
+
+open(ERR,$ARGV[0]) || die "unable to open error file '$ARGV[0]':$!\n";
+@err=<ERR>;
+close(ERR);
+
+open(IN,$ARGV[1]) || die "unable to open header file '$ARGV[1]':$!\n";
+
+@out="";
+while (<IN>)
+ {
+ push(@out,$_);
+ last if /BEGIN ERROR CODES/;
+ }
+close(IN);
+
+open(OUT,">$ARGV[1]") || die "unable to open header file '$ARGV[1]':$1\n";
+print OUT @out;
+print OUT @err;
+print OUT <<"EOF";
+
+#ifdef __cplusplus
+}
+#endif
+#endif
+
+EOF
+close(OUT);
+
+
diff --git a/src/lib/libcrypto/util/files.pl b/src/lib/libcrypto/util/files.pl
new file mode 100644
index 0000000000..bf3b7effdc
--- /dev/null
+++ b/src/lib/libcrypto/util/files.pl
@@ -0,0 +1,61 @@
+#!/usr/bin/perl
+#
+# used to generate the file MINFO for use by util/mk1mf.pl
+# It is basically a list of all variables from the passed makefile
+#
+
+$s="";
+while (<>)
+ {
+ chop;
+ s/#.*//;
+ if (/^(\S+)\s*=\s*(.*)$/)
+ {
+ $o="";
+ ($s,$b)=($1,$2);
+ for (;;)
+ {
+ if ($b =~ /\\$/)
+ {
+ chop($b);
+ $o.=$b." ";
+ $b=<>;
+ chop($b);
+ }
+ else
+ {
+ $o.=$b." ";
+ last;
+ }
+ }
+ $o =~ s/^\s+//;
+ $o =~ s/\s+$//;
+ $o =~ s/\s+/ /g;
+
+ $o =~ s/\$[({]([^)}]+)[)}]/$sym{$1}/g;
+ $sym{$s}=$o;
+ }
+ }
+
+$pwd=`pwd`; chop($pwd);
+
+if ($sym{'TOP'} eq ".")
+ {
+ $n=0;
+ $dir=".";
+ }
+else {
+ $n=split(/\//,$sym{'TOP'});
+ @_=split(/\//,$pwd);
+ $z=$#_-$n+1;
+ foreach $i ($z .. $#_) { $dir.=$_[$i]."/"; }
+ chop($dir);
+ }
+
+print "RELATIVE_DIRECTORY=$dir\n";
+
+foreach (sort keys %sym)
+ {
+ print "$_=$sym{$_}\n";
+ }
+print "RELATIVE_DIRECTORY=\n";
diff --git a/src/lib/libcrypto/util/fixNT.sh b/src/lib/libcrypto/util/fixNT.sh
new file mode 100644
index 0000000000..ce4f19299b
--- /dev/null
+++ b/src/lib/libcrypto/util/fixNT.sh
@@ -0,0 +1,14 @@
+#!/bin/sh
+#
+# clean up the mess that NT makes of my source tree
+#
+
+if [ -f makefile.ssl -a ! -f Makefile.ssl ]; then
+ /bin/mv makefile.ssl Makefile.ssl
+fi
+chmod +x Configure util/*
+echo cleaning
+/bin/rm -f `find . -name '*.$$$' -print` 2>/dev/null >/dev/null
+echo 'removing those damn ^M'
+perl -pi -e 's/\015//' `find . -type 'f' -print |grep -v '.obj$' |grep -v '.der$' |grep -v '.gz'`
+make -f Makefile.ssl links
diff --git a/src/lib/libcrypto/util/install.sh b/src/lib/libcrypto/util/install.sh
new file mode 100644
index 0000000000..e1d0c982df
--- /dev/null
+++ b/src/lib/libcrypto/util/install.sh
@@ -0,0 +1,108 @@
+#!/bin/sh
+#
+# install - install a program, script, or datafile
+# This comes from X11R5; it is not part of GNU.
+#
+# $XConsortium: install.sh,v 1.2 89/12/18 14:47:22 jim Exp $
+#
+# This script is compatible with the BSD install script, but was written
+# from scratch.
+#
+
+
+# set DOITPROG to echo to test this script
+
+doit="${DOITPROG:-}"
+
+
+# put in absolute paths if you don't have them in your path; or use env. vars.
+
+mvprog="${MVPROG:-mv}"
+cpprog="${CPPROG:-cp}"
+chmodprog="${CHMODPROG:-chmod}"
+chownprog="${CHOWNPROG:-chown}"
+chgrpprog="${CHGRPPROG:-chgrp}"
+stripprog="${STRIPPROG:-strip}"
+rmprog="${RMPROG:-rm}"
+
+instcmd="$mvprog"
+chmodcmd=""
+chowncmd=""
+chgrpcmd=""
+stripcmd=""
+rmcmd="$rmprog -f"
+src=""
+dst=""
+
+while [ x"$1" != x ]; do
+ case $1 in
+ -c) instcmd="$cpprog"
+ shift
+ continue;;
+
+ -m) chmodcmd="$chmodprog $2"
+ shift
+ shift
+ continue;;
+
+ -o) chowncmd="$chownprog $2"
+ shift
+ shift
+ continue;;
+
+ -g) chgrpcmd="$chgrpprog $2"
+ shift
+ shift
+ continue;;
+
+ -s) stripcmd="$stripprog"
+ shift
+ continue;;
+
+ *) if [ x"$src" = x ]
+ then
+ src=$1
+ else
+ dst=$1
+ fi
+ shift
+ continue;;
+ esac
+done
+
+if [ x"$src" = x ]
+then
+ echo "install: no input file specified"
+ exit 1
+fi
+
+if [ x"$dst" = x ]
+then
+ echo "install: no destination specified"
+ exit 1
+fi
+
+
+# if destination is a directory, append the input filename; if your system
+# does not like double slashes in filenames, you may need to add some logic
+
+if [ -d $dst ]
+then
+ dst="$dst"/`basename $src`
+fi
+
+
+# get rid of the old one and mode the new one in
+
+$doit $rmcmd $dst
+$doit $instcmd $src $dst
+
+
+# and set any options; do chmod last to preserve setuid bits
+
+if [ x"$chowncmd" != x ]; then $doit $chowncmd $dst; fi
+if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dst; fi
+if [ x"$stripcmd" != x ]; then $doit $stripcmd $dst; fi
+if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dst; fi
+
+exit 0
diff --git a/src/lib/libcrypto/util/libeay.num b/src/lib/libcrypto/util/libeay.num
new file mode 100644
index 0000000000..fcaf254287
--- /dev/null
+++ b/src/lib/libcrypto/util/libeay.num
@@ -0,0 +1,1065 @@
+SSLeay 1
+SSLeay_version 2
+ASN1_BIT_STRING_asn1_meth 3
+ASN1_HEADER_free 4
+ASN1_HEADER_new 5
+ASN1_IA5STRING_asn1_meth 6
+ASN1_INTEGER_get 7
+ASN1_INTEGER_set 8
+ASN1_INTEGER_to_BN 9
+ASN1_OBJECT_create 10
+ASN1_OBJECT_free 11
+ASN1_OBJECT_new 12
+ASN1_PRINTABLE_type 13
+ASN1_STRING_cmp 14
+ASN1_STRING_dup 15
+ASN1_STRING_free 16
+ASN1_STRING_new 17
+ASN1_STRING_print 18
+ASN1_STRING_set 19
+ASN1_STRING_type_new 20
+ASN1_TYPE_free 21
+ASN1_TYPE_new 22
+ASN1_UNIVERSALSTRING_to_string 23
+ASN1_UTCTIME_check 24
+ASN1_UTCTIME_print 25
+ASN1_UTCTIME_set 26
+ASN1_check_infinite_end 27
+ASN1_d2i_bio 28
+ASN1_d2i_fp 29
+ASN1_digest 30
+ASN1_dup 31
+ASN1_get_object 32
+ASN1_i2d_bio 33
+ASN1_i2d_fp 34
+ASN1_object_size 35
+ASN1_parse 36
+ASN1_put_object 37
+ASN1_sign 38
+ASN1_verify 39
+BF_cbc_encrypt 40
+BF_cfb64_encrypt 41
+BF_ecb_encrypt 42
+BF_encrypt 43
+BF_ofb64_encrypt 44
+BF_options 45
+BF_set_key 46
+BIO_CONNECT_free 47
+BIO_CONNECT_new 48
+BIO_accept 51
+BIO_ctrl 52
+BIO_int_ctrl 53
+BIO_debug_callback 54
+BIO_dump 55
+BIO_dup_chain 56
+BIO_f_base64 57
+BIO_f_buffer 58
+BIO_f_cipher 59
+BIO_f_md 60
+BIO_f_null 61
+BIO_f_proxy_server 62
+BIO_fd_non_fatal_error 63
+BIO_fd_should_retry 64
+BIO_find_type 65
+BIO_free 66
+BIO_free_all 67
+BIO_get_accept_socket 69
+BIO_get_filter_bio 70
+BIO_get_host_ip 71
+BIO_get_port 72
+BIO_get_retry_BIO 73
+BIO_get_retry_reason 74
+BIO_gethostbyname 75
+BIO_gets 76
+BIO_new 78
+BIO_new_accept 79
+BIO_new_connect 80
+BIO_new_fd 81
+BIO_new_file 82
+BIO_new_fp 83
+BIO_new_socket 84
+BIO_pop 85
+BIO_printf 86
+BIO_push 87
+BIO_puts 88
+BIO_read 89
+BIO_s_accept 90
+BIO_s_connect 91
+BIO_s_fd 92
+BIO_s_file 93
+BIO_s_mem 95
+BIO_s_null 96
+BIO_s_proxy_client 97
+BIO_s_socket 98
+BIO_set 100
+BIO_set_cipher 101
+BIO_set_tcp_ndelay 102
+BIO_sock_cleanup 103
+BIO_sock_error 104
+BIO_sock_init 105
+BIO_sock_non_fatal_error 106
+BIO_sock_should_retry 107
+BIO_socket_ioctl 108
+BIO_write 109
+BN_CTX_free 110
+BN_CTX_new 111
+BN_MONT_CTX_free 112
+BN_MONT_CTX_new 113
+BN_MONT_CTX_set 114
+BN_add 115
+BN_add_word 116
+BN_hex2bn 117
+BN_bin2bn 118
+BN_bn2hex 119
+BN_bn2bin 120
+BN_clear 121
+BN_clear_bit 122
+BN_clear_free 123
+BN_cmp 124
+BN_copy 125
+BN_div 126
+BN_div_word 127
+BN_dup 128
+BN_free 129
+BN_from_montgomery 130
+BN_gcd 131
+BN_generate_prime 132
+BN_get_word 133
+BN_is_bit_set 134
+BN_is_prime 135
+BN_lshift 136
+BN_lshift1 137
+BN_mask_bits 138
+BN_mod 139
+BN_mod_exp 140
+BN_mod_exp_mont 141
+BN_mod_exp_recp 142
+BN_mod_exp_simple 143
+BN_mod_inverse 144
+BN_mod_mul 145
+BN_mod_mul_montgomery 146
+BN_mod_mul_reciprocal 147
+BN_mod_word 148
+BN_mul 149
+BN_new 150
+BN_num_bits 151
+BN_num_bits_word 152
+BN_options 153
+BN_print 154
+BN_print_fp 155
+BN_rand 156
+BN_reciprocal 157
+BN_rshift 158
+BN_rshift1 159
+BN_set_bit 160
+BN_set_word 161
+BN_sqr 162
+BN_sub 163
+BN_to_ASN1_INTEGER 164
+BN_ucmp 165
+BN_value_one 166
+BUF_MEM_free 167
+BUF_MEM_grow 168
+BUF_MEM_new 169
+BUF_strdup 170
+CONF_free 171
+CONF_get_number 172
+CONF_get_section 173
+CONF_get_string 174
+CONF_load 175
+CRYPTO_add_lock 176
+CRYPTO_dbg_free 177
+CRYPTO_dbg_malloc 178
+CRYPTO_dbg_realloc 179
+CRYPTO_dbg_remalloc 180
+CRYPTO_free 181
+CRYPTO_get_add_lock_callback 182
+CRYPTO_get_id_callback 183
+CRYPTO_get_lock_name 184
+CRYPTO_get_locking_callback 185
+CRYPTO_get_mem_functions 186
+CRYPTO_lock 187
+CRYPTO_malloc 188
+CRYPTO_mem_ctrl 189
+CRYPTO_mem_leaks 190
+CRYPTO_mem_leaks_cb 191
+CRYPTO_mem_leaks_fp 192
+CRYPTO_realloc 193
+CRYPTO_remalloc 194
+CRYPTO_set_add_lock_callback 195
+CRYPTO_set_id_callback 196
+CRYPTO_set_locking_callback 197
+CRYPTO_set_mem_functions 198
+CRYPTO_thread_id 199
+DH_check 200
+DH_compute_key 201
+DH_free 202
+DH_generate_key 203
+DH_generate_parameters 204
+DH_new 205
+DH_size 206
+DHparams_print 207
+DHparams_print_fp 208
+DSA_free 209
+DSA_generate_key 210
+DSA_generate_parameters 211
+DSA_is_prime 212
+DSA_new 213
+DSA_print 214
+DSA_print_fp 215
+DSA_sign 216
+DSA_sign_setup 217
+DSA_size 218
+DSA_verify 219
+DSAparams_print 220
+DSAparams_print_fp 221
+ERR_clear_error 222
+ERR_error_string 223
+ERR_free_strings 224
+ERR_func_error_string 225
+ERR_get_err_state_table 226
+ERR_get_error 227
+ERR_get_error_line 228
+ERR_get_state 229
+ERR_get_string_table 230
+ERR_lib_error_string 231
+ERR_load_ASN1_strings 232
+ERR_load_BIO_strings 233
+ERR_load_BN_strings 234
+ERR_load_BUF_strings 235
+ERR_load_CONF_strings 236
+ERR_load_DH_strings 237
+ERR_load_DSA_strings 238
+ERR_load_ERR_strings 239
+ERR_load_EVP_strings 240
+ERR_load_OBJ_strings 241
+ERR_load_PEM_strings 242
+ERR_load_PROXY_strings 243
+ERR_load_RSA_strings 244
+ERR_load_X509_strings 245
+ERR_load_crypto_strings 246
+ERR_load_strings 247
+ERR_peek_error 248
+ERR_peek_error_line 249
+ERR_print_errors 250
+ERR_print_errors_fp 251
+ERR_put_error 252
+ERR_reason_error_string 253
+ERR_remove_state 254
+EVP_BytesToKey 255
+EVP_CIPHER_CTX_cleanup 256
+EVP_CipherFinal 257
+EVP_CipherInit 258
+EVP_CipherUpdate 259
+EVP_DecodeBlock 260
+EVP_DecodeFinal 261
+EVP_DecodeInit 262
+EVP_DecodeUpdate 263
+EVP_DecryptFinal 264
+EVP_DecryptInit 265
+EVP_DecryptUpdate 266
+EVP_DigestFinal 267
+EVP_DigestInit 268
+EVP_DigestUpdate 269
+EVP_EncodeBlock 270
+EVP_EncodeFinal 271
+EVP_EncodeInit 272
+EVP_EncodeUpdate 273
+EVP_EncryptFinal 274
+EVP_EncryptInit 275
+EVP_EncryptUpdate 276
+EVP_OpenFinal 277
+EVP_OpenInit 278
+EVP_PKEY_assign 279
+EVP_PKEY_copy_parameters 280
+EVP_PKEY_free 281
+EVP_PKEY_missing_parameters 282
+EVP_PKEY_new 283
+EVP_PKEY_save_parameters 284
+EVP_PKEY_size 285
+EVP_PKEY_type 286
+EVP_SealFinal 287
+EVP_SealInit 288
+EVP_SignFinal 289
+EVP_VerifyFinal 290
+EVP_add_alias 291
+EVP_add_cipher 292
+EVP_add_digest 293
+EVP_bf_cbc 294
+EVP_bf_cfb 295
+EVP_bf_ecb 296
+EVP_bf_ofb 297
+EVP_cleanup 298
+EVP_des_cbc 299
+EVP_des_cfb 300
+EVP_des_ecb 301
+EVP_des_ede 302
+EVP_des_ede3 303
+EVP_des_ede3_cbc 304
+EVP_des_ede3_cfb 305
+EVP_des_ede3_ofb 306
+EVP_des_ede_cbc 307
+EVP_des_ede_cfb 308
+EVP_des_ede_ofb 309
+EVP_des_ofb 310
+EVP_desx_cbc 311
+EVP_dss 312
+EVP_dss1 313
+EVP_enc_null 314
+EVP_get_cipherbyname 315
+EVP_get_digestbyname 316
+EVP_get_pw_prompt 317
+EVP_idea_cbc 318
+EVP_idea_cfb 319
+EVP_idea_ecb 320
+EVP_idea_ofb 321
+EVP_md2 322
+EVP_md5 323
+EVP_md_null 324
+EVP_rc2_cbc 325
+EVP_rc2_cfb 326
+EVP_rc2_ecb 327
+EVP_rc2_ofb 328
+EVP_rc4 329
+EVP_read_pw_string 330
+EVP_set_pw_prompt 331
+EVP_sha 332
+EVP_sha1 333
+MD2 334
+MD2_Final 335
+MD2_Init 336
+MD2_Update 337
+MD2_options 338
+MD5 339
+MD5_Final 340
+MD5_Init 341
+MD5_Update 342
+MDC2 343
+MDC2_Final 344
+MDC2_Init 345
+MDC2_Update 346
+NETSCAPE_SPKAC_free 347
+NETSCAPE_SPKAC_new 348
+NETSCAPE_SPKI_free 349
+NETSCAPE_SPKI_new 350
+NETSCAPE_SPKI_sign 351
+NETSCAPE_SPKI_verify 352
+OBJ_add_object 353
+OBJ_bsearch 354
+OBJ_cleanup 355
+OBJ_cmp 356
+OBJ_create 357
+OBJ_dup 358
+OBJ_ln2nid 359
+OBJ_new_nid 360
+OBJ_nid2ln 361
+OBJ_nid2obj 362
+OBJ_nid2sn 363
+OBJ_obj2nid 364
+OBJ_sn2nid 365
+OBJ_txt2nid 366
+PEM_ASN1_read 367
+PEM_ASN1_read_bio 368
+PEM_ASN1_write 369
+PEM_ASN1_write_bio 370
+PEM_SealFinal 371
+PEM_SealInit 372
+PEM_SealUpdate 373
+PEM_SignFinal 374
+PEM_SignInit 375
+PEM_SignUpdate 376
+PEM_X509_INFO_read 377
+PEM_X509_INFO_read_bio 378
+PEM_X509_INFO_write_bio 379
+PEM_dek_info 380
+PEM_do_header 381
+PEM_get_EVP_CIPHER_INFO 382
+PEM_proc_type 383
+PEM_read 384
+PEM_read_DHparams 385
+PEM_read_DSAPrivateKey 386
+PEM_read_DSAparams 387
+PEM_read_PKCS7 388
+PEM_read_PrivateKey 389
+PEM_read_RSAPrivateKey 390
+PEM_read_X509 391
+PEM_read_X509_CRL 392
+PEM_read_X509_REQ 393
+PEM_read_bio 394
+PEM_read_bio_DHparams 395
+PEM_read_bio_DSAPrivateKey 396
+PEM_read_bio_DSAparams 397
+PEM_read_bio_PKCS7 398
+PEM_read_bio_PrivateKey 399
+PEM_read_bio_RSAPrivateKey 400
+PEM_read_bio_X509 401
+PEM_read_bio_X509_CRL 402
+PEM_read_bio_X509_REQ 403
+PEM_write 404
+PEM_write_DHparams 405
+PEM_write_DSAPrivateKey 406
+PEM_write_DSAparams 407
+PEM_write_PKCS7 408
+PEM_write_PrivateKey 409
+PEM_write_RSAPrivateKey 410
+PEM_write_X509 411
+PEM_write_X509_CRL 412
+PEM_write_X509_REQ 413
+PEM_write_bio 414
+PEM_write_bio_DHparams 415
+PEM_write_bio_DSAPrivateKey 416
+PEM_write_bio_DSAparams 417
+PEM_write_bio_PKCS7 418
+PEM_write_bio_PrivateKey 419
+PEM_write_bio_RSAPrivateKey 420
+PEM_write_bio_X509 421
+PEM_write_bio_X509_CRL 422
+PEM_write_bio_X509_REQ 423
+PKCS7_DIGEST_free 424
+PKCS7_DIGEST_new 425
+PKCS7_ENCRYPT_free 426
+PKCS7_ENCRYPT_new 427
+PKCS7_ENC_CONTENT_free 428
+PKCS7_ENC_CONTENT_new 429
+PKCS7_ENVELOPE_free 430
+PKCS7_ENVELOPE_new 431
+PKCS7_ISSUER_AND_SERIAL_digest 432
+PKCS7_ISSUER_AND_SERIAL_free 433
+PKCS7_ISSUER_AND_SERIAL_new 434
+PKCS7_RECIP_INFO_free 435
+PKCS7_RECIP_INFO_new 436
+PKCS7_SIGNED_free 437
+PKCS7_SIGNED_new 438
+PKCS7_SIGNER_INFO_free 439
+PKCS7_SIGNER_INFO_new 440
+PKCS7_SIGN_ENVELOPE_free 441
+PKCS7_SIGN_ENVELOPE_new 442
+PKCS7_dup 443
+PKCS7_free 444
+PKCS7_new 445
+PROXY_ENTRY_add_noproxy 446
+PROXY_ENTRY_clear_noproxy 447
+PROXY_ENTRY_free 448
+PROXY_ENTRY_get_noproxy 449
+PROXY_ENTRY_new 450
+PROXY_ENTRY_set_server 451
+PROXY_add_noproxy 452
+PROXY_add_server 453
+PROXY_check_by_host 454
+PROXY_check_url 455
+PROXY_clear_noproxy 456
+PROXY_free 457
+PROXY_get_noproxy 458
+PROXY_get_proxies 459
+PROXY_get_proxy_entry 460
+PROXY_load_conf 461
+PROXY_new 462
+PROXY_print 463
+RAND_bytes 464
+RAND_cleanup 465
+RAND_file_name 466
+RAND_load_file 467
+RAND_screen 468
+RAND_seed 469
+RAND_write_file 470
+RC2_cbc_encrypt 471
+RC2_cfb64_encrypt 472
+RC2_ecb_encrypt 473
+RC2_encrypt 474
+RC2_ofb64_encrypt 475
+RC2_set_key 476
+RC4 477
+RC4_options 478
+RC4_set_key 479
+RSAPrivateKey_asn1_meth 480
+RSAPrivateKey_dup 481
+RSAPublicKey_dup 482
+RSA_PKCS1_SSLeay 483
+RSA_free 484
+RSA_generate_key 485
+RSA_new 486
+RSA_new_method 487
+RSA_print 488
+RSA_print_fp 489
+RSA_private_decrypt 490
+RSA_private_encrypt 491
+RSA_public_decrypt 492
+RSA_public_encrypt 493
+RSA_set_default_method 494
+RSA_sign 495
+RSA_sign_ASN1_OCTET_STRING 496
+RSA_size 497
+RSA_verify 498
+RSA_verify_ASN1_OCTET_STRING 499
+SHA 500
+SHA1 501
+SHA1_Final 502
+SHA1_Init 503
+SHA1_Update 504
+SHA_Final 505
+SHA_Init 506
+SHA_Update 507
+SSLeay_add_all_algorithms 508
+SSLeay_add_all_ciphers 509
+SSLeay_add_all_digests 510
+TXT_DB_create_index 511
+TXT_DB_free 512
+TXT_DB_get_by_index 513
+TXT_DB_insert 514
+TXT_DB_read 515
+TXT_DB_write 516
+X509_ALGOR_free 517
+X509_ALGOR_new 518
+X509_ATTRIBUTE_free 519
+X509_ATTRIBUTE_new 520
+X509_CINF_free 521
+X509_CINF_new 522
+X509_CRL_INFO_free 523
+X509_CRL_INFO_new 524
+X509_CRL_add_ext 525
+X509_CRL_cmp 526
+X509_CRL_delete_ext 527
+X509_CRL_dup 528
+X509_CRL_free 529
+X509_CRL_get_ext 530
+X509_CRL_get_ext_by_NID 531
+X509_CRL_get_ext_by_OBJ 532
+X509_CRL_get_ext_by_critical 533
+X509_CRL_get_ext_count 534
+X509_CRL_new 535
+X509_CRL_sign 536
+X509_CRL_verify 537
+X509_EXTENSION_create_by_NID 538
+X509_EXTENSION_create_by_OBJ 539
+X509_EXTENSION_dup 540
+X509_EXTENSION_free 541
+X509_EXTENSION_get_critical 542
+X509_EXTENSION_get_data 543
+X509_EXTENSION_get_object 544
+X509_EXTENSION_new 545
+X509_EXTENSION_set_critical 546
+X509_EXTENSION_set_data 547
+X509_EXTENSION_set_object 548
+X509_INFO_free 549
+X509_INFO_new 550
+X509_LOOKUP_by_alias 551
+X509_LOOKUP_by_fingerprint 552
+X509_LOOKUP_by_issuer_serial 553
+X509_LOOKUP_by_subject 554
+X509_LOOKUP_ctrl 555
+X509_LOOKUP_file 556
+X509_LOOKUP_free 557
+X509_LOOKUP_hash_dir 558
+X509_LOOKUP_init 559
+X509_LOOKUP_new 560
+X509_LOOKUP_shutdown 561
+X509_NAME_ENTRY_create_by_NID 562
+X509_NAME_ENTRY_create_by_OBJ 563
+X509_NAME_ENTRY_dup 564
+X509_NAME_ENTRY_free 565
+X509_NAME_ENTRY_get_data 566
+X509_NAME_ENTRY_get_object 567
+X509_NAME_ENTRY_new 568
+X509_NAME_ENTRY_set_data 569
+X509_NAME_ENTRY_set_object 570
+X509_NAME_add_entry 571
+X509_NAME_cmp 572
+X509_NAME_delete_entry 573
+X509_NAME_digest 574
+X509_NAME_dup 575
+X509_NAME_entry_count 576
+X509_NAME_free 577
+X509_NAME_get_entry 578
+X509_NAME_get_index_by_NID 579
+X509_NAME_get_index_by_OBJ 580
+X509_NAME_get_text_by_NID 581
+X509_NAME_get_text_by_OBJ 582
+X509_NAME_hash 583
+X509_NAME_new 584
+X509_NAME_oneline 585
+X509_NAME_print 586
+X509_NAME_set 587
+X509_OBJECT_free_contents 588
+X509_OBJECT_retrive_by_subject 589
+X509_OBJECT_up_ref_count 590
+X509_PKEY_free 591
+X509_PKEY_new 592
+X509_PUBKEY_free 593
+X509_PUBKEY_get 594
+X509_PUBKEY_new 595
+X509_PUBKEY_set 596
+X509_REQ_INFO_free 597
+X509_REQ_INFO_new 598
+X509_REQ_dup 599
+X509_REQ_free 600
+X509_REQ_get_pubkey 601
+X509_REQ_new 602
+X509_REQ_print 603
+X509_REQ_print_fp 604
+X509_REQ_set_pubkey 605
+X509_REQ_set_subject_name 606
+X509_REQ_set_version 607
+X509_REQ_sign 608
+X509_REQ_to_X509 609
+X509_REQ_verify 610
+X509_REVOKED_add_ext 611
+X509_REVOKED_delete_ext 612
+X509_REVOKED_free 613
+X509_REVOKED_get_ext 614
+X509_REVOKED_get_ext_by_NID 615
+X509_REVOKED_get_ext_by_OBJ 616
+X509_REVOKED_get_ext_by_critical 617
+X509_REVOKED_get_ext_count 618
+X509_REVOKED_new 619
+X509_SIG_free 620
+X509_SIG_new 621
+X509_STORE_CTX_cleanup 622
+X509_STORE_CTX_init 623
+X509_STORE_add_cert 624
+X509_STORE_add_lookup 625
+X509_STORE_free 626
+X509_STORE_get_by_subject 627
+X509_STORE_load_locations 628
+X509_STORE_new 629
+X509_STORE_set_default_paths 630
+X509_VAL_free 631
+X509_VAL_new 632
+X509_add_ext 633
+X509_asn1_meth 634
+X509_certificate_type 635
+X509_check_private_key 636
+X509_cmp_current_time 637
+X509_delete_ext 638
+X509_digest 639
+X509_dup 640
+X509_free 641
+X509_get_default_cert_area 642
+X509_get_default_cert_dir 643
+X509_get_default_cert_dir_env 644
+X509_get_default_cert_file 645
+X509_get_default_cert_file_env 646
+X509_get_default_private_dir 647
+X509_get_ext 648
+X509_get_ext_by_NID 649
+X509_get_ext_by_OBJ 650
+X509_get_ext_by_critical 651
+X509_get_ext_count 652
+X509_get_issuer_name 653
+X509_get_pubkey 654
+X509_get_pubkey_parameters 655
+X509_get_serialNumber 656
+X509_get_subject_name 657
+X509_gmtime_adj 658
+X509_issuer_and_serial_cmp 659
+X509_issuer_and_serial_hash 660
+X509_issuer_name_cmp 661
+X509_issuer_name_hash 662
+X509_load_cert_file 663
+X509_new 664
+X509_print 665
+X509_print_fp 666
+X509_set_issuer_name 667
+X509_set_notAfter 668
+X509_set_notBefore 669
+X509_set_pubkey 670
+X509_set_serialNumber 671
+X509_set_subject_name 672
+X509_set_version 673
+X509_sign 674
+X509_subject_name_cmp 675
+X509_subject_name_hash 676
+X509_to_X509_REQ 677
+X509_verify 678
+X509_verify_cert 679
+X509_verify_cert_error_string 680
+X509v3_add_ext 681
+X509v3_add_extension 682
+X509v3_add_netscape_extensions 683
+X509v3_add_standard_extensions 684
+X509v3_cleanup_extensions 685
+X509v3_data_type_by_NID 686
+X509v3_data_type_by_OBJ 687
+X509v3_delete_ext 688
+X509v3_get_ext 689
+X509v3_get_ext_by_NID 690
+X509v3_get_ext_by_OBJ 691
+X509v3_get_ext_by_critical 692
+X509v3_get_ext_count 693
+X509v3_pack_string 694
+X509v3_pack_type_by_NID 695
+X509v3_pack_type_by_OBJ 696
+X509v3_unpack_string 697
+_des_crypt 698
+a2d_ASN1_OBJECT 699
+a2i_ASN1_INTEGER 700
+a2i_ASN1_STRING 701
+asn1_Finish 702
+asn1_GetSequence 703
+bn_div64 704
+bn_expand2 705
+bn_mul_add_words 706
+bn_mul_words 707
+bn_qadd 708
+bn_qsub 709
+bn_sqr_words 710
+crypt 711
+d2i_ASN1_BIT_STRING 712
+d2i_ASN1_BOOLEAN 713
+d2i_ASN1_HEADER 714
+d2i_ASN1_IA5STRING 715
+d2i_ASN1_INTEGER 716
+d2i_ASN1_OBJECT 717
+d2i_ASN1_OCTET_STRING 718
+d2i_ASN1_PRINTABLE 719
+d2i_ASN1_PRINTABLESTRING 720
+d2i_ASN1_SET 721
+d2i_ASN1_T61STRING 722
+d2i_ASN1_TYPE 723
+d2i_ASN1_UTCTIME 724
+d2i_ASN1_bytes 725
+d2i_ASN1_type_bytes 726
+d2i_DHparams 727
+d2i_DSAPrivateKey 728
+d2i_DSAPrivateKey_bio 729
+d2i_DSAPrivateKey_fp 730
+d2i_DSAPublicKey 731
+d2i_DSAparams 732
+d2i_NETSCAPE_SPKAC 733
+d2i_NETSCAPE_SPKI 734
+d2i_Netscape_RSA 735
+d2i_PKCS7 736
+d2i_PKCS7_DIGEST 737
+d2i_PKCS7_ENCRYPT 738
+d2i_PKCS7_ENC_CONTENT 739
+d2i_PKCS7_ENVELOPE 740
+d2i_PKCS7_ISSUER_AND_SERIAL 741
+d2i_PKCS7_RECIP_INFO 742
+d2i_PKCS7_SIGNED 743
+d2i_PKCS7_SIGNER_INFO 744
+d2i_PKCS7_SIGN_ENVELOPE 745
+d2i_PKCS7_bio 746
+d2i_PKCS7_fp 747
+d2i_PrivateKey 748
+d2i_PublicKey 749
+d2i_RSAPrivateKey 750
+d2i_RSAPrivateKey_bio 751
+d2i_RSAPrivateKey_fp 752
+d2i_RSAPublicKey 753
+d2i_X509 754
+d2i_X509_ALGOR 755
+d2i_X509_ATTRIBUTE 756
+d2i_X509_CINF 757
+d2i_X509_CRL 758
+d2i_X509_CRL_INFO 759
+d2i_X509_CRL_bio 760
+d2i_X509_CRL_fp 761
+d2i_X509_EXTENSION 762
+d2i_X509_NAME 763
+d2i_X509_NAME_ENTRY 764
+d2i_X509_PKEY 765
+d2i_X509_PUBKEY 766
+d2i_X509_REQ 767
+d2i_X509_REQ_INFO 768
+d2i_X509_REQ_bio 769
+d2i_X509_REQ_fp 770
+d2i_X509_REVOKED 771
+d2i_X509_SIG 772
+d2i_X509_VAL 773
+d2i_X509_bio 774
+d2i_X509_fp 775
+des_cbc_cksum 777
+des_cbc_encrypt 778
+des_cblock_print_file 779
+des_cfb64_encrypt 780
+des_cfb_encrypt 781
+des_decrypt3 782
+des_ecb3_encrypt 783
+des_ecb_encrypt 784
+des_ede3_cbc_encrypt 785
+des_ede3_cfb64_encrypt 786
+des_ede3_ofb64_encrypt 787
+des_enc_read 788
+des_enc_write 789
+des_encrypt 790
+des_encrypt2 791
+des_encrypt3 792
+des_fcrypt 793
+des_is_weak_key 794
+des_key_sched 795
+des_ncbc_encrypt 796
+des_ofb64_encrypt 797
+des_ofb_encrypt 798
+des_options 799
+des_pcbc_encrypt 800
+des_quad_cksum 801
+des_random_key 802
+des_random_seed 803
+des_read_2passwords 804
+des_read_password 805
+des_read_pw 806
+des_read_pw_string 807
+des_set_key 808
+des_set_odd_parity 809
+des_string_to_2keys 810
+des_string_to_key 811
+des_xcbc_encrypt 812
+des_xwhite_in2out 813
+fcrypt_body 814
+i2a_ASN1_INTEGER 815
+i2a_ASN1_OBJECT 816
+i2a_ASN1_STRING 817
+i2d_ASN1_BIT_STRING 818
+i2d_ASN1_BOOLEAN 819
+i2d_ASN1_HEADER 820
+i2d_ASN1_IA5STRING 821
+i2d_ASN1_INTEGER 822
+i2d_ASN1_OBJECT 823
+i2d_ASN1_OCTET_STRING 824
+i2d_ASN1_PRINTABLE 825
+i2d_ASN1_SET 826
+i2d_ASN1_TYPE 827
+i2d_ASN1_UTCTIME 828
+i2d_ASN1_bytes 829
+i2d_DHparams 830
+i2d_DSAPrivateKey 831
+i2d_DSAPrivateKey_bio 832
+i2d_DSAPrivateKey_fp 833
+i2d_DSAPublicKey 834
+i2d_DSAparams 835
+i2d_NETSCAPE_SPKAC 836
+i2d_NETSCAPE_SPKI 837
+i2d_Netscape_RSA 838
+i2d_PKCS7 839
+i2d_PKCS7_DIGEST 840
+i2d_PKCS7_ENCRYPT 841
+i2d_PKCS7_ENC_CONTENT 842
+i2d_PKCS7_ENVELOPE 843
+i2d_PKCS7_ISSUER_AND_SERIAL 844
+i2d_PKCS7_RECIP_INFO 845
+i2d_PKCS7_SIGNED 846
+i2d_PKCS7_SIGNER_INFO 847
+i2d_PKCS7_SIGN_ENVELOPE 848
+i2d_PKCS7_bio 849
+i2d_PKCS7_fp 850
+i2d_PrivateKey 851
+i2d_PublicKey 852
+i2d_RSAPrivateKey 853
+i2d_RSAPrivateKey_bio 854
+i2d_RSAPrivateKey_fp 855
+i2d_RSAPublicKey 856
+i2d_X509 857
+i2d_X509_ALGOR 858
+i2d_X509_ATTRIBUTE 859
+i2d_X509_CINF 860
+i2d_X509_CRL 861
+i2d_X509_CRL_INFO 862
+i2d_X509_CRL_bio 863
+i2d_X509_CRL_fp 864
+i2d_X509_EXTENSION 865
+i2d_X509_NAME 866
+i2d_X509_NAME_ENTRY 867
+i2d_X509_PKEY 868
+i2d_X509_PUBKEY 869
+i2d_X509_REQ 870
+i2d_X509_REQ_INFO 871
+i2d_X509_REQ_bio 872
+i2d_X509_REQ_fp 873
+i2d_X509_REVOKED 874
+i2d_X509_SIG 875
+i2d_X509_VAL 876
+i2d_X509_bio 877
+i2d_X509_fp 878
+idea_cbc_encrypt 879
+idea_cfb64_encrypt 880
+idea_ecb_encrypt 881
+idea_encrypt 882
+idea_ofb64_encrypt 883
+idea_options 884
+idea_set_decrypt_key 885
+idea_set_encrypt_key 886
+lh_delete 887
+lh_doall 888
+lh_doall_arg 889
+lh_free 890
+lh_insert 891
+lh_new 892
+lh_node_stats 893
+lh_node_stats_bio 894
+lh_node_usage_stats 895
+lh_node_usage_stats_bio 896
+lh_retrieve 897
+lh_stats 898
+lh_stats_bio 899
+lh_strhash 900
+sk_delete 901
+sk_delete_ptr 902
+sk_dup 903
+sk_find 904
+sk_free 905
+sk_insert 906
+sk_new 907
+sk_pop 908
+sk_pop_free 909
+sk_push 910
+sk_set_cmp_func 911
+sk_shift 912
+sk_unshift 913
+sk_zero 914
+BIO_f_nbio_test 915
+ASN1_TYPE_get 916
+ASN1_TYPE_set 917
+PKCS7_content_free 918
+ERR_load_PKCS7_strings 919
+X509_find_by_issuer_and_serial 920
+X509_find_by_subject 921
+PKCS7_ctrl 927
+PKCS7_set_type 928
+PKCS7_set_content 929
+PKCS7_SIGNER_INFO_set 930
+PKCS7_add_signer 931
+PKCS7_add_certificate 932
+PKCS7_add_crl 933
+PKCS7_content_new 934
+PKCS7_dataSign 935
+PKCS7_dataVerify 936
+PKCS7_dataInit 937
+PKCS7_add_signature 938
+PKCS7_cert_from_signer_info 939
+PKCS7_get_signer_info 940
+EVP_delete_alias 941
+EVP_mdc2 942
+PEM_read_bio_RSAPublicKey 943
+PEM_write_bio_RSAPublicKey 944
+d2i_RSAPublicKey_bio 945
+i2d_RSAPublicKey_bio 946
+PEM_read_RSAPublicKey 947
+PEM_write_RSAPublicKey 949
+d2i_RSAPublicKey_fp 952
+i2d_RSAPublicKey_fp 954
+BIO_copy_next_retry 955
+RSA_flags 956
+X509_STORE_add_crl 957
+X509_load_crl_file 958
+EVP_rc2_40_cbc 959
+EVP_rc4_40 960
+EVP_CIPHER_CTX_init 961
+HMAC 962
+HMAC_Init 963
+HMAC_Update 964
+HMAC_Final 965
+ERR_get_next_error_library 966
+EVP_PKEY_cmp_parameters 967
+HMAC_cleanup 968
+BIO_ptr_ctrl 969
+BIO_new_file_internal 970
+BIO_new_fp_internal 971
+BIO_s_file_internal 972
+BN_BLINDING_convert 973
+BN_BLINDING_invert 974
+BN_BLINDING_update 975
+RSA_blinding_on 977
+RSA_blinding_off 978
+i2t_ASN1_OBJECT 979
+BN_BLINDING_new 980
+BN_BLINDING_free 981
+EVP_cast5_cbc 983
+EVP_cast5_cfb 984
+EVP_cast5_ecb 985
+EVP_cast5_ofb 986
+BF_decrypt 987
+CAST_set_key 988
+CAST_encrypt 989
+CAST_decrypt 990
+CAST_ecb_encrypt 991
+CAST_cbc_encrypt 992
+CAST_cfb64_encrypt 993
+CAST_ofb64_encrypt 994
+RC2_decrypt 995
+OBJ_create_objects 997
+BN_exp 998
+BN_mul_word 999
+BN_sub_word 1000
+BN_dec2bn 1001
+BN_bn2dec 1002
+BIO_ghbn_ctrl 1003
+CRYPTO_free_ex_data 1004
+CRYPTO_get_ex_data 1005
+CRYPTO_set_ex_data 1007
+ERR_load_CRYPTO_strings 1009
+ERR_load_CRYPTOlib_strings 1009
+EVP_PKEY_bits 1010
+MD5_Transform 1011
+SHA1_Transform 1012
+SHA_Transform 1013
+X509_STORE_CTX_get_chain 1014
+X509_STORE_CTX_get_current_cert 1015
+X509_STORE_CTX_get_error 1016
+X509_STORE_CTX_get_error_depth 1017
+X509_STORE_CTX_get_ex_data 1018
+X509_STORE_CTX_set_cert 1020
+X509_STORE_CTX_set_chain 1021
+X509_STORE_CTX_set_error 1022
+X509_STORE_CTX_set_ex_data 1023
+CRYPTO_dup_ex_data 1025
+CRYPTO_get_new_lockid 1026
+CRYPTO_new_ex_data 1027
+RSA_set_ex_data 1028
+RSA_get_ex_data 1029
+RSA_get_ex_new_index 1030
+RSA_padding_add_PKCS1_type_1 1031
+RSA_padding_add_PKCS1_type_2 1032
+RSA_padding_add_SSLv23 1033
+RSA_padding_add_none 1034
+RSA_padding_check_PKCS1_type_1 1035
+RSA_padding_check_PKCS1_type_2 1036
+RSA_padding_check_SSLv23 1037
+RSA_padding_check_none 1038
+bn_add_words 1039
+d2i_Netscape_RSA_2 1040
+CRYPTO_get_ex_new_index 1041
+RIPEMD160_Init 1042
+RIPEMD160_Update 1043
+RIPEMD160_Final 1044
+RIPEMD160 1045
+RIPEMD160_Transform 1046
+RC5_32_set_key 1047
+RC5_32_ecb_encrypt 1048
+RC5_32_encrypt 1049
+RC5_32_decrypt 1050
+RC5_32_cbc_encrypt 1051
+RC5_32_cfb64_encrypt 1052
+RC5_32_ofb64_encrypt 1053
+BN_bn2mpi 1058
+BN_mpi2bn 1059
+ASN1_BIT_STRING_get_bit 1060
+ASN1_BIT_STRING_set_bit 1061
+BIO_get_ex_data 1062
+BIO_get_ex_new_index 1063
+BIO_set_ex_data 1064
+X509_STORE_CTX_get_ex_new_index 1065
+X509v3_get_key_usage 1066
+X509v3_set_key_usage 1067
+a2i_X509v3_key_usage 1068
+i2a_X509v3_key_usage 1069
+EVP_PKEY_decrypt 1070
+EVP_PKEY_encrypt 1071
+PKCS7_RECIP_INFO_set 1072
+PKCS7_add_recipient 1073
+PKCS7_add_recipient_info 1074
+PKCS7_set_cipher 1075
+ASN1_TYPE_get_int_octetstring 1076
+ASN1_TYPE_get_octetstring 1077
+ASN1_TYPE_set_int_octetstring 1078
+ASN1_TYPE_set_octetstring 1079
+ASN1_UTCTIME_set_string 1080
+ERR_add_error_data 1081
+ERR_set_error_data 1082
+EVP_CIPHER_asn1_to_param 1083
+EVP_CIPHER_param_to_asn1 1084
+EVP_CIPHER_get_asn1_iv 1085
+EVP_CIPHER_set_asn1_iv 1086
+EVP_rc5_32_12_16_cbc 1087
+EVP_rc5_32_12_16_cfb 1088
+EVP_rc5_32_12_16_ecb 1089
+EVP_rc5_32_12_16_ofb 1090
+asn1_add_error 1091
diff --git a/src/lib/libcrypto/util/mk1mf.pl b/src/lib/libcrypto/util/mk1mf.pl
new file mode 100644
index 0000000000..149a0f4f80
--- /dev/null
+++ b/src/lib/libcrypto/util/mk1mf.pl
@@ -0,0 +1,793 @@
+#!/usr/bin/perl
+# A bit of an evil hack but it post processes the file ../MINFO which
+# is generated by `make files` in the top directory.
+# This script outputs one mega makefile that has no shell stuff or any
+# funny stuff
+#
+
+$INSTALLTOP="/usr/local/ssl";
+
+$ssl_version="0.8.2";
+
+$infile="MINFO";
+
+%ops=(
+ "VC-WIN32", "Microsoft Visual C++ 4.[01] - Windows NT [34].x",
+ "VC-W31-16", "Microsoft Visual C++ 1.52 - Windows 3.1 - 286",
+ "VC-WIN16", "Alias for VC-W31-32",
+ "VC-W31-32", "Microsoft Visual C++ 1.52 - Windows 3.1 - 386+",
+ "VC-MSDOS","Microsoft Visual C++ 1.52 - MSDOS",
+ "BC-NT", "Borland C++ 4.5 - Windows NT - PROBABLY NOT WORKING",
+ "BC-W31", "Borland C++ 4.5 - Windows 3.1 - PROBABLY NOT WORKING",
+ "BC-MSDOS","Borland C++ 4.5 - MSDOS",
+ "linux-elf","Linux elf",
+ "FreeBSD","FreeBSD distribution",
+ "default","cc under unix",
+ );
+
+$type="";
+foreach (@ARGV)
+ {
+ if (/^no-rc2$/) { $no_rc2=1; }
+ elsif (/^no-rc4$/) { $no_rc4=1; }
+ elsif (/^no-rc5$/) { $no_rc5=1; }
+ elsif (/^no-idea$/) { $no_idea=1; }
+ elsif (/^no-des$/) { $no_des=1; }
+ elsif (/^no-bf$/) { $no_bf=1; }
+ elsif (/^no-cast$/) { $no_cast=1; }
+ elsif (/^no-md2$/) { $no_md2=1; }
+ elsif (/^no-md5$/) { $no_md5=1; }
+ elsif (/^no-sha$/) { $no_sha=1; }
+ elsif (/^no-sha1$/) { $no_sha1=1; }
+ elsif (/^no-rmd160$/) { $no_rmd160=1; }
+ elsif (/^no-mdc2$/) { $no_mdc2=1; }
+ elsif (/^no-patents$/) { $no_rc2=$no_rc4=$no_rc5=$no_idea=$no_rsa=1; }
+ elsif (/^no-rsa$/) { $no_rsa=1; }
+ elsif (/^no-dsa$/) { $no_dsa=1; }
+ elsif (/^no-dh$/) { $no_dh=1; }
+ elsif (/^no-asm$/) { $no_asm=1; }
+ elsif (/^no-ssl2$/) { $no_ssl2=1; }
+ elsif (/^no-ssl3$/) { $no_ssl3=1; }
+ elsif (/^no-err$/) { $no_err=1; }
+ elsif (/^no-sock$/) { $no_sock=1; }
+
+ elsif (/^just-ssl$/) { $no_rc2=$no_idea=$no_des=$no_bf=$no_cast=1;
+ $no_md2=$no_sha=$no_mdc2=$no_dsa=$no_dh=1;
+ $no_ssl2=$no_err=1; }
+
+ elsif (/^rsaref$/) { $rsaref=1; }
+ elsif (/^gcc$/) { $gcc=1; }
+ elsif (/^debug$/) { $debug=1; }
+ elsif (/^shlib$/) { $shlib=1; }
+ elsif (/^dll$/) { $shlib=1; }
+ elsif (/^([^=]*)=(.*)$/){ $VARS{$1}=$2; }
+ elsif (/^-[lL].*$/) { $l_flags.="$_ "; }
+ elsif ((!/^-help/) && (!/^-h/) && (!/^-\?/) && /^-.*$/)
+ { $c_flags.="$_ "; }
+ else
+ {
+ if (!defined($ops{$_}))
+ {
+ print STDERR "unknown option - $_\n";
+ print STDERR "usage: perl mk1mf.pl [system] [options]\n";
+ print STDERR "\nwhere [system] can be one of the following\n";
+ foreach $i (sort keys %ops)
+ { printf STDERR "\t%-10s\t%s\n",$i,$ops{$i}; }
+ print STDERR <<"EOF";
+and [options] can be one of
+ no-md2 no-md5 no-sha no-sha1 no-mdc2 no-rmd160 - Skip this digest
+ no-rc2 no-rc4 no-idea no-des no-bf no-cast - Skip this symetric cipher
+ no-rc5
+ no-rsa no-dsa no-dh - Skip this public key cipher
+ no-ssl2 no-ssl3 - Skip this version of SSL
+ just-ssl - remove all non-ssl keys/digest
+ no-asm - No x86 asm
+ no-socks - No socket code
+ no-err - No error strings
+ dll/shlib - Build shared libraries (MS)
+ debug - Debug build
+ gcc - Use Gcc (unix)
+ rsaref - Build to require RSAref
+
+Values that can be set
+TMP=tmpdir OUT=outdir SRC=srcdir BIN=binpath INC=header-outdir CC=C-compiler
+
+-L<ex_lib_path> -l<ex_lib> - extra library flags (unix)
+-<ex_cc_flags> - extra 'cc' flags,
+ added (MS), or replace (unix)
+EOF
+ exit(1);
+ }
+ $type=$_;
+ }
+ }
+
+$no_mdc2=1 if ($no_des);
+
+$no_ssl3=1 if ($no_md5 || $no_sha1);
+$no_ssl3=1 if ($no_rsa && $no_dh);
+
+$no_ssl2=1 if ($no_md5 || $no_rsa);
+$no_ssl2=1 if ($no_rsa);
+
+$out_def="out";
+$inc_def="outinc";
+$tmp_def="tmp";
+
+
+($ssl,$crypto)=("ssl","crypto");
+$RSAglue="RSAglue";
+$ranlib="echo ranlib";
+
+$cc=(defined($VARS{'CC'}))?$VARS{'CC'}:'cc';
+$src_dir=(defined($VARS{'SRC'}))?$VARS{'SRC'}:'.';
+$bin_dir=(defined($VARS{'BIN'}))?$VARS{'BIN'}:'';
+
+# $bin_dir.=$o causes a core dump on my sparc :-(
+
+push(@INC,"util/pl","pl");
+if ($type eq "VC-MSDOS")
+ {
+ $asmbits=16;
+ $msdos=1;
+ require 'VC-16.pl';
+ }
+elsif ($type eq "VC-W31-16")
+ {
+ $asmbits=16;
+ $msdos=1; $win16=1;
+ require 'VC-16.pl';
+ }
+elsif (($type eq "VC-W31-32") || ($type eq "VC-WIN16"))
+ {
+ $asmbits=32;
+ $msdos=1; $win16=1;
+ require 'VC-16.pl';
+ }
+elsif (($type eq "VC-WIN32") || ($type eq "VC-NT"))
+ {
+ require 'VC-32.pl';
+ }
+elsif ($type eq "BC-NT")
+ {
+ $bc=1;
+ require 'BC-32.pl';
+ }
+elsif ($type eq "BC-W31")
+ {
+ $bc=1;
+ $msdos=1; $w16=1;
+ require 'BC-16.pl';
+ }
+elsif ($type eq "BC-Q16")
+ {
+ $msdos=1; $w16=1; $shlib=0; $qw=1;
+ require 'BC-16.pl';
+ }
+elsif ($type eq "BC-MSDOS")
+ {
+ $asmbits=16;
+ $msdos=1;
+ require 'BC-16.pl';
+ }
+elsif ($type eq "FreeBSD")
+ {
+ require 'unix.pl';
+ $cflags='-DTERMIO -D_ANSI_SOURCE -O2 -fomit-frame-pointer';
+ }
+elsif ($type eq "linux-elf")
+ {
+ require "unix.pl";
+ require "linux.pl";
+ $unix=1;
+ }
+else
+ {
+ require "unix.pl";
+
+ $unix=1;
+ $cflags.=' -DTERMIO';
+ }
+
+$out_dir=(defined($VARS{'OUT'}))?$VARS{'OUT'}:$out_def.($debug?".dbg":"");
+$tmp_dir=(defined($VARS{'TMP'}))?$VARS{'TMP'}:$tmp_def.($debug?".dbg":"");
+$inc_dir=(defined($VARS{'INC'}))?$VARS{'INC'}:$inc_def;
+
+$bin_dir=$bin_dir.$o unless ((substr($bin_dir,-1,1) eq $o) || ($bin_dir eq ''));
+
+$cflags.=" -DNO_IDEA" if $no_idea;
+$cflags.=" -DNO_RC2" if $no_rc2;
+$cflags.=" -DNO_RC4" if $no_rc4;
+$cflags.=" -DNO_RC5" if $no_rc5;
+$cflags.=" -DNO_MD2" if $no_md2;
+$cflags.=" -DNO_MD5" if $no_md5;
+$cflags.=" -DNO_SHA" if $no_sha;
+$cflags.=" -DNO_SHA1" if $no_sha1;
+$cflags.=" -DNO_RMD160" if $no_rmd160;
+$cflags.=" -DNO_MDC2" if $no_mdc2;
+$cflags.=" -DNO_BLOWFISH" if $no_bf;
+$cflags.=" -DNO_CAST" if $no_cast;
+$cflags.=" -DNO_DES" if $no_des;
+$cflags.=" -DNO_RSA" if $no_rsa;
+$cflags.=" -DNO_DSA" if $no_dsa;
+$cflags.=" -DNO_DH" if $no_dh;
+$cflags.=" -DNO_SOCK" if $no_sock;
+$cflags.=" -DNO_SSL2" if $no_ssl2;
+$cflags.=" -DNO_SSL3" if $no_ssl3;
+$cflags.=" -DNO_ERR" if $no_err;
+$cflags.=" -DRSAref" if $rsaref ne "";
+
+if ($unix)
+ { $cflags="$c_flags" if ($c_flags ne ""); }
+else { $cflags="$c_flags$cflags" if ($c_flags ne ""); }
+
+$ex_libs="$l_flags$ex_libs" if ($l_flags ne "");
+
+if ($ranlib ne "")
+ {
+ $ranlib="\$(SRC_D)$o$ranlib";
+ }
+
+if ($msdos)
+ {
+ $banner ="\t\@echo Make sure you have run 'perl Configure $type' in the\n";
+ $banner.="\t\@echo top level directory, if you don't have perl, you will\n";
+ $banner.="\t\@echo need to probably edit crypto/bn/bn.h, check the\n";
+ $banner.="\t\@echo documentation for details.\n";
+ }
+
+# have to do this to allow $(CC) under unix
+$link="$bin_dir$link" if ($link !~ /^\$/);
+
+$INSTALLTOP =~ s|/|$o|g;
+
+$defs= <<"EOF";
+# This makefile has been automatically generated from the SSLeay distribution.
+# This single makefile will build the complete SSLeay distribution and
+# by default leave the 'intertesting' output files in .${o}out and the stuff
+# that needs deleting in .${o}tmp.
+# The file was generated by running 'make makefile.one', which
+# does a 'make files', which writes all the environment variables from all
+# the makefiles to the file call MINFO. This file is used by
+# util${o}mk1mf.pl to generate makefile.one.
+# The 'makefile per directory' system suites me when developing this
+# library and also so I can 'distribute' indervidual library sections.
+# The one monster makefile better suits building in non-unix
+# environments.
+
+INSTALLTOP=$INSTALLTOP
+
+# Set your compiler options
+CC=$bin_dir${cc}
+CFLAG=$cflags
+APP_CFLAG=$app_cflag
+LIB_CFLAG=$lib_cflag
+SHLIB_CFLAG=$shl_cflag
+APP_EX_OBJ=$app_ex_obj
+SHLIB_EX_OBJ=$shlib_ex_obj
+# add extra libraries to this define, for solaris -lsocket -lnsl would
+# be added
+EX_LIBS=$ex_libs
+
+# The SSLeay directory
+SRC_D=$src_dir
+
+LINK=$link
+LFLAGS=$lflags
+
+BN_MULW_OBJ=$bn_mulw_obj
+BN_MULW_SRC=$bn_mulw_src
+DES_ENC_OBJ=$des_enc_obj
+DES_ENC_SRC=$des_enc_src
+DES_CRYPT_OBJ=$des_crypt_obj
+DES_CRYPT_SRC=$des_crypt_src
+BF_ENC_OBJ=$bf_enc_obj
+BF_ENC_SRC=$bf_enc_src
+CAST_ENC_OBJ=$cast_enc_obj
+CAST_ENC_SRC=$cast_enc_src
+RC4_ENC_OBJ=$rc4_enc_obj
+RC4_ENC_SRC=$rc4_enc_src
+RC5_ENC_OBJ=$rc5_enc_obj
+RC5_ENC_SRC=$rc5_enc_src
+MD5_ASM_OBJ=$md5_asm_obj
+MD5_ASM_SRC=$md5_asm_src
+SHA1_ASM_OBJ=$sha1_asm_obj
+SHA1_ASM_SRC=$sha1_asm_src
+RMD160_ASM_OBJ=$rmd160_asm_obj
+RMD160_ASM_SRC=$rmd160_asm_src
+
+# The output directory for everything intersting
+OUT_D=$out_dir
+# The output directory for all the temporary muck
+TMP_D=$tmp_dir
+# The output directory for the header files
+INC_D=$inc_dir
+
+CP=$cp
+RM=$rm
+RANLIB=$ranlib
+MKDIR=mkdir
+MKLIB=$bin_dir$mklib
+MLFLAGS=$mlflags
+ASM=$bin_dir$asm
+
+######################################################
+# You should not need to touch anything below this point
+######################################################
+
+E_EXE=ssleay
+SSL=$ssl
+CRYPTO=$crypto
+RSAGLUE=$RSAglue
+
+# BIN_D - Binary output directory
+# TEST_D - Binary test file output directory
+# LIB_D - library output directory
+BIN_D=\$(OUT_D)
+TEST_D=\$(OUT_D)
+LIB_D=\$(OUT_D)
+
+# INCL_D - local library directory
+# OBJ_D - temp object file directory
+OBJ_D=\$(TMP_D)
+INCL_D=\$(TMP_D)
+
+O_SSL= \$(LIB_D)$o$plib\$(SSL)$shlibp
+O_CRYPTO= \$(LIB_D)$o$plib\$(CRYPTO)$shlibp
+O_RSAGLUE= \$(LIB_D)$o$plib\$(RSAGLUE)$libp
+SO_SSL= $plib\$(SSL)$so_shlibp
+SO_CRYPTO= $plib\$(CRYPTO)$so_shlibp
+L_SSL= \$(LIB_D)$o\$(SSL)$libp
+L_CRYPTO= \$(LIB_D)$o\$(CRYPTO)$libp
+
+L_LIBS= \$(L_SSL) \$(L_CRYPTO)
+#L_LIBS= \$(O_SSL) \$(O_RSAGLUE) -lrsaref \$(O_CRYPTO)
+
+######################################################
+# Don't touch anything below this point
+######################################################
+
+INC=-I\$(INC_D) -I\$(INCL_D)
+APP_CFLAGS=\$(INC) \$(CFLAG) \$(APP_CFLAG)
+LIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG)
+SHLIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG) \$(SHLIB_CFLAG)
+LIBS_DEP=\$(O_CRYPTO) \$(O_RSAGLUE) \$(O_SSL)
+
+#############################################
+EOF
+
+$rules=<<"EOF";
+all: banner \$(TMP_D) \$(BIN_D) \$(TEST_D) \$(LIB_D) \$(INC_D) headers lib exe
+
+banner:
+$banner
+
+\$(TMP_D):
+ \$(MKDIR) \$(TMP_D)
+
+\$(BIN_D):
+ \$(MKDIR) \$(BIN_D)
+
+\$(TEST_D):
+ \$(MKDIR) \$(TEST_D)
+
+\$(LIB_D):
+ \$(MKDIR) \$(LIB_D)
+
+\$(INC_D):
+ \$(MKDIR) \$(INC_D)
+
+headers: \$(HEADER) \$(EXHEADER)
+
+lib: \$(LIBS_DEP)
+
+exe: \$(T_EXE) \$(BIN_D)$o\$(E_EXE)$exep
+
+install:
+ \$(MKDIR) \$(INSTALLTOP)
+ \$(MKDIR) \$(INSTALLTOP)${o}bin
+ \$(MKDIR) \$(INSTALLTOP)${o}include
+ \$(MKDIR) \$(INSTALLTOP)${o}lib
+ \$(CP) \$(INC_D)${o}*.\[ch\] \$(INSTALLTOP)${o}include
+ \$(CP) \$(BIN_D)$o\$(E_EXE)$exep \$(INSTALLTOP)${o}bin
+ \$(CP) \$(O_SSL) \$(INSTALLTOP)${o}lib
+ \$(CP) \$(O_CRYPTO) \$(INSTALLTOP)${o}lib
+
+clean:
+ \$(RM) \$(TMP_D)$o*.*
+
+vclean:
+ \$(RM) \$(TMP_D)$o*.*
+ \$(RM) \$(OUT_D)$o*.*
+
+EOF
+
+#############################################
+# We parse in input file and 'store' info for later printing.
+open(IN,"<$infile") || die "unable to open $infile:$!\n";
+$_=<IN>;
+for (;;)
+ {
+ chop;
+
+ ($key,$val)=/^([^=]+)=(.*)/;
+ if ($key eq "RELATIVE_DIRECTORY")
+ {
+ if ($lib ne "")
+ {
+ $uc=$lib;
+ $uc =~ s/^lib(.*)\.a/$1/;
+ $uc =~ tr/a-z/A-Z/;
+ $lib_nam{$uc}=$uc;
+ $lib_obj{$uc}.=$libobj." ";
+ }
+ last if ($val eq "FINISHED");
+ $lib="";
+ $libobj="";
+ $dir=$val;
+ }
+
+ if ($key eq "TEST")
+ { $test.=&var_add($dir,$val); }
+
+ if (($key eq "PROGS") || ($key eq "E_OBJ"))
+ { $e_exe.=&var_add($dir,$val); }
+
+ if ($key eq "LIB")
+ {
+ $lib=$val;
+ $lib =~ s/^.*\/([^\/]+)$/$1/;
+ }
+
+ if ($key eq "EXHEADER")
+ { $exheader.=&var_add($dir,$val); }
+
+ if ($key eq "HEADER")
+ { $header.=&var_add($dir,$val); }
+
+ if ($key eq "LIBOBJ")
+ { $libobj=&var_add($dir,$val); }
+
+ if (!($_=<IN>))
+ { $_="RELATIVE_DIRECTORY=FINISHED\n"; }
+ }
+close(IN);
+
+# Strip of trailing ' '
+foreach (keys %lib_obj) { $lib_obj{$_}=&clean_up_ws($lib_obj{$_}); }
+$test=&clean_up_ws($test);
+$e_exe=&clean_up_ws($e_exe);
+$exheader=&clean_up_ws($exheader);
+$header=&clean_up_ws($header);
+
+# First we strip the exheaders from the headers list
+foreach (split(/\s+/,$exheader)){ $h{$_}=1; }
+foreach (split(/\s+/,$header)) { $h.=$_." " unless $h{$_}; }
+chop($h); $header=$h;
+
+$defs.=&do_defs("HEADER",$header,"\$(INCL_D)",".h");
+$rules.=&do_copy_rule("\$(INCL_D)",$header,".h");
+
+$defs.=&do_defs("EXHEADER",$exheader,"\$(INC_D)",".h");
+$rules.=&do_copy_rule("\$(INC_D)",$exheader,".h");
+
+$defs.=&do_defs("T_OBJ",$test,"\$(OBJ_D)",$obj);
+$rules.=&do_compile_rule("\$(OBJ_D)",$test,"\$(APP_CFLAGS)");
+
+$defs.=&do_defs("E_OBJ",$e_exe,"\$(OBJ_D)",$obj);
+$rules.=&do_compile_rule("\$(OBJ_D)",$e_exe,'-DMONOLITH $(APP_CFLAGS)');
+
+foreach (values %lib_nam)
+ {
+ $lib_obj=$lib_obj{$_};
+ local($slib)=$shlib;
+
+ $slib=0 if ($_ eq "RSAGLUE");
+
+ if (($_ eq "SSL") && $no_ssl2 && $no_ssl3)
+ {
+ $rules.="\$(O_SSL):\n\n";
+ next;
+ }
+
+ if (($_ eq "RSAGLUE") && $no_rsa)
+ {
+ $rules.="\$(O_RSAGLUE):\n\n";
+ next;
+ }
+
+ if (($bn_mulw_obj ne "") && ($_ eq "CRYPTO"))
+ {
+ $lib_obj =~ s/\s\S*\/bn_mulw\S*/ \$(BN_MULW_OBJ)/;
+ $rules.=&do_asm_rule($bn_mulw_obj,$bn_mulw_src);
+ }
+ if (($des_enc_obj ne "") && ($_ eq "CRYPTO"))
+ {
+ $lib_obj =~ s/\s\S*des_enc\S*/ \$(DES_ENC_OBJ)/;
+ $lib_obj =~ s/\s\S*\/fcrypt_b\S*\s*/ /;
+ $rules.=&do_asm_rule($des_enc_obj,$des_enc_src);
+ }
+ if (($bf_enc_obj ne "") && ($_ eq "CRYPTO"))
+ {
+ $lib_obj =~ s/\s\S*\/bf_enc\S*/ \$(BF_ENC_OBJ)/;
+ $rules.=&do_asm_rule($bf_enc_obj,$bf_enc_src);
+ }
+ if (($cast_enc_obj ne "") && ($_ eq "CRYPTO"))
+ {
+ $lib_obj =~ s/(\s\S*\/c_enc\S*)/ \$(CAST_ENC_OBJ)/;
+ $rules.=&do_asm_rule($cast_enc_obj,$cast_enc_src);
+ }
+ if (($rc4_enc_obj ne "") && ($_ eq "CRYPTO"))
+ {
+ $lib_obj =~ s/\s\S*\/rc4_enc\S*/ \$(RC4_ENC_OBJ)/;
+ $rules.=&do_asm_rule($rc4_enc_obj,$rc4_enc_src);
+ }
+ if (($rc5_enc_obj ne "") && ($_ eq "CRYPTO"))
+ {
+ $lib_obj =~ s/\s\S*\/rc5_enc\S*/ \$(RC5_ENC_OBJ)/;
+ $rules.=&do_asm_rule($rc5_enc_obj,$rc5_enc_src);
+ }
+ if (($md5_asm_obj ne "") && ($_ eq "CRYPTO"))
+ {
+ $lib_obj =~ s/\s(\S*\/md5_dgst\S*)/ $1 \$(MD5_ASM_OBJ)/;
+ $rules.=&do_asm_rule($md5_asm_obj,$md5_asm_src);
+ }
+ if (($sha1_asm_obj ne "") && ($_ eq "CRYPTO"))
+ {
+ $lib_obj =~ s/\s(\S*\/sha1dgst\S*)/ $1 \$(SHA1_ASM_OBJ)/;
+ $rules.=&do_asm_rule($sha1_asm_obj,$sha1_asm_src);
+ }
+ if (($rmd160_asm_obj ne "") && ($_ eq "CRYPTO"))
+ {
+ $lib_obj =~ s/\s(\S*\/rmd_dgst\S*)/ $1 \$(RMD160_ASM_OBJ)/;
+ $rules.=&do_asm_rule($rmd160_asm_obj,$rmd160_asm_src);
+ }
+ $defs.=&do_defs(${_}."OBJ",$lib_obj,"\$(OBJ_D)",$obj);
+ $lib=($slib)?" \$(SHLIB_CFLAGS)":" \$(LIB_CFLAGS)";
+ $rules.=&do_compile_rule("\$(OBJ_D)",$lib_obj{$_},$lib);
+ }
+
+$defs.=&do_defs("T_EXE",$test,"\$(TEST_D)",$exep);
+foreach (split(/\s+/,$test))
+ {
+ $t=&bname($_);
+ $tt="\$(OBJ_D)${o}$t${obj}";
+ $rules.=&do_link_rule("\$(TEST_D)$o$t$exep",$tt,"\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)");
+ }
+
+$rules.= &do_lib_rule("\$(SSLOBJ)","\$(O_SSL)",$ssl,$shlib,"\$(SO_SSL)");
+$rules.= &do_lib_rule("\$(RSAGLUEOBJ)","\$(O_RSAGLUE)",$RSAglue,0,"")
+ unless $no_rsa;
+$rules.= &do_lib_rule("\$(CRYPTOOBJ)","\$(O_CRYPTO)",$crypto,$shlib,"\$(SO_CRYPTO)");
+
+$rules.=&do_link_rule("\$(BIN_D)$o\$(E_EXE)$exep","\$(E_OBJ)","\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)");
+
+print $defs;
+print "###################################################################\n";
+print $rules;
+
+###############################################
+# strip off any trailing .[och] and append the relative directory
+# also remembering to do nothing if we are in one of the dropped
+# directories
+sub var_add
+ {
+ local($dir,$val)=@_;
+ local(@a,$_,$ret);
+
+ return("") if $no_idea && $dir =~ /\/idea/;
+ return("") if $no_rc2 && $dir =~ /\/rc2/;
+ return("") if $no_rc4 && $dir =~ /\/rc4/;
+ return("") if $no_rc5 && $dir =~ /\/rc5/;
+ return("") if $no_rsa && $dir =~ /\/rsa/;
+ return("") if $no_rsa && $dir =~ /^rsaref/;
+ return("") if $no_dsa && $dir =~ /\/dsa/;
+ return("") if $no_dh && $dir =~ /\/dh/;
+ if ($no_des && $dir =~ /\/des/)
+ {
+ if ($val =~ /read_pwd/)
+ { return("$dir/read_pwd "); }
+ else
+ { return(""); }
+ }
+ return("") if $no_mdc2 && $dir =~ /\/mdc2/;
+ return("") if $no_sock && $dir =~ /\/proxy/;
+ return("") if $no_bf && $dir =~ /\/bf/;
+ return("") if $no_cast && $dir =~ /\/cast/;
+
+ $val =~ s/^\s*(.*)\s*$/$1/;
+ @a=split(/\s+/,$val);
+ grep(s/\.[och]$//,@a);
+
+ @a=grep(!/^e_.*_3d$/,@a) if $no_des;
+ @a=grep(!/^e_.*_d$/,@a) if $no_des;
+ @a=grep(!/^e_.*_i$/,@a) if $no_idea;
+ @a=grep(!/^e_.*_r2$/,@a) if $no_rc2;
+ @a=grep(!/^e_.*_r5$/,@a) if $no_rc5;
+ @a=grep(!/^e_.*_bf$/,@a) if $no_bf;
+ @a=grep(!/^e_.*_c$/,@a) if $no_cast;
+ @a=grep(!/^e_rc4$/,@a) if $no_rc4;
+
+ @a=grep(!/(^s2_)|(^s23_)/,@a) if $no_ssl2;
+ @a=grep(!/(^s3_)|(^s23_)/,@a) if $no_ssl3;
+
+ @a=grep(!/(_sock$)|(_acpt$)|(_conn$)|(^pxy_)/,@a) if $no_sock;
+
+ @a=grep(!/(^md2)|(_md2$)/,@a) if $no_md2;
+ @a=grep(!/(^md5)|(_md5$)/,@a) if $no_md5;
+
+ @a=grep(!/(^d2i_r_)|(^i2d_r_)/,@a) if $no_rsa;
+ @a=grep(!/(^p_open$)|(^p_seal$)/,@a) if $no_rsa;
+ @a=grep(!/(^pem_seal$)/,@a) if $no_rsa;
+
+ @a=grep(!/(m_dss$)|(m_dss1$)/,@a) if $no_dsa;
+ @a=grep(!/(^d2i_s_)|(^i2d_s_)|(_dsap$)/,@a) if $no_dsa;
+
+ @a=grep(!/^n_pkey$/,@a) if $no_rsa || $no_rc4;
+
+ @a=grep(!/_dhp$/,@a) if $no_dh;
+
+ @a=grep(!/(^sha[^1])|(_sha$)|(m_dss$)/,@a) if $no_sha;
+ @a=grep(!/(^sha1)|(_sha1$)|(m_dss1$)/,@a) if $no_sha1;
+ @a=grep(!/_mdc2$/,@a) if $no_mdc2;
+
+ @a=grep(!/(^rsa$)|(^genrsa$)|(^req$)|(^ca$)/,@a) if $no_rsa;
+ @a=grep(!/(^dsa$)|(^gendsa$)|(^dsaparam$)/,@a) if $no_dsa;
+ @a=grep(!/^gendsa$/,@a) if $no_sha1;
+ @a=grep(!/(^dh$)|(^gendh$)/,@a) if $no_dh;
+
+ @a=grep(!/(^dh)|(_sha1$)|(m_dss1$)/,@a) if $no_sha1;
+
+ grep($_="$dir/$_",@a);
+ @a=grep(!/(^|\/)s_/,@a) if $no_sock;
+ @a=grep(!/(^|\/)bio_sock/,@a) if $no_sock;
+ $ret=join(' ',@a)." ";
+ return($ret);
+ }
+
+# change things so that each 'token' is only separated by one space
+sub clean_up_ws
+ {
+ local($w)=@_;
+
+ $w =~ s/^\s*(.*)\s*$/$1/;
+ $w =~ s/\s+/ /g;
+ return($w);
+ }
+
+sub do_defs
+ {
+ local($var,$files,$location,$postfix)=@_;
+ local($_,$ret,$pf);
+ local(*OUT,$tmp,$t);
+
+ $files =~ s/\//$o/g if $o ne '/';
+ $ret="$var=";
+ $n=1;
+ $Vars{$var}.="";
+ foreach (split(/ /,$files))
+ {
+ $orig=$_;
+ $_=&bname($_) unless /^\$/;
+ if ($n++ == 2)
+ {
+ $n=0;
+ $ret.="\\\n\t";
+ }
+ if (($_ =~ /bss_file/) && ($postfix eq ".h"))
+ { $pf=".c"; }
+ else { $pf=$postfix; }
+ if ($_ =~ /BN_MULW/) { $t="$_ "; }
+ elsif ($_ =~ /DES_ENC/) { $t="$_ "; }
+ elsif ($_ =~ /BF_ENC/) { $t="$_ "; }
+ elsif ($_ =~ /CAST_ENC/){ $t="$_ "; }
+ elsif ($_ =~ /RC4_ENC/) { $t="$_ "; }
+ elsif ($_ =~ /RC5_ENC/) { $t="$_ "; }
+ elsif ($_ =~ /MD5_ASM/) { $t="$_ "; }
+ elsif ($_ =~ /SHA1_ASM/){ $t="$_ "; }
+ elsif ($_ =~ /RMD160_ASM/){ $t="$_ "; }
+ else { $t="$location${o}$_$pf "; }
+
+ $Vars{$var}.="$t ";
+ $ret.=$t;
+ }
+ chop($ret);
+ $ret.="\n\n";
+ return($ret);
+ }
+
+# return the name with the leading path removed
+sub bname
+ {
+ local($ret)=@_;
+ $ret =~ s/^.*[\\\/]([^\\\/]+)$/$1/;
+ return($ret);
+ }
+
+# do a rule for each file that says 'copy' to new direcory on change
+sub do_copy_rule
+ {
+ local($to,$files,$p)=@_;
+ local($ret,$_,$n,$pp);
+
+ $files =~ s/\//$o/g if $o ne '/';
+ foreach (split(/\s+/,$files))
+ {
+ $n=&bname($_);
+ if ($n =~ /bss_file/)
+ { $pp=".c"; }
+ else { $pp=$p; }
+ $ret.="$to${o}$n$pp: \$(SRC_D)$o$_$pp\n\t\$(CP) \$(SRC_D)$o$_$pp $to${o}$n$pp\n\n";
+ }
+ return($ret);
+ }
+
+##############################################################
+# do a rule for each file that says 'compile' to new direcory
+# compile the files in '$files' into $to
+sub do_compile_rule
+ {
+ local($to,$files,$ex)=@_;
+ local($ret,$_,$n);
+
+ $files =~ s/\//$o/g if $o ne '/';
+ foreach (split(/\s+/,$files))
+ {
+ $n=&bname($_);
+ $ret.=&cc_compile_target("$to${o}$n$obj","${_}.c",$ex)
+ }
+ return($ret);
+ }
+
+##############################################################
+# do a rule for each file that says 'compile' to new direcory
+sub cc_compile_target
+ {
+ local($target,$source,$ex_flags)=@_;
+ local($ret);
+
+ # EAY EAY
+ $ex_flags.=' -DCFLAGS="\"$(CC) $(CFLAG)\""' if ($source =~ /cversion/);
+ $target =~ s/\//$o/g if $o ne "/";
+ $source =~ s/\//$o/g if $o ne "/";
+ $ret ="$target: \$(SRC_D)$o$source\n\t";
+ $ret.="\$(CC) ${ofile}$target $ex_flags -c \$(SRC_D)$o$source\n\n";
+ return($ret);
+ }
+
+##############################################################
+sub do_asm_rule
+ {
+ local($target,$src)=@_;
+ local($ret,@s,@t,$i);
+
+ $target =~ s/\//$o/g if $o ne "/";
+ $src =~ s/\//$o/g if $o ne "/";
+
+ @s=split(/\s+/,$src);
+ @t=split(/\s+/,$target);
+
+ for ($i=0; $i<=$#s; $i++)
+ {
+ $ret.="$t[$i]: $s[$i]\n";
+ $ret.="\t\$(ASM) $afile$t[$i] \$(SRC_D)$o$s[$i]\n\n";
+ }
+ return($ret);
+ }
+
+sub do_shlib_rule
+ {
+ local($n,$def)=@_;
+ local($ret,$nn);
+ local($t);
+
+ ($nn=$n) =~ tr/a-z/A-Z/;
+ $ret.="$n.dll: \$(${nn}OBJ)\n";
+ if ($vc && $w32)
+ {
+ $ret.="\t\$(MKSHLIB) $efile$n.dll $def @<<\n \$(${nn}OBJ_F)\n<<\n";
+ }
+ $ret.="\n";
+ return($ret);
+ }
+
diff --git a/src/lib/libcrypto/util/mkcerts.sh b/src/lib/libcrypto/util/mkcerts.sh
new file mode 100644
index 0000000000..5f8a1dae73
--- /dev/null
+++ b/src/lib/libcrypto/util/mkcerts.sh
@@ -0,0 +1,220 @@
+#!bin/sh
+
+# This script will re-make all the required certs.
+# cd apps
+# sh ../util/mkcerts.sh
+# mv ca-cert.pem pca-cert.pem ../certs
+# cd ..
+# cat certs/*.pem >>apps/server.pem
+# cat certs/*.pem >>apps/server2.pem
+# SSLEAY=`pwd`/apps/ssleay; export SSLEAY
+# sh tools/c_rehash certs
+#
+
+CAbits=1024
+SSLEAY="../apps/ssleay"
+CONF="-config ../apps/ssleay.cnf"
+
+# create pca request.
+echo creating $CAbits bit PCA cert request
+$SSLEAY req $CONF \
+ -new -md5 -newkey $CAbits \
+ -keyout pca-key.pem \
+ -out pca-req.pem -nodes >/dev/null <<EOF
+AU
+Queensland
+.
+CryptSoft Pty Ltd
+.
+Test PCA (1024 bit)
+
+
+
+EOF
+
+if [ $? != 0 ]; then
+ echo problems generating PCA request
+ exit 1
+fi
+
+#sign it.
+echo
+echo self signing PCA
+$SSLEAY x509 -md5 -days 1461 \
+ -req -signkey pca-key.pem \
+ -CAcreateserial -CAserial pca-cert.srl \
+ -in pca-req.pem -out pca-cert.pem
+
+if [ $? != 0 ]; then
+ echo problems self signing PCA cert
+ exit 1
+fi
+echo
+
+# create ca request.
+echo creating $CAbits bit CA cert request
+$SSLEAY req $CONF \
+ -new -md5 -newkey $CAbits \
+ -keyout ca-key.pem \
+ -out ca-req.pem -nodes >/dev/null <<EOF
+AU
+Queensland
+.
+CryptSoft Pty Ltd
+.
+Test CA (1024 bit)
+
+
+
+EOF
+
+if [ $? != 0 ]; then
+ echo problems generating CA request
+ exit 1
+fi
+
+#sign it.
+echo
+echo signing CA
+$SSLEAY x509 -md5 -days 1461 \
+ -req \
+ -CAcreateserial -CAserial pca-cert.srl \
+ -CA pca-cert.pem -CAkey pca-key.pem \
+ -in ca-req.pem -out ca-cert.pem
+
+if [ $? != 0 ]; then
+ echo problems signing CA cert
+ exit 1
+fi
+echo
+
+# create server request.
+echo creating 512 bit server cert request
+$SSLEAY req $CONF \
+ -new -md5 -newkey 512 \
+ -keyout s512-key.pem \
+ -out s512-req.pem -nodes >/dev/null <<EOF
+AU
+Queensland
+.
+CryptSoft Pty Ltd
+.
+Server test cert (512 bit)
+
+
+
+EOF
+
+if [ $? != 0 ]; then
+ echo problems generating 512 bit server cert request
+ exit 1
+fi
+
+#sign it.
+echo
+echo signing 512 bit server cert
+$SSLEAY x509 -md5 -days 365 \
+ -req \
+ -CAcreateserial -CAserial ca-cert.srl \
+ -CA ca-cert.pem -CAkey ca-key.pem \
+ -in s512-req.pem -out server.pem
+
+if [ $? != 0 ]; then
+ echo problems signing 512 bit server cert
+ exit 1
+fi
+echo
+
+# create 1024 bit server request.
+echo creating 1024 bit server cert request
+$SSLEAY req $CONF \
+ -new -md5 -newkey 1024 \
+ -keyout s1024key.pem \
+ -out s1024req.pem -nodes >/dev/null <<EOF
+AU
+Queensland
+.
+CryptSoft Pty Ltd
+.
+Server test cert (1024 bit)
+
+
+
+EOF
+
+if [ $? != 0 ]; then
+ echo problems generating 1024 bit server cert request
+ exit 1
+fi
+
+#sign it.
+echo
+echo signing 1024 bit server cert
+$SSLEAY x509 -md5 -days 365 \
+ -req \
+ -CAcreateserial -CAserial ca-cert.srl \
+ -CA ca-cert.pem -CAkey ca-key.pem \
+ -in s1024req.pem -out server2.pem
+
+if [ $? != 0 ]; then
+ echo problems signing 1024 bit server cert
+ exit 1
+fi
+echo
+
+# create 512 bit client request.
+echo creating 512 bit client cert request
+$SSLEAY req $CONF \
+ -new -md5 -newkey 512 \
+ -keyout c512-key.pem \
+ -out c512-req.pem -nodes >/dev/null <<EOF
+AU
+Queensland
+.
+CryptSoft Pty Ltd
+.
+Client test cert (512 bit)
+
+
+
+EOF
+
+if [ $? != 0 ]; then
+ echo problems generating 512 bit client cert request
+ exit 1
+fi
+
+#sign it.
+echo
+echo signing 512 bit client cert
+$SSLEAY x509 -md5 -days 365 \
+ -req \
+ -CAcreateserial -CAserial ca-cert.srl \
+ -CA ca-cert.pem -CAkey ca-key.pem \
+ -in c512-req.pem -out client.pem
+
+if [ $? != 0 ]; then
+ echo problems signing 512 bit client cert
+ exit 1
+fi
+
+echo cleanup
+
+cat pca-key.pem >> pca-cert.pem
+cat ca-key.pem >> ca-cert.pem
+cat s512-key.pem >> server.pem
+cat s1024key.pem >> server2.pem
+cat c512-key.pem >> client.pem
+
+for i in pca-cert.pem ca-cert.pem server.pem server2.pem client.pem
+do
+$SSLEAY x509 -issuer -subject -in $i -noout >$$
+cat $$
+/bin/cat $i >>$$
+/bin/mv $$ $i
+done
+
+#/bin/rm -f *key.pem *req.pem *.srl
+
+echo Finished
+
diff --git a/src/lib/libcrypto/util/mkdef.pl b/src/lib/libcrypto/util/mkdef.pl
new file mode 100644
index 0000000000..8124f11292
--- /dev/null
+++ b/src/lib/libcrypto/util/mkdef.pl
@@ -0,0 +1,292 @@
+#!/usr/bin/perl
+#
+# generate a .def file
+#
+# It does this by parsing the header files and looking for the
+# non-prototyped functions.
+#
+
+$crypto_num="util/libeay.num";
+$ssl_num= "util/ssleay.num";
+
+$NT=1;
+foreach (@ARGV)
+ {
+ $NT=1 if $_ eq "32";
+ $NT=0 if $_ eq "16";
+ $do_ssl=1 if $_ eq "ssleay";
+ $do_crypto=1 if $_ eq "libeay";
+ }
+
+if (!$do_ssl && !$do_crypto)
+ {
+ print STDERR "usage: $0 ( ssl | crypto ) [ 16 | 32 ]\n";
+ exit(1);
+ }
+
+%ssl_list=&load_numbers($ssl_num);
+%crypto_list=&load_numbers($crypto_num);
+
+$ssl="ssl/ssl.h";
+
+$crypto ="crypto/crypto.h";
+$crypto.=" crypto/des/des.h";
+$crypto.=" crypto/idea/idea.h";
+$crypto.=" crypto/rc4/rc4.h";
+$crypto.=" crypto/rc5/rc5.h";
+$crypto.=" crypto/rc2/rc2.h";
+$crypto.=" crypto/bf/blowfish.h";
+$crypto.=" crypto/cast/cast.h";
+$crypto.=" crypto/md2/md2.h";
+$crypto.=" crypto/md5/md5.h";
+$crypto.=" crypto/mdc2/mdc2.h";
+$crypto.=" crypto/sha/sha.h";
+$crypto.=" crypto/ripemd/ripemd.h";
+
+$crypto.=" crypto/bn/bn.h";
+$crypto.=" crypto/rsa/rsa.h";
+$crypto.=" crypto/dsa/dsa.h";
+$crypto.=" crypto/dh/dh.h";
+
+$crypto.=" crypto/stack/stack.h";
+$crypto.=" crypto/buffer/buffer.h";
+$crypto.=" crypto/bio/bio.h";
+$crypto.=" crypto/lhash/lhash.h";
+$crypto.=" crypto/conf/conf.h";
+$crypto.=" crypto/txt_db/txt_db.h";
+
+$crypto.=" crypto/evp/evp.h";
+$crypto.=" crypto/objects/objects.h";
+$crypto.=" crypto/pem/pem.h";
+#$crypto.=" crypto/meth/meth.h";
+$crypto.=" crypto/asn1/asn1.h";
+$crypto.=" crypto/asn1/asn1_mac.h";
+$crypto.=" crypto/err/err.h";
+$crypto.=" crypto/pkcs7/pkcs7.h";
+$crypto.=" crypto/x509/x509.h";
+$crypto.=" crypto/x509/x509_vfy.h";
+$crypto.=" crypto/rand/rand.h";
+$crypto.=" crypto/hmac/hmac.h";
+
+$match{'NOPROTO'}=1;
+$match2{'PERL5'}=1;
+
+&print_def_file(*STDOUT,"SSLEAY",*ssl_list,&do_defs("SSLEAY",$ssl))
+ if $do_ssl == 1;
+
+&print_def_file(*STDOUT,"LIBEAY",*crypto_list,&do_defs("LIBEAY",$crypto))
+ if $do_crypto == 1;
+
+sub do_defs
+ {
+ local($name,$files)=@_;
+ local(@ret);
+
+ $off=-1;
+ foreach $file (split(/\s+/,$files))
+ {
+# print STDERR "reading $file\n";
+ open(IN,"<$file") || die "unable to open $file:$!\n";
+ $depth=0;
+ $pr=-1;
+ @np="";
+ $/=undef;
+ $a=<IN>;
+ while (($i=index($a,"/*")) >= 0)
+ {
+ $j=index($a,"*/");
+ break unless ($j >= 0);
+ $a=substr($a,0,$i).substr($a,$j+2);
+ # print "$i $j\n";
+ }
+ foreach (split("\n",$a))
+ {
+ if (/^\#\s*ifndef (.*)/)
+ {
+ push(@tag,$1);
+ $tag{$1}=-1;
+ next;
+ }
+ elsif (/^\#\s*if !defined\(([^\)]+)\)/)
+ {
+ push(@tag,$1);
+ $tag{$1}=-1;
+ next;
+ }
+ elsif (/^\#\s*ifdef (.*)/)
+ {
+ push(@tag,$1);
+ $tag{$1}=1;
+ next;
+ }
+ elsif (/^\#\s*if defined(.*)/)
+ {
+ push(@tag,$1);
+ $tag{$1}=1;
+ next;
+ }
+ elsif (/^\#\s*endif/)
+ {
+ $tag{$tag[$#tag]}=0;
+ pop(@tag);
+ next;
+ }
+ elsif (/^\#\s*else/)
+ {
+ $t=$tag[$#tag];
+ $tag{$t}= -$tag{$t};
+ next;
+ }
+#printf STDERR "$_\n%2d %2d %2d %2d %2d $NT\n",
+#$tag{'NOPROTO'},$tag{'FreeBSD'},$tag{'WIN16'},$tag{'PERL5'},$tag{'NO_FP_API'};
+
+ $t=undef;
+ if (/^extern .*;$/)
+ { $t=&do_extern($name,$_); }
+ elsif ( ($tag{'NOPROTO'} == 1) &&
+ ($tag{'FreeBSD'} != 1) &&
+ (($NT && ($tag{'WIN16'} != 1)) ||
+ (!$NT && ($tag{'WIN16'} != -1))) &&
+ ($tag{'PERL5'} != 1) &&
+# ($tag{'_WINDLL'} != -1) &&
+ ((!$NT && $tag{'_WINDLL'} != -1) ||
+ ($NT && $tag{'_WINDLL'} != 1)) &&
+ ((($tag{'NO_FP_API'} != 1) && $NT) ||
+ (($tag{'NO_FP_API'} != -1) && !$NT)))
+ { $t=&do_line($name,$_); }
+ else
+ { $t=undef; }
+ if (($t ne undef) && (!$done{$name,$t}))
+ {
+ $done{$name,$t}++;
+ push(@ret,$t);
+#printf STDERR "one:$t\n" if $t =~ /BIO_/;
+ }
+ }
+ close(IN);
+ }
+ return(@ret);
+ }
+
+sub do_line
+ {
+ local($file,$_)=@_;
+ local($n);
+
+ return(undef) if /^$/;
+ return(undef) if /^\s/;
+#printf STDERR "two:$_\n" if $_ =~ /BIO_/;
+ if (/(CRYPTO_get_locking_callback)/)
+ { return($1); }
+ elsif (/(CRYPTO_get_id_callback)/)
+ { return($1); }
+ elsif (/(CRYPTO_get_add_lock_callback)/)
+ { return($1); }
+ elsif (/(SSL_CTX_get_verify_callback)/)
+ { return($1); }
+ elsif (/(SSL_get_info_callback)/)
+ { return($1); }
+ elsif ((!$NT) && /(ERR_load_CRYPTO_strings)/)
+ { return("ERR_load_CRYPTOlib_strings"); }
+ elsif (!$NT && /BIO_s_file/)
+ { return(undef); }
+ elsif (!$NT && /BIO_new_file/)
+ { return(undef); }
+ elsif (!$NT && /BIO_new_fp/)
+ { return(undef); }
+ elsif ($NT && /BIO_s_file_internal/)
+ { return(undef); }
+ elsif ($NT && /BIO_new_file_internal/)
+ { return(undef); }
+ elsif ($NT && /BIO_new_fp_internal/)
+ { return(undef); }
+ else
+ {
+ /\s\**(\S+)\s*\(/;
+ return($1);
+ }
+ }
+
+sub do_extern
+ {
+ local($file,$_)=@_;
+ local($n);
+
+ /\s\**(\S+);$/;
+ return($1);
+ }
+
+sub print_def_file
+ {
+ local(*OUT,$name,*nums,@functions)=@_;
+ local($n)=1;
+
+ if ($NT)
+ { $name.="32"; }
+ else
+ { $name.="16"; }
+
+ print OUT <<"EOF";
+;
+; Definition file for the DDL version of the $name library from SSLeay
+;
+
+LIBRARY $name
+
+DESCRIPTION 'SSLeay $name - eay\@cryptsoft.com'
+
+EOF
+
+ if (!$NT)
+ {
+ print <<"EOF";
+CODE PRELOAD MOVEABLE
+DATA PRELOAD MOVEABLE SINGLE
+
+EXETYPE WINDOWS
+
+HEAPSIZE 4096
+STACKSIZE 8192
+
+EOF
+ }
+
+ print "EXPORTS\n";
+
+
+ (@e)=grep(/^SSLeay/,@functions);
+ (@r)=grep(!/^SSLeay/,@functions);
+ @functions=((sort @e),(sort @r));
+
+ foreach $func (@functions)
+ {
+ if (!defined($nums{$func}))
+ {
+ printf STDERR "$func does not have a number assigned\n";
+ }
+ else
+ {
+ $n=$nums{$func};
+ printf OUT " %s%-35s@%d\n",($NT)?"":"_",$func,$n;
+ }
+ }
+ printf OUT "\n";
+ }
+
+sub load_numbers
+ {
+ local($name)=@_;
+ local($j,@a,%ret);
+
+ open(IN,"<$name") || die "unable to open $name:$!\n";
+ while (<IN>)
+ {
+ chop;
+ s/#.*$//;
+ next if /^\s*$/;
+ @a=split;
+ $ret{$a[0]}=$a[1];
+ }
+ close(IN);
+ return(%ret);
+ }
diff --git a/src/lib/libcrypto/util/perlpath.pl b/src/lib/libcrypto/util/perlpath.pl
new file mode 100644
index 0000000000..9e57e10ad4
--- /dev/null
+++ b/src/lib/libcrypto/util/perlpath.pl
@@ -0,0 +1,30 @@
+#!/usr/bin/perl
+#
+# modify the '#!/usr/local/bin/perl'
+# line in all scripts that rely on perl.
+#
+
+require "find.pl";
+
+$#ARGV == 0 || print STDERR "usage: perlpath newpath (eg /usr/bin)\n";
+&find(".");
+
+sub wanted
+ {
+ return unless /\.pl$/ || /^[Cc]onfigur/;
+
+ open(IN,"<$_") || die "unable to open $dir/$_:$!\n";
+ @a=<IN>;
+ close(IN);
+
+ $a[0]="#!$ARGV[0]/perl\n";
+
+ # Playing it safe...
+ $new="$_.new";
+ open(OUT,">$new") || die "unable to open $dir/$new:$!\n";
+ print OUT @a;
+ close(OUT);
+
+ rename($new,$_) || die "unable to rename $dir/$new:$!\n";
+ chmod(0755,$_) || die "unable to chmod $dir/$new:$!\n";
+ }
diff --git a/src/lib/libcrypto/util/pl/BC-16.pl b/src/lib/libcrypto/util/pl/BC-16.pl
new file mode 100644
index 0000000000..7c3fdb68f4
--- /dev/null
+++ b/src/lib/libcrypto/util/pl/BC-16.pl
@@ -0,0 +1,146 @@
+#!/usr/bin/perl
+# VCw16lib.pl - the file for Visual C++ 1.52b for windows, static libraries
+#
+
+$o='\\';
+$cp='copy';
+$rm='del';
+
+# C compiler stuff
+$cc='bcc';
+
+if ($debug)
+ { $op="-v "; }
+else { $op="-O "; }
+
+$cflags="-d -ml $op -DL_ENDIAN";
+# I add the stack opt
+$base_lflags="/c /C";
+$lflags="$base_lflags";
+
+if ($win16)
+ {
+ $shlib=1;
+ $cflags.=" -DWINDOWS -DWIN16";
+ $app_cflag="-W";
+ $lib_cflag="-WD";
+ $lflags.="/Twe";
+ }
+else
+ {
+ $cflags.=" -DMSDOS";
+ $lflags.=" /Tde";
+ }
+
+if ($shlib)
+ {
+ $mlflags=" /Twd $base_lflags"; # stack if defined in .def file
+ $libs="libw ldllcew";
+ $no_asm=1;
+ }
+else
+ { $mlflags=''; }
+
+$obj='.obj';
+$ofile="-o";
+
+# EXE linking stuff
+$link="tlink";
+$efile="";
+$exep='.exe';
+$ex_libs="CL";
+$ex_libs.=$no_sock?"":" winsock.lib";
+
+$app_ex_obj="C0L.obj ";
+$shlib_ex_obj="" if ($shlib);
+
+# static library stuff
+$mklib='tlib';
+$ranlib='echo no ranlib';
+$plib="";
+$libp=".lib";
+$shlibp=($shlib)?".dll":".lib";
+$lfile='';
+
+$asm='bcc -c -B -Tml';
+$afile='/o';
+if ($no_asm)
+ {
+ $bn_mulw_obj='';
+ $bn_mulw_src='';
+ }
+elsif ($asmbits == 32)
+ {
+ $bn_mulw_obj='crypto\bn\asm\x86w32.obj';
+ $bn_mulw_src='crypto\bn\asm\x86w32.asm';
+ }
+else
+ {
+ $bn_mulw_obj='crypto\bn\asm\x86w16.obj';
+ $bn_mulw_src='crypto\bn\asm\x86w16.asm';
+ }
+
+sub do_lib_rule
+ {
+ local($target,$name,$shlib)=@_;
+ local($ret,$Name);
+
+ $taget =~ s/\//$o/g if $o ne '/';
+ ($Name=$name) =~ tr/a-z/A-Z/;
+
+ $ret.="$target: \$(${Name}OBJ)\n";
+ $ret.="\t\$(RM) \$(O_$Name)\n";
+
+ # Due to a pathetic line length limit, I unwrap the args.
+ local($lib_names)="";
+ local($dll_names)="";
+ foreach $_ (sort split(/\s+/,$Vars{"${Name}OBJ"}))
+ {
+ $lib_names.=" +$_ &\n";
+ $dll_names.=" $_\n";
+ }
+
+ if (!$shlib)
+ {
+ $ret.="\t\$(MKLIB) $target & <<|\n$lib_names\n,\n|\n";
+ }
+ else
+ {
+ local($ex)=($Name eq "SSL")?' $(L_CRYPTO) winsock':"";
+ $ret.="\t\$(LINK) \$(MLFLAGS) @&&|\n";
+ $ret.=$dll_names;
+ $ret.="\n $target\n\n $ex $libs\nms$o${name}16.def;\n|\n";
+ ($out_lib=$target) =~ s/O_/L_/;
+ $ret.="\timplib /nowep $out_lib $target\n\n";
+ }
+ $ret.="\n";
+ return($ret);
+ }
+
+sub do_link_rule
+ {
+ local($target,$files,$dep_libs,$libs)=@_;
+ local($ret,$f,$_,@f);
+
+ $file =~ s/\//$o/g if $o ne '/';
+ $n=&bname($targer);
+ $ret.="$target: $files $dep_libs\n";
+ $ret.=" \$(LINK) @&&|";
+
+ # Due to a pathetic line length limit, I have to unwrap the args.
+ $ret.=" \$(LFLAGS) ";
+ if ($files =~ /\(([^)]*)\)$/)
+ {
+ $ret.=" \$(APP_EX_OBJ)";
+ foreach $_ (sort split(/\s+/,$Vars{$1}))
+ { $ret.="\n $r $_ +"; }
+ chop($ret);
+ $ret.="\n";
+ }
+ else
+ { $ret.="\n $r \$(APP_EX_OBJ) $files\n"; }
+ $ret.=" $target\n\n $libs\n\n|\n\n";
+ return($ret);
+ }
+
+1;
diff --git a/src/lib/libcrypto/util/pl/BC-32.pl b/src/lib/libcrypto/util/pl/BC-32.pl
new file mode 100644
index 0000000000..3898d16f61
--- /dev/null
+++ b/src/lib/libcrypto/util/pl/BC-32.pl
@@ -0,0 +1,135 @@
+#!/usr/bin/perl
+# VCw16lib.pl - the file for Visual C++ 1.52b for windows, static libraries
+#
+
+$o='\\';
+$cp='copy';
+$rm='del';
+
+# C compiler stuff
+$cc='bcc32';
+
+if ($debug)
+ { $op="-v "; }
+else { $op="-O "; }
+
+$cflags="-d $op -DL_ENDIAN ";
+# I add the stack opt
+$base_lflags="-c";
+$lflags="$base_lflags";
+
+$cflags.=" -DWINDOWS -DWIN32";
+$app_cflag="-WC";
+$lib_cflag="-WC";
+$lflags.=" -Tpe";
+
+if ($shlib)
+ {
+ $mlflags="$base_lflags -Tpe"; # stack if defined in .def file
+ $libs="libw ldllcew";
+ }
+else
+ { $mlflags=''; }
+
+$obj='.obj';
+$ofile="-o";
+
+# EXE linking stuff
+$link="tlink32";
+$efile="";
+$exep='.exe';
+$ex_libs="CW32.LIB IMPORT32.LIB";
+$ex_libs.=$no_sock?"":" wsock32.lib";
+$shlib_ex_obj="" if $shlib;
+$app_ex_obj="C0X32.OBJ";
+
+# static library stuff
+$mklib='tlib';
+$ranlib='';
+$plib="";
+$libp=".lib";
+$shlibp=($shlib)?".dll":".lib";
+$lfile='';
+
+$asm='ml /Cp /c /Cx';
+$afile='/Fo';
+if ($noasm)
+ {
+ $bn_mulw_obj='';
+ $bn_mulw_src='';
+ }
+else
+ {
+ $bn_mulw_obj='crypto\bn\asm\x86b32.obj';
+ $bn_mulw_src='crypto\bn\asm\x86m32.asm';
+ }
+
+sub do_lib_rule
+ {
+ local($target,$name,$shlib)=@_;
+ local($ret,$Name);
+
+ $taget =~ s/\//$o/g if $o ne '/';
+ ($Name=$name) =~ tr/a-z/A-Z/;
+
+ $ret.="$target: \$(${Name}OBJ)\n";
+ $ret.="\t\$(RM) \$(O_$Name)\n";
+
+ # Due to a pathetic line length limit, I unwrap the args.
+ local($lib_names)="";
+ local($dll_names)="";
+ foreach $_ (sort split(/\s+/,$Vars{"${Name}OBJ"}))
+ {
+ $lib_names.=" +$_ &\n";
+ $dll_names.=" $_\n";
+ }
+
+ if (!$shlib)
+ {
+ $ret.="\t\$(MKLIB) $target & <<|\n$lib_names\n,\n|\n";
+ }
+ else
+ {
+ # $(SHLIB_EX_OBJ)
+ local($ex)=($Name eq "SSL")?' $(L_CRYPTO) winsock':"";
+ $ret.="\t\$(LINK) \$(MLFLAGS) @&&|\n";
+ $ret.=$dll_names;
+ $ret.="\n $target\n\n $ex $libs\nms$o${name}16.def;\n|\n";
+ ($out_lib=$target) =~ s/O_/L_/;
+ $ret.="\timplib /nowep $out_lib $target\n\n";
+ }
+ $ret.="\n";
+ return($ret);
+ }
+
+sub do_link_rule
+ {
+ local($target,$files,$dep_libs,$libs)=@_;
+ local($ret,$f,$_,@f);
+
+ $file =~ s/\//$o/g if $o ne '/';
+ $n=&bname($targer);
+ $ret.="$target: $files $dep_libs\n";
+ $ret.=" \$(LINK) @&&|";
+
+ # Due to a pathetic line length limit, I have to unwrap the args.
+ $r=" \$(LFLAGS) ";
+ if ($files =~ /\(([^)]*)\)$/)
+ {
+ @a=('$(APP_EX_OBJ)');
+ push(@a,sort split(/\s+/,$Vars{$1}));
+ foreach $_ (@a)
+ {
+ $ret.="\n $r $_ +";
+ $r="";
+ }
+ chop($ret);
+ $ret.="\n";
+ }
+ else
+ { $ret.="\n $r \$(APP_EX_OBJ) $files\n"; }
+ $ret.=" $target\n\n $libs\n\n|\n\n";
+ return($ret);
+ }
+
+1;
diff --git a/src/lib/libcrypto/util/pl/VC-16.pl b/src/lib/libcrypto/util/pl/VC-16.pl
new file mode 100644
index 0000000000..a6e6c0241c
--- /dev/null
+++ b/src/lib/libcrypto/util/pl/VC-16.pl
@@ -0,0 +1,173 @@
+#!/usr/bin/perl
+# VCw16lib.pl - the file for Visual C++ 1.52b for windows, static libraries
+#
+
+$ssl= "ssleay16";
+$crypto="libeay16";
+$RSAref="RSAref16";
+
+$o='\\';
+$cp='copy';
+$rm='del';
+
+# C compiler stuff
+$cc='cl';
+
+$out_def="out16";
+$tmp_def="tmp16";
+$inc_def="inc16";
+
+if ($debug)
+ {
+ $op="/Od /Zi /Zd";
+ $base_lflags="/CO";
+ }
+else {
+ $op="/G2 /f- /Ocgnotb2";
+ }
+$base_lflags.=" /FARCALL /NOLOGO /NOD /SEG:1024 /ONERROR:NOEXE /NOE /PACKC:60000";
+if ($win16) { $base_lflags.=" /PACKD:60000"; }
+
+$cflags="/ALw /Gx- /Gt256 /Gf $op /W3 /WX -DL_ENDIAN /nologo";
+# I add the stack opt
+$lflags="$base_lflags /STACK:20000";
+
+if ($win16)
+ {
+ $cflags.=" -DWINDOWS -DWIN16";
+ $app_cflag="/Gw /FPi87";
+ $lib_cflag="/Gw";
+ $lib_cflag.=" -D_WINDLL -D_DLL" if $shlib;
+ $lib_cflag.=" -DWIN16TTY" if !$shlib;
+ $lflags.=" /ALIGN:256";
+ $ex_libs.="oldnames llibcewq libw";
+ }
+else
+ {
+ $no_sock=1;
+ $cflags.=" -DMSDOS";
+ $lflags.=" /EXEPACK";
+ $ex_libs.="oldnames.lib llibce.lib";
+ }
+
+if ($shlib)
+ {
+ $mlflags="$base_lflags";
+ $libs="oldnames ldllcew libw";
+ $shlib_ex_obj="";
+# $no_asm=1;
+ $out_def="out16dll";
+ $tmp_def="tmp16dll";
+ }
+else
+ { $mlflags=''; }
+
+$app_ex_obj="setargv.obj";
+
+$obj='.obj';
+$ofile="/Fo";
+
+# EXE linking stuff
+$link="link";
+$efile="";
+$exep='.exe';
+$ex_libs.=$no_sock?"":" winsock";
+
+# static library stuff
+$mklib='lib /PAGESIZE:1024';
+$ranlib='';
+$plib="";
+$libp=".lib";
+$shlibp=($shlib)?".dll":".lib";
+$lfile='';
+
+$asm='ml /Cp /c /Cx';
+$afile='/Fo';
+
+$bn_mulw_obj='';
+$bn_mulw_src='';
+$des_enc_obj='';
+$des_enc_src='';
+$bf_enc_obj='';
+$bf_enc_src='';
+
+if (!$no_asm)
+ {
+ if ($asmbits == 32)
+ {
+ $bn_mulw_obj='crypto\bn\asm\x86w32.obj';
+ $bn_mulw_src='crypto\bn\asm\x86w32.asm';
+ }
+ else
+ {
+ $bn_mulw_obj='crypto\bn\asm\x86w16.obj';
+ $bn_mulw_src='crypto\bn\asm\x86w16.asm';
+ }
+ }
+
+sub do_lib_rule
+ {
+ local($objs,$target,$name,$shlib)=@_;
+ local($ret,$Name);
+
+ $taget =~ s/\//$o/g if $o ne '/';
+ ($Name=$name) =~ tr/a-z/A-Z/;
+
+# $target="\$(LIB_D)$o$target";
+ $ret.="$target: $objs\n";
+# $ret.="\t\$(RM) \$(O_$Name)\n";
+
+ # Due to a pathetic line length limit, I unwrap the args.
+ local($lib_names)="";
+ local($dll_names)=" \$(SHLIB_EX_OBJ) +\n";
+ ($obj)= ($objs =~ /\((.*)\)/);
+ foreach $_ (sort split(/\s+/,$Vars{$obj}))
+ {
+ $lib_names.="+$_ &\n";
+ $dll_names.=" $_ +\n";
+ }
+
+ if (!$shlib)
+ {
+ $ret.="\tdel $target\n";
+ $ret.="\t\$(MKLIB) @<<\n$target\ny\n$lib_names\n\n<<\n";
+ }
+ else
+ {
+ local($ex)=($target =~ /O_SSL/)?'$(L_CRYPTO)':"";
+ $ex.=' winsock';
+ $ret.="\t\$(LINK) \$(MLFLAGS) @<<\n";
+ $ret.=$dll_names;
+ $ret.="\n $target\n\n $ex $libs\nms$o${name}.def;\n<<\n";
+ ($out_lib=$target) =~ s/O_/L_/;
+ $ret.="\timplib /noignorecase /nowep $out_lib $target\n";
+ }
+ $ret.="\n";
+ return($ret);
+ }
+
+sub do_link_rule
+ {
+ local($target,$files,$dep_libs,$libs)=@_;
+ local($ret,$f,$_,@f);
+
+ $file =~ s/\//$o/g if $o ne '/';
+ $n=&bname($targer);
+ $ret.="$target: $files $dep_libs\n";
+ $ret.=" \$(LINK) \$(LFLAGS) @<<\n";
+
+ # Due to a pathetic line length limit, I have to unwrap the args.
+ if ($files =~ /\(([^)]*)\)$/)
+ {
+ @a=('$(APP_EX_OBJ)');
+ push(@a,sort split(/\s+/,$Vars{$1}));
+ for $_ (@a)
+ { $ret.=" $_ +\n"; }
+ }
+ else
+ { $ret.=" \$(APP_EX_OBJ) $files"; }
+ $ret.="\n $target\n\n $libs\n\n<<\n\n";
+ return($ret);
+ }
+
+1;
diff --git a/src/lib/libcrypto/util/pl/VC-32.pl b/src/lib/libcrypto/util/pl/VC-32.pl
new file mode 100644
index 0000000000..701e282c33
--- /dev/null
+++ b/src/lib/libcrypto/util/pl/VC-32.pl
@@ -0,0 +1,133 @@
+#!/usr/bin/perl
+# VCw32lib.pl - the file for Visual C++ 4.[01] for windows NT, static libraries
+#
+
+$ssl= "ssleay32";
+$crypto="libeay32";
+$RSAref="RSAref32";
+
+$o='\\';
+$cp='copy';
+$rm='del';
+
+# C compiler stuff
+$cc='cl';
+$cflags=' /MD /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DWIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN';
+$lflags="/nologo /subsystem:console /machine:I386 /opt:ref";
+$mlflags='';
+
+$out_def="out32";
+$tmp_def="tmp32";
+$inc_def="inc32";
+
+if ($debug)
+ {
+ $cflags=" /MDd /W3 /WX /Zi /Yd /Od /nologo -DWINDOWS -DWIN32 -D_DEBUG -DL_ENDIAN";
+ $lflags.=" /debug";
+ $mlflags.=' /debug';
+ }
+
+$obj='.obj';
+$ofile="/Fo";
+
+# EXE linking stuff
+$link="link";
+$efile="/out:";
+$exep='.exe';
+if ($no_sock)
+ { $ex_libs=""; }
+else { $ex_libs="wsock32.lib user32.lib gdi32.lib"; }
+
+# static library stuff
+$mklib='lib';
+$ranlib='';
+$plib="";
+$libp=".lib";
+$shlibp=($shlib)?".dll":".lib";
+$lfile='/out:';
+
+$shlib_ex_obj="";
+$app_ex_obj="setargv.obj";
+
+$asm='ml /Cp /coff /c /Cx';
+$asm.=" /Zi" if $debug;
+$afile='/Fo';
+
+$bn_mulw_obj='';
+$bn_mulw_src='';
+$des_enc_obj='';
+$des_enc_src='';
+$bf_enc_obj='';
+$bf_enc_src='';
+
+if (!$no_asm)
+ {
+ $bn_mulw_obj='crypto\bn\asm\bn-win32.obj';
+ $bn_mulw_src='crypto\bn\asm\bn-win32.asm';
+ $des_enc_obj='crypto\des\asm\d-win32.obj crypto\des\asm\y-win32.obj';
+ $des_enc_src='crypto\des\asm\d-win32.asm crypto\des\asm\y-win32.asm';
+ $bf_enc_obj='crypto\bf\asm\b-win32.obj';
+ $bf_enc_src='crypto\bf\asm\b-win32.asm';
+ $cast_enc_obj='crypto\cast\asm\c-win32.obj';
+ $cast_enc_src='crypto\cast\asm\c-win32.asm';
+ $rc4_enc_obj='crypto\rc4\asm\r4-win32.obj';
+ $rc4_enc_src='crypto\rc4\asm\r4-win32.asm';
+ $rc5_enc_obj='crypto\rc5\asm\r5-win32.obj';
+ $rc5_enc_src='crypto\rc5\asm\r5-win32.asm';
+ $md5_asm_obj='crypto\md5\asm\m5-win32.obj';
+ $md5_asm_src='crypto\md5\asm\m5-win32.asm';
+ $sha1_asm_obj='crypto\sha\asm\s1-win32.obj';
+ $sha1_asm_src='crypto\sha\asm\s1-win32.asm';
+ $rmd160_asm_obj='crypto\ripemd\asm\rm-win32.obj';
+ $rmd160_asm_src='crypto\ripemd\asm\rm-win32.asm';
+ $cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM";
+ }
+
+if ($shlib)
+ {
+ $mlflags.=" $lflags /dll";
+# $cflags =~ s| /MD| /MT|;
+ $lib_cflag=" /GD -D_WINDLL -D_DLL";
+ $out_def="out32dll";
+ $tmp_def="tmp32dll";
+ }
+
+sub do_lib_rule
+ {
+ local($objs,$target,$name,$shlib)=@_;
+ local($ret,$Name);
+
+ $taget =~ s/\//$o/g if $o ne '/';
+ ($Name=$name) =~ tr/a-z/A-Z/;
+
+# $target="\$(LIB_D)$o$target";
+ $ret.="$target: $objs\n";
+ if (!$shlib)
+ {
+# $ret.="\t\$(RM) \$(O_$Name)\n";
+ $ret.="\t\$(MKLIB) $lfile$target @<<\n $objs\n<<\n";
+ }
+ else
+ {
+ local($ex)=($target =~ /O_SSL/)?' $(L_CRYPTO)':'';
+ $ex.=' wsock32.lib gdi32.lib';
+ $ret.="\t\$(LINK) \$(MLFLAGS) $efile$target /def:ms/${Name}.def @<<\n \$(SHLIB_EX_OBJ) $objs $ex\n<<\n";
+ }
+ $ret.="\n";
+ return($ret);
+ }
+
+sub do_link_rule
+ {
+ local($target,$files,$dep_libs,$libs)=@_;
+ local($ret,$_);
+
+ $file =~ s/\//$o/g if $o ne '/';
+ $n=&bname($targer);
+ $ret.="$target: $files $dep_libs\n";
+ $ret.=" \$(LINK) \$(LFLAGS) $efile$target @<<\n";
+ $ret.=" \$(APP_EX_OBJ) $files $libs\n<<\n\n";
+ return($ret);
+ }
+
+1;
diff --git a/src/lib/libcrypto/util/pl/linux.pl b/src/lib/libcrypto/util/pl/linux.pl
new file mode 100644
index 0000000000..2b13da1bfc
--- /dev/null
+++ b/src/lib/libcrypto/util/pl/linux.pl
@@ -0,0 +1,96 @@
+#!/usr/bin/perl
+#
+# linux.pl - the standard unix makefile stuff.
+#
+
+$o='/';
+$cp='/bin/cp';
+$rm='/bin/rm -f';
+
+# C compiler stuff
+
+$cc='gcc';
+if ($debug)
+ { $cflags="-g2 -ggdb -DREF_CHECK -DCRYPTO_MDEBUG"; }
+else
+ { $cflags="-O3 -fomit-frame-pointer"; }
+
+if (!$no_asm)
+ {
+ $bn_mulw_obj='$(OBJ_D)/bn86-elf.o';
+ $bn_mulw_src='crypto/bn/asm/bn86unix.cpp';
+ $des_enc_obj='$(OBJ_D)/dx86-elf.o $(OBJ_D)/yx86-elf.o';
+ $des_enc_src='crypto/des/asm/dx86unix.cpp crypto/des/asm/yx86unix.cpp';
+ $bf_enc_obj='$(OBJ_D)/bx86-elf.o';
+ $bf_enc_src='crypto/bf/asm/bx86unix.cpp';
+ $cast_enc_obj='$(OBJ_D)/cx86-elf.o';
+ $cast_enc_src='crypto/cast/asm/cx86unix.cpp';
+ $rc4_enc_obj='$(OBJ_D)/rx86-elf.o';
+ $rc4_enc_src='crypto/rc4/asm/rx86unix.cpp';
+ $md5_asm_obj='$(OBJ_D)/mx86-elf.o';
+ $md5_asm_src='crypto/md5/asm/mx86unix.cpp';
+ $sha1_asm_obj='$(OBJ_D)/sx86-elf.o';
+ $sha1_asm_src='crypto/sha/asm/sx86unix.cpp';
+ $cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM";
+ }
+
+$cflags.=" -DTERMIO -DL_ENDIAN -m486 -Wall";
+
+if ($shlib)
+ {
+ $shl_cflag=" -DPIC -fpic";
+ $shlibp=".so.$ssl_version";
+ $so_shlibp=".so";
+ }
+
+sub do_shlib_rule
+ {
+ local($obj,$target,$name,$shlib,$so_name)=@_;
+ local($ret,$_,$Name);
+
+ $target =~ s/\//$o/g if $o ne '/';
+ ($Name=$name) =~ tr/a-z/A-Z/;
+
+ $ret.="\$(LIB_D)$o$target: \$(${Name}OBJ)\n";
+ $ret.="\t\$(RM) \$(LIB_D)$o$target\n";
+ $ret.="\tgcc \${CFLAGS} -shared -Wl,-soname,$target -o \$(LIB_D)$o$target \$(${Name}OBJ)\n";
+ ($t=$target) =~ s/(^.*)\/[^\/]*$/$1/;
+ if ($so_name ne "")
+ {
+ $ret.="\t\$(RM) \$(LIB_D)$o$so_name\n";
+ $ret.="\tln -s $target \$(LIB_D)$o$so_name\n\n";
+ }
+ }
+
+sub do_link_rule
+ {
+ local($target,$files,$dep_libs,$libs)=@_;
+ local($ret,$_);
+
+ $file =~ s/\//$o/g if $o ne '/';
+ $n=&bname($target);
+ $ret.="$target: $files $dep_libs\n";
+ $ret.="\t\$(LINK) ${efile}$target \$(LFLAGS) $files $libs\n\n";
+ return($ret);
+ }
+
+sub do_asm_rule
+ {
+ local($target,$src)=@_;
+ local($ret,@s,@t,$i);
+
+ $target =~ s/\//$o/g if $o ne "/";
+ $src =~ s/\//$o/g if $o ne "/";
+
+ @s=split(/\s+/,$src);
+ @t=split(/\s+/,$target);
+
+ for ($i=0; $i<=$#s; $i++)
+ {
+ $ret.="$t[$i]: $s[$i]\n";
+ $ret.="\tgcc -E -DELF \$(SRC_D)$o$s[$i]|\$(AS) $afile$t[$i]\n\n";
+ }
+ return($ret);
+ }
+
+1;
diff --git a/src/lib/libcrypto/util/pl/unix.pl b/src/lib/libcrypto/util/pl/unix.pl
new file mode 100644
index 0000000000..ab4978fd20
--- /dev/null
+++ b/src/lib/libcrypto/util/pl/unix.pl
@@ -0,0 +1,83 @@
+#!/usr/bin/perl
+#
+# unix.pl - the standard unix makefile stuff.
+#
+
+$o='/';
+$cp='/bin/cp';
+$rm='/bin/rm -f';
+
+# C compiler stuff
+
+if ($gcc)
+ {
+ $cc='gcc';
+ if ($debug)
+ { $cflags="-g2 -ggdb"; }
+ else
+ { $cflags="-O3 -fomit-frame-pointer"; }
+ }
+else
+ {
+ $cc='cc';
+ if ($debug)
+ { $cflags="-g"; }
+ else
+ { $cflags="-O"; }
+ }
+$obj='.o';
+$ofile='-o ';
+
+# EXE linking stuff
+$link='${CC}';
+$lflags='${CFLAGS}';
+$efile='-o ';
+$exep='';
+$ex_libs="";
+
+# static library stuff
+$mklib='ar r';
+$mlflags='';
+$ranlib='util/ranlib.sh';
+$plib='lib';
+$libp=".a";
+$shlibp=".a";
+$lfile='';
+
+$asm='as';
+$afile='-o ';
+$bn_mulw_obj="";
+$bn_mulw_src="";
+$des_enc_obj="";
+$des_enc_src="";
+$bf_enc_obj="";
+$bf_enc_src="";
+
+sub do_lib_rule
+ {
+ local($obj,$target,$name,$shlib)=@_;
+ local($ret,$_,$Name);
+
+ $target =~ s/\//$o/g if $o ne '/';
+ $target="\$(LIB_D)$o$target";
+ ($Name=$name) =~ tr/a-z/A-Z/;
+
+ $ret.="$target: \$(${Name}OBJ)\n";
+ $ret.="\t\$(RM) $target\n";
+ $ret.="\t\$(MKLIB) $target \$(${Name}OBJ)\n";
+ $ret.="\t\$(RANLIB) $target\n\n";
+ }
+
+sub do_link_rule
+ {
+ local($target,$files,$dep_libs,$libs)=@_;
+ local($ret,$_);
+
+ $file =~ s/\//$o/g if $o ne '/';
+ $n=&bname($target);
+ $ret.="$target: $files $dep_libs\n";
+ $ret.="\t\$(LINK) ${efile}$target \$(LFLAGS) $files $libs\n\n";
+ return($ret);
+ }
+
+1;
diff --git a/src/lib/libcrypto/util/point.sh b/src/lib/libcrypto/util/point.sh
new file mode 100644
index 0000000000..92c12e8282
--- /dev/null
+++ b/src/lib/libcrypto/util/point.sh
@@ -0,0 +1,4 @@
+#!/bin/sh
+
+/bin/rm -f $2
+ln -s $1 $2
diff --git a/src/lib/libcrypto/util/sp-diff.pl b/src/lib/libcrypto/util/sp-diff.pl
new file mode 100644
index 0000000000..2c88336858
--- /dev/null
+++ b/src/lib/libcrypto/util/sp-diff.pl
@@ -0,0 +1,80 @@
+#!/usr/bin/perl
+#
+# This file takes as input, the files that have been output from
+# ssleay speed.
+# It prints a table of the relative differences with %100 being 'no difference'
+#
+
+($#ARGV == 1) || die "$0 speedout1 speedout2\n";
+
+%one=&loadfile($ARGV[0]);
+%two=&loadfile($ARGV[1]);
+
+$line=0;
+foreach $a ("md2","md5","sha","sha1","rc4","des cfb","des cbc","des ede3",
+ "idea cfb","idea cbc","rc2 cfb","rc2 cbc","blowfish cbc","cast cbc")
+ {
+ if (defined($one{$a,8}) && defined($two{$a,8}))
+ {
+ print "type 8 byte% 64 byte% 256 byte% 1024 byte% 8192 byte%\n"
+ unless $line;
+ $line++;
+ printf "%-12s ",$a;
+ foreach $b (8,64,256,1024,8192)
+ {
+ $r=$two{$a,$b}/$one{$a,$b}*100;
+ printf "%12.2f",$r;
+ }
+ print "\n";
+ }
+ }
+
+foreach $a (
+ "rsa 512","rsa 1024","rsa 2048","rsa 4096",
+ "dsa 512","dsa 1024","dsa 2048",
+ )
+ {
+ if (defined($one{$a,1}) && defined($two{$a,1}))
+ {
+ $r1=($one{$a,1}/$two{$a,1})*100;
+ $r2=($one{$a,2}/$two{$a,2})*100;
+ printf "$a bits %% %6.2f %% %6.2f\n",$r1,$r2;
+ }
+ }
+
+sub loadfile
+ {
+ local($file)=@_;
+ local($_,%ret);
+
+ open(IN,"<$file") || die "unable to open '$file' for input\n";
+ $header=1;
+ while (<IN>)
+ {
+ $header=0 if /^[dr]sa/;
+ if (/^type/) { $header=0; next; }
+ next if $header;
+ chop;
+ @a=split;
+ if ($a[0] =~ /^[dr]sa$/)
+ {
+ ($n,$t1,$t2)=($_ =~ /^([dr]sa\s+\d+)\s+bits\s+([.\d]+)s\s+([.\d]+)/);
+ $ret{$n,1}=$t1;
+ $ret{$n,2}=$t2;
+ }
+ else
+ {
+ $n=join(' ',grep(/[^k]$/,@a));
+ @k=grep(s/k$//,@a);
+
+ $ret{$n, 8}=$k[0];
+ $ret{$n, 64}=$k[1];
+ $ret{$n, 256}=$k[2];
+ $ret{$n,1024}=$k[3];
+ $ret{$n,8192}=$k[4];
+ }
+ }
+ close(IN);
+ return(%ret);
+ }
+
diff --git a/src/lib/libcrypto/util/speed.sh b/src/lib/libcrypto/util/speed.sh
new file mode 100644
index 0000000000..f489706197
--- /dev/null
+++ b/src/lib/libcrypto/util/speed.sh
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+#
+# This is a ugly script use, in conjuction with editing the 'b'
+# configuration in the $(TOP)/Configure script which will
+# output when finished a file called speed.log which is the
+# timings of SSLeay with various options turned on or off.
+#
+# from the $(TOP) directory
+# Edit Configure, modifying things to do with the b/bl-4c-2c etc
+# configurations.
+#
+
+make clean
+perl Configure b
+make
+apps/ssleay version -v -b -f >speed.1
+apps/ssleay speed >speed.1l
+
+perl Configure bl-4c-2c
+/bin/rm -f crypto/rc4/*.o crypto/bn/bn*.o crypto/md2/md2_dgst.o
+make
+apps/ssleay speed rc4 rsa md2 >speed.2l
+
+perl Configure bl-4c-ri
+/bin/rm -f crypto/rc4/rc4*.o
+make
+apps/ssleay speed rc4 >speed.3l
+
+perl Configure b2-is-ri-dp
+/bin/rm -f crypto/idea/i_*.o crypto/rc4/*.o crypto/des/ecb_enc.o crypto/bn/bn*.o
+apps/ssleay speed rsa rc4 idea des >speed.4l
+
+cat speed.1 >speed.log
+cat speed.1l >>speed.log
+perl util/sp-diff.pl speed.1l speed.2l >>speed.log
+perl util/sp-diff.pl speed.1l speed.3l >>speed.log
+perl util/sp-diff.pl speed.1l speed.4l >>speed.log
+
diff --git a/src/lib/libcrypto/util/src-dep.pl b/src/lib/libcrypto/util/src-dep.pl
new file mode 100644
index 0000000000..91242f7bb6
--- /dev/null
+++ b/src/lib/libcrypto/util/src-dep.pl
@@ -0,0 +1,147 @@
+#!/usr/bin/perl
+
+# we make up an array of
+# $file{function_name}=filename;
+# $unres{filename}="func1 func2 ...."
+$debug=1;
+#$nm_func="parse_linux";
+$nm_func="parse_solaris";
+
+foreach (@ARGV)
+ {
+ &$nm_func($_);
+ }
+
+foreach $file (sort keys %unres)
+ {
+ @a=split(/\s+/,$unres{$file});
+ %ff=();
+ foreach $func (@a)
+ {
+ $f=$file{$func};
+ $ff{$f}=1 if $f ne "";
+ }
+
+ foreach $a (keys %ff)
+ { $we_need{$file}.="$a "; }
+ }
+
+foreach $file (sort keys %we_need)
+ {
+# print " $file $we_need{$file}\n";
+ foreach $bit (split(/\s+/,$we_need{$file}))
+ { push(@final,&walk($bit)); }
+
+ foreach (@final) { $fin{$_}=1; }
+ @final="";
+ foreach (sort keys %fin)
+ { push(@final,$_); }
+
+ print "$file: @final\n";
+ }
+
+sub walk
+ {
+ local($f)=@_;
+ local(@a,%seen,@ret,$r);
+
+ @ret="";
+ $f =~ s/^\s+//;
+ $f =~ s/\s+$//;
+ return "" if ($f =~ "^\s*$");
+
+ return(split(/\s/,$done{$f})) if defined ($done{$f});
+
+ return if $in{$f} > 0;
+ $in{$f}++;
+ push(@ret,$f);
+ foreach $r (split(/\s+/,$we_need{$f}))
+ {
+ push(@ret,&walk($r));
+ }
+ $in{$f}--;
+ $done{$f}=join(" ",@ret);
+ return(@ret);
+ }
+
+sub parse_linux
+ {
+ local($name)=@_;
+
+ open(IN,"nm $name|") || die "unable to run 'nn $name':$!\n";
+ while (<IN>)
+ {
+ chop;
+ next if /^\s*$/;
+ if (/^[^[](.*):$/)
+ {
+ $file=$1;
+ $file="$1.c" if /\[(.*).o\]/;
+ print STDERR "$file\n";
+ $we_need{$file}=" ";
+ next;
+ }
+
+ @a=split(/\s*\|\s*/);
+ next unless $#a == 7;
+ next unless $a[4] eq "GLOB";
+ if ($a[6] eq "UNDEF")
+ {
+ $unres{$file}.=$a[7]." ";
+ }
+ else
+ {
+ if ($file{$a[7]} ne "")
+ {
+ print STDERR "duplicate definition of $a[7],\n$file{$a[7]} and $file \n";
+ }
+ else
+ {
+ $file{$a[7]}=$file;
+ }
+ }
+ }
+ close(IN);
+ }
+
+sub parse_solaris
+ {
+ local($name)=@_;
+
+ open(IN,"nm $name|") || die "unable to run 'nn $name':$!\n";
+ while (<IN>)
+ {
+ chop;
+ next if /^\s*$/;
+ if (/^(\S+):$/)
+ {
+ $file=$1;
+ #$file="$1.c" if $file =~ /^(.*).o$/;
+ print STDERR "$file\n";
+ $we_need{$file}=" ";
+ next;
+ }
+ @a=split(/\s*\|\s*/);
+ next unless $#a == 7;
+ next unless $a[4] eq "GLOB";
+ if ($a[6] eq "UNDEF")
+ {
+ $unres{$file}.=$a[7]." ";
+ print STDERR "$file needs $a[7]\n" if $debug;
+ }
+ else
+ {
+ if ($file{$a[7]} ne "")
+ {
+ print STDERR "duplicate definition of $a[7],\n$file{$a[7]} and $file \n";
+ }
+ else
+ {
+ $file{$a[7]}=$file;
+ print STDERR "$file has $a[7]\n" if $debug;
+ }
+ }
+ }
+ close(IN);
+ }
+
diff --git a/src/lib/libcrypto/util/ssleay.num b/src/lib/libcrypto/util/ssleay.num
new file mode 100644
index 0000000000..359fa15df1
--- /dev/null
+++ b/src/lib/libcrypto/util/ssleay.num
@@ -0,0 +1,156 @@
+ERR_load_SSL_strings 1
+SSL_CIPHER_description 2
+SSL_CTX_add_client_CA 3
+SSL_CTX_add_session 4
+SSL_CTX_check_private_key 5
+SSL_CTX_ctrl 6
+SSL_CTX_flush_sessions 7
+SSL_CTX_free 8
+SSL_CTX_get_client_CA_list 9
+SSL_CTX_get_verify_callback 10
+SSL_CTX_get_verify_mode 11
+SSL_CTX_new 12
+SSL_CTX_remove_session 13
+SSL_CTX_set_cert_verify_cb 14
+SSL_CTX_set_cipher_list 15
+SSL_CTX_set_client_CA_list 16
+SSL_CTX_set_default_passwd_cb 17
+SSL_CTX_set_ssl_version 19
+SSL_CTX_set_verify 21
+SSL_CTX_use_PrivateKey 22
+SSL_CTX_use_PrivateKey_ASN1 23
+SSL_CTX_use_PrivateKey_file 24
+SSL_CTX_use_RSAPrivateKey 25
+SSL_CTX_use_RSAPrivateKey_ASN1 26
+SSL_CTX_use_RSAPrivateKey_file 27
+SSL_CTX_use_certificate 28
+SSL_CTX_use_certificate_ASN1 29
+SSL_CTX_use_certificate_file 30
+SSL_SESSION_free 31
+SSL_SESSION_new 32
+SSL_SESSION_print 33
+SSL_SESSION_print_fp 34
+SSL_accept 35
+SSL_add_client_CA 36
+SSL_alert_desc_string 37
+SSL_alert_desc_string_long 38
+SSL_alert_type_string 39
+SSL_alert_type_string_long 40
+SSL_check_private_key 41
+SSL_clear 42
+SSL_connect 43
+SSL_copy_session_id 44
+SSL_ctrl 45
+SSL_dup 46
+SSL_dup_CA_list 47
+SSL_free 48
+SSL_get_certificate 49
+SSL_get_cipher_list 52
+SSL_get_ciphers 55
+SSL_get_client_CA_list 56
+SSL_get_default_timeout 57
+SSL_get_error 58
+SSL_get_fd 59
+SSL_get_peer_cert_chain 60
+SSL_get_peer_certificate 61
+SSL_get_rbio 63
+SSL_get_read_ahead 64
+SSL_get_shared_ciphers 65
+SSL_get_ssl_method 66
+SSL_get_verify_callback 69
+SSL_get_verify_mode 70
+SSL_get_version 71
+SSL_get_wbio 72
+SSL_load_client_CA_file 73
+SSL_load_error_strings 74
+SSL_new 75
+SSL_peek 76
+SSL_pending 77
+SSL_read 78
+SSL_renegotiate 79
+SSL_rstate_string 80
+SSL_rstate_string_long 81
+SSL_set_accept_state 82
+SSL_set_bio 83
+SSL_set_cipher_list 84
+SSL_set_client_CA_list 85
+SSL_set_connect_state 86
+SSL_set_fd 87
+SSL_set_read_ahead 88
+SSL_set_rfd 89
+SSL_set_session 90
+SSL_set_ssl_method 91
+SSL_set_verify 94
+SSL_set_wfd 95
+SSL_shutdown 96
+SSL_state_string 97
+SSL_state_string_long 98
+SSL_use_PrivateKey 99
+SSL_use_PrivateKey_ASN1 100
+SSL_use_PrivateKey_file 101
+SSL_use_RSAPrivateKey 102
+SSL_use_RSAPrivateKey_ASN1 103
+SSL_use_RSAPrivateKey_file 104
+SSL_use_certificate 105
+SSL_use_certificate_ASN1 106
+SSL_use_certificate_file 107
+SSL_write 108
+SSLeay_add_ssl_algorithms 109
+SSLv23_client_method 110
+SSLv23_method 111
+SSLv23_server_method 112
+SSLv2_client_method 113
+SSLv2_method 114
+SSLv2_server_method 115
+SSLv3_client_method 116
+SSLv3_method 117
+SSLv3_server_method 118
+d2i_SSL_SESSION 119
+i2d_SSL_SESSION 120
+BIO_f_ssl 121
+BIO_new_ssl 122
+BIO_proxy_ssl_copy_session_id 123
+BIO_ssl_copy_session_id 124
+SSL_do_handshake 125
+SSL_get_privatekey 126
+SSL_get_current_cipher 127
+SSL_CIPHER_get_bits 128
+SSL_CIPHER_get_version 129
+SSL_CIPHER_get_name 130
+BIO_ssl_shutdown 131
+SSL_SESSION_cmp 132
+SSL_SESSION_hash 133
+SSL_SESSION_get_time 134
+SSL_SESSION_set_time 135
+SSL_SESSION_get_timeout 136
+SSL_SESSION_set_timeout 137
+SSL_CTX_get_ex_data 138
+SSL_CTX_get_quiet_shutdown 140
+SSL_CTX_load_verify_locations 141
+SSL_CTX_set_default_verify_paths 142
+SSL_CTX_set_ex_data 143
+SSL_CTX_set_quiet_shutdown 145
+SSL_SESSION_get_ex_data 146
+SSL_SESSION_set_ex_data 148
+SSL_get_SSL_CTX 150
+SSL_get_ex_data 151
+SSL_get_quiet_shutdown 153
+SSL_get_session 154
+SSL_get_shutdown 155
+SSL_get_verify_result 157
+SSL_set_ex_data 158
+SSL_set_info_callback 160
+SSL_set_quiet_shutdown 161
+SSL_set_shutdown 162
+SSL_set_verify_result 163
+SSL_version 164
+SSL_get_info_callback 165
+SSL_state 166
+SSL_CTX_get_ex_new_index 167
+SSL_SESSION_get_ex_new_index 168
+SSL_get_ex_new_index 169
+TLSv1_method 170
+TLSv1_server_method 171
+TLSv1_client_method 172
+BIO_new_buffer_ssl_connect 173
+BIO_new_ssl_connect 174
diff --git a/src/lib/libcrypto/util/tab_num.pl b/src/lib/libcrypto/util/tab_num.pl
new file mode 100644
index 0000000000..77b591d92f
--- /dev/null
+++ b/src/lib/libcrypto/util/tab_num.pl
@@ -0,0 +1,17 @@
+#!/usr/bin/perl
+
+$num=1;
+$width=40;
+
+while (<>)
+ {
+ chop;
+
+ $i=length($_);
+
+ $n=$width-$i;
+ $i=int(($n+7)/8);
+ print $_.("\t" x $i).$num."\n";
+ $num++;
+ }
+
diff --git a/src/lib/libcrypto/util/x86asm.sh b/src/lib/libcrypto/util/x86asm.sh
new file mode 100644
index 0000000000..81d3289860
--- /dev/null
+++ b/src/lib/libcrypto/util/x86asm.sh
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+echo Generating x86 assember
+echo Bignum
+(cd crypto/bn/asm; perl bn-586.pl cpp > bn86unix.cpp)
+(cd crypto/bn/asm; perl bn-586.pl win32 > bn-win32.asm)
+
+echo DES
+(cd crypto/des/asm; perl des-586.pl cpp > dx86unix.cpp)
+(cd crypto/des/asm; perl des-586.pl win32 > d-win32.asm)
+
+echo "crypt(3)"
+(cd crypto/des/asm; perl crypt586.pl cpp > yx86unix.cpp)
+(cd crypto/des/asm; perl crypt586.pl win32 > y-win32.asm)
+
+echo Blowfish
+(cd crypto/bf/asm; perl bf-586.pl cpp > bx86unix.cpp)
+(cd crypto/bf/asm; perl bf-586.pl win32 > b-win32.asm)
+
+echo CAST5
+(cd crypto/cast/asm; perl cast-586.pl cpp > cx86unix.cpp)
+(cd crypto/cast/asm; perl cast-586.pl win32 > c-win32.asm)
+
+echo RC4
+(cd crypto/rc4/asm; perl rc4-586.pl cpp > rx86unix.cpp)
+(cd crypto/rc4/asm; perl rc4-586.pl win32 > r4-win32.asm)
+
+echo MD5
+(cd crypto/md5/asm; perl md5-586.pl cpp > mx86unix.cpp)
+(cd crypto/md5/asm; perl md5-586.pl win32 > m5-win32.asm)
+
+echo SHA1
+(cd crypto/sha/asm; perl sha1-586.pl cpp > sx86unix.cpp)
+(cd crypto/sha/asm; perl sha1-586.pl win32 > s1-win32.asm)
+
+echo RIPEMD160
+(cd crypto/ripemd/asm; perl rmd-586.pl cpp > rm86unix.cpp)
+(cd crypto/ripemd/asm; perl rmd-586.pl win32 > rm-win32.asm)
+
+echo RC5/32
+(cd crypto/rc5/asm; perl rc5-586.pl cpp > r586unix.cpp)
+(cd crypto/rc5/asm; perl rc5-586.pl win32 > r5-win32.asm)
diff --git a/src/lib/libssl/src/Configure b/src/lib/libssl/src/Configure
new file mode 100644
index 0000000000..1dc0ed320c
--- /dev/null
+++ b/src/lib/libssl/src/Configure
@@ -0,0 +1,569 @@
+#!/usr/bin/perl
+
+# see PROBLEMS for instructions on what sort of things to do when
+# tracking a bug --tjh
+#
+# extra options
+# -DRSAref build to use RSAref
+# -DNO_IDEA build with no IDEA algorithm
+# -DNO_RC4 build with no RC4 algorithm
+# -DNO_RC2 build with no RC2 algorithm
+# -DNO_BF build with no Blowfish algorithm
+# -DNO_DES build with no DES/3DES algorithm
+# -DNO_MD2 build with no MD2 algorithm
+#
+# DES_PTR use pointer lookup vs arrays in the DES in crypto/des/des_locl.h
+# DES_RISC1 use different DES_ENCRYPT macro that helps reduce register
+# dependancies but needs to more registers, good for RISC CPU's
+# DES_RISC2 A different RISC variant.
+# DES_UNROLL unroll the inner DES loop, sometimes helps, somtimes hinders.
+# DES_INT use 'int' instead of 'long' for DES_LONG in crypto/des/des.h
+# This is used on the DEC Alpha where long is 8 bytes
+# and int is 4
+# BN_LLONG use the type 'long long' in crypto/bn/bn.h
+# MD2_CHAR use 'char' instead of 'int' for MD2_INT in crypto/md2/md2.h
+# MD2_LONG use 'long' instead of 'int' for MD2_INT in crypto/md2/md2.h
+# IDEA_SHORT use 'short' instead of 'int' for IDEA_INT in crypto/idea/idea.h
+# IDEA_LONG use 'long' instead of 'int' for IDEA_INT in crypto/idea/idea.h
+# RC2_SHORT use 'short' instead of 'int' for RC2_INT in crypto/rc2/rc2.h
+# RC2_LONG use 'long' instead of 'int' for RC2_INT in crypto/rc2/rc2.h
+# RC4_CHAR use 'char' instead of 'int' for RC4_INT in crypto/rc4/rc4.h
+# RC4_LONG use 'long' instead of 'int' for RC4_INT in crypto/rc4/rc4.h
+# RC4_INDEX define RC4_INDEX in crypto/rc4/rc4_locl.h. This turns on
+# array lookups instead of pointer use.
+# BF_PTR use 'pointer arithmatic' for Blowfish (unsafe on Alpha).
+# BF_PTR2 use a pentium/intel specific version.
+# MD5_ASM use some extra md5 assember,
+# SHA1_ASM use some extra sha1 assember, must define L_ENDIAN for x86
+# RMD160_ASM use some extra ripemd160 assember,
+# BN_ASM use some extra bn assember,
+
+$x86_gcc_des="DES_PTR DES_RISC1 DES_UNROLL";
+
+# MD2_CHAR slags pentium pros
+$x86_gcc_opts="RC4_INDEX MD2_INT BF_PTR2";
+
+# MODIFY THESE PARAMETERS IF YOU ARE GOING TO USE THE 'util/speed.sh SCRIPT
+# Don't worry about these normally
+
+$tcc="cc";
+$tflags="-fast -Xa";
+$tbn_mul="";
+$tlib="-lnsl -lsocket";
+#$bits1="SIXTEEN_BIT ";
+#$bits2="THIRTY_TWO_BIT ";
+$bits1="THIRTY_TWO_BIT ";
+$bits2="SIXTY_FOUR_BIT ";
+
+$x86_sol_asm="asm/bn86-sol.o:asm/dx86-sol.o:asm/yx86-sol.o:asm/bx86-sol.o:asm/mx86-sol.o:asm/sx86-sol.o:asm/cx86-sol.o:asm/rx86-sol.o:asm/rm86-sol.o:asm/r586-sol.o";
+$x86_elf_asm="asm/bn86-elf.o:asm/dx86-elf.o asm/yx86-elf.o:asm/bx86-elf.o:asm/mx86-elf.o:asm/sx86-elf.o:asm/cx86-elf.o:asm/rx86-elf.o:asm/rm86-elf.o:asm/r586-elf.o";
+$x86_out_asm="asm/bn86-out.o:asm/dx86-out.o asm/yx86-out.o:asm/bx86-out.o:asm/mx86-out.o:asm/sx86-out.o:asm/cx86-out.o:asm/rx86-out.o:asm/rm86-out.o:asm/r586-out.o";
+$x86_bsdi_asm="asm/bn86bsdi.o:asm/dx86bsdi.o asm/yx86bsdi.o:asm/bx86bsdi.o:asm/mx86bsdi.o:asm/sx86bsdi.o:asm/cx86bsdi.o:asm/rx86bsdi.o:asm/rm86bsdi.o:asm/r586bsdi.o";
+
+# -DB_ENDIAN slows things down on a sparc for md5, but helps sha1.
+# So the md5_locl.h file has an undef B_ENDIAN if sun is defined
+
+#config-string CC : CFLAGS : LDFLAGS : special header file mods:bn_asm \
+# des_asm:bf_asm
+%table=(
+#"b", "$tcc:$tflags:$tlib:$bits1:$tbn_mul::",
+#"bl-4c-2c", "$tcc:$tflags:$tlib:${bits1}BN_LLONG RC4_CHAR MD2_CHAR:$tbn_mul::",
+#"bl-4c-ri", "$tcc:$tflags:$tlib:${bits1}BN_LLONG RC4_CHAR RC4_INDEX:$tbn_mul::",
+#"b2-is-ri-dp", "$tcc:$tflags:$tlib:${bits2}IDEA_SHORT RC4_INDEX DES_PTR:$tbn_mul::",
+
+# A few of my development configs
+"purify", "purify gcc:-g -DPURIFY -Wall:-lsocket -lnsl::::",
+"debug", "gcc:-DREF_CHECK -DCRYPTO_MDEBUG -ggdb -g2 -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror:::::",
+"dist", "cc:-O -DNOPROTO::::",
+
+# Basic configs that should work on any box
+"gcc", "gcc:-O3::BN_LLONG:::",
+"cc", "cc:-O -DNOPROTO -DNOCONST:::::",
+
+
+# My solaris setups
+"solaris-x86-gcc","gcc:-O3 -fomit-frame-pointer -m486 -Wall -DL_ENDIAN -DBN_ASM:-lsocket -lnsl:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_sol_asm:",
+"solaris-sparc-gcc","gcc:-O3 -fomit-frame-pointer -mv8 -Wall -DB_ENDIAN:-lsocket -lnsl:BN_LLONG RC4_CHAR DES_UNROLL BF_PTR:::",
+# DO NOT use /xO[34] on sparc with SC3.0.
+# It is broken, and will not pass the tests
+"solaris-sparc-cc","cc:-fast -O -Xa -DB_ENDIAN:\
+ -lsocket -lnsl:BN_LLONG RC4_CHAR DES_PTR DES_UNROLL BF_PTR:asm/sparc.o::",
+# SC4.0 is ok, better than gcc, except for the bignum stuff.
+# -fast slows things like DES down quite a lot
+"solaris-sparc-sc4","cc:-xO5 -Xa -DB_ENDIAN:-lsocket -lnsl:\
+ BN_LLONG RC4_CHAR DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparc.o::",
+"solaris-usparc-sc4","cc:-xtarget=ultra -xarch=v8plus -Xa -xO5 -DB_ENDIAN:\
+ -lsocket -lnsl:\
+ BN_LLONG RC4_CHAR DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparc.o::",
+
+# Sunos configs, assuming sparc for the gcc one.
+"sunos-cc", "cc:-O4 -DNOPROTO -DNOCONST::DES_UNROLL:::",
+"sunos-gcc","gcc:-O3 -mv8::BN_LLONG RC4_CHAR DES_UNROLL DES_PTR DES_RISC1:::",
+
+# SGI configurations. If the box is rather old (r3000 cpu), you will
+# probably have to remove the '-mips2' flag. I've only been using
+# IRIX 5.[23].
+#"irix-gcc","gcc:-O2 -mips2::BN_LLONG RC4_INDEX RC4_CHAR:::",
+"irix-gcc","gcc:-O2 -DTERMIOS -DB_ENDIAN::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC2 DES_PTR BF_PTR:::",
+"irix-cc", "cc:-O2 -DTERMIOS -DB_ENDIAN::DES_PTR DES_RISC2 DES_UNROLL BF_PTR:asm/r3000.o::",
+"debug-irix-cc", "cc:-w2 -g -DCRYPTO_MDEBUG -DTERMIOS -DB_ENDIAN:::asm/r3000.o::",
+
+# HPUX config. I've been building on HPUX 9, so the options may be
+# different on version 10. The pa-risc2.o assember file is 2 times
+# faster than the old asm/pa-risc.o version but it may not run on old
+# PA-RISC CPUs. If you have problems, swap back to the old one.
+# Both were generated by gcc, so use the C version with the PA-RISC specific
+# options turned on if you are using gcc.
+"hpux-cc", "cc:-DB_ENDIAN -D_HPUX_SOURCE -Aa -Ae +ESlit +O4 -Wl,-a,archive::DES_PTR DES_UNROLL DES_RISC1:asm/pa-risc2.o::",
+"hpux-kr-cc", "cc:-DB_ENDIAN -DNOCONST -DNOPROTO -D_HPUX_SOURCE::DES_PTR DES_UNROLL:asm/pa-risc2.o::",
+"hpux-gcc", "gcc:-DB_ENDIAN -O3::BN_LLONG DES_PTR DES_UNROLL DES_RISC1:::",
+
+# Dec Alpha, OSF/1 - the alpha400-cc is the flags for a 21164A with
+# the new compiler
+"alpha-gcc","gcc:-O3::SIXTY_FOUR_BIT_LONGS DES_INT DES_PTR DES_RISC2:asm/alpha.o::",
+"alpha-cc", "cc:-O2::SIXTY_FOUR_BIT_LONGS DES_INT DES_PTR DES_RISC2:asm/alpha.o::",
+"alpha400-cc", "cc:-arch host -tune host -fast -std -O4 -inline speed::SIXTY_FOUR_BIT_LONG:asm/alpha.o::",
+
+# The intel boxes :-), It would be worth seeing if bsdi-gcc can use the
+# bn86-elf.o file file since it is hand tweaked assembler.
+"linux-elf", "gcc:-DL_ENDIAN -DTERMIO -DBN_ASM -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
+"debug-linux-elf","gcc:-DREF_CHECK -DBN_ASM -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall:-lefence:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
+"linux-aout", "gcc:-DL_ENDIAN -DTERMIO -DBN_ASM -O3 -fomit-frame-pointer -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_out_asm",
+"NetBSD-sparc", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall -DB_ENDIAN::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:::",
+"NetBSD-m86", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall -DB_ENDIAN::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:::",
+"NetBSD-x86", "gcc:-DTERMIOS -DBN_ASM -D_ANSI_SOURCE -O3 -fomit-frame-pointer -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:",
+"OpenBSD-alpha","gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall::SIXTY_FOUR_BIT_LONGS DES_INT DES_PTR DES_RISC2:::",
+"OpenBSD-x86", "gcc:-DTERMIOS -DBN_ASM -DL_ENDIAN -D_ANSI_SOURCE -fomit-frame-pointer -O3 -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_out_asm",
+"OpenBSD-bigendian", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall -DB_ENDIAN::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:::",
+"FreeBSD", "gcc:-DTERMIOS -DBN_ASM -DL_ENDIAN -D_ANSI_SOURCE -fomit-frame-pointer -O3 -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_out_asm",
+#"bsdi-gcc", "gcc:-O3 -ffast-math -DBN_ASM -DL_ENDIAN -DPERL5 -m486::RSA_LLONG $x86_gc_des $x86_gcc_opts:$x86_bsdi_asm",
+"nextstep", "cc:-O3 -Wall -DBN_ASM::BN_LLONG $x86_gcc_des $x86_gcc_opts:::",
+# NCR MP-RAS UNIX ver 02.03.01
+"ncr-scde","cc:-O6 -Xa -Hoff=BEHAVED -686 -Hwide -Hiw:-lsocket -lnsl:$x86_gcc_des $x86_gcc_opts:::",
+
+# UnixWare 2.0
+"unixware-2.0","cc:-O -DFILIO_H:-lsocket -lnsl:$x86_gcc_des $x86_gcc_opts:::",
+"unixware-2.0-pentium","cc:-O -DFILIO_H -Kpentium -Kthread:-lsocket -lnsl:MD2_CHAR RC4_INDEX $x86_des_des::",
+
+# IBM's AIX.
+"aix-cc", "cc:-O -DAIX -DB_ENDIAN::BN_LLONG RC4_CHAR:::",
+"aix-gcc", "gcc:-O2 -DAIX -DB_ENDIAN::BN_LLONG RC4_CHAR:::",
+
+#
+# Cray T90 (SDSC)
+# It's Big-endian, but the algorithms work properly when B_ENDIAN is NOT
+# defined. The T90 ints and longs are 8 bytes long, and apparently the
+# B_ENDIAN code assumes 4 byte ints. Fortunately, the non-B_ENDIAN and
+# non L_ENDIAN code aligns the bytes in each word correctly.
+#
+# The BIT_FIELD_LIMITS define is to avoid two fatal compiler errors:
+#'Taking the address of a bit field is not allowed. '
+#'An expression with bit field exists as the operand of "sizeof" '
+# (written by Wayne Schroeder <schroede@SDSC.EDU>)
+"cray-t90-cc", "cc: -DBIT_FIELD_LIMITS -DTERMIOS::SIXTY_FOUR_BIT_LONG DES_INT:::",
+
+# DGUX, 88100.
+"dgux-R3-gcc", "gcc:-O3 -fomit-frame-pointer::RC4_INDEX DES_UNROLL:::",
+"dgux-R4-gcc", "gcc:-O3 -fomit-frame-pointer:-lnsl -lsocket:RC4_INDEX:RC4_INDEX DES_UNROLL:::",
+"dgux-R4-x86-gcc", "gcc:-O3 -DBN_ASM -fomit-frame-pointer -DL_ENDIAN:-lnsl -lsocket:BN_LLONG $x86_gcc_des $x86_gcc_opts:$x86_elf_asm",
+
+# SCO 5
+"sco5-cc", "cc:-O:-lsocket:$x86_gcc_des $x86_gcc_opts:::", # des options?
+
+# Sinix RM400
+"SINIX-N","/usr/ucb/cc:-O2 -misaligned:-lucb:RC4_INDEX RC4_CHAR:::",
+
+# Windows NT, Microsoft Visual C++ 4.0
+
+# hmm... bug in perl under NT, I need to concatinate :-(
+"VC-NT","cl:::BN_LLONG RC4_INDEX ".$x86_gcc_opts.":::",
+"VC-WIN32","cl:::BN_LLONG RC4_INDEX ".$x86_gcc_opts.":::",
+"VC-WIN16","cl:::MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX THIRTY_TWO_BIT:::",
+"VC-W31-16","cl:::BN_LLONG MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX SIXTEEN_BIT:::",
+"VC-W31-32","cl:::MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX THIRTY_TWO_BIT:::",
+"VC-MSDOS","cl:::BN_LLONG MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX SIXTEEN_BIT:::",
+
+# Borland C++ 4.5
+"BC-32","bcc32:::DES_PTR RC4_INDEX:::",
+"BC-16","bcc:::BN_LLONG DES_PTR RC4_INDEX SIXTEEN_BIT:::",
+);
+
+$postfix="org";
+$Makefile="Makefile.ssl";
+$des_locl="crypto/des/des_locl.h";
+$des ="crypto/des/des.h";
+$bn ="crypto/bn/bn.h";
+$md2 ="crypto/md2/md2.h";
+$rc4 ="crypto/rc4/rc4.h";
+$rc4_locl="crypto/rc4/rc4_locl.h";
+$idea ="crypto/idea/idea.h";
+$rc2 ="crypto/rc2/rc2.h";
+$bf ="crypto/bf/bf_locl.h";
+$bn_mulw="bn_mulw.o";
+$des_enc="des_enc.o fcrypt_b.o";
+$bf_enc ="bf_enc.o";
+$cast_enc="c_enc.o";
+$rc4_enc="rc4_enc.o";
+$rc5_enc="rc5_enc.o";
+$md5_obj="";
+$sha1_obj="";
+$rmd160_obj="";
+
+if ($#ARGV < 0)
+ {
+ &bad_target;
+ exit(1);
+ }
+
+$flags="";
+foreach (@ARGV)
+ {
+ if ($_ =~ /^-/)
+ {
+ if ($_ =~ /^-[lL](.*)$/)
+ {
+ $libs.=$_." ";
+ }
+ elsif ($_ =~ /^-D(.*)$/)
+ {
+ $flags.=$_." ";
+ }
+ else
+ {
+ die "unknown options, only -Dxxx, -Lxxx -lxxx supported\n";
+ }
+ }
+ else
+ {
+ die "target already defined - $target\n" if ($target ne "");
+ $target=$_;
+ if (!defined($table{$target}))
+ {
+ &bad_target;
+ exit(1);
+ }
+ }
+ }
+
+if (!defined($table{$target}))
+ {
+ &bad_target;
+ exit(1);
+ }
+
+($cc,$cflags,$lflags,$bn_ops,$bn_obj,$des_obj,$bf_obj,$md5_obj,$sha1_obj,
+ $cast_obj,$rc4_obj,$rmd160_obj,$rc5_obj)=
+ split(/\s*:\s*/,$table{$target});
+$cflags="$flags$cflags" if ($flags ne "");
+$lflags="$libs$lflags"if ($libs ne "");
+
+$bn_obj=$bn_mulw unless ($bn_obj =~ /\.o$/);
+$des_obj=$des_enc unless ($des_obj =~ /\.o$/);
+$bf_obj=$bf_enc unless ($bf_obj =~ /\.o$/);
+$cast_obj=$cast_enc unless ($cast_obj =~ /\.o$/);
+$rc4_obj=$rc4_enc unless ($rc4_obj =~ /\.o$/);
+$rc5_obj=$rc5_enc unless ($rc5_obj =~ /\.o$/);
+if ($sha1_obj =~ /\.o$/)
+ {
+# $sha1_obj=$sha1_enc;
+ $cflags.=" -DSHA1_ASM";
+ }
+if ($md5_obj =~ /\.o$/)
+ {
+# $md5_obj=$md5_enc;
+ $cflags.=" -DMD5_ASM";
+ }
+if ($rmd160_obj =~ /\.o$/)
+ {
+# $rmd160_obj=$rmd160_enc;
+ $cflags.=" -DRMD160_ASM";
+ }
+
+$n=&file_new($Makefile);
+open(IN,"<".$Makefile) || die "unable to read $Makefile:$!\n";
+open(OUT,">".$n) || die "unable to read $n:$!\n";
+while (<IN>)
+ {
+ chop;
+ s/^CC=.*$/CC= $cc/;
+ s/^CFLAG=.*$/CFLAG= $cflags/;
+ s/^EX_LIBS=.*$/EX_LIBS= $lflags/;
+ s/^BN_MULW=.*$/BN_MULW= $bn_obj/;
+ s/^DES_ENC=.*$/DES_ENC= $des_obj/;
+ s/^BF_ENC=.*$/BF_ENC= $bf_obj/;
+ s/^CAST_ENC=.*$/CAST_ENC= $cast_obj/;
+ s/^RC4_ENC=.*$/RC4_ENC= $rc4_obj/;
+ s/^RC5_ENC=.*$/RC5_ENC= $rc5_obj/;
+ s/^MD5_ASM_OBJ=.*$/MD5_ASM_OBJ= $md5_obj/;
+ s/^SHA1_ASM_OBJ=.*$/SHA1_ASM_OBJ= $sha1_obj/;
+ s/^RMD160_ASM_OBJ=.*$/RMD160_ASM_OBJ= $rmd160_obj/;
+ print OUT $_."\n";
+ }
+close(IN);
+close(OUT);
+&Rename($Makefile,&file_old($Makefile));
+&Rename($n,$Makefile);
+print "CC =$cc\n";
+print "CFLAG =$cflags\n";
+print "EX_LIBS =$lflags\n";
+print "BN_MULW =$bn_obj\n";
+print "DES_ENC =$des_obj\n";
+print "BF_ENC =$bf_obj\n";
+print "CAST_ENC =$cast_obj\n";
+print "RC4_ENC =$rc4_obj\n";
+print "RC5_ENC =$rc5_obj\n";
+print "MD5_OBJ_ASM =$md5_obj\n";
+print "SHA1_OBJ_ASM =$sha1_obj\n";
+print "RMD160_OBJ_ASM=$rmd160_obj\n";
+
+$des_ptr=0;
+$des_risc1=0;
+$des_risc2=0;
+$des_unroll=0;
+$bn_ll=0;
+$def_int=2;
+$rc4_int=$def_int;
+$md2_int=$def_int;
+$idea_int=$def_int;
+$rc2_int=$def_int;
+$rc4_idx=0;
+$bf_ptr=0;
+@type=("char","short","int","long");
+($b64l,$b64,$b32,$b16,$b8)=(0,0,1,0,0);
+
+foreach (sort split(/\s+/,$bn_ops))
+ {
+ $des_ptr=1 if /DES_PTR/;
+ $des_risc1=1 if /DES_RISC1/;
+ $des_risc2=1 if /DES_RISC2/;
+ $des_unroll=1 if /DES_UNROLL/;
+ $des_int=1 if /DES_INT/;
+ $bn_ll=1 if /BN_LLONG/;
+ $rc4_int=0 if /RC4_CHAR/;
+ $rc4_int=3 if /RC4_LONG/;
+ $rc4_idx=1 if /RC4_INDEX/;
+ $md2_int=0 if /MD2_CHAR/;
+ $md2_int=3 if /MD2_LONG/;
+ $idea_int=1 if /IDEA_SHORT/;
+ $idea_int=3 if /IDEA_LONG/;
+ $rc2_int=1 if /RC2_SHORT/;
+ $rc2_int=3 if /RC2_LONG/;
+ $bf_ptr=1 if $_ eq "BF_PTR";
+ $bf_ptr=2 if $_ eq "BF_PTR2";
+ ($b64l,$b64,$b32,$b16,$b8)=(0,1,0,0,0) if /SIXTY_FOUR_BIT/;
+ ($b64l,$b64,$b32,$b16,$b8)=(1,0,0,0,0) if /SIXTY_FOUR_BIT_LONG/;
+ ($b64l,$b64,$b32,$b16,$b8)=(0,0,1,0,0) if /THIRTY_TWO_BIT/;
+ ($b64l,$b64,$b32,$b16,$b8)=(0,0,0,1,0) if /SIXTEEN_BIT/;
+ ($b64l,$b64,$b32,$b16,$b8)=(0,0,0,0,1) if /EIGHT_BIT/;
+ }
+
+(($in=$bn) =~ s/\.([^.]+)/.$postfix/);
+$n=&file_new($bn);
+open(IN,"<".$in) || die "unable to read $bn:$!\n";
+open(OUT,">$n") || die "unable to read $n:$!\n";
+while (<IN>)
+ {
+ if (/^#((define)|(undef))\s+SIXTY_FOUR_BIT_LONG/)
+ { printf OUT "#%s SIXTY_FOUR_BIT_LONG\n",($b64l)?"define":"undef"; }
+ elsif (/^#((define)|(undef))\s+SIXTY_FOUR_BIT/)
+ { printf OUT "#%s SIXTY_FOUR_BIT\n",($b64)?"define":"undef"; }
+ elsif (/^#((define)|(undef))\s+THIRTY_TWO_BIT/)
+ { printf OUT "#%s THIRTY_TWO_BIT\n",($b32)?"define":"undef"; }
+ elsif (/^#((define)|(undef))\s+SIXTEEN_BIT/)
+ { printf OUT "#%s SIXTEEN_BIT\n",($b16)?"define":"undef"; }
+ elsif (/^#((define)|(undef))\s+EIGHT_BIT/)
+ { printf OUT "#%s EIGHT_BIT\n",($b8)?"define":"undef"; }
+ elsif (/^#((define)|(undef))\s+BN_LLONG\s*$/)
+ { printf OUT "#%s BN_LLONG\n",($bn_ll)?"define":"undef"; }
+ else
+ { print OUT $_; }
+ }
+close(IN);
+close(OUT);
+&Rename($bn,&file_old($bn));
+&Rename($n,$bn);
+
+(($in=$des) =~ s/\.([^.]+)/.$postfix/);
+$n=&file_new($des);
+open(IN,"<".$in) || die "unable to read $des:$!\n";
+open(OUT,">$n") || die "unable to read $n:$!\n";
+while (<IN>)
+ {
+ if (/^\#define\s+DES_LONG\s+.*/)
+ { printf OUT "#define DES_LONG unsigned %s\n",
+ ($des_int)?'int':'long'; }
+ else
+ { print OUT $_; }
+ }
+close(IN);
+close(OUT);
+&Rename($des,&file_old($des));
+&Rename($n,$des);
+
+(($in=$des_locl) =~ s/\.([^.]+)/.$postfix/);
+$n=&file_new($des_locl);
+open(IN,"<".$in) || die "unable to read $des_locl:$!\n";
+open(OUT,">$n") || die "unable to read $n:$!\n";
+while (<IN>)
+ {
+ if (/^\#(define|undef)\s+DES_PTR/)
+ { printf OUT "#%s DES_PTR\n",($des_ptr)?'define':'undef'; }
+ elsif (/^\#(define|undef)\s+DES_RISC1/)
+ { printf OUT "#%s DES_RISC1\n",($des_risc1)?'define':'undef'; }
+ elsif (/^\#(define|undef)\s+DES_RISC2/)
+ { printf OUT "#%s DES_RISC2\n",($des_risc2)?'define':'undef'; }
+ elsif (/^\#(define|undef)\s+DES_UNROLL/)
+ { printf OUT "#%s DES_UNROLL\n",($des_unroll)?'define':'undef'; }
+ else
+ { print OUT $_; }
+ }
+close(IN);
+close(OUT);
+&Rename($des_locl,&file_old($des_locl));
+&Rename($n,$des_locl);
+
+(($in=$rc4) =~ s/\.([^.]+)/.$postfix/);
+$n=&file_new($rc4);
+open(IN,"<".$in) || die "unable to read $rc4:$!\n";
+open(OUT,">$n") || die "unable to read $n:$!\n";
+while (<IN>)
+ {
+ if (/^#define\s+RC4_INT\s/)
+ { printf OUT "#define RC4_INT unsigned %s\n",$type[$rc4_int]; }
+ else
+ { print OUT $_; }
+ }
+close(IN);
+close(OUT);
+&Rename($rc4,&file_old($rc4));
+&Rename($n,$rc4);
+
+(($in=$rc4_locl) =~ s/\.([^.]+)/.$postfix/);
+$n=&file_new($rc4_locl);
+open(IN,"<".$in) || die "unable to read $rc4_locl:$!\n";
+open(OUT,">$n") || die "unable to read $n:$!\n";
+while (<IN>)
+ {
+ if (/^#((define)|(undef))\s+RC4_INDEX/)
+ { printf OUT "#%s RC4_INDEX\n",($rc4_idx)?"define":"undef"; }
+ else
+ { print OUT $_; }
+ }
+close(IN);
+close(OUT);
+&Rename($rc4_locl,&file_old($rc4_locl));
+&Rename($n,$rc4_locl);
+
+(($in=$md2) =~ s/\.([^.]+)/.$postfix/);
+$n=&file_new($md2);
+open(IN,"<".$in) || die "unable to read $bn:$!\n";
+open(OUT,">$n") || die "unable to read $n:$!\n";
+while (<IN>)
+ {
+ if (/^#define\s+MD2_INT\s/)
+ { printf OUT "#define MD2_INT unsigned %s\n",$type[$md2_int]; }
+ else
+ { print OUT $_; }
+ }
+close(IN);
+close(OUT);
+&Rename($md2,&file_old($md2));
+&Rename($n,$md2);
+
+(($in=$idea) =~ s/\.([^.]+)/.$postfix/);
+$n=&file_new($idea);
+open(IN,"<".$in) || die "unable to read $idea:$!\n";
+open(OUT,">$n") || die "unable to read $n:$!\n";
+while (<IN>)
+ {
+ if (/^#define\s+IDEA_INT\s/)
+ {printf OUT "#define IDEA_INT unsigned %s\n",$type[$idea_int];}
+ else
+ { print OUT $_; }
+ }
+close(IN);
+close(OUT);
+&Rename($idea,&file_old($idea));
+&Rename($n,$idea);
+
+(($in=$rc2) =~ s/\.([^.]+)/.$postfix/);
+$n=&file_new($rc2);
+open(IN,"<".$in) || die "unable to read $rc2:$!\n";
+open(OUT,">$n") || die "unable to read $n:$!\n";
+while (<IN>)
+ {
+ if (/^#define\s+RC2_INT\s/)
+ {printf OUT "#define RC2_INT unsigned %s\n",$type[$rc2_int];}
+ else
+ { print OUT $_; }
+ }
+close(IN);
+close(OUT);
+&Rename($rc2,&file_old($rc2));
+&Rename($n,$rc2);
+
+(($in=$bf) =~ s/\.([^.]+)/.$postfix/);
+$n=&file_new($bf);
+open(IN,"<".$in) || die "unable to read $bf:$!\n";
+open(OUT,">$n") || die "unable to read $n:$!\n";
+while (<IN>)
+ {
+ if (/^#(define|undef)\s+BF_PTR/)
+ {
+ printf OUT "#undef BF_PTR\n" if $bf_ptr == 0;
+ printf OUT "#define BF_PTR\n" if $bf_ptr == 1;
+ printf OUT "#define BF_PTR2\n" if $bf_ptr == 2;
+ }
+ else
+ { print OUT $_; }
+ }
+close(IN);
+close(OUT);
+&Rename($bf,&file_old($bf));
+&Rename($n,$bf);
+
+print "SIXTY_FOUR_BIT_LONG mode\n" if $b64l;
+print "SIXTY_FOUR_BIT mode\n" if $b64;
+print "THIRTY_TWO_BIT mode\n" if $b32;
+print "SIXTEEN_BIT mode\n" if $b16;
+print "EIGHT_BIT mode\n" if $b8;
+print "DES_PTR used\n" if $des_ptr;
+print "DES_RISC1 used\n" if $des_risc1;
+print "DES_RISC2 used\n" if $des_risc2;
+print "DES_UNROLL used\n" if $des_unroll;
+print "DES_INT used\n" if $des_int;
+print "BN_LLONG mode\n" if $bn_ll;
+print "RC4 uses u$type[$rc4_int]\n" if $rc4_int != $def_int;
+print "RC4_INDEX mode\n" if $rc4_idx;
+print "MD2 uses u$type[$md2_int]\n" if $md2_int != $def_int;
+print "IDEA uses u$type[$idea_int]\n" if $idea_int != $def_int;
+print "RC2 uses u$type[$rc2_int]\n" if $rc2_int != $def_int;
+print "BF_PTR used\n" if $bf_ptr == 1;
+print "BF_PTR2 used\n" if $bf_ptr == 2;
+exit(0);
+
+sub bad_target
+ {
+ print STDERR "Usage: Configure [-Dxxx] [-Lxxx] [-lxxx] os/compiler\n";
+ print STDERR "pick os/compiler from:";
+ $j=0;
+ foreach $i (sort keys %table)
+ {
+ next if /^b-/;
+ print STDERR "\n" if ($j++ % 4) == 0;
+ printf(STDERR "%-18s ",$i);
+ }
+ print STDERR "\n";
+ }
+
+sub Rename
+ {
+ local($from,$to)=@_;
+
+ unlink($to);
+# rename($from,$to) || die "unable to rename $from to $to:$!\n";
+ rename($from,$to) # Don't care if it fails..
+ }
+
+sub file_new { local($a)=@_; $a =~ s/(\.[^.]+$|$)/.new/; $a; }
+sub file_old { local($a)=@_; $a =~ s/(\.[^.]+$|$)/.old/; $a; }
diff --git a/src/lib/libssl/src/INSTALL b/src/lib/libssl/src/INSTALL
new file mode 100644
index 0000000000..d394bf8a7b
--- /dev/null
+++ b/src/lib/libssl/src/INSTALL
@@ -0,0 +1,128 @@
+# Installation of SSLeay.
+# It depends on perl for a few bits but those steps can be skipped and
+# the top level makefile edited by hand
+
+# When bringing the SSLeay distribution back from the evil intel world
+# of Windows NT, do the following to make it nice again under unix :-)
+# You don't normally need to run this.
+sh util/fixNT.sh # This only works for NT now - eay - 21-Jun-1996
+
+# If you have perl, and it is not in /usr/local/bin, you can run
+perl util/perlpath.pl /new/path
+# and this will fix the paths in all the scripts. DO NOT put
+# /new/path/perl, just /new/path. The build
+# environment always run scripts as 'perl perlscript.pl' but some of the
+# 'applications' are easier to usr with the path fixed.
+
+# Edit crypto/cryptlib.h, tools/c_rehash, and Makefile.ssl
+# to set the install locations if you don't like
+# the default location of /usr/local/ssl
+# Do this by running
+perl util/ssldir.pl /new/ssl/home
+# if you have perl, or by hand if not.
+
+# If things have been stuffed up with the sym links, run
+make -f Makefile.ssl links
+# This will re-populate lib/include with symlinks and for each
+# directory, link Makefile to Makefile.ssl
+
+# Setup the machine dependent stuff for the top level makefile
+# and some select .h files
+# If you don't have perl, this will bomb, in which case just edit the
+# top level Makefile.ssl
+./Configure 'system type'
+
+# The 'Configure' command contains default configuration parameters
+# for lots of machines. Configure edits 5 lines in the top level Makefile
+# It modifies the following values in the following files
+Makefile.ssl CC CFLAG EX_LIBS BN_MULW
+crypto/des/des.h DES_LONG
+crypto/des/des_locl.h DES_PTR
+crypto/md2/md2.h MD2_INT
+crypto/rc4/rc4.h RC4_INT
+crypto/rc4/rc4_enc.c RC4_INDEX
+crypto/rc2/rc2.h RC2_INT
+crypto/bf/bf_locl.h BF_INT
+crypto/idea/idea.h IDEA_INT
+crypto/bn/bn.h BN_LLONG (and defines one of SIXTY_FOUR_BIT,
+ SIXTY_FOUR_BIT_LONG, THIRTY_TWO_BIT,
+ SIXTEEN_BIT or EIGHT_BIT)
+Please remember that all these files are actually copies of the file with
+a .org extention. So if you change crypto/des/des.h, the next time
+you run Configure, it will be runover by a 'configured' version of
+crypto/des/des.org. So to make the changer the default, change the .org
+files. The reason these files have to be edited is because most of
+these modifications change the size of fundamental data types.
+While in theory this stuff is optional, it often makes a big
+difference in performance and when using assember, it is importaint
+for the 'Bignum bits' match those required by the assember code.
+A warning for people using gcc with sparc cpu's. Gcc needs the -mv8
+flag to use the hardware multiply instruction which was not present in
+earlier versions of the sparc CPU. I define it by default. If you
+have an old sparc, and it crashes, try rebuilding with this flag
+removed. I am leaving this flag on by default because it makes
+things run 4 times faster :-)
+
+# clean out all the old stuff
+make clean
+
+# Do a make depend only if you have the makedepend command installed
+# This is not needed but it does make things nice when developing.
+make depend
+
+# make should build everything
+make
+
+# fix up the demo certificate hash directory if it has been stuffed up.
+make rehash
+
+# test everything
+make test
+
+# install the lot
+make install
+
+# It is worth noting that all the applications are built into the one
+# program, ssleay, which is then has links from the other programs
+# names to it.
+# The applicatons can be built by themselves, just don't define the
+# 'MONOLITH' flag. So to build the 'enc' program stand alone,
+gcc -O2 -Iinclude apps/enc.c apps/apps.c libcrypto.a
+
+# Other useful make options are
+make makefile.one
+# which generate a 'makefile.one' file which will build the complete
+# SSLeay distribution with temp. files in './tmp' and 'installable' files
+# in './out'
+
+# Have a look at running
+perl util/mk1mf.pl help
+# this can be used to generate a single makefile and is about the only
+# way to generate makefiles for windows.
+
+# There is actually a final way of building SSLeay.
+gcc -O2 -c -Icrypto -Iinclude crypto/crypto.c
+gcc -O2 -c -Issl -Iinclude ssl/ssl.c
+# and you now have the 2 libraries as single object files :-).
+# If you want to use the assember code for your particular platform
+# (DEC alpha/x86 are the main ones, the other assember is just the
+# output from gcc) you will need to link the assember with the above generated
+# object file and also do the above compile as
+gcc -O2 -DBN_ASM -c -Icrypto -Iinclude crypto/crypto.c
+
+This last option is probably the best way to go when porting to another
+platform or building shared libraries. It is not good for development so
+I don't normally use it.
+
+To build shared libararies under unix, have a look in shlib, basically
+you are on your own, but it is quite easy and all you have to do
+is compile 2 (or 3) files.
+
+For mult-threading, have a read of doc/threads.doc. Again it is quite
+easy and normally only requires some extra callbacks to be defined
+by the application.
+The examples for solaris and windows NT/95 are in the mt directory.
+
+have fun
+
+eric 25-Jun-1997
diff --git a/src/lib/libssl/src/PROBLEMS b/src/lib/libssl/src/PROBLEMS
new file mode 100644
index 0000000000..d78e2d9a23
--- /dev/null
+++ b/src/lib/libssl/src/PROBLEMS
@@ -0,0 +1,50 @@
+If you have any problems with SSLeay then please take the following
+steps:
+
+ Remove the ASM version of the BN routines (edit Configure)
+ Remove the compiler optimisation flags
+ Add in the compiler debug flags (-g)
+
+Note: if using gcc then remove -fomit-frame-pointer before you try
+ to debug things.
+
+If you wish to report a bug then please include the following information
+in any bug report:
+
+ SSLeay Details
+ - Version, most of these details can be got from the
+ 'ssleay version -a' command.
+ Operating System Details
+ - OS Name
+ - OS Version
+ - Hardware platform
+ Compiler Details
+ - Name
+ - Version
+ Application Details
+ - Name
+ - Version
+ Problem Description
+ - include steps that will reproduce the problem (if known)
+ Stack Traceback (if the application dumps core)
+
+For example:
+
+ SSLeay-0.5.1a
+ SunOS 5.3, SPARC, SunC 3.0
+ SSLtelnet-0.7
+
+ Core dumps when using telnet with SSL support in bn_mul() with
+ the following stack trackback
+ ...
+
+
+Report the bug to either
+ ssleay@mincom.oz.au (Eric and Tim)
+or
+ ssl-bugs@mincom.oz.au (mailing list of active developers)
+
+
+Tim Hudson
+tjh@mincom.oz.au
+
diff --git a/src/lib/libssl/src/README b/src/lib/libssl/src/README
new file mode 100644
index 0000000000..eaa77007f0
--- /dev/null
+++ b/src/lib/libssl/src/README
@@ -0,0 +1,173 @@
+ SSLeay 0.9.0b 29-Jun-1998
+ Copyright (c) 1997, Eric Young
+ All rights reserved.
+
+This directory contains Eric Young's (eay@cryptsoft.com) implementation
+of SSL and supporting libraries.
+
+The current version of this library is available from
+ ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL/SSLeay-x.x.x.tar.gz
+
+There are patches to a number of internet applications which can be found in
+ ftp://ftp.psy.uq.oz.au/pub/Crypto/SSLapps/
+
+A Web page containing the SSLeay FAQ written by Tim Hudson <tjh@cryptsoft.com>
+can be found at
+ http://www.psy.uq.oz.au/~ftp/Crypto
+
+Additional documentation is being slowly written by Eric Young, and is being
+added to http://www.cryptsoft.com/ssleay/doc. It will normally also be
+available on http://www.psy.uq.oz.au/~ftp/Crypto/ssleay
+
+This Library and programs are FREE for commercial and non-commercial
+usage. The only restriction is that I must be attributed with the
+development of this code. See the COPYRIGHT file for more details.
+Donations would still be accepted :-).
+
+THIS LIBRARY IS NOT %100 COMPATABLE WITH SSLeay 0.6.6
+
+The package includes
+
+libssl.a:
+ My implementation of SSLv2, SSLv3 and the required code to support
+ both SSLv2 and SSLv3 in the one server.
+
+libcrypto.a:
+ General encryption and X509 stuff needed by SSL but not
+ actually logically part of it. It includes routines for the following:
+
+ Ciphers
+ libdes - My libdes DES encryption package which has been floating
+ around the net for a few years. It includes 15
+ 'modes/variations' of DES (1, 2 and 3 key versions of ecb,
+ cbc, cfb and ofb; pcbc and a more general form of cfb and ofb)
+ including desx in cbc mode,
+ a fast crypt(3), and routines to read passwords from the
+ keyboard.
+ RC4 encryption,
+ RC2 encryption - 4 different modes, ecb, cbc, cfb and ofb.
+ Blowfish encryption - 4 different modes, ecb, cbc, cfb and ofb.
+ IDEA encryption - 4 different modes, ecb, cbc, cfb and ofb.
+
+ Digests
+ MD5 and MD2 message digest algorithms, fast implementations,
+ SHA (SHA-0) and SHA-1 message digest algorithms,
+ MDC2 message digest. A DES based hash that is polular on smart cards.
+
+ Public Key
+ RSA encryption/decryption/generation. There is no limit
+ on the number of bits.
+ DSA encryption/decryption/generation. There is no limit on the
+ number of bits.
+ Diffie-Hellman key-exchange/key generation. There is no limit
+ on the number of bits.
+
+ X509v3 certificates
+ X509 encoding/decoding into/from binary ASN1 and a PEM
+ based ascii-binary encoding which supports encryption with
+ a private key.
+ Program to generate RSA and DSA certificate requests and to
+ generate RSA and DSA certificates.
+
+ Systems
+ The normal digital envelope routines and base64 encoding.
+ Higher level access to ciphers and digests by name. New ciphers can be
+ loaded at run time.
+ The BIO io system which is a simple non-blocking IO abstraction.
+ Current methods supported are file descriptors, sockets,
+ socket accept, socket connect, memory buffer, buffering,
+ SSL client/server, file pointer, encryption, digest,
+ non-blocking testing and null.
+ Data structures
+ A dynamically growing hashing system
+ A simple stack.
+ A Configuration loader that uses a format similar to MS .ini files.
+
+Programs in this package include
+ enc - a general encryption program that can encrypt/decrypt using
+ one of 17 different cipher/mode combinations. The
+ input/output can also be converted to/from base64
+ ascii encoding.
+ dgst - a generate message digesting program that will generate
+ message digests for any of md2, md5, sha (sha-0 or sha-1)
+ or mdc2.
+ asn1parse - parse and display the structure of an asn1 encoded
+ binary file.
+ rsa - Manipulate RSA private keys.
+ dsa - Manipulate DSA private keys.
+ dh - Manipulate Diffie-Hellman parameter files.
+ dsaparam- Manipulate and generate DSA parameter files.
+ crl - Manipulate certificate revocation lists.
+ crt2pkcs7- Generate a pkcs7 object containing a crl and a certificate.
+ x509 - Manipulate x509 certificates, self-sign certificates.
+ req - Manipulate PKCS#10 certificate requests and also
+ generate certificate requests.
+ genrsa - Generates an arbitrary sized RSA private key.
+ gendh - Generates a set of Diffie-Hellman parameters, the prime
+ will be a strong prime.
+ ca - Create certificates from PKCS#10 certificate requests.
+ This program also maintains a database of certificates
+ issued.
+ verify - Check x509 certificate signatures.
+ speed - Benchmark SSLeay's ciphers.
+ s_server- A test SSL server.
+ s_client- A test SSL client.
+ s_time - Benchmark SSL performance of SSL server programs.
+ errstr - Convert from SSLeay hex error codes to a readable form.
+
+Documents avaliable are
+ A Postscript and html reference manual
+ (written by Tim Hudson tjh@cryptsoft.com).
+
+ A list of text protocol references I used.
+ An initial version of the library manual.
+
+To install this package, read the INSTALL file.
+For the Microsoft word, read MICROSOFT
+This library has been compiled and tested on Solaris 2.[34] (sparc and x86),
+SunOS 4.1.3, DGUX, OSF1 Alpha, HPUX 9, AIX 3.5(?), IRIX 5.[23],
+LINUX, NeXT (intel), linux, Windows NT, Windows 3.1, MSDOS 6.22.
+
+Multithreading has been tested under Windows NT and Solaris 2.5.1
+
+Due to time constraints, the current release has only be rigorously tested
+on Solaris 2.[45], Linux and Windows NT.
+
+For people in the USA, it is possible to compile SSLeay to use RSA
+Inc.'s public key library, RSAref. From my understanding, it is
+claimed by RSA Inc. to be illegal to use my public key routines inside the USA.
+Read doc/rsaref.doc on how to build with RSAref.
+
+Read the documentation in the doc directory. It is quite rough,
+but it lists the functions, you will probably have to look at
+the code to work out how to used them. I will be working on
+documentation. Look at the example programs.
+
+There should be a SSL reference manual which is being put together by
+Tim Hudson (tjh@cryptsoft.com) in the same location as this
+distribution. This contains a lot more information that is very
+useful. For a description of X509 Certificates, their use, and
+certification, read rfc1421, rfc1422, rfc1423 and rfc1424. ssl/README
+also goes over the mechanism.
+
+We have setup some mailing lists for use by people that are interested
+in helping develop this code and/or ask questions.
+ ssl-bugs@mincom.oz.au
+ ssl-users@mincom.oz.au
+ ssl-bugs-request@mincom.oz.au
+ ssl-users-request@mincom.oz.au
+
+I have recently read about a new form of software, that which is in
+a permanent state of beta release. Linux and Netscape are 2 good
+examples of this, and I would also add SSLeay to this category.
+The Current stable release is 0.6.6. It has a few minor problems.
+0.8.0 is not call compatable so make sure you have the correct version
+of SSLeay to link with.
+
+eric (Jun 1997)
+
+Eric Young (eay@cryptsoft.com)
+86 Taunton St.
+Annerley 4103.
+Australia.
+
diff --git a/src/lib/libssl/src/apps/CA.sh b/src/lib/libssl/src/apps/CA.sh
new file mode 100644
index 0000000000..1942b985a2
--- /dev/null
+++ b/src/lib/libssl/src/apps/CA.sh
@@ -0,0 +1,132 @@
+#!/bin/sh
+#
+# CA - wrapper around ca to make it easier to use ... basically ca requires
+# some setup stuff to be done before you can use it and this makes
+# things easier between now and when Eric is convinced to fix it :-)
+#
+# CA -newca ... will setup the right stuff
+# CA -newreq ... will generate a certificate request
+# CA -sign ... will sign the generated request and output
+#
+# At the end of that grab newreq.pem and newcert.pem (one has the key
+# and the other the certificate) and cat them together and that is what
+# you want/need ... I'll make even this a little cleaner later.
+#
+#
+# 12-Jan-96 tjh Added more things ... including CA -signcert which
+# converts a certificate to a request and then signs it.
+# 10-Jan-96 eay Fixed a few more bugs and added the SSLEAY_CONFIG
+# environment variable so this can be driven from
+# a script.
+# 25-Jul-96 eay Cleaned up filenames some more.
+# 11-Jun-96 eay Fixed a few filename missmatches.
+# 03-May-96 eay Modified to use 'ssleay cmd' instead of 'cmd'.
+# 18-Apr-96 tjh Original hacking
+#
+# Tim Hudson
+# tjh@cryptsoft.com
+#
+
+# default ssleay.cnf file has setup as per the following
+# demoCA ... where everything is stored
+
+DAYS="-days 365"
+REQ="ssleay req $SSLEAY_CONFIG"
+CA="ssleay ca $SSLEAY_CONFIG"
+VERIFY="ssleay verify"
+X509="ssleay x509"
+
+CATOP=./demoCA
+CAKEY=./cakey.pem
+CACERT=./cacert.pem
+
+for i
+do
+case $i in
+-\?|-h|-help)
+ echo "usage: CA -newcert|-newreq|-newca|-sign|-verify" >&2
+ exit 0
+ ;;
+-newcert)
+ # create a certificate
+ $REQ -new -x509 -keyout newreq.pem -out newreq.pem $DAYS
+ RET=$?
+ echo "Certificate (and private key) is in newreq.pem"
+ ;;
+-newreq)
+ # create a certificate request
+ $REQ -new -keyout newreq.pem -out newreq.pem $DAYS
+ RET=$?
+ echo "Request (and private key) is in newreq.pem"
+ ;;
+-newca)
+ # if explictly asked for or it doesn't exist then setup the directory
+ # structure that Eric likes to manage things
+ NEW="1"
+ if [ "$NEW" -o ! -f ${CATOP}/serial ]; then
+ # create the directory hierarchy
+ mkdir ${CATOP}
+ mkdir ${CATOP}/certs
+ mkdir ${CATOP}/crl
+ mkdir ${CATOP}/newcerts
+ mkdir ${CATOP}/private
+ echo "01" > ${CATOP}/serial
+ touch ${CATOP}/index.txt
+ fi
+ if [ ! -f ${CATOP}/private/$CAKEY ]; then
+ echo "CA certificate filename (or enter to create)"
+ read FILE
+
+ # ask user for existing CA certificate
+ if [ "$FILE" ]; then
+ cp $FILE ${CATOP}/private/$CAKEY
+ RET=$?
+ else
+ echo "Making CA certificate ..."
+ $REQ -new -x509 -keyout ${CATOP}/private/$CAKEY \
+ -out ${CATOP}/$CACERT $DAYS
+ RET=$?
+ fi
+ fi
+ ;;
+-xsign)
+ $CA -policy policy_anything -infiles newreq.pem
+ RET=$?
+ ;;
+-sign|-signreq)
+ $CA -policy policy_anything -out newcert.pem -infiles newreq.pem
+ RET=$?
+ cat newcert.pem
+ echo "Signed certificate is in newcert.pem"
+ ;;
+-signcert)
+ echo "Cert passphrase will be requested twice - bug?"
+ $X509 -x509toreq -in newreq.pem -signkey newreq.pem -out tmp.pem
+ $CA -policy policy_anything -out newcert.pem -infiles tmp.pem
+ cat newcert.pem
+ echo "Signed certificate is in newcert.pem"
+ ;;
+-verify)
+ shift
+ if [ -z "$1" ]; then
+ $VERIFY -CAfile $CATOP/$CACERT newcert.pem
+ RET=$?
+ else
+ for j
+ do
+ $VERIFY -CAfile $CATOP/$CACERT $j
+ if [ $? != 0 ]; then
+ RET=$?
+ fi
+ done
+ fi
+ exit 0
+ ;;
+*)
+ echo "Unknown arg $i";
+ exit 1
+ ;;
+esac
+done
+exit $RET
+
diff --git a/src/lib/libssl/src/apps/apps.c b/src/lib/libssl/src/apps/apps.c
new file mode 100644
index 0000000000..5f0c8fa539
--- /dev/null
+++ b/src/lib/libssl/src/apps/apps.c
@@ -0,0 +1,320 @@
+/* apps/apps.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#define NON_MAIN
+#include "apps.h"
+#undef NON_MAIN
+
+#ifdef WINDOWS
+# include "bss_file.c"
+#endif
+
+#ifndef NOPROTO
+int app_init(long mesgwin);
+#else
+int app_init();
+#endif
+
+#ifdef undef /* never finished - probably never will be :-) */
+int args_from_file(file,argc,argv)
+char *file;
+int *argc;
+char **argv[];
+ {
+ FILE *fp;
+ int num,i;
+ unsigned int len;
+ static char *buf=NULL;
+ static char **arg=NULL;
+ char *p;
+ struct stat stbuf;
+
+ if (stat(file,&stbuf) < 0) return(0);
+
+ fp=fopen(file,"r");
+ if (fp == NULL)
+ return(0);
+
+ *argc=0;
+ *argv=NULL;
+
+ len=(unsigned int)stbuf.st_size;
+ if (buf != NULL) Free(buf);
+ buf=(char *)Malloc(len+1);
+ if (buf == NULL) return(0);
+
+ len=fread(buf,1,len,fp);
+ if (len <= 1) return(0);
+ buf[len]='\0';
+
+ i=0;
+ for (p=buf; *p; p++)
+ if (*p == '\n') i++;
+ if (arg != NULL) Free(arg);
+ arg=(char **)Malloc(sizeof(char *)*(i*2));
+
+ *argv=arg;
+ num=0;
+ p=buf;
+ for (;;)
+ {
+ if (!*p) break;
+ if (*p == '#') /* comment line */
+ {
+ while (*p && (*p != '\n')) p++;
+ continue;
+ }
+ /* else we have a line */
+ *(arg++)=p;
+ num++;
+ while (*p && ((*p != ' ') && (*p != '\t') && (*p != '\n')))
+ p++;
+ if (!*p) break;
+ if (*p == '\n')
+ {
+ *(p++)='\0';
+ continue;
+ }
+ /* else it is a tab or space */
+ p++;
+ while (*p && ((*p == ' ') || (*p == '\t') || (*p == '\n')))
+ p++;
+ if (!*p) break;
+ if (*p == '\n')
+ {
+ p++;
+ continue;
+ }
+ *(arg++)=p++;
+ num++;
+ while (*p && (*p != '\n')) p++;
+ if (!*p) break;
+ /* else *p == '\n' */
+ *(p++)='\0';
+ }
+ *argc=num;
+ return(1);
+ }
+#endif
+
+int str2fmt(s)
+char *s;
+ {
+ if ((*s == 'D') || (*s == 'd'))
+ return(FORMAT_ASN1);
+ else if ((*s == 'T') || (*s == 't'))
+ return(FORMAT_TEXT);
+ else if ((*s == 'P') || (*s == 'p'))
+ return(FORMAT_PEM);
+ else if ((*s == 'N') || (*s == 'n'))
+ return(FORMAT_NETSCAPE);
+ else
+ return(FORMAT_UNDEF);
+ }
+
+#if defined(MSDOS) || defined(WIN32) || defined(WIN16)
+void program_name(in,out,size)
+char *in;
+char *out;
+int size;
+ {
+ int i,n;
+ char *p=NULL;
+
+ n=strlen(in);
+ /* find the last '/', '\' or ':' */
+ for (i=n-1; i>0; i--)
+ {
+ if ((in[i] == '/') || (in[i] == '\\') || (in[i] == ':'))
+ {
+ p= &(in[i+1]);
+ break;
+ }
+ }
+ if (p == NULL)
+ p=in;
+ n=strlen(p);
+ /* strip off trailing .exe if present. */
+ if ((n > 4) && (p[n-4] == '.') &&
+ ((p[n-3] == 'e') || (p[n-3] == 'E')) &&
+ ((p[n-2] == 'x') || (p[n-2] == 'X')) &&
+ ((p[n-1] == 'e') || (p[n-1] == 'E')))
+ n-=4;
+ if (n > size-1)
+ n=size-1;
+
+ for (i=0; i<n; i++)
+ {
+ if ((p[i] >= 'A') && (p[i] <= 'Z'))
+ out[i]=p[i]-'A'+'a';
+ else
+ out[i]=p[i];
+ }
+ out[n]='\0';
+ }
+#else
+void program_name(in,out,size)
+char *in;
+char *out;
+int size;
+ {
+ char *p;
+
+ p=strrchr(in,'/');
+ if (p != NULL)
+ p++;
+ else
+ p=in;
+ strncpy(out,p,size-1);
+ out[size-1]='\0';
+ }
+#endif
+
+#ifdef WIN32
+int WIN32_rename(from,to)
+char *from;
+char *to;
+ {
+ int ret;
+
+ ret=MoveFileEx(from,to,MOVEFILE_REPLACE_EXISTING|MOVEFILE_COPY_ALLOWED);
+ return(ret?0:-1);
+ }
+#endif
+
+int chopup_args(arg,buf,argc,argv)
+ARGS *arg;
+char *buf;
+int *argc;
+char **argv[];
+ {
+ int num,len,i;
+ char *p;
+
+ *argc=0;
+ *argv=NULL;
+
+ len=strlen(buf);
+ i=0;
+ if (arg->count == 0)
+ {
+ arg->count=20;
+ arg->data=(char **)Malloc(sizeof(char *)*arg->count);
+ }
+ for (i=0; i<arg->count; i++)
+ arg->data[i]=NULL;
+
+ num=0;
+ p=buf;
+ for (;;)
+ {
+ /* first scan over white space */
+ if (!*p) break;
+ while (*p && ((*p == ' ') || (*p == '\t') || (*p == '\n')))
+ p++;
+ if (!*p) break;
+
+ /* The start of something good :-) */
+ if (num >= arg->count)
+ {
+ arg->count+=20;
+ arg->data=(char **)Realloc(arg->data,
+ sizeof(char *)*arg->count);
+ if (argc == 0) return(0);
+ }
+ arg->data[num++]=p;
+
+ /* now look for the end of this */
+ if ((*p == '\'') || (*p == '\"')) /* scan for closing quote */
+ {
+ i= *(p++);
+ arg->data[num-1]++; /* jump over quote */
+ while (*p && (*p != i))
+ p++;
+ *p='\0';
+ }
+ else
+ {
+ while (*p && ((*p != ' ') &&
+ (*p != '\t') && (*p != '\n')))
+ p++;
+
+ if (*p == '\0')
+ p--;
+ else
+ *p='\0';
+ }
+ p++;
+ }
+ *argc=num;
+ *argv=arg->data;
+ return(1);
+ }
+
+#ifndef APP_INIT
+int app_init(mesgwin)
+long mesgwin;
+ {
+ return(1);
+ }
+#endif
diff --git a/src/lib/libssl/src/apps/apps.h b/src/lib/libssl/src/apps/apps.h
new file mode 100644
index 0000000000..25a9262e03
--- /dev/null
+++ b/src/lib/libssl/src/apps/apps.h
@@ -0,0 +1,150 @@
+/* apps/apps.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_APPS_H
+#define HEADER_APPS_H
+
+#include "e_os.h"
+
+#include "buffer.h"
+#include "bio.h"
+#include "crypto.h"
+#include "progs.h"
+
+#ifdef NO_STDIO
+BIO_METHOD *BIO_s_file();
+#endif
+
+#ifdef WIN32
+#define rename(from,to) WIN32_rename((from),(to))
+int WIN32_rename(char *oldname,char *newname);
+#endif
+
+#ifndef MONOLITH
+
+#define MAIN(a,v) main(a,v)
+
+#ifndef NON_MAIN
+BIO *bio_err=NULL;
+#else
+extern BIO *bio_err;
+#endif
+
+#else
+
+#define MAIN(a,v) PROG(a,v)
+#include "conf.h"
+extern LHASH *config;
+extern char *default_config_file;
+extern BIO *bio_err;
+
+#endif
+
+#include <signal.h>
+
+#ifdef SIGPIPE
+#define do_pipe_sig() signal(SIGPIPE,SIG_IGN)
+#else
+#define do_pipe_sig()
+#endif
+
+#if defined(MONOLITH) && !defined(SSLEAY)
+# define apps_startup() do_pipe_sig()
+#else
+# if defined(MSDOS) || defined(WIN16) || defined(WIN32)
+# ifdef _O_BINARY
+# define apps_startup() \
+ _fmode=_O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \
+ SSLeay_add_all_algorithms()
+# else
+# define apps_startup() \
+ _fmode=O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \
+ SSLeay_add_all_algorithms()
+# endif
+# else
+# define apps_startup() do_pipe_sig(); SSLeay_add_all_algorithms();
+# endif
+#endif
+
+typedef struct args_st
+ {
+ char **data;
+ int count;
+ } ARGS;
+
+#ifndef NOPROTO
+int should_retry(int i);
+int args_from_file(char *file, int *argc, char **argv[]);
+int str2fmt(char *s);
+void program_name(char *in,char *out,int size);
+int chopup_args(ARGS *arg,char *buf, int *argc, char **argv[]);
+#else
+int should_retry();
+int args_from_file();
+int str2fmt();
+void program_name();
+int chopup_args();
+#endif
+
+#define FORMAT_UNDEF 0
+#define FORMAT_ASN1 1
+#define FORMAT_TEXT 2
+#define FORMAT_PEM 3
+#define FORMAT_NETSCAPE 4
+
+#endif
diff --git a/src/lib/libssl/src/apps/asn1pars.c b/src/lib/libssl/src/apps/asn1pars.c
new file mode 100644
index 0000000000..3d382282e4
--- /dev/null
+++ b/src/lib/libssl/src/apps/asn1pars.c
@@ -0,0 +1,238 @@
+/* apps/asn1pars.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "apps.h"
+#include "err.h"
+#include "evp.h"
+#include "x509.h"
+#include "pem.h"
+
+#define FORMAT_UNDEF 0
+#define FORMAT_ASN1 1
+#define FORMAT_TEXT 2
+#define FORMAT_PEM 3
+
+/* -inform arg - input format - default PEM (DER or PEM)
+ * -in arg - input file - default stdin
+ * -i - indent the details by depth
+ * -offset - where in the file to start
+ * -length - how many bytes to use
+ * -oid file - extra oid decription file
+ */
+
+#undef PROG
+#define PROG asn1parse_main
+
+int MAIN(argc, argv)
+int argc;
+char **argv;
+ {
+ int i,badops=0,offset=0,ret=1;
+ unsigned int length=0;
+ long num;
+ BIO *in=NULL,*out=NULL,*b64=NULL;
+ int informat,indent=0;
+ char *infile=NULL,*str=NULL,*prog,*oidfile=NULL;
+ BUF_MEM *buf=NULL;
+
+ informat=FORMAT_PEM;
+
+ apps_startup();
+
+ if (bio_err == NULL)
+ if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+
+ prog=argv[0];
+ argc--;
+ argv++;
+ while (argc >= 1)
+ {
+ if (strcmp(*argv,"-inform") == 0)
+ {
+ if (--argc < 1) goto bad;
+ informat=str2fmt(*(++argv));
+ }
+ else if (strcmp(*argv,"-in") == 0)
+ {
+ if (--argc < 1) goto bad;
+ infile= *(++argv);
+ }
+ else if (strcmp(*argv,"-i") == 0)
+ {
+ indent=1;
+ }
+ else if (strcmp(*argv,"-oid") == 0)
+ {
+ if (--argc < 1) goto bad;
+ oidfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-offset") == 0)
+ {
+ if (--argc < 1) goto bad;
+ offset= atoi(*(++argv));
+ }
+ else if (strcmp(*argv,"-length") == 0)
+ {
+ if (--argc < 1) goto bad;
+ length= atoi(*(++argv));
+ if (length == 0) goto bad;
+ }
+ else
+ {
+ BIO_printf(bio_err,"unknown option %s\n",*argv);
+ badops=1;
+ break;
+ }
+ argc--;
+ argv++;
+ }
+
+ if (badops)
+ {
+bad:
+ BIO_printf(bio_err,"%s [options] <infile\n",prog);
+ BIO_printf(bio_err,"where options are\n");
+ BIO_printf(bio_err," -inform arg input format - one of DER TXT PEM\n");
+ BIO_printf(bio_err," -in arg inout file\n");
+ BIO_printf(bio_err," -offset arg offset into file\n");
+ BIO_printf(bio_err," -length arg lenth of section in file\n");
+ BIO_printf(bio_err," -i indent entries\n");
+ BIO_printf(bio_err," -oid file file of extra oid definitions\n");
+ goto end;
+ }
+
+ ERR_load_crypto_strings();
+
+ in=BIO_new(BIO_s_file());
+ out=BIO_new(BIO_s_file());
+ if ((in == NULL) || (out == NULL))
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ BIO_set_fp(out,stdout,BIO_NOCLOSE|BIO_FP_TEXT);
+
+ if (oidfile != NULL)
+ {
+ if (BIO_read_filename(in,oidfile) <= 0)
+ {
+ BIO_printf(bio_err,"problems opening %s\n",oidfile);
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ OBJ_create_objects(in);
+ }
+
+ if (infile == NULL)
+ BIO_set_fp(in,stdin,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_read_filename(in,infile) <= 0)
+ {
+ perror(infile);
+ goto end;
+ }
+ }
+
+ if ((buf=BUF_MEM_new()) == NULL) goto end;
+ if (!BUF_MEM_grow(buf,BUFSIZ*8)) goto end; /* Pre-allocate :-) */
+
+ if (informat == FORMAT_PEM)
+ {
+ BIO *tmp;
+
+ if ((b64=BIO_new(BIO_f_base64())) == NULL)
+ goto end;
+ BIO_push(b64,in);
+ tmp=in;
+ in=b64;
+ b64=tmp;
+ }
+
+ num=0;
+ for (;;)
+ {
+ if (!BUF_MEM_grow(buf,(int)num+BUFSIZ)) goto end;
+ i=BIO_read(in,&(buf->data[num]),BUFSIZ);
+ if (i <= 0) break;
+ num+=i;
+ }
+ str=buf->data;
+
+ if (length == 0) length=(unsigned int)num;
+ if (!ASN1_parse(out,(unsigned char *)&(str[offset]),length,indent))
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ ret=0;
+end:
+ if (in != NULL) BIO_free(in);
+ if (out != NULL) BIO_free(out);
+ if (b64 != NULL) BIO_free(b64);
+ if (ret != 0)
+ ERR_print_errors(bio_err);
+ if (buf != NULL) BUF_MEM_free(buf);
+ OBJ_cleanup();
+ EXIT(ret);
+ }
+
diff --git a/src/lib/libssl/src/apps/ca-cert.srl b/src/lib/libssl/src/apps/ca-cert.srl
new file mode 100644
index 0000000000..75016ea362
--- /dev/null
+++ b/src/lib/libssl/src/apps/ca-cert.srl
@@ -0,0 +1 @@
+03
diff --git a/src/lib/libssl/src/apps/ca-key.pem b/src/lib/libssl/src/apps/ca-key.pem
new file mode 100644
index 0000000000..3a520b238f
--- /dev/null
+++ b/src/lib/libssl/src/apps/ca-key.pem
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQCju6PLddelT+nIMm07GQwmYa/eZ2JWbsmt2gotSCqM7asFp425
+gxSK4jqhhT62UPpqDBEwvQ+fYkVv3RV0r9ReuZGv12NoS4fXsQgqO17lHA7Od0Kd
+2yNwJjKh44MxPKDt2o8iQMyZE0zlHnEFNpsP4COLTDNC6ljEEu5bk8uPsQIDAQAB
+AoGAVZmpFZsDZfr0l2S9tLLwpjRWNOlKATQkno6q2WesT0eGLQufTciY+c8ypfU6
+hyio8r5iUl/VhhdjhAtKx1mRpiotftHo/eYf8rtsrnprOnWG0bWjLjtIoMbcxGn2
+J3bN6LJmbJMjDs0eJ3KnTu646F3nDUw2oGAwmpzKXA1KAP0CQQDRvQhxk2D3Pehs
+HvG665u2pB5ipYQngEFlZO7RHJZzJOZEWSLuuMqaF/7pTfA5jiBvWqCgJeCRRInL
+21ru4dlPAkEAx9jj7BgKn5TYnMoBSSe0afjsV9oApVpN1Nacb1YDtCwy+scp3++s
+nFxlv98wxIlSdpwMUn+AUWfjiWR7Tu/G/wJBAJ/KjwZIrFVxewP0x2ILYsTRYLzz
+MS4PDsO7FB+I0i7DbBOifXS2oNSpd3I0CNMwrxFnUHzynpbOStVfN3ZL5w0CQQCa
+pwFahxBRhkJKsxhjoFJBX9yl75JoY4Wvm5Tbo9ih6UJaRx3kqfkN14L2BKYcsZgb
+KY9vmDOYy6iNfjDeWTfJAkBkfPUb8oTJ/nSP5zN6sqGxSY4krc4xLxpRmxoJ8HL2
+XfhqXkTzbU13RX9JJ/NZ8vQN9Vm2NhxRGJocQkmcdVtJ
+-----END RSA PRIVATE KEY-----
diff --git a/src/lib/libssl/src/apps/ca-req.pem b/src/lib/libssl/src/apps/ca-req.pem
new file mode 100644
index 0000000000..77bf7ec308
--- /dev/null
+++ b/src/lib/libssl/src/apps/ca-req.pem
@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBmTCCAQICAQAwWzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQx
+GjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYDVQQDExJUZXN0IENBICgx
+MDI0IGJpdCkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKO7o8t116VP6cgy
+bTsZDCZhr95nYlZuya3aCi1IKoztqwWnjbmDFIriOqGFPrZQ+moMETC9D59iRW/d
+FXSv1F65ka/XY2hLh9exCCo7XuUcDs53Qp3bI3AmMqHjgzE8oO3ajyJAzJkTTOUe
+cQU2mw/gI4tMM0LqWMQS7luTy4+xAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAKlk7
+cxu9gCJN3/iQFyJXQ6YphaiQAT5VBXTx9ftRrQIjA3vxlDzPWGDy+V5Tqa7h8PtR
+5Bn00JShII2zf0hjyjKils6x/UkWmjEiwSiFp4hR70iE8XwSNEHY2P6j6nQEIpgW
+kbfgmmUqk7dl2V+ossTJ80B8SBpEhrn81V/cHxA=
+-----END CERTIFICATE REQUEST-----
diff --git a/src/lib/libssl/src/apps/ca.c b/src/lib/libssl/src/apps/ca.c
new file mode 100644
index 0000000000..a5848366cf
--- /dev/null
+++ b/src/lib/libssl/src/apps/ca.c
@@ -0,0 +1,2056 @@
+/* apps/ca.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* The PPKI stuff has been donated by Jeff Barber <jeffb@issl.atl.hp.com> */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include "apps.h"
+#include "bio.h"
+#include "err.h"
+#include "bn.h"
+#include "txt_db.h"
+#include "evp.h"
+#include "x509.h"
+#include "objects.h"
+#include "pem.h"
+#include "conf.h"
+
+#ifndef W_OK
+#include <sys/file.h>
+#endif
+
+#undef PROG
+#define PROG ca_main
+
+#define BASE_SECTION "ca"
+#define CONFIG_FILE "lib/ssleay.cnf"
+
+#define ENV_DEFAULT_CA "default_ca"
+
+#define ENV_DIR "dir"
+#define ENV_CERTS "certs"
+#define ENV_CRL_DIR "crl_dir"
+#define ENV_CA_DB "CA_DB"
+#define ENV_NEW_CERTS_DIR "new_certs_dir"
+#define ENV_CERTIFICATE "certificate"
+#define ENV_SERIAL "serial"
+#define ENV_CRL "crl"
+#define ENV_PRIVATE_KEY "private_key"
+#define ENV_RANDFILE "RANDFILE"
+#define ENV_DEFAULT_DAYS "default_days"
+#define ENV_DEFAULT_STARTDATE "default_startdate"
+#define ENV_DEFAULT_CRL_DAYS "default_crl_days"
+#define ENV_DEFAULT_CRL_HOURS "default_crl_hours"
+#define ENV_DEFAULT_MD "default_md"
+#define ENV_PRESERVE "preserve"
+#define ENV_POLICY "policy"
+#define ENV_EXTENSIONS "x509_extensions"
+#define ENV_MSIE_HACK "msie_hack"
+
+#define ENV_DATABASE "database"
+
+#define DB_type 0
+#define DB_exp_date 1
+#define DB_rev_date 2
+#define DB_serial 3 /* index - unique */
+#define DB_file 4
+#define DB_name 5 /* index - unique for active */
+#define DB_NUMBER 6
+
+#define DB_TYPE_REV 'R'
+#define DB_TYPE_EXP 'E'
+#define DB_TYPE_VAL 'V'
+
+static char *ca_usage[]={
+"usage: ca args\n",
+"\n",
+" -verbose - Talk alot while doing things\n",
+" -config file - A config file\n",
+" -name arg - The particular CA definition to use\n",
+" -gencrl - Generate a new CRL\n",
+" -crldays days - Days is when the next CRL is due\n",
+" -crlhours hours - Hours is when the next CRL is due\n",
+" -days arg - number of days to certify the certificate for\n",
+" -md arg - md to use, one of md2, md5, sha or sha1\n",
+" -policy arg - The CA 'policy' to support\n",
+" -keyfile arg - PEM private key file\n",
+" -key arg - key to decode the private key if it is encrypted\n",
+" -cert - The CA certificate\n",
+" -in file - The input PEM encoded certificate request(s)\n",
+" -out file - Where to put the output file(s)\n",
+" -outdir dir - Where to put output certificates\n",
+" -infiles .... - The last argument, requests to process\n",
+" -spkac file - File contains DN and signed public key and challenge\n",
+" -ss_cert file - File contains a self signed cert to sign\n",
+" -preserveDN - Don't re-order the DN\n",
+" -batch - Don't ask questions\n",
+" -msie_hack - msie modifications to handle all thos universal strings\n",
+NULL
+};
+
+#ifdef EFENCE
+extern int EF_PROTECT_FREE;
+extern int EF_PROTECT_BELOW;
+extern int EF_ALIGNMENT;
+#endif
+
+#ifndef NOPROTO
+static STACK *load_extensions(char *section);
+static void lookup_fail(char *name,char *tag);
+static int MS_CALLBACK key_callback(char *buf,int len,int verify);
+static unsigned long index_serial_hash(char **a);
+static int index_serial_cmp(char **a, char **b);
+static unsigned long index_name_hash(char **a);
+static int index_name_qual(char **a);
+static int index_name_cmp(char **a,char **b);
+static BIGNUM *load_serial(char *serialfile);
+static int save_serial(char *serialfile, BIGNUM *serial);
+static int certify(X509 **xret, char *infile,EVP_PKEY *pkey,X509 *x509,
+ EVP_MD *dgst,STACK *policy,TXT_DB *db,BIGNUM *serial,char *startdate,
+ int days, int batch, STACK *extensions,int verbose);
+static int certify_cert(X509 **xret, char *infile,EVP_PKEY *pkey,X509 *x509,
+ EVP_MD *dgst,STACK *policy,TXT_DB *db,BIGNUM *serial,char *startdate,
+ int days,int batch,STACK *extensions,int verbose);
+static int certify_spkac(X509 **xret, char *infile,EVP_PKEY *pkey,X509 *x509,
+ EVP_MD *dgst,STACK *policy,TXT_DB *db,BIGNUM *serial,char *startdate,
+ int days,STACK *extensions,int verbose);
+static int fix_data(int nid, int *type);
+static void write_new_certificate(BIO *bp, X509 *x, int output_der);
+static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, EVP_MD *dgst,
+ STACK *policy, TXT_DB *db, BIGNUM *serial, char *startdate,
+ int days, int batch, int verbose, X509_REQ *req, STACK *extensions);
+static int check_time_format(char *str);
+#else
+static STACK *load_extensions();
+static void lookup_fail();
+static int MS_CALLBACK key_callback();
+static unsigned long index_serial_hash();
+static int index_serial_cmp();
+static unsigned long index_name_hash();
+static int index_name_qual();
+static int index_name_cmp();
+static int fix_data();
+static BIGNUM *load_serial();
+static int save_serial();
+static int certify();
+static int certify_cert();
+static int certify_spkac();
+static void write_new_certificate();
+static int do_body();
+static int check_time_format();
+#endif
+
+static LHASH *conf;
+static char *key=NULL;
+static char *section=NULL;
+
+static int preserve=0;
+static int msie_hack=0;
+
+int MAIN(argc, argv)
+int argc;
+char **argv;
+ {
+ int total=0;
+ int total_done=0;
+ int badops=0;
+ int ret=1;
+ int req=0;
+ int verbose=0;
+ int gencrl=0;
+ long crldays=0;
+ long crlhours=0;
+ long errorline= -1;
+ char *configfile=NULL;
+ char *md=NULL;
+ char *policy=NULL;
+ char *keyfile=NULL;
+ char *certfile=NULL;
+ char *infile=NULL;
+ char *spkac_file=NULL;
+ char *ss_cert_file=NULL;
+ EVP_PKEY *pkey=NULL;
+ int output_der = 0;
+ char *outfile=NULL;
+ char *outdir=NULL;
+ char *serialfile=NULL;
+ char *extensions=NULL;
+ BIGNUM *serial=NULL;
+ char *startdate=NULL;
+ int days=0;
+ int batch=0;
+ X509 *x509=NULL;
+ X509 *x=NULL;
+ BIO *in=NULL,*out=NULL,*Sout=NULL,*Cout=NULL;
+ char *dbfile=NULL;
+ TXT_DB *db=NULL;
+ X509_CRL *crl=NULL;
+ X509_CRL_INFO *ci=NULL;
+ X509_REVOKED *r=NULL;
+ char **pp,*p,*f;
+ int i,j;
+ long l;
+ EVP_MD *dgst=NULL;
+ STACK *attribs=NULL;
+ STACK *extensions_sk=NULL;
+ STACK *cert_sk=NULL;
+ BIO *hex=NULL;
+#undef BSIZE
+#define BSIZE 256
+ MS_STATIC char buf[3][BSIZE];
+
+#ifdef EFENCE
+EF_PROTECT_FREE=1;
+EF_PROTECT_BELOW=1;
+EF_ALIGNMENT=0;
+#endif
+
+ apps_startup();
+
+ X509v3_add_netscape_extensions();
+
+ preserve=0;
+ if (bio_err == NULL)
+ if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+
+ argc--;
+ argv++;
+ while (argc >= 1)
+ {
+ if (strcmp(*argv,"-verbose") == 0)
+ verbose=1;
+ else if (strcmp(*argv,"-config") == 0)
+ {
+ if (--argc < 1) goto bad;
+ configfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-name") == 0)
+ {
+ if (--argc < 1) goto bad;
+ section= *(++argv);
+ }
+ else if (strcmp(*argv,"-startdate") == 0)
+ {
+ if (--argc < 1) goto bad;
+ startdate= *(++argv);
+ }
+ else if (strcmp(*argv,"-days") == 0)
+ {
+ if (--argc < 1) goto bad;
+ days=atoi(*(++argv));
+ }
+ else if (strcmp(*argv,"-md") == 0)
+ {
+ if (--argc < 1) goto bad;
+ md= *(++argv);
+ }
+ else if (strcmp(*argv,"-policy") == 0)
+ {
+ if (--argc < 1) goto bad;
+ policy= *(++argv);
+ }
+ else if (strcmp(*argv,"-keyfile") == 0)
+ {
+ if (--argc < 1) goto bad;
+ keyfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-key") == 0)
+ {
+ if (--argc < 1) goto bad;
+ key= *(++argv);
+ }
+ else if (strcmp(*argv,"-cert") == 0)
+ {
+ if (--argc < 1) goto bad;
+ certfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-in") == 0)
+ {
+ if (--argc < 1) goto bad;
+ infile= *(++argv);
+ req=1;
+ }
+ else if (strcmp(*argv,"-out") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-outdir") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outdir= *(++argv);
+ }
+ else if (strcmp(*argv,"-batch") == 0)
+ batch=1;
+ else if (strcmp(*argv,"-preserveDN") == 0)
+ preserve=1;
+ else if (strcmp(*argv,"-gencrl") == 0)
+ gencrl=1;
+ else if (strcmp(*argv,"-msie_hack") == 0)
+ msie_hack=1;
+ else if (strcmp(*argv,"-crldays") == 0)
+ {
+ if (--argc < 1) goto bad;
+ crldays= atol(*(++argv));
+ }
+ else if (strcmp(*argv,"-crlhours") == 0)
+ {
+ if (--argc < 1) goto bad;
+ crlhours= atol(*(++argv));
+ }
+ else if (strcmp(*argv,"-infiles") == 0)
+ {
+ argc--;
+ argv++;
+ req=1;
+ break;
+ }
+ else if (strcmp(*argv, "-ss_cert") == 0)
+ {
+ if (--argc < 1) goto bad;
+ ss_cert_file = *(++argv);
+ req=1;
+ }
+ else if (strcmp(*argv, "-spkac") == 0)
+ {
+ if (--argc < 1) goto bad;
+ spkac_file = *(++argv);
+ req=1;
+ }
+ else
+ {
+bad:
+ BIO_printf(bio_err,"unknown option %s\n",*argv);
+ badops=1;
+ break;
+ }
+ argc--;
+ argv++;
+ }
+
+ if (badops)
+ {
+ for (pp=ca_usage; (*pp != NULL); pp++)
+ BIO_printf(bio_err,*pp);
+ goto err;
+ }
+
+ ERR_load_crypto_strings();
+
+ /*****************************************************************/
+ if (configfile == NULL)
+ {
+ /* We will just use 'buf[0]' as a temporary buffer. */
+ strncpy(buf[0],X509_get_default_cert_area(),
+ sizeof(buf[0])-2-sizeof(CONFIG_FILE));
+ strcat(buf[0],"/");
+ strcat(buf[0],CONFIG_FILE);
+ configfile=buf[0];
+ }
+
+ BIO_printf(bio_err,"Using configuration from %s\n",configfile);
+ if ((conf=CONF_load(NULL,configfile,&errorline)) == NULL)
+ {
+ if (errorline <= 0)
+ BIO_printf(bio_err,"error loading the config file '%s'\n",
+ configfile);
+ else
+ BIO_printf(bio_err,"error on line %ld of config file '%s'\n"
+ ,errorline,configfile);
+ goto err;
+ }
+
+ /* Lets get the config section we are using */
+ if (section == NULL)
+ {
+ section=CONF_get_string(conf,BASE_SECTION,ENV_DEFAULT_CA);
+ if (section == NULL)
+ {
+ lookup_fail(BASE_SECTION,ENV_DEFAULT_CA);
+ goto err;
+ }
+ }
+
+ in=BIO_new(BIO_s_file());
+ out=BIO_new(BIO_s_file());
+ Sout=BIO_new(BIO_s_file());
+ Cout=BIO_new(BIO_s_file());
+ if ((in == NULL) || (out == NULL) || (Sout == NULL) || (Cout == NULL))
+ {
+ ERR_print_errors(bio_err);
+ goto err;
+ }
+
+ /*****************************************************************/
+ /* we definitly need an public key, so lets get it */
+
+ if ((keyfile == NULL) && ((keyfile=CONF_get_string(conf,
+ section,ENV_PRIVATE_KEY)) == NULL))
+ {
+ lookup_fail(section,ENV_PRIVATE_KEY);
+ goto err;
+ }
+ if (BIO_read_filename(in,keyfile) <= 0)
+ {
+ perror(keyfile);
+ BIO_printf(bio_err,"trying to load CA private key\n");
+ goto err;
+ }
+ if (key == NULL)
+ pkey=PEM_read_bio_PrivateKey(in,NULL,NULL);
+ else
+ {
+ pkey=PEM_read_bio_PrivateKey(in,NULL,key_callback);
+ memset(key,0,strlen(key));
+ }
+ if (pkey == NULL)
+ {
+ BIO_printf(bio_err,"unable to load CA private key\n");
+ goto err;
+ }
+
+ /*****************************************************************/
+ /* we need a certificate */
+ if ((certfile == NULL) && ((certfile=CONF_get_string(conf,
+ section,ENV_CERTIFICATE)) == NULL))
+ {
+ lookup_fail(section,ENV_CERTIFICATE);
+ goto err;
+ }
+ if (BIO_read_filename(in,certfile) <= 0)
+ {
+ perror(certfile);
+ BIO_printf(bio_err,"trying to load CA certificate\n");
+ goto err;
+ }
+ x509=PEM_read_bio_X509(in,NULL,NULL);
+ if (x509 == NULL)
+ {
+ BIO_printf(bio_err,"unable to load CA certificate\n");
+ goto err;
+ }
+
+ f=CONF_get_string(conf,BASE_SECTION,ENV_PRESERVE);
+ if ((f != NULL) && ((*f == 'y') || (*f == 'Y')))
+ preserve=1;
+ f=CONF_get_string(conf,BASE_SECTION,ENV_MSIE_HACK);
+ if ((f != NULL) && ((*f == 'y') || (*f == 'Y')))
+ msie_hack=1;
+
+ /*****************************************************************/
+ /* lookup where to write new certificates */
+ if ((outdir == NULL) && (req))
+ {
+ struct stat sb;
+
+ if ((outdir=CONF_get_string(conf,section,ENV_NEW_CERTS_DIR))
+ == NULL)
+ {
+ BIO_printf(bio_err,"there needs to be defined a directory for new certificate to be placed in\n");
+ goto err;
+ }
+ if (access(outdir,R_OK|W_OK|X_OK) != 0)
+ {
+ BIO_printf(bio_err,"I am unable to acces the %s directory\n",outdir);
+ perror(outdir);
+ goto err;
+ }
+
+ if (stat(outdir,&sb) != 0)
+ {
+ BIO_printf(bio_err,"unable to stat(%s)\n",outdir);
+ perror(outdir);
+ goto err;
+ }
+ if (!(sb.st_mode & S_IFDIR))
+ {
+ BIO_printf(bio_err,"%s need to be a directory\n",outdir);
+ perror(outdir);
+ goto err;
+ }
+ }
+
+ /*****************************************************************/
+ /* we need to load the database file */
+ if ((dbfile=CONF_get_string(conf,section,ENV_DATABASE)) == NULL)
+ {
+ lookup_fail(section,ENV_DATABASE);
+ goto err;
+ }
+ if (BIO_read_filename(in,dbfile) <= 0)
+ {
+ perror(dbfile);
+ BIO_printf(bio_err,"unable to open '%s'\n",dbfile);
+ goto err;
+ }
+ db=TXT_DB_read(in,DB_NUMBER);
+ if (db == NULL) goto err;
+
+ /* Lets check some fields */
+ for (i=0; i<sk_num(db->data); i++)
+ {
+ pp=(char **)sk_value(db->data,i);
+ if ((pp[DB_type][0] != DB_TYPE_REV) &&
+ (pp[DB_rev_date][0] != '\0'))
+ {
+ BIO_printf(bio_err,"entry %d: not, revoked yet has a revokation date\n",i+1);
+ goto err;
+ }
+ if ((pp[DB_type][0] == DB_TYPE_REV) &&
+ !check_time_format(pp[DB_rev_date]))
+ {
+ BIO_printf(bio_err,"entry %d: invalid revokation date\n",
+ i+1);
+ goto err;
+ }
+ if (!check_time_format(pp[DB_exp_date]))
+ {
+ BIO_printf(bio_err,"entry %d: invalid expiry date\n",i+1);
+ goto err;
+ }
+ p=pp[DB_serial];
+ j=strlen(p);
+ if ((j&1) || (j < 2))
+ {
+ BIO_printf(bio_err,"entry %d: bad serial number length (%d)\n",i+1,j);
+ goto err;
+ }
+ while (*p)
+ {
+ if (!( ((*p >= '0') && (*p <= '9')) ||
+ ((*p >= 'A') && (*p <= 'F')) ||
+ ((*p >= 'a') && (*p <= 'f'))) )
+ {
+ BIO_printf(bio_err,"entry %d: bad serial number characters, char pos %ld, char is '%c'\n",i+1,(long)(p-pp[DB_serial]),*p);
+ goto err;
+ }
+ p++;
+ }
+ }
+ if (verbose)
+ {
+ BIO_set_fp(out,stdout,BIO_NOCLOSE|BIO_FP_TEXT); /* cannot fail */
+ TXT_DB_write(out,db);
+ BIO_printf(bio_err,"%d entries loaded from the database\n",
+ db->data->num);
+ BIO_printf(bio_err,"generating indexs\n");
+ }
+
+ if (!TXT_DB_create_index(db,DB_serial,NULL,index_serial_hash,
+ index_serial_cmp))
+ {
+ BIO_printf(bio_err,"error creating serial number index:(%ld,%ld,%ld)\n",db->error,db->arg1,db->arg2);
+ goto err;
+ }
+
+ if (!TXT_DB_create_index(db,DB_name,index_name_qual,index_name_hash,
+ index_name_cmp))
+ {
+ BIO_printf(bio_err,"error creating name index:(%ld,%ld,%ld)\n",
+ db->error,db->arg1,db->arg2);
+ goto err;
+ }
+
+ /*****************************************************************/
+ if (req || gencrl)
+ {
+ if (outfile != NULL)
+ {
+
+ if (BIO_write_filename(Sout,outfile) <= 0)
+ {
+ perror(outfile);
+ goto err;
+ }
+ }
+ else
+ BIO_set_fp(Sout,stdout,BIO_NOCLOSE|BIO_FP_TEXT);
+ }
+
+ if (req)
+ {
+ if ((md == NULL) && ((md=CONF_get_string(conf,
+ section,ENV_DEFAULT_MD)) == NULL))
+ {
+ lookup_fail(section,ENV_DEFAULT_MD);
+ goto err;
+ }
+ if ((dgst=EVP_get_digestbyname(md)) == NULL)
+ {
+ BIO_printf(bio_err,"%s is an unsupported message digest type\n",md);
+ goto err;
+ }
+ if (verbose)
+ BIO_printf(bio_err,"message digest is %s\n",
+ OBJ_nid2ln(dgst->type));
+ if ((policy == NULL) && ((policy=CONF_get_string(conf,
+ section,ENV_POLICY)) == NULL))
+ {
+ lookup_fail(section,ENV_POLICY);
+ goto err;
+ }
+ if (verbose)
+ BIO_printf(bio_err,"policy is %s\n",policy);
+
+ if ((serialfile=CONF_get_string(conf,section,ENV_SERIAL))
+ == NULL)
+ {
+ lookup_fail(section,ENV_SERIAL);
+ goto err;
+ }
+
+ if ((extensions=CONF_get_string(conf,section,ENV_EXTENSIONS))
+ != NULL)
+ {
+ if ((extensions_sk=load_extensions(extensions)) == NULL)
+ goto err;
+ }
+
+ if (startdate == NULL)
+ {
+ startdate=(char *)CONF_get_string(conf,section,
+ ENV_DEFAULT_STARTDATE);
+ if (startdate == NULL)
+ startdate="today";
+ else
+ {
+ if (!ASN1_UTCTIME_set_string(NULL,startdate))
+ {
+ BIO_printf(bio_err,"start date is invalid, it should be YYMMDDHHMMSS\n");
+ goto err;
+ }
+ }
+ }
+
+ if (days == 0)
+ {
+ days=(int)CONF_get_number(conf,section,
+ ENV_DEFAULT_DAYS);
+ }
+ if (days == 0)
+ {
+ BIO_printf(bio_err,"cannot lookup how many days to certify for\n");
+ goto err;
+ }
+
+ if ((serial=load_serial(serialfile)) == NULL)
+ {
+ BIO_printf(bio_err,"error while loading serial number\n");
+ goto err;
+ }
+ if (verbose)
+ {
+ if ((f=BN_bn2ascii(serial)) == NULL) goto err;
+ BIO_printf(bio_err,"next serial number is %s\n",f);
+ Free(f);
+ }
+
+ if ((attribs=CONF_get_section(conf,policy)) == NULL)
+ {
+ BIO_printf(bio_err,"unable to find 'section' for %s\n",policy);
+ goto err;
+ }
+
+ if ((cert_sk=sk_new_null()) == NULL)
+ {
+ BIO_printf(bio_err,"Malloc failure\n");
+ goto err;
+ }
+ if (spkac_file != NULL)
+ {
+ total++;
+ j=certify_spkac(&x,spkac_file,pkey,x509,dgst,attribs,db,
+ serial,startdate,days,extensions_sk,verbose);
+ if (j < 0) goto err;
+ if (j > 0)
+ {
+ total_done++;
+ BIO_printf(bio_err,"\n");
+ if (!BN_add_word(serial,1)) goto err;
+ if (!sk_push(cert_sk,(char *)x))
+ {
+ BIO_printf(bio_err,"Malloc failure\n");
+ goto err;
+ }
+ if (outfile)
+ {
+ output_der = 1;
+ batch = 1;
+ }
+ }
+ }
+ if (ss_cert_file != NULL)
+ {
+ total++;
+ j=certify_cert(&x,ss_cert_file,pkey,x509,dgst,attribs,
+ db,serial,startdate,days,batch,
+ extensions_sk,verbose);
+ if (j < 0) goto err;
+ if (j > 0)
+ {
+ total_done++;
+ BIO_printf(bio_err,"\n");
+ if (!BN_add_word(serial,1)) goto err;
+ if (!sk_push(cert_sk,(char *)x))
+ {
+ BIO_printf(bio_err,"Malloc failure\n");
+ goto err;
+ }
+ }
+ }
+ if (infile != NULL)
+ {
+ total++;
+ j=certify(&x,infile,pkey,x509,dgst,attribs,db,
+ serial,startdate,days,batch,
+ extensions_sk,verbose);
+ if (j < 0) goto err;
+ if (j > 0)
+ {
+ total_done++;
+ BIO_printf(bio_err,"\n");
+ if (!BN_add_word(serial,1)) goto err;
+ if (!sk_push(cert_sk,(char *)x))
+ {
+ BIO_printf(bio_err,"Malloc failure\n");
+ goto err;
+ }
+ }
+ }
+ for (i=0; i<argc; i++)
+ {
+ total++;
+ j=certify(&x,argv[i],pkey,x509,dgst,attribs,db,
+ serial,startdate,days,batch,
+ extensions_sk,verbose);
+ if (j < 0) goto err;
+ if (j > 0)
+ {
+ total_done++;
+ BIO_printf(bio_err,"\n");
+ if (!BN_add_word(serial,1)) goto err;
+ if (!sk_push(cert_sk,(char *)x))
+ {
+ BIO_printf(bio_err,"Malloc failure\n");
+ goto err;
+ }
+ }
+ }
+ /* we have a stack of newly certified certificates
+ * and a data base and serial number that need
+ * updating */
+
+ if (sk_num(cert_sk) > 0)
+ {
+ if (!batch)
+ {
+ BIO_printf(bio_err,"\n%d out of %d certificate requests certified, commit? [y/n]",total_done,total);
+ BIO_flush(bio_err);
+ buf[0][0]='\0';
+ fgets(buf[0],10,stdin);
+ if ((buf[0][0] != 'y') && (buf[0][0] != 'Y'))
+ {
+ BIO_printf(bio_err,"CERTIFICATION CANCELED\n");
+ ret=0;
+ goto err;
+ }
+ }
+
+ BIO_printf(bio_err,"Write out database with %d new entries\n",sk_num(cert_sk));
+
+ strncpy(buf[0],serialfile,BSIZE-4);
+ strcat(buf[0],".new");
+
+ if (!save_serial(buf[0],serial)) goto err;
+
+ strncpy(buf[1],dbfile,BSIZE-4);
+ strcat(buf[1],".new");
+ if (BIO_write_filename(out,buf[1]) <= 0)
+ {
+ perror(dbfile);
+ BIO_printf(bio_err,"unable to open '%s'\n",dbfile);
+ goto err;
+ }
+ l=TXT_DB_write(out,db);
+ if (l <= 0) goto err;
+ }
+
+ if (verbose)
+ BIO_printf(bio_err,"writing new certificates\n");
+ for (i=0; i<sk_num(cert_sk); i++)
+ {
+ int k;
+ unsigned char *n;
+
+ x=(X509 *)sk_value(cert_sk,i);
+
+ j=x->cert_info->serialNumber->length;
+ p=(char *)x->cert_info->serialNumber->data;
+
+ strncpy(buf[2],outdir,BSIZE-(j*2)-6);
+ strcat(buf[2],"/");
+ n=(unsigned char *)&(buf[2][strlen(buf[2])]);
+ if (j > 0)
+ {
+ for (k=0; k<j; k++)
+ {
+ sprintf((char *)n,"%02X",(unsigned char)*(p++));
+ n+=2;
+ }
+ }
+ else
+ {
+ *(n++)='0';
+ *(n++)='0';
+ }
+ *(n++)='.'; *(n++)='p'; *(n++)='e'; *(n++)='m';
+ *n='\0';
+ if (verbose)
+ BIO_printf(bio_err,"writing %s\n",buf[2]);
+
+ if (BIO_write_filename(Cout,buf[2]) <= 0)
+ {
+ perror(buf[2]);
+ goto err;
+ }
+ write_new_certificate(Cout,x, 0);
+ write_new_certificate(Sout,x, output_der);
+ }
+
+ if (sk_num(cert_sk))
+ {
+ /* Rename the database and the serial file */
+ strncpy(buf[2],serialfile,BSIZE-4);
+ strcat(buf[2],".old");
+ BIO_free(in);
+ BIO_free(out);
+ in=NULL;
+ out=NULL;
+ if (rename(serialfile,buf[2]) < 0)
+ {
+ BIO_printf(bio_err,"unabel to rename %s to %s\n",
+ serialfile,buf[2]);
+ perror("reason");
+ goto err;
+ }
+ if (rename(buf[0],serialfile) < 0)
+ {
+ BIO_printf(bio_err,"unabel to rename %s to %s\n",
+ buf[0],serialfile);
+ perror("reason");
+ rename(buf[2],serialfile);
+ goto err;
+ }
+
+ strncpy(buf[2],dbfile,BSIZE-4);
+ strcat(buf[2],".old");
+ if (rename(dbfile,buf[2]) < 0)
+ {
+ BIO_printf(bio_err,"unabel to rename %s to %s\n",
+ dbfile,buf[2]);
+ perror("reason");
+ goto err;
+ }
+ if (rename(buf[1],dbfile) < 0)
+ {
+ BIO_printf(bio_err,"unabel to rename %s to %s\n",
+ buf[1],dbfile);
+ perror("reason");
+ rename(buf[2],dbfile);
+ goto err;
+ }
+ BIO_printf(bio_err,"Data Base Updated\n");
+ }
+ }
+
+ /*****************************************************************/
+ if (gencrl)
+ {
+ if ((hex=BIO_new(BIO_s_mem())) == NULL) goto err;
+
+ if (!crldays && !crlhours)
+ {
+ crldays=CONF_get_number(conf,section,
+ ENV_DEFAULT_CRL_DAYS);
+ crlhours=CONF_get_number(conf,section,
+ ENV_DEFAULT_CRL_HOURS);
+ }
+ if ((crldays == 0) && (crlhours == 0))
+ {
+ BIO_printf(bio_err,"cannot lookup how long until the next CRL is issuer\n");
+ goto err;
+ }
+
+ if (verbose) BIO_printf(bio_err,"making CRL\n");
+ if ((crl=X509_CRL_new()) == NULL) goto err;
+ ci=crl->crl;
+ X509_NAME_free(ci->issuer);
+ ci->issuer=X509_NAME_dup(x509->cert_info->subject);
+ if (ci->issuer == NULL) goto err;
+
+ X509_gmtime_adj(ci->lastUpdate,0);
+ if (ci->nextUpdate == NULL)
+ ci->nextUpdate=ASN1_UTCTIME_new();
+ X509_gmtime_adj(ci->nextUpdate,(crldays*24+crlhours)*60*60);
+
+ for (i=0; i<sk_num(db->data); i++)
+ {
+ pp=(char **)sk_value(db->data,i);
+ if (pp[DB_type][0] == DB_TYPE_REV)
+ {
+ if ((r=X509_REVOKED_new()) == NULL) goto err;
+ ASN1_STRING_set((ASN1_STRING *)
+ r->revocationDate,
+ (unsigned char *)pp[DB_rev_date],
+ strlen(pp[DB_rev_date]));
+ /* strcpy(r->revocationDate,pp[DB_rev_date]);*/
+
+ BIO_reset(hex);
+ if (!BIO_puts(hex,pp[DB_serial]))
+ goto err;
+ if (!a2i_ASN1_INTEGER(hex,r->serialNumber,
+ buf[0],BSIZE)) goto err;
+
+ sk_push(ci->revoked,(char *)r);
+ }
+ }
+ /* sort the data so it will be written in serial
+ * number order */
+ sk_find(ci->revoked,NULL);
+ for (i=0; i<sk_num(ci->revoked); i++)
+ {
+ r=(X509_REVOKED *)sk_value(ci->revoked,i);
+ r->sequence=i;
+ }
+
+ /* we how have a CRL */
+ if (verbose) BIO_printf(bio_err,"signing CRL\n");
+ if (md != NULL)
+ {
+ if ((dgst=EVP_get_digestbyname(md)) == NULL)
+ {
+ BIO_printf(bio_err,"%s is an unsupported message digest type\n",md);
+ goto err;
+ }
+ }
+ else
+ dgst=EVP_md5();
+ if (!X509_CRL_sign(crl,pkey,dgst)) goto err;
+
+ PEM_write_bio_X509_CRL(Sout,crl);
+ }
+ /*****************************************************************/
+ ret=0;
+err:
+ if (hex != NULL) BIO_free(hex);
+ if (Cout != NULL) BIO_free(Cout);
+ if (Sout != NULL) BIO_free(Sout);
+ if (out != NULL) BIO_free(out);
+ if (in != NULL) BIO_free(in);
+
+ if (cert_sk != NULL) sk_pop_free(cert_sk,X509_free);
+ if (extensions_sk != NULL)
+ sk_pop_free(extensions_sk,X509_EXTENSION_free);
+
+ if (ret) ERR_print_errors(bio_err);
+ if (serial != NULL) BN_free(serial);
+ if (db != NULL) TXT_DB_free(db);
+ if (pkey != NULL) EVP_PKEY_free(pkey);
+ if (x509 != NULL) X509_free(x509);
+ if (crl != NULL) X509_CRL_free(crl);
+ if (conf != NULL) CONF_free(conf);
+ X509v3_cleanup_extensions();
+ EXIT(ret);
+ }
+
+static void lookup_fail(name,tag)
+char *name;
+char *tag;
+ {
+ BIO_printf(bio_err,"variable lookup failed for %s::%s\n",name,tag);
+ }
+
+static int MS_CALLBACK key_callback(buf,len,verify)
+char *buf;
+int len,verify;
+ {
+ int i;
+
+ if (key == NULL) return(0);
+ i=strlen(key);
+ i=(i > len)?len:i;
+ memcpy(buf,key,i);
+ return(i);
+ }
+
+static unsigned long index_serial_hash(a)
+char **a;
+ {
+ char *n;
+
+ n=a[DB_serial];
+ while (*n == '0') n++;
+ return(lh_strhash(n));
+ }
+
+static int index_serial_cmp(a,b)
+char **a;
+char **b;
+ {
+ char *aa,*bb;
+
+ for (aa=a[DB_serial]; *aa == '0'; aa++);
+ for (bb=b[DB_serial]; *bb == '0'; bb++);
+ return(strcmp(aa,bb));
+ }
+
+static unsigned long index_name_hash(a)
+char **a;
+ { return(lh_strhash(a[DB_name])); }
+
+static int index_name_qual(a)
+char **a;
+ { return(a[0][0] == 'V'); }
+
+static int index_name_cmp(a,b)
+char **a;
+char **b;
+ { return(strcmp(a[DB_name],b[DB_name])); }
+
+static BIGNUM *load_serial(serialfile)
+char *serialfile;
+ {
+ BIO *in=NULL;
+ BIGNUM *ret=NULL;
+ MS_STATIC char buf[1024];
+ ASN1_INTEGER *ai=NULL;
+
+ if ((in=BIO_new(BIO_s_file())) == NULL)
+ {
+ ERR_print_errors(bio_err);
+ goto err;
+ }
+
+ if (BIO_read_filename(in,serialfile) <= 0)
+ {
+ perror(serialfile);
+ goto err;
+ }
+ ai=ASN1_INTEGER_new();
+ if (ai == NULL) goto err;
+ if (!a2i_ASN1_INTEGER(in,ai,buf,1024))
+ {
+ BIO_printf(bio_err,"unable to load number from %s\n",
+ serialfile);
+ goto err;
+ }
+ ret=ASN1_INTEGER_to_BN(ai,NULL);
+ if (ret == NULL)
+ {
+ BIO_printf(bio_err,"error converting number from bin to BIGNUM");
+ goto err;
+ }
+err:
+ if (in != NULL) BIO_free(in);
+ if (ai != NULL) ASN1_INTEGER_free(ai);
+ return(ret);
+ }
+
+static int save_serial(serialfile,serial)
+char *serialfile;
+BIGNUM *serial;
+ {
+ BIO *out;
+ int ret=0;
+ ASN1_INTEGER *ai=NULL;
+
+ out=BIO_new(BIO_s_file());
+ if (out == NULL)
+ {
+ ERR_print_errors(bio_err);
+ goto err;
+ }
+ if (BIO_write_filename(out,serialfile) <= 0)
+ {
+ perror(serialfile);
+ goto err;
+ }
+
+ if ((ai=BN_to_ASN1_INTEGER(serial,NULL)) == NULL)
+ {
+ BIO_printf(bio_err,"error converting serial to ASN.1 format\n");
+ goto err;
+ }
+ i2a_ASN1_INTEGER(out,ai);
+ BIO_puts(out,"\n");
+ ret=1;
+err:
+ if (out != NULL) BIO_free(out);
+ if (ai != NULL) ASN1_INTEGER_free(ai);
+ return(ret);
+ }
+
+static int certify(xret,infile,pkey,x509,dgst,policy,db,serial,startdate,days,
+ batch,extensions,verbose)
+X509 **xret;
+char *infile;
+EVP_PKEY *pkey;
+X509 *x509;
+EVP_MD *dgst;
+STACK *policy;
+TXT_DB *db;
+BIGNUM *serial;
+char *startdate;
+int days;
+int batch;
+STACK *extensions;
+int verbose;
+ {
+ X509_REQ *req=NULL;
+ BIO *in=NULL;
+ EVP_PKEY *pktmp=NULL;
+ int ok= -1,i;
+
+ in=BIO_new(BIO_s_file());
+
+ if (BIO_read_filename(in,infile) <= 0)
+ {
+ perror(infile);
+ goto err;
+ }
+ if ((req=PEM_read_bio_X509_REQ(in,NULL,NULL)) == NULL)
+ {
+ BIO_printf(bio_err,"Error reading certificate request in %s\n",
+ infile);
+ goto err;
+ }
+ if (verbose)
+ X509_REQ_print(bio_err,req);
+
+ BIO_printf(bio_err,"Check that the request matches the signature\n");
+
+ if ((pktmp=X509_REQ_get_pubkey(req)) == NULL)
+ {
+ BIO_printf(bio_err,"error unpacking public key\n");
+ goto err;
+ }
+ i=X509_REQ_verify(req,pktmp);
+ if (i < 0)
+ {
+ ok=0;
+ BIO_printf(bio_err,"Signature verification problems....\n");
+ goto err;
+ }
+ if (i == 0)
+ {
+ ok=0;
+ BIO_printf(bio_err,"Signature did not match the certificate request\n");
+ goto err;
+ }
+ else
+ BIO_printf(bio_err,"Signature ok\n");
+
+ ok=do_body(xret,pkey,x509,dgst,policy,db,serial,startdate,
+ days,batch,verbose,req,extensions);
+
+err:
+ if (req != NULL) X509_REQ_free(req);
+ if (in != NULL) BIO_free(in);
+ return(ok);
+ }
+
+static int certify_cert(xret,infile,pkey,x509,dgst,policy,db,serial,startdate,
+ days, batch,extensions,verbose)
+X509 **xret;
+char *infile;
+EVP_PKEY *pkey;
+X509 *x509;
+EVP_MD *dgst;
+STACK *policy;
+TXT_DB *db;
+BIGNUM *serial;
+char *startdate;
+int days;
+int batch;
+STACK *extensions;
+int verbose;
+ {
+ X509 *req=NULL;
+ X509_REQ *rreq=NULL;
+ BIO *in=NULL;
+ EVP_PKEY *pktmp=NULL;
+ int ok= -1,i;
+
+ in=BIO_new(BIO_s_file());
+
+ if (BIO_read_filename(in,infile) <= 0)
+ {
+ perror(infile);
+ goto err;
+ }
+ if ((req=PEM_read_bio_X509(in,NULL,NULL)) == NULL)
+ {
+ BIO_printf(bio_err,"Error reading self signed certificate in %s\n",infile);
+ goto err;
+ }
+ if (verbose)
+ X509_print(bio_err,req);
+
+ BIO_printf(bio_err,"Check that the request matches the signature\n");
+
+ if ((pktmp=X509_get_pubkey(req)) == NULL)
+ {
+ BIO_printf(bio_err,"error unpacking public key\n");
+ goto err;
+ }
+ i=X509_verify(req,pktmp);
+ if (i < 0)
+ {
+ ok=0;
+ BIO_printf(bio_err,"Signature verification problems....\n");
+ goto err;
+ }
+ if (i == 0)
+ {
+ ok=0;
+ BIO_printf(bio_err,"Signature did not match the certificate request\n");
+ goto err;
+ }
+ else
+ BIO_printf(bio_err,"Signature ok\n");
+
+ if ((rreq=X509_to_X509_REQ(req,NULL,EVP_md5())) == NULL)
+ goto err;
+
+ ok=do_body(xret,pkey,x509,dgst,policy,db,serial,startdate,days,
+ batch,verbose,rreq,extensions);
+
+err:
+ if (rreq != NULL) X509_REQ_free(rreq);
+ if (req != NULL) X509_free(req);
+ if (in != NULL) BIO_free(in);
+ return(ok);
+ }
+
+static int do_body(xret,pkey,x509,dgst,policy,db,serial,startdate,days,
+ batch,verbose,req, extensions)
+X509 **xret;
+EVP_PKEY *pkey;
+X509 *x509;
+EVP_MD *dgst;
+STACK *policy;
+TXT_DB *db;
+BIGNUM *serial;
+char *startdate;
+int days;
+int batch;
+int verbose;
+X509_REQ *req;
+STACK *extensions;
+ {
+ X509_NAME *name=NULL,*CAname=NULL,*subject=NULL;
+ ASN1_UTCTIME *tm,*tmptm;
+ ASN1_STRING *str,*str2;
+ ASN1_OBJECT *obj;
+ X509 *ret=NULL;
+ X509_CINF *ci;
+ X509_NAME_ENTRY *ne;
+ X509_NAME_ENTRY *tne,*push;
+ X509_EXTENSION *ex=NULL;
+ EVP_PKEY *pktmp;
+ int ok= -1,i,j,last,nid;
+ char *p;
+ CONF_VALUE *cv;
+ char *row[DB_NUMBER],**rrow,**irow=NULL;
+ char buf[25],*pbuf;
+
+ tmptm=ASN1_UTCTIME_new();
+ if (tmptm == NULL)
+ {
+ BIO_printf(bio_err,"malloc error\n");
+ return(0);
+ }
+
+ for (i=0; i<DB_NUMBER; i++)
+ row[i]=NULL;
+
+ BIO_printf(bio_err,"The Subjects Distinguished Name is as follows\n");
+ name=X509_REQ_get_subject_name(req);
+ for (i=0; i<X509_NAME_entry_count(name); i++)
+ {
+ ne=(X509_NAME_ENTRY *)X509_NAME_get_entry(name,i);
+ obj=X509_NAME_ENTRY_get_object(ne);
+ j=i2a_ASN1_OBJECT(bio_err,obj);
+ str=X509_NAME_ENTRY_get_data(ne);
+ pbuf=buf;
+ for (j=22-j; j>0; j--)
+ *(pbuf++)=' ';
+ *(pbuf++)=':';
+ *(pbuf++)='\0';
+ BIO_puts(bio_err,buf);
+
+ if (msie_hack)
+ {
+ /* assume all type should be strings */
+ nid=OBJ_obj2nid(ne->object);
+
+ if (str->type == V_ASN1_UNIVERSALSTRING)
+ ASN1_UNIVERSALSTRING_to_string(str);
+
+ if ((str->type == V_ASN1_IA5STRING) &&
+ (nid != NID_pkcs9_emailAddress))
+ str->type=V_ASN1_T61STRING;
+
+ if ((nid == NID_pkcs9_emailAddress) &&
+ (str->type == V_ASN1_PRINTABLESTRING))
+ str->type=V_ASN1_IA5STRING;
+ }
+
+ if (str->type == V_ASN1_PRINTABLESTRING)
+ BIO_printf(bio_err,"PRINTABLE:'");
+ else if (str->type == V_ASN1_T61STRING)
+ BIO_printf(bio_err,"T61STRING:'");
+ else if (str->type == V_ASN1_IA5STRING)
+ BIO_printf(bio_err,"IA5STRING:'");
+ else if (str->type == V_ASN1_UNIVERSALSTRING)
+ BIO_printf(bio_err,"UNIVERSALSTRING:'");
+ else
+ BIO_printf(bio_err,"ASN.1 %2d:'",str->type);
+
+ /* check some things */
+ if ((OBJ_obj2nid(obj) == NID_pkcs9_emailAddress) &&
+ (str->type != V_ASN1_IA5STRING))
+ {
+ BIO_printf(bio_err,"\nemailAddress type needs to be of type IA5STRING\n");
+ goto err;
+ }
+ j=ASN1_PRINTABLE_type(str->data,str->length);
+ if ( ((j == V_ASN1_T61STRING) &&
+ (str->type != V_ASN1_T61STRING)) ||
+ ((j == V_ASN1_IA5STRING) &&
+ (str->type == V_ASN1_PRINTABLESTRING)))
+ {
+ BIO_printf(bio_err,"\nThe string contains characters that are illegal for the ASN.1 type\n");
+ goto err;
+ }
+
+ p=(char *)str->data;
+ for (j=str->length; j>0; j--)
+ {
+ if ((*p >= ' ') && (*p <= '~'))
+ BIO_printf(bio_err,"%c",*p);
+ else if (*p & 0x80)
+ BIO_printf(bio_err,"\\0x%02X",*p);
+ else if ((unsigned char)*p == 0xf7)
+ BIO_printf(bio_err,"^?");
+ else BIO_printf(bio_err,"^%c",*p+'@');
+ p++;
+ }
+ BIO_printf(bio_err,"'\n");
+ }
+
+ /* Ok, now we check the 'policy' stuff. */
+ if ((subject=X509_NAME_new()) == NULL)
+ {
+ BIO_printf(bio_err,"Malloc failure\n");
+ goto err;
+ }
+
+ /* take a copy of the issuer name before we mess with it. */
+ CAname=X509_NAME_dup(x509->cert_info->subject);
+ if (CAname == NULL) goto err;
+ str=str2=NULL;
+
+ for (i=0; i<sk_num(policy); i++)
+ {
+ cv=(CONF_VALUE *)sk_value(policy,i); /* get the object id */
+ if ((j=OBJ_txt2nid(cv->name)) == NID_undef)
+ {
+ BIO_printf(bio_err,"%s:unknown object type in 'policy' configuration\n",cv->name);
+ goto err;
+ }
+ obj=OBJ_nid2obj(j);
+
+ last= -1;
+ for (;;)
+ {
+ /* lookup the object in the supplied name list */
+ j=X509_NAME_get_index_by_OBJ(name,obj,last);
+ if (j < 0)
+ {
+ if (last != -1) break;
+ tne=NULL;
+ }
+ else
+ {
+ tne=X509_NAME_get_entry(name,j);
+ }
+ last=j;
+
+ /* depending on the 'policy', decide what to do. */
+ push=NULL;
+ if (strcmp(cv->value,"optional") == 0)
+ {
+ if (tne != NULL)
+ push=tne;
+ }
+ else if (strcmp(cv->value,"supplied") == 0)
+ {
+ if (tne == NULL)
+ {
+ BIO_printf(bio_err,"The %s field needed to be supplied and was missing\n",cv->name);
+ goto err;
+ }
+ else
+ push=tne;
+ }
+ else if (strcmp(cv->value,"match") == 0)
+ {
+ int last2;
+
+ if (tne == NULL)
+ {
+ BIO_printf(bio_err,"The mandatory %s field was missing\n",cv->name);
+ goto err;
+ }
+
+ last2= -1;
+
+again2:
+ j=X509_NAME_get_index_by_OBJ(CAname,obj,last2);
+ if ((j < 0) && (last2 == -1))
+ {
+ BIO_printf(bio_err,"The %s field does not exist in the CA certificate,\nthe 'policy' is misconfigured\n",cv->name);
+ goto err;
+ }
+ if (j >= 0)
+ {
+ push=X509_NAME_get_entry(CAname,j);
+ str=X509_NAME_ENTRY_get_data(tne);
+ str2=X509_NAME_ENTRY_get_data(push);
+ last2=j;
+ if (ASN1_STRING_cmp(str,str2) != 0)
+ goto again2;
+ }
+ if (j < 0)
+ {
+ BIO_printf(bio_err,"The %s field needed to be the same in the\nCA certificate (%s) and the request (%s)\n",cv->name,((str == NULL)?"NULL":(char *)str->data),((str2 == NULL)?"NULL":(char *)str2->data));
+ goto err;
+ }
+ }
+ else
+ {
+ BIO_printf(bio_err,"%s:invalid type in 'policy' configuration\n",cv->value);
+ goto err;
+ }
+
+ if (push != NULL)
+ {
+ if (!X509_NAME_add_entry(subject,push,
+ X509_NAME_entry_count(subject),0))
+ {
+ if (push != NULL)
+ X509_NAME_ENTRY_free(push);
+ BIO_printf(bio_err,"Malloc failure\n");
+ goto err;
+ }
+ }
+ if (j < 0) break;
+ }
+ }
+
+ if (preserve)
+ {
+ X509_NAME_free(subject);
+ subject=X509_NAME_dup(X509_REQ_get_subject_name(req));
+ if (subject == NULL) goto err;
+ }
+
+ if (verbose)
+ BIO_printf(bio_err,"The subject name apears to be ok, checking data base for clashes\n");
+
+ row[DB_name]=X509_NAME_oneline(subject,NULL,0);
+ row[DB_serial]=BN_bn2ascii(serial);
+ if ((row[DB_name] == NULL) || (row[DB_serial] == NULL))
+ {
+ BIO_printf(bio_err,"Malloc failure\n");
+ goto err;
+ }
+
+ rrow=TXT_DB_get_by_index(db,DB_name,row);
+ if (rrow != NULL)
+ {
+ BIO_printf(bio_err,"ERROR:There is already a certificate for %s\n",
+ row[DB_name]);
+ }
+ else
+ {
+ rrow=TXT_DB_get_by_index(db,DB_serial,row);
+ if (rrow != NULL)
+ {
+ BIO_printf(bio_err,"ERROR:Serial number %s has already been issued,\n",
+ row[DB_serial]);
+ BIO_printf(bio_err," check the database/serial_file for corruption\n");
+ }
+ }
+
+ if (rrow != NULL)
+ {
+ BIO_printf(bio_err,
+ "The matching entry has the following details\n");
+ if (rrow[DB_type][0] == 'E')
+ p="Expired";
+ else if (rrow[DB_type][0] == 'R')
+ p="Revoked";
+ else if (rrow[DB_type][0] == 'V')
+ p="Valid";
+ else
+ p="\ninvalid type, Data base error\n";
+ BIO_printf(bio_err,"Type :%s\n",p);;
+ if (rrow[DB_type][0] == 'R')
+ {
+ p=rrow[DB_exp_date]; if (p == NULL) p="undef";
+ BIO_printf(bio_err,"Was revoked on:%s\n",p);
+ }
+ p=rrow[DB_exp_date]; if (p == NULL) p="undef";
+ BIO_printf(bio_err,"Expires on :%s\n",p);
+ p=rrow[DB_serial]; if (p == NULL) p="undef";
+ BIO_printf(bio_err,"Serial Number :%s\n",p);
+ p=rrow[DB_file]; if (p == NULL) p="undef";
+ BIO_printf(bio_err,"File name :%s\n",p);
+ p=rrow[DB_name]; if (p == NULL) p="undef";
+ BIO_printf(bio_err,"Subject Name :%s\n",p);
+ ok= -1; /* This is now a 'bad' error. */
+ goto err;
+ }
+
+ /* We are now totaly happy, lets make and sign the certificate */
+ if (verbose)
+ BIO_printf(bio_err,"Everything appears to be ok, creating and signing the certificate\n");
+
+ if ((ret=X509_new()) == NULL) goto err;
+ ci=ret->cert_info;
+
+#ifdef X509_V3
+ /* Make it an X509 v3 certificate. */
+ if (!X509_set_version(x509,2)) goto err;
+#endif
+
+ if (BN_to_ASN1_INTEGER(serial,ci->serialNumber) == NULL)
+ goto err;
+ if (!X509_set_issuer_name(ret,X509_get_subject_name(x509)))
+ goto err;
+
+ BIO_printf(bio_err,"Certificate is to be certified until ");
+ if (strcmp(startdate,"today") == 0)
+ {
+ X509_gmtime_adj(X509_get_notBefore(ret),0);
+ X509_gmtime_adj(X509_get_notAfter(ret),(long)60*60*24*days);
+ }
+ else
+ {
+ /*XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX*/
+ ASN1_UTCTIME_set_string(X509_get_notBefore(ret),startdate);
+ }
+ ASN1_UTCTIME_print(bio_err,X509_get_notAfter(ret));
+ BIO_printf(bio_err," (%d days)\n",days);
+
+ if (!X509_set_subject_name(ret,subject)) goto err;
+
+ pktmp=X509_REQ_get_pubkey(req);
+ if (!X509_set_pubkey(ret,pktmp)) goto err;
+
+ /* Lets add the extensions, if there are any */
+ if ((extensions != NULL) && (sk_num(extensions) > 0))
+ {
+ if (ci->version == NULL)
+ if ((ci->version=ASN1_INTEGER_new()) == NULL)
+ goto err;
+ ASN1_INTEGER_set(ci->version,2); /* version 3 certificate */
+
+ /* Free the current entries if any, there should not
+ * be any I belive */
+ if (ci->extensions != NULL)
+ sk_pop_free(ci->extensions,X509_EXTENSION_free);
+
+ if ((ci->extensions=sk_new_null()) == NULL)
+ goto err;
+
+ /* Lets 'copy' in the new ones */
+ for (i=0; i<sk_num(extensions); i++)
+ {
+ ex=X509_EXTENSION_dup((X509_EXTENSION *)
+ sk_value(extensions,i));
+ if (ex == NULL) goto err;
+ if (!sk_push(ci->extensions,(char *)ex)) goto err;
+ }
+ }
+
+
+ if (!batch)
+ {
+ BIO_printf(bio_err,"Sign the certificate? [y/n]:");
+ BIO_flush(bio_err);
+ buf[0]='\0';
+ fgets(buf,sizeof(buf)-1,stdin);
+ if (!((buf[0] == 'y') || (buf[0] == 'Y')))
+ {
+ BIO_printf(bio_err,"CERTIFICATE WILL NOT BE CERTIFIED\n");
+ ok=0;
+ goto err;
+ }
+ }
+
+#ifndef NO_DSA
+ pktmp=X509_get_pubkey(ret);
+ if (EVP_PKEY_missing_parameters(pktmp) &&
+ !EVP_PKEY_missing_parameters(pkey))
+ EVP_PKEY_copy_parameters(pktmp,pkey);
+#endif
+
+ if (!X509_sign(ret,pkey,dgst))
+ goto err;
+
+ /* We now just add it to the database */
+ row[DB_type]=(char *)Malloc(2);
+
+ tm=X509_get_notAfter(ret);
+ row[DB_exp_date]=(char *)Malloc(tm->length+1);
+ memcpy(row[DB_exp_date],tm->data,tm->length);
+ row[DB_exp_date][tm->length]='\0';
+
+ row[DB_rev_date]=NULL;
+
+ /* row[DB_serial] done already */
+ row[DB_file]=(char *)Malloc(8);
+ /* row[DB_name] done already */
+
+ if ((row[DB_type] == NULL) || (row[DB_exp_date] == NULL) ||
+ (row[DB_file] == NULL))
+ {
+ BIO_printf(bio_err,"Malloc failure\n");
+ goto err;
+ }
+ strcpy(row[DB_file],"unknown");
+ row[DB_type][0]='V';
+ row[DB_type][1]='\0';
+
+ if ((irow=(char **)Malloc(sizeof(char *)*(DB_NUMBER+1))) == NULL)
+ {
+ BIO_printf(bio_err,"Malloc failure\n");
+ goto err;
+ }
+
+ for (i=0; i<DB_NUMBER; i++)
+ {
+ irow[i]=row[i];
+ row[i]=NULL;
+ }
+ irow[DB_NUMBER]=NULL;
+
+ if (!TXT_DB_insert(db,irow))
+ {
+ BIO_printf(bio_err,"failed to update database\n");
+ BIO_printf(bio_err,"TXT_DB error number %ld\n",db->error);
+ goto err;
+ }
+ ok=1;
+err:
+ for (i=0; i<DB_NUMBER; i++)
+ if (row[i] != NULL) Free(row[i]);
+
+ if (CAname != NULL)
+ X509_NAME_free(CAname);
+ if (subject != NULL)
+ X509_NAME_free(subject);
+ if (ok <= 0)
+ {
+ if (ret != NULL) X509_free(ret);
+ ret=NULL;
+ }
+ else
+ *xret=ret;
+ return(ok);
+ }
+
+static void write_new_certificate(bp,x, output_der)
+BIO *bp;
+X509 *x;
+int output_der;
+ {
+ char *f;
+ char buf[256];
+
+ if (output_der)
+ {
+ (void)i2d_X509_bio(bp,x);
+ return;
+ }
+
+ f=X509_NAME_oneline(X509_get_issuer_name(x),buf,256);
+ BIO_printf(bp,"issuer :%s\n",f);
+
+ f=X509_NAME_oneline(X509_get_subject_name(x),buf,256);
+ BIO_printf(bp,"subject:%s\n",f);
+
+ BIO_puts(bp,"serial :");
+ i2a_ASN1_INTEGER(bp,x->cert_info->serialNumber);
+ BIO_puts(bp,"\n\n");
+ X509_print(bp,x);
+ BIO_puts(bp,"\n");
+ PEM_write_bio_X509(bp,x);
+ BIO_puts(bp,"\n");
+ }
+
+static int certify_spkac(xret,infile,pkey,x509,dgst,policy,db,serial,
+ startdate,days,extensions,verbose)
+X509 **xret;
+char *infile;
+EVP_PKEY *pkey;
+X509 *x509;
+EVP_MD *dgst;
+STACK *policy;
+TXT_DB *db;
+BIGNUM *serial;
+char *startdate;
+int days;
+STACK *extensions;
+int verbose;
+ {
+ STACK *sk=NULL;
+ LHASH *parms=NULL;
+ X509_REQ *req=NULL;
+ CONF_VALUE *cv=NULL;
+ NETSCAPE_SPKI *spki = NULL;
+ unsigned char *spki_der = NULL,*p;
+ X509_REQ_INFO *ri;
+ char *type,*buf;
+ EVP_PKEY *pktmp=NULL;
+ X509_NAME *n=NULL;
+ X509_NAME_ENTRY *ne=NULL;
+ int ok= -1,i,j;
+ long errline;
+ int nid;
+
+ /*
+ * Load input file into a hash table. (This is just an easy
+ * way to read and parse the file, then put it into a convenient
+ * STACK format).
+ */
+ parms=CONF_load(NULL,infile,&errline);
+ if (parms == NULL)
+ {
+ BIO_printf(bio_err,"error on line %ld of %s\n",errline,infile);
+ ERR_print_errors(bio_err);
+ goto err;
+ }
+
+ sk=CONF_get_section(parms, "default");
+ if (sk_num(sk) == 0)
+ {
+ BIO_printf(bio_err, "no name/value pairs found in %s\n", infile);
+ CONF_free(parms);
+ goto err;
+ }
+
+ /*
+ * Now create a dummy X509 request structure. We don't actually
+ * have an X509 request, but we have many of the components
+ * (a public key, various DN components). The idea is that we
+ * put these components into the right X509 request structure
+ * and we can use the same code as if you had a real X509 request.
+ */
+ req=X509_REQ_new();
+ if (req == NULL)
+ {
+ ERR_print_errors(bio_err);
+ goto err;
+ }
+
+ /*
+ * Build up the subject name set.
+ */
+ ri=req->req_info;
+ n = ri->subject;
+
+ for (i = 0; ; i++)
+ {
+ if ((int)sk_num(sk) <= i) break;
+
+ cv=(CONF_VALUE *)sk_value(sk,i);
+ type=cv->name;
+ buf=cv->value;
+
+ if ((nid=OBJ_txt2nid(type)) == NID_undef)
+ {
+ if (strcmp(type, "SPKAC") == 0)
+ {
+ spki_der=(unsigned char *)Malloc(
+ strlen(cv->value)+1);
+ if (spki_der == NULL)
+ {
+ BIO_printf(bio_err,"Malloc failure\n");
+ goto err;
+ }
+ j = EVP_DecodeBlock(spki_der, (unsigned char *)cv->value,
+ strlen(cv->value));
+ if (j <= 0)
+ {
+ BIO_printf(bio_err, "Can't b64 decode SPKAC structure\n");
+ goto err;
+ }
+
+ p=spki_der;
+ spki = d2i_NETSCAPE_SPKI(&spki, &p, j);
+ Free(spki_der);
+ spki_der = NULL;
+ if (spki == NULL)
+ {
+ BIO_printf(bio_err,"unable to load Netscape SPKAC structure\n");
+ ERR_print_errors(bio_err);
+ goto err;
+ }
+ }
+ continue;
+ }
+
+ j=ASN1_PRINTABLE_type((unsigned char *)buf,-1);
+ if (fix_data(nid, &j) == 0)
+ {
+ BIO_printf(bio_err,
+ "invalid characters in string %s\n",buf);
+ goto err;
+ }
+
+ if ((ne=X509_NAME_ENTRY_create_by_NID(&ne,nid,j,
+ (unsigned char *)buf,
+ strlen(buf))) == NULL)
+ goto err;
+
+ if (!X509_NAME_add_entry(n,ne,X509_NAME_entry_count(n),0))
+ goto err;
+ }
+ if (spki == NULL)
+ {
+ BIO_printf(bio_err,"Netscape SPKAC structure not found in %s\n",
+ infile);
+ goto err;
+ }
+
+ /*
+ * Now extract the key from the SPKI structure.
+ */
+
+ BIO_printf(bio_err,"Check that the SPKAC request matches the signature\n");
+
+ if ((pktmp=X509_PUBKEY_get(spki->spkac->pubkey)) == NULL)
+ {
+ BIO_printf(bio_err,"error unpacking SPKAC public key\n");
+ goto err;
+ }
+
+ j = NETSCAPE_SPKI_verify(spki, pktmp);
+ if (j <= 0)
+ {
+ BIO_printf(bio_err,"signature verification failed on SPKAC public key\n");
+ goto err;
+ }
+ BIO_printf(bio_err,"Signature ok\n");
+
+ X509_REQ_set_pubkey(req,pktmp);
+ ok=do_body(xret,pkey,x509,dgst,policy,db,serial,startdate,
+ days,1,verbose,req,extensions);
+err:
+ if (req != NULL) X509_REQ_free(req);
+ if (parms != NULL) CONF_free(parms);
+ if (spki_der != NULL) Free(spki_der);
+ if (spki != NULL) NETSCAPE_SPKI_free(spki);
+ if (ne != NULL) X509_NAME_ENTRY_free(ne);
+
+ return(ok);
+ }
+
+static int fix_data(nid,type)
+int nid;
+int *type;
+ {
+ if (nid == NID_pkcs9_emailAddress)
+ *type=V_ASN1_IA5STRING;
+ if ((nid == NID_commonName) && (*type == V_ASN1_IA5STRING))
+ *type=V_ASN1_T61STRING;
+ if ((nid == NID_pkcs9_challengePassword) && (*type == V_ASN1_IA5STRING))
+ *type=V_ASN1_T61STRING;
+ if ((nid == NID_pkcs9_unstructuredName) && (*type == V_ASN1_T61STRING))
+ return(0);
+ if (nid == NID_pkcs9_unstructuredName)
+ *type=V_ASN1_IA5STRING;
+ return(1);
+ }
+
+
+static STACK *load_extensions(sec)
+char *sec;
+ {
+ STACK *ext;
+ STACK *ret=NULL;
+ CONF_VALUE *cv;
+ ASN1_OCTET_STRING *str=NULL;
+ ASN1_STRING *tmp=NULL;
+ X509_EXTENSION *x;
+ BIO *mem=NULL;
+ BUF_MEM *buf=NULL;
+ int i,nid,len;
+ unsigned char *ptr;
+ int pack_type;
+ int data_type;
+
+ if ((ext=CONF_get_section(conf,sec)) == NULL)
+ {
+ BIO_printf(bio_err,"unable to find extension section called '%s'\n",sec);
+ return(NULL);
+ }
+
+ if ((ret=sk_new_null()) == NULL) return(NULL);
+
+ for (i=0; i<sk_num(ext); i++)
+ {
+ cv=(CONF_VALUE *)sk_value(ext,i); /* get the object id */
+ if ((nid=OBJ_txt2nid(cv->name)) == NID_undef)
+ {
+ BIO_printf(bio_err,"%s:unknown object type in section, '%s'\n",sec,cv->name);
+ goto err;
+ }
+
+ pack_type=X509v3_pack_type_by_NID(nid);
+ data_type=X509v3_data_type_by_NID(nid);
+
+ /* pack up the input bytes */
+ ptr=(unsigned char *)cv->value;
+ len=strlen((char *)ptr);
+ if ((len > 2) && (cv->value[0] == '0') &&
+ (cv->value[1] == 'x'))
+ {
+ if (data_type == V_ASN1_UNDEF)
+ {
+ BIO_printf(bio_err,"data type for extension %s is unknown\n",cv->name);
+ goto err;
+ }
+ if (mem == NULL)
+ if ((mem=BIO_new(BIO_s_mem())) == NULL)
+ goto err;
+ if (((buf=BUF_MEM_new()) == NULL) ||
+ !BUF_MEM_grow(buf,128))
+ goto err;
+ if ((tmp=ASN1_STRING_new()) == NULL) goto err;
+
+ BIO_reset(mem);
+ BIO_write(mem,(char *)&(ptr[2]),len-2);
+ if (!a2i_ASN1_STRING(mem,tmp,buf->data,buf->max))
+ goto err;
+ len=tmp->length;
+ ptr=tmp->data;
+ }
+
+ switch (pack_type)
+ {
+ case X509_EXT_PACK_STRING:
+ if ((str=X509v3_pack_string(&str,
+ data_type,ptr,len)) == NULL)
+ goto err;
+ break;
+ case X509_EXT_PACK_UNKNOWN:
+ default:
+ BIO_printf(bio_err,"Don't know how to pack extension %s\n",cv->name);
+ goto err;
+ break;
+ }
+
+ if ((x=X509_EXTENSION_create_by_NID(NULL,nid,0,str)) == NULL)
+ goto err;
+ sk_push(ret,(char *)x);
+ }
+
+ if (0)
+ {
+err:
+ if (ret != NULL) sk_pop_free(ret,X509_EXTENSION_free);
+ ret=NULL;
+ }
+ if (str != NULL) ASN1_OCTET_STRING_free(str);
+ if (tmp != NULL) ASN1_STRING_free(tmp);
+ if (buf != NULL) BUF_MEM_free(buf);
+ if (mem != NULL) BIO_free(mem);
+ return(ret);
+ }
+
+static int check_time_format(str)
+char *str;
+ {
+ ASN1_UTCTIME tm;
+
+ tm.data=(unsigned char *)str;
+ tm.length=strlen(str);
+ tm.type=V_ASN1_UTCTIME;
+ return(ASN1_UTCTIME_check(&tm));
+ }
+
diff --git a/src/lib/libssl/src/apps/cert.pem b/src/lib/libssl/src/apps/cert.pem
new file mode 100644
index 0000000000..de4a77ac6d
--- /dev/null
+++ b/src/lib/libssl/src/apps/cert.pem
@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE-----
+MIIBoDCCAUoCAQAwDQYJKoZIhvcNAQEEBQAwYzELMAkGA1UEBhMCQVUxEzARBgNV
+BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMSMwIQYD
+VQQDExpTZXJ2ZXIgdGVzdCBjZXJ0ICg1MTIgYml0KTAeFw05NzA5MDkwMzQxMjZa
+Fw05NzEwMDkwMzQxMjZaMF4xCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0
+YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxFzAVBgNVBAMT
+DkVyaWMgdGhlIFlvdW5nMFEwCQYFKw4DAgwFAANEAAJBALVEqPODnpI4rShlY8S7
+tB713JNvabvn6Gned7zylwLLiXQAo/PAT6mfdWPTyCX9RlId/Aroh1ou893BA32Q
+sggwDQYJKoZIhvcNAQEEBQADQQCU5SSgapJSdRXJoX+CpCvFy+JVh9HpSjCpSNKO
+19raHv98hKAUJuP9HyM+SUsffO6mAIgitUaqW8/wDMePhEC3
+-----END CERTIFICATE-----
diff --git a/src/lib/libssl/src/apps/ciphers.c b/src/lib/libssl/src/apps/ciphers.c
new file mode 100644
index 0000000000..867196e393
--- /dev/null
+++ b/src/lib/libssl/src/apps/ciphers.c
@@ -0,0 +1,191 @@
+/* apps/ciphers.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#ifdef NO_STDIO
+#define APPS_WIN16
+#endif
+#include "apps.h"
+#include "err.h"
+#include "ssl.h"
+
+#undef PROG
+#define PROG ciphers_main
+
+static char *ciphers_usage[]={
+"usage: ciphers args\n",
+" -v - verbose mode, a textual listing of the ciphers in SSLeay\n",
+" -ssl2 - SSL2 mode\n",
+" -ssl3 - SSL3 mode\n",
+NULL
+};
+
+int MAIN(argc, argv)
+int argc;
+char **argv;
+ {
+ int ret=1,i;
+ int verbose=0;
+ char **pp,*p;
+ int badops=0;
+ SSL_CTX *ctx=NULL;
+ SSL *ssl=NULL;
+ char *ciphers=NULL;
+ SSL_METHOD *meth=NULL;
+ STACK *sk;
+ char buf[512];
+ BIO *STDout=NULL;
+
+#if !defined(NO_SSL2) && !defined(NO_SSL3)
+ meth=SSLv23_server_method();
+#elif !defined(NO_SSL3)
+ meth=SSLv3_server_method();
+#elif !defined(NO_SSL2)
+ meth=SSLv2_server_method();
+#endif
+
+ apps_startup();
+
+ if (bio_err == NULL)
+ bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
+ STDout=BIO_new_fp(stdout,BIO_NOCLOSE);
+
+ argc--;
+ argv++;
+ while (argc >= 1)
+ {
+ if (strcmp(*argv,"-v") == 0)
+ verbose=1;
+#ifndef NO_SSL2
+ else if (strcmp(*argv,"-ssl2") == 0)
+ meth=SSLv2_client_method();
+#endif
+#ifndef NO_SSL3
+ else if (strcmp(*argv,"-ssl3") == 0)
+ meth=SSLv3_client_method();
+#endif
+ else if ((strncmp(*argv,"-h",2) == 0) ||
+ (strcmp(*argv,"-?") == 0))
+ {
+ badops=1;
+ break;
+ }
+ else
+ {
+ ciphers= *argv;
+ }
+ argc--;
+ argv++;
+ }
+
+ if (badops)
+ {
+ for (pp=ciphers_usage; (*pp != NULL); pp++)
+ BIO_printf(bio_err,*pp);
+ goto end;
+ }
+
+ SSLeay_add_ssl_algorithms();
+
+ ctx=SSL_CTX_new(meth);
+ if (ctx == NULL) goto err;
+ if (ciphers != NULL)
+ SSL_CTX_set_cipher_list(ctx,ciphers);
+ ssl=SSL_new(ctx);
+ if (ssl == NULL) goto err;
+
+
+ if (!verbose)
+ {
+ for (i=0; ; i++)
+ {
+ p=SSL_get_cipher_list(ssl,i);
+ if (p == NULL) break;
+ if (i != 0) BIO_printf(STDout,":");
+ BIO_printf(STDout,"%s",p);
+ }
+ BIO_printf(STDout,"\n");
+ }
+ else
+ {
+ sk=SSL_get_ciphers(ssl);
+
+ for (i=0; i<sk_num(sk); i++)
+ {
+ BIO_puts(STDout,SSL_CIPHER_description(
+ (SSL_CIPHER *)sk_value(sk,i),
+ buf,512));
+ }
+ }
+
+ ret=0;
+ if (0)
+ {
+err:
+ SSL_load_error_strings();
+ ERR_print_errors(bio_err);
+ }
+end:
+ if (ctx != NULL) SSL_CTX_free(ctx);
+ if (ssl != NULL) SSL_free(ssl);
+ if (STDout != NULL) BIO_free(STDout);
+ EXIT(ret);
+ }
+
diff --git a/src/lib/libssl/src/apps/client.pem b/src/lib/libssl/src/apps/client.pem
new file mode 100644
index 0000000000..307910e56e
--- /dev/null
+++ b/src/lib/libssl/src/apps/client.pem
@@ -0,0 +1,24 @@
+issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
+subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Client test cert (512 bit)
+-----BEGIN CERTIFICATE-----
+MIIB6TCCAVICAQIwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV
+BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYD
+VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNOTcwNjA5MTM1NzU2WhcNOTgwNjA5
+MTM1NzU2WjBjMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG
+A1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxIzAhBgNVBAMTGkNsaWVudCB0ZXN0IGNl
+cnQgKDUxMiBiaXQpMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALtv55QyzG6i2Plw
+Z1pah7++Gv8L5j6Hnyr/uTZE1NLG0ABDDexmq/R4KedLjFEIYjocDui+IXs62NNt
+XrT8odkCAwEAATANBgkqhkiG9w0BAQQFAAOBgQBwtMmI7oGUG8nKmftQssATViH5
+NRRtoEw07DxJp/LfatHdrhqQB73eGdL5WILZJXk46Xz2e9WMSUjVCSYhdKxtflU3
+UR2Ajv1Oo0sTNdfz0wDqJNirLNtzyhhsaq8qMTrLwXrCP31VxBiigFSQSUFnZyTE
+9TKwhS4GlwbtCfxSKQ==
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIIBOwIBAAJBALtv55QyzG6i2PlwZ1pah7++Gv8L5j6Hnyr/uTZE1NLG0ABDDexm
+q/R4KedLjFEIYjocDui+IXs62NNtXrT8odkCAwEAAQJAbwXq0vJ/+uyEvsNgxLko
+/V86mGXQ/KrSkeKlL0r4ENxjcyeMAGoKu6J9yMY7+X9+Zm4nxShNfTsf/+Freoe1
+HQIhAPOSm5Q1YI+KIsII2GeVJx1U69+wnd71OasIPakS1L1XAiEAxQAW+J3/JWE0
+ftEYakbhUOKL8tD1OaFZS71/5GdG7E8CIQCefUMmySSvwd6kC0VlATSWbW+d+jp/
+nWmM1KvqnAo5uQIhALqEADu5U1Wvt8UN8UDGBRPQulHWNycuNV45d3nnskWPAiAw
+ueTyr6WsZ5+SD8g/Hy3xuvF3nPmJRH+rwvVihlcFOg==
+-----END RSA PRIVATE KEY-----
diff --git a/src/lib/libssl/src/apps/crl.c b/src/lib/libssl/src/apps/crl.c
new file mode 100644
index 0000000000..2c18374ee0
--- /dev/null
+++ b/src/lib/libssl/src/apps/crl.c
@@ -0,0 +1,335 @@
+/* apps/crl.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "apps.h"
+#include "bio.h"
+#include "err.h"
+#include "x509.h"
+#include "pem.h"
+
+#undef PROG
+#define PROG crl_main
+
+#undef POSTFIX
+#define POSTFIX ".rvk"
+
+#define FORMAT_UNDEF 0
+#define FORMAT_ASN1 1
+#define FORMAT_TEXT 2
+#define FORMAT_PEM 3
+
+static char *crl_usage[]={
+"usage: crl args\n",
+"\n",
+" -inform arg - input format - default PEM (one of DER, TXT or PEM)\n",
+" -outform arg - output format - default PEM\n",
+" -text - print out a text format version\n",
+" -in arg - input file - default stdin\n",
+" -out arg - output file - default stdout\n",
+" -hash - print hash value\n",
+" -issuer - print issuer DN\n",
+" -lastupdate - lastUpdate field\n",
+" -nextupdate - nextUpdate field\n",
+" -noout - no CRL output\n",
+NULL
+};
+
+#ifndef NOPROTO
+static X509_CRL *load_crl(char *file, int format);
+#else
+static X509_CRL *load_crl();
+#endif
+
+static BIO *bio_out=NULL;
+
+int MAIN(argc, argv)
+int argc;
+char **argv;
+ {
+ X509_CRL *x=NULL;
+ int ret=1,i,num,badops=0;
+ BIO *out=NULL;
+ int informat,outformat;
+ char *infile=NULL,*outfile=NULL;
+ int hash=0,issuer=0,lastupdate=0,nextupdate=0,noout=0;
+ char **pp,buf[256];
+
+ apps_startup();
+
+ if (bio_err == NULL)
+ if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+
+ if (bio_out == NULL)
+ if ((bio_out=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_out,stdout,BIO_NOCLOSE);
+
+ informat=FORMAT_PEM;
+ outformat=FORMAT_PEM;
+
+ argc--;
+ argv++;
+ num=0;
+ while (argc >= 1)
+ {
+#ifdef undef
+ if (strcmp(*argv,"-p") == 0)
+ {
+ if (--argc < 1) goto bad;
+ if (!args_from_file(++argv,Nargc,Nargv)) { goto end; }*/
+ }
+#endif
+ if (strcmp(*argv,"-inform") == 0)
+ {
+ if (--argc < 1) goto bad;
+ informat=str2fmt(*(++argv));
+ }
+ else if (strcmp(*argv,"-outform") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outformat=str2fmt(*(++argv));
+ }
+ else if (strcmp(*argv,"-text") == 0)
+ {
+ outformat=FORMAT_TEXT;
+ }
+ else if (strcmp(*argv,"-in") == 0)
+ {
+ if (--argc < 1) goto bad;
+ infile= *(++argv);
+ }
+ else if (strcmp(*argv,"-out") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-hash") == 0)
+ hash= ++num;
+ else if (strcmp(*argv,"-issuer") == 0)
+ issuer= ++num;
+ else if (strcmp(*argv,"-lastupdate") == 0)
+ lastupdate= ++num;
+ else if (strcmp(*argv,"-nextupdate") == 0)
+ nextupdate= ++num;
+ else if (strcmp(*argv,"-noout") == 0)
+ noout= ++num;
+ else
+ {
+ BIO_printf(bio_err,"unknown option %s\n",*argv);
+ badops=1;
+ break;
+ }
+ argc--;
+ argv++;
+ }
+
+ if (outformat == FORMAT_TEXT)
+ {
+ num=0;
+ issuer= ++num;
+ lastupdate= ++num;
+ nextupdate= ++num;
+ }
+
+ if (badops)
+ {
+bad:
+ for (pp=crl_usage; (*pp != NULL); pp++)
+ BIO_printf(bio_err,*pp);
+ goto end;
+ }
+
+ ERR_load_crypto_strings();
+ x=load_crl(infile,informat);
+ if (x == NULL) { goto end; }
+
+ if (num)
+ {
+ for (i=1; i<=num; i++)
+ {
+ if (issuer == i)
+ {
+ X509_NAME_oneline(x->crl->issuer,buf,256);
+ fprintf(stdout,"issuer= %s\n",buf);
+ }
+
+ if (hash == i)
+ {
+ fprintf(stdout,"%08lx\n",
+ X509_NAME_hash(x->crl->issuer));
+ }
+ if (lastupdate == i)
+ {
+ fprintf(stdout,"lastUpdate=");
+ ASN1_UTCTIME_print(bio_out,x->crl->lastUpdate);
+ fprintf(stdout,"\n");
+ }
+ if (nextupdate == i)
+ {
+ fprintf(stdout,"nextUpdate=");
+ if (x->crl->nextUpdate != NULL)
+ ASN1_UTCTIME_print(bio_out,x->crl->nextUpdate);
+ else
+ fprintf(stdout,"NONE");
+ fprintf(stdout,"\n");
+ }
+ }
+ }
+
+ if (noout) goto end;
+
+ out=BIO_new(BIO_s_file());
+ if (out == NULL)
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (outfile == NULL)
+ BIO_set_fp(out,stdout,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_write_filename(out,outfile) <= 0)
+ {
+ perror(outfile);
+ goto end;
+ }
+ }
+
+ if (outformat == FORMAT_ASN1)
+ i=(int)i2d_X509_CRL_bio(out,x);
+ else if (outformat == FORMAT_PEM)
+ i=PEM_write_bio_X509_CRL(out,x);
+ else if (outformat == FORMAT_TEXT)
+ {
+ X509_REVOKED *r;
+ STACK *sk;
+
+ sk=sk_dup(x->crl->revoked);
+ while ((r=(X509_REVOKED *)sk_pop(sk)) != NULL)
+ {
+ fprintf(stdout,"revoked: serialNumber=");
+ i2a_ASN1_INTEGER(out,r->serialNumber);
+ fprintf(stdout," revocationDate=");
+ ASN1_UTCTIME_print(bio_out,r->revocationDate);
+ fprintf(stdout,"\n");
+ }
+ sk_free(sk);
+ i=1;
+ }
+ else
+ {
+ BIO_printf(bio_err,"bad output format specified for outfile\n");
+ goto end;
+ }
+ if (!i) { BIO_printf(bio_err,"unable to write CRL\n"); goto end; }
+ ret=0;
+end:
+ if (out != NULL) BIO_free(out);
+ if (bio_out != NULL) BIO_free(bio_out);
+ if (x != NULL) X509_CRL_free(x);
+ EXIT(ret);
+ }
+
+static X509_CRL *load_crl(infile, format)
+char *infile;
+int format;
+ {
+ X509_CRL *x=NULL;
+ BIO *in=NULL;
+
+ in=BIO_new(BIO_s_file());
+ if (in == NULL)
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (infile == NULL)
+ BIO_set_fp(in,stdin,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_read_filename(in,infile) <= 0)
+ {
+ perror(infile);
+ goto end;
+ }
+ }
+ if (format == FORMAT_ASN1)
+ x=d2i_X509_CRL_bio(in,NULL);
+ else if (format == FORMAT_PEM)
+ x=PEM_read_bio_X509_CRL(in,NULL,NULL);
+ else {
+ BIO_printf(bio_err,"bad input format specified for input crl\n");
+ goto end;
+ }
+ if (x == NULL)
+ {
+ BIO_printf(bio_err,"unable to load CRL\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+end:
+ if (in != NULL) BIO_free(in);
+ return(x);
+ }
+
diff --git a/src/lib/libssl/src/apps/crl2p7.c b/src/lib/libssl/src/apps/crl2p7.c
new file mode 100644
index 0000000000..82a7829558
--- /dev/null
+++ b/src/lib/libssl/src/apps/crl2p7.c
@@ -0,0 +1,334 @@
+/* apps/crl2p7.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* This was written by Gordon Chaffee <chaffee@plateau.cs.berkeley.edu>
+ * and donated 'to the cause' along with lots and lots of other fixes to
+ * the library. */
+
+#include <stdio.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include "apps.h"
+#include "err.h"
+#include "evp.h"
+#include "x509.h"
+#include "pkcs7.h"
+#include "pem.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static int add_certs_from_file(STACK *stack, char *certfile);
+#else
+static int add_certs_from_file();
+#endif
+
+#undef PROG
+#define PROG crl2pkcs7_main
+
+/* -inform arg - input format - default PEM (one of DER, TXT or PEM)
+ * -outform arg - output format - default PEM
+ * -in arg - input file - default stdin
+ * -out arg - output file - default stdout
+ */
+
+int MAIN(argc, argv)
+int argc;
+char **argv;
+ {
+ int i,badops=0;
+ BIO *in=NULL,*out=NULL;
+ int informat,outformat;
+ char *infile,*outfile,*prog,*certfile;
+ PKCS7 *p7 = NULL;
+ PKCS7_SIGNED *p7s = NULL;
+ X509_CRL *crl=NULL;
+ STACK *crl_stack=NULL;
+ STACK *cert_stack=NULL;
+ int ret=1,nocrl=0;
+
+ apps_startup();
+
+ if (bio_err == NULL)
+ if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+
+ infile=NULL;
+ outfile=NULL;
+ informat=FORMAT_PEM;
+ outformat=FORMAT_PEM;
+ certfile=NULL;
+
+ prog=argv[0];
+ argc--;
+ argv++;
+ while (argc >= 1)
+ {
+ if (strcmp(*argv,"-inform") == 0)
+ {
+ if (--argc < 1) goto bad;
+ informat=str2fmt(*(++argv));
+ }
+ else if (strcmp(*argv,"-outform") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outformat=str2fmt(*(++argv));
+ }
+ else if (strcmp(*argv,"-in") == 0)
+ {
+ if (--argc < 1) goto bad;
+ infile= *(++argv);
+ }
+ else if (strcmp(*argv,"-nocrl") == 0)
+ {
+ nocrl=1;
+ }
+ else if (strcmp(*argv,"-out") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-certfile") == 0)
+ {
+ if (--argc < 1) goto bad;
+ certfile= *(++argv);
+ }
+ else
+ {
+ BIO_printf(bio_err,"unknown option %s\n",*argv);
+ badops=1;
+ break;
+ }
+ argc--;
+ argv++;
+ }
+
+ if (badops)
+ {
+bad:
+ BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog);
+ BIO_printf(bio_err,"where options are\n");
+ BIO_printf(bio_err," -inform arg input format - one of DER TXT PEM\n");
+ BIO_printf(bio_err," -outform arg output format - one of DER TXT PEM\n");
+ BIO_printf(bio_err," -in arg inout file\n");
+ BIO_printf(bio_err," -out arg output file\n");
+ BIO_printf(bio_err," -certfile arg certificates file of chain to a trusted CA\n");
+ BIO_printf(bio_err," -nocrl no crl to load, just certs from '-certfile'\n");
+ EXIT(1);
+ }
+
+ ERR_load_crypto_strings();
+
+ in=BIO_new(BIO_s_file());
+ out=BIO_new(BIO_s_file());
+ if ((in == NULL) || (out == NULL))
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (!nocrl)
+ {
+ if (infile == NULL)
+ BIO_set_fp(in,stdin,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_read_filename(in,infile) <= 0)
+ {
+ perror(infile);
+ goto end;
+ }
+ }
+
+ if (informat == FORMAT_ASN1)
+ crl=d2i_X509_CRL_bio(in,NULL);
+ else if (informat == FORMAT_PEM)
+ crl=PEM_read_bio_X509_CRL(in,NULL,NULL);
+ else {
+ BIO_printf(bio_err,"bad input format specified for input crl\n");
+ goto end;
+ }
+ if (crl == NULL)
+ {
+ BIO_printf(bio_err,"unable to load CRL\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ }
+
+ if ((p7=PKCS7_new()) == NULL) goto end;
+ if ((p7s=PKCS7_SIGNED_new()) == NULL) goto end;
+ p7->type=OBJ_nid2obj(NID_pkcs7_signed);
+ p7->d.sign=p7s;
+ p7s->contents->type=OBJ_nid2obj(NID_pkcs7_data);
+
+ if (!ASN1_INTEGER_set(p7s->version,1)) goto end;
+ if ((crl_stack=sk_new(NULL)) == NULL) goto end;
+ p7s->crl=crl_stack;
+ if (crl != NULL)
+ {
+ sk_push(crl_stack,(char *)crl);
+ crl=NULL; /* now part of p7 for Freeing */
+ }
+
+ if ((cert_stack=sk_new(NULL)) == NULL) goto end;
+ p7s->cert=cert_stack;
+
+ if (certfile != NULL)
+ {
+ if (add_certs_from_file(cert_stack,certfile) < 0)
+ {
+ BIO_printf(bio_err,"error loading certificates\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ }
+
+ if (outfile == NULL)
+ BIO_set_fp(out,stdout,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_write_filename(out,outfile) <= 0)
+ {
+ perror(outfile);
+ goto end;
+ }
+ }
+
+ if (outformat == FORMAT_ASN1)
+ i=i2d_PKCS7_bio(out,p7);
+ else if (outformat == FORMAT_PEM)
+ i=PEM_write_bio_PKCS7(out,p7);
+ else {
+ BIO_printf(bio_err,"bad output format specified for outfile\n");
+ goto end;
+ }
+ if (!i)
+ {
+ BIO_printf(bio_err,"unable to write pkcs7 object\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ ret=0;
+end:
+ if (in != NULL) BIO_free(in);
+ if (out != NULL) BIO_free(out);
+ if (p7 != NULL) PKCS7_free(p7);
+ if (crl != NULL) X509_CRL_free(crl);
+
+ EXIT(ret);
+ }
+
+/*
+ *----------------------------------------------------------------------
+ * int add_certs_from_file
+ *
+ * Read a list of certificates to be checked from a file.
+ *
+ * Results:
+ * number of certs added if successful, -1 if not.
+ *----------------------------------------------------------------------
+ */
+static int add_certs_from_file(stack,certfile)
+STACK *stack;
+char *certfile;
+ {
+ struct stat st;
+ BIO *in=NULL;
+ int count=0;
+ int ret= -1;
+ STACK *sk=NULL;
+ X509_INFO *xi;
+
+ if ((stat(certfile,&st) != 0))
+ {
+ BIO_printf(bio_err,"unable to file the file, %s\n",certfile);
+ goto end;
+ }
+
+ in=BIO_new(BIO_s_file());
+ if ((in == NULL) || (BIO_read_filename(in,certfile) <= 0))
+ {
+ goto end;
+ }
+
+ /* This loads from a file, a stack of x509/crl/pkey sets */
+ sk=PEM_X509_INFO_read_bio(in,NULL,NULL);
+ if (sk == NULL) goto end;
+
+ /* scan over it and pull out the CRL's */
+ while (sk_num(sk))
+ {
+ xi=(X509_INFO *)sk_shift(sk);
+ if (xi->x509 != NULL)
+ {
+ sk_push(stack,(char *)xi->x509);
+ xi->x509=NULL;
+ count++;
+ }
+ X509_INFO_free(xi);
+ }
+
+ ret=count;
+end:
+ /* never need to Free x */
+ if (in != NULL) BIO_free(in);
+ if (sk != NULL) sk_free(sk);
+ return(ret);
+ }
+
diff --git a/src/lib/libssl/src/apps/demoCA/cacert.pem b/src/lib/libssl/src/apps/demoCA/cacert.pem
new file mode 100644
index 0000000000..affbce3bc9
--- /dev/null
+++ b/src/lib/libssl/src/apps/demoCA/cacert.pem
@@ -0,0 +1,14 @@
+subject=/C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
+issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
+-----BEGIN X509 CERTIFICATE-----
+
+MIIBgjCCASwCAQQwDQYJKoZIhvcNAQEEBQAwODELMAkGA1UEBhMCQVUxDDAKBgNV
+BAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3JzYSB0ZXN0IENBMB4XDTk1MTAwOTIz
+MzIwNVoXDTk4MDcwNTIzMzIwNVowYDELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FM
+RDEZMBcGA1UEChMQTWluY29tIFB0eS4gTHRkLjELMAkGA1UECxMCQ1MxGzAZBgNV
+BAMTElNTTGVheSBkZW1vIHNlcnZlcjBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQC3
+LCXcScWua0PFLkHBLm2VejqpA1F4RQ8q0VjRiPafjx/Z/aWH3ipdMVvuJGa/wFXb
+/nDFLDlfWp+oCPwhBtVPAgMBAAEwDQYJKoZIhvcNAQEEBQADQQArNFsihWIjBzb0
+DCsU0BvL2bvSwJrPEqFlkDq3F4M6EGutL9axEcANWgbbEdAvNJD1dmEmoWny27Pn
+IMs6ZOZB
+-----END X509 CERTIFICATE-----
diff --git a/src/lib/libssl/src/apps/demoCA/index.txt b/src/lib/libssl/src/apps/demoCA/index.txt
new file mode 100644
index 0000000000..2cdd252d67
--- /dev/null
+++ b/src/lib/libssl/src/apps/demoCA/index.txt
@@ -0,0 +1,39 @@
+R 980705233205Z 951009233205Z 01 certs/00000001 /CN=Eric Young
+E 951009233205Z 02 certs/00000002 /CN=Duncan Young
+R 980705233205Z 951201010000Z 03 certs/00000003 /CN=Tim Hudson
+V 980705233205Z 04 certs/00000004 /CN=Eric Young4
+V 980705233205Z 05 certs/00000004 /CN=Eric Young5
+V 980705233205Z 06 certs/00000004 /CN=Eric Young6
+V 980705233205Z 07 certs/00000004 /CN=Eric Young7
+V 980705233205Z 08 certs/00000004 /CN=Eric Young8
+V 980705233205Z 09 certs/00000004 /CN=Eric Young9
+V 980705233205Z 0A certs/00000004 /CN=Eric YoungA
+V 980705233205Z 0B certs/00000004 /CN=Eric YoungB
+V 980705233205Z 0C certs/00000004 /CN=Eric YoungC
+V 980705233205Z 0D certs/00000004 /CN=Eric YoungD
+V 980705233205Z 0E certs/00000004 /CN=Eric YoungE
+V 980705233205Z 0F certs/00000004 /CN=Eric YoungF
+V 980705233205Z 10 certs/00000004 /CN=Eric Young10
+V 980705233205Z 11 certs/00000004 /CN=Eric Young11
+V 980705233205Z 12 certs/00000004 /CN=Eric Young12
+V 980705233205Z 13 certs/00000004 /CN=Eric Young13
+V 980705233205Z 14 certs/00000004 /CN=Eric Young14
+V 980705233205Z 15 certs/00000004 /CN=Eric Young15
+V 980705233205Z 16 certs/00000004 /CN=Eric Young16
+V 980705233205Z 17 certs/00000004 /CN=Eric Young17
+V 961206150305Z 010C unknown /C=AU/SP=QLD/O=Mincom Pty. Ltd./OU=MTR/CN=Eric Young/Email=eay@mincom.oz.au
+V 961206153245Z 010D unknown /C=AU/SP=Queensland/O=Mincom Pty Ltd/OU=MTR/CN=Eric Young/Email=eay@mincom.oz.au
+V 970322074816Z 010E unknown /CN=Eric Young/Email=eay@mincom.oz.au
+V 970322075152Z 010F unknown /CN=Eric Young
+V 970322075906Z 0110 unknown /CN=Eric Youngg
+V 970324092238Z 0111 unknown /C=AU/SP=Queensland/CN=Eric Young
+V 970324221931Z 0112 unknown /CN=Fred
+V 970324224934Z 0113 unknown /C=AU/CN=eay
+V 971001005237Z 0114 unknown /C=AU/SP=QLD/O=Mincom Pty Ltd/OU=MTR/CN=x509v3 test
+V 971001010331Z 0115 unknown /C=AU/SP=Queensland/O=Mincom Pty Ltd/OU=MTR/CN=test again - x509v3
+V 971001013945Z 0117 unknown /C=AU/SP=Queensland/O=Mincom Pty Ltd/OU=MTR/CN=x509v3 test
+V 971014225415Z 0118 unknown /C=AU/SP=Queensland/CN=test
+V 971015004448Z 0119 unknown /C=AU/SP=Queensland/O=Mincom Pty Ltd/OU=MTR/CN=test2
+V 971016035001Z 011A unknown /C=AU/SP=Queensland/O=Mincom Pty Ltd/OU=MTR/CN=test64
+V 971016080129Z 011B unknown /C=FR/O=ALCATEL/OU=Alcatel Mobile Phones/CN=bourque/Email=bourque@art.alcatel.fr
+V 971016224000Z 011D unknown /L=Bedford/O=Cranfield University/OU=Computer Centre/CN=Peter R Lister/Email=P.Lister@cranfield.ac.uk
diff --git a/src/lib/libssl/src/apps/demoCA/private/cakey.pem b/src/lib/libssl/src/apps/demoCA/private/cakey.pem
new file mode 100644
index 0000000000..48fb18c7d8
--- /dev/null
+++ b/src/lib/libssl/src/apps/demoCA/private/cakey.pem
@@ -0,0 +1,24 @@
+issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
+subject=/C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
+-----BEGIN X509 CERTIFICATE-----
+
+MIIBgjCCASwCAQQwDQYJKoZIhvcNAQEEBQAwODELMAkGA1UEBhMCQVUxDDAKBgNV
+BAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3JzYSB0ZXN0IENBMB4XDTk1MTAwOTIz
+MzIwNVoXDTk4MDcwNTIzMzIwNVowYDELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FM
+RDEZMBcGA1UEChMQTWluY29tIFB0eS4gTHRkLjELMAkGA1UECxMCQ1MxGzAZBgNV
+BAMTElNTTGVheSBkZW1vIHNlcnZlcjBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQC3
+LCXcScWua0PFLkHBLm2VejqpA1F4RQ8q0VjRiPafjx/Z/aWH3ipdMVvuJGa/wFXb
+/nDFLDlfWp+oCPwhBtVPAgMBAAEwDQYJKoZIhvcNAQEEBQADQQArNFsihWIjBzb0
+DCsU0BvL2bvSwJrPEqFlkDq3F4M6EGutL9axEcANWgbbEdAvNJD1dmEmoWny27Pn
+IMs6ZOZB
+-----END X509 CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+
+MIIBPAIBAAJBALcsJdxJxa5rQ8UuQcEubZV6OqkDUXhFDyrRWNGI9p+PH9n9pYfe
+Kl0xW+4kZr/AVdv+cMUsOV9an6gI/CEG1U8CAwEAAQJAXJMBZ34ZXHd1vtgL/3hZ
+hexKbVTx/djZO4imXO/dxPGRzG2ylYZpHmG32/T1kaHpZlCHoEPgHoSzmxYXfxjG
+sQIhAPmZ/bQOjmRUHM/VM2X5zrjjM6z18R1P6l3ObFwt9FGdAiEAu943Yh9SqMRw
+tL0xHGxKmM/YJueUw1gB6sLkETN71NsCIQCeT3RhoqXfrpXDoEcEU+gwzjI1bpxq
+agiNTOLfqGoA5QIhAIQFYjgzONxex7FLrsKBm16N2SFl5pXsN9SpRqqL2n63AiEA
+g9VNIQ3xwpw7og3IbONifeku+J9qGMGQJMKwSTwrFtI=
+-----END RSA PRIVATE KEY-----
diff --git a/src/lib/libssl/src/apps/demoCA/serial b/src/lib/libssl/src/apps/demoCA/serial
new file mode 100644
index 0000000000..69fa0ffe28
--- /dev/null
+++ b/src/lib/libssl/src/apps/demoCA/serial
@@ -0,0 +1 @@
+011E
diff --git a/src/lib/libssl/src/apps/dgst.c b/src/lib/libssl/src/apps/dgst.c
new file mode 100644
index 0000000000..eea291db12
--- /dev/null
+++ b/src/lib/libssl/src/apps/dgst.c
@@ -0,0 +1,227 @@
+/* apps/dgst.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include "apps.h"
+#include "bio.h"
+#include "err.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+#include "pem.h"
+
+#undef BUFSIZE
+#define BUFSIZE 1024*8
+
+#undef PROG
+#define PROG dgst_main
+
+#ifndef NOPROTO
+void do_fp(unsigned char *buf,BIO *f,int sep);
+#else
+void do_fp();
+#endif
+
+int MAIN(argc,argv)
+int argc;
+char **argv;
+ {
+ unsigned char *buf=NULL;
+ int i,err=0;
+ EVP_MD *md=NULL,*m;
+ BIO *in=NULL,*inp;
+ BIO *bmd=NULL;
+ char *name;
+#define PROG_NAME_SIZE 16
+ char pname[PROG_NAME_SIZE];
+ int separator=0;
+ int debug=0;
+
+ apps_startup();
+
+ if ((buf=(unsigned char *)Malloc(BUFSIZE)) == NULL)
+ {
+ BIO_printf(bio_err,"out of memory\n");
+ goto end;
+ }
+ if (bio_err == NULL)
+ if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+
+ /* first check the program name */
+ program_name(argv[0],pname,PROG_NAME_SIZE);
+
+ md=EVP_get_digestbyname(pname);
+
+ argc--;
+ argv++;
+ for (i=0; i<argc; i++)
+ {
+ if ((*argv)[0] != '-') break;
+ if (strcmp(*argv,"-c") == 0)
+ separator=1;
+ else if (strcmp(*argv,"-d") == 0)
+ debug=1;
+ else if ((m=EVP_get_digestbyname(&((*argv)[1]))) != NULL)
+ md=m;
+ else
+ break;
+ argc--;
+ argv++;
+ }
+
+ if (md == NULL)
+ md=EVP_md5();
+
+ if ((argc > 0) && (argv[0][0] == '-')) /* bad option */
+ {
+ BIO_printf(bio_err,"unknown option '%s'\n",*argv);
+ BIO_printf(bio_err,"options are\n");
+ BIO_printf(bio_err,"-c to output the digest with separating colons\n");
+ BIO_printf(bio_err,"-d to output debug info\n");
+ BIO_printf(bio_err,"-%3s to use the %s message digest algorithm (default)\n",
+ LN_md5,LN_md5);
+ BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
+ LN_md2,LN_md2);
+ BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
+ LN_sha1,LN_sha1);
+ BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
+ LN_sha,LN_sha);
+ BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
+ LN_mdc2,LN_mdc2);
+ err=1;
+ goto end;
+ }
+
+ in=BIO_new(BIO_s_file());
+ bmd=BIO_new(BIO_f_md());
+ if (debug)
+ {
+ BIO_set_callback(in,BIO_debug_callback);
+ /* needed for windows 3.1 */
+ BIO_set_callback_arg(in,bio_err);
+ }
+
+ if ((in == NULL) || (bmd == NULL))
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ /* we use md as a filter, reading from 'in' */
+ BIO_set_md(bmd,md);
+ inp=BIO_push(bmd,in);
+
+ if (argc == 0)
+ {
+ BIO_set_fp(in,stdin,BIO_NOCLOSE);
+ do_fp(buf,inp,separator);
+ }
+ else
+ {
+ name=OBJ_nid2sn(md->type);
+ for (i=0; i<argc; i++)
+ {
+ if (BIO_read_filename(in,argv[i]) <= 0)
+ {
+ perror(argv[i]);
+ err++;
+ continue;
+ }
+ printf("%s(%s)= ",name,argv[i]);
+ do_fp(buf,inp,separator);
+ BIO_reset(bmd);
+ }
+ }
+end:
+ if (buf != NULL)
+ {
+ memset(buf,0,BUFSIZE);
+ Free(buf);
+ }
+ if (in != NULL) BIO_free(in);
+ if (bmd != NULL) BIO_free(bmd);
+ EXIT(err);
+ }
+
+void do_fp(buf,bp,sep)
+unsigned char *buf;
+BIO *bp;
+int sep;
+ {
+ int len;
+ int i;
+
+ for (;;)
+ {
+ i=BIO_read(bp,(char *)buf,BUFSIZE);
+ if (i <= 0) break;
+ }
+ len=BIO_gets(bp,(char *)buf,BUFSIZE);
+
+ for (i=0; i<len; i++)
+ {
+ if (sep && (i != 0))
+ putc(':',stdout);
+ printf("%02x",buf[i]);
+ }
+ printf("\n");
+ }
+
diff --git a/src/lib/libssl/src/apps/dh.c b/src/lib/libssl/src/apps/dh.c
new file mode 100644
index 0000000000..bbf445e845
--- /dev/null
+++ b/src/lib/libssl/src/apps/dh.c
@@ -0,0 +1,312 @@
+/* apps/dh.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include "apps.h"
+#include "bio.h"
+#include "err.h"
+#include "bn.h"
+#include "dh.h"
+#include "x509.h"
+#include "pem.h"
+
+#undef PROG
+#define PROG dh_main
+
+/* -inform arg - input format - default PEM (one of DER, TXT or PEM)
+ * -outform arg - output format - default PEM
+ * -in arg - input file - default stdin
+ * -out arg - output file - default stdout
+ * -check - check the parameters are ok
+ * -noout
+ * -text
+ * -C
+ */
+
+int MAIN(argc, argv)
+int argc;
+char **argv;
+ {
+ DH *dh=NULL;
+ int i,badops=0,text=0;
+ BIO *in=NULL,*out=NULL;
+ int informat,outformat,check=0,noout=0,C=0,ret=1;
+ char *infile,*outfile,*prog;
+
+ apps_startup();
+
+ if (bio_err == NULL)
+ if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+
+ infile=NULL;
+ outfile=NULL;
+ informat=FORMAT_PEM;
+ outformat=FORMAT_PEM;
+
+ prog=argv[0];
+ argc--;
+ argv++;
+ while (argc >= 1)
+ {
+ if (strcmp(*argv,"-inform") == 0)
+ {
+ if (--argc < 1) goto bad;
+ informat=str2fmt(*(++argv));
+ }
+ else if (strcmp(*argv,"-outform") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outformat=str2fmt(*(++argv));
+ }
+ else if (strcmp(*argv,"-in") == 0)
+ {
+ if (--argc < 1) goto bad;
+ infile= *(++argv);
+ }
+ else if (strcmp(*argv,"-out") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-check") == 0)
+ check=1;
+ else if (strcmp(*argv,"-text") == 0)
+ text=1;
+ else if (strcmp(*argv,"-C") == 0)
+ C=1;
+ else if (strcmp(*argv,"-noout") == 0)
+ noout=1;
+ else
+ {
+ BIO_printf(bio_err,"unknown option %s\n",*argv);
+ badops=1;
+ break;
+ }
+ argc--;
+ argv++;
+ }
+
+ if (badops)
+ {
+bad:
+ BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog);
+ BIO_printf(bio_err,"where options are\n");
+ BIO_printf(bio_err," -inform arg input format - one of DER TXT PEM\n");
+ BIO_printf(bio_err," -outform arg output format - one of DER TXT PEM\n");
+ BIO_printf(bio_err," -in arg inout file\n");
+ BIO_printf(bio_err," -out arg output file\n");
+ BIO_printf(bio_err," -check check the DH parameters\n");
+ BIO_printf(bio_err," -text check the DH parameters\n");
+ BIO_printf(bio_err," -C Output C code\n");
+ BIO_printf(bio_err," -noout no output\n");
+ goto end;
+ }
+
+ ERR_load_crypto_strings();
+
+ in=BIO_new(BIO_s_file());
+ out=BIO_new(BIO_s_file());
+ if ((in == NULL) || (out == NULL))
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (infile == NULL)
+ BIO_set_fp(in,stdin,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_read_filename(in,infile) <= 0)
+ {
+ perror(infile);
+ goto end;
+ }
+ }
+ if (outfile == NULL)
+ BIO_set_fp(out,stdout,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_write_filename(out,outfile) <= 0)
+ {
+ perror(outfile);
+ goto end;
+ }
+ }
+
+ if (informat == FORMAT_ASN1)
+ dh=d2i_DHparams_bio(in,NULL);
+ else if (informat == FORMAT_PEM)
+ dh=PEM_read_bio_DHparams(in,NULL,NULL);
+ else
+ {
+ BIO_printf(bio_err,"bad input format specified\n");
+ goto end;
+ }
+ if (dh == NULL)
+ {
+ BIO_printf(bio_err,"unable to load DH parameters\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+
+
+ if (text)
+ {
+ DHparams_print(out,dh);
+#ifdef undef
+ printf("p=");
+ BN_print(stdout,dh->p);
+ printf("\ng=");
+ BN_print(stdout,dh->g);
+ printf("\n");
+ if (dh->length != 0)
+ printf("recomented private length=%ld\n",dh->length);
+#endif
+ }
+
+ if (check)
+ {
+ if (!DH_check(dh,&i))
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ if (i & DH_CHECK_P_NOT_PRIME)
+ printf("p value is not prime\n");
+ if (i & DH_CHECK_P_NOT_STRONG_PRIME)
+ printf("p value is not a strong prime\n");
+ if (i & DH_UNABLE_TO_CHECK_GENERATOR)
+ printf("unable to check the generator value\n");
+ if (i & DH_NOT_SUITABLE_GENERATOR)
+ printf("the g value is not a generator\n");
+ if (i == 0)
+ printf("DH parameters appear to be ok.\n");
+ }
+ if (C)
+ {
+ unsigned char *data;
+ int len,l,bits;
+
+ len=BN_num_bytes(dh->p);
+ bits=BN_num_bits(dh->p);
+ data=(unsigned char *)Malloc(len);
+ if (data == NULL)
+ {
+ perror("Malloc");
+ goto end;
+ }
+ l=BN_bn2bin(dh->p,data);
+ printf("static unsigned char dh%d_p[]={",bits);
+ for (i=0; i<l; i++)
+ {
+ if ((i%12) == 0) printf("\n\t");
+ printf("0x%02X,",data[i]);
+ }
+ printf("\n\t};\n");
+
+ l=BN_bn2bin(dh->g,data);
+ printf("static unsigned char dh%d_g[]={",bits);
+ for (i=0; i<l; i++)
+ {
+ if ((i%12) == 0) printf("\n\t");
+ printf("0x%02X,",data[i]);
+ }
+ printf("\n\t};\n\n");
+
+ printf("DH *get_dh%d()\n\t{\n",bits);
+ printf("\tDH *dh;\n\n");
+ printf("\tif ((dh=DH_new()) == NULL) return(NULL);\n");
+ printf("\tdh->p=BN_bin2bn(dh%d_p,sizeof(dh%d_p),NULL);\n",
+ bits,bits);
+ printf("\tdh->g=BN_bin2bn(dh%d_g,sizeof(dh%d_g),NULL);\n",
+ bits,bits);
+ printf("\tif ((dh->p == NULL) || (dh->g == NULL))\n");
+ printf("\t\treturn(NULL);\n");
+ printf("\treturn(dh);\n\t}\n");
+ }
+
+
+ if (!noout)
+ {
+ if (outformat == FORMAT_ASN1)
+ i=i2d_DHparams_bio(out,dh);
+ else if (outformat == FORMAT_PEM)
+ i=PEM_write_bio_DHparams(out,dh);
+ else {
+ BIO_printf(bio_err,"bad output format specified for outfile\n");
+ goto end;
+ }
+ if (!i)
+ {
+ BIO_printf(bio_err,"unable to write DH paramaters\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ }
+ ret=0;
+end:
+ if (in != NULL) BIO_free(in);
+ if (out != NULL) BIO_free(out);
+ if (dh != NULL) DH_free(dh);
+ EXIT(ret);
+ }
diff --git a/src/lib/libssl/src/apps/dh1024.pem b/src/lib/libssl/src/apps/dh1024.pem
new file mode 100644
index 0000000000..81d43f6a3e
--- /dev/null
+++ b/src/lib/libssl/src/apps/dh1024.pem
@@ -0,0 +1,5 @@
+-----BEGIN DH PARAMETERS-----
+MIGHAoGBAJf2QmHKtQXdKCjhPx1ottPb0PMTBH9A6FbaWMsTuKG/K3g6TG1Z1fkq
+/Gz/PWk/eLI9TzFgqVAuPvr3q14a1aZeVUMTgo2oO5/y2UHe6VaJ+trqCTat3xlx
+/mNbIK9HA2RgPC3gWfVLZQrY+gz3ASHHR5nXWHEyvpuZm7m3h+irAgEC
+-----END DH PARAMETERS-----
diff --git a/src/lib/libssl/src/apps/dsa-ca.pem b/src/lib/libssl/src/apps/dsa-ca.pem
new file mode 100644
index 0000000000..9eb08f3ddd
--- /dev/null
+++ b/src/lib/libssl/src/apps/dsa-ca.pem
@@ -0,0 +1,43 @@
+-----BEGIN DSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,C5B6C7CC9E1FE2C0
+
+svCXBcBRhMuU22UXOfiKZA+thmz6KYXpt1Yg5Rd+TYQcQ1MdvNy0B0tkP1SxzDq0
+Xh1eMeTML9/9/0rKakgNXXXbpi5RB8t6BmwRSyej89F7nn1mtR3qzoyPRpp15SDl
+Tn67C+2v+HDF3MFk88hiNCYkNbcmi7TWvChsl8N1r7wdZwtIox56yXdgxw6ZIpa/
+par0oUCzN7fiavPgCWz1kfPNSaBQSdxwH7TZi5tMHAr0J3C7a7QRnZfE09R59Uqr
+zslrq+ndIw1BZAxoY0SlBu+iFOVaBVlwToC4AsHkv7j7l8ITtr7f42YbBa44D9TO
+uOhONmkk/v3Fso4RaOEzdKZC+hnmmzvHs6TiTWm6yzJgSFwyOUK0eGmKEeVxpcH5
+rUOlHOwzen+FFtocZDZAfdFnb7QY7L/boQvyA5A+ZbRG4DUpmBQeQsSaICHM5Rxx
+1QaLF413VNPXTLPbW0ilSc2H8x2iZTIVKfd33oSO6NhXPtSYQgfecEF4BvNHY5c4
+HovjT4mckbK95bcBzoCHu43vuSQkmZzdYo/ydSZt6zoPavbBLueTpgSbdXiDi827
+MVqOsYxGCb+kez0FoDSTgw==
+-----END DSA PRIVATE KEY-----
+-----BEGIN CERTIFICATE REQUEST-----
+MIICUjCCAhECAQAwUjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx
+ITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDELMAkGA1UEAxMCQ0Ew
+ggG0MIIBKQYFKw4DAgwwggEeAoGBAKc/boW/QWopffCfRxkwkJoJHdpqMx7FPYaW
+sxXgUy6P4FmCc5A+dTGZR3pS+4Xk2aZ7OJtoioSbh8YetX6GS1NbWc9xZRmIbs5m
+rmuINvvsKNzC16W75Sw5JkvamnAYlTeVEFYj9hXtugRe3jlP/bdDH7WkZW/NgBHk
+cJVbUM1JAhUA9wcx7fpsBgPVhYocrJxl51BmZW8CgYBN30wDppGK9RlvUEYlmeVo
+bzDjaeHls12YuyiGSPzemQQ/X4gMnHMkDSBduSqaPxiWJ+Rih8F7dGJT/GEnqHqR
+CZ228U2cVA9YBu5JdAfOVX4jzhb2ytxaYQF+yXG1TfbcNCmHaPZeIJOz2/XkCWxB
+F5WS6wG1c6Vqftgy7Q4CuAOBhAACgYAapll6iqz9XrZFlk2GCVcB+KihxWnH7IuH
+vSLw9YUrJahcBHmbpvt494lF4gC5w3WPM+vXJofbusk4GoQEEsQNMDaah4m49uUq
+AylOVFJJJXuirVJ+o+0TtOFDITEAl+YZZariXOD7tdOSOl9RLMPC6+daHKS9e68u
+3enxhqnDGaAAMAkGBSsOAwIbBQADMAAwLQIVAJGVuFsG/0DBuSZ0jF7ypdU0/G0v
+AhQfeF5BoMMDbX/kidUVpQ6gadPlZA==
+-----END CERTIFICATE REQUEST-----
+-----BEGIN CERTIFICATE-----
+MIIBrjCCAWwCAQswCQYFKw4DAhsFADBTMQswCQYDVQQGEwJBVTETMBEGA1UECBMK
+U29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQww
+CgYDVQQDEwNQQ0EwHhcNOTcwNjE1MDIxNDI5WhcNOTcwNzE1MDIxNDI5WjBSMQsw
+CQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJu
+ZXQgV2lkZ2l0cyBQdHkgTHRkMQswCQYDVQQDEwJDQTCBkjAJBgUrDgMCDAUAA4GE
+AAKBgBqmWXqKrP1etkWWTYYJVwH4qKHFacfsi4e9IvD1hSslqFwEeZum+3j3iUXi
+ALnDdY8z69cmh9u6yTgahAQSxA0wNpqHibj25SoDKU5UUkkle6KtUn6j7RO04UMh
+MQCX5hllquJc4Pu105I6X1Esw8Lr51ocpL17ry7d6fGGqcMZMAkGBSsOAwIbBQAD
+MQAwLgIVAJ4wtQsANPxHo7Q4IQZYsL12SKdbAhUAjJ9n38zxT+iai2164xS+LIfa
+C1Q=
+-----END CERTIFICATE-----
+
diff --git a/src/lib/libssl/src/apps/dsa-pca.pem b/src/lib/libssl/src/apps/dsa-pca.pem
new file mode 100644
index 0000000000..e3641ad47e
--- /dev/null
+++ b/src/lib/libssl/src/apps/dsa-pca.pem
@@ -0,0 +1,49 @@
+-----BEGIN DSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,F80EEEBEEA7386C4
+
+GZ9zgFcHOlnhPoiSbVi/yXc9mGoj44A6IveD4UlpSEUt6Xbse3Fr0KHIUyQ3oGnS
+mClKoAp/eOTb5Frhto85SzdsxYtac+X1v5XwdzAMy2KowHVk1N8A5jmE2OlkNPNt
+of132MNlo2cyIRYaa35PPYBGNCmUm7YcYS8O90YtkrQZZTf4+2C4kllhMcdkQwkr
+FWSWC8YOQ7w0LHb4cX1FejHHom9Nd/0PN3vn3UyySvfOqoR7nbXkrpHXmPIr0hxX
+RcF0aXcV/CzZ1/nfXWQf4o3+oD0T22SDoVcZY60IzI0oIc3pNCbDV3uKNmgekrFd
+qOUJ+QW8oWp7oefRx62iBfIeC8DZunohMXaWAQCU0sLQOR4yEdeUCnzCSywe0bG1
+diD0KYaEe+Yub1BQH4aLsBgDjardgpJRTQLq0DUvw0/QGO1irKTJzegEDNVBKrVn
+V4AHOKT1CUKqvGNRP1UnccUDTF6miOAtaj/qpzra7sSk7dkGBvIEeFoAg84kfh9h
+hVvF1YyzC9bwZepruoqoUwke/WdNIR5ymOVZ/4Liw0JdIOcq+atbdRX08niqIRkf
+dsZrUj4leo3zdefYUQ7w4N2Ns37yDFq7
+-----END DSA PRIVATE KEY-----
+-----BEGIN CERTIFICATE REQUEST-----
+MIICVTCCAhMCAQAwUzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx
+ITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEMMAoGA1UEAxMDUENB
+MIIBtTCCASkGBSsOAwIMMIIBHgKBgQCnP26Fv0FqKX3wn0cZMJCaCR3aajMexT2G
+lrMV4FMuj+BZgnOQPnUxmUd6UvuF5NmmezibaIqEm4fGHrV+hktTW1nPcWUZiG7O
+Zq5riDb77Cjcwtelu+UsOSZL2ppwGJU3lRBWI/YV7boEXt45T/23Qx+1pGVvzYAR
+5HCVW1DNSQIVAPcHMe36bAYD1YWKHKycZedQZmVvAoGATd9MA6aRivUZb1BGJZnl
+aG8w42nh5bNdmLsohkj83pkEP1+IDJxzJA0gXbkqmj8YlifkYofBe3RiU/xhJ6h6
+kQmdtvFNnFQPWAbuSXQHzlV+I84W9srcWmEBfslxtU323DQph2j2XiCTs9v15Als
+QReVkusBtXOlan7YMu0OArgDgYUAAoGBAKbtuR5AdW+ICjCFe2ixjUiJJzM2IKwe
+6NZEMXg39+HQ1UTPTmfLZLps+rZfolHDXuRKMXbGFdSF0nXYzotPCzi7GauwEJTZ
+yr27ZZjA1C6apGSQ9GzuwNvZ4rCXystVEagAS8OQ4H3D4dWS17Zg31ICb5o4E5r0
+z09o/Uz46u0VoAAwCQYFKw4DAhsFAAMxADAuAhUArRubTxsbIXy3AhtjQ943AbNB
+nSICFQCu+g1iW3jwF+gOcbroD4S/ZcvB3w==
+-----END CERTIFICATE REQUEST-----
+-----BEGIN CERTIFICATE-----
+MIIC0zCCApECAQAwCQYFKw4DAhsFADBTMQswCQYDVQQGEwJBVTETMBEGA1UECBMK
+U29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQww
+CgYDVQQDEwNQQ0EwHhcNOTcwNjE0MjI1NDQ1WhcNOTcwNzE0MjI1NDQ1WjBTMQsw
+CQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJu
+ZXQgV2lkZ2l0cyBQdHkgTHRkMQwwCgYDVQQDEwNQQ0EwggG1MIIBKQYFKw4DAgww
+ggEeAoGBAKc/boW/QWopffCfRxkwkJoJHdpqMx7FPYaWsxXgUy6P4FmCc5A+dTGZ
+R3pS+4Xk2aZ7OJtoioSbh8YetX6GS1NbWc9xZRmIbs5mrmuINvvsKNzC16W75Sw5
+JkvamnAYlTeVEFYj9hXtugRe3jlP/bdDH7WkZW/NgBHkcJVbUM1JAhUA9wcx7fps
+BgPVhYocrJxl51BmZW8CgYBN30wDppGK9RlvUEYlmeVobzDjaeHls12YuyiGSPze
+mQQ/X4gMnHMkDSBduSqaPxiWJ+Rih8F7dGJT/GEnqHqRCZ228U2cVA9YBu5JdAfO
+VX4jzhb2ytxaYQF+yXG1TfbcNCmHaPZeIJOz2/XkCWxBF5WS6wG1c6Vqftgy7Q4C
+uAOBhQACgYEApu25HkB1b4gKMIV7aLGNSIknMzYgrB7o1kQxeDf34dDVRM9OZ8tk
+umz6tl+iUcNe5EoxdsYV1IXSddjOi08LOLsZq7AQlNnKvbtlmMDULpqkZJD0bO7A
+29nisJfKy1URqABLw5DgfcPh1ZLXtmDfUgJvmjgTmvTPT2j9TPjq7RUwCQYFKw4D
+AhsFAAMxADAuAhUAvtv6AkMolix1Jvy3UnVEIUqdCUICFQC+jq8P49mwrY9oJ24n
+5rKUjNBhSg==
+-----END CERTIFICATE-----
+
diff --git a/src/lib/libssl/src/apps/dsa.c b/src/lib/libssl/src/apps/dsa.c
new file mode 100644
index 0000000000..fbd85a467a
--- /dev/null
+++ b/src/lib/libssl/src/apps/dsa.c
@@ -0,0 +1,257 @@
+/* apps/dsa.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <time.h>
+#include "apps.h"
+#include "bio.h"
+#include "err.h"
+#include "dsa.h"
+#include "evp.h"
+#include "x509.h"
+#include "pem.h"
+
+#undef PROG
+#define PROG dsa_main
+
+/* -inform arg - input format - default PEM (one of DER, NET or PEM)
+ * -outform arg - output format - default PEM
+ * -in arg - input file - default stdin
+ * -out arg - output file - default stdout
+ * -des - encrypt output if PEM format with DES in cbc mode
+ * -des3 - encrypt output if PEM format
+ * -idea - encrypt output if PEM format
+ * -text - print a text version
+ * -modulus - print the DSA public key
+ */
+
+int MAIN(argc, argv)
+int argc;
+char **argv;
+ {
+ int ret=1;
+ DSA *dsa=NULL;
+ int i,badops=0;
+ EVP_CIPHER *enc=NULL;
+ BIO *in=NULL,*out=NULL;
+ int informat,outformat,text=0,noout=0;
+ char *infile,*outfile,*prog;
+ int modulus=0;
+
+ apps_startup();
+
+ if (bio_err == NULL)
+ if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+
+ infile=NULL;
+ outfile=NULL;
+ informat=FORMAT_PEM;
+ outformat=FORMAT_PEM;
+
+ prog=argv[0];
+ argc--;
+ argv++;
+ while (argc >= 1)
+ {
+ if (strcmp(*argv,"-inform") == 0)
+ {
+ if (--argc < 1) goto bad;
+ informat=str2fmt(*(++argv));
+ }
+ else if (strcmp(*argv,"-outform") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outformat=str2fmt(*(++argv));
+ }
+ else if (strcmp(*argv,"-in") == 0)
+ {
+ if (--argc < 1) goto bad;
+ infile= *(++argv);
+ }
+ else if (strcmp(*argv,"-out") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-noout") == 0)
+ noout=1;
+ else if (strcmp(*argv,"-text") == 0)
+ text=1;
+ else if (strcmp(*argv,"-modulus") == 0)
+ modulus=1;
+ else if ((enc=EVP_get_cipherbyname(&(argv[0][1]))) == NULL)
+ {
+ BIO_printf(bio_err,"unknown option %s\n",*argv);
+ badops=1;
+ break;
+ }
+ argc--;
+ argv++;
+ }
+
+ if (badops)
+ {
+bad:
+ BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog);
+ BIO_printf(bio_err,"where options are\n");
+ BIO_printf(bio_err," -inform arg input format - one of DER NET PEM\n");
+ BIO_printf(bio_err," -outform arg output format - one of DER NET PEM\n");
+ BIO_printf(bio_err," -in arg inout file\n");
+ BIO_printf(bio_err," -out arg output file\n");
+ BIO_printf(bio_err," -des encrypt PEM output with cbc des\n");
+ BIO_printf(bio_err," -des3 encrypt PEM output with ede cbc des using 168 bit key\n");
+#ifndef NO_IDEA
+ BIO_printf(bio_err," -idea encrypt PEM output with cbc idea\n");
+#endif
+ BIO_printf(bio_err," -text print the key in text\n");
+ BIO_printf(bio_err," -noout don't print key out\n");
+ BIO_printf(bio_err," -modulus print the DSA public value\n");
+ goto end;
+ }
+
+ ERR_load_crypto_strings();
+
+ in=BIO_new(BIO_s_file());
+ out=BIO_new(BIO_s_file());
+ if ((in == NULL) || (out == NULL))
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (infile == NULL)
+ BIO_set_fp(in,stdin,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_read_filename(in,infile) <= 0)
+ {
+ perror(infile);
+ goto end;
+ }
+ }
+
+ BIO_printf(bio_err,"read DSA private key\n");
+ if (informat == FORMAT_ASN1)
+ dsa=d2i_DSAPrivateKey_bio(in,NULL);
+ else if (informat == FORMAT_PEM)
+ dsa=PEM_read_bio_DSAPrivateKey(in,NULL,NULL);
+ else
+ {
+ BIO_printf(bio_err,"bad input format specified for key\n");
+ goto end;
+ }
+ if (dsa == NULL)
+ {
+ BIO_printf(bio_err,"unable to load Private Key\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (outfile == NULL)
+ BIO_set_fp(out,stdout,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_write_filename(out,outfile) <= 0)
+ {
+ perror(outfile);
+ goto end;
+ }
+ }
+
+ if (text)
+ if (!DSA_print(out,dsa,0))
+ {
+ perror(outfile);
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (modulus)
+ {
+ fprintf(stdout,"Public Key=");
+ BN_print(out,dsa->pub_key);
+ fprintf(stdout,"\n");
+ }
+
+ if (noout) goto end;
+ BIO_printf(bio_err,"writing DSA private key\n");
+ if (outformat == FORMAT_ASN1)
+ i=i2d_DSAPrivateKey_bio(out,dsa);
+ else if (outformat == FORMAT_PEM)
+ i=PEM_write_bio_DSAPrivateKey(out,dsa,enc,NULL,0,NULL);
+ else {
+ BIO_printf(bio_err,"bad output format specified for outfile\n");
+ goto end;
+ }
+ if (!i)
+ {
+ BIO_printf(bio_err,"unable to write private key\n");
+ ERR_print_errors(bio_err);
+ }
+ else
+ ret=0;
+end:
+ if (in != NULL) BIO_free(in);
+ if (out != NULL) BIO_free(out);
+ if (dsa != NULL) DSA_free(dsa);
+ EXIT(ret);
+ }
+
diff --git a/src/lib/libssl/src/apps/dsa1024.pem b/src/lib/libssl/src/apps/dsa1024.pem
new file mode 100644
index 0000000000..082dec3897
--- /dev/null
+++ b/src/lib/libssl/src/apps/dsa1024.pem
@@ -0,0 +1,9 @@
+-----BEGIN DSA PARAMETERS-----
+MIIBHgKBgQCnP26Fv0FqKX3wn0cZMJCaCR3aajMexT2GlrMV4FMuj+BZgnOQPnUx
+mUd6UvuF5NmmezibaIqEm4fGHrV+hktTW1nPcWUZiG7OZq5riDb77Cjcwtelu+Us
+OSZL2ppwGJU3lRBWI/YV7boEXt45T/23Qx+1pGVvzYAR5HCVW1DNSQIVAPcHMe36
+bAYD1YWKHKycZedQZmVvAoGATd9MA6aRivUZb1BGJZnlaG8w42nh5bNdmLsohkj8
+3pkEP1+IDJxzJA0gXbkqmj8YlifkYofBe3RiU/xhJ6h6kQmdtvFNnFQPWAbuSXQH
+zlV+I84W9srcWmEBfslxtU323DQph2j2XiCTs9v15AlsQReVkusBtXOlan7YMu0O
+Arg=
+-----END DSA PARAMETERS-----
diff --git a/src/lib/libssl/src/apps/dsa512.pem b/src/lib/libssl/src/apps/dsa512.pem
new file mode 100644
index 0000000000..5f86d1a6e7
--- /dev/null
+++ b/src/lib/libssl/src/apps/dsa512.pem
@@ -0,0 +1,6 @@
+-----BEGIN DSA PARAMETERS-----
+MIGdAkEAnRtpjibb8isRcBmG9hnI+BnyGFOURgbQYlAzSwI8UjADizv5X9EkBk97
+TLqqQJv9luQ3M7stWtdaEUBmonZ9MQIVAPtT71C0QJIxVoZTeuiLIppJ+3GPAkEA
+gz6I5cWJc847bAFJv7PHnwrqRJHlMKrZvltftxDXibeOdPvPKR7rqCxUUbgQ3qDO
+L8wka5B33qJoplISogOdIA==
+-----END DSA PARAMETERS-----
diff --git a/src/lib/libssl/src/apps/dsap.pem b/src/lib/libssl/src/apps/dsap.pem
new file mode 100644
index 0000000000..d4dfdb3054
--- /dev/null
+++ b/src/lib/libssl/src/apps/dsap.pem
@@ -0,0 +1,6 @@
+-----BEGIN DSA PARAMETERS-----
+MIGcAkEA+ZiKEvZmc9MtnaFZh4NiZ3oZS4J1PHvPrm9MXj5ntVheDPkdmBDTncya
+GAJcMjwsyB/GvLDGd6yGCw/8eF+09wIVAK3VagOxGd/Q4Af5NbxR5FB7CXEjAkA2
+t/q7HgVLi0KeKvcDG8BRl3wuy7bCvpjgtWiJc/tpvcuzeuAayH89UofjAGueKjXD
+ADiRffvSdhrNw5dkqdql
+-----END DSA PARAMETERS-----
diff --git a/src/lib/libssl/src/apps/dsaparam.c b/src/lib/libssl/src/apps/dsaparam.c
new file mode 100644
index 0000000000..6e99289bd3
--- /dev/null
+++ b/src/lib/libssl/src/apps/dsaparam.c
@@ -0,0 +1,342 @@
+/* apps/dsaparam.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include "apps.h"
+#include "bio.h"
+#include "err.h"
+#include "bn.h"
+#include "rand.h"
+#include "dsa.h"
+#include "x509.h"
+#include "pem.h"
+
+#undef PROG
+#define PROG dsaparam_main
+
+/* -inform arg - input format - default PEM (one of DER, TXT or PEM)
+ * -outform arg - output format - default PEM
+ * -in arg - input file - default stdin
+ * -out arg - output file - default stdout
+ * -noout
+ * -text
+ * -C
+ * -noout
+ */
+
+#ifndef NOPROTO
+static void MS_CALLBACK dsa_cb(int p, int n, char *arg);
+#else
+static void MS_CALLBACK dsa_cb();
+#endif
+
+int MAIN(argc, argv)
+int argc;
+char **argv;
+ {
+ DSA *dsa=NULL;
+ int i,badops=0,text=0;
+ BIO *in=NULL,*out=NULL;
+ int informat,outformat,noout=0,C=0,ret=1;
+ char *infile,*outfile,*prog,*inrand=NULL;
+ int numbits= -1,num;
+ char buffer[200],*randfile=NULL;
+
+ apps_startup();
+
+ if (bio_err == NULL)
+ if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+
+ infile=NULL;
+ outfile=NULL;
+ informat=FORMAT_PEM;
+ outformat=FORMAT_PEM;
+
+ prog=argv[0];
+ argc--;
+ argv++;
+ while (argc >= 1)
+ {
+ if (strcmp(*argv,"-inform") == 0)
+ {
+ if (--argc < 1) goto bad;
+ informat=str2fmt(*(++argv));
+ }
+ else if (strcmp(*argv,"-outform") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outformat=str2fmt(*(++argv));
+ }
+ else if (strcmp(*argv,"-in") == 0)
+ {
+ if (--argc < 1) goto bad;
+ infile= *(++argv);
+ }
+ else if (strcmp(*argv,"-out") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-text") == 0)
+ text=1;
+ else if (strcmp(*argv,"-C") == 0)
+ C=1;
+ else if (strcmp(*argv,"-rand") == 0)
+ {
+ if (--argc < 1) goto bad;
+ inrand= *(++argv);
+ }
+ else if (strcmp(*argv,"-noout") == 0)
+ noout=1;
+ else if (sscanf(*argv,"%d",&num) == 1)
+ {
+ /* generate a key */
+ numbits=num;
+ }
+ else
+ {
+ BIO_printf(bio_err,"unknown option %s\n",*argv);
+ badops=1;
+ break;
+ }
+ argc--;
+ argv++;
+ }
+
+ if (badops)
+ {
+bad:
+ BIO_printf(bio_err,"%s [options] [bits] <infile >outfile\n",prog);
+ BIO_printf(bio_err,"where options are\n");
+ BIO_printf(bio_err," -inform arg input format - one of DER TXT PEM\n");
+ BIO_printf(bio_err," -outform arg output format - one of DER TXT PEM\n");
+ BIO_printf(bio_err," -in arg inout file\n");
+ BIO_printf(bio_err," -out arg output file\n");
+ BIO_printf(bio_err," -text check the DSA parameters\n");
+ BIO_printf(bio_err," -C Output C code\n");
+ BIO_printf(bio_err," -noout no output\n");
+ BIO_printf(bio_err," -rand files to use for random number input\n");
+ BIO_printf(bio_err," number number of bits to use for generating private key\n");
+ goto end;
+ }
+
+ ERR_load_crypto_strings();
+
+ in=BIO_new(BIO_s_file());
+ out=BIO_new(BIO_s_file());
+ if ((in == NULL) || (out == NULL))
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (infile == NULL)
+ BIO_set_fp(in,stdin,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_read_filename(in,infile) <= 0)
+ {
+ perror(infile);
+ goto end;
+ }
+ }
+ if (outfile == NULL)
+ BIO_set_fp(out,stdout,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_write_filename(out,outfile) <= 0)
+ {
+ perror(outfile);
+ goto end;
+ }
+ }
+
+ if (numbits > 0)
+ {
+ randfile=RAND_file_name(buffer,200);
+ RAND_load_file(randfile,1024L*1024L);
+
+ BIO_printf(bio_err,"Generating DSA parameters, %d bit long prime\n",num);
+ BIO_printf(bio_err,"This could take some time\n");
+ dsa=DSA_generate_parameters(num,NULL,0,NULL,NULL,
+ dsa_cb,(char *)bio_err);
+ }
+ else if (informat == FORMAT_ASN1)
+ dsa=d2i_DSAparams_bio(in,NULL);
+ else if (informat == FORMAT_PEM)
+ dsa=PEM_read_bio_DSAparams(in,NULL,NULL);
+ else
+ {
+ BIO_printf(bio_err,"bad input format specified\n");
+ goto end;
+ }
+ if (dsa == NULL)
+ {
+ BIO_printf(bio_err,"unable to load DSA parameters\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (text)
+ {
+ DSAparams_print(out,dsa);
+ }
+
+ if (C)
+ {
+ unsigned char *data;
+ int l,len,bits_p,bits_q,bits_g;
+
+ len=BN_num_bytes(dsa->p);
+ bits_p=BN_num_bits(dsa->p);
+ bits_q=BN_num_bits(dsa->q);
+ bits_g=BN_num_bits(dsa->g);
+ data=(unsigned char *)Malloc(len+20);
+ if (data == NULL)
+ {
+ perror("Malloc");
+ goto end;
+ }
+ l=BN_bn2bin(dsa->p,data);
+ printf("static unsigned char dsa%d_p[]={",bits_p);
+ for (i=0; i<l; i++)
+ {
+ if ((i%12) == 0) printf("\n\t");
+ printf("0x%02X,",data[i]);
+ }
+ printf("\n\t};\n");
+
+ l=BN_bn2bin(dsa->q,data);
+ printf("static unsigned char dsa%d_q[]={",bits_p);
+ for (i=0; i<l; i++)
+ {
+ if ((i%12) == 0) printf("\n\t");
+ printf("0x%02X,",data[i]);
+ }
+ printf("\n\t};\n");
+
+ l=BN_bn2bin(dsa->g,data);
+ printf("static unsigned char dsa%d_g[]={",bits_p);
+ for (i=0; i<l; i++)
+ {
+ if ((i%12) == 0) printf("\n\t");
+ printf("0x%02X,",data[i]);
+ }
+ printf("\n\t};\n\n");
+
+ printf("DSA *get_dsa%d()\n\t{\n",bits_p);
+ printf("\tDSA *dsa;\n\n");
+ printf("\tif ((dsa=DSA_new()) == NULL) return(NULL);\n");
+ printf("\tdsa->p=BN_bin2bn(dsa%d_p,sizeof(dsa%d_p),NULL);\n",
+ bits_p,bits_p);
+ printf("\tdsa->q=BN_bin2bn(dsa%d_q,sizeof(dsa%d_q),NULL);\n",
+ bits_p,bits_p);
+ printf("\tdsa->g=BN_bin2bn(dsa%d_g,sizeof(dsa%d_g),NULL);\n",
+ bits_p,bits_p);
+ printf("\tif ((dsa->p == NULL) || (dsa->q == NULL) || (dsa->g == NULL))\n");
+ printf("\t\treturn(NULL);\n");
+ printf("\treturn(dsa);\n\t}\n");
+ }
+
+
+ if (!noout)
+ {
+ if (outformat == FORMAT_ASN1)
+ i=i2d_DSAparams_bio(out,dsa);
+ else if (outformat == FORMAT_PEM)
+ i=PEM_write_bio_DSAparams(out,dsa);
+ else {
+ BIO_printf(bio_err,"bad output format specified for outfile\n");
+ goto end;
+ }
+ if (!i)
+ {
+ BIO_printf(bio_err,"unable to write DSA paramaters\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ }
+ ret=0;
+end:
+ if (in != NULL) BIO_free(in);
+ if (out != NULL) BIO_free(out);
+ if (dsa != NULL) DSA_free(dsa);
+ EXIT(ret);
+ }
+
+static void MS_CALLBACK dsa_cb(p, n, arg)
+int p;
+int n;
+char *arg;
+ {
+ char c='*';
+
+ if (p == 0) c='.';
+ if (p == 1) c='+';
+ if (p == 2) c='*';
+ if (p == 3) c='\n';
+ BIO_write((BIO *)arg,&c,1);
+ BIO_flush((BIO *)arg);
+#ifdef LINT
+ p=n;
+#endif
+ }
diff --git a/src/lib/libssl/src/apps/enc.c b/src/lib/libssl/src/apps/enc.c
new file mode 100644
index 0000000000..c00d520b44
--- /dev/null
+++ b/src/lib/libssl/src/apps/enc.c
@@ -0,0 +1,561 @@
+/* apps/enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "apps.h"
+#include "bio.h"
+#include "err.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+#ifdef NO_MD5
+#include "md5.h"
+#endif
+#include "pem.h"
+
+#ifndef NOPROTO
+int set_hex(char *in,unsigned char *out,int size);
+#else
+int set_hex();
+#endif
+
+#undef SIZE
+#undef BSIZE
+#undef PROG
+
+#define SIZE (512)
+#define BSIZE (8*1024)
+#define PROG enc_main
+
+int MAIN(argc,argv)
+int argc;
+char **argv;
+ {
+ char *strbuf=NULL;
+ unsigned char *buff=NULL,*bufsize=NULL;
+ int bsize=BSIZE,verbose=0;
+ int ret=1,inl;
+ unsigned char key[24],iv[MD5_DIGEST_LENGTH];
+ char *str=NULL;
+ char *hkey=NULL,*hiv=NULL;
+ int enc=1,printkey=0,i,base64=0;
+ int debug=0,olb64=0;
+ EVP_CIPHER *cipher=NULL,*c;
+ char *inf=NULL,*outf=NULL;
+ BIO *in=NULL,*out=NULL,*b64=NULL,*benc=NULL,*rbio=NULL,*wbio=NULL;
+#define PROG_NAME_SIZE 16
+ char pname[PROG_NAME_SIZE];
+
+ apps_startup();
+
+ if (bio_err == NULL)
+ if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+
+ /* first check the program name */
+ program_name(argv[0],pname,PROG_NAME_SIZE);
+ if (strcmp(pname,"base64") == 0)
+ base64=1;
+
+ cipher=EVP_get_cipherbyname(pname);
+ if (!base64 && (cipher == NULL) && (strcmp(pname,"enc") != 0))
+ {
+ BIO_printf(bio_err,"%s is an unknown cipher\n",pname);
+ goto bad;
+ }
+
+ argc--;
+ argv++;
+ while (argc >= 1)
+ {
+ if (strcmp(*argv,"-e") == 0)
+ enc=1;
+ else if (strcmp(*argv,"-in") == 0)
+ {
+ if (--argc < 1) goto bad;
+ inf= *(++argv);
+ }
+ else if (strcmp(*argv,"-out") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outf= *(++argv);
+ }
+ else if (strcmp(*argv,"-d") == 0)
+ enc=0;
+ else if (strcmp(*argv,"-p") == 0)
+ printkey=1;
+ else if (strcmp(*argv,"-v") == 0)
+ verbose=1;
+ else if ((strcmp(*argv,"-debug") == 0) ||
+ (strcmp(*argv,"-d") == 0))
+ debug=1;
+ else if (strcmp(*argv,"-P") == 0)
+ printkey=2;
+ else if (strcmp(*argv,"-A") == 0)
+ olb64=1;
+ else if (strcmp(*argv,"-a") == 0)
+ base64=1;
+ else if (strcmp(*argv,"-base64") == 0)
+ base64=1;
+ else if (strcmp(*argv,"-bufsize") == 0)
+ {
+ if (--argc < 1) goto bad;
+ bufsize=(unsigned char *)*(++argv);
+ }
+ else if (strcmp(*argv,"-k") == 0)
+ {
+ if (--argc < 1) goto bad;
+ str= *(++argv);
+ }
+ else if (strcmp(*argv,"-kfile") == 0)
+ {
+ static char buf[128];
+ FILE *infile;
+ char *file;
+
+ if (--argc < 1) goto bad;
+ file= *(++argv);
+ infile=fopen(file,"r");
+ if (infile == NULL)
+ {
+ BIO_printf(bio_err,"unable to read key from '%s'\n",
+ file);
+ goto bad;
+ }
+ buf[0]='\0';
+ fgets(buf,128,infile);
+ fclose(infile);
+ i=strlen(buf);
+ if ((i > 0) &&
+ ((buf[i-1] == '\n') || (buf[i-1] == '\r')))
+ buf[--i]='\0';
+ if ((i > 0) &&
+ ((buf[i-1] == '\n') || (buf[i-1] == '\r')))
+ buf[--i]='\0';
+ if (i < 1)
+ {
+ BIO_printf(bio_err,"zero length password\n");
+ goto bad;
+ }
+ str=buf;
+ }
+ else if (strcmp(*argv,"-K") == 0)
+ {
+ if (--argc < 1) goto bad;
+ hkey= *(++argv);
+ }
+ else if (strcmp(*argv,"-iv") == 0)
+ {
+ if (--argc < 1) goto bad;
+ hiv= *(++argv);
+ }
+ else if ((argv[0][0] == '-') &&
+ ((c=EVP_get_cipherbyname(&(argv[0][1]))) != NULL))
+ {
+ cipher=c;
+ }
+ else if (strcmp(*argv,"-none") == 0)
+ cipher=NULL;
+ else
+ {
+ BIO_printf(bio_err,"unknown option '%s'\n",*argv);
+bad:
+ BIO_printf(bio_err,"options are\n");
+ BIO_printf(bio_err,"%-14s input file\n","-in <file>");
+ BIO_printf(bio_err,"%-14s output fileencrypt\n","-out <file>");
+ BIO_printf(bio_err,"%-14s encrypt\n","-e");
+ BIO_printf(bio_err,"%-14s decrypt\n","-d");
+ BIO_printf(bio_err,"%-14s base64 encode/decode, depending on encryption flag\n","-a/-base64");
+ BIO_printf(bio_err,"%-14s key is the next argument\n","-k");
+ BIO_printf(bio_err,"%-14s key is the first line of the file argument\n","-kfile");
+ BIO_printf(bio_err,"%-14s key/iv in hex is the next argument\n","-K/-iv");
+ BIO_printf(bio_err,"%-14s print the iv/key (then exit if -P)\n","-[pP]");
+ BIO_printf(bio_err,"%-14s buffer size\n","-bufsize <n>");
+
+ BIO_printf(bio_err,"Cipher Types\n");
+ BIO_printf(bio_err,"des : 56 bit key DES encryption\n");
+ BIO_printf(bio_err,"des_ede :112 bit key ede DES encryption\n");
+ BIO_printf(bio_err,"des_ede3:168 bit key ede DES encryption\n");
+#ifndef NO_IDEA
+ BIO_printf(bio_err,"idea :128 bit key IDEA encryption\n");
+#endif
+#ifndef NO_RC4
+ BIO_printf(bio_err,"rc2 :128 bit key RC2 encryption\n");
+#endif
+#ifndef NO_BLOWFISH
+ BIO_printf(bio_err,"bf :128 bit key BlowFish encryption\n");
+#endif
+#ifndef NO_RC4
+ BIO_printf(bio_err," -%-5s :128 bit key RC4 encryption\n",
+ LN_rc4);
+#endif
+
+ BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s",
+ LN_des_ecb,LN_des_cbc,
+ LN_des_cfb64,LN_des_ofb64);
+ BIO_printf(bio_err," -%-4s (%s)\n",
+ "des", LN_des_cbc);
+
+ BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s",
+ LN_des_ede,LN_des_ede_cbc,
+ LN_des_ede_cfb64,LN_des_ede_ofb64);
+ BIO_printf(bio_err," -desx -none\n");
+
+
+ BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s",
+ LN_des_ede3,LN_des_ede3_cbc,
+ LN_des_ede3_cfb64,LN_des_ede3_ofb64);
+ BIO_printf(bio_err," -%-4s (%s)\n",
+ "des3", LN_des_ede3_cbc);
+
+#ifndef NO_IDEA
+ BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s",
+ LN_idea_ecb, LN_idea_cbc,
+ LN_idea_cfb64, LN_idea_ofb64);
+ BIO_printf(bio_err," -%-4s (%s)\n","idea",LN_idea_cbc);
+#endif
+#ifndef NO_RC2
+ BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s",
+ LN_rc2_ecb, LN_rc2_cbc,
+ LN_rc2_cfb64, LN_rc2_ofb64);
+ BIO_printf(bio_err," -%-4s (%s)\n","rc2", LN_rc2_cbc);
+#endif
+#ifndef NO_BLOWFISH
+ BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s",
+ LN_bf_ecb, LN_bf_cbc,
+ LN_bf_cfb64, LN_bf_ofb64);
+ BIO_printf(bio_err," -%-4s (%s)\n","bf", LN_bf_cbc);
+#endif
+#ifndef NO_BLOWFISH
+ BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s",
+ LN_cast5_ecb, LN_cast5_cbc,
+ LN_cast5_cfb64, LN_cast5_ofb64);
+ BIO_printf(bio_err," -%-4s (%s)\n","cast", LN_cast5_cbc);
+#endif
+#ifndef NO_BLOWFISH
+ BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s",
+ LN_rc5_ecb, LN_rc5_cbc,
+ LN_rc5_cfb64, LN_rc5_ofb64);
+ BIO_printf(bio_err," -%-4s (%s)\n","rc5", LN_rc5_cbc);
+#endif
+ goto end;
+ }
+ argc--;
+ argv++;
+ }
+
+ if (bufsize != NULL)
+ {
+ unsigned long n;
+
+ for (n=0; *bufsize; bufsize++)
+ {
+ i= *bufsize;
+ if ((i <= '9') && (i >= '0'))
+ n=n*10+i-'0';
+ else if (i == 'k')
+ {
+ n*=1024;
+ bufsize++;
+ break;
+ }
+ }
+ if (*bufsize != '\0')
+ {
+ BIO_printf(bio_err,"invalid 'bufsize' specified.\n");
+ goto end;
+ }
+
+ /* It must be large enough for a base64 encoded line */
+ if (n < 80) n=80;
+
+ bsize=(int)n;
+ if (verbose) BIO_printf(bio_err,"bufsize=%d\n",bsize);
+ }
+
+ strbuf=Malloc(SIZE);
+ buff=(unsigned char *)Malloc(EVP_ENCODE_LENGTH(bsize));
+ if ((buff == NULL) || (strbuf == NULL))
+ {
+ BIO_printf(bio_err,"Malloc failure %ld\n",(long)EVP_ENCODE_LENGTH(bsize));
+ goto end;
+ }
+
+ in=BIO_new(BIO_s_file());
+ out=BIO_new(BIO_s_file());
+ if ((in == NULL) || (out == NULL))
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ if (debug)
+ {
+ BIO_set_callback(in,BIO_debug_callback);
+ BIO_set_callback(out,BIO_debug_callback);
+ BIO_set_callback_arg(in,bio_err);
+ BIO_set_callback_arg(out,bio_err);
+ }
+
+ if (inf == NULL)
+ BIO_set_fp(in,stdin,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_read_filename(in,inf) <= 0)
+ {
+ perror(inf);
+ goto end;
+ }
+ }
+
+ if ((str == NULL) && (cipher != NULL) && (hkey == NULL))
+ {
+ for (;;)
+ {
+ char buf[200];
+
+ sprintf(buf,"enter %s %s password:",
+ OBJ_nid2ln(EVP_CIPHER_nid(cipher)),
+ (enc)?"encryption":"decryption");
+ strbuf[0]='\0';
+ i=EVP_read_pw_string((char *)strbuf,SIZE,buf,enc);
+ if (i == 0)
+ {
+ if (strbuf[0] == '\0')
+ {
+ ret=1;
+ goto end;
+ }
+ str=strbuf;
+ break;
+ }
+ if (i < 0)
+ {
+ BIO_printf(bio_err,"bad password read\n");
+ goto end;
+ }
+ }
+ }
+
+ if (cipher != NULL)
+ {
+ if (str != NULL)
+ {
+ EVP_BytesToKey(cipher,EVP_md5(),NULL,
+ (unsigned char *)str,
+ strlen(str),1,key,iv);
+ /* zero the complete buffer or the string
+ * passed from the command line
+ * bug picked up by
+ * Larry J. Hughes Jr. <hughes@indiana.edu> */
+ if (str == strbuf)
+ memset(str,0,SIZE);
+ else
+ memset(str,0,strlen(str));
+ }
+ if ((hiv != NULL) && !set_hex(hiv,iv,8))
+ {
+ BIO_printf(bio_err,"invalid hex iv value\n");
+ goto end;
+ }
+ if ((hkey != NULL) && !set_hex(hkey,key,24))
+ {
+ BIO_printf(bio_err,"invalid hex key value\n");
+ goto end;
+ }
+
+ if ((benc=BIO_new(BIO_f_cipher())) == NULL)
+ goto end;
+ BIO_set_cipher(benc,cipher,key,iv,enc);
+ if (debug)
+ {
+ BIO_set_callback(benc,BIO_debug_callback);
+ BIO_set_callback_arg(benc,bio_err);
+ }
+
+ if (printkey)
+ {
+ if (cipher->key_len > 0)
+ {
+ printf("key=");
+ for (i=0; i<cipher->key_len; i++)
+ printf("%02X",key[i]);
+ printf("\n");
+ }
+ if (cipher->iv_len > 0)
+ {
+ printf("iv =");
+ for (i=0; i<cipher->iv_len; i++)
+ printf("%02X",iv[i]);
+ printf("\n");
+ }
+ if (printkey == 2)
+ {
+ ret=0;
+ goto end;
+ }
+ }
+ }
+
+
+ if (outf == NULL)
+ BIO_set_fp(out,stdout,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_write_filename(out,outf) <= 0)
+ {
+ perror(outf);
+ goto end;
+ }
+ }
+
+ rbio=in;
+ wbio=out;
+
+ if (base64)
+ {
+ if ((b64=BIO_new(BIO_f_base64())) == NULL)
+ goto end;
+ if (debug)
+ {
+ BIO_set_callback(b64,BIO_debug_callback);
+ BIO_set_callback_arg(b64,bio_err);
+ }
+ if (olb64)
+ BIO_set_flags(b64,BIO_FLAGS_BASE64_NO_NL);
+ if (enc)
+ wbio=BIO_push(b64,wbio);
+ else
+ rbio=BIO_push(b64,rbio);
+ }
+
+ /* Only encrypt/decrypt as we write the file */
+ if (benc != NULL)
+ wbio=BIO_push(benc,wbio);
+
+ for (;;)
+ {
+ inl=BIO_read(rbio,(char *)buff,bsize);
+ if (inl <= 0) break;
+ if (BIO_write(wbio,(char *)buff,inl) != inl)
+ {
+ BIO_printf(bio_err,"error writing output file\n");
+ goto end;
+ }
+ }
+ if (!BIO_flush(wbio))
+ {
+ BIO_printf(bio_err,"bad decrypt\n");
+ goto end;
+ }
+
+ ret=0;
+ if (verbose)
+ {
+ BIO_printf(bio_err,"bytes read :%8ld\n",BIO_number_read(in));
+ BIO_printf(bio_err,"bytes written:%8ld\n",BIO_number_written(out));
+ }
+end:
+ if (strbuf != NULL) Free(strbuf);
+ if (buff != NULL) Free(buff);
+ if (in != NULL) BIO_free(in);
+ if (out != NULL) BIO_free(out);
+ if (benc != NULL) BIO_free(benc);
+ if (b64 != NULL) BIO_free(b64);
+ EXIT(ret);
+ }
+
+int set_hex(in,out,size)
+char *in;
+unsigned char *out;
+int size;
+ {
+ int i,n;
+ unsigned char j;
+
+ n=strlen(in);
+ if (n > (size*2))
+ {
+ BIO_printf(bio_err,"hex string is too long\n");
+ return(0);
+ }
+ memset(out,0,size);
+ for (i=0; i<n; i++)
+ {
+ j=(unsigned char)*in;
+ *(in++)='\0';
+ if (j == 0) break;
+ if ((j >= '0') && (j <= '9'))
+ j-='0';
+ else if ((j >= 'A') && (j <= 'F'))
+ j=j-'A'+10;
+ else if ((j >= 'a') && (j <= 'f'))
+ j=j-'a'+10;
+ else
+ {
+ BIO_printf(bio_err,"non-hex digit\n");
+ return(0);
+ }
+ if (i&1)
+ out[i/2]|=j;
+ else
+ out[i/2]=(j<<4);
+ }
+ return(1);
+ }
diff --git a/src/lib/libssl/src/apps/errstr.c b/src/lib/libssl/src/apps/errstr.c
new file mode 100644
index 0000000000..d2b2b3fcea
--- /dev/null
+++ b/src/lib/libssl/src/apps/errstr.c
@@ -0,0 +1,116 @@
+/* apps/errstr.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "apps.h"
+#include "bio.h"
+#include "lhash.h"
+#include "err.h"
+#include "ssl.h"
+
+#undef PROG
+#define PROG errstr_main
+
+int MAIN(argc, argv)
+int argc;
+char **argv;
+ {
+ int i,ret=0;
+ char buf[256];
+ unsigned long l;
+
+ apps_startup();
+
+ if (bio_err == NULL)
+ if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+
+ SSL_load_error_strings();
+
+ if ((argc > 1) && (strcmp(argv[1],"-stats") == 0))
+ {
+ BIO *out=NULL;
+
+ out=BIO_new(BIO_s_file());
+ if ((out != NULL) && BIO_set_fp(out,stdout,BIO_NOCLOSE))
+ {
+ lh_node_stats_bio((LHASH *)ERR_get_string_table(),out);
+ lh_stats_bio((LHASH *)ERR_get_string_table(),out);
+ lh_node_usage_stats_bio((LHASH *)
+ ERR_get_string_table(),out);
+ }
+ if (out != NULL) BIO_free(out);
+ argc--;
+ argv++;
+ }
+
+ for (i=1; i<argc; i++)
+ {
+ if (sscanf(argv[i],"%lx",&l))
+ printf("%s\n",ERR_error_string(l,buf));
+ else
+ {
+ printf("%s: bad error code\n",argv[i]);
+ printf("usage: errstr [-stats] <errno> ...\n");
+ ret++;
+ }
+ }
+ EXIT(ret);
+ }
diff --git a/src/lib/libssl/src/apps/gendh.c b/src/lib/libssl/src/apps/gendh.c
new file mode 100644
index 0000000000..2790f179fd
--- /dev/null
+++ b/src/lib/libssl/src/apps/gendh.c
@@ -0,0 +1,235 @@
+/* apps/gendh.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include "apps.h"
+#include "bio.h"
+#include "rand.h"
+#include "err.h"
+#include "bn.h"
+#include "dh.h"
+#include "x509.h"
+#include "pem.h"
+
+#define DEFBITS 512
+#undef PROG
+#define PROG gendh_main
+
+#ifndef NOPROTO
+static void MS_CALLBACK dh_cb(int p, int n, char *arg);
+static long dh_load_rand(char *names);
+#else
+static void MS_CALLBACK dh_cb();
+static long dh_load_rand();
+#endif
+
+int MAIN(argc, argv)
+int argc;
+char **argv;
+ {
+ char buffer[200];
+ DH *dh=NULL;
+ int ret=1,num=DEFBITS;
+ int g=2;
+ char *outfile=NULL;
+ char *inrand=NULL,*randfile;
+ BIO *out=NULL;
+
+ apps_startup();
+
+ if (bio_err == NULL)
+ if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+
+ argv++;
+ argc--;
+ for (;;)
+ {
+ if (argc <= 0) break;
+ if (strcmp(*argv,"-out") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-2") == 0)
+ g=2;
+ /* else if (strcmp(*argv,"-3") == 0)
+ g=3; */
+ else if (strcmp(*argv,"-5") == 0)
+ g=5;
+ else if (strcmp(*argv,"-rand") == 0)
+ {
+ if (--argc < 1) goto bad;
+ inrand= *(++argv);
+ }
+ else
+ break;
+ argv++;
+ argc--;
+ }
+ if ((argc >= 1) && ((sscanf(*argv,"%d",&num) == 0) || (num < 0)))
+ {
+bad:
+ BIO_printf(bio_err,"usage: gendh [args] [numbits]\n");
+ BIO_printf(bio_err," -out file - output the key to 'file\n");
+ BIO_printf(bio_err," -2 use 2 as the generator value\n");
+ /* BIO_printf(bio_err," -3 use 3 as the generator value\n"); */
+ BIO_printf(bio_err," -5 use 5 as the generator value\n");
+ BIO_printf(bio_err," -rand file:file:...\n");
+ BIO_printf(bio_err," - load the file (or the files in the directory) into\n");
+ BIO_printf(bio_err," the random number generator\n");
+ goto end;
+ }
+
+ out=BIO_new(BIO_s_file());
+ if (out == NULL)
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (outfile == NULL)
+ BIO_set_fp(out,stdout,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_write_filename(out,outfile) <= 0)
+ {
+ perror(outfile);
+ goto end;
+ }
+ }
+
+ randfile=RAND_file_name(buffer,200);
+ if ((randfile == NULL)|| !RAND_load_file(randfile,1024L*1024L))
+ BIO_printf(bio_err,"unable to load 'random state'\n");
+
+ if (inrand == NULL)
+ BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
+ else
+ {
+ BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
+ dh_load_rand(inrand));
+ }
+
+ BIO_printf(bio_err,"Generating DH parameters, %d bit long strong prime, generator of %d\n",num,g);
+ BIO_printf(bio_err,"This is going to take a long time\n");
+ dh=DH_generate_parameters(num,g,dh_cb,(char *)bio_err);
+
+ if (dh == NULL) goto end;
+
+ if (randfile == NULL)
+ BIO_printf(bio_err,"unable to write 'random state'\n");
+ else
+ RAND_write_file(randfile);
+
+ if (!PEM_write_bio_DHparams(out,dh))
+ goto end;
+ ret=0;
+end:
+ if (ret != 0)
+ ERR_print_errors(bio_err);
+ if (out != NULL) BIO_free(out);
+ if (dh != NULL) DH_free(dh);
+ EXIT(ret);
+ }
+
+static void MS_CALLBACK dh_cb(p,n,arg)
+int p;
+int n;
+char *arg;
+ {
+ char c='*';
+
+ if (p == 0) c='.';
+ if (p == 1) c='+';
+ if (p == 2) c='*';
+ if (p == 3) c='\n';
+ BIO_write((BIO *)arg,&c,1);
+ BIO_flush((BIO *)arg);
+#ifdef LINT
+ p=n;
+#endif
+ }
+
+static long dh_load_rand(name)
+char *name;
+ {
+ char *p,*n;
+ int last;
+ long tot=0;
+
+ for (;;)
+ {
+ last=0;
+ for (p=name; ((*p != '\0') && (*p != LIST_SEPARATOR_CHAR)); p++);
+ if (*p == '\0') last=1;
+ *p='\0';
+ n=name;
+ name=p+1;
+ if (*n == '\0') break;
+
+ tot+=RAND_load_file(n,1);
+ if (last) break;
+ }
+ return(tot);
+ }
+
+
diff --git a/src/lib/libssl/src/apps/gendsa.c b/src/lib/libssl/src/apps/gendsa.c
new file mode 100644
index 0000000000..e0e5afa400
--- /dev/null
+++ b/src/lib/libssl/src/apps/gendsa.c
@@ -0,0 +1,220 @@
+/* apps/gendsa.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include "apps.h"
+#include "bio.h"
+#include "rand.h"
+#include "err.h"
+#include "bn.h"
+#include "dsa.h"
+#include "x509.h"
+#include "pem.h"
+
+#define DEFBITS 512
+#undef PROG
+#define PROG gendsa_main
+
+#ifndef NOPROTO
+static long dsa_load_rand(char *names);
+#else
+static long dsa_load_rand();
+#endif
+
+int MAIN(argc, argv)
+int argc;
+char **argv;
+ {
+ char buffer[200];
+ DSA *dsa=NULL;
+ int ret=1,num=DEFBITS;
+ char *outfile=NULL;
+ char *inrand=NULL,*randfile,*dsaparams=NULL;
+ BIO *out=NULL,*in=NULL;
+
+ apps_startup();
+
+ if (bio_err == NULL)
+ if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+
+ argv++;
+ argc--;
+ for (;;)
+ {
+ if (argc <= 0) break;
+ if (strcmp(*argv,"-out") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-rand") == 0)
+ {
+ if (--argc < 1) goto bad;
+ inrand= *(++argv);
+ }
+ else if (strcmp(*argv,"-") == 0)
+ goto bad;
+ else if (dsaparams == NULL)
+ {
+ dsaparams= *argv;
+ }
+ else
+ goto bad;
+ argv++;
+ argc--;
+ }
+
+ if (dsaparams == NULL)
+ {
+bad:
+ BIO_printf(bio_err,"usage: gendsa [args] [numbits]\n");
+ BIO_printf(bio_err," -out file - output the key to 'file\n");
+ BIO_printf(bio_err," -rand file:file:...\n");
+ BIO_printf(bio_err," - load the file (or the files in the directory) into\n");
+ BIO_printf(bio_err," the random number generator\n");
+ goto end;
+ }
+
+ in=BIO_new(BIO_s_file());
+ if (!(BIO_read_filename(in,"dsaparams")))
+ {
+ perror(dsaparams);
+ goto end;
+ }
+
+ if ((dsa=PEM_read_bio_DSAparams(in,NULL,NULL)) == NULL)
+ {
+ BIO_printf(bio_err,"unable to load DSA parameter file\n");
+ goto end;
+ }
+ BIO_free(in);
+
+ out=BIO_new(BIO_s_file());
+ if (out == NULL) goto end;
+
+ if (outfile == NULL)
+ BIO_set_fp(out,stdout,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_write_filename(out,outfile) <= 0)
+ {
+ perror(outfile);
+ goto end;
+ }
+ }
+
+ randfile=RAND_file_name(buffer,200);
+ if ((randfile == NULL)|| !RAND_load_file(randfile,1024L*1024L))
+ BIO_printf(bio_err,"unable to load 'random state'\n");
+
+ if (inrand == NULL)
+ BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
+ else
+ {
+ BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
+ dsa_load_rand(inrand));
+ }
+
+ BIO_printf(bio_err,"Generating DSA parameters, %d bit long prime\n",num);
+ BIO_printf(bio_err,"This could take some time\n");
+ if (!DSA_generate_key(dsa)) goto end;
+
+ if (randfile == NULL)
+ BIO_printf(bio_err,"unable to write 'random state'\n");
+ else
+ RAND_write_file(randfile);
+
+ if (!PEM_write_bio_DSAPrivateKey(out,dsa,EVP_des_ede3_cbc(),NULL,0,NULL))
+ goto end;
+ ret=0;
+end:
+ if (ret != 0)
+ ERR_print_errors(bio_err);
+ if (out != NULL) BIO_free(out);
+ if (dsa != NULL) DSA_free(dsa);
+ EXIT(ret);
+ }
+
+static long dsa_load_rand(name)
+char *name;
+ {
+ char *p,*n;
+ int last;
+ long tot=0;
+
+ for (;;)
+ {
+ last=0;
+ for (p=name; ((*p != '\0') && (*p != LIST_SEPARATOR_CHAR)); p++);
+ if (*p == '\0') last=1;
+ *p='\0';
+ n=name;
+ name=p+1;
+ if (*n == '\0') break;
+
+ tot+=RAND_load_file(n,1);
+ if (last) break;
+ }
+ return(tot);
+ }
+
+
diff --git a/src/lib/libssl/src/apps/genrsa.c b/src/lib/libssl/src/apps/genrsa.c
new file mode 100644
index 0000000000..cdba6189ad
--- /dev/null
+++ b/src/lib/libssl/src/apps/genrsa.c
@@ -0,0 +1,278 @@
+/* apps/genrsa.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include "apps.h"
+#include "bio.h"
+#include "rand.h"
+#include "err.h"
+#include "bn.h"
+#include "rsa.h"
+#include "evp.h"
+#include "x509.h"
+#include "pem.h"
+
+#define DEFBITS 512
+#undef PROG
+#define PROG genrsa_main
+
+#ifndef NOPROTO
+static void MS_CALLBACK genrsa_cb(int p, int n, char *arg);
+static long gr_load_rand(char *names);
+#else
+static void MS_CALLBACK genrsa_cb();
+static long gr_load_rand();
+#endif
+
+int MAIN(argc, argv)
+int argc;
+char **argv;
+ {
+ int ret=1;
+ char buffer[200];
+ RSA *rsa=NULL;
+ int i,num=DEFBITS;
+ long rnum=0,l;
+ EVP_CIPHER *enc=NULL;
+ unsigned long f4=RSA_F4;
+ char *outfile=NULL;
+ char *inrand=NULL,*randfile;
+ BIO *out=NULL;
+
+ apps_startup();
+
+ if (bio_err == NULL)
+ if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+ if ((out=BIO_new(BIO_s_file())) == NULL)
+ {
+ BIO_printf(bio_err,"unable to creat BIO for output\n");
+ goto err;
+ }
+
+ argv++;
+ argc--;
+ for (;;)
+ {
+ if (argc <= 0) break;
+ if (strcmp(*argv,"-out") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-3") == 0)
+ f4=3;
+ else if (strcmp(*argv,"-F4") == 0)
+ f4=RSA_F4;
+ else if (strcmp(*argv,"-rand") == 0)
+ {
+ if (--argc < 1) goto bad;
+ inrand= *(++argv);
+ }
+#ifndef NO_DES
+ else if (strcmp(*argv,"-des") == 0)
+ enc=EVP_des_cbc();
+ else if (strcmp(*argv,"-des3") == 0)
+ enc=EVP_des_ede3_cbc();
+#endif
+#ifndef NO_IDEA
+ else if (strcmp(*argv,"-idea") == 0)
+ enc=EVP_idea_cbc();
+#endif
+ else
+ break;
+ argv++;
+ argc--;
+ }
+ if ((argc >= 1) && ((sscanf(*argv,"%d",&num) == 0) || (num < 0)))
+ {
+bad:
+ BIO_printf(bio_err,"usage: genrsa [args] [numbits]\n");
+ BIO_printf(bio_err," -des - encrypt the generated key with DES in cbc mode\n");
+ BIO_printf(bio_err," -des3 - encrypt the generated key with DES in ede cbc mode (168 bit key)\n");
+#ifndef NO_IDEA
+ BIO_printf(bio_err," -idea - encrypt the generated key with IDEA in cbc mode\n");
+#endif
+ BIO_printf(bio_err," -out file - output the key to 'file\n");
+ BIO_printf(bio_err," -f4 - use F4 (0x10001) for the E value\n");
+ BIO_printf(bio_err," -3 - use 3 for the E value\n");
+ BIO_printf(bio_err," -rand file:file:...\n");
+ BIO_printf(bio_err," - load the file (or the files in the directory) into\n");
+ BIO_printf(bio_err," the random number generator\n");
+ goto err;
+ }
+
+ ERR_load_crypto_strings();
+ if (outfile == NULL)
+ BIO_set_fp(out,stdout,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_write_filename(out,outfile) <= 0)
+ {
+ perror(outfile);
+ goto err;
+ }
+ }
+
+#ifdef WINDOWS
+ BIO_printf(bio_err,"Loading 'screen' into random state -");
+ BIO_flush(bio_err);
+ RAND_screen();
+ BIO_printf(bio_err," done\n");
+#endif
+ randfile=RAND_file_name(buffer,200);
+ if ((randfile == NULL) ||
+ !(rnum=(long)RAND_load_file(randfile,1024L*1024L)))
+ {
+ BIO_printf(bio_err,"unable to load 'random state'\n");
+ }
+
+ if (inrand == NULL)
+ {
+ if (rnum == 0)
+ {
+ BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
+ }
+ }
+ else
+ {
+ rnum+=gr_load_rand(inrand);
+ }
+ if (rnum != 0)
+ BIO_printf(bio_err,"%ld semi-random bytes loaded\n",rnum);
+
+ BIO_printf(bio_err,"Generating RSA private key, %d bit long modulus\n",
+ num);
+ rsa=RSA_generate_key(num,f4,genrsa_cb,(char *)bio_err);
+
+ if (randfile == NULL)
+ BIO_printf(bio_err,"unable to write 'random state'\n");
+ else
+ RAND_write_file(randfile);
+
+ if (rsa == NULL) goto err;
+
+ /* We need to do the folloing for when the base number size is <
+ * long, esp windows 3.1 :-(. */
+ l=0L;
+ for (i=0; i<rsa->e->top; i++)
+ {
+#ifndef SIXTY_FOUR_BIT
+ l<<=BN_BITS4;
+ l<<=BN_BITS4;
+#endif
+ l+=rsa->e->d[i];
+ }
+ BIO_printf(bio_err,"e is %ld (0x%lX)\n",l,l);
+ if (!PEM_write_bio_RSAPrivateKey(out,rsa,enc,NULL,0,NULL))
+ goto err;
+
+ ret=0;
+err:
+ if (rsa != NULL) RSA_free(rsa);
+ if (out != NULL) BIO_free(out);
+ if (ret != 0)
+ ERR_print_errors(bio_err);
+ EXIT(ret);
+ }
+
+static void MS_CALLBACK genrsa_cb(p, n, arg)
+int p;
+int n;
+char *arg;
+ {
+ char c='*';
+
+ if (p == 0) c='.';
+ if (p == 1) c='+';
+ if (p == 2) c='*';
+ if (p == 3) c='\n';
+ BIO_write((BIO *)arg,&c,1);
+ BIO_flush((BIO *)arg);
+#ifdef LINT
+ p=n;
+#endif
+ }
+
+static long gr_load_rand(name)
+char *name;
+ {
+ char *p,*n;
+ int last;
+ long tot=0;
+
+ for (;;)
+ {
+ last=0;
+ for (p=name; ((*p != '\0') && (*p != LIST_SEPARATOR_CHAR)); p++);
+ if (*p == '\0') last=1;
+ *p='\0';
+ n=name;
+ name=p+1;
+ if (*n == '\0') break;
+
+ tot+=RAND_load_file(n,1024L*1024L);
+ if (last) break;
+ }
+ return(tot);
+ }
+
+
diff --git a/src/lib/libssl/src/apps/pca-cert.srl b/src/lib/libssl/src/apps/pca-cert.srl
new file mode 100644
index 0000000000..8a0f05e166
--- /dev/null
+++ b/src/lib/libssl/src/apps/pca-cert.srl
@@ -0,0 +1 @@
+01
diff --git a/src/lib/libssl/src/apps/pca-key.pem b/src/lib/libssl/src/apps/pca-key.pem
new file mode 100644
index 0000000000..20029ab779
--- /dev/null
+++ b/src/lib/libssl/src/apps/pca-key.pem
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQCdoWk/3+WcMlfjIrkg40ketmnQaEogQe1LLcuOJV6rKfUSAsPg
+wgsabJ/wn8TxA1yy3eKJbFl3OiUXMRsp22Jp85PmemiDzyUIStwk72qhp1imbANZ
+vlmlCFKiQrjUyuDfu4TABmn+kkt3vR1YBEOGt+IFye1UBVSATVdRJ2UVhwIDAQAB
+AoGAba4fTtuap5l7/8ZsbE7Z1O32KJY4ZcOZukLOLUUhXxXduT+FTgGWujc0/rgc
+z9qYCLlNZHOouMYTgtSfYvuMuLZ11VIt0GYH+nRioLShE59Yy+zCRyC+gPigS1kz
+xvo14AsOIPYV14Tk/SsHyq6E0eTk7VzaIE197giiINUERPECQQDSKmtPTh/lRKw7
+HSZSM0I1mFWn/1zqrAbontRQY5w98QWIOe5qmzYyFbPXYT3d9BzlsMyhgiRNoBbD
+yvohSHXJAkEAwAHx6ezAZeWWzD5yXD36nyjpkVCw7Tk7TSmOceLJMWt1QcrCfqlS
+xA5jjpQ6Z8suU5DdtWAryM2sAir1WisYzwJAd6Zcx56jvAQ3xcPXsE6scBTVFzrj
+7FqZ6E+cclPzfLQ+QQsyOBE7bpI6e/FJppY26XGZXo3YGzV8IGXrt40oOQJALETG
+h86EFXo3qGOFbmsDy4pdP5nBERCu8X1xUCSfintiD4c2DInxgS5oGclnJeMcjTvL
+QjQoJCX3UJCi/OUO1QJBAKgcDHWjMvt+l1pjJBsSEZ0HX9AAIIVx0RQmbFGS+F2Q
+hhu5l77WnnZOQ9vvhV5u7NPCUF9nhU3jh60qWWO8mkc=
+-----END RSA PRIVATE KEY-----
diff --git a/src/lib/libssl/src/apps/pca-req.pem b/src/lib/libssl/src/apps/pca-req.pem
new file mode 100644
index 0000000000..33f155337b
--- /dev/null
+++ b/src/lib/libssl/src/apps/pca-req.pem
@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBmjCCAQMCAQAwXDELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQx
+GjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYDVQQDExNUZXN0IFBDQSAo
+MTAyNCBiaXQpMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCdoWk/3+WcMlfj
+Irkg40ketmnQaEogQe1LLcuOJV6rKfUSAsPgwgsabJ/wn8TxA1yy3eKJbFl3OiUX
+MRsp22Jp85PmemiDzyUIStwk72qhp1imbANZvlmlCFKiQrjUyuDfu4TABmn+kkt3
+vR1YBEOGt+IFye1UBVSATVdRJ2UVhwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBAEzz
+IG8NnfpnPTQSCN5zJhOfy6p9AcDyQzuJirYv1HR/qoYWalPh/U2uiK0lAim7qMcv
+wOlK3I7A8B7/4dLqvIqgtUj9b1WT8zIrnwdvJI4osLI2BY+c1pVlp174DHLMol1L
+Cl1e3N5BTm7lCitTYjuUhsw6hiA8IcdNKDo6sktV
+-----END CERTIFICATE REQUEST-----
diff --git a/src/lib/libssl/src/apps/pkcs7.c b/src/lib/libssl/src/apps/pkcs7.c
new file mode 100644
index 0000000000..4105dbd9ef
--- /dev/null
+++ b/src/lib/libssl/src/apps/pkcs7.c
@@ -0,0 +1,315 @@
+/* apps/pkcs7.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <time.h>
+#include "apps.h"
+#include "err.h"
+#include "objects.h"
+#include "evp.h"
+#include "x509.h"
+#include "pkcs7.h"
+#include "pem.h"
+
+#undef PROG
+#define PROG pkcs7_main
+
+/* -inform arg - input format - default PEM (one of DER, TXT or PEM)
+ * -outform arg - output format - default PEM
+ * -in arg - input file - default stdin
+ * -out arg - output file - default stdout
+ * -des - encrypt output if PEM format with DES in cbc mode
+ * -des3 - encrypt output if PEM format
+ * -idea - encrypt output if PEM format
+ * -print_certs
+ */
+
+int MAIN(argc, argv)
+int argc;
+char **argv;
+ {
+ PKCS7 *p7=NULL;
+ int i,badops=0;
+#if !defined(NO_DES) || !defined(NO_IDEA)
+ EVP_CIPHER *enc=NULL;
+#endif
+ BIO *in=NULL,*out=NULL;
+ int informat,outformat;
+ char *infile,*outfile,*prog,buf[256];
+ int print_certs=0;
+ int ret=0;
+
+ apps_startup();
+
+ if (bio_err == NULL)
+ if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+
+ infile=NULL;
+ outfile=NULL;
+ informat=FORMAT_PEM;
+ outformat=FORMAT_PEM;
+
+ prog=argv[0];
+ argc--;
+ argv++;
+ while (argc >= 1)
+ {
+ if (strcmp(*argv,"-inform") == 0)
+ {
+ if (--argc < 1) goto bad;
+ informat=str2fmt(*(++argv));
+ }
+ else if (strcmp(*argv,"-outform") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outformat=str2fmt(*(++argv));
+ }
+ else if (strcmp(*argv,"-in") == 0)
+ {
+ if (--argc < 1) goto bad;
+ infile= *(++argv);
+ }
+ else if (strcmp(*argv,"-out") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-print_certs") == 0)
+ print_certs=1;
+#ifndef NO_DES
+ else if (strcmp(*argv,"-des") == 0)
+ enc=EVP_des_cbc();
+ else if (strcmp(*argv,"-des3") == 0)
+ enc=EVP_des_ede3_cbc();
+#endif
+#ifndef NO_IDEA
+ else if (strcmp(*argv,"-idea") == 0)
+ enc=EVP_idea_cbc();
+#endif
+ else
+ {
+ BIO_printf(bio_err,"unknown option %s\n",*argv);
+ badops=1;
+ break;
+ }
+ argc--;
+ argv++;
+ }
+
+ if (badops)
+ {
+bad:
+ BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog);
+ BIO_printf(bio_err,"where options are\n");
+ BIO_printf(bio_err," -inform arg input format - one of DER TXT PEM\n");
+ BIO_printf(bio_err," -outform arg output format - one of DER TXT PEM\n");
+ BIO_printf(bio_err," -in arg inout file\n");
+ BIO_printf(bio_err," -out arg output file\n");
+ BIO_printf(bio_err," -print_certs print any certs or crl in the input\n");
+ BIO_printf(bio_err," -des encrypt PEM output with cbc des\n");
+ BIO_printf(bio_err," -des3 encrypt PEM output with ede cbc des using 168 bit key\n");
+#ifndef NO_IDEA
+ BIO_printf(bio_err," -idea encrypt PEM output with cbc idea\n");
+#endif
+ EXIT(1);
+ }
+
+ ERR_load_crypto_strings();
+
+ in=BIO_new(BIO_s_file());
+ out=BIO_new(BIO_s_file());
+ if ((in == NULL) || (out == NULL))
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (infile == NULL)
+ BIO_set_fp(in,stdin,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_read_filename(in,infile) <= 0)
+ if (in == NULL)
+ {
+ perror(infile);
+ goto end;
+ }
+ }
+
+ if (informat == FORMAT_ASN1)
+ p7=d2i_PKCS7_bio(in,NULL);
+ else if (informat == FORMAT_PEM)
+ p7=PEM_read_bio_PKCS7(in,NULL,NULL);
+ else
+ {
+ BIO_printf(bio_err,"bad input format specified for pkcs7 object\n");
+ goto end;
+ }
+ if (p7 == NULL)
+ {
+ BIO_printf(bio_err,"unable to load PKCS7 object\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (outfile == NULL)
+ BIO_set_fp(out,stdout,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_write_filename(out,outfile) <= 0)
+ {
+ perror(outfile);
+ goto end;
+ }
+ }
+
+ if (print_certs)
+ {
+ STACK *certs=NULL;
+ STACK *crls=NULL;
+
+ i=OBJ_obj2nid(p7->type);
+ switch (i)
+ {
+ case NID_pkcs7_signed:
+ certs=p7->d.sign->cert;
+ crls=p7->d.sign->crl;
+ break;
+ case NID_pkcs7_signedAndEnveloped:
+ certs=p7->d.signed_and_enveloped->cert;
+ crls=p7->d.signed_and_enveloped->crl;
+ break;
+ default:
+ break;
+ }
+
+ if (certs != NULL)
+ {
+ X509 *x;
+
+ for (i=0; i<sk_num(certs); i++)
+ {
+ x=(X509 *)sk_value(certs,i);
+
+ X509_NAME_oneline(X509_get_subject_name(x),
+ buf,256);
+ BIO_puts(out,"subject=");
+ BIO_puts(out,buf);
+
+ X509_NAME_oneline(X509_get_issuer_name(x),
+ buf,256);
+ BIO_puts(out,"\nissuer= ");
+ BIO_puts(out,buf);
+ BIO_puts(out,"\n");
+
+ PEM_write_bio_X509(out,x);
+ BIO_puts(out,"\n");
+ }
+ }
+ if (crls != NULL)
+ {
+ X509_CRL *crl;
+
+ for (i=0; i<sk_num(crls); i++)
+ {
+ crl=(X509_CRL *)sk_value(crls,i);
+
+ X509_NAME_oneline(crl->crl->issuer,buf,256);
+ BIO_puts(out,"issuer= ");
+ BIO_puts(out,buf);
+
+ BIO_puts(out,"\nlast update=");
+ ASN1_UTCTIME_print(out,crl->crl->lastUpdate);
+ BIO_puts(out,"\nnext update=");
+ ASN1_UTCTIME_print(out,crl->crl->nextUpdate);
+ BIO_puts(out,"\n");
+
+ PEM_write_bio_X509_CRL(out,crl);
+ BIO_puts(out,"\n");
+ }
+ }
+
+ ret=0;
+ goto end;
+ }
+
+ if (outformat == FORMAT_ASN1)
+ i=i2d_PKCS7_bio(out,p7);
+ else if (outformat == FORMAT_PEM)
+ i=PEM_write_bio_PKCS7(out,p7);
+ else {
+ BIO_printf(bio_err,"bad output format specified for outfile\n");
+ goto end;
+ }
+
+ if (!i)
+ {
+ BIO_printf(bio_err,"unable to write pkcs7 object\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ ret=0;
+end:
+ if (p7 != NULL) PKCS7_free(p7);
+ if (in != NULL) BIO_free(in);
+ if (out != NULL) BIO_free(out);
+ EXIT(ret);
+ }
diff --git a/src/lib/libssl/src/apps/privkey.pem b/src/lib/libssl/src/apps/privkey.pem
new file mode 100644
index 0000000000..b567e411b2
--- /dev/null
+++ b/src/lib/libssl/src/apps/privkey.pem
@@ -0,0 +1,11 @@
+-----BEGIN DSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,1BF8E9CE60B9941C
+
+JuhgIvVRrxCRedTTC9ABlIByMsq6IcpqyDZwOPS4rxTtVWvjj1BMHtoCebK7CKMZ
+dLsvztfSkdAYmTGK62C73RwlmnMxB4JXhTLaoAX2eL9iylojTWRg+/0Y4rbIKmUe
+hrmwrHld7vnfE9XHL8OoaFp6aJ8BB9B8HIfdJMnrNcTWJSGS6gYPTWPdm7ZCykEV
+2fFEX6IqWjBjaRm36Esj5mHLRVhBbi2n/jy5IhZeqjEsQ8adYGUulzPSe5xc2JZa
++OO4ch/RRqWTFP59eNPfdke3UE7uNlUhPnYDAOXhSdMJBzI+T9RQXU2y/tMOrYYK
+3+jNQcQ9q1Xy1s5dz/BOvw==
+-----END DSA PRIVATE KEY-----
diff --git a/src/lib/libssl/src/apps/progs.h b/src/lib/libssl/src/apps/progs.h
new file mode 100644
index 0000000000..ec00396ed7
--- /dev/null
+++ b/src/lib/libssl/src/apps/progs.h
@@ -0,0 +1,251 @@
+#ifndef NOPROTO
+extern int verify_main(int argc,char *argv[]);
+extern int asn1parse_main(int argc,char *argv[]);
+extern int req_main(int argc,char *argv[]);
+extern int dgst_main(int argc,char *argv[]);
+extern int dh_main(int argc,char *argv[]);
+extern int enc_main(int argc,char *argv[]);
+extern int gendh_main(int argc,char *argv[]);
+extern int errstr_main(int argc,char *argv[]);
+extern int ca_main(int argc,char *argv[]);
+extern int crl_main(int argc,char *argv[]);
+extern int rsa_main(int argc,char *argv[]);
+extern int dsa_main(int argc,char *argv[]);
+extern int dsaparam_main(int argc,char *argv[]);
+extern int x509_main(int argc,char *argv[]);
+extern int genrsa_main(int argc,char *argv[]);
+extern int s_server_main(int argc,char *argv[]);
+extern int s_client_main(int argc,char *argv[]);
+extern int speed_main(int argc,char *argv[]);
+extern int s_time_main(int argc,char *argv[]);
+extern int version_main(int argc,char *argv[]);
+extern int pkcs7_main(int argc,char *argv[]);
+extern int crl2pkcs7_main(int argc,char *argv[]);
+extern int sess_id_main(int argc,char *argv[]);
+extern int ciphers_main(int argc,char *argv[]);
+#else
+extern int verify_main();
+extern int asn1parse_main();
+extern int req_main();
+extern int dgst_main();
+extern int dh_main();
+extern int enc_main();
+extern int gendh_main();
+extern int errstr_main();
+extern int ca_main();
+extern int crl_main();
+extern int rsa_main();
+extern int dsa_main();
+extern int dsaparam_main();
+extern int x509_main();
+extern int genrsa_main();
+extern int s_server_main();
+extern int s_client_main();
+extern int speed_main();
+extern int s_time_main();
+extern int version_main();
+extern int pkcs7_main();
+extern int crl2pkcs7_main();
+extern int sess_id_main();
+extern int ciphers_main();
+#endif
+
+#ifdef SSLEAY_SRC
+
+#define FUNC_TYPE_GENERAL 1
+#define FUNC_TYPE_MD 2
+#define FUNC_TYPE_CIPHER 3
+
+typedef struct {
+ int type;
+ char *name;
+ int (*func)();
+ } FUNCTION;
+
+FUNCTION functions[] = {
+ {FUNC_TYPE_GENERAL,"verify",verify_main},
+ {FUNC_TYPE_GENERAL,"asn1parse",asn1parse_main},
+#ifndef NO_RSA
+ {FUNC_TYPE_GENERAL,"req",req_main},
+#endif
+ {FUNC_TYPE_GENERAL,"dgst",dgst_main},
+#ifndef NO_DH
+ {FUNC_TYPE_GENERAL,"dh",dh_main},
+#endif
+ {FUNC_TYPE_GENERAL,"enc",enc_main},
+#ifndef NO_DH
+ {FUNC_TYPE_GENERAL,"gendh",gendh_main},
+#endif
+ {FUNC_TYPE_GENERAL,"errstr",errstr_main},
+#ifndef NO_RSA
+ {FUNC_TYPE_GENERAL,"ca",ca_main},
+#endif
+ {FUNC_TYPE_GENERAL,"crl",crl_main},
+#ifndef NO_RSA
+ {FUNC_TYPE_GENERAL,"rsa",rsa_main},
+#endif
+#ifndef NO_DSA
+ {FUNC_TYPE_GENERAL,"dsa",dsa_main},
+#endif
+#ifndef NO_DSA
+ {FUNC_TYPE_GENERAL,"dsaparam",dsaparam_main},
+#endif
+#ifndef NO_RSA
+ {FUNC_TYPE_GENERAL,"x509",x509_main},
+#endif
+#ifndef NO_RSA
+ {FUNC_TYPE_GENERAL,"genrsa",genrsa_main},
+#endif
+#if !defined(NO_SOCK) && !(defined(NO_SSL2) && defined(O_SSL3))
+ {FUNC_TYPE_GENERAL,"s_server",s_server_main},
+#endif
+#if !defined(NO_SOCK) && !(defined(NO_SSL2) && defined(O_SSL3))
+ {FUNC_TYPE_GENERAL,"s_client",s_client_main},
+#endif
+ {FUNC_TYPE_GENERAL,"speed",speed_main},
+#if !defined(NO_SOCK) && !(defined(NO_SSL2) && defined(O_SSL3))
+ {FUNC_TYPE_GENERAL,"s_time",s_time_main},
+#endif
+ {FUNC_TYPE_GENERAL,"version",version_main},
+ {FUNC_TYPE_GENERAL,"pkcs7",pkcs7_main},
+ {FUNC_TYPE_GENERAL,"crl2pkcs7",crl2pkcs7_main},
+ {FUNC_TYPE_GENERAL,"sess_id",sess_id_main},
+#if !defined(NO_SOCK) && !(defined(NO_SSL2) && defined(O_SSL3))
+ {FUNC_TYPE_GENERAL,"ciphers",ciphers_main},
+#endif
+ {FUNC_TYPE_MD,"md2",dgst_main},
+ {FUNC_TYPE_MD,"md5",dgst_main},
+ {FUNC_TYPE_MD,"sha",dgst_main},
+ {FUNC_TYPE_MD,"sha1",dgst_main},
+ {FUNC_TYPE_MD,"mdc2",dgst_main},
+ {FUNC_TYPE_CIPHER,"base64",enc_main},
+#ifndef NO_DES
+ {FUNC_TYPE_CIPHER,"des",enc_main},
+#endif
+#ifndef NO_DES
+ {FUNC_TYPE_CIPHER,"des3",enc_main},
+#endif
+#ifndef NO_DES
+ {FUNC_TYPE_CIPHER,"desx",enc_main},
+#endif
+#ifndef NO_IDEA
+ {FUNC_TYPE_CIPHER,"idea",enc_main},
+#endif
+#ifndef NO_RC4
+ {FUNC_TYPE_CIPHER,"rc4",enc_main},
+#endif
+#ifndef NO_RC2
+ {FUNC_TYPE_CIPHER,"rc2",enc_main},
+#endif
+#ifndef NO_BLOWFISH
+ {FUNC_TYPE_CIPHER,"bf",enc_main},
+#endif
+#ifndef NO_CAST
+ {FUNC_TYPE_CIPHER,"cast",enc_main},
+#endif
+#ifndef NO_RC5
+ {FUNC_TYPE_CIPHER,"rc5",enc_main},
+#endif
+#ifndef NO_DES
+ {FUNC_TYPE_CIPHER,"des-ecb",enc_main},
+#endif
+#ifndef NO_DES
+ {FUNC_TYPE_CIPHER,"des-ede",enc_main},
+#endif
+#ifndef NO_DES
+ {FUNC_TYPE_CIPHER,"des-ede3",enc_main},
+#endif
+#ifndef NO_DES
+ {FUNC_TYPE_CIPHER,"des-cbc",enc_main},
+#endif
+#ifndef NO_DES
+ {FUNC_TYPE_CIPHER,"des-ede-cbc",enc_main},
+#endif
+#ifndef NO_DES
+ {FUNC_TYPE_CIPHER,"des-ede3-cbc",enc_main},
+#endif
+#ifndef NO_DES
+ {FUNC_TYPE_CIPHER,"des-cfb",enc_main},
+#endif
+#ifndef NO_DES
+ {FUNC_TYPE_CIPHER,"des-ede-cfb",enc_main},
+#endif
+#ifndef NO_DES
+ {FUNC_TYPE_CIPHER,"des-ede3-cfb",enc_main},
+#endif
+#ifndef NO_DES
+ {FUNC_TYPE_CIPHER,"des-ofb",enc_main},
+#endif
+#ifndef NO_DES
+ {FUNC_TYPE_CIPHER,"des-ede-ofb",enc_main},
+#endif
+#ifndef NO_DES
+ {FUNC_TYPE_CIPHER,"des-ede3-ofb",enc_main},
+#endif
+#ifndef NO_IDEA
+ {FUNC_TYPE_CIPHER,"idea-cbc",enc_main},
+#endif
+#ifndef NO_IDEA
+ {FUNC_TYPE_CIPHER,"idea-ecb",enc_main},
+#endif
+#ifndef NO_IDEA
+ {FUNC_TYPE_CIPHER,"idea-cfb",enc_main},
+#endif
+#ifndef NO_IDEA
+ {FUNC_TYPE_CIPHER,"idea-ofb",enc_main},
+#endif
+#ifndef NO_RC2
+ {FUNC_TYPE_CIPHER,"rc2-cbc",enc_main},
+#endif
+#ifndef NO_RC2
+ {FUNC_TYPE_CIPHER,"rc2-ecb",enc_main},
+#endif
+#ifndef NO_RC2
+ {FUNC_TYPE_CIPHER,"rc2-cfb",enc_main},
+#endif
+#ifndef NO_RC2
+ {FUNC_TYPE_CIPHER,"rc2-ofb",enc_main},
+#endif
+#ifndef NO_BLOWFISH
+ {FUNC_TYPE_CIPHER,"bf-cbc",enc_main},
+#endif
+#ifndef NO_BLOWFISH
+ {FUNC_TYPE_CIPHER,"bf-ecb",enc_main},
+#endif
+#ifndef NO_BLOWFISH
+ {FUNC_TYPE_CIPHER,"bf-cfb",enc_main},
+#endif
+#ifndef NO_BLOWFISH
+ {FUNC_TYPE_CIPHER,"bf-ofb",enc_main},
+#endif
+#ifndef NO_CAST
+ {FUNC_TYPE_CIPHER,"cast5-cbc",enc_main},
+#endif
+#ifndef NO_CAST
+ {FUNC_TYPE_CIPHER,"cast5-ecb",enc_main},
+#endif
+#ifndef NO_CAST
+ {FUNC_TYPE_CIPHER,"cast5-cfb",enc_main},
+#endif
+#ifndef NO_CAST
+ {FUNC_TYPE_CIPHER,"cast5-ofb",enc_main},
+#endif
+#ifndef NO_CAST
+ {FUNC_TYPE_CIPHER,"cast-cbc",enc_main},
+#endif
+#ifndef NO_RC5
+ {FUNC_TYPE_CIPHER,"rc5-cbc",enc_main},
+#endif
+#ifndef NO_RC5
+ {FUNC_TYPE_CIPHER,"rc5-ecb",enc_main},
+#endif
+#ifndef NO_RC5
+ {FUNC_TYPE_CIPHER,"rc5-cfb",enc_main},
+#endif
+#ifndef NO_RC5
+ {FUNC_TYPE_CIPHER,"rc5-ofb",enc_main},
+#endif
+ {0,NULL,NULL}
+ };
+#endif
+
diff --git a/src/lib/libssl/src/apps/req.c b/src/lib/libssl/src/apps/req.c
new file mode 100644
index 0000000000..f51345f5a2
--- /dev/null
+++ b/src/lib/libssl/src/apps/req.c
@@ -0,0 +1,1137 @@
+/* apps/req.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#ifdef NO_STDIO
+#define APPS_WIN16
+#endif
+#include "apps.h"
+#include "bio.h"
+#include "evp.h"
+#include "rand.h"
+#include "conf.h"
+#include "err.h"
+#include "asn1.h"
+#include "x509.h"
+#include "objects.h"
+#include "pem.h"
+
+#define SECTION "req"
+
+#define BITS "default_bits"
+#define KEYFILE "default_keyfile"
+#define DISTINGUISHED_NAME "distinguished_name"
+#define ATTRIBUTES "attributes"
+
+#define DEFAULT_KEY_LENGTH 512
+#define MIN_KEY_LENGTH 384
+
+#undef PROG
+#define PROG req_main
+
+/* -inform arg - input format - default PEM (one of DER, TXT or PEM)
+ * -outform arg - output format - default PEM
+ * -in arg - input file - default stdin
+ * -out arg - output file - default stdout
+ * -verify - check request signature
+ * -noout - don't print stuff out.
+ * -text - print out human readable text.
+ * -nodes - no des encryption
+ * -config file - Load configuration file.
+ * -key file - make a request using key in file (or use it for verification).
+ * -keyform - key file format.
+ * -newkey - make a key and a request.
+ * -modulus - print RSA modulus.
+ * -x509 - output a self signed X509 structure instead.
+ * -asn1-kludge - output new certificate request in a format that some CA's
+ * require. This format is wrong
+ */
+
+#ifndef NOPROTO
+static int make_REQ(X509_REQ *req,EVP_PKEY *pkey,int attribs);
+static int add_attribute_object(STACK *n, char *text, char *def,
+ char *value, int nid,int min,int max);
+static int add_DN_object(X509_NAME *n, char *text, char *def, char *value,
+ int nid,int min,int max);
+static void MS_CALLBACK req_cb(int p,int n,char *arg);
+static int req_fix_data(int nid,int *type,int len,int min,int max);
+#else
+static int make_REQ();
+static int add_attribute_object();
+static int add_DN_object();
+static void MS_CALLBACK req_cb();
+static int req_fix_data();
+#endif
+
+#ifndef MONOLITH
+static char *default_config_file=NULL;
+static LHASH *config=NULL;
+#endif
+static LHASH *req_conf=NULL;
+
+#define TYPE_RSA 1
+#define TYPE_DSA 2
+#define TYPE_DH 3
+
+int MAIN(argc, argv)
+int argc;
+char **argv;
+ {
+#ifndef NO_DSA
+ DSA *dsa_params=NULL;
+#endif
+ int ex=1,x509=0,days=30;
+ X509 *x509ss=NULL;
+ X509_REQ *req=NULL;
+ EVP_PKEY *pkey=NULL;
+ int i,badops=0,newreq=0,newkey= -1,pkey_type=0;
+ BIO *in=NULL,*out=NULL;
+ int informat,outformat,verify=0,noout=0,text=0,keyform=FORMAT_PEM;
+ int nodes=0,kludge=0;
+ char *infile,*outfile,*prog,*keyfile=NULL,*template=NULL,*keyout=NULL;
+ EVP_CIPHER *cipher=NULL;
+ int modulus=0;
+ char *p;
+ EVP_MD *md_alg=NULL,*digest=EVP_md5();
+#ifndef MONOLITH
+ MS_STATIC char config_name[256];
+#endif
+
+#ifndef NO_DES
+ cipher=EVP_des_ede3_cbc();
+#endif
+ apps_startup();
+
+ if (bio_err == NULL)
+ if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+
+ infile=NULL;
+ outfile=NULL;
+ informat=FORMAT_PEM;
+ outformat=FORMAT_PEM;
+
+ prog=argv[0];
+ argc--;
+ argv++;
+ while (argc >= 1)
+ {
+ if (strcmp(*argv,"-inform") == 0)
+ {
+ if (--argc < 1) goto bad;
+ informat=str2fmt(*(++argv));
+ }
+ else if (strcmp(*argv,"-outform") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outformat=str2fmt(*(++argv));
+ }
+ else if (strcmp(*argv,"-key") == 0)
+ {
+ if (--argc < 1) goto bad;
+ keyfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-new") == 0)
+ {
+ pkey_type=TYPE_RSA;
+ newreq=1;
+ }
+ else if (strcmp(*argv,"-config") == 0)
+ {
+ if (--argc < 1) goto bad;
+ template= *(++argv);
+ }
+ else if (strcmp(*argv,"-keyform") == 0)
+ {
+ if (--argc < 1) goto bad;
+ keyform=str2fmt(*(++argv));
+ }
+ else if (strcmp(*argv,"-in") == 0)
+ {
+ if (--argc < 1) goto bad;
+ infile= *(++argv);
+ }
+ else if (strcmp(*argv,"-out") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-keyout") == 0)
+ {
+ if (--argc < 1) goto bad;
+ keyout= *(++argv);
+ }
+ else if (strcmp(*argv,"-newkey") == 0)
+ {
+ if (--argc < 1) goto bad;
+ p= *(++argv);
+ if ((strncmp("rsa:",p,4) == 0) ||
+ ((p[0] >= '0') && (p[0] <= '9')))
+ {
+ pkey_type=TYPE_RSA;
+ p+=4;
+ newkey= atoi(p);
+ }
+ else
+#ifndef NO_DSA
+ if (strncmp("dsa:",p,4) == 0)
+ {
+ X509 *xtmp=NULL;
+ EVP_PKEY *dtmp;
+
+ pkey_type=TYPE_DSA;
+ p+=4;
+ if ((in=BIO_new_file(p,"r")) == NULL)
+ {
+ perror(p);
+ goto end;
+ }
+ if ((dsa_params=PEM_read_bio_DSAparams(in,NULL,NULL)) == NULL)
+ {
+ ERR_clear_error();
+ BIO_reset(in);
+ if ((xtmp=PEM_read_bio_X509(in,NULL,NULL)) == NULL)
+ {
+ BIO_printf(bio_err,"unable to load DSA parameters from file\n");
+ goto end;
+ }
+
+ /* This will 'disapear'
+ * when we free xtmp */
+ dtmp=X509_get_pubkey(xtmp);
+ if (dtmp->type == EVP_PKEY_DSA)
+ dsa_params=DSAparams_dup(dtmp->pkey.dsa);
+ X509_free(xtmp);
+ if (dsa_params == NULL)
+ {
+ BIO_printf(bio_err,"Certificate does not contain DSA parameters\n");
+ goto end;
+ }
+ }
+ BIO_free(in);
+ newkey=BN_num_bits(dsa_params->p);
+ in=NULL;
+ }
+ else
+#endif
+#ifndef NO_DH
+ if (strncmp("dh:",p,4) == 0)
+ {
+ pkey_type=TYPE_DH;
+ p+=3;
+ }
+ else
+#endif
+ pkey_type=TYPE_RSA;
+
+ newreq=1;
+ }
+ else if (strcmp(*argv,"-modulus") == 0)
+ modulus=1;
+ else if (strcmp(*argv,"-verify") == 0)
+ verify=1;
+ else if (strcmp(*argv,"-nodes") == 0)
+ nodes=1;
+ else if (strcmp(*argv,"-noout") == 0)
+ noout=1;
+ else if (strcmp(*argv,"-text") == 0)
+ text=1;
+ else if (strcmp(*argv,"-x509") == 0)
+ x509=1;
+ else if (strcmp(*argv,"-asn1-kludge") == 0)
+ kludge=1;
+ else if (strcmp(*argv,"-no-asn1-kludge") == 0)
+ kludge=0;
+ else if (strcmp(*argv,"-days") == 0)
+ {
+ if (--argc < 1) goto bad;
+ days= atoi(*(++argv));
+ if (days == 0) days=30;
+ }
+ else if ((md_alg=EVP_get_digestbyname(&((*argv)[1]))) != NULL)
+ {
+ /* ok */
+ digest=md_alg;
+ }
+ else
+
+ {
+ BIO_printf(bio_err,"unknown option %s\n",*argv);
+ badops=1;
+ break;
+ }
+ argc--;
+ argv++;
+ }
+
+ if (badops)
+ {
+bad:
+ BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog);
+ BIO_printf(bio_err,"where options are\n");
+ BIO_printf(bio_err," -inform arg input format - one of DER TXT PEM\n");
+ BIO_printf(bio_err," -outform arg output format - one of DER TXT PEM\n");
+ BIO_printf(bio_err," -in arg inout file\n");
+ BIO_printf(bio_err," -out arg output file\n");
+ BIO_printf(bio_err," -text text form of request\n");
+ BIO_printf(bio_err," -noout do not output REQ\n");
+ BIO_printf(bio_err," -verify verify signature on REQ\n");
+ BIO_printf(bio_err," -modulus RSA modulus\n");
+ BIO_printf(bio_err," -nodes don't encrypt the output key\n");
+ BIO_printf(bio_err," -key file use the private key contained in file\n");
+ BIO_printf(bio_err," -keyform arg key file format\n");
+ BIO_printf(bio_err," -keyout arg file to send the key to\n");
+ BIO_printf(bio_err," -newkey rsa:bits generate a new RSA key of 'bits' in size\n");
+ BIO_printf(bio_err," -newkey dsa:file generate a new DSA key, parameters taken from CA in 'file'\n");
+
+ BIO_printf(bio_err," -[digest] Digest to sign with (md5, sha1, md2, mdc2)\n");
+ BIO_printf(bio_err," -config file request templace file.\n");
+ BIO_printf(bio_err," -new new request.\n");
+ BIO_printf(bio_err," -x509 output a x509 structure instead of a cert. req.\n");
+ BIO_printf(bio_err," -days number of days a x509 generated by -x509 is valid for.\n");
+ BIO_printf(bio_err," -asn1-kludge Output the 'request' in a format that is wrong but some CA's\n");
+ BIO_printf(bio_err," have been reported as requiring\n");
+ BIO_printf(bio_err," [ It is now always turned on but can be turned off with -no-asn1-kludge ]\n");
+ goto end;
+ }
+
+ ERR_load_crypto_strings();
+
+#ifndef MONOLITH
+ /* Lets load up our environment a little */
+ p=getenv("SSLEAY_CONF");
+ if (p == NULL)
+ {
+ strcpy(config_name,X509_get_default_cert_area());
+ strcat(config_name,"/lib/");
+ strcat(config_name,SSLEAY_CONF);
+ p=config_name;
+ }
+ default_config_file=p;
+ config=CONF_load(config,p,NULL);
+#endif
+
+ if (template != NULL)
+ {
+ long errline;
+
+ BIO_printf(bio_err,"Using configuration from %s\n",template);
+ req_conf=CONF_load(NULL,template,&errline);
+ if (req_conf == NULL)
+ {
+ BIO_printf(bio_err,"error on line %ld of %s\n",errline,template);
+ goto end;
+ }
+ }
+ else
+ {
+ req_conf=config;
+ BIO_printf(bio_err,"Using configuration from %s\n",
+ default_config_file);
+ if (req_conf == NULL)
+ {
+ BIO_printf(bio_err,"Unable to load config info\n");
+ }
+ }
+
+ if ((md_alg == NULL) &&
+ ((p=CONF_get_string(req_conf,SECTION,"default_md")) != NULL))
+ {
+ if ((md_alg=EVP_get_digestbyname(p)) != NULL)
+ digest=md_alg;
+ }
+
+ in=BIO_new(BIO_s_file());
+ out=BIO_new(BIO_s_file());
+ if ((in == NULL) || (out == NULL))
+ goto end;
+
+ if (keyfile != NULL)
+ {
+ if (BIO_read_filename(in,keyfile) <= 0)
+ {
+ perror(keyfile);
+ goto end;
+ }
+
+/* if (keyform == FORMAT_ASN1)
+ rsa=d2i_RSAPrivateKey_bio(in,NULL);
+ else */
+ if (keyform == FORMAT_PEM)
+ pkey=PEM_read_bio_PrivateKey(in,NULL,NULL);
+ else
+ {
+ BIO_printf(bio_err,"bad input format specified for X509 request\n");
+ goto end;
+ }
+
+ if (pkey == NULL)
+ {
+ BIO_printf(bio_err,"unable to load Private key\n");
+ goto end;
+ }
+ }
+
+ if (newreq && (pkey == NULL))
+ {
+ char *randfile;
+ char buffer[200];
+
+ if ((randfile=CONF_get_string(req_conf,SECTION,"RANDFILE")) == NULL)
+ randfile=RAND_file_name(buffer,200);
+#ifdef WINDOWS
+ BIO_printf(bio_err,"Loading 'screen' into random state -");
+ BIO_flush(bio_err);
+ RAND_screen();
+ BIO_printf(bio_err," done\n");
+#endif
+ if ((randfile == NULL) || !RAND_load_file(randfile,1024L*1024L))
+ {
+ BIO_printf(bio_err,"unable to load 'random state'\n");
+ BIO_printf(bio_err,"What this means is that the random number generator has not been seeded\n");
+ BIO_printf(bio_err,"with much random data.\n");
+ BIO_printf(bio_err,"Consider setting the RANDFILE environment variable to point at a file that\n");
+ BIO_printf(bio_err,"'random' data can be kept in.\n");
+ }
+ if (newkey <= 0)
+ {
+ newkey=(int)CONF_get_number(req_conf,SECTION,BITS);
+ if (newkey <= 0)
+ newkey=DEFAULT_KEY_LENGTH;
+ }
+
+ if (newkey < MIN_KEY_LENGTH)
+ {
+ BIO_printf(bio_err,"private key length is too short,\n");
+ BIO_printf(bio_err,"it needs to be at least %d bits, not %d\n",MIN_KEY_LENGTH,newkey);
+ goto end;
+ }
+ BIO_printf(bio_err,"Generating a %d bit %s private key\n",
+ newkey,(pkey_type == TYPE_RSA)?"RSA":"DSA");
+
+ if ((pkey=EVP_PKEY_new()) == NULL) goto end;
+
+#ifndef NO_RSA
+ if (pkey_type == TYPE_RSA)
+ {
+ if (!EVP_PKEY_assign_RSA(pkey,
+ RSA_generate_key(newkey,0x10001,
+ req_cb,(char *)bio_err)))
+ goto end;
+ }
+ else
+#endif
+#ifndef NO_DSA
+ if (pkey_type == TYPE_DSA)
+ {
+ if (!DSA_generate_key(dsa_params)) goto end;
+ if (!EVP_PKEY_assign_DSA(pkey,dsa_params)) goto end;
+ dsa_params=NULL;
+ }
+#endif
+
+ if ((randfile == NULL) || (RAND_write_file(randfile) == 0))
+ BIO_printf(bio_err,"unable to write 'random state'\n");
+
+ if (pkey == NULL) goto end;
+
+ if (keyout == NULL)
+ keyout=CONF_get_string(req_conf,SECTION,KEYFILE);
+
+ if (keyout == NULL)
+ {
+ BIO_printf(bio_err,"writing new private key to stdout\n");
+ BIO_set_fp(out,stdout,BIO_NOCLOSE);
+ }
+ else
+ {
+ BIO_printf(bio_err,"writing new private key to '%s'\n",keyout);
+ if (BIO_write_filename(out,keyout) <= 0)
+ {
+ perror(keyout);
+ goto end;
+ }
+ }
+
+ p=CONF_get_string(req_conf,SECTION,"encrypt_rsa_key");
+ if (p == NULL)
+ p=CONF_get_string(req_conf,SECTION,"encrypt_key");
+ if ((p != NULL) && (strcmp(p,"no") == 0))
+ cipher=NULL;
+ if (nodes) cipher=NULL;
+
+ i=0;
+loop:
+ if (!PEM_write_bio_PrivateKey(out,pkey,cipher,
+ NULL,0,NULL))
+ {
+ if ((ERR_GET_REASON(ERR_peek_error()) ==
+ PEM_R_PROBLEMS_GETTING_PASSWORD) && (i < 3))
+ {
+ ERR_clear_error();
+ i++;
+ goto loop;
+ }
+ goto end;
+ }
+ BIO_printf(bio_err,"-----\n");
+ }
+
+ if (!newreq)
+ {
+ /* Since we are using a pre-existing certificate
+ * request, the kludge 'format' info should not be
+ * changed. */
+ kludge= -1;
+ if (infile == NULL)
+ BIO_set_fp(in,stdin,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_read_filename(in,infile) <= 0)
+ {
+ perror(infile);
+ goto end;
+ }
+ }
+
+ if (informat == FORMAT_ASN1)
+ req=d2i_X509_REQ_bio(in,NULL);
+ else if (informat == FORMAT_PEM)
+ req=PEM_read_bio_X509_REQ(in,NULL,NULL);
+ else
+ {
+ BIO_printf(bio_err,"bad input format specified for X509 request\n");
+ goto end;
+ }
+ if (req == NULL)
+ {
+ BIO_printf(bio_err,"unable to load X509 request\n");
+ goto end;
+ }
+ }
+
+ if (newreq || x509)
+ {
+#ifndef NO_DSA
+ if (pkey->type == EVP_PKEY_DSA)
+ digest=EVP_dss1();
+#endif
+
+ if (pkey == NULL)
+ {
+ BIO_printf(bio_err,"you need to specify a private key\n");
+ goto end;
+ }
+ if (req == NULL)
+ {
+ req=X509_REQ_new();
+ if (req == NULL)
+ {
+ goto end;
+ }
+
+ i=make_REQ(req,pkey,!x509);
+ if (kludge >= 0)
+ req->req_info->req_kludge=kludge;
+ if (!i)
+ {
+ BIO_printf(bio_err,"problems making Certificate Request\n");
+ goto end;
+ }
+ }
+ if (x509)
+ {
+ if ((x509ss=X509_new()) == NULL) goto end;
+
+ /* don't set the version number, for starters
+ * the field is null and second, null is v0
+ * if (!ASN1_INTEGER_set(ci->version,0L)) goto end;
+ */
+ ASN1_INTEGER_set(X509_get_serialNumber(x509ss),0L);
+
+ X509_set_issuer_name(x509ss,
+ X509_REQ_get_subject_name(req));
+ X509_gmtime_adj(X509_get_notBefore(x509ss),0);
+ X509_gmtime_adj(X509_get_notAfter(x509ss),
+ (long)60*60*24*days);
+ X509_set_subject_name(x509ss,
+ X509_REQ_get_subject_name(req));
+ X509_set_pubkey(x509ss,X509_REQ_get_pubkey(req));
+
+ if (!(i=X509_sign(x509ss,pkey,digest)))
+ goto end;
+ }
+ else
+ {
+ if (!(i=X509_REQ_sign(req,pkey,digest)))
+ goto end;
+ }
+ }
+
+ if (verify && !x509)
+ {
+ int tmp=0;
+
+ if (pkey == NULL)
+ {
+ pkey=X509_REQ_get_pubkey(req);
+ tmp=1;
+ if (pkey == NULL) goto end;
+ }
+
+ i=X509_REQ_verify(req,pkey);
+ if (tmp) pkey=NULL;
+
+ if (i < 0)
+ {
+ goto end;
+ }
+ else if (i == 0)
+ {
+ BIO_printf(bio_err,"verify failure\n");
+ }
+ else /* if (i > 0) */
+ BIO_printf(bio_err,"verify OK\n");
+ }
+
+ if (noout && !text && !modulus)
+ {
+ ex=0;
+ goto end;
+ }
+
+ if (outfile == NULL)
+ BIO_set_fp(out,stdout,BIO_NOCLOSE);
+ else
+ {
+ if ((keyout != NULL) && (strcmp(outfile,keyout) == 0))
+ i=(int)BIO_append_filename(out,outfile);
+ else
+ i=(int)BIO_write_filename(out,outfile);
+ if (!i)
+ {
+ perror(outfile);
+ goto end;
+ }
+ }
+
+ if (text)
+ {
+ if (x509)
+ X509_print(out,x509ss);
+ else
+ X509_REQ_print(out,req);
+ }
+
+ if (modulus)
+ {
+ EVP_PKEY *pubkey;
+
+ if (x509)
+ pubkey=X509_get_pubkey(x509ss);
+ else
+ pubkey=X509_REQ_get_pubkey(req);
+ if (pubkey == NULL)
+ {
+ fprintf(stdout,"Modulus=unavailable\n");
+ goto end;
+ }
+ fprintf(stdout,"Modulus=");
+ if (pubkey->type == EVP_PKEY_RSA)
+ BN_print(out,pubkey->pkey.rsa->n);
+ else
+ fprintf(stdout,"Wrong Algorithm type");
+ fprintf(stdout,"\n");
+ }
+
+ if (!noout && !x509)
+ {
+ if (outformat == FORMAT_ASN1)
+ i=i2d_X509_REQ_bio(out,req);
+ else if (outformat == FORMAT_PEM)
+ i=PEM_write_bio_X509_REQ(out,req);
+ else {
+ BIO_printf(bio_err,"bad output format specified for outfile\n");
+ goto end;
+ }
+ if (!i)
+ {
+ BIO_printf(bio_err,"unable to write X509 request\n");
+ goto end;
+ }
+ }
+ if (!noout && x509 && (x509ss != NULL))
+ {
+ if (outformat == FORMAT_ASN1)
+ i=i2d_X509_bio(out,x509ss);
+ else if (outformat == FORMAT_PEM)
+ i=PEM_write_bio_X509(out,x509ss);
+ else {
+ BIO_printf(bio_err,"bad output format specified for outfile\n");
+ goto end;
+ }
+ if (!i)
+ {
+ BIO_printf(bio_err,"unable to write X509 certificate\n");
+ goto end;
+ }
+ }
+ ex=0;
+end:
+ if (ex)
+ {
+ ERR_print_errors(bio_err);
+ }
+ if ((req_conf != NULL) && (req_conf != config)) CONF_free(req_conf);
+ if (in != NULL) BIO_free(in);
+ if (out != NULL) BIO_free(out);
+ if (pkey != NULL) EVP_PKEY_free(pkey);
+ if (req != NULL) X509_REQ_free(req);
+ if (x509ss != NULL) X509_free(x509ss);
+#ifndef NO_DSA
+ if (dsa_params != NULL) DSA_free(dsa_params);
+#endif
+ EXIT(ex);
+ }
+
+static int make_REQ(req,pkey,attribs)
+X509_REQ *req;
+EVP_PKEY *pkey;
+int attribs;
+ {
+ int ret=0,i,j;
+ unsigned char *p,*q;
+ X509_REQ_INFO *ri;
+ char buf[100];
+ int nid,min,max;
+ char *type,*def,*tmp,*value,*tmp_attr;
+ STACK *sk,*attr=NULL;
+ CONF_VALUE *v;
+
+ tmp=CONF_get_string(req_conf,SECTION,DISTINGUISHED_NAME);
+ if (tmp == NULL)
+ {
+ BIO_printf(bio_err,"unable to find '%s' in config\n",
+ DISTINGUISHED_NAME);
+ goto err;
+ }
+ sk=CONF_get_section(req_conf,tmp);
+ if (sk == NULL)
+ {
+ BIO_printf(bio_err,"unable to get '%s' section\n",tmp);
+ goto err;
+ }
+
+ tmp_attr=CONF_get_string(req_conf,SECTION,ATTRIBUTES);
+ if (tmp_attr == NULL)
+ attr=NULL;
+ else
+ {
+ attr=CONF_get_section(req_conf,tmp_attr);
+ if (attr == NULL)
+ {
+ BIO_printf(bio_err,"unable to get '%s' section\n",tmp_attr);
+ goto err;
+ }
+ }
+
+ ri=req->req_info;
+
+ BIO_printf(bio_err,"You are about to be asked to enter information that will be incorporated\n");
+ BIO_printf(bio_err,"into your certificate request.\n");
+ BIO_printf(bio_err,"What you are about to enter is what is called a Distinguished Name or a DN.\n");
+ BIO_printf(bio_err,"There are quite a few fields but you can leave some blank\n");
+ BIO_printf(bio_err,"For some fields there will be a default value,\n");
+ BIO_printf(bio_err,"If you enter '.', the field will be left blank.\n");
+ BIO_printf(bio_err,"-----\n");
+
+ /* setup version number */
+ if (!ASN1_INTEGER_set(ri->version,0L)) goto err; /* version 1 */
+
+ if (sk_num(sk))
+ {
+ i= -1;
+start: for (;;)
+ {
+ i++;
+ if ((int)sk_num(sk) <= i) break;
+
+ v=(CONF_VALUE *)sk_value(sk,i);
+ p=q=NULL;
+ type=v->name;
+ /* Allow for raw OIDs */
+ /* [n.mm.ooo.ppp] */
+ for (j=0; type[j] != '\0'; j++)
+ {
+ if ( (type[j] == ':') ||
+ (type[j] == ',') ||
+ (type[j] == '.'))
+ p=(unsigned char *)&(type[j+1]);
+ if (type[j] == '[')
+ {
+ p=(unsigned char *)&(type[j+1]);
+ for (j++; type[j] != '\0'; j++)
+ if (type[j] == ']')
+ {
+ q=(unsigned char *)&(type[j]);
+ break;
+ }
+ break;
+ }
+ }
+ if (p != NULL)
+ type=(char *)p;
+ if ((nid=OBJ_txt2nid(type)) == NID_undef)
+ {
+ /* Add a new one if possible */
+ if ((p != NULL) && (q != NULL) && (*q == ']'))
+ {
+ *q='\0';
+ nid=OBJ_create((char *)p,NULL,NULL);
+ *q=']';
+ if (nid == NID_undef) goto start;
+ }
+ else
+ goto start;
+ }
+
+ sprintf(buf,"%s_default",v->name);
+ if ((def=CONF_get_string(req_conf,tmp,buf)) == NULL)
+ def="";
+
+ sprintf(buf,"%s_value",v->name);
+ if ((value=CONF_get_string(req_conf,tmp,buf)) == NULL)
+ value=NULL;
+
+ sprintf(buf,"%s_min",v->name);
+ min=(int)CONF_get_number(req_conf,tmp,buf);
+
+ sprintf(buf,"%s_max",v->name);
+ max=(int)CONF_get_number(req_conf,tmp,buf);
+
+ if (!add_DN_object(ri->subject,v->value,def,value,nid,
+ min,max))
+ goto err;
+ }
+ if (sk_num(ri->subject->entries) == 0)
+ {
+ BIO_printf(bio_err,"error, no objects specified in config file\n");
+ goto err;
+ }
+
+ if (attribs)
+ {
+ if ((attr != NULL) && (sk_num(attr) > 0))
+ {
+ BIO_printf(bio_err,"\nPlease enter the following 'extra' attributes\n");
+ BIO_printf(bio_err,"to be sent with your certificate request\n");
+ }
+
+ i= -1;
+start2: for (;;)
+ {
+ i++;
+ if ((attr == NULL) || ((int)sk_num(attr) <= i))
+ break;
+
+ v=(CONF_VALUE *)sk_value(attr,i);
+ type=v->name;
+ if ((nid=OBJ_txt2nid(type)) == NID_undef)
+ goto start2;
+
+ sprintf(buf,"%s_default",type);
+ if ((def=CONF_get_string(req_conf,tmp_attr,buf))
+ == NULL)
+ def="";
+
+ sprintf(buf,"%s_value",type);
+ if ((value=CONF_get_string(req_conf,tmp_attr,buf))
+ == NULL)
+ value=NULL;
+
+ sprintf(buf,"%s_min",type);
+ min=(int)CONF_get_number(req_conf,tmp_attr,buf);
+
+ sprintf(buf,"%s_max",type);
+ max=(int)CONF_get_number(req_conf,tmp_attr,buf);
+
+ if (!add_attribute_object(ri->attributes,
+ v->value,def,value,nid,min,max))
+ goto err;
+ }
+ }
+ }
+ else
+ {
+ BIO_printf(bio_err,"No template, please set one up.\n");
+ goto err;
+ }
+
+ X509_REQ_set_pubkey(req,pkey);
+
+ ret=1;
+err:
+ return(ret);
+ }
+
+static int add_DN_object(n,text,def,value,nid,min,max)
+X509_NAME *n;
+char *text;
+char *def;
+char *value;
+int nid;
+int min;
+int max;
+ {
+ int i,j,ret=0;
+ X509_NAME_ENTRY *ne=NULL;
+ MS_STATIC char buf[1024];
+
+ BIO_printf(bio_err,"%s [%s]:",text,def);
+ BIO_flush(bio_err);
+ if (value != NULL)
+ {
+ strcpy(buf,value);
+ strcat(buf,"\n");
+ BIO_printf(bio_err,"%s\n",value);
+ }
+ else
+ {
+ buf[0]='\0';
+ fgets(buf,1024,stdin);
+ }
+
+ if (buf[0] == '\0') return(0);
+ else if (buf[0] == '\n')
+ {
+ if ((def == NULL) || (def[0] == '\0'))
+ return(1);
+ strcpy(buf,def);
+ strcat(buf,"\n");
+ }
+ else if ((buf[0] == '.') && (buf[1] == '\n')) return(1);
+
+ i=strlen(buf);
+ if (buf[i-1] != '\n')
+ {
+ BIO_printf(bio_err,"weird input :-(\n");
+ return(0);
+ }
+ buf[--i]='\0';
+
+ j=ASN1_PRINTABLE_type((unsigned char *)buf,-1);
+ if (req_fix_data(nid,&j,i,min,max) == 0)
+ goto err;
+ if ((ne=X509_NAME_ENTRY_create_by_NID(NULL,nid,j,(unsigned char *)buf,
+ strlen(buf)))
+ == NULL) goto err;
+ if (!X509_NAME_add_entry(n,ne,X509_NAME_entry_count(n),0))
+ goto err;
+
+ ret=1;
+err:
+ if (ne != NULL) X509_NAME_ENTRY_free(ne);
+ return(ret);
+ }
+
+static int add_attribute_object(n,text,def,value,nid,min,max)
+STACK *n;
+char *text;
+char *def;
+char *value;
+int nid;
+int min;
+int max;
+ {
+ int i,z;
+ X509_ATTRIBUTE *xa=NULL;
+ static char buf[1024];
+ ASN1_BIT_STRING *bs=NULL;
+ ASN1_TYPE *at=NULL;
+
+start:
+ BIO_printf(bio_err,"%s [%s]:",text,def);
+ BIO_flush(bio_err);
+ if (value != NULL)
+ {
+ strcpy(buf,value);
+ strcat(buf,"\n");
+ BIO_printf(bio_err,"%s\n",value);
+ }
+ else
+ {
+ buf[0]='\0';
+ fgets(buf,1024,stdin);
+ }
+
+ if (buf[0] == '\0') return(0);
+ else if (buf[0] == '\n')
+ {
+ if ((def == NULL) || (def[0] == '\0'))
+ return(1);
+ strcpy(buf,def);
+ strcat(buf,"\n");
+ }
+ else if ((buf[0] == '.') && (buf[1] == '\n')) return(1);
+
+ i=strlen(buf);
+ if (buf[i-1] != '\n')
+ {
+ BIO_printf(bio_err,"weird input :-(\n");
+ return(0);
+ }
+ buf[--i]='\0';
+
+ /* add object plus value */
+ if ((xa=X509_ATTRIBUTE_new()) == NULL)
+ goto err;
+ if ((xa->value.set=sk_new_null()) == NULL)
+ goto err;
+ xa->set=1;
+
+ if (xa->object != NULL) ASN1_OBJECT_free(xa->object);
+ xa->object=OBJ_nid2obj(nid);
+
+ if ((bs=ASN1_BIT_STRING_new()) == NULL) goto err;
+
+ bs->type=ASN1_PRINTABLE_type((unsigned char *)buf,-1);
+
+ z=req_fix_data(nid,&bs->type,i,min,max);
+ if (z == 0)
+ {
+ if (value == NULL)
+ goto start;
+ else goto err;
+ }
+
+ if (!ASN1_STRING_set(bs,(unsigned char *)buf,i+1))
+ { BIO_printf(bio_err,"Malloc failure\n"); goto err; }
+
+ if ((at=ASN1_TYPE_new()) == NULL)
+ { BIO_printf(bio_err,"Malloc failure\n"); goto err; }
+
+ ASN1_TYPE_set(at,bs->type,(char *)bs);
+ sk_push(xa->value.set,(char *)at);
+ bs=NULL;
+ at=NULL;
+ /* only one item per attribute */
+
+ if (!sk_push(n,(char *)xa)) goto err;
+ return(1);
+err:
+ if (xa != NULL) X509_ATTRIBUTE_free(xa);
+ if (at != NULL) ASN1_TYPE_free(at);
+ if (bs != NULL) ASN1_BIT_STRING_free(bs);
+ return(0);
+ }
+
+static void MS_CALLBACK req_cb(p,n,arg)
+int p;
+int n;
+char *arg;
+ {
+ char c='*';
+
+ if (p == 0) c='.';
+ if (p == 1) c='+';
+ if (p == 2) c='*';
+ if (p == 3) c='\n';
+ BIO_write((BIO *)arg,&c,1);
+ BIO_flush((BIO *)arg);
+#ifdef LINT
+ p=n;
+#endif
+ }
+
+static int req_fix_data(nid,type,len,min,max)
+int nid;
+int *type;
+int len,min,max;
+ {
+ if (nid == NID_pkcs9_emailAddress)
+ *type=V_ASN1_IA5STRING;
+ if ((nid == NID_commonName) && (*type == V_ASN1_IA5STRING))
+ *type=V_ASN1_T61STRING;
+ if ((nid == NID_pkcs9_challengePassword) &&
+ (*type == V_ASN1_IA5STRING))
+ *type=V_ASN1_T61STRING;
+
+ if ((nid == NID_pkcs9_unstructuredName) &&
+ (*type == V_ASN1_T61STRING))
+ {
+ BIO_printf(bio_err,"invalid characters in string, please re-enter the string\n");
+ return(0);
+ }
+ if (nid == NID_pkcs9_unstructuredName)
+ *type=V_ASN1_IA5STRING;
+
+ if (len < min)
+ {
+ BIO_printf(bio_err,"string is too short, it needs to be at least %d bytes long\n",min);
+ return(0);
+ }
+ if ((max != 0) && (len > max))
+ {
+ BIO_printf(bio_err,"string is too long, it needs to be less than %d bytes long\n",max);
+ return(0);
+ }
+ return(1);
+ }
diff --git a/src/lib/libssl/src/apps/req.pem b/src/lib/libssl/src/apps/req.pem
new file mode 100644
index 0000000000..5537df601d
--- /dev/null
+++ b/src/lib/libssl/src/apps/req.pem
@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBlzCCAVcCAQAwXjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx
+ITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEXMBUGA1UEAxMORXJp
+YyB0aGUgWW91bmcwge8wgaYGBSsOAwIMMIGcAkEA+ZiKEvZmc9MtnaFZh4NiZ3oZ
+S4J1PHvPrm9MXj5ntVheDPkdmBDTncyaGAJcMjwsyB/GvLDGd6yGCw/8eF+09wIV
+AK3VagOxGd/Q4Af5NbxR5FB7CXEjAkA2t/q7HgVLi0KeKvcDG8BRl3wuy7bCvpjg
+tWiJc/tpvcuzeuAayH89UofjAGueKjXDADiRffvSdhrNw5dkqdqlA0QAAkEAtUSo
+84OekjitKGVjxLu0HvXck29pu+foad53vPKXAsuJdACj88BPqZ91Y9PIJf1GUh38
+CuiHWi7z3cEDfZCyCKAAMAkGBSsOAwIbBQADLwAwLAIUTg8amKVBE9oqC5B75dDQ
+Chy3LdQCFHKodGEj3LjuTzdm/RTe2KZL9Uzf
+-----END CERTIFICATE REQUEST-----
diff --git a/src/lib/libssl/src/apps/rsa.c b/src/lib/libssl/src/apps/rsa.c
new file mode 100644
index 0000000000..267b12b15e
--- /dev/null
+++ b/src/lib/libssl/src/apps/rsa.c
@@ -0,0 +1,303 @@
+/* apps/rsa.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <time.h>
+#include "apps.h"
+#include "bio.h"
+#include "err.h"
+#include "rsa.h"
+#include "evp.h"
+#include "x509.h"
+#include "pem.h"
+
+#undef PROG
+#define PROG rsa_main
+
+/* -inform arg - input format - default PEM (one of DER, NET or PEM)
+ * -outform arg - output format - default PEM
+ * -in arg - input file - default stdin
+ * -out arg - output file - default stdout
+ * -des - encrypt output if PEM format with DES in cbc mode
+ * -des3 - encrypt output if PEM format
+ * -idea - encrypt output if PEM format
+ * -text - print a text version
+ * -modulus - print the RSA key modulus
+ */
+
+int MAIN(argc, argv)
+int argc;
+char **argv;
+ {
+ int ret=1;
+ RSA *rsa=NULL;
+ int i,badops=0;
+ EVP_CIPHER *enc=NULL;
+ BIO *in=NULL,*out=NULL;
+ int informat,outformat,text=0,noout=0;
+ char *infile,*outfile,*prog;
+ int modulus=0;
+
+ apps_startup();
+
+ if (bio_err == NULL)
+ if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+
+ infile=NULL;
+ outfile=NULL;
+ informat=FORMAT_PEM;
+ outformat=FORMAT_PEM;
+
+ prog=argv[0];
+ argc--;
+ argv++;
+ while (argc >= 1)
+ {
+ if (strcmp(*argv,"-inform") == 0)
+ {
+ if (--argc < 1) goto bad;
+ informat=str2fmt(*(++argv));
+ }
+ else if (strcmp(*argv,"-outform") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outformat=str2fmt(*(++argv));
+ }
+ else if (strcmp(*argv,"-in") == 0)
+ {
+ if (--argc < 1) goto bad;
+ infile= *(++argv);
+ }
+ else if (strcmp(*argv,"-out") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-noout") == 0)
+ noout=1;
+ else if (strcmp(*argv,"-text") == 0)
+ text=1;
+ else if (strcmp(*argv,"-modulus") == 0)
+ modulus=1;
+ else if ((enc=EVP_get_cipherbyname(&(argv[0][1]))) == NULL)
+ {
+ BIO_printf(bio_err,"unknown option %s\n",*argv);
+ badops=1;
+ break;
+ }
+ argc--;
+ argv++;
+ }
+
+ if (badops)
+ {
+bad:
+ BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog);
+ BIO_printf(bio_err,"where options are\n");
+ BIO_printf(bio_err," -inform arg input format - one of DER NET PEM\n");
+ BIO_printf(bio_err," -outform arg output format - one of DER NET PEM\n");
+ BIO_printf(bio_err," -in arg inout file\n");
+ BIO_printf(bio_err," -out arg output file\n");
+ BIO_printf(bio_err," -des encrypt PEM output with cbc des\n");
+ BIO_printf(bio_err," -des3 encrypt PEM output with ede cbc des using 168 bit key\n");
+#ifndef NO_IDEA
+ BIO_printf(bio_err," -idea encrypt PEM output with cbc idea\n");
+#endif
+ BIO_printf(bio_err," -text print the key in text\n");
+ BIO_printf(bio_err," -noout don't print key out\n");
+ BIO_printf(bio_err," -modulus print the RSA key modulus\n");
+ goto end;
+ }
+
+ ERR_load_crypto_strings();
+
+ in=BIO_new(BIO_s_file());
+ out=BIO_new(BIO_s_file());
+ if ((in == NULL) || (out == NULL))
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (infile == NULL)
+ BIO_set_fp(in,stdin,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_read_filename(in,infile) <= 0)
+ {
+ perror(infile);
+ goto end;
+ }
+ }
+
+ BIO_printf(bio_err,"read RSA private key\n");
+ if (informat == FORMAT_ASN1)
+ rsa=d2i_RSAPrivateKey_bio(in,NULL);
+#ifndef NO_RC4
+ else if (informat == FORMAT_NETSCAPE)
+ {
+ BUF_MEM *buf=NULL;
+ unsigned char *p;
+ int size=0;
+
+ buf=BUF_MEM_new();
+ for (;;)
+ {
+ if ((buf == NULL) || (!BUF_MEM_grow(buf,size+1024*10)))
+ goto end;
+ i=BIO_read(in,&(buf->data[size]),1024*10);
+ size+=i;
+ if (i == 0) break;
+ if (i < 0)
+ {
+ perror("reading private key");
+ BUF_MEM_free(buf);
+ goto end;
+ }
+ }
+ p=(unsigned char *)buf->data;
+ rsa=(RSA *)d2i_Netscape_RSA(NULL,&p,(long)size,NULL);
+ BUF_MEM_free(buf);
+ }
+#endif
+ else if (informat == FORMAT_PEM)
+ rsa=PEM_read_bio_RSAPrivateKey(in,NULL,NULL);
+ else
+ {
+ BIO_printf(bio_err,"bad input format specified for key\n");
+ goto end;
+ }
+ if (rsa == NULL)
+ {
+ BIO_printf(bio_err,"unable to load Private Key\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (outfile == NULL)
+ BIO_set_fp(out,stdout,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_write_filename(out,outfile) <= 0)
+ {
+ perror(outfile);
+ goto end;
+ }
+ }
+
+ if (text)
+ if (!RSA_print(out,rsa,0))
+ {
+ perror(outfile);
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (modulus)
+ {
+ fprintf(stdout,"Modulus=");
+ BN_print(out,rsa->n);
+ fprintf(stdout,"\n");
+ }
+
+ if (noout) goto end;
+ BIO_printf(bio_err,"writing RSA private key\n");
+ if (outformat == FORMAT_ASN1)
+ i=i2d_RSAPrivateKey_bio(out,rsa);
+#ifndef NO_RC4
+ else if (outformat == FORMAT_NETSCAPE)
+ {
+ unsigned char *p,*pp;
+ int size;
+
+ i=1;
+ size=i2d_Netscape_RSA(rsa,NULL,NULL);
+ if ((p=(unsigned char *)Malloc(size)) == NULL)
+ {
+ BIO_printf(bio_err,"Malloc failure\n");
+ goto end;
+ }
+ pp=p;
+ i2d_Netscape_RSA(rsa,&p,NULL);
+ BIO_write(out,(char *)pp,size);
+ Free(pp);
+ }
+#endif
+ else if (outformat == FORMAT_PEM)
+ i=PEM_write_bio_RSAPrivateKey(out,rsa,enc,NULL,0,NULL);
+ else {
+ BIO_printf(bio_err,"bad output format specified for outfile\n");
+ goto end;
+ }
+ if (!i)
+ {
+ BIO_printf(bio_err,"unable to write private key\n");
+ ERR_print_errors(bio_err);
+ }
+ else
+ ret=0;
+end:
+ if (in != NULL) BIO_free(in);
+ if (out != NULL) BIO_free(out);
+ if (rsa != NULL) RSA_free(rsa);
+ EXIT(ret);
+ }
+
diff --git a/src/lib/libssl/src/apps/rsa8192.pem b/src/lib/libssl/src/apps/rsa8192.pem
new file mode 100644
index 0000000000..946a6e5433
--- /dev/null
+++ b/src/lib/libssl/src/apps/rsa8192.pem
@@ -0,0 +1,101 @@
+-----BEGIN RSA PRIVATE KEY-----
+
+MIISKAIBAAKCBAEAiQ2f1X6Bte1DKD0OoCBKEikzPW+5w3oXk3WwnE97Wxzy6wJZ
+ebbZC3CZKKBnJeBMrysPf+lK+9+fP6Vm8bp1wvbcSIA59BDrX6irFSuM/bdnkbuF
+MFlDjt+uVrxwoyqfPi2IPot1HQg3l5mdyBqcTWvbOnU2L9HZxJfPUCjfzdTMPrMY
+55/A20XL7tlV2opEfwhy3uVlveQBM0DnZ3MUQfrk+lRRNWv7yE4ScbOfER9fjvOm
+yJc3ZbOa3e+AMGGU9OqJ/fyOl0SGYyP2k23omy/idBV4uOs8QWdnAvq8UOzDdua3
+tuf5Tn17XBurPJ8juwyPBNispkwwn8BjxAZVPhwUIcxFBg339IxJ9cW0WdVy4nNA
+LWo/8Ahlf+kZNnFNGCPFytU9gGMLMhab9w/rLrwa9qNe4L8Fmu1JxONn1WfhMOKE
+aFmycf2olJsYLgUIGYZrjnYu0p/7P3yhTOv8JIhmK+SzmA/I0xiQoF84rpaQzH2d
+PvxICOA9oQSowou0gLuBSZWm6LiXirg1DZCziU46v33ErQlWM1dSyNaUSzihcV59
+mVD0nmzboXH75lGiyiZlp8cLbozzoCwvk9rYqpUGSBzbAy0ECCpabGpzO2Ug+oDi
+71e5z4WMpeoR4IS8MaOG/GsJnwaXhiB/gNYfK+8pRADVk5StEAZDE2alSuCbDs0z
+d9zYr4/em5T9VZsLetxRE7pm/Es9yELuViz8/Tm0/8MVdmNYc/xZU1t6qYYFdyQ2
+wlGDTiNPsjR8yXCkmBjKwqnuleu1X6LaZu3VPhEkXGcyFAquQUkSiMv0Yu74qAe0
+bQ2v+jjZzP6AM9LUo89cW4Kd8SGD96BdNlAVPNMXoBcIOsZBwsOtETBd4KAyvkXE
+Ob17u+PLl4UPnSxm9ypKZunUNFRPxtKUyjySYnvlGL+kTjAXrIrZwKJqIn0uhnfa
+Ck3o7bU6yVMK22ODxy2/Vi3E0P6k5JLwnrF0VIOBqGhts66qo6mWDP8l6MZHARFd
+pU+nofssVmr8tLKmMmjYGMM5GmKIXRNBs0ksTwFnKRs9AmpE5owC8tTSVdTAkGuS
+os7QwLvyvNzq7BGJiVr0Iy3Dhsl1vzR35acNOrCsDl3DcCQONKJ2sVXV4pD3dBah
+mG3sR/jHgjasffJJ35uiGoAua9dbT7HG/+D0z1SHYaVqH8zO4VZSOnGJh/P9rtxx
+cckFDbiag/JMWig2lbnCjebTtp/BcUsK3TNaDOb7vb0LvbAeRJadd1EFu6PSlH3K
+LykSUPm4UedvUU3cWjqkSY5lITFJkVaIYOv/EljYtK7p7kFZFTaEwMAWxgsXU3pQ
+tTzVmq1gZ4vXPwcUq0zK50Frq0F7SQc21ZsunwIDAQABAoIEADuQAkDEpBausJsS
+PgL1RXuzECPJJJCBxTE+2qx0FoY4hJICCWTORHGmU8nGPE3Ht0wBiNDsULw6KXl9
+psmzYW6D3qRbpdQebky6fu/KZ5H0XTyGpJGomaXELH5hkwo2gdKB805LSXB+m7p0
+9o96kSdMkpBLVGtf5iZ8W4rY2LsZmlI9f7taQHSLVt/M8HTz1mTnBRU92QO3zZW6
+xVa+OrWaFl18u3ZeIaSh2X40tBK68cqstXVD0r2OWuXNKobcQeJW8/XABzBShZ0c
+ihL0lzyqiN4uXrLu+Nbr22b+FU2OODy6dGk3U6/69NvI4piMCPlHsfhHOnFjd1ZW
+RIVywyUlCtLNdcn11CchuRro+0J3c2Ba+i9Cl9r3qzT11xFEGF8/XLyUBBCB+uGf
+1dR/xJQhCA7cXWWLXyI/semxcvTaGpImP6kiIl1MAjHjXZTSdvyw4JmfXyYGhSjI
+P0mw3Xn7FXxJ/os9gOfNKz2nZHjr0q4sgWRYO+4vllkeL0GteZrg4oVaVpmZb7LH
+77afhodLylhijlEtV5skfkPujbBLQk6E5Ez3U/huEt2NLg6guADmwxMxfBRliZO4
+4Ex/td4cuggpEj3FGJV74qRvdvj/MF/uF7IxC/3WapPIsFBFH4zrJsUYt6u3L68I
+/KC/bfioDeUR/8ANw1DNh+UsnPV3GJIwDkIJKdppi2uXPahJyJQQ8Inps53nn8Gg
+GifS+HnOXNgMoKOJnZ9IDGjXpfjIs8dJNrGfDHF0mH30N2WARq2v/a3cNUC+f8Bq
+HSKQ9YrZopktMunsut8u7ZYbTmjIqJpXCaM0CCrSlzSMTDHFSj2tzLk6+qnxeGxB
+ZwIdShbdeK+0ETG91lE1e9RPQs/uXQP9+uCHJV0YpqQcA6pkCLYJfYpoSMu/Bafy
+AgfVZz6l5tyEnV0wCcbopsQShc1k9xtTbYNF1h9AQHknj6zeDW4iZMvmVeh3RovT
+52OA2R8oLyauF+QaG6x2wUjEx13SJlaBarJZ4seZIOJ+a8+oNzKsbgokXc2cyC9p
+5FAZz1OsOb68o93qD1Xvl7bY97fq2q55L7G1XHPPLtZE5lGiLGDtnAuwY8UPrdpr
+7Mv2yIxB7xVGurXyHb5PvusR88XED6HMPfLBG/55ENHTal7G5mRix+IWSBAIkxA5
+KZ0j8r5Ng4+wELZhqFQai39799bIAyiV6CEz4kyDXlo0kSSexp8o4iz5sPq5vp6h
+cCb7rdRw7uRnbXrHmXahxoB+ibXaurgV/6B2yurrU/UFoxEp2sHp8LXZGfF6ztY1
+dMhSQAACK2vGy5yNagbkTHLgVaHicG5zavJBqzCE+lbPlCqhOUQPdOIwvjHNjdS/
+DL3WV/ECggIBAMbW65wPk/i43nSyeZeYwcHtR1SUJqDXavYfBPC0VRhKz+7DVMFw
+Nwnocn6gITABc445W1yl7U3uww+LGuDlSlFnd8WuiXpVYud9/jeNu6Mu4wvNsnWr
+f4f4ua8CcS03GmqmcbROD2Z6by1AblCZ2UL1kv9cUX1FLVjPP1ESAGKoePt3BmZQ
+J1uJfK8HilNT8dcUlj/5CBi2uHxttDhoG0sxXE/SVsG9OD/Pjme0mj7gdzc6Ztd+
+TALuvpNQR4pRzfo5XWDZBcEYntcEE3PxYJB1+vnZ8509ew5/yLHTbLjFxIcx71zY
+fhH0gM36Sz7mz37r0+E/QkRkc5bVIDC4LDnWmjpAde6QUx0d218ShNx6sJo4kt5c
+Dd7tEVx8nuX8AIZYgwsOb382anLyFRkkmEdK3gRvwQ6SWR36Ez5L7/mHWODpLAX5
+mVBKSG4/ccFbc633/g0xHw0Nwajir/klckdakuYPlwF0yAxJSKDLhmNctDhRmxjC
+YP+fISkl5oTvFRzJH6HEyNu8M3ybRvmpPIjM5J5JpnB2IYbohYBR+T6/97C1DKrd
+mzL5PjlrWm0c1/d7LlDoP65fOShDMmj2zCiBAHHOM0Alokx+v5LmMd8NJumZIwGJ
+Rt5OpeMOhowz6j1AjYxYgV7PmJL6Ovpfb775od/aLaUbbwHz2uWIvfF7AoICAQCw
+c7NaO7oJVLJClhYw6OCvjT6oqtgNVWaennnDiJgzY9lv5HEgV0MAG0eYuB3hvj+w
+Y1P9DJxP1D+R+cshYrAFg8yU/3kaYVNI0Bl3ygX0eW1b/0HZTdocs+8kM/9PZQDR
+WrKQoU5lHvqRt99dXlD4NWGI2YQtzdZ8iet9QLqnjwRZabgE96mF01qKisMnFcsh
+KjT7ieheU4J15TZj/mdZRNK126d7e3q/rNj73e5EJ9tkYLcolSr4gpknUMJULSEi
+JH1/Qx7C/mTAMRsN5SkOthnGq0djCNWfPv/3JV0H67Uf5krFlnwLebrgfTYoPPdo
+yO7iBUNJzv6Qh22malLp4P8gzACkD7DGlSTnoB5cLwcjmDGg+i9WrUBbOiVTeQfZ
+kOj1o+Tz35ndpq/DDUVlqliB9krcxva+QHeJPH53EGI+YVg1nD+s/vUDZ3mQMGX9
+DQou2L8uU6RnWNv/BihGcL8QvS4Ty6QyPOUPpD3zc70JQAEcQk9BxQNaELgJX0IN
+22cYn22tYvElew9G41OpDqzBRcfbdJmKXQ2HcroShutYJQRGUpAXHk24fy6JVkIU
+ojF5U6cwextMja1ZIIZgh9eugIRUeIE7319nQNDzuXWjRCcoBLA25P7wnpHWDRpz
+D9ovXCIvdja74lL5psqobV6L5+fbLPkSgXoImKR0LQKCAgAIC9Jk8kxumCyIVGCP
+PeM5Uby9M3GMuKrfYsn0Y5e97+kSJF1dpojTodBgR2KQar6eVrvXt+8uZCcIjfx8
+dUrYmHNEUJfHl4T1ESgkX1vkcpVFeQFruZDjk7EP3+1sgvpSroGTZkVBRFsTXbQZ
+FuCv0Pgt1TKG+zGmklxhj3TsiRy8MEjWAxBUp++ftZJnZNI4feDGnfEx7tLwVhAg
+6DWSiWDO6hgQpvOLwX5lu+0x9itc1MQsnDO/OqIDnBAJDN5k7cVVkfKlqbVjxgpz
+eqUJs3yAd81f44kDQTCB4ahYocgeIGsrOqd/WoGL1EEPPo/O9wQP7VtlIRt8UwuG
+bS18+a4sBUfAa56xYu/pnPo7YcubsgZfcSIujzFQqMpVTClJRnOnEuJ4J1+PXzRz
+XAO9fs4VJ+CMEmgAyonUz4Xadxulnknlw//sO9VKgM69oFHCDHL/XamAAbqAdwvf
+7R/+uy+Ol7romC0wMhb6SsIZazrvvH2mNtduAKZ638nAP1x/WbQp+6iVG7yJok7w
+82Q7tO7baOePTXh12Rrt4mNPor0HLYxhra4GFgfqkumJ2Mz0esuZAozxJXFOq8ly
+beo9CVtXP5zbT6qNpeNismX6PLICaev8t+1iOZSE56WSLtefuuj/cOVrTMNDz1Rr
+pUkEVV2zjUSjlcScM538A9iL2QKCAgBLbBk0r6T0ihRsK9UucMxhnYEz/Vq+UEu9
+70Vi1AciqEJv9nh4d3Q3HnH7EHANZxG4Jqzm1DYYVUQa9GfkTFeq88xFv/GW2hUM
+YY8RSfRDrIeXNEOETCe37x2AHw25dRXlZtw+wARPau91y9+Y/FCl18NqCHfcUEin
+ERjsf/eI2bPlODAlR2tZvZ7M60VBdqpN8cmV3zvI3e88z43xLfQlDyr1+v7a5Evy
+lEJnXlSTI2o+vKxtl103vjMSwA1gh63K90gBVsJWXQDZueOzi8mB9UqNRfcMmOEe
+4YHttTXPxeu0x+4cCRfam9zKShsVFgI28vRQ/ijl6qmbQ5gV8wqf18GV1j1L4z0P
+lP6iVynDA4MMrug/w9DqPsHsfK0pwekeETfSj4y0xVXyjWZBfHG2ZBrS6mDTf+RG
+LC4sJgR0hjdILLnUqIX7PzuhieBHRrjBcopwvcryVWRHnI7kslAS0+yHjiWc5oW3
+x5mtlum4HzelNYuD9cAE/95P6CeSMfp9CyIE/KSX4VvsRm6gQVkoQRKMxnQIFQ3w
+O5gl1l88vhjoo2HxYScgCp70BsDwiUNTqIR3NM+ZBHYFweVf3Gwz5LzHZT2rEZtD
+6VXRP75Q/2wOLnqCO4bK4BUs6sqxcQZmOldruPkPynrY0oPfHHExjxZDvQu4/r80
+Ls3n0L8yvQKCAgEAnYWS6EikwaQNpJEfiUnOlglgFz4EE1eVkrDbBY4J3oPU+doz
+DrqmsvgpSZIAfd2MUbkN4pOMsMTjbeIYWDnZDa1RoctKs3FhwFPHwAjQpznab4mn
+Bp81FMHM40qyb0NaNuFRwghdXvoQvBBX1p8oEnFzDRvTiuS/vTPTA8KDY8IeRp8R
+oGzKHpfziNwq/URpqj7pwi9odNjGZvR2IwYw9jCLPIqaEbMoSOdI0mg4MoYyqP4q
+nm7d4wqSDwrYxiXZ6f3nYpkhEY1lb0Wbksp1ig8sKSF4nDZRGK1RSfE+6gjBp94H
+X/Wog6Zb6NC9ZpusTiDLvuIUXcyUJvmHiWjSNqiTv8jurlwEsgSwhziEQfqLrtdV
+QI3PRMolBkD1iCk+HFE53r05LMf1bp3r4MS+naaQrLbIrl1kgDNGwVdgS+SCM7Bg
+TwEgE67iOb2iIoUpon/NyP4LesMzvdpsu2JFlfz13PmmQ34mFI7tWvOb3NA5DP3c
+46C6SaWI0TD9B11nJbHGTYN3Si9n0EBgoDJEXUKeh3km9O47dgvkSug4WzhYsvrE
+rMlMLtKfp2w8HlMZpsUlToNCx6CI+tJrohzcs3BAVAbjFAXRKWGijB1rxwyDdHPv
+I+/wJTNaRNPQ1M0SwtEL/zJd21y3KSPn4eL+GP3efhlDSjtlDvZqkdAUsU8=
+-----END RSA PRIVATE KEY-----
+
diff --git a/src/lib/libssl/src/apps/s1024key.pem b/src/lib/libssl/src/apps/s1024key.pem
new file mode 100644
index 0000000000..19e0403572
--- /dev/null
+++ b/src/lib/libssl/src/apps/s1024key.pem
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXgIBAAKBgQCzEfU8E+ZGTGtHXV5XhvM2Lg32fXUIjydXb34BGVPX6oN7+aNV
+S9eWayvW/+9/vUb0aCqilJrpFesgItV2T8VhhjOE++XUz46uNpcMU7wHMEAXUufP
+pztpFm8ZEk2tFKvadkSSoN8lb11juvZVkSkPlB65pFhSe4QKSp6J4HrkYwIDAQAB
+AoGBAKy8jvb0Lzby8q11yNLf7+78wCVdYi7ugMHcYA1JVFK8+zb1WfSm44FLQo/0
+dSChAjgz36TTexeLODPYxleJndjVcOMVzsLJjSM8dLpXsTS4FCeMbhw2s2u+xqKY
+bbPWfk+HOTyJjfnkcC5Nbg44eOmruq0gSmBeUXVM5UntlTnxAkEA7TGCA3h7kx5E
+Bl4zl2pc3gPAGt+dyfk5Po9mGJUUXhF5p2zueGmYWW74TmOWB1kzt4QRdYMzFePq
+zfDNXEa1CwJBAMFErdY0xp0UJ13WwBbUTk8rujqQdHtjw0klhpbuKkjxu2hN0wwM
+6p0D9qxF7JHaghqVRI0fAW/EE0OzdHMR9QkCQQDNR26dMFXKsoPu+vItljj/UEGf
+QG7gERiQ4yxaFBPHgdpGo0kT31eh9x9hQGDkxTe0GNG/YSgCRvm8+C3TMcKXAkBD
+dhGn36wkUFCddMSAM4NSJ1VN8/Z0y5HzCmI8dM3VwGtGMUQlxKxwOl30LEQzdS5M
+0SWojNYXiT2gOBfBwtbhAkEAhafl5QEOIgUz+XazS/IlZ8goNKdDVfYgK3mHHjvv
+nY5G+AuGebdNkXJr4KSWxDcN+C2i47zuj4QXA16MAOandA==
+-----END RSA PRIVATE KEY-----
diff --git a/src/lib/libssl/src/apps/s1024req.pem b/src/lib/libssl/src/apps/s1024req.pem
new file mode 100644
index 0000000000..bb75e7eeb7
--- /dev/null
+++ b/src/lib/libssl/src/apps/s1024req.pem
@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBojCCAQsCAQAwZDELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQx
+GjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMSQwIgYDVQQDExtTZXJ2ZXIgdGVz
+dCBjZXJ0ICgxMDI0IGJpdCkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALMR
+9TwT5kZMa0ddXleG8zYuDfZ9dQiPJ1dvfgEZU9fqg3v5o1VL15ZrK9b/73+9RvRo
+KqKUmukV6yAi1XZPxWGGM4T75dTPjq42lwxTvAcwQBdS58+nO2kWbxkSTa0Uq9p2
+RJKg3yVvXWO69lWRKQ+UHrmkWFJ7hApKnongeuRjAgMBAAEwDQYJKoZIhvcNAQEE
+BQADgYEAStHlk4pBbwiNeQ2/PKTPPXzITYC8Gn0XMbrU94e/6JIKiO7aArq9Espq
+nrBSvC14dHcNl6NNvnkEKdQ7hAkcACfBbnOXA/oQvMBd4GD78cH3k0jVDoVUEjil
+frLfWlckW6WzpTktt0ZPDdAjJCmKVh0ABHimi7Bo9FC3wIGIe5M=
+-----END CERTIFICATE REQUEST-----
diff --git a/src/lib/libssl/src/apps/s512-key.pem b/src/lib/libssl/src/apps/s512-key.pem
new file mode 100644
index 0000000000..0e3ff2d373
--- /dev/null
+++ b/src/lib/libssl/src/apps/s512-key.pem
@@ -0,0 +1,9 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIBPAIBAAJBAJ+zw4Qnlf8SMVIPFe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVD
+TGiXav6ooKXfX3j/7tdkuD8Ey2//Kv7+ue0CAwEAAQJAN6W31vDEP2DjdqhzCDDu
+OA4NACqoiFqyblo7yc2tM4h4xMbC3Yx5UKMN9ZkCtX0gzrz6DyF47bdKcWBzNWCj
+gQIhANEoojVt7hq+SQ6MCN6FTAysGgQf56Q3TYoJMoWvdiXVAiEAw3e3rc+VJpOz
+rHuDo6bgpjUAAXM+v3fcpsfZSNO6V7kCIQCtbVjanpUwvZkMI9by02oUk9taki3b
+PzPfAfNPYAbCJQIhAJXNQDWyqwn/lGmR11cqY2y9nZ1+5w3yHGatLrcDnQHxAiEA
+vnlEGo8K85u+KwIOimM48ZG8oTk7iFdkqLJR1utT3aU=
+-----END RSA PRIVATE KEY-----
diff --git a/src/lib/libssl/src/apps/s512-req.pem b/src/lib/libssl/src/apps/s512-req.pem
new file mode 100644
index 0000000000..ea314be555
--- /dev/null
+++ b/src/lib/libssl/src/apps/s512-req.pem
@@ -0,0 +1,8 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBGzCBxgIBADBjMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEa
+MBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxIzAhBgNVBAMTGlNlcnZlciB0ZXN0
+IGNlcnQgKDUxMiBiaXQpMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJ+zw4Qnlf8S
+MVIPFe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVDTGiXav6ooKXfX3j/7tdkuD8E
+y2//Kv7+ue0CAwEAATANBgkqhkiG9w0BAQQFAANBAAB+uQi+qwn6qRSHB8EUTvsm
+5TNTHzYDeN39nyIbZNX2s0se3Srn2Bxft5YCwD3moFZ9QoyDHxE0h6qLX5yjD+8=
+-----END CERTIFICATE REQUEST-----
diff --git a/src/lib/libssl/src/apps/s_apps.h b/src/lib/libssl/src/apps/s_apps.h
new file mode 100644
index 0000000000..ba320946be
--- /dev/null
+++ b/src/lib/libssl/src/apps/s_apps.h
@@ -0,0 +1,119 @@
+/* apps/s_apps.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#define PORT 4433
+#define PORT_STR "4433"
+#define PROTOCOL "tcp"
+
+#ifndef NOPROTO
+int do_accept(int acc_sock, int *sock, char **host);
+int do_server(int port, int *ret, int (*cb) ());
+#ifdef HEADER_X509_H
+int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
+#else
+int MS_CALLBACK verify_callback(int ok, char *ctx);
+#endif
+#ifdef HEADER_SSL_H
+int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file);
+#else
+int set_cert_stuff(char *ctx, char *cert_file, char *key_file);
+#endif
+int init_client(int *sock, char *server, int port);
+int init_client_ip(int *sock,unsigned char ip[4], int port);
+int nbio_init_client_ip(int *sock,unsigned char ip[4], int port);
+int nbio_sock_error(int sock);
+int spawn(int argc, char **argv, int *in, int *out);
+int init_server(int *sock, int port);
+int init_server_long(int *sock, int port,char *ip);
+int should_retry(int i);
+void sock_cleanup(void );
+int extract_port(char *str, short *port_ptr);
+int extract_host_port(char *str,char **host_ptr,unsigned char *ip,short *p);
+int host_ip(char *str, unsigned char ip[4]);
+
+long MS_CALLBACK bio_dump_cb(BIO *bio, int cmd, char *argp,
+ int argi, long argl, long ret);
+
+#ifdef HEADER_SSL_H
+void MS_CALLBACK apps_ssl_info_callback(SSL *s, int where, int ret);
+#else
+void MS_CALLBACK apps_ssl_info_callback(char *s, int where, int ret);
+#endif
+
+#else
+int do_accept();
+int do_server();
+int MS_CALLBACK verify_callback();
+int set_cert_stuff();
+int init_client();
+int init_client_ip();
+int nbio_init_client_ip();
+int nbio_sock_error();
+int spawn();
+int init_server();
+int should_retry();
+void sock_cleanup();
+int extract_port();
+int extract_host_port();
+int host_ip();
+
+long MS_CALLBACK bio_dump_cb();
+void MS_CALLBACK apps_ssl_info_callback();
+
+#endif
+
diff --git a/src/lib/libssl/src/apps/s_cb.c b/src/lib/libssl/src/apps/s_cb.c
new file mode 100644
index 0000000000..cd086bb93e
--- /dev/null
+++ b/src/lib/libssl/src/apps/s_cb.c
@@ -0,0 +1,242 @@
+/* apps/s_cb.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#define USE_SOCKETS
+#define NON_MAIN
+#include "apps.h"
+#undef NON_MAIN
+#undef USE_SOCKETS
+#include "err.h"
+#include "x509.h"
+#include "ssl.h"
+#include "s_apps.h"
+
+int verify_depth=0;
+int verify_error=X509_V_OK;
+
+int MS_CALLBACK verify_callback(ok, ctx)
+int ok;
+X509_STORE_CTX *ctx;
+ {
+ char buf[256];
+ X509 *err_cert;
+ int err,depth;
+
+ err_cert=X509_STORE_CTX_get_current_cert(ctx);
+ err= X509_STORE_CTX_get_error(ctx);
+ depth= X509_STORE_CTX_get_error_depth(ctx);
+
+ X509_NAME_oneline(X509_get_subject_name(err_cert),buf,256);
+ BIO_printf(bio_err,"depth=%d %s\n",depth,buf);
+ if (!ok)
+ {
+ BIO_printf(bio_err,"verify error:num=%d:%s\n",err,
+ X509_verify_cert_error_string(err));
+ if (verify_depth >= depth)
+ {
+ ok=1;
+ verify_error=X509_V_OK;
+ }
+ else
+ {
+ ok=0;
+ verify_error=X509_V_ERR_CERT_CHAIN_TOO_LONG;
+ }
+ }
+ switch (ctx->error)
+ {
+ case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
+ X509_NAME_oneline(X509_get_issuer_name(ctx->current_cert),buf,256);
+ BIO_printf(bio_err,"issuer= %s\n",buf);
+ break;
+ case X509_V_ERR_CERT_NOT_YET_VALID:
+ case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
+ BIO_printf(bio_err,"notBefore=");
+ ASN1_UTCTIME_print(bio_err,X509_get_notBefore(ctx->current_cert));
+ BIO_printf(bio_err,"\n");
+ break;
+ case X509_V_ERR_CERT_HAS_EXPIRED:
+ case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
+ BIO_printf(bio_err,"notAfter=");
+ ASN1_UTCTIME_print(bio_err,X509_get_notAfter(ctx->current_cert));
+ BIO_printf(bio_err,"\n");
+ break;
+ }
+ BIO_printf(bio_err,"verify return:%d\n",ok);
+ return(ok);
+ }
+
+int set_cert_stuff(ctx, cert_file, key_file)
+SSL_CTX *ctx;
+char *cert_file;
+char *key_file;
+ {
+ if (cert_file != NULL)
+ {
+ SSL *ssl;
+ X509 *x509;
+
+ if (SSL_CTX_use_certificate_file(ctx,cert_file,
+ SSL_FILETYPE_PEM) <= 0)
+ {
+ BIO_printf(bio_err,"unable to get certificate from '%s'\n",cert_file);
+ ERR_print_errors(bio_err);
+ return(0);
+ }
+ if (key_file == NULL) key_file=cert_file;
+ if (SSL_CTX_use_PrivateKey_file(ctx,key_file,
+ SSL_FILETYPE_PEM) <= 0)
+ {
+ BIO_printf(bio_err,"unable to get private key from '%s'\n",key_file);
+ ERR_print_errors(bio_err);
+ return(0);
+ }
+
+ ssl=SSL_new(ctx);
+ x509=SSL_get_certificate(ssl);
+
+ if (x509 != NULL)
+ EVP_PKEY_copy_parameters(X509_get_pubkey(x509),
+ SSL_get_privatekey(ssl));
+ SSL_free(ssl);
+
+ /* If we are using DSA, we can copy the parameters from
+ * the private key */
+
+
+ /* Now we know that a key and cert have been set against
+ * the SSL context */
+ if (!SSL_CTX_check_private_key(ctx))
+ {
+ BIO_printf(bio_err,"Private key does not match the certificate public key\n");
+ return(0);
+ }
+ }
+ return(1);
+ }
+
+long MS_CALLBACK bio_dump_cb(bio,cmd,argp,argi,argl,ret)
+BIO *bio;
+int cmd;
+char *argp;
+int argi;
+long argl;
+long ret;
+ {
+ BIO *out;
+
+ out=(BIO *)BIO_get_callback_arg(bio);
+ if (out == NULL) return(ret);
+
+ if (cmd == (BIO_CB_READ|BIO_CB_RETURN))
+ {
+ BIO_printf(out,"read from %08X [%08lX] (%d bytes => %ld (0x%X))\n",
+ bio,argp,argi,ret,ret);
+ BIO_dump(out,argp,(int)ret);
+ return(ret);
+ }
+ else if (cmd == (BIO_CB_WRITE|BIO_CB_RETURN))
+ {
+ BIO_printf(out,"write to %08X [%08lX] (%d bytes => %ld (0x%X))\n",
+ bio,argp,argi,ret,ret);
+ BIO_dump(out,argp,(int)ret);
+ }
+ return(ret);
+ }
+
+void MS_CALLBACK apps_ssl_info_callback(s,where,ret)
+SSL *s;
+int where;
+int ret;
+ {
+ char *str;
+ int w;
+
+ w=where& ~SSL_ST_MASK;
+
+ if (w & SSL_ST_CONNECT) str="SSL_connect";
+ else if (w & SSL_ST_ACCEPT) str="SSL_accept";
+ else str="undefined";
+
+ if (where & SSL_CB_LOOP)
+ {
+ BIO_printf(bio_err,"%s:%s\n",str,SSL_state_string_long(s));
+ }
+ else if (where & SSL_CB_ALERT)
+ {
+ str=(where & SSL_CB_READ)?"read":"write";
+ BIO_printf(bio_err,"SSL3 alert %s:%s:%s\n",
+ str,
+ SSL_alert_type_string_long(ret),
+ SSL_alert_desc_string_long(ret));
+ }
+ else if (where & SSL_CB_EXIT)
+ {
+ if (ret == 0)
+ BIO_printf(bio_err,"%s:failed in %s\n",
+ str,SSL_state_string_long(s));
+ else if (ret < 0)
+ {
+ BIO_printf(bio_err,"%s:error in %s\n",
+ str,SSL_state_string_long(s));
+ }
+ }
+ }
+
diff --git a/src/lib/libssl/src/apps/s_client.c b/src/lib/libssl/src/apps/s_client.c
new file mode 100644
index 0000000000..e783eb723c
--- /dev/null
+++ b/src/lib/libssl/src/apps/s_client.c
@@ -0,0 +1,746 @@
+/* apps/s_client.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#define USE_SOCKETS
+#ifdef NO_STDIO
+#define APPS_WIN16
+#endif
+#include "apps.h"
+#include "x509.h"
+#include "ssl.h"
+#include "err.h"
+#include "pem.h"
+#include "s_apps.h"
+
+#undef PROG
+#define PROG s_client_main
+
+/*#define SSL_HOST_NAME "www.netscape.com" */
+/*#define SSL_HOST_NAME "193.118.187.102" */
+#define SSL_HOST_NAME "localhost"
+
+/*#define TEST_CERT "client.pem" */ /* no default cert. */
+
+#undef BUFSIZZ
+#define BUFSIZZ 1024*8
+
+extern int verify_depth;
+extern int verify_error;
+
+#ifdef FIONBIO
+static int c_nbio=0;
+#endif
+static int c_Pause=0;
+static int c_debug=0;
+
+#ifndef NOPROTO
+static void sc_usage(void);
+static void print_stuff(BIO *berr,SSL *con,int full);
+#else
+static void sc_usage();
+static void print_stuff();
+#endif
+
+static BIO *bio_c_out=NULL;
+static int c_quiet=0;
+
+static void sc_usage()
+ {
+ BIO_printf(bio_err,"usage: client args\n");
+ BIO_printf(bio_err,"\n");
+ BIO_printf(bio_err," -host host - use -connect instead\n");
+ BIO_printf(bio_err," -port port - use -connect instead\n");
+ BIO_printf(bio_err," -connect host:port - who to connect to (default is %s:%s)\n",SSL_HOST_NAME,PORT_STR);
+
+ BIO_printf(bio_err," -verify arg - turn on peer certificate verification\n");
+ BIO_printf(bio_err," -cert arg - certificate file to use, PEM format assumed\n");
+ BIO_printf(bio_err," -key arg - Private key file to use, PEM format assumed, in cert file if\n");
+ BIO_printf(bio_err," not specified but cert file is.\n");
+ BIO_printf(bio_err," -CApath arg - PEM format directory of CA's\n");
+ BIO_printf(bio_err," -CAfile arg - PEM format file of CA's\n");
+ BIO_printf(bio_err," -reconnect - Drop and re-make the connection with the same Session-ID\n");
+ BIO_printf(bio_err," -pause - sleep(1) after each read(2) and write(2) system call\n");
+ BIO_printf(bio_err," -debug - extra output\n");
+ BIO_printf(bio_err," -nbio_test - more ssl protocol testing\n");
+ BIO_printf(bio_err," -state - print the 'ssl' states\n");
+#ifdef FIONBIO
+ BIO_printf(bio_err," -nbio - Run with non-blocking IO\n");
+#endif
+ BIO_printf(bio_err," -quiet - no s_client output\n");
+ BIO_printf(bio_err," -ssl2 - just use SSLv2\n");
+ BIO_printf(bio_err," -ssl3 - just use SSLv3\n");
+ BIO_printf(bio_err," -tls1 - just use TLSv1\n");
+ BIO_printf(bio_err," -no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol\n");
+ BIO_printf(bio_err," -bugs - Switch on all SSL implementation bug workarounds\n");
+ BIO_printf(bio_err," -cipher - prefered cipher to use, use the 'ssleay ciphers'\n");
+ BIO_printf(bio_err," command to se what is available\n");
+
+ }
+
+int MAIN(argc, argv)
+int argc;
+char **argv;
+ {
+ int off=0;
+ SSL *con=NULL,*con2=NULL;
+ int s,k,width,state=0;
+ char *cbuf=NULL,*sbuf=NULL;
+ int cbuf_len,cbuf_off;
+ int sbuf_len,sbuf_off;
+ fd_set readfds,writefds;
+ short port=PORT;
+ int full_log=1;
+ char *host=SSL_HOST_NAME;
+ char *cert_file=NULL,*key_file=NULL;
+ char *CApath=NULL,*CAfile=NULL,*cipher=NULL;
+ int reconnect=0,badop=0,verify=SSL_VERIFY_NONE,bugs=0;
+ int write_tty,read_tty,write_ssl,read_ssl,tty_on;
+ SSL_CTX *ctx=NULL;
+ int ret=1,in_init=1,i,nbio_test=0;
+ SSL_METHOD *meth=NULL;
+ BIO *sbio;
+ /*static struct timeval timeout={10,0};*/
+
+#if !defined(NO_SSL2) && !defined(NO_SSL3)
+ meth=SSLv23_client_method();
+#elif !defined(NO_SSL3)
+ meth=SSLv3_client_method();
+#elif !defined(NO_SSL2)
+ meth=SSLv2_client_method();
+#endif
+
+ apps_startup();
+ c_Pause=0;
+ c_quiet=0;
+ c_debug=0;
+
+ if (bio_err == NULL)
+ bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
+
+ if ( ((cbuf=Malloc(BUFSIZZ)) == NULL) ||
+ ((sbuf=Malloc(BUFSIZZ)) == NULL))
+ {
+ BIO_printf(bio_err,"out of memory\n");
+ goto end;
+ }
+
+ verify_depth=0;
+ verify_error=X509_V_OK;
+#ifdef FIONBIO
+ c_nbio=0;
+#endif
+
+ argc--;
+ argv++;
+ while (argc >= 1)
+ {
+ if (strcmp(*argv,"-host") == 0)
+ {
+ if (--argc < 1) goto bad;
+ host= *(++argv);
+ }
+ else if (strcmp(*argv,"-port") == 0)
+ {
+ if (--argc < 1) goto bad;
+ port=atoi(*(++argv));
+ if (port == 0) goto bad;
+ }
+ else if (strcmp(*argv,"-connect") == 0)
+ {
+ if (--argc < 1) goto bad;
+ if (!extract_host_port(*(++argv),&host,NULL,&port))
+ goto bad;
+ }
+ else if (strcmp(*argv,"-verify") == 0)
+ {
+ verify=SSL_VERIFY_PEER;
+ if (--argc < 1) goto bad;
+ verify_depth=atoi(*(++argv));
+ BIO_printf(bio_err,"verify depth is %d\n",verify_depth);
+ }
+ else if (strcmp(*argv,"-cert") == 0)
+ {
+ if (--argc < 1) goto bad;
+ cert_file= *(++argv);
+ }
+ else if (strcmp(*argv,"-quiet") == 0)
+ c_quiet=1;
+ else if (strcmp(*argv,"-pause") == 0)
+ c_Pause=1;
+ else if (strcmp(*argv,"-debug") == 0)
+ c_debug=1;
+ else if (strcmp(*argv,"-nbio_test") == 0)
+ nbio_test=1;
+ else if (strcmp(*argv,"-state") == 0)
+ state=1;
+#ifndef NO_SSL2
+ else if (strcmp(*argv,"-ssl2") == 0)
+ meth=SSLv2_client_method();
+#endif
+#ifndef NO_SSL3
+ else if (strcmp(*argv,"-ssl3") == 0)
+ meth=SSLv3_client_method();
+#endif
+#ifndef NO_TLS1
+ else if (strcmp(*argv,"-tls1") == 0)
+ meth=TLSv1_client_method();
+#endif
+ else if (strcmp(*argv,"-bugs") == 0)
+ bugs=1;
+ else if (strcmp(*argv,"-key") == 0)
+ {
+ if (--argc < 1) goto bad;
+ key_file= *(++argv);
+ }
+ else if (strcmp(*argv,"-reconnect") == 0)
+ {
+ reconnect=5;
+ }
+ else if (strcmp(*argv,"-CApath") == 0)
+ {
+ if (--argc < 1) goto bad;
+ CApath= *(++argv);
+ }
+ else if (strcmp(*argv,"-CAfile") == 0)
+ {
+ if (--argc < 1) goto bad;
+ CAfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-no_tls1") == 0)
+ off|=SSL_OP_NO_TLSv1;
+ else if (strcmp(*argv,"-no_ssl3") == 0)
+ off|=SSL_OP_NO_SSLv3;
+ else if (strcmp(*argv,"-no_ssl2") == 0)
+ off|=SSL_OP_NO_SSLv2;
+ else if (strcmp(*argv,"-cipher") == 0)
+ {
+ if (--argc < 1) goto bad;
+ cipher= *(++argv);
+ }
+#ifdef FIONBIO
+ else if (strcmp(*argv,"-nbio") == 0)
+ { c_nbio=1; }
+#endif
+ else
+ {
+ BIO_printf(bio_err,"unknown option %s\n",*argv);
+ badop=1;
+ break;
+ }
+ argc--;
+ argv++;
+ }
+ if (badop)
+ {
+bad:
+ sc_usage();
+ goto end;
+ }
+
+ if (bio_c_out == NULL)
+ {
+ if (c_quiet)
+ {
+ bio_c_out=BIO_new(BIO_s_null());
+ }
+ else
+ {
+ if (bio_c_out == NULL)
+ bio_c_out=BIO_new_fp(stdout,BIO_NOCLOSE);
+ }
+ }
+
+ SSLeay_add_ssl_algorithms();
+ ctx=SSL_CTX_new(meth);
+ if (ctx == NULL)
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (bugs)
+ SSL_CTX_set_options(ctx,SSL_OP_ALL|off);
+ else
+ SSL_CTX_set_options(ctx,off);
+
+ if (state) SSL_CTX_set_info_callback(ctx,apps_ssl_info_callback);
+ if (cipher != NULL)
+ SSL_CTX_set_cipher_list(ctx,cipher);
+#if 0
+ else
+ SSL_CTX_set_cipher_list(ctx,getenv("SSL_CIPHER"));
+#endif
+
+ SSL_CTX_set_verify(ctx,verify,verify_callback);
+ if (!set_cert_stuff(ctx,cert_file,key_file))
+ goto end;
+
+ if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) ||
+ (!SSL_CTX_set_default_verify_paths(ctx)))
+ {
+ /* BIO_printf(bio_err,"error seting default verify locations\n"); */
+ ERR_print_errors(bio_err);
+ /* goto end; */
+ }
+
+ SSL_load_error_strings();
+
+ con=(SSL *)SSL_new(ctx);
+/* SSL_set_cipher_list(con,"RC4-MD5"); */
+
+re_start:
+
+ if (init_client(&s,host,port) == 0)
+ {
+ BIO_printf(bio_err,"connect:errno=%d\n",get_last_socket_error());
+ SHUTDOWN(s);
+ goto end;
+ }
+ BIO_printf(bio_c_out,"CONNECTED(%08X)\n",s);
+
+#ifdef FIONBIO
+ if (c_nbio)
+ {
+ unsigned long l=1;
+ BIO_printf(bio_c_out,"turning on non blocking io\n");
+ if (BIO_socket_ioctl(s,FIONBIO,&l) < 0)
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ }
+#endif
+ if (c_Pause & 0x01) con->debug=1;
+ sbio=BIO_new_socket(s,BIO_NOCLOSE);
+
+ if (nbio_test)
+ {
+ BIO *test;
+
+ test=BIO_new(BIO_f_nbio_test());
+ sbio=BIO_push(test,sbio);
+ }
+
+ if (c_debug)
+ {
+ con->debug=1;
+ BIO_set_callback(sbio,bio_dump_cb);
+ BIO_set_callback_arg(sbio,bio_c_out);
+ }
+
+ SSL_set_bio(con,sbio,sbio);
+ SSL_set_connect_state(con);
+
+ /* ok, lets connect */
+ width=SSL_get_fd(con)+1;
+
+ read_tty=1;
+ write_tty=0;
+ tty_on=0;
+ read_ssl=1;
+ write_ssl=1;
+
+ cbuf_len=0;
+ cbuf_off=0;
+ sbuf_len=0;
+ sbuf_off=0;
+
+ for (;;)
+ {
+ FD_ZERO(&readfds);
+ FD_ZERO(&writefds);
+
+ if (SSL_in_init(con) && !SSL_total_renegotiations(con))
+ {
+ in_init=1;
+ tty_on=0;
+ }
+ else
+ {
+ tty_on=1;
+ if (in_init)
+ {
+ in_init=0;
+ print_stuff(bio_c_out,con,full_log);
+ if (full_log > 0) full_log--;
+
+ if (reconnect)
+ {
+ reconnect--;
+ BIO_printf(bio_c_out,"drop connection and then reconnect\n");
+ SSL_shutdown(con);
+ SSL_set_connect_state(con);
+ SHUTDOWN(SSL_get_fd(con));
+ goto re_start;
+ }
+ }
+ }
+
+#ifndef WINDOWS
+ if (tty_on)
+ {
+ if (read_tty) FD_SET(fileno(stdin),&readfds);
+ if (write_tty) FD_SET(fileno(stdout),&writefds);
+ }
+#endif
+ if (read_ssl)
+ FD_SET(SSL_get_fd(con),&readfds);
+ if (write_ssl)
+ FD_SET(SSL_get_fd(con),&writefds);
+
+/* printf("mode tty(%d %d%d) ssl(%d%d)\n",
+ tty_on,read_tty,write_tty,read_ssl,write_ssl);*/
+
+ i=select(width,&readfds,&writefds,NULL,NULL);
+ if ( i < 0)
+ {
+ BIO_printf(bio_err,"bad select %d\n",
+ get_last_socket_error());
+ goto shut;
+ /* goto end; */
+ }
+
+ if (FD_ISSET(SSL_get_fd(con),&writefds))
+ {
+ k=SSL_write(con,&(cbuf[cbuf_off]),
+ (unsigned int)cbuf_len);
+ switch (SSL_get_error(con,k))
+ {
+ case SSL_ERROR_NONE:
+ cbuf_off+=k;
+ cbuf_len-=k;
+ if (k <= 0) goto end;
+ /* we have done a write(con,NULL,0); */
+ if (cbuf_len <= 0)
+ {
+ read_tty=1;
+ write_ssl=0;
+ }
+ else /* if (cbuf_len > 0) */
+ {
+ read_tty=0;
+ write_ssl=1;
+ }
+ break;
+ case SSL_ERROR_WANT_WRITE:
+ BIO_printf(bio_c_out,"write W BLOCK\n");
+ write_ssl=1;
+ read_tty=0;
+ break;
+ case SSL_ERROR_WANT_READ:
+ BIO_printf(bio_c_out,"write R BLOCK\n");
+ write_tty=0;
+ read_ssl=1;
+ write_ssl=0;
+ break;
+ case SSL_ERROR_WANT_X509_LOOKUP:
+ BIO_printf(bio_c_out,"write X BLOCK\n");
+ break;
+ case SSL_ERROR_ZERO_RETURN:
+ if (cbuf_len != 0)
+ {
+ BIO_printf(bio_c_out,"shutdown\n");
+ goto shut;
+ }
+ else
+ {
+ read_tty=1;
+ write_ssl=0;
+ break;
+ }
+
+ case SSL_ERROR_SYSCALL:
+ if ((k != 0) || (cbuf_len != 0))
+ {
+ BIO_printf(bio_err,"write:errno=%d\n",
+ get_last_socket_error());
+ goto shut;
+ }
+ else
+ {
+ read_tty=1;
+ write_ssl=0;
+ }
+ break;
+ case SSL_ERROR_SSL:
+ ERR_print_errors(bio_err);
+ goto shut;
+ }
+ }
+#ifndef WINDOWS
+ else if (FD_ISSET(fileno(stdout),&writefds))
+ {
+ i=write(fileno(stdout),&(sbuf[sbuf_off]),sbuf_len);
+
+ if (i <= 0)
+ {
+ BIO_printf(bio_c_out,"DONE\n");
+ goto shut;
+ /* goto end; */
+ }
+
+ sbuf_len-=i;;
+ sbuf_off+=i;
+ if (sbuf_len <= 0)
+ {
+ read_ssl=1;
+ write_tty=0;
+ }
+ }
+#endif
+ else if (FD_ISSET(SSL_get_fd(con),&readfds))
+ {
+#ifdef RENEG
+{ static int iiii; if (++iiii == 52) { SSL_renegotiate(con); iiii=0; } }
+#endif
+ k=SSL_read(con,sbuf,1024 /* BUFSIZZ */ );
+
+ switch (SSL_get_error(con,k))
+ {
+ case SSL_ERROR_NONE:
+ if (k <= 0)
+ goto end;
+ sbuf_off=0;
+ sbuf_len=k;
+
+ read_ssl=0;
+ write_tty=1;
+ break;
+ case SSL_ERROR_WANT_WRITE:
+ BIO_printf(bio_c_out,"read W BLOCK\n");
+ write_ssl=1;
+ read_tty=0;
+ break;
+ case SSL_ERROR_WANT_READ:
+ BIO_printf(bio_c_out,"read R BLOCK\n");
+ write_tty=0;
+ read_ssl=1;
+ if ((read_tty == 0) && (write_ssl == 0))
+ write_ssl=1;
+ break;
+ case SSL_ERROR_WANT_X509_LOOKUP:
+ BIO_printf(bio_c_out,"read X BLOCK\n");
+ break;
+ case SSL_ERROR_SYSCALL:
+ BIO_printf(bio_err,"read:errno=%d\n",get_last_socket_error());
+ goto shut;
+ case SSL_ERROR_ZERO_RETURN:
+ BIO_printf(bio_c_out,"closed\n");
+ goto shut;
+ case SSL_ERROR_SSL:
+ ERR_print_errors(bio_err);
+ goto shut;
+ break;
+ }
+ }
+
+#ifndef WINDOWS
+ else if (FD_ISSET(fileno(stdin),&readfds))
+ {
+ i=read(fileno(stdin),cbuf,BUFSIZZ);
+
+ if ((!c_quiet) && ((i <= 0) || (cbuf[0] == 'Q')))
+ {
+ BIO_printf(bio_err,"DONE\n");
+ goto shut;
+ }
+
+ if ((!c_quiet) && (cbuf[0] == 'R'))
+ {
+ SSL_renegotiate(con);
+ read_tty=0;
+ write_ssl=1;
+ }
+ else
+ {
+ cbuf_len=i;
+ cbuf_off=0;
+ }
+
+ read_tty=0;
+ write_ssl=1;
+ }
+#endif
+ }
+shut:
+ SSL_shutdown(con);
+ SHUTDOWN(SSL_get_fd(con));
+ ret=0;
+end:
+ if (con != NULL) SSL_free(con);
+ if (con2 != NULL) SSL_free(con2);
+ if (ctx != NULL) SSL_CTX_free(ctx);
+ if (cbuf != NULL) { memset(cbuf,0,BUFSIZZ); Free(cbuf); }
+ if (sbuf != NULL) { memset(sbuf,0,BUFSIZZ); Free(sbuf); }
+ if (bio_c_out != NULL)
+ {
+ BIO_free(bio_c_out);
+ bio_c_out=NULL;
+ }
+ EXIT(ret);
+ }
+
+
+static void print_stuff(bio,s,full)
+BIO *bio;
+SSL *s;
+int full;
+ {
+ X509 *peer=NULL;
+ char *p;
+ static char *space=" ";
+ char buf[BUFSIZ];
+ STACK *sk;
+ SSL_CIPHER *c;
+ X509_NAME *xn;
+ int j,i;
+
+ if (full)
+ {
+ sk=SSL_get_peer_cert_chain(s);
+ if (sk != NULL)
+ {
+ BIO_printf(bio,"---\nCertficate chain\n");
+ for (i=0; i<sk_num(sk); i++)
+ {
+ X509_NAME_oneline(X509_get_subject_name((X509 *)
+ sk_value(sk,i)),buf,BUFSIZ);
+ BIO_printf(bio,"%2d s:%s\n",i,buf);
+ X509_NAME_oneline(X509_get_issuer_name((X509 *)
+ sk_value(sk,i)),buf,BUFSIZ);
+ BIO_printf(bio," i:%s\n",buf);
+ }
+ }
+
+ BIO_printf(bio,"---\n");
+ peer=SSL_get_peer_certificate(s);
+ if (peer != NULL)
+ {
+ BIO_printf(bio,"Server certificate\n");
+ PEM_write_bio_X509(bio,peer);
+ X509_NAME_oneline(X509_get_subject_name(peer),
+ buf,BUFSIZ);
+ BIO_printf(bio,"subject=%s\n",buf);
+ X509_NAME_oneline(X509_get_issuer_name(peer),
+ buf,BUFSIZ);
+ BIO_printf(bio,"issuer=%s\n",buf);
+ }
+ else
+ BIO_printf(bio,"no peer certificate available\n");
+
+ sk=SSL_get_client_CA_list(s);
+ if ((sk != NULL) && (sk_num(sk) > 0))
+ {
+ BIO_printf(bio,"---\nAcceptable client certificate CA names\n");
+ for (i=0; i<sk_num(sk); i++)
+ {
+ xn=(X509_NAME *)sk_value(sk,i);
+ X509_NAME_oneline(xn,buf,sizeof(buf));
+ BIO_write(bio,buf,strlen(buf));
+ BIO_write(bio,"\n",1);
+ }
+ }
+ else
+ {
+ BIO_printf(bio,"---\nNo client certificate CA names sent\n");
+ }
+ p=SSL_get_shared_ciphers(s,buf,BUFSIZ);
+ if (p != NULL)
+ {
+ BIO_printf(bio,"---\nCiphers common between both SSL endpoints:\n");
+ j=i=0;
+ while (*p)
+ {
+ if (*p == ':')
+ {
+ BIO_write(bio,space,15-j%25);
+ i++;
+ j=0;
+ BIO_write(bio,((i%3)?" ":"\n"),1);
+ }
+ else
+ {
+ BIO_write(bio,p,1);
+ j++;
+ }
+ p++;
+ }
+ BIO_write(bio,"\n",1);
+ }
+
+ BIO_printf(bio,"---\nSSL handshake has read %ld bytes and written %ld bytes\n",
+ BIO_number_read(SSL_get_rbio(s)),
+ BIO_number_written(SSL_get_wbio(s)));
+ }
+ BIO_printf(bio,((s->hit)?"---\nReused, ":"---\nNew, "));
+ c=SSL_get_current_cipher(s);
+ BIO_printf(bio,"%s, Cipher is %s\n",
+ SSL_CIPHER_get_version(c),
+ SSL_CIPHER_get_name(c));
+ if (peer != NULL)
+ BIO_printf(bio,"Server public key is %d bit\n",
+ EVP_PKEY_bits(X509_get_pubkey(peer)));
+ SSL_SESSION_print(bio,SSL_get_session(s));
+ BIO_printf(bio,"---\n");
+ if (peer != NULL)
+ X509_free(peer);
+ }
+
diff --git a/src/lib/libssl/src/apps/s_server.c b/src/lib/libssl/src/apps/s_server.c
new file mode 100644
index 0000000000..5012ef254d
--- /dev/null
+++ b/src/lib/libssl/src/apps/s_server.c
@@ -0,0 +1,1225 @@
+/* apps/s_server.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#ifdef NO_STDIO
+#define APPS_WIN16
+#endif
+#include "lhash.h"
+#include "bn.h"
+#define USE_SOCKETS
+#include "apps.h"
+#include "err.h"
+#include "pem.h"
+#include "x509.h"
+#include "ssl.h"
+#include "s_apps.h"
+
+#ifndef NOPROTO
+static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int export);
+static int sv_body(char *hostname, int s);
+static int www_body(char *hostname, int s);
+static void close_accept_socket(void );
+static void sv_usage(void);
+static int init_ssl_connection(SSL *s);
+static void print_stats(BIO *bp,SSL_CTX *ctx);
+#ifndef NO_DH
+static DH *load_dh_param(void );
+static DH *get_dh512(void);
+#endif
+/* static void s_server_init(void);*/
+#else
+static RSA MS_CALLBACK *tmp_rsa_cb();
+static int sv_body();
+static int www_body();
+static void close_accept_socket();
+static void sv_usage();
+static int init_ssl_connection();
+static void print_stats();
+#ifndef NO_DH
+static DH *load_dh_param();
+static DH *get_dh512();
+#endif
+/* static void s_server_init(); */
+#endif
+
+
+#ifndef S_ISDIR
+#define S_ISDIR(a) (((a) & _S_IFMT) == _S_IFDIR)
+#endif
+
+#ifndef NO_DH
+static unsigned char dh512_p[]={
+ 0xDA,0x58,0x3C,0x16,0xD9,0x85,0x22,0x89,0xD0,0xE4,0xAF,0x75,
+ 0x6F,0x4C,0xCA,0x92,0xDD,0x4B,0xE5,0x33,0xB8,0x04,0xFB,0x0F,
+ 0xED,0x94,0xEF,0x9C,0x8A,0x44,0x03,0xED,0x57,0x46,0x50,0xD3,
+ 0x69,0x99,0xDB,0x29,0xD7,0x76,0x27,0x6B,0xA2,0xD3,0xD4,0x12,
+ 0xE2,0x18,0xF4,0xDD,0x1E,0x08,0x4C,0xF6,0xD8,0x00,0x3E,0x7C,
+ 0x47,0x74,0xE8,0x33,
+ };
+static unsigned char dh512_g[]={
+ 0x02,
+ };
+
+static DH *get_dh512()
+ {
+ DH *dh=NULL;
+
+ if ((dh=DH_new()) == NULL) return(NULL);
+ dh->p=BN_bin2bn(dh512_p,sizeof(dh512_p),NULL);
+ dh->g=BN_bin2bn(dh512_g,sizeof(dh512_g),NULL);
+ if ((dh->p == NULL) || (dh->g == NULL))
+ return(NULL);
+ return(dh);
+ }
+#endif
+
+/* static int load_CA(SSL_CTX *ctx, char *file);*/
+
+#undef BUFSIZZ
+#define BUFSIZZ 8*1024
+static int accept_socket= -1;
+
+#define TEST_CERT "server.pem"
+#undef PROG
+#define PROG s_server_main
+
+#define DH_PARAM "server.pem"
+
+extern int verify_depth;
+
+static char *cipher=NULL;
+static int s_server_verify=SSL_VERIFY_NONE;
+static char *s_cert_file=TEST_CERT,*s_key_file=NULL;
+static char *s_dcert_file=NULL,*s_dkey_file=NULL;
+#ifdef FIONBIO
+static int s_nbio=0;
+#endif
+static int s_nbio_test=0;
+static SSL_CTX *ctx=NULL;
+static int www=0;
+
+static BIO *bio_s_out=NULL;
+static int s_debug=0;
+static int s_quiet=0;
+
+#if 0
+static void s_server_init()
+ {
+ cipher=NULL;
+ s_server_verify=SSL_VERIFY_NONE;
+ s_dcert_file=NULL;
+ s_dkey_file=NULL;
+ s_cert_file=TEST_CERT;
+ s_key_file=NULL;
+#ifdef FIONBIO
+ s_nbio=0;
+#endif
+ s_nbio_test=0;
+ ctx=NULL;
+ www=0;
+
+ bio_s_out=NULL;
+ s_debug=0;
+ s_quiet=0;
+ }
+#endif
+
+static void sv_usage()
+ {
+ BIO_printf(bio_err,"usage: s_server [args ...]\n");
+ BIO_printf(bio_err,"\n");
+ BIO_printf(bio_err," -accept arg - port to accept on (default is %d\n",PORT);
+ BIO_printf(bio_err," -verify arg - turn on peer certificate verification\n");
+ BIO_printf(bio_err," -Verify arg - turn on peer certificate verification, must have a cert.\n");
+ BIO_printf(bio_err," -cert arg - certificate file to use, PEM format assumed\n");
+ BIO_printf(bio_err," (default is %s)\n",TEST_CERT);
+ BIO_printf(bio_err," -key arg - RSA file to use, PEM format assumed, in cert file if\n");
+ BIO_printf(bio_err," not specified (default is %s)\n",TEST_CERT);
+#ifdef FIONBIO
+ BIO_printf(bio_err," -nbio - Run with non-blocking IO\n");
+#endif
+ BIO_printf(bio_err," -nbio_test - test with the non-blocking test bio\n");
+ BIO_printf(bio_err," -debug - Print more output\n");
+ BIO_printf(bio_err," -state - Print the SSL states\n");
+ BIO_printf(bio_err," -CApath arg - PEM format directory of CA's\n");
+ BIO_printf(bio_err," -CAfile arg - PEM format file of CA's\n");
+ BIO_printf(bio_err," -nocert - Don't use any certificates (Anon-DH)\n");
+ BIO_printf(bio_err," -cipher arg - play with 'ssleay ciphers' to see what goes here\n");
+ BIO_printf(bio_err," -quiet - No server output\n");
+ BIO_printf(bio_err," -no_tmp_rsa - Do not generate a tmp RSA key\n");
+ BIO_printf(bio_err," -ssl2 - Just talk SSLv2\n");
+ BIO_printf(bio_err," -ssl3 - Just talk SSLv3\n");
+ BIO_printf(bio_err," -tls1 - Just talk TLSv1\n");
+ BIO_printf(bio_err," -no_ssl2 - Just disable SSLv2\n");
+ BIO_printf(bio_err," -no_ssl3 - Just disable SSLv3\n");
+ BIO_printf(bio_err," -no_tls1 - Just disable TLSv1\n");
+ BIO_printf(bio_err," -bugs - Turn on SSL bug compatability\n");
+ BIO_printf(bio_err," -www - Respond to a 'GET /' with a status page\n");
+ BIO_printf(bio_err," -WWW - Returns requested page from to a 'GET <path> HTTP/1.0'\n");
+ }
+
+static int local_argc=0;
+static char **local_argv;
+static int hack=0;
+
+int MAIN(argc, argv)
+int argc;
+char *argv[];
+ {
+ short port=PORT;
+ char *CApath=NULL,*CAfile=NULL;
+ int badop=0,bugs=0;
+ int ret=1;
+ int off=0;
+ int no_tmp_rsa=0,nocert=0;
+ int state=0;
+ SSL_METHOD *meth=NULL;
+#ifndef NO_DH
+ DH *dh=NULL;
+#endif
+
+#if !defined(NO_SSL2) && !defined(NO_SSL3)
+ meth=SSLv23_server_method();
+#elif !defined(NO_SSL3)
+ meth=SSLv3_server_method();
+#elif !defined(NO_SSL2)
+ meth=SSLv2_server_method();
+#endif
+
+ local_argc=argc;
+ local_argv=argv;
+
+ apps_startup();
+ s_quiet=0;
+ s_debug=0;
+
+ if (bio_err == NULL)
+ bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
+
+ verify_depth=0;
+#ifdef FIONBIO
+ s_nbio=0;
+#endif
+ s_nbio_test=0;
+
+ argc--;
+ argv++;
+
+ while (argc >= 1)
+ {
+ if ((strcmp(*argv,"-port") == 0) ||
+ (strcmp(*argv,"-accept") == 0))
+ {
+ if (--argc < 1) goto bad;
+ if (!extract_port(*(++argv),&port))
+ goto bad;
+ }
+ else if (strcmp(*argv,"-verify") == 0)
+ {
+ s_server_verify=SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE;
+ if (--argc < 1) goto bad;
+ verify_depth=atoi(*(++argv));
+ BIO_printf(bio_err,"verify depth is %d\n",verify_depth);
+ }
+ else if (strcmp(*argv,"-Verify") == 0)
+ {
+ s_server_verify=SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT|
+ SSL_VERIFY_CLIENT_ONCE;
+ if (--argc < 1) goto bad;
+ verify_depth=atoi(*(++argv));
+ BIO_printf(bio_err,"verify depth is %d, must return a certificate\n",verify_depth);
+ }
+ else if (strcmp(*argv,"-cert") == 0)
+ {
+ if (--argc < 1) goto bad;
+ s_cert_file= *(++argv);
+ }
+ else if (strcmp(*argv,"-key") == 0)
+ {
+ if (--argc < 1) goto bad;
+ s_key_file= *(++argv);
+ }
+ else if (strcmp(*argv,"-dcert") == 0)
+ {
+ if (--argc < 1) goto bad;
+ s_dcert_file= *(++argv);
+ }
+ else if (strcmp(*argv,"-dkey") == 0)
+ {
+ if (--argc < 1) goto bad;
+ s_dkey_file= *(++argv);
+ }
+ else if (strcmp(*argv,"-nocert") == 0)
+ {
+ nocert=1;
+ }
+ else if (strcmp(*argv,"-CApath") == 0)
+ {
+ if (--argc < 1) goto bad;
+ CApath= *(++argv);
+ }
+ else if (strcmp(*argv,"-cipher") == 0)
+ {
+ if (--argc < 1) goto bad;
+ cipher= *(++argv);
+ }
+ else if (strcmp(*argv,"-CAfile") == 0)
+ {
+ if (--argc < 1) goto bad;
+ CAfile= *(++argv);
+ }
+#ifdef FIONBIO
+ else if (strcmp(*argv,"-nbio") == 0)
+ { s_nbio=1; }
+#endif
+ else if (strcmp(*argv,"-nbio_test") == 0)
+ {
+#ifdef FIONBIO
+ s_nbio=1;
+#endif
+ s_nbio_test=1;
+ }
+ else if (strcmp(*argv,"-debug") == 0)
+ { s_debug=1; }
+ else if (strcmp(*argv,"-hack") == 0)
+ { hack=1; }
+ else if (strcmp(*argv,"-state") == 0)
+ { state=1; }
+ else if (strcmp(*argv,"-quiet") == 0)
+ { s_quiet=1; }
+ else if (strcmp(*argv,"-bugs") == 0)
+ { bugs=1; }
+ else if (strcmp(*argv,"-no_tmp_rsa") == 0)
+ { no_tmp_rsa=1; }
+ else if (strcmp(*argv,"-www") == 0)
+ { www=1; }
+ else if (strcmp(*argv,"-WWW") == 0)
+ { www=2; }
+ else if (strcmp(*argv,"-no_ssl2") == 0)
+ { off|=SSL_OP_NO_SSLv2; }
+ else if (strcmp(*argv,"-no_ssl3") == 0)
+ { off|=SSL_OP_NO_SSLv3; }
+ else if (strcmp(*argv,"-no_tls1") == 0)
+ { off|=SSL_OP_NO_TLSv1; }
+#ifndef NO_SSL2
+ else if (strcmp(*argv,"-ssl2") == 0)
+ { meth=SSLv2_server_method(); }
+#endif
+#ifndef NO_SSL3
+ else if (strcmp(*argv,"-ssl3") == 0)
+ { meth=SSLv3_server_method(); }
+#endif
+#ifndef NO_TLS1
+ else if (strcmp(*argv,"-tls1") == 0)
+ { meth=TLSv1_server_method(); }
+#endif
+ else
+ {
+ BIO_printf(bio_err,"unknown option %s\n",*argv);
+ badop=1;
+ break;
+ }
+ argc--;
+ argv++;
+ }
+ if (badop)
+ {
+bad:
+ sv_usage();
+ goto end;
+ }
+
+ if (bio_s_out == NULL)
+ {
+ if (s_quiet && !s_debug)
+ {
+ bio_s_out=BIO_new(BIO_s_null());
+ }
+ else
+ {
+ if (bio_s_out == NULL)
+ bio_s_out=BIO_new_fp(stdout,BIO_NOCLOSE);
+ }
+ }
+
+#if !defined(NO_RSA) || !defined(NO_DSA)
+ if (nocert)
+#endif
+ {
+ s_cert_file=NULL;
+ s_key_file=NULL;
+ s_dcert_file=NULL;
+ s_dkey_file=NULL;
+ }
+
+ SSL_load_error_strings();
+ SSLeay_add_ssl_algorithms();
+
+ ctx=SSL_CTX_new(meth);
+ if (ctx == NULL)
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ SSL_CTX_set_quiet_shutdown(ctx,1);
+ if (bugs) SSL_CTX_set_options(ctx,SSL_OP_ALL);
+ if (hack) SSL_CTX_set_options(ctx,SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG);
+ SSL_CTX_set_options(ctx,off);
+ if (hack) SSL_CTX_set_options(ctx,SSL_OP_NON_EXPORT_FIRST);
+
+ if (state) SSL_CTX_set_info_callback(ctx,apps_ssl_info_callback);
+
+ SSL_CTX_sess_set_cache_size(ctx,128);
+
+#if 0
+ if (cipher == NULL) cipher=getenv("SSL_CIPHER");
+#endif
+
+#if 0
+ if (s_cert_file == NULL)
+ {
+ BIO_printf(bio_err,"You must specify a certificate file for the server to use\n");
+ goto end;
+ }
+#endif
+
+ if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) ||
+ (!SSL_CTX_set_default_verify_paths(ctx)))
+ {
+ /* BIO_printf(bio_err,"X509_load_verify_locations\n"); */
+ ERR_print_errors(bio_err);
+ /* goto end; */
+ }
+
+#ifndef NO_DH
+ /* EAY EAY EAY evil hack */
+ dh=load_dh_param();
+ if (dh != NULL)
+ {
+ BIO_printf(bio_s_out,"Setting temp DH parameters\n");
+ }
+ else
+ {
+ BIO_printf(bio_s_out,"Using default temp DH parameters\n");
+ dh=get_dh512();
+ }
+ BIO_flush(bio_s_out);
+
+ SSL_CTX_set_tmp_dh(ctx,dh);
+ DH_free(dh);
+#endif
+
+ if (!set_cert_stuff(ctx,s_cert_file,s_key_file))
+ goto end;
+ if (s_dcert_file != NULL)
+ {
+ if (!set_cert_stuff(ctx,s_dcert_file,s_dkey_file))
+ goto end;
+ }
+
+#if 1
+ SSL_CTX_set_tmp_rsa_callback(ctx,tmp_rsa_cb);
+#else
+ if (!no_tmp_rsa && SSL_CTX_need_tmp_RSA(ctx))
+ {
+ RSA *rsa;
+
+ BIO_printf(bio_s_out,"Generating temp (512 bit) RSA key...");
+ BIO_flush(bio_s_out);
+
+ rsa=RSA_generate_key(512,RSA_F4,NULL);
+
+ if (!SSL_CTX_set_tmp_rsa(ctx,rsa))
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ RSA_free(rsa);
+ BIO_printf(bio_s_out,"\n");
+ }
+#endif
+
+ if (cipher != NULL)
+ SSL_CTX_set_cipher_list(ctx,cipher);
+ SSL_CTX_set_verify(ctx,s_server_verify,verify_callback);
+
+ SSL_CTX_set_client_CA_list(ctx,SSL_load_client_CA_file(s_cert_file));
+
+ BIO_printf(bio_s_out,"ACCEPT\n");
+ if (www)
+ do_server(port,&accept_socket,www_body);
+ else
+ do_server(port,&accept_socket,sv_body);
+ print_stats(bio_s_out,ctx);
+ ret=0;
+end:
+ if (ctx != NULL) SSL_CTX_free(ctx);
+ if (bio_s_out != NULL)
+ {
+ BIO_free(bio_s_out);
+ bio_s_out=NULL;
+ }
+ EXIT(ret);
+ }
+
+static void print_stats(bio,ssl_ctx)
+BIO *bio;
+SSL_CTX *ssl_ctx;
+ {
+ BIO_printf(bio,"%4ld items in the session cache\n",
+ SSL_CTX_sess_number(ssl_ctx));
+ BIO_printf(bio,"%4d client connects (SSL_connect())\n",
+ SSL_CTX_sess_connect(ssl_ctx));
+ BIO_printf(bio,"%4d client renegotiates (SSL_connect())\n",
+ SSL_CTX_sess_connect_renegotiate(ssl_ctx));
+ BIO_printf(bio,"%4d client connects that finished\n",
+ SSL_CTX_sess_connect_good(ssl_ctx));
+ BIO_printf(bio,"%4d server accepts (SSL_accept())\n",
+ SSL_CTX_sess_accept(ssl_ctx));
+ BIO_printf(bio,"%4d server renegotiates (SSL_accept())\n",
+ SSL_CTX_sess_accept_renegotiate(ssl_ctx));
+ BIO_printf(bio,"%4d server accepts that finished\n",
+ SSL_CTX_sess_accept_good(ssl_ctx));
+ BIO_printf(bio,"%4d session cache hits\n",SSL_CTX_sess_hits(ssl_ctx));
+ BIO_printf(bio,"%4d session cache misses\n",SSL_CTX_sess_misses(ssl_ctx));
+ BIO_printf(bio,"%4d session cache timeouts\n",SSL_CTX_sess_timeouts(ssl_ctx));
+ BIO_printf(bio,"%4d callback cache hits\n",SSL_CTX_sess_cb_hits(ssl_ctx));
+ BIO_printf(bio,"%4d cache full overflows (%d allowed)\n",
+ SSL_CTX_sess_cache_full(ssl_ctx),
+ SSL_CTX_sess_get_cache_size(ssl_ctx));
+ }
+
+static int sv_body(hostname, s)
+char *hostname;
+int s;
+ {
+ char *buf=NULL;
+ fd_set readfds;
+ int ret=1,width;
+ int k,i;
+ unsigned long l;
+ SSL *con=NULL;
+ BIO *sbio;
+
+ if ((buf=Malloc(BUFSIZZ)) == NULL)
+ {
+ BIO_printf(bio_err,"out of memory\n");
+ goto err;
+ }
+#ifdef FIONBIO
+ if (s_nbio)
+ {
+ unsigned long sl=1;
+
+ if (!s_quiet)
+ BIO_printf(bio_err,"turning on non blocking io\n");
+ if (BIO_socket_ioctl(s,FIONBIO,&sl) < 0)
+ ERR_print_errors(bio_err);
+ }
+#endif
+
+ if (con == NULL)
+ con=(SSL *)SSL_new(ctx);
+ SSL_clear(con);
+
+ sbio=BIO_new_socket(s,BIO_NOCLOSE);
+ if (s_nbio_test)
+ {
+ BIO *test;
+
+ test=BIO_new(BIO_f_nbio_test());
+ sbio=BIO_push(test,sbio);
+ }
+ SSL_set_bio(con,sbio,sbio);
+ SSL_set_accept_state(con);
+ /* SSL_set_fd(con,s); */
+
+ if (s_debug)
+ {
+ con->debug=1;
+ BIO_set_callback(SSL_get_rbio(con),bio_dump_cb);
+ BIO_set_callback_arg(SSL_get_rbio(con),bio_s_out);
+ }
+
+ width=s+1;
+ for (;;)
+ {
+ FD_ZERO(&readfds);
+#ifndef WINDOWS
+ FD_SET(fileno(stdin),&readfds);
+#endif
+ FD_SET(s,&readfds);
+ i=select(width,&readfds,NULL,NULL,NULL);
+ if (i <= 0) continue;
+ if (FD_ISSET(fileno(stdin),&readfds))
+ {
+ i=read(fileno(stdin),buf,128/*BUFSIZZ*/);
+ if (!s_quiet)
+ {
+ if ((i <= 0) || (buf[0] == 'Q'))
+ {
+ BIO_printf(bio_s_out,"DONE\n");
+ SHUTDOWN(s);
+ close_accept_socket();
+ ret= -11;
+ goto err;
+ }
+ if ((i <= 0) || (buf[0] == 'q'))
+ {
+ BIO_printf(bio_s_out,"DONE\n");
+ SHUTDOWN(s);
+ /* close_accept_socket();
+ ret= -11;*/
+ goto err;
+ }
+ if ((buf[0] == 'r') &&
+ ((buf[1] == '\n') || (buf[1] == '\r')))
+ {
+ SSL_renegotiate(con);
+ i=SSL_do_handshake(con);
+ printf("SSL_do_handshake -> %d\n",i);
+ i=0; /*13; */
+ continue;
+ strcpy(buf,"server side RE-NEGOTIATE\n");
+ }
+ if ((buf[0] == 'R') &&
+ ((buf[1] == '\0') || (buf[1] == '\r')))
+ {
+ SSL_set_verify(con,
+ SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE,NULL);
+ SSL_renegotiate(con);
+ i=SSL_do_handshake(con);
+ printf("SSL_do_handshake -> %d\n",i);
+ i=0; /* 13; */
+ continue;
+ strcpy(buf,"server side RE-NEGOTIATE asking for client cert\n");
+ }
+ if (buf[0] == 'P')
+ {
+ static char *str="Lets print some clear text\n";
+ BIO_write(SSL_get_wbio(con),str,strlen(str));
+ }
+ if (buf[0] == 'S')
+ {
+ print_stats(bio_s_out,SSL_get_SSL_CTX(con));
+ }
+ }
+ l=k=0;
+ for (;;)
+ {
+ /* should do a select for the write */
+#ifdef RENEG
+{ static count=0; if (++count == 100) { count=0; SSL_renegotiate(con); } }
+#endif
+ k=SSL_write(con,&(buf[l]),(unsigned int)i);
+ switch (SSL_get_error(con,k))
+ {
+ case SSL_ERROR_NONE:
+ break;
+ case SSL_ERROR_WANT_WRITE:
+ case SSL_ERROR_WANT_READ:
+ case SSL_ERROR_WANT_X509_LOOKUP:
+ BIO_printf(bio_s_out,"Write BLOCK\n");
+ break;
+ case SSL_ERROR_SYSCALL:
+ case SSL_ERROR_SSL:
+ BIO_printf(bio_s_out,"ERROR\n");
+ ERR_print_errors(bio_err);
+ ret=1;
+ goto err;
+ break;
+ case SSL_ERROR_ZERO_RETURN:
+ BIO_printf(bio_s_out,"DONE\n");
+ ret=1;
+ goto err;
+ }
+ l+=k;
+ i-=k;
+ if (i <= 0) break;
+ }
+ }
+ if (FD_ISSET(s,&readfds))
+ {
+ if (!SSL_is_init_finished(con))
+ {
+ i=init_ssl_connection(con);
+
+ if (i < 0)
+ {
+ ret=0;
+ goto err;
+ }
+ else if (i == 0)
+ {
+ ret=1;
+ goto err;
+ }
+ }
+ else
+ {
+ i=SSL_read(con,(char *)buf,128 /*BUFSIZZ */);
+ switch (SSL_get_error(con,i))
+ {
+ case SSL_ERROR_NONE:
+ write(fileno(stdout),buf,
+ (unsigned int)i);
+ break;
+ case SSL_ERROR_WANT_WRITE:
+ case SSL_ERROR_WANT_READ:
+ case SSL_ERROR_WANT_X509_LOOKUP:
+ BIO_printf(bio_s_out,"Read BLOCK\n");
+ break;
+ case SSL_ERROR_SYSCALL:
+ case SSL_ERROR_SSL:
+ BIO_printf(bio_s_out,"ERROR\n");
+ ERR_print_errors(bio_err);
+ ret=1;
+ goto err;
+ case SSL_ERROR_ZERO_RETURN:
+ BIO_printf(bio_s_out,"DONE\n");
+ ret=1;
+ goto err;
+ }
+ }
+ }
+ }
+err:
+ BIO_printf(bio_s_out,"shutting down SSL\n");
+#if 1
+ SSL_set_shutdown(con,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
+#else
+ SSL_shutdown(con);
+#endif
+ if (con != NULL) SSL_free(con);
+ BIO_printf(bio_s_out,"CONNECTION CLOSED\n");
+ if (buf != NULL)
+ {
+ memset(buf,0,BUFSIZZ);
+ Free(buf);
+ }
+ if (ret >= 0)
+ BIO_printf(bio_s_out,"ACCEPT\n");
+ return(ret);
+ }
+
+static void close_accept_socket()
+ {
+ BIO_printf(bio_err,"shutdown accept socket\n");
+ if (accept_socket >= 0)
+ {
+ SHUTDOWN2(accept_socket);
+ }
+ }
+
+static int init_ssl_connection(con)
+SSL *con;
+ {
+ int i;
+ char *str;
+ X509 *peer;
+ long verify_error;
+ MS_STATIC char buf[BUFSIZ];
+
+ if ((i=SSL_accept(con)) <= 0)
+ {
+ if (BIO_sock_should_retry(i))
+ {
+ BIO_printf(bio_s_out,"DELAY\n");
+ return(1);
+ }
+
+ BIO_printf(bio_err,"ERROR\n");
+ verify_error=SSL_get_verify_result(con);
+ if (verify_error != X509_V_OK)
+ {
+ BIO_printf(bio_err,"verify error:%s\n",
+ X509_verify_cert_error_string(verify_error));
+ }
+ else
+ ERR_print_errors(bio_err);
+ return(0);
+ }
+
+ PEM_write_bio_SSL_SESSION(bio_s_out,SSL_get_session(con));
+
+ peer=SSL_get_peer_certificate(con);
+ if (peer != NULL)
+ {
+ BIO_printf(bio_s_out,"Client certificate\n");
+ PEM_write_bio_X509(bio_s_out,peer);
+ X509_NAME_oneline(X509_get_subject_name(peer),buf,BUFSIZ);
+ BIO_printf(bio_s_out,"subject=%s\n",buf);
+ X509_NAME_oneline(X509_get_issuer_name(peer),buf,BUFSIZ);
+ BIO_printf(bio_s_out,"issuer=%s\n",buf);
+ X509_free(peer);
+ }
+
+ if (SSL_get_shared_ciphers(con,buf,BUFSIZ) != NULL)
+ BIO_printf(bio_s_out,"Shared ciphers:%s\n",buf);
+ str=SSL_CIPHER_get_name(SSL_get_current_cipher(con));
+ BIO_printf(bio_s_out,"CIPHER is %s\n",(str != NULL)?str:"(NONE)");
+ if (con->hit) BIO_printf(bio_s_out,"Reused session-id\n");
+ return(1);
+ }
+
+#ifndef NO_DH
+static DH *load_dh_param()
+ {
+ DH *ret=NULL;
+ BIO *bio;
+
+ if ((bio=BIO_new_file(DH_PARAM,"r")) == NULL)
+ goto err;
+ ret=PEM_read_bio_DHparams(bio,NULL,NULL);
+err:
+ if (bio != NULL) BIO_free(bio);
+ return(ret);
+ }
+#endif
+
+#if 0
+static int load_CA(ctx,file)
+SSL_CTX *ctx;
+char *file;
+ {
+ FILE *in;
+ X509 *x=NULL;
+
+ if ((in=fopen(file,"r")) == NULL)
+ return(0);
+
+ for (;;)
+ {
+ if (PEM_read_X509(in,&x,NULL) == NULL)
+ break;
+ SSL_CTX_add_client_CA(ctx,x);
+ }
+ if (x != NULL) X509_free(x);
+ fclose(in);
+ return(1);
+ }
+#endif
+
+static int www_body(hostname, s)
+char *hostname;
+int s;
+ {
+ char buf[1024];
+ int ret=1;
+ int i,j,k,blank,dot;
+ struct stat st_buf;
+ SSL *con;
+ SSL_CIPHER *c;
+ BIO *io,*ssl_bio,*sbio;
+ long total_bytes;
+
+ io=BIO_new(BIO_f_buffer());
+ ssl_bio=BIO_new(BIO_f_ssl());
+ if ((io == NULL) || (ssl_bio == NULL)) goto err;
+
+#ifdef FIONBIO
+ if (s_nbio)
+ {
+ unsigned long sl=1;
+
+ if (!s_quiet)
+ BIO_printf(bio_err,"turning on non blocking io\n");
+ if (BIO_socket_ioctl(s,FIONBIO,&sl) < 0)
+ ERR_print_errors(bio_err);
+ }
+#endif
+
+ /* lets make the output buffer a reasonable size */
+ if (!BIO_set_write_buffer_size(io,253 /*16*1024*/)) goto err;
+
+ if ((con=(SSL *)SSL_new(ctx)) == NULL) goto err;
+
+ sbio=BIO_new_socket(s,BIO_NOCLOSE);
+ if (s_nbio_test)
+ {
+ BIO *test;
+
+ test=BIO_new(BIO_f_nbio_test());
+ sbio=BIO_push(test,sbio);
+ }
+ SSL_set_bio(con,sbio,sbio);
+ SSL_set_accept_state(con);
+
+ /* SSL_set_fd(con,s); */
+ BIO_set_ssl(ssl_bio,con,BIO_CLOSE);
+ BIO_push(io,ssl_bio);
+
+ if (s_debug)
+ {
+ con->debug=1;
+ BIO_set_callback(SSL_get_rbio(con),bio_dump_cb);
+ BIO_set_callback_arg(SSL_get_rbio(con),bio_s_out);
+ }
+
+ blank=0;
+ for (;;)
+ {
+ if (hack)
+ {
+ i=SSL_accept(con);
+
+ switch (SSL_get_error(con,i))
+ {
+ case SSL_ERROR_NONE:
+ break;
+ case SSL_ERROR_WANT_WRITE:
+ case SSL_ERROR_WANT_READ:
+ case SSL_ERROR_WANT_X509_LOOKUP:
+ continue;
+ case SSL_ERROR_SYSCALL:
+ case SSL_ERROR_SSL:
+ case SSL_ERROR_ZERO_RETURN:
+ ret=1;
+ goto err;
+ break;
+ }
+
+ SSL_renegotiate(con);
+ SSL_write(con,NULL,0);
+ }
+
+ i=BIO_gets(io,buf,sizeof(buf)-1);
+ if (i < 0) /* error */
+ {
+ if (!BIO_should_retry(io))
+ {
+ if (!s_quiet)
+ ERR_print_errors(bio_err);
+ goto err;
+ }
+ else
+ {
+ BIO_printf(bio_s_out,"read R BLOCK\n");
+#ifndef MSDOS
+ sleep(1);
+#endif
+ continue;
+ }
+ }
+ else if (i == 0) /* end of input */
+ {
+ ret=1;
+ goto end;
+ }
+
+ /* else we have data */
+ if ( ((www == 1) && (strncmp("GET ",buf,4) == 0)) ||
+ ((www == 2) && (strncmp("GET /stats ",buf,10) == 0)))
+ {
+ char *p;
+ X509 *peer;
+ STACK *sk;
+ static char *space=" ";
+
+ BIO_puts(io,"HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n");
+ BIO_puts(io,"<HTML><BODY BGCOLOR=ffffff>\n");
+ BIO_puts(io,"<pre>\n");
+/* BIO_puts(io,SSLeay_version(SSLEAY_VERSION));*/
+ BIO_puts(io,"\n");
+ for (i=0; i<local_argc; i++)
+ {
+ BIO_puts(io,local_argv[i]);
+ BIO_write(io," ",1);
+ }
+ BIO_puts(io,"\n");
+
+ /* The following is evil and should not really
+ * be done */
+ BIO_printf(io,"Ciphers supported in s_server binary\n");
+ sk=SSL_get_ciphers(con);
+ j=sk_num(sk);
+ for (i=0; i<j; i++)
+ {
+ c=(SSL_CIPHER *)sk_value(sk,i);
+ BIO_printf(io,"%-11s:%-25s",
+ SSL_CIPHER_get_version(c),
+ SSL_CIPHER_get_name(c));
+ if ((((i+1)%2) == 0) && (i+1 != j))
+ BIO_puts(io,"\n");
+ }
+ BIO_puts(io,"\n");
+ p=SSL_get_shared_ciphers(con,buf,sizeof(buf));
+ if (p != NULL)
+ {
+ BIO_printf(io,"---\nCiphers common between both SSL end points:\n");
+ j=i=0;
+ while (*p)
+ {
+ if (*p == ':')
+ {
+ BIO_write(io,space,26-j);
+ i++;
+ j=0;
+ BIO_write(io,((i%3)?" ":"\n"),1);
+ }
+ else
+ {
+ BIO_write(io,p,1);
+ j++;
+ }
+ p++;
+ }
+ BIO_puts(io,"\n");
+ }
+ BIO_printf(io,((con->hit)
+ ?"---\nReused, "
+ :"---\nNew, "));
+ c=SSL_get_current_cipher(con);
+ BIO_printf(io,"%s, Cipher is %s\n",
+ SSL_CIPHER_get_version(c),
+ SSL_CIPHER_get_name(c));
+ SSL_SESSION_print(io,SSL_get_session(con));
+ BIO_printf(io,"---\n");
+ print_stats(io,SSL_get_SSL_CTX(con));
+ BIO_printf(io,"---\n");
+ peer=SSL_get_peer_certificate(con);
+ if (peer != NULL)
+ {
+ BIO_printf(io,"Client certificate\n");
+ X509_print(io,peer);
+ PEM_write_bio_X509(io,peer);
+ }
+ else
+ BIO_puts(io,"no client certificate available\n");
+ BIO_puts(io,"</BODY></HTML>\r\n\r\n");
+ break;
+ }
+ else if ((www == 2) && (strncmp("GET ",buf,4) == 0))
+ {
+ BIO *file;
+ char *p,*e;
+ static char *text="HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n";
+
+ /* skip the '/' */
+ p= &(buf[5]);
+ dot=0;
+ for (e=p; *e != '\0'; e++)
+ {
+ if (e[0] == ' ') break;
+ if ( (e[0] == '.') &&
+ (strncmp(&(e[-1]),"/../",4) == 0))
+ dot=1;
+ }
+
+
+ if (*e == '\0')
+ {
+ BIO_puts(io,text);
+ BIO_printf(io,"'%s' is an invalid file name\r\n",p);
+ break;
+ }
+ *e='\0';
+
+ if (dot)
+ {
+ BIO_puts(io,text);
+ BIO_printf(io,"'%s' contains '..' reference\r\n",p);
+ break;
+ }
+
+ if (*p == '/')
+ {
+ BIO_puts(io,text);
+ BIO_printf(io,"'%s' is an invalid path\r\n",p);
+ break;
+ }
+
+ /* append if a directory lookup */
+ if (e[-1] == '/')
+ strcat(p,"index.html");
+
+ /* if a directory, do the index thang */
+ if (stat(p,&st_buf) < 0)
+ {
+ BIO_puts(io,text);
+ BIO_printf(io,"Error accessing '%s'\r\n",p);
+ ERR_print_errors(io);
+ break;
+ }
+ if (S_ISDIR(st_buf.st_mode))
+ {
+ strcat(p,"/index.html");
+ }
+
+ if ((file=BIO_new_file(p,"r")) == NULL)
+ {
+ BIO_puts(io,text);
+ BIO_printf(io,"Error opening '%s'\r\n",p);
+ ERR_print_errors(io);
+ break;
+ }
+
+ if (!s_quiet)
+ BIO_printf(bio_err,"FILE:%s\n",p);
+
+ i=strlen(p);
+ if ( ((i > 5) && (strcmp(&(p[i-5]),".html") == 0)) ||
+ ((i > 4) && (strcmp(&(p[i-4]),".php") == 0)) ||
+ ((i > 4) && (strcmp(&(p[i-4]),".htm") == 0)))
+ BIO_puts(io,"HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n");
+ else
+ BIO_puts(io,"HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n");
+ /* send the file */
+ total_bytes=0;
+ for (;;)
+ {
+ i=BIO_read(file,buf,1024);
+ if (i <= 0) break;
+
+ total_bytes+=i;
+ fprintf(stderr,"%d\n",i);
+ if (total_bytes > 3*1024)
+ {
+ total_bytes=0;
+ fprintf(stderr,"RENEGOTIATE\n");
+ SSL_renegotiate(con);
+ }
+
+ for (j=0; j<i; )
+ {
+#ifdef RENEG
+{ static count=0; if (++count == 13) { SSL_renegotiate(con); } }
+#endif
+ k=BIO_write(io,&(buf[j]),i-j);
+ if (k <= 0)
+ {
+ if (!BIO_should_retry(io))
+ goto write_error;
+ else
+ {
+ BIO_printf(bio_s_out,"rwrite W BLOCK\n");
+ }
+ }
+ else
+ {
+ j+=k;
+ }
+ }
+ }
+write_error:
+ BIO_free(file);
+ break;
+ }
+ }
+
+ for (;;)
+ {
+ i=(int)BIO_flush(io);
+ if (i <= 0)
+ {
+ if (!BIO_should_retry(io))
+ break;
+ }
+ else
+ break;
+ }
+end:
+#if 1
+ /* make sure we re-use sessions */
+ SSL_set_shutdown(con,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
+#else
+ /* This kills performace */
+/* SSL_shutdown(con); A shutdown gets sent in the
+ * BIO_free_all(io) procession */
+#endif
+
+err:
+
+ if (ret >= 0)
+ BIO_printf(bio_s_out,"ACCEPT\n");
+
+ if (io != NULL) BIO_free_all(io);
+/* if (ssl_bio != NULL) BIO_free(ssl_bio);*/
+ return(ret);
+ }
+
+static RSA MS_CALLBACK *tmp_rsa_cb(s,export)
+SSL *s;
+int export;
+ {
+ static RSA *rsa_tmp=NULL;
+
+ if (rsa_tmp == NULL)
+ {
+ if (!s_quiet)
+ {
+ BIO_printf(bio_err,"Generating temp (512 bit) RSA key...");
+ BIO_flush(bio_err);
+ }
+#ifndef NO_RSA
+ rsa_tmp=RSA_generate_key(512,RSA_F4,NULL,NULL);
+#endif
+ if (!s_quiet)
+ {
+ BIO_printf(bio_err,"\n");
+ BIO_flush(bio_err);
+ }
+ }
+ return(rsa_tmp);
+ }
diff --git a/src/lib/libssl/src/apps/s_socket.c b/src/lib/libssl/src/apps/s_socket.c
new file mode 100644
index 0000000000..4bc3fde925
--- /dev/null
+++ b/src/lib/libssl/src/apps/s_socket.c
@@ -0,0 +1,669 @@
+/* apps/s_socket.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#include <signal.h>
+#define USE_SOCKETS
+#define NON_MAIN
+#include "apps.h"
+#undef USE_SOCKETS
+#undef NON_MAIN
+#include "s_apps.h"
+#include "ssl.h"
+
+#ifndef NOPROTO
+static struct hostent *GetHostByName(char *name);
+int sock_init(void );
+#else
+static struct hostent *GetHostByName();
+int sock_init();
+#endif
+
+#ifdef WIN16
+#define SOCKET_PROTOCOL 0 /* more microsoft stupidity */
+#else
+#define SOCKET_PROTOCOL IPPROTO_TCP
+#endif
+
+#ifdef WINDOWS
+static struct WSAData wsa_state;
+static int wsa_init_done=0;
+
+#ifdef WIN16
+static HWND topWnd=0;
+static FARPROC lpTopWndProc=NULL;
+static FARPROC lpTopHookProc=NULL;
+extern HINSTANCE _hInstance; /* nice global CRT provides */
+
+static LONG FAR PASCAL topHookProc(hwnd,message,wParam,lParam)
+HWND hwnd;
+UINT message;
+WPARAM wParam;
+LPARAM lParam;
+ {
+ if (hwnd == topWnd)
+ {
+ switch(message)
+ {
+ case WM_DESTROY:
+ case WM_CLOSE:
+ SetWindowLong(topWnd,GWL_WNDPROC,(LONG)lpTopWndProc);
+ sock_cleanup();
+ break;
+ }
+ }
+ return CallWindowProc(lpTopWndProc,hwnd,message,wParam,lParam);
+ }
+
+static BOOL CALLBACK enumproc(HWND hwnd,LPARAM lParam)
+ {
+ topWnd=hwnd;
+ return(FALSE);
+ }
+
+#endif /* WIN32 */
+#endif /* WINDOWS */
+
+void sock_cleanup()
+ {
+#ifdef WINDOWS
+ if (wsa_init_done)
+ {
+ wsa_init_done=0;
+ WSACancelBlockingCall();
+ WSACleanup();
+ }
+#endif
+ }
+
+int sock_init()
+ {
+#ifdef WINDOWS
+ if (!wsa_init_done)
+ {
+ int err;
+
+#ifdef SIGINT
+ signal(SIGINT,(void (*)(int))sock_cleanup);
+#endif
+ wsa_init_done=1;
+ memset(&wsa_state,0,sizeof(wsa_state));
+ if (WSAStartup(0x0101,&wsa_state)!=0)
+ {
+ err=WSAGetLastError();
+ BIO_printf(bio_err,"unable to start WINSOCK, error code=%d\n",err);
+ return(0);
+ }
+
+#ifdef WIN16
+ EnumTaskWindows(GetCurrentTask(),enumproc,0L);
+ lpTopWndProc=(FARPROC)GetWindowLong(topWnd,GWL_WNDPROC);
+ lpTopHookProc=MakeProcInstance((FARPROC)topHookProc,_hInstance);
+
+ SetWindowLong(topWnd,GWL_WNDPROC,(LONG)lpTopHookProc);
+#endif /* WIN16 */
+ }
+#endif /* WINDOWS */
+ return(1);
+ }
+
+int init_client(sock, host, port)
+int *sock;
+char *host;
+int port;
+ {
+ unsigned char ip[4];
+ short p=0;
+
+ if (!host_ip(host,&(ip[0])))
+ {
+ return(0);
+ }
+ if (p != 0) port=p;
+ return(init_client_ip(sock,ip,port));
+ }
+
+int init_client_ip(sock, ip, port)
+int *sock;
+unsigned char ip[4];
+int port;
+ {
+ unsigned long addr;
+ struct sockaddr_in them;
+ int s,i;
+
+ if (!sock_init()) return(0);
+
+ memset((char *)&them,0,sizeof(them));
+ them.sin_family=AF_INET;
+ them.sin_port=htons((unsigned short)port);
+ addr=(unsigned long)
+ ((unsigned long)ip[0]<<24L)|
+ ((unsigned long)ip[1]<<16L)|
+ ((unsigned long)ip[2]<< 8L)|
+ ((unsigned long)ip[3]);
+ them.sin_addr.s_addr=htonl(addr);
+
+ s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
+ if (s == INVALID_SOCKET) { perror("socket"); return(0); }
+
+ i=0;
+ i=setsockopt(s,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i));
+ if (i < 0) { perror("keepalive"); return(0); }
+
+ if (connect(s,(struct sockaddr *)&them,sizeof(them)) == -1)
+ { close(s); perror("connect"); return(0); }
+ *sock=s;
+ return(1);
+ }
+
+int nbio_sock_error(sock)
+int sock;
+ {
+ int j,i,size;
+
+ size=sizeof(int);
+ i=getsockopt(sock,SOL_SOCKET,SO_ERROR,(char *)&j,&size);
+ if (i < 0)
+ return(1);
+ else
+ return(j);
+ }
+
+int nbio_init_client_ip(sock, ip, port)
+int *sock;
+unsigned char ip[4];
+int port;
+ {
+ unsigned long addr;
+ struct sockaddr_in them;
+ int s,i;
+
+ if (!sock_init()) return(0);
+
+ memset((char *)&them,0,sizeof(them));
+ them.sin_family=AF_INET;
+ them.sin_port=htons((unsigned short)port);
+ addr= (unsigned long)
+ ((unsigned long)ip[0]<<24L)|
+ ((unsigned long)ip[1]<<16L)|
+ ((unsigned long)ip[2]<< 8L)|
+ ((unsigned long)ip[3]);
+ them.sin_addr.s_addr=htonl(addr);
+
+ if (*sock <= 0)
+ {
+ unsigned long l=1;
+
+ s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
+ if (s == INVALID_SOCKET) { perror("socket"); return(0); }
+
+ i=0;
+ i=setsockopt(s,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i));
+ if (i < 0) { perror("keepalive"); return(0); }
+ *sock=s;
+
+#ifdef FIONBIO
+ BIO_socket_ioctl(s,FIONBIO,&l);
+#endif
+ }
+ else
+ s= *sock;
+
+ i=connect(s,(struct sockaddr *)&them,sizeof(them));
+ if (i == INVALID_SOCKET)
+ {
+ if (BIO_sock_should_retry(i))
+ return(-1);
+ else
+ return(0);
+ }
+ else
+ return(1);
+ }
+
+int do_server(port, ret, cb)
+int port;
+int *ret;
+int (*cb)();
+ {
+ int sock;
+ char *name;
+ int accept_socket;
+ int i;
+
+ if (!init_server(&accept_socket,port)) return(0);
+
+ if (ret != NULL)
+ {
+ *ret=accept_socket;
+ /* return(1);*/
+ }
+ for (;;)
+ {
+ if (do_accept(accept_socket,&sock,&name) == 0)
+ {
+ SHUTDOWN(accept_socket);
+ return(0);
+ }
+ i=(*cb)(name,sock);
+ if (name != NULL) Free(name);
+ SHUTDOWN2(sock);
+ if (i < 0)
+ {
+ SHUTDOWN2(accept_socket);
+ return(i);
+ }
+ }
+ }
+
+int init_server_long(sock, port, ip)
+int *sock;
+int port;
+char *ip;
+ {
+ int ret=0;
+ struct sockaddr_in server;
+ int s= -1,i;
+
+ if (!sock_init()) return(0);
+
+ memset((char *)&server,0,sizeof(server));
+ server.sin_family=AF_INET;
+ server.sin_port=htons((unsigned short)port);
+ if (ip == NULL)
+ server.sin_addr.s_addr=INADDR_ANY;
+ else
+ memcpy(&server.sin_addr.s_addr,ip,4);
+ s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
+
+ if (s == INVALID_SOCKET) goto err;
+ if (bind(s,(struct sockaddr *)&server,sizeof(server)) == -1)
+ {
+#ifndef WINDOWS
+ perror("bind");
+#endif
+ goto err;
+ }
+ /* Make it 128 for linux */
+ if (listen(s,128) == -1) goto err;
+ i=0;
+ *sock=s;
+ ret=1;
+err:
+ if ((ret == 0) && (s != -1))
+ {
+ SHUTDOWN(s);
+ }
+ return(ret);
+ }
+
+int init_server(sock,port)
+int *sock;
+int port;
+ {
+ return(init_server_long(sock, port, NULL));
+ }
+
+int do_accept(acc_sock, sock, host)
+int acc_sock;
+int *sock;
+char **host;
+ {
+ int ret,i;
+ struct hostent *h1,*h2;
+ static struct sockaddr_in from;
+ int len;
+/* struct linger ling; */
+
+ if (!sock_init()) return(0);
+
+#ifndef WINDOWS
+redoit:
+#endif
+
+ memset((char *)&from,0,sizeof(from));
+ len=sizeof(from);
+ ret=accept(acc_sock,(struct sockaddr *)&from,&len);
+ if (ret == INVALID_SOCKET)
+ {
+#ifdef WINDOWS
+ i=WSAGetLastError();
+ BIO_printf(bio_err,"accept error %d\n",i);
+#else
+ if (errno == EINTR)
+ {
+ /*check_timeout(); */
+ goto redoit;
+ }
+ fprintf(stderr,"errno=%d ",errno);
+ perror("accept");
+#endif
+ return(0);
+ }
+
+/*
+ ling.l_onoff=1;
+ ling.l_linger=0;
+ i=setsockopt(ret,SOL_SOCKET,SO_LINGER,(char *)&ling,sizeof(ling));
+ if (i < 0) { perror("linger"); return(0); }
+ i=0;
+ i=setsockopt(ret,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i));
+ if (i < 0) { perror("keepalive"); return(0); }
+*/
+
+ if (host == NULL) goto end;
+#ifndef BIT_FIELD_LIMITS
+ /* I should use WSAAsyncGetHostByName() under windows */
+ h1=gethostbyaddr((char *)&from.sin_addr.s_addr,
+ sizeof(from.sin_addr.s_addr),AF_INET);
+#else
+ h1=gethostbyaddr((char *)&from.sin_addr,
+ sizeof(struct in_addr),AF_INET);
+#endif
+ if (h1 == NULL)
+ {
+ BIO_printf(bio_err,"bad gethostbyaddr\n");
+ *host=NULL;
+ /* return(0); */
+ }
+ else
+ {
+ if ((*host=(char *)Malloc(strlen(h1->h_name)+1)) == NULL)
+ {
+ perror("Malloc");
+ return(0);
+ }
+ strcpy(*host,h1->h_name);
+
+ h2=GetHostByName(*host);
+ if (h2 == NULL)
+ {
+ BIO_printf(bio_err,"gethostbyname failure\n");
+ return(0);
+ }
+ i=0;
+ if (h2->h_addrtype != AF_INET)
+ {
+ BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n");
+ return(0);
+ }
+ }
+end:
+ *sock=ret;
+ return(1);
+ }
+
+int extract_host_port(str,host_ptr,ip,port_ptr)
+char *str;
+char **host_ptr;
+unsigned char *ip;
+short *port_ptr;
+ {
+ char *h,*p;
+
+ h=str;
+ p=strchr(str,':');
+ if (p == NULL)
+ {
+ BIO_printf(bio_err,"no port defined\n");
+ return(0);
+ }
+ *(p++)='\0';
+
+ if ((ip != NULL) && !host_ip(str,ip))
+ goto err;
+ if (host_ptr != NULL) *host_ptr=h;
+
+ if (!extract_port(p,port_ptr))
+ goto err;
+ return(1);
+err:
+ return(0);
+ }
+
+int host_ip(str,ip)
+char *str;
+unsigned char ip[4];
+ {
+ unsigned int in[4];
+ int i;
+
+ if (sscanf(str,"%d.%d.%d.%d",&(in[0]),&(in[1]),&(in[2]),&(in[3])) == 4)
+ {
+ for (i=0; i<4; i++)
+ if (in[i] > 255)
+ {
+ BIO_printf(bio_err,"invalid IP address\n");
+ goto err;
+ }
+ ip[0]=in[0];
+ ip[1]=in[1];
+ ip[2]=in[2];
+ ip[3]=in[3];
+ }
+ else
+ { /* do a gethostbyname */
+ struct hostent *he;
+
+ if (!sock_init()) return(0);
+
+ he=GetHostByName(str);
+ if (he == NULL)
+ {
+ BIO_printf(bio_err,"gethostbyname failure\n");
+ goto err;
+ }
+ /* cast to short because of win16 winsock definition */
+ if ((short)he->h_addrtype != AF_INET)
+ {
+ BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n");
+ return(0);
+ }
+ ip[0]=he->h_addr_list[0][0];
+ ip[1]=he->h_addr_list[0][1];
+ ip[2]=he->h_addr_list[0][2];
+ ip[3]=he->h_addr_list[0][3];
+ }
+ return(1);
+err:
+ return(0);
+ }
+
+int extract_port(str,port_ptr)
+char *str;
+short *port_ptr;
+ {
+ int i;
+ struct servent *s;
+
+ i=atoi(str);
+ if (i != 0)
+ *port_ptr=(unsigned short)i;
+ else
+ {
+ s=getservbyname(str,"tcp");
+ if (s == NULL)
+ {
+ BIO_printf(bio_err,"getservbyname failure for %s\n",str);
+ return(0);
+ }
+ *port_ptr=ntohs((unsigned short)s->s_port);
+ }
+ return(1);
+ }
+
+#define GHBN_NUM 4
+static struct ghbn_cache_st
+ {
+ char name[128];
+ struct hostent ent;
+ unsigned long order;
+ } ghbn_cache[GHBN_NUM];
+
+static unsigned long ghbn_hits=0L;
+static unsigned long ghbn_miss=0L;
+
+static struct hostent *GetHostByName(name)
+char *name;
+ {
+ struct hostent *ret;
+ int i,lowi=0;
+ unsigned long low= (unsigned long)-1;
+
+ for (i=0; i<GHBN_NUM; i++)
+ {
+ if (low > ghbn_cache[i].order)
+ {
+ low=ghbn_cache[i].order;
+ lowi=i;
+ }
+ if (ghbn_cache[i].order > 0)
+ {
+ if (strncmp(name,ghbn_cache[i].name,128) == 0)
+ break;
+ }
+ }
+ if (i == GHBN_NUM) /* no hit*/
+ {
+ ghbn_miss++;
+ ret=gethostbyname(name);
+ if (ret == NULL) return(NULL);
+ /* else add to cache */
+ strncpy(ghbn_cache[lowi].name,name,128);
+ memcpy((char *)&(ghbn_cache[lowi].ent),ret,sizeof(struct hostent));
+ ghbn_cache[lowi].order=ghbn_miss+ghbn_hits;
+ return(ret);
+ }
+ else
+ {
+ ghbn_hits++;
+ ret= &(ghbn_cache[i].ent);
+ ghbn_cache[i].order=ghbn_miss+ghbn_hits;
+ return(ret);
+ }
+ }
+
+#ifndef MSDOS
+int spawn(argc, argv, in, out)
+int argc;
+char **argv;
+int *in;
+int *out;
+ {
+ int pid;
+#define CHILD_READ p1[0]
+#define CHILD_WRITE p2[1]
+#define PARENT_READ p2[0]
+#define PARENT_WRITE p1[1]
+ int p1[2],p2[2];
+
+ if ((pipe(p1) < 0) || (pipe(p2) < 0)) return(-1);
+
+ if ((pid=fork()) == 0)
+ { /* child */
+ if (dup2(CHILD_WRITE,fileno(stdout)) < 0)
+ perror("dup2");
+ if (dup2(CHILD_WRITE,fileno(stderr)) < 0)
+ perror("dup2");
+ if (dup2(CHILD_READ,fileno(stdin)) < 0)
+ perror("dup2");
+ close(CHILD_READ);
+ close(CHILD_WRITE);
+
+ close(PARENT_READ);
+ close(PARENT_WRITE);
+ execvp(argv[0],argv);
+ perror("child");
+ exit(1);
+ }
+
+ /* parent */
+ *in= PARENT_READ;
+ *out=PARENT_WRITE;
+ close(CHILD_READ);
+ close(CHILD_WRITE);
+ return(pid);
+ }
+#endif /* MSDOS */
+
+
+#ifdef undef
+ /* Turn on synchronous sockets so that we can do a WaitForMultipleObjects
+ * on sockets */
+ {
+ SOCKET s;
+ int optionValue = SO_SYNCHRONOUS_NONALERT;
+ int err;
+
+ err = setsockopt(
+ INVALID_SOCKET,
+ SOL_SOCKET,
+ SO_OPENTYPE,
+ (char *)&optionValue,
+ sizeof(optionValue));
+ if (err != NO_ERROR) {
+ /* failed for some reason... */
+ BIO_printf(bio_err, "failed to setsockopt(SO_OPENTYPE, SO_SYNCHRONOUS_ALERT) - %d\n",
+ WSAGetLastError());
+ }
+ }
+#endif
diff --git a/src/lib/libssl/src/apps/s_time.c b/src/lib/libssl/src/apps/s_time.c
new file mode 100644
index 0000000000..7571c208d4
--- /dev/null
+++ b/src/lib/libssl/src/apps/s_time.c
@@ -0,0 +1,703 @@
+/* apps/s_time.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#define NO_SHUTDOWN
+
+/*-----------------------------------------
+ cntime - SSL client connection timer program
+ Written and donated by Larry Streepy <streepy@healthcare.com>
+ -----------------------------------------*/
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#ifdef NO_STDIO
+#define APPS_WIN16
+#endif
+#include "x509.h"
+#include "ssl.h"
+#include "pem.h"
+#define USE_SOCKETS
+#include "apps.h"
+#include "s_apps.h"
+#include "err.h"
+#ifdef WIN32_STUFF
+#include "winmain.h"
+#include "wintext.h"
+#endif
+
+#ifndef MSDOS
+#define TIMES
+#endif
+
+#ifndef VMS
+#ifndef _IRIX
+#include <time.h>
+#endif
+#ifdef TIMES
+#include <sys/types.h>
+#include <sys/times.h>
+#endif
+#else /* VMS */
+#include <types.h>
+struct tms {
+ time_t tms_utime;
+ time_t tms_stime;
+ time_t tms_uchild; /* I dunno... */
+ time_t tms_uchildsys; /* so these names are a guess :-) */
+ }
+#endif
+#ifndef TIMES
+#include <sys/timeb.h>
+#endif
+
+#ifdef _AIX
+#include <sys/select.h>
+#endif
+
+#ifdef sun
+#include <limits.h>
+#include <sys/param.h>
+#endif
+
+/* The following if from times(3) man page. It may need to be changed
+*/
+#ifndef HZ
+#ifndef CLK_TCK
+#ifndef VMS
+#define HZ 100.0
+#else /* VMS */
+#define HZ 100.0
+#endif
+#else /* CLK_TCK */
+#define HZ ((double)CLK_TCK)
+#endif
+#endif
+
+#undef PROG
+#define PROG s_time_main
+
+#define ioctl ioctlsocket
+
+#define SSL_CONNECT_NAME "localhost:4433"
+
+/*#define TEST_CERT "client.pem" */ /* no default cert. */
+
+#undef BUFSIZZ
+#define BUFSIZZ 1024*10
+
+#define min(a,b) (((a) < (b)) ? (a) : (b))
+#define max(a,b) (((a) > (b)) ? (a) : (b))
+
+#undef SECONDS
+#define SECONDS 30
+extern int verify_depth;
+extern int verify_error;
+
+#ifndef NOPROTO
+static void s_time_usage(void);
+static int parseArgs( int argc, char **argv );
+static SSL *doConnection( SSL *scon );
+static void s_time_init(void);
+#else
+static void s_time_usage();
+static int parseArgs();
+static SSL *doConnection();
+static void s_time_init();
+#endif
+
+
+/***********************************************************************
+ * Static data declarations
+ */
+
+/* static char *port=PORT_STR;*/
+static char *host=SSL_CONNECT_NAME;
+static char *t_cert_file=NULL;
+static char *t_key_file=NULL;
+static char *CApath=NULL;
+static char *CAfile=NULL;
+static char *tm_cipher=NULL;
+static int tm_verify = SSL_VERIFY_NONE;
+static int maxTime = SECONDS;
+static SSL_CTX *tm_ctx=NULL;
+static SSL_METHOD *s_time_meth=NULL;
+static char *s_www_path=NULL;
+static long bytes_read=0;
+static int st_bugs=0;
+static int perform=0;
+#ifdef FIONBIO
+static int t_nbio=0;
+#endif
+#ifdef WIN32
+static int exitNow = 0; /* Set when it's time to exit main */
+#endif
+
+static void s_time_init()
+ {
+ host=SSL_CONNECT_NAME;
+ t_cert_file=NULL;
+ t_key_file=NULL;
+ CApath=NULL;
+ CAfile=NULL;
+ tm_cipher=NULL;
+ tm_verify = SSL_VERIFY_NONE;
+ maxTime = SECONDS;
+ tm_ctx=NULL;
+ s_time_meth=NULL;
+ s_www_path=NULL;
+ bytes_read=0;
+ st_bugs=0;
+ perform=0;
+
+#ifdef FIONBIO
+ t_nbio=0;
+#endif
+#ifdef WIN32
+ exitNow = 0; /* Set when it's time to exit main */
+#endif
+ }
+
+/***********************************************************************
+ * usage - display usage message
+ */
+static void s_time_usage()
+{
+ static char umsg[] = "\
+-time arg - max number of seconds to collect data, default %d\n\
+-verify arg - turn on peer certificate verification, arg == depth\n\
+-cert arg - certificate file to use, PEM format assumed\n\
+-key arg - RSA file to use, PEM format assumed, in cert file if\n\
+ not specified but cert fill is.\n\
+-CApath arg - PEM format directory of CA's\n\
+-CAfile arg - PEM format file of CA's\n\
+-cipher - prefered cipher to use, play with 'ssleay ciphers'\n\n";
+
+ printf( "usage: client <args>\n\n" );
+
+ printf("-connect host:port - host:port to connect to (default is %s)\n",SSL_CONNECT_NAME);
+#ifdef FIONBIO
+ printf("-nbio - Run with non-blocking IO\n");
+ printf("-ssl2 - Just use SSLv2\n");
+ printf("-ssl3 - Just use SSLv3\n");
+ printf("-bugs - Turn on SSL bug compatability\n");
+ printf("-new - Just time new connections\n");
+ printf("-reuse - Just time connection reuse\n");
+ printf("-www page - Retrieve 'page' from the site\n");
+#endif
+ printf( umsg,SECONDS );
+}
+
+/***********************************************************************
+ * parseArgs - Parse command line arguments and initialize data
+ *
+ * Returns 0 if ok, -1 on bad args
+ */
+static int parseArgs(argc,argv)
+int argc;
+char **argv;
+{
+ int badop = 0;
+
+ verify_depth=0;
+ verify_error=X509_V_OK;
+#ifdef FIONBIO
+ t_nbio=0;
+#endif
+
+ apps_startup();
+ s_time_init();
+
+ if (bio_err == NULL)
+ bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
+
+ argc--;
+ argv++;
+
+ while (argc >= 1) {
+ if (strcmp(*argv,"-connect") == 0)
+ {
+ if (--argc < 1) goto bad;
+ host= *(++argv);
+ }
+#if 0
+ else if( strcmp(*argv,"-host") == 0)
+ {
+ if (--argc < 1) goto bad;
+ host= *(++argv);
+ }
+ else if( strcmp(*argv,"-port") == 0)
+ {
+ if (--argc < 1) goto bad;
+ port= *(++argv);
+ }
+#endif
+ else if (strcmp(*argv,"-reuse") == 0)
+ perform=2;
+ else if (strcmp(*argv,"-new") == 0)
+ perform=1;
+ else if( strcmp(*argv,"-verify") == 0) {
+
+ tm_verify=SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE;
+ if (--argc < 1) goto bad;
+ verify_depth=atoi(*(++argv));
+ BIO_printf(bio_err,"verify depth is %d\n",verify_depth);
+
+ } else if( strcmp(*argv,"-cert") == 0) {
+
+ if (--argc < 1) goto bad;
+ t_cert_file= *(++argv);
+
+ } else if( strcmp(*argv,"-key") == 0) {
+
+ if (--argc < 1) goto bad;
+ t_key_file= *(++argv);
+
+ } else if( strcmp(*argv,"-CApath") == 0) {
+
+ if (--argc < 1) goto bad;
+ CApath= *(++argv);
+
+ } else if( strcmp(*argv,"-CAfile") == 0) {
+
+ if (--argc < 1) goto bad;
+ CAfile= *(++argv);
+
+ } else if( strcmp(*argv,"-cipher") == 0) {
+
+ if (--argc < 1) goto bad;
+ tm_cipher= *(++argv);
+ }
+#ifdef FIONBIO
+ else if(strcmp(*argv,"-nbio") == 0) {
+ t_nbio=1;
+ }
+#endif
+ else if(strcmp(*argv,"-www") == 0)
+ {
+ if (--argc < 1) goto bad;
+ s_www_path= *(++argv);
+ }
+ else if(strcmp(*argv,"-bugs") == 0)
+ st_bugs=1;
+#ifndef NO_SSL2
+ else if(strcmp(*argv,"-ssl2") == 0)
+ s_time_meth=SSLv2_client_method();
+#endif
+#ifndef NO_SSL3
+ else if(strcmp(*argv,"-ssl3") == 0)
+ s_time_meth=SSLv3_client_method();
+#endif
+ else if( strcmp(*argv,"-time") == 0) {
+
+ if (--argc < 1) goto bad;
+ maxTime= atoi(*(++argv));
+ }
+ else {
+ BIO_printf(bio_err,"unknown option %s\n",*argv);
+ badop=1;
+ break;
+ }
+
+ argc--;
+ argv++;
+ }
+
+ if (perform == 0) perform=3;
+
+ if(badop) {
+bad:
+ s_time_usage();
+ return -1;
+ }
+
+ return 0; /* Valid args */
+}
+
+/***********************************************************************
+ * TIME - time functions
+ */
+#define START 0
+#define STOP 1
+
+static double tm_Time_F(s)
+int s;
+ {
+ static double ret;
+#ifdef TIMES
+ static struct tms tstart,tend;
+
+ if(s == START) {
+ times(&tstart);
+ return(0);
+ } else {
+ times(&tend);
+ ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
+ return((ret == 0.0)?1e-6:ret);
+ }
+#else /* !times() */
+ static struct timeb tstart,tend;
+ long i;
+
+ if(s == START) {
+ ftime(&tstart);
+ return(0);
+ } else {
+ ftime(&tend);
+ i=(long)tend.millitm-(long)tstart.millitm;
+ ret=((double)(tend.time-tstart.time))+((double)i)/1000.0;
+ return((ret == 0.0)?1e-6:ret);
+ }
+#endif
+}
+
+/***********************************************************************
+ * MAIN - main processing area for client
+ * real name depends on MONOLITH
+ */
+int
+MAIN(argc,argv)
+int argc;
+char **argv;
+ {
+ double totalTime = 0.0;
+ int nConn = 0;
+ SSL *scon=NULL;
+ long finishtime=0;
+ int ret=1,i;
+ MS_STATIC char buf[1024*8];
+ int ver;
+
+#if !defined(NO_SSL2) && !defined(NO_SSL3)
+ s_time_meth=SSLv23_client_method();
+#elif !defined(NO_SSL3)
+ s_time_meth=SSLv3_client_method();
+#elif !defined(NO_SSL2)
+ s_time_meth=SSLv2_client_method();
+#endif
+
+ /* parse the command line arguments */
+ if( parseArgs( argc, argv ) < 0 )
+ goto end;
+
+ SSLeay_add_ssl_algorithms();
+ if ((tm_ctx=SSL_CTX_new(s_time_meth)) == NULL) return(1);
+
+ SSL_CTX_set_quiet_shutdown(tm_ctx,1);
+
+ if (st_bugs) SSL_CTX_set_options(tm_ctx,SSL_OP_ALL);
+ SSL_CTX_set_cipher_list(tm_ctx,tm_cipher);
+ if(!set_cert_stuff(tm_ctx,t_cert_file,t_key_file))
+ goto end;
+
+ SSL_load_error_strings();
+
+ if ((!SSL_CTX_load_verify_locations(tm_ctx,CAfile,CApath)) ||
+ (!SSL_CTX_set_default_verify_paths(tm_ctx)))
+ {
+ /* BIO_printf(bio_err,"error seting default verify locations\n"); */
+ ERR_print_errors(bio_err);
+ /* goto end; */
+ }
+
+ if (tm_cipher == NULL)
+ tm_cipher = getenv("SSL_CIPHER");
+
+ if (tm_cipher == NULL ) {
+ fprintf( stderr, "No CIPHER specified\n" );
+/* EXIT(1); */
+ }
+
+ if (!(perform & 1)) goto next;
+ printf( "Collecting connection statistics for %d seconds\n", maxTime );
+
+ /* Loop and time how long it takes to make connections */
+
+ bytes_read=0;
+ finishtime=(long)time(NULL)+maxTime;
+ tm_Time_F(START);
+ for (;;)
+ {
+ if (finishtime < time(NULL)) break;
+#ifdef WIN32_STUFF
+
+ if( flushWinMsgs(0) == -1 )
+ goto end;
+
+ if( waitingToDie || exitNow ) /* we're dead */
+ goto end;
+#endif
+
+ if( (scon = doConnection( NULL )) == NULL )
+ goto end;
+
+ if (s_www_path != NULL)
+ {
+ sprintf(buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path);
+ SSL_write(scon,buf,strlen(buf));
+ while ((i=SSL_read(scon,buf,sizeof(buf))) > 0)
+ bytes_read+=i;
+ }
+
+#ifdef NO_SHUTDOWN
+ SSL_set_shutdown(scon,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
+#else
+ SSL_shutdown(scon);
+#endif
+ SHUTDOWN2(SSL_get_fd(scon));
+
+ nConn += 1;
+ if (SSL_session_reused(scon))
+ ver='r';
+ else
+ {
+ ver=SSL_version(scon);
+ if (ver == TLS1_VERSION)
+ ver='t';
+ else if (ver == SSL3_VERSION)
+ ver='3';
+ else if (ver == SSL2_VERSION)
+ ver='2';
+ else
+ ver='*';
+ }
+ fputc(ver,stdout);
+ fflush(stdout);
+
+ SSL_free( scon );
+ scon=NULL;
+ }
+ totalTime += tm_Time_F(STOP); /* Add the time for this iteration */
+
+ i=(int)(time(NULL)-finishtime+maxTime);
+ printf( "\n\n%d connections in %.2fs; %.2f connections/user sec, bytes read %ld\n", nConn, totalTime, ((double)nConn/totalTime),bytes_read);
+ printf( "%d connections in %ld real seconds, %ld bytes read per connection\n",nConn,time(NULL)-finishtime+maxTime,bytes_read/nConn);
+
+ /* Now loop and time connections using the same session id over and over */
+
+next:
+ if (!(perform & 2)) goto end;
+ printf( "\n\nNow timing with session id reuse.\n" );
+
+ /* Get an SSL object so we can reuse the session id */
+ if( (scon = doConnection( NULL )) == NULL )
+ {
+ fprintf( stderr, "Unable to get connection\n" );
+ goto end;
+ }
+
+ if (s_www_path != NULL)
+ {
+ sprintf(buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path);
+ SSL_write(scon,buf,strlen(buf));
+ while (SSL_read(scon,buf,sizeof(buf)) > 0)
+ ;
+ }
+#ifdef NO_SHUTDOWN
+ SSL_set_shutdown(scon,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
+#else
+ SSL_shutdown(scon);
+#endif
+ SHUTDOWN2(SSL_get_fd(scon));
+
+ nConn = 0;
+ totalTime = 0.0;
+
+ finishtime=time(NULL)+maxTime;
+
+ printf( "starting\n" );
+ bytes_read=0;
+ tm_Time_F(START);
+
+ for (;;)
+ {
+ if (finishtime < time(NULL)) break;
+
+#ifdef WIN32_STUFF
+ if( flushWinMsgs(0) == -1 )
+ goto end;
+
+ if( waitingToDie || exitNow ) /* we're dead */
+ goto end;
+#endif
+
+ if( (doConnection( scon )) == NULL )
+ goto end;
+
+ if (s_www_path)
+ {
+ sprintf(buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path);
+ SSL_write(scon,buf,strlen(buf));
+ while ((i=SSL_read(scon,buf,sizeof(buf))) > 0)
+ bytes_read+=i;
+ }
+
+#ifdef NO_SHUTDOWN
+ SSL_set_shutdown(scon,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
+#else
+ SSL_shutdown(scon);
+#endif
+ SHUTDOWN2(SSL_get_fd(scon));
+
+ nConn += 1;
+ if (SSL_session_reused(scon))
+ ver='r';
+ else
+ {
+ ver=SSL_version(scon);
+ if (ver == TLS1_VERSION)
+ ver='t';
+ else if (ver == SSL3_VERSION)
+ ver='3';
+ else if (ver == SSL2_VERSION)
+ ver='2';
+ else
+ ver='*';
+ }
+ fputc(ver,stdout);
+ fflush(stdout);
+ }
+ totalTime += tm_Time_F(STOP); /* Add the time for this iteration*/
+
+
+ printf( "\n\n%d connections in %.2fs; %.2f connections/user sec, bytes read %ld\n", nConn, totalTime, ((double)nConn/totalTime),bytes_read);
+ printf( "%d connections in %ld real seconds, %ld bytes read per connection\n",nConn,time(NULL)-finishtime+maxTime,bytes_read/nConn);
+
+ ret=0;
+end:
+ if (scon != NULL) SSL_free(scon);
+
+ if (tm_ctx != NULL)
+ {
+ SSL_CTX_free(tm_ctx);
+ tm_ctx=NULL;
+ }
+ EXIT(ret);
+ }
+
+/***********************************************************************
+ * doConnection - make a connection
+ * Args:
+ * scon = earlier ssl connection for session id, or NULL
+ * Returns:
+ * SSL * = the connection pointer.
+ */
+static SSL *
+doConnection(scon)
+SSL *scon;
+ {
+ BIO *conn;
+ SSL *serverCon;
+ int width, i;
+ fd_set readfds;
+
+ if ((conn=BIO_new(BIO_s_connect())) == NULL)
+ return(NULL);
+
+/* BIO_set_conn_port(conn,port);*/
+ BIO_set_conn_hostname(conn,host);
+
+ if (scon == NULL)
+ serverCon=(SSL *)SSL_new(tm_ctx);
+ else
+ {
+ serverCon=scon;
+ SSL_set_connect_state(serverCon);
+ }
+
+ SSL_set_bio(serverCon,conn,conn);
+
+#if 0
+ if( scon != NULL )
+ SSL_set_session(serverCon,SSL_get_session(scon));
+#endif
+
+ /* ok, lets connect */
+ for(;;) {
+ i=SSL_connect(serverCon);
+ if (BIO_sock_should_retry(i))
+ {
+ BIO_printf(bio_err,"DELAY\n");
+
+ i=SSL_get_fd(serverCon);
+ width=i+1;
+ FD_ZERO(&readfds);
+ FD_SET(i,&readfds);
+ select(width,&readfds,NULL,NULL,NULL);
+ continue;
+ }
+ break;
+ }
+ if(i <= 0)
+ {
+ BIO_printf(bio_err,"ERROR\n");
+ if (verify_error != X509_V_OK)
+ BIO_printf(bio_err,"verify error:%s\n",
+ X509_verify_cert_error_string(verify_error));
+ else
+ ERR_print_errors(bio_err);
+ if (scon == NULL)
+ SSL_free(serverCon);
+ return NULL;
+ }
+
+ return serverCon;
+ }
+
+
diff --git a/src/lib/libssl/src/apps/server.pem b/src/lib/libssl/src/apps/server.pem
new file mode 100644
index 0000000000..eabb927036
--- /dev/null
+++ b/src/lib/libssl/src/apps/server.pem
@@ -0,0 +1,369 @@
+issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
+subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Server test cert (512 bit)
+-----BEGIN CERTIFICATE-----
+MIIB6TCCAVICAQAwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV
+BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYD
+VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNOTcwNjA5MTM1NzQ2WhcNOTgwNjA5
+MTM1NzQ2WjBjMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG
+A1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxIzAhBgNVBAMTGlNlcnZlciB0ZXN0IGNl
+cnQgKDUxMiBiaXQpMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJ+zw4Qnlf8SMVIP
+Fe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVDTGiXav6ooKXfX3j/7tdkuD8Ey2//
+Kv7+ue0CAwEAATANBgkqhkiG9w0BAQQFAAOBgQB4TMR2CvacKE9wAsu9jyCX8YiW
+mgCM+YoP6kt4Zkj2z5IRfm7WrycKsnpnOR+tGeqAjkCeZ6/36o9l91RvPnN1VJ/i
+xQv2df0KFeMr00IkDdTNAdIWqFkSsZTAY2QAdgenb7MB1joejquYzO2DQIO7+wpH
+irObpESxAZLySCmPPg==
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIIBPAIBAAJBAJ+zw4Qnlf8SMVIPFe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVD
+TGiXav6ooKXfX3j/7tdkuD8Ey2//Kv7+ue0CAwEAAQJAN6W31vDEP2DjdqhzCDDu
+OA4NACqoiFqyblo7yc2tM4h4xMbC3Yx5UKMN9ZkCtX0gzrz6DyF47bdKcWBzNWCj
+gQIhANEoojVt7hq+SQ6MCN6FTAysGgQf56Q3TYoJMoWvdiXVAiEAw3e3rc+VJpOz
+rHuDo6bgpjUAAXM+v3fcpsfZSNO6V7kCIQCtbVjanpUwvZkMI9by02oUk9taki3b
+PzPfAfNPYAbCJQIhAJXNQDWyqwn/lGmR11cqY2y9nZ1+5w3yHGatLrcDnQHxAiEA
+vnlEGo8K85u+KwIOimM48ZG8oTk7iFdkqLJR1utT3aU=
+-----END RSA PRIVATE KEY-----
+subject=/C=US/O=AT&T Bell Laboratories/OU=Prototype Research CA
+issuer= /C=US/O=AT&T Bell Laboratories/OU=Prototype Research CA
+notBefore=950413210656Z
+notAfter =970412210656Z
+-----BEGIN X509 CERTIFICATE-----
+
+MIICCDCCAXECAQAwDQYJKoZIhvcNAQEEBQAwTjELMAkGA1UEBhMCVVMxHzAdBgNV
+BAoUFkFUJlQgQmVsbCBMYWJvcmF0b3JpZXMxHjAcBgNVBAsUFVByb3RvdHlwZSBS
+ZXNlYXJjaCBDQTAeFw05NTA0MTMyMTA2NTZaFw05NzA0MTIyMTA2NTZaME4xCzAJ
+BgNVBAYTAlVTMR8wHQYDVQQKFBZBVCZUIEJlbGwgTGFib3JhdG9yaWVzMR4wHAYD
+VQQLFBVQcm90b3R5cGUgUmVzZWFyY2ggQ0EwgZwwDQYJKoZIhvcNAQEBBQADgYoA
+MIGGAoGAebOmgtSCl+wCYZc86UGYeTLY8cjmW2P0FN8ToT/u2pECCoFdrlycX0OR
+3wt0ZhpFXLVNeDnHwEE9veNUih7pCL2ZBFqoIoQkB1lZmXRiVtjGonz8BLm/qrFM
+YHb0lme/Ol+s118mwKVxnn6bSAeI/OXKhLaVdYZWk+aEaxEDkVkCAQ8wDQYJKoZI
+hvcNAQEEBQADgYEAAZMG14lZmZ8bahkaHaTV9dQf4p2FZiQTFwHP9ZyGsXPC+LT5
+dG5iTaRmyjNIJdPWohZDl97kAci79aBndvuEvRKOjLHs3WRGBIwERnAcnY9Mz8u/
+zIHK23PjYVxGGaZd669OJwD0CYyqH22HH9nFUGaoJdsv39ChW0NRdLE9+y8=
+-----END X509 CERTIFICATE-----
+issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
+subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
+-----BEGIN CERTIFICATE-----
+MIICJjCCAY8CAQAwDQYJKoZIhvcNAQEEBQAwXDELMAkGA1UEBhMCQVUxEzARBgNV
+BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYD
+VQQDExNUZXN0IFBDQSAoMTAyNCBiaXQpMB4XDTk3MDYwOTEzNTc0M1oXDTAxMDYw
+OTEzNTc0M1owWzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxGjAY
+BgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYDVQQDExJUZXN0IENBICgxMDI0
+IGJpdCkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKO7o8t116VP6cgybTsZ
+DCZhr95nYlZuya3aCi1IKoztqwWnjbmDFIriOqGFPrZQ+moMETC9D59iRW/dFXSv
+1F65ka/XY2hLh9exCCo7XuUcDs53Qp3bI3AmMqHjgzE8oO3ajyJAzJkTTOUecQU2
+mw/gI4tMM0LqWMQS7luTy4+xAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAM7achv3v
+hLQJcv/65eGEpBXM40ZDVoFQFFJWaY5p883HTqLB1x4FdzsXHH0QKBTcKpWwqyu4
+YDm3fb8oDugw72bCzfyZK/zVZPR/hVlqI/fvU109Qoc+7oPvIXWky71HfcK6ZBCA
+q30KIqGM/uoM60INq97qjDmCJapagcNBGQs=
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQCju6PLddelT+nIMm07GQwmYa/eZ2JWbsmt2gotSCqM7asFp425
+gxSK4jqhhT62UPpqDBEwvQ+fYkVv3RV0r9ReuZGv12NoS4fXsQgqO17lHA7Od0Kd
+2yNwJjKh44MxPKDt2o8iQMyZE0zlHnEFNpsP4COLTDNC6ljEEu5bk8uPsQIDAQAB
+AoGAVZmpFZsDZfr0l2S9tLLwpjRWNOlKATQkno6q2WesT0eGLQufTciY+c8ypfU6
+hyio8r5iUl/VhhdjhAtKx1mRpiotftHo/eYf8rtsrnprOnWG0bWjLjtIoMbcxGn2
+J3bN6LJmbJMjDs0eJ3KnTu646F3nDUw2oGAwmpzKXA1KAP0CQQDRvQhxk2D3Pehs
+HvG665u2pB5ipYQngEFlZO7RHJZzJOZEWSLuuMqaF/7pTfA5jiBvWqCgJeCRRInL
+21ru4dlPAkEAx9jj7BgKn5TYnMoBSSe0afjsV9oApVpN1Nacb1YDtCwy+scp3++s
+nFxlv98wxIlSdpwMUn+AUWfjiWR7Tu/G/wJBAJ/KjwZIrFVxewP0x2ILYsTRYLzz
+MS4PDsO7FB+I0i7DbBOifXS2oNSpd3I0CNMwrxFnUHzynpbOStVfN3ZL5w0CQQCa
+pwFahxBRhkJKsxhjoFJBX9yl75JoY4Wvm5Tbo9ih6UJaRx3kqfkN14L2BKYcsZgb
+KY9vmDOYy6iNfjDeWTfJAkBkfPUb8oTJ/nSP5zN6sqGxSY4krc4xLxpRmxoJ8HL2
+XfhqXkTzbU13RX9JJ/NZ8vQN9Vm2NhxRGJocQkmcdVtJ
+-----END RSA PRIVATE KEY-----
+-----BEGIN X509 CERTIFICATE-----
+MIICYDCCAiACAgEoMAkGBSsOAwINBQAwfDELMAkGA1UEBhMCVVMxNjA0BgNVBAoT
+LU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFuZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEZ
+MBcGA1UECxMQVGVzdCBFbnZpcm9ubWVudDEaMBgGA1UECxMRRFNTLU5BU0EtUGls
+b3QtQ0EwHhcNOTYwMjI2MTYzMjQ1WhcNOTcwMjI1MTYzMjQ1WjB8MQswCQYDVQQG
+EwJVUzE2MDQGA1UEChMtTmF0aW9uYWwgQWVyb25hdXRpY3MgYW5kIFNwYWNlIEFk
+bWluaXN0cmF0aW9uMRkwFwYDVQQLExBUZXN0IEVudmlyb25tZW50MRowGAYDVQQL
+ExFEU1MtTkFTQS1QaWxvdC1DQTCB8jAJBgUrDgMCDAUAA4HkADCB4AJBAMA/ssKb
+hPNUG7ZlASfVwEJU21O5OyF/iyBzgHI1O8eOhJGUYO8cc8wDMjR508Mr9cp6Uhl/
+ZB7FV5GkLNEnRHYCQQDUEaSg45P2qrDwixTRhFhmWz5Nvc4lRFQ/42XPcchiJBLb
+bn3QK74T2IxY1yY+kCNq8XrIqf5fJJzIH0J/xUP3AhUAsg2wsQHfDGYk/BOSulX3
+fVd0geUCQQCzCFUQAh+ZkEmp5804cs6ZWBhrUAfnra8lJItYo9xPcXgdIfLfibcX
+R71UsyO77MRD7B0+Ag2tq794IleCVcEEMAkGBSsOAwINBQADLwAwLAIUUayDfreR
+Yh2WeU86/pHNdkUC1IgCFEfxe1f0oMpxJyrJ5XIxTi7vGdoK
+-----END X509 CERTIFICATE-----
+-----BEGIN X509 CERTIFICATE-----
+
+MIICGTCCAdgCAwCqTDAJBgUrDgMCDQUAMHwxCzAJBgNVBAYTAlVTMTYwNAYDVQQK
+Ey1OYXRpb25hbCBBZXJvbmF1dGljcyBhbmQgU3BhY2UgQWRtaW5pc3RyYXRpb24x
+GTAXBgNVBAsTEFRlc3QgRW52aXJvbm1lbnQxGjAYBgNVBAsTEURTUy1OQVNBLVBp
+bG90LUNBMB4XDTk2MDUxNDE3MDE0MVoXDTk3MDUxNDE3MDE0MVowMzELMAkGA1UE
+BhMCQVUxDzANBgNVBAoTBk1pbmNvbTETMBEGA1UEAxMKRXJpYyBZb3VuZzCB8jAJ
+BgUrDgMCDAUAA4HkADCB4AJBAKbfHz6vE6pXXMTpswtGUec2tvnfLJUsoxE9qs4+
+ObZX7LmLvragNPUeiTJx7UOWZ5DfBj6bXLc8eYne0lP1g3ACQQDUEaSg45P2qrDw
+ixTRhFhmWz5Nvc4lRFQ/42XPcchiJBLbbn3QK74T2IxY1yY+kCNq8XrIqf5fJJzI
+H0J/xUP3AhUAsg2wsQHfDGYk/BOSulX3fVd0geUCQQCzCFUQAh+ZkEmp5804cs6Z
+WBhrUAfnra8lJItYo9xPcXgdIfLfibcXR71UsyO77MRD7B0+Ag2tq794IleCVcEE
+MAkGBSsOAwINBQADMAAwLQIUWsuuJRE3VT4ueWkWMAJMJaZjj1ECFQCYY0zX4bzM
+LC7obsrHD8XAHG+ZRG==
+-----END X509 CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICTTCCAbagAwIBAgIBADANBgkqhkiG9w0BAQQFADBMMQswCQYDVQQGEwJHQjEM
+MAoGA1UEChMDVUNMMRgwFgYDVQQLEw9JQ0UtVEVMIFByb2plY3QxFTATBgNVBAMT
+DFRydXN0RmFjdG9yeTAeFw05NzA0MjIxNDM5MTRaFw05ODA0MjIxNDM5MTRaMEwx
+CzAJBgNVBAYTAkdCMQwwCgYDVQQKEwNVQ0wxGDAWBgNVBAsTD0lDRS1URUwgUHJv
+amVjdDEVMBMGA1UEAxMMVHJ1c3RGYWN0b3J5MIGcMAoGBFUIAQECAgQAA4GNADCB
+iQKBgQCEieR8NcXkUW1f0G6aC6u0i8q/98JqS6RxK5YmHIGKCkuTWAUjzLfUa4dt
+U9igGCjTuxaDqlzEim+t/02pmiBZT9HaX++35MjQPUWmsChcYU5WyzGErXi+rQaw
+zlwS73zM8qiPj/97lXYycWhgL0VaiDSPxRXEUdWoaGruom4mNQIDAQABo0IwQDAd
+BgNVHQ4EFgQUHal1LZr7oVg5z6lYzrhTgZRCmcUwDgYDVR0PAQH/BAQDAgH2MA8G
+A1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAfaggfl6FZoioecjv0dq8
+/DXo/u11iMZvXn08gjX/zl2b4wtPbShOSY5FhkSm8GeySasz+/Nwb/uzfnIhokWi
+lfPZHtlCWtXbIy/TN51eJyq04ceDCQDWvLC2enVg9KB+GJ34b5c5VaPRzq8MBxsA
+S7ELuYGtmYgYm9NZOIr7yU0=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIB6jCCAZQCAgEtMA0GCSqGSIb3DQEBBAUAMIGAMQswCQYDVQQGEwJVUzE2MDQG
+A1UEChMtTmF0aW9uYWwgQWVyb25hdXRpY3MgYW5kIFNwYWNlIEFkbWluaXN0cmF0
+aW9uMRkwFwYDVQQLExBUZXN0IEVudmlyb25tZW50MR4wHAYDVQQLExVNRDUtUlNB
+LU5BU0EtUGlsb3QtQ0EwHhcNOTYwNDMwMjIwNTAwWhcNOTcwNDMwMjIwNTAwWjCB
+gDELMAkGA1UEBhMCVVMxNjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFu
+ZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEZMBcGA1UECxMQVGVzdCBFbnZpcm9ubWVu
+dDEeMBwGA1UECxMVTUQ1LVJTQS1OQVNBLVBpbG90LUNBMFkwCgYEVQgBAQICAgAD
+SwAwSAJBALmmX5+GqAvcrWK13rfDrNX9UfeA7f+ijyBgeFQjYUoDpFqapw4nzQBL
+bAXug8pKkRwa2Zh8YODhXsRWu2F/UckCAwEAATANBgkqhkiG9w0BAQQFAANBAH9a
+OBA+QCsjxXgnSqHx04gcU8S49DVUb1f2XVoLnHlIb8RnX0k5O6mpHT5eti9bLkiW
+GJNMJ4L0AJ/ac+SmHZc=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICajCCAdMCBDGA0QUwDQYJKoZIhvcNAQEEBQAwfTELMAkGA1UEBhMCQ2ExDzAN
+BgNVBAcTBk5lcGVhbjEeMBwGA1UECxMVTm8gTGlhYmlsaXR5IEFjY2VwdGVkMR8w
+HQYDVQQKExZGb3IgRGVtbyBQdXJwb3NlcyBPbmx5MRwwGgYDVQQDExNFbnRydXN0
+IERlbW8gV2ViIENBMB4XDTk2MDQyNjEzMzUwMVoXDTA2MDQyNjEzMzUwMVowfTEL
+MAkGA1UEBhMCQ2ExDzANBgNVBAcTBk5lcGVhbjEeMBwGA1UECxMVTm8gTGlhYmls
+aXR5IEFjY2VwdGVkMR8wHQYDVQQKExZGb3IgRGVtbyBQdXJwb3NlcyBPbmx5MRww
+GgYDVQQDExNFbnRydXN0IERlbW8gV2ViIENBMIGdMA0GCSqGSIb3DQEBAQUAA4GL
+ADCBhwKBgQCaroS7O1DA0hm4IefNYU1cx/nqOmzEnk291d1XqznDeF4wEgakbkCc
+zTKxK791yNpXG5RmngqH7cygDRTHZJ6mfCRn0wGC+AI00F2vYTGqPGRQL1N3lZT0
+YDKFC0SQeMMjFIZ1aeQigroFQnHo0VB3zWIMpNkka8PY9lxHZAmWwQIBAzANBgkq
+hkiG9w0BAQQFAAOBgQBAx0UMVA1s54lMQyXjMX5kj99FJN5itb8bK1Rk+cegPQPF
+cWO9SEWyEjjBjIkjjzAwBkaEszFsNGxemxtXvwjIm1xEUMTVlPEWTs2qnDvAUA9W
+YqhWbhH0toGT36236QAsqCZ76rbTRVSSX2BHyJwJMG2tCRv7kRJ//NIgxj3H4w==
+-----END CERTIFICATE-----
+
+issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
+subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
+-----BEGIN CERTIFICATE-----
+MIICJzCCAZACAQAwDQYJKoZIhvcNAQEEBQAwXDELMAkGA1UEBhMCQVUxEzARBgNV
+BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYD
+VQQDExNUZXN0IFBDQSAoMTAyNCBiaXQpMB4XDTk3MDYwOTEzNTczN1oXDTAxMDYw
+OTEzNTczN1owXDELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxGjAY
+BgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYDVQQDExNUZXN0IFBDQSAoMTAy
+NCBiaXQpMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCdoWk/3+WcMlfjIrkg
+40ketmnQaEogQe1LLcuOJV6rKfUSAsPgwgsabJ/wn8TxA1yy3eKJbFl3OiUXMRsp
+22Jp85PmemiDzyUIStwk72qhp1imbANZvlmlCFKiQrjUyuDfu4TABmn+kkt3vR1Y
+BEOGt+IFye1UBVSATVdRJ2UVhwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBABNA1u/S
+Cg/LJZWb7GliiKJsvuhxlE4E5JxQF2zMub/CSNbF97//tYSyj96sxeFQxZXbcjm9
+xt6mr/xNLA4szNQMJ4P+L7b5e/jC5DSqlwS+CUYJgaFs/SP+qJoCSu1bR3IM9XWO
+cRBpDmcBbYLkSyB92WURvsZ1LtjEcn+cdQVI
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQCdoWk/3+WcMlfjIrkg40ketmnQaEogQe1LLcuOJV6rKfUSAsPg
+wgsabJ/wn8TxA1yy3eKJbFl3OiUXMRsp22Jp85PmemiDzyUIStwk72qhp1imbANZ
+vlmlCFKiQrjUyuDfu4TABmn+kkt3vR1YBEOGt+IFye1UBVSATVdRJ2UVhwIDAQAB
+AoGAba4fTtuap5l7/8ZsbE7Z1O32KJY4ZcOZukLOLUUhXxXduT+FTgGWujc0/rgc
+z9qYCLlNZHOouMYTgtSfYvuMuLZ11VIt0GYH+nRioLShE59Yy+zCRyC+gPigS1kz
+xvo14AsOIPYV14Tk/SsHyq6E0eTk7VzaIE197giiINUERPECQQDSKmtPTh/lRKw7
+HSZSM0I1mFWn/1zqrAbontRQY5w98QWIOe5qmzYyFbPXYT3d9BzlsMyhgiRNoBbD
+yvohSHXJAkEAwAHx6ezAZeWWzD5yXD36nyjpkVCw7Tk7TSmOceLJMWt1QcrCfqlS
+xA5jjpQ6Z8suU5DdtWAryM2sAir1WisYzwJAd6Zcx56jvAQ3xcPXsE6scBTVFzrj
+7FqZ6E+cclPzfLQ+QQsyOBE7bpI6e/FJppY26XGZXo3YGzV8IGXrt40oOQJALETG
+h86EFXo3qGOFbmsDy4pdP5nBERCu8X1xUCSfintiD4c2DInxgS5oGclnJeMcjTvL
+QjQoJCX3UJCi/OUO1QJBAKgcDHWjMvt+l1pjJBsSEZ0HX9AAIIVx0RQmbFGS+F2Q
+hhu5l77WnnZOQ9vvhV5u7NPCUF9nhU3jh60qWWO8mkc=
+-----END RSA PRIVATE KEY-----
+subject=/C=US/O=RSA Data Security, Inc./OU=Commercial Certification Authority
+issuer= /C=US/O=RSA Data Security, Inc./OU=Commercial Certification Authority
+notBefore=941104185834Z
+notAfter =991103185834Z
+-----BEGIN X509 CERTIFICATE-----
+
+MIICIzCCAZACBQJBAAAWMA0GCSqGSIb3DQEBAgUAMFwxCzAJBgNVBAYTAlVTMSAw
+HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVy
+Y2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NDExMDQxODU4MzRaFw05
+OTExMDMxODU4MzRaMFwxCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0EgRGF0YSBT
+ZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVyY2lhbCBDZXJ0aWZpY2F0aW9u
+IEF1dGhvcml0eTCBmzANBgkqhkiG9w0BAQEFAAOBiQAwgYUCfgCk+4Fie84QJ93o
+975sbsZwmdu41QUDaSiCnHJ/lj+O7Kwpkj+KFPhCdr69XQO5kNTQvAayUTNfxMK/
+touPmbZiImDd298ggrTKoi8tUO2UMt7gVY3UaOLgTNLNBRYulWZcYVI4HlGogqHE
+7yXpCuaLK44xZtn42f29O2nZ6wIDAQABMA0GCSqGSIb3DQEBAgUAA34AdrW2EP4j
+9/dZYkuwX5zBaLxJu7NJbyFHXSudVMQAKD+YufKKg5tgf+tQx6sFEC097TgCwaVI
+0v5loMC86qYjFmZsGySp8+x5NRhPJsjjr1BKx6cxa9B8GJ1Qv6km+iYrRpwUqbtb
+MJhCKLVLU7tDCZJAuqiqWqTGtotXTcU=
+-----END X509 CERTIFICATE-----
+subject=/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
+issuer= /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
+notBefore=941109235417Z
+notAfter =991231235417Z
+-----BEGIN X509 CERTIFICATE-----
+
+MIICKTCCAZYCBQJBAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMSAw
+HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjEuMCwGA1UECxMlU2VjdXJl
+IFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NDExMDkyMzU0MTda
+Fw05OTEyMzEyMzU0MTdaMF8xCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0EgRGF0
+YSBTZWN1cml0eSwgSW5jLjEuMCwGA1UECxMlU2VjdXJlIFNlcnZlciBDZXJ0aWZp
+Y2F0aW9uIEF1dGhvcml0eTCBmzANBgkqhkiG9w0BAQEFAAOBiQAwgYUCfgCSznrB
+roM+WqqJg1esJQF2DK2ujiw3zus1eGRUA+WEQFHJv48I4oqCCNIWhjdV6bEhAq12
+aIGaBaJLyUslZiJWbIgHj/eBWW2EB2VwE3F2Ppt3TONQiVaYSLkdpykaEy5KEVmc
+HhXVSVQsczppgrGXOZxtcGdI5d0t1sgeewIDAQABMA0GCSqGSIb3DQEBAgUAA34A
+iNHReSHO4ovo+MF9NFM/YYPZtgs4F7boviGNjwC4i1N+RGceIr2XJ+CchcxK9oU7
+suK+ktPlDemvXA4MRpX/oRxePug2WHpzpgr4IhFrwwk4fia7c+8AvQKk8xQNMD9h
+cHsg/jKjn7P0Z1LctO6EjJY2IN6BCINxIYoPnqk=
+-----END X509 CERTIFICATE-----
+subject=/C=ZA/SP=Western Cape/L=Cape Town/O=Thawte Consulting cc
+ /OU=Certification Services Division/CN=Thawte Server CA
+ /Email=server-certs@thawte.com
+issuer= /C=ZA/SP=Western Cape/L=Cape Town/O=Thawte Consulting cc
+ /OU=Certification Services Division/CN=Thawte Server CA
+ /Email=server-certs@thawte.com
+-----BEGIN CERTIFICATE-----
+MIIC+TCCAmICAQAwDQYJKoZIhvcNAQEEBQAwgcQxCzAJBgNVBAYTAlpBMRUwEwYD
+VQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMU
+VGhhd3RlIENvbnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2Vy
+dmljZXMgRGl2aXNpb24xGTAXBgNVBAMTEFRoYXd0ZSBTZXJ2ZXIgQ0ExJjAkBgkq
+hkiG9w0BCQEWF3NlcnZlci1jZXJ0c0B0aGF3dGUuY29tMB4XDTk2MDcyNzE4MDc1
+N1oXDTk4MDcyNzE4MDc1N1owgcQxCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0
+ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMUVGhhd3RlIENv
+bnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2VydmljZXMgRGl2
+aXNpb24xGTAXBgNVBAMTEFRoYXd0ZSBTZXJ2ZXIgQ0ExJjAkBgkqhkiG9w0BCQEW
+F3NlcnZlci1jZXJ0c0B0aGF3dGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB
+iQKBgQDTpFBuyP9Wa+bPXbbqDGh1R6KqwtqEJfyo9EdR2oW1IHSUhh4PdcnpCGH1
+Bm0wbhUZAulSwGLbTZme4moMRDjN/r7jZAlwxf6xaym2L0nIO9QnBCUQly/nkG3A
+KEKZ10xD3sP1IW1Un13DWOHA5NlbsLjctHvfNjrCtWYiEtaHDQIDAQABMA0GCSqG
+SIb3DQEBBAUAA4GBAIsvn7ifX3RUIrvYXtpI4DOfARkTogwm6o7OwVdl93yFhDcX
+7h5t0XZ11MUAMziKdde3rmTvzUYIUCYoY5b032IwGMTvdiclK+STN6NP2m5nvFAM
+qJT5gC5O+j/jBuZRQ4i0AMYQr5F4lT8oBJnhgafw6PL8aDY2vMHGSPl9+7uf
+-----END CERTIFICATE-----
+
+-----BEGIN CERTIFICATE-----
+MIIDDTCCAnYCAQAwDQYJKoZIhvcNAQEEBQAwgc4xCzAJBgNVBAYTAlpBMRUwEwYD
+VQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMU
+VGhhd3RlIENvbnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2Vy
+dmljZXMgRGl2aXNpb24xITAfBgNVBAMTGFRoYXd0ZSBQcmVtaXVtIFNlcnZlciBD
+QTEoMCYGCSqGSIb3DQEJARYZcHJlbWl1bS1zZXJ2ZXJAdGhhd3RlLmNvbTAeFw05
+NjA3MjcxODA3MTRaFw05ODA3MjcxODA3MTRaMIHOMQswCQYDVQQGEwJaQTEVMBMG
+A1UECBMMV2VzdGVybiBDYXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xHTAbBgNVBAoT
+FFRoYXd0ZSBDb25zdWx0aW5nIGNjMSgwJgYDVQQLEx9DZXJ0aWZpY2F0aW9uIFNl
+cnZpY2VzIERpdmlzaW9uMSEwHwYDVQQDExhUaGF3dGUgUHJlbWl1bSBTZXJ2ZXIg
+Q0ExKDAmBgkqhkiG9w0BCQEWGXByZW1pdW0tc2VydmVyQHRoYXd0ZS5jb20wgZ8w
+DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANI2NmqL18JbntqBQWKPOO5JBFXW0O8c
+G5UWR+8YSDU6UvQragaPOy/qVuOvho2eF/eetGV1Ak3vywmiIVHYm9Bn0LoNkgYU
+c9STy5cqAJxcTgy8+hVS/PJEbtoRSm4Iny8t4/mqOoZztkZTWMiJBb2DEbhzP6oH
+jfRCTedAnRw3AgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAutFIgTRZVYerIZfL9lvR
+w9Eifvvo5KTZ3h+Bj+VzNnyw4Qc/IyXkPOu6SIiH9LQ3sCmWBdxpe+qr4l77rLj2
+GYuMtESFfn1XVALzkYgC7JcPuTOjMfIiMByt+uFf8AV8x0IW/Qkuv+hEQcyM9vxK
+3VZdLbCVIhNoEsysrxCpxcI=
+-----END CERTIFICATE-----
+Tims test GCI CA
+
+-----BEGIN CERTIFICATE-----
+MIIB8DCCAZoCAQAwDQYJKoZIhvcNAQEEBQAwgYIxCzAJBgNVBAYTAkFVMRMwEQYD
+VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5
+cHRTb2Z0IFB0eSBMdGQxFDASBgNVBAsTC2RldmVsb3BtZW50MRkwFwYDVQQDExBD
+cnlwdFNvZnQgRGV2IENBMB4XDTk3MDMyMjEzMzQwNFoXDTk4MDMyMjEzMzQwNFow
+gYIxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhC
+cmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxFDASBgNVBAsTC2Rl
+dmVsb3BtZW50MRkwFwYDVQQDExBDcnlwdFNvZnQgRGV2IENBMFwwDQYJKoZIhvcN
+AQEBBQADSwAwSAJBAOAOAqogG5QwAmLhzyO4CoRnx/wVy4NZP4dxJy83O1EnL0rw
+OdsamJKvPOLHgSXo3gDu9uVyvCf/QJmZAmC5ml8CAwEAATANBgkqhkiG9w0BAQQF
+AANBADRRS/GVdd7rAqRW6SdmgLJduOU2yq3avBu99kRqbp9A/dLu6r6jU+eP4oOA
+TfdbFZtAAD2Hx9jUtY3tfdrJOb8=
+-----END CERTIFICATE-----
+
+-----BEGIN CERTIFICATE-----
+MIICVjCCAgACAQAwDQYJKoZIhvcNAQEEBQAwgbUxCzAJBgNVBAYTAkFVMRMwEQYD
+VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5
+cHRTb2Z0IFB0eSBMdGQxLDAqBgNVBAsTI1dPUlRITEVTUyBDRVJUSUZJQ0FUSU9O
+IEFVVEhPUklUSUVTMTQwMgYDVQQDEytaRVJPIFZBTFVFIENBIC0gREVNT05TVFJB
+VElPTiBQVVJQT1NFUyBPTkxZMB4XDTk3MDQwMzEzMjI1NFoXDTk4MDQwMzEzMjI1
+NFowgbUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQH
+EwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxLDAqBgNVBAsT
+I1dPUlRITEVTUyBDRVJUSUZJQ0FUSU9OIEFVVEhPUklUSUVTMTQwMgYDVQQDEyta
+RVJPIFZBTFVFIENBIC0gREVNT05TVFJBVElPTiBQVVJQT1NFUyBPTkxZMFwwDQYJ
+KoZIhvcNAQEBBQADSwAwSAJBAOZ7T7yqP/tyspcko3yPY1y0Cm2EmwNvzW4QgVXR
+Fjs3HmJ4xtSpXdo6mwcGezL3Abt/aQXaxv9PU8xt+Jr0OFUCAwEAATANBgkqhkiG
+9w0BAQQFAANBAOQpYmGgyCqCy1OljgJhCqQOu627oVlHzK1L+t9vBaMfn40AVUR4
+WzQVWO31KTgi5vTK1U+3h46fgUWqQ0h+6rU=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIAwgKADAgECAgEAMA0GCSqGSIb3DQEBBAUAMGIxETAPBgNVBAcTCEludGVybmV0
+MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xh
+c3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjAeFw05NjA0MDgxMDIwMjda
+Fw05NzA0MDgxMDIwMjdaMGIxETAPBgNVBAcTCEludGVybmV0MRcwFQYDVQQKEw5W
+ZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xhc3MgMSBDQSAtIElu
+ZGl2aWR1YWwgU3Vic2NyaWJlcjCAMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2
+FKbPTdAFDdjKI9BvqrQpkmOOLPhvltcunXZLEbE2jVfJw/0cxrr+Hgi6M8qV6r7j
+W80GqLd5HUQq7XPysVKDaBBwZJHXPmv5912dFEObbpdFmIFH0S3L3bty10w/cari
+QPJUObwW7s987LrbP2wqsxaxhhKdrpM01bjV0Pc+qQIDAQABAAAAADANBgkqhkiG
+9w0BAQQFAAOBgQA+1nJryNt8VBRjRr07ArDAV/3jAH7GjDc9jsrxZS68ost9v06C
+TvTNKGL+LISNmFLXl+JXhgGB0JZ9fvyYzNgHQ46HBUng1H6voalfJgS2KdEo50wW
+8EFZYMDkT1k4uynwJqkVN2QJK/2q4/A/VCov5h6SlM8Affg2W+1TLqvqkwAA
+-----END CERTIFICATE-----
+
+ subject=/L=Internet/O=VeriSign, Inc./OU=VeriSign Class 2 CA - Individual Subscriber
+ issuer= /L=Internet/O=VeriSign, Inc./OU=VeriSign Class 2 CA - Individual Subscriber
+
+-----BEGIN CERTIFICATE-----
+MIIEkzCCA/ygAwIBAgIRANDTUpSRL3nTFeMrMayFSPAwDQYJKoZIhvcNAQECBQAw
+YjERMA8GA1UEBxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQw
+MgYDVQQLEytWZXJpU2lnbiBDbGFzcyAyIENBIC0gSW5kaXZpZHVhbCBTdWJzY3Jp
+YmVyMB4XDTk2MDYwNDAwMDAwMFoXDTk4MDYwNDIzNTk1OVowYjERMA8GA1UEBxMI
+SW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytWZXJp
+U2lnbiBDbGFzcyAyIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyMIGfMA0GCSqG
+SIb3DQEBAQUAA4GNADCBiQKBgQC6A+2czKGRcYMfm8gdnk+0de99TDDzsqo0v5nb
+RsbUmMcdRQ7nsMbRWe0SAb/9QoLTZ/cJ0iOBqdrkz7UpqqKarVoTSdlSMVM92tWp
+3bJncZHQD1t4xd6lQVdI1/T6R+5J0T1ukOdsI9Jmf+F28S6g3R3L1SFwiHKeZKZv
+z+793wIDAQABo4ICRzCCAkMwggIpBgNVHQMBAf8EggIdMIICGTCCAhUwggIRBgtg
+hkgBhvhFAQcBATCCAgAWggGrVGhpcyBjZXJ0aWZpY2F0ZSBpbmNvcnBvcmF0ZXMg
+YnkgcmVmZXJlbmNlLCBhbmQgaXRzIHVzZSBpcyBzdHJpY3RseSBzdWJqZWN0IHRv
+LCB0aGUgVmVyaVNpZ24gQ2VydGlmaWNhdGlvbiBQcmFjdGljZSBTdGF0ZW1lbnQg
+KENQUyksIGF2YWlsYWJsZSBhdDogaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL0NQ
+Uy0xLjA7IGJ5IEUtbWFpbCBhdCBDUFMtcmVxdWVzdHNAdmVyaXNpZ24uY29tOyBv
+ciBieSBtYWlsIGF0IFZlcmlTaWduLCBJbmMuLCAyNTkzIENvYXN0IEF2ZS4sIE1v
+dW50YWluIFZpZXcsIENBIDk0MDQzIFVTQSBUZWwuICsxICg0MTUpIDk2MS04ODMw
+IENvcHlyaWdodCAoYykgMTk5NiBWZXJpU2lnbiwgSW5jLiAgQWxsIFJpZ2h0cyBS
+ZXNlcnZlZC4gQ0VSVEFJTiBXQVJSQU5USUVTIERJU0NMQUlNRUQgYW5kIExJQUJJ
+TElUWSBMSU1JVEVELqAOBgxghkgBhvhFAQcBAQGhDgYMYIZIAYb4RQEHAQECMC8w
+LRYraHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JlcG9zaXRvcnkvQ1BTLTEuMDAU
+BglghkgBhvhCAQEBAf8EBAMCAgQwDQYJKoZIhvcNAQECBQADgYEApRJRkNBqLLgs
+53IR/d18ODdLOWMTZ+QOOxBrq460iBEdUwgF8vmPRX1ku7UiDeNzaLlurE6eFqHq
+2zPyK5j60zfTLVJMWKcQWwTJLjHtXrW8pxhNtFc6Fdvy5ZkHnC/9NIl7/t4U6WqB
+p4y+p7SdMIkEwIZfds0VbnQyX5MRUJY=
+-----END CERTIFICATE-----
+
+ subject=/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
+ issuer= /C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
+-----BEGIN CERTIFICATE-----
+MIICMTCCAZoCBQKhAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcw
+FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMg
+UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NjAxMjkwMDAwMDBa
+Fw05OTEyMzEyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2ln
+biwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZp
+Y2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAyVxZ
+nvIbigEUtBDfBEDb41evakVAj4QMC9Ez2dkRz+4CWB8l9yqoRAWq7AMfeH+ek7ma
+AKojfdashaJjRcdyJ8z0TMZ1cdI5709C8HXfCpDGjiBvmA/4rCNfcCk2pMmG57Ga
+IMtTpYXnPb59mv4kRTPcdhXtD6JxZExlLoFoRacCAwEAATANBgkqhkiG9w0BAQIF
+AAOBgQB1Zmw+0c2B27X4LzZRtvdCvM1Cr9wO+hVs+GeTVzrrtpLotgHKjLeOQ7RJ
+Zfk+7r11Ri7J/CVdqMcvi5uPaM+0nJcYwE3vH9mvgrPmZLiEXIqaB1JDYft0nls6
+NvxMsvwaPxUupVs8G5DsiCnkWRb5zget7Ond2tIxik/W2O8XjQ==
+-----END CERTIFICATE-----
+ subject=/C=US/O=VeriSign, Inc./OU=Class 4 Public Primary Certification Authority
+ issuer= /C=US/O=VeriSign, Inc./OU=Class 4 Public Primary Certification Authority
+-----BEGIN CERTIFICATE-----
+MIICMTCCAZoCBQKmAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcw
+FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgNCBQdWJsaWMg
+UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NjAxMjkwMDAwMDBa
+Fw05OTEyMzEyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2ln
+biwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgNCBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZp
+Y2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0LJ1
+9njQrlpQ9OlQqZ+M1++RlHDo0iSQdomF1t+s5gEXMoDwnZNHvJplnR+Xrr/phnVj
+IIm9gFidBAydqMEk6QvlMXi9/C0MN2qeeIDpRnX57aP7E3vIwUzSo+/1PLBij0pd
+O92VZ48TucE81qcmm+zDO3rZTbxtm+gVAePwR6kCAwEAATANBgkqhkiG9w0BAQIF
+AAOBgQBT3dPwnCR+QKri/AAa19oM/DJhuBUNlvP6Vxt/M3yv6ZiaYch6s7f/sdyZ
+g9ysEvxwyR84Qu1E9oAuW2szaayc01znX1oYx7EteQSWQZGZQbE8DbqEOcY7l/Am
+yY7uvcxClf8exwI/VAx49byqYHwCaejcrOICdmHEPgPq0ook0Q==
+-----END CERTIFICATE-----
diff --git a/src/lib/libssl/src/apps/server.srl b/src/lib/libssl/src/apps/server.srl
new file mode 100644
index 0000000000..8a0f05e166
--- /dev/null
+++ b/src/lib/libssl/src/apps/server.srl
@@ -0,0 +1 @@
+01
diff --git a/src/lib/libssl/src/apps/server2.pem b/src/lib/libssl/src/apps/server2.pem
new file mode 100644
index 0000000000..8bb664194e
--- /dev/null
+++ b/src/lib/libssl/src/apps/server2.pem
@@ -0,0 +1,376 @@
+issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
+subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Server test cert (1024 bit)
+-----BEGIN CERTIFICATE-----
+MIICLjCCAZcCAQEwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV
+BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYD
+VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNOTcwNjA5MTM1NzU0WhcNOTgwNjA5
+MTM1NzU0WjBkMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG
+A1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxJDAiBgNVBAMTG1NlcnZlciB0ZXN0IGNl
+cnQgKDEwMjQgYml0KTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAsxH1PBPm
+RkxrR11eV4bzNi4N9n11CI8nV29+ARlT1+qDe/mjVUvXlmsr1v/vf71G9GgqopSa
+6RXrICLVdk/FYYYzhPvl1M+OrjaXDFO8BzBAF1Lnz6c7aRZvGRJNrRSr2nZEkqDf
+JW9dY7r2VZEpD5QeuaRYUnuECkqeieB65GMCAwEAATANBgkqhkiG9w0BAQQFAAOB
+gQCWsOta6C0wiVzXz8wPmJKyTrurMlgUss2iSuW9366iwofZddsNg7FXniMzkIf6
+dp7jnmWZwKZ9cXsNUS2o4OL07qOk2HOywC0YsNZQsOBu1CBTYYkIefDiKFL1zQHh
+8lwwNd4NP+OE3NzUNkCfh4DnFfg9WHkXUlD5UpxNRJ4gJA==
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIICXgIBAAKBgQCzEfU8E+ZGTGtHXV5XhvM2Lg32fXUIjydXb34BGVPX6oN7+aNV
+S9eWayvW/+9/vUb0aCqilJrpFesgItV2T8VhhjOE++XUz46uNpcMU7wHMEAXUufP
+pztpFm8ZEk2tFKvadkSSoN8lb11juvZVkSkPlB65pFhSe4QKSp6J4HrkYwIDAQAB
+AoGBAKy8jvb0Lzby8q11yNLf7+78wCVdYi7ugMHcYA1JVFK8+zb1WfSm44FLQo/0
+dSChAjgz36TTexeLODPYxleJndjVcOMVzsLJjSM8dLpXsTS4FCeMbhw2s2u+xqKY
+bbPWfk+HOTyJjfnkcC5Nbg44eOmruq0gSmBeUXVM5UntlTnxAkEA7TGCA3h7kx5E
+Bl4zl2pc3gPAGt+dyfk5Po9mGJUUXhF5p2zueGmYWW74TmOWB1kzt4QRdYMzFePq
+zfDNXEa1CwJBAMFErdY0xp0UJ13WwBbUTk8rujqQdHtjw0klhpbuKkjxu2hN0wwM
+6p0D9qxF7JHaghqVRI0fAW/EE0OzdHMR9QkCQQDNR26dMFXKsoPu+vItljj/UEGf
+QG7gERiQ4yxaFBPHgdpGo0kT31eh9x9hQGDkxTe0GNG/YSgCRvm8+C3TMcKXAkBD
+dhGn36wkUFCddMSAM4NSJ1VN8/Z0y5HzCmI8dM3VwGtGMUQlxKxwOl30LEQzdS5M
+0SWojNYXiT2gOBfBwtbhAkEAhafl5QEOIgUz+XazS/IlZ8goNKdDVfYgK3mHHjvv
+nY5G+AuGebdNkXJr4KSWxDcN+C2i47zuj4QXA16MAOandA==
+-----END RSA PRIVATE KEY-----
+subject=/C=US/O=AT&T Bell Laboratories/OU=Prototype Research CA
+issuer= /C=US/O=AT&T Bell Laboratories/OU=Prototype Research CA
+notBefore=950413210656Z
+notAfter =970412210656Z
+-----BEGIN X509 CERTIFICATE-----
+
+MIICCDCCAXECAQAwDQYJKoZIhvcNAQEEBQAwTjELMAkGA1UEBhMCVVMxHzAdBgNV
+BAoUFkFUJlQgQmVsbCBMYWJvcmF0b3JpZXMxHjAcBgNVBAsUFVByb3RvdHlwZSBS
+ZXNlYXJjaCBDQTAeFw05NTA0MTMyMTA2NTZaFw05NzA0MTIyMTA2NTZaME4xCzAJ
+BgNVBAYTAlVTMR8wHQYDVQQKFBZBVCZUIEJlbGwgTGFib3JhdG9yaWVzMR4wHAYD
+VQQLFBVQcm90b3R5cGUgUmVzZWFyY2ggQ0EwgZwwDQYJKoZIhvcNAQEBBQADgYoA
+MIGGAoGAebOmgtSCl+wCYZc86UGYeTLY8cjmW2P0FN8ToT/u2pECCoFdrlycX0OR
+3wt0ZhpFXLVNeDnHwEE9veNUih7pCL2ZBFqoIoQkB1lZmXRiVtjGonz8BLm/qrFM
+YHb0lme/Ol+s118mwKVxnn6bSAeI/OXKhLaVdYZWk+aEaxEDkVkCAQ8wDQYJKoZI
+hvcNAQEEBQADgYEAAZMG14lZmZ8bahkaHaTV9dQf4p2FZiQTFwHP9ZyGsXPC+LT5
+dG5iTaRmyjNIJdPWohZDl97kAci79aBndvuEvRKOjLHs3WRGBIwERnAcnY9Mz8u/
+zIHK23PjYVxGGaZd669OJwD0CYyqH22HH9nFUGaoJdsv39ChW0NRdLE9+y8=
+-----END X509 CERTIFICATE-----
+issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
+subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
+-----BEGIN CERTIFICATE-----
+MIICJjCCAY8CAQAwDQYJKoZIhvcNAQEEBQAwXDELMAkGA1UEBhMCQVUxEzARBgNV
+BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYD
+VQQDExNUZXN0IFBDQSAoMTAyNCBiaXQpMB4XDTk3MDYwOTEzNTc0M1oXDTAxMDYw
+OTEzNTc0M1owWzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxGjAY
+BgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYDVQQDExJUZXN0IENBICgxMDI0
+IGJpdCkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKO7o8t116VP6cgybTsZ
+DCZhr95nYlZuya3aCi1IKoztqwWnjbmDFIriOqGFPrZQ+moMETC9D59iRW/dFXSv
+1F65ka/XY2hLh9exCCo7XuUcDs53Qp3bI3AmMqHjgzE8oO3ajyJAzJkTTOUecQU2
+mw/gI4tMM0LqWMQS7luTy4+xAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAM7achv3v
+hLQJcv/65eGEpBXM40ZDVoFQFFJWaY5p883HTqLB1x4FdzsXHH0QKBTcKpWwqyu4
+YDm3fb8oDugw72bCzfyZK/zVZPR/hVlqI/fvU109Qoc+7oPvIXWky71HfcK6ZBCA
+q30KIqGM/uoM60INq97qjDmCJapagcNBGQs=
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQCju6PLddelT+nIMm07GQwmYa/eZ2JWbsmt2gotSCqM7asFp425
+gxSK4jqhhT62UPpqDBEwvQ+fYkVv3RV0r9ReuZGv12NoS4fXsQgqO17lHA7Od0Kd
+2yNwJjKh44MxPKDt2o8iQMyZE0zlHnEFNpsP4COLTDNC6ljEEu5bk8uPsQIDAQAB
+AoGAVZmpFZsDZfr0l2S9tLLwpjRWNOlKATQkno6q2WesT0eGLQufTciY+c8ypfU6
+hyio8r5iUl/VhhdjhAtKx1mRpiotftHo/eYf8rtsrnprOnWG0bWjLjtIoMbcxGn2
+J3bN6LJmbJMjDs0eJ3KnTu646F3nDUw2oGAwmpzKXA1KAP0CQQDRvQhxk2D3Pehs
+HvG665u2pB5ipYQngEFlZO7RHJZzJOZEWSLuuMqaF/7pTfA5jiBvWqCgJeCRRInL
+21ru4dlPAkEAx9jj7BgKn5TYnMoBSSe0afjsV9oApVpN1Nacb1YDtCwy+scp3++s
+nFxlv98wxIlSdpwMUn+AUWfjiWR7Tu/G/wJBAJ/KjwZIrFVxewP0x2ILYsTRYLzz
+MS4PDsO7FB+I0i7DbBOifXS2oNSpd3I0CNMwrxFnUHzynpbOStVfN3ZL5w0CQQCa
+pwFahxBRhkJKsxhjoFJBX9yl75JoY4Wvm5Tbo9ih6UJaRx3kqfkN14L2BKYcsZgb
+KY9vmDOYy6iNfjDeWTfJAkBkfPUb8oTJ/nSP5zN6sqGxSY4krc4xLxpRmxoJ8HL2
+XfhqXkTzbU13RX9JJ/NZ8vQN9Vm2NhxRGJocQkmcdVtJ
+-----END RSA PRIVATE KEY-----
+-----BEGIN X509 CERTIFICATE-----
+MIICYDCCAiACAgEoMAkGBSsOAwINBQAwfDELMAkGA1UEBhMCVVMxNjA0BgNVBAoT
+LU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFuZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEZ
+MBcGA1UECxMQVGVzdCBFbnZpcm9ubWVudDEaMBgGA1UECxMRRFNTLU5BU0EtUGls
+b3QtQ0EwHhcNOTYwMjI2MTYzMjQ1WhcNOTcwMjI1MTYzMjQ1WjB8MQswCQYDVQQG
+EwJVUzE2MDQGA1UEChMtTmF0aW9uYWwgQWVyb25hdXRpY3MgYW5kIFNwYWNlIEFk
+bWluaXN0cmF0aW9uMRkwFwYDVQQLExBUZXN0IEVudmlyb25tZW50MRowGAYDVQQL
+ExFEU1MtTkFTQS1QaWxvdC1DQTCB8jAJBgUrDgMCDAUAA4HkADCB4AJBAMA/ssKb
+hPNUG7ZlASfVwEJU21O5OyF/iyBzgHI1O8eOhJGUYO8cc8wDMjR508Mr9cp6Uhl/
+ZB7FV5GkLNEnRHYCQQDUEaSg45P2qrDwixTRhFhmWz5Nvc4lRFQ/42XPcchiJBLb
+bn3QK74T2IxY1yY+kCNq8XrIqf5fJJzIH0J/xUP3AhUAsg2wsQHfDGYk/BOSulX3
+fVd0geUCQQCzCFUQAh+ZkEmp5804cs6ZWBhrUAfnra8lJItYo9xPcXgdIfLfibcX
+R71UsyO77MRD7B0+Ag2tq794IleCVcEEMAkGBSsOAwINBQADLwAwLAIUUayDfreR
+Yh2WeU86/pHNdkUC1IgCFEfxe1f0oMpxJyrJ5XIxTi7vGdoK
+-----END X509 CERTIFICATE-----
+-----BEGIN X509 CERTIFICATE-----
+
+MIICGTCCAdgCAwCqTDAJBgUrDgMCDQUAMHwxCzAJBgNVBAYTAlVTMTYwNAYDVQQK
+Ey1OYXRpb25hbCBBZXJvbmF1dGljcyBhbmQgU3BhY2UgQWRtaW5pc3RyYXRpb24x
+GTAXBgNVBAsTEFRlc3QgRW52aXJvbm1lbnQxGjAYBgNVBAsTEURTUy1OQVNBLVBp
+bG90LUNBMB4XDTk2MDUxNDE3MDE0MVoXDTk3MDUxNDE3MDE0MVowMzELMAkGA1UE
+BhMCQVUxDzANBgNVBAoTBk1pbmNvbTETMBEGA1UEAxMKRXJpYyBZb3VuZzCB8jAJ
+BgUrDgMCDAUAA4HkADCB4AJBAKbfHz6vE6pXXMTpswtGUec2tvnfLJUsoxE9qs4+
+ObZX7LmLvragNPUeiTJx7UOWZ5DfBj6bXLc8eYne0lP1g3ACQQDUEaSg45P2qrDw
+ixTRhFhmWz5Nvc4lRFQ/42XPcchiJBLbbn3QK74T2IxY1yY+kCNq8XrIqf5fJJzI
+H0J/xUP3AhUAsg2wsQHfDGYk/BOSulX3fVd0geUCQQCzCFUQAh+ZkEmp5804cs6Z
+WBhrUAfnra8lJItYo9xPcXgdIfLfibcXR71UsyO77MRD7B0+Ag2tq794IleCVcEE
+MAkGBSsOAwINBQADMAAwLQIUWsuuJRE3VT4ueWkWMAJMJaZjj1ECFQCYY0zX4bzM
+LC7obsrHD8XAHG+ZRG==
+-----END X509 CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICTTCCAbagAwIBAgIBADANBgkqhkiG9w0BAQQFADBMMQswCQYDVQQGEwJHQjEM
+MAoGA1UEChMDVUNMMRgwFgYDVQQLEw9JQ0UtVEVMIFByb2plY3QxFTATBgNVBAMT
+DFRydXN0RmFjdG9yeTAeFw05NzA0MjIxNDM5MTRaFw05ODA0MjIxNDM5MTRaMEwx
+CzAJBgNVBAYTAkdCMQwwCgYDVQQKEwNVQ0wxGDAWBgNVBAsTD0lDRS1URUwgUHJv
+amVjdDEVMBMGA1UEAxMMVHJ1c3RGYWN0b3J5MIGcMAoGBFUIAQECAgQAA4GNADCB
+iQKBgQCEieR8NcXkUW1f0G6aC6u0i8q/98JqS6RxK5YmHIGKCkuTWAUjzLfUa4dt
+U9igGCjTuxaDqlzEim+t/02pmiBZT9HaX++35MjQPUWmsChcYU5WyzGErXi+rQaw
+zlwS73zM8qiPj/97lXYycWhgL0VaiDSPxRXEUdWoaGruom4mNQIDAQABo0IwQDAd
+BgNVHQ4EFgQUHal1LZr7oVg5z6lYzrhTgZRCmcUwDgYDVR0PAQH/BAQDAgH2MA8G
+A1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAfaggfl6FZoioecjv0dq8
+/DXo/u11iMZvXn08gjX/zl2b4wtPbShOSY5FhkSm8GeySasz+/Nwb/uzfnIhokWi
+lfPZHtlCWtXbIy/TN51eJyq04ceDCQDWvLC2enVg9KB+GJ34b5c5VaPRzq8MBxsA
+S7ELuYGtmYgYm9NZOIr7yU0=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIB6jCCAZQCAgEtMA0GCSqGSIb3DQEBBAUAMIGAMQswCQYDVQQGEwJVUzE2MDQG
+A1UEChMtTmF0aW9uYWwgQWVyb25hdXRpY3MgYW5kIFNwYWNlIEFkbWluaXN0cmF0
+aW9uMRkwFwYDVQQLExBUZXN0IEVudmlyb25tZW50MR4wHAYDVQQLExVNRDUtUlNB
+LU5BU0EtUGlsb3QtQ0EwHhcNOTYwNDMwMjIwNTAwWhcNOTcwNDMwMjIwNTAwWjCB
+gDELMAkGA1UEBhMCVVMxNjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFu
+ZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEZMBcGA1UECxMQVGVzdCBFbnZpcm9ubWVu
+dDEeMBwGA1UECxMVTUQ1LVJTQS1OQVNBLVBpbG90LUNBMFkwCgYEVQgBAQICAgAD
+SwAwSAJBALmmX5+GqAvcrWK13rfDrNX9UfeA7f+ijyBgeFQjYUoDpFqapw4nzQBL
+bAXug8pKkRwa2Zh8YODhXsRWu2F/UckCAwEAATANBgkqhkiG9w0BAQQFAANBAH9a
+OBA+QCsjxXgnSqHx04gcU8S49DVUb1f2XVoLnHlIb8RnX0k5O6mpHT5eti9bLkiW
+GJNMJ4L0AJ/ac+SmHZc=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICajCCAdMCBDGA0QUwDQYJKoZIhvcNAQEEBQAwfTELMAkGA1UEBhMCQ2ExDzAN
+BgNVBAcTBk5lcGVhbjEeMBwGA1UECxMVTm8gTGlhYmlsaXR5IEFjY2VwdGVkMR8w
+HQYDVQQKExZGb3IgRGVtbyBQdXJwb3NlcyBPbmx5MRwwGgYDVQQDExNFbnRydXN0
+IERlbW8gV2ViIENBMB4XDTk2MDQyNjEzMzUwMVoXDTA2MDQyNjEzMzUwMVowfTEL
+MAkGA1UEBhMCQ2ExDzANBgNVBAcTBk5lcGVhbjEeMBwGA1UECxMVTm8gTGlhYmls
+aXR5IEFjY2VwdGVkMR8wHQYDVQQKExZGb3IgRGVtbyBQdXJwb3NlcyBPbmx5MRww
+GgYDVQQDExNFbnRydXN0IERlbW8gV2ViIENBMIGdMA0GCSqGSIb3DQEBAQUAA4GL
+ADCBhwKBgQCaroS7O1DA0hm4IefNYU1cx/nqOmzEnk291d1XqznDeF4wEgakbkCc
+zTKxK791yNpXG5RmngqH7cygDRTHZJ6mfCRn0wGC+AI00F2vYTGqPGRQL1N3lZT0
+YDKFC0SQeMMjFIZ1aeQigroFQnHo0VB3zWIMpNkka8PY9lxHZAmWwQIBAzANBgkq
+hkiG9w0BAQQFAAOBgQBAx0UMVA1s54lMQyXjMX5kj99FJN5itb8bK1Rk+cegPQPF
+cWO9SEWyEjjBjIkjjzAwBkaEszFsNGxemxtXvwjIm1xEUMTVlPEWTs2qnDvAUA9W
+YqhWbhH0toGT36236QAsqCZ76rbTRVSSX2BHyJwJMG2tCRv7kRJ//NIgxj3H4w==
+-----END CERTIFICATE-----
+
+issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
+subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
+-----BEGIN CERTIFICATE-----
+MIICJzCCAZACAQAwDQYJKoZIhvcNAQEEBQAwXDELMAkGA1UEBhMCQVUxEzARBgNV
+BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYD
+VQQDExNUZXN0IFBDQSAoMTAyNCBiaXQpMB4XDTk3MDYwOTEzNTczN1oXDTAxMDYw
+OTEzNTczN1owXDELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxGjAY
+BgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYDVQQDExNUZXN0IFBDQSAoMTAy
+NCBiaXQpMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCdoWk/3+WcMlfjIrkg
+40ketmnQaEogQe1LLcuOJV6rKfUSAsPgwgsabJ/wn8TxA1yy3eKJbFl3OiUXMRsp
+22Jp85PmemiDzyUIStwk72qhp1imbANZvlmlCFKiQrjUyuDfu4TABmn+kkt3vR1Y
+BEOGt+IFye1UBVSATVdRJ2UVhwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBABNA1u/S
+Cg/LJZWb7GliiKJsvuhxlE4E5JxQF2zMub/CSNbF97//tYSyj96sxeFQxZXbcjm9
+xt6mr/xNLA4szNQMJ4P+L7b5e/jC5DSqlwS+CUYJgaFs/SP+qJoCSu1bR3IM9XWO
+cRBpDmcBbYLkSyB92WURvsZ1LtjEcn+cdQVI
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQCdoWk/3+WcMlfjIrkg40ketmnQaEogQe1LLcuOJV6rKfUSAsPg
+wgsabJ/wn8TxA1yy3eKJbFl3OiUXMRsp22Jp85PmemiDzyUIStwk72qhp1imbANZ
+vlmlCFKiQrjUyuDfu4TABmn+kkt3vR1YBEOGt+IFye1UBVSATVdRJ2UVhwIDAQAB
+AoGAba4fTtuap5l7/8ZsbE7Z1O32KJY4ZcOZukLOLUUhXxXduT+FTgGWujc0/rgc
+z9qYCLlNZHOouMYTgtSfYvuMuLZ11VIt0GYH+nRioLShE59Yy+zCRyC+gPigS1kz
+xvo14AsOIPYV14Tk/SsHyq6E0eTk7VzaIE197giiINUERPECQQDSKmtPTh/lRKw7
+HSZSM0I1mFWn/1zqrAbontRQY5w98QWIOe5qmzYyFbPXYT3d9BzlsMyhgiRNoBbD
+yvohSHXJAkEAwAHx6ezAZeWWzD5yXD36nyjpkVCw7Tk7TSmOceLJMWt1QcrCfqlS
+xA5jjpQ6Z8suU5DdtWAryM2sAir1WisYzwJAd6Zcx56jvAQ3xcPXsE6scBTVFzrj
+7FqZ6E+cclPzfLQ+QQsyOBE7bpI6e/FJppY26XGZXo3YGzV8IGXrt40oOQJALETG
+h86EFXo3qGOFbmsDy4pdP5nBERCu8X1xUCSfintiD4c2DInxgS5oGclnJeMcjTvL
+QjQoJCX3UJCi/OUO1QJBAKgcDHWjMvt+l1pjJBsSEZ0HX9AAIIVx0RQmbFGS+F2Q
+hhu5l77WnnZOQ9vvhV5u7NPCUF9nhU3jh60qWWO8mkc=
+-----END RSA PRIVATE KEY-----
+subject=/C=US/O=RSA Data Security, Inc./OU=Commercial Certification Authority
+issuer= /C=US/O=RSA Data Security, Inc./OU=Commercial Certification Authority
+notBefore=941104185834Z
+notAfter =991103185834Z
+-----BEGIN X509 CERTIFICATE-----
+
+MIICIzCCAZACBQJBAAAWMA0GCSqGSIb3DQEBAgUAMFwxCzAJBgNVBAYTAlVTMSAw
+HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVy
+Y2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NDExMDQxODU4MzRaFw05
+OTExMDMxODU4MzRaMFwxCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0EgRGF0YSBT
+ZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVyY2lhbCBDZXJ0aWZpY2F0aW9u
+IEF1dGhvcml0eTCBmzANBgkqhkiG9w0BAQEFAAOBiQAwgYUCfgCk+4Fie84QJ93o
+975sbsZwmdu41QUDaSiCnHJ/lj+O7Kwpkj+KFPhCdr69XQO5kNTQvAayUTNfxMK/
+touPmbZiImDd298ggrTKoi8tUO2UMt7gVY3UaOLgTNLNBRYulWZcYVI4HlGogqHE
+7yXpCuaLK44xZtn42f29O2nZ6wIDAQABMA0GCSqGSIb3DQEBAgUAA34AdrW2EP4j
+9/dZYkuwX5zBaLxJu7NJbyFHXSudVMQAKD+YufKKg5tgf+tQx6sFEC097TgCwaVI
+0v5loMC86qYjFmZsGySp8+x5NRhPJsjjr1BKx6cxa9B8GJ1Qv6km+iYrRpwUqbtb
+MJhCKLVLU7tDCZJAuqiqWqTGtotXTcU=
+-----END X509 CERTIFICATE-----
+subject=/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
+issuer= /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
+notBefore=941109235417Z
+notAfter =991231235417Z
+-----BEGIN X509 CERTIFICATE-----
+
+MIICKTCCAZYCBQJBAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMSAw
+HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjEuMCwGA1UECxMlU2VjdXJl
+IFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NDExMDkyMzU0MTda
+Fw05OTEyMzEyMzU0MTdaMF8xCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0EgRGF0
+YSBTZWN1cml0eSwgSW5jLjEuMCwGA1UECxMlU2VjdXJlIFNlcnZlciBDZXJ0aWZp
+Y2F0aW9uIEF1dGhvcml0eTCBmzANBgkqhkiG9w0BAQEFAAOBiQAwgYUCfgCSznrB
+roM+WqqJg1esJQF2DK2ujiw3zus1eGRUA+WEQFHJv48I4oqCCNIWhjdV6bEhAq12
+aIGaBaJLyUslZiJWbIgHj/eBWW2EB2VwE3F2Ppt3TONQiVaYSLkdpykaEy5KEVmc
+HhXVSVQsczppgrGXOZxtcGdI5d0t1sgeewIDAQABMA0GCSqGSIb3DQEBAgUAA34A
+iNHReSHO4ovo+MF9NFM/YYPZtgs4F7boviGNjwC4i1N+RGceIr2XJ+CchcxK9oU7
+suK+ktPlDemvXA4MRpX/oRxePug2WHpzpgr4IhFrwwk4fia7c+8AvQKk8xQNMD9h
+cHsg/jKjn7P0Z1LctO6EjJY2IN6BCINxIYoPnqk=
+-----END X509 CERTIFICATE-----
+subject=/C=ZA/SP=Western Cape/L=Cape Town/O=Thawte Consulting cc
+ /OU=Certification Services Division/CN=Thawte Server CA
+ /Email=server-certs@thawte.com
+issuer= /C=ZA/SP=Western Cape/L=Cape Town/O=Thawte Consulting cc
+ /OU=Certification Services Division/CN=Thawte Server CA
+ /Email=server-certs@thawte.com
+-----BEGIN CERTIFICATE-----
+MIIC+TCCAmICAQAwDQYJKoZIhvcNAQEEBQAwgcQxCzAJBgNVBAYTAlpBMRUwEwYD
+VQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMU
+VGhhd3RlIENvbnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2Vy
+dmljZXMgRGl2aXNpb24xGTAXBgNVBAMTEFRoYXd0ZSBTZXJ2ZXIgQ0ExJjAkBgkq
+hkiG9w0BCQEWF3NlcnZlci1jZXJ0c0B0aGF3dGUuY29tMB4XDTk2MDcyNzE4MDc1
+N1oXDTk4MDcyNzE4MDc1N1owgcQxCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0
+ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMUVGhhd3RlIENv
+bnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2VydmljZXMgRGl2
+aXNpb24xGTAXBgNVBAMTEFRoYXd0ZSBTZXJ2ZXIgQ0ExJjAkBgkqhkiG9w0BCQEW
+F3NlcnZlci1jZXJ0c0B0aGF3dGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB
+iQKBgQDTpFBuyP9Wa+bPXbbqDGh1R6KqwtqEJfyo9EdR2oW1IHSUhh4PdcnpCGH1
+Bm0wbhUZAulSwGLbTZme4moMRDjN/r7jZAlwxf6xaym2L0nIO9QnBCUQly/nkG3A
+KEKZ10xD3sP1IW1Un13DWOHA5NlbsLjctHvfNjrCtWYiEtaHDQIDAQABMA0GCSqG
+SIb3DQEBBAUAA4GBAIsvn7ifX3RUIrvYXtpI4DOfARkTogwm6o7OwVdl93yFhDcX
+7h5t0XZ11MUAMziKdde3rmTvzUYIUCYoY5b032IwGMTvdiclK+STN6NP2m5nvFAM
+qJT5gC5O+j/jBuZRQ4i0AMYQr5F4lT8oBJnhgafw6PL8aDY2vMHGSPl9+7uf
+-----END CERTIFICATE-----
+
+-----BEGIN CERTIFICATE-----
+MIIDDTCCAnYCAQAwDQYJKoZIhvcNAQEEBQAwgc4xCzAJBgNVBAYTAlpBMRUwEwYD
+VQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMU
+VGhhd3RlIENvbnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2Vy
+dmljZXMgRGl2aXNpb24xITAfBgNVBAMTGFRoYXd0ZSBQcmVtaXVtIFNlcnZlciBD
+QTEoMCYGCSqGSIb3DQEJARYZcHJlbWl1bS1zZXJ2ZXJAdGhhd3RlLmNvbTAeFw05
+NjA3MjcxODA3MTRaFw05ODA3MjcxODA3MTRaMIHOMQswCQYDVQQGEwJaQTEVMBMG
+A1UECBMMV2VzdGVybiBDYXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xHTAbBgNVBAoT
+FFRoYXd0ZSBDb25zdWx0aW5nIGNjMSgwJgYDVQQLEx9DZXJ0aWZpY2F0aW9uIFNl
+cnZpY2VzIERpdmlzaW9uMSEwHwYDVQQDExhUaGF3dGUgUHJlbWl1bSBTZXJ2ZXIg
+Q0ExKDAmBgkqhkiG9w0BCQEWGXByZW1pdW0tc2VydmVyQHRoYXd0ZS5jb20wgZ8w
+DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANI2NmqL18JbntqBQWKPOO5JBFXW0O8c
+G5UWR+8YSDU6UvQragaPOy/qVuOvho2eF/eetGV1Ak3vywmiIVHYm9Bn0LoNkgYU
+c9STy5cqAJxcTgy8+hVS/PJEbtoRSm4Iny8t4/mqOoZztkZTWMiJBb2DEbhzP6oH
+jfRCTedAnRw3AgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAutFIgTRZVYerIZfL9lvR
+w9Eifvvo5KTZ3h+Bj+VzNnyw4Qc/IyXkPOu6SIiH9LQ3sCmWBdxpe+qr4l77rLj2
+GYuMtESFfn1XVALzkYgC7JcPuTOjMfIiMByt+uFf8AV8x0IW/Qkuv+hEQcyM9vxK
+3VZdLbCVIhNoEsysrxCpxcI=
+-----END CERTIFICATE-----
+Tims test GCI CA
+
+-----BEGIN CERTIFICATE-----
+MIIB8DCCAZoCAQAwDQYJKoZIhvcNAQEEBQAwgYIxCzAJBgNVBAYTAkFVMRMwEQYD
+VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5
+cHRTb2Z0IFB0eSBMdGQxFDASBgNVBAsTC2RldmVsb3BtZW50MRkwFwYDVQQDExBD
+cnlwdFNvZnQgRGV2IENBMB4XDTk3MDMyMjEzMzQwNFoXDTk4MDMyMjEzMzQwNFow
+gYIxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhC
+cmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxFDASBgNVBAsTC2Rl
+dmVsb3BtZW50MRkwFwYDVQQDExBDcnlwdFNvZnQgRGV2IENBMFwwDQYJKoZIhvcN
+AQEBBQADSwAwSAJBAOAOAqogG5QwAmLhzyO4CoRnx/wVy4NZP4dxJy83O1EnL0rw
+OdsamJKvPOLHgSXo3gDu9uVyvCf/QJmZAmC5ml8CAwEAATANBgkqhkiG9w0BAQQF
+AANBADRRS/GVdd7rAqRW6SdmgLJduOU2yq3avBu99kRqbp9A/dLu6r6jU+eP4oOA
+TfdbFZtAAD2Hx9jUtY3tfdrJOb8=
+-----END CERTIFICATE-----
+
+-----BEGIN CERTIFICATE-----
+MIICVjCCAgACAQAwDQYJKoZIhvcNAQEEBQAwgbUxCzAJBgNVBAYTAkFVMRMwEQYD
+VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5
+cHRTb2Z0IFB0eSBMdGQxLDAqBgNVBAsTI1dPUlRITEVTUyBDRVJUSUZJQ0FUSU9O
+IEFVVEhPUklUSUVTMTQwMgYDVQQDEytaRVJPIFZBTFVFIENBIC0gREVNT05TVFJB
+VElPTiBQVVJQT1NFUyBPTkxZMB4XDTk3MDQwMzEzMjI1NFoXDTk4MDQwMzEzMjI1
+NFowgbUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQH
+EwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxLDAqBgNVBAsT
+I1dPUlRITEVTUyBDRVJUSUZJQ0FUSU9OIEFVVEhPUklUSUVTMTQwMgYDVQQDEyta
+RVJPIFZBTFVFIENBIC0gREVNT05TVFJBVElPTiBQVVJQT1NFUyBPTkxZMFwwDQYJ
+KoZIhvcNAQEBBQADSwAwSAJBAOZ7T7yqP/tyspcko3yPY1y0Cm2EmwNvzW4QgVXR
+Fjs3HmJ4xtSpXdo6mwcGezL3Abt/aQXaxv9PU8xt+Jr0OFUCAwEAATANBgkqhkiG
+9w0BAQQFAANBAOQpYmGgyCqCy1OljgJhCqQOu627oVlHzK1L+t9vBaMfn40AVUR4
+WzQVWO31KTgi5vTK1U+3h46fgUWqQ0h+6rU=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIAwgKADAgECAgEAMA0GCSqGSIb3DQEBBAUAMGIxETAPBgNVBAcTCEludGVybmV0
+MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xh
+c3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjAeFw05NjA0MDgxMDIwMjda
+Fw05NzA0MDgxMDIwMjdaMGIxETAPBgNVBAcTCEludGVybmV0MRcwFQYDVQQKEw5W
+ZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xhc3MgMSBDQSAtIElu
+ZGl2aWR1YWwgU3Vic2NyaWJlcjCAMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2
+FKbPTdAFDdjKI9BvqrQpkmOOLPhvltcunXZLEbE2jVfJw/0cxrr+Hgi6M8qV6r7j
+W80GqLd5HUQq7XPysVKDaBBwZJHXPmv5912dFEObbpdFmIFH0S3L3bty10w/cari
+QPJUObwW7s987LrbP2wqsxaxhhKdrpM01bjV0Pc+qQIDAQABAAAAADANBgkqhkiG
+9w0BAQQFAAOBgQA+1nJryNt8VBRjRr07ArDAV/3jAH7GjDc9jsrxZS68ost9v06C
+TvTNKGL+LISNmFLXl+JXhgGB0JZ9fvyYzNgHQ46HBUng1H6voalfJgS2KdEo50wW
+8EFZYMDkT1k4uynwJqkVN2QJK/2q4/A/VCov5h6SlM8Affg2W+1TLqvqkwAA
+-----END CERTIFICATE-----
+
+ subject=/L=Internet/O=VeriSign, Inc./OU=VeriSign Class 2 CA - Individual Subscriber
+ issuer= /L=Internet/O=VeriSign, Inc./OU=VeriSign Class 2 CA - Individual Subscriber
+
+-----BEGIN CERTIFICATE-----
+MIIEkzCCA/ygAwIBAgIRANDTUpSRL3nTFeMrMayFSPAwDQYJKoZIhvcNAQECBQAw
+YjERMA8GA1UEBxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQw
+MgYDVQQLEytWZXJpU2lnbiBDbGFzcyAyIENBIC0gSW5kaXZpZHVhbCBTdWJzY3Jp
+YmVyMB4XDTk2MDYwNDAwMDAwMFoXDTk4MDYwNDIzNTk1OVowYjERMA8GA1UEBxMI
+SW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytWZXJp
+U2lnbiBDbGFzcyAyIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyMIGfMA0GCSqG
+SIb3DQEBAQUAA4GNADCBiQKBgQC6A+2czKGRcYMfm8gdnk+0de99TDDzsqo0v5nb
+RsbUmMcdRQ7nsMbRWe0SAb/9QoLTZ/cJ0iOBqdrkz7UpqqKarVoTSdlSMVM92tWp
+3bJncZHQD1t4xd6lQVdI1/T6R+5J0T1ukOdsI9Jmf+F28S6g3R3L1SFwiHKeZKZv
+z+793wIDAQABo4ICRzCCAkMwggIpBgNVHQMBAf8EggIdMIICGTCCAhUwggIRBgtg
+hkgBhvhFAQcBATCCAgAWggGrVGhpcyBjZXJ0aWZpY2F0ZSBpbmNvcnBvcmF0ZXMg
+YnkgcmVmZXJlbmNlLCBhbmQgaXRzIHVzZSBpcyBzdHJpY3RseSBzdWJqZWN0IHRv
+LCB0aGUgVmVyaVNpZ24gQ2VydGlmaWNhdGlvbiBQcmFjdGljZSBTdGF0ZW1lbnQg
+KENQUyksIGF2YWlsYWJsZSBhdDogaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL0NQ
+Uy0xLjA7IGJ5IEUtbWFpbCBhdCBDUFMtcmVxdWVzdHNAdmVyaXNpZ24uY29tOyBv
+ciBieSBtYWlsIGF0IFZlcmlTaWduLCBJbmMuLCAyNTkzIENvYXN0IEF2ZS4sIE1v
+dW50YWluIFZpZXcsIENBIDk0MDQzIFVTQSBUZWwuICsxICg0MTUpIDk2MS04ODMw
+IENvcHlyaWdodCAoYykgMTk5NiBWZXJpU2lnbiwgSW5jLiAgQWxsIFJpZ2h0cyBS
+ZXNlcnZlZC4gQ0VSVEFJTiBXQVJSQU5USUVTIERJU0NMQUlNRUQgYW5kIExJQUJJ
+TElUWSBMSU1JVEVELqAOBgxghkgBhvhFAQcBAQGhDgYMYIZIAYb4RQEHAQECMC8w
+LRYraHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JlcG9zaXRvcnkvQ1BTLTEuMDAU
+BglghkgBhvhCAQEBAf8EBAMCAgQwDQYJKoZIhvcNAQECBQADgYEApRJRkNBqLLgs
+53IR/d18ODdLOWMTZ+QOOxBrq460iBEdUwgF8vmPRX1ku7UiDeNzaLlurE6eFqHq
+2zPyK5j60zfTLVJMWKcQWwTJLjHtXrW8pxhNtFc6Fdvy5ZkHnC/9NIl7/t4U6WqB
+p4y+p7SdMIkEwIZfds0VbnQyX5MRUJY=
+-----END CERTIFICATE-----
+
+ subject=/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
+ issuer= /C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
+-----BEGIN CERTIFICATE-----
+MIICMTCCAZoCBQKhAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcw
+FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMg
+UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NjAxMjkwMDAwMDBa
+Fw05OTEyMzEyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2ln
+biwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZp
+Y2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAyVxZ
+nvIbigEUtBDfBEDb41evakVAj4QMC9Ez2dkRz+4CWB8l9yqoRAWq7AMfeH+ek7ma
+AKojfdashaJjRcdyJ8z0TMZ1cdI5709C8HXfCpDGjiBvmA/4rCNfcCk2pMmG57Ga
+IMtTpYXnPb59mv4kRTPcdhXtD6JxZExlLoFoRacCAwEAATANBgkqhkiG9w0BAQIF
+AAOBgQB1Zmw+0c2B27X4LzZRtvdCvM1Cr9wO+hVs+GeTVzrrtpLotgHKjLeOQ7RJ
+Zfk+7r11Ri7J/CVdqMcvi5uPaM+0nJcYwE3vH9mvgrPmZLiEXIqaB1JDYft0nls6
+NvxMsvwaPxUupVs8G5DsiCnkWRb5zget7Ond2tIxik/W2O8XjQ==
+-----END CERTIFICATE-----
+ subject=/C=US/O=VeriSign, Inc./OU=Class 4 Public Primary Certification Authority
+ issuer= /C=US/O=VeriSign, Inc./OU=Class 4 Public Primary Certification Authority
+-----BEGIN CERTIFICATE-----
+MIICMTCCAZoCBQKmAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcw
+FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgNCBQdWJsaWMg
+UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NjAxMjkwMDAwMDBa
+Fw05OTEyMzEyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2ln
+biwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgNCBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZp
+Y2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0LJ1
+9njQrlpQ9OlQqZ+M1++RlHDo0iSQdomF1t+s5gEXMoDwnZNHvJplnR+Xrr/phnVj
+IIm9gFidBAydqMEk6QvlMXi9/C0MN2qeeIDpRnX57aP7E3vIwUzSo+/1PLBij0pd
+O92VZ48TucE81qcmm+zDO3rZTbxtm+gVAePwR6kCAwEAATANBgkqhkiG9w0BAQIF
+AAOBgQBT3dPwnCR+QKri/AAa19oM/DJhuBUNlvP6Vxt/M3yv6ZiaYch6s7f/sdyZ
+g9ysEvxwyR84Qu1E9oAuW2szaayc01znX1oYx7EteQSWQZGZQbE8DbqEOcY7l/Am
+yY7uvcxClf8exwI/VAx49byqYHwCaejcrOICdmHEPgPq0ook0Q==
+-----END CERTIFICATE-----
diff --git a/src/lib/libssl/src/apps/sess_id.c b/src/lib/libssl/src/apps/sess_id.c
new file mode 100644
index 0000000000..2fad36a495
--- /dev/null
+++ b/src/lib/libssl/src/apps/sess_id.c
@@ -0,0 +1,305 @@
+/* apps/sess_id.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "apps.h"
+#include "bio.h"
+#include "err.h"
+#include "x509.h"
+#include "pem.h"
+#include "ssl.h"
+
+#undef PROG
+#define PROG sess_id_main
+
+#define FORMAT_UNDEF 0
+#define FORMAT_ASN1 1
+#define FORMAT_TEXT 2
+#define FORMAT_PEM 3
+
+static char *sess_id_usage[]={
+"usage: crl args\n",
+"\n",
+" -inform arg - input format - default PEM (one of DER, TXT or PEM)\n",
+" -outform arg - output format - default PEM\n",
+" -in arg - input file - default stdin\n",
+" -out arg - output file - default stdout\n",
+" -text - print ssl session id details\n",
+" -cert - output certificaet \n",
+" -noout - no CRL output\n",
+NULL
+};
+
+#ifndef NOPROTO
+static SSL_SESSION *load_sess_id(char *file, int format);
+#else
+static SSL_SESSION *load_sess_id();
+#endif
+
+int MAIN(argc, argv)
+int argc;
+char **argv;
+ {
+ SSL_SESSION *x=NULL;
+ int ret=1,i,num,badops=0;
+ BIO *out=NULL;
+ int informat,outformat;
+ char *infile=NULL,*outfile=NULL;
+ int cert=0,noout=0,text=0;
+ char **pp;
+
+ apps_startup();
+
+ if (bio_err == NULL)
+ if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+
+ informat=FORMAT_PEM;
+ outformat=FORMAT_PEM;
+
+ argc--;
+ argv++;
+ num=0;
+ while (argc >= 1)
+ {
+ if (strcmp(*argv,"-inform") == 0)
+ {
+ if (--argc < 1) goto bad;
+ informat=str2fmt(*(++argv));
+ }
+ else if (strcmp(*argv,"-outform") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outformat=str2fmt(*(++argv));
+ }
+ else if (strcmp(*argv,"-in") == 0)
+ {
+ if (--argc < 1) goto bad;
+ infile= *(++argv);
+ }
+ else if (strcmp(*argv,"-out") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-text") == 0)
+ text= ++num;
+ else if (strcmp(*argv,"-cert") == 0)
+ cert= ++num;
+ else if (strcmp(*argv,"-noout") == 0)
+ noout= ++num;
+ else
+ {
+ BIO_printf(bio_err,"unknown option %s\n",*argv);
+ badops=1;
+ break;
+ }
+ argc--;
+ argv++;
+ }
+
+ if (badops)
+ {
+bad:
+ for (pp=sess_id_usage; (*pp != NULL); pp++)
+ BIO_printf(bio_err,*pp);
+ goto end;
+ }
+
+ ERR_load_crypto_strings();
+ x=load_sess_id(infile,informat);
+ if (x == NULL) { goto end; }
+
+#ifdef undef
+ /* just testing for memory leaks :-) */
+ {
+ SSL_SESSION *s;
+ char buf[1024*10],*p;
+ int i;
+
+ s=SSL_SESSION_new();
+
+ p= &buf;
+ i=i2d_SSL_SESSION(x,&p);
+ p= &buf;
+ d2i_SSL_SESSION(&s,&p,(long)i);
+ p= &buf;
+ d2i_SSL_SESSION(&s,&p,(long)i);
+ p= &buf;
+ d2i_SSL_SESSION(&s,&p,(long)i);
+ SSL_SESSION_free(s);
+ }
+#endif
+
+ if (!noout || text)
+ {
+ out=BIO_new(BIO_s_file());
+ if (out == NULL)
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (outfile == NULL)
+ BIO_set_fp(out,stdout,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_write_filename(out,outfile) <= 0)
+ {
+ perror(outfile);
+ goto end;
+ }
+ }
+ }
+
+ if (text)
+ {
+ SSL_SESSION_print(out,x);
+
+ if (cert)
+ {
+ if (x->peer == NULL)
+ BIO_puts(out,"No certificate present\n");
+ else
+ X509_print(out,x->peer);
+ }
+ }
+
+ if (!noout && !cert)
+ {
+ if (outformat == FORMAT_ASN1)
+ i=(int)i2d_SSL_SESSION_bio(out,x);
+ else if (outformat == FORMAT_PEM)
+ i=PEM_write_bio_SSL_SESSION(out,x);
+ else {
+ BIO_printf(bio_err,"bad output format specified for outfile\n");
+ goto end;
+ }
+ if (!i) {
+ BIO_printf(bio_err,"unable to write SSL_SESSION\n");
+ goto end;
+ }
+ }
+ else if (!noout && (x->peer != NULL)) /* just print the certificate */
+ {
+ if (outformat == FORMAT_ASN1)
+ i=(int)i2d_X509_bio(out,x->peer);
+ else if (outformat == FORMAT_PEM)
+ i=PEM_write_bio_X509(out,x->peer);
+ else {
+ BIO_printf(bio_err,"bad output format specified for outfile\n");
+ goto end;
+ }
+ if (!i) {
+ BIO_printf(bio_err,"unable to write X509\n");
+ goto end;
+ }
+ }
+ ret=0;
+end:
+ if (out != NULL) BIO_free(out);
+ if (x != NULL) SSL_SESSION_free(x);
+ EXIT(ret);
+ }
+
+static SSL_SESSION *load_sess_id(infile, format)
+char *infile;
+int format;
+ {
+ SSL_SESSION *x=NULL;
+ BIO *in=NULL;
+
+ in=BIO_new(BIO_s_file());
+ if (in == NULL)
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (infile == NULL)
+ BIO_set_fp(in,stdin,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_read_filename(in,infile) <= 0)
+ {
+ perror(infile);
+ goto end;
+ }
+ }
+ if (format == FORMAT_ASN1)
+ x=d2i_SSL_SESSION_bio(in,NULL);
+ else if (format == FORMAT_PEM)
+ x=PEM_read_bio_SSL_SESSION(in,NULL,NULL);
+ else {
+ BIO_printf(bio_err,"bad input format specified for input crl\n");
+ goto end;
+ }
+ if (x == NULL)
+ {
+ BIO_printf(bio_err,"unable to load SSL_SESSION\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+end:
+ if (in != NULL) BIO_free(in);
+ return(x);
+ }
+
diff --git a/src/lib/libssl/src/apps/set/set-g-ca.pem b/src/lib/libssl/src/apps/set/set-g-ca.pem
new file mode 100644
index 0000000000..78499f0570
--- /dev/null
+++ b/src/lib/libssl/src/apps/set/set-g-ca.pem
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDeDCCAuGgAwIBAgIgYCYUeg8NJ9kO1q3z6vGCkAmPRfu5+Nur0FyGF79MADMw
+DQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCVVMxFDASBgNVBAoTC0JDQTEwMTcx
+MTA0MSAwHgYDVQQDExdCcmFuZCBOYW1lOlByb2R1Y3QgVHlwZTAeFw05NjEwMjIw
+MDAwMDBaFw05NjExMjEyMzU5NTlaMEUxCzAJBgNVBAYTAlVTMRQwEgYDVQQKEwtQ
+Q0ExMDIxMTgyODEgMB4GA1UEAxMXQnJhbmQgTmFtZTpQcm9kdWN0IFR5cGUwgZ8w
+DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJyi5V7l1HohY6hN/2N9x6mvWeMy8rD1
+6lfXjgmiuGmhpaszWYaalesMcS2OGuG8Lq3PkaSzpVzqASKfIOjxLMsdpYyYJRub
+vRPDWi3xd8wlp9xUwWHKqn+ki8mPo0yN4eONwZZ4rcZr6K+tWd+5EJZSjuENJoQ/
+SRRmGRzdcS7XAgMBAAGjggFXMIIBUzBUBgNVHSMETTBLoSekJTAjMQswCQYDVQQG
+EwJVUzEUMBIGA1UEChMLUkNBMTAxMTE4MjmCIGApUs14Ad7t9VTGq2PpV8DylPQ7
+aATM2mor7lc1fWvZMA4GA1UdDwEB/wQEAwIBBjAuBgNVHRABAf8EJDAigA8xOTk2
+MTAyMjAxMjIwMFqBDzE5OTYxMTIxMjM1OTU5WjAbBgNVHSABAf8EETAPMA0GC2CG
+SAGG+EUBBwEBMBIGA1UdEwEB/wQIMAYBAf8CAQAwDwYEho1vAwEB/wQEAwICBDB5
+BgSGjW8HAQH/BG4wbDAkAgEAMAkGBSsOAwIaBQAEFDJmNzRiMWFmNGZjYzA2MGY3
+Njc2Ew90ZXJzZSBzdGF0ZW1lbnSAF2h0dHA6Ly93d3cudmVyaXNpZ24uY29tgRpn
+ZXRzZXQtY2VudGVyQHZlcmlzaWduLmNvbTANBgkqhkiG9w0BAQUFAAOBgQBn19R2
+AgGvpJDmfXrHTDdCoYyMkaP2MPzw0hFRwh+wqnw0/pqUXa7MrLXMqtD3rUyOWaNR
+9fYpJZd0Bh/1OeIc2+U+VNfUovLLuZ8nNemdxyq2KMYnHtnh7UdO7atZ+PFLVu8x
+a+J2Mtj8MGy12CJNTJcjLSrJ/1f3AuVrwELjlQ==
+-----END CERTIFICATE-----
diff --git a/src/lib/libssl/src/apps/set/set-m-ca.pem b/src/lib/libssl/src/apps/set/set-m-ca.pem
new file mode 100644
index 0000000000..0e74caff67
--- /dev/null
+++ b/src/lib/libssl/src/apps/set/set-m-ca.pem
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDeDCCAuGgAwIBAgIgEGvcf5aUnufALdVMa/dmPdflq1CoORGeK5DUwbqhVYcw
+DQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCVVMxFDASBgNVBAoTC0JDQTEwMTcx
+MTA0MSAwHgYDVQQDExdCcmFuZCBOYW1lOlByb2R1Y3QgVHlwZTAeFw05NjEwMjIw
+MDAwMDBaFw05NjExMjEyMzU5NTlaMEUxCzAJBgNVBAYTAlVTMRQwEgYDVQQKEwtN
+Q0ExMDIxMTgyNzEgMB4GA1UEAxMXQnJhbmQgTmFtZTpQcm9kdWN0IFR5cGUwgZ8w
+DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALuWwr63YrT1GIZpYKfIeiVFHESG/FZO
+7RAJKml/p12ZyZ7D5YPP4BBXVsa1H8e8arR1LKC4rdCArrtKKlBeBiMo9+NB+u35
+FnLnTmfzM4iZ2Syw35DXY8+Xn/LM7RJ1RG+vMNcTqpoUg7QPye7flq2Pt7vVROPn
+SZxPyVxmILe3AgMBAAGjggFXMIIBUzBUBgNVHSMETTBLoSekJTAjMQswCQYDVQQG
+EwJVUzEUMBIGA1UEChMLUkNBMTAxMTE4MjmCIGApUs14Ad7t9VTGq2PpV8DylPQ7
+aATM2mor7lc1fWvZMA4GA1UdDwEB/wQEAwIBBjAuBgNVHRABAf8EJDAigA8xOTk2
+MTAyMjAxMjEwMFqBDzE5OTYxMTIxMjM1OTU5WjAbBgNVHSABAf8EETAPMA0GC2CG
+SAGG+EUBBwEBMBIGA1UdEwEB/wQIMAYBAf8CAQAwDwYEho1vAwEB/wQEAwIDCDB5
+BgSGjW8HAQH/BG4wbDAkAgEAMAkGBSsOAwIaBQAEFDJmNzRiMWFmNGZjYzA2MGY3
+Njc2Ew90ZXJzZSBzdGF0ZW1lbnSAF2h0dHA6Ly93d3cudmVyaXNpZ24uY29tgRpn
+ZXRzZXQtY2VudGVyQHZlcmlzaWduLmNvbTANBgkqhkiG9w0BAQUFAAOBgQApaj0W
+GgyR47URZEZ7z83yivvnVErqtodub/nR1fMgJ4bDC0ofjA0SzXBP1/3eDq9VkPuS
+EKUw9BpM2XrSUKhJ6F1CbBjWpM0M7GC1nTSxMxmV+XL+Ab/Gn2SwozUApWtht29/
+x9VLB8qsi6wN2aOsVdQMl5iVCjGQYfEkyuoIgA==
+-----END CERTIFICATE-----
diff --git a/src/lib/libssl/src/apps/set/set_b_ca.pem b/src/lib/libssl/src/apps/set/set_b_ca.pem
new file mode 100644
index 0000000000..eba7d5cf54
--- /dev/null
+++ b/src/lib/libssl/src/apps/set/set_b_ca.pem
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIID1zCCAr+gAwIBAgIgYClSzXgB3u31VMarY+lXwPKU9DtoBMzaaivuVzV9a9kw
+DQYJKoZIhvcNAQEFBQAwIzELMAkGA1UEBhMCVVMxFDASBgNVBAoTC1JDQTEwMTEx
+ODI5MB4XDTk2MTAxNzAwMDAwMFoXDTk2MTExNjIzNTk1OVowRTELMAkGA1UEBhMC
+VVMxFDASBgNVBAoTC0JDQTEwMTcxMTA0MSAwHgYDVQQDExdCcmFuZCBOYW1lOlBy
+b2R1Y3QgVHlwZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEApPewvR0BwV02
+9E12ic48pMY/aMB6SkMEWPDx2hURr0DKYGJ6qMvzZn2pSfaVH1BqDtK6oK4Ye5Mj
+ItywwQIdXXO9Ut8+TLnvtzq9ByCJ0YThjZJBc7ZcpJxSV7QAoBON/lzxZuAVq3+L
+3uc39MgRwmBpRllZEpWrkojxs6166X0CAwEAAaOCAVcwggFTMFQGA1UdIwRNMEuh
+J6QlMCMxCzAJBgNVBAYTAlVTMRQwEgYDVQQKEwtSQ0ExMDExMTgyOYIgVqenwCYv
+mmxUIvi9gUMCa+uJGJ60mZecw9HrISXnLaYwDgYDVR0PAQH/BAQDAgEGMC4GA1Ud
+EAEB/wQkMCKADzE5OTYxMDE3MTc1NzAwWoEPMTk5NjExMTYyMzU5NTlaMBsGA1Ud
+IAEB/wQRMA8wDQYLYIZIAYb4RQEHAQEwEgYDVR0TAQH/BAgwBgEB/wIBATAPBgSG
+jW8DAQH/BAQDAgABMHkGBIaNbwcBAf8EbjBsMCQCAQAwCQYFKw4DAhoFAAQUMmY3
+NGIxYWY0ZmNjMDYwZjc2NzYTD3RlcnNlIHN0YXRlbWVudIAXaHR0cDovL3d3dy52
+ZXJpc2lnbi5jb22BGmdldHNldC1jZW50ZXJAdmVyaXNpZ24uY29tMA0GCSqGSIb3
+DQEBBQUAA4IBAQAWoMS8Aj2sO0LDxRoMcnWTKY8nd8Jw2vl2Mgsm+0qCvcndICM5
+43N0y9uHlP8WeCZULbFz95gTL8mfP/QTu4EctMUkQgRHJnx80f0XSF3HE/X6zBbI
+9rit/bF6yP1mhkdss/vGanReDpki7q8pLx+VIIcxWst/366HP3dW1Fb7ECW/WmVV
+VMN93f/xqk9I4sXchVZcVKQT3W4tzv+qQvugrEi1dSEkbAy1CITEAEGiaFhGUyCe
+WPox3guRXaEHoINNeajGrISe6d//alsz5EEroBoLnM2ryqWfLAtRsf4rjNzTgklw
+lbiz0fw7bNkXKp5ZVr0wlnOjQnoSM6dTI0AV
+-----END CERTIFICATE-----
diff --git a/src/lib/libssl/src/apps/set/set_c_ca.pem b/src/lib/libssl/src/apps/set/set_c_ca.pem
new file mode 100644
index 0000000000..48b2cbdc7c
--- /dev/null
+++ b/src/lib/libssl/src/apps/set/set_c_ca.pem
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDeDCCAuGgAwIBAgIgOnl8J6lAYNDdTWtIojWCGnloNf4ufHjOZ4Fkxwg5xOsw
+DQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCVVMxFDASBgNVBAoTC0JDQTEwMTcx
+MTA0MSAwHgYDVQQDExdCcmFuZCBOYW1lOlByb2R1Y3QgVHlwZTAeFw05NjEwMjIw
+MDAwMDBaFw05NjExMjEyMzU5NTlaMEUxCzAJBgNVBAYTAlVTMRQwEgYDVQQKEwtD
+Q0ExMDIxMTYxNjEgMB4GA1UEAxMXQnJhbmQgTmFtZTpQcm9kdWN0IFR5cGUwgZ8w
+DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANA3a9+U8oXU3Dv1wJf8g0A7HjCRZAXc
+Y8E4OLOdye5aUssxifCE05qTPVqHMXo6cnCYcfroMdURhjQlswyTGtjQybgUnXjp
+pchw+V4D1DkN0ThErrMCh9ZFSykC0lUhQTRLESvbIb4Gal/HMAFAF5sj0GoOFi2H
+RRj7gpzBIU3xAgMBAAGjggFXMIIBUzBUBgNVHSMETTBLoSekJTAjMQswCQYDVQQG
+EwJVUzEUMBIGA1UEChMLUkNBMTAxMTE4MjmCIGApUs14Ad7t9VTGq2PpV8DylPQ7
+aATM2mor7lc1fWvZMA4GA1UdDwEB/wQEAwIBBjAuBgNVHRABAf8EJDAigA8xOTk2
+MTAyMjAxMTAwMFqBDzE5OTYxMTIxMjM1OTU5WjAbBgNVHSABAf8EETAPMA0GC2CG
+SAGG+EUBBwEBMBIGA1UdEwEB/wQIMAYBAf8CAQAwDwYEho1vAwEB/wQEAwIEEDB5
+BgSGjW8HAQH/BG4wbDAkAgEAMAkGBSsOAwIaBQAEFDJmNzRiMWFmNGZjYzA2MGY3
+Njc2Ew90ZXJzZSBzdGF0ZW1lbnSAF2h0dHA6Ly93d3cudmVyaXNpZ24uY29tgRpn
+ZXRzZXQtY2VudGVyQHZlcmlzaWduLmNvbTANBgkqhkiG9w0BAQUFAAOBgQBteLaZ
+u/TASC64UWPfhxYAUdys9DQ1pG/J1qPWNTkjOmpXFvW+7l/3nkxyRPgUoFNwx1e7
+XVVPr6zhy8LaaXppwfIZvVryzAUdbtijiUf/MO0hvV3w7e9NlCVProdU5H9EvCXr
++IV8rH8fdEkirIVyw0JGHkuWhkmtS1HEwai9vg==
+-----END CERTIFICATE-----
diff --git a/src/lib/libssl/src/apps/set/set_d_ct.pem b/src/lib/libssl/src/apps/set/set_d_ct.pem
new file mode 100644
index 0000000000..9f8c7d8b08
--- /dev/null
+++ b/src/lib/libssl/src/apps/set/set_d_ct.pem
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDdjCCAt+gAwIBAgIgRU5t24v72xVDpZ4iHpyoOAQaQmfio1yhTZAOkBfT2uUw
+DQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCVVMxFDASBgNVBAoTC0NDQTEwMjEx
+NjE2MSAwHgYDVQQDExdCcmFuZCBOYW1lOlByb2R1Y3QgVHlwZTAeFw05NjEwMjQw
+MDAwMDBaFw05NjExMjMyMzU5NTlaMG4xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdC
+cmFuZElEMSYwJAYDVQQLEx1Jc3N1aW5nIEZpbmFuY2lhbCBJbnN0aXR1dGlvbjEl
+MCMGA1UEAxMcR2lYb0t0VjViN1V0MHZKa2hkSG5RYmNzc2JrPTBcMA0GCSqGSIb3
+DQEBAQUAA0sAMEgCQQDIUxgpNB1aoSW585WErtN8WInCRWCqDj3RGT2mJye0F4SM
+/iT5ywdWMasmw18vpEpDlMypfZnRkUAdfyHcRABVAgMBAAGjggFwMIIBbDB2BgNV
+HSMEbzBtoUmkRzBFMQswCQYDVQQGEwJVUzEUMBIGA1UEChMLQkNBMTAxNzExMDQx
+IDAeBgNVBAMTF0JyYW5kIE5hbWU6UHJvZHVjdCBUeXBlgiA6eXwnqUBg0N1Na0ii
+NYIaeWg1/i58eM5ngWTHCDnE6zAOBgNVHQ8BAf8EBAMCB4AwLgYDVR0QAQH/BCQw
+IoAPMTk5NjEwMjQwMTA0MDBagQ8xOTk2MTEyMzIzNTk1OVowGAYDVR0gBBEwDzAN
+BgtghkgBhvhFAQcBATAMBgNVHRMBAf8EAjAAMA8GBIaNbwMBAf8EBAMCB4AweQYE
+ho1vBwEB/wRuMGwwJAIBADAJBgUrDgMCGgUABBQzOTgyMzk4NzIzNzg5MTM0OTc4
+MhMPdGVyc2Ugc3RhdGVtZW50gBdodHRwOi8vd3d3LnZlcmlzaWduLmNvbYEaZ2V0
+c2V0LWNlbnRlckB2ZXJpc2lnbi5jb20wDQYJKoZIhvcNAQEFBQADgYEAVHCjhxeD
+mIFSkm3DpQAq7pGfcAFPWvSM9I9bK8qeFT1M5YQ+5fbPqaWlNcQlGKIe3cHd4+0P
+ndL5lb6UBhhA0kTzEYA38+HtBxPe/lokCv0bYfyWY9asUmvfbUrTYta0yjN7ixnV
+UqvxxHQHOAwhf6bcc7xNHapOxloWzGUU0RQ=
+-----END CERTIFICATE-----
diff --git a/src/lib/libssl/src/apps/set/set_root.pem b/src/lib/libssl/src/apps/set/set_root.pem
new file mode 100644
index 0000000000..8dd104f058
--- /dev/null
+++ b/src/lib/libssl/src/apps/set/set_root.pem
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDZzCCAk+gAwIBAgIgVqenwCYvmmxUIvi9gUMCa+uJGJ60mZecw9HrISXnLaYw
+DQYJKoZIhvcNAQEFBQAwIzELMAkGA1UEBhMCVVMxFDASBgNVBAoTC1JDQTEwMTEx
+ODI5MB4XDTk2MTAxMjAwMDAwMFoXDTk2MTExMTIzNTk1OVowIzELMAkGA1UEBhMC
+VVMxFDASBgNVBAoTC1JDQTEwMTExODI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
+MIIBCgKCAQEAukca0PVUGFIYX7EyrShi+dVi9GTNzG0V2Wtdw6DqFzKfedba/KpE
+zqnRDV/wRZlBn3oXPS6kNCFiBPRV9mEFXI7y2W+q8/vPurjRDIXMsqQ+dAhKwf4q
+rofJBTiET4NUN0YTtpx6aYuoVubjiOgKdbqnUArxAWWP2Dkco17ipEYyUtd4sTAe
+/xKR02AHpbYGYPSHjMDS/nzUJ7uX4d51phs0rt7If48ExJSnDV/KoHMfm42mdmH2
+g23005qdHKY3UXeh10tZmb3QtGTSvF6OqpRZ+e9/ALklu7ZcIjqbb944ci4QWemb
+ZNWiDFrWWUoO1k942BI/iZ8Fh8pETYSDBQIDAQABo4GGMIGDMA4GA1UdDwEB/wQE
+AwIBBjAuBgNVHRABAf8EJDAigA8xOTk2MTAxMjAxMzQwMFqBDzE5OTYxMTExMjM1
+OTU5WjAbBgNVHSABAf8EETAPMA0GC2CGSAGG+EUBBwEBMBIGA1UdEwEB/wQIMAYB
+Af8CAQIwEAYEho1vAwEB/wQFAwMHAIAwDQYJKoZIhvcNAQEFBQADggEBAK4tntea
+y+ws7PdULwfqAS5osaoNvw73uBn5lROTpx91uhQbJyf0oZ3XG9GUuHZBpqG9qmr9
+vIL40RsvRpNMYgaNHKTxF716yx6rZmruAYZsrE3SpV63tQJCckKLPSge2E5uDhSQ
+O8UjusG+IRT9fKMXUHLv4OmZPOQVOSl1qTCN2XoJFqEPtC3Y9P4YR4xHL0P2jb1l
+DLdIbruuh+6omH+0XUZd5fKnQZTTi6gjl0iunj3wGnkcqGZtwr3j87ONiB/8tDwY
+vz8ceII4YYdX12PrNzn+fu3R5rChvPW4/ah/SaYQ2VQ0AupaIF4xrNJ/gLYYw0YO
+bxCrVJLd8tu9WgA=
+-----END CERTIFICATE-----
diff --git a/src/lib/libssl/src/apps/speed.c b/src/lib/libssl/src/apps/speed.c
new file mode 100644
index 0000000000..0003934247
--- /dev/null
+++ b/src/lib/libssl/src/apps/speed.c
@@ -0,0 +1,1212 @@
+/* apps/speed.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* most of this code has been pilfered from my libdes speed.c program */
+
+#undef SECONDS
+#define SECONDS 3
+#define RSA_SECONDS 10
+#define DSA_SECONDS 10
+
+/* 11-Sep-92 Andrew Daviel Support for Silicon Graphics IRIX added */
+/* 06-Apr-92 Luke Brennan Support for VMS and add extra signal calls */
+
+#undef PROG
+#define PROG speed_main
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <signal.h>
+#include <string.h>
+#include <math.h>
+#include "apps.h"
+#ifdef NO_STDIO
+#define APPS_WIN16
+#endif
+#include "crypto.h"
+#include "rand.h"
+#include "err.h"
+
+#ifndef MSDOS
+#define TIMES
+#endif
+
+#ifndef VMS
+#ifndef _IRIX
+#include <time.h>
+#endif
+#ifdef TIMES
+#include <sys/types.h>
+#include <sys/times.h>
+#endif
+#else /* VMS */
+#include <types.h>
+struct tms {
+ time_t tms_utime;
+ time_t tms_stime;
+ time_t tms_uchild; /* I dunno... */
+ time_t tms_uchildsys; /* so these names are a guess :-) */
+ }
+#endif
+#ifndef TIMES
+#include <sys/timeb.h>
+#endif
+
+#ifdef sun
+#include <limits.h>
+#include <sys/param.h>
+#endif
+
+#ifndef NO_DES
+#include "des.h"
+#endif
+#ifndef NO_MD2
+#include "md2.h"
+#endif
+#ifndef NO_MDC2
+#include "mdc2.h"
+#endif
+#ifndef NO_MD5
+#include "md5.h"
+#include "hmac.h"
+#include "evp.h"
+#endif
+#ifndef NO_SHA1
+#include "sha.h"
+#endif
+#ifndef NO_RMD160
+#include "ripemd.h"
+#endif
+#ifndef NO_RC4
+#include "rc4.h"
+#endif
+#ifndef NO_RC5
+#include "rc5.h"
+#endif
+#ifndef NO_RC2
+#include "rc2.h"
+#endif
+#ifndef NO_IDEA
+#include "idea.h"
+#endif
+#ifndef NO_BLOWFISH
+#include "blowfish.h"
+#endif
+#ifndef NO_CAST
+#include "cast.h"
+#endif
+#ifndef NO_RSA
+#include "rsa.h"
+#endif
+#include "x509.h"
+#include "./testrsa.h"
+#ifndef NO_DSA
+#include "./testdsa.h"
+#endif
+
+/* The following if from times(3) man page. It may need to be changed */
+#ifndef HZ
+# ifndef CLK_TCK
+# ifndef _BSD_CLK_TCK_ /* FreeBSD hack */
+# ifndef VMS
+# define HZ 100.0
+# else /* VMS */
+# define HZ 100.0
+# endif
+# else /* _BSD_CLK_TCK_ */
+# define HZ ((double)_BSD_CLK_TCK_)
+# endif
+# else /* CLK_TCK */
+# define HZ ((double)CLK_TCK)
+# endif
+#endif
+
+#undef BUFSIZE
+#define BUFSIZE ((long)1024*8+1)
+int run=0;
+
+#ifndef NOPROTO
+static double Time_F(int s);
+static void print_message(char *s,long num,int length);
+static void pkey_print_message(char *str,char *str2,long num,int bits,int sec);
+#else
+static double Time_F();
+static void print_message();
+static void pkey_print_message();
+#endif
+
+#ifdef SIGALRM
+#if defined(__STDC__) || defined(sgi) || defined(_AIX)
+#define SIGRETTYPE void
+#else
+#define SIGRETTYPE int
+#endif
+
+#ifndef NOPROTO
+static SIGRETTYPE sig_done(int sig);
+#else
+static SIGRETTYPE sig_done();
+#endif
+
+static SIGRETTYPE sig_done(sig)
+int sig;
+ {
+ signal(SIGALRM,sig_done);
+ run=0;
+#ifdef LINT
+ sig=sig;
+#endif
+ }
+#endif
+
+#define START 0
+#define STOP 1
+
+static double Time_F(s)
+int s;
+ {
+ double ret;
+#ifdef TIMES
+ static struct tms tstart,tend;
+
+ if (s == START)
+ {
+ times(&tstart);
+ return(0);
+ }
+ else
+ {
+ times(&tend);
+ ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
+ return((ret < 1e-3)?1e-3:ret);
+ }
+#else /* !times() */
+ static struct timeb tstart,tend;
+ long i;
+
+ if (s == START)
+ {
+ ftime(&tstart);
+ return(0);
+ }
+ else
+ {
+ ftime(&tend);
+ i=(long)tend.millitm-(long)tstart.millitm;
+ ret=((double)(tend.time-tstart.time))+((double)i)/1000.0;
+ return((ret < 0.001)?0.001:ret);
+ }
+#endif
+ }
+
+int MAIN(argc,argv)
+int argc;
+char **argv;
+ {
+ unsigned char *buf=NULL,*buf2=NULL;
+ int ret=1;
+#define ALGOR_NUM 14
+#define SIZE_NUM 5
+#define RSA_NUM 4
+#define DSA_NUM 3
+ long count,rsa_count;
+ int i,j,k,rsa_num,rsa_num2;
+#ifndef NO_MD2
+ unsigned char md2[MD2_DIGEST_LENGTH];
+#endif
+#ifndef NO_MDC2
+ unsigned char mdc2[MDC2_DIGEST_LENGTH];
+#endif
+#ifndef NO_MD5
+ unsigned char md5[MD5_DIGEST_LENGTH];
+ unsigned char hmac[MD5_DIGEST_LENGTH];
+#endif
+#ifndef NO_SHA1
+ unsigned char sha[SHA_DIGEST_LENGTH];
+#endif
+#ifndef NO_RMD160
+ unsigned char rmd160[RIPEMD160_DIGEST_LENGTH];
+#endif
+#ifndef NO_RC4
+ RC4_KEY rc4_ks;
+#endif
+#ifndef NO_RC5
+ RC5_32_KEY rc5_ks;
+#endif
+#ifndef NO_RC2
+ RC2_KEY rc2_ks;
+#endif
+#ifndef NO_IDEA
+ IDEA_KEY_SCHEDULE idea_ks;
+#endif
+#ifndef NO_BLOWFISH
+ BF_KEY bf_ks;
+#endif
+#ifndef NO_CAST
+ CAST_KEY cast_ks;
+#endif
+ static unsigned char key16[16]=
+ {0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,
+ 0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12};
+ unsigned char iv[8];
+#ifndef NO_DES
+ static des_cblock key ={0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0};
+ static des_cblock key2={0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12};
+ static des_cblock key3={0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34};
+ des_key_schedule sch,sch2,sch3;
+#endif
+#define D_MD2 0
+#define D_MDC2 1
+#define D_MD5 2
+#define D_HMAC 3
+#define D_SHA1 4
+#define D_RMD160 5
+#define D_RC4 6
+#define D_CBC_DES 7
+#define D_EDE3_DES 8
+#define D_CBC_IDEA 9
+#define D_CBC_RC2 10
+#define D_CBC_RC5 11
+#define D_CBC_BF 12
+#define D_CBC_CAST 13
+ double d,results[ALGOR_NUM][SIZE_NUM];
+ static int lengths[SIZE_NUM]={8,64,256,1024,8*1024};
+ long c[ALGOR_NUM][SIZE_NUM];
+ static char *names[ALGOR_NUM]={
+ "md2","mdc2","md5","hmac(md5)","sha1","rmd160","rc4",
+ "des cbc","des ede3","idea cbc",
+ "rc2 cbc","rc5-32/12 cbc","blowfish cbc","cast cbc"};
+#define R_DSA_512 0
+#define R_DSA_1024 1
+#define R_DSA_2048 2
+#define R_RSA_512 0
+#define R_RSA_1024 1
+#define R_RSA_2048 2
+#define R_RSA_4096 3
+ RSA *rsa_key[RSA_NUM];
+ long rsa_c[RSA_NUM][2];
+#ifndef NO_RSA
+ double rsa_results[RSA_NUM][2];
+ static unsigned int rsa_bits[RSA_NUM]={512,1024,2048,4096};
+ static unsigned char *rsa_data[RSA_NUM]=
+ {test512,test1024,test2048,test4096};
+ static int rsa_data_length[RSA_NUM]={
+ sizeof(test512),sizeof(test1024),
+ sizeof(test2048),sizeof(test4096)};
+#endif
+#ifndef NO_DSA
+ DSA *dsa_key[DSA_NUM];
+ long dsa_c[DSA_NUM][2];
+ double dsa_results[DSA_NUM][2];
+ static unsigned int dsa_bits[DSA_NUM]={512,1024,2048};
+#endif
+ int rsa_doit[RSA_NUM];
+ int dsa_doit[DSA_NUM];
+ int doit[ALGOR_NUM];
+ int pr_header=0;
+
+ apps_startup();
+
+ if (bio_err == NULL)
+ if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+
+ for (i=0; i<RSA_NUM; i++)
+ rsa_key[i]=NULL;
+
+ if ((buf=(unsigned char *)Malloc((int)BUFSIZE)) == NULL)
+ {
+ BIO_printf(bio_err,"out of memory\n");
+ goto end;
+ }
+ if ((buf2=(unsigned char *)Malloc((int)BUFSIZE)) == NULL)
+ {
+ BIO_printf(bio_err,"out of memory\n");
+ goto end;
+ }
+
+ memset(c,0,sizeof(c));
+ memset(iv,0,sizeof(iv));
+
+ for (i=0; i<ALGOR_NUM; i++)
+ doit[i]=0;
+ for (i=0; i<RSA_NUM; i++)
+ rsa_doit[i]=0;
+ for (i=0; i<DSA_NUM; i++)
+ dsa_doit[i]=0;
+
+ j=0;
+ argc--;
+ argv++;
+ while (argc)
+ {
+#ifndef NO_MD2
+ if (strcmp(*argv,"md2") == 0) doit[D_MD2]=1;
+ else
+#endif
+#ifndef NO_MDC2
+ if (strcmp(*argv,"mdc2") == 0) doit[D_MDC2]=1;
+ else
+#endif
+#ifndef NO_MD5
+ if (strcmp(*argv,"md5") == 0) doit[D_MD5]=1;
+ else
+#endif
+#ifndef NO_MD5
+ if (strcmp(*argv,"hmac") == 0) doit[D_HMAC]=1;
+ else
+#endif
+#ifndef NO_SHA1
+ if (strcmp(*argv,"sha1") == 0) doit[D_SHA1]=1;
+ else
+ if (strcmp(*argv,"sha") == 0) doit[D_SHA1]=1;
+ else
+#endif
+#ifndef NO_RMD160
+ if (strcmp(*argv,"ripemd") == 0) doit[D_RMD160]=1;
+ else
+ if (strcmp(*argv,"rmd160") == 0) doit[D_RMD160]=1;
+ else
+ if (strcmp(*argv,"ripemd160") == 0) doit[D_RMD160]=1;
+ else
+#endif
+#ifndef NO_RC4
+ if (strcmp(*argv,"rc4") == 0) doit[D_RC4]=1;
+ else
+#endif
+#ifndef NO_DEF
+ if (strcmp(*argv,"des-cbc") == 0) doit[D_CBC_DES]=1;
+ else if (strcmp(*argv,"des-ede3") == 0) doit[D_EDE3_DES]=1;
+ else
+#endif
+#ifndef NO_RSA
+#ifdef RSAref
+ if (strcmp(*argv,"rsaref") == 0)
+ {
+ RSA_set_default_method(RSA_PKCS1_RSAref());
+ j--;
+ }
+ else
+#endif
+ if (strcmp(*argv,"ssleay") == 0)
+ {
+ RSA_set_default_method(RSA_PKCS1_SSLeay());
+ j--;
+ }
+ else
+#endif /* !NO_RSA */
+ if (strcmp(*argv,"dsa512") == 0) dsa_doit[R_DSA_512]=2;
+ else if (strcmp(*argv,"dsa1024") == 0) dsa_doit[R_DSA_1024]=2;
+ else if (strcmp(*argv,"dsa2048") == 0) dsa_doit[R_DSA_2048]=2;
+ else if (strcmp(*argv,"rsa512") == 0) rsa_doit[R_RSA_512]=2;
+ else if (strcmp(*argv,"rsa1024") == 0) rsa_doit[R_RSA_1024]=2;
+ else if (strcmp(*argv,"rsa2048") == 0) rsa_doit[R_RSA_2048]=2;
+ else if (strcmp(*argv,"rsa4096") == 0) rsa_doit[R_RSA_4096]=2;
+ else
+#ifndef NO_RC2
+ if (strcmp(*argv,"rc2-cbc") == 0) doit[D_CBC_RC2]=1;
+ else if (strcmp(*argv,"rc2") == 0) doit[D_CBC_RC2]=1;
+ else
+#endif
+#ifndef NO_RC5
+ if (strcmp(*argv,"rc5-cbc") == 0) doit[D_CBC_RC5]=1;
+ else if (strcmp(*argv,"rc5") == 0) doit[D_CBC_RC5]=1;
+ else
+#endif
+#ifndef NO_IDEA
+ if (strcmp(*argv,"idea-cbc") == 0) doit[D_CBC_IDEA]=1;
+ else if (strcmp(*argv,"idea") == 0) doit[D_CBC_IDEA]=1;
+ else
+#endif
+#ifndef NO_BLOWFISH
+ if (strcmp(*argv,"bf-cbc") == 0) doit[D_CBC_BF]=1;
+ else if (strcmp(*argv,"blowfish") == 0) doit[D_CBC_BF]=1;
+ else if (strcmp(*argv,"bf") == 0) doit[D_CBC_BF]=1;
+ else
+#endif
+#ifndef NO_CAST
+ if (strcmp(*argv,"cast-cbc") == 0) doit[D_CBC_CAST]=1;
+ else if (strcmp(*argv,"cast") == 0) doit[D_CBC_CAST]=1;
+ else if (strcmp(*argv,"cast5") == 0) doit[D_CBC_CAST]=1;
+ else
+#endif
+#ifndef NO_DES
+ if (strcmp(*argv,"des") == 0)
+ {
+ doit[D_CBC_DES]=1;
+ doit[D_EDE3_DES]=1;
+ }
+ else
+#endif
+#ifndef NO_RSA
+ if (strcmp(*argv,"rsa") == 0)
+ {
+ rsa_doit[R_RSA_512]=1;
+ rsa_doit[R_RSA_1024]=1;
+ rsa_doit[R_RSA_2048]=1;
+ rsa_doit[R_RSA_4096]=1;
+ }
+ else
+#endif
+#ifndef NO_DSA
+ if (strcmp(*argv,"dsa") == 0)
+ {
+ dsa_doit[R_DSA_512]=1;
+ dsa_doit[R_DSA_1024]=1;
+ }
+ else
+#endif
+ {
+ BIO_printf(bio_err,"bad value, pick one of\n");
+ BIO_printf(bio_err,"md2 mdc2 md5 hmac sha1 rmd160\n");
+#ifndef NO_IDEA
+ BIO_printf(bio_err,"idea-cbc ");
+#endif
+#ifndef NO_RC2
+ BIO_printf(bio_err,"rc2-cbc ");
+#endif
+#ifndef NO_RC5
+ BIO_printf(bio_err,"rc5-cbc ");
+#endif
+#ifndef NO_BLOWFISH
+ BIO_printf(bio_err,"bf-cbc");
+#endif
+#if !defined(NO_IDEA) && !defined(NO_RC2) && !defined(NO_BLOWFISH) && !defined(NO_RC5)
+ BIO_printf(bio_err,"\n");
+#endif
+ BIO_printf(bio_err,"des-cbc des-ede3 ");
+#ifndef NO_RC4
+ BIO_printf(bio_err,"rc4");
+#endif
+#ifndef NO_RSA
+ BIO_printf(bio_err,"\nrsa512 rsa1024 rsa2048 rsa4096\n");
+#endif
+#ifndef NO_DSA
+ BIO_printf(bio_err,"\ndsa512 dsa1024 dsa2048\n");
+#endif
+ BIO_printf(bio_err,"idea rc2 des rsa blowfish\n");
+ goto end;
+ }
+ argc--;
+ argv++;
+ j++;
+ }
+
+ if (j == 0)
+ {
+ for (i=0; i<ALGOR_NUM; i++)
+ doit[i]=1;
+ for (i=0; i<RSA_NUM; i++)
+ rsa_doit[i]=1;
+ for (i=0; i<DSA_NUM; i++)
+ dsa_doit[i]=1;
+ }
+ for (i=0; i<ALGOR_NUM; i++)
+ if (doit[i]) pr_header++;
+
+#ifndef TIMES
+ BIO_printf(bio_err,"To get the most accurate results, try to run this\n");
+ BIO_printf(bio_err,"program when this computer is idle.\n");
+#endif
+
+#ifndef NO_RSA
+ for (i=0; i<RSA_NUM; i++)
+ {
+ unsigned char *p;
+
+ p=rsa_data[i];
+ rsa_key[i]=d2i_RSAPrivateKey(NULL,&p,rsa_data_length[i]);
+ if (rsa_key[i] == NULL)
+ {
+ BIO_printf(bio_err,"internal error loading RSA key number %d\n",i);
+ goto end;
+ }
+#if 0
+ else
+ {
+ BIO_printf(bio_err,"Loaded RSA key, %d bit modulus and e= 0x",BN_num_bits(rsa_key[i]->n));
+ BN_print(bio_err,rsa_key[i]->e);
+ BIO_printf(bio_err,"\n");
+ }
+#endif
+ }
+#endif
+
+#ifndef NO_DSA
+ dsa_key[0]=get_dsa512();
+ dsa_key[1]=get_dsa1024();
+ dsa_key[2]=get_dsa2048();
+#endif
+
+#ifndef NO_DES
+ des_set_key((C_Block *)key,sch);
+ des_set_key((C_Block *)key2,sch2);
+ des_set_key((C_Block *)key3,sch3);
+#endif
+#ifndef NO_IDEA
+ idea_set_encrypt_key(key16,&idea_ks);
+#endif
+#ifndef NO_RC4
+ RC4_set_key(&rc4_ks,16,key16);
+#endif
+#ifndef NO_RC2
+ RC2_set_key(&rc2_ks,16,key16,128);
+#endif
+#ifndef NO_RC5
+ RC5_32_set_key(&rc5_ks,16,key16,12);
+#endif
+#ifndef NO_BLOWFISH
+ BF_set_key(&bf_ks,16,key16);
+#endif
+#ifndef NO_CAST
+ CAST_set_key(&cast_ks,16,key16);
+#endif
+
+ memset(rsa_c,0,sizeof(rsa_c));
+#ifndef SIGALRM
+ BIO_printf(bio_err,"First we calculate the approximate speed ...\n");
+ count=10;
+ do {
+ long i;
+ count*=2;
+ Time_F(START);
+ for (i=count; i; i--)
+ des_ecb_encrypt((C_Block *)buf,(C_Block *)buf,
+ &(sch[0]),DES_ENCRYPT);
+ d=Time_F(STOP);
+ } while (d <3);
+ c[D_MD2][0]=count/10;
+ c[D_MDC2][0]=count/10;
+ c[D_MD5][0]=count;
+ c[D_HMAC][0]=count;
+ c[D_SHA1][0]=count;
+ c[D_RMD160][0]=count;
+ c[D_RC4][0]=count*5;
+ c[D_CBC_DES][0]=count;
+ c[D_EDE3_DES][0]=count/3;
+ c[D_CBC_IDEA][0]=count;
+ c[D_CBC_RC2][0]=count;
+ c[D_CBC_RC5][0]=count;
+ c[D_CBC_BF][0]=count;
+ c[D_CBC_CAST][0]=count;
+
+ for (i=1; i<SIZE_NUM; i++)
+ {
+ c[D_MD2][i]=c[D_MD2][0]*4*lengths[0]/lengths[i];
+ c[D_MDC2][i]=c[D_MDC2][0]*4*lengths[0]/lengths[i];
+ c[D_MD5][i]=c[D_MD5][0]*4*lengths[0]/lengths[i];
+ c[D_HMAC][i]=c[D_HMAC][0]*4*lengths[0]/lengths[i];
+ c[D_SHA1][i]=c[D_SHA1][0]*4*lengths[0]/lengths[i];
+ c[D_RMD160][i]=c[D_RMD160][0]*4*lengths[0]/lengths[i];
+ }
+ for (i=1; i<SIZE_NUM; i++)
+ {
+ long l0,l1;
+
+ l0=(long)lengths[i-1];
+ l1=(long)lengths[i];
+ c[D_RC4][i]=c[D_RC4][i-1]*l0/l1;
+ c[D_CBC_DES][i]=c[D_CBC_DES][i-1]*l0/l1;
+ c[D_EDE3_DES][i]=c[D_EDE3_DES][i-1]*l0/l1;
+ c[D_CBC_IDEA][i]=c[D_CBC_IDEA][i-1]*l0/l1;
+ c[D_CBC_RC2][i]=c[D_CBC_RC2][i-1]*l0/l1;
+ c[D_CBC_RC5][i]=c[D_CBC_RC5][i-1]*l0/l1;
+ c[D_CBC_BF][i]=c[D_CBC_BF][i-1]*l0/l1;
+ c[D_CBC_CAST][i]=c[D_CBC_CAST][i-1]*l0/l1;
+ }
+ rsa_c[R_RSA_512][0]=count/2000;
+ rsa_c[R_RSA_512][1]=count/400;
+ for (i=1; i<RSA_NUM; i++)
+ {
+ rsa_c[i][0]=rsa_c[i-1][0]/8;
+ rsa_c[i][1]=rsa_c[i-1][1]/4;
+ if ((rsa_doit[i] <= 1) && (rsa_c[i][0] == 0))
+ rsa_doit[i]=0;
+ else
+ {
+ if (rsa_c[i] == 0)
+ {
+ rsa_c[i][0]=1;
+ rsa_c[i][1]=20;
+ }
+ }
+ }
+
+ dsa_c[R_DSA_512][0]=count/1000;
+ dsa_c[R_DSA_512][1]=count/1000/2;
+ for (i=1; i<DSA_NUM; i++)
+ {
+ dsa_c[i][0]=dsa_c[i-1][0]/4;
+ dsa_c[i][1]=dsa_c[i-1][1]/4;
+ if ((dsa_doit[i] <= 1) && (dsa_c[i][0] == 0))
+ dsa_doit[i]=0;
+ else
+ {
+ if (dsa_c[i] == 0)
+ {
+ dsa_c[i][0]=1;
+ dsa_c[i][1]=1;
+ }
+ }
+ }
+
+#define COND(d) (count < (d))
+#define COUNT(d) (d)
+#else
+#define COND(c) (run)
+#define COUNT(d) (count)
+ signal(SIGALRM,sig_done);
+#endif
+
+#ifndef NO_MD2
+ if (doit[D_MD2])
+ {
+ for (j=0; j<SIZE_NUM; j++)
+ {
+ print_message(names[D_MD2],c[D_MD2][j],lengths[j]);
+ Time_F(START);
+ for (count=0,run=1; COND(c[D_MD2][j]); count++)
+ MD2(buf,(unsigned long)lengths[j],&(md2[0]));
+ d=Time_F(STOP);
+ BIO_printf(bio_err,"%ld %s's in %.2fs\n",
+ count,names[D_MD2],d);
+ results[D_MD2][j]=((double)count)/d*lengths[j];
+ }
+ }
+#endif
+#ifndef NO_MDC2
+ if (doit[D_MDC2])
+ {
+ for (j=0; j<SIZE_NUM; j++)
+ {
+ print_message(names[D_MDC2],c[D_MDC2][j],lengths[j]);
+ Time_F(START);
+ for (count=0,run=1; COND(c[D_MDC2][j]); count++)
+ MDC2(buf,(unsigned long)lengths[j],&(mdc2[0]));
+ d=Time_F(STOP);
+ BIO_printf(bio_err,"%ld %s's in %.2fs\n",
+ count,names[D_MDC2],d);
+ results[D_MDC2][j]=((double)count)/d*lengths[j];
+ }
+ }
+#endif
+
+#ifndef NO_MD5
+ if (doit[D_MD5])
+ {
+ for (j=0; j<SIZE_NUM; j++)
+ {
+ print_message(names[D_MD5],c[D_MD5][j],lengths[j]);
+ Time_F(START);
+ for (count=0,run=1; COND(c[D_MD5][j]); count++)
+ MD5(&(buf[0]),(unsigned long)lengths[j],&(md5[0]));
+ d=Time_F(STOP);
+ BIO_printf(bio_err,"%ld %s's in %.2fs\n",
+ count,names[D_MD5],d);
+ results[D_MD5][j]=((double)count)/d*lengths[j];
+ }
+ }
+#endif
+
+#ifndef NO_MD5
+ if (doit[D_HMAC])
+ {
+ HMAC_CTX hctx;
+ HMAC_Init(&hctx,(unsigned char *)"This is a key...",
+ 16,EVP_md5());
+
+ for (j=0; j<SIZE_NUM; j++)
+ {
+ print_message(names[D_HMAC],c[D_HMAC][j],lengths[j]);
+ Time_F(START);
+ for (count=0,run=1; COND(c[D_HMAC][j]); count++)
+ {
+ HMAC_Init(&hctx,NULL,0,NULL);
+ HMAC_Update(&hctx,buf,lengths[j]);
+ HMAC_Final(&hctx,&(hmac[0]),NULL);
+ }
+ d=Time_F(STOP);
+ BIO_printf(bio_err,"%ld %s's in %.2fs\n",
+ count,names[D_HMAC],d);
+ results[D_HMAC][j]=((double)count)/d*lengths[j];
+ }
+ }
+#endif
+#ifndef NO_SHA1
+ if (doit[D_SHA1])
+ {
+ for (j=0; j<SIZE_NUM; j++)
+ {
+ print_message(names[D_SHA1],c[D_SHA1][j],lengths[j]);
+ Time_F(START);
+ for (count=0,run=1; COND(c[D_SHA1][j]); count++)
+ SHA1(buf,(unsigned long)lengths[j],&(sha[0]));
+ d=Time_F(STOP);
+ BIO_printf(bio_err,"%ld %s's in %.2fs\n",
+ count,names[D_SHA1],d);
+ results[D_SHA1][j]=((double)count)/d*lengths[j];
+ }
+ }
+#endif
+#ifndef NO_RMD160
+ if (doit[D_RMD160])
+ {
+ for (j=0; j<SIZE_NUM; j++)
+ {
+ print_message(names[D_RMD160],c[D_RMD160][j],lengths[j]);
+ Time_F(START);
+ for (count=0,run=1; COND(c[D_RMD160][j]); count++)
+ RIPEMD160(buf,(unsigned long)lengths[j],&(rmd160[0]));
+ d=Time_F(STOP);
+ BIO_printf(bio_err,"%ld %s's in %.2fs\n",
+ count,names[D_RMD160],d);
+ results[D_RMD160][j]=((double)count)/d*lengths[j];
+ }
+ }
+#endif
+#ifndef NO_RC4
+ if (doit[D_RC4])
+ {
+ for (j=0; j<SIZE_NUM; j++)
+ {
+ print_message(names[D_RC4],c[D_RC4][j],lengths[j]);
+ Time_F(START);
+ for (count=0,run=1; COND(c[D_RC4][j]); count++)
+ RC4(&rc4_ks,(unsigned int)lengths[j],
+ buf,buf);
+ d=Time_F(STOP);
+ BIO_printf(bio_err,"%ld %s's in %.2fs\n",
+ count,names[D_RC4],d);
+ results[D_RC4][j]=((double)count)/d*lengths[j];
+ }
+ }
+#endif
+#ifndef NO_DES
+ if (doit[D_CBC_DES])
+ {
+ for (j=0; j<SIZE_NUM; j++)
+ {
+ print_message(names[D_CBC_DES],c[D_CBC_DES][j],lengths[j]);
+ Time_F(START);
+ for (count=0,run=1; COND(c[D_CBC_DES][j]); count++)
+ des_ncbc_encrypt((C_Block *)buf,
+ (C_Block *)buf,
+ (long)lengths[j],sch,
+ (C_Block *)&(iv[0]),DES_ENCRYPT);
+ d=Time_F(STOP);
+ BIO_printf(bio_err,"%ld %s's in %.2fs\n",
+ count,names[D_CBC_DES],d);
+ results[D_CBC_DES][j]=((double)count)/d*lengths[j];
+ }
+ }
+
+ if (doit[D_EDE3_DES])
+ {
+ for (j=0; j<SIZE_NUM; j++)
+ {
+ print_message(names[D_EDE3_DES],c[D_EDE3_DES][j],lengths[j]);
+ Time_F(START);
+ for (count=0,run=1; COND(c[D_EDE3_DES][j]); count++)
+ des_ede3_cbc_encrypt((C_Block *)buf,
+ (C_Block *)buf,
+ (long)lengths[j],sch,sch2,sch3,
+ (C_Block *)&(iv[0]),DES_ENCRYPT);
+ d=Time_F(STOP);
+ BIO_printf(bio_err,"%ld %s's in %.2fs\n",
+ count,names[D_EDE3_DES],d);
+ results[D_EDE3_DES][j]=((double)count)/d*lengths[j];
+ }
+ }
+#endif
+#ifndef NO_IDEA
+ if (doit[D_CBC_IDEA])
+ {
+ for (j=0; j<SIZE_NUM; j++)
+ {
+ print_message(names[D_CBC_IDEA],c[D_CBC_IDEA][j],lengths[j]);
+ Time_F(START);
+ for (count=0,run=1; COND(c[D_CBC_IDEA][j]); count++)
+ idea_cbc_encrypt(buf,buf,
+ (unsigned long)lengths[j],&idea_ks,
+ (unsigned char *)&(iv[0]),IDEA_ENCRYPT);
+ d=Time_F(STOP);
+ BIO_printf(bio_err,"%ld %s's in %.2fs\n",
+ count,names[D_CBC_IDEA],d);
+ results[D_CBC_IDEA][j]=((double)count)/d*lengths[j];
+ }
+ }
+#endif
+#ifndef NO_RC2
+ if (doit[D_CBC_RC2])
+ {
+ for (j=0; j<SIZE_NUM; j++)
+ {
+ print_message(names[D_CBC_RC2],c[D_CBC_RC2][j],lengths[j]);
+ Time_F(START);
+ for (count=0,run=1; COND(c[D_CBC_RC2][j]); count++)
+ RC2_cbc_encrypt(buf,buf,
+ (unsigned long)lengths[j],&rc2_ks,
+ (unsigned char *)&(iv[0]),RC2_ENCRYPT);
+ d=Time_F(STOP);
+ BIO_printf(bio_err,"%ld %s's in %.2fs\n",
+ count,names[D_CBC_RC2],d);
+ results[D_CBC_RC2][j]=((double)count)/d*lengths[j];
+ }
+ }
+#endif
+#ifndef NO_RC5
+ if (doit[D_CBC_RC5])
+ {
+ for (j=0; j<SIZE_NUM; j++)
+ {
+ print_message(names[D_CBC_RC5],c[D_CBC_RC5][j],lengths[j]);
+ Time_F(START);
+ for (count=0,run=1; COND(c[D_CBC_RC5][j]); count++)
+ RC5_32_cbc_encrypt(buf,buf,
+ (unsigned long)lengths[j],&rc5_ks,
+ (unsigned char *)&(iv[0]),RC5_ENCRYPT);
+ d=Time_F(STOP);
+ BIO_printf(bio_err,"%ld %s's in %.2fs\n",
+ count,names[D_CBC_RC5],d);
+ results[D_CBC_RC5][j]=((double)count)/d*lengths[j];
+ }
+ }
+#endif
+#ifndef NO_BLOWFISH
+ if (doit[D_CBC_BF])
+ {
+ for (j=0; j<SIZE_NUM; j++)
+ {
+ print_message(names[D_CBC_BF],c[D_CBC_BF][j],lengths[j]);
+ Time_F(START);
+ for (count=0,run=1; COND(c[D_CBC_BF][j]); count++)
+ BF_cbc_encrypt(buf,buf,
+ (unsigned long)lengths[j],&bf_ks,
+ (unsigned char *)&(iv[0]),BF_ENCRYPT);
+ d=Time_F(STOP);
+ BIO_printf(bio_err,"%ld %s's in %.2fs\n",
+ count,names[D_CBC_BF],d);
+ results[D_CBC_BF][j]=((double)count)/d*lengths[j];
+ }
+ }
+#endif
+#ifndef NO_CAST
+ if (doit[D_CBC_CAST])
+ {
+ for (j=0; j<SIZE_NUM; j++)
+ {
+ print_message(names[D_CBC_CAST],c[D_CBC_CAST][j],lengths[j]);
+ Time_F(START);
+ for (count=0,run=1; COND(c[D_CBC_CAST][j]); count++)
+ CAST_cbc_encrypt(buf,buf,
+ (unsigned long)lengths[j],&cast_ks,
+ (unsigned char *)&(iv[0]),CAST_ENCRYPT);
+ d=Time_F(STOP);
+ BIO_printf(bio_err,"%ld %s's in %.2fs\n",
+ count,names[D_CBC_CAST],d);
+ results[D_CBC_CAST][j]=((double)count)/d*lengths[j];
+ }
+ }
+#endif
+
+ RAND_bytes(buf,30);
+#ifndef NO_RSA
+ for (j=0; j<RSA_NUM; j++)
+ {
+ if (!rsa_doit[j]) continue;
+ pkey_print_message("private","rsa",rsa_c[j][0],rsa_bits[j],
+ RSA_SECONDS);
+/* RSA_blinding_on(rsa_key[j],NULL); */
+ Time_F(START);
+ for (count=0,run=1; COND(rsa_c[j][0]); count++)
+ {
+ rsa_num=RSA_private_encrypt(30,buf,buf2,rsa_key[j],
+ RSA_PKCS1_PADDING);
+ if (rsa_num <= 0)
+ {
+ BIO_printf(bio_err,"RSA private encrypt failure\n");
+ ERR_print_errors(bio_err);
+ count=1;
+ break;
+ }
+ }
+ d=Time_F(STOP);
+ BIO_printf(bio_err,"%ld %d bit private RSA's in %.2fs\n",
+ count,rsa_bits[j],d);
+ rsa_results[j][0]=d/(double)count;
+ rsa_count=count;
+
+#if 1
+ pkey_print_message("public","rsa",rsa_c[j][1],rsa_bits[j],
+ RSA_SECONDS);
+ Time_F(START);
+ for (count=0,run=1; COND(rsa_c[j][1]); count++)
+ {
+ rsa_num2=RSA_public_decrypt(rsa_num,buf2,buf,rsa_key[j],
+ RSA_PKCS1_PADDING);
+ if (rsa_num2 <= 0)
+ {
+ BIO_printf(bio_err,"RSA public encrypt failure\n");
+ ERR_print_errors(bio_err);
+ count=1;
+ break;
+ }
+ }
+ d=Time_F(STOP);
+ BIO_printf(bio_err,"%ld %d bit public RSA's in %.2fs\n",
+ count,rsa_bits[j],d);
+ rsa_results[j][1]=d/(double)count;
+#endif
+
+ if (rsa_count <= 1)
+ {
+ /* if longer than 10s, don't do any more */
+ for (j++; j<RSA_NUM; j++)
+ rsa_doit[j]=0;
+ }
+ }
+#endif
+
+ RAND_bytes(buf,20);
+#ifndef NO_DSA
+ for (j=0; j<DSA_NUM; j++)
+ {
+ unsigned int kk;
+
+ if (!dsa_doit[j]) continue;
+ DSA_generate_key(dsa_key[j]);
+/* DSA_sign_setup(dsa_key[j],NULL); */
+ pkey_print_message("sign","dsa",dsa_c[j][0],dsa_bits[j],
+ DSA_SECONDS);
+ Time_F(START);
+ for (count=0,run=1; COND(dsa_c[j][0]); count++)
+ {
+ rsa_num=DSA_sign(EVP_PKEY_DSA,buf,20,buf2,
+ &kk,dsa_key[j]);
+ if (rsa_num <= 0)
+ {
+ BIO_printf(bio_err,"DSA sign failure\n");
+ ERR_print_errors(bio_err);
+ count=1;
+ break;
+ }
+ }
+ d=Time_F(STOP);
+ BIO_printf(bio_err,"%ld %d bit DSA signs in %.2fs\n",
+ count,dsa_bits[j],d);
+ dsa_results[j][0]=d/(double)count;
+ rsa_count=count;
+
+ pkey_print_message("verify","dsa",dsa_c[j][1],dsa_bits[j],
+ DSA_SECONDS);
+ Time_F(START);
+ for (count=0,run=1; COND(dsa_c[j][1]); count++)
+ {
+ rsa_num2=DSA_verify(EVP_PKEY_DSA,buf,20,buf2,
+ kk,dsa_key[j]);
+ if (rsa_num2 <= 0)
+ {
+ BIO_printf(bio_err,"DSA verify failure\n");
+ ERR_print_errors(bio_err);
+ count=1;
+ break;
+ }
+ }
+ d=Time_F(STOP);
+ BIO_printf(bio_err,"%ld %d bit DSA verify in %.2fs\n",
+ count,dsa_bits[j],d);
+ dsa_results[j][1]=d/(double)count;
+
+ if (rsa_count <= 1)
+ {
+ /* if longer than 10s, don't do any more */
+ for (j++; j<DSA_NUM; j++)
+ dsa_doit[j]=0;
+ }
+ }
+#endif
+
+ fprintf(stdout,"%s\n",SSLeay_version(SSLEAY_VERSION));
+ fprintf(stdout,"%s\n",SSLeay_version(SSLEAY_BUILT_ON));
+ printf("options:");
+ printf("%s ",BN_options());
+#ifndef NO_MD2
+ printf("%s ",MD2_options());
+#endif
+#ifndef NO_RC4
+ printf("%s ",RC4_options());
+#endif
+#ifndef NO_DES
+ printf("%s ",des_options());
+#endif
+#ifndef NO_IDEA
+ printf("%s ",idea_options());
+#endif
+#ifndef NO_BLOWFISH
+ printf("%s ",BF_options());
+#endif
+ fprintf(stdout,"\n%s\n",SSLeay_version(SSLEAY_CFLAGS));
+
+ if (pr_header)
+ {
+ fprintf(stdout,"The 'numbers' are in 1000s of bytes per second processed.\n");
+ fprintf(stdout,"type ");
+ for (j=0; j<SIZE_NUM; j++)
+ fprintf(stdout,"%7d bytes",lengths[j]);
+ fprintf(stdout,"\n");
+ }
+
+ for (k=0; k<ALGOR_NUM; k++)
+ {
+ if (!doit[k]) continue;
+ fprintf(stdout,"%-13s",names[k]);
+ for (j=0; j<SIZE_NUM; j++)
+ {
+ if (results[k][j] > 10000)
+ fprintf(stdout," %11.2fk",results[k][j]/1e3);
+ else
+ fprintf(stdout," %11.2f ",results[k][j]);
+ }
+ fprintf(stdout,"\n");
+ }
+#ifndef NO_RSA
+ j=1;
+ for (k=0; k<RSA_NUM; k++)
+ {
+ if (!rsa_doit[k]) continue;
+ if (j)
+ {
+ printf("%18ssign verify sign/s verify/s\n"," ");
+ j=0;
+ }
+ fprintf(stdout,"rsa %4d bits %8.4fs %8.4fs %8.1f %8.1f",
+ rsa_bits[k],rsa_results[k][0],rsa_results[k][1],
+ 1.0/rsa_results[k][0],1.0/rsa_results[k][1]);
+ fprintf(stdout,"\n");
+ }
+#endif
+#ifndef NO_DSA
+ j=1;
+ for (k=0; k<DSA_NUM; k++)
+ {
+ if (!dsa_doit[k]) continue;
+ if (j) {
+ printf("%18ssign verify sign/s verify/s\n"," ");
+ j=0;
+ }
+ fprintf(stdout,"dsa %4d bits %8.4fs %8.4fs %8.1f %8.1f",
+ dsa_bits[k],dsa_results[k][0],dsa_results[k][1],
+ 1.0/dsa_results[k][0],1.0/dsa_results[k][1]);
+ fprintf(stdout,"\n");
+ }
+#endif
+ ret=0;
+end:
+ if (buf != NULL) Free(buf);
+ if (buf2 != NULL) Free(buf2);
+#ifndef NO_RSA
+ for (i=0; i<RSA_NUM; i++)
+ if (rsa_key[i] != NULL)
+ RSA_free(rsa_key[i]);
+#endif
+#ifndef NO_DSA
+ for (i=0; i<DSA_NUM; i++)
+ if (dsa_key[i] != NULL)
+ DSA_free(dsa_key[i]);
+#endif
+ EXIT(ret);
+ }
+
+static void print_message(s,num,length)
+char *s;
+long num;
+int length;
+ {
+#ifdef SIGALRM
+ BIO_printf(bio_err,"Doing %s for %ds on %d size blocks: ",s,SECONDS,length);
+ BIO_flush(bio_err);
+ alarm(SECONDS);
+#else
+ BIO_printf(bio_err,"Doing %s %ld times on %d size blocks: ",s,num,length);
+ BIO_flush(bio_err);
+#endif
+#ifdef LINT
+ num=num;
+#endif
+ }
+
+static void pkey_print_message(str,str2,num,bits,tm)
+char *str;
+char *str2;
+long num;
+int bits;
+int tm;
+ {
+#ifdef SIGALRM
+ BIO_printf(bio_err,"Doing %d bit %s %s's for %ds: ",bits,str,str2,tm);
+ BIO_flush(bio_err);
+ alarm(RSA_SECONDS);
+#else
+ BIO_printf(bio_err,"Doing %ld %d bit %s %s's: ",num,bits,str,str2);
+ BIO_flush(bio_err);
+#endif
+#ifdef LINT
+ num=num;
+#endif
+ }
+
diff --git a/src/lib/libssl/src/apps/testCA.pem b/src/lib/libssl/src/apps/testCA.pem
new file mode 100644
index 0000000000..dcb710aa9d
--- /dev/null
+++ b/src/lib/libssl/src/apps/testCA.pem
@@ -0,0 +1,8 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBBzCBsgIBADBNMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEX
+MBUGA1UEChMOTWluY29tIFB0eSBMdGQxEDAOBgNVBAMTB1RFU1QgQ0EwXDANBgkq
+hkiG9w0BAQEFAANLADBIAkEAzW9brgA8efT2ODB+NrsflJZj3KKqKsm4OrXTRqfL
+VETj1ws/zCXl42XJAxdWQMCP0liKfc9Ut4xi1qCVI7N07wIDAQABoAAwDQYJKoZI
+hvcNAQEEBQADQQBjZZ42Det9Uw0AFwJy4ufUEy5Cv74pxBp5SZnljgHY+Az0Hs2S
+uNkIegr2ITX5azKi9nOkg9ZmsmGG13FIjiC/
+-----END CERTIFICATE REQUEST-----
diff --git a/src/lib/libssl/src/apps/testdsa.h b/src/lib/libssl/src/apps/testdsa.h
new file mode 100644
index 0000000000..8e8aea617a
--- /dev/null
+++ b/src/lib/libssl/src/apps/testdsa.h
@@ -0,0 +1,155 @@
+/* NOCW */
+#ifndef NOPROTO
+DSA *get_dsa512(void );
+DSA *get_dsa1024(void );
+DSA *get_dsa2048(void );
+#else
+DSA *get_dsa512();
+DSA *get_dsa1024();
+DSA *get_dsa2048();
+#endif
+
+static unsigned char dsa512_p[]={
+ 0x9D,0x1B,0x69,0x8E,0x26,0xDB,0xF2,0x2B,0x11,0x70,0x19,0x86,
+ 0xF6,0x19,0xC8,0xF8,0x19,0xF2,0x18,0x53,0x94,0x46,0x06,0xD0,
+ 0x62,0x50,0x33,0x4B,0x02,0x3C,0x52,0x30,0x03,0x8B,0x3B,0xF9,
+ 0x5F,0xD1,0x24,0x06,0x4F,0x7B,0x4C,0xBA,0xAA,0x40,0x9B,0xFD,
+ 0x96,0xE4,0x37,0x33,0xBB,0x2D,0x5A,0xD7,0x5A,0x11,0x40,0x66,
+ 0xA2,0x76,0x7D,0x31,
+ };
+static unsigned char dsa512_q[]={
+ 0xFB,0x53,0xEF,0x50,0xB4,0x40,0x92,0x31,0x56,0x86,0x53,0x7A,
+ 0xE8,0x8B,0x22,0x9A,0x49,0xFB,0x71,0x8F,
+ };
+static unsigned char dsa512_g[]={
+ 0x83,0x3E,0x88,0xE5,0xC5,0x89,0x73,0xCE,0x3B,0x6C,0x01,0x49,
+ 0xBF,0xB3,0xC7,0x9F,0x0A,0xEA,0x44,0x91,0xE5,0x30,0xAA,0xD9,
+ 0xBE,0x5B,0x5F,0xB7,0x10,0xD7,0x89,0xB7,0x8E,0x74,0xFB,0xCF,
+ 0x29,0x1E,0xEB,0xA8,0x2C,0x54,0x51,0xB8,0x10,0xDE,0xA0,0xCE,
+ 0x2F,0xCC,0x24,0x6B,0x90,0x77,0xDE,0xA2,0x68,0xA6,0x52,0x12,
+ 0xA2,0x03,0x9D,0x20,
+ };
+
+DSA *get_dsa512()
+ {
+ DSA *dsa;
+
+ if ((dsa=DSA_new()) == NULL) return(NULL);
+ dsa->p=BN_bin2bn(dsa512_p,sizeof(dsa512_p),NULL);
+ dsa->q=BN_bin2bn(dsa512_q,sizeof(dsa512_q),NULL);
+ dsa->g=BN_bin2bn(dsa512_g,sizeof(dsa512_g),NULL);
+ if ((dsa->p == NULL) || (dsa->q == NULL) || (dsa->g == NULL))
+ return(NULL);
+ return(dsa);
+ }
+
+static unsigned char dsa1024_p[]={
+ 0xA7,0x3F,0x6E,0x85,0xBF,0x41,0x6A,0x29,0x7D,0xF0,0x9F,0x47,
+ 0x19,0x30,0x90,0x9A,0x09,0x1D,0xDA,0x6A,0x33,0x1E,0xC5,0x3D,
+ 0x86,0x96,0xB3,0x15,0xE0,0x53,0x2E,0x8F,0xE0,0x59,0x82,0x73,
+ 0x90,0x3E,0x75,0x31,0x99,0x47,0x7A,0x52,0xFB,0x85,0xE4,0xD9,
+ 0xA6,0x7B,0x38,0x9B,0x68,0x8A,0x84,0x9B,0x87,0xC6,0x1E,0xB5,
+ 0x7E,0x86,0x4B,0x53,0x5B,0x59,0xCF,0x71,0x65,0x19,0x88,0x6E,
+ 0xCE,0x66,0xAE,0x6B,0x88,0x36,0xFB,0xEC,0x28,0xDC,0xC2,0xD7,
+ 0xA5,0xBB,0xE5,0x2C,0x39,0x26,0x4B,0xDA,0x9A,0x70,0x18,0x95,
+ 0x37,0x95,0x10,0x56,0x23,0xF6,0x15,0xED,0xBA,0x04,0x5E,0xDE,
+ 0x39,0x4F,0xFD,0xB7,0x43,0x1F,0xB5,0xA4,0x65,0x6F,0xCD,0x80,
+ 0x11,0xE4,0x70,0x95,0x5B,0x50,0xCD,0x49,
+ };
+static unsigned char dsa1024_q[]={
+ 0xF7,0x07,0x31,0xED,0xFA,0x6C,0x06,0x03,0xD5,0x85,0x8A,0x1C,
+ 0xAC,0x9C,0x65,0xE7,0x50,0x66,0x65,0x6F,
+ };
+static unsigned char dsa1024_g[]={
+ 0x4D,0xDF,0x4C,0x03,0xA6,0x91,0x8A,0xF5,0x19,0x6F,0x50,0x46,
+ 0x25,0x99,0xE5,0x68,0x6F,0x30,0xE3,0x69,0xE1,0xE5,0xB3,0x5D,
+ 0x98,0xBB,0x28,0x86,0x48,0xFC,0xDE,0x99,0x04,0x3F,0x5F,0x88,
+ 0x0C,0x9C,0x73,0x24,0x0D,0x20,0x5D,0xB9,0x2A,0x9A,0x3F,0x18,
+ 0x96,0x27,0xE4,0x62,0x87,0xC1,0x7B,0x74,0x62,0x53,0xFC,0x61,
+ 0x27,0xA8,0x7A,0x91,0x09,0x9D,0xB6,0xF1,0x4D,0x9C,0x54,0x0F,
+ 0x58,0x06,0xEE,0x49,0x74,0x07,0xCE,0x55,0x7E,0x23,0xCE,0x16,
+ 0xF6,0xCA,0xDC,0x5A,0x61,0x01,0x7E,0xC9,0x71,0xB5,0x4D,0xF6,
+ 0xDC,0x34,0x29,0x87,0x68,0xF6,0x5E,0x20,0x93,0xB3,0xDB,0xF5,
+ 0xE4,0x09,0x6C,0x41,0x17,0x95,0x92,0xEB,0x01,0xB5,0x73,0xA5,
+ 0x6A,0x7E,0xD8,0x32,0xED,0x0E,0x02,0xB8,
+ };
+
+DSA *get_dsa1024()
+ {
+ DSA *dsa;
+
+ if ((dsa=DSA_new()) == NULL) return(NULL);
+ dsa->p=BN_bin2bn(dsa1024_p,sizeof(dsa1024_p),NULL);
+ dsa->q=BN_bin2bn(dsa1024_q,sizeof(dsa1024_q),NULL);
+ dsa->g=BN_bin2bn(dsa1024_g,sizeof(dsa1024_g),NULL);
+ if ((dsa->p == NULL) || (dsa->q == NULL) || (dsa->g == NULL))
+ return(NULL);
+ return(dsa);
+ }
+
+static unsigned char dsa2048_p[]={
+ 0xA0,0x25,0xFA,0xAD,0xF4,0x8E,0xB9,0xE5,0x99,0xF3,0x5D,0x6F,
+ 0x4F,0x83,0x34,0xE2,0x7E,0xCF,0x6F,0xBF,0x30,0xAF,0x6F,0x81,
+ 0xEB,0xF8,0xC4,0x13,0xD9,0xA0,0x5D,0x8B,0x5C,0x8E,0xDC,0xC2,
+ 0x1D,0x0B,0x41,0x32,0xB0,0x1F,0xFE,0xEF,0x0C,0xC2,0xA2,0x7E,
+ 0x68,0x5C,0x28,0x21,0xE9,0xF5,0xB1,0x58,0x12,0x63,0x4C,0x19,
+ 0x4E,0xFF,0x02,0x4B,0x92,0xED,0xD2,0x07,0x11,0x4D,0x8C,0x58,
+ 0x16,0x5C,0x55,0x8E,0xAD,0xA3,0x67,0x7D,0xB9,0x86,0x6E,0x0B,
+ 0xE6,0x54,0x6F,0x40,0xAE,0x0E,0x67,0x4C,0xF9,0x12,0x5B,0x3C,
+ 0x08,0x7A,0xF7,0xFC,0x67,0x86,0x69,0xE7,0x0A,0x94,0x40,0xBF,
+ 0x8B,0x76,0xFE,0x26,0xD1,0xF2,0xA1,0x1A,0x84,0xA1,0x43,0x56,
+ 0x28,0xBC,0x9A,0x5F,0xD7,0x3B,0x69,0x89,0x8A,0x36,0x2C,0x51,
+ 0xDF,0x12,0x77,0x2F,0x57,0x7B,0xA0,0xAA,0xDD,0x7F,0xA1,0x62,
+ 0x3B,0x40,0x7B,0x68,0x1A,0x8F,0x0D,0x38,0xBB,0x21,0x5D,0x18,
+ 0xFC,0x0F,0x46,0xF7,0xA3,0xB0,0x1D,0x23,0xC3,0xD2,0xC7,0x72,
+ 0x51,0x18,0xDF,0x46,0x95,0x79,0xD9,0xBD,0xB5,0x19,0x02,0x2C,
+ 0x87,0xDC,0xE7,0x57,0x82,0x7E,0xF1,0x8B,0x06,0x3D,0x00,0xA5,
+ 0x7B,0x6B,0x26,0x27,0x91,0x0F,0x6A,0x77,0xE4,0xD5,0x04,0xE4,
+ 0x12,0x2C,0x42,0xFF,0xD2,0x88,0xBB,0xD3,0x92,0xA0,0xF9,0xC8,
+ 0x51,0x64,0x14,0x5C,0xD8,0xF9,0x6C,0x47,0x82,0xB4,0x1C,0x7F,
+ 0x09,0xB8,0xF0,0x25,0x83,0x1D,0x3F,0x3F,0x05,0xB3,0x21,0x0A,
+ 0x5D,0xA7,0xD8,0x54,0xC3,0x65,0x7D,0xC3,0xB0,0x1D,0xBF,0xAE,
+ 0xF8,0x68,0xCF,0x9B,
+ };
+static unsigned char dsa2048_q[]={
+ 0x97,0xE7,0x33,0x4D,0xD3,0x94,0x3E,0x0B,0xDB,0x62,0x74,0xC6,
+ 0xA1,0x08,0xDD,0x19,0xA3,0x75,0x17,0x1B,
+ };
+static unsigned char dsa2048_g[]={
+ 0x2C,0x78,0x16,0x59,0x34,0x63,0xF4,0xF3,0x92,0xFC,0xB5,0xA5,
+ 0x4F,0x13,0xDE,0x2F,0x1C,0xA4,0x3C,0xAE,0xAD,0x38,0x3F,0x7E,
+ 0x90,0xBF,0x96,0xA6,0xAE,0x25,0x90,0x72,0xF5,0x8E,0x80,0x0C,
+ 0x39,0x1C,0xD9,0xEC,0xBA,0x90,0x5B,0x3A,0xE8,0x58,0x6C,0x9E,
+ 0x30,0x42,0x37,0x02,0x31,0x82,0xBC,0x6A,0xDF,0x6A,0x09,0x29,
+ 0xE3,0xC0,0x46,0xD1,0xCB,0x85,0xEC,0x0C,0x30,0x5E,0xEA,0xC8,
+ 0x39,0x8E,0x22,0x9F,0x22,0x10,0xD2,0x34,0x61,0x68,0x37,0x3D,
+ 0x2E,0x4A,0x5B,0x9A,0xF5,0xC1,0x48,0xC6,0xF6,0xDC,0x63,0x1A,
+ 0xD3,0x96,0x64,0xBA,0x34,0xC9,0xD1,0xA0,0xD1,0xAE,0x6C,0x2F,
+ 0x48,0x17,0x93,0x14,0x43,0xED,0xF0,0x21,0x30,0x19,0xC3,0x1B,
+ 0x5F,0xDE,0xA3,0xF0,0x70,0x78,0x18,0xE1,0xA8,0xE4,0xEE,0x2E,
+ 0x00,0xA5,0xE4,0xB3,0x17,0xC8,0x0C,0x7D,0x6E,0x42,0xDC,0xB7,
+ 0x46,0x00,0x36,0x4D,0xD4,0x46,0xAA,0x3D,0x3C,0x46,0x89,0x40,
+ 0xBF,0x1D,0x84,0x77,0x0A,0x75,0xF3,0x87,0x1D,0x08,0x4C,0xA6,
+ 0xD1,0xA9,0x1C,0x1E,0x12,0x1E,0xE1,0xC7,0x30,0x28,0x76,0xA5,
+ 0x7F,0x6C,0x85,0x96,0x2B,0x6F,0xDB,0x80,0x66,0x26,0xAE,0xF5,
+ 0x93,0xC7,0x8E,0xAE,0x9A,0xED,0xE4,0xCA,0x04,0xEA,0x3B,0x72,
+ 0xEF,0xDC,0x87,0xED,0x0D,0xA5,0x4C,0x4A,0xDD,0x71,0x22,0x64,
+ 0x59,0x69,0x4E,0x8E,0xBF,0x43,0xDC,0xAB,0x8E,0x66,0xBB,0x01,
+ 0xB6,0xF4,0xE7,0xFD,0xD2,0xAD,0x9F,0x36,0xC1,0xA0,0x29,0x99,
+ 0xD1,0x96,0x70,0x59,0x06,0x78,0x35,0xBD,0x65,0x55,0x52,0x9E,
+ 0xF8,0xB2,0xE5,0x38,
+ };
+
+DSA *get_dsa2048()
+ {
+ DSA *dsa;
+
+ if ((dsa=DSA_new()) == NULL) return(NULL);
+ dsa->p=BN_bin2bn(dsa2048_p,sizeof(dsa2048_p),NULL);
+ dsa->q=BN_bin2bn(dsa2048_q,sizeof(dsa2048_q),NULL);
+ dsa->g=BN_bin2bn(dsa2048_g,sizeof(dsa2048_g),NULL);
+ if ((dsa->p == NULL) || (dsa->q == NULL) || (dsa->g == NULL))
+ return(NULL);
+ return(dsa);
+ }
+
diff --git a/src/lib/libssl/src/apps/testrsa.h b/src/lib/libssl/src/apps/testrsa.h
new file mode 100644
index 0000000000..9a0e811c73
--- /dev/null
+++ b/src/lib/libssl/src/apps/testrsa.h
@@ -0,0 +1,517 @@
+/* apps/testrsa.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+static unsigned char test512[]={
+ 0x30,0x82,0x01,0x3a,0x02,0x01,0x00,0x02,0x41,0x00,
+ 0xd6,0x33,0xb9,0xc8,0xfb,0x4f,0x3c,0x7d,0xc0,0x01,
+ 0x86,0xd0,0xe7,0xa0,0x55,0xf2,0x95,0x93,0xcc,0x4f,
+ 0xb7,0x5b,0x67,0x5b,0x94,0x68,0xc9,0x34,0x15,0xde,
+ 0xa5,0x2e,0x1c,0x33,0xc2,0x6e,0xfc,0x34,0x5e,0x71,
+ 0x13,0xb7,0xd6,0xee,0xd8,0xa5,0x65,0x05,0x72,0x87,
+ 0xa8,0xb0,0x77,0xfe,0x57,0xf5,0xfc,0x5f,0x55,0x83,
+ 0x87,0xdd,0x57,0x49,0x02,0x03,0x01,0x00,0x01,0x02,
+ 0x41,0x00,0xa7,0xf7,0x91,0xc5,0x0f,0x84,0x57,0xdc,
+ 0x07,0xf7,0x6a,0x7f,0x60,0x52,0xb3,0x72,0xf1,0x66,
+ 0x1f,0x7d,0x97,0x3b,0x9e,0xb6,0x0a,0x8f,0x8c,0xcf,
+ 0x42,0x23,0x00,0x04,0xd4,0x28,0x0e,0x1c,0x90,0xc4,
+ 0x11,0x25,0x25,0xa5,0x93,0xa5,0x2f,0x70,0x02,0xdf,
+ 0x81,0x9c,0x49,0x03,0xa0,0xf8,0x6d,0x54,0x2e,0x26,
+ 0xde,0xaa,0x85,0x59,0xa8,0x31,0x02,0x21,0x00,0xeb,
+ 0x47,0xd7,0x3b,0xf6,0xc3,0xdd,0x5a,0x46,0xc5,0xb9,
+ 0x2b,0x9a,0xa0,0x09,0x8f,0xa6,0xfb,0xf3,0x78,0x7a,
+ 0x33,0x70,0x9d,0x0f,0x42,0x6b,0x13,0x68,0x24,0xd3,
+ 0x15,0x02,0x21,0x00,0xe9,0x10,0xb0,0xb3,0x0d,0xe2,
+ 0x82,0x68,0x77,0x8a,0x6e,0x7c,0xda,0xbc,0x3e,0x53,
+ 0x83,0xfb,0xd6,0x22,0xe7,0xb5,0xae,0x6e,0x80,0xda,
+ 0x00,0x55,0x97,0xc1,0xd0,0x65,0x02,0x20,0x4c,0xf8,
+ 0x73,0xb1,0x6a,0x49,0x29,0x61,0x1f,0x46,0x10,0x0d,
+ 0xf3,0xc7,0xe7,0x58,0xd7,0x88,0x15,0x5e,0x94,0x9b,
+ 0xbf,0x7b,0xa2,0x42,0x58,0x45,0x41,0x0c,0xcb,0x01,
+ 0x02,0x20,0x12,0x11,0xba,0x31,0x57,0x9d,0x3d,0x11,
+ 0x0e,0x5b,0x8c,0x2f,0x5f,0xe2,0x02,0x4f,0x05,0x47,
+ 0x8c,0x15,0x8e,0xb3,0x56,0x3f,0xb8,0xfb,0xad,0xd4,
+ 0xf4,0xfc,0x10,0xc5,0x02,0x20,0x18,0xa1,0x29,0x99,
+ 0x5b,0xd9,0xc8,0xd4,0xfc,0x49,0x7a,0x2a,0x21,0x2c,
+ 0x49,0xe4,0x4f,0xeb,0xef,0x51,0xf1,0xab,0x6d,0xfb,
+ 0x4b,0x14,0xe9,0x4b,0x52,0xb5,0x82,0x2c,
+ };
+
+static unsigned char test1024[]={
+ 0x30,0x82,0x02,0x5c,0x02,0x01,0x00,0x02,0x81,0x81,
+ 0x00,0xdc,0x98,0x43,0xe8,0x3d,0x43,0x5b,0xe4,0x05,
+ 0xcd,0xd0,0xa9,0x3e,0xcb,0x83,0x75,0xf6,0xb5,0xa5,
+ 0x9f,0x6b,0xe9,0x34,0x41,0x29,0x18,0xfa,0x6a,0x55,
+ 0x4d,0x70,0xfc,0xec,0xae,0x87,0x38,0x0a,0x20,0xa9,
+ 0xc0,0x45,0x77,0x6e,0x57,0x60,0x57,0xf4,0xed,0x96,
+ 0x22,0xcb,0x8f,0xe1,0x33,0x3a,0x17,0x1f,0xed,0x37,
+ 0xa5,0x6f,0xeb,0xa6,0xbc,0x12,0x80,0x1d,0x53,0xbd,
+ 0x70,0xeb,0x21,0x76,0x3e,0xc9,0x2f,0x1a,0x45,0x24,
+ 0x82,0xff,0xcd,0x59,0x32,0x06,0x2e,0x12,0x3b,0x23,
+ 0x78,0xed,0x12,0x3d,0xe0,0x8d,0xf9,0x67,0x4f,0x37,
+ 0x4e,0x47,0x02,0x4c,0x2d,0xc0,0x4f,0x1f,0xb3,0x94,
+ 0xe1,0x41,0x2e,0x2d,0x90,0x10,0xfc,0x82,0x91,0x8b,
+ 0x0f,0x22,0xd4,0xf2,0xfc,0x2c,0xab,0x53,0x55,0x02,
+ 0x03,0x01,0x00,0x01,0x02,0x81,0x80,0x2b,0xcc,0x3f,
+ 0x8f,0x58,0xba,0x8b,0x00,0x16,0xf6,0xea,0x3a,0xf0,
+ 0x30,0xd0,0x05,0x17,0xda,0xb0,0xeb,0x9a,0x2d,0x4f,
+ 0x26,0xb0,0xd6,0x38,0xc1,0xeb,0xf5,0xd8,0x3d,0x1f,
+ 0x70,0xf7,0x7f,0xf4,0xe2,0xcf,0x51,0x51,0x79,0x88,
+ 0xfa,0xe8,0x32,0x0e,0x7b,0x2d,0x97,0xf2,0xfa,0xba,
+ 0x27,0xc5,0x9c,0xd9,0xc5,0xeb,0x8a,0x79,0x52,0x3c,
+ 0x64,0x34,0x7d,0xc2,0xcf,0x28,0xc7,0x4e,0xd5,0x43,
+ 0x0b,0xd1,0xa6,0xca,0x6d,0x03,0x2d,0x72,0x23,0xbc,
+ 0x6d,0x05,0xfa,0x16,0x09,0x2f,0x2e,0x5c,0xb6,0xee,
+ 0x74,0xdd,0xd2,0x48,0x8e,0x36,0x0c,0x06,0x3d,0x4d,
+ 0xe5,0x10,0x82,0xeb,0x6a,0xf3,0x4b,0x9f,0xd6,0xed,
+ 0x11,0xb1,0x6e,0xec,0xf4,0xfe,0x8e,0x75,0x94,0x20,
+ 0x2f,0xcb,0xac,0x46,0xf1,0x02,0x41,0x00,0xf9,0x8c,
+ 0xa3,0x85,0xb1,0xdd,0x29,0xaf,0x65,0xc1,0x33,0xf3,
+ 0x95,0xc5,0x52,0x68,0x0b,0xd4,0xf1,0xe5,0x0e,0x02,
+ 0x9f,0x4f,0xfa,0x77,0xdc,0x46,0x9e,0xc7,0xa6,0xe4,
+ 0x16,0x29,0xda,0xb0,0x07,0xcf,0x5b,0xa9,0x12,0x8a,
+ 0xdd,0x63,0x0a,0xde,0x2e,0x8c,0x66,0x8b,0x8c,0xdc,
+ 0x19,0xa3,0x7e,0xf4,0x3b,0xd0,0x1a,0x8c,0xa4,0xc2,
+ 0xe1,0xd3,0x02,0x41,0x00,0xe2,0x4c,0x05,0xf2,0x04,
+ 0x86,0x4e,0x61,0x43,0xdb,0xb0,0xb9,0x96,0x86,0x52,
+ 0x2c,0xca,0x8d,0x7b,0xab,0x0b,0x13,0x0d,0x7e,0x38,
+ 0x5b,0xe2,0x2e,0x7b,0x0e,0xe7,0x19,0x99,0x38,0xe7,
+ 0xf2,0x21,0xbd,0x85,0x85,0xe3,0xfd,0x28,0x77,0x20,
+ 0x31,0x71,0x2c,0xd0,0xff,0xfb,0x2e,0xaf,0x85,0xb4,
+ 0x86,0xca,0xf3,0xbb,0xca,0xaa,0x0f,0x95,0x37,0x02,
+ 0x40,0x0e,0x41,0x9a,0x95,0xe8,0xb3,0x59,0xce,0x4b,
+ 0x61,0xde,0x35,0xec,0x38,0x79,0x9c,0xb8,0x10,0x52,
+ 0x41,0x63,0xab,0x82,0xae,0x6f,0x00,0xa9,0xf4,0xde,
+ 0xdd,0x49,0x0b,0x7e,0xb8,0xa5,0x65,0xa9,0x0c,0x8f,
+ 0x8f,0xf9,0x1f,0x35,0xc6,0x92,0xb8,0x5e,0xb0,0x66,
+ 0xab,0x52,0x40,0xc0,0xb6,0x36,0x6a,0x7d,0x80,0x46,
+ 0x04,0x02,0xe5,0x9f,0x41,0x02,0x41,0x00,0xc0,0xad,
+ 0xcc,0x4e,0x21,0xee,0x1d,0x24,0x91,0xfb,0xa7,0x80,
+ 0x8d,0x9a,0xb6,0xb3,0x2e,0x8f,0xc2,0xe1,0x82,0xdf,
+ 0x69,0x18,0xb4,0x71,0xff,0xa6,0x65,0xde,0xed,0x84,
+ 0x8d,0x42,0xb7,0xb3,0x21,0x69,0x56,0x1c,0x07,0x60,
+ 0x51,0x29,0x04,0xff,0x34,0x06,0xdd,0xb9,0x67,0x2c,
+ 0x7c,0x04,0x93,0x0e,0x46,0x15,0xbb,0x2a,0xb7,0x1b,
+ 0xe7,0x87,0x02,0x40,0x78,0xda,0x5d,0x07,0x51,0x0c,
+ 0x16,0x7a,0x9f,0x29,0x20,0x84,0x0d,0x42,0xfa,0xd7,
+ 0x00,0xd8,0x77,0x7e,0xb0,0xb0,0x6b,0xd6,0x5b,0x53,
+ 0xb8,0x9b,0x7a,0xcd,0xc7,0x2b,0xb8,0x6a,0x63,0xa9,
+ 0xfb,0x6f,0xa4,0x72,0xbf,0x4c,0x5d,0x00,0x14,0xba,
+ 0xfa,0x59,0x88,0xed,0xe4,0xe0,0x8c,0xa2,0xec,0x14,
+ 0x7e,0x2d,0xe2,0xf0,0x46,0x49,0x95,0x45,
+ };
+
+static unsigned char test2048[]={
+ 0x30,0x82,0x04,0xa3,0x02,0x01,0x00,0x02,0x82,0x01,
+ 0x01,0x00,0xc0,0xc0,0xce,0x3e,0x3c,0x53,0x67,0x3f,
+ 0x4f,0xc5,0x2f,0xa4,0xc2,0x5a,0x2f,0x58,0xfd,0x27,
+ 0x52,0x6a,0xe8,0xcf,0x4a,0x73,0x47,0x8d,0x25,0x0f,
+ 0x5f,0x03,0x26,0x78,0xef,0xf0,0x22,0x12,0xd3,0xde,
+ 0x47,0xb2,0x1c,0x0b,0x38,0x63,0x1a,0x6c,0x85,0x7a,
+ 0x80,0xc6,0x8f,0xa0,0x41,0xaf,0x62,0xc4,0x67,0x32,
+ 0x88,0xf8,0xa6,0x9c,0xf5,0x23,0x1d,0xe4,0xac,0x3f,
+ 0x29,0xf9,0xec,0xe1,0x8b,0x26,0x03,0x2c,0xb2,0xab,
+ 0xf3,0x7d,0xb5,0xca,0x49,0xc0,0x8f,0x1c,0xdf,0x33,
+ 0x3a,0x60,0xda,0x3c,0xb0,0x16,0xf8,0xa9,0x12,0x8f,
+ 0x64,0xac,0x23,0x0c,0x69,0x64,0x97,0x5d,0x99,0xd4,
+ 0x09,0x83,0x9b,0x61,0xd3,0xac,0xf0,0xde,0xdd,0x5e,
+ 0x9f,0x44,0x94,0xdb,0x3a,0x4d,0x97,0xe8,0x52,0x29,
+ 0xf7,0xdb,0x94,0x07,0x45,0x90,0x78,0x1e,0x31,0x0b,
+ 0x80,0xf7,0x57,0xad,0x1c,0x79,0xc5,0xcb,0x32,0xb0,
+ 0xce,0xcd,0x74,0xb3,0xe2,0x94,0xc5,0x78,0x2f,0x34,
+ 0x1a,0x45,0xf7,0x8c,0x52,0xa5,0xbc,0x8d,0xec,0xd1,
+ 0x2f,0x31,0x3b,0xf0,0x49,0x59,0x5e,0x88,0x9d,0x15,
+ 0x92,0x35,0x32,0xc1,0xe7,0x61,0xec,0x50,0x48,0x7c,
+ 0xba,0x05,0xf9,0xf8,0xf8,0xa7,0x8c,0x83,0xe8,0x66,
+ 0x5b,0xeb,0xfe,0xd8,0x4f,0xdd,0x6d,0x36,0xc0,0xb2,
+ 0x90,0x0f,0xb8,0x52,0xf9,0x04,0x9b,0x40,0x2c,0x27,
+ 0xd6,0x36,0x8e,0xc2,0x1b,0x44,0xf3,0x92,0xd5,0x15,
+ 0x9e,0x9a,0xbc,0xf3,0x7d,0x03,0xd7,0x02,0x14,0x20,
+ 0xe9,0x10,0x92,0xfd,0xf9,0xfc,0x8f,0xe5,0x18,0xe1,
+ 0x95,0xcc,0x9e,0x60,0xa6,0xfa,0x38,0x4d,0x02,0x03,
+ 0x01,0x00,0x01,0x02,0x82,0x01,0x00,0x00,0xc3,0xc3,
+ 0x0d,0xb4,0x27,0x90,0x8d,0x4b,0xbf,0xb8,0x84,0xaa,
+ 0xd0,0xb8,0xc7,0x5d,0x99,0xbe,0x55,0xf6,0x3e,0x7c,
+ 0x49,0x20,0xcb,0x8a,0x8e,0x19,0x0e,0x66,0x24,0xac,
+ 0xaf,0x03,0x33,0x97,0xeb,0x95,0xd5,0x3b,0x0f,0x40,
+ 0x56,0x04,0x50,0xd1,0xe6,0xbe,0x84,0x0b,0x25,0xd3,
+ 0x9c,0xe2,0x83,0x6c,0xf5,0x62,0x5d,0xba,0x2b,0x7d,
+ 0x3d,0x7a,0x6c,0xe1,0xd2,0x0e,0x54,0x93,0x80,0x01,
+ 0x91,0x51,0x09,0xe8,0x5b,0x8e,0x47,0xbd,0x64,0xe4,
+ 0x0e,0x03,0x83,0x55,0xcf,0x5a,0x37,0xf0,0x25,0xb5,
+ 0x7d,0x21,0xd7,0x69,0xdf,0x6f,0xc2,0xcf,0x10,0xc9,
+ 0x8a,0x40,0x9f,0x7a,0x70,0xc0,0xe8,0xe8,0xc0,0xe6,
+ 0x9a,0x15,0x0a,0x8d,0x4e,0x46,0xcb,0x7a,0xdb,0xb3,
+ 0xcb,0x83,0x02,0xc4,0xf0,0xab,0xeb,0x02,0x01,0x0e,
+ 0x23,0xfc,0x1d,0xc4,0xbd,0xd4,0xaa,0x5d,0x31,0x46,
+ 0x99,0xce,0x9e,0xf8,0x04,0x75,0x10,0x67,0xc4,0x53,
+ 0x47,0x44,0xfa,0xc2,0x25,0x73,0x7e,0xd0,0x8e,0x59,
+ 0xd1,0xb2,0x5a,0xf4,0xc7,0x18,0x92,0x2f,0x39,0xab,
+ 0xcd,0xa3,0xb5,0xc2,0xb9,0xc7,0xb9,0x1b,0x9f,0x48,
+ 0xfa,0x13,0xc6,0x98,0x4d,0xca,0x84,0x9c,0x06,0xca,
+ 0xe7,0x89,0x01,0x04,0xc4,0x6c,0xfd,0x29,0x59,0x35,
+ 0xe7,0xf3,0xdd,0xce,0x64,0x59,0xbf,0x21,0x13,0xa9,
+ 0x9f,0x0e,0xc5,0xff,0xbd,0x33,0x00,0xec,0xac,0x6b,
+ 0x11,0xef,0x51,0x5e,0xad,0x07,0x15,0xde,0xb8,0x5f,
+ 0xc6,0xb9,0xa3,0x22,0x65,0x46,0x83,0x14,0xdf,0xd0,
+ 0xf1,0x44,0x8a,0xe1,0x9c,0x23,0x33,0xb4,0x97,0x33,
+ 0xe6,0x6b,0x81,0x02,0x81,0x81,0x00,0xec,0x12,0xa7,
+ 0x59,0x74,0x6a,0xde,0x3e,0xad,0xd8,0x36,0x80,0x50,
+ 0xa2,0xd5,0x21,0x81,0x07,0xf1,0xd0,0x91,0xf2,0x6c,
+ 0x12,0x2f,0x9d,0x1a,0x26,0xf8,0x30,0x65,0xdf,0xe8,
+ 0xc0,0x9b,0x6a,0x30,0x98,0x82,0x87,0xec,0xa2,0x56,
+ 0x87,0x62,0x6f,0xe7,0x9f,0xf6,0x56,0xe6,0x71,0x8f,
+ 0x49,0x86,0x93,0x5a,0x4d,0x34,0x58,0xfe,0xd9,0x04,
+ 0x13,0xaf,0x79,0xb7,0xad,0x11,0xd1,0x30,0x9a,0x14,
+ 0x06,0xa0,0xfa,0xb7,0x55,0xdc,0x6c,0x5a,0x4c,0x2c,
+ 0x59,0x56,0xf6,0xe8,0x9d,0xaf,0x0a,0x78,0x99,0x06,
+ 0x06,0x9e,0xe7,0x9c,0x51,0x55,0x43,0xfc,0x3b,0x6c,
+ 0x0b,0xbf,0x2d,0x41,0xa7,0xaf,0xb7,0xe0,0xe8,0x28,
+ 0x18,0xb4,0x13,0xd1,0xe6,0x97,0xd0,0x9f,0x6a,0x80,
+ 0xca,0xdd,0x1a,0x7e,0x15,0x02,0x81,0x81,0x00,0xd1,
+ 0x06,0x0c,0x1f,0xe3,0xd0,0xab,0xd6,0xca,0x7c,0xbc,
+ 0x7d,0x13,0x35,0xce,0x27,0xcd,0xd8,0x49,0x51,0x63,
+ 0x64,0x0f,0xca,0x06,0x12,0xfc,0x07,0x3e,0xaf,0x61,
+ 0x6d,0xe2,0x53,0x39,0x27,0xae,0xc3,0x11,0x9e,0x94,
+ 0x01,0x4f,0xe3,0xf3,0x67,0xf9,0x77,0xf9,0xe7,0x95,
+ 0x3a,0x6f,0xe2,0x20,0x73,0x3e,0xa4,0x7a,0x28,0xd4,
+ 0x61,0x97,0xf6,0x17,0xa0,0x23,0x10,0x2b,0xce,0x84,
+ 0x57,0x7e,0x25,0x1f,0xf4,0xa8,0x54,0xd2,0x65,0x94,
+ 0xcc,0x95,0x0a,0xab,0x30,0xc1,0x59,0x1f,0x61,0x8e,
+ 0xb9,0x6b,0xd7,0x4e,0xb9,0x83,0x43,0x79,0x85,0x11,
+ 0xbc,0x0f,0xae,0x25,0x20,0x05,0xbc,0xd2,0x48,0xa1,
+ 0x68,0x09,0x84,0xf6,0x12,0x9a,0x66,0xb9,0x2b,0xbb,
+ 0x76,0x03,0x17,0x46,0x4e,0x97,0x59,0x02,0x81,0x80,
+ 0x09,0x4c,0xfa,0xd6,0xe5,0x65,0x48,0x78,0x43,0xb5,
+ 0x1f,0x00,0x93,0x2c,0xb7,0x24,0xe8,0xc6,0x7d,0x5a,
+ 0x70,0x45,0x92,0xc8,0x6c,0xa3,0xcd,0xe1,0xf7,0x29,
+ 0x40,0xfa,0x3f,0x5b,0x47,0x44,0x39,0xc1,0xe8,0x72,
+ 0x9e,0x7a,0x0e,0xda,0xaa,0xa0,0x2a,0x09,0xfd,0x54,
+ 0x93,0x23,0xaa,0x37,0x85,0x5b,0xcc,0xd4,0xf9,0xd8,
+ 0xff,0xc1,0x61,0x0d,0xbd,0x7e,0x18,0x24,0x73,0x6d,
+ 0x40,0x72,0xf1,0x93,0x09,0x48,0x97,0x6c,0x84,0x90,
+ 0xa8,0x46,0x14,0x01,0x39,0x11,0xe5,0x3c,0x41,0x27,
+ 0x32,0x75,0x24,0xed,0xa1,0xd9,0x12,0x29,0x8a,0x28,
+ 0x71,0x89,0x8d,0xca,0x30,0xb0,0x01,0xc4,0x2f,0x82,
+ 0x19,0x14,0x4c,0x70,0x1c,0xb8,0x23,0x2e,0xe8,0x90,
+ 0x49,0x97,0x92,0x97,0x6b,0x7a,0x9d,0xb9,0x02,0x81,
+ 0x80,0x0f,0x0e,0xa1,0x76,0xf6,0xa1,0x44,0x8f,0xaf,
+ 0x7c,0x76,0xd3,0x87,0xbb,0xbb,0x83,0x10,0x88,0x01,
+ 0x18,0x14,0xd1,0xd3,0x75,0x59,0x24,0xaa,0xf5,0x16,
+ 0xa5,0xe9,0x9d,0xd1,0xcc,0xee,0xf4,0x15,0xd9,0xc5,
+ 0x7e,0x27,0xe9,0x44,0x49,0x06,0x72,0xb9,0xfc,0xd3,
+ 0x8a,0xc4,0x2c,0x36,0x7d,0x12,0x9b,0x5a,0xaa,0xdc,
+ 0x85,0xee,0x6e,0xad,0x54,0xb3,0xf4,0xfc,0x31,0xa1,
+ 0x06,0x3a,0x70,0x57,0x0c,0xf3,0x95,0x5b,0x3e,0xe8,
+ 0xfd,0x1a,0x4f,0xf6,0x78,0x93,0x46,0x6a,0xd7,0x31,
+ 0xb4,0x84,0x64,0x85,0x09,0x38,0x89,0x92,0x94,0x1c,
+ 0xbf,0xe2,0x3c,0x2a,0xe0,0xff,0x99,0xa3,0xf0,0x2b,
+ 0x31,0xc2,0x36,0xcd,0x60,0xbf,0x9d,0x2d,0x74,0x32,
+ 0xe8,0x9c,0x93,0x6e,0xbb,0x91,0x7b,0xfd,0xd9,0x02,
+ 0x81,0x81,0x00,0xa2,0x71,0x25,0x38,0xeb,0x2a,0xe9,
+ 0x37,0xcd,0xfe,0x44,0xce,0x90,0x3f,0x52,0x87,0x84,
+ 0x52,0x1b,0xae,0x8d,0x22,0x94,0xce,0x38,0xe6,0x04,
+ 0x88,0x76,0x85,0x9a,0xd3,0x14,0x09,0xe5,0x69,0x9a,
+ 0xff,0x58,0x92,0x02,0x6a,0x7d,0x7c,0x1e,0x2c,0xfd,
+ 0xa8,0xca,0x32,0x14,0x4f,0x0d,0x84,0x0d,0x37,0x43,
+ 0xbf,0xe4,0x5d,0x12,0xc8,0x24,0x91,0x27,0x8d,0x46,
+ 0xd9,0x54,0x53,0xe7,0x62,0x71,0xa8,0x2b,0x71,0x41,
+ 0x8d,0x75,0xf8,0x3a,0xa0,0x61,0x29,0x46,0xa6,0xe5,
+ 0x82,0xfa,0x3a,0xd9,0x08,0xfa,0xfc,0x63,0xfd,0x6b,
+ 0x30,0xbc,0xf4,0x4e,0x9e,0x8c,0x25,0x0c,0xb6,0x55,
+ 0xe7,0x3c,0xd4,0x4e,0x0b,0xfd,0x8b,0xc3,0x0e,0x1d,
+ 0x9c,0x44,0x57,0x8f,0x1f,0x86,0xf7,0xd5,0x1b,0xe4,
+ 0x95,
+ };
+
+static unsigned char test4096[]={
+ 0x30,0x82,0x09,0x29,0x02,0x01,0x00,0x02,0x82,0x02,
+ 0x01,0x00,0xc0,0x71,0xac,0x1a,0x13,0x88,0x82,0x43,
+ 0x3b,0x51,0x57,0x71,0x8d,0xb6,0x2b,0x82,0x65,0x21,
+ 0x53,0x5f,0x28,0x29,0x4f,0x8d,0x7c,0x8a,0xb9,0x44,
+ 0xb3,0x28,0x41,0x4f,0xd3,0xfa,0x6a,0xf8,0xb9,0x28,
+ 0x50,0x39,0x67,0x53,0x2c,0x3c,0xd7,0xcb,0x96,0x41,
+ 0x40,0x32,0xbb,0xeb,0x70,0xae,0x1f,0xb0,0x65,0xf7,
+ 0x3a,0xd9,0x22,0xfd,0x10,0xae,0xbd,0x02,0xe2,0xdd,
+ 0xf3,0xc2,0x79,0x3c,0xc6,0xfc,0x75,0xbb,0xaf,0x4e,
+ 0x3a,0x36,0xc2,0x4f,0xea,0x25,0xdf,0x13,0x16,0x4b,
+ 0x20,0xfe,0x4b,0x69,0x16,0xc4,0x7f,0x1a,0x43,0xa6,
+ 0x17,0x1b,0xb9,0x0a,0xf3,0x09,0x86,0x28,0x89,0xcf,
+ 0x2c,0xd0,0xd4,0x81,0xaf,0xc6,0x6d,0xe6,0x21,0x8d,
+ 0xee,0xef,0xea,0xdc,0xb7,0xc6,0x3b,0x63,0x9f,0x0e,
+ 0xad,0x89,0x78,0x23,0x18,0xbf,0x70,0x7e,0x84,0xe0,
+ 0x37,0xec,0xdb,0x8e,0x9c,0x3e,0x6a,0x19,0xcc,0x99,
+ 0x72,0xe6,0xb5,0x7d,0x6d,0xfa,0xe5,0xd3,0xe4,0x90,
+ 0xb5,0xb2,0xb2,0x12,0x70,0x4e,0xca,0xf8,0x10,0xf8,
+ 0xa3,0x14,0xc2,0x48,0x19,0xeb,0x60,0x99,0xbb,0x2a,
+ 0x1f,0xb1,0x7a,0xb1,0x3d,0x24,0xfb,0xa0,0x29,0xda,
+ 0xbd,0x1b,0xd7,0xa4,0xbf,0xef,0x60,0x2d,0x22,0xca,
+ 0x65,0x98,0xf1,0xc4,0xe1,0xc9,0x02,0x6b,0x16,0x28,
+ 0x2f,0xa1,0xaa,0x79,0x00,0xda,0xdc,0x7c,0x43,0xf7,
+ 0x42,0x3c,0xa0,0xef,0x68,0xf7,0xdf,0xb9,0x69,0xfb,
+ 0x8e,0x01,0xed,0x01,0x42,0xb5,0x4e,0x57,0xa6,0x26,
+ 0xb8,0xd0,0x7b,0x56,0x6d,0x03,0xc6,0x40,0x8c,0x8c,
+ 0x2a,0x55,0xd7,0x9c,0x35,0x00,0x94,0x93,0xec,0x03,
+ 0xeb,0x22,0xef,0x77,0xbb,0x79,0x13,0x3f,0x15,0xa1,
+ 0x8f,0xca,0xdf,0xfd,0xd3,0xb8,0xe1,0xd4,0xcc,0x09,
+ 0x3f,0x3c,0x2c,0xdb,0xd1,0x49,0x7f,0x38,0x07,0x83,
+ 0x6d,0xeb,0x08,0x66,0xe9,0x06,0x44,0x12,0xac,0x95,
+ 0x22,0x90,0x23,0x67,0xd4,0x08,0xcc,0xf4,0xb7,0xdc,
+ 0xcc,0x87,0xd4,0xac,0x69,0x35,0x4c,0xb5,0x39,0x36,
+ 0xcd,0xa4,0xd2,0x95,0xca,0x0d,0xc5,0xda,0xc2,0xc5,
+ 0x22,0x32,0x28,0x08,0xe3,0xd2,0x8b,0x38,0x30,0xdc,
+ 0x8c,0x75,0x4f,0x6a,0xec,0x7a,0xac,0x16,0x3e,0xa8,
+ 0xd4,0x6a,0x45,0xe1,0xa8,0x4f,0x2e,0x80,0x34,0xaa,
+ 0x54,0x1b,0x02,0x95,0x7d,0x8a,0x6d,0xcc,0x79,0xca,
+ 0xf2,0xa4,0x2e,0x8d,0xfb,0xfe,0x15,0x51,0x10,0x0e,
+ 0x4d,0x88,0xb1,0xc7,0xf4,0x79,0xdb,0xf0,0xb4,0x56,
+ 0x44,0x37,0xca,0x5a,0xc1,0x8c,0x48,0xac,0xae,0x48,
+ 0x80,0x83,0x01,0x3f,0xde,0xd9,0xd3,0x2c,0x51,0x46,
+ 0xb1,0x41,0xb6,0xc6,0x91,0x72,0xf9,0x83,0x55,0x1b,
+ 0x8c,0xba,0xf3,0x73,0xe5,0x2c,0x74,0x50,0x3a,0xbe,
+ 0xc5,0x2f,0xa7,0xb2,0x6d,0x8c,0x9e,0x13,0x77,0xa3,
+ 0x13,0xcd,0x6d,0x8c,0x45,0xe1,0xfc,0x0b,0xb7,0x69,
+ 0xe9,0x27,0xbc,0x65,0xc3,0xfa,0x9b,0xd0,0xef,0xfe,
+ 0xe8,0x1f,0xb3,0x5e,0x34,0xf4,0x8c,0xea,0xfc,0xd3,
+ 0x81,0xbf,0x3d,0x30,0xb2,0xb4,0x01,0xe8,0x43,0x0f,
+ 0xba,0x02,0x23,0x42,0x76,0x82,0x31,0x73,0x91,0xed,
+ 0x07,0x46,0x61,0x0d,0x39,0x83,0x40,0xce,0x7a,0xd4,
+ 0xdb,0x80,0x2c,0x1f,0x0d,0xd1,0x34,0xd4,0x92,0xe3,
+ 0xd4,0xf1,0xc2,0x01,0x02,0x03,0x01,0x00,0x01,0x02,
+ 0x82,0x02,0x01,0x00,0x97,0x6c,0xda,0x6e,0xea,0x4f,
+ 0xcf,0xaf,0xf7,0x4c,0xd9,0xf1,0x90,0x00,0x77,0xdb,
+ 0xf2,0x97,0x76,0x72,0xb9,0xb7,0x47,0xd1,0x9c,0xdd,
+ 0xcb,0x4a,0x33,0x6e,0xc9,0x75,0x76,0xe6,0xe4,0xa5,
+ 0x31,0x8c,0x77,0x13,0xb4,0x29,0xcd,0xf5,0x52,0x17,
+ 0xef,0xf3,0x08,0x00,0xe3,0xbd,0x2e,0xbc,0xd4,0x52,
+ 0x88,0xe9,0x30,0x75,0x0b,0x02,0xf5,0xcd,0x89,0x0c,
+ 0x6c,0x57,0x19,0x27,0x3d,0x1e,0x85,0xb4,0xc1,0x2f,
+ 0x1d,0x92,0x00,0x5c,0x76,0x29,0x4b,0xa4,0xe1,0x12,
+ 0xb3,0xc8,0x09,0xfe,0x0e,0x78,0x72,0x61,0xcb,0x61,
+ 0x6f,0x39,0x91,0x95,0x4e,0xd5,0x3e,0xc7,0x8f,0xb8,
+ 0xf6,0x36,0xfe,0x9c,0x93,0x9a,0x38,0x25,0x7a,0xf4,
+ 0x4a,0x12,0xd4,0xa0,0x13,0xbd,0xf9,0x1d,0x12,0x3e,
+ 0x21,0x39,0xfb,0x72,0xe0,0x05,0x3d,0xc3,0xe5,0x50,
+ 0xa8,0x5d,0x85,0xa3,0xea,0x5f,0x1c,0xb2,0x3f,0xea,
+ 0x6d,0x03,0x91,0x55,0xd8,0x19,0x0a,0x21,0x12,0x16,
+ 0xd9,0x12,0xc4,0xe6,0x07,0x18,0x5b,0x26,0xa4,0xae,
+ 0xed,0x2b,0xb7,0xa6,0xed,0xf8,0xad,0xec,0x77,0xe6,
+ 0x7f,0x4f,0x76,0x00,0xc0,0xfa,0x15,0x92,0xb4,0x2c,
+ 0x22,0xc2,0xeb,0x6a,0xad,0x14,0x05,0xb2,0xe5,0x8a,
+ 0x9e,0x85,0x83,0xcc,0x04,0xf1,0x56,0x78,0x44,0x5e,
+ 0xde,0xe0,0x60,0x1a,0x65,0x79,0x31,0x23,0x05,0xbb,
+ 0x01,0xff,0xdd,0x2e,0xb7,0xb3,0xaa,0x74,0xe0,0xa5,
+ 0x94,0xaf,0x4b,0xde,0x58,0x0f,0x55,0xde,0x33,0xf6,
+ 0xe3,0xd6,0x34,0x36,0x57,0xd6,0x79,0x91,0x2e,0xbe,
+ 0x3b,0xd9,0x4e,0xb6,0x9d,0x21,0x5c,0xd3,0x48,0x14,
+ 0x7f,0x4a,0xc4,0x60,0xa9,0x29,0xf8,0x53,0x7f,0x88,
+ 0x11,0x2d,0xb5,0xc5,0x2d,0x6f,0xee,0x85,0x0b,0xf7,
+ 0x8d,0x9a,0xbe,0xb0,0x42,0xf2,0x2e,0x71,0xaf,0x19,
+ 0x31,0x6d,0xec,0xcd,0x6f,0x2b,0x23,0xdf,0xb4,0x40,
+ 0xaf,0x2c,0x0a,0xc3,0x1b,0x7d,0x7d,0x03,0x1d,0x4b,
+ 0xf3,0xb5,0xe0,0x85,0xd8,0xdf,0x91,0x6b,0x0a,0x69,
+ 0xf7,0xf2,0x69,0x66,0x5b,0xf1,0xcf,0x46,0x7d,0xe9,
+ 0x70,0xfa,0x6d,0x7e,0x75,0x4e,0xa9,0x77,0xe6,0x8c,
+ 0x02,0xf7,0x14,0x4d,0xa5,0x41,0x8f,0x3f,0xc1,0x62,
+ 0x1e,0x71,0x5e,0x38,0xb4,0xd6,0xe6,0xe1,0x4b,0xc2,
+ 0x2c,0x30,0x83,0x81,0x6f,0x49,0x2e,0x96,0xe6,0xc9,
+ 0x9a,0xf7,0x5d,0x09,0xa0,0x55,0x02,0xa5,0x3a,0x25,
+ 0x23,0xd0,0x92,0xc3,0xa3,0xe3,0x0e,0x12,0x2f,0x4d,
+ 0xef,0xf3,0x55,0x5a,0xbe,0xe6,0x19,0x86,0x31,0xab,
+ 0x75,0x9a,0xd3,0xf0,0x2c,0xc5,0x41,0x92,0xd9,0x1f,
+ 0x5f,0x11,0x8c,0x75,0x1c,0x63,0xd0,0x02,0x80,0x2c,
+ 0x68,0xcb,0x93,0xfb,0x51,0x73,0x49,0xb4,0x60,0xda,
+ 0xe2,0x26,0xaf,0xa9,0x46,0x12,0xb8,0xec,0x50,0xdd,
+ 0x12,0x06,0x5f,0xce,0x59,0xe6,0xf6,0x1c,0xe0,0x54,
+ 0x10,0xad,0xf6,0xcd,0x98,0xcc,0x0f,0xfb,0xcb,0x41,
+ 0x14,0x9d,0xed,0xe4,0xb4,0x74,0x5f,0x09,0x60,0xc7,
+ 0x12,0xf6,0x7b,0x3c,0x8f,0xa7,0x20,0xbc,0xe4,0xb1,
+ 0xef,0xeb,0xa4,0x93,0xc5,0x06,0xca,0x9a,0x27,0x9d,
+ 0x87,0xf3,0xde,0xca,0xe5,0xe7,0xf6,0x1c,0x01,0x65,
+ 0x5b,0xfb,0x19,0x79,0x6e,0x08,0x26,0xc5,0xc8,0x28,
+ 0x0e,0xb6,0x3b,0x07,0x08,0xc1,0x02,0x82,0x01,0x01,
+ 0x00,0xe8,0x1c,0x73,0xa6,0xb8,0xe0,0x0e,0x6d,0x8d,
+ 0x1b,0xb9,0x53,0xed,0x58,0x94,0xe6,0x1d,0x60,0x14,
+ 0x5c,0x76,0x43,0xc4,0x58,0x19,0xc4,0x24,0xe8,0xbc,
+ 0x1b,0x3b,0x0b,0x13,0x24,0x45,0x54,0x0e,0xcc,0x37,
+ 0xf0,0xe0,0x63,0x7d,0xc3,0xf7,0xfb,0x81,0x74,0x81,
+ 0xc4,0x0f,0x1a,0x21,0x48,0xaf,0xce,0xc1,0xc4,0x94,
+ 0x18,0x06,0x44,0x8d,0xd3,0xd2,0x22,0x2d,0x2d,0x3e,
+ 0x5a,0x31,0xdc,0x95,0x8e,0xf4,0x41,0xfc,0x58,0xc9,
+ 0x40,0x92,0x17,0x5f,0xe3,0xda,0xac,0x9e,0x3f,0x1c,
+ 0x2a,0x6b,0x58,0x5f,0x48,0x78,0x20,0xb1,0xaf,0x24,
+ 0x9b,0x3c,0x20,0x8b,0x93,0x25,0x9e,0xe6,0x6b,0xbc,
+ 0x13,0x42,0x14,0x6c,0x36,0x31,0xff,0x7a,0xd1,0xc1,
+ 0x1a,0x26,0x14,0x7f,0xa9,0x76,0xa7,0x0c,0xf8,0xcc,
+ 0xed,0x07,0x6a,0xd2,0xdf,0x62,0xee,0x0a,0x7c,0x84,
+ 0xcb,0x49,0x90,0xb2,0x03,0x0d,0xa2,0x82,0x06,0x77,
+ 0xf1,0xcd,0x67,0xf2,0x47,0x21,0x02,0x3f,0x43,0x21,
+ 0xf0,0x46,0x30,0x62,0x51,0x72,0xb1,0xe7,0x48,0xc6,
+ 0x67,0x12,0xcd,0x9e,0xd6,0x15,0xe5,0x21,0xed,0xfa,
+ 0x8f,0x30,0xa6,0x41,0xfe,0xb6,0xfa,0x8f,0x34,0x14,
+ 0x19,0xe8,0x11,0xf7,0xa5,0x77,0x3e,0xb7,0xf9,0x39,
+ 0x07,0x8c,0x67,0x2a,0xab,0x7b,0x08,0xf8,0xb0,0x06,
+ 0xa8,0xea,0x2f,0x8f,0xfa,0xcc,0xcc,0x40,0xce,0xf3,
+ 0x70,0x4f,0x3f,0x7f,0xe2,0x0c,0xea,0x76,0x4a,0x35,
+ 0x4e,0x47,0xad,0x2b,0xa7,0x97,0x5d,0x74,0x43,0x97,
+ 0x90,0xd2,0xfb,0xd9,0xf9,0x96,0x01,0x33,0x05,0xed,
+ 0x7b,0x03,0x05,0xad,0xf8,0x49,0x03,0x02,0x82,0x01,
+ 0x01,0x00,0xd4,0x40,0x17,0x66,0x10,0x92,0x95,0xc8,
+ 0xec,0x62,0xa9,0x7a,0xcb,0x93,0x8e,0xe6,0x53,0xd4,
+ 0x80,0x48,0x27,0x4b,0x41,0xce,0x61,0xdf,0xbf,0x94,
+ 0xa4,0x3d,0x71,0x03,0x0b,0xed,0x25,0x71,0x98,0xa4,
+ 0xd6,0xd5,0x4a,0x57,0xf5,0x6c,0x1b,0xda,0x21,0x7d,
+ 0x35,0x45,0xb3,0xf3,0x6a,0xd9,0xd3,0x43,0xe8,0x5c,
+ 0x54,0x1c,0x83,0x1b,0xb4,0x5f,0xf2,0x97,0x24,0x2e,
+ 0xdc,0x40,0xde,0x92,0x23,0x59,0x8e,0xbc,0xd2,0xa1,
+ 0xf2,0xe0,0x4c,0xdd,0x0b,0xd1,0xe7,0xae,0x65,0xbc,
+ 0xb5,0xf5,0x5b,0x98,0xe9,0xd7,0xc2,0xb7,0x0e,0x55,
+ 0x71,0x0e,0x3c,0x0a,0x24,0x6b,0xa6,0xe6,0x14,0x61,
+ 0x11,0xfd,0x33,0x42,0x99,0x2b,0x84,0x77,0x74,0x92,
+ 0x91,0xf5,0x79,0x79,0xcf,0xad,0x8e,0x04,0xef,0x80,
+ 0x1e,0x57,0xf4,0x14,0xf5,0x35,0x09,0x74,0xb2,0x13,
+ 0x71,0x58,0x6b,0xea,0x32,0x5d,0xf3,0xd3,0x76,0x48,
+ 0x39,0x10,0x23,0x84,0x9d,0xbe,0x92,0x77,0x4a,0xed,
+ 0x70,0x3e,0x1a,0xa2,0x6c,0xb3,0x81,0x00,0xc3,0xc9,
+ 0xe4,0x52,0xc8,0x24,0x88,0x0c,0x41,0xad,0x87,0x5a,
+ 0xea,0xa3,0x7a,0x85,0x1c,0x5e,0x31,0x7f,0xc3,0x35,
+ 0xc6,0xfa,0x10,0xc8,0x75,0x10,0xc4,0x96,0x99,0xe7,
+ 0xfe,0x01,0xb4,0x74,0xdb,0xb4,0x11,0xc3,0xc8,0x8c,
+ 0xf6,0xf7,0x3b,0x66,0x50,0xfc,0xdb,0xeb,0xca,0x47,
+ 0x85,0x89,0xe1,0x65,0xd9,0x62,0x34,0x3c,0x70,0xd8,
+ 0x2e,0xb4,0x2f,0x65,0x3c,0x4a,0xa6,0x2a,0xe7,0xc7,
+ 0xd8,0x41,0x8f,0x8a,0x43,0xbf,0x42,0xf2,0x4d,0xbc,
+ 0xfc,0x9e,0x27,0x95,0xfb,0x75,0xff,0xab,0x02,0x82,
+ 0x01,0x00,0x41,0x2f,0x44,0x57,0x6d,0x12,0x17,0x5b,
+ 0x32,0xc6,0xb7,0x6c,0x57,0x7a,0x8a,0x0e,0x79,0xef,
+ 0x72,0xa8,0x68,0xda,0x2d,0x38,0xe4,0xbb,0x8d,0xf6,
+ 0x02,0x65,0xcf,0x56,0x13,0xe1,0x1a,0xcb,0x39,0x80,
+ 0xa6,0xb1,0x32,0x03,0x1e,0xdd,0xbb,0x35,0xd9,0xac,
+ 0x43,0x89,0x31,0x08,0x90,0x92,0x5e,0x35,0x3d,0x7b,
+ 0x9c,0x6f,0x86,0xcb,0x17,0xdd,0x85,0xe4,0xed,0x35,
+ 0x08,0x8e,0xc1,0xf4,0x05,0xd8,0x68,0xc6,0x63,0x3c,
+ 0xf7,0xff,0xf7,0x47,0x33,0x39,0xc5,0x3e,0xb7,0x0e,
+ 0x58,0x35,0x9d,0x81,0xea,0xf8,0x6a,0x2c,0x1c,0x5a,
+ 0x68,0x78,0x64,0x11,0x6b,0xc1,0x3e,0x4e,0x7a,0xbd,
+ 0x84,0xcb,0x0f,0xc2,0xb6,0x85,0x1d,0xd3,0x76,0xc5,
+ 0x93,0x6a,0x69,0x89,0x56,0x34,0xdc,0x4a,0x9b,0xbc,
+ 0xff,0xa8,0x0d,0x6e,0x35,0x9c,0x60,0xa7,0x23,0x30,
+ 0xc7,0x06,0x64,0x39,0x8b,0x94,0x89,0xee,0xba,0x7f,
+ 0x60,0x8d,0xfa,0xb6,0x97,0x76,0xdc,0x51,0x4a,0x3c,
+ 0xeb,0x3a,0x14,0x2c,0x20,0x60,0x69,0x4a,0x86,0xfe,
+ 0x8c,0x21,0x84,0x49,0x54,0xb3,0x20,0xe1,0x01,0x7f,
+ 0x58,0xdf,0x7f,0xb5,0x21,0x51,0x8c,0x47,0x9f,0x91,
+ 0xeb,0x97,0x3e,0xf2,0x54,0xcf,0x16,0x46,0xf9,0xd9,
+ 0xb6,0xe7,0x64,0xc9,0xd0,0x54,0xea,0x2f,0xa1,0xcf,
+ 0xa5,0x7f,0x28,0x8d,0x84,0xec,0xd5,0x39,0x03,0x76,
+ 0x5b,0x2d,0x8e,0x43,0xf2,0x01,0x24,0xc9,0x6f,0xc0,
+ 0xf5,0x69,0x6f,0x7d,0xb5,0x85,0xd2,0x5f,0x7f,0x78,
+ 0x40,0x07,0x7f,0x09,0x15,0xb5,0x1f,0x28,0x65,0x10,
+ 0xe4,0x19,0xa8,0xc6,0x9e,0x8d,0xdc,0xcb,0x02,0x82,
+ 0x01,0x00,0x13,0x01,0xee,0x56,0x80,0x93,0x70,0x00,
+ 0x7f,0x52,0xd2,0x94,0xa1,0x98,0x84,0x4a,0x92,0x25,
+ 0x4c,0x9b,0xa9,0x91,0x2e,0xc2,0x79,0xb7,0x5c,0xe3,
+ 0xc5,0xd5,0x8e,0xc2,0x54,0x16,0x17,0xad,0x55,0x9b,
+ 0x25,0x76,0x12,0x63,0x50,0x22,0x2f,0x58,0x58,0x79,
+ 0x6b,0x04,0xe3,0xf9,0x9f,0x8f,0x04,0x41,0x67,0x94,
+ 0xa5,0x1f,0xac,0x8a,0x15,0x9c,0x26,0x10,0x6c,0xf8,
+ 0x19,0x57,0x61,0xd7,0x3a,0x7d,0x31,0xb0,0x2d,0x38,
+ 0xbd,0x94,0x62,0xad,0xc4,0xfa,0x36,0x42,0x42,0xf0,
+ 0x24,0x67,0x65,0x9d,0x8b,0x0b,0x7c,0x6f,0x82,0x44,
+ 0x1a,0x8c,0xc8,0xc9,0xab,0xbb,0x4c,0x45,0xfc,0x7b,
+ 0x38,0xee,0x30,0xe1,0xfc,0xef,0x8d,0xbc,0x58,0xdf,
+ 0x2b,0x5d,0x0d,0x54,0xe0,0x49,0x4d,0x97,0x99,0x8f,
+ 0x22,0xa8,0x83,0xbe,0x40,0xbb,0x50,0x2e,0x78,0x28,
+ 0x0f,0x95,0x78,0x8c,0x8f,0x98,0x24,0x56,0xc2,0x97,
+ 0xf3,0x2c,0x43,0xd2,0x03,0x82,0x66,0x81,0x72,0x5f,
+ 0x53,0x16,0xec,0xb1,0xb1,0x04,0x5e,0x40,0x20,0x48,
+ 0x7b,0x3f,0x02,0x97,0x6a,0xeb,0x96,0x12,0x21,0x35,
+ 0xfe,0x1f,0x47,0xc0,0x95,0xea,0xc5,0x8a,0x08,0x84,
+ 0x4f,0x5e,0x63,0x94,0x60,0x0f,0x71,0x5b,0x7f,0x4a,
+ 0xec,0x4f,0x60,0xc6,0xba,0x4a,0x24,0xf1,0x20,0x8b,
+ 0xa7,0x2e,0x3a,0xce,0x8d,0xe0,0x27,0x1d,0xb5,0x8e,
+ 0xb4,0x21,0xc5,0xe2,0xa6,0x16,0x0a,0x51,0x83,0x55,
+ 0x88,0xd1,0x30,0x11,0x63,0xd5,0xd7,0x8d,0xae,0x16,
+ 0x12,0x82,0xc4,0x85,0x00,0x4e,0x27,0x83,0xa5,0x7c,
+ 0x90,0x2e,0xe5,0xa2,0xa3,0xd3,0x4c,0x63,0x02,0x82,
+ 0x01,0x01,0x00,0x86,0x08,0x98,0x98,0xa5,0x00,0x05,
+ 0x39,0x77,0xd9,0x66,0xb3,0xcf,0xca,0xa0,0x71,0xb3,
+ 0x50,0xce,0x3d,0xb1,0x93,0x95,0x35,0xc4,0xd4,0x2e,
+ 0x90,0xdf,0x0f,0xfc,0x60,0xc1,0x94,0x68,0x61,0x43,
+ 0xca,0x9a,0x23,0x4a,0x1e,0x45,0x72,0x99,0xb5,0x1e,
+ 0x61,0x8d,0x77,0x0f,0xa0,0xbb,0xd7,0x77,0xb4,0x2a,
+ 0x15,0x11,0x88,0x2d,0xb3,0x56,0x61,0x5e,0x6a,0xed,
+ 0xa4,0x46,0x4a,0x3f,0x50,0x11,0xd6,0xba,0xb6,0xd7,
+ 0x95,0x65,0x53,0xc3,0xa1,0x8f,0xe0,0xa3,0xf5,0x1c,
+ 0xfd,0xaf,0x6e,0x43,0xd7,0x17,0xa7,0xd3,0x81,0x1b,
+ 0xa4,0xdf,0xe0,0x97,0x8a,0x46,0x03,0xd3,0x46,0x0e,
+ 0x83,0x48,0x4e,0xd2,0x02,0xcb,0xc0,0xad,0x79,0x95,
+ 0x8c,0x96,0xba,0x40,0x34,0x11,0x71,0x5e,0xe9,0x11,
+ 0xf9,0xc5,0x4a,0x5e,0x91,0x9d,0xf5,0x92,0x4f,0xeb,
+ 0xc6,0x70,0x02,0x2d,0x3d,0x04,0xaa,0xe9,0x3a,0x8e,
+ 0xd5,0xa8,0xad,0xf7,0xce,0x0d,0x16,0xb2,0xec,0x0a,
+ 0x9c,0xf5,0x94,0x39,0xb9,0x8a,0xfc,0x1e,0xf9,0xcc,
+ 0xf2,0x5f,0x21,0x31,0x74,0x72,0x6b,0x64,0xae,0x35,
+ 0x61,0x8d,0x0d,0xcb,0xe7,0xda,0x39,0xca,0xf3,0x21,
+ 0x66,0x0b,0x95,0xd7,0x0a,0x7c,0xca,0xa1,0xa9,0x5a,
+ 0xe8,0xac,0xe0,0x71,0x54,0xaf,0x28,0xcf,0xd5,0x70,
+ 0x89,0xe0,0xf3,0x9e,0x43,0x6c,0x8d,0x7b,0x99,0x01,
+ 0x68,0x4d,0xa1,0x45,0x46,0x0c,0x43,0xbc,0xcc,0x2c,
+ 0xdd,0xc5,0x46,0xc8,0x4e,0x0e,0xbe,0xed,0xb9,0x26,
+ 0xab,0x2e,0xdb,0xeb,0x8f,0xff,0xdb,0xb0,0xc6,0x55,
+ 0xaf,0xf8,0x2a,0x91,0x9d,0x50,0x44,0x21,0x17,
+ };
diff --git a/src/lib/libssl/src/apps/verify.c b/src/lib/libssl/src/apps/verify.c
new file mode 100644
index 0000000000..8cd675ff0a
--- /dev/null
+++ b/src/lib/libssl/src/apps/verify.c
@@ -0,0 +1,240 @@
+/* apps/verify.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "apps.h"
+#include "bio.h"
+#include "err.h"
+#include "x509.h"
+#include "pem.h"
+
+#undef PROG
+#define PROG verify_main
+
+#ifndef NOPROTO
+static int MS_CALLBACK cb(int ok, X509_STORE_CTX *ctx);
+static int check(X509_STORE *ctx,char *file);
+#else
+static int MS_CALLBACK cb();
+static int check();
+#endif
+
+static int v_verbose=0;
+
+int MAIN(argc, argv)
+int argc;
+char **argv;
+ {
+ int i,ret=1;
+ char *CApath=NULL,*CAfile=NULL;
+ X509_STORE *cert_ctx=NULL;
+ X509_LOOKUP *lookup=NULL;
+
+ cert_ctx=X509_STORE_new();
+ if (cert_ctx == NULL) goto end;
+ X509_STORE_set_verify_cb_func(cert_ctx,cb);
+
+ ERR_load_crypto_strings();
+
+ apps_startup();
+
+ if (bio_err == NULL)
+ if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+
+ argc--;
+ argv++;
+ for (;;)
+ {
+ if (argc >= 1)
+ {
+ if (strcmp(*argv,"-CApath") == 0)
+ {
+ if (argc-- < 1) goto end;
+ CApath= *(++argv);
+ }
+ else if (strcmp(*argv,"-CAfile") == 0)
+ {
+ if (argc-- < 1) goto end;
+ CAfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-help") == 0)
+ goto end;
+ else if (strcmp(*argv,"-verbose") == 0)
+ v_verbose=1;
+ else if (argv[0][0] == '-')
+ goto end;
+ else
+ break;
+ argc--;
+ argv++;
+ }
+ else
+ break;
+ }
+
+ lookup=X509_STORE_add_lookup(cert_ctx,X509_LOOKUP_file());
+ if (lookup == NULL) abort();
+ if (!X509_LOOKUP_load_file(lookup,CAfile,X509_FILETYPE_PEM))
+ X509_LOOKUP_load_file(lookup,NULL,X509_FILETYPE_DEFAULT);
+
+ lookup=X509_STORE_add_lookup(cert_ctx,X509_LOOKUP_hash_dir());
+ if (lookup == NULL) abort();
+ if (!X509_LOOKUP_add_dir(lookup,CApath,X509_FILETYPE_PEM))
+ X509_LOOKUP_add_dir(lookup,NULL,X509_FILETYPE_DEFAULT);
+
+
+ if (argc < 1) check(cert_ctx,NULL);
+ else
+ for (i=0; i<argc; i++)
+ check(cert_ctx,argv[i]);
+ ret=0;
+end:
+ if (ret == 1)
+ BIO_printf(bio_err,"usage: verify [-verbose] [-CApath path] [-CAfile file] cert1 cert2 ...\n");
+ if (cert_ctx != NULL) X509_STORE_free(cert_ctx);
+ EXIT(ret);
+ }
+
+static int check(ctx,file)
+X509_STORE *ctx;
+char *file;
+ {
+ X509 *x=NULL;
+ BIO *in=NULL;
+ int i=0,ret=0;
+ X509_STORE_CTX csc;
+
+ in=BIO_new(BIO_s_file());
+ if (in == NULL)
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (file == NULL)
+ BIO_set_fp(in,stdin,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_read_filename(in,file) <= 0)
+ {
+ perror(file);
+ goto end;
+ }
+ }
+
+ x=PEM_read_bio_X509(in,NULL,NULL);
+ if (x == NULL)
+ {
+ fprintf(stdout,"%s: unable to load certificate file\n",
+ (file == NULL)?"stdin":file);
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ fprintf(stdout,"%s: ",(file == NULL)?"stdin":file);
+
+ X509_STORE_CTX_init(&csc,ctx,x,NULL);
+ i=X509_verify_cert(&csc);
+ X509_STORE_CTX_cleanup(&csc);
+
+ ret=0;
+end:
+ if (i)
+ {
+ fprintf(stdout,"OK\n");
+ ret=1;
+ }
+ else
+ ERR_print_errors(bio_err);
+ if (x != NULL) X509_free(x);
+ if (in != NULL) BIO_free(in);
+
+ return(ret);
+ }
+
+static int MS_CALLBACK cb(ok,ctx)
+int ok;
+X509_STORE_CTX *ctx;
+ {
+ char buf[256];
+
+ if (!ok)
+ {
+ /* since we are just checking the certificates, it is
+ * ok if they are self signed. */
+ if (ctx->error == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT)
+ ok=1;
+ else
+ {
+ X509_NAME_oneline(
+ X509_get_subject_name(ctx->current_cert),buf,256);
+ printf("%s\n",buf);
+ printf("error %d at %d depth lookup:%s\n",ctx->error,
+ ctx->error_depth,
+ X509_verify_cert_error_string(ctx->error));
+ if (ctx->error == X509_V_ERR_CERT_HAS_EXPIRED)
+ ok=1;
+ }
+ }
+ if (!v_verbose)
+ ERR_clear_error();
+ return(ok);
+ }
+
diff --git a/src/lib/libssl/src/apps/version.c b/src/lib/libssl/src/apps/version.c
new file mode 100644
index 0000000000..fcf1f08cfb
--- /dev/null
+++ b/src/lib/libssl/src/apps/version.c
@@ -0,0 +1,129 @@
+/* apps/version.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "apps.h"
+#include "evp.h"
+#include "crypto.h"
+
+#undef PROG
+#define PROG version_main
+
+int MAIN(argc, argv)
+int argc;
+char **argv;
+ {
+ int i,ret=0;
+ int cflags=0,version=0,date=0,options=0;
+
+ apps_startup();
+
+ if (bio_err == NULL)
+ if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+
+ if (argc == 1) version=1;
+ for (i=1; i<argc; i++)
+ {
+ if (strcmp(argv[i],"-v") == 0)
+ version=1;
+ else if (strcmp(argv[i],"-b") == 0)
+ date=1;
+ else if (strcmp(argv[i],"-f") == 0)
+ cflags=1;
+ else if (strcmp(argv[i],"-o") == 0)
+ options=1;
+ else if (strcmp(argv[i],"-a") == 0)
+ date=version=cflags=options=1;
+ else
+ {
+ BIO_printf(bio_err,"usage:version [-a] [-v] [-b] [-o] [-f]\n");
+ ret=1;
+ goto end;
+ }
+ }
+
+ if (version) printf("%s\n",SSLeay_version(SSLEAY_VERSION));
+ if (date) printf("%s\n",SSLeay_version(SSLEAY_BUILT_ON));
+ if (options)
+ {
+ printf("options:");
+ printf("%s ",BN_options());
+#ifndef NO_MD2
+ printf("%s ",MD2_options());
+#endif
+#ifndef NO_RC4
+ printf("%s ",RC4_options());
+#endif
+#ifndef NO_DES
+ printf("%s ",des_options());
+#endif
+#ifndef NO_IDEA
+ printf("%s ",idea_options());
+#endif
+#ifndef NO_BLOWFISH
+ printf("%s ",BF_options());
+#endif
+ printf("\n");
+ }
+ if (cflags) printf("%s\n",SSLeay_version(SSLEAY_CFLAGS));
+end:
+ EXIT(ret);
+ }
diff --git a/src/lib/libssl/src/apps/x509.c b/src/lib/libssl/src/apps/x509.c
new file mode 100644
index 0000000000..f5e8be1068
--- /dev/null
+++ b/src/lib/libssl/src/apps/x509.c
@@ -0,0 +1,1044 @@
+/* apps/x509.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#ifdef NO_STDIO
+#define APPS_WIN16
+#endif
+#include "apps.h"
+#include "bio.h"
+#include "asn1.h"
+#include "err.h"
+#include "bn.h"
+#include "evp.h"
+#include "x509.h"
+#include "objects.h"
+#include "pem.h"
+
+#undef PROG
+#define PROG x509_main
+
+#undef POSTFIX
+#define POSTFIX ".srl"
+#define DEF_DAYS 30
+
+#define FORMAT_UNDEF 0
+#define FORMAT_ASN1 1
+#define FORMAT_TEXT 2
+#define FORMAT_PEM 3
+
+#define CERT_HDR "certificate"
+
+static char *x509_usage[]={
+"usage: x509 args\n",
+" -inform arg - input format - default PEM (one of DER, NET or PEM)\n",
+" -outform arg - output format - default PEM (one of DER, NET or PEM\n",
+" -keyform arg - private key format - default PEM\n",
+" -CAform arg - CA format - default PEM\n",
+" -CAkeyform arg - CA key format - default PEM\n",
+" -in arg - input file - default stdin\n",
+" -out arg - output file - default stdout\n",
+" -serial - print serial number value\n",
+" -hash - print hash value\n",
+" -subject - print subject DN\n",
+" -issuer - print issuer DN\n",
+" -startdate - notBefore field\n",
+" -enddate - notAfter field\n",
+" -dates - both Before and After dates\n",
+" -modulus - print the RSA key modulus\n",
+" -fingerprint - print the certificate fingerprint\n",
+" -noout - no certificate output\n",
+
+" -days arg - How long till expiry of a signed certificate - def 30 days\n",
+" -signkey arg - self sign cert with arg\n",
+" -x509toreq - output a certification request object\n",
+" -req - input is a certificate request, sign and output.\n",
+" -CA arg - set the CA certificate, must be PEM format.\n",
+" -CAkey arg - set the CA key, must be PEM format\n",
+" missing, it is asssumed to be in the CA file.\n",
+" -CAcreateserial - create serial number file if it does not exist\n",
+" -CAserial - serial file\n",
+" -text - print the certitificate in text form\n",
+" -C - print out C code forms\n",
+" -md2/-md5/-sha1/-mdc2 - digest to do an RSA sign with\n",
+NULL
+};
+
+#ifndef NOPROTO
+static int MS_CALLBACK callb(int ok, X509_STORE_CTX *ctx);
+static EVP_PKEY *load_key(char *file, int format);
+static X509 *load_cert(char *file, int format);
+static int sign (X509 *x, EVP_PKEY *pkey,int days,EVP_MD *digest);
+static int x509_certify (X509_STORE *ctx,char *CAfile, EVP_MD *digest,X509 *x,
+ X509 *xca, EVP_PKEY *pkey,char *serial, int create, int days);
+#else
+static int MS_CALLBACK callb();
+static EVP_PKEY *load_key();
+static X509 *load_cert();
+static int sign ();
+static int x509_certify ();
+#endif
+
+static int reqfile=0;
+
+int MAIN(argc, argv)
+int argc;
+char **argv;
+ {
+ int ret=1;
+ X509_REQ *req=NULL;
+ X509 *x=NULL,*xca=NULL;
+ EVP_PKEY *Upkey=NULL,*CApkey=NULL;
+ int i,num,badops=0;
+ BIO *out=NULL;
+ BIO *STDout=NULL;
+ int informat,outformat,keyformat,CAformat,CAkeyformat;
+ char *infile=NULL,*outfile=NULL,*keyfile=NULL,*CAfile=NULL;
+ char *CAkeyfile=NULL,*CAserial=NULL;
+ int text=0,serial=0,hash=0,subject=0,issuer=0,startdate=0,enddate=0;
+ int noout=0,sign_flag=0,CA_flag=0,CA_createserial=0;
+ int C=0;
+ int x509req=0,days=DEF_DAYS,modulus=0;
+ char **pp;
+ X509_STORE *ctx=NULL;
+ X509_REQ *rq=NULL;
+ int fingerprint=0;
+ char buf[256];
+ EVP_MD *md_alg,*digest=EVP_md5();
+
+ reqfile=0;
+
+ apps_startup();
+
+ if (bio_err == NULL)
+ bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
+ STDout=BIO_new_fp(stdout,BIO_NOCLOSE);
+
+ informat=FORMAT_PEM;
+ outformat=FORMAT_PEM;
+ keyformat=FORMAT_PEM;
+ CAformat=FORMAT_PEM;
+ CAkeyformat=FORMAT_PEM;
+
+ ctx=X509_STORE_new();
+ if (ctx == NULL) goto end;
+ X509_STORE_set_verify_cb_func(ctx,callb);
+
+ argc--;
+ argv++;
+ num=0;
+ while (argc >= 1)
+ {
+ if (strcmp(*argv,"-inform") == 0)
+ {
+ if (--argc < 1) goto bad;
+ informat=str2fmt(*(++argv));
+ }
+ else if (strcmp(*argv,"-outform") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outformat=str2fmt(*(++argv));
+ }
+ else if (strcmp(*argv,"-keyform") == 0)
+ {
+ if (--argc < 1) goto bad;
+ keyformat=str2fmt(*(++argv));
+ }
+ else if (strcmp(*argv,"-req") == 0)
+ reqfile=1;
+ else if (strcmp(*argv,"-CAform") == 0)
+ {
+ if (--argc < 1) goto bad;
+ CAformat=str2fmt(*(++argv));
+ }
+ else if (strcmp(*argv,"-CAkeyform") == 0)
+ {
+ if (--argc < 1) goto bad;
+ CAformat=str2fmt(*(++argv));
+ }
+ else if (strcmp(*argv,"-days") == 0)
+ {
+ if (--argc < 1) goto bad;
+ days=atoi(*(++argv));
+ if (days == 0)
+ {
+ BIO_printf(bio_err,"bad number of days\n");
+ goto bad;
+ }
+ }
+ else if (strcmp(*argv,"-in") == 0)
+ {
+ if (--argc < 1) goto bad;
+ infile= *(++argv);
+ }
+ else if (strcmp(*argv,"-out") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-signkey") == 0)
+ {
+ if (--argc < 1) goto bad;
+ keyfile= *(++argv);
+ sign_flag= ++num;
+ }
+ else if (strcmp(*argv,"-CA") == 0)
+ {
+ if (--argc < 1) goto bad;
+ CAfile= *(++argv);
+ CA_flag= ++num;
+ }
+ else if (strcmp(*argv,"-CAkey") == 0)
+ {
+ if (--argc < 1) goto bad;
+ CAkeyfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-CAserial") == 0)
+ {
+ if (--argc < 1) goto bad;
+ CAserial= *(++argv);
+ }
+ else if (strcmp(*argv,"-C") == 0)
+ C= ++num;
+ else if (strcmp(*argv,"-serial") == 0)
+ serial= ++num;
+ else if (strcmp(*argv,"-modulus") == 0)
+ modulus= ++num;
+ else if (strcmp(*argv,"-x509toreq") == 0)
+ x509req= ++num;
+ else if (strcmp(*argv,"-text") == 0)
+ text= ++num;
+ else if (strcmp(*argv,"-hash") == 0)
+ hash= ++num;
+ else if (strcmp(*argv,"-subject") == 0)
+ subject= ++num;
+ else if (strcmp(*argv,"-issuer") == 0)
+ issuer= ++num;
+ else if (strcmp(*argv,"-fingerprint") == 0)
+ fingerprint= ++num;
+ else if (strcmp(*argv,"-dates") == 0)
+ {
+ startdate= ++num;
+ enddate= ++num;
+ }
+ else if (strcmp(*argv,"-startdate") == 0)
+ startdate= ++num;
+ else if (strcmp(*argv,"-enddate") == 0)
+ enddate= ++num;
+ else if (strcmp(*argv,"-noout") == 0)
+ noout= ++num;
+ else if (strcmp(*argv,"-CAcreateserial") == 0)
+ CA_createserial= ++num;
+ else if ((md_alg=EVP_get_digestbyname(&((*argv)[1]))) != NULL)
+ {
+ /* ok */
+ digest=md_alg;
+ }
+ else
+ {
+ BIO_printf(bio_err,"unknown option %s\n",*argv);
+ badops=1;
+ break;
+ }
+ argc--;
+ argv++;
+ }
+
+ if (badops)
+ {
+bad:
+ for (pp=x509_usage; (*pp != NULL); pp++)
+ BIO_printf(bio_err,*pp);
+ goto end;
+ }
+
+ ERR_load_crypto_strings();
+
+ if (!X509_STORE_set_default_paths(ctx))
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if ((CAkeyfile == NULL) && (CA_flag) && (CAformat == FORMAT_PEM))
+ { CAkeyfile=CAfile; }
+ else if ((CA_flag) && (CAkeyfile == NULL))
+ {
+ BIO_printf(bio_err,"need to specify a CAkey if using the CA command\n");
+ goto end;
+ }
+
+ if (reqfile)
+ {
+ EVP_PKEY *pkey;
+ X509_CINF *ci;
+ BIO *in;
+
+ if (!sign_flag && !CA_flag)
+ {
+ BIO_printf(bio_err,"We need a private key to sign with\n");
+ goto end;
+ }
+ in=BIO_new(BIO_s_file());
+ if (in == NULL)
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (infile == NULL)
+ BIO_set_fp(in,stdin,BIO_NOCLOSE|BIO_FP_TEXT);
+ else
+ {
+ if (BIO_read_filename(in,infile) <= 0)
+ {
+ perror(infile);
+ goto end;
+ }
+ }
+ req=PEM_read_bio_X509_REQ(in,NULL,NULL);
+ BIO_free(in);
+
+ if (req == NULL) { perror(infile); goto end; }
+
+ if ( (req->req_info == NULL) ||
+ (req->req_info->pubkey == NULL) ||
+ (req->req_info->pubkey->public_key == NULL) ||
+ (req->req_info->pubkey->public_key->data == NULL))
+ {
+ BIO_printf(bio_err,"The certificate request appears to corrupted\n");
+ BIO_printf(bio_err,"It does not contain a public key\n");
+ goto end;
+ }
+ if ((pkey=X509_REQ_get_pubkey(req)) == NULL)
+ {
+ BIO_printf(bio_err,"error unpacking public key\n");
+ goto end;
+ }
+ i=X509_REQ_verify(req,pkey);
+ if (i < 0)
+ {
+ BIO_printf(bio_err,"Signature verification error\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ if (i == 0)
+ {
+ BIO_printf(bio_err,"Signature did not match the certificate request\n");
+ goto end;
+ }
+ else
+ BIO_printf(bio_err,"Signature ok\n");
+
+ X509_NAME_oneline(req->req_info->subject,buf,256);
+ BIO_printf(bio_err,"subject=%s\n",buf);
+
+ if ((x=X509_new()) == NULL) goto end;
+ ci=x->cert_info;
+
+ if (!ASN1_INTEGER_set(X509_get_serialNumber(x),0)) goto end;
+ if (!X509_set_issuer_name(x,req->req_info->subject)) goto end;
+ if (!X509_set_subject_name(x,req->req_info->subject)) goto end;
+
+ X509_gmtime_adj(X509_get_notBefore(x),0);
+ X509_gmtime_adj(X509_get_notAfter(x),(long)60*60*24*days);
+
+ X509_PUBKEY_free(ci->key);
+ ci->key=req->req_info->pubkey;
+ req->req_info->pubkey=NULL;
+ }
+ else
+ x=load_cert(infile,informat);
+
+ if (x == NULL) goto end;
+ if (CA_flag)
+ {
+ xca=load_cert(CAfile,CAformat);
+ if (xca == NULL) goto end;
+ }
+
+ if (!noout || text)
+ {
+ OBJ_create("2.99999.3",
+ "SET.ex3","SET x509v3 extension 3");
+
+ out=BIO_new(BIO_s_file());
+ if (out == NULL)
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ if (outfile == NULL)
+ BIO_set_fp(out,stdout,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_write_filename(out,outfile) <= 0)
+ {
+ perror(outfile);
+ goto end;
+ }
+ }
+ }
+
+ if (num)
+ {
+ for (i=1; i<=num; i++)
+ {
+ if (issuer == i)
+ {
+ X509_NAME_oneline(X509_get_issuer_name(x),
+ buf,256);
+ fprintf(stdout,"issuer= %s\n",buf);
+ }
+ else if (subject == i)
+ {
+ X509_NAME_oneline(X509_get_subject_name(x),
+ buf,256);
+ fprintf(stdout,"subject=%s\n",buf);
+ }
+ else if (serial == i)
+ {
+ fprintf(stdout,"serial=");
+ i2a_ASN1_INTEGER(STDout,x->cert_info->serialNumber);
+ fprintf(stdout,"\n");
+ }
+ else if (hash == i)
+ {
+ fprintf(stdout,"%08lx\n",
+ X509_subject_name_hash(x));
+ }
+ else
+#ifndef NO_RSA
+ if (modulus == i)
+ {
+ EVP_PKEY *pkey;
+
+ pkey=X509_get_pubkey(x);
+ if (pkey == NULL)
+ {
+ fprintf(stdout,"Modulus=unavailable\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ fprintf(stdout,"Modulus=");
+ if (pkey->type == EVP_PKEY_RSA)
+ BN_print(STDout,pkey->pkey.rsa->n);
+ else
+ fprintf(stdout,"Wrong Algorithm type");
+ fprintf(stdout,"\n");
+ }
+ else
+#endif
+ if (C == i)
+ {
+ unsigned char *d;
+ char *m;
+ int y,z;
+
+ X509_NAME_oneline(X509_get_subject_name(x),
+ buf,256);
+ printf("/* subject:%s */\n",buf);
+ m=X509_NAME_oneline(
+ X509_get_issuer_name(x),buf,256);
+ printf("/* issuer :%s */\n",buf);
+
+ z=i2d_X509(x,NULL);
+ m=Malloc(z);
+
+ d=(unsigned char *)m;
+ z=i2d_X509_NAME(X509_get_subject_name(x),&d);
+ printf("unsigned char XXX_subject_name[%d]={\n",z);
+ d=(unsigned char *)m;
+ for (y=0; y<z; y++)
+ {
+ printf("0x%02X,",d[y]);
+ if ((y & 0x0f) == 0x0f) printf("\n");
+ }
+ if (y%16 != 0) printf("\n");
+ printf("};\n");
+
+ z=i2d_X509_PUBKEY(X509_get_X509_PUBKEY(x),&d);
+ printf("unsigned char XXX_public_key[%d]={\n",z);
+ d=(unsigned char *)m;
+ for (y=0; y<z; y++)
+ {
+ printf("0x%02X,",d[y]);
+ if ((y & 0x0f) == 0x0f) printf("\n");
+ }
+ if (y%16 != 0) printf("\n");
+ printf("};\n");
+
+ z=i2d_X509(x,&d);
+ printf("unsigned char XXX_certificate[%d]={\n",z);
+ d=(unsigned char *)m;
+ for (y=0; y<z; y++)
+ {
+ printf("0x%02X,",d[y]);
+ if ((y & 0x0f) == 0x0f) printf("\n");
+ }
+ if (y%16 != 0) printf("\n");
+ printf("};\n");
+
+ Free(m);
+ }
+ else if (text == i)
+ {
+ X509_print(out,x);
+ }
+ else if (startdate == i)
+ {
+ BIO_puts(STDout,"notBefore=");
+ ASN1_UTCTIME_print(STDout,X509_get_notBefore(x));
+ BIO_puts(STDout,"\n");
+ }
+ else if (enddate == i)
+ {
+ BIO_puts(STDout,"notAfter=");
+ ASN1_UTCTIME_print(STDout,X509_get_notAfter(x));
+ BIO_puts(STDout,"\n");
+ }
+ else if (fingerprint == i)
+ {
+ int j;
+ unsigned int n;
+ unsigned char md[EVP_MAX_MD_SIZE];
+
+ if (!X509_digest(x,EVP_md5(),md,&n))
+ {
+ BIO_printf(bio_err,"out of memory\n");
+ goto end;
+ }
+ fprintf(stdout,"MD5 Fingerprint=");
+ for (j=0; j<(int)n; j++)
+ {
+ fprintf(stdout,"%02X%c",md[j],
+ (j+1 == (int)n)
+ ?'\n':':');
+ }
+ }
+
+ /* should be in the library */
+ else if ((sign_flag == i) && (x509req == 0))
+ {
+ BIO_printf(bio_err,"Getting Private key\n");
+ if (Upkey == NULL)
+ {
+ Upkey=load_key(keyfile,keyformat);
+ if (Upkey == NULL) goto end;
+ }
+#ifndef NO_DSA
+ if (Upkey->type == EVP_PKEY_DSA)
+ digest=EVP_dss1();
+#endif
+
+ if (!sign(x,Upkey,days,digest)) goto end;
+ }
+ else if (CA_flag == i)
+ {
+ BIO_printf(bio_err,"Getting CA Private Key\n");
+ if (CAkeyfile != NULL)
+ {
+ CApkey=load_key(CAkeyfile,CAkeyformat);
+ if (CApkey == NULL) goto end;
+ }
+#ifndef NO_DSA
+ if (CApkey->type == EVP_PKEY_DSA)
+ digest=EVP_dss1();
+#endif
+ if (!x509_certify(ctx,CAfile,digest,x,xca,
+ CApkey,
+ CAserial,CA_createserial,days))
+ goto end;
+ }
+ else if (x509req == i)
+ {
+ EVP_PKEY *pk;
+
+ BIO_printf(bio_err,"Getting request Private Key\n");
+ if (keyfile == NULL)
+ {
+ BIO_printf(bio_err,"no request key file specified\n");
+ goto end;
+ }
+ else
+ {
+ pk=load_key(keyfile,FORMAT_PEM);
+ if (pk == NULL) goto end;
+ }
+
+ BIO_printf(bio_err,"Generating certificate request\n");
+
+ rq=X509_to_X509_REQ(x,pk,EVP_md5());
+ EVP_PKEY_free(pk);
+ if (rq == NULL)
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ if (!noout)
+ {
+ X509_REQ_print(out,rq);
+ PEM_write_bio_X509_REQ(out,rq);
+ }
+ noout=1;
+ }
+ }
+ }
+
+ if (noout)
+ {
+ ret=0;
+ goto end;
+ }
+
+ if (outformat == FORMAT_ASN1)
+ i=i2d_X509_bio(out,x);
+ else if (outformat == FORMAT_PEM)
+ i=PEM_write_bio_X509(out,x);
+ else if (outformat == FORMAT_NETSCAPE)
+ {
+ ASN1_HEADER ah;
+ ASN1_OCTET_STRING os;
+
+ os.data=(unsigned char *)CERT_HDR;
+ os.length=strlen(CERT_HDR);
+ ah.header= &os;
+ ah.data=(char *)x;
+ ah.meth=X509_asn1_meth();
+
+ /* no macro for this one yet */
+ i=ASN1_i2d_bio(i2d_ASN1_HEADER,out,(unsigned char *)&ah);
+ }
+ else {
+ BIO_printf(bio_err,"bad output format specified for outfile\n");
+ goto end;
+ }
+ if (!i) {
+ BIO_printf(bio_err,"unable to write certificate\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ ret=0;
+end:
+ OBJ_cleanup();
+ if (out != NULL) BIO_free(out);
+ if (STDout != NULL) BIO_free(STDout);
+ if (ctx != NULL) X509_STORE_free(ctx);
+ if (req != NULL) X509_REQ_free(req);
+ if (x != NULL) X509_free(x);
+ if (xca != NULL) X509_free(xca);
+ if (Upkey != NULL) EVP_PKEY_free(Upkey);
+ if (CApkey != NULL) EVP_PKEY_free(CApkey);
+ if (rq != NULL) X509_REQ_free(rq);
+ EXIT(ret);
+ }
+
+static int x509_certify(ctx,CAfile,digest,x,xca,pkey,serialfile,create,days)
+X509_STORE *ctx;
+char *CAfile;
+EVP_MD *digest;
+X509 *x;
+X509 *xca;
+EVP_PKEY *pkey;
+char *serialfile;
+int create;
+int days;
+ {
+ int ret=0;
+ BIO *io=NULL;
+ MS_STATIC char buf2[1024];
+ char *buf=NULL,*p;
+ BIGNUM *serial=NULL;
+ ASN1_INTEGER *bs=NULL,bs2;
+ X509_STORE_CTX xsc;
+ EVP_PKEY *upkey;
+
+ EVP_PKEY_copy_parameters(X509_get_pubkey(xca),pkey);
+
+ X509_STORE_CTX_init(&xsc,ctx,x,NULL);
+ buf=(char *)Malloc(EVP_PKEY_size(pkey)*2+
+ ((serialfile == NULL)
+ ?(strlen(CAfile)+strlen(POSTFIX)+1)
+ :(strlen(serialfile)))+1);
+ if (buf == NULL) { BIO_printf(bio_err,"out of mem\n"); goto end; }
+ if (serialfile == NULL)
+ {
+ strcpy(buf,CAfile);
+ for (p=buf; *p; p++)
+ if (*p == '.')
+ {
+ *p='\0';
+ break;
+ }
+ strcat(buf,POSTFIX);
+ }
+ else
+ strcpy(buf,serialfile);
+ serial=BN_new();
+ bs=ASN1_INTEGER_new();
+ if ((serial == NULL) || (bs == NULL))
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ io=BIO_new(BIO_s_file());
+ if (io == NULL)
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (BIO_read_filename(io,buf) <= 0)
+ {
+ if (!create)
+ {
+ perror(buf);
+ goto end;
+ }
+ else
+ {
+ ASN1_INTEGER_set(bs,0);
+ BN_zero(serial);
+ }
+ }
+ else
+ {
+ if (!a2i_ASN1_INTEGER(io,bs,buf2,1024))
+ {
+ BIO_printf(bio_err,"unable to load serial number from %s\n",buf);
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ else
+ {
+ serial=BN_bin2bn(bs->data,bs->length,serial);
+ if (serial == NULL)
+ {
+ BIO_printf(bio_err,"error converting bin 2 bn");
+ goto end;
+ }
+ }
+ }
+
+ if (!BN_add_word(serial,1))
+ { BIO_printf(bio_err,"add_word failure\n"); goto end; }
+ bs2.data=(unsigned char *)buf2;
+ bs2.length=BN_bn2bin(serial,bs2.data);
+
+ if (BIO_write_filename(io,buf) <= 0)
+ {
+ BIO_printf(bio_err,"error attempting to write serial number file\n");
+ perror(buf);
+ goto end;
+ }
+ i2a_ASN1_INTEGER(io,&bs2);
+ BIO_puts(io,"\n");
+ BIO_free(io);
+ io=NULL;
+
+ if (!X509_STORE_add_cert(ctx,x)) goto end;
+
+ /* NOTE: this certificate can/should be self signed, unless it was
+ * a certificate request in which case it is not. */
+ X509_STORE_CTX_set_cert(&xsc,x);
+ if (!reqfile && !X509_verify_cert(&xsc))
+ goto end;
+
+ if (!X509_set_issuer_name(x,X509_get_subject_name(xca))) goto end;
+ if (!X509_set_serialNumber(x,bs)) goto end;
+
+ if (X509_gmtime_adj(X509_get_notBefore(x),0L) == NULL)
+ goto end;
+
+ /* hardwired expired */
+ if (X509_gmtime_adj(X509_get_notAfter(x),(long)60*60*24*days) == NULL)
+ goto end;
+
+ /* don't save DSA parameters in child if parent has them
+ * and the parents and the childs are the same. */
+ upkey=X509_get_pubkey(x);
+ if (!EVP_PKEY_missing_parameters(pkey) &&
+ (EVP_PKEY_cmp_parameters(pkey,upkey) == 0))
+ {
+ EVP_PKEY_save_parameters(upkey,0);
+ /* Force a re-write */
+ X509_set_pubkey(x,upkey);
+ }
+
+ if (!X509_sign(x,pkey,digest)) goto end;
+ ret=1;
+end:
+ X509_STORE_CTX_cleanup(&xsc);
+ if (!ret)
+ ERR_print_errors(bio_err);
+ if (buf != NULL) Free(buf);
+ if (bs != NULL) ASN1_INTEGER_free(bs);
+ if (io != NULL) BIO_free(io);
+ if (serial != NULL) BN_free(serial);
+ return(ret);
+ }
+
+static int MS_CALLBACK callb(ok, ctx)
+int ok;
+X509_STORE_CTX *ctx;
+ {
+ char buf[256];
+ int err;
+ X509 *err_cert;
+
+ /* it is ok to use a self signed certificate
+ * This case will catch both the initial ok == 0 and the
+ * final ok == 1 calls to this function */
+ err=X509_STORE_CTX_get_error(ctx);
+ if (err == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT)
+ return(1);
+
+ /* BAD we should have gotten an error. Normally if everything
+ * worked X509_STORE_CTX_get_error(ctx) will still be set to
+ * DEPTH_ZERO_SELF_.... */
+ if (ok)
+ {
+ printf("error with certificate to be certified - should be self signed\n");
+ return(0);
+ }
+ else
+ {
+ err_cert=X509_STORE_CTX_get_current_cert(ctx);
+ X509_NAME_oneline(X509_get_subject_name(err_cert),buf,256);
+ printf("%s\n",buf);
+ printf("error with certificate - error %d at depth %d\n%s\n",
+ err,X509_STORE_CTX_get_error_depth(ctx),
+ X509_verify_cert_error_string(err));
+ return(1);
+ }
+ }
+
+static EVP_PKEY *load_key(file, format)
+char *file;
+int format;
+ {
+ BIO *key=NULL;
+ EVP_PKEY *pkey=NULL;
+
+ if (file == NULL)
+ {
+ BIO_printf(bio_err,"no keyfile specified\n");
+ goto end;
+ }
+ key=BIO_new(BIO_s_file());
+ if (key == NULL)
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ if (BIO_read_filename(key,file) <= 0)
+ {
+ perror(file);
+ goto end;
+ }
+#ifndef NO_RSA
+ if (format == FORMAT_ASN1)
+ {
+ RSA *rsa;
+
+ rsa=d2i_RSAPrivateKey_bio(key,NULL);
+ if (rsa != NULL)
+ {
+ if ((pkey=EVP_PKEY_new()) != NULL)
+ EVP_PKEY_assign_RSA(pkey,rsa);
+ else
+ RSA_free(rsa);
+ }
+ }
+ else
+#endif
+ if (format == FORMAT_PEM)
+ {
+ pkey=PEM_read_bio_PrivateKey(key,NULL,NULL);
+ }
+ else
+ {
+ BIO_printf(bio_err,"bad input format specified for key\n");
+ goto end;
+ }
+end:
+ if (key != NULL) BIO_free(key);
+ if (pkey == NULL)
+ BIO_printf(bio_err,"unable to load Private Key\n");
+ return(pkey);
+ }
+
+static X509 *load_cert(file, format)
+char *file;
+int format;
+ {
+ ASN1_HEADER *ah=NULL;
+ BUF_MEM *buf=NULL;
+ X509 *x=NULL;
+ BIO *cert;
+
+ if ((cert=BIO_new(BIO_s_file())) == NULL)
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (file == NULL)
+ BIO_set_fp(cert,stdin,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_read_filename(cert,file) <= 0)
+ {
+ perror(file);
+ goto end;
+ }
+ }
+ if (format == FORMAT_ASN1)
+ x=d2i_X509_bio(cert,NULL);
+ else if (format == FORMAT_NETSCAPE)
+ {
+ unsigned char *p,*op;
+ int size=0,i;
+
+ /* We sort of have to do it this way because it is sort of nice
+ * to read the header first and check it, then
+ * try to read the certificate */
+ buf=BUF_MEM_new();
+ for (;;)
+ {
+ if ((buf == NULL) || (!BUF_MEM_grow(buf,size+1024*10)))
+ goto end;
+ i=BIO_read(cert,&(buf->data[size]),1024*10);
+ size+=i;
+ if (i == 0) break;
+ if (i < 0)
+ {
+ perror("reading certificate");
+ goto end;
+ }
+ }
+ p=(unsigned char *)buf->data;
+ op=p;
+
+ /* First load the header */
+ if ((ah=d2i_ASN1_HEADER(NULL,&p,(long)size)) == NULL)
+ goto end;
+ if ((ah->header == NULL) || (ah->header->data == NULL) ||
+ (strncmp(CERT_HDR,(char *)ah->header->data,
+ ah->header->length) != 0))
+ {
+ BIO_printf(bio_err,"Error reading header on certificate\n");
+ goto end;
+ }
+ /* header is ok, so now read the object */
+ p=op;
+ ah->meth=X509_asn1_meth();
+ if ((ah=d2i_ASN1_HEADER(&ah,&p,(long)size)) == NULL)
+ goto end;
+ x=(X509 *)ah->data;
+ ah->data=NULL;
+ }
+ else if (format == FORMAT_PEM)
+ x=PEM_read_bio_X509(cert,NULL,NULL);
+ else {
+ BIO_printf(bio_err,"bad input format specified for input cert\n");
+ goto end;
+ }
+end:
+ if (x == NULL)
+ {
+ BIO_printf(bio_err,"unable to load certificate\n");
+ ERR_print_errors(bio_err);
+ }
+ if (ah != NULL) ASN1_HEADER_free(ah);
+ if (cert != NULL) BIO_free(cert);
+ if (buf != NULL) BUF_MEM_free(buf);
+ return(x);
+ }
+
+/* self sign */
+static int sign(x, pkey, days, digest)
+X509 *x;
+EVP_PKEY *pkey;
+int days;
+EVP_MD *digest;
+ {
+
+ EVP_PKEY_copy_parameters(X509_get_pubkey(x),pkey);
+ EVP_PKEY_save_parameters(X509_get_pubkey(x),1);
+
+ if (!X509_set_issuer_name(x,X509_get_subject_name(x))) goto err;
+ if (X509_gmtime_adj(X509_get_notBefore(x),0) == NULL) goto err;
+
+ /* Lets just make it 12:00am GMT, Jan 1 1970 */
+ /* memcpy(x->cert_info->validity->notBefore,"700101120000Z",13); */
+ /* 28 days to be certified */
+
+ if (X509_gmtime_adj(X509_get_notAfter(x),(long)60*60*24*days) == NULL)
+ goto err;
+
+ if (!X509_set_pubkey(x,pkey)) goto err;
+ if (!X509_sign(x,pkey,digest)) goto err;
+ return(1);
+err:
+ ERR_print_errors(bio_err);
+ return(0);
+ }
diff --git a/src/lib/libssl/src/bugs/MS b/src/lib/libssl/src/bugs/MS
new file mode 100644
index 0000000000..a1dcfb90de
--- /dev/null
+++ b/src/lib/libssl/src/bugs/MS
@@ -0,0 +1,7 @@
+If you use the function that does an fopen inside the DLL, it's malloc
+will be used and when the function is then written inside, more
+hassles
+....
+
+
+think about it.
diff --git a/src/lib/libssl/src/bugs/SSLv3 b/src/lib/libssl/src/bugs/SSLv3
new file mode 100644
index 0000000000..2e22a65cdd
--- /dev/null
+++ b/src/lib/libssl/src/bugs/SSLv3
@@ -0,0 +1,41 @@
+So far...
+
+ssl3.netscape.com:443 does not support client side dynamic
+session-renegotiation.
+
+ssl3.netscape.com:444 (asks for client cert) sends out all the CA RDN
+in an invalid format (the outer sequence is removed).
+
+Netscape-Commerce/1.12, when talking SSLv2, accepts a 32 byte
+challenge but then appears to only use 16 bytes when generating the
+encryption keys. Using 16 bytes is ok but it should be ok to use 32.
+According to the SSLv3 spec, one should use 32 bytes for the challenge
+when opperating in SSLv2/v3 compatablity mode, but as mentioned above,
+this breaks this server so 16 bytes is the way to go.
+
+www.microsoft.com - when talking SSLv2, if session-id reuse is
+performed, the session-id passed back in the server-finished message
+is different from the one decided upon.
+
+ssl3.netscape.com:443, first a connection is established with RC4-MD5.
+If it is then resumed, we end up using DES-CBC3-SHA. It should be
+RC4-MD5 according to 7.6.1.3, 'cipher_suite'.
+Netscape-Enterprise/2.01 (https://merchant.netscape.com) has this bug.
+It only really shows up when connecting via SSLv2/v3 then reconnecting
+via SSLv3. The cipher list changes....
+NEW INFORMATION. Try connecting with a cipher list of just
+DES-CBC-SHA:RC4-MD5. For some weird reason, each new connection uses
+RC4-MD5, but a re-connect tries to use DES-CBC-SHA. So netscape, when
+doing a re-connect, always takes the first cipher in the cipher list.
+
+If we accept a netscape connection, demand a client cert, have a
+non-self-sighed CA which does not have it's CA in netscape, and the
+browser has a cert, it will crash/hang. Works for 3.x and 4.xbeta
+
+Netscape browsers do not really notice the server sending a
+close notify message. I was sending one, and then some invalid data.
+netscape complained of an invalid mac. (a fork()ed child doing a
+SSL_shutdown() and still sharing the socket with its parent).
+
+Netscape, when using export ciphers, will accept a 1024 bit temporary
+RSA key. It is supposed to only accept 512.
diff --git a/src/lib/libssl/src/bugs/VC16.bug b/src/lib/libssl/src/bugs/VC16.bug
new file mode 100644
index 0000000000..7815bb5c77
--- /dev/null
+++ b/src/lib/libssl/src/bugs/VC16.bug
@@ -0,0 +1,18 @@
+Microsoft (R) C/C++ Optimizing Compiler Version 8.00c
+
+Compile with /O2 chokes the compiler on these files
+
+crypto\md\md5_dgst.c warning '@(#)reg86.c:1.26', line 1110
+crypto\des\ofb64ede.c warning '@(#)grammar.c:1.147', line 168
+crypto\des\ofb64enc.c warning '@(#)grammar.c:1.147', line 168
+crypto\des\qud_cksm.c warning '@(#)grammar.c:1.147', line 168
+crypto\rc2\rc2ofb64.c warning '@(#)grammar.c:1.147', line 168
+crypto\objects\obj_dat.c warning '@(#)grammar.c:1.147', line 168
+ fatal '@(#)grammar.c:1.147', line 168
+crypto\objects\obj_lib.c warning '@(#)grammar.c:1.147', line 168
+ fatal '@(#)grammar.c:1.147', line 168
+ssl\ssl_auth.c warning '@(#)grammar.c:1.147', line 168
+ fatal '@(#)grammar.c:1.147', line 168
+
+Turning on /G3 with build flags that worked fine for /G2 came up with
+divide by zero errors in 'normal' code in speed.c :-(
diff --git a/src/lib/libssl/src/bugs/alpha.c b/src/lib/libssl/src/bugs/alpha.c
new file mode 100644
index 0000000000..701d6a7c74
--- /dev/null
+++ b/src/lib/libssl/src/bugs/alpha.c
@@ -0,0 +1,91 @@
+/* bugs/alpha.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* while not exactly a bug (ASN1 C leaves this undefined) it is
+ * something to watch out for. This was fine on linux/NT/Solaris but not
+ * Alpha */
+
+/* it is basically an example of
+ * func(*(a++),*(a++))
+ * which parameter is evaluated first? It is not defined in ASN1 C.
+ */
+
+#include <stdio.h>
+
+#define TYPE unsigned int
+
+void func(a,b)
+TYPE *a;
+TYPE b;
+ {
+ printf("%ld -1 == %ld\n",a[0],b);
+ }
+
+main()
+ {
+ TYPE data[5]={1L,2L,3L,4L,5L};
+ TYPE *p;
+ int i;
+
+ p=data;
+
+ for (i=0; i<4; i++)
+ {
+ func(p,*(p++));
+ }
+ }
diff --git a/src/lib/libssl/src/bugs/dggccbug.c b/src/lib/libssl/src/bugs/dggccbug.c
new file mode 100644
index 0000000000..30e07a60ea
--- /dev/null
+++ b/src/lib/libssl/src/bugs/dggccbug.c
@@ -0,0 +1,45 @@
+/* NOCW */
+/* dggccbug.c */
+/* bug found by Eric Young (eay@cryptsoft.com) - May 1995 */
+
+#include <stdio.h>
+
+/* There is a bug in
+ * gcc version 2.5.8 (88open OCS/BCS, DG-2.5.8.3, Oct 14 1994)
+ * as shipped with DGUX 5.4R3.10 that can be bypassed by defining
+ * DG_GCC_BUG in my code.
+ * The bug manifests itself by the vaule of a pointer that is
+ * used only by reference, not having it's value change when it is used
+ * to check for exiting the loop. Probably caused by there being 2
+ * copies of the valiable, one in a register and one being an address
+ * that is passed. */
+
+/* compare the out put from
+ * gcc dggccbug.c; ./a.out
+ * and
+ * gcc -O dggccbug.c; ./a.out
+ * compile with -DFIXBUG to remove the bug when optimising.
+ */
+
+void inc(a)
+int *a;
+ {
+ (*a)++;
+ }
+
+main()
+ {
+ int p=0;
+#ifdef FIXBUG
+ int dummy;
+#endif
+
+ while (p<3)
+ {
+ fprintf(stderr,"%08X\n",p);
+ inc(&p);
+#ifdef FIXBUG
+ dummy+=p;
+#endif
+ }
+ }
diff --git a/src/lib/libssl/src/bugs/sgiccbug.c b/src/lib/libssl/src/bugs/sgiccbug.c
new file mode 100644
index 0000000000..48bd0605df
--- /dev/null
+++ b/src/lib/libssl/src/bugs/sgiccbug.c
@@ -0,0 +1,55 @@
+/* NOCW */
+/* sgibug.c */
+/* bug found by Eric Young (eay@mincom.oz.au) May 95 */
+
+#include <stdio.h>
+
+/* This compiler bug it present on IRIX 5.3, 5.1 and 4.0.5 (these are
+ * the only versions of IRIX I have access to.
+ * defining FIXBUG removes the bug.
+ */
+
+/* Compare the output from
+ * cc sgiccbug.c; ./a.out
+ * and
+ * cc -O sgiccbug.c; ./a.out
+ */
+
+static unsigned long a[4]={0x01234567,0x89ABCDEF,0xFEDCBA98,0x76543210};
+static unsigned long b[4]={0x89ABCDEF,0xFEDCBA98,0x76543210,0x01234567};
+static unsigned long c[4]={0x77777778,0x8ACF1357,0x88888888,0x7530ECA9};
+
+main()
+ {
+ unsigned long r[4];
+ sub(r,a,b);
+ fprintf(stderr,"input a= %08X %08X %08X %08X\n",a[3],a[2],a[1],a[0]);
+ fprintf(stderr,"input b= %08X %08X %08X %08X\n",b[3],b[2],b[1],b[0]);
+ fprintf(stderr,"output = %08X %08X %08X %08X\n",r[3],r[2],r[1],r[0]);
+ fprintf(stderr,"correct= %08X %08X %08X %08X\n",c[3],c[2],c[1],c[0]);
+ }
+
+int sub(r,a,b)
+unsigned long *r,*a,*b;
+ {
+ register unsigned long t1,t2,*ap,*bp,*rp;
+ int i,carry;
+#ifdef FIXBUG
+ unsigned long dummy;
+#endif
+
+ ap=a;
+ bp=b;
+ rp=r;
+ carry=0;
+ for (i=0; i<4; i++)
+ {
+ t1= *(ap++);
+ t2= *(bp++);
+ t1=(t1-t2);
+#ifdef FIXBUG
+ dummy=t1;
+#endif
+ *(rp++)=t1&0xffffffff;
+ }
+ }
diff --git a/src/lib/libssl/src/bugs/sslref.dif b/src/lib/libssl/src/bugs/sslref.dif
new file mode 100644
index 0000000000..0aa92bfe6d
--- /dev/null
+++ b/src/lib/libssl/src/bugs/sslref.dif
@@ -0,0 +1,26 @@
+The February 9th, 1995 version of the SSL document differs from
+https://www.netscape.com in the following ways.
+=====
+The key material for generating a SSL_CK_DES_64_CBC_WITH_MD5 key is
+KEY-MATERIAL-0 = MD5[MASTER-KEY,"0",CHALLENGE,CONNECTION-ID]
+not
+KEY-MATERIAL-0 = MD5[MASTER-KEY,CHALLENGE,CONNECTION-ID]
+as specified in the documentation.
+=====
+From the section 2.6 Server Only Protocol Messages
+
+If the SESSION-ID-HIT flag is non-zero then the CERTIFICATE-TYPE,
+CERTIFICATE-LENGTH and CIPHER-SPECS-LENGTH fields will be zero.
+
+This is not true for https://www.netscape.com. The CERTIFICATE-TYPE
+is returned as 1.
+=====
+I have not tested the following but it is reported by holtzman@mit.edu.
+
+SSLref clients wait to recieve a server-verify before they send a
+client-finished. Besides this not being evident from the examples in
+2.2.1, it makes more sense to always send all packets you can before
+reading. SSLeay was waiting in the server to recieve a client-finish
+before sending the server-verify :-). I have changed SSLeay to send a
+server-verify before trying to read the client-finished.
+
diff --git a/src/lib/libssl/src/bugs/stream.c b/src/lib/libssl/src/bugs/stream.c
new file mode 100644
index 0000000000..50a3884995
--- /dev/null
+++ b/src/lib/libssl/src/bugs/stream.c
@@ -0,0 +1,131 @@
+/* bugs/stream.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "rc4.h"
+#ifdef NO_DES
+#include <des.h>
+#else
+#include "des.h"
+#endif
+
+/* show how stream ciphers are not very good. The mac has no affect
+ * on RC4 while it does for cfb DES
+ */
+
+main()
+ {
+ fprintf(stderr,"rc4\n");
+ rc4();
+ fprintf(stderr,"cfb des\n");
+ des();
+ }
+
+int des()
+ {
+ des_key_schedule ks;
+ des_cblock iv,key;
+ int num;
+ static char *keystr="01234567";
+ static char *in1="0123456789ABCEDFdata 12345";
+ static char *in2="9876543210abcdefdata 12345";
+ unsigned char out[100];
+ int i;
+
+ des_set_key((des_cblock *)keystr,ks);
+
+ num=0;
+ memset(iv,0,8);
+ des_cfb64_encrypt(in1,out,26,ks,(des_cblock *)iv,&num,1);
+ for (i=0; i<26; i++)
+ fprintf(stderr,"%02X ",out[i]);
+ fprintf(stderr,"\n");
+
+ num=0;
+ memset(iv,0,8);
+ des_cfb64_encrypt(in2,out,26,ks,(des_cblock *)iv,&num,1);
+ for (i=0; i<26; i++)
+ fprintf(stderr,"%02X ",out[i]);
+ fprintf(stderr,"\n");
+ }
+
+int rc4()
+ {
+ static char *keystr="0123456789abcdef";
+ RC4_KEY key;
+ unsigned char in[100],out[100];
+ int i;
+
+ RC4_set_key(&key,16,keystr);
+ in[0]='\0';
+ strcpy(in,"0123456789ABCEDFdata 12345");
+ RC4(key,26,in,out);
+
+ for (i=0; i<26; i++)
+ fprintf(stderr,"%02X ",out[i]);
+ fprintf(stderr,"\n");
+
+ RC4_set_key(&key,16,keystr);
+ in[0]='\0';
+ strcpy(in,"9876543210abcdefdata 12345");
+ RC4(key,26,in,out);
+
+ for (i=0; i<26; i++)
+ fprintf(stderr,"%02X ",out[i]);
+ fprintf(stderr,"\n");
+ }
diff --git a/src/lib/libssl/src/certs/thawteCb.pem b/src/lib/libssl/src/certs/thawteCb.pem
new file mode 100644
index 0000000000..27df192f0d
--- /dev/null
+++ b/src/lib/libssl/src/certs/thawteCb.pem
@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDEzCCAnygAwIBAgIBATANBgkqhkiG9w0BAQQFADCBxDELMAkGA1UEBhMCWkEx
+FTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMR0wGwYD
+VQQKExRUaGF3dGUgQ29uc3VsdGluZyBjYzEoMCYGA1UECxMfQ2VydGlmaWNhdGlv
+biBTZXJ2aWNlcyBEaXZpc2lvbjEZMBcGA1UEAxMQVGhhd3RlIFNlcnZlciBDQTEm
+MCQGCSqGSIb3DQEJARYXc2VydmVyLWNlcnRzQHRoYXd0ZS5jb20wHhcNOTYwODAx
+MDAwMDAwWhcNMjAxMjMxMjM1OTU5WjCBxDELMAkGA1UEBhMCWkExFTATBgNVBAgT
+DFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMR0wGwYDVQQKExRUaGF3
+dGUgQ29uc3VsdGluZyBjYzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNl
+cyBEaXZpc2lvbjEZMBcGA1UEAxMQVGhhd3RlIFNlcnZlciBDQTEmMCQGCSqGSIb3
+DQEJARYXc2VydmVyLWNlcnRzQHRoYXd0ZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQAD
+gY0AMIGJAoGBANOkUG7I/1Zr5s9dtuoMaHVHoqrC2oQl/Kj0R1HahbUgdJSGHg91
+yekIYfUGbTBuFRkC6VLAYttNmZ7iagxEOM3+vuNkCXDF/rFrKbYvScg71CcEJRCX
+L+eQbcAoQpnXTEPew/UhbVSfXcNY4cDk2VuwuNy0e982OsK1ZiIS1ocNAgMBAAGj
+EzARMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAB/pMaVz7lcxG
+7oWDTSEwjsrZqG9JGubaUeNgcGyEYRGhGshIPllDfU+VPaGLtwtimHp1it2ITk6e
+QNuozDJ0uW8NxuOzRAvZim+aKZuZGCg70eNAKJpaPNW15yAbi8qkq43pUdniTCxZ
+qdq5snUb9kLy78fyGPmJvKP/iiMucEc=
+-----END CERTIFICATE-----
diff --git a/src/lib/libssl/src/certs/thawteCp.pem b/src/lib/libssl/src/certs/thawteCp.pem
new file mode 100644
index 0000000000..51285e33c2
--- /dev/null
+++ b/src/lib/libssl/src/certs/thawteCp.pem
@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDJzCCApCgAwIBAgIBATANBgkqhkiG9w0BAQQFADCBzjELMAkGA1UEBhMCWkEx
+FTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMR0wGwYD
+VQQKExRUaGF3dGUgQ29uc3VsdGluZyBjYzEoMCYGA1UECxMfQ2VydGlmaWNhdGlv
+biBTZXJ2aWNlcyBEaXZpc2lvbjEhMB8GA1UEAxMYVGhhd3RlIFByZW1pdW0gU2Vy
+dmVyIENBMSgwJgYJKoZIhvcNAQkBFhlwcmVtaXVtLXNlcnZlckB0aGF3dGUuY29t
+MB4XDTk2MDgwMTAwMDAwMFoXDTIwMTIzMTIzNTk1OVowgc4xCzAJBgNVBAYTAlpB
+MRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsG
+A1UEChMUVGhhd3RlIENvbnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRp
+b24gU2VydmljZXMgRGl2aXNpb24xITAfBgNVBAMTGFRoYXd0ZSBQcmVtaXVtIFNl
+cnZlciBDQTEoMCYGCSqGSIb3DQEJARYZcHJlbWl1bS1zZXJ2ZXJAdGhhd3RlLmNv
+bTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0jY2aovXwlue2oFBYo847kkE
+VdbQ7xwblRZH7xhINTpS9CtqBo87L+pW46+GjZ4X9560ZXUCTe/LCaIhUdib0GfQ
+ug2SBhRz1JPLlyoAnFxODLz6FVL88kRu2hFKbgifLy3j+ao6hnO2RlNYyIkFvYMR
+uHM/qgeN9EJN50CdHDcCAwEAAaMTMBEwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG
+9w0BAQQFAAOBgQAmSCwWwlj66BZ0DKqqX1Q/8tfJeGBeXm43YyJ3Nn6yF8Q0ufUI
+hfzJATj/Tb7yFkJD57taRvvBxhEf8UqwKEbJw8RCfbz6q1lu1bdRiBHjpIUZa4JM
+pAwSremkrj/xw0llmozFyD4lt5SZu5IycQfwhl7tUCemDaYj+bvLpgcUQg==
+-----END CERTIFICATE-----
diff --git a/src/lib/libssl/src/certs/vsign1.pem b/src/lib/libssl/src/certs/vsign1.pem
new file mode 100644
index 0000000000..08c70f2674
--- /dev/null
+++ b/src/lib/libssl/src/certs/vsign1.pem
@@ -0,0 +1,15 @@
+-----BEGIN CERTIFICATE-----
+MIAwgKADAgECAgEAMA0GCSqGSIb3DQEBBAUAMGIxETAPBgNVBAcTCEludGVybmV0
+MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xh
+c3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjAeFw05NjA0MDgxMDIwMjda
+Fw05NzA0MDgxMDIwMjdaMGIxETAPBgNVBAcTCEludGVybmV0MRcwFQYDVQQKEw5W
+ZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xhc3MgMSBDQSAtIElu
+ZGl2aWR1YWwgU3Vic2NyaWJlcjCAMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2
+FKbPTdAFDdjKI9BvqrQpkmOOLPhvltcunXZLEbE2jVfJw/0cxrr+Hgi6M8qV6r7j
+W80GqLd5HUQq7XPysVKDaBBwZJHXPmv5912dFEObbpdFmIFH0S3L3bty10w/cari
+QPJUObwW7s987LrbP2wqsxaxhhKdrpM01bjV0Pc+qQIDAQABAAAAADANBgkqhkiG
+9w0BAQQFAAOBgQA+1nJryNt8VBRjRr07ArDAV/3jAH7GjDc9jsrxZS68ost9v06C
+TvTNKGL+LISNmFLXl+JXhgGB0JZ9fvyYzNgHQ46HBUng1H6voalfJgS2KdEo50wW
+8EFZYMDkT1k4uynwJqkVN2QJK/2q4/A/VCov5h6SlM8Affg2W+1TLqvqkwAA
+-----END CERTIFICATE-----
+
diff --git a/src/lib/libssl/src/certs/vsign3.pem b/src/lib/libssl/src/certs/vsign3.pem
new file mode 100644
index 0000000000..e6e31879c1
--- /dev/null
+++ b/src/lib/libssl/src/certs/vsign3.pem
@@ -0,0 +1,16 @@
+ subject=/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
+ issuer= /C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
+-----BEGIN CERTIFICATE-----
+MIICMTCCAZoCBQKhAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcw
+FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMg
+UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NjAxMjkwMDAwMDBa
+Fw05OTEyMzEyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2ln
+biwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZp
+Y2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAyVxZ
+nvIbigEUtBDfBEDb41evakVAj4QMC9Ez2dkRz+4CWB8l9yqoRAWq7AMfeH+ek7ma
+AKojfdashaJjRcdyJ8z0TMZ1cdI5709C8HXfCpDGjiBvmA/4rCNfcCk2pMmG57Ga
+IMtTpYXnPb59mv4kRTPcdhXtD6JxZExlLoFoRacCAwEAATANBgkqhkiG9w0BAQIF
+AAOBgQB1Zmw+0c2B27X4LzZRtvdCvM1Cr9wO+hVs+GeTVzrrtpLotgHKjLeOQ7RJ
+Zfk+7r11Ri7J/CVdqMcvi5uPaM+0nJcYwE3vH9mvgrPmZLiEXIqaB1JDYft0nls6
+NvxMsvwaPxUupVs8G5DsiCnkWRb5zget7Ond2tIxik/W2O8XjQ==
+-----END CERTIFICATE-----
diff --git a/src/lib/libssl/src/config b/src/lib/libssl/src/config
new file mode 100644
index 0000000000..7643930ee0
--- /dev/null
+++ b/src/lib/libssl/src/config
@@ -0,0 +1,327 @@
+#!/bin/sh
+#
+# config - this is a merge of minarch and GuessOS from the Apache Group
+# which then automatically runs Configure from SSLeay after
+# mapping the Apache names for OSs into SSLeay names
+#
+# 16-Sep-97 tjh first cut of merged version
+#
+# Tim Hudson
+# tjh@cryptsoft.com
+#
+
+# Original Apache Group comments on GuessOS
+
+# Simple OS/Platform guesser. Similar to config.guess but
+# much, much smaller. Since it was developed for use with
+# Apache, it follows under Apache's regular licensing
+# with one specific addition: Any changes or additions
+# to this script should be Emailed to the Apache
+# group (apache@apache.org) in general and to
+# Jim Jagielski (jim@jaguNET.com) in specific.
+#
+# Be as similar to the output of config.guess/config.sub
+# as possible.
+
+# First get uname entries that we use below
+
+MACHINE=`(uname -m) 2>/dev/null` || MACHINE="unknown"
+RELEASE=`(uname -r) 2>/dev/null` || RELEASE="unknown"
+SYSTEM=`(uname -s) 2>/dev/null` || SYSTEM="unknown"
+VERSION=`(uname -v) 2>/dev/null` || VERSION="unknown"
+
+
+# Now test for ISC and SCO, since it is has a braindamaged uname.
+#
+# We need to work around FreeBSD 1.1.5.1
+(
+XREL=`uname -X 2>/dev/null | grep "^Release" | awk '{print $3}'`
+if [ "x$XREL" != "x" ]; then
+ if [ -f /etc/kconfig ]; then
+ case "$XREL" in
+ 4.0|4.1)
+ echo "${MACHINE}-whatever-isc4"; exit 0
+ ;;
+ esac
+ else
+ case "$XREL" in
+ 3.2v4.2)
+ echo "whatever-whatever-sco3"; exit 0
+ ;;
+ 3.2v5.0*)
+ echo "whatever-whatever-sco5"; exit 0
+ ;;
+ 4.2MP)
+ if [ "x$VERSION" = "x2.1.1" ]; then
+ echo "${MACHINE}-whatever-unixware211"; exit 0
+ else
+ echo "${MACHINE}-whatever-unixware2"; exit 0
+ fi
+ ;;
+ 4.2)
+ echo "whatever-whatever-unixware1"; exit 0
+ ;;
+ esac
+ fi
+fi
+# Now we simply scan though... In most cases, the SYSTEM info is enough
+#
+case "${SYSTEM}:${RELEASE}:${VERSION}:${MACHINE}" in
+ A/UX:*)
+ echo "m68k-apple-aux3"; exit 0
+ ;;
+
+ AIX:*)
+ echo "${MACHINE}-ibm-aix"; exit 0
+ ;;
+
+ dgux:*)
+ echo "${MACHINE}-dg-dgux"; exit 0
+ ;;
+
+ HI-UX:*)
+ echo "${MACHINE}-hi-hiux"; exit 0
+ ;;
+
+ HP-UX:*)
+ HPUXVER=`echo ${RELEASE}|sed -e 's/[^.]*.[0B]*//'`
+ case "$HPUXVER" in
+ 10.*)
+ echo "${MACHINE}-hp-hpux10."; exit 0
+ ;;
+ *)
+ echo "${MACHINE}-hp-hpux"; exit 0
+ ;;
+ esac
+ ;;
+
+ IRIX:*)
+ echo "${MACHINE}-sgi-irix"; exit 0
+ ;;
+
+ IRIX64:*)
+ echo "${MACHINE}-sgi-irix64"; exit 0
+ ;;
+
+ Linux:[2-9].*)
+ echo "${MACHINE}-whatever-linux2"; exit 0
+ ;;
+
+ Linux:1.*)
+ echo "${MACHINE}-whatever-linux1"; exit 0
+ ;;
+
+ LynxOS:*)
+ echo "${MACHINE}-lynx-lynxos"; exit 0
+ ;;
+
+ BSD/386:*:*:*486*|BSD/OS:*:*:*:*486*)
+ echo "i486-whatever-bsdi"; exit 0
+ ;;
+
+ BSD/386:*|BSD/OS:*)
+ echo "${MACHINE}-whatever-bsdi"; exit 0
+ ;;
+
+ FreeBSD:*:*:*486*)
+ echo "i486-whatever-freebsd"; exit 0
+ ;;
+
+ FreeBSD:*)
+ echo "${MACHINE}-whatever-freebsd"; exit 0
+ ;;
+
+ NetBSD:*:*:*486*)
+ echo "i486-whatever-netbsd"; exit 0
+ ;;
+
+ NetBSD:*)
+ echo "${MACHINE}-whatever-netbsd"; exit 0
+ ;;
+
+ OpenBSD:*)
+ echo "${MACHINE}-whatever-openbsd"; exit 0
+ ;;
+
+ OSF1:*:*:*alpha*)
+ echo "${MACHINE}-dec-osf"; exit 0
+ ;;
+
+ QNX:*)
+ case "$VERSION" in
+ 423)
+ echo "${MACHINE}-qssl-qnx32"
+ ;;
+ *)
+ echo "${MACHINE}-qssl-qnx"
+ ;;
+ esac
+ exit 0
+ ;;
+
+ Paragon*:*:*:*)
+ echo "i860-intel-osf1"; exit 0
+ ;;
+
+ SunOS:5.*)
+ echo "${MACHINE}-sun-solaris2"; exit 0
+ ;;
+
+ SunOS:*)
+ echo "${MACHINE}-sun-sunos4"; exit 0
+ ;;
+
+ UNIX_System_V:4.*:*)
+ echo "${MACHINE}-whatever-sysv4"; exit 0
+ ;;
+
+ *:4*:R4*:m88k)
+ echo "${MACHINE}-whatever-sysv4"; exit 0
+ ;;
+
+ DYNIX/ptx:4*:*)
+ echo "${MACHINE}-whatever-sysv4"; exit 0
+ ;;
+
+ *:4.0:3.0:3[34]?? | *:4.0:3.0:3[34]??,*)
+ echo "i486-ncr-sysv4"; exit 0
+ ;;
+
+ ULTRIX:*)
+ echo "${MACHINE}-unknown-ultrix"; exit 0
+ ;;
+
+ SINIX*)
+ echo "${MACHINE}-sni-sysv4"; exit 0
+ ;;
+
+ machten:*)
+ echo "${MACHINE}-tenon-${SYSTEM}"; exit 0;
+ ;;
+
+ library:*)
+ echo "${MACHINE}-ncr-sysv4"; exit 0
+ ;;
+
+ ConvexOS:*:11.0:*)
+ echo "${MACHINE}-v11-${SYSTEM}"; exit 0;
+ ;;
+
+esac
+
+#
+# Ugg. These are all we can determine by what we know about
+# the output of uname. Be more creative:
+#
+
+# Do the Apollo stuff first. Here, we just simply assume
+# that the existance of the /usr/apollo directory is proof
+# enough
+if [ -d /usr/apollo ]; then
+ echo "whatever-apollo-whatever"
+ exit 0
+fi
+
+# Now NeXT
+ISNEXT=`hostinfo 2>/dev/null`
+case "$ISNEXT" in
+ *NeXT*)
+ echo "whatever-next-nextstep"; exit 0
+ ;;
+esac
+
+# At this point we gone through all the one's
+# we know of: Punt
+
+echo "${MACHINE}-whatever-${SYSTEM}|${RELEASE}|${VERSION}"
+exit 0
+) 2>/dev/null | (
+
+# ---------------------------------------------------------------------------
+# this is where the translation occurs into SSLeay terms
+# ---------------------------------------------------------------------------
+
+PREFIX=""
+SUFFIX=""
+VERBOSE="false"
+TEST="false"
+
+# pick up any command line args to config
+for i
+do
+case "$i" in
+-d*) PREFIX="debug-";;
+-v*) VERBOSE="true";;
+-n*|-t*) TEST="true";;
+esac
+done
+
+# figure out if gcc is available and if so we use it otherwise
+# we fallback to whatever cc does on the system
+GCCVER=`gcc -v 2>&1`
+if [ $? = "0" ]; then
+ CC=gcc
+else
+ CC=cc
+fi
+
+# read the output of the embedded GuessOS
+read GUESSOS
+
+if [ "$VERBOSE" = "true" ]; then
+ echo GUESSOS $GUESSOS
+fi
+
+# now map the output into SSLeay terms ... really should hack into the
+# script above so we end up with values in vars but that would take
+# more time that I want to waste at the moment
+case "$GUESSOS" in
+ *-*-linux2) OUT="linux-elf" ;;
+ *-*-linux) OUT="linux-aout" ;;
+ sun4*-sun-solaris2) OUT="solaris-sparc-$CC" ;;
+ *86*-sun-solaris2) OUT="solaris-x86-$CC" ;;
+ *-*-sunos4) OUT="sunos-$CC" ;;
+ *-freebsd) OUT="FreeBSD" ;;
+ *86*-*-netbsd) OUT="NetBSD-x86" ;;
+ sun3*-*-netbsd) OUT="NetBSD-m68" ;;
+ *-*-netbsd) OUT="NetBSD-sparc" ;;
+ *86*-*-openbsd) OUT="OpenBSD-x86" ;;
+ alpha*-*-openbsd) OUT="OpenBSD-alpha" ;;
+ *-*-openbsd) OUT="OpenBSD-bigendian" ;;
+ *-*-osf) OUT="alpha-$CC" ;;
+ *-*-unixware*) OUT="unixware-2.0" ;;
+ *-sni-sysv4) OUT="SINIX" ;;
+ # these are all covered by the catchall below
+ # *-hpux) OUT="hpux-$CC" ;;
+ # *-aix) OUT="aix-$CC" ;;
+ # *-dgux) OUT="dgux" ;;
+ *) OUT=`echo $GUESSOS | awk -F- '{print $3}'`;;
+esac
+
+if [ -z "$OUT" ]; then
+ OUT="$CC"
+fi
+
+# run Configure to check to see if we need to specify the
+# compiler for the platform ... in which case we add it on
+# the end ... otherwise we leave it off
+./Configure 2>&1 | grep '$OUT-$CC' > /dev/null
+if [ $? = "0" ]; then
+ OUT="$OUT-$CC"
+fi
+
+OUT="$PREFIX$OUT"
+
+# at this point we have the answer ... which we could check again
+# and then fallback to a vanilla SSLeay build but then this script
+# wouldn't get updated
+echo Configuring for $OUT
+
+if [ "$TEST" = "true" ]; then
+ echo ./Configure -DNO_IDEA $OUT
+else
+ ./Configure -DNO_IDEA $OUT
+fi
+
+)
+
diff --git a/src/lib/libssl/src/crypto/Makefile b/src/lib/libssl/src/crypto/Makefile
new file mode 100644
index 0000000000..eb49323ad5
--- /dev/null
+++ b/src/lib/libssl/src/crypto/Makefile
@@ -0,0 +1,133 @@
+LIB= crypto
+CFLAGS+= -DNO_IDEA -DTERMIOS -DL_ENDIAN -DANSI_SOURCE
+CFLAGS+= -I${.CURDIR}/../include
+SRCS+= cryptlib.c mem.c cversion.c ex_data.c cpt_err.c
+CFLAGS+= -I${.CURDIR}/md2
+SRCS+= md2_dgst.c md2_one.c
+CFLAGS+= -I${.CURDIR}/md5
+SRCS+= md5_dgst.c md5_one.c
+CFLAGS+= -I${.CURDIR}/sha
+SRCS+= sha_dgst.c sha1dgst.c sha_one.c sha1_one.c
+CFLAGS+= -I${.CURDIR}/mdc2
+SRCS+= mdc2dgst.c mdc2_one.c
+CFLAGS+= -I${.CURDIR}/hmac
+SRCS+= hmac.c
+CFLAGS+= -I${.CURDIR}/ripemd
+SRCS+= rmd_dgst.c rmd_one.c
+CFLAGS+= -I${.CURDIR}/des
+SRCS+= set_key.c ecb_enc.c cbc_enc.c ecb3_enc.c
+SRCS+= cfb64enc.c cfb64ede.c cfb_enc.c ofb64ede.c
+SRCS+= enc_read.c enc_writ.c ofb64enc.c ofb_enc.c
+SRCS+= str2key.c pcbc_enc.c qud_cksm.c rand_key.c
+SRCS+= read2pwd.c fcrypt.c xcbc_enc.c read_pwd.c
+SRCS+= rpc_enc.c cbc_cksm.c supp.c
+CFLAGS+= -I${.CURDIR}/rc2
+SRCS+= rc2_ecb.c rc2_skey.c rc2_cbc.c rc2cfb64.c
+SRCS+= rc2ofb64.c
+CFLAGS+= -I${.CURDIR}/rc4
+SRCS+= rc4_skey.c
+CFLAGS+= -I${.CURDIR}/rc5
+SRCS+= rc5_skey.c rc5_ecb.c rc5cfb64.c rc5cfb64.c
+SRCS+= rc5ofb64.c
+CFLAGS+= -I${.CURDIR}/idea
+SRCS+= i_cbc.c i_cfb64.c i_ofb64.c i_ecb.c
+SRCS+= i_skey.c
+CFLAGS+= -I${.CURDIR}/bf
+SRCS+= bf_skey.c bf_ecb.c bf_cfb64.c bf_ofb64.c
+CFLAGS+= -I${.CURDIR}/cast
+SRCS+= c_skey.c c_ecb.c c_cfb64.c c_ofb64.c
+CFLAGS+= -I${.CURDIR}/bn
+SRCS+= bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mod.c
+SRCS+= bn_mul.c bn_print.c bn_rand.c bn_shift.c bn_sub.c
+SRCS+= bn_word.c bn_blind.c bn_gcd.c bn_prime.c bn_err.c
+SRCS+= bn_sqr.c bn_recp.c bn_mont.c bn_mpi.c
+CFLAGS+= -I${.CURDIR}/rsa
+SRCS+= rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c
+SRCS+= rsa_saos.c rsa_err.c rsa_pk1.c rsa_ssl.c
+SRCS+= rsa_none.c
+CFLAGS+= -I${.CURDIR}/dsa
+SRCS+= dsa_gen.c dsa_key.c dsa_lib.c dsa_vrf.c
+SRCS+= dsa_sign.c dsa_err.c
+CFLAGS+= -I${.CURDIR}/dh
+SRCS+= dh_gen.c dh_key.c dh_lib.c dh_check.c dh_err.c
+CFLAGS+= -I${.CURDIR}/buffer
+SRCS+= buffer.c buf_err.c
+CFLAGS+= -I${.CURDIR}/bio
+SRCS+= bio_lib.c bio_cb.c bio_err.c bss_mem.c
+SRCS+= bss_null.c bss_fd.c bss_file.c bss_sock.c
+SRCS+= bss_conn.c bf_null.c bf_buff.c
+SRCS+= b_print.c b_dump.c b_sock.c bss_acpt.c
+SRCS+= bf_nbio.c
+CFLAGS+= -I${.CURDIR}/stack
+SRCS+= stack.c
+CFLAGS+= -I${.CURDIR}/lhash
+SRCS+= lhash.c lh_stats.c
+CFLAGS+= -I${.CURDIR}/rand
+SRCS+= md_rand.c randfile.c
+CFLAGS+= -I${.CURDIR}/err
+SRCS+= err.c err_all.c err_prn.c
+CFLAGS+= -I${.CURDIR}/objects
+SRCS+= obj_dat.c obj_lib.c obj_err.c
+CFLAGS+= -I${.CURDIR}/evp
+SRCS+= encode.c digest.c evp_enc.c evp_key.c
+SRCS+= e_ecb_d.c e_cbc_d.c e_cfb_d.c e_ofb_d.c
+SRCS+= e_ecb_i.c e_cbc_i.c e_cfb_i.c e_ofb_i.c
+SRCS+= e_ecb_3d.c e_cbc_3d.c e_rc4.c names.c
+SRCS+= e_cfb_3d.c e_ofb_3d.c e_xcbc_d.c e_ecb_r2.c
+SRCS+= e_cbc_r2.c e_cfb_r2.c e_ofb_r2.c e_ecb_bf.c
+SRCS+= e_cbc_bf.c e_cfb_bf.c e_ofb_bf.c e_ecb_c.c
+SRCS+= e_cbc_c.c e_cfb_c.c e_ofb_c.c e_ecb_r5.c
+SRCS+= e_cbc_r5.c e_cfb_r5.c e_ofb_r5.c m_null.c
+SRCS+= m_md2.c m_md5.c m_sha.c m_sha1.c m_dss.c
+SRCS+= m_dss1.c m_mdc2.c m_ripemd.c p_open.c
+SRCS+= p_seal.c p_sign.c p_verify.c p_lib.c p_enc.c
+SRCS+= p_dec.c bio_md.c bio_b64.c bio_enc.c
+SRCS+= evp_err.c e_null.c c_all.c evp_lib.c
+CFLAGS+= -I${.CURDIR}/pem
+SRCS+= pem_sign.c pem_seal.c pem_info.c pem_lib.c
+SRCS+= pem_all.c pem_err.c
+CFLAGS+= -I${.CURDIR}/asn1
+SRCS+= a_object.c a_bitstr.c a_utctm.c a_int.c
+SRCS+= a_octet.c a_print.c a_type.c a_set.c
+SRCS+= a_dup.c a_d2i_fp.c a_i2d_fp.c a_sign.c
+SRCS+= a_digest.c a_verify.c x_algor.c x_val.c
+SRCS+= x_pubkey.c x_sig.c x_req.c x_attrib.c
+SRCS+= x_name.c x_cinf.c x_x509.c x_crl.c
+SRCS+= x_info.c x_spki.c d2i_r_pr.c i2d_r_pr.c
+SRCS+= d2i_r_pu.c i2d_r_pu.c d2i_s_pr.c i2d_s_pr.c
+SRCS+= d2i_s_pu.c i2d_s_pu.c d2i_pu.c d2i_pr.c
+SRCS+= i2d_pu.c i2d_pr.c t_req.c t_x509.c
+SRCS+= t_pkey.c p7_i_s.c p7_signi.c p7_signd.c
+SRCS+= p7_recip.c p7_enc_c.c p7_evp.c p7_dgst.c
+SRCS+= p7_s_e.c p7_enc.c p7_lib.c f_int.c
+SRCS+= f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c
+SRCS+= d2i_dsap.c n_pkey.c a_hdr.c x_pkey.c
+SRCS+= a_bool.c x_exten.c asn1_par.c asn1_lib.c
+SRCS+= asn1_err.c a_meth.c a_bytes.c evp_asn1.c
+CFLAGS+= -I${.CURDIR}/x509
+SRCS+= x509_def.c x509_d2.c x509_r2x.c x509_cmp.c
+SRCS+= x509_obj.c x509_req.c x509_vfy.c x509_set.c
+SRCS+= x509rset.c x509_err.c x509name.c x509_v3.c
+SRCS+= x509_ext.c x509pack.c x509type.c x509_lu.c
+SRCS+= x_all.c x509_txt.c by_file.c by_dir.c
+SRCS+= v3_net.c v3_x509.c
+CFLAGS+= -I${.CURDIR}/conf
+SRCS+= conf.c conf_err.c
+CFLAGS+= -I${.CURDIR}/txt_db
+SRCS+= txt_db.c
+CFLAGS+= -I${.CURDIR}/pkcs7
+SRCS+= pk7_lib.c pkcs7err.c pk7_doit.c
+
+.PATH: ${.CURDIR}/md2 ${.CURDIR}/md5 ${.CURDIR}/sha ${.CURDIR}/mdc2 \
+ ${.CURDIR}/hmac ${.CURDIR}/ripemd ${.CURDIR}/des ${.CURDIR}/rc2 \
+ ${.CURDIR}/rc4 ${.CURDIR}/rc5 ${.CURDIR}/idea ${.CURDIR}/bf \
+ ${.CURDIR}/cast ${.CURDIR}/bn ${.CURDIR}/rsa ${.CURDIR}/dsa \
+ ${.CURDIR}/dh ${.CURDIR}/buffer ${.CURDIR}/bio ${.CURDIR}/stack \
+ ${.CURDIR}/lhash ${.CURDIR}/rand ${.CURDIR}/err ${.CURDIR}/objects \
+ ${.CURDIR}/evp ${.CURDIR}/pem ${.CURDIR}/asn1 ${.CURDIR}/asn1 \
+ ${.CURDIR}/x509 ${.CURDIR}/conf txt_db/txt_db.c ${.CURDIR}/pkcs7 \
+ ${.CURDIR}/txt_db
+
+.include <bsd.lib.mk>
+
+
diff --git a/src/lib/libssl/src/crypto/asn1/a_bitstr.c b/src/lib/libssl/src/crypto/asn1/a_bitstr.c
new file mode 100644
index 0000000000..2c10120651
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/a_bitstr.c
@@ -0,0 +1,204 @@
+/* crypto/asn1/a_bitstr.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1.h"
+
+/* ASN1err(ASN1_F_ASN1_STRING_NEW,ASN1_R_STRING_TOO_SHORT);
+ * ASN1err(ASN1_F_D2I_ASN1_BIT_STRING,ASN1_R_EXPECTING_A_BIT_STRING);
+ */
+
+int i2d_ASN1_BIT_STRING(a,pp)
+ASN1_BIT_STRING *a;
+unsigned char **pp;
+ {
+ int ret,j,r,bits;
+ unsigned char *p,*d;
+
+ if (a == NULL) return(0);
+
+ /* our bit strings are always a multiple of 8 :-) */
+ bits=0;
+ ret=1+a->length;
+ r=ASN1_object_size(0,ret,V_ASN1_BIT_STRING);
+ if (pp == NULL) return(r);
+ p= *pp;
+
+ ASN1_put_object(&p,0,ret,V_ASN1_BIT_STRING,V_ASN1_UNIVERSAL);
+ if (bits == 0)
+ j=0;
+ else j=8-bits;
+ *(p++)=(unsigned char)j;
+ d=a->data;
+ memcpy(p,d,a->length);
+ p+=a->length;
+ if (a->length > 0) p[-1]&=(0xff<<j);
+ *pp=p;
+ return(r);
+ }
+
+ASN1_BIT_STRING *d2i_ASN1_BIT_STRING(a, pp, length)
+ASN1_BIT_STRING **a;
+unsigned char **pp;
+long length;
+ {
+ ASN1_BIT_STRING *ret=NULL;
+ unsigned char *p,*s;
+ long len;
+ int inf,tag,xclass;
+ int i;
+
+ if ((a == NULL) || ((*a) == NULL))
+ {
+ if ((ret=ASN1_BIT_STRING_new()) == NULL) return(NULL);
+ }
+ else
+ ret=(*a);
+
+ p= *pp;
+ inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
+ if (inf & 0x80)
+ {
+ i=ASN1_R_BAD_OBJECT_HEADER;
+ goto err;
+ }
+
+ if (tag != V_ASN1_BIT_STRING)
+ {
+ i=ASN1_R_EXPECTING_A_BIT_STRING;
+ goto err;
+ }
+ if (len < 1) { i=ASN1_R_STRING_TOO_SHORT; goto err; }
+
+ i= *(p++);
+ if (len-- > 1) /* using one because of the bits left byte */
+ {
+ s=(unsigned char *)Malloc((int)len);
+ if (s == NULL)
+ {
+ i=ERR_R_MALLOC_FAILURE;
+ goto err;
+ }
+ memcpy(s,p,(int)len);
+ s[len-1]&=(0xff<<i);
+ p+=len;
+ }
+ else
+ s=NULL;
+
+ ret->length=(int)len;
+ if (ret->data != NULL) Free((char *)ret->data);
+ ret->data=s;
+ ret->type=V_ASN1_BIT_STRING;
+ if (a != NULL) (*a)=ret;
+ *pp=p;
+ return(ret);
+err:
+ ASN1err(ASN1_F_D2I_ASN1_BIT_STRING,i);
+ if ((ret != NULL) && ((a == NULL) || (*a != ret)))
+ ASN1_BIT_STRING_free(ret);
+ return(NULL);
+ }
+
+/* These next 2 functions from Goetz Babin-Ebell <babinebell@trustcenter.de>
+ */
+int ASN1_BIT_STRING_set_bit(a,n,value)
+ASN1_BIT_STRING *a;
+int n;
+int value;
+ {
+ int w,v,iv;
+ unsigned char *c;
+
+ w=n/8;
+ v=1<<(7-(n&0x07));
+ iv= ~v;
+
+ if (a == NULL) return(0);
+ if ((a->length < (w+1)) || (a->data == NULL))
+ {
+ if (!value) return(1); /* Don't need to set */
+ if (a->data == NULL)
+ c=(unsigned char *)Malloc(w+1);
+ else
+ c=(unsigned char *)Realloc(a->data,w+1);
+ if (c == NULL) return(0);
+ a->data=c;
+ a->length=w+1;
+ c[w]=0;
+ }
+ a->data[w]=((a->data[w])&iv)|v;
+ while ((a->length > 0) && (a->data[a->length-1] == 0))
+ a->length--;
+ return(1);
+ }
+
+int ASN1_BIT_STRING_get_bit(a,n)
+ASN1_BIT_STRING *a;
+int n;
+ {
+ int w,v;
+
+ w=n/8;
+ v=1<<(7-(n&0x07));
+ if ((a == NULL) || (a->length < (w+1)) || (a->data == NULL))
+ return(0);
+ return((a->data[w]&v) != 0);
+ }
+
diff --git a/src/lib/libssl/src/crypto/asn1/a_bool.c b/src/lib/libssl/src/crypto/asn1/a_bool.c
new file mode 100644
index 0000000000..41a95aa278
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/a_bool.c
@@ -0,0 +1,121 @@
+/* crypto/asn1/a_bool.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1.h"
+
+/* ASN1err(ASN1_F_D2I_ASN1_BOOLEAN,ASN1_R_EXPECTING_A_BOOLEAN);
+ * ASN1err(ASN1_F_D2I_ASN1_BOOLEAN,ASN1_R_BOOLEAN_IS_WRONG_LENGTH);
+ */
+
+int i2d_ASN1_BOOLEAN(a,pp)
+int a;
+unsigned char **pp;
+ {
+ int r;
+ unsigned char *p;
+
+ r=ASN1_object_size(0,1,V_ASN1_BOOLEAN);
+ if (pp == NULL) return(r);
+ p= *pp;
+
+ ASN1_put_object(&p,0,1,V_ASN1_BOOLEAN,V_ASN1_UNIVERSAL);
+ *(p++)= (unsigned char)a;
+ *pp=p;
+ return(r);
+ }
+
+int d2i_ASN1_BOOLEAN(a, pp, length)
+int *a;
+unsigned char **pp;
+long length;
+ {
+ int ret= -1;
+ unsigned char *p;
+ long len;
+ int inf,tag,xclass;
+ int i=0;
+
+ p= *pp;
+ inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
+ if (inf & 0x80)
+ {
+ i=ASN1_R_BAD_OBJECT_HEADER;
+ goto err;
+ }
+
+ if (tag != V_ASN1_BOOLEAN)
+ {
+ i=ASN1_R_EXPECTING_A_BOOLEAN;
+ goto err;
+ }
+
+ if (len != 1)
+ {
+ i=ASN1_R_BOOLEAN_IS_WRONG_LENGTH;
+ goto err;
+ }
+ ret= (int)*(p++);
+ if (a != NULL) (*a)=ret;
+ *pp=p;
+ return(ret);
+err:
+ ASN1err(ASN1_F_D2I_ASN1_BOOLEAN,i);
+ return(ret);
+ }
diff --git a/src/lib/libssl/src/crypto/asn1/a_bytes.c b/src/lib/libssl/src/crypto/asn1/a_bytes.c
new file mode 100644
index 0000000000..14168d61ad
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/a_bytes.c
@@ -0,0 +1,346 @@
+/* crypto/asn1/a_bytes.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+
+/* ASN1err(ASN1_F_ASN1_TYPE_NEW,ASN1_R_ERROR_STACK);
+ * ASN1err(ASN1_F_D2I_ASN1_TYPE_BYTES,ASN1_R_ERROR_STACK);
+ * ASN1err(ASN1_F_D2I_ASN1_TYPE_BYTES,ASN1_R_WRONG_TYPE);
+ * ASN1err(ASN1_F_ASN1_COLLATE_PRIMATIVE,ASN1_R_WRONG_TAG);
+ */
+
+static unsigned long tag2bit[32]={
+0, 0, 0, B_ASN1_BIT_STRING, /* tags 0 - 3 */
+B_ASN1_OCTET_STRING, 0, 0, B_ASN1_UNKNOWN,/* tags 4- 7 */
+B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN,/* tags 8-11 */
+B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN,/* tags 12-15 */
+0, 0, B_ASN1_NUMERICSTRING,B_ASN1_PRINTABLESTRING,
+B_ASN1_T61STRING,B_ASN1_VIDEOTEXSTRING,B_ASN1_IA5STRING,0,
+0,B_ASN1_GRAPHICSTRING,B_ASN1_ISO64STRING,B_ASN1_GENERALSTRING,
+B_ASN1_UNIVERSALSTRING,B_ASN1_UNKNOWN,B_ASN1_BMPSTRING,B_ASN1_UNKNOWN,
+ };
+
+#ifndef NOPROTO
+static int asn1_collate_primative(ASN1_STRING *a, ASN1_CTX *c);
+#else
+static int asn1_collate_primative();
+#endif
+
+/* type is a 'bitmap' of acceptable string types to be accepted.
+ */
+ASN1_STRING *d2i_ASN1_type_bytes(a, pp, length, type)
+ASN1_STRING **a;
+unsigned char **pp;
+long length;
+int type;
+ {
+ ASN1_STRING *ret=NULL;
+ unsigned char *p,*s;
+ long len;
+ int inf,tag,xclass;
+ int i=0;
+
+ p= *pp;
+ inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
+ if (inf & 0x80) goto err;
+
+ if (tag >= 32)
+ {
+ i=ASN1_R_TAG_VALUE_TOO_HIGH;;
+ goto err;
+ }
+ if (!(tag2bit[tag] & type))
+ {
+ i=ASN1_R_WRONG_TYPE;
+ goto err;
+ }
+
+ /* If a bit-string, exit early */
+ if (tag == V_ASN1_BIT_STRING)
+ return(d2i_ASN1_BIT_STRING(a,pp,length));
+
+ if ((a == NULL) || ((*a) == NULL))
+ {
+ if ((ret=ASN1_STRING_new()) == NULL) return(NULL);
+ }
+ else
+ ret=(*a);
+
+ if (len != 0)
+ {
+ s=(unsigned char *)Malloc((int)len+1);
+ if (s == NULL)
+ {
+ i=ERR_R_MALLOC_FAILURE;
+ goto err;
+ }
+ memcpy(s,p,(int)len);
+ s[len]='\0';
+ p+=len;
+ }
+ else
+ s=NULL;
+
+ if (ret->data != NULL) Free((char *)ret->data);
+ ret->length=(int)len;
+ ret->data=s;
+ ret->type=tag;
+ if (a != NULL) (*a)=ret;
+ *pp=p;
+ return(ret);
+err:
+ ASN1err(ASN1_F_D2I_ASN1_TYPE_BYTES,i);
+ if ((ret != NULL) && ((a == NULL) || (*a != ret)))
+ ASN1_STRING_free(ret);
+ return(NULL);
+ }
+
+int i2d_ASN1_bytes(a, pp, tag, xclass)
+ASN1_STRING *a;
+unsigned char **pp;
+int tag;
+int xclass;
+ {
+ int ret,r,constructed;
+ unsigned char *p;
+
+ if (a == NULL) return(0);
+
+ if (tag == V_ASN1_BIT_STRING)
+ return(i2d_ASN1_BIT_STRING(a,pp));
+
+ ret=a->length;
+ r=ASN1_object_size(0,ret,tag);
+ if (pp == NULL) return(r);
+ p= *pp;
+
+ if ((tag == V_ASN1_SEQUENCE) || (tag == V_ASN1_SET))
+ constructed=1;
+ else
+ constructed=0;
+ ASN1_put_object(&p,constructed,ret,tag,xclass);
+ memcpy(p,a->data,a->length);
+ p+=a->length;
+ *pp= p;
+ return(r);
+ }
+
+ASN1_STRING *d2i_ASN1_bytes(a, pp, length, Ptag, Pclass)
+ASN1_STRING **a;
+unsigned char **pp;
+long length;
+int Ptag;
+int Pclass;
+ {
+ ASN1_STRING *ret=NULL;
+ unsigned char *p,*s;
+ long len;
+ int inf,tag,xclass;
+ int i=0;
+
+ if ((a == NULL) || ((*a) == NULL))
+ {
+ if ((ret=ASN1_STRING_new()) == NULL) return(NULL);
+ }
+ else
+ ret=(*a);
+
+ p= *pp;
+ inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
+ if (inf & 0x80)
+ {
+ i=ASN1_R_BAD_OBJECT_HEADER;
+ goto err;
+ }
+
+ if (tag != Ptag)
+ {
+ i=ASN1_R_WRONG_TAG;
+ goto err;
+ }
+
+ if (inf & V_ASN1_CONSTRUCTED)
+ {
+ ASN1_CTX c;
+
+ c.pp=pp;
+ c.p=p;
+ c.inf=inf;
+ c.slen=len;
+ c.tag=Ptag;
+ c.xclass=Pclass;
+ c.max=(length == 0)?0:(p+length);
+ if (!asn1_collate_primative(ret,&c))
+ goto err;
+ else
+ {
+ p=c.p;
+ }
+ }
+ else
+ {
+ if (len != 0)
+ {
+ if ((ret->length < len) || (ret->data == NULL))
+ {
+ if (ret->data != NULL) Free((char *)ret->data);
+ s=(unsigned char *)Malloc((int)len);
+ if (s == NULL)
+ {
+ i=ERR_R_MALLOC_FAILURE;
+ goto err;
+ }
+ }
+ else
+ s=ret->data;
+ memcpy(s,p,(int)len);
+ p+=len;
+ }
+ else
+ {
+ s=NULL;
+ if (ret->data != NULL) Free((char *)ret->data);
+ }
+
+ ret->length=(int)len;
+ ret->data=s;
+ ret->type=Ptag;
+ }
+
+ if (a != NULL) (*a)=ret;
+ *pp=p;
+ return(ret);
+err:
+ if ((ret != NULL) && ((a == NULL) || (*a != ret)))
+ ASN1_STRING_free(ret);
+ ASN1err(ASN1_F_D2I_ASN1_BYTES,i);
+ return(NULL);
+ }
+
+
+/* We are about to parse 0..n d2i_ASN1_bytes objects, we are to collapes
+ * them into the one struture that is then returned */
+/* There have been a few bug fixes for this function from
+ * Paul Keogh <paul.keogh@sse.ie>, many thanks to him */
+static int asn1_collate_primative(a,c)
+ASN1_STRING *a;
+ASN1_CTX *c;
+ {
+ ASN1_STRING *os=NULL;
+ BUF_MEM b;
+ int num;
+
+ b.length=0;
+ b.max=0;
+ b.data=NULL;
+
+ if (a == NULL)
+ {
+ c->error=ERR_R_PASSED_NULL_PARAMETER;
+ goto err;
+ }
+
+ num=0;
+ for (;;)
+ {
+ if (c->inf & 1)
+ {
+ c->eos=ASN1_check_infinite_end(&c->p,
+ (long)(c->max-c->p));
+ if (c->eos) break;
+ }
+ else
+ {
+ if (c->slen <= 0) break;
+ }
+
+ c->q=c->p;
+ if (d2i_ASN1_bytes(&os,&c->p,c->max-c->p,c->tag,c->xclass)
+ == NULL)
+ {
+ c->error=ERR_R_ASN1_LIB;
+ goto err;
+ }
+
+ if (!BUF_MEM_grow(&b,num+os->length))
+ {
+ c->error=ERR_R_BUF_LIB;
+ goto err;
+ }
+ memcpy(&(b.data[num]),os->data,os->length);
+ if (!(c->inf & 1))
+ c->slen-=(c->p-c->q);
+ num+=os->length;
+ }
+
+ if (!asn1_Finish(c)) goto err;
+
+ a->length=num;
+ if (a->data != NULL) Free(a->data);
+ a->data=(unsigned char *)b.data;
+ if (os != NULL) ASN1_STRING_free(os);
+ return(1);
+err:
+ ASN1err(ASN1_F_ASN1_COLLATE_PRIMATIVE,c->error);
+ if (os != NULL) ASN1_STRING_free(os);
+ if (b.data != NULL) Free(b.data);
+ return(0);
+ }
+
diff --git a/src/lib/libssl/src/crypto/asn1/a_d2i_fp.c b/src/lib/libssl/src/crypto/asn1/a_d2i_fp.c
new file mode 100644
index 0000000000..d952836a91
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/a_d2i_fp.c
@@ -0,0 +1,201 @@
+/* crypto/asn1/a_d2i_fp.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "buffer.h"
+#include "asn1_mac.h"
+
+#define HEADER_SIZE 8
+
+#ifndef NO_FP_API
+char *ASN1_d2i_fp(xnew,d2i,in,x)
+char *(*xnew)();
+char *(*d2i)();
+FILE *in;
+unsigned char **x;
+ {
+ BIO *b;
+ char *ret;
+
+ if ((b=BIO_new(BIO_s_file())) == NULL)
+ {
+ ASN1err(ASN1_F_ASN1_D2I_FP,ERR_R_BUF_LIB);
+ return(NULL);
+ }
+ BIO_set_fp(b,in,BIO_NOCLOSE);
+ ret=ASN1_d2i_bio(xnew,d2i,b,x);
+ BIO_free(b);
+ return(ret);
+ }
+#endif
+
+char *ASN1_d2i_bio(xnew,d2i,in,x)
+char *(*xnew)();
+char *(*d2i)();
+BIO *in;
+unsigned char **x;
+ {
+ BUF_MEM *b;
+ unsigned char *p;
+ int i;
+ char *ret=NULL;
+ ASN1_CTX c;
+ int want=HEADER_SIZE;
+ int eos=0;
+ int off=0;
+ int len=0;
+
+ b=BUF_MEM_new();
+ if (b == NULL)
+ {
+ ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE);
+ return(NULL);
+ }
+
+ ERR_clear_error();
+ for (;;)
+ {
+ if (want >= (len-off))
+ {
+ want-=(len-off);
+
+ if (!BUF_MEM_grow(b,len+want))
+ {
+ ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ i=BIO_read(in,&(b->data[len]),want);
+ if ((i < 0) && ((len-off) == 0))
+ {
+ ASN1err(ASN1_F_ASN1_D2I_BIO,ASN1_R_NOT_ENOUGH_DATA);
+ goto err;
+ }
+ if (i > 0)
+ len+=i;
+ }
+ /* else data already loaded */
+
+ p=(unsigned char *)&(b->data[off]);
+ c.p=p;
+ c.inf=ASN1_get_object(&(c.p),&(c.slen),&(c.tag),&(c.xclass),
+ len-off);
+ if (c.inf & 0x80)
+ {
+ unsigned long e;
+
+ e=ERR_GET_REASON(ERR_peek_error());
+ if (e != ASN1_R_TOO_LONG)
+ goto err;
+ else
+ ERR_get_error(); /* clear error */
+ }
+ i=c.p-p;/* header length */
+ off+=i; /* end of data */
+
+ if (c.inf & 1)
+ {
+ /* no data body so go round again */
+ eos++;
+ want=HEADER_SIZE;
+ }
+ else if (eos && (c.slen == 0) && (c.tag == V_ASN1_EOC))
+ {
+ /* eos value, so go back and read another header */
+ eos--;
+ if (eos <= 0)
+ break;
+ else
+ want=HEADER_SIZE;
+ }
+ else
+ {
+ /* suck in c.slen bytes of data */
+ want=(int)c.slen;
+ if (want > (len-off))
+ {
+ want-=(len-off);
+ if (!BUF_MEM_grow(b,len+want))
+ {
+ ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ i=BIO_read(in,&(b->data[len]),want);
+ if (i <= 0)
+ {
+ ASN1err(ASN1_F_ASN1_D2I_BIO,ASN1_R_NOT_ENOUGH_DATA);
+ goto err;
+ }
+ len+=i;
+ }
+ off+=(int)c.slen;
+ if (eos <= 0)
+ {
+ break;
+ }
+ else
+ want=HEADER_SIZE;
+ }
+ }
+
+ p=(unsigned char *)b->data;
+ ret=d2i(x,&p,off);
+err:
+ if (b != NULL) BUF_MEM_free(b);
+ return(ret);
+ }
diff --git a/src/lib/libssl/src/crypto/asn1/a_digest.c b/src/lib/libssl/src/crypto/asn1/a_digest.c
new file mode 100644
index 0000000000..8ddb65b0dc
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/a_digest.c
@@ -0,0 +1,91 @@
+/* crypto/asn1/a_digest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+
+#include "cryptlib.h"
+#include "evp.h"
+#include "x509.h"
+#include "buffer.h"
+
+int ASN1_digest(i2d,type,data,md,len)
+int (*i2d)();
+EVP_MD *type;
+char *data;
+unsigned char *md;
+unsigned int *len;
+ {
+ EVP_MD_CTX ctx;
+ int i;
+ unsigned char *str,*p;
+
+ i=i2d(data,NULL);
+ if ((str=(unsigned char *)Malloc(i)) == NULL) return(0);
+ p=str;
+ i2d(data,&p);
+
+ EVP_DigestInit(&ctx,type);
+ EVP_DigestUpdate(&ctx,str,i);
+ EVP_DigestFinal(&ctx,md,len);
+ Free(str);
+ return(1);
+ }
+
diff --git a/src/lib/libssl/src/crypto/asn1/a_dup.c b/src/lib/libssl/src/crypto/asn1/a_dup.c
new file mode 100644
index 0000000000..961b4cb069
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/a_dup.c
@@ -0,0 +1,86 @@
+/* crypto/asn1/a_dup.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+
+#define READ_CHUNK 2048
+
+char *ASN1_dup(i2d,d2i,x)
+int (*i2d)();
+char *(*d2i)();
+char *x;
+ {
+ unsigned char *b,*p;
+ long i;
+ char *ret;
+
+ if (x == NULL) return(NULL);
+
+ i=(long)i2d(x,NULL);
+ b=(unsigned char *)Malloc((unsigned int)i+10);
+ if (b == NULL)
+ { ASN1err(ASN1_F_ASN1_DUP,ERR_R_MALLOC_FAILURE); return(NULL); }
+ p= b;
+ i=i2d(x,&p);
+ p= b;
+ ret=d2i(NULL,&p,i);
+ Free((char *)b);
+ return(ret);
+ }
diff --git a/src/lib/libssl/src/crypto/asn1/a_hdr.c b/src/lib/libssl/src/crypto/asn1/a_hdr.c
new file mode 100644
index 0000000000..4fb7a5fa75
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/a_hdr.c
@@ -0,0 +1,130 @@
+/* crypto/asn1/a_hdr.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+#include "asn1.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_ASN1_HEADER,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_I2D_ASN1_HEADER,ASN1_R_BAD_GET_OBJECT);
+ * ASN1err(ASN1_F_I2D_ASN1_HEADER,ASN1_R_BAD_GET_OBJECT);
+ * ASN1err(ASN1_F_ASN1_HEADER_NEW,ASN1_R_BAD_GET_OBJECT);
+ */
+
+int i2d_ASN1_HEADER(a,pp)
+ASN1_HEADER *a;
+unsigned char **pp;
+ {
+ M_ASN1_I2D_vars(a);
+
+ M_ASN1_I2D_len(a->header, i2d_ASN1_OCTET_STRING);
+ M_ASN1_I2D_len(a->data, a->meth->i2d);
+
+ M_ASN1_I2D_seq_total();
+
+ M_ASN1_I2D_put(a->header, i2d_ASN1_OCTET_STRING);
+ M_ASN1_I2D_put(a->data, a->meth->i2d);
+
+ M_ASN1_I2D_finish();
+ }
+
+ASN1_HEADER *d2i_ASN1_HEADER(a,pp,length)
+ASN1_HEADER **a;
+unsigned char **pp;
+long length;
+ {
+ M_ASN1_D2I_vars(a,ASN1_HEADER *,ASN1_HEADER_new);
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(ret->header,d2i_ASN1_OCTET_STRING);
+ if (ret->meth != NULL)
+ {
+ M_ASN1_D2I_get(ret->data,ret->meth->d2i);
+ }
+ else
+ {
+ if (a != NULL) (*a)=ret;
+ return(ret);
+ }
+ M_ASN1_D2I_Finish(a,ASN1_HEADER_free,ASN1_F_D2I_ASN1_HEADER);
+ }
+
+ASN1_HEADER *ASN1_HEADER_new()
+ {
+ ASN1_HEADER *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,ASN1_HEADER);
+ M_ASN1_New(ret->header,ASN1_OCTET_STRING_new);
+ ret->meth=NULL;
+ ret->data=NULL;
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_ASN1_HEADER_NEW);
+ }
+
+void ASN1_HEADER_free(a)
+ASN1_HEADER *a;
+ {
+ if (a == NULL) return;
+ ASN1_OCTET_STRING_free(a->header);
+ if (a->meth != NULL)
+ a->meth->destroy(a->data);
+ Free((char *)a);
+ }
diff --git a/src/lib/libssl/src/crypto/asn1/a_i2d_fp.c b/src/lib/libssl/src/crypto/asn1/a_i2d_fp.c
new file mode 100644
index 0000000000..66c3df68d5
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/a_i2d_fp.c
@@ -0,0 +1,119 @@
+/* crypto/asn1/a_i2d_fp.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "buffer.h"
+#include "asn1_mac.h"
+
+#ifndef NO_FP_API
+int ASN1_i2d_fp(i2d,out,x)
+int (*i2d)();
+FILE *out;
+unsigned char *x;
+ {
+ BIO *b;
+ int ret;
+
+ if ((b=BIO_new(BIO_s_file())) == NULL)
+ {
+ ASN1err(ASN1_F_ASN1_I2D_FP,ERR_R_BUF_LIB);
+ return(0);
+ }
+ BIO_set_fp(b,out,BIO_NOCLOSE);
+ ret=ASN1_i2d_bio(i2d,b,x);
+ BIO_free(b);
+ return(ret);
+ }
+#endif
+
+int ASN1_i2d_bio(i2d,out,x)
+int (*i2d)();
+BIO *out;
+unsigned char *x;
+ {
+ char *b;
+ unsigned char *p;
+ int i,j=0,n,ret=1;
+
+ n=i2d(x,NULL);
+ b=(char *)Malloc(n);
+ if (b == NULL)
+ {
+ ASN1err(ASN1_F_ASN1_I2D_BIO,ERR_R_MALLOC_FAILURE);
+ return(0);
+ }
+
+ p=(unsigned char *)b;
+ i2d(x,&p);
+
+ for (;;)
+ {
+ i=BIO_write(out,&(b[j]),n);
+ if (i == n) break;
+ if (i <= 0)
+ {
+ ret=0;
+ break;
+ }
+ j+=i;
+ n-=i;
+ }
+ Free((char *)b);
+ return(ret);
+ }
diff --git a/src/lib/libssl/src/crypto/asn1/a_int.c b/src/lib/libssl/src/crypto/asn1/a_int.c
new file mode 100644
index 0000000000..df79cf99bb
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/a_int.c
@@ -0,0 +1,305 @@
+/* crypto/asn1/a_int.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1.h"
+
+/* ASN1err(ASN1_F_D2I_ASN1_INTEGER,ASN1_R_EXPECTING_AN_INTEGER);
+ */
+
+int i2d_ASN1_INTEGER(a,pp)
+ASN1_INTEGER *a;
+unsigned char **pp;
+ {
+ int pad=0,ret,r,i,t;
+ unsigned char *p,*pt,*n,pb=0;
+
+ if ((a == NULL) || (a->data == NULL)) return(0);
+ t=a->type;
+ if (a->length == 0)
+ ret=1;
+ else
+ {
+ ret=a->length;
+ i=a->data[0];
+ if ((t == V_ASN1_INTEGER) && (i > 127))
+ {
+ pad=1;
+ pb=0;
+ }
+ else if ((t == V_ASN1_NEG_INTEGER) && (i>128))
+ {
+ pad=1;
+ pb=0xFF;
+ }
+ ret+=pad;
+ }
+ r=ASN1_object_size(0,ret,V_ASN1_INTEGER);
+ if (pp == NULL) return(r);
+ p= *pp;
+
+ ASN1_put_object(&p,0,ret,V_ASN1_INTEGER,V_ASN1_UNIVERSAL);
+ if (pad) *(p++)=pb;
+ if (a->length == 0)
+ *(p++)=0;
+ else if (t == V_ASN1_INTEGER)
+ {
+ memcpy(p,a->data,(unsigned int)a->length);
+ p+=a->length;
+ }
+ else
+ {
+ n=a->data;
+ pt=p;
+ for (i=a->length; i>0; i--)
+ *(p++)= (*(n++)^0xFF)+1;
+ if (!pad) *pt|=0x80;
+ }
+
+ *pp=p;
+ return(r);
+ }
+
+ASN1_INTEGER *d2i_ASN1_INTEGER(a, pp, length)
+ASN1_INTEGER **a;
+unsigned char **pp;
+long length;
+ {
+ ASN1_INTEGER *ret=NULL;
+ unsigned char *p,*to,*s;
+ long len;
+ int inf,tag,xclass;
+ int i;
+
+ if ((a == NULL) || ((*a) == NULL))
+ {
+ if ((ret=ASN1_INTEGER_new()) == NULL) return(NULL);
+ ret->type=V_ASN1_INTEGER;
+ }
+ else
+ ret=(*a);
+
+ p= *pp;
+ inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
+ if (inf & 0x80)
+ {
+ i=ASN1_R_BAD_OBJECT_HEADER;
+ goto err;
+ }
+
+ if (tag != V_ASN1_INTEGER)
+ {
+ i=ASN1_R_EXPECTING_AN_INTEGER;
+ goto err;
+ }
+
+ /* We must Malloc stuff, even for 0 bytes otherwise it
+ * signifies a missing NULL parameter. */
+ s=(unsigned char *)Malloc((int)len+1);
+ if (s == NULL)
+ {
+ i=ERR_R_MALLOC_FAILURE;
+ goto err;
+ }
+ to=s;
+ if (*p & 0x80) /* a negative number */
+ {
+ ret->type=V_ASN1_NEG_INTEGER;
+ if (*p == 0xff)
+ {
+ p++;
+ len--;
+ }
+ for (i=(int)len; i>0; i--)
+ *(to++)= (*(p++)^0xFF)+1;
+ }
+ else
+ {
+ ret->type=V_ASN1_INTEGER;
+ if ((*p == 0) && (len != 1))
+ {
+ p++;
+ len--;
+ }
+ memcpy(s,p,(int)len);
+ p+=len;
+ }
+
+ if (ret->data != NULL) Free((char *)ret->data);
+ ret->data=s;
+ ret->length=(int)len;
+ if (a != NULL) (*a)=ret;
+ *pp=p;
+ return(ret);
+err:
+ ASN1err(ASN1_F_D2I_ASN1_INTEGER,i);
+ if ((ret != NULL) && ((a == NULL) || (*a != ret)))
+ ASN1_INTEGER_free(ret);
+ return(NULL);
+ }
+
+int ASN1_INTEGER_set(a,v)
+ASN1_INTEGER *a;
+long v;
+ {
+ int i,j,k;
+ unsigned char buf[sizeof(long)+1];
+ long d;
+
+ a->type=V_ASN1_INTEGER;
+ if (a->length < (sizeof(long)+1))
+ {
+ if (a->data != NULL)
+ Free((char *)a->data);
+ if ((a->data=(unsigned char *)Malloc(sizeof(long)+1)) != NULL)
+ memset((char *)a->data,0,sizeof(long)+1);
+ }
+ if (a->data == NULL)
+ {
+ ASN1err(ASN1_F_ASN1_INTEGER_SET,ERR_R_MALLOC_FAILURE);
+ return(0);
+ }
+ d=v;
+ if (d < 0)
+ {
+ d= -d;
+ a->type=V_ASN1_NEG_INTEGER;
+ }
+
+ for (i=0; i<sizeof(long); i++)
+ {
+ if (d == 0) break;
+ buf[i]=(int)d&0xff;
+ d>>=8;
+ }
+ j=0;
+ if (v < 0) a->data[j++]=0;
+ for (k=i-1; k >=0; k--)
+ a->data[j++]=buf[k];
+ a->length=j;
+ return(1);
+ }
+
+long ASN1_INTEGER_get(a)
+ASN1_INTEGER *a;
+ {
+ int neg=0,i;
+ long r=0;
+
+ if (a == NULL) return(0L);
+ i=a->type;
+ if (i == V_ASN1_NEG_INTEGER)
+ neg=1;
+ else if (i != V_ASN1_INTEGER)
+ return(0);
+
+ if (a->length > sizeof(long))
+ {
+ /* hmm... a bit ugly */
+ return(0xffffffffL);
+ }
+ if (a->data == NULL)
+ return(0);
+
+ for (i=0; i<a->length; i++)
+ {
+ r<<=8;
+ r|=(unsigned char)a->data[i];
+ }
+ if (neg) r= -r;
+ return(r);
+ }
+
+ASN1_INTEGER *BN_to_ASN1_INTEGER(bn,ai)
+BIGNUM *bn;
+ASN1_INTEGER *ai;
+ {
+ ASN1_INTEGER *ret;
+ int len,j;
+
+ if (ai == NULL)
+ ret=ASN1_INTEGER_new();
+ else
+ ret=ai;
+ if (ret == NULL)
+ {
+ ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ASN1_R_ERROR_STACK);
+ goto err;
+ }
+ ret->type=V_ASN1_INTEGER;
+ j=BN_num_bits(bn);
+ len=((j == 0)?0:((j/8)+1));
+ ret->data=(unsigned char *)Malloc(len+4);
+ ret->length=BN_bn2bin(bn,ret->data);
+ return(ret);
+err:
+ if (ret != ai) ASN1_INTEGER_free(ret);
+ return(NULL);
+ }
+
+BIGNUM *ASN1_INTEGER_to_BN(ai,bn)
+ASN1_INTEGER *ai;
+BIGNUM *bn;
+ {
+ BIGNUM *ret;
+
+ if ((ret=BN_bin2bn(ai->data,ai->length,bn)) == NULL)
+ ASN1err(ASN1_F_ASN1_INTEGER_TO_BN,ASN1_R_BN_LIB);
+ return(ret);
+ }
diff --git a/src/lib/libssl/src/crypto/asn1/a_meth.c b/src/lib/libssl/src/crypto/asn1/a_meth.c
new file mode 100644
index 0000000000..513625c305
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/a_meth.c
@@ -0,0 +1,84 @@
+/* crypto/asn1/a_meth.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "buffer.h"
+#include "x509.h"
+
+static ASN1_METHOD ia5string_meth={
+ (int (*)()) i2d_ASN1_IA5STRING,
+ (char *(*)()) d2i_ASN1_IA5STRING,
+ (char *(*)()) ASN1_STRING_new,
+ (void (*)()) ASN1_STRING_free};
+
+static ASN1_METHOD bit_string_meth={
+ (int (*)()) i2d_ASN1_BIT_STRING,
+ (char *(*)()) d2i_ASN1_BIT_STRING,
+ (char *(*)()) ASN1_STRING_new,
+ (void (*)()) ASN1_STRING_free};
+
+ASN1_METHOD *ASN1_IA5STRING_asn1_meth()
+ {
+ return(&ia5string_meth);
+ }
+
+ASN1_METHOD *ASN1_BIT_STRING_asn1_meth()
+ {
+ return(&bit_string_meth);
+ }
diff --git a/src/lib/libssl/src/crypto/asn1/a_object.c b/src/lib/libssl/src/crypto/asn1/a_object.c
new file mode 100644
index 0000000000..5a7eeef8d8
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/a_object.c
@@ -0,0 +1,389 @@
+/* crypto/asn1/a_object.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "buffer.h"
+#include "asn1.h"
+#include "objects.h"
+
+/* ASN1err(ASN1_F_ASN1_OBJECT_NEW,ASN1_R_EXPECTING_AN_OBJECT);
+ * ASN1err(ASN1_F_D2I_ASN1_OBJECT,ASN1_R_BAD_OBJECT_HEADER);
+ * ASN1err(ASN1_F_I2T_ASN1_OBJECT,ASN1_R_BAD_OBJECT_HEADER);
+ */
+
+int i2d_ASN1_OBJECT(a, pp)
+ASN1_OBJECT *a;
+unsigned char **pp;
+ {
+ unsigned char *p;
+
+ if ((a == NULL) || (a->data == NULL)) return(0);
+
+ if (pp == NULL)
+ return(ASN1_object_size(0,a->length,V_ASN1_OBJECT));
+
+ p= *pp;
+ ASN1_put_object(&p,0,a->length,V_ASN1_OBJECT,V_ASN1_UNIVERSAL);
+ memcpy(p,a->data,a->length);
+ p+=a->length;
+
+ *pp=p;
+ return(a->length);
+ }
+
+int a2d_ASN1_OBJECT(out,olen,buf,num)
+unsigned char *out;
+int olen;
+char *buf;
+int num;
+ {
+ int i,first,len=0,c;
+ char tmp[24],*p;
+ unsigned long l;
+
+ if (num == 0)
+ return(0);
+ else if (num == -1)
+ num=strlen(buf);
+
+ p=buf;
+ c= *(p++);
+ num--;
+ if ((c >= '0') && (c <= '2'))
+ {
+ first=(c-'0')*40;
+ }
+ else
+ {
+ ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_FIRST_NUM_TOO_LARGE);
+ goto err;
+ }
+
+ if (num <= 0)
+ {
+ ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_MISSING_SECOND_NUMBER);
+ goto err;
+ }
+ c= *(p++);
+ num--;
+ for (;;)
+ {
+ if (num <= 0) break;
+ if ((c != '.') && (c != ' '))
+ {
+ ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_INVALID_SEPARATOR);
+ goto err;
+ }
+ l=0;
+ for (;;)
+ {
+ if (num <= 0) break;
+ num--;
+ c= *(p++);
+ if ((c == ' ') || (c == '.'))
+ break;
+ if ((c < '0') || (c > '9'))
+ {
+ ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_INVALID_DIGIT);
+ goto err;
+ }
+ l=l*10L+(long)(c-'0');
+ }
+ if (len == 0)
+ {
+ if ((first < 2) && (l >= 40))
+ {
+ ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_SECOND_NUMBER_TOO_LARGE);
+ goto err;
+ }
+ l+=(long)first;
+ }
+ i=0;
+ for (;;)
+ {
+ tmp[i++]=(unsigned char)l&0x7f;
+ l>>=7L;
+ if (l == 0L) break;
+ }
+ if (out != NULL)
+ {
+ if (len+i > olen)
+ {
+ ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_BUFFER_TOO_SMALL);
+ goto err;
+ }
+ while (--i > 0)
+ out[len++]=tmp[i]|0x80;
+ out[len++]=tmp[0];
+ }
+ else
+ len+=i;
+ }
+ return(len);
+err:
+ return(0);
+ }
+
+int i2t_ASN1_OBJECT(buf,buf_len,a)
+char *buf;
+int buf_len;
+ASN1_OBJECT *a;
+ {
+ int i,idx=0,n=0,len,nid;
+ unsigned long l;
+ unsigned char *p;
+ char *s;
+ char tbuf[32];
+
+ if (buf_len <= 0) return(0);
+
+ if ((a == NULL) || (a->data == NULL))
+ {
+ buf[0]='\0';
+ return(0);
+ }
+
+ nid=OBJ_obj2nid(a);
+ if (nid == NID_undef)
+ {
+ len=a->length;
+ p=a->data;
+
+ idx=0;
+ l=0;
+ while (idx < a->length)
+ {
+ l|=(p[idx]&0x7f);
+ if (!(p[idx] & 0x80)) break;
+ l<<=7L;
+ idx++;
+ }
+ idx++;
+ i=(int)(l/40);
+ if (i > 2) i=2;
+ l-=(long)(i*40);
+
+ sprintf(tbuf,"%d.%ld",i,l);
+ i=strlen(tbuf);
+ strncpy(buf,tbuf,buf_len);
+ buf_len-=i;
+ buf+=i;
+ n+=i;
+
+ l=0;
+ for (; idx<len; idx++)
+ {
+ l|=p[idx]&0x7f;
+ if (!(p[idx] & 0x80))
+ {
+ sprintf(tbuf,".%ld",l);
+ i=strlen(tbuf);
+ if (buf_len > 0)
+ strncpy(buf,tbuf,buf_len);
+ buf_len-=i;
+ buf+=i;
+ n+=i;
+ l=0;
+ }
+ l<<=7L;
+ }
+ }
+ else
+ {
+ s=(char *)OBJ_nid2ln(nid);
+ if (s == NULL)
+ s=(char *)OBJ_nid2sn(nid);
+ strncpy(buf,s,buf_len);
+ n=strlen(s);
+ }
+ buf[buf_len-1]='\0';
+ return(n);
+ }
+
+int i2a_ASN1_OBJECT(bp,a)
+BIO *bp;
+ASN1_OBJECT *a;
+ {
+ char buf[80];
+ int i;
+
+ if ((a == NULL) || (a->data == NULL))
+ return(BIO_write(bp,"NULL",4));
+ i=i2t_ASN1_OBJECT(buf,80,a);
+ if (i > 80) i=80;
+ BIO_write(bp,buf,i);
+ return(i);
+ }
+
+ASN1_OBJECT *d2i_ASN1_OBJECT(a, pp, length)
+ASN1_OBJECT **a;
+unsigned char **pp;
+long length;
+ {
+ ASN1_OBJECT *ret=NULL;
+ unsigned char *p;
+ long len;
+ int tag,xclass;
+ int inf,i;
+
+ /* only the ASN1_OBJECTs from the 'table' will have values
+ * for ->sn or ->ln */
+ if ((a == NULL) || ((*a) == NULL) ||
+ !((*a)->flags & ASN1_OBJECT_FLAG_DYNAMIC))
+ {
+ if ((ret=ASN1_OBJECT_new()) == NULL) return(NULL);
+ }
+ else ret=(*a);
+
+ p= *pp;
+
+ inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
+ if (inf & 0x80)
+ {
+ i=ASN1_R_BAD_OBJECT_HEADER;
+ goto err;
+ }
+
+ if (tag != V_ASN1_OBJECT)
+ {
+ i=ASN1_R_EXPECTING_AN_OBJECT;
+ goto err;
+ }
+ if ((ret->data == NULL) || (ret->length < len))
+ {
+ if (ret->data != NULL) Free((char *)ret->data);
+ ret->data=(unsigned char *)Malloc((int)len);
+ ret->flags|=ASN1_OBJECT_FLAG_DYNAMIC_DATA;
+ if (ret->data == NULL)
+ { i=ERR_R_MALLOC_FAILURE; goto err; }
+ }
+ memcpy(ret->data,p,(int)len);
+ ret->length=(int)len;
+ ret->sn=NULL;
+ ret->ln=NULL;
+ /* ret->flags=ASN1_OBJECT_FLAG_DYNAMIC; we know it is dynamic */
+ p+=len;
+
+ if (a != NULL) (*a)=ret;
+ *pp=p;
+ return(ret);
+err:
+ ASN1err(ASN1_F_D2I_ASN1_OBJECT,i);
+ if ((ret != NULL) && ((a == NULL) || (*a != ret)))
+ ASN1_OBJECT_free(ret);
+ return(NULL);
+ }
+
+ASN1_OBJECT *ASN1_OBJECT_new()
+ {
+ ASN1_OBJECT *ret;
+
+ ret=(ASN1_OBJECT *)Malloc(sizeof(ASN1_OBJECT));
+ if (ret == NULL)
+ {
+ ASN1err(ASN1_F_ASN1_OBJECT_NEW,ERR_R_MALLOC_FAILURE);
+ return(NULL);
+ }
+ ret->length=0;
+ ret->data=NULL;
+ ret->nid=0;
+ ret->sn=NULL;
+ ret->ln=NULL;
+ ret->flags=ASN1_OBJECT_FLAG_DYNAMIC;
+ return(ret);
+ }
+
+void ASN1_OBJECT_free(a)
+ASN1_OBJECT *a;
+ {
+ if (a == NULL) return;
+ if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_STRINGS)
+ {
+ if (a->sn != NULL) Free(a->sn);
+ if (a->ln != NULL) Free(a->ln);
+ a->sn=a->ln=NULL;
+ }
+ if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_DATA)
+ {
+ if (a->data != NULL) Free(a->data);
+ a->data=NULL;
+ a->length=0;
+ }
+ if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC)
+ Free((char *)a);
+ }
+
+ASN1_OBJECT *ASN1_OBJECT_create(nid,data,len,sn,ln)
+int nid;
+unsigned char *data;
+int len;
+char *sn,*ln;
+ {
+ ASN1_OBJECT o;
+
+ o.sn=sn;
+ o.ln=ln;
+ o.data=data;
+ o.nid=nid;
+ o.length=len;
+ o.flags=ASN1_OBJECT_FLAG_DYNAMIC|
+ ASN1_OBJECT_FLAG_DYNAMIC_STRINGS|ASN1_OBJECT_FLAG_DYNAMIC_DATA;
+ return(OBJ_dup(&o));
+ }
+
diff --git a/src/lib/libssl/src/crypto/asn1/a_octet.c b/src/lib/libssl/src/crypto/asn1/a_octet.c
new file mode 100644
index 0000000000..be3f172a8c
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/a_octet.c
@@ -0,0 +1,90 @@
+/* crypto/asn1/a_octet.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1.h"
+
+/* ASN1err(ASN1_F_D2I_ASN1_OCTET_STRING,ASN1_R_EXPECTING_AN_OCTET_STRING);
+ */
+
+int i2d_ASN1_OCTET_STRING(a, pp)
+ASN1_OCTET_STRING *a;
+unsigned char **pp;
+ {
+ return(i2d_ASN1_bytes((ASN1_STRING *)a,pp,
+ V_ASN1_OCTET_STRING,V_ASN1_UNIVERSAL));
+ }
+
+ASN1_OCTET_STRING *d2i_ASN1_OCTET_STRING(a, pp, length)
+ASN1_OCTET_STRING **a;
+unsigned char **pp;
+long length;
+ {
+ ASN1_OCTET_STRING *ret=NULL;
+
+ ret=(ASN1_OCTET_STRING *)d2i_ASN1_bytes((ASN1_STRING **)a,
+ pp,length,V_ASN1_OCTET_STRING,V_ASN1_UNIVERSAL);
+ if (ret == NULL)
+ {
+ ASN1err(ASN1_F_D2I_ASN1_OCTET_STRING,ASN1_R_ERROR_STACK);
+ return(NULL);
+ }
+ return(ret);
+ }
+
diff --git a/src/lib/libssl/src/crypto/asn1/a_print.c b/src/lib/libssl/src/crypto/asn1/a_print.c
new file mode 100644
index 0000000000..3023361dee
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/a_print.c
@@ -0,0 +1,161 @@
+/* crypto/asn1/a_print.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1.h"
+
+/* ASN1err(ASN1_F_D2I_ASN1_PRINT_TYPE,ASN1_R_WRONG_PRINTABLE_TYPE);
+ * ASN1err(ASN1_F_D2I_ASN1_PRINT_TYPE,ASN1_R_TAG_VALUE_TOO_HIGH);
+ */
+
+int i2d_ASN1_IA5STRING(a,pp)
+ASN1_IA5STRING *a;
+unsigned char **pp;
+ { return(M_i2d_ASN1_IA5STRING(a,pp)); }
+
+ASN1_IA5STRING *d2i_ASN1_IA5STRING(a,pp,l)
+ASN1_IA5STRING **a;
+unsigned char **pp;
+long l;
+ { return(M_d2i_ASN1_IA5STRING(a,pp,l)); }
+
+ASN1_T61STRING *d2i_ASN1_T61STRING(a,pp,l)
+ASN1_T61STRING **a;
+unsigned char **pp;
+long l;
+ { return(M_d2i_ASN1_T61STRING(a,pp,l)); }
+
+ASN1_PRINTABLESTRING *d2i_ASN1_PRINTABLESTRING(a,pp,l)
+ASN1_PRINTABLESTRING **a;
+unsigned char **pp;
+long l;
+ { return(M_d2i_ASN1_PRINTABLESTRING(a,pp,l)); }
+
+int i2d_ASN1_PRINTABLE(a,pp)
+ASN1_STRING *a;
+unsigned char **pp;
+ { return(M_i2d_ASN1_PRINTABLE(a,pp)); }
+
+ASN1_STRING *d2i_ASN1_PRINTABLE(a,pp,l)
+ASN1_STRING **a;
+unsigned char **pp;
+long l;
+ { return(M_d2i_ASN1_PRINTABLE(a,pp,l)); }
+
+int ASN1_PRINTABLE_type(s,len)
+unsigned char *s;
+int len;
+ {
+ int c;
+ int ia5=0;
+ int t61=0;
+
+ if (len <= 0) len= -1;
+ if (s == NULL) return(V_ASN1_PRINTABLESTRING);
+
+ while ((*s) && (len-- != 0))
+ {
+ c= *(s++);
+ if (!( ((c >= 'a') && (c <= 'z')) ||
+ ((c >= 'A') && (c <= 'Z')) ||
+ (c == ' ') ||
+ ((c >= '0') && (c <= '9')) ||
+ (c == ' ') || (c == '\'') ||
+ (c == '(') || (c == ')') ||
+ (c == '+') || (c == ',') ||
+ (c == '-') || (c == '.') ||
+ (c == '/') || (c == ':') ||
+ (c == '=') || (c == '?')))
+ ia5=1;
+ if (c&0x80)
+ t61=1;
+ }
+ if (t61) return(V_ASN1_T61STRING);
+ if (ia5) return(V_ASN1_IA5STRING);
+ return(V_ASN1_PRINTABLESTRING);
+ }
+
+int ASN1_UNIVERSALSTRING_to_string(s)
+ASN1_UNIVERSALSTRING *s;
+ {
+ int i;
+ unsigned char *p;
+
+ if (s->type != V_ASN1_UNIVERSALSTRING) return(0);
+ if ((s->length%4) != 0) return(0);
+ p=s->data;
+ for (i=0; i<s->length; i+=4)
+ {
+ if ((p[0] != '\0') || (p[1] != '\0') || (p[2] != '\0'))
+ break;
+ else
+ p+=4;
+ }
+ if (i < s->length) return(0);
+ p=s->data;
+ for (i=3; i<s->length; i+=4)
+ {
+ *(p++)=s->data[i];
+ }
+ *(p)='\0';
+ s->length/=4;
+ s->type=ASN1_PRINTABLE_type(s->data,s->length);
+ return(1);
+ }
+
diff --git a/src/lib/libssl/src/crypto/asn1/a_set.c b/src/lib/libssl/src/crypto/asn1/a_set.c
new file mode 100644
index 0000000000..17c49946cf
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/a_set.c
@@ -0,0 +1,149 @@
+/* crypto/asn1/a_set.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+
+/* ASN1err(ASN1_F_ASN1_TYPE_NEW,ERR_R_MALLOC_FAILURE);
+ */
+
+int i2d_ASN1_SET(a,pp,func,ex_tag,ex_class)
+STACK *a;
+unsigned char **pp;
+int (*func)();
+int ex_tag;
+int ex_class;
+ {
+ int ret=0,r;
+ int i;
+ unsigned char *p;
+
+ if (a == NULL) return(0);
+ for (i=sk_num(a)-1; i>=0; i--)
+ ret+=func(sk_value(a,i),NULL);
+ r=ASN1_object_size(1,ret,ex_tag);
+ if (pp == NULL) return(r);
+
+ p= *pp;
+ ASN1_put_object(&p,1,ret,ex_tag,ex_class);
+ for (i=0; i<sk_num(a); i++)
+ func(sk_value(a,i),&p);
+
+ *pp=p;
+ return(r);
+ }
+
+STACK *d2i_ASN1_SET(a,pp,length,func,ex_tag,ex_class)
+STACK **a;
+unsigned char **pp;
+long length;
+char *(*func)();
+int ex_tag;
+int ex_class;
+ {
+ ASN1_CTX c;
+ STACK *ret=NULL;
+
+ if ((a == NULL) || ((*a) == NULL))
+ { if ((ret=sk_new(NULL)) == NULL) goto err; }
+ else
+ ret=(*a);
+
+ c.p= *pp;
+ c.max=(length == 0)?0:(c.p+length);
+
+ c.inf=ASN1_get_object(&c.p,&c.slen,&c.tag,&c.xclass,c.max-c.p);
+ if (c.inf & 0x80) goto err;
+ if (ex_class != c.xclass)
+ {
+ ASN1err(ASN1_F_D2I_ASN1_SET,ASN1_R_BAD_CLASS);
+ goto err;
+ }
+ if (ex_tag != c.tag)
+ {
+ ASN1err(ASN1_F_D2I_ASN1_SET,ASN1_R_BAD_TAG);
+ goto err;
+ }
+ if ((c.slen+c.p) > c.max)
+ {
+ ASN1err(ASN1_F_D2I_ASN1_SET,ASN1_R_LENGTH_ERROR);
+ goto err;
+ }
+ /* check for infinite constructed - it can be as long
+ * as the amount of data passed to us */
+ if (c.inf == (V_ASN1_CONSTRUCTED+1))
+ c.slen=length+ *pp-c.p;
+ c.max=c.p+c.slen;
+
+ while (c.p < c.max)
+ {
+ char *s;
+
+ if (M_ASN1_D2I_end_sequence()) break;
+ if ((s=func(NULL,&c.p,c.slen,c.max-c.p)) == NULL) goto err;
+ if (!sk_push(ret,s)) goto err;
+ }
+ if (a != NULL) (*a)=ret;
+ *pp=c.p;
+ return(ret);
+err:
+ if ((ret != NULL) && ((a == NULL) || (*a != ret))) sk_free(ret);
+ return(NULL);
+ }
+
diff --git a/src/lib/libssl/src/crypto/asn1/a_sign.c b/src/lib/libssl/src/crypto/asn1/a_sign.c
new file mode 100644
index 0000000000..02188e68c4
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/a_sign.c
@@ -0,0 +1,147 @@
+/* crypto/asn1/a_sign.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+
+#include "cryptlib.h"
+#include "bn.h"
+#include "evp.h"
+#include "x509.h"
+#include "objects.h"
+#include "buffer.h"
+#include "pem.h"
+
+int ASN1_sign(i2d,algor1,algor2,signature,data,pkey,type)
+int (*i2d)();
+X509_ALGOR *algor1;
+X509_ALGOR *algor2;
+ASN1_BIT_STRING *signature;
+char *data;
+EVP_PKEY *pkey;
+EVP_MD *type;
+ {
+ EVP_MD_CTX ctx;
+ unsigned char *p,*buf_in=NULL,*buf_out=NULL;
+ int i,inl=0,outl=0,outll=0;
+ X509_ALGOR *a;
+
+ for (i=0; i<2; i++)
+ {
+ if (i == 0)
+ a=algor1;
+ else
+ a=algor2;
+ if (a == NULL) continue;
+ if ( (a->parameter == NULL) ||
+ (a->parameter->type != V_ASN1_NULL))
+ {
+ ASN1_TYPE_free(a->parameter);
+ if ((a->parameter=ASN1_TYPE_new()) == NULL) goto err;
+ a->parameter->type=V_ASN1_NULL;
+ }
+ ASN1_OBJECT_free(a->algorithm);
+ a->algorithm=OBJ_nid2obj(type->pkey_type);
+ if (a->algorithm == NULL)
+ {
+ ASN1err(ASN1_F_ASN1_SIGN,ASN1_R_UNKNOWN_OBJECT_TYPE);
+ goto err;
+ }
+ if (a->algorithm->length == 0)
+ {
+ ASN1err(ASN1_F_ASN1_SIGN,ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD);
+ goto err;
+ }
+ }
+ inl=i2d(data,NULL);
+ buf_in=(unsigned char *)Malloc((unsigned int)inl);
+ outll=outl=EVP_PKEY_size(pkey);
+ buf_out=(unsigned char *)Malloc((unsigned int)outl);
+ if ((buf_in == NULL) || (buf_out == NULL))
+ {
+ outl=0;
+ ASN1err(ASN1_F_ASN1_SIGN,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ p=buf_in;
+
+ i2d(data,&p);
+ EVP_SignInit(&ctx,type);
+ EVP_SignUpdate(&ctx,(unsigned char *)buf_in,inl);
+ if (!EVP_SignFinal(&ctx,(unsigned char *)buf_out,
+ (unsigned int *)&outl,pkey))
+ {
+ outl=0;
+ ASN1err(ASN1_F_ASN1_SIGN,ERR_R_EVP_LIB);
+ goto err;
+ }
+ if (signature->data != NULL) Free((char *)signature->data);
+ signature->data=buf_out;
+ buf_out=NULL;
+ signature->length=outl;
+
+err:
+ memset(&ctx,0,sizeof(ctx));
+ if (buf_in != NULL)
+ { memset((char *)buf_in,0,(unsigned int)inl); Free((char *)buf_in); }
+ if (buf_out != NULL)
+ { memset((char *)buf_out,0,outll); Free((char *)buf_out); }
+ return(outl);
+ }
diff --git a/src/lib/libssl/src/crypto/asn1/a_type.c b/src/lib/libssl/src/crypto/asn1/a_type.c
new file mode 100644
index 0000000000..7c0004084c
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/a_type.c
@@ -0,0 +1,325 @@
+/* crypto/asn1/a_type.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+
+/* ASN1err(ASN1_F_ASN1_TYPE_NEW,ASN1_R_ERROR_STACK);
+ * ASN1err(ASN1_F_D2I_ASN1_BYTES,ASN1_R_ERROR_STACK);
+ * ASN1err(ASN1_F_D2I_ASN1_BYTES,ASN1_R_WRONG_TAG);
+ * ASN1err(ASN1_F_ASN1_COLLATE_PRIMATIVE,ASN1_R_WRONG_TAG);
+ */
+
+#ifndef NOPROTO
+static void ASN1_TYPE_component_free(ASN1_TYPE *a);
+#else
+static void ASN1_TYPE_component_free();
+#endif
+
+int i2d_ASN1_TYPE(a,pp)
+ASN1_TYPE *a;
+unsigned char **pp;
+ {
+ int r=0;
+
+ if (a == NULL) return(0);
+
+ switch (a->type)
+ {
+ case V_ASN1_NULL:
+ if (pp != NULL)
+ ASN1_put_object(pp,0,0,V_ASN1_NULL,V_ASN1_UNIVERSAL);
+ r=2;
+ break;
+ case V_ASN1_INTEGER:
+ case V_ASN1_NEG_INTEGER:
+ r=i2d_ASN1_INTEGER(a->value.integer,pp);
+ break;
+ case V_ASN1_BIT_STRING:
+ r=i2d_ASN1_BIT_STRING(a->value.bit_string,pp);
+ break;
+ case V_ASN1_OCTET_STRING:
+ r=i2d_ASN1_OCTET_STRING(a->value.octet_string,pp);
+ break;
+ case V_ASN1_OBJECT:
+ r=i2d_ASN1_OBJECT(a->value.object,pp);
+ break;
+ case V_ASN1_PRINTABLESTRING:
+ r=M_i2d_ASN1_PRINTABLESTRING(a->value.printablestring,pp);
+ break;
+ case V_ASN1_T61STRING:
+ r=M_i2d_ASN1_T61STRING(a->value.t61string,pp);
+ break;
+ case V_ASN1_IA5STRING:
+ r=M_i2d_ASN1_IA5STRING(a->value.ia5string,pp);
+ break;
+ case V_ASN1_GENERALSTRING:
+ r=M_i2d_ASN1_GENERALSTRING(a->value.generalstring,pp);
+ break;
+ case V_ASN1_UNIVERSALSTRING:
+ r=M_i2d_ASN1_UNIVERSALSTRING(a->value.universalstring,pp);
+ break;
+ case V_ASN1_BMPSTRING:
+ r=M_i2d_ASN1_BMPSTRING(a->value.bmpstring,pp);
+ break;
+ case V_ASN1_UTCTIME:
+ r=i2d_ASN1_UTCTIME(a->value.utctime,pp);
+ break;
+ case V_ASN1_SET:
+ case V_ASN1_SEQUENCE:
+ if (a->value.set == NULL)
+ r=0;
+ else
+ {
+ r=a->value.set->length;
+ if (pp != NULL)
+ {
+ memcpy(*pp,a->value.set->data,r);
+ *pp+=r;
+ }
+ }
+ break;
+ }
+ return(r);
+ }
+
+ASN1_TYPE *d2i_ASN1_TYPE(a,pp,length)
+ASN1_TYPE **a;
+unsigned char **pp;
+long length;
+ {
+ ASN1_TYPE *ret=NULL;
+ unsigned char *q,*p,*max;
+ int inf,tag,xclass;
+ long len;
+
+ if ((a == NULL) || ((*a) == NULL))
+ {
+ if ((ret=ASN1_TYPE_new()) == NULL) goto err;
+ }
+ else
+ ret=(*a);
+
+ p= *pp;
+ q=p;
+ max=(p+length);
+
+ inf=ASN1_get_object(&q,&len,&tag,&xclass,length);
+ if (inf & 0x80) goto err;
+
+ ASN1_TYPE_component_free(ret);
+
+ switch (tag)
+ {
+ case V_ASN1_NULL:
+ p=q;
+ ret->value.ptr=NULL;
+ break;
+ case V_ASN1_INTEGER:
+ if ((ret->value.integer=
+ d2i_ASN1_INTEGER(NULL,&p,max-p)) == NULL)
+ goto err;
+ break;
+ case V_ASN1_BIT_STRING:
+ if ((ret->value.bit_string=
+ d2i_ASN1_BIT_STRING(NULL,&p,max-p)) == NULL)
+ goto err;
+ break;
+ case V_ASN1_OCTET_STRING:
+ if ((ret->value.octet_string=
+ d2i_ASN1_OCTET_STRING(NULL,&p,max-p)) == NULL)
+ goto err;
+ break;
+ case V_ASN1_OBJECT:
+ if ((ret->value.object=
+ d2i_ASN1_OBJECT(NULL,&p,max-p)) == NULL)
+ goto err;
+ break;
+ case V_ASN1_PRINTABLESTRING:
+ if ((ret->value.printablestring=
+ d2i_ASN1_PRINTABLESTRING(NULL,&p,max-p)) == NULL)
+ goto err;
+ break;
+ case V_ASN1_T61STRING:
+ if ((ret->value.t61string=
+ M_d2i_ASN1_T61STRING(NULL,&p,max-p)) == NULL)
+ goto err;
+ break;
+ case V_ASN1_IA5STRING:
+ if ((ret->value.ia5string=
+ M_d2i_ASN1_IA5STRING(NULL,&p,max-p)) == NULL)
+ goto err;
+ break;
+ case V_ASN1_GENERALSTRING:
+ if ((ret->value.generalstring=
+ M_d2i_ASN1_GENERALSTRING(NULL,&p,max-p)) == NULL)
+ goto err;
+ break;
+ case V_ASN1_UNIVERSALSTRING:
+ if ((ret->value.universalstring=
+ M_d2i_ASN1_UNIVERSALSTRING(NULL,&p,max-p)) == NULL)
+ goto err;
+ break;
+ case V_ASN1_BMPSTRING:
+ if ((ret->value.bmpstring=
+ M_d2i_ASN1_BMPSTRING(NULL,&p,max-p)) == NULL)
+ goto err;
+ break;
+ case V_ASN1_UTCTIME:
+ if ((ret->value.utctime=
+ d2i_ASN1_UTCTIME(NULL,&p,max-p)) == NULL)
+ goto err;
+ break;
+ case V_ASN1_SET:
+ case V_ASN1_SEQUENCE:
+ /* Sets and sequences are left complete */
+ if ((ret->value.set=ASN1_STRING_new()) == NULL) goto err;
+ ret->value.set->type=tag;
+ len+=(q-p);
+ if (!ASN1_STRING_set(ret->value.set,p,(int)len)) goto err;
+ p+=len;
+ break;
+ default:
+ ASN1err(ASN1_F_D2I_ASN1_TYPE,ASN1_R_BAD_TYPE);
+ goto err;
+ }
+
+ ret->type=tag;
+ if (a != NULL) (*a)=ret;
+ *pp=p;
+ return(ret);
+err:
+ if ((ret != NULL) && ((a == NULL) || (*a != ret))) ASN1_TYPE_free(ret);
+ return(NULL);
+ }
+
+ASN1_TYPE *ASN1_TYPE_new()
+ {
+ ASN1_TYPE *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,ASN1_TYPE);
+ ret->type= -1;
+ ret->value.ptr=NULL;
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_ASN1_TYPE_NEW);
+ }
+
+void ASN1_TYPE_free(a)
+ASN1_TYPE *a;
+ {
+ if (a == NULL) return;
+ ASN1_TYPE_component_free(a);
+ Free((char *)(char *)a);
+ }
+
+int ASN1_TYPE_get(a)
+ASN1_TYPE *a;
+ {
+ if (a->value.ptr != NULL)
+ return(a->type);
+ else
+ return(0);
+ }
+
+void ASN1_TYPE_set(a,type,value)
+ASN1_TYPE *a;
+int type;
+char *value;
+ {
+ if (a->value.ptr != NULL)
+ ASN1_TYPE_component_free(a);
+ a->type=type;
+ a->value.ptr=value;
+ }
+
+static void ASN1_TYPE_component_free(a)
+ASN1_TYPE *a;
+ {
+ if (a == NULL) return;
+
+ if (a->value.ptr != NULL)
+ {
+ switch (a->type)
+ {
+ case V_ASN1_OBJECT:
+ ASN1_OBJECT_free(a->value.object);
+ break;
+ case V_ASN1_INTEGER:
+ case V_ASN1_NEG_INTEGER:
+ case V_ASN1_BIT_STRING:
+ case V_ASN1_OCTET_STRING:
+ case V_ASN1_PRINTABLESTRING:
+ case V_ASN1_T61STRING:
+ case V_ASN1_IA5STRING:
+ case V_ASN1_UNIVERSALSTRING:
+ case V_ASN1_GENERALSTRING:
+ case V_ASN1_UTCTIME:
+ case V_ASN1_SET:
+ case V_ASN1_SEQUENCE:
+ ASN1_STRING_free((ASN1_STRING *)a->value.ptr);
+ break;
+ default:
+ /* MEMORY LEAK */
+ break;
+ }
+ a->type=0;
+ a->value.ptr=NULL;
+ }
+ }
+
diff --git a/src/lib/libssl/src/crypto/asn1/a_utctm.c b/src/lib/libssl/src/crypto/asn1/a_utctm.c
new file mode 100644
index 0000000000..17a7abbb67
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/a_utctm.c
@@ -0,0 +1,212 @@
+/* crypto/asn1/a_utctm.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include "cryptlib.h"
+#include "asn1.h"
+
+/* ASN1err(ASN1_F_ASN1_UTCTIME_NEW,ASN1_R_UTCTIME_TOO_LONG);
+ * ASN1err(ASN1_F_D2I_ASN1_UTCTIME,ASN1_R_EXPECTING_A_UTCTIME);
+ */
+
+int i2d_ASN1_UTCTIME(a,pp)
+ASN1_UTCTIME *a;
+unsigned char **pp;
+ {
+ return(i2d_ASN1_bytes((ASN1_STRING *)a,pp,
+ V_ASN1_UTCTIME,V_ASN1_UNIVERSAL));
+ }
+
+
+ASN1_UTCTIME *d2i_ASN1_UTCTIME(a, pp, length)
+ASN1_UTCTIME **a;
+unsigned char **pp;
+long length;
+ {
+ ASN1_UTCTIME *ret=NULL;
+
+ ret=(ASN1_UTCTIME *)d2i_ASN1_bytes((ASN1_STRING **)a,pp,length,
+ V_ASN1_UTCTIME,V_ASN1_UNIVERSAL);
+ if (ret == NULL)
+ {
+ ASN1err(ASN1_F_D2I_ASN1_UTCTIME,ASN1_R_ERROR_STACK);
+ return(NULL);
+ }
+ if (!ASN1_UTCTIME_check(ret))
+ {
+ ASN1err(ASN1_F_D2I_ASN1_UTCTIME,ASN1_R_INVALID_TIME_FORMAT);
+ goto err;
+ }
+
+ return(ret);
+err:
+ if ((ret != NULL) && ((a == NULL) || (*a != ret)))
+ ASN1_UTCTIME_free(ret);
+ return(NULL);
+ }
+
+int ASN1_UTCTIME_check(d)
+ASN1_UTCTIME *d;
+ {
+ static int min[8]={ 0, 1, 1, 0, 0, 0, 0, 0};
+ static int max[8]={99,12,31,23,59,59,12,59};
+ char *a;
+ int n,i,l,o;
+
+ if (d->type != V_ASN1_UTCTIME) return(0);
+ l=d->length;
+ a=(char *)d->data;
+ o=0;
+
+ if (l < 11) goto err;
+ for (i=0; i<6; i++)
+ {
+ if ((i == 5) && ((a[o] == 'Z') ||
+ (a[o] == '+') || (a[o] == '-')))
+ { i++; break; }
+ if ((a[o] < '0') || (a[o] > '9')) goto err;
+ n= a[o]-'0';
+ if (++o > l) goto err;
+
+ if ((a[o] < '0') || (a[o] > '9')) goto err;
+ n=(n*10)+ a[o]-'0';
+ if (++o > l) goto err;
+
+ if ((n < min[i]) || (n > max[i])) goto err;
+ }
+ if (a[o] == 'Z')
+ o++;
+ else if ((a[o] == '+') || (a[o] == '-'))
+ {
+ o++;
+ if (o+4 > l) goto err;
+ for (i=6; i<8; i++)
+ {
+ if ((a[o] < '0') || (a[o] > '9')) goto err;
+ n= a[o]-'0';
+ o++;
+ if ((a[o] < '0') || (a[o] > '9')) goto err;
+ n=(n*10)+ a[o]-'0';
+ if ((n < min[i]) || (n > max[i])) goto err;
+ o++;
+ }
+ }
+ return(o == l);
+err:
+ return(0);
+ }
+
+int ASN1_UTCTIME_set_string(s,str)
+ASN1_UTCTIME *s;
+char *str;
+ {
+ ASN1_UTCTIME t;
+
+ t.type=V_ASN1_UTCTIME;
+ t.length=strlen(str);
+ t.data=(unsigned char *)str;
+ if (ASN1_UTCTIME_check(&t))
+ {
+ if (s != NULL)
+ {
+ ASN1_STRING_set((ASN1_STRING *)s,
+ (unsigned char *)str,t.length);
+ }
+ return(1);
+ }
+ else
+ return(0);
+ }
+
+ASN1_UTCTIME *ASN1_UTCTIME_set(s, t)
+ASN1_UTCTIME *s;
+time_t t;
+ {
+ char *p;
+ struct tm *ts;
+#if defined(THREADS)
+ struct tm data;
+#endif
+
+ if (s == NULL)
+ s=ASN1_UTCTIME_new();
+ if (s == NULL)
+ return(NULL);
+
+#if defined(THREADS)
+ ts=(struct tm *)gmtime_r(&t,&data);
+#else
+ ts=(struct tm *)gmtime(&t);
+#endif
+ p=(char *)s->data;
+ if ((p == NULL) || (s->length < 14))
+ {
+ p=Malloc(20);
+ if (p == NULL) return(NULL);
+ if (s->data != NULL)
+ Free(s->data);
+ s->data=(unsigned char *)p;
+ }
+
+ sprintf(p,"%02d%02d%02d%02d%02d%02dZ",ts->tm_year%100,
+ ts->tm_mon+1,ts->tm_mday,ts->tm_hour,ts->tm_min,ts->tm_sec);
+ s->length=strlen(p);
+ s->type=V_ASN1_UTCTIME;
+ return(s);
+ }
diff --git a/src/lib/libssl/src/crypto/asn1/a_verify.c b/src/lib/libssl/src/crypto/asn1/a_verify.c
new file mode 100644
index 0000000000..03fc63dbef
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/a_verify.c
@@ -0,0 +1,121 @@
+/* crypto/asn1/a_verify.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+
+#include "cryptlib.h"
+#include "bn.h"
+#include "x509.h"
+#include "objects.h"
+#include "buffer.h"
+#include "evp.h"
+#include "pem.h"
+
+int ASN1_verify(i2d,a,signature,data,pkey)
+int (*i2d)();
+X509_ALGOR *a;
+ASN1_BIT_STRING *signature;
+char *data;
+EVP_PKEY *pkey;
+ {
+ EVP_MD_CTX ctx;
+ EVP_MD *type;
+ unsigned char *p,*buf_in=NULL;
+ int ret= -1,i,inl;
+
+ i=OBJ_obj2nid(a->algorithm);
+ type=EVP_get_digestbyname(OBJ_nid2sn(i));
+ if (type == NULL)
+ {
+ ASN1err(ASN1_F_ASN1_VERIFY,ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM);
+ goto err;
+ }
+
+ inl=i2d(data,NULL);
+ buf_in=(unsigned char *)Malloc((unsigned int)inl);
+ if (buf_in == NULL)
+ {
+ ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ p=buf_in;
+
+ i2d(data,&p);
+ EVP_VerifyInit(&ctx,type);
+ EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl);
+
+ memset(buf_in,0,(unsigned int)inl);
+ Free((char *)buf_in);
+
+ if (EVP_VerifyFinal(&ctx,(unsigned char *)signature->data,
+ (unsigned int)signature->length,pkey) <= 0)
+ {
+ ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_EVP_LIB);
+ ret=0;
+ goto err;
+ }
+ /* we don't need to zero the 'ctx' because we just checked
+ * public information */
+ /* memset(&ctx,0,sizeof(ctx)); */
+ ret=1;
+err:
+ return(ret);
+ }
diff --git a/src/lib/libssl/src/crypto/asn1/asn1.h b/src/lib/libssl/src/crypto/asn1/asn1.h
new file mode 100644
index 0000000000..9793db365d
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/asn1.h
@@ -0,0 +1,859 @@
+/* crypto/asn1/asn1.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_ASN1_H
+#define HEADER_ASN1_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include <time.h>
+#include "bn.h"
+#include "stack.h"
+
+#define V_ASN1_UNIVERSAL 0x00
+#define V_ASN1_APPLICATION 0x40
+#define V_ASN1_CONTEXT_SPECIFIC 0x80
+#define V_ASN1_PRIVATE 0xc0
+
+#define V_ASN1_CONSTRUCTED 0x20
+#define V_ASN1_PRIMATIVE_TAG 0x1f
+
+#define V_ASN1_APP_CHOOSE -2 /* let the recipent choose */
+
+#define V_ASN1_UNDEF -1
+#define V_ASN1_EOC 0
+#define V_ASN1_BOOLEAN 1 /**/
+#define V_ASN1_INTEGER 2
+#define V_ASN1_NEG_INTEGER (2+0x100)
+#define V_ASN1_BIT_STRING 3
+#define V_ASN1_OCTET_STRING 4
+#define V_ASN1_NULL 5
+#define V_ASN1_OBJECT 6
+#define V_ASN1_OBJECT_DESCRIPTOR 7
+#define V_ASN1_EXTERNAL 8
+#define V_ASN1_REAL 9
+#define V_ASN1_ENUMERATED 10 /* microsoft weirdness */
+#define V_ASN1_SEQUENCE 16
+#define V_ASN1_SET 17
+#define V_ASN1_NUMERICSTRING 18 /**/
+#define V_ASN1_PRINTABLESTRING 19
+#define V_ASN1_T61STRING 20
+#define V_ASN1_TELETEXSTRING 20 /* alias */
+#define V_ASN1_VIDEOTEXSTRING 21 /**/
+#define V_ASN1_IA5STRING 22
+#define V_ASN1_UTCTIME 23
+#define V_ASN1_GENERALIZEDTIME 24 /**/
+#define V_ASN1_GRAPHICSTRING 25 /**/
+#define V_ASN1_ISO64STRING 26 /**/
+#define V_ASN1_VISIBLESTRING 26 /* alias */
+#define V_ASN1_GENERALSTRING 27 /**/
+#define V_ASN1_UNIVERSALSTRING 28 /**/
+#define V_ASN1_BMPSTRING 30
+
+/* For use with d2i_ASN1_type_bytes() */
+#define B_ASN1_NUMERICSTRING 0x0001
+#define B_ASN1_PRINTABLESTRING 0x0002
+#define B_ASN1_T61STRING 0x0004
+#define B_ASN1_VIDEOTEXSTRING 0x0008
+#define B_ASN1_IA5STRING 0x0010
+#define B_ASN1_GRAPHICSTRING 0x0020
+#define B_ASN1_ISO64STRING 0x0040
+#define B_ASN1_GENERALSTRING 0x0080
+#define B_ASN1_UNIVERSALSTRING 0x0100
+#define B_ASN1_OCTET_STRING 0x0200
+#define B_ASN1_BIT_STRING 0x0400
+#define B_ASN1_BMPSTRING 0x0800
+#define B_ASN1_UNKNOWN 0x1000
+
+#ifndef DEBUG
+
+#define ASN1_INTEGER ASN1_STRING
+#define ASN1_BIT_STRING ASN1_STRING
+#define ASN1_OCTET_STRING ASN1_STRING
+#define ASN1_PRINTABLESTRING ASN1_STRING
+#define ASN1_T61STRING ASN1_STRING
+#define ASN1_IA5STRING ASN1_STRING
+#define ASN1_UTCTIME ASN1_STRING
+#define ASN1_GENERALIZEDTIME ASN1_STRING
+#define ASN1_GENERALSTRING ASN1_STRING
+#define ASN1_UNIVERSALSTRING ASN1_STRING
+#define ASN1_BMPSTRING ASN1_STRING
+
+#else
+
+typedef struct asn1_integer_st
+ {
+ int length;
+ int type;
+ unsigned char *data;
+ } ASN1_INTEGER;
+
+typedef struct asn1_bit_string_st
+ {
+ int length;
+ int type;
+ unsigned char *data;
+ } ASN1_BIT_STRING;
+
+typedef struct asn1_octet_string_st
+ {
+ int length;
+ int type;
+ unsigned char *data;
+ } ASN1_OCTET_STRING;
+
+typedef struct asn1_printablestring_st
+ {
+ int length;
+ int type;
+ unsigned char *data;
+ } ASN1_PRINTABLESTRING;
+
+typedef struct asn1_t61string_st
+ {
+ int length;
+ int type;
+ unsigned char *data;
+ } ASN1_T61STRING;
+
+typedef struct asn1_ia5string_st
+ {
+ int length;
+ int type;
+ unsigned char *data;
+ } ASN1_IA5STRING;
+
+typedef struct asn1_generalstring_st
+ {
+ int length;
+ int type;
+ unsigned char *data;
+ } ASN1_GENERALSTRING;
+
+typedef struct asn1_universalstring_st
+ {
+ int length;
+ int type;
+ unsigned char *data;
+ } ASN1_UNIVERSALSTRING;
+
+typedef struct asn1_bmpstring_st
+ {
+ int length;
+ int type;
+ unsigned char *data;
+ } ASN1_BMPSTRING;
+
+typedef struct asn1_utctime_st
+ {
+ int length;
+ int type;
+ unsigned char *data;
+ } ASN1_UTCTIME;
+
+typedef struct asn1_generalizedtime_st
+ {
+ int length;
+ int type;
+ unsigned char *data;
+ } ASN1_GENERALIZEDTIME;
+
+#endif
+
+typedef struct asn1_ctx_st
+ {
+ unsigned char *p;/* work char pointer */
+ int eos; /* end of sequence read for indefinite encoding */
+ int error; /* error code to use when returning an error */
+ int inf; /* constructed if 0x20, indefinite is 0x21 */
+ int tag; /* tag from last 'get object' */
+ int xclass; /* class from last 'get object' */
+ long slen; /* length of last 'get object' */
+ unsigned char *max; /* largest value of p alowed */
+ unsigned char *q;/* temporary variable */
+ unsigned char **pp;/* variable */
+ } ASN1_CTX;
+
+/* These are used internally in the ASN1_OBJECT to keep track of
+ * whether the names and data need to be free()ed */
+#define ASN1_OBJECT_FLAG_DYNAMIC 0x01 /* internal use */
+#define ASN1_OBJECT_FLAG_CRITICAL 0x02 /* critical x509v3 object id */
+#define ASN1_OBJECT_FLAG_DYNAMIC_STRINGS 0x04 /* internal use */
+#define ASN1_OBJECT_FLAG_DYNAMIC_DATA 0x08 /* internal use */
+typedef struct asn1_object_st
+ {
+ char *sn,*ln;
+ int nid;
+ int length;
+ unsigned char *data;
+ int flags; /* Should we free this one */
+ } ASN1_OBJECT;
+
+/* This is the base type that holds just about everything :-) */
+typedef struct asn1_string_st
+ {
+ int length;
+ int type;
+ unsigned char *data;
+ } ASN1_STRING;
+
+typedef struct asn1_type_st
+ {
+ int type;
+ union {
+ char *ptr;
+ ASN1_STRING * asn1_string;
+ ASN1_OBJECT * object;
+ ASN1_INTEGER * integer;
+ ASN1_BIT_STRING * bit_string;
+ ASN1_OCTET_STRING * octet_string;
+ ASN1_PRINTABLESTRING * printablestring;
+ ASN1_T61STRING * t61string;
+ ASN1_IA5STRING * ia5string;
+ ASN1_GENERALSTRING * generalstring;
+ ASN1_BMPSTRING * bmpstring;
+ ASN1_UNIVERSALSTRING * universalstring;
+ ASN1_UTCTIME * utctime;
+ ASN1_GENERALIZEDTIME * generalizedtime;
+ /* set and sequence are left complete and still
+ * contain the set or sequence bytes */
+ ASN1_STRING * set;
+ ASN1_STRING * sequence;
+ } value;
+ } ASN1_TYPE;
+
+typedef struct asn1_method_st
+ {
+ int (*i2d)();
+ char *(*d2i)();
+ char *(*create)();
+ void (*destroy)();
+ } ASN1_METHOD;
+
+/* This is used when parsing some Netscape objects */
+typedef struct asn1_header_st
+ {
+ ASN1_OCTET_STRING *header;
+ char *data;
+ ASN1_METHOD *meth;
+ } ASN1_HEADER;
+
+#define ASN1_STRING_length(x) ((x)->length)
+#define ASN1_STRING_type(x) ((x)->type)
+#define ASN1_STRING_data(x) ((x)->data)
+
+/* Macros for string operations */
+#define ASN1_BIT_STRING_new() (ASN1_BIT_STRING *)\
+ ASN1_STRING_type_new(V_ASN1_BIT_STRING)
+#define ASN1_BIT_STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
+#define ASN1_BIT_STRING_dup(a) (ASN1_BIT_STRING *)\
+ ASN1_STRING_dup((ASN1_STRING *)a)
+#define ASN1_BIT_STRING_cmp(a,b) ASN1_STRING_cmp(\
+ (ASN1_STRING *)a,(ASN1_STRING *)b)
+#define ASN1_BIT_STRING_set(a,b,c) ASN1_STRING_set((ASN1_STRING *)a,b,c)
+/* i2d_ASN1_BIT_STRING() is a function */
+/* d2i_ASN1_BIT_STRING() is a function */
+
+#define ASN1_INTEGER_new() (ASN1_INTEGER *)\
+ ASN1_STRING_type_new(V_ASN1_INTEGER)
+#define ASN1_INTEGER_free(a) ASN1_STRING_free((ASN1_STRING *)a)
+#define ASN1_INTEGER_dup(a) (ASN1_INTEGER *)ASN1_STRING_dup((ASN1_STRING *)a)
+#define ASN1_INTEGER_cmp(a,b) ASN1_STRING_cmp(\
+ (ASN1_STRING *)a,(ASN1_STRING *)b)
+/* ASN1_INTEGER_set() is a function, also see BN_to_ASN1_INTEGER() */
+/* ASN1_INTEGER_get() is a function, also see ASN1_INTEGER_to_BN() */
+/* i2d_ASN1_INTEGER() is a function */
+/* d2i_ASN1_INTEGER() is a function */
+
+#define ASN1_OCTET_STRING_new() (ASN1_OCTET_STRING *)\
+ ASN1_STRING_type_new(V_ASN1_OCTET_STRING)
+#define ASN1_OCTET_STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
+#define ASN1_OCTET_STRING_dup(a) (ASN1_OCTET_STRING *)\
+ ASN1_STRING_dup((ASN1_STRING *)a)
+#define ASN1_OCTET_STRING_cmp(a,b) ASN1_STRING_cmp(\
+ (ASN1_STRING *)a,(ASN1_STRING *)b)
+#define ASN1_OCTET_STRING_set(a,b,c) ASN1_STRING_set((ASN1_STRING *)a,b,c)
+#define ASN1_OCTET_STRING_print(a,b) ASN1_STRING_print(a,(ASN1_STRING *)b)
+#define M_i2d_ASN1_OCTET_STRING(a,pp) \
+ i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_OCTET_STRING,\
+ V_ASN1_OCTET_STRING)
+/* d2i_ASN1_OCTET_STRING() is a function */
+
+#define ASN1_PRINTABLE_new() ASN1_STRING_type_new(V_ASN1_T61STRING)
+#define ASN1_PRINTABLE_free(a) ASN1_STRING_free((ASN1_STRING *)a)
+#define M_i2d_ASN1_PRINTABLE(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\
+ pp,a->type,V_ASN1_UNIVERSAL)
+#define M_d2i_ASN1_PRINTABLE(a,pp,l) \
+ d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \
+ B_ASN1_PRINTABLESTRING| \
+ B_ASN1_T61STRING| \
+ B_ASN1_IA5STRING| \
+ B_ASN1_BIT_STRING| \
+ B_ASN1_UNIVERSALSTRING|\
+ B_ASN1_BMPSTRING|\
+ B_ASN1_UNKNOWN)
+
+#define ASN1_PRINTABLESTRING_new() (ASN1_PRINTABLESTRING_STRING *)\
+ ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING)
+#define ASN1_PRINTABLESTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
+#define M_i2d_ASN1_PRINTABLESTRING(a,pp) \
+ i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_PRINTABLESTRING,\
+ V_ASN1_UNIVERSAL)
+#define M_d2i_ASN1_PRINTABLESTRING(a,pp,l) \
+ (ASN1_PRINTABLESTRING *)d2i_ASN1_type_bytes\
+ ((ASN1_STRING **)a,pp,l,B_ASN1_PRINTABLESTRING)
+
+#define ASN1_T61STRING_new() (ASN1_T61STRING_STRING *)\
+ ASN1_STRING_type_new(V_ASN1_T61STRING)
+#define ASN1_T61STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
+#define M_i2d_ASN1_T61STRING(a,pp) \
+ i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_T61STRING,\
+ V_ASN1_UNIVERSAL)
+#define M_d2i_ASN1_T61STRING(a,pp,l) \
+ (ASN1_T61STRING *)d2i_ASN1_type_bytes\
+ ((ASN1_STRING **)a,pp,l,B_ASN1_T61STRING)
+
+#define ASN1_IA5STRING_new() (ASN1_IA5STRING *)\
+ ASN1_STRING_type_new(V_ASN1_IA5STRING)
+#define ASN1_IA5STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
+#define M_i2d_ASN1_IA5STRING(a,pp) \
+ i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_IA5STRING,\
+ V_ASN1_UNIVERSAL)
+#define M_d2i_ASN1_IA5STRING(a,pp,l) \
+ (ASN1_IA5STRING *)d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l,\
+ B_ASN1_IA5STRING)
+
+#define ASN1_UTCTIME_new() (ASN1_UTCTIME *)\
+ ASN1_STRING_type_new(V_ASN1_UTCTIME)
+#define ASN1_UTCTIME_free(a) ASN1_STRING_free((ASN1_STRING *)a)
+#define ASN1_UTCTIME_dup(a) (ASN1_UTCTIME *)ASN1_STRING_dup((ASN1_STRING *)a)
+/* i2d_ASN1_UTCTIME() is a function */
+/* d2i_ASN1_UTCTIME() is a function */
+/* ASN1_UTCTIME_set() is a function */
+/* ASN1_UTCTIME_check() is a function */
+
+#define ASN1_GENERALIZEDTIME_new() (ASN1_GENERALIZEDTIME *)\
+ ASN1_STRING_type_new(V_ASN1_GENERALIZEDTIME)
+#define ASN1_GENERALIZEDTIME_free(a) ASN1_STRING_free((ASN1_STRING *)a)
+#define ASN1_GENERALIZEDTIME_dup(a) (ASN1_UTCTIME *)ASN1_STRING_dup(\
+ (ASN1_STRING *)a)
+/* DOES NOT EXIST YET i2d_ASN1_GENERALIZEDTIME() is a function */
+/* DOES NOT EXIST YET d2i_ASN1_GENERALIZEDTIME() is a function */
+/* DOES NOT EXIST YET ASN1_GENERALIZEDTIME_set() is a function */
+/* DOES NOT EXIST YET ASN1_GENERALIZEDTIME_check() is a function */
+
+#define ASN1_GENERALSTRING_new() (ASN1_GENERALSTRING *)\
+ ASN1_STRING_type_new(V_ASN1_GENERALSTRING)
+#define ASN1_GENERALSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
+#define M_i2d_ASN1_GENERALSTRING(a,pp) \
+ i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_GENERALSTRING,\
+ V_ASN1_UNIVERSAL)
+#define M_d2i_ASN1_GENERALSTRING(a,pp,l) \
+ (ASN1_GENERALSTRING *)d2i_ASN1_type_bytes\
+ ((ASN1_STRING **)a,pp,l,B_ASN1_GENERALSTRING)
+
+#define ASN1_UNIVERSALSTRING_new() (ASN1_UNIVERSALSTRING *)\
+ ASN1_STRING_type_new(V_ASN1_UNIVERSALSTRING)
+#define ASN1_UNIVERSALSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
+#define M_i2d_ASN1_UNIVERSALSTRING(a,pp) \
+ i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_UNIVERSALSTRING,\
+ V_ASN1_UNIVERSAL)
+#define M_d2i_ASN1_UNIVERSALSTRING(a,pp,l) \
+ (ASN1_UNIVERSALSTRING *)d2i_ASN1_type_bytes\
+ ((ASN1_STRING **)a,pp,l,B_ASN1_UNIVERSALSTRING)
+
+#define ASN1_BMPSTRING_new() (ASN1_BMPSTRING *)\
+ ASN1_STRING_type_new(V_ASN1_BMPSTRING)
+#define ASN1_BMPSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
+#define M_i2d_ASN1_BMPSTRING(a,pp) \
+ i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_BMPSTRING,\
+ V_ASN1_UNIVERSAL)
+#define M_d2i_ASN1_BMPSTRING(a,pp,l) \
+ (ASN1_BMPSTRING *)d2i_ASN1_type_bytes\
+ ((ASN1_STRING **)a,pp,l,B_ASN1_BMPSTRING)
+
+#ifndef NOPROTO
+ASN1_TYPE * ASN1_TYPE_new(void );
+void ASN1_TYPE_free(ASN1_TYPE *a);
+int i2d_ASN1_TYPE(ASN1_TYPE *a,unsigned char **pp);
+ASN1_TYPE * d2i_ASN1_TYPE(ASN1_TYPE **a,unsigned char **pp,long length);
+int ASN1_TYPE_get(ASN1_TYPE *a);
+void ASN1_TYPE_set(ASN1_TYPE *a, int type, char *value);
+
+ASN1_OBJECT * ASN1_OBJECT_new(void );
+void ASN1_OBJECT_free(ASN1_OBJECT *a);
+int i2d_ASN1_OBJECT(ASN1_OBJECT *a,unsigned char **pp);
+ASN1_OBJECT * d2i_ASN1_OBJECT(ASN1_OBJECT **a,unsigned char **pp,
+ long length);
+
+ASN1_STRING * ASN1_STRING_new(void );
+void ASN1_STRING_free(ASN1_STRING *a);
+ASN1_STRING * ASN1_STRING_dup(ASN1_STRING *a);
+ASN1_STRING * ASN1_STRING_type_new(int type );
+int ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b);
+int ASN1_STRING_set(ASN1_STRING *str,unsigned char *data, int len);
+
+int i2d_ASN1_BIT_STRING(ASN1_BIT_STRING *a,unsigned char **pp);
+ASN1_BIT_STRING *d2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,unsigned char **pp,
+ long length);
+int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value);
+int ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n);
+
+
+int i2d_ASN1_BOOLEAN(int a,unsigned char **pp);
+int d2i_ASN1_BOOLEAN(int *a,unsigned char **pp,long length);
+
+int i2d_ASN1_INTEGER(ASN1_INTEGER *a,unsigned char **pp);
+ASN1_INTEGER *d2i_ASN1_INTEGER(ASN1_INTEGER **a,unsigned char **pp,
+ long length);
+
+int ASN1_UTCTIME_check(ASN1_UTCTIME *a);
+ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s,time_t t);
+int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, char *str);
+
+int i2d_ASN1_OCTET_STRING(ASN1_OCTET_STRING *a,unsigned char **pp);
+ASN1_OCTET_STRING *d2i_ASN1_OCTET_STRING(ASN1_OCTET_STRING **a,
+ unsigned char **pp,long length);
+
+int i2d_ASN1_PRINTABLE(ASN1_STRING *a,unsigned char **pp);
+ASN1_STRING *d2i_ASN1_PRINTABLE(ASN1_STRING **a,
+ unsigned char **pp, long l);
+ASN1_PRINTABLESTRING *d2i_ASN1_PRINTABLESTRING(ASN1_PRINTABLESTRING **a,
+ unsigned char **pp, long l);
+
+ASN1_T61STRING *d2i_ASN1_T61STRING(ASN1_T61STRING **a,
+ unsigned char **pp, long l);
+int i2d_ASN1_IA5STRING(ASN1_IA5STRING *a,unsigned char **pp);
+ASN1_IA5STRING *d2i_ASN1_IA5STRING(ASN1_IA5STRING **a,
+ unsigned char **pp, long l);
+
+int i2d_ASN1_UTCTIME(ASN1_UTCTIME *a,unsigned char **pp);
+ASN1_UTCTIME * d2i_ASN1_UTCTIME(ASN1_UTCTIME **a,unsigned char **pp,
+ long length);
+
+int i2d_ASN1_SET(STACK *a, unsigned char **pp,
+ int (*func)(), int ex_tag, int ex_class);
+STACK * d2i_ASN1_SET(STACK **a, unsigned char **pp, long length,
+ char *(*func)(), int ex_tag, int ex_class);
+
+#ifdef HEADER_BIO_H
+int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a);
+int a2i_ASN1_INTEGER(BIO *bp,ASN1_INTEGER *bs,char *buf,int size);
+int i2a_ASN1_OBJECT(BIO *bp,ASN1_OBJECT *a);
+int a2i_ASN1_STRING(BIO *bp,ASN1_STRING *bs,char *buf,int size);
+int i2a_ASN1_STRING(BIO *bp, ASN1_STRING *a, int type);
+#endif
+int i2t_ASN1_OBJECT(char *buf,int buf_len,ASN1_OBJECT *a);
+
+int a2d_ASN1_OBJECT(unsigned char *out,int olen, char *buf, int num);
+ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data,int len,
+ char *sn, char *ln);
+
+int ASN1_INTEGER_set(ASN1_INTEGER *a, long v);
+long ASN1_INTEGER_get(ASN1_INTEGER *a);
+ASN1_INTEGER *BN_to_ASN1_INTEGER(BIGNUM *bn, ASN1_INTEGER *ai);
+BIGNUM *ASN1_INTEGER_to_BN(ASN1_INTEGER *ai,BIGNUM *bn);
+
+/* General */
+/* given a string, return the correct type, max is the maximum length */
+int ASN1_PRINTABLE_type(unsigned char *s, int max);
+
+int i2d_ASN1_bytes(ASN1_STRING *a, unsigned char **pp, int tag, int xclass);
+ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, unsigned char **pp,
+ long length, int Ptag, int Pclass);
+/* type is one or more of the B_ASN1_ values. */
+ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a,unsigned char **pp,
+ long length,int type);
+
+/* PARSING */
+int asn1_Finish(ASN1_CTX *c);
+
+/* SPECIALS */
+int ASN1_get_object(unsigned char **pp, long *plength, int *ptag,
+ int *pclass, long omax);
+int ASN1_check_infinite_end(unsigned char **p,long len);
+void ASN1_put_object(unsigned char **pp, int constructed, int length,
+ int tag, int xclass);
+int ASN1_object_size(int constructed, int length, int tag);
+
+/* Used to implement other functions */
+char *ASN1_dup(int (*i2d)(),char *(*d2i)(),char *x);
+
+#ifndef NO_FP_API
+char *ASN1_d2i_fp(char *(*xnew)(),char *(*d2i)(),FILE *fp,unsigned char **x);
+int ASN1_i2d_fp(int (*i2d)(),FILE *out,unsigned char *x);
+#endif
+
+#ifdef HEADER_BIO_H
+char *ASN1_d2i_bio(char *(*xnew)(),char *(*d2i)(),BIO *bp,unsigned char **x);
+int ASN1_i2d_bio(int (*i2d)(),BIO *out,unsigned char *x);
+int ASN1_UTCTIME_print(BIO *fp,ASN1_UTCTIME *a);
+int ASN1_STRING_print(BIO *bp,ASN1_STRING *v);
+int ASN1_parse(BIO *bp,unsigned char *pp,long len,int indent);
+#endif
+
+/* Used to load and write netscape format cert/key */
+int i2d_ASN1_HEADER(ASN1_HEADER *a,unsigned char **pp);
+ASN1_HEADER *d2i_ASN1_HEADER(ASN1_HEADER **a,unsigned char **pp, long length);
+ASN1_HEADER *ASN1_HEADER_new(void );
+void ASN1_HEADER_free(ASN1_HEADER *a);
+
+int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s);
+
+void ERR_load_ASN1_strings(void);
+
+/* Not used that much at this point, except for the first two */
+ASN1_METHOD *X509_asn1_meth(void);
+ASN1_METHOD *RSAPrivateKey_asn1_meth(void);
+ASN1_METHOD *ASN1_IA5STRING_asn1_meth(void);
+ASN1_METHOD *ASN1_BIT_STRING_asn1_meth(void);
+
+int ASN1_TYPE_set_octetstring(ASN1_TYPE *a,
+ unsigned char *data, int len);
+int ASN1_TYPE_get_octetstring(ASN1_TYPE *a,
+ unsigned char *data, int max_len);
+int ASN1_TYPE_set_int_octetstring(ASN1_TYPE *a, long num,
+ unsigned char *data, int len);
+int ASN1_TYPE_get_int_octetstring(ASN1_TYPE *a,long *num,
+ unsigned char *data, int max_len);
+
+#else
+
+ASN1_TYPE * ASN1_TYPE_new();
+void ASN1_TYPE_free();
+int i2d_ASN1_TYPE();
+ASN1_TYPE * d2i_ASN1_TYPE();
+int ASN1_TYPE_get();
+void ASN1_TYPE_set();
+
+ASN1_OBJECT * ASN1_OBJECT_new();
+void ASN1_OBJECT_free();
+int i2d_ASN1_OBJECT();
+ASN1_OBJECT * d2i_ASN1_OBJECT();
+ASN1_STRING * ASN1_STRING_new();
+void ASN1_STRING_free();
+ASN1_STRING * ASN1_STRING_dup();
+ASN1_STRING * ASN1_STRING_type_new();
+int ASN1_STRING_cmp();
+int ASN1_STRING_set();
+int i2d_ASN1_BIT_STRING();
+ASN1_BIT_STRING *d2i_ASN1_BIT_STRING();
+int ASN1_BIT_STRING_set_bit();
+int ASN1_BIT_STRING_get_bit();
+int i2d_ASN1_BOOLEAN();
+int d2i_ASN1_BOOLEAN();
+int i2d_ASN1_INTEGER();
+ASN1_INTEGER *d2i_ASN1_INTEGER();
+int ASN1_UTCTIME_check();
+ASN1_UTCTIME *ASN1_UTCTIME_set();
+int ASN1_UTCTIME_set_string();
+int i2d_ASN1_OCTET_STRING();
+ASN1_OCTET_STRING *d2i_ASN1_OCTET_STRING();
+int i2d_ASN1_PRINTABLE();
+ASN1_STRING *d2i_ASN1_PRINTABLE();
+ASN1_PRINTABLESTRING *d2i_ASN1_PRINTABLESTRING();
+ASN1_T61STRING *d2i_ASN1_T61STRING();
+int i2d_ASN1_IA5STRING();
+ASN1_IA5STRING *d2i_ASN1_IA5STRING();
+int i2d_ASN1_UTCTIME();
+ASN1_UTCTIME * d2i_ASN1_UTCTIME();
+int i2d_ASN1_SET();
+STACK * d2i_ASN1_SET();
+int a2d_ASN1_OBJECT();
+ASN1_OBJECT *ASN1_OBJECT_create();
+int ASN1_INTEGER_set();
+long ASN1_INTEGER_get();
+ASN1_INTEGER *BN_to_ASN1_INTEGER();
+BIGNUM *ASN1_INTEGER_to_BN();
+int ASN1_PRINTABLE_type();
+int i2d_ASN1_bytes();
+ASN1_STRING *d2i_ASN1_bytes();
+ASN1_STRING *d2i_ASN1_type_bytes();
+int asn1_Finish();
+int ASN1_get_object();
+int ASN1_check_infinite_end();
+void ASN1_put_object();
+int ASN1_object_size();
+char *ASN1_dup();
+#ifndef NO_FP_API
+char *ASN1_d2i_fp();
+int ASN1_i2d_fp();
+#endif
+
+char *ASN1_d2i_bio();
+int ASN1_i2d_bio();
+int ASN1_UTCTIME_print();
+int ASN1_STRING_print();
+int ASN1_parse();
+int i2a_ASN1_INTEGER();
+int a2i_ASN1_INTEGER();
+int i2a_ASN1_OBJECT();
+int i2t_ASN1_OBJECT();
+int a2i_ASN1_STRING();
+int i2a_ASN1_STRING();
+
+int i2d_ASN1_HEADER();
+ASN1_HEADER *d2i_ASN1_HEADER();
+ASN1_HEADER *ASN1_HEADER_new();
+void ASN1_HEADER_free();
+void ERR_load_ASN1_strings();
+ASN1_METHOD *X509_asn1_meth();
+ASN1_METHOD *RSAPrivateKey_asn1_meth();
+ASN1_METHOD *ASN1_IA5STRING_asn1_meth();
+ASN1_METHOD *ASN1_BIT_STRING_asn1_meth();
+
+int ASN1_UNIVERSALSTRING_to_string();
+
+int ASN1_TYPE_set_octetstring();
+int ASN1_TYPE_get_octetstring();
+int ASN1_TYPE_set_int_octetstring();
+int ASN1_TYPE_get_int_octetstring();
+
+#endif
+
+/* BEGIN ERROR CODES */
+/* Error codes for the ASN1 functions. */
+
+/* Function codes. */
+#define ASN1_F_A2D_ASN1_OBJECT 100
+#define ASN1_F_A2I_ASN1_INTEGER 101
+#define ASN1_F_A2I_ASN1_STRING 102
+#define ASN1_F_ASN1_COLLATE_PRIMATIVE 103
+#define ASN1_F_ASN1_D2I_BIO 104
+#define ASN1_F_ASN1_D2I_FP 105
+#define ASN1_F_ASN1_DUP 106
+#define ASN1_F_ASN1_GET_OBJECT 107
+#define ASN1_F_ASN1_HEADER_NEW 108
+#define ASN1_F_ASN1_I2D_BIO 109
+#define ASN1_F_ASN1_I2D_FP 110
+#define ASN1_F_ASN1_INTEGER_SET 111
+#define ASN1_F_ASN1_INTEGER_TO_BN 112
+#define ASN1_F_ASN1_OBJECT_NEW 113
+#define ASN1_F_ASN1_SIGN 114
+#define ASN1_F_ASN1_STRING_NEW 115
+#define ASN1_F_ASN1_STRING_TYPE_NEW 116
+#define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING 117
+#define ASN1_F_ASN1_TYPE_GET_OCTETSTRING 118
+#define ASN1_F_ASN1_TYPE_NEW 119
+#define ASN1_F_ASN1_UTCTIME_NEW 120
+#define ASN1_F_ASN1_VERIFY 121
+#define ASN1_F_BN_TO_ASN1_INTEGER 122
+#define ASN1_F_D2I_ASN1_BIT_STRING 123
+#define ASN1_F_D2I_ASN1_BMPSTRING 124
+#define ASN1_F_D2I_ASN1_BOOLEAN 125
+#define ASN1_F_D2I_ASN1_BYTES 126
+#define ASN1_F_D2I_ASN1_HEADER 127
+#define ASN1_F_D2I_ASN1_INTEGER 128
+#define ASN1_F_D2I_ASN1_OBJECT 129
+#define ASN1_F_D2I_ASN1_OCTET_STRING 130
+#define ASN1_F_D2I_ASN1_PRINT_TYPE 131
+#define ASN1_F_D2I_ASN1_SET 132
+#define ASN1_F_D2I_ASN1_TYPE 133
+#define ASN1_F_D2I_ASN1_TYPE_BYTES 134
+#define ASN1_F_D2I_ASN1_UTCTIME 135
+#define ASN1_F_D2I_DHPARAMS 136
+#define ASN1_F_D2I_DSAPARAMS 137
+#define ASN1_F_D2I_DSAPRIVATEKEY 138
+#define ASN1_F_D2I_DSAPUBLICKEY 139
+#define ASN1_F_D2I_NETSCAPE_PKEY 140
+#define ASN1_F_D2I_NETSCAPE_RSA 141
+#define ASN1_F_D2I_NETSCAPE_RSA_2 142
+#define ASN1_F_D2I_NETSCAPE_SPKAC 143
+#define ASN1_F_D2I_NETSCAPE_SPKI 144
+#define ASN1_F_D2I_PKCS7 145
+#define ASN1_F_D2I_PKCS7_DIGEST 146
+#define ASN1_F_D2I_PKCS7_ENCRYPT 147
+#define ASN1_F_D2I_PKCS7_ENC_CONTENT 148
+#define ASN1_F_D2I_PKCS7_ENVELOPE 149
+#define ASN1_F_D2I_PKCS7_ISSUER_AND_SERIAL 150
+#define ASN1_F_D2I_PKCS7_RECIP_INFO 151
+#define ASN1_F_D2I_PKCS7_SIGNED 152
+#define ASN1_F_D2I_PKCS7_SIGNER_INFO 153
+#define ASN1_F_D2I_PKCS7_SIGN_ENVELOPE 154
+#define ASN1_F_D2I_PRIVATEKEY 155
+#define ASN1_F_D2I_PUBLICKEY 156
+#define ASN1_F_D2I_RSAPRIVATEKEY 157
+#define ASN1_F_D2I_RSAPUBLICKEY 158
+#define ASN1_F_D2I_X509 159
+#define ASN1_F_D2I_X509_ALGOR 160
+#define ASN1_F_D2I_X509_ATTRIBUTE 161
+#define ASN1_F_D2I_X509_CINF 162
+#define ASN1_F_D2I_X509_CRL 163
+#define ASN1_F_D2I_X509_CRL_INFO 164
+#define ASN1_F_D2I_X509_EXTENSION 165
+#define ASN1_F_D2I_X509_KEY 166
+#define ASN1_F_D2I_X509_NAME 167
+#define ASN1_F_D2I_X509_NAME_ENTRY 168
+#define ASN1_F_D2I_X509_PKEY 169
+#define ASN1_F_D2I_X509_PUBKEY 170
+#define ASN1_F_D2I_X509_REQ 171
+#define ASN1_F_D2I_X509_REQ_INFO 172
+#define ASN1_F_D2I_X509_REVOKED 173
+#define ASN1_F_D2I_X509_SIG 174
+#define ASN1_F_D2I_X509_VAL 175
+#define ASN1_F_I2D_ASN1_HEADER 176
+#define ASN1_F_I2D_DHPARAMS 177
+#define ASN1_F_I2D_DSAPARAMS 178
+#define ASN1_F_I2D_DSAPRIVATEKEY 179
+#define ASN1_F_I2D_DSAPUBLICKEY 180
+#define ASN1_F_I2D_NETSCAPE_RSA 181
+#define ASN1_F_I2D_PKCS7 182
+#define ASN1_F_I2D_PRIVATEKEY 183
+#define ASN1_F_I2D_PUBLICKEY 184
+#define ASN1_F_I2D_RSAPRIVATEKEY 185
+#define ASN1_F_I2D_RSAPUBLICKEY 186
+#define ASN1_F_I2D_X509_ATTRIBUTE 187
+#define ASN1_F_I2T_ASN1_OBJECT 188
+#define ASN1_F_NETSCAPE_PKEY_NEW 189
+#define ASN1_F_NETSCAPE_SPKAC_NEW 190
+#define ASN1_F_NETSCAPE_SPKI_NEW 191
+#define ASN1_F_PKCS7_DIGEST_NEW 192
+#define ASN1_F_PKCS7_ENCRYPT_NEW 193
+#define ASN1_F_PKCS7_ENC_CONTENT_NEW 194
+#define ASN1_F_PKCS7_ENVELOPE_NEW 195
+#define ASN1_F_PKCS7_ISSUER_AND_SERIAL_NEW 196
+#define ASN1_F_PKCS7_NEW 197
+#define ASN1_F_PKCS7_RECIP_INFO_NEW 198
+#define ASN1_F_PKCS7_SIGNED_NEW 199
+#define ASN1_F_PKCS7_SIGNER_INFO_NEW 200
+#define ASN1_F_PKCS7_SIGN_ENVELOPE_NEW 201
+#define ASN1_F_X509_ALGOR_NEW 202
+#define ASN1_F_X509_ATTRIBUTE_NEW 203
+#define ASN1_F_X509_CINF_NEW 204
+#define ASN1_F_X509_CRL_INFO_NEW 205
+#define ASN1_F_X509_CRL_NEW 206
+#define ASN1_F_X509_DHPARAMS_NEW 207
+#define ASN1_F_X509_EXTENSION_NEW 208
+#define ASN1_F_X509_INFO_NEW 209
+#define ASN1_F_X509_KEY_NEW 210
+#define ASN1_F_X509_NAME_ENTRY_NEW 211
+#define ASN1_F_X509_NAME_NEW 212
+#define ASN1_F_X509_NEW 213
+#define ASN1_F_X509_PKEY_NEW 214
+#define ASN1_F_X509_PUBKEY_NEW 215
+#define ASN1_F_X509_REQ_INFO_NEW 216
+#define ASN1_F_X509_REQ_NEW 217
+#define ASN1_F_X509_REVOKED_NEW 218
+#define ASN1_F_X509_SIG_NEW 219
+#define ASN1_F_X509_VAL_FREE 220
+#define ASN1_F_X509_VAL_NEW 221
+
+/* Reason codes. */
+#define ASN1_R_BAD_CLASS 100
+#define ASN1_R_BAD_GET_OBJECT 101
+#define ASN1_R_BAD_OBJECT_HEADER 102
+#define ASN1_R_BAD_PASSWORD_READ 103
+#define ASN1_R_BAD_PKCS7_CONTENT 104
+#define ASN1_R_BAD_PKCS7_TYPE 105
+#define ASN1_R_BAD_TAG 106
+#define ASN1_R_BAD_TYPE 107
+#define ASN1_R_BN_LIB 108
+#define ASN1_R_BOOLEAN_IS_WRONG_LENGTH 109
+#define ASN1_R_BUFFER_TOO_SMALL 110
+#define ASN1_R_DATA_IS_WRONG 111
+#define ASN1_R_DECODING_ERROR 112
+#define ASN1_R_ERROR_STACK 113
+#define ASN1_R_EXPECTING_AN_INTEGER 114
+#define ASN1_R_EXPECTING_AN_OBJECT 115
+#define ASN1_R_EXPECTING_AN_OCTET_STRING 116
+#define ASN1_R_EXPECTING_A_BIT_STRING 117
+#define ASN1_R_EXPECTING_A_BOOLEAN 118
+#define ASN1_R_EXPECTING_A_SEQUENCE 119
+#define ASN1_R_EXPECTING_A_UTCTIME 120
+#define ASN1_R_FIRST_NUM_TOO_LARGE 121
+#define ASN1_R_HEADER_TOO_LONG 122
+#define ASN1_R_INVALID_DIGIT 123
+#define ASN1_R_INVALID_SEPARATOR 124
+#define ASN1_R_INVALID_TIME_FORMAT 125
+#define ASN1_R_IV_TOO_LARGE 126
+#define ASN1_R_LENGTH_ERROR 127
+#define ASN1_R_LENGTH_MISMATCH 128
+#define ASN1_R_MISSING_EOS 129
+#define ASN1_R_MISSING_SECOND_NUMBER 130
+#define ASN1_R_NON_HEX_CHARACTERS 131
+#define ASN1_R_NOT_ENOUGH_DATA 132
+#define ASN1_R_ODD_NUMBER_OF_CHARS 133
+#define ASN1_R_PARSING 134
+#define ASN1_R_PRIVATE_KEY_HEADER_MISSING 135
+#define ASN1_R_SECOND_NUMBER_TOO_LARGE 136
+#define ASN1_R_SHORT_LINE 137
+#define ASN1_R_STRING_TOO_SHORT 138
+#define ASN1_R_TAG_VALUE_TOO_HIGH 139
+#define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 140
+#define ASN1_R_TOO_LONG 141
+#define ASN1_R_UNABLE_TO_DECODE_RSA_KEY 142
+#define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY 143
+#define ASN1_R_UNKNOWN_ATTRIBUTE_TYPE 144
+#define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM 145
+#define ASN1_R_UNKNOWN_OBJECT_TYPE 146
+#define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE 147
+#define ASN1_R_UNSUPPORTED_CIPHER 148
+#define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM 149
+#define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE 150
+#define ASN1_R_UTCTIME_TOO_LONG 151
+#define ASN1_R_WRONG_PRINTABLE_TYPE 152
+#define ASN1_R_WRONG_TAG 153
+#define ASN1_R_WRONG_TYPE 154
+
+#ifdef __cplusplus
+}
+#endif
+#endif
+
diff --git a/src/lib/libssl/src/crypto/asn1/asn1_err.c b/src/lib/libssl/src/crypto/asn1/asn1_err.c
new file mode 100644
index 0000000000..03c2858e7d
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/asn1_err.c
@@ -0,0 +1,266 @@
+/* lib/asn1/asn1_err.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include "err.h"
+#include "asn1.h"
+
+/* BEGIN ERROR CODES */
+#ifndef NO_ERR
+static ERR_STRING_DATA ASN1_str_functs[]=
+ {
+{ERR_PACK(0,ASN1_F_A2D_ASN1_OBJECT,0), "a2d_ASN1_OBJECT"},
+{ERR_PACK(0,ASN1_F_A2I_ASN1_INTEGER,0), "a2i_ASN1_INTEGER"},
+{ERR_PACK(0,ASN1_F_A2I_ASN1_STRING,0), "a2i_ASN1_STRING"},
+{ERR_PACK(0,ASN1_F_ASN1_COLLATE_PRIMATIVE,0), "ASN1_COLLATE_PRIMATIVE"},
+{ERR_PACK(0,ASN1_F_ASN1_D2I_BIO,0), "ASN1_d2i_bio"},
+{ERR_PACK(0,ASN1_F_ASN1_D2I_FP,0), "ASN1_d2i_fp"},
+{ERR_PACK(0,ASN1_F_ASN1_DUP,0), "ASN1_dup"},
+{ERR_PACK(0,ASN1_F_ASN1_GET_OBJECT,0), "ASN1_get_object"},
+{ERR_PACK(0,ASN1_F_ASN1_HEADER_NEW,0), "ASN1_HEADER_new"},
+{ERR_PACK(0,ASN1_F_ASN1_I2D_BIO,0), "ASN1_i2d_bio"},
+{ERR_PACK(0,ASN1_F_ASN1_I2D_FP,0), "ASN1_i2d_fp"},
+{ERR_PACK(0,ASN1_F_ASN1_INTEGER_SET,0), "ASN1_INTEGER_set"},
+{ERR_PACK(0,ASN1_F_ASN1_INTEGER_TO_BN,0), "ASN1_INTEGER_to_BN"},
+{ERR_PACK(0,ASN1_F_ASN1_OBJECT_NEW,0), "ASN1_OBJECT_new"},
+{ERR_PACK(0,ASN1_F_ASN1_SIGN,0), "ASN1_SIGN"},
+{ERR_PACK(0,ASN1_F_ASN1_STRING_NEW,0), "ASN1_STRING_new"},
+{ERR_PACK(0,ASN1_F_ASN1_STRING_TYPE_NEW,0), "ASN1_STRING_type_new"},
+{ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING,0), "ASN1_TYPE_get_int_octetstring"},
+{ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_OCTETSTRING,0), "ASN1_TYPE_get_octetstring"},
+{ERR_PACK(0,ASN1_F_ASN1_TYPE_NEW,0), "ASN1_TYPE_new"},
+{ERR_PACK(0,ASN1_F_ASN1_UTCTIME_NEW,0), "ASN1_UTCTIME_NEW"},
+{ERR_PACK(0,ASN1_F_ASN1_VERIFY,0), "ASN1_VERIFY"},
+{ERR_PACK(0,ASN1_F_BN_TO_ASN1_INTEGER,0), "BN_to_ASN1_INTEGER"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_BIT_STRING,0), "d2i_ASN1_BIT_STRING"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_BMPSTRING,0), "D2I_ASN1_BMPSTRING"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_BOOLEAN,0), "d2i_ASN1_BOOLEAN"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_BYTES,0), "d2i_ASN1_bytes"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_HEADER,0), "d2i_ASN1_HEADER"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_INTEGER,0), "d2i_ASN1_INTEGER"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_OBJECT,0), "d2i_ASN1_OBJECT"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_OCTET_STRING,0), "d2i_ASN1_OCTET_STRING"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_PRINT_TYPE,0), "D2I_ASN1_PRINT_TYPE"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_SET,0), "d2i_ASN1_SET"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_TYPE,0), "d2i_ASN1_TYPE"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_TYPE_BYTES,0), "d2i_ASN1_type_bytes"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_UTCTIME,0), "d2i_ASN1_UTCTIME"},
+{ERR_PACK(0,ASN1_F_D2I_DHPARAMS,0), "D2I_DHPARAMS"},
+{ERR_PACK(0,ASN1_F_D2I_DSAPARAMS,0), "D2I_DSAPARAMS"},
+{ERR_PACK(0,ASN1_F_D2I_DSAPRIVATEKEY,0), "D2I_DSAPRIVATEKEY"},
+{ERR_PACK(0,ASN1_F_D2I_DSAPUBLICKEY,0), "D2I_DSAPUBLICKEY"},
+{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_PKEY,0), "D2I_NETSCAPE_PKEY"},
+{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_RSA,0), "D2I_NETSCAPE_RSA"},
+{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_RSA_2,0), "D2I_NETSCAPE_RSA_2"},
+{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_SPKAC,0), "D2I_NETSCAPE_SPKAC"},
+{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_SPKI,0), "D2I_NETSCAPE_SPKI"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS7,0), "D2I_PKCS7"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS7_DIGEST,0), "D2I_PKCS7_DIGEST"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS7_ENCRYPT,0), "D2I_PKCS7_ENCRYPT"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS7_ENC_CONTENT,0), "D2I_PKCS7_ENC_CONTENT"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS7_ENVELOPE,0), "D2I_PKCS7_ENVELOPE"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS7_ISSUER_AND_SERIAL,0), "D2I_PKCS7_ISSUER_AND_SERIAL"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS7_RECIP_INFO,0), "D2I_PKCS7_RECIP_INFO"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS7_SIGNED,0), "D2I_PKCS7_SIGNED"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS7_SIGNER_INFO,0), "D2I_PKCS7_SIGNER_INFO"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS7_SIGN_ENVELOPE,0), "D2I_PKCS7_SIGN_ENVELOPE"},
+{ERR_PACK(0,ASN1_F_D2I_PRIVATEKEY,0), "D2I_PRIVATEKEY"},
+{ERR_PACK(0,ASN1_F_D2I_PUBLICKEY,0), "D2I_PUBLICKEY"},
+{ERR_PACK(0,ASN1_F_D2I_RSAPRIVATEKEY,0), "D2I_RSAPRIVATEKEY"},
+{ERR_PACK(0,ASN1_F_D2I_RSAPUBLICKEY,0), "D2I_RSAPUBLICKEY"},
+{ERR_PACK(0,ASN1_F_D2I_X509,0), "D2I_X509"},
+{ERR_PACK(0,ASN1_F_D2I_X509_ALGOR,0), "D2I_X509_ALGOR"},
+{ERR_PACK(0,ASN1_F_D2I_X509_ATTRIBUTE,0), "D2I_X509_ATTRIBUTE"},
+{ERR_PACK(0,ASN1_F_D2I_X509_CINF,0), "D2I_X509_CINF"},
+{ERR_PACK(0,ASN1_F_D2I_X509_CRL,0), "D2I_X509_CRL"},
+{ERR_PACK(0,ASN1_F_D2I_X509_CRL_INFO,0), "D2I_X509_CRL_INFO"},
+{ERR_PACK(0,ASN1_F_D2I_X509_EXTENSION,0), "D2I_X509_EXTENSION"},
+{ERR_PACK(0,ASN1_F_D2I_X509_KEY,0), "D2I_X509_KEY"},
+{ERR_PACK(0,ASN1_F_D2I_X509_NAME,0), "D2I_X509_NAME"},
+{ERR_PACK(0,ASN1_F_D2I_X509_NAME_ENTRY,0), "D2I_X509_NAME_ENTRY"},
+{ERR_PACK(0,ASN1_F_D2I_X509_PKEY,0), "D2I_X509_PKEY"},
+{ERR_PACK(0,ASN1_F_D2I_X509_PUBKEY,0), "D2I_X509_PUBKEY"},
+{ERR_PACK(0,ASN1_F_D2I_X509_REQ,0), "D2I_X509_REQ"},
+{ERR_PACK(0,ASN1_F_D2I_X509_REQ_INFO,0), "D2I_X509_REQ_INFO"},
+{ERR_PACK(0,ASN1_F_D2I_X509_REVOKED,0), "D2I_X509_REVOKED"},
+{ERR_PACK(0,ASN1_F_D2I_X509_SIG,0), "D2I_X509_SIG"},
+{ERR_PACK(0,ASN1_F_D2I_X509_VAL,0), "D2I_X509_VAL"},
+{ERR_PACK(0,ASN1_F_I2D_ASN1_HEADER,0), "i2d_ASN1_HEADER"},
+{ERR_PACK(0,ASN1_F_I2D_DHPARAMS,0), "I2D_DHPARAMS"},
+{ERR_PACK(0,ASN1_F_I2D_DSAPARAMS,0), "I2D_DSAPARAMS"},
+{ERR_PACK(0,ASN1_F_I2D_DSAPRIVATEKEY,0), "I2D_DSAPRIVATEKEY"},
+{ERR_PACK(0,ASN1_F_I2D_DSAPUBLICKEY,0), "I2D_DSAPUBLICKEY"},
+{ERR_PACK(0,ASN1_F_I2D_NETSCAPE_RSA,0), "I2D_NETSCAPE_RSA"},
+{ERR_PACK(0,ASN1_F_I2D_PKCS7,0), "I2D_PKCS7"},
+{ERR_PACK(0,ASN1_F_I2D_PRIVATEKEY,0), "I2D_PRIVATEKEY"},
+{ERR_PACK(0,ASN1_F_I2D_PUBLICKEY,0), "I2D_PUBLICKEY"},
+{ERR_PACK(0,ASN1_F_I2D_RSAPRIVATEKEY,0), "I2D_RSAPRIVATEKEY"},
+{ERR_PACK(0,ASN1_F_I2D_RSAPUBLICKEY,0), "I2D_RSAPUBLICKEY"},
+{ERR_PACK(0,ASN1_F_I2D_X509_ATTRIBUTE,0), "I2D_X509_ATTRIBUTE"},
+{ERR_PACK(0,ASN1_F_I2T_ASN1_OBJECT,0), "i2t_ASN1_OBJECT"},
+{ERR_PACK(0,ASN1_F_NETSCAPE_PKEY_NEW,0), "NETSCAPE_PKEY_NEW"},
+{ERR_PACK(0,ASN1_F_NETSCAPE_SPKAC_NEW,0), "NETSCAPE_SPKAC_NEW"},
+{ERR_PACK(0,ASN1_F_NETSCAPE_SPKI_NEW,0), "NETSCAPE_SPKI_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS7_DIGEST_NEW,0), "PKCS7_DIGEST_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS7_ENCRYPT_NEW,0), "PKCS7_ENCRYPT_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS7_ENC_CONTENT_NEW,0), "PKCS7_ENC_CONTENT_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS7_ENVELOPE_NEW,0), "PKCS7_ENVELOPE_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS7_ISSUER_AND_SERIAL_NEW,0), "PKCS7_ISSUER_AND_SERIAL_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS7_NEW,0), "PKCS7_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS7_RECIP_INFO_NEW,0), "PKCS7_RECIP_INFO_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS7_SIGNED_NEW,0), "PKCS7_SIGNED_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS7_SIGNER_INFO_NEW,0), "PKCS7_SIGNER_INFO_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS7_SIGN_ENVELOPE_NEW,0), "PKCS7_SIGN_ENVELOPE_NEW"},
+{ERR_PACK(0,ASN1_F_X509_ALGOR_NEW,0), "X509_ALGOR_NEW"},
+{ERR_PACK(0,ASN1_F_X509_ATTRIBUTE_NEW,0), "X509_ATTRIBUTE_NEW"},
+{ERR_PACK(0,ASN1_F_X509_CINF_NEW,0), "X509_CINF_NEW"},
+{ERR_PACK(0,ASN1_F_X509_CRL_INFO_NEW,0), "X509_CRL_INFO_NEW"},
+{ERR_PACK(0,ASN1_F_X509_CRL_NEW,0), "X509_CRL_NEW"},
+{ERR_PACK(0,ASN1_F_X509_DHPARAMS_NEW,0), "X509_DHPARAMS_NEW"},
+{ERR_PACK(0,ASN1_F_X509_EXTENSION_NEW,0), "X509_EXTENSION_NEW"},
+{ERR_PACK(0,ASN1_F_X509_INFO_NEW,0), "X509_INFO_NEW"},
+{ERR_PACK(0,ASN1_F_X509_KEY_NEW,0), "X509_KEY_NEW"},
+{ERR_PACK(0,ASN1_F_X509_NAME_ENTRY_NEW,0), "X509_NAME_ENTRY_NEW"},
+{ERR_PACK(0,ASN1_F_X509_NAME_NEW,0), "X509_NAME_NEW"},
+{ERR_PACK(0,ASN1_F_X509_NEW,0), "X509_NEW"},
+{ERR_PACK(0,ASN1_F_X509_PKEY_NEW,0), "X509_PKEY_NEW"},
+{ERR_PACK(0,ASN1_F_X509_PUBKEY_NEW,0), "X509_PUBKEY_NEW"},
+{ERR_PACK(0,ASN1_F_X509_REQ_INFO_NEW,0), "X509_REQ_INFO_NEW"},
+{ERR_PACK(0,ASN1_F_X509_REQ_NEW,0), "X509_REQ_NEW"},
+{ERR_PACK(0,ASN1_F_X509_REVOKED_NEW,0), "X509_REVOKED_NEW"},
+{ERR_PACK(0,ASN1_F_X509_SIG_NEW,0), "X509_SIG_NEW"},
+{ERR_PACK(0,ASN1_F_X509_VAL_FREE,0), "X509_VAL_FREE"},
+{ERR_PACK(0,ASN1_F_X509_VAL_NEW,0), "X509_VAL_NEW"},
+{0,NULL},
+ };
+
+static ERR_STRING_DATA ASN1_str_reasons[]=
+ {
+{ASN1_R_BAD_CLASS ,"bad class"},
+{ASN1_R_BAD_GET_OBJECT ,"bad get object"},
+{ASN1_R_BAD_OBJECT_HEADER ,"bad object header"},
+{ASN1_R_BAD_PASSWORD_READ ,"bad password read"},
+{ASN1_R_BAD_PKCS7_CONTENT ,"bad pkcs7 content"},
+{ASN1_R_BAD_PKCS7_TYPE ,"bad pkcs7 type"},
+{ASN1_R_BAD_TAG ,"bad tag"},
+{ASN1_R_BAD_TYPE ,"bad type"},
+{ASN1_R_BN_LIB ,"bn lib"},
+{ASN1_R_BOOLEAN_IS_WRONG_LENGTH ,"boolean is wrong length"},
+{ASN1_R_BUFFER_TOO_SMALL ,"buffer too small"},
+{ASN1_R_DATA_IS_WRONG ,"data is wrong"},
+{ASN1_R_DECODING_ERROR ,"decoding error"},
+{ASN1_R_ERROR_STACK ,"error stack"},
+{ASN1_R_EXPECTING_AN_INTEGER ,"expecting an integer"},
+{ASN1_R_EXPECTING_AN_OBJECT ,"expecting an object"},
+{ASN1_R_EXPECTING_AN_OCTET_STRING ,"expecting an octet string"},
+{ASN1_R_EXPECTING_A_BIT_STRING ,"expecting a bit string"},
+{ASN1_R_EXPECTING_A_BOOLEAN ,"expecting a boolean"},
+{ASN1_R_EXPECTING_A_SEQUENCE ,"expecting a sequence"},
+{ASN1_R_EXPECTING_A_UTCTIME ,"expecting a utctime"},
+{ASN1_R_FIRST_NUM_TOO_LARGE ,"first num too large"},
+{ASN1_R_HEADER_TOO_LONG ,"header too long"},
+{ASN1_R_INVALID_DIGIT ,"invalid digit"},
+{ASN1_R_INVALID_SEPARATOR ,"invalid separator"},
+{ASN1_R_INVALID_TIME_FORMAT ,"invalid time format"},
+{ASN1_R_IV_TOO_LARGE ,"iv too large"},
+{ASN1_R_LENGTH_ERROR ,"length error"},
+{ASN1_R_LENGTH_MISMATCH ,"length mismatch"},
+{ASN1_R_MISSING_EOS ,"missing eos"},
+{ASN1_R_MISSING_SECOND_NUMBER ,"missing second number"},
+{ASN1_R_NON_HEX_CHARACTERS ,"non hex characters"},
+{ASN1_R_NOT_ENOUGH_DATA ,"not enough data"},
+{ASN1_R_ODD_NUMBER_OF_CHARS ,"odd number of chars"},
+{ASN1_R_PARSING ,"parsing"},
+{ASN1_R_PRIVATE_KEY_HEADER_MISSING ,"private key header missing"},
+{ASN1_R_SECOND_NUMBER_TOO_LARGE ,"second number too large"},
+{ASN1_R_SHORT_LINE ,"short line"},
+{ASN1_R_STRING_TOO_SHORT ,"string too short"},
+{ASN1_R_TAG_VALUE_TOO_HIGH ,"tag value too high"},
+{ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD,"the asn1 object identifier is not known for this md"},
+{ASN1_R_TOO_LONG ,"too long"},
+{ASN1_R_UNABLE_TO_DECODE_RSA_KEY ,"unable to decode rsa key"},
+{ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY ,"unable to decode rsa private key"},
+{ASN1_R_UNKNOWN_ATTRIBUTE_TYPE ,"unknown attribute type"},
+{ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM ,"unknown message digest algorithm"},
+{ASN1_R_UNKNOWN_OBJECT_TYPE ,"unknown object type"},
+{ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE ,"unknown public key type"},
+{ASN1_R_UNSUPPORTED_CIPHER ,"unsupported cipher"},
+{ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM ,"unsupported encryption algorithm"},
+{ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE ,"unsupported public key type"},
+{ASN1_R_UTCTIME_TOO_LONG ,"utctime too long"},
+{ASN1_R_WRONG_PRINTABLE_TYPE ,"wrong printable type"},
+{ASN1_R_WRONG_TAG ,"wrong tag"},
+{ASN1_R_WRONG_TYPE ,"wrong type"},
+{0,NULL},
+ };
+
+#endif
+
+void ERR_load_ASN1_strings()
+ {
+ static int init=1;
+
+ if (init);
+ {;
+ init=0;
+#ifndef NO_ERR
+ ERR_load_strings(ERR_LIB_ASN1,ASN1_str_functs);
+ ERR_load_strings(ERR_LIB_ASN1,ASN1_str_reasons);
+#endif
+
+ }
+ }
diff --git a/src/lib/libssl/src/crypto/asn1/asn1_lib.c b/src/lib/libssl/src/crypto/asn1/asn1_lib.c
new file mode 100644
index 0000000000..ff30b25836
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/asn1_lib.c
@@ -0,0 +1,444 @@
+/* crypto/asn1/asn1_lib.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1.h"
+#include "asn1_mac.h"
+
+#ifndef NOPROTO
+static int asn1_get_length(unsigned char **pp,int *inf,long *rl,int max);
+static void asn1_put_length(unsigned char **pp, int length);
+#else
+static int asn1_get_length();
+static void asn1_put_length();
+#endif
+
+char *ASN1_version="ASN1 part of SSLeay 0.9.0b 29-Jun-1998";
+
+int ASN1_check_infinite_end(p,len)
+unsigned char **p;
+long len;
+ {
+ /* If there is 0 or 1 byte left, the length check should pick
+ * things up */
+ if (len <= 0)
+ return(1);
+ else if ((len >= 2) && ((*p)[0] == 0) && ((*p)[1] == 0))
+ {
+ (*p)+=2;
+ return(1);
+ }
+ return(0);
+ }
+
+
+int ASN1_get_object(pp, plength, ptag, pclass, omax)
+unsigned char **pp;
+long *plength;
+int *ptag;
+int *pclass;
+long omax;
+ {
+ int i,ret;
+ long l;
+ unsigned char *p= *pp;
+ int tag,xclass,inf;
+ long max=omax;
+
+ if (!max) goto err;
+ ret=(*p&V_ASN1_CONSTRUCTED);
+ xclass=(*p&V_ASN1_PRIVATE);
+ i= *p&V_ASN1_PRIMATIVE_TAG;
+ if (i == V_ASN1_PRIMATIVE_TAG)
+ { /* high-tag */
+ p++;
+ if (--max == 0) goto err;
+ l=0;
+ while (*p&0x80)
+ {
+ l<<=7L;
+ l|= *(p++)&0x7f;
+ if (--max == 0) goto err;
+ }
+ l<<=7L;
+ l|= *(p++)&0x7f;
+ tag=(int)l;
+ }
+ else
+ {
+ tag=i;
+ p++;
+ if (--max == 0) goto err;
+ }
+ *ptag=tag;
+ *pclass=xclass;
+ if (!asn1_get_length(&p,&inf,plength,(int)max)) goto err;
+
+#ifdef undef
+ fprintf(stderr,"p=%d + *plength=%d > omax=%d + *pp=%d (%d > %d)\n",
+ p,*plength,omax,*pp,(p+ *plength),omax+ *pp);
+
+#endif
+ if ((p+ *plength) > (omax+ *pp))
+ {
+ ASN1err(ASN1_F_ASN1_GET_OBJECT,ASN1_R_TOO_LONG);
+ /* Set this so that even if things are not long enough
+ * the values are set correctly */
+ ret|=0x80;
+ }
+ *pp=p;
+ return(ret+inf);
+err:
+ ASN1err(ASN1_F_ASN1_GET_OBJECT,ASN1_R_HEADER_TOO_LONG);
+ return(0x80);
+ }
+
+static int asn1_get_length(pp,inf,rl,max)
+unsigned char **pp;
+int *inf;
+long *rl;
+int max;
+ {
+ unsigned char *p= *pp;
+ long ret=0;
+ int i;
+
+ if (max-- < 1) return(0);
+ if (*p == 0x80)
+ {
+ *inf=1;
+ ret=0;
+ p++;
+ }
+ else
+ {
+ *inf=0;
+ i= *p&0x7f;
+ if (*(p++) & 0x80)
+ {
+ if (max-- == 0) return(0);
+ while (i-- > 0)
+ {
+ ret<<=8L;
+ ret|= *(p++);
+ if (max-- == 0) return(0);
+ }
+ }
+ else
+ ret=i;
+ }
+ *pp=p;
+ *rl=ret;
+ return(1);
+ }
+
+/* class 0 is constructed
+ * constructed == 2 for indefinitle length constructed */
+void ASN1_put_object(pp,constructed,length,tag,xclass)
+unsigned char **pp;
+int constructed;
+int length;
+int tag;
+int xclass;
+ {
+ unsigned char *p= *pp;
+ int i;
+
+ i=(constructed)?V_ASN1_CONSTRUCTED:0;
+ i|=(xclass&V_ASN1_PRIVATE);
+ if (tag < 31)
+ *(p++)=i|(tag&V_ASN1_PRIMATIVE_TAG);
+ else
+ {
+ *(p++)=i|V_ASN1_PRIMATIVE_TAG;
+ while (tag > 0x7f)
+ {
+ *(p++)=(tag&0x7f)|0x80;
+ tag>>=7;
+ }
+ *(p++)=(tag&0x7f);
+ }
+ if ((constructed == 2) && (length == 0))
+ *(p++)=0x80; /* der_put_length would output 0 instead */
+ else
+ asn1_put_length(&p,length);
+ *pp=p;
+ }
+
+static void asn1_put_length(pp, length)
+unsigned char **pp;
+int length;
+ {
+ unsigned char *p= *pp;
+ int i,l;
+ if (length <= 127)
+ *(p++)=(unsigned char)length;
+ else
+ {
+ l=length;
+ for (i=0; l > 0; i++)
+ l>>=8;
+ *(p++)=i|0x80;
+ l=i;
+ while (i-- > 0)
+ {
+ p[i]=length&0xff;
+ length>>=8;
+ }
+ p+=l;
+ }
+ *pp=p;
+ }
+
+int ASN1_object_size(constructed, length, tag)
+int constructed;
+int length;
+int tag;
+ {
+ int ret;
+
+ ret=length;
+ ret++;
+ if (tag >= 31)
+ {
+ while (tag > 0)
+ {
+ tag>>=7;
+ ret++;
+ }
+ }
+ if ((length == 0) && (constructed == 2))
+ ret+=2;
+ ret++;
+ if (length > 127)
+ {
+ while (length > 0)
+ {
+ length>>=8;
+ ret++;
+ }
+ }
+ return(ret);
+ }
+
+int asn1_Finish(c)
+ASN1_CTX *c;
+ {
+ if ((c->inf == (1|V_ASN1_CONSTRUCTED)) && (!c->eos))
+ {
+ if (!ASN1_check_infinite_end(&c->p,c->slen))
+ {
+ c->error=ASN1_R_MISSING_EOS;
+ return(0);
+ }
+ }
+ if ( ((c->slen != 0) && !(c->inf & 1)) ||
+ ((c->slen < 0) && (c->inf & 1)))
+ {
+ c->error=ASN1_R_LENGTH_MISMATCH;
+ return(0);
+ }
+ return(1);
+ }
+
+int asn1_GetSequence(c,length)
+ASN1_CTX *c;
+long *length;
+ {
+ unsigned char *q;
+
+ q=c->p;
+ c->inf=ASN1_get_object(&(c->p),&(c->slen),&(c->tag),&(c->xclass),
+ *length);
+ if (c->inf & 0x80)
+ {
+ c->error=ASN1_R_BAD_GET_OBJECT;
+ return(0);
+ }
+ if (c->tag != V_ASN1_SEQUENCE)
+ {
+ c->error=ASN1_R_EXPECTING_A_SEQUENCE;
+ return(0);
+ }
+ (*length)-=(c->p-q);
+ if (c->max && (*length < 0))
+ {
+ c->error=ASN1_R_LENGTH_MISMATCH;
+ return(0);
+ }
+ if (c->inf == (1|V_ASN1_CONSTRUCTED))
+ c->slen= *length+ *(c->pp)-c->p;
+ c->eos=0;
+ return(1);
+ }
+
+ASN1_STRING *ASN1_STRING_dup(str)
+ASN1_STRING *str;
+ {
+ ASN1_STRING *ret;
+
+ if (str == NULL) return(NULL);
+ if ((ret=ASN1_STRING_type_new(str->type)) == NULL)
+ return(NULL);
+ if (!ASN1_STRING_set(ret,str->data,str->length))
+ {
+ ASN1_STRING_free(ret);
+ return(NULL);
+ }
+ return(ret);
+ }
+
+int ASN1_STRING_set(str,data,len)
+ASN1_STRING *str;
+unsigned char *data;
+int len;
+ {
+ char *c;
+
+ if (len < 0)
+ {
+ if (data == NULL)
+ return(0);
+ else
+ len=strlen((char *)data);
+ }
+ if ((str->length < len) || (str->data == NULL))
+ {
+ c=(char *)str->data;
+ if (c == NULL)
+ str->data=(unsigned char *)Malloc(len+1);
+ else
+ str->data=(unsigned char *)Realloc(c,len+1);
+
+ if (str->data == NULL)
+ {
+ str->data=(unsigned char *)c;
+ return(0);
+ }
+ }
+ str->length=len;
+ if (data != NULL)
+ {
+ memcpy(str->data,data,len);
+ /* an alowance for strings :-) */
+ str->data[len]='\0';
+ }
+ return(1);
+ }
+
+ASN1_STRING *ASN1_STRING_new()
+ {
+ return(ASN1_STRING_type_new(V_ASN1_OCTET_STRING));
+ }
+
+
+ASN1_STRING *ASN1_STRING_type_new(type)
+int type;
+ {
+ ASN1_STRING *ret;
+
+ ret=(ASN1_STRING *)Malloc(sizeof(ASN1_STRING));
+ if (ret == NULL)
+ {
+ ASN1err(ASN1_F_ASN1_STRING_TYPE_NEW,ERR_R_MALLOC_FAILURE);
+ return(NULL);
+ }
+ ret->length=0;
+ ret->type=type;
+ ret->data=NULL;
+ return(ret);
+ }
+
+void ASN1_STRING_free(a)
+ASN1_STRING *a;
+ {
+ if (a == NULL) return;
+ if (a->data != NULL) Free((char *)a->data);
+ Free((char *)a);
+ }
+
+int ASN1_STRING_cmp(a,b)
+ASN1_STRING *a,*b;
+ {
+ int i;
+
+ i=(a->length-b->length);
+ if (i == 0)
+ {
+ i=memcmp(a->data,b->data,a->length);
+ if (i == 0)
+ return(a->type-b->type);
+ else
+ return(i);
+ }
+ else
+ return(i);
+ }
+
+void asn1_add_error(address,offset)
+unsigned char *address;
+int offset;
+ {
+ char buf1[16],buf2[16];
+
+ sprintf(buf1,"%lu",(unsigned long)address);
+ sprintf(buf2,"%d",offset);
+ ERR_add_error_data(4,"address=",buf1," offset=",buf2);
+ }
+
diff --git a/src/lib/libssl/src/crypto/asn1/asn1_mac.h b/src/lib/libssl/src/crypto/asn1/asn1_mac.h
new file mode 100644
index 0000000000..4fba70e4bb
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/asn1_mac.h
@@ -0,0 +1,321 @@
+/* crypto/asn1/asn1_mac.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_ASN1_MAC_H
+#define HEADER_ASN1_MAC_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include "asn1.h"
+#include "x509.h"
+#include "pkcs7.h"
+
+#define M_ASN1_D2I_vars(a,type,func) \
+ ASN1_CTX c; \
+ type ret=NULL; \
+ \
+ c.pp=pp; \
+ c.error=ASN1_R_ERROR_STACK; \
+ if ((a == NULL) || ((*a) == NULL)) \
+ { if ((ret=(type)func()) == NULL) goto err; } \
+ else ret=(*a);
+
+#define M_ASN1_D2I_Init() \
+ c.p= *pp; \
+ c.max=(length == 0)?0:(c.p+length);
+
+#define M_ASN1_D2I_Finish_2(a) \
+ if (!asn1_Finish(&c)) goto err; \
+ *pp=c.p; \
+ if (a != NULL) (*a)=ret; \
+ return(ret);
+
+#define M_ASN1_D2I_Finish(a,func,e) \
+ M_ASN1_D2I_Finish_2(a); \
+err:\
+ ASN1err((e),c.error); \
+ asn1_add_error(*pp,(int)(c.q- *pp)); \
+ if ((ret != NULL) && ((a == NULL) || (*a != ret))) func(ret); \
+ return(NULL)
+
+#define M_ASN1_D2I_start_sequence() \
+ if (!asn1_GetSequence(&c,&length)) goto err;
+
+#define M_ASN1_D2I_end_sequence() \
+ (((c.inf&1) == 0)?(c.slen <= 0): \
+ (c.eos=ASN1_check_infinite_end(&c.p,c.slen)))
+
+#define M_ASN1_D2I_get(b,func) \
+ c.q=c.p; \
+ if (func(&(b),&c.p,c.slen) == NULL) goto err; \
+ c.slen-=(c.p-c.q);
+
+#define M_ASN1_D2I_get_opt(b,func,type) \
+ if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) \
+ == (V_ASN1_UNIVERSAL|(type)))) \
+ { \
+ M_ASN1_D2I_get(b,func); \
+ }
+
+#define M_ASN1_D2I_get_IMP_opt(b,func,tag,type) \
+ if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) == \
+ (V_ASN1_CONTEXT_SPECIFIC|(tag)))) \
+ { \
+ unsigned char tmp; \
+ tmp=M_ASN1_next; \
+ M_ASN1_next=(tmp& ~V_ASN1_PRIMATIVE_TAG)|type; \
+ M_ASN1_D2I_get(b,func); \
+ M_ASN1_next_prev=tmp; \
+ }
+
+#define M_ASN1_D2I_get_set(r,func) \
+ M_ASN1_D2I_get_imp_set(r,func,V_ASN1_SET,V_ASN1_UNIVERSAL);
+
+#define M_ASN1_D2I_get_IMP_set_opt(b,func,tag) \
+ if ((c.slen != 0) && \
+ (M_ASN1_next == \
+ (V_ASN1_CONTEXT_SPECIFIC|V_ASN1_CONSTRUCTED|(tag))))\
+ { \
+ M_ASN1_D2I_get_imp_set(b,func,tag,V_ASN1_CONTEXT_SPECIFIC); \
+ }
+
+#define M_ASN1_D2I_get_seq(r,func) \
+ M_ASN1_D2I_get_imp_set(r,func,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
+
+#define M_ASN1_D2I_get_seq_opt(r,func) \
+ if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
+ V_ASN1_CONSTRUCTED|V_ASN1_SEQUENCE)))\
+ { M_ASN1_D2I_get_seq(r,func); }
+
+#define M_ASN1_D2I_get_IMP_set(r,func,x) \
+ M_ASN1_D2I_get_imp_set(r,func,x,V_ASN1_CONTEXT_SPECIFIC);
+
+#define M_ASN1_D2I_get_imp_set(r,func,a,b) \
+ c.q=c.p; \
+ if (d2i_ASN1_SET(&(r),&c.p,c.slen,(char *(*)())func,a,b) == NULL) \
+ goto err; \
+ c.slen-=(c.p-c.q);
+
+#define M_ASN1_D2I_get_set_strings(r,func,a,b) \
+ c.q=c.p; \
+ if (d2i_ASN1_STRING_SET(&(r),&c.p,c.slen,a,b) == NULL) \
+ goto err; \
+ c.slen-=(c.p-c.q);
+
+#define M_ASN1_D2I_get_EXP_opt(r,func,tag) \
+ if ((c.slen != 0L) && (M_ASN1_next == \
+ (V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \
+ { \
+ int Tinf,Ttag,Tclass; \
+ long Tlen; \
+ \
+ c.q=c.p; \
+ Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \
+ if (Tinf & 0x80) \
+ { c.error=ASN1_R_BAD_OBJECT_HEADER; goto err; } \
+ if (func(&(r),&c.p,Tlen) == NULL) \
+ goto err; \
+ c.slen-=(c.p-c.q); \
+ }
+
+#define M_ASN1_D2I_get_EXP_set_opt(r,func,tag,b) \
+ if ((c.slen != 0) && (M_ASN1_next == \
+ (V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \
+ { \
+ int Tinf,Ttag,Tclass; \
+ long Tlen; \
+ \
+ c.q=c.p; \
+ Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \
+ if (Tinf & 0x80) \
+ { c.error=ASN1_R_BAD_OBJECT_HEADER; goto err; } \
+ if (d2i_ASN1_SET(&(r),&c.p,Tlen,(char *(*)())func, \
+ b,V_ASN1_UNIVERSAL) == NULL) \
+ goto err; \
+ c.slen-=(c.p-c.q); \
+ }
+
+/* New macros */
+#define M_ASN1_New_Malloc(ret,type) \
+ if ((ret=(type *)Malloc(sizeof(type))) == NULL) goto err2;
+
+#define M_ASN1_New(arg,func) \
+ if (((arg)=func()) == NULL) return(NULL)
+
+#define M_ASN1_New_Error(a) \
+/* err: ASN1err((a),ASN1_R_ERROR_STACK); \
+ return(NULL);*/ \
+ err2: ASN1err((a),ERR_R_MALLOC_FAILURE); \
+ return(NULL)
+
+
+#define M_ASN1_next (*c.p)
+#define M_ASN1_next_prev (*c.q)
+
+/*************************************************/
+
+#define M_ASN1_I2D_vars(a) int r=0,ret=0; \
+ unsigned char *p; \
+ if (a == NULL) return(0)
+
+/* Length Macros */
+#define M_ASN1_I2D_len(a,f) ret+=f(a,NULL)
+#define M_ASN1_I2D_len_IMP_opt(a,f) if (a != NULL) M_ASN1_I2D_len(a,f)
+
+#define M_ASN1_I2D_len_SET(a,f) \
+ ret+=i2d_ASN1_SET(a,NULL,f,V_ASN1_SET,V_ASN1_UNIVERSAL);
+
+#define M_ASN1_I2D_len_SEQ(a,f) \
+ ret+=i2d_ASN1_SET(a,NULL,f,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
+
+#define M_ASN1_I2D_len_SEQ_opt(a,f) \
+ if ((a != NULL) && (sk_num(a) != 0)) \
+ M_ASN1_I2D_len_SEQ(a,f);
+
+#define M_ASN1_I2D_len_IMP_set(a,f,x) \
+ ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC);
+
+#define M_ASN1_I2D_len_IMP_set_opt(a,f,x) \
+ if ((a != NULL) && (sk_num(a) != 0)) \
+ ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC);
+
+#define M_ASN1_I2D_len_EXP_opt(a,f,mtag,v) \
+ if (a != NULL)\
+ { \
+ v=f(a,NULL); \
+ ret+=ASN1_object_size(1,v,mtag); \
+ }
+
+#define M_ASN1_I2D_len_EXP_set_opt(a,f,mtag,tag,v) \
+ if ((a != NULL) && (sk_num(a) != 0))\
+ { \
+ v=i2d_ASN1_SET(a,NULL,f,tag,V_ASN1_UNIVERSAL); \
+ ret+=ASN1_object_size(1,v,mtag); \
+ }
+
+/* Put Macros */
+#define M_ASN1_I2D_put(a,f) f(a,&p)
+
+#define M_ASN1_I2D_put_IMP_opt(a,f,t) \
+ if (a != NULL) \
+ { \
+ unsigned char *q=p; \
+ f(a,&p); \
+ *q=(V_ASN1_CONTEXT_SPECIFIC|t|(*q&V_ASN1_CONSTRUCTED));\
+ }
+
+#define M_ASN1_I2D_put_SET(a,f) i2d_ASN1_SET(a,&p,f,V_ASN1_SET,\
+ V_ASN1_UNIVERSAL)
+#define M_ASN1_I2D_put_IMP_set(a,f,x) i2d_ASN1_SET(a,&p,f,x,\
+ V_ASN1_CONTEXT_SPECIFIC)
+
+#define M_ASN1_I2D_put_SEQ(a,f) i2d_ASN1_SET(a,&p,f,V_ASN1_SEQUENCE,\
+ V_ASN1_UNIVERSAL)
+
+#define M_ASN1_I2D_put_SEQ_opt(a,f) \
+ if ((a != NULL) && (sk_num(a) != 0)) \
+ M_ASN1_I2D_put_SEQ(a,f);
+
+#define M_ASN1_I2D_put_IMP_set_opt(a,f,x) \
+ if ((a != NULL) && (sk_num(a) != 0)) \
+ { i2d_ASN1_SET(a,&p,f,x,V_ASN1_CONTEXT_SPECIFIC); }
+
+#define M_ASN1_I2D_put_EXP_opt(a,f,tag,v) \
+ if (a != NULL) \
+ { \
+ ASN1_put_object(&p,1,v,tag,V_ASN1_CONTEXT_SPECIFIC); \
+ f(a,&p); \
+ }
+
+#define M_ASN1_I2D_put_EXP_set_opt(a,f,mtag,tag,v) \
+ if ((a != NULL) && (sk_num(a) != 0)) \
+ { \
+ ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \
+ i2d_ASN1_SET(a,&p,f,tag,V_ASN1_UNIVERSAL); \
+ }
+
+#define M_ASN1_I2D_seq_total() \
+ r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE); \
+ if (pp == NULL) return(r); \
+ p= *pp; \
+ ASN1_put_object(&p,1,ret,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL)
+
+#define M_ASN1_I2D_INF_seq_start(tag,ctx) \
+ *(p++)=(V_ASN1_CONSTRUCTED|(tag)|(ctx)); \
+ *(p++)=0x80
+
+#define M_ASN1_I2D_INF_seq_end() *(p++)=0x00; *(p++)=0x00
+
+#define M_ASN1_I2D_finish() *pp=p; \
+ return(r);
+
+#ifndef NOPROTO
+int asn1_GetSequence(ASN1_CTX *c, long *length);
+void asn1_add_error(unsigned char *address,int offset);
+#else
+int asn1_GetSequence();
+void asn1_add_error();
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/src/lib/libssl/src/crypto/asn1/asn1_par.c b/src/lib/libssl/src/crypto/asn1/asn1_par.c
new file mode 100644
index 0000000000..3906227d21
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/asn1_par.c
@@ -0,0 +1,393 @@
+/* crypto/asn1/asn1_par.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "buffer.h"
+#include "objects.h"
+#include "x509.h"
+
+#ifndef NOPROTO
+static int asn1_print_info(BIO *bp, int tag, int xclass,int constructed,
+ int indent);
+static int asn1_parse2(BIO *bp, unsigned char **pp, long length,
+ int offset, int depth, int indent);
+#else
+static int asn1_print_info();
+static int asn1_parse2();
+#endif
+
+static int asn1_print_info(bp, tag, xclass, constructed,indent)
+BIO *bp;
+int tag;
+int xclass;
+int constructed;
+int indent;
+ {
+ static char *fmt="%-18s";
+ static char *fmt2="%2d %-15s";
+ char *p,str[128],*p2=NULL;
+
+ if (constructed & V_ASN1_CONSTRUCTED)
+ p="cons: ";
+ else
+ p="prim: ";
+ if (BIO_write(bp,p,6) < 6) goto err;
+ if (indent)
+ {
+ if (indent > 128) indent=128;
+ memset(str,' ',indent);
+ if (BIO_write(bp,str,indent) < indent) goto err;
+ }
+
+ p=str;
+ if ((xclass & V_ASN1_PRIVATE) == V_ASN1_PRIVATE)
+ sprintf(str,"priv [ %d ] ",tag);
+ else if ((xclass & V_ASN1_CONTEXT_SPECIFIC) == V_ASN1_CONTEXT_SPECIFIC)
+ sprintf(str,"cont [ %d ]",tag);
+ else if ((xclass & V_ASN1_APPLICATION) == V_ASN1_APPLICATION)
+ sprintf(str,"appl [ %d ]",tag);
+ else if ((tag == V_ASN1_EOC) /* && (xclass == V_ASN1_UNIVERSAL) */)
+ p="EOC";
+ else if (tag == V_ASN1_BOOLEAN)
+ p="BOOLEAN";
+ else if (tag == V_ASN1_INTEGER)
+ p="INTEGER";
+ else if (tag == V_ASN1_BIT_STRING)
+ p="BIT STRING";
+ else if (tag == V_ASN1_OCTET_STRING)
+ p="OCTET STRING";
+ else if (tag == V_ASN1_NULL)
+ p="NULL";
+ else if (tag == V_ASN1_OBJECT)
+ p="OBJECT";
+ else if (tag == V_ASN1_SEQUENCE)
+ p="SEQUENCE";
+ else if (tag == V_ASN1_SET)
+ p="SET";
+ else if (tag == V_ASN1_PRINTABLESTRING)
+ p="PRINTABLESTRING";
+ else if (tag == V_ASN1_T61STRING)
+ p="T61STRING";
+ else if (tag == V_ASN1_IA5STRING)
+ p="IA5STRING";
+ else if (tag == V_ASN1_UTCTIME)
+ p="UTCTIME";
+
+ /* extras */
+ else if (tag == V_ASN1_NUMERICSTRING)
+ p="NUMERICSTRING";
+ else if (tag == V_ASN1_VIDEOTEXSTRING)
+ p="VIDEOTEXSTRING";
+ else if (tag == V_ASN1_GENERALIZEDTIME)
+ p="GENERALIZEDTIME";
+ else if (tag == V_ASN1_GRAPHICSTRING)
+ p="GRAPHICSTRING";
+ else if (tag == V_ASN1_ISO64STRING)
+ p="ISO64STRING";
+ else if (tag == V_ASN1_GENERALSTRING)
+ p="GENERALSTRING";
+ else if (tag == V_ASN1_UNIVERSALSTRING)
+ p="UNIVERSALSTRING";
+ else if (tag == V_ASN1_BMPSTRING)
+ p="BMPSTRING";
+ else
+ p2="(unknown)";
+
+ if (p2 != NULL)
+ {
+ if (BIO_printf(bp,fmt2,tag,p2) <= 0) goto err;
+ }
+ else
+ {
+ if (BIO_printf(bp,fmt,p) <= 0) goto err;
+ }
+ return(1);
+err:
+ return(0);
+ }
+
+int ASN1_parse(bp, pp, len, indent)
+BIO *bp;
+unsigned char *pp;
+long len;
+int indent;
+ {
+ return(asn1_parse2(bp,&pp,len,0,0,indent));
+ }
+
+static int asn1_parse2(bp, pp, length, offset, depth, indent)
+BIO *bp;
+unsigned char **pp;
+long length;
+int offset;
+int depth;
+int indent;
+ {
+ unsigned char *p,*ep,*tot,*op,*opp;
+ long len;
+ int tag,xclass,ret=0;
+ int nl,hl,j,r;
+ ASN1_OBJECT *o=NULL;
+ ASN1_OCTET_STRING *os=NULL;
+ /* ASN1_BMPSTRING *bmp=NULL;*/
+
+ p= *pp;
+ tot=p+length;
+ op=p-1;
+ while ((p < tot) && (op < p))
+ {
+ op=p;
+ j=ASN1_get_object(&p,&len,&tag,&xclass,length);
+#ifdef LINT
+ j=j;
+#endif
+ if (j & 0x80)
+ {
+ if (BIO_write(bp,"Error in encoding\n",18) <= 0)
+ goto end;
+ ret=0;
+ goto end;
+ }
+ hl=(p-op);
+ length-=hl;
+ /* if j == 0x21 it is a constructed indefinite length object */
+ if (BIO_printf(bp,"%5ld:",(long)offset+(long)(op- *pp))
+ <= 0) goto end;
+
+ if (j != (V_ASN1_CONSTRUCTED | 1))
+ {
+ if (BIO_printf(bp,"d=%-2d hl=%ld l=%4ld ",
+ depth,(long)hl,len) <= 0)
+ goto end;
+ }
+ else
+ {
+ if (BIO_printf(bp,"d=%-2d hl=%ld l=inf ",
+ depth,(long)hl) <= 0)
+ goto end;
+ }
+ if (!asn1_print_info(bp,tag,xclass,j,(indent)?depth:0))
+ goto end;
+ if (j & V_ASN1_CONSTRUCTED)
+ {
+ ep=p+len;
+ if (BIO_write(bp,"\n",1) <= 0) goto end;
+ if (len > length)
+ {
+ BIO_printf(bp,
+ "length is greater than %ld\n",length);
+ ret=0;
+ goto end;
+ }
+ if ((j == 0x21) && (len == 0))
+ {
+ for (;;)
+ {
+ r=asn1_parse2(bp,&p,(long)(tot-p),
+ offset+(p - *pp),depth+1,
+ indent);
+ if (r == 0) { ret=0; goto end; }
+ if ((r == 2) || (p >= tot)) break;
+ }
+ }
+ else
+ while (p < ep)
+ {
+ r=asn1_parse2(bp,&p,(long)len,
+ offset+(p - *pp),depth+1,
+ indent);
+ if (r == 0) { ret=0; goto end; }
+ }
+ }
+ else if (xclass != 0)
+ {
+ p+=len;
+ if (BIO_write(bp,"\n",1) <= 0) goto end;
+ }
+ else
+ {
+ nl=0;
+ if ( (tag == V_ASN1_PRINTABLESTRING) ||
+ (tag == V_ASN1_T61STRING) ||
+ (tag == V_ASN1_IA5STRING) ||
+ (tag == V_ASN1_UTCTIME))
+ {
+ if (BIO_write(bp,":",1) <= 0) goto end;
+ if ((len > 0) &&
+ BIO_write(bp,(char *)p,(int)len)
+ != (int)len)
+ goto end;
+ }
+ else if (tag == V_ASN1_OBJECT)
+ {
+ opp=op;
+ if (d2i_ASN1_OBJECT(&o,&opp,len+hl) != NULL)
+ {
+ if (BIO_write(bp,":",1) <= 0) goto end;
+ i2a_ASN1_OBJECT(bp,o);
+ }
+ else
+ {
+ if (BIO_write(bp,":BAD OBJECT",11) <= 0)
+ goto end;
+ }
+ }
+ else if (tag == V_ASN1_BOOLEAN)
+ {
+ int ii;
+
+ opp=op;
+ ii=d2i_ASN1_BOOLEAN(NULL,&opp,len+hl);
+ if (ii < 0)
+ {
+ if (BIO_write(bp,"Bad boolean\n",12))
+ goto end;
+ }
+ BIO_printf(bp,":%d",ii);
+ }
+ else if (tag == V_ASN1_BMPSTRING)
+ {
+ /* do the BMP thang */
+ }
+ else if (tag == V_ASN1_OCTET_STRING)
+ {
+ int i,printable=1;
+
+ opp=op;
+ os=d2i_ASN1_OCTET_STRING(NULL,&opp,len+hl);
+ if (os != NULL)
+ {
+ opp=os->data;
+ for (i=0; i<os->length; i++)
+ {
+ if (( (opp[i] < ' ') &&
+ (opp[i] != '\n') &&
+ (opp[i] != '\r') &&
+ (opp[i] != '\t')) ||
+ (opp[i] > '~'))
+ {
+ printable=0;
+ break;
+ }
+ }
+ if (printable && (os->length > 0))
+ {
+ if (BIO_write(bp,":",1) <= 0)
+ goto end;
+ if (BIO_write(bp,(char *)opp,
+ os->length) <= 0)
+ goto end;
+ }
+ ASN1_OCTET_STRING_free(os);
+ os=NULL;
+ }
+ }
+ else if (tag == V_ASN1_INTEGER)
+ {
+ ASN1_INTEGER *bs;
+ int i;
+
+ opp=op;
+ bs=d2i_ASN1_INTEGER(NULL,&opp,len+hl);
+ if (bs != NULL)
+ {
+ if (BIO_write(bp,":",1) <= 0) goto end;
+ if (bs->type == V_ASN1_NEG_INTEGER)
+ if (BIO_write(bp,"-",1) <= 0)
+ goto end;
+ for (i=0; i<bs->length; i++)
+ {
+ if (BIO_printf(bp,"%02X",
+ bs->data[i]) <= 0)
+ goto end;
+ }
+ if (bs->length == 0)
+ {
+ if (BIO_write(bp,"00",2) <= 0)
+ goto end;
+ }
+ }
+ else
+ {
+ if (BIO_write(bp,"BAD INTEGER",11) <= 0)
+ goto end;
+ }
+ ASN1_INTEGER_free(bs);
+ }
+
+ if (!nl)
+ {
+ if (BIO_write(bp,"\n",1) <= 0) goto end;
+ }
+ p+=len;
+ if ((tag == V_ASN1_EOC) && (xclass == 0))
+ {
+ ret=2; /* End of sequence */
+ goto end;
+ }
+ }
+ length-=len;
+ }
+ ret=1;
+end:
+ if (o != NULL) ASN1_OBJECT_free(o);
+ if (os != NULL) ASN1_OCTET_STRING_free(os);
+ *pp=p;
+ return(ret);
+ }
diff --git a/src/lib/libssl/src/crypto/asn1/d2i_pr.c b/src/lib/libssl/src/crypto/asn1/d2i_pr.c
new file mode 100644
index 0000000000..b9eaa9629b
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/d2i_pr.c
@@ -0,0 +1,117 @@
+/* crypto/asn1/d2i_pr.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+EVP_PKEY *d2i_PrivateKey(type,a,pp,length)
+int type;
+EVP_PKEY **a;
+unsigned char **pp;
+long length;
+ {
+ EVP_PKEY *ret;
+
+ if ((a == NULL) || (*a == NULL))
+ {
+ if ((ret=EVP_PKEY_new()) == NULL)
+ {
+ ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_EVP_LIB);
+ return(NULL);
+ }
+ }
+ else ret= *a;
+
+ ret->save_type=type;
+ ret->type=EVP_PKEY_type(type);
+ switch (ret->type)
+ {
+#ifndef NO_RSA
+ case EVP_PKEY_RSA:
+ if ((ret->pkey.rsa=d2i_RSAPrivateKey(NULL,pp,length)) == NULL)
+ {
+ ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_ASN1_LIB);
+ goto err;
+ }
+ break;
+#endif
+#ifndef NO_DSA
+ case EVP_PKEY_DSA:
+ if ((ret->pkey.dsa=d2i_DSAPrivateKey(NULL,pp,length)) == NULL)
+ {
+ ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_ASN1_LIB);
+ goto err;
+ }
+ break;
+#endif
+ default:
+ ASN1err(ASN1_F_D2I_PRIVATEKEY,ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE);
+ goto err;
+ break;
+ }
+ if (a != NULL) (*a)=ret;
+ return(ret);
+err:
+ if ((ret != NULL) && ((a == NULL) || (*a != ret))) EVP_PKEY_free(ret);
+ return(NULL);
+ }
+
diff --git a/src/lib/libssl/src/crypto/asn1/d2i_pu.c b/src/lib/libssl/src/crypto/asn1/d2i_pu.c
new file mode 100644
index 0000000000..5d6192f1e5
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/d2i_pu.c
@@ -0,0 +1,117 @@
+/* crypto/asn1/d2i_pu.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+EVP_PKEY *d2i_PublicKey(type,a,pp,length)
+int type;
+EVP_PKEY **a;
+unsigned char **pp;
+long length;
+ {
+ EVP_PKEY *ret;
+
+ if ((a == NULL) || (*a == NULL))
+ {
+ if ((ret=EVP_PKEY_new()) == NULL)
+ {
+ ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_EVP_LIB);
+ return(NULL);
+ }
+ }
+ else ret= *a;
+
+ ret->save_type=type;
+ ret->type=EVP_PKEY_type(type);
+ switch (ret->type)
+ {
+#ifndef NO_RSA
+ case EVP_PKEY_RSA:
+ if ((ret->pkey.rsa=d2i_RSAPublicKey(NULL,pp,length)) == NULL)
+ {
+ ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_ASN1_LIB);
+ goto err;
+ }
+ break;
+#endif
+#ifndef NO_DSA
+ case EVP_PKEY_DSA:
+ if ((ret->pkey.dsa=d2i_DSAPublicKey(NULL,pp,length)) == NULL)
+ {
+ ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_ASN1_LIB);
+ goto err;
+ }
+ break;
+#endif
+ default:
+ ASN1err(ASN1_F_D2I_PUBLICKEY,ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE);
+ goto err;
+ break;
+ }
+ if (a != NULL) (*a)=ret;
+ return(ret);
+err:
+ if ((ret != NULL) && ((a == NULL) || (*a != ret))) EVP_PKEY_free(ret);
+ return(NULL);
+ }
+
diff --git a/src/lib/libssl/src/crypto/asn1/evp_asn1.c b/src/lib/libssl/src/crypto/asn1/evp_asn1.c
new file mode 100644
index 0000000000..ebe34a3362
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/evp_asn1.c
@@ -0,0 +1,193 @@
+/* crypto/asn1/evp_asn1.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1.h"
+#include "asn1_mac.h"
+
+int ASN1_TYPE_set_octetstring(a,data,len)
+ASN1_TYPE *a;
+unsigned char *data;
+int len;
+ {
+ ASN1_STRING *os;
+
+ if ((os=ASN1_OCTET_STRING_new()) == NULL) return(0);
+ if (!ASN1_OCTET_STRING_set(os,data,len)) return(0);
+ ASN1_TYPE_set(a,V_ASN1_OCTET_STRING,(char *)os);
+ return(1);
+ }
+
+int ASN1_TYPE_get_octetstring(a,data,max_len)
+ASN1_TYPE *a;
+unsigned char *data;
+int max_len; /* for returned value */
+ {
+ int ret,num;
+ unsigned char *p;
+
+ if ((a->type != V_ASN1_OCTET_STRING) || (a->value.octet_string == NULL))
+ {
+ ASN1err(ASN1_F_ASN1_TYPE_GET_OCTETSTRING,ASN1_R_DATA_IS_WRONG);
+ return(-1);
+ }
+ p=ASN1_STRING_data(a->value.octet_string);
+ ret=ASN1_STRING_length(a->value.octet_string);
+ if (ret < max_len)
+ num=ret;
+ else
+ num=max_len;
+ memcpy(data,p,num);
+ return(ret);
+ }
+
+int ASN1_TYPE_set_int_octetstring(a,num,data,len)
+ASN1_TYPE *a;
+long num;
+unsigned char *data;
+int len;
+ {
+ int n,size;
+ ASN1_OCTET_STRING os,*osp;
+ ASN1_INTEGER in;
+ unsigned char *p;
+ unsigned char buf[32]; /* when they have 256bit longs,
+ * I'll be in trouble */
+ in.data=buf;
+ in.length=32;
+ os.data=data;
+ os.type=V_ASN1_OCTET_STRING;
+ os.length=len;
+ ASN1_INTEGER_set(&in,num);
+ n = i2d_ASN1_INTEGER(&in,NULL);
+ n+=M_i2d_ASN1_OCTET_STRING(&os,NULL);
+
+ size=ASN1_object_size(1,n,V_ASN1_SEQUENCE);
+
+ if ((osp=ASN1_STRING_new()) == NULL) return(0);
+ /* Grow the 'string' */
+ ASN1_STRING_set(osp,NULL,size);
+
+ ASN1_STRING_length(osp)=size;
+ p=ASN1_STRING_data(osp);
+
+ ASN1_put_object(&p,1,n,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
+ i2d_ASN1_INTEGER(&in,&p);
+ M_i2d_ASN1_OCTET_STRING(&os,&p);
+
+ ASN1_TYPE_set(a,V_ASN1_SEQUENCE,(char *)osp);
+ return(1);
+ }
+
+/* we return the actual length... */
+int ASN1_TYPE_get_int_octetstring(a,num,data,max_len)
+ASN1_TYPE *a;
+long *num;
+unsigned char *data;
+int max_len; /* for returned value */
+ {
+ int ret= -1,n;
+ ASN1_INTEGER *ai=NULL;
+ ASN1_OCTET_STRING *os=NULL;
+ unsigned char *p;
+ long length;
+ ASN1_CTX c;
+
+ if ((a->type != V_ASN1_SEQUENCE) || (a->value.sequence == NULL))
+ {
+ goto err;
+ }
+ p=ASN1_STRING_data(a->value.sequence);
+ length=ASN1_STRING_length(a->value.sequence);
+
+ c.pp= &p;
+ c.p=p;
+ c.max=p+length;
+ c.error=ASN1_R_DATA_IS_WRONG;
+
+ M_ASN1_D2I_start_sequence();
+ c.q=c.p;
+ if ((ai=d2i_ASN1_INTEGER(NULL,&c.p,c.slen)) == NULL) goto err;
+ c.slen-=(c.p-c.q);
+ c.q=c.p;
+ if ((os=d2i_ASN1_OCTET_STRING(NULL,&c.p,c.slen)) == NULL) goto err;
+ c.slen-=(c.p-c.q);
+ if (!M_ASN1_D2I_end_sequence()) goto err;
+
+ if (num != NULL)
+ *num=ASN1_INTEGER_get(ai);
+
+ ret=ASN1_STRING_length(os);
+ if (max_len > ret)
+ n=ret;
+ else
+ n=max_len;
+
+ if (data != NULL)
+ memcpy(data,ASN1_STRING_data(os),n);
+ if (0)
+ {
+err:
+ ASN1err(ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING,ASN1_R_DATA_IS_WRONG);
+ }
+ if (os != NULL) ASN1_OCTET_STRING_free(os);
+ if (ai != NULL) ASN1_INTEGER_free(ai);
+ return(ret);
+ }
+
diff --git a/src/lib/libssl/src/crypto/asn1/f_int.c b/src/lib/libssl/src/crypto/asn1/f_int.c
new file mode 100644
index 0000000000..4817c45cb7
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/f_int.c
@@ -0,0 +1,211 @@
+/* crypto/asn1/f_int.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "buffer.h"
+#include "x509.h"
+
+int i2a_ASN1_INTEGER(bp, a)
+BIO *bp;
+ASN1_INTEGER *a;
+ {
+ int i,n=0;
+ static char *h="0123456789ABCDEF";
+ char buf[2];
+
+ if (a == NULL) return(0);
+
+ if (a->length == 0)
+ {
+ if (BIO_write(bp,"00",2) != 2) goto err;
+ n=2;
+ }
+ else
+ {
+ for (i=0; i<a->length; i++)
+ {
+ if ((i != 0) && (i%35 == 0))
+ {
+ if (BIO_write(bp,"\\\n",2) != 2) goto err;
+ n+=2;
+ }
+ buf[0]=h[((unsigned char)a->data[i]>>4)&0x0f];
+ buf[1]=h[((unsigned char)a->data[i] )&0x0f];
+ if (BIO_write(bp,buf,2) != 2) goto err;
+ n+=2;
+ }
+ }
+ return(n);
+err:
+ return(-1);
+ }
+
+int a2i_ASN1_INTEGER(bp,bs,buf,size)
+BIO *bp;
+ASN1_INTEGER *bs;
+char *buf;
+int size;
+ {
+ int ret=0;
+ int i,j,k,m,n,again,bufsize;
+ unsigned char *s=NULL,*sp;
+ unsigned char *bufp;
+ int num=0,slen=0,first=1;
+
+ bs->type=V_ASN1_INTEGER;
+
+ bufsize=BIO_gets(bp,buf,size);
+ for (;;)
+ {
+ if (bufsize < 1) goto err_sl;
+ i=bufsize;
+ if (buf[i-1] == '\n') buf[--i]='\0';
+ if (i == 0) goto err_sl;
+ if (buf[i-1] == '\r') buf[--i]='\0';
+ if (i == 0) goto err_sl;
+ again=(buf[i-1] == '\\');
+
+ for (j=0; j<i; j++)
+ {
+ if (!( ((buf[j] >= '0') && (buf[j] <= '9')) ||
+ ((buf[j] >= 'a') && (buf[j] <= 'f')) ||
+ ((buf[j] >= 'A') && (buf[j] <= 'F'))))
+ {
+ i=j;
+ break;
+ }
+ }
+ buf[i]='\0';
+ /* We have now cleared all the crap off the end of the
+ * line */
+ if (i < 2) goto err_sl;
+
+ bufp=(unsigned char *)buf;
+ if (first)
+ {
+ first=0;
+ if ((bufp[0] == '0') && (buf[1] == '0'))
+ {
+ bufp+=2;
+ i-=2;
+ }
+ }
+ k=0;
+ i-=again;
+ if (i%2 != 0)
+ {
+ ASN1err(ASN1_F_A2I_ASN1_INTEGER,ASN1_R_ODD_NUMBER_OF_CHARS);
+ goto err;
+ }
+ i/=2;
+ if (num+i > slen)
+ {
+ if (s == NULL)
+ sp=(unsigned char *)Malloc(
+ (unsigned int)num+i*2);
+ else
+ sp=(unsigned char *)Realloc(s,
+ (unsigned int)num+i*2);
+ if (sp == NULL)
+ {
+ ASN1err(ASN1_F_A2I_ASN1_INTEGER,ERR_R_MALLOC_FAILURE);
+ if (s != NULL) Free((char *)s);
+ goto err;
+ }
+ s=sp;
+ slen=num+i*2;
+ }
+ for (j=0; j<i; j++,k+=2)
+ {
+ for (n=0; n<2; n++)
+ {
+ m=bufp[k+n];
+ if ((m >= '0') && (m <= '9'))
+ m-='0';
+ else if ((m >= 'a') && (m <= 'f'))
+ m=m-'a'+10;
+ else if ((m >= 'A') && (m <= 'F'))
+ m=m-'A'+10;
+ else
+ {
+ ASN1err(ASN1_F_A2I_ASN1_INTEGER,ASN1_R_NON_HEX_CHARACTERS);
+ goto err;
+ }
+ s[num+j]<<=4;
+ s[num+j]|=m;
+ }
+ }
+ num+=i;
+ if (again)
+ bufsize=BIO_gets(bp,buf,size);
+ else
+ break;
+ }
+ bs->length=num;
+ bs->data=s;
+ ret=1;
+err:
+ if (0)
+ {
+err_sl:
+ ASN1err(ASN1_F_A2I_ASN1_INTEGER,ASN1_R_SHORT_LINE);
+ }
+ return(ret);
+ }
+
diff --git a/src/lib/libssl/src/crypto/asn1/f_string.c b/src/lib/libssl/src/crypto/asn1/f_string.c
new file mode 100644
index 0000000000..ab2837824e
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/f_string.c
@@ -0,0 +1,210 @@
+/* crypto/asn1/f_string.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "buffer.h"
+#include "x509.h"
+
+int i2a_ASN1_STRING(bp, a, type)
+BIO *bp;
+ASN1_STRING *a;
+int type;
+ {
+ int i,n=0;
+ static char *h="0123456789ABCDEF";
+ char buf[2];
+
+ if (a == NULL) return(0);
+
+ if (a->length == 0)
+ {
+ if (BIO_write(bp,"0",1) != 1) goto err;
+ n=1;
+ }
+ else
+ {
+ for (i=0; i<a->length; i++)
+ {
+ if ((i != 0) && (i%35 == 0))
+ {
+ if (BIO_write(bp,"\\\n",2) != 2) goto err;
+ n+=2;
+ }
+ buf[0]=h[((unsigned char)a->data[i]>>4)&0x0f];
+ buf[1]=h[((unsigned char)a->data[i] )&0x0f];
+ if (BIO_write(bp,buf,2) != 2) goto err;
+ n+=2;
+ }
+ }
+ return(n);
+err:
+ return(-1);
+ }
+
+int a2i_ASN1_STRING(bp,bs,buf,size)
+BIO *bp;
+ASN1_STRING *bs;
+char *buf;
+int size;
+ {
+ int ret=0;
+ int i,j,k,m,n,again,bufsize;
+ unsigned char *s=NULL,*sp;
+ unsigned char *bufp;
+ int num=0,slen=0,first=1;
+
+ bufsize=BIO_gets(bp,buf,size);
+ for (;;)
+ {
+ if (bufsize < 1)
+ {
+ if (first)
+ break;
+ else
+ goto err_sl;
+ }
+ first=0;
+
+ i=bufsize;
+ if (buf[i-1] == '\n') buf[--i]='\0';
+ if (i == 0) goto err_sl;
+ if (buf[i-1] == '\r') buf[--i]='\0';
+ if (i == 0) goto err_sl;
+ again=(buf[i-1] == '\\');
+
+ for (j=i-1; j>0; j--)
+ {
+ if (!( ((buf[j] >= '0') && (buf[j] <= '9')) ||
+ ((buf[j] >= 'a') && (buf[j] <= 'f')) ||
+ ((buf[j] >= 'A') && (buf[j] <= 'F'))))
+ {
+ i=j;
+ break;
+ }
+ }
+ buf[i]='\0';
+ /* We have now cleared all the crap off the end of the
+ * line */
+ if (i < 2) goto err_sl;
+
+ bufp=(unsigned char *)buf;
+
+ k=0;
+ i-=again;
+ if (i%2 != 0)
+ {
+ ASN1err(ASN1_F_A2I_ASN1_STRING,ASN1_R_ODD_NUMBER_OF_CHARS);
+ goto err;
+ }
+ i/=2;
+ if (num+i > slen)
+ {
+ if (s == NULL)
+ sp=(unsigned char *)Malloc(
+ (unsigned int)num+i*2);
+ else
+ sp=(unsigned char *)Realloc(s,
+ (unsigned int)num+i*2);
+ if (sp == NULL)
+ {
+ ASN1err(ASN1_F_A2I_ASN1_STRING,ERR_R_MALLOC_FAILURE);
+ if (s != NULL) Free((char *)s);
+ goto err;
+ }
+ s=sp;
+ slen=num+i*2;
+ }
+ for (j=0; j<i; j++,k+=2)
+ {
+ for (n=0; n<2; n++)
+ {
+ m=bufp[k+n];
+ if ((m >= '0') && (m <= '9'))
+ m-='0';
+ else if ((m >= 'a') && (m <= 'f'))
+ m=m-'a'+10;
+ else if ((m >= 'A') && (m <= 'F'))
+ m=m-'A'+10;
+ else
+ {
+ ASN1err(ASN1_F_A2I_ASN1_STRING,ASN1_R_NON_HEX_CHARACTERS);
+ goto err;
+ }
+ s[num+j]<<=4;
+ s[num+j]|=m;
+ }
+ }
+ num+=i;
+ if (again)
+ bufsize=BIO_gets(bp,buf,size);
+ else
+ break;
+ }
+ bs->length=num;
+ bs->data=s;
+ ret=1;
+err:
+ if (0)
+ {
+err_sl:
+ ASN1err(ASN1_F_A2I_ASN1_STRING,ASN1_R_SHORT_LINE);
+ }
+ return(ret);
+ }
+
diff --git a/src/lib/libssl/src/crypto/asn1/i2d_pr.c b/src/lib/libssl/src/crypto/asn1/i2d_pr.c
new file mode 100644
index 0000000000..b6b821d73c
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/i2d_pr.c
@@ -0,0 +1,86 @@
+/* crypto/asn1/i2d_pr.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "evp.h"
+#include "objects.h"
+
+int i2d_PrivateKey(a,pp)
+EVP_PKEY *a;
+unsigned char **pp;
+ {
+#ifndef NO_RSA
+ if (a->type == EVP_PKEY_RSA)
+ {
+ return(i2d_RSAPrivateKey(a->pkey.rsa,pp));
+ }
+ else
+#endif
+#ifndef NO_DSA
+ if (a->type == EVP_PKEY_DSA)
+ {
+ return(i2d_DSAPrivateKey(a->pkey.dsa,pp));
+ }
+#endif
+
+ ASN1err(ASN1_F_I2D_PRIVATEKEY,ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
+ return(-1);
+ }
+
diff --git a/src/lib/libssl/src/crypto/asn1/i2d_pu.c b/src/lib/libssl/src/crypto/asn1/i2d_pu.c
new file mode 100644
index 0000000000..1b854252b7
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/i2d_pu.c
@@ -0,0 +1,84 @@
+/* crypto/asn1/i2d_pu.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "evp.h"
+#include "objects.h"
+
+int i2d_PublicKey(a,pp)
+EVP_PKEY *a;
+unsigned char **pp;
+ {
+ switch (a->type)
+ {
+#ifndef NO_RSA
+ case EVP_PKEY_RSA:
+ return(i2d_RSAPublicKey(a->pkey.rsa,pp));
+#endif
+#ifndef NO_DSA
+ case EVP_PKEY_DSA:
+ return(i2d_DSAPublicKey(a->pkey.dsa,pp));
+#endif
+ default:
+ ASN1err(ASN1_F_I2D_PUBLICKEY,ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
+ return(-1);
+ }
+ }
+
diff --git a/src/lib/libssl/src/crypto/asn1/n_pkey.c b/src/lib/libssl/src/crypto/asn1/n_pkey.c
new file mode 100644
index 0000000000..5110c91bec
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/n_pkey.c
@@ -0,0 +1,365 @@
+/* crypto/asn1/n_pkey.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "rsa.h"
+#include "objects.h"
+#include "asn1_mac.h"
+#include "evp.h"
+#include "x509.h"
+
+
+#ifndef NO_RC4
+
+typedef struct netscape_pkey_st
+ {
+ ASN1_INTEGER *version;
+ X509_ALGOR *algor;
+ ASN1_OCTET_STRING *private_key;
+ } NETSCAPE_PKEY;
+
+/*
+ * ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ASN1_R_DECODING_ERROR);
+ * ASN1err(ASN1_F_D2I_NETSCAPE_PKEY,ASN1_R_DECODING_ERROR);
+ * ASN1err(ASN1_F_NETSCAPE_PKEY_NEW,ASN1_R_DECODING_ERROR);
+ */
+#ifndef NOPROTO
+static int i2d_NETSCAPE_PKEY(NETSCAPE_PKEY *a, unsigned char **pp);
+static NETSCAPE_PKEY *d2i_NETSCAPE_PKEY(NETSCAPE_PKEY **a,unsigned char **pp, long length);
+static NETSCAPE_PKEY *NETSCAPE_PKEY_new(void);
+static void NETSCAPE_PKEY_free(NETSCAPE_PKEY *);
+#else
+static int i2d_NETSCAPE_PKEY();
+static NETSCAPE_PKEY *d2i_NETSCAPE_PKEY();
+static NETSCAPE_PKEY *NETSCAPE_PKEY_new();
+static void NETSCAPE_PKEY_free();
+#endif
+
+int i2d_Netscape_RSA(a,pp,cb)
+RSA *a;
+unsigned char **pp;
+int (*cb)();
+ {
+ int i,j,l[6];
+ NETSCAPE_PKEY *pkey;
+ unsigned char buf[256],*zz;
+ unsigned char key[EVP_MAX_KEY_LENGTH];
+ EVP_CIPHER_CTX ctx;
+ X509_ALGOR *alg=NULL;
+ ASN1_OCTET_STRING os,os2;
+ M_ASN1_I2D_vars(a);
+
+ if (a == NULL) return(0);
+
+#ifdef WIN32
+ r=r; /* shut the damn compiler up :-) */
+#endif
+
+ os.data=os2.data=NULL;
+ if ((pkey=NETSCAPE_PKEY_new()) == NULL) goto err;
+ if (!ASN1_INTEGER_set(pkey->version,0)) goto err;
+
+ if (pkey->algor->algorithm != NULL)
+ ASN1_OBJECT_free(pkey->algor->algorithm);
+ pkey->algor->algorithm=OBJ_nid2obj(NID_rsaEncryption);
+ if ((pkey->algor->parameter=ASN1_TYPE_new()) == NULL) goto err;
+ pkey->algor->parameter->type=V_ASN1_NULL;
+
+ l[0]=i2d_RSAPrivateKey(a,NULL);
+ pkey->private_key->length=l[0];
+
+ os2.length=i2d_NETSCAPE_PKEY(pkey,NULL);
+ l[1]=i2d_ASN1_OCTET_STRING(&os2,NULL);
+
+ if ((alg=X509_ALGOR_new()) == NULL) goto err;
+ if (alg->algorithm != NULL)
+ ASN1_OBJECT_free(alg->algorithm);
+ alg->algorithm=OBJ_nid2obj(NID_rc4);
+ if ((alg->parameter=ASN1_TYPE_new()) == NULL) goto err;
+ alg->parameter->type=V_ASN1_NULL;
+
+ l[2]=i2d_X509_ALGOR(alg,NULL);
+ l[3]=ASN1_object_size(1,l[2]+l[1],V_ASN1_SEQUENCE);
+
+ os.data=(unsigned char *)"private-key";
+ os.length=11;
+ l[4]=i2d_ASN1_OCTET_STRING(&os,NULL);
+
+ l[5]=ASN1_object_size(1,l[4]+l[3],V_ASN1_SEQUENCE);
+
+ if (pp == NULL)
+ {
+ if (pkey != NULL) NETSCAPE_PKEY_free(pkey);
+ if (alg != NULL) X509_ALGOR_free(alg);
+ return(l[5]);
+ }
+
+ if (pkey->private_key->data != NULL)
+ Free((char *)pkey->private_key->data);
+ if ((pkey->private_key->data=(unsigned char *)Malloc(l[0])) == NULL)
+ {
+ ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ zz=pkey->private_key->data;
+ i2d_RSAPrivateKey(a,&zz);
+
+ if ((os2.data=(unsigned char *)Malloc(os2.length)) == NULL)
+ {
+ ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ zz=os2.data;
+ i2d_NETSCAPE_PKEY(pkey,&zz);
+
+ if (cb == NULL)
+ cb=EVP_read_pw_string;
+ i=cb(buf,256,"Enter Private Key password:",1);
+ if (i != 0)
+ {
+ ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ASN1_R_BAD_PASSWORD_READ);
+ goto err;
+ }
+ EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,
+ strlen((char *)buf),1,key,NULL);
+ memset(buf,0,256);
+
+ EVP_CIPHER_CTX_init(&ctx);
+ EVP_EncryptInit(&ctx,EVP_rc4(),key,NULL);
+ EVP_EncryptUpdate(&ctx,os2.data,&i,os2.data,os2.length);
+ EVP_EncryptFinal(&ctx,&(os2.data[i]),&j);
+ EVP_CIPHER_CTX_cleanup(&ctx);
+
+ p= *pp;
+ ASN1_put_object(&p,1,l[4]+l[3],V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
+ i2d_ASN1_OCTET_STRING(&os,&p);
+ ASN1_put_object(&p,1,l[2]+l[1],V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
+ i2d_X509_ALGOR(alg,&p);
+ i2d_ASN1_OCTET_STRING(&os2,&p);
+ ret=l[5];
+err:
+ if (os2.data != NULL) Free((char *)os2.data);
+ if (alg != NULL) X509_ALGOR_free(alg);
+ if (pkey != NULL) NETSCAPE_PKEY_free(pkey);
+ r=r;
+ return(ret);
+ }
+
+RSA *d2i_Netscape_RSA(a,pp,length,cb)
+RSA **a;
+unsigned char **pp;
+long length;
+int (*cb)();
+ {
+ RSA *ret=NULL;
+ ASN1_OCTET_STRING *os=NULL;
+ ASN1_CTX c;
+
+ c.pp=pp;
+ c.error=ASN1_R_DECODING_ERROR;
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(os,d2i_ASN1_OCTET_STRING);
+ if ((os->length != 11) || (strncmp("private-key",
+ (char *)os->data,os->length) != 0))
+ {
+ ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ASN1_R_PRIVATE_KEY_HEADER_MISSING);
+ ASN1_BIT_STRING_free(os);
+ goto err;
+ }
+ ASN1_BIT_STRING_free(os);
+ c.q=c.p;
+ if ((ret=d2i_Netscape_RSA_2(a,&c.p,c.slen,cb)) == NULL) goto err;
+ c.slen-=(c.p-c.q);
+
+ M_ASN1_D2I_Finish(a,RSA_free,ASN1_F_D2I_NETSCAPE_RSA);
+ }
+
+RSA *d2i_Netscape_RSA_2(a,pp,length,cb)
+RSA **a;
+unsigned char **pp;
+long length;
+int (*cb)();
+ {
+ NETSCAPE_PKEY *pkey=NULL;
+ RSA *ret=NULL;
+ int i,j;
+ unsigned char buf[256],*zz;
+ unsigned char key[EVP_MAX_KEY_LENGTH];
+ EVP_CIPHER_CTX ctx;
+ X509_ALGOR *alg=NULL;
+ ASN1_OCTET_STRING *os=NULL;
+ ASN1_CTX c;
+
+ c.error=ASN1_R_ERROR_STACK;
+ c.pp=pp;
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(alg,d2i_X509_ALGOR);
+ if (OBJ_obj2nid(alg->algorithm) != NID_rc4)
+ {
+ ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM);
+ goto err;
+ }
+ M_ASN1_D2I_get(os,d2i_ASN1_OCTET_STRING);
+ if (cb == NULL)
+ cb=EVP_read_pw_string;
+ i=cb(buf,256,"Enter Private Key password:",0);
+ if (i != 0)
+ {
+ ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_BAD_PASSWORD_READ);
+ goto err;
+ }
+
+ EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,
+ strlen((char *)buf),1,key,NULL);
+ memset(buf,0,256);
+
+ EVP_CIPHER_CTX_init(&ctx);
+ EVP_DecryptInit(&ctx,EVP_rc4(),key,NULL);
+ EVP_DecryptUpdate(&ctx,os->data,&i,os->data,os->length);
+ EVP_DecryptFinal(&ctx,&(os->data[i]),&j);
+ EVP_CIPHER_CTX_cleanup(&ctx);
+ os->length=i+j;
+
+ zz=os->data;
+
+ if ((pkey=d2i_NETSCAPE_PKEY(NULL,&zz,os->length)) == NULL)
+ {
+ ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY);
+ goto err;
+ }
+
+ zz=pkey->private_key->data;
+ if ((ret=d2i_RSAPrivateKey(a,&zz,pkey->private_key->length)) == NULL)
+ {
+ ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNABLE_TO_DECODE_RSA_KEY);
+ goto err;
+ }
+ if (!asn1_Finish(&c)) goto err;
+ *pp=c.p;
+err:
+ if (pkey != NULL) NETSCAPE_PKEY_free(pkey);
+ if (os != NULL) ASN1_BIT_STRING_free(os);
+ if (alg != NULL) X509_ALGOR_free(alg);
+ return(ret);
+ }
+
+static int i2d_NETSCAPE_PKEY(a,pp)
+NETSCAPE_PKEY *a;
+unsigned char **pp;
+ {
+ M_ASN1_I2D_vars(a);
+
+
+ M_ASN1_I2D_len(a->version, i2d_ASN1_INTEGER);
+ M_ASN1_I2D_len(a->algor, i2d_X509_ALGOR);
+ M_ASN1_I2D_len(a->private_key, i2d_ASN1_OCTET_STRING);
+
+ M_ASN1_I2D_seq_total();
+
+ M_ASN1_I2D_put(a->version, i2d_ASN1_INTEGER);
+ M_ASN1_I2D_put(a->algor, i2d_X509_ALGOR);
+ M_ASN1_I2D_put(a->private_key, i2d_ASN1_OCTET_STRING);
+
+ M_ASN1_I2D_finish();
+ }
+
+static NETSCAPE_PKEY *d2i_NETSCAPE_PKEY(a,pp,length)
+NETSCAPE_PKEY **a;
+unsigned char **pp;
+long length;
+ {
+ M_ASN1_D2I_vars(a,NETSCAPE_PKEY *,NETSCAPE_PKEY_new);
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER);
+ M_ASN1_D2I_get(ret->algor,d2i_X509_ALGOR);
+ M_ASN1_D2I_get(ret->private_key,d2i_ASN1_OCTET_STRING);
+ M_ASN1_D2I_Finish(a,NETSCAPE_PKEY_free,ASN1_F_D2I_NETSCAPE_PKEY);
+ }
+
+static NETSCAPE_PKEY *NETSCAPE_PKEY_new()
+ {
+ NETSCAPE_PKEY *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,NETSCAPE_PKEY);
+ M_ASN1_New(ret->version,ASN1_INTEGER_new);
+ M_ASN1_New(ret->algor,X509_ALGOR_new);
+ M_ASN1_New(ret->private_key,ASN1_OCTET_STRING_new);
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_NETSCAPE_PKEY_NEW);
+ }
+
+static void NETSCAPE_PKEY_free(a)
+NETSCAPE_PKEY *a;
+ {
+ if (a == NULL) return;
+ ASN1_INTEGER_free(a->version);
+ X509_ALGOR_free(a->algor);
+ ASN1_OCTET_STRING_free(a->private_key);
+ Free((char *)a);
+ }
+
+#endif /* NO_RC4 */
+
diff --git a/src/lib/libssl/src/crypto/asn1/t_pkey.c b/src/lib/libssl/src/crypto/asn1/t_pkey.c
new file mode 100644
index 0000000000..bc518d59a2
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/t_pkey.c
@@ -0,0 +1,392 @@
+/* crypto/asn1/t_pkey.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "buffer.h"
+#include "bn.h"
+#ifndef NO_RSA
+#include "rsa.h"
+#endif
+#ifndef NO_DH
+#include "dh.h"
+#endif
+#ifndef NO_DSA
+#include "dsa.h"
+#endif
+
+/* DHerr(DH_F_DHPARAMS_PRINT,ERR_R_MALLOC_FAILURE);
+ * DSAerr(DSA_F_DSAPARAMS_PRINT,ERR_R_MALLOC_FAILURE);
+ */
+
+#ifndef NOPROTO
+static int print(BIO *fp,char *str,BIGNUM *num,
+ unsigned char *buf,int off);
+#else
+static int print();
+#endif
+
+#ifndef NO_RSA
+#ifndef NO_FP_API
+int RSA_print_fp(fp,x,off)
+FILE *fp;
+RSA *x;
+int off;
+ {
+ BIO *b;
+ int ret;
+
+ if ((b=BIO_new(BIO_s_file())) == NULL)
+ {
+ RSAerr(RSA_F_RSA_PRINT_FP,ERR_R_BUF_LIB);
+ return(0);
+ }
+ BIO_set_fp(b,fp,BIO_NOCLOSE);
+ ret=RSA_print(b,x,off);
+ BIO_free(b);
+ return(ret);
+ }
+#endif
+
+int RSA_print(bp,x,off)
+BIO *bp;
+RSA *x;
+int off;
+ {
+ char str[128],*s;
+ unsigned char *m=NULL;
+ int i,ret=0;
+
+ i=RSA_size(x);
+ m=(unsigned char *)Malloc((unsigned int)i+10);
+ if (m == NULL)
+ {
+ RSAerr(RSA_F_RSA_PRINT,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ if (off)
+ {
+ if (off > 128) off=128;
+ memset(str,' ',off);
+ }
+ if (x->d != NULL)
+ {
+ if (off && (BIO_write(bp,str,off) <= 0)) goto err;
+ if (BIO_printf(bp,"Private-Key: (%d bit)\n",BN_num_bits(x->n))
+ <= 0) goto err;
+ }
+
+ if (x->d == NULL)
+ sprintf(str,"Modulus (%d bit):",BN_num_bits(x->n));
+ else
+ strcpy(str,"modulus:");
+ if (!print(bp,str,x->n,m,off)) goto err;
+ s=(x->d == NULL)?"Exponent:":"publicExponent:";
+ if (!print(bp,s,x->e,m,off)) goto err;
+ if (!print(bp,"privateExponent:",x->d,m,off)) goto err;
+ if (!print(bp,"prime1:",x->p,m,off)) goto err;
+ if (!print(bp,"prime2:",x->q,m,off)) goto err;
+ if (!print(bp,"exponent1:",x->dmp1,m,off)) goto err;
+ if (!print(bp,"exponent2:",x->dmq1,m,off)) goto err;
+ if (!print(bp,"coefficient:",x->iqmp,m,off)) goto err;
+ ret=1;
+err:
+ if (m != NULL) Free((char *)m);
+ return(ret);
+ }
+#endif /* NO_RSA */
+
+#ifndef NO_DSA
+#ifndef NO_FP_API
+int DSA_print_fp(fp,x,off)
+FILE *fp;
+DSA *x;
+int off;
+ {
+ BIO *b;
+ int ret;
+
+ if ((b=BIO_new(BIO_s_file())) == NULL)
+ {
+ DSAerr(DSA_F_DSA_PRINT_FP,ERR_R_BUF_LIB);
+ return(0);
+ }
+ BIO_set_fp(b,fp,BIO_NOCLOSE);
+ ret=DSA_print(b,x,off);
+ BIO_free(b);
+ return(ret);
+ }
+#endif
+
+int DSA_print(bp,x,off)
+BIO *bp;
+DSA *x;
+int off;
+ {
+ char str[128];
+ unsigned char *m=NULL;
+ int i,ret=0;
+ BIGNUM *bn=NULL;
+
+ if (x->p != NULL)
+ bn=x->p;
+ else if (x->priv_key != NULL)
+ bn=x->priv_key;
+ else if (x->pub_key != NULL)
+ bn=x->pub_key;
+
+ /* larger than needed but what the hell :-) */
+ if (bn != NULL)
+ i=BN_num_bytes(bn)*2;
+ else
+ i=256;
+ m=(unsigned char *)Malloc((unsigned int)i+10);
+ if (m == NULL)
+ {
+ DSAerr(DSA_F_DSA_PRINT,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ if (off)
+ {
+ if (off > 128) off=128;
+ memset(str,' ',off);
+ }
+ if (x->priv_key != NULL)
+ {
+ if (off && (BIO_write(bp,str,off) <= 0)) goto err;
+ if (BIO_printf(bp,"Private-Key: (%d bit)\n",BN_num_bits(x->p))
+ <= 0) goto err;
+ }
+
+ if ((x->priv_key != NULL) && !print(bp,"priv:",x->priv_key,m,off))
+ goto err;
+ if ((x->pub_key != NULL) && !print(bp,"pub: ",x->pub_key,m,off))
+ goto err;
+ if ((x->p != NULL) && !print(bp,"P: ",x->p,m,off)) goto err;
+ if ((x->q != NULL) && !print(bp,"Q: ",x->q,m,off)) goto err;
+ if ((x->g != NULL) && !print(bp,"G: ",x->g,m,off)) goto err;
+ ret=1;
+err:
+ if (m != NULL) Free((char *)m);
+ return(ret);
+ }
+#endif /* !NO_DSA */
+
+static int print(bp,number,num,buf,off)
+BIO *bp;
+char *number;
+BIGNUM *num;
+unsigned char *buf;
+int off;
+ {
+ int n,i;
+ char str[128],*neg;
+
+ if (num == NULL) return(1);
+ neg=(num->neg)?"-":"";
+ if (off)
+ {
+ if (off > 128) off=128;
+ memset(str,' ',off);
+ if (BIO_write(bp,str,off) <= 0) return(0);
+ }
+
+ if (BN_num_bytes(num) <= BN_BYTES)
+ {
+ if (BIO_printf(bp,"%s %s%lu (%s0x%lx)\n",number,neg,
+ (unsigned long)num->d[0],neg,(unsigned long)num->d[0])
+ <= 0) return(0);
+ }
+ else
+ {
+ buf[0]=0;
+ if (BIO_printf(bp,"%s%s",number,
+ (neg[0] == '-')?" (Negative)":"") <= 0)
+ return(0);
+ n=BN_bn2bin(num,&buf[1]);
+
+ if (buf[1] & 0x80)
+ n++;
+ else buf++;
+
+ for (i=0; i<n; i++)
+ {
+ if ((i%15) == 0)
+ {
+ str[0]='\n';
+ memset(&(str[1]),' ',off+4);
+ if (BIO_write(bp,str,off+1+4) <= 0) return(0);
+ }
+ if (BIO_printf(bp,"%02x%s",buf[i],((i+1) == n)?"":":")
+ <= 0) return(0);
+ }
+ if (BIO_write(bp,"\n",1) <= 0) return(0);
+ }
+ return(1);
+ }
+
+#ifndef NO_DH
+#ifndef NO_FP_API
+int DHparams_print_fp(fp,x)
+FILE *fp;
+DH *x;
+ {
+ BIO *b;
+ int ret;
+
+ if ((b=BIO_new(BIO_s_file())) == NULL)
+ {
+ DHerr(DH_F_DHPARAMS_PRINT_FP,ERR_R_BUF_LIB);
+ return(0);
+ }
+ BIO_set_fp(b,fp,BIO_NOCLOSE);
+ ret=DHparams_print(b, x);
+ BIO_free(b);
+ return(ret);
+ }
+#endif
+
+int DHparams_print(bp,x)
+BIO *bp;
+DH *x;
+ {
+ unsigned char *m=NULL;
+ int reason=ERR_R_BUF_LIB,i,ret=0;
+
+ i=BN_num_bytes(x->p);
+ m=(unsigned char *)Malloc((unsigned int)i+10);
+ if (m == NULL)
+ {
+ reason=ERR_R_MALLOC_FAILURE;
+ goto err;
+ }
+
+ if (BIO_printf(bp,"Diffie-Hellman-Parameters: (%d bit)\n",
+ BN_num_bits(x->p)) <= 0)
+ goto err;
+ if (!print(bp,"prime:",x->p,m,4)) goto err;
+ if (!print(bp,"generator:",x->g,m,4)) goto err;
+ if (x->length != 0)
+ {
+ if (BIO_printf(bp," recomented-private-length: %d bits\n",
+ (int)x->length) <= 0) goto err;
+ }
+ ret=1;
+ if (0)
+ {
+err:
+ DHerr(DH_F_DHPARAMS_PRINT,reason);
+ }
+ if (m != NULL) Free((char *)m);
+ return(ret);
+ }
+#endif
+
+#ifndef NO_DSA
+#ifndef NO_FP_API
+int DSAparams_print_fp(fp,x)
+FILE *fp;
+DSA *x;
+ {
+ BIO *b;
+ int ret;
+
+ if ((b=BIO_new(BIO_s_file())) == NULL)
+ {
+ DSAerr(DSA_F_DSAPARAMS_PRINT_FP,ERR_R_BUF_LIB);
+ return(0);
+ }
+ BIO_set_fp(b,fp,BIO_NOCLOSE);
+ ret=DSAparams_print(b, x);
+ BIO_free(b);
+ return(ret);
+ }
+#endif
+
+int DSAparams_print(bp,x)
+BIO *bp;
+DSA *x;
+ {
+ unsigned char *m=NULL;
+ int reason=ERR_R_BUF_LIB,i,ret=0;
+
+ i=BN_num_bytes(x->p);
+ m=(unsigned char *)Malloc((unsigned int)i+10);
+ if (m == NULL)
+ {
+ reason=ERR_R_MALLOC_FAILURE;
+ goto err;
+ }
+
+ if (BIO_printf(bp,"DSA-Parameters: (%d bit)\n",
+ BN_num_bits(x->p)) <= 0)
+ goto err;
+ if (!print(bp,"p:",x->p,m,4)) goto err;
+ if (!print(bp,"q:",x->q,m,4)) goto err;
+ if (!print(bp,"g:",x->g,m,4)) goto err;
+ ret=1;
+err:
+ if (m != NULL) Free((char *)m);
+ DSAerr(DSA_F_DSAPARAMS_PRINT,reason);
+ return(ret);
+ }
+
+#endif /* !NO_DSA */
+
diff --git a/src/lib/libssl/src/crypto/asn1/t_req.c b/src/lib/libssl/src/crypto/asn1/t_req.c
new file mode 100644
index 0000000000..7df749a48f
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/t_req.c
@@ -0,0 +1,226 @@
+/* crypto/asn1/t_req.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "buffer.h"
+#include "bn.h"
+#include "objects.h"
+#include "x509.h"
+
+#ifndef NO_FP_API
+int X509_REQ_print_fp(fp,x)
+FILE *fp;
+X509_REQ *x;
+ {
+ BIO *b;
+ int ret;
+
+ if ((b=BIO_new(BIO_s_file())) == NULL)
+ {
+ X509err(X509_F_X509_REQ_PRINT_FP,ERR_R_BUF_LIB);
+ return(0);
+ }
+ BIO_set_fp(b,fp,BIO_NOCLOSE);
+ ret=X509_REQ_print(b, x);
+ BIO_free(b);
+ return(ret);
+ }
+#endif
+
+int X509_REQ_print(bp,x)
+BIO *bp;
+X509_REQ *x;
+ {
+ unsigned long l;
+ int i,n;
+ char *s,*neg;
+ X509_REQ_INFO *ri;
+ EVP_PKEY *pkey;
+ STACK *sk;
+ char str[128];
+
+ ri=x->req_info;
+ sprintf(str,"Certificate Request:\n");
+ if (BIO_puts(bp,str) <= 0) goto err;
+ sprintf(str,"%4sData:\n","");
+ if (BIO_puts(bp,str) <= 0) goto err;
+
+ neg=(ri->version->type == V_ASN1_NEG_INTEGER)?"-":"";
+ l=0;
+ for (i=0; i<ri->version->length; i++)
+ { l<<=8; l+=ri->version->data[i]; }
+ sprintf(str,"%8sVersion: %s%lu (%s0x%lx)\n","",neg,l,neg,l);
+ if (BIO_puts(bp,str) <= 0) goto err;
+ sprintf(str,"%8sSubject: ","");
+ if (BIO_puts(bp,str) <= 0) goto err;
+
+ X509_NAME_print(bp,ri->subject,16);
+ sprintf(str,"\n%8sSubject Public Key Info:\n","");
+ if (BIO_puts(bp,str) <= 0) goto err;
+ i=OBJ_obj2nid(ri->pubkey->algor->algorithm);
+ sprintf(str,"%12sPublic Key Algorithm: %s\n","",
+ (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i));
+ if (BIO_puts(bp,str) <= 0) goto err;
+
+ pkey=X509_REQ_get_pubkey(x);
+#ifndef NO_RSA
+ if (pkey->type == EVP_PKEY_RSA)
+ {
+ BIO_printf(bp,"%12sRSA Public Key: (%d bit)\n","",
+ BN_num_bits(pkey->pkey.rsa->n));
+ RSA_print(bp,pkey->pkey.rsa,16);
+ }
+ else
+#endif
+#ifndef NO_DSA
+ if (pkey->type == EVP_PKEY_DSA)
+ {
+ BIO_printf(bp,"%12sDSA Public Key:\n","");
+ DSA_print(bp,pkey->pkey.dsa,16);
+ }
+ else
+#endif
+ BIO_printf(bp,"%12sUnknown Public Key:\n","");
+
+ /* may not be */
+ sprintf(str,"%8sAttributes:\n","");
+ if (BIO_puts(bp,str) <= 0) goto err;
+
+ sk=x->req_info->attributes;
+ if ((sk == NULL) || (sk_num(sk) == 0))
+ {
+ if (!x->req_info->req_kludge)
+ {
+ sprintf(str,"%12sa0:00\n","");
+ if (BIO_puts(bp,str) <= 0) goto err;
+ }
+ }
+ else
+ {
+ for (i=0; i<sk_num(sk); i++)
+ {
+ ASN1_TYPE *at;
+ X509_ATTRIBUTE *a;
+ ASN1_BIT_STRING *bs=NULL;
+ ASN1_TYPE *t;
+ int j,type=0,count=1,ii=0;
+
+ a=(X509_ATTRIBUTE *)sk_value(sk,i);
+ sprintf(str,"%12s","");
+ if (BIO_puts(bp,str) <= 0) goto err;
+ if ((j=i2a_ASN1_OBJECT(bp,a->object)) > 0)
+
+ if (a->set)
+ {
+ ii=0;
+ count=sk_num(a->value.set);
+get_next:
+ at=(ASN1_TYPE *)sk_value(a->value.set,ii);
+ type=at->type;
+ bs=at->value.asn1_string;
+ }
+ else
+ {
+ t=a->value.single;
+ type=t->type;
+ bs=t->value.bit_string;
+ }
+ for (j=25-j; j>0; j--)
+ if (BIO_write(bp," ",1) != 1) goto err;
+ if (BIO_puts(bp,":") <= 0) goto err;
+ if ( (type == V_ASN1_PRINTABLESTRING) ||
+ (type == V_ASN1_T61STRING) ||
+ (type == V_ASN1_IA5STRING))
+ {
+ if (BIO_write(bp,(char *)bs->data,bs->length)
+ != bs->length)
+ goto err;
+ BIO_puts(bp,"\n");
+ }
+ else
+ {
+ BIO_puts(bp,"unable to print attribute\n");
+ }
+ if (++ii < count) goto get_next;
+ }
+ }
+
+ i=OBJ_obj2nid(x->sig_alg->algorithm);
+ sprintf(str,"%4sSignature Algorithm: %s","",
+ (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i));
+ if (BIO_puts(bp,str) <= 0) goto err;
+
+ n=x->signature->length;
+ s=(char *)x->signature->data;
+ for (i=0; i<n; i++)
+ {
+ if ((i%18) == 0)
+ {
+ sprintf(str,"\n%8s","");
+ if (BIO_puts(bp,str) <= 0) goto err;
+ }
+ sprintf(str,"%02x%s",(unsigned char)s[i],((i+1) == n)?"":":");
+ if (BIO_puts(bp,str) <= 0) goto err;
+ }
+ if (BIO_puts(bp,"\n") <= 0) goto err;
+ return(1);
+err:
+ X509err(X509_F_X509_REQ_PRINT,ERR_R_BUF_LIB);
+ return(0);
+ }
diff --git a/src/lib/libssl/src/crypto/asn1/t_x509.c b/src/lib/libssl/src/crypto/asn1/t_x509.c
new file mode 100644
index 0000000000..b10fbbb992
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/t_x509.c
@@ -0,0 +1,386 @@
+/* crypto/asn1/t_x509.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "buffer.h"
+#include "bn.h"
+#ifndef NO_RSA
+#include "rsa.h"
+#endif
+#ifndef NO_DSA
+#include "dsa.h"
+#endif
+#include "objects.h"
+#include "x509.h"
+
+#ifndef NO_FP_API
+int X509_print_fp(fp,x)
+FILE *fp;
+X509 *x;
+ {
+ BIO *b;
+ int ret;
+
+ if ((b=BIO_new(BIO_s_file())) == NULL)
+ {
+ X509err(X509_F_X509_PRINT_FP,ERR_R_BUF_LIB);
+ return(0);
+ }
+ BIO_set_fp(b,fp,BIO_NOCLOSE);
+ ret=X509_print(b, x);
+ BIO_free(b);
+ return(ret);
+ }
+#endif
+
+int X509_print(bp,x)
+BIO *bp;
+X509 *x;
+ {
+ long l;
+ int ret=0,i,j,n;
+ char *m=NULL,*s;
+ X509_CINF *ci;
+ ASN1_INTEGER *bs;
+ EVP_PKEY *pkey=NULL;
+ char *neg;
+ X509_EXTENSION *ex;
+ ASN1_STRING *str=NULL;
+
+ ci=x->cert_info;
+ if (BIO_write(bp,"Certificate:\n",13) <= 0) goto err;
+ if (BIO_write(bp," Data:\n",10) <= 0) goto err;
+ l=X509_get_version(x);
+ if (BIO_printf(bp,"%8sVersion: %lu (0x%lx)\n","",l+1,l) <= 0) goto err;
+ if (BIO_write(bp," Serial Number:",22) <= 0) goto err;
+
+ bs=X509_get_serialNumber(x);
+ if (bs->length <= 4)
+ {
+ l=ASN1_INTEGER_get(bs);
+ if (l < 0)
+ {
+ l= -l;
+ neg="-";
+ }
+ else
+ neg="";
+ if (BIO_printf(bp," %s%lu (%s0x%lx)\n",neg,l,neg,l) <= 0)
+ goto err;
+ }
+ else
+ {
+ neg=(bs->type == V_ASN1_NEG_INTEGER)?" (Negative)":"";
+ if (BIO_printf(bp,"\n%12s%s","",neg) <= 0) goto err;
+
+ for (i=0; i<bs->length; i++)
+ {
+ if (BIO_printf(bp,"%02x%c",bs->data[i],
+ ((i+1 == bs->length)?'\n':':')) <= 0)
+ goto err;
+ }
+ }
+
+ i=OBJ_obj2nid(ci->signature->algorithm);
+ if (BIO_printf(bp,"%8sSignature Algorithm: %s\n","",
+ (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0)
+ goto err;
+
+ if (BIO_write(bp," Issuer: ",16) <= 0) goto err;
+ if (!X509_NAME_print(bp,X509_get_issuer_name(x),16)) goto err;
+ if (BIO_write(bp,"\n Validity\n",18) <= 0) goto err;
+ if (BIO_write(bp," Not Before: ",24) <= 0) goto err;
+ if (!ASN1_UTCTIME_print(bp,X509_get_notBefore(x))) goto err;
+ if (BIO_write(bp,"\n Not After : ",25) <= 0) goto err;
+ if (!ASN1_UTCTIME_print(bp,X509_get_notAfter(x))) goto err;
+ if (BIO_write(bp,"\n Subject: ",18) <= 0) goto err;
+ if (!X509_NAME_print(bp,X509_get_subject_name(x),16)) goto err;
+ if (BIO_write(bp,"\n Subject Public Key Info:\n",34) <= 0)
+ goto err;
+ i=OBJ_obj2nid(ci->key->algor->algorithm);
+ if (BIO_printf(bp,"%12sPublic Key Algorithm: %s\n","",
+ (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0) goto err;
+
+ pkey=X509_get_pubkey(x);
+#ifndef NO_RSA
+ if (pkey->type == EVP_PKEY_RSA)
+ {
+ BIO_printf(bp,"%12sRSA Public Key: (%d bit)\n","",
+ BN_num_bits(pkey->pkey.rsa->n));
+ RSA_print(bp,pkey->pkey.rsa,16);
+ }
+ else
+#endif
+#ifndef NO_DSA
+ if (pkey->type == EVP_PKEY_DSA)
+ {
+ BIO_printf(bp,"%12sDSA Public Key:\n","");
+ DSA_print(bp,pkey->pkey.dsa,16);
+ }
+ else
+#endif
+ BIO_printf(bp,"%12sDSA Public Key:\n","");
+
+ n=X509_get_ext_count(x);
+ if (n > 0)
+ {
+ BIO_printf(bp,"%8sX509v3 extensions:\n","");
+ for (i=0; i<n; i++)
+ {
+ int data_type,pack_type;
+ ASN1_OBJECT *obj;
+
+ ex=X509_get_ext(x,i);
+ if (BIO_printf(bp,"%12s","") <= 0) goto err;
+ obj=X509_EXTENSION_get_object(ex);
+ i2a_ASN1_OBJECT(bp,obj);
+ j=X509_EXTENSION_get_critical(ex);
+ if (BIO_printf(bp,": %s\n%16s",j?"critical":"","") <= 0)
+ goto err;
+
+ pack_type=X509v3_pack_type_by_OBJ(obj);
+ data_type=X509v3_data_type_by_OBJ(obj);
+
+ if (pack_type == X509_EXT_PACK_STRING)
+ {
+ if (X509v3_unpack_string(
+ &str,data_type,
+ X509_EXTENSION_get_data(ex)) == NULL)
+ {
+ /* hmm... */
+ goto err;
+ }
+ if ( (data_type == V_ASN1_IA5STRING) ||
+ (data_type == V_ASN1_PRINTABLESTRING) ||
+ (data_type == V_ASN1_T61STRING))
+ {
+ if (BIO_write(bp,(char *)str->data,
+ str->length) <= 0)
+ goto err;
+ }
+ else if (data_type == V_ASN1_BIT_STRING)
+ {
+ BIO_printf(bp,"0x");
+ for (j=0; j<str->length; j++)
+ {
+ BIO_printf(bp,"%02X",
+ str->data[j]);
+ }
+ }
+ }
+ else
+ {
+ ASN1_OCTET_STRING_print(bp,ex->value);
+ }
+ if (BIO_write(bp,"\n",1) <= 0) goto err;
+ }
+ }
+
+ i=OBJ_obj2nid(x->sig_alg->algorithm);
+ if (BIO_printf(bp,"%4sSignature Algorithm: %s","",
+ (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0) goto err;
+
+ n=x->signature->length;
+ s=(char *)x->signature->data;
+ for (i=0; i<n; i++)
+ {
+ if ((i%18) == 0)
+ if (BIO_write(bp,"\n ",9) <= 0) goto err;
+ if (BIO_printf(bp,"%02x%s",(unsigned char)s[i],
+ ((i+1) == n)?"":":") <= 0) goto err;
+ }
+ if (BIO_write(bp,"\n",1) != 1) goto err;
+ ret=1;
+err:
+ if (str != NULL) ASN1_STRING_free(str);
+ if (m != NULL) Free((char *)m);
+ return(ret);
+ }
+
+int ASN1_STRING_print(bp,v)
+BIO *bp;
+ASN1_STRING *v;
+ {
+ int i,n;
+ char buf[80],*p;;
+
+ if (v == NULL) return(0);
+ n=0;
+ p=(char *)v->data;
+ for (i=0; i<v->length; i++)
+ {
+ if ((p[i] > '~') || ((p[i] < ' ') &&
+ (p[i] != '\n') && (p[i] != '\r')))
+ buf[n]='.';
+ else
+ buf[n]=p[i];
+ n++;
+ if (n >= 80)
+ {
+ if (BIO_write(bp,buf,n) <= 0)
+ return(0);
+ n=0;
+ }
+ }
+ if (n > 0)
+ if (BIO_write(bp,buf,n) <= 0)
+ return(0);
+ return(1);
+ }
+
+int ASN1_UTCTIME_print(bp,tm)
+BIO *bp;
+ASN1_UTCTIME *tm;
+ {
+ char *v;
+ int gmt=0;
+ static char *mon[12]={
+ "Jan","Feb","Mar","Apr","May","Jun",
+ "Jul","Aug","Sep","Oct","Nov","Dec"};
+ int i;
+ int y=0,M=0,d=0,h=0,m=0,s=0;
+
+ i=tm->length;
+ v=(char *)tm->data;
+
+ if (i < 10) goto err;
+ if (v[i-1] == 'Z') gmt=1;
+ for (i=0; i<10; i++)
+ if ((v[i] > '9') || (v[i] < '0')) goto err;
+ y= (v[0]-'0')*10+(v[1]-'0');
+ if (y < 50) y+=100;
+ M= (v[2]-'0')*10+(v[3]-'0');
+ if ((M > 12) || (M < 1)) goto err;
+ d= (v[4]-'0')*10+(v[5]-'0');
+ h= (v[6]-'0')*10+(v[7]-'0');
+ m= (v[8]-'0')*10+(v[9]-'0');
+ if ( (v[10] >= '0') && (v[10] <= '9') &&
+ (v[11] >= '0') && (v[11] <= '9'))
+ s= (v[10]-'0')*10+(v[11]-'0');
+
+ if (BIO_printf(bp,"%s %2d %02d:%02d:%02d %d%s",
+ mon[M-1],d,h,m,s,y+1900,(gmt)?" GMT":"") <= 0)
+ return(0);
+ else
+ return(1);
+err:
+ BIO_write(bp,"Bad time value",14);
+ return(0);
+ }
+
+int X509_NAME_print(bp,name,obase)
+BIO *bp;
+X509_NAME *name;
+int obase;
+ {
+ char *s,*c;
+ int ret=0,l,ll,i,first=1;
+ char buf[256];
+
+ ll=80-2-obase;
+
+ s=X509_NAME_oneline(name,buf,256);
+ s++; /* skip the first slash */
+
+ l=ll;
+ c=s;
+ for (;;)
+ {
+ if ( ((*s == '/') &&
+ ((s[1] >= 'A') && (s[1] <= 'Z') && (
+ (s[2] == '=') ||
+ ((s[2] >= 'A') && (s[2] <= 'Z') &&
+ (s[3] == '='))
+ ))) ||
+ (*s == '\0'))
+ {
+ if ((l <= 0) && !first)
+ {
+ first=0;
+ if (BIO_write(bp,"\n",1) != 1) goto err;
+ for (i=0; i<obase; i++)
+ {
+ if (BIO_write(bp," ",1) != 1) goto err;
+ }
+ l=ll;
+ }
+ i=s-c;
+ if (BIO_write(bp,c,i) != i) goto err;
+ c+=i;
+ c++;
+ if (*s != '\0')
+ {
+ if (BIO_write(bp,", ",2) != 2) goto err;
+ }
+ l--;
+ }
+ if (*s == '\0') break;
+ s++;
+ l--;
+ }
+
+ ret=1;
+ if (0)
+ {
+err:
+ X509err(X509_F_X509_NAME_PRINT,ERR_R_BUF_LIB);
+ }
+ return(ret);
+ }
+
diff --git a/src/lib/libssl/src/crypto/asn1/x_algor.c b/src/lib/libssl/src/crypto/asn1/x_algor.c
new file mode 100644
index 0000000000..0ed2c87b64
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/x_algor.c
@@ -0,0 +1,126 @@
+/* crypto/asn1/x_algor.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_X509_ALGOR,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_X509_ALGOR_NEW,ASN1_R_EXPECTING_A_SEQUENCE);
+ * ASN1err(ASN1_F_D2I_X509_ALGOR,ASN1_R_LENGTH_MISMATCH);
+ */
+
+int i2d_X509_ALGOR(a,pp)
+X509_ALGOR *a;
+unsigned char **pp;
+ {
+ M_ASN1_I2D_vars(a);
+
+ M_ASN1_I2D_len(a->algorithm,i2d_ASN1_OBJECT);
+ if (a->parameter != NULL)
+ { M_ASN1_I2D_len(a->parameter,i2d_ASN1_TYPE); }
+
+ M_ASN1_I2D_seq_total();
+ M_ASN1_I2D_put(a->algorithm,i2d_ASN1_OBJECT);
+ if (a->parameter != NULL)
+ { M_ASN1_I2D_put(a->parameter,i2d_ASN1_TYPE); }
+
+ M_ASN1_I2D_finish();
+ }
+
+X509_ALGOR *d2i_X509_ALGOR(a,pp,length)
+X509_ALGOR **a;
+unsigned char **pp;
+long length;
+ {
+ M_ASN1_D2I_vars(a,X509_ALGOR *,X509_ALGOR_new);
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(ret->algorithm,d2i_ASN1_OBJECT);
+ if (!M_ASN1_D2I_end_sequence())
+ { M_ASN1_D2I_get(ret->parameter,d2i_ASN1_TYPE); }
+ else
+ {
+ ASN1_TYPE_free(ret->parameter);
+ ret->parameter=NULL;
+ }
+ M_ASN1_D2I_Finish(a,X509_ALGOR_free,ASN1_F_D2I_X509_ALGOR);
+ }
+
+X509_ALGOR *X509_ALGOR_new()
+ {
+ X509_ALGOR *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,X509_ALGOR);
+ M_ASN1_New(ret->algorithm,ASN1_OBJECT_new);
+ ret->parameter=NULL;
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_X509_ALGOR_NEW);
+ }
+
+void X509_ALGOR_free(a)
+X509_ALGOR *a;
+ {
+ if (a == NULL) return;
+ ASN1_OBJECT_free(a->algorithm);
+ ASN1_TYPE_free(a->parameter);
+ Free((char *)a);
+ }
+
diff --git a/src/lib/libssl/src/crypto/asn1/x_attrib.c b/src/lib/libssl/src/crypto/asn1/x_attrib.c
new file mode 100644
index 0000000000..e52ced8627
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/x_attrib.c
@@ -0,0 +1,152 @@
+/* crypto/asn1/x_attrib.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "objects.h"
+#include "asn1_mac.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_X509_ATTRIBUTE,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_X509_ATTRIBUTE_NEW,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE);
+ * ASN1err(ASN1_F_I2D_X509_ATTRIBUTE,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE);
+ */
+
+/* sequence */
+int i2d_X509_ATTRIBUTE(a,pp)
+X509_ATTRIBUTE *a;
+unsigned char **pp;
+ {
+ int k=0;
+ int r=0,ret=0;
+ unsigned char **p=NULL;
+
+ if (a == NULL) return(0);
+
+ p=NULL;
+ for (;;)
+ {
+ if (k)
+ {
+ r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE);
+ if (pp == NULL) return(r);
+ p=pp;
+ ASN1_put_object(p,1,ret,V_ASN1_SEQUENCE,
+ V_ASN1_UNIVERSAL);
+ }
+
+ ret+=i2d_ASN1_OBJECT(a->object,p);
+ if (a->set)
+ ret+=i2d_ASN1_SET(a->value.set,p,i2d_ASN1_TYPE,
+ V_ASN1_SET,V_ASN1_UNIVERSAL);
+ else
+ ret+=i2d_ASN1_TYPE(a->value.single,p);
+ if (k++) return(r);
+ }
+ }
+
+X509_ATTRIBUTE *d2i_X509_ATTRIBUTE(a,pp,length)
+X509_ATTRIBUTE **a;
+unsigned char **pp;
+long length;
+ {
+ M_ASN1_D2I_vars(a,X509_ATTRIBUTE *,X509_ATTRIBUTE_new);
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(ret->object,d2i_ASN1_OBJECT);
+
+ if ((c.slen != 0) &&
+ (M_ASN1_next == (V_ASN1_CONSTRUCTED|V_ASN1_UNIVERSAL|V_ASN1_SET)))
+ {
+ ret->set=1;
+ M_ASN1_D2I_get_set(ret->value.set,d2i_ASN1_TYPE);
+ }
+ else
+ {
+ ret->set=0;
+ M_ASN1_D2I_get(ret->value.single,d2i_ASN1_TYPE);
+ }
+
+ M_ASN1_D2I_Finish(a,X509_ATTRIBUTE_free,ASN1_F_D2I_X509_ATTRIBUTE);
+ }
+
+X509_ATTRIBUTE *X509_ATTRIBUTE_new()
+ {
+ X509_ATTRIBUTE *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,X509_ATTRIBUTE);
+ M_ASN1_New(ret->object,ASN1_OBJECT_new);
+ ret->set=0;
+ ret->value.ptr=NULL;
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_X509_ATTRIBUTE_NEW);
+ }
+
+void X509_ATTRIBUTE_free(a)
+X509_ATTRIBUTE *a;
+ {
+ if (a == NULL) return;
+ ASN1_OBJECT_free(a->object);
+ if (a->set)
+ sk_pop_free(a->value.set,ASN1_TYPE_free);
+ else
+ ASN1_TYPE_free(a->value.single);
+ Free((char *)a);
+ }
+
diff --git a/src/lib/libssl/src/crypto/asn1/x_crl.c b/src/lib/libssl/src/crypto/asn1/x_crl.c
new file mode 100644
index 0000000000..13acdab427
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/x_crl.c
@@ -0,0 +1,353 @@
+/* crypto/asn1/x_crl.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+#include "x509.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_X509_CRL,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_D2I_X509_CRL_INFO,ASN1_R_EXPECTING_A_SEQUENCE);
+ * ASN1err(ASN1_F_D2I_X509_REVOKED,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_X509_CRL_NEW,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_X509_CRL_INFO_NEW,ASN1_R_EXPECTING_A_SEQUENCE);
+ * ASN1err(ASN1_F_X509_REVOKED_NEW,ASN1_R_LENGTH_MISMATCH);
+ */
+
+#ifndef NOPROTO
+static int X509_REVOKED_cmp(X509_REVOKED **a,X509_REVOKED **b);
+static int X509_REVOKED_seq_cmp(X509_REVOKED **a,X509_REVOKED **b);
+#else
+static int X509_REVOKED_cmp();
+static int X509_REVOKED_seq_cmp();
+#endif
+
+int i2d_X509_REVOKED(a,pp)
+X509_REVOKED *a;
+unsigned char **pp;
+ {
+ M_ASN1_I2D_vars(a);
+
+ M_ASN1_I2D_len(a->serialNumber,i2d_ASN1_INTEGER);
+ M_ASN1_I2D_len(a->revocationDate,i2d_ASN1_UTCTIME);
+ M_ASN1_I2D_len_SEQ_opt(a->extensions,i2d_X509_EXTENSION);
+
+ M_ASN1_I2D_seq_total();
+
+ M_ASN1_I2D_put(a->serialNumber,i2d_ASN1_INTEGER);
+ M_ASN1_I2D_put(a->revocationDate,i2d_ASN1_UTCTIME);
+ M_ASN1_I2D_put_SEQ_opt(a->extensions,i2d_X509_EXTENSION);
+
+ M_ASN1_I2D_finish();
+ }
+
+X509_REVOKED *d2i_X509_REVOKED(a,pp,length)
+X509_REVOKED **a;
+unsigned char **pp;
+long length;
+ {
+ M_ASN1_D2I_vars(a,X509_REVOKED *,X509_REVOKED_new);
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(ret->serialNumber,d2i_ASN1_INTEGER);
+ M_ASN1_D2I_get(ret->revocationDate,d2i_ASN1_UTCTIME);
+ M_ASN1_D2I_get_seq_opt(ret->extensions,d2i_X509_EXTENSION);
+ M_ASN1_D2I_Finish(a,X509_REVOKED_free,ASN1_F_D2I_X509_REVOKED);
+ }
+
+int i2d_X509_CRL_INFO(a,pp)
+X509_CRL_INFO *a;
+unsigned char **pp;
+ {
+ int v1=0;
+ long l=0;
+ M_ASN1_I2D_vars(a);
+
+ if (sk_num(a->revoked) != 0)
+ qsort((char *)a->revoked->data,sk_num(a->revoked),
+ sizeof(X509_REVOKED *),(int (*)(P_CC_CC))X509_REVOKED_seq_cmp);
+ if ((a->version != NULL) && ((l=ASN1_INTEGER_get(a->version)) != 0))
+ {
+ M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER);
+ }
+ M_ASN1_I2D_len(a->sig_alg,i2d_X509_ALGOR);
+ M_ASN1_I2D_len(a->issuer,i2d_X509_NAME);
+ M_ASN1_I2D_len(a->lastUpdate,i2d_ASN1_UTCTIME);
+ if (a->nextUpdate != NULL)
+ { M_ASN1_I2D_len(a->nextUpdate,i2d_ASN1_UTCTIME); }
+ M_ASN1_I2D_len_SEQ_opt(a->revoked,i2d_X509_REVOKED);
+ M_ASN1_I2D_len_EXP_set_opt(a->extensions,i2d_X509_EXTENSION,0,
+ V_ASN1_SEQUENCE,v1);
+
+ M_ASN1_I2D_seq_total();
+
+ if ((a->version != NULL) && (l != 0))
+ {
+ M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER);
+ }
+ M_ASN1_I2D_put(a->sig_alg,i2d_X509_ALGOR);
+ M_ASN1_I2D_put(a->issuer,i2d_X509_NAME);
+ M_ASN1_I2D_put(a->lastUpdate,i2d_ASN1_UTCTIME);
+ if (a->nextUpdate != NULL)
+ { M_ASN1_I2D_put(a->nextUpdate,i2d_ASN1_UTCTIME); }
+ M_ASN1_I2D_put_SEQ_opt(a->revoked,i2d_X509_REVOKED);
+ M_ASN1_I2D_put_EXP_set_opt(a->extensions,i2d_X509_EXTENSION,0,
+ V_ASN1_SEQUENCE,v1);
+
+ M_ASN1_I2D_finish();
+ }
+
+X509_CRL_INFO *d2i_X509_CRL_INFO(a,pp,length)
+X509_CRL_INFO **a;
+unsigned char **pp;
+long length;
+ {
+ int i,ver=0;
+ M_ASN1_D2I_vars(a,X509_CRL_INFO *,X509_CRL_INFO_new);
+
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get_opt(ret->version,d2i_ASN1_INTEGER,V_ASN1_INTEGER);
+ if (ret->version != NULL)
+ ver=ret->version->data[0];
+
+ if ((ver == 0) && (ret->version != NULL))
+ {
+ ASN1_INTEGER_free(ret->version);
+ ret->version=NULL;
+ }
+ M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR);
+ M_ASN1_D2I_get(ret->issuer,d2i_X509_NAME);
+ M_ASN1_D2I_get(ret->lastUpdate,d2i_ASN1_UTCTIME);
+ M_ASN1_D2I_get_opt(ret->nextUpdate,d2i_ASN1_UTCTIME,V_ASN1_UTCTIME);
+ if (ret->revoked != NULL)
+ {
+ while (sk_num(ret->revoked))
+ X509_REVOKED_free((X509_REVOKED *)sk_pop(ret->revoked));
+ }
+ M_ASN1_D2I_get_seq_opt(ret->revoked,d2i_X509_REVOKED);
+
+ if (ret->revoked != NULL)
+ {
+ for (i=0; i<sk_num(ret->revoked); i++)
+ {
+ ((X509_REVOKED *)sk_value(ret->revoked,i))->sequence=i;
+ }
+ }
+
+ if (ver >= 1)
+ {
+ if (ret->extensions != NULL)
+ {
+ while (sk_num(ret->extensions))
+ X509_EXTENSION_free((X509_EXTENSION *)
+ sk_pop(ret->extensions));
+ }
+
+ M_ASN1_D2I_get_EXP_set_opt(ret->extensions,d2i_X509_EXTENSION,
+ 0,V_ASN1_SEQUENCE);
+ }
+
+ M_ASN1_D2I_Finish(a,X509_CRL_INFO_free,ASN1_F_D2I_X509_CRL_INFO);
+ }
+
+int i2d_X509_CRL(a,pp)
+X509_CRL *a;
+unsigned char **pp;
+ {
+ M_ASN1_I2D_vars(a);
+
+ M_ASN1_I2D_len(a->crl,i2d_X509_CRL_INFO);
+ M_ASN1_I2D_len(a->sig_alg,i2d_X509_ALGOR);
+ M_ASN1_I2D_len(a->signature,i2d_ASN1_BIT_STRING);
+
+ M_ASN1_I2D_seq_total();
+
+ M_ASN1_I2D_put(a->crl,i2d_X509_CRL_INFO);
+ M_ASN1_I2D_put(a->sig_alg,i2d_X509_ALGOR);
+ M_ASN1_I2D_put(a->signature,i2d_ASN1_BIT_STRING);
+
+ M_ASN1_I2D_finish();
+ }
+
+X509_CRL *d2i_X509_CRL(a,pp,length)
+X509_CRL **a;
+unsigned char **pp;
+long length;
+ {
+ M_ASN1_D2I_vars(a,X509_CRL *,X509_CRL_new);
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(ret->crl,d2i_X509_CRL_INFO);
+ M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR);
+ M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING);
+
+ M_ASN1_D2I_Finish(a,X509_CRL_free,ASN1_F_D2I_X509_CRL);
+ }
+
+
+X509_REVOKED *X509_REVOKED_new()
+ {
+ X509_REVOKED *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,X509_REVOKED);
+ M_ASN1_New(ret->serialNumber,ASN1_INTEGER_new);
+ M_ASN1_New(ret->revocationDate,ASN1_UTCTIME_new);
+ ret->extensions=NULL;
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_X509_REVOKED_NEW);
+ }
+
+X509_CRL_INFO *X509_CRL_INFO_new()
+ {
+ X509_CRL_INFO *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,X509_CRL_INFO);
+ ret->version=NULL;
+ M_ASN1_New(ret->sig_alg,X509_ALGOR_new);
+ M_ASN1_New(ret->issuer,X509_NAME_new);
+ M_ASN1_New(ret->lastUpdate,ASN1_UTCTIME_new);
+ ret->nextUpdate=NULL;
+ M_ASN1_New(ret->revoked,sk_new_null);
+ M_ASN1_New(ret->extensions,sk_new_null);
+ ret->revoked->comp=(int (*)())X509_REVOKED_cmp;
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_X509_CRL_INFO_NEW);
+ }
+
+X509_CRL *X509_CRL_new()
+ {
+ X509_CRL *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,X509_CRL);
+ ret->references=1;
+ M_ASN1_New(ret->crl,X509_CRL_INFO_new);
+ M_ASN1_New(ret->sig_alg,X509_ALGOR_new);
+ M_ASN1_New(ret->signature,ASN1_BIT_STRING_new);
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_X509_CRL_NEW);
+ }
+
+void X509_REVOKED_free(a)
+X509_REVOKED *a;
+ {
+ if (a == NULL) return;
+ ASN1_INTEGER_free(a->serialNumber);
+ ASN1_UTCTIME_free(a->revocationDate);
+ sk_pop_free(a->extensions,X509_EXTENSION_free);
+ Free((char *)a);
+ }
+
+void X509_CRL_INFO_free(a)
+X509_CRL_INFO *a;
+ {
+ if (a == NULL) return;
+ ASN1_INTEGER_free(a->version);
+ X509_ALGOR_free(a->sig_alg);
+ X509_NAME_free(a->issuer);
+ ASN1_UTCTIME_free(a->lastUpdate);
+ if (a->nextUpdate)
+ ASN1_UTCTIME_free(a->nextUpdate);
+ sk_pop_free(a->revoked,X509_REVOKED_free);
+ sk_pop_free(a->extensions,X509_EXTENSION_free);
+ Free((char *)a);
+ }
+
+void X509_CRL_free(a)
+X509_CRL *a;
+ {
+ int i;
+
+ if (a == NULL) return;
+
+ i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_X509_CRL);
+#ifdef REF_PRINT
+ REF_PRINT("X509_CRL",a);
+#endif
+ if (i > 0) return;
+#ifdef REF_CHECK
+ if (i < 0)
+ {
+ fprintf(stderr,"X509_CRL_free, bad reference count\n");
+ abort();
+ }
+#endif
+
+ X509_CRL_INFO_free(a->crl);
+ X509_ALGOR_free(a->sig_alg);
+ ASN1_BIT_STRING_free(a->signature);
+ Free((char *)a);
+ }
+
+static int X509_REVOKED_cmp(a,b)
+X509_REVOKED **a,**b;
+ {
+ return(ASN1_STRING_cmp(
+ (ASN1_STRING *)(*a)->serialNumber,
+ (ASN1_STRING *)(*b)->serialNumber));
+ }
+
+static int X509_REVOKED_seq_cmp(a,b)
+X509_REVOKED **a,**b;
+ {
+ return((*a)->sequence-(*b)->sequence);
+ }
diff --git a/src/lib/libssl/src/crypto/asn1/x_exten.c b/src/lib/libssl/src/crypto/asn1/x_exten.c
new file mode 100644
index 0000000000..54ffe2f00b
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/x_exten.c
@@ -0,0 +1,156 @@
+/* crypto/asn1/x_exten.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "objects.h"
+#include "asn1_mac.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_X509_EXTENSION,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_X509_EXTENSION_NEW,ASN1_R_LENGTH_MISMATCH);
+ */
+
+int i2d_X509_EXTENSION(a,pp)
+X509_EXTENSION *a;
+unsigned char **pp;
+ {
+ int k=0;
+ int r=0,ret=0;
+ unsigned char **p=NULL;
+
+ if (a == NULL) return(0);
+
+ p=NULL;
+ for (;;)
+ {
+ if (k)
+ {
+ r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE);
+ if (pp == NULL) return(r);
+ p=pp;
+ ASN1_put_object(p,1,ret,V_ASN1_SEQUENCE,
+ V_ASN1_UNIVERSAL);
+ }
+
+ ret+=i2d_ASN1_OBJECT(a->object,p);
+ if ((a->critical) || a->netscape_hack)
+ ret+=i2d_ASN1_BOOLEAN(a->critical,p);
+ ret+=i2d_ASN1_OCTET_STRING(a->value,p);
+ if (k++) return(r);
+ }
+ }
+
+X509_EXTENSION *d2i_X509_EXTENSION(a,pp,length)
+X509_EXTENSION **a;
+unsigned char **pp;
+long length;
+ {
+ int i;
+ M_ASN1_D2I_vars(a,X509_EXTENSION *,X509_EXTENSION_new);
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(ret->object,d2i_ASN1_OBJECT);
+
+ if ((ret->argp != NULL) && (ret->ex_free != NULL))
+ ret->ex_free(ret);
+ ret->argl=0;
+ ret->argp=NULL;
+ ret->netscape_hack=0;
+ if ((c.slen != 0) &&
+ (M_ASN1_next == (V_ASN1_UNIVERSAL|V_ASN1_BOOLEAN)))
+ {
+ c.q=c.p;
+ if (d2i_ASN1_BOOLEAN(&i,&c.p,c.slen) < 0) goto err;
+ ret->critical=i;
+ c.slen-=(c.p-c.q);
+ if (ret->critical == 0) ret->netscape_hack=1;
+ }
+ M_ASN1_D2I_get(ret->value,d2i_ASN1_OCTET_STRING);
+
+ M_ASN1_D2I_Finish(a,X509_EXTENSION_free,ASN1_F_D2I_X509_EXTENSION);
+ }
+
+X509_EXTENSION *X509_EXTENSION_new()
+ {
+ X509_EXTENSION *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,X509_EXTENSION);
+ M_ASN1_New(ret->object,ASN1_OBJECT_new);
+ M_ASN1_New(ret->value,ASN1_OCTET_STRING_new);
+ ret->critical=0;
+ ret->netscape_hack=0;
+ ret->argl=0L;
+ ret->argp=NULL;
+ ret->ex_free=NULL;
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_X509_EXTENSION_NEW);
+ }
+
+void X509_EXTENSION_free(a)
+X509_EXTENSION *a;
+ {
+ if (a == NULL) return;
+ if ((a->argp != NULL) && (a->ex_free != NULL))
+ a->ex_free(a);
+ ASN1_OBJECT_free(a->object);
+ ASN1_OCTET_STRING_free(a->value);
+ Free((char *)a);
+ }
+
diff --git a/src/lib/libssl/src/crypto/asn1/x_info.c b/src/lib/libssl/src/crypto/asn1/x_info.c
new file mode 100644
index 0000000000..b55f0ce77a
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/x_info.c
@@ -0,0 +1,111 @@
+/* crypto/asn1/x_info.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "asn1_mac.h"
+#include "x509.h"
+
+X509_INFO *X509_INFO_new()
+ {
+ X509_INFO *ret=NULL;
+
+ ret=(X509_INFO *)Malloc(sizeof(X509_INFO));
+ if (ret == NULL)
+ {
+ ASN1err(ASN1_F_X509_INFO_NEW,ERR_R_MALLOC_FAILURE);
+ return(NULL);
+ }
+
+ ret->enc_cipher.cipher=NULL;
+ ret->enc_len=0;
+ ret->enc_data=NULL;
+
+ ret->references=1;
+ ret->x509=NULL;
+ ret->crl=NULL;
+ ret->x_pkey=NULL;
+ return(ret);
+ }
+
+void X509_INFO_free(x)
+X509_INFO *x;
+ {
+ int i;
+
+ if (x == NULL) return;
+
+ i=CRYPTO_add(&x->references,-1,CRYPTO_LOCK_X509_INFO);
+#ifdef REF_PRINT
+ REF_PRINT("X509_INFO",x);
+#endif
+ if (i > 0) return;
+#ifdef REF_CHECK
+ if (i < 0)
+ {
+ fprintf(stderr,"X509_INFO_free, bad reference count\n");
+ abort();
+ }
+#endif
+
+ if (x->x509 != NULL) X509_free(x->x509);
+ if (x->crl != NULL) X509_CRL_free(x->crl);
+ if (x->x_pkey != NULL) X509_PKEY_free(x->x_pkey);
+ Free((char *)x);
+ }
diff --git a/src/lib/libssl/src/crypto/asn1/x_name.c b/src/lib/libssl/src/crypto/asn1/x_name.c
new file mode 100644
index 0000000000..28b9c34b58
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/x_name.c
@@ -0,0 +1,295 @@
+/* crypto/asn1/x_name.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "objects.h"
+#include "asn1_mac.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_X509_NAME,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_X509_NAME_NEW,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE);
+ * ASN1err(ASN1_F_D2I_X509_NAME_ENTRY,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_X509_NAME_ENTRY_NEW,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE);
+ */
+
+#ifndef NOPROTO
+static int i2d_X509_NAME_entries(X509_NAME *a);
+#else
+static int i2d_X509_NAME_entries();
+#endif
+
+int i2d_X509_NAME_ENTRY(a,pp)
+X509_NAME_ENTRY *a;
+unsigned char **pp;
+ {
+ M_ASN1_I2D_vars(a);
+
+ M_ASN1_I2D_len(a->object,i2d_ASN1_OBJECT);
+ M_ASN1_I2D_len(a->value,i2d_ASN1_PRINTABLE);
+
+ M_ASN1_I2D_seq_total();
+
+ M_ASN1_I2D_put(a->object,i2d_ASN1_OBJECT);
+ M_ASN1_I2D_put(a->value,i2d_ASN1_PRINTABLE);
+
+ M_ASN1_I2D_finish();
+ }
+
+X509_NAME_ENTRY *d2i_X509_NAME_ENTRY(a,pp,length)
+X509_NAME_ENTRY **a;
+unsigned char **pp;
+long length;
+ {
+ M_ASN1_D2I_vars(a,X509_NAME_ENTRY *,X509_NAME_ENTRY_new);
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(ret->object,d2i_ASN1_OBJECT);
+ M_ASN1_D2I_get(ret->value,d2i_ASN1_PRINTABLE);
+ ret->set=0;
+ M_ASN1_D2I_Finish(a,X509_NAME_ENTRY_free,ASN1_F_D2I_X509_NAME_ENTRY);
+ }
+
+int i2d_X509_NAME(a,pp)
+X509_NAME *a;
+unsigned char **pp;
+ {
+ int ret;
+
+ if (a == NULL) return(0);
+ if (a->modified)
+ {
+ ret=i2d_X509_NAME_entries(a);
+ if (ret < 0) return(ret);
+ }
+
+ ret=a->bytes->length;
+ if (pp != NULL)
+ {
+ memcpy(*pp,a->bytes->data,ret);
+ *pp+=ret;
+ }
+ return(ret);
+ }
+
+static int i2d_X509_NAME_entries(a)
+X509_NAME *a;
+ {
+ X509_NAME_ENTRY *ne,*fe=NULL;
+ STACK *sk;
+ BUF_MEM *buf=NULL;
+ int set=0,r,ret=0;
+ int i;
+ unsigned char *p;
+ int size=0;
+
+ sk=a->entries;
+ for (i=0; i<sk_num(sk); i++)
+ {
+ ne=(X509_NAME_ENTRY *)sk_value(sk,i);
+ if (fe == NULL)
+ {
+ fe=ne;
+ size=0;
+ }
+
+ if (ne->set != set)
+ {
+ ret+=ASN1_object_size(1,size,V_ASN1_SET);
+ fe->size=size;
+ fe=ne;
+ size=0;
+ set=ne->set;
+ }
+ size+=i2d_X509_NAME_ENTRY(ne,NULL);
+ }
+
+ ret+=ASN1_object_size(1,size,V_ASN1_SET);
+ if (fe != NULL)
+ fe->size=size;
+
+ r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE);
+
+ buf=a->bytes;
+ if (!BUF_MEM_grow(buf,r)) goto err;
+ p=(unsigned char *)buf->data;
+
+ ASN1_put_object(&p,1,ret,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
+
+ set= -1;
+ for (i=0; i<sk_num(sk); i++)
+ {
+ ne=(X509_NAME_ENTRY *)sk_value(sk,i);
+ if (set != ne->set)
+ {
+ set=ne->set;
+ ASN1_put_object(&p,1,ne->size,
+ V_ASN1_SET,V_ASN1_UNIVERSAL);
+ }
+ i2d_X509_NAME_ENTRY(ne,&p);
+ }
+ a->modified=0;
+ return(r);
+err:
+ return(-1);
+ }
+
+X509_NAME *d2i_X509_NAME(a,pp,length)
+X509_NAME **a;
+unsigned char **pp;
+long length;
+ {
+ int set=0,i;
+ int idx=0;
+ unsigned char *orig;
+ M_ASN1_D2I_vars(a,X509_NAME *,X509_NAME_new);
+
+ orig= *pp;
+ if (sk_num(ret->entries) > 0)
+ {
+ while (sk_num(ret->entries) > 0)
+ X509_NAME_ENTRY_free((X509_NAME_ENTRY *)
+ sk_pop(ret->entries));
+ }
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ for (;;)
+ {
+ if (M_ASN1_D2I_end_sequence()) break;
+ M_ASN1_D2I_get_set(ret->entries,d2i_X509_NAME_ENTRY);
+ for (; idx < sk_num(ret->entries); idx++)
+ {
+ ((X509_NAME_ENTRY *)sk_value(ret->entries,idx))->set=
+ set;
+ }
+ set++;
+ }
+
+ i=(int)(c.p-orig);
+ if (!BUF_MEM_grow(ret->bytes,i)) goto err;
+ memcpy(ret->bytes->data,orig,i);
+ ret->bytes->length=i;
+ ret->modified=0;
+
+ M_ASN1_D2I_Finish(a,X509_NAME_free,ASN1_F_D2I_X509_NAME);
+ }
+
+X509_NAME *X509_NAME_new()
+ {
+ X509_NAME *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,X509_NAME);
+ if ((ret->entries=sk_new(NULL)) == NULL) goto err2;
+ M_ASN1_New(ret->bytes,BUF_MEM_new);
+ ret->modified=1;
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_X509_NAME_NEW);
+ }
+
+X509_NAME_ENTRY *X509_NAME_ENTRY_new()
+ {
+ X509_NAME_ENTRY *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,X509_NAME_ENTRY);
+/* M_ASN1_New(ret->object,ASN1_OBJECT_new);*/
+ ret->object=NULL;
+ ret->set=0;
+ M_ASN1_New(ret->value,ASN1_STRING_new);
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_X509_NAME_ENTRY_NEW);
+ }
+
+void X509_NAME_free(a)
+X509_NAME *a;
+ {
+ BUF_MEM_free(a->bytes);
+ sk_pop_free(a->entries,X509_NAME_ENTRY_free);
+ Free((char *)a);
+ }
+
+void X509_NAME_ENTRY_free(a)
+X509_NAME_ENTRY *a;
+ {
+ if (a == NULL) return;
+ ASN1_OBJECT_free(a->object);
+ ASN1_BIT_STRING_free(a->value);
+ Free((char *)a);
+ }
+
+int X509_NAME_set(xn,name)
+X509_NAME **xn;
+X509_NAME *name;
+ {
+ X509_NAME *in;
+
+ if (*xn == NULL) return(0);
+
+ if (*xn != name)
+ {
+ in=X509_NAME_dup(name);
+ if (in != NULL)
+ {
+ X509_NAME_free(*xn);
+ *xn=in;
+ }
+ }
+ return(*xn != NULL);
+ }
+
diff --git a/src/lib/libssl/src/crypto/asn1/x_pkey.c b/src/lib/libssl/src/crypto/asn1/x_pkey.c
new file mode 100644
index 0000000000..1d4d926129
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/x_pkey.c
@@ -0,0 +1,156 @@
+/* crypto/asn1/x_pkey.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+#include "asn1_mac.h"
+
+/* ASN1err(ASN1_F_D2I_X509_PKEY,ASN1_R_UNSUPPORTED_CIPHER); */
+/* ASN1err(ASN1_F_X509_PKEY_NEW,ASN1_R_IV_TOO_LARGE); */
+
+/* need to implement */
+int i2d_X509_PKEY(a,pp)
+X509_PKEY *a;
+unsigned char **pp;
+ {
+ return(0);
+ }
+
+X509_PKEY *d2i_X509_PKEY(a,pp,length)
+X509_PKEY **a;
+unsigned char **pp;
+long length;
+ {
+ int i;
+ M_ASN1_D2I_vars(a,X509_PKEY *,X509_PKEY_new);
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(ret->enc_algor,d2i_X509_ALGOR);
+ M_ASN1_D2I_get(ret->enc_pkey,d2i_ASN1_OCTET_STRING);
+
+ ret->cipher.cipher=EVP_get_cipherbyname(
+ OBJ_nid2ln(OBJ_obj2nid(ret->enc_algor->algorithm)));
+ if (ret->cipher.cipher == NULL)
+ {
+ c.error=ASN1_R_UNSUPPORTED_CIPHER;
+ goto err;
+ }
+ if (ret->enc_algor->parameter->type == V_ASN1_OCTET_STRING)
+ {
+ i=ret->enc_algor->parameter->value.octet_string->length;
+ if (i > EVP_MAX_IV_LENGTH)
+ {
+ c.error=ASN1_R_IV_TOO_LARGE;
+ goto err;
+ }
+ memcpy(ret->cipher.iv,
+ ret->enc_algor->parameter->value.octet_string->data,i);
+ }
+ else
+ memset(ret->cipher.iv,0,EVP_MAX_IV_LENGTH);
+ M_ASN1_D2I_Finish(a,X509_PKEY_free,ASN1_F_D2I_X509_PKEY);
+ }
+
+X509_PKEY *X509_PKEY_new()
+ {
+ X509_PKEY *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,X509_PKEY);
+ ret->version=0;
+ M_ASN1_New(ret->enc_algor,X509_ALGOR_new);
+ M_ASN1_New(ret->enc_pkey,ASN1_OCTET_STRING_new);
+ ret->dec_pkey=NULL;
+ ret->key_length=0;
+ ret->key_data=NULL;
+ ret->key_free=0;
+ ret->cipher.cipher=NULL;
+ memset(ret->cipher.iv,0,EVP_MAX_IV_LENGTH);
+ ret->references=1;
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_X509_PKEY_NEW);
+ }
+
+void X509_PKEY_free(x)
+X509_PKEY *x;
+ {
+ int i;
+
+ if (x == NULL) return;
+
+ i=CRYPTO_add(&x->references,-1,CRYPTO_LOCK_X509_PKEY);
+#ifdef REF_PRINT
+ REF_PRINT("X509_PKEY",x);
+#endif
+ if (i > 0) return;
+#ifdef REF_CHECK
+ if (i < 0)
+ {
+ fprintf(stderr,"X509_PKEY_free, bad reference count\n");
+ abort();
+ }
+#endif
+
+ if (x->enc_algor != NULL) X509_ALGOR_free(x->enc_algor);
+ if (x->enc_pkey != NULL) ASN1_OCTET_STRING_free(x->enc_pkey);
+ if (x->dec_pkey != NULL)EVP_PKEY_free(x->dec_pkey);
+ if ((x->key_data != NULL) && (x->key_free)) Free((char *)x->key_data);
+ Free((char *)(char *)x);
+ }
diff --git a/src/lib/libssl/src/crypto/asn1/x_pubkey.c b/src/lib/libssl/src/crypto/asn1/x_pubkey.c
new file mode 100644
index 0000000000..a309cf74a7
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/x_pubkey.c
@@ -0,0 +1,256 @@
+/* crypto/asn1/x_pubkey.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_X509_PUBKEY,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_X509_PUBKEY_NEW,ASN1_R_LENGTH_MISMATCH);
+ */
+
+int i2d_X509_PUBKEY(a,pp)
+X509_PUBKEY *a;
+unsigned char **pp;
+ {
+ M_ASN1_I2D_vars(a);
+
+ M_ASN1_I2D_len(a->algor, i2d_X509_ALGOR);
+ M_ASN1_I2D_len(a->public_key, i2d_ASN1_BIT_STRING);
+
+ M_ASN1_I2D_seq_total();
+
+ M_ASN1_I2D_put(a->algor, i2d_X509_ALGOR);
+ M_ASN1_I2D_put(a->public_key, i2d_ASN1_BIT_STRING);
+
+ M_ASN1_I2D_finish();
+ }
+
+X509_PUBKEY *d2i_X509_PUBKEY(a,pp,length)
+X509_PUBKEY **a;
+unsigned char **pp;
+long length;
+ {
+ M_ASN1_D2I_vars(a,X509_PUBKEY *,X509_PUBKEY_new);
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(ret->algor,d2i_X509_ALGOR);
+ M_ASN1_D2I_get(ret->public_key,d2i_ASN1_BIT_STRING);
+ if (ret->pkey != NULL)
+ {
+ EVP_PKEY_free(ret->pkey);
+ ret->pkey=NULL;
+ }
+ M_ASN1_D2I_Finish(a,X509_PUBKEY_free,ASN1_F_D2I_X509_PUBKEY);
+ }
+
+X509_PUBKEY *X509_PUBKEY_new()
+ {
+ X509_PUBKEY *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,X509_PUBKEY);
+ M_ASN1_New(ret->algor,X509_ALGOR_new);
+ M_ASN1_New(ret->public_key,ASN1_BIT_STRING_new);
+ ret->pkey=NULL;
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_X509_PUBKEY_NEW);
+ }
+
+void X509_PUBKEY_free(a)
+X509_PUBKEY *a;
+ {
+ if (a == NULL) return;
+ X509_ALGOR_free(a->algor);
+ ASN1_BIT_STRING_free(a->public_key);
+ if (a->pkey != NULL) EVP_PKEY_free(a->pkey);
+ Free((char *)a);
+ }
+
+int X509_PUBKEY_set(x,pkey)
+X509_PUBKEY **x;
+EVP_PKEY *pkey;
+ {
+ int ok=0;
+ X509_PUBKEY *pk;
+ X509_ALGOR *a;
+ ASN1_OBJECT *o;
+ unsigned char *s,*p;
+ int i;
+
+ if (x == NULL) return(0);
+
+ if ((pk=X509_PUBKEY_new()) == NULL) goto err;
+ a=pk->algor;
+
+ /* set the algorithm id */
+ if ((o=OBJ_nid2obj(pkey->type)) == NULL) goto err;
+ ASN1_OBJECT_free(a->algorithm);
+ a->algorithm=o;
+
+ /* Set the parameter list */
+ if (!pkey->save_parameters || (pkey->type == EVP_PKEY_RSA))
+ {
+ if ((a->parameter == NULL) ||
+ (a->parameter->type != V_ASN1_NULL))
+ {
+ ASN1_TYPE_free(a->parameter);
+ a->parameter=ASN1_TYPE_new();
+ a->parameter->type=V_ASN1_NULL;
+ }
+ }
+ else
+#ifndef NO_DSA
+ if (pkey->type == EVP_PKEY_DSA)
+ {
+ unsigned char *pp;
+ DSA *dsa;
+
+ dsa=pkey->pkey.dsa;
+ dsa->write_params=0;
+ ASN1_TYPE_free(a->parameter);
+ i=i2d_DSAparams(dsa,NULL);
+ p=(unsigned char *)Malloc(i);
+ pp=p;
+ i2d_DSAparams(dsa,&pp);
+ a->parameter=ASN1_TYPE_new();
+ a->parameter->type=V_ASN1_SEQUENCE;
+ a->parameter->value.sequence=ASN1_STRING_new();
+ ASN1_STRING_set(a->parameter->value.sequence,p,i);
+ Free(p);
+ }
+ else
+#endif
+ {
+ X509err(X509_F_X509_PUBKEY_SET,X509_R_UNSUPPORTED_ALGORITHM);
+ goto err;
+ }
+
+ i=i2d_PublicKey(pkey,NULL);
+ if ((s=(unsigned char *)Malloc(i+1)) == NULL) goto err;
+ p=s;
+ i2d_PublicKey(pkey,&p);
+ if (!ASN1_BIT_STRING_set(pk->public_key,s,i)) goto err;
+ Free(s);
+
+ CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY);
+ pk->pkey=pkey;
+
+ if (*x != NULL)
+ X509_PUBKEY_free(*x);
+
+ *x=pk;
+ pk=NULL;
+
+ ok=1;
+err:
+ if (pk != NULL) X509_PUBKEY_free(pk);
+ return(ok);
+ }
+
+EVP_PKEY *X509_PUBKEY_get(key)
+X509_PUBKEY *key;
+ {
+ EVP_PKEY *ret=NULL;
+ long j;
+ int type;
+ unsigned char *p;
+#ifndef NO_DSA
+ X509_ALGOR *a;
+#endif
+
+ if (key == NULL) goto err;
+
+ if (key->pkey != NULL) return(key->pkey);
+
+ if (key->public_key == NULL) goto err;
+
+ type=OBJ_obj2nid(key->algor->algorithm);
+ p=key->public_key->data;
+ j=key->public_key->length;
+ if ((ret=d2i_PublicKey(type,NULL,&p,(long)j)) == NULL)
+ {
+ X509err(X509_F_X509_PUBKEY_GET,X509_R_ERR_ASN1_LIB);
+ goto err;
+ }
+ ret->save_parameters=0;
+
+#ifndef NO_DSA
+ a=key->algor;
+ if (ret->type == EVP_PKEY_DSA)
+ {
+ if (a->parameter->type == V_ASN1_SEQUENCE)
+ {
+ ret->pkey.dsa->write_params=0;
+ p=a->parameter->value.sequence->data;
+ j=a->parameter->value.sequence->length;
+ if (!d2i_DSAparams(&ret->pkey.dsa,&p,(long)j))
+ goto err;
+ }
+ ret->save_parameters=1;
+ }
+#endif
+ key->pkey=ret;
+ return(ret);
+err:
+ if (ret != NULL)
+ EVP_PKEY_free(ret);
+ return(NULL);
+ }
+
diff --git a/src/lib/libssl/src/crypto/asn1/x_req.c b/src/lib/libssl/src/crypto/asn1/x_req.c
new file mode 100644
index 0000000000..ff0be13d37
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/x_req.c
@@ -0,0 +1,247 @@
+/* crypto/asn1/x_req.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+#include "x509.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_X509_REQ,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_D2I_X509_REQ_INFO,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_X509_REQ_NEW,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_X509_REQ_INFO_NEW,ASN1_R_LENGTH_MISMATCH);
+ */
+
+int i2d_X509_REQ_INFO(a,pp)
+X509_REQ_INFO *a;
+unsigned char **pp;
+ {
+ M_ASN1_I2D_vars(a);
+
+ M_ASN1_I2D_len(a->version, i2d_ASN1_INTEGER);
+ M_ASN1_I2D_len(a->subject, i2d_X509_NAME);
+ M_ASN1_I2D_len(a->pubkey, i2d_X509_PUBKEY);
+
+ /* this is a *nasty* hack reported to be required to
+ * allow some CA Software to accept the cert request.
+ * It is not following the PKCS standards ...
+ * PKCS#10 pg 5
+ * attributes [0] IMPLICIT Attibutes
+ * NOTE: no OPTIONAL ... so it *must* be there
+ */
+ if (a->req_kludge)
+ {
+ M_ASN1_I2D_len_IMP_set_opt(a->attributes,i2d_X509_ATTRIBUTE,0);
+ }
+ else
+ {
+ M_ASN1_I2D_len_IMP_set(a->attributes, i2d_X509_ATTRIBUTE,0);
+ }
+
+ M_ASN1_I2D_seq_total();
+ M_ASN1_I2D_put(a->version, i2d_ASN1_INTEGER);
+ M_ASN1_I2D_put(a->subject, i2d_X509_NAME);
+ M_ASN1_I2D_put(a->pubkey, i2d_X509_PUBKEY);
+
+ /* this is a *nasty* hack reported to be required by some CA's.
+ * It is not following the PKCS standards ...
+ * PKCS#10 pg 5
+ * attributes [0] IMPLICIT Attibutes
+ * NOTE: no OPTIONAL ... so it *must* be there
+ */
+ if (a->req_kludge)
+ {
+ M_ASN1_I2D_put_IMP_set_opt(a->attributes,i2d_X509_ATTRIBUTE,0);
+ }
+ else
+ {
+ M_ASN1_I2D_put_IMP_set(a->attributes,i2d_X509_ATTRIBUTE,0);
+ }
+
+ M_ASN1_I2D_finish();
+ }
+
+X509_REQ_INFO *d2i_X509_REQ_INFO(a,pp,length)
+X509_REQ_INFO **a;
+unsigned char **pp;
+long length;
+ {
+ M_ASN1_D2I_vars(a,X509_REQ_INFO *,X509_REQ_INFO_new);
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER);
+ M_ASN1_D2I_get(ret->subject,d2i_X509_NAME);
+ M_ASN1_D2I_get(ret->pubkey,d2i_X509_PUBKEY);
+
+ /* this is a *nasty* hack to allow for some CA's that
+ * have been reported as requiring it.
+ * It is not following the PKCS standards ...
+ * PKCS#10 pg 5
+ * attributes [0] IMPLICIT Attibutes
+ * NOTE: no OPTIONAL ... so it *must* be there
+ */
+ if (asn1_Finish(&c))
+ ret->req_kludge=1;
+ else
+ {
+ M_ASN1_D2I_get_IMP_set(ret->attributes,d2i_X509_ATTRIBUTE,0);
+ }
+
+ M_ASN1_D2I_Finish(a,X509_REQ_INFO_free,ASN1_F_D2I_X509_REQ_INFO);
+ }
+
+X509_REQ_INFO *X509_REQ_INFO_new()
+ {
+ X509_REQ_INFO *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,X509_REQ_INFO);
+ M_ASN1_New(ret->version,ASN1_INTEGER_new);
+ M_ASN1_New(ret->subject,X509_NAME_new);
+ M_ASN1_New(ret->pubkey,X509_PUBKEY_new);
+ M_ASN1_New(ret->attributes,sk_new_null);
+ ret->req_kludge=0;
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_X509_REQ_INFO_NEW);
+ }
+
+void X509_REQ_INFO_free(a)
+X509_REQ_INFO *a;
+ {
+ if (a == NULL) return;
+ ASN1_INTEGER_free(a->version);
+ X509_NAME_free(a->subject);
+ X509_PUBKEY_free(a->pubkey);
+ sk_pop_free(a->attributes,X509_ATTRIBUTE_free);
+ Free((char *)a);
+ }
+
+int i2d_X509_REQ(a,pp)
+X509_REQ *a;
+unsigned char **pp;
+ {
+ M_ASN1_I2D_vars(a);
+ M_ASN1_I2D_len(a->req_info, i2d_X509_REQ_INFO);
+ M_ASN1_I2D_len(a->sig_alg, i2d_X509_ALGOR);
+ M_ASN1_I2D_len(a->signature, i2d_ASN1_BIT_STRING);
+
+ M_ASN1_I2D_seq_total();
+
+ M_ASN1_I2D_put(a->req_info, i2d_X509_REQ_INFO);
+ M_ASN1_I2D_put(a->sig_alg, i2d_X509_ALGOR);
+ M_ASN1_I2D_put(a->signature, i2d_ASN1_BIT_STRING);
+
+ M_ASN1_I2D_finish();
+ }
+
+X509_REQ *d2i_X509_REQ(a,pp,length)
+X509_REQ **a;
+unsigned char **pp;
+long length;
+ {
+ M_ASN1_D2I_vars(a,X509_REQ *,X509_REQ_new);
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(ret->req_info,d2i_X509_REQ_INFO);
+ M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR);
+ M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING);
+ M_ASN1_D2I_Finish(a,X509_REQ_free,ASN1_F_D2I_X509_REQ);
+ }
+
+X509_REQ *X509_REQ_new()
+ {
+ X509_REQ *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,X509_REQ);
+ ret->references=1;
+ M_ASN1_New(ret->req_info,X509_REQ_INFO_new);
+ M_ASN1_New(ret->sig_alg,X509_ALGOR_new);
+ M_ASN1_New(ret->signature,ASN1_BIT_STRING_new);
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_X509_REQ_NEW);
+ }
+
+void X509_REQ_free(a)
+X509_REQ *a;
+ {
+ int i;
+
+ if (a == NULL) return;
+
+ i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_X509_REQ);
+#ifdef REF_PRINT
+ REF_PRINT("X509_REQ",a);
+#endif
+ if (i > 0) return;
+#ifdef REF_CHECK
+ if (i < 0)
+ {
+ fprintf(stderr,"X509_REQ_free, bad reference count\n");
+ abort();
+ }
+#endif
+
+ X509_REQ_INFO_free(a->req_info);
+ X509_ALGOR_free(a->sig_alg);
+ ASN1_BIT_STRING_free(a->signature);
+ Free((char *)a);
+ }
+
+
diff --git a/src/lib/libssl/src/crypto/asn1/x_sig.c b/src/lib/libssl/src/crypto/asn1/x_sig.c
new file mode 100644
index 0000000000..f0a2e4c27a
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/x_sig.c
@@ -0,0 +1,119 @@
+/* crypto/asn1/x_sig.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_X509_SIG,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_X509_SIG_NEW,ASN1_R_LENGTH_MISMATCH);
+ */
+
+int i2d_X509_SIG(a,pp)
+X509_SIG *a;
+unsigned char **pp;
+ {
+ M_ASN1_I2D_vars(a);
+
+ M_ASN1_I2D_len(a->algor, i2d_X509_ALGOR);
+ M_ASN1_I2D_len(a->digest, i2d_ASN1_OCTET_STRING);
+
+ M_ASN1_I2D_seq_total();
+
+ M_ASN1_I2D_put(a->algor, i2d_X509_ALGOR);
+ M_ASN1_I2D_put(a->digest, i2d_ASN1_OCTET_STRING);
+
+ M_ASN1_I2D_finish();
+ }
+
+X509_SIG *d2i_X509_SIG(a,pp,length)
+X509_SIG **a;
+unsigned char **pp;
+long length;
+ {
+ M_ASN1_D2I_vars(a,X509_SIG *,X509_SIG_new);
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(ret->algor,d2i_X509_ALGOR);
+ M_ASN1_D2I_get(ret->digest,d2i_ASN1_OCTET_STRING);
+ M_ASN1_D2I_Finish(a,X509_SIG_free,ASN1_F_D2I_X509_SIG);
+ }
+
+X509_SIG *X509_SIG_new()
+ {
+ X509_SIG *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,X509_SIG);
+ M_ASN1_New(ret->algor,X509_ALGOR_new);
+ M_ASN1_New(ret->digest,ASN1_OCTET_STRING_new);
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_X509_SIG_NEW);
+ }
+
+void X509_SIG_free(a)
+X509_SIG *a;
+ {
+ if (a == NULL) return;
+ X509_ALGOR_free(a->algor);
+ ASN1_OCTET_STRING_free(a->digest);
+ Free((char *)a);
+ }
+
+
diff --git a/src/lib/libssl/src/crypto/asn1/x_spki.c b/src/lib/libssl/src/crypto/asn1/x_spki.c
new file mode 100644
index 0000000000..4a80df44b8
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/x_spki.c
@@ -0,0 +1,181 @@
+/* crypto/asn1/x_spki.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+ /* This module was send to me my Pat Richards <patr@x509.com> who
+ * wrote it. It is under my Copyright with his permision
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "x509.h"
+#include "asn1_mac.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_NETSCAPE_SPKAC,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_NETSCAPE_SPKAC_NEW,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_D2I_NETSCAPE_SPKI,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_NETSCAPE_SPKI_NEW,ASN1_R_LENGTH_MISMATCH);
+ */
+
+int i2d_NETSCAPE_SPKAC(a,pp)
+NETSCAPE_SPKAC *a;
+unsigned char **pp;
+ {
+ M_ASN1_I2D_vars(a);
+
+ M_ASN1_I2D_len(a->pubkey, i2d_X509_PUBKEY);
+ M_ASN1_I2D_len(a->challenge, i2d_ASN1_IA5STRING);
+
+ M_ASN1_I2D_seq_total();
+
+ M_ASN1_I2D_put(a->pubkey, i2d_X509_PUBKEY);
+ M_ASN1_I2D_put(a->challenge, i2d_ASN1_IA5STRING);
+
+ M_ASN1_I2D_finish();
+ }
+
+NETSCAPE_SPKAC *d2i_NETSCAPE_SPKAC(a,pp,length)
+NETSCAPE_SPKAC **a;
+unsigned char **pp;
+long length;
+ {
+ M_ASN1_D2I_vars(a,NETSCAPE_SPKAC *,NETSCAPE_SPKAC_new);
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(ret->pubkey,d2i_X509_PUBKEY);
+ M_ASN1_D2I_get(ret->challenge,d2i_ASN1_IA5STRING);
+ M_ASN1_D2I_Finish(a,NETSCAPE_SPKAC_free,ASN1_F_D2I_NETSCAPE_SPKAC);
+ }
+
+NETSCAPE_SPKAC *NETSCAPE_SPKAC_new()
+ {
+ NETSCAPE_SPKAC *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,NETSCAPE_SPKAC);
+ M_ASN1_New(ret->pubkey,X509_PUBKEY_new);
+ M_ASN1_New(ret->challenge,ASN1_IA5STRING_new);
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_NETSCAPE_SPKAC_NEW);
+ }
+
+void NETSCAPE_SPKAC_free(a)
+NETSCAPE_SPKAC *a;
+ {
+ if (a == NULL) return;
+ X509_PUBKEY_free(a->pubkey);
+ ASN1_IA5STRING_free(a->challenge);
+ Free((char *)a);
+ }
+
+int i2d_NETSCAPE_SPKI(a,pp)
+NETSCAPE_SPKI *a;
+unsigned char **pp;
+ {
+ M_ASN1_I2D_vars(a);
+
+ M_ASN1_I2D_len(a->spkac, i2d_NETSCAPE_SPKAC);
+ M_ASN1_I2D_len(a->sig_algor, i2d_X509_ALGOR);
+ M_ASN1_I2D_len(a->signature, i2d_ASN1_BIT_STRING);
+
+ M_ASN1_I2D_seq_total();
+
+ M_ASN1_I2D_put(a->spkac, i2d_NETSCAPE_SPKAC);
+ M_ASN1_I2D_put(a->sig_algor, i2d_X509_ALGOR);
+ M_ASN1_I2D_put(a->signature, i2d_ASN1_BIT_STRING);
+
+ M_ASN1_I2D_finish();
+ }
+
+NETSCAPE_SPKI *d2i_NETSCAPE_SPKI(a,pp,length)
+NETSCAPE_SPKI **a;
+unsigned char **pp;
+long length;
+ {
+ M_ASN1_D2I_vars(a,NETSCAPE_SPKI *,NETSCAPE_SPKI_new);
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(ret->spkac,d2i_NETSCAPE_SPKAC);
+ M_ASN1_D2I_get(ret->sig_algor,d2i_X509_ALGOR);
+ M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING);
+ M_ASN1_D2I_Finish(a,NETSCAPE_SPKI_free,ASN1_F_D2I_NETSCAPE_SPKI);
+ }
+
+NETSCAPE_SPKI *NETSCAPE_SPKI_new()
+ {
+ NETSCAPE_SPKI *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,NETSCAPE_SPKI);
+ M_ASN1_New(ret->spkac,NETSCAPE_SPKAC_new);
+ M_ASN1_New(ret->sig_algor,X509_ALGOR_new);
+ M_ASN1_New(ret->signature,ASN1_BIT_STRING_new);
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_NETSCAPE_SPKI_NEW);
+ }
+
+void NETSCAPE_SPKI_free(a)
+NETSCAPE_SPKI *a;
+ {
+ if (a == NULL) return;
+ NETSCAPE_SPKAC_free(a->spkac);
+ X509_ALGOR_free(a->sig_algor);
+ ASN1_BIT_STRING_free(a->signature);
+ Free((char *)a);
+ }
+
diff --git a/src/lib/libssl/src/crypto/asn1/x_val.c b/src/lib/libssl/src/crypto/asn1/x_val.c
new file mode 100644
index 0000000000..a9c390f88c
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/x_val.c
@@ -0,0 +1,118 @@
+/* crypto/asn1/x_val.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+
+/* ASN1err(ASN1_F_X509_VAL_NEW,ERR_R_MALLOC_FAILURE);
+ * ASN1err(ASN1_F_X509_VAL_FREE,ERR_R_MALLOC_FAILURE);
+ * ASN1err(ASN1_F_D2I_X509_VAL,ERR_R_MALLOC_FAILURE);
+ */
+
+int i2d_X509_VAL(a,pp)
+X509_VAL *a;
+unsigned char **pp;
+ {
+ M_ASN1_I2D_vars(a);
+
+ M_ASN1_I2D_len(a->notBefore,i2d_ASN1_UTCTIME);
+ M_ASN1_I2D_len(a->notAfter,i2d_ASN1_UTCTIME);
+
+ M_ASN1_I2D_seq_total();
+
+ M_ASN1_I2D_put(a->notBefore,i2d_ASN1_UTCTIME);
+ M_ASN1_I2D_put(a->notAfter,i2d_ASN1_UTCTIME);
+
+ M_ASN1_I2D_finish();
+ }
+
+X509_VAL *d2i_X509_VAL(a,pp,length)
+X509_VAL **a;
+unsigned char **pp;
+long length;
+ {
+ M_ASN1_D2I_vars(a,X509_VAL *,X509_VAL_new);
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(ret->notBefore,d2i_ASN1_UTCTIME);
+ M_ASN1_D2I_get(ret->notAfter,d2i_ASN1_UTCTIME);
+ M_ASN1_D2I_Finish(a,X509_VAL_free,ASN1_F_D2I_X509_VAL);
+ }
+
+X509_VAL *X509_VAL_new()
+ {
+ X509_VAL *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,X509_VAL);
+ M_ASN1_New(ret->notBefore,ASN1_UTCTIME_new);
+ M_ASN1_New(ret->notAfter,ASN1_UTCTIME_new);
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_X509_VAL_NEW);
+ }
+
+void X509_VAL_free(a)
+X509_VAL *a;
+ {
+ if (a == NULL) return;
+ ASN1_UTCTIME_free(a->notBefore);
+ ASN1_UTCTIME_free(a->notAfter);
+ Free((char *)a);
+ }
+
diff --git a/src/lib/libssl/src/crypto/asn1/x_x509.c b/src/lib/libssl/src/crypto/asn1/x_x509.c
new file mode 100644
index 0000000000..bc466ce0f6
--- /dev/null
+++ b/src/lib/libssl/src/crypto/asn1/x_x509.c
@@ -0,0 +1,158 @@
+/* crypto/asn1/x_x509.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "asn1_mac.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_X509,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_X509_NEW,ASN1_R_BAD_GET_OBJECT);
+ */
+
+static ASN1_METHOD meth={
+ (int (*)()) i2d_X509,
+ (char *(*)())d2i_X509,
+ (char *(*)())X509_new,
+ (void (*)()) X509_free};
+
+ASN1_METHOD *X509_asn1_meth()
+ {
+ return(&meth);
+ }
+
+int i2d_X509(a,pp)
+X509 *a;
+unsigned char **pp;
+ {
+ M_ASN1_I2D_vars(a);
+
+ M_ASN1_I2D_len(a->cert_info, i2d_X509_CINF);
+ M_ASN1_I2D_len(a->sig_alg, i2d_X509_ALGOR);
+ M_ASN1_I2D_len(a->signature, i2d_ASN1_BIT_STRING);
+
+ M_ASN1_I2D_seq_total();
+
+ M_ASN1_I2D_put(a->cert_info, i2d_X509_CINF);
+ M_ASN1_I2D_put(a->sig_alg, i2d_X509_ALGOR);
+ M_ASN1_I2D_put(a->signature, i2d_ASN1_BIT_STRING);
+
+ M_ASN1_I2D_finish();
+ }
+
+X509 *d2i_X509(a,pp,length)
+X509 **a;
+unsigned char **pp;
+long length;
+ {
+ M_ASN1_D2I_vars(a,X509 *,X509_new);
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(ret->cert_info,d2i_X509_CINF);
+ M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR);
+ M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING);
+if (ret->name != NULL) Free(ret->name);
+ret->name=X509_NAME_oneline(ret->cert_info->subject,NULL,0);
+
+ M_ASN1_D2I_Finish(a,X509_free,ASN1_F_D2I_X509);
+ }
+
+X509 *X509_new()
+ {
+ X509 *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,X509);
+ ret->references=1;
+ ret->valid=0;
+ ret->name=NULL;
+ M_ASN1_New(ret->cert_info,X509_CINF_new);
+ M_ASN1_New(ret->sig_alg,X509_ALGOR_new);
+ M_ASN1_New(ret->signature,ASN1_BIT_STRING_new);
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_X509_NEW);
+ }
+
+void X509_free(a)
+X509 *a;
+ {
+ int i;
+
+ if (a == NULL) return;
+
+ i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_X509);
+#ifdef REF_PRINT
+ REF_PRINT("X509",a);
+#endif
+ if (i > 0) return;
+#ifdef REF_CHECK
+ if (i < 0)
+ {
+ fprintf(stderr,"X509_free, bad reference count\n");
+ abort();
+ }
+#endif
+
+ X509_CINF_free(a->cert_info);
+ X509_ALGOR_free(a->sig_alg);
+ ASN1_BIT_STRING_free(a->signature);
+ if (a->name != NULL) Free(a->name);
+ Free((char *)a);
+ }
+
diff --git a/src/lib/libssl/src/crypto/bf/COPYRIGHT b/src/lib/libssl/src/crypto/bf/COPYRIGHT
new file mode 100644
index 0000000000..6857223506
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bf/COPYRIGHT
@@ -0,0 +1,46 @@
+Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+All rights reserved.
+
+This package is an Blowfish implementation written
+by Eric Young (eay@cryptsoft.com).
+
+This library is free for commercial and non-commercial use as long as
+the following conditions are aheared to. The following conditions
+apply to all code found in this distribution.
+
+Copyright remains Eric Young's, and as such any Copyright notices in
+the code are not to be removed.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions
+are met:
+1. Redistributions of source code must retain the copyright
+ notice, this list of conditions and the following disclaimer.
+2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+3. All advertising materials mentioning features or use of this software
+ must display the following acknowledgement:
+ This product includes software developed by Eric Young (eay@cryptsoft.com)
+
+THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+SUCH DAMAGE.
+
+The license and distribution terms for any publically available version or
+derivative of this code cannot be changed. i.e. this code cannot simply be
+copied and put under another distrubution license
+[including the GNU Public License.]
+
+The reason behind this being stated in this direct manner is past
+experience in code simply being copied and the attribution removed
+from it and then being distributed as part of other packages. This
+implementation was a non-trivial and unpaid effort.
diff --git a/src/lib/libssl/src/crypto/bf/INSTALL b/src/lib/libssl/src/crypto/bf/INSTALL
new file mode 100644
index 0000000000..3b25923532
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bf/INSTALL
@@ -0,0 +1,14 @@
+This Eric Young's blowfish implementation, taken from his SSLeay library
+and made available as a separate library.
+
+The version number (0.7.2m) is the SSLeay version that this library was
+taken from.
+
+To build, just unpack and type make.
+If you are not using gcc, edit the Makefile.
+If you are compiling for an x86 box, try the assembler (it needs improving).
+There are also some compile time options that can improve performance,
+these are documented in the Makefile.
+
+eric 15-Apr-1997
+
diff --git a/src/lib/libssl/src/crypto/bf/README b/src/lib/libssl/src/crypto/bf/README
new file mode 100644
index 0000000000..f2712fd0e7
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bf/README
@@ -0,0 +1,8 @@
+This is a quick packaging up of my blowfish code into a library.
+It has been lifted from SSLeay.
+The copyright notices seem a little harsh because I have not spent the
+time to rewrite the conditions from the normal SSLeay ones.
+
+Basically if you just want to play with the library, not a problem.
+
+eric 15-Apr-1997
diff --git a/src/lib/libssl/src/crypto/bf/VERSION b/src/lib/libssl/src/crypto/bf/VERSION
new file mode 100644
index 0000000000..be995855e4
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bf/VERSION
@@ -0,0 +1,6 @@
+The version numbers will follow my SSL implementation
+
+0.7.2r - Some reasonable default compiler options from
+ Peter Gutman <pgut001@cs.auckland.ac.nz>
+
+0.7.2m - the first release
diff --git a/src/lib/libssl/src/crypto/bf/asm/bf-586.pl b/src/lib/libssl/src/crypto/bf/asm/bf-586.pl
new file mode 100644
index 0000000000..5c7ab14ab0
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bf/asm/bf-586.pl
@@ -0,0 +1,136 @@
+#!/usr/bin/perl
+
+push(@INC,"perlasm","../../perlasm");
+require "x86asm.pl";
+require "cbc.pl";
+
+&asm_init($ARGV[0],"bf-586.pl");
+
+$BF_ROUNDS=16;
+$BF_OFF=($BF_ROUNDS+2)*4;
+$L="edi";
+$R="esi";
+$P="ebp";
+$tmp1="eax";
+$tmp2="ebx";
+$tmp3="ecx";
+$tmp4="edx";
+
+&BF_encrypt("BF_encrypt",1);
+&BF_encrypt("BF_decrypt",0);
+&cbc("BF_cbc_encrypt","BF_encrypt","BF_decrypt",1,4,5,3,-1,-1);
+&asm_finish();
+
+sub BF_encrypt
+ {
+ local($name,$enc)=@_;
+
+ &function_begin_B($name,"");
+
+ &comment("");
+
+ &push("ebp");
+ &push("ebx");
+ &mov($tmp2,&wparam(0));
+ &mov($P,&wparam(1));
+ &push("esi");
+ &push("edi");
+
+ &comment("Load the 2 words");
+ &mov($L,&DWP(0,$tmp2,"",0));
+ &mov($R,&DWP(4,$tmp2,"",0));
+
+ &xor( $tmp1, $tmp1);
+
+ # encrypting part
+
+ if ($enc)
+ {
+ &mov($tmp2,&DWP(0,$P,"",0));
+ &xor( $tmp3, $tmp3);
+
+ &xor($L,$tmp2);
+ for ($i=0; $i<$BF_ROUNDS; $i+=2)
+ {
+ &comment("");
+ &comment("Round $i");
+ &BF_ENCRYPT($i+1,$R,$L,$P,$tmp1,$tmp2,$tmp3,$tmp4,1);
+
+ &comment("");
+ &comment("Round ".sprintf("%d",$i+1));
+ &BF_ENCRYPT($i+2,$L,$R,$P,$tmp1,$tmp2,$tmp3,$tmp4,1);
+ }
+ # &mov($tmp1,&wparam(0)); In last loop
+ &mov($tmp4,&DWP(($BF_ROUNDS+1)*4,$P,"",0));
+ }
+ else
+ {
+ &mov($tmp2,&DWP(($BF_ROUNDS+1)*4,$P,"",0));
+ &xor( $tmp3, $tmp3);
+
+ &xor($L,$tmp2);
+ for ($i=$BF_ROUNDS; $i>0; $i-=2)
+ {
+ &comment("");
+ &comment("Round $i");
+ &BF_ENCRYPT($i,$R,$L,$P,$tmp1,$tmp2,$tmp3,$tmp4,0);
+ &comment("");
+ &comment("Round ".sprintf("%d",$i-1));
+ &BF_ENCRYPT($i-1,$L,$R,$P,$tmp1,$tmp2,$tmp3,$tmp4,0);
+ }
+ # &mov($tmp1,&wparam(0)); In last loop
+ &mov($tmp4,&DWP(0,$P,"",0));
+ }
+
+ &xor($R,$tmp4);
+ &mov(&DWP(4,$tmp1,"",0),$L);
+
+ &mov(&DWP(0,$tmp1,"",0),$R);
+ &function_end($name);
+ }
+
+sub BF_ENCRYPT
+ {
+ local($i,$L,$R,$P,$tmp1,$tmp2,$tmp3,$tmp4,$enc)=@_;
+
+ &mov( $tmp4, &DWP(&n2a($i*4),$P,"",0)); # for next round
+
+ &mov( $tmp2, $R);
+ &xor( $L, $tmp4);
+
+ &shr( $tmp2, 16);
+ &mov( $tmp4, $R);
+
+ &movb( &LB($tmp1), &HB($tmp2)); # A
+ &and( $tmp2, 0xff); # B
+
+ &movb( &LB($tmp3), &HB($tmp4)); # C
+ &and( $tmp4, 0xff); # D
+
+ &mov( $tmp1, &DWP(&n2a($BF_OFF+0x0000),$P,$tmp1,4));
+ &mov( $tmp2, &DWP(&n2a($BF_OFF+0x0400),$P,$tmp2,4));
+
+ &add( $tmp2, $tmp1);
+ &mov( $tmp1, &DWP(&n2a($BF_OFF+0x0800),$P,$tmp3,4));
+
+ &xor( $tmp2, $tmp1);
+ &mov( $tmp4, &DWP(&n2a($BF_OFF+0x0C00),$P,$tmp4,4));
+
+ &add( $tmp2, $tmp4);
+ if (($enc && ($i != 16)) || ((!$enc) && ($i != 1)))
+ { &xor( $tmp1, $tmp1); }
+ else
+ {
+ &comment("Load parameter 0 ($i) enc=$enc");
+ &mov($tmp1,&wparam(0));
+ } # In last loop
+
+ &xor( $L, $tmp2);
+ # delay
+ }
+
+sub n2a
+ {
+ sprintf("%d",$_[0]);
+ }
+
diff --git a/src/lib/libssl/src/crypto/bf/asm/bf-686.pl b/src/lib/libssl/src/crypto/bf/asm/bf-686.pl
new file mode 100644
index 0000000000..bed303d786
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bf/asm/bf-686.pl
@@ -0,0 +1,128 @@
+#!/usr/bin/perl
+#!/usr/local/bin/perl
+
+push(@INC,"perlasm","../../perlasm");
+require "x86asm.pl";
+require "cbc.pl";
+
+&asm_init($ARGV[0],"bf-686.pl");
+
+$BF_ROUNDS=16;
+$BF_OFF=($BF_ROUNDS+2)*4;
+$L="ecx";
+$R="edx";
+$P="edi";
+$tot="esi";
+$tmp1="eax";
+$tmp2="ebx";
+$tmp3="ebp";
+
+&des_encrypt("BF_encrypt",1);
+&des_encrypt("BF_decrypt",0);
+&cbc("BF_cbc_encrypt","BF_encrypt","BF_decrypt",1,4,5,3,-1,-1);
+
+&asm_finish();
+
+&file_end();
+
+sub des_encrypt
+ {
+ local($name,$enc)=@_;
+
+ &function_begin($name,"");
+
+ &comment("");
+ &comment("Load the 2 words");
+ &mov("eax",&wparam(0));
+ &mov($L,&DWP(0,"eax","",0));
+ &mov($R,&DWP(4,"eax","",0));
+
+ &comment("");
+ &comment("P pointer, s and enc flag");
+ &mov($P,&wparam(1));
+
+ &xor( $tmp1, $tmp1);
+ &xor( $tmp2, $tmp2);
+
+ # encrypting part
+
+ if ($enc)
+ {
+ &xor($L,&DWP(0,$P,"",0));
+ for ($i=0; $i<$BF_ROUNDS; $i+=2)
+ {
+ &comment("");
+ &comment("Round $i");
+ &BF_ENCRYPT($i+1,$R,$L,$P,$tot,$tmp1,$tmp2,$tmp3);
+
+ &comment("");
+ &comment("Round ".sprintf("%d",$i+1));
+ &BF_ENCRYPT($i+2,$L,$R,$P,$tot,$tmp1,$tmp2,$tmp3);
+ }
+ &xor($R,&DWP(($BF_ROUNDS+1)*4,$P,"",0));
+
+ &mov("eax",&wparam(0));
+ &mov(&DWP(0,"eax","",0),$R);
+ &mov(&DWP(4,"eax","",0),$L);
+ &function_end_A($name);
+ }
+ else
+ {
+ &xor($L,&DWP(($BF_ROUNDS+1)*4,$P,"",0));
+ for ($i=$BF_ROUNDS; $i>0; $i-=2)
+ {
+ &comment("");
+ &comment("Round $i");
+ &BF_ENCRYPT($i,$R,$L,$P,$tot,$tmp1,$tmp2,$tmp3);
+ &comment("");
+ &comment("Round ".sprintf("%d",$i-1));
+ &BF_ENCRYPT($i-1,$L,$R,$P,$tot,$tmp1,$tmp2,$tmp3);
+ }
+ &xor($R,&DWP(0,$P,"",0));
+
+ &mov("eax",&wparam(0));
+ &mov(&DWP(0,"eax","",0),$R);
+ &mov(&DWP(4,"eax","",0),$L);
+ &function_end_A($name);
+ }
+
+ &function_end_B($name);
+ }
+
+sub BF_ENCRYPT
+ {
+ local($i,$L,$R,$P,$tot,$tmp1,$tmp2,$tmp3)=@_;
+
+ &rotr( $R, 16);
+ &mov( $tot, &DWP(&n2a($i*4),$P,"",0));
+
+ &movb( &LB($tmp1), &HB($R));
+ &movb( &LB($tmp2), &LB($R));
+
+ &rotr( $R, 16);
+ &xor( $L, $tot);
+
+ &mov( $tot, &DWP(&n2a($BF_OFF+0x0000),$P,$tmp1,4));
+ &mov( $tmp3, &DWP(&n2a($BF_OFF+0x0400),$P,$tmp2,4));
+
+ &movb( &LB($tmp1), &HB($R));
+ &movb( &LB($tmp2), &LB($R));
+
+ &add( $tot, $tmp3);
+ &mov( $tmp1, &DWP(&n2a($BF_OFF+0x0800),$P,$tmp1,4)); # delay
+
+ &xor( $tot, $tmp1);
+ &mov( $tmp3, &DWP(&n2a($BF_OFF+0x0C00),$P,$tmp2,4));
+
+ &add( $tot, $tmp3);
+ &xor( $tmp1, $tmp1);
+
+ &xor( $L, $tot);
+ # delay
+ }
+
+sub n2a
+ {
+ sprintf("%d",$_[0]);
+ }
+
diff --git a/src/lib/libssl/src/crypto/bf/asm/readme b/src/lib/libssl/src/crypto/bf/asm/readme
new file mode 100644
index 0000000000..2385fa3812
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bf/asm/readme
@@ -0,0 +1,10 @@
+There are blowfish assembler generation scripts.
+bf-586.pl version is for the pentium and
+bf-686.pl is my original version, which is faster on the pentium pro.
+
+When using a bf-586.pl, the pentium pro/II is %8 slower than using
+bf-686.pl. When using a bf-686.pl, the pentium is %16 slower
+than bf-586.pl
+
+So the default is bf-586.pl
+
diff --git a/src/lib/libssl/src/crypto/bf/bf_cbc.c b/src/lib/libssl/src/crypto/bf/bf_cbc.c
new file mode 100644
index 0000000000..e0fa9ad763
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bf/bf_cbc.c
@@ -0,0 +1,148 @@
+/* crypto/bf/bf_cbc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "blowfish.h"
+#include "bf_locl.h"
+
+void BF_cbc_encrypt(in, out, length, ks, iv, encrypt)
+unsigned char *in;
+unsigned char *out;
+long length;
+BF_KEY *ks;
+unsigned char *iv;
+int encrypt;
+ {
+ register BF_LONG tin0,tin1;
+ register BF_LONG tout0,tout1,xor0,xor1;
+ register long l=length;
+ BF_LONG tin[2];
+
+ if (encrypt)
+ {
+ n2l(iv,tout0);
+ n2l(iv,tout1);
+ iv-=8;
+ for (l-=8; l>=0; l-=8)
+ {
+ n2l(in,tin0);
+ n2l(in,tin1);
+ tin0^=tout0;
+ tin1^=tout1;
+ tin[0]=tin0;
+ tin[1]=tin1;
+ BF_encrypt(tin,ks);
+ tout0=tin[0];
+ tout1=tin[1];
+ l2n(tout0,out);
+ l2n(tout1,out);
+ }
+ if (l != -8)
+ {
+ n2ln(in,tin0,tin1,l+8);
+ tin0^=tout0;
+ tin1^=tout1;
+ tin[0]=tin0;
+ tin[1]=tin1;
+ BF_encrypt(tin,ks);
+ tout0=tin[0];
+ tout1=tin[1];
+ l2n(tout0,out);
+ l2n(tout1,out);
+ }
+ l2n(tout0,iv);
+ l2n(tout1,iv);
+ }
+ else
+ {
+ n2l(iv,xor0);
+ n2l(iv,xor1);
+ iv-=8;
+ for (l-=8; l>=0; l-=8)
+ {
+ n2l(in,tin0);
+ n2l(in,tin1);
+ tin[0]=tin0;
+ tin[1]=tin1;
+ BF_decrypt(tin,ks);
+ tout0=tin[0]^xor0;
+ tout1=tin[1]^xor1;
+ l2n(tout0,out);
+ l2n(tout1,out);
+ xor0=tin0;
+ xor1=tin1;
+ }
+ if (l != -8)
+ {
+ n2l(in,tin0);
+ n2l(in,tin1);
+ tin[0]=tin0;
+ tin[1]=tin1;
+ BF_decrypt(tin,ks);
+ tout0=tin[0]^xor0;
+ tout1=tin[1]^xor1;
+ l2nn(tout0,tout1,out,l+8);
+ xor0=tin0;
+ xor1=tin1;
+ }
+ l2n(xor0,iv);
+ l2n(xor1,iv);
+ }
+ tin0=tin1=tout0=tout1=xor0=xor1=0;
+ tin[0]=tin[1]=0;
+ }
+
diff --git a/src/lib/libssl/src/crypto/bf/bf_cfb64.c b/src/lib/libssl/src/crypto/bf/bf_cfb64.c
new file mode 100644
index 0000000000..f9c66e7ced
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bf/bf_cfb64.c
@@ -0,0 +1,127 @@
+/* crypto/bf/bf_cfb64.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "blowfish.h"
+#include "bf_locl.h"
+
+/* The input and output encrypted as though 64bit cfb mode is being
+ * used. The extra state information to record how much of the
+ * 64bit block we have used is contained in *num;
+ */
+
+void BF_cfb64_encrypt(in, out, length, schedule, ivec, num, encrypt)
+unsigned char *in;
+unsigned char *out;
+long length;
+BF_KEY *schedule;
+unsigned char *ivec;
+int *num;
+int encrypt;
+ {
+ register BF_LONG v0,v1,t;
+ register int n= *num;
+ register long l=length;
+ BF_LONG ti[2];
+ unsigned char *iv,c,cc;
+
+ iv=(unsigned char *)ivec;
+ if (encrypt)
+ {
+ while (l--)
+ {
+ if (n == 0)
+ {
+ n2l(iv,v0); ti[0]=v0;
+ n2l(iv,v1); ti[1]=v1;
+ BF_encrypt((BF_LONG *)ti,schedule);
+ iv=(unsigned char *)ivec;
+ t=ti[0]; l2n(t,iv);
+ t=ti[1]; l2n(t,iv);
+ iv=(unsigned char *)ivec;
+ }
+ c= *(in++)^iv[n];
+ *(out++)=c;
+ iv[n]=c;
+ n=(n+1)&0x07;
+ }
+ }
+ else
+ {
+ while (l--)
+ {
+ if (n == 0)
+ {
+ n2l(iv,v0); ti[0]=v0;
+ n2l(iv,v1); ti[1]=v1;
+ BF_encrypt((BF_LONG *)ti,schedule);
+ iv=(unsigned char *)ivec;
+ t=ti[0]; l2n(t,iv);
+ t=ti[1]; l2n(t,iv);
+ iv=(unsigned char *)ivec;
+ }
+ cc= *(in++);
+ c=iv[n];
+ iv[n]=cc;
+ *(out++)=c^cc;
+ n=(n+1)&0x07;
+ }
+ }
+ v0=v1=ti[0]=ti[1]=t=c=cc=0;
+ *num=n;
+ }
+
diff --git a/src/lib/libssl/src/crypto/bf/bf_ecb.c b/src/lib/libssl/src/crypto/bf/bf_ecb.c
new file mode 100644
index 0000000000..6d16360bd9
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bf/bf_ecb.c
@@ -0,0 +1,98 @@
+/* crypto/bf/bf_ecb.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "blowfish.h"
+#include "bf_locl.h"
+
+/* Blowfish as implemented from 'Blowfish: Springer-Verlag paper'
+ * (From LECTURE NOTES IN COIMPUTER SCIENCE 809, FAST SOFTWARE ENCRYPTION,
+ * CAMBRIDGE SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993)
+ */
+
+char *BF_version="BlowFish part of SSLeay 0.9.0b 29-Jun-1998";
+
+char *BF_options()
+ {
+#ifdef BF_PTR
+ return("blowfish(ptr)");
+#elif defined(BF_PTR2)
+ return("blowfish(ptr2)");
+#else
+ return("blowfish(idx)");
+#endif
+ }
+
+void BF_ecb_encrypt(in, out, ks, encrypt)
+unsigned char *in;
+unsigned char *out;
+BF_KEY *ks;
+int encrypt;
+ {
+ BF_LONG l,d[2];
+
+ n2l(in,l); d[0]=l;
+ n2l(in,l); d[1]=l;
+ if (encrypt)
+ BF_encrypt(d,ks);
+ else
+ BF_decrypt(d,ks);
+ l=d[0]; l2n(l,out);
+ l=d[1]; l2n(l,out);
+ l=d[0]=d[1]=0;
+ }
+
diff --git a/src/lib/libssl/src/crypto/bf/bf_enc.c b/src/lib/libssl/src/crypto/bf/bf_enc.c
new file mode 100644
index 0000000000..66a8604c59
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bf/bf_enc.c
@@ -0,0 +1,241 @@
+/* crypto/bf/bf_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "blowfish.h"
+#include "bf_locl.h"
+
+/* Blowfish as implemented from 'Blowfish: Springer-Verlag paper'
+ * (From LECTURE NOTES IN COIMPUTER SCIENCE 809, FAST SOFTWARE ENCRYPTION,
+ * CAMBRIDGE SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993)
+ */
+
+#if (BF_ROUNDS != 16) && (BF_ROUNDS != 20)
+If you set BF_ROUNDS to some value other than 16 or 20, you will have
+to modify the code.
+#endif
+
+void BF_encrypt(data,key)
+BF_LONG *data;
+BF_KEY *key;
+ {
+ register BF_LONG l,r,*p,*s;
+
+ p=key->P;
+ s= &(key->S[0]);
+ l=data[0];
+ r=data[1];
+
+ l^=p[0];
+ BF_ENC(r,l,s,p[ 1]);
+ BF_ENC(l,r,s,p[ 2]);
+ BF_ENC(r,l,s,p[ 3]);
+ BF_ENC(l,r,s,p[ 4]);
+ BF_ENC(r,l,s,p[ 5]);
+ BF_ENC(l,r,s,p[ 6]);
+ BF_ENC(r,l,s,p[ 7]);
+ BF_ENC(l,r,s,p[ 8]);
+ BF_ENC(r,l,s,p[ 9]);
+ BF_ENC(l,r,s,p[10]);
+ BF_ENC(r,l,s,p[11]);
+ BF_ENC(l,r,s,p[12]);
+ BF_ENC(r,l,s,p[13]);
+ BF_ENC(l,r,s,p[14]);
+ BF_ENC(r,l,s,p[15]);
+ BF_ENC(l,r,s,p[16]);
+#if BF_ROUNDS == 20
+ BF_ENC(r,l,s,p[17]);
+ BF_ENC(l,r,s,p[18]);
+ BF_ENC(r,l,s,p[19]);
+ BF_ENC(l,r,s,p[20]);
+#endif
+ r^=p[BF_ROUNDS+1];
+
+ data[1]=l&0xffffffffL;
+ data[0]=r&0xffffffffL;
+ }
+
+#ifndef BF_DEFAULT_OPTIONS
+
+void BF_decrypt(data,key)
+BF_LONG *data;
+BF_KEY *key;
+ {
+ register BF_LONG l,r,*p,*s;
+
+ p=key->P;
+ s= &(key->S[0]);
+ l=data[0];
+ r=data[1];
+
+ l^=p[BF_ROUNDS+1];
+#if BF_ROUNDS == 20
+ BF_ENC(r,l,s,p[20]);
+ BF_ENC(l,r,s,p[19]);
+ BF_ENC(r,l,s,p[18]);
+ BF_ENC(l,r,s,p[17]);
+#endif
+ BF_ENC(r,l,s,p[16]);
+ BF_ENC(l,r,s,p[15]);
+ BF_ENC(r,l,s,p[14]);
+ BF_ENC(l,r,s,p[13]);
+ BF_ENC(r,l,s,p[12]);
+ BF_ENC(l,r,s,p[11]);
+ BF_ENC(r,l,s,p[10]);
+ BF_ENC(l,r,s,p[ 9]);
+ BF_ENC(r,l,s,p[ 8]);
+ BF_ENC(l,r,s,p[ 7]);
+ BF_ENC(r,l,s,p[ 6]);
+ BF_ENC(l,r,s,p[ 5]);
+ BF_ENC(r,l,s,p[ 4]);
+ BF_ENC(l,r,s,p[ 3]);
+ BF_ENC(r,l,s,p[ 2]);
+ BF_ENC(l,r,s,p[ 1]);
+ r^=p[0];
+
+ data[1]=l&0xffffffffL;
+ data[0]=r&0xffffffffL;
+ }
+
+void BF_cbc_encrypt(in, out, length, ks, iv, encrypt)
+unsigned char *in;
+unsigned char *out;
+long length;
+BF_KEY *ks;
+unsigned char *iv;
+int encrypt;
+ {
+ register BF_LONG tin0,tin1;
+ register BF_LONG tout0,tout1,xor0,xor1;
+ register long l=length;
+ BF_LONG tin[2];
+
+ if (encrypt)
+ {
+ n2l(iv,tout0);
+ n2l(iv,tout1);
+ iv-=8;
+ for (l-=8; l>=0; l-=8)
+ {
+ n2l(in,tin0);
+ n2l(in,tin1);
+ tin0^=tout0;
+ tin1^=tout1;
+ tin[0]=tin0;
+ tin[1]=tin1;
+ BF_encrypt(tin,ks);
+ tout0=tin[0];
+ tout1=tin[1];
+ l2n(tout0,out);
+ l2n(tout1,out);
+ }
+ if (l != -8)
+ {
+ n2ln(in,tin0,tin1,l+8);
+ tin0^=tout0;
+ tin1^=tout1;
+ tin[0]=tin0;
+ tin[1]=tin1;
+ BF_encrypt(tin,ks);
+ tout0=tin[0];
+ tout1=tin[1];
+ l2n(tout0,out);
+ l2n(tout1,out);
+ }
+ l2n(tout0,iv);
+ l2n(tout1,iv);
+ }
+ else
+ {
+ n2l(iv,xor0);
+ n2l(iv,xor1);
+ iv-=8;
+ for (l-=8; l>=0; l-=8)
+ {
+ n2l(in,tin0);
+ n2l(in,tin1);
+ tin[0]=tin0;
+ tin[1]=tin1;
+ BF_decrypt(tin,ks);
+ tout0=tin[0]^xor0;
+ tout1=tin[1]^xor1;
+ l2n(tout0,out);
+ l2n(tout1,out);
+ xor0=tin0;
+ xor1=tin1;
+ }
+ if (l != -8)
+ {
+ n2l(in,tin0);
+ n2l(in,tin1);
+ tin[0]=tin0;
+ tin[1]=tin1;
+ BF_decrypt(tin,ks);
+ tout0=tin[0]^xor0;
+ tout1=tin[1]^xor1;
+ l2nn(tout0,tout1,out,l+8);
+ xor0=tin0;
+ xor1=tin1;
+ }
+ l2n(xor0,iv);
+ l2n(xor1,iv);
+ }
+ tin0=tin1=tout0=tout1=xor0=xor1=0;
+ tin[0]=tin[1]=0;
+ }
+
+#endif
diff --git a/src/lib/libssl/src/crypto/bf/bf_ofb64.c b/src/lib/libssl/src/crypto/bf/bf_ofb64.c
new file mode 100644
index 0000000000..5d844ac760
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bf/bf_ofb64.c
@@ -0,0 +1,115 @@
+/* crypto/bf/bf_ofb64.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "blowfish.h"
+#include "bf_locl.h"
+
+/* The input and output encrypted as though 64bit ofb mode is being
+ * used. The extra state information to record how much of the
+ * 64bit block we have used is contained in *num;
+ */
+void BF_ofb64_encrypt(in, out, length, schedule, ivec, num)
+unsigned char *in;
+unsigned char *out;
+long length;
+BF_KEY *schedule;
+unsigned char *ivec;
+int *num;
+ {
+ register BF_LONG v0,v1,t;
+ register int n= *num;
+ register long l=length;
+ unsigned char d[8];
+ register char *dp;
+ BF_LONG ti[2];
+ unsigned char *iv;
+ int save=0;
+
+ iv=(unsigned char *)ivec;
+ n2l(iv,v0);
+ n2l(iv,v1);
+ ti[0]=v0;
+ ti[1]=v1;
+ dp=(char *)d;
+ l2n(v0,dp);
+ l2n(v1,dp);
+ while (l--)
+ {
+ if (n == 0)
+ {
+ BF_encrypt((BF_LONG *)ti,schedule);
+ dp=(char *)d;
+ t=ti[0]; l2n(t,dp);
+ t=ti[1]; l2n(t,dp);
+ save++;
+ }
+ *(out++)= *(in++)^d[n];
+ n=(n+1)&0x07;
+ }
+ if (save)
+ {
+ v0=ti[0];
+ v1=ti[1];
+ iv=(unsigned char *)ivec;
+ l2n(v0,iv);
+ l2n(v1,iv);
+ }
+ t=v0=v1=ti[0]=ti[1]=0;
+ *num=n;
+ }
+
diff --git a/src/lib/libssl/src/crypto/bf/bf_opts.c b/src/lib/libssl/src/crypto/bf/bf_opts.c
new file mode 100644
index 0000000000..5cfa60c537
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bf/bf_opts.c
@@ -0,0 +1,347 @@
+/* crypto/bf/bf_opts.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* define PART1, PART2, PART3 or PART4 to build only with a few of the options.
+ * This is for machines with 64k code segment size restrictions. */
+
+#ifndef MSDOS
+#define TIMES
+#endif
+
+#include <stdio.h>
+#ifndef MSDOS
+#include <unistd.h>
+#else
+#include <io.h>
+extern void exit();
+#endif
+#include <signal.h>
+#ifndef VMS
+#ifndef _IRIX
+#include <time.h>
+#endif
+#ifdef TIMES
+#include <sys/types.h>
+#include <sys/times.h>
+#endif
+#else /* VMS */
+#include <types.h>
+struct tms {
+ time_t tms_utime;
+ time_t tms_stime;
+ time_t tms_uchild; /* I dunno... */
+ time_t tms_uchildsys; /* so these names are a guess :-) */
+ }
+#endif
+#ifndef TIMES
+#include <sys/timeb.h>
+#endif
+
+#ifdef sun
+#include <limits.h>
+#include <sys/param.h>
+#endif
+
+#include "blowfish.h"
+
+#define BF_DEFAULT_OPTIONS
+
+#undef BF_ENC
+#define BF_encrypt BF_encrypt_normal
+#undef HEADER_BF_LOCL_H
+#include "bf_enc.c"
+
+#define BF_PTR
+#undef BF_PTR2
+#undef BF_ENC
+#undef BF_encrypt
+#define BF_encrypt BF_encrypt_ptr
+#undef HEADER_BF_LOCL_H
+#include "bf_enc.c"
+
+#undef BF_PTR
+#define BF_PTR2
+#undef BF_ENC
+#undef BF_encrypt
+#define BF_encrypt BF_encrypt_ptr2
+#undef HEADER_BF_LOCL_H
+#include "bf_enc.c"
+
+/* The following if from times(3) man page. It may need to be changed */
+#ifndef HZ
+# ifndef CLK_TCK
+# ifndef _BSD_CLK_TCK_ /* FreeBSD fix */
+# ifndef VMS
+# define HZ 100.0
+# else /* VMS */
+# define HZ 100.0
+# endif
+# else /* _BSD_CLK_TCK_ */
+# define HZ ((double)_BSD_CLK_TCK_)
+# endif
+# else /* CLK_TCK */
+# define HZ ((double)CLK_TCK)
+# endif
+#endif
+
+#define BUFSIZE ((long)1024)
+long run=0;
+
+#ifndef NOPROTO
+double Time_F(int s);
+#else
+double Time_F();
+#endif
+
+#ifdef SIGALRM
+#if defined(__STDC__) || defined(sgi)
+#define SIGRETTYPE void
+#else
+#define SIGRETTYPE int
+#endif
+
+#ifndef NOPROTO
+SIGRETTYPE sig_done(int sig);
+#else
+SIGRETTYPE sig_done();
+#endif
+
+SIGRETTYPE sig_done(sig)
+int sig;
+ {
+ signal(SIGALRM,sig_done);
+ run=0;
+#ifdef LINT
+ sig=sig;
+#endif
+ }
+#endif
+
+#define START 0
+#define STOP 1
+
+double Time_F(s)
+int s;
+ {
+ double ret;
+#ifdef TIMES
+ static struct tms tstart,tend;
+
+ if (s == START)
+ {
+ times(&tstart);
+ return(0);
+ }
+ else
+ {
+ times(&tend);
+ ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
+ return((ret == 0.0)?1e-6:ret);
+ }
+#else /* !times() */
+ static struct timeb tstart,tend;
+ long i;
+
+ if (s == START)
+ {
+ ftime(&tstart);
+ return(0);
+ }
+ else
+ {
+ ftime(&tend);
+ i=(long)tend.millitm-(long)tstart.millitm;
+ ret=((double)(tend.time-tstart.time))+((double)i)/1000.0;
+ return((ret == 0.0)?1e-6:ret);
+ }
+#endif
+ }
+
+#ifdef SIGALRM
+#define print_name(name) fprintf(stderr,"Doing %s's for 10 seconds\n",name); alarm(10);
+#else
+#define print_name(name) fprintf(stderr,"Doing %s %ld times\n",name,cb);
+#endif
+
+#define time_it(func,name,index) \
+ print_name(name); \
+ Time_F(START); \
+ for (count=0,run=1; COND(cb); count+=4) \
+ { \
+ unsigned long d[2]; \
+ func(d,&sch); \
+ func(d,&sch); \
+ func(d,&sch); \
+ func(d,&sch); \
+ } \
+ tm[index]=Time_F(STOP); \
+ fprintf(stderr,"%ld %s's in %.2f second\n",count,name,tm[index]); \
+ tm[index]=((double)COUNT(cb))/tm[index];
+
+#define print_it(name,index) \
+ fprintf(stderr,"%s bytes per sec = %12.2f (%5.1fuS)\n",name, \
+ tm[index]*8,1.0e6/tm[index]);
+
+int main(argc,argv)
+int argc;
+char **argv;
+ {
+ long count;
+ static unsigned char buf[BUFSIZE];
+ static char key[16]={ 0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,
+ 0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0};
+ BF_KEY sch;
+ double d,tm[16],max=0;
+ int rank[16];
+ char *str[16];
+ int max_idx=0,i,num=0,j;
+#ifndef SIGALARM
+ long ca,cb,cc,cd,ce;
+#endif
+
+ for (i=0; i<12; i++)
+ {
+ tm[i]=0.0;
+ rank[i]=0;
+ }
+
+#ifndef TIMES
+ fprintf(stderr,"To get the most acurate results, try to run this\n");
+ fprintf(stderr,"program when this computer is idle.\n");
+#endif
+
+ BF_set_key(&sch,16,key);
+
+#ifndef SIGALRM
+ fprintf(stderr,"First we calculate the approximate speed ...\n");
+ count=10;
+ do {
+ long i;
+ unsigned long data[2];
+
+ count*=2;
+ Time_F(START);
+ for (i=count; i; i--)
+ BF_encrypt(data,&sch);
+ d=Time_F(STOP);
+ } while (d < 3.0);
+ ca=count;
+ cb=count*3;
+ cc=count*3*8/BUFSIZE+1;
+ cd=count*8/BUFSIZE+1;
+
+ ce=count/20+1;
+#define COND(d) (count != (d))
+#define COUNT(d) (d)
+#else
+#define COND(c) (run)
+#define COUNT(d) (count)
+ signal(SIGALRM,sig_done);
+ alarm(10);
+#endif
+
+ time_it(BF_encrypt_normal, "BF_encrypt_normal ", 0);
+ time_it(BF_encrypt_ptr, "BF_encrypt_ptr ", 1);
+ time_it(BF_encrypt_ptr2, "BF_encrypt_ptr2 ", 2);
+ num+=3;
+
+ str[0]="<nothing>";
+ print_it("BF_encrypt_normal ",0);
+ max=tm[0];
+ max_idx=0;
+ str[1]="ptr ";
+ print_it("BF_encrypt_ptr ",1);
+ if (max < tm[1]) { max=tm[1]; max_idx=1; }
+ str[2]="ptr2 ";
+ print_it("BF_encrypt_ptr2 ",2);
+ if (max < tm[2]) { max=tm[2]; max_idx=2; }
+
+ printf("options BF ecb/s\n");
+ printf("%s %12.2f 100.0%%\n",str[max_idx],tm[max_idx]);
+ d=tm[max_idx];
+ tm[max_idx]= -2.0;
+ max= -1.0;
+ for (;;)
+ {
+ for (i=0; i<3; i++)
+ {
+ if (max < tm[i]) { max=tm[i]; j=i; }
+ }
+ if (max < 0.0) break;
+ printf("%s %12.2f %4.1f%%\n",str[j],tm[j],tm[j]/d*100.0);
+ tm[j]= -2.0;
+ max= -1.0;
+ }
+
+ switch (max_idx)
+ {
+ case 0:
+ printf("-DBF_DEFAULT_OPTIONS\n");
+ break;
+ case 1:
+ printf("-DBF_PTR\n");
+ break;
+ case 2:
+ printf("-DBF_PTR2\n");
+ break;
+ }
+ exit(0);
+#if defined(LINT) || defined(MSDOS)
+ return(0);
+#endif
+ }
diff --git a/src/lib/libssl/src/crypto/bf/bf_pi.h b/src/lib/libssl/src/crypto/bf/bf_pi.h
new file mode 100644
index 0000000000..417b935538
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bf/bf_pi.h
@@ -0,0 +1,325 @@
+/* crypto/bf/bf_pi.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+static BF_KEY bf_init= {
+ {
+ 0x243f6a88L, 0x85a308d3L, 0x13198a2eL, 0x03707344L,
+ 0xa4093822L, 0x299f31d0L, 0x082efa98L, 0xec4e6c89L,
+ 0x452821e6L, 0x38d01377L, 0xbe5466cfL, 0x34e90c6cL,
+ 0xc0ac29b7L, 0xc97c50ddL, 0x3f84d5b5L, 0xb5470917L,
+ 0x9216d5d9L, 0x8979fb1b
+ },{
+ 0xd1310ba6L, 0x98dfb5acL, 0x2ffd72dbL, 0xd01adfb7L,
+ 0xb8e1afedL, 0x6a267e96L, 0xba7c9045L, 0xf12c7f99L,
+ 0x24a19947L, 0xb3916cf7L, 0x0801f2e2L, 0x858efc16L,
+ 0x636920d8L, 0x71574e69L, 0xa458fea3L, 0xf4933d7eL,
+ 0x0d95748fL, 0x728eb658L, 0x718bcd58L, 0x82154aeeL,
+ 0x7b54a41dL, 0xc25a59b5L, 0x9c30d539L, 0x2af26013L,
+ 0xc5d1b023L, 0x286085f0L, 0xca417918L, 0xb8db38efL,
+ 0x8e79dcb0L, 0x603a180eL, 0x6c9e0e8bL, 0xb01e8a3eL,
+ 0xd71577c1L, 0xbd314b27L, 0x78af2fdaL, 0x55605c60L,
+ 0xe65525f3L, 0xaa55ab94L, 0x57489862L, 0x63e81440L,
+ 0x55ca396aL, 0x2aab10b6L, 0xb4cc5c34L, 0x1141e8ceL,
+ 0xa15486afL, 0x7c72e993L, 0xb3ee1411L, 0x636fbc2aL,
+ 0x2ba9c55dL, 0x741831f6L, 0xce5c3e16L, 0x9b87931eL,
+ 0xafd6ba33L, 0x6c24cf5cL, 0x7a325381L, 0x28958677L,
+ 0x3b8f4898L, 0x6b4bb9afL, 0xc4bfe81bL, 0x66282193L,
+ 0x61d809ccL, 0xfb21a991L, 0x487cac60L, 0x5dec8032L,
+ 0xef845d5dL, 0xe98575b1L, 0xdc262302L, 0xeb651b88L,
+ 0x23893e81L, 0xd396acc5L, 0x0f6d6ff3L, 0x83f44239L,
+ 0x2e0b4482L, 0xa4842004L, 0x69c8f04aL, 0x9e1f9b5eL,
+ 0x21c66842L, 0xf6e96c9aL, 0x670c9c61L, 0xabd388f0L,
+ 0x6a51a0d2L, 0xd8542f68L, 0x960fa728L, 0xab5133a3L,
+ 0x6eef0b6cL, 0x137a3be4L, 0xba3bf050L, 0x7efb2a98L,
+ 0xa1f1651dL, 0x39af0176L, 0x66ca593eL, 0x82430e88L,
+ 0x8cee8619L, 0x456f9fb4L, 0x7d84a5c3L, 0x3b8b5ebeL,
+ 0xe06f75d8L, 0x85c12073L, 0x401a449fL, 0x56c16aa6L,
+ 0x4ed3aa62L, 0x363f7706L, 0x1bfedf72L, 0x429b023dL,
+ 0x37d0d724L, 0xd00a1248L, 0xdb0fead3L, 0x49f1c09bL,
+ 0x075372c9L, 0x80991b7bL, 0x25d479d8L, 0xf6e8def7L,
+ 0xe3fe501aL, 0xb6794c3bL, 0x976ce0bdL, 0x04c006baL,
+ 0xc1a94fb6L, 0x409f60c4L, 0x5e5c9ec2L, 0x196a2463L,
+ 0x68fb6fafL, 0x3e6c53b5L, 0x1339b2ebL, 0x3b52ec6fL,
+ 0x6dfc511fL, 0x9b30952cL, 0xcc814544L, 0xaf5ebd09L,
+ 0xbee3d004L, 0xde334afdL, 0x660f2807L, 0x192e4bb3L,
+ 0xc0cba857L, 0x45c8740fL, 0xd20b5f39L, 0xb9d3fbdbL,
+ 0x5579c0bdL, 0x1a60320aL, 0xd6a100c6L, 0x402c7279L,
+ 0x679f25feL, 0xfb1fa3ccL, 0x8ea5e9f8L, 0xdb3222f8L,
+ 0x3c7516dfL, 0xfd616b15L, 0x2f501ec8L, 0xad0552abL,
+ 0x323db5faL, 0xfd238760L, 0x53317b48L, 0x3e00df82L,
+ 0x9e5c57bbL, 0xca6f8ca0L, 0x1a87562eL, 0xdf1769dbL,
+ 0xd542a8f6L, 0x287effc3L, 0xac6732c6L, 0x8c4f5573L,
+ 0x695b27b0L, 0xbbca58c8L, 0xe1ffa35dL, 0xb8f011a0L,
+ 0x10fa3d98L, 0xfd2183b8L, 0x4afcb56cL, 0x2dd1d35bL,
+ 0x9a53e479L, 0xb6f84565L, 0xd28e49bcL, 0x4bfb9790L,
+ 0xe1ddf2daL, 0xa4cb7e33L, 0x62fb1341L, 0xcee4c6e8L,
+ 0xef20cadaL, 0x36774c01L, 0xd07e9efeL, 0x2bf11fb4L,
+ 0x95dbda4dL, 0xae909198L, 0xeaad8e71L, 0x6b93d5a0L,
+ 0xd08ed1d0L, 0xafc725e0L, 0x8e3c5b2fL, 0x8e7594b7L,
+ 0x8ff6e2fbL, 0xf2122b64L, 0x8888b812L, 0x900df01cL,
+ 0x4fad5ea0L, 0x688fc31cL, 0xd1cff191L, 0xb3a8c1adL,
+ 0x2f2f2218L, 0xbe0e1777L, 0xea752dfeL, 0x8b021fa1L,
+ 0xe5a0cc0fL, 0xb56f74e8L, 0x18acf3d6L, 0xce89e299L,
+ 0xb4a84fe0L, 0xfd13e0b7L, 0x7cc43b81L, 0xd2ada8d9L,
+ 0x165fa266L, 0x80957705L, 0x93cc7314L, 0x211a1477L,
+ 0xe6ad2065L, 0x77b5fa86L, 0xc75442f5L, 0xfb9d35cfL,
+ 0xebcdaf0cL, 0x7b3e89a0L, 0xd6411bd3L, 0xae1e7e49L,
+ 0x00250e2dL, 0x2071b35eL, 0x226800bbL, 0x57b8e0afL,
+ 0x2464369bL, 0xf009b91eL, 0x5563911dL, 0x59dfa6aaL,
+ 0x78c14389L, 0xd95a537fL, 0x207d5ba2L, 0x02e5b9c5L,
+ 0x83260376L, 0x6295cfa9L, 0x11c81968L, 0x4e734a41L,
+ 0xb3472dcaL, 0x7b14a94aL, 0x1b510052L, 0x9a532915L,
+ 0xd60f573fL, 0xbc9bc6e4L, 0x2b60a476L, 0x81e67400L,
+ 0x08ba6fb5L, 0x571be91fL, 0xf296ec6bL, 0x2a0dd915L,
+ 0xb6636521L, 0xe7b9f9b6L, 0xff34052eL, 0xc5855664L,
+ 0x53b02d5dL, 0xa99f8fa1L, 0x08ba4799L, 0x6e85076aL,
+ 0x4b7a70e9L, 0xb5b32944L, 0xdb75092eL, 0xc4192623L,
+ 0xad6ea6b0L, 0x49a7df7dL, 0x9cee60b8L, 0x8fedb266L,
+ 0xecaa8c71L, 0x699a17ffL, 0x5664526cL, 0xc2b19ee1L,
+ 0x193602a5L, 0x75094c29L, 0xa0591340L, 0xe4183a3eL,
+ 0x3f54989aL, 0x5b429d65L, 0x6b8fe4d6L, 0x99f73fd6L,
+ 0xa1d29c07L, 0xefe830f5L, 0x4d2d38e6L, 0xf0255dc1L,
+ 0x4cdd2086L, 0x8470eb26L, 0x6382e9c6L, 0x021ecc5eL,
+ 0x09686b3fL, 0x3ebaefc9L, 0x3c971814L, 0x6b6a70a1L,
+ 0x687f3584L, 0x52a0e286L, 0xb79c5305L, 0xaa500737L,
+ 0x3e07841cL, 0x7fdeae5cL, 0x8e7d44ecL, 0x5716f2b8L,
+ 0xb03ada37L, 0xf0500c0dL, 0xf01c1f04L, 0x0200b3ffL,
+ 0xae0cf51aL, 0x3cb574b2L, 0x25837a58L, 0xdc0921bdL,
+ 0xd19113f9L, 0x7ca92ff6L, 0x94324773L, 0x22f54701L,
+ 0x3ae5e581L, 0x37c2dadcL, 0xc8b57634L, 0x9af3dda7L,
+ 0xa9446146L, 0x0fd0030eL, 0xecc8c73eL, 0xa4751e41L,
+ 0xe238cd99L, 0x3bea0e2fL, 0x3280bba1L, 0x183eb331L,
+ 0x4e548b38L, 0x4f6db908L, 0x6f420d03L, 0xf60a04bfL,
+ 0x2cb81290L, 0x24977c79L, 0x5679b072L, 0xbcaf89afL,
+ 0xde9a771fL, 0xd9930810L, 0xb38bae12L, 0xdccf3f2eL,
+ 0x5512721fL, 0x2e6b7124L, 0x501adde6L, 0x9f84cd87L,
+ 0x7a584718L, 0x7408da17L, 0xbc9f9abcL, 0xe94b7d8cL,
+ 0xec7aec3aL, 0xdb851dfaL, 0x63094366L, 0xc464c3d2L,
+ 0xef1c1847L, 0x3215d908L, 0xdd433b37L, 0x24c2ba16L,
+ 0x12a14d43L, 0x2a65c451L, 0x50940002L, 0x133ae4ddL,
+ 0x71dff89eL, 0x10314e55L, 0x81ac77d6L, 0x5f11199bL,
+ 0x043556f1L, 0xd7a3c76bL, 0x3c11183bL, 0x5924a509L,
+ 0xf28fe6edL, 0x97f1fbfaL, 0x9ebabf2cL, 0x1e153c6eL,
+ 0x86e34570L, 0xeae96fb1L, 0x860e5e0aL, 0x5a3e2ab3L,
+ 0x771fe71cL, 0x4e3d06faL, 0x2965dcb9L, 0x99e71d0fL,
+ 0x803e89d6L, 0x5266c825L, 0x2e4cc978L, 0x9c10b36aL,
+ 0xc6150ebaL, 0x94e2ea78L, 0xa5fc3c53L, 0x1e0a2df4L,
+ 0xf2f74ea7L, 0x361d2b3dL, 0x1939260fL, 0x19c27960L,
+ 0x5223a708L, 0xf71312b6L, 0xebadfe6eL, 0xeac31f66L,
+ 0xe3bc4595L, 0xa67bc883L, 0xb17f37d1L, 0x018cff28L,
+ 0xc332ddefL, 0xbe6c5aa5L, 0x65582185L, 0x68ab9802L,
+ 0xeecea50fL, 0xdb2f953bL, 0x2aef7dadL, 0x5b6e2f84L,
+ 0x1521b628L, 0x29076170L, 0xecdd4775L, 0x619f1510L,
+ 0x13cca830L, 0xeb61bd96L, 0x0334fe1eL, 0xaa0363cfL,
+ 0xb5735c90L, 0x4c70a239L, 0xd59e9e0bL, 0xcbaade14L,
+ 0xeecc86bcL, 0x60622ca7L, 0x9cab5cabL, 0xb2f3846eL,
+ 0x648b1eafL, 0x19bdf0caL, 0xa02369b9L, 0x655abb50L,
+ 0x40685a32L, 0x3c2ab4b3L, 0x319ee9d5L, 0xc021b8f7L,
+ 0x9b540b19L, 0x875fa099L, 0x95f7997eL, 0x623d7da8L,
+ 0xf837889aL, 0x97e32d77L, 0x11ed935fL, 0x16681281L,
+ 0x0e358829L, 0xc7e61fd6L, 0x96dedfa1L, 0x7858ba99L,
+ 0x57f584a5L, 0x1b227263L, 0x9b83c3ffL, 0x1ac24696L,
+ 0xcdb30aebL, 0x532e3054L, 0x8fd948e4L, 0x6dbc3128L,
+ 0x58ebf2efL, 0x34c6ffeaL, 0xfe28ed61L, 0xee7c3c73L,
+ 0x5d4a14d9L, 0xe864b7e3L, 0x42105d14L, 0x203e13e0L,
+ 0x45eee2b6L, 0xa3aaabeaL, 0xdb6c4f15L, 0xfacb4fd0L,
+ 0xc742f442L, 0xef6abbb5L, 0x654f3b1dL, 0x41cd2105L,
+ 0xd81e799eL, 0x86854dc7L, 0xe44b476aL, 0x3d816250L,
+ 0xcf62a1f2L, 0x5b8d2646L, 0xfc8883a0L, 0xc1c7b6a3L,
+ 0x7f1524c3L, 0x69cb7492L, 0x47848a0bL, 0x5692b285L,
+ 0x095bbf00L, 0xad19489dL, 0x1462b174L, 0x23820e00L,
+ 0x58428d2aL, 0x0c55f5eaL, 0x1dadf43eL, 0x233f7061L,
+ 0x3372f092L, 0x8d937e41L, 0xd65fecf1L, 0x6c223bdbL,
+ 0x7cde3759L, 0xcbee7460L, 0x4085f2a7L, 0xce77326eL,
+ 0xa6078084L, 0x19f8509eL, 0xe8efd855L, 0x61d99735L,
+ 0xa969a7aaL, 0xc50c06c2L, 0x5a04abfcL, 0x800bcadcL,
+ 0x9e447a2eL, 0xc3453484L, 0xfdd56705L, 0x0e1e9ec9L,
+ 0xdb73dbd3L, 0x105588cdL, 0x675fda79L, 0xe3674340L,
+ 0xc5c43465L, 0x713e38d8L, 0x3d28f89eL, 0xf16dff20L,
+ 0x153e21e7L, 0x8fb03d4aL, 0xe6e39f2bL, 0xdb83adf7L,
+ 0xe93d5a68L, 0x948140f7L, 0xf64c261cL, 0x94692934L,
+ 0x411520f7L, 0x7602d4f7L, 0xbcf46b2eL, 0xd4a20068L,
+ 0xd4082471L, 0x3320f46aL, 0x43b7d4b7L, 0x500061afL,
+ 0x1e39f62eL, 0x97244546L, 0x14214f74L, 0xbf8b8840L,
+ 0x4d95fc1dL, 0x96b591afL, 0x70f4ddd3L, 0x66a02f45L,
+ 0xbfbc09ecL, 0x03bd9785L, 0x7fac6dd0L, 0x31cb8504L,
+ 0x96eb27b3L, 0x55fd3941L, 0xda2547e6L, 0xabca0a9aL,
+ 0x28507825L, 0x530429f4L, 0x0a2c86daL, 0xe9b66dfbL,
+ 0x68dc1462L, 0xd7486900L, 0x680ec0a4L, 0x27a18deeL,
+ 0x4f3ffea2L, 0xe887ad8cL, 0xb58ce006L, 0x7af4d6b6L,
+ 0xaace1e7cL, 0xd3375fecL, 0xce78a399L, 0x406b2a42L,
+ 0x20fe9e35L, 0xd9f385b9L, 0xee39d7abL, 0x3b124e8bL,
+ 0x1dc9faf7L, 0x4b6d1856L, 0x26a36631L, 0xeae397b2L,
+ 0x3a6efa74L, 0xdd5b4332L, 0x6841e7f7L, 0xca7820fbL,
+ 0xfb0af54eL, 0xd8feb397L, 0x454056acL, 0xba489527L,
+ 0x55533a3aL, 0x20838d87L, 0xfe6ba9b7L, 0xd096954bL,
+ 0x55a867bcL, 0xa1159a58L, 0xcca92963L, 0x99e1db33L,
+ 0xa62a4a56L, 0x3f3125f9L, 0x5ef47e1cL, 0x9029317cL,
+ 0xfdf8e802L, 0x04272f70L, 0x80bb155cL, 0x05282ce3L,
+ 0x95c11548L, 0xe4c66d22L, 0x48c1133fL, 0xc70f86dcL,
+ 0x07f9c9eeL, 0x41041f0fL, 0x404779a4L, 0x5d886e17L,
+ 0x325f51ebL, 0xd59bc0d1L, 0xf2bcc18fL, 0x41113564L,
+ 0x257b7834L, 0x602a9c60L, 0xdff8e8a3L, 0x1f636c1bL,
+ 0x0e12b4c2L, 0x02e1329eL, 0xaf664fd1L, 0xcad18115L,
+ 0x6b2395e0L, 0x333e92e1L, 0x3b240b62L, 0xeebeb922L,
+ 0x85b2a20eL, 0xe6ba0d99L, 0xde720c8cL, 0x2da2f728L,
+ 0xd0127845L, 0x95b794fdL, 0x647d0862L, 0xe7ccf5f0L,
+ 0x5449a36fL, 0x877d48faL, 0xc39dfd27L, 0xf33e8d1eL,
+ 0x0a476341L, 0x992eff74L, 0x3a6f6eabL, 0xf4f8fd37L,
+ 0xa812dc60L, 0xa1ebddf8L, 0x991be14cL, 0xdb6e6b0dL,
+ 0xc67b5510L, 0x6d672c37L, 0x2765d43bL, 0xdcd0e804L,
+ 0xf1290dc7L, 0xcc00ffa3L, 0xb5390f92L, 0x690fed0bL,
+ 0x667b9ffbL, 0xcedb7d9cL, 0xa091cf0bL, 0xd9155ea3L,
+ 0xbb132f88L, 0x515bad24L, 0x7b9479bfL, 0x763bd6ebL,
+ 0x37392eb3L, 0xcc115979L, 0x8026e297L, 0xf42e312dL,
+ 0x6842ada7L, 0xc66a2b3bL, 0x12754cccL, 0x782ef11cL,
+ 0x6a124237L, 0xb79251e7L, 0x06a1bbe6L, 0x4bfb6350L,
+ 0x1a6b1018L, 0x11caedfaL, 0x3d25bdd8L, 0xe2e1c3c9L,
+ 0x44421659L, 0x0a121386L, 0xd90cec6eL, 0xd5abea2aL,
+ 0x64af674eL, 0xda86a85fL, 0xbebfe988L, 0x64e4c3feL,
+ 0x9dbc8057L, 0xf0f7c086L, 0x60787bf8L, 0x6003604dL,
+ 0xd1fd8346L, 0xf6381fb0L, 0x7745ae04L, 0xd736fcccL,
+ 0x83426b33L, 0xf01eab71L, 0xb0804187L, 0x3c005e5fL,
+ 0x77a057beL, 0xbde8ae24L, 0x55464299L, 0xbf582e61L,
+ 0x4e58f48fL, 0xf2ddfda2L, 0xf474ef38L, 0x8789bdc2L,
+ 0x5366f9c3L, 0xc8b38e74L, 0xb475f255L, 0x46fcd9b9L,
+ 0x7aeb2661L, 0x8b1ddf84L, 0x846a0e79L, 0x915f95e2L,
+ 0x466e598eL, 0x20b45770L, 0x8cd55591L, 0xc902de4cL,
+ 0xb90bace1L, 0xbb8205d0L, 0x11a86248L, 0x7574a99eL,
+ 0xb77f19b6L, 0xe0a9dc09L, 0x662d09a1L, 0xc4324633L,
+ 0xe85a1f02L, 0x09f0be8cL, 0x4a99a025L, 0x1d6efe10L,
+ 0x1ab93d1dL, 0x0ba5a4dfL, 0xa186f20fL, 0x2868f169L,
+ 0xdcb7da83L, 0x573906feL, 0xa1e2ce9bL, 0x4fcd7f52L,
+ 0x50115e01L, 0xa70683faL, 0xa002b5c4L, 0x0de6d027L,
+ 0x9af88c27L, 0x773f8641L, 0xc3604c06L, 0x61a806b5L,
+ 0xf0177a28L, 0xc0f586e0L, 0x006058aaL, 0x30dc7d62L,
+ 0x11e69ed7L, 0x2338ea63L, 0x53c2dd94L, 0xc2c21634L,
+ 0xbbcbee56L, 0x90bcb6deL, 0xebfc7da1L, 0xce591d76L,
+ 0x6f05e409L, 0x4b7c0188L, 0x39720a3dL, 0x7c927c24L,
+ 0x86e3725fL, 0x724d9db9L, 0x1ac15bb4L, 0xd39eb8fcL,
+ 0xed545578L, 0x08fca5b5L, 0xd83d7cd3L, 0x4dad0fc4L,
+ 0x1e50ef5eL, 0xb161e6f8L, 0xa28514d9L, 0x6c51133cL,
+ 0x6fd5c7e7L, 0x56e14ec4L, 0x362abfceL, 0xddc6c837L,
+ 0xd79a3234L, 0x92638212L, 0x670efa8eL, 0x406000e0L,
+ 0x3a39ce37L, 0xd3faf5cfL, 0xabc27737L, 0x5ac52d1bL,
+ 0x5cb0679eL, 0x4fa33742L, 0xd3822740L, 0x99bc9bbeL,
+ 0xd5118e9dL, 0xbf0f7315L, 0xd62d1c7eL, 0xc700c47bL,
+ 0xb78c1b6bL, 0x21a19045L, 0xb26eb1beL, 0x6a366eb4L,
+ 0x5748ab2fL, 0xbc946e79L, 0xc6a376d2L, 0x6549c2c8L,
+ 0x530ff8eeL, 0x468dde7dL, 0xd5730a1dL, 0x4cd04dc6L,
+ 0x2939bbdbL, 0xa9ba4650L, 0xac9526e8L, 0xbe5ee304L,
+ 0xa1fad5f0L, 0x6a2d519aL, 0x63ef8ce2L, 0x9a86ee22L,
+ 0xc089c2b8L, 0x43242ef6L, 0xa51e03aaL, 0x9cf2d0a4L,
+ 0x83c061baL, 0x9be96a4dL, 0x8fe51550L, 0xba645bd6L,
+ 0x2826a2f9L, 0xa73a3ae1L, 0x4ba99586L, 0xef5562e9L,
+ 0xc72fefd3L, 0xf752f7daL, 0x3f046f69L, 0x77fa0a59L,
+ 0x80e4a915L, 0x87b08601L, 0x9b09e6adL, 0x3b3ee593L,
+ 0xe990fd5aL, 0x9e34d797L, 0x2cf0b7d9L, 0x022b8b51L,
+ 0x96d5ac3aL, 0x017da67dL, 0xd1cf3ed6L, 0x7c7d2d28L,
+ 0x1f9f25cfL, 0xadf2b89bL, 0x5ad6b472L, 0x5a88f54cL,
+ 0xe029ac71L, 0xe019a5e6L, 0x47b0acfdL, 0xed93fa9bL,
+ 0xe8d3c48dL, 0x283b57ccL, 0xf8d56629L, 0x79132e28L,
+ 0x785f0191L, 0xed756055L, 0xf7960e44L, 0xe3d35e8cL,
+ 0x15056dd4L, 0x88f46dbaL, 0x03a16125L, 0x0564f0bdL,
+ 0xc3eb9e15L, 0x3c9057a2L, 0x97271aecL, 0xa93a072aL,
+ 0x1b3f6d9bL, 0x1e6321f5L, 0xf59c66fbL, 0x26dcf319L,
+ 0x7533d928L, 0xb155fdf5L, 0x03563482L, 0x8aba3cbbL,
+ 0x28517711L, 0xc20ad9f8L, 0xabcc5167L, 0xccad925fL,
+ 0x4de81751L, 0x3830dc8eL, 0x379d5862L, 0x9320f991L,
+ 0xea7a90c2L, 0xfb3e7bceL, 0x5121ce64L, 0x774fbe32L,
+ 0xa8b6e37eL, 0xc3293d46L, 0x48de5369L, 0x6413e680L,
+ 0xa2ae0810L, 0xdd6db224L, 0x69852dfdL, 0x09072166L,
+ 0xb39a460aL, 0x6445c0ddL, 0x586cdecfL, 0x1c20c8aeL,
+ 0x5bbef7ddL, 0x1b588d40L, 0xccd2017fL, 0x6bb4e3bbL,
+ 0xdda26a7eL, 0x3a59ff45L, 0x3e350a44L, 0xbcb4cdd5L,
+ 0x72eacea8L, 0xfa6484bbL, 0x8d6612aeL, 0xbf3c6f47L,
+ 0xd29be463L, 0x542f5d9eL, 0xaec2771bL, 0xf64e6370L,
+ 0x740e0d8dL, 0xe75b1357L, 0xf8721671L, 0xaf537d5dL,
+ 0x4040cb08L, 0x4eb4e2ccL, 0x34d2466aL, 0x0115af84L,
+ 0xe1b00428L, 0x95983a1dL, 0x06b89fb4L, 0xce6ea048L,
+ 0x6f3f3b82L, 0x3520ab82L, 0x011a1d4bL, 0x277227f8L,
+ 0x611560b1L, 0xe7933fdcL, 0xbb3a792bL, 0x344525bdL,
+ 0xa08839e1L, 0x51ce794bL, 0x2f32c9b7L, 0xa01fbac9L,
+ 0xe01cc87eL, 0xbcc7d1f6L, 0xcf0111c3L, 0xa1e8aac7L,
+ 0x1a908749L, 0xd44fbd9aL, 0xd0dadecbL, 0xd50ada38L,
+ 0x0339c32aL, 0xc6913667L, 0x8df9317cL, 0xe0b12b4fL,
+ 0xf79e59b7L, 0x43f5bb3aL, 0xf2d519ffL, 0x27d9459cL,
+ 0xbf97222cL, 0x15e6fc2aL, 0x0f91fc71L, 0x9b941525L,
+ 0xfae59361L, 0xceb69cebL, 0xc2a86459L, 0x12baa8d1L,
+ 0xb6c1075eL, 0xe3056a0cL, 0x10d25065L, 0xcb03a442L,
+ 0xe0ec6e0eL, 0x1698db3bL, 0x4c98a0beL, 0x3278e964L,
+ 0x9f1f9532L, 0xe0d392dfL, 0xd3a0342bL, 0x8971f21eL,
+ 0x1b0a7441L, 0x4ba3348cL, 0xc5be7120L, 0xc37632d8L,
+ 0xdf359f8dL, 0x9b992f2eL, 0xe60b6f47L, 0x0fe3f11dL,
+ 0xe54cda54L, 0x1edad891L, 0xce6279cfL, 0xcd3e7e6fL,
+ 0x1618b166L, 0xfd2c1d05L, 0x848fd2c5L, 0xf6fb2299L,
+ 0xf523f357L, 0xa6327623L, 0x93a83531L, 0x56cccd02L,
+ 0xacf08162L, 0x5a75ebb5L, 0x6e163697L, 0x88d273ccL,
+ 0xde966292L, 0x81b949d0L, 0x4c50901bL, 0x71c65614L,
+ 0xe6c6c7bdL, 0x327a140aL, 0x45e1d006L, 0xc3f27b9aL,
+ 0xc9aa53fdL, 0x62a80f00L, 0xbb25bfe2L, 0x35bdd2f6L,
+ 0x71126905L, 0xb2040222L, 0xb6cbcf7cL, 0xcd769c2bL,
+ 0x53113ec0L, 0x1640e3d3L, 0x38abbd60L, 0x2547adf0L,
+ 0xba38209cL, 0xf746ce76L, 0x77afa1c5L, 0x20756060L,
+ 0x85cbfe4eL, 0x8ae88dd8L, 0x7aaaf9b0L, 0x4cf9aa7eL,
+ 0x1948c25cL, 0x02fb8a8cL, 0x01c36ae4L, 0xd6ebe1f9L,
+ 0x90d4f869L, 0xa65cdea0L, 0x3f09252dL, 0xc208e69fL,
+ 0xb74e6132L, 0xce77e25bL, 0x578fdfe3L, 0x3ac372e6L,
+ }
+ };
+
diff --git a/src/lib/libssl/src/crypto/bf/bf_skey.c b/src/lib/libssl/src/crypto/bf/bf_skey.c
new file mode 100644
index 0000000000..86574c0acc
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bf/bf_skey.c
@@ -0,0 +1,119 @@
+/* crypto/bf/bf_skey.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include "blowfish.h"
+#include "bf_locl.h"
+#include "bf_pi.h"
+
+void BF_set_key(key,len,data)
+BF_KEY *key;
+int len;
+unsigned char *data;
+ {
+ int i;
+ BF_LONG *p,ri,in[2];
+ unsigned char *d,*end;
+
+
+ memcpy((char *)key,(char *)&bf_init,sizeof(BF_KEY));
+ p=key->P;
+
+ if (len > ((BF_ROUNDS+2)*4)) len=(BF_ROUNDS+2)*4;
+
+ d=data;
+ end= &(data[len]);
+ for (i=0; i<(BF_ROUNDS+2); i++)
+ {
+ ri= *(d++);
+ if (d >= end) d=data;
+
+ ri<<=8;
+ ri|= *(d++);
+ if (d >= end) d=data;
+
+ ri<<=8;
+ ri|= *(d++);
+ if (d >= end) d=data;
+
+ ri<<=8;
+ ri|= *(d++);
+ if (d >= end) d=data;
+
+ p[i]^=ri;
+ }
+
+ in[0]=0L;
+ in[1]=0L;
+ for (i=0; i<(BF_ROUNDS+2); i+=2)
+ {
+ BF_encrypt(in,key);
+ p[i ]=in[0];
+ p[i+1]=in[1];
+ }
+
+ p=key->S;
+ for (i=0; i<4*256; i+=2)
+ {
+ BF_encrypt(in,key);
+ p[i ]=in[0];
+ p[i+1]=in[1];
+ }
+ }
+
diff --git a/src/lib/libssl/src/crypto/bf/bfs.cpp b/src/lib/libssl/src/crypto/bf/bfs.cpp
new file mode 100644
index 0000000000..272ed2f978
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bf/bfs.cpp
@@ -0,0 +1,67 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+ asm volatile(".byte 15, 49\n\t"
+ : "=eax" (tsc)
+ :
+ : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+ unsigned long a;
+ __asm _emit 0fh
+ __asm _emit 31h
+ __asm mov a, eax;
+ tsc=a;
+}
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "blowfish.h"
+
+void main(int argc,char *argv[])
+ {
+ BF_KEY key;
+ unsigned long s1,s2,e1,e2;
+ unsigned long data[2];
+ int i,j;
+
+ for (j=0; j<6; j++)
+ {
+ for (i=0; i<1000; i++) /**/
+ {
+ BF_encrypt(&data[0],&key);
+ GetTSC(s1);
+ BF_encrypt(&data[0],&key);
+ BF_encrypt(&data[0],&key);
+ BF_encrypt(&data[0],&key);
+ GetTSC(e1);
+ GetTSC(s2);
+ BF_encrypt(&data[0],&key);
+ BF_encrypt(&data[0],&key);
+ BF_encrypt(&data[0],&key);
+ BF_encrypt(&data[0],&key);
+ GetTSC(e2);
+ BF_encrypt(&data[0],&key);
+ }
+
+ printf("blowfish %d %d (%d)\n",
+ e1-s1,e2-s2,((e2-s2)-(e1-s1)));
+ }
+ }
+
diff --git a/src/lib/libssl/src/crypto/bf/bfspeed.c b/src/lib/libssl/src/crypto/bf/bfspeed.c
new file mode 100644
index 0000000000..640d820dd3
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bf/bfspeed.c
@@ -0,0 +1,293 @@
+/* crypto/bf/bfspeed.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* 11-Sep-92 Andrew Daviel Support for Silicon Graphics IRIX added */
+/* 06-Apr-92 Luke Brennan Support for VMS and add extra signal calls */
+
+#ifndef MSDOS
+#define TIMES
+#endif
+
+#include <stdio.h>
+#ifndef MSDOS
+#include <unistd.h>
+#else
+#include <io.h>
+extern int exit();
+#endif
+#include <signal.h>
+#ifndef VMS
+#ifndef _IRIX
+#include <time.h>
+#endif
+#ifdef TIMES
+#include <sys/types.h>
+#include <sys/times.h>
+#endif
+#else /* VMS */
+#include <types.h>
+struct tms {
+ time_t tms_utime;
+ time_t tms_stime;
+ time_t tms_uchild; /* I dunno... */
+ time_t tms_uchildsys; /* so these names are a guess :-) */
+ }
+#endif
+#ifndef TIMES
+#include <sys/timeb.h>
+#endif
+
+#ifdef sun
+#include <limits.h>
+#include <sys/param.h>
+#endif
+
+#include "blowfish.h"
+
+/* The following if from times(3) man page. It may need to be changed */
+#ifndef HZ
+#ifndef CLK_TCK
+#ifndef VMS
+#define HZ 100.0
+#else /* VMS */
+#define HZ 100.0
+#endif
+#else /* CLK_TCK */
+#define HZ ((double)CLK_TCK)
+#endif
+#endif
+
+#define BUFSIZE ((long)1024)
+long run=0;
+
+#ifndef NOPROTO
+double Time_F(int s);
+#else
+double Time_F();
+#endif
+
+#ifdef SIGALRM
+#if defined(__STDC__) || defined(sgi) || defined(_AIX)
+#define SIGRETTYPE void
+#else
+#define SIGRETTYPE int
+#endif
+
+#ifndef NOPROTO
+SIGRETTYPE sig_done(int sig);
+#else
+SIGRETTYPE sig_done();
+#endif
+
+SIGRETTYPE sig_done(sig)
+int sig;
+ {
+ signal(SIGALRM,sig_done);
+ run=0;
+#ifdef LINT
+ sig=sig;
+#endif
+ }
+#endif
+
+#define START 0
+#define STOP 1
+
+double Time_F(s)
+int s;
+ {
+ double ret;
+#ifdef TIMES
+ static struct tms tstart,tend;
+
+ if (s == START)
+ {
+ times(&tstart);
+ return(0);
+ }
+ else
+ {
+ times(&tend);
+ ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
+ return((ret == 0.0)?1e-6:ret);
+ }
+#else /* !times() */
+ static struct timeb tstart,tend;
+ long i;
+
+ if (s == START)
+ {
+ ftime(&tstart);
+ return(0);
+ }
+ else
+ {
+ ftime(&tend);
+ i=(long)tend.millitm-(long)tstart.millitm;
+ ret=((double)(tend.time-tstart.time))+((double)i)/1e3;
+ return((ret == 0.0)?1e-6:ret);
+ }
+#endif
+ }
+
+int main(argc,argv)
+int argc;
+char **argv;
+ {
+ long count;
+ static unsigned char buf[BUFSIZE];
+ static unsigned char key[] ={
+ 0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,
+ 0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10,
+ };
+ BF_KEY sch;
+ double a,b,c,d;
+#ifndef SIGALRM
+ long ca,cb,cc;
+#endif
+
+#ifndef TIMES
+ printf("To get the most acurate results, try to run this\n");
+ printf("program when this computer is idle.\n");
+#endif
+
+#ifndef SIGALRM
+ printf("First we calculate the approximate speed ...\n");
+ BF_set_key(&sch,16,key);
+ count=10;
+ do {
+ long i;
+ BF_LONG data[2];
+
+ count*=2;
+ Time_F(START);
+ for (i=count; i; i--)
+ BF_encrypt(data,&sch);
+ d=Time_F(STOP);
+ } while (d < 3.0);
+ ca=count/512;
+ cb=count;
+ cc=count*8/BUFSIZE+1;
+ printf("Doing BF_set_key %ld times\n",ca);
+#define COND(d) (count != (d))
+#define COUNT(d) (d)
+#else
+#define COND(c) (run)
+#define COUNT(d) (count)
+ signal(SIGALRM,sig_done);
+ printf("Doing BF_set_key for 10 seconds\n");
+ alarm(10);
+#endif
+
+ Time_F(START);
+ for (count=0,run=1; COND(ca); count+=4)
+ {
+ BF_set_key(&sch,16,key);
+ BF_set_key(&sch,16,key);
+ BF_set_key(&sch,16,key);
+ BF_set_key(&sch,16,key);
+ }
+ d=Time_F(STOP);
+ printf("%ld BF_set_key's in %.2f seconds\n",count,d);
+ a=((double)COUNT(ca))/d;
+
+#ifdef SIGALRM
+ printf("Doing BF_encrypt's for 10 seconds\n");
+ alarm(10);
+#else
+ printf("Doing BF_encrypt %ld times\n",cb);
+#endif
+ Time_F(START);
+ for (count=0,run=1; COND(cb); count+=4)
+ {
+ BF_LONG data[2];
+
+ BF_encrypt(data,&sch);
+ BF_encrypt(data,&sch);
+ BF_encrypt(data,&sch);
+ BF_encrypt(data,&sch);
+ }
+ d=Time_F(STOP);
+ printf("%ld BF_encrypt's in %.2f second\n",count,d);
+ b=((double)COUNT(cb)*8)/d;
+
+#ifdef SIGALRM
+ printf("Doing BF_cbc_encrypt on %ld byte blocks for 10 seconds\n",
+ BUFSIZE);
+ alarm(10);
+#else
+ printf("Doing BF_cbc_encrypt %ld times on %ld byte blocks\n",cc,
+ BUFSIZE);
+#endif
+ Time_F(START);
+ for (count=0,run=1; COND(cc); count++)
+ BF_cbc_encrypt(buf,buf,BUFSIZE,&sch,
+ &(key[0]),BF_ENCRYPT);
+ d=Time_F(STOP);
+ printf("%ld BF_cbc_encrypt's of %ld byte blocks in %.2f second\n",
+ count,BUFSIZE,d);
+ c=((double)COUNT(cc)*BUFSIZE)/d;
+
+ printf("Blowfish set_key per sec = %12.3f (%9.3fuS)\n",a,1.0e6/a);
+ printf("Blowfish raw ecb bytes per sec = %12.3f (%9.3fuS)\n",b,8.0e6/b);
+ printf("Blowfish cbc bytes per sec = %12.3f (%9.3fuS)\n",c,8.0e6/c);
+ exit(0);
+#if defined(LINT) || defined(MSDOS)
+ return(0);
+#endif
+ }
diff --git a/src/lib/libssl/src/crypto/bf/bftest.c b/src/lib/libssl/src/crypto/bf/bftest.c
new file mode 100644
index 0000000000..9266cf813a
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bf/bftest.c
@@ -0,0 +1,521 @@
+/* crypto/bf/bftest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* This has been a quickly hacked 'ideatest.c'. When I add tests for other
+ * RC2 modes, more of the code will be uncommented. */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include "blowfish.h"
+
+char *bf_key[2]={
+ "abcdefghijklmnopqrstuvwxyz",
+ "Who is John Galt?"
+ };
+
+/* big endian */
+BF_LONG bf_plain[2][2]={
+ {0x424c4f57L,0x46495348L},
+ {0xfedcba98L,0x76543210L}
+ };
+
+BF_LONG bf_cipher[2][2]={
+ {0x324ed0feL,0xf413a203L},
+ {0xcc91732bL,0x8022f684L}
+ };
+/************/
+
+/* Lets use the DES test vectors :-) */
+#define NUM_TESTS 34
+static unsigned char ecb_data[NUM_TESTS][8]={
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
+ {0x30,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11},
+ {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+ {0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11},
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10},
+ {0x7C,0xA1,0x10,0x45,0x4A,0x1A,0x6E,0x57},
+ {0x01,0x31,0xD9,0x61,0x9D,0xC1,0x37,0x6E},
+ {0x07,0xA1,0x13,0x3E,0x4A,0x0B,0x26,0x86},
+ {0x38,0x49,0x67,0x4C,0x26,0x02,0x31,0x9E},
+ {0x04,0xB9,0x15,0xBA,0x43,0xFE,0xB5,0xB6},
+ {0x01,0x13,0xB9,0x70,0xFD,0x34,0xF2,0xCE},
+ {0x01,0x70,0xF1,0x75,0x46,0x8F,0xB5,0xE6},
+ {0x43,0x29,0x7F,0xAD,0x38,0xE3,0x73,0xFE},
+ {0x07,0xA7,0x13,0x70,0x45,0xDA,0x2A,0x16},
+ {0x04,0x68,0x91,0x04,0xC2,0xFD,0x3B,0x2F},
+ {0x37,0xD0,0x6B,0xB5,0x16,0xCB,0x75,0x46},
+ {0x1F,0x08,0x26,0x0D,0x1A,0xC2,0x46,0x5E},
+ {0x58,0x40,0x23,0x64,0x1A,0xBA,0x61,0x76},
+ {0x02,0x58,0x16,0x16,0x46,0x29,0xB0,0x07},
+ {0x49,0x79,0x3E,0xBC,0x79,0xB3,0x25,0x8F},
+ {0x4F,0xB0,0x5E,0x15,0x15,0xAB,0x73,0xA7},
+ {0x49,0xE9,0x5D,0x6D,0x4C,0xA2,0x29,0xBF},
+ {0x01,0x83,0x10,0xDC,0x40,0x9B,0x26,0xD6},
+ {0x1C,0x58,0x7F,0x1C,0x13,0x92,0x4F,0xEF},
+ {0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01},
+ {0x1F,0x1F,0x1F,0x1F,0x0E,0x0E,0x0E,0x0E},
+ {0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1,0xFE},
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
+ {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+ {0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10}};
+
+static unsigned char plain_data[NUM_TESTS][8]={
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
+ {0x10,0x00,0x00,0x00,0x00,0x00,0x00,0x01},
+ {0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11},
+ {0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11},
+ {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+ {0x01,0xA1,0xD6,0xD0,0x39,0x77,0x67,0x42},
+ {0x5C,0xD5,0x4C,0xA8,0x3D,0xEF,0x57,0xDA},
+ {0x02,0x48,0xD4,0x38,0x06,0xF6,0x71,0x72},
+ {0x51,0x45,0x4B,0x58,0x2D,0xDF,0x44,0x0A},
+ {0x42,0xFD,0x44,0x30,0x59,0x57,0x7F,0xA2},
+ {0x05,0x9B,0x5E,0x08,0x51,0xCF,0x14,0x3A},
+ {0x07,0x56,0xD8,0xE0,0x77,0x47,0x61,0xD2},
+ {0x76,0x25,0x14,0xB8,0x29,0xBF,0x48,0x6A},
+ {0x3B,0xDD,0x11,0x90,0x49,0x37,0x28,0x02},
+ {0x26,0x95,0x5F,0x68,0x35,0xAF,0x60,0x9A},
+ {0x16,0x4D,0x5E,0x40,0x4F,0x27,0x52,0x32},
+ {0x6B,0x05,0x6E,0x18,0x75,0x9F,0x5C,0xCA},
+ {0x00,0x4B,0xD6,0xEF,0x09,0x17,0x60,0x62},
+ {0x48,0x0D,0x39,0x00,0x6E,0xE7,0x62,0xF2},
+ {0x43,0x75,0x40,0xC8,0x69,0x8F,0x3C,0xFA},
+ {0x07,0x2D,0x43,0xA0,0x77,0x07,0x52,0x92},
+ {0x02,0xFE,0x55,0x77,0x81,0x17,0xF1,0x2A},
+ {0x1D,0x9D,0x5C,0x50,0x18,0xF7,0x28,0xC2},
+ {0x30,0x55,0x32,0x28,0x6D,0x6F,0x29,0x5A},
+ {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+ {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+ {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+ {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF}};
+
+static unsigned char cipher_data[NUM_TESTS][8]={
+ {0x4E,0xF9,0x97,0x45,0x61,0x98,0xDD,0x78},
+ {0x51,0x86,0x6F,0xD5,0xB8,0x5E,0xCB,0x8A},
+ {0x7D,0x85,0x6F,0x9A,0x61,0x30,0x63,0xF2},
+ {0x24,0x66,0xDD,0x87,0x8B,0x96,0x3C,0x9D},
+ {0x61,0xF9,0xC3,0x80,0x22,0x81,0xB0,0x96},
+ {0x7D,0x0C,0xC6,0x30,0xAF,0xDA,0x1E,0xC7},
+ {0x4E,0xF9,0x97,0x45,0x61,0x98,0xDD,0x78},
+ {0x0A,0xCE,0xAB,0x0F,0xC6,0xA0,0xA2,0x8D},
+ {0x59,0xC6,0x82,0x45,0xEB,0x05,0x28,0x2B},
+ {0xB1,0xB8,0xCC,0x0B,0x25,0x0F,0x09,0xA0},
+ {0x17,0x30,0xE5,0x77,0x8B,0xEA,0x1D,0xA4},
+ {0xA2,0x5E,0x78,0x56,0xCF,0x26,0x51,0xEB},
+ {0x35,0x38,0x82,0xB1,0x09,0xCE,0x8F,0x1A},
+ {0x48,0xF4,0xD0,0x88,0x4C,0x37,0x99,0x18},
+ {0x43,0x21,0x93,0xB7,0x89,0x51,0xFC,0x98},
+ {0x13,0xF0,0x41,0x54,0xD6,0x9D,0x1A,0xE5},
+ {0x2E,0xED,0xDA,0x93,0xFF,0xD3,0x9C,0x79},
+ {0xD8,0x87,0xE0,0x39,0x3C,0x2D,0xA6,0xE3},
+ {0x5F,0x99,0xD0,0x4F,0x5B,0x16,0x39,0x69},
+ {0x4A,0x05,0x7A,0x3B,0x24,0xD3,0x97,0x7B},
+ {0x45,0x20,0x31,0xC1,0xE4,0xFA,0xDA,0x8E},
+ {0x75,0x55,0xAE,0x39,0xF5,0x9B,0x87,0xBD},
+ {0x53,0xC5,0x5F,0x9C,0xB4,0x9F,0xC0,0x19},
+ {0x7A,0x8E,0x7B,0xFA,0x93,0x7E,0x89,0xA3},
+ {0xCF,0x9C,0x5D,0x7A,0x49,0x86,0xAD,0xB5},
+ {0xD1,0xAB,0xB2,0x90,0x65,0x8B,0xC7,0x78},
+ {0x55,0xCB,0x37,0x74,0xD1,0x3E,0xF2,0x01},
+ {0xFA,0x34,0xEC,0x48,0x47,0xB2,0x68,0xB2},
+ {0xA7,0x90,0x79,0x51,0x08,0xEA,0x3C,0xAE},
+ {0xC3,0x9E,0x07,0x2D,0x9F,0xAC,0x63,0x1D},
+ {0x01,0x49,0x33,0xE0,0xCD,0xAF,0xF6,0xE4},
+ {0xF2,0x1E,0x9A,0x77,0xB7,0x1C,0x49,0xBC},
+ {0x24,0x59,0x46,0x88,0x57,0x54,0x36,0x9A},
+ {0x6B,0x5C,0x5A,0x9C,0x5D,0x9E,0x0A,0x5A},
+ };
+
+static unsigned char cbc_key [16]={
+ 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,
+ 0xf0,0xe1,0xd2,0xc3,0xb4,0xa5,0x96,0x87};
+static unsigned char cbc_iv [8]={0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10};
+static char cbc_data[40]="7654321 Now is the time for ";
+static unsigned char cbc_ok[32]={
+ 0x6B,0x77,0xB4,0xD6,0x30,0x06,0xDE,0xE6,
+ 0x05,0xB1,0x56,0xE2,0x74,0x03,0x97,0x93,
+ 0x58,0xDE,0xB9,0xE7,0x15,0x46,0x16,0xD9,
+ 0x59,0xF1,0x65,0x2B,0xD5,0xFF,0x92,0xCC};
+
+static unsigned char cfb64_ok[]={
+ 0xE7,0x32,0x14,0xA2,0x82,0x21,0x39,0xCA,
+ 0xF2,0x6E,0xCF,0x6D,0x2E,0xB9,0xE7,0x6E,
+ 0x3D,0xA3,0xDE,0x04,0xD1,0x51,0x72,0x00,
+ 0x51,0x9D,0x57,0xA6,0xC3};
+
+static unsigned char ofb64_ok[]={
+ 0xE7,0x32,0x14,0xA2,0x82,0x21,0x39,0xCA,
+ 0x62,0xB3,0x43,0xCC,0x5B,0x65,0x58,0x73,
+ 0x10,0xDD,0x90,0x8D,0x0C,0x24,0x1B,0x22,
+ 0x63,0xC2,0xCF,0x80,0xDA};
+
+#define KEY_TEST_NUM 25
+unsigned char key_test[KEY_TEST_NUM]={
+ 0xf0,0xe1,0xd2,0xc3,0xb4,0xa5,0x96,0x87,
+ 0x78,0x69,0x5a,0x4b,0x3c,0x2d,0x1e,0x0f,
+ 0x00,0x11,0x22,0x33,0x44,0x55,0x66,0x77,
+ 0x88};
+
+unsigned char key_data[8]=
+ {0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10};
+
+unsigned char key_out[KEY_TEST_NUM][8]={
+ {0xF9,0xAD,0x59,0x7C,0x49,0xDB,0x00,0x5E},
+ {0xE9,0x1D,0x21,0xC1,0xD9,0x61,0xA6,0xD6},
+ {0xE9,0xC2,0xB7,0x0A,0x1B,0xC6,0x5C,0xF3},
+ {0xBE,0x1E,0x63,0x94,0x08,0x64,0x0F,0x05},
+ {0xB3,0x9E,0x44,0x48,0x1B,0xDB,0x1E,0x6E},
+ {0x94,0x57,0xAA,0x83,0xB1,0x92,0x8C,0x0D},
+ {0x8B,0xB7,0x70,0x32,0xF9,0x60,0x62,0x9D},
+ {0xE8,0x7A,0x24,0x4E,0x2C,0xC8,0x5E,0x82},
+ {0x15,0x75,0x0E,0x7A,0x4F,0x4E,0xC5,0x77},
+ {0x12,0x2B,0xA7,0x0B,0x3A,0xB6,0x4A,0xE0},
+ {0x3A,0x83,0x3C,0x9A,0xFF,0xC5,0x37,0xF6},
+ {0x94,0x09,0xDA,0x87,0xA9,0x0F,0x6B,0xF2},
+ {0x88,0x4F,0x80,0x62,0x50,0x60,0xB8,0xB4},
+ {0x1F,0x85,0x03,0x1C,0x19,0xE1,0x19,0x68},
+ {0x79,0xD9,0x37,0x3A,0x71,0x4C,0xA3,0x4F},
+ {0x93,0x14,0x28,0x87,0xEE,0x3B,0xE1,0x5C},
+ {0x03,0x42,0x9E,0x83,0x8C,0xE2,0xD1,0x4B},
+ {0xA4,0x29,0x9E,0x27,0x46,0x9F,0xF6,0x7B},
+ {0xAF,0xD5,0xAE,0xD1,0xC1,0xBC,0x96,0xA8},
+ {0x10,0x85,0x1C,0x0E,0x38,0x58,0xDA,0x9F},
+ {0xE6,0xF5,0x1E,0xD7,0x9B,0x9D,0xB2,0x1F},
+ {0x64,0xA6,0xE1,0x4A,0xFD,0x36,0xB4,0x6F},
+ {0x80,0xC7,0xD7,0xD4,0x5A,0x54,0x79,0xAD},
+ {0x05,0x04,0x4B,0x62,0xFA,0x52,0xD0,0x80},
+ };
+
+#ifndef NOPROTO
+static int test(void );
+static int print_test_data(void );
+#else
+static int test();
+static int print_test_data();
+#endif
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ int ret;
+
+ if (argc > 1)
+ ret=print_test_data();
+ else
+ ret=test();
+
+ exit(ret);
+ return(0);
+ }
+
+static int print_test_data()
+ {
+ unsigned int i,j;
+
+ printf("ecb test data\n");
+ printf("key bytes\t\tclear bytes\t\tcipher bytes\n");
+ for (i=0; i<NUM_TESTS; i++)
+ {
+ for (j=0; j<8; j++)
+ printf("%02X",ecb_data[i][j]);
+ printf("\t");
+ for (j=0; j<8; j++)
+ printf("%02X",plain_data[i][j]);
+ printf("\t");
+ for (j=0; j<8; j++)
+ printf("%02X",cipher_data[i][j]);
+ printf("\n");
+ }
+
+ printf("set_key test data\n");
+ printf("data[8]= ");
+ for (j=0; j<8; j++)
+ printf("%02X",key_data[j]);
+ printf("\n");
+ for (i=0; i<KEY_TEST_NUM-1; i++)
+ {
+ printf("c=");
+ for (j=0; j<8; j++)
+ printf("%02X",key_out[i][j]);
+ printf(" k[%2d]=",i+1);
+ for (j=0; j<i+1; j++)
+ printf("%02X",key_test[j]);
+ printf("\n");
+ }
+
+ printf("\nchaining mode test data\n");
+ printf("key[16] = ");
+ for (j=0; j<16; j++)
+ printf("%02X",cbc_key[j]);
+ printf("\niv[8] = ");
+ for (j=0; j<8; j++)
+ printf("%02X",cbc_iv[j]);
+ printf("\ndata[%d] = '%s'",(int)strlen(cbc_data)+1,cbc_data);
+ printf("\ndata[%d] = ",(int)strlen(cbc_data)+1);
+ for (j=0; j<strlen(cbc_data)+1; j++)
+ printf("%02X",cbc_data[j]);
+ printf("\n");
+ printf("cbc cipher text\n");
+ printf("cipher[%d]= ",32);
+ for (j=0; j<32; j++)
+ printf("%02X",cbc_ok[j]);
+ printf("\n");
+
+ printf("cfb64 cipher text\n");
+ printf("cipher[%d]= ",(int)strlen(cbc_data)+1);
+ for (j=0; j<strlen(cbc_data)+1; j++)
+ printf("%02X",cfb64_ok[j]);
+ printf("\n");
+
+ printf("ofb64 cipher text\n");
+ printf("cipher[%d]= ",(int)strlen(cbc_data)+1);
+ for (j=0; j<strlen(cbc_data)+1; j++)
+ printf("%02X",ofb64_ok[j]);
+ printf("\n");
+ return(0);
+ }
+
+static int test()
+ {
+ unsigned char cbc_in[40],cbc_out[40],iv[8];
+ int i,n,err=0;
+ BF_KEY key;
+ BF_LONG data[2];
+ unsigned char out[8];
+ BF_LONG len;
+
+ printf("testing blowfish in raw ecb mode\n");
+ for (n=0; n<2; n++)
+ {
+ BF_set_key(&key,strlen(bf_key[n]),(unsigned char *)bf_key[n]);
+
+ data[0]=bf_plain[n][0];
+ data[1]=bf_plain[n][1];
+ BF_encrypt(data,&key);
+ if (memcmp(&(bf_cipher[n][0]),&(data[0]),8) != 0)
+ {
+ printf("BF_encrypt error encrypting\n");
+ printf("got :");
+ for (i=0; i<2; i++)
+ printf("%08lX ",data[i]);
+ printf("\n");
+ printf("expected:");
+ for (i=0; i<2; i++)
+ printf("%08lX ",bf_cipher[n][i]);
+ err=1;
+ printf("\n");
+ }
+
+ BF_decrypt(&(data[0]),&key);
+ if (memcmp(&(bf_plain[n][0]),&(data[0]),8) != 0)
+ {
+ printf("BF_encrypt error decrypting\n");
+ printf("got :");
+ for (i=0; i<2; i++)
+ printf("%08lX ",data[i]);
+ printf("\n");
+ printf("expected:");
+ for (i=0; i<2; i++)
+ printf("%08lX ",bf_plain[n][i]);
+ printf("\n");
+ err=1;
+ }
+ }
+
+ printf("testing blowfish in ecb mode\n");
+
+ for (n=0; n<NUM_TESTS; n++)
+ {
+ BF_set_key(&key,8,ecb_data[n]);
+
+ BF_ecb_encrypt(&(plain_data[n][0]),out,&key,BF_ENCRYPT);
+ if (memcmp(&(cipher_data[n][0]),out,8) != 0)
+ {
+ printf("BF_ecb_encrypt blowfish error encrypting\n");
+ printf("got :");
+ for (i=0; i<8; i++)
+ printf("%02X ",out[i]);
+ printf("\n");
+ printf("expected:");
+ for (i=0; i<8; i++)
+ printf("%02X ",cipher_data[n][i]);
+ err=1;
+ printf("\n");
+ }
+
+ BF_ecb_encrypt(out,out,&key,BF_DECRYPT);
+ if (memcmp(&(plain_data[n][0]),out,8) != 0)
+ {
+ printf("BF_ecb_encrypt error decrypting\n");
+ printf("got :");
+ for (i=0; i<8; i++)
+ printf("%02X ",out[i]);
+ printf("\n");
+ printf("expected:");
+ for (i=0; i<8; i++)
+ printf("%02X ",plain_data[n][i]);
+ printf("\n");
+ err=1;
+ }
+ }
+
+ printf("testing blowfish set_key\n");
+ for (n=1; n<KEY_TEST_NUM; n++)
+ {
+ BF_set_key(&key,n,key_test);
+ BF_ecb_encrypt(key_data,out,&key,BF_ENCRYPT);
+ if (memcmp(out,&(key_out[n-1][0]),8) != 0)
+ {
+ printf("blowfish setkey error\n");
+ err=1;
+ }
+ }
+
+ printf("testing blowfish in cbc mode\n");
+ len=strlen(cbc_data)+1;
+
+ BF_set_key(&key,16,cbc_key);
+ memset(cbc_in,0,40);
+ memset(cbc_out,0,40);
+ memcpy(iv,cbc_iv,8);
+ BF_cbc_encrypt((unsigned char *)cbc_data,cbc_out,len,
+ &key,iv,BF_ENCRYPT);
+ if (memcmp(cbc_out,cbc_ok,32) != 0)
+ {
+ err=1;
+ printf("BF_cbc_encrypt encrypt error\n");
+ for (i=0; i<32; i++) printf("0x%02X,",cbc_out[i]);
+ }
+ memcpy(iv,cbc_iv,8);
+ BF_cbc_encrypt(cbc_out,cbc_in,len,
+ &key,iv,BF_DECRYPT);
+ if (memcmp(cbc_in,cbc_data,strlen(cbc_data)+1) != 0)
+ {
+ printf("BF_cbc_encrypt decrypt error\n");
+ err=1;
+ }
+
+ printf("testing blowfish in cfb64 mode\n");
+
+ BF_set_key(&key,16,cbc_key);
+ memset(cbc_in,0,40);
+ memset(cbc_out,0,40);
+ memcpy(iv,cbc_iv,8);
+ n=0;
+ BF_cfb64_encrypt((unsigned char *)cbc_data,cbc_out,(long)13,
+ &key,iv,&n,BF_ENCRYPT);
+ BF_cfb64_encrypt((unsigned char *)&(cbc_data[13]),&(cbc_out[13]),len-13,
+ &key,iv,&n,BF_ENCRYPT);
+ if (memcmp(cbc_out,cfb64_ok,(int)len) != 0)
+ {
+ err=1;
+ printf("BF_cfb64_encrypt encrypt error\n");
+ for (i=0; i<(int)len; i++) printf("0x%02X,",cbc_out[i]);
+ }
+ n=0;
+ memcpy(iv,cbc_iv,8);
+ BF_cfb64_encrypt(cbc_out,cbc_in,17,
+ &key,iv,&n,BF_DECRYPT);
+ BF_cfb64_encrypt(&(cbc_out[17]),&(cbc_in[17]),len-17,
+ &key,iv,&n,BF_DECRYPT);
+ if (memcmp(cbc_in,cbc_data,(int)len) != 0)
+ {
+ printf("BF_cfb64_encrypt decrypt error\n");
+ err=1;
+ }
+
+ printf("testing blowfish in ofb64\n");
+
+ BF_set_key(&key,16,cbc_key);
+ memset(cbc_in,0,40);
+ memset(cbc_out,0,40);
+ memcpy(iv,cbc_iv,8);
+ n=0;
+ BF_ofb64_encrypt((unsigned char *)cbc_data,cbc_out,(long)13,&key,iv,&n);
+ BF_ofb64_encrypt((unsigned char *)&(cbc_data[13]),
+ &(cbc_out[13]),len-13,&key,iv,&n);
+ if (memcmp(cbc_out,ofb64_ok,(int)len) != 0)
+ {
+ err=1;
+ printf("BF_ofb64_encrypt encrypt error\n");
+ for (i=0; i<(int)len; i++) printf("0x%02X,",cbc_out[i]);
+ }
+ n=0;
+ memcpy(iv,cbc_iv,8);
+ BF_ofb64_encrypt(cbc_out,cbc_in,17,&key,iv,&n);
+ BF_ofb64_encrypt(&(cbc_out[17]),&(cbc_in[17]),len-17,&key,iv,&n);
+ if (memcmp(cbc_in,cbc_data,(int)len) != 0)
+ {
+ printf("BF_ofb64_encrypt decrypt error\n");
+ err=1;
+ }
+
+ return(err);
+ }
diff --git a/src/lib/libssl/src/crypto/bf/blowfish.h b/src/lib/libssl/src/crypto/bf/blowfish.h
new file mode 100644
index 0000000000..c4a8085a29
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bf/blowfish.h
@@ -0,0 +1,116 @@
+/* crypto/bf/blowfish.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_BLOWFISH_H
+#define HEADER_BLOWFISH_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define BF_ENCRYPT 1
+#define BF_DECRYPT 0
+
+/* If you make this 'unsigned int' the pointer variants will work on
+ * the Alpha, otherwise they will not. Strangly using the '8 byte'
+ * BF_LONG and the default 'non-pointer' inner loop is the best configuration
+ * for the Alpha */
+#define BF_LONG unsigned long
+
+#define BF_ROUNDS 16
+#define BF_BLOCK 8
+
+typedef struct bf_key_st
+ {
+ BF_LONG P[BF_ROUNDS+2];
+ BF_LONG S[4*256];
+ } BF_KEY;
+
+#ifndef NOPROTO
+
+void BF_set_key(BF_KEY *key, int len, unsigned char *data);
+void BF_ecb_encrypt(unsigned char *in,unsigned char *out,BF_KEY *key,
+ int enc);
+void BF_encrypt(BF_LONG *data,BF_KEY *key);
+void BF_decrypt(BF_LONG *data,BF_KEY *key);
+void BF_cbc_encrypt(unsigned char *in, unsigned char *out, long length,
+ BF_KEY *ks, unsigned char *iv, int enc);
+void BF_cfb64_encrypt(unsigned char *in, unsigned char *out, long length,
+ BF_KEY *schedule, unsigned char *ivec, int *num, int enc);
+void BF_ofb64_encrypt(unsigned char *in, unsigned char *out, long length,
+ BF_KEY *schedule, unsigned char *ivec, int *num);
+char *BF_options(void);
+
+#else
+
+void BF_set_key();
+void BF_ecb_encrypt();
+void BF_encrypt();
+void BF_decrypt();
+void BF_cbc_encrypt();
+void BF_cfb64_encrypt();
+void BF_ofb64_encrypt();
+char *BF_options();
+
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/src/lib/libssl/src/crypto/bio/b_dump.c b/src/lib/libssl/src/crypto/bio/b_dump.c
new file mode 100644
index 0000000000..db84ad3d47
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bio/b_dump.c
@@ -0,0 +1,125 @@
+/* crypto/bio/b_dump.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/*
+ * Stolen from tjh's ssl/ssl_trc.c stuff.
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bio.h"
+
+#define TRUNCATE
+#define DUMP_WIDTH 16
+
+int BIO_dump(bio,s,len)
+BIO *bio;
+char *s;
+int len;
+{
+ int ret=0;
+ char buf[160+1],tmp[20];
+ int i,j,rows,trunc;
+ unsigned char ch;
+
+ trunc=0;
+
+#ifdef TRUNCATE
+ for(; (len > 0) && ((s[len-1] == ' ') || (s[len-1] == '\0')); len--)
+ trunc++;
+#endif
+
+ rows=(len/DUMP_WIDTH);
+ if ((rows*DUMP_WIDTH)<len)
+ rows++;
+ for(i=0;i<rows;i++) {
+ buf[0]='\0'; /* start with empty string */
+ sprintf(tmp,"%04x - ",i*DUMP_WIDTH);
+ strcpy(buf,tmp);
+ for(j=0;j<DUMP_WIDTH;j++) {
+ if (((i*DUMP_WIDTH)+j)>=len) {
+ strcat(buf," ");
+ } else {
+ ch=((unsigned char)*((char *)(s)+i*DUMP_WIDTH+j)) & 0xff;
+ sprintf(tmp,"%02x%c",ch,j==7?'-':' ');
+ strcat(buf,tmp);
+ }
+ }
+ strcat(buf," ");
+ for(j=0;j<DUMP_WIDTH;j++) {
+ if (((i*DUMP_WIDTH)+j)>=len)
+ break;
+ ch=((unsigned char)*((char *)(s)+i*DUMP_WIDTH+j)) & 0xff;
+ sprintf(tmp,"%c",((ch>=' ')&&(ch<='~'))?ch:'.');
+ strcat(buf,tmp);
+ }
+ strcat(buf,"\n");
+ /* if this is the last call then update the ddt_dump thing so that
+ * we will move the selection point in the debug window
+ */
+ ret+=BIO_write(bio,(char *)buf,strlen(buf));
+ }
+#ifdef TRUNCATE
+ if (trunc > 0) {
+ sprintf(buf,"%04x - <SPACES/NULS>\n",len+trunc);
+ ret+=BIO_write(bio,(char *)buf,strlen(buf));
+ }
+#endif
+ return(ret);
+}
+
diff --git a/src/lib/libssl/src/crypto/bio/b_print.c b/src/lib/libssl/src/crypto/bio/b_print.c
new file mode 100644
index 0000000000..cdadeb839a
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bio/b_print.c
@@ -0,0 +1,92 @@
+/* crypto/bio/b_print.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/*
+ * Stolen from tjh's ssl/ssl_trc.c stuff.
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bio.h"
+
+int BIO_printf ( VAR_PLIST( BIO *, bio ) )
+VAR_ALIST
+ {
+ VAR_BDEFN(args, BIO *, bio);
+ char *format;
+ int ret;
+ MS_STATIC char hugebuf[1024*2]; /* 10k in one chunk is the limit */
+
+ VAR_INIT(args, BIO *, bio);
+ VAR_ARG(args, char *, format);
+
+ hugebuf[0]='\0';
+
+/* no-one uses _doprnt anymore and it appears to be broken under SunOS 4.1.4 */
+#if 0 && defined(sun) && !defined(VAR_ANSI) /**/
+ _doprnt(hugebuf,format,args);
+#else /* !sun */
+ vsprintf(hugebuf,format,args);
+#endif /* sun */
+
+ ret=BIO_write(bio,hugebuf,strlen(hugebuf));
+
+ VAR_END( args );
+ return(ret);
+ }
+
diff --git a/src/lib/libssl/src/crypto/bio/b_sock.c b/src/lib/libssl/src/crypto/bio/b_sock.c
new file mode 100644
index 0000000000..a45909527c
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bio/b_sock.c
@@ -0,0 +1,628 @@
+/* crypto/bio/b_sock.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef NO_SOCK
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <errno.h>
+#define USE_SOCKETS
+#include "cryptlib.h"
+#include "bio.h"
+
+/* BIOerr(BIO_F_WSASTARTUP,BIO_R_WSASTARTUP ); */
+
+#ifdef WIN16
+#define SOCKET_PROTOCOL 0 /* more microsoft stupidity */
+#else
+#define SOCKET_PROTOCOL IPPROTO_TCP
+#endif
+
+#ifdef SO_MAXCONN
+#define MAX_LISTEN SOMAXCONN
+#elif defined(SO_MAXCONN)
+#define MAX_LISTEN SO_MAXCONN
+#else
+#define MAX_LISTEN 32
+#endif
+
+#ifdef WINDOWS
+static int wsa_init_done=0;
+#endif
+
+static unsigned long BIO_ghbn_hits=0L;
+static unsigned long BIO_ghbn_miss=0L;
+
+#define GHBN_NUM 4
+static struct ghbn_cache_st
+ {
+ char name[129];
+ struct hostent *ent;
+ unsigned long order;
+ } ghbn_cache[GHBN_NUM];
+
+#ifndef NOPROTO
+static int get_ip(char *str,unsigned char *ip);
+static void ghbn_free(struct hostent *a);
+static struct hostent *ghbn_dup(struct hostent *a);
+#else
+static int get_ip();
+static void ghbn_free();
+static struct hostent *ghbn_dup();
+#endif
+
+int BIO_get_host_ip(str,ip)
+char *str;
+unsigned char *ip;
+ {
+ int i;
+ struct hostent *he;
+
+ i=get_ip(str,ip);
+ if (i > 0) return(1);
+ if (i < 0)
+ {
+ BIOerr(BIO_F_BIO_GET_HOST_IP,BIO_R_INVALID_IP_ADDRESS);
+ ERR_add_error_data(2,"host=",str);
+ return(0);
+ }
+ else
+ { /* do a gethostbyname */
+ if (!BIO_sock_init()) return(0);
+
+ he=BIO_gethostbyname(str);
+ if (he == NULL)
+ {
+ BIOerr(BIO_F_BIO_GET_HOST_IP,BIO_R_BAD_HOSTNAME_LOOKUP);
+ ERR_add_error_data(2,"host=",str);
+ return(0);
+ }
+
+ /* cast to short because of win16 winsock definition */
+ if ((short)he->h_addrtype != AF_INET)
+ {
+ BIOerr(BIO_F_BIO_GET_HOST_IP,BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET);
+ ERR_add_error_data(2,"host=",str);
+ return(0);
+ }
+ for (i=0; i<4; i++)
+ ip[i]=he->h_addr_list[0][i];
+ }
+ return(1);
+ }
+
+int BIO_get_port(str,port_ptr)
+char *str;
+short *port_ptr;
+ {
+ int i;
+ struct servent *s;
+
+ if (str == NULL)
+ {
+ BIOerr(BIO_F_BIO_GET_PORT,BIO_R_NO_PORT_DEFINED);
+ return(0);
+ }
+ i=atoi(str);
+ if (i != 0)
+ *port_ptr=(unsigned short)i;
+ else
+ {
+ s=getservbyname(str,"tcp");
+ if (s == NULL)
+ {
+ if (strcmp(str,"http") == 0)
+ *port_ptr=80;
+ else if (strcmp(str,"telnet") == 0)
+ *port_ptr=23;
+ else if (strcmp(str,"socks") == 0)
+ *port_ptr=1080;
+ else if (strcmp(str,"https") == 0)
+ *port_ptr=443;
+ else if (strcmp(str,"ssl") == 0)
+ *port_ptr=443;
+ else if (strcmp(str,"ftp") == 0)
+ *port_ptr=21;
+ else if (strcmp(str,"gopher") == 0)
+ *port_ptr=70;
+#if 0
+ else if (strcmp(str,"wais") == 0)
+ *port_ptr=21;
+#endif
+ else
+ {
+ SYSerr(SYS_F_GETSERVBYNAME,get_last_socket_error());
+ ERR_add_error_data(3,"service='",str,"'");
+ return(0);
+ }
+ return(1);
+ }
+ *port_ptr=htons((unsigned short)s->s_port);
+ }
+ return(1);
+ }
+
+int BIO_sock_error(sock)
+int sock;
+ {
+ int j,i,size;
+
+ size=sizeof(int);
+
+ i=getsockopt(sock,SOL_SOCKET,SO_ERROR,(char *)&j,&size);
+ if (i < 0)
+ return(1);
+ else
+ return(j);
+ }
+
+long BIO_ghbn_ctrl(cmd,iarg,parg)
+int cmd;
+int iarg;
+char *parg;
+ {
+ int i;
+ char **p;
+
+ switch (cmd)
+ {
+ case BIO_GHBN_CTRL_HITS:
+ return(BIO_ghbn_hits);
+ break;
+ case BIO_GHBN_CTRL_MISSES:
+ return(BIO_ghbn_miss);
+ break;
+ case BIO_GHBN_CTRL_CACHE_SIZE:
+ return(GHBN_NUM);
+ break;
+ case BIO_GHBN_CTRL_GET_ENTRY:
+ if ((iarg >= 0) && (iarg <GHBN_NUM) &&
+ (ghbn_cache[iarg].order > 0))
+ {
+ p=(char **)parg;
+ if (p == NULL) return(0);
+ *p=ghbn_cache[iarg].name;
+ ghbn_cache[iarg].name[128]='\0';
+ return(1);
+ }
+ return(0);
+ break;
+ case BIO_GHBN_CTRL_FLUSH:
+ for (i=0; i<GHBN_NUM; i++)
+ ghbn_cache[i].order=0;
+ break;
+ default:
+ return(0);
+ }
+ return(1);
+ }
+
+static struct hostent *ghbn_dup(a)
+struct hostent *a;
+ {
+ struct hostent *ret;
+ int i,j;
+
+ ret=(struct hostent *)malloc(sizeof(struct hostent));
+ if (ret == NULL) return(NULL);
+ memset(ret,0,sizeof(struct hostent));
+
+ for (i=0; a->h_aliases[i] != NULL; i++)
+ ;
+ i++;
+ ret->h_aliases=(char **)malloc(sizeof(char *)*i);
+ memset(ret->h_aliases,0,sizeof(char *)*i);
+ if (ret == NULL) goto err;
+
+ for (i=0; a->h_addr_list[i] != NULL; i++)
+ ;
+ i++;
+ ret->h_addr_list=(char **)malloc(sizeof(char *)*i);
+ memset(ret->h_addr_list,0,sizeof(char *)*i);
+ if (ret->h_addr_list == NULL) goto err;
+
+ j=strlen(a->h_name)+1;
+ if ((ret->h_name=malloc(j)) == NULL) goto err;
+ memcpy((char *)ret->h_name,a->h_name,j);
+ for (i=0; a->h_aliases[i] != NULL; i++)
+ {
+ j=strlen(a->h_aliases[i])+1;
+ if ((ret->h_aliases[i]=malloc(j)) == NULL) goto err;
+ memcpy(ret->h_aliases[i],a->h_aliases[i],j);
+ }
+ ret->h_length=a->h_length;
+ ret->h_addrtype=a->h_addrtype;
+ for (i=0; a->h_addr_list[i] != NULL; i++)
+ {
+ if ((ret->h_addr_list[i]=malloc(a->h_length)) == NULL)
+ goto err;
+ memcpy(ret->h_addr_list[i],a->h_addr_list[i],a->h_length);
+ }
+ return(ret);
+err:
+ if (ret != NULL)
+ ghbn_free(ret);
+ return(NULL);
+ }
+
+static void ghbn_free(a)
+struct hostent *a;
+ {
+ int i;
+
+ if (a->h_aliases != NULL)
+ {
+ for (i=0; a->h_aliases[i] != NULL; i++)
+ free(a->h_aliases[i]);
+ free(a->h_aliases);
+ }
+ if (a->h_addr_list != NULL)
+ {
+ for (i=0; a->h_addr_list[i] != NULL; i++)
+ free(a->h_addr_list[i]);
+ free(a->h_addr_list);
+ }
+ if (a->h_name != NULL) free((char *)a->h_name);
+ free(a);
+ }
+
+struct hostent *BIO_gethostbyname(name)
+char *name;
+ {
+ struct hostent *ret;
+ int i,lowi=0,j;
+ unsigned long low= (unsigned long)-1;
+
+/* return(gethostbyname(name)); */
+
+ CRYPTO_w_lock(CRYPTO_LOCK_BIO_GETHOSTBYNAME);
+ j=strlen(name);
+ if (j < 128)
+ {
+ for (i=0; i<GHBN_NUM; i++)
+ {
+ if (low > ghbn_cache[i].order)
+ {
+ low=ghbn_cache[i].order;
+ lowi=i;
+ }
+ if (ghbn_cache[i].order > 0)
+ {
+ if (strncmp(name,ghbn_cache[i].name,128) == 0)
+ break;
+ }
+ }
+ }
+ else
+ i=GHBN_NUM;
+
+ if (i == GHBN_NUM) /* no hit*/
+ {
+ BIO_ghbn_miss++;
+ ret=gethostbyname(name);
+
+ if (ret == NULL) return(NULL);
+ if (j > 128) return(ret); /* too big to cache */
+
+ /* else add to cache */
+ if (ghbn_cache[lowi].ent != NULL)
+ ghbn_free(ghbn_cache[lowi].ent);
+
+ strncpy(ghbn_cache[lowi].name,name,128);
+ ghbn_cache[lowi].ent=ghbn_dup(ret);
+ ghbn_cache[lowi].order=BIO_ghbn_miss+BIO_ghbn_hits;
+ }
+ else
+ {
+ BIO_ghbn_hits++;
+ ret= ghbn_cache[i].ent;
+ ghbn_cache[i].order=BIO_ghbn_miss+BIO_ghbn_hits;
+ }
+ CRYPTO_w_unlock(CRYPTO_LOCK_BIO_GETHOSTBYNAME);
+ return(ret);
+ }
+
+int BIO_sock_init()
+ {
+#ifdef WINDOWS
+ static struct WSAData wsa_state;
+
+ if (!wsa_init_done)
+ {
+ int err;
+
+#ifdef SIGINT
+ signal(SIGINT,(void (*)(int))BIO_sock_cleanup);
+#endif
+ wsa_init_done=1;
+ memset(&wsa_state,0,sizeof(wsa_state));
+ if (WSAStartup(0x0101,&wsa_state)!=0)
+ {
+ err=WSAGetLastError();
+ SYSerr(SYS_F_WSASTARTUP,err);
+ BIOerr(BIO_F_BIO_SOCK_INIT,BIO_R_WSASTARTUP);
+ return(-1);
+ }
+ }
+#endif /* WINDOWS */
+ return(1);
+ }
+
+void BIO_sock_cleanup()
+ {
+#ifdef WINDOWS
+ if (wsa_init_done)
+ {
+ wsa_init_done=0;
+ WSACancelBlockingCall();
+ WSACleanup();
+ }
+#endif
+ }
+
+int BIO_socket_ioctl(fd,type,arg)
+int fd;
+long type;
+unsigned long *arg;
+ {
+ int i;
+
+ i=ioctlsocket(fd,type,arg);
+ if (i < 0)
+ SYSerr(SYS_F_IOCTLSOCKET,get_last_socket_error());
+ return(i);
+ }
+
+/* The reason I have implemented this instead of using sscanf is because
+ * Visual C 1.52c gives an unresolved external when linking a DLL :-( */
+static int get_ip(str,ip)
+char *str;
+unsigned char ip[4];
+ {
+ unsigned int tmp[4];
+ int num=0,c,ok=0;
+
+ tmp[0]=tmp[1]=tmp[2]=tmp[3]=0;
+
+ for (;;)
+ {
+ c= *(str++);
+ if ((c >= '0') && (c <= '9'))
+ {
+ ok=1;
+ tmp[num]=tmp[num]*10+c-'0';
+ if (tmp[num] > 255) return(-1);
+ }
+ else if (c == '.')
+ {
+ if (!ok) return(-1);
+ if (num == 3) break;
+ num++;
+ ok=0;
+ }
+ else if ((num == 3) && ok)
+ break;
+ else
+ return(0);
+ }
+ ip[0]=tmp[0];
+ ip[1]=tmp[1];
+ ip[2]=tmp[2];
+ ip[3]=tmp[3];
+ return(1);
+ }
+
+int BIO_get_accept_socket(host)
+char *host;
+ {
+ int ret=0;
+ struct sockaddr_in server;
+ int s= -1;
+ unsigned char ip[4];
+ short port;
+ char *str,*h,*p,*e;
+ unsigned long l;
+
+ if (!BIO_sock_init()) return(INVALID_SOCKET);
+
+ if ((str=BUF_strdup(host)) == NULL) return(INVALID_SOCKET);
+
+ h=p=NULL;
+ h=str;
+ for (e=str; *e; e++)
+ {
+ if (*e == ':')
+ {
+ p= &(e[1]);
+ *e='\0';
+ }
+ else if (*e == '/')
+ {
+ *e='\0';
+ break;
+ }
+ }
+
+ if (p == NULL)
+ {
+ p=h;
+ h="*";
+ }
+
+ if (!BIO_get_port(p,&port)) return(INVALID_SOCKET);
+
+ memset((char *)&server,0,sizeof(server));
+ server.sin_family=AF_INET;
+ server.sin_port=htons((unsigned short)port);
+
+ if (strcmp(h,"*") == 0)
+ server.sin_addr.s_addr=INADDR_ANY;
+ else
+ {
+ if (!BIO_get_host_ip(h,&(ip[0]))) return(INVALID_SOCKET);
+ l=(unsigned long)
+ ((unsigned long)ip[0]<<24L)|
+ ((unsigned long)ip[0]<<16L)|
+ ((unsigned long)ip[0]<< 8L)|
+ ((unsigned long)ip[0]);
+ server.sin_addr.s_addr=htonl(l);
+ }
+
+ s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
+ if (s == INVALID_SOCKET)
+ {
+ SYSerr(SYS_F_SOCKET,get_last_socket_error());
+ ERR_add_error_data(3,"port='",host,"'");
+ BIOerr(BIO_F_BIO_GET_ACCEPT_SOCKET,BIO_R_UNABLE_TO_CREATE_SOCKET);
+ goto err;
+ }
+ if (bind(s,(struct sockaddr *)&server,sizeof(server)) == -1)
+ {
+ SYSerr(SYS_F_BIND,get_last_socket_error());
+ ERR_add_error_data(3,"port='",host,"'");
+ BIOerr(BIO_F_BIO_GET_ACCEPT_SOCKET,BIO_R_UNABLE_TO_BIND_SOCKET);
+ goto err;
+ }
+ if (listen(s,MAX_LISTEN) == -1)
+ {
+ SYSerr(SYS_F_BIND,get_last_socket_error());
+ ERR_add_error_data(3,"port='",host,"'");
+ BIOerr(BIO_F_BIO_GET_ACCEPT_SOCKET,BIO_R_UNABLE_TO_LISTEN_SOCKET);
+ goto err;
+ }
+ ret=1;
+err:
+ if (str != NULL) Free(str);
+ if ((ret == 0) && (s != INVALID_SOCKET))
+ {
+#ifdef WINDOWS
+ closesocket(s);
+#else
+ close(s);
+#endif
+ s= INVALID_SOCKET;
+ }
+ return(s);
+ }
+
+int BIO_accept(sock,addr)
+int sock;
+char **addr;
+ {
+ int ret=INVALID_SOCKET;
+ static struct sockaddr_in from;
+ unsigned long l;
+ short port;
+ int len;
+ char *p;
+
+ memset((char *)&from,0,sizeof(from));
+ len=sizeof(from);
+ ret=accept(sock,(struct sockaddr *)&from,&len);
+ if (ret == INVALID_SOCKET)
+ {
+ SYSerr(SYS_F_ACCEPT,get_last_socket_error());
+ BIOerr(BIO_F_BIO_ACCEPT,BIO_R_ACCEPT_ERROR);
+ goto end;
+ }
+
+ if (addr == NULL) goto end;
+
+ l=ntohl(from.sin_addr.s_addr);
+ port=ntohs(from.sin_port);
+ if (*addr == NULL)
+ {
+ if ((p=Malloc(24)) == NULL)
+ {
+ BIOerr(BIO_F_BIO_ACCEPT,ERR_R_MALLOC_FAILURE);
+ goto end;
+ }
+ *addr=p;
+ }
+ sprintf(*addr,"%d.%d.%d.%d:%d",
+ (unsigned char)(l>>24L)&0xff,
+ (unsigned char)(l>>16L)&0xff,
+ (unsigned char)(l>> 8L)&0xff,
+ (unsigned char)(l )&0xff,
+ port);
+end:
+ return(ret);
+ }
+
+int BIO_set_tcp_ndelay(s,on)
+int s;
+int on;
+ {
+ int ret=0;
+#if defined(TCP_NODELAY) && (defined(IPPROTO_TCP) || defined(SOL_TCP))
+ int opt;
+
+#ifdef SOL_TCP
+ opt=SOL_TCP;
+#else
+#ifdef IPPROTO_TCP
+ opt=IPPROTO_TCP;
+#endif
+#endif
+
+ ret=setsockopt(s,opt,TCP_NODELAY,(char *)&on,sizeof(on));
+#endif
+ return(ret == 0);
+ }
+#endif
+
diff --git a/src/lib/libssl/src/crypto/bio/bf_buff.c b/src/lib/libssl/src/crypto/bio/bf_buff.c
new file mode 100644
index 0000000000..7912b88473
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bio/bf_buff.c
@@ -0,0 +1,512 @@
+/* crypto/bio/bf_buff.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include "bio.h"
+#include "evp.h"
+
+#ifndef NOPROTO
+static int buffer_write(BIO *h,char *buf,int num);
+static int buffer_read(BIO *h,char *buf,int size);
+static int buffer_puts(BIO *h,char *str);
+static int buffer_gets(BIO *h,char *str,int size);
+static long buffer_ctrl(BIO *h,int cmd,long arg1,char *arg2);
+static int buffer_new(BIO *h);
+static int buffer_free(BIO *data);
+#else
+static int buffer_write();
+static int buffer_read();
+static int buffer_puts();
+static int buffer_gets();
+static long buffer_ctrl();
+static int buffer_new();
+static int buffer_free();
+#endif
+
+#define DEFAULT_BUFFER_SIZE 1024
+
+static BIO_METHOD methods_buffer=
+ {
+ BIO_TYPE_BUFFER,
+ "buffer",
+ buffer_write,
+ buffer_read,
+ buffer_puts,
+ buffer_gets,
+ buffer_ctrl,
+ buffer_new,
+ buffer_free,
+ };
+
+BIO_METHOD *BIO_f_buffer()
+ {
+ return(&methods_buffer);
+ }
+
+static int buffer_new(bi)
+BIO *bi;
+ {
+ BIO_F_BUFFER_CTX *ctx;
+
+ ctx=(BIO_F_BUFFER_CTX *)Malloc(sizeof(BIO_F_BUFFER_CTX));
+ if (ctx == NULL) return(0);
+ ctx->ibuf=(char *)Malloc(DEFAULT_BUFFER_SIZE);
+ if (ctx->ibuf == NULL) { Free(ctx); return(0); }
+ ctx->obuf=(char *)Malloc(DEFAULT_BUFFER_SIZE);
+ if (ctx->obuf == NULL) { Free(ctx->ibuf); Free(ctx); return(0); }
+ ctx->ibuf_size=DEFAULT_BUFFER_SIZE;
+ ctx->obuf_size=DEFAULT_BUFFER_SIZE;
+ ctx->ibuf_len=0;
+ ctx->ibuf_off=0;
+ ctx->obuf_len=0;
+ ctx->obuf_off=0;
+
+ bi->init=1;
+ bi->ptr=(char *)ctx;
+ bi->flags=0;
+ return(1);
+ }
+
+static int buffer_free(a)
+BIO *a;
+ {
+ BIO_F_BUFFER_CTX *b;
+
+ if (a == NULL) return(0);
+ b=(BIO_F_BUFFER_CTX *)a->ptr;
+ if (b->ibuf != NULL) Free(b->ibuf);
+ if (b->obuf != NULL) Free(b->obuf);
+ Free(a->ptr);
+ a->ptr=NULL;
+ a->init=0;
+ a->flags=0;
+ return(1);
+ }
+
+static int buffer_read(b,out,outl)
+BIO *b;
+char *out;
+int outl;
+ {
+ int i,num=0;
+ BIO_F_BUFFER_CTX *ctx;
+
+ if (out == NULL) return(0);
+ ctx=(BIO_F_BUFFER_CTX *)b->ptr;
+
+ if ((ctx == NULL) || (b->next_bio == NULL)) return(0);
+ num=0;
+ BIO_clear_retry_flags(b);
+
+start:
+ i=ctx->ibuf_len;
+ /* If there is stuff left over, grab it */
+ if (i != 0)
+ {
+ if (i > outl) i=outl;
+ memcpy(out,&(ctx->ibuf[ctx->ibuf_off]),i);
+ ctx->ibuf_off+=i;
+ ctx->ibuf_len-=i;
+ num+=i;
+ if (outl == i) return(num);
+ outl-=i;
+ out+=i;
+ }
+
+ /* We may have done a partial read. try to do more.
+ * We have nothing in the buffer.
+ * If we get an error and have read some data, just return it
+ * and let them retry to get the error again.
+ * copy direct to parent address space */
+ if (outl > ctx->ibuf_size)
+ {
+ for (;;)
+ {
+ i=BIO_read(b->next_bio,out,outl);
+ if (i <= 0)
+ {
+ BIO_copy_next_retry(b);
+ if (i < 0) return((num > 0)?num:i);
+ if (i == 0) return(num);
+ }
+ num+=i;
+ if (outl == i) return(num);
+ out+=i;
+ outl-=i;
+ }
+ }
+ /* else */
+
+ /* we are going to be doing some buffering */
+ i=BIO_read(b->next_bio,ctx->ibuf,ctx->ibuf_size);
+ if (i <= 0)
+ {
+ BIO_copy_next_retry(b);
+ if (i < 0) return((num > 0)?num:i);
+ if (i == 0) return(num);
+ }
+ ctx->ibuf_off=0;
+ ctx->ibuf_len=i;
+
+ /* Lets re-read using ourselves :-) */
+ goto start;
+ }
+
+static int buffer_write(b,in,inl)
+BIO *b;
+char *in;
+int inl;
+ {
+ int i,num=0;
+ BIO_F_BUFFER_CTX *ctx;
+
+ if ((in == NULL) || (inl <= 0)) return(0);
+ ctx=(BIO_F_BUFFER_CTX *)b->ptr;
+ if ((ctx == NULL) || (b->next_bio == NULL)) return(0);
+
+ BIO_clear_retry_flags(b);
+start:
+ i=ctx->obuf_size-(ctx->obuf_len+ctx->obuf_off);
+ /* add to buffer and return */
+ if (i >= inl)
+ {
+ memcpy(&(ctx->obuf[ctx->obuf_len]),in,inl);
+ ctx->obuf_len+=inl;
+ return(num+inl);
+ }
+ /* else */
+ /* stuff already in buffer, so add to it first, then flush */
+ if (ctx->obuf_len != 0)
+ {
+ if (i > 0) /* lets fill it up if we can */
+ {
+ memcpy(&(ctx->obuf[ctx->obuf_len]),in,i);
+ in+=i;
+ inl-=i;
+ num+=i;
+ ctx->obuf_len+=i;
+ }
+ /* we now have a full buffer needing flushing */
+ for (;;)
+ {
+ i=BIO_write(b->next_bio,&(ctx->obuf[ctx->obuf_off]),
+ ctx->obuf_len);
+ if (i <= 0)
+ {
+ BIO_copy_next_retry(b);
+
+ if (i < 0) return((num > 0)?num:i);
+ if (i == 0) return(num);
+ }
+ ctx->obuf_off+=i;
+ ctx->obuf_len-=i;
+ if (ctx->obuf_len == 0) break;
+ }
+ }
+ /* we only get here if the buffer has been flushed and we
+ * still have stuff to write */
+ ctx->obuf_off=0;
+
+ /* we now have inl bytes to write */
+ while (inl >= ctx->obuf_size)
+ {
+ i=BIO_write(b->next_bio,in,inl);
+ if (i <= 0)
+ {
+ BIO_copy_next_retry(b);
+ if (i < 0) return((num > 0)?num:i);
+ if (i == 0) return(num);
+ }
+ num+=i;
+ in+=i;
+ inl-=i;
+ if (inl == 0) return(num);
+ }
+
+ /* copy the rest into the buffer since we have only a small
+ * amount left */
+ goto start;
+ }
+
+static long buffer_ctrl(b,cmd,num,ptr)
+BIO *b;
+int cmd;
+long num;
+char *ptr;
+ {
+ BIO *dbio;
+ BIO_F_BUFFER_CTX *ctx;
+ long ret=1;
+ char *p1,*p2;
+ int r,i,*ip;
+ int ibs,obs;
+
+ ctx=(BIO_F_BUFFER_CTX *)b->ptr;
+
+ switch (cmd)
+ {
+ case BIO_CTRL_RESET:
+ ctx->ibuf_off=0;
+ ctx->ibuf_len=0;
+ ctx->obuf_off=0;
+ ctx->obuf_len=0;
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ break;
+ case BIO_CTRL_INFO:
+ ret=(long)ctx->obuf_len;
+ break;
+ case BIO_C_GET_BUFF_NUM_LINES:
+ ret=0;
+ p1=ctx->ibuf;
+ for (i=ctx->ibuf_off; i<ctx->ibuf_len; i++)
+ {
+ if (p1[i] == '\n') ret++;
+ }
+ break;
+ case BIO_CTRL_WPENDING:
+ ret=(long)ctx->obuf_len;
+ if (ret == 0)
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ break;
+ case BIO_CTRL_PENDING:
+ ret=(long)ctx->ibuf_len;
+ if (ret == 0)
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ break;
+ case BIO_C_SET_BUFF_READ_DATA:
+ if (num > ctx->ibuf_size)
+ {
+ p1=Malloc((int)num);
+ if (p1 == NULL) goto malloc_error;
+ if (ctx->ibuf != NULL) Free(ctx->ibuf);
+ ctx->ibuf=p1;
+ }
+ ctx->ibuf_off=0;
+ ctx->ibuf_len=(int)num;
+ memcpy(ctx->ibuf,ptr,(int)num);
+ ret=1;
+ break;
+ case BIO_C_SET_BUFF_SIZE:
+ if (ptr != NULL)
+ {
+ ip=(int *)ptr;
+ if (*ip == 0)
+ {
+ ibs=(int)num;
+ obs=ctx->obuf_size;
+ }
+ else /* if (*ip == 1) */
+ {
+ ibs=ctx->ibuf_size;
+ obs=(int)num;
+ }
+ }
+ else
+ {
+ ibs=(int)num;
+ obs=(int)num;
+ }
+ p1=ctx->ibuf;
+ p2=ctx->obuf;
+ if ((ibs > DEFAULT_BUFFER_SIZE) && (ibs != ctx->ibuf_size))
+ {
+ p1=(char *)Malloc((int)num);
+ if (p1 == NULL) goto malloc_error;
+ }
+ if ((obs > DEFAULT_BUFFER_SIZE) && (obs != ctx->obuf_size))
+ {
+ p2=(char *)Malloc((int)num);
+ if (p2 == NULL)
+ {
+ if (p1 != ctx->ibuf) Free(p1);
+ goto malloc_error;
+ }
+ }
+ if (ctx->ibuf != p1)
+ {
+ Free(ctx->ibuf);
+ ctx->ibuf=p1;
+ ctx->ibuf_off=0;
+ ctx->ibuf_len=0;
+ ctx->ibuf_size=ibs;
+ }
+ if (ctx->obuf != p2)
+ {
+ Free(ctx->obuf);
+ ctx->obuf=p2;
+ ctx->obuf_off=0;
+ ctx->obuf_len=0;
+ ctx->obuf_size=obs;
+ }
+ break;
+ case BIO_C_DO_STATE_MACHINE:
+ BIO_clear_retry_flags(b);
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ BIO_copy_next_retry(b);
+ break;
+
+ case BIO_CTRL_FLUSH:
+ if (ctx->obuf_len <= 0)
+ {
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ break;
+ }
+
+ for (;;)
+ {
+ BIO_clear_retry_flags(b);
+ if (ctx->obuf_len > ctx->obuf_off)
+ {
+ r=BIO_write(b->next_bio,
+ &(ctx->obuf[ctx->obuf_off]),
+ ctx->obuf_len-ctx->obuf_off);
+#if 0
+fprintf(stderr,"FLUSH [%3d] %3d -> %3d\n",ctx->obuf_off,ctx->obuf_len-ctx->obuf_off,r);
+#endif
+ BIO_copy_next_retry(b);
+ if (r <= 0) return((long)r);
+ ctx->obuf_off+=r;
+ }
+ else
+ {
+ ctx->obuf_len=0;
+ ctx->obuf_off=0;
+ ret=1;
+ break;
+ }
+ }
+ break;
+ case BIO_CTRL_DUP:
+ dbio=(BIO *)ptr;
+ if ( !BIO_set_read_buffer_size(dbio,ctx->ibuf_size) ||
+ !BIO_set_write_buffer_size(dbio,ctx->obuf_size))
+ ret=0;
+ break;
+ default:
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ break;
+ }
+ return(ret);
+malloc_error:
+ BIOerr(BIO_F_BUFFER_CTRL,ERR_R_MALLOC_FAILURE);
+ return(0);
+ }
+
+static int buffer_gets(b,buf,size)
+BIO *b;
+char *buf;
+int size;
+ {
+ BIO_F_BUFFER_CTX *ctx;
+ int num=0,i,flag;
+ char *p;
+
+ ctx=(BIO_F_BUFFER_CTX *)b->ptr;
+ size--; /* reserve space for a '\0' */
+ BIO_clear_retry_flags(b);
+
+ for (;;)
+ {
+ if (ctx->ibuf_len > 0)
+ {
+ p= &(ctx->ibuf[ctx->ibuf_off]);
+ flag=0;
+ for (i=0; (i<ctx->ibuf_len) && (i<size); i++)
+ {
+ *(buf++)=p[i];
+ if (p[i] == '\n')
+ {
+ flag=1;
+ i++;
+ break;
+ }
+ }
+ num+=i;
+ size-=i;
+ ctx->ibuf_len-=i;
+ ctx->ibuf_off+=i;
+ if ((flag) || (i == size))
+ {
+ *buf='\0';
+ return(num);
+ }
+ }
+ else /* read another chunk */
+ {
+ i=BIO_read(b->next_bio,ctx->ibuf,ctx->ibuf_size);
+ if (i <= 0)
+ {
+ BIO_copy_next_retry(b);
+ if (i < 0) return((num > 0)?num:i);
+ if (i == 0) return(num);
+ }
+ ctx->ibuf_len=i;
+ ctx->ibuf_off=0;
+ }
+ }
+ }
+
+static int buffer_puts(b,str)
+BIO *b;
+char *str;
+ {
+ return(BIO_write(b,str,strlen(str)));
+ }
+
diff --git a/src/lib/libssl/src/crypto/bio/bf_nbio.c b/src/lib/libssl/src/crypto/bio/bf_nbio.c
new file mode 100644
index 0000000000..034b3024df
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bio/bf_nbio.c
@@ -0,0 +1,268 @@
+/* crypto/bio/bf_nbio.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include "rand.h"
+#include "bio.h"
+#include "evp.h"
+
+/* BIO_put and BIO_get both add to the digest,
+ * BIO_gets returns the digest */
+
+#ifndef NOPROTO
+static int nbiof_write(BIO *h,char *buf,int num);
+static int nbiof_read(BIO *h,char *buf,int size);
+static int nbiof_puts(BIO *h,char *str);
+static int nbiof_gets(BIO *h,char *str,int size);
+static long nbiof_ctrl(BIO *h,int cmd,long arg1,char *arg2);
+static int nbiof_new(BIO *h);
+static int nbiof_free(BIO *data);
+#else
+static int nbiof_write();
+static int nbiof_read();
+static int nbiof_puts();
+static int nbiof_gets();
+static long nbiof_ctrl();
+static int nbiof_new();
+static int nbiof_free();
+#endif
+
+typedef struct nbio_test_st
+ {
+ /* only set if we sent a 'should retry' error */
+ int lrn;
+ int lwn;
+ } NBIO_TEST;
+
+static BIO_METHOD methods_nbiof=
+ {
+ BIO_TYPE_NBIO_TEST,
+ "non-blocking IO test filter",
+ nbiof_write,
+ nbiof_read,
+ nbiof_puts,
+ nbiof_gets,
+ nbiof_ctrl,
+ nbiof_new,
+ nbiof_free,
+ };
+
+BIO_METHOD *BIO_f_nbio_test()
+ {
+ return(&methods_nbiof);
+ }
+
+static int nbiof_new(bi)
+BIO *bi;
+ {
+ NBIO_TEST *nt;
+
+ nt=(NBIO_TEST *)Malloc(sizeof(NBIO_TEST));
+ nt->lrn= -1;
+ nt->lwn= -1;
+ bi->ptr=(char *)nt;
+ bi->init=1;
+ bi->flags=0;
+ return(1);
+ }
+
+static int nbiof_free(a)
+BIO *a;
+ {
+ if (a == NULL) return(0);
+ if (a->ptr != NULL)
+ Free(a->ptr);
+ a->ptr=NULL;
+ a->init=0;
+ a->flags=0;
+ return(1);
+ }
+
+static int nbiof_read(b,out,outl)
+BIO *b;
+char *out;
+int outl;
+ {
+ NBIO_TEST *nt;
+ int ret=0;
+#if 0
+ int num;
+ unsigned char n;
+#endif
+
+ if (out == NULL) return(0);
+ if (b->next_bio == NULL) return(0);
+ nt=(NBIO_TEST *)b->ptr;
+
+ BIO_clear_retry_flags(b);
+#if 0
+ RAND_bytes(&n,1);
+ num=(n&0x07);
+
+ if (outl > num) outl=num;
+
+ if (num == 0)
+ {
+ ret= -1;
+ BIO_set_retry_read(b);
+ }
+ else
+#endif
+ {
+ ret=BIO_read(b->next_bio,out,outl);
+ if (ret < 0)
+ BIO_copy_next_retry(b);
+ }
+ return(ret);
+ }
+
+static int nbiof_write(b,in,inl)
+BIO *b;
+char *in;
+int inl;
+ {
+ NBIO_TEST *nt;
+ int ret=0;
+ int num;
+ unsigned char n;
+
+ if ((in == NULL) || (inl <= 0)) return(0);
+ if (b->next_bio == NULL) return(0);
+ nt=(NBIO_TEST *)b->ptr;
+
+ BIO_clear_retry_flags(b);
+
+#if 1
+ if (nt->lwn > 0)
+ {
+ num=nt->lwn;
+ nt->lwn=0;
+ }
+ else
+ {
+ RAND_bytes(&n,1);
+ num=(n&7);
+ }
+
+ if (inl > num) inl=num;
+
+ if (num == 0)
+ {
+ ret= -1;
+ BIO_set_retry_write(b);
+ }
+ else
+#endif
+ {
+ ret=BIO_write(b->next_bio,in,inl);
+ if (ret < 0)
+ {
+ BIO_copy_next_retry(b);
+ nt->lwn=inl;
+ }
+ }
+ return(ret);
+ }
+
+static long nbiof_ctrl(b,cmd,num,ptr)
+BIO *b;
+int cmd;
+long num;
+char *ptr;
+ {
+ long ret;
+
+ if (b->next_bio == NULL) return(0);
+ switch (cmd)
+ {
+ case BIO_C_DO_STATE_MACHINE:
+ BIO_clear_retry_flags(b);
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ BIO_copy_next_retry(b);
+ break;
+ case BIO_CTRL_DUP:
+ ret=0L;
+ break;
+ default:
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ break;
+ }
+ return(ret);
+ }
+
+static int nbiof_gets(bp,buf,size)
+BIO *bp;
+char *buf;
+int size;
+ {
+ if (bp->next_bio == NULL) return(0);
+ return(BIO_gets(bp->next_bio,buf,size));
+ }
+
+
+static int nbiof_puts(bp,str)
+BIO *bp;
+char *str;
+ {
+ if (bp->next_bio == NULL) return(0);
+ return(BIO_puts(bp->next_bio,str));
+ }
+
+
diff --git a/src/lib/libssl/src/crypto/bio/bf_null.c b/src/lib/libssl/src/crypto/bio/bf_null.c
new file mode 100644
index 0000000000..a47a65741a
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bio/bf_null.c
@@ -0,0 +1,196 @@
+/* crypto/bio/bf_null.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include "bio.h"
+#include "evp.h"
+
+/* BIO_put and BIO_get both add to the digest,
+ * BIO_gets returns the digest */
+
+#ifndef NOPROTO
+static int nullf_write(BIO *h,char *buf,int num);
+static int nullf_read(BIO *h,char *buf,int size);
+static int nullf_puts(BIO *h,char *str);
+static int nullf_gets(BIO *h,char *str,int size);
+static long nullf_ctrl(BIO *h,int cmd,long arg1,char *arg2);
+static int nullf_new(BIO *h);
+static int nullf_free(BIO *data);
+#else
+static int nullf_write();
+static int nullf_read();
+static int nullf_puts();
+static int nullf_gets();
+static long nullf_ctrl();
+static int nullf_new();
+static int nullf_free();
+#endif
+
+static BIO_METHOD methods_nullf=
+ {
+ BIO_TYPE_NULL_FILTER,
+ "NULL filter",
+ nullf_write,
+ nullf_read,
+ nullf_puts,
+ nullf_gets,
+ nullf_ctrl,
+ nullf_new,
+ nullf_free,
+ };
+
+BIO_METHOD *BIO_f_null()
+ {
+ return(&methods_nullf);
+ }
+
+static int nullf_new(bi)
+BIO *bi;
+ {
+ bi->init=1;
+ bi->ptr=NULL;
+ bi->flags=0;
+ return(1);
+ }
+
+static int nullf_free(a)
+BIO *a;
+ {
+ if (a == NULL) return(0);
+/* a->ptr=NULL;
+ a->init=0;
+ a->flags=0;*/
+ return(1);
+ }
+
+static int nullf_read(b,out,outl)
+BIO *b;
+char *out;
+int outl;
+ {
+ int ret=0;
+
+ if (out == NULL) return(0);
+ if (b->next_bio == NULL) return(0);
+ ret=BIO_read(b->next_bio,out,outl);
+ BIO_clear_retry_flags(b);
+ BIO_copy_next_retry(b);
+ return(ret);
+ }
+
+static int nullf_write(b,in,inl)
+BIO *b;
+char *in;
+int inl;
+ {
+ int ret=0;
+
+ if ((in == NULL) || (inl <= 0)) return(0);
+ if (b->next_bio == NULL) return(0);
+ ret=BIO_write(b->next_bio,in,inl);
+ BIO_clear_retry_flags(b);
+ BIO_copy_next_retry(b);
+ return(ret);
+ }
+
+static long nullf_ctrl(b,cmd,num,ptr)
+BIO *b;
+int cmd;
+long num;
+char *ptr;
+ {
+ long ret;
+
+ if (b->next_bio == NULL) return(0);
+ switch(cmd)
+ {
+ case BIO_C_DO_STATE_MACHINE:
+ BIO_clear_retry_flags(b);
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ BIO_copy_next_retry(b);
+ break;
+ case BIO_CTRL_DUP:
+ ret=0L;
+ break;
+ default:
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ }
+ return(ret);
+ }
+
+static int nullf_gets(bp,buf,size)
+BIO *bp;
+char *buf;
+int size;
+ {
+ if (bp->next_bio == NULL) return(0);
+ return(BIO_gets(bp->next_bio,buf,size));
+ }
+
+
+static int nullf_puts(bp,str)
+BIO *bp;
+char *str;
+ {
+ if (bp->next_bio == NULL) return(0);
+ return(BIO_puts(bp->next_bio,str));
+ }
+
+
diff --git a/src/lib/libssl/src/crypto/bio/bio.h b/src/lib/libssl/src/crypto/bio/bio.h
new file mode 100644
index 0000000000..300b330e00
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bio/bio.h
@@ -0,0 +1,688 @@
+/* crypto/bio/bio.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_BIO_H
+#define HEADER_BIO_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include "crypto.h"
+
+/* These are the 'types' of BIOs */
+#define BIO_TYPE_NONE 0
+#define BIO_TYPE_MEM (1|0x0400)
+#define BIO_TYPE_FILE (2|0x0400)
+
+#define BIO_TYPE_FD (4|0x0400|0x0100)
+#define BIO_TYPE_SOCKET (5|0x0400|0x0100)
+#define BIO_TYPE_NULL (6|0x0400)
+#define BIO_TYPE_SSL (7|0x0200)
+#define BIO_TYPE_MD (8|0x0200) /* pasive filter */
+#define BIO_TYPE_BUFFER (9|0x0200) /* filter */
+#define BIO_TYPE_CIPHER (10|0x0200) /* filter */
+#define BIO_TYPE_BASE64 (11|0x0200) /* filter */
+#define BIO_TYPE_CONNECT (12|0x0400|0x0100) /* socket - connect */
+#define BIO_TYPE_ACCEPT (13|0x0400|0x0100) /* socket for accept */
+#define BIO_TYPE_PROXY_CLIENT (14|0x0200) /* client proxy BIO */
+#define BIO_TYPE_PROXY_SERVER (15|0x0200) /* server proxy BIO */
+#define BIO_TYPE_NBIO_TEST (16|0x0200) /* server proxy BIO */
+#define BIO_TYPE_NULL_FILTER (17|0x0200)
+
+#define BIO_TYPE_DESCRIPTOR 0x0100 /* socket, fd, connect or accept */
+#define BIO_TYPE_FILTER 0x0200
+#define BIO_TYPE_SOURCE_SINK 0x0400
+
+/* BIO_FILENAME_READ|BIO_CLOSE to open or close on free.
+ * BIO_set_fp(in,stdin,BIO_NOCLOSE); */
+#define BIO_NOCLOSE 0x00
+#define BIO_CLOSE 0x01
+
+/* These are used in the following macros and are passed to
+ * BIO_ctrl() */
+#define BIO_CTRL_RESET 1 /* opt - rewind/zero etc */
+#define BIO_CTRL_EOF 2 /* opt - are we at the eof */
+#define BIO_CTRL_INFO 3 /* opt - extra tit-bits */
+#define BIO_CTRL_SET 4 /* man - set the 'IO' type */
+#define BIO_CTRL_GET 5 /* man - get the 'IO' type */
+#define BIO_CTRL_PUSH 6 /* opt - internal, used to signify change */
+#define BIO_CTRL_POP 7 /* opt - internal, used to signify change */
+#define BIO_CTRL_GET_CLOSE 8 /* man - set the 'close' on free */
+#define BIO_CTRL_SET_CLOSE 9 /* man - set the 'close' on free */
+#define BIO_CTRL_PENDING 10 /* opt - is their more data buffered */
+#define BIO_CTRL_FLUSH 11 /* opt - 'flush' buffered output */
+#define BIO_CTRL_DUP 12 /* man - extra stuff for 'duped' BIO */
+#define BIO_CTRL_WPENDING 13 /* opt - number of bytes still to write */
+/* callback is int cb(BIO *bio,state,ret); */
+#define BIO_CTRL_SET_CALLBACK 14 /* opt - set callback function */
+#define BIO_CTRL_GET_CALLBACK 15 /* opt - set callback function */
+
+#define BIO_CTRL_SET_FILENAME 30 /* BIO_s_file special */
+
+/* modifiers */
+#define BIO_FP_READ 0x02
+#define BIO_FP_WRITE 0x04
+#define BIO_FP_APPEND 0x08
+#define BIO_FP_TEXT 0x10
+
+#define BIO_FLAGS_READ 0x01
+#define BIO_FLAGS_WRITE 0x02
+#define BIO_FLAGS_IO_SPECIAL 0x04
+#define BIO_FLAGS_RWS (BIO_FLAGS_READ|BIO_FLAGS_WRITE|BIO_FLAGS_IO_SPECIAL)
+#define BIO_FLAGS_SHOULD_RETRY 0x08
+
+/* Used in BIO_gethostbyname() */
+#define BIO_GHBN_CTRL_HITS 1
+#define BIO_GHBN_CTRL_MISSES 2
+#define BIO_GHBN_CTRL_CACHE_SIZE 3
+#define BIO_GHBN_CTRL_GET_ENTRY 4
+#define BIO_GHBN_CTRL_FLUSH 5
+
+/* Mostly used in the SSL BIO */
+/* Not used anymore
+ * #define BIO_FLAGS_PROTOCOL_DELAYED_READ 0x10
+ * #define BIO_FLAGS_PROTOCOL_DELAYED_WRITE 0x20
+ * #define BIO_FLAGS_PROTOCOL_STARTUP 0x40
+ */
+
+#define BIO_FLAGS_BASE64_NO_NL 0x100
+
+#define BIO_set_flags(b,f) ((b)->flags|=(f))
+#define BIO_get_flags(b) ((b)->flags)
+#define BIO_set_retry_special(b) \
+ ((b)->flags|=(BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY))
+#define BIO_set_retry_read(b) \
+ ((b)->flags|=(BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY))
+#define BIO_set_retry_write(b) \
+ ((b)->flags|=(BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY))
+
+/* These are normally used internally in BIOs */
+#define BIO_clear_flags(b,f) ((b)->flags&= ~(f))
+#define BIO_clear_retry_flags(b) \
+ ((b)->flags&= ~(BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
+#define BIO_get_retry_flags(b) \
+ ((b)->flags&(BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
+
+/* These shouldbe used by the application to tell why we should retry */
+#define BIO_should_read(a) ((a)->flags & BIO_FLAGS_READ)
+#define BIO_should_write(a) ((a)->flags & BIO_FLAGS_WRITE)
+#define BIO_should_io_special(a) ((a)->flags & BIO_FLAGS_IO_SPECIAL)
+#define BIO_retry_type(a) ((a)->flags & BIO_FLAGS_RWS)
+#define BIO_should_retry(a) ((a)->flags & BIO_FLAGS_SHOULD_RETRY)
+
+/* The next two are used in conjunction with the
+ * BIO_should_io_special() condition. After this returns true,
+ * BIO *BIO_get_retry_BIO(BIO *bio, int *reason); will walk the BIO
+ * stack and return the 'reason' for the special and the offending BIO.
+ * Given a BIO, BIO_get_retry_reason(bio) will return the code. */
+/* Returned from the SSL bio when the certificate retrieval code had an error */
+#define BIO_RR_SSL_X509_LOOKUP 0x01
+/* Returned from the connect BIO when a connect would have blocked */
+#define BIO_RR_CONNECT 0x02
+
+/* These are passed by the BIO callback */
+#define BIO_CB_FREE 0x01
+#define BIO_CB_READ 0x02
+#define BIO_CB_WRITE 0x03
+#define BIO_CB_PUTS 0x04
+#define BIO_CB_GETS 0x05
+#define BIO_CB_CTRL 0x06
+
+/* The callback is called before and after the underling operation,
+ * The BIO_CB_RETURN flag indicates if it is after the call */
+#define BIO_CB_RETURN 0x80
+#define BIO_CB_return(a) ((a)|BIO_CB_RETURN))
+#define BIO_cb_pre(a) (!((a)&BIO_CB_RETURN))
+#define BIO_cb_post(a) ((a)&BIO_CB_RETURN)
+
+#define BIO_set_callback(b,cb) ((b)->callback=(cb))
+#define BIO_set_callback_arg(b,arg) ((b)->cb_arg=(char *)(arg))
+#define BIO_get_callback_arg(b) ((b)->cb_arg)
+#define BIO_get_callback(b) ((b)->callback)
+#define BIO_method_name(b) ((b)->method->name)
+#define BIO_method_type(b) ((b)->method->type)
+
+#ifndef WIN16
+typedef struct bio_method_st
+ {
+ int type;
+ char *name;
+ int (*bwrite)();
+ int (*bread)();
+ int (*bputs)();
+ int (*bgets)();
+ long (*ctrl)();
+ int (*create)();
+ int (*destroy)();
+ } BIO_METHOD;
+#else
+typedef struct bio_method_st
+ {
+ int type;
+ char *name;
+ int (_far *bwrite)();
+ int (_far *bread)();
+ int (_far *bputs)();
+ int (_far *bgets)();
+ long (_far *ctrl)();
+ int (_far *create)();
+ int (_far *destroy)();
+ } BIO_METHOD;
+#endif
+
+typedef struct bio_st
+ {
+ BIO_METHOD *method;
+#ifndef NOPROTO
+ /* bio, mode, argp, argi, argl, ret */
+ long (*callback)(struct bio_st *,int,char *,int, long,long);
+#else
+ long (*callback)();
+#endif
+ char *cb_arg; /* first argument for the callback */
+
+ int init;
+ int shutdown;
+ int flags; /* extra storage */
+ int retry_reason;
+ int num;
+ char *ptr;
+ struct bio_st *next_bio; /* used by filter BIOs */
+ struct bio_st *prev_bio; /* used by filter BIOs */
+ int references;
+ unsigned long num_read;
+ unsigned long num_write;
+
+ CRYPTO_EX_DATA ex_data;
+ } BIO;
+
+typedef struct bio_f_buffer_ctx_struct
+ {
+ /* BIO *bio; */ /* this is now in the BIO struct */
+ int ibuf_size; /* how big is the input buffer */
+ int obuf_size; /* how big is the output buffer */
+
+ char *ibuf; /* the char array */
+ int ibuf_len; /* how many bytes are in it */
+ int ibuf_off; /* write/read offset */
+
+ char *obuf; /* the char array */
+ int obuf_len; /* how many bytes are in it */
+ int obuf_off; /* write/read offset */
+ } BIO_F_BUFFER_CTX;
+
+/* connect BIO stuff */
+#define BIO_CONN_S_BEFORE 1
+#define BIO_CONN_S_GET_IP 2
+#define BIO_CONN_S_GET_PORT 3
+#define BIO_CONN_S_CREATE_SOCKET 4
+#define BIO_CONN_S_CONNECT 5
+#define BIO_CONN_S_OK 6
+#define BIO_CONN_S_BLOCKED_CONNECT 7
+#define BIO_CONN_S_NBIO 8
+#define BIO_CONN_get_param_hostname BIO_ctrl
+
+#define BIO_number_read(b) ((b)->num_read)
+#define BIO_number_written(b) ((b)->num_write)
+
+#define BIO_C_SET_CONNECT 100
+#define BIO_C_DO_STATE_MACHINE 101
+#define BIO_C_SET_NBIO 102
+#define BIO_C_SET_PROXY_PARAM 103
+#define BIO_C_SET_FD 104
+#define BIO_C_GET_FD 105
+#define BIO_C_SET_FILE_PTR 106
+#define BIO_C_GET_FILE_PTR 107
+#define BIO_C_SET_FILENAME 108
+#define BIO_C_SET_SSL 109
+#define BIO_C_GET_SSL 110
+#define BIO_C_SET_MD 111
+#define BIO_C_GET_MD 112
+#define BIO_C_GET_CIPHER_STATUS 113
+#define BIO_C_SET_BUF_MEM 114
+#define BIO_C_GET_BUF_MEM_PTR 115
+#define BIO_C_GET_BUFF_NUM_LINES 116
+#define BIO_C_SET_BUFF_SIZE 117
+#define BIO_C_SET_ACCEPT 118
+#define BIO_C_SSL_MODE 119
+#define BIO_C_GET_MD_CTX 120
+#define BIO_C_GET_PROXY_PARAM 121
+#define BIO_C_SET_BUFF_READ_DATA 122 /* data to read first */
+#define BIO_C_GET_CONNECT 123
+#define BIO_C_GET_ACCEPT 124
+#define BIO_C_SET_SSL_RENEGOTIATE_BYTES 125
+#define BIO_C_GET_SSL_NUM_RENEGOTIATES 126
+#define BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT 127
+
+#define BIO_set_app_data(s,arg) BIO_set_ex_data(s,0,(char *)arg)
+#define BIO_get_app_data(s) BIO_get_ex_data(s,0)
+
+int BIO_get_ex_num(BIO *bio);
+int BIO_set_ex_data(BIO *bio,int idx,char *data);
+char *BIO_get_ex_data(BIO *bio,int idx);
+void BIO_set_ex_free_func(BIO *bio,int idx,void (*cb)());
+int BIO_get_ex_new_index(long argl, char *argp, int (*new_func)(),
+ int (*dup_func)(), void (*free_func)());
+
+/* BIO_s_connect_socket() */
+#define BIO_set_conn_hostname(b,name) BIO_ctrl(b,BIO_C_SET_CONNECT,0,(char *)name)
+#define BIO_set_conn_port(b,port) BIO_ctrl(b,BIO_C_SET_CONNECT,1,(char *)port)
+#define BIO_set_conn_ip(b,ip) BIO_ctrl(b,BIO_C_SET_CONNECT,2,(char *)ip)
+#define BIO_set_conn_int_port(b,port) BIO_ctrl(b,BIO_C_SET_CONNECT,3,(char *)port)
+#define BIO_get_conn_hostname(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,0)
+#define BIO_get_conn_port(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,1)
+#define BIO_get_conn_ip(b,ip) BIO_ptr_ctrl(b,BIO_C_SET_CONNECT,2)
+#define BIO_get_conn_int port(b,port) BIO_int_ctrl(b,BIO_C_SET_CONNECT,3,port)
+
+#define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL)
+
+/* BIO_s_accept_socket() */
+#define BIO_set_accept_port(b,name) BIO_ctrl(b,BIO_C_SET_ACCEPT,0,(char *)name)
+#define BIO_get_accept_port(b) BIO_ptr_ctrl(b,BIO_C_GET_ACCEPT,0)
+/* #define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL) */
+#define BIO_set_nbio_accept(b,n) BIO_ctrl(b,BIO_C_SET_ACCEPT,1,(n)?"a":NULL)
+#define BIO_set_accept_bios(b,bio) BIO_ctrl(b,BIO_C_SET_ACCEPT,2,(char *)bio)
+
+#define BIO_do_connect(b) BIO_do_handshake(b)
+#define BIO_do_accept(b) BIO_do_handshake(b)
+#define BIO_do_handshake(b) BIO_ctrl(b,BIO_C_DO_STATE_MACHINE,0,NULL)
+
+/* BIO_s_proxy_client() */
+#define BIO_set_url(b,url) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,0,(char *)(url))
+#define BIO_set_proxies(b,p) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,1,(char *)(p))
+/* BIO_set_nbio(b,n) */
+#define BIO_set_filter_bio(b,s) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,2,(char *)(s))
+/* BIO *BIO_get_filter_bio(BIO *bio); */
+#define BIO_set_proxy_cb(b,cb) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,3,(char *)(cb))
+#define BIO_set_proxy_header(b,sk) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,4,(char *)sk)
+#define BIO_set_no_connect_return(b,bool) BIO_int_ctrl(b,BIO_C_SET_PROXY_PARAM,5,bool)
+
+#define BIO_get_proxy_header(b,skp) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,0,(char *)skp)
+#define BIO_get_proxies(b,pxy_p) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,1,(char *)(pxy_p))
+#define BIO_get_url(b,url) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,2,(char *)(url))
+#define BIO_get_no_connect_return(b) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,5,NULL)
+
+#define BIO_set_fd(b,fd,c) BIO_int_ctrl(b,BIO_C_SET_FD,c,fd)
+#define BIO_get_fd(b,c) BIO_ctrl(b,BIO_C_GET_FD,0,(char *)c)
+
+#define BIO_set_fp(b,fp,c) BIO_ctrl(b,BIO_C_SET_FILE_PTR,c,(char *)fp)
+#define BIO_get_fp(b,fpp) BIO_ctrl(b,BIO_C_GET_FILE_PTR,0,(char *)fpp)
+
+#define BIO_read_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
+ BIO_CLOSE|BIO_FP_READ,name)
+#define BIO_write_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
+ BIO_CLOSE|BIO_FP_WRITE,name)
+#define BIO_append_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
+ BIO_CLOSE|BIO_FP_APPEND,name)
+
+/* WARNING WARNING, this ups the reference count on the read bio of the
+ * SSL structure. This is because the ssl read BIO is now pointed to by
+ * the next_bio field in the bio. So when you free the BIO, make sure
+ * you are doing a BIO_free_all() to catch the underlying BIO. */
+#define BIO_set_ssl(b,ssl,c) BIO_ctrl(b,BIO_C_SET_SSL,c,(char *)ssl)
+#define BIO_get_ssl(b,sslp) BIO_ctrl(b,BIO_C_GET_SSL,0,(char *)sslp)
+#define BIO_set_ssl_mode(b,client) BIO_ctrl(b,BIO_C_SSL_MODE,client,NULL)
+#define BIO_set_ssl_renegotiate_bytes(b,num) \
+ BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_BYTES,num,NULL);
+#define BIO_get_num_renegotiates(b) \
+ BIO_ctrl(b,BIO_C_SET_SSL_NUM_RENEGOTIATES,0,NULL);
+#define BIO_set_ssl_renegotiate_timeout(b,seconds) \
+ BIO_ctrl(b,BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT,seconds,NULL);
+
+/* defined in evp.h */
+/* #define BIO_set_md(b,md) BIO_ctrl(b,BIO_C_SET_MD,1,(char *)md) */
+
+#define BIO_set_mem_buf(b,bm,c) BIO_ctrl(b,BIO_C_SET_BUF_MEM,c,(char *)bm)
+#define BIO_get_mem_ptr(b,pp) BIO_ctrl(b,BIO_C_GET_BUF_MEM_PTR,0,(char *)pp)
+
+/* For the BIO_f_buffer() type */
+#define BIO_get_buffer_num_lines(b) BIO_ctrl(b,BIO_C_GET_BUFF_NUM_LINES,0,NULL)
+#define BIO_set_buffer_size(b,size) BIO_ctrl(b,BIO_C_SET_BUFF_SIZE,size,NULL)
+#define BIO_set_read_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,0)
+#define BIO_set_write_buffer_size(b,size) BIO_int_ctrl(b,BIO_C_SET_BUFF_SIZE,size,1)
+#define BIO_set_buffer_read_data(b,buf,num) BIO_ctrl(b,BIO_C_SET_BUFF_READ_DATA,num,buf)
+
+/* Don't use the next one unless you know what you are doing :-) */
+#define BIO_dup_state(b,ret) BIO_ctrl(b,BIO_CTRL_DUP,0,(char *)(ret))
+
+#define BIO_reset(b) (int)BIO_ctrl(b,BIO_CTRL_RESET,0,NULL)
+#define BIO_eof(b) (int)BIO_ctrl(b,BIO_CTRL_EOF,0,NULL)
+#define BIO_set_close(b,c) (int)BIO_ctrl(b,BIO_CTRL_SET_CLOSE,(c),NULL)
+#define BIO_get_close(b) (int)BIO_ctrl(b,BIO_CTRL_GET_CLOSE,0,NULL)
+#define BIO_pending(b) (int)BIO_ctrl(b,BIO_CTRL_PENDING,0,NULL)
+#define BIO_wpending(b) (int)BIO_ctrl(b,BIO_CTRL_WPENDING,0,NULL)
+#define BIO_flush(b) (int)BIO_ctrl(b,BIO_CTRL_FLUSH,0,NULL)
+#define BIO_get_info_callback(b,cbp) (int)BIO_ctrl(b,BIO_CTRL_GET_CALLBACK,0,(char *)cbp)
+#define BIO_set_info_callback(b,cb) (int)BIO_ctrl(b,BIO_CTRL_SET_CALLBACK,0,(char *)cb)
+
+/* For the BIO_f_buffer() type */
+#define BIO_buffer_get_num_lines(b) BIO_ctrl(b,BIO_CTRL_GET,0,NULL)
+
+#ifdef NO_STDIO
+#define NO_FP_API
+#endif
+
+#ifndef NOPROTO
+# if defined(WIN16) && defined(_WINDLL)
+BIO_METHOD *BIO_s_file_internal(void);
+BIO *BIO_new_file_internal(char *filename, char *mode);
+BIO *BIO_new_fp_internal(FILE *stream, int close_flag);
+# define BIO_s_file BIO_s_file_internal
+# define BIO_new_file BIO_new_file_internal
+# define BIO_new_fp BIO_new_fp_internal
+# else /* FP_API */
+BIO_METHOD *BIO_s_file(void );
+BIO *BIO_new_file(char *filename, char *mode);
+BIO *BIO_new_fp(FILE *stream, int close_flag);
+# define BIO_s_file_internal BIO_s_file
+# define BIO_new_file_internal BIO_new_file
+# define BIO_new_fp_internal BIO_s_file
+# endif /* FP_API */
+#else
+# if defined(WIN16) && defined(_WINDLL)
+BIO_METHOD *BIO_s_file_internal();
+BIO *BIO_new_file_internal();
+BIO *BIO_new_fp_internal();
+# define BIO_s_file BIO_s_file_internal
+# define BIO_new_file BIO_new_file_internal
+# define BIO_new_fp BIO_new_fp_internal
+# else /* FP_API */
+BIO_METHOD *BIO_s_file();
+BIO *BIO_new_file();
+BIO *BIO_new_fp();
+# define BIO_s_file_internal BIO_s_file
+# define BIO_new_file_internal BIO_new_file
+# define BIO_new_fp_internal BIO_s_file
+# endif /* FP_API */
+#endif
+
+#ifndef NOPROTO
+BIO * BIO_new(BIO_METHOD *type);
+int BIO_set(BIO *a,BIO_METHOD *type);
+int BIO_free(BIO *a);
+int BIO_read(BIO *b, char *data, int len);
+int BIO_gets(BIO *bp,char *buf, int size);
+int BIO_write(BIO *b, char *data, int len);
+int BIO_puts(BIO *bp,char *buf);
+long BIO_ctrl(BIO *bp,int cmd,long larg,char *parg);
+char * BIO_ptr_ctrl(BIO *bp,int cmd,long larg);
+long BIO_int_ctrl(BIO *bp,int cmd,long larg,int iarg);
+BIO * BIO_push(BIO *b,BIO *append);
+BIO * BIO_pop(BIO *b);
+void BIO_free_all(BIO *a);
+BIO * BIO_find_type(BIO *b,int bio_type);
+BIO * BIO_get_retry_BIO(BIO *bio, int *reason);
+int BIO_get_retry_reason(BIO *bio);
+BIO * BIO_dup_chain(BIO *in);
+
+#ifndef WIN16
+long BIO_debug_callback(BIO *bio,int cmd,char *argp,int argi,
+ long argl,long ret);
+#else
+long _far _loadds BIO_debug_callback(BIO *bio,int cmd,char *argp,int argi,
+ long argl,long ret);
+#endif
+
+BIO_METHOD *BIO_s_mem(void);
+BIO_METHOD *BIO_s_socket(void);
+BIO_METHOD *BIO_s_connect(void);
+BIO_METHOD *BIO_s_accept(void);
+BIO_METHOD *BIO_s_fd(void);
+BIO_METHOD *BIO_s_null(void);
+BIO_METHOD *BIO_f_null(void);
+BIO_METHOD *BIO_f_nbio_test(void);
+BIO_METHOD *BIO_f_buffer(void);
+
+int BIO_sock_should_retry(int i);
+int BIO_sock_non_fatal_error(int error);
+int BIO_fd_should_retry(int i);
+int BIO_fd_non_fatal_error(int error);
+int BIO_dump(BIO *b,char *bytes,int len);
+
+struct hostent *BIO_gethostbyname(char *name);
+int BIO_sock_error(int sock);
+int BIO_socket_ioctl(int fd, long type, unsigned long *arg);
+int BIO_get_port(char *str, short *port_ptr);
+int BIO_get_host_ip(char *str, unsigned char *ip);
+int BIO_get_accept_socket(char *host_port);
+int BIO_accept(int sock,char **ip_port);
+int BIO_sock_init(void );
+void BIO_sock_cleanup(void);
+int BIO_set_tcp_ndelay(int sock,int turn_on);
+
+void ERR_load_BIO_strings(void );
+
+BIO *BIO_new_socket(int sock, int close_flag);
+BIO *BIO_new_fd(int fd, int close_flag);
+BIO *BIO_new_connect(char *host_port);
+BIO *BIO_new_accept(char *host_port);
+
+void BIO_copy_next_retry(BIO *b);
+
+long BIO_ghbn_ctrl(int cmd,int iarg,char *parg);
+
+#else
+
+BIO * BIO_new();
+int BIO_set();
+int BIO_free();
+int BIO_read();
+int BIO_gets();
+int BIO_write();
+int BIO_puts();
+char * BIO_ptr_ctrl();
+long BIO_ctrl();
+long BIO_int_ctrl();
+BIO * BIO_push();
+BIO * BIO_pop();
+void BIO_free_all();
+BIO * BIO_find_type();
+BIO * BIO_get_retry_BIO();
+int BIO_get_retry_reason();
+BIO * BIO_dup_chain();
+
+#ifndef WIN16
+long BIO_debug_callback();
+#else
+long _far _loadds BIO_debug_callback();
+#endif
+
+BIO_METHOD *BIO_s_mem();
+BIO_METHOD *BIO_s_socket();
+BIO_METHOD *BIO_s_connect();
+BIO_METHOD *BIO_s_accept();
+BIO_METHOD *BIO_s_fd();
+BIO_METHOD *BIO_s_null();
+BIO_METHOD *BIO_f_null();
+BIO_METHOD *BIO_f_buffer();
+BIO_METHOD *BIO_f_nbio_test();
+
+int BIO_sock_should_retry();
+int BIO_sock_non_fatal_error();
+int BIO_fd_should_retry();
+int BIO_fd_non_fatal_error();
+int BIO_dump();
+
+struct hostent *BIO_gethostbyname();
+int BIO_sock_error();
+int BIO_socket_ioctl();
+int BIO_get_port();
+int BIO_get_host_ip();
+int BIO_get_accept_socket();
+int BIO_accept();
+int BIO_sock_init();
+void BIO_sock_cleanup();
+int BIO_set_tcp_ndelay();
+
+void ERR_load_BIO_strings();
+
+BIO *BIO_new_socket();
+BIO *BIO_new_fd();
+BIO *BIO_new_connect();
+BIO *BIO_new_accept();
+
+void BIO_copy_next_retry();
+
+int BIO_ghbn_ctrl();
+
+#endif
+
+/* Tim Hudson's portable varargs stuff */
+
+#ifndef NOPROTO
+#define VAR_ANSI /* select ANSI version by default */
+#endif
+
+#ifdef VAR_ANSI
+/* ANSI version of a "portable" macro set for variable length args */
+#ifndef __STDARG_H__ /**/
+#include <stdarg.h>
+#endif /**/
+
+#define VAR_PLIST(arg1type,arg1) arg1type arg1, ...
+#define VAR_PLIST2(arg1type,arg1,arg2type,arg2) arg1type arg1,arg2type arg2,...
+#define VAR_ALIST
+#define VAR_BDEFN(args,arg1type,arg1) va_list args
+#define VAR_BDEFN2(args,arg1type,arg1,arg2type,arg2) va_list args
+#define VAR_INIT(args,arg1type,arg1) va_start(args,arg1);
+#define VAR_INIT2(args,arg1type,arg1,arg2type,arg2) va_start(args,arg2);
+#define VAR_ARG(args,type,arg) arg=va_arg(args,type)
+#define VAR_END(args) va_end(args);
+
+#else
+
+/* K&R version of a "portable" macro set for variable length args */
+#ifndef __VARARGS_H__
+#include <varargs.h>
+#endif
+
+#define VAR_PLIST(arg1type,arg1) va_alist
+#define VAR_PLIST2(arg1type,arg1,arg2type,arg2) va_alist
+#define VAR_ALIST va_dcl
+#define VAR_BDEFN(args,arg1type,arg1) va_list args; arg1type arg1
+#define VAR_BDEFN2(args,arg1type,arg1,arg2type,arg2) va_list args; \
+ arg1type arg1; arg2type arg2
+#define VAR_INIT(args,arg1type,arg1) va_start(args); \
+ arg1=va_arg(args,arg1type);
+#define VAR_INIT2(args,arg1type,arg1,arg2type,arg2) va_start(args); \
+ arg1=va_arg(args,arg1type); arg2=va_arg(args,arg2type);
+#define VAR_ARG(args,type,arg) arg=va_arg(args,type)
+#define VAR_END(args) va_end(args);
+
+#endif
+
+#ifndef NOPROTO
+int BIO_printf( VAR_PLIST( BIO *, bio ) );
+#else
+int BIO_printf();
+#endif
+
+/* BEGIN ERROR CODES */
+/* Error codes for the BIO functions. */
+
+/* Function codes. */
+#define BIO_F_ACPT_STATE 100
+#define BIO_F_BIO_ACCEPT 101
+#define BIO_F_BIO_CTRL 102
+#define BIO_F_BIO_GETS 103
+#define BIO_F_BIO_GET_ACCEPT_SOCKET 104
+#define BIO_F_BIO_GET_HOST_IP 105
+#define BIO_F_BIO_GET_PORT 106
+#define BIO_F_BIO_NEW 107
+#define BIO_F_BIO_NEW_FILE 108
+#define BIO_F_BIO_PUTS 109
+#define BIO_F_BIO_READ 110
+#define BIO_F_BIO_SOCK_INIT 111
+#define BIO_F_BIO_WRITE 112
+#define BIO_F_BUFFER_CTRL 113
+#define BIO_F_CONN_STATE 114
+#define BIO_F_FILE_CTRL 115
+#define BIO_F_MEM_WRITE 116
+#define BIO_F_SSL_NEW 117
+#define BIO_F_WSASTARTUP 118
+
+/* Reason codes. */
+#define BIO_R_ACCEPT_ERROR 100
+#define BIO_R_BAD_FOPEN_MODE 101
+#define BIO_R_BAD_HOSTNAME_LOOKUP 102
+#define BIO_R_CONNECT_ERROR 103
+#define BIO_R_ERROR_SETTING_NBIO 104
+#define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET 105
+#define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET 106
+#define BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET 107
+#define BIO_R_INVALID_IP_ADDRESS 108
+#define BIO_R_KEEPALIVE 109
+#define BIO_R_NBIO_CONNECT_ERROR 110
+#define BIO_R_NO_ACCEPT_PORT_SPECIFIED 111
+#define BIO_R_NO_HOSTHNAME_SPECIFIED 112
+#define BIO_R_NO_PORT_DEFINED 113
+#define BIO_R_NO_PORT_SPECIFIED 114
+#define BIO_R_NULL_PARAMETER 115
+#define BIO_R_UNABLE_TO_BIND_SOCKET 116
+#define BIO_R_UNABLE_TO_CREATE_SOCKET 117
+#define BIO_R_UNABLE_TO_LISTEN_SOCKET 118
+#define BIO_R_UNINITALISED 119
+#define BIO_R_UNSUPPORTED_METHOD 120
+#define BIO_R_WSASTARTUP 121
+
+#ifdef __cplusplus
+}
+#endif
+#endif
+
diff --git a/src/lib/libssl/src/crypto/bio/bio_cb.c b/src/lib/libssl/src/crypto/bio/bio_cb.c
new file mode 100644
index 0000000000..bc6ed9eda1
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bio/bio_cb.c
@@ -0,0 +1,138 @@
+/* crypto/bio/bio_cb.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include "cryptlib.h"
+#include "bio.h"
+#include "err.h"
+
+long MS_CALLBACK BIO_debug_callback(bio,cmd,argp,argi,argl,ret)
+BIO *bio;
+int cmd;
+char *argp;
+int argi;
+long argl;
+long ret;
+ {
+ BIO *b;
+ MS_STATIC char buf[256];
+ char *p;
+ long r=1;
+
+ if (BIO_CB_RETURN & cmd)
+ r=ret;
+
+ sprintf(buf,"BIO[%08lX]:",(unsigned long)bio);
+ p= &(buf[14]);
+ switch (cmd)
+ {
+ case BIO_CB_FREE:
+ sprintf(p,"Free - %s\n",bio->method->name);
+ break;
+ case BIO_CB_READ:
+ if (bio->method->type & BIO_TYPE_DESCRIPTOR)
+ sprintf(p,"read(%d,%d) - %s fd=%d\n",bio->num,argi,bio->method->name,bio->num);
+ else
+ sprintf(p,"read(%d,%d) - %s\n",bio->num,argi,bio->method->name);
+ break;
+ case BIO_CB_WRITE:
+ if (bio->method->type & BIO_TYPE_DESCRIPTOR)
+ sprintf(p,"write(%d,%d) - %s fd=%d\n",bio->num,argi,bio->method->name,bio->num);
+ else
+ sprintf(p,"write(%d,%d) - %s\n",bio->num,argi,bio->method->name);
+ break;
+ case BIO_CB_PUTS:
+ sprintf(p,"puts() - %s\n",bio->method->name);
+ break;
+ case BIO_CB_GETS:
+ sprintf(p,"gets(%d) - %s\n",argi,bio->method->name);
+ break;
+ case BIO_CB_CTRL:
+ sprintf(p,"ctrl(%d) - %s\n",argi,bio->method->name);
+ break;
+ case BIO_CB_RETURN|BIO_CB_READ:
+ sprintf(p,"read return %ld\n",ret);
+ break;
+ case BIO_CB_RETURN|BIO_CB_WRITE:
+ sprintf(p,"write return %ld\n",ret);
+ break;
+ case BIO_CB_RETURN|BIO_CB_GETS:
+ sprintf(p,"gets return %ld\n",ret);
+ break;
+ case BIO_CB_RETURN|BIO_CB_PUTS:
+ sprintf(p,"puts return %ld\n",ret);
+ break;
+ case BIO_CB_RETURN|BIO_CB_CTRL:
+ sprintf(p,"ctrl return %ld\n",ret);
+ break;
+ default:
+ sprintf(p,"bio callback - unknown type (%d)\n",cmd);
+ break;
+ }
+
+ b=(BIO *)bio->cb_arg;
+ if (b != NULL)
+ BIO_write(b,buf,strlen(buf));
+#if !defined(NO_STDIO) && !defined(WIN16)
+ else
+ fputs(buf,stderr);
+#endif
+ return(r);
+ }
diff --git a/src/lib/libssl/src/crypto/bio/bio_err.c b/src/lib/libssl/src/crypto/bio/bio_err.c
new file mode 100644
index 0000000000..37e14ca107
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bio/bio_err.c
@@ -0,0 +1,130 @@
+/* lib/bio/bio_err.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include "err.h"
+#include "bio.h"
+
+/* BEGIN ERROR CODES */
+#ifndef NO_ERR
+static ERR_STRING_DATA BIO_str_functs[]=
+ {
+{ERR_PACK(0,BIO_F_ACPT_STATE,0), "ACPT_STATE"},
+{ERR_PACK(0,BIO_F_BIO_ACCEPT,0), "BIO_accept"},
+{ERR_PACK(0,BIO_F_BIO_CTRL,0), "BIO_ctrl"},
+{ERR_PACK(0,BIO_F_BIO_GETS,0), "BIO_gets"},
+{ERR_PACK(0,BIO_F_BIO_GET_ACCEPT_SOCKET,0), "BIO_get_accept_socket"},
+{ERR_PACK(0,BIO_F_BIO_GET_HOST_IP,0), "BIO_get_host_ip"},
+{ERR_PACK(0,BIO_F_BIO_GET_PORT,0), "BIO_get_port"},
+{ERR_PACK(0,BIO_F_BIO_NEW,0), "BIO_new"},
+{ERR_PACK(0,BIO_F_BIO_NEW_FILE,0), "BIO_new_file"},
+{ERR_PACK(0,BIO_F_BIO_PUTS,0), "BIO_puts"},
+{ERR_PACK(0,BIO_F_BIO_READ,0), "BIO_read"},
+{ERR_PACK(0,BIO_F_BIO_SOCK_INIT,0), "BIO_sock_init"},
+{ERR_PACK(0,BIO_F_BIO_WRITE,0), "BIO_write"},
+{ERR_PACK(0,BIO_F_BUFFER_CTRL,0), "BUFFER_CTRL"},
+{ERR_PACK(0,BIO_F_CONN_STATE,0), "CONN_STATE"},
+{ERR_PACK(0,BIO_F_FILE_CTRL,0), "FILE_CTRL"},
+{ERR_PACK(0,BIO_F_MEM_WRITE,0), "MEM_WRITE"},
+{ERR_PACK(0,BIO_F_SSL_NEW,0), "SSL_NEW"},
+{ERR_PACK(0,BIO_F_WSASTARTUP,0), "WSASTARTUP"},
+{0,NULL},
+ };
+
+static ERR_STRING_DATA BIO_str_reasons[]=
+ {
+{BIO_R_ACCEPT_ERROR ,"accept error"},
+{BIO_R_BAD_FOPEN_MODE ,"bad fopen mode"},
+{BIO_R_BAD_HOSTNAME_LOOKUP ,"bad hostname lookup"},
+{BIO_R_CONNECT_ERROR ,"connect error"},
+{BIO_R_ERROR_SETTING_NBIO ,"error setting nbio"},
+{BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET,"error setting nbio on accepted socket"},
+{BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET,"error setting nbio on accept socket"},
+{BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET ,"gethostbyname addr is not af inet"},
+{BIO_R_INVALID_IP_ADDRESS ,"invalid ip address"},
+{BIO_R_KEEPALIVE ,"keepalive"},
+{BIO_R_NBIO_CONNECT_ERROR ,"nbio connect error"},
+{BIO_R_NO_ACCEPT_PORT_SPECIFIED ,"no accept port specified"},
+{BIO_R_NO_HOSTHNAME_SPECIFIED ,"no hosthname specified"},
+{BIO_R_NO_PORT_DEFINED ,"no port defined"},
+{BIO_R_NO_PORT_SPECIFIED ,"no port specified"},
+{BIO_R_NULL_PARAMETER ,"null parameter"},
+{BIO_R_UNABLE_TO_BIND_SOCKET ,"unable to bind socket"},
+{BIO_R_UNABLE_TO_CREATE_SOCKET ,"unable to create socket"},
+{BIO_R_UNABLE_TO_LISTEN_SOCKET ,"unable to listen socket"},
+{BIO_R_UNINITALISED ,"uninitalised"},
+{BIO_R_UNSUPPORTED_METHOD ,"unsupported method"},
+{BIO_R_WSASTARTUP ,"wsastartup"},
+{0,NULL},
+ };
+
+#endif
+
+void ERR_load_BIO_strings()
+ {
+ static int init=1;
+
+ if (init);
+ {;
+ init=0;
+#ifndef NO_ERR
+ ERR_load_strings(ERR_LIB_BIO,BIO_str_functs);
+ ERR_load_strings(ERR_LIB_BIO,BIO_str_reasons);
+#endif
+
+ }
+ }
diff --git a/src/lib/libssl/src/crypto/bio/bio_lib.c b/src/lib/libssl/src/crypto/bio/bio_lib.c
new file mode 100644
index 0000000000..7a66b0892e
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bio/bio_lib.c
@@ -0,0 +1,519 @@
+/* crypto/bio/bio_lib.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#include "crypto.h"
+#include "cryptlib.h"
+#include "bio.h"
+#include "stack.h"
+
+static STACK *bio_meth=NULL;
+static int bio_meth_num=0;
+
+BIO *BIO_new(method)
+BIO_METHOD *method;
+ {
+ BIO *ret=NULL;
+
+ ret=(BIO *)Malloc(sizeof(BIO));
+ if (ret == NULL)
+ {
+ BIOerr(BIO_F_BIO_NEW,ERR_R_MALLOC_FAILURE);
+ return(NULL);
+ }
+ if (!BIO_set(ret,method))
+ {
+ Free(ret);
+ ret=NULL;
+ }
+ return(ret);
+ }
+
+int BIO_set(bio,method)
+BIO *bio;
+BIO_METHOD *method;
+ {
+ bio->method=method;
+ bio->callback=NULL;
+ bio->cb_arg=NULL;
+ bio->init=0;
+ bio->shutdown=1;
+ bio->flags=0;
+ bio->retry_reason=0;
+ bio->num=0;
+ bio->ptr=NULL;
+ bio->prev_bio=NULL;
+ bio->next_bio=NULL;
+ bio->references=1;
+ bio->num_read=0L;
+ bio->num_write=0L;
+ CRYPTO_new_ex_data(bio_meth,(char *)bio,&bio->ex_data);
+ if (method->create != NULL)
+ if (!method->create(bio))
+ return(0);
+ return(1);
+ }
+
+int BIO_free(a)
+BIO *a;
+ {
+ int ret=0,i;
+
+ if (a == NULL) return(0);
+
+ i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_BIO);
+#ifdef REF_PRINT
+ REF_PRINT("BIO",a);
+#endif
+ if (i > 0) return(1);
+#ifdef REF_CHECK
+ if (i < 0)
+ {
+ fprintf(stderr,"BIO_free, bad reference count\n");
+ abort();
+ }
+#endif
+ if ((a->callback != NULL) &&
+ ((i=(int)a->callback(a,BIO_CB_FREE,NULL,0,0L,1L)) <= 0))
+ return(i);
+
+ CRYPTO_free_ex_data(bio_meth,(char *)a,&a->ex_data);
+
+ if ((a->method == NULL) || (a->method->destroy == NULL)) return(1);
+ ret=a->method->destroy(a);
+ Free(a);
+ return(1);
+ }
+
+int BIO_read(b,out,outl)
+BIO *b;
+char *out;
+int outl;
+ {
+ int i;
+ long (*cb)();
+
+ if ((b == NULL) || (b->method == NULL) || (b->method->bread == NULL))
+ {
+ BIOerr(BIO_F_BIO_READ,BIO_R_UNSUPPORTED_METHOD);
+ return(-2);
+ }
+
+ cb=b->callback;
+ if ((cb != NULL) &&
+ ((i=(int)cb(b,BIO_CB_READ,out,outl,0L,1L)) <= 0))
+ return(i);
+
+ if (!b->init)
+ {
+ BIOerr(BIO_F_BIO_READ,BIO_R_UNINITALISED);
+ return(-2);
+ }
+
+ i=b->method->bread(b,out,outl);
+ if (i > 0) b->num_read+=(unsigned long)i;
+
+ if (cb != NULL)
+ i=(int)cb(b,BIO_CB_READ|BIO_CB_RETURN,out,outl,
+ 0L,(long)i);
+ return(i);
+ }
+
+int BIO_write(b,in,inl)
+BIO *b;
+char *in;
+int inl;
+ {
+ int i;
+ long (*cb)();
+
+ if (b == NULL)
+ return(0);
+
+ cb=b->callback;
+ if ((b->method == NULL) || (b->method->bwrite == NULL))
+ {
+ BIOerr(BIO_F_BIO_WRITE,BIO_R_UNSUPPORTED_METHOD);
+ return(-2);
+ }
+
+ if ((cb != NULL) &&
+ ((i=(int)cb(b,BIO_CB_WRITE,in,inl,0L,1L)) <= 0))
+ return(i);
+
+ if (!b->init)
+ {
+ BIOerr(BIO_F_BIO_WRITE,BIO_R_UNINITALISED);
+ return(-2);
+ }
+
+ i=b->method->bwrite(b,in,inl);
+ if (i > 0) b->num_write+=(unsigned long)i;
+
+ if (cb != NULL)
+ i=(int)cb(b,BIO_CB_WRITE|BIO_CB_RETURN,in,inl,
+ 0L,(long)i);
+ return(i);
+ }
+
+int BIO_puts(b,in)
+BIO *b;
+char *in;
+ {
+ int i;
+ long (*cb)();
+
+ if ((b == NULL) || (b->method == NULL) || (b->method->bputs == NULL))
+ {
+ BIOerr(BIO_F_BIO_PUTS,BIO_R_UNSUPPORTED_METHOD);
+ return(-2);
+ }
+
+ cb=b->callback;
+
+ if ((cb != NULL) &&
+ ((i=(int)cb(b,BIO_CB_PUTS,in,0,0L,1L)) <= 0))
+ return(i);
+
+ if (!b->init)
+ {
+ BIOerr(BIO_F_BIO_PUTS,BIO_R_UNINITALISED);
+ return(-2);
+ }
+
+ i=b->method->bputs(b,in);
+
+ if (cb != NULL)
+ i=(int)cb(b,BIO_CB_PUTS|BIO_CB_RETURN,in,0,
+ 0L,(long)i);
+ return(i);
+ }
+
+int BIO_gets(b,in,inl)
+BIO *b;
+char *in;
+int inl;
+ {
+ int i;
+ long (*cb)();
+
+ if ((b == NULL) || (b->method == NULL) || (b->method->bgets == NULL))
+ {
+ BIOerr(BIO_F_BIO_GETS,BIO_R_UNSUPPORTED_METHOD);
+ return(-2);
+ }
+
+ cb=b->callback;
+
+ if ((cb != NULL) &&
+ ((i=(int)cb(b,BIO_CB_GETS,in,inl,0L,1L)) <= 0))
+ return(i);
+
+ if (!b->init)
+ {
+ BIOerr(BIO_F_BIO_GETS,BIO_R_UNINITALISED);
+ return(-2);
+ }
+
+ i=b->method->bgets(b,in,inl);
+
+ if (cb != NULL)
+ i=(int)cb(b,BIO_CB_GETS|BIO_CB_RETURN,in,inl,
+ 0L,(long)i);
+ return(i);
+ }
+
+long BIO_int_ctrl(b,cmd,larg,iarg)
+BIO *b;
+int cmd;
+long larg;
+int iarg;
+ {
+ int i;
+
+ i=iarg;
+ return(BIO_ctrl(b,cmd,larg,(char *)&i));
+ }
+
+char *BIO_ptr_ctrl(b,cmd,larg)
+BIO *b;
+int cmd;
+long larg;
+ {
+ char *p=NULL;
+
+ if (BIO_ctrl(b,cmd,larg,(char *)&p) <= 0)
+ return(NULL);
+ else
+ return(p);
+ }
+
+long BIO_ctrl(b,cmd,larg,parg)
+BIO *b;
+int cmd;
+long larg;
+char *parg;
+ {
+ long ret;
+ long (*cb)();
+
+ if (b == NULL) return(0);
+
+ if ((b->method == NULL) || (b->method->ctrl == NULL))
+ {
+ BIOerr(BIO_F_BIO_CTRL,BIO_R_UNSUPPORTED_METHOD);
+ return(-2);
+ }
+
+ cb=b->callback;
+
+ if ((cb != NULL) &&
+ ((ret=cb(b,BIO_CB_CTRL,parg,cmd,larg,1L)) <= 0))
+ return(ret);
+
+ ret=b->method->ctrl(b,cmd,larg,parg);
+
+ if (cb != NULL)
+ ret=cb(b,BIO_CB_CTRL|BIO_CB_RETURN,parg,cmd,
+ larg,ret);
+ return(ret);
+ }
+
+/* put the 'bio' on the end of b's list of operators */
+BIO *BIO_push(b,bio)
+BIO *b,*bio;
+ {
+ BIO *lb;
+
+ if (b == NULL) return(bio);
+ lb=b;
+ while (lb->next_bio != NULL)
+ lb=lb->next_bio;
+ lb->next_bio=bio;
+ if (bio != NULL)
+ bio->prev_bio=lb;
+ /* called to do internal processing */
+ BIO_ctrl(b,BIO_CTRL_PUSH,0,NULL);
+ return(b);
+ }
+
+/* Remove the first and return the rest */
+BIO *BIO_pop(b)
+BIO *b;
+ {
+ BIO *ret;
+
+ if (b == NULL) return(NULL);
+ ret=b->next_bio;
+
+ if (b->prev_bio != NULL)
+ b->prev_bio->next_bio=b->next_bio;
+ if (b->next_bio != NULL)
+ b->next_bio->prev_bio=b->prev_bio;
+
+ b->next_bio=NULL;
+ b->prev_bio=NULL;
+ BIO_ctrl(b,BIO_CTRL_POP,0,NULL);
+ return(ret);
+ }
+
+BIO *BIO_get_retry_BIO(bio,reason)
+BIO *bio;
+int *reason;
+ {
+ BIO *b,*last;
+
+ b=last=bio;
+ for (;;)
+ {
+ if (!BIO_should_retry(b)) break;
+ last=b;
+ b=b->next_bio;
+ if (b == NULL) break;
+ }
+ if (reason != NULL) *reason=last->retry_reason;
+ return(last);
+ }
+
+int BIO_get_retry_reason(bio)
+BIO *bio;
+ {
+ return(bio->retry_reason);
+ }
+
+BIO *BIO_find_type(bio,type)
+BIO *bio;
+int type;
+ {
+ int mt,mask;
+
+ mask=type&0xff;
+ do {
+ if (bio->method != NULL)
+ {
+ mt=bio->method->type;
+
+ if (!mask)
+ {
+ if (mt & type) return(bio);
+ }
+ else if (mt == type)
+ return(bio);
+ }
+ bio=bio->next_bio;
+ } while (bio != NULL);
+ return(NULL);
+ }
+
+void BIO_free_all(bio)
+BIO *bio;
+ {
+ BIO *b;
+ int ref;
+
+ while (bio != NULL)
+ {
+ b=bio;
+ ref=b->references;
+ bio=bio->next_bio;
+ BIO_free(b);
+ /* Since ref count > 1, don't free anyone else. */
+ if (ref > 1) break;
+ }
+ }
+
+BIO *BIO_dup_chain(in)
+BIO *in;
+ {
+ BIO *ret=NULL,*eoc=NULL,*bio,*new;
+
+ for (bio=in; bio != NULL; bio=bio->next_bio)
+ {
+ if ((new=BIO_new(bio->method)) == NULL) goto err;
+ new->callback=bio->callback;
+ new->cb_arg=bio->cb_arg;
+ new->init=bio->init;
+ new->shutdown=bio->shutdown;
+ new->flags=bio->flags;
+
+ /* This will let SSL_s_sock() work with stdin/stdout */
+ new->num=bio->num;
+
+ if (!BIO_dup_state(bio,(char *)new))
+ {
+ BIO_free(new);
+ goto err;
+ }
+
+ /* copy app data */
+ if (!CRYPTO_dup_ex_data(bio_meth,&new->ex_data,&bio->ex_data))
+ goto err;
+
+ if (ret == NULL)
+ {
+ eoc=new;
+ ret=eoc;
+ }
+ else
+ {
+ BIO_push(eoc,new);
+ eoc=new;
+ }
+ }
+ return(ret);
+err:
+ if (ret != NULL)
+ BIO_free(ret);
+ return(NULL);
+ }
+
+void BIO_copy_next_retry(b)
+BIO *b;
+ {
+ BIO_set_flags(b,BIO_get_retry_flags(b->next_bio));
+ b->retry_reason=b->next_bio->retry_reason;
+ }
+
+int BIO_get_ex_new_index(argl,argp,new_func,dup_func,free_func)
+long argl;
+char *argp;
+int (*new_func)();
+int (*dup_func)();
+void (*free_func)();
+ {
+ bio_meth_num++;
+ return(CRYPTO_get_ex_new_index(bio_meth_num-1,&bio_meth,
+ argl,argp,new_func,dup_func,free_func));
+ }
+
+int BIO_set_ex_data(bio,idx,data)
+BIO *bio;
+int idx;
+char *data;
+ {
+ return(CRYPTO_set_ex_data(&(bio->ex_data),idx,data));
+ }
+
+char *BIO_get_ex_data(bio,idx)
+BIO *bio;
+int idx;
+ {
+ return(CRYPTO_get_ex_data(&(bio->ex_data),idx));
+ }
+
diff --git a/src/lib/libssl/src/crypto/bio/bss_acpt.c b/src/lib/libssl/src/crypto/bio/bss_acpt.c
new file mode 100644
index 0000000000..e49902fa9f
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bio/bss_acpt.c
@@ -0,0 +1,500 @@
+/* crypto/bio/bss_acpt.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef NO_SOCK
+
+#include <stdio.h>
+#include <errno.h>
+#define USE_SOCKETS
+#include "cryptlib.h"
+#include "bio.h"
+
+/* BIOerr(BIO_F_WSASTARTUP,BIO_R_WSASTARTUP ); */
+
+#ifdef WIN16
+#define SOCKET_PROTOCOL 0 /* more microsoft stupidity */
+#else
+#define SOCKET_PROTOCOL IPPROTO_TCP
+#endif
+
+typedef struct bio_accept_st
+ {
+ int state;
+ char *param_addr;
+
+ int accept_sock;
+ int accept_nbio;
+
+ char *addr;
+ int nbio;
+ BIO *bio_chain;
+ } BIO_ACCEPT;
+
+#ifndef NOPROTO
+static int acpt_write(BIO *h,char *buf,int num);
+static int acpt_read(BIO *h,char *buf,int size);
+static int acpt_puts(BIO *h,char *str);
+static long acpt_ctrl(BIO *h,int cmd,long arg1,char *arg2);
+static int acpt_new(BIO *h);
+static int acpt_free(BIO *data);
+#else
+static int acpt_write();
+static int acpt_read();
+static int acpt_puts();
+static long acpt_ctrl();
+static int acpt_new();
+static int acpt_free();
+#endif
+
+#ifndef NOPROTO
+static int acpt_state(BIO *b, BIO_ACCEPT *c);
+static void acpt_close_socket(BIO *data);
+BIO_ACCEPT *BIO_ACCEPT_new(void );
+void BIO_ACCEPT_free(BIO_ACCEPT *a);
+
+#else
+
+static int acpt_state();
+static void acpt_close_socket();
+BIO_ACCEPT *BIO_ACCEPT_new();
+void BIO_ACCEPT_free();
+#endif
+
+#define ACPT_S_BEFORE 1
+#define ACPT_S_GET_ACCEPT_SOCKET 2
+#define ACPT_S_OK 3
+
+static BIO_METHOD methods_acceptp=
+ {
+ BIO_TYPE_ACCEPT,
+ "socket accept",
+ acpt_write,
+ acpt_read,
+ acpt_puts,
+ NULL, /* connect_gets, */
+ acpt_ctrl,
+ acpt_new,
+ acpt_free,
+ };
+
+BIO_METHOD *BIO_s_accept()
+ {
+ return(&methods_acceptp);
+ }
+
+static int acpt_new(bi)
+BIO *bi;
+ {
+ BIO_ACCEPT *ba;
+
+ bi->init=0;
+ bi->num=INVALID_SOCKET;
+ bi->flags=0;
+ if ((ba=BIO_ACCEPT_new()) == NULL)
+ return(0);
+ bi->ptr=(char *)ba;
+ ba->state=ACPT_S_BEFORE;
+ bi->shutdown=1;
+ return(1);
+ }
+
+BIO_ACCEPT *BIO_ACCEPT_new()
+ {
+ BIO_ACCEPT *ret;
+
+ if ((ret=(BIO_ACCEPT *)Malloc(sizeof(BIO_ACCEPT))) == NULL)
+ return(NULL);
+
+ memset(ret,0,sizeof(BIO_ACCEPT));
+ ret->accept_sock=INVALID_SOCKET;
+ return(ret);
+ }
+
+void BIO_ACCEPT_free(a)
+BIO_ACCEPT *a;
+ {
+ if (a->param_addr != NULL) Free(a->param_addr);
+ if (a->addr != NULL) Free(a->addr);
+ if (a->bio_chain != NULL) BIO_free(a->bio_chain);
+ Free(a);
+ }
+
+static void acpt_close_socket(bio)
+BIO *bio;
+ {
+ BIO_ACCEPT *c;
+
+ c=(BIO_ACCEPT *)bio->ptr;
+ if (c->accept_sock != INVALID_SOCKET)
+ {
+ shutdown(c->accept_sock,2);
+# ifdef WINDOWS
+ closesocket(c->accept_sock);
+# else
+ close(c->accept_sock);
+# endif
+ c->accept_sock=INVALID_SOCKET;
+ bio->num=INVALID_SOCKET;
+ }
+ }
+
+static int acpt_free(a)
+BIO *a;
+ {
+ BIO_ACCEPT *data;
+
+ if (a == NULL) return(0);
+ data=(BIO_ACCEPT *)a->ptr;
+
+ if (a->shutdown)
+ {
+ acpt_close_socket(a);
+ BIO_ACCEPT_free(data);
+ a->ptr=NULL;
+ a->flags=0;
+ a->init=0;
+ }
+ return(1);
+ }
+
+static int acpt_state(b,c)
+BIO *b;
+BIO_ACCEPT *c;
+ {
+ BIO *bio=NULL,*dbio;
+ unsigned long l=1;
+ int s= -1;
+ int i;
+
+again:
+ switch (c->state)
+ {
+ case ACPT_S_BEFORE:
+ if (c->param_addr == NULL)
+ {
+ BIOerr(BIO_F_ACPT_STATE,BIO_R_NO_ACCEPT_PORT_SPECIFIED);
+ return(-1);
+ }
+ s=BIO_get_accept_socket(c->param_addr);
+ if (s == INVALID_SOCKET)
+ return(-1);
+
+#ifdef FIONBIO
+ if (c->accept_nbio)
+ {
+ i=BIO_socket_ioctl(b->num,FIONBIO,&l);
+ if (i < 0)
+ {
+#ifdef WINDOWS
+ closesocket(s);
+#else
+ close(s);
+# endif
+ BIOerr(BIO_F_ACPT_STATE,BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET);
+ return(-1);
+ }
+ }
+#endif
+ c->accept_sock=s;
+ b->num=s;
+ c->state=ACPT_S_GET_ACCEPT_SOCKET;
+ return(1);
+ break;
+ case ACPT_S_GET_ACCEPT_SOCKET:
+ if (b->next_bio != NULL)
+ {
+ c->state=ACPT_S_OK;
+ goto again;
+ }
+ i=BIO_accept(c->accept_sock,&(c->addr));
+ if (i < 0) return(i);
+ bio=BIO_new_socket(i,BIO_CLOSE);
+ if (bio == NULL) goto err;
+
+ BIO_set_callback(bio,BIO_get_callback(b));
+ BIO_set_callback_arg(bio,BIO_get_callback_arg(b));
+
+#ifdef FIONBIO
+ if (c->nbio)
+ {
+ i=BIO_socket_ioctl(i,FIONBIO,&l);
+ if (i < 0)
+ {
+ BIOerr(BIO_F_ACPT_STATE,BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET);
+ goto err;
+ }
+ }
+#endif
+
+ /* If the accept BIO has an bio_chain, we dup it and
+ * put the new socket at the end. */
+ if (c->bio_chain != NULL)
+ {
+ if ((dbio=BIO_dup_chain(c->bio_chain)) == NULL)
+ goto err;
+ if (!BIO_push(dbio,bio)) goto err;
+ bio=dbio;
+ }
+ if (BIO_push(b,bio) == NULL) goto err;
+
+ c->state=ACPT_S_OK;
+ return(1);
+err:
+ if (bio != NULL)
+ BIO_free(bio);
+ else if (s >= 0)
+ {
+#ifdef WINDOWS
+ closesocket(s);
+#else
+ close(s);
+# endif
+ }
+ return(0);
+ break;
+ case ACPT_S_OK:
+ if (b->next_bio == NULL)
+ {
+ c->state=ACPT_S_GET_ACCEPT_SOCKET;
+ goto again;
+ }
+ return(1);
+ break;
+ default:
+ return(0);
+ break;
+ }
+
+ }
+
+static int acpt_read(b,out,outl)
+BIO *b;
+char *out;
+int outl;
+ {
+ int ret=0;
+ BIO_ACCEPT *data;
+
+ BIO_clear_retry_flags(b);
+ data=(BIO_ACCEPT *)b->ptr;
+
+ while (b->next_bio == NULL)
+ {
+ ret=acpt_state(b,data);
+ if (ret <= 0) return(ret);
+ }
+
+ ret=BIO_read(b->next_bio,out,outl);
+ BIO_copy_next_retry(b);
+ return(ret);
+ }
+
+static int acpt_write(b,in,inl)
+BIO *b;
+char *in;
+int inl;
+ {
+ int ret;
+ BIO_ACCEPT *data;
+
+ BIO_clear_retry_flags(b);
+ data=(BIO_ACCEPT *)b->ptr;
+
+ while (b->next_bio == NULL)
+ {
+ ret=acpt_state(b,data);
+ if (ret <= 0) return(ret);
+ }
+
+ ret=BIO_write(b->next_bio,in,inl);
+ BIO_copy_next_retry(b);
+ return(ret);
+ }
+
+static long acpt_ctrl(b,cmd,num,ptr)
+BIO *b;
+int cmd;
+long num;
+char *ptr;
+ {
+ BIO *dbio;
+ int *ip;
+ long ret=1;
+ BIO_ACCEPT *data;
+ char **pp;
+
+ data=(BIO_ACCEPT *)b->ptr;
+
+ switch (cmd)
+ {
+ case BIO_CTRL_RESET:
+ ret=0;
+ data->state=ACPT_S_BEFORE;
+ acpt_close_socket(b);
+ b->flags=0;
+ break;
+ case BIO_C_DO_STATE_MACHINE:
+ /* use this one to start the connection */
+ ret=(long)acpt_state(b,data);
+ break;
+ case BIO_C_SET_ACCEPT:
+ if (ptr != NULL)
+ {
+ if (num == 0)
+ {
+ b->init=1;
+ if (data->param_addr != NULL)
+ Free(data->param_addr);
+ data->param_addr=BUF_strdup(ptr);
+ }
+ else if (num == 1)
+ {
+ data->accept_nbio=(ptr != NULL);
+ }
+ else if (num == 2)
+ {
+ if (data->bio_chain != NULL)
+ BIO_free(data->bio_chain);
+ data->bio_chain=(BIO *)ptr;
+ }
+ }
+ break;
+ case BIO_C_SET_NBIO:
+ data->nbio=(int)num;
+ break;
+ case BIO_C_GET_FD:
+ if (b->init)
+ {
+ ip=(int *)ptr;
+ if (ip != NULL)
+ *ip=data->accept_sock;
+ ret=b->num;
+ }
+ else
+ ret= -1;
+ break;
+ case BIO_C_GET_ACCEPT:
+ if (b->init)
+ {
+ if (ptr != NULL)
+ {
+ pp=(char **)ptr;
+ *pp=data->param_addr;
+ }
+ else
+ ret= -1;
+ }
+ else
+ ret= -1;
+ break;
+ case BIO_CTRL_GET_CLOSE:
+ ret=b->shutdown;
+ break;
+ case BIO_CTRL_SET_CLOSE:
+ b->shutdown=(int)num;
+ break;
+ case BIO_CTRL_PENDING:
+ case BIO_CTRL_WPENDING:
+ ret=0;
+ break;
+ case BIO_CTRL_FLUSH:
+ break;
+ case BIO_CTRL_DUP:
+ dbio=(BIO *)ptr;
+/* if (data->param_port) EAY EAY
+ BIO_set_port(dbio,data->param_port);
+ if (data->param_hostname)
+ BIO_set_hostname(dbio,data->param_hostname);
+ BIO_set_nbio(dbio,data->nbio); */
+ break;
+
+ default:
+ ret=0;
+ break;
+ }
+ return(ret);
+ }
+
+static int acpt_puts(bp,str)
+BIO *bp;
+char *str;
+ {
+ int n,ret;
+
+ n=strlen(str);
+ ret=acpt_write(bp,str,n);
+ return(ret);
+ }
+
+BIO *BIO_new_accept(str)
+char *str;
+ {
+ BIO *ret;
+
+ ret=BIO_new(BIO_s_accept());
+ if (ret == NULL) return(NULL);
+ if (BIO_set_accept_port(ret,str))
+ return(ret);
+ else
+ {
+ BIO_free(ret);
+ return(NULL);
+ }
+ }
+
+#endif
diff --git a/src/lib/libssl/src/crypto/bio/bss_conn.c b/src/lib/libssl/src/crypto/bio/bss_conn.c
new file mode 100644
index 0000000000..6e547bf866
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bio/bss_conn.c
@@ -0,0 +1,648 @@
+/* crypto/bio/bss_conn.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef NO_SOCK
+
+#include <stdio.h>
+#include <errno.h>
+#define USE_SOCKETS
+#include "cryptlib.h"
+#include "bio.h"
+
+/* BIOerr(BIO_F_WSASTARTUP,BIO_R_WSASTARTUP ); */
+
+#ifdef WIN16
+#define SOCKET_PROTOCOL 0 /* more microsoft stupidity */
+#else
+#define SOCKET_PROTOCOL IPPROTO_TCP
+#endif
+
+typedef struct bio_connect_st
+ {
+ int state;
+
+ char *param_hostname;
+ char *param_port;
+ int nbio;
+
+ unsigned char ip[4];
+ short port;
+
+ struct sockaddr_in them;
+
+ /* int socket; this will be kept in bio->num so that it is
+ * compatable with the bss_sock bio */
+ int error;
+
+ /* called when the connection is initially made
+ * callback(BIO,state,ret); The callback should return
+ * 'ret'. state is for compatablity with the ssl info_callback */
+ int (*info_callback)();
+ } BIO_CONNECT;
+
+#ifndef NOPROTO
+static int conn_write(BIO *h,char *buf,int num);
+static int conn_read(BIO *h,char *buf,int size);
+static int conn_puts(BIO *h,char *str);
+static long conn_ctrl(BIO *h,int cmd,long arg1,char *arg2);
+static int conn_new(BIO *h);
+static int conn_free(BIO *data);
+#else
+static int conn_write();
+static int conn_read();
+static int conn_puts();
+static long conn_ctrl();
+static int conn_new();
+static int conn_free();
+#endif
+
+#ifndef NOPROTO
+
+static int conn_state(BIO *b, BIO_CONNECT *c);
+static void conn_close_socket(BIO *data);
+BIO_CONNECT *BIO_CONNECT_new(void );
+void BIO_CONNECT_free(BIO_CONNECT *a);
+
+#else
+
+static int conn_state();
+static void conn_close_socket();
+BIO_CONNECT *BIO_CONNECT_new();
+void BIO_CONNECT_free();
+
+#endif
+
+static BIO_METHOD methods_connectp=
+ {
+ BIO_TYPE_CONNECT,
+ "socket connect",
+ conn_write,
+ conn_read,
+ conn_puts,
+ NULL, /* connect_gets, */
+ conn_ctrl,
+ conn_new,
+ conn_free,
+ };
+
+static int conn_state(b,c)
+BIO *b;
+BIO_CONNECT *c;
+ {
+ int ret= -1,i;
+ unsigned long l;
+ char *p,*q;
+ int (*cb)()=NULL;
+
+ if (c->info_callback != NULL)
+ cb=c->info_callback;
+
+ for (;;)
+ {
+ switch (c->state)
+ {
+ case BIO_CONN_S_BEFORE:
+ p=c->param_hostname;
+ if (p == NULL)
+ {
+ BIOerr(BIO_F_CONN_STATE,BIO_R_NO_HOSTHNAME_SPECIFIED);
+ goto exit_loop;
+ }
+ for ( ; *p != '\0'; p++)
+ {
+ if ((*p == ':') || (*p == '/')) break;
+ }
+
+ i= *p;
+ if ((i == ':') || (i == '/'))
+ {
+
+ *(p++)='\0';
+ if (i == ':')
+ {
+ for (q=p; *q; q++)
+ if (*q == '/')
+ {
+ *q='\0';
+ break;
+ }
+ if (c->param_port != NULL)
+ Free(c->param_port);
+ c->param_port=BUF_strdup(p);
+ }
+ }
+
+ if (p == NULL)
+ {
+ BIOerr(BIO_F_CONN_STATE,BIO_R_NO_PORT_SPECIFIED);
+ ERR_add_error_data(2,"host=",c->param_hostname);
+ goto exit_loop;
+ }
+ c->state=BIO_CONN_S_GET_IP;
+ break;
+
+ case BIO_CONN_S_GET_IP:
+ if (BIO_get_host_ip(c->param_hostname,&(c->ip[0])) <= 0)
+ goto exit_loop;
+ c->state=BIO_CONN_S_GET_PORT;
+ break;
+
+ case BIO_CONN_S_GET_PORT:
+ if (BIO_get_port(c->param_port,&c->port) <= 0)
+ goto exit_loop;
+ c->state=BIO_CONN_S_CREATE_SOCKET;
+ break;
+
+ case BIO_CONN_S_CREATE_SOCKET:
+ /* now setup address */
+ memset((char *)&c->them,0,sizeof(c->them));
+ c->them.sin_family=AF_INET;
+ c->them.sin_port=htons((unsigned short)c->port);
+ l=(unsigned long)
+ ((unsigned long)c->ip[0]<<24L)|
+ ((unsigned long)c->ip[1]<<16L)|
+ ((unsigned long)c->ip[2]<< 8L)|
+ ((unsigned long)c->ip[3]);
+ c->them.sin_addr.s_addr=htonl(l);
+ c->state=BIO_CONN_S_CREATE_SOCKET;
+
+ ret=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
+ if (ret == INVALID_SOCKET)
+ {
+ SYSerr(SYS_F_SOCKET,get_last_socket_error());
+ ERR_add_error_data(4,"host=",c->param_hostname,
+ ":",c->param_port);
+ BIOerr(BIO_F_CONN_STATE,BIO_R_UNABLE_TO_CREATE_SOCKET);
+ goto exit_loop;
+ }
+ b->num=ret;
+ c->state=BIO_CONN_S_NBIO;
+ break;
+
+ case BIO_CONN_S_NBIO:
+#ifdef FIONBIO
+ if (c->nbio)
+ {
+ l=1;
+ ret=BIO_socket_ioctl(b->num,FIONBIO,&l);
+ if (ret < 0)
+ {
+ BIOerr(BIO_F_CONN_STATE,BIO_R_ERROR_SETTING_NBIO);
+ ERR_add_error_data(4,"host=",
+ c->param_hostname,
+ ":",c->param_port);
+ goto exit_loop;
+ }
+ }
+#endif
+ c->state=BIO_CONN_S_CONNECT;
+
+#ifdef SO_KEEPALIVE
+ i=1;
+ i=setsockopt(b->num,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i));
+ if (i < 0)
+ {
+ SYSerr(SYS_F_SOCKET,get_last_socket_error());
+ ERR_add_error_data(4,"host=",c->param_hostname,
+ ":",c->param_port);
+ BIOerr(BIO_F_CONN_STATE,BIO_R_KEEPALIVE);
+ goto exit_loop;
+ }
+#endif
+ break;
+
+ case BIO_CONN_S_CONNECT:
+ BIO_clear_retry_flags(b);
+ ret=connect(b->num,
+ (struct sockaddr *)&c->them,
+ sizeof(c->them));
+ b->retry_reason=0;
+ if (ret < 0)
+ {
+ if (BIO_sock_should_retry(ret))
+ {
+ BIO_set_retry_special(b);
+ c->state=BIO_CONN_S_BLOCKED_CONNECT;
+ b->retry_reason=BIO_RR_CONNECT;
+ }
+ else
+ {
+ SYSerr(SYS_F_CONNECT,get_last_socket_error());
+ ERR_add_error_data(4,"host=",
+ c->param_hostname,
+ ":",c->param_port);
+ BIOerr(BIO_F_CONN_STATE,BIO_R_CONNECT_ERROR);
+ }
+ goto exit_loop;
+ }
+ else
+ c->state=BIO_CONN_S_OK;
+ break;
+
+ case BIO_CONN_S_BLOCKED_CONNECT:
+ i=BIO_sock_error(b->num);
+ if (i)
+ {
+ BIO_clear_retry_flags(b);
+ SYSerr(SYS_F_CONNECT,i);
+ ERR_add_error_data(4,"host=",
+ c->param_hostname,
+ ":",c->param_port);
+ BIOerr(BIO_F_CONN_STATE,BIO_R_NBIO_CONNECT_ERROR);
+ ret=0;
+ goto exit_loop;
+ }
+ else
+ c->state=BIO_CONN_S_OK;
+ break;
+
+ case BIO_CONN_S_OK:
+ ret=1;
+ goto exit_loop;
+ default:
+ abort();
+ goto exit_loop;
+ }
+
+ if (cb != NULL)
+ {
+ if (!(ret=cb((BIO *)b,c->state,ret)))
+ goto end;
+ }
+ }
+
+ if (1)
+ {
+exit_loop:
+ if (cb != NULL)
+ ret=cb((BIO *)b,c->state,ret);
+ }
+end:
+ return(ret);
+ }
+
+BIO_CONNECT *BIO_CONNECT_new()
+ {
+ BIO_CONNECT *ret;
+
+ if ((ret=(BIO_CONNECT *)Malloc(sizeof(BIO_CONNECT))) == NULL)
+ return(NULL);
+ ret->state=BIO_CONN_S_BEFORE;
+ ret->param_hostname=NULL;
+ ret->param_port=NULL;
+ ret->info_callback=NULL;
+ ret->nbio=0;
+ ret->ip[0]=0;
+ ret->ip[1]=0;
+ ret->ip[2]=0;
+ ret->ip[3]=0;
+ ret->port=0;
+ memset((char *)&ret->them,0,sizeof(ret->them));
+ ret->error=0;
+ return(ret);
+ }
+
+void BIO_CONNECT_free(a)
+BIO_CONNECT *a;
+ {
+ if (a->param_hostname != NULL)
+ Free(a->param_hostname);
+ if (a->param_port != NULL)
+ Free(a->param_port);
+ Free(a);
+ }
+
+BIO_METHOD *BIO_s_connect()
+ {
+ return(&methods_connectp);
+ }
+
+static int conn_new(bi)
+BIO *bi;
+ {
+ bi->init=0;
+ bi->num=INVALID_SOCKET;
+ bi->flags=0;
+ if ((bi->ptr=(char *)BIO_CONNECT_new()) == NULL)
+ return(0);
+ else
+ return(1);
+ }
+
+static void conn_close_socket(bio)
+BIO *bio;
+ {
+ BIO_CONNECT *c;
+
+ c=(BIO_CONNECT *)bio->ptr;
+ if (bio->num != INVALID_SOCKET)
+ {
+ /* Only do a shutdown if things were established */
+ if (c->state == BIO_CONN_S_OK)
+ shutdown(bio->num,2);
+# ifdef WINDOWS
+ closesocket(bio->num);
+# else
+ close(bio->num);
+# endif
+ bio->num=INVALID_SOCKET;
+ }
+ }
+
+static int conn_free(a)
+BIO *a;
+ {
+ BIO_CONNECT *data;
+
+ if (a == NULL) return(0);
+ data=(BIO_CONNECT *)a->ptr;
+
+ if (a->shutdown)
+ {
+ conn_close_socket(a);
+ BIO_CONNECT_free(data);
+ a->ptr=NULL;
+ a->flags=0;
+ a->init=0;
+ }
+ return(1);
+ }
+
+static int conn_read(b,out,outl)
+BIO *b;
+char *out;
+int outl;
+ {
+ int ret=0;
+ BIO_CONNECT *data;
+
+ data=(BIO_CONNECT *)b->ptr;
+ if (data->state != BIO_CONN_S_OK)
+ {
+ ret=conn_state(b,data);
+ if (ret <= 0)
+ return(ret);
+ }
+
+ if (out != NULL)
+ {
+ clear_socket_error();
+#if defined(WINDOWS)
+ ret=recv(b->num,out,outl,0);
+#else
+ ret=read(b->num,out,outl);
+#endif
+ BIO_clear_retry_flags(b);
+ if (ret <= 0)
+ {
+ if (BIO_sock_should_retry(ret))
+ BIO_set_retry_read(b);
+ }
+ }
+ return(ret);
+ }
+
+static int conn_write(b,in,inl)
+BIO *b;
+char *in;
+int inl;
+ {
+ int ret;
+ BIO_CONNECT *data;
+
+ data=(BIO_CONNECT *)b->ptr;
+ if (data->state != BIO_CONN_S_OK)
+ {
+ ret=conn_state(b,data);
+ if (ret <= 0) return(ret);
+ }
+
+ clear_socket_error();
+#if defined(WINDOWS)
+ ret=send(b->num,in,inl,0);
+#else
+ ret=write(b->num,in,inl);
+#endif
+ BIO_clear_retry_flags(b);
+ if (ret <= 0)
+ {
+ if (BIO_sock_should_retry(ret))
+ BIO_set_retry_write(b);
+ }
+ return(ret);
+ }
+
+static long conn_ctrl(b,cmd,num,ptr)
+BIO *b;
+int cmd;
+long num;
+char *ptr;
+ {
+ BIO *dbio;
+ int *ip;
+ char **pptr;
+ long ret=1;
+ BIO_CONNECT *data;
+
+ data=(BIO_CONNECT *)b->ptr;
+
+ switch (cmd)
+ {
+ case BIO_CTRL_RESET:
+ ret=0;
+ data->state=BIO_CONN_S_BEFORE;
+ conn_close_socket(b);
+ b->flags=0;
+ break;
+ case BIO_C_DO_STATE_MACHINE:
+ /* use this one to start the connection */
+ if (!data->state != BIO_CONN_S_OK)
+ ret=(long)conn_state(b,data);
+ else
+ ret=1;
+ break;
+ case BIO_C_GET_CONNECT:
+ if (ptr != NULL)
+ {
+ pptr=(char **)ptr;
+ if (num == 0)
+ {
+ *pptr=data->param_hostname;
+
+ }
+ else if (num == 1)
+ {
+ *pptr=data->param_port;
+ }
+ else if (num == 2)
+ {
+ *pptr= (char *)&(data->ip[0]);
+ }
+ else if (num == 3)
+ {
+ *((int *)ptr)=data->port;
+ }
+ if ((!b->init) || (ptr == NULL))
+ *pptr="not initalised";
+ ret=1;
+ }
+ break;
+ case BIO_C_SET_CONNECT:
+ if (ptr != NULL)
+ {
+ b->init=1;
+ if (num == 0)
+ {
+ if (data->param_hostname != NULL)
+ Free(data->param_hostname);
+ data->param_hostname=BUF_strdup(ptr);
+ }
+ else if (num == 1)
+ {
+ if (data->param_port != NULL)
+ Free(data->param_port);
+ data->param_port=BUF_strdup(ptr);
+ }
+ else if (num == 2)
+ memcpy(data->ip,ptr,4);
+ else if (num == 3)
+ data->port= *(int *)ptr;
+ }
+ break;
+ case BIO_C_SET_NBIO:
+ data->nbio=(int)num;
+ break;
+ case BIO_C_GET_FD:
+ if (b->init)
+ {
+ ip=(int *)ptr;
+ if (ip != NULL)
+ *ip=b->num;
+ ret=b->num;
+ }
+ else
+ ret= -1;
+ break;
+ case BIO_CTRL_GET_CLOSE:
+ ret=b->shutdown;
+ break;
+ case BIO_CTRL_SET_CLOSE:
+ b->shutdown=(int)num;
+ break;
+ case BIO_CTRL_PENDING:
+ case BIO_CTRL_WPENDING:
+ ret=0;
+ break;
+ case BIO_CTRL_FLUSH:
+ break;
+ case BIO_CTRL_DUP:
+ dbio=(BIO *)ptr;
+ if (data->param_port)
+ BIO_set_conn_port(dbio,data->param_port);
+ if (data->param_hostname)
+ BIO_set_conn_hostname(dbio,data->param_hostname);
+ BIO_set_nbio(dbio,data->nbio);
+ BIO_set_info_callback(dbio,data->info_callback);
+ break;
+ case BIO_CTRL_SET_CALLBACK:
+ data->info_callback=(int (*)())ptr;
+ break;
+ case BIO_CTRL_GET_CALLBACK:
+ {
+ int (**fptr)();
+
+ fptr=(int (**)())ptr;
+ *fptr=data->info_callback;
+ }
+ break;
+ default:
+ ret=0;
+ break;
+ }
+ return(ret);
+ }
+
+static int conn_puts(bp,str)
+BIO *bp;
+char *str;
+ {
+ int n,ret;
+
+ n=strlen(str);
+ ret=conn_write(bp,str,n);
+ return(ret);
+ }
+
+BIO *BIO_new_connect(str)
+char *str;
+ {
+ BIO *ret;
+
+ ret=BIO_new(BIO_s_connect());
+ if (ret == NULL) return(NULL);
+ if (BIO_set_conn_hostname(ret,str))
+ return(ret);
+ else
+ {
+ BIO_free(ret);
+ return(NULL);
+ }
+ }
+
+#endif
+
diff --git a/src/lib/libssl/src/crypto/bio/bss_fd.c b/src/lib/libssl/src/crypto/bio/bss_fd.c
new file mode 100644
index 0000000000..686c4909a2
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bio/bss_fd.c
@@ -0,0 +1,62 @@
+/* crypto/bio/bss_fd.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#define BIO_FD
+#include "bss_sock.c"
+#undef BIO_FD
+
diff --git a/src/lib/libssl/src/crypto/bio/bss_file.c b/src/lib/libssl/src/crypto/bio/bss_file.c
new file mode 100644
index 0000000000..1484cf849e
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bio/bss_file.c
@@ -0,0 +1,339 @@
+/* crypto/bio/bss_file.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/*
+ * 03-Dec-1997 rdenny@dc3.com Fix bug preventing use of stdin/stdout
+ * with binary data (e.g. asn1parse -inform DER < xxx) under
+ * Windows
+ */
+
+#ifndef HEADER_BSS_FILE_C
+#define HEADER_BSS_FILE_C
+
+#include <stdio.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include "bio.h"
+#include "err.h"
+
+#if !defined(NO_STDIO)
+
+#ifndef NOPROTO
+static int MS_CALLBACK file_write(BIO *h,char *buf,int num);
+static int MS_CALLBACK file_read(BIO *h,char *buf,int size);
+static int MS_CALLBACK file_puts(BIO *h,char *str);
+static int MS_CALLBACK file_gets(BIO *h,char *str,int size);
+static long MS_CALLBACK file_ctrl(BIO *h,int cmd,long arg1,char *arg2);
+static int MS_CALLBACK file_new(BIO *h);
+static int MS_CALLBACK file_free(BIO *data);
+#else
+static int MS_CALLBACK file_write();
+static int MS_CALLBACK file_read();
+static int MS_CALLBACK file_puts();
+static int MS_CALLBACK file_gets();
+static long MS_CALLBACK file_ctrl();
+static int MS_CALLBACK file_new();
+static int MS_CALLBACK file_free();
+#endif
+
+static BIO_METHOD methods_filep=
+ {
+ BIO_TYPE_FILE,
+ "FILE pointer",
+ file_write,
+ file_read,
+ file_puts,
+ file_gets,
+ file_ctrl,
+ file_new,
+ file_free,
+ };
+
+BIO *BIO_new_file(filename,mode)
+char *filename;
+char *mode;
+ {
+ BIO *ret;
+ FILE *file;
+
+ if ((file=fopen(filename,mode)) == NULL)
+ {
+ SYSerr(SYS_F_FOPEN,get_last_sys_error());
+ ERR_add_error_data(5,"fopen('",filename,"','",mode,"')");
+ BIOerr(BIO_F_BIO_NEW_FILE,ERR_R_SYS_LIB);
+ return(NULL);
+ }
+ if ((ret=BIO_new(BIO_s_file_internal())) == NULL)
+ return(NULL);
+
+ BIO_set_fp(ret,file,BIO_CLOSE);
+ return(ret);
+ }
+
+BIO *BIO_new_fp(stream,close_flag)
+FILE *stream;
+int close_flag;
+ {
+ BIO *ret;
+
+ if ((ret=BIO_new(BIO_s_file())) == NULL)
+ return(NULL);
+
+ BIO_set_fp(ret,stream,close_flag);
+ return(ret);
+ }
+
+BIO_METHOD *BIO_s_file()
+ {
+ return(&methods_filep);
+ }
+
+static int MS_CALLBACK file_new(bi)
+BIO *bi;
+ {
+ bi->init=0;
+ bi->num=0;
+ bi->ptr=NULL;
+ return(1);
+ }
+
+static int MS_CALLBACK file_free(a)
+BIO *a;
+ {
+ if (a == NULL) return(0);
+ if (a->shutdown)
+ {
+ if ((a->init) && (a->ptr != NULL))
+ {
+ fclose((FILE *)a->ptr);
+ a->ptr=NULL;
+ }
+ a->init=0;
+ }
+ return(1);
+ }
+
+static int MS_CALLBACK file_read(b,out,outl)
+BIO *b;
+char *out;
+int outl;
+ {
+ int ret=0;
+
+ if (b->init && (out != NULL))
+ {
+ ret=fread(out,1,(int)outl,(FILE *)b->ptr);
+ }
+ return(ret);
+ }
+
+static int MS_CALLBACK file_write(b,in,inl)
+BIO *b;
+char *in;
+int inl;
+ {
+ int ret=0;
+
+ if (b->init && (in != NULL))
+ {
+ if (fwrite(in,(int)inl,1,(FILE *)b->ptr))
+ ret=inl;
+ /* ret=fwrite(in,1,(int)inl,(FILE *)b->ptr); */
+ /* acording to Tim Hudson <tjh@cryptsoft.com>, the commented
+ * out version above can cause 'inl' write calls under
+ * some stupid stdio implementations (VMS) */
+ }
+ return(ret);
+ }
+
+static long MS_CALLBACK file_ctrl(b,cmd,num,ptr)
+BIO *b;
+int cmd;
+long num;
+char *ptr;
+ {
+ long ret=1;
+ FILE *fp=(FILE *)b->ptr;
+ FILE **fpp;
+ char p[4];
+
+ switch (cmd)
+ {
+ case BIO_CTRL_RESET:
+ ret=(long)fseek(fp,num,0);
+ break;
+ case BIO_CTRL_EOF:
+ ret=(long)feof(fp);
+ break;
+ case BIO_CTRL_INFO:
+ ret=ftell(fp);
+ break;
+ case BIO_C_SET_FILE_PTR:
+ file_free(b);
+ b->shutdown=(int)num;
+ b->ptr=(char *)ptr;
+ b->init=1;
+#if defined(MSDOS) || defined(WINDOWS)
+ /* Set correct text/binary mode */
+ if (num & BIO_FP_TEXT)
+ _setmode(fileno((FILE *)ptr),_O_TEXT);
+ else
+ _setmode(fileno((FILE *)ptr),_O_BINARY);
+#endif
+ break;
+ case BIO_C_SET_FILENAME:
+ file_free(b);
+ b->shutdown=(int)num&BIO_CLOSE;
+ if (num & BIO_FP_APPEND)
+ {
+ if (num & BIO_FP_READ)
+ strcpy(p,"a+");
+ else strcpy(p,"a");
+ }
+ else if ((num & BIO_FP_READ) && (num & BIO_FP_WRITE))
+ strcpy(p,"r+");
+ else if (num & BIO_FP_WRITE)
+ strcpy(p,"w");
+ else if (num & BIO_FP_READ)
+ strcpy(p,"r");
+ else
+ {
+ BIOerr(BIO_F_FILE_CTRL,BIO_R_BAD_FOPEN_MODE);
+ ret=0;
+ break;
+ }
+#if defined(MSDOS) || defined(WINDOWS)
+ if (!(num & BIO_FP_TEXT))
+ strcat(p,"b");
+ else
+ strcat(p,"t");
+#endif
+ fp=fopen(ptr,p);
+ if (fp == NULL)
+ {
+ SYSerr(SYS_F_FOPEN,get_last_sys_error());
+ ERR_add_error_data(5,"fopen('",ptr,"','",p,"')");
+ BIOerr(BIO_F_FILE_CTRL,ERR_R_SYS_LIB);
+ ret=0;
+ break;
+ }
+ b->ptr=(char *)fp;
+ b->init=1;
+ break;
+ case BIO_C_GET_FILE_PTR:
+ /* the ptr parameter is actually a FILE ** in this case. */
+ if (ptr != NULL)
+ {
+ fpp=(FILE **)ptr;
+ *fpp=(FILE *)b->ptr;
+ }
+ break;
+ case BIO_CTRL_GET_CLOSE:
+ ret=(long)b->shutdown;
+ break;
+ case BIO_CTRL_SET_CLOSE:
+ b->shutdown=(int)num;
+ break;
+ case BIO_CTRL_FLUSH:
+ fflush((FILE *)b->ptr);
+ break;
+ case BIO_CTRL_DUP:
+ ret=1;
+ break;
+
+ case BIO_CTRL_WPENDING:
+ case BIO_CTRL_PENDING:
+ case BIO_CTRL_PUSH:
+ case BIO_CTRL_POP:
+ default:
+ ret=0;
+ break;
+ }
+ return(ret);
+ }
+
+static int MS_CALLBACK file_gets(bp,buf,size)
+BIO *bp;
+char *buf;
+int size;
+ {
+ int ret=0;
+
+ buf[0]='\0';
+ fgets(buf,size,(FILE *)bp->ptr);
+ if (buf[0] != '\0')
+ ret=strlen(buf);
+ return(ret);
+ }
+
+static int MS_CALLBACK file_puts(bp,str)
+BIO *bp;
+char *str;
+ {
+ int n,ret;
+
+ n=strlen(str);
+ ret=file_write(bp,str,n);
+ return(ret);
+ }
+
+#endif /* NO_STDIO */
+
+#endif /* HEADER_BSS_FILE_C */
+
+
diff --git a/src/lib/libssl/src/crypto/bio/bss_mem.c b/src/lib/libssl/src/crypto/bio/bss_mem.c
new file mode 100644
index 0000000000..40c4e39f02
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bio/bss_mem.c
@@ -0,0 +1,297 @@
+/* crypto/bio/bss_mem.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include "bio.h"
+
+#ifndef NOPROTO
+static int mem_write(BIO *h,char *buf,int num);
+static int mem_read(BIO *h,char *buf,int size);
+static int mem_puts(BIO *h,char *str);
+static int mem_gets(BIO *h,char *str,int size);
+static long mem_ctrl(BIO *h,int cmd,long arg1,char *arg2);
+static int mem_new(BIO *h);
+static int mem_free(BIO *data);
+#else
+static int mem_write();
+static int mem_read();
+static int mem_puts();
+static int mem_gets();
+static long mem_ctrl();
+static int mem_new();
+static int mem_free();
+#endif
+
+static BIO_METHOD mem_method=
+ {
+ BIO_TYPE_MEM,
+ "memory buffer",
+ mem_write,
+ mem_read,
+ mem_puts,
+ mem_gets,
+ mem_ctrl,
+ mem_new,
+ mem_free,
+ };
+
+BIO_METHOD *BIO_s_mem()
+ {
+ return(&mem_method);
+ }
+
+static int mem_new(bi)
+BIO *bi;
+ {
+ BUF_MEM *b;
+
+ if ((b=BUF_MEM_new()) == NULL)
+ return(0);
+ bi->shutdown=1;
+ bi->init=1;
+ bi->num=0;
+ bi->ptr=(char *)b;
+ return(1);
+ }
+
+static int mem_free(a)
+BIO *a;
+ {
+ if (a == NULL) return(0);
+ if (a->shutdown)
+ {
+ if ((a->init) && (a->ptr != NULL))
+ {
+ BUF_MEM_free((BUF_MEM *)a->ptr);
+ a->ptr=NULL;
+ }
+ }
+ return(1);
+ }
+
+static int mem_read(b,out,outl)
+BIO *b;
+char *out;
+int outl;
+ {
+ int ret= -1;
+ BUF_MEM *bm;
+ int i;
+ char *from,*to;
+
+ bm=(BUF_MEM *)b->ptr;
+ BIO_clear_retry_flags(b);
+ ret=(outl > bm->length)?bm->length:outl;
+ if ((out != NULL) && (ret > 0))
+ {
+ memcpy(out,bm->data,ret);
+ bm->length-=ret;
+ /* memmove(&(bm->data[0]),&(bm->data[ret]), bm->length); */
+ from=(char *)&(bm->data[ret]);
+ to=(char *)&(bm->data[0]);
+ for (i=0; i<bm->length; i++)
+ to[i]=from[i];
+ }
+ else if (bm->length == 0)
+ {
+ BIO_set_retry_read(b);
+ ret= -1;
+ }
+ return(ret);
+ }
+
+static int mem_write(b,in,inl)
+BIO *b;
+char *in;
+int inl;
+ {
+ int ret= -1;
+ int blen;
+ BUF_MEM *bm;
+
+ bm=(BUF_MEM *)b->ptr;
+ if (in == NULL)
+ {
+ BIOerr(BIO_F_MEM_WRITE,BIO_R_NULL_PARAMETER);
+ goto end;
+ }
+
+ BIO_clear_retry_flags(b);
+ blen=bm->length;
+ if (BUF_MEM_grow(bm,blen+inl) != (blen+inl))
+ goto end;
+ memcpy(&(bm->data[blen]),in,inl);
+ ret=inl;
+end:
+ return(ret);
+ }
+
+static long mem_ctrl(b,cmd,num,ptr)
+BIO *b;
+int cmd;
+long num;
+char *ptr;
+ {
+ long ret=1;
+ char **pptr;
+
+ BUF_MEM *bm=(BUF_MEM *)b->ptr;
+
+ switch (cmd)
+ {
+ case BIO_CTRL_RESET:
+ if (bm->data != NULL)
+ memset(bm->data,0,bm->max);
+ bm->length=0;
+ break;
+ case BIO_CTRL_EOF:
+ ret=(long)(bm->length == 0);
+ break;
+ case BIO_CTRL_INFO:
+ ret=(long)bm->length;
+ if (ptr != NULL)
+ {
+ pptr=(char **)ptr;
+ *pptr=(char *)&(bm->data[0]);
+ }
+ break;
+ case BIO_C_SET_BUF_MEM:
+ mem_free(b);
+ b->shutdown=(int)num;
+ b->ptr=ptr;
+ break;
+ case BIO_C_GET_BUF_MEM_PTR:
+ if (ptr != NULL)
+ {
+ pptr=(char **)ptr;
+ *pptr=(char *)bm;
+ }
+ break;
+ case BIO_CTRL_GET_CLOSE:
+ ret=(long)b->shutdown;
+ break;
+ case BIO_CTRL_SET_CLOSE:
+ b->shutdown=(int)num;
+ break;
+
+ case BIO_CTRL_WPENDING:
+ ret=0L;
+ break;
+ case BIO_CTRL_PENDING:
+ ret=(long)bm->length;
+ break;
+ case BIO_CTRL_DUP:
+ case BIO_CTRL_FLUSH:
+ ret=1;
+ break;
+ case BIO_CTRL_PUSH:
+ case BIO_CTRL_POP:
+ default:
+ ret=0;
+ break;
+ }
+ return(ret);
+ }
+
+static int mem_gets(bp,buf,size)
+BIO *bp;
+char *buf;
+int size;
+ {
+ int i,j;
+ int ret= -1;
+ char *p;
+ BUF_MEM *bm=(BUF_MEM *)bp->ptr;
+
+ BIO_clear_retry_flags(bp);
+ j=bm->length;
+ if (j <= 0) return(0);
+ p=bm->data;
+ for (i=0; i<j; i++)
+ {
+ if (p[i] == '\n') break;
+ }
+ if (i == j)
+ {
+ BIO_set_retry_read(bp);
+ /* return(-1); change the semantics 0.6.6a */
+ }
+ else
+ i++;
+ /* i is the max to copy */
+ if ((size-1) < i) i=size-1;
+ i=mem_read(bp,buf,i);
+ if (i > 0) buf[i]='\0';
+ ret=i;
+ return(ret);
+ }
+
+static int mem_puts(bp,str)
+BIO *bp;
+char *str;
+ {
+ int n,ret;
+
+ n=strlen(str);
+ ret=mem_write(bp,str,n);
+ /* memory semantics is that it will always work */
+ return(ret);
+ }
+
diff --git a/src/lib/libssl/src/crypto/bio/bss_null.c b/src/lib/libssl/src/crypto/bio/bss_null.c
new file mode 100644
index 0000000000..0791a2471a
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bio/bss_null.c
@@ -0,0 +1,177 @@
+/* crypto/bio/bss_null.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include "bio.h"
+
+#ifndef NOPROTO
+static int null_write(BIO *h,char *buf,int num);
+static int null_read(BIO *h,char *buf,int size);
+static int null_puts(BIO *h,char *str);
+static int null_gets(BIO *h,char *str,int size);
+static long null_ctrl(BIO *h,int cmd,long arg1,char *arg2);
+static int null_new(BIO *h);
+static int null_free(BIO *data);
+#else
+static int null_write();
+static int null_read();
+static int null_puts();
+static int null_gets();
+static long null_ctrl();
+static int null_new();
+static int null_free();
+#endif
+
+static BIO_METHOD null_method=
+ {
+ BIO_TYPE_NULL,
+ "NULL",
+ null_write,
+ null_read,
+ null_puts,
+ null_gets,
+ null_ctrl,
+ null_new,
+ null_free,
+ };
+
+BIO_METHOD *BIO_s_null()
+ {
+ return(&null_method);
+ }
+
+static int null_new(bi)
+BIO *bi;
+ {
+ bi->init=1;
+ bi->num=0;
+ bi->ptr=(NULL);
+ return(1);
+ }
+
+static int null_free(a)
+BIO *a;
+ {
+ if (a == NULL) return(0);
+ return(1);
+ }
+
+static int null_read(b,out,outl)
+BIO *b;
+char *out;
+int outl;
+ {
+ return(0);
+ }
+
+static int null_write(b,in,inl)
+BIO *b;
+char *in;
+int inl;
+ {
+ return(inl);
+ }
+
+static long null_ctrl(b,cmd,num,ptr)
+BIO *b;
+int cmd;
+long num;
+char *ptr;
+ {
+ long ret=1;
+
+ switch (cmd)
+ {
+ case BIO_CTRL_RESET:
+ case BIO_CTRL_EOF:
+ case BIO_CTRL_SET:
+ case BIO_CTRL_SET_CLOSE:
+ case BIO_CTRL_FLUSH:
+ case BIO_CTRL_DUP:
+ ret=1;
+ break;
+ case BIO_CTRL_GET_CLOSE:
+ case BIO_CTRL_INFO:
+ case BIO_CTRL_GET:
+ case BIO_CTRL_PENDING:
+ case BIO_CTRL_WPENDING:
+ default:
+ ret=0;
+ break;
+ }
+ return(ret);
+ }
+
+static int null_gets(bp,buf,size)
+BIO *bp;
+char *buf;
+int size;
+ {
+ return(0);
+ }
+
+static int null_puts(bp,str)
+BIO *bp;
+char *str;
+ {
+ if (str == NULL) return(0);
+ return(strlen(str));
+ }
+
diff --git a/src/lib/libssl/src/crypto/bio/bss_rtcp.c b/src/lib/libssl/src/crypto/bio/bss_rtcp.c
new file mode 100644
index 0000000000..6eb434dee8
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bio/bss_rtcp.c
@@ -0,0 +1,297 @@
+/* crypto/bio/bss_rtcp.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* Written by David L. Jones <jonesd@kcgl1.eng.ohio-state.edu>
+ * Date: 22-JUL-1996
+ */
+/* VMS */
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include "bio.h"
+
+#include <iodef.h> /* VMS IO$_ definitions */
+extern int SYS$QIOW();
+typedef unsigned short io_channel;
+/*************************************************************************/
+struct io_status { short status, count; long flags; };
+
+struct rpc_msg { /* Should have member alignment inhibited */
+ char channel; /* 'A'-app data. 'R'-remote client 'G'-global */
+ char function; /* 'G'-get, 'P'-put, 'C'-confirm, 'X'-close */
+ unsigned short int length; /* Amount of data returned or max to return */
+ char data[4092]; /* variable data */
+};
+#define RPC_HDR_SIZE (sizeof(struct rpc_msg) - 4092)
+
+struct rpc_ctx {
+ int filled, pos;
+ struct rpc_msg msg;
+};
+
+static int rtcp_write(BIO *h,char *buf,int num);
+static int rtcp_read(BIO *h,char *buf,int size);
+static int rtcp_puts(BIO *h,char *str);
+static int rtcp_gets(BIO *h,char *str,int size);
+static long rtcp_ctrl(BIO *h,int cmd,long arg1,char *arg2);
+static int rtcp_new(BIO *h);
+static int rtcp_free(BIO *data);
+
+static BIO_METHOD rtcp_method=
+ {
+ BIO_TYPE_FD,
+ "RTCP",
+ rtcp_write,
+ rtcp_read,
+ rtcp_puts,
+ rtcp_gets,
+ rtcp_ctrl,
+ rtcp_new,
+ rtcp_free,
+ };
+
+BIO_METHOD *BIO_s_rtcp()
+ {
+ return(&rtcp_method);
+ }
+/*****************************************************************************/
+/* Decnet I/O routines.
+ */
+static int get ( io_channel chan, char *buffer, int maxlen, int *length )
+{
+ int status;
+ struct io_status iosb;
+ status = SYS$QIOW ( 0, chan, IO$_READVBLK, &iosb, 0, 0,
+ buffer, maxlen, 0, 0, 0, 0 );
+ if ( (status&1) == 1 ) status = iosb.status;
+ if ( (status&1) == 1 ) *length = iosb.count;
+ return status;
+}
+
+static int put ( io_channel chan, char *buffer, int length )
+{
+ int status;
+ struct io_status iosb;
+ status = SYS$QIOW ( 0, chan, IO$_WRITEVBLK, &iosb, 0, 0,
+ buffer, length, 0, 0, 0, 0 );
+ if ( (status&1) == 1 ) status = iosb.status;
+ return status;
+}
+/***************************************************************************/
+
+static int rtcp_new(bi)
+BIO *bi;
+{
+ struct rpc_ctx *ctx;
+ bi->init=1;
+ bi->num=0;
+ bi->flags = 0;
+ bi->ptr=Malloc(sizeof(struct rpc_ctx));
+ ctx = (struct rpc_ctx *) bi->ptr;
+ ctx->filled = 0;
+ ctx->pos = 0;
+ return(1);
+}
+
+static int rtcp_free(a)
+BIO *a;
+{
+ if (a == NULL) return(0);
+ if ( a->ptr ) Free ( a->ptr );
+ a->ptr = NULL;
+ return(1);
+}
+
+static int rtcp_read(b,out,outl)
+BIO *b;
+char *out;
+int outl;
+{
+ int status, length;
+ struct rpc_ctx *ctx;
+ /*
+ * read data, return existing.
+ */
+ ctx = (struct rpc_ctx *) b->ptr;
+ if ( ctx->pos < ctx->filled ) {
+ length = ctx->filled - ctx->pos;
+ if ( length > outl ) length = outl;
+ memmove ( out, &ctx->msg.data[ctx->pos], length );
+ ctx->pos += length;
+ return length;
+ }
+ /*
+ * Requst more data from R channel.
+ */
+ ctx->msg.channel = 'R';
+ ctx->msg.function = 'G';
+ ctx->msg.length = sizeof(ctx->msg.data);
+ status = put ( b->num, (char *) &ctx->msg, RPC_HDR_SIZE );
+ if ( (status&1) == 0 ) {
+ return -1;
+ }
+ /*
+ * Read.
+ */
+ ctx->pos = ctx->filled = 0;
+ status = get ( b->num, (char *) &ctx->msg, sizeof(ctx->msg), &length );
+ if ( (status&1) == 0 ) length = -1;
+ if ( ctx->msg.channel != 'R' || ctx->msg.function != 'C' ) {
+ length = -1;
+ }
+ ctx->filled = length - RPC_HDR_SIZE;
+
+ if ( ctx->pos < ctx->filled ) {
+ length = ctx->filled - ctx->pos;
+ if ( length > outl ) length = outl;
+ memmove ( out, ctx->msg.data, length );
+ ctx->pos += length;
+ return length;
+ }
+
+ return length;
+}
+
+static int rtcp_write(b,in,inl)
+BIO *b;
+char *in;
+int inl;
+{
+ int status, i, segment, length;
+ struct rpc_ctx *ctx;
+ /*
+ * Output data, send in chunks no larger that sizeof(ctx->msg.data).
+ */
+ ctx = (struct rpc_ctx *) b->ptr;
+ for ( i = 0; i < inl; i += segment ) {
+ segment = inl - i;
+ if ( segment > sizeof(ctx->msg.data) ) segment = sizeof(ctx->msg.data);
+ ctx->msg.channel = 'R';
+ ctx->msg.function = 'P';
+ ctx->msg.length = segment;
+ memmove ( ctx->msg.data, &in[i], segment );
+ status = put ( b->num, (char *) &ctx->msg, segment + RPC_HDR_SIZE );
+ if ((status&1) == 0 ) { i = -1; break; }
+
+ status = get ( b->num, (char *) &ctx->msg, sizeof(ctx->msg), &length );
+ if ( ((status&1) == 0) || (length < RPC_HDR_SIZE) ) { i = -1; break; }
+ if ( (ctx->msg.channel != 'R') || (ctx->msg.function != 'C') ) {
+ printf("unexpected response when confirming put %c %c\n",
+ ctx->msg.channel, ctx->msg.function );
+
+ }
+ }
+ return(i);
+}
+
+static long rtcp_ctrl(b,cmd,num,ptr)
+BIO *b;
+int cmd;
+long num;
+char *ptr;
+ {
+ long ret=1;
+
+ switch (cmd)
+ {
+ case BIO_CTRL_RESET:
+ case BIO_CTRL_EOF:
+ ret = 1;
+ break;
+ case BIO_CTRL_SET:
+ b->num = num;
+ ret = 1;
+ break;
+ case BIO_CTRL_SET_CLOSE:
+ case BIO_CTRL_FLUSH:
+ case BIO_CTRL_DUP:
+ ret=1;
+ break;
+ case BIO_CTRL_GET_CLOSE:
+ case BIO_CTRL_INFO:
+ case BIO_CTRL_GET:
+ case BIO_CTRL_PENDING:
+ case BIO_CTRL_WPENDING:
+ default:
+ ret=0;
+ break;
+ }
+ return(ret);
+ }
+
+static int rtcp_gets(bp,buf,size)
+BIO *bp;
+char *buf;
+int size;
+ {
+ return(0);
+ }
+
+static int rtcp_puts(bp,str)
+BIO *bp;
+char *str;
+{
+ int length;
+ if (str == NULL) return(0);
+ length = strlen ( str );
+ if ( length == 0 ) return (0);
+ return rtcp_write ( bp,str, length );
+}
+
diff --git a/src/lib/libssl/src/crypto/bio/bss_sock.c b/src/lib/libssl/src/crypto/bio/bss_sock.c
new file mode 100644
index 0000000000..d907a2867b
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bio/bss_sock.c
@@ -0,0 +1,461 @@
+/* crypto/bio/bss_sock.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#if !defined(NO_SOCK) || defined(BIO_FD)
+
+#include <stdio.h>
+#include <errno.h>
+#define USE_SOCKETS
+#include "cryptlib.h"
+#include "bio.h"
+
+#ifndef BIO_FD
+#ifndef NOPROTO
+static int sock_write(BIO *h,char *buf,int num);
+static int sock_read(BIO *h,char *buf,int size);
+static int sock_puts(BIO *h,char *str);
+static long sock_ctrl(BIO *h,int cmd,long arg1,char *arg2);
+static int sock_new(BIO *h);
+static int sock_free(BIO *data);
+int BIO_sock_should_retry(int s);
+#else
+static int sock_write();
+static int sock_read();
+static int sock_puts();
+static long sock_ctrl();
+static int sock_new();
+static int sock_free();
+int BIO_sock_should_retry();
+#endif
+
+#else
+
+#ifndef NOPROTO
+static int fd_write(BIO *h,char *buf,int num);
+static int fd_read(BIO *h,char *buf,int size);
+static int fd_puts(BIO *h,char *str);
+static long fd_ctrl(BIO *h,int cmd,long arg1,char *arg2);
+static int fd_new(BIO *h);
+static int fd_free(BIO *data);
+int BIO_fd_should_retry(int s);
+#else
+static int fd_write();
+static int fd_read();
+static int fd_puts();
+static long fd_ctrl();
+static int fd_new();
+static int fd_free();
+int BIO_fd_should_retry();
+#endif
+#endif
+
+#ifndef BIO_FD
+static BIO_METHOD methods_sockp=
+ {
+ BIO_TYPE_SOCKET,
+ "socket",
+ sock_write,
+ sock_read,
+ sock_puts,
+ NULL, /* sock_gets, */
+ sock_ctrl,
+ sock_new,
+ sock_free,
+ };
+
+BIO_METHOD *BIO_s_socket()
+ {
+ return(&methods_sockp);
+ }
+#else
+static BIO_METHOD methods_fdp=
+ {
+ BIO_TYPE_FD,"file descriptor",
+ fd_write,
+ fd_read,
+ fd_puts,
+ NULL, /* fd_gets, */
+ fd_ctrl,
+ fd_new,
+ fd_free,
+ };
+
+BIO_METHOD *BIO_s_fd()
+ {
+ return(&methods_fdp);
+ }
+#endif
+
+#ifndef BIO_FD
+BIO *BIO_new_socket(fd,close_flag)
+#else
+BIO *BIO_new_fd(fd,close_flag)
+#endif
+int fd;
+int close_flag;
+ {
+ BIO *ret;
+
+#ifndef BIO_FD
+ ret=BIO_new(BIO_s_socket());
+#else
+ ret=BIO_new(BIO_s_fd());
+#endif
+ if (ret == NULL) return(NULL);
+ BIO_set_fd(ret,fd,close_flag);
+ return(ret);
+ }
+
+#ifndef BIO_FD
+static int sock_new(bi)
+#else
+static int fd_new(bi)
+#endif
+BIO *bi;
+ {
+ bi->init=0;
+ bi->num=0;
+ bi->ptr=NULL;
+ bi->flags=0;
+ return(1);
+ }
+
+#ifndef BIO_FD
+static int sock_free(a)
+#else
+static int fd_free(a)
+#endif
+BIO *a;
+ {
+ if (a == NULL) return(0);
+ if (a->shutdown)
+ {
+ if (a->init)
+ {
+#ifndef BIO_FD
+ shutdown(a->num,2);
+# ifdef WINDOWS
+ closesocket(a->num);
+# else
+ close(a->num);
+# endif
+#else /* BIO_FD */
+ close(a->num);
+#endif
+
+ }
+ a->init=0;
+ a->flags=0;
+ }
+ return(1);
+ }
+
+#ifndef BIO_FD
+static int sock_read(b,out,outl)
+#else
+static int fd_read(b,out,outl)
+#endif
+BIO *b;
+char *out;
+int outl;
+ {
+ int ret=0;
+
+ if (out != NULL)
+ {
+#if defined(WINDOWS) && !defined(BIO_FD)
+ clear_socket_error();
+ ret=recv(b->num,out,outl,0);
+#else
+ clear_sys_error();
+ ret=read(b->num,out,outl);
+#endif
+ BIO_clear_retry_flags(b);
+ if (ret <= 0)
+ {
+#ifndef BIO_FD
+ if (BIO_sock_should_retry(ret))
+#else
+ if (BIO_fd_should_retry(ret))
+#endif
+ BIO_set_retry_read(b);
+ }
+ }
+ return(ret);
+ }
+
+#ifndef BIO_FD
+static int sock_write(b,in,inl)
+#else
+static int fd_write(b,in,inl)
+#endif
+BIO *b;
+char *in;
+int inl;
+ {
+ int ret;
+
+#if defined(WINDOWS) && !defined(BIO_FD)
+ clear_socket_error();
+ ret=send(b->num,in,inl,0);
+#else
+ clear_sys_error();
+ ret=write(b->num,in,inl);
+#endif
+ BIO_clear_retry_flags(b);
+ if (ret <= 0)
+ {
+#ifndef BIO_FD
+ if (BIO_sock_should_retry(ret))
+#else
+ if (BIO_fd_should_retry(ret))
+#endif
+ BIO_set_retry_write(b);
+ }
+ return(ret);
+ }
+
+#ifndef BIO_FD
+static long sock_ctrl(b,cmd,num,ptr)
+#else
+static long fd_ctrl(b,cmd,num,ptr)
+#endif
+BIO *b;
+int cmd;
+long num;
+char *ptr;
+ {
+ long ret=1;
+ int *ip;
+
+ switch (cmd)
+ {
+ case BIO_CTRL_RESET:
+#ifdef BIO_FD
+ ret=(long)lseek(b->num,0,0);
+#else
+ ret=0;
+#endif
+ break;
+ case BIO_CTRL_INFO:
+ ret=0;
+ break;
+ case BIO_C_SET_FD:
+#ifndef BIO_FD
+ sock_free(b);
+#else
+ fd_free(b);
+#endif
+ b->num= *((int *)ptr);
+ b->shutdown=(int)num;
+ b->init=1;
+ break;
+ case BIO_C_GET_FD:
+ if (b->init)
+ {
+ ip=(int *)ptr;
+ if (ip != NULL) *ip=b->num;
+ ret=b->num;
+ }
+ else
+ ret= -1;
+ break;
+ case BIO_CTRL_GET_CLOSE:
+ ret=b->shutdown;
+ break;
+ case BIO_CTRL_SET_CLOSE:
+ b->shutdown=(int)num;
+ break;
+ case BIO_CTRL_PENDING:
+ case BIO_CTRL_WPENDING:
+ ret=0;
+ break;
+ case BIO_CTRL_DUP:
+ case BIO_CTRL_FLUSH:
+ ret=1;
+ break;
+ break;
+ default:
+ ret=0;
+ break;
+ }
+ return(ret);
+ }
+
+#ifdef undef
+static int sock_gets(bp,buf,size)
+BIO *bp;
+char *buf;
+int size;
+ {
+ return(-1);
+ }
+#endif
+
+#ifndef BIO_FD
+static int sock_puts(bp,str)
+#else
+static int fd_puts(bp,str)
+#endif
+BIO *bp;
+char *str;
+ {
+ int n,ret;
+
+ n=strlen(str);
+#ifndef BIO_FD
+ ret=sock_write(bp,str,n);
+#else
+ ret=fd_write(bp,str,n);
+#endif
+ return(ret);
+ }
+
+#ifndef BIO_FD
+int BIO_sock_should_retry(i)
+#else
+int BIO_fd_should_retry(i)
+#endif
+int i;
+ {
+ int err;
+
+ if ((i == 0) || (i == -1))
+ {
+#if !defined(BIO_FD) && defined(WINDOWS)
+ err=get_last_socket_error();
+#else
+ err=get_last_sys_error();
+#endif
+
+#if defined(WINDOWS) /* more microsoft stupidity */
+ if ((i == -1) && (err == 0))
+ return(1);
+#endif
+
+#ifndef BIO_FD
+ return(BIO_sock_non_fatal_error(err));
+#else
+ return(BIO_fd_non_fatal_error(err));
+#endif
+ }
+ return(0);
+ }
+
+#ifndef BIO_FD
+int BIO_sock_non_fatal_error(err)
+#else
+int BIO_fd_non_fatal_error(err)
+#endif
+int err;
+ {
+ switch (err)
+ {
+#if !defined(BIO_FD) && defined(WINDOWS)
+# if defined(WSAEWOULDBLOCK)
+ case WSAEWOULDBLOCK:
+# endif
+
+# if defined(WSAENOTCONN)
+ case WSAENOTCONN:
+# endif
+#endif
+
+#ifdef EWOULDBLOCK
+# ifdef WSAEWOULDBLOCK
+# if WSAEWOULDBLOCK != EWOULDBLOCK
+ case EWOULDBLOCK:
+# endif
+# else
+ case EWOULDBLOCK:
+# endif
+#endif
+
+#if defined(ENOTCONN)
+ case ENOTCONN:
+#endif
+
+#ifdef EINTR
+ case EINTR:
+#endif
+
+#ifdef EAGAIN
+#if EWOULDBLOCK != EAGAIN
+ case EAGAIN:
+# endif
+#endif
+
+#ifdef EPROTO
+ case EPROTO:
+#endif
+
+#ifdef EINPROGRESS
+ case EINPROGRESS:
+#endif
+
+#ifdef EALREADY
+ case EALREADY:
+#endif
+ return(1);
+ break;
+ default:
+ break;
+ }
+ return(0);
+ }
+#endif
diff --git a/src/lib/libssl/src/crypto/bn/asm/README b/src/lib/libssl/src/crypto/bn/asm/README
new file mode 100644
index 0000000000..d93fbff77f
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bn/asm/README
@@ -0,0 +1,30 @@
+All assember in this directory are just version of the file
+crypto/bn/bn_mulw.c.
+
+Quite a few of these files are just the assember output from gcc since on
+quite a few machines they are 2 times faster than the system compiler.
+
+For the x86, I have hand written assember because of the bad job all
+compilers seem to do on it. This normally gives a 2 time speed up in the RSA
+routines.
+
+For the DEC alpha, I also hand wrote the assember (except the division which
+is just the output from the C compiler pasted on the end of the file).
+On the 2 alpha C compilers I had access to, it was not possible to do
+64b x 64b -> 128b calculations (both long and the long long data types
+were 64 bits). So the hand assember gives access to the 128 bit result and
+a 2 times speedup :-).
+
+The x86xxxx.obj files are the assembled version of x86xxxx.asm files.
+I had such a hard time finding a macro assember for Microsoft, I decided to
+include the object file to save others the hassle :-).
+
+I have also included uu encoded versions of the .obj incase they get
+trashed.
+
+There are 2 versions of assember for the HP PA-RISC.
+pa-risc.s is the origional one which works fine.
+pa-risc2.s is a new version that often generates warnings but if the
+tests pass, it gives performance that is over 2 times faster than
+pa-risc.s.
+Both were generated using gcc :-)
diff --git a/src/lib/libssl/src/crypto/bn/asm/alpha.s b/src/lib/libssl/src/crypto/bn/asm/alpha.s
new file mode 100644
index 0000000000..1d17b1d619
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bn/asm/alpha.s
@@ -0,0 +1,344 @@
+ # DEC Alpha assember
+ # The bn_div64 is actually gcc output but the other parts are hand done.
+ # Thanks to tzeruch@ceddec.com for sending me the gcc output for
+ # bn_div64.
+ .file 1 "bn_mulw.c"
+ .set noat
+gcc2_compiled.:
+__gnu_compiled_c:
+ .text
+ .align 3
+ .globl bn_mul_add_words
+ .ent bn_mul_add_words
+bn_mul_add_words:
+bn_mul_add_words..ng:
+ .frame $30,0,$26,0
+ .prologue 0
+ subq $18,2,$25 # num=-2
+ bis $31,$31,$0
+ blt $25,$42
+ .align 5
+$142:
+ subq $18,2,$18 # num-=2
+ subq $25,2,$25 # num-=2
+
+ ldq $1,0($17) # a[0]
+ ldq $2,8($17) # a[1]
+
+ mulq $19,$1,$3 # a[0]*w low part r3
+ umulh $19,$1,$1 # a[0]*w high part r1
+ mulq $19,$2,$4 # a[1]*w low part r4
+ umulh $19,$2,$2 # a[1]*w high part r2
+
+ ldq $22,0($16) # r[0] r22
+ ldq $23,8($16) # r[1] r23
+
+ addq $3,$22,$3 # a0 low part + r[0]
+ addq $4,$23,$4 # a1 low part + r[1]
+ cmpult $3,$22,$5 # overflow?
+ cmpult $4,$23,$6 # overflow?
+ addq $5,$1,$1 # high part + overflow
+ addq $6,$2,$2 # high part + overflow
+
+ addq $3,$0,$3 # add c
+ cmpult $3,$0,$5 # overflow?
+ stq $3,0($16)
+ addq $5,$1,$0 # c=high part + overflow
+
+ addq $4,$0,$4 # add c
+ cmpult $4,$0,$5 # overflow?
+ stq $4,8($16)
+ addq $5,$2,$0 # c=high part + overflow
+
+ ble $18,$43
+
+ addq $16,16,$16
+ addq $17,16,$17
+ blt $25,$42
+
+ br $31,$142
+$42:
+ ldq $1,0($17) # a[0]
+ umulh $19,$1,$3 # a[0]*w high part
+ mulq $19,$1,$1 # a[0]*w low part
+ ldq $2,0($16) # r[0]
+ addq $1,$2,$1 # low part + r[0]
+ cmpult $1,$2,$4 # overflow?
+ addq $4,$3,$3 # high part + overflow
+ addq $1,$0,$1 # add c
+ cmpult $1,$0,$4 # overflow?
+ addq $4,$3,$0 # c=high part + overflow
+ stq $1,0($16)
+
+ .align 4
+$43:
+ ret $31,($26),1
+ .end bn_mul_add_words
+ .align 3
+ .globl bn_mul_words
+ .ent bn_mul_words
+bn_mul_words:
+bn_mul_words..ng:
+ .frame $30,0,$26,0
+ .prologue 0
+ subq $18,2,$25 # num=-2
+ bis $31,$31,$0
+ blt $25,$242
+ .align 5
+$342:
+ subq $18,2,$18 # num-=2
+ subq $25,2,$25 # num-=2
+
+ ldq $1,0($17) # a[0]
+ ldq $2,8($17) # a[1]
+
+ mulq $19,$1,$3 # a[0]*w low part r3
+ umulh $19,$1,$1 # a[0]*w high part r1
+ mulq $19,$2,$4 # a[1]*w low part r4
+ umulh $19,$2,$2 # a[1]*w high part r2
+
+ addq $3,$0,$3 # add c
+ cmpult $3,$0,$5 # overflow?
+ stq $3,0($16)
+ addq $5,$1,$0 # c=high part + overflow
+
+ addq $4,$0,$4 # add c
+ cmpult $4,$0,$5 # overflow?
+ stq $4,8($16)
+ addq $5,$2,$0 # c=high part + overflow
+
+ ble $18,$243
+
+ addq $16,16,$16
+ addq $17,16,$17
+ blt $25,$242
+
+ br $31,$342
+$242:
+ ldq $1,0($17) # a[0]
+ umulh $19,$1,$3 # a[0]*w high part
+ mulq $19,$1,$1 # a[0]*w low part
+ addq $1,$0,$1 # add c
+ cmpult $1,$0,$4 # overflow?
+ addq $4,$3,$0 # c=high part + overflow
+ stq $1,0($16)
+$243:
+ ret $31,($26),1
+ .end bn_mul_words
+ .align 3
+ .globl bn_sqr_words
+ .ent bn_sqr_words
+bn_sqr_words:
+bn_sqr_words..ng:
+ .frame $30,0,$26,0
+ .prologue 0
+
+ subq $18,2,$25 # num=-2
+ blt $25,$442
+ .align 5
+$542:
+ subq $18,2,$18 # num-=2
+ subq $25,2,$25 # num-=2
+
+ ldq $1,0($17) # a[0]
+ ldq $4,8($17) # a[1]
+
+ mulq $1,$1,$2 # a[0]*w low part r2
+ umulh $1,$1,$3 # a[0]*w high part r3
+ mulq $4,$4,$5 # a[1]*w low part r5
+ umulh $4,$4,$6 # a[1]*w high part r6
+
+ stq $2,0($16) # r[0]
+ stq $3,8($16) # r[1]
+ stq $5,16($16) # r[3]
+ stq $6,24($16) # r[4]
+
+ ble $18,$443
+
+ addq $16,32,$16
+ addq $17,16,$17
+ blt $25,$442
+ br $31,$542
+
+$442:
+ ldq $1,0($17) # a[0]
+ mulq $1,$1,$2 # a[0]*w low part r2
+ umulh $1,$1,$3 # a[0]*w high part r3
+ stq $2,0($16) # r[0]
+ stq $3,8($16) # r[1]
+
+ .align 4
+$443:
+ ret $31,($26),1
+ .end bn_sqr_words
+
+ .align 3
+ .globl bn_add_words
+ .ent bn_add_words
+bn_add_words:
+bn_add_words..ng:
+ .frame $30,0,$26,0
+ .prologue 0
+
+ bis $31,$31,$8 # carry = 0
+ ble $19,$900
+$901:
+ ldq $0,0($17) # a[0]
+ ldq $1,0($18) # a[1]
+
+ addq $0,$1,$3 # c=a+b;
+ addq $17,8,$17 # a++
+
+ cmpult $3,$1,$7 # did we overflow?
+ addq $18,8,$18 # b++
+
+ addq $8,$3,$3 # c+=carry
+
+ cmpult $3,$8,$8 # did we overflow?
+ stq $3,($16) # r[0]=c
+
+ addq $7,$8,$8 # add into overflow
+ subq $19,1,$19 # loop--
+
+ addq $16,8,$16 # r++
+ bgt $19,$901
+$900:
+ bis $8,$8,$0 # return carry
+ ret $31,($26),1
+ .end bn_add_words
+
+ #
+ # What follows was taken directly from the C compiler with a few
+ # hacks to redo the lables.
+ #
+.text
+ .align 3
+ .globl bn_div64
+ .ent bn_div64
+bn_div64:
+ ldgp $29,0($27)
+bn_div64..ng:
+ lda $30,-48($30)
+ .frame $30,48,$26,0
+ stq $26,0($30)
+ stq $9,8($30)
+ stq $10,16($30)
+ stq $11,24($30)
+ stq $12,32($30)
+ stq $13,40($30)
+ .mask 0x4003e00,-48
+ .prologue 1
+ bis $16,$16,$9
+ bis $17,$17,$10
+ bis $18,$18,$11
+ bis $31,$31,$13
+ bis $31,2,$12
+ bne $11,$119
+ lda $0,-1
+ br $31,$136
+ .align 4
+$119:
+ bis $11,$11,$16
+ jsr $26,BN_num_bits_word
+ ldgp $29,0($26)
+ subq $0,64,$1
+ beq $1,$120
+ bis $31,1,$1
+ sll $1,$0,$1
+ cmpule $9,$1,$1
+ bne $1,$120
+ # lda $16,_IO_stderr_
+ # lda $17,$C32
+ # bis $0,$0,$18
+ # jsr $26,fprintf
+ # ldgp $29,0($26)
+ jsr $26,abort
+ ldgp $29,0($26)
+ .align 4
+$120:
+ bis $31,64,$3
+ cmpult $9,$11,$2
+ subq $3,$0,$1
+ addl $1,$31,$0
+ subq $9,$11,$1
+ cmoveq $2,$1,$9
+ beq $0,$122
+ zapnot $0,15,$2
+ subq $3,$0,$1
+ sll $11,$2,$11
+ sll $9,$2,$3
+ srl $10,$1,$1
+ sll $10,$2,$10
+ bis $3,$1,$9
+$122:
+ srl $11,32,$5
+ zapnot $11,15,$6
+ lda $7,-1
+ .align 5
+$123:
+ srl $9,32,$1
+ subq $1,$5,$1
+ bne $1,$126
+ zapnot $7,15,$27
+ br $31,$127
+ .align 4
+$126:
+ bis $9,$9,$24
+ bis $5,$5,$25
+ divqu $24,$25,$27
+$127:
+ srl $10,32,$4
+ .align 5
+$128:
+ mulq $27,$5,$1
+ subq $9,$1,$3
+ zapnot $3,240,$1
+ bne $1,$129
+ mulq $6,$27,$2
+ sll $3,32,$1
+ addq $1,$4,$1
+ cmpule $2,$1,$2
+ bne $2,$129
+ subq $27,1,$27
+ br $31,$128
+ .align 4
+$129:
+ mulq $27,$6,$1
+ mulq $27,$5,$4
+ srl $1,32,$3
+ sll $1,32,$1
+ addq $4,$3,$4
+ cmpult $10,$1,$2
+ subq $10,$1,$10
+ addq $2,$4,$2
+ cmpult $9,$2,$1
+ bis $2,$2,$4
+ beq $1,$134
+ addq $9,$11,$9
+ subq $27,1,$27
+$134:
+ subl $12,1,$12
+ subq $9,$4,$9
+ beq $12,$124
+ sll $27,32,$13
+ sll $9,32,$2
+ srl $10,32,$1
+ sll $10,32,$10
+ bis $2,$1,$9
+ br $31,$123
+ .align 4
+$124:
+ bis $13,$27,$0
+$136:
+ ldq $26,0($30)
+ ldq $9,8($30)
+ ldq $10,16($30)
+ ldq $11,24($30)
+ ldq $12,32($30)
+ ldq $13,40($30)
+ addq $30,48,$30
+ ret $31,($26),1
+ .end bn_div64
+ .ident "GCC: (GNU) 2.7.2.1"
+
+
diff --git a/src/lib/libssl/src/crypto/bn/asm/bn-586.pl b/src/lib/libssl/src/crypto/bn/asm/bn-586.pl
new file mode 100644
index 0000000000..19d425ee96
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bn/asm/bn-586.pl
@@ -0,0 +1,314 @@
+#!/usr/bin/perl
+#
+
+#!/usr/local/bin/perl
+
+push(@INC,"perlasm","../../perlasm");
+require "x86asm.pl";
+
+&asm_init($ARGV[0],"bn-586.pl");
+
+&bn_mul_add_words("bn_mul_add_words");
+&bn_mul_words("bn_mul_words");
+&bn_sqr_words("bn_sqr_words");
+&bn_div64("bn_div64");
+&bn_add_words("bn_add_words");
+
+&asm_finish();
+
+sub bn_mul_add_words
+ {
+ local($name)=@_;
+
+ &function_begin($name,"");
+
+ &comment("");
+ $Low="eax";
+ $High="edx";
+ $a="ebx";
+ $w="ebp";
+ $r="edi";
+ $c="esi";
+
+ &xor($c,$c); # clear carry
+ &mov($r,&wparam(0)); #
+
+ &mov("ecx",&wparam(2)); #
+ &mov($a,&wparam(1)); #
+
+ &and("ecx",0xfffffff8); # num / 8
+ &mov($w,&wparam(3)); #
+
+ &push("ecx"); # Up the stack for a tmp variable
+
+ &jz(&label("maw_finish"));
+
+ &set_label("maw_loop",0);
+
+ &mov(&swtmp(0),"ecx"); #
+
+ for ($i=0; $i<32; $i+=4)
+ {
+ &comment("Round $i");
+
+ &mov("eax",&DWP($i,$a,"",0)); # *a
+ &mul($w); # *a * w
+ &add("eax",$c); # L(t)+= *r
+ &mov($c,&DWP($i,$r,"",0)); # L(t)+= *r
+ &adc("edx",0); # H(t)+=carry
+ &add("eax",$c); # L(t)+=c
+ &adc("edx",0); # H(t)+=carry
+ &mov(&DWP($i,$r,"",0),"eax"); # *r= L(t);
+ &mov($c,"edx"); # c= H(t);
+ }
+
+ &comment("");
+ &mov("ecx",&swtmp(0)); #
+ &add($a,32);
+ &add($r,32);
+ &sub("ecx",8);
+ &jnz(&label("maw_loop"));
+
+ &set_label("maw_finish",0);
+ &mov("ecx",&wparam(2)); # get num
+ &and("ecx",7);
+ &jnz(&label("maw_finish2")); # helps branch prediction
+ &jmp(&label("maw_end"));
+
+ &set_label("maw_finish2",1);
+ for ($i=0; $i<7; $i++)
+ {
+ &comment("Tail Round $i");
+ &mov("eax",&DWP($i*4,$a,"",0));# *a
+ &mul($w); # *a * w
+ &add("eax",$c); # L(t)+=c
+ &mov($c,&DWP($i*4,$r,"",0)); # L(t)+= *r
+ &adc("edx",0); # H(t)+=carry
+ &add("eax",$c);
+ &adc("edx",0); # H(t)+=carry
+ &dec("ecx") if ($i != 7-1);
+ &mov(&DWP($i*4,$r,"",0),"eax"); # *r= L(t);
+ &mov($c,"edx"); # c= H(t);
+ &jz(&label("maw_end")) if ($i != 7-1);
+ }
+ &set_label("maw_end",0);
+ &mov("eax",$c);
+
+ &pop("ecx"); # clear variable from
+
+ &function_end($name);
+ }
+
+sub bn_mul_words
+ {
+ local($name)=@_;
+
+ &function_begin($name,"");
+
+ &comment("");
+ $Low="eax";
+ $High="edx";
+ $a="ebx";
+ $w="ecx";
+ $r="edi";
+ $c="esi";
+ $num="ebp";
+
+ &xor($c,$c); # clear carry
+ &mov($r,&wparam(0)); #
+ &mov($a,&wparam(1)); #
+ &mov($num,&wparam(2)); #
+ &mov($w,&wparam(3)); #
+
+ &and($num,0xfffffff8); # num / 8
+ &jz(&label("mw_finish"));
+
+ &set_label("mw_loop",0);
+ for ($i=0; $i<32; $i+=4)
+ {
+ &comment("Round $i");
+
+ &mov("eax",&DWP($i,$a,"",0)); # *a
+ &mul($w); # *a * w
+ &add("eax",$c); # L(t)+=c
+ # XXX
+
+ &adc("edx",0); # H(t)+=carry
+ &mov(&DWP($i,$r,"",0),"eax"); # *r= L(t);
+
+ &mov($c,"edx"); # c= H(t);
+ }
+
+ &comment("");
+ &add($a,32);
+ &add($r,32);
+ &sub($num,8);
+ &jz(&label("mw_finish"));
+ &jmp(&label("mw_loop"));
+
+ &set_label("mw_finish",0);
+ &mov($num,&wparam(2)); # get num
+ &and($num,7);
+ &jnz(&label("mw_finish2"));
+ &jmp(&label("mw_end"));
+
+ &set_label("mw_finish2",1);
+ for ($i=0; $i<7; $i++)
+ {
+ &comment("Tail Round $i");
+ &mov("eax",&DWP($i*4,$a,"",0));# *a
+ &mul($w); # *a * w
+ &add("eax",$c); # L(t)+=c
+ # XXX
+ &adc("edx",0); # H(t)+=carry
+ &mov(&DWP($i*4,$r,"",0),"eax");# *r= L(t);
+ &mov($c,"edx"); # c= H(t);
+ &dec($num) if ($i != 7-1);
+ &jz(&label("mw_end")) if ($i != 7-1);
+ }
+ &set_label("mw_end",0);
+ &mov("eax",$c);
+
+ &function_end($name);
+ }
+
+sub bn_sqr_words
+ {
+ local($name)=@_;
+
+ &function_begin($name,"");
+
+ &comment("");
+ $r="esi";
+ $a="edi";
+ $num="ebx";
+
+ &mov($r,&wparam(0)); #
+ &mov($a,&wparam(1)); #
+ &mov($num,&wparam(2)); #
+
+ &and($num,0xfffffff8); # num / 8
+ &jz(&label("sw_finish"));
+
+ &set_label("sw_loop",0);
+ for ($i=0; $i<32; $i+=4)
+ {
+ &comment("Round $i");
+ &mov("eax",&DWP($i,$a,"",0)); # *a
+ # XXX
+ &mul("eax"); # *a * *a
+ &mov(&DWP($i*2,$r,"",0),"eax"); #
+ &mov(&DWP($i*2+4,$r,"",0),"edx");#
+ }
+
+ &comment("");
+ &add($a,32);
+ &add($r,64);
+ &sub($num,8);
+ &jnz(&label("sw_loop"));
+
+ &set_label("sw_finish",0);
+ &mov($num,&wparam(2)); # get num
+ &and($num,7);
+ &jz(&label("sw_end"));
+
+ for ($i=0; $i<7; $i++)
+ {
+ &comment("Tail Round $i");
+ &mov("eax",&DWP($i*4,$a,"",0)); # *a
+ # XXX
+ &mul("eax"); # *a * *a
+ &mov(&DWP($i*8,$r,"",0),"eax"); #
+ &dec($num) if ($i != 7-1);
+ &mov(&DWP($i*8+4,$r,"",0),"edx");
+ &jz(&label("sw_end")) if ($i != 7-1);
+ }
+ &set_label("sw_end",0);
+
+ &function_end($name);
+ }
+
+sub bn_div64
+ {
+ local($name)=@_;
+
+ &function_begin($name,"");
+ &mov("edx",&wparam(0)); #
+ &mov("eax",&wparam(1)); #
+ &mov("ebx",&wparam(2)); #
+ &div("ebx");
+ &function_end($name);
+ }
+
+sub bn_add_words
+ {
+ local($name)=@_;
+
+ &function_begin($name,"");
+
+ &comment("");
+ $a="esi";
+ $b="edi";
+ $c="eax";
+ $r="ebx";
+ $tmp1="ecx";
+ $tmp2="edx";
+ $num="ebp";
+
+ &mov($r,&wparam(0)); # get r
+ &mov($a,&wparam(1)); # get a
+ &mov($b,&wparam(2)); # get b
+ &mov($num,&wparam(3)); # get num
+ &xor($c,$c); # clear carry
+ &and($num,0xfffffff8); # num / 8
+
+ &jz(&label("aw_finish"));
+
+ &set_label("aw_loop",0);
+ for ($i=0; $i<8; $i++)
+ {
+ &comment("Round $i");
+
+ &mov($tmp1,&DWP($i*4,$a,"",0)); # *a
+ &mov($tmp2,&DWP($i*4,$b,"",0)); # *b
+ &add($tmp1,$c);
+ &mov($c,0);
+ &adc($c,$c);
+ &add($tmp1,$tmp2);
+ &adc($c,0);
+ &mov(&DWP($i*4,$r,"",0),$tmp1); # *r
+ }
+
+ &comment("");
+ &add($a,32);
+ &add($b,32);
+ &add($r,32);
+ &sub($num,8);
+ &jnz(&label("aw_loop"));
+
+ &set_label("aw_finish",0);
+ &mov($num,&wparam(3)); # get num
+ &and($num,7);
+ &jz(&label("aw_end"));
+
+ for ($i=0; $i<7; $i++)
+ {
+ &comment("Tail Round $i");
+ &mov($tmp1,&DWP($i*4,$a,"",0)); # *a
+ &mov($tmp2,&DWP($i*4,$b,"",0));# *b
+ &add($tmp1,$c);
+ &mov($c,0);
+ &adc($c,$c);
+ &add($tmp1,$tmp2);
+ &adc($c,0);
+ &dec($num) if ($i != 6);
+ &mov(&DWP($i*4,$r,"",0),$tmp1); # *a
+ &jz(&label("aw_end")) if ($i != 6);
+ }
+ &set_label("aw_end",0);
+
+ &mov("eax",$c);
+
+ &function_end($name);
+ }
+
diff --git a/src/lib/libssl/src/crypto/bn/asm/pa-risc.s b/src/lib/libssl/src/crypto/bn/asm/pa-risc.s
new file mode 100644
index 0000000000..775130a191
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bn/asm/pa-risc.s
@@ -0,0 +1,710 @@
+ .SPACE $PRIVATE$
+ .SUBSPA $DATA$,QUAD=1,ALIGN=8,ACCESS=31
+ .SUBSPA $BSS$,QUAD=1,ALIGN=8,ACCESS=31,ZERO,SORT=82
+ .SPACE $TEXT$
+ .SUBSPA $LIT$,QUAD=0,ALIGN=8,ACCESS=44
+ .SUBSPA $CODE$,QUAD=0,ALIGN=8,ACCESS=44,CODE_ONLY
+ .IMPORT $global$,DATA
+ .IMPORT $$dyncall,MILLICODE
+; gcc_compiled.:
+ .SPACE $TEXT$
+ .SUBSPA $CODE$
+
+ .align 4
+ .EXPORT bn_mul_add_words,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,RTNVAL=GR
+bn_mul_add_words
+ .PROC
+ .CALLINFO FRAME=0,CALLS,SAVE_RP
+ .ENTRY
+ stw %r2,-20(0,%r30)
+ ldi 0,%r28
+ extru %r23,31,16,%r2
+ stw %r2,-16(0,%r30)
+ extru %r23,15,16,%r23
+ ldil L'65536,%r31
+ fldws -16(0,%r30),%fr11R
+ stw %r23,-16(0,%r30)
+ ldo 12(%r25),%r29
+ ldo 12(%r26),%r23
+ fldws -16(0,%r30),%fr11L
+L$0002
+ ldw 0(0,%r25),%r19
+ extru %r19,31,16,%r20
+ stw %r20,-16(0,%r30)
+ extru %r19,15,16,%r19
+ fldws -16(0,%r30),%fr22L
+ stw %r19,-16(0,%r30)
+ xmpyu %fr22L,%fr11R,%fr8
+ fldws -16(0,%r30),%fr22L
+ fstws %fr8R,-16(0,%r30)
+ xmpyu %fr11R,%fr22L,%fr10
+ ldw -16(0,%r30),%r2
+ stw %r20,-16(0,%r30)
+ xmpyu %fr22L,%fr11L,%fr9
+ fldws -16(0,%r30),%fr22L
+ fstws %fr10R,-16(0,%r30)
+ copy %r2,%r22
+ ldw -16(0,%r30),%r2
+ fstws %fr9R,-16(0,%r30)
+ xmpyu %fr11L,%fr22L,%fr8
+ copy %r2,%r19
+ ldw -16(0,%r30),%r2
+ fstws %fr8R,-16(0,%r30)
+ copy %r2,%r20
+ ldw -16(0,%r30),%r2
+ addl %r2,%r19,%r21
+ comclr,<<= %r19,%r21,0
+ addl %r20,%r31,%r20
+L$0005
+ extru %r21,15,16,%r19
+ addl %r20,%r19,%r20
+ zdep %r21,15,16,%r19
+ addl %r22,%r19,%r22
+ comclr,<<= %r19,%r22,0
+ addi,tr 1,%r20,%r19
+ copy %r20,%r19
+ addl %r22,%r28,%r20
+ comclr,<<= %r28,%r20,0
+ addi 1,%r19,%r19
+ ldw 0(0,%r26),%r28
+ addl %r20,%r28,%r20
+ comclr,<<= %r28,%r20,0
+ addi,tr 1,%r19,%r28
+ copy %r19,%r28
+ addib,= -1,%r24,L$0003
+ stw %r20,0(0,%r26)
+ ldw -8(0,%r29),%r19
+ extru %r19,31,16,%r20
+ stw %r20,-16(0,%r30)
+ extru %r19,15,16,%r19
+ fldws -16(0,%r30),%fr22L
+ stw %r19,-16(0,%r30)
+ xmpyu %fr22L,%fr11R,%fr8
+ fldws -16(0,%r30),%fr22L
+ fstws %fr8R,-16(0,%r30)
+ xmpyu %fr11R,%fr22L,%fr10
+ ldw -16(0,%r30),%r2
+ stw %r20,-16(0,%r30)
+ xmpyu %fr22L,%fr11L,%fr9
+ fldws -16(0,%r30),%fr22L
+ fstws %fr10R,-16(0,%r30)
+ copy %r2,%r22
+ ldw -16(0,%r30),%r2
+ fstws %fr9R,-16(0,%r30)
+ xmpyu %fr11L,%fr22L,%fr8
+ copy %r2,%r19
+ ldw -16(0,%r30),%r2
+ fstws %fr8R,-16(0,%r30)
+ copy %r2,%r20
+ ldw -16(0,%r30),%r2
+ addl %r2,%r19,%r21
+ comclr,<<= %r19,%r21,0
+ addl %r20,%r31,%r20
+L$0010
+ extru %r21,15,16,%r19
+ addl %r20,%r19,%r20
+ zdep %r21,15,16,%r19
+ addl %r22,%r19,%r22
+ comclr,<<= %r19,%r22,0
+ addi,tr 1,%r20,%r19
+ copy %r20,%r19
+ addl %r22,%r28,%r20
+ comclr,<<= %r28,%r20,0
+ addi 1,%r19,%r19
+ ldw -8(0,%r23),%r28
+ addl %r20,%r28,%r20
+ comclr,<<= %r28,%r20,0
+ addi,tr 1,%r19,%r28
+ copy %r19,%r28
+ addib,= -1,%r24,L$0003
+ stw %r20,-8(0,%r23)
+ ldw -4(0,%r29),%r19
+ extru %r19,31,16,%r20
+ stw %r20,-16(0,%r30)
+ extru %r19,15,16,%r19
+ fldws -16(0,%r30),%fr22L
+ stw %r19,-16(0,%r30)
+ xmpyu %fr22L,%fr11R,%fr8
+ fldws -16(0,%r30),%fr22L
+ fstws %fr8R,-16(0,%r30)
+ xmpyu %fr11R,%fr22L,%fr10
+ ldw -16(0,%r30),%r2
+ stw %r20,-16(0,%r30)
+ xmpyu %fr22L,%fr11L,%fr9
+ fldws -16(0,%r30),%fr22L
+ fstws %fr10R,-16(0,%r30)
+ copy %r2,%r22
+ ldw -16(0,%r30),%r2
+ fstws %fr9R,-16(0,%r30)
+ xmpyu %fr11L,%fr22L,%fr8
+ copy %r2,%r19
+ ldw -16(0,%r30),%r2
+ fstws %fr8R,-16(0,%r30)
+ copy %r2,%r20
+ ldw -16(0,%r30),%r2
+ addl %r2,%r19,%r21
+ comclr,<<= %r19,%r21,0
+ addl %r20,%r31,%r20
+L$0015
+ extru %r21,15,16,%r19
+ addl %r20,%r19,%r20
+ zdep %r21,15,16,%r19
+ addl %r22,%r19,%r22
+ comclr,<<= %r19,%r22,0
+ addi,tr 1,%r20,%r19
+ copy %r20,%r19
+ addl %r22,%r28,%r20
+ comclr,<<= %r28,%r20,0
+ addi 1,%r19,%r19
+ ldw -4(0,%r23),%r28
+ addl %r20,%r28,%r20
+ comclr,<<= %r28,%r20,0
+ addi,tr 1,%r19,%r28
+ copy %r19,%r28
+ addib,= -1,%r24,L$0003
+ stw %r20,-4(0,%r23)
+ ldw 0(0,%r29),%r19
+ extru %r19,31,16,%r20
+ stw %r20,-16(0,%r30)
+ extru %r19,15,16,%r19
+ fldws -16(0,%r30),%fr22L
+ stw %r19,-16(0,%r30)
+ xmpyu %fr22L,%fr11R,%fr8
+ fldws -16(0,%r30),%fr22L
+ fstws %fr8R,-16(0,%r30)
+ xmpyu %fr11R,%fr22L,%fr10
+ ldw -16(0,%r30),%r2
+ stw %r20,-16(0,%r30)
+ xmpyu %fr22L,%fr11L,%fr9
+ fldws -16(0,%r30),%fr22L
+ fstws %fr10R,-16(0,%r30)
+ copy %r2,%r22
+ ldw -16(0,%r30),%r2
+ fstws %fr9R,-16(0,%r30)
+ xmpyu %fr11L,%fr22L,%fr8
+ copy %r2,%r19
+ ldw -16(0,%r30),%r2
+ fstws %fr8R,-16(0,%r30)
+ copy %r2,%r20
+ ldw -16(0,%r30),%r2
+ addl %r2,%r19,%r21
+ comclr,<<= %r19,%r21,0
+ addl %r20,%r31,%r20
+L$0020
+ extru %r21,15,16,%r19
+ addl %r20,%r19,%r20
+ zdep %r21,15,16,%r19
+ addl %r22,%r19,%r22
+ comclr,<<= %r19,%r22,0
+ addi,tr 1,%r20,%r19
+ copy %r20,%r19
+ addl %r22,%r28,%r20
+ comclr,<<= %r28,%r20,0
+ addi 1,%r19,%r19
+ ldw 0(0,%r23),%r28
+ addl %r20,%r28,%r20
+ comclr,<<= %r28,%r20,0
+ addi,tr 1,%r19,%r28
+ copy %r19,%r28
+ addib,= -1,%r24,L$0003
+ stw %r20,0(0,%r23)
+ ldo 16(%r29),%r29
+ ldo 16(%r25),%r25
+ ldo 16(%r23),%r23
+ bl L$0002,0
+ ldo 16(%r26),%r26
+L$0003
+ ldw -20(0,%r30),%r2
+ bv,n 0(%r2)
+ .EXIT
+ .PROCEND
+ .align 4
+ .EXPORT bn_mul_words,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,RTNVAL=GR
+bn_mul_words
+ .PROC
+ .CALLINFO FRAME=0,CALLS,SAVE_RP
+ .ENTRY
+ stw %r2,-20(0,%r30)
+ ldi 0,%r28
+ extru %r23,31,16,%r2
+ stw %r2,-16(0,%r30)
+ extru %r23,15,16,%r23
+ ldil L'65536,%r31
+ fldws -16(0,%r30),%fr11R
+ stw %r23,-16(0,%r30)
+ ldo 12(%r26),%r29
+ ldo 12(%r25),%r23
+ fldws -16(0,%r30),%fr11L
+L$0026
+ ldw 0(0,%r25),%r19
+ extru %r19,31,16,%r20
+ stw %r20,-16(0,%r30)
+ extru %r19,15,16,%r19
+ fldws -16(0,%r30),%fr22L
+ stw %r19,-16(0,%r30)
+ xmpyu %fr22L,%fr11R,%fr8
+ fldws -16(0,%r30),%fr22L
+ fstws %fr8R,-16(0,%r30)
+ xmpyu %fr11R,%fr22L,%fr10
+ ldw -16(0,%r30),%r2
+ stw %r20,-16(0,%r30)
+ xmpyu %fr22L,%fr11L,%fr9
+ fldws -16(0,%r30),%fr22L
+ fstws %fr10R,-16(0,%r30)
+ copy %r2,%r22
+ ldw -16(0,%r30),%r2
+ fstws %fr9R,-16(0,%r30)
+ xmpyu %fr11L,%fr22L,%fr8
+ copy %r2,%r19
+ ldw -16(0,%r30),%r2
+ fstws %fr8R,-16(0,%r30)
+ copy %r2,%r20
+ ldw -16(0,%r30),%r2
+ addl %r2,%r19,%r21
+ comclr,<<= %r19,%r21,0
+ addl %r20,%r31,%r20
+L$0029
+ extru %r21,15,16,%r19
+ addl %r20,%r19,%r20
+ zdep %r21,15,16,%r19
+ addl %r22,%r19,%r22
+ comclr,<<= %r19,%r22,0
+ addi,tr 1,%r20,%r19
+ copy %r20,%r19
+ addl %r22,%r28,%r20
+ comclr,<<= %r28,%r20,0
+ addi,tr 1,%r19,%r28
+ copy %r19,%r28
+ addib,= -1,%r24,L$0027
+ stw %r20,0(0,%r26)
+ ldw -8(0,%r23),%r19
+ extru %r19,31,16,%r20
+ stw %r20,-16(0,%r30)
+ extru %r19,15,16,%r19
+ fldws -16(0,%r30),%fr22L
+ stw %r19,-16(0,%r30)
+ xmpyu %fr22L,%fr11R,%fr8
+ fldws -16(0,%r30),%fr22L
+ fstws %fr8R,-16(0,%r30)
+ xmpyu %fr11R,%fr22L,%fr10
+ ldw -16(0,%r30),%r2
+ stw %r20,-16(0,%r30)
+ xmpyu %fr22L,%fr11L,%fr9
+ fldws -16(0,%r30),%fr22L
+ fstws %fr10R,-16(0,%r30)
+ copy %r2,%r22
+ ldw -16(0,%r30),%r2
+ fstws %fr9R,-16(0,%r30)
+ xmpyu %fr11L,%fr22L,%fr8
+ copy %r2,%r19
+ ldw -16(0,%r30),%r2
+ fstws %fr8R,-16(0,%r30)
+ copy %r2,%r20
+ ldw -16(0,%r30),%r2
+ addl %r2,%r19,%r21
+ comclr,<<= %r19,%r21,0
+ addl %r20,%r31,%r20
+L$0033
+ extru %r21,15,16,%r19
+ addl %r20,%r19,%r20
+ zdep %r21,15,16,%r19
+ addl %r22,%r19,%r22
+ comclr,<<= %r19,%r22,0
+ addi,tr 1,%r20,%r19
+ copy %r20,%r19
+ addl %r22,%r28,%r20
+ comclr,<<= %r28,%r20,0
+ addi,tr 1,%r19,%r28
+ copy %r19,%r28
+ addib,= -1,%r24,L$0027
+ stw %r20,-8(0,%r29)
+ ldw -4(0,%r23),%r19
+ extru %r19,31,16,%r20
+ stw %r20,-16(0,%r30)
+ extru %r19,15,16,%r19
+ fldws -16(0,%r30),%fr22L
+ stw %r19,-16(0,%r30)
+ xmpyu %fr22L,%fr11R,%fr8
+ fldws -16(0,%r30),%fr22L
+ fstws %fr8R,-16(0,%r30)
+ xmpyu %fr11R,%fr22L,%fr10
+ ldw -16(0,%r30),%r2
+ stw %r20,-16(0,%r30)
+ xmpyu %fr22L,%fr11L,%fr9
+ fldws -16(0,%r30),%fr22L
+ fstws %fr10R,-16(0,%r30)
+ copy %r2,%r22
+ ldw -16(0,%r30),%r2
+ fstws %fr9R,-16(0,%r30)
+ xmpyu %fr11L,%fr22L,%fr8
+ copy %r2,%r19
+ ldw -16(0,%r30),%r2
+ fstws %fr8R,-16(0,%r30)
+ copy %r2,%r20
+ ldw -16(0,%r30),%r2
+ addl %r2,%r19,%r21
+ comclr,<<= %r19,%r21,0
+ addl %r20,%r31,%r20
+L$0037
+ extru %r21,15,16,%r19
+ addl %r20,%r19,%r20
+ zdep %r21,15,16,%r19
+ addl %r22,%r19,%r22
+ comclr,<<= %r19,%r22,0
+ addi,tr 1,%r20,%r19
+ copy %r20,%r19
+ addl %r22,%r28,%r20
+ comclr,<<= %r28,%r20,0
+ addi,tr 1,%r19,%r28
+ copy %r19,%r28
+ addib,= -1,%r24,L$0027
+ stw %r20,-4(0,%r29)
+ ldw 0(0,%r23),%r19
+ extru %r19,31,16,%r20
+ stw %r20,-16(0,%r30)
+ extru %r19,15,16,%r19
+ fldws -16(0,%r30),%fr22L
+ stw %r19,-16(0,%r30)
+ xmpyu %fr22L,%fr11R,%fr8
+ fldws -16(0,%r30),%fr22L
+ fstws %fr8R,-16(0,%r30)
+ xmpyu %fr11R,%fr22L,%fr10
+ ldw -16(0,%r30),%r2
+ stw %r20,-16(0,%r30)
+ xmpyu %fr22L,%fr11L,%fr9
+ fldws -16(0,%r30),%fr22L
+ fstws %fr10R,-16(0,%r30)
+ copy %r2,%r22
+ ldw -16(0,%r30),%r2
+ fstws %fr9R,-16(0,%r30)
+ xmpyu %fr11L,%fr22L,%fr8
+ copy %r2,%r19
+ ldw -16(0,%r30),%r2
+ fstws %fr8R,-16(0,%r30)
+ copy %r2,%r20
+ ldw -16(0,%r30),%r2
+ addl %r2,%r19,%r21
+ comclr,<<= %r19,%r21,0
+ addl %r20,%r31,%r20
+L$0041
+ extru %r21,15,16,%r19
+ addl %r20,%r19,%r20
+ zdep %r21,15,16,%r19
+ addl %r22,%r19,%r22
+ comclr,<<= %r19,%r22,0
+ addi,tr 1,%r20,%r19
+ copy %r20,%r19
+ addl %r22,%r28,%r20
+ comclr,<<= %r28,%r20,0
+ addi,tr 1,%r19,%r28
+ copy %r19,%r28
+ addib,= -1,%r24,L$0027
+ stw %r20,0(0,%r29)
+ ldo 16(%r23),%r23
+ ldo 16(%r25),%r25
+ ldo 16(%r29),%r29
+ bl L$0026,0
+ ldo 16(%r26),%r26
+L$0027
+ ldw -20(0,%r30),%r2
+ bv,n 0(%r2)
+ .EXIT
+ .PROCEND
+ .align 4
+ .EXPORT bn_sqr_words,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR
+bn_sqr_words
+ .PROC
+ .CALLINFO FRAME=0,NO_CALLS
+ .ENTRY
+ ldo 28(%r26),%r23
+ ldo 12(%r25),%r28
+L$0046
+ ldw 0(0,%r25),%r21
+ extru %r21,31,16,%r22
+ stw %r22,-16(0,%r30)
+ extru %r21,15,16,%r21
+ fldws -16(0,%r30),%fr10L
+ stw %r21,-16(0,%r30)
+ fldws -16(0,%r30),%fr10R
+ xmpyu %fr10L,%fr10R,%fr8
+ fstws %fr8R,-16(0,%r30)
+ ldw -16(0,%r30),%r29
+ stw %r22,-16(0,%r30)
+ fldws -16(0,%r30),%fr10R
+ stw %r21,-16(0,%r30)
+ copy %r29,%r19
+ xmpyu %fr10L,%fr10R,%fr8
+ fldws -16(0,%r30),%fr10L
+ stw %r21,-16(0,%r30)
+ fldws -16(0,%r30),%fr10R
+ fstws %fr8R,-16(0,%r30)
+ extru %r19,16,17,%r20
+ zdep %r19,14,15,%r19
+ ldw -16(0,%r30),%r29
+ xmpyu %fr10L,%fr10R,%fr9
+ addl %r29,%r19,%r22
+ stw %r22,0(0,%r26)
+ fstws %fr9R,-16(0,%r30)
+ ldw -16(0,%r30),%r29
+ addl %r29,%r20,%r21
+ comclr,<<= %r19,%r22,0
+ addi 1,%r21,%r21
+ addib,= -1,%r24,L$0057
+ stw %r21,-24(0,%r23)
+ ldw -8(0,%r28),%r21
+ extru %r21,31,16,%r22
+ stw %r22,-16(0,%r30)
+ extru %r21,15,16,%r21
+ fldws -16(0,%r30),%fr10L
+ stw %r21,-16(0,%r30)
+ fldws -16(0,%r30),%fr10R
+ xmpyu %fr10L,%fr10R,%fr8
+ fstws %fr8R,-16(0,%r30)
+ ldw -16(0,%r30),%r29
+ stw %r22,-16(0,%r30)
+ fldws -16(0,%r30),%fr10R
+ stw %r21,-16(0,%r30)
+ copy %r29,%r19
+ xmpyu %fr10L,%fr10R,%fr8
+ fldws -16(0,%r30),%fr10L
+ stw %r21,-16(0,%r30)
+ fldws -16(0,%r30),%fr10R
+ fstws %fr8R,-16(0,%r30)
+ extru %r19,16,17,%r20
+ zdep %r19,14,15,%r19
+ ldw -16(0,%r30),%r29
+ xmpyu %fr10L,%fr10R,%fr9
+ addl %r29,%r19,%r22
+ stw %r22,-20(0,%r23)
+ fstws %fr9R,-16(0,%r30)
+ ldw -16(0,%r30),%r29
+ addl %r29,%r20,%r21
+ comclr,<<= %r19,%r22,0
+ addi 1,%r21,%r21
+ addib,= -1,%r24,L$0057
+ stw %r21,-16(0,%r23)
+ ldw -4(0,%r28),%r21
+ extru %r21,31,16,%r22
+ stw %r22,-16(0,%r30)
+ extru %r21,15,16,%r21
+ fldws -16(0,%r30),%fr10L
+ stw %r21,-16(0,%r30)
+ fldws -16(0,%r30),%fr10R
+ xmpyu %fr10L,%fr10R,%fr8
+ fstws %fr8R,-16(0,%r30)
+ ldw -16(0,%r30),%r29
+ stw %r22,-16(0,%r30)
+ fldws -16(0,%r30),%fr10R
+ stw %r21,-16(0,%r30)
+ copy %r29,%r19
+ xmpyu %fr10L,%fr10R,%fr8
+ fldws -16(0,%r30),%fr10L
+ stw %r21,-16(0,%r30)
+ fldws -16(0,%r30),%fr10R
+ fstws %fr8R,-16(0,%r30)
+ extru %r19,16,17,%r20
+ zdep %r19,14,15,%r19
+ ldw -16(0,%r30),%r29
+ xmpyu %fr10L,%fr10R,%fr9
+ addl %r29,%r19,%r22
+ stw %r22,-12(0,%r23)
+ fstws %fr9R,-16(0,%r30)
+ ldw -16(0,%r30),%r29
+ addl %r29,%r20,%r21
+ comclr,<<= %r19,%r22,0
+ addi 1,%r21,%r21
+ addib,= -1,%r24,L$0057
+ stw %r21,-8(0,%r23)
+ ldw 0(0,%r28),%r21
+ extru %r21,31,16,%r22
+ stw %r22,-16(0,%r30)
+ extru %r21,15,16,%r21
+ fldws -16(0,%r30),%fr10L
+ stw %r21,-16(0,%r30)
+ fldws -16(0,%r30),%fr10R
+ xmpyu %fr10L,%fr10R,%fr8
+ fstws %fr8R,-16(0,%r30)
+ ldw -16(0,%r30),%r29
+ stw %r22,-16(0,%r30)
+ fldws -16(0,%r30),%fr10R
+ stw %r21,-16(0,%r30)
+ copy %r29,%r19
+ xmpyu %fr10L,%fr10R,%fr8
+ fldws -16(0,%r30),%fr10L
+ stw %r21,-16(0,%r30)
+ fldws -16(0,%r30),%fr10R
+ fstws %fr8R,-16(0,%r30)
+ extru %r19,16,17,%r20
+ zdep %r19,14,15,%r19
+ ldw -16(0,%r30),%r29
+ xmpyu %fr10L,%fr10R,%fr9
+ addl %r29,%r19,%r22
+ stw %r22,-4(0,%r23)
+ fstws %fr9R,-16(0,%r30)
+ ldw -16(0,%r30),%r29
+ addl %r29,%r20,%r21
+ comclr,<<= %r19,%r22,0
+ addi 1,%r21,%r21
+ addib,= -1,%r24,L$0057
+ stw %r21,0(0,%r23)
+ ldo 16(%r28),%r28
+ ldo 16(%r25),%r25
+ ldo 32(%r23),%r23
+ bl L$0046,0
+ ldo 32(%r26),%r26
+L$0057
+ bv,n 0(%r2)
+ .EXIT
+ .PROCEND
+ .IMPORT BN_num_bits_word,CODE
+ .IMPORT fprintf,CODE
+ .IMPORT __iob,DATA
+ .SPACE $TEXT$
+ .SUBSPA $LIT$
+
+ .align 4
+L$C0000
+ .STRING "Division would overflow\x0a\x00"
+ .IMPORT abort,CODE
+ .SPACE $TEXT$
+ .SUBSPA $CODE$
+
+ .align 4
+ .EXPORT bn_div64,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,RTNVAL=GR
+bn_div64
+ .PROC
+ .CALLINFO FRAME=128,CALLS,SAVE_RP,ENTRY_GR=8
+ .ENTRY
+ stw %r2,-20(0,%r30)
+ stwm %r8,128(0,%r30)
+ stw %r7,-124(0,%r30)
+ stw %r4,-112(0,%r30)
+ stw %r3,-108(0,%r30)
+ copy %r26,%r3
+ copy %r25,%r4
+ stw %r6,-120(0,%r30)
+ ldi 0,%r7
+ stw %r5,-116(0,%r30)
+ movb,<> %r24,%r5,L$0059
+ ldi 2,%r6
+ bl L$0076,0
+ ldi -1,%r28
+L$0059
+ .CALL ARGW0=GR
+ bl BN_num_bits_word,%r2
+ copy %r5,%r26
+ ldi 32,%r19
+ comb,= %r19,%r28,L$0060
+ subi 31,%r28,%r19
+ mtsar %r19
+ zvdepi 1,32,%r19
+ comb,>>= %r19,%r3,L$0060
+ addil LR'__iob-$global$+32,%r27
+ ldo RR'__iob-$global$+32(%r1),%r26
+ ldil LR'L$C0000,%r25
+ .CALL ARGW0=GR,ARGW1=GR
+ bl fprintf,%r2
+ ldo RR'L$C0000(%r25),%r25
+ .CALL
+ bl abort,%r2
+ nop
+L$0060
+ comb,>> %r5,%r3,L$0061
+ subi 32,%r28,%r28
+ sub %r3,%r5,%r3
+L$0061
+ comib,= 0,%r28,L$0062
+ subi 31,%r28,%r19
+ mtsar %r19
+ zvdep %r5,32,%r5
+ zvdep %r3,32,%r21
+ subi 32,%r28,%r20
+ mtsar %r20
+ vshd 0,%r4,%r20
+ or %r21,%r20,%r3
+ mtsar %r19
+ zvdep %r4,32,%r4
+L$0062
+ extru %r5,15,16,%r23
+ extru %r5,31,16,%r28
+L$0063
+ extru %r3,15,16,%r19
+ comb,<> %r23,%r19,L$0066
+ copy %r3,%r26
+ bl L$0067,0
+ zdepi -1,31,16,%r29
+L$0066
+ .IMPORT $$divU,MILLICODE
+ bl $$divU,%r31
+ copy %r23,%r25
+L$0067
+ stw %r29,-16(0,%r30)
+ fldws -16(0,%r30),%fr10L
+ stw %r28,-16(0,%r30)
+ fldws -16(0,%r30),%fr10R
+ stw %r23,-16(0,%r30)
+ xmpyu %fr10L,%fr10R,%fr8
+ fldws -16(0,%r30),%fr10R
+ fstws %fr8R,-16(0,%r30)
+ xmpyu %fr10L,%fr10R,%fr9
+ ldw -16(0,%r30),%r8
+ fstws %fr9R,-16(0,%r30)
+ copy %r8,%r22
+ ldw -16(0,%r30),%r8
+ extru %r4,15,16,%r24
+ copy %r8,%r21
+L$0068
+ sub %r3,%r21,%r20
+ copy %r20,%r19
+ depi 0,31,16,%r19
+ comib,<> 0,%r19,L$0069
+ zdep %r20,15,16,%r19
+ addl %r19,%r24,%r19
+ comb,>>= %r19,%r22,L$0069
+ sub %r22,%r28,%r22
+ sub %r21,%r23,%r21
+ bl L$0068,0
+ ldo -1(%r29),%r29
+L$0069
+ stw %r29,-16(0,%r30)
+ fldws -16(0,%r30),%fr10L
+ stw %r28,-16(0,%r30)
+ fldws -16(0,%r30),%fr10R
+ xmpyu %fr10L,%fr10R,%fr8
+ fstws %fr8R,-16(0,%r30)
+ ldw -16(0,%r30),%r8
+ stw %r23,-16(0,%r30)
+ fldws -16(0,%r30),%fr10R
+ copy %r8,%r19
+ xmpyu %fr10L,%fr10R,%fr8
+ fstws %fr8R,-16(0,%r30)
+ extru %r19,15,16,%r20
+ ldw -16(0,%r30),%r8
+ zdep %r19,15,16,%r19
+ addl %r8,%r20,%r20
+ comclr,<<= %r19,%r4,0
+ addi 1,%r20,%r20
+ comb,<<= %r20,%r3,L$0074
+ sub %r4,%r19,%r4
+ addl %r3,%r5,%r3
+ ldo -1(%r29),%r29
+L$0074
+ addib,= -1,%r6,L$0064
+ sub %r3,%r20,%r3
+ zdep %r29,15,16,%r7
+ shd %r3,%r4,16,%r3
+ bl L$0063,0
+ zdep %r4,15,16,%r4
+L$0064
+ or %r7,%r29,%r28
+L$0076
+ ldw -148(0,%r30),%r2
+ ldw -124(0,%r30),%r7
+ ldw -120(0,%r30),%r6
+ ldw -116(0,%r30),%r5
+ ldw -112(0,%r30),%r4
+ ldw -108(0,%r30),%r3
+ bv 0(%r2)
+ ldwm -128(0,%r30),%r8
+ .EXIT
+ .PROCEND
diff --git a/src/lib/libssl/src/crypto/bn/asm/pa-risc2.s b/src/lib/libssl/src/crypto/bn/asm/pa-risc2.s
new file mode 100644
index 0000000000..c2725996a4
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bn/asm/pa-risc2.s
@@ -0,0 +1,416 @@
+ .SPACE $PRIVATE$
+ .SUBSPA $DATA$,QUAD=1,ALIGN=8,ACCESS=31
+ .SUBSPA $BSS$,QUAD=1,ALIGN=8,ACCESS=31,ZERO,SORT=82
+ .SPACE $TEXT$
+ .SUBSPA $LIT$,QUAD=0,ALIGN=8,ACCESS=44
+ .SUBSPA $CODE$,QUAD=0,ALIGN=8,ACCESS=44,CODE_ONLY
+ .IMPORT $global$,DATA
+ .IMPORT $$dyncall,MILLICODE
+; gcc_compiled.:
+ .SPACE $TEXT$
+ .SUBSPA $CODE$
+
+ .align 4
+ .EXPORT bn_mul_add_words,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,RTNVAL=GR
+bn_mul_add_words
+ .PROC
+ .CALLINFO FRAME=64,CALLS,SAVE_RP,ENTRY_GR=4
+ .ENTRY
+ stw %r2,-20(0,%r30)
+ stwm %r4,64(0,%r30)
+ copy %r24,%r31
+ stw %r3,-60(0,%r30)
+ ldi 0,%r20
+ ldo 12(%r26),%r2
+ stw %r23,-16(0,%r30)
+ copy %r25,%r3
+ ldo 12(%r3),%r1
+ fldws -16(0,%r30),%fr8L
+L$0010
+ copy %r20,%r25
+ ldi 0,%r24
+ fldws 0(0,%r3),%fr9L
+ ldw 0(0,%r26),%r19
+ xmpyu %fr8L,%fr9L,%fr9
+ fstds %fr9,-16(0,%r30)
+ copy %r19,%r23
+ ldw -16(0,%r30),%r28
+ ldw -12(0,%r30),%r29
+ ldi 0,%r22
+ add %r23,%r29,%r29
+ addc %r22,%r28,%r28
+ add %r25,%r29,%r29
+ addc %r24,%r28,%r28
+ copy %r28,%r21
+ ldi 0,%r20
+ copy %r21,%r20
+ addib,= -1,%r31,L$0011
+ stw %r29,0(0,%r26)
+ copy %r20,%r25
+ ldi 0,%r24
+ fldws -8(0,%r1),%fr9L
+ ldw -8(0,%r2),%r19
+ xmpyu %fr8L,%fr9L,%fr9
+ fstds %fr9,-16(0,%r30)
+ copy %r19,%r23
+ ldw -16(0,%r30),%r28
+ ldw -12(0,%r30),%r29
+ ldi 0,%r22
+ add %r23,%r29,%r29
+ addc %r22,%r28,%r28
+ add %r25,%r29,%r29
+ addc %r24,%r28,%r28
+ copy %r28,%r21
+ ldi 0,%r20
+ copy %r21,%r20
+ addib,= -1,%r31,L$0011
+ stw %r29,-8(0,%r2)
+ copy %r20,%r25
+ ldi 0,%r24
+ fldws -4(0,%r1),%fr9L
+ ldw -4(0,%r2),%r19
+ xmpyu %fr8L,%fr9L,%fr9
+ fstds %fr9,-16(0,%r30)
+ copy %r19,%r23
+ ldw -16(0,%r30),%r28
+ ldw -12(0,%r30),%r29
+ ldi 0,%r22
+ add %r23,%r29,%r29
+ addc %r22,%r28,%r28
+ add %r25,%r29,%r29
+ addc %r24,%r28,%r28
+ copy %r28,%r21
+ ldi 0,%r20
+ copy %r21,%r20
+ addib,= -1,%r31,L$0011
+ stw %r29,-4(0,%r2)
+ copy %r20,%r25
+ ldi 0,%r24
+ fldws 0(0,%r1),%fr9L
+ ldw 0(0,%r2),%r19
+ xmpyu %fr8L,%fr9L,%fr9
+ fstds %fr9,-16(0,%r30)
+ copy %r19,%r23
+ ldw -16(0,%r30),%r28
+ ldw -12(0,%r30),%r29
+ ldi 0,%r22
+ add %r23,%r29,%r29
+ addc %r22,%r28,%r28
+ add %r25,%r29,%r29
+ addc %r24,%r28,%r28
+ copy %r28,%r21
+ ldi 0,%r20
+ copy %r21,%r20
+ addib,= -1,%r31,L$0011
+ stw %r29,0(0,%r2)
+ ldo 16(%r1),%r1
+ ldo 16(%r3),%r3
+ ldo 16(%r2),%r2
+ bl L$0010,0
+ ldo 16(%r26),%r26
+L$0011
+ copy %r20,%r28
+ ldw -84(0,%r30),%r2
+ ldw -60(0,%r30),%r3
+ bv 0(%r2)
+ ldwm -64(0,%r30),%r4
+ .EXIT
+ .PROCEND
+ .align 4
+ .EXPORT bn_mul_words,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,RTNVAL=GR
+bn_mul_words
+ .PROC
+ .CALLINFO FRAME=64,CALLS,SAVE_RP,ENTRY_GR=3
+ .ENTRY
+ stw %r2,-20(0,%r30)
+ copy %r25,%r2
+ stwm %r4,64(0,%r30)
+ copy %r24,%r19
+ ldi 0,%r28
+ stw %r23,-16(0,%r30)
+ ldo 12(%r26),%r31
+ ldo 12(%r2),%r29
+ fldws -16(0,%r30),%fr8L
+L$0026
+ fldws 0(0,%r2),%fr9L
+ xmpyu %fr8L,%fr9L,%fr9
+ fstds %fr9,-16(0,%r30)
+ copy %r28,%r21
+ ldi 0,%r20
+ ldw -16(0,%r30),%r24
+ ldw -12(0,%r30),%r25
+ add %r21,%r25,%r25
+ addc %r20,%r24,%r24
+ copy %r24,%r23
+ ldi 0,%r22
+ copy %r23,%r28
+ addib,= -1,%r19,L$0027
+ stw %r25,0(0,%r26)
+ fldws -8(0,%r29),%fr9L
+ xmpyu %fr8L,%fr9L,%fr9
+ fstds %fr9,-16(0,%r30)
+ copy %r28,%r21
+ ldi 0,%r20
+ ldw -16(0,%r30),%r24
+ ldw -12(0,%r30),%r25
+ add %r21,%r25,%r25
+ addc %r20,%r24,%r24
+ copy %r24,%r23
+ ldi 0,%r22
+ copy %r23,%r28
+ addib,= -1,%r19,L$0027
+ stw %r25,-8(0,%r31)
+ fldws -4(0,%r29),%fr9L
+ xmpyu %fr8L,%fr9L,%fr9
+ fstds %fr9,-16(0,%r30)
+ copy %r28,%r21
+ ldi 0,%r20
+ ldw -16(0,%r30),%r24
+ ldw -12(0,%r30),%r25
+ add %r21,%r25,%r25
+ addc %r20,%r24,%r24
+ copy %r24,%r23
+ ldi 0,%r22
+ copy %r23,%r28
+ addib,= -1,%r19,L$0027
+ stw %r25,-4(0,%r31)
+ fldws 0(0,%r29),%fr9L
+ xmpyu %fr8L,%fr9L,%fr9
+ fstds %fr9,-16(0,%r30)
+ copy %r28,%r21
+ ldi 0,%r20
+ ldw -16(0,%r30),%r24
+ ldw -12(0,%r30),%r25
+ add %r21,%r25,%r25
+ addc %r20,%r24,%r24
+ copy %r24,%r23
+ ldi 0,%r22
+ copy %r23,%r28
+ addib,= -1,%r19,L$0027
+ stw %r25,0(0,%r31)
+ ldo 16(%r29),%r29
+ ldo 16(%r2),%r2
+ ldo 16(%r31),%r31
+ bl L$0026,0
+ ldo 16(%r26),%r26
+L$0027
+ ldw -84(0,%r30),%r2
+ bv 0(%r2)
+ ldwm -64(0,%r30),%r4
+ .EXIT
+ .PROCEND
+ .align 4
+ .EXPORT bn_sqr_words,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR
+bn_sqr_words
+ .PROC
+ .CALLINFO FRAME=0,NO_CALLS
+ .ENTRY
+ ldo 28(%r26),%r19
+ ldo 12(%r25),%r28
+L$0042
+ fldws 0(0,%r25),%fr8L
+ fldws 0(0,%r25),%fr8R
+ xmpyu %fr8L,%fr8R,%fr8
+ fstds %fr8,-16(0,%r30)
+ ldw -16(0,%r30),%r22
+ ldw -12(0,%r30),%r23
+ stw %r23,0(0,%r26)
+ copy %r22,%r21
+ ldi 0,%r20
+ addib,= -1,%r24,L$0049
+ stw %r21,-24(0,%r19)
+ fldws -8(0,%r28),%fr8L
+ fldws -8(0,%r28),%fr8R
+ xmpyu %fr8L,%fr8R,%fr8
+ fstds %fr8,-16(0,%r30)
+ ldw -16(0,%r30),%r22
+ ldw -12(0,%r30),%r23
+ stw %r23,-20(0,%r19)
+ copy %r22,%r21
+ ldi 0,%r20
+ addib,= -1,%r24,L$0049
+ stw %r21,-16(0,%r19)
+ fldws -4(0,%r28),%fr8L
+ fldws -4(0,%r28),%fr8R
+ xmpyu %fr8L,%fr8R,%fr8
+ fstds %fr8,-16(0,%r30)
+ ldw -16(0,%r30),%r22
+ ldw -12(0,%r30),%r23
+ stw %r23,-12(0,%r19)
+ copy %r22,%r21
+ ldi 0,%r20
+ addib,= -1,%r24,L$0049
+ stw %r21,-8(0,%r19)
+ fldws 0(0,%r28),%fr8L
+ fldws 0(0,%r28),%fr8R
+ xmpyu %fr8L,%fr8R,%fr8
+ fstds %fr8,-16(0,%r30)
+ ldw -16(0,%r30),%r22
+ ldw -12(0,%r30),%r23
+ stw %r23,-4(0,%r19)
+ copy %r22,%r21
+ ldi 0,%r20
+ addib,= -1,%r24,L$0049
+ stw %r21,0(0,%r19)
+ ldo 16(%r28),%r28
+ ldo 16(%r25),%r25
+ ldo 32(%r19),%r19
+ bl L$0042,0
+ ldo 32(%r26),%r26
+L$0049
+ bv,n 0(%r2)
+ .EXIT
+ .PROCEND
+ .IMPORT BN_num_bits_word,CODE
+ .IMPORT fprintf,CODE
+ .IMPORT __iob,DATA
+ .SPACE $TEXT$
+ .SUBSPA $LIT$
+
+ .align 4
+L$C0000
+ .STRING "Division would overflow (%d)\x0a\x00"
+ .IMPORT abort,CODE
+ .SPACE $TEXT$
+ .SUBSPA $CODE$
+
+ .align 4
+ .EXPORT bn_div64,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,RTNVAL=GR
+bn_div64
+ .PROC
+ .CALLINFO FRAME=128,CALLS,SAVE_RP,ENTRY_GR=8
+ .ENTRY
+ stw %r2,-20(0,%r30)
+ stwm %r8,128(0,%r30)
+ stw %r7,-124(0,%r30)
+ stw %r4,-112(0,%r30)
+ stw %r3,-108(0,%r30)
+ copy %r26,%r3
+ copy %r25,%r4
+ stw %r6,-120(0,%r30)
+ ldi 0,%r7
+ stw %r5,-116(0,%r30)
+ movb,<> %r24,%r5,L$0051
+ ldi 2,%r6
+ bl L$0068,0
+ ldi -1,%r28
+L$0051
+ .CALL ARGW0=GR
+ bl BN_num_bits_word,%r2
+ copy %r5,%r26
+ copy %r28,%r24
+ ldi 32,%r19
+ comb,= %r19,%r24,L$0052
+ subi 31,%r24,%r19
+ mtsar %r19
+ zvdepi 1,32,%r19
+ comb,>>= %r19,%r3,L$0052
+ addil LR'__iob-$global$+32,%r27
+ ldo RR'__iob-$global$+32(%r1),%r26
+ ldil LR'L$C0000,%r25
+ .CALL ARGW0=GR,ARGW1=GR,ARGW2=GR
+ bl fprintf,%r2
+ ldo RR'L$C0000(%r25),%r25
+ .CALL
+ bl abort,%r2
+ nop
+L$0052
+ comb,>> %r5,%r3,L$0053
+ subi 32,%r24,%r24
+ sub %r3,%r5,%r3
+L$0053
+ comib,= 0,%r24,L$0054
+ subi 31,%r24,%r19
+ mtsar %r19
+ zvdep %r5,32,%r5
+ zvdep %r3,32,%r21
+ subi 32,%r24,%r20
+ mtsar %r20
+ vshd 0,%r4,%r20
+ or %r21,%r20,%r3
+ mtsar %r19
+ zvdep %r4,32,%r4
+L$0054
+ extru %r5,15,16,%r23
+ extru %r5,31,16,%r28
+L$0055
+ extru %r3,15,16,%r19
+ comb,<> %r23,%r19,L$0058
+ copy %r3,%r26
+ bl L$0059,0
+ zdepi -1,31,16,%r29
+L$0058
+ .IMPORT $$divU,MILLICODE
+ bl $$divU,%r31
+ copy %r23,%r25
+L$0059
+ stw %r29,-16(0,%r30)
+ fldws -16(0,%r30),%fr10L
+ stw %r28,-16(0,%r30)
+ fldws -16(0,%r30),%fr10R
+ stw %r23,-16(0,%r30)
+ xmpyu %fr10L,%fr10R,%fr8
+ fldws -16(0,%r30),%fr10R
+ fstws %fr8R,-16(0,%r30)
+ xmpyu %fr10L,%fr10R,%fr9
+ ldw -16(0,%r30),%r8
+ fstws %fr9R,-16(0,%r30)
+ copy %r8,%r22
+ ldw -16(0,%r30),%r8
+ extru %r4,15,16,%r24
+ copy %r8,%r21
+L$0060
+ sub %r3,%r21,%r20
+ copy %r20,%r19
+ depi 0,31,16,%r19
+ comib,<> 0,%r19,L$0061
+ zdep %r20,15,16,%r19
+ addl %r19,%r24,%r19
+ comb,>>= %r19,%r22,L$0061
+ sub %r22,%r28,%r22
+ sub %r21,%r23,%r21
+ bl L$0060,0
+ ldo -1(%r29),%r29
+L$0061
+ stw %r29,-16(0,%r30)
+ fldws -16(0,%r30),%fr10L
+ stw %r28,-16(0,%r30)
+ fldws -16(0,%r30),%fr10R
+ xmpyu %fr10L,%fr10R,%fr8
+ fstws %fr8R,-16(0,%r30)
+ ldw -16(0,%r30),%r8
+ stw %r23,-16(0,%r30)
+ fldws -16(0,%r30),%fr10R
+ copy %r8,%r19
+ xmpyu %fr10L,%fr10R,%fr8
+ fstws %fr8R,-16(0,%r30)
+ extru %r19,15,16,%r20
+ ldw -16(0,%r30),%r8
+ zdep %r19,15,16,%r19
+ addl %r8,%r20,%r20
+ comclr,<<= %r19,%r4,0
+ addi 1,%r20,%r20
+ comb,<<= %r20,%r3,L$0066
+ sub %r4,%r19,%r4
+ addl %r3,%r5,%r3
+ ldo -1(%r29),%r29
+L$0066
+ addib,= -1,%r6,L$0056
+ sub %r3,%r20,%r3
+ zdep %r29,15,16,%r7
+ shd %r3,%r4,16,%r3
+ bl L$0055,0
+ zdep %r4,15,16,%r4
+L$0056
+ or %r7,%r29,%r28
+L$0068
+ ldw -148(0,%r30),%r2
+ ldw -124(0,%r30),%r7
+ ldw -120(0,%r30),%r6
+ ldw -116(0,%r30),%r5
+ ldw -112(0,%r30),%r4
+ ldw -108(0,%r30),%r3
+ bv 0(%r2)
+ ldwm -128(0,%r30),%r8
+ .EXIT
+ .PROCEND
diff --git a/src/lib/libssl/src/crypto/bn/asm/r3000.s b/src/lib/libssl/src/crypto/bn/asm/r3000.s
new file mode 100644
index 0000000000..e95269afa3
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bn/asm/r3000.s
@@ -0,0 +1,646 @@
+ .file 1 "../bn_mulw.c"
+ .set nobopt
+ .option pic2
+
+ # GNU C 2.6.3 [AL 1.1, MM 40] SGI running IRIX 5.0 compiled by GNU C
+
+ # Cc1 defaults:
+ # -mabicalls
+
+ # Cc1 arguments (-G value = 0, Cpu = 3000, ISA = 1):
+ # -quiet -dumpbase -O2 -o
+
+gcc2_compiled.:
+__gnu_compiled_c:
+ .rdata
+
+ .byte 0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
+ .byte 0x6e,0x3a,0x20,0x31,0x2e,0x34,0x39,0x20
+ .byte 0x24,0x0
+
+ .byte 0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
+ .byte 0x6e,0x3a,0x20,0x31,0x2e,0x33,0x34,0x20
+ .byte 0x24,0x0
+
+ .byte 0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
+ .byte 0x6e,0x3a,0x20,0x31,0x2e,0x35,0x20,0x24
+ .byte 0x0
+
+ .byte 0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
+ .byte 0x6e,0x3a,0x20,0x31,0x2e,0x38,0x20,0x24
+ .byte 0x0
+
+ .byte 0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
+ .byte 0x6e,0x3a,0x20,0x31,0x2e,0x32,0x33,0x20
+ .byte 0x24,0x0
+
+ .byte 0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
+ .byte 0x6e,0x3a,0x20,0x31,0x2e,0x37,0x38,0x20
+ .byte 0x24,0x0
+
+ .byte 0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
+ .byte 0x6e,0x3a,0x20,0x33,0x2e,0x37,0x30,0x20
+ .byte 0x24,0x0
+
+ .byte 0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
+ .byte 0x6e,0x3a,0x20,0x31,0x2e,0x32,0x20,0x24
+ .byte 0x0
+
+ .byte 0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
+ .byte 0x6e,0x3a,0x20,0x31,0x2e,0x34,0x20,0x24
+ .byte 0x0
+
+ .byte 0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
+ .byte 0x6e,0x3a,0x20,0x31,0x2e,0x38,0x20,0x24
+ .byte 0x0
+ .text
+ .align 2
+ .globl bn_mul_add_words
+ .ent bn_mul_add_words
+bn_mul_add_words:
+ .frame $sp,0,$31 # vars= 0, regs= 0/0, args= 0, extra= 0
+ .mask 0x00000000,0
+ .fmask 0x00000000,0
+ .set noreorder
+ .cpload $25
+ .set reorder
+ move $12,$4
+ move $14,$5
+ move $9,$6
+ move $13,$7
+ move $8,$0
+ addu $10,$12,12
+ addu $11,$14,12
+$L2:
+ lw $6,0($14)
+ #nop
+ multu $13,$6
+ mfhi $6
+ mflo $7
+ #nop
+ move $5,$8
+ move $4,$0
+ lw $3,0($12)
+ addu $9,$9,-1
+ move $2,$0
+ addu $7,$7,$3
+ sltu $8,$7,$3
+ addu $6,$6,$2
+ addu $6,$6,$8
+ addu $7,$7,$5
+ sltu $2,$7,$5
+ addu $6,$6,$4
+ addu $6,$6,$2
+ srl $3,$6,0
+ move $2,$0
+ move $8,$3
+ .set noreorder
+ .set nomacro
+ beq $9,$0,$L3
+ sw $7,0($12)
+ .set macro
+ .set reorder
+
+ lw $6,-8($11)
+ #nop
+ multu $13,$6
+ mfhi $6
+ mflo $7
+ #nop
+ move $5,$8
+ move $4,$0
+ lw $3,-8($10)
+ addu $9,$9,-1
+ move $2,$0
+ addu $7,$7,$3
+ sltu $8,$7,$3
+ addu $6,$6,$2
+ addu $6,$6,$8
+ addu $7,$7,$5
+ sltu $2,$7,$5
+ addu $6,$6,$4
+ addu $6,$6,$2
+ srl $3,$6,0
+ move $2,$0
+ move $8,$3
+ .set noreorder
+ .set nomacro
+ beq $9,$0,$L3
+ sw $7,-8($10)
+ .set macro
+ .set reorder
+
+ lw $6,-4($11)
+ #nop
+ multu $13,$6
+ mfhi $6
+ mflo $7
+ #nop
+ move $5,$8
+ move $4,$0
+ lw $3,-4($10)
+ addu $9,$9,-1
+ move $2,$0
+ addu $7,$7,$3
+ sltu $8,$7,$3
+ addu $6,$6,$2
+ addu $6,$6,$8
+ addu $7,$7,$5
+ sltu $2,$7,$5
+ addu $6,$6,$4
+ addu $6,$6,$2
+ srl $3,$6,0
+ move $2,$0
+ move $8,$3
+ .set noreorder
+ .set nomacro
+ beq $9,$0,$L3
+ sw $7,-4($10)
+ .set macro
+ .set reorder
+
+ lw $6,0($11)
+ #nop
+ multu $13,$6
+ mfhi $6
+ mflo $7
+ #nop
+ move $5,$8
+ move $4,$0
+ lw $3,0($10)
+ addu $9,$9,-1
+ move $2,$0
+ addu $7,$7,$3
+ sltu $8,$7,$3
+ addu $6,$6,$2
+ addu $6,$6,$8
+ addu $7,$7,$5
+ sltu $2,$7,$5
+ addu $6,$6,$4
+ addu $6,$6,$2
+ srl $3,$6,0
+ move $2,$0
+ move $8,$3
+ .set noreorder
+ .set nomacro
+ beq $9,$0,$L3
+ sw $7,0($10)
+ .set macro
+ .set reorder
+
+ addu $11,$11,16
+ addu $14,$14,16
+ addu $10,$10,16
+ .set noreorder
+ .set nomacro
+ j $L2
+ addu $12,$12,16
+ .set macro
+ .set reorder
+
+$L3:
+ .set noreorder
+ .set nomacro
+ j $31
+ move $2,$8
+ .set macro
+ .set reorder
+
+ .end bn_mul_add_words
+ .align 2
+ .globl bn_mul_words
+ .ent bn_mul_words
+bn_mul_words:
+ .frame $sp,0,$31 # vars= 0, regs= 0/0, args= 0, extra= 0
+ .mask 0x00000000,0
+ .fmask 0x00000000,0
+ .set noreorder
+ .cpload $25
+ .set reorder
+ move $11,$4
+ move $12,$5
+ move $8,$6
+ move $6,$0
+ addu $10,$11,12
+ addu $9,$12,12
+$L10:
+ lw $4,0($12)
+ #nop
+ multu $7,$4
+ mfhi $4
+ mflo $5
+ #nop
+ move $3,$6
+ move $2,$0
+ addu $8,$8,-1
+ addu $5,$5,$3
+ sltu $6,$5,$3
+ addu $4,$4,$2
+ addu $4,$4,$6
+ srl $3,$4,0
+ move $2,$0
+ move $6,$3
+ .set noreorder
+ .set nomacro
+ beq $8,$0,$L11
+ sw $5,0($11)
+ .set macro
+ .set reorder
+
+ lw $4,-8($9)
+ #nop
+ multu $7,$4
+ mfhi $4
+ mflo $5
+ #nop
+ move $3,$6
+ move $2,$0
+ addu $8,$8,-1
+ addu $5,$5,$3
+ sltu $6,$5,$3
+ addu $4,$4,$2
+ addu $4,$4,$6
+ srl $3,$4,0
+ move $2,$0
+ move $6,$3
+ .set noreorder
+ .set nomacro
+ beq $8,$0,$L11
+ sw $5,-8($10)
+ .set macro
+ .set reorder
+
+ lw $4,-4($9)
+ #nop
+ multu $7,$4
+ mfhi $4
+ mflo $5
+ #nop
+ move $3,$6
+ move $2,$0
+ addu $8,$8,-1
+ addu $5,$5,$3
+ sltu $6,$5,$3
+ addu $4,$4,$2
+ addu $4,$4,$6
+ srl $3,$4,0
+ move $2,$0
+ move $6,$3
+ .set noreorder
+ .set nomacro
+ beq $8,$0,$L11
+ sw $5,-4($10)
+ .set macro
+ .set reorder
+
+ lw $4,0($9)
+ #nop
+ multu $7,$4
+ mfhi $4
+ mflo $5
+ #nop
+ move $3,$6
+ move $2,$0
+ addu $8,$8,-1
+ addu $5,$5,$3
+ sltu $6,$5,$3
+ addu $4,$4,$2
+ addu $4,$4,$6
+ srl $3,$4,0
+ move $2,$0
+ move $6,$3
+ .set noreorder
+ .set nomacro
+ beq $8,$0,$L11
+ sw $5,0($10)
+ .set macro
+ .set reorder
+
+ addu $9,$9,16
+ addu $12,$12,16
+ addu $10,$10,16
+ .set noreorder
+ .set nomacro
+ j $L10
+ addu $11,$11,16
+ .set macro
+ .set reorder
+
+$L11:
+ .set noreorder
+ .set nomacro
+ j $31
+ move $2,$6
+ .set macro
+ .set reorder
+
+ .end bn_mul_words
+ .align 2
+ .globl bn_sqr_words
+ .ent bn_sqr_words
+bn_sqr_words:
+ .frame $sp,0,$31 # vars= 0, regs= 0/0, args= 0, extra= 0
+ .mask 0x00000000,0
+ .fmask 0x00000000,0
+ .set noreorder
+ .cpload $25
+ .set reorder
+ move $9,$4
+ addu $7,$9,28
+ addu $8,$5,12
+$L18:
+ lw $2,0($5)
+ #nop
+ multu $2,$2
+ mfhi $2
+ mflo $3
+ #nop
+ addu $6,$6,-1
+ sw $3,0($9)
+ srl $3,$2,0
+ move $2,$0
+ .set noreorder
+ .set nomacro
+ beq $6,$0,$L19
+ sw $3,-24($7)
+ .set macro
+ .set reorder
+
+ lw $2,-8($8)
+ #nop
+ multu $2,$2
+ mfhi $2
+ mflo $3
+ #nop
+ addu $6,$6,-1
+ sw $3,-20($7)
+ srl $3,$2,0
+ move $2,$0
+ .set noreorder
+ .set nomacro
+ beq $6,$0,$L19
+ sw $3,-16($7)
+ .set macro
+ .set reorder
+
+ lw $2,-4($8)
+ #nop
+ multu $2,$2
+ mfhi $2
+ mflo $3
+ #nop
+ addu $6,$6,-1
+ sw $3,-12($7)
+ srl $3,$2,0
+ move $2,$0
+ .set noreorder
+ .set nomacro
+ beq $6,$0,$L19
+ sw $3,-8($7)
+ .set macro
+ .set reorder
+
+ lw $2,0($8)
+ #nop
+ multu $2,$2
+ mfhi $2
+ mflo $3
+ #nop
+ addu $6,$6,-1
+ sw $3,-4($7)
+ srl $3,$2,0
+ move $2,$0
+ .set noreorder
+ .set nomacro
+ beq $6,$0,$L19
+ sw $3,0($7)
+ .set macro
+ .set reorder
+
+ addu $8,$8,16
+ addu $5,$5,16
+ addu $7,$7,32
+ .set noreorder
+ .set nomacro
+ j $L18
+ addu $9,$9,32
+ .set macro
+ .set reorder
+
+$L19:
+ j $31
+ .end bn_sqr_words
+ .rdata
+ .align 2
+$LC0:
+
+ .byte 0x44,0x69,0x76,0x69,0x73,0x69,0x6f,0x6e
+ .byte 0x20,0x77,0x6f,0x75,0x6c,0x64,0x20,0x6f
+ .byte 0x76,0x65,0x72,0x66,0x6c,0x6f,0x77,0xa
+ .byte 0x0
+ .text
+ .align 2
+ .globl bn_div64
+ .ent bn_div64
+bn_div64:
+ .frame $sp,56,$31 # vars= 0, regs= 7/0, args= 16, extra= 8
+ .mask 0x901f0000,-8
+ .fmask 0x00000000,0
+ .set noreorder
+ .cpload $25
+ .set reorder
+ subu $sp,$sp,56
+ .cprestore 16
+ sw $16,24($sp)
+ move $16,$4
+ sw $17,28($sp)
+ move $17,$5
+ sw $18,32($sp)
+ move $18,$6
+ sw $20,40($sp)
+ move $20,$0
+ sw $19,36($sp)
+ li $19,0x00000002 # 2
+ sw $31,48($sp)
+ .set noreorder
+ .set nomacro
+ bne $18,$0,$L26
+ sw $28,44($sp)
+ .set macro
+ .set reorder
+
+ .set noreorder
+ .set nomacro
+ j $L43
+ li $2,-1 # 0xffffffff
+ .set macro
+ .set reorder
+
+$L26:
+ move $4,$18
+ jal BN_num_bits_word
+ move $4,$2
+ li $2,0x00000020 # 32
+ .set noreorder
+ .set nomacro
+ beq $4,$2,$L27
+ li $2,0x00000001 # 1
+ .set macro
+ .set reorder
+
+ sll $2,$2,$4
+ sltu $2,$2,$16
+ .set noreorder
+ .set nomacro
+ beq $2,$0,$L44
+ li $5,0x00000020 # 32
+ .set macro
+ .set reorder
+
+ la $4,__iob+32
+ la $5,$LC0
+ jal fprintf
+ jal abort
+$L27:
+ li $5,0x00000020 # 32
+$L44:
+ sltu $2,$16,$18
+ .set noreorder
+ .set nomacro
+ bne $2,$0,$L28
+ subu $4,$5,$4
+ .set macro
+ .set reorder
+
+ subu $16,$16,$18
+$L28:
+ .set noreorder
+ .set nomacro
+ beq $4,$0,$L29
+ li $10,-65536 # 0xffff0000
+ .set macro
+ .set reorder
+
+ sll $18,$18,$4
+ sll $3,$16,$4
+ subu $2,$5,$4
+ srl $2,$17,$2
+ or $16,$3,$2
+ sll $17,$17,$4
+$L29:
+ srl $7,$18,16
+ andi $9,$18,0xffff
+$L30:
+ srl $2,$16,16
+ .set noreorder
+ .set nomacro
+ beq $2,$7,$L34
+ li $6,0x0000ffff # 65535
+ .set macro
+ .set reorder
+
+ divu $6,$16,$7
+$L34:
+ mult $6,$9
+ mflo $5
+ #nop
+ #nop
+ mult $6,$7
+ and $2,$17,$10
+ srl $8,$2,16
+ mflo $4
+$L35:
+ subu $3,$16,$4
+ and $2,$3,$10
+ .set noreorder
+ .set nomacro
+ bne $2,$0,$L36
+ sll $2,$3,16
+ .set macro
+ .set reorder
+
+ addu $2,$2,$8
+ sltu $2,$2,$5
+ .set noreorder
+ .set nomacro
+ beq $2,$0,$L36
+ subu $5,$5,$9
+ .set macro
+ .set reorder
+
+ subu $4,$4,$7
+ .set noreorder
+ .set nomacro
+ j $L35
+ addu $6,$6,-1
+ .set macro
+ .set reorder
+
+$L36:
+ mult $6,$7
+ mflo $5
+ #nop
+ #nop
+ mult $6,$9
+ mflo $4
+ #nop
+ #nop
+ srl $3,$4,16
+ sll $2,$4,16
+ and $4,$2,$10
+ sltu $2,$17,$4
+ .set noreorder
+ .set nomacro
+ beq $2,$0,$L40
+ addu $5,$5,$3
+ .set macro
+ .set reorder
+
+ addu $5,$5,1
+$L40:
+ sltu $2,$16,$5
+ .set noreorder
+ .set nomacro
+ beq $2,$0,$L41
+ subu $17,$17,$4
+ .set macro
+ .set reorder
+
+ addu $16,$16,$18
+ addu $6,$6,-1
+$L41:
+ addu $19,$19,-1
+ .set noreorder
+ .set nomacro
+ beq $19,$0,$L31
+ subu $16,$16,$5
+ .set macro
+ .set reorder
+
+ sll $20,$6,16
+ sll $3,$16,16
+ srl $2,$17,16
+ or $16,$3,$2
+ .set noreorder
+ .set nomacro
+ j $L30
+ sll $17,$17,16
+ .set macro
+ .set reorder
+
+$L31:
+ or $2,$20,$6
+$L43:
+ lw $31,48($sp)
+ lw $20,40($sp)
+ lw $19,36($sp)
+ lw $18,32($sp)
+ lw $17,28($sp)
+ lw $16,24($sp)
+ addu $sp,$sp,56
+ j $31
+ .end bn_div64
+
+ .globl abort .text
+ .globl fprintf .text
+ .globl BN_num_bits_word .text
diff --git a/src/lib/libssl/src/crypto/bn/bn_add.c b/src/lib/libssl/src/crypto/bn/bn_add.c
new file mode 100644
index 0000000000..efb2e312e8
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bn/bn_add.c
@@ -0,0 +1,167 @@
+/* crypto/bn/bn_add.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+/* r can == a or b */
+int BN_add(r, a, b)
+BIGNUM *r;
+BIGNUM *a;
+BIGNUM *b;
+ {
+ int i;
+ BIGNUM *tmp;
+
+ /* a + b a+b
+ * a + -b a-b
+ * -a + b b-a
+ * -a + -b -(a+b)
+ */
+ if (a->neg ^ b->neg)
+ {
+ /* only one is negative */
+ if (a->neg)
+ { tmp=a; a=b; b=tmp; }
+
+ /* we are now a - b */
+
+ if (BN_ucmp(a,b) < 0)
+ {
+ if (bn_wexpand(r,b->top) == NULL) return(0);
+ bn_qsub(r,b,a);
+ r->neg=1;
+ }
+ else
+ {
+ if (bn_wexpand(r,a->top) == NULL) return(0);
+ bn_qsub(r,a,b);
+ r->neg=0;
+ }
+ return(1);
+ }
+
+ if (a->neg) /* both are neg */
+ r->neg=1;
+ else
+ r->neg=0;
+
+ i=(a->top > b->top);
+
+ if (i)
+ {
+ if (bn_wexpand(r,a->top+1) == NULL) return(0);
+ bn_qadd(r,a,b);
+ }
+ else
+ {
+ if (bn_wexpand(r,b->top+1) == NULL) return(0);
+ bn_qadd(r,b,a);
+ }
+ return(1);
+ }
+
+/* unsigned add of b to a, r must be large enough */
+void bn_qadd(r,a,b)
+BIGNUM *r;
+BIGNUM *a;
+BIGNUM *b;
+ {
+ register int i;
+ int max,min;
+ BN_ULONG *ap,*bp,*rp,carry,t1;
+
+ max=a->top;
+ min=b->top;
+ r->top=max;
+
+ ap=a->d;
+ bp=b->d;
+ rp=r->d;
+ carry=0;
+
+ carry=bn_add_words(rp,ap,bp,min);
+ rp+=min;
+ ap+=min;
+ bp+=min;
+ i=min;
+
+ if (carry)
+ {
+ while (i < max)
+ {
+ i++;
+ t1= *(ap++);
+ if ((*(rp++)=(t1+1)&BN_MASK2) >= t1)
+ {
+ carry=0;
+ break;
+ }
+ }
+ if ((i >= max) && carry)
+ {
+ *(rp++)=1;
+ r->top++;
+ }
+ }
+ for (; i<max; i++)
+ *(rp++)= *(ap++);
+ /* memcpy(rp,ap,sizeof(*ap)*(max-i));*/
+ }
+
diff --git a/src/lib/libssl/src/crypto/bn/bn_blind.c b/src/lib/libssl/src/crypto/bn/bn_blind.c
new file mode 100644
index 0000000000..a7b34f0bf0
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bn/bn_blind.c
@@ -0,0 +1,143 @@
+/* crypto/bn/bn_blind.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+BN_BLINDING *BN_BLINDING_new(A,Ai,mod)
+BIGNUM *A;
+BIGNUM *Ai;
+BIGNUM *mod;
+ {
+ BN_BLINDING *ret=NULL;
+
+ if ((ret=(BN_BLINDING *)Malloc(sizeof(BN_BLINDING))) == NULL)
+ BNerr(BN_F_BN_BLINDING_NEW,ERR_R_MALLOC_FAILURE);
+ memset(ret,0,sizeof(BN_BLINDING));
+ if ((ret->A=BN_new()) == NULL) goto err;
+ if ((ret->Ai=BN_new()) == NULL) goto err;
+ if (!BN_copy(ret->A,A)) goto err;
+ if (!BN_copy(ret->Ai,Ai)) goto err;
+ ret->mod=mod;
+ return(ret);
+err:
+ if (ret != NULL) BN_BLINDING_free(ret);
+ return(ret);
+ }
+
+void BN_BLINDING_free(r)
+BN_BLINDING *r;
+ {
+ if (r->A != NULL) BN_free(r->A );
+ if (r->Ai != NULL) BN_free(r->Ai);
+ Free(r);
+ }
+
+int BN_BLINDING_update(b,ctx)
+BN_BLINDING *b;
+BN_CTX *ctx;
+ {
+ int ret=0;
+
+ if ((b->A == NULL) || (b->Ai == NULL))
+ {
+ BNerr(BN_F_BN_BLINDING_UPDATE,BN_R_NOT_INITALISED);
+ goto err;
+ }
+
+ if (!BN_mod_mul(b->A,b->A,b->A,b->mod,ctx)) goto err;
+ if (!BN_mod_mul(b->Ai,b->Ai,b->Ai,b->mod,ctx)) goto err;
+
+ ret=1;
+err:
+ return(ret);
+ }
+
+int BN_BLINDING_convert(n,b,ctx)
+BIGNUM *n;
+BN_BLINDING *b;
+BN_CTX *ctx;
+ {
+ if ((b->A == NULL) || (b->Ai == NULL))
+ {
+ BNerr(BN_F_BN_BLINDING_CONVERT,BN_R_NOT_INITALISED);
+ return(0);
+ }
+ return(BN_mod_mul(n,n,b->A,b->mod,ctx));
+ }
+
+int BN_BLINDING_invert(n,b,ctx)
+BIGNUM *n;
+BN_BLINDING *b;
+BN_CTX *ctx;
+ {
+ int ret;
+ if ((b->A == NULL) || (b->Ai == NULL))
+ {
+ BNerr(BN_F_BN_BLINDING_INVERT,BN_R_NOT_INITALISED);
+ return(0);
+ }
+ if ((ret=BN_mod_mul(n,n,b->Ai,b->mod,ctx)) >= 0)
+ {
+ if (!BN_BLINDING_update(b,ctx))
+ return(0);
+ }
+ return(ret);
+ }
+
diff --git a/src/lib/libssl/src/crypto/bn/bn_div.c b/src/lib/libssl/src/crypto/bn/bn_div.c
new file mode 100644
index 0000000000..2263bdc7da
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bn/bn_div.c
@@ -0,0 +1,286 @@
+/* crypto/bn/bn_div.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+/* The old slow way */
+#if 0
+int BN_div(dv, rem, m, d,ctx)
+BIGNUM *dv;
+BIGNUM *rem;
+BIGNUM *m;
+BIGNUM *d;
+BN_CTX *ctx;
+ {
+ int i,nm,nd;
+ BIGNUM *D;
+
+ if (BN_is_zero(d))
+ {
+ BNerr(BN_F_BN_DIV,BN_R_DIV_BY_ZERO);
+ return(0);
+ }
+
+ if (BN_ucmp(m,d) < 0)
+ {
+ if (rem != NULL)
+ { if (BN_copy(rem,m) == NULL) return(0); }
+ if (dv != NULL) BN_zero(dv);
+ return(1);
+ }
+
+ D=ctx->bn[ctx->tos];
+ if (dv == NULL) dv=ctx->bn[ctx->tos+1];
+ if (rem == NULL) rem=ctx->bn[ctx->tos+2];
+
+ nd=BN_num_bits(d);
+ nm=BN_num_bits(m);
+ if (BN_copy(D,d) == NULL) return(0);
+ if (BN_copy(rem,m) == NULL) return(0);
+
+ /* The next 2 are needed so we can do a dv->d[0]|=1 later
+ * since BN_lshift1 will only work once there is a value :-) */
+ BN_zero(dv);
+ dv->top=1;
+
+ if (!BN_lshift(D,D,nm-nd)) return(0);
+ for (i=nm-nd; i>=0; i--)
+ {
+ if (!BN_lshift1(dv,dv)) return(0);
+ if (BN_ucmp(rem,D) >= 0)
+ {
+ dv->d[0]|=1;
+ bn_qsub(rem,rem,D);
+ }
+/* CAN IMPROVE (and have now :=) */
+ if (!BN_rshift1(D,D)) return(0);
+ }
+ rem->neg=BN_is_zero(rem)?0:m->neg;
+ dv->neg=m->neg^d->neg;
+ return(1);
+ }
+
+#else
+
+int BN_div(dv, rm, num, divisor,ctx)
+BIGNUM *dv;
+BIGNUM *rm;
+BIGNUM *num;
+BIGNUM *divisor;
+BN_CTX *ctx;
+ {
+ int norm_shift,i,j,loop;
+ BIGNUM *tmp,wnum,*snum,*sdiv,*res;
+ BN_ULONG *resp,*wnump;
+ BN_ULONG d0,d1;
+ int num_n,div_n;
+
+ if (BN_is_zero(divisor))
+ {
+ BNerr(BN_F_BN_DIV,BN_R_DIV_BY_ZERO);
+ return(0);
+ }
+
+ if (BN_ucmp(num,divisor) < 0)
+ {
+ if (rm != NULL)
+ { if (BN_copy(rm,num) == NULL) return(0); }
+ if (dv != NULL) BN_zero(dv);
+ return(1);
+ }
+
+ tmp=ctx->bn[ctx->tos];
+ tmp->neg=0;
+ snum=ctx->bn[ctx->tos+1];
+ sdiv=ctx->bn[ctx->tos+2];
+ if (dv == NULL)
+ res=ctx->bn[ctx->tos+3];
+ else res=dv;
+
+ /* First we normalise the numbers */
+ norm_shift=BN_BITS2-((BN_num_bits(divisor))%BN_BITS2);
+ BN_lshift(sdiv,divisor,norm_shift);
+ sdiv->neg=0;
+ norm_shift+=BN_BITS2;
+ BN_lshift(snum,num,norm_shift);
+ snum->neg=0;
+ div_n=sdiv->top;
+ num_n=snum->top;
+ loop=num_n-div_n;
+
+ /* Lets setup a 'window' into snum
+ * This is the part that corresponds to the current
+ * 'area' being divided */
+ wnum.d= &(snum->d[loop]);
+ wnum.top= div_n;
+ wnum.max= snum->max; /* a bit of a lie */
+ wnum.neg= 0;
+
+ /* Get the top 2 words of sdiv */
+ /* i=sdiv->top; */
+ d0=sdiv->d[div_n-1];
+ d1=(div_n == 1)?0:sdiv->d[div_n-2];
+
+ /* pointer to the 'top' of snum */
+ wnump= &(snum->d[num_n-1]);
+
+ /* Setup to 'res' */
+ res->neg= (num->neg^divisor->neg);
+ res->top=loop;
+ if (!bn_wexpand(res,(loop+1))) goto err;
+ resp= &(res->d[loop-1]);
+
+ /* space for temp */
+ if (!bn_wexpand(tmp,(div_n+1))) goto err;
+
+ if (BN_ucmp(&wnum,sdiv) >= 0)
+ {
+ bn_qsub(&wnum,&wnum,sdiv);
+ *resp=1;
+ res->d[res->top-1]=1;
+ }
+ else
+ res->top--;
+ resp--;
+
+ for (i=0; i<loop-1; i++)
+ {
+ BN_ULONG q,n0,n1;
+ BN_ULONG l0;
+
+ wnum.d--; wnum.top++;
+ n0=wnump[0];
+ n1=wnump[-1];
+ if (n0 == d0)
+ q=BN_MASK2;
+ else
+ q=bn_div64(n0,n1,d0);
+ {
+#ifdef BN_LLONG
+ BN_ULLONG t1,t2,rem;
+ t1=((BN_ULLONG)n0<<BN_BITS2)|n1;
+ for (;;)
+ {
+ t2=(BN_ULLONG)d1*q;
+ rem=t1-(BN_ULLONG)q*d0;
+ if ((rem>>BN_BITS2) ||
+ (t2 <= ((BN_ULLONG)(rem<<BN_BITS2)+wnump[-2])))
+ break;
+ q--;
+ }
+#else
+ BN_ULONG t1l,t1h,t2l,t2h,t3l,t3h,ql,qh,t3t;
+ t1h=n0;
+ t1l=n1;
+ for (;;)
+ {
+ t2l=LBITS(d1); t2h=HBITS(d1);
+ ql =LBITS(q); qh =HBITS(q);
+ mul64(t2l,t2h,ql,qh); /* t2=(BN_ULLONG)d1*q; */
+
+ t3t=LBITS(d0); t3h=HBITS(d0);
+ mul64(t3t,t3h,ql,qh); /* t3=t1-(BN_ULLONG)q*d0; */
+ t3l=(t1l-t3t)&BN_MASK2;
+ if (t3l > t1l) t3h++;
+ t3h=(t1h-t3h)&BN_MASK2;
+
+ /*if ((t3>>BN_BITS2) ||
+ (t2 <= ((t3<<BN_BITS2)+wnump[-2])))
+ break; */
+ if (t3h) break;
+ if (t2h < t3l) break;
+ if ((t2h == t3l) && (t2l <= wnump[-2])) break;
+
+ q--;
+ }
+#endif
+ }
+ l0=bn_mul_words(tmp->d,sdiv->d,div_n,q);
+ tmp->d[div_n]=l0;
+ for (j=div_n+1; j>0; j--)
+ if (tmp->d[j-1]) break;
+ tmp->top=j;
+
+ j=wnum.top;
+ BN_sub(&wnum,&wnum,tmp);
+
+ snum->top=snum->top+wnum.top-j;
+
+ if (wnum.neg)
+ {
+ q--;
+ j=wnum.top;
+ BN_add(&wnum,&wnum,sdiv);
+ snum->top+=wnum.top-j;
+ }
+ *(resp--)=q;
+ wnump--;
+ }
+ if (rm != NULL)
+ {
+ BN_rshift(rm,snum,norm_shift);
+ rm->neg=num->neg;
+ }
+ return(1);
+err:
+ return(0);
+ }
+
+#endif
diff --git a/src/lib/libssl/src/crypto/bn/bn_err.c b/src/lib/libssl/src/crypto/bn/bn_err.c
new file mode 100644
index 0000000000..029ae810d5
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bn/bn_err.c
@@ -0,0 +1,111 @@
+/* lib/bn/bn_err.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include "err.h"
+#include "bn.h"
+
+/* BEGIN ERROR CODES */
+#ifndef NO_ERR
+static ERR_STRING_DATA BN_str_functs[]=
+ {
+{ERR_PACK(0,BN_F_BN_BLINDING_CONVERT,0), "BN_BLINDING_convert"},
+{ERR_PACK(0,BN_F_BN_BLINDING_INVERT,0), "BN_BLINDING_invert"},
+{ERR_PACK(0,BN_F_BN_BLINDING_NEW,0), "BN_BLINDING_new"},
+{ERR_PACK(0,BN_F_BN_BLINDING_UPDATE,0), "BN_BLINDING_update"},
+{ERR_PACK(0,BN_F_BN_BN2DEC,0), "BN_bn2dec"},
+{ERR_PACK(0,BN_F_BN_BN2HEX,0), "BN_bn2hex"},
+{ERR_PACK(0,BN_F_BN_CTX_NEW,0), "BN_CTX_new"},
+{ERR_PACK(0,BN_F_BN_DIV,0), "BN_div"},
+{ERR_PACK(0,BN_F_BN_EXPAND2,0), "bn_expand2"},
+{ERR_PACK(0,BN_F_BN_MOD_EXP_MONT,0), "BN_mod_exp_mont"},
+{ERR_PACK(0,BN_F_BN_MOD_INVERSE,0), "BN_mod_inverse"},
+{ERR_PACK(0,BN_F_BN_MOD_MUL_RECIPROCAL,0), "BN_mod_mul_reciprocal"},
+{ERR_PACK(0,BN_F_BN_MPI2BN,0), "BN_mpi2bn"},
+{ERR_PACK(0,BN_F_BN_NEW,0), "BN_new"},
+{ERR_PACK(0,BN_F_BN_RAND,0), "BN_rand"},
+{0,NULL},
+ };
+
+static ERR_STRING_DATA BN_str_reasons[]=
+ {
+{BN_R_BAD_RECIPROCAL ,"bad reciprocal"},
+{BN_R_CALLED_WITH_EVEN_MODULUS ,"called with even modulus"},
+{BN_R_DIV_BY_ZERO ,"div by zero"},
+{BN_R_ENCODING_ERROR ,"encoding error"},
+{BN_R_INVALID_LENGTH ,"invalid length"},
+{BN_R_NOT_INITALISED ,"not initalised"},
+{BN_R_NO_INVERSE ,"no inverse"},
+{0,NULL},
+ };
+
+#endif
+
+void ERR_load_BN_strings()
+ {
+ static int init=1;
+
+ if (init);
+ {;
+ init=0;
+#ifndef NO_ERR
+ ERR_load_strings(ERR_LIB_BN,BN_str_functs);
+ ERR_load_strings(ERR_LIB_BN,BN_str_reasons);
+#endif
+
+ }
+ }
diff --git a/src/lib/libssl/src/crypto/bn/bn_exp.c b/src/lib/libssl/src/crypto/bn/bn_exp.c
new file mode 100644
index 0000000000..c056a5083f
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bn/bn_exp.c
@@ -0,0 +1,553 @@
+/* crypto/bn/bn_exp.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+/* slow but works */
+int BN_mod_mul(ret, a, b, m, ctx)
+BIGNUM *ret;
+BIGNUM *a;
+BIGNUM *b;
+BIGNUM *m;
+BN_CTX *ctx;
+ {
+ BIGNUM *t;
+ int r=0;
+
+ t=ctx->bn[ctx->tos++];
+ if (a == b)
+ { if (!BN_sqr(t,a,ctx)) goto err; }
+ else
+ { if (!BN_mul(t,a,b)) goto err; }
+ if (!BN_mod(ret,t,m,ctx)) goto err;
+ r=1;
+err:
+ ctx->tos--;
+ return(r);
+ }
+
+#if 0
+/* this one works - simple but works */
+int BN_mod_exp(r,a,p,m,ctx)
+BIGNUM *r,*a,*p,*m;
+BN_CTX *ctx;
+ {
+ int i,bits,ret=0;
+ BIGNUM *v,*tmp;
+
+ v=ctx->bn[ctx->tos++];
+ tmp=ctx->bn[ctx->tos++];
+
+ if (BN_copy(v,a) == NULL) goto err;
+ bits=BN_num_bits(p);
+
+ if (BN_is_odd(p))
+ { if (BN_copy(r,a) == NULL) goto err; }
+ else { if (BN_one(r)) goto err; }
+
+ for (i=1; i<bits; i++)
+ {
+ if (!BN_sqr(tmp,v,ctx)) goto err;
+ if (!BN_mod(v,tmp,m,ctx)) goto err;
+ if (BN_is_bit_set(p,i))
+ {
+ if (!BN_mul(tmp,r,v)) goto err;
+ if (!BN_mod(r,tmp,m,ctx)) goto err;
+ }
+ }
+ ret=1;
+err:
+ ctx->tos-=2;
+ return(ret);
+ }
+
+#endif
+
+/* this one works - simple but works */
+int BN_exp(r,a,p,ctx)
+BIGNUM *r,*a,*p;
+BN_CTX *ctx;
+ {
+ int i,bits,ret=0;
+ BIGNUM *v,*tmp;
+
+ v=ctx->bn[ctx->tos++];
+ tmp=ctx->bn[ctx->tos++];
+
+ if (BN_copy(v,a) == NULL) goto err;
+ bits=BN_num_bits(p);
+
+ if (BN_is_odd(p))
+ { if (BN_copy(r,a) == NULL) goto err; }
+ else { if (BN_one(r)) goto err; }
+
+ for (i=1; i<bits; i++)
+ {
+ if (!BN_sqr(tmp,v,ctx)) goto err;
+ if (BN_is_bit_set(p,i))
+ {
+ if (!BN_mul(tmp,r,v)) goto err;
+ }
+ }
+ ret=1;
+err:
+ ctx->tos-=2;
+ return(ret);
+ }
+
+int BN_mod_exp(r,a,p,m,ctx)
+BIGNUM *r;
+BIGNUM *a;
+BIGNUM *p;
+BIGNUM *m;
+BN_CTX *ctx;
+ {
+ int ret;
+
+#ifdef MONT_MUL_MOD
+ /* I have finally been able to take out this pre-condition of
+ * the top bit being set. It was caused by an error in BN_div
+ * with negatives. There was also another problem when for a^b%m
+ * a >= m. eay 07-May-97 */
+/* if ((m->d[m->top-1]&BN_TBIT) && BN_is_odd(m)) */
+
+ if (BN_is_odd(m))
+ { ret=BN_mod_exp_mont(r,a,p,m,ctx,NULL); }
+ else
+#endif
+#ifdef RECP_MUL_MOD
+ { ret=BN_mod_exp_recp(r,a,p,m,ctx); }
+#else
+ { ret=BN_mod_exp_simple(r,a,p,m,ctx); }
+#endif
+
+ return(ret);
+ }
+
+/* #ifdef RECP_MUL_MOD */
+int BN_mod_exp_recp(r,a,p,m,ctx)
+BIGNUM *r;
+BIGNUM *a;
+BIGNUM *p;
+BIGNUM *m;
+BN_CTX *ctx;
+ {
+ int nb,i,j,bits,ret=0,wstart,wend,window,wvalue;
+ int start=1;
+ BIGNUM *d,*aa;
+ BIGNUM *val[16];
+
+ d=ctx->bn[ctx->tos++];
+ aa=ctx->bn[ctx->tos++];
+ bits=BN_num_bits(p);
+
+ if (bits == 0)
+ {
+ BN_one(r);
+ return(1);
+ }
+ nb=BN_reciprocal(d,m,ctx);
+ if (nb == -1) goto err;
+
+ val[0]=BN_new();
+ if (!BN_mod(val[0],a,m,ctx)) goto err; /* 1 */
+ if (!BN_mod_mul_reciprocal(aa,val[0],val[0],m,d,nb,ctx))
+ goto err; /* 2 */
+
+ if (bits <= 17) /* This is probably 3 or 0x10001, so just do singles */
+ window=1;
+ else if (bits >= 256)
+ window=5; /* max size of window */
+ else if (bits >= 128)
+ window=4;
+ else
+ window=3;
+
+ j=1<<(window-1);
+ for (i=1; i<j; i++)
+ {
+ val[i]=BN_new();
+ if (!BN_mod_mul_reciprocal(val[i],val[i-1],aa,m,d,nb,ctx))
+ goto err;
+ }
+ for (; i<16; i++)
+ val[i]=NULL;
+
+ start=1; /* This is used to avoid multiplication etc
+ * when there is only the value '1' in the
+ * buffer. */
+ wvalue=0; /* The 'value' of the window */
+ wstart=bits-1; /* The top bit of the window */
+ wend=0; /* The bottom bit of the window */
+
+ if (!BN_one(r)) goto err;
+
+ for (;;)
+ {
+ if (BN_is_bit_set(p,wstart) == 0)
+ {
+ if (!start)
+ if (!BN_mod_mul_reciprocal(r,r,r,m,d,nb,ctx))
+ goto err;
+ if (wstart == 0) break;
+ wstart--;
+ continue;
+ }
+ /* We now have wstart on a 'set' bit, we now need to work out
+ * how bit a window to do. To do this we need to scan
+ * forward until the last set bit before the end of the
+ * window */
+ j=wstart;
+ wvalue=1;
+ wend=0;
+ for (i=1; i<window; i++)
+ {
+ if (wstart-i < 0) break;
+ if (BN_is_bit_set(p,wstart-i))
+ {
+ wvalue<<=(i-wend);
+ wvalue|=1;
+ wend=i;
+ }
+ }
+
+ /* wend is the size of the current window */
+ j=wend+1;
+ /* add the 'bytes above' */
+ if (!start)
+ for (i=0; i<j; i++)
+ {
+ if (!BN_mod_mul_reciprocal(r,r,r,m,d,nb,ctx))
+ goto err;
+ }
+
+ /* wvalue will be an odd number < 2^window */
+ if (!BN_mod_mul_reciprocal(r,r,val[wvalue>>1],m,d,nb,ctx))
+ goto err;
+
+ /* move the 'window' down further */
+ wstart-=wend+1;
+ wvalue=0;
+ start=0;
+ if (wstart < 0) break;
+ }
+ ret=1;
+err:
+ ctx->tos-=2;
+ for (i=0; i<16; i++)
+ if (val[i] != NULL) BN_clear_free(val[i]);
+ return(ret);
+ }
+/* #endif */
+
+/* #ifdef MONT_MUL_MOD */
+int BN_mod_exp_mont(r,a,p,m,ctx,in_mont)
+BIGNUM *r;
+BIGNUM *a;
+BIGNUM *p;
+BIGNUM *m;
+BN_CTX *ctx;
+BN_MONT_CTX *in_mont;
+ {
+#define TABLE_SIZE 16
+ int i,j,bits,ret=0,wstart,wend,window,wvalue;
+ int start=1;
+ BIGNUM *d,*aa;
+ BIGNUM *val[TABLE_SIZE];
+ BN_MONT_CTX *mont=NULL;
+
+ if (!(m->d[0] & 1))
+ {
+ BNerr(BN_F_BN_MOD_EXP_MONT,BN_R_CALLED_WITH_EVEN_MODULUS);
+ return(0);
+ }
+ d=ctx->bn[ctx->tos++];
+ bits=BN_num_bits(p);
+ if (bits == 0)
+ {
+ BN_one(r);
+ return(1);
+ }
+
+ /* If this is not done, things will break in the montgomery
+ * part */
+
+#if 1
+ if (in_mont != NULL)
+ mont=in_mont;
+ else
+#endif
+ {
+ if ((mont=BN_MONT_CTX_new()) == NULL) goto err;
+ if (!BN_MONT_CTX_set(mont,m,ctx)) goto err;
+ }
+
+ val[0]=BN_new();
+ if (BN_ucmp(a,m) >= 0)
+ {
+ BN_mod(val[0],a,m,ctx);
+ aa=val[0];
+ }
+ else
+ aa=a;
+ if (!BN_to_montgomery(val[0],aa,mont,ctx)) goto err; /* 1 */
+ if (!BN_mod_mul_montgomery(d,val[0],val[0],mont,ctx)) goto err; /* 2 */
+
+ if (bits <= 20) /* This is probably 3 or 0x10001, so just do singles */
+ window=1;
+ else if (bits > 250)
+ window=5; /* max size of window */
+ else if (bits >= 120)
+ window=4;
+ else
+ window=3;
+
+ j=1<<(window-1);
+ for (i=1; i<j; i++)
+ {
+ val[i]=BN_new();
+ if (!BN_mod_mul_montgomery(val[i],val[i-1],d,mont,ctx))
+ goto err;
+ }
+ for (; i<TABLE_SIZE; i++)
+ val[i]=NULL;
+
+ start=1; /* This is used to avoid multiplication etc
+ * when there is only the value '1' in the
+ * buffer. */
+ wvalue=0; /* The 'value' of the window */
+ wstart=bits-1; /* The top bit of the window */
+ wend=0; /* The bottom bit of the window */
+
+ if (!BN_to_montgomery(r,BN_value_one(),mont,ctx)) goto err;
+ for (;;)
+ {
+ if (BN_is_bit_set(p,wstart) == 0)
+ {
+ if (!start)
+ {
+ if (!BN_mod_mul_montgomery(r,r,r,mont,ctx))
+ goto err;
+ }
+ if (wstart == 0) break;
+ wstart--;
+ continue;
+ }
+ /* We now have wstart on a 'set' bit, we now need to work out
+ * how bit a window to do. To do this we need to scan
+ * forward until the last set bit before the end of the
+ * window */
+ j=wstart;
+ wvalue=1;
+ wend=0;
+ for (i=1; i<window; i++)
+ {
+ if (wstart-i < 0) break;
+ if (BN_is_bit_set(p,wstart-i))
+ {
+ wvalue<<=(i-wend);
+ wvalue|=1;
+ wend=i;
+ }
+ }
+
+ /* wend is the size of the current window */
+ j=wend+1;
+ /* add the 'bytes above' */
+ if (!start)
+ for (i=0; i<j; i++)
+ {
+ if (!BN_mod_mul_montgomery(r,r,r,mont,ctx))
+ goto err;
+ }
+
+ /* wvalue will be an odd number < 2^window */
+ if (!BN_mod_mul_montgomery(r,r,val[wvalue>>1],mont,ctx))
+ goto err;
+
+ /* move the 'window' down further */
+ wstart-=wend+1;
+ wvalue=0;
+ start=0;
+ if (wstart < 0) break;
+ }
+ BN_from_montgomery(r,r,mont,ctx);
+ ret=1;
+err:
+ if ((in_mont == NULL) && (mont != NULL)) BN_MONT_CTX_free(mont);
+ ctx->tos--;
+ for (i=0; i<TABLE_SIZE; i++)
+ if (val[i] != NULL) BN_clear_free(val[i]);
+ return(ret);
+ }
+/* #endif */
+
+/* The old fallback, simple version :-) */
+int BN_mod_exp_simple(r,a,p,m,ctx)
+BIGNUM *r;
+BIGNUM *a;
+BIGNUM *p;
+BIGNUM *m;
+BN_CTX *ctx;
+ {
+ int i,j,bits,ret=0,wstart,wend,window,wvalue;
+ int start=1;
+ BIGNUM *d;
+ BIGNUM *val[16];
+
+ d=ctx->bn[ctx->tos++];
+ bits=BN_num_bits(p);
+
+ if (bits == 0)
+ {
+ BN_one(r);
+ return(1);
+ }
+
+ val[0]=BN_new();
+ if (!BN_mod(val[0],a,m,ctx)) goto err; /* 1 */
+ if (!BN_mod_mul(d,val[0],val[0],m,ctx))
+ goto err; /* 2 */
+
+ if (bits <= 17) /* This is probably 3 or 0x10001, so just do singles */
+ window=1;
+ else if (bits >= 256)
+ window=5; /* max size of window */
+ else if (bits >= 128)
+ window=4;
+ else
+ window=3;
+
+ j=1<<(window-1);
+ for (i=1; i<j; i++)
+ {
+ val[i]=BN_new();
+ if (!BN_mod_mul(val[i],val[i-1],d,m,ctx))
+ goto err;
+ }
+ for (; i<16; i++)
+ val[i]=NULL;
+
+ start=1; /* This is used to avoid multiplication etc
+ * when there is only the value '1' in the
+ * buffer. */
+ wvalue=0; /* The 'value' of the window */
+ wstart=bits-1; /* The top bit of the window */
+ wend=0; /* The bottom bit of the window */
+
+ if (!BN_one(r)) goto err;
+
+ for (;;)
+ {
+ if (BN_is_bit_set(p,wstart) == 0)
+ {
+ if (!start)
+ if (!BN_mod_mul(r,r,r,m,ctx))
+ goto err;
+ if (wstart == 0) break;
+ wstart--;
+ continue;
+ }
+ /* We now have wstart on a 'set' bit, we now need to work out
+ * how bit a window to do. To do this we need to scan
+ * forward until the last set bit before the end of the
+ * window */
+ j=wstart;
+ wvalue=1;
+ wend=0;
+ for (i=1; i<window; i++)
+ {
+ if (wstart-i < 0) break;
+ if (BN_is_bit_set(p,wstart-i))
+ {
+ wvalue<<=(i-wend);
+ wvalue|=1;
+ wend=i;
+ }
+ }
+
+ /* wend is the size of the current window */
+ j=wend+1;
+ /* add the 'bytes above' */
+ if (!start)
+ for (i=0; i<j; i++)
+ {
+ if (!BN_mod_mul(r,r,r,m,ctx))
+ goto err;
+ }
+
+ /* wvalue will be an odd number < 2^window */
+ if (!BN_mod_mul(r,r,val[wvalue>>1],m,ctx))
+ goto err;
+
+ /* move the 'window' down further */
+ wstart-=wend+1;
+ wvalue=0;
+ start=0;
+ if (wstart < 0) break;
+ }
+ ret=1;
+err:
+ ctx->tos--;
+ for (i=0; i<16; i++)
+ if (val[i] != NULL) BN_clear_free(val[i]);
+ return(ret);
+ }
+
diff --git a/src/lib/libssl/src/crypto/bn/bn_gcd.c b/src/lib/libssl/src/crypto/bn/bn_gcd.c
new file mode 100644
index 0000000000..071bba3b4b
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bn/bn_gcd.c
@@ -0,0 +1,203 @@
+/* crypto/bn/bn_gcd.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+#ifndef NOPROTO
+static BIGNUM *euclid(BIGNUM *a, BIGNUM *b);
+#else
+static BIGNUM *euclid();
+#endif
+
+int BN_gcd(r,in_a,in_b,ctx)
+BIGNUM *r,*in_a,*in_b;
+BN_CTX *ctx;
+ {
+ BIGNUM *a,*b,*t;
+ int ret=0;
+
+ a=ctx->bn[ctx->tos];
+ b=ctx->bn[ctx->tos+1];
+
+ if (BN_copy(a,in_a) == NULL) goto err;
+ if (BN_copy(b,in_b) == NULL) goto err;
+
+ if (BN_cmp(a,b) < 0) { t=a; a=b; b=t; }
+ t=euclid(a,b);
+ if (t == NULL) goto err;
+
+ if (BN_copy(r,t) == NULL) goto err;
+ ret=1;
+err:
+ return(ret);
+ }
+
+static BIGNUM *euclid(a,b)
+BIGNUM *a,*b;
+ {
+ BIGNUM *t;
+ int shifts=0;
+
+ for (;;)
+ {
+ if (BN_is_zero(b))
+ break;
+
+ if (BN_is_odd(a))
+ {
+ if (BN_is_odd(b))
+ {
+ if (!BN_sub(a,a,b)) goto err;
+ if (!BN_rshift1(a,a)) goto err;
+ if (BN_cmp(a,b) < 0)
+ { t=a; a=b; b=t; }
+ }
+ else /* a odd - b even */
+ {
+ if (!BN_rshift1(b,b)) goto err;
+ if (BN_cmp(a,b) < 0)
+ { t=a; a=b; b=t; }
+ }
+ }
+ else /* a is even */
+ {
+ if (BN_is_odd(b))
+ {
+ if (!BN_rshift1(a,a)) goto err;
+ if (BN_cmp(a,b) < 0)
+ { t=a; a=b; b=t; }
+ }
+ else /* a even - b even */
+ {
+ if (!BN_rshift1(a,a)) goto err;
+ if (!BN_rshift1(b,b)) goto err;
+ shifts++;
+ }
+ }
+ }
+ if (shifts)
+ {
+ if (!BN_lshift(a,a,shifts)) goto err;
+ }
+ return(a);
+err:
+ return(NULL);
+ }
+
+/* solves ax == 1 (mod n) */
+BIGNUM *BN_mod_inverse(a, n, ctx)
+BIGNUM *a;
+BIGNUM *n;
+BN_CTX *ctx;
+ {
+ BIGNUM *A,*B,*X,*Y,*M,*D,*R;
+ BIGNUM *ret=NULL,*T;
+ int sign;
+
+ A=ctx->bn[ctx->tos];
+ B=ctx->bn[ctx->tos+1];
+ X=ctx->bn[ctx->tos+2];
+ D=ctx->bn[ctx->tos+3];
+ M=ctx->bn[ctx->tos+4];
+ Y=ctx->bn[ctx->tos+5];
+ ctx->tos+=6;
+ R=BN_new();
+ if (R == NULL) goto err;
+
+ BN_zero(X);
+ BN_one(Y);
+ if (BN_copy(A,a) == NULL) goto err;
+ if (BN_copy(B,n) == NULL) goto err;
+ sign=1;
+
+ while (!BN_is_zero(B))
+ {
+ if (!BN_div(D,M,A,B,ctx)) goto err;
+ T=A;
+ A=B;
+ B=M;
+ /* T has a struct, M does not */
+
+ if (!BN_mul(T,D,X)) goto err;
+ if (!BN_add(T,T,Y)) goto err;
+ M=Y;
+ Y=X;
+ X=T;
+ sign= -sign;
+ }
+ if (sign < 0)
+ {
+ if (!BN_sub(Y,n,Y)) goto err;
+ }
+
+ if (BN_is_one(A))
+ { if (!BN_mod(R,Y,n,ctx)) goto err; }
+ else
+ {
+ BNerr(BN_F_BN_MOD_INVERSE,BN_R_NO_INVERSE);
+ goto err;
+ }
+ ret=R;
+err:
+ if ((ret == NULL) && (R != NULL)) BN_free(R);
+ ctx->tos-=6;
+ return(ret);
+ }
+
diff --git a/src/lib/libssl/src/crypto/bn/bn_lcl.h b/src/lib/libssl/src/crypto/bn/bn_lcl.h
new file mode 100644
index 0000000000..edfd788338
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bn/bn_lcl.h
@@ -0,0 +1,199 @@
+/* crypto/bn/bn_lcl.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_BN_LCL_H
+#define HEADER_BN_LCL_H
+
+#include "bn.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*************************************************************
+ * Using the long long type
+ */
+#define Lw(t) (((BN_ULONG)(t))&BN_MASK2)
+#define Hw(t) (((BN_ULONG)((t)>>BN_BITS2))&BN_MASK2)
+
+#define bn_fix_top(a) \
+ { \
+ BN_ULONG *fix_top_l; \
+ for (fix_top_l= &((a)->d[(a)->top-1]); (a)->top > 0; (a)->top--) \
+ if (*(fix_top_l--)) break; \
+ }
+
+/* #define bn_expand(n,b) ((((b)/BN_BITS2) <= (n)->max)?(n):bn_expand2((n),(b))) */
+
+#ifdef BN_LLONG
+#define mul_add(r,a,w,c) { \
+ BN_ULLONG t; \
+ t=(BN_ULLONG)w * (a) + (r) + (c); \
+ (r)= Lw(t); \
+ (c)= Hw(t); \
+ }
+
+#define mul(r,a,w,c) { \
+ BN_ULLONG t; \
+ t=(BN_ULLONG)w * (a) + (c); \
+ (r)= Lw(t); \
+ (c)= Hw(t); \
+ }
+
+#else
+/*************************************************************
+ * No long long type
+ */
+
+#define LBITS(a) ((a)&BN_MASK2l)
+#define HBITS(a) (((a)>>BN_BITS4)&BN_MASK2l)
+#define L2HBITS(a) ((BN_ULONG)((a)&BN_MASK2l)<<BN_BITS4)
+
+#define LLBITS(a) ((a)&BN_MASKl)
+#define LHBITS(a) (((a)>>BN_BITS2)&BN_MASKl)
+#define LL2HBITS(a) ((BN_ULLONG)((a)&BN_MASKl)<<BN_BITS2)
+
+#define mul64(l,h,bl,bh) \
+ { \
+ BN_ULONG m,m1,lt,ht; \
+ \
+ lt=l; \
+ ht=h; \
+ m =(bh)*(lt); \
+ lt=(bl)*(lt); \
+ m1=(bl)*(ht); \
+ ht =(bh)*(ht); \
+ m=(m+m1)&BN_MASK2; if (m < m1) ht+=L2HBITS(1L); \
+ ht+=HBITS(m); \
+ m1=L2HBITS(m); \
+ lt=(lt+m1)&BN_MASK2; if (lt < m1) ht++; \
+ (l)=lt; \
+ (h)=ht; \
+ }
+
+#define sqr64(lo,ho,in) \
+ { \
+ BN_ULONG l,h,m; \
+ \
+ h=(in); \
+ l=LBITS(h); \
+ h=HBITS(h); \
+ m =(l)*(h); \
+ l*=l; \
+ h*=h; \
+ h+=(m&BN_MASK2h1)>>(BN_BITS4-1); \
+ m =(m&BN_MASK2l)<<(BN_BITS4+1); \
+ l=(l+m)&BN_MASK2; if (l < m) h++; \
+ (lo)=l; \
+ (ho)=h; \
+ }
+
+#define mul_add(r,a,bl,bh,c) { \
+ BN_ULONG l,h; \
+ \
+ h= (a); \
+ l=LBITS(h); \
+ h=HBITS(h); \
+ mul64(l,h,(bl),(bh)); \
+ \
+ /* non-multiply part */ \
+ l=(l+(c))&BN_MASK2; if (l < (c)) h++; \
+ (c)=(r); \
+ l=(l+(c))&BN_MASK2; if (l < (c)) h++; \
+ (c)=h&BN_MASK2; \
+ (r)=l; \
+ }
+
+#define mul(r,a,bl,bh,c) { \
+ BN_ULONG l,h; \
+ \
+ h= (a); \
+ l=LBITS(h); \
+ h=HBITS(h); \
+ mul64(l,h,(bl),(bh)); \
+ \
+ /* non-multiply part */ \
+ l+=(c); if ((l&BN_MASK2) < (c)) h++; \
+ (c)=h&BN_MASK2; \
+ (r)=l&BN_MASK2; \
+ }
+
+#endif
+
+#ifndef NOPROTO
+
+BIGNUM *bn_expand2(BIGNUM *b, int bits);
+
+#ifdef X86_ASM
+void bn_add_words(BN_ULONG *r,BN_ULONG *a,int num);
+#endif
+
+#else
+
+BIGNUM *bn_expand2();
+#ifdef X86_ASM
+BN_ULONG bn_add_words();
+#endif
+
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/src/lib/libssl/src/crypto/bn/bn_lib.c b/src/lib/libssl/src/crypto/bn/bn_lib.c
new file mode 100644
index 0000000000..bfe7628ad4
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bn/bn_lib.c
@@ -0,0 +1,611 @@
+/* crypto/bn/bn_lib.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+char *BN_version="Big Number part of SSLeay 0.9.0b 29-Jun-1998";
+
+BIGNUM *BN_value_one()
+ {
+ static BN_ULONG data_one=1L;
+ static BIGNUM const_one={&data_one,1,1,0};
+
+ return(&const_one);
+ }
+
+char *BN_options()
+ {
+ static int init=0;
+ static char data[16];
+
+ if (!init)
+ {
+ init++;
+#ifdef BN_LLONG
+ sprintf(data,"bn(%d,%d)",(int)sizeof(BN_ULLONG)*8,
+ (int)sizeof(BN_ULONG)*8);
+#else
+ sprintf(data,"bn(%d,%d)",(int)sizeof(BN_ULONG)*8,
+ (int)sizeof(BN_ULONG)*8);
+#endif
+ }
+ return(data);
+ }
+
+int BN_num_bits_word(l)
+BN_ULONG l;
+ {
+ static char bits[256]={
+ 0,1,2,2,3,3,3,3,4,4,4,4,4,4,4,4,
+ 5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,
+ 6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,
+ 6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,
+ 7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,
+ 7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,
+ 7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,
+ 7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,
+ 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
+ 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
+ 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
+ 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
+ 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
+ 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
+ 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
+ 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
+ };
+
+#ifdef SIXTY_FOUR_BIT_LONG
+ if (l & 0xffffffff00000000L)
+ {
+ if (l & 0xffff000000000000L)
+ {
+ if (l & 0xff00000000000000L)
+ {
+ return(bits[l>>56]+56);
+ }
+ else return(bits[l>>48]+48);
+ }
+ else
+ {
+ if (l & 0x0000ff0000000000L)
+ {
+ return(bits[l>>40]+40);
+ }
+ else return(bits[l>>32]+32);
+ }
+ }
+ else
+#else
+#ifdef SIXTY_FOUR_BIT
+ if (l & 0xffffffff00000000LL)
+ {
+ if (l & 0xffff000000000000LL)
+ {
+ if (l & 0xff00000000000000LL)
+ {
+ return(bits[l>>56]+56);
+ }
+ else return(bits[l>>48]+48);
+ }
+ else
+ {
+ if (l & 0x0000ff0000000000LL)
+ {
+ return(bits[l>>40]+40);
+ }
+ else return(bits[l>>32]+32);
+ }
+ }
+ else
+#endif
+#endif
+ {
+#if defined(THIRTY_TWO_BIT) || defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG)
+ if (l & 0xffff0000L)
+ {
+ if (l & 0xff000000L)
+ return(bits[l>>24L]+24);
+ else return(bits[l>>16L]+16);
+ }
+ else
+#endif
+ {
+#if defined(SIXTEEN_BIT) || defined(THIRTY_TWO_BIT) || defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG)
+ if (l & 0xff00L)
+ return(bits[l>>8]+8);
+ else
+#endif
+ return(bits[l ] );
+ }
+ }
+ }
+
+int BN_num_bits(a)
+BIGNUM *a;
+ {
+ BN_ULONG l;
+ int i;
+
+ if (a->top == 0) return(0);
+ l=a->d[a->top-1];
+ i=(a->top-1)*BN_BITS2;
+ if (l == 0)
+ {
+#if !defined(NO_STDIO) && !defined(WIN16)
+ fprintf(stderr,"BAD TOP VALUE\n");
+#endif
+ abort();
+ }
+ return(i+BN_num_bits_word(l));
+ }
+
+void BN_clear_free(a)
+BIGNUM *a;
+ {
+ if (a == NULL) return;
+ if (a->d != NULL)
+ {
+ memset(a->d,0,a->max*sizeof(a->d[0]));
+ Free(a->d);
+ }
+ memset(a,0,sizeof(BIGNUM));
+ Free(a);
+ }
+
+void BN_free(a)
+BIGNUM *a;
+ {
+ if (a == NULL) return;
+ if (a->d != NULL) Free(a->d);
+ Free(a);
+ }
+
+BIGNUM *BN_new()
+ {
+ BIGNUM *ret;
+ BN_ULONG *p;
+
+ ret=(BIGNUM *)Malloc(sizeof(BIGNUM));
+ if (ret == NULL) goto err;
+ ret->top=0;
+ ret->neg=0;
+ ret->max=(BN_DEFAULT_BITS/BN_BITS2);
+ p=(BN_ULONG *)Malloc(sizeof(BN_ULONG)*(ret->max+1));
+ if (p == NULL) goto err;
+ ret->d=p;
+
+ memset(p,0,(ret->max+1)*sizeof(p[0]));
+ return(ret);
+err:
+ BNerr(BN_F_BN_NEW,ERR_R_MALLOC_FAILURE);
+ return(NULL);
+ }
+
+BN_CTX *BN_CTX_new()
+ {
+ BN_CTX *ret;
+ BIGNUM *n;
+ int i,j;
+
+ ret=(BN_CTX *)Malloc(sizeof(BN_CTX));
+ if (ret == NULL) goto err2;
+
+ for (i=0; i<BN_CTX_NUM; i++)
+ {
+ n=BN_new();
+ if (n == NULL) goto err;
+ ret->bn[i]=n;
+ }
+
+ /* There is actually an extra one, this is for debugging my
+ * stuff */
+ ret->bn[BN_CTX_NUM]=NULL;
+
+ ret->tos=0;
+ return(ret);
+err:
+ for (j=0; j<i; j++)
+ BN_free(ret->bn[j]);
+ Free(ret);
+err2:
+ BNerr(BN_F_BN_CTX_NEW,ERR_R_MALLOC_FAILURE);
+ return(NULL);
+ }
+
+void BN_CTX_free(c)
+BN_CTX *c;
+ {
+ int i;
+
+ for (i=0; i<BN_CTX_NUM; i++)
+ BN_clear_free(c->bn[i]);
+ Free(c);
+ }
+
+BIGNUM *bn_expand2(b, words)
+BIGNUM *b;
+int words;
+ {
+ BN_ULONG *p;
+
+ if (words > b->max)
+ {
+ p=(BN_ULONG *)Realloc(b->d,sizeof(BN_ULONG)*(words+1));
+ if (p == NULL)
+ {
+ BNerr(BN_F_BN_EXPAND2,ERR_R_MALLOC_FAILURE);
+ return(NULL);
+ }
+ b->d=p;
+ memset(&(p[b->max]),0,((words+1)-b->max)*sizeof(BN_ULONG));
+ b->max=words;
+ }
+ return(b);
+ }
+
+BIGNUM *BN_dup(a)
+BIGNUM *a;
+ {
+ BIGNUM *r;
+
+ r=BN_new();
+ if (r == NULL) return(NULL);
+ return((BIGNUM *)BN_copy(r,a));
+ }
+
+BIGNUM *BN_copy(a, b)
+BIGNUM *a;
+BIGNUM *b;
+ {
+ int i;
+ BN_ULONG *A,*B;
+
+ if (a == b) return(a);
+ if (bn_wexpand(a,b->top) == NULL) return(NULL);
+
+#if 1
+ A=a->d;
+ B=b->d;
+ for (i=b->top&(~7); i>0; i-=8)
+ {
+ A[0]=B[0];
+ A[1]=B[1];
+ A[2]=B[2];
+ A[3]=B[3];
+ A[4]=B[4];
+ A[5]=B[5];
+ A[6]=B[6];
+ A[7]=B[7];
+ A+=8;
+ B+=8;
+ }
+ switch (b->top&7)
+ {
+ case 7:
+ A[6]=B[6];
+ case 6:
+ A[5]=B[5];
+ case 5:
+ A[4]=B[4];
+ case 4:
+ A[3]=B[3];
+ case 3:
+ A[2]=B[2];
+ case 2:
+ A[1]=B[1];
+ case 1:
+ A[0]=B[0];
+ }
+#else
+ memcpy(a->d,b->d,sizeof(b->d[0])*b->top);
+#endif
+
+/* memset(&(a->d[b->top]),0,sizeof(a->d[0])*(a->max-b->top));*/
+ a->top=b->top;
+ if (a->top == 0)
+ a->d[0]=0;
+ a->neg=b->neg;
+ return(a);
+ }
+
+void BN_clear(a)
+BIGNUM *a;
+ {
+ memset(a->d,0,a->max*sizeof(a->d[0]));
+ a->top=0;
+ a->neg=0;
+ }
+
+unsigned long BN_get_word(a)
+BIGNUM *a;
+ {
+ int i,n;
+ unsigned long ret=0;
+
+ n=BN_num_bytes(a);
+ if (n > sizeof(unsigned long))
+#ifdef SIXTY_FOUR_BIT_LONG
+ return(BN_MASK2);
+#else
+ return(0xFFFFFFFFL);
+#endif
+ for (i=a->top-1; i>=0; i--)
+ {
+#ifndef SIXTY_FOUR_BIT /* the data item > unsigned long */
+ ret<<=BN_BITS4; /* stops the compiler complaining */
+ ret<<=BN_BITS4;
+#endif
+ ret|=a->d[i];
+ }
+ return(ret);
+ }
+
+int BN_set_word(a,w)
+BIGNUM *a;
+unsigned long w;
+ {
+ int i,n;
+ if (bn_expand(a,sizeof(unsigned long)*8) == NULL) return(0);
+
+ n=sizeof(unsigned long)/BN_BYTES;
+ a->neg=0;
+ a->top=0;
+ a->d[0]=(BN_ULONG)w&BN_MASK2;
+ if (a->d[0] != 0) a->top=1;
+ for (i=1; i<n; i++)
+ {
+ /* the following is done instead of
+ * w>>=BN_BITS2 so compilers don't complain
+ * on builds where sizeof(long) == BN_TYPES */
+#ifndef SIXTY_FOUR_BIT /* the data item > unsigned long */
+ w>>=BN_BITS4;
+ w>>=BN_BITS4;
+#endif
+ a->d[i]=(BN_ULONG)w&BN_MASK2;
+ if (a->d[i] != 0) a->top=i+1;
+ }
+ return(1);
+ }
+
+/* ignore negative */
+BIGNUM *BN_bin2bn(s, len, ret)
+unsigned char *s;
+int len;
+BIGNUM *ret;
+ {
+ unsigned int i,m;
+ unsigned int n;
+ BN_ULONG l;
+
+ if (ret == NULL) ret=BN_new();
+ if (ret == NULL) return(NULL);
+ l=0;
+ n=len;
+ if (n == 0)
+ {
+ ret->top=0;
+ return(ret);
+ }
+ if (bn_expand(ret,(int)(n+2)*8) == NULL)
+ return(NULL);
+ i=((n-1)/BN_BYTES)+1;
+ m=((n-1)%(BN_BYTES));
+ ret->top=i;
+ while (n-- > 0)
+ {
+ l=(l<<8L)| *(s++);
+ if (m-- == 0)
+ {
+ ret->d[--i]=l;
+ l=0;
+ m=BN_BYTES-1;
+ }
+ }
+ /* need to call this due to clear byte at top if avoiding
+ * having the top bit set (-ve number) */
+ bn_fix_top(ret);
+ return(ret);
+ }
+
+/* ignore negative */
+int BN_bn2bin(a, to)
+BIGNUM *a;
+unsigned char *to;
+ {
+ int n,i;
+ BN_ULONG l;
+
+ n=i=BN_num_bytes(a);
+ while (i-- > 0)
+ {
+ l=a->d[i/BN_BYTES];
+ *(to++)=(unsigned char)(l>>(8*(i%BN_BYTES)))&0xff;
+ }
+ return(n);
+ }
+
+int BN_ucmp(a, b)
+BIGNUM *a;
+BIGNUM *b;
+ {
+ int i;
+ BN_ULONG t1,t2,*ap,*bp;
+
+ i=a->top-b->top;
+ if (i != 0) return(i);
+ ap=a->d;
+ bp=b->d;
+ for (i=a->top-1; i>=0; i--)
+ {
+ t1= ap[i];
+ t2= bp[i];
+ if (t1 != t2)
+ return(t1 > t2?1:-1);
+ }
+ return(0);
+ }
+
+int BN_cmp(a, b)
+BIGNUM *a;
+BIGNUM *b;
+ {
+ int i;
+ int gt,lt;
+ BN_ULONG t1,t2;
+
+ if ((a == NULL) || (b == NULL))
+ {
+ if (a != NULL)
+ return(-1);
+ else if (b != NULL)
+ return(1);
+ else
+ return(0);
+ }
+ if (a->neg != b->neg)
+ {
+ if (a->neg)
+ return(-1);
+ else return(1);
+ }
+ if (a->neg == 0)
+ { gt=1; lt= -1; }
+ else { gt= -1; lt=1; }
+
+ if (a->top > b->top) return(gt);
+ if (a->top < b->top) return(lt);
+ for (i=a->top-1; i>=0; i--)
+ {
+ t1=a->d[i];
+ t2=b->d[i];
+ if (t1 > t2) return(gt);
+ if (t1 < t2) return(lt);
+ }
+ return(0);
+ }
+
+int BN_set_bit(a, n)
+BIGNUM *a;
+int n;
+ {
+ int i,j;
+
+ i=n/BN_BITS2;
+ j=n%BN_BITS2;
+ if (a->top <= i)
+ {
+ if (bn_expand(a,n) == NULL) return(0);
+ a->top=i+1;
+ }
+
+ a->d[i]|=(1L<<j);
+ return(1);
+ }
+
+int BN_clear_bit(a, n)
+BIGNUM *a;
+int n;
+ {
+ int i,j;
+
+ i=n/BN_BITS2;
+ j=n%BN_BITS2;
+ if (a->top <= i) return(0);
+
+ a->d[i]&=(~(1L<<j));
+ return(1);
+ }
+
+int BN_is_bit_set(a, n)
+BIGNUM *a;
+int n;
+ {
+ int i,j;
+
+ if (n < 0) return(0);
+ i=n/BN_BITS2;
+ j=n%BN_BITS2;
+ if (a->top <= i) return(0);
+ return((a->d[i]&(((BN_ULONG)1)<<j))?1:0);
+ }
+
+int BN_mask_bits(a,n)
+BIGNUM *a;
+int n;
+ {
+ int b,w;
+
+ w=n/BN_BITS2;
+ b=n%BN_BITS2;
+ if (w >= a->top) return(0);
+ if (b == 0)
+ a->top=w;
+ else
+ {
+ a->top=w+1;
+ a->d[w]&= ~(BN_MASK2<<b);
+ while ((w >= 0) && (a->d[w] == 0))
+ {
+ a->top--;
+ w--;
+ }
+ }
+ return(1);
+ }
diff --git a/src/lib/libssl/src/crypto/bn/bn_mod.c b/src/lib/libssl/src/crypto/bn/bn_mod.c
new file mode 100644
index 0000000000..c351aac14f
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bn/bn_mod.c
@@ -0,0 +1,97 @@
+/* crypto/bn/bn_mod.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+/* rem != m */
+int BN_mod(rem, m, d,ctx)
+BIGNUM *rem;
+BIGNUM *m;
+BIGNUM *d;
+BN_CTX *ctx;
+ {
+#if 0 /* The old slow way */
+ int i,nm,nd;
+ BIGNUM *dv;
+
+ if (BN_ucmp(m,d) < 0)
+ return((BN_copy(rem,m) == NULL)?0:1);
+
+ dv=ctx->bn[ctx->tos];
+
+ if (!BN_copy(rem,m)) return(0);
+
+ nm=BN_num_bits(rem);
+ nd=BN_num_bits(d);
+ if (!BN_lshift(dv,d,nm-nd)) return(0);
+ for (i=nm-nd; i>=0; i--)
+ {
+ if (BN_cmp(rem,dv) >= 0)
+ {
+ if (!BN_sub(rem,rem,dv)) return(0);
+ }
+ if (!BN_rshift1(dv,dv)) return(0);
+ }
+ return(1);
+#else
+ return(BN_div(NULL,rem,m,d,ctx));
+#endif
+ }
+
diff --git a/src/lib/libssl/src/crypto/bn/bn_mont.c b/src/lib/libssl/src/crypto/bn/bn_mont.c
new file mode 100644
index 0000000000..e435df61f8
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bn/bn_mont.c
@@ -0,0 +1,306 @@
+/* crypto/bn/bn_mont.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+int BN_mod_mul_montgomery(r,a,b,mont,ctx)
+BIGNUM *r,*a,*b;
+BN_MONT_CTX *mont;
+BN_CTX *ctx;
+ {
+ BIGNUM *tmp;
+
+ tmp=ctx->bn[ctx->tos++];
+
+ if (a == b)
+ {
+ if (!BN_sqr(tmp,a,ctx)) goto err;
+ }
+ else
+ {
+ if (!BN_mul(tmp,a,b)) goto err;
+ }
+ /* reduce from aRR to aR */
+ if (!BN_from_montgomery(r,tmp,mont,ctx)) goto err;
+ ctx->tos--;
+ return(1);
+err:
+ return(0);
+ }
+
+#define MONT_WORD
+
+#ifdef MONT_WORD
+int BN_from_montgomery(ret,a,mont,ctx)
+BIGNUM *ret;
+BIGNUM *a;
+BN_MONT_CTX *mont;
+BN_CTX *ctx;
+ {
+ BIGNUM *n,*t1,*r;
+ BN_ULONG *ap,*np,*rp,n0,v;
+ int al,nl,max,i,x,ri;
+ int retn=0;
+
+ t1=ctx->bn[ctx->tos];
+ r=ctx->bn[ctx->tos+1];
+
+ if (!BN_copy(r,a)) goto err;
+ n=mont->N;
+
+ ap=a->d;
+ /* mont->ri is the size of mont->N in bits/words */
+ al=ri=mont->ri/BN_BITS2;
+
+ nl=n->top;
+ if ((al == 0) || (nl == 0)) { r->top=0; return(1); }
+
+ max=(nl+al+1); /* allow for overflow (no?) XXX */
+ if (bn_wexpand(r,max) == NULL) goto err;
+ if (bn_wexpand(ret,max) == NULL) goto err;
+
+ r->neg=a->neg^n->neg;
+ np=n->d;
+ rp=r->d;
+
+ /* clear the top words of T */
+#if 1
+ for (i=r->top; i<max; i++) /* memset? XXX */
+ r->d[i]=0;
+#else
+ memset(&(r->d[r->top]),0,(max-r->top)*sizeof(BN_ULONG));
+#endif
+
+ r->top=max;
+ n0=mont->n0;
+
+ for (i=0; i<nl; i++)
+ {
+#if 0
+ int x1,x2;
+
+ if (i+4 > nl)
+ {
+ x2=nl;
+ x1=0;
+ }
+ else
+ {
+ x2=i+4;
+ x1=nl-x2;
+ }
+ v=bn_mul_add_words(&(rp[x1]),&(np[x1]),x2,(rp[x1]*n0)&BN_MASK2);
+#else
+ v=bn_mul_add_words(rp,np,nl,(rp[0]*n0)&BN_MASK2);
+#endif
+
+ if (((rp[nl]+=v)&BN_MASK2) < v)
+ {
+ for (x=(nl+1); (((++rp[x])&BN_MASK2) == 0); x++)
+ ;
+ }
+ rp++;
+ }
+ while (r->d[r->top-1] == 0)
+ r->top--;
+
+ /* mont->ri will be a multiple of the word size */
+#if 0
+ BN_rshift(ret,r,mont->ri);
+#else
+ ap=r->d;
+ rp=ret->d;
+ x=ri;
+ al=r->top-x;
+ for (i=0; i<al; i++)
+ {
+ rp[i]=ap[i+x];
+ }
+ ret->top=al;
+#endif
+
+ if (BN_ucmp(ret,mont->N) >= 0)
+ {
+ bn_qsub(ret,ret,mont->N); /* XXX */
+ }
+ retn=1;
+err:
+ return(retn);
+ }
+#else
+int BN_from_montgomery(r,a,mont,ctx)
+BIGNUM *r;
+BIGNUM *a;
+BN_MONT_CTX *mont;
+BN_CTX *ctx;
+ {
+ BIGNUM *t1,*t2;
+
+ t1=ctx->bn[ctx->tos];
+ t2=ctx->bn[ctx->tos+1];
+
+ if (!BN_copy(t1,a)) goto err;
+ /* can cheat */
+ BN_mask_bits(t1,mont->ri);
+
+ if (!BN_mul(t2,t1,mont->Ni)) goto err;
+ BN_mask_bits(t2,mont->ri);
+
+ if (!BN_mul(t1,t2,mont->N)) goto err;
+ if (!BN_add(t2,a,t1)) goto err;
+ BN_rshift(r,t2,mont->ri);
+
+ if (BN_ucmp(r,mont->N) >= 0)
+ bn_qsub(r,r,mont->N);
+
+ return(1);
+err:
+ return(0);
+ }
+#endif
+
+BN_MONT_CTX *BN_MONT_CTX_new()
+ {
+ BN_MONT_CTX *ret;
+
+ if ((ret=(BN_MONT_CTX *)Malloc(sizeof(BN_MONT_CTX))) == NULL)
+ return(NULL);
+ ret->ri=0;
+ ret->RR=BN_new();
+ ret->N=BN_new();
+ ret->Ni=NULL;
+ if ((ret->RR == NULL) || (ret->N == NULL))
+ {
+ BN_MONT_CTX_free(ret);
+ return(NULL);
+ }
+ return(ret);
+ }
+
+void BN_MONT_CTX_free(mont)
+BN_MONT_CTX *mont;
+ {
+ if (mont->RR != NULL) BN_free(mont->RR);
+ if (mont->N != NULL) BN_free(mont->N);
+ if (mont->Ni != NULL) BN_free(mont->Ni);
+ Free(mont);
+ }
+
+int BN_MONT_CTX_set(mont,mod,ctx)
+BN_MONT_CTX *mont;
+BIGNUM *mod;
+BN_CTX *ctx;
+ {
+ BIGNUM *Ri=NULL,*R=NULL;
+
+ if (mont->RR == NULL) mont->RR=BN_new();
+ if (mont->N == NULL) mont->N=BN_new();
+
+ R=mont->RR; /* grab RR as a temp */
+ BN_copy(mont->N,mod); /* Set N */
+
+#ifdef MONT_WORD
+{
+ BIGNUM tmod;
+ BN_ULONG buf[2];
+ /* int z; */
+
+ mont->ri=(BN_num_bits(mod)+(BN_BITS2-1))/BN_BITS2*BN_BITS2;
+ BN_lshift(R,BN_value_one(),BN_BITS2); /* R */
+ /* I was bad, this modification of a passed variable was
+ * breaking the multithreaded stuff :-(
+ * z=mod->top;
+ * mod->top=1; */
+
+ buf[0]=mod->d[0];
+ buf[1]=0;
+ tmod.d=buf;
+ tmod.top=1;
+ tmod.max=mod->max;
+ tmod.neg=mod->neg;
+
+ if ((Ri=BN_mod_inverse(R,&tmod,ctx)) == NULL) goto err; /* Ri */
+ BN_lshift(Ri,Ri,BN_BITS2); /* R*Ri */
+ bn_qsub(Ri,Ri,BN_value_one()); /* R*Ri - 1 */
+ BN_div(Ri,NULL,Ri,&tmod,ctx);
+ mont->n0=Ri->d[0];
+ BN_free(Ri);
+ /* mod->top=z; */
+}
+#else
+ mont->ri=BN_num_bits(mod);
+ BN_lshift(R,BN_value_one(),mont->ri); /* R */
+ if ((Ri=BN_mod_inverse(R,mod,ctx)) == NULL) goto err; /* Ri */
+ BN_lshift(Ri,Ri,mont->ri); /* R*Ri */
+ bn_qsub(Ri,Ri,BN_value_one()); /* R*Ri - 1 */
+ BN_div(Ri,NULL,Ri,mod,ctx);
+ if (mont->Ni != NULL) BN_free(mont->Ni);
+ mont->Ni=Ri; /* Ni=(R*Ri-1)/N */
+#endif
+
+ /* setup RR for conversions */
+ BN_lshift(mont->RR,BN_value_one(),mont->ri*2);
+ BN_mod(mont->RR,mont->RR,mont->N,ctx);
+
+ return(1);
+err:
+ return(0);
+ }
+
diff --git a/src/lib/libssl/src/crypto/bn/bn_mpi.c b/src/lib/libssl/src/crypto/bn/bn_mpi.c
new file mode 100644
index 0000000000..53945c1057
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bn/bn_mpi.c
@@ -0,0 +1,134 @@
+/* crypto/bn/bn_mpi.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+int BN_bn2mpi(a,d)
+BIGNUM *a;
+unsigned char *d;
+ {
+ int bits;
+ int num=0;
+ int ext=0;
+ long l;
+
+ bits=BN_num_bits(a);
+ num=(bits+7)/8;
+ if (bits > 0)
+ {
+ ext=((bits & 0x07) == 0);
+ }
+ if (d == NULL)
+ return(num+4+ext);
+
+ l=num+ext;
+ d[0]=(unsigned char)(l>>24)&0xff;
+ d[1]=(unsigned char)(l>>16)&0xff;
+ d[2]=(unsigned char)(l>> 8)&0xff;
+ d[3]=(unsigned char)(l )&0xff;
+ if (ext) d[4]=0;
+ num=BN_bn2bin(a,&(d[4+ext]));
+ if (a->neg)
+ d[4]|=0x80;
+ return(num+4+ext);
+ }
+
+BIGNUM *BN_mpi2bn(d,n,a)
+unsigned char *d;
+int n;
+BIGNUM *a;
+ {
+ long len;
+ int neg=0;
+
+ if (n < 4)
+ {
+ BNerr(BN_F_BN_MPI2BN,BN_R_INVALID_LENGTH);
+ return(NULL);
+ }
+ len=(d[0]<<24)|(d[1]<<16)|(d[2]<<8)|d[3];
+ if ((len+4) != n)
+ {
+ BNerr(BN_F_BN_MPI2BN,BN_R_ENCODING_ERROR);
+ return(NULL);
+ }
+
+ if (a == NULL) a=BN_new();
+ if (a == NULL) return(NULL);
+
+ if (len == 0)
+ {
+ a->neg=0;
+ a->top=0;
+ return(a);
+ }
+ d+=4;
+ if ((*d) & 0x80)
+ neg=1;
+ if (BN_bin2bn(d,(int)len,a) == NULL)
+ return(NULL);
+ a->neg=neg;
+ if (neg)
+ {
+ BN_clear_bit(a,BN_num_bits(a)-1);
+ }
+ return(a);
+ }
+
diff --git a/src/lib/libssl/src/crypto/bn/bn_mul.c b/src/lib/libssl/src/crypto/bn/bn_mul.c
new file mode 100644
index 0000000000..d0c04e1d4b
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bn/bn_mul.c
@@ -0,0 +1,209 @@
+/* crypto/bn/bn_mul.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+/* r must be different to a and b */
+/* int BN_mmul(r, a, b) */
+int BN_mul(r, a, b)
+BIGNUM *r;
+BIGNUM *a;
+BIGNUM *b;
+ {
+ int i;
+ int max,al,bl;
+ BN_ULONG *ap,*bp,*rp;
+
+ al=a->top;
+ bl=b->top;
+ if ((al == 0) || (bl == 0))
+ {
+ r->top=0;
+ return(1);
+ }
+
+ max=(al+bl);
+ if (bn_wexpand(r,max) == NULL) return(0);
+ r->top=max;
+ r->neg=a->neg^b->neg;
+ ap=a->d;
+ bp=b->d;
+ rp=r->d;
+
+ rp[al]=bn_mul_words(rp,ap,al,*(bp++));
+ rp++;
+ for (i=1; i<bl; i++)
+ {
+ rp[al]=bn_mul_add_words(rp,ap,al,*(bp++));
+ rp++;
+ }
+ if (r->d[max-1] == 0) r->top--;
+ return(1);
+ }
+
+#if 0
+#include "stack.h"
+
+int limit=16;
+
+typedef struct bn_pool_st
+ {
+ int used;
+ int tos;
+ STACK *sk;
+ } BN_POOL;
+
+BIGNUM *BN_POOL_push(bp)
+BN_POOL *bp;
+ {
+ BIGNUM *ret;
+
+ if (bp->used >= bp->tos)
+ {
+ ret=BN_new();
+ sk_push(bp->sk,(char *)ret);
+ bp->tos++;
+ bp->used++;
+ }
+ else
+ {
+ ret=(BIGNUM *)sk_value(bp->sk,bp->used);
+ bp->used++;
+ }
+ return(ret);
+ }
+
+void BN_POOL_pop(bp,num)
+BN_POOL *bp;
+int num;
+ {
+ bp->used-=num;
+ }
+
+int BN_mul(r,a,b)
+BIGNUM *r,*a,*b;
+ {
+ static BN_POOL bp;
+ static init=1;
+
+ if (init)
+ {
+ bp.used=0;
+ bp.tos=0;
+ bp.sk=sk_new_null();
+ init=0;
+ }
+ return(BN_mm(r,a,b,&bp));
+ }
+
+/* r must be different to a and b */
+int BN_mm(m, A, B, bp)
+BIGNUM *m,*A,*B;
+BN_POOL *bp;
+ {
+ int i,num;
+ int an,bn;
+ BIGNUM *a,*b,*c,*d,*ac,*bd;
+
+ an=A->top;
+ bn=B->top;
+ if ((an <= limit) || (bn <= limit))
+ {
+ return(BN_mmul(m,A,B));
+ }
+
+ a=BN_POOL_push(bp);
+ b=BN_POOL_push(bp);
+ c=BN_POOL_push(bp);
+ d=BN_POOL_push(bp);
+ ac=BN_POOL_push(bp);
+ bd=BN_POOL_push(bp);
+
+ num=(an <= bn)?an:bn;
+ num=1<<(BN_num_bits_word(num-1)-1);
+
+ /* Are going to now chop things into 'num' word chunks. */
+ num*=BN_BITS2;
+
+ BN_copy(a,A);
+ BN_mask_bits(a,num);
+ BN_rshift(b,A,num);
+
+ BN_copy(c,B);
+ BN_mask_bits(c,num);
+ BN_rshift(d,B,num);
+
+ BN_sub(ac ,b,a);
+ BN_sub(bd,c,d);
+ BN_mm(m,ac,bd,bp);
+ BN_mm(ac,a,c,bp);
+ BN_mm(bd,b,d,bp);
+
+ BN_add(m,m,ac);
+ BN_add(m,m,bd);
+ BN_lshift(m,m,num);
+ BN_lshift(bd,bd,num*2);
+
+ BN_add(m,m,ac);
+ BN_add(m,m,bd);
+ BN_POOL_pop(bp,6);
+ return(1);
+ }
+#endif
diff --git a/src/lib/libssl/src/crypto/bn/bn_prime.c b/src/lib/libssl/src/crypto/bn/bn_prime.c
new file mode 100644
index 0000000000..0c85f70b59
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bn/bn_prime.c
@@ -0,0 +1,473 @@
+/* crypto/bn/bn_prime.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+#include "rand.h"
+
+/* The quick seive algorithm approach to weeding out primes is
+ * Philip Zimmermann's, as implemented in PGP. I have had a read of
+ * his comments and implemented my own version.
+ */
+#include "bn_prime.h"
+
+#ifndef NOPROTO
+static int witness(BIGNUM *a, BIGNUM *n, BN_CTX *ctx,BN_CTX *ctx2,
+ BN_MONT_CTX *mont);
+static int probable_prime(BIGNUM *rnd, int bits);
+static int probable_prime_dh(BIGNUM *rnd, int bits,
+ BIGNUM *add, BIGNUM *rem, BN_CTX *ctx);
+static int probable_prime_dh_strong(BIGNUM *rnd, int bits,
+ BIGNUM *add, BIGNUM *rem, BN_CTX *ctx);
+#else
+static int witness();
+static int probable_prime();
+static int probable_prime_dh();
+static int probable_prime_dh_strong();
+#endif
+
+BIGNUM *BN_generate_prime(bits,strong,add,rem,callback,cb_arg)
+int bits;
+int strong;
+BIGNUM *add;
+BIGNUM *rem;
+void (*callback)(P_I_I_P);
+char *cb_arg;
+ {
+ BIGNUM *rnd=NULL;
+ BIGNUM *ret=NULL;
+ BIGNUM *t=NULL;
+ int i,j,c1=0;
+ BN_CTX *ctx;
+
+ ctx=BN_CTX_new();
+ if (ctx == NULL) goto err;
+ if ((rnd=BN_new()) == NULL) goto err;
+ if (strong)
+ if ((t=BN_new()) == NULL) goto err;
+loop:
+ /* make a random number and set the top and bottom bits */
+ if (add == NULL)
+ {
+ if (!probable_prime(rnd,bits)) goto err;
+ }
+ else
+ {
+ if (strong)
+ {
+ if (!probable_prime_dh_strong(rnd,bits,add,rem,ctx))
+ goto err;
+ }
+ else
+ {
+ if (!probable_prime_dh(rnd,bits,add,rem,ctx))
+ goto err;
+ }
+ }
+ /* if (BN_mod_word(rnd,(BN_ULONG)3) == 1) goto loop; */
+ if (callback != NULL) callback(0,c1++,cb_arg);
+
+ if (!strong)
+ {
+ i=BN_is_prime(rnd,BN_prime_checks,callback,ctx,cb_arg);
+ if (i == -1) goto err;
+ if (i == 0) goto loop;
+ }
+ else
+ {
+ /* for a strong prime generation,
+ * check that (p-1)/2 is prime.
+ * Since a prime is odd, We just
+ * need to divide by 2 */
+ if (!BN_rshift1(t,rnd)) goto err;
+
+ for (i=0; i<BN_prime_checks; i++)
+ {
+ j=BN_is_prime(rnd,1,callback,ctx,cb_arg);
+ if (j == -1) goto err;
+ if (j == 0) goto loop;
+
+ j=BN_is_prime(t,1,callback,ctx,cb_arg);
+ if (j == -1) goto err;
+ if (j == 0) goto loop;
+
+ if (callback != NULL) callback(2,c1-1,cb_arg);
+ /* We have a strong prime test pass */
+ }
+ }
+ /* we have a prime :-) */
+ ret=rnd;
+err:
+ if ((ret == NULL) && (rnd != NULL)) BN_free(rnd);
+ if (t != NULL) BN_free(t);
+ if (ctx != NULL) BN_CTX_free(ctx);
+ return(ret);
+ }
+
+int BN_is_prime(a,checks,callback,ctx_passed,cb_arg)
+BIGNUM *a;
+int checks;
+void (*callback)(P_I_I_P);
+BN_CTX *ctx_passed;
+char *cb_arg;
+ {
+ int i,j,c2=0,ret= -1;
+ BIGNUM *check;
+ BN_CTX *ctx=NULL,*ctx2=NULL;
+ BN_MONT_CTX *mont=NULL;
+
+ if (!BN_is_odd(a))
+ return(0);
+ if (ctx_passed != NULL)
+ ctx=ctx_passed;
+ else
+ if ((ctx=BN_CTX_new()) == NULL) goto err;
+
+ if ((ctx2=BN_CTX_new()) == NULL) goto err;
+ if ((mont=BN_MONT_CTX_new()) == NULL) goto err;
+
+ check=ctx->bn[ctx->tos++];
+
+ /* Setup the montgomery structure */
+ if (!BN_MONT_CTX_set(mont,a,ctx2)) goto err;
+
+ for (i=0; i<checks; i++)
+ {
+ if (!BN_rand(check,BN_num_bits(a)-1,0,0)) goto err;
+ j=witness(check,a,ctx,ctx2,mont);
+ if (j == -1) goto err;
+ if (j)
+ {
+ ret=0;
+ goto err;
+ }
+ if (callback != NULL) callback(1,c2++,cb_arg);
+ }
+ ret=1;
+err:
+ ctx->tos--;
+ if ((ctx_passed == NULL) && (ctx != NULL))
+ BN_CTX_free(ctx);
+ if (ctx2 != NULL)
+ BN_CTX_free(ctx2);
+ if (mont != NULL) BN_MONT_CTX_free(mont);
+
+ return(ret);
+ }
+
+#define RECP_MUL_MOD
+
+static int witness(a,n,ctx,ctx2,mont)
+BIGNUM *a;
+BIGNUM *n;
+BN_CTX *ctx,*ctx2;
+BN_MONT_CTX *mont;
+ {
+ int k,i,ret= -1,good;
+ BIGNUM *d,*dd,*tmp,*d1,*d2,*n1;
+ BIGNUM *mont_one,*mont_n1,*mont_a;
+
+ d1=ctx->bn[ctx->tos];
+ d2=ctx->bn[ctx->tos+1];
+ n1=ctx->bn[ctx->tos+2];
+ ctx->tos+=3;
+
+ mont_one=ctx2->bn[ctx2->tos];
+ mont_n1=ctx2->bn[ctx2->tos+1];
+ mont_a=ctx2->bn[ctx2->tos+2];
+ ctx2->tos+=3;
+
+ d=d1;
+ dd=d2;
+ if (!BN_one(d)) goto err;
+ if (!BN_sub(n1,n,d)) goto err; /* n1=n-1; */
+ k=BN_num_bits(n1);
+
+ if (!BN_to_montgomery(mont_one,BN_value_one(),mont,ctx2)) goto err;
+ if (!BN_to_montgomery(mont_n1,n1,mont,ctx2)) goto err;
+ if (!BN_to_montgomery(mont_a,a,mont,ctx2)) goto err;
+
+ BN_copy(d,mont_one);
+ for (i=k-1; i>=0; i--)
+ {
+ if ( (BN_cmp(d,mont_one) != 0) &&
+ (BN_cmp(d,mont_n1) != 0))
+ good=1;
+ else
+ good=0;
+
+ BN_mod_mul_montgomery(dd,d,d,mont,ctx2);
+
+ if (good && (BN_cmp(dd,mont_one) == 0))
+ {
+ ret=1;
+ goto err;
+ }
+ if (BN_is_bit_set(n1,i))
+ {
+ BN_mod_mul_montgomery(d,dd,mont_a,mont,ctx2);
+ }
+ else
+ {
+ tmp=d;
+ d=dd;
+ dd=tmp;
+ }
+ }
+ if (BN_cmp(d,mont_one) == 0)
+ i=0;
+ else i=1;
+ ret=i;
+err:
+ ctx->tos-=3;
+ ctx2->tos-=3;
+ return(ret);
+ }
+
+static int probable_prime(rnd, bits)
+BIGNUM *rnd;
+int bits;
+ {
+ int i;
+ MS_STATIC BN_ULONG mods[NUMPRIMES];
+ BN_ULONG delta;
+
+ if (!BN_rand(rnd,bits,1,1)) return(0);
+ /* we now have a random number 'rand' to test. */
+ for (i=1; i<NUMPRIMES; i++)
+ mods[i]=BN_mod_word(rnd,(BN_ULONG)primes[i]);
+ delta=0;
+ loop: for (i=1; i<NUMPRIMES; i++)
+ {
+ /* check that rnd is not a prime and also
+ * that gcd(rnd-1,primes) == 1 (except for 2) */
+ if (((mods[i]+delta)%primes[i]) <= 1)
+ {
+ delta+=2;
+ /* perhaps need to check for overflow of
+ * delta (but delta can be upto 2^32) */
+ goto loop;
+ }
+ }
+ if (!BN_add_word(rnd,delta)) return(0);
+ return(1);
+ }
+
+static int probable_prime_dh(rnd, bits, add, rem,ctx)
+BIGNUM *rnd;
+int bits;
+BIGNUM *add;
+BIGNUM *rem;
+BN_CTX *ctx;
+ {
+ int i,ret=0;
+ BIGNUM *t1;
+
+ t1=ctx->bn[ctx->tos++];
+
+ if (!BN_rand(rnd,bits,0,1)) goto err;
+
+ /* we need ((rnd-rem) % add) == 0 */
+
+ if (!BN_mod(t1,rnd,add,ctx)) goto err;
+ if (!BN_sub(rnd,rnd,t1)) goto err;
+ if (rem == NULL)
+ { if (!BN_add_word(rnd,1)) goto err; }
+ else
+ { if (!BN_add(rnd,rnd,rem)) goto err; }
+
+ /* we now have a random number 'rand' to test. */
+
+ loop: for (i=1; i<NUMPRIMES; i++)
+ {
+ /* check that rnd is a prime */
+ if (BN_mod_word(rnd,(BN_LONG)primes[i]) <= 1)
+ {
+ if (!BN_add(rnd,rnd,add)) goto err;
+ goto loop;
+ }
+ }
+ ret=1;
+err:
+ ctx->tos--;
+ return(ret);
+ }
+
+static int probable_prime_dh_strong(p, bits, padd, rem,ctx)
+BIGNUM *p;
+int bits;
+BIGNUM *padd;
+BIGNUM *rem;
+BN_CTX *ctx;
+ {
+ int i,ret=0;
+ BIGNUM *t1,*qadd=NULL,*q=NULL;
+
+ bits--;
+ t1=ctx->bn[ctx->tos++];
+ q=ctx->bn[ctx->tos++];
+ qadd=ctx->bn[ctx->tos++];
+
+ if (!BN_rshift1(qadd,padd)) goto err;
+
+ if (!BN_rand(q,bits,0,1)) goto err;
+
+ /* we need ((rnd-rem) % add) == 0 */
+ if (!BN_mod(t1,q,qadd,ctx)) goto err;
+ if (!BN_sub(q,q,t1)) goto err;
+ if (rem == NULL)
+ { if (!BN_add_word(q,1)) goto err; }
+ else
+ {
+ if (!BN_rshift1(t1,rem)) goto err;
+ if (!BN_add(q,q,t1)) goto err;
+ }
+
+ /* we now have a random number 'rand' to test. */
+ if (!BN_lshift1(p,q)) goto err;
+ if (!BN_add_word(p,1)) goto err;
+
+ loop: for (i=1; i<NUMPRIMES; i++)
+ {
+ /* check that p and q are prime */
+ /* check that for p and q
+ * gcd(p-1,primes) == 1 (except for 2) */
+ if ( (BN_mod_word(p,(BN_LONG)primes[i]) == 0) ||
+ (BN_mod_word(q,(BN_LONG)primes[i]) == 0))
+ {
+ if (!BN_add(p,p,padd)) goto err;
+ if (!BN_add(q,q,qadd)) goto err;
+ goto loop;
+ }
+ }
+ ret=1;
+err:
+ ctx->tos-=3;
+ return(ret);
+ }
+
+#if 0
+static int witness(a, n,ctx)
+BIGNUM *a;
+BIGNUM *n;
+BN_CTX *ctx;
+ {
+ int k,i,nb,ret= -1;
+ BIGNUM *d,*dd,*tmp;
+ BIGNUM *d1,*d2,*x,*n1,*inv;
+
+ d1=ctx->bn[ctx->tos];
+ d2=ctx->bn[ctx->tos+1];
+ x=ctx->bn[ctx->tos+2];
+ n1=ctx->bn[ctx->tos+3];
+ inv=ctx->bn[ctx->tos+4];
+ ctx->tos+=5;
+
+ d=d1;
+ dd=d2;
+ if (!BN_one(d)) goto err;
+ if (!BN_sub(n1,n,d)) goto err; /* n1=n-1; */
+ k=BN_num_bits(n1);
+
+ /* i=BN_num_bits(n); */
+#ifdef RECP_MUL_MOD
+ nb=BN_reciprocal(inv,n,ctx); /**/
+ if (nb == -1) goto err;
+#endif
+
+ for (i=k-1; i>=0; i--)
+ {
+ if (BN_copy(x,d) == NULL) goto err;
+#ifndef RECP_MUL_MOD
+ if (!BN_mod_mul(dd,d,d,n,ctx)) goto err;
+#else
+ if (!BN_mod_mul_reciprocal(dd,d,d,n,inv,nb,ctx)) goto err;
+#endif
+ if ( BN_is_one(dd) &&
+ !BN_is_one(x) &&
+ (BN_cmp(x,n1) != 0))
+ {
+ ret=1;
+ goto err;
+ }
+ if (BN_is_bit_set(n1,i))
+ {
+#ifndef RECP_MUL_MOD
+ if (!BN_mod_mul(d,dd,a,n,ctx)) goto err;
+#else
+ if (!BN_mod_mul_reciprocal(d,dd,a,n,inv,nb,ctx)) goto err;
+#endif
+ }
+ else
+ {
+ tmp=d;
+ d=dd;
+ dd=tmp;
+ }
+ }
+ if (BN_is_one(d))
+ i=0;
+ else i=1;
+ ret=i;
+err:
+ ctx->tos-=5;
+ return(ret);
+ }
+#endif
diff --git a/src/lib/libssl/src/crypto/bn/bn_prime.h b/src/lib/libssl/src/crypto/bn/bn_prime.h
new file mode 100644
index 0000000000..6fce0210cd
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bn/bn_prime.h
@@ -0,0 +1,325 @@
+/* crypto/bn/bn_prime.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef EIGHT_BIT
+#define NUMPRIMES 2048
+#else
+#define NUMPRIMES 54
+#endif
+static unsigned int primes[NUMPRIMES]=
+ {
+ 2, 3, 5, 7, 11, 13, 17, 19,
+ 23, 29, 31, 37, 41, 43, 47, 53,
+ 59, 61, 67, 71, 73, 79, 83, 89,
+ 97, 101, 103, 107, 109, 113, 127, 131,
+ 137, 139, 149, 151, 157, 163, 167, 173,
+ 179, 181, 191, 193, 197, 199, 211, 223,
+ 227, 229, 233, 239, 241, 251,
+#ifndef EIGHT_BIT
+ 257, 263,
+ 269, 271, 277, 281, 283, 293, 307, 311,
+ 313, 317, 331, 337, 347, 349, 353, 359,
+ 367, 373, 379, 383, 389, 397, 401, 409,
+ 419, 421, 431, 433, 439, 443, 449, 457,
+ 461, 463, 467, 479, 487, 491, 499, 503,
+ 509, 521, 523, 541, 547, 557, 563, 569,
+ 571, 577, 587, 593, 599, 601, 607, 613,
+ 617, 619, 631, 641, 643, 647, 653, 659,
+ 661, 673, 677, 683, 691, 701, 709, 719,
+ 727, 733, 739, 743, 751, 757, 761, 769,
+ 773, 787, 797, 809, 811, 821, 823, 827,
+ 829, 839, 853, 857, 859, 863, 877, 881,
+ 883, 887, 907, 911, 919, 929, 937, 941,
+ 947, 953, 967, 971, 977, 983, 991, 997,
+ 1009,1013,1019,1021,1031,1033,1039,1049,
+ 1051,1061,1063,1069,1087,1091,1093,1097,
+ 1103,1109,1117,1123,1129,1151,1153,1163,
+ 1171,1181,1187,1193,1201,1213,1217,1223,
+ 1229,1231,1237,1249,1259,1277,1279,1283,
+ 1289,1291,1297,1301,1303,1307,1319,1321,
+ 1327,1361,1367,1373,1381,1399,1409,1423,
+ 1427,1429,1433,1439,1447,1451,1453,1459,
+ 1471,1481,1483,1487,1489,1493,1499,1511,
+ 1523,1531,1543,1549,1553,1559,1567,1571,
+ 1579,1583,1597,1601,1607,1609,1613,1619,
+ 1621,1627,1637,1657,1663,1667,1669,1693,
+ 1697,1699,1709,1721,1723,1733,1741,1747,
+ 1753,1759,1777,1783,1787,1789,1801,1811,
+ 1823,1831,1847,1861,1867,1871,1873,1877,
+ 1879,1889,1901,1907,1913,1931,1933,1949,
+ 1951,1973,1979,1987,1993,1997,1999,2003,
+ 2011,2017,2027,2029,2039,2053,2063,2069,
+ 2081,2083,2087,2089,2099,2111,2113,2129,
+ 2131,2137,2141,2143,2153,2161,2179,2203,
+ 2207,2213,2221,2237,2239,2243,2251,2267,
+ 2269,2273,2281,2287,2293,2297,2309,2311,
+ 2333,2339,2341,2347,2351,2357,2371,2377,
+ 2381,2383,2389,2393,2399,2411,2417,2423,
+ 2437,2441,2447,2459,2467,2473,2477,2503,
+ 2521,2531,2539,2543,2549,2551,2557,2579,
+ 2591,2593,2609,2617,2621,2633,2647,2657,
+ 2659,2663,2671,2677,2683,2687,2689,2693,
+ 2699,2707,2711,2713,2719,2729,2731,2741,
+ 2749,2753,2767,2777,2789,2791,2797,2801,
+ 2803,2819,2833,2837,2843,2851,2857,2861,
+ 2879,2887,2897,2903,2909,2917,2927,2939,
+ 2953,2957,2963,2969,2971,2999,3001,3011,
+ 3019,3023,3037,3041,3049,3061,3067,3079,
+ 3083,3089,3109,3119,3121,3137,3163,3167,
+ 3169,3181,3187,3191,3203,3209,3217,3221,
+ 3229,3251,3253,3257,3259,3271,3299,3301,
+ 3307,3313,3319,3323,3329,3331,3343,3347,
+ 3359,3361,3371,3373,3389,3391,3407,3413,
+ 3433,3449,3457,3461,3463,3467,3469,3491,
+ 3499,3511,3517,3527,3529,3533,3539,3541,
+ 3547,3557,3559,3571,3581,3583,3593,3607,
+ 3613,3617,3623,3631,3637,3643,3659,3671,
+ 3673,3677,3691,3697,3701,3709,3719,3727,
+ 3733,3739,3761,3767,3769,3779,3793,3797,
+ 3803,3821,3823,3833,3847,3851,3853,3863,
+ 3877,3881,3889,3907,3911,3917,3919,3923,
+ 3929,3931,3943,3947,3967,3989,4001,4003,
+ 4007,4013,4019,4021,4027,4049,4051,4057,
+ 4073,4079,4091,4093,4099,4111,4127,4129,
+ 4133,4139,4153,4157,4159,4177,4201,4211,
+ 4217,4219,4229,4231,4241,4243,4253,4259,
+ 4261,4271,4273,4283,4289,4297,4327,4337,
+ 4339,4349,4357,4363,4373,4391,4397,4409,
+ 4421,4423,4441,4447,4451,4457,4463,4481,
+ 4483,4493,4507,4513,4517,4519,4523,4547,
+ 4549,4561,4567,4583,4591,4597,4603,4621,
+ 4637,4639,4643,4649,4651,4657,4663,4673,
+ 4679,4691,4703,4721,4723,4729,4733,4751,
+ 4759,4783,4787,4789,4793,4799,4801,4813,
+ 4817,4831,4861,4871,4877,4889,4903,4909,
+ 4919,4931,4933,4937,4943,4951,4957,4967,
+ 4969,4973,4987,4993,4999,5003,5009,5011,
+ 5021,5023,5039,5051,5059,5077,5081,5087,
+ 5099,5101,5107,5113,5119,5147,5153,5167,
+ 5171,5179,5189,5197,5209,5227,5231,5233,
+ 5237,5261,5273,5279,5281,5297,5303,5309,
+ 5323,5333,5347,5351,5381,5387,5393,5399,
+ 5407,5413,5417,5419,5431,5437,5441,5443,
+ 5449,5471,5477,5479,5483,5501,5503,5507,
+ 5519,5521,5527,5531,5557,5563,5569,5573,
+ 5581,5591,5623,5639,5641,5647,5651,5653,
+ 5657,5659,5669,5683,5689,5693,5701,5711,
+ 5717,5737,5741,5743,5749,5779,5783,5791,
+ 5801,5807,5813,5821,5827,5839,5843,5849,
+ 5851,5857,5861,5867,5869,5879,5881,5897,
+ 5903,5923,5927,5939,5953,5981,5987,6007,
+ 6011,6029,6037,6043,6047,6053,6067,6073,
+ 6079,6089,6091,6101,6113,6121,6131,6133,
+ 6143,6151,6163,6173,6197,6199,6203,6211,
+ 6217,6221,6229,6247,6257,6263,6269,6271,
+ 6277,6287,6299,6301,6311,6317,6323,6329,
+ 6337,6343,6353,6359,6361,6367,6373,6379,
+ 6389,6397,6421,6427,6449,6451,6469,6473,
+ 6481,6491,6521,6529,6547,6551,6553,6563,
+ 6569,6571,6577,6581,6599,6607,6619,6637,
+ 6653,6659,6661,6673,6679,6689,6691,6701,
+ 6703,6709,6719,6733,6737,6761,6763,6779,
+ 6781,6791,6793,6803,6823,6827,6829,6833,
+ 6841,6857,6863,6869,6871,6883,6899,6907,
+ 6911,6917,6947,6949,6959,6961,6967,6971,
+ 6977,6983,6991,6997,7001,7013,7019,7027,
+ 7039,7043,7057,7069,7079,7103,7109,7121,
+ 7127,7129,7151,7159,7177,7187,7193,7207,
+ 7211,7213,7219,7229,7237,7243,7247,7253,
+ 7283,7297,7307,7309,7321,7331,7333,7349,
+ 7351,7369,7393,7411,7417,7433,7451,7457,
+ 7459,7477,7481,7487,7489,7499,7507,7517,
+ 7523,7529,7537,7541,7547,7549,7559,7561,
+ 7573,7577,7583,7589,7591,7603,7607,7621,
+ 7639,7643,7649,7669,7673,7681,7687,7691,
+ 7699,7703,7717,7723,7727,7741,7753,7757,
+ 7759,7789,7793,7817,7823,7829,7841,7853,
+ 7867,7873,7877,7879,7883,7901,7907,7919,
+ 7927,7933,7937,7949,7951,7963,7993,8009,
+ 8011,8017,8039,8053,8059,8069,8081,8087,
+ 8089,8093,8101,8111,8117,8123,8147,8161,
+ 8167,8171,8179,8191,8209,8219,8221,8231,
+ 8233,8237,8243,8263,8269,8273,8287,8291,
+ 8293,8297,8311,8317,8329,8353,8363,8369,
+ 8377,8387,8389,8419,8423,8429,8431,8443,
+ 8447,8461,8467,8501,8513,8521,8527,8537,
+ 8539,8543,8563,8573,8581,8597,8599,8609,
+ 8623,8627,8629,8641,8647,8663,8669,8677,
+ 8681,8689,8693,8699,8707,8713,8719,8731,
+ 8737,8741,8747,8753,8761,8779,8783,8803,
+ 8807,8819,8821,8831,8837,8839,8849,8861,
+ 8863,8867,8887,8893,8923,8929,8933,8941,
+ 8951,8963,8969,8971,8999,9001,9007,9011,
+ 9013,9029,9041,9043,9049,9059,9067,9091,
+ 9103,9109,9127,9133,9137,9151,9157,9161,
+ 9173,9181,9187,9199,9203,9209,9221,9227,
+ 9239,9241,9257,9277,9281,9283,9293,9311,
+ 9319,9323,9337,9341,9343,9349,9371,9377,
+ 9391,9397,9403,9413,9419,9421,9431,9433,
+ 9437,9439,9461,9463,9467,9473,9479,9491,
+ 9497,9511,9521,9533,9539,9547,9551,9587,
+ 9601,9613,9619,9623,9629,9631,9643,9649,
+ 9661,9677,9679,9689,9697,9719,9721,9733,
+ 9739,9743,9749,9767,9769,9781,9787,9791,
+ 9803,9811,9817,9829,9833,9839,9851,9857,
+ 9859,9871,9883,9887,9901,9907,9923,9929,
+ 9931,9941,9949,9967,9973,10007,10009,10037,
+ 10039,10061,10067,10069,10079,10091,10093,10099,
+ 10103,10111,10133,10139,10141,10151,10159,10163,
+ 10169,10177,10181,10193,10211,10223,10243,10247,
+ 10253,10259,10267,10271,10273,10289,10301,10303,
+ 10313,10321,10331,10333,10337,10343,10357,10369,
+ 10391,10399,10427,10429,10433,10453,10457,10459,
+ 10463,10477,10487,10499,10501,10513,10529,10531,
+ 10559,10567,10589,10597,10601,10607,10613,10627,
+ 10631,10639,10651,10657,10663,10667,10687,10691,
+ 10709,10711,10723,10729,10733,10739,10753,10771,
+ 10781,10789,10799,10831,10837,10847,10853,10859,
+ 10861,10867,10883,10889,10891,10903,10909,10937,
+ 10939,10949,10957,10973,10979,10987,10993,11003,
+ 11027,11047,11057,11059,11069,11071,11083,11087,
+ 11093,11113,11117,11119,11131,11149,11159,11161,
+ 11171,11173,11177,11197,11213,11239,11243,11251,
+ 11257,11261,11273,11279,11287,11299,11311,11317,
+ 11321,11329,11351,11353,11369,11383,11393,11399,
+ 11411,11423,11437,11443,11447,11467,11471,11483,
+ 11489,11491,11497,11503,11519,11527,11549,11551,
+ 11579,11587,11593,11597,11617,11621,11633,11657,
+ 11677,11681,11689,11699,11701,11717,11719,11731,
+ 11743,11777,11779,11783,11789,11801,11807,11813,
+ 11821,11827,11831,11833,11839,11863,11867,11887,
+ 11897,11903,11909,11923,11927,11933,11939,11941,
+ 11953,11959,11969,11971,11981,11987,12007,12011,
+ 12037,12041,12043,12049,12071,12073,12097,12101,
+ 12107,12109,12113,12119,12143,12149,12157,12161,
+ 12163,12197,12203,12211,12227,12239,12241,12251,
+ 12253,12263,12269,12277,12281,12289,12301,12323,
+ 12329,12343,12347,12373,12377,12379,12391,12401,
+ 12409,12413,12421,12433,12437,12451,12457,12473,
+ 12479,12487,12491,12497,12503,12511,12517,12527,
+ 12539,12541,12547,12553,12569,12577,12583,12589,
+ 12601,12611,12613,12619,12637,12641,12647,12653,
+ 12659,12671,12689,12697,12703,12713,12721,12739,
+ 12743,12757,12763,12781,12791,12799,12809,12821,
+ 12823,12829,12841,12853,12889,12893,12899,12907,
+ 12911,12917,12919,12923,12941,12953,12959,12967,
+ 12973,12979,12983,13001,13003,13007,13009,13033,
+ 13037,13043,13049,13063,13093,13099,13103,13109,
+ 13121,13127,13147,13151,13159,13163,13171,13177,
+ 13183,13187,13217,13219,13229,13241,13249,13259,
+ 13267,13291,13297,13309,13313,13327,13331,13337,
+ 13339,13367,13381,13397,13399,13411,13417,13421,
+ 13441,13451,13457,13463,13469,13477,13487,13499,
+ 13513,13523,13537,13553,13567,13577,13591,13597,
+ 13613,13619,13627,13633,13649,13669,13679,13681,
+ 13687,13691,13693,13697,13709,13711,13721,13723,
+ 13729,13751,13757,13759,13763,13781,13789,13799,
+ 13807,13829,13831,13841,13859,13873,13877,13879,
+ 13883,13901,13903,13907,13913,13921,13931,13933,
+ 13963,13967,13997,13999,14009,14011,14029,14033,
+ 14051,14057,14071,14081,14083,14087,14107,14143,
+ 14149,14153,14159,14173,14177,14197,14207,14221,
+ 14243,14249,14251,14281,14293,14303,14321,14323,
+ 14327,14341,14347,14369,14387,14389,14401,14407,
+ 14411,14419,14423,14431,14437,14447,14449,14461,
+ 14479,14489,14503,14519,14533,14537,14543,14549,
+ 14551,14557,14561,14563,14591,14593,14621,14627,
+ 14629,14633,14639,14653,14657,14669,14683,14699,
+ 14713,14717,14723,14731,14737,14741,14747,14753,
+ 14759,14767,14771,14779,14783,14797,14813,14821,
+ 14827,14831,14843,14851,14867,14869,14879,14887,
+ 14891,14897,14923,14929,14939,14947,14951,14957,
+ 14969,14983,15013,15017,15031,15053,15061,15073,
+ 15077,15083,15091,15101,15107,15121,15131,15137,
+ 15139,15149,15161,15173,15187,15193,15199,15217,
+ 15227,15233,15241,15259,15263,15269,15271,15277,
+ 15287,15289,15299,15307,15313,15319,15329,15331,
+ 15349,15359,15361,15373,15377,15383,15391,15401,
+ 15413,15427,15439,15443,15451,15461,15467,15473,
+ 15493,15497,15511,15527,15541,15551,15559,15569,
+ 15581,15583,15601,15607,15619,15629,15641,15643,
+ 15647,15649,15661,15667,15671,15679,15683,15727,
+ 15731,15733,15737,15739,15749,15761,15767,15773,
+ 15787,15791,15797,15803,15809,15817,15823,15859,
+ 15877,15881,15887,15889,15901,15907,15913,15919,
+ 15923,15937,15959,15971,15973,15991,16001,16007,
+ 16033,16057,16061,16063,16067,16069,16073,16087,
+ 16091,16097,16103,16111,16127,16139,16141,16183,
+ 16187,16189,16193,16217,16223,16229,16231,16249,
+ 16253,16267,16273,16301,16319,16333,16339,16349,
+ 16361,16363,16369,16381,16411,16417,16421,16427,
+ 16433,16447,16451,16453,16477,16481,16487,16493,
+ 16519,16529,16547,16553,16561,16567,16573,16603,
+ 16607,16619,16631,16633,16649,16651,16657,16661,
+ 16673,16691,16693,16699,16703,16729,16741,16747,
+ 16759,16763,16787,16811,16823,16829,16831,16843,
+ 16871,16879,16883,16889,16901,16903,16921,16927,
+ 16931,16937,16943,16963,16979,16981,16987,16993,
+ 17011,17021,17027,17029,17033,17041,17047,17053,
+ 17077,17093,17099,17107,17117,17123,17137,17159,
+ 17167,17183,17189,17191,17203,17207,17209,17231,
+ 17239,17257,17291,17293,17299,17317,17321,17327,
+ 17333,17341,17351,17359,17377,17383,17387,17389,
+ 17393,17401,17417,17419,17431,17443,17449,17467,
+ 17471,17477,17483,17489,17491,17497,17509,17519,
+ 17539,17551,17569,17573,17579,17581,17597,17599,
+ 17609,17623,17627,17657,17659,17669,17681,17683,
+ 17707,17713,17729,17737,17747,17749,17761,17783,
+ 17789,17791,17807,17827,17837,17839,17851,17863,
+#endif
+ };
diff --git a/src/lib/libssl/src/crypto/bn/bn_prime.pl b/src/lib/libssl/src/crypto/bn/bn_prime.pl
new file mode 100644
index 0000000000..1b00c21a77
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bn/bn_prime.pl
@@ -0,0 +1,56 @@
+#!/usr/bin/perl
+# bn_prime.pl
+
+$num=2048;
+$num=$ARGV[0] if ($#ARGV >= 0);
+
+push(@primes,2);
+$p=1;
+loop: while ($#primes < $num-1)
+ {
+ $p+=2;
+ $s=int(sqrt($p));
+
+ for ($i=0; $primes[$i]<=$s; $i++)
+ {
+ next loop if (($p%$primes[$i]) == 0);
+ }
+ push(@primes,$p);
+ }
+
+print <<"EOF";
+/* Auto generated by bn_prime.pl */
+/* Copyright (C) 1995-1997 Eric Young (eay\@mincom.oz.au).
+ * All rights reserved.
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * See the COPYRIGHT file in the SSLeay distribution for more details.
+ */
+
+EOF
+
+for ($i=0; $i <= $#primes; $i++)
+ {
+ if ($primes[$i] > 256)
+ {
+ $eight=$i;
+ last;
+ }
+ }
+
+printf "#ifndef EIGHT_BIT\n";
+printf "#define NUMPRIMES %d\n",$num;
+printf "#else\n";
+printf "#define NUMPRIMES %d\n",$eight;
+printf "#endif\n";
+print "static unsigned int primes[NUMPRIMES]=\n\t{\n\t";
+$init=0;
+for ($i=0; $i <= $#primes; $i++)
+ {
+ printf "\n#ifndef EIGHT_BIT\n\t" if ($primes[$i] > 256) && !($init++);
+ printf("\n\t") if (($i%8) == 0) && ($i != 0);
+ printf("%4d,",$primes[$i]);
+ }
+print "\n#endif\n\t};\n";
+
+
diff --git a/src/lib/libssl/src/crypto/bn/bn_print.c b/src/lib/libssl/src/crypto/bn/bn_print.c
new file mode 100644
index 0000000000..2bcc11c852
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bn/bn_print.c
@@ -0,0 +1,333 @@
+/* crypto/bn/bn_print.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <ctype.h>
+#include "cryptlib.h"
+#include "buffer.h"
+#include "bn_lcl.h"
+
+static char *Hex="0123456789ABCDEF";
+
+/* Must 'Free' the returned data */
+char *BN_bn2hex(a)
+BIGNUM *a;
+ {
+ int i,j,v,z=0;
+ char *buf;
+ char *p;
+
+ buf=(char *)Malloc(a->top*BN_BYTES*2+2);
+ if (buf == NULL)
+ {
+ BNerr(BN_F_BN_BN2HEX,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ p=buf;
+ if (a->neg) *(p++)='-';
+ if (a->top == 0) *(p++)='0';
+ for (i=a->top-1; i >=0; i--)
+ {
+ for (j=BN_BITS2-8; j >= 0; j-=8)
+ {
+ /* strip leading zeros */
+ v=((int)(a->d[i]>>(long)j))&0xff;
+ if (z || (v != 0))
+ {
+ *(p++)=Hex[v>>4];
+ *(p++)=Hex[v&0x0f];
+ z=1;
+ }
+ }
+ }
+ *p='\0';
+err:
+ return(buf);
+ }
+
+/* Must 'Free' the returned data */
+char *BN_bn2dec(a)
+BIGNUM *a;
+ {
+ int i=0,num;
+ char *buf=NULL;
+ char *p;
+ BIGNUM *t=NULL;
+ BN_ULONG *bn_data=NULL,*lp;
+
+ i=BN_num_bits(a)*3;
+ num=(i/10+i/1000+3)+1;
+ bn_data=(BN_ULONG *)Malloc((num/BN_DEC_NUM+1)*sizeof(BN_ULONG));
+ buf=(char *)Malloc(num+3);
+ if ((buf == NULL) || (bn_data == NULL))
+ {
+ BNerr(BN_F_BN_BN2DEC,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ if ((t=BN_dup(a)) == NULL) goto err;
+
+ p=buf;
+ lp=bn_data;
+ if (t->neg) *(p++)='-';
+ if (t->top == 0)
+ {
+ *(p++)='0';
+ *(p++)='\0';
+ }
+ else
+ {
+ i=0;
+ while (!BN_is_zero(t))
+ {
+ *lp=BN_div_word(t,BN_DEC_CONV);
+ lp++;
+ }
+ lp--;
+ /* We now have a series of blocks, BN_DEC_NUM chars
+ * in length, where the last one needs trucation.
+ * The blocks need to be reversed in order. */
+ sprintf(p,BN_DEC_FMT1,*lp);
+ while (*p) p++;
+ while (lp != bn_data)
+ {
+ lp--;
+ sprintf(p,BN_DEC_FMT2,*lp);
+ while (*p) p++;
+ }
+ }
+err:
+ if (bn_data != NULL) Free(bn_data);
+ if (t != NULL) BN_free(t);
+ return(buf);
+ }
+
+int BN_hex2bn(bn,a)
+BIGNUM **bn;
+char *a;
+ {
+ BIGNUM *ret=NULL;
+ BN_ULONG l=0;
+ int neg=0,h,m,i,j,k,c;
+ int num;
+
+ if ((a == NULL) || (*a == '\0')) return(0);
+
+ if (*a == '-') { neg=1; a++; }
+
+ for (i=0; isxdigit(a[i]); i++)
+ ;
+
+ num=i+neg;
+ if (bn == NULL) return(num);
+
+ /* a is the start of the hex digets, and it is 'i' long */
+ if (*bn == NULL)
+ {
+ if ((ret=BN_new()) == NULL) return(0);
+ }
+ else
+ {
+ ret= *bn;
+ BN_zero(ret);
+ }
+
+ /* i is the number of hex digests; */
+ if (bn_expand(ret,i*4) == NULL) goto err;
+
+ j=i; /* least significate 'hex' */
+ m=0;
+ h=0;
+ while (j > 0)
+ {
+ m=((BN_BYTES*2) <= j)?(BN_BYTES*2):j;
+ l=0;
+ for (;;)
+ {
+ c=a[j-m];
+ if ((c >= '0') && (c <= '9')) k=c-'0';
+ else if ((c >= 'a') && (c <= 'f')) k=c-'a'+10;
+ else if ((c >= 'A') && (c <= 'F')) k=c-'A'+10;
+ else k=0; /* paranoia */
+ l=(l<<4)|k;
+
+ if (--m <= 0)
+ {
+ ret->d[h++]=l;
+ break;
+ }
+ }
+ j-=(BN_BYTES*2);
+ }
+ ret->top=h;
+ bn_fix_top(ret);
+ ret->neg=neg;
+
+ *bn=ret;
+ return(num);
+err:
+ if (*bn == NULL) BN_free(ret);
+ return(0);
+ }
+
+int BN_dec2bn(bn,a)
+BIGNUM **bn;
+char *a;
+ {
+ BIGNUM *ret=NULL;
+ BN_ULONG l=0;
+ int neg=0,i,j;
+ int num;
+
+ if ((a == NULL) || (*a == '\0')) return(0);
+ if (*a == '-') { neg=1; a++; }
+
+ for (i=0; isdigit(a[i]); i++)
+ ;
+
+ num=i+neg;
+ if (bn == NULL) return(num);
+
+ /* a is the start of the digets, and it is 'i' long.
+ * We chop it into BN_DEC_NUM digets at a time */
+ if (*bn == NULL)
+ {
+ if ((ret=BN_new()) == NULL) return(0);
+ }
+ else
+ {
+ ret= *bn;
+ BN_zero(ret);
+ }
+
+ /* i is the number of digests, a bit of an over expand; */
+ if (bn_expand(ret,i*4) == NULL) goto err;
+
+ j=BN_DEC_NUM-(i%BN_DEC_NUM);
+ if (j == BN_DEC_NUM) j=0;
+ l=0;
+ while (*a)
+ {
+ l*=10;
+ l+= *a-'0';
+ a++;
+ if (++j == BN_DEC_NUM)
+ {
+ BN_mul_word(ret,BN_DEC_CONV);
+ BN_add_word(ret,l);
+ l=0;
+ j=0;
+ }
+ }
+ ret->neg=neg;
+
+ bn_fix_top(ret);
+ *bn=ret;
+ return(num);
+err:
+ if (*bn == NULL) BN_free(ret);
+ return(0);
+ }
+
+#ifndef NO_BIO
+
+#ifndef NO_FP_API
+int BN_print_fp(fp, a)
+FILE *fp;
+BIGNUM *a;
+ {
+ BIO *b;
+ int ret;
+
+ if ((b=BIO_new(BIO_s_file())) == NULL)
+ return(0);
+ BIO_set_fp(b,fp,BIO_NOCLOSE);
+ ret=BN_print(b,a);
+ BIO_free(b);
+ return(ret);
+ }
+#endif
+
+int BN_print(bp, a)
+BIO *bp;
+BIGNUM *a;
+ {
+ int i,j,v,z=0;
+ int ret=0;
+
+ if ((a->neg) && (BIO_write(bp,"-",1) != 1)) goto end;
+ if ((a->top == 0) && (BIO_write(bp,"0",1) != 1)) goto end;
+ for (i=a->top-1; i >=0; i--)
+ {
+ for (j=BN_BITS2-4; j >= 0; j-=4)
+ {
+ /* strip leading zeros */
+ v=((int)(a->d[i]>>(long)j))&0x0f;
+ if (z || (v != 0))
+ {
+ if (BIO_write(bp,&(Hex[v]),1) != 1)
+ goto end;
+ z=1;
+ }
+ }
+ }
+ ret=1;
+end:
+ return(ret);
+ }
+
+#endif
diff --git a/src/lib/libssl/src/crypto/bn/bn_rand.c b/src/lib/libssl/src/crypto/bn/bn_rand.c
new file mode 100644
index 0000000000..75b6b0493b
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bn/bn_rand.c
@@ -0,0 +1,121 @@
+/* crypto/bn/bn_rand.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+#include "rand.h"
+
+int BN_rand(rnd, bits, top, bottom)
+BIGNUM *rnd;
+int bits;
+int top;
+int bottom;
+ {
+ unsigned char *buf=NULL;
+ int ret=0,bit,bytes,mask;
+ time_t tim;
+
+ bytes=(bits+7)/8;
+ bit=(bits-1)%8;
+ mask=0xff<<bit;
+
+ buf=(unsigned char *)Malloc(bytes);
+ if (buf == NULL)
+ {
+ BNerr(BN_F_BN_RAND,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ /* make a random number and set the top and bottom bits */
+ time(&tim);
+ RAND_seed((unsigned char *)&tim,sizeof(tim));
+
+ RAND_bytes(buf,(int)bytes);
+ if (top)
+ {
+ if (bit == 0)
+ {
+ buf[0]=1;
+ buf[1]|=0x80;
+ }
+ else
+ {
+ buf[0]|=(3<<(bit-1));
+ buf[0]&= ~(mask<<1);
+ }
+ }
+ else
+ {
+ buf[0]|=(1<<bit);
+ buf[0]&= ~(mask<<1);
+ }
+ if (bottom) /* set bottom bits to whatever odd is */
+ buf[bytes-1]|=1;
+ if (!BN_bin2bn(buf,bytes,rnd)) goto err;
+ ret=1;
+err:
+ if (buf != NULL)
+ {
+ memset(buf,0,bytes);
+ Free(buf);
+ }
+ return(ret);
+ }
+
diff --git a/src/lib/libssl/src/crypto/bn/bn_recp.c b/src/lib/libssl/src/crypto/bn/bn_recp.c
new file mode 100644
index 0000000000..72cd69d3fc
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bn/bn_recp.c
@@ -0,0 +1,125 @@
+/* crypto/bn/bn_recp.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+int BN_mod_mul_reciprocal(r, x, y, m, i, nb, ctx)
+BIGNUM *r;
+BIGNUM *x;
+BIGNUM *y;
+BIGNUM *m;
+BIGNUM *i;
+int nb;
+BN_CTX *ctx;
+ {
+ int ret=0,j;
+ BIGNUM *a,*b,*c,*d;
+
+ a=ctx->bn[ctx->tos++];
+ b=ctx->bn[ctx->tos++];
+ c=ctx->bn[ctx->tos++];
+ d=ctx->bn[ctx->tos++];
+
+ if (x == y)
+ { if (!BN_sqr(a,x,ctx)) goto err; }
+ else
+ { if (!BN_mul(a,x,y)) goto err; }
+ if (!BN_rshift(d,a,nb)) goto err;
+ if (!BN_mul(b,d,i)) goto err;
+ if (!BN_rshift(c,b,nb)) goto err;
+ if (!BN_mul(b,m,c)) goto err;
+ if (!BN_sub(r,a,b)) goto err;
+ j=0;
+ while (BN_cmp(r,m) >= 0)
+ {
+ if (j++ > 2)
+ {
+ BNerr(BN_F_BN_MOD_MUL_RECIPROCAL,BN_R_BAD_RECIPROCAL);
+ goto err;
+ }
+ if (!BN_sub(r,r,m)) goto err;
+ }
+
+ ret=1;
+err:
+ ctx->tos-=4;
+ return(ret);
+ }
+
+int BN_reciprocal(r, m,ctx)
+BIGNUM *r;
+BIGNUM *m;
+BN_CTX *ctx;
+ {
+ int nm,ret= -1;
+ BIGNUM *t;
+
+ t=ctx->bn[ctx->tos++];
+
+ nm=BN_num_bits(m);
+ if (!BN_lshift(t,BN_value_one(),nm*2)) goto err;
+
+ if (!BN_div(r,NULL,t,m,ctx)) goto err;
+ ret=nm;
+err:
+ ctx->tos--;
+ return(ret);
+ }
+
diff --git a/src/lib/libssl/src/crypto/bn/bn_shift.c b/src/lib/libssl/src/crypto/bn/bn_shift.c
new file mode 100644
index 0000000000..944bf1794b
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bn/bn_shift.c
@@ -0,0 +1,210 @@
+/* crypto/bn/bn_shift.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+int BN_lshift1(r, a)
+BIGNUM *r;
+BIGNUM *a;
+ {
+ register BN_ULONG *ap,*rp,t,c;
+ int i;
+
+ if (r != a)
+ {
+ r->neg=a->neg;
+ if (bn_wexpand(r,a->top+1) == NULL) return(0);
+ r->top=a->top;
+ }
+ else
+ {
+ if (bn_wexpand(r,a->top+1) == NULL) return(0);
+ }
+ ap=a->d;
+ rp=r->d;
+ c=0;
+ for (i=0; i<a->top; i++)
+ {
+ t= *(ap++);
+ *(rp++)=((t<<1)|c)&BN_MASK2;
+ c=(t & BN_TBIT)?1:0;
+ }
+ if (c)
+ {
+ *rp=1;
+ r->top++;
+ }
+ return(1);
+ }
+
+int BN_rshift1(r, a)
+BIGNUM *r;
+BIGNUM *a;
+ {
+ BN_ULONG *ap,*rp,t,c;
+ int i;
+
+ if (BN_is_zero(a))
+ {
+ BN_zero(r);
+ return(1);
+ }
+ if (a != r)
+ {
+ if (bn_wexpand(r,a->top) == NULL) return(0);
+ r->top=a->top;
+ r->neg=a->neg;
+ }
+ ap=a->d;
+ rp=r->d;
+ c=0;
+ for (i=a->top-1; i>=0; i--)
+ {
+ t=ap[i];
+ rp[i]=((t>>1)&BN_MASK2)|c;
+ c=(t&1)?BN_TBIT:0;
+ }
+ bn_fix_top(r);
+ return(1);
+ }
+
+int BN_lshift(r, a, n)
+BIGNUM *r;
+BIGNUM *a;
+int n;
+ {
+ int i,nw,lb,rb;
+ BN_ULONG *t,*f;
+ BN_ULONG l;
+
+ r->neg=a->neg;
+ if (bn_wexpand(r,a->top+(n/BN_BITS2)+1) == NULL) return(0);
+ nw=n/BN_BITS2;
+ lb=n%BN_BITS2;
+ rb=BN_BITS2-lb;
+ f=a->d;
+ t=r->d;
+ t[a->top+nw]=0;
+ if (lb == 0)
+ for (i=a->top-1; i>=0; i--)
+ t[nw+i]=f[i];
+ else
+ for (i=a->top-1; i>=0; i--)
+ {
+ l=f[i];
+ t[nw+i+1]|=(l>>rb)&BN_MASK2;
+ t[nw+i]=(l<<lb)&BN_MASK2;
+ }
+ memset(t,0,nw*sizeof(t[0]));
+/* for (i=0; i<nw; i++)
+ t[i]=0;*/
+ r->top=a->top+nw+1;
+ bn_fix_top(r);
+ return(1);
+ }
+
+int BN_rshift(r, a, n)
+BIGNUM *r;
+BIGNUM *a;
+int n;
+ {
+ int i,j,nw,lb,rb;
+ BN_ULONG *t,*f;
+ BN_ULONG l,tmp;
+
+ nw=n/BN_BITS2;
+ rb=n%BN_BITS2;
+ lb=BN_BITS2-rb;
+ if (nw > a->top)
+ {
+ BN_zero(r);
+ return(1);
+ }
+ if (r != a)
+ {
+ r->neg=a->neg;
+ if (bn_wexpand(r,a->top-nw+1) == NULL) return(0);
+ }
+
+ f= &(a->d[nw]);
+ t=r->d;
+ j=a->top-nw;
+ r->top=j;
+
+ if (rb == 0)
+ {
+ for (i=j+1; i > 0; i--)
+ *(t++)= *(f++);
+ }
+ else
+ {
+ l= *(f++);
+ for (i=1; i<j; i++)
+ {
+ tmp =(l>>rb)&BN_MASK2;
+ l= *(f++);
+ *(t++) =(tmp|(l<<lb))&BN_MASK2;
+ }
+ *(t++) =(l>>rb)&BN_MASK2;
+ }
+ *t=0;
+ bn_fix_top(r);
+ return(1);
+ }
diff --git a/src/lib/libssl/src/crypto/bn/bn_sqr.c b/src/lib/libssl/src/crypto/bn/bn_sqr.c
new file mode 100644
index 0000000000..a8464610e5
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bn/bn_sqr.c
@@ -0,0 +1,122 @@
+/* crypto/bn/bn_sqr.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+/* r must not be a */
+/* I've just gone over this and it is now %20 faster on x86 - eay - 27 Jun 96 */
+int BN_sqr(r, a, ctx)
+BIGNUM *r;
+BIGNUM *a;
+BN_CTX *ctx;
+ {
+ int i,j,max,al;
+ BIGNUM *tmp;
+ BN_ULONG *ap,*rp;
+
+ tmp=ctx->bn[ctx->tos];
+
+ al=a->top;
+ if (al == 0)
+ {
+ r->top=0;
+ return(1);
+ }
+
+ max=(al*2);
+ if (bn_wexpand(r,1+max) == NULL) return(0);
+ if (bn_wexpand(tmp,1+max) == NULL) return(0);
+
+ r->neg=0;
+
+ ap=a->d;
+ rp=r->d;
+ rp[0]=rp[max-1]=0;
+ rp++;
+ j=al;
+
+ if (--j > 0)
+ {
+ ap++;
+ rp[j]=bn_mul_words(rp,ap,j,ap[-1]);
+ rp+=2;
+ }
+
+ for (i=2; i<al; i++)
+ {
+ j--;
+ ap++;
+ rp[j]=bn_mul_add_words(rp,ap,j,ap[-1]);
+ rp+=2;
+ }
+
+ bn_add_words(r->d,r->d,r->d,max);
+
+ /* There will not be a carry */
+
+ bn_sqr_words(tmp->d,a->d,al);
+
+ bn_add_words(r->d,r->d,tmp->d,max);
+
+ r->top=max;
+ if (r->d[max-1] == 0) r->top--;
+ return(1);
+ }
+
diff --git a/src/lib/libssl/src/crypto/bn/bn_word.c b/src/lib/libssl/src/crypto/bn/bn_word.c
new file mode 100644
index 0000000000..4b3d0f011d
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bn/bn_word.c
@@ -0,0 +1,204 @@
+/* crypto/bn/bn_word.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+BN_ULONG BN_mod_word(a, w)
+BIGNUM *a;
+unsigned long w;
+ {
+#ifndef BN_LLONG
+ BN_ULONG ret=0;
+#else
+ BN_ULLONG ret=0;
+#endif
+ int i;
+
+ w&=BN_MASK2;
+ for (i=a->top-1; i>=0; i--)
+ {
+#ifndef BN_LLONG
+ ret=((ret<<BN_BITS4)|((a->d[i]>>BN_BITS4)&BN_MASK2l))%(unsigned long)w;
+ ret=((ret<<BN_BITS4)|(a->d[i]&BN_MASK2l))%(unsigned long)w;
+#else
+ ret=(BN_ULLONG)(((ret<<(BN_ULLONG)BN_BITS2)|a->d[i])%
+ (BN_ULLONG)w);
+#endif
+ }
+ return((BN_ULONG)ret);
+ }
+
+BN_ULONG BN_div_word(a, w)
+BIGNUM *a;
+unsigned long w;
+ {
+ BN_ULONG ret;
+ int i;
+
+ if (a->top == 0) return(0);
+ ret=0;
+ w&=BN_MASK2;
+ for (i=a->top-1; i>=0; i--)
+ {
+ BN_ULONG l,d;
+
+ l=a->d[i];
+ d=bn_div64(ret,l,w);
+ ret=(l-((d*w)&BN_MASK2))&BN_MASK2;
+ a->d[i]=d;
+ }
+ if (a->d[a->top-1] == 0)
+ a->top--;
+ return(ret);
+ }
+
+int BN_add_word(a, w)
+BIGNUM *a;
+unsigned long w;
+ {
+ BN_ULONG l;
+ int i;
+
+ if (a->neg)
+ {
+ a->neg=0;
+ i=BN_sub_word(a,w);
+ if (!BN_is_zero(a))
+ a->neg=1;
+ return(i);
+ }
+ w&=BN_MASK2;
+ if (bn_wexpand(a,a->top+1) == NULL) return(0);
+ i=0;
+ for (;;)
+ {
+ l=(a->d[i]+(BN_ULONG)w)&BN_MASK2;
+ a->d[i]=l;
+ if (w > l)
+ w=1;
+ else
+ break;
+ i++;
+ }
+ if (i >= a->top)
+ a->top++;
+ return(1);
+ }
+
+int BN_sub_word(a, w)
+BIGNUM *a;
+unsigned long w;
+ {
+ int i;
+
+ if (a->neg)
+ {
+ a->neg=0;
+ i=BN_add_word(a,w);
+ a->neg=1;
+ return(i);
+ }
+
+ w&=BN_MASK2;
+ if ((a->top == 1) && (a->d[0] < w))
+ {
+ a->d[0]=w-a->d[0];
+ a->neg=1;
+ return(1);
+ }
+ i=0;
+ for (;;)
+ {
+ if (a->d[i] >= w)
+ {
+ a->d[i]-=w;
+ break;
+ }
+ else
+ {
+ a->d[i]=(a->d[i]-w)&BN_MASK2;
+ i++;
+ w=1;
+ }
+ }
+ if ((a->d[i] == 0) && (i == (a->top-1)))
+ a->top--;
+ return(1);
+ }
+
+int BN_mul_word(a,w)
+BIGNUM *a;
+unsigned long w;
+ {
+ BN_ULONG ll;
+
+ w&=BN_MASK2;
+ if (a->top)
+ {
+ ll=bn_mul_words(a->d,a->d,a->top,w);
+ if (ll)
+ {
+ if (bn_wexpand(a,a->top+1) == NULL) return(0);
+ a->d[a->top++]=ll;
+ }
+ }
+ return(0);
+ }
+
diff --git a/src/lib/libssl/src/crypto/bn/bnspeed.c b/src/lib/libssl/src/crypto/bn/bnspeed.c
new file mode 100644
index 0000000000..f7c2790fff
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bn/bnspeed.c
@@ -0,0 +1,248 @@
+/* crypto/bn/bnspeed.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* most of this code has been pilfered from my libdes speed.c program */
+
+#define BASENUM 1000000
+#undef PROG
+#define PROG bnspeed_main
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <signal.h>
+#include <string.h>
+#include "crypto.h"
+#include "err.h"
+
+#ifndef MSDOS
+#define TIMES
+#endif
+
+#ifndef VMS
+#ifndef _IRIX
+#include <time.h>
+#endif
+#ifdef TIMES
+#include <sys/types.h>
+#include <sys/times.h>
+#endif
+#else /* VMS */
+#include <types.h>
+struct tms {
+ time_t tms_utime;
+ time_t tms_stime;
+ time_t tms_uchild; /* I dunno... */
+ time_t tms_uchildsys; /* so these names are a guess :-) */
+ }
+#endif
+#ifndef TIMES
+#include <sys/timeb.h>
+#endif
+
+#ifdef sun
+#include <limits.h>
+#include <sys/param.h>
+#endif
+
+#include "bn.h"
+#include "x509.h"
+
+/* The following if from times(3) man page. It may need to be changed */
+#ifndef HZ
+# ifndef CLK_TCK
+# ifndef _BSD_CLK_TCK_ /* FreeBSD hack */
+# ifndef VMS
+# define HZ 100.0
+# else /* VMS */
+# define HZ 100.0
+# endif
+# else /* _BSD_CLK_TCK_ */
+# define HZ ((double)_BSD_CLK_TCK_)
+# endif
+# else /* CLK_TCK */
+# define HZ ((double)CLK_TCK)
+# endif
+#endif
+
+#undef BUFSIZE
+#define BUFSIZE ((long)1024*8)
+int run=0;
+
+#ifndef NOPROTO
+static double Time_F(int s);
+#else
+static double Time_F();
+#endif
+
+#define START 0
+#define STOP 1
+
+static double Time_F(s)
+int s;
+ {
+ double ret;
+#ifdef TIMES
+ static struct tms tstart,tend;
+
+ if (s == START)
+ {
+ times(&tstart);
+ return(0);
+ }
+ else
+ {
+ times(&tend);
+ ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
+ return((ret < 1e-3)?1e-3:ret);
+ }
+#else /* !times() */
+ static struct timeb tstart,tend;
+ long i;
+
+ if (s == START)
+ {
+ ftime(&tstart);
+ return(0);
+ }
+ else
+ {
+ ftime(&tend);
+ i=(long)tend.millitm-(long)tstart.millitm;
+ ret=((double)(tend.time-tstart.time))+((double)i)/1000.0;
+ return((ret < 0.001)?0.001:ret);
+ }
+#endif
+ }
+
+#define NUM_SIZES 5
+static int sizes[NUM_SIZES]={128,256,512,1024,2048};
+/*static int sizes[NUM_SIZES]={59,179,299,419,539}; */
+
+void do_mul(BIGNUM *r,BIGNUM *a,BIGNUM *b,BN_CTX *ctx);
+
+int main(argc,argv)
+int argc;
+char **argv;
+ {
+ BN_CTX *ctx;
+ BIGNUM *a,*b,*c,*r;
+
+ ctx=BN_CTX_new();
+ a=BN_new();
+ b=BN_new();
+ c=BN_new();
+ r=BN_new();
+
+ do_mul(a,b,c,ctx);
+ }
+
+void do_mul(r,a,b,ctx)
+BIGNUM *r;
+BIGNUM *a;
+BIGNUM *b;
+BN_CTX *ctx;
+ {
+ int i,j,k;
+ double tm;
+ long num;
+
+ for (i=0; i<NUM_SIZES; i++)
+ {
+ num=BASENUM;
+ if (i) num/=(i*3);
+ BN_rand(a,sizes[i],1,0);
+ for (j=i; j<NUM_SIZES; j++)
+ {
+ BN_rand(b,sizes[j],1,0);
+ Time_F(START);
+ for (k=0; k<num; k++)
+ BN_mul(r,b,a);
+ tm=Time_F(STOP);
+ printf("mul %4d x %4d -> %8.3fms\n",sizes[i],sizes[j],tm*1000.0/num);
+ }
+ }
+
+ for (i=0; i<NUM_SIZES; i++)
+ {
+ num=BASENUM;
+ if (i) num/=(i*3);
+ BN_rand(a,sizes[i],1,0);
+ Time_F(START);
+ for (k=0; k<num; k++)
+ BN_sqr(r,a,ctx);
+ tm=Time_F(STOP);
+ printf("sqr %4d x %4d -> %8.3fms\n",sizes[i],sizes[i],tm*1000.0/num);
+ }
+
+ for (i=0; i<NUM_SIZES; i++)
+ {
+ num=BASENUM/10;
+ if (i) num/=(i*3);
+ BN_rand(a,sizes[i]-1,1,0);
+ for (j=i; j<NUM_SIZES; j++)
+ {
+ BN_rand(b,sizes[j],1,0);
+ Time_F(START);
+ for (k=0; k<100000; k++)
+ BN_div(r, NULL, b, a,ctx);
+ tm=Time_F(STOP);
+ printf("div %4d / %4d -> %8.3fms\n",sizes[j],sizes[i]-1,tm*1000.0/num);
+ }
+ }
+ }
+
diff --git a/src/lib/libssl/src/crypto/bn/bntest.c b/src/lib/libssl/src/crypto/bn/bntest.c
new file mode 100644
index 0000000000..9ebd68b429
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bn/bntest.c
@@ -0,0 +1,777 @@
+/* crypto/bn/bntest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "e_os.h"
+#include "bio.h"
+#include "bn.h"
+#include "rand.h"
+#include "x509.h"
+#include "err.h"
+
+#ifdef WINDOWS
+#include "../bio/bss_file.c"
+#endif
+
+#ifndef NOPROTO
+int test_add (BIO *bp);
+int test_sub (BIO *bp);
+int test_lshift1 (BIO *bp);
+int test_lshift (BIO *bp);
+int test_rshift1 (BIO *bp);
+int test_rshift (BIO *bp);
+int test_div (BIO *bp,BN_CTX *ctx);
+int test_mul (BIO *bp);
+int test_sqr (BIO *bp,BN_CTX *ctx);
+int test_mont (BIO *bp,BN_CTX *ctx);
+int test_mod (BIO *bp,BN_CTX *ctx);
+int test_mod_mul (BIO *bp,BN_CTX *ctx);
+int test_mod_exp (BIO *bp,BN_CTX *ctx);
+int rand_neg(void);
+#else
+int test_add ();
+int test_sub ();
+int test_lshift1 ();
+int test_lshift ();
+int test_rshift1 ();
+int test_rshift ();
+int test_div ();
+int test_mul ();
+int test_sqr ();
+int test_mont ();
+int test_mod ();
+int test_mod_mul ();
+int test_mod_exp ();
+int rand_neg();
+#endif
+
+static int results=0;
+
+#ifdef NO_STDIO
+#define APPS_WIN16
+#include "bss_file.c"
+#endif
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ BN_CTX *ctx;
+ BIO *out;
+ char *outfile=NULL;
+
+ srand((unsigned int)time(NULL));
+
+ argc--;
+ argv++;
+ while (argc >= 1)
+ {
+ if (strcmp(*argv,"-results") == 0)
+ results=1;
+ else if (strcmp(*argv,"-out") == 0)
+ {
+ if (--argc < 1) break;
+ outfile= *(++argv);
+ }
+ argc--;
+ argv++;
+ }
+
+
+ ctx=BN_CTX_new();
+ if (ctx == NULL) exit(1);
+
+ out=BIO_new(BIO_s_file());
+ if (out == NULL) exit(1);
+ if (outfile == NULL)
+ {
+ BIO_set_fp(out,stdout,BIO_NOCLOSE);
+ }
+ else
+ {
+ if (!BIO_write_filename(out,outfile))
+ {
+ perror(outfile);
+ exit(1);
+ }
+ }
+
+ if (!results)
+ BIO_puts(out,"obase=16\nibase=16\n");
+
+ fprintf(stderr,"test BN_add\n");
+ if (!test_add(out)) goto err;
+ fflush(stdout);
+
+ fprintf(stderr,"test BN_sub\n");
+ if (!test_sub(out)) goto err;
+ fflush(stdout);
+
+ fprintf(stderr,"test BN_lshift1\n");
+ if (!test_lshift1(out)) goto err;
+ fflush(stdout);
+
+ fprintf(stderr,"test BN_lshift\n");
+ if (!test_lshift(out)) goto err;
+ fflush(stdout);
+
+ fprintf(stderr,"test BN_rshift1\n");
+ if (!test_rshift1(out)) goto err;
+ fflush(stdout);
+
+ fprintf(stderr,"test BN_rshift\n");
+ if (!test_rshift(out)) goto err;
+ fflush(stdout);
+
+ fprintf(stderr,"test BN_sqr\n");
+ if (!test_sqr(out,ctx)) goto err;
+ fflush(stdout);
+
+ fprintf(stderr,"test BN_mul\n");
+ if (!test_mul(out)) goto err;
+ fflush(stdout);
+
+ fprintf(stderr,"test BN_div\n");
+ if (!test_div(out,ctx)) goto err;
+ fflush(stdout);
+
+ fprintf(stderr,"test BN_mod\n");
+ if (!test_mod(out,ctx)) goto err;
+ fflush(stdout);
+
+ fprintf(stderr,"test BN_mod_mul\n");
+ if (!test_mod_mul(out,ctx)) goto err;
+ fflush(stdout);
+
+/*
+ fprintf(stderr,"test BN_mont\n");
+ if (!test_mont(out,ctx)) goto err;
+ fflush(stdout);
+*/
+ fprintf(stderr,"test BN_mod_exp\n");
+ if (!test_mod_exp(out,ctx)) goto err;
+ fflush(stdout);
+
+/**/
+ exit(0);
+err:
+ ERR_load_crypto_strings();
+ ERR_print_errors(out);
+ exit(1);
+ return(1);
+ }
+
+int test_add(bp)
+BIO *bp;
+ {
+ BIGNUM *a,*b,*c;
+ int i;
+ int j;
+
+ a=BN_new();
+ b=BN_new();
+ c=BN_new();
+
+ BN_rand(a,512,0,0);
+ for (i=0; i<100; i++)
+ {
+ BN_rand(b,450+i,0,0);
+ a->neg=rand_neg();
+ b->neg=rand_neg();
+ if (bp == NULL)
+ for (j=0; j<10000; j++)
+ BN_add(c,a,b);
+ BN_add(c,a,b);
+ if (bp != NULL)
+ {
+ if (!results)
+ {
+ BN_print(bp,a);
+ BIO_puts(bp," + ");
+ BN_print(bp,b);
+ BIO_puts(bp," - ");
+ }
+ BN_print(bp,c);
+ BIO_puts(bp,"\n");
+ }
+ }
+ BN_free(a);
+ BN_free(b);
+ BN_free(c);
+ return(1);
+ }
+
+int test_sub(bp)
+BIO *bp;
+ {
+ BIGNUM *a,*b,*c;
+ int i;
+ int j;
+
+ a=BN_new();
+ b=BN_new();
+ c=BN_new();
+
+ BN_rand(a,512,0,0);
+ for (i=0; i<100; i++)
+ {
+ BN_rand(b,400+i,0,0);
+ a->neg=rand_neg();
+ b->neg=rand_neg();
+ if (bp == NULL)
+ for (j=0; j<10000; j++)
+ BN_sub(c,a,b);
+ BN_sub(c,a,b);
+ if (bp != NULL)
+ {
+ if (!results)
+ {
+ BN_print(bp,a);
+ BIO_puts(bp," - ");
+ BN_print(bp,b);
+ BIO_puts(bp," - ");
+ }
+ BN_print(bp,c);
+ BIO_puts(bp,"\n");
+ }
+ }
+ BN_free(a);
+ BN_free(b);
+ BN_free(c);
+ return(1);
+ }
+
+int test_div(bp,ctx)
+BIO *bp;
+BN_CTX *ctx;
+ {
+ BIGNUM *a,*b,*c,*d;
+ int i;
+ int j;
+
+ a=BN_new();
+ b=BN_new();
+ c=BN_new();
+ d=BN_new();
+
+ BN_rand(a,400,0,0);
+ for (i=0; i<100; i++)
+ {
+ BN_rand(b,50+i,0,0);
+ a->neg=rand_neg();
+ b->neg=rand_neg();
+ if (bp == NULL)
+ for (j=0; j<100; j++)
+ BN_div(d,c,a,b,ctx);
+ BN_div(d,c,a,b,ctx);
+ if (bp != NULL)
+ {
+ if (!results)
+ {
+ BN_print(bp,a);
+ BIO_puts(bp," / ");
+ BN_print(bp,b);
+ BIO_puts(bp," - ");
+ }
+ BN_print(bp,d);
+ BIO_puts(bp,"\n");
+
+ if (!results)
+ {
+ BN_print(bp,a);
+ BIO_puts(bp," % ");
+ BN_print(bp,b);
+ BIO_puts(bp," - ");
+ }
+ BN_print(bp,c);
+ BIO_puts(bp,"\n");
+ }
+ }
+ BN_free(a);
+ BN_free(b);
+ BN_free(c);
+ BN_free(d);
+ return(1);
+ }
+
+int test_mul(bp)
+BIO *bp;
+ {
+ BIGNUM *a,*b,*c;
+ int i;
+ int j;
+
+ a=BN_new();
+ b=BN_new();
+ c=BN_new();
+
+ BN_rand(a,200,0,0);
+ for (i=0; i<100; i++)
+ {
+ BN_rand(b,250+i,0,0);
+ a->neg=rand_neg();
+ b->neg=rand_neg();
+ if (bp == NULL)
+ for (j=0; j<100; j++)
+ BN_mul(c,a,b);
+ BN_mul(c,a,b);
+ if (bp != NULL)
+ {
+ if (!results)
+ {
+ BN_print(bp,a);
+ BIO_puts(bp," * ");
+ BN_print(bp,b);
+ BIO_puts(bp," - ");
+ }
+ BN_print(bp,c);
+ BIO_puts(bp,"\n");
+ }
+ }
+ BN_free(a);
+ BN_free(b);
+ BN_free(c);
+ return(1);
+ }
+
+int test_sqr(bp,ctx)
+BIO *bp;
+BN_CTX *ctx;
+ {
+ BIGNUM *a,*c;
+ int i;
+ int j;
+
+ a=BN_new();
+ c=BN_new();
+
+ for (i=0; i<40; i++)
+ {
+ BN_rand(a,40+i*10,0,0);
+ a->neg=rand_neg();
+ if (bp == NULL)
+ for (j=0; j<100; j++)
+ BN_sqr(c,a,ctx);
+ BN_sqr(c,a,ctx);
+ if (bp != NULL)
+ {
+ if (!results)
+ {
+ BN_print(bp,a);
+ BIO_puts(bp," * ");
+ BN_print(bp,a);
+ BIO_puts(bp," - ");
+ }
+ BN_print(bp,c);
+ BIO_puts(bp,"\n");
+ }
+ }
+ BN_free(a);
+ BN_free(c);
+ return(1);
+ }
+
+int test_mont(bp,ctx)
+BIO *bp;
+BN_CTX *ctx;
+ {
+ BIGNUM *a,*b,*c,*A,*B;
+ BIGNUM *n;
+ int i;
+ int j;
+ BN_MONT_CTX *mont;
+
+ a=BN_new();
+ b=BN_new();
+ c=BN_new();
+ A=BN_new();
+ B=BN_new();
+ n=BN_new();
+
+ mont=BN_MONT_CTX_new();
+
+ BN_rand(a,100,0,0); /**/
+ BN_rand(b,100,0,0); /**/
+ for (i=0; i<10; i++)
+ {
+ BN_rand(n,(100%BN_BITS2+1)*BN_BITS2*i*BN_BITS2,0,1); /**/
+ BN_MONT_CTX_set(mont,n,ctx);
+
+ BN_to_montgomery(A,a,mont,ctx);
+ BN_to_montgomery(B,b,mont,ctx);
+
+ if (bp == NULL)
+ for (j=0; j<100; j++)
+ BN_mod_mul_montgomery(c,A,B,mont,ctx);/**/
+ BN_mod_mul_montgomery(c,A,B,mont,ctx);/**/
+ BN_from_montgomery(A,c,mont,ctx);/**/
+ if (bp != NULL)
+ {
+ if (!results)
+ {
+#ifdef undef
+fprintf(stderr,"%d * %d %% %d\n",
+BN_num_bits(a),
+BN_num_bits(b),
+BN_num_bits(mont->N));
+#endif
+ BN_print(bp,a);
+ BIO_puts(bp," * ");
+ BN_print(bp,b);
+ BIO_puts(bp," % ");
+ BN_print(bp,mont->N);
+ BIO_puts(bp," - ");
+ }
+ BN_print(bp,A);
+ BIO_puts(bp,"\n");
+ }
+ }
+ BN_MONT_CTX_free(mont);
+ BN_free(a);
+ BN_free(b);
+ BN_free(c);
+ return(1);
+ }
+
+int test_mod(bp,ctx)
+BIO *bp;
+BN_CTX *ctx;
+ {
+ BIGNUM *a,*b,*c;
+ int i;
+ int j;
+
+ a=BN_new();
+ b=BN_new();
+ c=BN_new();
+
+ BN_rand(a,1024,0,0); /**/
+ for (i=0; i<20; i++)
+ {
+ BN_rand(b,450+i*10,0,0); /**/
+ a->neg=rand_neg();
+ b->neg=rand_neg();
+ if (bp == NULL)
+ for (j=0; j<100; j++)
+ BN_mod(c,a,b,ctx);/**/
+ BN_mod(c,a,b,ctx);/**/
+ if (bp != NULL)
+ {
+ if (!results)
+ {
+ BN_print(bp,a);
+ BIO_puts(bp," % ");
+ BN_print(bp,b);
+ BIO_puts(bp," - ");
+ }
+ BN_print(bp,c);
+ BIO_puts(bp,"\n");
+ }
+ }
+ BN_free(a);
+ BN_free(b);
+ BN_free(c);
+ return(1);
+ }
+
+int test_mod_mul(bp,ctx)
+BIO *bp;
+BN_CTX *ctx;
+ {
+ BIGNUM *a,*b,*c,*d,*e;
+ int i;
+
+ a=BN_new();
+ b=BN_new();
+ c=BN_new();
+ d=BN_new();
+ e=BN_new();
+
+ BN_rand(c,1024,0,0); /**/
+ for (i=0; i<10; i++)
+ {
+ BN_rand(a,475+i*10,0,0); /**/
+ BN_rand(b,425+i*10,0,0); /**/
+ a->neg=rand_neg();
+ b->neg=rand_neg();
+ /* if (bp == NULL)
+ for (j=0; j<100; j++)
+ BN_mod_mul(d,a,b,c,ctx);*/ /**/
+
+ if (!BN_mod_mul(e,a,b,c,ctx))
+ {
+ unsigned long l;
+
+ while ((l=ERR_get_error()))
+ fprintf(stderr,"ERROR:%s\n",
+ ERR_error_string(l,NULL));
+ exit(1);
+ }
+ if (bp != NULL)
+ {
+ if (!results)
+ {
+ BN_print(bp,a);
+ BIO_puts(bp," * ");
+ BN_print(bp,b);
+ BIO_puts(bp," % ");
+ BN_print(bp,c);
+ BIO_puts(bp," - ");
+ }
+ BN_print(bp,e);
+ BIO_puts(bp,"\n");
+ }
+ }
+ BN_free(a);
+ BN_free(b);
+ BN_free(c);
+ BN_free(d);
+ BN_free(e);
+ return(1);
+ }
+
+int test_mod_exp(bp,ctx)
+BIO *bp;
+BN_CTX *ctx;
+ {
+ BIGNUM *a,*b,*c,*d,*e;
+ int i;
+
+ a=BN_new();
+ b=BN_new();
+ c=BN_new();
+ d=BN_new();
+ e=BN_new();
+
+ BN_rand(c,30,0,1); /* must be odd for montgomery */
+ for (i=0; i<6; i++)
+ {
+ BN_rand(a,20+i*5,0,0); /**/
+ BN_rand(b,2+i,0,0); /**/
+
+ if (!BN_mod_exp(d,a,b,c,ctx))
+ return(00);
+
+ if (bp != NULL)
+ {
+ if (!results)
+ {
+ BN_print(bp,a);
+ BIO_puts(bp," ^ ");
+ BN_print(bp,b);
+ BIO_puts(bp," % ");
+ BN_print(bp,c);
+ BIO_puts(bp," - ");
+ }
+ BN_print(bp,d);
+ BIO_puts(bp,"\n");
+ }
+ }
+ BN_free(a);
+ BN_free(b);
+ BN_free(c);
+ BN_free(d);
+ BN_free(e);
+ return(1);
+ }
+
+int test_lshift(bp)
+BIO *bp;
+ {
+ BIGNUM *a,*b,*c;
+ int i;
+
+ a=BN_new();
+ b=BN_new();
+ c=BN_new();
+ BN_one(c);
+
+ BN_rand(a,200,0,0); /**/
+ a->neg=rand_neg();
+ for (i=0; i<70; i++)
+ {
+ BN_lshift(b,a,i+1);
+ BN_add(c,c,c);
+ if (bp != NULL)
+ {
+ if (!results)
+ {
+ BN_print(bp,a);
+ BIO_puts(bp," * ");
+ BN_print(bp,c);
+ BIO_puts(bp," - ");
+ }
+ BN_print(bp,b);
+ BIO_puts(bp,"\n");
+ }
+ }
+ BN_free(a);
+ BN_free(b);
+ BN_free(c);
+ return(1);
+ }
+
+int test_lshift1(bp)
+BIO *bp;
+ {
+ BIGNUM *a,*b;
+ int i;
+
+ a=BN_new();
+ b=BN_new();
+
+ BN_rand(a,200,0,0); /**/
+ a->neg=rand_neg();
+ for (i=0; i<70; i++)
+ {
+ BN_lshift1(b,a);
+ if (bp != NULL)
+ {
+ if (!results)
+ {
+ BN_print(bp,a);
+ BIO_puts(bp," * 2");
+ BIO_puts(bp," - ");
+ }
+ BN_print(bp,b);
+ BIO_puts(bp,"\n");
+ }
+ BN_copy(a,b);
+ }
+ BN_free(a);
+ BN_free(b);
+ return(1);
+ }
+
+int test_rshift(bp)
+BIO *bp;
+ {
+ BIGNUM *a,*b,*c;
+ int i;
+
+ a=BN_new();
+ b=BN_new();
+ c=BN_new();
+ BN_one(c);
+
+ BN_rand(a,200,0,0); /**/
+ a->neg=rand_neg();
+ for (i=0; i<70; i++)
+ {
+ BN_rshift(b,a,i+1);
+ BN_add(c,c,c);
+ if (bp != NULL)
+ {
+ if (!results)
+ {
+ BN_print(bp,a);
+ BIO_puts(bp," / ");
+ BN_print(bp,c);
+ BIO_puts(bp," - ");
+ }
+ BN_print(bp,b);
+ BIO_puts(bp,"\n");
+ }
+ }
+ BN_free(a);
+ BN_free(b);
+ BN_free(c);
+ return(1);
+ }
+
+int test_rshift1(bp)
+BIO *bp;
+ {
+ BIGNUM *a,*b;
+ int i;
+
+ a=BN_new();
+ b=BN_new();
+
+ BN_rand(a,200,0,0); /**/
+ a->neg=rand_neg();
+ for (i=0; i<70; i++)
+ {
+ BN_rshift1(b,a);
+ if (bp != NULL)
+ {
+ if (!results)
+ {
+ BN_print(bp,a);
+ BIO_puts(bp," / 2");
+ BIO_puts(bp," - ");
+ }
+ BN_print(bp,b);
+ BIO_puts(bp,"\n");
+ }
+ BN_copy(a,b);
+ }
+ BN_free(a);
+ BN_free(b);
+ return(1);
+ }
+
+int rand_neg()
+ {
+ static unsigned int neg=0;
+ static int sign[8]={0,0,0,1,1,0,1,1};
+
+ return(sign[(neg++)%8]);
+ }
diff --git a/src/lib/libssl/src/crypto/bn/expspeed.c b/src/lib/libssl/src/crypto/bn/expspeed.c
new file mode 100644
index 0000000000..344f883d35
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bn/expspeed.c
@@ -0,0 +1,230 @@
+/* crypto/bn/expspeed.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* most of this code has been pilfered from my libdes speed.c program */
+
+#define BASENUM 5000
+#undef PROG
+#define PROG bnspeed_main
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <signal.h>
+#include <string.h>
+#include "crypto.h"
+#include "err.h"
+
+#ifndef MSDOS
+#define TIMES
+#endif
+
+#ifndef VMS
+#ifndef _IRIX
+#include <time.h>
+#endif
+#ifdef TIMES
+#include <sys/types.h>
+#include <sys/times.h>
+#endif
+#else /* VMS */
+#include <types.h>
+struct tms {
+ time_t tms_utime;
+ time_t tms_stime;
+ time_t tms_uchild; /* I dunno... */
+ time_t tms_uchildsys; /* so these names are a guess :-) */
+ }
+#endif
+#ifndef TIMES
+#include <sys/timeb.h>
+#endif
+
+#ifdef sun
+#include <limits.h>
+#include <sys/param.h>
+#endif
+
+#include "bn.h"
+#include "x509.h"
+
+/* The following if from times(3) man page. It may need to be changed */
+#ifndef HZ
+# ifndef CLK_TCK
+# ifndef _BSD_CLK_TCK_ /* FreeBSD hack */
+# ifndef VMS
+# define HZ 100.0
+# else /* VMS */
+# define HZ 100.0
+# endif
+# else /* _BSD_CLK_TCK_ */
+# define HZ ((double)_BSD_CLK_TCK_)
+# endif
+# else /* CLK_TCK */
+# define HZ ((double)CLK_TCK)
+# endif
+#endif
+
+#undef BUFSIZE
+#define BUFSIZE ((long)1024*8)
+int run=0;
+
+#ifndef NOPROTO
+static double Time_F(int s);
+#else
+static double Time_F();
+#endif
+
+#define START 0
+#define STOP 1
+
+static double Time_F(s)
+int s;
+ {
+ double ret;
+#ifdef TIMES
+ static struct tms tstart,tend;
+
+ if (s == START)
+ {
+ times(&tstart);
+ return(0);
+ }
+ else
+ {
+ times(&tend);
+ ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
+ return((ret < 1e-3)?1e-3:ret);
+ }
+#else /* !times() */
+ static struct timeb tstart,tend;
+ long i;
+
+ if (s == START)
+ {
+ ftime(&tstart);
+ return(0);
+ }
+ else
+ {
+ ftime(&tend);
+ i=(long)tend.millitm-(long)tstart.millitm;
+ ret=((double)(tend.time-tstart.time))+((double)i)/1000.0;
+ return((ret < 0.001)?0.001:ret);
+ }
+#endif
+ }
+
+#define NUM_SIZES 6
+static int sizes[NUM_SIZES]={256,512,1024,2048,4096,8192};
+static int mul_c[NUM_SIZES]={8*8*8*8*8,8*8*8*8,8*8*8,8*8,8,1};
+/*static int sizes[NUM_SIZES]={59,179,299,419,539}; */
+
+void do_mul_exp(BIGNUM *r,BIGNUM *a,BIGNUM *b,BIGNUM *c,BN_CTX *ctx);
+
+int main(argc,argv)
+int argc;
+char **argv;
+ {
+ BN_CTX *ctx;
+ BIGNUM *a,*b,*c,*r;
+
+ ctx=BN_CTX_new();
+ a=BN_new();
+ b=BN_new();
+ c=BN_new();
+ r=BN_new();
+
+ do_mul_exp(r,a,b,c,ctx);
+ }
+
+void do_mul_exp(r,a,b,c,ctx)
+BIGNUM *r;
+BIGNUM *a;
+BIGNUM *b;
+BIGNUM *c;
+BN_CTX *ctx;
+ {
+ int i,k;
+ double tm;
+ long num;
+ BN_MONT_CTX m;
+
+ memset(&m,0,sizeof(m));
+
+ num=BASENUM;
+ for (i=0; i<NUM_SIZES; i++)
+ {
+ BN_rand(a,sizes[i],1,0);
+ BN_rand(b,sizes[i],1,0);
+ BN_rand(c,sizes[i],1,1);
+ BN_mod(a,a,c,ctx);
+ BN_mod(b,b,c,ctx);
+
+ BN_MONT_CTX_set(&m,c,ctx);
+
+ Time_F(START);
+ for (k=0; k<num; k++)
+ BN_mod_exp_mont(r,a,b,c,ctx,&m);
+ tm=Time_F(STOP);
+ printf("mul %4d ^ %4d %% %d -> %8.3fms %5.1f\n",sizes[i],sizes[i],sizes[i],tm*1000.0/num,tm*mul_c[i]/num);
+ num/=7;
+ if (num <= 0) num=1;
+ }
+
+ }
+
diff --git a/src/lib/libssl/src/crypto/bn/exptest.c b/src/lib/libssl/src/crypto/bn/exptest.c
new file mode 100644
index 0000000000..67dc95d726
--- /dev/null
+++ b/src/lib/libssl/src/crypto/bn/exptest.c
@@ -0,0 +1,148 @@
+/* crypto/bn/exptest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "bio.h"
+#include "bn.h"
+#include "rand.h"
+#include "err.h"
+#ifdef WINDOWS
+#include "../bio/bss_file.c"
+#endif
+
+#define NUM_BITS (BN_BITS*2)
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ BN_CTX *ctx;
+ BIO *out=NULL;
+ int i,ret;
+ unsigned char c;
+ BIGNUM *r_mont,*r_recp,*a,*b,*m;
+
+ ctx=BN_CTX_new();
+ if (ctx == NULL) exit(1);
+ r_mont=BN_new();
+ r_recp=BN_new();
+ a=BN_new();
+ b=BN_new();
+ m=BN_new();
+ if ( (r_mont == NULL) || (r_recp == NULL) ||
+ (a == NULL) || (b == NULL))
+ goto err;
+
+ out=BIO_new(BIO_s_file());
+
+ if (out == NULL) exit(1);
+ BIO_set_fp(out,stdout,BIO_NOCLOSE);
+
+ for (i=0; i<200; i++)
+ {
+ RAND_bytes(&c,1);
+ c=(c%BN_BITS)-BN_BITS2;
+ BN_rand(a,NUM_BITS+c,0,0);
+
+ RAND_bytes(&c,1);
+ c=(c%BN_BITS)-BN_BITS2;
+ BN_rand(b,NUM_BITS+c,0,0);
+
+ RAND_bytes(&c,1);
+ c=(c%BN_BITS)-BN_BITS2;
+ BN_rand(m,NUM_BITS+c,0,1);
+
+ BN_mod(a,a,m,ctx);
+ BN_mod(b,b,m,ctx);
+
+ ret=BN_mod_exp_mont(r_mont,a,b,m,ctx,NULL);
+ if (ret <= 0)
+ { printf("BN_mod_exp_mont() problems\n"); exit(1); }
+
+ ret=BN_mod_exp_recp(r_recp,a,b,m,ctx);
+ if (ret <= 0)
+ { printf("BN_mod_exp_recp() problems\n"); exit(1); }
+
+ if (BN_cmp(r_mont,r_recp) != 0)
+ {
+ printf("\nmont and recp results differ\n");
+ printf("a (%3d) = ",BN_num_bits(a)); BN_print(out,a);
+ printf("\nb (%3d) = ",BN_num_bits(b)); BN_print(out,b);
+ printf("\nm (%3d) = ",BN_num_bits(m)); BN_print(out,m);
+ printf("\nrecp ="); BN_print(out,r_recp);
+ printf("\nmont ="); BN_print(out,r_mont);
+ printf("\n");
+ exit(1);
+ }
+ else
+ {
+ printf(".");
+ fflush(stdout);
+ }
+ }
+ printf(" done\n");
+ exit(0);
+err:
+ ERR_load_crypto_strings();
+ ERR_print_errors(out);
+ exit(1);
+ return(1);
+ }
+
diff --git a/src/lib/libssl/src/crypto/buffer/buf_err.c b/src/lib/libssl/src/crypto/buffer/buf_err.c
new file mode 100644
index 0000000000..ff988852cc
--- /dev/null
+++ b/src/lib/libssl/src/crypto/buffer/buf_err.c
@@ -0,0 +1,87 @@
+/* lib/buf/buf_err.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include "err.h"
+#include "buffer.h"
+
+/* BEGIN ERROR CODES */
+#ifndef NO_ERR
+static ERR_STRING_DATA BUF_str_functs[]=
+ {
+{ERR_PACK(0,BUF_F_BUF_MEM_GROW,0), "BUF_MEM_grow"},
+{ERR_PACK(0,BUF_F_BUF_MEM_NEW,0), "BUF_MEM_new"},
+{ERR_PACK(0,BUF_F_BUF_STRDUP,0), "BUF_strdup"},
+{ERR_PACK(0,BUF_F_PXYCLNT_READ,0), "PXYCLNT_READ"},
+{0,NULL},
+ };
+
+#endif
+
+void ERR_load_BUF_strings()
+ {
+ static int init=1;
+
+ if (init);
+ {;
+ init=0;
+#ifndef NO_ERR
+ ERR_load_strings(ERR_LIB_BUF,BUF_str_functs);
+#endif
+
+ }
+ }
diff --git a/src/lib/libssl/src/crypto/buffer/buffer.c b/src/lib/libssl/src/crypto/buffer/buffer.c
new file mode 100644
index 0000000000..7e8af9e2fa
--- /dev/null
+++ b/src/lib/libssl/src/crypto/buffer/buffer.c
@@ -0,0 +1,145 @@
+/* crypto/buffer/buffer.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "buffer.h"
+
+BUF_MEM *BUF_MEM_new()
+ {
+ BUF_MEM *ret;
+
+ ret=(BUF_MEM *)Malloc(sizeof(BUF_MEM));
+ if (ret == NULL)
+ {
+ BUFerr(BUF_F_BUF_MEM_NEW,ERR_R_MALLOC_FAILURE);
+ return(NULL);
+ }
+ ret->length=0;
+ ret->max=0;
+ ret->data=NULL;
+ return(ret);
+ }
+
+void BUF_MEM_free(a)
+BUF_MEM *a;
+ {
+ if (a->data != NULL)
+ {
+ memset(a->data,0,(unsigned int)a->max);
+ Free(a->data);
+ }
+ Free(a);
+ }
+
+int BUF_MEM_grow(str, len)
+BUF_MEM *str;
+int len;
+ {
+ char *ret;
+ unsigned int n;
+
+ if (str->length >= len)
+ {
+ str->length=len;
+ return(len);
+ }
+ if (str->max >= len)
+ {
+ memset(&(str->data[str->length]),0,len-str->length);
+ str->length=len;
+ return(len);
+ }
+ n=(len+3)/3*4;
+ if (str->data == NULL)
+ ret=(char *)Malloc(n);
+ else
+ ret=(char *)Realloc(str->data,n);
+ if (ret == NULL)
+ {
+ BUFerr(BUF_F_BUF_MEM_GROW,ERR_R_MALLOC_FAILURE);
+ len=0;
+ }
+ else
+ {
+ str->data=ret;
+ str->length=len;
+ str->max=n;
+ }
+ return(len);
+ }
+
+char *BUF_strdup(str)
+char *str;
+ {
+ char *ret;
+ int n;
+
+ if (str == NULL) return(NULL);
+
+ n=strlen(str);
+ ret=Malloc(n+1);
+ if (ret == NULL)
+ {
+ BUFerr(BUF_F_BUF_STRDUP,ERR_R_MALLOC_FAILURE);
+ return(NULL);
+ }
+ memcpy(ret,str,n+1);
+ return(ret);
+ }
+
diff --git a/src/lib/libssl/src/crypto/buffer/buffer.h b/src/lib/libssl/src/crypto/buffer/buffer.h
new file mode 100644
index 0000000000..417548c04a
--- /dev/null
+++ b/src/lib/libssl/src/crypto/buffer/buffer.h
@@ -0,0 +1,107 @@
+/* crypto/buffer/buffer.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_BUFFER_H
+#define HEADER_BUFFER_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef struct buf_mem_st
+ {
+ int length; /* current number of bytes */
+ char *data;
+ int max; /* size of buffer */
+ } BUF_MEM;
+
+#ifndef NOPROTO
+BUF_MEM *BUF_MEM_new(void);
+void BUF_MEM_free(BUF_MEM *a);
+int BUF_MEM_grow(BUF_MEM *str, int len);
+char * BUF_strdup(char *str);
+
+void ERR_load_BUF_strings(void );
+
+#else
+
+BUF_MEM *BUF_MEM_new();
+void BUF_MEM_free();
+int BUF_MEM_grow();
+char * BUF_strdup();
+
+void ERR_load_BUF_strings();
+
+#endif
+
+/* BEGIN ERROR CODES */
+/* Error codes for the BUF functions. */
+
+/* Function codes. */
+#define BUF_F_BUF_MEM_GROW 100
+#define BUF_F_BUF_MEM_NEW 101
+#define BUF_F_BUF_STRDUP 102
+#define BUF_F_PXYCLNT_READ 103
+
+/* Reason codes. */
+
+#ifdef __cplusplus
+}
+#endif
+#endif
+
diff --git a/src/lib/libssl/src/crypto/cast/asm/cast-586.pl b/src/lib/libssl/src/crypto/cast/asm/cast-586.pl
new file mode 100644
index 0000000000..d0be004c99
--- /dev/null
+++ b/src/lib/libssl/src/crypto/cast/asm/cast-586.pl
@@ -0,0 +1,167 @@
+#!/usr/bin/perl
+
+# define for pentium pro friendly version
+$ppro=1;
+
+push(@INC,"perlasm","../../perlasm");
+require "x86asm.pl";
+require "cbc.pl";
+
+&asm_init($ARGV[0],"cast-586.pl");
+
+$CAST_ROUNDS=16;
+$L="edi";
+$R="esi";
+$K="ebp";
+$tmp1="ecx";
+$tmp2="ebx";
+$tmp3="eax";
+$tmp4="edx";
+$S1="CAST_S_table0";
+$S2="CAST_S_table1";
+$S3="CAST_S_table2";
+$S4="CAST_S_table3";
+
+@F1=("add","xor","sub");
+@F2=("xor","sub","add");
+@F3=("sub","add","xor");
+
+&CAST_encrypt("CAST_encrypt",1);
+&CAST_encrypt("CAST_decrypt",0);
+&cbc("CAST_cbc_encrypt","CAST_encrypt","CAST_decrypt",1,4,5,3,-1,-1);
+
+&asm_finish();
+
+sub CAST_encrypt
+ {
+ local($name,$enc)=@_;
+
+ local($win_ex)=<<"EOF";
+EXTERN _CAST_S_table0:DWORD
+EXTERN _CAST_S_table1:DWORD
+EXTERN _CAST_S_table2:DWORD
+EXTERN _CAST_S_table3:DWORD
+EOF
+ &main'external_label(
+ "CAST_S_table0",
+ "CAST_S_table1",
+ "CAST_S_table2",
+ "CAST_S_table3",
+ );
+
+ &function_begin_B($name,$win_ex);
+
+ &comment("");
+
+ &push("ebp");
+ &push("ebx");
+ &mov($tmp2,&wparam(0));
+ &mov($K,&wparam(1));
+ &push("esi");
+ &push("edi");
+
+ &comment("Load the 2 words");
+ &mov($L,&DWP(0,$tmp2,"",0));
+ &mov($R,&DWP(4,$tmp2,"",0));
+
+ &xor( $tmp3, $tmp3);
+
+ # encrypting part
+
+ if ($enc)
+ {
+ &E_CAST( 0,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
+ &E_CAST( 1,$S,$R,$L,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
+ &E_CAST( 2,$S,$L,$R,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
+ &E_CAST( 3,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
+ &E_CAST( 4,$S,$L,$R,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
+ &E_CAST( 5,$S,$R,$L,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
+ &E_CAST( 6,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
+ &E_CAST( 7,$S,$R,$L,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
+ &E_CAST( 8,$S,$L,$R,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
+ &E_CAST( 9,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
+ &E_CAST(10,$S,$L,$R,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
+ &E_CAST(11,$S,$R,$L,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
+ &E_CAST(12,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
+ &E_CAST(13,$S,$R,$L,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
+ &E_CAST(14,$S,$L,$R,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
+ &E_CAST(15,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4,1);
+ }
+ else
+ {
+ &E_CAST(15,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
+ &E_CAST(14,$S,$R,$L,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
+ &E_CAST(13,$S,$L,$R,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
+ &E_CAST(12,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
+ &E_CAST(11,$S,$L,$R,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
+ &E_CAST(10,$S,$R,$L,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
+ &E_CAST( 9,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
+ &E_CAST( 8,$S,$R,$L,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
+ &E_CAST( 7,$S,$L,$R,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
+ &E_CAST( 6,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
+ &E_CAST( 5,$S,$L,$R,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
+ &E_CAST( 4,$S,$R,$L,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
+ &E_CAST( 3,$S,$L,$R,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4);
+ &E_CAST( 2,$S,$R,$L,$K,@F3,$tmp1,$tmp2,$tmp3,$tmp4);
+ &E_CAST( 1,$S,$L,$R,$K,@F2,$tmp1,$tmp2,$tmp3,$tmp4);
+ &E_CAST( 0,$S,$R,$L,$K,@F1,$tmp1,$tmp2,$tmp3,$tmp4,1);
+ }
+
+ &nop();
+ &mov(&DWP(4,$tmp3,"",0),$L);
+ &mov(&DWP(0,$tmp3,"",0),$R);
+ &function_end($name);
+ }
+
+sub E_CAST
+ {
+ local($i,$S,$L,$R,$K,$OP1,$OP2,$OP3,$tmp1,$tmp2,$tmp3,$tmp4,$lst)=@_;
+ # Ri needs to have 16 pre added.
+
+ &comment("round $i");
+ &mov( $tmp4, &DWP($i*8,$K,"",1));
+
+ &mov( $tmp1, &DWP($i*8+4,$K,"",1));# must be word
+ &$OP1( $tmp4, $R);
+
+ &rotl( $tmp4, &LB($tmp1));
+
+ if ($ppro)
+ {
+ &mov( $tmp2, $tmp4); # B
+ &xor( $tmp1, $tmp1);
+
+ &movb( &LB($tmp1), &HB($tmp4)); # A
+ &and( $tmp2, 0xff);
+
+ &shr( $tmp4, 16); #
+ &xor( $tmp3, $tmp3);
+ }
+ else
+ {
+ &mov( $tmp2, $tmp4); # B
+ &movb( &LB($tmp1), &HB($tmp4)); # A # BAD BAD BAD
+
+ &shr( $tmp4, 16); #
+ &and( $tmp2, 0xff);
+ }
+
+ &movb( &LB($tmp3), &HB($tmp4)); # C # BAD BAD BAD
+ &and( $tmp4, 0xff); # D
+
+ &mov( $tmp1, &DWP($S1,"",$tmp1,4));
+ &mov( $tmp2, &DWP($S2,"",$tmp2,4));
+
+ &$OP2( $tmp1, $tmp2);
+ &mov( $tmp2, &DWP($S3,"",$tmp3,4));
+
+ &$OP3( $tmp1, $tmp2);
+ &mov( $tmp2, &DWP($S4,"",$tmp4,4));
+
+ &$OP1( $tmp1, $tmp2);
+ &mov($tmp3,&wparam(0)) if $lst;
+ # XXX
+
+ &xor( $L, $tmp1);
+ # XXX
+ }
diff --git a/src/lib/libssl/src/crypto/cast/asm/readme b/src/lib/libssl/src/crypto/cast/asm/readme
new file mode 100644
index 0000000000..fbcd76289e
--- /dev/null
+++ b/src/lib/libssl/src/crypto/cast/asm/readme
@@ -0,0 +1,7 @@
+There is a ppro flag in cast-586 which turns on/off
+generation of pentium pro/II friendly code
+
+This flag makes the inner loop one cycle longer, but generates
+code that runs %30 faster on the pentium pro/II, while only %7 slower
+on the pentium. By default, this flag is on.
+
diff --git a/src/lib/libssl/src/crypto/cast/c_cfb64.c b/src/lib/libssl/src/crypto/cast/c_cfb64.c
new file mode 100644
index 0000000000..c46c375f75
--- /dev/null
+++ b/src/lib/libssl/src/crypto/cast/c_cfb64.c
@@ -0,0 +1,127 @@
+/* crypto/cast/c_cfb64.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "cast.h"
+#include "cast_lcl.h"
+
+/* The input and output encrypted as though 64bit cfb mode is being
+ * used. The extra state information to record how much of the
+ * 64bit block we have used is contained in *num;
+ */
+
+void CAST_cfb64_encrypt(in, out, length, schedule, ivec, num, encrypt)
+unsigned char *in;
+unsigned char *out;
+long length;
+CAST_KEY *schedule;
+unsigned char *ivec;
+int *num;
+int encrypt;
+ {
+ register CAST_LONG v0,v1,t;
+ register int n= *num;
+ register long l=length;
+ CAST_LONG ti[2];
+ unsigned char *iv,c,cc;
+
+ iv=(unsigned char *)ivec;
+ if (encrypt)
+ {
+ while (l--)
+ {
+ if (n == 0)
+ {
+ n2l(iv,v0); ti[0]=v0;
+ n2l(iv,v1); ti[1]=v1;
+ CAST_encrypt((CAST_LONG *)ti,schedule);
+ iv=(unsigned char *)ivec;
+ t=ti[0]; l2n(t,iv);
+ t=ti[1]; l2n(t,iv);
+ iv=(unsigned char *)ivec;
+ }
+ c= *(in++)^iv[n];
+ *(out++)=c;
+ iv[n]=c;
+ n=(n+1)&0x07;
+ }
+ }
+ else
+ {
+ while (l--)
+ {
+ if (n == 0)
+ {
+ n2l(iv,v0); ti[0]=v0;
+ n2l(iv,v1); ti[1]=v1;
+ CAST_encrypt((CAST_LONG *)ti,schedule);
+ iv=(unsigned char *)ivec;
+ t=ti[0]; l2n(t,iv);
+ t=ti[1]; l2n(t,iv);
+ iv=(unsigned char *)ivec;
+ }
+ cc= *(in++);
+ c=iv[n];
+ iv[n]=cc;
+ *(out++)=c^cc;
+ n=(n+1)&0x07;
+ }
+ }
+ v0=v1=ti[0]=ti[1]=t=c=cc=0;
+ *num=n;
+ }
+
diff --git a/src/lib/libssl/src/crypto/cast/c_ecb.c b/src/lib/libssl/src/crypto/cast/c_ecb.c
new file mode 100644
index 0000000000..f0f2f4df0e
--- /dev/null
+++ b/src/lib/libssl/src/crypto/cast/c_ecb.c
@@ -0,0 +1,82 @@
+/* crypto/cast/c_ecb.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "cast.h"
+#include "cast_lcl.h"
+
+char *CAST_version="CAST part of SSLeay 0.9.0b 29-Jun-1998";
+
+void CAST_ecb_encrypt(in, out, ks, encrypt)
+unsigned char *in;
+unsigned char *out;
+CAST_KEY *ks;
+int encrypt;
+ {
+ CAST_LONG l,d[2];
+
+ n2l(in,l); d[0]=l;
+ n2l(in,l); d[1]=l;
+ if (encrypt)
+ CAST_encrypt(d,ks);
+ else
+ CAST_decrypt(d,ks);
+ l=d[0]; l2n(l,out);
+ l=d[1]; l2n(l,out);
+ l=d[0]=d[1]=0;
+ }
+
diff --git a/src/lib/libssl/src/crypto/cast/c_enc.c b/src/lib/libssl/src/crypto/cast/c_enc.c
new file mode 100644
index 0000000000..d998dd4953
--- /dev/null
+++ b/src/lib/libssl/src/crypto/cast/c_enc.c
@@ -0,0 +1,210 @@
+/* crypto/cast/c_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "cast.h"
+#include "cast_lcl.h"
+
+void CAST_encrypt(data,key)
+CAST_LONG *data;
+CAST_KEY *key;
+ {
+ register CAST_LONG l,r,*k,t;
+
+ k= &(key->data[0]);
+ l=data[0];
+ r=data[1];
+
+ E_CAST( 0,k,l,r,+,^,-);
+ E_CAST( 1,k,r,l,^,-,+);
+ E_CAST( 2,k,l,r,-,+,^);
+ E_CAST( 3,k,r,l,+,^,-);
+ E_CAST( 4,k,l,r,^,-,+);
+ E_CAST( 5,k,r,l,-,+,^);
+ E_CAST( 6,k,l,r,+,^,-);
+ E_CAST( 7,k,r,l,^,-,+);
+ E_CAST( 8,k,l,r,-,+,^);
+ E_CAST( 9,k,r,l,+,^,-);
+ E_CAST(10,k,l,r,^,-,+);
+ E_CAST(11,k,r,l,-,+,^);
+ E_CAST(12,k,l,r,+,^,-);
+ E_CAST(13,k,r,l,^,-,+);
+ E_CAST(14,k,l,r,-,+,^);
+ E_CAST(15,k,r,l,+,^,-);
+
+ data[1]=l&0xffffffffL;
+ data[0]=r&0xffffffffL;
+ }
+
+void CAST_decrypt(data,key)
+CAST_LONG *data;
+CAST_KEY *key;
+ {
+ register CAST_LONG l,r,*k,t;
+
+ k= &(key->data[0]);
+ l=data[0];
+ r=data[1];
+
+ E_CAST(15,k,l,r,+,^,-);
+ E_CAST(14,k,r,l,-,+,^);
+ E_CAST(13,k,l,r,^,-,+);
+ E_CAST(12,k,r,l,+,^,-);
+ E_CAST(11,k,l,r,-,+,^);
+ E_CAST(10,k,r,l,^,-,+);
+ E_CAST( 9,k,l,r,+,^,-);
+ E_CAST( 8,k,r,l,-,+,^);
+ E_CAST( 7,k,l,r,^,-,+);
+ E_CAST( 6,k,r,l,+,^,-);
+ E_CAST( 5,k,l,r,-,+,^);
+ E_CAST( 4,k,r,l,^,-,+);
+ E_CAST( 3,k,l,r,+,^,-);
+ E_CAST( 2,k,r,l,-,+,^);
+ E_CAST( 1,k,l,r,^,-,+);
+ E_CAST( 0,k,r,l,+,^,-);
+
+ data[1]=l&0xffffffffL;
+ data[0]=r&0xffffffffL;
+ }
+
+void CAST_cbc_encrypt(in, out, length, ks, iv, encrypt)
+unsigned char *in;
+unsigned char *out;
+long length;
+CAST_KEY *ks;
+unsigned char *iv;
+int encrypt;
+ {
+ register CAST_LONG tin0,tin1;
+ register CAST_LONG tout0,tout1,xor0,xor1;
+ register long l=length;
+ CAST_LONG tin[2];
+
+ if (encrypt)
+ {
+ n2l(iv,tout0);
+ n2l(iv,tout1);
+ iv-=8;
+ for (l-=8; l>=0; l-=8)
+ {
+ n2l(in,tin0);
+ n2l(in,tin1);
+ tin0^=tout0;
+ tin1^=tout1;
+ tin[0]=tin0;
+ tin[1]=tin1;
+ CAST_encrypt(tin,ks);
+ tout0=tin[0];
+ tout1=tin[1];
+ l2n(tout0,out);
+ l2n(tout1,out);
+ }
+ if (l != -8)
+ {
+ n2ln(in,tin0,tin1,l+8);
+ tin0^=tout0;
+ tin1^=tout1;
+ tin[0]=tin0;
+ tin[1]=tin1;
+ CAST_encrypt(tin,ks);
+ tout0=tin[0];
+ tout1=tin[1];
+ l2n(tout0,out);
+ l2n(tout1,out);
+ }
+ l2n(tout0,iv);
+ l2n(tout1,iv);
+ }
+ else
+ {
+ n2l(iv,xor0);
+ n2l(iv,xor1);
+ iv-=8;
+ for (l-=8; l>=0; l-=8)
+ {
+ n2l(in,tin0);
+ n2l(in,tin1);
+ tin[0]=tin0;
+ tin[1]=tin1;
+ CAST_decrypt(tin,ks);
+ tout0=tin[0]^xor0;
+ tout1=tin[1]^xor1;
+ l2n(tout0,out);
+ l2n(tout1,out);
+ xor0=tin0;
+ xor1=tin1;
+ }
+ if (l != -8)
+ {
+ n2l(in,tin0);
+ n2l(in,tin1);
+ tin[0]=tin0;
+ tin[1]=tin1;
+ CAST_decrypt(tin,ks);
+ tout0=tin[0]^xor0;
+ tout1=tin[1]^xor1;
+ l2nn(tout0,tout1,out,l+8);
+ xor0=tin0;
+ xor1=tin1;
+ }
+ l2n(xor0,iv);
+ l2n(xor1,iv);
+ }
+ tin0=tin1=tout0=tout1=xor0=xor1=0;
+ tin[0]=tin[1]=0;
+ }
+
diff --git a/src/lib/libssl/src/crypto/cast/c_ofb64.c b/src/lib/libssl/src/crypto/cast/c_ofb64.c
new file mode 100644
index 0000000000..2aad2d6d96
--- /dev/null
+++ b/src/lib/libssl/src/crypto/cast/c_ofb64.c
@@ -0,0 +1,115 @@
+/* crypto/cast/c_ofb64.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "cast.h"
+#include "cast_lcl.h"
+
+/* The input and output encrypted as though 64bit ofb mode is being
+ * used. The extra state information to record how much of the
+ * 64bit block we have used is contained in *num;
+ */
+void CAST_ofb64_encrypt(in, out, length, schedule, ivec, num)
+unsigned char *in;
+unsigned char *out;
+long length;
+CAST_KEY *schedule;
+unsigned char *ivec;
+int *num;
+ {
+ register CAST_LONG v0,v1,t;
+ register int n= *num;
+ register long l=length;
+ unsigned char d[8];
+ register char *dp;
+ CAST_LONG ti[2];
+ unsigned char *iv;
+ int save=0;
+
+ iv=(unsigned char *)ivec;
+ n2l(iv,v0);
+ n2l(iv,v1);
+ ti[0]=v0;
+ ti[1]=v1;
+ dp=(char *)d;
+ l2n(v0,dp);
+ l2n(v1,dp);
+ while (l--)
+ {
+ if (n == 0)
+ {
+ CAST_encrypt((CAST_LONG *)ti,schedule);
+ dp=(char *)d;
+ t=ti[0]; l2n(t,dp);
+ t=ti[1]; l2n(t,dp);
+ save++;
+ }
+ *(out++)= *(in++)^d[n];
+ n=(n+1)&0x07;
+ }
+ if (save)
+ {
+ v0=ti[0];
+ v1=ti[1];
+ iv=(unsigned char *)ivec;
+ l2n(v0,iv);
+ l2n(v1,iv);
+ }
+ t=v0=v1=ti[0]=ti[1]=0;
+ *num=n;
+ }
+
diff --git a/src/lib/libssl/src/crypto/cast/c_skey.c b/src/lib/libssl/src/crypto/cast/c_skey.c
new file mode 100644
index 0000000000..2fc3363dcd
--- /dev/null
+++ b/src/lib/libssl/src/crypto/cast/c_skey.c
@@ -0,0 +1,165 @@
+/* crypto/cast/c_skey.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "cast.h"
+#include "cast_lcl.h"
+#include "cast_s.h"
+
+#define CAST_exp(l,A,a,n) \
+ A[n/4]=l; \
+ a[n+3]=(l )&0xff; \
+ a[n+2]=(l>> 8)&0xff; \
+ a[n+1]=(l>>16)&0xff; \
+ a[n+0]=(l>>24)&0xff;
+
+#define S4 CAST_S_table4
+#define S5 CAST_S_table5
+#define S6 CAST_S_table6
+#define S7 CAST_S_table7
+
+void CAST_set_key(key,len,data)
+CAST_KEY *key;
+int len;
+unsigned char *data;
+ {
+ CAST_LONG x[16];
+ CAST_LONG z[16];
+ CAST_LONG k[32];
+ CAST_LONG X[4],Z[4];
+ CAST_LONG l,*K;
+ int i;
+
+ for (i=0; i<16; i++) x[i]=0;
+ if (len > 16) len=16;
+ for (i=0; i<len; i++)
+ x[i]=data[i];
+
+ K= &k[0];
+ X[0]=((x[ 0]<<24)|(x[ 1]<<16)|(x[ 2]<<8)|x[ 3])&0xffffffffL;
+ X[1]=((x[ 4]<<24)|(x[ 5]<<16)|(x[ 6]<<8)|x[ 7])&0xffffffffL;
+ X[2]=((x[ 8]<<24)|(x[ 9]<<16)|(x[10]<<8)|x[11])&0xffffffffL;
+ X[3]=((x[12]<<24)|(x[13]<<16)|(x[14]<<8)|x[15])&0xffffffffL;
+
+ for (;;)
+ {
+ l=X[0]^S4[x[13]]^S5[x[15]]^S6[x[12]]^S7[x[14]]^S6[x[ 8]];
+ CAST_exp(l,Z,z, 0);
+ l=X[2]^S4[z[ 0]]^S5[z[ 2]]^S6[z[ 1]]^S7[z[ 3]]^S7[x[10]];
+ CAST_exp(l,Z,z, 4);
+ l=X[3]^S4[z[ 7]]^S5[z[ 6]]^S6[z[ 5]]^S7[z[ 4]]^S4[x[ 9]];
+ CAST_exp(l,Z,z, 8);
+ l=X[1]^S4[z[10]]^S5[z[ 9]]^S6[z[11]]^S7[z[ 8]]^S5[x[11]];
+ CAST_exp(l,Z,z,12);
+
+ K[ 0]= S4[z[ 8]]^S5[z[ 9]]^S6[z[ 7]]^S7[z[ 6]]^S4[z[ 2]];
+ K[ 1]= S4[z[10]]^S5[z[11]]^S6[z[ 5]]^S7[z[ 4]]^S5[z[ 6]];
+ K[ 2]= S4[z[12]]^S5[z[13]]^S6[z[ 3]]^S7[z[ 2]]^S6[z[ 9]];
+ K[ 3]= S4[z[14]]^S5[z[15]]^S6[z[ 1]]^S7[z[ 0]]^S7[z[12]];
+
+ l=Z[2]^S4[z[ 5]]^S5[z[ 7]]^S6[z[ 4]]^S7[z[ 6]]^S6[z[ 0]];
+ CAST_exp(l,X,x, 0);
+ l=Z[0]^S4[x[ 0]]^S5[x[ 2]]^S6[x[ 1]]^S7[x[ 3]]^S7[z[ 2]];
+ CAST_exp(l,X,x, 4);
+ l=Z[1]^S4[x[ 7]]^S5[x[ 6]]^S6[x[ 5]]^S7[x[ 4]]^S4[z[ 1]];
+ CAST_exp(l,X,x, 8);
+ l=Z[3]^S4[x[10]]^S5[x[ 9]]^S6[x[11]]^S7[x[ 8]]^S5[z[ 3]];
+ CAST_exp(l,X,x,12);
+
+ K[ 4]= S4[x[ 3]]^S5[x[ 2]]^S6[x[12]]^S7[x[13]]^S4[x[ 8]];
+ K[ 5]= S4[x[ 1]]^S5[x[ 0]]^S6[x[14]]^S7[x[15]]^S5[x[13]];
+ K[ 6]= S4[x[ 7]]^S5[x[ 6]]^S6[x[ 8]]^S7[x[ 9]]^S6[x[ 3]];
+ K[ 7]= S4[x[ 5]]^S5[x[ 4]]^S6[x[10]]^S7[x[11]]^S7[x[ 7]];
+
+ l=X[0]^S4[x[13]]^S5[x[15]]^S6[x[12]]^S7[x[14]]^S6[x[ 8]];
+ CAST_exp(l,Z,z, 0);
+ l=X[2]^S4[z[ 0]]^S5[z[ 2]]^S6[z[ 1]]^S7[z[ 3]]^S7[x[10]];
+ CAST_exp(l,Z,z, 4);
+ l=X[3]^S4[z[ 7]]^S5[z[ 6]]^S6[z[ 5]]^S7[z[ 4]]^S4[x[ 9]];
+ CAST_exp(l,Z,z, 8);
+ l=X[1]^S4[z[10]]^S5[z[ 9]]^S6[z[11]]^S7[z[ 8]]^S5[x[11]];
+ CAST_exp(l,Z,z,12);
+
+ K[ 8]= S4[z[ 3]]^S5[z[ 2]]^S6[z[12]]^S7[z[13]]^S4[z[ 9]];
+ K[ 9]= S4[z[ 1]]^S5[z[ 0]]^S6[z[14]]^S7[z[15]]^S5[z[12]];
+ K[10]= S4[z[ 7]]^S5[z[ 6]]^S6[z[ 8]]^S7[z[ 9]]^S6[z[ 2]];
+ K[11]= S4[z[ 5]]^S5[z[ 4]]^S6[z[10]]^S7[z[11]]^S7[z[ 6]];
+
+ l=Z[2]^S4[z[ 5]]^S5[z[ 7]]^S6[z[ 4]]^S7[z[ 6]]^S6[z[ 0]];
+ CAST_exp(l,X,x, 0);
+ l=Z[0]^S4[x[ 0]]^S5[x[ 2]]^S6[x[ 1]]^S7[x[ 3]]^S7[z[ 2]];
+ CAST_exp(l,X,x, 4);
+ l=Z[1]^S4[x[ 7]]^S5[x[ 6]]^S6[x[ 5]]^S7[x[ 4]]^S4[z[ 1]];
+ CAST_exp(l,X,x, 8);
+ l=Z[3]^S4[x[10]]^S5[x[ 9]]^S6[x[11]]^S7[x[ 8]]^S5[z[ 3]];
+ CAST_exp(l,X,x,12);
+
+ K[12]= S4[x[ 8]]^S5[x[ 9]]^S6[x[ 7]]^S7[x[ 6]]^S4[x[ 3]];
+ K[13]= S4[x[10]]^S5[x[11]]^S6[x[ 5]]^S7[x[ 4]]^S5[x[ 7]];
+ K[14]= S4[x[12]]^S5[x[13]]^S6[x[ 3]]^S7[x[ 2]]^S6[x[ 8]];
+ K[15]= S4[x[14]]^S5[x[15]]^S6[x[ 1]]^S7[x[ 0]]^S7[x[13]];
+ if (K != k) break;
+ K+=16;
+ }
+
+ for (i=0; i<16; i++)
+ {
+ key->data[i*2]=k[i];
+ key->data[i*2+1]=((k[i+16])+16)&0x1f;
+ }
+ }
+
diff --git a/src/lib/libssl/src/crypto/cast/cast.h b/src/lib/libssl/src/crypto/cast/cast.h
new file mode 100644
index 0000000000..528cb7c824
--- /dev/null
+++ b/src/lib/libssl/src/crypto/cast/cast.h
@@ -0,0 +1,109 @@
+/* crypto/cast/cast.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_CAST_H
+#define HEADER_CAST_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define CAST_ENCRYPT 1
+#define CAST_DECRYPT 0
+
+#define CAST_LONG unsigned long
+
+#define CAST_BLOCK 8
+#define CAST_KEY_LENGTH 16
+
+typedef struct cast_key_st
+ {
+ CAST_LONG data[32];
+ } CAST_KEY;
+
+#ifndef NOPROTO
+
+void CAST_set_key(CAST_KEY *key, int len, unsigned char *data);
+void CAST_ecb_encrypt(unsigned char *in,unsigned char *out,CAST_KEY *key,
+ int enc);
+void CAST_encrypt(CAST_LONG *data,CAST_KEY *key);
+void CAST_decrypt(CAST_LONG *data,CAST_KEY *key);
+void CAST_cbc_encrypt(unsigned char *in, unsigned char *out, long length,
+ CAST_KEY *ks, unsigned char *iv, int enc);
+void CAST_cfb64_encrypt(unsigned char *in, unsigned char *out, long length,
+ CAST_KEY *schedule, unsigned char *ivec, int *num, int enc);
+void CAST_ofb64_encrypt(unsigned char *in, unsigned char *out, long length,
+ CAST_KEY *schedule, unsigned char *ivec, int *num);
+
+#else
+
+void CAST_set_key();
+void CAST_ecb_encrypt();
+void CAST_encrypt();
+void CAST_decrypt();
+void CAST_cbc_encrypt();
+void CAST_cfb64_encrypt();
+void CAST_ofb64_encrypt();
+
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/src/lib/libssl/src/crypto/cast/cast_lcl.h b/src/lib/libssl/src/crypto/cast/cast_lcl.h
new file mode 100644
index 0000000000..6587952a96
--- /dev/null
+++ b/src/lib/libssl/src/crypto/cast/cast_lcl.h
@@ -0,0 +1,224 @@
+/* crypto/cast/cast_lcl.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifdef WIN32
+#include <stdlib.h>
+#endif
+
+#undef c2l
+#define c2l(c,l) (l =((unsigned long)(*((c)++))) , \
+ l|=((unsigned long)(*((c)++)))<< 8L, \
+ l|=((unsigned long)(*((c)++)))<<16L, \
+ l|=((unsigned long)(*((c)++)))<<24L)
+
+/* NOTE - c is not incremented as per c2l */
+#undef c2ln
+#define c2ln(c,l1,l2,n) { \
+ c+=n; \
+ l1=l2=0; \
+ switch (n) { \
+ case 8: l2 =((unsigned long)(*(--(c))))<<24L; \
+ case 7: l2|=((unsigned long)(*(--(c))))<<16L; \
+ case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \
+ case 5: l2|=((unsigned long)(*(--(c)))); \
+ case 4: l1 =((unsigned long)(*(--(c))))<<24L; \
+ case 3: l1|=((unsigned long)(*(--(c))))<<16L; \
+ case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \
+ case 1: l1|=((unsigned long)(*(--(c)))); \
+ } \
+ }
+
+#undef l2c
+#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>24L)&0xff))
+
+/* NOTE - c is not incremented as per l2c */
+#undef l2cn
+#define l2cn(l1,l2,c,n) { \
+ c+=n; \
+ switch (n) { \
+ case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
+ case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
+ case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
+ case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
+ case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
+ case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
+ case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
+ case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
+ } \
+ }
+
+/* NOTE - c is not incremented as per n2l */
+#define n2ln(c,l1,l2,n) { \
+ c+=n; \
+ l1=l2=0; \
+ switch (n) { \
+ case 8: l2 =((unsigned long)(*(--(c)))) ; \
+ case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
+ case 6: l2|=((unsigned long)(*(--(c))))<<16; \
+ case 5: l2|=((unsigned long)(*(--(c))))<<24; \
+ case 4: l1 =((unsigned long)(*(--(c)))) ; \
+ case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
+ case 2: l1|=((unsigned long)(*(--(c))))<<16; \
+ case 1: l1|=((unsigned long)(*(--(c))))<<24; \
+ } \
+ }
+
+/* NOTE - c is not incremented as per l2n */
+#define l2nn(l1,l2,c,n) { \
+ c+=n; \
+ switch (n) { \
+ case 8: *(--(c))=(unsigned char)(((l2) )&0xff); \
+ case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
+ case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
+ case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
+ case 4: *(--(c))=(unsigned char)(((l1) )&0xff); \
+ case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
+ case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
+ case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
+ } \
+ }
+
+#undef n2l
+#define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24L, \
+ l|=((unsigned long)(*((c)++)))<<16L, \
+ l|=((unsigned long)(*((c)++)))<< 8L, \
+ l|=((unsigned long)(*((c)++))))
+
+#undef l2n
+#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+ *((c)++)=(unsigned char)(((l) )&0xff))
+
+#if defined(WIN32)
+#define ROTL(a,n) (_lrotl(a,n))
+#else
+#define ROTL(a,n) ((((a)<<(n))&0xffffffffL)|((a)>>(32-(n))))
+#endif
+
+#define C_M 0x3fc
+#define C_0 22L
+#define C_1 14L
+#define C_2 6L
+#define C_3 2L /* left shift */
+
+/* The rotate has an extra 16 added to it to help the x86 asm */
+#if defined(CAST_PTR)
+#define E_CAST(n,key,L,R,OP1,OP2,OP3) \
+ { \
+ int i; \
+ t=(key[n*2] OP1 R)&0xffffffffL; \
+ i=key[n*2+1]; \
+ t=ROTL(t,i); \
+ L^= (((((*(CAST_LONG *)((unsigned char *) \
+ CAST_S_table0+((t>>C_2)&C_M)) OP2 \
+ *(CAST_LONG *)((unsigned char *) \
+ CAST_S_table1+((t<<C_3)&C_M)))&0xffffffffL) OP3 \
+ *(CAST_LONG *)((unsigned char *) \
+ CAST_S_table2+((t>>C_0)&C_M)))&0xffffffffL) OP1 \
+ *(CAST_LONG *)((unsigned char *) \
+ CAST_S_table3+((t>>C_1)&C_M)))&0xffffffffL; \
+ }
+#elif defined(CAST_PTR2)
+#define E_CAST(n,key,L,R,OP1,OP2,OP3) \
+ { \
+ int i; \
+ CAST_LONG u,v,w; \
+ w=(key[n*2] OP1 R)&0xffffffffL; \
+ i=key[n*2+1]; \
+ w=ROTL(w,i); \
+ u=w>>C_2; \
+ v=w<<C_3; \
+ u&=C_M; \
+ v&=C_M; \
+ t= *(CAST_LONG *)((unsigned char *)CAST_S_table0+u); \
+ u=w>>C_0; \
+ t=(t OP2 *(CAST_LONG *)((unsigned char *)CAST_S_table1+v))&0xffffffffL;\
+ v=w>>C_1; \
+ u&=C_M; \
+ v&=C_M; \
+ t=(t OP3 *(CAST_LONG *)((unsigned char *)CAST_S_table2+u)&0xffffffffL);\
+ t=(t OP1 *(CAST_LONG *)((unsigned char *)CAST_S_table3+v)&0xffffffffL);\
+ L^=(t&0xffffffff); \
+ }
+#else
+#define E_CAST(n,key,L,R,OP1,OP2,OP3) \
+ { \
+ CAST_LONG a,b,c,d; \
+ t=(key[n*2] OP1 R)&0xffffffff; \
+ t=ROTL(t,(key[n*2+1])); \
+ a=CAST_S_table0[(t>> 8)&0xff]; \
+ b=CAST_S_table1[(t )&0xff]; \
+ c=CAST_S_table2[(t>>24)&0xff]; \
+ d=CAST_S_table3[(t>>16)&0xff]; \
+ L^=(((((a OP2 b)&0xffffffffL) OP3 c)&0xffffffffL) OP1 d)&0xffffffffL; \
+ }
+#endif
+
+extern CAST_LONG CAST_S_table0[256];
+extern CAST_LONG CAST_S_table1[256];
+extern CAST_LONG CAST_S_table2[256];
+extern CAST_LONG CAST_S_table3[256];
+extern CAST_LONG CAST_S_table4[256];
+extern CAST_LONG CAST_S_table5[256];
+extern CAST_LONG CAST_S_table6[256];
+extern CAST_LONG CAST_S_table7[256];
+
diff --git a/src/lib/libssl/src/crypto/cast/cast_s.h b/src/lib/libssl/src/crypto/cast/cast_s.h
new file mode 100644
index 0000000000..8fe0152149
--- /dev/null
+++ b/src/lib/libssl/src/crypto/cast/cast_s.h
@@ -0,0 +1,585 @@
+/* crypto/cast/cast_s.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+CAST_LONG CAST_S_table0[256]={
+ 0x30fb40d4,0x9fa0ff0b,0x6beccd2f,0x3f258c7a,
+ 0x1e213f2f,0x9c004dd3,0x6003e540,0xcf9fc949,
+ 0xbfd4af27,0x88bbbdb5,0xe2034090,0x98d09675,
+ 0x6e63a0e0,0x15c361d2,0xc2e7661d,0x22d4ff8e,
+ 0x28683b6f,0xc07fd059,0xff2379c8,0x775f50e2,
+ 0x43c340d3,0xdf2f8656,0x887ca41a,0xa2d2bd2d,
+ 0xa1c9e0d6,0x346c4819,0x61b76d87,0x22540f2f,
+ 0x2abe32e1,0xaa54166b,0x22568e3a,0xa2d341d0,
+ 0x66db40c8,0xa784392f,0x004dff2f,0x2db9d2de,
+ 0x97943fac,0x4a97c1d8,0x527644b7,0xb5f437a7,
+ 0xb82cbaef,0xd751d159,0x6ff7f0ed,0x5a097a1f,
+ 0x827b68d0,0x90ecf52e,0x22b0c054,0xbc8e5935,
+ 0x4b6d2f7f,0x50bb64a2,0xd2664910,0xbee5812d,
+ 0xb7332290,0xe93b159f,0xb48ee411,0x4bff345d,
+ 0xfd45c240,0xad31973f,0xc4f6d02e,0x55fc8165,
+ 0xd5b1caad,0xa1ac2dae,0xa2d4b76d,0xc19b0c50,
+ 0x882240f2,0x0c6e4f38,0xa4e4bfd7,0x4f5ba272,
+ 0x564c1d2f,0xc59c5319,0xb949e354,0xb04669fe,
+ 0xb1b6ab8a,0xc71358dd,0x6385c545,0x110f935d,
+ 0x57538ad5,0x6a390493,0xe63d37e0,0x2a54f6b3,
+ 0x3a787d5f,0x6276a0b5,0x19a6fcdf,0x7a42206a,
+ 0x29f9d4d5,0xf61b1891,0xbb72275e,0xaa508167,
+ 0x38901091,0xc6b505eb,0x84c7cb8c,0x2ad75a0f,
+ 0x874a1427,0xa2d1936b,0x2ad286af,0xaa56d291,
+ 0xd7894360,0x425c750d,0x93b39e26,0x187184c9,
+ 0x6c00b32d,0x73e2bb14,0xa0bebc3c,0x54623779,
+ 0x64459eab,0x3f328b82,0x7718cf82,0x59a2cea6,
+ 0x04ee002e,0x89fe78e6,0x3fab0950,0x325ff6c2,
+ 0x81383f05,0x6963c5c8,0x76cb5ad6,0xd49974c9,
+ 0xca180dcf,0x380782d5,0xc7fa5cf6,0x8ac31511,
+ 0x35e79e13,0x47da91d0,0xf40f9086,0xa7e2419e,
+ 0x31366241,0x051ef495,0xaa573b04,0x4a805d8d,
+ 0x548300d0,0x00322a3c,0xbf64cddf,0xba57a68e,
+ 0x75c6372b,0x50afd341,0xa7c13275,0x915a0bf5,
+ 0x6b54bfab,0x2b0b1426,0xab4cc9d7,0x449ccd82,
+ 0xf7fbf265,0xab85c5f3,0x1b55db94,0xaad4e324,
+ 0xcfa4bd3f,0x2deaa3e2,0x9e204d02,0xc8bd25ac,
+ 0xeadf55b3,0xd5bd9e98,0xe31231b2,0x2ad5ad6c,
+ 0x954329de,0xadbe4528,0xd8710f69,0xaa51c90f,
+ 0xaa786bf6,0x22513f1e,0xaa51a79b,0x2ad344cc,
+ 0x7b5a41f0,0xd37cfbad,0x1b069505,0x41ece491,
+ 0xb4c332e6,0x032268d4,0xc9600acc,0xce387e6d,
+ 0xbf6bb16c,0x6a70fb78,0x0d03d9c9,0xd4df39de,
+ 0xe01063da,0x4736f464,0x5ad328d8,0xb347cc96,
+ 0x75bb0fc3,0x98511bfb,0x4ffbcc35,0xb58bcf6a,
+ 0xe11f0abc,0xbfc5fe4a,0xa70aec10,0xac39570a,
+ 0x3f04442f,0x6188b153,0xe0397a2e,0x5727cb79,
+ 0x9ceb418f,0x1cacd68d,0x2ad37c96,0x0175cb9d,
+ 0xc69dff09,0xc75b65f0,0xd9db40d8,0xec0e7779,
+ 0x4744ead4,0xb11c3274,0xdd24cb9e,0x7e1c54bd,
+ 0xf01144f9,0xd2240eb1,0x9675b3fd,0xa3ac3755,
+ 0xd47c27af,0x51c85f4d,0x56907596,0xa5bb15e6,
+ 0x580304f0,0xca042cf1,0x011a37ea,0x8dbfaadb,
+ 0x35ba3e4a,0x3526ffa0,0xc37b4d09,0xbc306ed9,
+ 0x98a52666,0x5648f725,0xff5e569d,0x0ced63d0,
+ 0x7c63b2cf,0x700b45e1,0xd5ea50f1,0x85a92872,
+ 0xaf1fbda7,0xd4234870,0xa7870bf3,0x2d3b4d79,
+ 0x42e04198,0x0cd0ede7,0x26470db8,0xf881814c,
+ 0x474d6ad7,0x7c0c5e5c,0xd1231959,0x381b7298,
+ 0xf5d2f4db,0xab838653,0x6e2f1e23,0x83719c9e,
+ 0xbd91e046,0x9a56456e,0xdc39200c,0x20c8c571,
+ 0x962bda1c,0xe1e696ff,0xb141ab08,0x7cca89b9,
+ 0x1a69e783,0x02cc4843,0xa2f7c579,0x429ef47d,
+ 0x427b169c,0x5ac9f049,0xdd8f0f00,0x5c8165bf,
+ };
+CAST_LONG CAST_S_table1[256]={
+ 0x1f201094,0xef0ba75b,0x69e3cf7e,0x393f4380,
+ 0xfe61cf7a,0xeec5207a,0x55889c94,0x72fc0651,
+ 0xada7ef79,0x4e1d7235,0xd55a63ce,0xde0436ba,
+ 0x99c430ef,0x5f0c0794,0x18dcdb7d,0xa1d6eff3,
+ 0xa0b52f7b,0x59e83605,0xee15b094,0xe9ffd909,
+ 0xdc440086,0xef944459,0xba83ccb3,0xe0c3cdfb,
+ 0xd1da4181,0x3b092ab1,0xf997f1c1,0xa5e6cf7b,
+ 0x01420ddb,0xe4e7ef5b,0x25a1ff41,0xe180f806,
+ 0x1fc41080,0x179bee7a,0xd37ac6a9,0xfe5830a4,
+ 0x98de8b7f,0x77e83f4e,0x79929269,0x24fa9f7b,
+ 0xe113c85b,0xacc40083,0xd7503525,0xf7ea615f,
+ 0x62143154,0x0d554b63,0x5d681121,0xc866c359,
+ 0x3d63cf73,0xcee234c0,0xd4d87e87,0x5c672b21,
+ 0x071f6181,0x39f7627f,0x361e3084,0xe4eb573b,
+ 0x602f64a4,0xd63acd9c,0x1bbc4635,0x9e81032d,
+ 0x2701f50c,0x99847ab4,0xa0e3df79,0xba6cf38c,
+ 0x10843094,0x2537a95e,0xf46f6ffe,0xa1ff3b1f,
+ 0x208cfb6a,0x8f458c74,0xd9e0a227,0x4ec73a34,
+ 0xfc884f69,0x3e4de8df,0xef0e0088,0x3559648d,
+ 0x8a45388c,0x1d804366,0x721d9bfd,0xa58684bb,
+ 0xe8256333,0x844e8212,0x128d8098,0xfed33fb4,
+ 0xce280ae1,0x27e19ba5,0xd5a6c252,0xe49754bd,
+ 0xc5d655dd,0xeb667064,0x77840b4d,0xa1b6a801,
+ 0x84db26a9,0xe0b56714,0x21f043b7,0xe5d05860,
+ 0x54f03084,0x066ff472,0xa31aa153,0xdadc4755,
+ 0xb5625dbf,0x68561be6,0x83ca6b94,0x2d6ed23b,
+ 0xeccf01db,0xa6d3d0ba,0xb6803d5c,0xaf77a709,
+ 0x33b4a34c,0x397bc8d6,0x5ee22b95,0x5f0e5304,
+ 0x81ed6f61,0x20e74364,0xb45e1378,0xde18639b,
+ 0x881ca122,0xb96726d1,0x8049a7e8,0x22b7da7b,
+ 0x5e552d25,0x5272d237,0x79d2951c,0xc60d894c,
+ 0x488cb402,0x1ba4fe5b,0xa4b09f6b,0x1ca815cf,
+ 0xa20c3005,0x8871df63,0xb9de2fcb,0x0cc6c9e9,
+ 0x0beeff53,0xe3214517,0xb4542835,0x9f63293c,
+ 0xee41e729,0x6e1d2d7c,0x50045286,0x1e6685f3,
+ 0xf33401c6,0x30a22c95,0x31a70850,0x60930f13,
+ 0x73f98417,0xa1269859,0xec645c44,0x52c877a9,
+ 0xcdff33a6,0xa02b1741,0x7cbad9a2,0x2180036f,
+ 0x50d99c08,0xcb3f4861,0xc26bd765,0x64a3f6ab,
+ 0x80342676,0x25a75e7b,0xe4e6d1fc,0x20c710e6,
+ 0xcdf0b680,0x17844d3b,0x31eef84d,0x7e0824e4,
+ 0x2ccb49eb,0x846a3bae,0x8ff77888,0xee5d60f6,
+ 0x7af75673,0x2fdd5cdb,0xa11631c1,0x30f66f43,
+ 0xb3faec54,0x157fd7fa,0xef8579cc,0xd152de58,
+ 0xdb2ffd5e,0x8f32ce19,0x306af97a,0x02f03ef8,
+ 0x99319ad5,0xc242fa0f,0xa7e3ebb0,0xc68e4906,
+ 0xb8da230c,0x80823028,0xdcdef3c8,0xd35fb171,
+ 0x088a1bc8,0xbec0c560,0x61a3c9e8,0xbca8f54d,
+ 0xc72feffa,0x22822e99,0x82c570b4,0xd8d94e89,
+ 0x8b1c34bc,0x301e16e6,0x273be979,0xb0ffeaa6,
+ 0x61d9b8c6,0x00b24869,0xb7ffce3f,0x08dc283b,
+ 0x43daf65a,0xf7e19798,0x7619b72f,0x8f1c9ba4,
+ 0xdc8637a0,0x16a7d3b1,0x9fc393b7,0xa7136eeb,
+ 0xc6bcc63e,0x1a513742,0xef6828bc,0x520365d6,
+ 0x2d6a77ab,0x3527ed4b,0x821fd216,0x095c6e2e,
+ 0xdb92f2fb,0x5eea29cb,0x145892f5,0x91584f7f,
+ 0x5483697b,0x2667a8cc,0x85196048,0x8c4bacea,
+ 0x833860d4,0x0d23e0f9,0x6c387e8a,0x0ae6d249,
+ 0xb284600c,0xd835731d,0xdcb1c647,0xac4c56ea,
+ 0x3ebd81b3,0x230eabb0,0x6438bc87,0xf0b5b1fa,
+ 0x8f5ea2b3,0xfc184642,0x0a036b7a,0x4fb089bd,
+ 0x649da589,0xa345415e,0x5c038323,0x3e5d3bb9,
+ 0x43d79572,0x7e6dd07c,0x06dfdf1e,0x6c6cc4ef,
+ 0x7160a539,0x73bfbe70,0x83877605,0x4523ecf1,
+ };
+CAST_LONG CAST_S_table2[256]={
+ 0x8defc240,0x25fa5d9f,0xeb903dbf,0xe810c907,
+ 0x47607fff,0x369fe44b,0x8c1fc644,0xaececa90,
+ 0xbeb1f9bf,0xeefbcaea,0xe8cf1950,0x51df07ae,
+ 0x920e8806,0xf0ad0548,0xe13c8d83,0x927010d5,
+ 0x11107d9f,0x07647db9,0xb2e3e4d4,0x3d4f285e,
+ 0xb9afa820,0xfade82e0,0xa067268b,0x8272792e,
+ 0x553fb2c0,0x489ae22b,0xd4ef9794,0x125e3fbc,
+ 0x21fffcee,0x825b1bfd,0x9255c5ed,0x1257a240,
+ 0x4e1a8302,0xbae07fff,0x528246e7,0x8e57140e,
+ 0x3373f7bf,0x8c9f8188,0xa6fc4ee8,0xc982b5a5,
+ 0xa8c01db7,0x579fc264,0x67094f31,0xf2bd3f5f,
+ 0x40fff7c1,0x1fb78dfc,0x8e6bd2c1,0x437be59b,
+ 0x99b03dbf,0xb5dbc64b,0x638dc0e6,0x55819d99,
+ 0xa197c81c,0x4a012d6e,0xc5884a28,0xccc36f71,
+ 0xb843c213,0x6c0743f1,0x8309893c,0x0feddd5f,
+ 0x2f7fe850,0xd7c07f7e,0x02507fbf,0x5afb9a04,
+ 0xa747d2d0,0x1651192e,0xaf70bf3e,0x58c31380,
+ 0x5f98302e,0x727cc3c4,0x0a0fb402,0x0f7fef82,
+ 0x8c96fdad,0x5d2c2aae,0x8ee99a49,0x50da88b8,
+ 0x8427f4a0,0x1eac5790,0x796fb449,0x8252dc15,
+ 0xefbd7d9b,0xa672597d,0xada840d8,0x45f54504,
+ 0xfa5d7403,0xe83ec305,0x4f91751a,0x925669c2,
+ 0x23efe941,0xa903f12e,0x60270df2,0x0276e4b6,
+ 0x94fd6574,0x927985b2,0x8276dbcb,0x02778176,
+ 0xf8af918d,0x4e48f79e,0x8f616ddf,0xe29d840e,
+ 0x842f7d83,0x340ce5c8,0x96bbb682,0x93b4b148,
+ 0xef303cab,0x984faf28,0x779faf9b,0x92dc560d,
+ 0x224d1e20,0x8437aa88,0x7d29dc96,0x2756d3dc,
+ 0x8b907cee,0xb51fd240,0xe7c07ce3,0xe566b4a1,
+ 0xc3e9615e,0x3cf8209d,0x6094d1e3,0xcd9ca341,
+ 0x5c76460e,0x00ea983b,0xd4d67881,0xfd47572c,
+ 0xf76cedd9,0xbda8229c,0x127dadaa,0x438a074e,
+ 0x1f97c090,0x081bdb8a,0x93a07ebe,0xb938ca15,
+ 0x97b03cff,0x3dc2c0f8,0x8d1ab2ec,0x64380e51,
+ 0x68cc7bfb,0xd90f2788,0x12490181,0x5de5ffd4,
+ 0xdd7ef86a,0x76a2e214,0xb9a40368,0x925d958f,
+ 0x4b39fffa,0xba39aee9,0xa4ffd30b,0xfaf7933b,
+ 0x6d498623,0x193cbcfa,0x27627545,0x825cf47a,
+ 0x61bd8ba0,0xd11e42d1,0xcead04f4,0x127ea392,
+ 0x10428db7,0x8272a972,0x9270c4a8,0x127de50b,
+ 0x285ba1c8,0x3c62f44f,0x35c0eaa5,0xe805d231,
+ 0x428929fb,0xb4fcdf82,0x4fb66a53,0x0e7dc15b,
+ 0x1f081fab,0x108618ae,0xfcfd086d,0xf9ff2889,
+ 0x694bcc11,0x236a5cae,0x12deca4d,0x2c3f8cc5,
+ 0xd2d02dfe,0xf8ef5896,0xe4cf52da,0x95155b67,
+ 0x494a488c,0xb9b6a80c,0x5c8f82bc,0x89d36b45,
+ 0x3a609437,0xec00c9a9,0x44715253,0x0a874b49,
+ 0xd773bc40,0x7c34671c,0x02717ef6,0x4feb5536,
+ 0xa2d02fff,0xd2bf60c4,0xd43f03c0,0x50b4ef6d,
+ 0x07478cd1,0x006e1888,0xa2e53f55,0xb9e6d4bc,
+ 0xa2048016,0x97573833,0xd7207d67,0xde0f8f3d,
+ 0x72f87b33,0xabcc4f33,0x7688c55d,0x7b00a6b0,
+ 0x947b0001,0x570075d2,0xf9bb88f8,0x8942019e,
+ 0x4264a5ff,0x856302e0,0x72dbd92b,0xee971b69,
+ 0x6ea22fde,0x5f08ae2b,0xaf7a616d,0xe5c98767,
+ 0xcf1febd2,0x61efc8c2,0xf1ac2571,0xcc8239c2,
+ 0x67214cb8,0xb1e583d1,0xb7dc3e62,0x7f10bdce,
+ 0xf90a5c38,0x0ff0443d,0x606e6dc6,0x60543a49,
+ 0x5727c148,0x2be98a1d,0x8ab41738,0x20e1be24,
+ 0xaf96da0f,0x68458425,0x99833be5,0x600d457d,
+ 0x282f9350,0x8334b362,0xd91d1120,0x2b6d8da0,
+ 0x642b1e31,0x9c305a00,0x52bce688,0x1b03588a,
+ 0xf7baefd5,0x4142ed9c,0xa4315c11,0x83323ec5,
+ 0xdfef4636,0xa133c501,0xe9d3531c,0xee353783,
+ };
+CAST_LONG CAST_S_table3[256]={
+ 0x9db30420,0x1fb6e9de,0xa7be7bef,0xd273a298,
+ 0x4a4f7bdb,0x64ad8c57,0x85510443,0xfa020ed1,
+ 0x7e287aff,0xe60fb663,0x095f35a1,0x79ebf120,
+ 0xfd059d43,0x6497b7b1,0xf3641f63,0x241e4adf,
+ 0x28147f5f,0x4fa2b8cd,0xc9430040,0x0cc32220,
+ 0xfdd30b30,0xc0a5374f,0x1d2d00d9,0x24147b15,
+ 0xee4d111a,0x0fca5167,0x71ff904c,0x2d195ffe,
+ 0x1a05645f,0x0c13fefe,0x081b08ca,0x05170121,
+ 0x80530100,0xe83e5efe,0xac9af4f8,0x7fe72701,
+ 0xd2b8ee5f,0x06df4261,0xbb9e9b8a,0x7293ea25,
+ 0xce84ffdf,0xf5718801,0x3dd64b04,0xa26f263b,
+ 0x7ed48400,0x547eebe6,0x446d4ca0,0x6cf3d6f5,
+ 0x2649abdf,0xaea0c7f5,0x36338cc1,0x503f7e93,
+ 0xd3772061,0x11b638e1,0x72500e03,0xf80eb2bb,
+ 0xabe0502e,0xec8d77de,0x57971e81,0xe14f6746,
+ 0xc9335400,0x6920318f,0x081dbb99,0xffc304a5,
+ 0x4d351805,0x7f3d5ce3,0xa6c866c6,0x5d5bcca9,
+ 0xdaec6fea,0x9f926f91,0x9f46222f,0x3991467d,
+ 0xa5bf6d8e,0x1143c44f,0x43958302,0xd0214eeb,
+ 0x022083b8,0x3fb6180c,0x18f8931e,0x281658e6,
+ 0x26486e3e,0x8bd78a70,0x7477e4c1,0xb506e07c,
+ 0xf32d0a25,0x79098b02,0xe4eabb81,0x28123b23,
+ 0x69dead38,0x1574ca16,0xdf871b62,0x211c40b7,
+ 0xa51a9ef9,0x0014377b,0x041e8ac8,0x09114003,
+ 0xbd59e4d2,0xe3d156d5,0x4fe876d5,0x2f91a340,
+ 0x557be8de,0x00eae4a7,0x0ce5c2ec,0x4db4bba6,
+ 0xe756bdff,0xdd3369ac,0xec17b035,0x06572327,
+ 0x99afc8b0,0x56c8c391,0x6b65811c,0x5e146119,
+ 0x6e85cb75,0xbe07c002,0xc2325577,0x893ff4ec,
+ 0x5bbfc92d,0xd0ec3b25,0xb7801ab7,0x8d6d3b24,
+ 0x20c763ef,0xc366a5fc,0x9c382880,0x0ace3205,
+ 0xaac9548a,0xeca1d7c7,0x041afa32,0x1d16625a,
+ 0x6701902c,0x9b757a54,0x31d477f7,0x9126b031,
+ 0x36cc6fdb,0xc70b8b46,0xd9e66a48,0x56e55a79,
+ 0x026a4ceb,0x52437eff,0x2f8f76b4,0x0df980a5,
+ 0x8674cde3,0xedda04eb,0x17a9be04,0x2c18f4df,
+ 0xb7747f9d,0xab2af7b4,0xefc34d20,0x2e096b7c,
+ 0x1741a254,0xe5b6a035,0x213d42f6,0x2c1c7c26,
+ 0x61c2f50f,0x6552daf9,0xd2c231f8,0x25130f69,
+ 0xd8167fa2,0x0418f2c8,0x001a96a6,0x0d1526ab,
+ 0x63315c21,0x5e0a72ec,0x49bafefd,0x187908d9,
+ 0x8d0dbd86,0x311170a7,0x3e9b640c,0xcc3e10d7,
+ 0xd5cad3b6,0x0caec388,0xf73001e1,0x6c728aff,
+ 0x71eae2a1,0x1f9af36e,0xcfcbd12f,0xc1de8417,
+ 0xac07be6b,0xcb44a1d8,0x8b9b0f56,0x013988c3,
+ 0xb1c52fca,0xb4be31cd,0xd8782806,0x12a3a4e2,
+ 0x6f7de532,0x58fd7eb6,0xd01ee900,0x24adffc2,
+ 0xf4990fc5,0x9711aac5,0x001d7b95,0x82e5e7d2,
+ 0x109873f6,0x00613096,0xc32d9521,0xada121ff,
+ 0x29908415,0x7fbb977f,0xaf9eb3db,0x29c9ed2a,
+ 0x5ce2a465,0xa730f32c,0xd0aa3fe8,0x8a5cc091,
+ 0xd49e2ce7,0x0ce454a9,0xd60acd86,0x015f1919,
+ 0x77079103,0xdea03af6,0x78a8565e,0xdee356df,
+ 0x21f05cbe,0x8b75e387,0xb3c50651,0xb8a5c3ef,
+ 0xd8eeb6d2,0xe523be77,0xc2154529,0x2f69efdf,
+ 0xafe67afb,0xf470c4b2,0xf3e0eb5b,0xd6cc9876,
+ 0x39e4460c,0x1fda8538,0x1987832f,0xca007367,
+ 0xa99144f8,0x296b299e,0x492fc295,0x9266beab,
+ 0xb5676e69,0x9bd3ddda,0xdf7e052f,0xdb25701c,
+ 0x1b5e51ee,0xf65324e6,0x6afce36c,0x0316cc04,
+ 0x8644213e,0xb7dc59d0,0x7965291f,0xccd6fd43,
+ 0x41823979,0x932bcdf6,0xb657c34d,0x4edfd282,
+ 0x7ae5290c,0x3cb9536b,0x851e20fe,0x9833557e,
+ 0x13ecf0b0,0xd3ffb372,0x3f85c5c1,0x0aef7ed2,
+ };
+CAST_LONG CAST_S_table4[256]={
+ 0x7ec90c04,0x2c6e74b9,0x9b0e66df,0xa6337911,
+ 0xb86a7fff,0x1dd358f5,0x44dd9d44,0x1731167f,
+ 0x08fbf1fa,0xe7f511cc,0xd2051b00,0x735aba00,
+ 0x2ab722d8,0x386381cb,0xacf6243a,0x69befd7a,
+ 0xe6a2e77f,0xf0c720cd,0xc4494816,0xccf5c180,
+ 0x38851640,0x15b0a848,0xe68b18cb,0x4caadeff,
+ 0x5f480a01,0x0412b2aa,0x259814fc,0x41d0efe2,
+ 0x4e40b48d,0x248eb6fb,0x8dba1cfe,0x41a99b02,
+ 0x1a550a04,0xba8f65cb,0x7251f4e7,0x95a51725,
+ 0xc106ecd7,0x97a5980a,0xc539b9aa,0x4d79fe6a,
+ 0xf2f3f763,0x68af8040,0xed0c9e56,0x11b4958b,
+ 0xe1eb5a88,0x8709e6b0,0xd7e07156,0x4e29fea7,
+ 0x6366e52d,0x02d1c000,0xc4ac8e05,0x9377f571,
+ 0x0c05372a,0x578535f2,0x2261be02,0xd642a0c9,
+ 0xdf13a280,0x74b55bd2,0x682199c0,0xd421e5ec,
+ 0x53fb3ce8,0xc8adedb3,0x28a87fc9,0x3d959981,
+ 0x5c1ff900,0xfe38d399,0x0c4eff0b,0x062407ea,
+ 0xaa2f4fb1,0x4fb96976,0x90c79505,0xb0a8a774,
+ 0xef55a1ff,0xe59ca2c2,0xa6b62d27,0xe66a4263,
+ 0xdf65001f,0x0ec50966,0xdfdd55bc,0x29de0655,
+ 0x911e739a,0x17af8975,0x32c7911c,0x89f89468,
+ 0x0d01e980,0x524755f4,0x03b63cc9,0x0cc844b2,
+ 0xbcf3f0aa,0x87ac36e9,0xe53a7426,0x01b3d82b,
+ 0x1a9e7449,0x64ee2d7e,0xcddbb1da,0x01c94910,
+ 0xb868bf80,0x0d26f3fd,0x9342ede7,0x04a5c284,
+ 0x636737b6,0x50f5b616,0xf24766e3,0x8eca36c1,
+ 0x136e05db,0xfef18391,0xfb887a37,0xd6e7f7d4,
+ 0xc7fb7dc9,0x3063fcdf,0xb6f589de,0xec2941da,
+ 0x26e46695,0xb7566419,0xf654efc5,0xd08d58b7,
+ 0x48925401,0xc1bacb7f,0xe5ff550f,0xb6083049,
+ 0x5bb5d0e8,0x87d72e5a,0xab6a6ee1,0x223a66ce,
+ 0xc62bf3cd,0x9e0885f9,0x68cb3e47,0x086c010f,
+ 0xa21de820,0xd18b69de,0xf3f65777,0xfa02c3f6,
+ 0x407edac3,0xcbb3d550,0x1793084d,0xb0d70eba,
+ 0x0ab378d5,0xd951fb0c,0xded7da56,0x4124bbe4,
+ 0x94ca0b56,0x0f5755d1,0xe0e1e56e,0x6184b5be,
+ 0x580a249f,0x94f74bc0,0xe327888e,0x9f7b5561,
+ 0xc3dc0280,0x05687715,0x646c6bd7,0x44904db3,
+ 0x66b4f0a3,0xc0f1648a,0x697ed5af,0x49e92ff6,
+ 0x309e374f,0x2cb6356a,0x85808573,0x4991f840,
+ 0x76f0ae02,0x083be84d,0x28421c9a,0x44489406,
+ 0x736e4cb8,0xc1092910,0x8bc95fc6,0x7d869cf4,
+ 0x134f616f,0x2e77118d,0xb31b2be1,0xaa90b472,
+ 0x3ca5d717,0x7d161bba,0x9cad9010,0xaf462ba2,
+ 0x9fe459d2,0x45d34559,0xd9f2da13,0xdbc65487,
+ 0xf3e4f94e,0x176d486f,0x097c13ea,0x631da5c7,
+ 0x445f7382,0x175683f4,0xcdc66a97,0x70be0288,
+ 0xb3cdcf72,0x6e5dd2f3,0x20936079,0x459b80a5,
+ 0xbe60e2db,0xa9c23101,0xeba5315c,0x224e42f2,
+ 0x1c5c1572,0xf6721b2c,0x1ad2fff3,0x8c25404e,
+ 0x324ed72f,0x4067b7fd,0x0523138e,0x5ca3bc78,
+ 0xdc0fd66e,0x75922283,0x784d6b17,0x58ebb16e,
+ 0x44094f85,0x3f481d87,0xfcfeae7b,0x77b5ff76,
+ 0x8c2302bf,0xaaf47556,0x5f46b02a,0x2b092801,
+ 0x3d38f5f7,0x0ca81f36,0x52af4a8a,0x66d5e7c0,
+ 0xdf3b0874,0x95055110,0x1b5ad7a8,0xf61ed5ad,
+ 0x6cf6e479,0x20758184,0xd0cefa65,0x88f7be58,
+ 0x4a046826,0x0ff6f8f3,0xa09c7f70,0x5346aba0,
+ 0x5ce96c28,0xe176eda3,0x6bac307f,0x376829d2,
+ 0x85360fa9,0x17e3fe2a,0x24b79767,0xf5a96b20,
+ 0xd6cd2595,0x68ff1ebf,0x7555442c,0xf19f06be,
+ 0xf9e0659a,0xeeb9491d,0x34010718,0xbb30cab8,
+ 0xe822fe15,0x88570983,0x750e6249,0xda627e55,
+ 0x5e76ffa8,0xb1534546,0x6d47de08,0xefe9e7d4,
+ };
+CAST_LONG CAST_S_table5[256]={
+ 0xf6fa8f9d,0x2cac6ce1,0x4ca34867,0xe2337f7c,
+ 0x95db08e7,0x016843b4,0xeced5cbc,0x325553ac,
+ 0xbf9f0960,0xdfa1e2ed,0x83f0579d,0x63ed86b9,
+ 0x1ab6a6b8,0xde5ebe39,0xf38ff732,0x8989b138,
+ 0x33f14961,0xc01937bd,0xf506c6da,0xe4625e7e,
+ 0xa308ea99,0x4e23e33c,0x79cbd7cc,0x48a14367,
+ 0xa3149619,0xfec94bd5,0xa114174a,0xeaa01866,
+ 0xa084db2d,0x09a8486f,0xa888614a,0x2900af98,
+ 0x01665991,0xe1992863,0xc8f30c60,0x2e78ef3c,
+ 0xd0d51932,0xcf0fec14,0xf7ca07d2,0xd0a82072,
+ 0xfd41197e,0x9305a6b0,0xe86be3da,0x74bed3cd,
+ 0x372da53c,0x4c7f4448,0xdab5d440,0x6dba0ec3,
+ 0x083919a7,0x9fbaeed9,0x49dbcfb0,0x4e670c53,
+ 0x5c3d9c01,0x64bdb941,0x2c0e636a,0xba7dd9cd,
+ 0xea6f7388,0xe70bc762,0x35f29adb,0x5c4cdd8d,
+ 0xf0d48d8c,0xb88153e2,0x08a19866,0x1ae2eac8,
+ 0x284caf89,0xaa928223,0x9334be53,0x3b3a21bf,
+ 0x16434be3,0x9aea3906,0xefe8c36e,0xf890cdd9,
+ 0x80226dae,0xc340a4a3,0xdf7e9c09,0xa694a807,
+ 0x5b7c5ecc,0x221db3a6,0x9a69a02f,0x68818a54,
+ 0xceb2296f,0x53c0843a,0xfe893655,0x25bfe68a,
+ 0xb4628abc,0xcf222ebf,0x25ac6f48,0xa9a99387,
+ 0x53bddb65,0xe76ffbe7,0xe967fd78,0x0ba93563,
+ 0x8e342bc1,0xe8a11be9,0x4980740d,0xc8087dfc,
+ 0x8de4bf99,0xa11101a0,0x7fd37975,0xda5a26c0,
+ 0xe81f994f,0x9528cd89,0xfd339fed,0xb87834bf,
+ 0x5f04456d,0x22258698,0xc9c4c83b,0x2dc156be,
+ 0x4f628daa,0x57f55ec5,0xe2220abe,0xd2916ebf,
+ 0x4ec75b95,0x24f2c3c0,0x42d15d99,0xcd0d7fa0,
+ 0x7b6e27ff,0xa8dc8af0,0x7345c106,0xf41e232f,
+ 0x35162386,0xe6ea8926,0x3333b094,0x157ec6f2,
+ 0x372b74af,0x692573e4,0xe9a9d848,0xf3160289,
+ 0x3a62ef1d,0xa787e238,0xf3a5f676,0x74364853,
+ 0x20951063,0x4576698d,0xb6fad407,0x592af950,
+ 0x36f73523,0x4cfb6e87,0x7da4cec0,0x6c152daa,
+ 0xcb0396a8,0xc50dfe5d,0xfcd707ab,0x0921c42f,
+ 0x89dff0bb,0x5fe2be78,0x448f4f33,0x754613c9,
+ 0x2b05d08d,0x48b9d585,0xdc049441,0xc8098f9b,
+ 0x7dede786,0xc39a3373,0x42410005,0x6a091751,
+ 0x0ef3c8a6,0x890072d6,0x28207682,0xa9a9f7be,
+ 0xbf32679d,0xd45b5b75,0xb353fd00,0xcbb0e358,
+ 0x830f220a,0x1f8fb214,0xd372cf08,0xcc3c4a13,
+ 0x8cf63166,0x061c87be,0x88c98f88,0x6062e397,
+ 0x47cf8e7a,0xb6c85283,0x3cc2acfb,0x3fc06976,
+ 0x4e8f0252,0x64d8314d,0xda3870e3,0x1e665459,
+ 0xc10908f0,0x513021a5,0x6c5b68b7,0x822f8aa0,
+ 0x3007cd3e,0x74719eef,0xdc872681,0x073340d4,
+ 0x7e432fd9,0x0c5ec241,0x8809286c,0xf592d891,
+ 0x08a930f6,0x957ef305,0xb7fbffbd,0xc266e96f,
+ 0x6fe4ac98,0xb173ecc0,0xbc60b42a,0x953498da,
+ 0xfba1ae12,0x2d4bd736,0x0f25faab,0xa4f3fceb,
+ 0xe2969123,0x257f0c3d,0x9348af49,0x361400bc,
+ 0xe8816f4a,0x3814f200,0xa3f94043,0x9c7a54c2,
+ 0xbc704f57,0xda41e7f9,0xc25ad33a,0x54f4a084,
+ 0xb17f5505,0x59357cbe,0xedbd15c8,0x7f97c5ab,
+ 0xba5ac7b5,0xb6f6deaf,0x3a479c3a,0x5302da25,
+ 0x653d7e6a,0x54268d49,0x51a477ea,0x5017d55b,
+ 0xd7d25d88,0x44136c76,0x0404a8c8,0xb8e5a121,
+ 0xb81a928a,0x60ed5869,0x97c55b96,0xeaec991b,
+ 0x29935913,0x01fdb7f1,0x088e8dfa,0x9ab6f6f5,
+ 0x3b4cbf9f,0x4a5de3ab,0xe6051d35,0xa0e1d855,
+ 0xd36b4cf1,0xf544edeb,0xb0e93524,0xbebb8fbd,
+ 0xa2d762cf,0x49c92f54,0x38b5f331,0x7128a454,
+ 0x48392905,0xa65b1db8,0x851c97bd,0xd675cf2f,
+ };
+CAST_LONG CAST_S_table6[256]={
+ 0x85e04019,0x332bf567,0x662dbfff,0xcfc65693,
+ 0x2a8d7f6f,0xab9bc912,0xde6008a1,0x2028da1f,
+ 0x0227bce7,0x4d642916,0x18fac300,0x50f18b82,
+ 0x2cb2cb11,0xb232e75c,0x4b3695f2,0xb28707de,
+ 0xa05fbcf6,0xcd4181e9,0xe150210c,0xe24ef1bd,
+ 0xb168c381,0xfde4e789,0x5c79b0d8,0x1e8bfd43,
+ 0x4d495001,0x38be4341,0x913cee1d,0x92a79c3f,
+ 0x089766be,0xbaeeadf4,0x1286becf,0xb6eacb19,
+ 0x2660c200,0x7565bde4,0x64241f7a,0x8248dca9,
+ 0xc3b3ad66,0x28136086,0x0bd8dfa8,0x356d1cf2,
+ 0x107789be,0xb3b2e9ce,0x0502aa8f,0x0bc0351e,
+ 0x166bf52a,0xeb12ff82,0xe3486911,0xd34d7516,
+ 0x4e7b3aff,0x5f43671b,0x9cf6e037,0x4981ac83,
+ 0x334266ce,0x8c9341b7,0xd0d854c0,0xcb3a6c88,
+ 0x47bc2829,0x4725ba37,0xa66ad22b,0x7ad61f1e,
+ 0x0c5cbafa,0x4437f107,0xb6e79962,0x42d2d816,
+ 0x0a961288,0xe1a5c06e,0x13749e67,0x72fc081a,
+ 0xb1d139f7,0xf9583745,0xcf19df58,0xbec3f756,
+ 0xc06eba30,0x07211b24,0x45c28829,0xc95e317f,
+ 0xbc8ec511,0x38bc46e9,0xc6e6fa14,0xbae8584a,
+ 0xad4ebc46,0x468f508b,0x7829435f,0xf124183b,
+ 0x821dba9f,0xaff60ff4,0xea2c4e6d,0x16e39264,
+ 0x92544a8b,0x009b4fc3,0xaba68ced,0x9ac96f78,
+ 0x06a5b79a,0xb2856e6e,0x1aec3ca9,0xbe838688,
+ 0x0e0804e9,0x55f1be56,0xe7e5363b,0xb3a1f25d,
+ 0xf7debb85,0x61fe033c,0x16746233,0x3c034c28,
+ 0xda6d0c74,0x79aac56c,0x3ce4e1ad,0x51f0c802,
+ 0x98f8f35a,0x1626a49f,0xeed82b29,0x1d382fe3,
+ 0x0c4fb99a,0xbb325778,0x3ec6d97b,0x6e77a6a9,
+ 0xcb658b5c,0xd45230c7,0x2bd1408b,0x60c03eb7,
+ 0xb9068d78,0xa33754f4,0xf430c87d,0xc8a71302,
+ 0xb96d8c32,0xebd4e7be,0xbe8b9d2d,0x7979fb06,
+ 0xe7225308,0x8b75cf77,0x11ef8da4,0xe083c858,
+ 0x8d6b786f,0x5a6317a6,0xfa5cf7a0,0x5dda0033,
+ 0xf28ebfb0,0xf5b9c310,0xa0eac280,0x08b9767a,
+ 0xa3d9d2b0,0x79d34217,0x021a718d,0x9ac6336a,
+ 0x2711fd60,0x438050e3,0x069908a8,0x3d7fedc4,
+ 0x826d2bef,0x4eeb8476,0x488dcf25,0x36c9d566,
+ 0x28e74e41,0xc2610aca,0x3d49a9cf,0xbae3b9df,
+ 0xb65f8de6,0x92aeaf64,0x3ac7d5e6,0x9ea80509,
+ 0xf22b017d,0xa4173f70,0xdd1e16c3,0x15e0d7f9,
+ 0x50b1b887,0x2b9f4fd5,0x625aba82,0x6a017962,
+ 0x2ec01b9c,0x15488aa9,0xd716e740,0x40055a2c,
+ 0x93d29a22,0xe32dbf9a,0x058745b9,0x3453dc1e,
+ 0xd699296e,0x496cff6f,0x1c9f4986,0xdfe2ed07,
+ 0xb87242d1,0x19de7eae,0x053e561a,0x15ad6f8c,
+ 0x66626c1c,0x7154c24c,0xea082b2a,0x93eb2939,
+ 0x17dcb0f0,0x58d4f2ae,0x9ea294fb,0x52cf564c,
+ 0x9883fe66,0x2ec40581,0x763953c3,0x01d6692e,
+ 0xd3a0c108,0xa1e7160e,0xe4f2dfa6,0x693ed285,
+ 0x74904698,0x4c2b0edd,0x4f757656,0x5d393378,
+ 0xa132234f,0x3d321c5d,0xc3f5e194,0x4b269301,
+ 0xc79f022f,0x3c997e7e,0x5e4f9504,0x3ffafbbd,
+ 0x76f7ad0e,0x296693f4,0x3d1fce6f,0xc61e45be,
+ 0xd3b5ab34,0xf72bf9b7,0x1b0434c0,0x4e72b567,
+ 0x5592a33d,0xb5229301,0xcfd2a87f,0x60aeb767,
+ 0x1814386b,0x30bcc33d,0x38a0c07d,0xfd1606f2,
+ 0xc363519b,0x589dd390,0x5479f8e6,0x1cb8d647,
+ 0x97fd61a9,0xea7759f4,0x2d57539d,0x569a58cf,
+ 0xe84e63ad,0x462e1b78,0x6580f87e,0xf3817914,
+ 0x91da55f4,0x40a230f3,0xd1988f35,0xb6e318d2,
+ 0x3ffa50bc,0x3d40f021,0xc3c0bdae,0x4958c24c,
+ 0x518f36b2,0x84b1d370,0x0fedce83,0x878ddada,
+ 0xf2a279c7,0x94e01be8,0x90716f4b,0x954b8aa3,
+ };
+CAST_LONG CAST_S_table7[256]={
+ 0xe216300d,0xbbddfffc,0xa7ebdabd,0x35648095,
+ 0x7789f8b7,0xe6c1121b,0x0e241600,0x052ce8b5,
+ 0x11a9cfb0,0xe5952f11,0xece7990a,0x9386d174,
+ 0x2a42931c,0x76e38111,0xb12def3a,0x37ddddfc,
+ 0xde9adeb1,0x0a0cc32c,0xbe197029,0x84a00940,
+ 0xbb243a0f,0xb4d137cf,0xb44e79f0,0x049eedfd,
+ 0x0b15a15d,0x480d3168,0x8bbbde5a,0x669ded42,
+ 0xc7ece831,0x3f8f95e7,0x72df191b,0x7580330d,
+ 0x94074251,0x5c7dcdfa,0xabbe6d63,0xaa402164,
+ 0xb301d40a,0x02e7d1ca,0x53571dae,0x7a3182a2,
+ 0x12a8ddec,0xfdaa335d,0x176f43e8,0x71fb46d4,
+ 0x38129022,0xce949ad4,0xb84769ad,0x965bd862,
+ 0x82f3d055,0x66fb9767,0x15b80b4e,0x1d5b47a0,
+ 0x4cfde06f,0xc28ec4b8,0x57e8726e,0x647a78fc,
+ 0x99865d44,0x608bd593,0x6c200e03,0x39dc5ff6,
+ 0x5d0b00a3,0xae63aff2,0x7e8bd632,0x70108c0c,
+ 0xbbd35049,0x2998df04,0x980cf42a,0x9b6df491,
+ 0x9e7edd53,0x06918548,0x58cb7e07,0x3b74ef2e,
+ 0x522fffb1,0xd24708cc,0x1c7e27cd,0xa4eb215b,
+ 0x3cf1d2e2,0x19b47a38,0x424f7618,0x35856039,
+ 0x9d17dee7,0x27eb35e6,0xc9aff67b,0x36baf5b8,
+ 0x09c467cd,0xc18910b1,0xe11dbf7b,0x06cd1af8,
+ 0x7170c608,0x2d5e3354,0xd4de495a,0x64c6d006,
+ 0xbcc0c62c,0x3dd00db3,0x708f8f34,0x77d51b42,
+ 0x264f620f,0x24b8d2bf,0x15c1b79e,0x46a52564,
+ 0xf8d7e54e,0x3e378160,0x7895cda5,0x859c15a5,
+ 0xe6459788,0xc37bc75f,0xdb07ba0c,0x0676a3ab,
+ 0x7f229b1e,0x31842e7b,0x24259fd7,0xf8bef472,
+ 0x835ffcb8,0x6df4c1f2,0x96f5b195,0xfd0af0fc,
+ 0xb0fe134c,0xe2506d3d,0x4f9b12ea,0xf215f225,
+ 0xa223736f,0x9fb4c428,0x25d04979,0x34c713f8,
+ 0xc4618187,0xea7a6e98,0x7cd16efc,0x1436876c,
+ 0xf1544107,0xbedeee14,0x56e9af27,0xa04aa441,
+ 0x3cf7c899,0x92ecbae6,0xdd67016d,0x151682eb,
+ 0xa842eedf,0xfdba60b4,0xf1907b75,0x20e3030f,
+ 0x24d8c29e,0xe139673b,0xefa63fb8,0x71873054,
+ 0xb6f2cf3b,0x9f326442,0xcb15a4cc,0xb01a4504,
+ 0xf1e47d8d,0x844a1be5,0xbae7dfdc,0x42cbda70,
+ 0xcd7dae0a,0x57e85b7a,0xd53f5af6,0x20cf4d8c,
+ 0xcea4d428,0x79d130a4,0x3486ebfb,0x33d3cddc,
+ 0x77853b53,0x37effcb5,0xc5068778,0xe580b3e6,
+ 0x4e68b8f4,0xc5c8b37e,0x0d809ea2,0x398feb7c,
+ 0x132a4f94,0x43b7950e,0x2fee7d1c,0x223613bd,
+ 0xdd06caa2,0x37df932b,0xc4248289,0xacf3ebc3,
+ 0x5715f6b7,0xef3478dd,0xf267616f,0xc148cbe4,
+ 0x9052815e,0x5e410fab,0xb48a2465,0x2eda7fa4,
+ 0xe87b40e4,0xe98ea084,0x5889e9e1,0xefd390fc,
+ 0xdd07d35b,0xdb485694,0x38d7e5b2,0x57720101,
+ 0x730edebc,0x5b643113,0x94917e4f,0x503c2fba,
+ 0x646f1282,0x7523d24a,0xe0779695,0xf9c17a8f,
+ 0x7a5b2121,0xd187b896,0x29263a4d,0xba510cdf,
+ 0x81f47c9f,0xad1163ed,0xea7b5965,0x1a00726e,
+ 0x11403092,0x00da6d77,0x4a0cdd61,0xad1f4603,
+ 0x605bdfb0,0x9eedc364,0x22ebe6a8,0xcee7d28a,
+ 0xa0e736a0,0x5564a6b9,0x10853209,0xc7eb8f37,
+ 0x2de705ca,0x8951570f,0xdf09822b,0xbd691a6c,
+ 0xaa12e4f2,0x87451c0f,0xe0f6a27a,0x3ada4819,
+ 0x4cf1764f,0x0d771c2b,0x67cdb156,0x350d8384,
+ 0x5938fa0f,0x42399ef3,0x36997b07,0x0e84093d,
+ 0x4aa93e61,0x8360d87b,0x1fa98b0c,0x1149382c,
+ 0xe97625a5,0x0614d1b7,0x0e25244b,0x0c768347,
+ 0x589e8d82,0x0d2059d1,0xa466bb1e,0xf8da0a82,
+ 0x04f19130,0xba6e4ec0,0x99265164,0x1ee7230d,
+ 0x50b2ad80,0xeaee6801,0x8db2a283,0xea8bf59e,
+ };
diff --git a/src/lib/libssl/src/crypto/cast/cast_spd.c b/src/lib/libssl/src/crypto/cast/cast_spd.c
new file mode 100644
index 0000000000..ab75e65386
--- /dev/null
+++ b/src/lib/libssl/src/crypto/cast/cast_spd.c
@@ -0,0 +1,294 @@
+/* crypto/cast/cast_spd.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* 11-Sep-92 Andrew Daviel Support for Silicon Graphics IRIX added */
+/* 06-Apr-92 Luke Brennan Support for VMS and add extra signal calls */
+
+#ifndef MSDOS
+#define TIMES
+#endif
+
+#include <stdio.h>
+#ifndef MSDOS
+#include <unistd.h>
+#else
+#include <io.h>
+extern int exit();
+#endif
+#include <signal.h>
+#ifndef VMS
+#ifndef _IRIX
+#include <time.h>
+#endif
+#ifdef TIMES
+#include <sys/types.h>
+#include <sys/times.h>
+#endif
+#else /* VMS */
+#include <types.h>
+struct tms {
+ time_t tms_utime;
+ time_t tms_stime;
+ time_t tms_uchild; /* I dunno... */
+ time_t tms_uchildsys; /* so these names are a guess :-) */
+ }
+#endif
+#ifndef TIMES
+#include <sys/timeb.h>
+#endif
+
+#ifdef sun
+#include <limits.h>
+#include <sys/param.h>
+#endif
+
+#include "cast.h"
+
+/* The following if from times(3) man page. It may need to be changed */
+#ifndef HZ
+#ifndef CLK_TCK
+#ifndef VMS
+#define HZ 100.0
+#else /* VMS */
+#define HZ 100.0
+#endif
+#else /* CLK_TCK */
+#define HZ ((double)CLK_TCK)
+#endif
+#endif
+
+#define BUFSIZE ((long)1024)
+long run=0;
+
+#ifndef NOPROTO
+double Time_F(int s);
+#else
+double Time_F();
+#endif
+
+#ifdef SIGALRM
+#if defined(__STDC__) || defined(sgi) || defined(_AIX)
+#define SIGRETTYPE void
+#else
+#define SIGRETTYPE int
+#endif
+
+#ifndef NOPROTO
+SIGRETTYPE sig_done(int sig);
+#else
+SIGRETTYPE sig_done();
+#endif
+
+SIGRETTYPE sig_done(sig)
+int sig;
+ {
+ signal(SIGALRM,sig_done);
+ run=0;
+#ifdef LINT
+ sig=sig;
+#endif
+ }
+#endif
+
+#define START 0
+#define STOP 1
+
+double Time_F(s)
+int s;
+ {
+ double ret;
+#ifdef TIMES
+ static struct tms tstart,tend;
+
+ if (s == START)
+ {
+ times(&tstart);
+ return(0);
+ }
+ else
+ {
+ times(&tend);
+ ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
+ return((ret == 0.0)?1e-6:ret);
+ }
+#else /* !times() */
+ static struct timeb tstart,tend;
+ long i;
+
+ if (s == START)
+ {
+ ftime(&tstart);
+ return(0);
+ }
+ else
+ {
+ ftime(&tend);
+ i=(long)tend.millitm-(long)tstart.millitm;
+ ret=((double)(tend.time-tstart.time))+((double)i)/1e3;
+ return((ret == 0.0)?1e-6:ret);
+ }
+#endif
+ }
+
+int main(argc,argv)
+int argc;
+char **argv;
+ {
+ long count;
+ static unsigned char buf[BUFSIZE];
+ static unsigned char key[] ={
+ 0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,
+ 0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10,
+ };
+ CAST_KEY sch;
+ double a,b,c,d;
+#ifndef SIGALRM
+ long ca,cb,cc;
+#endif
+
+#ifndef TIMES
+ printf("To get the most acurate results, try to run this\n");
+ printf("program when this computer is idle.\n");
+#endif
+
+#ifndef SIGALRM
+ printf("First we calculate the approximate speed ...\n");
+ CAST_set_key(&sch,16,key);
+ count=10;
+ do {
+ long i;
+ CAST_LONG data[2];
+
+ count*=2;
+ Time_F(START);
+ for (i=count; i; i--)
+ CAST_encrypt(data,&sch);
+ d=Time_F(STOP);
+ } while (d < 3.0);
+ ca=count/512;
+ cb=count;
+ cc=count*8/BUFSIZE+1;
+ printf("Doing CAST_set_key %ld times\n",ca);
+#define COND(d) (count != (d))
+#define COUNT(d) (d)
+#else
+#define COND(c) (run)
+#define COUNT(d) (count)
+ signal(SIGALRM,sig_done);
+ printf("Doing CAST_set_key for 10 seconds\n");
+ alarm(10);
+#endif
+
+ Time_F(START);
+ for (count=0,run=1; COND(ca); count+=4)
+ {
+ CAST_set_key(&sch,16,key);
+ CAST_set_key(&sch,16,key);
+ CAST_set_key(&sch,16,key);
+ CAST_set_key(&sch,16,key);
+ }
+ d=Time_F(STOP);
+ printf("%ld cast set_key's in %.2f seconds\n",count,d);
+ a=((double)COUNT(ca))/d;
+
+#ifdef SIGALRM
+ printf("Doing CAST_encrypt's for 10 seconds\n");
+ alarm(10);
+#else
+ printf("Doing CAST_encrypt %ld times\n",cb);
+#endif
+ Time_F(START);
+ for (count=0,run=1; COND(cb); count+=4)
+ {
+ CAST_LONG data[2];
+
+ CAST_encrypt(data,&sch);
+ CAST_encrypt(data,&sch);
+ CAST_encrypt(data,&sch);
+ CAST_encrypt(data,&sch);
+ }
+ d=Time_F(STOP);
+ printf("%ld CAST_encrypt's in %.2f second\n",count,d);
+ b=((double)COUNT(cb)*8)/d;
+
+#ifdef SIGALRM
+ printf("Doing CAST_cbc_encrypt on %ld byte blocks for 10 seconds\n",
+ BUFSIZE);
+ alarm(10);
+#else
+ printf("Doing CAST_cbc_encrypt %ld times on %ld byte blocks\n",cc,
+ BUFSIZE);
+#endif
+ Time_F(START);
+ for (count=0,run=1; COND(cc); count++)
+ CAST_cbc_encrypt(buf,buf,BUFSIZE,&sch,
+ &(key[0]),CAST_ENCRYPT);
+ d=Time_F(STOP);
+ printf("%ld CAST_cbc_encrypt's of %ld byte blocks in %.2f second\n",
+ count,BUFSIZE,d);
+ c=((double)COUNT(cc)*BUFSIZE)/d;
+
+ printf("CAST set_key per sec = %12.2f (%9.3fuS)\n",a,1.0e6/a);
+ printf("CAST raw ecb bytes per sec = %12.2f (%9.3fuS)\n",b,8.0e6/b);
+ printf("CAST cbc bytes per sec = %12.2f (%9.3fuS)\n",c,8.0e6/c);
+ exit(0);
+#if defined(LINT) || defined(MSDOS)
+ return(0);
+#endif
+ }
+
diff --git a/src/lib/libssl/src/crypto/cast/castopts.c b/src/lib/libssl/src/crypto/cast/castopts.c
new file mode 100644
index 0000000000..68cf5a4a60
--- /dev/null
+++ b/src/lib/libssl/src/crypto/cast/castopts.c
@@ -0,0 +1,358 @@
+/* crypto/cast/castopts.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* define PART1, PART2, PART3 or PART4 to build only with a few of the options.
+ * This is for machines with 64k code segment size restrictions. */
+
+#ifndef MSDOS
+#define TIMES
+#endif
+
+#include <stdio.h>
+#ifndef MSDOS
+#include <unistd.h>
+#else
+#include <io.h>
+extern void exit();
+#endif
+#include <signal.h>
+#ifndef VMS
+#ifndef _IRIX
+#include <time.h>
+#endif
+#ifdef TIMES
+#include <sys/types.h>
+#include <sys/times.h>
+#endif
+#else /* VMS */
+#include <types.h>
+struct tms {
+ time_t tms_utime;
+ time_t tms_stime;
+ time_t tms_uchild; /* I dunno... */
+ time_t tms_uchildsys; /* so these names are a guess :-) */
+ }
+#endif
+#ifndef TIMES
+#include <sys/timeb.h>
+#endif
+
+#ifdef sun
+#include <limits.h>
+#include <sys/param.h>
+#endif
+
+#include "cast.h"
+
+#define CAST_DEFAULT_OPTIONS
+
+#undef E_CAST
+#define CAST_encrypt CAST_encrypt_normal
+#define CAST_decrypt CAST_decrypt_normal
+#define CAST_cbc_encrypt CAST_cbc_encrypt_normal
+#undef HEADER_CAST_LOCL_H
+#include "c_enc.c"
+
+#define CAST_PTR
+#undef CAST_PTR2
+#undef E_CAST
+#undef CAST_encrypt
+#undef CAST_decrypt
+#undef CAST_cbc_encrypt
+#define CAST_encrypt CAST_encrypt_ptr
+#define CAST_decrypt CAST_decrypt_ptr
+#define CAST_cbc_encrypt CAST_cbc_encrypt_ptr
+#undef HEADER_CAST_LOCL_H
+#include "c_enc.c"
+
+#undef CAST_PTR
+#define CAST_PTR2
+#undef E_CAST
+#undef CAST_encrypt
+#undef CAST_decrypt
+#undef CAST_cbc_encrypt
+#define CAST_encrypt CAST_encrypt_ptr2
+#define CAST_decrypt CAST_decrypt_ptr2
+#define CAST_cbc_encrypt CAST_cbc_encrypt_ptr2
+#undef HEADER_CAST_LOCL_H
+#include "c_enc.c"
+
+/* The following if from times(3) man page. It may need to be changed */
+#ifndef HZ
+# ifndef CLK_TCK
+# ifndef _BSD_CLK_TCK_ /* FreeBSD fix */
+# ifndef VMS
+# define HZ 100.0
+# else /* VMS */
+# define HZ 100.0
+# endif
+# else /* _BSD_CLK_TCK_ */
+# define HZ ((double)_BSD_CLK_TCK_)
+# endif
+# else /* CLK_TCK */
+# define HZ ((double)CLK_TCK)
+# endif
+#endif
+
+#define BUFSIZE ((long)1024)
+long run=0;
+
+#ifndef NOPROTO
+double Time_F(int s);
+#else
+double Time_F();
+#endif
+
+#ifdef SIGALRM
+#if defined(__STDC__) || defined(sgi)
+#define SIGRETTYPE void
+#else
+#define SIGRETTYPE int
+#endif
+
+#ifndef NOPROTO
+SIGRETTYPE sig_done(int sig);
+#else
+SIGRETTYPE sig_done();
+#endif
+
+SIGRETTYPE sig_done(sig)
+int sig;
+ {
+ signal(SIGALRM,sig_done);
+ run=0;
+#ifdef LINT
+ sig=sig;
+#endif
+ }
+#endif
+
+#define START 0
+#define STOP 1
+
+double Time_F(s)
+int s;
+ {
+ double ret;
+#ifdef TIMES
+ static struct tms tstart,tend;
+
+ if (s == START)
+ {
+ times(&tstart);
+ return(0);
+ }
+ else
+ {
+ times(&tend);
+ ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
+ return((ret == 0.0)?1e-6:ret);
+ }
+#else /* !times() */
+ static struct timeb tstart,tend;
+ long i;
+
+ if (s == START)
+ {
+ ftime(&tstart);
+ return(0);
+ }
+ else
+ {
+ ftime(&tend);
+ i=(long)tend.millitm-(long)tstart.millitm;
+ ret=((double)(tend.time-tstart.time))+((double)i)/1000.0;
+ return((ret == 0.0)?1e-6:ret);
+ }
+#endif
+ }
+
+#ifdef SIGALRM
+#define print_name(name) fprintf(stderr,"Doing %s's for 10 seconds\n",name); alarm(10);
+#else
+#define print_name(name) fprintf(stderr,"Doing %s %ld times\n",name,cb);
+#endif
+
+#define time_it(func,name,index) \
+ print_name(name); \
+ Time_F(START); \
+ for (count=0,run=1; COND(cb); count+=4) \
+ { \
+ unsigned long d[2]; \
+ func(d,&sch); \
+ func(d,&sch); \
+ func(d,&sch); \
+ func(d,&sch); \
+ } \
+ tm[index]=Time_F(STOP); \
+ fprintf(stderr,"%ld %s's in %.2f second\n",count,name,tm[index]); \
+ tm[index]=((double)COUNT(cb))/tm[index];
+
+#define print_it(name,index) \
+ fprintf(stderr,"%s bytes per sec = %12.2f (%5.1fuS)\n",name, \
+ tm[index]*8,1.0e6/tm[index]);
+
+int main(argc,argv)
+int argc;
+char **argv;
+ {
+ long count;
+ static unsigned char buf[BUFSIZE];
+ static char key[16]={ 0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,
+ 0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0};
+ CAST_KEY sch;
+ double d,tm[16],max=0;
+ int rank[16];
+ char *str[16];
+ int max_idx=0,i,num=0,j;
+#ifndef SIGALARM
+ long ca,cb,cc,cd,ce;
+#endif
+
+ for (i=0; i<12; i++)
+ {
+ tm[i]=0.0;
+ rank[i]=0;
+ }
+
+#ifndef TIMES
+ fprintf(stderr,"To get the most acurate results, try to run this\n");
+ fprintf(stderr,"program when this computer is idle.\n");
+#endif
+
+ CAST_set_key(&sch,16,key);
+
+#ifndef SIGALRM
+ fprintf(stderr,"First we calculate the approximate speed ...\n");
+ count=10;
+ do {
+ long i;
+ unsigned long data[2];
+
+ count*=2;
+ Time_F(START);
+ for (i=count; i; i--)
+ CAST_encrypt(data,&sch);
+ d=Time_F(STOP);
+ } while (d < 3.0);
+ ca=count;
+ cb=count*3;
+ cc=count*3*8/BUFSIZE+1;
+ cd=count*8/BUFSIZE+1;
+
+ ce=count/20+1;
+#define COND(d) (count != (d))
+#define COUNT(d) (d)
+#else
+#define COND(c) (run)
+#define COUNT(d) (count)
+ signal(SIGALRM,sig_done);
+ alarm(10);
+#endif
+
+ time_it(CAST_encrypt_normal, "CAST_encrypt_normal ", 0);
+ time_it(CAST_encrypt_ptr, "CAST_encrypt_ptr ", 1);
+ time_it(CAST_encrypt_ptr2, "CAST_encrypt_ptr2 ", 2);
+ num+=3;
+
+ str[0]="<nothing>";
+ print_it("CAST_encrypt_normal ",0);
+ max=tm[0];
+ max_idx=0;
+ str[1]="ptr ";
+ print_it("CAST_encrypt_ptr ",1);
+ if (max < tm[1]) { max=tm[1]; max_idx=1; }
+ str[2]="ptr2 ";
+ print_it("CAST_encrypt_ptr2 ",2);
+ if (max < tm[2]) { max=tm[2]; max_idx=2; }
+
+ printf("options CAST ecb/s\n");
+ printf("%s %12.2f 100.0%%\n",str[max_idx],tm[max_idx]);
+ d=tm[max_idx];
+ tm[max_idx]= -2.0;
+ max= -1.0;
+ for (;;)
+ {
+ for (i=0; i<3; i++)
+ {
+ if (max < tm[i]) { max=tm[i]; j=i; }
+ }
+ if (max < 0.0) break;
+ printf("%s %12.2f %4.1f%%\n",str[j],tm[j],tm[j]/d*100.0);
+ tm[j]= -2.0;
+ max= -1.0;
+ }
+
+ switch (max_idx)
+ {
+ case 0:
+ printf("-DCAST_DEFAULT_OPTIONS\n");
+ break;
+ case 1:
+ printf("-DCAST_PTR\n");
+ break;
+ case 2:
+ printf("-DCAST_PTR2\n");
+ break;
+ }
+ exit(0);
+#if defined(LINT) || defined(MSDOS)
+ return(0);
+#endif
+ }
+
diff --git a/src/lib/libssl/src/crypto/cast/casts.cpp b/src/lib/libssl/src/crypto/cast/casts.cpp
new file mode 100644
index 0000000000..bac7be2c9c
--- /dev/null
+++ b/src/lib/libssl/src/crypto/cast/casts.cpp
@@ -0,0 +1,70 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+ asm volatile(".byte 15, 49\n\t"
+ : "=eax" (tsc)
+ :
+ : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+ unsigned long a;
+ __asm _emit 0fh
+ __asm _emit 31h
+ __asm mov a, eax;
+ tsc=a;
+}
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "cast.h"
+
+void main(int argc,char *argv[])
+ {
+ CAST_KEY key;
+ unsigned long s1,s2,e1,e2;
+ unsigned long data[2];
+ int i,j;
+ static unsigned char d[16]={0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF};
+
+ CAST_set_key(&key, 16,d);
+
+ for (j=0; j<6; j++)
+ {
+ for (i=0; i<1000; i++) /**/
+ {
+ CAST_encrypt(&data[0],&key);
+ GetTSC(s1);
+ CAST_encrypt(&data[0],&key);
+ CAST_encrypt(&data[0],&key);
+ CAST_encrypt(&data[0],&key);
+ GetTSC(e1);
+ GetTSC(s2);
+ CAST_encrypt(&data[0],&key);
+ CAST_encrypt(&data[0],&key);
+ CAST_encrypt(&data[0],&key);
+ CAST_encrypt(&data[0],&key);
+ GetTSC(e2);
+ CAST_encrypt(&data[0],&key);
+ }
+
+ printf("cast %d %d (%d)\n",
+ e1-s1,e2-s2,((e2-s2)-(e1-s1)));
+ }
+ }
+
diff --git a/src/lib/libssl/src/crypto/cast/casttest.c b/src/lib/libssl/src/crypto/cast/casttest.c
new file mode 100644
index 0000000000..8b009bc249
--- /dev/null
+++ b/src/lib/libssl/src/crypto/cast/casttest.c
@@ -0,0 +1,223 @@
+/* crypto/cast/casttest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include "cast.h"
+
+/* #define FULL_TEST */
+
+unsigned char k[16]={
+ 0x01,0x23,0x45,0x67,0x12,0x34,0x56,0x78,
+ 0x23,0x45,0x67,0x89,0x34,0x56,0x78,0x9A
+ };
+
+unsigned char in[8]={ 0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF};
+
+int k_len[3]={16,10};
+unsigned char c[3][8]={
+ {0x23,0x8B,0x4F,0xE5,0x84,0x7E,0x44,0xB2},
+ {0xEB,0x6A,0x71,0x1A,0x2C,0x02,0x27,0x1B},
+ {0x7A,0xC8,0x16,0xD1,0x6E,0x9B,0x30,0x2E},
+ };
+unsigned char out[80];
+
+unsigned char in_a[16]={
+ 0x01,0x23,0x45,0x67,0x12,0x34,0x56,0x78,
+ 0x23,0x45,0x67,0x89,0x34,0x56,0x78,0x9A};
+unsigned char in_b[16]={
+ 0x01,0x23,0x45,0x67,0x12,0x34,0x56,0x78,
+ 0x23,0x45,0x67,0x89,0x34,0x56,0x78,0x9A};
+
+unsigned char c_a[16]={
+ 0xEE,0xA9,0xD0,0xA2,0x49,0xFD,0x3B,0xA6,
+ 0xB3,0x43,0x6F,0xB8,0x9D,0x6D,0xCA,0x92};
+unsigned char c_b[16]={
+ 0xB2,0xC9,0x5E,0xB0,0x0C,0x31,0xAD,0x71,
+ 0x80,0xAC,0x05,0xB8,0xE8,0x3D,0x69,0x6E};
+
+#if 0
+char *text="Hello to all people out there";
+
+static unsigned char cfb_key[16]={
+ 0xe1,0xf0,0xc3,0xd2,0xa5,0xb4,0x87,0x96,
+ 0x69,0x78,0x4b,0x5a,0x2d,0x3c,0x0f,0x1e,
+ };
+static unsigned char cfb_iv[80]={0x34,0x12,0x78,0x56,0xab,0x90,0xef,0xcd};
+static unsigned char cfb_buf1[40],cfb_buf2[40],cfb_tmp[8];
+#define CFB_TEST_SIZE 24
+static unsigned char plain[CFB_TEST_SIZE]=
+ {
+ 0x4e,0x6f,0x77,0x20,0x69,0x73,
+ 0x20,0x74,0x68,0x65,0x20,0x74,
+ 0x69,0x6d,0x65,0x20,0x66,0x6f,
+ 0x72,0x20,0x61,0x6c,0x6c,0x20
+ };
+static unsigned char cfb_cipher64[CFB_TEST_SIZE]={
+ 0x59,0xD8,0xE2,0x65,0x00,0x58,0x6C,0x3F,
+ 0x2C,0x17,0x25,0xD0,0x1A,0x38,0xB7,0x2A,
+ 0x39,0x61,0x37,0xDC,0x79,0xFB,0x9F,0x45
+
+/* 0xF9,0x78,0x32,0xB5,0x42,0x1A,0x6B,0x38,
+ 0x9A,0x44,0xD6,0x04,0x19,0x43,0xC4,0xD9,
+ 0x3D,0x1E,0xAE,0x47,0xFC,0xCF,0x29,0x0B,*/
+ };
+#endif
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+#ifdef FULL_TEST
+ long l;
+ CAST_KEY key_b;
+#endif
+ int i,z,err=0;
+ CAST_KEY key;
+
+ for (z=0; z<1; z++)
+ {
+ CAST_set_key(&key,k_len[z],k);
+
+ CAST_ecb_encrypt(in,out,&key,CAST_ENCRYPT);
+ if (memcmp(out,&(c[z][0]),8) != 0)
+ {
+ printf("ecb cast error encrypting\n");
+ printf("got :");
+ for (i=0; i<8; i++)
+ printf("%02X ",out[i]);
+ printf("\n");
+ printf("expected:");
+ for (i=0; i<8; i++)
+ printf("%02X ",c[z][i]);
+ err=20;
+ printf("\n");
+ }
+
+ CAST_ecb_encrypt(out,out,&key,CAST_DECRYPT);
+ if (memcmp(out,in,8) != 0)
+ {
+ printf("ecb cast error decrypting\n");
+ printf("got :");
+ for (i=0; i<8; i++)
+ printf("%02X ",out[i]);
+ printf("\n");
+ printf("expected:");
+ for (i=0; i<8; i++)
+ printf("%02X ",in[i]);
+ printf("\n");
+ err=3;
+ }
+ }
+ if (err == 0) printf("ecb cast5 ok\n");
+
+#ifdef FULL_TEST
+ {
+ unsigned char out_a[16],out_b[16];
+ static char *hex="0123456789ABCDEF";
+
+ printf("This test will take some time....");
+ fflush(stdout);
+ memcpy(out_a,in_a,sizeof(in_a));
+ memcpy(out_b,in_b,sizeof(in_b));
+ i=1;
+
+ for (l=0; l<1000000L; l++)
+ {
+ CAST_set_key(&key_b,16,out_b);
+ CAST_ecb_encrypt(&(out_a[0]),&(out_a[0]),&key_b,CAST_ENCRYPT);
+ CAST_ecb_encrypt(&(out_a[8]),&(out_a[8]),&key_b,CAST_ENCRYPT);
+ CAST_set_key(&key,16,out_a);
+ CAST_ecb_encrypt(&(out_b[0]),&(out_b[0]),&key,CAST_ENCRYPT);
+ CAST_ecb_encrypt(&(out_b[8]),&(out_b[8]),&key,CAST_ENCRYPT);
+ if ((l & 0xffff) == 0xffff)
+ {
+ printf("%c",hex[i&0x0f]);
+ fflush(stdout);
+ i++;
+ }
+ }
+
+ if ( (memcmp(out_a,c_a,sizeof(c_a)) != 0) ||
+ (memcmp(out_b,c_b,sizeof(c_b)) != 0))
+ {
+ printf("\n");
+ printf("Error\n");
+
+ printf("A out =");
+ for (i=0; i<16; i++) printf("%02X ",out_a[i]);
+ printf("\nactual=");
+ for (i=0; i<16; i++) printf("%02X ",c_a[i]);
+ printf("\n");
+
+ printf("B out =");
+ for (i=0; i<16; i++) printf("%02X ",out_b[i]);
+ printf("\nactual=");
+ for (i=0; i<16; i++) printf("%02X ",c_b[i]);
+ printf("\n");
+ }
+ else
+ printf(" ok\n");
+ }
+#endif
+
+ exit(err);
+ return(err);
+ }
+
diff --git a/src/lib/libssl/src/crypto/conf/cnf_save.c b/src/lib/libssl/src/crypto/conf/cnf_save.c
new file mode 100644
index 0000000000..c9018de10e
--- /dev/null
+++ b/src/lib/libssl/src/crypto/conf/cnf_save.c
@@ -0,0 +1,106 @@
+/* crypto/conf/cnf_save.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "conf.h"
+
+void print_conf(CONF_VALUE *cv);
+
+main()
+ {
+ LHASH *conf;
+ long l;
+
+ conf=CONF_load(NULL,"../../apps/ssleay.cnf",&l);
+ if (conf == NULL)
+ {
+ fprintf(stderr,"error loading config, line %ld\n",l);
+ exit(1);
+ }
+
+ lh_doall(conf,print_conf);
+ }
+
+
+void print_conf(cv)
+CONF_VALUE *cv;
+ {
+ int i;
+ CONF_VALUE *v;
+ char *section;
+ char *name;
+ char *value;
+ STACK *s;
+
+ /* If it is a single entry, return */
+
+ if (cv->name != NULL) return;
+
+ printf("[ %s ]\n",cv->section);
+ s=(STACK *)cv->value;
+
+ for (i=0; i<sk_num(s); i++)
+ {
+ v=(CONF_VALUE *)sk_value(s,i);
+ section=(v->section == NULL)?"None":v->section;
+ name=(v->name == NULL)?"None":v->name;
+ value=(v->value == NULL)?"None":v->value;
+ printf("%s=%s\n",name,value);
+ }
+ printf("\n");
+ }
diff --git a/src/lib/libssl/src/crypto/conf/conf.h b/src/lib/libssl/src/crypto/conf/conf.h
new file mode 100644
index 0000000000..1446226a16
--- /dev/null
+++ b/src/lib/libssl/src/crypto/conf/conf.h
@@ -0,0 +1,114 @@
+/* crypto/conf/conf.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_CONF_H
+#define HEADER_CONF_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include "stack.h"
+#include "lhash.h"
+
+typedef struct
+ {
+ char *section;
+ char *name;
+ char *value;
+ } CONF_VALUE;
+
+#ifndef NOPROTO
+
+LHASH *CONF_load(LHASH *conf,char *file,long *eline);
+STACK *CONF_get_section(LHASH *conf,char *section);
+char *CONF_get_string(LHASH *conf,char *group,char *name);
+long CONF_get_number(LHASH *conf,char *group,char *name);
+void CONF_free(LHASH *conf);
+void ERR_load_CONF_strings(void );
+
+#else
+
+LHASH *CONF_load();
+STACK *CONF_get_section();
+char *CONF_get_string();
+long CONF_get_number();
+void CONF_free();
+void ERR_load_CONF_strings();
+
+#endif
+
+/* BEGIN ERROR CODES */
+/* Error codes for the CONF functions. */
+
+/* Function codes. */
+#define CONF_F_CONF_LOAD 100
+#define CONF_F_STR_COPY 101
+
+/* Reason codes. */
+#define CONF_R_MISSING_CLOSE_SQUARE_BRACKET 100
+#define CONF_R_MISSING_EQUAL_SIGN 101
+#define CONF_R_NO_CLOSE_BRACE 102
+#define CONF_R_UNABLE_TO_CREATE_NEW_SECTION 103
+#define CONF_R_VARIABLE_HAS_NO_VALUE 104
+
+#ifdef __cplusplus
+}
+#endif
+#endif
+
diff --git a/src/lib/libssl/src/crypto/conf/conf_err.c b/src/lib/libssl/src/crypto/conf/conf_err.c
new file mode 100644
index 0000000000..a8db8f266f
--- /dev/null
+++ b/src/lib/libssl/src/crypto/conf/conf_err.c
@@ -0,0 +1,96 @@
+/* lib/conf/conf_err.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include "err.h"
+#include "conf.h"
+
+/* BEGIN ERROR CODES */
+#ifndef NO_ERR
+static ERR_STRING_DATA CONF_str_functs[]=
+ {
+{ERR_PACK(0,CONF_F_CONF_LOAD,0), "CONF_load"},
+{ERR_PACK(0,CONF_F_STR_COPY,0), "STR_COPY"},
+{0,NULL},
+ };
+
+static ERR_STRING_DATA CONF_str_reasons[]=
+ {
+{CONF_R_MISSING_CLOSE_SQUARE_BRACKET ,"missing close square bracket"},
+{CONF_R_MISSING_EQUAL_SIGN ,"missing equal sign"},
+{CONF_R_NO_CLOSE_BRACE ,"no close brace"},
+{CONF_R_UNABLE_TO_CREATE_NEW_SECTION ,"unable to create new section"},
+{CONF_R_VARIABLE_HAS_NO_VALUE ,"variable has no value"},
+{0,NULL},
+ };
+
+#endif
+
+void ERR_load_CONF_strings()
+ {
+ static int init=1;
+
+ if (init);
+ {;
+ init=0;
+#ifndef NO_ERR
+ ERR_load_strings(ERR_LIB_CONF,CONF_str_functs);
+ ERR_load_strings(ERR_LIB_CONF,CONF_str_reasons);
+#endif
+
+ }
+ }
diff --git a/src/lib/libssl/src/crypto/conf/keysets.pl b/src/lib/libssl/src/crypto/conf/keysets.pl
new file mode 100644
index 0000000000..e40fed0ca1
--- /dev/null
+++ b/src/lib/libssl/src/crypto/conf/keysets.pl
@@ -0,0 +1,61 @@
+#!/usr/bin/perl
+
+$NUMBER=0x01;
+$UPPER=0x02;
+$LOWER=0x04;
+$EOF=0x08;
+$WS=0x10;
+$ESC=0x20;
+$QUOTE=0x40;
+$COMMENT=0x80;
+$UNDER=0x100;
+
+foreach (0 .. 127)
+ {
+ $v=0;
+ $c=sprintf("%c",$_);
+ $v|=$NUMBER if ($c =~ /[0-9]/);
+ $v|=$UPPER if ($c =~ /[A-Z]/);
+ $v|=$LOWER if ($c =~ /[a-z]/);
+ $v|=$UNDER if ($c =~ /_/);
+ $v|=$WS if ($c =~ / \t\r\n/);
+ $v|=$ESC if ($c =~ /\\/);
+ $v|=$QUOTE if ($c =~ /['`"]/);
+ $v|=$COMMENT if ($c =~ /\#/);
+ $v|=$EOF if ($c =~ /\0/);
+
+ push(@V,$v);
+ }
+
+print <<"EOF";
+#define CONF_NUMBER $NUMBER
+#define CONF_UPPER $UPPER
+#define CONF_LOWER $LOWER
+#define CONF_EOF $EOF
+#define CONF_WS $WS
+#define CONF_ESC $ESC
+#define CONF_QUOTE $QUOTE
+#define CONF_COMMENT $COMMENT
+#define CONF_ALPHA (CONF_UPPER|CONF_LOWER)
+#define CONF_ALPHA_NUMERIC (CONF_ALPHA|CONF_NUMBER|CONF_UNDER)
+#define CONF_UNDER $UNDER
+
+#define IS_COMMENT(a) (CONF_COMMENT&(CONF_type[(a)&0x7f]))
+#define IS_EOF(a) ((a) == '\\0')
+#define IS_ESC(a) ((a) == '\\\\')
+#define IS_NUMER(a) (CONF_type[(a)&0x7f]&CONF_NUMBER)
+#define IS_WS(a) (CONF_type[(a)&0x7f]&CONF_WS)
+#define IS_ALPHA_NUMERIC(a) (CONF_type[(a)&0x7f]&CONF_ALPHA_NUMERIC)
+#define IS_QUOTE(a) (CONF_type[(a)&0x7f]&CONF_QUOTE)
+
+EOF
+
+print "static unsigned short CONF_type[128]={";
+
+for ($i=0; $i<128; $i++)
+ {
+ print "\n\t" if ($i % 8) == 0;
+ printf "0x%03X,",$V[$i];
+ }
+
+print "\n\t};\n";
diff --git a/src/lib/libssl/src/crypto/conf/ssleay.cnf b/src/lib/libssl/src/crypto/conf/ssleay.cnf
new file mode 100644
index 0000000000..ed33af601e
--- /dev/null
+++ b/src/lib/libssl/src/crypto/conf/ssleay.cnf
@@ -0,0 +1,78 @@
+#
+# This is a test configuration file for use in SSLeay etc...
+#
+
+init = 5
+in\#it1 =10
+init2='10'
+init3='10\''
+init4="10'"
+init5='='10\'' again'
+
+SSLeay::version = 0.5.0
+
+[genrsa]
+default_bits = 512
+SSLEAY::version = 0.5.0
+
+[gendh]
+default_bits = 512
+def_generator = 2
+
+[s_client]
+cipher1 = DES_CBC_MD5:DES_CBC_SHA:DES_EDE_SHA:RC4_MD5\
+cipher2 = 'DES_CBC_MD5 DES_CBC_SHA DES_EDE_SHA RC4_MD5'
+cipher3 = "DES_CBC_MD5 DES_CBC_SHA DES_EDE_SHA RC4_MD5"
+cipher4 = DES_CBC_MD5 DES_CBC_SHA DES_EDE_SHA RC4_MD5
+
+[ default ]
+cert_dir = $ENV::HOME/.ca_certs
+
+HOME = /tmp/eay
+
+tmp_cert_dir = $HOME/.ca_certs
+tmp2_cert_dir = thisis$(HOME)stuff
+
+LOGNAME = Eric Young (home=$HOME)
+
+[ special ]
+
+H=$HOME
+H=$default::HOME
+H=$ENV::HOME
+#
+# SSLeay example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+
+RANDFILE = $HOME/.rand
+
+[ req ]
+default_bits = 512
+default_keyfile = privkey.pem
+
+Attribute_type_1 = countryName
+Attribute_text_1 = Country Name (2 letter code)
+Attribute_default_1 = AU
+
+Attribute_type_2 = stateOrProvinceName
+Attribute_text_2 = State or Province Name (full name)
+Attribute_default_2 = Queensland
+
+Attribute_type_3 = localityName
+Attribute_text_3 = Locality Name (eg, city)
+
+Attribute_type_4 = organizationName
+Attribute_text_4 = Organization Name (eg, company)
+Attribute_default_4 = Mincom Pty Ltd
+
+Attribute_type_5 = organizationalUnitName
+Attribute_text_5 = Organizational Unit Name (eg, section)
+Attribute_default_5 = TR
+
+Attribute_type_6 = commonName
+Attribute_text_6 = Common Name (eg, YOUR name)
+
+Attribute_type_7 = emailAddress
+Attribute_text_7 = Email Address
+
diff --git a/src/lib/libssl/src/crypto/conf/test.c b/src/lib/libssl/src/crypto/conf/test.c
new file mode 100644
index 0000000000..899ee2a067
--- /dev/null
+++ b/src/lib/libssl/src/crypto/conf/test.c
@@ -0,0 +1,91 @@
+/* crypto/conf/test.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "conf.h"
+
+main()
+ {
+ LHASH *conf;
+ long eline;
+ char *s,*s2;
+
+ conf=CONF_load(NULL,"ssleay.conf",&eline);
+ if (conf == NULL)
+ {
+ ERR_load_crypto_strings();
+ printf("unable to load configuration, line %ld\n",eline);
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+ lh_stats(conf,stdout);
+ lh_node_stats(conf,stdout);
+ lh_node_usage_stats(conf,stdout);
+
+ s=CONF_get_string(conf,NULL,"init2");
+ printf("init2=%s\n",(s == NULL)?"NULL":s);
+
+ s=CONF_get_string(conf,NULL,"cipher1");
+ printf("cipher1=%s\n",(s == NULL)?"NULL":s);
+
+ s=CONF_get_string(conf,"s_client","cipher1");
+ printf("s_client:cipher1=%s\n",(s == NULL)?"NULL":s);
+
+ exit(0);
+ }
diff --git a/src/lib/libssl/src/crypto/cpt_err.c b/src/lib/libssl/src/crypto/cpt_err.c
new file mode 100644
index 0000000000..ea3c135d39
--- /dev/null
+++ b/src/lib/libssl/src/crypto/cpt_err.c
@@ -0,0 +1,86 @@
+/* lib/crypto/crypto_err.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include "err.h"
+#include "crypto.h"
+
+/* BEGIN ERROR CODES */
+#ifndef NO_ERR
+static ERR_STRING_DATA CRYPTO_str_functs[]=
+ {
+{ERR_PACK(0,CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX,0), "CRYPTO_get_ex_new_index"},
+{ERR_PACK(0,CRYPTO_F_CRYPTO_GET_NEW_LOCKID,0), "CRYPTO_get_new_lockid"},
+{ERR_PACK(0,CRYPTO_F_CRYPTO_SET_EX_DATA,0), "CRYPTO_set_ex_data"},
+{0,NULL},
+ };
+
+#endif
+
+void ERR_load_CRYPTO_strings()
+ {
+ static int init=1;
+
+ if (init);
+ {;
+ init=0;
+#ifndef NO_ERR
+ ERR_load_strings(ERR_LIB_CRYPTO,CRYPTO_str_functs);
+#endif
+
+ }
+ }
diff --git a/src/lib/libssl/src/crypto/cryptlib.c b/src/lib/libssl/src/crypto/cryptlib.c
new file mode 100644
index 0000000000..9a7e80b7f8
--- /dev/null
+++ b/src/lib/libssl/src/crypto/cryptlib.c
@@ -0,0 +1,307 @@
+/* crypto/cryptlib.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include "cryptlib.h"
+#include "crypto.h"
+#include "date.h"
+
+#if defined(WIN32) || defined(WIN16)
+static double SSLeay_MSVC5_hack=0.0; /* and for VC1.5 */
+#endif
+
+/* real #defines in crypto.h, keep these upto date */
+static char* lock_names[CRYPTO_NUM_LOCKS] =
+ {
+ "<<ERROR>>",
+ "err",
+ "err_hash",
+ "x509",
+ "x509_info",
+ "x509_pkey",
+ "x509_crl",
+ "x509_req",
+ "dsa",
+ "rsa",
+ "evp_pkey",
+ "x509_store",
+ "ssl_ctx",
+ "ssl_cert",
+ "ssl_session",
+ "ssl",
+ "rand",
+ "debug_malloc",
+ "BIO",
+ "bio_gethostbyname",
+ "RSA_blinding",
+ };
+
+static STACK *app_locks=NULL;
+
+#ifndef NOPROTO
+static void (MS_FAR *locking_callback)(int mode,int type,
+ char *file,int line)=NULL;
+static int (MS_FAR *add_lock_callback)(int *pointer,int amount,
+ int type,char *file,int line)=NULL;
+static unsigned long (MS_FAR *id_callback)(void)=NULL;
+#else
+static void (MS_FAR *locking_callback)()=NULL;
+static int (MS_FAR *add_lock_callback)()=NULL;
+static unsigned long (MS_FAR *id_callback)()=NULL;
+#endif
+
+int CRYPTO_get_new_lockid(name)
+char *name;
+ {
+ char *str;
+ int i;
+
+ /* A hack to make Visual C++ 5.0 work correctly when linking as
+ * a DLL using /MT. Without this, the application cannot use
+ * and floating point printf's.
+ * It also seems to be needed for Visual C 1.5 (win16) */
+#if defined(WIN32) || defined(WIN16)
+ SSLeay_MSVC5_hack=(double)name[0]*(double)name[1];
+#endif
+
+ if (app_locks == NULL)
+ if ((app_locks=sk_new_null()) == NULL)
+ CRYPTOerr(CRYPTO_F_CRYPTO_GET_NEW_LOCKID,ERR_R_MALLOC_FAILURE);
+ return(0);
+ if ((str=BUF_strdup(name)) == NULL)
+ return(0);
+ i=sk_push(app_locks,str);
+ if (!i)
+ Free(str);
+ else
+ i+=CRYPTO_NUM_LOCKS; /* gap of one :-) */
+ return(i);
+ }
+
+void (*CRYPTO_get_locking_callback(P_V))(P_I_I_P_I)
+ {
+ return(locking_callback);
+ }
+
+int (*CRYPTO_get_add_lock_callback(P_V))(P_IP_I_I_P_I)
+ {
+ return(add_lock_callback);
+ }
+
+void CRYPTO_set_locking_callback(func)
+void (*func)(P_I_I_P_I);
+ {
+ locking_callback=func;
+ }
+
+void CRYPTO_set_add_lock_callback(func)
+int (*func)(P_IP_I_I_P_I);
+ {
+ add_lock_callback=func;
+ }
+
+unsigned long (*CRYPTO_get_id_callback(P_V))(P_V)
+ {
+ return(id_callback);
+ }
+
+void CRYPTO_set_id_callback(func)
+unsigned long (*func)(P_V);
+ {
+ id_callback=func;
+ }
+
+unsigned long CRYPTO_thread_id()
+ {
+ unsigned long ret=0;
+
+ if (id_callback == NULL)
+ {
+#ifdef WIN16
+ ret=(unsigned long)GetCurrentTask();
+#elif defined(WIN32)
+ ret=(unsigned long)GetCurrentThreadId();
+#elif defined(MSDOS)
+ ret=1L;
+#else
+ ret=(unsigned long)getpid();
+#endif
+ }
+ else
+ ret=id_callback();
+ return(ret);
+ }
+
+void CRYPTO_lock(mode,type,file,line)
+int mode;
+int type;
+char *file;
+int line;
+ {
+#ifdef LOCK_DEBUG
+ {
+ char *rw_text,*operation_text;
+
+ if (mode & CRYPTO_LOCK)
+ operation_text="lock ";
+ else if (mode & CRYPTO_UNLOCK)
+ operation_text="unlock";
+ else
+ operation_text="ERROR ";
+
+ if (mode & CRYPTO_READ)
+ rw_text="r";
+ else if (mode & CRYPTO_WRITE)
+ rw_text="w";
+ else
+ rw_text="ERROR";
+
+ fprintf(stderr,"lock:%08lx:(%s)%s %-18s %s:%d\n",
+ CRYPTO_thread_id(), rw_text, operation_text,
+ CRYPTO_get_lock_name(type), file, line);
+ }
+#endif
+ if (locking_callback != NULL)
+ locking_callback(mode,type,file,line);
+ }
+
+int CRYPTO_add_lock(pointer,amount,type,file,line)
+int *pointer;
+int amount;
+int type;
+char *file;
+int line;
+ {
+ int ret;
+
+ if (add_lock_callback != NULL)
+ {
+#ifdef LOCK_DEBUG
+ int before= *pointer;
+#endif
+
+ ret=add_lock_callback(pointer,amount,type,file,line);
+#ifdef LOCK_DEBUG
+ fprintf(stderr,"ladd:%08lx:%2d+%2d->%2d %-18s %s:%d\n",
+ CRYPTO_thread_id(),
+ before,amount,ret,
+ CRYPTO_get_lock_name(type),
+ file,line);
+#endif
+ *pointer=ret;
+ }
+ else
+ {
+ CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,file,line);
+
+ ret= *pointer+amount;
+#ifdef LOCK_DEBUG
+ fprintf(stderr,"ladd:%08lx:%2d+%2d->%2d %-18s %s:%d\n",
+ CRYPTO_thread_id(),
+ *pointer,amount,ret,
+ CRYPTO_get_lock_name(type),
+ file,line);
+#endif
+ *pointer=ret;
+ CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,file,line);
+ }
+ return(ret);
+ }
+
+char *CRYPTO_get_lock_name(type)
+int type;
+ {
+ if (type < 0)
+ return("ERROR");
+ else if (type < CRYPTO_NUM_LOCKS)
+ return(lock_names[type]);
+ else if (type-CRYPTO_NUM_LOCKS >= sk_num(app_locks))
+ return("ERROR");
+ else
+ return(sk_value(app_locks,type-CRYPTO_NUM_LOCKS));
+ }
+
+#ifdef _DLL
+#ifdef WIN32
+
+/* All we really need to do is remove the 'error' state when a thread
+ * detaches */
+
+BOOL WINAPI DLLEntryPoint(hinstDLL,fdwReason,lpvReserved)
+HINSTANCE hinstDLL;
+DWORD fdwReason;
+LPVOID lpvReserved;
+ {
+ switch(fdwReason)
+ {
+ case DLL_PROCESS_ATTACH:
+ break;
+ case DLL_THREAD_ATTACH:
+ break;
+ case DLL_THREAD_DETACH:
+ ERR_remove_state(0);
+ break;
+ case DLL_PROCESS_DETACH:
+ break;
+ }
+ return(TRUE);
+ }
+#endif
+
+#endif
diff --git a/src/lib/libssl/src/crypto/cryptlib.h b/src/lib/libssl/src/crypto/cryptlib.h
new file mode 100644
index 0000000000..32757c9efb
--- /dev/null
+++ b/src/lib/libssl/src/crypto/cryptlib.h
@@ -0,0 +1,100 @@
+/* crypto/cryptlib.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_CRYPTLIB_H
+#define HEADER_CRYPTLIB_H
+
+#include <stdlib.h>
+#include <string.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* #ifdef FLAT_INC */
+
+#include "e_os.h"
+#include "crypto.h"
+#include "buffer.h"
+#include "bio.h"
+#include "err.h"
+
+/*
+#else
+
+#include "../e_os.h"
+#include "crypto.h"
+#include "buffer/buffer.h"
+#include "bio/bio.h"
+#include "err/err.h"
+#endif
+*/
+
+#define X509_CERT_AREA "/etc/ssl"
+#define X509_CERT_DIR "/etc/ssl/certs"
+#define X509_CERT_FILE "/etc/ssl/cert.pem"
+#define X509_PRIVATE_DIR "/etc/ssl/private"
+
+#define X509_CERT_DIR_EVP "SSL_CERT_DIR"
+#define X509_CERT_FILE_EVP "SSL_CERT_FILE"
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/src/lib/libssl/src/crypto/crypto.h b/src/lib/libssl/src/crypto/crypto.h
new file mode 100644
index 0000000000..0a38b5b87c
--- /dev/null
+++ b/src/lib/libssl/src/crypto/crypto.h
@@ -0,0 +1,319 @@
+/* crypto/crypto.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_CRYPTO_H
+#define HEADER_CRYPTO_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include "stack.h"
+
+/* This is more to be used to check the correct DLL is being used
+ * in the MS world. */
+#define SSLEAY_VERSION_NUMBER 0x0902 /* Version 0.5.1c would be 0513 */
+
+#define SSLEAY_VERSION 0
+/* #define SSLEAY_OPTIONS 1 no longer supported */
+#define SSLEAY_CFLAGS 2
+#define SSLEAY_BUILT_ON 3
+
+/* When changing the CRYPTO_LOCK_* list, be sure to maintin the text lock
+ * names in cryptlib.c
+ */
+
+#define CRYPTO_LOCK_ERR 1
+#define CRYPTO_LOCK_ERR_HASH 2
+#define CRYPTO_LOCK_X509 3
+#define CRYPTO_LOCK_X509_INFO 4
+#define CRYPTO_LOCK_X509_PKEY 5
+#define CRYPTO_LOCK_X509_CRL 6
+#define CRYPTO_LOCK_X509_REQ 7
+#define CRYPTO_LOCK_DSA 8
+#define CRYPTO_LOCK_RSA 9
+#define CRYPTO_LOCK_EVP_PKEY 10
+#define CRYPTO_LOCK_X509_STORE 11
+#define CRYPTO_LOCK_SSL_CTX 12
+#define CRYPTO_LOCK_SSL_CERT 13
+#define CRYPTO_LOCK_SSL_SESSION 14
+#define CRYPTO_LOCK_SSL 15
+#define CRYPTO_LOCK_RAND 16
+#define CRYPTO_LOCK_MALLOC 17
+#define CRYPTO_LOCK_BIO 18
+#define CRYPTO_LOCK_BIO_GETHOSTBYNAME 19
+#define CRYPTO_LOCK_RSA_BLINDING 20
+#define CRYPTO_NUM_LOCKS 21
+
+#define CRYPTO_LOCK 1
+#define CRYPTO_UNLOCK 2
+#define CRYPTO_READ 4
+#define CRYPTO_WRITE 8
+
+#ifndef CRYPTO_w_lock
+#define CRYPTO_w_lock(type) \
+ CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
+#define CRYPTO_w_unlock(type) \
+ CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
+#define CRYPTO_r_lock(type) \
+ CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,__FILE__,__LINE__)
+#define CRYPTO_r_unlock(type) \
+ CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,__FILE__,__LINE__)
+#define CRYPTO_add(addr,amount,type) \
+ CRYPTO_add_lock(addr,amount,type,__FILE__,__LINE__)
+
+#endif
+
+/* The following can be used to detect memory leaks in the SSLeay library.
+ * It used, it turns on malloc checking */
+
+#define CRYPTO_MEM_CHECK_OFF 0x0
+#define CRYPTO_MEM_CHECK_ON 0x1
+
+/*
+typedef struct crypto_mem_st
+ {
+ char *(*malloc_func)();
+ char *(*realloc_func)();
+ void (*free_func)();
+ } CRYPTO_MEM_FUNC;
+*/
+
+/* predec of the BIO type */
+typedef struct bio_st BIO_dummy;
+
+typedef struct crypto_ex_data_st
+ {
+ STACK *sk;
+ int dummy; /* gcc is screwing up this data structure :-( */
+ } CRYPTO_EX_DATA;
+
+/* This stuff is basically class callback functions
+ * The current classes are SSL_CTX, SSL, SSL_SESION, and a few more */
+typedef struct crypto_ex_data_func_st
+ {
+ long argl; /* Arbitary long */
+ char *argp; /* Arbitary char * */
+ /* Called when a new object is created */
+ int (*new_func)(/*char *obj,
+ char *item,int index,long argl,char *argp*/);
+ /* Called when this object is free()ed */
+ void (*free_func)(/*char *obj,
+ char *item,int index,long argl,char *argp*/);
+
+ /* Called when we need to dup this one */
+ int (*dup_func)(/*char *obj_to,char *obj_from,
+ char **new,int index,long argl,char *argp*/);
+ } CRYPTO_EX_DATA_FUNCS;
+
+/* Per class, we have a STACK of CRYPTO_EX_DATA_FUNCS for each CRYPTO_EX_DATA
+ * entry.
+ */
+
+#define CRYPTO_EX_INDEX_BIO 0
+#define CRYPTO_EX_INDEX_SSL 1
+#define CRYPTO_EX_INDEX_SSL_CTX 2
+#define CRYPTO_EX_INDEX_SSL_SESSION 3
+#define CRYPTO_EX_INDEX_X509_STORE 4
+#define CRYPTO_EX_INDEX_X509_STORE_CTX 5
+
+/* Use this for win32 DLL's */
+#define CRYPTO_malloc_init() CRYPTO_set_mem_functions(\
+ (char *(*)())malloc,\
+ (char *(*)())realloc,\
+ (void (*)())free)
+
+#ifdef CRYPTO_MDEBUG
+#define Malloc(num) CRYPTO_dbg_malloc((int)num,__FILE__,__LINE__)
+#define Realloc(addr,num) \
+ CRYPTO_dbg_realloc((char *)addr,(int)num,__FILE__,__LINE__)
+#define Remalloc(addr,num) \
+ CRYPTO_dbg_remalloc((char **)addr,(int)num,__FILE__,__LINE__)
+#define FreeFunc CRYPTO_dbg_free
+#define Free(addr) CRYPTO_dbg_free((char *)(addr))
+#else
+#define Remalloc CRYPTO_remalloc
+#if defined(WIN32) || defined(MFUNC)
+#define Malloc CRYPTO_malloc
+#define Realloc(a,n) CRYPTO_realloc((char *)(a),(n))
+#define FreeFunc CRYPTO_free
+#define Free(addr) CRYPTO_free((char *)(addr))
+#else
+#define Malloc malloc
+#define Realloc realloc
+#define FreeFunc free
+#define Free(addr) free((char *)(addr))
+#endif /* WIN32 || MFUNC */
+#endif /* MDEBUG */
+
+/* Case insensiteve linking causes problems.... */
+#ifdef WIN16
+#define ERR_load_CRYPTO_strings ERR_load_CRYPTOlib_strings
+#endif
+
+#ifndef NOPROTO
+
+char *SSLeay_version(int type);
+unsigned long SSLeay(void);
+
+int CRYPTO_get_ex_new_index(int idx,STACK **sk,long argl,char *argp,
+ int (*new_func)(),int (*dup_func)(),void (*free_func)());
+int CRYPTO_set_ex_data(CRYPTO_EX_DATA *ad,int idx,char *val);
+char *CRYPTO_get_ex_data(CRYPTO_EX_DATA *ad,int idx);
+int CRYPTO_dup_ex_data(STACK *meth,CRYPTO_EX_DATA *from,CRYPTO_EX_DATA *to);
+void CRYPTO_free_ex_data(STACK *meth,char *obj,CRYPTO_EX_DATA *ad);
+void CRYPTO_new_ex_data(STACK *meth, char *obj, CRYPTO_EX_DATA *ad);
+
+int CRYPTO_mem_ctrl(int mode);
+int CRYPTO_get_new_lockid(char *name);
+void CRYPTO_lock(int mode, int type,char *file,int line);
+void CRYPTO_set_locking_callback(void (*func)(int mode,int type,char *file,
+ int line));
+void (*CRYPTO_get_locking_callback(void))(int mode,int type,char *file,
+ int line);
+void CRYPTO_set_add_lock_callback(int (*func)(int *num,int mount,
+ int type,char *file, int line));
+int (*CRYPTO_get_add_lock_callback(void))(int *num,int mount,
+ int type,char *file,int line);
+void CRYPTO_set_id_callback(unsigned long (*func)(void));
+unsigned long (*CRYPTO_get_id_callback(void))(void);
+unsigned long CRYPTO_thread_id(void);
+char *CRYPTO_get_lock_name(int type);
+int CRYPTO_add_lock(int *pointer,int amount,int type, char *file,int line);
+
+void CRYPTO_set_mem_functions(char *(*m)(),char *(*r)(), void (*free_func)());
+void CRYPTO_get_mem_functions(char *(**m)(),char *(**r)(), void (**f)());
+
+char *CRYPTO_malloc(int num);
+char *CRYPTO_realloc(char *addr,int num);
+void CRYPTO_free(char *);
+char *CRYPTO_remalloc(char *addr,int num);
+
+char *CRYPTO_dbg_malloc(int num,char *file,int line);
+char *CRYPTO_dbg_realloc(char *addr,int num,char *file,int line);
+void CRYPTO_dbg_free(char *);
+char *CRYPTO_dbg_remalloc(char *addr,int num,char *file,int line);
+#ifndef NO_FP_API
+void CRYPTO_mem_leaks_fp(FILE *);
+#endif
+void CRYPTO_mem_leaks(struct bio_st *bio);
+/* unsigned long order, char *file, int line, int num_bytes, char *addr */
+void CRYPTO_mem_leaks_cb(void (*cb)());
+
+void ERR_load_CRYPTO_strings(void );
+
+#else
+
+int CRYPTO_get_ex_new_index();
+int CRYPTO_set_ex_data();
+char *CRYPTO_get_ex_data();
+int CRYPTO_dup_ex_data();
+void CRYPTO_free_ex_data();
+void CRYPTO_new_ex_data();
+
+int CRYPTO_mem_ctrl();
+char *SSLeay_version();
+unsigned long SSLeay();
+
+int CRYPTO_get_new_lockid();
+void CRYPTO_lock();
+void CRYPTO_set_locking_callback();
+void (*CRYPTO_get_locking_callback())();
+void CRYPTO_set_add_lock_callback();
+int (*CRYPTO_get_add_lock_callback())();
+void CRYPTO_set_id_callback();
+unsigned long (*CRYPTO_get_id_callback())();
+unsigned long CRYPTO_thread_id();
+char *CRYPTO_get_lock_name();
+int CRYPTO_add_lock();
+
+void CRYPTO_set_mem_functions();
+void CRYPTO_get_mem_functions();
+char *CRYPTO_malloc();
+char *CRYPTO_realloc();
+void CRYPTO_free();
+char *CRYPTO_remalloc();
+char *CRYPTO_dbg_remalloc();
+char *CRYPTO_dbg_malloc();
+char *CRYPTO_dbg_realloc();
+void CRYPTO_dbg_free();
+#ifndef NO_FP_API
+void CRYPTO_mem_leaks_fp();
+#endif
+void CRYPTO_mem_leaks();
+void CRYPTO_mem_leaks_cb();
+
+void ERR_load_CRYPTO_strings();
+
+#endif
+
+/* BEGIN ERROR CODES */
+/* Error codes for the CRYPTO functions. */
+
+/* Function codes. */
+#define CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX 100
+#define CRYPTO_F_CRYPTO_GET_NEW_LOCKID 101
+#define CRYPTO_F_CRYPTO_SET_EX_DATA 102
+
+/* Reason codes. */
+
+#ifdef __cplusplus
+}
+#endif
+#endif
+
diff --git a/src/lib/libssl/src/crypto/cversion.c b/src/lib/libssl/src/crypto/cversion.c
new file mode 100644
index 0000000000..4e823be52f
--- /dev/null
+++ b/src/lib/libssl/src/crypto/cversion.c
@@ -0,0 +1,99 @@
+/* crypto/cversion.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include "cryptlib.h"
+#include "crypto.h"
+#include "date.h"
+
+char *SSLeay_version(t)
+int t;
+ {
+ if (t == SSLEAY_VERSION)
+ return("SSLeay 0.9.0b 29-Jun-1998");
+ if (t == SSLEAY_BUILT_ON)
+ {
+#ifdef DATE
+ static char buf[sizeof(DATE)+10];
+
+ sprintf(buf,"built on %s",DATE);
+ return(buf);
+#else
+ return("build date not available");
+#endif
+ }
+ if (t == SSLEAY_CFLAGS)
+ {
+#ifdef CFLAGS
+ static char buf[sizeof(CFLAGS)+10];
+
+ sprintf(buf,"C flags:%s",CFLAGS);
+ return(buf);
+#else
+ return("C flags not available");
+#endif
+ }
+ return("not available");
+ }
+
+unsigned long SSLeay()
+ {
+ return(SSLEAY_VERSION_NUMBER);
+ }
+
diff --git a/src/lib/libssl/src/crypto/des/COPYRIGHT b/src/lib/libssl/src/crypto/des/COPYRIGHT
new file mode 100644
index 0000000000..5469e1e469
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/COPYRIGHT
@@ -0,0 +1,50 @@
+Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+All rights reserved.
+
+This package is an DES implementation written by Eric Young (eay@cryptsoft.com).
+The implementation was written so as to conform with MIT's libdes.
+
+This library is free for commercial and non-commercial use as long as
+the following conditions are aheared to. The following conditions
+apply to all code found in this distribution.
+
+Copyright remains Eric Young's, and as such any Copyright notices in
+the code are not to be removed.
+If this package is used in a product, Eric Young should be given attribution
+as the author of that the SSL library. This can be in the form of a textual
+message at program startup or in documentation (online or textual) provided
+with the package.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions
+are met:
+1. Redistributions of source code must retain the copyright
+ notice, this list of conditions and the following disclaimer.
+2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+3. All advertising materials mentioning features or use of this software
+ must display the following acknowledgement:
+ This product includes software developed by Eric Young (eay@cryptsoft.com)
+
+THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+SUCH DAMAGE.
+
+The license and distribution terms for any publically available version or
+derivative of this code cannot be changed. i.e. this code cannot simply be
+copied and put under another distrubution license
+[including the GNU Public License.]
+
+The reason behind this being stated in this direct manner is past
+experience in code simply being copied and the attribution removed
+from it and then being distributed as part of other packages. This
+implementation was a non-trivial and unpaid effort.
diff --git a/src/lib/libssl/src/crypto/des/DES.pm b/src/lib/libssl/src/crypto/des/DES.pm
new file mode 100644
index 0000000000..6a175b6ca4
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/DES.pm
@@ -0,0 +1,19 @@
+package DES;
+
+require Exporter;
+require DynaLoader;
+@ISA = qw(Exporter DynaLoader);
+# Items to export into callers namespace by default
+# (move infrequently used names to @EXPORT_OK below)
+@EXPORT = qw(
+);
+# Other items we are prepared to export if requested
+@EXPORT_OK = qw(
+crypt
+);
+
+# Preloaded methods go here. Autoload methods go after __END__, and are
+# processed by the autosplit program.
+bootstrap DES;
+1;
+__END__
diff --git a/src/lib/libssl/src/crypto/des/DES.xs b/src/lib/libssl/src/crypto/des/DES.xs
new file mode 100644
index 0000000000..b8050b9edf
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/DES.xs
@@ -0,0 +1,268 @@
+#include "EXTERN.h"
+#include "perl.h"
+#include "XSUB.h"
+#include "des.h"
+
+#define deschar char
+static STRLEN len;
+
+static int
+not_here(s)
+char *s;
+{
+ croak("%s not implemented on this architecture", s);
+ return -1;
+}
+
+MODULE = DES PACKAGE = DES PREFIX = des_
+
+char *
+des_crypt(buf,salt)
+ char * buf
+ char * salt
+
+void
+des_set_odd_parity(key)
+ des_cblock * key
+PPCODE:
+ {
+ SV *s;
+
+ s=sv_newmortal();
+ sv_setpvn(s,(char *)key,8);
+ des_set_odd_parity((des_cblock *)SvPV(s,na));
+ PUSHs(s);
+ }
+
+int
+des_is_weak_key(key)
+ des_cblock * key
+
+des_key_schedule
+des_set_key(key)
+ des_cblock * key
+CODE:
+ des_set_key(key,RETVAL);
+OUTPUT:
+RETVAL
+
+des_cblock
+des_ecb_encrypt(input,ks,encrypt)
+ des_cblock * input
+ des_key_schedule * ks
+ int encrypt
+CODE:
+ des_ecb_encrypt(input,&RETVAL,*ks,encrypt);
+OUTPUT:
+RETVAL
+
+void
+des_cbc_encrypt(input,ks,ivec,encrypt)
+ char * input
+ des_key_schedule * ks
+ des_cblock * ivec
+ int encrypt
+PPCODE:
+ {
+ SV *s;
+ STRLEN len,l;
+ char *c;
+
+ l=SvCUR(ST(0));
+ len=((((unsigned long)l)+7)/8)*8;
+ s=sv_newmortal();
+ sv_setpvn(s,"",0);
+ SvGROW(s,len);
+ SvCUR_set(s,len);
+ c=(char *)SvPV(s,na);
+ des_cbc_encrypt((des_cblock *)input,(des_cblock *)c,
+ l,*ks,ivec,encrypt);
+ sv_setpvn(ST(2),(char *)c[len-8],8);
+ PUSHs(s);
+ }
+
+void
+des_cbc3_encrypt(input,ks1,ks2,ivec1,ivec2,encrypt)
+ char * input
+ des_key_schedule * ks1
+ des_key_schedule * ks2
+ des_cblock * ivec1
+ des_cblock * ivec2
+ int encrypt
+PPCODE:
+ {
+ SV *s;
+ STRLEN len,l;
+
+ l=SvCUR(ST(0));
+ len=((((unsigned long)l)+7)/8)*8;
+ s=sv_newmortal();
+ sv_setpvn(s,"",0);
+ SvGROW(s,len);
+ SvCUR_set(s,len);
+ des_3cbc_encrypt((des_cblock *)input,(des_cblock *)SvPV(s,na),
+ l,*ks1,*ks2,ivec1,ivec2,encrypt);
+ sv_setpvn(ST(3),(char *)ivec1,8);
+ sv_setpvn(ST(4),(char *)ivec2,8);
+ PUSHs(s);
+ }
+
+void
+des_cbc_cksum(input,ks,ivec)
+ char * input
+ des_key_schedule * ks
+ des_cblock * ivec
+PPCODE:
+ {
+ SV *s1,*s2;
+ STRLEN len,l;
+ des_cblock c;
+ unsigned long i1,i2;
+
+ s1=sv_newmortal();
+ s2=sv_newmortal();
+ l=SvCUR(ST(0));
+ des_cbc_cksum((des_cblock *)input,(des_cblock *)c,
+ l,*ks,ivec);
+ i1=c[4]|(c[5]<<8)|(c[6]<<16)|(c[7]<<24);
+ i2=c[0]|(c[1]<<8)|(c[2]<<16)|(c[3]<<24);
+ sv_setiv(s1,i1);
+ sv_setiv(s2,i2);
+ sv_setpvn(ST(2),(char *)c,8);
+ PUSHs(s1);
+ PUSHs(s2);
+ }
+
+void
+des_cfb_encrypt(input,numbits,ks,ivec,encrypt)
+ char * input
+ int numbits
+ des_key_schedule * ks
+ des_cblock * ivec
+ int encrypt
+PPCODE:
+ {
+ SV *s;
+ STRLEN len;
+ char *c;
+
+ len=SvCUR(ST(0));
+ s=sv_newmortal();
+ sv_setpvn(s,"",0);
+ SvGROW(s,len);
+ SvCUR_set(s,len);
+ c=(char *)SvPV(s,na);
+ des_cfb_encrypt((unsigned char *)input,(unsigned char *)c,
+ (int)numbits,(long)len,*ks,ivec,encrypt);
+ sv_setpvn(ST(3),(char *)ivec,8);
+ PUSHs(s);
+ }
+
+des_cblock *
+des_ecb3_encrypt(input,ks1,ks2,encrypt)
+ des_cblock * input
+ des_key_schedule * ks1
+ des_key_schedule * ks2
+ int encrypt
+CODE:
+ {
+ des_cblock c;
+
+ des_ecb3_encrypt((des_cblock *)input,(des_cblock *)&c,
+ *ks1,*ks2,encrypt);
+ RETVAL= &c;
+ }
+OUTPUT:
+RETVAL
+
+void
+des_ofb_encrypt(input,numbits,ks,ivec)
+ unsigned char * input
+ int numbits
+ des_key_schedule * ks
+ des_cblock * ivec
+PPCODE:
+ {
+ SV *s;
+ STRLEN len,l;
+ unsigned char *c;
+
+ len=SvCUR(ST(0));
+ s=sv_newmortal();
+ sv_setpvn(s,"",0);
+ SvGROW(s,len);
+ SvCUR_set(s,len);
+ c=(unsigned char *)SvPV(s,na);
+ des_ofb_encrypt((unsigned char *)input,(unsigned char *)c,
+ numbits,len,*ks,ivec);
+ sv_setpvn(ST(3),(char *)ivec,8);
+ PUSHs(s);
+ }
+
+void
+des_pcbc_encrypt(input,ks,ivec,encrypt)
+ char * input
+ des_key_schedule * ks
+ des_cblock * ivec
+ int encrypt
+PPCODE:
+ {
+ SV *s;
+ STRLEN len,l;
+ char *c;
+
+ l=SvCUR(ST(0));
+ len=((((unsigned long)l)+7)/8)*8;
+ s=sv_newmortal();
+ sv_setpvn(s,"",0);
+ SvGROW(s,len);
+ SvCUR_set(s,len);
+ c=(char *)SvPV(s,na);
+ des_pcbc_encrypt((des_cblock *)input,(des_cblock *)c,
+ l,*ks,ivec,encrypt);
+ sv_setpvn(ST(2),(char *)c[len-8],8);
+ PUSHs(s);
+ }
+
+des_cblock *
+des_random_key()
+CODE:
+ {
+ des_cblock c;
+
+ des_random_key(c);
+ RETVAL=&c;
+ }
+OUTPUT:
+RETVAL
+
+des_cblock *
+des_string_to_key(str)
+char * str
+CODE:
+ {
+ des_cblock c;
+
+ des_string_to_key(str,&c);
+ RETVAL=&c;
+ }
+OUTPUT:
+RETVAL
+
+void
+des_string_to_2keys(str)
+char * str
+PPCODE:
+ {
+ des_cblock c1,c2;
+ SV *s1,*s2;
+
+ des_string_to_2keys(str,&c1,&c2);
+ EXTEND(sp,2);
+ s1=sv_newmortal();
+ sv_setpvn(s1,(char *)c1,8);
+ s2=sv_newmortal();
+ sv_setpvn(s2,(char *)c2,8);
+ PUSHs(s1);
+ PUSHs(s2);
+ }
diff --git a/src/lib/libssl/src/crypto/des/INSTALL b/src/lib/libssl/src/crypto/des/INSTALL
new file mode 100644
index 0000000000..32457d775c
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/INSTALL
@@ -0,0 +1,69 @@
+Check the CC and CFLAGS lines in the makefile
+
+If your C library does not support the times(3) function, change the
+#define TIMES to
+#undef TIMES in speed.c
+If it does, check the HZ value for the times(3) function.
+If your system does not define CLK_TCK it will be assumed to
+be 100.0.
+
+If possible use gcc v 2.7.?
+Turn on the maximum optimising (normally '-O3 -fomit-frame-pointer' for gcc)
+In recent times, some system compilers give better performace.
+
+type 'make'
+
+run './destest' to check things are ok.
+run './rpw' to check the tty code for reading passwords works.
+run './speed' to see how fast those optimisations make the library run :-)
+run './des_opts' to determin the best compile time options.
+
+The output from des_opts should be put in the makefile options and des_enc.c
+should be rebuilt. For 64 bit computers, do not use the DES_PTR option.
+For the DEC Alpha, edit des.h and change DES_LONG to 'unsigned int'
+and then you can use the 'DES_PTR' option.
+
+The file options.txt has the options listed for best speed on quite a
+few systems. Look and the options (UNROLL, PTR, RISC2 etc) and then
+turn on the relevent option in the Makefile
+
+There are some special Makefile targets that make life easier.
+make cc - standard cc build
+make gcc - standard gcc build
+make x86-elf - x86 assembler (elf), linux-elf.
+make x86-out - x86 assembler (a.out), FreeBSD
+make x86-solaris- x86 assembler
+make x86-bsdi - x86 assembler (a.out with primative assembler).
+
+If at all possible use the assembler (for Windows NT/95, use
+asm/win32.obj to link with). The x86 assembler is very very fast.
+
+A make install will by default install
+libdes.a in /usr/local/lib/libdes.a
+des in /usr/local/bin/des
+des_crypt.man in /usr/local/man/man3/des_crypt.3
+des.man in /usr/local/man/man1/des.1
+des.h in /usr/include/des.h
+
+des(1) should be compatible with sunOS's but I have been unable to
+test it.
+
+These routines should compile on MSDOS, most 32bit and 64bit version
+of Unix (BSD and SYSV) and VMS, without modification.
+The only problems should be #include files that are in the wrong places.
+
+These routines can be compiled under MSDOS.
+I have successfully encrypted files using des(1) under MSDOS and then
+decrypted the files on a SparcStation.
+I have been able to compile and test the routines with
+Microsoft C v 5.1 and Turbo C v 2.0.
+The code in this library is in no way optimised for the 16bit
+operation of MSDOS.
+
+When building for glibc, ignore all of the above and just unpack into
+glibc-1.??/des and then gmake as per normal.
+
+As a final note on performace. Certain CPUs like sparcs and Alpha often give
+a %10 speed difference depending on the link order. It is rather anoying
+when one program reports 'x' DES encrypts a second and another reports
+'x*0.9' the speed.
diff --git a/src/lib/libssl/src/crypto/des/Imakefile b/src/lib/libssl/src/crypto/des/Imakefile
new file mode 100644
index 0000000000..1b9b5629e1
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/Imakefile
@@ -0,0 +1,35 @@
+# This Imakefile has not been tested for a while but it should still
+# work when placed in the correct directory in the kerberos v 4 distribution
+
+SRCS= cbc_cksm.c cbc_enc.c ecb_enc.c pcbc_enc.c \
+ qud_cksm.c rand_key.c read_pwd.c set_key.c str2key.c \
+ enc_read.c enc_writ.c fcrypt.c cfb_enc.c \
+ ecb3_enc.c ofb_enc.c ofb64enc.c
+
+OBJS= cbc_cksm.o cbc_enc.o ecb_enc.o pcbc_enc.o \
+ qud_cksm.o rand_key.o read_pwd.o set_key.o str2key.o \
+ enc_read.o enc_writ.o fcrypt.o cfb_enc.o \
+ ecb3_enc.o ofb_enc.o ofb64enc.o
+
+GENERAL=COPYRIGHT FILES INSTALL Imakefile README VERSION makefile times \
+ vms.com KERBEROS
+DES= des.c des.man
+TESTING=destest.c speed.c rpw.c
+LIBDES= des_crypt.man des.h des_locl.h podd.h sk.h spr.h
+
+PERL= des.pl testdes.pl doIP doPC1 doPC2 PC1 PC2 shifts.pl
+
+CODE= $(GENERAL) $(DES) $(TESTING) $(SRCS) $(LIBDES) $(PERL)
+
+SRCDIR=$(SRCTOP)/lib/des
+
+DBG= -O
+INCLUDE= -I$(SRCDIR)
+CC= cc
+
+library_obj_rule()
+
+install_library_target(des,$(OBJS),$(SRCS),)
+
+test(destest,libdes.a,)
+test(rpw,libdes.a,)
diff --git a/src/lib/libssl/src/crypto/des/KERBEROS b/src/lib/libssl/src/crypto/des/KERBEROS
new file mode 100644
index 0000000000..f401b10014
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/KERBEROS
@@ -0,0 +1,41 @@
+ [ This is an old file, I don't know if it is true anymore
+ but I will leave the file here - eay 21/11/95 ]
+
+To use this library with Bones (kerberos without DES):
+1) Get my modified Bones - eBones. It can be found on
+ gondwana.ecr.mu.oz.au (128.250.1.63) /pub/athena/eBones-p9.tar.Z
+ and
+ nic.funet.fi (128.214.6.100) /pub/unix/security/Kerberos/eBones-p9.tar.Z
+
+2) Unpack this library in src/lib/des, makeing sure it is version
+ 3.00 or greater (libdes.tar.93-10-07.Z). This versions differences
+ from the version in comp.sources.misc volume 29 patchlevel2.
+ The primarily difference is that it should compile under kerberos :-).
+ It can be found at.
+ ftp.psy.uq.oz.au (130.102.32.1) /pub/DES/libdes.tar.93-10-07.Z
+
+Now do a normal kerberos build and things should work.
+
+One problem I found when I was build on my local sun.
+---
+For sunOS 4.1.1 apply the following patch to src/util/ss/make_commands.c
+
+*** make_commands.c.orig Fri Jul 3 04:18:35 1987
+--- make_commands.c Wed May 20 08:47:42 1992
+***************
+*** 98,104 ****
+ if (!rename(o_file, z_file)) {
+ if (!vfork()) {
+ chdir("/tmp");
+! execl("/bin/ld", "ld", "-o", o_file+5, "-s", "-r", "-n",
+ z_file+5, 0);
+ perror("/bin/ld");
+ _exit(1);
+--- 98,104 ----
+ if (!rename(o_file, z_file)) {
+ if (!vfork()) {
+ chdir("/tmp");
+! execl("/bin/ld", "ld", "-o", o_file+5, "-s", "-r",
+ z_file+5, 0);
+ perror("/bin/ld");
+ _exit(1);
diff --git a/src/lib/libssl/src/crypto/des/README b/src/lib/libssl/src/crypto/des/README
new file mode 100644
index 0000000000..621a5ab467
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/README
@@ -0,0 +1,54 @@
+
+ libdes, Version 4.01 10-Jan-97
+
+ Copyright (c) 1997, Eric Young
+ All rights reserved.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms specified in COPYRIGHT.
+
+--
+The primary ftp site for this library is
+ftp://ftp.psy.uq.oz.au/pub/Crypto/DES/libdes-x.xx.tar.gz
+libdes is now also shipped with SSLeay. Primary ftp site of
+ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL/SSLeay-x.x.x.tar.gz
+
+The best way to build this library is to build it as part of SSLeay.
+
+This kit builds a DES encryption library and a DES encryption program.
+It supports ecb, cbc, ofb, cfb, triple ecb, triple cbc, triple ofb,
+triple cfb, desx, and MIT's pcbc encryption modes and also has a fast
+implementation of crypt(3).
+It contains support routines to read keys from a terminal,
+generate a random key, generate a key from an arbitrary length string,
+read/write encrypted data from/to a file descriptor.
+
+The implementation was written so as to conform with the manual entry
+for the des_crypt(3) library routines from MIT's project Athena.
+
+destest should be run after compilation to test the des routines.
+rpw should be run after compilation to test the read password routines.
+The des program is a replacement for the sun des command. I believe it
+conforms to the sun version.
+
+The Imakefile is setup for use in the kerberos distribution.
+
+These routines are best compiled with gcc or any other good
+optimising compiler.
+Just turn you optimiser up to the highest settings and run destest
+after the build to make sure everything works.
+
+I believe these routines are close to the fastest and most portable DES
+routines that use small lookup tables (4.5k) that are publicly available.
+The fcrypt routine is faster than ufc's fcrypt (when compiling with
+gcc2 -O2) on the sparc 2 (1410 vs 1270) but is not so good on other machines
+(on a sun3/260 168 vs 336). It is a function of CPU on chip cache size.
+[ 10-Jan-97 and a function of an incorrect speed testing program in
+ ufc which gave much better test figures that reality ].
+
+It is worth noting that on sparc and Alpha CPUs, performance of the DES
+library can vary by upto %10 due to the positioning of files after application
+linkage.
+
+Eric Young (eay@cryptsoft.com)
+
diff --git a/src/lib/libssl/src/crypto/des/VERSION b/src/lib/libssl/src/crypto/des/VERSION
new file mode 100644
index 0000000000..f62d8bdac0
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/VERSION
@@ -0,0 +1,411 @@
+ Defining SIGACTION causes sigaction() to be used instead of signal().
+ SIGUSR1/SIGUSR2 are no longer mapped in the read tty stuff because it
+ can cause problems. This should hopefully not affect normal
+ applications.
+
+Version 4.04
+ Fixed a few tests in destest. Also added x86 assember for
+ des_ncbc_encrypt() which is the standard cbc mode function.
+ This makes a very very large performace difference.
+ Ariel Glenn ariel@columbia.edu reports that the terminal
+ 'turn echo off' can return (errno == EINVAL) under solaris
+ when redirection is used. So I now catch that as well as ENOTTY.
+
+
+Version 4.03
+ Left a static out of enc_write.c, which caused to buffer to be
+ continiously malloc()ed. Does anyone use these functions? I keep
+ on feeling like removing them since I only had these in there
+ for a version of kerberised login. Anyway, this was pointed out
+ by Theo de Raadt <deraadt@cvs.openbsd.org>
+ The 'n' bit ofb code was wrong, it was not shifting the shift
+ register. It worked correctly for n == 64. Thanks to
+ Gigi Ankeny <Gigi.Ankeny@Eng.Sun.COM> for pointing this one out.
+
+Version 4.02
+ I was doing 'if (memcmp(weak_keys[i],key,sizeof(key)) == 0)'
+ when checking for weak keys which is wrong :-(, pointed out by
+ Markus F.X.J. Oberhumer <markus.oberhumer@jk.uni-linz.ac.at>.
+
+Version 4.01
+ Even faster inner loop in the DES assembler for x86 and a modification
+ for IP/FP which is faster on x86. Both of these changes are
+ from Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>. His
+ changes make the assembler run %40 faster on a pentium. This is just
+ a case of getting the instruction sequence 'just right'.
+ All credit to 'Svend' :-)
+ Quite a few special x86 'make' targets.
+ A libdes-l (lite) distribution.
+
+Version 4.00
+ After a bit of a pause, I'll up the major version number since this
+ is mostly a performace release. I've added x86 assembler and
+ added more options for performance. A %28 speedup for gcc
+ on a pentium and the assembler is a %50 speedup.
+ MIPS CPU's, sparc and Alpha are the main CPU's with speedups.
+ Run des_opts to work out which options should be used.
+ DES_RISC1/DES_RISC2 use alternative inner loops which use
+ more registers but should give speedups on any CPU that does
+ dual issue (pentium). DES_UNROLL unrolls the inner loop,
+ which costs in code size.
+
+Version 3.26
+ I've finally removed one of the shifts in D_ENCRYPT. This
+ meant I've changed the des_SPtrans table (spr.h), the set_key()
+ function and some things in des_enc.c. This has definitly
+ made things faster :-). I've known about this one for some
+ time but I've been too lazy to follow it up :-).
+ Noticed that in the D_ENCRYPT() macro, we can just do L^=(..)^(..)^..
+ instead of L^=((..)|(..)|(..).. This should save a register at
+ least.
+ Assember for x86. The file to replace is des_enc.c, which is replaced
+ by one of the assembler files found in asm. Look at des/asm/readme
+ for more info.
+
+ /* Modification to fcrypt so it can be compiled to support
+ HPUX 10.x's long password format, define -DLONGCRYPT to use this.
+ Thanks to Jens Kupferschmidt <bt1cu@hpboot.rz.uni-leipzig.de>. */
+
+ SIGWINCH case put in des_read_passwd() so the function does not
+ 'exit' if this function is recieved.
+
+Version 3.25 17/07/96
+ Modified read_pwd.c so that stdin can be read if not a tty.
+ Thanks to Jeff Barber <jeffb@issl.atl.hp.com> for the patches.
+ des_init_random_number_generator() shortened due to VMS linker
+ limits.
+ Added RSA's DESX cbc mode. It is a form of cbc encryption, with 2
+ 8 byte quantites xored before and after encryption.
+ des_xcbc_encryption() - the name is funny to preserve the des_
+ prefix on all functions.
+
+Version 3.24 20/04/96
+ The DES_PTR macro option checked and used by SSLeay configuration
+
+Version 3.23 11/04/96
+ Added DES_LONG. If defined to 'unsigned int' on the DEC Alpha,
+ it gives a %20 speedup :-)
+ Fixed the problem with des.pl under perl5. The patches were
+ sent by Ed Kubaitis (ejk@uiuc.edu).
+ if fcrypt.c, changed values to handle illegal salt values the way
+ normal crypt() implementations do. Some programs apparently use
+ them :-(. The patch was sent by Bjorn Gronvall <bg@sics.se>
+
+Version 3.22 29/11/95
+ Bug in des(1), an error with the uuencoding stuff when the
+ 'data' is small, thanks to Geoff Keating <keagchon@mehta.anu.edu.au>
+ for the patch.
+
+Version 3.21 22/11/95
+ After some emailing back and forth with
+ Colin Plumb <colin@nyx10.cs.du.edu>, I've tweaked a few things
+ and in a future version I will probably put in some of the
+ optimisation he suggested for use with the DES_USE_PTR option.
+ Extra routines from Mark Murray <mark@grondar.za> for use in
+ freeBSD. They mostly involve random number generation for use
+ with kerberos. They involve evil machine specific system calls
+ etc so I would normally suggest pushing this stuff into the
+ application and/or using RAND_seed()/RAND_bytes() if you are
+ using this DES library as part of SSLeay.
+ Redone the read_pw() function so that it is cleaner and
+ supports termios, thanks to Sameer Parekh <sameer@c2.org>
+ for the initial patches for this.
+ Renamed 3ecb_encrypt() to ecb3_encrypt(). This has been
+ done just to make things more consistent.
+ I have also now added triple DES versions of cfb and ofb.
+
+Version 3.20
+ Damn, Damn, Damn, as pointed out by Mike_Spreitzer.PARC@xerox.com,
+ my des_random_seed() function was only copying 4 bytes of the
+ passed seed into the init structure. It is now fixed to copy 8.
+ My own suggestion is to used something like MD5 :-)
+
+Version 3.19
+ While looking at my code one day, I though, why do I keep on
+ calling des_encrypt(in,out,ks,enc) when every function that
+ calls it has in and out the same. So I dropped the 'out'
+ parameter, people should not be using this function.
+
+Version 3.18 30/08/95
+ Fixed a few bit with the distribution and the filenames.
+ 3.17 had been munged via a move to DOS and back again.
+ NO CODE CHANGES
+
+Version 3.17 14/07/95
+ Fixed ede3 cbc which I had broken in 3.16. I have also
+ removed some unneeded variables in 7-8 of the routines.
+
+Version 3.16 26/06/95
+ Added des_encrypt2() which does not use IP/FP, used by triple
+ des routines. Tweaked things a bit elsewhere. %13 speedup on
+ sparc and %6 on a R4400 for ede3 cbc mode.
+
+Version 3.15 06/06/95
+ Added des_ncbc_encrypt(), it is des_cbc mode except that it is
+ 'normal' and copies the new iv value back over the top of the
+ passed parameter.
+ CHANGED des_ede3_cbc_encrypt() so that it too now overwrites
+ the iv. THIS WILL BREAK EXISTING CODE, but since this function
+ only new, I feel I can change it, not so with des_cbc_encrypt :-(.
+ I need to update the documentation.
+
+Version 3.14 31/05/95
+ New release upon the world, as part of my SSL implementation.
+ New copyright and usage stuff. Basically free for all to use
+ as long as you say it came from me :-)
+
+Version 3.13 31/05/95
+ A fix in speed.c, if HZ is not defined, I set it to 100.0
+ which is reasonable for most unixes except SunOS 4.x.
+ I now have a #ifdef sun but timing for SunOS 4.x looked very
+ good :-(. At my last job where I used SunOS 4.x, it was
+ defined to be 60.0 (look at the old INSTALL documentation), at
+ the last release had it changed to 100.0 since I now work with
+ Solaris2 and SVR4 boxes.
+ Thanks to Rory Chisholm <rchishol@math.ethz.ch> for pointing this
+ one out.
+
+Version 3.12 08/05/95
+ As pointed out by The Crypt Keeper <tck@bend.UCSD.EDU>,
+ my D_ENCRYPT macro in crypt() had an un-necessary variable.
+ It has been removed.
+
+Version 3.11 03/05/95
+ Added des_ede3_cbc_encrypt() which is cbc mode des with 3 keys
+ and one iv. It is a standard and I needed it for my SSL code.
+ It makes more sense to use this for triple DES than
+ 3cbc_encrypt(). I have also added (or should I say tested :-)
+ cfb64_encrypt() which is cfb64 but it will encrypt a partial
+ number of bytes - 3 bytes in 3 bytes out. Again this is for
+ my SSL library, as a form of encryption to use with SSL
+ telnet.
+
+Version 3.10 22/03/95
+ Fixed a bug in 3cbc_encrypt() :-(. When making repeated calls
+ to cbc3_encrypt, the 2 iv values that were being returned to
+ be used in the next call were reversed :-(.
+ Many thanks to Bill Wade <wade@Stoner.COM> for pointing out
+ this error.
+
+Version 3.09 01/02/95
+ Fixed des_random_key to far more random, it was rather feeble
+ with regards to picking the initial seed. The problem was
+ pointed out by Olaf Kirch <okir@monad.swb.de>.
+
+Version 3.08 14/12/94
+ Added Makefile.PL so libdes can be built into perl5.
+ Changed des_locl.h so RAND is always defined.
+
+Version 3.07 05/12/94
+ Added GNUmake and stuff so the library can be build with
+ glibc.
+
+Version 3.06 30/08/94
+ Added rpc_enc.c which contains _des_crypt. This is for use in
+ secure_rpc v 4.0
+ Finally fixed the cfb_enc problems.
+ Fixed a few parameter parsing bugs in des (-3 and -b), thanks
+ to Rob McMillan <R.McMillan@its.gu.edu.au>
+
+Version 3.05 21/04/94
+ for unsigned long l; gcc does not produce ((l>>34) == 0)
+ This causes bugs in cfb_enc.
+ Thanks to Hadmut Danisch <danisch@ira.uka.de>
+
+Version 3.04 20/04/94
+ Added a version number to des.c and libdes.a
+
+Version 3.03 12/01/94
+ Fixed a bug in non zero iv in 3cbc_enc.
+
+Version 3.02 29/10/93
+ I now work in a place where there are 6+ architectures and 14+
+ OS versions :-).
+ Fixed TERMIO definition so the most sys V boxes will work :-)
+
+Release upon comp.sources.misc
+Version 3.01 08/10/93
+ Added des_3cbc_encrypt()
+
+Version 3.00 07/10/93
+ Fixed up documentation.
+ quad_cksum definitely compatible with MIT's now.
+
+Version 2.30 24/08/93
+ Triple DES now defaults to triple cbc but can do triple ecb
+ with the -b flag.
+ Fixed some MSDOS uuen/uudecoding problems, thanks to
+ Added prototypes.
+
+Version 2.22 29/06/93
+ Fixed a bug in des_is_weak_key() which stopped it working :-(
+ thanks to engineering@MorningStar.Com.
+
+Version 2.21 03/06/93
+ des(1) with no arguments gives quite a bit of help.
+ Added -c (generate ckecksum) flag to des(1).
+ Added -3 (triple DES) flag to des(1).
+ Added cfb and ofb routines to the library.
+
+Version 2.20 11/03/93
+ Added -u (uuencode) flag to des(1).
+ I have been playing with byte order in quad_cksum to make it
+ compatible with MIT's version. All I can say is avid this
+ function if possible since MIT's output is endian dependent.
+
+Version 2.12 14/10/92
+ Added MSDOS specific macro in ecb_encrypt which gives a %70
+ speed up when the code is compiled with turbo C.
+
+Version 2.11 12/10/92
+ Speedup in set_key (recoding of PC-1)
+ I now do it in 47 simple operations, down from 60.
+ Thanks to John Fletcher (john_fletcher@lccmail.ocf.llnl.gov)
+ for motivating me to look for a faster system :-)
+ The speedup is probably less that 1% but it is still 13
+ instructions less :-).
+
+Version 2.10 06/10/92
+ The code now works on the 64bit ETA10 and CRAY without modifications or
+ #defines. I believe the code should work on any machine that
+ defines long, int or short to be 8 bytes long.
+ Thanks to Shabbir J. Safdar (shabby@mentor.cc.purdue.edu)
+ for helping me fix the code to run on 64bit machines (he had
+ access to an ETA10).
+ Thanks also to John Fletcher <john_fletcher@lccmail.ocf.llnl.gov>
+ for testing the routines on a CRAY.
+ read_password.c has been renamed to read_passwd.c
+ string_to_key.c has been renamed to string2key.c
+
+Version 2.00 14/09/92
+ Made mods so that the library should work on 64bit CPU's.
+ Removed all my uchar and ulong defs. To many different
+ versions of unix define them in their header files in too many
+ different combinations :-)
+ IRIX - Sillicon Graphics mods (mostly in read_password.c).
+ Thanks to Andrew Daviel (advax@erich.triumf.ca)
+
+Version 1.99 26/08/92
+ Fixed a bug or 2 in enc_read.c
+ Fixed a bug in enc_write.c
+ Fixed a pseudo bug in fcrypt.c (very obscure).
+
+Version 1.98 31/07/92
+ Support for the ETA10. This is a strange machine that defines
+ longs and ints as 8 bytes and shorts as 4 bytes.
+ Since I do evil things with long * that assume that they are 4
+ bytes. Look in the Makefile for the option to compile for
+ this machine. quad_cksum appears to have problems but I
+ will don't have the time to fix it right now, and this is not
+ a function that uses DES and so will not effect the main uses
+ of the library.
+
+Version 1.97 20/05/92 eay
+ Fixed the Imakefile and made some changes to des.h to fix some
+ problems when building this package with Kerberos v 4.
+
+Version 1.96 18/05/92 eay
+ Fixed a small bug in string_to_key() where problems could
+ occur if des_check_key was set to true and the string
+ generated a weak key.
+
+Patch2 posted to comp.sources.misc
+Version 1.95 13/05/92 eay
+ Added an alternative version of the D_ENCRYPT macro in
+ ecb_encrypt and fcrypt. Depending on the compiler, one version or the
+ other will be faster. This was inspired by
+ Dana How <how@isl.stanford.edu>, and her pointers about doing the
+ *(ulong *)((uchar *)ptr+(value&0xfc))
+ vs
+ ptr[value&0x3f]
+ to stop the C compiler doing a <<2 to convert the long array index.
+
+Version 1.94 05/05/92 eay
+ Fixed an incompatibility between my string_to_key and the MIT
+ version. When the key is longer than 8 chars, I was wrapping
+ with a different method. To use the old version, define
+ OLD_STR_TO_KEY in the makefile. Thanks to
+ viktor@newsu.shearson.com (Viktor Dukhovni).
+
+Version 1.93 28/04/92 eay
+ Fixed the VMS mods so that echo is now turned off in
+ read_password. Thanks again to brennan@coco.cchs.su.oz.AU.
+ MSDOS support added. The routines can be compiled with
+ Turbo C (v2.0) and MSC (v5.1). Make sure MSDOS is defined.
+
+Patch1 posted to comp.sources.misc
+Version 1.92 13/04/92 eay
+ Changed D_ENCRYPT so that the rotation of R occurs outside of
+ the loop. This required rotating all the longs in sp.h (now
+ called spr.h). Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
+ speed.c has been changed so it will work without SIGALRM. If
+ times(3) is not present it will try to use ftime() instead.
+
+Version 1.91 08/04/92 eay
+ Added -E/-D options to des(1) so it can use string_to_key.
+ Added SVR4 mods suggested by witr@rwwa.COM
+ Added VMS mods suggested by brennan@coco.cchs.su.oz.AU. If
+ anyone knows how to turn of tty echo in VMS please tell me or
+ implement it yourself :-).
+ Changed FILE *IN/*OUT to *DES_IN/*DES_OUT since it appears VMS
+ does not like IN/OUT being used.
+
+Libdes posted to comp.sources.misc
+Version 1.9 24/03/92 eay
+ Now contains a fast small crypt replacement.
+ Added des(1) command.
+ Added des_rw_mode so people can use cbc encryption with
+ enc_read and enc_write.
+
+Version 1.8 15/10/91 eay
+ Bug in cbc_cksum.
+ Many thanks to Keith Reynolds (keithr@sco.COM) for pointing this
+ one out.
+
+Version 1.7 24/09/91 eay
+ Fixed set_key :-)
+ set_key is 4 times faster and takes less space.
+ There are a few minor changes that could be made.
+
+Version 1.6 19/09/1991 eay
+ Finally go IP and FP finished.
+ Now I need to fix set_key.
+ This version is quite a bit faster that 1.51
+
+Version 1.52 15/06/1991 eay
+ 20% speedup in ecb_encrypt by changing the E bit selection
+ to use 2 32bit words. This also required modification of the
+ sp table. There is still a way to speedup the IP and IP-1
+ (hints from outer@sq.com) still working on this one :-(.
+
+Version 1.51 07/06/1991 eay
+ Faster des_encrypt by loop unrolling
+ Fixed bug in quad_cksum.c (thanks to hughes@logos.ucs.indiana.edu)
+
+Version 1.50 28/05/1991 eay
+ Optimised the code a bit more for the sparc. I have improved the
+ speed of the inner des_encrypt by speeding up the initial and
+ final permutations.
+
+Version 1.40 23/10/1990 eay
+ Fixed des_random_key, it did not produce a random key :-(
+
+Version 1.30 2/10/1990 eay
+ Have made des_quad_cksum the same as MIT's, the full package
+ should be compatible with MIT's
+ Have tested on a DECstation 3100
+ Still need to fix des_set_key (make it faster).
+ Does des_cbc_encrypts at 70.5k/sec on a 3100.
+
+Version 1.20 18/09/1990 eay
+ Fixed byte order dependencies.
+ Fixed (I hope) all the word alignment problems.
+ Speedup in des_ecb_encrypt.
+
+Version 1.10 11/09/1990 eay
+ Added des_enc_read and des_enc_write.
+ Still need to fix des_quad_cksum.
+ Still need to document des_enc_read and des_enc_write.
+
+Version 1.00 27/08/1990 eay
+
diff --git a/src/lib/libssl/src/crypto/des/asm/crypt586.pl b/src/lib/libssl/src/crypto/des/asm/crypt586.pl
new file mode 100644
index 0000000000..297e38dec8
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/asm/crypt586.pl
@@ -0,0 +1,204 @@
+#!/usr/bin/perl
+#
+# The inner loop instruction sequence and the IP/FP modifications are from
+# Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>
+# I've added the stuff needed for crypt() but I've not worried about making
+# things perfect.
+#
+
+push(@INC,"perlasm","../../perlasm");
+require "x86asm.pl";
+
+&asm_init($ARGV[0],"crypt586.pl");
+
+$L="edi";
+$R="esi";
+
+&external_label("des_SPtrans");
+&fcrypt_body("fcrypt_body");
+&asm_finish();
+
+sub fcrypt_body
+ {
+ local($name,$do_ip)=@_;
+
+ &function_begin($name,"EXTRN _des_SPtrans:DWORD");
+
+ &comment("");
+ &comment("Load the 2 words");
+ $ks="ebp";
+
+ &xor( $L, $L);
+ &xor( $R, $R);
+ &mov($ks,&wparam(1));
+
+ &push(25); # add a variable
+
+ &set_label("start");
+ for ($i=0; $i<16; $i+=2)
+ {
+ &comment("");
+ &comment("Round $i");
+ &D_ENCRYPT($i,$L,$R,$i*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");
+
+ &comment("");
+ &comment("Round ".sprintf("%d",$i+1));
+ &D_ENCRYPT($i+1,$R,$L,($i+1)*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");
+ }
+ &mov("ebx", &swtmp(0));
+ &mov("eax", $L);
+ &dec("ebx");
+ &mov($L, $R);
+ &mov($R, "eax");
+ &mov(&swtmp(0), "ebx");
+ &jnz(&label("start"));
+
+ &comment("");
+ &comment("FP");
+ &mov("edx",&wparam(0));
+
+ &FP_new($R,$L,"eax",3);
+ &mov(&DWP(0,"edx","",0),"eax");
+ &mov(&DWP(4,"edx","",0),$L);
+
+ &pop("ecx"); # remove variable
+
+ &function_end($name);
+ }
+
+sub D_ENCRYPT
+ {
+ local($r,$L,$R,$S,$ks,$desSP,$u,$tmp1,$tmp2,$t)=@_;
+
+ &mov( $u, &wparam(2)); # 2
+ &mov( $t, $R);
+ &shr( $t, 16); # 1
+ &mov( $tmp2, &wparam(3)); # 2
+ &xor( $t, $R); # 1
+
+ &and( $u, $t); # 2
+ &and( $t, $tmp2); # 2
+
+ &mov( $tmp1, $u);
+ &shl( $tmp1, 16); # 1
+ &mov( $tmp2, $t);
+ &shl( $tmp2, 16); # 1
+ &xor( $u, $tmp1); # 2
+ &xor( $t, $tmp2); # 2
+ &mov( $tmp1, &DWP(&n2a($S*4),$ks,"",0)); # 2
+ &xor( $u, $tmp1);
+ &mov( $tmp2, &DWP(&n2a(($S+1)*4),$ks,"",0)); # 2
+ &xor( $u, $R);
+ &xor( $t, $R);
+ &xor( $t, $tmp2);
+
+ &and( $u, "0xfcfcfcfc" ); # 2
+ &xor( $tmp1, $tmp1); # 1
+ &and( $t, "0xcfcfcfcf" ); # 2
+ &xor( $tmp2, $tmp2);
+ &movb( &LB($tmp1), &LB($u) );
+ &movb( &LB($tmp2), &HB($u) );
+ &rotr( $t, 4 );
+ &mov( $ks, &DWP(" $desSP",$tmp1,"",0));
+ &movb( &LB($tmp1), &LB($t) );
+ &xor( $L, $ks);
+ &mov( $ks, &DWP("0x200+$desSP",$tmp2,"",0));
+ &xor( $L, $ks);
+ &movb( &LB($tmp2), &HB($t) );
+ &shr( $u, 16);
+ &mov( $ks, &DWP("0x100+$desSP",$tmp1,"",0));
+ &xor( $L, $ks);
+ &movb( &LB($tmp1), &HB($u) );
+ &shr( $t, 16);
+ &mov( $ks, &DWP("0x300+$desSP",$tmp2,"",0));
+ &xor( $L, $ks);
+ &mov( $ks, &wparam(1));
+ &movb( &LB($tmp2), &HB($t) );
+ &and( $u, "0xff" );
+ &and( $t, "0xff" );
+ &mov( $tmp1, &DWP("0x600+$desSP",$tmp1,"",0));
+ &xor( $L, $tmp1);
+ &mov( $tmp1, &DWP("0x700+$desSP",$tmp2,"",0));
+ &xor( $L, $tmp1);
+ &mov( $tmp1, &DWP("0x400+$desSP",$u,"",0));
+ &xor( $L, $tmp1);
+ &mov( $tmp1, &DWP("0x500+$desSP",$t,"",0));
+ &xor( $L, $tmp1);
+ }
+
+sub n2a
+ {
+ sprintf("%d",$_[0]);
+ }
+
+# now has a side affect of rotating $a by $shift
+sub R_PERM_OP
+ {
+ local($a,$b,$tt,$shift,$mask,$last)=@_;
+
+ &rotl( $a, $shift ) if ($shift != 0);
+ &mov( $tt, $a );
+ &xor( $a, $b );
+ &and( $a, $mask );
+ if ($notlast eq $b)
+ {
+ &xor( $b, $a );
+ &xor( $tt, $a );
+ }
+ else
+ {
+ &xor( $tt, $a );
+ &xor( $b, $a );
+ }
+ &comment("");
+ }
+
+sub IP_new
+ {
+ local($l,$r,$tt,$lr)=@_;
+
+ &R_PERM_OP($l,$r,$tt, 4,"0xf0f0f0f0",$l);
+ &R_PERM_OP($r,$tt,$l,20,"0xfff0000f",$l);
+ &R_PERM_OP($l,$tt,$r,14,"0x33333333",$r);
+ &R_PERM_OP($tt,$r,$l,22,"0x03fc03fc",$r);
+ &R_PERM_OP($l,$r,$tt, 9,"0xaaaaaaaa",$r);
+
+ if ($lr != 3)
+ {
+ if (($lr-3) < 0)
+ { &rotr($tt, 3-$lr); }
+ else { &rotl($tt, $lr-3); }
+ }
+ if ($lr != 2)
+ {
+ if (($lr-2) < 0)
+ { &rotr($r, 2-$lr); }
+ else { &rotl($r, $lr-2); }
+ }
+ }
+
+sub FP_new
+ {
+ local($l,$r,$tt,$lr)=@_;
+
+ if ($lr != 2)
+ {
+ if (($lr-2) < 0)
+ { &rotl($r, 2-$lr); }
+ else { &rotr($r, $lr-2); }
+ }
+ if ($lr != 3)
+ {
+ if (($lr-3) < 0)
+ { &rotl($l, 3-$lr); }
+ else { &rotr($l, $lr-3); }
+ }
+
+ &R_PERM_OP($l,$r,$tt, 0,"0xaaaaaaaa",$r);
+ &R_PERM_OP($tt,$r,$l,23,"0x03fc03fc",$r);
+ &R_PERM_OP($l,$r,$tt,10,"0x33333333",$l);
+ &R_PERM_OP($r,$tt,$l,18,"0xfff0000f",$l);
+ &R_PERM_OP($l,$tt,$r,12,"0xf0f0f0f0",$r);
+ &rotr($tt , 4);
+ }
+
diff --git a/src/lib/libssl/src/crypto/des/asm/des-586.pl b/src/lib/libssl/src/crypto/des/asm/des-586.pl
new file mode 100644
index 0000000000..7f2e09fa7a
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/asm/des-586.pl
@@ -0,0 +1,251 @@
+#!/usr/bin/perl
+#
+# The inner loop instruction sequence and the IP/FP modifications are from
+# Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>
+#
+
+push(@INC,"perlasm","../../perlasm");
+require "x86asm.pl";
+require "cbc.pl";
+require "desboth.pl";
+
+# base code is in microsft
+# op dest, source
+# format.
+#
+
+&asm_init($ARGV[0],"des-586.pl");
+
+$L="edi";
+$R="esi";
+
+&external_label("des_SPtrans");
+&des_encrypt("des_encrypt",1);
+&des_encrypt("des_encrypt2",0);
+&des_encrypt3("des_encrypt3",1);
+&des_encrypt3("des_decrypt3",0);
+&cbc("des_ncbc_encrypt","des_encrypt","des_encrypt",0,4,5,3,5,-1);
+&cbc("des_ede3_cbc_encrypt","des_encrypt3","des_decrypt3",0,6,7,3,4,5);
+
+&asm_finish();
+
+sub des_encrypt
+ {
+ local($name,$do_ip)=@_;
+
+ &function_begin_B($name,"EXTRN _des_SPtrans:DWORD");
+
+ &push("esi");
+ &push("edi");
+
+ &comment("");
+ &comment("Load the 2 words");
+ $ks="ebp";
+
+ if ($do_ip)
+ {
+ &mov($R,&wparam(0));
+ &xor( "ecx", "ecx" );
+
+ &push("ebx");
+ &push("ebp");
+
+ &mov("eax",&DWP(0,$R,"",0));
+ &mov("ebx",&wparam(2)); # get encrypt flag
+ &mov($L,&DWP(4,$R,"",0));
+ &comment("");
+ &comment("IP");
+ &IP_new("eax",$L,$R,3);
+ }
+ else
+ {
+ &mov("eax",&wparam(0));
+ &xor( "ecx", "ecx" );
+
+ &push("ebx");
+ &push("ebp");
+
+ &mov($R,&DWP(0,"eax","",0));
+ &mov("ebx",&wparam(2)); # get encrypt flag
+ &rotl($R,3);
+ &mov($L,&DWP(4,"eax","",0));
+ &rotl($L,3);
+ }
+
+ &mov( $ks, &wparam(1) );
+ &cmp("ebx","0");
+ &je(&label("start_decrypt"));
+
+ for ($i=0; $i<16; $i+=2)
+ {
+ &comment("");
+ &comment("Round $i");
+ &D_ENCRYPT($i,$L,$R,$i*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");
+
+ &comment("");
+ &comment("Round ".sprintf("%d",$i+1));
+ &D_ENCRYPT($i+1,$R,$L,($i+1)*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");
+ }
+ &jmp(&label("end"));
+
+ &set_label("start_decrypt");
+
+ for ($i=15; $i>0; $i-=2)
+ {
+ &comment("");
+ &comment("Round $i");
+ &D_ENCRYPT(15-$i,$L,$R,$i*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");
+ &comment("");
+ &comment("Round ".sprintf("%d",$i-1));
+ &D_ENCRYPT(15-$i+1,$R,$L,($i-1)*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");
+ }
+
+ &set_label("end");
+
+ if ($do_ip)
+ {
+ &comment("");
+ &comment("FP");
+ &mov("edx",&wparam(0));
+ &FP_new($L,$R,"eax",3);
+
+ &mov(&DWP(0,"edx","",0),"eax");
+ &mov(&DWP(4,"edx","",0),$R);
+ }
+ else
+ {
+ &comment("");
+ &comment("Fixup");
+ &rotr($L,3); # r
+ &mov("eax",&wparam(0));
+ &rotr($R,3); # l
+ &mov(&DWP(0,"eax","",0),$L);
+ &mov(&DWP(4,"eax","",0),$R);
+ }
+
+ &pop("ebp");
+ &pop("ebx");
+ &pop("edi");
+ &pop("esi");
+ &ret();
+
+ &function_end_B($name);
+ }
+
+sub D_ENCRYPT
+ {
+ local($r,$L,$R,$S,$ks,$desSP,$u,$tmp1,$tmp2,$t)=@_;
+
+ &mov( $u, &DWP(&n2a($S*4),$ks,"",0));
+ &xor( $tmp1, $tmp1);
+ &mov( $t, &DWP(&n2a(($S+1)*4),$ks,"",0));
+ &xor( $u, $R);
+ &xor( $t, $R);
+ &and( $u, "0xfcfcfcfc" );
+ &and( $t, "0xcfcfcfcf" );
+ &movb( &LB($tmp1), &LB($u) );
+ &movb( &LB($tmp2), &HB($u) );
+ &rotr( $t, 4 );
+ &mov( $ks, &DWP(" $desSP",$tmp1,"",0));
+ &movb( &LB($tmp1), &LB($t) );
+ &xor( $L, $ks);
+ &mov( $ks, &DWP("0x200+$desSP",$tmp2,"",0));
+ &xor( $L, $ks); ######
+ &movb( &LB($tmp2), &HB($t) );
+ &shr( $u, 16);
+ &mov( $ks, &DWP("0x100+$desSP",$tmp1,"",0));
+ &xor( $L, $ks); ######
+ &movb( &LB($tmp1), &HB($u) );
+ &shr( $t, 16);
+ &mov( $ks, &DWP("0x300+$desSP",$tmp2,"",0));
+ &xor( $L, $ks);
+ &mov( $ks, &wparam(1) );
+ &movb( &LB($tmp2), &HB($t) );
+ &and( $u, "0xff" );
+ &and( $t, "0xff" );
+ &mov( $tmp1, &DWP("0x600+$desSP",$tmp1,"",0));
+ &xor( $L, $tmp1);
+ &mov( $tmp1, &DWP("0x700+$desSP",$tmp2,"",0));
+ &xor( $L, $tmp1);
+ &mov( $tmp1, &DWP("0x400+$desSP",$u,"",0));
+ &xor( $L, $tmp1);
+ &mov( $tmp1, &DWP("0x500+$desSP",$t,"",0));
+ &xor( $L, $tmp1);
+ }
+
+sub n2a
+ {
+ sprintf("%d",$_[0]);
+ }
+
+# now has a side affect of rotating $a by $shift
+sub R_PERM_OP
+ {
+ local($a,$b,$tt,$shift,$mask,$last)=@_;
+
+ &rotl( $a, $shift ) if ($shift != 0);
+ &mov( $tt, $a );
+ &xor( $a, $b );
+ &and( $a, $mask );
+ if (!$last eq $b)
+ {
+ &xor( $b, $a );
+ &xor( $tt, $a );
+ }
+ else
+ {
+ &xor( $tt, $a );
+ &xor( $b, $a );
+ }
+ &comment("");
+ }
+
+sub IP_new
+ {
+ local($l,$r,$tt,$lr)=@_;
+
+ &R_PERM_OP($l,$r,$tt, 4,"0xf0f0f0f0",$l);
+ &R_PERM_OP($r,$tt,$l,20,"0xfff0000f",$l);
+ &R_PERM_OP($l,$tt,$r,14,"0x33333333",$r);
+ &R_PERM_OP($tt,$r,$l,22,"0x03fc03fc",$r);
+ &R_PERM_OP($l,$r,$tt, 9,"0xaaaaaaaa",$r);
+
+ if ($lr != 3)
+ {
+ if (($lr-3) < 0)
+ { &rotr($tt, 3-$lr); }
+ else { &rotl($tt, $lr-3); }
+ }
+ if ($lr != 2)
+ {
+ if (($lr-2) < 0)
+ { &rotr($r, 2-$lr); }
+ else { &rotl($r, $lr-2); }
+ }
+ }
+
+sub FP_new
+ {
+ local($l,$r,$tt,$lr)=@_;
+
+ if ($lr != 2)
+ {
+ if (($lr-2) < 0)
+ { &rotl($r, 2-$lr); }
+ else { &rotr($r, $lr-2); }
+ }
+ if ($lr != 3)
+ {
+ if (($lr-3) < 0)
+ { &rotl($l, 3-$lr); }
+ else { &rotr($l, $lr-3); }
+ }
+
+ &R_PERM_OP($l,$r,$tt, 0,"0xaaaaaaaa",$r);
+ &R_PERM_OP($tt,$r,$l,23,"0x03fc03fc",$r);
+ &R_PERM_OP($l,$r,$tt,10,"0x33333333",$l);
+ &R_PERM_OP($r,$tt,$l,18,"0xfff0000f",$l);
+ &R_PERM_OP($l,$tt,$r,12,"0xf0f0f0f0",$r);
+ &rotr($tt , 4);
+ }
+
diff --git a/src/lib/libssl/src/crypto/des/asm/des686.pl b/src/lib/libssl/src/crypto/des/asm/des686.pl
new file mode 100644
index 0000000000..cf1a82fb5c
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/asm/des686.pl
@@ -0,0 +1,230 @@
+#!/usr/bin/perl
+
+$prog="des686.pl";
+
+# base code is in microsft
+# op dest, source
+# format.
+#
+
+# WILL NOT WORK ANYMORE WITH desboth.pl
+require "desboth.pl";
+
+if ( ($ARGV[0] eq "elf"))
+ { require "x86unix.pl"; }
+elsif ( ($ARGV[0] eq "a.out"))
+ { $aout=1; require "x86unix.pl"; }
+elsif ( ($ARGV[0] eq "sol"))
+ { $sol=1; require "x86unix.pl"; }
+elsif ( ($ARGV[0] eq "cpp"))
+ { $cpp=1; require "x86unix.pl"; }
+elsif ( ($ARGV[0] eq "win32"))
+ { require "x86ms.pl"; }
+else
+ {
+ print STDERR <<"EOF";
+Pick one target type from
+ elf - linux, FreeBSD etc
+ a.out - old linux
+ sol - x86 solaris
+ cpp - format so x86unix.cpp can be used
+ win32 - Windows 95/Windows NT
+EOF
+ exit(1);
+ }
+
+&comment("Don't even think of reading this code");
+&comment("It was automatically generated by $prog");
+&comment("Which is a perl program used to generate the x86 assember for");
+&comment("any of elf, a.out, Win32, or Solaris");
+&comment("It can be found in SSLeay 0.6.5+ or in libdes 3.26+");
+&comment("eric <eay\@cryptsoft.com>");
+&comment("");
+
+&file("dx86xxxx");
+
+$L="edi";
+$R="esi";
+
+&des_encrypt("des_encrypt",1);
+&des_encrypt("des_encrypt2",0);
+
+&des_encrypt3("des_encrypt3",1);
+&des_encrypt3("des_decrypt3",0);
+
+&file_end();
+
+sub des_encrypt
+ {
+ local($name,$do_ip)=@_;
+
+ &function_begin($name,"EXTRN _des_SPtrans:DWORD");
+
+ &comment("");
+ &comment("Load the 2 words");
+ &mov("eax",&wparam(0));
+ &mov($L,&DWP(0,"eax","",0));
+ &mov($R,&DWP(4,"eax","",0));
+
+ $ksp=&wparam(1);
+
+ if ($do_ip)
+ {
+ &comment("");
+ &comment("IP");
+ &IP_new($L,$R,"eax");
+ }
+
+ &comment("");
+ &comment("fixup rotate");
+ &rotl($R,3);
+ &rotl($L,3);
+ &exch($L,$R);
+
+ &comment("");
+ &comment("load counter, key_schedule and enc flag");
+ &mov("eax",&wparam(2)); # get encrypt flag
+ &mov("ebp",&wparam(1)); # get ks
+ &cmp("eax","0");
+ &je(&label("start_decrypt"));
+
+ # encrypting part
+
+ for ($i=0; $i<16; $i+=2)
+ {
+ &comment("");
+ &comment("Round $i");
+ &D_ENCRYPT($L,$R,$i*2,"ebp","des_SPtrans","ecx","edx","eax","ebx");
+
+ &comment("");
+ &comment("Round ".sprintf("%d",$i+1));
+ &D_ENCRYPT($R,$L,($i+1)*2,"ebp","des_SPtrans","ecx","edx","eax","ebx");
+ }
+ &jmp(&label("end"));
+
+ &set_label("start_decrypt");
+
+ for ($i=15; $i>0; $i-=2)
+ {
+ &comment("");
+ &comment("Round $i");
+ &D_ENCRYPT($L,$R,$i*2,"ebp","des_SPtrans","ecx","edx","eax","ebx");
+ &comment("");
+ &comment("Round ".sprintf("%d",$i-1));
+ &D_ENCRYPT($R,$L,($i-1)*2,"ebp","des_SPtrans","ecx","edx","eax","ebx");
+ }
+
+ &set_label("end");
+
+ &comment("");
+ &comment("Fixup");
+ &rotr($L,3); # r
+ &rotr($R,3); # l
+
+ if ($do_ip)
+ {
+ &comment("");
+ &comment("FP");
+ &FP_new($R,$L,"eax");
+ }
+
+ &mov("eax",&wparam(0));
+ &mov(&DWP(0,"eax","",0),$L);
+ &mov(&DWP(4,"eax","",0),$R);
+
+ &function_end($name);
+ }
+
+
+# The logic is to load R into 2 registers and operate on both at the same time.
+# We also load the 2 R's into 2 more registers so we can do the 'move word down a byte'
+# while also masking the other copy and doing a lookup. We then also accumulate the
+# L value in 2 registers then combine them at the end.
+sub D_ENCRYPT
+ {
+ local($L,$R,$S,$ks,$desSP,$u,$t,$tmp1,$tmp2,$tmp3)=@_;
+
+ &mov( $u, &DWP(&n2a($S*4),$ks,"",0));
+ &mov( $t, &DWP(&n2a(($S+1)*4),$ks,"",0));
+ &xor( $u, $R );
+ &xor( $t, $R );
+ &rotr( $t, 4 );
+
+ # the numbers at the end of the line are origional instruction order
+ &mov( $tmp2, $u ); # 1 2
+ &mov( $tmp1, $t ); # 1 1
+ &and( $tmp2, "0xfc" ); # 1 4
+ &and( $tmp1, "0xfc" ); # 1 3
+ &shr( $t, 8 ); # 1 5
+ &xor( $L, &DWP("0x100+$desSP",$tmp1,"",0)); # 1 7
+ &shr( $u, 8 ); # 1 6
+ &mov( $tmp1, &DWP(" $desSP",$tmp2,"",0)); # 1 8
+
+ &mov( $tmp2, $u ); # 2 2
+ &xor( $L, $tmp1 ); # 1 9
+ &and( $tmp2, "0xfc" ); # 2 4
+ &mov( $tmp1, $t ); # 2 1
+ &and( $tmp1, "0xfc" ); # 2 3
+ &shr( $t, 8 ); # 2 5
+ &xor( $L, &DWP("0x300+$desSP",$tmp1,"",0)); # 2 7
+ &shr( $u, 8 ); # 2 6
+ &mov( $tmp1, &DWP("0x200+$desSP",$tmp2,"",0)); # 2 8
+ &mov( $tmp2, $u ); # 3 2
+
+ &xor( $L, $tmp1 ); # 2 9
+ &and( $tmp2, "0xfc" ); # 3 4
+
+ &mov( $tmp1, $t ); # 3 1
+ &shr( $u, 8 ); # 3 6
+ &and( $tmp1, "0xfc" ); # 3 3
+ &shr( $t, 8 ); # 3 5
+ &xor( $L, &DWP("0x500+$desSP",$tmp1,"",0)); # 3 7
+ &mov( $tmp1, &DWP("0x400+$desSP",$tmp2,"",0)); # 3 8
+
+ &and( $t, "0xfc" ); # 4 1
+ &xor( $L, $tmp1 ); # 3 9
+
+ &and( $u, "0xfc" ); # 4 2
+ &xor( $L, &DWP("0x700+$desSP",$t,"",0)); # 4 3
+ &xor( $L, &DWP("0x600+$desSP",$u,"",0)); # 4 4
+ }
+
+sub PERM_OP
+ {
+ local($a,$b,$tt,$shift,$mask)=@_;
+
+ &mov( $tt, $a );
+ &shr( $tt, $shift );
+ &xor( $tt, $b );
+ &and( $tt, $mask );
+ &xor( $b, $tt );
+ &shl( $tt, $shift );
+ &xor( $a, $tt );
+ }
+
+sub IP_new
+ {
+ local($l,$r,$tt)=@_;
+
+ &PERM_OP($r,$l,$tt, 4,"0x0f0f0f0f");
+ &PERM_OP($l,$r,$tt,16,"0x0000ffff");
+ &PERM_OP($r,$l,$tt, 2,"0x33333333");
+ &PERM_OP($l,$r,$tt, 8,"0x00ff00ff");
+ &PERM_OP($r,$l,$tt, 1,"0x55555555");
+ }
+
+sub FP_new
+ {
+ local($l,$r,$tt)=@_;
+
+ &PERM_OP($l,$r,$tt, 1,"0x55555555");
+ &PERM_OP($r,$l,$tt, 8,"0x00ff00ff");
+ &PERM_OP($l,$r,$tt, 2,"0x33333333");
+ &PERM_OP($r,$l,$tt,16,"0x0000ffff");
+ &PERM_OP($l,$r,$tt, 4,"0x0f0f0f0f");
+ }
+
+sub n2a
+ {
+ sprintf("%d",$_[0]);
+ }
diff --git a/src/lib/libssl/src/crypto/des/asm/desboth.pl b/src/lib/libssl/src/crypto/des/asm/desboth.pl
new file mode 100644
index 0000000000..8f939953a6
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/asm/desboth.pl
@@ -0,0 +1,79 @@
+#!/usr/bin/perl
+
+$L="edi";
+$R="esi";
+
+sub des_encrypt3
+ {
+ local($name,$enc)=@_;
+
+ &function_begin_B($name,"");
+ &push("ebx");
+ &mov("ebx",&wparam(0));
+
+ &push("ebp");
+ &push("esi");
+
+ &push("edi");
+
+ &comment("");
+ &comment("Load the data words");
+ &mov($L,&DWP(0,"ebx","",0));
+ &mov($R,&DWP(4,"ebx","",0));
+ &stack_push(3);
+
+ &comment("");
+ &comment("IP");
+ &IP_new($L,$R,"edx",0);
+
+ # put them back
+
+ if ($enc)
+ {
+ &mov(&DWP(4,"ebx","",0),$R);
+ &mov("eax",&wparam(1));
+ &mov(&DWP(0,"ebx","",0),"edx");
+ &mov("edi",&wparam(2));
+ &mov("esi",&wparam(3));
+ }
+ else
+ {
+ &mov(&DWP(4,"ebx","",0),$R);
+ &mov("esi",&wparam(1));
+ &mov(&DWP(0,"ebx","",0),"edx");
+ &mov("edi",&wparam(2));
+ &mov("eax",&wparam(3));
+ }
+ &mov(&swtmp(2), (($enc)?"1":"0"));
+ &mov(&swtmp(1), "eax");
+ &mov(&swtmp(0), "ebx");
+ &call("des_encrypt2");
+ &mov(&swtmp(2), (($enc)?"0":"1"));
+ &mov(&swtmp(1), "edi");
+ &mov(&swtmp(0), "ebx");
+ &call("des_encrypt2");
+ &mov(&swtmp(2), (($enc)?"1":"0"));
+ &mov(&swtmp(1), "esi");
+ &mov(&swtmp(0), "ebx");
+ &call("des_encrypt2");
+
+ &stack_pop(3);
+ &mov($L,&DWP(0,"ebx","",0));
+ &mov($R,&DWP(4,"ebx","",0));
+
+ &comment("");
+ &comment("FP");
+ &FP_new($L,$R,"eax",0);
+
+ &mov(&DWP(0,"ebx","",0),"eax");
+ &mov(&DWP(4,"ebx","",0),$R);
+
+ &pop("edi");
+ &pop("esi");
+ &pop("ebp");
+ &pop("ebx");
+ &ret();
+ &function_end_B($name);
+ }
+
+
diff --git a/src/lib/libssl/src/crypto/des/asm/readme b/src/lib/libssl/src/crypto/des/asm/readme
new file mode 100644
index 0000000000..f8529d9307
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/asm/readme
@@ -0,0 +1,131 @@
+First up, let me say I don't like writing in assembler. It is not portable,
+dependant on the particular CPU architecture release and is generally a pig
+to debug and get right. Having said that, the x86 architecture is probably
+the most important for speed due to number of boxes and since
+it appears to be the worst architecture to to get
+good C compilers for. So due to this, I have lowered myself to do
+assembler for the inner DES routines in libdes :-).
+
+The file to implement in assembler is des_enc.c. Replace the following
+4 functions
+des_encrypt(DES_LONG data[2],des_key_schedule ks, int encrypt);
+des_encrypt2(DES_LONG data[2],des_key_schedule ks, int encrypt);
+des_encrypt3(DES_LONG data[2],des_key_schedule ks1,ks2,ks3);
+des_decrypt3(DES_LONG data[2],des_key_schedule ks1,ks2,ks3);
+
+They encrypt/decrypt the 64 bits held in 'data' using
+the 'ks' key schedules. The only difference between the 4 functions is that
+des_encrypt2() does not perform IP() or FP() on the data (this is an
+optimization for when doing triple DES and des_encrypt3() and des_decrypt3()
+perform triple des. The triple DES routines are in here because it does
+make a big difference to have them located near the des_encrypt2 function
+at link time..
+
+Now as we all know, there are lots of different operating systems running on
+x86 boxes, and unfortunately they normally try to make sure their assembler
+formating is not the same as the other peoples.
+The 4 main formats I know of are
+Microsoft Windows 95/Windows NT
+Elf Includes Linux and FreeBSD(?).
+a.out The older Linux.
+Solaris Same as Elf but different comments :-(.
+
+Now I was not overly keen to write 4 different copies of the same code,
+so I wrote a few perl routines to output the correct assembler, given
+a target assembler type. This code is ugly and is just a hack.
+The libraries are x86unix.pl and x86ms.pl.
+des586.pl, des686.pl and des-som[23].pl are the programs to actually
+generate the assembler.
+
+So to generate elf assembler
+perl des-som3.pl elf >dx86-elf.s
+For Windows 95/NT
+perl des-som2.pl win32 >win32.asm
+
+[ update 4 Jan 1996 ]
+I have added another way to do things.
+perl des-som3.pl cpp >dx86-cpp.s
+generates a file that will be included by dx86unix.cpp when it is compiled.
+To build for elf, a.out, solaris, bsdi etc,
+cc -E -DELF asm/dx86unix.cpp | as -o asm/dx86-elf.o
+cc -E -DSOL asm/dx86unix.cpp | as -o asm/dx86-sol.o
+cc -E -DOUT asm/dx86unix.cpp | as -o asm/dx86-out.o
+cc -E -DBSDI asm/dx86unix.cpp | as -o asm/dx86bsdi.o
+This was done to cut down the number of files in the distribution.
+
+Now the ugly part. I acquired my copy of Intels
+"Optimization's For Intel's 32-Bit Processors" and found a few interesting
+things. First, the aim of the exersize is to 'extract' one byte at a time
+from a word and do an array lookup. This involves getting the byte from
+the 4 locations in the word and moving it to a new word and doing the lookup.
+The most obvious way to do this is
+xor eax, eax # clear word
+movb al, cl # get low byte
+xor edi DWORD PTR 0x100+des_SP[eax] # xor in word
+movb al, ch # get next byte
+xor edi DWORD PTR 0x300+des_SP[eax] # xor in word
+shr ecx 16
+which seems ok. For the pentium, this system appears to be the best.
+One has to do instruction interleaving to keep both functional units
+operating, but it is basically very efficient.
+
+Now the crunch. When a full register is used after a partial write, eg.
+mov al, cl
+xor edi, DWORD PTR 0x100+des_SP[eax]
+386 - 1 cycle stall
+486 - 1 cycle stall
+586 - 0 cycle stall
+686 - at least 7 cycle stall (page 22 of the above mentioned document).
+
+So the technique that produces the best results on a pentium, according to
+the documentation, will produce hideous results on a pentium pro.
+
+To get around this, des686.pl will generate code that is not as fast on
+a pentium, should be very good on a pentium pro.
+mov eax, ecx # copy word
+shr ecx, 8 # line up next byte
+and eax, 0fch # mask byte
+xor edi DWORD PTR 0x100+des_SP[eax] # xor in array lookup
+mov eax, ecx # get word
+shr ecx 8 # line up next byte
+and eax, 0fch # mask byte
+xor edi DWORD PTR 0x300+des_SP[eax] # xor in array lookup
+
+Due to the execution units in the pentium, this actually works quite well.
+For a pentium pro it should be very good. This is the type of output
+Visual C++ generates.
+
+There is a third option. instead of using
+mov al, ch
+which is bad on the pentium pro, one may be able to use
+movzx eax, ch
+which may not incur the partial write penalty. On the pentium,
+this instruction takes 4 cycles so is not worth using but on the
+pentium pro it appears it may be worth while. I need access to one to
+experiment :-).
+
+eric (20 Oct 1996)
+
+22 Nov 1996 - I have asked people to run the 2 different version on pentium
+pros and it appears that the intel documentation is wrong. The
+mov al,bh is still faster on a pentium pro, so just use the des586.pl
+install des686.pl
+
+3 Dec 1996 - I added des_encrypt3/des_decrypt3 because I have moved these
+functions into des_enc.c because it does make a massive performance
+difference on some boxes to have the functions code located close to
+the des_encrypt2() function.
+
+9 Jan 1997 - des-som2.pl is now the correct perl script to use for
+pentiums. It contains an inner loop from
+Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk> which does raw ecb DES calls at
+273,000 per second. He had a previous version at 250,000 and the best
+I was able to get was 203,000. The content has not changed, this is all
+due to instruction sequencing (and actual instructions choice) which is able
+to keep both functional units of the pentium going.
+We may have lost the ugly register usage restrictions when x86 went 32 bit
+but for the pentium it has been replaced by evil instruction ordering tricks.
+
+13 Jan 1997 - des-som3.pl, more optimizations from Svend Olaf.
+raw DES at 281,000 per second on a pentium 100.
+
diff --git a/src/lib/libssl/src/crypto/des/cbc3_enc.c b/src/lib/libssl/src/crypto/des/cbc3_enc.c
new file mode 100644
index 0000000000..92a78b05d6
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/cbc3_enc.c
@@ -0,0 +1,99 @@
+/* crypto/des/cbc3_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+/* HAS BUGS? DON'T USE - this is only present for use in des.c */
+void des_3cbc_encrypt(input, output, length, ks1, ks2, iv1, iv2, enc)
+des_cblock (*input);
+des_cblock (*output);
+long length;
+des_key_schedule ks1;
+des_key_schedule ks2;
+des_cblock (*iv1);
+des_cblock (*iv2);
+int enc;
+ {
+ int off=((int)length-1)/8;
+ long l8=((length+7)/8)*8;
+ des_cblock niv1,niv2;
+
+ if (enc == DES_ENCRYPT)
+ {
+ des_cbc_encrypt(input,output,length,ks1,iv1,enc);
+ if (length >= sizeof(des_cblock))
+ memcpy(niv1,output[off],sizeof(des_cblock));
+ des_cbc_encrypt(output,output,l8,ks2,iv1,!enc);
+ des_cbc_encrypt(output,output,l8,ks1,iv2, enc);
+ if (length >= sizeof(des_cblock))
+ memcpy(niv2,output[off],sizeof(des_cblock));
+ }
+ else
+ {
+ if (length >= sizeof(des_cblock))
+ memcpy(niv2,input[off],sizeof(des_cblock));
+ des_cbc_encrypt(input,output,l8,ks1,iv2,enc);
+ des_cbc_encrypt(output,output,l8,ks2,iv1,!enc);
+ if (length >= sizeof(des_cblock))
+ memcpy(niv1,output[off],sizeof(des_cblock));
+ des_cbc_encrypt(output,output,length,ks1,iv1, enc);
+ }
+ memcpy(*iv1,niv1,sizeof(des_cblock));
+ memcpy(*iv2,niv2,sizeof(des_cblock));
+ }
+
diff --git a/src/lib/libssl/src/crypto/des/cbc_cksm.c b/src/lib/libssl/src/crypto/des/cbc_cksm.c
new file mode 100644
index 0000000000..edfdec8a0f
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/cbc_cksm.c
@@ -0,0 +1,103 @@
+/* crypto/des/cbc_cksm.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+DES_LONG des_cbc_cksum(input, output, length, schedule, ivec)
+des_cblock (*input);
+des_cblock (*output);
+long length;
+des_key_schedule schedule;
+des_cblock (*ivec);
+ {
+ register DES_LONG tout0,tout1,tin0,tin1;
+ register long l=length;
+ DES_LONG tin[2];
+ unsigned char *in,*out,*iv;
+
+ in=(unsigned char *)input;
+ out=(unsigned char *)output;
+ iv=(unsigned char *)ivec;
+
+ c2l(iv,tout0);
+ c2l(iv,tout1);
+ for (; l>0; l-=8)
+ {
+ if (l >= 8)
+ {
+ c2l(in,tin0);
+ c2l(in,tin1);
+ }
+ else
+ c2ln(in,tin0,tin1,l);
+
+ tin0^=tout0; tin[0]=tin0;
+ tin1^=tout1; tin[1]=tin1;
+ des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
+ /* fix 15/10/91 eay - thanks to keithr@sco.COM */
+ tout0=tin[0];
+ tout1=tin[1];
+ }
+ if (out != NULL)
+ {
+ l2c(tout0,out);
+ l2c(tout1,out);
+ }
+ tout0=tin0=tin1=tin[0]=tin[1]=0;
+ return(tout1);
+ }
diff --git a/src/lib/libssl/src/crypto/des/cbc_enc.c b/src/lib/libssl/src/crypto/des/cbc_enc.c
new file mode 100644
index 0000000000..a84a53633c
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/cbc_enc.c
@@ -0,0 +1,135 @@
+/* crypto/des/cbc_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+void des_cbc_encrypt(input, output, length, schedule, ivec, enc)
+des_cblock (*input);
+des_cblock (*output);
+long length;
+des_key_schedule schedule;
+des_cblock (*ivec);
+int enc;
+ {
+ register DES_LONG tin0,tin1;
+ register DES_LONG tout0,tout1,xor0,xor1;
+ register unsigned char *in,*out;
+ register long l=length;
+ DES_LONG tin[2];
+ unsigned char *iv;
+
+ in=(unsigned char *)input;
+ out=(unsigned char *)output;
+ iv=(unsigned char *)ivec;
+
+ if (enc)
+ {
+ c2l(iv,tout0);
+ c2l(iv,tout1);
+ for (l-=8; l>=0; l-=8)
+ {
+ c2l(in,tin0);
+ c2l(in,tin1);
+ tin0^=tout0; tin[0]=tin0;
+ tin1^=tout1; tin[1]=tin1;
+ des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
+ tout0=tin[0]; l2c(tout0,out);
+ tout1=tin[1]; l2c(tout1,out);
+ }
+ if (l != -8)
+ {
+ c2ln(in,tin0,tin1,l+8);
+ tin0^=tout0; tin[0]=tin0;
+ tin1^=tout1; tin[1]=tin1;
+ des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
+ tout0=tin[0]; l2c(tout0,out);
+ tout1=tin[1]; l2c(tout1,out);
+ }
+ }
+ else
+ {
+ c2l(iv,xor0);
+ c2l(iv,xor1);
+ for (l-=8; l>=0; l-=8)
+ {
+ c2l(in,tin0); tin[0]=tin0;
+ c2l(in,tin1); tin[1]=tin1;
+ des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT);
+ tout0=tin[0]^xor0;
+ tout1=tin[1]^xor1;
+ l2c(tout0,out);
+ l2c(tout1,out);
+ xor0=tin0;
+ xor1=tin1;
+ }
+ if (l != -8)
+ {
+ c2l(in,tin0); tin[0]=tin0;
+ c2l(in,tin1); tin[1]=tin1;
+ des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT);
+ tout0=tin[0]^xor0;
+ tout1=tin[1]^xor1;
+ l2cn(tout0,tout1,out,l+8);
+ /* xor0=tin0;
+ xor1=tin1; */
+ }
+ }
+ tin0=tin1=tout0=tout1=xor0=xor1=0;
+ tin[0]=tin[1]=0;
+ }
+
diff --git a/src/lib/libssl/src/crypto/des/cfb64ede.c b/src/lib/libssl/src/crypto/des/cfb64ede.c
new file mode 100644
index 0000000000..80b8a9eaaa
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/cfb64ede.c
@@ -0,0 +1,151 @@
+/* crypto/des/cfb64ede.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+/* The input and output encrypted as though 64bit cfb mode is being
+ * used. The extra state information to record how much of the
+ * 64bit block we have used is contained in *num;
+ */
+
+void des_ede3_cfb64_encrypt(in, out, length, ks1,ks2,ks3, ivec, num, enc)
+unsigned char *in;
+unsigned char *out;
+long length;
+des_key_schedule ks1,ks2,ks3;
+des_cblock (*ivec);
+int *num;
+int enc;
+ {
+ register DES_LONG v0,v1;
+ register long l=length;
+ register int n= *num;
+ DES_LONG ti[2];
+ unsigned char *iv,c,cc;
+
+ iv=(unsigned char *)ivec;
+ if (enc)
+ {
+ while (l--)
+ {
+ if (n == 0)
+ {
+ c2l(iv,v0);
+ c2l(iv,v1);
+
+ ti[0]=v0;
+ ti[1]=v1;
+ des_encrypt3((DES_LONG *)ti,ks1,ks2,ks3);
+ v0=ti[0];
+ v1=ti[1];
+
+ iv=(unsigned char *)ivec;
+ l2c(v0,iv);
+ l2c(v1,iv);
+ iv=(unsigned char *)ivec;
+ }
+ c= *(in++)^iv[n];
+ *(out++)=c;
+ iv[n]=c;
+ n=(n+1)&0x07;
+ }
+ }
+ else
+ {
+ while (l--)
+ {
+ if (n == 0)
+ {
+ c2l(iv,v0);
+ c2l(iv,v1);
+
+ ti[0]=v0;
+ ti[1]=v1;
+ des_encrypt3((DES_LONG *)ti,ks1,ks2,ks3);
+ v0=ti[0];
+ v1=ti[1];
+
+ iv=(unsigned char *)ivec;
+ l2c(v0,iv);
+ l2c(v1,iv);
+ iv=(unsigned char *)ivec;
+ }
+ cc= *(in++);
+ c=iv[n];
+ iv[n]=cc;
+ *(out++)=c^cc;
+ n=(n+1)&0x07;
+ }
+ }
+ v0=v1=ti[0]=ti[1]=c=cc=0;
+ *num=n;
+ }
+
+#ifdef undef /* MACRO */
+void des_ede2_cfb64_encrypt(in, out, length, ks1,ks2, ivec, num, enc)
+unsigned char *in;
+unsigned char *out;
+long length;
+des_key_schedule ks1,ks2;
+des_cblock (*ivec);
+int *num;
+int enc;
+ {
+ des_ede3_cfb64_encrypt(in,out,length,ks1,ks2,ks1,ivec,num,enc);
+ }
+#endif
diff --git a/src/lib/libssl/src/crypto/des/cfb64enc.c b/src/lib/libssl/src/crypto/des/cfb64enc.c
new file mode 100644
index 0000000000..403da479df
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/cfb64enc.c
@@ -0,0 +1,128 @@
+/* crypto/des/cfb64enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+/* The input and output encrypted as though 64bit cfb mode is being
+ * used. The extra state information to record how much of the
+ * 64bit block we have used is contained in *num;
+ */
+
+void des_cfb64_encrypt(in, out, length, schedule, ivec, num, enc)
+unsigned char *in;
+unsigned char *out;
+long length;
+des_key_schedule schedule;
+des_cblock (*ivec);
+int *num;
+int enc;
+ {
+ register DES_LONG v0,v1;
+ register long l=length;
+ register int n= *num;
+ DES_LONG ti[2];
+ unsigned char *iv,c,cc;
+
+ iv=(unsigned char *)ivec;
+ if (enc)
+ {
+ while (l--)
+ {
+ if (n == 0)
+ {
+ c2l(iv,v0); ti[0]=v0;
+ c2l(iv,v1); ti[1]=v1;
+ des_encrypt((DES_LONG *)ti,
+ schedule,DES_ENCRYPT);
+ iv=(unsigned char *)ivec;
+ v0=ti[0]; l2c(v0,iv);
+ v0=ti[1]; l2c(v0,iv);
+ iv=(unsigned char *)ivec;
+ }
+ c= *(in++)^iv[n];
+ *(out++)=c;
+ iv[n]=c;
+ n=(n+1)&0x07;
+ }
+ }
+ else
+ {
+ while (l--)
+ {
+ if (n == 0)
+ {
+ c2l(iv,v0); ti[0]=v0;
+ c2l(iv,v1); ti[1]=v1;
+ des_encrypt((DES_LONG *)ti,
+ schedule,DES_ENCRYPT);
+ iv=(unsigned char *)ivec;
+ v0=ti[0]; l2c(v0,iv);
+ v0=ti[1]; l2c(v0,iv);
+ iv=(unsigned char *)ivec;
+ }
+ cc= *(in++);
+ c=iv[n];
+ iv[n]=cc;
+ *(out++)=c^cc;
+ n=(n+1)&0x07;
+ }
+ }
+ v0=v1=ti[0]=ti[1]=c=cc=0;
+ *num=n;
+ }
+
diff --git a/src/lib/libssl/src/crypto/des/cfb_enc.c b/src/lib/libssl/src/crypto/des/cfb_enc.c
new file mode 100644
index 0000000000..342e785691
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/cfb_enc.c
@@ -0,0 +1,171 @@
+/* crypto/des/cfb_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+/* The input and output are loaded in multiples of 8 bits.
+ * What this means is that if you hame numbits=12 and length=2
+ * the first 12 bits will be retrieved from the first byte and half
+ * the second. The second 12 bits will come from the 3rd and half the 4th
+ * byte.
+ */
+void des_cfb_encrypt(in, out, numbits, length, schedule, ivec, enc)
+unsigned char *in;
+unsigned char *out;
+int numbits;
+long length;
+des_key_schedule schedule;
+des_cblock (*ivec);
+int enc;
+ {
+ register DES_LONG d0,d1,v0,v1,n=(numbits+7)/8;
+ register DES_LONG mask0,mask1;
+ register unsigned long l=length;
+ register int num=numbits;
+ DES_LONG ti[2];
+ unsigned char *iv;
+
+ if (num > 64) return;
+ if (num > 32)
+ {
+ mask0=0xffffffffL;
+ if (num == 64)
+ mask1=mask0;
+ else mask1=(1L<<(num-32))-1;
+ }
+ else
+ {
+ if (num == 32)
+ mask0=0xffffffffL;
+ else mask0=(1L<<num)-1;
+ mask1=0x00000000L;
+ }
+
+ iv=(unsigned char *)ivec;
+ c2l(iv,v0);
+ c2l(iv,v1);
+ if (enc)
+ {
+ while (l >= n)
+ {
+ l-=n;
+ ti[0]=v0;
+ ti[1]=v1;
+ des_encrypt((DES_LONG *)ti,schedule,DES_ENCRYPT);
+ c2ln(in,d0,d1,n);
+ in+=n;
+ d0=(d0^ti[0])&mask0;
+ d1=(d1^ti[1])&mask1;
+ l2cn(d0,d1,out,n);
+ out+=n;
+ /* 30-08-94 - eay - changed because l>>32 and
+ * l<<32 are bad under gcc :-( */
+ if (num == 32)
+ { v0=v1; v1=d0; }
+ else if (num == 64)
+ { v0=d0; v1=d1; }
+ else if (num > 32) /* && num != 64 */
+ {
+ v0=((v1>>(num-32))|(d0<<(64-num)))&0xffffffffL;
+ v1=((d0>>(num-32))|(d1<<(64-num)))&0xffffffffL;
+ }
+ else /* num < 32 */
+ {
+ v0=((v0>>num)|(v1<<(32-num)))&0xffffffffL;
+ v1=((v1>>num)|(d0<<(32-num)))&0xffffffffL;
+ }
+ }
+ }
+ else
+ {
+ while (l >= n)
+ {
+ l-=n;
+ ti[0]=v0;
+ ti[1]=v1;
+ des_encrypt((DES_LONG *)ti,schedule,DES_ENCRYPT);
+ c2ln(in,d0,d1,n);
+ in+=n;
+ /* 30-08-94 - eay - changed because l>>32 and
+ * l<<32 are bad under gcc :-( */
+ if (num == 32)
+ { v0=v1; v1=d0; }
+ else if (num == 64)
+ { v0=d0; v1=d1; }
+ else if (num > 32) /* && num != 64 */
+ {
+ v0=((v1>>(num-32))|(d0<<(64-num)))&0xffffffffL;
+ v1=((d0>>(num-32))|(d1<<(64-num)))&0xffffffffL;
+ }
+ else /* num < 32 */
+ {
+ v0=((v0>>num)|(v1<<(32-num)))&0xffffffffL;
+ v1=((v1>>num)|(d0<<(32-num)))&0xffffffffL;
+ }
+ d0=(d0^ti[0])&mask0;
+ d1=(d1^ti[1])&mask1;
+ l2cn(d0,d1,out,n);
+ out+=n;
+ }
+ }
+ iv=(unsigned char *)ivec;
+ l2c(v0,iv);
+ l2c(v1,iv);
+ v0=v1=d0=d1=ti[0]=ti[1]=0;
+ }
+
diff --git a/src/lib/libssl/src/crypto/des/des.c b/src/lib/libssl/src/crypto/des/des.c
new file mode 100644
index 0000000000..c1e5005474
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/des.c
@@ -0,0 +1,964 @@
+/* crypto/des/des.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#ifndef MSDOS
+#include <unistd.h>
+#else
+#include <io.h>
+#define RAND
+#endif
+
+#include <time.h>
+#include "des_ver.h"
+
+#ifdef VMS
+#include <types.h>
+#include <stat.h>
+#else
+#ifndef _IRIX
+#include <sys/types.h>
+#endif
+#include <sys/stat.h>
+#endif
+#if defined(NOCONST)
+#define const
+#endif
+#include "des.h"
+
+#if defined(__STDC__) || defined(VMS) || defined(M_XENIX) || defined(MSDOS)
+#include <string.h>
+#endif
+
+#ifdef RAND
+#define random rand
+#define srandom(s) srand(s)
+#endif
+
+#ifndef NOPROTO
+void usage(void);
+void doencryption(void);
+int uufwrite(unsigned char *data, int size, unsigned int num, FILE *fp);
+void uufwriteEnd(FILE *fp);
+int uufread(unsigned char *out,int size,unsigned int num,FILE *fp);
+int uuencode(unsigned char *in,int num,unsigned char *out);
+int uudecode(unsigned char *in,int num,unsigned char *out);
+void des_3cbc_encrypt(des_cblock *input,des_cblock *output,long length,
+ des_key_schedule sk1,des_key_schedule sk2,
+ des_cblock *ivec1,des_cblock *ivec2,int enc);
+#else
+void usage();
+void doencryption();
+int uufwrite();
+void uufwriteEnd();
+int uufread();
+int uuencode();
+int uudecode();
+void des_3cbc_encrypt();
+#endif
+
+#ifdef VMS
+#define EXIT(a) exit(a&0x10000000L)
+#else
+#define EXIT(a) exit(a)
+#endif
+
+#define BUFSIZE (8*1024)
+#define VERIFY 1
+#define KEYSIZ 8
+#define KEYSIZB 1024 /* should hit tty line limit first :-) */
+char key[KEYSIZB+1];
+int do_encrypt,longk=0;
+FILE *DES_IN,*DES_OUT,*CKSUM_OUT;
+char uuname[200];
+unsigned char uubuf[50];
+int uubufnum=0;
+#define INUUBUFN (45*100)
+#define OUTUUBUF (65*100)
+unsigned char b[OUTUUBUF];
+unsigned char bb[300];
+des_cblock cksum={0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
+char cksumname[200]="";
+
+int vflag,cflag,eflag,dflag,kflag,bflag,fflag,sflag,uflag,flag3,hflag,error;
+
+int main(argc, argv)
+int argc;
+char **argv;
+ {
+ int i;
+ struct stat ins,outs;
+ char *p;
+ char *in=NULL,*out=NULL;
+
+ vflag=cflag=eflag=dflag=kflag=hflag=bflag=fflag=sflag=uflag=flag3=0;
+ error=0;
+ memset(key,0,sizeof(key));
+
+ for (i=1; i<argc; i++)
+ {
+ p=argv[i];
+ if ((p[0] == '-') && (p[1] != '\0'))
+ {
+ p++;
+ while (*p)
+ {
+ switch (*(p++))
+ {
+ case '3':
+ flag3=1;
+ longk=1;
+ break;
+ case 'c':
+ cflag=1;
+ strncpy(cksumname,p,200);
+ p+=strlen(cksumname);
+ break;
+ case 'C':
+ cflag=1;
+ longk=1;
+ strncpy(cksumname,p,200);
+ p+=strlen(cksumname);
+ break;
+ case 'e':
+ eflag=1;
+ break;
+ case 'v':
+ vflag=1;
+ break;
+ case 'E':
+ eflag=1;
+ longk=1;
+ break;
+ case 'd':
+ dflag=1;
+ break;
+ case 'D':
+ dflag=1;
+ longk=1;
+ break;
+ case 'b':
+ bflag=1;
+ break;
+ case 'f':
+ fflag=1;
+ break;
+ case 's':
+ sflag=1;
+ break;
+ case 'u':
+ uflag=1;
+ strncpy(uuname,p,200);
+ p+=strlen(uuname);
+ break;
+ case 'h':
+ hflag=1;
+ break;
+ case 'k':
+ kflag=1;
+ if ((i+1) == argc)
+ {
+ fputs("must have a key with the -k option\n",stderr);
+ error=1;
+ }
+ else
+ {
+ int j;
+
+ i++;
+ strncpy(key,argv[i],KEYSIZB);
+ for (j=strlen(argv[i])-1; j>=0; j--)
+ argv[i][j]='\0';
+ }
+ break;
+ default:
+ fprintf(stderr,"'%c' unknown flag\n",p[-1]);
+ error=1;
+ break;
+ }
+ }
+ }
+ else
+ {
+ if (in == NULL)
+ in=argv[i];
+ else if (out == NULL)
+ out=argv[i];
+ else
+ error=1;
+ }
+ }
+ if (error) usage();
+ /* We either
+ * do checksum or
+ * do encrypt or
+ * do decrypt or
+ * do decrypt then ckecksum or
+ * do checksum then encrypt
+ */
+ if (((eflag+dflag) == 1) || cflag)
+ {
+ if (eflag) do_encrypt=DES_ENCRYPT;
+ if (dflag) do_encrypt=DES_DECRYPT;
+ }
+ else
+ {
+ if (vflag)
+ {
+#ifndef _Windows
+ fprintf(stderr,"des(1) built with %s\n",libdes_version);
+#endif
+ EXIT(1);
+ }
+ else usage();
+ }
+
+#ifndef _Windows
+ if (vflag) fprintf(stderr,"des(1) built with %s\n",libdes_version);
+#endif
+ if ( (in != NULL) &&
+ (out != NULL) &&
+#ifndef MSDOS
+ (stat(in,&ins) != -1) &&
+ (stat(out,&outs) != -1) &&
+ (ins.st_dev == outs.st_dev) &&
+ (ins.st_ino == outs.st_ino))
+#else /* MSDOS */
+ (strcmp(in,out) == 0))
+#endif
+ {
+ fputs("input and output file are the same\n",stderr);
+ EXIT(3);
+ }
+
+ if (!kflag)
+ if (des_read_pw_string(key,KEYSIZB+1,"Enter key:",eflag?VERIFY:0))
+ {
+ fputs("password error\n",stderr);
+ EXIT(2);
+ }
+
+ if (in == NULL)
+ DES_IN=stdin;
+ else if ((DES_IN=fopen(in,"r")) == NULL)
+ {
+ perror("opening input file");
+ EXIT(4);
+ }
+
+ CKSUM_OUT=stdout;
+ if (out == NULL)
+ {
+ DES_OUT=stdout;
+ CKSUM_OUT=stderr;
+ }
+ else if ((DES_OUT=fopen(out,"w")) == NULL)
+ {
+ perror("opening output file");
+ EXIT(5);
+ }
+
+#ifdef MSDOS
+ /* This should set the file to binary mode. */
+ {
+#include <fcntl.h>
+ if (!(uflag && dflag))
+ setmode(fileno(DES_IN),O_BINARY);
+ if (!(uflag && eflag))
+ setmode(fileno(DES_OUT),O_BINARY);
+ }
+#endif
+
+ doencryption();
+ fclose(DES_IN);
+ fclose(DES_OUT);
+ EXIT(0);
+ }
+
+void usage()
+ {
+ char **u;
+ static const char *Usage[]={
+"des <options> [input-file [output-file]]",
+"options:",
+"-v : des(1) version number",
+"-e : encrypt using sunOS compatible user key to DES key conversion.",
+"-E : encrypt ",
+"-d : decrypt using sunOS compatible user key to DES key conversion.",
+"-D : decrypt ",
+"-c[ckname] : generate a cbc_cksum using sunOS compatible user key to",
+" DES key conversion and output to ckname (stdout default,",
+" stderr if data being output on stdout). The checksum is",
+" generated before encryption and after decryption if used",
+" in conjunction with -[eEdD].",
+"-C[ckname] : generate a cbc_cksum as for -c but compatible with -[ED].",
+"-k key : use key 'key'",
+"-h : the key that is entered will be a hexidecimal number",
+" that is used directly as the des key",
+"-u[uuname] : input file is uudecoded if -[dD] or output uuencoded data if -[eE]",
+" (uuname is the filename to put in the uuencode header).",
+"-b : encrypt using DES in ecb encryption mode, the defaut is cbc mode.",
+"-3 : encrypt using tripple DES encryption. This uses 2 keys",
+" generated from the input key. If the input key is less",
+" than 8 characters long, this is equivelent to normal",
+" encryption. Default is tripple cbc, -b makes it tripple ecb.",
+NULL
+};
+ for (u=(char **)Usage; *u; u++)
+ {
+ fputs(*u,stderr);
+ fputc('\n',stderr);
+ }
+
+ EXIT(1);
+ }
+
+void doencryption()
+ {
+#ifdef _LIBC
+ extern int srandom();
+ extern int random();
+ extern unsigned long time();
+#endif
+
+ register int i;
+ des_key_schedule ks,ks2;
+ unsigned char iv[8],iv2[8];
+ char *p;
+ int num=0,j,k,l,rem,ll,len,last,ex=0;
+ des_cblock kk,k2;
+ FILE *O;
+ int Exit=0;
+#ifndef MSDOS
+ static unsigned char buf[BUFSIZE+8],obuf[BUFSIZE+8];
+#else
+ static unsigned char *buf=NULL,*obuf=NULL;
+
+ if (buf == NULL)
+ {
+ if ( (( buf=(unsigned char *)Malloc(BUFSIZE+8)) == NULL) ||
+ ((obuf=(unsigned char *)Malloc(BUFSIZE+8)) == NULL))
+ {
+ fputs("Not enough memory\n",stderr);
+ Exit=10;
+ goto problems;
+ }
+ }
+#endif
+
+ if (hflag)
+ {
+ j=(flag3?16:8);
+ p=key;
+ for (i=0; i<j; i++)
+ {
+ k=0;
+ if ((*p <= '9') && (*p >= '0'))
+ k=(*p-'0')<<4;
+ else if ((*p <= 'f') && (*p >= 'a'))
+ k=(*p-'a'+10)<<4;
+ else if ((*p <= 'F') && (*p >= 'A'))
+ k=(*p-'A'+10)<<4;
+ else
+ {
+ fputs("Bad hex key\n",stderr);
+ Exit=9;
+ goto problems;
+ }
+ p++;
+ if ((*p <= '9') && (*p >= '0'))
+ k|=(*p-'0');
+ else if ((*p <= 'f') && (*p >= 'a'))
+ k|=(*p-'a'+10);
+ else if ((*p <= 'F') && (*p >= 'A'))
+ k|=(*p-'A'+10);
+ else
+ {
+ fputs("Bad hex key\n",stderr);
+ Exit=9;
+ goto problems;
+ }
+ p++;
+ if (i < 8)
+ kk[i]=k;
+ else
+ k2[i-8]=k;
+ }
+ des_set_key((C_Block *)k2,ks2);
+ memset(k2,0,sizeof(k2));
+ }
+ else if (longk || flag3)
+ {
+ if (flag3)
+ {
+ des_string_to_2keys(key,(C_Block *)kk,(C_Block *)k2);
+ des_set_key((C_Block *)k2,ks2);
+ memset(k2,0,sizeof(k2));
+ }
+ else
+ des_string_to_key(key,(C_Block *)kk);
+ }
+ else
+ for (i=0; i<KEYSIZ; i++)
+ {
+ l=0;
+ k=key[i];
+ for (j=0; j<8; j++)
+ {
+ if (k&1) l++;
+ k>>=1;
+ }
+ if (l & 1)
+ kk[i]=key[i]&0x7f;
+ else
+ kk[i]=key[i]|0x80;
+ }
+
+ des_set_key((C_Block *)kk,ks);
+ memset(key,0,sizeof(key));
+ memset(kk,0,sizeof(kk));
+ /* woops - A bug that does not showup under unix :-( */
+ memset(iv,0,sizeof(iv));
+ memset(iv2,0,sizeof(iv2));
+
+ l=1;
+ rem=0;
+ /* first read */
+ if (eflag || (!dflag && cflag))
+ {
+ for (;;)
+ {
+ num=l=fread(&(buf[rem]),1,BUFSIZE,DES_IN);
+ l+=rem;
+ num+=rem;
+ if (l < 0)
+ {
+ perror("read error");
+ Exit=6;
+ goto problems;
+ }
+
+ rem=l%8;
+ len=l-rem;
+ if (feof(DES_IN))
+ {
+ srandom((unsigned int)time(NULL));
+ for (i=7-rem; i>0; i--)
+ buf[l++]=random()&0xff;
+ buf[l++]=rem;
+ ex=1;
+ len+=rem;
+ }
+ else
+ l-=rem;
+
+ if (cflag)
+ {
+ des_cbc_cksum((C_Block *)buf,(C_Block *)cksum,
+ (long)len,ks,(C_Block *)cksum);
+ if (!eflag)
+ {
+ if (feof(DES_IN)) break;
+ else continue;
+ }
+ }
+
+ if (bflag && !flag3)
+ for (i=0; i<l; i+=8)
+ des_ecb_encrypt(
+ (des_cblock *)&(buf[i]),
+ (des_cblock *)&(obuf[i]),
+ ks,do_encrypt);
+ else if (flag3 && bflag)
+ for (i=0; i<l; i+=8)
+ des_ecb2_encrypt(
+ (des_cblock *)&(buf[i]),
+ (des_cblock *)&(obuf[i]),
+ ks,ks2,do_encrypt);
+ else if (flag3 && !bflag)
+ {
+ char tmpbuf[8];
+
+ if (rem) memcpy(tmpbuf,&(buf[l]),
+ (unsigned int)rem);
+ des_3cbc_encrypt(
+ (des_cblock *)buf,(des_cblock *)obuf,
+ (long)l,ks,ks2,(des_cblock *)iv,
+ (des_cblock *)iv2,do_encrypt);
+ if (rem) memcpy(&(buf[l]),tmpbuf,
+ (unsigned int)rem);
+ }
+ else
+ {
+ des_cbc_encrypt(
+ (des_cblock *)buf,(des_cblock *)obuf,
+ (long)l,ks,(des_cblock *)iv,do_encrypt);
+ if (l >= 8) memcpy(iv,&(obuf[l-8]),8);
+ }
+ if (rem) memcpy(buf,&(buf[l]),(unsigned int)rem);
+
+ i=0;
+ while (i < l)
+ {
+ if (uflag)
+ j=uufwrite(obuf,1,(unsigned int)l-i,
+ DES_OUT);
+ else
+ j=fwrite(obuf,1,(unsigned int)l-i,
+ DES_OUT);
+ if (j == -1)
+ {
+ perror("Write error");
+ Exit=7;
+ goto problems;
+ }
+ i+=j;
+ }
+ if (feof(DES_IN))
+ {
+ if (uflag) uufwriteEnd(DES_OUT);
+ break;
+ }
+ }
+ }
+ else /* decrypt */
+ {
+ ex=1;
+ for (;;)
+ {
+ if (ex) {
+ if (uflag)
+ l=uufread(buf,1,BUFSIZE,DES_IN);
+ else
+ l=fread(buf,1,BUFSIZE,DES_IN);
+ ex=0;
+ rem=l%8;
+ l-=rem;
+ }
+ if (l < 0)
+ {
+ perror("read error");
+ Exit=6;
+ goto problems;
+ }
+
+ if (bflag && !flag3)
+ for (i=0; i<l; i+=8)
+ des_ecb_encrypt(
+ (des_cblock *)&(buf[i]),
+ (des_cblock *)&(obuf[i]),
+ ks,do_encrypt);
+ else if (flag3 && bflag)
+ for (i=0; i<l; i+=8)
+ des_ecb2_encrypt(
+ (des_cblock *)&(buf[i]),
+ (des_cblock *)&(obuf[i]),
+ ks,ks2,do_encrypt);
+ else if (flag3 && !bflag)
+ {
+ des_3cbc_encrypt(
+ (des_cblock *)buf,(des_cblock *)obuf,
+ (long)l,ks,ks2,(des_cblock *)iv,
+ (des_cblock *)iv2,do_encrypt);
+ }
+ else
+ {
+ des_cbc_encrypt(
+ (des_cblock *)buf,(des_cblock *)obuf,
+ (long)l,ks,(des_cblock *)iv,do_encrypt);
+ if (l >= 8) memcpy(iv,&(buf[l-8]),8);
+ }
+
+ if (uflag)
+ ll=uufread(&(buf[rem]),1,BUFSIZE,DES_IN);
+ else
+ ll=fread(&(buf[rem]),1,BUFSIZE,DES_IN);
+ ll+=rem;
+ rem=ll%8;
+ ll-=rem;
+ if (feof(DES_IN) && (ll == 0))
+ {
+ last=obuf[l-1];
+
+ if ((last > 7) || (last < 0))
+ {
+ fputs("The file was not decrypted correctly.\n",
+ stderr);
+ Exit=8;
+ last=0;
+ }
+ l=l-8+last;
+ }
+ i=0;
+ if (cflag) des_cbc_cksum((C_Block *)obuf,
+ (C_Block *)cksum,(long)l/8*8,ks,
+ (C_Block *)cksum);
+ while (i != l)
+ {
+ j=fwrite(obuf,1,(unsigned int)l-i,DES_OUT);
+ if (j == -1)
+ {
+ perror("Write error");
+ Exit=7;
+ goto problems;
+ }
+ i+=j;
+ }
+ l=ll;
+ if ((l == 0) && feof(DES_IN)) break;
+ }
+ }
+ if (cflag)
+ {
+ l=0;
+ if (cksumname[0] != '\0')
+ {
+ if ((O=fopen(cksumname,"w")) != NULL)
+ {
+ CKSUM_OUT=O;
+ l=1;
+ }
+ }
+ for (i=0; i<8; i++)
+ fprintf(CKSUM_OUT,"%02X",cksum[i]);
+ fprintf(CKSUM_OUT,"\n");
+ if (l) fclose(CKSUM_OUT);
+ }
+problems:
+ memset(buf,0,sizeof(buf));
+ memset(obuf,0,sizeof(obuf));
+ memset(ks,0,sizeof(ks));
+ memset(ks2,0,sizeof(ks2));
+ memset(iv,0,sizeof(iv));
+ memset(iv2,0,sizeof(iv2));
+ memset(kk,0,sizeof(kk));
+ memset(k2,0,sizeof(k2));
+ memset(uubuf,0,sizeof(uubuf));
+ memset(b,0,sizeof(b));
+ memset(bb,0,sizeof(bb));
+ memset(cksum,0,sizeof(cksum));
+ if (Exit) EXIT(Exit);
+ }
+
+int uufwrite(data, size, num, fp)
+unsigned char *data;
+int size;
+unsigned int num;
+FILE *fp;
+
+ /* We ignore this parameter but it should be > ~50 I believe */
+
+
+ {
+ int i,j,left,rem,ret=num;
+ static int start=1;
+
+ if (start)
+ {
+ fprintf(fp,"begin 600 %s\n",
+ (uuname[0] == '\0')?"text.d":uuname);
+ start=0;
+ }
+
+ if (uubufnum)
+ {
+ if (uubufnum+num < 45)
+ {
+ memcpy(&(uubuf[uubufnum]),data,(unsigned int)num);
+ uubufnum+=num;
+ return(num);
+ }
+ else
+ {
+ i=45-uubufnum;
+ memcpy(&(uubuf[uubufnum]),data,(unsigned int)i);
+ j=uuencode((unsigned char *)uubuf,45,b);
+ fwrite(b,1,(unsigned int)j,fp);
+ uubufnum=0;
+ data+=i;
+ num-=i;
+ }
+ }
+
+ for (i=0; i<(((int)num)-INUUBUFN); i+=INUUBUFN)
+ {
+ j=uuencode(&(data[i]),INUUBUFN,b);
+ fwrite(b,1,(unsigned int)j,fp);
+ }
+ rem=(num-i)%45;
+ left=(num-i-rem);
+ if (left)
+ {
+ j=uuencode(&(data[i]),left,b);
+ fwrite(b,1,(unsigned int)j,fp);
+ i+=left;
+ }
+ if (i != num)
+ {
+ memcpy(uubuf,&(data[i]),(unsigned int)rem);
+ uubufnum=rem;
+ }
+ return(ret);
+ }
+
+void uufwriteEnd(fp)
+FILE *fp;
+ {
+ int j;
+ static const char *end=" \nend\n";
+
+ if (uubufnum != 0)
+ {
+ uubuf[uubufnum]='\0';
+ uubuf[uubufnum+1]='\0';
+ uubuf[uubufnum+2]='\0';
+ j=uuencode(uubuf,uubufnum,b);
+ fwrite(b,1,(unsigned int)j,fp);
+ }
+ fwrite(end,1,strlen(end),fp);
+ }
+
+int uufread(out, size, num, fp)
+unsigned char *out;
+int size; /* should always be > ~ 60; I actually ignore this parameter :-) */
+unsigned int num;
+FILE *fp;
+ {
+ int i,j,tot;
+ static int done=0;
+ static int valid=0;
+ static int start=1;
+
+ if (start)
+ {
+ for (;;)
+ {
+ b[0]='\0';
+ fgets((char *)b,300,fp);
+ if (b[0] == '\0')
+ {
+ fprintf(stderr,"no 'begin' found in uuencoded input\n");
+ return(-1);
+ }
+ if (strncmp((char *)b,"begin ",6) == 0) break;
+ }
+ start=0;
+ }
+ if (done) return(0);
+ tot=0;
+ if (valid)
+ {
+ memcpy(out,bb,(unsigned int)valid);
+ tot=valid;
+ valid=0;
+ }
+ for (;;)
+ {
+ b[0]='\0';
+ fgets((char *)b,300,fp);
+ if (b[0] == '\0') break;
+ i=strlen((char *)b);
+ if ((b[0] == 'e') && (b[1] == 'n') && (b[2] == 'd'))
+ {
+ done=1;
+ while (!feof(fp))
+ {
+ fgets((char *)b,300,fp);
+ }
+ break;
+ }
+ i=uudecode(b,i,bb);
+ if (i < 0) break;
+ if ((i+tot+8) > num)
+ {
+ /* num to copy to make it a multiple of 8 */
+ j=(num/8*8)-tot-8;
+ memcpy(&(out[tot]),bb,(unsigned int)j);
+ tot+=j;
+ memcpy(bb,&(bb[j]),(unsigned int)i-j);
+ valid=i-j;
+ break;
+ }
+ memcpy(&(out[tot]),bb,(unsigned int)i);
+ tot+=i;
+ }
+ return(tot);
+ }
+
+#define ccc2l(c,l) (l =((DES_LONG)(*((c)++)))<<16, \
+ l|=((DES_LONG)(*((c)++)))<< 8, \
+ l|=((DES_LONG)(*((c)++))))
+
+#define l2ccc(l,c) (*((c)++)=(unsigned char)(((l)>>16)&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
+ *((c)++)=(unsigned char)(((l) )&0xff))
+
+
+int uuencode(in, num, out)
+unsigned char *in;
+int num;
+unsigned char *out;
+ {
+ int j,i,n,tot=0;
+ DES_LONG l;
+ register unsigned char *p;
+ p=out;
+
+ for (j=0; j<num; j+=45)
+ {
+ if (j+45 > num)
+ i=(num-j);
+ else i=45;
+ *(p++)=i+' ';
+ for (n=0; n<i; n+=3)
+ {
+ ccc2l(in,l);
+ *(p++)=((l>>18)&0x3f)+' ';
+ *(p++)=((l>>12)&0x3f)+' ';
+ *(p++)=((l>> 6)&0x3f)+' ';
+ *(p++)=((l )&0x3f)+' ';
+ tot+=4;
+ }
+ *(p++)='\n';
+ tot+=2;
+ }
+ *p='\0';
+ l=0;
+ return(tot);
+ }
+
+int uudecode(in, num, out)
+unsigned char *in;
+int num;
+unsigned char *out;
+ {
+ int j,i,k;
+ unsigned int n=0,space=0;
+ DES_LONG l;
+ DES_LONG w,x,y,z;
+ unsigned int blank=(unsigned int)'\n'-' ';
+
+ for (j=0; j<num; )
+ {
+ n= *(in++)-' ';
+ if (n == blank)
+ {
+ n=0;
+ in--;
+ }
+ if (n > 60)
+ {
+ fprintf(stderr,"uuencoded line length too long\n");
+ return(-1);
+ }
+ j++;
+
+ for (i=0; i<n; j+=4,i+=3)
+ {
+ /* the following is for cases where spaces are
+ * removed from lines.
+ */
+ if (space)
+ {
+ w=x=y=z=0;
+ }
+ else
+ {
+ w= *(in++)-' ';
+ x= *(in++)-' ';
+ y= *(in++)-' ';
+ z= *(in++)-' ';
+ }
+ if ((w > 63) || (x > 63) || (y > 63) || (z > 63))
+ {
+ k=0;
+ if (w == blank) k=1;
+ if (x == blank) k=2;
+ if (y == blank) k=3;
+ if (z == blank) k=4;
+ space=1;
+ switch (k) {
+ case 1: w=0; in--;
+ case 2: x=0; in--;
+ case 3: y=0; in--;
+ case 4: z=0; in--;
+ break;
+ case 0:
+ space=0;
+ fprintf(stderr,"bad uuencoded data values\n");
+ w=x=y=z=0;
+ return(-1);
+ break;
+ }
+ }
+ l=(w<<18)|(x<<12)|(y<< 6)|(z );
+ l2ccc(l,out);
+ }
+ if (*(in++) != '\n')
+ {
+ fprintf(stderr,"missing nl in uuencoded line\n");
+ w=x=y=z=0;
+ return(-1);
+ }
+ j++;
+ }
+ *out='\0';
+ w=x=y=z=0;
+ return(n);
+ }
diff --git a/src/lib/libssl/src/crypto/des/des3s.cpp b/src/lib/libssl/src/crypto/des/des3s.cpp
new file mode 100644
index 0000000000..9aff6494d9
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/des3s.cpp
@@ -0,0 +1,67 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+ asm volatile(".byte 15, 49\n\t"
+ : "=eax" (tsc)
+ :
+ : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+ unsigned long a;
+ __asm _emit 0fh
+ __asm _emit 31h
+ __asm mov a, eax;
+ tsc=a;
+}
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "des.h"
+
+void main(int argc,char *argv[])
+ {
+ des_key_schedule key1,key2,key3;
+ unsigned long s1,s2,e1,e2;
+ unsigned long data[2];
+ int i,j;
+
+ for (j=0; j<6; j++)
+ {
+ for (i=0; i<1000; i++) /**/
+ {
+ des_encrypt3(&data[0],key1,key2,key3);
+ GetTSC(s1);
+ des_encrypt3(&data[0],key1,key2,key3);
+ des_encrypt3(&data[0],key1,key2,key3);
+ des_encrypt3(&data[0],key1,key2,key3);
+ GetTSC(e1);
+ GetTSC(s2);
+ des_encrypt3(&data[0],key1,key2,key3);
+ des_encrypt3(&data[0],key1,key2,key3);
+ des_encrypt3(&data[0],key1,key2,key3);
+ des_encrypt3(&data[0],key1,key2,key3);
+ GetTSC(e2);
+ des_encrypt3(&data[0],key1,key2,key3);
+ }
+
+ printf("des %d %d (%d)\n",
+ e1-s1,e2-s2,((e2-s2)-(e1-s1)));
+ }
+ }
+
diff --git a/src/lib/libssl/src/crypto/des/des_enc.c b/src/lib/libssl/src/crypto/des/des_enc.c
new file mode 100644
index 0000000000..e4db09299e
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/des_enc.c
@@ -0,0 +1,502 @@
+/* crypto/des/des_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+void des_encrypt(data, ks, enc)
+DES_LONG *data;
+des_key_schedule ks;
+int enc;
+ {
+ register DES_LONG l,r,t,u;
+#ifdef DES_PTR
+ register unsigned char *des_SP=(unsigned char *)des_SPtrans;
+#endif
+#ifndef DES_UNROLL
+ register int i;
+#endif
+ register DES_LONG *s;
+
+ r=data[0];
+ l=data[1];
+
+ IP(r,l);
+ /* Things have been modified so that the initial rotate is
+ * done outside the loop. This required the
+ * des_SPtrans values in sp.h to be rotated 1 bit to the right.
+ * One perl script later and things have a 5% speed up on a sparc2.
+ * Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
+ * for pointing this out. */
+ /* clear the top bits on machines with 8byte longs */
+ /* shift left by 2 */
+ r=ROTATE(r,29)&0xffffffffL;
+ l=ROTATE(l,29)&0xffffffffL;
+
+ s=(DES_LONG *)ks;
+ /* I don't know if it is worth the effort of loop unrolling the
+ * inner loop */
+ if (enc)
+ {
+#ifdef DES_UNROLL
+ D_ENCRYPT(l,r, 0); /* 1 */
+ D_ENCRYPT(r,l, 2); /* 2 */
+ D_ENCRYPT(l,r, 4); /* 3 */
+ D_ENCRYPT(r,l, 6); /* 4 */
+ D_ENCRYPT(l,r, 8); /* 5 */
+ D_ENCRYPT(r,l,10); /* 6 */
+ D_ENCRYPT(l,r,12); /* 7 */
+ D_ENCRYPT(r,l,14); /* 8 */
+ D_ENCRYPT(l,r,16); /* 9 */
+ D_ENCRYPT(r,l,18); /* 10 */
+ D_ENCRYPT(l,r,20); /* 11 */
+ D_ENCRYPT(r,l,22); /* 12 */
+ D_ENCRYPT(l,r,24); /* 13 */
+ D_ENCRYPT(r,l,26); /* 14 */
+ D_ENCRYPT(l,r,28); /* 15 */
+ D_ENCRYPT(r,l,30); /* 16 */
+#else
+ for (i=0; i<32; i+=8)
+ {
+ D_ENCRYPT(l,r,i+0); /* 1 */
+ D_ENCRYPT(r,l,i+2); /* 2 */
+ D_ENCRYPT(l,r,i+4); /* 3 */
+ D_ENCRYPT(r,l,i+6); /* 4 */
+ }
+#endif
+ }
+ else
+ {
+#ifdef DES_UNROLL
+ D_ENCRYPT(l,r,30); /* 16 */
+ D_ENCRYPT(r,l,28); /* 15 */
+ D_ENCRYPT(l,r,26); /* 14 */
+ D_ENCRYPT(r,l,24); /* 13 */
+ D_ENCRYPT(l,r,22); /* 12 */
+ D_ENCRYPT(r,l,20); /* 11 */
+ D_ENCRYPT(l,r,18); /* 10 */
+ D_ENCRYPT(r,l,16); /* 9 */
+ D_ENCRYPT(l,r,14); /* 8 */
+ D_ENCRYPT(r,l,12); /* 7 */
+ D_ENCRYPT(l,r,10); /* 6 */
+ D_ENCRYPT(r,l, 8); /* 5 */
+ D_ENCRYPT(l,r, 6); /* 4 */
+ D_ENCRYPT(r,l, 4); /* 3 */
+ D_ENCRYPT(l,r, 2); /* 2 */
+ D_ENCRYPT(r,l, 0); /* 1 */
+#else
+ for (i=30; i>0; i-=8)
+ {
+ D_ENCRYPT(l,r,i-0); /* 16 */
+ D_ENCRYPT(r,l,i-2); /* 15 */
+ D_ENCRYPT(l,r,i-4); /* 14 */
+ D_ENCRYPT(r,l,i-6); /* 13 */
+ }
+#endif
+ }
+
+ /* rotate and clear the top bits on machines with 8byte longs */
+ l=ROTATE(l,3)&0xffffffffL;
+ r=ROTATE(r,3)&0xffffffffL;
+
+ FP(r,l);
+ data[0]=l;
+ data[1]=r;
+ l=r=t=u=0;
+ }
+
+void des_encrypt2(data, ks, enc)
+DES_LONG *data;
+des_key_schedule ks;
+int enc;
+ {
+ register DES_LONG l,r,t,u;
+#ifdef DES_PTR
+ register unsigned char *des_SP=(unsigned char *)des_SPtrans;
+#endif
+#ifndef DES_UNROLL
+ register int i;
+#endif
+ register DES_LONG *s;
+
+ r=data[0];
+ l=data[1];
+
+ /* Things have been modified so that the initial rotate is
+ * done outside the loop. This required the
+ * des_SPtrans values in sp.h to be rotated 1 bit to the right.
+ * One perl script later and things have a 5% speed up on a sparc2.
+ * Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
+ * for pointing this out. */
+ /* clear the top bits on machines with 8byte longs */
+ r=ROTATE(r,29)&0xffffffffL;
+ l=ROTATE(l,29)&0xffffffffL;
+
+ s=(DES_LONG *)ks;
+ /* I don't know if it is worth the effort of loop unrolling the
+ * inner loop */
+ if (enc)
+ {
+#ifdef DES_UNROLL
+ D_ENCRYPT(l,r, 0); /* 1 */
+ D_ENCRYPT(r,l, 2); /* 2 */
+ D_ENCRYPT(l,r, 4); /* 3 */
+ D_ENCRYPT(r,l, 6); /* 4 */
+ D_ENCRYPT(l,r, 8); /* 5 */
+ D_ENCRYPT(r,l,10); /* 6 */
+ D_ENCRYPT(l,r,12); /* 7 */
+ D_ENCRYPT(r,l,14); /* 8 */
+ D_ENCRYPT(l,r,16); /* 9 */
+ D_ENCRYPT(r,l,18); /* 10 */
+ D_ENCRYPT(l,r,20); /* 11 */
+ D_ENCRYPT(r,l,22); /* 12 */
+ D_ENCRYPT(l,r,24); /* 13 */
+ D_ENCRYPT(r,l,26); /* 14 */
+ D_ENCRYPT(l,r,28); /* 15 */
+ D_ENCRYPT(r,l,30); /* 16 */
+#else
+ for (i=0; i<32; i+=8)
+ {
+ D_ENCRYPT(l,r,i+0); /* 1 */
+ D_ENCRYPT(r,l,i+2); /* 2 */
+ D_ENCRYPT(l,r,i+4); /* 3 */
+ D_ENCRYPT(r,l,i+6); /* 4 */
+ }
+#endif
+ }
+ else
+ {
+#ifdef DES_UNROLL
+ D_ENCRYPT(l,r,30); /* 16 */
+ D_ENCRYPT(r,l,28); /* 15 */
+ D_ENCRYPT(l,r,26); /* 14 */
+ D_ENCRYPT(r,l,24); /* 13 */
+ D_ENCRYPT(l,r,22); /* 12 */
+ D_ENCRYPT(r,l,20); /* 11 */
+ D_ENCRYPT(l,r,18); /* 10 */
+ D_ENCRYPT(r,l,16); /* 9 */
+ D_ENCRYPT(l,r,14); /* 8 */
+ D_ENCRYPT(r,l,12); /* 7 */
+ D_ENCRYPT(l,r,10); /* 6 */
+ D_ENCRYPT(r,l, 8); /* 5 */
+ D_ENCRYPT(l,r, 6); /* 4 */
+ D_ENCRYPT(r,l, 4); /* 3 */
+ D_ENCRYPT(l,r, 2); /* 2 */
+ D_ENCRYPT(r,l, 0); /* 1 */
+#else
+ for (i=30; i>0; i-=8)
+ {
+ D_ENCRYPT(l,r,i-0); /* 16 */
+ D_ENCRYPT(r,l,i-2); /* 15 */
+ D_ENCRYPT(l,r,i-4); /* 14 */
+ D_ENCRYPT(r,l,i-6); /* 13 */
+ }
+#endif
+ }
+ /* rotate and clear the top bits on machines with 8byte longs */
+ data[0]=ROTATE(l,3)&0xffffffffL;
+ data[1]=ROTATE(r,3)&0xffffffffL;
+ l=r=t=u=0;
+ }
+
+void des_encrypt3(data,ks1,ks2,ks3)
+DES_LONG *data;
+des_key_schedule ks1;
+des_key_schedule ks2;
+des_key_schedule ks3;
+ {
+ register DES_LONG l,r;
+
+ l=data[0];
+ r=data[1];
+ IP(l,r);
+ data[0]=l;
+ data[1]=r;
+ des_encrypt2((DES_LONG *)data,ks1,DES_ENCRYPT);
+ des_encrypt2((DES_LONG *)data,ks2,DES_DECRYPT);
+ des_encrypt2((DES_LONG *)data,ks3,DES_ENCRYPT);
+ l=data[0];
+ r=data[1];
+ FP(r,l);
+ data[0]=l;
+ data[1]=r;
+ }
+
+void des_decrypt3(data,ks1,ks2,ks3)
+DES_LONG *data;
+des_key_schedule ks1;
+des_key_schedule ks2;
+des_key_schedule ks3;
+ {
+ register DES_LONG l,r;
+
+ l=data[0];
+ r=data[1];
+ IP(l,r);
+ data[0]=l;
+ data[1]=r;
+ des_encrypt2((DES_LONG *)data,ks3,DES_DECRYPT);
+ des_encrypt2((DES_LONG *)data,ks2,DES_ENCRYPT);
+ des_encrypt2((DES_LONG *)data,ks1,DES_DECRYPT);
+ l=data[0];
+ r=data[1];
+ FP(r,l);
+ data[0]=l;
+ data[1]=r;
+ }
+
+#ifndef DES_DEFAULT_OPTIONS
+
+void des_ncbc_encrypt(input, output, length, schedule, ivec, enc)
+des_cblock (*input);
+des_cblock (*output);
+long length;
+des_key_schedule schedule;
+des_cblock (*ivec);
+int enc;
+ {
+ register DES_LONG tin0,tin1;
+ register DES_LONG tout0,tout1,xor0,xor1;
+ register unsigned char *in,*out;
+ register long l=length;
+ DES_LONG tin[2];
+ unsigned char *iv;
+
+ in=(unsigned char *)input;
+ out=(unsigned char *)output;
+ iv=(unsigned char *)ivec;
+
+ if (enc)
+ {
+ c2l(iv,tout0);
+ c2l(iv,tout1);
+ for (l-=8; l>=0; l-=8)
+ {
+ c2l(in,tin0);
+ c2l(in,tin1);
+ tin0^=tout0; tin[0]=tin0;
+ tin1^=tout1; tin[1]=tin1;
+ des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
+ tout0=tin[0]; l2c(tout0,out);
+ tout1=tin[1]; l2c(tout1,out);
+ }
+ if (l != -8)
+ {
+ c2ln(in,tin0,tin1,l+8);
+ tin0^=tout0; tin[0]=tin0;
+ tin1^=tout1; tin[1]=tin1;
+ des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
+ tout0=tin[0]; l2c(tout0,out);
+ tout1=tin[1]; l2c(tout1,out);
+ }
+ iv=(unsigned char *)ivec;
+ l2c(tout0,iv);
+ l2c(tout1,iv);
+ }
+ else
+ {
+ c2l(iv,xor0);
+ c2l(iv,xor1);
+ for (l-=8; l>=0; l-=8)
+ {
+ c2l(in,tin0); tin[0]=tin0;
+ c2l(in,tin1); tin[1]=tin1;
+ des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT);
+ tout0=tin[0]^xor0;
+ tout1=tin[1]^xor1;
+ l2c(tout0,out);
+ l2c(tout1,out);
+ xor0=tin0;
+ xor1=tin1;
+ }
+ if (l != -8)
+ {
+ c2l(in,tin0); tin[0]=tin0;
+ c2l(in,tin1); tin[1]=tin1;
+ des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT);
+ tout0=tin[0]^xor0;
+ tout1=tin[1]^xor1;
+ l2cn(tout0,tout1,out,l+8);
+ xor0=tin0;
+ xor1=tin1;
+ }
+
+ iv=(unsigned char *)ivec;
+ l2c(xor0,iv);
+ l2c(xor1,iv);
+ }
+ tin0=tin1=tout0=tout1=xor0=xor1=0;
+ tin[0]=tin[1]=0;
+ }
+
+void des_ede3_cbc_encrypt(input, output, length, ks1, ks2, ks3, ivec, enc)
+des_cblock (*input);
+des_cblock (*output);
+long length;
+des_key_schedule ks1;
+des_key_schedule ks2;
+des_key_schedule ks3;
+des_cblock (*ivec);
+int enc;
+ {
+ register DES_LONG tin0,tin1;
+ register DES_LONG tout0,tout1,xor0,xor1;
+ register unsigned char *in,*out;
+ register long l=length;
+ DES_LONG tin[2];
+ unsigned char *iv;
+
+ in=(unsigned char *)input;
+ out=(unsigned char *)output;
+ iv=(unsigned char *)ivec;
+
+ if (enc)
+ {
+ c2l(iv,tout0);
+ c2l(iv,tout1);
+ for (l-=8; l>=0; l-=8)
+ {
+ c2l(in,tin0);
+ c2l(in,tin1);
+ tin0^=tout0;
+ tin1^=tout1;
+
+ tin[0]=tin0;
+ tin[1]=tin1;
+ des_encrypt3((DES_LONG *)tin,ks1,ks2,ks3);
+ tout0=tin[0];
+ tout1=tin[1];
+
+ l2c(tout0,out);
+ l2c(tout1,out);
+ }
+ if (l != -8)
+ {
+ c2ln(in,tin0,tin1,l+8);
+ tin0^=tout0;
+ tin1^=tout1;
+
+ tin[0]=tin0;
+ tin[1]=tin1;
+ des_encrypt3((DES_LONG *)tin,ks1,ks2,ks3);
+ tout0=tin[0];
+ tout1=tin[1];
+
+ l2c(tout0,out);
+ l2c(tout1,out);
+ }
+ iv=(unsigned char *)ivec;
+ l2c(tout0,iv);
+ l2c(tout1,iv);
+ }
+ else
+ {
+ register DES_LONG t0,t1;
+
+ c2l(iv,xor0);
+ c2l(iv,xor1);
+ for (l-=8; l>=0; l-=8)
+ {
+ c2l(in,tin0);
+ c2l(in,tin1);
+
+ t0=tin0;
+ t1=tin1;
+
+ tin[0]=tin0;
+ tin[1]=tin1;
+ des_decrypt3((DES_LONG *)tin,ks1,ks2,ks3);
+ tout0=tin[0];
+ tout1=tin[1];
+
+ tout0^=xor0;
+ tout1^=xor1;
+ l2c(tout0,out);
+ l2c(tout1,out);
+ xor0=t0;
+ xor1=t1;
+ }
+ if (l != -8)
+ {
+ c2l(in,tin0);
+ c2l(in,tin1);
+
+ t0=tin0;
+ t1=tin1;
+
+ tin[0]=tin0;
+ tin[1]=tin1;
+ des_decrypt3((DES_LONG *)tin,ks1,ks2,ks3);
+ tout0=tin[0];
+ tout1=tin[1];
+
+ tout0^=xor0;
+ tout1^=xor1;
+ l2cn(tout0,tout1,out,l+8);
+ xor0=t0;
+ xor1=t1;
+ }
+
+ iv=(unsigned char *)ivec;
+ l2c(xor0,iv);
+ l2c(xor1,iv);
+ }
+ tin0=tin1=tout0=tout1=xor0=xor1=0;
+ tin[0]=tin[1]=0;
+ }
+
+#endif /* DES_DEFAULT_OPTIONS */
diff --git a/src/lib/libssl/src/crypto/des/des_opts.c b/src/lib/libssl/src/crypto/des/des_opts.c
new file mode 100644
index 0000000000..fdf0fbf461
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/des_opts.c
@@ -0,0 +1,620 @@
+/* crypto/des/des_opts.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* define PART1, PART2, PART3 or PART4 to build only with a few of the options.
+ * This is for machines with 64k code segment size restrictions. */
+
+#ifndef MSDOS
+#define TIMES
+#endif
+
+#include <stdio.h>
+#ifndef MSDOS
+#include <unistd.h>
+#else
+#include <io.h>
+extern void exit();
+#endif
+#include <signal.h>
+#ifndef VMS
+#ifndef _IRIX
+#include <time.h>
+#endif
+#ifdef TIMES
+#include <sys/types.h>
+#include <sys/times.h>
+#endif
+#else /* VMS */
+#include <types.h>
+struct tms {
+ time_t tms_utime;
+ time_t tms_stime;
+ time_t tms_uchild; /* I dunno... */
+ time_t tms_uchildsys; /* so these names are a guess :-) */
+ }
+#endif
+#ifndef TIMES
+#include <sys/timeb.h>
+#endif
+
+#ifdef sun
+#include <limits.h>
+#include <sys/param.h>
+#endif
+
+#include "des.h"
+#include "spr.h"
+
+#define DES_DEFAULT_OPTIONS
+
+#if !defined(PART1) && !defined(PART2) && !defined(PART3) && !defined(PART4)
+#define PART1
+#define PART2
+#define PART3
+#define PART4
+#endif
+
+#ifdef PART1
+
+#undef DES_UNROLL
+#undef DES_RISC1
+#undef DES_RISC2
+#undef DES_PTR
+#undef D_ENCRYPT
+#define des_encrypt des_encrypt_u4_cisc_idx
+#define des_encrypt2 des_encrypt2_u4_cisc_idx
+#define des_encrypt3 des_encrypt3_u4_cisc_idx
+#define des_decrypt3 des_decrypt3_u4_cisc_idx
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#define DES_UNROLL
+#undef DES_RISC1
+#undef DES_RISC2
+#undef DES_PTR
+#undef D_ENCRYPT
+#undef des_encrypt
+#undef des_encrypt2
+#undef des_encrypt3
+#undef des_decrypt3
+#define des_encrypt des_encrypt_u16_cisc_idx
+#define des_encrypt2 des_encrypt2_u16_cisc_idx
+#define des_encrypt3 des_encrypt3_u16_cisc_idx
+#define des_decrypt3 des_decrypt3_u16_cisc_idx
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#undef DES_UNROLL
+#define DES_RISC1
+#undef DES_RISC2
+#undef DES_PTR
+#undef D_ENCRYPT
+#undef des_encrypt
+#undef des_encrypt2
+#undef des_encrypt3
+#undef des_decrypt3
+#define des_encrypt des_encrypt_u4_risc1_idx
+#define des_encrypt2 des_encrypt2_u4_risc1_idx
+#define des_encrypt3 des_encrypt3_u4_risc1_idx
+#define des_decrypt3 des_decrypt3_u4_risc1_idx
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#endif
+
+#ifdef PART2
+
+#undef DES_UNROLL
+#undef DES_RISC1
+#define DES_RISC2
+#undef DES_PTR
+#undef D_ENCRYPT
+#undef des_encrypt
+#undef des_encrypt2
+#undef des_encrypt3
+#undef des_decrypt3
+#define des_encrypt des_encrypt_u4_risc2_idx
+#define des_encrypt2 des_encrypt2_u4_risc2_idx
+#define des_encrypt3 des_encrypt3_u4_risc2_idx
+#define des_decrypt3 des_decrypt3_u4_risc2_idx
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#define DES_UNROLL
+#define DES_RISC1
+#undef DES_RISC2
+#undef DES_PTR
+#undef D_ENCRYPT
+#undef des_encrypt
+#undef des_encrypt2
+#undef des_encrypt3
+#undef des_decrypt3
+#define des_encrypt des_encrypt_u16_risc1_idx
+#define des_encrypt2 des_encrypt2_u16_risc1_idx
+#define des_encrypt3 des_encrypt3_u16_risc1_idx
+#define des_decrypt3 des_decrypt3_u16_risc1_idx
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#define DES_UNROLL
+#undef DES_RISC1
+#define DES_RISC2
+#undef DES_PTR
+#undef D_ENCRYPT
+#undef des_encrypt
+#undef des_encrypt2
+#undef des_encrypt3
+#undef des_decrypt3
+#define des_encrypt des_encrypt_u16_risc2_idx
+#define des_encrypt2 des_encrypt2_u16_risc2_idx
+#define des_encrypt3 des_encrypt3_u16_risc2_idx
+#define des_decrypt3 des_decrypt3_u16_risc2_idx
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#endif
+
+#ifdef PART3
+
+#undef DES_UNROLL
+#undef DES_RISC1
+#undef DES_RISC2
+#define DES_PTR
+#undef D_ENCRYPT
+#undef des_encrypt
+#undef des_encrypt2
+#undef des_encrypt3
+#undef des_decrypt3
+#define des_encrypt des_encrypt_u4_cisc_ptr
+#define des_encrypt2 des_encrypt2_u4_cisc_ptr
+#define des_encrypt3 des_encrypt3_u4_cisc_ptr
+#define des_decrypt3 des_decrypt3_u4_cisc_ptr
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#define DES_UNROLL
+#undef DES_RISC1
+#undef DES_RISC2
+#define DES_PTR
+#undef D_ENCRYPT
+#undef des_encrypt
+#undef des_encrypt2
+#undef des_encrypt3
+#undef des_decrypt3
+#define des_encrypt des_encrypt_u16_cisc_ptr
+#define des_encrypt2 des_encrypt2_u16_cisc_ptr
+#define des_encrypt3 des_encrypt3_u16_cisc_ptr
+#define des_decrypt3 des_decrypt3_u16_cisc_ptr
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#undef DES_UNROLL
+#define DES_RISC1
+#undef DES_RISC2
+#define DES_PTR
+#undef D_ENCRYPT
+#undef des_encrypt
+#undef des_encrypt2
+#undef des_encrypt3
+#undef des_decrypt3
+#define des_encrypt des_encrypt_u4_risc1_ptr
+#define des_encrypt2 des_encrypt2_u4_risc1_ptr
+#define des_encrypt3 des_encrypt3_u4_risc1_ptr
+#define des_decrypt3 des_decrypt3_u4_risc1_ptr
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#endif
+
+#ifdef PART4
+
+#undef DES_UNROLL
+#undef DES_RISC1
+#define DES_RISC2
+#define DES_PTR
+#undef D_ENCRYPT
+#undef des_encrypt
+#undef des_encrypt2
+#undef des_encrypt3
+#undef des_decrypt3
+#define des_encrypt des_encrypt_u4_risc2_ptr
+#define des_encrypt2 des_encrypt2_u4_risc2_ptr
+#define des_encrypt3 des_encrypt3_u4_risc2_ptr
+#define des_decrypt3 des_decrypt3_u4_risc2_ptr
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#define DES_UNROLL
+#define DES_RISC1
+#undef DES_RISC2
+#define DES_PTR
+#undef D_ENCRYPT
+#undef des_encrypt
+#undef des_encrypt2
+#undef des_encrypt3
+#undef des_decrypt3
+#define des_encrypt des_encrypt_u16_risc1_ptr
+#define des_encrypt2 des_encrypt2_u16_risc1_ptr
+#define des_encrypt3 des_encrypt3_u16_risc1_ptr
+#define des_decrypt3 des_decrypt3_u16_risc1_ptr
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#define DES_UNROLL
+#undef DES_RISC1
+#define DES_RISC2
+#define DES_PTR
+#undef D_ENCRYPT
+#undef des_encrypt
+#undef des_encrypt2
+#undef des_encrypt3
+#undef des_decrypt3
+#define des_encrypt des_encrypt_u16_risc2_ptr
+#define des_encrypt2 des_encrypt2_u16_risc2_ptr
+#define des_encrypt3 des_encrypt3_u16_risc2_ptr
+#define des_decrypt3 des_decrypt3_u16_risc2_ptr
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#endif
+
+/* The following if from times(3) man page. It may need to be changed */
+#ifndef HZ
+# ifndef CLK_TCK
+# ifndef _BSD_CLK_TCK_ /* FreeBSD fix */
+# ifndef VMS
+# define HZ 100.0
+# else /* VMS */
+# define HZ 100.0
+# endif
+# else /* _BSD_CLK_TCK_ */
+# define HZ ((double)_BSD_CLK_TCK_)
+# endif
+# else /* CLK_TCK */
+# define HZ ((double)CLK_TCK)
+# endif
+#endif
+
+#define BUFSIZE ((long)1024)
+long run=0;
+
+#ifndef NOPROTO
+double Time_F(int s);
+#else
+double Time_F();
+#endif
+
+#ifdef SIGALRM
+#if defined(__STDC__) || defined(sgi)
+#define SIGRETTYPE void
+#else
+#define SIGRETTYPE int
+#endif
+
+#ifndef NOPROTO
+SIGRETTYPE sig_done(int sig);
+#else
+SIGRETTYPE sig_done();
+#endif
+
+SIGRETTYPE sig_done(sig)
+int sig;
+ {
+ signal(SIGALRM,sig_done);
+ run=0;
+#ifdef LINT
+ sig=sig;
+#endif
+ }
+#endif
+
+#define START 0
+#define STOP 1
+
+double Time_F(s)
+int s;
+ {
+ double ret;
+#ifdef TIMES
+ static struct tms tstart,tend;
+
+ if (s == START)
+ {
+ times(&tstart);
+ return(0);
+ }
+ else
+ {
+ times(&tend);
+ ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
+ return((ret == 0.0)?1e-6:ret);
+ }
+#else /* !times() */
+ static struct timeb tstart,tend;
+ long i;
+
+ if (s == START)
+ {
+ ftime(&tstart);
+ return(0);
+ }
+ else
+ {
+ ftime(&tend);
+ i=(long)tend.millitm-(long)tstart.millitm;
+ ret=((double)(tend.time-tstart.time))+((double)i)/1000.0;
+ return((ret == 0.0)?1e-6:ret);
+ }
+#endif
+ }
+
+#ifdef SIGALRM
+#define print_name(name) fprintf(stderr,"Doing %s's for 10 seconds\n",name); alarm(10);
+#else
+#define print_name(name) fprintf(stderr,"Doing %s %ld times\n",name,cb);
+#endif
+
+#define time_it(func,name,index) \
+ print_name(name); \
+ Time_F(START); \
+ for (count=0,run=1; COND(cb); count++) \
+ { \
+ unsigned long d[2]; \
+ func(d,&(sch[0]),DES_ENCRYPT); \
+ } \
+ tm[index]=Time_F(STOP); \
+ fprintf(stderr,"%ld %s's in %.2f second\n",count,name,tm[index]); \
+ tm[index]=((double)COUNT(cb))/tm[index];
+
+#define print_it(name,index) \
+ fprintf(stderr,"%s bytes per sec = %12.2f (%5.1fuS)\n",name, \
+ tm[index]*8,1.0e6/tm[index]);
+
+int main(argc,argv)
+int argc;
+char **argv;
+ {
+ long count;
+ static unsigned char buf[BUFSIZE];
+ static des_cblock key ={0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0};
+ static des_cblock key2={0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12};
+ static des_cblock key3={0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34};
+ des_key_schedule sch,sch2,sch3;
+ double d,tm[16],max=0;
+ int rank[16];
+ char *str[16];
+ int max_idx=0,i,num=0,j;
+#ifndef SIGALARM
+ long ca,cb,cc,cd,ce;
+#endif
+
+ for (i=0; i<12; i++)
+ {
+ tm[i]=0.0;
+ rank[i]=0;
+ }
+
+#ifndef TIMES
+ fprintf(stderr,"To get the most acurate results, try to run this\n");
+ fprintf(stderr,"program when this computer is idle.\n");
+#endif
+
+ des_set_key((C_Block *)key,sch);
+ des_set_key((C_Block *)key2,sch2);
+ des_set_key((C_Block *)key3,sch3);
+
+#ifndef SIGALRM
+ fprintf(stderr,"First we calculate the approximate speed ...\n");
+ des_set_key((C_Block *)key,sch);
+ count=10;
+ do {
+ long i;
+ unsigned long data[2];
+
+ count*=2;
+ Time_F(START);
+ for (i=count; i; i--)
+ des_encrypt(data,&(sch[0]),DES_ENCRYPT);
+ d=Time_F(STOP);
+ } while (d < 3.0);
+ ca=count;
+ cb=count*3;
+ cc=count*3*8/BUFSIZE+1;
+ cd=count*8/BUFSIZE+1;
+
+ ce=count/20+1;
+#define COND(d) (count != (d))
+#define COUNT(d) (d)
+#else
+#define COND(c) (run)
+#define COUNT(d) (count)
+ signal(SIGALRM,sig_done);
+ alarm(10);
+#endif
+
+#ifdef PART1
+ time_it(des_encrypt_u4_cisc_idx, "des_encrypt_u4_cisc_idx ", 0);
+ time_it(des_encrypt_u16_cisc_idx, "des_encrypt_u16_cisc_idx ", 1);
+ time_it(des_encrypt_u4_risc1_idx, "des_encrypt_u4_risc1_idx ", 2);
+ num+=3;
+#endif
+#ifdef PART2
+ time_it(des_encrypt_u16_risc1_idx,"des_encrypt_u16_risc1_idx", 3);
+ time_it(des_encrypt_u4_risc2_idx, "des_encrypt_u4_risc2_idx ", 4);
+ time_it(des_encrypt_u16_risc2_idx,"des_encrypt_u16_risc2_idx", 5);
+ num+=3;
+#endif
+#ifdef PART3
+ time_it(des_encrypt_u4_cisc_ptr, "des_encrypt_u4_cisc_ptr ", 6);
+ time_it(des_encrypt_u16_cisc_ptr, "des_encrypt_u16_cisc_ptr ", 7);
+ time_it(des_encrypt_u4_risc1_ptr, "des_encrypt_u4_risc1_ptr ", 8);
+ num+=3;
+#endif
+#ifdef PART4
+ time_it(des_encrypt_u16_risc1_ptr,"des_encrypt_u16_risc1_ptr", 9);
+ time_it(des_encrypt_u4_risc2_ptr, "des_encrypt_u4_risc2_ptr ",10);
+ time_it(des_encrypt_u16_risc2_ptr,"des_encrypt_u16_risc2_ptr",11);
+ num+=3;
+#endif
+
+#ifdef PART1
+ str[0]=" 4 c i";
+ print_it("des_encrypt_u4_cisc_idx ",0);
+ max=tm[0];
+ max_idx=0;
+ str[1]="16 c i";
+ print_it("des_encrypt_u16_cisc_idx ",1);
+ if (max < tm[1]) { max=tm[1]; max_idx=1; }
+ str[2]=" 4 r1 i";
+ print_it("des_encrypt_u4_risc1_idx ",2);
+ if (max < tm[2]) { max=tm[2]; max_idx=2; }
+#endif
+#ifdef PART2
+ str[3]="16 r1 i";
+ print_it("des_encrypt_u16_risc1_idx",3);
+ if (max < tm[3]) { max=tm[3]; max_idx=3; }
+ str[4]=" 4 r2 i";
+ print_it("des_encrypt_u4_risc2_idx ",4);
+ if (max < tm[4]) { max=tm[4]; max_idx=4; }
+ str[5]="16 r2 i";
+ print_it("des_encrypt_u16_risc2_idx",5);
+ if (max < tm[5]) { max=tm[5]; max_idx=5; }
+#endif
+#ifdef PART3
+ str[6]=" 4 c p";
+ print_it("des_encrypt_u4_cisc_ptr ",6);
+ if (max < tm[6]) { max=tm[6]; max_idx=6; }
+ str[7]="16 c p";
+ print_it("des_encrypt_u16_cisc_ptr ",7);
+ if (max < tm[7]) { max=tm[7]; max_idx=7; }
+ str[8]=" 4 r1 p";
+ print_it("des_encrypt_u4_risc1_ptr ",8);
+ if (max < tm[8]) { max=tm[8]; max_idx=8; }
+#endif
+#ifdef PART4
+ str[9]="16 r1 p";
+ print_it("des_encrypt_u16_risc1_ptr",9);
+ if (max < tm[9]) { max=tm[9]; max_idx=9; }
+ str[10]=" 4 r2 p";
+ print_it("des_encrypt_u4_risc2_ptr ",10);
+ if (max < tm[10]) { max=tm[10]; max_idx=10; }
+ str[11]="16 r2 p";
+ print_it("des_encrypt_u16_risc2_ptr",11);
+ if (max < tm[11]) { max=tm[11]; max_idx=11; }
+#endif
+ printf("options des ecb/s\n");
+ printf("%s %12.2f 100.0%%\n",str[max_idx],tm[max_idx]);
+ d=tm[max_idx];
+ tm[max_idx]= -2.0;
+ max= -1.0;
+ for (;;)
+ {
+ for (i=0; i<12; i++)
+ {
+ if (max < tm[i]) { max=tm[i]; j=i; }
+ }
+ if (max < 0.0) break;
+ printf("%s %12.2f %4.1f%%\n",str[j],tm[j],tm[j]/d*100.0);
+ tm[j]= -2.0;
+ max= -1.0;
+ }
+
+ switch (max_idx)
+ {
+ case 0:
+ printf("-DDES_DEFAULT_OPTIONS\n");
+ break;
+ case 1:
+ printf("-DDES_UNROLL\n");
+ break;
+ case 2:
+ printf("-DDES_RISC1\n");
+ break;
+ case 3:
+ printf("-DDES_UNROLL -DDES_RISC1\n");
+ break;
+ case 4:
+ printf("-DDES_RISC2\n");
+ break;
+ case 5:
+ printf("-DDES_UNROLL -DDES_RISC2\n");
+ break;
+ case 6:
+ printf("-DDES_PTR\n");
+ break;
+ case 7:
+ printf("-DDES_UNROLL -DDES_PTR\n");
+ break;
+ case 8:
+ printf("-DDES_RISC1 -DDES_PTR\n");
+ break;
+ case 9:
+ printf("-DDES_UNROLL -DDES_RISC1 -DDES_PTR\n");
+ break;
+ case 10:
+ printf("-DDES_RISC2 -DDES_PTR\n");
+ break;
+ case 11:
+ printf("-DDES_UNROLL -DDES_RISC2 -DDES_PTR\n");
+ break;
+ }
+ exit(0);
+#if defined(LINT) || defined(MSDOS)
+ return(0);
+#endif
+ }
diff --git a/src/lib/libssl/src/crypto/des/des_ver.h b/src/lib/libssl/src/crypto/des/des_ver.h
new file mode 100644
index 0000000000..7041a9271d
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/des_ver.h
@@ -0,0 +1,60 @@
+/* crypto/des/des_ver.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+extern char *DES_version; /* SSLeay version string */
+extern char *libdes_version; /* old libdes version string */
diff --git a/src/lib/libssl/src/crypto/des/dess.cpp b/src/lib/libssl/src/crypto/des/dess.cpp
new file mode 100644
index 0000000000..7fb5987314
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/dess.cpp
@@ -0,0 +1,67 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+ asm volatile(".byte 15, 49\n\t"
+ : "=eax" (tsc)
+ :
+ : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+ unsigned long a;
+ __asm _emit 0fh
+ __asm _emit 31h
+ __asm mov a, eax;
+ tsc=a;
+}
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "des.h"
+
+void main(int argc,char *argv[])
+ {
+ des_key_schedule key;
+ unsigned long s1,s2,e1,e2;
+ unsigned long data[2];
+ int i,j;
+
+ for (j=0; j<6; j++)
+ {
+ for (i=0; i<1000; i++) /**/
+ {
+ des_encrypt(&data[0],key,1);
+ GetTSC(s1);
+ des_encrypt(&data[0],key,1);
+ des_encrypt(&data[0],key,1);
+ des_encrypt(&data[0],key,1);
+ GetTSC(e1);
+ GetTSC(s2);
+ des_encrypt(&data[0],key,1);
+ des_encrypt(&data[0],key,1);
+ des_encrypt(&data[0],key,1);
+ des_encrypt(&data[0],key,1);
+ GetTSC(e2);
+ des_encrypt(&data[0],key,1);
+ }
+
+ printf("des %d %d (%d)\n",
+ e1-s1,e2-s2,((e2-s2)-(e1-s1)));
+ }
+ }
+
diff --git a/src/lib/libssl/src/crypto/des/destest.c b/src/lib/libssl/src/crypto/des/destest.c
new file mode 100644
index 0000000000..620c13ba6f
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/destest.c
@@ -0,0 +1,882 @@
+/* crypto/des/destest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#if defined(WIN32) || defined(WIN16) || defined(WINDOWS)
+#ifndef MSDOS
+#define MSDOS
+#endif
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#ifndef MSDOS
+#include <unistd.h>
+#else
+#include <io.h>
+#endif
+#include <string.h>
+#include "des.h"
+
+/* tisk tisk - the test keys don't all have odd parity :-( */
+/* test data */
+#define NUM_TESTS 34
+static unsigned char key_data[NUM_TESTS][8]={
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
+ {0x30,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11},
+ {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+ {0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11},
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10},
+ {0x7C,0xA1,0x10,0x45,0x4A,0x1A,0x6E,0x57},
+ {0x01,0x31,0xD9,0x61,0x9D,0xC1,0x37,0x6E},
+ {0x07,0xA1,0x13,0x3E,0x4A,0x0B,0x26,0x86},
+ {0x38,0x49,0x67,0x4C,0x26,0x02,0x31,0x9E},
+ {0x04,0xB9,0x15,0xBA,0x43,0xFE,0xB5,0xB6},
+ {0x01,0x13,0xB9,0x70,0xFD,0x34,0xF2,0xCE},
+ {0x01,0x70,0xF1,0x75,0x46,0x8F,0xB5,0xE6},
+ {0x43,0x29,0x7F,0xAD,0x38,0xE3,0x73,0xFE},
+ {0x07,0xA7,0x13,0x70,0x45,0xDA,0x2A,0x16},
+ {0x04,0x68,0x91,0x04,0xC2,0xFD,0x3B,0x2F},
+ {0x37,0xD0,0x6B,0xB5,0x16,0xCB,0x75,0x46},
+ {0x1F,0x08,0x26,0x0D,0x1A,0xC2,0x46,0x5E},
+ {0x58,0x40,0x23,0x64,0x1A,0xBA,0x61,0x76},
+ {0x02,0x58,0x16,0x16,0x46,0x29,0xB0,0x07},
+ {0x49,0x79,0x3E,0xBC,0x79,0xB3,0x25,0x8F},
+ {0x4F,0xB0,0x5E,0x15,0x15,0xAB,0x73,0xA7},
+ {0x49,0xE9,0x5D,0x6D,0x4C,0xA2,0x29,0xBF},
+ {0x01,0x83,0x10,0xDC,0x40,0x9B,0x26,0xD6},
+ {0x1C,0x58,0x7F,0x1C,0x13,0x92,0x4F,0xEF},
+ {0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01},
+ {0x1F,0x1F,0x1F,0x1F,0x0E,0x0E,0x0E,0x0E},
+ {0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1,0xFE},
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
+ {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+ {0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10}};
+
+static unsigned char plain_data[NUM_TESTS][8]={
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
+ {0x10,0x00,0x00,0x00,0x00,0x00,0x00,0x01},
+ {0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11},
+ {0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11},
+ {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+ {0x01,0xA1,0xD6,0xD0,0x39,0x77,0x67,0x42},
+ {0x5C,0xD5,0x4C,0xA8,0x3D,0xEF,0x57,0xDA},
+ {0x02,0x48,0xD4,0x38,0x06,0xF6,0x71,0x72},
+ {0x51,0x45,0x4B,0x58,0x2D,0xDF,0x44,0x0A},
+ {0x42,0xFD,0x44,0x30,0x59,0x57,0x7F,0xA2},
+ {0x05,0x9B,0x5E,0x08,0x51,0xCF,0x14,0x3A},
+ {0x07,0x56,0xD8,0xE0,0x77,0x47,0x61,0xD2},
+ {0x76,0x25,0x14,0xB8,0x29,0xBF,0x48,0x6A},
+ {0x3B,0xDD,0x11,0x90,0x49,0x37,0x28,0x02},
+ {0x26,0x95,0x5F,0x68,0x35,0xAF,0x60,0x9A},
+ {0x16,0x4D,0x5E,0x40,0x4F,0x27,0x52,0x32},
+ {0x6B,0x05,0x6E,0x18,0x75,0x9F,0x5C,0xCA},
+ {0x00,0x4B,0xD6,0xEF,0x09,0x17,0x60,0x62},
+ {0x48,0x0D,0x39,0x00,0x6E,0xE7,0x62,0xF2},
+ {0x43,0x75,0x40,0xC8,0x69,0x8F,0x3C,0xFA},
+ {0x07,0x2D,0x43,0xA0,0x77,0x07,0x52,0x92},
+ {0x02,0xFE,0x55,0x77,0x81,0x17,0xF1,0x2A},
+ {0x1D,0x9D,0x5C,0x50,0x18,0xF7,0x28,0xC2},
+ {0x30,0x55,0x32,0x28,0x6D,0x6F,0x29,0x5A},
+ {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+ {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+ {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+ {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF}};
+
+static unsigned char cipher_data[NUM_TESTS][8]={
+ {0x8C,0xA6,0x4D,0xE9,0xC1,0xB1,0x23,0xA7},
+ {0x73,0x59,0xB2,0x16,0x3E,0x4E,0xDC,0x58},
+ {0x95,0x8E,0x6E,0x62,0x7A,0x05,0x55,0x7B},
+ {0xF4,0x03,0x79,0xAB,0x9E,0x0E,0xC5,0x33},
+ {0x17,0x66,0x8D,0xFC,0x72,0x92,0x53,0x2D},
+ {0x8A,0x5A,0xE1,0xF8,0x1A,0xB8,0xF2,0xDD},
+ {0x8C,0xA6,0x4D,0xE9,0xC1,0xB1,0x23,0xA7},
+ {0xED,0x39,0xD9,0x50,0xFA,0x74,0xBC,0xC4},
+ {0x69,0x0F,0x5B,0x0D,0x9A,0x26,0x93,0x9B},
+ {0x7A,0x38,0x9D,0x10,0x35,0x4B,0xD2,0x71},
+ {0x86,0x8E,0xBB,0x51,0xCA,0xB4,0x59,0x9A},
+ {0x71,0x78,0x87,0x6E,0x01,0xF1,0x9B,0x2A},
+ {0xAF,0x37,0xFB,0x42,0x1F,0x8C,0x40,0x95},
+ {0x86,0xA5,0x60,0xF1,0x0E,0xC6,0xD8,0x5B},
+ {0x0C,0xD3,0xDA,0x02,0x00,0x21,0xDC,0x09},
+ {0xEA,0x67,0x6B,0x2C,0xB7,0xDB,0x2B,0x7A},
+ {0xDF,0xD6,0x4A,0x81,0x5C,0xAF,0x1A,0x0F},
+ {0x5C,0x51,0x3C,0x9C,0x48,0x86,0xC0,0x88},
+ {0x0A,0x2A,0xEE,0xAE,0x3F,0xF4,0xAB,0x77},
+ {0xEF,0x1B,0xF0,0x3E,0x5D,0xFA,0x57,0x5A},
+ {0x88,0xBF,0x0D,0xB6,0xD7,0x0D,0xEE,0x56},
+ {0xA1,0xF9,0x91,0x55,0x41,0x02,0x0B,0x56},
+ {0x6F,0xBF,0x1C,0xAF,0xCF,0xFD,0x05,0x56},
+ {0x2F,0x22,0xE4,0x9B,0xAB,0x7C,0xA1,0xAC},
+ {0x5A,0x6B,0x61,0x2C,0xC2,0x6C,0xCE,0x4A},
+ {0x5F,0x4C,0x03,0x8E,0xD1,0x2B,0x2E,0x41},
+ {0x63,0xFA,0xC0,0xD0,0x34,0xD9,0xF7,0x93},
+ {0x61,0x7B,0x3A,0x0C,0xE8,0xF0,0x71,0x00},
+ {0xDB,0x95,0x86,0x05,0xF8,0xC8,0xC6,0x06},
+ {0xED,0xBF,0xD1,0xC6,0x6C,0x29,0xCC,0xC7},
+ {0x35,0x55,0x50,0xB2,0x15,0x0E,0x24,0x51},
+ {0xCA,0xAA,0xAF,0x4D,0xEA,0xF1,0xDB,0xAE},
+ {0xD5,0xD4,0x4F,0xF7,0x20,0x68,0x3D,0x0D},
+ {0x2A,0x2B,0xB0,0x08,0xDF,0x97,0xC2,0xF2}};
+
+static unsigned char cipher_ecb2[NUM_TESTS-1][8]={
+ {0x92,0x95,0xB5,0x9B,0xB3,0x84,0x73,0x6E},
+ {0x19,0x9E,0x9D,0x6D,0xF3,0x9A,0xA8,0x16},
+ {0x2A,0x4B,0x4D,0x24,0x52,0x43,0x84,0x27},
+ {0x35,0x84,0x3C,0x01,0x9D,0x18,0xC5,0xB6},
+ {0x4A,0x5B,0x2F,0x42,0xAA,0x77,0x19,0x25},
+ {0xA0,0x6B,0xA9,0xB8,0xCA,0x5B,0x17,0x8A},
+ {0xAB,0x9D,0xB7,0xFB,0xED,0x95,0xF2,0x74},
+ {0x3D,0x25,0x6C,0x23,0xA7,0x25,0x2F,0xD6},
+ {0xB7,0x6F,0xAB,0x4F,0xBD,0xBD,0xB7,0x67},
+ {0x8F,0x68,0x27,0xD6,0x9C,0xF4,0x1A,0x10},
+ {0x82,0x57,0xA1,0xD6,0x50,0x5E,0x81,0x85},
+ {0xA2,0x0F,0x0A,0xCD,0x80,0x89,0x7D,0xFA},
+ {0xCD,0x2A,0x53,0x3A,0xDB,0x0D,0x7E,0xF3},
+ {0xD2,0xC2,0xBE,0x27,0xE8,0x1B,0x68,0xE3},
+ {0xE9,0x24,0xCF,0x4F,0x89,0x3C,0x5B,0x0A},
+ {0xA7,0x18,0xC3,0x9F,0xFA,0x9F,0xD7,0x69},
+ {0x77,0x2C,0x79,0xB1,0xD2,0x31,0x7E,0xB1},
+ {0x49,0xAB,0x92,0x7F,0xD0,0x22,0x00,0xB7},
+ {0xCE,0x1C,0x6C,0x7D,0x85,0xE3,0x4A,0x6F},
+ {0xBE,0x91,0xD6,0xE1,0x27,0xB2,0xE9,0x87},
+ {0x70,0x28,0xAE,0x8F,0xD1,0xF5,0x74,0x1A},
+ {0xAA,0x37,0x80,0xBB,0xF3,0x22,0x1D,0xDE},
+ {0xA6,0xC4,0xD2,0x5E,0x28,0x93,0xAC,0xB3},
+ {0x22,0x07,0x81,0x5A,0xE4,0xB7,0x1A,0xAD},
+ {0xDC,0xCE,0x05,0xE7,0x07,0xBD,0xF5,0x84},
+ {0x26,0x1D,0x39,0x2C,0xB3,0xBA,0xA5,0x85},
+ {0xB4,0xF7,0x0F,0x72,0xFB,0x04,0xF0,0xDC},
+ {0x95,0xBA,0xA9,0x4E,0x87,0x36,0xF2,0x89},
+ {0xD4,0x07,0x3A,0xF1,0x5A,0x17,0x82,0x0E},
+ {0xEF,0x6F,0xAF,0xA7,0x66,0x1A,0x7E,0x89},
+ {0xC1,0x97,0xF5,0x58,0x74,0x8A,0x20,0xE7},
+ {0x43,0x34,0xCF,0xDA,0x22,0xC4,0x86,0xC8},
+ {0x08,0xD7,0xB4,0xFB,0x62,0x9D,0x08,0x85}};
+
+static unsigned char cbc_key [8]={0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef};
+static unsigned char cbc2_key[8]={0xf0,0xe1,0xd2,0xc3,0xb4,0xa5,0x96,0x87};
+static unsigned char cbc3_key[8]={0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10};
+static unsigned char cbc_iv [8]={0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10};
+/* Changed the following text constant to binary so it will work on ebcdic
+ * machines :-) */
+/* static char cbc_data[40]="7654321 Now is the time for \0001"; */
+static char cbc_data[40]={
+ 0x37,0x36,0x35,0x34,0x33,0x32,0x31,0x20,
+ 0x4E,0x6F,0x77,0x20,0x69,0x73,0x20,0x74,
+ 0x68,0x65,0x20,0x74,0x69,0x6D,0x65,0x20,
+ 0x66,0x6F,0x72,0x20,0x00,0x31,0x00,0x00,
+ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+ };
+
+static unsigned char cbc_ok[32]={
+ 0xcc,0xd1,0x73,0xff,0xab,0x20,0x39,0xf4,
+ 0xac,0xd8,0xae,0xfd,0xdf,0xd8,0xa1,0xeb,
+ 0x46,0x8e,0x91,0x15,0x78,0x88,0xba,0x68,
+ 0x1d,0x26,0x93,0x97,0xf7,0xfe,0x62,0xb4};
+
+static unsigned char xcbc_ok[32]={
+ 0x86,0x74,0x81,0x0D,0x61,0xA4,0xA5,0x48,
+ 0xB9,0x93,0x03,0xE1,0xB8,0xBB,0xBD,0xBD,
+ 0x64,0x30,0x0B,0xB9,0x06,0x65,0x81,0x76,
+ 0x04,0x1D,0x77,0x62,0x17,0xCA,0x2B,0xD2,
+ };
+
+static unsigned char cbc3_ok[32]={
+ 0x3F,0xE3,0x01,0xC9,0x62,0xAC,0x01,0xD0,
+ 0x22,0x13,0x76,0x3C,0x1C,0xBD,0x4C,0xDC,
+ 0x79,0x96,0x57,0xC0,0x64,0xEC,0xF5,0xD4,
+ 0x1C,0x67,0x38,0x12,0xCF,0xDE,0x96,0x75};
+
+static unsigned char pcbc_ok[32]={
+ 0xcc,0xd1,0x73,0xff,0xab,0x20,0x39,0xf4,
+ 0x6d,0xec,0xb4,0x70,0xa0,0xe5,0x6b,0x15,
+ 0xae,0xa6,0xbf,0x61,0xed,0x7d,0x9c,0x9f,
+ 0xf7,0x17,0x46,0x3b,0x8a,0xb3,0xcc,0x88};
+
+static unsigned char cfb_key[8]={0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef};
+static unsigned char cfb_iv[8]={0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef};
+static unsigned char cfb_buf1[40],cfb_buf2[40],cfb_tmp[8];
+static unsigned char plain[24]=
+ {
+ 0x4e,0x6f,0x77,0x20,0x69,0x73,
+ 0x20,0x74,0x68,0x65,0x20,0x74,
+ 0x69,0x6d,0x65,0x20,0x66,0x6f,
+ 0x72,0x20,0x61,0x6c,0x6c,0x20
+ };
+static unsigned char cfb_cipher8[24]= {
+ 0xf3,0x1f,0xda,0x07,0x01,0x14, 0x62,0xee,0x18,0x7f,0x43,0xd8,
+ 0x0a,0x7c,0xd9,0xb5,0xb0,0xd2, 0x90,0xda,0x6e,0x5b,0x9a,0x87 };
+static unsigned char cfb_cipher16[24]={
+ 0xF3,0x09,0x87,0x87,0x7F,0x57, 0xF7,0x3C,0x36,0xB6,0xDB,0x70,
+ 0xD8,0xD5,0x34,0x19,0xD3,0x86, 0xB2,0x23,0xB7,0xB2,0xAD,0x1B };
+static unsigned char cfb_cipher32[24]={
+ 0xF3,0x09,0x62,0x49,0xA4,0xDF, 0xA4,0x9F,0x33,0xDC,0x7B,0xAD,
+ 0x4C,0xC8,0x9F,0x64,0xE4,0x53, 0xE5,0xEC,0x67,0x20,0xDA,0xB6 };
+static unsigned char cfb_cipher48[24]={
+ 0xF3,0x09,0x62,0x49,0xC7,0xF4, 0x30,0xB5,0x15,0xEC,0xBB,0x85,
+ 0x97,0x5A,0x13,0x8C,0x68,0x60, 0xE2,0x38,0x34,0x3C,0xDC,0x1F };
+static unsigned char cfb_cipher64[24]={
+ 0xF3,0x09,0x62,0x49,0xC7,0xF4, 0x6E,0x51,0xA6,0x9E,0x83,0x9B,
+ 0x1A,0x92,0xF7,0x84,0x03,0x46, 0x71,0x33,0x89,0x8E,0xA6,0x22 };
+
+static unsigned char ofb_key[8]={0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef};
+static unsigned char ofb_iv[8]={0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef};
+static unsigned char ofb_buf1[24],ofb_buf2[24],ofb_tmp[8];
+static unsigned char ofb_cipher[24]=
+ {
+ 0xf3,0x09,0x62,0x49,0xc7,0xf4,0x6e,0x51,
+ 0x35,0xf2,0x4a,0x24,0x2e,0xeb,0x3d,0x3f,
+ 0x3d,0x6d,0x5b,0xe3,0x25,0x5a,0xf8,0xc3
+ };
+
+DES_LONG cbc_cksum_ret=0xB462FEF7L;
+unsigned char cbc_cksum_data[8]={0x1D,0x26,0x93,0x97,0xf7,0xfe,0x62,0xb4};
+
+#ifndef NOPROTO
+static char *pt(unsigned char *p);
+static int cfb_test(int bits, unsigned char *cfb_cipher);
+static int cfb64_test(unsigned char *cfb_cipher);
+static int ede_cfb64_test(unsigned char *cfb_cipher);
+#else
+static char *pt();
+static int cfb_test();
+static int cfb64_test();
+static int ede_cfb64_test();
+#endif
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ int i,j,err=0;
+ des_cblock in,out,outin,iv3;
+ des_key_schedule ks,ks2,ks3;
+ unsigned char cbc_in[40];
+ unsigned char cbc_out[40];
+ DES_LONG cs;
+ unsigned char qret[4][4],cret[8];
+ DES_LONG lqret[4];
+ int num;
+ char *str;
+
+ printf("Doing ecb\n");
+ for (i=0; i<NUM_TESTS; i++)
+ {
+ if ((j=des_key_sched((C_Block *)(key_data[i]),ks)) != 0)
+ {
+ printf("Key error %2d:%d\n",i+1,j);
+ err=1;
+ }
+ memcpy(in,plain_data[i],8);
+ memset(out,0,8);
+ memset(outin,0,8);
+ des_ecb_encrypt((C_Block *)in,(C_Block *)out,ks,DES_ENCRYPT);
+ des_ecb_encrypt((C_Block *)out,(C_Block *)outin,ks,DES_DECRYPT);
+
+ if (memcmp(out,cipher_data[i],8) != 0)
+ {
+ printf("Encryption error %2d\nk=%s p=%s o=%s act=%s\n",
+ i+1,pt(key_data[i]),pt(in),pt(cipher_data[i]),
+ pt(out));
+ err=1;
+ }
+ if (memcmp(in,outin,8) != 0)
+ {
+ printf("Decryption error %2d\nk=%s p=%s o=%s act=%s\n",
+ i+1,pt(key_data[i]),pt(out),pt(in),pt(outin));
+ err=1;
+ }
+ }
+
+#ifndef LIBDES_LIT
+ printf("Doing ede ecb\n");
+ for (i=0; i<(NUM_TESTS-1); i++)
+ {
+ if ((j=des_key_sched((C_Block *)(key_data[i]),ks)) != 0)
+ {
+ err=1;
+ printf("Key error %2d:%d\n",i+1,j);
+ }
+ if ((j=des_key_sched((C_Block *)(key_data[i+1]),ks2)) != 0)
+ {
+ printf("Key error %2d:%d\n",i+2,j);
+ err=1;
+ }
+ if ((j=des_key_sched((C_Block *)(key_data[i+2]),ks3)) != 0)
+ {
+ printf("Key error %2d:%d\n",i+3,j);
+ err=1;
+ }
+ memcpy(in,plain_data[i],8);
+ memset(out,0,8);
+ memset(outin,0,8);
+ des_ecb2_encrypt((C_Block *)in,(C_Block *)out,ks,ks2,
+ DES_ENCRYPT);
+ des_ecb2_encrypt((C_Block *)out,(C_Block *)outin,ks,ks2,
+ DES_DECRYPT);
+
+ if (memcmp(out,cipher_ecb2[i],8) != 0)
+ {
+ printf("Encryption error %2d\nk=%s p=%s o=%s act=%s\n",
+ i+1,pt(key_data[i]),pt(in),pt(cipher_ecb2[i]),
+ pt(out));
+ err=1;
+ }
+ if (memcmp(in,outin,8) != 0)
+ {
+ printf("Decryption error %2d\nk=%s p=%s o=%s act=%s\n",
+ i+1,pt(key_data[i]),pt(out),pt(in),pt(outin));
+ err=1;
+ }
+ }
+#endif
+
+ printf("Doing cbc\n");
+ if ((j=des_key_sched((C_Block *)cbc_key,ks)) != 0)
+ {
+ printf("Key error %d\n",j);
+ err=1;
+ }
+ memset(cbc_out,0,40);
+ memset(cbc_in,0,40);
+ memcpy(iv3,cbc_iv,sizeof(cbc_iv));
+ des_ncbc_encrypt((C_Block *)cbc_data,(C_Block *)cbc_out,
+ (long)strlen((char *)cbc_data)+1,ks,
+ (C_Block *)iv3,DES_ENCRYPT);
+ if (memcmp(cbc_out,cbc_ok,32) != 0)
+ printf("cbc_encrypt encrypt error\n");
+
+ memcpy(iv3,cbc_iv,sizeof(cbc_iv));
+ des_ncbc_encrypt((C_Block *)cbc_out,(C_Block *)cbc_in,
+ (long)strlen((char *)cbc_data)+1,ks,
+ (C_Block *)iv3,DES_DECRYPT);
+ if (memcmp(cbc_in,cbc_data,strlen((char *)cbc_data)) != 0)
+ {
+ printf("cbc_encrypt decrypt error\n");
+ err=1;
+ }
+
+#ifndef LIBDES_LIT
+ printf("Doing desx cbc\n");
+ if ((j=des_key_sched((C_Block *)cbc_key,ks)) != 0)
+ {
+ printf("Key error %d\n",j);
+ err=1;
+ }
+ memset(cbc_out,0,40);
+ memset(cbc_in,0,40);
+ memcpy(iv3,cbc_iv,sizeof(cbc_iv));
+ des_xcbc_encrypt((C_Block *)cbc_data,(C_Block *)cbc_out,
+ (long)strlen((char *)cbc_data)+1,ks,
+ (C_Block *)iv3,
+ (C_Block *)cbc2_key, (C_Block *)cbc3_key, DES_ENCRYPT);
+ if (memcmp(cbc_out,xcbc_ok,32) != 0)
+ {
+ printf("des_xcbc_encrypt encrypt error\n");
+ }
+ memcpy(iv3,cbc_iv,sizeof(cbc_iv));
+ des_xcbc_encrypt((C_Block *)cbc_out,(C_Block *)cbc_in,
+ (long)strlen((char *)cbc_data)+1,ks,
+ (C_Block *)iv3,
+ (C_Block *)cbc2_key, (C_Block *)cbc3_key, DES_DECRYPT);
+ if (memcmp(cbc_in,cbc_data,strlen((char *)cbc_data)+1) != 0)
+ {
+ printf("des_xcbc_encrypt decrypt error\n");
+ err=1;
+ }
+#endif
+
+ printf("Doing ede cbc\n");
+ if ((j=des_key_sched((C_Block *)cbc_key,ks)) != 0)
+ {
+ printf("Key error %d\n",j);
+ err=1;
+ }
+ if ((j=des_key_sched((C_Block *)cbc2_key,ks2)) != 0)
+ {
+ printf("Key error %d\n",j);
+ err=1;
+ }
+ if ((j=des_key_sched((C_Block *)cbc3_key,ks3)) != 0)
+ {
+ printf("Key error %d\n",j);
+ err=1;
+ }
+ memset(cbc_out,0,40);
+ memset(cbc_in,0,40);
+ i=strlen((char *)cbc_data)+1;
+ /* i=((i+7)/8)*8; */
+ memcpy(iv3,cbc_iv,sizeof(cbc_iv));
+
+ des_ede3_cbc_encrypt((C_Block *)cbc_data,(C_Block *)cbc_out,
+ 16L,ks,ks2,ks3,(C_Block *)iv3,DES_ENCRYPT);
+ des_ede3_cbc_encrypt((C_Block *)&(cbc_data[16]),
+ (C_Block *)&(cbc_out[16]),
+ (long)i-16,ks,ks2,ks3,(C_Block *)iv3,DES_ENCRYPT);
+ if (memcmp(cbc_out,cbc3_ok,
+ (unsigned int)(strlen((char *)cbc_data)+1+7)/8*8) != 0)
+ {
+ printf("des_ede3_cbc_encrypt encrypt error\n");
+ err=1;
+ }
+
+ memcpy(iv3,cbc_iv,sizeof(cbc_iv));
+ des_ede3_cbc_encrypt((C_Block *)cbc_out,(C_Block *)cbc_in,
+ (long)i,ks,ks2,ks3,(C_Block *)iv3,DES_DECRYPT);
+ if (memcmp(cbc_in,cbc_data,strlen(cbc_data)+1) != 0)
+ {
+ printf("des_ede3_cbc_encrypt decrypt error\n");
+ err=1;
+ }
+
+#ifndef LIBDES_LIT
+ printf("Doing pcbc\n");
+ if ((j=des_key_sched((C_Block *)cbc_key,ks)) != 0)
+ {
+ printf("Key error %d\n",j);
+ err=1;
+ }
+ memset(cbc_out,0,40);
+ memset(cbc_in,0,40);
+ des_pcbc_encrypt((C_Block *)cbc_data,(C_Block *)cbc_out,
+ (long)strlen(cbc_data)+1,ks,(C_Block *)cbc_iv,DES_ENCRYPT);
+ if (memcmp(cbc_out,pcbc_ok,32) != 0)
+ {
+ printf("pcbc_encrypt encrypt error\n");
+ err=1;
+ }
+ des_pcbc_encrypt((C_Block *)cbc_out,(C_Block *)cbc_in,
+ (long)strlen(cbc_data)+1,ks,(C_Block *)cbc_iv,DES_DECRYPT);
+ if (memcmp(cbc_in,cbc_data,strlen(cbc_data)+1) != 0)
+ {
+ printf("pcbc_encrypt decrypt error\n");
+ err=1;
+ }
+
+ printf("Doing ");
+ printf("cfb8 ");
+ err+=cfb_test(8,cfb_cipher8);
+ printf("cfb16 ");
+ err+=cfb_test(16,cfb_cipher16);
+ printf("cfb32 ");
+ err+=cfb_test(32,cfb_cipher32);
+ printf("cfb48 ");
+ err+=cfb_test(48,cfb_cipher48);
+ printf("cfb64 ");
+ err+=cfb_test(64,cfb_cipher64);
+
+ printf("cfb64() ");
+ err+=cfb64_test(cfb_cipher64);
+
+ memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
+ for (i=0; i<sizeof(plain); i++)
+ des_cfb_encrypt(&(plain[i]),&(cfb_buf1[i]),
+ 8,(long)1,ks,(C_Block *)cfb_tmp,DES_ENCRYPT);
+ if (memcmp(cfb_cipher8,cfb_buf1,sizeof(plain)) != 0)
+ {
+ printf("cfb_encrypt small encrypt error\n");
+ err=1;
+ }
+
+ memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
+ for (i=0; i<sizeof(plain); i++)
+ des_cfb_encrypt(&(cfb_buf1[i]),&(cfb_buf2[i]),
+ 8,(long)1,ks,(C_Block *)cfb_tmp,DES_DECRYPT);
+ if (memcmp(plain,cfb_buf2,sizeof(plain)) != 0)
+ {
+ printf("cfb_encrypt small decrypt error\n");
+ err=1;
+ }
+
+ printf("ede_cfb64() ");
+ err+=ede_cfb64_test(cfb_cipher64);
+
+ printf("done\n");
+
+ printf("Doing ofb\n");
+ des_key_sched((C_Block *)ofb_key,ks);
+ memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
+ des_ofb_encrypt(plain,ofb_buf1,64,(long)sizeof(plain)/8,ks,
+ (C_Block *)ofb_tmp);
+ if (memcmp(ofb_cipher,ofb_buf1,sizeof(ofb_buf1)) != 0)
+ {
+ printf("ofb_encrypt encrypt error\n");
+printf("%02X %02X %02X %02X %02X %02X %02X %02X\n",
+ofb_buf1[8+0], ofb_buf1[8+1], ofb_buf1[8+2], ofb_buf1[8+3],
+ofb_buf1[8+4], ofb_buf1[8+5], ofb_buf1[8+6], ofb_buf1[8+7]);
+printf("%02X %02X %02X %02X %02X %02X %02X %02X\n",
+ofb_buf1[8+0], ofb_cipher[8+1], ofb_cipher[8+2], ofb_cipher[8+3],
+ofb_buf1[8+4], ofb_cipher[8+5], ofb_cipher[8+6], ofb_cipher[8+7]);
+ err=1;
+ }
+ memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
+ des_ofb_encrypt(ofb_buf1,ofb_buf2,64,(long)sizeof(ofb_buf1)/8,ks,
+ (C_Block *)ofb_tmp);
+ if (memcmp(plain,ofb_buf2,sizeof(ofb_buf2)) != 0)
+ {
+ printf("ofb_encrypt decrypt error\n");
+printf("%02X %02X %02X %02X %02X %02X %02X %02X\n",
+ofb_buf2[8+0], ofb_buf2[8+1], ofb_buf2[8+2], ofb_buf2[8+3],
+ofb_buf2[8+4], ofb_buf2[8+5], ofb_buf2[8+6], ofb_buf2[8+7]);
+printf("%02X %02X %02X %02X %02X %02X %02X %02X\n",
+plain[8+0], plain[8+1], plain[8+2], plain[8+3],
+plain[8+4], plain[8+5], plain[8+6], plain[8+7]);
+ err=1;
+ }
+
+ printf("Doing ofb64\n");
+ des_key_sched((C_Block *)ofb_key,ks);
+ memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
+ memset(ofb_buf1,0,sizeof(ofb_buf1));
+ memset(ofb_buf2,0,sizeof(ofb_buf1));
+ num=0;
+ for (i=0; i<sizeof(plain); i++)
+ {
+ des_ofb64_encrypt(&(plain[i]),&(ofb_buf1[i]),1,ks,
+ (C_Block *)ofb_tmp,&num);
+ }
+ if (memcmp(ofb_cipher,ofb_buf1,sizeof(ofb_buf1)) != 0)
+ {
+ printf("ofb64_encrypt encrypt error\n");
+ err=1;
+ }
+ memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
+ num=0;
+ des_ofb64_encrypt(ofb_buf1,ofb_buf2,(long)sizeof(ofb_buf1),ks,
+ (C_Block *)ofb_tmp,&num);
+ if (memcmp(plain,ofb_buf2,sizeof(ofb_buf2)) != 0)
+ {
+ printf("ofb64_encrypt decrypt error\n");
+ err=1;
+ }
+
+ printf("Doing ede_ofb64\n");
+ des_key_sched((C_Block *)ofb_key,ks);
+ memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
+ memset(ofb_buf1,0,sizeof(ofb_buf1));
+ memset(ofb_buf2,0,sizeof(ofb_buf1));
+ num=0;
+ for (i=0; i<sizeof(plain); i++)
+ {
+ des_ede3_ofb64_encrypt(&(plain[i]),&(ofb_buf1[i]),1,ks,ks,ks,
+ (C_Block *)ofb_tmp,&num);
+ }
+ if (memcmp(ofb_cipher,ofb_buf1,sizeof(ofb_buf1)) != 0)
+ {
+ printf("ede_ofb64_encrypt encrypt error\n");
+ err=1;
+ }
+ memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
+ num=0;
+ des_ede3_ofb64_encrypt(ofb_buf1,ofb_buf2,(long)sizeof(ofb_buf1),ks,
+ ks,ks,(C_Block *)ofb_tmp,&num);
+ if (memcmp(plain,ofb_buf2,sizeof(ofb_buf2)) != 0)
+ {
+ printf("ede_ofb64_encrypt decrypt error\n");
+ err=1;
+ }
+
+ printf("Doing cbc_cksum\n");
+ des_key_sched((C_Block *)cbc_key,ks);
+ cs=des_cbc_cksum((C_Block *)cbc_data,(C_Block *)cret,
+ (long)strlen(cbc_data),ks,(C_Block *)cbc_iv);
+ if (cs != cbc_cksum_ret)
+ {
+ printf("bad return value (%08lX), should be %08lX\n",
+ (unsigned long)cs,(unsigned long)cbc_cksum_ret);
+ err=1;
+ }
+ if (memcmp(cret,cbc_cksum_data,8) != 0)
+ {
+ printf("bad cbc_cksum block returned\n");
+ err=1;
+ }
+
+ printf("Doing quad_cksum\n");
+ cs=quad_cksum((C_Block *)cbc_data,(C_Block *)qret,
+ (long)strlen(cbc_data),2,(C_Block *)cbc_iv);
+ j=sizeof(lqret[0])-4;
+ for (i=0; i<4; i++)
+ {
+ lqret[i]=0;
+ memcpy(&(lqret[i]),&(qret[i][0]),4);
+ if (j > 0) lqret[i]=lqret[i]>>(j*8); /* For Cray */
+ }
+ { /* Big-endian fix */
+ static DES_LONG l=1;
+ static unsigned char *c=(unsigned char *)&l;
+ DES_LONG ll;
+
+ if (!c[0])
+ {
+ ll=lqret[0]^lqret[3];
+ lqret[0]^=ll;
+ lqret[3]^=ll;
+ ll=lqret[1]^lqret[2];
+ lqret[1]^=ll;
+ lqret[2]^=ll;
+ }
+ }
+ if (cs != 0x70d7a63aL)
+ {
+ printf("quad_cksum error, ret %08lx should be 70d7a63a\n",
+ (unsigned long)cs);
+ err=1;
+ }
+ if (lqret[0] != 0x327eba8dL)
+ {
+ printf("quad_cksum error, out[0] %08lx is not %08lx\n",
+ (unsigned long)lqret[0],0x327eba8dL);
+ err=1;
+ }
+ if (lqret[1] != 0x201a49ccL)
+ {
+ printf("quad_cksum error, out[1] %08lx is not %08lx\n",
+ (unsigned long)lqret[1],0x201a49ccL);
+ err=1;
+ }
+ if (lqret[2] != 0x70d7a63aL)
+ {
+ printf("quad_cksum error, out[2] %08lx is not %08lx\n",
+ (unsigned long)lqret[2],0x70d7a63aL);
+ err=1;
+ }
+ if (lqret[3] != 0x501c2c26L)
+ {
+ printf("quad_cksum error, out[3] %08lx is not %08lx\n",
+ (unsigned long)lqret[3],0x501c2c26L);
+ err=1;
+ }
+#endif
+
+ printf("input word alignment test");
+ for (i=0; i<4; i++)
+ {
+ printf(" %d",i);
+ des_ncbc_encrypt((C_Block *)&(cbc_out[i]),(C_Block *)cbc_in,
+ (long)strlen(cbc_data)+1,ks,(C_Block *)cbc_iv,
+ DES_ENCRYPT);
+ }
+ printf("\noutput word alignment test");
+ for (i=0; i<4; i++)
+ {
+ printf(" %d",i);
+ des_ncbc_encrypt((C_Block *)cbc_out,(C_Block *)&(cbc_in[i]),
+ (long)strlen(cbc_data)+1,ks,(C_Block *)cbc_iv,
+ DES_ENCRYPT);
+ }
+ printf("\n");
+ printf("fast crypt test ");
+ str=crypt("testing","ef");
+ if (strcmp("efGnQx2725bI2",str) != 0)
+ {
+ printf("fast crypt error, %s should be efGnQx2725bI2\n",str);
+ err=1;
+ }
+ str=crypt("bca76;23","yA");
+ if (strcmp("yA1Rp/1hZXIJk",str) != 0)
+ {
+ printf("fast crypt error, %s should be yA1Rp/1hZXIJk\n",str);
+ err=1;
+ }
+ printf("\n");
+ exit(err);
+ return(0);
+ }
+
+static char *pt(p)
+unsigned char *p;
+ {
+ static char bufs[10][20];
+ static int bnum=0;
+ char *ret;
+ int i;
+ static char *f="0123456789ABCDEF";
+
+ ret= &(bufs[bnum++][0]);
+ bnum%=10;
+ for (i=0; i<8; i++)
+ {
+ ret[i*2]=f[(p[i]>>4)&0xf];
+ ret[i*2+1]=f[p[i]&0xf];
+ }
+ ret[16]='\0';
+ return(ret);
+ }
+
+#ifndef LIBDES_LIT
+
+static int cfb_test(bits, cfb_cipher)
+int bits;
+unsigned char *cfb_cipher;
+ {
+ des_key_schedule ks;
+ int i,err=0;
+
+ des_key_sched((C_Block *)cfb_key,ks);
+ memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
+ des_cfb_encrypt(plain,cfb_buf1,bits,(long)sizeof(plain),ks,
+ (C_Block *)cfb_tmp,DES_ENCRYPT);
+ if (memcmp(cfb_cipher,cfb_buf1,sizeof(plain)) != 0)
+ {
+ err=1;
+ printf("cfb_encrypt encrypt error\n");
+ for (i=0; i<24; i+=8)
+ printf("%s\n",pt(&(cfb_buf1[i])));
+ }
+ memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
+ des_cfb_encrypt(cfb_buf1,cfb_buf2,bits,(long)sizeof(plain),ks,
+ (C_Block *)cfb_tmp,DES_DECRYPT);
+ if (memcmp(plain,cfb_buf2,sizeof(plain)) != 0)
+ {
+ err=1;
+ printf("cfb_encrypt decrypt error\n");
+ for (i=0; i<24; i+=8)
+ printf("%s\n",pt(&(cfb_buf1[i])));
+ }
+ return(err);
+ }
+
+static int cfb64_test(cfb_cipher)
+unsigned char *cfb_cipher;
+ {
+ des_key_schedule ks;
+ int err=0,i,n;
+
+ des_key_sched((C_Block *)cfb_key,ks);
+ memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
+ n=0;
+ des_cfb64_encrypt(plain,cfb_buf1,(long)12,ks,
+ (C_Block *)cfb_tmp,&n,DES_ENCRYPT);
+ des_cfb64_encrypt(&(plain[12]),&(cfb_buf1[12]),
+ (long)sizeof(plain)-12,ks,
+ (C_Block *)cfb_tmp,&n,DES_ENCRYPT);
+ if (memcmp(cfb_cipher,cfb_buf1,sizeof(plain)) != 0)
+ {
+ err=1;
+ printf("cfb_encrypt encrypt error\n");
+ for (i=0; i<24; i+=8)
+ printf("%s\n",pt(&(cfb_buf1[i])));
+ }
+ memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
+ n=0;
+ des_cfb64_encrypt(cfb_buf1,cfb_buf2,(long)17,ks,
+ (C_Block *)cfb_tmp,&n,DES_DECRYPT);
+ des_cfb64_encrypt(&(cfb_buf1[17]),&(cfb_buf2[17]),
+ (long)sizeof(plain)-17,ks,
+ (C_Block *)cfb_tmp,&n,DES_DECRYPT);
+ if (memcmp(plain,cfb_buf2,sizeof(plain)) != 0)
+ {
+ err=1;
+ printf("cfb_encrypt decrypt error\n");
+ for (i=0; i<24; i+=8)
+ printf("%s\n",pt(&(cfb_buf2[i])));
+ }
+ return(err);
+ }
+
+static int ede_cfb64_test(cfb_cipher)
+unsigned char *cfb_cipher;
+ {
+ des_key_schedule ks;
+ int err=0,i,n;
+
+ des_key_sched((C_Block *)cfb_key,ks);
+ memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
+ n=0;
+ des_ede3_cfb64_encrypt(plain,cfb_buf1,(long)12,ks,ks,ks,
+ (C_Block *)cfb_tmp,&n,DES_ENCRYPT);
+ des_ede3_cfb64_encrypt(&(plain[12]),&(cfb_buf1[12]),
+ (long)sizeof(plain)-12,ks,ks,ks,
+ (C_Block *)cfb_tmp,&n,DES_ENCRYPT);
+ if (memcmp(cfb_cipher,cfb_buf1,sizeof(plain)) != 0)
+ {
+ err=1;
+ printf("ede_cfb_encrypt encrypt error\n");
+ for (i=0; i<24; i+=8)
+ printf("%s\n",pt(&(cfb_buf1[i])));
+ }
+ memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
+ n=0;
+ des_ede3_cfb64_encrypt(cfb_buf1,cfb_buf2,(long)17,ks,ks,ks,
+ (C_Block *)cfb_tmp,&n,DES_DECRYPT);
+ des_ede3_cfb64_encrypt(&(cfb_buf1[17]),&(cfb_buf2[17]),
+ (long)sizeof(plain)-17,ks,ks,ks,
+ (C_Block *)cfb_tmp,&n,DES_DECRYPT);
+ if (memcmp(plain,cfb_buf2,sizeof(plain)) != 0)
+ {
+ err=1;
+ printf("ede_cfb_encrypt decrypt error\n");
+ for (i=0; i<24; i+=8)
+ printf("%s\n",pt(&(cfb_buf2[i])));
+ }
+ return(err);
+ }
+
+#endif
+
diff --git a/src/lib/libssl/src/crypto/des/ecb3_enc.c b/src/lib/libssl/src/crypto/des/ecb3_enc.c
new file mode 100644
index 0000000000..140f6b5285
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/ecb3_enc.c
@@ -0,0 +1,87 @@
+/* crypto/des/ecb3_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+void des_ecb3_encrypt(input, output, ks1, ks2, ks3, enc)
+des_cblock (*input);
+des_cblock (*output);
+des_key_schedule ks1;
+des_key_schedule ks2;
+des_key_schedule ks3;
+int enc;
+ {
+ register DES_LONG l0,l1;
+ register unsigned char *in,*out;
+ DES_LONG ll[2];
+
+ in=(unsigned char *)input;
+ out=(unsigned char *)output;
+ c2l(in,l0);
+ c2l(in,l1);
+ ll[0]=l0;
+ ll[1]=l1;
+ if (enc)
+ des_encrypt3(ll,ks1,ks2,ks3);
+ else
+ des_decrypt3(ll,ks1,ks2,ks3);
+ l0=ll[0];
+ l1=ll[1];
+ l2c(l0,out);
+ l2c(l1,out);
+ }
diff --git a/src/lib/libssl/src/crypto/des/ecb_enc.c b/src/lib/libssl/src/crypto/des/ecb_enc.c
new file mode 100644
index 0000000000..acf23fdd00
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/ecb_enc.c
@@ -0,0 +1,124 @@
+/* crypto/des/ecb_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+#include "spr.h"
+
+char *libdes_version="libdes v 3.24 - 20-Apr-1996 - eay";
+char *DES_version="DES part of SSLeay 0.9.0b 29-Jun-1998";
+
+char *des_options()
+ {
+ static int init=1;
+ static char buf[32];
+
+ if (init)
+ {
+ char *ptr,*unroll,*risc,*size;
+
+ init=0;
+#ifdef DES_PTR
+ ptr="ptr";
+#else
+ ptr="idx";
+#endif
+#if defined(DES_RISC1) || defined(DES_RISC2)
+#ifdef DES_RISC1
+ risc="risc1";
+#endif
+#ifdef DES_RISC2
+ risc="risc2";
+#endif
+#else
+ risc="cisc";
+#endif
+#ifdef DES_UNROLL
+ unroll="16";
+#else
+ unroll="4";
+#endif
+ if (sizeof(DES_LONG) != sizeof(long))
+ size="int";
+ else
+ size="long";
+ sprintf(buf,"des(%s,%s,%s,%s)",ptr,risc,unroll,size);
+ }
+ return(buf);
+ }
+
+
+void des_ecb_encrypt(input, output, ks, enc)
+des_cblock (*input);
+des_cblock (*output);
+des_key_schedule ks;
+int enc;
+ {
+ register DES_LONG l;
+ register unsigned char *in,*out;
+ DES_LONG ll[2];
+
+ in=(unsigned char *)input;
+ out=(unsigned char *)output;
+ c2l(in,l); ll[0]=l;
+ c2l(in,l); ll[1]=l;
+ des_encrypt(ll,ks,enc);
+ l=ll[0]; l2c(l,out);
+ l=ll[1]; l2c(l,out);
+ l=ll[0]=ll[1]=0;
+ }
+
diff --git a/src/lib/libssl/src/crypto/des/enc_read.c b/src/lib/libssl/src/crypto/des/enc_read.c
new file mode 100644
index 0000000000..e08a904d75
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/enc_read.c
@@ -0,0 +1,218 @@
+/* crypto/des/enc_read.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#include "des_locl.h"
+
+/* This has some uglies in it but it works - even over sockets. */
+/*extern int errno;*/
+int des_rw_mode=DES_PCBC_MODE;
+
+int des_enc_read(fd, buf, len, sched, iv)
+int fd;
+char *buf;
+int len;
+des_key_schedule sched;
+des_cblock (*iv);
+ {
+ /* data to be unencrypted */
+ int net_num=0;
+ static unsigned char *net=NULL;
+ /* extra unencrypted data
+ * for when a block of 100 comes in but is des_read one byte at
+ * a time. */
+ static char *unnet=NULL;
+ static int unnet_start=0;
+ static int unnet_left=0;
+ static char *tmpbuf=NULL;
+ int i;
+ long num=0,rnum;
+ unsigned char *p;
+
+ if (tmpbuf == NULL)
+ {
+ tmpbuf=(char *)malloc(BSIZE);
+ if (tmpbuf == NULL) return(-1);
+ }
+ if (net == NULL)
+ {
+ net=(unsigned char *)malloc(BSIZE);
+ if (net == NULL) return(-1);
+ }
+ if (unnet == NULL)
+ {
+ unnet=(char *)malloc(BSIZE);
+ if (unnet == NULL) return(-1);
+ }
+ /* left over data from last decrypt */
+ if (unnet_left != 0)
+ {
+ if (unnet_left < len)
+ {
+ /* we still still need more data but will return
+ * with the number of bytes we have - should always
+ * check the return value */
+ memcpy(buf,&(unnet[unnet_start]),
+ (unsigned int)unnet_left);
+ /* eay 26/08/92 I had the next 2 lines
+ * reversed :-( */
+ i=unnet_left;
+ unnet_start=unnet_left=0;
+ }
+ else
+ {
+ memcpy(buf,&(unnet[unnet_start]),(unsigned int)len);
+ unnet_start+=len;
+ unnet_left-=len;
+ i=len;
+ }
+ return(i);
+ }
+
+ /* We need to get more data. */
+ if (len > MAXWRITE) len=MAXWRITE;
+
+ /* first - get the length */
+ while (net_num < HDRSIZE)
+ {
+ i=read(fd,&(net[net_num]),(unsigned int)HDRSIZE-net_num);
+#ifdef EINTR
+ if ((i == -1) && (errno == EINTR)) continue;
+#endif
+ if (i <= 0) return(0);
+ net_num+=i;
+ }
+
+ /* we now have at net_num bytes in net */
+ p=net;
+ /* num=0; */
+ n2l(p,num);
+ /* num should be rounded up to the next group of eight
+ * we make sure that we have read a multiple of 8 bytes from the net.
+ */
+ if ((num > MAXWRITE) || (num < 0)) /* error */
+ return(-1);
+ rnum=(num < 8)?8:((num+7)/8*8);
+
+ net_num=0;
+ while (net_num < rnum)
+ {
+ i=read(fd,&(net[net_num]),(unsigned int)rnum-net_num);
+#ifdef EINTR
+ if ((i == -1) && (errno == EINTR)) continue;
+#endif
+ if (i <= 0) return(0);
+ net_num+=i;
+ }
+
+ /* Check if there will be data left over. */
+ if (len < num)
+ {
+ if (des_rw_mode & DES_PCBC_MODE)
+ des_pcbc_encrypt((des_cblock *)net,(des_cblock *)unnet,
+ num,sched,iv,DES_DECRYPT);
+ else
+ des_cbc_encrypt((des_cblock *)net,(des_cblock *)unnet,
+ num,sched,iv,DES_DECRYPT);
+ memcpy(buf,unnet,(unsigned int)len);
+ unnet_start=len;
+ unnet_left=(int)num-len;
+
+ /* The following line is done because we return num
+ * as the number of bytes read. */
+ num=len;
+ }
+ else
+ {
+ /* >output is a multiple of 8 byes, if len < rnum
+ * >we must be careful. The user must be aware that this
+ * >routine will write more bytes than he asked for.
+ * >The length of the buffer must be correct.
+ * FIXED - Should be ok now 18-9-90 - eay */
+ if (len < rnum)
+ {
+
+ if (des_rw_mode & DES_PCBC_MODE)
+ des_pcbc_encrypt((des_cblock *)net,
+ (des_cblock *)tmpbuf,
+ num,sched,iv,DES_DECRYPT);
+ else
+ des_cbc_encrypt((des_cblock *)net,
+ (des_cblock *)tmpbuf,
+ num,sched,iv,DES_DECRYPT);
+
+ /* eay 26/08/92 fix a bug that returned more
+ * bytes than you asked for (returned len bytes :-( */
+ memcpy(buf,tmpbuf,(unsigned int)num);
+ }
+ else
+ {
+ if (des_rw_mode & DES_PCBC_MODE)
+ des_pcbc_encrypt((des_cblock *)net,
+ (des_cblock *)buf,num,sched,iv,
+ DES_DECRYPT);
+ else
+ des_cbc_encrypt((des_cblock *)net,
+ (des_cblock *)buf,num,sched,iv,
+ DES_DECRYPT);
+ }
+ }
+ return((int)num);
+ }
+
diff --git a/src/lib/libssl/src/crypto/des/enc_writ.c b/src/lib/libssl/src/crypto/des/enc_writ.c
new file mode 100644
index 0000000000..29a7330fb0
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/enc_writ.c
@@ -0,0 +1,160 @@
+/* crypto/des/enc_writ.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <errno.h>
+#include <time.h>
+#include "des_locl.h"
+
+int des_enc_write(fd, buf, len, sched, iv)
+int fd;
+char *buf;
+int len;
+des_key_schedule sched;
+des_cblock (*iv);
+ {
+#ifdef _LIBC
+ extern int srandom();
+ extern unsigned long time();
+ extern int random();
+ extern int write();
+#endif
+
+ long rnum;
+ int i,j,k,outnum;
+ static char *outbuf=NULL;
+ char shortbuf[8];
+ char *p;
+ static int start=1;
+
+ if (outbuf == NULL)
+ {
+ outbuf=(char *)malloc(BSIZE+HDRSIZE);
+ if (outbuf == NULL) return(-1);
+ }
+ /* If we are sending less than 8 bytes, the same char will look
+ * the same if we don't pad it out with random bytes */
+ if (start)
+ {
+ start=0;
+ srandom((unsigned int)time(NULL));
+ }
+
+ /* lets recurse if we want to send the data in small chunks */
+ if (len > MAXWRITE)
+ {
+ j=0;
+ for (i=0; i<len; i+=k)
+ {
+ k=des_enc_write(fd,&(buf[i]),
+ ((len-i) > MAXWRITE)?MAXWRITE:(len-i),sched,iv);
+ if (k < 0)
+ return(k);
+ else
+ j+=k;
+ }
+ return(j);
+ }
+
+ /* write length first */
+ p=outbuf;
+ l2n(len,p);
+
+ /* pad short strings */
+ if (len < 8)
+ {
+ p=shortbuf;
+ memcpy(shortbuf,buf,(unsigned int)len);
+ for (i=len; i<8; i++)
+ shortbuf[i]=random();
+ rnum=8;
+ }
+ else
+ {
+ p=buf;
+ rnum=((len+7)/8*8); /* round up to nearest eight */
+ }
+
+ if (des_rw_mode & DES_PCBC_MODE)
+ des_pcbc_encrypt((des_cblock *)p,
+ (des_cblock *)&(outbuf[HDRSIZE]),
+ (long)((len<8)?8:len),sched,iv,DES_ENCRYPT);
+ else
+ des_cbc_encrypt((des_cblock *)p,
+ (des_cblock *)&(outbuf[HDRSIZE]),
+ (long)((len<8)?8:len),sched,iv,DES_ENCRYPT);
+
+ /* output */
+ outnum=(int)rnum+HDRSIZE;
+
+ for (j=0; j<outnum; j+=i)
+ {
+ /* eay 26/08/92 I was not doing writing from where we
+ * got upto. */
+ i=write(fd,&(outbuf[j]),(unsigned int)(outnum-j));
+ if (i == -1)
+ {
+ if (errno == EINTR)
+ i=0;
+ else /* This is really a bad error - very bad
+ * It will stuff-up both ends. */
+ return(-1);
+ }
+ }
+
+ return(len);
+ }
diff --git a/src/lib/libssl/src/crypto/des/fcrypt.c b/src/lib/libssl/src/crypto/des/fcrypt.c
new file mode 100644
index 0000000000..129beb27da
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/fcrypt.c
@@ -0,0 +1,153 @@
+/* NOCW */
+#include <stdio.h>
+
+/* This version of crypt has been developed from my MIT compatable
+ * DES library.
+ * The library is available at pub/Crypto/DES at ftp.psy.uq.oz.au
+ * Eric Young (eay@cryptsoft.com)
+ */
+
+/* Modification by Jens Kupferschmidt (Cu)
+ * I have included directive PARA for shared memory computers.
+ * I have included a directive LONGCRYPT to using this routine to cipher
+ * passwords with more then 8 bytes like HP-UX 10.x it used. The MAXPLEN
+ * definition is the maximum of lenght of password and can changed. I have
+ * defined 24.
+ */
+
+#include "des_locl.h"
+
+/* Added more values to handle illegal salt values the way normal
+ * crypt() implementations do. The patch was sent by
+ * Bjorn Gronvall <bg@sics.se>
+ */
+static unsigned const char con_salt[128]={
+0xD2,0xD3,0xD4,0xD5,0xD6,0xD7,0xD8,0xD9,
+0xDA,0xDB,0xDC,0xDD,0xDE,0xDF,0xE0,0xE1,
+0xE2,0xE3,0xE4,0xE5,0xE6,0xE7,0xE8,0xE9,
+0xEA,0xEB,0xEC,0xED,0xEE,0xEF,0xF0,0xF1,
+0xF2,0xF3,0xF4,0xF5,0xF6,0xF7,0xF8,0xF9,
+0xFA,0xFB,0xFC,0xFD,0xFE,0xFF,0x00,0x01,
+0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,
+0x0A,0x0B,0x05,0x06,0x07,0x08,0x09,0x0A,
+0x0B,0x0C,0x0D,0x0E,0x0F,0x10,0x11,0x12,
+0x13,0x14,0x15,0x16,0x17,0x18,0x19,0x1A,
+0x1B,0x1C,0x1D,0x1E,0x1F,0x20,0x21,0x22,
+0x23,0x24,0x25,0x20,0x21,0x22,0x23,0x24,
+0x25,0x26,0x27,0x28,0x29,0x2A,0x2B,0x2C,
+0x2D,0x2E,0x2F,0x30,0x31,0x32,0x33,0x34,
+0x35,0x36,0x37,0x38,0x39,0x3A,0x3B,0x3C,
+0x3D,0x3E,0x3F,0x40,0x41,0x42,0x43,0x44,
+};
+
+static unsigned const char cov_2char[64]={
+0x2E,0x2F,0x30,0x31,0x32,0x33,0x34,0x35,
+0x36,0x37,0x38,0x39,0x41,0x42,0x43,0x44,
+0x45,0x46,0x47,0x48,0x49,0x4A,0x4B,0x4C,
+0x4D,0x4E,0x4F,0x50,0x51,0x52,0x53,0x54,
+0x55,0x56,0x57,0x58,0x59,0x5A,0x61,0x62,
+0x63,0x64,0x65,0x66,0x67,0x68,0x69,0x6A,
+0x6B,0x6C,0x6D,0x6E,0x6F,0x70,0x71,0x72,
+0x73,0x74,0x75,0x76,0x77,0x78,0x79,0x7A
+};
+
+#ifndef NOPROTO
+void fcrypt_body(DES_LONG *out,des_key_schedule ks,
+ DES_LONG Eswap0, DES_LONG Eswap1);
+
+#if defined(PERL5) || defined(FreeBSD)
+char *des_crypt(const char *buf,const char *salt);
+#else
+char *crypt(const char *buf,const char *salt);
+#endif
+#else
+void fcrypt_body();
+#ifdef PERL5
+char *des_crypt();
+#else
+char *crypt();
+#endif
+#endif
+
+#if defined(PERL5) || defined(FreeBSD)
+char *des_crypt(buf,salt)
+#else
+char *crypt(buf,salt)
+#endif
+const char *buf;
+const char *salt;
+ {
+ static char buff[14];
+
+ return(des_fcrypt(buf,salt,buff));
+ }
+
+
+char *des_fcrypt(buf,salt,ret)
+const char *buf;
+const char *salt;
+char *ret;
+ {
+ unsigned int i,j,x,y;
+ DES_LONG Eswap0,Eswap1;
+ DES_LONG out[2],ll;
+ des_cblock key;
+ des_key_schedule ks;
+ unsigned char bb[9];
+ unsigned char *b=bb;
+ unsigned char c,u;
+
+ /* eay 25/08/92
+ * If you call crypt("pwd","*") as often happens when you
+ * have * as the pwd field in /etc/passwd, the function
+ * returns *\0XXXXXXXXX
+ * The \0 makes the string look like * so the pwd "*" would
+ * crypt to "*". This was found when replacing the crypt in
+ * our shared libraries. People found that the disbled
+ * accounts effectivly had no passwd :-(. */
+ x=ret[0]=((salt[0] == '\0')?'A':salt[0]);
+ Eswap0=con_salt[x]<<2;
+ x=ret[1]=((salt[1] == '\0')?'A':salt[1]);
+ Eswap1=con_salt[x]<<6;
+
+/* EAY
+r=strlen(buf);
+r=(r+7)/8;
+*/
+ for (i=0; i<8; i++)
+ {
+ c= *(buf++);
+ if (!c) break;
+ key[i]=(c<<1);
+ }
+ for (; i<8; i++)
+ key[i]=0;
+
+ des_set_key((des_cblock *)(key),ks);
+ fcrypt_body(&(out[0]),ks,Eswap0,Eswap1);
+
+ ll=out[0]; l2c(ll,b);
+ ll=out[1]; l2c(ll,b);
+ y=0;
+ u=0x80;
+ bb[8]=0;
+ for (i=2; i<13; i++)
+ {
+ c=0;
+ for (j=0; j<6; j++)
+ {
+ c<<=1;
+ if (bb[y] & u) c|=1;
+ u>>=1;
+ if (!u)
+ {
+ y++;
+ u=0x80;
+ }
+ }
+ ret[i]=cov_2char[c];
+ }
+ ret[13]='\0';
+ return(ret);
+ }
+
diff --git a/src/lib/libssl/src/crypto/des/fcrypt_b.c b/src/lib/libssl/src/crypto/des/fcrypt_b.c
new file mode 100644
index 0000000000..1544634bc1
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/fcrypt_b.c
@@ -0,0 +1,148 @@
+/* crypto/des/fcrypt_b.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+
+/* This version of crypt has been developed from my MIT compatable
+ * DES library.
+ * The library is available at pub/Crypto/DES at ftp.psy.uq.oz.au
+ * Eric Young (eay@cryptsoft.com)
+ */
+
+#define DES_FCRYPT
+#include "des_locl.h"
+#undef DES_FCRYPT
+
+#undef PERM_OP
+#define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
+ (b)^=(t),\
+ (a)^=((t)<<(n)))
+
+#undef HPERM_OP
+#define HPERM_OP(a,t,n,m) ((t)=((((a)<<(16-(n)))^(a))&(m)),\
+ (a)=(a)^(t)^(t>>(16-(n))))\
+
+void fcrypt_body(out, ks, Eswap0, Eswap1)
+DES_LONG *out;
+des_key_schedule ks;
+DES_LONG Eswap0;
+DES_LONG Eswap1;
+ {
+ register DES_LONG l,r,t,u;
+#ifdef DES_PTR
+ register unsigned char *des_SP=(unsigned char *)des_SPtrans;
+#endif
+ register DES_LONG *s;
+ register int j;
+ register DES_LONG E0,E1;
+
+ l=0;
+ r=0;
+
+ s=(DES_LONG *)ks;
+ E0=Eswap0;
+ E1=Eswap1;
+
+ for (j=0; j<25; j++)
+ {
+#ifdef DES_UNROLL
+ register int i;
+
+ for (i=0; i<32; i+=8)
+ {
+ D_ENCRYPT(l,r,i+0); /* 1 */
+ D_ENCRYPT(r,l,i+2); /* 2 */
+ D_ENCRYPT(l,r,i+4); /* 1 */
+ D_ENCRYPT(r,l,i+6); /* 2 */
+ }
+#else
+ D_ENCRYPT(l,r, 0); /* 1 */
+ D_ENCRYPT(r,l, 2); /* 2 */
+ D_ENCRYPT(l,r, 4); /* 3 */
+ D_ENCRYPT(r,l, 6); /* 4 */
+ D_ENCRYPT(l,r, 8); /* 5 */
+ D_ENCRYPT(r,l,10); /* 6 */
+ D_ENCRYPT(l,r,12); /* 7 */
+ D_ENCRYPT(r,l,14); /* 8 */
+ D_ENCRYPT(l,r,16); /* 9 */
+ D_ENCRYPT(r,l,18); /* 10 */
+ D_ENCRYPT(l,r,20); /* 11 */
+ D_ENCRYPT(r,l,22); /* 12 */
+ D_ENCRYPT(l,r,24); /* 13 */
+ D_ENCRYPT(r,l,26); /* 14 */
+ D_ENCRYPT(l,r,28); /* 15 */
+ D_ENCRYPT(r,l,30); /* 16 */
+#endif
+
+ t=l;
+ l=r;
+ r=t;
+ }
+ l=ROTATE(l,3)&0xffffffffL;
+ r=ROTATE(r,3)&0xffffffffL;
+
+ PERM_OP(l,r,t, 1,0x55555555L);
+ PERM_OP(r,l,t, 8,0x00ff00ffL);
+ PERM_OP(l,r,t, 2,0x33333333L);
+ PERM_OP(r,l,t,16,0x0000ffffL);
+ PERM_OP(l,r,t, 4,0x0f0f0f0fL);
+
+ out[0]=r;
+ out[1]=l;
+ }
+
diff --git a/src/lib/libssl/src/crypto/des/makefile.bc b/src/lib/libssl/src/crypto/des/makefile.bc
new file mode 100644
index 0000000000..1fe6d4915a
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/makefile.bc
@@ -0,0 +1,50 @@
+#
+# Origional BC Makefile from Teun <Teun.Nijssen@kub.nl>
+#
+#
+CC = bcc
+TLIB = tlib /0 /C
+# note: the -3 flag produces code for 386, 486, Pentium etc; omit it for 286s
+OPTIMIZE= -3 -O2
+#WINDOWS= -W
+CFLAGS = -c -ml -d $(OPTIMIZE) $(WINDOWS) -DMSDOS
+LFLAGS = -ml $(WINDOWS)
+
+.c.obj:
+ $(CC) $(CFLAGS) $*.c
+
+.obj.exe:
+ $(CC) $(LFLAGS) -e$*.exe $*.obj libdes.lib
+
+all: $(LIB) destest.exe rpw.exe des.exe speed.exe
+
+# "make clean": use a directory containing only libdes .exe and .obj files...
+clean:
+ del *.exe
+ del *.obj
+ del libdes.lib
+ del libdes.rsp
+
+OBJS= cbc_cksm.obj cbc_enc.obj ecb_enc.obj pcbc_enc.obj \
+ qud_cksm.obj rand_key.obj set_key.obj str2key.obj \
+ enc_read.obj enc_writ.obj fcrypt.obj cfb_enc.obj \
+ ecb3_enc.obj ofb_enc.obj cbc3_enc.obj read_pwd.obj\
+ cfb64enc.obj ofb64enc.obj ede_enc.obj cfb64ede.obj\
+ ofb64ede.obj supp.obj
+
+LIB= libdes.lib
+
+$(LIB): $(OBJS)
+ del $(LIB)
+ makersp "+%s &\n" &&|
+ $(OBJS)
+| >libdes.rsp
+ $(TLIB) libdes.lib @libdes.rsp,nul
+ del libdes.rsp
+
+destest.exe: destest.obj libdes.lib
+rpw.exe: rpw.obj libdes.lib
+speed.exe: speed.obj libdes.lib
+des.exe: des.obj libdes.lib
+
+
diff --git a/src/lib/libssl/src/crypto/des/ncbc_enc.c b/src/lib/libssl/src/crypto/des/ncbc_enc.c
new file mode 100644
index 0000000000..1d1a368c22
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/ncbc_enc.c
@@ -0,0 +1,130 @@
+/* crypto/des/ncbc_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+void des_ncbc_encrypt(input, output, length, schedule, ivec, enc)
+des_cblock (*input);
+des_cblock (*output);
+long length;
+des_key_schedule schedule;
+des_cblock (*ivec);
+int enc;
+ {
+ register DES_LONG tin0,tin1;
+ register DES_LONG tout0,tout1,xor0,xor1;
+ register unsigned char *in,*out;
+ register long l=length;
+ DES_LONG tin[2];
+ unsigned char *iv;
+
+ in=(unsigned char *)input;
+ out=(unsigned char *)output;
+ iv=(unsigned char *)ivec;
+
+ if (enc)
+ {
+ c2l(iv,tout0);
+ c2l(iv,tout1);
+ for (l-=8; l>=0; l-=8)
+ {
+ c2l(in,tin0);
+ c2l(in,tin1);
+ tin0^=tout0; tin[0]=tin0;
+ tin1^=tout1; tin[1]=tin1;
+ des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
+ tout0=tin[0]; l2c(tout0,out);
+ tout1=tin[1]; l2c(tout1,out);
+ }
+ if (l != -8)
+ {
+ c2ln(in,tin0,tin1,l+8);
+ tin0^=tout0; tin[0]=tin0;
+ tin1^=tout1; tin[1]=tin1;
+ des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
+ tout0=tin[0]; l2c(tout0,out);
+ tout1=tin[1]; l2c(tout1,out);
+ }
+ iv=(unsigned char *)ivec;
+ l2c(tout0,iv);
+ l2c(tout1,iv);
+ }
+ else
+ {
+ c2l(iv,xor0);
+ c2l(iv,xor1);
+ for (l-=8; l>=0; l-=8)
+ {
+ c2l(in,tin0); tin[0]=tin0;
+ c2l(in,tin1); tin[1]=tin1;
+ des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT);
+ tout0=tin[0]^xor0;
+ tout1=tin[1]^xor1;
+ l2c(tout0,out);
+ l2c(tout1,out);
+ xor0=tin0;
+ xor1=tin1;
+ }
+ iv=(unsigned char *)ivec;
+ l2c(xor0,iv);
+ l2c(xor1,iv);
+ }
+ tin0=tin1=tout0=tout1=xor0=xor1=0;
+ tin[0]=tin[1]=0;
+ }
+
diff --git a/src/lib/libssl/src/crypto/des/ofb64ede.c b/src/lib/libssl/src/crypto/des/ofb64ede.c
new file mode 100644
index 0000000000..4b1b0199f1
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/ofb64ede.c
@@ -0,0 +1,131 @@
+/* crypto/des/ofb64ede.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+/* The input and output encrypted as though 64bit ofb mode is being
+ * used. The extra state information to record how much of the
+ * 64bit block we have used is contained in *num;
+ */
+void des_ede3_ofb64_encrypt(in, out, length, k1,k2,k3, ivec, num)
+register unsigned char *in;
+register unsigned char *out;
+long length;
+des_key_schedule k1,k2,k3;
+des_cblock (*ivec);
+int *num;
+ {
+ register DES_LONG v0,v1;
+ register int n= *num;
+ register long l=length;
+ des_cblock d;
+ register char *dp;
+ DES_LONG ti[2];
+ unsigned char *iv;
+ int save=0;
+
+ iv=(unsigned char *)ivec;
+ c2l(iv,v0);
+ c2l(iv,v1);
+ ti[0]=v0;
+ ti[1]=v1;
+ dp=(char *)d;
+ l2c(v0,dp);
+ l2c(v1,dp);
+ while (l--)
+ {
+ if (n == 0)
+ {
+ /* ti[0]=v0; */
+ /* ti[1]=v1; */
+ des_encrypt3((DES_LONG *)ti,k1,k2,k3);
+ v0=ti[0];
+ v1=ti[1];
+
+ dp=(char *)d;
+ l2c(v0,dp);
+ l2c(v1,dp);
+ save++;
+ }
+ *(out++)= *(in++)^d[n];
+ n=(n+1)&0x07;
+ }
+ if (save)
+ {
+/* v0=ti[0];
+ v1=ti[1];*/
+ iv=(unsigned char *)ivec;
+ l2c(v0,iv);
+ l2c(v1,iv);
+ }
+ v0=v1=ti[0]=ti[1]=0;
+ *num=n;
+ }
+
+#ifdef undef /* MACRO */
+void des_ede2_ofb64_encrypt(in, out, length, k1,k2, ivec, num)
+register unsigned char *in;
+register unsigned char *out;
+long length;
+des_key_schedule k1,k2;
+des_cblock (*ivec);
+int *num;
+ {
+ des_ede3_ofb64_encrypt(in, out, length, k1,k2,k1, ivec, num);
+ }
+#endif
diff --git a/src/lib/libssl/src/crypto/des/ofb64enc.c b/src/lib/libssl/src/crypto/des/ofb64enc.c
new file mode 100644
index 0000000000..ea7e612697
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/ofb64enc.c
@@ -0,0 +1,114 @@
+/* crypto/des/ofb64enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+/* The input and output encrypted as though 64bit ofb mode is being
+ * used. The extra state information to record how much of the
+ * 64bit block we have used is contained in *num;
+ */
+void des_ofb64_encrypt(in, out, length, schedule, ivec, num)
+register unsigned char *in;
+register unsigned char *out;
+long length;
+des_key_schedule schedule;
+des_cblock (*ivec);
+int *num;
+ {
+ register DES_LONG v0,v1,t;
+ register int n= *num;
+ register long l=length;
+ des_cblock d;
+ register char *dp;
+ DES_LONG ti[2];
+ unsigned char *iv;
+ int save=0;
+
+ iv=(unsigned char *)ivec;
+ c2l(iv,v0);
+ c2l(iv,v1);
+ ti[0]=v0;
+ ti[1]=v1;
+ dp=(char *)d;
+ l2c(v0,dp);
+ l2c(v1,dp);
+ while (l--)
+ {
+ if (n == 0)
+ {
+ des_encrypt((DES_LONG *)ti,schedule,DES_ENCRYPT);
+ dp=(char *)d;
+ t=ti[0]; l2c(t,dp);
+ t=ti[1]; l2c(t,dp);
+ save++;
+ }
+ *(out++)= *(in++)^d[n];
+ n=(n+1)&0x07;
+ }
+ if (save)
+ {
+ v0=ti[0];
+ v1=ti[1];
+ iv=(unsigned char *)ivec;
+ l2c(v0,iv);
+ l2c(v1,iv);
+ }
+ t=v0=v1=ti[0]=ti[1]=0;
+ *num=n;
+ }
+
diff --git a/src/lib/libssl/src/crypto/des/ofb_enc.c b/src/lib/libssl/src/crypto/des/ofb_enc.c
new file mode 100644
index 0000000000..4db0cdbd60
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/ofb_enc.c
@@ -0,0 +1,139 @@
+/* crypto/des/ofb_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+/* The input and output are loaded in multiples of 8 bits.
+ * What this means is that if you hame numbits=12 and length=2
+ * the first 12 bits will be retrieved from the first byte and half
+ * the second. The second 12 bits will come from the 3rd and half the 4th
+ * byte.
+ */
+void des_ofb_encrypt(in, out, numbits, length, schedule, ivec)
+unsigned char *in;
+unsigned char *out;
+int numbits;
+long length;
+des_key_schedule schedule;
+des_cblock (*ivec);
+ {
+ register DES_LONG d0,d1,vv0,vv1,v0,v1,n=(numbits+7)/8;
+ register DES_LONG mask0,mask1;
+ register long l=length;
+ register int num=numbits;
+ DES_LONG ti[2];
+ unsigned char *iv;
+
+ if (num > 64) return;
+ if (num > 32)
+ {
+ mask0=0xffffffffL;
+ if (num >= 64)
+ mask1=mask0;
+ else
+ mask1=(1L<<(num-32))-1;
+ }
+ else
+ {
+ if (num == 32)
+ mask0=0xffffffffL;
+ else
+ mask0=(1L<<num)-1;
+ mask1=0x00000000L;
+ }
+
+ iv=(unsigned char *)ivec;
+ c2l(iv,v0);
+ c2l(iv,v1);
+ ti[0]=v0;
+ ti[1]=v1;
+ while (l-- > 0)
+ {
+ ti[0]=v0;
+ ti[1]=v1;
+ des_encrypt((DES_LONG *)ti,schedule,DES_ENCRYPT);
+ vv0=ti[0];
+ vv1=ti[1];
+ c2ln(in,d0,d1,n);
+ in+=n;
+ d0=(d0^vv0)&mask0;
+ d1=(d1^vv1)&mask1;
+ l2cn(d0,d1,out,n);
+ out+=n;
+
+ if (num == 32)
+ { v0=v1; v1=vv0; }
+ else if (num == 64)
+ { v0=vv0; v1=vv1; }
+ else if (num > 32) /* && num != 64 */
+ {
+ v0=((v1>>(num-32))|(vv0<<(64-num)))&0xffffffffL;
+ v1=((vv0>>(num-32))|(vv1<<(64-num)))&0xffffffffL;
+ }
+ else /* num < 32 */
+ {
+ v0=((v0>>num)|(v1<<(32-num)))&0xffffffffL;
+ v1=((v1>>num)|(vv0<<(32-num)))&0xffffffffL;
+ }
+ }
+ iv=(unsigned char *)ivec;
+ l2c(v0,iv);
+ l2c(v1,iv);
+ v0=v1=d0=d1=ti[0]=ti[1]=vv0=vv1=0;
+ }
+
diff --git a/src/lib/libssl/src/crypto/des/options.txt b/src/lib/libssl/src/crypto/des/options.txt
new file mode 100644
index 0000000000..6e2b50f765
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/options.txt
@@ -0,0 +1,39 @@
+Note that the UNROLL option makes the 'inner' des loop unroll all 16 rounds
+instead of the default 4.
+RISC1 and RISC2 are 2 alternatives for the inner loop and
+PTR means to use pointers arithmatic instead of arrays.
+
+FreeBSD - Pentium Pro 200mhz - gcc 2.7.2.2 - assembler 577,000 4620k/s
+IRIX 6.2 - R10000 195mhz - cc (-O3 -n32) - UNROLL RISC2 PTR 496,000 3968k/s
+solaris 2.5.1 usparc 167mhz?? - SC4.0 - UNROLL RISC1 PTR [1] 459,400 3672k/s
+FreeBSD - Pentium Pro 200mhz - gcc 2.7.2.2 - UNROLL RISC1 433,000 3468k/s
+solaris 2.5.1 usparc 167mhz?? - gcc 2.7.2 - UNROLL 380,000 3041k/s
+linux - pentium 100mhz - gcc 2.7.0 - assembler 281,000 2250k/s
+NT 4.0 - pentium 100mhz - VC 4.2 - assembler 281,000 2250k/s
+AIX 4.1? - PPC604 100mhz - cc - UNROLL 275,000 2200k/s
+IRIX 5.3 - R4400 200mhz - gcc 2.6.3 - UNROLL RISC2 PTR 235,300 1882k/s
+IRIX 5.3 - R4400 200mhz - cc - UNROLL RISC2 PTR 233,700 1869k/s
+NT 4.0 - pentium 100mhz - VC 4.2 - UNROLL RISC1 PTR 191,000 1528k/s
+DEC Alpha 165mhz?? - cc - RISC2 PTR [2] 181,000 1448k/s
+linux - pentium 100mhz - gcc 2.7.0 - UNROLL RISC1 PTR 158,500 1268k/s
+HPUX 10 - 9000/887 - cc - UNROLL [3] 148,000 1190k/s
+solaris 2.5.1 - sparc 10 50mhz - gcc 2.7.2 - UNROLL 123,600 989k/s
+IRIX 5.3 - R4000 100mhz - cc - UNROLL RISC2 PTR 101,000 808k/s
+DGUX - 88100 50mhz(?) - gcc 2.6.3 - UNROLL 81,000 648k/s
+solaris 2.4 486 50mhz - gcc 2.6.3 - assembler 65,000 522k/s
+HPUX 10 - 9000/887 - k&r cc (default compiler) - UNROLL PTR 76,000 608k/s
+solaris 2.4 486 50mhz - gcc 2.6.3 - UNROLL RISC2 43,500 344k/s
+AIX - old slow one :-) - cc - 39,000 312k/s
+
+Notes.
+[1] For the ultra sparc, SunC 4.0
+ cc -xtarget=ultra -xarch=v8plus -Xa -xO5, running 'des_opts'
+ gives a speed of 344,000 des/s while 'speed' gives 459,000 des/s.
+ I'll record the higher since it is coming from the library but it
+ is all rather weird.
+[2] Similar to the ultra sparc ([1]), 181,000 for 'des_opts' vs 175,000.
+[3] I was unable to get access to this machine when it was not heavily loaded.
+ As such, my timing program was never able to get more that %30 of the CPU.
+ This would cause the program to give much lower speed numbers because
+ it would be 'fighting' to stay in the cache with the other CPU burning
+ processes.
diff --git a/src/lib/libssl/src/crypto/des/pcbc_enc.c b/src/lib/libssl/src/crypto/des/pcbc_enc.c
new file mode 100644
index 0000000000..4513207d90
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/pcbc_enc.c
@@ -0,0 +1,126 @@
+/* crypto/des/pcbc_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+void des_pcbc_encrypt(input, output, length, schedule, ivec, enc)
+des_cblock (*input);
+des_cblock (*output);
+long length;
+des_key_schedule schedule;
+des_cblock (*ivec);
+int enc;
+ {
+ register DES_LONG sin0,sin1,xor0,xor1,tout0,tout1;
+ DES_LONG tin[2];
+ unsigned char *in,*out,*iv;
+
+ in=(unsigned char *)input;
+ out=(unsigned char *)output;
+ iv=(unsigned char *)ivec;
+
+ if (enc)
+ {
+ c2l(iv,xor0);
+ c2l(iv,xor1);
+ for (; length>0; length-=8)
+ {
+ if (length >= 8)
+ {
+ c2l(in,sin0);
+ c2l(in,sin1);
+ }
+ else
+ c2ln(in,sin0,sin1,length);
+ tin[0]=sin0^xor0;
+ tin[1]=sin1^xor1;
+ des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
+ tout0=tin[0];
+ tout1=tin[1];
+ xor0=sin0^tout0;
+ xor1=sin1^tout1;
+ l2c(tout0,out);
+ l2c(tout1,out);
+ }
+ }
+ else
+ {
+ c2l(iv,xor0); c2l(iv,xor1);
+ for (; length>0; length-=8)
+ {
+ c2l(in,sin0);
+ c2l(in,sin1);
+ tin[0]=sin0;
+ tin[1]=sin1;
+ des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT);
+ tout0=tin[0]^xor0;
+ tout1=tin[1]^xor1;
+ if (length >= 8)
+ {
+ l2c(tout0,out);
+ l2c(tout1,out);
+ }
+ else
+ l2cn(tout0,tout1,out,length);
+ xor0=tout0^sin0;
+ xor1=tout1^sin1;
+ }
+ }
+ tin[0]=tin[1]=0;
+ sin0=sin1=xor0=xor1=tout0=tout1=0;
+ }
diff --git a/src/lib/libssl/src/crypto/des/qud_cksm.c b/src/lib/libssl/src/crypto/des/qud_cksm.c
new file mode 100644
index 0000000000..8526abf334
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/qud_cksm.c
@@ -0,0 +1,144 @@
+/* crypto/des/qud_cksm.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* From "Message Authentication" R.R. Jueneman, S.M. Matyas, C.H. Meyer
+ * IEEE Communications Magazine Sept 1985 Vol. 23 No. 9 p 29-40
+ * This module in only based on the code in this paper and is
+ * almost definitely not the same as the MIT implementation.
+ */
+#include "des_locl.h"
+
+/* bug fix for dos - 7/6/91 - Larry hughes@logos.ucs.indiana.edu */
+#define Q_B0(a) (((DES_LONG)(a)))
+#define Q_B1(a) (((DES_LONG)(a))<<8)
+#define Q_B2(a) (((DES_LONG)(a))<<16)
+#define Q_B3(a) (((DES_LONG)(a))<<24)
+
+/* used to scramble things a bit */
+/* Got the value MIT uses via brute force :-) 2/10/90 eay */
+#define NOISE ((DES_LONG)83653421L)
+
+DES_LONG des_quad_cksum(input, output, length, out_count, seed)
+des_cblock (*input);
+des_cblock (*output);
+long length;
+int out_count;
+des_cblock (*seed);
+ {
+ DES_LONG z0,z1,t0,t1;
+ int i;
+ long l;
+ unsigned char *cp;
+ unsigned char *lp;
+
+ if (out_count < 1) out_count=1;
+ lp=(unsigned char *)output;
+
+ z0=Q_B0((*seed)[0])|Q_B1((*seed)[1])|Q_B2((*seed)[2])|Q_B3((*seed)[3]);
+ z1=Q_B0((*seed)[4])|Q_B1((*seed)[5])|Q_B2((*seed)[6])|Q_B3((*seed)[7]);
+
+ for (i=0; ((i<4)&&(i<out_count)); i++)
+ {
+ cp=(unsigned char *)input;
+ l=length;
+ while (l > 0)
+ {
+ if (l > 1)
+ {
+ t0= (DES_LONG)(*(cp++));
+ t0|=(DES_LONG)Q_B1(*(cp++));
+ l--;
+ }
+ else
+ t0= (DES_LONG)(*(cp++));
+ l--;
+ /* add */
+ t0+=z0;
+ t0&=0xffffffffL;
+ t1=z1;
+ /* square, well sort of square */
+ z0=((((t0*t0)&0xffffffffL)+((t1*t1)&0xffffffffL))
+ &0xffffffffL)%0x7fffffffL;
+ z1=((t0*((t1+NOISE)&0xffffffffL))&0xffffffffL)%0x7fffffffL;
+ }
+ if (lp != NULL)
+ {
+ /* I believe I finally have things worked out.
+ * The MIT library assumes that the checksum
+ * is one huge number and it is returned in a
+ * host dependant byte order.
+ */
+ static DES_LONG ltmp=1;
+ static unsigned char *c=(unsigned char *)<mp;
+
+ if (c[0])
+ {
+ l2c(z0,lp);
+ l2c(z1,lp);
+ }
+ else
+ {
+ lp=output[out_count-i-1];
+ l2n(z1,lp);
+ l2n(z0,lp);
+ }
+ }
+ }
+ return(z0);
+ }
+
diff --git a/src/lib/libssl/src/crypto/des/rand_key.c b/src/lib/libssl/src/crypto/des/rand_key.c
new file mode 100644
index 0000000000..8c30bd029a
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/rand_key.c
@@ -0,0 +1,118 @@
+/* crypto/des/rand_key.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+#include <time.h>
+
+static int seed=0;
+static des_cblock init;
+
+void des_random_seed(key)
+des_cblock key;
+ {
+ memcpy(init,key,sizeof(des_cblock));
+ seed=1;
+ }
+
+void des_random_key(ret)
+unsigned char *ret;
+ {
+ des_key_schedule ks;
+ static DES_LONG c=0;
+ static unsigned short pid=0;
+ static des_cblock data={0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef};
+ des_cblock key;
+ unsigned char *p;
+ DES_LONG t;
+ int i;
+
+#ifdef MSDOS
+ pid=1;
+#else
+ if (!pid) pid=getpid();
+#endif
+ p=key;
+ if (seed)
+ {
+ for (i=0; i<8; i++)
+ {
+ data[i] ^= init[i];
+ init[i]=0;
+ }
+ seed=0;
+ }
+ t=(DES_LONG)time(NULL);
+ l2c(t,p);
+ t=(DES_LONG)((pid)|((c++)<<16));
+ l2c(t,p);
+
+ des_set_odd_parity((des_cblock *)data);
+ des_set_key((des_cblock *)data,ks);
+ des_cbc_cksum((des_cblock *)key,(des_cblock *)key,
+ (long)sizeof(key),ks,(des_cblock *)data);
+
+ des_set_odd_parity((des_cblock *)key);
+ des_set_key((des_cblock *)key,ks);
+ des_cbc_cksum((des_cblock *)key,(des_cblock *)data,
+ (long)sizeof(key),ks,(des_cblock *)key);
+
+ memcpy(ret,data,sizeof(key));
+ memset(key,0,sizeof(key));
+ memset(ks,0,sizeof(ks));
+ t=0;
+ }
diff --git a/src/lib/libssl/src/crypto/des/read2pwd.c b/src/lib/libssl/src/crypto/des/read2pwd.c
new file mode 100644
index 0000000000..a0d53793e4
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/read2pwd.c
@@ -0,0 +1,90 @@
+/* crypto/des/read2pwd.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+int des_read_password(key, prompt, verify)
+des_cblock (*key);
+char *prompt;
+int verify;
+ {
+ int ok;
+ char buf[BUFSIZ],buff[BUFSIZ];
+
+ if ((ok=des_read_pw(buf,buff,BUFSIZ,prompt,verify)) == 0)
+ des_string_to_key(buf,key);
+ memset(buf,0,BUFSIZ);
+ memset(buff,0,BUFSIZ);
+ return(ok);
+ }
+
+int des_read_2passwords(key1, key2, prompt, verify)
+des_cblock (*key1);
+des_cblock (*key2);
+char *prompt;
+int verify;
+ {
+ int ok;
+ char buf[BUFSIZ],buff[BUFSIZ];
+
+ if ((ok=des_read_pw(buf,buff,BUFSIZ,prompt,verify)) == 0)
+ des_string_to_2keys(buf,key1,key2);
+ memset(buf,0,BUFSIZ);
+ memset(buff,0,BUFSIZ);
+ return(ok);
+ }
diff --git a/src/lib/libssl/src/crypto/des/read_pwd.c b/src/lib/libssl/src/crypto/des/read_pwd.c
new file mode 100644
index 0000000000..99920f2f86
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/read_pwd.c
@@ -0,0 +1,459 @@
+/* crypto/des/read_pwd.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* #define SIGACTION */ /* Define this if you have sigaction() */
+#ifdef WIN16TTY
+#undef WIN16
+#undef _WINDOWS
+#include <graph.h>
+#endif
+
+/* 06-Apr-92 Luke Brennan Support for VMS */
+#include "des_locl.h"
+#include <signal.h>
+#include <string.h>
+#include <setjmp.h>
+#include <errno.h>
+
+/* There are 5 types of terminal interface supported,
+ * TERMIO, TERMIOS, VMS, MSDOS and SGTTY
+ */
+
+#if defined(__sgi) && !defined(TERMIOS)
+#define TERMIOS
+#undef TERMIO
+#undef SGTTY
+#endif
+
+#if defined(linux) && !defined(TERMIO)
+#undef TERMIOS
+#define TERMIO
+#undef SGTTY
+#endif
+
+#ifdef _LIBC
+#undef TERMIOS
+#define TERMIO
+#undef SGTTY
+#endif
+
+#if !defined(TERMIO) && !defined(TERMIOS) && !defined(VMS) && !defined(MSDOS)
+#undef TERMIOS
+#undef TERMIO
+#define SGTTY
+#endif
+
+#ifdef TERMIOS
+#include <termios.h>
+#define TTY_STRUCT struct termios
+#define TTY_FLAGS c_lflag
+#define TTY_get(tty,data) tcgetattr(tty,data)
+#define TTY_set(tty,data) tcsetattr(tty,TCSANOW,data)
+#endif
+
+#ifdef TERMIO
+#include <termio.h>
+#define TTY_STRUCT struct termio
+#define TTY_FLAGS c_lflag
+#define TTY_get(tty,data) ioctl(tty,TCGETA,data)
+#define TTY_set(tty,data) ioctl(tty,TCSETA,data)
+#endif
+
+#ifdef SGTTY
+#include <sgtty.h>
+#define TTY_STRUCT struct sgttyb
+#define TTY_FLAGS sg_flags
+#define TTY_get(tty,data) ioctl(tty,TIOCGETP,data)
+#define TTY_set(tty,data) ioctl(tty,TIOCSETP,data)
+#endif
+
+#if !defined(_LIBC) && !defined(MSDOS) && !defined(VMS)
+#include <sys/ioctl.h>
+#endif
+
+#ifdef MSDOS
+#include <conio.h>
+#define fgets(a,b,c) noecho_fgets(a,b,c)
+#endif
+
+#ifdef VMS
+#include <ssdef.h>
+#include <iodef.h>
+#include <ttdef.h>
+#include <descrip.h>
+struct IOSB {
+ short iosb$w_value;
+ short iosb$w_count;
+ long iosb$l_info;
+ };
+#endif
+
+#ifndef NX509_SIG
+#define NX509_SIG 32
+#endif
+
+#ifndef NOPROTO
+static void read_till_nl(FILE *);
+static void recsig(int);
+static void pushsig(void);
+static void popsig(void);
+#if defined(MSDOS) && !defined(WIN16)
+static int noecho_fgets(char *buf, int size, FILE *tty);
+#endif
+#else
+static void read_till_nl();
+static void recsig();
+static void pushsig();
+static void popsig();
+#if defined(MSDOS) && !defined(WIN16)
+static int noecho_fgets();
+#endif
+#endif
+
+#ifdef SIGACTION
+ static struct sigaction savsig[NX509_SIG];
+#else
+# ifndef NOPROTO
+ static void (*savsig[NX509_SIG])(int );
+# else
+ static void (*savsig[NX509_SIG])();
+# endif
+#endif
+static jmp_buf save;
+
+int des_read_pw_string(buf, length, prompt, verify)
+char *buf;
+int length;
+char *prompt;
+int verify;
+ {
+ char buff[BUFSIZ];
+ int ret;
+
+ ret=des_read_pw(buf,buff,(length>BUFSIZ)?BUFSIZ:length,prompt,verify);
+ memset(buff,0,BUFSIZ);
+ return(ret);
+ }
+
+#ifndef WIN16
+
+static void read_till_nl(in)
+FILE *in;
+ {
+#define SIZE 4
+ char buf[SIZE+1];
+
+ do {
+ fgets(buf,SIZE,in);
+ } while (strchr(buf,'\n') == NULL);
+ }
+
+
+/* return 0 if ok, 1 (or -1) otherwise */
+int des_read_pw(buf, buff, size, prompt, verify)
+char *buf;
+char *buff;
+int size;
+char *prompt;
+int verify;
+ {
+#ifdef VMS
+ struct IOSB iosb;
+ $DESCRIPTOR(terminal,"TT");
+ long tty_orig[3], tty_new[3];
+ long status;
+ unsigned short channel = 0;
+#else
+#ifndef MSDOS
+ TTY_STRUCT tty_orig,tty_new;
+#endif
+#endif
+ int number=5;
+ int ok=0;
+ int ps=0;
+ int is_a_tty=1;
+
+ FILE *tty=NULL;
+ char *p;
+
+#ifndef MSDOS
+ if ((tty=fopen("/dev/tty","r")) == NULL)
+ tty=stdin;
+#else /* MSDOS */
+ if ((tty=fopen("con","r")) == NULL)
+ tty=stdin;
+#endif /* MSDOS */
+
+#if defined(TTY_get) && !defined(VMS)
+ if (TTY_get(fileno(tty),&tty_orig) == -1)
+ {
+#ifdef ENOTTY
+ if (errno == ENOTTY)
+ is_a_tty=0;
+ else
+#endif
+#ifdef EINVAL
+ /* Ariel Glenn ariel@columbia.edu reports that solaris
+ * can return EINVAL instead. This should be ok */
+ if (errno == EINVAL)
+ is_a_tty=0;
+ else
+#endif
+ return(-1);
+ }
+ memcpy(&(tty_new),&(tty_orig),sizeof(tty_orig));
+#endif
+#ifdef VMS
+ status = SYS$ASSIGN(&terminal,&channel,0,0);
+ if (status != SS$_NORMAL)
+ return(-1);
+ status=SYS$QIOW(0,channel,IO$_SENSEMODE,&iosb,0,0,tty_orig,12,0,0,0,0);
+ if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL))
+ return(-1);
+#endif
+
+ if (setjmp(save))
+ {
+ ok=0;
+ goto error;
+ }
+ pushsig();
+ ps=1;
+
+#ifdef TTY_FLAGS
+ tty_new.TTY_FLAGS &= ~ECHO;
+#endif
+
+#if defined(TTY_set) && !defined(VMS)
+ if (is_a_tty && (TTY_set(fileno(tty),&tty_new) == -1))
+ return(-1);
+#endif
+#ifdef VMS
+ tty_new[0] = tty_orig[0];
+ tty_new[1] = tty_orig[1] | TT$M_NOECHO;
+ tty_new[2] = tty_orig[2];
+ status = SYS$QIOW(0,channel,IO$_SETMODE,&iosb,0,0,tty_new,12,0,0,0,0);
+ if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL))
+ return(-1);
+#endif
+ ps=2;
+
+ while ((!ok) && (number--))
+ {
+ fputs(prompt,stderr);
+ fflush(stderr);
+
+ buf[0]='\0';
+ fgets(buf,size,tty);
+ if (feof(tty)) goto error;
+ if (ferror(tty)) goto error;
+ if ((p=(char *)strchr(buf,'\n')) != NULL)
+ *p='\0';
+ else read_till_nl(tty);
+ if (verify)
+ {
+ fprintf(stderr,"\nVerifying password - %s",prompt);
+ fflush(stderr);
+ buff[0]='\0';
+ fgets(buff,size,tty);
+ if (feof(tty)) goto error;
+ if ((p=(char *)strchr(buff,'\n')) != NULL)
+ *p='\0';
+ else read_till_nl(tty);
+
+ if (strcmp(buf,buff) != 0)
+ {
+ fprintf(stderr,"\nVerify failure");
+ fflush(stderr);
+ break;
+ /* continue; */
+ }
+ }
+ ok=1;
+ }
+
+error:
+ fprintf(stderr,"\n");
+#ifdef DEBUG
+ perror("fgets(tty)");
+#endif
+ /* What can we do if there is an error? */
+#if defined(TTY_set) && !defined(VMS)
+ if (ps >= 2) TTY_set(fileno(tty),&tty_orig);
+#endif
+#ifdef VMS
+ if (ps >= 2)
+ status = SYS$QIOW(0,channel,IO$_SETMODE,&iosb,0,0
+ ,tty_orig,12,0,0,0,0);
+#endif
+
+ if (ps >= 1) popsig();
+ if (stdin != tty) fclose(tty);
+#ifdef VMS
+ status = SYS$DASSGN(channel);
+#endif
+ return(!ok);
+ }
+
+#else /* WIN16 */
+
+int des_read_pw(buf, buff, size, prompt, verify)
+char *buf;
+char *buff;
+int size;
+char *prompt;
+int verify;
+ {
+ memset(buf,0,size);
+ memset(buff,0,size);
+ return(0);
+ }
+
+#endif
+
+static void pushsig()
+ {
+ int i;
+
+ for (i=1; i<NX509_SIG; i++)
+ {
+#ifdef SIGUSR1
+ if (i == SIGUSR1)
+ continue;
+#endif
+#ifdef SIGUSR2
+ if (i == SIGUSR2)
+ continue;
+#endif
+#ifdef SIGACTION
+ sigaction(i,NULL,&savsig[i]);
+#else
+ savsig[i]=signal(i,recsig);
+#endif
+ }
+
+#ifdef SIGWINCH
+ signal(SIGWINCH,SIG_DFL);
+#endif
+ }
+
+static void popsig()
+ {
+ int i;
+
+ for (i=1; i<NX509_SIG; i++)
+ {
+#ifdef SIGUSR1
+ if (i == SIGUSR1)
+ continue;
+#endif
+#ifdef SIGUSR2
+ if (i == SIGUSR2)
+ continue;
+#endif
+#ifdef SIGACTION
+ sigaction(i,&savsig[i],NULL);
+#else
+ signal(i,savsig[i]);
+#endif
+ }
+ }
+
+static void recsig(i)
+int i;
+ {
+ longjmp(save,1);
+#ifdef LINT
+ i=i;
+#endif
+ }
+
+#if defined(MSDOS) && !defined(WIN16)
+static int noecho_fgets(buf,size,tty)
+char *buf;
+int size;
+FILE *tty;
+ {
+ int i;
+ char *p;
+
+ p=buf;
+ for (;;)
+ {
+ if (size == 0)
+ {
+ *p='\0';
+ break;
+ }
+ size--;
+#ifdef WIN16TTY
+ i=_inchar();
+#else
+ i=getch();
+#endif
+ if (i == '\r') i='\n';
+ *(p++)=i;
+ if (i == '\n')
+ {
+ *p='\0';
+ break;
+ }
+ }
+ return(strlen(buf));
+ }
+#endif
diff --git a/src/lib/libssl/src/crypto/des/rpc_des.h b/src/lib/libssl/src/crypto/des/rpc_des.h
new file mode 100644
index 0000000000..4cbb4d2dcd
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/rpc_des.h
@@ -0,0 +1,131 @@
+/* crypto/des/rpc_des.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* @(#)des.h 2.2 88/08/10 4.0 RPCSRC; from 2.7 88/02/08 SMI */
+/*
+ * Sun RPC is a product of Sun Microsystems, Inc. and is provided for
+ * unrestricted use provided that this legend is included on all tape
+ * media and as a part of the software program in whole or part. Users
+ * may copy or modify Sun RPC without charge, but are not authorized
+ * to license or distribute it to anyone else except as part of a product or
+ * program developed by the user.
+ *
+ * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE
+ * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE.
+ *
+ * Sun RPC is provided with no support and without any obligation on the
+ * part of Sun Microsystems, Inc. to assist in its use, correction,
+ * modification or enhancement.
+ *
+ * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE
+ * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC
+ * OR ANY PART THEREOF.
+ *
+ * In no event will Sun Microsystems, Inc. be liable for any lost revenue
+ * or profits or other special, indirect and consequential damages, even if
+ * Sun has been advised of the possibility of such damages.
+ *
+ * Sun Microsystems, Inc.
+ * 2550 Garcia Avenue
+ * Mountain View, California 94043
+ */
+/*
+ * Generic DES driver interface
+ * Keep this file hardware independent!
+ * Copyright (c) 1986 by Sun Microsystems, Inc.
+ */
+
+#define DES_MAXLEN 65536 /* maximum # of bytes to encrypt */
+#define DES_QUICKLEN 16 /* maximum # of bytes to encrypt quickly */
+
+#ifdef HEADER_DES_H
+#undef ENCRYPT
+#undef DECRYPT
+#endif
+
+enum desdir { ENCRYPT, DECRYPT };
+enum desmode { CBC, ECB };
+
+/*
+ * parameters to ioctl call
+ */
+struct desparams {
+ unsigned char des_key[8]; /* key (with low bit parity) */
+ enum desdir des_dir; /* direction */
+ enum desmode des_mode; /* mode */
+ unsigned char des_ivec[8]; /* input vector */
+ unsigned des_len; /* number of bytes to crypt */
+ union {
+ unsigned char UDES_data[DES_QUICKLEN];
+ unsigned char *UDES_buf;
+ } UDES;
+# define des_data UDES.UDES_data /* direct data here if quick */
+# define des_buf UDES.UDES_buf /* otherwise, pointer to data */
+};
+
+/*
+ * Encrypt an arbitrary sized buffer
+ */
+#define DESIOCBLOCK _IOWR(d, 6, struct desparams)
+
+/*
+ * Encrypt of small amount of data, quickly
+ */
+#define DESIOCQUICK _IOWR(d, 7, struct desparams)
+
diff --git a/src/lib/libssl/src/crypto/des/rpc_enc.c b/src/lib/libssl/src/crypto/des/rpc_enc.c
new file mode 100644
index 0000000000..7c1da1f538
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/rpc_enc.c
@@ -0,0 +1,107 @@
+/* crypto/des/rpc_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "rpc_des.h"
+#include "des_locl.h"
+#include "des_ver.h"
+
+#ifndef NOPROTO
+int _des_crypt(char *buf,int len,struct desparams *desp);
+#else
+int _des_crypt();
+#endif
+
+int _des_crypt(buf, len, desp)
+char *buf;
+int len;
+struct desparams *desp;
+ {
+ des_key_schedule ks;
+ int enc;
+
+ des_set_key((des_cblock *)desp->des_key,ks);
+ enc=(desp->des_dir == ENCRYPT)?DES_ENCRYPT:DES_DECRYPT;
+
+ if (desp->des_mode == CBC)
+ des_ecb_encrypt((des_cblock *)desp->UDES.UDES_buf,
+ (des_cblock *)desp->UDES.UDES_buf,ks,enc);
+ else
+ {
+ des_ncbc_encrypt((des_cblock *)desp->UDES.UDES_buf,
+ (des_cblock *)desp->UDES.UDES_buf,
+ (long)len,ks,
+ (des_cblock *)desp->des_ivec,enc);
+#ifdef undef
+ /* len will always be %8 if called from common_crypt
+ * in secure_rpc.
+ * Libdes's cbc encrypt does not copy back the iv,
+ * so we have to do it here. */
+ /* It does now :-) eay 20/09/95 */
+
+ a=(char *)&(desp->UDES.UDES_buf[len-8]);
+ b=(char *)&(desp->des_ivec[0]);
+
+ *(a++)= *(b++); *(a++)= *(b++);
+ *(a++)= *(b++); *(a++)= *(b++);
+ *(a++)= *(b++); *(a++)= *(b++);
+ *(a++)= *(b++); *(a++)= *(b++);
+#endif
+ }
+ return(1);
+ }
+
diff --git a/src/lib/libssl/src/crypto/des/rpw.c b/src/lib/libssl/src/crypto/des/rpw.c
new file mode 100644
index 0000000000..6447ed9cf0
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/rpw.c
@@ -0,0 +1,101 @@
+/* crypto/des/rpw.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "des.h"
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ des_cblock k,k1;
+ int i;
+
+ printf("read passwd\n");
+ if ((i=des_read_password((C_Block *)k,"Enter password:",0)) == 0)
+ {
+ printf("password = ");
+ for (i=0; i<8; i++)
+ printf("%02x ",k[i]);
+ }
+ else
+ printf("error %d\n",i);
+ printf("\n");
+ printf("read 2passwds and verify\n");
+ if ((i=des_read_2passwords((C_Block *)k,(C_Block *)k1,
+ "Enter verified password:",1)) == 0)
+ {
+ printf("password1 = ");
+ for (i=0; i<8; i++)
+ printf("%02x ",k[i]);
+ printf("\n");
+ printf("password2 = ");
+ for (i=0; i<8; i++)
+ printf("%02x ",k1[i]);
+ printf("\n");
+ exit(1);
+ }
+ else
+ {
+ printf("error %d\n",i);
+ exit(0);
+ }
+#ifdef LINT
+ return(0);
+#endif
+ }
diff --git a/src/lib/libssl/src/crypto/des/set_key.c b/src/lib/libssl/src/crypto/des/set_key.c
new file mode 100644
index 0000000000..c3bcd7ee2b
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/set_key.c
@@ -0,0 +1,246 @@
+/* crypto/des/set_key.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* set_key.c v 1.4 eay 24/9/91
+ * 1.4 Speed up by 400% :-)
+ * 1.3 added register declarations.
+ * 1.2 unrolled make_key_sched a bit more
+ * 1.1 added norm_expand_bits
+ * 1.0 First working version
+ */
+#include "des_locl.h"
+#include "podd.h"
+#include "sk.h"
+
+#ifndef NOPROTO
+static int check_parity(des_cblock (*key));
+#else
+static int check_parity();
+#endif
+
+int des_check_key=0;
+
+void des_set_odd_parity(key)
+des_cblock (*key);
+ {
+ int i;
+
+ for (i=0; i<DES_KEY_SZ; i++)
+ (*key)[i]=odd_parity[(*key)[i]];
+ }
+
+static int check_parity(key)
+des_cblock (*key);
+ {
+ int i;
+
+ for (i=0; i<DES_KEY_SZ; i++)
+ {
+ if ((*key)[i] != odd_parity[(*key)[i]])
+ return(0);
+ }
+ return(1);
+ }
+
+/* Weak and semi week keys as take from
+ * %A D.W. Davies
+ * %A W.L. Price
+ * %T Security for Computer Networks
+ * %I John Wiley & Sons
+ * %D 1984
+ * Many thanks to smb@ulysses.att.com (Steven Bellovin) for the reference
+ * (and actual cblock values).
+ */
+#define NUM_WEAK_KEY 16
+static des_cblock weak_keys[NUM_WEAK_KEY]={
+ /* weak keys */
+ {0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01},
+ {0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE},
+ {0x1F,0x1F,0x1F,0x1F,0x1F,0x1F,0x1F,0x1F},
+ {0xE0,0xE0,0xE0,0xE0,0xE0,0xE0,0xE0,0xE0},
+ /* semi-weak keys */
+ {0x01,0xFE,0x01,0xFE,0x01,0xFE,0x01,0xFE},
+ {0xFE,0x01,0xFE,0x01,0xFE,0x01,0xFE,0x01},
+ {0x1F,0xE0,0x1F,0xE0,0x0E,0xF1,0x0E,0xF1},
+ {0xE0,0x1F,0xE0,0x1F,0xF1,0x0E,0xF1,0x0E},
+ {0x01,0xE0,0x01,0xE0,0x01,0xF1,0x01,0xF1},
+ {0xE0,0x01,0xE0,0x01,0xF1,0x01,0xF1,0x01},
+ {0x1F,0xFE,0x1F,0xFE,0x0E,0xFE,0x0E,0xFE},
+ {0xFE,0x1F,0xFE,0x1F,0xFE,0x0E,0xFE,0x0E},
+ {0x01,0x1F,0x01,0x1F,0x01,0x0E,0x01,0x0E},
+ {0x1F,0x01,0x1F,0x01,0x0E,0x01,0x0E,0x01},
+ {0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1,0xFE},
+ {0xFE,0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1}};
+
+int des_is_weak_key(key)
+des_cblock (*key);
+ {
+ int i;
+
+ for (i=0; i<NUM_WEAK_KEY; i++)
+ /* Added == 0 to comparision, I obviously don't run
+ * this section very often :-(, thanks to
+ * engineering@MorningStar.Com for the fix
+ * eay 93/06/29
+ * Another problem, I was comparing only the first 4
+ * bytes, 97/03/18 */
+ if (memcmp(weak_keys[i],key,sizeof(des_cblock)) == 0) return(1);
+ return(0);
+ }
+
+/* NOW DEFINED IN des_local.h
+ * See ecb_encrypt.c for a pseudo description of these macros.
+ * #define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
+ * (b)^=(t),\
+ * (a)=((a)^((t)<<(n))))
+ */
+
+#define HPERM_OP(a,t,n,m) ((t)=((((a)<<(16-(n)))^(a))&(m)),\
+ (a)=(a)^(t)^(t>>(16-(n))))
+
+/* return 0 if key parity is odd (correct),
+ * return -1 if key parity error,
+ * return -2 if illegal weak key.
+ */
+int des_set_key(key, schedule)
+des_cblock (*key);
+des_key_schedule schedule;
+ {
+ static int shifts2[16]={0,0,1,1,1,1,1,1,0,1,1,1,1,1,1,0};
+ register DES_LONG c,d,t,s,t2;
+ register unsigned char *in;
+ register DES_LONG *k;
+ register int i;
+
+ if (des_check_key)
+ {
+ if (!check_parity(key))
+ return(-1);
+
+ if (des_is_weak_key(key))
+ return(-2);
+ }
+
+ k=(DES_LONG *)schedule;
+ in=(unsigned char *)key;
+
+ c2l(in,c);
+ c2l(in,d);
+
+ /* do PC1 in 60 simple operations */
+/* PERM_OP(d,c,t,4,0x0f0f0f0fL);
+ HPERM_OP(c,t,-2, 0xcccc0000L);
+ HPERM_OP(c,t,-1, 0xaaaa0000L);
+ HPERM_OP(c,t, 8, 0x00ff0000L);
+ HPERM_OP(c,t,-1, 0xaaaa0000L);
+ HPERM_OP(d,t,-8, 0xff000000L);
+ HPERM_OP(d,t, 8, 0x00ff0000L);
+ HPERM_OP(d,t, 2, 0x33330000L);
+ d=((d&0x00aa00aaL)<<7L)|((d&0x55005500L)>>7L)|(d&0xaa55aa55L);
+ d=(d>>8)|((c&0xf0000000L)>>4);
+ c&=0x0fffffffL; */
+
+ /* I now do it in 47 simple operations :-)
+ * Thanks to John Fletcher (john_fletcher@lccmail.ocf.llnl.gov)
+ * for the inspiration. :-) */
+ PERM_OP (d,c,t,4,0x0f0f0f0fL);
+ HPERM_OP(c,t,-2,0xcccc0000L);
+ HPERM_OP(d,t,-2,0xcccc0000L);
+ PERM_OP (d,c,t,1,0x55555555L);
+ PERM_OP (c,d,t,8,0x00ff00ffL);
+ PERM_OP (d,c,t,1,0x55555555L);
+ d= (((d&0x000000ffL)<<16L)| (d&0x0000ff00L) |
+ ((d&0x00ff0000L)>>16L)|((c&0xf0000000L)>>4L));
+ c&=0x0fffffffL;
+
+ for (i=0; i<ITERATIONS; i++)
+ {
+ if (shifts2[i])
+ { c=((c>>2L)|(c<<26L)); d=((d>>2L)|(d<<26L)); }
+ else
+ { c=((c>>1L)|(c<<27L)); d=((d>>1L)|(d<<27L)); }
+ c&=0x0fffffffL;
+ d&=0x0fffffffL;
+ /* could be a few less shifts but I am to lazy at this
+ * point in time to investigate */
+ s= des_skb[0][ (c )&0x3f ]|
+ des_skb[1][((c>> 6)&0x03)|((c>> 7L)&0x3c)]|
+ des_skb[2][((c>>13)&0x0f)|((c>>14L)&0x30)]|
+ des_skb[3][((c>>20)&0x01)|((c>>21L)&0x06) |
+ ((c>>22L)&0x38)];
+ t= des_skb[4][ (d )&0x3f ]|
+ des_skb[5][((d>> 7L)&0x03)|((d>> 8L)&0x3c)]|
+ des_skb[6][ (d>>15L)&0x3f ]|
+ des_skb[7][((d>>21L)&0x0f)|((d>>22L)&0x30)];
+
+ /* table contained 0213 4657 */
+ t2=((t<<16L)|(s&0x0000ffffL))&0xffffffffL;
+ *(k++)=ROTATE(t2,30)&0xffffffffL;
+
+ t2=((s>>16L)|(t&0xffff0000L));
+ *(k++)=ROTATE(t2,26)&0xffffffffL;
+ }
+ return(0);
+ }
+
+int des_key_sched(key, schedule)
+des_cblock (*key);
+des_key_schedule schedule;
+ {
+ return(des_set_key(key,schedule));
+ }
diff --git a/src/lib/libssl/src/crypto/des/speed.c b/src/lib/libssl/src/crypto/des/speed.c
new file mode 100644
index 0000000000..5bbe8b01d6
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/speed.c
@@ -0,0 +1,329 @@
+/* crypto/des/speed.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* 11-Sep-92 Andrew Daviel Support for Silicon Graphics IRIX added */
+/* 06-Apr-92 Luke Brennan Support for VMS and add extra signal calls */
+
+#ifndef MSDOS
+#define TIMES
+#endif
+
+#include <stdio.h>
+#ifndef MSDOS
+#include <unistd.h>
+#else
+#include <io.h>
+extern int exit();
+#endif
+#include <signal.h>
+#ifndef VMS
+#ifndef _IRIX
+#include <time.h>
+#endif
+#ifdef TIMES
+#include <sys/types.h>
+#include <sys/times.h>
+#endif
+#else /* VMS */
+#include <types.h>
+struct tms {
+ time_t tms_utime;
+ time_t tms_stime;
+ time_t tms_uchild; /* I dunno... */
+ time_t tms_uchildsys; /* so these names are a guess :-) */
+ }
+#endif
+#ifndef TIMES
+#include <sys/timeb.h>
+#endif
+
+#ifdef sun
+#include <limits.h>
+#include <sys/param.h>
+#endif
+
+#include "des.h"
+
+/* The following if from times(3) man page. It may need to be changed */
+#ifndef HZ
+# ifndef CLK_TCK
+# ifndef _BSD_CLK_TCK_ /* FreeBSD fix */
+# ifndef VMS
+# define HZ 100.0
+# else /* VMS */
+# define HZ 100.0
+# endif
+# else /* _BSD_CLK_TCK_ */
+# define HZ ((double)_BSD_CLK_TCK_)
+# endif
+# else /* CLK_TCK */
+# define HZ ((double)CLK_TCK)
+# endif
+#endif
+
+#define BUFSIZE ((long)1024)
+long run=0;
+
+#ifndef NOPROTO
+double Time_F(int s);
+#else
+double Time_F();
+#endif
+
+#ifdef SIGALRM
+#if defined(__STDC__) || defined(sgi) || defined(_AIX)
+#define SIGRETTYPE void
+#else
+#define SIGRETTYPE int
+#endif
+
+#ifndef NOPROTO
+SIGRETTYPE sig_done(int sig);
+#else
+SIGRETTYPE sig_done();
+#endif
+
+SIGRETTYPE sig_done(sig)
+int sig;
+ {
+ signal(SIGALRM,sig_done);
+ run=0;
+#ifdef LINT
+ sig=sig;
+#endif
+ }
+#endif
+
+#define START 0
+#define STOP 1
+
+double Time_F(s)
+int s;
+ {
+ double ret;
+#ifdef TIMES
+ static struct tms tstart,tend;
+
+ if (s == START)
+ {
+ times(&tstart);
+ return(0);
+ }
+ else
+ {
+ times(&tend);
+ ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
+ return((ret == 0.0)?1e-6:ret);
+ }
+#else /* !times() */
+ static struct timeb tstart,tend;
+ long i;
+
+ if (s == START)
+ {
+ ftime(&tstart);
+ return(0);
+ }
+ else
+ {
+ ftime(&tend);
+ i=(long)tend.millitm-(long)tstart.millitm;
+ ret=((double)(tend.time-tstart.time))+((double)i)/1e3;
+ return((ret == 0.0)?1e-6:ret);
+ }
+#endif
+ }
+
+int main(argc,argv)
+int argc;
+char **argv;
+ {
+ long count;
+ static unsigned char buf[BUFSIZE];
+ static des_cblock key ={0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0};
+ static des_cblock key2={0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12};
+ static des_cblock key3={0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34};
+ des_key_schedule sch,sch2,sch3;
+ double a,b,c,d,e;
+#ifndef SIGALRM
+ long ca,cb,cc,cd,ce;
+#endif
+
+#ifndef TIMES
+ printf("To get the most acurate results, try to run this\n");
+ printf("program when this computer is idle.\n");
+#endif
+
+ des_set_key((C_Block *)key2,sch2);
+ des_set_key((C_Block *)key3,sch3);
+
+#ifndef SIGALRM
+ printf("First we calculate the approximate speed ...\n");
+ des_set_key((C_Block *)key,sch);
+ count=10;
+ do {
+ long i;
+ DES_LONG data[2];
+
+ count*=2;
+ Time_F(START);
+ for (i=count; i; i--)
+ des_encrypt(data,&(sch[0]),DES_ENCRYPT);
+ d=Time_F(STOP);
+ } while (d < 3.0);
+ ca=count;
+ cb=count*3;
+ cc=count*3*8/BUFSIZE+1;
+ cd=count*8/BUFSIZE+1;
+ ce=count/20+1;
+ printf("Doing set_key %ld times\n",ca);
+#define COND(d) (count != (d))
+#define COUNT(d) (d)
+#else
+#define COND(c) (run)
+#define COUNT(d) (count)
+ signal(SIGALRM,sig_done);
+ printf("Doing set_key for 10 seconds\n");
+ alarm(10);
+#endif
+
+ Time_F(START);
+ for (count=0,run=1; COND(ca); count++)
+ des_set_key((C_Block *)key,sch);
+ d=Time_F(STOP);
+ printf("%ld set_key's in %.2f seconds\n",count,d);
+ a=((double)COUNT(ca))/d;
+
+#ifdef SIGALRM
+ printf("Doing des_encrypt's for 10 seconds\n");
+ alarm(10);
+#else
+ printf("Doing des_encrypt %ld times\n",cb);
+#endif
+ Time_F(START);
+ for (count=0,run=1; COND(cb); count++)
+ {
+ DES_LONG data[2];
+
+ des_encrypt(data,&(sch[0]),DES_ENCRYPT);
+ }
+ d=Time_F(STOP);
+ printf("%ld des_encrypt's in %.2f second\n",count,d);
+ b=((double)COUNT(cb)*8)/d;
+
+#ifdef SIGALRM
+ printf("Doing des_cbc_encrypt on %ld byte blocks for 10 seconds\n",
+ BUFSIZE);
+ alarm(10);
+#else
+ printf("Doing des_cbc_encrypt %ld times on %ld byte blocks\n",cc,
+ BUFSIZE);
+#endif
+ Time_F(START);
+ for (count=0,run=1; COND(cc); count++)
+ des_ncbc_encrypt((C_Block *)buf,(C_Block *)buf,BUFSIZE,&(sch[0]),
+ (C_Block *)&(key[0]),DES_ENCRYPT);
+ d=Time_F(STOP);
+ printf("%ld des_cbc_encrypt's of %ld byte blocks in %.2f second\n",
+ count,BUFSIZE,d);
+ c=((double)COUNT(cc)*BUFSIZE)/d;
+
+#ifdef SIGALRM
+ printf("Doing des_ede_cbc_encrypt on %ld byte blocks for 10 seconds\n",
+ BUFSIZE);
+ alarm(10);
+#else
+ printf("Doing des_ede_cbc_encrypt %ld times on %ld byte blocks\n",cd,
+ BUFSIZE);
+#endif
+ Time_F(START);
+ for (count=0,run=1; COND(cd); count++)
+ des_ede3_cbc_encrypt((C_Block *)buf,(C_Block *)buf,BUFSIZE,
+ &(sch[0]),
+ &(sch2[0]),
+ &(sch3[0]),
+ (C_Block *)&(key[0]),
+ DES_ENCRYPT);
+ d=Time_F(STOP);
+ printf("%ld des_ede_cbc_encrypt's of %ld byte blocks in %.2f second\n",
+ count,BUFSIZE,d);
+ d=((double)COUNT(cd)*BUFSIZE)/d;
+
+#ifdef SIGALRM
+ printf("Doing crypt for 10 seconds\n");
+ alarm(10);
+#else
+ printf("Doing crypt %ld times\n",ce);
+#endif
+ Time_F(START);
+ for (count=0,run=1; COND(ce); count++)
+ crypt("testing1","ef");
+ e=Time_F(STOP);
+ printf("%ld crypts in %.2f second\n",count,e);
+ e=((double)COUNT(ce))/e;
+
+ printf("set_key per sec = %12.2f (%9.3fuS)\n",a,1.0e6/a);
+ printf("DES raw ecb bytes per sec = %12.2f (%9.3fuS)\n",b,8.0e6/b);
+ printf("DES cbc bytes per sec = %12.2f (%9.3fuS)\n",c,8.0e6/c);
+ printf("DES ede cbc bytes per sec = %12.2f (%9.3fuS)\n",d,8.0e6/d);
+ printf("crypt per sec = %12.2f (%9.3fuS)\n",e,1.0e6/e);
+ exit(0);
+#if defined(LINT) || defined(MSDOS)
+ return(0);
+#endif
+ }
diff --git a/src/lib/libssl/src/crypto/des/spr.h b/src/lib/libssl/src/crypto/des/spr.h
new file mode 100644
index 0000000000..81813f9f7a
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/spr.h
@@ -0,0 +1,204 @@
+/* crypto/des/spr.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+const DES_LONG des_SPtrans[8][64]={
+{
+/* nibble 0 */
+0x02080800L, 0x00080000L, 0x02000002L, 0x02080802L,
+0x02000000L, 0x00080802L, 0x00080002L, 0x02000002L,
+0x00080802L, 0x02080800L, 0x02080000L, 0x00000802L,
+0x02000802L, 0x02000000L, 0x00000000L, 0x00080002L,
+0x00080000L, 0x00000002L, 0x02000800L, 0x00080800L,
+0x02080802L, 0x02080000L, 0x00000802L, 0x02000800L,
+0x00000002L, 0x00000800L, 0x00080800L, 0x02080002L,
+0x00000800L, 0x02000802L, 0x02080002L, 0x00000000L,
+0x00000000L, 0x02080802L, 0x02000800L, 0x00080002L,
+0x02080800L, 0x00080000L, 0x00000802L, 0x02000800L,
+0x02080002L, 0x00000800L, 0x00080800L, 0x02000002L,
+0x00080802L, 0x00000002L, 0x02000002L, 0x02080000L,
+0x02080802L, 0x00080800L, 0x02080000L, 0x02000802L,
+0x02000000L, 0x00000802L, 0x00080002L, 0x00000000L,
+0x00080000L, 0x02000000L, 0x02000802L, 0x02080800L,
+0x00000002L, 0x02080002L, 0x00000800L, 0x00080802L,
+},{
+/* nibble 1 */
+0x40108010L, 0x00000000L, 0x00108000L, 0x40100000L,
+0x40000010L, 0x00008010L, 0x40008000L, 0x00108000L,
+0x00008000L, 0x40100010L, 0x00000010L, 0x40008000L,
+0x00100010L, 0x40108000L, 0x40100000L, 0x00000010L,
+0x00100000L, 0x40008010L, 0x40100010L, 0x00008000L,
+0x00108010L, 0x40000000L, 0x00000000L, 0x00100010L,
+0x40008010L, 0x00108010L, 0x40108000L, 0x40000010L,
+0x40000000L, 0x00100000L, 0x00008010L, 0x40108010L,
+0x00100010L, 0x40108000L, 0x40008000L, 0x00108010L,
+0x40108010L, 0x00100010L, 0x40000010L, 0x00000000L,
+0x40000000L, 0x00008010L, 0x00100000L, 0x40100010L,
+0x00008000L, 0x40000000L, 0x00108010L, 0x40008010L,
+0x40108000L, 0x00008000L, 0x00000000L, 0x40000010L,
+0x00000010L, 0x40108010L, 0x00108000L, 0x40100000L,
+0x40100010L, 0x00100000L, 0x00008010L, 0x40008000L,
+0x40008010L, 0x00000010L, 0x40100000L, 0x00108000L,
+},{
+/* nibble 2 */
+0x04000001L, 0x04040100L, 0x00000100L, 0x04000101L,
+0x00040001L, 0x04000000L, 0x04000101L, 0x00040100L,
+0x04000100L, 0x00040000L, 0x04040000L, 0x00000001L,
+0x04040101L, 0x00000101L, 0x00000001L, 0x04040001L,
+0x00000000L, 0x00040001L, 0x04040100L, 0x00000100L,
+0x00000101L, 0x04040101L, 0x00040000L, 0x04000001L,
+0x04040001L, 0x04000100L, 0x00040101L, 0x04040000L,
+0x00040100L, 0x00000000L, 0x04000000L, 0x00040101L,
+0x04040100L, 0x00000100L, 0x00000001L, 0x00040000L,
+0x00000101L, 0x00040001L, 0x04040000L, 0x04000101L,
+0x00000000L, 0x04040100L, 0x00040100L, 0x04040001L,
+0x00040001L, 0x04000000L, 0x04040101L, 0x00000001L,
+0x00040101L, 0x04000001L, 0x04000000L, 0x04040101L,
+0x00040000L, 0x04000100L, 0x04000101L, 0x00040100L,
+0x04000100L, 0x00000000L, 0x04040001L, 0x00000101L,
+0x04000001L, 0x00040101L, 0x00000100L, 0x04040000L,
+},{
+/* nibble 3 */
+0x00401008L, 0x10001000L, 0x00000008L, 0x10401008L,
+0x00000000L, 0x10400000L, 0x10001008L, 0x00400008L,
+0x10401000L, 0x10000008L, 0x10000000L, 0x00001008L,
+0x10000008L, 0x00401008L, 0x00400000L, 0x10000000L,
+0x10400008L, 0x00401000L, 0x00001000L, 0x00000008L,
+0x00401000L, 0x10001008L, 0x10400000L, 0x00001000L,
+0x00001008L, 0x00000000L, 0x00400008L, 0x10401000L,
+0x10001000L, 0x10400008L, 0x10401008L, 0x00400000L,
+0x10400008L, 0x00001008L, 0x00400000L, 0x10000008L,
+0x00401000L, 0x10001000L, 0x00000008L, 0x10400000L,
+0x10001008L, 0x00000000L, 0x00001000L, 0x00400008L,
+0x00000000L, 0x10400008L, 0x10401000L, 0x00001000L,
+0x10000000L, 0x10401008L, 0x00401008L, 0x00400000L,
+0x10401008L, 0x00000008L, 0x10001000L, 0x00401008L,
+0x00400008L, 0x00401000L, 0x10400000L, 0x10001008L,
+0x00001008L, 0x10000000L, 0x10000008L, 0x10401000L,
+},{
+/* nibble 4 */
+0x08000000L, 0x00010000L, 0x00000400L, 0x08010420L,
+0x08010020L, 0x08000400L, 0x00010420L, 0x08010000L,
+0x00010000L, 0x00000020L, 0x08000020L, 0x00010400L,
+0x08000420L, 0x08010020L, 0x08010400L, 0x00000000L,
+0x00010400L, 0x08000000L, 0x00010020L, 0x00000420L,
+0x08000400L, 0x00010420L, 0x00000000L, 0x08000020L,
+0x00000020L, 0x08000420L, 0x08010420L, 0x00010020L,
+0x08010000L, 0x00000400L, 0x00000420L, 0x08010400L,
+0x08010400L, 0x08000420L, 0x00010020L, 0x08010000L,
+0x00010000L, 0x00000020L, 0x08000020L, 0x08000400L,
+0x08000000L, 0x00010400L, 0x08010420L, 0x00000000L,
+0x00010420L, 0x08000000L, 0x00000400L, 0x00010020L,
+0x08000420L, 0x00000400L, 0x00000000L, 0x08010420L,
+0x08010020L, 0x08010400L, 0x00000420L, 0x00010000L,
+0x00010400L, 0x08010020L, 0x08000400L, 0x00000420L,
+0x00000020L, 0x00010420L, 0x08010000L, 0x08000020L,
+},{
+/* nibble 5 */
+0x80000040L, 0x00200040L, 0x00000000L, 0x80202000L,
+0x00200040L, 0x00002000L, 0x80002040L, 0x00200000L,
+0x00002040L, 0x80202040L, 0x00202000L, 0x80000000L,
+0x80002000L, 0x80000040L, 0x80200000L, 0x00202040L,
+0x00200000L, 0x80002040L, 0x80200040L, 0x00000000L,
+0x00002000L, 0x00000040L, 0x80202000L, 0x80200040L,
+0x80202040L, 0x80200000L, 0x80000000L, 0x00002040L,
+0x00000040L, 0x00202000L, 0x00202040L, 0x80002000L,
+0x00002040L, 0x80000000L, 0x80002000L, 0x00202040L,
+0x80202000L, 0x00200040L, 0x00000000L, 0x80002000L,
+0x80000000L, 0x00002000L, 0x80200040L, 0x00200000L,
+0x00200040L, 0x80202040L, 0x00202000L, 0x00000040L,
+0x80202040L, 0x00202000L, 0x00200000L, 0x80002040L,
+0x80000040L, 0x80200000L, 0x00202040L, 0x00000000L,
+0x00002000L, 0x80000040L, 0x80002040L, 0x80202000L,
+0x80200000L, 0x00002040L, 0x00000040L, 0x80200040L,
+},{
+/* nibble 6 */
+0x00004000L, 0x00000200L, 0x01000200L, 0x01000004L,
+0x01004204L, 0x00004004L, 0x00004200L, 0x00000000L,
+0x01000000L, 0x01000204L, 0x00000204L, 0x01004000L,
+0x00000004L, 0x01004200L, 0x01004000L, 0x00000204L,
+0x01000204L, 0x00004000L, 0x00004004L, 0x01004204L,
+0x00000000L, 0x01000200L, 0x01000004L, 0x00004200L,
+0x01004004L, 0x00004204L, 0x01004200L, 0x00000004L,
+0x00004204L, 0x01004004L, 0x00000200L, 0x01000000L,
+0x00004204L, 0x01004000L, 0x01004004L, 0x00000204L,
+0x00004000L, 0x00000200L, 0x01000000L, 0x01004004L,
+0x01000204L, 0x00004204L, 0x00004200L, 0x00000000L,
+0x00000200L, 0x01000004L, 0x00000004L, 0x01000200L,
+0x00000000L, 0x01000204L, 0x01000200L, 0x00004200L,
+0x00000204L, 0x00004000L, 0x01004204L, 0x01000000L,
+0x01004200L, 0x00000004L, 0x00004004L, 0x01004204L,
+0x01000004L, 0x01004200L, 0x01004000L, 0x00004004L,
+},{
+/* nibble 7 */
+0x20800080L, 0x20820000L, 0x00020080L, 0x00000000L,
+0x20020000L, 0x00800080L, 0x20800000L, 0x20820080L,
+0x00000080L, 0x20000000L, 0x00820000L, 0x00020080L,
+0x00820080L, 0x20020080L, 0x20000080L, 0x20800000L,
+0x00020000L, 0x00820080L, 0x00800080L, 0x20020000L,
+0x20820080L, 0x20000080L, 0x00000000L, 0x00820000L,
+0x20000000L, 0x00800000L, 0x20020080L, 0x20800080L,
+0x00800000L, 0x00020000L, 0x20820000L, 0x00000080L,
+0x00800000L, 0x00020000L, 0x20000080L, 0x20820080L,
+0x00020080L, 0x20000000L, 0x00000000L, 0x00820000L,
+0x20800080L, 0x20020080L, 0x20020000L, 0x00800080L,
+0x20820000L, 0x00000080L, 0x00800080L, 0x20020000L,
+0x20820080L, 0x00800000L, 0x20800000L, 0x20000080L,
+0x00820000L, 0x00020080L, 0x20020080L, 0x20800000L,
+0x00000080L, 0x20820000L, 0x00820080L, 0x00000000L,
+0x20000000L, 0x20800080L, 0x00020000L, 0x00820080L,
+}};
diff --git a/src/lib/libssl/src/crypto/des/str2key.c b/src/lib/libssl/src/crypto/des/str2key.c
new file mode 100644
index 0000000000..3365c1bcf3
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/str2key.c
@@ -0,0 +1,171 @@
+/* crypto/des/str2key.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+extern int des_check_key;
+
+void des_string_to_key(str, key)
+char *str;
+des_cblock (*key);
+ {
+ des_key_schedule ks;
+ int i,length;
+ register unsigned char j;
+
+ memset(key,0,8);
+ length=strlen(str);
+#ifdef OLD_STR_TO_KEY
+ for (i=0; i<length; i++)
+ (*key)[i%8]^=(str[i]<<1);
+#else /* MIT COMPATIBLE */
+ for (i=0; i<length; i++)
+ {
+ j=str[i];
+ if ((i%16) < 8)
+ (*key)[i%8]^=(j<<1);
+ else
+ {
+ /* Reverse the bit order 05/05/92 eay */
+ j=((j<<4)&0xf0)|((j>>4)&0x0f);
+ j=((j<<2)&0xcc)|((j>>2)&0x33);
+ j=((j<<1)&0xaa)|((j>>1)&0x55);
+ (*key)[7-(i%8)]^=j;
+ }
+ }
+#endif
+ des_set_odd_parity((des_cblock *)key);
+ i=des_check_key;
+ des_check_key=0;
+ des_set_key((des_cblock *)key,ks);
+ des_check_key=i;
+ des_cbc_cksum((des_cblock *)str,(des_cblock *)key,(long)length,ks,
+ (des_cblock *)key);
+ memset(ks,0,sizeof(ks));
+ des_set_odd_parity((des_cblock *)key);
+ }
+
+void des_string_to_2keys(str, key1, key2)
+char *str;
+des_cblock (*key1);
+des_cblock (*key2);
+ {
+ des_key_schedule ks;
+ int i,length;
+ register unsigned char j;
+
+ memset(key1,0,8);
+ memset(key2,0,8);
+ length=strlen(str);
+#ifdef OLD_STR_TO_KEY
+ if (length <= 8)
+ {
+ for (i=0; i<length; i++)
+ {
+ (*key2)[i]=(*key1)[i]=(str[i]<<1);
+ }
+ }
+ else
+ {
+ for (i=0; i<length; i++)
+ {
+ if ((i/8)&1)
+ (*key2)[i%8]^=(str[i]<<1);
+ else
+ (*key1)[i%8]^=(str[i]<<1);
+ }
+ }
+#else /* MIT COMPATIBLE */
+ for (i=0; i<length; i++)
+ {
+ j=str[i];
+ if ((i%32) < 16)
+ {
+ if ((i%16) < 8)
+ (*key1)[i%8]^=(j<<1);
+ else
+ (*key2)[i%8]^=(j<<1);
+ }
+ else
+ {
+ j=((j<<4)&0xf0)|((j>>4)&0x0f);
+ j=((j<<2)&0xcc)|((j>>2)&0x33);
+ j=((j<<1)&0xaa)|((j>>1)&0x55);
+ if ((i%16) < 8)
+ (*key1)[7-(i%8)]^=j;
+ else
+ (*key2)[7-(i%8)]^=j;
+ }
+ }
+ if (length <= 8) memcpy(key2,key1,8);
+#endif
+ des_set_odd_parity((des_cblock *)key1);
+ des_set_odd_parity((des_cblock *)key2);
+ i=des_check_key;
+ des_check_key=0;
+ des_set_key((des_cblock *)key1,ks);
+ des_cbc_cksum((des_cblock *)str,(des_cblock *)key1,(long)length,ks,
+ (des_cblock *)key1);
+ des_set_key((des_cblock *)key2,ks);
+ des_cbc_cksum((des_cblock *)str,(des_cblock *)key2,(long)length,ks,
+ (des_cblock *)key2);
+ des_check_key=i;
+ memset(ks,0,sizeof(ks));
+ des_set_odd_parity(key1);
+ des_set_odd_parity(key2);
+ }
diff --git a/src/lib/libssl/src/crypto/des/t/test b/src/lib/libssl/src/crypto/des/t/test
new file mode 100644
index 0000000000..97acd0552e
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/t/test
@@ -0,0 +1,27 @@
+#!./perl
+
+BEGIN { push(@INC, qw(../../../lib ../../lib ../lib lib)); }
+
+use DES;
+
+$key='00000000';
+$ks=DES::set_key($key);
+@a=split(//,$ks);
+foreach (@a) { printf "%02x-",ord($_); }
+print "\n";
+
+
+$key=DES::random_key();
+print "($_)\n";
+@a=split(//,$key);
+foreach (@a) { printf "%02x-",ord($_); }
+print "\n";
+$str="this is and again into the breach";
+($k1,$k2)=DES::string_to_2keys($str);
+@a=split(//,$k1);
+foreach (@a) { printf "%02x-",ord($_); }
+print "\n";
+@a=split(//,$k2);
+foreach (@a) { printf "%02x-",ord($_); }
+print "\n";
+
diff --git a/src/lib/libssl/src/crypto/des/times/486-50.sol b/src/lib/libssl/src/crypto/des/times/486-50.sol
new file mode 100644
index 0000000000..0de62d6db3
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/times/486-50.sol
@@ -0,0 +1,16 @@
+Solaris 2.4, 486 50mhz, gcc 2.6.3
+options des ecb/s
+16 r2 i 43552.51 100.0%
+16 r1 i 43487.45 99.9%
+16 c p 43003.23 98.7%
+16 r2 p 42339.00 97.2%
+16 c i 41900.91 96.2%
+16 r1 p 41360.64 95.0%
+ 4 c i 38728.48 88.9%
+ 4 c p 38225.63 87.8%
+ 4 r1 i 38085.79 87.4%
+ 4 r2 i 37825.64 86.9%
+ 4 r2 p 34611.00 79.5%
+ 4 r1 p 31802.00 73.0%
+-DDES_UNROLL -DDES_RISC2
+
diff --git a/src/lib/libssl/src/crypto/des/times/586-100.lnx b/src/lib/libssl/src/crypto/des/times/586-100.lnx
new file mode 100644
index 0000000000..4323914a11
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/times/586-100.lnx
@@ -0,0 +1,20 @@
+Pentium 100
+Linux 2 kernel
+gcc 2.7.0 -O3 -fomit-frame-pointer
+No X server running, just a console, it makes the top speed jump from 151,000
+to 158,000 :-).
+options des ecb/s
+assember 281000.00 177.1%
+16 r1 p 158667.40 100.0%
+16 r1 i 148471.70 93.6%
+16 r2 p 143961.80 90.7%
+16 r2 i 141689.20 89.3%
+ 4 r1 i 140100.00 88.3%
+ 4 r2 i 134049.40 84.5%
+16 c i 124145.20 78.2%
+16 c p 121584.20 76.6%
+ 4 c i 118116.00 74.4%
+ 4 r2 p 117977.90 74.4%
+ 4 c p 114971.40 72.5%
+ 4 r1 p 114578.40 72.2%
+-DDES_UNROLL -DDES_RISC1 -DDES_PTR
diff --git a/src/lib/libssl/src/crypto/des/times/686-200.fre b/src/lib/libssl/src/crypto/des/times/686-200.fre
new file mode 100644
index 0000000000..7d83f6adee
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/times/686-200.fre
@@ -0,0 +1,18 @@
+Pentium 100
+Free BSD 2.1.5 kernel
+gcc 2.7.2.2 -O3 -fomit-frame-pointer
+options des ecb/s
+assember 578000.00 133.1%
+16 r2 i 434454.80 100.0%
+16 r1 i 433621.43 99.8%
+16 r2 p 431375.69 99.3%
+ 4 r1 i 423722.30 97.5%
+ 4 r2 i 422399.40 97.2%
+16 r1 p 421739.40 97.1%
+16 c i 399027.94 91.8%
+16 c p 372251.70 85.7%
+ 4 c i 365118.35 84.0%
+ 4 c p 352880.51 81.2%
+ 4 r2 p 255104.90 58.7%
+ 4 r1 p 251289.18 57.8%
+-DDES_UNROLL -DDES_RISC2
diff --git a/src/lib/libssl/src/crypto/des/times/aix.cc b/src/lib/libssl/src/crypto/des/times/aix.cc
new file mode 100644
index 0000000000..d96b74e2ce
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/times/aix.cc
@@ -0,0 +1,26 @@
+From: Paco Garcia <pgarcia@cam.es>
+
+This machine is a Bull Estrella Minitower Model MT604-100
+Processor : PPC604
+P.Speed : 100Mhz
+Data/Instr Cache : 16 K
+L2 Cache : 256 K
+PCI BUS Speed : 33 Mhz
+TransfRate PCI : 132 MB/s
+Memory : 96 MB
+
+options des ecb/s
+ 4 c p 275118.61 100.0%
+ 4 c i 273545.07 99.4%
+ 4 r2 p 270441.02 98.3%
+ 4 r1 p 253052.15 92.0%
+ 4 r2 i 240842.97 87.5%
+ 4 r1 i 240556.66 87.4%
+16 c i 224603.99 81.6%
+16 c p 224483.98 81.6%
+16 r2 p 215691.19 78.4%
+16 r1 p 208332.83 75.7%
+16 r1 i 199206.50 72.4%
+16 r2 i 198963.70 72.3%
+-DDES_PTR
+
diff --git a/src/lib/libssl/src/crypto/des/times/alpha.cc b/src/lib/libssl/src/crypto/des/times/alpha.cc
new file mode 100644
index 0000000000..95c17efae7
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/times/alpha.cc
@@ -0,0 +1,18 @@
+cc -O2
+DES_LONG is 'unsigned int'
+
+options des ecb/s
+ 4 r2 p 181146.14 100.0%
+16 r2 p 172102.94 95.0%
+ 4 r2 i 165424.11 91.3%
+16 c p 160468.64 88.6%
+ 4 c p 156653.59 86.5%
+ 4 c i 155245.18 85.7%
+ 4 r1 p 154729.68 85.4%
+16 r2 i 154137.69 85.1%
+16 r1 p 152357.96 84.1%
+16 c i 148743.91 82.1%
+ 4 r1 i 146695.59 81.0%
+16 r1 i 144961.00 80.0%
+-DDES_RISC2 -DDES_PTR
+
diff --git a/src/lib/libssl/src/crypto/des/times/hpux.cc b/src/lib/libssl/src/crypto/des/times/hpux.cc
new file mode 100644
index 0000000000..3de856ddac
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/times/hpux.cc
@@ -0,0 +1,17 @@
+HPUX 10 - 9000/887 - cc -D_HPUX_SOURCE -Aa +ESlit +O2 -Wl,-a,archive
+
+options des ecb/s
+16 c i 149448.90 100.0%
+ 4 c i 145861.79 97.6%
+16 r2 i 141710.96 94.8%
+16 r1 i 139455.33 93.3%
+ 4 r2 i 138800.00 92.9%
+ 4 r1 i 136692.65 91.5%
+16 r2 p 110228.17 73.8%
+16 r1 p 109397.07 73.2%
+16 c p 109209.89 73.1%
+ 4 c p 108014.71 72.3%
+ 4 r2 p 107873.88 72.2%
+ 4 r1 p 107685.83 72.1%
+-DDES_UNROLL
+
diff --git a/src/lib/libssl/src/crypto/des/times/sparc.gcc b/src/lib/libssl/src/crypto/des/times/sparc.gcc
new file mode 100644
index 0000000000..8eaa042104
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/times/sparc.gcc
@@ -0,0 +1,17 @@
+solaris 2.5.1 - sparc 10 50mhz - gcc 2.7.2
+
+options des ecb/s
+16 c i 124382.70 100.0%
+ 4 c i 118884.68 95.6%
+16 c p 112261.20 90.3%
+16 r2 i 111777.10 89.9%
+16 r2 p 108896.30 87.5%
+16 r1 p 108791.59 87.5%
+ 4 c p 107290.10 86.3%
+ 4 r1 p 104583.80 84.1%
+16 r1 i 104206.20 83.8%
+ 4 r2 p 103709.80 83.4%
+ 4 r2 i 98306.43 79.0%
+ 4 r1 i 91525.80 73.6%
+-DDES_UNROLL
+
diff --git a/src/lib/libssl/src/crypto/des/times/usparc.cc b/src/lib/libssl/src/crypto/des/times/usparc.cc
new file mode 100644
index 0000000000..f6ec8e8831
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/times/usparc.cc
@@ -0,0 +1,31 @@
+solaris 2.5.1 usparc 167mhz?? - SC4.0 cc -fast -Xa -xO5
+
+For the ultra sparc, SunC 4.0 cc -fast -Xa -xO5, running 'des_opts'
+gives a speed of 475,000 des/s while 'speed' gives 417,000 des/s.
+I belive the difference is tied up in optimisation that the compiler
+is able to perform when the code is 'inlined'. For 'speed', the DES
+routines are being linked from a library. I'll record the higher
+speed since if performance is everything, you can always inline
+'des_enc.c'.
+
+[ 16-Jan-06 - I've been playing with the
+ '-xtarget=ultra -xarch=v8plus -Xa -xO5 -Xa'
+ and while it makes the des_opts numbers much slower, it makes the
+ actual 'speed' numbers look better which is a realistic version of
+ using the libraries. ]
+
+options des ecb/s
+16 r1 p 475516.90 100.0%
+16 r2 p 439388.10 92.4%
+16 c i 427001.40 89.8%
+16 c p 419516.50 88.2%
+ 4 r2 p 409491.70 86.1%
+ 4 r1 p 404266.90 85.0%
+ 4 c p 398121.00 83.7%
+ 4 c i 370588.40 77.9%
+ 4 r1 i 362742.20 76.3%
+16 r2 i 331275.50 69.7%
+16 r1 i 324730.60 68.3%
+ 4 r2 i 63535.10 13.4% <-- very very weird, must be cache problems.
+-DDES_UNROLL -DDES_RISC1 -DDES_PTR
+
diff --git a/src/lib/libssl/src/crypto/des/typemap b/src/lib/libssl/src/crypto/des/typemap
new file mode 100644
index 0000000000..a524f53634
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/typemap
@@ -0,0 +1,34 @@
+#
+# DES SECTION
+#
+deschar * T_DESCHARP
+des_cblock * T_CBLOCK
+des_cblock T_CBLOCK
+des_key_schedule T_SCHEDULE
+des_key_schedule * T_SCHEDULE
+
+INPUT
+T_CBLOCK
+ $var=(des_cblock *)SvPV($arg,len);
+ if (len < DES_KEY_SZ)
+ {
+ croak(\"$var needs to be at least %u bytes long\",DES_KEY_SZ);
+ }
+
+T_SCHEDULE
+ $var=(des_key_schedule *)SvPV($arg,len);
+ if (len < DES_SCHEDULE_SZ)
+ {
+ croak(\"$var needs to be at least %u bytes long\",
+ DES_SCHEDULE_SZ);
+ }
+
+OUTPUT
+T_CBLOCK
+ sv_setpvn($arg,(char *)$var,DES_KEY_SZ);
+
+T_SCHEDULE
+ sv_setpvn($arg,(char *)$var,DES_SCHEDULE_SZ);
+
+T_DESCHARP
+ sv_setpvn($arg,(char *)$var,len);
diff --git a/src/lib/libssl/src/crypto/des/xcbc_enc.c b/src/lib/libssl/src/crypto/des/xcbc_enc.c
new file mode 100644
index 0000000000..031589bf50
--- /dev/null
+++ b/src/lib/libssl/src/crypto/des/xcbc_enc.c
@@ -0,0 +1,206 @@
+/* crypto/des/xcbc_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+/* RSA's DESX */
+
+static unsigned char desx_white_in2out[256]={
+0xBD,0x56,0xEA,0xF2,0xA2,0xF1,0xAC,0x2A,0xB0,0x93,0xD1,0x9C,0x1B,0x33,0xFD,0xD0,
+0x30,0x04,0xB6,0xDC,0x7D,0xDF,0x32,0x4B,0xF7,0xCB,0x45,0x9B,0x31,0xBB,0x21,0x5A,
+0x41,0x9F,0xE1,0xD9,0x4A,0x4D,0x9E,0xDA,0xA0,0x68,0x2C,0xC3,0x27,0x5F,0x80,0x36,
+0x3E,0xEE,0xFB,0x95,0x1A,0xFE,0xCE,0xA8,0x34,0xA9,0x13,0xF0,0xA6,0x3F,0xD8,0x0C,
+0x78,0x24,0xAF,0x23,0x52,0xC1,0x67,0x17,0xF5,0x66,0x90,0xE7,0xE8,0x07,0xB8,0x60,
+0x48,0xE6,0x1E,0x53,0xF3,0x92,0xA4,0x72,0x8C,0x08,0x15,0x6E,0x86,0x00,0x84,0xFA,
+0xF4,0x7F,0x8A,0x42,0x19,0xF6,0xDB,0xCD,0x14,0x8D,0x50,0x12,0xBA,0x3C,0x06,0x4E,
+0xEC,0xB3,0x35,0x11,0xA1,0x88,0x8E,0x2B,0x94,0x99,0xB7,0x71,0x74,0xD3,0xE4,0xBF,
+0x3A,0xDE,0x96,0x0E,0xBC,0x0A,0xED,0x77,0xFC,0x37,0x6B,0x03,0x79,0x89,0x62,0xC6,
+0xD7,0xC0,0xD2,0x7C,0x6A,0x8B,0x22,0xA3,0x5B,0x05,0x5D,0x02,0x75,0xD5,0x61,0xE3,
+0x18,0x8F,0x55,0x51,0xAD,0x1F,0x0B,0x5E,0x85,0xE5,0xC2,0x57,0x63,0xCA,0x3D,0x6C,
+0xB4,0xC5,0xCC,0x70,0xB2,0x91,0x59,0x0D,0x47,0x20,0xC8,0x4F,0x58,0xE0,0x01,0xE2,
+0x16,0x38,0xC4,0x6F,0x3B,0x0F,0x65,0x46,0xBE,0x7E,0x2D,0x7B,0x82,0xF9,0x40,0xB5,
+0x1D,0x73,0xF8,0xEB,0x26,0xC7,0x87,0x97,0x25,0x54,0xB1,0x28,0xAA,0x98,0x9D,0xA5,
+0x64,0x6D,0x7A,0xD4,0x10,0x81,0x44,0xEF,0x49,0xD6,0xAE,0x2E,0xDD,0x76,0x5C,0x2F,
+0xA7,0x1C,0xC9,0x09,0x69,0x9A,0x83,0xCF,0x29,0x39,0xB9,0xE9,0x4C,0xFF,0x43,0xAB,
+ };
+
+void des_xwhite_in2out(des_key,in_white,out_white)
+des_cblock (*des_key);
+des_cblock (*in_white);
+des_cblock (*out_white);
+ {
+ unsigned char *key,*in,*out;
+ int out0,out1;
+ int i;
+
+ key=(unsigned char *)des_key;
+ in=(unsigned char *)in_white;
+ out=(unsigned char *)out_white;
+
+ out[0]=out[1]=out[2]=out[3]=out[4]=out[5]=out[6]=out[7]=0;
+ out0=out1=0;
+ for (i=0; i<8; i++)
+ {
+ out[i]=key[i]^desx_white_in2out[out0^out1];
+ out0=out1;
+ out1=(int)out[i&0x07];
+ }
+
+ out0=out[0];
+ out1=out[i];
+ for (i=0; i<8; i++)
+ {
+ out[i]=in[i]^desx_white_in2out[out0^out1];
+ out0=out1;
+ out1=(int)out[i&0x07];
+ }
+ }
+
+void des_xcbc_encrypt(input, output, length, schedule, ivec, inw,outw,enc)
+des_cblock (*input);
+des_cblock (*output);
+long length;
+des_key_schedule schedule;
+des_cblock (*ivec);
+des_cblock (*inw);
+des_cblock (*outw);
+int enc;
+ {
+ register DES_LONG tin0,tin1;
+ register DES_LONG tout0,tout1,xor0,xor1;
+ register DES_LONG inW0,inW1,outW0,outW1;
+ register unsigned char *in,*out;
+ register long l=length;
+ DES_LONG tin[2];
+ unsigned char *iv;
+
+ in=(unsigned char *)inw;
+ c2l(in,inW0);
+ c2l(in,inW1);
+ in=(unsigned char *)outw;
+ c2l(in,outW0);
+ c2l(in,outW1);
+
+ in=(unsigned char *)input;
+ out=(unsigned char *)output;
+ iv=(unsigned char *)ivec;
+
+ if (enc)
+ {
+ c2l(iv,tout0);
+ c2l(iv,tout1);
+ for (l-=8; l>=0; l-=8)
+ {
+ c2l(in,tin0);
+ c2l(in,tin1);
+ tin0^=tout0^inW0; tin[0]=tin0;
+ tin1^=tout1^inW1; tin[1]=tin1;
+ des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
+ tout0=tin[0]^outW0; l2c(tout0,out);
+ tout1=tin[1]^outW1; l2c(tout1,out);
+ }
+ if (l != -8)
+ {
+ c2ln(in,tin0,tin1,l+8);
+ tin0^=tout0^inW0; tin[0]=tin0;
+ tin1^=tout1^inW1; tin[1]=tin1;
+ des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
+ tout0=tin[0]^outW0; l2c(tout0,out);
+ tout1=tin[1]^outW1; l2c(tout1,out);
+ }
+ iv=(unsigned char *)ivec;
+ l2c(tout0,iv);
+ l2c(tout1,iv);
+ }
+ else
+ {
+ c2l(iv,xor0);
+ c2l(iv,xor1);
+ for (l-=8; l>0; l-=8)
+ {
+ c2l(in,tin0); tin[0]=tin0^outW0;
+ c2l(in,tin1); tin[1]=tin1^outW1;
+ des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT);
+ tout0=tin[0]^xor0^inW0;
+ tout1=tin[1]^xor1^inW1;
+ l2c(tout0,out);
+ l2c(tout1,out);
+ xor0=tin0;
+ xor1=tin1;
+ }
+ if (l != -8)
+ {
+ c2l(in,tin0); tin[0]=tin0^outW0;
+ c2l(in,tin1); tin[1]=tin1^outW1;
+ des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT);
+ tout0=tin[0]^xor0^inW0;
+ tout1=tin[1]^xor1^inW1;
+ l2cn(tout0,tout1,out,l+8);
+ xor0=tin0;
+ xor1=tin1;
+ }
+
+ iv=(unsigned char *)ivec;
+ l2c(xor0,iv);
+ l2c(xor1,iv);
+ }
+ tin0=tin1=tout0=tout1=xor0=xor1=0;
+ inW0=inW1=outW0=outW1=0;
+ tin[0]=tin[1]=0;
+ }
+
diff --git a/src/lib/libssl/src/crypto/dh/dh.h b/src/lib/libssl/src/crypto/dh/dh.h
new file mode 100644
index 0000000000..4cc1df2650
--- /dev/null
+++ b/src/lib/libssl/src/crypto/dh/dh.h
@@ -0,0 +1,162 @@
+/* crypto/dh/dh.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_DH_H
+#define HEADER_DH_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#ifndef HEADER_BN_H
+#define BIGNUM char
+#endif
+
+typedef struct dh_st
+ {
+ /* This first argument is used to pick up errors when
+ * a DH is passed instead of a EVP_PKEY */
+ int pad;
+ int version;
+ BIGNUM *p;
+ BIGNUM *g;
+ int length; /* optional */
+ BIGNUM *pub_key; /* y */
+ BIGNUM *priv_key; /* x */
+ } DH;
+
+#define DH_GENERATOR_2 2
+/* #define DH_GENERATOR_3 3 */
+#define DH_GENERATOR_5 5
+
+/* DH_check error codes */
+#define DH_CHECK_P_NOT_PRIME 0x01
+#define DH_CHECK_P_NOT_STRONG_PRIME 0x02
+#define DH_UNABLE_TO_CHECK_GENERATOR 0x04
+#define DH_NOT_SUITABLE_GENERATOR 0x08
+
+#define DHparams_dup(x) (DH *)ASN1_dup((int (*)())i2d_DHparams, \
+ (char *(*)())d2i_DHparams,(char *)(x))
+#define d2i_DHparams_fp(fp,x) (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
+ (char *(*)())d2i_DHparams,(fp),(unsigned char **)(x))
+#define i2d_DHparams_fp(fp,x) ASN1_i2d_fp(i2d_DHparams,(fp), \
+ (unsigned char *)(x))
+#define d2i_DHparams_bio(bp,x) (DH *)ASN1_d2i_bio((char *(*)())DH_new, \
+ (char *(*)())d2i_DHparams,(bp),(unsigned char **)(x))
+#define i2d_DHparams_bio(bp,x) ASN1_i2d_bio(i2d_DHparams,(bp), \
+ (unsigned char *)(x))
+
+#ifndef NOPROTO
+DH * DH_new(void);
+void DH_free(DH *dh);
+int DH_size(DH *dh);
+DH * DH_generate_parameters(int prime_len,int generator,
+ void (*callback)(int,int,char *),char *cb_arg);
+int DH_check(DH *dh,int *codes);
+int DH_generate_key(DH *dh);
+int DH_compute_key(unsigned char *key,BIGNUM *pub_key,DH *dh);
+DH * d2i_DHparams(DH **a,unsigned char **pp, long length);
+int i2d_DHparams(DH *a,unsigned char **pp);
+#ifndef NO_FP_API
+int DHparams_print_fp(FILE *fp, DH *x);
+#endif
+#ifdef HEADER_BIO_H
+int DHparams_print(BIO *bp, DH *x);
+#else
+int DHparams_print(char *bp, DH *x);
+#endif
+void ERR_load_DH_strings(void );
+
+#else
+
+DH * DH_new();
+void DH_free();
+int DH_size();
+DH * DH_generate_parameters();
+int DH_check();
+int DH_generate_key();
+int DH_compute_key();
+DH * d2i_DHparams();
+int i2d_DHparams();
+#ifndef NO_FP_API
+int DHparams_print_fp();
+#endif
+int DHparams_print();
+void ERR_load_DH_strings();
+
+#endif
+
+/* BEGIN ERROR CODES */
+/* Error codes for the DH functions. */
+
+/* Function codes. */
+#define DH_F_DHPARAMS_PRINT 100
+#define DH_F_DHPARAMS_PRINT_FP 101
+#define DH_F_DH_COMPUTE_KEY 102
+#define DH_F_DH_GENERATE_KEY 103
+#define DH_F_DH_GENERATE_PARAMETERS 104
+#define DH_F_DH_NEW 105
+
+/* Reason codes. */
+#define DH_R_NO_PRIVATE_VALUE 100
+
+#ifdef __cplusplus
+}
+#endif
+#endif
+
diff --git a/src/lib/libssl/src/crypto/dh/dh1024.pem b/src/lib/libssl/src/crypto/dh/dh1024.pem
new file mode 100644
index 0000000000..81d43f6a3e
--- /dev/null
+++ b/src/lib/libssl/src/crypto/dh/dh1024.pem
@@ -0,0 +1,5 @@
+-----BEGIN DH PARAMETERS-----
+MIGHAoGBAJf2QmHKtQXdKCjhPx1ottPb0PMTBH9A6FbaWMsTuKG/K3g6TG1Z1fkq
+/Gz/PWk/eLI9TzFgqVAuPvr3q14a1aZeVUMTgo2oO5/y2UHe6VaJ+trqCTat3xlx
+/mNbIK9HA2RgPC3gWfVLZQrY+gz3ASHHR5nXWHEyvpuZm7m3h+irAgEC
+-----END DH PARAMETERS-----
diff --git a/src/lib/libssl/src/crypto/dh/dh192.pem b/src/lib/libssl/src/crypto/dh/dh192.pem
new file mode 100644
index 0000000000..521c07271d
--- /dev/null
+++ b/src/lib/libssl/src/crypto/dh/dh192.pem
@@ -0,0 +1,3 @@
+-----BEGIN DH PARAMETERS-----
+MB4CGQDUoLoCULb9LsYm5+/WN992xxbiLQlEuIsCAQM=
+-----END DH PARAMETERS-----
diff --git a/src/lib/libssl/src/crypto/dh/dh2048.pem b/src/lib/libssl/src/crypto/dh/dh2048.pem
new file mode 100644
index 0000000000..295460f508
--- /dev/null
+++ b/src/lib/libssl/src/crypto/dh/dh2048.pem
@@ -0,0 +1,16 @@
+-----BEGIN DH PARAMETERS-----
+MIIBCAKCAQEA7ZKJNYJFVcs7+6J2WmkEYb8h86tT0s0h2v94GRFS8Q7B4lW9aG9o
+AFO5Imov5Jo0H2XMWTKKvbHbSe3fpxJmw/0hBHAY8H/W91hRGXKCeyKpNBgdL8sh
+z22SrkO2qCnHJ6PLAMXy5fsKpFmFor2tRfCzrfnggTXu2YOzzK7q62bmqVdmufEo
+pT8igNcLpvZxk5uBDvhakObMym9mX3rAEBoe8PwttggMYiiw7NuJKO4MqD1llGkW
+aVM8U2ATsCun1IKHrRxynkE1/MJ86VHeYYX8GZt2YA8z+GuzylIOKcMH6JAWzMwA
+Gbatw6QwizOhr9iMjZ0B26TE3X8LvW84wwIBAg==
+-----END DH PARAMETERS-----
+-----BEGIN DH PARAMETERS-----
+MIIBCAKCAQEArtA3w73zP6Lu3EOQtwogiXt3AXXpuS6yD4BhzNS1pZFyPHk0/an5
+8ydEkPhQZHKDW+BZJxxPLANaTudWo2YT8TgtvUdN6KSgMiEi6McwqDw+SADuvW+F
+SKUYFxG6VFIxyEP6xBdf+vhJxEDbRG2EYsHDRRtJ76gp9cSKTHusf2R+4AAVGqnt
+gRAbNqtcOar/7FSj+Pl8G3v0Bty0LcCSpbqgYlnv6z+rErQmmC6PPvSz97TDMCok
+yKpCE9hFA1zkqK3TH4FmFvGeIaXJUIBZf4mArWuBTjWFW3nmhESRUn1VK3K3x42N
+a5k6c2+EhrMFiLjxuH6JZoqL0/E93FF9SwIBAg==
+-----END DH PARAMETERS-----
diff --git a/src/lib/libssl/src/crypto/dh/dh4096.pem b/src/lib/libssl/src/crypto/dh/dh4096.pem
new file mode 100644
index 0000000000..390943a21d
--- /dev/null
+++ b/src/lib/libssl/src/crypto/dh/dh4096.pem
@@ -0,0 +1,14 @@
+-----BEGIN DH PARAMETERS-----
+MIICCAKCAgEA/urRnb6vkPYc/KEGXWnbCIOaKitq7ySIq9dTH7s+Ri59zs77zty7
+vfVlSe6VFTBWgYjD2XKUFmtqq6CqXMhVX5ElUDoYDpAyTH85xqNFLzFC7nKrff/H
+TFKNttp22cZE9V0IPpzedPfnQkE7aUdmF9JnDyv21Z/818O93u1B4r0szdnmEvEF
+bKuIxEHX+bp0ZR7RqE1AeifXGJX3d6tsd2PMAObxwwsv55RGkn50vHO4QxtTARr1
+rRUV5j3B3oPMgC7Offxx+98Xn45B1/G0Prp11anDsR1PGwtaCYipqsvMwQUSJtyE
+EOQWk+yFkeMe4vWv367eEi0Sd/wnC+TSXBE3pYvpYerJ8n1MceI5GQTdarJ77OW9
+bGTHmxRsLSCM1jpLdPja5jjb4siAa6EHc4qN9c/iFKS3PQPJEnX7pXKBRs5f7AF3
+W3RIGt+G9IVNZfXaS7Z/iCpgzgvKCs0VeqN38QsJGtC1aIkwOeyjPNy2G6jJ4yqH
+ovXYt/0mc00vCWeSNS1wren0pR2EiLxX0ypjjgsU1mk/Z3b/+zVf7fZSIB+nDLjb
+NPtUlJCVGnAeBK1J1nG3TQicqowOXoM6ISkdaXj5GPJdXHab2+S7cqhKGv5qC7rR
+jT6sx7RUr0CNTxzLI7muV2/a4tGmj0PSdXQdsZ7tw7gbXlaWT1+MM2MCAQI=
+-----END DH PARAMETERS-----
+
diff --git a/src/lib/libssl/src/crypto/dh/dh512.pem b/src/lib/libssl/src/crypto/dh/dh512.pem
new file mode 100644
index 0000000000..0a4d863ebe
--- /dev/null
+++ b/src/lib/libssl/src/crypto/dh/dh512.pem
@@ -0,0 +1,4 @@
+-----BEGIN DH PARAMETERS-----
+MEYCQQDaWDwW2YUiidDkr3VvTMqS3UvlM7gE+w/tlO+cikQD7VdGUNNpmdsp13Yn
+a6LT1BLiGPTdHghM9tgAPnxHdOgzAgEC
+-----END DH PARAMETERS-----
diff --git a/src/lib/libssl/src/crypto/dh/dh_check.c b/src/lib/libssl/src/crypto/dh/dh_check.c
new file mode 100644
index 0000000000..65602e494f
--- /dev/null
+++ b/src/lib/libssl/src/crypto/dh/dh_check.c
@@ -0,0 +1,120 @@
+/* crypto/dh/dh_check.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "dh.h"
+
+/* Check that p is a strong prime and
+ * if g is 2, 3 or 5, check that is is a suitable generator
+ * where
+ * for 2, p mod 24 == 11
+ * for 3, p mod 12 == 5
+ * for 5, p mod 10 == 3 or 7
+ * should hold.
+ */
+
+int DH_check(dh,ret)
+DH *dh;
+int *ret;
+ {
+ int ok=0;
+ BN_CTX *ctx=NULL;
+ BN_ULONG l;
+ BIGNUM *q=NULL;
+
+ *ret=0;
+ ctx=BN_CTX_new();
+ if (ctx == NULL) goto err;
+ q=BN_new();
+ if (q == NULL) goto err;
+
+ if (BN_is_word(dh->g,DH_GENERATOR_2))
+ {
+ l=BN_mod_word(dh->p,24);
+ if (l != 11) *ret|=DH_NOT_SUITABLE_GENERATOR;
+ }
+/* else if (BN_is_word(dh->g,DH_GENERATOR_3))
+ {
+ l=BN_mod_word(dh->p,12);
+ if (l != 5) *ret|=DH_NOT_SUITABLE_GENERATOR;
+ }*/
+ else if (BN_is_word(dh->g,DH_GENERATOR_5))
+ {
+ l=BN_mod_word(dh->p,10);
+ if ((l != 3) && (l != 7))
+ *ret|=DH_NOT_SUITABLE_GENERATOR;
+ }
+ else
+ *ret|=DH_UNABLE_TO_CHECK_GENERATOR;
+
+ if (!BN_is_prime(dh->p,BN_prime_checks,NULL,ctx,NULL))
+ *ret|=DH_CHECK_P_NOT_PRIME;
+ else
+ {
+ if (!BN_rshift1(q,dh->p)) goto err;
+ if (!BN_is_prime(q,BN_prime_checks,NULL,ctx,NULL))
+ *ret|=DH_CHECK_P_NOT_STRONG_PRIME;
+ }
+ ok=1;
+err:
+ if (ctx != NULL) BN_CTX_free(ctx);
+ if (q != NULL) BN_free(q);
+ return(ok);
+ }
diff --git a/src/lib/libssl/src/crypto/dh/dh_err.c b/src/lib/libssl/src/crypto/dh/dh_err.c
new file mode 100644
index 0000000000..9d5c06ac24
--- /dev/null
+++ b/src/lib/libssl/src/crypto/dh/dh_err.c
@@ -0,0 +1,96 @@
+/* lib/dh/dh_err.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include "err.h"
+#include "dh.h"
+
+/* BEGIN ERROR CODES */
+#ifndef NO_ERR
+static ERR_STRING_DATA DH_str_functs[]=
+ {
+{ERR_PACK(0,DH_F_DHPARAMS_PRINT,0), "DHparams_print"},
+{ERR_PACK(0,DH_F_DHPARAMS_PRINT_FP,0), "DHparams_print_fp"},
+{ERR_PACK(0,DH_F_DH_COMPUTE_KEY,0), "DH_compute_key"},
+{ERR_PACK(0,DH_F_DH_GENERATE_KEY,0), "DH_generate_key"},
+{ERR_PACK(0,DH_F_DH_GENERATE_PARAMETERS,0), "DH_generate_parameters"},
+{ERR_PACK(0,DH_F_DH_NEW,0), "DH_new"},
+{0,NULL},
+ };
+
+static ERR_STRING_DATA DH_str_reasons[]=
+ {
+{DH_R_NO_PRIVATE_VALUE ,"no private value"},
+{0,NULL},
+ };
+
+#endif
+
+void ERR_load_DH_strings()
+ {
+ static int init=1;
+
+ if (init);
+ {;
+ init=0;
+#ifndef NO_ERR
+ ERR_load_strings(ERR_LIB_DH,DH_str_functs);
+ ERR_load_strings(ERR_LIB_DH,DH_str_reasons);
+#endif
+
+ }
+ }
diff --git a/src/lib/libssl/src/crypto/dh/dh_gen.c b/src/lib/libssl/src/crypto/dh/dh_gen.c
new file mode 100644
index 0000000000..04c7046a7b
--- /dev/null
+++ b/src/lib/libssl/src/crypto/dh/dh_gen.c
@@ -0,0 +1,150 @@
+/* crypto/dh/dh_gen.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "dh.h"
+
+/* We generate DH parameters as follows
+ * find a prime q which is prime_len/2 bits long.
+ * p=(2*q)+1 or (p-1)/2 = q
+ * For this case, g is a generator if
+ * g^((p-1)/q) mod p != 1 for values of q which are the factors of p-1.
+ * Since the factors of p-1 are q and 2, we just need to check
+ * g^2 mod p != 1 and g^q mod p != 1.
+ *
+ * Having said all that,
+ * there is another special case method for the generators 2, 3 and 5.
+ * for 2, p mod 24 == 11
+ * for 3, p mod 12 == 5 <<<<< does not work for strong primes.
+ * for 5, p mod 10 == 3 or 7
+ *
+ * Thanks to Phil Karn <karn@qualcomm.com> for the pointers about the
+ * special generators and for answering some of my questions.
+ *
+ * I've implemented the second simple method :-).
+ * Since DH should be using a strong prime (both p and q are prime),
+ * this generator function can take a very very long time to run.
+ */
+
+DH *DH_generate_parameters(prime_len,generator,callback,cb_arg)
+int prime_len;
+int generator;
+void (*callback)(P_I_I_P);
+char *cb_arg;
+ {
+ BIGNUM *p=NULL,*t1,*t2;
+ DH *ret=NULL;
+ int g,ok= -1;
+ BN_CTX *ctx=NULL;
+
+ ret=DH_new();
+ ctx=BN_CTX_new();
+ if (ctx == NULL) goto err;
+ t1=ctx->bn[0];
+ t2=ctx->bn[1];
+ ctx->tos=2;
+
+ if (generator == DH_GENERATOR_2)
+ {
+ BN_set_word(t1,24);
+ BN_set_word(t2,11);
+ g=2;
+ }
+#ifdef undef /* does not work for strong primes */
+ else if (generator == DH_GENERATOR_3)
+ {
+ BN_set_word(t1,12);
+ BN_set_word(t2,5);
+ g=3;
+ }
+#endif
+ else if (generator == DH_GENERATOR_5)
+ {
+ BN_set_word(t1,10);
+ BN_set_word(t2,3);
+ /* BN_set_word(t3,7); just have to miss
+ * out on these ones :-( */
+ g=5;
+ }
+ else
+ g=generator;
+
+ p=BN_generate_prime(prime_len,1,t1,t2,callback,cb_arg);
+ if (p == NULL) goto err;
+ if (callback != NULL) callback(3,0,cb_arg);
+ ret->p=p;
+ ret->g=BN_new();
+ if (!BN_set_word(ret->g,g)) goto err;
+ ok=1;
+err:
+ if (ok == -1)
+ {
+ DHerr(DH_F_DH_GENERATE_PARAMETERS,ERR_R_BN_LIB);
+ ok=0;
+ }
+
+ if (ctx != NULL) BN_CTX_free(ctx);
+ if (!ok && (ret != NULL))
+ {
+ DH_free(ret);
+ ret=NULL;
+ }
+ return(ret);
+ }
diff --git a/src/lib/libssl/src/crypto/dh/dh_key.c b/src/lib/libssl/src/crypto/dh/dh_key.c
new file mode 100644
index 0000000000..7576772bcd
--- /dev/null
+++ b/src/lib/libssl/src/crypto/dh/dh_key.c
@@ -0,0 +1,142 @@
+/* crypto/dh/dh_key.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "rand.h"
+#include "dh.h"
+
+int DH_generate_key(dh)
+DH *dh;
+ {
+ int ok=0;
+ unsigned int i;
+ BN_CTX *ctx=NULL;
+ BIGNUM *pub_key=NULL,*priv_key=NULL;
+
+ ctx=BN_CTX_new();
+ if (ctx == NULL) goto err;
+
+ if (dh->priv_key == NULL)
+ {
+ i=dh->length;
+ if (i == 0)
+ {
+ /* Make the number p-1 bits long */
+ i=BN_num_bits(dh->p)-1;
+ }
+ priv_key=BN_new();
+ if (priv_key == NULL) goto err;
+ if (!BN_rand(priv_key,i,0,0)) goto err;
+ }
+ else
+ priv_key=dh->priv_key;
+
+ if (dh->pub_key == NULL)
+ {
+ pub_key=BN_new();
+ if (pub_key == NULL) goto err;
+ }
+ else
+ pub_key=dh->pub_key;
+
+ if (!BN_mod_exp(pub_key,dh->g,priv_key,dh->p,ctx)) goto err;
+
+ dh->pub_key=pub_key;
+ dh->priv_key=priv_key;
+ ok=1;
+err:
+ if (ok != 1)
+ DHerr(DH_F_DH_GENERATE_KEY,ERR_R_BN_LIB);
+
+ if ((pub_key != NULL) && (dh->pub_key == NULL)) BN_free(pub_key);
+ if ((priv_key != NULL) && (dh->priv_key == NULL)) BN_free(priv_key);
+ if (ctx != NULL) BN_CTX_free(ctx);
+ return(ok);
+ }
+
+int DH_compute_key(key,pub_key,dh)
+unsigned char *key;
+BIGNUM *pub_key;
+DH *dh;
+ {
+ BN_CTX *ctx;
+ BIGNUM *tmp;
+ int ret= -1;
+
+ ctx=BN_CTX_new();
+ if (ctx == NULL) goto err;
+ tmp=ctx->bn[ctx->tos++];
+
+ if (dh->priv_key == NULL)
+ {
+ DHerr(DH_F_DH_COMPUTE_KEY,DH_R_NO_PRIVATE_VALUE);
+ goto err;
+ }
+ if (!BN_mod_exp(tmp,pub_key,dh->priv_key,dh->p,ctx))
+ {
+ DHerr(DH_F_DH_COMPUTE_KEY,ERR_R_BN_LIB);
+ goto err;
+ }
+
+ ret=BN_bn2bin(tmp,key);
+err:
+ if (ctx != NULL) BN_CTX_free(ctx);
+ return(ret);
+ }
diff --git a/src/lib/libssl/src/crypto/dh/dh_lib.c b/src/lib/libssl/src/crypto/dh/dh_lib.c
new file mode 100644
index 0000000000..a300b38396
--- /dev/null
+++ b/src/lib/libssl/src/crypto/dh/dh_lib.c
@@ -0,0 +1,100 @@
+/* crypto/dh/dh_lib.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "dh.h"
+
+char *DH_version="Diffie-Hellman part of SSLeay 0.9.0b 29-Jun-1998";
+
+DH *DH_new()
+ {
+ DH *ret;
+
+ ret=(DH *)Malloc(sizeof(DH));
+ if (ret == NULL)
+ {
+ DHerr(DH_F_DH_NEW,ERR_R_MALLOC_FAILURE);
+ return(NULL);
+ }
+ ret->pad=0;
+ ret->version=0;
+ ret->p=NULL;
+ ret->g=NULL;
+ ret->length=0;
+ ret->pub_key=NULL;
+ ret->priv_key=NULL;
+ return(ret);
+ }
+
+void DH_free(r)
+DH *r;
+ {
+ if (r->p != NULL) BN_clear_free(r->p);
+ if (r->g != NULL) BN_clear_free(r->g);
+ if (r->pub_key != NULL) BN_clear_free(r->pub_key);
+ if (r->priv_key != NULL) BN_clear_free(r->priv_key);
+ Free(r);
+ }
+
+int DH_size(dh)
+DH *dh;
+ {
+ return(BN_num_bytes(dh->p));
+ }
diff --git a/src/lib/libssl/src/crypto/dh/dhtest.c b/src/lib/libssl/src/crypto/dh/dhtest.c
new file mode 100644
index 0000000000..488f10fd41
--- /dev/null
+++ b/src/lib/libssl/src/crypto/dh/dhtest.c
@@ -0,0 +1,188 @@
+/* crypto/dh/dhtest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#ifdef WINDOWS
+#include "../bio/bss_file.c"
+#endif
+#include "crypto.h"
+#include "bio.h"
+#include "bn.h"
+#include "dh.h"
+
+#ifdef WIN16
+#define MS_CALLBACK _far _loadds
+#else
+#define MS_CALLBACK
+#endif
+
+#ifndef NOPROTO
+static void MS_CALLBACK cb(int p, int n, char *arg);
+#else
+static void MS_CALLBACK cb();
+#endif
+
+#ifdef NO_STDIO
+#define APPS_WIN16
+#include "bss_file.c"
+#endif
+
+BIO *out=NULL;
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ DH *a,*b;
+ char buf[12];
+ unsigned char *abuf=NULL,*bbuf=NULL;
+ int i,alen,blen,aout,bout,ret=1;
+
+#ifdef WIN32
+ CRYPTO_malloc_init();
+#endif
+
+ out=BIO_new(BIO_s_file());
+ if (out == NULL) exit(1);
+ BIO_set_fp(out,stdout,BIO_NOCLOSE);
+
+ a=DH_generate_parameters(64,DH_GENERATOR_5,cb,(char *)out);
+ if (a == NULL) goto err;
+
+ BIO_puts(out,"\np =");
+ BN_print(out,a->p);
+ BIO_puts(out,"\ng =");
+ BN_print(out,a->g);
+ BIO_puts(out,"\n");
+
+ b=DH_new();
+ if (b == NULL) goto err;
+
+ b->p=BN_dup(a->p);
+ b->g=BN_dup(a->g);
+ if ((b->p == NULL) || (b->g == NULL)) goto err;
+
+ if (!DH_generate_key(a)) goto err;
+ BIO_puts(out,"pri 1=");
+ BN_print(out,a->priv_key);
+ BIO_puts(out,"\npub 1=");
+ BN_print(out,a->pub_key);
+ BIO_puts(out,"\n");
+
+ if (!DH_generate_key(b)) goto err;
+ BIO_puts(out,"pri 2=");
+ BN_print(out,b->priv_key);
+ BIO_puts(out,"\npub 2=");
+ BN_print(out,b->pub_key);
+ BIO_puts(out,"\n");
+
+ alen=DH_size(a);
+ abuf=(unsigned char *)Malloc(alen);
+ aout=DH_compute_key(abuf,b->pub_key,a);
+
+ BIO_puts(out,"key1 =");
+ for (i=0; i<aout; i++)
+ {
+ sprintf(buf,"%02X",abuf[i]);
+ BIO_puts(out,buf);
+ }
+ BIO_puts(out,"\n");
+
+ blen=DH_size(b);
+ bbuf=(unsigned char *)Malloc(blen);
+ bout=DH_compute_key(bbuf,a->pub_key,b);
+
+ BIO_puts(out,"key2 =");
+ for (i=0; i<bout; i++)
+ {
+ sprintf(buf,"%02X",bbuf[i]);
+ BIO_puts(out,buf);
+ }
+ BIO_puts(out,"\n");
+ if ((aout < 4) || (bout != aout) || (memcmp(abuf,bbuf,aout) != 0))
+ {
+ fprintf(stderr,"Error in DH routines\n");
+ ret=1;
+ }
+ else
+ ret=0;
+err:
+ if (abuf != NULL) Free(abuf);
+ if (bbuf != NULL) Free(bbuf);
+ exit(ret);
+ return(ret);
+ }
+
+static void MS_CALLBACK cb(p, n,arg)
+int p;
+int n;
+char *arg;
+ {
+ char c='*';
+
+ if (p == 0) c='.';
+ if (p == 1) c='+';
+ if (p == 2) c='*';
+ if (p == 3) c='\n';
+ BIO_write((BIO *)arg,&c,1);
+#ifdef LINT
+ p=n;
+#endif
+ }
diff --git a/src/lib/libssl/src/crypto/dh/example b/src/lib/libssl/src/crypto/dh/example
new file mode 100644
index 0000000000..16a33d2910
--- /dev/null
+++ b/src/lib/libssl/src/crypto/dh/example
@@ -0,0 +1,50 @@
+From owner-cypherpunks@toad.com Mon Sep 25 10:50:51 1995
+Received: from minbne.mincom.oz.au by orb.mincom.oz.au with SMTP id AA10562
+ (5.65c/IDA-1.4.4 for eay); Wed, 27 Sep 1995 19:41:55 +1000
+Received: by minbne.mincom.oz.au id AA19958
+ (5.65c/IDA-1.4.4 for eay@orb.mincom.oz.au); Wed, 27 Sep 1995 19:34:59 +1000
+Received: from relay3.UU.NET by bunyip.cc.uq.oz.au with SMTP (PP);
+ Wed, 27 Sep 1995 19:13:05 +1000
+Received: from toad.com by relay3.UU.NET with SMTP id QQzizb16156;
+ Wed, 27 Sep 1995 04:48:46 -0400
+Received: by toad.com id AA07905; Tue, 26 Sep 95 06:31:45 PDT
+Received: from by toad.com id AB07851; Tue, 26 Sep 95 06:31:40 PDT
+Received: from servo.qualcomm.com (servo.qualcomm.com [129.46.128.14])
+ by cygnus.com (8.6.12/8.6.9) with ESMTP id RAA18442
+ for <cypherpunks@toad.com>; Mon, 25 Sep 1995 17:52:47 -0700
+Received: (karn@localhost) by servo.qualcomm.com (8.6.12/QC-BSD-2.5.1)
+ id RAA14732; Mon, 25 Sep 1995 17:50:51 -0700
+Date: Mon, 25 Sep 1995 17:50:51 -0700
+From: Phil Karn <karn@qualcomm.com>
+Message-Id: <199509260050.RAA14732@servo.qualcomm.com>
+To: cypherpunks@toad.com, ipsec-dev@eit.com
+Subject: Primality verification needed
+Sender: owner-cypherpunks@toad.com
+Precedence: bulk
+Status: RO
+X-Status:
+
+Hi. I've generated a 2047-bit "strong" prime number that I would like to
+use with Diffie-Hellman key exchange. I assert that not only is this number
+'p' prime, but so is (p-1)/2.
+
+I've used the mpz_probab_prime() function in the Gnu Math Package (GMP) version
+1.3.2 to test this number. This function uses the Miller-Rabin primality test.
+However, to increase my confidence that this number really is a strong prime,
+I'd like to ask others to confirm it with other tests. Here's the number in hex:
+
+72a925f760b2f954ed287f1b0953f3e6aef92e456172f9fe86fdd8822241b9c9788fbc289982743e
+fbcd2ccf062b242d7a567ba8bbb40d79bca7b8e0b6c05f835a5b938d985816bc648985adcff5402a
+a76756b36c845a840a1d059ce02707e19cf47af0b5a882f32315c19d1b86a56c5389c5e9bee16b65
+fde7b1a8d74a7675de9b707d4c5a4633c0290c95ff30a605aeb7ae864ff48370f13cf01d49adb9f2
+3d19a439f753ee7703cf342d87f431105c843c78ca4df639931f3458fae8a94d1687e99a76ed99d0
+ba87189f42fd31ad8262c54a8cf5914ae6c28c540d714a5f6087a171fb74f4814c6f968d72386ef3
+56a05180c3bec7ddd5ef6fe76b1f717b
+
+The generator, g, for this prime is 2.
+
+Thanks!
+
+Phil Karn
+
+
diff --git a/src/lib/libssl/src/crypto/dh/generate b/src/lib/libssl/src/crypto/dh/generate
new file mode 100644
index 0000000000..5d407231df
--- /dev/null
+++ b/src/lib/libssl/src/crypto/dh/generate
@@ -0,0 +1,65 @@
+From: stewarts@ix.netcom.com (Bill Stewart)
+Newsgroups: sci.crypt
+Subject: Re: Diffie-Hellman key exchange
+Date: Wed, 11 Oct 1995 23:08:28 GMT
+Organization: Freelance Information Architect
+Lines: 32
+Message-ID: <45hir2$7l8@ixnews7.ix.netcom.com>
+References: <458rhn$76m$1@mhadf.production.compuserve.com>
+NNTP-Posting-Host: ix-pl4-16.ix.netcom.com
+X-NETCOM-Date: Wed Oct 11 4:09:22 PM PDT 1995
+X-Newsreader: Forte Free Agent 1.0.82
+
+Kent Briggs <72124.3234@CompuServe.COM> wrote:
+
+>I have a copy of the 1976 IEEE article describing the
+>Diffie-Hellman public key exchange algorithm: y=a^x mod q. I'm
+>looking for sources that give examples of secure a,q pairs and
+>possible some source code that I could examine.
+
+q should be prime, and ideally should be a "strong prime",
+which means it's of the form 2n+1 where n is also prime.
+q also needs to be long enough to prevent the attacks LaMacchia and
+Odlyzko described (some variant on a factoring attack which generates
+a large pile of simultaneous equations and then solves them);
+long enough is about the same size as factoring, so 512 bits may not
+be secure enough for most applications. (The 192 bits used by
+"secure NFS" was certainly not long enough.)
+
+a should be a generator for q, which means it needs to be
+relatively prime to q-1. Usually a small prime like 2, 3 or 5 will
+work.
+
+....
+
+Date: Tue, 26 Sep 1995 13:52:36 MST
+From: "Richard Schroeppel" <rcs@cs.arizona.edu>
+To: karn
+Cc: ho@cs.arizona.edu
+Subject: random large primes
+
+Since your prime is really random, proving it is hard.
+My personal limit on rigorously proved primes is ~350 digits.
+If you really want a proof, we should talk to Francois Morain,
+or the Australian group.
+
+If you want 2 to be a generator (mod P), then you need it
+to be a non-square. If (P-1)/2 is also prime, then
+non-square == primitive-root for bases << P.
+
+In the case at hand, this means 2 is a generator iff P = 11 (mod 24).
+If you want this, you should restrict your sieve accordingly.
+
+3 is a generator iff P = 5 (mod 12).
+
+5 is a generator iff P = 3 or 7 (mod 10).
+
+2 is perfectly usable as a base even if it's a non-generator, since
+it still covers half the space of possible residues. And an
+eavesdropper can always determine the low-bit of your exponent for
+a generator anyway.
+
+Rich rcs@cs.arizona.edu
+
+
+
diff --git a/src/lib/libssl/src/crypto/dh/p1024.c b/src/lib/libssl/src/crypto/dh/p1024.c
new file mode 100644
index 0000000000..0c50c24cfb
--- /dev/null
+++ b/src/lib/libssl/src/crypto/dh/p1024.c
@@ -0,0 +1,92 @@
+/* crypto/dh/p1024.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "bn.h"
+#include "asn1.h"
+#include "dh.h"
+#include "pem.h"
+
+unsigned char data[]={0x97,0xF6,0x42,0x61,0xCA,0xB5,0x05,0xDD,
+ 0x28,0x28,0xE1,0x3F,0x1D,0x68,0xB6,0xD3,
+ 0xDB,0xD0,0xF3,0x13,0x04,0x7F,0x40,0xE8,
+ 0x56,0xDA,0x58,0xCB,0x13,0xB8,0xA1,0xBF,
+ 0x2B,0x78,0x3A,0x4C,0x6D,0x59,0xD5,0xF9,
+ 0x2A,0xFC,0x6C,0xFF,0x3D,0x69,0x3F,0x78,
+ 0xB2,0x3D,0x4F,0x31,0x60,0xA9,0x50,0x2E,
+ 0x3E,0xFA,0xF7,0xAB,0x5E,0x1A,0xD5,0xA6,
+ 0x5E,0x55,0x43,0x13,0x82,0x8D,0xA8,0x3B,
+ 0x9F,0xF2,0xD9,0x41,0xDE,0xE9,0x56,0x89,
+ 0xFA,0xDA,0xEA,0x09,0x36,0xAD,0xDF,0x19,
+ 0x71,0xFE,0x63,0x5B,0x20,0xAF,0x47,0x03,
+ 0x64,0x60,0x3C,0x2D,0xE0,0x59,0xF5,0x4B,
+ 0x65,0x0A,0xD8,0xFA,0x0C,0xF7,0x01,0x21,
+ 0xC7,0x47,0x99,0xD7,0x58,0x71,0x32,0xBE,
+ 0x9B,0x99,0x9B,0xB9,0xB7,0x87,0xE8,0xAB,
+ };
+
+main()
+ {
+ DH *dh;
+
+ dh=DH_new();
+ dh->p=BN_bin2bn(data,sizeof(data),NULL);
+ dh->g=BN_new();
+ BN_set_word(dh->g,2);
+ PEM_write_DHparams(stdout,dh);
+ }
diff --git a/src/lib/libssl/src/crypto/dh/p192.c b/src/lib/libssl/src/crypto/dh/p192.c
new file mode 100644
index 0000000000..881908169a
--- /dev/null
+++ b/src/lib/libssl/src/crypto/dh/p192.c
@@ -0,0 +1,80 @@
+/* crypto/dh/p192.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "bn.h"
+#include "asn1.h"
+#include "dh.h"
+#include "pem.h"
+
+unsigned char data[]={
+0xD4,0xA0,0xBA,0x02,0x50,0xB6,0xFD,0x2E,
+0xC6,0x26,0xE7,0xEF,0xD6,0x37,0xDF,0x76,
+0xC7,0x16,0xE2,0x2D,0x09,0x44,0xB8,0x8B,
+ };
+
+main()
+ {
+ DH *dh;
+
+ dh=DH_new();
+ dh->p=BN_bin2bn(data,sizeof(data),NULL);
+ dh->g=BN_new();
+ BN_set_word(dh->g,3);
+ PEM_write_DHparams(stdout,dh);
+ }
diff --git a/src/lib/libssl/src/crypto/dh/p512.c b/src/lib/libssl/src/crypto/dh/p512.c
new file mode 100644
index 0000000000..cc84e8e50e
--- /dev/null
+++ b/src/lib/libssl/src/crypto/dh/p512.c
@@ -0,0 +1,85 @@
+/* crypto/dh/p512.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "bn.h"
+#include "asn1.h"
+#include "dh.h"
+#include "pem.h"
+
+unsigned char data[]={
+0xDA,0x58,0x3C,0x16,0xD9,0x85,0x22,0x89,
+0xD0,0xE4,0xAF,0x75,0x6F,0x4C,0xCA,0x92,
+0xDD,0x4B,0xE5,0x33,0xB8,0x04,0xFB,0x0F,
+0xED,0x94,0xEF,0x9C,0x8A,0x44,0x03,0xED,
+0x57,0x46,0x50,0xD3,0x69,0x99,0xDB,0x29,
+0xD7,0x76,0x27,0x6B,0xA2,0xD3,0xD4,0x12,
+0xE2,0x18,0xF4,0xDD,0x1E,0x08,0x4C,0xF6,
+0xD8,0x00,0x3E,0x7C,0x47,0x74,0xE8,0x33,
+ };
+
+main()
+ {
+ DH *dh;
+
+ dh=DH_new();
+ dh->p=BN_bin2bn(data,sizeof(data),NULL);
+ dh->g=BN_new();
+ BN_set_word(dh->g,2);
+ PEM_write_DHparams(stdout,dh);
+ }
diff --git a/src/lib/libssl/src/crypto/dsa/README b/src/lib/libssl/src/crypto/dsa/README
new file mode 100644
index 0000000000..6a7e9c170a
--- /dev/null
+++ b/src/lib/libssl/src/crypto/dsa/README
@@ -0,0 +1,4 @@
+The stuff in here is based on patches supplied to me by
+Steven Schoch <schoch@sheba.arc.nasa.gov> to do DSS.
+I have since modified a them a little but a debt of gratitude
+is due for doing the initial work.
diff --git a/src/lib/libssl/src/crypto/dsa/dsa.h b/src/lib/libssl/src/crypto/dsa/dsa.h
new file mode 100644
index 0000000000..1ca87c1cbe
--- /dev/null
+++ b/src/lib/libssl/src/crypto/dsa/dsa.h
@@ -0,0 +1,194 @@
+/* crypto/dsa/dsa.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/*
+ * The DSS routines are based on patches supplied by
+ * Steven Schoch <schoch@sheba.arc.nasa.gov>. He basically did the
+ * work and I have just tweaked them a little to fit into my
+ * stylistic vision for SSLeay :-) */
+
+#ifndef HEADER_DSA_H
+#define HEADER_DSA_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include "bn.h"
+
+typedef struct dsa_st
+ {
+ /* This first variable is used to pick up errors where
+ * a DSA is passed instead of of a EVP_PKEY */
+ int pad;
+ int version;
+ int write_params;
+ BIGNUM *p;
+ BIGNUM *q; /* == 20 */
+ BIGNUM *g;
+
+ BIGNUM *pub_key; /* y public key */
+ BIGNUM *priv_key; /* x private key */
+
+ BIGNUM *kinv; /* Signing pre-calc */
+ BIGNUM *r; /* Signing pre-calc */
+
+ int references;
+ } DSA;
+
+#define DSAparams_dup(x) (DSA *)ASN1_dup((int (*)())i2d_DSAparams, \
+ (char *(*)())d2i_DSAparams,(char *)(x))
+#define d2i_DSAparams_fp(fp,x) (DSA *)ASN1_d2i_fp((char *(*)())DSA_new, \
+ (char *(*)())d2i_DSAparams,(fp),(unsigned char **)(x))
+#define i2d_DSAparams_fp(fp,x) ASN1_i2d_fp(i2d_DSAparams,(fp), \
+ (unsigned char *)(x))
+#define d2i_DSAparams_bio(bp,x) (DSA *)ASN1_d2i_bio((char *(*)())DSA_new, \
+ (char *(*)())d2i_DSAparams,(bp),(unsigned char **)(x))
+#define i2d_DSAparams_bio(bp,x) ASN1_i2d_bio(i2d_DSAparams,(bp), \
+ (unsigned char *)(x))
+
+#ifndef NOPROTO
+
+DSA * DSA_new(void);
+int DSA_size(DSA *);
+ /* next 4 return -1 on error */
+int DSA_sign_setup( DSA *dsa,BN_CTX *ctx_in,BIGNUM **kinvp,BIGNUM **rp);
+int DSA_sign(int type,unsigned char *dgst,int dlen,
+ unsigned char *sig, unsigned int *siglen, DSA *dsa);
+int DSA_verify(int type,unsigned char *dgst,int dgst_len,
+ unsigned char *sigbuf, int siglen, DSA *dsa);
+void DSA_free (DSA *r);
+
+void ERR_load_DSA_strings(void );
+
+DSA * d2i_DSAPublicKey(DSA **a, unsigned char **pp, long length);
+DSA * d2i_DSAPrivateKey(DSA **a, unsigned char **pp, long length);
+DSA * d2i_DSAparams(DSA **a, unsigned char **pp, long length);
+DSA * DSA_generate_parameters(int bits, unsigned char *seed,int seed_len,
+ int *counter_ret, unsigned long *h_ret,void
+ (*callback)(),char *cb_arg);
+int DSA_generate_key(DSA *a);
+int i2d_DSAPublicKey(DSA *a, unsigned char **pp);
+int i2d_DSAPrivateKey(DSA *a, unsigned char **pp);
+int i2d_DSAparams(DSA *a,unsigned char **pp);
+
+#ifdef HEADER_BIO_H
+int DSAparams_print(BIO *bp, DSA *x);
+int DSA_print(BIO *bp, DSA *x, int off);
+#endif
+#ifndef NO_FP_API
+int DSAparams_print_fp(FILE *fp, DSA *x);
+int DSA_print_fp(FILE *bp, DSA *x, int off);
+#endif
+
+int DSA_is_prime(BIGNUM *q,void (*callback)(),char *cb_arg);
+
+#else
+
+DSA * DSA_new();
+int DSA_size();
+int DSA_sign_setup();
+int DSA_sign();
+int DSA_verify();
+void DSA_free ();
+
+void ERR_load_DSA_strings();
+
+DSA * d2i_DSAPublicKey();
+DSA * d2i_DSAPrivateKey();
+DSA * d2i_DSAparams();
+DSA * DSA_generate_parameters();
+int DSA_generate_key();
+int i2d_DSAPublicKey();
+int i2d_DSAPrivateKey();
+int i2d_DSAparams();
+
+int DSA_is_prime();
+
+int DSAparams_print();
+int DSA_print();
+
+#ifndef NO_FP_API
+int DSAparams_print_fp();
+int DSA_print_fp();
+#endif
+
+#endif
+
+/* BEGIN ERROR CODES */
+/* Error codes for the DSA functions. */
+
+/* Function codes. */
+#define DSA_F_DSAPARAMS_PRINT 100
+#define DSA_F_DSAPARAMS_PRINT_FP 101
+#define DSA_F_DSA_IS_PRIME 102
+#define DSA_F_DSA_NEW 103
+#define DSA_F_DSA_PRINT 104
+#define DSA_F_DSA_PRINT_FP 105
+#define DSA_F_DSA_SIGN 106
+#define DSA_F_DSA_SIGN_SETUP 107
+#define DSA_F_DSA_VERIFY 108
+
+/* Reason codes. */
+#define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 100
+
+#ifdef __cplusplus
+}
+#endif
+#endif
+
diff --git a/src/lib/libssl/src/crypto/dsa/dsa_err.c b/src/lib/libssl/src/crypto/dsa/dsa_err.c
new file mode 100644
index 0000000000..318e9f31aa
--- /dev/null
+++ b/src/lib/libssl/src/crypto/dsa/dsa_err.c
@@ -0,0 +1,99 @@
+/* lib/dsa/dsa_err.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include "err.h"
+#include "dsa.h"
+
+/* BEGIN ERROR CODES */
+#ifndef NO_ERR
+static ERR_STRING_DATA DSA_str_functs[]=
+ {
+{ERR_PACK(0,DSA_F_DSAPARAMS_PRINT,0), "DSAparams_print"},
+{ERR_PACK(0,DSA_F_DSAPARAMS_PRINT_FP,0), "DSAparams_print_fp"},
+{ERR_PACK(0,DSA_F_DSA_IS_PRIME,0), "DSA_is_prime"},
+{ERR_PACK(0,DSA_F_DSA_NEW,0), "DSA_new"},
+{ERR_PACK(0,DSA_F_DSA_PRINT,0), "DSA_print"},
+{ERR_PACK(0,DSA_F_DSA_PRINT_FP,0), "DSA_print_fp"},
+{ERR_PACK(0,DSA_F_DSA_SIGN,0), "DSA_sign"},
+{ERR_PACK(0,DSA_F_DSA_SIGN_SETUP,0), "DSA_sign_setup"},
+{ERR_PACK(0,DSA_F_DSA_VERIFY,0), "DSA_verify"},
+{0,NULL},
+ };
+
+static ERR_STRING_DATA DSA_str_reasons[]=
+ {
+{DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE ,"data too large for key size"},
+{0,NULL},
+ };
+
+#endif
+
+void ERR_load_DSA_strings()
+ {
+ static int init=1;
+
+ if (init);
+ {;
+ init=0;
+#ifndef NO_ERR
+ ERR_load_strings(ERR_LIB_DSA,DSA_str_functs);
+ ERR_load_strings(ERR_LIB_DSA,DSA_str_reasons);
+#endif
+
+ }
+ }
diff --git a/src/lib/libssl/src/crypto/dsa/dsa_gen.c b/src/lib/libssl/src/crypto/dsa/dsa_gen.c
new file mode 100644
index 0000000000..d7d30bf90a
--- /dev/null
+++ b/src/lib/libssl/src/crypto/dsa/dsa_gen.c
@@ -0,0 +1,328 @@
+/* crypto/dsa/dsa_gen.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#undef GENUINE_DSA
+
+#ifdef GENUINE_DSA
+#define HASH SHA
+#else
+#define HASH SHA1
+#endif
+
+#include <stdio.h>
+#include <time.h>
+#include "cryptlib.h"
+#include "sha.h"
+#include "bn.h"
+#include "dsa.h"
+#include "rand.h"
+
+DSA *DSA_generate_parameters(bits,seed_in,seed_len,counter_ret,h_ret,callback,
+ cb_arg)
+int bits;
+unsigned char *seed_in;
+int seed_len;
+int *counter_ret;
+unsigned long *h_ret;
+void (*callback)();
+char *cb_arg;
+ {
+ int ok=0;
+ unsigned char seed[SHA_DIGEST_LENGTH];
+ unsigned char md[SHA_DIGEST_LENGTH];
+ unsigned char buf[SHA_DIGEST_LENGTH],buf2[SHA_DIGEST_LENGTH];
+ BIGNUM *r0,*W,*X,*c,*test;
+ BIGNUM *g=NULL,*q=NULL,*p=NULL;
+ int k,n=0,i,b,m=0;
+ int counter=0;
+ BN_CTX *ctx=NULL,*ctx2=NULL;
+ unsigned int h=2;
+ DSA *ret=NULL;
+
+ if (bits < 512) bits=512;
+ bits=(bits+63)/64*64;
+
+ if ((seed_in != NULL) && (seed_len == 20))
+ memcpy(seed,seed_in,seed_len);
+
+ ctx=BN_CTX_new();
+ if (ctx == NULL) goto err;
+ ctx2=BN_CTX_new();
+ if (ctx2 == NULL) goto err;
+ ret=DSA_new();
+ if (ret == NULL) goto err;
+ r0=ctx2->bn[0];
+ g=ctx2->bn[1];
+ W=ctx2->bn[2];
+ q=ctx2->bn[3];
+ X=ctx2->bn[4];
+ c=ctx2->bn[5];
+ p=ctx2->bn[6];
+ test=ctx2->bn[7];
+
+ BN_lshift(test,BN_value_one(),bits-1);
+
+ for (;;)
+ {
+ for (;;)
+ {
+ /* step 1 */
+ if (callback != NULL) callback(0,m++,cb_arg);
+
+ if (!seed_len)
+ RAND_bytes(seed,SHA_DIGEST_LENGTH);
+ else
+ seed_len=0;
+
+ memcpy(buf,seed,SHA_DIGEST_LENGTH);
+ memcpy(buf2,seed,SHA_DIGEST_LENGTH);
+ for (i=SHA_DIGEST_LENGTH-1; i >= 0; i--)
+ {
+ buf[i]++;
+ if (buf[i] != 0) break;
+ }
+
+ /* step 2 */
+ HASH(seed,SHA_DIGEST_LENGTH,md);
+ HASH(buf,SHA_DIGEST_LENGTH,buf2);
+ for (i=0; i<SHA_DIGEST_LENGTH; i++)
+ md[i]^=buf2[i];
+
+ /* step 3 */
+ md[0]|=0x80;
+ md[SHA_DIGEST_LENGTH-1]|=0x01;
+ if (!BN_bin2bn(md,SHA_DIGEST_LENGTH,q)) abort();
+
+ /* step 4 */
+ if (DSA_is_prime(q,callback,cb_arg) > 0) break;
+ /* do a callback call */
+ /* step 5 */
+ }
+
+ if (callback != NULL) callback(2,0,cb_arg);
+ if (callback != NULL) callback(3,0,cb_arg);
+
+ /* step 6 */
+ counter=0;
+
+ n=(bits-1)/160;
+ b=(bits-1)-n*160;
+
+ for (;;)
+ {
+ /* step 7 */
+ BN_zero(W);
+ for (k=0; k<=n; k++)
+ {
+ for (i=SHA_DIGEST_LENGTH-1; i >= 0; i--)
+ {
+ buf[i]++;
+ if (buf[i] != 0) break;
+ }
+
+ HASH(buf,SHA_DIGEST_LENGTH,md);
+
+ /* step 8 */
+ if (!BN_bin2bn(md,SHA_DIGEST_LENGTH,r0)) abort();
+ BN_lshift(r0,r0,160*k);
+ BN_add(W,W,r0);
+ }
+
+ /* more of step 8 */
+ BN_mask_bits(W,bits-1);
+ BN_copy(X,W); /* this should be ok */
+ BN_add(X,X,test); /* this should be ok */
+
+ /* step 9 */
+ BN_lshift1(r0,q);
+ BN_mod(c,X,r0,ctx);
+ BN_sub(r0,c,BN_value_one());
+ BN_sub(p,X,r0);
+
+ /* step 10 */
+ if (BN_cmp(p,test) >= 0)
+ {
+ /* step 11 */
+ if (DSA_is_prime(p,callback,cb_arg) > 0)
+ goto end;
+ }
+
+ /* step 13 */
+ counter++;
+
+ /* step 14 */
+ if (counter >= 4096) break;
+
+ if (callback != NULL) callback(0,counter,cb_arg);
+ }
+ }
+end:
+ if (callback != NULL) callback(2,1,cb_arg);
+
+ /* We now need to gernerate g */
+ /* Set r0=(p-1)/q */
+ BN_sub(test,p,BN_value_one());
+ BN_div(r0,NULL,test,q,ctx);
+
+ BN_set_word(test,h);
+ for (;;)
+ {
+ /* g=test^r0%p */
+ BN_mod_exp(g,test,r0,p,ctx);
+ if (!BN_is_one(g)) break;
+ BN_add(test,test,BN_value_one());
+ h++;
+ }
+
+ if (callback != NULL) callback(3,1,cb_arg);
+
+ ok=1;
+err:
+ if (!ok)
+ {
+ if (ret != NULL) DSA_free(ret);
+ }
+ else
+ {
+ ret->p=BN_dup(p);
+ ret->q=BN_dup(q);
+ ret->g=BN_dup(g);
+ if ((m > 1) && (seed_in != NULL)) memcpy(seed_in,seed,20);
+ if (counter_ret != NULL) *counter_ret=counter;
+ if (h_ret != NULL) *h_ret=h;
+ }
+ BN_CTX_free(ctx);
+ BN_CTX_free(ctx2);
+ return(ok?ret:NULL);
+ }
+
+int DSA_is_prime(w, callback,cb_arg)
+BIGNUM *w;
+void (*callback)();
+char *cb_arg;
+ {
+ int ok= -1,j,i,n;
+ BN_CTX *ctx=NULL,*ctx2=NULL;
+ BIGNUM *w_1,*b,*m,*z;
+ int a;
+
+ if (!BN_is_bit_set(w,0)) return(0);
+
+ ctx=BN_CTX_new();
+ if (ctx == NULL) goto err;
+ ctx2=BN_CTX_new();
+ if (ctx2 == NULL) goto err;
+
+ m= ctx2->bn[2];
+ b= ctx2->bn[3];
+ z= ctx2->bn[4];
+ w_1=ctx2->bn[5];
+
+ /* step 1 */
+ n=50;
+
+ /* step 2 */
+ if (!BN_sub(w_1,w,BN_value_one())) goto err;
+ for (a=1; !BN_is_bit_set(w_1,a); a++)
+ ;
+ if (!BN_rshift(m,w_1,a)) goto err;
+
+ for (i=1; i < n; i++)
+ {
+ /* step 3 */
+ BN_rand(b,BN_num_bits(w)-2/*-1*/,0,0);
+ BN_set_word(b,0x10001L);
+
+ /* step 4 */
+ j=0;
+ if (!BN_mod_exp(z,b,m,w,ctx)) goto err;
+
+ /* step 5 */
+ for (;;)
+ {
+ if (((j == 0) && BN_is_one(z)) || (BN_cmp(z,w_1) == 0))
+ break;
+
+ /* step 6 */
+ if ((j > 0) && BN_is_one(z))
+ {
+ ok=0;
+ goto err;
+ }
+
+ j++;
+ if (j >= a)
+ {
+ ok=0;
+ goto err;
+ }
+
+ if (!BN_mod_mul(z,z,z,w,ctx)) goto err;
+ if (callback != NULL) callback(1,j,cb_arg);
+ }
+ }
+
+ ok=1;
+err:
+ if (ok == -1) DSAerr(DSA_F_DSA_IS_PRIME,ERR_R_BN_LIB);
+ BN_CTX_free(ctx);
+ BN_CTX_free(ctx2);
+
+ return(ok);
+ }
+
diff --git a/src/lib/libssl/src/crypto/dsa/dsa_key.c b/src/lib/libssl/src/crypto/dsa/dsa_key.c
new file mode 100644
index 0000000000..d51ed9395f
--- /dev/null
+++ b/src/lib/libssl/src/crypto/dsa/dsa_key.c
@@ -0,0 +1,112 @@
+/* crypto/dsa/dsa_key.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include "cryptlib.h"
+#include "sha.h"
+#include "bn.h"
+#include "dsa.h"
+#include "rand.h"
+
+int DSA_generate_key(dsa)
+DSA *dsa;
+ {
+ int ok=0;
+ unsigned int i;
+ BN_CTX *ctx=NULL;
+ BIGNUM *pub_key=NULL,*priv_key=NULL;
+
+ if ((ctx=BN_CTX_new()) == NULL) goto err;
+
+ if (dsa->priv_key == NULL)
+ {
+ if ((priv_key=BN_new()) == NULL) goto err;
+ }
+ else
+ priv_key=dsa->priv_key;
+
+ i=BN_num_bits(dsa->q);
+ for (;;)
+ {
+ BN_rand(priv_key,i,1,0);
+ if (BN_cmp(priv_key,dsa->q) >= 0)
+ BN_sub(priv_key,priv_key,dsa->q);
+ if (!BN_is_zero(priv_key)) break;
+ }
+
+ if (dsa->pub_key == NULL)
+ {
+ if ((pub_key=BN_new()) == NULL) goto err;
+ }
+ else
+ pub_key=dsa->pub_key;
+
+ if (!BN_mod_exp(pub_key,dsa->g,priv_key,dsa->p,ctx)) goto err;
+
+ dsa->priv_key=priv_key;
+ dsa->pub_key=pub_key;
+ ok=1;
+
+err:
+ if ((pub_key != NULL) && (dsa->pub_key == NULL)) BN_free(pub_key);
+ if ((priv_key != NULL) && (dsa->priv_key == NULL)) BN_free(priv_key);
+ if (ctx != NULL) BN_CTX_free(ctx);
+ return(ok);
+ }
+
diff --git a/src/lib/libssl/src/crypto/dsa/dsa_lib.c b/src/lib/libssl/src/crypto/dsa/dsa_lib.c
new file mode 100644
index 0000000000..b647257f9f
--- /dev/null
+++ b/src/lib/libssl/src/crypto/dsa/dsa_lib.c
@@ -0,0 +1,145 @@
+/* crypto/dsa/dsa_lib.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* Origional version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "dsa.h"
+#include "asn1.h"
+
+char *DSA_version="\0DSA part of SSLeay 0.9.0b 29-Jun-1998";
+
+DSA *DSA_new()
+ {
+ DSA *ret;
+
+ ret=(DSA *)Malloc(sizeof(DSA));
+ if (ret == NULL)
+ {
+ DSAerr(DSA_F_DSA_NEW,ERR_R_MALLOC_FAILURE);
+ return(NULL);
+ }
+ ret->pad=0;
+ ret->version=0;
+ ret->write_params=1;
+ ret->p=NULL;
+ ret->q=NULL;
+ ret->g=NULL;
+
+ ret->pub_key=NULL;
+ ret->priv_key=NULL;
+
+ ret->kinv=NULL;
+ ret->r=NULL;
+
+ ret->references=1;
+ return(ret);
+ }
+
+void DSA_free(r)
+DSA *r;
+ {
+ int i;
+
+ if (r == NULL) return;
+
+ i=CRYPTO_add(&r->references,-1,CRYPTO_LOCK_DSA);
+#ifdef REF_PRINT
+ REF_PRINT("DSA",r);
+#endif
+ if (i > 0) return;
+#ifdef REF_CHECK
+ if (i < 0)
+ {
+ fprintf(stderr,"DSA_free, bad reference count\n");
+ abort();
+ }
+#endif
+
+ if (r->p != NULL) BN_clear_free(r->p);
+ if (r->q != NULL) BN_clear_free(r->q);
+ if (r->g != NULL) BN_clear_free(r->g);
+ if (r->pub_key != NULL) BN_clear_free(r->pub_key);
+ if (r->priv_key != NULL) BN_clear_free(r->priv_key);
+ if (r->kinv != NULL) BN_clear_free(r->kinv);
+ if (r->r != NULL) BN_clear_free(r->r);
+ Free(r);
+ }
+
+int DSA_size(r)
+DSA *r;
+ {
+ int ret,i;
+ ASN1_INTEGER bs;
+ unsigned char buf[4];
+
+ i=BN_num_bits(r->q);
+ bs.length=(i+7)/8;
+ bs.data=buf;
+ bs.type=V_ASN1_INTEGER;
+ /* If the top bit is set the asn1 encoding is 1 larger. */
+ buf[0]=0xff;
+
+ i=i2d_ASN1_INTEGER(&bs,NULL);
+ i+=i; /* r and s */
+ ret=ASN1_object_size(1,i,V_ASN1_SEQUENCE);
+ return(ret);
+ }
+
diff --git a/src/lib/libssl/src/crypto/dsa/dsa_sign.c b/src/lib/libssl/src/crypto/dsa/dsa_sign.c
new file mode 100644
index 0000000000..6ca1c318f2
--- /dev/null
+++ b/src/lib/libssl/src/crypto/dsa/dsa_sign.c
@@ -0,0 +1,215 @@
+/* crypto/dsa/dsa_sign.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* Origional version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "dsa.h"
+#include "rand.h"
+#include "asn1.h"
+
+/* data has already been hashed (probably with SHA or SHA-1). */
+/* DSAerr(DSA_F_DSA_SIGN,DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); */
+
+int DSA_sign(type,dgst,dlen,sig,siglen,dsa)
+int type;
+unsigned char *dgst;
+int dlen;
+unsigned char *sig; /* out */
+unsigned int *siglen; /* out */
+DSA *dsa;
+ {
+ BIGNUM *kinv=NULL,*r=NULL;
+ BIGNUM *m=NULL;
+ BIGNUM *xr=NULL,*s=NULL;
+ BN_CTX *ctx=NULL;
+ unsigned char *p;
+ int i,len=0,ret=0,reason=ERR_R_BN_LIB;
+ ASN1_INTEGER rbs,sbs;
+ MS_STATIC unsigned char rbuf[50]; /* assuming r is 20 bytes +extra */
+ MS_STATIC unsigned char sbuf[50]; /* assuming s is 20 bytes +extra */
+
+ i=BN_num_bytes(dsa->q); /* should be 20 */
+ if ((dlen > i) || (dlen > 50))
+ {
+ reason=DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE;
+ goto err;
+ }
+
+ ctx=BN_CTX_new();
+ if (ctx == NULL) goto err;
+
+ if ((dsa->kinv == NULL) || (dsa->r == NULL))
+ {
+ if (!DSA_sign_setup(dsa,ctx,&kinv,&r)) goto err;
+ }
+ else
+ {
+ kinv=dsa->kinv;
+ dsa->kinv=NULL;
+ r=dsa->r;
+ dsa->r=NULL;
+ }
+
+ m=BN_new();
+ xr=BN_new();
+ s=BN_new();
+ if (m == NULL || xr == NULL || s == NULL) goto err;
+
+ if (BN_bin2bn(dgst,dlen,m) == NULL) goto err;
+
+ /* Compute s = inv(k) (m + xr) mod q */
+ if (!BN_mul(xr, dsa->priv_key, r)) goto err; /* s = xr */
+ if (!BN_add(s, xr, m)) goto err; /* s = m + xr */
+ if (!BN_mod_mul(s,s,kinv,dsa->q,ctx)) goto err;
+
+ /*
+ * Now create a ASN.1 sequence of the integers R and S.
+ */
+ rbs.data=rbuf;
+ sbs.data=sbuf;
+ rbs.type = V_ASN1_INTEGER;
+ sbs.type = V_ASN1_INTEGER;
+ rbs.length=BN_bn2bin(r,rbs.data);
+ sbs.length=BN_bn2bin(s,sbs.data);
+
+ len =i2d_ASN1_INTEGER(&rbs,NULL);
+ len+=i2d_ASN1_INTEGER(&sbs,NULL);
+
+ p=sig;
+ ASN1_put_object(&p,1,len,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
+ i2d_ASN1_INTEGER(&rbs,&p);
+ i2d_ASN1_INTEGER(&sbs,&p);
+ *siglen=(p-sig);
+ ret=1;
+err:
+ if (!ret) DSAerr(DSA_F_DSA_SIGN,reason);
+
+#if 1 /* do the right thing :-) */
+ if (kinv != NULL) BN_clear_free(kinv);
+ if (r != NULL) BN_clear_free(r);
+#endif
+ if (ctx != NULL) BN_CTX_free(ctx);
+ if (m != NULL) BN_clear_free(m);
+ if (xr != NULL) BN_clear_free(xr);
+ if (s != NULL) BN_clear_free(s);
+ return(ret);
+ }
+
+int DSA_sign_setup(dsa,ctx_in,kinvp,rp)
+DSA *dsa;
+BN_CTX *ctx_in;
+BIGNUM **kinvp;
+BIGNUM **rp;
+ {
+ BN_CTX *ctx;
+ BIGNUM *k=NULL,*kinv=NULL,*r=NULL;
+ int ret=0;
+
+ if (ctx_in == NULL)
+ {
+ if ((ctx=BN_CTX_new()) == NULL) goto err;
+ }
+ else
+ ctx=ctx_in;
+
+ r=BN_new();
+ k=BN_new();
+ if ((r == NULL) || (k == NULL))
+ goto err;
+ kinv=NULL;
+
+ if (r == NULL) goto err;
+
+ /* Get random k */
+ for (;;)
+ {
+ if (!BN_rand(k, BN_num_bits(dsa->q), 1, 0)) goto err;
+ if (BN_cmp(k,dsa->q) >= 0)
+ BN_sub(k,k,dsa->q);
+ if (!BN_is_zero(k)) break;
+ }
+
+ /* Compute r = (g^k mod p) mod q */
+ if (!BN_mod_exp(r,dsa->g,k,dsa->p,ctx)) goto err;
+ if (!BN_mod(r,r,dsa->q,ctx)) goto err;
+
+ /* Compute part of 's = inv(k) (m + xr) mod q' */
+ if ((kinv=BN_mod_inverse(k,dsa->q,ctx)) == NULL) goto err;
+
+ if (*kinvp != NULL) BN_clear_free(*kinvp);
+ *kinvp=kinv;
+ kinv=NULL;
+ if (*rp != NULL) BN_clear_free(*rp);
+ *rp=r;
+ ret=1;
+err:
+ if (!ret)
+ {
+ DSAerr(DSA_F_DSA_SIGN_SETUP,ERR_R_BN_LIB);
+ if (kinv != NULL) BN_clear_free(kinv);
+ if (r != NULL) BN_clear_free(r);
+ }
+ if (ctx_in == NULL) BN_CTX_free(ctx);
+ if (k != NULL) BN_clear_free(k);
+ if (kinv != NULL) BN_clear_free(kinv);
+ return(ret);
+ }
+
diff --git a/src/lib/libssl/src/crypto/dsa/dsa_vrf.c b/src/lib/libssl/src/crypto/dsa/dsa_vrf.c
new file mode 100644
index 0000000000..0f860984ed
--- /dev/null
+++ b/src/lib/libssl/src/crypto/dsa/dsa_vrf.c
@@ -0,0 +1,152 @@
+/* crypto/dsa/dsa_vrf.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* Origional version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "dsa.h"
+#include "rand.h"
+#include "asn1.h"
+#include "asn1_mac.h"
+
+/* data has already been hashed (probably with SHA or SHA-1). */
+/* returns
+ * 1: correct signature
+ * 0: incorrect signature
+ * -1: error
+ */
+int DSA_verify(type,dgst,dgst_len,sigbuf,siglen, dsa)
+int type;
+unsigned char *dgst;
+int dgst_len;
+unsigned char *sigbuf;
+int siglen;
+DSA *dsa;
+ {
+ /* The next 3 are used by the M_ASN1 macros */
+ long length=siglen;
+ ASN1_CTX c;
+ unsigned char **pp= &sigbuf;
+ BN_CTX *ctx;
+ BIGNUM *r=NULL;
+ BIGNUM *t1=NULL,*t2=NULL;
+ BIGNUM *u1=NULL,*u2=NULL;
+ ASN1_INTEGER *bs=NULL;
+ int ret = -1;
+
+ ctx=BN_CTX_new();
+ if (ctx == NULL) goto err;
+
+ t1=BN_new();
+ t2=BN_new();
+ if (t1 == NULL || t2 == NULL) goto err;
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+ if ((r=BN_bin2bn(bs->data,bs->length,NULL)) == NULL) goto err_bn;
+ M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+ if ((u1=BN_bin2bn(bs->data,bs->length,NULL)) == NULL) goto err_bn;
+ if (!asn1_Finish(&c)) goto err;
+
+ /* Calculate W = inv(S) mod Q
+ * save W in u2 */
+ if ((u2=BN_mod_inverse(u1,dsa->q,ctx)) == NULL) goto err_bn;
+
+ /* save M in u1 */
+ if (BN_bin2bn(dgst,dgst_len,u1) == NULL) goto err_bn;
+
+ /* u1 = M * w mod q */
+ if (!BN_mod_mul(u1,u1,u2,dsa->q,ctx)) goto err_bn;
+
+ /* u2 = r * w mod q */
+ if (!BN_mod_mul(u2,r,u2,dsa->q,ctx)) goto err_bn;
+
+ /* v = ( g^u1 * y^u2 mod p ) mod q */
+ /* let t1 = g ^ u1 mod p */
+ if (!BN_mod_exp(t1,dsa->g,u1,dsa->p,ctx)) goto err_bn;
+ /* let t2 = y ^ u2 mod p */
+ if (!BN_mod_exp(t2,dsa->pub_key,u2,dsa->p,ctx)) goto err_bn;
+ /* let u1 = t1 * t2 mod p */
+ if (!BN_mod_mul(u1,t1,t2,dsa->p,ctx)) goto err_bn;
+ /* let u1 = u1 mod q */
+ if (!BN_mod(u1,u1,dsa->q,ctx)) goto err_bn;
+ /* V is now in u1. If the signature is correct, it will be
+ * equal to R. */
+ ret=(BN_ucmp(u1, r) == 0);
+ if (0)
+ {
+err: /* ASN1 error */
+ DSAerr(DSA_F_DSA_VERIFY,c.error);
+ }
+ if (0)
+ {
+err_bn: /* BN error */
+ DSAerr(DSA_F_DSA_VERIFY,ERR_R_BN_LIB);
+ }
+ if (ctx != NULL) BN_CTX_free(ctx);
+ if (r != NULL) BN_free(r);
+ if (t1 != NULL) BN_free(t1);
+ if (t2 != NULL) BN_free(t2);
+ if (u1 != NULL) BN_free(u1);
+ if (u2 != NULL) BN_free(u2);
+ if (bs != NULL) ASN1_BIT_STRING_free(bs);
+ return(ret);
+ }
diff --git a/src/lib/libssl/src/crypto/dsa/dsagen.c b/src/lib/libssl/src/crypto/dsa/dsagen.c
new file mode 100644
index 0000000000..20335de250
--- /dev/null
+++ b/src/lib/libssl/src/crypto/dsa/dsagen.c
@@ -0,0 +1,112 @@
+/* crypto/dsa/dsagen.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "dsa.h"
+
+#define TEST
+#define GENUINE_DSA
+
+#ifdef GENUINE_DSA
+#define LAST_VALUE 0xbd
+#else
+#define LAST_VALUE 0xd3
+#endif
+
+#ifdef TEST
+unsigned char seed[20]={
+ 0xd5,0x01,0x4e,0x4b,
+ 0x60,0xef,0x2b,0xa8,
+ 0xb6,0x21,0x1b,0x40,
+ 0x62,0xba,0x32,0x24,
+ 0xe0,0x42,0x7d,LAST_VALUE};
+#endif
+
+int cb(p,n)
+int p,n;
+ {
+ char c='*';
+
+ if (p == 0) c='.';
+ if (p == 1) c='+';
+ if (p == 2) c='*';
+ if (p == 3) c='\n';
+ printf("%c",c);
+ fflush(stdout);
+ }
+
+main()
+ {
+ int i;
+ BIGNUM *n;
+ BN_CTX *ctx;
+ unsigned char seed_buf[20];
+ DSA *dsa;
+ int counter,h;
+ BIO *bio_err=NULL;
+
+ if (bio_err == NULL)
+ bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
+
+ memcpy(seed_buf,seed,20);
+ dsa=DSA_generate_parameters(1024,seed,20,&counter,&h,cb);
+
+ if (dsa == NULL)
+ DSA_print(bio_err,dsa,0);
+ }
+
diff --git a/src/lib/libssl/src/crypto/dsa/dsatest.c b/src/lib/libssl/src/crypto/dsa/dsatest.c
new file mode 100644
index 0000000000..39bb712c4a
--- /dev/null
+++ b/src/lib/libssl/src/crypto/dsa/dsatest.c
@@ -0,0 +1,214 @@
+/* crypto/dsa/dsatest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include "crypto.h"
+#include "rand.h"
+#include "bio.h"
+#include "err.h"
+#include "dsa.h"
+#ifdef WINDOWS
+#include "../bio/bss_file.c"
+#endif
+
+#ifdef WIN16
+#define MS_CALLBACK _far _loadds
+#else
+#define MS_CALLBACK
+#endif
+
+#ifndef NOPROTO
+static void MS_CALLBACK dsa_cb(int p, int n, char *arg);
+#else
+static void MS_CALLBACK dsa_cb();
+#endif
+
+static unsigned char seed[20]={
+ 0xd5,0x01,0x4e,0x4b,0x60,0xef,0x2b,0xa8,0xb6,0x21,0x1b,0x40,
+ 0x62,0xba,0x32,0x24,0xe0,0x42,0x7d,0xd3,
+ };
+
+static unsigned char out_p[]={
+ 0x8d,0xf2,0xa4,0x94,0x49,0x22,0x76,0xaa,
+ 0x3d,0x25,0x75,0x9b,0xb0,0x68,0x69,0xcb,
+ 0xea,0xc0,0xd8,0x3a,0xfb,0x8d,0x0c,0xf7,
+ 0xcb,0xb8,0x32,0x4f,0x0d,0x78,0x82,0xe5,
+ 0xd0,0x76,0x2f,0xc5,0xb7,0x21,0x0e,0xaf,
+ 0xc2,0xe9,0xad,0xac,0x32,0xab,0x7a,0xac,
+ 0x49,0x69,0x3d,0xfb,0xf8,0x37,0x24,0xc2,
+ 0xec,0x07,0x36,0xee,0x31,0xc8,0x02,0x91,
+ };
+
+static unsigned char out_q[]={
+ 0xc7,0x73,0x21,0x8c,0x73,0x7e,0xc8,0xee,
+ 0x99,0x3b,0x4f,0x2d,0xed,0x30,0xf4,0x8e,
+ 0xda,0xce,0x91,0x5f,
+ };
+
+static unsigned char out_g[]={
+ 0x62,0x6d,0x02,0x78,0x39,0xea,0x0a,0x13,
+ 0x41,0x31,0x63,0xa5,0x5b,0x4c,0xb5,0x00,
+ 0x29,0x9d,0x55,0x22,0x95,0x6c,0xef,0xcb,
+ 0x3b,0xff,0x10,0xf3,0x99,0xce,0x2c,0x2e,
+ 0x71,0xcb,0x9d,0xe5,0xfa,0x24,0xba,0xbf,
+ 0x58,0xe5,0xb7,0x95,0x21,0x92,0x5c,0x9c,
+ 0xc4,0x2e,0x9f,0x6f,0x46,0x4b,0x08,0x8c,
+ 0xc5,0x72,0xaf,0x53,0xe6,0xd7,0x88,0x02,
+ };
+
+static BIO *bio_err=NULL;
+
+int main(argc, argv)
+int argc;
+char **argv;
+ {
+ DSA *dsa=NULL;
+ int counter,ret=0,i,j;
+ unsigned char buf[256];
+ unsigned long h;
+
+ if (bio_err == NULL)
+ bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
+
+ BIO_printf(bio_err,"test generation of DSA parameters\n");
+ BIO_printf(bio_err,"expect '.*' followed by 5 lines of '.'s and '+'s\n");
+ dsa=DSA_generate_parameters(512,seed,20,&counter,&h,dsa_cb,
+ (char *)bio_err);
+
+ BIO_printf(bio_err,"seed\n");
+ for (i=0; i<20; i+=4)
+ {
+ BIO_printf(bio_err,"%02X%02X%02X%02X ",
+ seed[i],seed[i+1],seed[i+2],seed[i+3]);
+ }
+ BIO_printf(bio_err,"\ncounter=%d h=%d\n",counter,h);
+
+ if (dsa == NULL) goto end;
+ DSA_print(bio_err,dsa,0);
+ if (counter != 105)
+ {
+ BIO_printf(bio_err,"counter should be 105\n");
+ goto end;
+ }
+ if (h != 2)
+ {
+ BIO_printf(bio_err,"h should be 2\n");
+ goto end;
+ }
+
+ i=BN_bn2bin(dsa->q,buf);
+ j=sizeof(out_q);
+ if ((i != j) || (memcmp(buf,out_q,i) != 0))
+ {
+ BIO_printf(bio_err,"q value is wrong\n");
+ goto end;
+ }
+
+ i=BN_bn2bin(dsa->p,buf);
+ j=sizeof(out_p);
+ if ((i != j) || (memcmp(buf,out_p,i) != 0))
+ {
+ BIO_printf(bio_err,"p value is wrong\n");
+ goto end;
+ }
+
+ i=BN_bn2bin(dsa->g,buf);
+ j=sizeof(out_g);
+ if ((i != j) || (memcmp(buf,out_g,i) != 0))
+ {
+ BIO_printf(bio_err,"g value is wrong\n");
+ goto end;
+ }
+
+ ret=1;
+end:
+ if (!ret)
+ ERR_print_errors(bio_err);
+ if (bio_err != NULL) BIO_free(bio_err);
+ if (dsa != NULL) DSA_free(dsa);
+ exit(!ret);
+ return(0);
+ }
+
+static void MS_CALLBACK dsa_cb(p, n, arg)
+int p;
+int n;
+char *arg;
+ {
+ char c='*';
+ static int ok=0,num=0;
+
+ if (p == 0) { c='.'; num++; };
+ if (p == 1) c='+';
+ if (p == 2) { c='*'; ok++; }
+ if (p == 3) c='\n';
+ BIO_write((BIO *)arg,&c,1);
+ BIO_flush((BIO *)arg);
+
+ if (!ok && (p == 0) && (num > 1))
+ {
+ BIO_printf((BIO *)arg,"error in dsatest\n");
+ exit(1);
+ }
+ }
+
+
diff --git a/src/lib/libssl/src/crypto/dsa/fips186a.txt b/src/lib/libssl/src/crypto/dsa/fips186a.txt
new file mode 100644
index 0000000000..3a2e0a0d51
--- /dev/null
+++ b/src/lib/libssl/src/crypto/dsa/fips186a.txt
@@ -0,0 +1,122 @@
+The origional FIPE 180 used SHA-0 (FIPS 180) for its appendix 5
+examples. This is an updated version that uses SHA-1 (FIPS 180-1)
+supplied to me by Wei Dai
+--
+ APPENDIX 5. EXAMPLE OF THE DSA
+
+
+This appendix is for informational purposes only and is not required to meet
+the standard.
+
+Let L = 512 (size of p). The values in this example are expressed in
+hexadecimal notation. The p and q given here were generated by the prime
+generation standard described in appendix 2 using the 160-bit SEED:
+
+ d5014e4b 60ef2ba8 b6211b40 62ba3224 e0427dd3
+
+With this SEED, the algorithm found p and q when the counter was at 105.
+
+x was generated by the algorithm described in appendix 3, section 3.1, using
+the SHA to construct G (as in appendix 3, section 3.3) and a 160-bit XSEED:
+
+XSEED =
+
+ bd029bbe 7f51960b cf9edb2b 61f06f0f eb5a38b6
+
+t =
+ 67452301 EFCDAB89 98BADCFE 10325476 C3D2E1F0
+
+x = G(t,XSEED) mod q
+
+k was generated by the algorithm described in appendix 3, section 3.2, using
+the SHA to construct G (as in appendix 3, section 3.3) and a 160-bit KSEED:
+
+KSEED =
+
+ 687a66d9 0648f993 867e121f 4ddf9ddb 01205584
+
+t =
+ EFCDAB89 98BADCFE 10325476 C3D2E1F0 67452301
+
+k = G(t,KSEED) mod q
+
+Finally:
+
+h = 2
+
+p =
+ 8df2a494 492276aa 3d25759b b06869cb eac0d83a fb8d0cf7
+ cbb8324f 0d7882e5 d0762fc5 b7210eaf c2e9adac 32ab7aac
+ 49693dfb f83724c2 ec0736ee 31c80291
+
+
+q =
+ c773218c 737ec8ee 993b4f2d ed30f48e dace915f
+
+
+g =
+ 626d0278 39ea0a13 413163a5 5b4cb500 299d5522 956cefcb
+ 3bff10f3 99ce2c2e 71cb9de5 fa24babf 58e5b795 21925c9c
+ c42e9f6f 464b088c c572af53 e6d78802
+
+
+x =
+ 2070b322 3dba372f de1c0ffc 7b2e3b49 8b260614
+
+
+k =
+ 358dad57 1462710f 50e254cf 1a376b2b deaadfbf
+
+
+kinv =
+
+ 0d516729 8202e49b 4116ac10 4fc3f415 ae52f917
+
+M = ASCII form of "abc" (See FIPS PUB 180-1, Appendix A)
+
+SHA(M) =
+
+ a9993e36 4706816a ba3e2571 7850c26c 9cd0d89d
+
+
+y =
+
+ 19131871 d75b1612 a819f29d 78d1b0d7 346f7aa7 7bb62a85
+ 9bfd6c56 75da9d21 2d3a36ef 1672ef66 0b8c7c25 5cc0ec74
+ 858fba33 f44c0669 9630a76b 030ee333
+
+
+r =
+ 8bac1ab6 6410435c b7181f95 b16ab97c 92b341c0
+
+s =
+ 41e2345f 1f56df24 58f426d1 55b4ba2d b6dcd8c8
+
+
+w =
+ 9df4ece5 826be95f ed406d41 b43edc0b 1c18841b
+
+
+u1 =
+ bf655bd0 46f0b35e c791b004 804afcbb 8ef7d69d
+
+
+u2 =
+ 821a9263 12e97ade abcc8d08 2b527897 8a2df4b0
+
+
+gu1 mod p =
+
+ 51b1bf86 7888e5f3 af6fb476 9dd016bc fe667a65 aafc2753
+ 9063bd3d 2b138b4c e02cc0c0 2ec62bb6 7306c63e 4db95bbf
+ 6f96662a 1987a21b e4ec1071 010b6069
+
+
+yu2 mod p =
+
+ 8b510071 2957e950 50d6b8fd 376a668e 4b0d633c 1e46e665
+ 5c611a72 e2b28483 be52c74d 4b30de61 a668966e dc307a67
+ c19441f4 22bf3c34 08aeba1f 0a4dbec7
+
+v =
+ 8bac1ab6 6410435c b7181f95 b16ab97c 92b341c0
diff --git a/src/lib/libssl/src/crypto/err/err.c b/src/lib/libssl/src/crypto/err/err.c
new file mode 100644
index 0000000000..5aef6a1259
--- /dev/null
+++ b/src/lib/libssl/src/crypto/err/err.c
@@ -0,0 +1,642 @@
+/* crypto/err/err.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "lhash.h"
+#include "crypto.h"
+#include "cryptlib.h"
+#include "buffer.h"
+#include "err.h"
+#include "crypto.h"
+
+
+static LHASH *error_hash=NULL;
+static LHASH *thread_hash=NULL;
+
+#ifndef NOPROTO
+static unsigned long err_hash(ERR_STRING_DATA *a);
+static int err_cmp(ERR_STRING_DATA *a, ERR_STRING_DATA *b);
+static unsigned long pid_hash(ERR_STATE *pid);
+static int pid_cmp(ERR_STATE *a,ERR_STATE *pid);
+static unsigned long get_error_values(int inc,char **file,int *line,
+ char **data,int *flags);
+static void ERR_STATE_free(ERR_STATE *s);
+#else
+static unsigned long err_hash();
+static int err_cmp();
+static unsigned long pid_hash();
+static int pid_cmp();
+static void ERR_STATE_free();
+ERR_STATE *s;
+#endif
+
+#ifndef NO_ERR
+static ERR_STRING_DATA ERR_str_libraries[]=
+ {
+{ERR_PACK(ERR_LIB_NONE,0,0) ,"unknown library"},
+{ERR_PACK(ERR_LIB_SYS,0,0) ,"system library"},
+{ERR_PACK(ERR_LIB_BN,0,0) ,"bignum routines"},
+{ERR_PACK(ERR_LIB_RSA,0,0) ,"rsa routines"},
+{ERR_PACK(ERR_LIB_DH,0,0) ,"Diffie-Hellman routines"},
+{ERR_PACK(ERR_LIB_EVP,0,0) ,"digital envelope routines"},
+{ERR_PACK(ERR_LIB_BUF,0,0) ,"memory buffer routines"},
+{ERR_PACK(ERR_LIB_BIO,0,0) ,"BIO routines"},
+{ERR_PACK(ERR_LIB_OBJ,0,0) ,"object identifier routines"},
+{ERR_PACK(ERR_LIB_PEM,0,0) ,"PEM routines"},
+{ERR_PACK(ERR_LIB_ASN1,0,0) ,"asn1 encoding routines"},
+{ERR_PACK(ERR_LIB_X509,0,0) ,"x509 certificate routines"},
+{ERR_PACK(ERR_LIB_CONF,0,0) ,"configuation file routines"},
+{ERR_PACK(ERR_LIB_METH,0,0) ,"X509 lookup 'method' routines"},
+{ERR_PACK(ERR_LIB_SSL,0,0) ,"SSL routines"},
+{ERR_PACK(ERR_LIB_RSAREF,0,0) ,"RSAref routines"},
+{ERR_PACK(ERR_LIB_PROXY,0,0) ,"Proxy routines"},
+{ERR_PACK(ERR_LIB_BIO,0,0) ,"BIO routines"},
+{ERR_PACK(ERR_LIB_PKCS7,0,0) ,"PKCS7 routines"},
+{0,NULL},
+ };
+
+static ERR_STRING_DATA ERR_str_functs[]=
+ {
+ {ERR_PACK(0,SYS_F_FOPEN,0), "fopen"},
+ {ERR_PACK(0,SYS_F_CONNECT,0), "connect"},
+ {ERR_PACK(0,SYS_F_GETSERVBYNAME,0), "getservbyname"},
+ {ERR_PACK(0,SYS_F_SOCKET,0), "socket"},
+ {ERR_PACK(0,SYS_F_IOCTLSOCKET,0), "ioctlsocket"},
+ {ERR_PACK(0,SYS_F_BIND,0), "bind"},
+ {ERR_PACK(0,SYS_F_LISTEN,0), "listen"},
+ {ERR_PACK(0,SYS_F_ACCEPT,0), "accept"},
+#ifdef WINDOWS
+ {ERR_PACK(0,SYS_F_WSASTARTUP,0), "WSAstartup"},
+#endif
+ {0,NULL},
+ };
+
+static ERR_STRING_DATA ERR_str_reasons[]=
+ {
+{ERR_R_FATAL ,"fatal"},
+{ERR_R_SYS_LIB ,"system lib"},
+{ERR_R_BN_LIB ,"BN lib"},
+{ERR_R_RSA_LIB ,"RSA lib"},
+{ERR_R_DH_LIB ,"DH lib"},
+{ERR_R_EVP_LIB ,"EVP lib"},
+{ERR_R_BUF_LIB ,"BUF lib"},
+{ERR_R_BIO_LIB ,"BIO lib"},
+{ERR_R_OBJ_LIB ,"OBJ lib"},
+{ERR_R_PEM_LIB ,"PEM lib"},
+{ERR_R_X509_LIB ,"X509 lib"},
+{ERR_R_METH_LIB ,"METH lib"},
+{ERR_R_ASN1_LIB ,"ASN1 lib"},
+{ERR_R_CONF_LIB ,"CONF lib"},
+{ERR_R_SSL_LIB ,"SSL lib"},
+{ERR_R_PROXY_LIB ,"PROXY lib"},
+{ERR_R_BIO_LIB ,"BIO lib"},
+{ERR_R_PKCS7_LIB ,"PKCS7 lib"},
+{ERR_R_MALLOC_FAILURE ,"Malloc failure"},
+{ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED ,"called a fuction you should not call"},
+{0,NULL},
+ };
+#endif
+
+#define err_clear_data(p,i) \
+ if (((p)->err_data[i] != NULL) && \
+ (p)->err_data_flags[i] & ERR_TXT_MALLOCED) \
+ { \
+ Free((p)->err_data[i]); \
+ (p)->err_data[i]=NULL; \
+ } \
+ (p)->err_data_flags[i]=0;
+
+static void ERR_STATE_free(s)
+ERR_STATE *s;
+ {
+ int i;
+
+ for (i=0; i<ERR_NUM_ERRORS; i++)
+ {
+ err_clear_data(s,i);
+ }
+ Free(s);
+ }
+
+void ERR_load_ERR_strings()
+ {
+ static int init=1;
+
+ if (init)
+ {
+ CRYPTO_w_lock(CRYPTO_LOCK_ERR);
+ if (init == 0)
+ {
+ CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
+ return;
+ }
+ init=0;
+ CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
+
+#ifndef NO_ERR
+ ERR_load_strings(0,ERR_str_libraries);
+ ERR_load_strings(0,ERR_str_reasons);
+ ERR_load_strings(ERR_LIB_SYS,ERR_str_functs);
+#endif
+ }
+ }
+
+void ERR_load_strings(lib,str)
+int lib;
+ERR_STRING_DATA *str;
+ {
+ if (error_hash == NULL)
+ {
+ CRYPTO_w_lock(CRYPTO_LOCK_ERR_HASH);
+ error_hash=lh_new(err_hash,err_cmp);
+ if (error_hash == NULL)
+ {
+ CRYPTO_w_unlock(CRYPTO_LOCK_ERR_HASH);
+ return;
+ }
+ CRYPTO_w_unlock(CRYPTO_LOCK_ERR_HASH);
+
+ ERR_load_ERR_strings();
+ }
+
+ CRYPTO_w_lock(CRYPTO_LOCK_ERR_HASH);
+ while (str->error)
+ {
+ str->error|=ERR_PACK(lib,0,0);
+ lh_insert(error_hash,(char *)str);
+ str++;
+ }
+ CRYPTO_w_unlock(CRYPTO_LOCK_ERR_HASH);
+ }
+
+void ERR_free_strings()
+ {
+ CRYPTO_w_lock(CRYPTO_LOCK_ERR);
+
+ if (error_hash != NULL)
+ {
+ lh_free(error_hash);
+ error_hash=NULL;
+ }
+
+ CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
+ }
+
+/********************************************************/
+
+void ERR_put_error(lib,func,reason,file,line)
+int lib,func,reason;
+char *file;
+int line;
+ {
+ ERR_STATE *es;
+
+ es=ERR_get_state();
+
+ es->top=(es->top+1)%ERR_NUM_ERRORS;
+ if (es->top == es->bottom)
+ es->bottom=(es->bottom+1)%ERR_NUM_ERRORS;
+ es->err_buffer[es->top]=ERR_PACK(lib,func,reason);
+ es->err_file[es->top]=file;
+ es->err_line[es->top]=line;
+ err_clear_data(es,es->top);
+ }
+
+void ERR_clear_error()
+ {
+ ERR_STATE *es;
+
+ es=ERR_get_state();
+
+#if 0
+ /* hmm... is this needed */
+ for (i=0; i<ERR_NUM_ERRORS; i++)
+ {
+ es->err_buffer[i]=0;
+ es->err_file[i]=NULL;
+ es->err_line[i]= -1;
+ err_clear_data(es,i);
+ }
+#endif
+ es->top=es->bottom=0;
+ }
+
+
+unsigned long ERR_get_error()
+ { return(get_error_values(1,NULL,NULL,NULL,NULL)); }
+
+unsigned long ERR_get_error_line(file,line)
+char **file;
+int *line;
+ { return(get_error_values(1,file,line,NULL,NULL)); }
+
+unsigned long ERR_get_error_line_data(file,line,data,flags)
+char **file;
+int *line;
+char **data;
+int *flags;
+ { return(get_error_values(1,file,line,data,flags)); }
+
+unsigned long ERR_peek_error()
+ { return(get_error_values(0,NULL,NULL,NULL,NULL)); }
+
+unsigned long ERR_peek_error_line(file,line)
+char **file;
+int *line;
+ { return(get_error_values(0,file,line,NULL,NULL)); }
+
+unsigned long ERR_peek_error_line_data(file,line,data,flags)
+char **file;
+int *line;
+char **data;
+int *flags;
+ { return(get_error_values(0,file,line,data,flags)); }
+
+static unsigned long get_error_values(inc,file,line,data,flags)
+int inc;
+char **file;
+int *line;
+char **data;
+int *flags;
+ {
+ int i=0;
+ ERR_STATE *es;
+ unsigned long ret;
+
+ es=ERR_get_state();
+
+ if (es->bottom == es->top) return(0);
+ i=(es->bottom+1)%ERR_NUM_ERRORS;
+
+ ret=es->err_buffer[i];
+ if (inc)
+ {
+ es->bottom=i;
+ es->err_buffer[i]=0;
+ }
+
+ if ((file != NULL) && (line != NULL))
+ {
+ if (es->err_file[i] == NULL)
+ {
+ *file="NA";
+ if (line != NULL) *line=0;
+ }
+ else
+ {
+ *file=es->err_file[i];
+ if (line != NULL) *line=es->err_line[i];
+ }
+ }
+
+ if (data != NULL)
+ {
+ if (es->err_data[i] == NULL)
+ {
+ *data="";
+ if (flags != NULL) *flags=0;
+ }
+ else
+ {
+ *data=es->err_data[i];
+ if (flags != NULL) *flags=es->err_data_flags[i];
+ }
+ }
+ return(ret);
+ }
+
+/* BAD for multi-threaded, uses a local buffer if ret == NULL */
+char *ERR_error_string(e,ret)
+unsigned long e;
+char *ret;
+ {
+ static char buf[256];
+ char *ls,*fs,*rs;
+ unsigned long l,f,r;
+ int i;
+
+ l=ERR_GET_LIB(e);
+ f=ERR_GET_FUNC(e);
+ r=ERR_GET_REASON(e);
+
+ ls=ERR_lib_error_string(e);
+ fs=ERR_func_error_string(e);
+ rs=ERR_reason_error_string(e);
+
+ if (ret == NULL) ret=buf;
+
+ sprintf(&(ret[0]),"error:%08lX:",e);
+ i=strlen(ret);
+ if (ls == NULL)
+ sprintf(&(ret[i]),":lib(%lu) ",l);
+ else sprintf(&(ret[i]),"%s",ls);
+ i=strlen(ret);
+ if (fs == NULL)
+ sprintf(&(ret[i]),":func(%lu) ",f);
+ else sprintf(&(ret[i]),":%s",fs);
+ i=strlen(ret);
+ if (rs == NULL)
+ sprintf(&(ret[i]),":reason(%lu)",r);
+ else sprintf(&(ret[i]),":%s",rs);
+
+ return(ret);
+ }
+
+LHASH *ERR_get_string_table()
+ {
+ return(error_hash);
+ }
+
+LHASH *ERR_get_err_state_table()
+ {
+ return(thread_hash);
+ }
+
+char *ERR_lib_error_string(e)
+unsigned long e;
+ {
+ ERR_STRING_DATA d,*p=NULL;
+ unsigned long l;
+
+ l=ERR_GET_LIB(e);
+
+ CRYPTO_r_lock(CRYPTO_LOCK_ERR_HASH);
+
+ if (error_hash != NULL)
+ {
+ d.error=ERR_PACK(l,0,0);
+ p=(ERR_STRING_DATA *)lh_retrieve(error_hash,(char *)&d);
+ }
+
+ CRYPTO_r_unlock(CRYPTO_LOCK_ERR_HASH);
+
+ return((p == NULL)?NULL:p->string);
+ }
+
+char *ERR_func_error_string(e)
+unsigned long e;
+ {
+ ERR_STRING_DATA d,*p=NULL;
+ unsigned long l,f;
+
+ l=ERR_GET_LIB(e);
+ f=ERR_GET_FUNC(e);
+
+ CRYPTO_r_lock(CRYPTO_LOCK_ERR_HASH);
+
+ if (error_hash != NULL)
+ {
+ d.error=ERR_PACK(l,f,0);
+ p=(ERR_STRING_DATA *)lh_retrieve(error_hash,(char *)&d);
+ }
+
+ CRYPTO_r_unlock(CRYPTO_LOCK_ERR_HASH);
+
+ return((p == NULL)?NULL:p->string);
+ }
+
+char *ERR_reason_error_string(e)
+unsigned long e;
+ {
+ ERR_STRING_DATA d,*p=NULL;
+ unsigned long l,r;
+
+ l=ERR_GET_LIB(e);
+ r=ERR_GET_REASON(e);
+
+ CRYPTO_r_lock(CRYPTO_LOCK_ERR_HASH);
+
+ if (error_hash != NULL)
+ {
+ d.error=ERR_PACK(l,0,r);
+ p=(ERR_STRING_DATA *)lh_retrieve(error_hash,(char *)&d);
+ if (p == NULL)
+ {
+ d.error=ERR_PACK(0,0,r);
+ p=(ERR_STRING_DATA *)lh_retrieve(error_hash,
+ (char *)&d);
+ }
+ }
+
+ CRYPTO_r_unlock(CRYPTO_LOCK_ERR_HASH);
+
+ return((p == NULL)?NULL:p->string);
+ }
+
+static unsigned long err_hash(a)
+ERR_STRING_DATA *a;
+ {
+ unsigned long ret,l;
+
+ l=a->error;
+ ret=l^ERR_GET_LIB(l)^ERR_GET_FUNC(l);
+ return(ret^ret%19*13);
+ }
+
+static int err_cmp(a,b)
+ERR_STRING_DATA *a,*b;
+ {
+ return((int)(a->error-b->error));
+ }
+
+static unsigned long pid_hash(a)
+ERR_STATE *a;
+ {
+ return(a->pid*13);
+ }
+
+static int pid_cmp(a,b)
+ERR_STATE *a,*b;
+ {
+ return((int)((long)a->pid - (long)b->pid));
+ }
+
+void ERR_remove_state(pid)
+unsigned long pid;
+ {
+ ERR_STATE *p,tmp;
+
+ if (thread_hash == NULL)
+ return;
+ if (pid == 0)
+ pid=(unsigned long)CRYPTO_thread_id();
+ tmp.pid=pid;
+ CRYPTO_w_lock(CRYPTO_LOCK_ERR);
+ p=(ERR_STATE *)lh_delete(thread_hash,(char *)&tmp);
+ CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
+
+ if (p != NULL) ERR_STATE_free(p);
+ }
+
+ERR_STATE *ERR_get_state()
+ {
+ static ERR_STATE fallback;
+ ERR_STATE *ret=NULL,tmp,*tmpp;
+ int i;
+ unsigned long pid;
+
+ pid=(unsigned long)CRYPTO_thread_id();
+
+ CRYPTO_r_lock(CRYPTO_LOCK_ERR);
+ if (thread_hash == NULL)
+ {
+ CRYPTO_r_unlock(CRYPTO_LOCK_ERR);
+ CRYPTO_w_lock(CRYPTO_LOCK_ERR);
+ if (thread_hash == NULL)
+ {
+ thread_hash=lh_new(pid_hash,pid_cmp);
+ CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
+ if (thread_hash == NULL) return(&fallback);
+ }
+ else
+ CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
+ }
+ else
+ {
+ tmp.pid=pid;
+ ret=(ERR_STATE *)lh_retrieve(thread_hash,(char *)&tmp);
+ CRYPTO_r_unlock(CRYPTO_LOCK_ERR);
+ }
+
+ /* ret == the error state, if NULL, make a new one */
+ if (ret == NULL)
+ {
+ ret=(ERR_STATE *)Malloc(sizeof(ERR_STATE));
+ if (ret == NULL) return(&fallback);
+ ret->pid=pid;
+ ret->top=0;
+ ret->bottom=0;
+ for (i=0; i<ERR_NUM_ERRORS; i++)
+ {
+ ret->err_data[i]=NULL;
+ ret->err_data_flags[i]=0;
+ }
+ CRYPTO_w_lock(CRYPTO_LOCK_ERR);
+ tmpp=(ERR_STATE *)lh_insert(thread_hash,(char *)ret);
+ CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
+ if (tmpp != NULL) /* old entry - should not happen */
+ {
+ ERR_STATE_free(tmpp);
+ }
+ }
+ return(ret);
+ }
+
+int ERR_get_next_error_library()
+ {
+ static int value=ERR_LIB_USER;
+
+ return(value++);
+ }
+
+void ERR_set_error_data(data,flags)
+char *data;
+int flags;
+ {
+ ERR_STATE *es;
+ int i;
+
+ es=ERR_get_state();
+
+ i=es->top;
+ if (i == 0)
+ i=ERR_NUM_ERRORS-1;
+
+ es->err_data[i]=data;
+ es->err_data_flags[es->top]=flags;
+ }
+
+void ERR_add_error_data( VAR_PLIST(int , num))
+VAR_ALIST
+ {
+ VAR_BDEFN(args, int, num);
+ int i,n,s;
+ char *str,*p,*a;
+
+ s=64;
+ str=Malloc(s+1);
+ if (str == NULL) return;
+ str[0]='\0';
+
+ VAR_INIT(args,int,num);
+ n=0;
+ for (i=0; i<num; i++)
+ {
+ VAR_ARG(args,char *,a);
+ if (a != NULL) {
+ n+=strlen(a);
+ if (n > s)
+ {
+ s=n+20;
+ p=Realloc(str,s+1);
+ if (p == NULL)
+ {
+ Free(str);
+ return;
+ }
+ else
+ str=p;
+ }
+ strcat(str,a);
+ }
+ }
+ ERR_set_error_data(str,ERR_TXT_MALLOCED|ERR_TXT_STRING);
+
+ VAR_END( args );
+ }
+
diff --git a/src/lib/libssl/src/crypto/err/err.h b/src/lib/libssl/src/crypto/err/err.h
new file mode 100644
index 0000000000..75f931be11
--- /dev/null
+++ b/src/lib/libssl/src/crypto/err/err.h
@@ -0,0 +1,287 @@
+/* crypto/err/err.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_ERR_H
+#define HEADER_ERR_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* The following is a bit of a trick to help the object files only contain
+ * the 'name of the file' string once. Since 'err.h' is protected by the
+ * HEADER_ERR_H stuff, this should be included only once per file. */
+
+#define ERR_file_name __FILE__
+
+#ifndef NO_ERR
+#define ERR_PUT_error(a,b,c,d,e) ERR_put_error(a,b,c,d,e)
+#else
+#define ERR_PUT_error(a,b,c,d,e) ERR_put_error(a,b,c,NULL,0)
+#endif
+
+#include <errno.h>
+
+#define ERR_TXT_MALLOCED 0x01
+#define ERR_TXT_STRING 0x02
+
+#define ERR_NUM_ERRORS 16
+typedef struct err_state_st
+ {
+ unsigned long pid;
+ unsigned long err_buffer[ERR_NUM_ERRORS];
+ char *err_data[ERR_NUM_ERRORS];
+ int err_data_flags[ERR_NUM_ERRORS];
+ char *err_file[ERR_NUM_ERRORS];
+ int err_line[ERR_NUM_ERRORS];
+ int top,bottom;
+ } ERR_STATE;
+
+/* library */
+#define ERR_LIB_NONE 1
+#define ERR_LIB_SYS 2
+#define ERR_LIB_BN 3
+#define ERR_LIB_RSA 4
+#define ERR_LIB_DH 5
+#define ERR_LIB_EVP 6
+#define ERR_LIB_BUF 7
+#define ERR_LIB_OBJ 8
+#define ERR_LIB_PEM 9
+#define ERR_LIB_DSA 10
+#define ERR_LIB_X509 11
+#define ERR_LIB_METH 12
+#define ERR_LIB_ASN1 13
+#define ERR_LIB_CONF 14
+#define ERR_LIB_CRYPTO 15
+#define ERR_LIB_SSL 20
+#define ERR_LIB_SSL23 21
+#define ERR_LIB_SSL2 22
+#define ERR_LIB_SSL3 23
+#define ERR_LIB_RSAREF 30
+#define ERR_LIB_PROXY 31
+#define ERR_LIB_BIO 32
+#define ERR_LIB_PKCS7 33
+
+#define ERR_LIB_USER 128
+
+#define SYSerr(f,r) ERR_PUT_error(ERR_LIB_SYS,(f),(r),ERR_file_name,__LINE__)
+#define BNerr(f,r) ERR_PUT_error(ERR_LIB_BN,(f),(r),ERR_file_name,__LINE__)
+#define RSAerr(f,r) ERR_PUT_error(ERR_LIB_RSA,(f),(r),ERR_file_name,__LINE__)
+#define DHerr(f,r) ERR_PUT_error(ERR_LIB_DH,(f),(r),ERR_file_name,__LINE__)
+#define EVPerr(f,r) ERR_PUT_error(ERR_LIB_EVP,(f),(r),ERR_file_name,__LINE__)
+#define BUFerr(f,r) ERR_PUT_error(ERR_LIB_BUF,(f),(r),ERR_file_name,__LINE__)
+#define BIOerr(f,r) ERR_PUT_error(ERR_LIB_BIO,(f),(r),ERR_file_name,__LINE__)
+#define OBJerr(f,r) ERR_PUT_error(ERR_LIB_OBJ,(f),(r),ERR_file_name,__LINE__)
+#define PEMerr(f,r) ERR_PUT_error(ERR_LIB_PEM,(f),(r),ERR_file_name,__LINE__)
+#define DSAerr(f,r) ERR_PUT_error(ERR_LIB_DSA,(f),(r),ERR_file_name,__LINE__)
+#define X509err(f,r) ERR_PUT_error(ERR_LIB_X509,(f),(r),ERR_file_name,__LINE__)
+#define METHerr(f,r) ERR_PUT_error(ERR_LIB_METH,(f),(r),ERR_file_name,__LINE__)
+#define ASN1err(f,r) ERR_PUT_error(ERR_LIB_ASN1,(f),(r),ERR_file_name,__LINE__)
+#define CONFerr(f,r) ERR_PUT_error(ERR_LIB_CONF,(f),(r),ERR_file_name,__LINE__)
+#define CRYPTOerr(f,r) ERR_PUT_error(ERR_LIB_CRYPTO,(f),(r),ERR_file_name,__LINE__)
+#define SSLerr(f,r) ERR_PUT_error(ERR_LIB_SSL,(f),(r),ERR_file_name,__LINE__)
+#define SSL23err(f,r) ERR_PUT_error(ERR_LIB_SSL23,(f),(r),ERR_file_name,__LINE__)
+#define SSL2err(f,r) ERR_PUT_error(ERR_LIB_SSL2,(f),(r),ERR_file_name,__LINE__)
+#define SSL3err(f,r) ERR_PUT_error(ERR_LIB_SSL3,(f),(r),ERR_file_name,__LINE__)
+#define RSAREFerr(f,r) ERR_PUT_error(ERR_LIB_RSAREF,(f),(r),ERR_file_name,__LINE__)
+#define PROXYerr(f,r) ERR_PUT_error(ERR_LIB_PROXY,(f),(r),ERR_file_name,__LINE__)
+#define PKCS7err(f,r) ERR_PUT_error(ERR_LIB_PKCS7,(f),(r),ERR_file_name,__LINE__)
+
+/* Borland C seems too stupid to be able to shift and do longs in
+ * the pre-processor :-( */
+#define ERR_PACK(l,f,r) (((((unsigned long)l)&0xffL)*0x1000000)| \
+ ((((unsigned long)f)&0xfffL)*0x1000)| \
+ ((((unsigned long)r)&0xfffL)))
+#define ERR_GET_LIB(l) (int)((((unsigned long)l)>>24L)&0xffL)
+#define ERR_GET_FUNC(l) (int)((((unsigned long)l)>>12L)&0xfffL)
+#define ERR_GET_REASON(l) (int)((l)&0xfffL)
+#define ERR_FATAL_ERROR(l) (int)((l)&ERR_R_FATAL)
+
+/* OS fuctions */
+#define SYS_F_FOPEN 1
+#define SYS_F_CONNECT 2
+#define SYS_F_GETSERVBYNAME 3
+#define SYS_F_SOCKET 4
+#define SYS_F_IOCTLSOCKET 5
+#define SYS_F_BIND 6
+#define SYS_F_LISTEN 7
+#define SYS_F_ACCEPT 8
+#define SYS_F_WSASTARTUP 9 /* Winsock stuff */
+
+#define ERR_R_FATAL 32
+/* reasons */
+#define ERR_R_SYS_LIB ERR_LIB_SYS
+#define ERR_R_BN_LIB ERR_LIB_BN
+#define ERR_R_RSA_LIB ERR_LIB_RSA
+#define ERR_R_DSA_LIB ERR_LIB_DSA
+#define ERR_R_DH_LIB ERR_LIB_DH
+#define ERR_R_EVP_LIB ERR_LIB_EVP
+#define ERR_R_BUF_LIB ERR_LIB_BUF
+#define ERR_R_BIO_LIB ERR_LIB_BIO
+#define ERR_R_OBJ_LIB ERR_LIB_OBJ
+#define ERR_R_PEM_LIB ERR_LIB_PEM
+#define ERR_R_X509_LIB ERR_LIB_X509
+#define ERR_R_METH_LIB ERR_LIB_METH
+#define ERR_R_ASN1_LIB ERR_LIB_ASN1
+#define ERR_R_CONF_LIB ERR_LIB_CONF
+#define ERR_R_CRYPTO_LIB ERR_LIB_CRYPTO
+#define ERR_R_SSL_LIB ERR_LIB_SSL
+#define ERR_R_SSL23_LIB ERR_LIB_SSL23
+#define ERR_R_SSL2_LIB ERR_LIB_SSL2
+#define ERR_R_SSL3_LIB ERR_LIB_SSL3
+#define ERR_R_PROXY_LIB ERR_LIB_PROXY
+#define ERR_R_BIO_LIB ERR_LIB_BIO
+#define ERR_R_PKCS7_LIB ERR_LIB_PKCS7
+
+/* fatal error */
+#define ERR_R_MALLOC_FAILURE (1|ERR_R_FATAL)
+#define ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED (2|ERR_R_FATAL)
+#define ERR_R_PASSED_NULL_PARAMETER (3|ERR_R_FATAL)
+
+typedef struct ERR_string_data_st
+ {
+ unsigned long error;
+ char *string;
+ } ERR_STRING_DATA;
+
+#ifndef NOPROTO
+void ERR_put_error(int lib, int func,int reason,char *file,int line);
+void ERR_set_error_data(char *data,int flags);
+
+unsigned long ERR_get_error(void );
+unsigned long ERR_get_error_line(char **file,int *line);
+unsigned long ERR_get_error_line_data(char **file,int *line,
+ char **data, int *flags);
+unsigned long ERR_peek_error(void );
+unsigned long ERR_peek_error_line(char **file,int *line);
+unsigned long ERR_peek_error_line_data(char **file,int *line,
+ char **data,int *flags);
+void ERR_clear_error(void );
+char *ERR_error_string(unsigned long e,char *buf);
+char *ERR_lib_error_string(unsigned long e);
+char *ERR_func_error_string(unsigned long e);
+char *ERR_reason_error_string(unsigned long e);
+#ifndef NO_FP_API
+void ERR_print_errors_fp(FILE *fp);
+#endif
+#ifdef HEADER_BIO_H
+void ERR_print_errors(BIO *bp);
+void ERR_add_error_data( VAR_PLIST( int, num ) );
+#endif
+void ERR_load_strings(int lib,ERR_STRING_DATA str[]);
+void ERR_load_ERR_strings(void );
+void ERR_load_crypto_strings(void );
+void ERR_free_strings(void );
+
+void ERR_remove_state(unsigned long pid); /* if zero we look it up */
+ERR_STATE *ERR_get_state(void);
+
+#ifdef HEADER_LHASH_H
+LHASH *ERR_get_string_table(void );
+LHASH *ERR_get_err_state_table(void );
+#else
+char *ERR_get_string_table(void );
+char *ERR_get_err_state_table(void );
+#endif
+
+int ERR_get_next_error_library(void );
+
+#else
+
+void ERR_put_error();
+void ERR_set_error_data();
+
+unsigned long ERR_get_error();
+unsigned long ERR_get_error_line();
+unsigned long ERR_peek_error();
+unsigned long ERR_peek_error_line();
+void ERR_clear_error();
+char *ERR_error_string();
+char *ERR_lib_error_string();
+char *ERR_func_error_string();
+char *ERR_reason_error_string();
+#ifndef NO_FP_API
+void ERR_print_errors_fp();
+#endif
+void ERR_print_errors();
+void ERR_add_error_data();
+void ERR_load_strings();
+void ERR_load_ERR_strings();
+void ERR_load_crypto_strings();
+void ERR_free_strings();
+
+void ERR_remove_state();
+ERR_STATE *ERR_get_state();
+
+#ifdef HEADER_LHASH_H
+LHASH *ERR_get_string_table();
+LHASH *ERR_get_err_state_table();
+#else
+char *ERR_get_string_table();
+char *ERR_get_err_state_table();
+#endif
+
+int ERR_get_next_error_library();
+
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/src/lib/libssl/src/crypto/err/err_all.c b/src/lib/libssl/src/crypto/err/err_all.c
new file mode 100644
index 0000000000..f874268e1a
--- /dev/null
+++ b/src/lib/libssl/src/crypto/err/err_all.c
@@ -0,0 +1,116 @@
+/* crypto/err/err_all.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "asn1.h"
+#include "bn.h"
+#include "buffer.h"
+#include "bio.h"
+#ifndef NO_RSA
+#include "rsa.h"
+#endif
+#ifdef RSAref
+#include "rsaref.h"
+#endif
+#ifndef NO_DH
+#include "dh.h"
+#endif
+#ifndef NO_DSA
+#include "dsa.h"
+#endif
+#include "evp.h"
+#include "objects.h"
+#include "pem.h"
+#include "x509.h"
+#include "conf.h"
+#include "err.h"
+
+void ERR_load_crypto_strings()
+ {
+ static int done=0;
+
+ if (done) return;
+ done=1;
+#ifndef NO_ERR
+ ERR_load_ASN1_strings();
+ ERR_load_BN_strings();
+ ERR_load_BUF_strings();
+ ERR_load_BIO_strings();
+ ERR_load_CONF_strings();
+#ifndef NO_RSA
+#ifdef RSAref
+ ERR_load_RSAREF_strings();
+#else
+ ERR_load_RSA_strings();
+#endif
+#endif
+#ifndef NO_DH
+ ERR_load_DH_strings();
+#endif
+#ifndef NO_DSA
+ ERR_load_DSA_strings();
+#endif
+ ERR_load_ERR_strings();
+ ERR_load_EVP_strings();
+ ERR_load_OBJ_strings();
+ ERR_load_PEM_strings();
+ ERR_load_X509_strings();
+ ERR_load_CRYPTO_strings();
+ ERR_load_PKCS7_strings();
+#endif
+ }
diff --git a/src/lib/libssl/src/crypto/err/err_prn.c b/src/lib/libssl/src/crypto/err/err_prn.c
new file mode 100644
index 0000000000..ecd0e7c4fa
--- /dev/null
+++ b/src/lib/libssl/src/crypto/err/err_prn.c
@@ -0,0 +1,107 @@
+/* crypto/err/err_prn.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "lhash.h"
+#include "crypto.h"
+#include "cryptlib.h"
+#include "buffer.h"
+#include "err.h"
+#include "crypto.h"
+
+#ifndef NO_FP_API
+void ERR_print_errors_fp(fp)
+FILE *fp;
+ {
+ unsigned long l;
+ char buf[200];
+ char *file,*data;
+ int line,flags;
+ unsigned long es;
+
+ es=CRYPTO_thread_id();
+ while ((l=ERR_get_error_line_data(&file,&line,&data,&flags)) != 0)
+ {
+ fprintf(fp,"%lu:%s:%s:%d:%s\n",es,ERR_error_string(l,buf),
+ file,line,(flags&ERR_TXT_STRING)?data:"");
+ }
+ }
+#endif
+
+void ERR_print_errors(bp)
+BIO *bp;
+ {
+ unsigned long l;
+ char buf[256];
+ char buf2[256];
+ char *file,*data;
+ int line,flags;
+ unsigned long es;
+
+ es=CRYPTO_thread_id();
+ while ((l=ERR_get_error_line_data(&file,&line,&data,&flags)) != 0)
+ {
+ sprintf(buf2,"%lu:%s:%s:%d:",es,ERR_error_string(l,buf),
+ file,line);
+ BIO_write(bp,buf2,strlen(buf2));
+ if (flags & ERR_TXT_STRING)
+ BIO_write(bp,data,strlen(data));
+ BIO_write(bp,"\n",1);
+ }
+ }
+
diff --git a/src/lib/libssl/src/crypto/evp/bio_b64.c b/src/lib/libssl/src/crypto/evp/bio_b64.c
new file mode 100644
index 0000000000..73172b9a07
--- /dev/null
+++ b/src/lib/libssl/src/crypto/evp/bio_b64.c
@@ -0,0 +1,547 @@
+/* crypto/evp/bio_b64.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include "buffer.h"
+#include "evp.h"
+
+#ifndef NOPROTO
+static int b64_write(BIO *h,char *buf,int num);
+static int b64_read(BIO *h,char *buf,int size);
+/*static int b64_puts(BIO *h,char *str); */
+/*static int b64_gets(BIO *h,char *str,int size); */
+static long b64_ctrl(BIO *h,int cmd,long arg1,char *arg2);
+static int b64_new(BIO *h);
+static int b64_free(BIO *data);
+#else
+static int b64_write();
+static int b64_read();
+/*static int b64_puts(); */
+/*static int b64_gets(); */
+static long b64_ctrl();
+static int b64_new();
+static int b64_free();
+#endif
+
+#define B64_BLOCK_SIZE 1024
+#define B64_BLOCK_SIZE2 768
+#define B64_NONE 0
+#define B64_ENCODE 1
+#define B64_DECODE 2
+
+typedef struct b64_struct
+ {
+ /*BIO *bio; moved to the BIO structure */
+ int buf_len;
+ int buf_off;
+ int tmp_len; /* used to find the start when decoding */
+ int tmp_nl; /* If true, scan until '\n' */
+ int encode;
+ int start; /* have we started decoding yet? */
+ int cont; /* <= 0 when finished */
+ EVP_ENCODE_CTX base64;
+ char buf[EVP_ENCODE_LENGTH(B64_BLOCK_SIZE)+10];
+ char tmp[B64_BLOCK_SIZE];
+ } BIO_B64_CTX;
+
+static BIO_METHOD methods_b64=
+ {
+ BIO_TYPE_BASE64,"base64 encoding",
+ b64_write,
+ b64_read,
+ NULL, /* b64_puts, */
+ NULL, /* b64_gets, */
+ b64_ctrl,
+ b64_new,
+ b64_free,
+ };
+
+BIO_METHOD *BIO_f_base64()
+ {
+ return(&methods_b64);
+ }
+
+static int b64_new(bi)
+BIO *bi;
+ {
+ BIO_B64_CTX *ctx;
+
+ ctx=(BIO_B64_CTX *)Malloc(sizeof(BIO_B64_CTX));
+ if (ctx == NULL) return(0);
+
+ ctx->buf_len=0;
+ ctx->tmp_len=0;
+ ctx->tmp_nl=0;
+ ctx->buf_off=0;
+ ctx->cont=1;
+ ctx->start=1;
+ ctx->encode=0;
+
+ bi->init=1;
+ bi->ptr=(char *)ctx;
+ bi->flags=0;
+ return(1);
+ }
+
+static int b64_free(a)
+BIO *a;
+ {
+ if (a == NULL) return(0);
+ Free(a->ptr);
+ a->ptr=NULL;
+ a->init=0;
+ a->flags=0;
+ return(1);
+ }
+
+static int b64_read(b,out,outl)
+BIO *b;
+char *out;
+int outl;
+ {
+ int ret=0,i,ii,j,k,x,n,num,ret_code=0;
+ BIO_B64_CTX *ctx;
+ unsigned char *p,*q;
+
+ if (out == NULL) return(0);
+ ctx=(BIO_B64_CTX *)b->ptr;
+
+ if ((ctx == NULL) || (b->next_bio == NULL)) return(0);
+
+ if (ctx->encode != B64_DECODE)
+ {
+ ctx->encode=B64_DECODE;
+ ctx->buf_len=0;
+ ctx->buf_off=0;
+ ctx->tmp_len=0;
+ EVP_DecodeInit(&(ctx->base64));
+ }
+
+ /* First check if there are bytes decoded/encoded */
+ if (ctx->buf_len > 0)
+ {
+ i=ctx->buf_len-ctx->buf_off;
+ if (i > outl) i=outl;
+ memcpy(out,&(ctx->buf[ctx->buf_off]),i);
+ ret=i;
+ out+=i;
+ outl-=i;
+ ctx->buf_off+=i;
+ if (ctx->buf_len == ctx->buf_off)
+ {
+ ctx->buf_len=0;
+ ctx->buf_off=0;
+ }
+ }
+
+ /* At this point, we have room of outl bytes and an empty
+ * buffer, so we should read in some more. */
+
+ ret_code=0;
+ while (outl > 0)
+ {
+ if (ctx->cont <= 0) break;
+
+ i=BIO_read(b->next_bio,&(ctx->tmp[ctx->tmp_len]),
+ B64_BLOCK_SIZE-ctx->tmp_len);
+
+ if (i <= 0)
+ {
+ ret_code=i;
+
+ /* Should be continue next time we are called? */
+ if (!BIO_should_retry(b->next_bio))
+ ctx->cont=i;
+ /* else we should continue when called again */
+ break;
+ }
+ i+=ctx->tmp_len;
+
+ /* We need to scan, a line at a time until we
+ * have a valid line if we are starting. */
+ if (ctx->start && (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL))
+ {
+ /* ctx->start=1; */
+ ctx->tmp_len=0;
+ }
+ else if (ctx->start)
+ {
+ q=p=(unsigned char *)ctx->tmp;
+ for (j=0; j<i; j++)
+ {
+ if (*(q++) != '\n') continue;
+
+ /* due to a previous very long line,
+ * we need to keep on scanning for a '\n'
+ * before we even start looking for
+ * base64 encoded stuff. */
+ if (ctx->tmp_nl)
+ {
+ p=q;
+ ctx->tmp_nl=0;
+ continue;
+ }
+
+ k=EVP_DecodeUpdate(&(ctx->base64),
+ (unsigned char *)ctx->buf,
+ &num,p,q-p);
+ if ((k <= 0) && (num == 0) && (ctx->start))
+ EVP_DecodeInit(&ctx->base64);
+ else
+ {
+ if (p != (unsigned char *)
+ &(ctx->tmp[0]))
+ {
+ i-=(p- (unsigned char *)
+ &(ctx->tmp[0]));
+ for (x=0; x < i; x++)
+ ctx->tmp[x]=p[x];
+ EVP_DecodeInit(&ctx->base64);
+ }
+ ctx->start=0;
+ break;
+ }
+ p=q;
+ }
+
+ /* we fell off the end without starting */
+ if (j == i)
+ {
+ /* Is this is one long chunk?, if so, keep on
+ * reading until a new line. */
+ if (p == (unsigned char *)&(ctx->tmp[0]))
+ {
+ ctx->tmp_nl=1;
+ ctx->tmp_len=0;
+ }
+ else if (p != q) /* finished on a '\n' */
+ {
+ n=q-p;
+ for (ii=0; ii<n; ii++)
+ ctx->tmp[ii]=p[ii];
+ ctx->tmp_len=n;
+ }
+ /* else finished on a '\n' */
+ continue;
+ }
+ else
+ ctx->tmp_len=0;
+ }
+
+ if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL)
+ {
+ int z,jj;
+
+ jj=(i>>2)<<2;
+ z=EVP_DecodeBlock((unsigned char *)ctx->buf,
+ (unsigned char *)ctx->tmp,jj);
+ if (jj > 2)
+ {
+ if (ctx->tmp[jj-1] == '=')
+ {
+ z--;
+ if (ctx->tmp[jj-2] == '=')
+ z--;
+ }
+ }
+ /* z is now number of output bytes and jj is the
+ * number consumed */
+ if (jj != i)
+ {
+ memcpy((unsigned char *)ctx->tmp,
+ (unsigned char *)&(ctx->tmp[jj]),i-jj);
+ ctx->tmp_len=i-jj;
+ }
+ ctx->buf_len=0;
+ if (z > 0)
+ {
+ ctx->buf_len=z;
+ i=1;
+ }
+ else
+ i=z;
+ }
+ else
+ {
+ i=EVP_DecodeUpdate(&(ctx->base64),
+ (unsigned char *)ctx->buf,&ctx->buf_len,
+ (unsigned char *)ctx->tmp,i);
+ }
+ ctx->cont=i;
+ ctx->buf_off=0;
+ if (i < 0)
+ {
+ ret_code=0;
+ ctx->buf_len=0;
+ break;
+ }
+
+ if (ctx->buf_len <= outl)
+ i=ctx->buf_len;
+ else
+ i=outl;
+
+ memcpy(out,ctx->buf,i);
+ ret+=i;
+ ctx->buf_off=i;
+ if (ctx->buf_off == ctx->buf_len)
+ {
+ ctx->buf_len=0;
+ ctx->buf_off=0;
+ }
+ outl-=i;
+ out+=i;
+ }
+ BIO_clear_retry_flags(b);
+ BIO_copy_next_retry(b);
+ return((ret == 0)?ret_code:ret);
+ }
+
+static int b64_write(b,in,inl)
+BIO *b;
+char *in;
+int inl;
+ {
+ int ret=inl,n,i;
+ BIO_B64_CTX *ctx;
+
+ ctx=(BIO_B64_CTX *)b->ptr;
+ BIO_clear_retry_flags(b);
+
+ if (ctx->encode != B64_ENCODE)
+ {
+ ctx->encode=B64_ENCODE;
+ ctx->buf_len=0;
+ ctx->buf_off=0;
+ ctx->tmp_len=0;
+ EVP_EncodeInit(&(ctx->base64));
+ }
+
+ n=ctx->buf_len-ctx->buf_off;
+ while (n > 0)
+ {
+ i=BIO_write(b->next_bio,&(ctx->buf[ctx->buf_off]),n);
+ if (i <= 0)
+ {
+ BIO_copy_next_retry(b);
+ return(i);
+ }
+ ctx->buf_off+=i;
+ n-=i;
+ }
+ /* at this point all pending data has been written */
+
+ if ((in == NULL) || (inl <= 0)) return(0);
+
+ ctx->buf_off=0;
+ while (inl > 0)
+ {
+ n=(inl > B64_BLOCK_SIZE)?B64_BLOCK_SIZE:inl;
+
+ if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL)
+ {
+ if (ctx->tmp_len > 0)
+ {
+ n=3-ctx->tmp_len;
+ memcpy(&(ctx->tmp[ctx->tmp_len]),in,n);
+ ctx->tmp_len+=n;
+ n=ctx->tmp_len;
+ if (n < 3)
+ break;
+ ctx->buf_len=EVP_EncodeBlock(
+ (unsigned char *)ctx->buf,
+ (unsigned char *)ctx->tmp,n);
+ }
+ else
+ {
+ if (n < 3)
+ {
+ memcpy(&(ctx->tmp[0]),in,n);
+ ctx->tmp_len=n;
+ break;
+ }
+ n-=n%3;
+ ctx->buf_len=EVP_EncodeBlock(
+ (unsigned char *)ctx->buf,
+ (unsigned char *)in,n);
+ }
+ }
+ else
+ {
+ EVP_EncodeUpdate(&(ctx->base64),
+ (unsigned char *)ctx->buf,&ctx->buf_len,
+ (unsigned char *)in,n);
+ }
+ inl-=n;
+ in+=n;
+
+ ctx->buf_off=0;
+ n=ctx->buf_len;
+ while (n > 0)
+ {
+ i=BIO_write(b->next_bio,&(ctx->buf[ctx->buf_off]),n);
+ if (i <= 0)
+ {
+ BIO_copy_next_retry(b);
+ return((ret == 0)?i:ret);
+ }
+ n-=i;
+ ctx->buf_off+=i;
+ }
+ ctx->buf_len=0;
+ ctx->buf_off=0;
+ }
+ return(ret);
+ }
+
+static long b64_ctrl(b,cmd,num,ptr)
+BIO *b;
+int cmd;
+long num;
+char *ptr;
+ {
+ BIO_B64_CTX *ctx;
+ long ret=1;
+ int i;
+
+ ctx=(BIO_B64_CTX *)b->ptr;
+
+ switch (cmd)
+ {
+ case BIO_CTRL_RESET:
+ ctx->cont=1;
+ ctx->start=1;
+ ctx->encode=B64_NONE;
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ break;
+ case BIO_CTRL_EOF: /* More to read */
+ if (ctx->cont <= 0)
+ ret=1;
+ else
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ break;
+ case BIO_CTRL_WPENDING: /* More to write in buffer */
+ ret=ctx->buf_len-ctx->buf_off;
+ if ((ret == 0) && (ctx->base64.num != 0))
+ ret=1;
+ else if (ret <= 0)
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ break;
+ case BIO_CTRL_PENDING: /* More to read in buffer */
+ ret=ctx->buf_len-ctx->buf_off;
+ if (ret <= 0)
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ break;
+ case BIO_CTRL_FLUSH:
+ /* do a final write */
+again:
+ while (ctx->buf_len != ctx->buf_off)
+ {
+ i=b64_write(b,NULL,0);
+ if (i < 0)
+ {
+ ret=i;
+ break;
+ }
+ }
+ if (BIO_get_flags(b) & BIO_FLAGS_BASE64_NO_NL)
+ {
+ if (ctx->tmp_len != 0)
+ {
+ ctx->buf_len=EVP_EncodeBlock(
+ (unsigned char *)ctx->buf,
+ (unsigned char *)ctx->tmp,
+ ctx->tmp_len);
+ ctx->buf_off=0;
+ ctx->tmp_len=0;
+ goto again;
+ }
+ }
+ else if (ctx->base64.num != 0)
+ {
+ ctx->buf_off=0;
+ EVP_EncodeFinal(&(ctx->base64),
+ (unsigned char *)ctx->buf,
+ &(ctx->buf_len));
+ /* push out the bytes */
+ goto again;
+ }
+ /* Finally flush the underlying BIO */
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ break;
+
+ case BIO_C_DO_STATE_MACHINE:
+ BIO_clear_retry_flags(b);
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ BIO_copy_next_retry(b);
+ break;
+
+ case BIO_CTRL_DUP:
+ break;
+ case BIO_CTRL_INFO:
+ case BIO_CTRL_GET:
+ case BIO_CTRL_SET:
+ default:
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ break;
+ }
+ return(ret);
+ }
+
diff --git a/src/lib/libssl/src/crypto/evp/bio_enc.c b/src/lib/libssl/src/crypto/evp/bio_enc.c
new file mode 100644
index 0000000000..6c30ddfc54
--- /dev/null
+++ b/src/lib/libssl/src/crypto/evp/bio_enc.c
@@ -0,0 +1,423 @@
+/* crypto/evp/bio_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include "buffer.h"
+#include "evp.h"
+
+#ifndef NOPROTO
+static int enc_write(BIO *h,char *buf,int num);
+static int enc_read(BIO *h,char *buf,int size);
+/*static int enc_puts(BIO *h,char *str); */
+/*static int enc_gets(BIO *h,char *str,int size); */
+static long enc_ctrl(BIO *h,int cmd,long arg1,char *arg2);
+static int enc_new(BIO *h);
+static int enc_free(BIO *data);
+#else
+static int enc_write();
+static int enc_read();
+/*static int enc_puts(); */
+/*static int enc_gets(); */
+static long enc_ctrl();
+static int enc_new();
+static int enc_free();
+#endif
+
+#define ENC_BLOCK_SIZE (1024*4)
+
+typedef struct enc_struct
+ {
+ int buf_len;
+ int buf_off;
+ int cont; /* <= 0 when finished */
+ int finished;
+ int ok; /* bad decrypt */
+ EVP_CIPHER_CTX cipher;
+ char buf[ENC_BLOCK_SIZE+10];
+ } BIO_ENC_CTX;
+
+static BIO_METHOD methods_enc=
+ {
+ BIO_TYPE_CIPHER,"cipher",
+ enc_write,
+ enc_read,
+ NULL, /* enc_puts, */
+ NULL, /* enc_gets, */
+ enc_ctrl,
+ enc_new,
+ enc_free,
+ };
+
+BIO_METHOD *BIO_f_cipher()
+ {
+ return(&methods_enc);
+ }
+
+static int enc_new(bi)
+BIO *bi;
+ {
+ BIO_ENC_CTX *ctx;
+
+ ctx=(BIO_ENC_CTX *)Malloc(sizeof(BIO_ENC_CTX));
+ EVP_CIPHER_CTX_init(&ctx->cipher);
+ if (ctx == NULL) return(0);
+
+ ctx->buf_len=0;
+ ctx->buf_off=0;
+ ctx->cont=1;
+ ctx->finished=0;
+ ctx->ok=1;
+
+ bi->init=0;
+ bi->ptr=(char *)ctx;
+ bi->flags=0;
+ return(1);
+ }
+
+static int enc_free(a)
+BIO *a;
+ {
+ BIO_ENC_CTX *b;
+
+ if (a == NULL) return(0);
+ b=(BIO_ENC_CTX *)a->ptr;
+ EVP_CIPHER_CTX_cleanup(&(b->cipher));
+ memset(a->ptr,0,sizeof(BIO_ENC_CTX));
+ Free(a->ptr);
+ a->ptr=NULL;
+ a->init=0;
+ a->flags=0;
+ return(1);
+ }
+
+static int enc_read(b,out,outl)
+BIO *b;
+char *out;
+int outl;
+ {
+ int ret=0,i;
+ BIO_ENC_CTX *ctx;
+
+ if (out == NULL) return(0);
+ ctx=(BIO_ENC_CTX *)b->ptr;
+
+ if ((ctx == NULL) || (b->next_bio == NULL)) return(0);
+
+ /* First check if there are bytes decoded/encoded */
+ if (ctx->buf_len > 0)
+ {
+ i=ctx->buf_len-ctx->buf_off;
+ if (i > outl) i=outl;
+ memcpy(out,&(ctx->buf[ctx->buf_off]),i);
+ ret=i;
+ out+=i;
+ outl-=i;
+ ctx->buf_off+=i;
+ if (ctx->buf_len == ctx->buf_off)
+ {
+ ctx->buf_len=0;
+ ctx->buf_off=0;
+ }
+ }
+
+ /* At this point, we have room of outl bytes and an empty
+ * buffer, so we should read in some more. */
+
+ while (outl > 0)
+ {
+ if (ctx->cont <= 0) break;
+
+ /* read in at offset 8, read the EVP_Cipher
+ * documentation about why */
+ i=BIO_read(b->next_bio,&(ctx->buf[8]),ENC_BLOCK_SIZE);
+
+ if (i <= 0)
+ {
+ /* Should be continue next time we are called? */
+ if (!BIO_should_retry(b->next_bio))
+ {
+ ctx->cont=i;
+ i=EVP_CipherFinal(&(ctx->cipher),
+ (unsigned char *)ctx->buf,
+ &(ctx->buf_len));
+ ctx->ok=i;
+ ctx->buf_off=0;
+ }
+ else
+ ret=(ret == 0)?i:ret;
+ break;
+ }
+ else
+ {
+ EVP_CipherUpdate(&(ctx->cipher),
+ (unsigned char *)ctx->buf,&ctx->buf_len,
+ (unsigned char *)&(ctx->buf[8]),i);
+ ctx->cont=1;
+ }
+
+ if (ctx->buf_len <= outl)
+ i=ctx->buf_len;
+ else
+ i=outl;
+
+ if (i <= 0) break;
+ memcpy(out,ctx->buf,i);
+ ret+=i;
+ ctx->buf_off=i;
+ outl-=i;
+ out+=i;
+ }
+
+ BIO_clear_retry_flags(b);
+ BIO_copy_next_retry(b);
+ return((ret == 0)?ctx->cont:ret);
+ }
+
+static int enc_write(b,in,inl)
+BIO *b;
+char *in;
+int inl;
+ {
+ int ret=0,n,i;
+ BIO_ENC_CTX *ctx;
+
+ ctx=(BIO_ENC_CTX *)b->ptr;
+ ret=inl;
+
+ BIO_clear_retry_flags(b);
+ n=ctx->buf_len-ctx->buf_off;
+ while (n > 0)
+ {
+ i=BIO_write(b->next_bio,&(ctx->buf[ctx->buf_off]),n);
+ if (i <= 0)
+ {
+ BIO_copy_next_retry(b);
+ return(i);
+ }
+ ctx->buf_off+=i;
+ n-=i;
+ }
+ /* at this point all pending data has been written */
+
+ if ((in == NULL) || (inl <= 0)) return(0);
+
+ ctx->buf_off=0;
+ while (inl > 0)
+ {
+ n=(inl > ENC_BLOCK_SIZE)?ENC_BLOCK_SIZE:inl;
+ EVP_CipherUpdate(&(ctx->cipher),
+ (unsigned char *)ctx->buf,&ctx->buf_len,
+ (unsigned char *)in,n);
+ inl-=n;
+ in+=n;
+
+ ctx->buf_off=0;
+ n=ctx->buf_len;
+ while (n > 0)
+ {
+ i=BIO_write(b->next_bio,&(ctx->buf[ctx->buf_off]),n);
+ if (i <= 0)
+ {
+ BIO_copy_next_retry(b);
+ return(i);
+ }
+ n-=i;
+ ctx->buf_off+=i;
+ }
+ ctx->buf_len=0;
+ ctx->buf_off=0;
+ }
+ BIO_copy_next_retry(b);
+ return(ret);
+ }
+
+static long enc_ctrl(b,cmd,num,ptr)
+BIO *b;
+int cmd;
+long num;
+char *ptr;
+ {
+ BIO *dbio;
+ BIO_ENC_CTX *ctx,*dctx;
+ long ret=1;
+ int i;
+
+ ctx=(BIO_ENC_CTX *)b->ptr;
+
+ switch (cmd)
+ {
+ case BIO_CTRL_RESET:
+ ctx->ok=1;
+ ctx->finished=0;
+ EVP_CipherInit(&(ctx->cipher),NULL,NULL,NULL,
+ ctx->cipher.encrypt);
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ break;
+ case BIO_CTRL_EOF: /* More to read */
+ if (ctx->cont <= 0)
+ ret=1;
+ else
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ break;
+ case BIO_CTRL_WPENDING:
+ ret=ctx->buf_len-ctx->buf_off;
+ if (ret <= 0)
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ break;
+ case BIO_CTRL_PENDING: /* More to read in buffer */
+ ret=ctx->buf_len-ctx->buf_off;
+ if (ret <= 0)
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ break;
+ case BIO_CTRL_FLUSH:
+ /* do a final write */
+again:
+ while (ctx->buf_len != ctx->buf_off)
+ {
+ i=enc_write(b,NULL,0);
+ if (i < 0)
+ {
+ ret=i;
+ break;
+ }
+ }
+
+ if (!ctx->finished)
+ {
+ ctx->finished=1;
+ ctx->buf_off=0;
+ ret=EVP_CipherFinal(&(ctx->cipher),
+ (unsigned char *)ctx->buf,
+ &(ctx->buf_len));
+ ctx->ok=(int)ret;
+ if (ret <= 0) break;
+
+ /* push out the bytes */
+ goto again;
+ }
+
+ /* Finally flush the underlying BIO */
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ break;
+ case BIO_C_GET_CIPHER_STATUS:
+ ret=(long)ctx->ok;
+ break;
+ case BIO_C_DO_STATE_MACHINE:
+ BIO_clear_retry_flags(b);
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ BIO_copy_next_retry(b);
+ break;
+
+ case BIO_CTRL_DUP:
+ dbio=(BIO *)ptr;
+ dctx=(BIO_ENC_CTX *)dbio->ptr;
+ memcpy(&(dctx->cipher),&(ctx->cipher),sizeof(ctx->cipher));
+ dbio->init=1;
+ break;
+ default:
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ break;
+ }
+ return(ret);
+ }
+
+/*
+void BIO_set_cipher_ctx(b,c)
+BIO *b;
+EVP_CIPHER_ctx *c;
+ {
+ if (b == NULL) return;
+
+ if ((b->callback != NULL) &&
+ (b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,0L) <= 0))
+ return;
+
+ b->init=1;
+ ctx=(BIO_ENC_CTX *)b->ptr;
+ memcpy(ctx->cipher,c,sizeof(EVP_CIPHER_CTX));
+
+ if (b->callback != NULL)
+ b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,1L);
+ }
+*/
+
+void BIO_set_cipher(b,c,k,i,e)
+BIO *b;
+EVP_CIPHER *c;
+unsigned char *k;
+unsigned char *i;
+int e;
+ {
+ BIO_ENC_CTX *ctx;
+
+ if (b == NULL) return;
+
+ if ((b->callback != NULL) &&
+ (b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,0L) <= 0))
+ return;
+
+ b->init=1;
+ ctx=(BIO_ENC_CTX *)b->ptr;
+ EVP_CipherInit(&(ctx->cipher),c,k,i,e);
+
+ if (b->callback != NULL)
+ b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,1L);
+ }
+
diff --git a/src/lib/libssl/src/crypto/evp/bio_md.c b/src/lib/libssl/src/crypto/evp/bio_md.c
new file mode 100644
index 0000000000..fa5fdc055b
--- /dev/null
+++ b/src/lib/libssl/src/crypto/evp/bio_md.c
@@ -0,0 +1,270 @@
+/* crypto/evp/bio_md.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include "buffer.h"
+#include "evp.h"
+
+/* BIO_put and BIO_get both add to the digest,
+ * BIO_gets returns the digest */
+
+#ifndef NOPROTO
+static int md_write(BIO *h,char *buf,int num);
+static int md_read(BIO *h,char *buf,int size);
+/*static int md_puts(BIO *h,char *str); */
+static int md_gets(BIO *h,char *str,int size);
+static long md_ctrl(BIO *h,int cmd,long arg1,char *arg2);
+static int md_new(BIO *h);
+static int md_free(BIO *data);
+#else
+static int md_write();
+static int md_read();
+/*static int md_puts(); */
+static int md_gets();
+static long md_ctrl();
+static int md_new();
+static int md_free();
+#endif
+
+static BIO_METHOD methods_md=
+ {
+ BIO_TYPE_MD,"message digest",
+ md_write,
+ md_read,
+ NULL, /* md_puts, */
+ md_gets,
+ md_ctrl,
+ md_new,
+ md_free,
+ };
+
+BIO_METHOD *BIO_f_md()
+ {
+ return(&methods_md);
+ }
+
+static int md_new(bi)
+BIO *bi;
+ {
+ EVP_MD_CTX *ctx;
+
+ ctx=(EVP_MD_CTX *)Malloc(sizeof(EVP_MD_CTX));
+ if (ctx == NULL) return(0);
+
+ bi->init=0;
+ bi->ptr=(char *)ctx;
+ bi->flags=0;
+ return(1);
+ }
+
+static int md_free(a)
+BIO *a;
+ {
+ if (a == NULL) return(0);
+ Free(a->ptr);
+ a->ptr=NULL;
+ a->init=0;
+ a->flags=0;
+ return(1);
+ }
+
+static int md_read(b,out,outl)
+BIO *b;
+char *out;
+int outl;
+ {
+ int ret=0;
+ EVP_MD_CTX *ctx;
+
+ if (out == NULL) return(0);
+ ctx=(EVP_MD_CTX *)b->ptr;
+
+ if ((ctx == NULL) || (b->next_bio == NULL)) return(0);
+
+ ret=BIO_read(b->next_bio,out,outl);
+ if (b->init)
+ {
+ if (ret > 0)
+ {
+ EVP_DigestUpdate(ctx,(unsigned char *)out,
+ (unsigned int)ret);
+ }
+ }
+ BIO_clear_retry_flags(b);
+ BIO_copy_next_retry(b);
+ return(ret);
+ }
+
+static int md_write(b,in,inl)
+BIO *b;
+char *in;
+int inl;
+ {
+ int ret=0;
+ EVP_MD_CTX *ctx;
+
+ if ((in == NULL) || (inl <= 0)) return(0);
+ ctx=(EVP_MD_CTX *)b->ptr;
+
+ if ((ctx != NULL) && (b->next_bio != NULL))
+ ret=BIO_write(b->next_bio,in,inl);
+ if (b->init)
+ {
+ if (ret > 0)
+ {
+ EVP_DigestUpdate(ctx,(unsigned char *)in,
+ (unsigned int)ret);
+ }
+ }
+ BIO_clear_retry_flags(b);
+ BIO_copy_next_retry(b);
+ return(ret);
+ }
+
+static long md_ctrl(b,cmd,num,ptr)
+BIO *b;
+int cmd;
+long num;
+char *ptr;
+ {
+ EVP_MD_CTX *ctx,*dctx,**pctx;
+ EVP_MD **ppmd;
+ EVP_MD *md;
+ long ret=1;
+ BIO *dbio;
+
+ ctx=(EVP_MD_CTX *)b->ptr;
+
+ switch (cmd)
+ {
+ case BIO_CTRL_RESET:
+ if (b->init)
+ EVP_DigestInit(ctx,ctx->digest);
+ else
+ ret=0;
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ break;
+ case BIO_C_GET_MD:
+ if (b->init)
+ {
+ ppmd=(EVP_MD **)ptr;
+ *ppmd=ctx->digest;
+ }
+ else
+ ret=0;
+ break;
+ case BIO_C_GET_MD_CTX:
+ if (b->init)
+ {
+ pctx=(EVP_MD_CTX **)ptr;
+ *pctx=ctx;
+ }
+ else
+ ret=0;
+ break;
+ case BIO_C_DO_STATE_MACHINE:
+ BIO_clear_retry_flags(b);
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ BIO_copy_next_retry(b);
+ break;
+
+ case BIO_C_SET_MD:
+ md=(EVP_MD *)ptr;
+ EVP_DigestInit(ctx,md);
+ b->init=1;
+ break;
+ case BIO_CTRL_DUP:
+ dbio=(BIO *)ptr;
+ dctx=(EVP_MD_CTX *)dbio->ptr;
+ memcpy(dctx,ctx,sizeof(ctx));
+ b->init=1;
+ break;
+ default:
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ break;
+ }
+ return(ret);
+ }
+
+static int md_gets(bp,buf,size)
+BIO *bp;
+char *buf;
+int size;
+ {
+ EVP_MD_CTX *ctx;
+ unsigned int ret;
+
+
+ ctx=(EVP_MD_CTX *)bp->ptr;
+ if (size < ctx->digest->md_size)
+ return(0);
+ EVP_DigestFinal(ctx,(unsigned char *)buf,&ret);
+ return((int)ret);
+ }
+
+/*
+static int md_puts(bp,str)
+BIO *bp;
+char *str;
+ {
+ return(-1);
+ }
+*/
+
diff --git a/src/lib/libssl/src/crypto/evp/c_all.c b/src/lib/libssl/src/crypto/evp/c_all.c
new file mode 100644
index 0000000000..e77d1c896b
--- /dev/null
+++ b/src/lib/libssl/src/crypto/evp/c_all.c
@@ -0,0 +1,190 @@
+/* crypto/evp/c_all.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+void SSLeay_add_all_algorithms()
+ {
+ SSLeay_add_all_ciphers();
+ SSLeay_add_all_digests();
+ }
+
+void SSLeay_add_all_ciphers()
+ {
+#ifndef NO_DES
+ EVP_add_cipher(EVP_des_cfb());
+ EVP_add_cipher(EVP_des_ede_cfb());
+ EVP_add_cipher(EVP_des_ede3_cfb());
+
+ EVP_add_cipher(EVP_des_ofb());
+ EVP_add_cipher(EVP_des_ede_ofb());
+ EVP_add_cipher(EVP_des_ede3_ofb());
+
+ EVP_add_cipher(EVP_desx_cbc());
+ EVP_add_alias(SN_desx_cbc,"DESX");
+ EVP_add_alias(SN_desx_cbc,"desx");
+
+ EVP_add_cipher(EVP_des_cbc());
+ EVP_add_alias(SN_des_cbc,"DES");
+ EVP_add_alias(SN_des_cbc,"des");
+ EVP_add_cipher(EVP_des_ede_cbc());
+ EVP_add_cipher(EVP_des_ede3_cbc());
+ EVP_add_alias(SN_des_ede3_cbc,"DES3");
+ EVP_add_alias(SN_des_ede3_cbc,"des3");
+
+ EVP_add_cipher(EVP_des_ecb());
+ EVP_add_cipher(EVP_des_ede());
+ EVP_add_cipher(EVP_des_ede3());
+#endif
+
+#ifndef NO_RC4
+ EVP_add_cipher(EVP_rc4());
+ EVP_add_cipher(EVP_rc4_40());
+#endif
+
+#ifndef NO_IDEA
+ EVP_add_cipher(EVP_idea_ecb());
+ EVP_add_cipher(EVP_idea_cfb());
+ EVP_add_cipher(EVP_idea_ofb());
+ EVP_add_cipher(EVP_idea_cbc());
+ EVP_add_alias(SN_idea_cbc,"IDEA");
+ EVP_add_alias(SN_idea_cbc,"idea");
+#endif
+
+#ifndef NO_RC2
+ EVP_add_cipher(EVP_rc2_ecb());
+ EVP_add_cipher(EVP_rc2_cfb());
+ EVP_add_cipher(EVP_rc2_ofb());
+ EVP_add_cipher(EVP_rc2_cbc());
+ EVP_add_cipher(EVP_rc2_40_cbc());
+ EVP_add_alias(SN_rc2_cbc,"RC2");
+ EVP_add_alias(SN_rc2_cbc,"rc2");
+#endif
+
+#ifndef NO_BLOWFISH
+ EVP_add_cipher(EVP_bf_ecb());
+ EVP_add_cipher(EVP_bf_cfb());
+ EVP_add_cipher(EVP_bf_ofb());
+ EVP_add_cipher(EVP_bf_cbc());
+ EVP_add_alias(SN_bf_cbc,"BF");
+ EVP_add_alias(SN_bf_cbc,"bf");
+ EVP_add_alias(SN_bf_cbc,"blowfish");
+#endif
+
+#ifndef NO_CAST
+ EVP_add_cipher(EVP_cast5_ecb());
+ EVP_add_cipher(EVP_cast5_cfb());
+ EVP_add_cipher(EVP_cast5_ofb());
+ EVP_add_cipher(EVP_cast5_cbc());
+ EVP_add_alias(SN_cast5_cbc,"CAST");
+ EVP_add_alias(SN_cast5_cbc,"cast");
+ EVP_add_alias(SN_cast5_cbc,"CAST-cbc");
+ EVP_add_alias(SN_cast5_cbc,"cast-cbc");
+#endif
+
+#ifndef NO_RC5
+ EVP_add_cipher(EVP_rc5_32_12_16_ecb());
+ EVP_add_cipher(EVP_rc5_32_12_16_cfb());
+ EVP_add_cipher(EVP_rc5_32_12_16_ofb());
+ EVP_add_cipher(EVP_rc5_32_12_16_cbc());
+ EVP_add_alias(SN_rc5_cbc,"rc5");
+ EVP_add_alias(SN_rc5_cbc,"RC5");
+ EVP_add_alias(SN_rc5_cbc,"rc5-cbc");
+ EVP_add_alias(SN_rc5_cbc,"RC5-cbc");
+#endif
+ }
+
+
+void SSLeay_add_all_digests()
+ {
+#ifndef NO_MD2
+ EVP_add_digest(EVP_md2());
+#endif
+#ifndef NO_MD5
+ EVP_add_digest(EVP_md5());
+ EVP_add_alias(SN_md5,"ssl2-md5");
+ EVP_add_alias(SN_md5,"ssl3-md5");
+#endif
+#ifndef NO_SHA
+ EVP_add_digest(EVP_sha());
+#ifndef NO_DSA
+ EVP_add_digest(EVP_dss());
+#endif
+#endif
+#ifndef NO_SHA1
+ EVP_add_digest(EVP_sha1());
+ EVP_add_alias(SN_sha1,"ssl3-sha1");
+#ifndef NO_DSA
+ EVP_add_digest(EVP_dss1());
+ EVP_add_alias(SN_dsaWithSHA1,SN_dsaWithSHA1_2);
+ EVP_add_alias(SN_dsaWithSHA1,"DSS1");
+ EVP_add_alias(SN_dsaWithSHA1,"dss1");
+#endif
+#endif
+#if !defined(NO_MDC2) && !defined(NO_DES)
+ EVP_add_digest(EVP_mdc2());
+#endif
+#ifndef NO_RIPEMD160
+ EVP_add_digest(EVP_ripemd160());
+ EVP_add_alias(SN_ripemd160,"ripemd");
+ EVP_add_alias(SN_ripemd160,"rmd160");
+#endif
+ }
diff --git a/src/lib/libssl/src/crypto/evp/digest.c b/src/lib/libssl/src/crypto/evp/digest.c
new file mode 100644
index 0000000000..d65f0036f7
--- /dev/null
+++ b/src/lib/libssl/src/crypto/evp/digest.c
@@ -0,0 +1,89 @@
+/* crypto/evp/digest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "objects.h"
+#include "evp.h"
+
+void EVP_DigestInit(ctx,type)
+EVP_MD_CTX *ctx;
+EVP_MD *type;
+ {
+ ctx->digest=type;
+ type->init(&(ctx->md));
+ }
+
+void EVP_DigestUpdate(ctx,data,count)
+EVP_MD_CTX *ctx;
+unsigned char *data;
+unsigned int count;
+ {
+ ctx->digest->update(&(ctx->md.base[0]),data,(unsigned long)count);
+ }
+
+void EVP_DigestFinal(ctx,md,size)
+EVP_MD_CTX *ctx;
+unsigned char *md;
+unsigned int *size;
+ {
+ ctx->digest->final(md,&(ctx->md.base[0]));
+ if (size != NULL)
+ *size=ctx->digest->md_size;
+ memset(&(ctx->md),0,sizeof(ctx->md));
+ }
diff --git a/src/lib/libssl/src/crypto/evp/e_dsa.c b/src/lib/libssl/src/crypto/evp/e_dsa.c
new file mode 100644
index 0000000000..6715c3e95e
--- /dev/null
+++ b/src/lib/libssl/src/crypto/evp/e_dsa.c
@@ -0,0 +1,71 @@
+/* crypto/evp/e_dsa.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+static EVP_PKEY_METHOD dss_method=
+ {
+ DSA_sign,
+ DSA_verify,
+ {EVP_PKEY_DSA,EVP_PKEY_DSA2,EVP_PKEY_DSA3,NULL},
+ };
+
diff --git a/src/lib/libssl/src/crypto/evp/e_null.c b/src/lib/libssl/src/crypto/evp/e_null.c
new file mode 100644
index 0000000000..e4e7ca7606
--- /dev/null
+++ b/src/lib/libssl/src/crypto/evp/e_null.c
@@ -0,0 +1,109 @@
+/* crypto/evp/e_null.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void null_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+ unsigned char *iv,int enc);
+static void null_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ unsigned char *in, unsigned int inl);
+#else
+static void null_init_key();
+static void null_cipher();
+#endif
+
+static EVP_CIPHER n_cipher=
+ {
+ NID_undef,
+ 1,0,0,
+ null_init_key,
+ null_cipher,
+ NULL,
+ 0,
+ NULL,
+ NULL,
+ };
+
+EVP_CIPHER *EVP_enc_null()
+ {
+ return(&n_cipher);
+ }
+
+static void null_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+ {
+ memset(&(ctx->c),0,sizeof(ctx->c));
+ }
+
+static void null_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+ {
+ if (in != out)
+ memcpy((char *)out,(char *)in,(int)inl);
+ }
+
diff --git a/src/lib/libssl/src/crypto/evp/e_rc4.c b/src/lib/libssl/src/crypto/evp/e_rc4.c
new file mode 100644
index 0000000000..7e9790a94c
--- /dev/null
+++ b/src/lib/libssl/src/crypto/evp/e_rc4.c
@@ -0,0 +1,127 @@
+/* crypto/evp/e_rc4.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef NO_RC4
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void rc4_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+ unsigned char *iv,int enc);
+static void rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ unsigned char *in, unsigned int inl);
+#else
+static void rc4_init_key();
+static void rc4_cipher();
+#endif
+
+static EVP_CIPHER r4_cipher=
+ {
+ NID_rc4,
+ 1,EVP_RC4_KEY_SIZE,0,
+ rc4_init_key,
+ rc4_cipher,
+ NULL,
+ sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
+ sizeof((((EVP_CIPHER_CTX *)NULL)->c.rc4)),
+ NULL,
+ NULL,
+ };
+
+static EVP_CIPHER r4_40_cipher=
+ {
+ NID_rc4_40,
+ 1,5 /* 40 bit */,0,
+ rc4_init_key,
+ rc4_cipher,
+ };
+
+EVP_CIPHER *EVP_rc4()
+ {
+ return(&r4_cipher);
+ }
+
+EVP_CIPHER *EVP_rc4_40()
+ {
+ return(&r4_40_cipher);
+ }
+
+static void rc4_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+ {
+ if (key != NULL)
+ memcpy(&(ctx->c.rc4.key[0]),key,EVP_CIPHER_CTX_key_length(ctx));
+ RC4_set_key(&(ctx->c.rc4.ks),EVP_CIPHER_CTX_key_length(ctx),
+ ctx->c.rc4.key);
+ }
+
+static void rc4_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+ {
+ RC4(&(ctx->c.rc4.ks),inl,in,out);
+ }
+#endif
diff --git a/src/lib/libssl/src/crypto/evp/e_xcbc_d.c b/src/lib/libssl/src/crypto/evp/e_xcbc_d.c
new file mode 100644
index 0000000000..0d7fda0c47
--- /dev/null
+++ b/src/lib/libssl/src/crypto/evp/e_xcbc_d.c
@@ -0,0 +1,122 @@
+/* crypto/evp/e_xcbc_d.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void desx_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+ unsigned char *iv,int enc);
+static void desx_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ unsigned char *in, unsigned int inl);
+#else
+static void desx_cbc_init_key();
+static void desx_cbc_cipher();
+#endif
+
+static EVP_CIPHER d_xcbc_cipher=
+ {
+ NID_desx_cbc,
+ 8,24,8,
+ desx_cbc_init_key,
+ desx_cbc_cipher,
+ NULL,
+ sizeof(EVP_CIPHER_CTX)-sizeof((((EVP_CIPHER_CTX *)NULL)->c))+
+ sizeof((((EVP_CIPHER_CTX *)NULL)->c.desx_cbc)),
+ EVP_CIPHER_set_asn1_iv,
+ EVP_CIPHER_get_asn1_iv,
+ };
+
+EVP_CIPHER *EVP_desx_cbc()
+ {
+ return(&d_xcbc_cipher);
+ }
+
+static void desx_cbc_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+ {
+ if (iv != NULL)
+ memcpy(&(ctx->oiv[0]),iv,8);
+ memcpy(&(ctx->iv[0]),&(ctx->oiv[0]),8);
+ if (key != NULL)
+ {
+ des_set_key((des_cblock *)key,ctx->c.desx_cbc.ks);
+ memcpy(&(ctx->c.desx_cbc.inw[0]),&(key[8]),8);
+ memcpy(&(ctx->c.desx_cbc.outw[0]),&(key[16]),8);
+ }
+ }
+
+static void desx_cbc_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+ {
+ des_xcbc_encrypt(
+ (des_cblock *)in,(des_cblock *)out,
+ (long)inl, ctx->c.desx_cbc.ks,
+ (des_cblock *)&(ctx->iv[0]),
+ (des_cblock *)&(ctx->c.desx_cbc.inw[0]),
+ (des_cblock *)&(ctx->c.desx_cbc.outw[0]),
+ ctx->encrypt);
+ }
diff --git a/src/lib/libssl/src/crypto/evp/encode.c b/src/lib/libssl/src/crypto/evp/encode.c
new file mode 100644
index 0000000000..14d47c1eed
--- /dev/null
+++ b/src/lib/libssl/src/crypto/evp/encode.c
@@ -0,0 +1,438 @@
+/* crypto/evp/encode.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+
+#define conv_bin2ascii(a) (data_bin2ascii[(a)&0x3f])
+#define conv_ascii2bin(a) (data_ascii2bin[(a)&0x7f])
+
+/* 64 char lines
+ * pad input with 0
+ * left over chars are set to =
+ * 1 byte => xx==
+ * 2 bytes => xxx=
+ * 3 bytes => xxxx
+ */
+#define BIN_PER_LINE (64/4*3)
+#define CHUNKS_PER_LINE (64/4)
+#define CHAR_PER_LINE (64+1)
+
+static unsigned char data_bin2ascii[65]="ABCDEFGHIJKLMNOPQRSTUVWXYZ\
+abcdefghijklmnopqrstuvwxyz0123456789+/";
+
+/* 0xF0 is a EOLN
+ * 0xF1 is ignore but next needs to be 0xF0 (for \r\n processing).
+ * 0xF2 is EOF
+ * 0xE0 is ignore at start of line.
+ * 0xFF is error
+ */
+
+#define B64_EOLN 0xF0
+#define B64_CR 0xF1
+#define B64_EOF 0xF2
+#define B64_WS 0xE0
+#define B64_ERROR 0xFF
+#define B64_NOT_BASE64(a) (((a)|0x13) == 0xF3)
+
+static unsigned char data_ascii2bin[128]={
+ 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+ 0xFF,0xE0,0xF0,0xFF,0xFF,0xF1,0xFF,0xFF,
+ 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+ 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+ 0xE0,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+ 0xFF,0xFF,0xFF,0x3E,0xFF,0xF2,0xFF,0x3F,
+ 0x34,0x35,0x36,0x37,0x38,0x39,0x3A,0x3B,
+ 0x3C,0x3D,0xFF,0xFF,0xFF,0x00,0xFF,0xFF,
+ 0xFF,0x00,0x01,0x02,0x03,0x04,0x05,0x06,
+ 0x07,0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,
+ 0x0F,0x10,0x11,0x12,0x13,0x14,0x15,0x16,
+ 0x17,0x18,0x19,0xFF,0xFF,0xFF,0xFF,0xFF,
+ 0xFF,0x1A,0x1B,0x1C,0x1D,0x1E,0x1F,0x20,
+ 0x21,0x22,0x23,0x24,0x25,0x26,0x27,0x28,
+ 0x29,0x2A,0x2B,0x2C,0x2D,0x2E,0x2F,0x30,
+ 0x31,0x32,0x33,0xFF,0xFF,0xFF,0xFF,0xFF,
+ };
+
+void EVP_EncodeInit(ctx)
+EVP_ENCODE_CTX *ctx;
+ {
+ ctx->length=48;
+ ctx->num=0;
+ ctx->line_num=0;
+ }
+
+void EVP_EncodeUpdate(ctx,out,outl,in,inl)
+EVP_ENCODE_CTX *ctx;
+unsigned char *out;
+int *outl;
+unsigned char *in;
+int inl;
+ {
+ int i,j;
+ unsigned int total=0;
+
+ *outl=0;
+ if (inl == 0) return;
+ if ((ctx->num+inl) < ctx->length)
+ {
+ memcpy(&(ctx->enc_data[ctx->num]),in,inl);
+ ctx->num+=inl;
+ return;
+ }
+ if (ctx->num != 0)
+ {
+ i=ctx->length-ctx->num;
+ memcpy(&(ctx->enc_data[ctx->num]),in,i);
+ in+=i;
+ inl-=i;
+ j=EVP_EncodeBlock(out,ctx->enc_data,ctx->length);
+ ctx->num=0;
+ out+=j;
+ *(out++)='\n';
+ *out='\0';
+ total=j+1;
+ }
+ while (inl >= ctx->length)
+ {
+ j=EVP_EncodeBlock(out,in,ctx->length);
+ in+=ctx->length;
+ inl-=ctx->length;
+ out+=j;
+ *(out++)='\n';
+ *out='\0';
+ total+=j+1;
+ }
+ if (inl != 0)
+ memcpy(&(ctx->enc_data[0]),in,inl);
+ ctx->num=inl;
+ *outl=total;
+ }
+
+void EVP_EncodeFinal(ctx,out,outl)
+EVP_ENCODE_CTX *ctx;
+unsigned char *out;
+int *outl;
+ {
+ unsigned int ret=0;
+
+ if (ctx->num != 0)
+ {
+ ret=EVP_EncodeBlock(out,ctx->enc_data,ctx->num);
+ out[ret++]='\n';
+ out[ret]='\0';
+ ctx->num=0;
+ }
+ *outl=ret;
+ }
+
+int EVP_EncodeBlock(t,f,dlen)
+unsigned char *t,*f;
+int dlen;
+ {
+ int i,ret=0;
+ unsigned long l;
+
+ for (i=dlen; i > 0; i-=3)
+ {
+ if (i >= 3)
+ {
+ l= (((unsigned long)f[0])<<16L)|
+ (((unsigned long)f[1])<< 8L)|f[2];
+ *(t++)=conv_bin2ascii(l>>18L);
+ *(t++)=conv_bin2ascii(l>>12L);
+ *(t++)=conv_bin2ascii(l>> 6L);
+ *(t++)=conv_bin2ascii(l );
+ }
+ else
+ {
+ l=((unsigned long)f[0])<<16L;
+ if (i == 2) l|=((unsigned long)f[1]<<8L);
+
+ *(t++)=conv_bin2ascii(l>>18L);
+ *(t++)=conv_bin2ascii(l>>12L);
+ *(t++)=(i == 1)?'=':conv_bin2ascii(l>> 6L);
+ *(t++)='=';
+ }
+ ret+=4;
+ f+=3;
+ }
+
+ *t='\0';
+ return(ret);
+ }
+
+void EVP_DecodeInit(ctx)
+EVP_ENCODE_CTX *ctx;
+ {
+ ctx->length=30;
+ ctx->num=0;
+ ctx->line_num=0;
+ ctx->expect_nl=0;
+ }
+
+/* -1 for error
+ * 0 for last line
+ * 1 for full line
+ */
+int EVP_DecodeUpdate(ctx,out,outl,in,inl)
+EVP_ENCODE_CTX *ctx;
+unsigned char *out;
+int *outl;
+unsigned char *in;
+int inl;
+ {
+ int seof= -1,eof=0,rv= -1,ret=0,i,v,tmp,n,ln,tmp2,exp_nl;
+ unsigned char *d;
+
+ n=ctx->num;
+ d=ctx->enc_data;
+ ln=ctx->line_num;
+ exp_nl=ctx->expect_nl;
+
+ /* last line of input. */
+ if ((inl == 0) || ((n == 0) && (conv_ascii2bin(in[0]) == B64_EOF)))
+ { rv=0; goto end; }
+
+ /* We parse the input data */
+ for (i=0; i<inl; i++)
+ {
+ /* If the current line is > 80 characters, scream alot */
+ if (ln >= 80) { rv= -1; goto end; }
+
+ /* Get char and put it into the buffer */
+ tmp= *(in++);
+ v=conv_ascii2bin(tmp);
+ /* only save the good data :-) */
+ if (!B64_NOT_BASE64(v))
+ {
+ d[n++]=tmp;
+ ln++;
+ }
+ else if (v == B64_ERROR)
+ {
+ rv= -1;
+ goto end;
+ }
+
+ /* have we seen a '=' which is 'definitly' the last
+ * input line. seof will point to the character that
+ * holds it. and eof will hold how many characters to
+ * chop off. */
+ if (tmp == '=')
+ {
+ if (seof == -1) seof=n;
+ eof++;
+ }
+
+ /* eoln */
+ if (v == B64_EOLN)
+ {
+ ln=0;
+ if (exp_nl)
+ {
+ exp_nl=0;
+ continue;
+ }
+ }
+ exp_nl=0;
+
+ /* If we are at the end of input and it looks like a
+ * line, process it. */
+ if (((i+1) == inl) && (((n&3) == 0) || eof))
+ v=B64_EOF;
+
+ if ((v == B64_EOF) || (n >= 64))
+ {
+ /* This is needed to work correctly on 64 byte input
+ * lines. We process the line and then need to
+ * accept the '\n' */
+ if ((v != B64_EOF) && (n >= 64)) exp_nl=1;
+ tmp2=v;
+ if (n > 0)
+ {
+ v=EVP_DecodeBlock(out,d,n);
+ if (v < 0) { rv=0; goto end; }
+ n=0;
+ ret+=(v-eof);
+ }
+ else
+ {
+ eof=1;
+ v=0;
+ }
+
+ /* This is the case where we have had a short
+ * but valid input line */
+ if ((v < ctx->length) && eof)
+ {
+ rv=0;
+ goto end;
+ }
+ else
+ ctx->length=v;
+
+ if (seof >= 0) { rv=0; goto end; }
+ out+=v;
+ }
+ }
+ rv=1;
+end:
+ *outl=ret;
+ ctx->num=n;
+ ctx->line_num=ln;
+ ctx->expect_nl=exp_nl;
+ return(rv);
+ }
+
+int EVP_DecodeBlock(t,f,n)
+unsigned char *t,*f;
+int n;
+ {
+ int i,ret=0,a,b,c,d;
+ unsigned long l;
+
+ /* trim white space from the start of the line. */
+ while ((conv_ascii2bin(*f) == B64_WS) && (n > 0))
+ {
+ f++;
+ n--;
+ }
+
+ /* strip off stuff at the end of the line
+ * ascii2bin values B64_WS, B64_EOLN, B64_EOLN and B64_EOF */
+ while ((n > 3) && (B64_NOT_BASE64(conv_ascii2bin(f[n-1]))))
+ n--;
+
+ if (n%4 != 0) return(-1);
+
+ for (i=0; i<n; i+=4)
+ {
+ a=conv_ascii2bin(*(f++));
+ b=conv_ascii2bin(*(f++));
+ c=conv_ascii2bin(*(f++));
+ d=conv_ascii2bin(*(f++));
+ if ( (a & 0x80) || (b & 0x80) ||
+ (c & 0x80) || (d & 0x80))
+ return(-1);
+ l=( (((unsigned long)a)<<18L)|
+ (((unsigned long)b)<<12L)|
+ (((unsigned long)c)<< 6L)|
+ (((unsigned long)d) ));
+ *(t++)=(unsigned char)(l>>16L)&0xff;
+ *(t++)=(unsigned char)(l>> 8L)&0xff;
+ *(t++)=(unsigned char)(l )&0xff;
+ ret+=3;
+ }
+ return(ret);
+ }
+
+int EVP_DecodeFinal(ctx,out,outl)
+EVP_ENCODE_CTX *ctx;
+unsigned char *out;
+int *outl;
+ {
+ int i;
+
+ *outl=0;
+ if (ctx->num != 0)
+ {
+ i=EVP_DecodeBlock(out,ctx->enc_data,ctx->num);
+ if (i < 0) return(-1);
+ ctx->num=0;
+ *outl=i;
+ return(1);
+ }
+ else
+ return(1);
+ }
+
+#ifdef undef
+int EVP_DecodeValid(buf,len)
+unsigned char *buf;
+int len;
+ {
+ int i,num=0,bad=0;
+
+ if (len == 0) return(-1);
+ while (conv_ascii2bin(*buf) == B64_WS)
+ {
+ buf++;
+ len--;
+ if (len == 0) return(-1);
+ }
+
+ for (i=len; i >= 4; i-=4)
+ {
+ if ( (conv_ascii2bin(buf[0]) >= 0x40) ||
+ (conv_ascii2bin(buf[1]) >= 0x40) ||
+ (conv_ascii2bin(buf[2]) >= 0x40) ||
+ (conv_ascii2bin(buf[3]) >= 0x40))
+ return(-1);
+ buf+=4;
+ num+=1+(buf[2] != '=')+(buf[3] != '=');
+ }
+ if ((i == 1) && (conv_ascii2bin(buf[0]) == B64_EOLN))
+ return(num);
+ if ((i == 2) && (conv_ascii2bin(buf[0]) == B64_EOLN) &&
+ (conv_ascii2bin(buf[0]) == B64_EOLN))
+ return(num);
+ return(1);
+ }
+#endif
diff --git a/src/lib/libssl/src/crypto/evp/evp.h b/src/lib/libssl/src/crypto/evp/evp.h
new file mode 100644
index 0000000000..b39fad93a4
--- /dev/null
+++ b/src/lib/libssl/src/crypto/evp/evp.h
@@ -0,0 +1,793 @@
+/* crypto/evp/evp.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_ENVELOPE_H
+#define HEADER_ENVELOPE_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#ifndef NO_MD2
+#include "md2.h"
+#endif
+#ifndef NO_MD5
+#include "md5.h"
+#endif
+#if !defined(NO_SHA) || !defined(NO_SHA1)
+#include "sha.h"
+#endif
+#ifndef NO_RIPEMD
+#include "ripemd.h"
+#endif
+#ifndef NO_DES
+#include "des.h"
+#endif
+#ifndef NO_RC4
+#include "rc4.h"
+#endif
+#ifndef NO_RC2
+#include "rc2.h"
+#endif
+#ifndef NO_RC5
+#include "rc5.h"
+#endif
+#ifndef NO_BLOWFISH
+#include "blowfish.h"
+#endif
+#ifndef NO_CAST
+#include "cast.h"
+#endif
+#ifndef NO_IDEA
+#include "idea.h"
+#endif
+#ifndef NO_MDC2
+#include "mdc2.h"
+#endif
+
+#define EVP_RC2_KEY_SIZE 16
+#define EVP_RC4_KEY_SIZE 16
+#define EVP_BLOWFISH_KEY_SIZE 16
+#define EVP_CAST5_KEY_SIZE 16
+#define EVP_RC5_32_12_16_KEY_SIZE 16
+#define EVP_MAX_MD_SIZE (16+20) /* The SSLv3 md5+sha1 type */
+#define EVP_MAX_KEY_LENGTH 24
+#define EVP_MAX_IV_LENGTH 8
+
+#ifndef NO_RSA
+#include "rsa.h"
+#else
+#define RSA long
+#endif
+
+#ifndef NO_DSA
+#include "dsa.h"
+#else
+#define DSA long
+#endif
+
+#ifndef NO_DH
+#include "dh.h"
+#else
+#define DH long
+#endif
+
+#include "objects.h"
+
+#define EVP_PK_RSA 0x0001
+#define EVP_PK_DSA 0x0002
+#define EVP_PK_DH 0x0004
+#define EVP_PKT_SIGN 0x0010
+#define EVP_PKT_ENC 0x0020
+#define EVP_PKT_EXCH 0x0040
+#define EVP_PKS_RSA 0x0100
+#define EVP_PKS_DSA 0x0200
+#define EVP_PKT_EXP 0x1000 /* <= 512 bit key */
+
+#define EVP_PKEY_NONE NID_undef
+#define EVP_PKEY_RSA NID_rsaEncryption
+#define EVP_PKEY_RSA2 NID_rsa
+#define EVP_PKEY_DSA NID_dsa
+#define EVP_PKEY_DSA1 NID_dsa_2
+#define EVP_PKEY_DSA2 NID_dsaWithSHA
+#define EVP_PKEY_DSA3 NID_dsaWithSHA1
+#define EVP_PKEY_DSA4 NID_dsaWithSHA1_2
+#define EVP_PKEY_DH NID_dhKeyAgreement
+
+/* Type needs to be a bit field
+ * Sub-type needs to be for variations on the method, as in, can it do
+ * arbitary encryption.... */
+typedef struct evp_pkey_st
+ {
+ int type;
+ int save_type;
+ int references;
+ union {
+ char *ptr;
+ struct rsa_st *rsa; /* RSA */
+ struct dsa_st *dsa; /* DSA */
+ struct dh_st *dh; /* DH */
+ } pkey;
+ int save_parameters;
+#ifdef HEADER_STACK_H
+ STACK /* X509_ATTRIBUTE */ *attributes; /* [ 0 ] */
+#else
+ char /* X509_ATTRIBUTE */ *attributes; /* [ 0 ] */
+#endif
+ } EVP_PKEY;
+
+#define EVP_PKEY_MO_SIGN 0x0001
+#define EVP_PKEY_MO_VERIFY 0x0002
+#define EVP_PKEY_MO_ENCRYPT 0x0004
+#define EVP_PKEY_MO_DECRYPT 0x0008
+
+#if 0
+/* This structure is required to tie the message digest and signing together.
+ * The lookup can be done by md/pkey_method, oid, oid/pkey_method, or
+ * oid, md and pkey.
+ * This is required because for various smart-card perform the digest and
+ * signing/verification on-board. To handle this case, the specific
+ * EVP_MD and EVP_PKEY_METHODs need to be closely associated.
+ * When a PKEY is created, it will have a EVP_PKEY_METHOD ossociated with it.
+ * This can either be software or a token to provide the required low level
+ * routines.
+ */
+typedef struct evp_pkey_md_st
+ {
+ int oid;
+ EVP_MD *md;
+ EVP_PKEY_METHOD *pkey;
+ } EVP_PKEY_MD;
+
+#define EVP_rsa_md2()
+ EVP_PKEY_MD_add(NID_md2WithRSAEncryption,\
+ EVP_rsa_pkcs1(),EVP_md2())
+#define EVP_rsa_md5()
+ EVP_PKEY_MD_add(NID_md5WithRSAEncryption,\
+ EVP_rsa_pkcs1(),EVP_md5())
+#define EVP_rsa_sha0()
+ EVP_PKEY_MD_add(NID_shaWithRSAEncryption,\
+ EVP_rsa_pkcs1(),EVP_sha())
+#define EVP_rsa_sha1()
+ EVP_PKEY_MD_add(NID_sha1WithRSAEncryption,\
+ EVP_rsa_pkcs1(),EVP_sha1())
+#define EVP_rsa_ripemd160()
+ EVP_PKEY_MD_add(NID_ripemd160WithRSA,\
+ EVP_rsa_pkcs1(),EVP_ripemd160())
+#define EVP_rsa_mdc2()
+ EVP_PKEY_MD_add(NID_mdc2WithRSA,\
+ EVP_rsa_octet_string(),EVP_mdc2())
+#define EVP_dsa_sha()
+ EVP_PKEY_MD_add(NID_dsaWithSHA,\
+ EVP_dsa(),EVP_mdc2())
+#define EVP_dsa_sha1()
+ EVP_PKEY_MD_add(NID_dsaWithSHA1,\
+ EVP_dsa(),EVP_sha1())
+
+typedef struct evp_pkey_method_st
+ {
+ char *name;
+ int flags;
+ int type; /* RSA, DSA, an SSLeay specific constant */
+ int oid; /* For the pub-key type */
+ int encrypt_oid; /* pub/priv key encryption */
+
+ int (*sign)();
+ int (*verify)();
+ struct {
+ int
+ int (*set)(); /* get and/or set the underlying type */
+ int (*get)();
+ int (*encrypt)();
+ int (*decrypt)();
+ int (*i2d)();
+ int (*d2i)();
+ int (*dup)();
+ } pub,priv;
+ int (*set_asn1_parameters)();
+ int (*get_asn1_parameters)();
+ } EVP_PKEY_METHOD;
+#endif
+
+#ifndef EVP_MD
+typedef struct env_md_st
+ {
+ int type;
+ int pkey_type;
+ int md_size;
+ void (*init)();
+ void (*update)();
+ void (*final)();
+
+ int (*sign)();
+ int (*verify)();
+ int required_pkey_type[5]; /*EVP_PKEY_xxx */
+ int block_size;
+ int ctx_size; /* how big does the ctx need to be */
+ } EVP_MD;
+
+#define EVP_PKEY_NULL_method NULL,NULL,{0,0,0,0}
+
+#ifndef NO_DSA
+#define EVP_PKEY_DSA_method DSA_sign,DSA_verify, \
+ {EVP_PKEY_DSA,EVP_PKEY_DSA2,EVP_PKEY_DSA3, \
+ EVP_PKEY_DSA4,0}
+#else
+#define EVP_PKEY_DSA_method EVP_PKEY_NULL_method
+#endif
+
+#ifndef NO_RSA
+#define EVP_PKEY_RSA_method RSA_sign,RSA_verify, \
+ {EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0}
+#define EVP_PKEY_RSA_ASN1_OCTET_STRING_method \
+ RSA_sign_ASN1_OCTET_STRING, \
+ RSA_verify_ASN1_OCTET_STRING, \
+ {EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0}
+#else
+#define EVP_PKEY_RSA_method EVP_PKEY_NULL_method
+#define EVP_PKEY_RSA_ASN1_OCTET_STRING_method EVP_PKEY_NULL_method
+#endif
+
+#endif /* !EVP_MD */
+
+typedef struct env_md_ctx_st
+ {
+ EVP_MD *digest;
+ union {
+ unsigned char base[4];
+#ifndef NO_MD2
+ MD2_CTX md2;
+#endif
+#ifndef NO_MD5
+ MD5_CTX md5;
+#endif
+#ifndef NO_MD5
+ RIPEMD160_CTX ripemd160;
+#endif
+#if !defined(NO_SHA) || !defined(NO_SHA1)
+ SHA_CTX sha;
+#endif
+#ifndef NO_MDC2
+ MDC2_CTX mdc2;
+#endif
+ } md;
+ } EVP_MD_CTX;
+
+typedef struct evp_cipher_st
+ {
+ int nid;
+ int block_size;
+ int key_len;
+ int iv_len;
+ void (*init)(); /* init for encryption */
+ void (*do_cipher)(); /* encrypt data */
+ void (*cleanup)(); /* used by cipher method */
+ int ctx_size; /* how big the ctx needs to be */
+ /* int set_asn1_parameters(EVP_CIPHER_CTX,ASN1_TYPE *); */
+ int (*set_asn1_parameters)(); /* Populate a ASN1_TYPE with parameters */
+ /* int get_asn1_parameters(EVP_CIPHER_CTX,ASN1_TYPE *); */
+ int (*get_asn1_parameters)(); /* Get parameters from a ASN1_TYPE */
+ } EVP_CIPHER;
+
+typedef struct evp_cipher_info_st
+ {
+ EVP_CIPHER *cipher;
+ unsigned char iv[EVP_MAX_IV_LENGTH];
+ } EVP_CIPHER_INFO;
+
+typedef struct evp_cipher_ctx_st
+ {
+ EVP_CIPHER *cipher;
+ int encrypt; /* encrypt or decrypt */
+ int buf_len; /* number we have left */
+
+ unsigned char oiv[EVP_MAX_IV_LENGTH]; /* original iv */
+ unsigned char iv[EVP_MAX_IV_LENGTH]; /* working iv */
+ unsigned char buf[EVP_MAX_IV_LENGTH]; /* saved partial block */
+ int num; /* used by cfb/ofb mode */
+
+ char *app_data; /* aplication stuff */
+ union {
+#ifndef NO_RC4
+ struct
+ {
+ unsigned char key[EVP_RC4_KEY_SIZE];
+ RC4_KEY ks; /* working key */
+ } rc4;
+#endif
+#ifndef NO_DES
+ des_key_schedule des_ks;/* key schedule */
+ struct
+ {
+ des_key_schedule ks;/* key schedule */
+ C_Block inw;
+ C_Block outw;
+ } desx_cbc;
+ struct
+ {
+ des_key_schedule ks1;/* key schedule */
+ des_key_schedule ks2;/* key schedule (for ede) */
+ des_key_schedule ks3;/* key schedule (for ede3) */
+ } des_ede;
+#endif
+#ifndef NO_IDEA
+ IDEA_KEY_SCHEDULE idea_ks;/* key schedule */
+#endif
+#ifndef NO_RC2
+ RC2_KEY rc2_ks;/* key schedule */
+#endif
+#ifndef NO_RC5
+ RC5_32_KEY rc5_ks;/* key schedule */
+#endif
+#ifndef NO_BLOWFISH
+ BF_KEY bf_ks;/* key schedule */
+#endif
+#ifndef NO_CAST
+ CAST_KEY cast_ks;/* key schedule */
+#endif
+ } c;
+ } EVP_CIPHER_CTX;
+
+typedef struct evp_Encode_Ctx_st
+ {
+ int num; /* number saved in a partial encode/decode */
+ int length; /* The length is either the output line length
+ * (in input bytes) or the shortest input line
+ * length that is ok. Once decoding begins,
+ * the length is adjusted up each time a longer
+ * line is decoded */
+ unsigned char enc_data[80]; /* data to encode */
+ int line_num; /* number read on current line */
+ int expect_nl;
+ } EVP_ENCODE_CTX;
+
+#define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\
+ (char *)(rsa))
+#define EVP_PKEY_assign_DSA(pkey,dsa) EVP_PKEY_assign((pkey),EVP_PKEY_DSA,\
+ (char *)(dsa))
+#define EVP_PKEY_assign_DH(pkey,dh) EVP_PKEY_assign((pkey),EVP_PKEY_DH,\
+ (char *)(dh))
+
+/* Add some extra combinations */
+#define EVP_get_digestbynid(a) EVP_get_digestbyname(OBJ_nid2sn(a))
+#define EVP_get_digestbyobj(a) EVP_get_digestbynid(OBJ_obj2nid(a))
+#define EVP_get_cipherbynid(a) EVP_get_cipherbyname(OBJ_nid2sn(a))
+#define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a))
+
+#define EVP_MD_type(e) ((e)->type)
+#define EVP_MD_pkey_type(e) ((e)->pkey_type)
+#define EVP_MD_size(e) ((e)->md_size)
+#define EVP_MD_block_size(e) ((e)->block_size)
+
+#define EVP_MD_CTX_size(e) EVP_MD_size((e)->digest)
+#define EVP_MD_CTX_block_size(e) EVP_MD_block_size((e)->digest)
+#define EVP_MD_CTX_type(e) ((e)->digest)
+
+#define EVP_CIPHER_nid(e) ((e)->nid)
+#define EVP_CIPHER_block_size(e) ((e)->block_size)
+#define EVP_CIPHER_key_length(e) ((e)->key_len)
+#define EVP_CIPHER_iv_length(e) ((e)->iv_len)
+
+#define EVP_CIPHER_CTX_cipher(e) ((e)->cipher)
+#define EVP_CIPHER_CTX_nid(e) ((e)->cipher->nid)
+#define EVP_CIPHER_CTX_block_size(e) ((e)->cipher->block_size)
+#define EVP_CIPHER_CTX_key_length(e) ((e)->cipher->key_len)
+#define EVP_CIPHER_CTX_iv_length(e) ((e)->cipher->iv_len)
+#define EVP_CIPHER_CTX_get_app_data(e) ((e)->app_data)
+#define EVP_CIPHER_CTX_set_app_data(e,d) ((e)->app_data=(char *)(d))
+
+#define EVP_ENCODE_LENGTH(l) (((l+2)/3*4)+(l/48+1)*2+80)
+#define EVP_DECODE_LENGTH(l) ((l+3)/4*3+80)
+
+#define EVP_SignInit(a,b) EVP_DigestInit(a,b)
+#define EVP_SignUpdate(a,b,c) EVP_DigestUpdate(a,b,c)
+#define EVP_VerifyInit(a,b) EVP_DigestInit(a,b)
+#define EVP_VerifyUpdate(a,b,c) EVP_DigestUpdate(a,b,c)
+#define EVP_OpenUpdate(a,b,c,d,e) EVP_DecryptUpdate(a,b,c,d,e)
+#define EVP_SealUpdate(a,b,c,d,e) EVP_EncryptUpdate(a,b,c,d,e)
+
+#define BIO_set_md(b,md) BIO_ctrl(b,BIO_C_SET_MD,0,(char *)md)
+#define BIO_get_md(b,mdp) BIO_ctrl(b,BIO_C_GET_MD,0,(char *)mdp)
+#define BIO_get_md_ctx(b,mdcp) BIO_ctrl(b,BIO_C_GET_MD_CTX,0,(char *)mdcp)
+#define BIO_get_cipher_status(b) BIO_ctrl(b,BIO_C_GET_CIPHER_STATUS,0,NULL)
+
+#define EVP_Cipher(c,o,i,l) (c)->cipher->do_cipher((c),(o),(i),(l))
+
+#ifndef NOPROTO
+
+void EVP_DigestInit(EVP_MD_CTX *ctx, EVP_MD *type);
+void EVP_DigestUpdate(EVP_MD_CTX *ctx,unsigned char *d,unsigned int cnt);
+void EVP_DigestFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s);
+
+int EVP_read_pw_string(char *buf,int length,char *prompt,int verify);
+void EVP_set_pw_prompt(char *prompt);
+char * EVP_get_pw_prompt(void);
+
+int EVP_BytesToKey(EVP_CIPHER *type,EVP_MD *md,unsigned char *salt,
+ unsigned char *data, int datal, int count,
+ unsigned char *key,unsigned char *iv);
+
+EVP_CIPHER *EVP_get_cipherbyname(char *name);
+
+void EVP_EncryptInit(EVP_CIPHER_CTX *ctx,EVP_CIPHER *type,
+ unsigned char *key, unsigned char *iv);
+void EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ int *outl, unsigned char *in, int inl);
+void EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+void EVP_DecryptInit(EVP_CIPHER_CTX *ctx,EVP_CIPHER *type,
+ unsigned char *key, unsigned char *iv);
+void EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ int *outl, unsigned char *in, int inl);
+int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+void EVP_CipherInit(EVP_CIPHER_CTX *ctx,EVP_CIPHER *type, unsigned char *key,
+ unsigned char *iv,int enc);
+void EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ int *outl, unsigned char *in, int inl);
+int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+int EVP_SignFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s,
+ EVP_PKEY *pkey);
+
+int EVP_VerifyFinal(EVP_MD_CTX *ctx,unsigned char *sigbuf,
+ unsigned int siglen,EVP_PKEY *pkey);
+
+int EVP_OpenInit(EVP_CIPHER_CTX *ctx,EVP_CIPHER *type,unsigned char *ek,
+ int ekl,unsigned char *iv,EVP_PKEY *priv);
+int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+int EVP_SealInit(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, unsigned char **ek,
+ int *ekl, unsigned char *iv,EVP_PKEY **pubk, int npubk);
+void EVP_SealFinal(EVP_CIPHER_CTX *ctx,unsigned char *out,int *outl);
+
+void EVP_EncodeInit(EVP_ENCODE_CTX *ctx);
+void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx,unsigned char *out,
+ int *outl,unsigned char *in,int inl);
+void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl);
+int EVP_EncodeBlock(unsigned char *t, unsigned char *f, int n);
+
+void EVP_DecodeInit(EVP_ENCODE_CTX *ctx);
+int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl,
+ unsigned char *in, int inl);
+int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned
+ char *out, int *outl);
+int EVP_DecodeBlock(unsigned char *t, unsigned
+ char *f, int n);
+
+void ERR_load_EVP_strings(void );
+
+void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a);
+void EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a);
+
+#ifdef HEADER_BIO_H
+BIO_METHOD *BIO_f_md(void);
+BIO_METHOD *BIO_f_base64(void);
+BIO_METHOD *BIO_f_cipher(void);
+void BIO_set_cipher(BIO *b,EVP_CIPHER *c,unsigned char *k,
+ unsigned char *i, int enc);
+#endif
+
+EVP_MD *EVP_md_null(void);
+EVP_MD *EVP_md2(void);
+EVP_MD *EVP_md5(void);
+EVP_MD *EVP_sha(void);
+EVP_MD *EVP_sha1(void);
+EVP_MD *EVP_dss(void);
+EVP_MD *EVP_dss1(void);
+EVP_MD *EVP_mdc2(void);
+EVP_MD *EVP_ripemd160(void);
+
+EVP_CIPHER *EVP_enc_null(void); /* does nothing :-) */
+EVP_CIPHER *EVP_des_ecb(void);
+EVP_CIPHER *EVP_des_ede(void);
+EVP_CIPHER *EVP_des_ede3(void);
+EVP_CIPHER *EVP_des_cfb(void);
+EVP_CIPHER *EVP_des_ede_cfb(void);
+EVP_CIPHER *EVP_des_ede3_cfb(void);
+EVP_CIPHER *EVP_des_ofb(void);
+EVP_CIPHER *EVP_des_ede_ofb(void);
+EVP_CIPHER *EVP_des_ede3_ofb(void);
+EVP_CIPHER *EVP_des_cbc(void);
+EVP_CIPHER *EVP_des_ede_cbc(void);
+EVP_CIPHER *EVP_des_ede3_cbc(void);
+EVP_CIPHER *EVP_desx_cbc(void);
+EVP_CIPHER *EVP_rc4(void);
+EVP_CIPHER *EVP_rc4_40(void);
+EVP_CIPHER *EVP_idea_ecb(void);
+EVP_CIPHER *EVP_idea_cfb(void);
+EVP_CIPHER *EVP_idea_ofb(void);
+EVP_CIPHER *EVP_idea_cbc(void);
+EVP_CIPHER *EVP_rc2_ecb(void);
+EVP_CIPHER *EVP_rc2_cbc(void);
+EVP_CIPHER *EVP_rc2_40_cbc(void);
+EVP_CIPHER *EVP_rc2_cfb(void);
+EVP_CIPHER *EVP_rc2_ofb(void);
+EVP_CIPHER *EVP_bf_ecb(void);
+EVP_CIPHER *EVP_bf_cbc(void);
+EVP_CIPHER *EVP_bf_cfb(void);
+EVP_CIPHER *EVP_bf_ofb(void);
+EVP_CIPHER *EVP_cast5_ecb(void);
+EVP_CIPHER *EVP_cast5_cbc(void);
+EVP_CIPHER *EVP_cast5_cfb(void);
+EVP_CIPHER *EVP_cast5_ofb(void);
+EVP_CIPHER *EVP_rc5_32_12_16_cbc(void);
+EVP_CIPHER *EVP_rc5_32_12_16_ecb(void);
+EVP_CIPHER *EVP_rc5_32_12_16_cfb(void);
+EVP_CIPHER *EVP_rc5_32_12_16_ofb(void);
+
+void SSLeay_add_all_algorithms(void);
+void SSLeay_add_all_ciphers(void);
+void SSLeay_add_all_digests(void);
+
+int EVP_add_cipher(EVP_CIPHER *cipher);
+int EVP_add_digest(EVP_MD *digest);
+int EVP_add_alias(char *name,char *alias);
+int EVP_delete_alias(char *name);
+
+EVP_CIPHER *EVP_get_cipherbyname(char *name);
+EVP_MD *EVP_get_digestbyname(char *name);
+void EVP_cleanup(void);
+
+int EVP_PKEY_decrypt(unsigned char *dec_key,unsigned char *enc_key,
+ int enc_key_len,EVP_PKEY *private_key);
+int EVP_PKEY_encrypt(unsigned char *enc_key,
+ unsigned char *key,int key_len,EVP_PKEY *pub_key);
+int EVP_PKEY_type(int type);
+int EVP_PKEY_bits(EVP_PKEY *pkey);
+int EVP_PKEY_size(EVP_PKEY *pkey);
+int EVP_PKEY_assign(EVP_PKEY *pkey,int type,char *key);
+EVP_PKEY * EVP_PKEY_new(void);
+void EVP_PKEY_free(EVP_PKEY *pkey);
+EVP_PKEY * d2i_PublicKey(int type,EVP_PKEY **a, unsigned char **pp,
+ long length);
+int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp);
+
+EVP_PKEY * d2i_PrivateKey(int type,EVP_PKEY **a, unsigned char **pp,
+ long length);
+int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp);
+
+int EVP_PKEY_copy_parameters(EVP_PKEY *to,EVP_PKEY *from);
+int EVP_PKEY_missing_parameters(EVP_PKEY *pkey);
+int EVP_PKEY_save_parameters(EVP_PKEY *pkey,int mode);
+int EVP_PKEY_cmp_parameters(EVP_PKEY *a,EVP_PKEY *b);
+
+/* calls methods */
+int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+
+/* These are used by EVP_CIPHER methods */
+int EVP_CIPHER_set_asn1_iv(EVP_CIPHER_CTX *c,ASN1_TYPE *type);
+int EVP_CIPHER_get_asn1_iv(EVP_CIPHER_CTX *c,ASN1_TYPE *type);
+
+#else
+
+void EVP_DigestInit();
+void EVP_DigestUpdate();
+void EVP_DigestFinal();
+
+int EVP_read_pw_string();
+void EVP_set_pw_prompt();
+char * EVP_get_pw_prompt();
+
+int EVP_BytesToKey();
+
+EVP_CIPHER *EVP_get_cipherbyname();
+
+void EVP_EncryptInit();
+void EVP_EncryptUpdate();
+void EVP_EncryptFinal();
+
+void EVP_DecryptInit();
+void EVP_DecryptUpdate();
+int EVP_DecryptFinal();
+
+void EVP_CipherInit();
+void EVP_CipherUpdate();
+int EVP_CipherFinal();
+
+int EVP_SignFinal();
+
+int EVP_VerifyFinal();
+
+int EVP_OpenInit();
+int EVP_OpenFinal();
+
+int EVP_SealInit();
+void EVP_SealFinal();
+
+void EVP_EncodeInit();
+void EVP_EncodeUpdate();
+void EVP_EncodeFinal();
+int EVP_EncodeBlock();
+
+void EVP_DecodeInit();
+int EVP_DecodeUpdate();
+int EVP_DecodeFinal();
+int EVP_DecodeBlock();
+
+void ERR_load_EVP_strings();
+
+void EVP_CIPHER_CTX_init();
+void EVP_CIPHER_CTX_cleanup();
+
+#ifdef HEADER_BIO_H
+BIO_METHOD *BIO_f_md();
+BIO_METHOD *BIO_f_base64();
+BIO_METHOD *BIO_f_cipher();
+void BIO_set_cipher();
+#endif
+
+EVP_MD *EVP_md_null();
+EVP_MD *EVP_md2();
+EVP_MD *EVP_md5();
+EVP_MD *EVP_sha();
+EVP_MD *EVP_sha1();
+EVP_MD *EVP_dss();
+EVP_MD *EVP_dss1();
+EVP_MD *EVP_mdc2();
+
+EVP_CIPHER *EVP_enc_null();
+EVP_CIPHER *EVP_des_ecb();
+EVP_CIPHER *EVP_des_ede();
+EVP_CIPHER *EVP_des_ede3();
+EVP_CIPHER *EVP_des_cfb();
+EVP_CIPHER *EVP_des_ede_cfb();
+EVP_CIPHER *EVP_des_ede3_cfb();
+EVP_CIPHER *EVP_des_ofb();
+EVP_CIPHER *EVP_des_ede_ofb();
+EVP_CIPHER *EVP_des_ede3_ofb();
+EVP_CIPHER *EVP_des_cbc();
+EVP_CIPHER *EVP_des_ede_cbc();
+EVP_CIPHER *EVP_des_ede3_cbc();
+EVP_CIPHER *EVP_desx_cbc();
+EVP_CIPHER *EVP_rc4();
+EVP_CIPHER *EVP_rc4_40();
+EVP_CIPHER *EVP_idea_ecb();
+EVP_CIPHER *EVP_idea_cfb();
+EVP_CIPHER *EVP_idea_ofb();
+EVP_CIPHER *EVP_idea_cbc();
+EVP_CIPHER *EVP_rc2_ecb();
+EVP_CIPHER *EVP_rc2_cbc();
+EVP_CIPHER *EVP_rc2_40_cbc();
+EVP_CIPHER *EVP_rc2_cfb();
+EVP_CIPHER *EVP_rc2_ofb();
+EVP_CIPHER *EVP_bf_ecb();
+EVP_CIPHER *EVP_bf_cbc();
+EVP_CIPHER *EVP_bf_cfb();
+EVP_CIPHER *EVP_bf_ofb();
+EVP_CIPHER *EVP_cast5_ecb();
+EVP_CIPHER *EVP_cast5_cbc();
+EVP_CIPHER *EVP_cast5_cfb();
+EVP_CIPHER *EVP_cast5_ofb();
+EVP_CIPHER *EVP_rc5_32_12_16_cbc();
+EVP_CIPHER *EVP_rc5_32_12_16_ecb();
+EVP_CIPHER *EVP_rc5_32_12_16_cfb();
+EVP_CIPHER *EVP_rc5_32_12_16_ofb();
+
+void SSLeay_add_all_algorithms();
+void SSLeay_add_all_ciphers();
+void SSLeay_add_all_digests();
+
+int EVP_add_cipher();
+int EVP_add_digest();
+int EVP_add_alias();
+int EVP_delete_alias();
+
+EVP_CIPHER *EVP_get_cipherbyname();
+EVP_MD *EVP_get_digestbyname();
+void EVP_cleanup();
+
+int EVP_PKEY_decrypt();
+int EVP_PKEY_encrypt();
+int EVP_PKEY_type();
+int EVP_PKEY_bits();
+int EVP_PKEY_size();
+int EVP_PKEY_assign();
+EVP_PKEY * EVP_PKEY_new();
+void EVP_PKEY_free();
+EVP_PKEY * d2i_PublicKey();
+int i2d_PublicKey();
+
+EVP_PKEY * d2i_PrivateKey();
+int i2d_PrivateKey();
+
+int EVP_PKEY_copy_parameters();
+int EVP_PKEY_missing_parameters();
+int EVP_PKEY_save_parameters();
+int EVP_PKEY_cmp_parameters();
+
+int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);
+
+int EVP_CIPHER_set_asn1_iv();
+int EVP_CIPHER_get_asn1_iv();
+
+#endif
+
+/* BEGIN ERROR CODES */
+/* Error codes for the EVP functions. */
+
+/* Function codes. */
+#define EVP_F_D2I_PKEY 100
+#define EVP_F_EVP_DECRYPTFINAL 101
+#define EVP_F_EVP_OPENINIT 102
+#define EVP_F_EVP_PKEY_COPY_PARAMETERS 103
+#define EVP_F_EVP_PKEY_DECRYPT 104
+#define EVP_F_EVP_PKEY_ENCRYPT 105
+#define EVP_F_EVP_PKEY_NEW 106
+#define EVP_F_EVP_SIGNFINAL 107
+#define EVP_F_EVP_VERIFYFINAL 108
+
+/* Reason codes. */
+#define EVP_R_BAD_DECRYPT 100
+#define EVP_R_DIFFERENT_KEY_TYPES 101
+#define EVP_R_IV_TOO_LARGE 102
+#define EVP_R_MISSING_PARMATERS 103
+#define EVP_R_NO_SIGN_FUNCTION_CONFIGURED 104
+#define EVP_R_NO_VERIFY_FUNCTION_CONFIGURED 105
+#define EVP_R_PUBLIC_KEY_NOT_RSA 106
+#define EVP_R_UNSUPPORTED_CIPHER 107
+#define EVP_R_WRONG_FINAL_BLOCK_LENGTH 108
+#define EVP_R_WRONG_PUBLIC_KEY_TYPE 109
+
+#ifdef __cplusplus
+}
+#endif
+#endif
+
diff --git a/src/lib/libssl/src/crypto/evp/evp_enc.c b/src/lib/libssl/src/crypto/evp/evp_enc.c
new file mode 100644
index 0000000000..93cc3a9464
--- /dev/null
+++ b/src/lib/libssl/src/crypto/evp/evp_enc.c
@@ -0,0 +1,303 @@
+/* crypto/evp/evp_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+
+char *EVP_version="EVP part of SSLeay 0.9.0b 29-Jun-1998";
+
+void EVP_CIPHER_CTX_init(ctx)
+EVP_CIPHER_CTX *ctx;
+ {
+ memset(ctx,0,sizeof(EVP_CIPHER_CTX));
+ /* ctx->cipher=NULL; */
+ }
+
+void EVP_CipherInit(ctx,data,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+EVP_CIPHER *data;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+ {
+ if (enc)
+ EVP_EncryptInit(ctx,data,key,iv);
+ else
+ EVP_DecryptInit(ctx,data,key,iv);
+ }
+
+void EVP_CipherUpdate(ctx,out,outl,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+int *outl;
+unsigned char *in;
+int inl;
+ {
+ if (ctx->encrypt)
+ EVP_EncryptUpdate(ctx,out,outl,in,inl);
+ else EVP_DecryptUpdate(ctx,out,outl,in,inl);
+ }
+
+int EVP_CipherFinal(ctx,out,outl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+int *outl;
+ {
+ if (ctx->encrypt)
+ {
+ EVP_EncryptFinal(ctx,out,outl);
+ return(1);
+ }
+ else return(EVP_DecryptFinal(ctx,out,outl));
+ }
+
+void EVP_EncryptInit(ctx,cipher,key,iv)
+EVP_CIPHER_CTX *ctx;
+EVP_CIPHER *cipher;
+unsigned char *key;
+unsigned char *iv;
+ {
+ if (cipher != NULL)
+ ctx->cipher=cipher;
+ ctx->cipher->init(ctx,key,iv,1);
+ ctx->encrypt=1;
+ ctx->buf_len=0;
+ }
+
+void EVP_DecryptInit(ctx,cipher,key,iv)
+EVP_CIPHER_CTX *ctx;
+EVP_CIPHER *cipher;
+unsigned char *key;
+unsigned char *iv;
+ {
+ if (cipher != NULL)
+ ctx->cipher=cipher;
+ ctx->cipher->init(ctx,key,iv,0);
+ ctx->encrypt=0;
+ ctx->buf_len=0;
+ }
+
+
+void EVP_EncryptUpdate(ctx,out,outl,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+int *outl;
+unsigned char *in;
+int inl;
+ {
+ int i,j,bl;
+
+ i=ctx->buf_len;
+ bl=ctx->cipher->block_size;
+ *outl=0;
+ if ((inl == 0) && (i != bl)) return;
+ if (i != 0)
+ {
+ if (i+inl < bl)
+ {
+ memcpy(&(ctx->buf[i]),in,inl);
+ ctx->buf_len+=inl;
+ return;
+ }
+ else
+ {
+ j=bl-i;
+ if (j != 0) memcpy(&(ctx->buf[i]),in,j);
+ ctx->cipher->do_cipher(ctx,out,ctx->buf,bl);
+ inl-=j;
+ in+=j;
+ out+=bl;
+ *outl+=bl;
+ }
+ }
+ i=inl%bl; /* how much is left */
+ inl-=i;
+ if (inl > 0)
+ {
+ ctx->cipher->do_cipher(ctx,out,in,inl);
+ *outl+=inl;
+ }
+
+ if (i != 0)
+ memcpy(ctx->buf,&(in[inl]),i);
+ ctx->buf_len=i;
+ }
+
+void EVP_EncryptFinal(ctx,out,outl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+int *outl;
+ {
+ int i,n,b,bl;
+
+ b=ctx->cipher->block_size;
+ if (b == 1)
+ {
+ *outl=0;
+ return;
+ }
+ bl=ctx->buf_len;
+ n=b-bl;
+ for (i=bl; i<b; i++)
+ ctx->buf[i]=n;
+ ctx->cipher->do_cipher(ctx,out,ctx->buf,b);
+ *outl=b;
+ }
+
+void EVP_DecryptUpdate(ctx,out,outl,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+int *outl;
+unsigned char *in;
+int inl;
+ {
+ int b,bl,n;
+ int keep_last=0;
+
+ *outl=0;
+ if (inl == 0) return;
+
+ b=ctx->cipher->block_size;
+ if (b > 1)
+ {
+ /* Is the input a multiple of the block size? */
+ bl=ctx->buf_len;
+ n=inl+bl;
+ if (n%b == 0)
+ {
+ if (inl < b) /* must be 'just one' buff */
+ {
+ memcpy(&(ctx->buf[bl]),in,inl);
+ ctx->buf_len=b;
+ *outl=0;
+ return;
+ }
+ keep_last=1;
+ inl-=b; /* don't do the last block */
+ }
+ }
+ EVP_EncryptUpdate(ctx,out,outl,in,inl);
+
+ /* if we have 'decrypted' a multiple of block size, make sure
+ * we have a copy of this last block */
+ if (keep_last)
+ {
+ memcpy(&(ctx->buf[0]),&(in[inl]),b);
+#ifdef DEBUG
+ if (ctx->buf_len != 0)
+ {
+ abort();
+ }
+#endif
+ ctx->buf_len=b;
+ }
+ }
+
+int EVP_DecryptFinal(ctx,out,outl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+int *outl;
+ {
+ int i,b;
+ int n;
+
+ *outl=0;
+ b=ctx->cipher->block_size;
+ if (b > 1)
+ {
+ if (ctx->buf_len != b)
+ {
+ EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_WRONG_FINAL_BLOCK_LENGTH);
+ return(0);
+ }
+ EVP_EncryptUpdate(ctx,ctx->buf,&n,ctx->buf,0);
+ if (n != b)
+ return(0);
+ n=ctx->buf[b-1];
+ if (n > b)
+ {
+ EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_BAD_DECRYPT);
+ return(0);
+ }
+ for (i=0; i<n; i++)
+ {
+ if (ctx->buf[--b] != n)
+ {
+ EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_BAD_DECRYPT);
+ return(0);
+ }
+ }
+ n=ctx->cipher->block_size-n;
+ for (i=0; i<n; i++)
+ out[i]=ctx->buf[i];
+ *outl=n;
+ }
+ else
+ *outl=0;
+ return(1);
+ }
+
+void EVP_CIPHER_CTX_cleanup(c)
+EVP_CIPHER_CTX *c;
+ {
+ if ((c->cipher != NULL) && (c->cipher->cleanup != NULL))
+ c->cipher->cleanup(c);
+ memset(c,0,sizeof(EVP_CIPHER_CTX));
+ }
+
diff --git a/src/lib/libssl/src/crypto/evp/evp_err.c b/src/lib/libssl/src/crypto/evp/evp_err.c
new file mode 100644
index 0000000000..2b0a0ab93f
--- /dev/null
+++ b/src/lib/libssl/src/crypto/evp/evp_err.c
@@ -0,0 +1,108 @@
+/* lib/evp/evp_err.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include "err.h"
+#include "evp.h"
+
+/* BEGIN ERROR CODES */
+#ifndef NO_ERR
+static ERR_STRING_DATA EVP_str_functs[]=
+ {
+{ERR_PACK(0,EVP_F_D2I_PKEY,0), "D2I_PKEY"},
+{ERR_PACK(0,EVP_F_EVP_DECRYPTFINAL,0), "EVP_DecryptFinal"},
+{ERR_PACK(0,EVP_F_EVP_OPENINIT,0), "EVP_OpenInit"},
+{ERR_PACK(0,EVP_F_EVP_PKEY_COPY_PARAMETERS,0), "EVP_PKEY_copy_parameters"},
+{ERR_PACK(0,EVP_F_EVP_PKEY_DECRYPT,0), "EVP_PKEY_decrypt"},
+{ERR_PACK(0,EVP_F_EVP_PKEY_ENCRYPT,0), "EVP_PKEY_encrypt"},
+{ERR_PACK(0,EVP_F_EVP_PKEY_NEW,0), "EVP_PKEY_new"},
+{ERR_PACK(0,EVP_F_EVP_SIGNFINAL,0), "EVP_SignFinal"},
+{ERR_PACK(0,EVP_F_EVP_VERIFYFINAL,0), "EVP_VerifyFinal"},
+{0,NULL},
+ };
+
+static ERR_STRING_DATA EVP_str_reasons[]=
+ {
+{EVP_R_BAD_DECRYPT ,"bad decrypt"},
+{EVP_R_DIFFERENT_KEY_TYPES ,"different key types"},
+{EVP_R_IV_TOO_LARGE ,"iv too large"},
+{EVP_R_MISSING_PARMATERS ,"missing parmaters"},
+{EVP_R_NO_SIGN_FUNCTION_CONFIGURED ,"no sign function configured"},
+{EVP_R_NO_VERIFY_FUNCTION_CONFIGURED ,"no verify function configured"},
+{EVP_R_PUBLIC_KEY_NOT_RSA ,"public key not rsa"},
+{EVP_R_UNSUPPORTED_CIPHER ,"unsupported cipher"},
+{EVP_R_WRONG_FINAL_BLOCK_LENGTH ,"wrong final block length"},
+{EVP_R_WRONG_PUBLIC_KEY_TYPE ,"wrong public key type"},
+{0,NULL},
+ };
+
+#endif
+
+void ERR_load_EVP_strings()
+ {
+ static int init=1;
+
+ if (init);
+ {;
+ init=0;
+#ifndef NO_ERR
+ ERR_load_strings(ERR_LIB_EVP,EVP_str_functs);
+ ERR_load_strings(ERR_LIB_EVP,EVP_str_reasons);
+#endif
+
+ }
+ }
diff --git a/src/lib/libssl/src/crypto/evp/evp_key.c b/src/lib/libssl/src/crypto/evp/evp_key.c
new file mode 100644
index 0000000000..dafa686f64
--- /dev/null
+++ b/src/lib/libssl/src/crypto/evp/evp_key.c
@@ -0,0 +1,167 @@
+/* crypto/evp/evp_key.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "x509.h"
+#include "objects.h"
+#include "evp.h"
+
+/* should be init to zeros. */
+static char prompt_string[80];
+
+void EVP_set_pw_prompt(prompt)
+char *prompt;
+ {
+ if (prompt == NULL)
+ prompt_string[0]='\0';
+ else
+ strncpy(prompt_string,prompt,79);
+ }
+
+char *EVP_get_pw_prompt()
+ {
+ if (prompt_string[0] == '\0')
+ return(NULL);
+ else
+ return(prompt_string);
+ }
+
+#ifdef NO_DES
+int des_read_pw_string(char *buf,int len,char *prompt,int verify);
+#endif
+
+int EVP_read_pw_string(buf,len,prompt,verify)
+char *buf;
+int len;
+char *prompt;
+int verify;
+ {
+ if ((prompt == NULL) && (prompt_string[0] != '\0'))
+ prompt=prompt_string;
+ return(des_read_pw_string(buf,len,prompt,verify));
+ }
+
+int EVP_BytesToKey(type,md,salt,data,datal,count,key,iv)
+EVP_CIPHER *type;
+EVP_MD *md;
+unsigned char *salt;
+unsigned char *data;
+int datal;
+int count;
+unsigned char *key;
+unsigned char *iv;
+ {
+ EVP_MD_CTX c;
+ unsigned char md_buf[EVP_MAX_MD_SIZE];
+ int niv,nkey,addmd=0;
+ unsigned int mds=0,i;
+
+ nkey=type->key_len;
+ niv=type->iv_len;
+
+ if (data == NULL) return(nkey);
+
+ for (;;)
+ {
+ EVP_DigestInit(&c,md);
+ if (addmd++)
+ EVP_DigestUpdate(&c,&(md_buf[0]),mds);
+ EVP_DigestUpdate(&c,data,datal);
+ if (salt != NULL)
+ EVP_DigestUpdate(&c,salt,8);
+ EVP_DigestFinal(&c,&(md_buf[0]),&mds);
+
+ for (i=1; i<(unsigned int)count; i++)
+ {
+ EVP_DigestInit(&c,md);
+ EVP_DigestUpdate(&c,&(md_buf[0]),mds);
+ EVP_DigestFinal(&c,&(md_buf[0]),&mds);
+ }
+ i=0;
+ if (nkey)
+ {
+ for (;;)
+ {
+ if (nkey == 0) break;
+ if (i == mds) break;
+ if (key != NULL)
+ *(key++)=md_buf[i];
+ nkey--;
+ i++;
+ }
+ }
+ if (niv && (i != mds))
+ {
+ for (;;)
+ {
+ if (niv == 0) break;
+ if (i == mds) break;
+ if (iv != NULL)
+ *(iv++)=md_buf[i];
+ niv--;
+ i++;
+ }
+ }
+ if ((nkey == 0) && (niv == 0)) break;
+ }
+ memset(&c,0,sizeof(c));
+ memset(&(md_buf[0]),0,EVP_MAX_MD_SIZE);
+ return(type->key_len);
+ }
+
diff --git a/src/lib/libssl/src/crypto/evp/evp_lib.c b/src/lib/libssl/src/crypto/evp/evp_lib.c
new file mode 100644
index 0000000000..69784eb555
--- /dev/null
+++ b/src/lib/libssl/src/crypto/evp/evp_lib.c
@@ -0,0 +1,117 @@
+/* crypto/evp/evp_lib.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+int EVP_CIPHER_param_to_asn1(c,type)
+EVP_CIPHER_CTX *c;
+ASN1_TYPE *type;
+ {
+ int ret;
+
+ if (c->cipher->set_asn1_parameters != NULL)
+ ret=c->cipher->set_asn1_parameters(c,type);
+ else
+ ret=1;
+ return(ret);
+ }
+
+int EVP_CIPHER_asn1_to_param(c,type)
+EVP_CIPHER_CTX *c;
+ASN1_TYPE *type;
+ {
+ int ret;
+
+ if (c->cipher->get_asn1_parameters != NULL)
+ ret=c->cipher->get_asn1_parameters(c,type);
+ else
+ ret=1;
+ return(ret);
+ }
+
+int EVP_CIPHER_get_asn1_iv(c,type)
+EVP_CIPHER_CTX *c;
+ASN1_TYPE *type;
+ {
+ int i=0,l;
+
+ if (type != NULL)
+ {
+ l=EVP_CIPHER_CTX_iv_length(c);
+ i=ASN1_TYPE_get_octetstring(type,c->oiv,l);
+ memcpy(c->iv,c->oiv,l);
+ }
+ return(i);
+ }
+
+int EVP_CIPHER_set_asn1_iv(c,type)
+EVP_CIPHER_CTX *c;
+ASN1_TYPE *type;
+ {
+ int i=0,j;
+
+ if (type != NULL)
+ {
+ j=EVP_CIPHER_CTX_iv_length(c);
+ i=ASN1_TYPE_set_octetstring(type,c->oiv,j);
+ }
+ return(i);
+ }
diff --git a/src/lib/libssl/src/crypto/evp/m_dss.c b/src/lib/libssl/src/crypto/evp/m_dss.c
new file mode 100644
index 0000000000..3549b1699c
--- /dev/null
+++ b/src/lib/libssl/src/crypto/evp/m_dss.c
@@ -0,0 +1,82 @@
+/* crypto/evp/m_dss.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+static EVP_MD dsa_md=
+ {
+ NID_dsaWithSHA,
+ NID_dsaWithSHA,
+ SHA_DIGEST_LENGTH,
+ SHA1_Init,
+ SHA1_Update,
+ SHA1_Final,
+ EVP_PKEY_DSA_method,
+ SHA_CBLOCK,
+ sizeof(EVP_MD *)+sizeof(SHA_CTX),
+ };
+
+EVP_MD *EVP_dss()
+ {
+ return(&dsa_md);
+ }
+
diff --git a/src/lib/libssl/src/crypto/evp/m_dss1.c b/src/lib/libssl/src/crypto/evp/m_dss1.c
new file mode 100644
index 0000000000..ff256b7b20
--- /dev/null
+++ b/src/lib/libssl/src/crypto/evp/m_dss1.c
@@ -0,0 +1,81 @@
+/* crypto/evp/m_dss1.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+static EVP_MD dss1_md=
+ {
+ NID_dsa,
+ NID_dsaWithSHA1,
+ SHA_DIGEST_LENGTH,
+ SHA1_Init,
+ SHA1_Update,
+ SHA1_Final,
+ EVP_PKEY_DSA_method,
+ SHA_CBLOCK,
+ sizeof(EVP_MD *)+sizeof(SHA_CTX),
+ };
+
+EVP_MD *EVP_dss1()
+ {
+ return(&dss1_md);
+ }
diff --git a/src/lib/libssl/src/crypto/evp/m_md2.c b/src/lib/libssl/src/crypto/evp/m_md2.c
new file mode 100644
index 0000000000..2209416142
--- /dev/null
+++ b/src/lib/libssl/src/crypto/evp/m_md2.c
@@ -0,0 +1,82 @@
+/* crypto/evp/m_md2.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+static EVP_MD md2_md=
+ {
+ NID_md2,
+ NID_md2WithRSAEncryption,
+ MD2_DIGEST_LENGTH,
+ MD2_Init,
+ MD2_Update,
+ MD2_Final,
+ EVP_PKEY_RSA_method,
+ MD2_BLOCK,
+ sizeof(EVP_MD *)+sizeof(MD2_CTX),
+ };
+
+EVP_MD *EVP_md2()
+ {
+ return(&md2_md);
+ }
+
diff --git a/src/lib/libssl/src/crypto/evp/m_md5.c b/src/lib/libssl/src/crypto/evp/m_md5.c
new file mode 100644
index 0000000000..d65db9aa1d
--- /dev/null
+++ b/src/lib/libssl/src/crypto/evp/m_md5.c
@@ -0,0 +1,81 @@
+/* crypto/evp/m_md5.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+static EVP_MD md5_md=
+ {
+ NID_md5,
+ NID_md5WithRSAEncryption,
+ MD5_DIGEST_LENGTH,
+ MD5_Init,
+ MD5_Update,
+ MD5_Final,
+ EVP_PKEY_RSA_method,
+ MD5_CBLOCK,
+ sizeof(EVP_MD *)+sizeof(MD5_CTX),
+ };
+
+EVP_MD *EVP_md5()
+ {
+ return(&md5_md);
+ }
diff --git a/src/lib/libssl/src/crypto/evp/m_mdc2.c b/src/lib/libssl/src/crypto/evp/m_mdc2.c
new file mode 100644
index 0000000000..64a853eb7f
--- /dev/null
+++ b/src/lib/libssl/src/crypto/evp/m_mdc2.c
@@ -0,0 +1,81 @@
+/* crypto/evp/m_mdc2.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+static EVP_MD mdc2_md=
+ {
+ NID_mdc2,
+ NID_mdc2WithRSA,
+ MDC2_DIGEST_LENGTH,
+ MDC2_Init,
+ MDC2_Update,
+ MDC2_Final,
+ EVP_PKEY_RSA_ASN1_OCTET_STRING_method,
+ MDC2_BLOCK,
+ sizeof(EVP_MD *)+sizeof(MDC2_CTX),
+ };
+
+EVP_MD *EVP_mdc2()
+ {
+ return(&mdc2_md);
+ }
diff --git a/src/lib/libssl/src/crypto/evp/m_null.c b/src/lib/libssl/src/crypto/evp/m_null.c
new file mode 100644
index 0000000000..6d80560df2
--- /dev/null
+++ b/src/lib/libssl/src/crypto/evp/m_null.c
@@ -0,0 +1,88 @@
+/* crypto/evp/m_null.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+static void function()
+ {
+ }
+
+static EVP_MD null_md=
+ {
+ NID_undef,
+ NID_undef,
+ 0,
+ function,
+ function,
+ function,
+
+ EVP_PKEY_NULL_method,
+ 0,
+ sizeof(EVP_MD *),
+ };
+
+EVP_MD *EVP_md_null()
+ {
+ return(&null_md);
+ }
+
+
diff --git a/src/lib/libssl/src/crypto/evp/m_ripemd.c b/src/lib/libssl/src/crypto/evp/m_ripemd.c
new file mode 100644
index 0000000000..04c5d8897b
--- /dev/null
+++ b/src/lib/libssl/src/crypto/evp/m_ripemd.c
@@ -0,0 +1,81 @@
+/* crypto/evp/m_ripemd.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+static EVP_MD ripemd160_md=
+ {
+ NID_ripemd160,
+ NID_ripemd160WithRSA,
+ RIPEMD160_DIGEST_LENGTH,
+ RIPEMD160_Init,
+ RIPEMD160_Update,
+ RIPEMD160_Final,
+ EVP_PKEY_RSA_method,
+ RIPEMD160_CBLOCK,
+ sizeof(EVP_MD *)+sizeof(RIPEMD160_CTX),
+ };
+
+EVP_MD *EVP_ripemd160()
+ {
+ return(&ripemd160_md);
+ }
diff --git a/src/lib/libssl/src/crypto/evp/m_sha.c b/src/lib/libssl/src/crypto/evp/m_sha.c
new file mode 100644
index 0000000000..af4e434a22
--- /dev/null
+++ b/src/lib/libssl/src/crypto/evp/m_sha.c
@@ -0,0 +1,82 @@
+/* crypto/evp/m_sha.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+static EVP_MD sha_md=
+ {
+ NID_sha,
+ NID_shaWithRSAEncryption,
+ SHA_DIGEST_LENGTH,
+ SHA_Init,
+ SHA_Update,
+ SHA_Final,
+ EVP_PKEY_RSA_method,
+ SHA_CBLOCK,
+ sizeof(EVP_MD *)+sizeof(SHA_CTX),
+ };
+
+EVP_MD *EVP_sha()
+ {
+ return(&sha_md);
+ }
+
diff --git a/src/lib/libssl/src/crypto/evp/m_sha1.c b/src/lib/libssl/src/crypto/evp/m_sha1.c
new file mode 100644
index 0000000000..87135a9cf2
--- /dev/null
+++ b/src/lib/libssl/src/crypto/evp/m_sha1.c
@@ -0,0 +1,81 @@
+/* crypto/evp/m_sha1.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+static EVP_MD sha1_md=
+ {
+ NID_sha1,
+ NID_sha1WithRSAEncryption,
+ SHA_DIGEST_LENGTH,
+ SHA1_Init,
+ SHA1_Update,
+ SHA1_Final,
+ EVP_PKEY_RSA_method,
+ SHA_CBLOCK,
+ sizeof(EVP_MD *)+sizeof(SHA_CTX),
+ };
+
+EVP_MD *EVP_sha1()
+ {
+ return(&sha1_md);
+ }
diff --git a/src/lib/libssl/src/crypto/evp/names.c b/src/lib/libssl/src/crypto/evp/names.c
new file mode 100644
index 0000000000..e0774da20d
--- /dev/null
+++ b/src/lib/libssl/src/crypto/evp/names.c
@@ -0,0 +1,285 @@
+/* crypto/evp/names.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+typedef struct aliases_st {
+ char *alias;
+ /* This must be the last field becaue I will allocate things
+ * so they go off the end of it */
+ char name[4];
+ } ALIASES;
+
+static STACK /* ALIASES */ *aliases=NULL;
+static STACK /* EVP_CIPHERS */ *ciphers=NULL;
+static STACK /* EVP_MD */ *digests=NULL;
+
+static int cipher_nid_cmp(a,b)
+EVP_CIPHER **a,**b;
+ { return((*a)->nid - (*b)->nid); }
+
+static int digest_type_cmp(a,b)
+EVP_MD **a,**b;
+ { return((*a)->pkey_type - (*b)->pkey_type); }
+
+int EVP_add_cipher(c)
+EVP_CIPHER *c;
+ {
+ int i;
+
+ if (ciphers == NULL)
+ {
+ ciphers=sk_new(cipher_nid_cmp);
+ if (ciphers == NULL) return(0);
+ }
+ if ((i=sk_find(ciphers,(char *)c)) >= 0)
+ {
+ if (sk_value(ciphers,i) == (char *)c)
+ return(1);
+ sk_delete(ciphers,i);
+ }
+ return(sk_push(ciphers,(char *)c));
+ }
+
+int EVP_add_digest(md)
+EVP_MD *md;
+ {
+ int i;
+ char *n;
+
+ if (digests == NULL)
+ {
+ digests=sk_new(digest_type_cmp);
+ if (digests == NULL) return(0);
+ }
+ if ((i=sk_find(digests,(char *)md)) >= 0)
+ {
+ if (sk_value(digests,i) == (char *)md)
+ return(1);
+ sk_delete(digests,i);
+ }
+ if (md->type != md->pkey_type)
+ {
+ n=OBJ_nid2sn(md->pkey_type);
+ EVP_add_alias(n,OBJ_nid2sn(md->type));
+ EVP_add_alias(n,OBJ_nid2ln(md->type));
+ }
+ sk_push(digests,(char *)md);
+ return(1);
+ }
+
+static int alias_cmp(a,b)
+ALIASES **a,**b;
+ {
+ return(strcmp((*a)->alias,(*b)->alias));
+ }
+
+int EVP_add_alias(name,aname)
+char *name;
+char *aname;
+ {
+ int l1,l2,i;
+ ALIASES *a;
+ char *p;
+
+ if ((name == NULL) || (aname == NULL)) return(0);
+ l1=strlen(name)+1;
+ l2=strlen(aname)+1;
+ i=sizeof(ALIASES)+l1+l2;
+ if ((a=(ALIASES *)Malloc(i)) == NULL)
+ return(0);
+ strcpy(a->name,name);
+ p= &(a->name[l1]);
+ strcpy(p,aname);
+ a->alias=p;
+
+ if (aliases == NULL)
+ {
+ aliases=sk_new(alias_cmp);
+ if (aliases == NULL) goto err;
+ }
+
+ if ((i=sk_find(aliases,(char *)a)) >= 0)
+ {
+ Free(sk_delete(aliases,i));
+ }
+ if (!sk_push(aliases,(char *)a)) goto err;
+ return(1);
+err:
+ return(0);
+ }
+
+int EVP_delete_alias(name)
+char *name;
+ {
+ ALIASES a;
+ int i;
+
+ if (aliases != NULL)
+ {
+ a.alias=name;
+ if ((i=sk_find(aliases,(char *)&a)) >= 0)
+ {
+ Free(sk_delete(aliases,i));
+ return(1);
+ }
+ }
+ return(0);
+ }
+
+EVP_CIPHER *EVP_get_cipherbyname(name)
+char *name;
+ {
+ int nid,num=6,i;
+ EVP_CIPHER c,*cp;
+ ALIASES a,*ap;
+
+ if (ciphers == NULL) return(NULL);
+ for (;;)
+ {
+ if (num-- <= 0) return(NULL);
+ if (aliases != NULL)
+ {
+ a.alias=name;
+ i=sk_find(aliases,(char *)&a);
+ if (i >= 0)
+ {
+ ap=(ALIASES *)sk_value(aliases,i);
+ name=ap->name;
+ continue;
+ }
+ }
+
+ nid=OBJ_txt2nid(name);
+ if (nid == NID_undef) return(NULL);
+ c.nid=nid;
+ i=sk_find(ciphers,(char *)&c);
+ if (i >= 0)
+ {
+ cp=(EVP_CIPHER *)sk_value(ciphers,i);
+ return(cp);
+ }
+ else
+ return(NULL);
+ }
+ }
+
+EVP_MD *EVP_get_digestbyname(name)
+char *name;
+ {
+ int nid,num=6,i;
+ EVP_MD c,*cp;
+ ALIASES a,*ap;
+
+ if (digests == NULL) return(NULL);
+
+ for (;;)
+ {
+ if (num-- <= 0) return(NULL);
+
+ if (aliases != NULL)
+ {
+ a.alias=name;
+ i=sk_find(aliases,(char *)&a);
+ if (i >= 0)
+ {
+ ap=(ALIASES *)sk_value(aliases,i);
+ name=ap->name;
+ continue;
+ }
+ }
+
+ nid=OBJ_txt2nid(name);
+ if (nid == NID_undef) return(NULL);
+ c.pkey_type=nid;
+ i=sk_find(digests,(char *)&c);
+ if (i >= 0)
+ {
+ cp=(EVP_MD *)sk_value(digests,i);
+ return(cp);
+ }
+ else
+ return(NULL);
+ }
+ }
+
+void EVP_cleanup()
+ {
+ int i;
+
+ if (aliases != NULL)
+ {
+ for (i=0; i<sk_num(aliases); i++)
+ Free(sk_value(aliases,i));
+ sk_free(aliases);
+ aliases=NULL;
+ }
+ if (ciphers != NULL)
+ {
+ sk_free(ciphers);
+ ciphers=NULL;
+ }
+ if (digests != NULL)
+ {
+ sk_free(digests);
+ digests=NULL;
+ }
+ }
diff --git a/src/lib/libssl/src/crypto/evp/p_dec.c b/src/lib/libssl/src/crypto/evp/p_dec.c
new file mode 100644
index 0000000000..e845ce70c7
--- /dev/null
+++ b/src/lib/libssl/src/crypto/evp/p_dec.c
@@ -0,0 +1,84 @@
+/* crypto/evp/p_dec.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "rand.h"
+#include "rsa.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+int EVP_PKEY_decrypt(key,ek,ekl,priv)
+unsigned char *key;
+unsigned char *ek;
+int ekl;
+EVP_PKEY *priv;
+ {
+ int ret= -1;
+
+ if (priv->type != EVP_PKEY_RSA)
+ {
+ EVPerr(EVP_F_EVP_PKEY_DECRYPT,EVP_R_PUBLIC_KEY_NOT_RSA);
+ goto err;
+ }
+
+ ret=RSA_private_decrypt(ekl,ek,key,priv->pkey.rsa,RSA_PKCS1_PADDING);
+err:
+ return(ret);
+ }
diff --git a/src/lib/libssl/src/crypto/evp/p_enc.c b/src/lib/libssl/src/crypto/evp/p_enc.c
new file mode 100644
index 0000000000..a26bfad02a
--- /dev/null
+++ b/src/lib/libssl/src/crypto/evp/p_enc.c
@@ -0,0 +1,83 @@
+/* crypto/evp/p_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "rand.h"
+#include "rsa.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+int EVP_PKEY_encrypt(ek,key,key_len,pubk)
+unsigned char *ek;
+unsigned char *key;
+int key_len;
+EVP_PKEY *pubk;
+ {
+ int ret=0;
+
+ if (pubk->type != EVP_PKEY_RSA)
+ {
+ EVPerr(EVP_F_EVP_PKEY_ENCRYPT,EVP_R_PUBLIC_KEY_NOT_RSA);
+ goto err;
+ }
+ ret=RSA_public_encrypt(key_len,key,ek,pubk->pkey.rsa,RSA_PKCS1_PADDING);
+err:
+ return(ret);
+ }
diff --git a/src/lib/libssl/src/crypto/evp/p_lib.c b/src/lib/libssl/src/crypto/evp/p_lib.c
new file mode 100644
index 0000000000..395351b373
--- /dev/null
+++ b/src/lib/libssl/src/crypto/evp/p_lib.c
@@ -0,0 +1,294 @@
+/* crypto/evp/p_lib.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "objects.h"
+#include "evp.h"
+#include "asn1_mac.h"
+#include "x509.h"
+
+/* EVPerr(EVP_F_D2I_PKEY,EVP_R_UNSUPPORTED_CIPHER); */
+/* EVPerr(EVP_F_D2I_PKEY,EVP_R_IV_TOO_LARGE); */
+
+#ifndef NOPROTO
+static void EVP_PKEY_free_it(EVP_PKEY *x);
+#else
+static void EVP_PKEY_free_it();
+#endif
+
+int EVP_PKEY_bits(pkey)
+EVP_PKEY *pkey;
+ {
+#ifndef NO_RSA
+ if (pkey->type == EVP_PKEY_RSA)
+ return(BN_num_bits(pkey->pkey.rsa->n));
+ else
+#endif
+#ifndef NO_DSA
+ if (pkey->type == EVP_PKEY_DSA)
+ return(BN_num_bits(pkey->pkey.dsa->p));
+#endif
+ return(0);
+ }
+
+int EVP_PKEY_size(pkey)
+EVP_PKEY *pkey;
+ {
+#ifndef NO_RSA
+ if (pkey->type == EVP_PKEY_RSA)
+ return(RSA_size(pkey->pkey.rsa));
+ else
+#endif
+#ifndef NO_DSA
+ if (pkey->type == EVP_PKEY_DSA)
+ return(DSA_size(pkey->pkey.dsa));
+#endif
+ return(0);
+ }
+
+int EVP_PKEY_save_parameters(pkey,mode)
+EVP_PKEY *pkey;
+int mode;
+ {
+#ifndef NO_DSA
+ if (pkey->type == EVP_PKEY_DSA)
+ {
+ int ret=pkey->save_parameters=mode;
+
+ if (mode >= 0)
+ pkey->save_parameters=mode;
+ return(ret);
+ }
+#endif
+ return(0);
+ }
+
+int EVP_PKEY_copy_parameters(to,from)
+EVP_PKEY *to,*from;
+ {
+ if (to->type != from->type)
+ {
+ EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,EVP_R_DIFFERENT_KEY_TYPES);
+ goto err;
+ }
+
+ if (EVP_PKEY_missing_parameters(from))
+ {
+ EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,EVP_R_MISSING_PARMATERS);
+ goto err;
+ }
+#ifndef NO_DSA
+ if (to->type == EVP_PKEY_DSA)
+ {
+ BIGNUM *a;
+
+ if ((a=BN_dup(from->pkey.dsa->p)) == NULL) goto err;
+ if (to->pkey.dsa->p != NULL) BN_free(to->pkey.dsa->p);
+ to->pkey.dsa->p=a;
+
+ if ((a=BN_dup(from->pkey.dsa->q)) == NULL) goto err;
+ if (to->pkey.dsa->q != NULL) BN_free(to->pkey.dsa->q);
+ to->pkey.dsa->q=a;
+
+ if ((a=BN_dup(from->pkey.dsa->g)) == NULL) goto err;
+ if (to->pkey.dsa->g != NULL) BN_free(to->pkey.dsa->g);
+ to->pkey.dsa->g=a;
+ }
+#endif
+ return(1);
+err:
+ return(0);
+ }
+
+int EVP_PKEY_missing_parameters(pkey)
+EVP_PKEY *pkey;
+ {
+#ifndef NO_DSA
+ if (pkey->type == EVP_PKEY_DSA)
+ {
+ DSA *dsa;
+
+ dsa=pkey->pkey.dsa;
+ if ((dsa->p == NULL) || (dsa->q == NULL) || (dsa->g == NULL))
+ return(1);
+ }
+#endif
+ return(0);
+ }
+
+int EVP_PKEY_cmp_parameters(a,b)
+EVP_PKEY *a,*b;
+ {
+#ifndef NO_DSA
+ if ((a->type == EVP_PKEY_DSA) && (b->type == EVP_PKEY_DSA))
+ {
+ if ( BN_cmp(a->pkey.dsa->p,b->pkey.dsa->p) ||
+ BN_cmp(a->pkey.dsa->q,b->pkey.dsa->q) ||
+ BN_cmp(a->pkey.dsa->g,b->pkey.dsa->g))
+ return(0);
+ else
+ return(1);
+ }
+#endif
+ return(-1);
+ }
+
+EVP_PKEY *EVP_PKEY_new()
+ {
+ EVP_PKEY *ret;
+
+ ret=(EVP_PKEY *)Malloc(sizeof(EVP_PKEY));
+ if (ret == NULL)
+ {
+ EVPerr(EVP_F_EVP_PKEY_NEW,ERR_R_MALLOC_FAILURE);
+ return(NULL);
+ }
+ ret->type=EVP_PKEY_NONE;
+ ret->references=1;
+ ret->pkey.ptr=NULL;
+ ret->attributes=NULL;
+ ret->save_parameters=1;
+ return(ret);
+ }
+
+int EVP_PKEY_assign(pkey,type,key)
+EVP_PKEY *pkey;
+int type;
+char *key;
+ {
+ if (pkey == NULL) return(0);
+ if (pkey->pkey.ptr != NULL)
+ EVP_PKEY_free_it(pkey);
+ pkey->type=EVP_PKEY_type(type);
+ pkey->save_type=type;
+ pkey->pkey.ptr=key;
+ return(1);
+ }
+
+int EVP_PKEY_type(type)
+int type;
+ {
+ switch (type)
+ {
+ case EVP_PKEY_RSA:
+ case EVP_PKEY_RSA2:
+ return(EVP_PKEY_RSA);
+ case EVP_PKEY_DSA:
+ case EVP_PKEY_DSA1:
+ case EVP_PKEY_DSA2:
+ case EVP_PKEY_DSA3:
+ case EVP_PKEY_DSA4:
+ return(EVP_PKEY_DSA);
+ case EVP_PKEY_DH:
+ return(EVP_PKEY_DH);
+ default:
+ return(NID_undef);
+ }
+ }
+
+void EVP_PKEY_free(x)
+EVP_PKEY *x;
+ {
+ int i;
+
+ if (x == NULL) return;
+
+ i=CRYPTO_add(&x->references,-1,CRYPTO_LOCK_EVP_PKEY);
+#ifdef REF_PRINT
+ REF_PRINT("EVP_PKEY",x);
+#endif
+ if (i > 0) return;
+#ifdef REF_CHECK
+ if (i < 0)
+ {
+ fprintf(stderr,"EVP_PKEY_free, bad reference count\n");
+ abort();
+ }
+#endif
+ EVP_PKEY_free_it(x);
+ Free((char *)x);
+ }
+
+static void EVP_PKEY_free_it(x)
+EVP_PKEY *x;
+ {
+ switch (x->type)
+ {
+#ifndef NO_RSA
+ case EVP_PKEY_RSA:
+ case EVP_PKEY_RSA2:
+ RSA_free(x->pkey.rsa);
+ break;
+#endif
+#ifndef NO_DSA
+ case EVP_PKEY_DSA:
+ case EVP_PKEY_DSA2:
+ case EVP_PKEY_DSA3:
+ case EVP_PKEY_DSA4:
+ DSA_free(x->pkey.dsa);
+ break;
+#endif
+#ifndef NO_DH
+ case EVP_PKEY_DH:
+ DH_free(x->pkey.dh);
+ break;
+#endif
+ }
+ }
+
diff --git a/src/lib/libssl/src/crypto/evp/p_open.c b/src/lib/libssl/src/crypto/evp/p_open.c
new file mode 100644
index 0000000000..28a8e02252
--- /dev/null
+++ b/src/lib/libssl/src/crypto/evp/p_open.c
@@ -0,0 +1,119 @@
+/* crypto/evp/p_open.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+int EVP_OpenInit(ctx,type,ek,ekl,iv,priv)
+EVP_CIPHER_CTX *ctx;
+EVP_CIPHER *type;
+unsigned char *ek;
+int ekl;
+unsigned char *iv;
+EVP_PKEY *priv;
+ {
+ unsigned char *key=NULL;
+ int i,size=0,ret=0;
+
+ if (priv->type != EVP_PKEY_RSA)
+ {
+ EVPerr(EVP_F_EVP_OPENINIT,EVP_R_PUBLIC_KEY_NOT_RSA);
+ ret= -1;
+ goto err;
+ }
+
+ size=RSA_size(priv->pkey.rsa);
+ key=(unsigned char *)Malloc(size+2);
+ if (key == NULL)
+ {
+ /* ERROR */
+ EVPerr(EVP_F_EVP_OPENINIT,ERR_R_MALLOC_FAILURE);
+ ret= -1;
+ goto err;
+ }
+
+ i=EVP_PKEY_decrypt(key,ek,ekl,priv);
+ if (i != type->key_len)
+ {
+ /* ERROR */
+ goto err;
+ }
+
+ EVP_CIPHER_CTX_init(ctx);
+ EVP_DecryptInit(ctx,type,key,iv);
+ ret=1;
+err:
+ if (key != NULL) memset(key,0,size);
+ Free(key);
+ return(ret);
+ }
+
+int EVP_OpenFinal(ctx,out,outl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+int *outl;
+ {
+ int i;
+
+ i=EVP_DecryptFinal(ctx,out,outl);
+ EVP_DecryptInit(ctx,NULL,NULL,NULL);
+ return(i);
+ }
diff --git a/src/lib/libssl/src/crypto/evp/p_seal.c b/src/lib/libssl/src/crypto/evp/p_seal.c
new file mode 100644
index 0000000000..09a408de35
--- /dev/null
+++ b/src/lib/libssl/src/crypto/evp/p_seal.c
@@ -0,0 +1,115 @@
+/* crypto/evp/p_seal.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "rand.h"
+#include "rsa.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+int EVP_SealInit(ctx,type,ek,ekl,iv,pubk,npubk)
+EVP_CIPHER_CTX *ctx;
+EVP_CIPHER *type;
+unsigned char **ek;
+int *ekl;
+unsigned char *iv;
+EVP_PKEY **pubk;
+int npubk;
+ {
+ unsigned char key[EVP_MAX_KEY_LENGTH];
+ int i;
+
+ if (npubk <= 0) return(0);
+ RAND_bytes(key,EVP_MAX_KEY_LENGTH);
+ if (type->iv_len > 0)
+ RAND_bytes(iv,type->iv_len);
+
+ EVP_CIPHER_CTX_init(ctx);
+ EVP_EncryptInit(ctx,type,key,iv);
+
+ for (i=0; i<npubk; i++)
+ {
+ ekl[i]=EVP_PKEY_encrypt(ek[i],key,EVP_CIPHER_key_length(type),
+ pubk[i]);
+ if (ekl[i] <= 0) return(-1);
+ }
+ return(npubk);
+ }
+
+/* MACRO
+void EVP_SealUpdate(ctx,out,outl,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+int *outl;
+unsigned char *in;
+int inl;
+ {
+ EVP_EncryptUpdate(ctx,out,outl,in,inl);
+ }
+*/
+
+void EVP_SealFinal(ctx,out,outl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+int *outl;
+ {
+ EVP_EncryptFinal(ctx,out,outl);
+ EVP_EncryptInit(ctx,NULL,NULL,NULL);
+ }
diff --git a/src/lib/libssl/src/crypto/evp/p_sign.c b/src/lib/libssl/src/crypto/evp/p_sign.c
new file mode 100644
index 0000000000..073270ce31
--- /dev/null
+++ b/src/lib/libssl/src/crypto/evp/p_sign.c
@@ -0,0 +1,119 @@
+/* crypto/evp/p_sign.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+#ifdef undef
+void EVP_SignInit(ctx,type)
+EVP_MD_CTX *ctx;
+EVP_MD *type;
+ {
+ EVP_DigestInit(ctx,type);
+ }
+
+void EVP_SignUpdate(ctx,data,count)
+EVP_MD_CTX *ctx;
+unsigned char *data;
+unsigned int count;
+ {
+ EVP_DigestUpdate(ctx,data,count);
+ }
+#endif
+
+int EVP_SignFinal(ctx,sigret,siglen,pkey)
+EVP_MD_CTX *ctx;
+unsigned char *sigret;
+unsigned int *siglen;
+EVP_PKEY *pkey;
+ {
+ unsigned char m[EVP_MAX_MD_SIZE];
+ unsigned int m_len;
+ int i,ok=0,v;
+ MS_STATIC EVP_MD_CTX tmp_ctx;
+
+ *siglen=0;
+ memcpy(&tmp_ctx,ctx,sizeof(EVP_MD_CTX));
+ EVP_DigestFinal(&tmp_ctx,&(m[0]),&m_len);
+ for (i=0; i<4; i++)
+ {
+ v=ctx->digest->required_pkey_type[i];
+ if (v == 0) break;
+ if (pkey->type == v)
+ {
+ ok=1;
+ break;
+ }
+ }
+ if (!ok)
+ {
+ EVPerr(EVP_F_EVP_SIGNFINAL,EVP_R_WRONG_PUBLIC_KEY_TYPE);
+ return(0);
+ }
+ if (ctx->digest->sign == NULL)
+ {
+ EVPerr(EVP_F_EVP_SIGNFINAL,EVP_R_NO_SIGN_FUNCTION_CONFIGURED);
+ return(0);
+ }
+ return(ctx->digest->sign(ctx->digest->type,m,m_len,sigret,siglen,
+ pkey->pkey.ptr));
+ }
+
diff --git a/src/lib/libssl/src/crypto/evp/p_verify.c b/src/lib/libssl/src/crypto/evp/p_verify.c
new file mode 100644
index 0000000000..8d727d8f02
--- /dev/null
+++ b/src/lib/libssl/src/crypto/evp/p_verify.c
@@ -0,0 +1,102 @@
+/* crypto/evp/p_verify.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+int EVP_VerifyFinal(ctx,sigbuf,siglen,pkey)
+EVP_MD_CTX *ctx;
+unsigned char *sigbuf;
+unsigned int siglen;
+EVP_PKEY *pkey;
+ {
+ unsigned char m[EVP_MAX_MD_SIZE];
+ unsigned int m_len;
+ int i,ok=0,v;
+ MS_STATIC EVP_MD_CTX tmp_ctx;
+
+ for (i=0; i<4; i++)
+ {
+ v=ctx->digest->required_pkey_type[i];
+ if (v == 0) break;
+ if (pkey->type == v)
+ {
+ ok=1;
+ break;
+ }
+ }
+ if (!ok)
+ {
+ EVPerr(EVP_F_EVP_VERIFYFINAL,EVP_R_WRONG_PUBLIC_KEY_TYPE);
+ return(-1);
+ }
+ memcpy(&tmp_ctx,ctx,sizeof(EVP_MD_CTX));
+ EVP_DigestFinal(&tmp_ctx,&(m[0]),&m_len);
+ if (ctx->digest->verify == NULL)
+ {
+ EVPerr(EVP_F_EVP_VERIFYFINAL,EVP_R_NO_VERIFY_FUNCTION_CONFIGURED);
+ return(0);
+ }
+
+ return(ctx->digest->verify(ctx->digest->type,m,m_len,
+ sigbuf,siglen,pkey->pkey.ptr));
+ }
+
diff --git a/src/lib/libssl/src/crypto/ex_data.c b/src/lib/libssl/src/crypto/ex_data.c
new file mode 100644
index 0000000000..c858b518ff
--- /dev/null
+++ b/src/lib/libssl/src/crypto/ex_data.c
@@ -0,0 +1,236 @@
+/* crypto/ex_data.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "buffer.h"
+#include "bio.h"
+#include "lhash.h"
+#include "cryptlib.h"
+
+int CRYPTO_get_ex_new_index(idx,skp,argl,argp,new_func,dup_func,free_func)
+int idx;
+STACK **skp;
+long argl;
+char *argp;
+int (*new_func)();
+int (*dup_func)();
+void (*free_func)();
+ {
+ CRYPTO_EX_DATA_FUNCS *a;
+
+ if (*skp == NULL)
+ *skp=sk_new_null();
+ if (*skp == NULL)
+ {
+ CRYPTOerr(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX,ERR_R_MALLOC_FAILURE);
+ return(-1);
+ }
+ a=(CRYPTO_EX_DATA_FUNCS *)Malloc(sizeof(CRYPTO_EX_DATA_FUNCS));
+ if (a == NULL)
+ {
+ CRYPTOerr(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX,ERR_R_MALLOC_FAILURE);
+ return(-1);
+ }
+ a->argl=argl;
+ a->argp=argp;
+ a->new_func=new_func;
+ a->dup_func=dup_func;
+ a->free_func=free_func;
+ while (sk_num(*skp) <= idx)
+ {
+ if (!sk_push(*skp,NULL))
+ {
+ CRYPTOerr(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX,ERR_R_MALLOC_FAILURE);
+ Free(a);
+ return(-1);
+ }
+ }
+ sk_value(*skp,idx)=(char *)a;
+ return(idx);
+ }
+
+int CRYPTO_set_ex_data(ad,idx,val)
+CRYPTO_EX_DATA *ad;
+int idx;
+char *val;
+ {
+ int i;
+
+ if (ad->sk == NULL)
+ {
+ if ((ad->sk=sk_new_null()) == NULL)
+ {
+ CRYPTOerr(CRYPTO_F_CRYPTO_SET_EX_DATA,ERR_R_MALLOC_FAILURE);
+ return(0);
+ }
+ }
+ i=sk_num(ad->sk);
+
+ while (i <= idx)
+ {
+ if (!sk_push(ad->sk,NULL))
+ {
+ CRYPTOerr(CRYPTO_F_CRYPTO_SET_EX_DATA,ERR_R_MALLOC_FAILURE);
+ return(0);
+ }
+ i++;
+ }
+ sk_value(ad->sk,idx)=val;
+ return(1);
+ }
+
+char *CRYPTO_get_ex_data(ad,idx)
+CRYPTO_EX_DATA *ad;
+int idx;
+ {
+ if (ad->sk == NULL)
+ return(0);
+ else if (idx >= sk_num(ad->sk))
+ return(0);
+ else
+ return(sk_value(ad->sk,idx));
+ }
+
+/* The callback is called with the 'object', which is the origional data object
+ * being duplicated, a pointer to the
+ * 'new' object to be inserted, the index, and the argi/argp
+ */
+int CRYPTO_dup_ex_data(meth,to,from)
+STACK *meth;
+CRYPTO_EX_DATA *to,*from;
+ {
+ int i,j,m,r;
+ CRYPTO_EX_DATA_FUNCS *mm;
+ char *from_d;
+
+ if (meth == NULL) return(1);
+ if (from->sk == NULL) return(1);
+ m=sk_num(meth);
+ j=sk_num(from->sk);
+ for (i=0; i<j; i++)
+ {
+ from_d=CRYPTO_get_ex_data(from,i);
+ if (i < m)
+ {
+ mm=(CRYPTO_EX_DATA_FUNCS *)sk_value(meth,i);
+ if (mm->dup_func != NULL)
+ r=mm->dup_func(to,from,(char **)&from_d,i,
+ mm->argl,mm->argp);
+ }
+ CRYPTO_set_ex_data(to,i,from_d);
+ }
+ return(1);
+ }
+
+/* Call each free callback */
+void CRYPTO_free_ex_data(meth,obj,ad)
+STACK *meth;
+char *obj;
+CRYPTO_EX_DATA *ad;
+ {
+ CRYPTO_EX_DATA_FUNCS *m;
+ char *ptr;
+ int i,max;
+
+ if (meth != NULL)
+ {
+ max=sk_num(meth);
+ for (i=0; i<max; i++)
+ {
+ m=(CRYPTO_EX_DATA_FUNCS *)sk_value(meth,i);
+ if ((m != NULL) && (m->free_func != NULL))
+ {
+ ptr=CRYPTO_get_ex_data(ad,i);
+ m->free_func(obj,ptr,ad,i,m->argl,m->argp);
+ }
+ }
+ }
+ if (ad->sk != NULL)
+ {
+ sk_free(ad->sk);
+ ad->sk=NULL;
+ }
+ }
+
+void CRYPTO_new_ex_data(meth,obj,ad)
+STACK *meth;
+char *obj;
+CRYPTO_EX_DATA *ad;
+ {
+ CRYPTO_EX_DATA_FUNCS *m;
+ char *ptr;
+ int i,max;
+
+ ad->sk=NULL;
+ if (meth != NULL)
+ {
+ max=sk_num(meth);
+ for (i=0; i<max; i++)
+ {
+ m=(CRYPTO_EX_DATA_FUNCS *)sk_value(meth,i);
+ if ((m != NULL) && (m->new_func != NULL))
+ {
+ ptr=CRYPTO_get_ex_data(ad,i);
+ m->new_func(obj,ptr,ad,i,m->argl,m->argp);
+ }
+ }
+ }
+ }
+
+
diff --git a/src/lib/libssl/src/crypto/hmac/hmac.c b/src/lib/libssl/src/crypto/hmac/hmac.c
new file mode 100644
index 0000000000..fb09129963
--- /dev/null
+++ b/src/lib/libssl/src/crypto/hmac/hmac.c
@@ -0,0 +1,165 @@
+/* crypto/hmac/hmac.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "hmac.h"
+
+void HMAC_Init(ctx,key,len,md)
+HMAC_CTX *ctx;
+unsigned char *key;
+int len;
+EVP_MD *md;
+ {
+ int i,j,reset=0;
+ unsigned char pad[HMAC_MAX_MD_CBLOCK];
+
+ if (md != NULL)
+ {
+ reset=1;
+ ctx->md=md;
+ }
+ else
+ md=ctx->md;
+
+ if (key != NULL)
+ {
+ reset=1;
+ j=EVP_MD_block_size(md);
+ if (j < len)
+ {
+ EVP_DigestInit(&ctx->md_ctx,md);
+ EVP_DigestUpdate(&ctx->md_ctx,key,len);
+ EVP_DigestFinal(&(ctx->md_ctx),ctx->key,
+ &ctx->key_length);
+ }
+ else
+ {
+ memcpy(ctx->key,key,len);
+ memset(&(ctx->key[len]),0,sizeof(ctx->key)-len);
+ ctx->key_length=len;
+ }
+ }
+
+ if (reset)
+ {
+ for (i=0; i<HMAC_MAX_MD_CBLOCK; i++)
+ pad[i]=0x36^ctx->key[i];
+ EVP_DigestInit(&ctx->i_ctx,md);
+ EVP_DigestUpdate(&ctx->i_ctx,pad,EVP_MD_block_size(md));
+
+ for (i=0; i<HMAC_MAX_MD_CBLOCK; i++)
+ pad[i]=0x5c^ctx->key[i];
+ EVP_DigestInit(&ctx->o_ctx,md);
+ EVP_DigestUpdate(&ctx->o_ctx,pad,EVP_MD_block_size(md));
+ }
+
+ memcpy(&ctx->md_ctx,&ctx->i_ctx,sizeof(ctx->i_ctx));
+ }
+
+void HMAC_Update(ctx,data,len)
+HMAC_CTX *ctx;
+unsigned char *data;
+int len;
+ {
+ EVP_DigestUpdate(&(ctx->md_ctx),data,len);
+ }
+
+void HMAC_Final(ctx,md,len)
+HMAC_CTX *ctx;
+unsigned char *md;
+unsigned int *len;
+ {
+ int j;
+ unsigned int i;
+ unsigned char buf[EVP_MAX_MD_SIZE];
+
+ j=EVP_MD_block_size(ctx->md);
+
+ EVP_DigestFinal(&(ctx->md_ctx),buf,&i);
+ memcpy(&(ctx->md_ctx),&(ctx->o_ctx),sizeof(ctx->o_ctx));
+ EVP_DigestUpdate(&(ctx->md_ctx),buf,i);
+ EVP_DigestFinal(&(ctx->md_ctx),md,len);
+ }
+
+void HMAC_cleanup(ctx)
+HMAC_CTX *ctx;
+ {
+ memset(ctx,0,sizeof(HMAC_CTX));
+ }
+
+unsigned char *HMAC(evp_md,key,key_len,d,n,md,md_len)
+EVP_MD *evp_md;
+unsigned char *key;
+int key_len;
+unsigned char *d;
+int n;
+unsigned char *md;
+unsigned int *md_len;
+ {
+ HMAC_CTX c;
+ static unsigned char m[EVP_MAX_MD_SIZE];
+
+ if (md == NULL) md=m;
+ HMAC_Init(&c,key,key_len,evp_md);
+ HMAC_Update(&c,d,n);
+ HMAC_Final(&c,md,md_len);
+ HMAC_cleanup(&c);
+ return(md);
+ }
+
diff --git a/src/lib/libssl/src/crypto/hmac/hmac.h b/src/lib/libssl/src/crypto/hmac/hmac.h
new file mode 100644
index 0000000000..e6b43f52c4
--- /dev/null
+++ b/src/lib/libssl/src/crypto/hmac/hmac.h
@@ -0,0 +1,106 @@
+/* crypto/hmac/hmac.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#ifndef HEADER_HMAC_H
+#define HEADER_HMAC_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include "evp.h"
+
+#define HMAC_MAX_MD_CBLOCK 64
+
+typedef struct hmac_ctx_st
+ {
+ EVP_MD *md;
+ EVP_MD_CTX md_ctx;
+ EVP_MD_CTX i_ctx;
+ EVP_MD_CTX o_ctx;
+ unsigned int key_length;
+ unsigned char key[HMAC_MAX_MD_CBLOCK];
+ } HMAC_CTX;
+
+#define HMAC_size(e) (EVP_MD_size((e)->md))
+
+#ifndef NOPROTO
+
+void HMAC_Init(HMAC_CTX *ctx, unsigned char *key, int len,
+ EVP_MD *md);
+void HMAC_Update(HMAC_CTX *ctx,unsigned char *key, int len);
+void HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
+void HMAC_cleanup(HMAC_CTX *ctx);
+unsigned char *HMAC(EVP_MD *evp_md, unsigned char *key, int key_len,
+ unsigned char *d, int n, unsigned char *md, unsigned int *md_len);
+
+
+#else
+
+void HMAC_Init();
+void HMAC_Update();
+void HMAC_Final();
+void HMAC_cleanup();
+unsigned char *HMAC();
+
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/src/lib/libssl/src/crypto/hmac/hmactest.c b/src/lib/libssl/src/crypto/hmac/hmactest.c
new file mode 100644
index 0000000000..5938e375dc
--- /dev/null
+++ b/src/lib/libssl/src/crypto/hmac/hmactest.c
@@ -0,0 +1,147 @@
+/* crypto/hmac/hmactest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include "hmac.h"
+
+struct test_st
+ {
+ unsigned char key[16];
+ int key_len;
+ unsigned char data[64];
+ int data_len;
+ unsigned char *digest;
+ } test[4]={
+ { "",
+ 0,
+ "More text test vectors to stuff up EBCDIC machines :-)",
+ 54,
+ (unsigned char *)"e9139d1e6ee064ef8cf514fc7dc83e86",
+ },{ {0x0b,0x0b,0x0b,0x0b,0x0b,0x0b,0x0b,0x0b,
+ 0x0b,0x0b,0x0b,0x0b,0x0b,0x0b,0x0b,0x0b,},
+ 16,
+ "Hi There",
+ 8,
+ (unsigned char *)"9294727a3638bb1c13f48ef8158bfc9d",
+ },{ "Jefe",
+ 4,
+ "what do ya want for nothing?",
+ 28,
+ (unsigned char *)"750c783e6ab0b503eaa86e310a5db738",
+ },{
+ {0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,
+ 0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,0xaa,},
+ 16,
+ {0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,
+ 0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,
+ 0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,
+ 0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,
+ 0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,
+ 0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,0xdd,
+ 0xdd,0xdd},
+ 50,
+ (unsigned char *)"56be34521d144c88dbb8c733f0e8b3f6",
+ },
+ };
+
+
+#ifndef NOPROTO
+static char *pt(unsigned char *md);
+#else
+static char *pt();
+#endif
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ int i,err=0;
+ char *p;
+
+ for (i=0; i<4; i++)
+ {
+ p=pt(HMAC(EVP_md5(),
+ test[i].key, test[i].key_len,
+ test[i].data, test[i].data_len,
+ NULL,NULL));
+
+ if (strcmp(p,(char *)test[i].digest) != 0)
+ {
+ printf("error calculating HMAC on %d entry'\n",i);
+ printf("got %s instead of %s\n",p,test[i].digest);
+ err++;
+ }
+ else
+ printf("test %d ok\n",i);
+ }
+ exit(err);
+ return(0);
+ }
+
+static char *pt(md)
+unsigned char *md;
+ {
+ int i;
+ static char buf[80];
+
+ for (i=0; i<MD5_DIGEST_LENGTH; i++)
+ sprintf(&(buf[i*2]),"%02x",md[i]);
+ return(buf);
+ }
diff --git a/src/lib/libssl/src/crypto/lhash/lh_stats.c b/src/lib/libssl/src/crypto/lhash/lh_stats.c
new file mode 100644
index 0000000000..23fe82f777
--- /dev/null
+++ b/src/lib/libssl/src/crypto/lhash/lh_stats.c
@@ -0,0 +1,289 @@
+/* crypto/lhash/lh_stats.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+/* If you wish to build this outside of SSLeay, remove the following lines
+ * and things should work as expected */
+#include "cryptlib.h"
+
+#include "lhash.h"
+
+#ifndef HEADER_BIO_H
+
+void lh_stats(lh, out)
+LHASH *lh;
+FILE *out;
+ {
+ fprintf(out,"num_items = %lu\n",lh->num_items);
+ fprintf(out,"num_nodes = %u\n",lh->num_nodes);
+ fprintf(out,"num_alloc_nodes = %u\n",lh->num_alloc_nodes);
+ fprintf(out,"num_expands = %lu\n",lh->num_expands);
+ fprintf(out,"num_expand_reallocs = %lu\n",lh->num_expand_reallocs);
+ fprintf(out,"num_contracts = %lu\n",lh->num_contracts);
+ fprintf(out,"num_contract_reallocs = %lu\n",lh->num_contract_reallocs);
+ fprintf(out,"num_hash_calls = %lu\n",lh->num_hash_calls);
+ fprintf(out,"num_comp_calls = %lu\n",lh->num_comp_calls);
+ fprintf(out,"num_insert = %lu\n",lh->num_insert);
+ fprintf(out,"num_replace = %lu\n",lh->num_replace);
+ fprintf(out,"num_delete = %lu\n",lh->num_delete);
+ fprintf(out,"num_no_delete = %lu\n",lh->num_no_delete);
+ fprintf(out,"num_retrieve = %lu\n",lh->num_retrieve);
+ fprintf(out,"num_retrieve_miss = %lu\n",lh->num_retrieve_miss);
+ fprintf(out,"num_hash_comps = %lu\n",lh->num_hash_comps);
+#ifdef DEBUG
+ fprintf(out,"p = %u\n",lh->p);
+ fprintf(out,"pmax = %u\n",lh->pmax);
+ fprintf(out,"up_load = %lu\n",lh->up_load);
+ fprintf(out,"down_load = %lu\n",lh->down_load);
+#endif
+ }
+
+void lh_node_stats(lh, out)
+LHASH *lh;
+FILE *out;
+ {
+ LHASH_NODE *n;
+ unsigned int i,num;
+
+ for (i=0; i<lh->num_nodes; i++)
+ {
+ for (n=lh->b[i],num=0; n != NULL; n=n->next)
+ num++;
+ fprintf(out,"node %6u -> %3u\n",i,num);
+ }
+ }
+
+void lh_node_usage_stats(lh, out)
+LHASH *lh;
+FILE *out;
+ {
+ LHASH_NODE *n;
+ unsigned long num;
+ unsigned int i;
+ unsigned long total=0,n_used=0;
+
+ for (i=0; i<lh->num_nodes; i++)
+ {
+ for (n=lh->b[i],num=0; n != NULL; n=n->next)
+ num++;
+ if (num != 0)
+ {
+ n_used++;
+ total+=num;
+ }
+ }
+ fprintf(out,"%lu nodes used out of %u\n",n_used,lh->num_nodes);
+ fprintf(out,"%lu items\n",total);
+ if (n_used == 0) return;
+ fprintf(out,"load %d.%02d actual load %d.%02d\n",
+ (int)(total/lh->num_nodes),
+ (int)((total%lh->num_nodes)*100/lh->num_nodes),
+ (int)(total/n_used),
+ (int)((total%n_used)*100/n_used));
+ }
+
+#else
+
+#ifndef NO_FP_API
+void lh_stats(lh,fp)
+LHASH *lh;
+FILE *fp;
+ {
+ BIO *bp;
+
+ bp=BIO_new(BIO_s_file());
+ if (bp == NULL) goto end;
+ BIO_set_fp(bp,fp,BIO_NOCLOSE);
+ lh_stats_bio(lh,bp);
+ BIO_free(bp);
+end:;
+ }
+
+void lh_node_stats(lh,fp)
+LHASH *lh;
+FILE *fp;
+ {
+ BIO *bp;
+
+ bp=BIO_new(BIO_s_file());
+ if (bp == NULL) goto end;
+ BIO_set_fp(bp,fp,BIO_NOCLOSE);
+ lh_node_stats_bio(lh,bp);
+ BIO_free(bp);
+end:;
+ }
+
+void lh_node_usage_stats(lh,fp)
+LHASH *lh;
+FILE *fp;
+ {
+ BIO *bp;
+
+ bp=BIO_new(BIO_s_file());
+ if (bp == NULL) goto end;
+ BIO_set_fp(bp,fp,BIO_NOCLOSE);
+ lh_node_usage_stats_bio(lh,bp);
+ BIO_free(bp);
+end:;
+ }
+
+#endif
+
+void lh_stats_bio(lh, out)
+LHASH *lh;
+BIO *out;
+ {
+ char buf[128];
+
+ sprintf(buf,"num_items = %lu\n",lh->num_items);
+ BIO_puts(out,buf);
+ sprintf(buf,"num_nodes = %u\n",lh->num_nodes);
+ BIO_puts(out,buf);
+ sprintf(buf,"num_alloc_nodes = %u\n",lh->num_alloc_nodes);
+ BIO_puts(out,buf);
+ sprintf(buf,"num_expands = %lu\n",lh->num_expands);
+ BIO_puts(out,buf);
+ sprintf(buf,"num_expand_reallocs = %lu\n",lh->num_expand_reallocs);
+ BIO_puts(out,buf);
+ sprintf(buf,"num_contracts = %lu\n",lh->num_contracts);
+ BIO_puts(out,buf);
+ sprintf(buf,"num_contract_reallocs = %lu\n",lh->num_contract_reallocs);
+ BIO_puts(out,buf);
+ sprintf(buf,"num_hash_calls = %lu\n",lh->num_hash_calls);
+ BIO_puts(out,buf);
+ sprintf(buf,"num_comp_calls = %lu\n",lh->num_comp_calls);
+ BIO_puts(out,buf);
+ sprintf(buf,"num_insert = %lu\n",lh->num_insert);
+ BIO_puts(out,buf);
+ sprintf(buf,"num_replace = %lu\n",lh->num_replace);
+ BIO_puts(out,buf);
+ sprintf(buf,"num_delete = %lu\n",lh->num_delete);
+ BIO_puts(out,buf);
+ sprintf(buf,"num_no_delete = %lu\n",lh->num_no_delete);
+ BIO_puts(out,buf);
+ sprintf(buf,"num_retrieve = %lu\n",lh->num_retrieve);
+ BIO_puts(out,buf);
+ sprintf(buf,"num_retrieve_miss = %lu\n",lh->num_retrieve_miss);
+ BIO_puts(out,buf);
+ sprintf(buf,"num_hash_comps = %lu\n",lh->num_hash_comps);
+ BIO_puts(out,buf);
+#ifdef DEBUG
+ sprintf(buf,"p = %u\n",lh->p);
+ BIO_puts(out,buf);
+ sprintf(buf,"pmax = %u\n",lh->pmax);
+ BIO_puts(out,buf);
+ sprintf(buf,"up_load = %lu\n",lh->up_load);
+ BIO_puts(out,buf);
+ sprintf(buf,"down_load = %lu\n",lh->down_load);
+ BIO_puts(out,buf);
+#endif
+ }
+
+void lh_node_stats_bio(lh, out)
+LHASH *lh;
+BIO *out;
+ {
+ LHASH_NODE *n;
+ unsigned int i,num;
+ char buf[128];
+
+ for (i=0; i<lh->num_nodes; i++)
+ {
+ for (n=lh->b[i],num=0; n != NULL; n=n->next)
+ num++;
+ sprintf(buf,"node %6u -> %3u\n",i,num);
+ BIO_puts(out,buf);
+ }
+ }
+
+void lh_node_usage_stats_bio(lh, out)
+LHASH *lh;
+BIO *out;
+ {
+ LHASH_NODE *n;
+ unsigned long num;
+ unsigned int i;
+ unsigned long total=0,n_used=0;
+ char buf[128];
+
+ for (i=0; i<lh->num_nodes; i++)
+ {
+ for (n=lh->b[i],num=0; n != NULL; n=n->next)
+ num++;
+ if (num != 0)
+ {
+ n_used++;
+ total+=num;
+ }
+ }
+ sprintf(buf,"%lu nodes used out of %u\n",n_used,lh->num_nodes);
+ BIO_puts(out,buf);
+ sprintf(buf,"%lu items\n",total);
+ BIO_puts(out,buf);
+ if (n_used == 0) return;
+ sprintf(buf,"load %d.%02d actual load %d.%02d\n",
+ (int)(total/lh->num_nodes),
+ (int)((total%lh->num_nodes)*100/lh->num_nodes),
+ (int)(total/n_used),
+ (int)((total%n_used)*100/n_used));
+ BIO_puts(out,buf);
+ }
+
+#endif
diff --git a/src/lib/libssl/src/crypto/lhash/lh_test.c b/src/lib/libssl/src/crypto/lhash/lh_test.c
new file mode 100644
index 0000000000..294b42bc82
--- /dev/null
+++ b/src/lib/libssl/src/crypto/lhash/lh_test.c
@@ -0,0 +1,89 @@
+/* crypto/lhash/lh_test.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "lhash.h"
+
+main()
+ {
+ LHASH *conf;
+ char buf[256];
+ int i;
+
+ conf=lh_new(lh_strhash,strcmp);
+ for (;;)
+ {
+ char *p;
+
+ buf[0]='\0';
+ fgets(buf,256,stdin);
+ if (buf[0] == '\0') break;
+ buf[256]='\0';
+ i=strlen(buf);
+ p=Malloc(i+1);
+ memcpy(p,buf,i+1);
+ lh_insert(conf,p);
+ }
+
+ lh_node_stats(conf,stdout);
+ lh_stats(conf,stdout);
+ lh_node_usage_stats(conf,stdout);
+ exit(0);
+ }
diff --git a/src/lib/libssl/src/crypto/lhash/lhash.c b/src/lib/libssl/src/crypto/lhash/lhash.c
new file mode 100644
index 0000000000..6dfb5c9ccc
--- /dev/null
+++ b/src/lib/libssl/src/crypto/lhash/lhash.c
@@ -0,0 +1,489 @@
+/* crypto/lhash/lhash.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+char *lh_version="lhash part of SSLeay 0.9.0b 29-Jun-1998";
+
+/* Code for dynamic hash table routines
+ * Author - Eric Young v 2.0
+ *
+ * 2.0 eay - Fixed a bug that occured when using lh_delete
+ * from inside lh_doall(). As entries were deleted,
+ * the 'table' was 'contract()ed', making some entries
+ * jump from the end of the table to the start, there by
+ * skiping the lh_doall() processing. eay - 4/12/95
+ *
+ * 1.9 eay - Fixed a memory leak in lh_free, the LHASH_NODEs
+ * were not being free()ed. 21/11/95
+ *
+ * 1.8 eay - Put the stats routines into a separate file, lh_stats.c
+ * 19/09/95
+ *
+ * 1.7 eay - Removed the fputs() for realloc failures - the code
+ * should silently tolerate them. I have also fixed things
+ * lint complained about 04/05/95
+ *
+ * 1.6 eay - Fixed an invalid pointers in contract/expand 27/07/92
+ *
+ * 1.5 eay - Fixed a misuse of realloc in expand 02/03/1992
+ *
+ * 1.4 eay - Fixed lh_doall so the function can call lh_delete 28/05/91
+ *
+ * 1.3 eay - Fixed a few lint problems 19/3/1991
+ *
+ * 1.2 eay - Fixed lh_doall problem 13/3/1991
+ *
+ * 1.1 eay - Added lh_doall
+ *
+ * 1.0 eay - First version
+ */
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include "lhash.h"
+
+#undef MIN_NODES
+#define MIN_NODES 16
+#define UP_LOAD (2*LH_LOAD_MULT) /* load times 256 (default 2) */
+#define DOWN_LOAD (LH_LOAD_MULT) /* load times 256 (default 1) */
+
+#ifndef NOPROTO
+
+#define P_CP char *
+#define P_CPP char *,char *
+static void expand(LHASH *lh);
+static void contract(LHASH *lh);
+static LHASH_NODE **getrn(LHASH *lh, char *data, unsigned long *rhash);
+
+#else
+
+#define P_CP
+#define P_CPP
+static void expand();
+static void contract();
+static LHASH_NODE **getrn();
+
+#endif
+
+LHASH *lh_new(h, c)
+unsigned long (*h)();
+int (*c)();
+ {
+ LHASH *ret;
+ int i;
+
+ if ((ret=(LHASH *)malloc(sizeof(LHASH))) == NULL)
+ goto err0;
+ if ((ret->b=(LHASH_NODE **)malloc(sizeof(LHASH_NODE *)*MIN_NODES)) == NULL)
+ goto err1;
+ for (i=0; i<MIN_NODES; i++)
+ ret->b[i]=NULL;
+ ret->comp=((c == NULL)?(int (*)())strcmp:c);
+ ret->hash=((h == NULL)?(unsigned long (*)())lh_strhash:h);
+ ret->num_nodes=MIN_NODES/2;
+ ret->num_alloc_nodes=MIN_NODES;
+ ret->p=0;
+ ret->pmax=MIN_NODES/2;
+ ret->up_load=UP_LOAD;
+ ret->down_load=DOWN_LOAD;
+ ret->num_items=0;
+
+ ret->num_expands=0;
+ ret->num_expand_reallocs=0;
+ ret->num_contracts=0;
+ ret->num_contract_reallocs=0;
+ ret->num_hash_calls=0;
+ ret->num_comp_calls=0;
+ ret->num_insert=0;
+ ret->num_replace=0;
+ ret->num_delete=0;
+ ret->num_no_delete=0;
+ ret->num_retrieve=0;
+ ret->num_retrieve_miss=0;
+ ret->num_hash_comps=0;
+
+ return(ret);
+err1:
+ free((char *)ret);
+err0:
+ return(NULL);
+ }
+
+void lh_free(lh)
+LHASH *lh;
+ {
+ unsigned int i;
+ LHASH_NODE *n,*nn;
+
+ for (i=0; i<lh->num_nodes; i++)
+ {
+ n=lh->b[i];
+ while (n != NULL)
+ {
+ nn=n->next;
+ free(n);
+ n=nn;
+ }
+ }
+ free((char *)lh->b);
+ free((char *)lh);
+ }
+
+char *lh_insert(lh, data)
+LHASH *lh;
+char *data;
+ {
+ unsigned long hash;
+ LHASH_NODE *nn,**rn;
+ char *ret;
+
+ if (lh->up_load <= (lh->num_items*LH_LOAD_MULT/lh->num_nodes))
+ expand(lh);
+
+ rn=getrn(lh,data,&hash);
+
+ if (*rn == NULL)
+ {
+ if ((nn=(LHASH_NODE *)malloc(sizeof(LHASH_NODE))) == NULL)
+ return(NULL);
+ nn->data=data;
+ nn->next=NULL;
+#ifndef NO_HASH_COMP
+ nn->hash=hash;
+#endif
+ *rn=nn;
+ ret=NULL;
+ lh->num_insert++;
+ lh->num_items++;
+ }
+ else /* replace same key */
+ {
+ ret= (*rn)->data;
+ (*rn)->data=data;
+ lh->num_replace++;
+ }
+ return(ret);
+ }
+
+char *lh_delete(lh, data)
+LHASH *lh;
+char *data;
+ {
+ unsigned long hash;
+ LHASH_NODE *nn,**rn;
+ char *ret;
+
+ rn=getrn(lh,data,&hash);
+
+ if (*rn == NULL)
+ {
+ lh->num_no_delete++;
+ return(NULL);
+ }
+ else
+ {
+ nn= *rn;
+ *rn=nn->next;
+ ret=nn->data;
+ free((char *)nn);
+ lh->num_delete++;
+ }
+
+ lh->num_items--;
+ if ((lh->num_nodes > MIN_NODES) &&
+ (lh->down_load >= (lh->num_items*LH_LOAD_MULT/lh->num_nodes)))
+ contract(lh);
+
+ return(ret);
+ }
+
+char *lh_retrieve(lh, data)
+LHASH *lh;
+char *data;
+ {
+ unsigned long hash;
+ LHASH_NODE **rn;
+ char *ret;
+
+ rn=getrn(lh,data,&hash);
+
+ if (*rn == NULL)
+ {
+ lh->num_retrieve_miss++;
+ return(NULL);
+ }
+ else
+ {
+ ret= (*rn)->data;
+ lh->num_retrieve++;
+ }
+ return(ret);
+ }
+
+void lh_doall(lh, func)
+LHASH *lh;
+void (*func)();
+ {
+ lh_doall_arg(lh,func,NULL);
+ }
+
+void lh_doall_arg(lh, func, arg)
+LHASH *lh;
+void (*func)();
+char *arg;
+ {
+ int i;
+ LHASH_NODE *a,*n;
+
+ /* reverse the order so we search from 'top to bottom'
+ * We were having memory leaks otherwise */
+ for (i=lh->num_nodes-1; i>=0; i--)
+ {
+ a=lh->b[i];
+ while (a != NULL)
+ {
+ /* 28/05/91 - eay - n added so items can be deleted
+ * via lh_doall */
+ n=a->next;
+ func(a->data,arg);
+ a=n;
+ }
+ }
+ }
+
+static void expand(lh)
+LHASH *lh;
+ {
+ LHASH_NODE **n,**n1,**n2,*np;
+ unsigned int p,i,j;
+ unsigned long hash,nni;
+
+ lh->num_nodes++;
+ lh->num_expands++;
+ p=(int)lh->p++;
+ n1= &(lh->b[p]);
+ n2= &(lh->b[p+(int)lh->pmax]);
+ *n2=NULL; /* 27/07/92 - eay - undefined pointer bug */
+ nni=lh->num_alloc_nodes;
+
+ for (np= *n1; np != NULL; )
+ {
+#ifndef NO_HASH_COMP
+ hash=np->hash;
+#else
+ hash=(*(lh->hash))(np->data);
+ lh->num_hash_calls++;
+#endif
+ if ((hash%nni) != p)
+ { /* move it */
+ *n1= (*n1)->next;
+ np->next= *n2;
+ *n2=np;
+ }
+ else
+ n1= &((*n1)->next);
+ np= *n1;
+ }
+
+ if ((lh->p) >= lh->pmax)
+ {
+ j=(int)lh->num_alloc_nodes*2;
+ n=(LHASH_NODE **)realloc((char *)lh->b,
+ (unsigned int)sizeof(LHASH_NODE *)*j);
+ if (n == NULL)
+ {
+/* fputs("realloc error in lhash",stderr); */
+ lh->p=0;
+ return;
+ }
+ /* else */
+ for (i=(int)lh->num_alloc_nodes; i<j; i++)/* 26/02/92 eay */
+ n[i]=NULL; /* 02/03/92 eay */
+ lh->pmax=lh->num_alloc_nodes;
+ lh->num_alloc_nodes=j;
+ lh->num_expand_reallocs++;
+ lh->p=0;
+ lh->b=n;
+ }
+ }
+
+static void contract(lh)
+LHASH *lh;
+ {
+ LHASH_NODE **n,*n1,*np;
+
+ np=lh->b[lh->p+lh->pmax-1];
+ lh->b[lh->p+lh->pmax-1]=NULL; /* 24/07-92 - eay - weird but :-( */
+ if (lh->p == 0)
+ {
+ n=(LHASH_NODE **)realloc((char *)lh->b,
+ (unsigned int)(sizeof(LHASH_NODE *)*lh->pmax));
+ if (n == NULL)
+ {
+/* fputs("realloc error in lhash",stderr); */
+ return;
+ }
+ lh->num_contract_reallocs++;
+ lh->num_alloc_nodes/=2;
+ lh->pmax/=2;
+ lh->p=lh->pmax-1;
+ lh->b=n;
+ }
+ else
+ lh->p--;
+
+ lh->num_nodes--;
+ lh->num_contracts++;
+
+ n1=lh->b[(int)lh->p];
+ if (n1 == NULL)
+ lh->b[(int)lh->p]=np;
+ else
+ {
+ while (n1->next != NULL)
+ n1=n1->next;
+ n1->next=np;
+ }
+ }
+
+static LHASH_NODE **getrn(lh, data, rhash)
+LHASH *lh;
+char *data;
+unsigned long *rhash;
+ {
+ LHASH_NODE **ret,*n1;
+ unsigned long hash,nn;
+ int (*cf)();
+
+ hash=(*(lh->hash))(data);
+ lh->num_hash_calls++;
+ *rhash=hash;
+
+ nn=hash%lh->pmax;
+ if (nn < lh->p)
+ nn=hash%lh->num_alloc_nodes;
+
+ cf=lh->comp;
+ ret= &(lh->b[(int)nn]);
+ for (n1= *ret; n1 != NULL; n1=n1->next)
+ {
+#ifndef NO_HASH_COMP
+ lh->num_hash_comps++;
+ if (n1->hash != hash)
+ {
+ ret= &(n1->next);
+ continue;
+ }
+#endif
+ lh->num_comp_calls++;
+ if ((*cf)(n1->data,data) == 0)
+ break;
+ ret= &(n1->next);
+ }
+ return(ret);
+ }
+
+/*
+static unsigned long lh_strhash(str)
+char *str;
+ {
+ int i,l;
+ unsigned long ret=0;
+ unsigned short *s;
+
+ if (str == NULL) return(0);
+ l=(strlen(str)+1)/2;
+ s=(unsigned short *)str;
+ for (i=0; i<l; i++)
+ ret^=(s[i]<<(i&0x0f));
+ return(ret);
+ } */
+
+/* The following hash seems to work very well on normal text strings
+ * no collisions on /usr/dict/words and it distributes on %2^n quite
+ * well, not as good as MD5, but still good.
+ */
+unsigned long lh_strhash(c)
+char *c;
+ {
+ unsigned long ret=0;
+ long n;
+ unsigned long v;
+ int r;
+
+ if ((c == NULL) || (*c == '\0'))
+ return(ret);
+/*
+ unsigned char b[16];
+ MD5(c,strlen(c),b);
+ return(b[0]|(b[1]<<8)|(b[2]<<16)|(b[3]<<24));
+*/
+
+ n=0x100;
+ while (*c)
+ {
+ v=n|(*c);
+ n+=0x100;
+ r= (int)((v>>2)^v)&0x0f;
+ ret=(ret<<r)|(ret>>(32-r));
+ ret&=0xFFFFFFFFL;
+ ret^=v*v;
+ c++;
+ }
+ return((ret>>16)^ret);
+ }
+
diff --git a/src/lib/libssl/src/crypto/lhash/lhash.h b/src/lib/libssl/src/crypto/lhash/lhash.h
new file mode 100644
index 0000000000..70cbc6dfe7
--- /dev/null
+++ b/src/lib/libssl/src/crypto/lhash/lhash.h
@@ -0,0 +1,155 @@
+/* crypto/lhash/lhash.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* Header for dynamic hash table routines
+ * Author - Eric Young
+ */
+
+#ifndef HEADER_LHASH_H
+#define HEADER_LHASH_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef struct lhash_node_st
+ {
+ char *data;
+ struct lhash_node_st *next;
+#ifndef NO_HASH_COMP
+ unsigned long hash;
+#endif
+ } LHASH_NODE;
+
+typedef struct lhash_st
+ {
+ LHASH_NODE **b;
+ int (*comp)();
+ unsigned long (*hash)();
+ unsigned int num_nodes;
+ unsigned int num_alloc_nodes;
+ unsigned int p;
+ unsigned int pmax;
+ unsigned long up_load; /* load times 256 */
+ unsigned long down_load; /* load times 256 */
+ unsigned long num_items;
+
+ unsigned long num_expands;
+ unsigned long num_expand_reallocs;
+ unsigned long num_contracts;
+ unsigned long num_contract_reallocs;
+ unsigned long num_hash_calls;
+ unsigned long num_comp_calls;
+ unsigned long num_insert;
+ unsigned long num_replace;
+ unsigned long num_delete;
+ unsigned long num_no_delete;
+ unsigned long num_retrieve;
+ unsigned long num_retrieve_miss;
+ unsigned long num_hash_comps;
+ } LHASH;
+
+#define LH_LOAD_MULT 256
+
+#ifndef NOPROTO
+LHASH *lh_new(unsigned long (*h)(), int (*c)());
+void lh_free(LHASH *lh);
+char *lh_insert(LHASH *lh, char *data);
+char *lh_delete(LHASH *lh, char *data);
+char *lh_retrieve(LHASH *lh, char *data);
+void lh_doall(LHASH *lh, void (*func)(/* char *b */));
+void lh_doall_arg(LHASH *lh, void (*func)(/*char *a,char *b*/),char *arg);
+unsigned long lh_strhash(char *c);
+
+#ifndef NO_FP_API
+void lh_stats(LHASH *lh, FILE *out);
+void lh_node_stats(LHASH *lh, FILE *out);
+void lh_node_usage_stats(LHASH *lh, FILE *out);
+#endif
+
+#ifdef HEADER_BIO_H
+void lh_stats_bio(LHASH *lh, BIO *out);
+void lh_node_stats_bio(LHASH *lh, BIO *out);
+void lh_node_usage_stats_bio(LHASH *lh, BIO *out);
+#endif
+#else
+LHASH *lh_new();
+void lh_free();
+char *lh_insert();
+char *lh_delete();
+char *lh_retrieve();
+void lh_doall();
+void lh_doall_arg();
+unsigned long lh_strhash();
+
+#ifndef NO_FP_API
+void lh_stats();
+void lh_node_stats();
+void lh_node_usage_stats();
+#endif
+void lh_stats_bio();
+void lh_node_stats_bio();
+void lh_node_usage_stats_bio();
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
+
diff --git a/src/lib/libssl/src/crypto/lhash/num.pl b/src/lib/libssl/src/crypto/lhash/num.pl
new file mode 100644
index 0000000000..4d937c1f90
--- /dev/null
+++ b/src/lib/libssl/src/crypto/lhash/num.pl
@@ -0,0 +1,17 @@
+#!/usr/bin/perl
+
+#node 10 -> 4
+
+while (<>)
+ {
+ next unless /^node/;
+ chop;
+ @a=split;
+ $num{$a[3]}++;
+ }
+
+@a=sort {$a <=> $b } keys %num;
+foreach (0 .. $a[$#a])
+ {
+ printf "%4d:%4d\n",$_,$num{$_};
+ }
diff --git a/src/lib/libssl/src/crypto/md2/md2.c b/src/lib/libssl/src/crypto/md2/md2.c
new file mode 100644
index 0000000000..7f3ab64a43
--- /dev/null
+++ b/src/lib/libssl/src/crypto/md2/md2.c
@@ -0,0 +1,136 @@
+/* crypto/md2/md2.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "md2.h"
+
+#define BUFSIZE 1024*16
+
+#ifndef NOPROTO
+void do_fp(FILE *f);
+void pt(unsigned char *md);
+int read(int, void *, unsigned int);
+void exit(int);
+#else
+void do_fp();
+void pt();
+int read();
+void exit();
+#endif
+
+int main(argc, argv)
+int argc;
+char *argv[];
+ {
+ int i,err=0;
+ FILE *IN;
+
+ if (argc == 1)
+ {
+ do_fp(stdin);
+ }
+ else
+ {
+ for (i=1; i<argc; i++)
+ {
+ IN=fopen(argv[i],"r");
+ if (IN == NULL)
+ {
+ perror(argv[i]);
+ err++;
+ continue;
+ }
+ printf("MD2(%s)= ",argv[i]);
+ do_fp(IN);
+ fclose(IN);
+ }
+ }
+ exit(err);
+ return(err);
+ }
+
+void do_fp(f)
+FILE *f;
+ {
+ MD2_CTX c;
+ unsigned char md[MD2_DIGEST_LENGTH];
+ int fd,i;
+ static unsigned char buf[BUFSIZE];
+
+ fd=fileno(f);
+ MD2_Init(&c);
+ for (;;)
+ {
+ i=read(fd,buf,BUFSIZE);
+ if (i <= 0) break;
+ MD2_Update(&c,buf,(unsigned long)i);
+ }
+ MD2_Final(&(md[0]),&c);
+ pt(md);
+ }
+
+void pt(md)
+unsigned char *md;
+ {
+ int i;
+
+ for (i=0; i<MD2_DIGEST_LENGTH; i++)
+ printf("%02x",md[i]);
+ printf("\n");
+ }
diff --git a/src/lib/libssl/src/crypto/md2/md2_dgst.c b/src/lib/libssl/src/crypto/md2/md2_dgst.c
new file mode 100644
index 0000000000..5cbd36f3fe
--- /dev/null
+++ b/src/lib/libssl/src/crypto/md2/md2_dgst.c
@@ -0,0 +1,235 @@
+/* crypto/md2/md2_dgst.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "md2.h"
+
+char *MD2_version="MD2 part of SSLeay 0.9.0b 29-Jun-1998";
+
+/* Implemented from RFC1319 The MD2 Message-Digest Algorithm
+ */
+
+#define UCHAR unsigned char
+
+#ifndef NOPROTO
+static void md2_block(MD2_CTX *c, unsigned char *d);
+#else
+static void md2_block();
+#endif
+
+/* The magic S table - I have converted it to hex since it is
+ * basicaly just a random byte string. */
+static MD2_INT S[256]={
+ 0x29, 0x2E, 0x43, 0xC9, 0xA2, 0xD8, 0x7C, 0x01,
+ 0x3D, 0x36, 0x54, 0xA1, 0xEC, 0xF0, 0x06, 0x13,
+ 0x62, 0xA7, 0x05, 0xF3, 0xC0, 0xC7, 0x73, 0x8C,
+ 0x98, 0x93, 0x2B, 0xD9, 0xBC, 0x4C, 0x82, 0xCA,
+ 0x1E, 0x9B, 0x57, 0x3C, 0xFD, 0xD4, 0xE0, 0x16,
+ 0x67, 0x42, 0x6F, 0x18, 0x8A, 0x17, 0xE5, 0x12,
+ 0xBE, 0x4E, 0xC4, 0xD6, 0xDA, 0x9E, 0xDE, 0x49,
+ 0xA0, 0xFB, 0xF5, 0x8E, 0xBB, 0x2F, 0xEE, 0x7A,
+ 0xA9, 0x68, 0x79, 0x91, 0x15, 0xB2, 0x07, 0x3F,
+ 0x94, 0xC2, 0x10, 0x89, 0x0B, 0x22, 0x5F, 0x21,
+ 0x80, 0x7F, 0x5D, 0x9A, 0x5A, 0x90, 0x32, 0x27,
+ 0x35, 0x3E, 0xCC, 0xE7, 0xBF, 0xF7, 0x97, 0x03,
+ 0xFF, 0x19, 0x30, 0xB3, 0x48, 0xA5, 0xB5, 0xD1,
+ 0xD7, 0x5E, 0x92, 0x2A, 0xAC, 0x56, 0xAA, 0xC6,
+ 0x4F, 0xB8, 0x38, 0xD2, 0x96, 0xA4, 0x7D, 0xB6,
+ 0x76, 0xFC, 0x6B, 0xE2, 0x9C, 0x74, 0x04, 0xF1,
+ 0x45, 0x9D, 0x70, 0x59, 0x64, 0x71, 0x87, 0x20,
+ 0x86, 0x5B, 0xCF, 0x65, 0xE6, 0x2D, 0xA8, 0x02,
+ 0x1B, 0x60, 0x25, 0xAD, 0xAE, 0xB0, 0xB9, 0xF6,
+ 0x1C, 0x46, 0x61, 0x69, 0x34, 0x40, 0x7E, 0x0F,
+ 0x55, 0x47, 0xA3, 0x23, 0xDD, 0x51, 0xAF, 0x3A,
+ 0xC3, 0x5C, 0xF9, 0xCE, 0xBA, 0xC5, 0xEA, 0x26,
+ 0x2C, 0x53, 0x0D, 0x6E, 0x85, 0x28, 0x84, 0x09,
+ 0xD3, 0xDF, 0xCD, 0xF4, 0x41, 0x81, 0x4D, 0x52,
+ 0x6A, 0xDC, 0x37, 0xC8, 0x6C, 0xC1, 0xAB, 0xFA,
+ 0x24, 0xE1, 0x7B, 0x08, 0x0C, 0xBD, 0xB1, 0x4A,
+ 0x78, 0x88, 0x95, 0x8B, 0xE3, 0x63, 0xE8, 0x6D,
+ 0xE9, 0xCB, 0xD5, 0xFE, 0x3B, 0x00, 0x1D, 0x39,
+ 0xF2, 0xEF, 0xB7, 0x0E, 0x66, 0x58, 0xD0, 0xE4,
+ 0xA6, 0x77, 0x72, 0xF8, 0xEB, 0x75, 0x4B, 0x0A,
+ 0x31, 0x44, 0x50, 0xB4, 0x8F, 0xED, 0x1F, 0x1A,
+ 0xDB, 0x99, 0x8D, 0x33, 0x9F, 0x11, 0x83, 0x14,
+ };
+
+char *MD2_options()
+ {
+ if (sizeof(MD2_INT) == 1)
+ return("md2(char)");
+ else
+ return("md2(int)");
+ }
+
+void MD2_Init(c)
+MD2_CTX *c;
+ {
+ c->num=0;
+ memset(c->state,0,MD2_BLOCK*sizeof(MD2_INT));
+ memset(c->cksm,0,MD2_BLOCK*sizeof(MD2_INT));
+ memset(c->data,0,MD2_BLOCK);
+ }
+
+void MD2_Update(c, data, len)
+MD2_CTX *c;
+register unsigned char *data;
+unsigned long len;
+ {
+ register UCHAR *p;
+
+ if (len == 0) return;
+
+ p=c->data;
+ if (c->num != 0)
+ {
+ if ((c->num+len) >= MD2_BLOCK)
+ {
+ memcpy(&(p[c->num]),data,MD2_BLOCK-c->num);
+ md2_block(c,c->data);
+ data+=(MD2_BLOCK - c->num);
+ len-=(MD2_BLOCK - c->num);
+ c->num=0;
+ /* drop through and do the rest */
+ }
+ else
+ {
+ memcpy(&(p[c->num]),data,(int)len);
+ /* data+=len; */
+ c->num+=(int)len;
+ return;
+ }
+ }
+ /* we now can process the input data in blocks of MD2_BLOCK
+ * chars and save the leftovers to c->data. */
+ while (len >= MD2_BLOCK)
+ {
+ md2_block(c,data);
+ data+=MD2_BLOCK;
+ len-=MD2_BLOCK;
+ }
+ memcpy(p,data,(int)len);
+ c->num=(int)len;
+ }
+
+static void md2_block(c, d)
+MD2_CTX *c;
+unsigned char *d;
+ {
+ register MD2_INT t,*sp1,*sp2;
+ register int i,j;
+ MD2_INT state[48];
+
+ sp1=c->state;
+ sp2=c->cksm;
+ j=sp2[MD2_BLOCK-1];
+ for (i=0; i<16; i++)
+ {
+ state[i]=sp1[i];
+ state[i+16]=t=d[i];
+ state[i+32]=(t^sp1[i]);
+ j=sp2[i]^=S[t^j];
+ }
+ t=0;
+ for (i=0; i<18; i++)
+ {
+ for (j=0; j<48; j+=8)
+ {
+ t= state[j+ 0]^=S[t];
+ t= state[j+ 1]^=S[t];
+ t= state[j+ 2]^=S[t];
+ t= state[j+ 3]^=S[t];
+ t= state[j+ 4]^=S[t];
+ t= state[j+ 5]^=S[t];
+ t= state[j+ 6]^=S[t];
+ t= state[j+ 7]^=S[t];
+ }
+ t=(t+i)&0xff;
+ }
+ memcpy(sp1,state,16*sizeof(MD2_INT));
+ memset(state,0,48*sizeof(MD2_INT));
+ }
+
+void MD2_Final(md, c)
+unsigned char *md;
+MD2_CTX *c;
+ {
+ int i,v;
+ register UCHAR *cp;
+ register MD2_INT *p1,*p2;
+
+ cp=c->data;
+ p1=c->state;
+ p2=c->cksm;
+ v=MD2_BLOCK-c->num;
+ for (i=c->num; i<MD2_BLOCK; i++)
+ cp[i]=(UCHAR)v;
+
+ md2_block(c,cp);
+
+ for (i=0; i<MD2_BLOCK; i++)
+ cp[i]=(UCHAR)p2[i];
+ md2_block(c,cp);
+
+ for (i=0; i<16; i++)
+ md[i]=(UCHAR)(p1[i]&0xff);
+ memset((char *)&c,0,sizeof(c));
+ }
+
diff --git a/src/lib/libssl/src/crypto/md2/md2_one.c b/src/lib/libssl/src/crypto/md2/md2_one.c
new file mode 100644
index 0000000000..513bf62fdb
--- /dev/null
+++ b/src/lib/libssl/src/crypto/md2/md2_one.c
@@ -0,0 +1,80 @@
+/* crypto/md2/md2_one.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "md2.h"
+
+/* This is a separate file so that #defines in cryptlib.h can
+ * map my MD functions to different names */
+
+unsigned char *MD2(d, n, md)
+unsigned char *d;
+unsigned long n;
+unsigned char *md;
+ {
+ MD2_CTX c;
+ static unsigned char m[MD2_DIGEST_LENGTH];
+
+ if (md == NULL) md=m;
+ MD2_Init(&c);
+ MD2_Update(&c,d,n);
+ MD2_Final(md,&c);
+ memset(&c,0,sizeof(c)); /* Security consideration */
+ return(md);
+ }
diff --git a/src/lib/libssl/src/crypto/md2/md2test.c b/src/lib/libssl/src/crypto/md2/md2test.c
new file mode 100644
index 0000000000..55924d44cd
--- /dev/null
+++ b/src/lib/libssl/src/crypto/md2/md2test.c
@@ -0,0 +1,130 @@
+/* crypto/md2/md2test.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "md2.h"
+
+char *test[]={
+ "",
+ "a",
+ "abc",
+ "message digest",
+ "abcdefghijklmnopqrstuvwxyz",
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
+ "12345678901234567890123456789012345678901234567890123456789012345678901234567890",
+ NULL,
+ };
+
+char *ret[]={
+ "8350e5a3e24c153df2275c9f80692773",
+ "32ec01ec4a6dac72c0ab96fb34c0b5d1",
+ "da853b0d3f88d99b30283a69e6ded6bb",
+ "ab4f496bfb2a530b219ff33031fe06b0",
+ "4e8ddff3650292ab5a4108c3aa47940b",
+ "da33def2a42df13975352846c30338cd",
+ "d5976f79d83d3a0dc9806c3c66f3efd8",
+ };
+
+#ifndef NOPROTO
+static char *pt(unsigned char *md);
+#else
+static char *pt();
+#endif
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ int i,err=0;
+ char **P,**R;
+ char *p;
+
+ P=test;
+ R=ret;
+ i=1;
+ while (*P != NULL)
+ {
+ p=pt(MD2((unsigned char *)*P,(unsigned long)strlen(*P),NULL));
+ if (strcmp(p,*R) != 0)
+ {
+ printf("error calculating MD2 on '%s'\n",*P);
+ printf("got %s instead of %s\n",p,*R);
+ err++;
+ }
+ else
+ printf("test %d ok\n",i);
+ i++;
+ R++;
+ P++;
+ }
+ exit(err);
+ return(0);
+ }
+
+static char *pt(md)
+unsigned char *md;
+ {
+ int i;
+ static char buf[80];
+
+ for (i=0; i<MD2_DIGEST_LENGTH; i++)
+ sprintf(&(buf[i*2]),"%02x",md[i]);
+ return(buf);
+ }
diff --git a/src/lib/libssl/src/crypto/md5/asm/md5-586.pl b/src/lib/libssl/src/crypto/md5/asm/md5-586.pl
new file mode 100644
index 0000000000..2c7fb7dd98
--- /dev/null
+++ b/src/lib/libssl/src/crypto/md5/asm/md5-586.pl
@@ -0,0 +1,304 @@
+#!/usr/bin/perl
+
+# Normal is the
+# md5_block_x86(MD5_CTX *c, ULONG *X);
+# version, non-normal is the
+# md5_block_x86(MD5_CTX *c, ULONG *X,int blocks);
+
+$normal=0;
+
+push(@INC,"perlasm","../../perlasm");
+require "x86asm.pl";
+
+&asm_init($ARGV[0],$0);
+
+$A="eax";
+$B="ebx";
+$C="ecx";
+$D="edx";
+$tmp1="edi";
+$tmp2="ebp";
+$X="esi";
+
+# What we need to load into $tmp for the next round
+%Ltmp1=("R0",&Np($C), "R1",&Np($C), "R2",&Np($C), "R3",&Np($D));
+@xo=(
+ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, # R0
+ 1, 6, 11, 0, 5, 10, 15, 4, 9, 14, 3, 8, 13, 2, 7, 12, # R1
+ 5, 8, 11, 14, 1, 4, 7, 10, 13, 0, 3, 6, 9, 12, 15, 2, # R2
+ 0, 7, 14, 5, 12, 3, 10, 1, 8, 15, 6, 13, 4, 11, 2, 9, # R3
+ );
+
+&md5_block("md5_block_x86");
+&asm_finish();
+
+sub Np
+ {
+ local($p)=@_;
+ local(%n)=($A,$D,$B,$A,$C,$B,$D,$C);
+ return($n{$p});
+ }
+
+sub R0
+ {
+ local($pos,$a,$b,$c,$d,$K,$ki,$s,$t)=@_;
+
+ &mov($tmp1,$C) if $pos < 0;
+ &mov($tmp2,&DWP($xo[$ki]*4,$K,"",0)) if $pos < 0; # very first one
+
+ # body proper
+
+ &comment("R0 $ki");
+ &xor($tmp1,$d); # F function - part 2
+
+ &and($tmp1,$b); # F function - part 3
+ &lea($a,&DWP($t,$a,$tmp2,1));
+
+ &mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0)) if ($pos != 2);
+ &xor($tmp1,$d); # F function - part 4
+
+ &add($a,$tmp1);
+ &mov($tmp1,&Np($c)) if $pos < 1; # next tmp1 for R0
+ &mov($tmp1,&Np($c)) if $pos == 1; # next tmp1 for R1
+
+ &rotl($a,$s);
+ &add($a,$b);
+
+ }
+
+sub R1
+ {
+ local($pos,$a,$b,$c,$d,$K,$ki,$s,$t)=@_;
+
+ &comment("R1 $ki");
+
+ &lea($a,&DWP($t,$a,$tmp2,1));
+
+ &xor($tmp1,$b); # G function - part 2
+ &and($tmp1,$d); # G function - part 3
+
+ &mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0)) if ($pos != 2);
+ &xor($tmp1,$c); # G function - part 4
+
+ &add($a,$tmp1);
+ &mov($tmp1,&Np($c)) if $pos < 1; # G function - part 1
+ &mov($tmp1,&Np($c)) if $pos == 1; # G function - part 1
+
+ &rotl($a,$s);
+
+ &add($a,$b);
+ }
+
+sub R2
+ {
+ local($n,$pos,$a,$b,$c,$d,$K,$ki,$s,$t)=@_;
+ # This one is different, only 3 logical operations
+
+if (($n & 1) == 0)
+ {
+ &comment("R2 $ki");
+ # make sure to do 'D' first, not 'B', else we clash with
+ # the last add from the previous round.
+
+ &xor($tmp1,$d); # H function - part 2
+
+ &xor($tmp1,$b); # H function - part 3
+ &lea($a,&DWP($t,$a,$tmp2,1));
+
+ &add($a,$tmp1);
+ &mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0));
+
+ &rotl($a,$s);
+
+ &mov($tmp1,&Np($c));
+ }
+else
+ {
+ &comment("R2 $ki");
+ # make sure to do 'D' first, not 'B', else we clash with
+ # the last add from the previous round.
+
+ &lea($a,&DWP($t,$a,$tmp2,1));
+
+ &add($b,$c); # MOVED FORWARD
+ &xor($tmp1,$d); # H function - part 2
+
+ &xor($tmp1,$b); # H function - part 3
+ &mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0)) if ($pos != 2);
+
+ &add($a,$tmp1);
+ &mov($tmp1,&Np($c)) if $pos < 1; # H function - part 1
+ &mov($tmp1,-1) if $pos == 1; # I function - part 1
+
+ &rotl($a,$s);
+
+ &add($a,$b);
+ }
+ }
+
+sub R3
+ {
+ local($pos,$a,$b,$c,$d,$K,$ki,$s,$t)=@_;
+
+ &comment("R3 $ki");
+
+ # ¬($tmp1)
+ &xor($tmp1,$d) if $pos < 0; # I function - part 2
+
+ &or($tmp1,$b); # I function - part 3
+ &lea($a,&DWP($t,$a,$tmp2,1));
+
+ &xor($tmp1,$c); # I function - part 4
+ &mov($tmp2,&DWP($xo[$ki+1]*4,$K,"",0)) if $pos != 2; # load X/k value
+ &mov($tmp2,&wparam(0)) if $pos == 2;
+
+ &add($a,$tmp1);
+ &mov($tmp1,-1) if $pos < 1; # H function - part 1
+ &add($K,64) if $pos >=1 && !$normal;
+
+ &rotl($a,$s);
+
+ &xor($tmp1,&Np($d)) if $pos <= 0; # I function - part = first time
+ &mov($tmp1,&DWP( 0,$tmp2,"",0)) if $pos > 0;
+ &add($a,$b);
+ }
+
+
+sub md5_block
+ {
+ local($name)=@_;
+
+ &function_begin_B($name,"",3);
+
+ # parameter 1 is the MD5_CTX structure.
+ # A 0
+ # B 4
+ # C 8
+ # D 12
+
+ &push("esi");
+ &push("edi");
+ &mov($tmp1, &wparam(0)); # edi
+ &mov($X, &wparam(1)); # esi
+ &mov($C, &wparam(2));
+ &push("ebp");
+ &push("ebx");
+ &add($C, $X); # offset we end at
+ &sub($C, 64);
+ &mov($A, &DWP( 0,$tmp1,"",0));
+ &push($C); # Put on the TOS
+ &mov($B, &DWP( 4,$tmp1,"",0));
+ &mov($C, &DWP( 8,$tmp1,"",0));
+ &mov($D, &DWP(12,$tmp1,"",0));
+
+ &set_label("start") unless $normal;
+ &comment("");
+ &comment("R0 section");
+
+ &R0(-2,$A,$B,$C,$D,$X, 0, 7,0xd76aa478);
+ &R0( 0,$D,$A,$B,$C,$X, 1,12,0xe8c7b756);
+ &R0( 0,$C,$D,$A,$B,$X, 2,17,0x242070db);
+ &R0( 0,$B,$C,$D,$A,$X, 3,22,0xc1bdceee);
+ &R0( 0,$A,$B,$C,$D,$X, 4, 7,0xf57c0faf);
+ &R0( 0,$D,$A,$B,$C,$X, 5,12,0x4787c62a);
+ &R0( 0,$C,$D,$A,$B,$X, 6,17,0xa8304613);
+ &R0( 0,$B,$C,$D,$A,$X, 7,22,0xfd469501);
+ &R0( 0,$A,$B,$C,$D,$X, 8, 7,0x698098d8);
+ &R0( 0,$D,$A,$B,$C,$X, 9,12,0x8b44f7af);
+ &R0( 0,$C,$D,$A,$B,$X,10,17,0xffff5bb1);
+ &R0( 0,$B,$C,$D,$A,$X,11,22,0x895cd7be);
+ &R0( 0,$A,$B,$C,$D,$X,12, 7,0x6b901122);
+ &R0( 0,$D,$A,$B,$C,$X,13,12,0xfd987193);
+ &R0( 0,$C,$D,$A,$B,$X,14,17,0xa679438e);
+ &R0( 1,$B,$C,$D,$A,$X,15,22,0x49b40821);
+
+ &comment("");
+ &comment("R1 section");
+ &R1(-1,$A,$B,$C,$D,$X,16, 5,0xf61e2562);
+ &R1( 0,$D,$A,$B,$C,$X,17, 9,0xc040b340);
+ &R1( 0,$C,$D,$A,$B,$X,18,14,0x265e5a51);
+ &R1( 0,$B,$C,$D,$A,$X,19,20,0xe9b6c7aa);
+ &R1( 0,$A,$B,$C,$D,$X,20, 5,0xd62f105d);
+ &R1( 0,$D,$A,$B,$C,$X,21, 9,0x02441453);
+ &R1( 0,$C,$D,$A,$B,$X,22,14,0xd8a1e681);
+ &R1( 0,$B,$C,$D,$A,$X,23,20,0xe7d3fbc8);
+ &R1( 0,$A,$B,$C,$D,$X,24, 5,0x21e1cde6);
+ &R1( 0,$D,$A,$B,$C,$X,25, 9,0xc33707d6);
+ &R1( 0,$C,$D,$A,$B,$X,26,14,0xf4d50d87);
+ &R1( 0,$B,$C,$D,$A,$X,27,20,0x455a14ed);
+ &R1( 0,$A,$B,$C,$D,$X,28, 5,0xa9e3e905);
+ &R1( 0,$D,$A,$B,$C,$X,29, 9,0xfcefa3f8);
+ &R1( 0,$C,$D,$A,$B,$X,30,14,0x676f02d9);
+ &R1( 1,$B,$C,$D,$A,$X,31,20,0x8d2a4c8a);
+
+ &comment("");
+ &comment("R2 section");
+ &R2( 0,-1,$A,$B,$C,$D,$X,32, 4,0xfffa3942);
+ &R2( 1, 0,$D,$A,$B,$C,$X,33,11,0x8771f681);
+ &R2( 2, 0,$C,$D,$A,$B,$X,34,16,0x6d9d6122);
+ &R2( 3, 0,$B,$C,$D,$A,$X,35,23,0xfde5380c);
+ &R2( 4, 0,$A,$B,$C,$D,$X,36, 4,0xa4beea44);
+ &R2( 5, 0,$D,$A,$B,$C,$X,37,11,0x4bdecfa9);
+ &R2( 6, 0,$C,$D,$A,$B,$X,38,16,0xf6bb4b60);
+ &R2( 7, 0,$B,$C,$D,$A,$X,39,23,0xbebfbc70);
+ &R2( 8, 0,$A,$B,$C,$D,$X,40, 4,0x289b7ec6);
+ &R2( 9, 0,$D,$A,$B,$C,$X,41,11,0xeaa127fa);
+ &R2(10, 0,$C,$D,$A,$B,$X,42,16,0xd4ef3085);
+ &R2(11, 0,$B,$C,$D,$A,$X,43,23,0x04881d05);
+ &R2(12, 0,$A,$B,$C,$D,$X,44, 4,0xd9d4d039);
+ &R2(13, 0,$D,$A,$B,$C,$X,45,11,0xe6db99e5);
+ &R2(14, 0,$C,$D,$A,$B,$X,46,16,0x1fa27cf8);
+ &R2(15, 1,$B,$C,$D,$A,$X,47,23,0xc4ac5665);
+
+ &comment("");
+ &comment("R3 section");
+ &R3(-1,$A,$B,$C,$D,$X,48, 6,0xf4292244);
+ &R3( 0,$D,$A,$B,$C,$X,49,10,0x432aff97);
+ &R3( 0,$C,$D,$A,$B,$X,50,15,0xab9423a7);
+ &R3( 0,$B,$C,$D,$A,$X,51,21,0xfc93a039);
+ &R3( 0,$A,$B,$C,$D,$X,52, 6,0x655b59c3);
+ &R3( 0,$D,$A,$B,$C,$X,53,10,0x8f0ccc92);
+ &R3( 0,$C,$D,$A,$B,$X,54,15,0xffeff47d);
+ &R3( 0,$B,$C,$D,$A,$X,55,21,0x85845dd1);
+ &R3( 0,$A,$B,$C,$D,$X,56, 6,0x6fa87e4f);
+ &R3( 0,$D,$A,$B,$C,$X,57,10,0xfe2ce6e0);
+ &R3( 0,$C,$D,$A,$B,$X,58,15,0xa3014314);
+ &R3( 0,$B,$C,$D,$A,$X,59,21,0x4e0811a1);
+ &R3( 0,$A,$B,$C,$D,$X,60, 6,0xf7537e82);
+ &R3( 0,$D,$A,$B,$C,$X,61,10,0xbd3af235);
+ &R3( 0,$C,$D,$A,$B,$X,62,15,0x2ad7d2bb);
+ &R3( 2,$B,$C,$D,$A,$X,63,21,0xeb86d391);
+
+ # &mov($tmp2,&wparam(0)); # done in the last R3
+ # &mov($tmp1, &DWP( 0,$tmp2,"",0)); # done is the last R3
+
+ &add($A,$tmp1);
+ &mov($tmp1, &DWP( 4,$tmp2,"",0));
+
+ &add($B,$tmp1);
+ &mov($tmp1, &DWP( 8,$tmp2,"",0));
+
+ &add($C,$tmp1);
+ &mov($tmp1, &DWP(12,$tmp2,"",0));
+
+ &add($D,$tmp1);
+ &mov(&DWP( 0,$tmp2,"",0),$A);
+
+ &mov(&DWP( 4,$tmp2,"",0),$B);
+ &mov($tmp1,&swtmp(0)) unless $normal;
+
+ &mov(&DWP( 8,$tmp2,"",0),$C);
+ &mov(&DWP(12,$tmp2,"",0),$D);
+
+ &cmp($tmp1,$X) unless $normal; # check count
+ &jge(&label("start")) unless $normal;
+
+ &pop("eax"); # pop the temp variable off the stack
+ &pop("ebx");
+ &pop("ebp");
+ &pop("edi");
+ &pop("esi");
+ &ret();
+ &function_end_B($name);
+ }
+
diff --git a/src/lib/libssl/src/crypto/md5/md5.c b/src/lib/libssl/src/crypto/md5/md5.c
new file mode 100644
index 0000000000..9d6f5a6003
--- /dev/null
+++ b/src/lib/libssl/src/crypto/md5/md5.c
@@ -0,0 +1,135 @@
+/* crypto/md5/md5.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "md5.h"
+
+#define BUFSIZE 1024*16
+
+#ifndef NOPROTO
+void do_fp(FILE *f);
+void pt(unsigned char *md);
+int read(int, void *, unsigned int);
+#else
+void do_fp();
+void pt();
+int read();
+#endif
+
+int main(argc, argv)
+int argc;
+char **argv;
+ {
+ int i,err=0;
+ FILE *IN;
+
+ if (argc == 1)
+ {
+ do_fp(stdin);
+ }
+ else
+ {
+ for (i=1; i<argc; i++)
+ {
+ IN=fopen(argv[i],"r");
+ if (IN == NULL)
+ {
+ perror(argv[i]);
+ err++;
+ continue;
+ }
+ printf("MD5(%s)= ",argv[i]);
+ do_fp(IN);
+ fclose(IN);
+ }
+ }
+ exit(err);
+ }
+
+void do_fp(f)
+FILE *f;
+ {
+ MD5_CTX c;
+ unsigned char md[MD5_DIGEST_LENGTH];
+ int fd;
+ int i;
+ static unsigned char buf[BUFSIZE];
+
+ fd=fileno(f);
+ MD5_Init(&c);
+ for (;;)
+ {
+ i=read(fd,buf,BUFSIZE);
+ if (i <= 0) break;
+ MD5_Update(&c,buf,(unsigned long)i);
+ }
+ MD5_Final(&(md[0]),&c);
+ pt(md);
+ }
+
+void pt(md)
+unsigned char *md;
+ {
+ int i;
+
+ for (i=0; i<MD5_DIGEST_LENGTH; i++)
+ printf("%02x",md[i]);
+ printf("\n");
+ }
+
diff --git a/src/lib/libssl/src/crypto/md5/md5.h b/src/lib/libssl/src/crypto/md5/md5.h
new file mode 100644
index 0000000000..357c6c625d
--- /dev/null
+++ b/src/lib/libssl/src/crypto/md5/md5.h
@@ -0,0 +1,99 @@
+/* crypto/md5/md5.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_MD5_H
+#define HEADER_MD5_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define MD5_CBLOCK 64
+#define MD5_LBLOCK 16
+#define MD5_BLOCK 16
+#define MD5_LAST_BLOCK 56
+#define MD5_LENGTH_BLOCK 8
+#define MD5_DIGEST_LENGTH 16
+
+typedef struct MD5state_st
+ {
+ unsigned long A,B,C,D;
+ unsigned long Nl,Nh;
+ unsigned long data[MD5_LBLOCK];
+ int num;
+ } MD5_CTX;
+
+#ifndef NOPROTO
+void MD5_Init(MD5_CTX *c);
+void MD5_Update(MD5_CTX *c, unsigned char *data, unsigned long len);
+void MD5_Final(unsigned char *md, MD5_CTX *c);
+unsigned char *MD5(unsigned char *d, unsigned long n, unsigned char *md);
+void MD5_Transform(MD5_CTX *c, unsigned char *b);
+#else
+void MD5_Init();
+void MD5_Update();
+void MD5_Final();
+unsigned char *MD5();
+void MD5_Transform();
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/src/lib/libssl/src/crypto/md5/md5_dgst.c b/src/lib/libssl/src/crypto/md5/md5_dgst.c
new file mode 100644
index 0000000000..43b3498d92
--- /dev/null
+++ b/src/lib/libssl/src/crypto/md5/md5_dgst.c
@@ -0,0 +1,440 @@
+/* crypto/md5/md5_dgst.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "md5_locl.h"
+
+char *MD5_version="MD5 part of SSLeay 0.9.0b 29-Jun-1998";
+
+/* Implemented from RFC1321 The MD5 Message-Digest Algorithm
+ */
+
+#define INIT_DATA_A (unsigned long)0x67452301L
+#define INIT_DATA_B (unsigned long)0xefcdab89L
+#define INIT_DATA_C (unsigned long)0x98badcfeL
+#define INIT_DATA_D (unsigned long)0x10325476L
+
+#ifndef NOPROTO
+# ifdef MD5_ASM
+ void md5_block_x86(MD5_CTX *c, unsigned long *p,int num);
+# define md5_block md5_block_x86
+# else
+ static void md5_block(MD5_CTX *c, unsigned long *p,int num);
+# endif
+#else
+# ifdef MD5_ASM
+ void md5_block_x86();
+# define md5_block md5_block_x86
+# else
+ static void md5_block();
+# endif
+#endif
+
+void MD5_Init(c)
+MD5_CTX *c;
+ {
+ c->A=INIT_DATA_A;
+ c->B=INIT_DATA_B;
+ c->C=INIT_DATA_C;
+ c->D=INIT_DATA_D;
+ c->Nl=0;
+ c->Nh=0;
+ c->num=0;
+ }
+
+void MD5_Update(c, data, len)
+MD5_CTX *c;
+register unsigned char *data;
+unsigned long len;
+ {
+ register ULONG *p;
+ int sw,sc;
+ ULONG l;
+
+ if (len == 0) return;
+
+ l=(c->Nl+(len<<3))&0xffffffffL;
+ /* 95-05-24 eay Fixed a bug with the overflow handling, thanks to
+ * Wei Dai <weidai@eskimo.com> for pointing it out. */
+ if (l < c->Nl) /* overflow */
+ c->Nh++;
+ c->Nh+=(len>>29);
+ c->Nl=l;
+
+ if (c->num != 0)
+ {
+ p=c->data;
+ sw=c->num>>2;
+ sc=c->num&0x03;
+
+ if ((c->num+len) >= MD5_CBLOCK)
+ {
+ l= p[sw];
+ p_c2l(data,l,sc);
+ p[sw++]=l;
+ for (; sw<MD5_LBLOCK; sw++)
+ {
+ c2l(data,l);
+ p[sw]=l;
+ }
+ len-=(MD5_CBLOCK-c->num);
+
+ md5_block(c,p,64);
+ c->num=0;
+ /* drop through and do the rest */
+ }
+ else
+ {
+ int ew,ec;
+
+ c->num+=(int)len;
+ if ((sc+len) < 4) /* ugly, add char's to a word */
+ {
+ l= p[sw];
+ p_c2l_p(data,l,sc,len);
+ p[sw]=l;
+ }
+ else
+ {
+ ew=(c->num>>2);
+ ec=(c->num&0x03);
+ l= p[sw];
+ p_c2l(data,l,sc);
+ p[sw++]=l;
+ for (; sw < ew; sw++)
+ { c2l(data,l); p[sw]=l; }
+ if (ec)
+ {
+ c2l_p(data,l,ec);
+ p[sw]=l;
+ }
+ }
+ return;
+ }
+ }
+ /* we now can process the input data in blocks of MD5_CBLOCK
+ * chars and save the leftovers to c->data. */
+#ifdef L_ENDIAN
+ if ((((unsigned long)data)%sizeof(ULONG)) == 0)
+ {
+ sw=(int)len/MD5_CBLOCK;
+ if (sw > 0)
+ {
+ sw*=MD5_CBLOCK;
+ md5_block(c,(ULONG *)data,sw);
+ data+=sw;
+ len-=sw;
+ }
+ }
+#endif
+ p=c->data;
+ while (len >= MD5_CBLOCK)
+ {
+#if defined(L_ENDIAN) || defined(B_ENDIAN)
+ if (p != (unsigned long *)data)
+ memcpy(p,data,MD5_CBLOCK);
+ data+=MD5_CBLOCK;
+#ifdef B_ENDIAN
+ for (sw=(MD5_LBLOCK/4); sw; sw--)
+ {
+ Endian_Reverse32(p[0]);
+ Endian_Reverse32(p[1]);
+ Endian_Reverse32(p[2]);
+ Endian_Reverse32(p[3]);
+ p+=4;
+ }
+#endif
+#else
+ for (sw=(MD5_LBLOCK/4); sw; sw--)
+ {
+ c2l(data,l); *(p++)=l;
+ c2l(data,l); *(p++)=l;
+ c2l(data,l); *(p++)=l;
+ c2l(data,l); *(p++)=l;
+ }
+#endif
+ p=c->data;
+ md5_block(c,p,64);
+ len-=MD5_CBLOCK;
+ }
+ sc=(int)len;
+ c->num=sc;
+ if (sc)
+ {
+ sw=sc>>2; /* words to copy */
+#ifdef L_ENDIAN
+ p[sw]=0;
+ memcpy(p,data,sc);
+#else
+ sc&=0x03;
+ for ( ; sw; sw--)
+ { c2l(data,l); *(p++)=l; }
+ c2l_p(data,l,sc);
+ *p=l;
+#endif
+ }
+ }
+
+void MD5_Transform(c,b)
+MD5_CTX *c;
+unsigned char *b;
+ {
+ ULONG p[16];
+#if !defined(L_ENDIAN)
+ ULONG *q;
+ int i;
+#endif
+
+#if defined(B_ENDIAN) || defined(L_ENDIAN)
+ memcpy(p,b,64);
+#ifdef B_ENDIAN
+ q=p;
+ for (i=(MD5_LBLOCK/4); i; i--)
+ {
+ Endian_Reverse32(q[0]);
+ Endian_Reverse32(q[1]);
+ Endian_Reverse32(q[2]);
+ Endian_Reverse32(q[3]);
+ q+=4;
+ }
+#endif
+#else
+ q=p;
+ for (i=(MD5_LBLOCK/4); i; i--)
+ {
+ ULONG l;
+ c2l(b,l); *(q++)=l;
+ c2l(b,l); *(q++)=l;
+ c2l(b,l); *(q++)=l;
+ c2l(b,l); *(q++)=l;
+ }
+#endif
+ md5_block(c,p,64);
+ }
+
+#ifndef MD5_ASM
+
+static void md5_block(c, X, num)
+MD5_CTX *c;
+register ULONG *X;
+int num;
+ {
+ register ULONG A,B,C,D;
+
+ A=c->A;
+ B=c->B;
+ C=c->C;
+ D=c->D;
+ for (;;)
+ {
+ /* Round 0 */
+ R0(A,B,C,D,X[ 0], 7,0xd76aa478L);
+ R0(D,A,B,C,X[ 1],12,0xe8c7b756L);
+ R0(C,D,A,B,X[ 2],17,0x242070dbL);
+ R0(B,C,D,A,X[ 3],22,0xc1bdceeeL);
+ R0(A,B,C,D,X[ 4], 7,0xf57c0fafL);
+ R0(D,A,B,C,X[ 5],12,0x4787c62aL);
+ R0(C,D,A,B,X[ 6],17,0xa8304613L);
+ R0(B,C,D,A,X[ 7],22,0xfd469501L);
+ R0(A,B,C,D,X[ 8], 7,0x698098d8L);
+ R0(D,A,B,C,X[ 9],12,0x8b44f7afL);
+ R0(C,D,A,B,X[10],17,0xffff5bb1L);
+ R0(B,C,D,A,X[11],22,0x895cd7beL);
+ R0(A,B,C,D,X[12], 7,0x6b901122L);
+ R0(D,A,B,C,X[13],12,0xfd987193L);
+ R0(C,D,A,B,X[14],17,0xa679438eL);
+ R0(B,C,D,A,X[15],22,0x49b40821L);
+ /* Round 1 */
+ R1(A,B,C,D,X[ 1], 5,0xf61e2562L);
+ R1(D,A,B,C,X[ 6], 9,0xc040b340L);
+ R1(C,D,A,B,X[11],14,0x265e5a51L);
+ R1(B,C,D,A,X[ 0],20,0xe9b6c7aaL);
+ R1(A,B,C,D,X[ 5], 5,0xd62f105dL);
+ R1(D,A,B,C,X[10], 9,0x02441453L);
+ R1(C,D,A,B,X[15],14,0xd8a1e681L);
+ R1(B,C,D,A,X[ 4],20,0xe7d3fbc8L);
+ R1(A,B,C,D,X[ 9], 5,0x21e1cde6L);
+ R1(D,A,B,C,X[14], 9,0xc33707d6L);
+ R1(C,D,A,B,X[ 3],14,0xf4d50d87L);
+ R1(B,C,D,A,X[ 8],20,0x455a14edL);
+ R1(A,B,C,D,X[13], 5,0xa9e3e905L);
+ R1(D,A,B,C,X[ 2], 9,0xfcefa3f8L);
+ R1(C,D,A,B,X[ 7],14,0x676f02d9L);
+ R1(B,C,D,A,X[12],20,0x8d2a4c8aL);
+ /* Round 2 */
+ R2(A,B,C,D,X[ 5], 4,0xfffa3942L);
+ R2(D,A,B,C,X[ 8],11,0x8771f681L);
+ R2(C,D,A,B,X[11],16,0x6d9d6122L);
+ R2(B,C,D,A,X[14],23,0xfde5380cL);
+ R2(A,B,C,D,X[ 1], 4,0xa4beea44L);
+ R2(D,A,B,C,X[ 4],11,0x4bdecfa9L);
+ R2(C,D,A,B,X[ 7],16,0xf6bb4b60L);
+ R2(B,C,D,A,X[10],23,0xbebfbc70L);
+ R2(A,B,C,D,X[13], 4,0x289b7ec6L);
+ R2(D,A,B,C,X[ 0],11,0xeaa127faL);
+ R2(C,D,A,B,X[ 3],16,0xd4ef3085L);
+ R2(B,C,D,A,X[ 6],23,0x04881d05L);
+ R2(A,B,C,D,X[ 9], 4,0xd9d4d039L);
+ R2(D,A,B,C,X[12],11,0xe6db99e5L);
+ R2(C,D,A,B,X[15],16,0x1fa27cf8L);
+ R2(B,C,D,A,X[ 2],23,0xc4ac5665L);
+ /* Round 3 */
+ R3(A,B,C,D,X[ 0], 6,0xf4292244L);
+ R3(D,A,B,C,X[ 7],10,0x432aff97L);
+ R3(C,D,A,B,X[14],15,0xab9423a7L);
+ R3(B,C,D,A,X[ 5],21,0xfc93a039L);
+ R3(A,B,C,D,X[12], 6,0x655b59c3L);
+ R3(D,A,B,C,X[ 3],10,0x8f0ccc92L);
+ R3(C,D,A,B,X[10],15,0xffeff47dL);
+ R3(B,C,D,A,X[ 1],21,0x85845dd1L);
+ R3(A,B,C,D,X[ 8], 6,0x6fa87e4fL);
+ R3(D,A,B,C,X[15],10,0xfe2ce6e0L);
+ R3(C,D,A,B,X[ 6],15,0xa3014314L);
+ R3(B,C,D,A,X[13],21,0x4e0811a1L);
+ R3(A,B,C,D,X[ 4], 6,0xf7537e82L);
+ R3(D,A,B,C,X[11],10,0xbd3af235L);
+ R3(C,D,A,B,X[ 2],15,0x2ad7d2bbL);
+ R3(B,C,D,A,X[ 9],21,0xeb86d391L);
+
+ A+=c->A&0xffffffffL;
+ B+=c->B&0xffffffffL;
+ c->A=A;
+ c->B=B;
+ C+=c->C&0xffffffffL;
+ D+=c->D&0xffffffffL;
+ c->C=C;
+ c->D=D;
+ X+=16;
+ num-=64;
+ if (num <= 0) break;
+ }
+ }
+#endif
+
+void MD5_Final(md, c)
+unsigned char *md;
+MD5_CTX *c;
+ {
+ register int i,j;
+ register ULONG l;
+ register ULONG *p;
+ static unsigned char end[4]={0x80,0x00,0x00,0x00};
+ unsigned char *cp=end;
+
+ /* c->num should definitly have room for at least one more byte. */
+ p=c->data;
+ j=c->num;
+ i=j>>2;
+
+ /* purify often complains about the following line as an
+ * Uninitialized Memory Read. While this can be true, the
+ * following p_c2l macro will reset l when that case is true.
+ * This is because j&0x03 contains the number of 'valid' bytes
+ * already in p[i]. If and only if j&0x03 == 0, the UMR will
+ * occur but this is also the only time p_c2l will do
+ * l= *(cp++) instead of l|= *(cp++)
+ * Many thanks to Alex Tang <altitude@cic.net> for pickup this
+ * 'potential bug' */
+#ifdef PURIFY
+ if ((j&0x03) == 0) p[i]=0;
+#endif
+ l=p[i];
+ p_c2l(cp,l,j&0x03);
+ p[i]=l;
+ i++;
+ /* i is the next 'undefined word' */
+ if (c->num >= MD5_LAST_BLOCK)
+ {
+ for (; i<MD5_LBLOCK; i++)
+ p[i]=0;
+ md5_block(c,p,64);
+ i=0;
+ }
+ for (; i<(MD5_LBLOCK-2); i++)
+ p[i]=0;
+ p[MD5_LBLOCK-2]=c->Nl;
+ p[MD5_LBLOCK-1]=c->Nh;
+ md5_block(c,p,64);
+ cp=md;
+ l=c->A; l2c(l,cp);
+ l=c->B; l2c(l,cp);
+ l=c->C; l2c(l,cp);
+ l=c->D; l2c(l,cp);
+
+ /* clear stuff, md5_block may be leaving some stuff on the stack
+ * but I'm not worried :-) */
+ c->num=0;
+/* memset((char *)&c,0,sizeof(c));*/
+ }
+
+#ifdef undef
+int printit(l)
+unsigned long *l;
+ {
+ int i,ii;
+
+ for (i=0; i<2; i++)
+ {
+ for (ii=0; ii<8; ii++)
+ {
+ fprintf(stderr,"%08lx ",l[i*8+ii]);
+ }
+ fprintf(stderr,"\n");
+ }
+ }
+#endif
diff --git a/src/lib/libssl/src/crypto/md5/md5_locl.h b/src/lib/libssl/src/crypto/md5/md5_locl.h
new file mode 100644
index 0000000000..dbbe1b71ca
--- /dev/null
+++ b/src/lib/libssl/src/crypto/md5/md5_locl.h
@@ -0,0 +1,195 @@
+/* crypto/md5/md5_locl.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* On sparc, this actually slows things down :-( */
+#if defined(sun)
+#undef B_ENDIAN
+#endif
+
+#include <stdlib.h>
+#include <string.h>
+#include "md5.h"
+
+#define ULONG unsigned long
+#define UCHAR unsigned char
+#define UINT unsigned int
+
+#if defined(NOCONST)
+#define const
+#endif
+
+#undef c2l
+#define c2l(c,l) (l = ((unsigned long)(*((c)++))) , \
+ l|=(((unsigned long)(*((c)++)))<< 8), \
+ l|=(((unsigned long)(*((c)++)))<<16), \
+ l|=(((unsigned long)(*((c)++)))<<24))
+
+#undef p_c2l
+#define p_c2l(c,l,n) { \
+ switch (n) { \
+ case 0: l =((unsigned long)(*((c)++))); \
+ case 1: l|=((unsigned long)(*((c)++)))<< 8; \
+ case 2: l|=((unsigned long)(*((c)++)))<<16; \
+ case 3: l|=((unsigned long)(*((c)++)))<<24; \
+ } \
+ }
+
+/* NOTE the pointer is not incremented at the end of this */
+#undef c2l_p
+#define c2l_p(c,l,n) { \
+ l=0; \
+ (c)+=n; \
+ switch (n) { \
+ case 3: l =((unsigned long)(*(--(c))))<<16; \
+ case 2: l|=((unsigned long)(*(--(c))))<< 8; \
+ case 1: l|=((unsigned long)(*(--(c)))) ; \
+ } \
+ }
+
+#undef p_c2l_p
+#define p_c2l_p(c,l,sc,len) { \
+ switch (sc) \
+ { \
+ case 0: l =((unsigned long)(*((c)++))); \
+ if (--len == 0) break; \
+ case 1: l|=((unsigned long)(*((c)++)))<< 8; \
+ if (--len == 0) break; \
+ case 2: l|=((unsigned long)(*((c)++)))<<16; \
+ } \
+ }
+
+#undef l2c
+#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>16)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>24)&0xff))
+
+/* NOTE - c is not incremented as per l2c */
+#undef l2cn
+#define l2cn(l1,l2,c,n) { \
+ c+=n; \
+ switch (n) { \
+ case 8: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
+ case 7: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
+ case 6: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
+ case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
+ case 4: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
+ case 3: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
+ case 2: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
+ case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
+ } \
+ }
+
+/* A nice byte order reversal from Wei Dai <weidai@eskimo.com> */
+#if defined(WIN32)
+/* 5 instructions with rotate instruction, else 9 */
+#define Endian_Reverse32(a) \
+ { \
+ unsigned long l=(a); \
+ (a)=((ROTATE(l,8)&0x00FF00FF)|(ROTATE(l,24)&0xFF00FF00)); \
+ }
+#else
+/* 6 instructions with rotate instruction, else 8 */
+#define Endian_Reverse32(a) \
+ { \
+ unsigned long l=(a); \
+ l=(((l&0xFF00FF00)>>8L)|((l&0x00FF00FF)<<8L)); \
+ (a)=ROTATE(l,16L); \
+ }
+#endif
+/*
+#define F(x,y,z) (((x) & (y)) | ((~(x)) & (z)))
+#define G(x,y,z) (((x) & (z)) | ((y) & (~(z))))
+*/
+
+/* As pointed out by Wei Dai <weidai@eskimo.com>, the above can be
+ * simplified to the code below. Wei attributes these optimisations
+ * to Peter Gutmann's SHS code, and he attributes it to Rich Schroeppel.
+ */
+#define F(b,c,d) ((((c) ^ (d)) & (b)) ^ (d))
+#define G(b,c,d) ((((b) ^ (c)) & (d)) ^ (c))
+#define H(b,c,d) ((b) ^ (c) ^ (d))
+#define I(b,c,d) (((~(d)) | (b)) ^ (c))
+
+#undef ROTATE
+#if defined(WIN32)
+#define ROTATE(a,n) _lrotl(a,n)
+#else
+#define ROTATE(a,n) (((a)<<(n))|(((a)&0xffffffff)>>(32-(n))))
+#endif
+
+
+#define R0(a,b,c,d,k,s,t) { \
+ a+=((k)+(t)+F((b),(c),(d))); \
+ a=ROTATE(a,s); \
+ a+=b; };\
+
+#define R1(a,b,c,d,k,s,t) { \
+ a+=((k)+(t)+G((b),(c),(d))); \
+ a=ROTATE(a,s); \
+ a+=b; };
+
+#define R2(a,b,c,d,k,s,t) { \
+ a+=((k)+(t)+H((b),(c),(d))); \
+ a=ROTATE(a,s); \
+ a+=b; };
+
+#define R3(a,b,c,d,k,s,t) { \
+ a+=((k)+(t)+I((b),(c),(d))); \
+ a=ROTATE(a,s); \
+ a+=b; };
diff --git a/src/lib/libssl/src/crypto/md5/md5_one.c b/src/lib/libssl/src/crypto/md5/md5_one.c
new file mode 100644
index 0000000000..ab6bb435f9
--- /dev/null
+++ b/src/lib/libssl/src/crypto/md5/md5_one.c
@@ -0,0 +1,77 @@
+/* crypto/md5/md5_one.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "md5_locl.h"
+
+unsigned char *MD5(d, n, md)
+unsigned char *d;
+unsigned long n;
+unsigned char *md;
+ {
+ MD5_CTX c;
+ static unsigned char m[MD5_DIGEST_LENGTH];
+
+ if (md == NULL) md=m;
+ MD5_Init(&c);
+ MD5_Update(&c,d,n);
+ MD5_Final(md,&c);
+ memset(&c,0,sizeof(c)); /* security consideration */
+ return(md);
+ }
+
diff --git a/src/lib/libssl/src/crypto/md5/md5s.cpp b/src/lib/libssl/src/crypto/md5/md5s.cpp
new file mode 100644
index 0000000000..ef8e175df0
--- /dev/null
+++ b/src/lib/libssl/src/crypto/md5/md5s.cpp
@@ -0,0 +1,78 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+ asm volatile(".byte 15, 49\n\t"
+ : "=eax" (tsc)
+ :
+ : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+ unsigned long a;
+ __asm _emit 0fh
+ __asm _emit 31h
+ __asm mov a, eax;
+ tsc=a;
+}
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "md5.h"
+
+extern "C" {
+void md5_block_x86(MD5_CTX *ctx, unsigned char *buffer,int num);
+}
+
+void main(int argc,char *argv[])
+ {
+ unsigned char buffer[64*256];
+ MD5_CTX ctx;
+ unsigned long s1,s2,e1,e2;
+ unsigned char k[16];
+ unsigned long data[2];
+ unsigned char iv[8];
+ int i,num=0,numm;
+ int j=0;
+
+ if (argc >= 2)
+ num=atoi(argv[1]);
+
+ if (num == 0) num=16;
+ if (num > 250) num=16;
+ numm=num+2;
+ num*=64;
+ numm*=64;
+
+ for (j=0; j<6; j++)
+ {
+ for (i=0; i<10; i++) /**/
+ {
+ md5_block_x86(&ctx,buffer,numm);
+ GetTSC(s1);
+ md5_block_x86(&ctx,buffer,numm);
+ GetTSC(e1);
+ GetTSC(s2);
+ md5_block_x86(&ctx,buffer,num);
+ GetTSC(e2);
+ md5_block_x86(&ctx,buffer,num);
+ }
+ printf("md5 (%d bytes) %d %d (%.2f)\n",num,
+ e1-s1,e2-s2,(double)((e1-s1)-(e2-s2))/2);
+ }
+ }
+
diff --git a/src/lib/libssl/src/crypto/md5/md5test.c b/src/lib/libssl/src/crypto/md5/md5test.c
new file mode 100644
index 0000000000..74b84bc67f
--- /dev/null
+++ b/src/lib/libssl/src/crypto/md5/md5test.c
@@ -0,0 +1,130 @@
+/* crypto/md5/md5test.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include "md5.h"
+
+char *test[]={
+ "",
+ "a",
+ "abc",
+ "message digest",
+ "abcdefghijklmnopqrstuvwxyz",
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
+ "12345678901234567890123456789012345678901234567890123456789012345678901234567890",
+ NULL,
+ };
+
+char *ret[]={
+ "d41d8cd98f00b204e9800998ecf8427e",
+ "0cc175b9c0f1b6a831c399e269772661",
+ "900150983cd24fb0d6963f7d28e17f72",
+ "f96b697d7cb7938d525a2f31aaf161d0",
+ "c3fcd3d76192e4007dfb496cca67e13b",
+ "d174ab98d277d9f5a5611c2c9f419d9f",
+ "57edf4a22be3c955ac49da2e2107b67a",
+ };
+
+#ifndef NOPROTO
+static char *pt(unsigned char *md);
+#else
+static char *pt();
+#endif
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ int i,err=0;
+ unsigned char **P,**R;
+ char *p;
+
+ P=(unsigned char **)test;
+ R=(unsigned char **)ret;
+ i=1;
+ while (*P != NULL)
+ {
+ p=pt(MD5(&(P[0][0]),(unsigned long)strlen((char *)*P),NULL));
+ if (strcmp(p,(char *)*R) != 0)
+ {
+ printf("error calculating MD5 on '%s'\n",*P);
+ printf("got %s instead of %s\n",p,*R);
+ err++;
+ }
+ else
+ printf("test %d ok\n",i);
+ i++;
+ R++;
+ P++;
+ }
+ exit(err);
+ return(0);
+ }
+
+static char *pt(md)
+unsigned char *md;
+ {
+ int i;
+ static char buf[80];
+
+ for (i=0; i<MD5_DIGEST_LENGTH; i++)
+ sprintf(&(buf[i*2]),"%02x",md[i]);
+ return(buf);
+ }
diff --git a/src/lib/libssl/src/crypto/mdc2/mdc2.h b/src/lib/libssl/src/crypto/mdc2/mdc2.h
new file mode 100644
index 0000000000..0b104be184
--- /dev/null
+++ b/src/lib/libssl/src/crypto/mdc2/mdc2.h
@@ -0,0 +1,100 @@
+/* crypto/mdc2/mdc2.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_MDC2_H
+#define HEADER_MDC2_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include "des.h"
+
+#define MDC2_BLOCK 8
+#define MDC2_DIGEST_LENGTH 16
+
+typedef struct mdc2_ctx_st
+ {
+ int num;
+ unsigned char data[MDC2_BLOCK];
+ des_cblock h,hh;
+ int pad_type; /* either 1 or 2, default 1 */
+ } MDC2_CTX;
+
+#ifndef NOPROTO
+
+void MDC2_Init(MDC2_CTX *c);
+void MDC2_Update(MDC2_CTX *c, unsigned char *data, unsigned long len);
+void MDC2_Final(unsigned char *md, MDC2_CTX *c);
+unsigned char *MDC2(unsigned char *d, unsigned long n, unsigned char *md);
+
+#else
+
+void MDC2_Init();
+void MDC2_Update();
+void MDC2_Final();
+unsigned char *MDC2();
+
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
+
diff --git a/src/lib/libssl/src/crypto/mem.c b/src/lib/libssl/src/crypto/mem.c
new file mode 100644
index 0000000000..72e501ad0f
--- /dev/null
+++ b/src/lib/libssl/src/crypto/mem.c
@@ -0,0 +1,353 @@
+/* crypto/mem.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "buffer.h"
+#include "bio.h"
+#include "lhash.h"
+#include "cryptlib.h"
+
+static int mh_mode=CRYPTO_MEM_CHECK_OFF;
+static unsigned long order=0;
+
+static LHASH *mh=NULL;
+
+typedef struct mem_st
+ {
+ char *addr;
+ int num;
+ char *file;
+ int line;
+ unsigned long order;
+ } MEM;
+
+int CRYPTO_mem_ctrl(mode)
+int mode;
+ {
+ int ret=mh_mode;
+
+ CRYPTO_w_lock(CRYPTO_LOCK_MALLOC);
+ switch (mode)
+ {
+ case CRYPTO_MEM_CHECK_ON:
+ mh_mode|=CRYPTO_MEM_CHECK_ON;
+ break;
+ case CRYPTO_MEM_CHECK_OFF:
+ mh_mode&= ~CRYPTO_MEM_CHECK_ON;
+ break;
+ default:
+ break;
+ }
+ CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC);
+ return(ret);
+ }
+
+static int mem_cmp(a,b)
+MEM *a,*b;
+ {
+ return(a->addr - b->addr);
+ }
+
+static unsigned long mem_hash(a)
+MEM *a;
+ {
+ unsigned long ret;
+
+ ret=(unsigned long)a->addr;
+
+ ret=ret*17851+(ret>>14)*7+(ret>>4)*251;
+ return(ret);
+ }
+
+static char *(*malloc_func)()= (char *(*)())malloc;
+static char *(*realloc_func)()= (char *(*)())realloc;
+static void (*free_func)()= (void (*)())free;
+
+void CRYPTO_set_mem_functions(m,r,f)
+char *(*m)();
+char *(*r)();
+void (*f)();
+ {
+ if ((m == NULL) || (r == NULL) || (f == NULL)) return;
+ malloc_func=m;
+ realloc_func=r;
+ free_func=f;
+ }
+
+void CRYPTO_get_mem_functions(m,r,f)
+char *(**m)();
+char *(**r)();
+void (**f)();
+ {
+ if (m != NULL) *m=malloc_func;
+ if (r != NULL) *r=realloc_func;
+ if (f != NULL) *f=free_func;
+ }
+
+char *CRYPTO_malloc(num)
+int num;
+ {
+ return(malloc_func(num));
+ }
+
+char *CRYPTO_realloc(str,num)
+char *str;
+int num;
+ {
+ return(realloc_func(str,num));
+ }
+
+void CRYPTO_free(str)
+char *str;
+ {
+ free_func(str);
+ }
+
+char *CRYPTO_dbg_malloc(num,file,line)
+int num;
+char *file;
+int line;
+ {
+ char *ret;
+ MEM *m,*mm;
+
+ if ((ret=malloc_func(num)) == NULL)
+ return(NULL);
+
+ if (mh_mode & CRYPTO_MEM_CHECK_ON)
+ {
+ if ((m=(MEM *)malloc(sizeof(MEM))) == NULL)
+ {
+ free(ret);
+ return(NULL);
+ }
+ CRYPTO_w_lock(CRYPTO_LOCK_MALLOC);
+ if (mh == NULL)
+ {
+ if ((mh=lh_new(mem_hash,mem_cmp)) == NULL)
+ {
+ free(ret);
+ free(m);
+ return(NULL);
+ }
+ }
+
+ m->addr=ret;
+ m->file=file;
+ m->line=line;
+ m->num=num;
+ m->order=order++;
+ if ((mm=(MEM *)lh_insert(mh,(char *)m)) != NULL)
+ {
+ /* Not good, but don't sweat it */
+ free(mm);
+ }
+ CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC);
+ }
+ return(ret);
+ }
+
+void CRYPTO_dbg_free(addr)
+char *addr;
+ {
+ MEM m,*mp;
+
+ if ((mh_mode & CRYPTO_MEM_CHECK_ON) && (mh != NULL))
+ {
+ CRYPTO_w_lock(CRYPTO_LOCK_MALLOC);
+ m.addr=addr;
+ mp=(MEM *)lh_delete(mh,(char *)&m);
+ if (mp != NULL)
+ free(mp);
+ CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC);
+ }
+ free_func(addr);
+ }
+
+char *CRYPTO_dbg_realloc(addr,num,file,line)
+char *addr;
+int num;
+char *file;
+int line;
+ {
+ char *ret;
+ MEM m,*mp;
+
+ ret=realloc_func(addr,num);
+ if (ret == addr) return(ret);
+
+ if (mh_mode & CRYPTO_MEM_CHECK_ON)
+ {
+ if (ret == NULL) return(NULL);
+ m.addr=addr;
+ CRYPTO_w_lock(CRYPTO_LOCK_MALLOC);
+ mp=(MEM *)lh_delete(mh,(char *)&m);
+ if (mp != NULL)
+ {
+ mp->addr=ret;
+ lh_insert(mh,(char *)mp);
+ }
+ CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC);
+ }
+ return(ret);
+ }
+
+char *CRYPTO_remalloc(a,n)
+char *a;
+int n;
+ {
+ if (a != NULL) Free(a);
+ a=(char *)Malloc(n);
+ return(a);
+ }
+
+char *CRYPTO_dbg_remalloc(a,n,file,line)
+char *a;
+int n;
+char *file;
+int line;
+ {
+ if (a != NULL) CRYPTO_dbg_free(a);
+ a=(char *)CRYPTO_dbg_malloc(n,file,line);
+ return(a);
+ }
+
+
+typedef struct mem_leak_st
+ {
+ BIO *bio;
+ int chunks;
+ long bytes;
+ } MEM_LEAK;
+
+static void print_leak(m,l)
+MEM *m;
+MEM_LEAK *l;
+ {
+ char buf[128];
+
+ sprintf(buf,"%5ld file=%s, line=%d, number=%d, address=%08lX\n",
+ m->order,m->file,m->line,m->num,(long)m->addr);
+ BIO_puts(l->bio,buf);
+ l->chunks++;
+ l->bytes+=m->num;
+ }
+
+void CRYPTO_mem_leaks(b)
+BIO *b;
+ {
+ MEM_LEAK ml;
+ char buf[80];
+
+ if (mh == NULL) return;
+ ml.bio=b;
+ ml.bytes=0;
+ ml.chunks=0;
+ CRYPTO_w_lock(CRYPTO_LOCK_MALLOC);
+ lh_doall_arg(mh,(void (*)())print_leak,(char *)&ml);
+ CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC);
+ if (ml.chunks != 0)
+ {
+ sprintf(buf,"%ld bytes leaked in %d chunks\n",
+ ml.bytes,ml.chunks);
+ BIO_puts(b,buf);
+ }
+ /*
+ lh_stats_bio(mh,b);
+ lh_node_stats_bio(mh,b);
+ lh_node_usage_stats_bio(mh,b);
+ */
+ }
+
+static void (*mem_cb)()=NULL;
+
+static void cb_leak(m,cb)
+MEM *m;
+char *cb;
+ {
+ void (*mem_callback)()=(void (*)())cb;
+ mem_callback(m->order,m->file,m->line,m->num,m->addr);
+ }
+
+void CRYPTO_mem_leaks_cb(cb)
+void (*cb)();
+ {
+ if (mh == NULL) return;
+ CRYPTO_w_lock(CRYPTO_LOCK_MALLOC);
+ mem_cb=cb;
+ lh_doall_arg(mh,(void (*)())cb_leak,(char *)mem_cb);
+ mem_cb=NULL;
+ CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC);
+ }
+
+#ifndef NO_FP_API
+void CRYPTO_mem_leaks_fp(fp)
+FILE *fp;
+ {
+ BIO *b;
+
+ if (mh == NULL) return;
+ if ((b=BIO_new(BIO_s_file())) == NULL)
+ return;
+ BIO_set_fp(b,fp,BIO_NOCLOSE);
+ CRYPTO_mem_leaks(b);
+ BIO_free(b);
+ }
+#endif
+
diff --git a/src/lib/libssl/src/crypto/objects/obj_dat.c b/src/lib/libssl/src/crypto/objects/obj_dat.c
new file mode 100644
index 0000000000..34866ebbd2
--- /dev/null
+++ b/src/lib/libssl/src/crypto/objects/obj_dat.c
@@ -0,0 +1,578 @@
+/* crypto/objects/obj_dat.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <ctype.h>
+#include "cryptlib.h"
+#include "lhash.h"
+#include "asn1.h"
+#include "objects.h"
+
+/* obj_dat.h is generated from objects.h by obj_dat.pl */
+#include "obj_dat.h"
+
+#ifndef NOPROTO
+static int sn_cmp(ASN1_OBJECT **a, ASN1_OBJECT **b);
+static int ln_cmp(ASN1_OBJECT **a, ASN1_OBJECT **b);
+static int obj_cmp(ASN1_OBJECT **a, ASN1_OBJECT **b);
+#else
+static int sn_cmp();
+static int ln_cmp();
+static int obj_cmp();
+#endif
+
+#define ADDED_DATA 0
+#define ADDED_SNAME 1
+#define ADDED_LNAME 2
+#define ADDED_NID 3
+
+typedef struct added_obj_st
+ {
+ int type;
+ ASN1_OBJECT *obj;
+ } ADDED_OBJ;
+
+static int new_nid=NUM_NID;
+static LHASH *added=NULL;
+
+static int sn_cmp(ap,bp)
+ASN1_OBJECT **ap;
+ASN1_OBJECT **bp;
+ { return(strcmp((*ap)->sn,(*bp)->sn)); }
+
+static int ln_cmp(ap,bp)
+ASN1_OBJECT **ap;
+ASN1_OBJECT **bp;
+ { return(strcmp((*ap)->ln,(*bp)->ln)); }
+
+static unsigned long add_hash(ca)
+ADDED_OBJ *ca;
+ {
+ ASN1_OBJECT *a;
+ int i;
+ unsigned long ret=0;
+ unsigned char *p;
+
+ a=ca->obj;
+ switch (ca->type)
+ {
+ case ADDED_DATA:
+ ret=a->length<<20L;
+ p=(unsigned char *)a->data;
+ for (i=0; i<a->length; i++)
+ ret^=p[i]<<((i*3)%24);
+ break;
+ case ADDED_SNAME:
+ ret=lh_strhash(a->sn);
+ break;
+ case ADDED_LNAME:
+ ret=lh_strhash(a->ln);
+ break;
+ case ADDED_NID:
+ ret=a->nid;
+ break;
+ default:
+ abort();
+ }
+ ret&=0x3fffffffL;
+ ret|=ca->type<<30L;
+ return(ret);
+ }
+
+static int add_cmp(ca,cb)
+ADDED_OBJ *ca,*cb;
+ {
+ ASN1_OBJECT *a,*b;
+ int i;
+
+ i=ca->type-cb->type;
+ if (i) return(i);
+ a=ca->obj;
+ b=cb->obj;
+ switch (ca->type)
+ {
+ case ADDED_DATA:
+ i=(a->length - b->length);
+ if (i) return(i);
+ return(memcmp(a->data,b->data,a->length));
+ case ADDED_SNAME:
+ if (a->sn == NULL) return(-1);
+ else if (b->sn == NULL) return(1);
+ else return(strcmp(a->sn,b->sn));
+ case ADDED_LNAME:
+ if (a->ln == NULL) return(-1);
+ else if (b->ln == NULL) return(1);
+ else return(strcmp(a->ln,b->ln));
+ case ADDED_NID:
+ return(a->nid-b->nid);
+ default:
+ abort();
+ }
+ }
+
+static int init_added()
+ {
+ if (added != NULL) return(1);
+ added=lh_new(add_hash,add_cmp);
+ return(added != NULL);
+ }
+
+static void cleanup1(a)
+ADDED_OBJ *a;
+ {
+ a->obj->nid=0;
+ a->obj->flags|=ASN1_OBJECT_FLAG_DYNAMIC|
+ ASN1_OBJECT_FLAG_DYNAMIC_STRINGS;
+ }
+
+static void cleanup2(a)
+ADDED_OBJ *a;
+ { a->obj->nid++; }
+
+static void cleanup3(a)
+ADDED_OBJ *a;
+ {
+ if (--a->obj->nid == 0)
+ ASN1_OBJECT_free(a->obj);
+ Free(a);
+ }
+
+void OBJ_cleanup()
+ {
+ if (added == NULL) return;
+ added->down_load=0;
+ lh_doall(added,cleanup1); /* zero counters */
+ lh_doall(added,cleanup2); /* set counters */
+ lh_doall(added,cleanup3); /* free objects */
+ lh_free(added);
+ added=NULL;
+ }
+
+int OBJ_new_nid(num)
+int num;
+ {
+ int i;
+
+ i=new_nid;
+ new_nid+=num;
+ return(i);
+ }
+
+int OBJ_add_object(obj)
+ASN1_OBJECT *obj;
+ {
+ ASN1_OBJECT *o;
+ ADDED_OBJ *ao[4],*aop;
+ int i;
+
+ if (added == NULL)
+ if (!init_added()) return(0);
+ if ((o=OBJ_dup(obj)) == NULL) goto err;
+ ao[ADDED_DATA]=NULL;
+ ao[ADDED_SNAME]=NULL;
+ ao[ADDED_LNAME]=NULL;
+ ao[ADDED_NID]=NULL;
+ ao[ADDED_NID]=(ADDED_OBJ *)Malloc(sizeof(ADDED_OBJ));
+ if ((o->length != 0) && (obj->data != NULL))
+ ao[ADDED_DATA]=(ADDED_OBJ *)Malloc(sizeof(ADDED_OBJ));
+ if (o->sn != NULL)
+ ao[ADDED_SNAME]=(ADDED_OBJ *)Malloc(sizeof(ADDED_OBJ));
+ if (o->ln != NULL)
+ ao[ADDED_LNAME]=(ADDED_OBJ *)Malloc(sizeof(ADDED_OBJ));
+
+ for (i=ADDED_DATA; i<=ADDED_NID; i++)
+ {
+ if (ao[i] != NULL)
+ {
+ ao[i]->type=i;
+ ao[i]->obj=o;
+ aop=(ADDED_OBJ *)lh_insert(added,(char *)ao[i]);
+ /* memory leak, buit should not normally matter */
+ if (aop != NULL)
+ Free(aop);
+ }
+ }
+ o->flags&= ~(ASN1_OBJECT_FLAG_DYNAMIC|ASN1_OBJECT_FLAG_DYNAMIC_STRINGS);
+ return(o->nid);
+err:
+ for (i=ADDED_DATA; i<=ADDED_NID; i++)
+ if (ao[i] != NULL) Free(ao[i]);
+ if (o != NULL) Free(o);
+ return(NID_undef);
+ }
+
+ASN1_OBJECT *OBJ_nid2obj(n)
+int n;
+ {
+ ADDED_OBJ ad,*adp;
+ ASN1_OBJECT ob;
+
+ if ((n >= 0) && (n < NUM_NID))
+ {
+ if ((n != NID_undef) && (nid_objs[n].nid == NID_undef))
+ {
+ OBJerr(OBJ_F_OBJ_NID2OBJ,OBJ_R_UNKNOWN_NID);
+ return(NULL);
+ }
+ return((ASN1_OBJECT *)&(nid_objs[n]));
+ }
+ else if (added == NULL)
+ return(NULL);
+ else
+ {
+ ad.type=ADDED_NID;
+ ad.obj= &ob;
+ ob.nid=n;
+ adp=(ADDED_OBJ *)lh_retrieve(added,(char *)&ad);
+ if (adp != NULL)
+ return(adp->obj);
+ else
+ {
+ OBJerr(OBJ_F_OBJ_NID2OBJ,OBJ_R_UNKNOWN_NID);
+ return(NULL);
+ }
+ }
+ }
+
+char *OBJ_nid2sn(n)
+int n;
+ {
+ ADDED_OBJ ad,*adp;
+ ASN1_OBJECT ob;
+
+ if ((n >= 0) && (n < NUM_NID))
+ {
+ if ((n != NID_undef) && (nid_objs[n].nid == NID_undef))
+ {
+ OBJerr(OBJ_F_OBJ_NID2SN,OBJ_R_UNKNOWN_NID);
+ return(NULL);
+ }
+ return(nid_objs[n].sn);
+ }
+ else if (added == NULL)
+ return(NULL);
+ else
+ {
+ ad.type=ADDED_NID;
+ ad.obj= &ob;
+ ob.nid=n;
+ adp=(ADDED_OBJ *)lh_retrieve(added,(char *)&ad);
+ if (adp != NULL)
+ return(adp->obj->sn);
+ else
+ {
+ OBJerr(OBJ_F_OBJ_NID2SN,OBJ_R_UNKNOWN_NID);
+ return(NULL);
+ }
+ }
+ }
+
+char *OBJ_nid2ln(n)
+int n;
+ {
+ ADDED_OBJ ad,*adp;
+ ASN1_OBJECT ob;
+
+ if ((n >= 0) && (n < NUM_NID))
+ {
+ if ((n != NID_undef) && (nid_objs[n].nid == NID_undef))
+ {
+ OBJerr(OBJ_F_OBJ_NID2LN,OBJ_R_UNKNOWN_NID);
+ return(NULL);
+ }
+ return(nid_objs[n].ln);
+ }
+ else if (added == NULL)
+ return(NULL);
+ else
+ {
+ ad.type=ADDED_NID;
+ ad.obj= &ob;
+ ob.nid=n;
+ adp=(ADDED_OBJ *)lh_retrieve(added,(char *)&ad);
+ if (adp != NULL)
+ return(adp->obj->ln);
+ else
+ {
+ OBJerr(OBJ_F_OBJ_NID2LN,OBJ_R_UNKNOWN_NID);
+ return(NULL);
+ }
+ }
+ }
+
+int OBJ_obj2nid(a)
+ASN1_OBJECT *a;
+ {
+ ASN1_OBJECT **op;
+ ADDED_OBJ ad,*adp;
+
+ if (a == NULL)
+ return(NID_undef);
+ if (a->nid != 0)
+ return(a->nid);
+
+ if (added != NULL)
+ {
+ ad.type=ADDED_DATA;
+ ad.obj=a;
+ adp=(ADDED_OBJ *)lh_retrieve(added,(char *)&ad);
+ if (adp != NULL) return (adp->obj->nid);
+ }
+ op=(ASN1_OBJECT **)OBJ_bsearch((char *)&a,(char *)obj_objs,NUM_OBJ,
+ sizeof(ASN1_OBJECT *),(int (*)())obj_cmp);
+ if (op == NULL)
+ return(NID_undef);
+ return((*op)->nid);
+ }
+
+int OBJ_txt2nid(s)
+char *s;
+ {
+ int ret;
+
+ ret=OBJ_sn2nid(s);
+ if (ret == NID_undef)
+ {
+ ret=OBJ_ln2nid(s);
+ if (ret == NID_undef)
+ {
+ ASN1_OBJECT *op=NULL;
+ unsigned char *buf,*p;
+ int i;
+
+ i=a2d_ASN1_OBJECT(NULL,0,s,-1);
+ if (i <= 0)
+ {
+ /* clear the error */
+ ERR_get_error();
+ return(0);
+ }
+
+ if ((buf=(unsigned char *)Malloc(i)) == NULL)
+ return(NID_undef);
+ a2d_ASN1_OBJECT(buf,i,s,-1);
+ p=buf;
+ op=d2i_ASN1_OBJECT(NULL,&p,i);
+ if (op == NULL) return(NID_undef);
+ ret=OBJ_obj2nid(op);
+ ASN1_OBJECT_free(op);
+ Free(buf);
+ }
+ }
+ return(ret);
+ }
+
+int OBJ_ln2nid(s)
+char *s;
+ {
+ ASN1_OBJECT o,*oo= &o,**op;
+ ADDED_OBJ ad,*adp;
+
+ o.ln=s;
+ if (added != NULL)
+ {
+ ad.type=ADDED_LNAME;
+ ad.obj= &o;
+ adp=(ADDED_OBJ *)lh_retrieve(added,(char *)&ad);
+ if (adp != NULL) return (adp->obj->nid);
+ }
+ op=(ASN1_OBJECT **)OBJ_bsearch((char *)&oo,(char *)ln_objs,NUM_LN,
+ sizeof(ASN1_OBJECT *),(int (*)())ln_cmp);
+ if (op == NULL) return(NID_undef);
+ return((*op)->nid);
+ }
+
+int OBJ_sn2nid(s)
+char *s;
+ {
+ ASN1_OBJECT o,*oo= &o,**op;
+ ADDED_OBJ ad,*adp;
+
+ o.sn=s;
+ if (added != NULL)
+ {
+ ad.type=ADDED_SNAME;
+ ad.obj= &o;
+ adp=(ADDED_OBJ *)lh_retrieve(added,(char *)&ad);
+ if (adp != NULL) return (adp->obj->nid);
+ }
+ op=(ASN1_OBJECT **)OBJ_bsearch((char *)&oo,(char *)sn_objs,NUM_SN,
+ sizeof(ASN1_OBJECT *),(int (*)())sn_cmp);
+ if (op == NULL) return(NID_undef);
+ return((*op)->nid);
+ }
+
+static int obj_cmp(ap, bp)
+ASN1_OBJECT **ap;
+ASN1_OBJECT **bp;
+ {
+ int j;
+ ASN1_OBJECT *a= *ap;
+ ASN1_OBJECT *b= *bp;
+
+ j=(a->length - b->length);
+ if (j) return(j);
+ return(memcmp(a->data,b->data,a->length));
+ }
+
+char *OBJ_bsearch(key,base,num,size,cmp)
+char *key;
+char *base;
+int num;
+int size;
+int (*cmp)();
+ {
+ int l,h,i,c;
+ char *p;
+
+ if (num == 0) return(NULL);
+ l=0;
+ h=num;
+ while (l < h)
+ {
+ i=(l+h)/2;
+ p= &(base[i*size]);
+ c=(*cmp)(key,p);
+ if (c < 0)
+ h=i;
+ else if (c > 0)
+ l=i+1;
+ else
+ return(p);
+ }
+ return(NULL);
+ }
+
+int OBJ_create_objects(in)
+BIO *in;
+ {
+ MS_STATIC char buf[512];
+ int i,num= -1;
+ char *o,*s,*l=NULL;
+
+ for (;;)
+ {
+ s=o=NULL;
+ i=BIO_gets(in,buf,512);
+ if (i <= 0) return(num);
+ buf[i-1]='\0';
+ if (!isalnum(buf[0])) return(num);
+ o=s=buf;
+ while (isdigit(*s) || (*s == '.'))
+ s++;
+ if (*s != '\0')
+ {
+ *(s++)='\0';
+ while (isspace(*s))
+ s++;
+ if (*s == '\0')
+ s=NULL;
+ else
+ {
+ l=s;
+ while ((*l != '\0') && !isspace(*l))
+ l++;
+ if (*l != '\0')
+ {
+ *(l++)='\0';
+ while (isspace(*l))
+ l++;
+ if (*l == '\0') l=NULL;
+ }
+ else
+ l=NULL;
+ }
+ }
+ else
+ s=NULL;
+ if ((o == NULL) || (*o == '\0')) return(num);
+ if (!OBJ_create(o,s,l)) return(num);
+ num++;
+ }
+ return(num);
+ }
+
+int OBJ_create(oid,sn,ln)
+char *oid;
+char *sn;
+char *ln;
+ {
+ int ok=0;
+ ASN1_OBJECT *op=NULL;
+ unsigned char *buf;
+ int i;
+
+ i=a2d_ASN1_OBJECT(NULL,0,oid,-1);
+ if (i <= 0) return(0);
+
+ if ((buf=(unsigned char *)Malloc(i)) == NULL)
+ {
+ OBJerr(OBJ_F_OBJ_CREATE,OBJ_R_MALLOC_FAILURE);
+ return(0);
+ }
+ i=a2d_ASN1_OBJECT(buf,i,oid,-1);
+ op=(ASN1_OBJECT *)ASN1_OBJECT_create(OBJ_new_nid(1),buf,i,sn,ln);
+ if (op == NULL)
+ goto err;
+ ok=OBJ_add_object(op);
+err:
+ ASN1_OBJECT_free(op);
+ Free((char *)buf);
+ return(ok);
+ }
+
diff --git a/src/lib/libssl/src/crypto/objects/obj_dat.h b/src/lib/libssl/src/crypto/objects/obj_dat.h
new file mode 100644
index 0000000000..48143ae3c7
--- /dev/null
+++ b/src/lib/libssl/src/crypto/objects/obj_dat.h
@@ -0,0 +1,656 @@
+/* lib/obj/obj_dat.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* THIS FILE IS GENERATED FROM Objects.h by obj_dat.pl via the
+ * following command:
+ * perl obj_dat.pl < objects.h > obj_dat.h
+ */
+
+#define NUM_NID 124
+#define NUM_SN 95
+#define NUM_LN 122
+#define NUM_OBJ 95
+
+static unsigned char lvalues[600]={
+0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 0] OBJ_rsadsi */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 6] OBJ_pkcs */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02, /* [ 13] OBJ_md2 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x05, /* [ 21] OBJ_md5 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x04, /* [ 29] OBJ_rc4 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x01,/* [ 37] OBJ_rsaEncryption */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x02,/* [ 46] OBJ_md2WithRSAEncryption */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x04,/* [ 55] OBJ_md5WithRSAEncryption */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x01,/* [ 64] OBJ_pbeWithMD2AndDES_CBC */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x03,/* [ 73] OBJ_pbeWithMD5AndDES_CBC */
+0x55, /* [ 82] OBJ_X500 */
+0x55,0x04, /* [ 83] OBJ_X509 */
+0x55,0x04,0x03, /* [ 85] OBJ_commonName */
+0x55,0x04,0x06, /* [ 88] OBJ_countryName */
+0x55,0x04,0x07, /* [ 91] OBJ_localityName */
+0x55,0x04,0x08, /* [ 94] OBJ_stateOrProvinceName */
+0x55,0x04,0x0A, /* [ 97] OBJ_organizationName */
+0x55,0x04,0x0B, /* [100] OBJ_organizationalUnitName */
+0x55,0x08,0x01,0x01, /* [103] OBJ_rsa */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07, /* [107] OBJ_pkcs7 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x01,/* [115] OBJ_pkcs7_data */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x02,/* [124] OBJ_pkcs7_signed */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x03,/* [133] OBJ_pkcs7_enveloped */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x04,/* [142] OBJ_pkcs7_signedAndEnveloped */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x05,/* [151] OBJ_pkcs7_digest */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x06,/* [160] OBJ_pkcs7_encrypted */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x03, /* [169] OBJ_pkcs3 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x03,0x01,/* [177] OBJ_dhKeyAgreement */
+0x2B,0x0E,0x03,0x02,0x06, /* [186] OBJ_des_ecb */
+0x2B,0x0E,0x03,0x02,0x09, /* [191] OBJ_des_cfb64 */
+0x2B,0x0E,0x03,0x02,0x07, /* [196] OBJ_des_cbc */
+0x2B,0x0E,0x03,0x02,0x11, /* [201] OBJ_des_ede */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x02, /* [206] OBJ_rc2_cbc */
+0x2B,0x0E,0x03,0x02,0x12, /* [214] OBJ_sha */
+0x2B,0x0E,0x03,0x02,0x0F, /* [219] OBJ_shaWithRSAEncryption */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x07, /* [224] OBJ_des_ede3_cbc */
+0x2B,0x0E,0x03,0x02,0x08, /* [232] OBJ_des_ofb64 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09, /* [237] OBJ_pkcs9 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x01,/* [245] OBJ_pkcs9_emailAddress */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x02,/* [254] OBJ_pkcs9_unstructuredName */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x03,/* [263] OBJ_pkcs9_contentType */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x04,/* [272] OBJ_pkcs9_messageDigest */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x05,/* [281] OBJ_pkcs9_signingTime */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x06,/* [290] OBJ_pkcs9_countersignature */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x07,/* [299] OBJ_pkcs9_challengePassword */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x08,/* [308] OBJ_pkcs9_unstructuredAddress */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x09,/* [317] OBJ_pkcs9_extCertAttributes */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42, /* [326] OBJ_netscape */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01, /* [333] OBJ_netscape_cert_extension */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x02, /* [341] OBJ_netscape_data_type */
+0x2B,0x0E,0x03,0x02,0x1A, /* [349] OBJ_sha1 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x05,/* [354] OBJ_sha1WithRSAEncryption */
+0x2B,0x0E,0x03,0x02,0x0D, /* [363] OBJ_dsaWithSHA */
+0x2B,0x0E,0x03,0x02,0x0C, /* [368] OBJ_dsa_2 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0B,/* [373] OBJ_pbeWithSHA1AndRC2_CBC */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0C,/* [382] OBJ_pbeWithSHA1AndRC4 */
+0x2B,0x0E,0x03,0x02,0x1B, /* [391] OBJ_dsaWithSHA1_2 */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x01,/* [396] OBJ_netscape_cert_type */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x02,/* [405] OBJ_netscape_base_url */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x03,/* [414] OBJ_netscape_revocation_url */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x04,/* [423] OBJ_netscape_ca_revocation_url */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x07,/* [432] OBJ_netscape_renewal_url */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x08,/* [441] OBJ_netscape_ca_policy_url */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x0C,/* [450] OBJ_netscape_ssl_server_name */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x0D,/* [459] OBJ_netscape_comment */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x02,0x05,/* [468] OBJ_netscape_cert_sequence */
+0x55,0x1D, /* [477] OBJ_ld_ce */
+0x55,0x1D,0x0E, /* [479] OBJ_subject_key_identifier */
+0x55,0x1D,0x0F, /* [482] OBJ_key_usage */
+0x55,0x1D,0x10, /* [485] OBJ_private_key_usage_period */
+0x55,0x1D,0x11, /* [488] OBJ_subject_alt_name */
+0x55,0x1D,0x12, /* [491] OBJ_issuer_alt_name */
+0x55,0x1D,0x13, /* [494] OBJ_basic_constraints */
+0x55,0x1D,0x14, /* [497] OBJ_crl_number */
+0x55,0x1D,0x20, /* [500] OBJ_certificate_policies */
+0x55,0x1D,0x23, /* [503] OBJ_authority_key_identifier */
+0x55,0x08,0x03,0x65, /* [506] OBJ_mdc2 */
+0x55,0x08,0x03,0x64, /* [510] OBJ_mdc2WithRSA */
+0x55,0x04,0x2A, /* [514] OBJ_givenName */
+0x55,0x04,0x04, /* [517] OBJ_surname */
+0x55,0x04,0x2B, /* [520] OBJ_initials */
+0x55,0x04,0x2D, /* [523] OBJ_uniqueIdentifier */
+0x55,0x1D,0x1F, /* [526] OBJ_crl_distribution_points */
+0x2B,0x0E,0x03,0x02,0x03, /* [529] OBJ_md5WithRSA */
+0x55,0x04,0x05, /* [534] OBJ_serialNumber */
+0x55,0x04,0x0C, /* [537] OBJ_title */
+0x55,0x04,0x0D, /* [540] OBJ_description */
+0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0A,/* [543] OBJ_cast5_cbc */
+0x2A,0x86,0x48,0x86,0xF6,0x7D,0x07,0x42,0x0C,/* [552] OBJ_pbeWithMD5AndCast5_CBC */
+0x2A,0x86,0x48,0xCE,0x38,0x04,0x03, /* [561] OBJ_dsaWithSHA1 */
+0x2B,0x0E,0x03,0x02,0x1D, /* [568] OBJ_sha1WithRSA */
+0x2A,0x86,0x48,0xCE,0x38,0x04,0x01, /* [573] OBJ_dsa */
+0x2B,0x24,0x03,0x02,0x01, /* [580] OBJ_ripemd160 */
+0x2B,0x24,0x03,0x03,0x01,0x02, /* [585] OBJ_ripemd160WithRSA */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x08, /* [591] OBJ_rc5_cbc */
+};
+
+static ASN1_OBJECT nid_objs[NUM_NID]={
+{"UNDEF","undefined",NID_undef,0,NULL},
+{"rsadsi","rsadsi",NID_rsadsi,6,&(lvalues[0]),0},
+{"pkcs","pkcs",NID_pkcs,7,&(lvalues[6]),0},
+{"MD2","md2",NID_md2,8,&(lvalues[13]),0},
+{"MD5","md5",NID_md5,8,&(lvalues[21]),0},
+{"RC4","rc4",NID_rc4,8,&(lvalues[29]),0},
+{"rsaEncryption","rsaEncryption",NID_rsaEncryption,9,&(lvalues[37]),0},
+{"RSA-MD2","md2WithRSAEncryption",NID_md2WithRSAEncryption,9,
+ &(lvalues[46]),0},
+{"RSA-MD5","md5WithRSAEncryption",NID_md5WithRSAEncryption,9,
+ &(lvalues[55]),0},
+{"pbeWithMD2AndDES-CBC","pbeWithMD2AndDES-CBC",
+ NID_pbeWithMD2AndDES_CBC,9,&(lvalues[64]),0},
+{"pbeWithMD5AndDES-CBC","pbeWithMD5AndDES-CBC",
+ NID_pbeWithMD5AndDES_CBC,9,&(lvalues[73]),0},
+{"X500","X500",NID_X500,1,&(lvalues[82]),0},
+{"X509","X509",NID_X509,2,&(lvalues[83]),0},
+{"CN","commonName",NID_commonName,3,&(lvalues[85]),0},
+{"C","countryName",NID_countryName,3,&(lvalues[88]),0},
+{"L","localityName",NID_localityName,3,&(lvalues[91]),0},
+{"ST","stateOrProvinceName",NID_stateOrProvinceName,3,&(lvalues[94]),0},
+{"O","organizationName",NID_organizationName,3,&(lvalues[97]),0},
+{"OU","organizationalUnitName",NID_organizationalUnitName,3,
+ &(lvalues[100]),0},
+{"RSA","rsa",NID_rsa,4,&(lvalues[103]),0},
+{"pkcs7","pkcs7",NID_pkcs7,8,&(lvalues[107]),0},
+{"pkcs7-data","pkcs7-data",NID_pkcs7_data,9,&(lvalues[115]),0},
+{"pkcs7-signedData","pkcs7-signedData",NID_pkcs7_signed,9,
+ &(lvalues[124]),0},
+{"pkcs7-envelopedData","pkcs7-envelopedData",NID_pkcs7_enveloped,9,
+ &(lvalues[133]),0},
+{"pkcs7-signedAndEnvelopedData","pkcs7-signedAndEnvelopedData",
+ NID_pkcs7_signedAndEnveloped,9,&(lvalues[142]),0},
+{"pkcs7-digestData","pkcs7-digestData",NID_pkcs7_digest,9,
+ &(lvalues[151]),0},
+{"pkcs7-encryptedData","pkcs7-encryptedData",NID_pkcs7_encrypted,9,
+ &(lvalues[160]),0},
+{"pkcs3","pkcs3",NID_pkcs3,8,&(lvalues[169]),0},
+{"dhKeyAgreement","dhKeyAgreement",NID_dhKeyAgreement,9,
+ &(lvalues[177]),0},
+{"DES-ECB","des-ecb",NID_des_ecb,5,&(lvalues[186]),0},
+{"DES-CFB","des-cfb",NID_des_cfb64,5,&(lvalues[191]),0},
+{"DES-CBC","des-cbc",NID_des_cbc,5,&(lvalues[196]),0},
+{"DES-EDE","des-ede",NID_des_ede,5,&(lvalues[201]),0},
+{"DES-EDE3","des-ede3",NID_des_ede3,0,NULL},
+{"IDEA-CBC","idea-cbc",NID_idea_cbc,0,NULL},
+{"IDEA-CFB","idea-cfb",NID_idea_cfb64,0,NULL},
+{"IDEA-ECB","idea-ecb",NID_idea_ecb,0,NULL},
+{"RC2-CBC","rc2-cbc",NID_rc2_cbc,8,&(lvalues[206]),0},
+{"RC2-ECB","rc2-ecb",NID_rc2_ecb,0,NULL},
+{"RC2-CFB","rc2-cfb",NID_rc2_cfb64,0,NULL},
+{"RC2-OFB","rc2-ofb",NID_rc2_ofb64,0,NULL},
+{"SHA","sha",NID_sha,5,&(lvalues[214]),0},
+{"RSA-SHA","shaWithRSAEncryption",NID_shaWithRSAEncryption,5,
+ &(lvalues[219]),0},
+{"DES-EDE-CBC","des-ede-cbc",NID_des_ede_cbc,0,NULL},
+{"DES-EDE3-CBC","des-ede3-cbc",NID_des_ede3_cbc,8,&(lvalues[224]),0},
+{"DES-OFB","des-ofb",NID_des_ofb64,5,&(lvalues[232]),0},
+{"IDEA-OFB","idea-ofb",NID_idea_ofb64,0,NULL},
+{"pkcs9","pkcs9",NID_pkcs9,8,&(lvalues[237]),0},
+{"Email","emailAddress",NID_pkcs9_emailAddress,9,&(lvalues[245]),0},
+{"unstructuredName","unstructuredName",NID_pkcs9_unstructuredName,9,
+ &(lvalues[254]),0},
+{"contentType","contentType",NID_pkcs9_contentType,9,&(lvalues[263]),0},
+{"messageDigest","messageDigest",NID_pkcs9_messageDigest,9,
+ &(lvalues[272]),0},
+{"signingTime","signingTime",NID_pkcs9_signingTime,9,&(lvalues[281]),0},
+{"countersignature","countersignature",NID_pkcs9_countersignature,9,
+ &(lvalues[290]),0},
+{"challengePassword","challengePassword",NID_pkcs9_challengePassword,
+ 9,&(lvalues[299]),0},
+{"unstructuredAddress","unstructuredAddress",
+ NID_pkcs9_unstructuredAddress,9,&(lvalues[308]),0},
+{"extendedCertificateAttributes","extendedCertificateAttributes",
+ NID_pkcs9_extCertAttributes,9,&(lvalues[317]),0},
+{"Netscape","Netscape Communications Corp.",NID_netscape,7,
+ &(lvalues[326]),0},
+{"nsCertExt","Netscape Certificate Extension",
+ NID_netscape_cert_extension,8,&(lvalues[333]),0},
+{"nsDataType","Netscape Data Type",NID_netscape_data_type,8,
+ &(lvalues[341]),0},
+{"DES-EDE-CFB","des-ede-cfb",NID_des_ede_cfb64,0,NULL},
+{"DES-EDE3-CFB","des-ede3-cfb",NID_des_ede3_cfb64,0,NULL},
+{"DES-EDE-OFB","des-ede-ofb",NID_des_ede_ofb64,0,NULL},
+{"DES-EDE3-OFB","des-ede3-ofb",NID_des_ede3_ofb64,0,NULL},
+{"SHA1","sha1",NID_sha1,5,&(lvalues[349]),0},
+{"RSA-SHA1","sha1WithRSAEncryption",NID_sha1WithRSAEncryption,9,
+ &(lvalues[354]),0},
+{"DSA-SHA","dsaWithSHA",NID_dsaWithSHA,5,&(lvalues[363]),0},
+{"DSA-old","dsaEncryption-old",NID_dsa_2,5,&(lvalues[368]),0},
+{"pbeWithSHA1AndRC2-CBC","pbeWithSHA1AndRC2-CBC",
+ NID_pbeWithSHA1AndRC2_CBC,9,&(lvalues[373]),0},
+{"pbeWithSHA1AndRC4","pbeWithSHA1AndRC4",NID_pbeWithSHA1AndRC4,9,
+ &(lvalues[382]),0},
+{"DSA-SHA1-old","dsaWithSHA1",NID_dsaWithSHA1_2,5,&(lvalues[391]),0},
+{"nsCertType","Netscape Cert Type",NID_netscape_cert_type,9,
+ &(lvalues[396]),0},
+{"nsBaseUrl","Netscape Base Url",NID_netscape_base_url,9,
+ &(lvalues[405]),0},
+{"nsRevocationUrl","Netscape Revocation Url",
+ NID_netscape_revocation_url,9,&(lvalues[414]),0},
+{"nsCaRevocationUrl","Netscape CA Revocation Url",
+ NID_netscape_ca_revocation_url,9,&(lvalues[423]),0},
+{"nsRenewalUrl","Netscape Renewal Url",NID_netscape_renewal_url,9,
+ &(lvalues[432]),0},
+{"nsCaPolicyUrl","Netscape CA Policy Url",NID_netscape_ca_policy_url,
+ 9,&(lvalues[441]),0},
+{"nsSslServerName","Netscape SSL Server Name",
+ NID_netscape_ssl_server_name,9,&(lvalues[450]),0},
+{"nsComment","Netscape Comment",NID_netscape_comment,9,&(lvalues[459]),0},
+{"nsCertSequence","Netscape Certificate Sequence",
+ NID_netscape_cert_sequence,9,&(lvalues[468]),0},
+{"DESX-CBC","desx-cbc",NID_desx_cbc,0,NULL},
+{"ld-ce","ld-ce",NID_ld_ce,2,&(lvalues[477]),0},
+{"subjectKeyIdentifier","X509v3 Subject Key Identifier",
+ NID_subject_key_identifier,3,&(lvalues[479]),0},
+{"keyUsage","X509v3 Key Usage",NID_key_usage,3,&(lvalues[482]),0},
+{"privateKeyUsagePeriod","X509v3 Private Key Usage Period",
+ NID_private_key_usage_period,3,&(lvalues[485]),0},
+{"subjectAltName","X509v3 Subject Alternative Name",
+ NID_subject_alt_name,3,&(lvalues[488]),0},
+{"issuerAltName","X509v3 Issuer Alternative Name",NID_issuer_alt_name,
+ 3,&(lvalues[491]),0},
+{"basicConstraints","X509v3 Basic Constraints",NID_basic_constraints,
+ 3,&(lvalues[494]),0},
+{"crlNumber","X509v3 CRL Number",NID_crl_number,3,&(lvalues[497]),0},
+{"certificatePolicies","X509v3 Certificate Policies",
+ NID_certificate_policies,3,&(lvalues[500]),0},
+{"authorityKeyIdentifier","X509v3 Authority Key Identifier",
+ NID_authority_key_identifier,3,&(lvalues[503]),0},
+{"BF-CBC","bf-cbc",NID_bf_cbc,0,NULL},
+{"BF-ECB","bf-ecb",NID_bf_ecb,0,NULL},
+{"BF-CFB","bf-cfb",NID_bf_cfb64,0,NULL},
+{"BF-OFB","bf-ofb",NID_bf_ofb64,0,NULL},
+{"MDC2","mdc2",NID_mdc2,4,&(lvalues[506]),0},
+{"RSA-MDC2","mdc2withRSA",NID_mdc2WithRSA,4,&(lvalues[510]),0},
+{"RC4-40","rc4-40",NID_rc4_40,0,NULL},
+{"RC2-40-CBC","rc2-40-cbc",NID_rc2_40_cbc,0,NULL},
+{"G","givenName",NID_givenName,3,&(lvalues[514]),0},
+{"S","surname",NID_surname,3,&(lvalues[517]),0},
+{"I","initials",NID_initials,3,&(lvalues[520]),0},
+{"UID","uniqueIdentifier",NID_uniqueIdentifier,3,&(lvalues[523]),0},
+{"crlDistributionPoints","X509v3 CRL Distribution Points",
+ NID_crl_distribution_points,3,&(lvalues[526]),0},
+{"RSA-NP-MD5","md5WithRSA",NID_md5WithRSA,5,&(lvalues[529]),0},
+{"SN","serialNumber",NID_serialNumber,3,&(lvalues[534]),0},
+{"T","title",NID_title,3,&(lvalues[537]),0},
+{"D","description",NID_description,3,&(lvalues[540]),0},
+{"CAST5-CBC","cast5-cbc",NID_cast5_cbc,9,&(lvalues[543]),0},
+{"CAST5-ECB","cast5-ecb",NID_cast5_ecb,0,NULL},
+{"CAST5-CFB","cast5-cfb",NID_cast5_cfb64,0,NULL},
+{"CAST5-OFB","cast5-ofb",NID_cast5_ofb64,0,NULL},
+{"pbeWithMD5AndCast5CBC","pbeWithMD5AndCast5CBC",
+ NID_pbeWithMD5AndCast5_CBC,9,&(lvalues[552]),0},
+{"DSA-SHA1","dsaWithSHA1",NID_dsaWithSHA1,7,&(lvalues[561]),0},
+{"MD5-SHA1","md5-sha1",NID_md5_sha1,0,NULL},
+{"RSA-SHA1-2","sha1WithRSA",NID_sha1WithRSA,5,&(lvalues[568]),0},
+{"DSA","dsaEncryption",NID_dsa,7,&(lvalues[573]),0},
+{"RIPEMD160","ripemd160",NID_ripemd160,5,&(lvalues[580]),0},
+{NULL,NULL,NID_undef,0,NULL},
+{"RSA-RIPEMD160","ripemd160WithRSA",NID_ripemd160WithRSA,6,
+ &(lvalues[585]),0},
+{"RC5-CBC","rc5-cbc",NID_rc5_cbc,8,&(lvalues[591]),0},
+{"RC5-ECB","rc5-ecb",NID_rc5_ecb,0,NULL},
+{"RC5-CFB","rc5-cfb",NID_rc5_cfb64,0,NULL},
+{"RC5-OFB","rc5-ofb",NID_rc5_ofb64,0,NULL},
+};
+
+static ASN1_OBJECT *sn_objs[NUM_SN]={
+&(nid_objs[91]),/* "BF-CBC" */
+&(nid_objs[93]),/* "BF-CFB" */
+&(nid_objs[92]),/* "BF-ECB" */
+&(nid_objs[94]),/* "BF-OFB" */
+&(nid_objs[14]),/* "C" */
+&(nid_objs[108]),/* "CAST5-CBC" */
+&(nid_objs[110]),/* "CAST5-CFB" */
+&(nid_objs[109]),/* "CAST5-ECB" */
+&(nid_objs[111]),/* "CAST5-OFB" */
+&(nid_objs[13]),/* "CN" */
+&(nid_objs[107]),/* "D" */
+&(nid_objs[31]),/* "DES-CBC" */
+&(nid_objs[30]),/* "DES-CFB" */
+&(nid_objs[29]),/* "DES-ECB" */
+&(nid_objs[32]),/* "DES-EDE" */
+&(nid_objs[43]),/* "DES-EDE-CBC" */
+&(nid_objs[60]),/* "DES-EDE-CFB" */
+&(nid_objs[62]),/* "DES-EDE-OFB" */
+&(nid_objs[33]),/* "DES-EDE3" */
+&(nid_objs[44]),/* "DES-EDE3-CBC" */
+&(nid_objs[61]),/* "DES-EDE3-CFB" */
+&(nid_objs[63]),/* "DES-EDE3-OFB" */
+&(nid_objs[45]),/* "DES-OFB" */
+&(nid_objs[80]),/* "DESX-CBC" */
+&(nid_objs[116]),/* "DSA" */
+&(nid_objs[66]),/* "DSA-SHA" */
+&(nid_objs[113]),/* "DSA-SHA1" */
+&(nid_objs[70]),/* "DSA-SHA1-old" */
+&(nid_objs[67]),/* "DSA-old" */
+&(nid_objs[48]),/* "Email" */
+&(nid_objs[99]),/* "G" */
+&(nid_objs[101]),/* "I" */
+&(nid_objs[34]),/* "IDEA-CBC" */
+&(nid_objs[35]),/* "IDEA-CFB" */
+&(nid_objs[36]),/* "IDEA-ECB" */
+&(nid_objs[46]),/* "IDEA-OFB" */
+&(nid_objs[15]),/* "L" */
+&(nid_objs[ 3]),/* "MD2" */
+&(nid_objs[ 4]),/* "MD5" */
+&(nid_objs[114]),/* "MD5-SHA1" */
+&(nid_objs[95]),/* "MDC2" */
+&(nid_objs[57]),/* "Netscape" */
+&(nid_objs[17]),/* "O" */
+&(nid_objs[18]),/* "OU" */
+&(nid_objs[98]),/* "RC2-40-CBC" */
+&(nid_objs[37]),/* "RC2-CBC" */
+&(nid_objs[39]),/* "RC2-CFB" */
+&(nid_objs[38]),/* "RC2-ECB" */
+&(nid_objs[40]),/* "RC2-OFB" */
+&(nid_objs[ 5]),/* "RC4" */
+&(nid_objs[97]),/* "RC4-40" */
+&(nid_objs[120]),/* "RC5-CBC" */
+&(nid_objs[122]),/* "RC5-CFB" */
+&(nid_objs[121]),/* "RC5-ECB" */
+&(nid_objs[123]),/* "RC5-OFB" */
+&(nid_objs[117]),/* "RIPEMD160" */
+&(nid_objs[19]),/* "RSA" */
+&(nid_objs[ 7]),/* "RSA-MD2" */
+&(nid_objs[ 8]),/* "RSA-MD5" */
+&(nid_objs[96]),/* "RSA-MDC2" */
+&(nid_objs[104]),/* "RSA-NP-MD5" */
+&(nid_objs[119]),/* "RSA-RIPEMD160" */
+&(nid_objs[42]),/* "RSA-SHA" */
+&(nid_objs[65]),/* "RSA-SHA1" */
+&(nid_objs[115]),/* "RSA-SHA1-2" */
+&(nid_objs[100]),/* "S" */
+&(nid_objs[41]),/* "SHA" */
+&(nid_objs[64]),/* "SHA1" */
+&(nid_objs[105]),/* "SN" */
+&(nid_objs[16]),/* "ST" */
+&(nid_objs[106]),/* "T" */
+&(nid_objs[102]),/* "UID" */
+&(nid_objs[ 0]),/* "UNDEF" */
+&(nid_objs[90]),/* "authorityKeyIdentifier" */
+&(nid_objs[87]),/* "basicConstraints" */
+&(nid_objs[89]),/* "certificatePolicies" */
+&(nid_objs[103]),/* "crlDistributionPoints" */
+&(nid_objs[88]),/* "crlNumber" */
+&(nid_objs[86]),/* "issuerAltName" */
+&(nid_objs[83]),/* "keyUsage" */
+&(nid_objs[81]),/* "ld-ce" */
+&(nid_objs[72]),/* "nsBaseUrl" */
+&(nid_objs[76]),/* "nsCaPolicyUrl" */
+&(nid_objs[74]),/* "nsCaRevocationUrl" */
+&(nid_objs[58]),/* "nsCertExt" */
+&(nid_objs[79]),/* "nsCertSequence" */
+&(nid_objs[71]),/* "nsCertType" */
+&(nid_objs[78]),/* "nsComment" */
+&(nid_objs[59]),/* "nsDataType" */
+&(nid_objs[75]),/* "nsRenewalUrl" */
+&(nid_objs[73]),/* "nsRevocationUrl" */
+&(nid_objs[77]),/* "nsSslServerName" */
+&(nid_objs[84]),/* "privateKeyUsagePeriod" */
+&(nid_objs[85]),/* "subjectAltName" */
+&(nid_objs[82]),/* "subjectKeyIdentifier" */
+};
+
+static ASN1_OBJECT *ln_objs[NUM_LN]={
+&(nid_objs[72]),/* "Netscape Base Url" */
+&(nid_objs[76]),/* "Netscape CA Policy Url" */
+&(nid_objs[74]),/* "Netscape CA Revocation Url" */
+&(nid_objs[71]),/* "Netscape Cert Type" */
+&(nid_objs[58]),/* "Netscape Certificate Extension" */
+&(nid_objs[79]),/* "Netscape Certificate Sequence" */
+&(nid_objs[78]),/* "Netscape Comment" */
+&(nid_objs[57]),/* "Netscape Communications Corp." */
+&(nid_objs[59]),/* "Netscape Data Type" */
+&(nid_objs[75]),/* "Netscape Renewal Url" */
+&(nid_objs[73]),/* "Netscape Revocation Url" */
+&(nid_objs[77]),/* "Netscape SSL Server Name" */
+&(nid_objs[11]),/* "X500" */
+&(nid_objs[12]),/* "X509" */
+&(nid_objs[90]),/* "X509v3 Authority Key Identifier" */
+&(nid_objs[87]),/* "X509v3 Basic Constraints" */
+&(nid_objs[103]),/* "X509v3 CRL Distribution Points" */
+&(nid_objs[88]),/* "X509v3 CRL Number" */
+&(nid_objs[89]),/* "X509v3 Certificate Policies" */
+&(nid_objs[86]),/* "X509v3 Issuer Alternative Name" */
+&(nid_objs[83]),/* "X509v3 Key Usage" */
+&(nid_objs[84]),/* "X509v3 Private Key Usage Period" */
+&(nid_objs[85]),/* "X509v3 Subject Alternative Name" */
+&(nid_objs[82]),/* "X509v3 Subject Key Identifier" */
+&(nid_objs[91]),/* "bf-cbc" */
+&(nid_objs[93]),/* "bf-cfb" */
+&(nid_objs[92]),/* "bf-ecb" */
+&(nid_objs[94]),/* "bf-ofb" */
+&(nid_objs[108]),/* "cast5-cbc" */
+&(nid_objs[110]),/* "cast5-cfb" */
+&(nid_objs[109]),/* "cast5-ecb" */
+&(nid_objs[111]),/* "cast5-ofb" */
+&(nid_objs[54]),/* "challengePassword" */
+&(nid_objs[13]),/* "commonName" */
+&(nid_objs[50]),/* "contentType" */
+&(nid_objs[53]),/* "countersignature" */
+&(nid_objs[14]),/* "countryName" */
+&(nid_objs[31]),/* "des-cbc" */
+&(nid_objs[30]),/* "des-cfb" */
+&(nid_objs[29]),/* "des-ecb" */
+&(nid_objs[32]),/* "des-ede" */
+&(nid_objs[43]),/* "des-ede-cbc" */
+&(nid_objs[60]),/* "des-ede-cfb" */
+&(nid_objs[62]),/* "des-ede-ofb" */
+&(nid_objs[33]),/* "des-ede3" */
+&(nid_objs[44]),/* "des-ede3-cbc" */
+&(nid_objs[61]),/* "des-ede3-cfb" */
+&(nid_objs[63]),/* "des-ede3-ofb" */
+&(nid_objs[45]),/* "des-ofb" */
+&(nid_objs[107]),/* "description" */
+&(nid_objs[80]),/* "desx-cbc" */
+&(nid_objs[28]),/* "dhKeyAgreement" */
+&(nid_objs[116]),/* "dsaEncryption" */
+&(nid_objs[67]),/* "dsaEncryption-old" */
+&(nid_objs[66]),/* "dsaWithSHA" */
+&(nid_objs[113]),/* "dsaWithSHA1" */
+&(nid_objs[70]),/* "dsaWithSHA1" */
+&(nid_objs[48]),/* "emailAddress" */
+&(nid_objs[56]),/* "extendedCertificateAttributes" */
+&(nid_objs[99]),/* "givenName" */
+&(nid_objs[34]),/* "idea-cbc" */
+&(nid_objs[35]),/* "idea-cfb" */
+&(nid_objs[36]),/* "idea-ecb" */
+&(nid_objs[46]),/* "idea-ofb" */
+&(nid_objs[101]),/* "initials" */
+&(nid_objs[15]),/* "localityName" */
+&(nid_objs[ 3]),/* "md2" */
+&(nid_objs[ 7]),/* "md2WithRSAEncryption" */
+&(nid_objs[ 4]),/* "md5" */
+&(nid_objs[114]),/* "md5-sha1" */
+&(nid_objs[104]),/* "md5WithRSA" */
+&(nid_objs[ 8]),/* "md5WithRSAEncryption" */
+&(nid_objs[95]),/* "mdc2" */
+&(nid_objs[96]),/* "mdc2withRSA" */
+&(nid_objs[51]),/* "messageDigest" */
+&(nid_objs[17]),/* "organizationName" */
+&(nid_objs[18]),/* "organizationalUnitName" */
+&(nid_objs[ 9]),/* "pbeWithMD2AndDES-CBC" */
+&(nid_objs[112]),/* "pbeWithMD5AndCast5CBC" */
+&(nid_objs[10]),/* "pbeWithMD5AndDES-CBC" */
+&(nid_objs[68]),/* "pbeWithSHA1AndRC2-CBC" */
+&(nid_objs[69]),/* "pbeWithSHA1AndRC4" */
+&(nid_objs[ 2]),/* "pkcs" */
+&(nid_objs[27]),/* "pkcs3" */
+&(nid_objs[20]),/* "pkcs7" */
+&(nid_objs[21]),/* "pkcs7-data" */
+&(nid_objs[25]),/* "pkcs7-digestData" */
+&(nid_objs[26]),/* "pkcs7-encryptedData" */
+&(nid_objs[23]),/* "pkcs7-envelopedData" */
+&(nid_objs[24]),/* "pkcs7-signedAndEnvelopedData" */
+&(nid_objs[22]),/* "pkcs7-signedData" */
+&(nid_objs[47]),/* "pkcs9" */
+&(nid_objs[98]),/* "rc2-40-cbc" */
+&(nid_objs[37]),/* "rc2-cbc" */
+&(nid_objs[39]),/* "rc2-cfb" */
+&(nid_objs[38]),/* "rc2-ecb" */
+&(nid_objs[40]),/* "rc2-ofb" */
+&(nid_objs[ 5]),/* "rc4" */
+&(nid_objs[97]),/* "rc4-40" */
+&(nid_objs[120]),/* "rc5-cbc" */
+&(nid_objs[122]),/* "rc5-cfb" */
+&(nid_objs[121]),/* "rc5-ecb" */
+&(nid_objs[123]),/* "rc5-ofb" */
+&(nid_objs[117]),/* "ripemd160" */
+&(nid_objs[119]),/* "ripemd160WithRSA" */
+&(nid_objs[19]),/* "rsa" */
+&(nid_objs[ 6]),/* "rsaEncryption" */
+&(nid_objs[ 1]),/* "rsadsi" */
+&(nid_objs[105]),/* "serialNumber" */
+&(nid_objs[41]),/* "sha" */
+&(nid_objs[64]),/* "sha1" */
+&(nid_objs[115]),/* "sha1WithRSA" */
+&(nid_objs[65]),/* "sha1WithRSAEncryption" */
+&(nid_objs[42]),/* "shaWithRSAEncryption" */
+&(nid_objs[52]),/* "signingTime" */
+&(nid_objs[16]),/* "stateOrProvinceName" */
+&(nid_objs[100]),/* "surname" */
+&(nid_objs[106]),/* "title" */
+&(nid_objs[ 0]),/* "undefined" */
+&(nid_objs[102]),/* "uniqueIdentifier" */
+&(nid_objs[55]),/* "unstructuredAddress" */
+&(nid_objs[49]),/* "unstructuredName" */
+};
+
+static ASN1_OBJECT *obj_objs[NUM_OBJ]={
+&(nid_objs[11]),/* OBJ_X500 2 5 */
+&(nid_objs[12]),/* OBJ_X509 2 5 4 */
+&(nid_objs[81]),/* OBJ_ld_ce 2 5 29 */
+&(nid_objs[13]),/* OBJ_commonName 2 5 4 3 */
+&(nid_objs[100]),/* OBJ_surname 2 5 4 4 */
+&(nid_objs[105]),/* OBJ_serialNumber 2 5 4 5 */
+&(nid_objs[14]),/* OBJ_countryName 2 5 4 6 */
+&(nid_objs[15]),/* OBJ_localityName 2 5 4 7 */
+&(nid_objs[16]),/* OBJ_stateOrProvinceName 2 5 4 8 */
+&(nid_objs[17]),/* OBJ_organizationName 2 5 4 10 */
+&(nid_objs[18]),/* OBJ_organizationalUnitName 2 5 4 11 */
+&(nid_objs[106]),/* OBJ_title 2 5 4 12 */
+&(nid_objs[107]),/* OBJ_description 2 5 4 13 */
+&(nid_objs[99]),/* OBJ_givenName 2 5 4 42 */
+&(nid_objs[101]),/* OBJ_initials 2 5 4 43 */
+&(nid_objs[102]),/* OBJ_uniqueIdentifier 2 5 4 45 */
+&(nid_objs[82]),/* OBJ_subject_key_identifier 2 5 29 14 */
+&(nid_objs[83]),/* OBJ_key_usage 2 5 29 15 */
+&(nid_objs[84]),/* OBJ_private_key_usage_period 2 5 29 16 */
+&(nid_objs[85]),/* OBJ_subject_alt_name 2 5 29 17 */
+&(nid_objs[86]),/* OBJ_issuer_alt_name 2 5 29 18 */
+&(nid_objs[87]),/* OBJ_basic_constraints 2 5 29 19 */
+&(nid_objs[88]),/* OBJ_crl_number 2 5 29 20 */
+&(nid_objs[103]),/* OBJ_crl_distribution_points 2 5 29 31 */
+&(nid_objs[89]),/* OBJ_certificate_policies 2 5 29 32 */
+&(nid_objs[90]),/* OBJ_authority_key_identifier 2 5 29 35 */
+&(nid_objs[19]),/* OBJ_rsa 2 5 8 1 1 */
+&(nid_objs[96]),/* OBJ_mdc2WithRSA 2 5 8 3 100 */
+&(nid_objs[95]),/* OBJ_mdc2 2 5 8 3 101 */
+&(nid_objs[104]),/* OBJ_md5WithRSA 1 3 14 3 2 3 */
+&(nid_objs[29]),/* OBJ_des_ecb 1 3 14 3 2 6 */
+&(nid_objs[31]),/* OBJ_des_cbc 1 3 14 3 2 7 */
+&(nid_objs[45]),/* OBJ_des_ofb64 1 3 14 3 2 8 */
+&(nid_objs[30]),/* OBJ_des_cfb64 1 3 14 3 2 9 */
+&(nid_objs[67]),/* OBJ_dsa_2 1 3 14 3 2 12 */
+&(nid_objs[66]),/* OBJ_dsaWithSHA 1 3 14 3 2 13 */
+&(nid_objs[42]),/* OBJ_shaWithRSAEncryption 1 3 14 3 2 15 */
+&(nid_objs[32]),/* OBJ_des_ede 1 3 14 3 2 17 */
+&(nid_objs[41]),/* OBJ_sha 1 3 14 3 2 18 */
+&(nid_objs[64]),/* OBJ_sha1 1 3 14 3 2 26 */
+&(nid_objs[70]),/* OBJ_dsaWithSHA1_2 1 3 14 3 2 27 */
+&(nid_objs[115]),/* OBJ_sha1WithRSA 1 3 14 3 2 29 */
+&(nid_objs[117]),/* OBJ_ripemd160 1 3 36 3 2 1 */
+&(nid_objs[ 1]),/* OBJ_rsadsi 1 2 840 113549 */
+&(nid_objs[119]),/* OBJ_ripemd160WithRSA 1 3 36 3 3 1 2 */
+&(nid_objs[ 2]),/* OBJ_pkcs 1 2 840 113549 1 */
+&(nid_objs[116]),/* OBJ_dsa 1 2 840 10040 4 1 */
+&(nid_objs[113]),/* OBJ_dsaWithSHA1 1 2 840 10040 4 3 */
+&(nid_objs[57]),/* OBJ_netscape 2 16 840 1 113730 */
+&(nid_objs[27]),/* OBJ_pkcs3 1 2 840 113549 1 3 */
+&(nid_objs[20]),/* OBJ_pkcs7 1 2 840 113549 1 7 */
+&(nid_objs[47]),/* OBJ_pkcs9 1 2 840 113549 1 9 */
+&(nid_objs[ 3]),/* OBJ_md2 1 2 840 113549 2 2 */
+&(nid_objs[ 4]),/* OBJ_md5 1 2 840 113549 2 5 */
+&(nid_objs[37]),/* OBJ_rc2_cbc 1 2 840 113549 3 2 */
+&(nid_objs[ 5]),/* OBJ_rc4 1 2 840 113549 3 4 */
+&(nid_objs[44]),/* OBJ_des_ede3_cbc 1 2 840 113549 3 7 */
+&(nid_objs[120]),/* OBJ_rc5_cbc 1 2 840 113549 3 8 */
+&(nid_objs[58]),/* OBJ_netscape_cert_extension 2 16 840 1 113730 1 */
+&(nid_objs[59]),/* OBJ_netscape_data_type 2 16 840 1 113730 2 */
+&(nid_objs[108]),/* OBJ_cast5_cbc 1 2 840 113533 7 66 10 */
+&(nid_objs[112]),/* OBJ_pbeWithMD5AndCast5_CBC 1 2 840 113533 7 66 12 */
+&(nid_objs[ 6]),/* OBJ_rsaEncryption 1 2 840 113549 1 1 1 */
+&(nid_objs[ 7]),/* OBJ_md2WithRSAEncryption 1 2 840 113549 1 1 2 */
+&(nid_objs[ 8]),/* OBJ_md5WithRSAEncryption 1 2 840 113549 1 1 4 */
+&(nid_objs[65]),/* OBJ_sha1WithRSAEncryption 1 2 840 113549 1 1 5 */
+&(nid_objs[28]),/* OBJ_dhKeyAgreement 1 2 840 113549 1 3 1 */
+&(nid_objs[ 9]),/* OBJ_pbeWithMD2AndDES_CBC 1 2 840 113549 1 5 1 */
+&(nid_objs[10]),/* OBJ_pbeWithMD5AndDES_CBC 1 2 840 113549 1 5 3 */
+&(nid_objs[68]),/* OBJ_pbeWithSHA1AndRC2_CBC 1 2 840 113549 1 5 11 */
+&(nid_objs[69]),/* OBJ_pbeWithSHA1AndRC4 1 2 840 113549 1 5 12 */
+&(nid_objs[21]),/* OBJ_pkcs7_data 1 2 840 113549 1 7 1 */
+&(nid_objs[22]),/* OBJ_pkcs7_signed 1 2 840 113549 1 7 2 */
+&(nid_objs[23]),/* OBJ_pkcs7_enveloped 1 2 840 113549 1 7 3 */
+&(nid_objs[24]),/* OBJ_pkcs7_signedAndEnveloped 1 2 840 113549 1 7 4 */
+&(nid_objs[25]),/* OBJ_pkcs7_digest 1 2 840 113549 1 7 5 */
+&(nid_objs[26]),/* OBJ_pkcs7_encrypted 1 2 840 113549 1 7 6 */
+&(nid_objs[48]),/* OBJ_pkcs9_emailAddress 1 2 840 113549 1 9 1 */
+&(nid_objs[49]),/* OBJ_pkcs9_unstructuredName 1 2 840 113549 1 9 2 */
+&(nid_objs[50]),/* OBJ_pkcs9_contentType 1 2 840 113549 1 9 3 */
+&(nid_objs[51]),/* OBJ_pkcs9_messageDigest 1 2 840 113549 1 9 4 */
+&(nid_objs[52]),/* OBJ_pkcs9_signingTime 1 2 840 113549 1 9 5 */
+&(nid_objs[53]),/* OBJ_pkcs9_countersignature 1 2 840 113549 1 9 6 */
+&(nid_objs[54]),/* OBJ_pkcs9_challengePassword 1 2 840 113549 1 9 7 */
+&(nid_objs[55]),/* OBJ_pkcs9_unstructuredAddress 1 2 840 113549 1 9 8 */
+&(nid_objs[56]),/* OBJ_pkcs9_extCertAttributes 1 2 840 113549 1 9 9 */
+&(nid_objs[71]),/* OBJ_netscape_cert_type 2 16 840 1 113730 1 1 */
+&(nid_objs[72]),/* OBJ_netscape_base_url 2 16 840 1 113730 1 2 */
+&(nid_objs[73]),/* OBJ_netscape_revocation_url 2 16 840 1 113730 1 3 */
+&(nid_objs[74]),/* OBJ_netscape_ca_revocation_url 2 16 840 1 113730 1 4 */
+&(nid_objs[75]),/* OBJ_netscape_renewal_url 2 16 840 1 113730 1 7 */
+&(nid_objs[76]),/* OBJ_netscape_ca_policy_url 2 16 840 1 113730 1 8 */
+&(nid_objs[77]),/* OBJ_netscape_ssl_server_name 2 16 840 1 113730 1 12 */
+&(nid_objs[78]),/* OBJ_netscape_comment 2 16 840 1 113730 1 13 */
+&(nid_objs[79]),/* OBJ_netscape_cert_sequence 2 16 840 1 113730 2 5 */
+};
+
diff --git a/src/lib/libssl/src/crypto/objects/obj_dat.pl b/src/lib/libssl/src/crypto/objects/obj_dat.pl
new file mode 100644
index 0000000000..4e7879d3f3
--- /dev/null
+++ b/src/lib/libssl/src/crypto/objects/obj_dat.pl
@@ -0,0 +1,269 @@
+#!/usr/bin/perl
+
+sub obj_cmp
+ {
+ local(@a,@b,$_,$r);
+
+ $A=$obj_len{$obj{$nid{$a}}};
+ $B=$obj_len{$obj{$nid{$b}}};
+
+ $r=($A-$B);
+ return($r) if $r != 0;
+
+ $A=$obj_der{$obj{$nid{$a}}};
+ $B=$obj_der{$obj{$nid{$b}}};
+
+ return($A cmp $B);
+ }
+
+sub expand_obj
+ {
+ local(*v)=@_;
+ local($k,$d);
+ local($i);
+
+ do {
+ $i=0;
+ foreach $k (keys %v)
+ {
+ if (($v{$k} =~ s/(OBJ_[^,]+),/$v{$1},/))
+ { $i++; }
+ }
+ } while($i);
+ foreach $k (keys %v)
+ {
+ @a=split(/,/,$v{$k});
+ $objn{$k}=$#a+1;
+ }
+ return(%objn);
+ }
+
+while (<>)
+ {
+ next unless /^\#define\s+(\S+)\s+(.*)$/;
+ $v=$1;
+ $d=$2;
+ if ($v =~ /^SN_(.*)$/)
+ { $sn{$1}=$d; }
+ elsif ($v =~ /^LN_(.*)$/)
+ { $ln{$1}=$d; }
+ elsif ($v =~ /^NID_(.*)$/)
+ { $nid{$d}=$1; }
+ elsif ($v =~ /^OBJ_(.*)$/)
+ {
+ $obj{$1}=$v;
+ $objd{$v}=$d;
+ }
+ }
+
+%ob=&expand_obj(*objd);
+
+@a=sort { $a <=> $b } keys %nid;
+$n=$a[$#a]+1;
+
+@lvalues=();
+$lvalues=0;
+
+for ($i=0; $i<$n; $i++)
+ {
+ if (!defined($nid{$i}))
+ {
+ push(@out,"{NULL,NULL,NID_undef,0,NULL},\n");
+ }
+ else
+ {
+ $sn=defined($sn{$nid{$i}})?"$sn{$nid{$i}}":"NULL";
+ $ln=defined($ln{$nid{$i}})?"$ln{$nid{$i}}":"NULL";
+ $sn=$ln if ($sn eq "NULL");
+ $ln=$sn if ($ln eq "NULL");
+ $out ="{";
+ $out.=$sn;
+ $out.=",".$ln;
+ $out.=",NID_$nid{$i},";
+ if (defined($obj{$nid{$i}}))
+ {
+ $v=$objd{$obj{$nid{$i}}};
+ $v =~ s/L//g;
+ $v =~ s/,/ /g;
+ $r=&der_it($v);
+ $z="";
+ $length=0;
+ foreach (unpack("C*",$r))
+ {
+ $z.=sprintf("0x%02X,",$_);
+ $length++;
+ }
+ $obj_der{$obj{$nid{$i}}}=$z;
+ $obj_len{$obj{$nid{$i}}}=$length;
+
+ push(@lvalues,sprintf("%-45s/* [%3d] %s */\n",
+ $z,$lvalues,$obj{$nid{$i}}));
+ $out.="$length,&(lvalues[$lvalues]),0";
+ $lvalues+=$length;
+ }
+ else
+ {
+ $out.="0,NULL";
+ }
+ $out.="},\n";
+ push(@out,$out);
+ }
+ }
+
+@a=grep(defined($sn{$nid{$_}}),0 .. $n);
+foreach (sort { $sn{$nid{$a}} cmp $sn{$nid{$b}} } @a)
+ {
+ push(@sn,sprintf("&(nid_objs[%2d]),/* $sn{$nid{$_}} */\n",$_));
+ }
+
+@a=grep(defined($ln{$nid{$_}}),0 .. $n);
+foreach (sort { $ln{$nid{$a}} cmp $ln{$nid{$b}} } @a)
+ {
+ push(@ln,sprintf("&(nid_objs[%2d]),/* $ln{$nid{$_}} */\n",$_));
+ }
+
+@a=grep(defined($obj{$nid{$_}}),0 .. $n);
+foreach (sort obj_cmp @a)
+ {
+ $m=$obj{$nid{$_}};
+ $v=$objd{$m};
+ $v =~ s/L//g;
+ $v =~ s/,/ /g;
+ push(@ob,sprintf("&(nid_objs[%2d]),/* %-32s %s */\n",$_,$m,$v));
+ }
+
+print <<'EOF';
+/* lib/obj/obj_dat.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* THIS FILE IS GENERATED FROM Objects.h by obj_dat.pl via the
+ * following command:
+ * perl obj_dat.pl < objects.h > obj_dat.h
+ */
+
+EOF
+
+printf "#define NUM_NID %d\n",$n;
+printf "#define NUM_SN %d\n",$#sn+1;
+printf "#define NUM_LN %d\n",$#ln+1;
+printf "#define NUM_OBJ %d\n\n",$#ob+1;
+
+printf "static unsigned char lvalues[%d]={\n",$lvalues+1;
+print @lvalues;
+print "};\n\n";
+
+printf "static ASN1_OBJECT nid_objs[NUM_NID]={\n";
+foreach (@out)
+ {
+ if (length($_) > 75)
+ {
+ $out="";
+ foreach (split(/,/))
+ {
+ $t=$out.$_.",";
+ if (length($t) > 70)
+ {
+ print "$out\n";
+ $t="\t$_,";
+ }
+ $out=$t;
+ }
+ chop $out;
+ print "$out";
+ }
+ else
+ { print $_; }
+ }
+print "};\n\n";
+
+printf "static ASN1_OBJECT *sn_objs[NUM_SN]={\n";
+print @sn;
+print "};\n\n";
+
+printf "static ASN1_OBJECT *ln_objs[NUM_LN]={\n";
+print @ln;
+print "};\n\n";
+
+printf "static ASN1_OBJECT *obj_objs[NUM_OBJ]={\n";
+print @ob;
+print "};\n\n";
+
+sub der_it
+ {
+ local($v)=@_;
+ local(@a,$i,$ret,@r);
+
+ @a=split(/\s+/,$v);
+ $ret.=pack("C*",$a[0]*40+$a[1]);
+ shift @a;
+ shift @a;
+ while ($_=shift(@a))
+ {
+ @r=();
+ $t=0;
+ while ($_ >= 128)
+ {
+ $x=$_%128;
+ $_/=128;
+ push(@r,((($t++)?0x80:0)|$x));
+ }
+ push(@r,((($t++)?0x80:0)|$_));
+ $ret.=pack("C*",reverse(@r));
+ }
+ return($ret);
+ }
diff --git a/src/lib/libssl/src/crypto/objects/obj_err.c b/src/lib/libssl/src/crypto/objects/obj_err.c
new file mode 100644
index 0000000000..45206c616c
--- /dev/null
+++ b/src/lib/libssl/src/crypto/objects/obj_err.c
@@ -0,0 +1,96 @@
+/* lib/obj/obj_err.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include "err.h"
+#include "objects.h"
+
+/* BEGIN ERROR CODES */
+#ifndef NO_ERR
+static ERR_STRING_DATA OBJ_str_functs[]=
+ {
+{ERR_PACK(0,OBJ_F_OBJ_CREATE,0), "OBJ_create"},
+{ERR_PACK(0,OBJ_F_OBJ_DUP,0), "OBJ_dup"},
+{ERR_PACK(0,OBJ_F_OBJ_NID2LN,0), "OBJ_nid2ln"},
+{ERR_PACK(0,OBJ_F_OBJ_NID2OBJ,0), "OBJ_nid2obj"},
+{ERR_PACK(0,OBJ_F_OBJ_NID2SN,0), "OBJ_nid2sn"},
+{0,NULL},
+ };
+
+static ERR_STRING_DATA OBJ_str_reasons[]=
+ {
+{OBJ_R_MALLOC_FAILURE ,"malloc failure"},
+{OBJ_R_UNKNOWN_NID ,"unknown nid"},
+{0,NULL},
+ };
+
+#endif
+
+void ERR_load_OBJ_strings()
+ {
+ static int init=1;
+
+ if (init);
+ {;
+ init=0;
+#ifndef NO_ERR
+ ERR_load_strings(ERR_LIB_OBJ,OBJ_str_functs);
+ ERR_load_strings(ERR_LIB_OBJ,OBJ_str_reasons);
+#endif
+
+ }
+ }
diff --git a/src/lib/libssl/src/crypto/objects/obj_lib.c b/src/lib/libssl/src/crypto/objects/obj_lib.c
new file mode 100644
index 0000000000..0a9c756197
--- /dev/null
+++ b/src/lib/libssl/src/crypto/objects/obj_lib.c
@@ -0,0 +1,126 @@
+/* crypto/objects/obj_lib.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "lhash.h"
+#include "objects.h"
+#include "buffer.h"
+
+ASN1_OBJECT *OBJ_dup(o)
+ASN1_OBJECT *o;
+ {
+ ASN1_OBJECT *r;
+ int i;
+
+ if (o == NULL) return(NULL);
+ if (!(o->flags & ASN1_OBJECT_FLAG_DYNAMIC))
+ return(o);
+
+ r=(ASN1_OBJECT *)ASN1_OBJECT_new();
+ if (r == NULL)
+ {
+ OBJerr(OBJ_F_OBJ_DUP,ERR_R_ASN1_LIB);
+ return(NULL);
+ }
+ r->data=(unsigned char *)Malloc(o->length);
+ if (r->data == NULL)
+ goto err;
+ memcpy(r->data,o->data,o->length);
+ r->length=o->length;
+ r->nid=o->nid;
+ r->ln=r->sn=NULL;
+ if (o->ln != NULL)
+ {
+ i=strlen(o->ln)+1;
+ r->ln=(char *)Malloc(i);
+ if (r->ln == NULL) goto err;
+ memcpy(r->ln,o->ln,i);
+ }
+
+ if (o->sn != NULL)
+ {
+ i=strlen(o->sn)+1;
+ r->sn=(char *)Malloc(i);
+ if (r->sn == NULL) goto err;
+ memcpy(r->sn,o->sn,i);
+ }
+ r->flags=o->flags|(ASN1_OBJECT_FLAG_DYNAMIC|
+ ASN1_OBJECT_FLAG_DYNAMIC_STRINGS);
+ return(r);
+err:
+ OBJerr(OBJ_F_OBJ_DUP,ERR_R_MALLOC_FAILURE);
+ if (r != NULL)
+ {
+ if (r->ln != NULL) Free(r->ln);
+ if (r->data != NULL) Free(r->data);
+ Free(r);
+ }
+ return(NULL);
+ }
+
+int OBJ_cmp(a,b)
+ASN1_OBJECT *a;
+ASN1_OBJECT *b;
+ {
+ int ret;
+
+ ret=(a->length-b->length);
+ if (ret) return(ret);
+ return(memcmp(a->data,b->data,a->length));
+ }
diff --git a/src/lib/libssl/src/crypto/objects/objects.h b/src/lib/libssl/src/crypto/objects/objects.h
new file mode 100644
index 0000000000..e1d555b47c
--- /dev/null
+++ b/src/lib/libssl/src/crypto/objects/objects.h
@@ -0,0 +1,724 @@
+/* crypto/objects/objects.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_OBJECTS_H
+#define HEADER_OBJECTS_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define SN_undef "UNDEF"
+#define LN_undef "undefined"
+#define NID_undef 0
+
+#define SN_Algorithm "Algorithm"
+#define LN_algorithm "algorithm"
+#define NID_algorithm 38
+#define OBJ_algorithm 1L,3L,14L,3L,2L
+
+#define LN_rsadsi "rsadsi"
+#define NID_rsadsi 1
+#define OBJ_rsadsi 1L,2L,840L,113549L
+
+#define LN_pkcs "pkcs"
+#define NID_pkcs 2
+#define OBJ_pkcs OBJ_rsadsi,1L
+
+#define SN_md2 "MD2"
+#define LN_md2 "md2"
+#define NID_md2 3
+#define OBJ_md2 OBJ_rsadsi,2L,2L
+
+#define SN_md5 "MD5"
+#define LN_md5 "md5"
+#define NID_md5 4
+#define OBJ_md5 OBJ_rsadsi,2L,5L
+
+#define SN_rc4 "RC4"
+#define LN_rc4 "rc4"
+#define NID_rc4 5
+#define OBJ_rc4 OBJ_rsadsi,3L,4L
+
+#define LN_rsaEncryption "rsaEncryption"
+#define NID_rsaEncryption 6
+#define OBJ_rsaEncryption OBJ_pkcs,1L,1L
+
+#define SN_md2WithRSAEncryption "RSA-MD2"
+#define LN_md2WithRSAEncryption "md2WithRSAEncryption"
+#define NID_md2WithRSAEncryption 7
+#define OBJ_md2WithRSAEncryption OBJ_pkcs,1L,2L
+
+#define SN_md5WithRSAEncryption "RSA-MD5"
+#define LN_md5WithRSAEncryption "md5WithRSAEncryption"
+#define NID_md5WithRSAEncryption 8
+#define OBJ_md5WithRSAEncryption OBJ_pkcs,1L,4L
+
+#define LN_pbeWithMD2AndDES_CBC "pbeWithMD2AndDES-CBC"
+#define NID_pbeWithMD2AndDES_CBC 9
+#define OBJ_pbeWithMD2AndDES_CBC OBJ_pkcs,5L,1L
+
+#define LN_pbeWithMD5AndDES_CBC "pbeWithMD5AndDES-CBC"
+#define NID_pbeWithMD5AndDES_CBC 10
+#define OBJ_pbeWithMD5AndDES_CBC OBJ_pkcs,5L,3L
+
+#define LN_X500 "X500"
+#define NID_X500 11
+#define OBJ_X500 2L,5L
+
+#define LN_X509 "X509"
+#define NID_X509 12
+#define OBJ_X509 OBJ_X500,4L
+
+#define SN_commonName "CN"
+#define LN_commonName "commonName"
+#define NID_commonName 13
+#define OBJ_commonName OBJ_X509,3L
+
+#define SN_countryName "C"
+#define LN_countryName "countryName"
+#define NID_countryName 14
+#define OBJ_countryName OBJ_X509,6L
+
+#define SN_localityName "L"
+#define LN_localityName "localityName"
+#define NID_localityName 15
+#define OBJ_localityName OBJ_X509,7L
+
+/* Postal Address? PA */
+
+/* should be "ST" (rfc1327) but MS uses 'S' */
+#define SN_stateOrProvinceName "ST"
+#define LN_stateOrProvinceName "stateOrProvinceName"
+#define NID_stateOrProvinceName 16
+#define OBJ_stateOrProvinceName OBJ_X509,8L
+
+#define SN_organizationName "O"
+#define LN_organizationName "organizationName"
+#define NID_organizationName 17
+#define OBJ_organizationName OBJ_X509,10L
+
+#define SN_organizationalUnitName "OU"
+#define LN_organizationalUnitName "organizationalUnitName"
+#define NID_organizationalUnitName 18
+#define OBJ_organizationalUnitName OBJ_X509,11L
+
+#define SN_rsa "RSA"
+#define LN_rsa "rsa"
+#define NID_rsa 19
+#define OBJ_rsa OBJ_X500,8L,1L,1L
+
+#define LN_pkcs7 "pkcs7"
+#define NID_pkcs7 20
+#define OBJ_pkcs7 OBJ_pkcs,7L
+
+#define LN_pkcs7_data "pkcs7-data"
+#define NID_pkcs7_data 21
+#define OBJ_pkcs7_data OBJ_pkcs7,1L
+
+#define LN_pkcs7_signed "pkcs7-signedData"
+#define NID_pkcs7_signed 22
+#define OBJ_pkcs7_signed OBJ_pkcs7,2L
+
+#define LN_pkcs7_enveloped "pkcs7-envelopedData"
+#define NID_pkcs7_enveloped 23
+#define OBJ_pkcs7_enveloped OBJ_pkcs7,3L
+
+#define LN_pkcs7_signedAndEnveloped "pkcs7-signedAndEnvelopedData"
+#define NID_pkcs7_signedAndEnveloped 24
+#define OBJ_pkcs7_signedAndEnveloped OBJ_pkcs7,4L
+
+#define LN_pkcs7_digest "pkcs7-digestData"
+#define NID_pkcs7_digest 25
+#define OBJ_pkcs7_digest OBJ_pkcs7,5L
+
+#define LN_pkcs7_encrypted "pkcs7-encryptedData"
+#define NID_pkcs7_encrypted 26
+#define OBJ_pkcs7_encrypted OBJ_pkcs7,6L
+
+#define LN_pkcs3 "pkcs3"
+#define NID_pkcs3 27
+#define OBJ_pkcs3 OBJ_pkcs,3L
+
+#define LN_dhKeyAgreement "dhKeyAgreement"
+#define NID_dhKeyAgreement 28
+#define OBJ_dhKeyAgreement OBJ_pkcs3,1L
+
+#define SN_des_ecb "DES-ECB"
+#define LN_des_ecb "des-ecb"
+#define NID_des_ecb 29
+#define OBJ_des_ecb OBJ_algorithm,6L
+
+#define SN_des_cfb64 "DES-CFB"
+#define LN_des_cfb64 "des-cfb"
+#define NID_des_cfb64 30
+/* IV + num */
+#define OBJ_des_cfb64 OBJ_algorithm,9L
+
+#define SN_des_cbc "DES-CBC"
+#define LN_des_cbc "des-cbc"
+#define NID_des_cbc 31
+/* IV */
+#define OBJ_des_cbc OBJ_algorithm,7L
+
+#define SN_des_ede "DES-EDE"
+#define LN_des_ede "des-ede"
+#define NID_des_ede 32
+/* ?? */
+#define OBJ_des_ede OBJ_algorithm,17L
+
+#define SN_des_ede3 "DES-EDE3"
+#define LN_des_ede3 "des-ede3"
+#define NID_des_ede3 33
+
+#define SN_idea_cbc "IDEA-CBC"
+#define LN_idea_cbc "idea-cbc"
+#define NID_idea_cbc 34
+
+#define SN_idea_cfb64 "IDEA-CFB"
+#define LN_idea_cfb64 "idea-cfb"
+#define NID_idea_cfb64 35
+
+#define SN_idea_ecb "IDEA-ECB"
+#define LN_idea_ecb "idea-ecb"
+#define NID_idea_ecb 36
+
+#define SN_rc2_cbc "RC2-CBC"
+#define LN_rc2_cbc "rc2-cbc"
+#define NID_rc2_cbc 37
+#define OBJ_rc2_cbc OBJ_rsadsi,3L,2L
+
+#define SN_rc2_ecb "RC2-ECB"
+#define LN_rc2_ecb "rc2-ecb"
+#define NID_rc2_ecb 38
+
+#define SN_rc2_cfb64 "RC2-CFB"
+#define LN_rc2_cfb64 "rc2-cfb"
+#define NID_rc2_cfb64 39
+
+#define SN_rc2_ofb64 "RC2-OFB"
+#define LN_rc2_ofb64 "rc2-ofb"
+#define NID_rc2_ofb64 40
+
+#define SN_sha "SHA"
+#define LN_sha "sha"
+#define NID_sha 41
+#define OBJ_sha OBJ_algorithm,18L
+
+#define SN_shaWithRSAEncryption "RSA-SHA"
+#define LN_shaWithRSAEncryption "shaWithRSAEncryption"
+#define NID_shaWithRSAEncryption 42
+#define OBJ_shaWithRSAEncryption OBJ_algorithm,15L
+
+#define SN_des_ede_cbc "DES-EDE-CBC"
+#define LN_des_ede_cbc "des-ede-cbc"
+#define NID_des_ede_cbc 43
+
+#define SN_des_ede3_cbc "DES-EDE3-CBC"
+#define LN_des_ede3_cbc "des-ede3-cbc"
+#define NID_des_ede3_cbc 44
+#define OBJ_des_ede3_cbc OBJ_rsadsi,3L,7L
+
+#define SN_des_ofb64 "DES-OFB"
+#define LN_des_ofb64 "des-ofb"
+#define NID_des_ofb64 45
+#define OBJ_des_ofb64 OBJ_algorithm,8L
+
+#define SN_idea_ofb64 "IDEA-OFB"
+#define LN_idea_ofb64 "idea-ofb"
+#define NID_idea_ofb64 46
+
+#define LN_pkcs9 "pkcs9"
+#define NID_pkcs9 47
+#define OBJ_pkcs9 OBJ_pkcs,9L
+
+#define SN_pkcs9_emailAddress "Email"
+#define LN_pkcs9_emailAddress "emailAddress"
+#define NID_pkcs9_emailAddress 48
+#define OBJ_pkcs9_emailAddress OBJ_pkcs9,1L
+
+#define LN_pkcs9_unstructuredName "unstructuredName"
+#define NID_pkcs9_unstructuredName 49
+#define OBJ_pkcs9_unstructuredName OBJ_pkcs9,2L
+
+#define LN_pkcs9_contentType "contentType"
+#define NID_pkcs9_contentType 50
+#define OBJ_pkcs9_contentType OBJ_pkcs9,3L
+
+#define LN_pkcs9_messageDigest "messageDigest"
+#define NID_pkcs9_messageDigest 51
+#define OBJ_pkcs9_messageDigest OBJ_pkcs9,4L
+
+#define LN_pkcs9_signingTime "signingTime"
+#define NID_pkcs9_signingTime 52
+#define OBJ_pkcs9_signingTime OBJ_pkcs9,5L
+
+#define LN_pkcs9_countersignature "countersignature"
+#define NID_pkcs9_countersignature 53
+#define OBJ_pkcs9_countersignature OBJ_pkcs9,6L
+
+#define LN_pkcs9_challengePassword "challengePassword"
+#define NID_pkcs9_challengePassword 54
+#define OBJ_pkcs9_challengePassword OBJ_pkcs9,7L
+
+#define LN_pkcs9_unstructuredAddress "unstructuredAddress"
+#define NID_pkcs9_unstructuredAddress 55
+#define OBJ_pkcs9_unstructuredAddress OBJ_pkcs9,8L
+
+#define LN_pkcs9_extCertAttributes "extendedCertificateAttributes"
+#define NID_pkcs9_extCertAttributes 56
+#define OBJ_pkcs9_extCertAttributes OBJ_pkcs9,9L
+
+#define SN_netscape "Netscape"
+#define LN_netscape "Netscape Communications Corp."
+#define NID_netscape 57
+#define OBJ_netscape 2L,16L,840L,1L,113730L
+
+#define SN_netscape_cert_extension "nsCertExt"
+#define LN_netscape_cert_extension "Netscape Certificate Extension"
+#define NID_netscape_cert_extension 58
+#define OBJ_netscape_cert_extension OBJ_netscape,1L
+
+#define SN_netscape_data_type "nsDataType"
+#define LN_netscape_data_type "Netscape Data Type"
+#define NID_netscape_data_type 59
+#define OBJ_netscape_data_type OBJ_netscape,2L
+
+#define SN_des_ede_cfb64 "DES-EDE-CFB"
+#define LN_des_ede_cfb64 "des-ede-cfb"
+#define NID_des_ede_cfb64 60
+
+#define SN_des_ede3_cfb64 "DES-EDE3-CFB"
+#define LN_des_ede3_cfb64 "des-ede3-cfb"
+#define NID_des_ede3_cfb64 61
+
+#define SN_des_ede_ofb64 "DES-EDE-OFB"
+#define LN_des_ede_ofb64 "des-ede-ofb"
+#define NID_des_ede_ofb64 62
+
+#define SN_des_ede3_ofb64 "DES-EDE3-OFB"
+#define LN_des_ede3_ofb64 "des-ede3-ofb"
+#define NID_des_ede3_ofb64 63
+
+/* I'm not sure about the object ID */
+#define SN_sha1 "SHA1"
+#define LN_sha1 "sha1"
+#define NID_sha1 64
+#define OBJ_sha1 OBJ_algorithm,26L
+/* 28 Jun 1996 - eay */
+/* #define OBJ_sha1 1L,3L,14L,2L,26L,05L <- wrong */
+
+#define SN_sha1WithRSAEncryption "RSA-SHA1"
+#define LN_sha1WithRSAEncryption "sha1WithRSAEncryption"
+#define NID_sha1WithRSAEncryption 65
+#define OBJ_sha1WithRSAEncryption OBJ_pkcs,1L,5L
+
+#define SN_dsaWithSHA "DSA-SHA"
+#define LN_dsaWithSHA "dsaWithSHA"
+#define NID_dsaWithSHA 66
+#define OBJ_dsaWithSHA OBJ_algorithm,13L
+
+#define SN_dsa_2 "DSA-old"
+#define LN_dsa_2 "dsaEncryption-old"
+#define NID_dsa_2 67
+#define OBJ_dsa_2 OBJ_algorithm,12L
+
+/* proposed by microsoft to RSA */
+#define LN_pbeWithSHA1AndRC2_CBC "pbeWithSHA1AndRC2-CBC"
+#define NID_pbeWithSHA1AndRC2_CBC 68
+#define OBJ_pbeWithSHA1AndRC2_CBC OBJ_pkcs,5L,11L
+
+/* proposed by microsoft to RSA */
+#define LN_pbeWithSHA1AndRC4 "pbeWithSHA1AndRC4"
+#define NID_pbeWithSHA1AndRC4 69
+#define OBJ_pbeWithSHA1AndRC4 OBJ_pkcs,5L,12L
+
+#define SN_dsaWithSHA1_2 "DSA-SHA1-old"
+#define LN_dsaWithSHA1_2 "dsaWithSHA1"
+#define NID_dsaWithSHA1_2 70
+/* Got this one from 'sdn706r20.pdf' which is actually an NSA document :-) */
+#define OBJ_dsaWithSHA1_2 OBJ_algorithm,27L
+
+#define SN_netscape_cert_type "nsCertType"
+#define LN_netscape_cert_type "Netscape Cert Type"
+#define NID_netscape_cert_type 71
+#define OBJ_netscape_cert_type OBJ_netscape_cert_extension,1L
+
+#define SN_netscape_base_url "nsBaseUrl"
+#define LN_netscape_base_url "Netscape Base Url"
+#define NID_netscape_base_url 72
+#define OBJ_netscape_base_url OBJ_netscape_cert_extension,2L
+
+#define SN_netscape_revocation_url "nsRevocationUrl"
+#define LN_netscape_revocation_url "Netscape Revocation Url"
+#define NID_netscape_revocation_url 73
+#define OBJ_netscape_revocation_url OBJ_netscape_cert_extension,3L
+
+#define SN_netscape_ca_revocation_url "nsCaRevocationUrl"
+#define LN_netscape_ca_revocation_url "Netscape CA Revocation Url"
+#define NID_netscape_ca_revocation_url 74
+#define OBJ_netscape_ca_revocation_url OBJ_netscape_cert_extension,4L
+
+#define SN_netscape_renewal_url "nsRenewalUrl"
+#define LN_netscape_renewal_url "Netscape Renewal Url"
+#define NID_netscape_renewal_url 75
+#define OBJ_netscape_renewal_url OBJ_netscape_cert_extension,7L
+
+#define SN_netscape_ca_policy_url "nsCaPolicyUrl"
+#define LN_netscape_ca_policy_url "Netscape CA Policy Url"
+#define NID_netscape_ca_policy_url 76
+#define OBJ_netscape_ca_policy_url OBJ_netscape_cert_extension,8L
+
+#define SN_netscape_ssl_server_name "nsSslServerName"
+#define LN_netscape_ssl_server_name "Netscape SSL Server Name"
+#define NID_netscape_ssl_server_name 77
+#define OBJ_netscape_ssl_server_name OBJ_netscape_cert_extension,12L
+
+#define SN_netscape_comment "nsComment"
+#define LN_netscape_comment "Netscape Comment"
+#define NID_netscape_comment 78
+#define OBJ_netscape_comment OBJ_netscape_cert_extension,13L
+
+#define SN_netscape_cert_sequence "nsCertSequence"
+#define LN_netscape_cert_sequence "Netscape Certificate Sequence"
+#define NID_netscape_cert_sequence 79
+#define OBJ_netscape_cert_sequence OBJ_netscape_data_type,5L
+
+#define SN_desx_cbc "DESX-CBC"
+#define LN_desx_cbc "desx-cbc"
+#define NID_desx_cbc 80
+
+#define SN_ld_ce "ld-ce"
+#define NID_ld_ce 81
+#define OBJ_ld_ce 2L,5L,29L
+
+#define SN_subject_key_identifier "subjectKeyIdentifier"
+#define LN_subject_key_identifier "X509v3 Subject Key Identifier"
+#define NID_subject_key_identifier 82
+#define OBJ_subject_key_identifier OBJ_ld_ce,14L
+
+#define SN_key_usage "keyUsage"
+#define LN_key_usage "X509v3 Key Usage"
+#define NID_key_usage 83
+#define OBJ_key_usage OBJ_ld_ce,15L
+
+#define SN_private_key_usage_period "privateKeyUsagePeriod"
+#define LN_private_key_usage_period "X509v3 Private Key Usage Period"
+#define NID_private_key_usage_period 84
+#define OBJ_private_key_usage_period OBJ_ld_ce,16L
+
+#define SN_subject_alt_name "subjectAltName"
+#define LN_subject_alt_name "X509v3 Subject Alternative Name"
+#define NID_subject_alt_name 85
+#define OBJ_subject_alt_name OBJ_ld_ce,17L
+
+#define SN_issuer_alt_name "issuerAltName"
+#define LN_issuer_alt_name "X509v3 Issuer Alternative Name"
+#define NID_issuer_alt_name 86
+#define OBJ_issuer_alt_name OBJ_ld_ce,18L
+
+#define SN_basic_constraints "basicConstraints"
+#define LN_basic_constraints "X509v3 Basic Constraints"
+#define NID_basic_constraints 87
+#define OBJ_basic_constraints OBJ_ld_ce,19L
+
+#define SN_crl_number "crlNumber"
+#define LN_crl_number "X509v3 CRL Number"
+#define NID_crl_number 88
+#define OBJ_crl_number OBJ_ld_ce,20L
+
+#define SN_certificate_policies "certificatePolicies"
+#define LN_certificate_policies "X509v3 Certificate Policies"
+#define NID_certificate_policies 89
+#define OBJ_certificate_policies OBJ_ld_ce,32L
+
+#define SN_authority_key_identifier "authorityKeyIdentifier"
+#define LN_authority_key_identifier "X509v3 Authority Key Identifier"
+#define NID_authority_key_identifier 90
+#define OBJ_authority_key_identifier OBJ_ld_ce,35L
+
+#define SN_bf_cbc "BF-CBC"
+#define LN_bf_cbc "bf-cbc"
+#define NID_bf_cbc 91
+
+#define SN_bf_ecb "BF-ECB"
+#define LN_bf_ecb "bf-ecb"
+#define NID_bf_ecb 92
+
+#define SN_bf_cfb64 "BF-CFB"
+#define LN_bf_cfb64 "bf-cfb"
+#define NID_bf_cfb64 93
+
+#define SN_bf_ofb64 "BF-OFB"
+#define LN_bf_ofb64 "bf-ofb"
+#define NID_bf_ofb64 94
+
+#define SN_mdc2 "MDC2"
+#define LN_mdc2 "mdc2"
+#define NID_mdc2 95
+#define OBJ_mdc2 2L,5L,8L,3L,101L
+/* An alternative? 1L,3L,14L,3L,2L,19L */
+
+#define SN_mdc2WithRSA "RSA-MDC2"
+#define LN_mdc2WithRSA "mdc2withRSA"
+#define NID_mdc2WithRSA 96
+#define OBJ_mdc2WithRSA 2L,5L,8L,3L,100L
+
+#define SN_rc4_40 "RC4-40"
+#define LN_rc4_40 "rc4-40"
+#define NID_rc4_40 97
+
+#define SN_rc2_40_cbc "RC2-40-CBC"
+#define LN_rc2_40_cbc "rc2-40-cbc"
+#define NID_rc2_40_cbc 98
+
+#define SN_givenName "G"
+#define LN_givenName "givenName"
+#define NID_givenName 99
+#define OBJ_givenName OBJ_X509,42L
+
+#define SN_surname "S"
+#define LN_surname "surname"
+#define NID_surname 100
+#define OBJ_surname OBJ_X509,4L
+
+#define SN_initials "I"
+#define LN_initials "initials"
+#define NID_initials 101
+#define OBJ_initials OBJ_X509,43L
+
+#define SN_uniqueIdentifier "UID"
+#define LN_uniqueIdentifier "uniqueIdentifier"
+#define NID_uniqueIdentifier 102
+#define OBJ_uniqueIdentifier OBJ_X509,45L
+
+#define SN_crl_distribution_points "crlDistributionPoints"
+#define LN_crl_distribution_points "X509v3 CRL Distribution Points"
+#define NID_crl_distribution_points 103
+#define OBJ_crl_distribution_points OBJ_ld_ce,31L
+
+#define SN_md5WithRSA "RSA-NP-MD5"
+#define LN_md5WithRSA "md5WithRSA"
+#define NID_md5WithRSA 104
+#define OBJ_md5WithRSA OBJ_algorithm,3L
+
+#define SN_serialNumber "SN"
+#define LN_serialNumber "serialNumber"
+#define NID_serialNumber 105
+#define OBJ_serialNumber OBJ_X509,5L
+
+#define SN_title "T"
+#define LN_title "title"
+#define NID_title 106
+#define OBJ_title OBJ_X509,12L
+
+#define SN_description "D"
+#define LN_description "description"
+#define NID_description 107
+#define OBJ_description OBJ_X509,13L
+
+/* CAST5 is CAST-128, I'm just sticking with the documentation */
+#define SN_cast5_cbc "CAST5-CBC"
+#define LN_cast5_cbc "cast5-cbc"
+#define NID_cast5_cbc 108
+#define OBJ_cast5_cbc 1L,2L,840L,113533L,7L,66L,10L
+
+#define SN_cast5_ecb "CAST5-ECB"
+#define LN_cast5_ecb "cast5-ecb"
+#define NID_cast5_ecb 109
+
+#define SN_cast5_cfb64 "CAST5-CFB"
+#define LN_cast5_cfb64 "cast5-cfb"
+#define NID_cast5_cfb64 110
+
+#define SN_cast5_ofb64 "CAST5-OFB"
+#define LN_cast5_ofb64 "cast5-ofb"
+#define NID_cast5_ofb64 111
+
+#define LN_pbeWithMD5AndCast5_CBC "pbeWithMD5AndCast5CBC"
+#define NID_pbeWithMD5AndCast5_CBC 112
+#define OBJ_pbeWithMD5AndCast5_CBC 1L,2L,840L,113533L,7L,66L,12L
+
+/* This is one sun will soon be using :-(
+ * id-dsa-with-sha1 ID ::= {
+ * iso(1) member-body(2) us(840) x9-57 (10040) x9cm(4) 3 }
+ */
+#define SN_dsaWithSHA1 "DSA-SHA1"
+#define LN_dsaWithSHA1 "dsaWithSHA1"
+#define NID_dsaWithSHA1 113
+#define OBJ_dsaWithSHA1 1L,2L,840L,10040L,4L,3L
+
+#define NID_md5_sha1 114
+#define SN_md5_sha1 "MD5-SHA1"
+#define LN_md5_sha1 "md5-sha1"
+
+#define SN_sha1WithRSA "RSA-SHA1-2"
+#define LN_sha1WithRSA "sha1WithRSA"
+#define NID_sha1WithRSA 115
+#define OBJ_sha1WithRSA OBJ_algorithm,29L
+
+#define SN_dsa "DSA"
+#define LN_dsa "dsaEncryption"
+#define NID_dsa 116
+#define OBJ_dsa 1L,2L,840L,10040L,4L,1L
+
+#define SN_ripemd160 "RIPEMD160"
+#define LN_ripemd160 "ripemd160"
+#define NID_ripemd160 117
+#define OBJ_ripemd160 1L,3L,36L,3L,2L,1L
+
+/* The name should actually be rsaSignatureWithripemd160, but I'm going
+ * to contiune using the convention I'm using with the other ciphers */
+#define SN_ripemd160WithRSA "RSA-RIPEMD160"
+#define LN_ripemd160WithRSA "ripemd160WithRSA"
+#define NID_ripemd160WithRSA 119
+#define OBJ_ripemd160WithRSA 1L,3L,36L,3L,3L,1L,2L
+
+/* Taken from rfc2040
+ * RC5_CBC_Parameters ::= SEQUENCE {
+ * version INTEGER (v1_0(16)),
+ * rounds INTEGER (8..127),
+ * blockSizeInBits INTEGER (64, 128),
+ * iv OCTET STRING OPTIONAL
+ * }
+ */
+#define SN_rc5_cbc "RC5-CBC"
+#define LN_rc5_cbc "rc5-cbc"
+#define NID_rc5_cbc 120
+#define OBJ_rc5_cbc OBJ_rsadsi,3L,8L
+
+#define SN_rc5_ecb "RC5-ECB"
+#define LN_rc5_ecb "rc5-ecb"
+#define NID_rc5_ecb 121
+
+#define SN_rc5_cfb64 "RC5-CFB"
+#define LN_rc5_cfb64 "rc5-cfb"
+#define NID_rc5_cfb64 122
+
+#define SN_rc5_ofb64 "RC5-OFB"
+#define LN_rc5_ofb64 "rc5-ofb"
+#define NID_rc5_ofb64 123
+
+#include "bio.h"
+#include "asn1.h"
+
+#define OBJ_create_and_add_object(a,b,c) OBJ_create(a,b,c)
+
+#ifndef NOPROTO
+
+ASN1_OBJECT * OBJ_dup(ASN1_OBJECT *o);
+ASN1_OBJECT * OBJ_nid2obj(int n);
+char * OBJ_nid2ln(int n);
+char * OBJ_nid2sn(int n);
+int OBJ_obj2nid(ASN1_OBJECT *o);
+int OBJ_txt2nid(char *s);
+int OBJ_ln2nid(char *s);
+int OBJ_sn2nid(char *s);
+int OBJ_cmp(ASN1_OBJECT *a,ASN1_OBJECT *b);
+char * OBJ_bsearch(char *key,char *base,int num,int size,int (*cmp)());
+
+void ERR_load_OBJ_strings(void );
+
+int OBJ_new_nid(int num);
+int OBJ_add_object(ASN1_OBJECT *obj);
+int OBJ_create(char *oid,char *sn,char *ln);
+void OBJ_cleanup(void );
+int OBJ_create_objects(BIO *in);
+
+#else
+
+ASN1_OBJECT * OBJ_dup();
+ASN1_OBJECT * OBJ_nid2obj();
+char * OBJ_nid2ln();
+char * OBJ_nid2sn();
+int OBJ_obj2nid();
+int OBJ_txt2nid();
+int OBJ_ln2nid();
+int OBJ_sn2nid();
+int OBJ_cmp();
+char * OBJ_bsearch();
+
+void ERR_load_OBJ_strings();
+
+int OBJ_new_nid();
+int OBJ_add_object();
+int OBJ_create();
+void OBJ_cleanup();
+int OBJ_create_objects();
+
+#endif
+
+/* BEGIN ERROR CODES */
+/* Error codes for the OBJ functions. */
+
+/* Function codes. */
+#define OBJ_F_OBJ_CREATE 100
+#define OBJ_F_OBJ_DUP 101
+#define OBJ_F_OBJ_NID2LN 102
+#define OBJ_F_OBJ_NID2OBJ 103
+#define OBJ_F_OBJ_NID2SN 104
+
+/* Reason codes. */
+#define OBJ_R_MALLOC_FAILURE 100
+#define OBJ_R_UNKNOWN_NID 101
+
+#ifdef __cplusplus
+}
+#endif
+#endif
+
diff --git a/src/lib/libssl/src/crypto/objects/objects.txt b/src/lib/libssl/src/crypto/objects/objects.txt
new file mode 100644
index 0000000000..cb276e90e9
--- /dev/null
+++ b/src/lib/libssl/src/crypto/objects/objects.txt
@@ -0,0 +1,40 @@
+1 2 : ISO member bodies
+1 2 840 : US (ANSI)
+1 2 840 113549 : rsadsi : RSA Data Security, Inc.
+1 2 840 113549 1 : pkcs : RSA Data Security, Inc. PKCS
+1 2 840 113549 1 1 1 : rsaEncryption
+1 2 840 113549 1 1 2 : md2withRSAEncryption
+1 2 840 113549 1 1 4 : md5withRSAEncryption
+1 2 840 113549 1 7 : pkcs-7
+1 2 840 113549 1 7 1 : pkcs-7-data
+1 2 840 113549 1 7 2 : pkcs-7-signedData
+1 2 840 113549 1 7 3 : pkcs-7-envelopedData
+1 2 840 113549 1 7 4 : pkcs-7-signedAndEnvelopedData
+1 2 840 113549 1 7 5 : pkcs-7-digestData
+1 2 840 113549 1 7 6 : pkcs-7-encryptedData
+1 2 840 113549 2 2 : md2
+1 2 840 113549 2 4 : md4
+1 2 840 113549 2 5 : md5
+1 2 840 113549 3 4 : rc4
+1 2 840 113549 5 1 : pbeWithMD2AndDES_CBC
+1 2 840 113549 5 3 : pbeWithMD5AndDES_CBC
+2 5 : X500 : directory services (X.500)
+2 5 4 : X509
+2 5 4 3 : commonName
+2 5 4 6 : countryName
+2 5 4 7 : localityName
+2 5 4 8 : stateOrProvinceName
+2 5 4 10 : organizationName
+2 5 4 11 : organizationalUnitName
+2 5 8 : directory services - algorithms
+2 5 8 1 1 : rsa
+
+algorithm 18 : sha
+encryptionAlgorithm 1 : rsa
+algorithm 11 : rsaSignature
+
+algorithm 6 : desECB
+algorithm 7 : desCBC
+algorithm 8 : desOFB
+algorithm 9 : desCFB
+algorithm 17 : desEDE2
diff --git a/src/lib/libssl/src/crypto/pem/message b/src/lib/libssl/src/crypto/pem/message
new file mode 100644
index 0000000000..e8bf9d7592
--- /dev/null
+++ b/src/lib/libssl/src/crypto/pem/message
@@ -0,0 +1,16 @@
+-----BEGIN PRIVACY-ENHANCED MESSAGE-----
+Proc-Type: 4,ENCRYPTED
+Proc-Type: 4,MIC-ONLY
+Proc-Type: 4,MIC-CLEAR
+Content-Domain: RFC822
+DEK-Info: DES-CBC,0123456789abcdef
+Originator-Certificate
+ xxxx
+Issuer-Certificate
+ xxxx
+MIC-Info: RSA-MD5,RSA,
+ xxxx
+
+
+-----END PRIVACY-ENHANCED MESSAGE-----
+
diff --git a/src/lib/libssl/src/crypto/pem/pem.h b/src/lib/libssl/src/crypto/pem/pem.h
new file mode 100644
index 0000000000..55fbaeffe2
--- /dev/null
+++ b/src/lib/libssl/src/crypto/pem/pem.h
@@ -0,0 +1,562 @@
+/* crypto/pem/pem.org */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * Always modify pem.org since pem.h is automatically generated from
+ * it during SSLeay configuration.
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+#ifndef HEADER_PEM_H
+#define HEADER_PEM_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include "evp.h"
+#include "x509.h"
+
+#define PEM_OBJ_UNDEF 0
+#define PEM_OBJ_X509 1
+#define PEM_OBJ_X509_REQ 2
+#define PEM_OBJ_CRL 3
+#define PEM_OBJ_SSL_SESSION 4
+#define PEM_OBJ_PRIV_KEY 10
+#define PEM_OBJ_PRIV_RSA 11
+#define PEM_OBJ_PRIV_DSA 12
+#define PEM_OBJ_PRIV_DH 13
+#define PEM_OBJ_PUB_RSA 14
+#define PEM_OBJ_PUB_DSA 15
+#define PEM_OBJ_PUB_DH 16
+#define PEM_OBJ_DHPARAMS 17
+#define PEM_OBJ_DSAPARAMS 18
+#define PEM_OBJ_PRIV_RSA_PUBLIC 19
+
+#define PEM_ERROR 30
+#define PEM_DEK_DES_CBC 40
+#define PEM_DEK_IDEA_CBC 45
+#define PEM_DEK_DES_EDE 50
+#define PEM_DEK_DES_ECB 60
+#define PEM_DEK_RSA 70
+#define PEM_DEK_RSA_MD2 80
+#define PEM_DEK_RSA_MD5 90
+
+#define PEM_MD_MD2 NID_md2
+#define PEM_MD_MD5 NID_md5
+#define PEM_MD_SHA NID_sha
+#define PEM_MD_MD2_RSA NID_md2WithRSAEncryption
+#define PEM_MD_MD5_RSA NID_md5WithRSAEncryption
+#define PEM_MD_SHA_RSA NID_sha1WithRSAEncryption
+
+#define PEM_STRING_X509_OLD "X509 CERTIFICATE"
+#define PEM_STRING_X509 "CERTIFICATE"
+#define PEM_STRING_X509_REQ_OLD "NEW CERTIFICATE REQUEST"
+#define PEM_STRING_X509_REQ "CERTIFICATE REQUEST"
+#define PEM_STRING_X509_CRL "X509 CRL"
+#define PEM_STRING_EVP_PKEY "PRIVATE KEY"
+#define PEM_STRING_RSA "RSA PRIVATE KEY"
+#define PEM_STRING_RSA_PUBLIC "RSA PUBLIC KEY"
+#define PEM_STRING_DSA "DSA PRIVATE KEY"
+#define PEM_STRING_PKCS7 "PKCS7"
+#define PEM_STRING_DHPARAMS "DH PARAMETERS"
+#define PEM_STRING_SSL_SESSION "SSL SESSION PARAMETERS"
+#define PEM_STRING_DSAPARAMS "DSA PARAMETERS"
+
+#ifndef HEADER_ENVELOPE_H
+
+#define EVP_ENCODE_CTX_SIZE 96
+#define EVP_MD_SIZE 60
+#define EVP_MD_CTX_SIZE 152
+#define EVP_CIPHER_SIZE 40
+#define EVP_CIPHER_CTX_SIZE 4212
+#define EVP_MAX_MD_SIZE 20
+
+typedef struct evp_encode_ctx_st
+ {
+ char data[EVP_ENCODE_CTX_SIZE];
+ } EVP_ENCODE_CTX;
+
+typedef struct env_md_ctx_st
+ {
+ char data[EVP_MD_CTX_SIZE];
+ } EVP_MD_CTX;
+
+typedef struct evp_cipher_st
+ {
+ char data[EVP_CIPHER_SIZE];
+ } EVP_CIPHER;
+
+typedef struct evp_cipher_ctx_st
+ {
+ char data[EVP_CIPHER_CTX_SIZE];
+ } EVP_CIPHER_CTX;
+#endif
+
+
+typedef struct PEM_Encode_Seal_st
+ {
+ EVP_ENCODE_CTX encode;
+ EVP_MD_CTX md;
+ EVP_CIPHER_CTX cipher;
+ } PEM_ENCODE_SEAL_CTX;
+
+/* enc_type is one off */
+#define PEM_TYPE_ENCRYPTED 10
+#define PEM_TYPE_MIC_ONLY 20
+#define PEM_TYPE_MIC_CLEAR 30
+#define PEM_TYPE_CLEAR 40
+
+typedef struct pem_recip_st
+ {
+ char *name;
+ X509_NAME *dn;
+
+ int cipher;
+ int key_enc;
+ char iv[8];
+ } PEM_USER;
+
+typedef struct pem_ctx_st
+ {
+ int type; /* what type of object */
+
+ struct {
+ int version;
+ int mode;
+ } proc_type;
+
+ char *domain;
+
+ struct {
+ int cipher;
+ unsigned char iv[8];
+ } DEK_info;
+
+ PEM_USER *originator;
+
+ int num_recipient;
+ PEM_USER **recipient;
+
+#ifdef HEADER_STACK_H
+ STACK *x509_chain; /* certificate chain */
+#else
+ char *x509_chain; /* certificate chain */
+#endif
+ EVP_MD *md; /* signature type */
+
+ int md_enc; /* is the md encrypted or not? */
+ int md_len; /* length of md_data */
+ char *md_data; /* message digest, could be pkey encrypted */
+
+ EVP_CIPHER *dec; /* date encryption cipher */
+ int key_len; /* key length */
+ unsigned char *key; /* key */
+ unsigned char iv[8]; /* the iv */
+
+
+ int data_enc; /* is the data encrypted */
+ int data_len;
+ unsigned char *data;
+ } PEM_CTX;
+
+#ifdef SSLEAY_MACROS
+
+#define PEM_write_SSL_SESSION(fp,x) \
+ PEM_ASN1_write((int (*)())i2d_SSL_SESSION, \
+ PEM_STRING_SSL_SESSION,fp, (char *)x, NULL,NULL,0,NULL)
+#define PEM_write_X509(fp,x) \
+ PEM_ASN1_write((int (*)())i2d_X509,PEM_STRING_X509,fp, \
+ (char *)x, NULL,NULL,0,NULL)
+#define PEM_write_X509_REQ(fp,x) PEM_ASN1_write( \
+ (int (*)())i2d_X509_REQ,PEM_STRING_X509_REQ,fp,(char *)x, \
+ NULL,NULL,0,NULL)
+#define PEM_write_X509_CRL(fp,x) \
+ PEM_ASN1_write((int (*)())i2d_X509_CRL,PEM_STRING_X509_CRL, \
+ fp,(char *)x, NULL,NULL,0,NULL)
+#define PEM_write_RSAPrivateKey(fp,x,enc,kstr,klen,cb) \
+ PEM_ASN1_write((int (*)())i2d_RSAPrivateKey,PEM_STRING_RSA,fp,\
+ (char *)x,enc,kstr,klen,cb)
+#define PEM_write_RSAPublicKey(fp,x) \
+ PEM_ASN1_write((int (*)())i2d_RSAPublicKey,\
+ PEM_STRING_RSA_PUBLIC,fp,(char *)x,NULL,NULL,0,NULL)
+#define PEM_write_DSAPrivateKey(fp,x,enc,kstr,klen,cb) \
+ PEM_ASN1_write((int (*)())i2d_DSAPrivateKey,PEM_STRING_DSA,fp,\
+ (char *)x,enc,kstr,klen,cb)
+#define PEM_write_PrivateKey(bp,x,enc,kstr,klen,cb) \
+ PEM_ASN1_write((int (*)())i2d_PrivateKey,\
+ (((x)->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA),\
+ bp,(char *)x,enc,kstr,klen,cb)
+#define PEM_write_PKCS7(fp,x) \
+ PEM_ASN1_write((int (*)())i2d_PKCS7,PEM_STRING_PKCS7,fp, \
+ (char *)x, NULL,NULL,0,NULL)
+#define PEM_write_DHparams(fp,x) \
+ PEM_ASN1_write((int (*)())i2d_DHparams,PEM_STRING_DHPARAMS,fp,\
+ (char *)x,NULL,NULL,0,NULL)
+
+#define PEM_read_SSL_SESSION(fp,x,cb) (SSL_SESSION *)PEM_ASN1_read( \
+ (char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,fp,(char **)x,cb)
+#define PEM_read_X509(fp,x,cb) (X509 *)PEM_ASN1_read( \
+ (char *(*)())d2i_X509,PEM_STRING_X509,fp,(char **)x,cb)
+#define PEM_read_X509_REQ(fp,x,cb) (X509_REQ *)PEM_ASN1_read( \
+ (char *(*)())d2i_X509_REQ,PEM_STRING_X509_REQ,fp,(char **)x,cb)
+#define PEM_read_X509_CRL(fp,x,cb) (X509_CRL *)PEM_ASN1_read( \
+ (char *(*)())d2i_X509_CRL,PEM_STRING_X509_CRL,fp,(char **)x,cb)
+#define PEM_read_RSAPrivateKey(fp,x,cb) (RSA *)PEM_ASN1_read( \
+ (char *(*)())d2i_RSAPrivateKey,PEM_STRING_RSA,fp,(char **)x,cb)
+#define PEM_read_RSAPublicKey(fp,x,cb) (RSA *)PEM_ASN1_read( \
+ (char *(*)())d2i_RSAPublicKey,PEM_STRING_RSA_PUBLIC,fp,(char **)x,cb)
+#define PEM_read_DSAPrivateKey(fp,x,cb) (DSA *)PEM_ASN1_read( \
+ (char *(*)())d2i_DSAPrivateKey,PEM_STRING_DSA,fp,(char **)x,cb)
+#define PEM_read_PrivateKey(fp,x,cb) (EVP_PKEY *)PEM_ASN1_read( \
+ (char *(*)())d2i_PrivateKey,PEM_STRING_EVP_PKEY,fp,(char **)x,cb)
+#define PEM_read_PKCS7(fp,x,cb) (PKCS7 *)PEM_ASN1_read( \
+ (char *(*)())d2i_PKCS7,PEM_STRING_PKCS7,fp,(char **)x,cb)
+#define PEM_read_DHparams(fp,x,cb) (DH *)PEM_ASN1_read( \
+ (char *(*)())d2i_DHparams,PEM_STRING_DHPARAMS,fp,(char **)x,cb)
+
+#define PEM_write_bio_SSL_SESSION(bp,x) \
+ PEM_ASN1_write_bio((int (*)())i2d_SSL_SESSION, \
+ PEM_STRING_SSL_SESSION,bp, (char *)x, NULL,NULL,0,NULL)
+#define PEM_write_bio_X509(bp,x) \
+ PEM_ASN1_write_bio((int (*)())i2d_X509,PEM_STRING_X509,bp, \
+ (char *)x, NULL,NULL,0,NULL)
+#define PEM_write_bio_X509_REQ(bp,x) PEM_ASN1_write_bio( \
+ (int (*)())i2d_X509_REQ,PEM_STRING_X509_REQ,bp,(char *)x, \
+ NULL,NULL,0,NULL)
+#define PEM_write_bio_X509_CRL(bp,x) \
+ PEM_ASN1_write_bio((int (*)())i2d_X509_CRL,PEM_STRING_X509_CRL,\
+ bp,(char *)x, NULL,NULL,0,NULL)
+#define PEM_write_bio_RSAPrivateKey(bp,x,enc,kstr,klen,cb) \
+ PEM_ASN1_write_bio((int (*)())i2d_RSAPrivateKey,PEM_STRING_RSA,\
+ bp,(char *)x,enc,kstr,klen,cb)
+#define PEM_write_bio_RSAPublicKey(bp,x) \
+ PEM_ASN1_write_bio((int (*)())i2d_RSAPublicKey, \
+ PEM_STRING_RSA_PUBLIC,\
+ bp,(char *)x,NULL,NULL,0,NULL)
+#define PEM_write_bio_DSAPrivateKey(bp,x,enc,kstr,klen,cb) \
+ PEM_ASN1_write_bio((int (*)())i2d_DSAPrivateKey,PEM_STRING_DSA,\
+ bp,(char *)x,enc,kstr,klen,cb)
+#define PEM_write_bio_PrivateKey(bp,x,enc,kstr,klen,cb) \
+ PEM_ASN1_write_bio((int (*)())i2d_PrivateKey,\
+ (((x)->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA),\
+ bp,(char *)x,enc,kstr,klen,cb)
+#define PEM_write_bio_PKCS7(bp,x) \
+ PEM_ASN1_write_bio((int (*)())i2d_PKCS7,PEM_STRING_PKCS7,bp, \
+ (char *)x, NULL,NULL,0,NULL)
+#define PEM_write_bio_DHparams(bp,x) \
+ PEM_ASN1_write_bio((int (*)())i2d_DHparams,PEM_STRING_DHPARAMS,\
+ bp,(char *)x,NULL,NULL,0,NULL)
+#define PEM_write_bio_DSAparams(bp,x) \
+ PEM_ASN1_write_bio((int (*)())i2d_DSAparams, \
+ PEM_STRING_DSAPARAMS,bp,(char *)x,NULL,NULL,0,NULL)
+
+#define PEM_read_bio_SSL_SESSION(bp,x,cb) (SSL_SESSION *)PEM_ASN1_read_bio( \
+ (char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,bp,(char **)x,cb)
+#define PEM_read_bio_X509(bp,x,cb) (X509 *)PEM_ASN1_read_bio( \
+ (char *(*)())d2i_X509,PEM_STRING_X509,bp,(char **)x,cb)
+#define PEM_read_bio_X509_REQ(bp,x,cb) (X509_REQ *)PEM_ASN1_read_bio( \
+ (char *(*)())d2i_X509_REQ,PEM_STRING_X509_REQ,bp,(char **)x,cb)
+#define PEM_read_bio_X509_CRL(bp,x,cb) (X509_CRL *)PEM_ASN1_read_bio( \
+ (char *(*)())d2i_X509_CRL,PEM_STRING_X509_CRL,bp,(char **)x,cb)
+#define PEM_read_bio_RSAPrivateKey(bp,x,cb) (RSA *)PEM_ASN1_read_bio( \
+ (char *(*)())d2i_RSAPrivateKey,PEM_STRING_RSA,bp,(char **)x,cb)
+#define PEM_read_bio_RSAPublicKey(bp,x,cb) (RSA *)PEM_ASN1_read_bio( \
+ (char *(*)())d2i_RSAPublicKey,PEM_STRING_RSA_PUBLIC,bp,(char **)x,cb)
+#define PEM_read_bio_DSAPrivateKey(bp,x,cb) (DSA *)PEM_ASN1_read_bio( \
+ (char *(*)())d2i_DSAPrivateKey,PEM_STRING_DSA,bp,(char **)x,cb)
+#define PEM_read_bio_PrivateKey(bp,x,cb) (EVP_PKEY *)PEM_ASN1_read_bio( \
+ (char *(*)())d2i_PrivateKey,PEM_STRING_EVP_PKEY,bp,(char **)x,cb)
+
+#define PEM_read_bio_PKCS7(bp,x,cb) (PKCS7 *)PEM_ASN1_read_bio( \
+ (char *(*)())d2i_PKCS7,PEM_STRING_PKCS7,bp,(char **)x,cb)
+#define PEM_read_bio_DHparams(bp,x,cb) (DH *)PEM_ASN1_read_bio( \
+ (char *(*)())d2i_DHparams,PEM_STRING_DHPARAMS,bp,(char **)x,cb)
+#define PEM_read_bio_DSAparams(bp,x,cb) (DSA *)PEM_ASN1_read_bio( \
+ (char *(*)())d2i_DSAparams,PEM_STRING_DSAPARAMS,bp,(char **)x,cb)
+
+#endif
+
+#ifndef NOPROTO
+int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher);
+int PEM_do_header (EVP_CIPHER_INFO *cipher, unsigned char *data,long *len,
+ int (*callback)());
+
+#ifdef HEADER_BIO_H
+int PEM_read_bio(BIO *bp, char **name, char **header,
+ unsigned char **data,long *len);
+int PEM_write_bio(BIO *bp,char *name,char *hdr,unsigned char *data,
+ long len);
+char * PEM_ASN1_read_bio(char *(*d2i)(),char *name,BIO *bp,char **x,
+ int (*cb)());
+int PEM_ASN1_write_bio(int (*i2d)(),char *name,BIO *bp,char *x,
+ EVP_CIPHER *enc,unsigned char *kstr,int klen,int (*callback)());
+STACK * PEM_X509_INFO_read_bio(BIO *bp, STACK *sk, int (*cb)());
+int PEM_X509_INFO_write_bio(BIO *bp,X509_INFO *xi, EVP_CIPHER *enc,
+ unsigned char *kstr, int klen, int (*cb)());
+#endif
+
+#ifndef WIN16
+int PEM_read(FILE *fp, char **name, char **header,
+ unsigned char **data,long *len);
+int PEM_write(FILE *fp,char *name,char *hdr,unsigned char *data,long len);
+char * PEM_ASN1_read(char *(*d2i)(),char *name,FILE *fp,char **x,
+ int (*cb)());
+int PEM_ASN1_write(int (*i2d)(),char *name,FILE *fp,char *x,
+ EVP_CIPHER *enc,unsigned char *kstr,int klen,int (*callback)());
+STACK * PEM_X509_INFO_read(FILE *fp, STACK *sk, int (*cb)());
+#endif
+
+int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type,
+ EVP_MD *md_type, unsigned char **ek, int *ekl,
+ unsigned char *iv, EVP_PKEY **pubk, int npubk);
+void PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl,
+ unsigned char *in, int inl);
+int PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig,int *sigl,
+ unsigned char *out, int *outl, EVP_PKEY *priv);
+
+void PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type);
+void PEM_SignUpdate(EVP_MD_CTX *ctx,unsigned char *d,unsigned int cnt);
+int PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
+ unsigned int *siglen, EVP_PKEY *pkey);
+
+void ERR_load_PEM_strings(void);
+
+void PEM_proc_type(char *buf, int type);
+void PEM_dek_info(char *buf, char *type, int len, char *str);
+
+#ifndef SSLEAY_MACROS
+
+#ifndef WIN16
+X509 *PEM_read_X509(FILE *fp,X509 **x,int (*cb)());
+X509_REQ *PEM_read_X509_REQ(FILE *fp,X509_REQ **x,int (*cb)());
+X509_CRL *PEM_read_X509_CRL(FILE *fp,X509_CRL **x,int (*cb)());
+RSA *PEM_read_RSAPrivateKey(FILE *fp,RSA **x,int (*cb)());
+RSA *PEM_read_RSAPublicKey(FILE *fp,RSA **x,int (*cb)());
+DSA *PEM_read_DSAPrivateKey(FILE *fp,DSA **x,int (*cb)());
+EVP_PKEY *PEM_read_PrivateKey(FILE *fp,EVP_PKEY **x,int (*cb)());
+PKCS7 *PEM_read_PKCS7(FILE *fp,PKCS7 **x,int (*cb)());
+DH *PEM_read_DHparams(FILE *fp,DH **x,int (*cb)());
+DSA *PEM_read_DSAparams(FILE *fp,DSA **x,int (*cb)());
+int PEM_write_X509(FILE *fp,X509 *x);
+int PEM_write_X509_REQ(FILE *fp,X509_REQ *x);
+int PEM_write_X509_CRL(FILE *fp,X509_CRL *x);
+int PEM_write_RSAPrivateKey(FILE *fp,RSA *x,EVP_CIPHER *enc,unsigned char *kstr,
+ int klen,int (*cb)());
+int PEM_write_RSAPublicKey(FILE *fp,RSA *x);
+int PEM_write_DSAPrivateKey(FILE *fp,DSA *x,EVP_CIPHER *enc,unsigned char *kstr,
+ int klen,int (*cb)());
+int PEM_write_PrivateKey(FILE *fp,EVP_PKEY *x,EVP_CIPHER *enc,
+ unsigned char *kstr,int klen,int (*cb)());
+int PEM_write_PKCS7(FILE *fp,PKCS7 *x);
+int PEM_write_DHparams(FILE *fp,DH *x);
+int PEM_write_DSAparams(FILE *fp,DSA *x);
+#endif
+
+#ifdef HEADER_BIO_H
+X509 *PEM_read_bio_X509(BIO *bp,X509 **x,int (*cb)());
+X509_REQ *PEM_read_bio_X509_REQ(BIO *bp,X509_REQ **x,int (*cb)());
+X509_CRL *PEM_read_bio_X509_CRL(BIO *bp,X509_CRL **x,int (*cb)());
+RSA *PEM_read_bio_RSAPrivateKey(BIO *bp,RSA **x,int (*cb)());
+RSA *PEM_read_bio_RSAPublicKey(BIO *bp,RSA **x,int (*cb)());
+DSA *PEM_read_bio_DSAPrivateKey(BIO *bp,DSA **x,int (*cb)());
+EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp,EVP_PKEY **x,int (*cb)());
+PKCS7 *PEM_read_bio_PKCS7(BIO *bp,PKCS7 **x,int (*cb)());
+DH *PEM_read_bio_DHparams(BIO *bp,DH **x,int (*cb)());
+DSA *PEM_read_bio_DSAparams(BIO *bp,DSA **x,int (*cb)());
+int PEM_write_bio_X509(BIO *bp,X509 *x);
+int PEM_write_bio_X509_REQ(BIO *bp,X509_REQ *x);
+int PEM_write_bio_X509_CRL(BIO *bp,X509_CRL *x);
+int PEM_write_bio_RSAPrivateKey(BIO *fp,RSA *x,EVP_CIPHER *enc,
+ unsigned char *kstr,int klen,int (*cb)());
+int PEM_write_bio_RSAPublicKey(BIO *fp,RSA *x);
+int PEM_write_bio_DSAPrivateKey(BIO *fp,DSA *x,EVP_CIPHER *enc,
+ unsigned char *kstr,int klen,int (*cb)());
+int PEM_write_bio_PrivateKey(BIO *fp,EVP_PKEY *x,EVP_CIPHER *enc,
+ unsigned char *kstr,int klen,int (*cb)());
+int PEM_write_bio_PKCS7(BIO *bp,PKCS7 *x);
+int PEM_write_bio_DHparams(BIO *bp,DH *x);
+int PEM_write_bio_DSAparams(BIO *bp,DSA *x);
+#endif
+
+#endif /* SSLEAY_MACROS */
+
+
+#else
+
+int PEM_get_EVP_CIPHER_INFO();
+int PEM_do_header();
+int PEM_read_bio();
+int PEM_write_bio();
+#ifndef WIN16
+int PEM_read();
+int PEM_write();
+STACK * PEM_X509_INFO_read();
+char * PEM_ASN1_read();
+int PEM_ASN1_write();
+#endif
+STACK * PEM_X509_INFO_read_bio();
+int PEM_X509_INFO_write_bio();
+char * PEM_ASN1_read_bio();
+int PEM_ASN1_write_bio();
+int PEM_SealInit();
+void PEM_SealUpdate();
+int PEM_SealFinal();
+int PEM_SignFinal();
+
+void ERR_load_PEM_strings();
+
+void PEM_proc_type();
+void PEM_dek_info();
+
+#ifndef SSLEAY_MACROS
+#ifndef WIN16
+X509 *PEM_read_X509();
+X509_REQ *PEM_read_X509_REQ();
+X509_CRL *PEM_read_X509_CRL();
+RSA *PEM_read_RSAPrivateKey();
+RSA *PEM_read_RSAPublicKey();
+DSA *PEM_read_DSAPrivateKey();
+EVP_PKEY *PEM_read_PrivateKey();
+PKCS7 *PEM_read_PKCS7();
+DH *PEM_read_DHparams();
+DSA *PEM_read_DSAparams();
+int PEM_write_X509();
+int PEM_write_X509_REQ();
+int PEM_write_X509_CRL();
+int PEM_write_RSAPrivateKey();
+int PEM_write_RSAPublicKey();
+int PEM_write_DSAPrivateKey();
+int PEM_write_PrivateKey();
+int PEM_write_PKCS7();
+int PEM_write_DHparams();
+int PEM_write_DSAparams();
+#endif
+
+X509 *PEM_read_bio_X509();
+X509_REQ *PEM_read_bio_X509_REQ();
+X509_CRL *PEM_read_bio_X509_CRL();
+RSA *PEM_read_bio_RSAPrivateKey();
+RSA *PEM_read_bio_RSAPublicKey();
+DSA *PEM_read_bio_DSAPrivateKey();
+EVP_PKEY *PEM_read_bio_PrivateKey();
+PKCS7 *PEM_read_bio_PKCS7();
+DH *PEM_read_bio_DHparams();
+DSA *PEM_read_bio_DSAparams();
+int PEM_write_bio_X509();
+int PEM_write_bio_X509_REQ();
+int PEM_write_bio_X509_CRL();
+int PEM_write_bio_RSAPrivateKey();
+int PEM_write_bio_RSAPublicKey();
+int PEM_write_bio_DSAPrivateKey();
+int PEM_write_bio_PrivateKey();
+int PEM_write_bio_PKCS7();
+int PEM_write_bio_DHparams();
+int PEM_write_bio_DSAparams();
+
+#endif /* SSLEAY_MACROS */
+
+#endif
+
+/* BEGIN ERROR CODES */
+/* Error codes for the PEM functions. */
+
+/* Function codes. */
+#define PEM_F_DEF_CALLBACK 100
+#define PEM_F_LOAD_IV 101
+#define PEM_F_PEM_ASN1_READ 102
+#define PEM_F_PEM_ASN1_READ_BIO 103
+#define PEM_F_PEM_ASN1_WRITE 104
+#define PEM_F_PEM_ASN1_WRITE_BIO 105
+#define PEM_F_PEM_DO_HEADER 106
+#define PEM_F_PEM_GET_EVP_CIPHER_INFO 107
+#define PEM_F_PEM_READ 108
+#define PEM_F_PEM_READ_BIO 109
+#define PEM_F_PEM_SEALFINAL 110
+#define PEM_F_PEM_SEALINIT 111
+#define PEM_F_PEM_SIGNFINAL 112
+#define PEM_F_PEM_WRITE 113
+#define PEM_F_PEM_WRITE_BIO 114
+#define PEM_F_PEM_X509_INFO_READ 115
+#define PEM_F_PEM_X509_INFO_READ_BIO 116
+#define PEM_F_PEM_X509_INFO_WRITE_BIO 117
+
+/* Reason codes. */
+#define PEM_R_BAD_BASE64_DECODE 100
+#define PEM_R_BAD_DECRYPT 101
+#define PEM_R_BAD_END_LINE 102
+#define PEM_R_BAD_IV_CHARS 103
+#define PEM_R_BAD_PASSWORD_READ 104
+#define PEM_R_NOT_DEK_INFO 105
+#define PEM_R_NOT_ENCRYPTED 106
+#define PEM_R_NOT_PROC_TYPE 107
+#define PEM_R_NO_START_LINE 108
+#define PEM_R_PROBLEMS_GETTING_PASSWORD 109
+#define PEM_R_PUBLIC_KEY_NO_RSA 110
+#define PEM_R_READ_KEY 111
+#define PEM_R_SHORT_HEADER 112
+#define PEM_R_UNSUPPORTED_CIPHER 113
+#define PEM_R_UNSUPPORTED_ENCRYPTION 114
+
+#ifdef __cplusplus
+}
+#endif
+#endif
+
diff --git a/src/lib/libssl/src/crypto/pem/pem_all.c b/src/lib/libssl/src/crypto/pem/pem_all.c
new file mode 100644
index 0000000000..d1cda7aabe
--- /dev/null
+++ b/src/lib/libssl/src/crypto/pem/pem_all.c
@@ -0,0 +1,488 @@
+/* crypto/pem/pem_all.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#undef SSLEAY_MACROS
+#include "cryptlib.h"
+#include "bio.h"
+#include "evp.h"
+#include "x509.h"
+#include "pkcs7.h"
+#include "pem.h"
+
+#ifndef NO_FP_API
+/* The X509 functions */
+X509 *PEM_read_X509(fp,x,cb)
+FILE *fp;
+X509 **x;
+int (*cb)();
+ {
+ return((X509 *)PEM_ASN1_read((char *(*)())d2i_X509,
+ PEM_STRING_X509,fp,(char **)x,cb));
+ }
+#endif
+
+X509 *PEM_read_bio_X509(bp,x,cb)
+BIO *bp;
+X509 **x;
+int (*cb)();
+ {
+ return((X509 *)PEM_ASN1_read_bio((char *(*)())d2i_X509,
+ PEM_STRING_X509,bp,(char **)x,cb));
+ }
+
+#ifndef NO_FP_API
+int PEM_write_X509(fp,x)
+FILE *fp;
+X509 *x;
+ {
+ return(PEM_ASN1_write((int (*)())i2d_X509,PEM_STRING_X509,fp,
+ (char *)x, NULL,NULL,0,NULL));
+ }
+#endif
+
+int PEM_write_bio_X509(bp,x)
+BIO *bp;
+X509 *x;
+ {
+ return(PEM_ASN1_write_bio((int (*)())i2d_X509,PEM_STRING_X509,bp,
+ (char *)x, NULL,NULL,0,NULL));
+ }
+
+#ifndef NO_FP_API
+/* The X509_REQ functions */
+X509_REQ *PEM_read_X509_REQ(fp,x,cb)
+FILE *fp;
+X509_REQ **x;
+int (*cb)();
+ {
+ return((X509_REQ *)PEM_ASN1_read((char *(*)())d2i_X509_REQ,
+ PEM_STRING_X509_REQ,fp,(char **)x,cb));
+ }
+#endif
+
+X509_REQ *PEM_read_bio_X509_REQ(bp,x,cb)
+BIO *bp;
+X509_REQ **x;
+int (*cb)();
+ {
+ return((X509_REQ *)PEM_ASN1_read_bio((char *(*)())d2i_X509_REQ,
+ PEM_STRING_X509_REQ,bp,(char **)x,cb));
+ }
+
+#ifndef NO_FP_API
+int PEM_write_X509_REQ(fp,x)
+FILE *fp;
+X509_REQ *x;
+ {
+ return(PEM_ASN1_write((int (*)())i2d_X509_REQ,PEM_STRING_X509_REQ,fp,
+ (char *)x, NULL,NULL,0,NULL));
+ }
+#endif
+
+int PEM_write_bio_X509_REQ(bp,x)
+BIO *bp;
+X509_REQ *x;
+ {
+ return(PEM_ASN1_write_bio((int (*)())i2d_X509_REQ,PEM_STRING_X509_REQ,
+ bp,(char *)x, NULL,NULL,0,NULL));
+ }
+
+#ifndef NO_FP_API
+/* The X509_CRL functions */
+X509_CRL *PEM_read_X509_CRL(fp,x,cb)
+FILE *fp;
+X509_CRL **x;
+int (*cb)();
+ {
+ return((X509_CRL *)PEM_ASN1_read((char *(*)())d2i_X509_CRL,
+ PEM_STRING_X509_CRL,fp,(char **)x,cb));
+ }
+#endif
+
+X509_CRL *PEM_read_bio_X509_CRL(bp,x,cb)
+BIO *bp;
+X509_CRL **x;
+int (*cb)();
+ {
+ return((X509_CRL *)PEM_ASN1_read_bio((char *(*)())d2i_X509_CRL,
+ PEM_STRING_X509_CRL,bp,(char **)x,cb));
+ }
+
+#ifndef NO_FP_API
+int PEM_write_X509_CRL(fp,x)
+FILE *fp;
+X509_CRL *x;
+ {
+ return(PEM_ASN1_write((int (*)())i2d_X509_CRL,PEM_STRING_X509_CRL,fp,
+ (char *)x, NULL,NULL,0,NULL));
+ }
+#endif
+
+int PEM_write_bio_X509_CRL(bp,x)
+BIO *bp;
+X509_CRL *x;
+ {
+ return(PEM_ASN1_write_bio((int (*)())i2d_X509_CRL,PEM_STRING_X509_CRL,
+ bp,(char *)x, NULL,NULL,0,NULL));
+ }
+
+#ifndef NO_RSA
+#ifndef NO_FP_API
+/* The RSAPrivateKey functions */
+RSA *PEM_read_RSAPrivateKey(fp,x,cb)
+FILE *fp;
+RSA **x;
+int (*cb)();
+ {
+ return((RSA *)PEM_ASN1_read((char *(*)())d2i_RSAPrivateKey,
+ PEM_STRING_RSA,fp,(char **)x,cb));
+ }
+
+RSA *PEM_read_RSAPublicKey(fp,x,cb)
+FILE *fp;
+RSA **x;
+int (*cb)();
+ {
+ return((RSA *)PEM_ASN1_read((char *(*)())d2i_RSAPublicKey,
+ PEM_STRING_RSA_PUBLIC,fp,(char **)x,cb));
+ }
+#endif
+
+RSA *PEM_read_bio_RSAPrivateKey(bp,x,cb)
+BIO *bp;
+RSA **x;
+int (*cb)();
+ {
+ return((RSA *)PEM_ASN1_read_bio((char *(*)())d2i_RSAPrivateKey,
+ PEM_STRING_RSA,bp,(char **)x,cb));
+ }
+
+RSA *PEM_read_bio_RSAPublicKey(bp,x,cb)
+BIO *bp;
+RSA **x;
+int (*cb)();
+ {
+ return((RSA *)PEM_ASN1_read_bio((char *(*)())d2i_RSAPublicKey,
+ PEM_STRING_RSA_PUBLIC,bp,(char **)x,cb));
+ }
+
+#ifndef NO_FP_API
+int PEM_write_RSAPrivateKey(fp,x,enc,kstr,klen,cb)
+FILE *fp;
+RSA *x;
+EVP_CIPHER *enc;
+unsigned char *kstr;
+int klen;
+int (*cb)();
+ {
+ return(PEM_ASN1_write((int (*)())i2d_RSAPrivateKey,PEM_STRING_RSA,fp,
+ (char *)x,enc,kstr,klen,cb));
+ }
+
+int PEM_write_RSAPublicKey(fp,x)
+FILE *fp;
+RSA *x;
+ {
+ return(PEM_ASN1_write((int (*)())i2d_RSAPublicKey,
+ PEM_STRING_RSA_PUBLIC,fp,
+ (char *)x,NULL,NULL,0,NULL));
+ }
+#endif
+
+int PEM_write_bio_RSAPrivateKey(bp,x,enc,kstr,klen,cb)
+BIO *bp;
+RSA *x;
+EVP_CIPHER *enc;
+unsigned char *kstr;
+int klen;
+int (*cb)();
+ {
+ return(PEM_ASN1_write_bio((int (*)())i2d_RSAPrivateKey,PEM_STRING_RSA,
+ bp,(char *)x,enc,kstr,klen,cb));
+ }
+
+int PEM_write_bio_RSAPublicKey(bp,x)
+BIO *bp;
+RSA *x;
+ {
+ return(PEM_ASN1_write_bio((int (*)())i2d_RSAPublicKey,
+ PEM_STRING_RSA_PUBLIC,
+ bp,(char *)x,NULL,NULL,0,NULL));
+ }
+#endif /* !NO_RSA */
+
+#ifndef NO_DSA
+#ifndef NO_FP_API
+/* The DSAPrivateKey functions */
+DSA *PEM_read_DSAPrivateKey(fp,x,cb)
+FILE *fp;
+DSA **x;
+int (*cb)();
+ {
+ return((DSA *)PEM_ASN1_read((char *(*)())d2i_DSAPrivateKey,
+ PEM_STRING_DSA,fp,(char **)x,cb));
+ }
+#endif
+
+DSA *PEM_read_bio_DSAPrivateKey(bp,x,cb)
+BIO *bp;
+DSA **x;
+int (*cb)();
+ {
+ return((DSA *)PEM_ASN1_read_bio((char *(*)())d2i_DSAPrivateKey,
+ PEM_STRING_DSA,bp,(char **)x,cb));
+ }
+
+#ifndef NO_FP_API
+int PEM_write_DSAPrivateKey(fp,x,enc,kstr,klen,cb)
+FILE *fp;
+DSA *x;
+EVP_CIPHER *enc;
+unsigned char *kstr;
+int klen;
+int (*cb)();
+ {
+ return(PEM_ASN1_write((int (*)())i2d_DSAPrivateKey,PEM_STRING_DSA,fp,
+ (char *)x,enc,kstr,klen,cb));
+ }
+#endif
+
+int PEM_write_bio_DSAPrivateKey(bp,x,enc,kstr,klen,cb)
+BIO *bp;
+DSA *x;
+EVP_CIPHER *enc;
+unsigned char *kstr;
+int klen;
+int (*cb)();
+ {
+ return(PEM_ASN1_write_bio((int (*)())i2d_DSAPrivateKey,PEM_STRING_DSA,
+ bp,(char *)x,enc,kstr,klen,cb));
+ }
+#endif
+
+#ifndef NO_FP_API
+/* The PrivateKey functions */
+EVP_PKEY *PEM_read_PrivateKey(fp,x,cb)
+FILE *fp;
+EVP_PKEY **x;
+int (*cb)();
+ {
+ return((EVP_PKEY *)PEM_ASN1_read((char *(*)())d2i_PrivateKey,
+ PEM_STRING_EVP_PKEY,fp,(char **)x,cb));
+ }
+#endif
+
+EVP_PKEY *PEM_read_bio_PrivateKey(bp,x,cb)
+BIO *bp;
+EVP_PKEY **x;
+int (*cb)();
+ {
+ return((EVP_PKEY *)PEM_ASN1_read_bio((char *(*)())d2i_PrivateKey,
+ PEM_STRING_EVP_PKEY,bp,(char **)x,cb));
+ }
+
+#ifndef NO_FP_API
+int PEM_write_PrivateKey(fp,x,enc,kstr,klen,cb)
+FILE *fp;
+EVP_PKEY *x;
+EVP_CIPHER *enc;
+unsigned char *kstr;
+int klen;
+int (*cb)();
+ {
+ return(PEM_ASN1_write((int (*)())i2d_PrivateKey,
+ ((x->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA),
+ fp,(char *)x,enc,kstr,klen,cb));
+ }
+#endif
+
+int PEM_write_bio_PrivateKey(bp,x,enc,kstr,klen,cb)
+BIO *bp;
+EVP_PKEY *x;
+EVP_CIPHER *enc;
+unsigned char *kstr;
+int klen;
+int (*cb)();
+ {
+ return(PEM_ASN1_write_bio((int (*)())i2d_PrivateKey,
+ ((x->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA),
+ bp,(char *)x,enc,kstr,klen,cb));
+ }
+
+#ifndef NO_FP_API
+/* The PKCS7 functions */
+PKCS7 *PEM_read_PKCS7(fp,x,cb)
+FILE *fp;
+PKCS7 **x;
+int (*cb)();
+ {
+ return((PKCS7 *)PEM_ASN1_read((char *(*)())d2i_PKCS7,
+ PEM_STRING_PKCS7,fp,(char **)x,cb));
+ }
+#endif
+
+PKCS7 *PEM_read_bio_PKCS7(bp,x,cb)
+BIO *bp;
+PKCS7 **x;
+int (*cb)();
+ {
+ return((PKCS7 *)PEM_ASN1_read_bio((char *(*)())d2i_PKCS7,
+ PEM_STRING_PKCS7,bp,(char **)x,cb));
+ }
+
+#ifndef NO_FP_API
+int PEM_write_PKCS7(fp,x)
+FILE *fp;
+PKCS7 *x;
+ {
+ return(PEM_ASN1_write((int (*)())i2d_PKCS7,PEM_STRING_PKCS7,fp,
+ (char *)x, NULL,NULL,0,NULL));
+ }
+#endif
+
+int PEM_write_bio_PKCS7(bp,x)
+BIO *bp;
+PKCS7 *x;
+ {
+ return(PEM_ASN1_write_bio((int (*)())i2d_PKCS7,PEM_STRING_PKCS7,bp,
+ (char *)x, NULL,NULL,0,NULL));
+ }
+
+#ifndef NO_DH
+#ifndef NO_FP_API
+/* The DHparams functions */
+DH *PEM_read_DHparams(fp,x,cb)
+FILE *fp;
+DH **x;
+int (*cb)();
+ {
+ return((DH *)PEM_ASN1_read((char *(*)())d2i_DHparams,
+ PEM_STRING_DHPARAMS,fp,(char **)x,cb));
+ }
+#endif
+
+DH *PEM_read_bio_DHparams(bp,x,cb)
+BIO *bp;
+DH **x;
+int (*cb)();
+ {
+ return((DH *)PEM_ASN1_read_bio((char *(*)())d2i_DHparams,
+ PEM_STRING_DHPARAMS,bp,(char **)x,cb));
+ }
+
+#ifndef NO_FP_API
+int PEM_write_DHparams(fp,x)
+FILE *fp;
+DH *x;
+ {
+ return(PEM_ASN1_write((int (*)())i2d_DHparams,PEM_STRING_DHPARAMS,fp,
+ (char *)x, NULL,NULL,0,NULL));
+ }
+#endif
+
+int PEM_write_bio_DHparams(bp,x)
+BIO *bp;
+DH *x;
+ {
+ return(PEM_ASN1_write_bio((int (*)())i2d_DHparams,PEM_STRING_DHPARAMS,
+ bp,(char *)x, NULL,NULL,0,NULL));
+ }
+#endif
+
+#ifndef NO_DSA
+#ifndef NO_FP_API
+/* The DSAparams functions */
+DSA *PEM_read_DSAparams(fp,x,cb)
+FILE *fp;
+DSA **x;
+int (*cb)();
+ {
+ return((DSA *)PEM_ASN1_read((char *(*)())d2i_DSAparams,
+ PEM_STRING_DSAPARAMS,fp,(char **)x,cb));
+ }
+#endif
+
+DSA *PEM_read_bio_DSAparams(bp,x,cb)
+BIO *bp;
+DSA **x;
+int (*cb)();
+ {
+ return((DSA *)PEM_ASN1_read_bio((char *(*)())d2i_DSAparams,
+ PEM_STRING_DSAPARAMS,bp,(char **)x,cb));
+ }
+
+#ifndef NO_FP_API
+int PEM_write_DSAparams(fp,x)
+FILE *fp;
+DSA *x;
+ {
+ return(PEM_ASN1_write((int (*)())i2d_DSAparams,PEM_STRING_DSAPARAMS,fp,
+ (char *)x, NULL,NULL,0,NULL));
+ }
+#endif
+
+int PEM_write_bio_DSAparams(bp,x)
+BIO *bp;
+DSA *x;
+ {
+ return(PEM_ASN1_write_bio((int (*)())i2d_DSAparams,PEM_STRING_DSAPARAMS,
+ bp,(char *)x, NULL,NULL,0,NULL));
+ }
+#endif
+
diff --git a/src/lib/libssl/src/crypto/pem/pem_err.c b/src/lib/libssl/src/crypto/pem/pem_err.c
new file mode 100644
index 0000000000..e17fcdb540
--- /dev/null
+++ b/src/lib/libssl/src/crypto/pem/pem_err.c
@@ -0,0 +1,122 @@
+/* lib/pem/pem_err.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include "err.h"
+#include "pem.h"
+
+/* BEGIN ERROR CODES */
+#ifndef NO_ERR
+static ERR_STRING_DATA PEM_str_functs[]=
+ {
+{ERR_PACK(0,PEM_F_DEF_CALLBACK,0), "DEF_CALLBACK"},
+{ERR_PACK(0,PEM_F_LOAD_IV,0), "LOAD_IV"},
+{ERR_PACK(0,PEM_F_PEM_ASN1_READ,0), "PEM_ASN1_read"},
+{ERR_PACK(0,PEM_F_PEM_ASN1_READ_BIO,0), "PEM_ASN1_read_bio"},
+{ERR_PACK(0,PEM_F_PEM_ASN1_WRITE,0), "PEM_ASN1_write"},
+{ERR_PACK(0,PEM_F_PEM_ASN1_WRITE_BIO,0), "PEM_ASN1_write_bio"},
+{ERR_PACK(0,PEM_F_PEM_DO_HEADER,0), "PEM_do_header"},
+{ERR_PACK(0,PEM_F_PEM_GET_EVP_CIPHER_INFO,0), "PEM_get_EVP_CIPHER_INFO"},
+{ERR_PACK(0,PEM_F_PEM_READ,0), "PEM_read"},
+{ERR_PACK(0,PEM_F_PEM_READ_BIO,0), "PEM_read_bio"},
+{ERR_PACK(0,PEM_F_PEM_SEALFINAL,0), "PEM_SealFinal"},
+{ERR_PACK(0,PEM_F_PEM_SEALINIT,0), "PEM_SealInit"},
+{ERR_PACK(0,PEM_F_PEM_SIGNFINAL,0), "PEM_SignFinal"},
+{ERR_PACK(0,PEM_F_PEM_WRITE,0), "PEM_write"},
+{ERR_PACK(0,PEM_F_PEM_WRITE_BIO,0), "PEM_write_bio"},
+{ERR_PACK(0,PEM_F_PEM_X509_INFO_READ,0), "PEM_X509_INFO_read"},
+{ERR_PACK(0,PEM_F_PEM_X509_INFO_READ_BIO,0), "PEM_X509_INFO_read_bio"},
+{ERR_PACK(0,PEM_F_PEM_X509_INFO_WRITE_BIO,0), "PEM_X509_INFO_write_bio"},
+{0,NULL},
+ };
+
+static ERR_STRING_DATA PEM_str_reasons[]=
+ {
+{PEM_R_BAD_BASE64_DECODE ,"bad base64 decode"},
+{PEM_R_BAD_DECRYPT ,"bad decrypt"},
+{PEM_R_BAD_END_LINE ,"bad end line"},
+{PEM_R_BAD_IV_CHARS ,"bad iv chars"},
+{PEM_R_BAD_PASSWORD_READ ,"bad password read"},
+{PEM_R_NOT_DEK_INFO ,"not dek info"},
+{PEM_R_NOT_ENCRYPTED ,"not encrypted"},
+{PEM_R_NOT_PROC_TYPE ,"not proc type"},
+{PEM_R_NO_START_LINE ,"no start line"},
+{PEM_R_PROBLEMS_GETTING_PASSWORD ,"problems getting password"},
+{PEM_R_PUBLIC_KEY_NO_RSA ,"public key no rsa"},
+{PEM_R_READ_KEY ,"read key"},
+{PEM_R_SHORT_HEADER ,"short header"},
+{PEM_R_UNSUPPORTED_CIPHER ,"unsupported cipher"},
+{PEM_R_UNSUPPORTED_ENCRYPTION ,"unsupported encryption"},
+{0,NULL},
+ };
+
+#endif
+
+void ERR_load_PEM_strings()
+ {
+ static int init=1;
+
+ if (init);
+ {;
+ init=0;
+#ifndef NO_ERR
+ ERR_load_strings(ERR_LIB_PEM,PEM_str_functs);
+ ERR_load_strings(ERR_LIB_PEM,PEM_str_reasons);
+#endif
+
+ }
+ }
diff --git a/src/lib/libssl/src/crypto/pem/pem_info.c b/src/lib/libssl/src/crypto/pem/pem_info.c
new file mode 100644
index 0000000000..4b69833b62
--- /dev/null
+++ b/src/lib/libssl/src/crypto/pem/pem_info.c
@@ -0,0 +1,365 @@
+/* crypto/pem/pem_info.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "buffer.h"
+#include "objects.h"
+#include "evp.h"
+#include "x509.h"
+#include "pem.h"
+
+#ifndef NO_FP_API
+STACK *PEM_X509_INFO_read(fp,sk,cb)
+FILE *fp;
+STACK *sk;
+int (*cb)();
+ {
+ BIO *b;
+ STACK *ret;
+
+ if ((b=BIO_new(BIO_s_file())) == NULL)
+ {
+ PEMerr(PEM_F_PEM_X509_INFO_READ,ERR_R_BUF_LIB);
+ return(0);
+ }
+ BIO_set_fp(b,fp,BIO_NOCLOSE);
+ ret=PEM_X509_INFO_read_bio(b,sk,cb);
+ BIO_free(b);
+ return(ret);
+ }
+#endif
+
+STACK *PEM_X509_INFO_read_bio(bp,sk,cb)
+BIO *bp;
+STACK *sk;
+int (*cb)();
+ {
+ X509_INFO *xi=NULL;
+ char *name=NULL,*header=NULL,**pp;
+ unsigned char *data=NULL,*p;
+ long len,error=0;
+ int ok=0;
+ STACK *ret=NULL;
+ unsigned int i,raw;
+ char *(*d2i)();
+
+ if (sk == NULL)
+ {
+ if ((ret=sk_new_null()) == NULL)
+ {
+ PEMerr(PEM_F_PEM_X509_INFO_READ_BIO,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ }
+ else
+ ret=sk;
+
+ if ((xi=X509_INFO_new()) == NULL) goto err;
+ for (;;)
+ {
+ raw=0;
+ i=PEM_read_bio(bp,&name,&header,&data,&len);
+ if (i == 0)
+ {
+ error=ERR_GET_REASON(ERR_peek_error());
+ if (error == PEM_R_NO_START_LINE)
+ {
+ ERR_clear_error();
+ break;
+ }
+ goto err;
+ }
+start:
+ if ( (strcmp(name,PEM_STRING_X509) == 0) ||
+ (strcmp(name,PEM_STRING_X509_OLD) == 0))
+ {
+ d2i=(char *(*)())d2i_X509;
+ if (xi->x509 != NULL)
+ {
+ if (!sk_push(ret,(char *)xi)) goto err;
+ if ((xi=X509_INFO_new()) == NULL) goto err;
+ goto start;
+ }
+ pp=(char **)&(xi->x509);
+ }
+ else if (strcmp(name,PEM_STRING_X509_CRL) == 0)
+ {
+ d2i=(char *(*)())d2i_X509_CRL;
+ if (xi->crl != NULL)
+ {
+ if (!sk_push(ret,(char *)xi)) goto err;
+ if ((xi=X509_INFO_new()) == NULL) goto err;
+ goto start;
+ }
+ pp=(char **)&(xi->crl);
+ }
+ else
+#ifndef NO_RSA
+ if (strcmp(name,PEM_STRING_RSA) == 0)
+ {
+ d2i=(char *(*)())d2i_RSAPrivateKey;
+ if (xi->x_pkey != NULL)
+ {
+ if (!sk_push(ret,(char *)xi)) goto err;
+ if ((xi=X509_INFO_new()) == NULL) goto err;
+ goto start;
+ }
+
+ xi->enc_data=NULL;
+ xi->enc_len=0;
+
+ xi->x_pkey=X509_PKEY_new();
+ if ((xi->x_pkey->dec_pkey=EVP_PKEY_new()) == NULL)
+ goto err;
+ xi->x_pkey->dec_pkey->type=EVP_PKEY_RSA;
+ pp=(char **)&(xi->x_pkey->dec_pkey->pkey.rsa);
+ if ((int)strlen(header) > 10) /* assume encrypted */
+ raw=1;
+ }
+ else
+#endif
+#ifndef NO_DSA
+ if (strcmp(name,PEM_STRING_DSA) == 0)
+ {
+ d2i=(char *(*)())d2i_DSAPrivateKey;
+ if (xi->x_pkey != NULL)
+ {
+ if (!sk_push(ret,(char *)xi)) goto err;
+ if ((xi=X509_INFO_new()) == NULL) goto err;
+ goto start;
+ }
+
+ xi->enc_data=NULL;
+ xi->enc_len=0;
+
+ xi->x_pkey=X509_PKEY_new();
+ if ((xi->x_pkey->dec_pkey=EVP_PKEY_new()) == NULL)
+ goto err;
+ xi->x_pkey->dec_pkey->type=EVP_PKEY_DSA;
+ pp=(char **)&(xi->x_pkey->dec_pkey->pkey.dsa);
+ if ((int)strlen(header) > 10) /* assume encrypted */
+ raw=1;
+ }
+ else
+#endif
+ {
+ d2i=NULL;
+ pp=NULL;
+ }
+
+ if (d2i != NULL)
+ {
+ if (!raw)
+ {
+ EVP_CIPHER_INFO cipher;
+
+ if (!PEM_get_EVP_CIPHER_INFO(header,&cipher))
+ goto err;
+ if (!PEM_do_header(&cipher,data,&len,cb))
+ goto err;
+ p=data;
+ if (d2i(pp,&p,len) == NULL)
+ {
+ PEMerr(PEM_F_PEM_X509_INFO_READ_BIO,ERR_R_ASN1_LIB);
+ goto err;
+ }
+ }
+ else
+ { /* encrypted RSA data */
+ if (!PEM_get_EVP_CIPHER_INFO(header,
+ &xi->enc_cipher)) goto err;
+ xi->enc_data=(char *)data;
+ xi->enc_len=(int)len;
+ data=NULL;
+ }
+ }
+ else {
+ /* unknown */
+ }
+ if (name != NULL) Free(name);
+ if (header != NULL) Free(header);
+ if (data != NULL) Free(data);
+ name=NULL;
+ header=NULL;
+ data=NULL;
+ }
+
+ /* if the last one hasn't been pushed yet and there is anything
+ * in it then add it to the stack ...
+ */
+ if ((xi->x509 != NULL) || (xi->crl != NULL) ||
+ (xi->x_pkey != NULL) || (xi->enc_data != NULL))
+ {
+ if (!sk_push(ret,(char *)xi)) goto err;
+ xi=NULL;
+ }
+ ok=1;
+err:
+ if (xi != NULL) X509_INFO_free(xi);
+ if (!ok)
+ {
+ for (i=0; ((int)i)<sk_num(ret); i++)
+ {
+ xi=(X509_INFO *)sk_value(ret,i);
+ X509_INFO_free(xi);
+ }
+ if (ret != sk) sk_free(ret);
+ ret=NULL;
+ }
+
+ if (name != NULL) Free(name);
+ if (header != NULL) Free(header);
+ if (data != NULL) Free(data);
+ return(ret);
+ }
+
+
+/* A TJH addition */
+int PEM_X509_INFO_write_bio(bp,xi,enc,kstr,klen,cb)
+BIO *bp;
+X509_INFO *xi;
+EVP_CIPHER *enc;
+unsigned char *kstr;
+int klen;
+int (*cb)();
+ {
+ EVP_CIPHER_CTX ctx;
+ int i,ret=0;
+ unsigned char *data=NULL;
+ char *objstr=NULL;
+#define PEM_BUFSIZE 1024
+ char buf[PEM_BUFSIZE];
+ unsigned char *iv=NULL;
+
+ if (enc != NULL)
+ {
+ objstr=OBJ_nid2sn(EVP_CIPHER_nid(enc));
+ if (objstr == NULL)
+ {
+ PEMerr(PEM_F_PEM_X509_INFO_WRITE_BIO,PEM_R_UNSUPPORTED_CIPHER);
+ goto err;
+ }
+ }
+
+ /* now for the fun part ... if we have a private key then
+ * we have to be able to handle a not-yet-decrypted key
+ * being written out correctly ... if it is decrypted or
+ * it is non-encrypted then we use the base code
+ */
+ if (xi->x_pkey!=NULL)
+ {
+ if ( (xi->enc_data!=NULL) && (xi->enc_len>0) )
+ {
+ /* copy from wierdo names into more normal things */
+ iv=xi->enc_cipher.iv;
+ data=(unsigned char *)xi->enc_data;
+ i=xi->enc_len;
+
+ /* we take the encryption data from the
+ * internal stuff rather than what the
+ * user has passed us ... as we have to
+ * match exactly for some strange reason
+ */
+ objstr=OBJ_nid2sn(
+ EVP_CIPHER_nid(xi->enc_cipher.cipher));
+ if (objstr == NULL)
+ {
+ PEMerr(PEM_F_PEM_X509_INFO_WRITE_BIO,PEM_R_UNSUPPORTED_CIPHER);
+ goto err;
+ }
+
+ /* create the right magic header stuff */
+ buf[0]='\0';
+ PEM_proc_type(buf,PEM_TYPE_ENCRYPTED);
+ PEM_dek_info(buf,objstr,8,(char *)iv);
+
+ /* use the normal code to write things out */
+ i=PEM_write_bio(bp,PEM_STRING_RSA,buf,data,i);
+ if (i <= 0) goto err;
+ }
+ else
+ {
+ /* Add DSA/DH */
+#ifndef NO_RSA
+ /* normal optionally encrypted stuff */
+ if (PEM_write_bio_RSAPrivateKey(bp,
+ xi->x_pkey->dec_pkey->pkey.rsa,
+ enc,kstr,klen,cb)<=0)
+ goto err;
+#endif
+ }
+ }
+
+ /* if we have a certificate then write it out now */
+ if ((xi->x509 != NULL) || (PEM_write_bio_X509(bp,xi->x509) <= 0))
+ goto err;
+
+ /* we are ignoring anything else that is loaded into the X509_INFO
+ * structure for the moment ... as I don't need it so I'm not
+ * coding it here and Eric can do it when this makes it into the
+ * base library --tjh
+ */
+
+ ret=1;
+
+err:
+ memset((char *)&ctx,0,sizeof(ctx));
+ memset(buf,0,PEM_BUFSIZE);
+ return(ret);
+ }
diff --git a/src/lib/libssl/src/crypto/pem/pem_lib.c b/src/lib/libssl/src/crypto/pem/pem_lib.c
new file mode 100644
index 0000000000..7a2c0ad83b
--- /dev/null
+++ b/src/lib/libssl/src/crypto/pem/pem_lib.c
@@ -0,0 +1,762 @@
+/* crypto/pem/pem_lib.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "buffer.h"
+#include "objects.h"
+#include "evp.h"
+#include "rand.h"
+#include "x509.h"
+#include "pem.h"
+#ifndef NO_DES
+#include "des.h"
+#endif
+
+char *PEM_version="PEM part of SSLeay 0.9.0b 29-Jun-1998";
+
+#define MIN_LENGTH 4
+
+/* PEMerr(PEM_F_PEM_WRITE_BIO,ERR_R_MALLOC_FAILURE);
+ * PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE);
+ */
+
+#ifndef NOPROTO
+static int def_callback(char *buf, int num, int w);
+static int load_iv(unsigned char **fromp,unsigned char *to, int num);
+#else
+static int def_callback();
+static int load_iv();
+#endif
+
+static int def_callback(buf, num, w)
+char *buf;
+int num;
+int w;
+ {
+#ifdef NO_FP_API
+ /* We should not ever call the default callback routine from
+ * windows. */
+ PEMerr(PEM_F_DEF_CALLBACK,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ return(-1);
+#else
+ int i,j;
+ char *prompt;
+
+ prompt=EVP_get_pw_prompt();
+ if (prompt == NULL)
+ prompt="Enter PEM pass phrase:";
+
+ for (;;)
+ {
+ i=EVP_read_pw_string(buf,num,prompt,w);
+ if (i != 0)
+ {
+ PEMerr(PEM_F_DEF_CALLBACK,PEM_R_PROBLEMS_GETTING_PASSWORD);
+ memset(buf,0,(unsigned int)num);
+ return(-1);
+ }
+ j=strlen(buf);
+ if (j < MIN_LENGTH)
+ {
+ fprintf(stderr,"phrase is too short, needs to be at least %d chars\n",MIN_LENGTH);
+ }
+ else
+ break;
+ }
+ return(j);
+#endif
+ }
+
+void PEM_proc_type(buf, type)
+char *buf;
+int type;
+ {
+ char *str;
+
+ if (type == PEM_TYPE_ENCRYPTED)
+ str="ENCRYPTED";
+ else if (type == PEM_TYPE_MIC_CLEAR)
+ str="MIC-CLEAR";
+ else if (type == PEM_TYPE_MIC_ONLY)
+ str="MIC-ONLY";
+ else
+ str="BAD-TYPE";
+
+ strcat(buf,"Proc-Type: 4,");
+ strcat(buf,str);
+ strcat(buf,"\n");
+ }
+
+void PEM_dek_info(buf, type, len, str)
+char *buf;
+char *type;
+int len;
+char *str;
+ {
+ static unsigned char map[17]="0123456789ABCDEF";
+ long i;
+ int j;
+
+ strcat(buf,"DEK-Info: ");
+ strcat(buf,type);
+ strcat(buf,",");
+ j=strlen(buf);
+ for (i=0; i<len; i++)
+ {
+ buf[j+i*2] =map[(str[i]>>4)&0x0f];
+ buf[j+i*2+1]=map[(str[i] )&0x0f];
+ }
+ buf[j+i*2]='\n';
+ buf[j+i*2+1]='\0';
+ }
+
+#ifndef NO_FP_API
+char *PEM_ASN1_read(d2i,name,fp, x, cb)
+char *(*d2i)();
+char *name;
+FILE *fp;
+char **x;
+int (*cb)();
+ {
+ BIO *b;
+ char *ret;
+
+ if ((b=BIO_new(BIO_s_file())) == NULL)
+ {
+ PEMerr(PEM_F_PEM_ASN1_READ,ERR_R_BUF_LIB);
+ return(0);
+ }
+ BIO_set_fp(b,fp,BIO_NOCLOSE);
+ ret=PEM_ASN1_read_bio(d2i,name,b,x,cb);
+ BIO_free(b);
+ return(ret);
+ }
+#endif
+
+char *PEM_ASN1_read_bio(d2i,name,bp, x, cb)
+char *(*d2i)();
+char *name;
+BIO *bp;
+char **x;
+int (*cb)();
+ {
+ EVP_CIPHER_INFO cipher;
+ char *nm=NULL,*header=NULL;
+ unsigned char *p=NULL,*data=NULL;
+ long len;
+ char *ret=NULL;
+
+ for (;;)
+ {
+ if (!PEM_read_bio(bp,&nm,&header,&data,&len)) return(NULL);
+ if ( (strcmp(nm,name) == 0) ||
+ ((strcmp(nm,PEM_STRING_RSA) == 0) &&
+ (strcmp(name,PEM_STRING_EVP_PKEY) == 0)) ||
+ ((strcmp(nm,PEM_STRING_DSA) == 0) &&
+ (strcmp(name,PEM_STRING_EVP_PKEY) == 0)) ||
+ ((strcmp(nm,PEM_STRING_X509_OLD) == 0) &&
+ (strcmp(name,PEM_STRING_X509) == 0)) ||
+ ((strcmp(nm,PEM_STRING_X509_REQ_OLD) == 0) &&
+ (strcmp(name,PEM_STRING_X509_REQ) == 0))
+ )
+ break;
+ Free(nm);
+ Free(header);
+ Free(data);
+ }
+ if (!PEM_get_EVP_CIPHER_INFO(header,&cipher)) goto err;
+ if (!PEM_do_header(&cipher,data,&len,cb)) goto err;
+ p=data;
+ if (strcmp(name,PEM_STRING_EVP_PKEY) == 0)
+ {
+ if (strcmp(nm,PEM_STRING_RSA) == 0)
+ ret=d2i(EVP_PKEY_RSA,x,&p,len);
+ else if (strcmp(nm,PEM_STRING_DSA) == 0)
+ ret=d2i(EVP_PKEY_DSA,x,&p,len);
+ }
+ else
+ ret=d2i(x,&p,len);
+ if (ret == NULL)
+ PEMerr(PEM_F_PEM_ASN1_READ_BIO,ERR_R_ASN1_LIB);
+err:
+ Free(nm);
+ Free(header);
+ Free(data);
+ return(ret);
+ }
+
+#ifndef NO_FP_API
+int PEM_ASN1_write(i2d,name,fp, x, enc, kstr, klen, callback)
+int (*i2d)();
+char *name;
+FILE *fp;
+char *x;
+EVP_CIPHER *enc;
+unsigned char *kstr;
+int klen;
+int (*callback)();
+ {
+ BIO *b;
+ int ret;
+
+ if ((b=BIO_new(BIO_s_file())) == NULL)
+ {
+ PEMerr(PEM_F_PEM_ASN1_WRITE,ERR_R_BUF_LIB);
+ return(0);
+ }
+ BIO_set_fp(b,fp,BIO_NOCLOSE);
+ ret=PEM_ASN1_write_bio(i2d,name,b,x,enc,kstr,klen,callback);
+ BIO_free(b);
+ return(ret);
+ }
+#endif
+
+int PEM_ASN1_write_bio(i2d,name,bp, x, enc, kstr, klen, callback)
+int (*i2d)();
+char *name;
+BIO *bp;
+char *x;
+EVP_CIPHER *enc;
+unsigned char *kstr;
+int klen;
+int (*callback)();
+ {
+ EVP_CIPHER_CTX ctx;
+ int dsize=0,i,j,ret=0;
+ unsigned char *p,*data=NULL;
+ char *objstr=NULL;
+#define PEM_BUFSIZE 1024
+ char buf[PEM_BUFSIZE];
+ unsigned char key[EVP_MAX_KEY_LENGTH];
+ unsigned char iv[EVP_MAX_IV_LENGTH];
+
+ if (enc != NULL)
+ {
+ objstr=OBJ_nid2sn(EVP_CIPHER_nid(enc));
+ if (objstr == NULL)
+ {
+ PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,PEM_R_UNSUPPORTED_CIPHER);
+ goto err;
+ }
+ }
+
+ if ((dsize=i2d(x,NULL)) < 0)
+ {
+ PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,ERR_R_MALLOC_FAILURE);
+ dsize=0;
+ goto err;
+ }
+ /* dzise + 8 bytes are needed */
+ data=(unsigned char *)Malloc((unsigned int)dsize+20);
+ if (data == NULL)
+ {
+ PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ p=data;
+ i=i2d(x,&p);
+
+ if (enc != NULL)
+ {
+ if (kstr == NULL)
+ {
+ if (callback == NULL)
+ klen=def_callback(buf,PEM_BUFSIZE,1);
+ else
+ klen=(*callback)(buf,PEM_BUFSIZE,1);
+ if (klen <= 0)
+ {
+ PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,PEM_R_READ_KEY);
+ goto err;
+ }
+ kstr=(unsigned char *)buf;
+ }
+ RAND_seed(data,i);/* put in the RSA key. */
+ RAND_bytes(iv,8); /* Generate a salt */
+ /* The 'iv' is used as the iv and as a salt. It is
+ * NOT taken from the BytesToKey function */
+ EVP_BytesToKey(enc,EVP_md5(),iv,kstr,klen,1,key,NULL);
+
+ if (kstr == (unsigned char *)buf) memset(buf,0,PEM_BUFSIZE);
+
+ buf[0]='\0';
+ PEM_proc_type(buf,PEM_TYPE_ENCRYPTED);
+ PEM_dek_info(buf,objstr,8,(char *)iv);
+ /* k=strlen(buf); */
+
+ EVP_EncryptInit(&ctx,enc,key,iv);
+ EVP_EncryptUpdate(&ctx,data,&j,data,i);
+ EVP_EncryptFinal(&ctx,&(data[j]),&i);
+ i+=j;
+ ret=1;
+ }
+ else
+ {
+ ret=1;
+ buf[0]='\0';
+ }
+ i=PEM_write_bio(bp,name,buf,data,i);
+ if (i <= 0) ret=0;
+err:
+ memset(key,0,sizeof(key));
+ memset(iv,0,sizeof(iv));
+ memset((char *)&ctx,0,sizeof(ctx));
+ memset(buf,0,PEM_BUFSIZE);
+ memset(data,0,(unsigned int)dsize);
+ Free(data);
+ return(ret);
+ }
+
+int PEM_do_header(cipher, data, plen, callback)
+EVP_CIPHER_INFO *cipher;
+unsigned char *data;
+long *plen;
+int (*callback)();
+ {
+ int i,j,o,klen;
+ long len;
+ EVP_CIPHER_CTX ctx;
+ unsigned char key[EVP_MAX_KEY_LENGTH];
+ char buf[PEM_BUFSIZE];
+
+ len= *plen;
+
+ if (cipher->cipher == NULL) return(1);
+ if (callback == NULL)
+ klen=def_callback(buf,PEM_BUFSIZE,0);
+ else
+ klen=callback(buf,PEM_BUFSIZE,0);
+ if (klen <= 0)
+ {
+ PEMerr(PEM_F_PEM_DO_HEADER,PEM_R_BAD_PASSWORD_READ);
+ return(0);
+ }
+ EVP_BytesToKey(cipher->cipher,EVP_md5(),&(cipher->iv[0]),
+ (unsigned char *)buf,klen,1,key,NULL);
+
+ j=(int)len;
+ EVP_DecryptInit(&ctx,cipher->cipher,key,&(cipher->iv[0]));
+ EVP_DecryptUpdate(&ctx,data,&i,data,j);
+ o=EVP_DecryptFinal(&ctx,&(data[i]),&j);
+ EVP_CIPHER_CTX_cleanup(&ctx);
+ memset((char *)buf,0,sizeof(buf));
+ memset((char *)key,0,sizeof(key));
+ j+=i;
+ if (!o)
+ {
+ PEMerr(PEM_F_PEM_DO_HEADER,PEM_R_BAD_DECRYPT);
+ return(0);
+ }
+ *plen=j;
+ return(1);
+ }
+
+int PEM_get_EVP_CIPHER_INFO(header,cipher)
+char *header;
+EVP_CIPHER_INFO *cipher;
+ {
+ int o;
+ EVP_CIPHER *enc=NULL;
+ char *p,c;
+
+ cipher->cipher=NULL;
+ if ((header == NULL) || (*header == '\0') || (*header == '\n'))
+ return(1);
+ if (strncmp(header,"Proc-Type: ",11) != 0)
+ { PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_NOT_PROC_TYPE); return(0); }
+ header+=11;
+ if (*header != '4') return(0); header++;
+ if (*header != ',') return(0); header++;
+ if (strncmp(header,"ENCRYPTED",9) != 0)
+ { PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_NOT_ENCRYPTED); return(0); }
+ for (; (*header != '\n') && (*header != '\0'); header++)
+ ;
+ if (*header == '\0')
+ { PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_SHORT_HEADER); return(0); }
+ header++;
+ if (strncmp(header,"DEK-Info: ",10) != 0)
+ { PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_NOT_DEK_INFO); return(0); }
+ header+=10;
+
+ p=header;
+ for (;;)
+ {
+ c= *header;
+ if (!( ((c >= 'A') && (c <= 'Z')) || (c == '-') ||
+ ((c >= '0') && (c <= '9'))))
+ break;
+ header++;
+ }
+ *header='\0';
+ o=OBJ_sn2nid(p);
+ cipher->cipher=enc=EVP_get_cipherbyname(p);
+ *header=c;
+ header++;
+
+ if (enc == NULL)
+ {
+ PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_UNSUPPORTED_ENCRYPTION);
+ return(0);
+ }
+ if (!load_iv((unsigned char **)&header,&(cipher->iv[0]),8)) return(0);
+
+ return(1);
+ }
+
+static int load_iv(fromp,to,num)
+unsigned char **fromp,*to;
+int num;
+ {
+ int v,i;
+ unsigned char *from;
+
+ from= *fromp;
+ for (i=0; i<num; i++) to[i]=0;
+ num*=2;
+ for (i=0; i<num; i++)
+ {
+ if ((*from >= '0') && (*from <= '9'))
+ v= *from-'0';
+ else if ((*from >= 'A') && (*from <= 'F'))
+ v= *from-'A'+10;
+ else if ((*from >= 'a') && (*from <= 'f'))
+ v= *from-'a'+10;
+ else
+ {
+ PEMerr(PEM_F_LOAD_IV,PEM_R_BAD_IV_CHARS);
+ return(0);
+ }
+ from++;
+ to[i/2]|=v<<(long)((!(i&1))*4);
+ }
+
+ *fromp=from;
+ return(1);
+ }
+
+#ifndef NO_FP_API
+int PEM_write(fp, name, header, data,len)
+FILE *fp;
+char *name;
+char *header;
+unsigned char *data;
+long len;
+ {
+ BIO *b;
+ int ret;
+
+ if ((b=BIO_new(BIO_s_file())) == NULL)
+ {
+ PEMerr(PEM_F_PEM_WRITE,ERR_R_BUF_LIB);
+ return(0);
+ }
+ BIO_set_fp(b,fp,BIO_NOCLOSE);
+ ret=PEM_write_bio(b, name, header, data,len);
+ BIO_free(b);
+ return(ret);
+ }
+#endif
+
+int PEM_write_bio(bp, name, header, data,len)
+BIO *bp;
+char *name;
+char *header;
+unsigned char *data;
+long len;
+ {
+ int nlen,n,i,j,outl;
+ unsigned char *buf;
+ EVP_ENCODE_CTX ctx;
+ int reason=ERR_R_BUF_LIB;
+
+ EVP_EncodeInit(&ctx);
+ nlen=strlen(name);
+
+ if ( (BIO_write(bp,"-----BEGIN ",11) != 11) ||
+ (BIO_write(bp,name,nlen) != nlen) ||
+ (BIO_write(bp,"-----\n",6) != 6))
+ goto err;
+
+ i=strlen(header);
+ if (i > 0)
+ {
+ if ( (BIO_write(bp,header,i) != i) ||
+ (BIO_write(bp,"\n",1) != 1))
+ goto err;
+ }
+
+ buf=(unsigned char *)Malloc(PEM_BUFSIZE*8);
+ if (buf == NULL)
+ {
+ reason=ERR_R_MALLOC_FAILURE;
+ goto err;
+ }
+
+ i=j=0;
+ while (len > 0)
+ {
+ n=(int)((len>(PEM_BUFSIZE*5))?(PEM_BUFSIZE*5):len);
+ EVP_EncodeUpdate(&ctx,buf,&outl,&(data[j]),n);
+ if ((outl) && (BIO_write(bp,(char *)buf,outl) != outl))
+ goto err;
+ i+=outl;
+ len-=n;
+ j+=n;
+ }
+ EVP_EncodeFinal(&ctx,buf,&outl);
+ if ((outl > 0) && (BIO_write(bp,(char *)buf,outl) != outl)) goto err;
+ Free(buf);
+ if ( (BIO_write(bp,"-----END ",9) != 9) ||
+ (BIO_write(bp,name,nlen) != nlen) ||
+ (BIO_write(bp,"-----\n",6) != 6))
+ goto err;
+ return(i+outl);
+err:
+ PEMerr(PEM_F_PEM_WRITE_BIO,reason);
+ return(0);
+ }
+
+#ifndef NO_FP_API
+int PEM_read(fp, name, header, data,len)
+FILE *fp;
+char **name;
+char **header;
+unsigned char **data;
+long *len;
+ {
+ BIO *b;
+ int ret;
+
+ if ((b=BIO_new(BIO_s_file())) == NULL)
+ {
+ PEMerr(PEM_F_PEM_READ,ERR_R_BUF_LIB);
+ return(0);
+ }
+ BIO_set_fp(b,fp,BIO_NOCLOSE);
+ ret=PEM_read_bio(b, name, header, data,len);
+ BIO_free(b);
+ return(ret);
+ }
+#endif
+
+int PEM_read_bio(bp, name, header, data, len)
+BIO *bp;
+char **name;
+char **header;
+unsigned char **data;
+long *len;
+ {
+ EVP_ENCODE_CTX ctx;
+ int end=0,i,k,bl=0,hl=0,nohead=0;
+ char buf[256];
+ BUF_MEM *nameB;
+ BUF_MEM *headerB;
+ BUF_MEM *dataB,*tmpB;
+
+ nameB=BUF_MEM_new();
+ headerB=BUF_MEM_new();
+ dataB=BUF_MEM_new();
+ if ((nameB == NULL) || (headerB == NULL) || (dataB == NULL))
+ {
+ PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE);
+ return(0);
+ }
+
+ buf[254]='\0';
+ for (;;)
+ {
+ i=BIO_gets(bp,buf,254);
+
+ if (i <= 0)
+ {
+ PEMerr(PEM_F_PEM_READ_BIO,PEM_R_NO_START_LINE);
+ goto err;
+ }
+
+ while ((i >= 0) && (buf[i] <= ' ')) i--;
+ buf[++i]='\n'; buf[++i]='\0';
+
+ if (strncmp(buf,"-----BEGIN ",11) == 0)
+ {
+ i=strlen(&(buf[11]));
+
+ if (strncmp(&(buf[11+i-6]),"-----\n",6) != 0)
+ continue;
+ if (!BUF_MEM_grow(nameB,i+9))
+ {
+ PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ strncpy(nameB->data,&(buf[11]),(unsigned int)i-6);
+ nameB->data[i-6]='\0';
+ break;
+ }
+ }
+ hl=0;
+ if (!BUF_MEM_grow(headerB,256))
+ { PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE); goto err; }
+ headerB->data[0]='\0';
+ for (;;)
+ {
+ i=BIO_gets(bp,buf,254);
+ if (i <= 0) break;
+
+ while ((i >= 0) && (buf[i] <= ' ')) i--;
+ buf[++i]='\n'; buf[++i]='\0';
+
+ if (buf[0] == '\n') break;
+ if (!BUF_MEM_grow(headerB,hl+i+9))
+ { PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE); goto err; }
+ if (strncmp(buf,"-----END ",9) == 0)
+ {
+ nohead=1;
+ break;
+ }
+ strncpy(&(headerB->data[hl]),buf,(unsigned int)i);
+ headerB->data[hl+i]='\0';
+ hl+=i;
+ }
+
+ bl=0;
+ if (!BUF_MEM_grow(dataB,1024))
+ { PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE); goto err; }
+ dataB->data[0]='\0';
+ if (!nohead)
+ {
+ for (;;)
+ {
+ i=BIO_gets(bp,buf,254);
+ if (i <= 0) break;
+
+ while ((i >= 0) && (buf[i] <= ' ')) i--;
+ buf[++i]='\n'; buf[++i]='\0';
+
+ if (i != 65) end=1;
+ if (strncmp(buf,"-----END ",9) == 0)
+ break;
+ if (i > 65) break;
+ if (!BUF_MEM_grow(dataB,i+bl+9))
+ {
+ PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ strncpy(&(dataB->data[bl]),buf,(unsigned int)i);
+ dataB->data[bl+i]='\0';
+ bl+=i;
+ if (end)
+ {
+ buf[0]='\0';
+ i=BIO_gets(bp,buf,254);
+ if (i <= 0) break;
+
+ while ((i >= 0) && (buf[i] <= ' ')) i--;
+ buf[++i]='\n'; buf[++i]='\0';
+
+ break;
+ }
+ }
+ }
+ else
+ {
+ tmpB=headerB;
+ headerB=dataB;
+ dataB=tmpB;
+ bl=hl;
+ }
+ i=strlen(nameB->data);
+ if ( (strncmp(buf,"-----END ",9) != 0) ||
+ (strncmp(nameB->data,&(buf[9]),(unsigned int)i) != 0) ||
+ (strncmp(&(buf[9+i]),"-----\n",6) != 0))
+ {
+ PEMerr(PEM_F_PEM_READ_BIO,PEM_R_BAD_END_LINE);
+ goto err;
+ }
+
+ EVP_DecodeInit(&ctx);
+ i=EVP_DecodeUpdate(&ctx,
+ (unsigned char *)dataB->data,&bl,
+ (unsigned char *)dataB->data,bl);
+ if (i < 0)
+ {
+ PEMerr(PEM_F_PEM_READ_BIO,PEM_R_BAD_BASE64_DECODE);
+ goto err;
+ }
+ i=EVP_DecodeFinal(&ctx,(unsigned char *)&(dataB->data[bl]),&k);
+ if (i < 0)
+ {
+ PEMerr(PEM_F_PEM_READ_BIO,PEM_R_BAD_BASE64_DECODE);
+ goto err;
+ }
+ bl+=k;
+
+ if (bl == 0) goto err;
+ *name=nameB->data;
+ *header=headerB->data;
+ *data=(unsigned char *)dataB->data;
+ *len=bl;
+ Free(nameB);
+ Free(headerB);
+ Free(dataB);
+ return(1);
+err:
+ BUF_MEM_free(nameB);
+ BUF_MEM_free(headerB);
+ BUF_MEM_free(dataB);
+ return(0);
+ }
diff --git a/src/lib/libssl/src/crypto/pem/pem_seal.c b/src/lib/libssl/src/crypto/pem/pem_seal.c
new file mode 100644
index 0000000000..b4b36df453
--- /dev/null
+++ b/src/lib/libssl/src/crypto/pem/pem_seal.c
@@ -0,0 +1,191 @@
+/* crypto/pem/pem_seal.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "rand.h"
+#include "objects.h"
+#include "x509.h"
+#include "pem.h"
+
+int PEM_SealInit(ctx,type,md_type,ek,ekl,iv,pubk,npubk)
+PEM_ENCODE_SEAL_CTX *ctx;
+EVP_CIPHER *type;
+EVP_MD *md_type;
+unsigned char **ek;
+int *ekl;
+unsigned char *iv;
+EVP_PKEY **pubk;
+int npubk;
+ {
+ unsigned char key[EVP_MAX_KEY_LENGTH];
+ int ret= -1;
+ int i,j,max=0;
+ char *s=NULL;
+
+ for (i=0; i<npubk; i++)
+ {
+ if (pubk[i]->type != EVP_PKEY_RSA)
+ {
+ PEMerr(PEM_F_PEM_SEALINIT,PEM_R_PUBLIC_KEY_NO_RSA);
+ goto err;
+ }
+ j=RSA_size(pubk[i]->pkey.rsa);
+ if (j > max) max=j;
+ }
+ s=(char *)Malloc(max*2);
+ if (s == NULL)
+ {
+ PEMerr(PEM_F_PEM_SEALINIT,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ EVP_EncodeInit(&(ctx->encode));
+ EVP_SignInit(&(ctx->md),md_type);
+
+ ret=EVP_SealInit(&(ctx->cipher),type,ek,ekl,iv,pubk,npubk);
+ if (!ret) goto err;
+
+ /* base64 encode the keys */
+ for (i=0; i<npubk; i++)
+ {
+ j=EVP_EncodeBlock((unsigned char *)s,ek[i],
+ RSA_size(pubk[i]->pkey.rsa));
+ ekl[i]=j;
+ memcpy(ek[i],s,j+1);
+ }
+
+ ret=npubk;
+err:
+ if (s != NULL) Free(s);
+ memset(key,0,EVP_MAX_KEY_LENGTH);
+ return(ret);
+ }
+
+void PEM_SealUpdate(ctx,out,outl,in,inl)
+PEM_ENCODE_SEAL_CTX *ctx;
+unsigned char *out;
+int *outl;
+unsigned char *in;
+int inl;
+ {
+ unsigned char buffer[1600];
+ int i,j;
+
+ *outl=0;
+ EVP_SignUpdate(&(ctx->md),in,inl);
+ for (;;)
+ {
+ if (inl <= 0) break;
+ if (inl > 1200)
+ i=1200;
+ else
+ i=inl;
+ EVP_EncryptUpdate(&(ctx->cipher),buffer,&j,in,i);
+ EVP_EncodeUpdate(&(ctx->encode),out,&j,buffer,j);
+ *outl+=j;
+ out+=j;
+ in+=i;
+ inl-=i;
+ }
+ }
+
+int PEM_SealFinal(ctx,sig,sigl,out,outl,priv)
+PEM_ENCODE_SEAL_CTX *ctx;
+unsigned char *sig;
+int *sigl;
+unsigned char *out;
+int *outl;
+EVP_PKEY *priv;
+ {
+ unsigned char *s=NULL;
+ int ret=0,j;
+ unsigned int i;
+
+ if (priv->type != EVP_PKEY_RSA)
+ {
+ PEMerr(PEM_F_PEM_SEALFINAL,PEM_R_PUBLIC_KEY_NO_RSA);
+ goto err;
+ }
+ i=RSA_size(priv->pkey.rsa);
+ if (i < 100) i=100;
+ s=(unsigned char *)Malloc(i*2);
+ if (s == NULL)
+ {
+ PEMerr(PEM_F_PEM_SEALFINAL,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ EVP_EncryptFinal(&(ctx->cipher),s,(int *)&i);
+ EVP_EncodeUpdate(&(ctx->encode),out,&j,s,i);
+ *outl=j;
+ out+=j;
+ EVP_EncodeFinal(&(ctx->encode),out,&j);
+ *outl+=j;
+
+ if (!EVP_SignFinal(&(ctx->md),s,&i,priv)) goto err;
+ *sigl=EVP_EncodeBlock(sig,s,i);
+
+ ret=1;
+err:
+ memset((char *)&(ctx->md),0,sizeof(ctx->md));
+ memset((char *)&(ctx->cipher),0,sizeof(ctx->cipher));
+ if (s != NULL) Free(s);
+ return(ret);
+ }
diff --git a/src/lib/libssl/src/crypto/pem/pem_sign.c b/src/lib/libssl/src/crypto/pem/pem_sign.c
new file mode 100644
index 0000000000..d56f9f9e14
--- /dev/null
+++ b/src/lib/libssl/src/crypto/pem/pem_sign.c
@@ -0,0 +1,109 @@
+/* crypto/pem/pem_sign.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "rand.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+#include "pem.h"
+
+void PEM_SignInit(ctx,type)
+EVP_MD_CTX *ctx;
+EVP_MD *type;
+ {
+ EVP_DigestInit(ctx,type);
+ }
+
+void PEM_SignUpdate(ctx,data,count)
+EVP_MD_CTX *ctx;
+unsigned char *data;
+unsigned int count;
+ {
+ EVP_DigestUpdate(ctx,data,count);
+ }
+
+int PEM_SignFinal(ctx,sigret,siglen,pkey)
+EVP_MD_CTX *ctx;
+unsigned char *sigret;
+unsigned int *siglen;
+EVP_PKEY *pkey;
+ {
+ unsigned char *m;
+ int i,ret=0;
+ unsigned int m_len;
+
+ m=(unsigned char *)Malloc(EVP_PKEY_size(pkey)+2);
+ if (m == NULL)
+ {
+ PEMerr(PEM_F_PEM_SIGNFINAL,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ if (EVP_SignFinal(ctx,m,&m_len,pkey) <= 0) goto err;
+
+ i=EVP_EncodeBlock(sigret,m,m_len);
+ *siglen=i;
+ ret=1;
+err:
+ /* ctx has been zeroed by EVP_SignFinal() */
+ if (m != NULL) Free(m);
+ return(ret);
+ }
+
diff --git a/src/lib/libssl/src/crypto/pem/pkcs7.lis b/src/lib/libssl/src/crypto/pem/pkcs7.lis
new file mode 100644
index 0000000000..be90c5d87f
--- /dev/null
+++ b/src/lib/libssl/src/crypto/pem/pkcs7.lis
@@ -0,0 +1,22 @@
+21 0:d=0 hl=2 l= 0 cons: univ: SEQUENCE
+ 00 2:d=0 hl=2 l= 9 prim: univ: OBJECT_IDENTIFIER :pkcs-7-signedData
+ 21 13:d=0 hl=2 l= 0 cons: cont: 00 # explicit tag
+ 21 15:d=0 hl=2 l= 0 cons: univ: SEQUENCE
+ 00 17:d=0 hl=2 l= 1 prim: univ: INTEGER # version
+ 20 20:d=0 hl=2 l= 0 cons: univ: SET
+ 21 22:d=0 hl=2 l= 0 cons: univ: SEQUENCE
+ 00 24:d=0 hl=2 l= 9 prim: univ: OBJECT_IDENTIFIER :pkcs-7-data
+ 00 35:d=0 hl=2 l= 0 prim: univ: EOC
+ 21 37:d=0 hl=2 l= 0 cons: cont: 00 # cert tag
+ 20 39:d=0 hl=4 l=545 cons: univ: SEQUENCE
+ 20 588:d=0 hl=4 l=524 cons: univ: SEQUENCE
+ 00 1116:d=0 hl=2 l= 0 prim: univ: EOC
+ 21 1118:d=0 hl=2 l= 0 cons: cont: 01 # crl tag
+ 20 1120:d=0 hl=4 l=653 cons: univ: SEQUENCE
+ 20 1777:d=0 hl=4 l=285 cons: univ: SEQUENCE
+ 00 2066:d=0 hl=2 l= 0 prim: univ: EOC
+ 21 2068:d=0 hl=2 l= 0 cons: univ: SET # signers
+ 00 2070:d=0 hl=2 l= 0 prim: univ: EOC
+ 00 2072:d=0 hl=2 l= 0 prim: univ: EOC
+ 00 2074:d=0 hl=2 l= 0 prim: univ: EOC
+00 2076:d=0 hl=2 l= 0 prim: univ: EOC
diff --git a/src/lib/libssl/src/crypto/perlasm/cbc.pl b/src/lib/libssl/src/crypto/perlasm/cbc.pl
new file mode 100644
index 0000000000..2789305790
--- /dev/null
+++ b/src/lib/libssl/src/crypto/perlasm/cbc.pl
@@ -0,0 +1,342 @@
+#!/usr/bin/perl
+
+# void des_ncbc_encrypt(input, output, length, schedule, ivec, enc)
+# des_cblock (*input);
+# des_cblock (*output);
+# long length;
+# des_key_schedule schedule;
+# des_cblock (*ivec);
+# int enc;
+#
+# calls
+# des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
+#
+
+#&cbc("des_ncbc_encrypt","des_encrypt",0);
+#&cbc("BF_cbc_encrypt","BF_encrypt","BF_encrypt",
+# 1,4,5,3,5,-1);
+#&cbc("des_ncbc_encrypt","des_encrypt","des_encrypt",
+# 0,4,5,3,5,-1);
+#&cbc("des_ede3_cbc_encrypt","des_encrypt3","des_decrypt3",
+# 0,6,7,3,4,5);
+#
+# When doing a cipher that needs bigendian order,
+# for encrypt, the iv is kept in bigendian form,
+# while for decrypt, it is kept in little endian.
+sub cbc
+ {
+ local($name,$enc_func,$dec_func,$swap,$iv_off,$enc_off,$p1,$p2,$p3)=@_;
+ # name is the function name
+ # enc_func and dec_func and the functions to call for encrypt/decrypt
+ # swap is true if byte order needs to be reversed
+ # iv_off is parameter number for the iv
+ # enc_off is parameter number for the encrypt/decrypt flag
+ # p1,p2,p3 are the offsets for parameters to be passed to the
+ # underlying calls.
+
+ &function_begin_B($name,"");
+ &comment("");
+
+ $in="esi";
+ $out="edi";
+ $count="ebp";
+
+ &push("ebp");
+ &push("ebx");
+ &push("esi");
+ &push("edi");
+
+ $data_off=4;
+ $data_off+=4 if ($p1 > 0);
+ $data_off+=4 if ($p2 > 0);
+ $data_off+=4 if ($p3 > 0);
+
+ &mov($count, &wparam(2)); # length
+
+ &comment("getting iv ptr from parameter $iv_off");
+ &mov("ebx", &wparam($iv_off)); # Get iv ptr
+
+ &mov($in, &DWP(0,"ebx","",0));# iv[0]
+ &mov($out, &DWP(4,"ebx","",0));# iv[1]
+
+ &push($out);
+ &push($in);
+ &push($out); # used in decrypt for iv[1]
+ &push($in); # used in decrypt for iv[0]
+
+ &mov("ebx", "esp"); # This is the address of tin[2]
+
+ &mov($in, &wparam(0)); # in
+ &mov($out, &wparam(1)); # out
+
+ # We have loaded them all, how lets push things
+ &comment("getting encrypt flag from parameter $enc_off");
+ &mov("ecx", &wparam($enc_off)); # Get enc flag
+ if ($p3 > 0)
+ {
+ &comment("get and push parameter $p3");
+ if ($enc_off != $p3)
+ { &mov("eax", &wparam($p3)); &push("eax"); }
+ else { &push("ecx"); }
+ }
+ if ($p2 > 0)
+ {
+ &comment("get and push parameter $p2");
+ if ($enc_off != $p2)
+ { &mov("eax", &wparam($p2)); &push("eax"); }
+ else { &push("ecx"); }
+ }
+ if ($p1 > 0)
+ {
+ &comment("get and push parameter $p1");
+ if ($enc_off != $p1)
+ { &mov("eax", &wparam($p1)); &push("eax"); }
+ else { &push("ecx"); }
+ }
+ &push("ebx"); # push data/iv
+
+ &cmp("ecx",0);
+ &jz(&label("decrypt"));
+
+ &and($count,0xfffffff8);
+ &mov("eax", &DWP($data_off,"esp","",0)); # load iv[0]
+ &mov("ebx", &DWP($data_off+4,"esp","",0)); # load iv[1]
+
+ &jz(&label("encrypt_finish"));
+
+ #############################################################
+
+ &set_label("encrypt_loop");
+ # encrypt start
+ # "eax" and "ebx" hold iv (or the last cipher text)
+
+ &mov("ecx", &DWP(0,$in,"",0)); # load first 4 bytes
+ &mov("edx", &DWP(4,$in,"",0)); # second 4 bytes
+
+ &xor("eax", "ecx");
+ &xor("ebx", "edx");
+
+ &bswap("eax") if $swap;
+ &bswap("ebx") if $swap;
+
+ &mov(&DWP($data_off,"esp","",0), "eax"); # put in array for call
+ &mov(&DWP($data_off+4,"esp","",0), "ebx"); #
+
+ &call($enc_func);
+
+ &mov("eax", &DWP($data_off,"esp","",0));
+ &mov("ebx", &DWP($data_off+4,"esp","",0));
+
+ &bswap("eax") if $swap;
+ &bswap("ebx") if $swap;
+
+ &mov(&DWP(0,$out,"",0),"eax");
+ &mov(&DWP(4,$out,"",0),"ebx");
+
+ # eax and ebx are the next iv.
+
+ &add($in, 8);
+ &add($out, 8);
+
+ &sub($count, 8);
+ &jnz(&label("encrypt_loop"));
+
+###################################################################3
+ &set_label("encrypt_finish");
+ &mov($count, &wparam(2)); # length
+ &and($count, 7);
+ &jz(&label("finish"));
+ &xor("ecx","ecx");
+ &xor("edx","edx");
+ &mov($count,&DWP(&label("cbc_enc_jmp_table"),"",$count,4));
+ &jmp_ptr($count);
+
+&set_label("ej7");
+ &xor("edx", "edx") if $ppro; # ppro friendly
+ &movb(&HB("edx"), &BP(6,$in,"",0));
+ &shl("edx",8);
+&set_label("ej6");
+ &movb(&HB("edx"), &BP(5,$in,"",0));
+&set_label("ej5");
+ &movb(&LB("edx"), &BP(4,$in,"",0));
+&set_label("ej4");
+ &mov("ecx", &DWP(0,$in,"",0));
+ &jmp(&label("ejend"));
+&set_label("ej3");
+ &movb(&HB("ecx"), &BP(2,$in,"",0));
+ &xor("ecx", "ecx") if $ppro; # ppro friendly
+ &shl("ecx",8);
+&set_label("ej2");
+ &movb(&HB("ecx"), &BP(1,$in,"",0));
+&set_label("ej1");
+ &movb(&LB("ecx"), &BP(0,$in,"",0));
+&set_label("ejend");
+
+ &xor("eax", "ecx");
+ &xor("ebx", "edx");
+
+ &bswap("eax") if $swap;
+ &bswap("ebx") if $swap;
+
+ &mov(&DWP($data_off,"esp","",0), "eax"); # put in array for call
+ &mov(&DWP($data_off+4,"esp","",0), "ebx"); #
+
+ &call($enc_func);
+
+ &mov("eax", &DWP($data_off,"esp","",0));
+ &mov("ebx", &DWP($data_off+4,"esp","",0));
+
+ &bswap("eax") if $swap;
+ &bswap("ebx") if $swap;
+
+ &mov(&DWP(0,$out,"",0),"eax");
+ &mov(&DWP(4,$out,"",0),"ebx");
+
+ &jmp(&label("finish"));
+
+ #############################################################
+ #############################################################
+ &set_label("decrypt",1);
+ # decrypt start
+ &and($count,0xfffffff8);
+ # The next 2 instructions are only for if the jz is taken
+ &mov("eax", &DWP($data_off+8,"esp","",0)); # get iv[0]
+ &mov("ebx", &DWP($data_off+12,"esp","",0)); # get iv[1]
+ &jz(&label("decrypt_finish"));
+
+ &set_label("decrypt_loop");
+ &mov("eax", &DWP(0,$in,"",0)); # load first 4 bytes
+ &mov("ebx", &DWP(4,$in,"",0)); # second 4 bytes
+
+ &bswap("eax") if $swap;
+ &bswap("ebx") if $swap;
+
+ &mov(&DWP($data_off,"esp","",0), "eax"); # put back
+ &mov(&DWP($data_off+4,"esp","",0), "ebx"); #
+
+ &call($dec_func);
+
+ &mov("eax", &DWP($data_off,"esp","",0)); # get return
+ &mov("ebx", &DWP($data_off+4,"esp","",0)); #
+
+ &bswap("eax") if $swap;
+ &bswap("ebx") if $swap;
+
+ &mov("ecx", &DWP($data_off+8,"esp","",0)); # get iv[0]
+ &mov("edx", &DWP($data_off+12,"esp","",0)); # get iv[1]
+
+ &xor("ecx", "eax");
+ &xor("edx", "ebx");
+
+ &mov("eax", &DWP(0,$in,"",0)); # get old cipher text,
+ &mov("ebx", &DWP(4,$in,"",0)); # next iv actually
+
+ &mov(&DWP(0,$out,"",0),"ecx");
+ &mov(&DWP(4,$out,"",0),"edx");
+
+ &mov(&DWP($data_off+8,"esp","",0), "eax"); # save iv
+ &mov(&DWP($data_off+12,"esp","",0), "ebx"); #
+
+ &add($in, 8);
+ &add($out, 8);
+
+ &sub($count, 8);
+ &jnz(&label("decrypt_loop"));
+############################ ENDIT #######################3
+ &set_label("decrypt_finish");
+ &mov($count, &wparam(2)); # length
+ &and($count, 7);
+ &jz(&label("finish"));
+
+ &mov("eax", &DWP(0,$in,"",0)); # load first 4 bytes
+ &mov("ebx", &DWP(4,$in,"",0)); # second 4 bytes
+
+ &bswap("eax") if $swap;
+ &bswap("ebx") if $swap;
+
+ &mov(&DWP($data_off,"esp","",0), "eax"); # put back
+ &mov(&DWP($data_off+4,"esp","",0), "ebx"); #
+
+ &call($dec_func);
+
+ &mov("eax", &DWP($data_off,"esp","",0)); # get return
+ &mov("ebx", &DWP($data_off+4,"esp","",0)); #
+
+ &bswap("eax") if $swap;
+ &bswap("ebx") if $swap;
+
+ &mov("ecx", &DWP($data_off+8,"esp","",0)); # get iv[0]
+ &mov("edx", &DWP($data_off+12,"esp","",0)); # get iv[1]
+
+ &xor("ecx", "eax");
+ &xor("edx", "ebx");
+
+ # this is for when we exit
+ &mov("eax", &DWP(0,$in,"",0)); # get old cipher text,
+ &mov("ebx", &DWP(4,$in,"",0)); # next iv actually
+
+&set_label("dj7");
+ &rotr("edx", 16);
+ &movb(&BP(6,$out,"",0), &LB("edx"));
+ &shr("edx",16);
+&set_label("dj6");
+ &movb(&BP(5,$out,"",0), &HB("edx"));
+&set_label("dj5");
+ &movb(&BP(4,$out,"",0), &LB("edx"));
+&set_label("dj4");
+ &mov(&DWP(0,$out,"",0), "ecx");
+ &jmp(&label("djend"));
+&set_label("dj3");
+ &rotr("ecx", 16);
+ &movb(&BP(2,$out,"",0), &LB("ecx"));
+ &shl("ecx",16);
+&set_label("dj2");
+ &movb(&BP(1,$in,"",0), &HB("ecx"));
+&set_label("dj1");
+ &movb(&BP(0,$in,"",0), &LB("ecx"));
+&set_label("djend");
+
+ # final iv is still in eax:ebx
+ &jmp(&label("finish"));
+
+
+############################ FINISH #######################3
+ &set_label("finish",1);
+ &mov("ecx", &wparam($iv_off)); # Get iv ptr
+
+ #################################################
+ $total=16+4;
+ $total+=4 if ($p1 > 0);
+ $total+=4 if ($p2 > 0);
+ $total+=4 if ($p3 > 0);
+ &add("esp",$total);
+
+ &mov(&DWP(0,"ecx","",0), "eax"); # save iv
+ &mov(&DWP(4,"ecx","",0), "ebx"); # save iv
+
+ &function_end_A($name);
+
+ &set_label("cbc_enc_jmp_table",1);
+ &data_word("0");
+ &data_word(&label("ej1"));
+ &data_word(&label("ej2"));
+ &data_word(&label("ej3"));
+ &data_word(&label("ej4"));
+ &data_word(&label("ej5"));
+ &data_word(&label("ej6"));
+ &data_word(&label("ej7"));
+ &set_label("cbc_dec_jmp_table",1);
+ &data_word("0");
+ &data_word(&label("dj1"));
+ &data_word(&label("dj2"));
+ &data_word(&label("dj3"));
+ &data_word(&label("dj4"));
+ &data_word(&label("dj5"));
+ &data_word(&label("dj6"));
+ &data_word(&label("dj7"));
+
+ &function_end_B($name);
+
+ }
+
+1;
diff --git a/src/lib/libssl/src/crypto/perlasm/readme b/src/lib/libssl/src/crypto/perlasm/readme
new file mode 100644
index 0000000000..f02bbee75a
--- /dev/null
+++ b/src/lib/libssl/src/crypto/perlasm/readme
@@ -0,0 +1,124 @@
+The perl scripts in this directory are my 'hack' to generate
+multiple different assembler formats via the one origional script.
+
+The way to use this library is to start with adding the path to this directory
+and then include it.
+
+push(@INC,"perlasm","../../perlasm");
+require "x86asm.pl";
+
+The first thing we do is setup the file and type of assember
+
+&asm_init($ARGV[0],$0);
+
+The first argument is the 'type'. Currently
+'cpp', 'sol', 'a.out', 'elf' or 'win32'.
+Argument 2 is the file name.
+
+The reciprocal function is
+&asm_finish() which should be called at the end.
+
+There are 2 main 'packages'. x86ms.pl, which is the microsoft assembler,
+and x86unix.pl which is the unix (gas) version.
+
+Functions of interest are:
+&external_label("des_SPtrans"); declare and external variable
+&LB(reg); Low byte for a register
+&HB(reg); High byte for a register
+&BP(off,base,index,scale) Byte pointer addressing
+&DWP(off,base,index,scale) Word pointer addressing
+&stack_push(num) Basically a 'sub esp, num*4' with extra
+&stack_pop(num) inverse of stack_push
+&function_begin(name,extra) Start a function with pushing of
+ edi, esi, ebx and ebp. extra is extra win32
+ external info that may be required.
+&function_begin_B(name,extra) Same as norma function_begin but no pushing.
+&function_end(name) Call at end of function.
+&function_end_A(name) Standard pop and ret, for use inside functions
+&function_end_B(name) Call at end but with poping or 'ret'.
+&swtmp(num) Address on stack temp word.
+&wparam(num) Parameter number num, that was push
+ in C convention. This all works over pushes
+ and pops.
+&comment("hello there") Put in a comment.
+&label("loop") Refer to a label, normally a jmp target.
+&set_label("loop") Set a label at this point.
+&data_word(word) Put in a word of data.
+
+So how does this all hold together? Given
+
+int calc(int len, int *data)
+ {
+ int i,j=0;
+
+ for (i=0; i<len; i++)
+ {
+ j+=other(data[i]);
+ }
+ }
+
+So a very simple version of this function could be coded as
+
+ push(@INC,"perlasm","../../perlasm");
+ require "x86asm.pl";
+
+ &asm_init($ARGV[0],"cacl.pl");
+
+ &external_label("other");
+
+ $tmp1= "eax";
+ $j= "edi";
+ $data= "esi";
+ $i= "ebp";
+
+ &comment("a simple function");
+ &function_begin("calc");
+ &mov( $data, &wparam(1)); # data
+ &xor( $j, $j);
+ &xor( $i, $i);
+
+ &set_label("loop");
+ &cmp( $i, &wparam(0));
+ &jge( &label("end"));
+
+ &mov( $tmp1, &DWP(0,$data,$i,4));
+ &push( $tmp1);
+ &call( "other");
+ &add( $j, "eax");
+ &pop( $tmp1);
+ &inc( $i);
+ &jmp( &label("loop"));
+
+ &set_label("end");
+ &mov( "eax", $j);
+
+ &function_end("calc");
+
+ &asm_finish();
+
+The above example is very very unoptimised but gives an idea of how
+things work.
+
+There is also a cbc mode function generator in cbc.pl
+
+&cbc( $name,
+ $encrypt_function_name,
+ $decrypt_function_name,
+ $true_if_byte_swap_needed,
+ $parameter_number_for_iv,
+ $parameter_number_for_encrypt_flag,
+ $first_parameter_to_pass,
+ $second_parameter_to_pass,
+ $third_parameter_to_pass);
+
+So for example, given
+void BF_encrypt(BF_LONG *data,BF_KEY *key);
+void BF_decrypt(BF_LONG *data,BF_KEY *key);
+void BF_cbc_encrypt(unsigned char *in, unsigned char *out, long length,
+ BF_KEY *ks, unsigned char *iv, int enc);
+
+&cbc("BF_cbc_encrypt","BF_encrypt","BF_encrypt",1,4,5,3,-1,-1);
+
+&cbc("des_ncbc_encrypt","des_encrypt","des_encrypt",0,4,5,3,5,-1);
+&cbc("des_ede3_cbc_encrypt","des_encrypt3","des_decrypt3",0,6,7,3,4,5);
+
diff --git a/src/lib/libssl/src/crypto/perlasm/x86asm.pl b/src/lib/libssl/src/crypto/perlasm/x86asm.pl
new file mode 100644
index 0000000000..6a9156ae9a
--- /dev/null
+++ b/src/lib/libssl/src/crypto/perlasm/x86asm.pl
@@ -0,0 +1,113 @@
+#!/usr/bin/perl
+
+# require 'x86asm.pl';
+# &asm_init("cpp","des-586.pl");
+# XXX
+# XXX
+# main'asm_finish
+
+sub main'asm_finish
+ {
+ &file_end();
+ &asm_finish_cpp() if $cpp;
+ print &asm_get_output();
+ }
+
+sub main'asm_init
+ {
+ ($type,$fn)=@_;
+ $filename=$fn;
+
+ $cpp=$sol=$aout=$win32=0;
+ if ( ($type eq "elf"))
+ { require "x86unix.pl"; }
+ elsif ( ($type eq "a.out"))
+ { $aout=1; require "x86unix.pl"; }
+ elsif ( ($type eq "sol"))
+ { $sol=1; require "x86unix.pl"; }
+ elsif ( ($type eq "cpp"))
+ { $cpp=1; require "x86unix.pl"; }
+ elsif ( ($type eq "win32"))
+ { $win32=1; require "x86ms.pl"; }
+ else
+ {
+ print STDERR <<"EOF";
+Pick one target type from
+ elf - linux, FreeBSD etc
+ a.out - old linux
+ sol - x86 solaris
+ cpp - format so x86unix.cpp can be used
+ win32 - Windows 95/Windows NT
+EOF
+ exit(1);
+ }
+
+ &asm_init_output();
+
+&comment("Don't even think of reading this code");
+&comment("It was automatically generated by $filename");
+&comment("Which is a perl program used to generate the x86 assember for");
+&comment("any of elf, a.out, BSDI,Win32, or Solaris");
+&comment("eric <eay\@cryptsoft.com>");
+&comment("");
+
+ $filename =~ s/\.pl$//;
+ &file($filename);
+ }
+
+sub asm_finish_cpp
+ {
+ return unless $cpp;
+
+ local($tmp,$i);
+ foreach $i (&get_labels())
+ {
+ $tmp.="#define $i _$i\n";
+ }
+ print <<"EOF";
+/* Run the C pre-processor over this file with one of the following defined
+ * ELF - elf object files,
+ * OUT - a.out object files,
+ * BSDI - BSDI style a.out object files
+ * SOL - Solaris style elf
+ */
+
+#define TYPE(a,b) .type a,b
+#define SIZE(a,b) .size a,b
+
+#if defined(OUT) || defined(BSDI)
+$tmp
+#endif
+
+#ifdef OUT
+#define OK 1
+#define ALIGN 4
+#endif
+
+#ifdef BSDI
+#define OK 1
+#define ALIGN 4
+#undef SIZE
+#undef TYPE
+#define SIZE(a,b)
+#define TYPE(a,b)
+#endif
+
+#if defined(ELF) || defined(SOL)
+#define OK 1
+#define ALIGN 16
+#endif
+
+#ifndef OK
+You need to define one of
+ELF - elf systems - linux-elf, NetBSD and DG-UX
+OUT - a.out systems - linux-a.out and FreeBSD
+SOL - solaris systems, which are elf with strange comment lines
+BSDI - a.out with a very primative version of as.
+#endif
+
+/* Let the Assembler begin :-) */
+EOF
+ }
+
+1;
diff --git a/src/lib/libssl/src/crypto/perlasm/x86ms.pl b/src/lib/libssl/src/crypto/perlasm/x86ms.pl
new file mode 100644
index 0000000000..893b50b1a4
--- /dev/null
+++ b/src/lib/libssl/src/crypto/perlasm/x86ms.pl
@@ -0,0 +1,348 @@
+#!/usr/bin/perl
+
+package x86ms;
+
+$label="L000";
+
+%lb=( 'eax', 'al',
+ 'ebx', 'bl',
+ 'ecx', 'cl',
+ 'edx', 'dl',
+ 'ax', 'al',
+ 'bx', 'bl',
+ 'cx', 'cl',
+ 'dx', 'dl',
+ );
+
+%hb=( 'eax', 'ah',
+ 'ebx', 'bh',
+ 'ecx', 'ch',
+ 'edx', 'dh',
+ 'ax', 'ah',
+ 'bx', 'bh',
+ 'cx', 'ch',
+ 'dx', 'dh',
+ );
+
+sub main'asm_init_output { @out=(); }
+sub main'asm_get_output { return(@out); }
+sub main'get_labels { return(@labels); }
+sub main'external_label { push(@labels,@_); }
+
+sub main'LB
+ {
+ (defined($lb{$_[0]})) || die "$_[0] does not have a 'low byte'\n";
+ return($lb{$_[0]});
+ }
+
+sub main'HB
+ {
+ (defined($hb{$_[0]})) || die "$_[0] does not have a 'high byte'\n";
+ return($hb{$_[0]});
+ }
+
+sub main'BP
+ {
+ &get_mem("BYTE",@_);
+ }
+
+sub main'DWP
+ {
+ &get_mem("DWORD",@_);
+ }
+
+sub main'stack_push
+ {
+ local($num)=@_;
+ $stack+=$num*4;
+ &main'sub("esp",$num*4);
+ }
+
+sub main'stack_pop
+ {
+ local($num)=@_;
+ $stack-=$num*4;
+ &main'add("esp",$num*4);
+ }
+
+sub get_mem
+ {
+ local($size,$addr,$reg1,$reg2,$idx)=@_;
+ local($t,$post);
+ local($ret)="$size PTR ";
+
+ $addr =~ s/^\s+//;
+ if ($addr =~ /^(.+)\+(.+)$/)
+ {
+ $reg2=&conv($1);
+ $addr="_$2";
+ }
+ elsif ($addr =~ /^[_a-zA-Z]/)
+ {
+ $addr="_$addr";
+ }
+
+ $reg1="$regs{$reg1}" if defined($regs{$reg1});
+ $reg2="$regs{$reg2}" if defined($regs{$reg2});
+ if (($addr ne "") && ($addr ne 0))
+ {
+ if ($addr !~ /^-/)
+ { $ret.=$addr; }
+ else { $post=$addr; }
+ }
+ if ($reg2 ne "")
+ {
+ $t="";
+ $t="*$idx" if ($idx != 0);
+ $reg1="+".$reg1 if ("$reg1$post" ne "");
+ $ret.="[$reg2$t$reg1$post]";
+ }
+ else
+ {
+ $ret.="[$reg1$post]"
+ }
+ return($ret);
+ }
+
+sub main'mov { &out2("mov",@_); }
+sub main'movb { &out2("mov",@_); }
+sub main'and { &out2("and",@_); }
+sub main'or { &out2("or",@_); }
+sub main'shl { &out2("shl",@_); }
+sub main'shr { &out2("shr",@_); }
+sub main'xor { &out2("xor",@_); }
+sub main'xorb { &out2("xor",@_); }
+sub main'add { &out2("add",@_); }
+sub main'adc { &out2("adc",@_); }
+sub main'sub { &out2("sub",@_); }
+sub main'rotl { &out2("rol",@_); }
+sub main'rotr { &out2("ror",@_); }
+sub main'exch { &out2("xchg",@_); }
+sub main'cmp { &out2("cmp",@_); }
+sub main'lea { &out2("lea",@_); }
+sub main'mul { &out1("mul",@_); }
+sub main'div { &out1("div",@_); }
+sub main'dec { &out1("dec",@_); }
+sub main'inc { &out1("inc",@_); }
+sub main'jmp { &out1("jmp",@_); }
+sub main'jmp_ptr { &out1p("jmp",@_); }
+sub main'je { &out1("je",@_); }
+sub main'jle { &out1("jle",@_); }
+sub main'jz { &out1("jz",@_); }
+sub main'jge { &out1("jge",@_); }
+sub main'jl { &out1("jl",@_); }
+sub main'jb { &out1("jb",@_); }
+sub main'jc { &out1("jc",@_); }
+sub main'jnc { &out1("jnc",@_); }
+sub main'jnz { &out1("jnz",@_); }
+sub main'jne { &out1("jne",@_); }
+sub main'jno { &out1("jno",@_); }
+sub main'push { &out1("push",@_); $stack+=4; }
+sub main'pop { &out1("pop",@_); $stack-=4; }
+sub main'bswap { &out1("bswap",@_); &using486(); }
+sub main'not { &out1("not",@_); }
+sub main'call { &out1("call",'_'.$_[0]); }
+sub main'ret { &out0("ret"); }
+sub main'nop { &out0("nop"); }
+
+sub out2
+ {
+ local($name,$p1,$p2)=@_;
+ local($l,$t);
+
+ push(@out,"\t$name\t");
+ $t=&conv($p1).",";
+ $l=length($t);
+ push(@out,$t);
+ $l=4-($l+9)/8;
+ push(@out,"\t" x $l);
+ push(@out,&conv($p2));
+ push(@out,"\n");
+ }
+
+sub out0
+ {
+ local($name)=@_;
+
+ push(@out,"\t$name\n");
+ }
+
+sub out1
+ {
+ local($name,$p1)=@_;
+ local($l,$t);
+
+ push(@out,"\t$name\t".&conv($p1)."\n");
+ }
+
+sub conv
+ {
+ local($p)=@_;
+
+ $p =~ s/0x([0-9A-Fa-f]+)/0$1h/;
+ return $p;
+ }
+
+sub using486
+ {
+ return if $using486;
+ $using486++;
+ grep(s/\.386/\.486/,@out);
+ }
+
+sub main'file
+ {
+ local($file)=@_;
+
+ local($tmp)=<<"EOF";
+ TITLE $file.asm
+ .386
+.model FLAT
+EOF
+ push(@out,$tmp);
+ }
+
+sub main'function_begin
+ {
+ local($func,$extra)=@_;
+
+ push(@labels,$func);
+
+ local($tmp)=<<"EOF";
+_TEXT SEGMENT
+PUBLIC _$func
+$extra
+_$func PROC NEAR
+ push ebp
+ push ebx
+ push esi
+ push edi
+EOF
+ push(@out,$tmp);
+ $stack=20;
+ }
+
+sub main'function_begin_B
+ {
+ local($func,$extra)=@_;
+
+ local($tmp)=<<"EOF";
+_TEXT SEGMENT
+PUBLIC _$func
+$extra
+_$func PROC NEAR
+EOF
+ push(@out,$tmp);
+ $stack=4;
+ }
+
+sub main'function_end
+ {
+ local($func)=@_;
+
+ local($tmp)=<<"EOF";
+ pop edi
+ pop esi
+ pop ebx
+ pop ebp
+ ret
+_$func ENDP
+_TEXT ENDS
+EOF
+ push(@out,$tmp);
+ $stack=0;
+ %label=();
+ }
+
+sub main'function_end_B
+ {
+ local($func)=@_;
+
+ local($tmp)=<<"EOF";
+_$func ENDP
+_TEXT ENDS
+EOF
+ push(@out,$tmp);
+ $stack=0;
+ %label=();
+ }
+
+sub main'function_end_A
+ {
+ local($func)=@_;
+
+ local($tmp)=<<"EOF";
+ pop edi
+ pop esi
+ pop ebx
+ pop ebp
+ ret
+EOF
+ push(@out,$tmp);
+ }
+
+sub main'file_end
+ {
+ push(@out,"END\n");
+ }
+
+sub main'wparam
+ {
+ local($num)=@_;
+
+ return(&main'DWP($stack+$num*4,"esp","",0));
+ }
+
+sub main'swtmp
+ {
+ return(&main'DWP($_[0]*4,"esp","",0));
+ }
+
+# Should use swtmp, which is above esp. Linix can trash the stack above esp
+#sub main'wtmp
+# {
+# local($num)=@_;
+#
+# return(&main'DWP(-(($num+1)*4),"esp","",0));
+# }
+
+sub main'comment
+ {
+ foreach (@_)
+ {
+ push(@out,"\t; $_\n");
+ }
+ }
+
+sub main'label
+ {
+ if (!defined($label{$_[0]}))
+ {
+ $label{$_[0]}="\$${label}${_[0]}";
+ $label++;
+ }
+ return($label{$_[0]});
+ }
+
+sub main'set_label
+ {
+ if (!defined($label{$_[0]}))
+ {
+ $label{$_[0]}="${label}${_[0]}";
+ $label++;
+ }
+ push(@out,"$label{$_[0]}:\n");
+ }
+
+sub main'data_word
+ {
+ push(@out,"\tDD\t$_[0]\n");
+ }
+
+sub out1p
+ {
+ local($name,$p1)=@_;
+ local($l,$t);
+
+ push(@out,"\t$name\t ".&conv($p1)."\n");
+ }
diff --git a/src/lib/libssl/src/crypto/perlasm/x86unix.pl b/src/lib/libssl/src/crypto/perlasm/x86unix.pl
new file mode 100644
index 0000000000..6ee4dd3245
--- /dev/null
+++ b/src/lib/libssl/src/crypto/perlasm/x86unix.pl
@@ -0,0 +1,429 @@
+#!/usr/bin/perl
+
+# Because the bswapl instruction is not supported for old assembers
+# (it was a new instruction for the 486), I've added .byte xxxx code
+# to put it in.
+# eric 24-Apr-1998
+#
+
+package x86unix;
+
+$label="L000";
+
+$align=($main'aout)?"4":"16";
+$under=($main'aout)?"_":"";
+$com_start=($main'sol)?"/":"#";
+
+sub main'asm_init_output { @out=(); }
+sub main'asm_get_output { return(@out); }
+sub main'get_labels { return(@labels); }
+sub main'external_label { push(@labels,@_); }
+
+if ($main'cpp)
+ {
+ $align="ALIGN";
+ $under="";
+ $com_start='/*';
+ $com_end='*/';
+ }
+
+%lb=( 'eax', '%al',
+ 'ebx', '%bl',
+ 'ecx', '%cl',
+ 'edx', '%dl',
+ 'ax', '%al',
+ 'bx', '%bl',
+ 'cx', '%cl',
+ 'dx', '%dl',
+ );
+
+%hb=( 'eax', '%ah',
+ 'ebx', '%bh',
+ 'ecx', '%ch',
+ 'edx', '%dh',
+ 'ax', '%ah',
+ 'bx', '%bh',
+ 'cx', '%ch',
+ 'dx', '%dh',
+ );
+
+%regs=( 'eax', '%eax',
+ 'ebx', '%ebx',
+ 'ecx', '%ecx',
+ 'edx', '%edx',
+ 'esi', '%esi',
+ 'edi', '%edi',
+ 'ebp', '%ebp',
+ 'esp', '%esp',
+ );
+
+%reg_val=(
+ 'eax', 0x00,
+ 'ebx', 0x03,
+ 'ecx', 0x01,
+ 'edx', 0x02,
+ 'esi', 0x06,
+ 'edi', 0x07,
+ 'ebp', 0x05,
+ 'esp', 0x04,
+ );
+
+sub main'LB
+ {
+ (defined($lb{$_[0]})) || die "$_[0] does not have a 'low byte'\n";
+ return($lb{$_[0]});
+ }
+
+sub main'HB
+ {
+ (defined($hb{$_[0]})) || die "$_[0] does not have a 'high byte'\n";
+ return($hb{$_[0]});
+ }
+
+sub main'DWP
+ {
+ local($addr,$reg1,$reg2,$idx)=@_;
+
+ $ret="";
+ $addr =~ s/(^|[+ \t])([A-Za-z_]+)($|[+ \t])/$1$under$2$3/;
+ $reg1="$regs{$reg1}" if defined($regs{$reg1});
+ $reg2="$regs{$reg2}" if defined($regs{$reg2});
+ $ret.=$addr if ($addr ne "") && ($addr ne 0);
+ if ($reg2 ne "")
+ { $ret.="($reg1,$reg2,$idx)"; }
+ else
+ { $ret.="($reg1)" }
+ return($ret);
+ }
+
+sub main'BP
+ {
+ return(&main'DWP(@_));
+ }
+
+#sub main'BP
+# {
+# local($addr,$reg1,$reg2,$idx)=@_;
+#
+# $ret="";
+#
+# $addr =~ s/(^|[+ \t])([A-Za-z_]+)($|[+ \t])/$1$under$2$3/;
+# $reg1="$regs{$reg1}" if defined($regs{$reg1});
+# $reg2="$regs{$reg2}" if defined($regs{$reg2});
+# $ret.=$addr if ($addr ne "") && ($addr ne 0);
+# if ($reg2 ne "")
+# { $ret.="($reg1,$reg2,$idx)"; }
+# else
+# { $ret.="($reg1)" }
+# return($ret);
+# }
+
+sub main'mov { &out2("movl",@_); }
+sub main'movb { &out2("movb",@_); }
+sub main'and { &out2("andl",@_); }
+sub main'or { &out2("orl",@_); }
+sub main'shl { &out2("sall",@_); }
+sub main'shr { &out2("shrl",@_); }
+sub main'xor { &out2("xorl",@_); }
+sub main'xorb { &out2("xorb",@_); }
+sub main'add { &out2("addl",@_); }
+sub main'adc { &out2("adcl",@_); }
+sub main'sub { &out2("subl",@_); }
+sub main'rotl { &out2("roll",@_); }
+sub main'rotr { &out2("rorl",@_); }
+sub main'exch { &out2("xchg",@_); }
+sub main'cmp { &out2("cmpl",@_); }
+sub main'lea { &out2("leal",@_); }
+sub main'mul { &out1("mull",@_); }
+sub main'div { &out1("divl",@_); }
+sub main'jmp { &out1("jmp",@_); }
+sub main'jmp_ptr { &out1p("jmp",@_); }
+sub main'je { &out1("je",@_); }
+sub main'jle { &out1("jle",@_); }
+sub main'jne { &out1("jne",@_); }
+sub main'jnz { &out1("jnz",@_); }
+sub main'jz { &out1("jz",@_); }
+sub main'jge { &out1("jge",@_); }
+sub main'jl { &out1("jl",@_); }
+sub main'jb { &out1("jb",@_); }
+sub main'jc { &out1("jc",@_); }
+sub main'jnc { &out1("jnc",@_); }
+sub main'jno { &out1("jno",@_); }
+sub main'dec { &out1("decl",@_); }
+sub main'inc { &out1("incl",@_); }
+sub main'push { &out1("pushl",@_); $stack+=4; }
+sub main'pop { &out1("popl",@_); $stack-=4; }
+sub main'bswap { &out1("bswapl",@_); }
+sub main'not { &out1("notl",@_); }
+sub main'call { &out1("call",$under.$_[0]); }
+sub main'ret { &out0("ret"); }
+sub main'nop { &out0("nop"); }
+
+sub out2
+ {
+ local($name,$p1,$p2)=@_;
+ local($l,$ll,$t);
+ local(%special)=( "roll",0xD1C0,"rorl",0xD1C8,
+ "rcll",0xD1D0,"rcrl",0xD1D8,
+ "shll",0xD1E0,"shrl",0xD1E8,
+ "sarl",0xD1F8);
+
+ if ((defined($special{$name})) && defined($regs{$p1}) && ($p2 == 1))
+ {
+ $op=$special{$name}|$reg_val{$p1};
+ $tmp1=sprintf(".byte %d\n",($op>>8)&0xff);
+ $tmp2=sprintf(".byte %d\t",$op &0xff);
+ push(@out,$tmp1);
+ push(@out,$tmp2);
+
+ $p2=&conv($p2);
+ $p1=&conv($p1);
+ &main'comment("$name $p2 $p1");
+ return;
+ }
+
+ push(@out,"\t$name\t");
+ $t=&conv($p2).",";
+ $l=length($t);
+ push(@out,$t);
+ $ll=4-($l+9)/8;
+ $tmp1=sprintf("\t" x $ll);
+ push(@out,$tmp1);
+ push(@out,&conv($p1)."\n");
+ }
+
+sub out1
+ {
+ local($name,$p1)=@_;
+ local($l,$t);
+ local(%special)=("bswapl",0x0FC8);
+
+ if ((defined($special{$name})) && defined($regs{$p1}))
+ {
+ $op=$special{$name}|$reg_val{$p1};
+ $tmp1=sprintf(".byte %d\n",($op>>8)&0xff);
+ $tmp2=sprintf(".byte %d\t",$op &0xff);
+ push(@out,$tmp1);
+ push(@out,$tmp2);
+
+ $p2=&conv($p2);
+ $p1=&conv($p1);
+ &main'comment("$name $p2 $p1");
+ return;
+ }
+
+ push(@out,"\t$name\t".&conv($p1)."\n");
+ }
+
+sub out1p
+ {
+ local($name,$p1)=@_;
+ local($l,$t);
+
+ push(@out,"\t$name\t*".&conv($p1)."\n");
+ }
+
+sub out0
+ {
+ push(@out,"\t$_[0]\n");
+ }
+
+sub conv
+ {
+ local($p)=@_;
+
+# $p =~ s/0x([0-9A-Fa-f]+)/0$1h/;
+
+ $p=$regs{$p} if (defined($regs{$p}));
+
+ $p =~ s/^(-{0,1}[0-9A-Fa-f]+)$/\$$1/;
+ $p =~ s/^(0x[0-9A-Fa-f]+)$/\$$1/;
+ return $p;
+ }
+
+sub main'file
+ {
+ local($file)=@_;
+
+ local($tmp)=<<"EOF";
+ .file "$file.s"
+ .version "01.01"
+gcc2_compiled.:
+EOF
+ push(@out,$tmp);
+ }
+
+sub main'function_begin
+ {
+ local($func)=@_;
+
+ &main'external_label($func);
+ $func=$under.$func;
+
+ local($tmp)=<<"EOF";
+.text
+ .align $align
+.globl $func
+EOF
+ push(@out,$tmp);
+ if ($main'cpp)
+ { $tmp=push(@out,"\tTYPE($func,\@function)\n"); }
+ else { $tmp=push(@out,"\t.type\t$func,\@function\n"); }
+ push(@out,"$func:\n");
+ $tmp=<<"EOF";
+ pushl %ebp
+ pushl %ebx
+ pushl %esi
+ pushl %edi
+
+EOF
+ push(@out,$tmp);
+ $stack=20;
+ }
+
+sub main'function_begin_B
+ {
+ local($func,$extra)=@_;
+
+ &main'external_label($func);
+ $func=$under.$func;
+
+ local($tmp)=<<"EOF";
+.text
+ .align $align
+.globl $func
+EOF
+ push(@out,$tmp);
+ if ($main'cpp)
+ { push(@out,"\tTYPE($func,\@function)\n"); }
+ else { push(@out,"\t.type $func,\@function\n"); }
+ push(@out,"$func:\n");
+ $stack=4;
+ }
+
+sub main'function_end
+ {
+ local($func)=@_;
+
+ $func=$under.$func;
+
+ local($tmp)=<<"EOF";
+ popl %edi
+ popl %esi
+ popl %ebx
+ popl %ebp
+ ret
+.${func}_end:
+EOF
+ push(@out,$tmp);
+ if ($main'cpp)
+ { push(@out,"\tSIZE($func,.${func}_end-$func)\n"); }
+ else { push(@out,"\t.size\t$func,.${func}_end-$func\n"); }
+ push(@out,".ident \"$func\"\n");
+ $stack=0;
+ %label=();
+ }
+
+sub main'function_end_A
+ {
+ local($func)=@_;
+
+ local($tmp)=<<"EOF";
+ popl %edi
+ popl %esi
+ popl %ebx
+ popl %ebp
+ ret
+EOF
+ push(@out,$tmp);
+ }
+
+sub main'function_end_B
+ {
+ local($func)=@_;
+
+ $func=$under.$func;
+
+ push(@out,".${func}_end:\n");
+ if ($main'cpp)
+ { push(@out,"\tSIZE($func,.${func}_end-$func)\n"); }
+ else { push(@out,"\t.size\t$func,.${func}_end-$func\n"); }
+ push(@out,".ident \"desasm.pl\"\n");
+ $stack=0;
+ %label=();
+ }
+
+sub main'wparam
+ {
+ local($num)=@_;
+
+ return(&main'DWP($stack+$num*4,"esp","",0));
+ }
+
+sub main'stack_push
+ {
+ local($num)=@_;
+ $stack+=$num*4;
+ &main'sub("esp",$num*4);
+ }
+
+sub main'stack_pop
+ {
+ local($num)=@_;
+ $stack-=$num*4;
+ &main'add("esp",$num*4);
+ }
+
+sub main'swtmp
+ {
+ return(&main'DWP($_[0]*4,"esp","",0));
+ }
+
+# Should use swtmp, which is above esp. Linix can trash the stack above esp
+#sub main'wtmp
+# {
+# local($num)=@_;
+#
+# return(&main'DWP(-($num+1)*4,"esp","",0));
+# }
+
+sub main'comment
+ {
+ foreach (@_)
+ {
+ if (/^\s*$/)
+ { push(@out,"\n"); }
+ else
+ { push(@out,"\t$com_start $_ $com_end\n"); }
+ }
+ }
+
+sub main'label
+ {
+ if (!defined($label{$_[0]}))
+ {
+ $label{$_[0]}=".${label}${_[0]}";
+ $label++;
+ }
+ return($label{$_[0]});
+ }
+
+sub main'set_label
+ {
+ if (!defined($label{$_[0]}))
+ {
+ $label{$_[0]}=".${label}${_[0]}";
+ $label++;
+ }
+ push(@out,".align $align\n") if ($_[1] != 0);
+ push(@out,"$label{$_[0]}:\n");
+ }
+
+sub main'file_end
+ {
+ }
+
+sub main'data_word
+ {
+ push(@out,"\t.long $_[0]\n");
+ }
diff --git a/src/lib/libssl/src/crypto/pkcs7/doc b/src/lib/libssl/src/crypto/pkcs7/doc
new file mode 100644
index 0000000000..d2e8b7b2a3
--- /dev/null
+++ b/src/lib/libssl/src/crypto/pkcs7/doc
@@ -0,0 +1,24 @@
+int PKCS7_set_content_type(PKCS7 *p7, int type);
+Call to set the type of PKCS7 object we are working on
+
+int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
+ EVP_MD *dgst);
+Use this to setup a signer info
+There will also be functions to add signed and unsigned attributes.
+
+int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *p7i);
+Add a signer info to the content.
+
+int PKCS7_add_certificae(PKCS7 *p7, X509 *x509);
+int PKCS7_add_crl(PKCS7 *p7, X509_CRL *x509);
+
+----
+
+p7=PKCS7_new();
+PKCS7_set_content_type(p7,NID_pkcs7_signed);
+
+signer=PKCS7_SINGNER_INFO_new();
+PKCS7_SIGNER_INFO_set(signer,x509,pkey,EVP_md5());
+PKCS7_add_signer(py,signer);
+
+we are now setup.
diff --git a/src/lib/libssl/src/crypto/pkcs7/enc.c b/src/lib/libssl/src/crypto/pkcs7/enc.c
new file mode 100644
index 0000000000..625a7c2285
--- /dev/null
+++ b/src/lib/libssl/src/crypto/pkcs7/enc.c
@@ -0,0 +1,144 @@
+/* crypto/pkcs7/enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include "bio.h"
+#include "x509.h"
+#include "pem.h"
+
+main(argc,argv)
+int argc;
+char *argv[];
+ {
+ X509 *x509;
+ EVP_PKEY *pkey;
+ PKCS7 *p7;
+ PKCS7 *p7_data;
+ PKCS7_SIGNER_INFO *si;
+ BIO *in;
+ BIO *data,*p7bio;
+ char buf[1024*4];
+ int i,j;
+ int nodetach=0;
+
+ EVP_add_digest(EVP_sha1());
+ EVP_add_cipher(EVP_des_cbc());
+
+ data=BIO_new(BIO_s_file());
+again:
+ if (argc > 1)
+ {
+ if (strcmp(argv[1],"-nd") == 0)
+ {
+ nodetach=1;
+ argv++; argc--;
+ goto again;
+ }
+ if (!BIO_read_filename(data,argv[1]))
+ goto err;
+ }
+ else
+ BIO_set_fp(data,stdin,BIO_NOCLOSE);
+
+ if ((in=BIO_new_file("server.pem","r")) == NULL) goto err;
+ if ((x509=PEM_read_bio_X509(in,NULL,NULL)) == NULL) goto err;
+ BIO_reset(in);
+ if ((pkey=PEM_read_bio_PrivateKey(in,NULL,NULL)) == NULL) goto err;
+ BIO_free(in);
+
+ p7=PKCS7_new();
+ PKCS7_set_type(p7,NID_pkcs7_signedAndEnveloped);
+
+ if (PKCS7_add_signature(p7,x509,pkey,EVP_sha1()) == NULL) goto err;
+
+ if (!PKCS7_set_cipher(p7,EVP_des_cbc())) goto err;
+ if (PKCS7_add_recipient(p7,x509) == NULL) goto err;
+
+ /* we may want to add more */
+ PKCS7_add_certificate(p7,x509);
+
+
+ /* Set the content of the signed to 'data' */
+ /* PKCS7_content_new(p7,NID_pkcs7_data); not used in envelope */
+
+ /* could be used, but not in this version :-)
+ if (!nodetach) PKCS7_set_detached(p7,1);
+ */
+
+ if ((p7bio=PKCS7_dataInit(p7,NULL)) == NULL) goto err;
+
+ for (;;)
+ {
+ i=BIO_read(data,buf,sizeof(buf));
+ if (i <= 0) break;
+ BIO_write(p7bio,buf,i);
+ }
+ BIO_flush(p7bio);
+
+ if (!PKCS7_dataSign(p7,p7bio)) goto err;
+ BIO_free(p7bio);
+
+ PEM_write_PKCS7(stdout,p7);
+ PKCS7_free(p7);
+
+ exit(0);
+err:
+ ERR_load_crypto_strings();
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
diff --git a/src/lib/libssl/src/crypto/pkcs7/p7/a1 b/src/lib/libssl/src/crypto/pkcs7/p7/a1
new file mode 100644
index 0000000000..56ca943762
--- /dev/null
+++ b/src/lib/libssl/src/crypto/pkcs7/p7/a1
@@ -0,0 +1,2 @@
+j,�H>�_����_�D�z���E�L� VJ��觬�����E3��Y��x%�_�k
+3�)DLSc�8�%��M
\ No newline at end of file
diff --git a/src/lib/libssl/src/crypto/pkcs7/p7/a2 b/src/lib/libssl/src/crypto/pkcs7/p7/a2
new file mode 100644
index 0000000000..23d8fb5e93
--- /dev/null
+++ b/src/lib/libssl/src/crypto/pkcs7/p7/a2
@@ -0,0 +1 @@
+k~@a�,N�M���� �<O( KP�騠�K�>���U�o_����Bqrm�?٠t?t��ρ�Id�2��
\ No newline at end of file
diff --git a/src/lib/libssl/src/crypto/pkcs7/p7/cert.p7c b/src/lib/libssl/src/crypto/pkcs7/p7/cert.p7c
new file mode 100644
index 0000000000..2b75ec05f7
Binary files /dev/null and b/src/lib/libssl/src/crypto/pkcs7/p7/cert.p7c differ
diff --git a/src/lib/libssl/src/crypto/pkcs7/p7/smime.p7m b/src/lib/libssl/src/crypto/pkcs7/p7/smime.p7m
new file mode 100644
index 0000000000..2b6e6f82ba
Binary files /dev/null and b/src/lib/libssl/src/crypto/pkcs7/p7/smime.p7m differ
diff --git a/src/lib/libssl/src/crypto/pkcs7/p7/smime.p7s b/src/lib/libssl/src/crypto/pkcs7/p7/smime.p7s
new file mode 100644
index 0000000000..2b5d4fb0e3
Binary files /dev/null and b/src/lib/libssl/src/crypto/pkcs7/p7/smime.p7s differ
diff --git a/src/lib/libssl/src/crypto/pkcs7/pk7_dgst.c b/src/lib/libssl/src/crypto/pkcs7/pk7_dgst.c
new file mode 100644
index 0000000000..7769abeb1e
--- /dev/null
+++ b/src/lib/libssl/src/crypto/pkcs7/pk7_dgst.c
@@ -0,0 +1,66 @@
+/* crypto/pkcs7/pk7_dgst.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "rand.h"
+#include "objects.h"
+#include "x509.h"
+#include "pkcs7.h"
+
diff --git a/src/lib/libssl/src/crypto/pkcs7/pk7_doit.c b/src/lib/libssl/src/crypto/pkcs7/pk7_doit.c
new file mode 100644
index 0000000000..b5689b3fe4
--- /dev/null
+++ b/src/lib/libssl/src/crypto/pkcs7/pk7_doit.c
@@ -0,0 +1,408 @@
+/* crypto/pkcs7/pk7_doit.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "rand.h"
+#include "objects.h"
+#include "x509.h"
+
+BIO *PKCS7_dataInit(p7,bio)
+PKCS7 *p7;
+BIO *bio;
+ {
+ int i,j;
+ BIO *out=NULL,*btmp;
+ X509_ALGOR *xa;
+ EVP_MD *evp_md;
+ EVP_CIPHER *evp_cipher=NULL;
+ STACK *md_sk=NULL,*rsk=NULL;
+ X509_ALGOR *xalg=NULL;
+ PKCS7_RECIP_INFO *ri=NULL;
+ EVP_PKEY *pkey;
+
+ i=OBJ_obj2nid(p7->type);
+ p7->state=PKCS7_S_HEADER;
+
+ switch (i)
+ {
+ case NID_pkcs7_signed:
+ md_sk=p7->d.sign->md_algs;
+ break;
+ case NID_pkcs7_signedAndEnveloped:
+ rsk=p7->d.signed_and_enveloped->recipientinfo;
+ md_sk=p7->d.signed_and_enveloped->md_algs;
+ evp_cipher=EVP_get_cipherbyname(OBJ_nid2sn(OBJ_obj2nid(p7->d.signed_and_enveloped->enc_data->algorithm->algorithm)));
+ if (evp_cipher == NULL)
+ {
+ PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_UNSUPPORTED_CIPHER_TYPE);
+ goto err;
+ }
+ xalg=p7->d.signed_and_enveloped->enc_data->algorithm;
+ break;
+ default:
+ PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
+ goto err;
+ }
+
+ if (md_sk != NULL)
+ {
+ for (i=0; i<sk_num(md_sk); i++)
+ {
+ xa=(X509_ALGOR *)sk_value(md_sk,i);
+ if ((btmp=BIO_new(BIO_f_md())) == NULL) goto err;
+
+ j=OBJ_obj2nid(xa->algorithm);
+ evp_md=EVP_get_digestbyname(OBJ_nid2sn(j));
+ if (evp_md == NULL)
+ {
+ PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_UNKNOWN_DIGEST_TYPE);
+ goto err;
+ }
+
+ BIO_set_md(btmp,evp_md);
+ if (out == NULL)
+ out=btmp;
+ else
+ BIO_push(out,btmp);
+ }
+ }
+
+ if (evp_cipher != NULL)
+ {
+ unsigned char key[EVP_MAX_KEY_LENGTH];
+ unsigned char iv[EVP_MAX_IV_LENGTH];
+ int keylen,ivlen;
+ int jj,max;
+ unsigned char *tmp;
+
+ if ((btmp=BIO_new(BIO_f_cipher())) == NULL) goto err;
+ keylen=EVP_CIPHER_key_length(evp_cipher);
+ ivlen=EVP_CIPHER_iv_length(evp_cipher);
+
+ if (ivlen > 0)
+ {
+ ASN1_OCTET_STRING *os;
+
+ RAND_bytes(iv,ivlen);
+ os=ASN1_OCTET_STRING_new();
+ ASN1_OCTET_STRING_set(os,iv,ivlen);
+ /* ASN1_TYPE_set(xalg->parameter,V_ASN1_OCTET_STRING,
+ (char *)os);
+ */ }
+ RAND_bytes(key,keylen);
+
+ /* Lets do the pub key stuff :-) */
+ max=0;
+ for (i=0; i<sk_num(rsk); i++)
+ {
+ ri=(PKCS7_RECIP_INFO *)sk_value(rsk,i);
+ if (ri->cert == NULL) abort();
+ pkey=X509_get_pubkey(ri->cert);
+ jj=EVP_PKEY_size(pkey);
+ if (max < jj) max=jj;
+ }
+ if ((tmp=(unsigned char *)Malloc(max)) == NULL) abort();
+ for (i=0; i<sk_num(rsk); i++)
+ {
+ ri=(PKCS7_RECIP_INFO *)sk_value(rsk,i);
+ pkey=X509_get_pubkey(ri->cert);
+ jj=EVP_PKEY_encrypt(tmp,key,keylen,pkey);
+ if (jj <= 0) abort();
+ ASN1_OCTET_STRING_set(ri->enc_key,tmp,jj);
+ }
+
+ BIO_set_cipher(btmp,evp_cipher,key,iv,1);
+
+ if (out == NULL)
+ out=btmp;
+ else
+ BIO_push(out,btmp);
+ }
+
+ if (bio == NULL) /* ??????????? */
+ {
+ if (p7->detached)
+ bio=BIO_new(BIO_s_null());
+ else
+ {
+ bio=BIO_new(BIO_s_mem());
+ if (PKCS7_type_is_signed(p7) &&
+ PKCS7_type_is_data(p7->d.sign->contents))
+ {
+ ASN1_OCTET_STRING *os;
+
+ os=p7->d.sign->contents->d.data;
+ if (os->length > 0)
+ BIO_write(bio,(char *)os->data,
+ os->length);
+ }
+ }
+ }
+ BIO_push(out,bio);
+ return(out);
+err:
+ return(NULL);
+ }
+
+int PKCS7_dataSign(p7,bio)
+PKCS7 *p7;
+BIO *bio;
+ {
+ int ret=0;
+ int i,j;
+ BIO *btmp;
+ BUF_MEM *buf_mem=NULL;
+ BUF_MEM *buf=NULL;
+ PKCS7_SIGNER_INFO *si;
+ EVP_MD_CTX *mdc,ctx_tmp;
+ STACK *sk,*si_sk=NULL;
+ unsigned char *p,*pp=NULL;
+ int x;
+ ASN1_OCTET_STRING *os=NULL;
+
+ i=OBJ_obj2nid(p7->type);
+ p7->state=PKCS7_S_HEADER;
+
+ switch (i)
+ {
+ case NID_pkcs7_signedAndEnveloped:
+ /* XXXXXXXXXXXXXXXX */
+ si_sk=p7->d.signed_and_enveloped->signer_info;
+ os=ASN1_OCTET_STRING_new();
+ p7->d.signed_and_enveloped->enc_data->enc_data=os;
+ break;
+ case NID_pkcs7_signed:
+ si_sk=p7->d.sign->signer_info;
+ os=p7->d.sign->contents->d.data;
+ break;
+ }
+
+ if (si_sk != NULL)
+ {
+ if ((buf=BUF_MEM_new()) == NULL) goto err;
+ for (i=0; i<sk_num(si_sk); i++)
+ {
+ si=(PKCS7_SIGNER_INFO *)
+ sk_value(si_sk,i);
+ if (si->pkey == NULL)
+ continue;
+ j=OBJ_obj2nid(si->digest_enc_alg->algorithm);
+
+ btmp=bio;
+ for (;;)
+ {
+ if ((btmp=BIO_find_type(btmp,BIO_TYPE_MD))
+ == NULL)
+ {
+ PKCS7err(PKCS7_F_PKCS7_DATASIGN,PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST);
+ goto err;
+ }
+ BIO_get_md_ctx(btmp,&mdc);
+ if (mdc == NULL)
+ {
+ PKCS7err(PKCS7_F_PKCS7_DATASIGN,PKCS7_R_INTERNAL_ERROR);
+ goto err;
+ }
+ if (EVP_MD_pkey_type(EVP_MD_CTX_type(mdc)) == j)
+ break;
+ else
+ btmp=btmp->next_bio;
+ }
+
+ /* We now have the EVP_MD_CTX, lets do the
+ * signing. */
+ memcpy(&ctx_tmp,mdc,sizeof(ctx_tmp));
+ if (!BUF_MEM_grow(buf,EVP_PKEY_size(si->pkey)))
+ goto err;
+
+ sk=si->auth_attr;
+ if ((sk != NULL) && (sk_num(sk) != 0))
+ {
+ x=i2d_ASN1_SET(sk,NULL,i2d_X509_ATTRIBUTE,
+ V_ASN1_SET,V_ASN1_UNIVERSAL);
+ pp=(unsigned char *)Malloc(i);
+ p=pp;
+ i2d_ASN1_SET(sk,&p,i2d_X509_ATTRIBUTE,
+ V_ASN1_SET,V_ASN1_UNIVERSAL);
+ EVP_SignUpdate(&ctx_tmp,pp,x);
+ Free(pp);
+ }
+
+ if (!EVP_SignFinal(&ctx_tmp,(unsigned char *)buf->data,
+ (unsigned int *)&buf->length,si->pkey))
+ goto err;
+ if (!ASN1_STRING_set(si->enc_digest,
+ (unsigned char *)buf->data,buf->length))
+ goto err;
+ }
+ if (p7->detached)
+ ASN1_OCTET_STRING_set(os,(unsigned char *)"",0);
+ else
+ {
+ btmp=BIO_find_type(bio,BIO_TYPE_MEM);
+ if (btmp == NULL)
+ {
+ PKCS7err(PKCS7_F_PKCS7_DATASIGN,PKCS7_R_UNABLE_TO_FIND_MEM_BIO);
+ goto err;
+ }
+ BIO_get_mem_ptr(btmp,&buf_mem);
+ ASN1_OCTET_STRING_set(os,
+ (unsigned char *)buf_mem->data,buf_mem->length);
+ }
+ if (pp != NULL) Free(pp);
+ pp=NULL;
+ }
+
+ ret=1;
+err:
+ if (buf != NULL) BUF_MEM_free(buf);
+ return(ret);
+ }
+
+int PKCS7_dataVerify(cert_store,ctx,bio,p7,si)
+X509_STORE *cert_store;
+X509_STORE_CTX *ctx;
+BIO *bio;
+PKCS7 *p7;
+PKCS7_SIGNER_INFO *si;
+ {
+ PKCS7_SIGNED *s;
+ ASN1_OCTET_STRING *os;
+ EVP_MD_CTX mdc_tmp,*mdc;
+ unsigned char *pp,*p;
+ PKCS7_ISSUER_AND_SERIAL *ias;
+ int ret=0,md_type,i;
+ STACK *sk;
+ BIO *btmp;
+ X509 *x509;
+
+ if (!PKCS7_type_is_signed(p7)) abort();
+ /* XXXXXXXXXXXXXXXXXXXXXXX */
+ ias=si->issuer_and_serial;
+ s=p7->d.sign;
+
+ x509=X509_find_by_issuer_and_serial(s->cert,ias->issuer,ias->serial);
+
+ /* were we able to find the cert in passed to us */
+ if (x509 == NULL)
+ {
+ PKCS7err(PKCS7_F_PKCS7_DATAVERIFY,PKCS7_R_UNABLE_TO_FIND_CERTIFICATE);
+ goto err;
+ }
+
+ /* Lets verify */
+ X509_STORE_CTX_init(ctx,cert_store,x509,s->cert);
+ i=X509_verify_cert(ctx);
+ if (i <= 0) goto err;
+ X509_STORE_CTX_cleanup(ctx);
+
+ /* So we like 'x509', lets check the signature. */
+ md_type=OBJ_obj2nid(si->digest_alg->algorithm);
+
+ btmp=bio;
+ for (;;)
+ {
+ if ((btmp == NULL) ||
+ ((btmp=BIO_find_type(btmp,BIO_TYPE_MD)) == NULL))
+ {
+ PKCS7err(PKCS7_F_PKCS7_DATAVERIFY,PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST);
+ goto err;
+ }
+ BIO_get_md_ctx(btmp,&mdc);
+ if (mdc == NULL)
+ {
+ PKCS7err(PKCS7_F_PKCS7_DATAVERIFY,PKCS7_R_INTERNAL_ERROR);
+ goto err;
+ }
+ if (EVP_MD_type(EVP_MD_CTX_type(mdc)) == md_type)
+ break;
+ btmp=btmp->next_bio;
+ }
+
+ /* mdc is the digest ctx that we want */
+ memcpy(&mdc_tmp,mdc,sizeof(mdc_tmp));
+
+ sk=si->auth_attr;
+ if ((sk != NULL) && (sk_num(sk) != 0))
+ {
+ i=i2d_ASN1_SET(sk,NULL,i2d_X509_ATTRIBUTE,
+ V_ASN1_SET,V_ASN1_UNIVERSAL);
+ pp=(unsigned char *)malloc(i);
+ p=pp;
+ i2d_ASN1_SET(sk,&p,i2d_X509_ATTRIBUTE,
+ V_ASN1_SET,V_ASN1_UNIVERSAL);
+ EVP_VerifyUpdate(&mdc_tmp,pp,i);
+ free(pp);
+ }
+
+ os=si->enc_digest;
+ i=EVP_VerifyFinal(&mdc_tmp,os->data,os->length,
+ X509_get_pubkey(x509));
+ if (i <= 0)
+ {
+ PKCS7err(PKCS7_F_PKCS7_DATAVERIFY,PKCS7_R_SIGNATURE_FAILURE);
+ ret= -1;
+ goto err;
+ }
+ else
+ ret=1;
+err:
+ return(ret);
+ }
+
diff --git a/src/lib/libssl/src/crypto/pkcs7/pk7_enc.c b/src/lib/libssl/src/crypto/pkcs7/pk7_enc.c
new file mode 100644
index 0000000000..a5b6dc463f
--- /dev/null
+++ b/src/lib/libssl/src/crypto/pkcs7/pk7_enc.c
@@ -0,0 +1,76 @@
+/* crypto/pkcs7/pk7_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "rand.h"
+#include "objects.h"
+#include "x509.h"
+#include "pkcs7.h"
+
+PKCS7_in_bio(PKCS7 *p7,BIO *in);
+PKCS7_out_bio(PKCS7 *p7,BIO *out);
+
+PKCS7_add_signer(PKCS7 *p7,X509 *cert,EVP_PKEY *key);
+PKCS7_cipher(PKCS7 *p7,EVP_CIPHER *cipher);
+
+PKCS7_Init(PKCS7 *p7);
+PKCS7_Update(PKCS7 *p7);
+PKCS7_Finish(PKCS7 *p7);
+
diff --git a/src/lib/libssl/src/crypto/pkcs7/pk7_lib.c b/src/lib/libssl/src/crypto/pkcs7/pk7_lib.c
new file mode 100644
index 0000000000..7d14ad1173
--- /dev/null
+++ b/src/lib/libssl/src/crypto/pkcs7/pk7_lib.c
@@ -0,0 +1,449 @@
+/* crypto/pkcs7/pk7_lib.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "objects.h"
+#include "x509.h"
+
+long PKCS7_ctrl(p7,cmd,larg,parg)
+PKCS7 *p7;
+int cmd;
+long larg;
+char *parg;
+ {
+ int nid;
+ long ret;
+
+ nid=OBJ_obj2nid(p7->type);
+
+ switch (cmd)
+ {
+ case PKCS7_OP_SET_DETACHED_SIGNATURE:
+ if (nid == NID_pkcs7_signed)
+ {
+ ret=p7->detached=(int)larg;
+ }
+ else
+ {
+ PKCS7err(PKCS7_F_PKCS7_CTRL,PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE);
+ ret=0;
+ }
+ break;
+ case PKCS7_OP_GET_DETACHED_SIGNATURE:
+ if (nid == NID_pkcs7_signed)
+ {
+ ret=p7->detached;
+ }
+ else
+ {
+ PKCS7err(PKCS7_F_PKCS7_CTRL,PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE);
+ ret=0;
+ }
+
+ break;
+ default:
+ abort();
+ }
+ return(ret);
+ }
+
+int PKCS7_content_new(p7,type)
+PKCS7 *p7;
+int type;
+ {
+ PKCS7 *ret=NULL;
+
+ if ((ret=PKCS7_new()) == NULL) goto err;
+ if (!PKCS7_set_type(ret,type)) goto err;
+ if (!PKCS7_set_content(p7,ret)) goto err;
+
+ return(1);
+err:
+ if (ret != NULL) PKCS7_free(ret);
+ return(0);
+ }
+
+int PKCS7_set_content(p7,p7_data)
+PKCS7 *p7;
+PKCS7 *p7_data;
+ {
+ int i;
+
+ i=OBJ_obj2nid(p7->type);
+ switch (i)
+ {
+ case NID_pkcs7_signed:
+ if (p7->d.sign->contents != NULL)
+ PKCS7_content_free(p7->d.sign->contents);
+ p7->d.sign->contents=p7_data;
+ break;
+ case NID_pkcs7_digest:
+ case NID_pkcs7_data:
+ case NID_pkcs7_enveloped:
+ case NID_pkcs7_signedAndEnveloped:
+ case NID_pkcs7_encrypted:
+ default:
+ PKCS7err(PKCS7_F_PKCS7_SET_CONTENT,PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
+ goto err;
+ }
+ return(1);
+err:
+ return(0);
+ }
+
+int PKCS7_set_type(p7,type)
+PKCS7 *p7;
+int type;
+ {
+ ASN1_OBJECT *obj;
+
+ PKCS7_content_free(p7);
+ obj=OBJ_nid2obj(type); /* will not fail */
+
+ switch (type)
+ {
+ case NID_pkcs7_signed:
+ p7->type=obj;
+ if ((p7->d.sign=PKCS7_SIGNED_new()) == NULL)
+ goto err;
+ ASN1_INTEGER_set(p7->d.sign->version,1);
+ break;
+ case NID_pkcs7_data:
+ p7->type=obj;
+ if ((p7->d.data=ASN1_OCTET_STRING_new()) == NULL)
+ goto err;
+ break;
+ case NID_pkcs7_signedAndEnveloped:
+ p7->type=obj;
+ if ((p7->d.signed_and_enveloped=PKCS7_SIGN_ENVELOPE_new())
+ == NULL)
+ goto err;
+ ASN1_INTEGER_set(p7->d.sign->version,1);
+ break;
+ case NID_pkcs7_digest:
+ case NID_pkcs7_enveloped:
+ case NID_pkcs7_encrypted:
+ default:
+ PKCS7err(PKCS7_F_PKCS7_SET_TYPE,PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
+ goto err;
+ }
+ return(1);
+err:
+ return(0);
+ }
+
+int PKCS7_add_signer(p7,psi)
+PKCS7 *p7;
+PKCS7_SIGNER_INFO *psi;
+ {
+ int i,j,nid;
+ X509_ALGOR *alg;
+ STACK *signer_sk;
+ STACK *md_sk;
+
+ i=OBJ_obj2nid(p7->type);
+ switch (i)
+ {
+ case NID_pkcs7_signed:
+ signer_sk= p7->d.sign->signer_info;
+ md_sk= p7->d.sign->md_algs;
+ break;
+ case NID_pkcs7_signedAndEnveloped:
+ signer_sk= p7->d.signed_and_enveloped->signer_info;
+ md_sk= p7->d.signed_and_enveloped->md_algs;
+ break;
+ default:
+ PKCS7err(PKCS7_F_PKCS7_ADD_SIGNER,PKCS7_R_WRONG_CONTENT_TYPE);
+ return(0);
+ }
+
+ nid=OBJ_obj2nid(psi->digest_alg->algorithm);
+
+ /* If the digest is not currently listed, add it */
+ j=0;
+ for (i=0; i<sk_num(md_sk); i++)
+ {
+ alg=(X509_ALGOR *)sk_value(md_sk,i);
+ if (OBJ_obj2nid(alg->algorithm) == nid)
+ {
+ j=1;
+ break;
+ }
+ }
+ if (!j) /* we need to add another algorithm */
+ {
+ alg=X509_ALGOR_new();
+ alg->algorithm=OBJ_nid2obj(nid);
+ sk_push(md_sk,(char *)alg);
+ }
+
+ sk_push(signer_sk,(char *)psi);
+ return(1);
+ }
+
+int PKCS7_add_certificate(p7,x509)
+PKCS7 *p7;
+X509 *x509;
+ {
+ int i;
+ STACK **sk;
+
+ i=OBJ_obj2nid(p7->type);
+ switch (i)
+ {
+ case NID_pkcs7_signed:
+ sk= &(p7->d.sign->cert);
+ break;
+ case NID_pkcs7_signedAndEnveloped:
+ sk= &(p7->d.signed_and_enveloped->cert);
+ break;
+ default:
+ PKCS7err(PKCS7_F_PKCS7_ADD_CERTIFICATE,PKCS7_R_WRONG_CONTENT_TYPE);
+ return(0);
+ }
+
+ if (*sk == NULL)
+ *sk=sk_new_null();
+ CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509);
+ sk_push(*sk,(char *)x509);
+ return(1);
+ }
+
+int PKCS7_add_crl(p7,crl)
+PKCS7 *p7;
+X509_CRL *crl;
+ {
+ int i;
+ STACK **sk;
+
+ i=OBJ_obj2nid(p7->type);
+ switch (i)
+ {
+ case NID_pkcs7_signed:
+ sk= &(p7->d.sign->crl);
+ break;
+ case NID_pkcs7_signedAndEnveloped:
+ sk= &(p7->d.signed_and_enveloped->crl);
+ break;
+ default:
+ PKCS7err(PKCS7_F_PKCS7_ADD_CRL,PKCS7_R_WRONG_CONTENT_TYPE);
+ return(0);
+ }
+
+ if (*sk == NULL)
+ *sk=sk_new_null();
+
+ CRYPTO_add(&crl->references,1,CRYPTO_LOCK_X509_CRL);
+ sk_push(*sk,(char *)crl);
+ return(1);
+ }
+
+int PKCS7_SIGNER_INFO_set(p7i,x509,pkey,dgst)
+PKCS7_SIGNER_INFO *p7i;
+X509 *x509;
+EVP_PKEY *pkey;
+EVP_MD *dgst;
+ {
+ /* We now need to add another PKCS7_SIGNER_INFO entry */
+ ASN1_INTEGER_set(p7i->version,1);
+ X509_NAME_set(&p7i->issuer_and_serial->issuer,
+ X509_get_issuer_name(x509));
+
+ /* because ASN1_INTEGER_set is used to set a 'long' we will do
+ * things the ugly way. */
+ ASN1_INTEGER_free(p7i->issuer_and_serial->serial);
+ p7i->issuer_and_serial->serial=
+ ASN1_INTEGER_dup(X509_get_serialNumber(x509));
+
+ /* lets keep the pkey around for a while */
+ CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY);
+ p7i->pkey=pkey;
+
+ /* Set the algorithms */
+ p7i->digest_alg->algorithm=OBJ_nid2obj(EVP_MD_type(dgst));
+ p7i->digest_enc_alg->algorithm=OBJ_nid2obj(EVP_MD_pkey_type(dgst));
+
+#if 1
+ if (p7i->digest_enc_alg->parameter != NULL)
+ ASN1_TYPE_free(p7i->digest_enc_alg->parameter);
+ if ((p7i->digest_enc_alg->parameter=ASN1_TYPE_new()) == NULL)
+ goto err;
+ p7i->digest_enc_alg->parameter->type=V_ASN1_NULL;
+#endif
+
+ return(1);
+err:
+ return(0);
+ }
+
+PKCS7_SIGNER_INFO *PKCS7_add_signature(p7,x509,pkey,dgst)
+PKCS7 *p7;
+X509 *x509;
+EVP_PKEY *pkey;
+EVP_MD *dgst;
+ {
+ PKCS7_SIGNER_INFO *si;
+
+ if ((si=PKCS7_SIGNER_INFO_new()) == NULL) goto err;
+ if (!PKCS7_SIGNER_INFO_set(si,x509,pkey,dgst)) goto err;
+ if (!PKCS7_add_signer(p7,si)) goto err;
+ return(si);
+err:
+ return(NULL);
+ }
+
+STACK *PKCS7_get_signer_info(p7)
+PKCS7 *p7;
+ {
+ if (PKCS7_type_is_signed(p7))
+ {
+ return(p7->d.sign->signer_info);
+ }
+ else
+ return(NULL);
+ }
+
+PKCS7_RECIP_INFO *PKCS7_add_recipient(p7,x509)
+PKCS7 *p7;
+X509 *x509;
+ {
+ PKCS7_RECIP_INFO *ri;
+
+ if ((ri=PKCS7_RECIP_INFO_new()) == NULL) goto err;
+ if (!PKCS7_RECIP_INFO_set(ri,x509)) goto err;
+ if (!PKCS7_add_recipient_info(p7,ri)) goto err;
+ return(ri);
+err:
+ return(NULL);
+ }
+
+int PKCS7_add_recipient_info(p7,ri)
+PKCS7 *p7;
+PKCS7_RECIP_INFO *ri;
+ {
+ int i;
+ STACK *sk;
+
+ i=OBJ_obj2nid(p7->type);
+ switch (i)
+ {
+ case NID_pkcs7_signedAndEnveloped:
+ sk= p7->d.signed_and_enveloped->recipientinfo;
+ break;
+ default:
+ PKCS7err(PKCS7_F_PKCS7_ADD_RECIPIENT_INFO,PKCS7_R_WRONG_CONTENT_TYPE);
+ return(0);
+ }
+
+ sk_push(sk,(char *)ri);
+ return(1);
+ }
+
+int PKCS7_RECIP_INFO_set(p7i,x509)
+PKCS7_RECIP_INFO *p7i;
+X509 *x509;
+ {
+ ASN1_INTEGER_set(p7i->version,0);
+ X509_NAME_set(&p7i->issuer_and_serial->issuer,
+ X509_get_issuer_name(x509));
+
+ ASN1_INTEGER_free(p7i->issuer_and_serial->serial);
+ p7i->issuer_and_serial->serial=
+ ASN1_INTEGER_dup(X509_get_serialNumber(x509));
+
+ CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509);
+ p7i->cert=x509;
+
+ return(1);
+ }
+
+X509 *PKCS7_cert_from_signer_info(p7,si)
+PKCS7 *p7;
+PKCS7_SIGNER_INFO *si;
+ {
+ if (PKCS7_type_is_signed(p7))
+ return(X509_find_by_issuer_and_serial(p7->d.sign->cert,
+ si->issuer_and_serial->issuer,
+ si->issuer_and_serial->serial));
+ else
+ return(NULL);
+ }
+
+int PKCS7_set_cipher(p7,cipher)
+PKCS7 *p7;
+EVP_CIPHER *cipher;
+ {
+ int i;
+ PKCS7_ENC_CONTENT *ec;
+
+ i=OBJ_obj2nid(p7->type);
+ switch (i)
+ {
+ case NID_pkcs7_signedAndEnveloped:
+ ec=p7->d.signed_and_enveloped->enc_data;
+ break;
+ default:
+ PKCS7err(PKCS7_F_PKCS7_SET_CIPHER,PKCS7_R_WRONG_CONTENT_TYPE);
+ return(0);
+ }
+
+ ec->algorithm->algorithm=OBJ_nid2obj(EVP_CIPHER_nid(cipher));
+ return(ec->algorithm->algorithm != NULL);
+ }
+
diff --git a/src/lib/libssl/src/crypto/pkcs7/pkcs7.h b/src/lib/libssl/src/crypto/pkcs7/pkcs7.h
new file mode 100644
index 0000000000..ee12f670a8
--- /dev/null
+++ b/src/lib/libssl/src/crypto/pkcs7/pkcs7.h
@@ -0,0 +1,449 @@
+/* crypto/pkcs7/pkcs7.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_PKCS7_H
+#define HEADER_PKCS7_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include "bio.h"
+#include "x509.h"
+
+/*
+Encryption_ID DES-CBC
+Digest_ID MD5
+Digest_Encryption_ID rsaEncryption
+Key_Encryption_ID rsaEncryption
+*/
+
+typedef struct pkcs7_issuer_and_serial_st
+ {
+ X509_NAME *issuer;
+ ASN1_INTEGER *serial;
+ } PKCS7_ISSUER_AND_SERIAL;
+
+typedef struct pkcs7_signer_info_st
+ {
+ ASN1_INTEGER *version; /* version 1 */
+ PKCS7_ISSUER_AND_SERIAL *issuer_and_serial;
+ X509_ALGOR *digest_alg;
+ STACK /* X509_ATTRIBUTE */ *auth_attr; /* [ 0 ] */
+ X509_ALGOR *digest_enc_alg;
+ ASN1_OCTET_STRING *enc_digest;
+ STACK /* X509_ATTRIBUTE */ *unauth_attr; /* [ 1 ] */
+
+ /* The private key to sign with */
+ EVP_PKEY *pkey;
+ } PKCS7_SIGNER_INFO;
+
+typedef struct pkcs7_recip_info_st
+ {
+ ASN1_INTEGER *version; /* version 0 */
+ PKCS7_ISSUER_AND_SERIAL *issuer_and_serial;
+ X509_ALGOR *key_enc_algor;
+ ASN1_OCTET_STRING *enc_key;
+ X509 *cert; /* get the pub-key from this */
+ } PKCS7_RECIP_INFO;
+
+typedef struct pkcs7_signed_st
+ {
+ ASN1_INTEGER *version; /* version 1 */
+ STACK /* X509_ALGOR's */ *md_algs; /* md used */
+ STACK /* X509 */ *cert; /* [ 0 ] */
+ STACK /* X509_CRL */ *crl; /* [ 1 ] */
+ STACK /* PKCS7_SIGNER_INFO */ *signer_info;
+
+ struct pkcs7_st *contents;
+ } PKCS7_SIGNED;
+/* The above structure is very very similar to PKCS7_SIGN_ENVELOPE.
+ * How about merging the two */
+
+typedef struct pkcs7_enc_content_st
+ {
+ ASN1_OBJECT *content_type;
+ X509_ALGOR *algorithm;
+ ASN1_OCTET_STRING *enc_data; /* [ 0 ] */
+ } PKCS7_ENC_CONTENT;
+
+typedef struct pkcs7_enveloped_st
+ {
+ ASN1_INTEGER *version; /* version 0 */
+ STACK /* PKCS7_RECIP_INFO */ *recipientinfo;
+ PKCS7_ENC_CONTENT *enc_data;
+ } PKCS7_ENVELOPE;
+
+typedef struct pkcs7_signedandenveloped_st
+ {
+ ASN1_INTEGER *version; /* version 1 */
+ STACK /* X509_ALGOR's */ *md_algs; /* md used */
+ STACK /* X509 */ *cert; /* [ 0 ] */
+ STACK /* X509_CRL */ *crl; /* [ 1 ] */
+ STACK /* PKCS7_SIGNER_INFO */ *signer_info;
+
+ PKCS7_ENC_CONTENT *enc_data;
+ STACK /* PKCS7_RECIP_INFO */ *recipientinfo;
+ } PKCS7_SIGN_ENVELOPE;
+
+typedef struct pkcs7_digest_st
+ {
+ ASN1_INTEGER *version; /* version 0 */
+ X509_ALGOR *md; /* md used */
+ struct pkcs7_st *contents;
+ ASN1_OCTET_STRING *digest;
+ } PKCS7_DIGEST;
+
+typedef struct pkcs7_encrypted_st
+ {
+ ASN1_INTEGER *version; /* version 0 */
+ PKCS7_ENC_CONTENT *enc_data;
+ } PKCS7_ENCRYPT;
+
+typedef struct pkcs7_st
+ {
+ /* The following is non NULL if it contains ASN1 encoding of
+ * this structure */
+ unsigned char *asn1;
+ long length;
+
+#define PKCS7_S_HEADER 0
+#define PKCS7_S_BODY 1
+#define PKCS7_S_TAIL 2
+ int state; /* used during processing */
+
+ int detached;
+
+ ASN1_OBJECT *type;
+ /* content as defined by the type */
+ /* all encryption/message digests are applied to the 'contents',
+ * leaving out the 'type' field. */
+ union {
+ char *ptr;
+
+ /* NID_pkcs7_data */
+ ASN1_OCTET_STRING *data;
+
+ /* NID_pkcs7_signed */
+ PKCS7_SIGNED *sign;
+
+ /* NID_pkcs7_enveloped */
+ PKCS7_ENVELOPE *enveloped;
+
+ /* NID_pkcs7_signedAndEnveloped */
+ PKCS7_SIGN_ENVELOPE *signed_and_enveloped;
+
+ /* NID_pkcs7_digest */
+ PKCS7_DIGEST *digest;
+
+ /* NID_pkcs7_encrypted */
+ PKCS7_ENCRYPT *encrypted;
+ } d;
+ } PKCS7;
+
+#define PKCS7_OP_SET_DETACHED_SIGNATURE 1
+#define PKCS7_OP_GET_DETACHED_SIGNATURE 2
+
+#define PKCS7_type_is_signed(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_signed)
+#define PKCS7_type_is_data(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_data)
+
+#define PKCS7_set_detached(p,v) \
+ PKCS7_ctrl(p,PKCS7_OP_SET_DETACHED_SIGNATURE,v,NULL)
+#define PKCS7_get_detached(p) \
+ PKCS7_ctrl(p,PKCS7_OP_GET_DETACHED_SIGNATURE,0,NULL)
+
+#ifdef SSLEAY_MACROS
+
+#define PKCS7_ISSUER_AND_SERIAL_digest(data,type,md,len) \
+ ASN1_digest((int (*)())i2d_PKCS7_ISSUER_AND_SERIAL,type,\
+ (char *)data,md,len)
+#endif
+
+
+#ifndef NOPROTO
+PKCS7_ISSUER_AND_SERIAL *PKCS7_ISSUER_AND_SERIAL_new(void );
+void PKCS7_ISSUER_AND_SERIAL_free(
+ PKCS7_ISSUER_AND_SERIAL *a);
+int i2d_PKCS7_ISSUER_AND_SERIAL(
+ PKCS7_ISSUER_AND_SERIAL *a,unsigned char **pp);
+PKCS7_ISSUER_AND_SERIAL *d2i_PKCS7_ISSUER_AND_SERIAL(
+ PKCS7_ISSUER_AND_SERIAL **a,
+ unsigned char **pp, long length);
+
+#ifndef SSLEAY_MACROS
+int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data,EVP_MD *type,
+ unsigned char *md,unsigned int *len);
+#ifndef NO_FP_API
+PKCS7 *d2i_PKCS7_fp(FILE *fp,PKCS7 *p7);
+int i2d_PKCS7_fp(FILE *fp,PKCS7 *p7);
+#endif
+PKCS7 *PKCS7_dup(PKCS7 *p7);
+PKCS7 *d2i_PKCS7_bio(BIO *bp,PKCS7 *p7);
+int i2d_PKCS7_bio(BIO *bp,PKCS7 *p7);
+#endif
+
+PKCS7_SIGNER_INFO *PKCS7_SIGNER_INFO_new(void);
+void PKCS7_SIGNER_INFO_free(PKCS7_SIGNER_INFO *a);
+int i2d_PKCS7_SIGNER_INFO(PKCS7_SIGNER_INFO *a,
+ unsigned char **pp);
+PKCS7_SIGNER_INFO *d2i_PKCS7_SIGNER_INFO(PKCS7_SIGNER_INFO **a,
+ unsigned char **pp,long length);
+
+PKCS7_RECIP_INFO *PKCS7_RECIP_INFO_new(void);
+void PKCS7_RECIP_INFO_free(PKCS7_RECIP_INFO *a);
+int i2d_PKCS7_RECIP_INFO(PKCS7_RECIP_INFO *a,
+ unsigned char **pp);
+PKCS7_RECIP_INFO *d2i_PKCS7_RECIP_INFO(PKCS7_RECIP_INFO **a,
+ unsigned char **pp,long length);
+
+PKCS7_SIGNED *PKCS7_SIGNED_new(void);
+void PKCS7_SIGNED_free(PKCS7_SIGNED *a);
+int i2d_PKCS7_SIGNED(PKCS7_SIGNED *a,
+ unsigned char **pp);
+PKCS7_SIGNED *d2i_PKCS7_SIGNED(PKCS7_SIGNED **a,
+ unsigned char **pp,long length);
+
+PKCS7_ENC_CONTENT *PKCS7_ENC_CONTENT_new(void);
+void PKCS7_ENC_CONTENT_free(PKCS7_ENC_CONTENT *a);
+int i2d_PKCS7_ENC_CONTENT(PKCS7_ENC_CONTENT *a,
+ unsigned char **pp);
+PKCS7_ENC_CONTENT *d2i_PKCS7_ENC_CONTENT(PKCS7_ENC_CONTENT **a,
+ unsigned char **pp,long length);
+
+PKCS7_ENVELOPE *PKCS7_ENVELOPE_new(void);
+void PKCS7_ENVELOPE_free(PKCS7_ENVELOPE *a);
+int i2d_PKCS7_ENVELOPE(PKCS7_ENVELOPE *a,
+ unsigned char **pp);
+PKCS7_ENVELOPE *d2i_PKCS7_ENVELOPE(PKCS7_ENVELOPE **a,
+ unsigned char **pp,long length);
+
+PKCS7_SIGN_ENVELOPE *PKCS7_SIGN_ENVELOPE_new(void);
+void PKCS7_SIGN_ENVELOPE_free(PKCS7_SIGN_ENVELOPE *a);
+int i2d_PKCS7_SIGN_ENVELOPE(PKCS7_SIGN_ENVELOPE *a,
+ unsigned char **pp);
+PKCS7_SIGN_ENVELOPE *d2i_PKCS7_SIGN_ENVELOPE(PKCS7_SIGN_ENVELOPE **a,
+ unsigned char **pp,long length);
+
+PKCS7_DIGEST *PKCS7_DIGEST_new(void);
+void PKCS7_DIGEST_free(PKCS7_DIGEST *a);
+int i2d_PKCS7_DIGEST(PKCS7_DIGEST *a,
+ unsigned char **pp);
+PKCS7_DIGEST *d2i_PKCS7_DIGEST(PKCS7_DIGEST **a,
+ unsigned char **pp,long length);
+
+PKCS7_ENCRYPT *PKCS7_ENCRYPT_new(void);
+void PKCS7_ENCRYPT_free(PKCS7_ENCRYPT *a);
+int i2d_PKCS7_ENCRYPT(PKCS7_ENCRYPT *a,
+ unsigned char **pp);
+PKCS7_ENCRYPT *d2i_PKCS7_ENCRYPT(PKCS7_ENCRYPT **a,
+ unsigned char **pp,long length);
+
+PKCS7 *PKCS7_new(void);
+void PKCS7_free(PKCS7 *a);
+void PKCS7_content_free(PKCS7 *a);
+int i2d_PKCS7(PKCS7 *a,
+ unsigned char **pp);
+PKCS7 *d2i_PKCS7(PKCS7 **a,
+ unsigned char **pp,long length);
+
+void ERR_load_PKCS7_strings(void);
+
+
+long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg);
+
+int PKCS7_set_type(PKCS7 *p7, int type);
+int PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data);
+int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
+ EVP_MD *dgst);
+int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *p7i);
+int PKCS7_add_certificate(PKCS7 *p7, X509 *x509);
+int PKCS7_add_crl(PKCS7 *p7, X509_CRL *x509);
+int PKCS7_content_new(PKCS7 *p7, int nid);
+int PKCS7_dataSign(PKCS7 *p7, BIO *bio);
+int PKCS7_dataVerify(X509_STORE *cert_store, X509_STORE_CTX *ctx,
+ BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si);
+
+BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio);
+/*int PKCS7_DataFinal(PKCS7 *p7, BIO *bio); */
+
+PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509,
+ EVP_PKEY *pkey, EVP_MD *dgst);
+X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si);
+STACK *PKCS7_get_signer_info(PKCS7 *p7);
+
+PKCS7_RECIP_INFO *PKCS7_add_recipient(PKCS7 *p7, X509 *x509);
+int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri);
+int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509);
+int PKCS7_set_cipher(PKCS7 *p7, EVP_CIPHER *cipher);
+
+
+
+#else
+
+PKCS7_ISSUER_AND_SERIAL *PKCS7_ISSUER_AND_SERIAL_new();
+void PKCS7_ISSUER_AND_SERIAL_free();
+int i2d_PKCS7_ISSUER_AND_SERIAL();
+PKCS7_ISSUER_AND_SERIAL *d2i_PKCS7_ISSUER_AND_SERIAL();
+
+#ifndef SSLEAY_MACROS
+int PKCS7_ISSUER_AND_SERIAL_digest();
+#ifndef NO_FP_API
+PKCS7 *d2i_PKCS7_fp();
+int i2d_PKCS7_fp();
+#endif
+PKCS7 *PKCS7_dup();
+PKCS7 *d2i_PKCS7_bio();
+int i2d_PKCS7_bio();
+
+#endif
+
+PKCS7_SIGNER_INFO *PKCS7_SIGNER_INFO_new();
+void PKCS7_SIGNER_INFO_free();
+int i2d_PKCS7_SIGNER_INFO();
+PKCS7_SIGNER_INFO *d2i_PKCS7_SIGNER_INFO();
+PKCS7_RECIP_INFO *PKCS7_RECIP_INFO_new();
+void PKCS7_RECIP_INFO_free();
+int i2d_PKCS7_RECIP_INFO();
+PKCS7_RECIP_INFO *d2i_PKCS7_RECIP_INFO();
+PKCS7_SIGNED *PKCS7_SIGNED_new();
+void PKCS7_SIGNED_free();
+int i2d_PKCS7_SIGNED();
+PKCS7_SIGNED *d2i_PKCS7_SIGNED();
+PKCS7_ENC_CONTENT *PKCS7_ENC_CONTENT_new();
+void PKCS7_ENC_CONTENT_free();
+int i2d_PKCS7_ENC_CONTENT();
+PKCS7_ENC_CONTENT *d2i_PKCS7_ENC_CONTENT();
+PKCS7_ENVELOPE *PKCS7_ENVELOPE_new();
+void PKCS7_ENVELOPE_free();
+int i2d_PKCS7_ENVELOPE();
+PKCS7_ENVELOPE *d2i_PKCS7_ENVELOPE();
+PKCS7_SIGN_ENVELOPE *PKCS7_SIGN_ENVELOPE_new();
+void PKCS7_SIGN_ENVELOPE_free();
+int i2d_PKCS7_SIGN_ENVELOPE();
+PKCS7_SIGN_ENVELOPE *d2i_PKCS7_SIGN_ENVELOPE();
+PKCS7_DIGEST *PKCS7_DIGEST_new();
+void PKCS7_DIGEST_free();
+int i2d_PKCS7_DIGEST();
+PKCS7_DIGEST *d2i_PKCS7_DIGEST();
+PKCS7_ENCRYPT *PKCS7_ENCRYPT_new();
+void PKCS7_ENCRYPT_free();
+int i2d_PKCS7_ENCRYPT();
+PKCS7_ENCRYPT *d2i_PKCS7_ENCRYPT();
+PKCS7 *PKCS7_new();
+void PKCS7_free();
+void PKCS7_content_free();
+int i2d_PKCS7();
+PKCS7 *d2i_PKCS7();
+
+void ERR_load_PKCS7_strings();
+
+long PKCS7_ctrl();
+int PKCS7_set_type();
+int PKCS7_set_content();
+int PKCS7_SIGNER_INFO_set();
+int PKCS7_add_signer();
+int PKCS7_add_certificate();
+int PKCS7_add_crl();
+int PKCS7_content_new();
+int PKCS7_dataSign();
+int PKCS7_dataVerify();
+BIO *PKCS7_dataInit();
+PKCS7_SIGNER_INFO *PKCS7_add_signature();
+X509 *PKCS7_cert_from_signer_info();
+STACK *PKCS7_get_signer_info();
+
+PKCS7_RECIP_INFO *PKCS7_add_recipient();
+int PKCS7_add_recipient_info();
+int PKCS7_RECIP_INFO_set();
+int PKCS7_set_cipher();
+
+#endif
+
+/* BEGIN ERROR CODES */
+/* Error codes for the PKCS7 functions. */
+
+/* Function codes. */
+#define PKCS7_F_PKCS7_ADD_CERTIFICATE 100
+#define PKCS7_F_PKCS7_ADD_CRL 101
+#define PKCS7_F_PKCS7_ADD_RECIPIENT_INFO 102
+#define PKCS7_F_PKCS7_ADD_SIGNER 103
+#define PKCS7_F_PKCS7_CTRL 104
+#define PKCS7_F_PKCS7_DATAINIT 105
+#define PKCS7_F_PKCS7_DATASIGN 106
+#define PKCS7_F_PKCS7_DATAVERIFY 107
+#define PKCS7_F_PKCS7_SET_CIPHER 108
+#define PKCS7_F_PKCS7_SET_CONTENT 109
+#define PKCS7_F_PKCS7_SET_TYPE 110
+
+/* Reason codes. */
+#define PKCS7_R_INTERNAL_ERROR 100
+#define PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE 101
+#define PKCS7_R_SIGNATURE_FAILURE 102
+#define PKCS7_R_UNABLE_TO_FIND_CERTIFICATE 103
+#define PKCS7_R_UNABLE_TO_FIND_MEM_BIO 104
+#define PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST 105
+#define PKCS7_R_UNKNOWN_DIGEST_TYPE 106
+#define PKCS7_R_UNSUPPORTED_CIPHER_TYPE 107
+#define PKCS7_R_UNSUPPORTED_CONTENT_TYPE 108
+#define PKCS7_R_WRONG_CONTENT_TYPE 109
+
+#ifdef __cplusplus
+}
+#endif
+#endif
+
diff --git a/src/lib/libssl/src/crypto/pkcs7/pkcs7err.c b/src/lib/libssl/src/crypto/pkcs7/pkcs7err.c
new file mode 100644
index 0000000000..f851057422
--- /dev/null
+++ b/src/lib/libssl/src/crypto/pkcs7/pkcs7err.c
@@ -0,0 +1,110 @@
+/* lib/pkcs7/pkcs7_err.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include "err.h"
+#include "pkcs7.h"
+
+/* BEGIN ERROR CODES */
+#ifndef NO_ERR
+static ERR_STRING_DATA PKCS7_str_functs[]=
+ {
+{ERR_PACK(0,PKCS7_F_PKCS7_ADD_CERTIFICATE,0), "PKCS7_add_certificate"},
+{ERR_PACK(0,PKCS7_F_PKCS7_ADD_CRL,0), "PKCS7_add_crl"},
+{ERR_PACK(0,PKCS7_F_PKCS7_ADD_RECIPIENT_INFO,0), "PKCS7_add_recipient_info"},
+{ERR_PACK(0,PKCS7_F_PKCS7_ADD_SIGNER,0), "PKCS7_add_signer"},
+{ERR_PACK(0,PKCS7_F_PKCS7_CTRL,0), "PKCS7_ctrl"},
+{ERR_PACK(0,PKCS7_F_PKCS7_DATAINIT,0), "PKCS7_dataInit"},
+{ERR_PACK(0,PKCS7_F_PKCS7_DATASIGN,0), "PKCS7_dataSign"},
+{ERR_PACK(0,PKCS7_F_PKCS7_DATAVERIFY,0), "PKCS7_dataVerify"},
+{ERR_PACK(0,PKCS7_F_PKCS7_SET_CIPHER,0), "PKCS7_set_cipher"},
+{ERR_PACK(0,PKCS7_F_PKCS7_SET_CONTENT,0), "PKCS7_set_content"},
+{ERR_PACK(0,PKCS7_F_PKCS7_SET_TYPE,0), "PKCS7_set_type"},
+{0,NULL},
+ };
+
+static ERR_STRING_DATA PKCS7_str_reasons[]=
+ {
+{PKCS7_R_INTERNAL_ERROR ,"internal error"},
+{PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE,"operation not supported on this type"},
+{PKCS7_R_SIGNATURE_FAILURE ,"signature failure"},
+{PKCS7_R_UNABLE_TO_FIND_CERTIFICATE ,"unable to find certificate"},
+{PKCS7_R_UNABLE_TO_FIND_MEM_BIO ,"unable to find mem bio"},
+{PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST ,"unable to find message digest"},
+{PKCS7_R_UNKNOWN_DIGEST_TYPE ,"unknown digest type"},
+{PKCS7_R_UNSUPPORTED_CIPHER_TYPE ,"unsupported cipher type"},
+{PKCS7_R_UNSUPPORTED_CONTENT_TYPE ,"unsupported content type"},
+{PKCS7_R_WRONG_CONTENT_TYPE ,"wrong content type"},
+{0,NULL},
+ };
+
+#endif
+
+void ERR_load_PKCS7_strings()
+ {
+ static int init=1;
+
+ if (init);
+ {;
+ init=0;
+#ifndef NO_ERR
+ ERR_load_strings(ERR_LIB_PKCS7,PKCS7_str_functs);
+ ERR_load_strings(ERR_LIB_PKCS7,PKCS7_str_reasons);
+#endif
+
+ }
+ }
diff --git a/src/lib/libssl/src/crypto/pkcs7/server.pem b/src/lib/libssl/src/crypto/pkcs7/server.pem
new file mode 100644
index 0000000000..750aac2094
--- /dev/null
+++ b/src/lib/libssl/src/crypto/pkcs7/server.pem
@@ -0,0 +1,24 @@
+issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
+subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Server test cert (512 bit)
+-----BEGIN CERTIFICATE-----
+MIIB6TCCAVICAQAwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV
+BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYD
+VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNOTcwNjA5MTM1NzQ2WhcNOTgwNjA5
+MTM1NzQ2WjBjMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG
+A1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxIzAhBgNVBAMTGlNlcnZlciB0ZXN0IGNl
+cnQgKDUxMiBiaXQpMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJ+zw4Qnlf8SMVIP
+Fe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVDTGiXav6ooKXfX3j/7tdkuD8Ey2//
+Kv7+ue0CAwEAATANBgkqhkiG9w0BAQQFAAOBgQB4TMR2CvacKE9wAsu9jyCX8YiW
+mgCM+YoP6kt4Zkj2z5IRfm7WrycKsnpnOR+tGeqAjkCeZ6/36o9l91RvPnN1VJ/i
+xQv2df0KFeMr00IkDdTNAdIWqFkSsZTAY2QAdgenb7MB1joejquYzO2DQIO7+wpH
+irObpESxAZLySCmPPg==
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIIBPAIBAAJBAJ+zw4Qnlf8SMVIPFe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVD
+TGiXav6ooKXfX3j/7tdkuD8Ey2//Kv7+ue0CAwEAAQJAN6W31vDEP2DjdqhzCDDu
+OA4NACqoiFqyblo7yc2tM4h4xMbC3Yx5UKMN9ZkCtX0gzrz6DyF47bdKcWBzNWCj
+gQIhANEoojVt7hq+SQ6MCN6FTAysGgQf56Q3TYoJMoWvdiXVAiEAw3e3rc+VJpOz
+rHuDo6bgpjUAAXM+v3fcpsfZSNO6V7kCIQCtbVjanpUwvZkMI9by02oUk9taki3b
+PzPfAfNPYAbCJQIhAJXNQDWyqwn/lGmR11cqY2y9nZ1+5w3yHGatLrcDnQHxAiEA
+vnlEGo8K85u+KwIOimM48ZG8oTk7iFdkqLJR1utT3aU=
+-----END RSA PRIVATE KEY-----
diff --git a/src/lib/libssl/src/crypto/pkcs7/sign.c b/src/lib/libssl/src/crypto/pkcs7/sign.c
new file mode 100644
index 0000000000..ead1cb65ca
--- /dev/null
+++ b/src/lib/libssl/src/crypto/pkcs7/sign.c
@@ -0,0 +1,140 @@
+/* crypto/pkcs7/sign.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include "bio.h"
+#include "x509.h"
+#include "pem.h"
+
+main(argc,argv)
+int argc;
+char *argv[];
+ {
+ X509 *x509;
+ EVP_PKEY *pkey;
+ PKCS7 *p7;
+ PKCS7 *p7_data;
+ PKCS7_SIGNER_INFO *si;
+ BIO *in;
+ BIO *data,*p7bio;
+ char buf[1024*4];
+ int i,j;
+ int nodetach=0;
+
+ EVP_add_digest(EVP_md2());
+ EVP_add_digest(EVP_md5());
+ EVP_add_digest(EVP_sha1());
+ EVP_add_digest(EVP_mdc2());
+
+ data=BIO_new(BIO_s_file());
+again:
+ if (argc > 1)
+ {
+ if (strcmp(argv[1],"-nd") == 0)
+ {
+ nodetach=1;
+ argv++; argc--;
+ goto again;
+ }
+ if (!BIO_read_filename(data,argv[1]))
+ goto err;
+ }
+ else
+ BIO_set_fp(data,stdin,BIO_NOCLOSE);
+
+ if ((in=BIO_new_file("server.pem","r")) == NULL) goto err;
+ if ((x509=PEM_read_bio_X509(in,NULL,NULL)) == NULL) goto err;
+ BIO_reset(in);
+ if ((pkey=PEM_read_bio_PrivateKey(in,NULL,NULL)) == NULL) goto err;
+ BIO_free(in);
+
+ p7=PKCS7_new();
+ PKCS7_set_type(p7,NID_pkcs7_signed);
+
+ if (PKCS7_add_signature(p7,x509,pkey,EVP_sha1()) == NULL) goto err;
+
+ /* we may want to add more */
+ PKCS7_add_certificate(p7,x509);
+
+ /* Set the content of the signed to 'data' */
+ PKCS7_content_new(p7,NID_pkcs7_data);
+
+ if (!nodetach)
+ PKCS7_set_detached(p7,1);
+
+ if ((p7bio=PKCS7_dataInit(p7,NULL)) == NULL) goto err;
+
+ for (;;)
+ {
+ i=BIO_read(data,buf,sizeof(buf));
+ if (i <= 0) break;
+ BIO_write(p7bio,buf,i);
+ }
+
+ if (!PKCS7_dataSign(p7,p7bio)) goto err;
+ BIO_free(p7bio);
+
+ PEM_write_PKCS7(stdout,p7);
+ PKCS7_free(p7);
+
+ exit(0);
+err:
+ ERR_load_crypto_strings();
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
diff --git a/src/lib/libssl/src/crypto/pkcs7/verify.c b/src/lib/libssl/src/crypto/pkcs7/verify.c
new file mode 100644
index 0000000000..0e1c1b26dc
--- /dev/null
+++ b/src/lib/libssl/src/crypto/pkcs7/verify.c
@@ -0,0 +1,238 @@
+/* crypto/pkcs7/verify.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include "asn1.h"
+#include "bio.h"
+#include "x509.h"
+#include "pem.h"
+
+int verify_callback(int ok, X509_STORE_CTX *ctx);
+
+BIO *bio_err=NULL;
+
+main(argc,argv)
+int argc;
+char *argv[];
+ {
+ X509 *x509,*x;
+ PKCS7 *p7;
+ PKCS7_SIGNED *s;
+ PKCS7_SIGNER_INFO *si;
+ PKCS7_ISSUER_AND_SERIAL *ias;
+ X509_STORE_CTX cert_ctx;
+ X509_STORE *cert_store=NULL;
+ X509_LOOKUP *lookup=NULL;
+ BIO *data,*detached=NULL,*p7bio=NULL;
+ char buf[1024*4];
+ unsigned char *p,*pp;
+ int i,j,printit=0;
+ STACK *sk;
+
+ bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
+ EVP_add_digest(EVP_md2());
+ EVP_add_digest(EVP_md5());
+ EVP_add_digest(EVP_sha1());
+ EVP_add_digest(EVP_mdc2());
+
+ data=BIO_new(BIO_s_file());
+again:
+ pp=NULL;
+ while (argc > 1)
+ {
+ argc--;
+ argv++;
+ if (strcmp(argv[0],"-p") == 0)
+ {
+ printit=1;
+ }
+ else if ((strcmp(argv[0],"-d") == 0) && (argc >= 2))
+ {
+ detached=BIO_new(BIO_s_file());
+ if (!BIO_read_filename(detached,argv[1]))
+ goto err;
+ argc--;
+ argv++;
+ }
+ else
+ {
+ pp=argv[0];
+ if (!BIO_read_filename(data,argv[0]))
+ goto err;
+ }
+ }
+
+ if (pp == NULL)
+ BIO_set_fp(data,stdin,BIO_NOCLOSE);
+
+
+ /* Load the PKCS7 object from a file */
+ if ((p7=PEM_read_bio_PKCS7(data,NULL,NULL)) == NULL) goto err;
+
+ /* This stuff is being setup for certificate verification.
+ * When using SSL, it could be replaced with a
+ * cert_stre=SSL_CTX_get_cert_store(ssl_ctx); */
+ cert_store=X509_STORE_new();
+ X509_STORE_set_default_paths(cert_store);
+ X509_STORE_load_locations(cert_store,NULL,"../../certs");
+ X509_STORE_set_verify_cb_func(cert_store,verify_callback);
+
+ ERR_clear_errors();
+
+ /* We need to process the data */
+ if (PKCS7_get_detached(p7))
+ {
+ if (detached == NULL)
+ {
+ printf("no data to verify the signature on\n");
+ exit(1);
+ }
+ else
+ p7bio=PKCS7_dataInit(p7,detached);
+ }
+ else
+ {
+ p7bio=PKCS7_dataInit(p7,NULL);
+ }
+
+ /* We now have to 'read' from p7bio to calculate digests etc. */
+ for (;;)
+ {
+ i=BIO_read(p7bio,buf,sizeof(buf));
+ /* print it? */
+ if (i <= 0) break;
+ }
+
+ /* We can now verify signatures */
+ sk=PKCS7_get_signer_info(p7);
+ if (sk == NULL)
+ {
+ printf("there are no signatures on this data\n");
+ exit(1);
+ }
+
+ /* Ok, first we need to, for each subject entry, see if we can verify */
+ for (i=0; i<sk_num(sk); i++)
+ {
+ si=(PKCS7_SIGNER_INFO *)sk_value(sk,i);
+ i=PKCS7_dataVerify(cert_store,&cert_ctx,p7bio,p7,si);
+ if (i <= 0)
+ goto err;
+ }
+
+ X509_STORE_free(cert_store);
+
+ printf("done\n");
+ exit(0);
+err:
+ ERR_load_crypto_strings();
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+/* should be X509 * but we can just have them as char *. */
+int verify_callback(ok, ctx)
+int ok;
+X509_STORE_CTX *ctx;
+ {
+ char buf[256];
+ X509 *err_cert;
+ int err,depth;
+
+ err_cert=X509_STORE_CTX_get_current_cert(ctx);
+ err= X509_STORE_CTX_get_error(ctx);
+ depth= X509_STORE_CTX_get_error_depth(ctx);
+
+ X509_NAME_oneline(X509_get_subject_name(err_cert),buf,256);
+ BIO_printf(bio_err,"depth=%d %s\n",depth,buf);
+ if (!ok)
+ {
+ BIO_printf(bio_err,"verify error:num=%d:%s\n",err,
+ X509_verify_cert_error_string(err));
+ if (depth < 6)
+ {
+ ok=1;
+ X509_STORE_CTX_set_error(ctx,X509_V_OK);
+ }
+ else
+ {
+ ok=0;
+ X509_STORE_CTX_set_error(ctx,X509_V_ERR_CERT_CHAIN_TOO_LONG);
+ }
+ }
+ switch (ctx->error)
+ {
+ case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
+ X509_NAME_oneline(X509_get_issuer_name(ctx->current_cert),buf,256);
+ BIO_printf(bio_err,"issuer= %s\n",buf);
+ break;
+ case X509_V_ERR_CERT_NOT_YET_VALID:
+ case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
+ BIO_printf(bio_err,"notBefore=");
+ ASN1_UTCTIME_print(bio_err,X509_get_notBefore(ctx->current_cert));
+ BIO_printf(bio_err,"\n");
+ break;
+ case X509_V_ERR_CERT_HAS_EXPIRED:
+ case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
+ BIO_printf(bio_err,"notAfter=");
+ ASN1_UTCTIME_print(bio_err,X509_get_notAfter(ctx->current_cert));
+ BIO_printf(bio_err,"\n");
+ break;
+ }
+ BIO_printf(bio_err,"verify return:%d\n",ok);
+ return(ok);
+ }
diff --git a/src/lib/libssl/src/crypto/rand/md_rand.c b/src/lib/libssl/src/crypto/rand/md_rand.c
new file mode 100644
index 0000000000..f44b36a8b9
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rand/md_rand.c
@@ -0,0 +1,405 @@
+/* crypto/rand/md_rand.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <sys/types.h>
+#include <time.h>
+
+#if !defined(USE_MD5_RAND) && !defined(USE_SHA1_RAND) && !defined(USE_MDC2_RAND) && !defined(USE_MD2_RAND)
+#ifndef NO_MD5
+#define USE_MD5_RAND
+#elif !defined(NO_SHA1)
+#define USE_SHA1_RAND
+#elif !defined(NO_MDC2)
+#define USE_MDC2_RAND
+#elif !defined(NO_MD2)
+#define USE_MD2_RAND
+#else
+We need a message digest of some type
+#endif
+#endif
+
+/* Changed how the state buffer used. I now attempt to 'wrap' such
+ * that I don't run over the same locations the next time go through
+ * the 1023 bytes - many thanks to
+ * Robert J. LeBlanc <rjl@renaissoft.com> for his comments
+ */
+
+#if defined(USE_MD5_RAND)
+#include "md5.h"
+#define MD_DIGEST_LENGTH MD5_DIGEST_LENGTH
+#define MD_CTX MD5_CTX
+#define MD_Init(a) MD5_Init(a)
+#define MD_Update(a,b,c) MD5_Update(a,b,c)
+#define MD_Final(a,b) MD5_Final(a,b)
+#elif defined(USE_SHA1_RAND)
+#include "sha.h"
+#define MD_DIGEST_LENGTH SHA_DIGEST_LENGTH
+#define MD_CTX SHA_CTX
+#define MD_Init(a) SHA1_Init(a)
+#define MD_Update(a,b,c) SHA1_Update(a,b,c)
+#define MD_Final(a,b) SHA1_Final(a,b)
+#elif defined(USE_MDC2_RAND)
+#include "mdc2.h"
+#define MD_DIGEST_LENGTH MDC2_DIGEST_LENGTH
+#define MD_CTX MDC2_CTX
+#define MD_Init(a) MDC2_Init(a)
+#define MD_Update(a,b,c) MDC2_Update(a,b,c)
+#define MD_Final(a,b) MDC2_Final(a,b)
+#elif defined(USE_MD2_RAND)
+#include "md2.h"
+#define MD_DIGEST_LENGTH MD2_DIGEST_LENGTH
+#define MD_CTX MD2_CTX
+#define MD_Init(a) MD2_Init(a)
+#define MD_Update(a,b,c) MD2_Update(a,b,c)
+#define MD_Final(a,b) MD2_Final(a,b)
+#endif
+
+#include "rand.h"
+
+/*#define NORAND 1 */
+/*#define PREDICT 1 */
+
+#define STATE_SIZE 1023
+static int state_num=0,state_index=0;
+static unsigned char state[STATE_SIZE+MD_DIGEST_LENGTH];
+static unsigned char md[MD_DIGEST_LENGTH];
+static int md_count=0;
+
+char *RAND_version="RAND part of SSLeay 0.9.0b 29-Jun-1998";
+
+void RAND_cleanup()
+ {
+ memset(state,0,sizeof(state));
+ state_num=0;
+ state_index=0;
+ memset(md,0,MD_DIGEST_LENGTH);
+ md_count=0;
+ }
+
+void RAND_seed(buf,num)
+unsigned char *buf;
+int num;
+ {
+ int i,j,k,st_idx,st_num;
+ MD_CTX m;
+
+#ifdef NORAND
+ return;
+#endif
+
+ CRYPTO_w_lock(CRYPTO_LOCK_RAND);
+ st_idx=state_index;
+ st_num=state_num;
+
+ state_index=(state_index+num);
+ if (state_index >= STATE_SIZE)
+ {
+ state_index%=STATE_SIZE;
+ state_num=STATE_SIZE;
+ }
+ else if (state_num < STATE_SIZE)
+ {
+ if (state_index > state_num)
+ state_num=state_index;
+ }
+ CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
+
+ for (i=0; i<num; i+=MD_DIGEST_LENGTH)
+ {
+ j=(num-i);
+ j=(j > MD_DIGEST_LENGTH)?MD_DIGEST_LENGTH:j;
+
+ MD_Init(&m);
+ MD_Update(&m,md,MD_DIGEST_LENGTH);
+ k=(st_idx+j)-STATE_SIZE;
+ if (k > 0)
+ {
+ MD_Update(&m,&(state[st_idx]),j-k);
+ MD_Update(&m,&(state[0]),k);
+ }
+ else
+ MD_Update(&m,&(state[st_idx]),j);
+
+ MD_Update(&m,buf,j);
+ MD_Final(md,&m);
+
+ buf+=j;
+
+ for (k=0; k<j; k++)
+ {
+ state[st_idx++]^=md[k];
+ if (st_idx >= STATE_SIZE)
+ {
+ st_idx=0;
+ st_num=STATE_SIZE;
+ }
+ }
+ }
+ memset((char *)&m,0,sizeof(m));
+ }
+
+void RAND_bytes(buf,num)
+unsigned char *buf;
+int num;
+ {
+ int i,j,k,st_num,st_idx;
+ MD_CTX m;
+ static int init=1;
+ unsigned long l;
+#ifdef DEVRANDOM
+ FILE *fh;
+#endif
+
+#ifdef PREDICT
+ {
+ static unsigned char val=0;
+
+ for (i=0; i<num; i++)
+ buf[i]=val++;
+ return;
+ }
+#endif
+
+ CRYPTO_w_lock(CRYPTO_LOCK_RAND);
+
+ if (init)
+ {
+ init=0;
+ CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
+ /* put in some default random data, we need more than
+ * just this */
+ RAND_seed((unsigned char *)&m,sizeof(m));
+#ifndef MSDOS
+ l=getpid();
+ RAND_seed((unsigned char *)&l,sizeof(l));
+ l=getuid();
+ RAND_seed((unsigned char *)&l,sizeof(l));
+#endif
+ l=time(NULL);
+ RAND_seed((unsigned char *)&l,sizeof(l));
+
+/* #ifdef DEVRANDOM */
+ /*
+ * Use a random entropy pool device.
+ * Linux 1.3.x and FreeBSD-Current has
+ * this. Use /dev/urandom if you can
+ * as /dev/random will block if it runs out
+ * of random entries.
+ */
+ if ((fh = fopen(DEVRANDOM, "r")) != NULL)
+ {
+ unsigned char tmpbuf[32];
+
+ fread((unsigned char *)tmpbuf,1,32,fh);
+ /* we don't care how many bytes we read,
+ * we will just copy the 'stack' if there is
+ * nothing else :-) */
+ fclose(fh);
+ RAND_seed(tmpbuf,32);
+ memset(tmpbuf,0,32);
+ }
+/* #endif */
+#ifdef PURIFY
+ memset(state,0,STATE_SIZE);
+ memset(md,0,MD_DIGEST_LENGTH);
+#endif
+ CRYPTO_w_lock(CRYPTO_LOCK_RAND);
+ }
+
+ st_idx=state_index;
+ st_num=state_num;
+ state_index+=num;
+ if (state_index > state_num)
+ state_index=(state_index%state_num);
+
+ CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
+
+ while (num > 0)
+ {
+ j=(num >= MD_DIGEST_LENGTH/2)?MD_DIGEST_LENGTH/2:num;
+ num-=j;
+ MD_Init(&m);
+ MD_Update(&m,&(md[MD_DIGEST_LENGTH/2]),MD_DIGEST_LENGTH/2);
+#ifndef PURIFY
+ MD_Update(&m,buf,j); /* purify complains */
+#endif
+ k=(st_idx+j)-st_num;
+ if (k > 0)
+ {
+ MD_Update(&m,&(state[st_idx]),j-k);
+ MD_Update(&m,&(state[0]),k);
+ }
+ else
+ MD_Update(&m,&(state[st_idx]),j);
+ MD_Final(md,&m);
+
+ for (i=0; i<j; i++)
+ {
+ if (st_idx >= st_num)
+ st_idx=0;
+ state[st_idx++]^=md[i];
+ *(buf++)=md[i+MD_DIGEST_LENGTH/2];
+ }
+ }
+
+ MD_Init(&m);
+ MD_Update(&m,(unsigned char *)&md_count,sizeof(md_count)); md_count++;
+ MD_Update(&m,md,MD_DIGEST_LENGTH);
+ MD_Final(md,&m);
+ memset(&m,0,sizeof(m));
+ }
+
+#ifdef WINDOWS
+#include <windows.h>
+#include <rand.h>
+
+/*****************************************************************************
+ * Initialisation function for the SSL random generator. Takes the contents
+ * of the screen as random seed.
+ *
+ * Created 960901 by Gertjan van Oosten, gertjan@West.NL, West Consulting B.V.
+ *
+ * Code adapted from
+ * <URL:http://www.microsoft.com/kb/developr/win_dk/q97193.htm>;
+ * the original copyright message is:
+ *
+// (C) Copyright Microsoft Corp. 1993. All rights reserved.
+//
+// You have a royalty-free right to use, modify, reproduce and
+// distribute the Sample Files (and/or any modified version) in
+// any way you find useful, provided that you agree that
+// Microsoft has no warranty obligations or liability for any
+// Sample Application Files which are modified.
+ */
+/*
+ * I have modified the loading of bytes via RAND_seed() mechanism since
+ * the origional would have been very very CPU intensive since RAND_seed()
+ * does an MD5 per 16 bytes of input. The cost to digest 16 bytes is the same
+ * as that to digest 56 bytes. So under the old system, a screen of
+ * 1024*768*256 would have been CPU cost of approximatly 49,000 56 byte MD5
+ * digests or digesting 2.7 mbytes. What I have put in place would
+ * be 48 16k MD5 digests, or efectivly 48*16+48 MD5 bytes or 816 kbytes
+ * or about 3.5 times as much.
+ * - eric
+ */
+void RAND_screen(void)
+{
+ HDC hScrDC; /* screen DC */
+ HDC hMemDC; /* memory DC */
+ HBITMAP hBitmap; /* handle for our bitmap */
+ HBITMAP hOldBitmap; /* handle for previous bitmap */
+ BITMAP bm; /* bitmap properties */
+ unsigned int size; /* size of bitmap */
+ char *bmbits; /* contents of bitmap */
+ int w; /* screen width */
+ int h; /* screen height */
+ int y; /* y-coordinate of screen lines to grab */
+ int n = 16; /* number of screen lines to grab at a time */
+
+ /* Create a screen DC and a memory DC compatible to screen DC */
+ hScrDC = CreateDC("DISPLAY", NULL, NULL, NULL);
+ hMemDC = CreateCompatibleDC(hScrDC);
+
+ /* Get screen resolution */
+ w = GetDeviceCaps(hScrDC, HORZRES);
+ h = GetDeviceCaps(hScrDC, VERTRES);
+
+ /* Create a bitmap compatible with the screen DC */
+ hBitmap = CreateCompatibleBitmap(hScrDC, w, n);
+
+ /* Select new bitmap into memory DC */
+ hOldBitmap = SelectObject(hMemDC, hBitmap);
+
+ /* Get bitmap properties */
+ GetObject(hBitmap, sizeof(BITMAP), (LPSTR)&bm);
+ size = (unsigned int)bm.bmWidthBytes * bm.bmHeight * bm.bmPlanes;
+
+ bmbits = Malloc(size);
+ if (bmbits) {
+ /* Now go through the whole screen, repeatedly grabbing n lines */
+ for (y = 0; y < h-n; y += n)
+ {
+ unsigned char md[MD_DIGEST_LENGTH];
+
+ /* Bitblt screen DC to memory DC */
+ BitBlt(hMemDC, 0, 0, w, n, hScrDC, 0, y, SRCCOPY);
+
+ /* Copy bitmap bits from memory DC to bmbits */
+ GetBitmapBits(hBitmap, size, bmbits);
+
+ /* Get the MD5 of the bitmap */
+ MD5(bmbits,size,md);
+
+ /* Seed the random generator with the MD5 digest */
+ RAND_seed(md, MD_DIGEST_LENGTH);
+ }
+
+ Free(bmbits);
+ }
+
+ /* Select old bitmap back into memory DC */
+ hBitmap = SelectObject(hMemDC, hOldBitmap);
+
+ /* Clean up */
+ DeleteObject(hBitmap);
+ DeleteDC(hMemDC);
+ DeleteDC(hScrDC);
+}
+#endif
diff --git a/src/lib/libssl/src/crypto/rand/rand.h b/src/lib/libssl/src/crypto/rand/rand.h
new file mode 100644
index 0000000000..477d7a150a
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rand/rand.h
@@ -0,0 +1,92 @@
+/* crypto/rand/rand.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_RAND_H
+#define HEADER_RAND_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#ifndef NOPROTO
+void RAND_cleanup(void );
+void RAND_bytes( unsigned char *buf,int num);
+void RAND_seed( unsigned char *buf,int num);
+int RAND_load_file(char *file,long max_bytes);
+int RAND_write_file(char *file);
+char *RAND_file_name(char *file,int num);
+#ifdef WINDOWS
+void RAND_screen(void);
+#endif
+#else
+void RAND_cleanup();
+void RAND_bytes();
+void RAND_seed();
+int RAND_load_file();
+int RAND_write_file();
+char *RAND_file_name();
+#ifdef WINDOWS
+void RAND_screen();
+#endif
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/src/lib/libssl/src/crypto/rand/randfile.c b/src/lib/libssl/src/crypto/rand/randfile.c
new file mode 100644
index 0000000000..f2b3746363
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rand/randfile.c
@@ -0,0 +1,166 @@
+/* crypto/rand/randfile.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <sys/stat.h>
+#include <sys/types.h>
+#include "rand.h"
+
+#undef BUFSIZE
+#define BUFSIZE 1024
+#define RAND_DATA 1024
+
+/* #define RFILE ".rand" - defined in ../../e_os.h */
+
+int RAND_load_file(file,bytes)
+char *file;
+long bytes;
+ {
+ MS_STATIC unsigned char buf[BUFSIZE];
+ struct stat sb;
+ int i,ret=0,n;
+ FILE *in;
+
+ if (file == NULL) return(0);
+
+ i=stat(file,&sb);
+ /* If the state fails, put some crap in anyway */
+ RAND_seed((unsigned char *)&sb,sizeof(sb));
+ ret+=sizeof(sb);
+ if (i < 0) return(0);
+ if (bytes <= 0) return(ret);
+
+ in=fopen(file,"r");
+ if (in == NULL) goto err;
+ for (;;)
+ {
+ n=(bytes < BUFSIZE)?(int)bytes:BUFSIZE;
+ i=fread(buf,1,n,in);
+ if (i <= 0) break;
+ /* even if n != i, use the full array */
+ RAND_seed(buf,n);
+ ret+=i;
+ bytes-=n;
+ if (bytes <= 0) break;
+ }
+ fclose(in);
+ memset(buf,0,BUFSIZE);
+err:
+ return(ret);
+ }
+
+int RAND_write_file(file)
+char *file;
+ {
+ unsigned char buf[BUFSIZE];
+ int i,ret=0;
+ FILE *out;
+ int n;
+
+ out=fopen(file,"w");
+ if (out == NULL) goto err;
+ chmod(file,0600);
+ n=RAND_DATA;
+ for (;;)
+ {
+ i=(n > BUFSIZE)?BUFSIZE:n;
+ n-=BUFSIZE;
+ RAND_bytes(buf,i);
+ i=fwrite(buf,1,i,out);
+ if (i <= 0)
+ {
+ ret=0;
+ break;
+ }
+ ret+=i;
+ if (n <= 0) break;
+ }
+ fclose(out);
+ memset(buf,0,BUFSIZE);
+err:
+ return(ret);
+ }
+
+char *RAND_file_name(buf,size)
+char *buf;
+int size;
+ {
+ char *s;
+ char *ret=NULL;
+
+ s=getenv("RANDFILE");
+ if (s != NULL)
+ {
+ strncpy(buf,s,size-1);
+ buf[size-1]='\0';
+ ret=buf;
+ }
+ else
+ {
+ s=getenv("HOME");
+ if (s == NULL) return(RFILE);
+ if (((int)(strlen(s)+strlen(RFILE)+2)) > size)
+ return(RFILE);
+ strcpy(buf,s);
+ strcat(buf,"/");
+ strcat(buf,RFILE);
+ ret=buf;
+ }
+ return(ret);
+ }
diff --git a/src/lib/libssl/src/crypto/rand/randtest.c b/src/lib/libssl/src/crypto/rand/randtest.c
new file mode 100644
index 0000000000..e0ba61e123
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rand/randtest.c
@@ -0,0 +1,207 @@
+/* crypto/rand/randtest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "rand.h"
+
+/* some FIPS 140-1 random number test */
+/* some simple tests */
+
+int main()
+ {
+ unsigned char buf[2500];
+ int i,j,k,s,sign,nsign,err=0;
+ unsigned long n1;
+ unsigned long n2[16];
+ unsigned long runs[2][34];
+ /*double d; */
+ long d;
+
+ RAND_bytes(buf,2500);
+
+ n1=0;
+ for (i=0; i<16; i++) n2[i]=0;
+ for (i=0; i<34; i++) runs[0][i]=runs[1][i]=0;
+
+ /* test 1 and 2 */
+ sign=0;
+ nsign=0;
+ for (i=0; i<2500; i++)
+ {
+ j=buf[i];
+
+ n2[j&0x0f]++;
+ n2[(j>>4)&0x0f]++;
+
+ for (k=0; k<8; k++)
+ {
+ s=(j&0x01);
+ if (s == sign)
+ nsign++;
+ else
+ {
+ if (nsign > 34) nsign=34;
+ if (nsign != 0)
+ {
+ runs[sign][nsign-1]++;
+ if (nsign > 6)
+ runs[sign][5]++;
+ }
+ sign=s;
+ nsign=1;
+ }
+
+ if (s) n1++;
+ j>>=1;
+ }
+ }
+ if (nsign > 34) nsign=34;
+ if (nsign != 0) runs[sign][nsign-1]++;
+
+ /* test 1 */
+ if (!((9654 < n1) && (n1 < 10346)))
+ {
+ printf("test 1 failed, X=%ld\n",n1);
+ err++;
+ }
+ printf("test 1 done\n");
+
+ /* test 2 */
+#ifdef undef
+ d=0;
+ for (i=0; i<16; i++)
+ d+=n2[i]*n2[i];
+ d=d*16.0/5000.0-5000.0;
+ if (!((1.03 < d) && (d < 57.4)))
+ {
+ printf("test 2 failed, X=%.2f\n",d);
+ err++;
+ }
+#endif
+ d=0;
+ for (i=0; i<16; i++)
+ d+=n2[i]*n2[i];
+ d=(d*8)/25-500000;
+ if (!((103 < d) && (d < 5740)))
+ {
+ printf("test 2 failed, X=%ld.%02ld\n",d/100L,d%100L);
+ err++;
+ }
+ printf("test 2 done\n");
+
+ /* test 3 */
+ for (i=0; i<2; i++)
+ {
+ if (!((2267 < runs[i][0]) && (runs[i][0] < 2733)))
+ {
+ printf("test 3 failed, bit=%d run=%d num=%ld\n",
+ i,1,runs[i][0]);
+ err++;
+ }
+ if (!((1079 < runs[i][1]) && (runs[i][1] < 1421)))
+ {
+ printf("test 3 failed, bit=%d run=%d num=%ld\n",
+ i,2,runs[i][1]);
+ err++;
+ }
+ if (!(( 502 < runs[i][2]) && (runs[i][2] < 748)))
+ {
+ printf("test 3 failed, bit=%d run=%d num=%ld\n",
+ i,3,runs[i][2]);
+ err++;
+ }
+ if (!(( 223 < runs[i][3]) && (runs[i][3] < 402)))
+ {
+ printf("test 3 failed, bit=%d run=%d num=%ld\n",
+ i,4,runs[i][3]);
+ err++;
+ }
+ if (!(( 90 < runs[i][4]) && (runs[i][4] < 223)))
+ {
+ printf("test 3 failed, bit=%d run=%d num=%ld\n",
+ i,5,runs[i][4]);
+ err++;
+ }
+ if (!(( 90 < runs[i][5]) && (runs[i][5] < 223)))
+ {
+ printf("test 3 failed, bit=%d run=%d num=%ld\n",
+ i,6,runs[i][5]);
+ err++;
+ }
+ }
+ printf("test 3 done\n");
+
+ /* test 4 */
+ if (runs[0][33] != 0)
+ {
+ printf("test 4 failed, bit=%d run=%d num=%ld\n",
+ 0,34,runs[0][33]);
+ err++;
+ }
+ if (runs[1][33] != 0)
+ {
+ printf("test 4 failed, bit=%d run=%d num=%ld\n",
+ 1,34,runs[1][33]);
+ err++;
+ }
+ printf("test 4 done\n");
+ err=((err)?1:0);
+ exit(err);
+ return(err);
+ }
diff --git a/src/lib/libssl/src/crypto/rc2/rc2_cbc.c b/src/lib/libssl/src/crypto/rc2/rc2_cbc.c
new file mode 100644
index 0000000000..22e89f0441
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rc2/rc2_cbc.c
@@ -0,0 +1,235 @@
+/* crypto/rc2/rc2_cbc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "rc2.h"
+#include "rc2_locl.h"
+
+void RC2_cbc_encrypt(in, out, length, ks, iv, encrypt)
+unsigned char *in;
+unsigned char *out;
+long length;
+RC2_KEY *ks;
+unsigned char *iv;
+int encrypt;
+ {
+ register unsigned long tin0,tin1;
+ register unsigned long tout0,tout1,xor0,xor1;
+ register long l=length;
+ unsigned long tin[2];
+
+ if (encrypt)
+ {
+ c2l(iv,tout0);
+ c2l(iv,tout1);
+ iv-=8;
+ for (l-=8; l>=0; l-=8)
+ {
+ c2l(in,tin0);
+ c2l(in,tin1);
+ tin0^=tout0;
+ tin1^=tout1;
+ tin[0]=tin0;
+ tin[1]=tin1;
+ RC2_encrypt(tin,ks);
+ tout0=tin[0]; l2c(tout0,out);
+ tout1=tin[1]; l2c(tout1,out);
+ }
+ if (l != -8)
+ {
+ c2ln(in,tin0,tin1,l+8);
+ tin0^=tout0;
+ tin1^=tout1;
+ tin[0]=tin0;
+ tin[1]=tin1;
+ RC2_encrypt(tin,ks);
+ tout0=tin[0]; l2c(tout0,out);
+ tout1=tin[1]; l2c(tout1,out);
+ }
+ l2c(tout0,iv);
+ l2c(tout1,iv);
+ }
+ else
+ {
+ c2l(iv,xor0);
+ c2l(iv,xor1);
+ iv-=8;
+ for (l-=8; l>=0; l-=8)
+ {
+ c2l(in,tin0); tin[0]=tin0;
+ c2l(in,tin1); tin[1]=tin1;
+ RC2_decrypt(tin,ks);
+ tout0=tin[0]^xor0;
+ tout1=tin[1]^xor1;
+ l2c(tout0,out);
+ l2c(tout1,out);
+ xor0=tin0;
+ xor1=tin1;
+ }
+ if (l != -8)
+ {
+ c2l(in,tin0); tin[0]=tin0;
+ c2l(in,tin1); tin[1]=tin1;
+ RC2_decrypt(tin,ks);
+ tout0=tin[0]^xor0;
+ tout1=tin[1]^xor1;
+ l2cn(tout0,tout1,out,l+8);
+ xor0=tin0;
+ xor1=tin1;
+ }
+ l2c(xor0,iv);
+ l2c(xor1,iv);
+ }
+ tin0=tin1=tout0=tout1=xor0=xor1=0;
+ tin[0]=tin[1]=0;
+ }
+
+void RC2_encrypt(d,key)
+unsigned long *d;
+RC2_KEY *key;
+ {
+ int i,n;
+ register RC2_INT *p0,*p1;
+ register RC2_INT x0,x1,x2,x3,t;
+ unsigned long l;
+
+ l=d[0];
+ x0=(RC2_INT)l&0xffff;
+ x1=(RC2_INT)(l>>16L);
+ l=d[1];
+ x2=(RC2_INT)l&0xffff;
+ x3=(RC2_INT)(l>>16L);
+
+ n=3;
+ i=5;
+
+ p0=p1= &(key->data[0]);
+ for (;;)
+ {
+ t=(x0+(x1& ~x3)+(x2&x3)+ *(p0++))&0xffff;
+ x0=(t<<1)|(t>>15);
+ t=(x1+(x2& ~x0)+(x3&x0)+ *(p0++))&0xffff;
+ x1=(t<<2)|(t>>14);
+ t=(x2+(x3& ~x1)+(x0&x1)+ *(p0++))&0xffff;
+ x2=(t<<3)|(t>>13);
+ t=(x3+(x0& ~x2)+(x1&x2)+ *(p0++))&0xffff;
+ x3=(t<<5)|(t>>11);
+
+ if (--i == 0)
+ {
+ if (--n == 0) break;
+ i=(n == 2)?6:5;
+
+ x0+=p1[x3&0x3f];
+ x1+=p1[x0&0x3f];
+ x2+=p1[x1&0x3f];
+ x3+=p1[x2&0x3f];
+ }
+ }
+
+ d[0]=(unsigned long)(x0&0xffff)|((unsigned long)(x1&0xffff)<<16L);
+ d[1]=(unsigned long)(x2&0xffff)|((unsigned long)(x3&0xffff)<<16L);
+ }
+
+void RC2_decrypt(d,key)
+unsigned long *d;
+RC2_KEY *key;
+ {
+ int i,n;
+ register RC2_INT *p0,*p1;
+ register RC2_INT x0,x1,x2,x3,t;
+ unsigned long l;
+
+ l=d[0];
+ x0=(RC2_INT)l&0xffff;
+ x1=(RC2_INT)(l>>16L);
+ l=d[1];
+ x2=(RC2_INT)l&0xffff;
+ x3=(RC2_INT)(l>>16L);
+
+ n=3;
+ i=5;
+
+ p0= &(key->data[63]);
+ p1= &(key->data[0]);
+ for (;;)
+ {
+ t=((x3<<11)|(x3>>5))&0xffff;
+ x3=(t-(x0& ~x2)-(x1&x2)- *(p0--))&0xffff;
+ t=((x2<<13)|(x2>>3))&0xffff;
+ x2=(t-(x3& ~x1)-(x0&x1)- *(p0--))&0xffff;
+ t=((x1<<14)|(x1>>2))&0xffff;
+ x1=(t-(x2& ~x0)-(x3&x0)- *(p0--))&0xffff;
+ t=((x0<<15)|(x0>>1))&0xffff;
+ x0=(t-(x1& ~x3)-(x2&x3)- *(p0--))&0xffff;
+
+ if (--i == 0)
+ {
+ if (--n == 0) break;
+ i=(n == 2)?6:5;
+
+ x3=(x3-p1[x2&0x3f])&0xffff;
+ x2=(x2-p1[x1&0x3f])&0xffff;
+ x1=(x1-p1[x0&0x3f])&0xffff;
+ x0=(x0-p1[x3&0x3f])&0xffff;
+ }
+ }
+
+ d[0]=(unsigned long)(x0&0xffff)|((unsigned long)(x1&0xffff)<<16L);
+ d[1]=(unsigned long)(x2&0xffff)|((unsigned long)(x3&0xffff)<<16L);
+ }
+
diff --git a/src/lib/libssl/src/crypto/rc2/rc2_ecb.c b/src/lib/libssl/src/crypto/rc2/rc2_ecb.c
new file mode 100644
index 0000000000..96239cd4e0
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rc2/rc2_ecb.c
@@ -0,0 +1,90 @@
+/* crypto/rc2/rc2_ecb.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "rc2.h"
+#include "rc2_locl.h"
+
+char *RC2_version="RC2 part of SSLeay 0.9.0b 29-Jun-1998";
+
+/* RC2 as implemented frm a posting from
+ * Newsgroups: sci.crypt
+ * Sender: pgut01@cs.auckland.ac.nz (Peter Gutmann)
+ * Subject: Specification for Ron Rivests Cipher No.2
+ * Message-ID: <4fk39f$f70@net.auckland.ac.nz>
+ * Date: 11 Feb 1996 06:45:03 GMT
+ */
+
+void RC2_ecb_encrypt(in, out, ks, encrypt)
+unsigned char *in;
+unsigned char *out;
+RC2_KEY *ks;
+int encrypt;
+ {
+ unsigned long l,d[2];
+
+ c2l(in,l); d[0]=l;
+ c2l(in,l); d[1]=l;
+ if (encrypt)
+ RC2_encrypt(d,ks);
+ else
+ RC2_decrypt(d,ks);
+ l=d[0]; l2c(l,out);
+ l=d[1]; l2c(l,out);
+ l=d[0]=d[1]=0;
+ }
+
diff --git a/src/lib/libssl/src/crypto/rc2/rc2_locl.h b/src/lib/libssl/src/crypto/rc2/rc2_locl.h
new file mode 100644
index 0000000000..565cd17619
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rc2/rc2_locl.h
@@ -0,0 +1,156 @@
+/* crypto/rc2/rc2_locl.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#undef c2l
+#define c2l(c,l) (l =((unsigned long)(*((c)++))) , \
+ l|=((unsigned long)(*((c)++)))<< 8L, \
+ l|=((unsigned long)(*((c)++)))<<16L, \
+ l|=((unsigned long)(*((c)++)))<<24L)
+
+/* NOTE - c is not incremented as per c2l */
+#undef c2ln
+#define c2ln(c,l1,l2,n) { \
+ c+=n; \
+ l1=l2=0; \
+ switch (n) { \
+ case 8: l2 =((unsigned long)(*(--(c))))<<24L; \
+ case 7: l2|=((unsigned long)(*(--(c))))<<16L; \
+ case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \
+ case 5: l2|=((unsigned long)(*(--(c)))); \
+ case 4: l1 =((unsigned long)(*(--(c))))<<24L; \
+ case 3: l1|=((unsigned long)(*(--(c))))<<16L; \
+ case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \
+ case 1: l1|=((unsigned long)(*(--(c)))); \
+ } \
+ }
+
+#undef l2c
+#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>24L)&0xff))
+
+/* NOTE - c is not incremented as per l2c */
+#undef l2cn
+#define l2cn(l1,l2,c,n) { \
+ c+=n; \
+ switch (n) { \
+ case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
+ case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
+ case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
+ case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
+ case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
+ case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
+ case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
+ case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
+ } \
+ }
+
+/* NOTE - c is not incremented as per n2l */
+#define n2ln(c,l1,l2,n) { \
+ c+=n; \
+ l1=l2=0; \
+ switch (n) { \
+ case 8: l2 =((unsigned long)(*(--(c)))) ; \
+ case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
+ case 6: l2|=((unsigned long)(*(--(c))))<<16; \
+ case 5: l2|=((unsigned long)(*(--(c))))<<24; \
+ case 4: l1 =((unsigned long)(*(--(c)))) ; \
+ case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
+ case 2: l1|=((unsigned long)(*(--(c))))<<16; \
+ case 1: l1|=((unsigned long)(*(--(c))))<<24; \
+ } \
+ }
+
+/* NOTE - c is not incremented as per l2n */
+#define l2nn(l1,l2,c,n) { \
+ c+=n; \
+ switch (n) { \
+ case 8: *(--(c))=(unsigned char)(((l2) )&0xff); \
+ case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
+ case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
+ case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
+ case 4: *(--(c))=(unsigned char)(((l1) )&0xff); \
+ case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
+ case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
+ case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
+ } \
+ }
+
+#undef n2l
+#define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24L, \
+ l|=((unsigned long)(*((c)++)))<<16L, \
+ l|=((unsigned long)(*((c)++)))<< 8L, \
+ l|=((unsigned long)(*((c)++))))
+
+#undef l2n
+#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+ *((c)++)=(unsigned char)(((l) )&0xff))
+
+#define C_RC2(n) \
+ t=(x0+(x1& ~x3)+(x2&x3)+ *(p0++))&0xffff; \
+ x0=(t<<1)|(t>>15); \
+ t=(x1+(x2& ~x0)+(x3&x0)+ *(p0++))&0xffff; \
+ x1=(t<<2)|(t>>14); \
+ t=(x2+(x3& ~x1)+(x0&x1)+ *(p0++))&0xffff; \
+ x2=(t<<3)|(t>>13); \
+ t=(x3+(x0& ~x2)+(x1&x2)+ *(p0++))&0xffff; \
+ x3=(t<<5)|(t>>11);
+
diff --git a/src/lib/libssl/src/crypto/rc2/rc2_skey.c b/src/lib/libssl/src/crypto/rc2/rc2_skey.c
new file mode 100644
index 0000000000..0f1f253395
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rc2/rc2_skey.c
@@ -0,0 +1,142 @@
+/* crypto/rc2/rc2_skey.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "rc2.h"
+#include "rc2_locl.h"
+
+static unsigned char key_table[256]={
+ 0xd9,0x78,0xf9,0xc4,0x19,0xdd,0xb5,0xed,0x28,0xe9,0xfd,0x79,
+ 0x4a,0xa0,0xd8,0x9d,0xc6,0x7e,0x37,0x83,0x2b,0x76,0x53,0x8e,
+ 0x62,0x4c,0x64,0x88,0x44,0x8b,0xfb,0xa2,0x17,0x9a,0x59,0xf5,
+ 0x87,0xb3,0x4f,0x13,0x61,0x45,0x6d,0x8d,0x09,0x81,0x7d,0x32,
+ 0xbd,0x8f,0x40,0xeb,0x86,0xb7,0x7b,0x0b,0xf0,0x95,0x21,0x22,
+ 0x5c,0x6b,0x4e,0x82,0x54,0xd6,0x65,0x93,0xce,0x60,0xb2,0x1c,
+ 0x73,0x56,0xc0,0x14,0xa7,0x8c,0xf1,0xdc,0x12,0x75,0xca,0x1f,
+ 0x3b,0xbe,0xe4,0xd1,0x42,0x3d,0xd4,0x30,0xa3,0x3c,0xb6,0x26,
+ 0x6f,0xbf,0x0e,0xda,0x46,0x69,0x07,0x57,0x27,0xf2,0x1d,0x9b,
+ 0xbc,0x94,0x43,0x03,0xf8,0x11,0xc7,0xf6,0x90,0xef,0x3e,0xe7,
+ 0x06,0xc3,0xd5,0x2f,0xc8,0x66,0x1e,0xd7,0x08,0xe8,0xea,0xde,
+ 0x80,0x52,0xee,0xf7,0x84,0xaa,0x72,0xac,0x35,0x4d,0x6a,0x2a,
+ 0x96,0x1a,0xd2,0x71,0x5a,0x15,0x49,0x74,0x4b,0x9f,0xd0,0x5e,
+ 0x04,0x18,0xa4,0xec,0xc2,0xe0,0x41,0x6e,0x0f,0x51,0xcb,0xcc,
+ 0x24,0x91,0xaf,0x50,0xa1,0xf4,0x70,0x39,0x99,0x7c,0x3a,0x85,
+ 0x23,0xb8,0xb4,0x7a,0xfc,0x02,0x36,0x5b,0x25,0x55,0x97,0x31,
+ 0x2d,0x5d,0xfa,0x98,0xe3,0x8a,0x92,0xae,0x05,0xdf,0x29,0x10,
+ 0x67,0x6c,0xba,0xc9,0xd3,0x00,0xe6,0xcf,0xe1,0x9e,0xa8,0x2c,
+ 0x63,0x16,0x01,0x3f,0x58,0xe2,0x89,0xa9,0x0d,0x38,0x34,0x1b,
+ 0xab,0x33,0xff,0xb0,0xbb,0x48,0x0c,0x5f,0xb9,0xb1,0xcd,0x2e,
+ 0xc5,0xf3,0xdb,0x47,0xe5,0xa5,0x9c,0x77,0x0a,0xa6,0x20,0x68,
+ 0xfe,0x7f,0xc1,0xad,
+ };
+
+/* It has come to my attention that there are 2 versions of the RC2
+ * key schedule. One which is normal, and anther which has a hook to
+ * use a reduced key length.
+ * BSAFE uses the 'retarded' version. What I previously shipped is
+ * the same as specifying 1024 for the 'bits' parameter. Bsafe uses
+ * a version where the bits parameter is the same as len*8 */
+void RC2_set_key(key,len,data,bits)
+RC2_KEY *key;
+int len;
+unsigned char *data;
+int bits;
+ {
+ int i,j;
+ unsigned char *k;
+ RC2_INT *ki;
+ unsigned int c,d;
+
+ k= (unsigned char *)&(key->data[0]);
+ *k=0; /* for if there is a zero length key */
+
+ if (len > 128) len=128;
+ if (bits <= 0) bits=1024;
+ if (bits > 1024) bits=1024;
+
+ for (i=0; i<len; i++)
+ k[i]=data[i];
+
+ /* expand table */
+ d=k[len-1];
+ j=0;
+ for (i=len; i < 128; i++,j++)
+ {
+ d=key_table[(k[j]+d)&0xff];
+ k[i]=d;
+ }
+
+ /* hmm.... key reduction to 'bits' bits */
+
+ j=(bits+7)>>3;
+ i=128-j;
+ c= (0xff>>(-bits & 0x07));
+
+ d=key_table[k[i]&c];
+ k[i]=d;
+ while (i--)
+ {
+ d=key_table[k[i+j]^d];
+ k[i]=d;
+ }
+
+ /* copy from bytes into RC2_INT's */
+ ki= &(key->data[63]);
+ for (i=127; i>=0; i-=2)
+ *(ki--)=((k[i]<<8)|k[i-1])&0xffff;
+ }
+
diff --git a/src/lib/libssl/src/crypto/rc2/rc2cfb64.c b/src/lib/libssl/src/crypto/rc2/rc2cfb64.c
new file mode 100644
index 0000000000..d409fb77e9
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rc2/rc2cfb64.c
@@ -0,0 +1,127 @@
+/* crypto/rc2/rc2cfb64.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "rc2.h"
+#include "rc2_locl.h"
+
+/* The input and output encrypted as though 64bit cfb mode is being
+ * used. The extra state information to record how much of the
+ * 64bit block we have used is contained in *num;
+ */
+
+void RC2_cfb64_encrypt(in, out, length, schedule, ivec, num, encrypt)
+unsigned char *in;
+unsigned char *out;
+long length;
+RC2_KEY *schedule;
+unsigned char *ivec;
+int *num;
+int encrypt;
+ {
+ register unsigned long v0,v1,t;
+ register int n= *num;
+ register long l=length;
+ unsigned long ti[2];
+ unsigned char *iv,c,cc;
+
+ iv=(unsigned char *)ivec;
+ if (encrypt)
+ {
+ while (l--)
+ {
+ if (n == 0)
+ {
+ c2l(iv,v0); ti[0]=v0;
+ c2l(iv,v1); ti[1]=v1;
+ RC2_encrypt((unsigned long *)ti,schedule);
+ iv=(unsigned char *)ivec;
+ t=ti[0]; l2c(t,iv);
+ t=ti[1]; l2c(t,iv);
+ iv=(unsigned char *)ivec;
+ }
+ c= *(in++)^iv[n];
+ *(out++)=c;
+ iv[n]=c;
+ n=(n+1)&0x07;
+ }
+ }
+ else
+ {
+ while (l--)
+ {
+ if (n == 0)
+ {
+ c2l(iv,v0); ti[0]=v0;
+ c2l(iv,v1); ti[1]=v1;
+ RC2_encrypt((unsigned long *)ti,schedule);
+ iv=(unsigned char *)ivec;
+ t=ti[0]; l2c(t,iv);
+ t=ti[1]; l2c(t,iv);
+ iv=(unsigned char *)ivec;
+ }
+ cc= *(in++);
+ c=iv[n];
+ iv[n]=cc;
+ *(out++)=c^cc;
+ n=(n+1)&0x07;
+ }
+ }
+ v0=v1=ti[0]=ti[1]=t=c=cc=0;
+ *num=n;
+ }
+
diff --git a/src/lib/libssl/src/crypto/rc2/rc2ofb64.c b/src/lib/libssl/src/crypto/rc2/rc2ofb64.c
new file mode 100644
index 0000000000..4f09167447
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rc2/rc2ofb64.c
@@ -0,0 +1,115 @@
+/* crypto/rc2/rc2ofb64.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "rc2.h"
+#include "rc2_locl.h"
+
+/* The input and output encrypted as though 64bit ofb mode is being
+ * used. The extra state information to record how much of the
+ * 64bit block we have used is contained in *num;
+ */
+void RC2_ofb64_encrypt(in, out, length, schedule, ivec, num)
+unsigned char *in;
+unsigned char *out;
+long length;
+RC2_KEY *schedule;
+unsigned char *ivec;
+int *num;
+ {
+ register unsigned long v0,v1,t;
+ register int n= *num;
+ register long l=length;
+ unsigned char d[8];
+ register char *dp;
+ unsigned long ti[2];
+ unsigned char *iv;
+ int save=0;
+
+ iv=(unsigned char *)ivec;
+ c2l(iv,v0);
+ c2l(iv,v1);
+ ti[0]=v0;
+ ti[1]=v1;
+ dp=(char *)d;
+ l2c(v0,dp);
+ l2c(v1,dp);
+ while (l--)
+ {
+ if (n == 0)
+ {
+ RC2_encrypt((unsigned long *)ti,schedule);
+ dp=(char *)d;
+ t=ti[0]; l2c(t,dp);
+ t=ti[1]; l2c(t,dp);
+ save++;
+ }
+ *(out++)= *(in++)^d[n];
+ n=(n+1)&0x07;
+ }
+ if (save)
+ {
+ v0=ti[0];
+ v1=ti[1];
+ iv=(unsigned char *)ivec;
+ l2c(v0,iv);
+ l2c(v1,iv);
+ }
+ t=v0=v1=ti[0]=ti[1]=0;
+ *num=n;
+ }
+
diff --git a/src/lib/libssl/src/crypto/rc2/rc2speed.c b/src/lib/libssl/src/crypto/rc2/rc2speed.c
new file mode 100644
index 0000000000..6cd8ea8f27
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rc2/rc2speed.c
@@ -0,0 +1,293 @@
+/* crypto/rc2/rc2speed.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* 11-Sep-92 Andrew Daviel Support for Silicon Graphics IRIX added */
+/* 06-Apr-92 Luke Brennan Support for VMS and add extra signal calls */
+
+#ifndef MSDOS
+#define TIMES
+#endif
+
+#include <stdio.h>
+#ifndef MSDOS
+#include <unistd.h>
+#else
+#include <io.h>
+extern int exit();
+#endif
+#include <signal.h>
+#ifndef VMS
+#ifndef _IRIX
+#include <time.h>
+#endif
+#ifdef TIMES
+#include <sys/types.h>
+#include <sys/times.h>
+#endif
+#else /* VMS */
+#include <types.h>
+struct tms {
+ time_t tms_utime;
+ time_t tms_stime;
+ time_t tms_uchild; /* I dunno... */
+ time_t tms_uchildsys; /* so these names are a guess :-) */
+ }
+#endif
+#ifndef TIMES
+#include <sys/timeb.h>
+#endif
+
+#ifdef sun
+#include <limits.h>
+#include <sys/param.h>
+#endif
+
+#include "rc2.h"
+
+/* The following if from times(3) man page. It may need to be changed */
+#ifndef HZ
+#ifndef CLK_TCK
+#ifndef VMS
+#define HZ 100.0
+#else /* VMS */
+#define HZ 100.0
+#endif
+#else /* CLK_TCK */
+#define HZ ((double)CLK_TCK)
+#endif
+#endif
+
+#define BUFSIZE ((long)1024)
+long run=0;
+
+#ifndef NOPROTO
+double Time_F(int s);
+#else
+double Time_F();
+#endif
+
+#ifdef SIGALRM
+#if defined(__STDC__) || defined(sgi) || defined(_AIX)
+#define SIGRETTYPE void
+#else
+#define SIGRETTYPE int
+#endif
+
+#ifndef NOPROTO
+SIGRETTYPE sig_done(int sig);
+#else
+SIGRETTYPE sig_done();
+#endif
+
+SIGRETTYPE sig_done(sig)
+int sig;
+ {
+ signal(SIGALRM,sig_done);
+ run=0;
+#ifdef LINT
+ sig=sig;
+#endif
+ }
+#endif
+
+#define START 0
+#define STOP 1
+
+double Time_F(s)
+int s;
+ {
+ double ret;
+#ifdef TIMES
+ static struct tms tstart,tend;
+
+ if (s == START)
+ {
+ times(&tstart);
+ return(0);
+ }
+ else
+ {
+ times(&tend);
+ ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
+ return((ret == 0.0)?1e-6:ret);
+ }
+#else /* !times() */
+ static struct timeb tstart,tend;
+ long i;
+
+ if (s == START)
+ {
+ ftime(&tstart);
+ return(0);
+ }
+ else
+ {
+ ftime(&tend);
+ i=(long)tend.millitm-(long)tstart.millitm;
+ ret=((double)(tend.time-tstart.time))+((double)i)/1e3;
+ return((ret == 0.0)?1e-6:ret);
+ }
+#endif
+ }
+
+int main(argc,argv)
+int argc;
+char **argv;
+ {
+ long count;
+ static unsigned char buf[BUFSIZE];
+ static unsigned char key[] ={
+ 0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,
+ 0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10,
+ };
+ RC2_KEY sch;
+ double a,b,c,d;
+#ifndef SIGALRM
+ long ca,cb,cc;
+#endif
+
+#ifndef TIMES
+ printf("To get the most acurate results, try to run this\n");
+ printf("program when this computer is idle.\n");
+#endif
+
+#ifndef SIGALRM
+ printf("First we calculate the approximate speed ...\n");
+ RC2_set_key(&sch,16,key,128);
+ count=10;
+ do {
+ long i;
+ unsigned long data[2];
+
+ count*=2;
+ Time_F(START);
+ for (i=count; i; i--)
+ RC2_encrypt(data,&sch);
+ d=Time_F(STOP);
+ } while (d < 3.0);
+ ca=count/512;
+ cb=count;
+ cc=count*8/BUFSIZE+1;
+ printf("Doing RC2_set_key %ld times\n",ca);
+#define COND(d) (count != (d))
+#define COUNT(d) (d)
+#else
+#define COND(c) (run)
+#define COUNT(d) (count)
+ signal(SIGALRM,sig_done);
+ printf("Doing RC2_set_key for 10 seconds\n");
+ alarm(10);
+#endif
+
+ Time_F(START);
+ for (count=0,run=1; COND(ca); count+=4)
+ {
+ RC2_set_key(&sch,16,key,128);
+ RC2_set_key(&sch,16,key,128);
+ RC2_set_key(&sch,16,key,128);
+ RC2_set_key(&sch,16,key,128);
+ }
+ d=Time_F(STOP);
+ printf("%ld RC2_set_key's in %.2f seconds\n",count,d);
+ a=((double)COUNT(ca))/d;
+
+#ifdef SIGALRM
+ printf("Doing RC2_encrypt's for 10 seconds\n");
+ alarm(10);
+#else
+ printf("Doing RC2_encrypt %ld times\n",cb);
+#endif
+ Time_F(START);
+ for (count=0,run=1; COND(cb); count+=4)
+ {
+ unsigned long data[2];
+
+ RC2_encrypt(data,&sch);
+ RC2_encrypt(data,&sch);
+ RC2_encrypt(data,&sch);
+ RC2_encrypt(data,&sch);
+ }
+ d=Time_F(STOP);
+ printf("%ld RC2_encrypt's in %.2f second\n",count,d);
+ b=((double)COUNT(cb)*8)/d;
+
+#ifdef SIGALRM
+ printf("Doing RC2_cbc_encrypt on %ld byte blocks for 10 seconds\n",
+ BUFSIZE);
+ alarm(10);
+#else
+ printf("Doing RC2_cbc_encrypt %ld times on %ld byte blocks\n",cc,
+ BUFSIZE);
+#endif
+ Time_F(START);
+ for (count=0,run=1; COND(cc); count++)
+ RC2_cbc_encrypt(buf,buf,BUFSIZE,&sch,
+ &(key[0]),RC2_ENCRYPT);
+ d=Time_F(STOP);
+ printf("%ld RC2_cbc_encrypt's of %ld byte blocks in %.2f second\n",
+ count,BUFSIZE,d);
+ c=((double)COUNT(cc)*BUFSIZE)/d;
+
+ printf("RC2 set_key per sec = %12.2f (%9.3fuS)\n",a,1.0e6/a);
+ printf("RC2 raw ecb bytes per sec = %12.2f (%9.3fuS)\n",b,8.0e6/b);
+ printf("RC2 cbc bytes per sec = %12.2f (%9.3fuS)\n",c,8.0e6/c);
+ exit(0);
+#if defined(LINT) || defined(MSDOS)
+ return(0);
+#endif
+ }
diff --git a/src/lib/libssl/src/crypto/rc2/rc2test.c b/src/lib/libssl/src/crypto/rc2/rc2test.c
new file mode 100644
index 0000000000..9d0f8016ec
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rc2/rc2test.c
@@ -0,0 +1,270 @@
+/* crypto/rc2/rc2test.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* This has been a quickly hacked 'ideatest.c'. When I add tests for other
+ * RC2 modes, more of the code will be uncommented. */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include "rc2.h"
+
+unsigned char RC2key[4][16]={
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01},
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
+ 0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,0x0F},
+ };
+
+unsigned char RC2plain[4][8]={
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ };
+
+unsigned char RC2cipher[4][8]={
+ {0x1C,0x19,0x8A,0x83,0x8D,0xF0,0x28,0xB7},
+ {0x21,0x82,0x9C,0x78,0xA9,0xF9,0xC0,0x74},
+ {0x13,0xDB,0x35,0x17,0xD3,0x21,0x86,0x9E},
+ {0x50,0xDC,0x01,0x62,0xBD,0x75,0x7F,0x31},
+ };
+/************/
+#ifdef undef
+unsigned char k[16]={
+ 0x00,0x01,0x00,0x02,0x00,0x03,0x00,0x04,
+ 0x00,0x05,0x00,0x06,0x00,0x07,0x00,0x08};
+
+unsigned char in[8]={0x00,0x00,0x00,0x01,0x00,0x02,0x00,0x03};
+unsigned char c[8]={0x11,0xFB,0xED,0x2B,0x01,0x98,0x6D,0xE5};
+unsigned char out[80];
+
+char *text="Hello to all people out there";
+
+static unsigned char cfb_key[16]={
+ 0xe1,0xf0,0xc3,0xd2,0xa5,0xb4,0x87,0x96,
+ 0x69,0x78,0x4b,0x5a,0x2d,0x3c,0x0f,0x1e,
+ };
+static unsigned char cfb_iv[80]={0x34,0x12,0x78,0x56,0xab,0x90,0xef,0xcd};
+static unsigned char cfb_buf1[40],cfb_buf2[40],cfb_tmp[8];
+#define CFB_TEST_SIZE 24
+static unsigned char plain[CFB_TEST_SIZE]=
+ {
+ 0x4e,0x6f,0x77,0x20,0x69,0x73,
+ 0x20,0x74,0x68,0x65,0x20,0x74,
+ 0x69,0x6d,0x65,0x20,0x66,0x6f,
+ 0x72,0x20,0x61,0x6c,0x6c,0x20
+ };
+static unsigned char cfb_cipher64[CFB_TEST_SIZE]={
+ 0x59,0xD8,0xE2,0x65,0x00,0x58,0x6C,0x3F,
+ 0x2C,0x17,0x25,0xD0,0x1A,0x38,0xB7,0x2A,
+ 0x39,0x61,0x37,0xDC,0x79,0xFB,0x9F,0x45
+
+/* 0xF9,0x78,0x32,0xB5,0x42,0x1A,0x6B,0x38,
+ 0x9A,0x44,0xD6,0x04,0x19,0x43,0xC4,0xD9,
+ 0x3D,0x1E,0xAE,0x47,0xFC,0xCF,0x29,0x0B,*/
+ };
+
+
+#ifndef NOPROTO
+/*static int cfb64_test(unsigned char *cfb_cipher);*/
+static char *pt(unsigned char *p);
+#else
+/*static int cfb64_test(); */
+static char *pt();
+#endif
+
+#endif
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ int i,n,err=0;
+ RC2_KEY key;
+ unsigned char buf[8],buf2[8];
+
+ for (n=0; n<4; n++)
+ {
+ RC2_set_key(&key,16,&(RC2key[n][0]),0 /* or 1024 */);
+
+ RC2_ecb_encrypt(&(RC2plain[n][0]),buf,&key,RC2_ENCRYPT);
+ if (memcmp(&(RC2cipher[n][0]),buf,8) != 0)
+ {
+ printf("ecb rc2 error encrypting\n");
+ printf("got :");
+ for (i=0; i<8; i++)
+ printf("%02X ",buf[i]);
+ printf("\n");
+ printf("expected:");
+ for (i=0; i<8; i++)
+ printf("%02X ",RC2cipher[n][i]);
+ err=20;
+ printf("\n");
+ }
+
+ RC2_ecb_encrypt(buf,buf2,&key,RC2_DECRYPT);
+ if (memcmp(&(RC2plain[n][0]),buf2,8) != 0)
+ {
+ printf("ecb RC2 error decrypting\n");
+ printf("got :");
+ for (i=0; i<8; i++)
+ printf("%02X ",buf[i]);
+ printf("\n");
+ printf("expected:");
+ for (i=0; i<8; i++)
+ printf("%02X ",RC2plain[n][i]);
+ printf("\n");
+ err=3;
+ }
+ }
+
+ if (err == 0) printf("ecb RC2 ok\n");
+#ifdef undef
+ memcpy(iv,k,8);
+ idea_cbc_encrypt((unsigned char *)text,out,strlen(text)+1,&key,iv,1);
+ memcpy(iv,k,8);
+ idea_cbc_encrypt(out,out,8,&dkey,iv,0);
+ idea_cbc_encrypt(&(out[8]),&(out[8]),strlen(text)+1-8,&dkey,iv,0);
+ if (memcmp(text,out,strlen(text)+1) != 0)
+ {
+ printf("cbc idea bad\n");
+ err=4;
+ }
+ else
+ printf("cbc idea ok\n");
+
+ printf("cfb64 idea ");
+ if (cfb64_test(cfb_cipher64))
+ {
+ printf("bad\n");
+ err=5;
+ }
+ else
+ printf("ok\n");
+#endif
+
+ exit(err);
+ return(err);
+ }
+
+#ifdef undef
+static int cfb64_test(cfb_cipher)
+unsigned char *cfb_cipher;
+ {
+ IDEA_KEY_SCHEDULE eks,dks;
+ int err=0,i,n;
+
+ idea_set_encrypt_key(cfb_key,&eks);
+ idea_set_decrypt_key(&eks,&dks);
+ memcpy(cfb_tmp,cfb_iv,8);
+ n=0;
+ idea_cfb64_encrypt(plain,cfb_buf1,(long)12,&eks,
+ cfb_tmp,&n,IDEA_ENCRYPT);
+ idea_cfb64_encrypt(&(plain[12]),&(cfb_buf1[12]),
+ (long)CFB_TEST_SIZE-12,&eks,
+ cfb_tmp,&n,IDEA_ENCRYPT);
+ if (memcmp(cfb_cipher,cfb_buf1,CFB_TEST_SIZE) != 0)
+ {
+ err=1;
+ printf("idea_cfb64_encrypt encrypt error\n");
+ for (i=0; i<CFB_TEST_SIZE; i+=8)
+ printf("%s\n",pt(&(cfb_buf1[i])));
+ }
+ memcpy(cfb_tmp,cfb_iv,8);
+ n=0;
+ idea_cfb64_encrypt(cfb_buf1,cfb_buf2,(long)17,&eks,
+ cfb_tmp,&n,IDEA_DECRYPT);
+ idea_cfb64_encrypt(&(cfb_buf1[17]),&(cfb_buf2[17]),
+ (long)CFB_TEST_SIZE-17,&dks,
+ cfb_tmp,&n,IDEA_DECRYPT);
+ if (memcmp(plain,cfb_buf2,CFB_TEST_SIZE) != 0)
+ {
+ err=1;
+ printf("idea_cfb_encrypt decrypt error\n");
+ for (i=0; i<24; i+=8)
+ printf("%s\n",pt(&(cfb_buf2[i])));
+ }
+ return(err);
+ }
+
+static char *pt(p)
+unsigned char *p;
+ {
+ static char bufs[10][20];
+ static int bnum=0;
+ char *ret;
+ int i;
+ static char *f="0123456789ABCDEF";
+
+ ret= &(bufs[bnum++][0]);
+ bnum%=10;
+ for (i=0; i<8; i++)
+ {
+ ret[i*2]=f[(p[i]>>4)&0xf];
+ ret[i*2+1]=f[p[i]&0xf];
+ }
+ ret[16]='\0';
+ return(ret);
+ }
+
+#endif
diff --git a/src/lib/libssl/src/crypto/rc2/rrc2.doc b/src/lib/libssl/src/crypto/rc2/rrc2.doc
new file mode 100644
index 0000000000..f93ee003d2
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rc2/rrc2.doc
@@ -0,0 +1,219 @@
+>From cygnus.mincom.oz.au!minbne.mincom.oz.au!bunyip.cc.uq.oz.au!munnari.OZ.AU!comp.vuw.ac.nz!waikato!auckland.ac.nz!news Mon Feb 12 18:48:17 EST 1996
+Article 23601 of sci.crypt:
+Path: cygnus.mincom.oz.au!minbne.mincom.oz.au!bunyip.cc.uq.oz.au!munnari.OZ.AU!comp.vuw.ac.nz!waikato!auckland.ac.nz!news
+>From: pgut01@cs.auckland.ac.nz (Peter Gutmann)
+Newsgroups: sci.crypt
+Subject: Specification for Ron Rivests Cipher No.2
+Date: 11 Feb 1996 06:45:03 GMT
+Organization: University of Auckland
+Lines: 203
+Sender: pgut01@cs.auckland.ac.nz (Peter Gutmann)
+Message-ID: <4fk39f$f70@net.auckland.ac.nz>
+NNTP-Posting-Host: cs26.cs.auckland.ac.nz
+X-Newsreader: NN version 6.5.0 #3 (NOV)
+
+
+
+
+ Ron Rivest's Cipher No.2
+ ------------------------
+
+Ron Rivest's Cipher No.2 (hereafter referred to as RRC.2, other people may
+refer to it by other names) is word oriented, operating on a block of 64 bits
+divided into four 16-bit words, with a key table of 64 words. All data units
+are little-endian. This functional description of the algorithm is based in
+the paper "The RC5 Encryption Algorithm" (RC5 is a trademark of RSADSI), using
+the same general layout, terminology, and pseudocode style.
+
+
+Notation and RRC.2 Primitive Operations
+
+RRC.2 uses the following primitive operations:
+
+1. Two's-complement addition of words, denoted by "+". The inverse operation,
+ subtraction, is denoted by "-".
+2. Bitwise exclusive OR, denoted by "^".
+3. Bitwise AND, denoted by "&".
+4. Bitwise NOT, denoted by "~".
+5. A left-rotation of words; the rotation of word x left by y is denoted
+ x <<< y. The inverse operation, right-rotation, is denoted x >>> y.
+
+These operations are directly and efficiently supported by most processors.
+
+
+The RRC.2 Algorithm
+
+RRC.2 consists of three components, a *key expansion* algorithm, an
+*encryption* algorithm, and a *decryption* algorithm.
+
+
+Key Expansion
+
+The purpose of the key-expansion routine is to expand the user's key K to fill
+the expanded key array S, so S resembles an array of random binary words
+determined by the user's secret key K.
+
+Initialising the S-box
+
+RRC.2 uses a single 256-byte S-box derived from the ciphertext contents of
+Beale Cipher No.1 XOR'd with a one-time pad. The Beale Ciphers predate modern
+cryptography by enough time that there should be no concerns about trapdoors
+hidden in the data. They have been published widely, and the S-box can be
+easily recreated from the one-time pad values and the Beale Cipher data taken
+from a standard source. To initialise the S-box:
+
+ for i = 0 to 255 do
+ sBox[ i ] = ( beale[ i ] mod 256 ) ^ pad[ i ]
+
+The contents of Beale Cipher No.1 and the necessary one-time pad are given as
+an appendix at the end of this document. For efficiency, implementors may wish
+to skip the Beale Cipher expansion and store the sBox table directly.
+
+Expanding the Secret Key to 128 Bytes
+
+The secret key is first expanded to fill 128 bytes (64 words). The expansion
+consists of taking the sum of the first and last bytes in the user key, looking
+up the sum (modulo 256) in the S-box, and appending the result to the key. The
+operation is repeated with the second byte and new last byte of the key until
+all 128 bytes have been generated. Note that the following pseudocode treats
+the S array as an array of 128 bytes rather than 64 words.
+
+ for j = 0 to length-1 do
+ S[ j ] = K[ j ]
+ for j = length to 127 do
+ s[ j ] = sBox[ ( S[ j-length ] + S[ j-1 ] ) mod 256 ];
+
+At this point it is possible to perform a truncation of the effective key
+length to ease the creation of espionage-enabled software products. However
+since the author cannot conceive why anyone would want to do this, it will not
+be considered further.
+
+The final phase of the key expansion involves replacing the first byte of S
+with the entry selected from the S-box:
+
+ S[ 0 ] = sBox[ S[ 0 ] ]
+
+
+Encryption
+
+The cipher has 16 full rounds, each divided into 4 subrounds. Two of the full
+rounds perform an additional transformation on the data. Note that the
+following pseudocode treats the S array as an array of 64 words rather than 128
+bytes.
+
+ for i = 0 to 15 do
+ j = i * 4;
+ word0 = ( word0 + ( word1 & ~word3 ) + ( word2 & word3 ) + S[ j+0 ] ) <<< 1
+ word1 = ( word1 + ( word2 & ~word0 ) + ( word3 & word0 ) + S[ j+1 ] ) <<< 2
+ word2 = ( word2 + ( word3 & ~word1 ) + ( word0 & word1 ) + S[ j+2 ] ) <<< 3
+ word3 = ( word3 + ( word0 & ~word2 ) + ( word1 & word2 ) + S[ j+3 ] ) <<< 5
+
+In addition the fifth and eleventh rounds add the contents of the S-box indexed
+by one of the data words to another of the data words following the four
+subrounds as follows:
+
+ word0 = word0 + S[ word3 & 63 ];
+ word1 = word1 + S[ word0 & 63 ];
+ word2 = word2 + S[ word1 & 63 ];
+ word3 = word3 + S[ word2 & 63 ];
+
+
+Decryption
+
+The decryption operation is simply the inverse of the encryption operation.
+Note that the following pseudocode treats the S array as an array of 64 words
+rather than 128 bytes.
+
+ for i = 15 downto 0 do
+ j = i * 4;
+ word3 = ( word3 >>> 5 ) - ( word0 & ~word2 ) - ( word1 & word2 ) - S[ j+3 ]
+ word2 = ( word2 >>> 3 ) - ( word3 & ~word1 ) - ( word0 & word1 ) - S[ j+2 ]
+ word1 = ( word1 >>> 2 ) - ( word2 & ~word0 ) - ( word3 & word0 ) - S[ j+1 ]
+ word0 = ( word0 >>> 1 ) - ( word1 & ~word3 ) - ( word2 & word3 ) - S[ j+0 ]
+
+In addition the fifth and eleventh rounds subtract the contents of the S-box
+indexed by one of the data words from another one of the data words following
+the four subrounds as follows:
+
+ word3 = word3 - S[ word2 & 63 ]
+ word2 = word2 - S[ word1 & 63 ]
+ word1 = word1 - S[ word0 & 63 ]
+ word0 = word0 - S[ word3 & 63 ]
+
+
+Test Vectors
+
+The following test vectors may be used to test the correctness of an RRC.2
+implementation:
+
+ Key: 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+ Plain: 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+ Cipher: 0x1C, 0x19, 0x8A, 0x83, 0x8D, 0xF0, 0x28, 0xB7
+
+ Key: 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01
+ Plain: 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+ Cipher: 0x21, 0x82, 0x9C, 0x78, 0xA9, 0xF9, 0xC0, 0x74
+
+ Key: 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+ Plain: 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
+ Cipher: 0x13, 0xDB, 0x35, 0x17, 0xD3, 0x21, 0x86, 0x9E
+
+ Key: 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
+ Plain: 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+ Cipher: 0x50, 0xDC, 0x01, 0x62, 0xBD, 0x75, 0x7F, 0x31
+
+
+Appendix: Beale Cipher No.1, "The Locality of the Vault", and One-time Pad for
+ Creating the S-Box
+
+Beale Cipher No.1.
+
+ 71, 194, 38,1701, 89, 76, 11, 83,1629, 48, 94, 63, 132, 16, 111, 95,
+ 84, 341, 975, 14, 40, 64, 27, 81, 139, 213, 63, 90,1120, 8, 15, 3,
+ 126,2018, 40, 74, 758, 485, 604, 230, 436, 664, 582, 150, 251, 284, 308, 231,
+ 124, 211, 486, 225, 401, 370, 11, 101, 305, 139, 189, 17, 33, 88, 208, 193,
+ 145, 1, 94, 73, 416, 918, 263, 28, 500, 538, 356, 117, 136, 219, 27, 176,
+ 130, 10, 460, 25, 485, 18, 436, 65, 84, 200, 283, 118, 320, 138, 36, 416,
+ 280, 15, 71, 224, 961, 44, 16, 401, 39, 88, 61, 304, 12, 21, 24, 283,
+ 134, 92, 63, 246, 486, 682, 7, 219, 184, 360, 780, 18, 64, 463, 474, 131,
+ 160, 79, 73, 440, 95, 18, 64, 581, 34, 69, 128, 367, 460, 17, 81, 12,
+ 103, 820, 62, 110, 97, 103, 862, 70, 60,1317, 471, 540, 208, 121, 890, 346,
+ 36, 150, 59, 568, 614, 13, 120, 63, 219, 812,2160,1780, 99, 35, 18, 21,
+ 136, 872, 15, 28, 170, 88, 4, 30, 44, 112, 18, 147, 436, 195, 320, 37,
+ 122, 113, 6, 140, 8, 120, 305, 42, 58, 461, 44, 106, 301, 13, 408, 680,
+ 93, 86, 116, 530, 82, 568, 9, 102, 38, 416, 89, 71, 216, 728, 965, 818,
+ 2, 38, 121, 195, 14, 326, 148, 234, 18, 55, 131, 234, 361, 824, 5, 81,
+ 623, 48, 961, 19, 26, 33, 10,1101, 365, 92, 88, 181, 275, 346, 201, 206
+
+One-time Pad.
+
+ 158, 186, 223, 97, 64, 145, 190, 190, 117, 217, 163, 70, 206, 176, 183, 194,
+ 146, 43, 248, 141, 3, 54, 72, 223, 233, 153, 91, 210, 36, 131, 244, 161,
+ 105, 120, 113, 191, 113, 86, 19, 245, 213, 221, 43, 27, 242, 157, 73, 213,
+ 193, 92, 166, 10, 23, 197, 112, 110, 193, 30, 156, 51, 125, 51, 158, 67,
+ 197, 215, 59, 218, 110, 246, 181, 0, 135, 76, 164, 97, 47, 87, 234, 108,
+ 144, 127, 6, 6, 222, 172, 80, 144, 22, 245, 207, 70, 227, 182, 146, 134,
+ 119, 176, 73, 58, 135, 69, 23, 198, 0, 170, 32, 171, 176, 129, 91, 24,
+ 126, 77, 248, 0, 118, 69, 57, 60, 190, 171, 217, 61, 136, 169, 196, 84,
+ 168, 167, 163, 102, 223, 64, 174, 178, 166, 239, 242, 195, 249, 92, 59, 38,
+ 241, 46, 236, 31, 59, 114, 23, 50, 119, 186, 7, 66, 212, 97, 222, 182,
+ 230, 118, 122, 86, 105, 92, 179, 243, 255, 189, 223, 164, 194, 215, 98, 44,
+ 17, 20, 53, 153, 137, 224, 176, 100, 208, 114, 36, 200, 145, 150, 215, 20,
+ 87, 44, 252, 20, 235, 242, 163, 132, 63, 18, 5, 122, 74, 97, 34, 97,
+ 142, 86, 146, 221, 179, 166, 161, 74, 69, 182, 88, 120, 128, 58, 76, 155,
+ 15, 30, 77, 216, 165, 117, 107, 90, 169, 127, 143, 181, 208, 137, 200, 127,
+ 170, 195, 26, 84, 255, 132, 150, 58, 103, 250, 120, 221, 237, 37, 8, 99
+
+
+Implementation
+
+A non-US based programmer who has never seen any encryption code before will
+shortly be implementing RRC.2 based solely on this specification and not on
+knowledge of any other encryption algorithms. Stand by.
+
+
+
diff --git a/src/lib/libssl/src/crypto/rc2/version b/src/lib/libssl/src/crypto/rc2/version
new file mode 100644
index 0000000000..6f89d595f1
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rc2/version
@@ -0,0 +1,22 @@
+1.1 23/08/96 - eay
+ Changed RC2_set_key() so it now takes another argument. Many
+ thanks to Peter Gutmann <pgut01@cs.auckland.ac.nz> for the
+ clarification and origional specification of RC2. BSAFE uses
+ this last parameter, 'bits'. It the key is 128 bits, BSAFE
+ also sets this parameter to 128. The old behaviour can be
+ duplicated by setting this parameter to 1024.
+
+1.0 08/04/96 - eay
+ First version of SSLeay with rc2. This has been written from the spec
+ posted sci.crypt. It is in this directory under rrc2.doc
+ I have no test values for any mode other than ecb, my wrappers for the
+ other modes should be ok since they are basically the same as
+ the ones taken from idea and des :-). I have implemented them as
+ little-endian operators.
+ While rc2 is included because it is used with SSL, I don't know how
+ far I trust it. It is about the same speed as IDEA and DES.
+ So if you are paranoid, used Tripple DES, else IDEA. If RC2
+ does get used more, perhaps more people will look for weaknesses in
+ it.
+
+
diff --git a/src/lib/libssl/src/crypto/rc4/asm/rc4-586.pl b/src/lib/libssl/src/crypto/rc4/asm/rc4-586.pl
new file mode 100644
index 0000000000..0dd8eb1ba9
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rc4/asm/rc4-586.pl
@@ -0,0 +1,173 @@
+#!/usr/bin/perl
+
+# define for pentium pro friendly version
+
+push(@INC,"perlasm","../../perlasm");
+require "x86asm.pl";
+
+&asm_init($ARGV[0],"rc4-586.pl");
+
+$tx="eax";
+$ty="ebx";
+$x="ecx";
+$y="edx";
+$in="esi";
+$out="edi";
+$d="ebp";
+
+&RC4("RC4");
+
+&asm_finish();
+
+sub RC4_loop
+ {
+ local($n,$p,$char)=@_;
+
+ &comment("Round $n");
+
+ if ($char)
+ {
+ if ($p >= 0)
+ {
+ &mov($ty, &swtmp(2));
+ &cmp($ty, $in);
+ &jle(&label("finished"));
+ &inc($in);
+ }
+ else
+ {
+ &add($ty, 8);
+ &inc($in);
+ &cmp($ty, $in);
+ &jl(&label("finished"));
+ &mov(&swtmp(2), $ty);
+ }
+ }
+ # Moved out
+ # &mov( $tx, &DWP(0,$d,$x,4)) if $p < 0;
+
+ &add( $y, $tx);
+ &and( $y, 0xff);
+ &inc( $x); # NEXT ROUND
+ &mov( $ty, &DWP(0,$d,$y,4));
+ # XXX
+ &mov( &DWP(-4,$d,$x,4),$ty); # AGI
+ &add( $ty, $tx);
+ &and( $x, 0xff); # NEXT ROUND
+ &and( $ty, 0xff);
+ &mov( &DWP(0,$d,$y,4),$tx);
+ &nop();
+ &mov( $ty, &DWP(0,$d,$ty,4));
+ &mov( $tx, &DWP(0,$d,$x,4)) if $p < 1; # NEXT ROUND
+ # XXX
+
+ if (!$char)
+ {
+ #moved up into last round
+ if ($p >= 1)
+ {
+ &add( $out, 8)
+ }
+ &movb( &BP($n,"esp","",0), &LB($ty));
+ }
+ else
+ {
+ # Note in+=8 has occured
+ &movb( &HB($ty), &BP(-1,$in,"",0));
+ # XXX
+ &xorb(&LB($ty), &HB($ty));
+ # XXX
+ &movb(&BP($n,$out,"",0),&LB($ty));
+ }
+ }
+
+
+sub RC4
+ {
+ local($name)=@_;
+
+ &function_begin_B($name,"");
+
+ &comment("");
+
+ &push("ebp");
+ &push("ebx");
+ &mov( $d, &wparam(0)); # key
+ &mov( $ty, &wparam(1)); # num
+ &push("esi");
+ &push("edi");
+
+ &mov( $x, &DWP(0,$d,"",1));
+ &mov( $y, &DWP(4,$d,"",1));
+
+ &mov( $in, &wparam(2));
+ &inc( $x);
+
+ &stack_push(3); # 3 temp variables
+ &add( $d, 8);
+ &and( $x, 0xff);
+
+ &lea( $ty, &DWP(-8,$ty,$in));
+
+ # check for 0 length input
+
+ &mov( $out, &wparam(3));
+ &mov( &swtmp(2), $ty); # this is now address to exit at
+ &mov( $tx, &DWP(0,$d,$x,4));
+
+ &cmp( $ty, $in);
+ &jl( &label("end")); # less than 8 bytes
+
+ &set_label("start");
+
+ # filling DELAY SLOT
+ &add( $in, 8);
+
+ &RC4_loop(0,-1,0);
+ &RC4_loop(1,0,0);
+ &RC4_loop(2,0,0);
+ &RC4_loop(3,0,0);
+ &RC4_loop(4,0,0);
+ &RC4_loop(5,0,0);
+ &RC4_loop(6,0,0);
+ &RC4_loop(7,1,0);
+
+ &comment("apply the cipher text");
+ # xor the cipher data with input
+
+ #&add( $out, 8); #moved up into last round
+
+ &mov( $tx, &swtmp(0));
+ &mov( $ty, &DWP(-8,$in,"",0));
+ &xor( $tx, $ty);
+ &mov( $ty, &DWP(-4,$in,"",0));
+ &mov( &DWP(-8,$out,"",0), $tx);
+ &mov( $tx, &swtmp(1));
+ &xor( $tx, $ty);
+ &mov( $ty, &swtmp(2)); # load end ptr;
+ &mov( &DWP(-4,$out,"",0), $tx);
+ &mov( $tx, &DWP(0,$d,$x,4));
+ &cmp($in, $ty);
+ &jle(&label("start"));
+
+ &set_label("end");
+
+ # There is quite a bit of extra crap in RC4_loop() for this
+ # first round
+ &RC4_loop(0,-1,1);
+ &RC4_loop(1,0,1);
+ &RC4_loop(2,0,1);
+ &RC4_loop(3,0,1);
+ &RC4_loop(4,0,1);
+ &RC4_loop(5,0,1);
+ &RC4_loop(6,1,1);
+
+ &set_label("finished");
+ &dec( $x);
+ &stack_pop(3);
+ &mov( &DWP(-4,$d,"",0),$y);
+ &movb( &BP(-8,$d,"",0),&LB($x));
+
+ &function_end($name);
+ }
+
diff --git a/src/lib/libssl/src/crypto/rc4/rc4.c b/src/lib/libssl/src/crypto/rc4/rc4.c
new file mode 100644
index 0000000000..127e8a5093
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rc4/rc4.c
@@ -0,0 +1,194 @@
+/* crypto/rc4/rc4.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "rc4.h"
+
+char *usage[]={
+"usage: rc4 args\n",
+"\n",
+" -in arg - input file - default stdin\n",
+" -out arg - output file - default stdout\n",
+" -key key - password\n",
+NULL
+};
+
+int main(argc, argv)
+int argc;
+char *argv[];
+ {
+ FILE *in=NULL,*out=NULL;
+ char *infile=NULL,*outfile=NULL,*keystr=NULL;
+ RC4_KEY key;
+ char buf[BUFSIZ];
+ int badops=0,i;
+ char **pp;
+ unsigned char md[MD5_DIGEST_LENGTH];
+
+ argc--;
+ argv++;
+ while (argc >= 1)
+ {
+ if (strcmp(*argv,"-in") == 0)
+ {
+ if (--argc < 1) goto bad;
+ infile= *(++argv);
+ }
+ else if (strcmp(*argv,"-out") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-key") == 0)
+ {
+ if (--argc < 1) goto bad;
+ keystr= *(++argv);
+ }
+ else
+ {
+ fprintf(stderr,"unknown option %s\n",*argv);
+ badops=1;
+ break;
+ }
+ argc--;
+ argv++;
+ }
+
+ if (badops)
+ {
+bad:
+ for (pp=usage; (*pp != NULL); pp++)
+ fprintf(stderr,*pp);
+ exit(1);
+ }
+
+ if (infile == NULL)
+ in=stdin;
+ else
+ {
+ in=fopen(infile,"r");
+ if (in == NULL)
+ {
+ perror("open");
+ exit(1);
+ }
+
+ }
+ if (outfile == NULL)
+ out=stdout;
+ else
+ {
+ out=fopen(outfile,"w");
+ if (out == NULL)
+ {
+ perror("open");
+ exit(1);
+ }
+ }
+
+#ifdef MSDOS
+ /* This should set the file to binary mode. */
+ {
+#include <fcntl.h>
+ setmode(fileno(in),O_BINARY);
+ setmode(fileno(out),O_BINARY);
+ }
+#endif
+
+ if (keystr == NULL)
+ { /* get key */
+ i=EVP_read_pw_string(buf,BUFSIZ,"Enter RC4 password:",0);
+ if (i != 0)
+ {
+ memset(buf,0,BUFSIZ);
+ fprintf(stderr,"bad password read\n");
+ exit(1);
+ }
+ keystr=buf;
+ }
+
+ MD5((unsigned char *)keystr,(unsigned long)strlen(keystr),md);
+ memset(keystr,0,strlen(keystr));
+ RC4_set_key(&key,MD5_DIGEST_LENGTH,md);
+
+ for(;;)
+ {
+ i=fread(buf,1,BUFSIZ,in);
+ if (i == 0) break;
+ if (i < 0)
+ {
+ perror("read");
+ exit(1);
+ }
+ RC4(&key,(unsigned int)i,(unsigned char *)buf,
+ (unsigned char *)buf);
+ i=fwrite(buf,(unsigned int)i,1,out);
+ if (i != 1)
+ {
+ perror("write");
+ exit(1);
+ }
+ }
+ fclose(out);
+ fclose(in);
+ exit(0);
+ return(1);
+ }
+
diff --git a/src/lib/libssl/src/crypto/rc4/rc4_enc.c b/src/lib/libssl/src/crypto/rc4/rc4_enc.c
new file mode 100644
index 0000000000..ab8a111b52
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rc4/rc4_enc.c
@@ -0,0 +1,135 @@
+/* crypto/rc4/rc4_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "rc4.h"
+#include "rc4_locl.h"
+
+/* RC4 as implemented from a posting from
+ * Newsgroups: sci.crypt
+ * From: sterndark@netcom.com (David Sterndark)
+ * Subject: RC4 Algorithm revealed.
+ * Message-ID: <sternCvKL4B.Hyy@netcom.com>
+ * Date: Wed, 14 Sep 1994 06:35:31 GMT
+ */
+
+void RC4(key, len, indata, outdata)
+RC4_KEY *key;
+unsigned long len;
+unsigned char *indata;
+unsigned char *outdata;
+ {
+ register RC4_INT *d;
+ register RC4_INT x,y,tx,ty;
+ int i;
+
+ x=key->x;
+ y=key->y;
+ d=key->data;
+
+#define LOOP(in,out) \
+ x=((x+1)&0xff); \
+ tx=d[x]; \
+ y=(tx+y)&0xff; \
+ d[x]=ty=d[y]; \
+ d[y]=tx; \
+ (out) = d[(tx+ty)&0xff]^ (in);
+
+#ifndef RC4_INDEX
+#define RC4_LOOP(a,b,i) LOOP(*((a)++),*((b)++))
+#else
+#define RC4_LOOP(a,b,i) LOOP(a[i],b[i])
+#endif
+
+ i= -(int)len;
+ i=(int)(len>>3L);
+ if (i)
+ {
+ for (;;)
+ {
+ RC4_LOOP(indata,outdata,0);
+ RC4_LOOP(indata,outdata,1);
+ RC4_LOOP(indata,outdata,2);
+ RC4_LOOP(indata,outdata,3);
+ RC4_LOOP(indata,outdata,4);
+ RC4_LOOP(indata,outdata,5);
+ RC4_LOOP(indata,outdata,6);
+ RC4_LOOP(indata,outdata,7);
+#ifdef RC4_INDEX
+ indata+=8;
+ outdata+=8;
+#endif
+ if (--i == 0) break;
+ }
+ }
+ i=(int)len&0x07;
+ if (i)
+ {
+ for (;;)
+ {
+ RC4_LOOP(indata,outdata,0); if (--i == 0) break;
+ RC4_LOOP(indata,outdata,1); if (--i == 0) break;
+ RC4_LOOP(indata,outdata,2); if (--i == 0) break;
+ RC4_LOOP(indata,outdata,3); if (--i == 0) break;
+ RC4_LOOP(indata,outdata,4); if (--i == 0) break;
+ RC4_LOOP(indata,outdata,5); if (--i == 0) break;
+ RC4_LOOP(indata,outdata,6); if (--i == 0) break;
+ }
+ }
+ key->x=x;
+ key->y=y;
+ }
diff --git a/src/lib/libssl/src/crypto/rc4/rc4_skey.c b/src/lib/libssl/src/crypto/rc4/rc4_skey.c
new file mode 100644
index 0000000000..0be5fde67b
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rc4/rc4_skey.c
@@ -0,0 +1,119 @@
+/* crypto/rc4/rc4_skey.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "rc4.h"
+#include "rc4_locl.h"
+
+char *RC4_version="RC4 part of SSLeay 0.9.0b 29-Jun-1998";
+
+char *RC4_options()
+ {
+#ifdef RC4_INDEX
+ if (sizeof(RC4_INT) == 1)
+ return("rc4(idx,char)");
+ else
+ return("rc4(idx,int)");
+#else
+ if (sizeof(RC4_INT) == 1)
+ return("rc4(ptr,char)");
+ else
+ return("rc4(ptr,int)");
+#endif
+ }
+
+/* RC4 as implemented from a posting from
+ * Newsgroups: sci.crypt
+ * From: sterndark@netcom.com (David Sterndark)
+ * Subject: RC4 Algorithm revealed.
+ * Message-ID: <sternCvKL4B.Hyy@netcom.com>
+ * Date: Wed, 14 Sep 1994 06:35:31 GMT
+ */
+
+void RC4_set_key(key, len, data)
+RC4_KEY *key;
+int len;
+register unsigned char *data;
+ {
+ register RC4_INT tmp;
+ register int id1,id2;
+ register RC4_INT *d;
+ unsigned int i;
+
+ d= &(key->data[0]);
+ for (i=0; i<256; i++)
+ d[i]=i;
+ key->x = 0;
+ key->y = 0;
+ id1=id2=0;
+
+#define SK_LOOP(n) { \
+ tmp=d[(n)]; \
+ id2 = (data[id1] + tmp + id2) & 0xff; \
+ if (++id1 == len) id1=0; \
+ d[(n)]=d[id2]; \
+ d[id2]=tmp; }
+
+ for (i=0; i < 256; i+=4)
+ {
+ SK_LOOP(i+0);
+ SK_LOOP(i+1);
+ SK_LOOP(i+2);
+ SK_LOOP(i+3);
+ }
+ }
+
diff --git a/src/lib/libssl/src/crypto/rc4/rc4s.cpp b/src/lib/libssl/src/crypto/rc4/rc4s.cpp
new file mode 100644
index 0000000000..39f1727dd3
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rc4/rc4s.cpp
@@ -0,0 +1,73 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+ asm volatile(".byte 15, 49\n\t"
+ : "=eax" (tsc)
+ :
+ : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+ unsigned long a;
+ __asm _emit 0fh
+ __asm _emit 31h
+ __asm mov a, eax;
+ tsc=a;
+}
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "rc4.h"
+
+void main(int argc,char *argv[])
+ {
+ unsigned char buffer[1024];
+ RC4_KEY ctx;
+ unsigned long s1,s2,e1,e2;
+ unsigned char k[16];
+ unsigned long data[2];
+ unsigned char iv[8];
+ int i,num=64,numm;
+ int j=0;
+
+ if (argc >= 2)
+ num=atoi(argv[1]);
+
+ if (num == 0) num=256;
+ if (num > 1024-16) num=1024-16;
+ numm=num+8;
+
+ for (j=0; j<6; j++)
+ {
+ for (i=0; i<10; i++) /**/
+ {
+ RC4(&ctx,numm,buffer,buffer);
+ GetTSC(s1);
+ RC4(&ctx,numm,buffer,buffer);
+ GetTSC(e1);
+ GetTSC(s2);
+ RC4(&ctx,num,buffer,buffer);
+ GetTSC(e2);
+ RC4(&ctx,num,buffer,buffer);
+ }
+
+ printf("RC4 (%d bytes) %d %d (%d) - 8 bytes\n",num,
+ e1-s1,e2-s2,(e1-s1)-(e2-s2));
+ }
+ }
+
diff --git a/src/lib/libssl/src/crypto/rc4/rc4speed.c b/src/lib/libssl/src/crypto/rc4/rc4speed.c
new file mode 100644
index 0000000000..5298dad6d0
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rc4/rc4speed.c
@@ -0,0 +1,269 @@
+/* crypto/rc4/rc4speed.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* 11-Sep-92 Andrew Daviel Support for Silicon Graphics IRIX added */
+/* 06-Apr-92 Luke Brennan Support for VMS and add extra signal calls */
+
+#ifndef MSDOS
+#define TIMES
+#endif
+
+#include <stdio.h>
+#ifndef MSDOS
+#include <unistd.h>
+#else
+#include <io.h>
+extern int exit();
+#endif
+#include <signal.h>
+#ifndef VMS
+#ifndef _IRIX
+#include <time.h>
+#endif
+#ifdef TIMES
+#include <sys/types.h>
+#include <sys/times.h>
+#endif
+#else /* VMS */
+#include <types.h>
+struct tms {
+ time_t tms_utime;
+ time_t tms_stime;
+ time_t tms_uchild; /* I dunno... */
+ time_t tms_uchildsys; /* so these names are a guess :-) */
+ }
+#endif
+#ifndef TIMES
+#include <sys/timeb.h>
+#endif
+
+#ifdef sun
+#include <limits.h>
+#include <sys/param.h>
+#endif
+
+#include "rc4.h"
+
+/* The following if from times(3) man page. It may need to be changed */
+#ifndef HZ
+#ifndef CLK_TCK
+#ifndef VMS
+#define HZ 100.0
+#else /* VMS */
+#define HZ 100.0
+#endif
+#else /* CLK_TCK */
+#define HZ ((double)CLK_TCK)
+#endif
+#endif
+
+#define BUFSIZE ((long)1024)
+long run=0;
+
+#ifndef NOPROTO
+double Time_F(int s);
+#else
+double Time_F();
+#endif
+
+#ifdef SIGALRM
+#if defined(__STDC__) || defined(sgi) || defined(_AIX)
+#define SIGRETTYPE void
+#else
+#define SIGRETTYPE int
+#endif
+
+#ifndef NOPROTO
+SIGRETTYPE sig_done(int sig);
+#else
+SIGRETTYPE sig_done();
+#endif
+
+SIGRETTYPE sig_done(sig)
+int sig;
+ {
+ signal(SIGALRM,sig_done);
+ run=0;
+#ifdef LINT
+ sig=sig;
+#endif
+ }
+#endif
+
+#define START 0
+#define STOP 1
+
+double Time_F(s)
+int s;
+ {
+ double ret;
+#ifdef TIMES
+ static struct tms tstart,tend;
+
+ if (s == START)
+ {
+ times(&tstart);
+ return(0);
+ }
+ else
+ {
+ times(&tend);
+ ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
+ return((ret == 0.0)?1e-6:ret);
+ }
+#else /* !times() */
+ static struct timeb tstart,tend;
+ long i;
+
+ if (s == START)
+ {
+ ftime(&tstart);
+ return(0);
+ }
+ else
+ {
+ ftime(&tend);
+ i=(long)tend.millitm-(long)tstart.millitm;
+ ret=((double)(tend.time-tstart.time))+((double)i)/1e3;
+ return((ret == 0.0)?1e-6:ret);
+ }
+#endif
+ }
+
+int main(argc,argv)
+int argc;
+char **argv;
+ {
+ long count;
+ static unsigned char buf[BUFSIZE];
+ static unsigned char key[] ={
+ 0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,
+ 0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10,
+ };
+ RC4_KEY sch;
+ double a,b,c,d;
+#ifndef SIGALRM
+ long ca,cb,cc;
+#endif
+
+#ifndef TIMES
+ printf("To get the most acurate results, try to run this\n");
+ printf("program when this computer is idle.\n");
+#endif
+
+#ifndef SIGALRM
+ printf("First we calculate the approximate speed ...\n");
+ RC4_set_key(&sch,16,key);
+ count=10;
+ do {
+ long i;
+ unsigned long data[2];
+
+ count*=2;
+ Time_F(START);
+ for (i=count; i; i--)
+ RC4(&sch,8,buf,buf);
+ d=Time_F(STOP);
+ } while (d < 3.0);
+ ca=count/512;
+ cc=count*8/BUFSIZE+1;
+ printf("Doing RC4_set_key %ld times\n",ca);
+#define COND(d) (count != (d))
+#define COUNT(d) (d)
+#else
+#define COND(c) (run)
+#define COUNT(d) (count)
+ signal(SIGALRM,sig_done);
+ printf("Doing RC4_set_key for 10 seconds\n");
+ alarm(10);
+#endif
+
+ Time_F(START);
+ for (count=0,run=1; COND(ca); count+=4)
+ {
+ RC4_set_key(&sch,16,key);
+ RC4_set_key(&sch,16,key);
+ RC4_set_key(&sch,16,key);
+ RC4_set_key(&sch,16,key);
+ }
+ d=Time_F(STOP);
+ printf("%ld RC4_set_key's in %.2f seconds\n",count,d);
+ a=((double)COUNT(ca))/d;
+
+#ifdef SIGALRM
+ printf("Doing RC4 on %ld byte blocks for 10 seconds\n",BUFSIZE);
+ alarm(10);
+#else
+ printf("Doing RC4 %ld times on %ld byte blocks\n",cc,BUFSIZE);
+#endif
+ Time_F(START);
+ for (count=0,run=1; COND(cc); count++)
+ RC4(&sch,BUFSIZE,buf,buf);
+ d=Time_F(STOP);
+ printf("%ld RC4's of %ld byte blocks in %.2f second\n",
+ count,BUFSIZE,d);
+ c=((double)COUNT(cc)*BUFSIZE)/d;
+
+ printf("RC4 set_key per sec = %12.2f (%9.3fuS)\n",a,1.0e6/a);
+ printf("RC4 bytes per sec = %12.2f (%9.3fuS)\n",c,8.0e6/c);
+ exit(0);
+#if defined(LINT) || defined(MSDOS)
+ return(0);
+#endif
+ }
+
diff --git a/src/lib/libssl/src/crypto/rc4/rc4test.c b/src/lib/libssl/src/crypto/rc4/rc4test.c
new file mode 100644
index 0000000000..041e1aff95
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rc4/rc4test.c
@@ -0,0 +1,195 @@
+/* crypto/rc4/rc4test.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "rc4.h"
+
+unsigned char keys[7][30]={
+ {8,0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef},
+ {8,0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef},
+ {8,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {4,0xef,0x01,0x23,0x45},
+ {8,0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef},
+ {4,0xef,0x01,0x23,0x45},
+ };
+
+unsigned char data_len[7]={8,8,8,20,28,10};
+unsigned char data[7][30]={
+ {0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,0xff},
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff},
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff},
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+ 0x00,0x00,0x00,0x00,0xff},
+ {0x12,0x34,0x56,0x78,0x9A,0xBC,0xDE,0xF0,
+ 0x12,0x34,0x56,0x78,0x9A,0xBC,0xDE,0xF0,
+ 0x12,0x34,0x56,0x78,0x9A,0xBC,0xDE,0xF0,
+ 0x12,0x34,0x56,0x78,0xff},
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xff},
+ {0},
+ };
+
+unsigned char output[7][30]={
+ {0x75,0xb7,0x87,0x80,0x99,0xe0,0xc5,0x96,0x00},
+ {0x74,0x94,0xc2,0xe7,0x10,0x4b,0x08,0x79,0x00},
+ {0xde,0x18,0x89,0x41,0xa3,0x37,0x5d,0x3a,0x00},
+ {0xd6,0xa1,0x41,0xa7,0xec,0x3c,0x38,0xdf,
+ 0xbd,0x61,0x5a,0x11,0x62,0xe1,0xc7,0xba,
+ 0x36,0xb6,0x78,0x58,0x00},
+ {0x66,0xa0,0x94,0x9f,0x8a,0xf7,0xd6,0x89,
+ 0x1f,0x7f,0x83,0x2b,0xa8,0x33,0xc0,0x0c,
+ 0x89,0x2e,0xbe,0x30,0x14,0x3c,0xe2,0x87,
+ 0x40,0x01,0x1e,0xcf,0x00},
+ {0xd6,0xa1,0x41,0xa7,0xec,0x3c,0x38,0xdf,0xbd,0x61,0x00},
+ {0},
+ };
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ int i,err=0;
+ int j;
+ unsigned char *p;
+ RC4_KEY key;
+ unsigned char buf[512],obuf[512];
+
+ for (i=0; i<512; i++) buf[i]=0x01;
+
+ for (i=0; i<6; i++)
+ {
+ RC4_set_key(&key,keys[i][0],&(keys[i][1]));
+ memset(obuf,0x00,sizeof(obuf));
+ RC4(&key,data_len[i],&(data[i][0]),obuf);
+ if (memcmp(obuf,output[i],data_len[i]+1) != 0)
+ {
+ printf("error calculating RC4\n");
+ printf("output:");
+ for (j=0; j<data_len[i]+1; j++)
+ printf(" %02x",obuf[j]);
+ printf("\n");
+ printf("expect:");
+ p= &(output[i][0]);
+ for (j=0; j<data_len[i]+1; j++)
+ printf(" %02x",*(p++));
+ printf("\n");
+ err++;
+ }
+ else
+ printf("test %d ok\n",i);
+ }
+ printf("test end processing ");
+ for (i=0; i<data_len[3]; i++)
+ {
+ RC4_set_key(&key,keys[3][0],&(keys[3][1]));
+ memset(obuf,0x00,sizeof(obuf));
+ RC4(&key,i,&(data[3][0]),obuf);
+ if ((memcmp(obuf,output[3],i) != 0) || (obuf[i] != 0))
+ {
+ printf("error in RC4 length processing\n");
+ printf("output:");
+ for (j=0; j<i+1; j++)
+ printf(" %02x",obuf[j]);
+ printf("\n");
+ printf("expect:");
+ p= &(output[3][0]);
+ for (j=0; j<i; j++)
+ printf(" %02x",*(p++));
+ printf(" 00\n");
+ err++;
+ }
+ else
+ {
+ printf(".");
+ fflush(stdout);
+ }
+ }
+ printf("done\n");
+ printf("test multi-call ");
+ for (i=0; i<data_len[3]; i++)
+ {
+ RC4_set_key(&key,keys[3][0],&(keys[3][1]));
+ memset(obuf,0x00,sizeof(obuf));
+ RC4(&key,i,&(data[3][0]),obuf);
+ RC4(&key,data_len[3]-i,&(data[3][i]),&(obuf[i]));
+ if (memcmp(obuf,output[3],data_len[3]+1) != 0)
+ {
+ printf("error in RC4 multi-call processing\n");
+ printf("output:");
+ for (j=0; j<data_len[3]+1; j++)
+ printf(" %02x",obuf[j]);
+ printf("\n");
+ printf("expect:");
+ p= &(output[3][0]);
+ for (j=0; j<data_len[3]+1; j++)
+ printf(" %02x",*(p++));
+ err++;
+ }
+ else
+ {
+ printf(".");
+ fflush(stdout);
+ }
+ }
+ printf("done\n");
+ exit(err);
+ return(0);
+ }
+
diff --git a/src/lib/libssl/src/crypto/rc4/rrc4.doc b/src/lib/libssl/src/crypto/rc4/rrc4.doc
new file mode 100644
index 0000000000..2f9a953c12
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rc4/rrc4.doc
@@ -0,0 +1,278 @@
+Newsgroups: sci.crypt,alt.security,comp.security.misc,alt.privacy
+Path: ghost.dsi.unimi.it!univ-lyon1.fr!jussieu.fr!zaphod.crihan.fr!warwick!clyde.open.ac.uk!strath-cs!bnr.co.uk!bt!pipex!howland.reston.ans.net!europa.eng.gtefsd.com!MathWorks.Com!yeshua.marcam.com!charnel.ecst.csuchico.edu!csusac!csus.edu!netcom.com!sterndark
+From: sterndark@netcom.com (David Sterndark)
+Subject: RC4 Algorithm revealed.
+Message-ID: <sternCvKL4B.Hyy@netcom.com>
+Sender: sterndark@netcom.com
+Organization: NETCOM On-line Communication Services (408 261-4700 guest)
+X-Newsreader: TIN [version 1.2 PL1]
+Date: Wed, 14 Sep 1994 06:35:31 GMT
+Lines: 263
+Xref: ghost.dsi.unimi.it sci.crypt:27332 alt.security:14732 comp.security.misc:11701 alt.privacy:16026
+
+I am shocked, shocked, I tell you, shocked, to discover
+that the cypherpunks have illegaly and criminally revealed
+a crucial RSA trade secret and harmed the security of
+America by reverse engineering the RC4 algorithm and
+publishing it to the world.
+
+On Saturday morning an anonymous cypherpunk wrote:
+
+
+ SUBJECT: RC4 Source Code
+
+
+ I've tested this. It is compatible with the RC4 object module
+ that comes in the various RSA toolkits.
+
+ /* rc4.h */
+ typedef struct rc4_key
+ {
+ unsigned char state[256];
+ unsigned char x;
+ unsigned char y;
+ } rc4_key;
+ void prepare_key(unsigned char *key_data_ptr,int key_data_len,
+ rc4_key *key);
+ void rc4(unsigned char *buffer_ptr,int buffer_len,rc4_key * key);
+
+
+ /*rc4.c */
+ #include "rc4.h"
+ static void swap_byte(unsigned char *a, unsigned char *b);
+ void prepare_key(unsigned char *key_data_ptr, int key_data_len,
+ rc4_key *key)
+ {
+ unsigned char swapByte;
+ unsigned char index1;
+ unsigned char index2;
+ unsigned char* state;
+ short counter;
+
+ state = &key->state[0];
+ for(counter = 0; counter < 256; counter++)
+ state[counter] = counter;
+ key->x = 0;
+ key->y = 0;
+ index1 = 0;
+ index2 = 0;
+ for(counter = 0; counter < 256; counter++)
+ {
+ index2 = (key_data_ptr[index1] + state[counter] +
+ index2) % 256;
+ swap_byte(&state[counter], &state[index2]);
+
+ index1 = (index1 + 1) % key_data_len;
+ }
+ }
+
+ void rc4(unsigned char *buffer_ptr, int buffer_len, rc4_key *key)
+ {
+ unsigned char x;
+ unsigned char y;
+ unsigned char* state;
+ unsigned char xorIndex;
+ short counter;
+
+ x = key->x;
+ y = key->y;
+
+ state = &key->state[0];
+ for(counter = 0; counter < buffer_len; counter ++)
+ {
+ x = (x + 1) % 256;
+ y = (state[x] + y) % 256;
+ swap_byte(&state[x], &state[y]);
+
+ xorIndex = (state[x] + state[y]) % 256;
+
+ buffer_ptr[counter] ^= state[xorIndex];
+ }
+ key->x = x;
+ key->y = y;
+ }
+
+ static void swap_byte(unsigned char *a, unsigned char *b)
+ {
+ unsigned char swapByte;
+
+ swapByte = *a;
+ *a = *b;
+ *b = swapByte;
+ }
+
+
+
+Another cypherpunk, this one not anonymous, tested the
+output from this algorithm against the output from
+official RC4 object code
+
+
+ Date: Tue, 13 Sep 94 18:37:56 PDT
+ From: ekr@eit.COM (Eric Rescorla)
+ Message-Id: <9409140137.AA17743@eitech.eit.com>
+ Subject: RC4 compatibility testing
+ Cc: cypherpunks@toad.com
+
+ One data point:
+
+ I can't say anything about the internals of RC4 versus the
+ algorithm that Bill Sommerfeld is rightly calling 'Alleged RC4',
+ since I don't know anything about RC4's internals.
+
+ However, I do have a (legitimately acquired) copy of BSAFE2 and
+ so I'm able to compare the output of this algorithm to the output
+ of genuine RC4 as found in BSAFE. I chose a set of test vectors
+ and ran them through both algorithms. The algorithms appear to
+ give identical results, at least with these key/plaintext pairs.
+
+ I note that this is the algorithm _without_ Hal Finney's
+ proposed modification
+
+ (see <199409130605.XAA24133@jobe.shell.portal.com>).
+
+ The vectors I used (together with the ciphertext they produce)
+ follow at the end of this message.
+
+ -Ekr
+
+ Disclaimer: This posting does not reflect the opinions of EIT.
+
+ --------------------results follow--------------
+ Test vector 0
+ Key: 0x01 0x23 0x45 0x67 0x89 0xab 0xcd 0xef
+ Input: 0x01 0x23 0x45 0x67 0x89 0xab 0xcd 0xef
+ 0 Output: 0x75 0xb7 0x87 0x80 0x99 0xe0 0xc5 0x96
+
+ Test vector 1
+ Key: 0x01 0x23 0x45 0x67 0x89 0xab 0xcd 0xef
+ Input: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
+ 0 Output: 0x74 0x94 0xc2 0xe7 0x10 0x4b 0x08 0x79
+
+ Test vector 2
+ Key: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
+ Input: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
+ 0 Output: 0xde 0x18 0x89 0x41 0xa3 0x37 0x5d 0x3a
+
+ Test vector 3
+ Key: 0xef 0x01 0x23 0x45
+ Input: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
+ 0 Output: 0xd6 0xa1 0x41 0xa7 0xec 0x3c 0x38 0xdf 0xbd 0x61
+
+ Test vector 4
+ Key: 0x01 0x23 0x45 0x67 0x89 0xab 0xcd 0xef
+ Input: 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01
+ 0 Output: 0x75 0x95 0xc3 0xe6 0x11 0x4a 0x09 0x78 0x0c 0x4a 0xd4
+ 0x52 0x33 0x8e 0x1f 0xfd 0x9a 0x1b 0xe9 0x49 0x8f
+ 0x81 0x3d 0x76 0x53 0x34 0x49 0xb6 0x77 0x8d 0xca
+ 0xd8 0xc7 0x8a 0x8d 0x2b 0xa9 0xac 0x66 0x08 0x5d
+ 0x0e 0x53 0xd5 0x9c 0x26 0xc2 0xd1 0xc4 0x90 0xc1
+ 0xeb 0xbe 0x0c 0xe6 0x6d 0x1b 0x6b 0x1b 0x13 0xb6
+ 0xb9 0x19 0xb8 0x47 0xc2 0x5a 0x91 0x44 0x7a 0x95
+ 0xe7 0x5e 0x4e 0xf1 0x67 0x79 0xcd 0xe8 0xbf 0x0a
+ 0x95 0x85 0x0e 0x32 0xaf 0x96 0x89 0x44 0x4f 0xd3
+ 0x77 0x10 0x8f 0x98 0xfd 0xcb 0xd4 0xe7 0x26 0x56
+ 0x75 0x00 0x99 0x0b 0xcc 0x7e 0x0c 0xa3 0xc4 0xaa
+ 0xa3 0x04 0xa3 0x87 0xd2 0x0f 0x3b 0x8f 0xbb 0xcd
+ 0x42 0xa1 0xbd 0x31 0x1d 0x7a 0x43 0x03 0xdd 0xa5
+ 0xab 0x07 0x88 0x96 0xae 0x80 0xc1 0x8b 0x0a 0xf6
+ 0x6d 0xff 0x31 0x96 0x16 0xeb 0x78 0x4e 0x49 0x5a
+ 0xd2 0xce 0x90 0xd7 0xf7 0x72 0xa8 0x17 0x47 0xb6
+ 0x5f 0x62 0x09 0x3b 0x1e 0x0d 0xb9 0xe5 0xba 0x53
+ 0x2f 0xaf 0xec 0x47 0x50 0x83 0x23 0xe6 0x71 0x32
+ 0x7d 0xf9 0x44 0x44 0x32 0xcb 0x73 0x67 0xce 0xc8
+ 0x2f 0x5d 0x44 0xc0 0xd0 0x0b 0x67 0xd6 0x50 0xa0
+ 0x75 0xcd 0x4b 0x70 0xde 0xdd 0x77 0xeb 0x9b 0x10
+ 0x23 0x1b 0x6b 0x5b 0x74 0x13 0x47 0x39 0x6d 0x62
+ 0x89 0x74 0x21 0xd4 0x3d 0xf9 0xb4 0x2e 0x44 0x6e
+ 0x35 0x8e 0x9c 0x11 0xa9 0xb2 0x18 0x4e 0xcb 0xef
+ 0x0c 0xd8 0xe7 0xa8 0x77 0xef 0x96 0x8f 0x13 0x90
+ 0xec 0x9b 0x3d 0x35 0xa5 0x58 0x5c 0xb0 0x09 0x29
+ 0x0e 0x2f 0xcd 0xe7 0xb5 0xec 0x66 0xd9 0x08 0x4b
+ 0xe4 0x40 0x55 0xa6 0x19 0xd9 0xdd 0x7f 0xc3 0x16
+ 0x6f 0x94 0x87 0xf7 0xcb 0x27 0x29 0x12 0x42 0x64
+ 0x45 0x99 0x85 0x14 0xc1 0x5d 0x53 0xa1 0x8c 0x86
+ 0x4c 0xe3 0xa2 0xb7 0x55 0x57 0x93 0x98 0x81 0x26
+ 0x52 0x0e 0xac 0xf2 0xe3 0x06 0x6e 0x23 0x0c 0x91
+ 0xbe 0xe4 0xdd 0x53 0x04 0xf5 0xfd 0x04 0x05 0xb3
+ 0x5b 0xd9 0x9c 0x73 0x13 0x5d 0x3d 0x9b 0xc3 0x35
+ 0xee 0x04 0x9e 0xf6 0x9b 0x38 0x67 0xbf 0x2d 0x7b
+ 0xd1 0xea 0xa5 0x95 0xd8 0xbf 0xc0 0x06 0x6f 0xf8
+ 0xd3 0x15 0x09 0xeb 0x0c 0x6c 0xaa 0x00 0x6c 0x80
+ 0x7a 0x62 0x3e 0xf8 0x4c 0x3d 0x33 0xc1 0x95 0xd2
+ 0x3e 0xe3 0x20 0xc4 0x0d 0xe0 0x55 0x81 0x57 0xc8
+ 0x22 0xd4 0xb8 0xc5 0x69 0xd8 0x49 0xae 0xd5 0x9d
+ 0x4e 0x0f 0xd7 0xf3 0x79 0x58 0x6b 0x4b 0x7f 0xf6
+ 0x84 0xed 0x6a 0x18 0x9f 0x74 0x86 0xd4 0x9b 0x9c
+ 0x4b 0xad 0x9b 0xa2 0x4b 0x96 0xab 0xf9 0x24 0x37
+ 0x2c 0x8a 0x8f 0xff 0xb1 0x0d 0x55 0x35 0x49 0x00
+ 0xa7 0x7a 0x3d 0xb5 0xf2 0x05 0xe1 0xb9 0x9f 0xcd
+ 0x86 0x60 0x86 0x3a 0x15 0x9a 0xd4 0xab 0xe4 0x0f
+ 0xa4 0x89 0x34 0x16 0x3d 0xdd 0xe5 0x42 0xa6 0x58
+ 0x55 0x40 0xfd 0x68 0x3c 0xbf 0xd8 0xc0 0x0f 0x12
+ 0x12 0x9a 0x28 0x4d 0xea 0xcc 0x4c 0xde 0xfe 0x58
+ 0xbe 0x71 0x37 0x54 0x1c 0x04 0x71 0x26 0xc8 0xd4
+ 0x9e 0x27 0x55 0xab 0x18 0x1a 0xb7 0xe9 0x40 0xb0
+ 0xc0
+
+
+
+--
+ ---------------------------------------------------------------------
+We have the right to defend ourselves and our
+property, because of the kind of animals that we James A. Donald
+are. True law derives from this right, not from
+the arbitrary power of the omnipotent state. jamesd@netcom.com
+
+
diff --git a/src/lib/libssl/src/crypto/rc5/rc5.h b/src/lib/libssl/src/crypto/rc5/rc5.h
new file mode 100644
index 0000000000..5fd64e3f10
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rc5/rc5.h
@@ -0,0 +1,122 @@
+/* crypto/rc5/rc5.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_RC5_H
+#define HEADER_RC5_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define RC5_ENCRYPT 1
+#define RC5_DECRYPT 0
+
+/* 32 bit. For Alpha, things may get weird */
+#define RC5_32_INT unsigned long
+
+#define RC5_32_BLOCK 8
+#define RC5_32_KEY_LENGTH 16 /* This is a default, max is 255 */
+
+/* This are the only values supported. Tweak the code if you want more
+ * The most supported modes will be
+ * RC5-32/12/16
+ * RC5-32/16/8
+ */
+#define RC5_8_ROUNDS 8
+#define RC5_12_ROUNDS 12
+#define RC5_16_ROUNDS 16
+
+typedef struct rc5_key_st
+ {
+ /* Number of rounds */
+ int rounds;
+ RC5_32_INT data[2*(RC5_16_ROUNDS+1)];
+ } RC5_32_KEY;
+
+#ifndef NOPROTO
+
+void RC5_32_set_key(RC5_32_KEY *key, int len, unsigned char *data,
+ int rounds);
+void RC5_32_ecb_encrypt(unsigned char *in,unsigned char *out,RC5_32_KEY *key,
+ int enc);
+void RC5_32_encrypt(unsigned long *data,RC5_32_KEY *key);
+void RC5_32_decrypt(unsigned long *data,RC5_32_KEY *key);
+void RC5_32_cbc_encrypt(unsigned char *in, unsigned char *out, long length,
+ RC5_32_KEY *ks, unsigned char *iv, int enc);
+void RC5_32_cfb64_encrypt(unsigned char *in, unsigned char *out, long length,
+ RC5_32_KEY *schedule, unsigned char *ivec, int *num, int enc);
+void RC5_32_ofb64_encrypt(unsigned char *in, unsigned char *out, long length,
+ RC5_32_KEY *schedule, unsigned char *ivec, int *num);
+
+#else
+
+void RC5_32_set_key();
+void RC5_32_ecb_encrypt();
+void RC5_32_encrypt();
+void RC5_32_decrypt();
+void RC5_32_cbc_encrypt();
+void RC5_32_cfb64_encrypt();
+void RC5_32_ofb64_encrypt();
+
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/src/lib/libssl/src/crypto/ripemd/README b/src/lib/libssl/src/crypto/ripemd/README
new file mode 100644
index 0000000000..7097707264
--- /dev/null
+++ b/src/lib/libssl/src/crypto/ripemd/README
@@ -0,0 +1,15 @@
+RIPEMD-160
+http://www.esat.kuleuven.ac.be/~bosselae/ripemd160.html
+
+This is my implementation of RIPEMD-160. The pentium assember is a little
+off the pace since I only get 1050 cycles, while the best is 1013.
+I have a few ideas for how to get another 20 or so cycles, but at
+this point I will not bother right now. I belive the trick will be
+to remove my 'copy X array onto stack' until inside the RIP1() finctions the
+first time round. To do this I need another register and will only have one
+temporary one. A bit tricky.... I can also cleanup the saving of the 5 words
+after the first half of the calculation. I should read the origional
+value, add then write. Currently I just save the new and read the origioal.
+I then read both at the end. Bad.
+
+eric (20-Jan-1998)
diff --git a/src/lib/libssl/src/crypto/ripemd/asm/rips.cpp b/src/lib/libssl/src/crypto/ripemd/asm/rips.cpp
new file mode 100644
index 0000000000..78a933c448
--- /dev/null
+++ b/src/lib/libssl/src/crypto/ripemd/asm/rips.cpp
@@ -0,0 +1,78 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+ asm volatile(".byte 15, 49\n\t"
+ : "=eax" (tsc)
+ :
+ : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+ unsigned long a;
+ __asm _emit 0fh
+ __asm _emit 31h
+ __asm mov a, eax;
+ tsc=a;
+}
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "ripemd.h"
+
+extern "C" {
+void ripemd160_block_x86(RIPEMD160_CTX *ctx, unsigned char *buffer,int num);
+}
+
+void main(int argc,char *argv[])
+ {
+ unsigned char buffer[64*256];
+ RIPEMD160_CTX ctx;
+ unsigned long s1,s2,e1,e2;
+ unsigned char k[16];
+ unsigned long data[2];
+ unsigned char iv[8];
+ int i,num=0,numm;
+ int j=0;
+
+ if (argc >= 2)
+ num=atoi(argv[1]);
+
+ if (num == 0) num=16;
+ if (num > 250) num=16;
+ numm=num+2;
+ num*=64;
+ numm*=64;
+
+ for (j=0; j<6; j++)
+ {
+ for (i=0; i<10; i++) /**/
+ {
+ ripemd160_block_x86(&ctx,buffer,numm);
+ GetTSC(s1);
+ ripemd160_block_x86(&ctx,buffer,numm);
+ GetTSC(e1);
+ GetTSC(s2);
+ ripemd160_block_x86(&ctx,buffer,num);
+ GetTSC(e2);
+ ripemd160_block_x86(&ctx,buffer,num);
+ }
+ printf("ripemd160 (%d bytes) %d %d (%.2f)\n",num,
+ e1-s1,e2-s2,(double)((e1-s1)-(e2-s2))/2);
+ }
+ }
+
diff --git a/src/lib/libssl/src/crypto/ripemd/asm/rmd-586.pl b/src/lib/libssl/src/crypto/ripemd/asm/rmd-586.pl
new file mode 100644
index 0000000000..dc3f6c792e
--- /dev/null
+++ b/src/lib/libssl/src/crypto/ripemd/asm/rmd-586.pl
@@ -0,0 +1,582 @@
+#!/usr/bin/perl
+
+# Normal is the
+# ripemd160_block_x86(MD5_CTX *c, ULONG *X);
+# version, non-normal is the
+# ripemd160_block_x86(MD5_CTX *c, ULONG *X,int blocks);
+
+$normal=0;
+
+push(@INC,"perlasm","../../perlasm");
+require "x86asm.pl";
+
+&asm_init($ARGV[0],$0);
+
+$A="eax";
+$B="ebx";
+$C="ecx";
+$D="edx";
+$E="ebp";
+$tmp1="esi";
+$tmp2="edi";
+
+$KL1=0x5A827999;
+$KL2=0x6ED9EBA1;
+$KL3=0x8F1BBCDC;
+$KL4=0xA953FD4E;
+$KR0=0x50A28BE6;
+$KR1=0x5C4DD124;
+$KR2=0x6D703EF3;
+$KR3=0x7A6D76E9;
+
+
+@wl=( 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,10,11,12,13,14,15,
+ 7, 4,13, 1,10, 6,15, 3,12, 0, 9, 5, 2,14,11, 8,
+ 3,10,14, 4, 9,15, 8, 1, 2, 7, 0, 6,13,11, 5,12,
+ 1, 9,11,10, 0, 8,12, 4,13, 3, 7,15,14, 5, 6, 2,
+ 4, 0, 5, 9, 7,12, 2,10,14, 1, 3, 8,11, 6,15,13,
+ );
+
+@wr=( 5,14, 7, 0, 9, 2,11, 4,13, 6,15, 8, 1,10, 3,12,
+ 6,11, 3, 7, 0,13, 5,10,14,15, 8,12, 4, 9, 1, 2,
+ 15, 5, 1, 3, 7,14, 6, 9,11, 8,12, 2,10, 0, 4,13,
+ 8, 6, 4, 1, 3,11,15, 0, 5,12, 2,13, 9, 7,10,14,
+ 12,15,10, 4, 1, 5, 8, 7, 6, 2,13,14, 0, 3, 9,11,
+ );
+
+@sl=( 11,14,15,12, 5, 8, 7, 9,11,13,14,15, 6, 7, 9, 8,
+ 7, 6, 8,13,11, 9, 7,15, 7,12,15, 9,11, 7,13,12,
+ 11,13, 6, 7,14, 9,13,15,14, 8,13, 6, 5,12, 7, 5,
+ 11,12,14,15,14,15, 9, 8, 9,14, 5, 6, 8, 6, 5,12,
+ 9,15, 5,11, 6, 8,13,12, 5,12,13,14,11, 8, 5, 6,
+ );
+
+@sr=( 8, 9, 9,11,13,15,15, 5, 7, 7, 8,11,14,14,12, 6,
+ 9,13,15, 7,12, 8, 9,11, 7, 7,12, 7, 6,15,13,11,
+ 9, 7,15,11, 8, 6, 6,14,12,13, 5,14,13,13, 7, 5,
+ 15, 5, 8,11,14,14, 6,14, 6, 9,12, 9,12, 5,15, 8,
+ 8, 5,12, 9,12, 5,14, 6, 8,13, 6, 5,15,13,11,11,
+ );
+
+&ripemd160_block("ripemd160_block_x86");
+&asm_finish();
+
+sub Xv
+ {
+ local($n)=@_;
+ return(&swtmp($n+1));
+ # tmp on stack
+ }
+
+sub Np
+ {
+ local($p)=@_;
+ local(%n)=($A,$E,$B,$A,$C,$B,$D,$C,$E,$D);
+ return($n{$p});
+ }
+
+sub RIP1
+ {
+ local($a,$b,$c,$d,$e,$pos,$s,$o,$pos2)=@_;
+
+ &comment($p++);
+ if ($p & 1)
+ {
+ &mov($tmp1, $c) if $o == -1;
+ &xor($tmp1, $d) if $o == -1;
+ &mov($tmp2, &Xv($pos));
+ &xor($tmp1, $b);
+ &add($a, $tmp2);
+ &rotl($c, 10);
+ &add($a, $tmp1);
+ &mov($tmp1, &Np($c)); # NEXT
+ # XXX
+ &rotl($a, $s);
+ &add($a, $e);
+ }
+ else
+ {
+ &xor($tmp1, $d);
+ &mov($tmp2, &Xv($pos));
+ &xor($tmp1, $b);
+ &add($a, $tmp1);
+ &mov($tmp1, &Np($c)) if $o <= 0;
+ &mov($tmp1, -1) if $o == 1;
+ # XXX if $o == 2;
+ &rotl($c, 10);
+ &add($a, $tmp2);
+ &xor($tmp1, &Np($d)) if $o <= 0;
+ &mov($tmp2, &Xv($pos2)) if $o == 1;
+ &mov($tmp2, &wparam(0)) if $o == 2;
+ &rotl($a, $s);
+ &add($a, $e);
+ }
+ }
+
+sub RIP2
+ {
+ local($a,$b,$c,$d,$e,$pos,$pos2,$s,$K,$o)=@_;
+
+# XXXXXX
+ &comment($p++);
+ if ($p & 1)
+ {
+# &mov($tmp2, &Xv($pos)) if $o < -1;
+# &mov($tmp1, -1) if $o < -1;
+
+ &add($a, $tmp2);
+ &mov($tmp2, $c);
+ &sub($tmp1, $b);
+ &and($tmp2, $b);
+ &and($tmp1, $d);
+ &or($tmp2, $tmp1);
+ &mov($tmp1, &Xv($pos2)) if $o <= 0; # XXXXXXXXXXXXXX
+ # XXX
+ &rotl($c, 10);
+ &lea($a, &DWP($K,$a,$tmp2,1));
+ &mov($tmp2, -1) if $o <= 0;
+ # XXX
+ &rotl($a, $s);
+ &add($a, $e);
+ }
+ else
+ {
+ # XXX
+ &add($a, $tmp1);
+ &mov($tmp1, $c);
+ &sub($tmp2, $b);
+ &and($tmp1, $b);
+ &and($tmp2, $d);
+ if ($o != 2)
+ {
+ &or($tmp1, $tmp2);
+ &mov($tmp2, &Xv($pos2)) if $o <= 0;
+ &mov($tmp2, -1) if $o == 1;
+ &rotl($c, 10);
+ &lea($a, &DWP($K,$a,$tmp1,1));
+ &mov($tmp1, -1) if $o <= 0;
+ &sub($tmp2, &Np($c)) if $o == 1;
+ } else {
+ &or($tmp2, $tmp1);
+ &mov($tmp1, &Np($c));
+ &rotl($c, 10);
+ &lea($a, &DWP($K,$a,$tmp2,1));
+ &xor($tmp1, &Np($d));
+ }
+ &rotl($a, $s);
+ &add($a, $e);
+ }
+ }
+
+sub RIP3
+ {
+ local($a,$b,$c,$d,$e,$pos,$s,$K,$o,$pos2)=@_;
+
+ &comment($p++);
+ if ($p & 1)
+ {
+# &mov($tmp2, -1) if $o < -1;
+# &sub($tmp2, $c) if $o < -1;
+ &mov($tmp1, &Xv($pos));
+ &or($tmp2, $b);
+ &add($a, $tmp1);
+ &xor($tmp2, $d);
+ &mov($tmp1, -1) if $o <= 0; # NEXT
+ # XXX
+ &rotl($c, 10);
+ &lea($a, &DWP($K,$a,$tmp2,1));
+ &sub($tmp1, &Np($c)) if $o <= 0; # NEXT
+ # XXX
+ &rotl($a, $s);
+ &add($a, $e);
+ }
+ else
+ {
+ &mov($tmp2, &Xv($pos));
+ &or($tmp1, $b);
+ &add($a, $tmp2);
+ &xor($tmp1, $d);
+ &mov($tmp2, -1) if $o <= 0; # NEXT
+ &mov($tmp2, -1) if $o == 1;
+ &mov($tmp2, &Xv($pos2)) if $o == 2;
+ &rotl($c, 10);
+ &lea($a, &DWP($K,$a,$tmp1,1));
+ &sub($tmp2, &Np($c)) if $o <= 0; # NEXT
+ &mov($tmp1, &Np($d)) if $o == 1;
+ &mov($tmp1, -1) if $o == 2;
+ &rotl($a, $s);
+ &add($a, $e);
+ }
+ }
+
+sub RIP4
+ {
+ local($a,$b,$c,$d,$e,$pos,$s,$K,$o)=@_;
+
+ &comment($p++);
+ if ($p & 1)
+ {
+# &mov($tmp2, -1) if $o == -2;
+# &mov($tmp1, $d) if $o == -2;
+ &sub($tmp2, $d);
+ &and($tmp1, $b);
+ &and($tmp2, $c);
+ &or($tmp2, $tmp1);
+ &mov($tmp1, &Xv($pos));
+ &rotl($c, 10);
+ &lea($a, &DWP($K,$a,$tmp2));
+ &mov($tmp2, -1) unless $o > 0; # NEXT
+ # XXX
+ &add($a, $tmp1);
+ &mov($tmp1, &Np($d)) unless $o > 0; # NEXT
+ # XXX
+ &rotl($a, $s);
+ &add($a, $e);
+ }
+ else
+ {
+ &sub($tmp2, $d);
+ &and($tmp1, $b);
+ &and($tmp2, $c);
+ &or($tmp2, $tmp1);
+ &mov($tmp1, &Xv($pos));
+ &rotl($c, 10);
+ &lea($a, &DWP($K,$a,$tmp2));
+ &mov($tmp2, -1) if $o == 0; # NEXT
+ &mov($tmp2, -1) if $o == 1;
+ &mov($tmp2, -1) if $o == 2;
+ # XXX
+ &add($a, $tmp1);
+ &mov($tmp1, &Np($d)) if $o == 0; # NEXT
+ &sub($tmp2, &Np($d)) if $o == 1;
+ &sub($tmp2, &Np($c)) if $o == 2;
+ # XXX
+ &rotl($a, $s);
+ &add($a, $e);
+ }
+ }
+
+sub RIP5
+ {
+ local($a,$b,$c,$d,$e,$pos,$s,$K,$o)=@_;
+
+ &comment($p++);
+ if ($p & 1)
+ {
+ &mov($tmp2, -1) if $o == -2;
+ &sub($tmp2, $d) if $o == -2;
+ &mov($tmp1, &Xv($pos));
+ &or($tmp2, $c);
+ &add($a, $tmp1);
+ &xor($tmp2, $b);
+ &mov($tmp1, -1) if $o <= 0;
+ # XXX
+ &rotl($c, 10);
+ &lea($a, &DWP($K,$a,$tmp2,1));
+ &sub($tmp1, &Np($d)) if $o <= 0;
+ # XXX
+ &rotl($a, $s);
+ &add($a, $e);
+ }
+ else
+ {
+ &mov($tmp2, &Xv($pos));
+ &or($tmp1, $c);
+ &add($a, $tmp2);
+ &xor($tmp1, $b);
+ &mov($tmp2, -1) if $o <= 0;
+ &mov($tmp2, &wparam(0)) if $o == 1; # Middle code
+ &mov($tmp2, -1) if $o == 2;
+ &rotl($c, 10);
+ &lea($a, &DWP($K,$a,$tmp1,1));
+ &sub($tmp2, &Np($d)) if $o <= 0;
+ &mov(&swtmp(1+16), $A) if $o == 1;
+ &mov($tmp1, &Np($d)) if $o == 2;
+ &rotl($a, $s);
+ &add($a, $e);
+ }
+ }
+
+sub ripemd160_block
+ {
+ local($name)=@_;
+
+ &function_begin_B($name,"",3);
+
+ # parameter 1 is the RIPEMD160_CTX structure.
+ # A 0
+ # B 4
+ # C 8
+ # D 12
+ # E 16
+
+ &push("esi");
+ &mov($C, &wparam(2));
+ &push("edi");
+ &mov($tmp1, &wparam(1)); # edi
+ &push("ebp");
+ &add($C, $tmp1); # offset we end at
+ &push("ebx");
+ &sub($C, 64);
+ &stack_push(16+5+1);
+ # XXX
+
+ &mov(&swtmp(0), $C);
+ &mov($tmp2, &wparam(0)); # Done at end of loop
+
+ &set_label("start") unless $normal;
+ &comment("");
+
+ # &mov($tmp1, &wparam(1)); # Done at end of loop
+ # &mov($tmp2, &wparam(0)); # Done at end of loop
+
+ for ($z=0; $z<16; $z+=2)
+ {
+ &mov($A, &DWP( $z*4,$tmp1,"",0));
+ &mov($B, &DWP( ($z+1)*4,$tmp1,"",0));
+ &mov(&swtmp(1+$z), $A);
+ &mov(&swtmp(1+$z+1), $B);
+ }
+ &add($tmp1, 64);
+ &mov($A, &DWP( 0,$tmp2,"",0));
+ &mov(&wparam(1),$tmp1);
+ &mov($B, &DWP( 4,$tmp2,"",0));
+ &mov($C, &DWP( 8,$tmp2,"",0));
+ &mov($D, &DWP(12,$tmp2,"",0));
+ &mov($E, &DWP(16,$tmp2,"",0));
+
+ &RIP1($A,$B,$C,$D,$E,$wl[ 0],$sl[ 0],-1);
+ &RIP1($E,$A,$B,$C,$D,$wl[ 1],$sl[ 1],0);
+ &RIP1($D,$E,$A,$B,$C,$wl[ 2],$sl[ 2],0);
+ &RIP1($C,$D,$E,$A,$B,$wl[ 3],$sl[ 3],0);
+ &RIP1($B,$C,$D,$E,$A,$wl[ 4],$sl[ 4],0);
+ &RIP1($A,$B,$C,$D,$E,$wl[ 5],$sl[ 5],0);
+ &RIP1($E,$A,$B,$C,$D,$wl[ 6],$sl[ 6],0);
+ &RIP1($D,$E,$A,$B,$C,$wl[ 7],$sl[ 7],0);
+ &RIP1($C,$D,$E,$A,$B,$wl[ 8],$sl[ 8],0);
+ &RIP1($B,$C,$D,$E,$A,$wl[ 9],$sl[ 9],0);
+ &RIP1($A,$B,$C,$D,$E,$wl[10],$sl[10],0);
+ &RIP1($E,$A,$B,$C,$D,$wl[11],$sl[11],0);
+ &RIP1($D,$E,$A,$B,$C,$wl[12],$sl[12],0);
+ &RIP1($C,$D,$E,$A,$B,$wl[13],$sl[13],0);
+ &RIP1($B,$C,$D,$E,$A,$wl[14],$sl[14],0);
+ &RIP1($A,$B,$C,$D,$E,$wl[15],$sl[15],1,$wl[16]);
+
+ &RIP2($E,$A,$B,$C,$D,$wl[16],$wl[17],$sl[16],$KL1,-1);
+ &RIP2($D,$E,$A,$B,$C,$wl[17],$wl[18],$sl[17],$KL1,0);
+ &RIP2($C,$D,$E,$A,$B,$wl[18],$wl[19],$sl[18],$KL1,0);
+ &RIP2($B,$C,$D,$E,$A,$wl[19],$wl[20],$sl[19],$KL1,0);
+ &RIP2($A,$B,$C,$D,$E,$wl[20],$wl[21],$sl[20],$KL1,0);
+ &RIP2($E,$A,$B,$C,$D,$wl[21],$wl[22],$sl[21],$KL1,0);
+ &RIP2($D,$E,$A,$B,$C,$wl[22],$wl[23],$sl[22],$KL1,0);
+ &RIP2($C,$D,$E,$A,$B,$wl[23],$wl[24],$sl[23],$KL1,0);
+ &RIP2($B,$C,$D,$E,$A,$wl[24],$wl[25],$sl[24],$KL1,0);
+ &RIP2($A,$B,$C,$D,$E,$wl[25],$wl[26],$sl[25],$KL1,0);
+ &RIP2($E,$A,$B,$C,$D,$wl[26],$wl[27],$sl[26],$KL1,0);
+ &RIP2($D,$E,$A,$B,$C,$wl[27],$wl[28],$sl[27],$KL1,0);
+ &RIP2($C,$D,$E,$A,$B,$wl[28],$wl[29],$sl[28],$KL1,0);
+ &RIP2($B,$C,$D,$E,$A,$wl[29],$wl[30],$sl[29],$KL1,0);
+ &RIP2($A,$B,$C,$D,$E,$wl[30],$wl[31],$sl[30],$KL1,0);
+ &RIP2($E,$A,$B,$C,$D,$wl[31],$wl[32],$sl[31],$KL1,1);
+
+ &RIP3($D,$E,$A,$B,$C,$wl[32],$sl[32],$KL2,-1);
+ &RIP3($C,$D,$E,$A,$B,$wl[33],$sl[33],$KL2,0);
+ &RIP3($B,$C,$D,$E,$A,$wl[34],$sl[34],$KL2,0);
+ &RIP3($A,$B,$C,$D,$E,$wl[35],$sl[35],$KL2,0);
+ &RIP3($E,$A,$B,$C,$D,$wl[36],$sl[36],$KL2,0);
+ &RIP3($D,$E,$A,$B,$C,$wl[37],$sl[37],$KL2,0);
+ &RIP3($C,$D,$E,$A,$B,$wl[38],$sl[38],$KL2,0);
+ &RIP3($B,$C,$D,$E,$A,$wl[39],$sl[39],$KL2,0);
+ &RIP3($A,$B,$C,$D,$E,$wl[40],$sl[40],$KL2,0);
+ &RIP3($E,$A,$B,$C,$D,$wl[41],$sl[41],$KL2,0);
+ &RIP3($D,$E,$A,$B,$C,$wl[42],$sl[42],$KL2,0);
+ &RIP3($C,$D,$E,$A,$B,$wl[43],$sl[43],$KL2,0);
+ &RIP3($B,$C,$D,$E,$A,$wl[44],$sl[44],$KL2,0);
+ &RIP3($A,$B,$C,$D,$E,$wl[45],$sl[45],$KL2,0);
+ &RIP3($E,$A,$B,$C,$D,$wl[46],$sl[46],$KL2,0);
+ &RIP3($D,$E,$A,$B,$C,$wl[47],$sl[47],$KL2,1);
+
+ &RIP4($C,$D,$E,$A,$B,$wl[48],$sl[48],$KL3,-1);
+ &RIP4($B,$C,$D,$E,$A,$wl[49],$sl[49],$KL3,0);
+ &RIP4($A,$B,$C,$D,$E,$wl[50],$sl[50],$KL3,0);
+ &RIP4($E,$A,$B,$C,$D,$wl[51],$sl[51],$KL3,0);
+ &RIP4($D,$E,$A,$B,$C,$wl[52],$sl[52],$KL3,0);
+ &RIP4($C,$D,$E,$A,$B,$wl[53],$sl[53],$KL3,0);
+ &RIP4($B,$C,$D,$E,$A,$wl[54],$sl[54],$KL3,0);
+ &RIP4($A,$B,$C,$D,$E,$wl[55],$sl[55],$KL3,0);
+ &RIP4($E,$A,$B,$C,$D,$wl[56],$sl[56],$KL3,0);
+ &RIP4($D,$E,$A,$B,$C,$wl[57],$sl[57],$KL3,0);
+ &RIP4($C,$D,$E,$A,$B,$wl[58],$sl[58],$KL3,0);
+ &RIP4($B,$C,$D,$E,$A,$wl[59],$sl[59],$KL3,0);
+ &RIP4($A,$B,$C,$D,$E,$wl[60],$sl[60],$KL3,0);
+ &RIP4($E,$A,$B,$C,$D,$wl[61],$sl[61],$KL3,0);
+ &RIP4($D,$E,$A,$B,$C,$wl[62],$sl[62],$KL3,0);
+ &RIP4($C,$D,$E,$A,$B,$wl[63],$sl[63],$KL3,1);
+
+ &RIP5($B,$C,$D,$E,$A,$wl[64],$sl[64],$KL4,-1);
+ &RIP5($A,$B,$C,$D,$E,$wl[65],$sl[65],$KL4,0);
+ &RIP5($E,$A,$B,$C,$D,$wl[66],$sl[66],$KL4,0);
+ &RIP5($D,$E,$A,$B,$C,$wl[67],$sl[67],$KL4,0);
+ &RIP5($C,$D,$E,$A,$B,$wl[68],$sl[68],$KL4,0);
+ &RIP5($B,$C,$D,$E,$A,$wl[69],$sl[69],$KL4,0);
+ &RIP5($A,$B,$C,$D,$E,$wl[70],$sl[70],$KL4,0);
+ &RIP5($E,$A,$B,$C,$D,$wl[71],$sl[71],$KL4,0);
+ &RIP5($D,$E,$A,$B,$C,$wl[72],$sl[72],$KL4,0);
+ &RIP5($C,$D,$E,$A,$B,$wl[73],$sl[73],$KL4,0);
+ &RIP5($B,$C,$D,$E,$A,$wl[74],$sl[74],$KL4,0);
+ &RIP5($A,$B,$C,$D,$E,$wl[75],$sl[75],$KL4,0);
+ &RIP5($E,$A,$B,$C,$D,$wl[76],$sl[76],$KL4,0);
+ &RIP5($D,$E,$A,$B,$C,$wl[77],$sl[77],$KL4,0);
+ &RIP5($C,$D,$E,$A,$B,$wl[78],$sl[78],$KL4,0);
+ &RIP5($B,$C,$D,$E,$A,$wl[79],$sl[79],$KL4,1);
+
+ # &mov($tmp2, &wparam(0)); # moved into last RIP5
+ # &mov(&swtmp(1+16), $A);
+ &mov($A, &DWP( 0,$tmp2,"",0));
+ &mov(&swtmp(1+17), $B);
+ &mov(&swtmp(1+18), $C);
+ &mov($B, &DWP( 4,$tmp2,"",0));
+ &mov(&swtmp(1+19), $D);
+ &mov($C, &DWP( 8,$tmp2,"",0));
+ &mov(&swtmp(1+20), $E);
+ &mov($D, &DWP(12,$tmp2,"",0));
+ &mov($E, &DWP(16,$tmp2,"",0));
+
+ &RIP5($A,$B,$C,$D,$E,$wr[ 0],$sr[ 0],$KR0,-2);
+ &RIP5($E,$A,$B,$C,$D,$wr[ 1],$sr[ 1],$KR0,0);
+ &RIP5($D,$E,$A,$B,$C,$wr[ 2],$sr[ 2],$KR0,0);
+ &RIP5($C,$D,$E,$A,$B,$wr[ 3],$sr[ 3],$KR0,0);
+ &RIP5($B,$C,$D,$E,$A,$wr[ 4],$sr[ 4],$KR0,0);
+ &RIP5($A,$B,$C,$D,$E,$wr[ 5],$sr[ 5],$KR0,0);
+ &RIP5($E,$A,$B,$C,$D,$wr[ 6],$sr[ 6],$KR0,0);
+ &RIP5($D,$E,$A,$B,$C,$wr[ 7],$sr[ 7],$KR0,0);
+ &RIP5($C,$D,$E,$A,$B,$wr[ 8],$sr[ 8],$KR0,0);
+ &RIP5($B,$C,$D,$E,$A,$wr[ 9],$sr[ 9],$KR0,0);
+ &RIP5($A,$B,$C,$D,$E,$wr[10],$sr[10],$KR0,0);
+ &RIP5($E,$A,$B,$C,$D,$wr[11],$sr[11],$KR0,0);
+ &RIP5($D,$E,$A,$B,$C,$wr[12],$sr[12],$KR0,0);
+ &RIP5($C,$D,$E,$A,$B,$wr[13],$sr[13],$KR0,0);
+ &RIP5($B,$C,$D,$E,$A,$wr[14],$sr[14],$KR0,0);
+ &RIP5($A,$B,$C,$D,$E,$wr[15],$sr[15],$KR0,2);
+
+ &RIP4($E,$A,$B,$C,$D,$wr[16],$sr[16],$KR1,-2);
+ &RIP4($D,$E,$A,$B,$C,$wr[17],$sr[17],$KR1,0);
+ &RIP4($C,$D,$E,$A,$B,$wr[18],$sr[18],$KR1,0);
+ &RIP4($B,$C,$D,$E,$A,$wr[19],$sr[19],$KR1,0);
+ &RIP4($A,$B,$C,$D,$E,$wr[20],$sr[20],$KR1,0);
+ &RIP4($E,$A,$B,$C,$D,$wr[21],$sr[21],$KR1,0);
+ &RIP4($D,$E,$A,$B,$C,$wr[22],$sr[22],$KR1,0);
+ &RIP4($C,$D,$E,$A,$B,$wr[23],$sr[23],$KR1,0);
+ &RIP4($B,$C,$D,$E,$A,$wr[24],$sr[24],$KR1,0);
+ &RIP4($A,$B,$C,$D,$E,$wr[25],$sr[25],$KR1,0);
+ &RIP4($E,$A,$B,$C,$D,$wr[26],$sr[26],$KR1,0);
+ &RIP4($D,$E,$A,$B,$C,$wr[27],$sr[27],$KR1,0);
+ &RIP4($C,$D,$E,$A,$B,$wr[28],$sr[28],$KR1,0);
+ &RIP4($B,$C,$D,$E,$A,$wr[29],$sr[29],$KR1,0);
+ &RIP4($A,$B,$C,$D,$E,$wr[30],$sr[30],$KR1,0);
+ &RIP4($E,$A,$B,$C,$D,$wr[31],$sr[31],$KR1,2);
+
+ &RIP3($D,$E,$A,$B,$C,$wr[32],$sr[32],$KR2,-2);
+ &RIP3($C,$D,$E,$A,$B,$wr[33],$sr[33],$KR2,0);
+ &RIP3($B,$C,$D,$E,$A,$wr[34],$sr[34],$KR2,0);
+ &RIP3($A,$B,$C,$D,$E,$wr[35],$sr[35],$KR2,0);
+ &RIP3($E,$A,$B,$C,$D,$wr[36],$sr[36],$KR2,0);
+ &RIP3($D,$E,$A,$B,$C,$wr[37],$sr[37],$KR2,0);
+ &RIP3($C,$D,$E,$A,$B,$wr[38],$sr[38],$KR2,0);
+ &RIP3($B,$C,$D,$E,$A,$wr[39],$sr[39],$KR2,0);
+ &RIP3($A,$B,$C,$D,$E,$wr[40],$sr[40],$KR2,0);
+ &RIP3($E,$A,$B,$C,$D,$wr[41],$sr[41],$KR2,0);
+ &RIP3($D,$E,$A,$B,$C,$wr[42],$sr[42],$KR2,0);
+ &RIP3($C,$D,$E,$A,$B,$wr[43],$sr[43],$KR2,0);
+ &RIP3($B,$C,$D,$E,$A,$wr[44],$sr[44],$KR2,0);
+ &RIP3($A,$B,$C,$D,$E,$wr[45],$sr[45],$KR2,0);
+ &RIP3($E,$A,$B,$C,$D,$wr[46],$sr[46],$KR2,0);
+ &RIP3($D,$E,$A,$B,$C,$wr[47],$sr[47],$KR2,2,$wr[48]);
+
+ &RIP2($C,$D,$E,$A,$B,$wr[48],$wr[49],$sr[48],$KR3,-2);
+ &RIP2($B,$C,$D,$E,$A,$wr[49],$wr[50],$sr[49],$KR3,0);
+ &RIP2($A,$B,$C,$D,$E,$wr[50],$wr[51],$sr[50],$KR3,0);
+ &RIP2($E,$A,$B,$C,$D,$wr[51],$wr[52],$sr[51],$KR3,0);
+ &RIP2($D,$E,$A,$B,$C,$wr[52],$wr[53],$sr[52],$KR3,0);
+ &RIP2($C,$D,$E,$A,$B,$wr[53],$wr[54],$sr[53],$KR3,0);
+ &RIP2($B,$C,$D,$E,$A,$wr[54],$wr[55],$sr[54],$KR3,0);
+ &RIP2($A,$B,$C,$D,$E,$wr[55],$wr[56],$sr[55],$KR3,0);
+ &RIP2($E,$A,$B,$C,$D,$wr[56],$wr[57],$sr[56],$KR3,0);
+ &RIP2($D,$E,$A,$B,$C,$wr[57],$wr[58],$sr[57],$KR3,0);
+ &RIP2($C,$D,$E,$A,$B,$wr[58],$wr[59],$sr[58],$KR3,0);
+ &RIP2($B,$C,$D,$E,$A,$wr[59],$wr[60],$sr[59],$KR3,0);
+ &RIP2($A,$B,$C,$D,$E,$wr[60],$wr[61],$sr[60],$KR3,0);
+ &RIP2($E,$A,$B,$C,$D,$wr[61],$wr[62],$sr[61],$KR3,0);
+ &RIP2($D,$E,$A,$B,$C,$wr[62],$wr[63],$sr[62],$KR3,0);
+ &RIP2($C,$D,$E,$A,$B,$wr[63],$wr[64],$sr[63],$KR3,2);
+
+ &RIP1($B,$C,$D,$E,$A,$wr[64],$sr[64],-2);
+ &RIP1($A,$B,$C,$D,$E,$wr[65],$sr[65],0);
+ &RIP1($E,$A,$B,$C,$D,$wr[66],$sr[66],0);
+ &RIP1($D,$E,$A,$B,$C,$wr[67],$sr[67],0);
+ &RIP1($C,$D,$E,$A,$B,$wr[68],$sr[68],0);
+ &RIP1($B,$C,$D,$E,$A,$wr[69],$sr[69],0);
+ &RIP1($A,$B,$C,$D,$E,$wr[70],$sr[70],0);
+ &RIP1($E,$A,$B,$C,$D,$wr[71],$sr[71],0);
+ &RIP1($D,$E,$A,$B,$C,$wr[72],$sr[72],0);
+ &RIP1($C,$D,$E,$A,$B,$wr[73],$sr[73],0);
+ &RIP1($B,$C,$D,$E,$A,$wr[74],$sr[74],0);
+ &RIP1($A,$B,$C,$D,$E,$wr[75],$sr[75],0);
+ &RIP1($E,$A,$B,$C,$D,$wr[76],$sr[76],0);
+ &RIP1($D,$E,$A,$B,$C,$wr[77],$sr[77],0);
+ &RIP1($C,$D,$E,$A,$B,$wr[78],$sr[78],0);
+ &RIP1($B,$C,$D,$E,$A,$wr[79],$sr[79],2);
+
+ # &mov($tmp2, &wparam(0)); # Moved into last round
+
+ &mov($tmp1, &DWP( 4,$tmp2,"",0)); # ctx->B
+ &add($D, $tmp1);
+ &mov($tmp1, &swtmp(1+18)); # $c
+ &add($D, $tmp1);
+
+ &mov($tmp1, &DWP( 8,$tmp2,"",0)); # ctx->C
+ &add($E, $tmp1);
+ &mov($tmp1, &swtmp(1+19)); # $d
+ &add($E, $tmp1);
+
+ &mov($tmp1, &DWP(12,$tmp2,"",0)); # ctx->D
+ &add($A, $tmp1);
+ &mov($tmp1, &swtmp(1+20)); # $e
+ &add($A, $tmp1);
+
+
+ &mov($tmp1, &DWP(16,$tmp2,"",0)); # ctx->E
+ &add($B, $tmp1);
+ &mov($tmp1, &swtmp(1+16)); # $a
+ &add($B, $tmp1);
+
+ &mov($tmp1, &DWP( 0,$tmp2,"",0)); # ctx->A
+ &add($C, $tmp1);
+ &mov($tmp1, &swtmp(1+17)); # $b
+ &add($C, $tmp1);
+
+ &mov(&DWP( 0,$tmp2,"",0), $D);
+ &mov(&DWP( 4,$tmp2,"",0), $E);
+ &mov(&DWP( 8,$tmp2,"",0), $A);
+ &mov(&DWP(12,$tmp2,"",0), $B);
+ &mov(&DWP(16,$tmp2,"",0), $C);
+
+ &mov($tmp2, &swtmp(0));
+ &mov($tmp1, &wparam(1));
+
+ &cmp($tmp2,$tmp1);
+ &mov($tmp2, &wparam(0));
+
+ # XXX
+ &jge(&label("start"));
+
+ &stack_pop(16+5+1);
+
+ &pop("ebx");
+ &pop("ebp");
+ &pop("edi");
+ &pop("esi");
+ &ret();
+ &function_end_B($name);
+ }
+
diff --git a/src/lib/libssl/src/crypto/ripemd/ripemd.h b/src/lib/libssl/src/crypto/ripemd/ripemd.h
new file mode 100644
index 0000000000..a3bc6e3ab2
--- /dev/null
+++ b/src/lib/libssl/src/crypto/ripemd/ripemd.h
@@ -0,0 +1,99 @@
+/* crypto/ripemd/ripemd.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_RIPEMD_H
+#define HEADER_RIPEMD_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define RIPEMD160_CBLOCK 64
+#define RIPEMD160_LBLOCK 16
+#define RIPEMD160_BLOCK 16
+#define RIPEMD160_LAST_BLOCK 56
+#define RIPEMD160_LENGTH_BLOCK 8
+#define RIPEMD160_DIGEST_LENGTH 20
+
+typedef struct RIPEMD160state_st
+ {
+ unsigned long A,B,C,D,E;
+ unsigned long Nl,Nh;
+ unsigned long data[RIPEMD160_LBLOCK];
+ int num;
+ } RIPEMD160_CTX;
+
+#ifndef NOPROTO
+void RIPEMD160_Init(RIPEMD160_CTX *c);
+void RIPEMD160_Update(RIPEMD160_CTX *c, unsigned char *data, unsigned long len);
+void RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX *c);
+unsigned char *RIPEMD160(unsigned char *d, unsigned long n, unsigned char *md);
+void RIPEMD160_Transform(RIPEMD160_CTX *c, unsigned char *b);
+#else
+void RIPEMD160_Init();
+void RIPEMD160_Update();
+void RIPEMD160_Final();
+unsigned char *RIPEMD160();
+void RIPEMD160_Transform();
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/src/lib/libssl/src/crypto/ripemd/rmd160.c b/src/lib/libssl/src/crypto/ripemd/rmd160.c
new file mode 100644
index 0000000000..3fa1b8096e
--- /dev/null
+++ b/src/lib/libssl/src/crypto/ripemd/rmd160.c
@@ -0,0 +1,135 @@
+/* crypto/ripemd/rmd160.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "ripemd.h"
+
+#define BUFSIZE 1024*16
+
+#ifndef NOPROTO
+void do_fp(FILE *f);
+void pt(unsigned char *md);
+int read(int, void *, unsigned int);
+#else
+void do_fp();
+void pt();
+int read();
+#endif
+
+int main(argc, argv)
+int argc;
+char **argv;
+ {
+ int i,err=0;
+ FILE *IN;
+
+ if (argc == 1)
+ {
+ do_fp(stdin);
+ }
+ else
+ {
+ for (i=1; i<argc; i++)
+ {
+ IN=fopen(argv[i],"r");
+ if (IN == NULL)
+ {
+ perror(argv[i]);
+ err++;
+ continue;
+ }
+ printf("RIPEMD160(%s)= ",argv[i]);
+ do_fp(IN);
+ fclose(IN);
+ }
+ }
+ exit(err);
+ }
+
+void do_fp(f)
+FILE *f;
+ {
+ RIPEMD160_CTX c;
+ unsigned char md[RIPEMD160_DIGEST_LENGTH];
+ int fd;
+ int i;
+ static unsigned char buf[BUFSIZE];
+
+ fd=fileno(f);
+ RIPEMD160_Init(&c);
+ for (;;)
+ {
+ i=read(fd,buf,BUFSIZE);
+ if (i <= 0) break;
+ RIPEMD160_Update(&c,buf,(unsigned long)i);
+ }
+ RIPEMD160_Final(&(md[0]),&c);
+ pt(md);
+ }
+
+void pt(md)
+unsigned char *md;
+ {
+ int i;
+
+ for (i=0; i<RIPEMD160_DIGEST_LENGTH; i++)
+ printf("%02x",md[i]);
+ printf("\n");
+ }
+
diff --git a/src/lib/libssl/src/crypto/ripemd/rmd_dgst.c b/src/lib/libssl/src/crypto/ripemd/rmd_dgst.c
new file mode 100644
index 0000000000..210de1977d
--- /dev/null
+++ b/src/lib/libssl/src/crypto/ripemd/rmd_dgst.c
@@ -0,0 +1,535 @@
+/* crypto/ripemd/rmd_dgst.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "rmd_locl.h"
+
+char *RMD160_version="RIPEMD160 part of SSLeay 0.9.0b 29-Jun-1998";
+
+#ifndef NOPROTO
+# ifdef RMD160_ASM
+ void ripemd160_block_x86(RIPEMD160_CTX *c, unsigned long *p,int num);
+# define ripemd160_block ripemd160_block_x86
+# else
+ void ripemd160_block(RIPEMD160_CTX *c, unsigned long *p,int num);
+# endif
+#else
+# ifdef RMD160_ASM
+ void ripemd160_block_x86();
+# define ripemd160_block ripemd160_block_x86
+# else
+ static void ripemd160_block();
+# endif
+#endif
+
+void RIPEMD160_Init(c)
+RIPEMD160_CTX *c;
+ {
+ c->A=RIPEMD160_A;
+ c->B=RIPEMD160_B;
+ c->C=RIPEMD160_C;
+ c->D=RIPEMD160_D;
+ c->E=RIPEMD160_E;
+ c->Nl=0;
+ c->Nh=0;
+ c->num=0;
+ }
+
+void RIPEMD160_Update(c, data, len)
+RIPEMD160_CTX *c;
+register unsigned char *data;
+unsigned long len;
+ {
+ register ULONG *p;
+ int sw,sc;
+ ULONG l;
+
+ if (len == 0) return;
+
+ l=(c->Nl+(len<<3))&0xffffffffL;
+ if (l < c->Nl) /* overflow */
+ c->Nh++;
+ c->Nh+=(len>>29);
+ c->Nl=l;
+
+ if (c->num != 0)
+ {
+ p=c->data;
+ sw=c->num>>2;
+ sc=c->num&0x03;
+
+ if ((c->num+len) >= RIPEMD160_CBLOCK)
+ {
+ l= p[sw];
+ p_c2l(data,l,sc);
+ p[sw++]=l;
+ for (; sw<RIPEMD160_LBLOCK; sw++)
+ {
+ c2l(data,l);
+ p[sw]=l;
+ }
+ len-=(RIPEMD160_CBLOCK-c->num);
+
+ ripemd160_block(c,p,64);
+ c->num=0;
+ /* drop through and do the rest */
+ }
+ else
+ {
+ int ew,ec;
+
+ c->num+=(int)len;
+ if ((sc+len) < 4) /* ugly, add char's to a word */
+ {
+ l= p[sw];
+ p_c2l_p(data,l,sc,len);
+ p[sw]=l;
+ }
+ else
+ {
+ ew=(c->num>>2);
+ ec=(c->num&0x03);
+ l= p[sw];
+ p_c2l(data,l,sc);
+ p[sw++]=l;
+ for (; sw < ew; sw++)
+ { c2l(data,l); p[sw]=l; }
+ if (ec)
+ {
+ c2l_p(data,l,ec);
+ p[sw]=l;
+ }
+ }
+ return;
+ }
+ }
+ /* we now can process the input data in blocks of RIPEMD160_CBLOCK
+ * chars and save the leftovers to c->data. */
+#ifdef L_ENDIAN
+ if ((((unsigned long)data)%sizeof(ULONG)) == 0)
+ {
+ sw=(int)len/RIPEMD160_CBLOCK;
+ if (sw > 0)
+ {
+ sw*=RIPEMD160_CBLOCK;
+ ripemd160_block(c,(ULONG *)data,sw);
+ data+=sw;
+ len-=sw;
+ }
+ }
+#endif
+ p=c->data;
+ while (len >= RIPEMD160_CBLOCK)
+ {
+#if defined(L_ENDIAN) || defined(B_ENDIAN)
+ if (p != (unsigned long *)data)
+ memcpy(p,data,RIPEMD160_CBLOCK);
+ data+=RIPEMD160_CBLOCK;
+#ifdef B_ENDIAN
+ for (sw=(RIPEMD160_LBLOCK/4); sw; sw--)
+ {
+ Endian_Reverse32(p[0]);
+ Endian_Reverse32(p[1]);
+ Endian_Reverse32(p[2]);
+ Endian_Reverse32(p[3]);
+ p+=4;
+ }
+#endif
+#else
+ for (sw=(RIPEMD160_LBLOCK/4); sw; sw--)
+ {
+ c2l(data,l); *(p++)=l;
+ c2l(data,l); *(p++)=l;
+ c2l(data,l); *(p++)=l;
+ c2l(data,l); *(p++)=l;
+ }
+#endif
+ p=c->data;
+ ripemd160_block(c,p,64);
+ len-=RIPEMD160_CBLOCK;
+ }
+ sc=(int)len;
+ c->num=sc;
+ if (sc)
+ {
+ sw=sc>>2; /* words to copy */
+#ifdef L_ENDIAN
+ p[sw]=0;
+ memcpy(p,data,sc);
+#else
+ sc&=0x03;
+ for ( ; sw; sw--)
+ { c2l(data,l); *(p++)=l; }
+ c2l_p(data,l,sc);
+ *p=l;
+#endif
+ }
+ }
+
+void RIPEMD160_Transform(c,b)
+RIPEMD160_CTX *c;
+unsigned char *b;
+ {
+ ULONG p[16];
+#if !defined(L_ENDIAN)
+ ULONG *q;
+ int i;
+#endif
+
+#if defined(B_ENDIAN) || defined(L_ENDIAN)
+ memcpy(p,b,64);
+#ifdef B_ENDIAN
+ q=p;
+ for (i=(RIPEMD160_LBLOCK/4); i; i--)
+ {
+ Endian_Reverse32(q[0]);
+ Endian_Reverse32(q[1]);
+ Endian_Reverse32(q[2]);
+ Endian_Reverse32(q[3]);
+ q+=4;
+ }
+#endif
+#else
+ q=p;
+ for (i=(RIPEMD160_LBLOCK/4); i; i--)
+ {
+ ULONG l;
+ c2l(b,l); *(q++)=l;
+ c2l(b,l); *(q++)=l;
+ c2l(b,l); *(q++)=l;
+ c2l(b,l); *(q++)=l;
+ }
+#endif
+ ripemd160_block(c,p,64);
+ }
+
+#ifndef RMD160_ASM
+
+void ripemd160_block(ctx, X, num)
+RIPEMD160_CTX *ctx;
+register ULONG *X;
+int num;
+ {
+ register ULONG A,B,C,D,E;
+ ULONG a,b,c,d,e;
+
+ for (;;)
+ {
+ A=ctx->A; B=ctx->B; C=ctx->C; D=ctx->D; E=ctx->E;
+
+ RIP1(A,B,C,D,E,WL00,SL00);
+ RIP1(E,A,B,C,D,WL01,SL01);
+ RIP1(D,E,A,B,C,WL02,SL02);
+ RIP1(C,D,E,A,B,WL03,SL03);
+ RIP1(B,C,D,E,A,WL04,SL04);
+ RIP1(A,B,C,D,E,WL05,SL05);
+ RIP1(E,A,B,C,D,WL06,SL06);
+ RIP1(D,E,A,B,C,WL07,SL07);
+ RIP1(C,D,E,A,B,WL08,SL08);
+ RIP1(B,C,D,E,A,WL09,SL09);
+ RIP1(A,B,C,D,E,WL10,SL10);
+ RIP1(E,A,B,C,D,WL11,SL11);
+ RIP1(D,E,A,B,C,WL12,SL12);
+ RIP1(C,D,E,A,B,WL13,SL13);
+ RIP1(B,C,D,E,A,WL14,SL14);
+ RIP1(A,B,C,D,E,WL15,SL15);
+
+ RIP2(E,A,B,C,D,WL16,SL16,KL1);
+ RIP2(D,E,A,B,C,WL17,SL17,KL1);
+ RIP2(C,D,E,A,B,WL18,SL18,KL1);
+ RIP2(B,C,D,E,A,WL19,SL19,KL1);
+ RIP2(A,B,C,D,E,WL20,SL20,KL1);
+ RIP2(E,A,B,C,D,WL21,SL21,KL1);
+ RIP2(D,E,A,B,C,WL22,SL22,KL1);
+ RIP2(C,D,E,A,B,WL23,SL23,KL1);
+ RIP2(B,C,D,E,A,WL24,SL24,KL1);
+ RIP2(A,B,C,D,E,WL25,SL25,KL1);
+ RIP2(E,A,B,C,D,WL26,SL26,KL1);
+ RIP2(D,E,A,B,C,WL27,SL27,KL1);
+ RIP2(C,D,E,A,B,WL28,SL28,KL1);
+ RIP2(B,C,D,E,A,WL29,SL29,KL1);
+ RIP2(A,B,C,D,E,WL30,SL30,KL1);
+ RIP2(E,A,B,C,D,WL31,SL31,KL1);
+
+ RIP3(D,E,A,B,C,WL32,SL32,KL2);
+ RIP3(C,D,E,A,B,WL33,SL33,KL2);
+ RIP3(B,C,D,E,A,WL34,SL34,KL2);
+ RIP3(A,B,C,D,E,WL35,SL35,KL2);
+ RIP3(E,A,B,C,D,WL36,SL36,KL2);
+ RIP3(D,E,A,B,C,WL37,SL37,KL2);
+ RIP3(C,D,E,A,B,WL38,SL38,KL2);
+ RIP3(B,C,D,E,A,WL39,SL39,KL2);
+ RIP3(A,B,C,D,E,WL40,SL40,KL2);
+ RIP3(E,A,B,C,D,WL41,SL41,KL2);
+ RIP3(D,E,A,B,C,WL42,SL42,KL2);
+ RIP3(C,D,E,A,B,WL43,SL43,KL2);
+ RIP3(B,C,D,E,A,WL44,SL44,KL2);
+ RIP3(A,B,C,D,E,WL45,SL45,KL2);
+ RIP3(E,A,B,C,D,WL46,SL46,KL2);
+ RIP3(D,E,A,B,C,WL47,SL47,KL2);
+
+ RIP4(C,D,E,A,B,WL48,SL48,KL3);
+ RIP4(B,C,D,E,A,WL49,SL49,KL3);
+ RIP4(A,B,C,D,E,WL50,SL50,KL3);
+ RIP4(E,A,B,C,D,WL51,SL51,KL3);
+ RIP4(D,E,A,B,C,WL52,SL52,KL3);
+ RIP4(C,D,E,A,B,WL53,SL53,KL3);
+ RIP4(B,C,D,E,A,WL54,SL54,KL3);
+ RIP4(A,B,C,D,E,WL55,SL55,KL3);
+ RIP4(E,A,B,C,D,WL56,SL56,KL3);
+ RIP4(D,E,A,B,C,WL57,SL57,KL3);
+ RIP4(C,D,E,A,B,WL58,SL58,KL3);
+ RIP4(B,C,D,E,A,WL59,SL59,KL3);
+ RIP4(A,B,C,D,E,WL60,SL60,KL3);
+ RIP4(E,A,B,C,D,WL61,SL61,KL3);
+ RIP4(D,E,A,B,C,WL62,SL62,KL3);
+ RIP4(C,D,E,A,B,WL63,SL63,KL3);
+
+ RIP5(B,C,D,E,A,WL64,SL64,KL4);
+ RIP5(A,B,C,D,E,WL65,SL65,KL4);
+ RIP5(E,A,B,C,D,WL66,SL66,KL4);
+ RIP5(D,E,A,B,C,WL67,SL67,KL4);
+ RIP5(C,D,E,A,B,WL68,SL68,KL4);
+ RIP5(B,C,D,E,A,WL69,SL69,KL4);
+ RIP5(A,B,C,D,E,WL70,SL70,KL4);
+ RIP5(E,A,B,C,D,WL71,SL71,KL4);
+ RIP5(D,E,A,B,C,WL72,SL72,KL4);
+ RIP5(C,D,E,A,B,WL73,SL73,KL4);
+ RIP5(B,C,D,E,A,WL74,SL74,KL4);
+ RIP5(A,B,C,D,E,WL75,SL75,KL4);
+ RIP5(E,A,B,C,D,WL76,SL76,KL4);
+ RIP5(D,E,A,B,C,WL77,SL77,KL4);
+ RIP5(C,D,E,A,B,WL78,SL78,KL4);
+ RIP5(B,C,D,E,A,WL79,SL79,KL4);
+
+ a=A; b=B; c=C; d=D; e=E;
+ /* Do other half */
+ A=ctx->A; B=ctx->B; C=ctx->C; D=ctx->D; E=ctx->E;
+
+ RIP5(A,B,C,D,E,WR00,SR00,KR0);
+ RIP5(E,A,B,C,D,WR01,SR01,KR0);
+ RIP5(D,E,A,B,C,WR02,SR02,KR0);
+ RIP5(C,D,E,A,B,WR03,SR03,KR0);
+ RIP5(B,C,D,E,A,WR04,SR04,KR0);
+ RIP5(A,B,C,D,E,WR05,SR05,KR0);
+ RIP5(E,A,B,C,D,WR06,SR06,KR0);
+ RIP5(D,E,A,B,C,WR07,SR07,KR0);
+ RIP5(C,D,E,A,B,WR08,SR08,KR0);
+ RIP5(B,C,D,E,A,WR09,SR09,KR0);
+ RIP5(A,B,C,D,E,WR10,SR10,KR0);
+ RIP5(E,A,B,C,D,WR11,SR11,KR0);
+ RIP5(D,E,A,B,C,WR12,SR12,KR0);
+ RIP5(C,D,E,A,B,WR13,SR13,KR0);
+ RIP5(B,C,D,E,A,WR14,SR14,KR0);
+ RIP5(A,B,C,D,E,WR15,SR15,KR0);
+
+ RIP4(E,A,B,C,D,WR16,SR16,KR1);
+ RIP4(D,E,A,B,C,WR17,SR17,KR1);
+ RIP4(C,D,E,A,B,WR18,SR18,KR1);
+ RIP4(B,C,D,E,A,WR19,SR19,KR1);
+ RIP4(A,B,C,D,E,WR20,SR20,KR1);
+ RIP4(E,A,B,C,D,WR21,SR21,KR1);
+ RIP4(D,E,A,B,C,WR22,SR22,KR1);
+ RIP4(C,D,E,A,B,WR23,SR23,KR1);
+ RIP4(B,C,D,E,A,WR24,SR24,KR1);
+ RIP4(A,B,C,D,E,WR25,SR25,KR1);
+ RIP4(E,A,B,C,D,WR26,SR26,KR1);
+ RIP4(D,E,A,B,C,WR27,SR27,KR1);
+ RIP4(C,D,E,A,B,WR28,SR28,KR1);
+ RIP4(B,C,D,E,A,WR29,SR29,KR1);
+ RIP4(A,B,C,D,E,WR30,SR30,KR1);
+ RIP4(E,A,B,C,D,WR31,SR31,KR1);
+
+ RIP3(D,E,A,B,C,WR32,SR32,KR2);
+ RIP3(C,D,E,A,B,WR33,SR33,KR2);
+ RIP3(B,C,D,E,A,WR34,SR34,KR2);
+ RIP3(A,B,C,D,E,WR35,SR35,KR2);
+ RIP3(E,A,B,C,D,WR36,SR36,KR2);
+ RIP3(D,E,A,B,C,WR37,SR37,KR2);
+ RIP3(C,D,E,A,B,WR38,SR38,KR2);
+ RIP3(B,C,D,E,A,WR39,SR39,KR2);
+ RIP3(A,B,C,D,E,WR40,SR40,KR2);
+ RIP3(E,A,B,C,D,WR41,SR41,KR2);
+ RIP3(D,E,A,B,C,WR42,SR42,KR2);
+ RIP3(C,D,E,A,B,WR43,SR43,KR2);
+ RIP3(B,C,D,E,A,WR44,SR44,KR2);
+ RIP3(A,B,C,D,E,WR45,SR45,KR2);
+ RIP3(E,A,B,C,D,WR46,SR46,KR2);
+ RIP3(D,E,A,B,C,WR47,SR47,KR2);
+
+ RIP2(C,D,E,A,B,WR48,SR48,KR3);
+ RIP2(B,C,D,E,A,WR49,SR49,KR3);
+ RIP2(A,B,C,D,E,WR50,SR50,KR3);
+ RIP2(E,A,B,C,D,WR51,SR51,KR3);
+ RIP2(D,E,A,B,C,WR52,SR52,KR3);
+ RIP2(C,D,E,A,B,WR53,SR53,KR3);
+ RIP2(B,C,D,E,A,WR54,SR54,KR3);
+ RIP2(A,B,C,D,E,WR55,SR55,KR3);
+ RIP2(E,A,B,C,D,WR56,SR56,KR3);
+ RIP2(D,E,A,B,C,WR57,SR57,KR3);
+ RIP2(C,D,E,A,B,WR58,SR58,KR3);
+ RIP2(B,C,D,E,A,WR59,SR59,KR3);
+ RIP2(A,B,C,D,E,WR60,SR60,KR3);
+ RIP2(E,A,B,C,D,WR61,SR61,KR3);
+ RIP2(D,E,A,B,C,WR62,SR62,KR3);
+ RIP2(C,D,E,A,B,WR63,SR63,KR3);
+
+ RIP1(B,C,D,E,A,WR64,SR64);
+ RIP1(A,B,C,D,E,WR65,SR65);
+ RIP1(E,A,B,C,D,WR66,SR66);
+ RIP1(D,E,A,B,C,WR67,SR67);
+ RIP1(C,D,E,A,B,WR68,SR68);
+ RIP1(B,C,D,E,A,WR69,SR69);
+ RIP1(A,B,C,D,E,WR70,SR70);
+ RIP1(E,A,B,C,D,WR71,SR71);
+ RIP1(D,E,A,B,C,WR72,SR72);
+ RIP1(C,D,E,A,B,WR73,SR73);
+ RIP1(B,C,D,E,A,WR74,SR74);
+ RIP1(A,B,C,D,E,WR75,SR75);
+ RIP1(E,A,B,C,D,WR76,SR76);
+ RIP1(D,E,A,B,C,WR77,SR77);
+ RIP1(C,D,E,A,B,WR78,SR78);
+ RIP1(B,C,D,E,A,WR79,SR79);
+
+ D =ctx->B+c+D;
+ ctx->B=ctx->C+d+E;
+ ctx->C=ctx->D+e+A;
+ ctx->D=ctx->E+a+B;
+ ctx->E=ctx->A+b+C;
+ ctx->A=D;
+
+ X+=16;
+ num-=64;
+ if (num <= 0) break;
+ }
+ }
+#endif
+
+void RIPEMD160_Final(md, c)
+unsigned char *md;
+RIPEMD160_CTX *c;
+ {
+ register int i,j;
+ register ULONG l;
+ register ULONG *p;
+ static unsigned char end[4]={0x80,0x00,0x00,0x00};
+ unsigned char *cp=end;
+
+ /* c->num should definitly have room for at least one more byte. */
+ p=c->data;
+ j=c->num;
+ i=j>>2;
+
+ /* purify often complains about the following line as an
+ * Uninitialized Memory Read. While this can be true, the
+ * following p_c2l macro will reset l when that case is true.
+ * This is because j&0x03 contains the number of 'valid' bytes
+ * already in p[i]. If and only if j&0x03 == 0, the UMR will
+ * occur but this is also the only time p_c2l will do
+ * l= *(cp++) instead of l|= *(cp++)
+ * Many thanks to Alex Tang <altitude@cic.net> for pickup this
+ * 'potential bug' */
+#ifdef PURIFY
+ if ((j&0x03) == 0) p[i]=0;
+#endif
+ l=p[i];
+ p_c2l(cp,l,j&0x03);
+ p[i]=l;
+ i++;
+ /* i is the next 'undefined word' */
+ if (c->num >= RIPEMD160_LAST_BLOCK)
+ {
+ for (; i<RIPEMD160_LBLOCK; i++)
+ p[i]=0;
+ ripemd160_block(c,p,64);
+ i=0;
+ }
+ for (; i<(RIPEMD160_LBLOCK-2); i++)
+ p[i]=0;
+ p[RIPEMD160_LBLOCK-2]=c->Nl;
+ p[RIPEMD160_LBLOCK-1]=c->Nh;
+ ripemd160_block(c,p,64);
+ cp=md;
+ l=c->A; l2c(l,cp);
+ l=c->B; l2c(l,cp);
+ l=c->C; l2c(l,cp);
+ l=c->D; l2c(l,cp);
+ l=c->E; l2c(l,cp);
+
+ /* clear stuff, ripemd160_block may be leaving some stuff on the stack
+ * but I'm not worried :-) */
+ c->num=0;
+/* memset((char *)&c,0,sizeof(c));*/
+ }
+
+#ifdef undef
+int printit(l)
+unsigned long *l;
+ {
+ int i,ii;
+
+ for (i=0; i<2; i++)
+ {
+ for (ii=0; ii<8; ii++)
+ {
+ fprintf(stderr,"%08lx ",l[i*8+ii]);
+ }
+ fprintf(stderr,"\n");
+ }
+ }
+#endif
diff --git a/src/lib/libssl/src/crypto/ripemd/rmd_locl.h b/src/lib/libssl/src/crypto/ripemd/rmd_locl.h
new file mode 100644
index 0000000000..a1feccf7c1
--- /dev/null
+++ b/src/lib/libssl/src/crypto/ripemd/rmd_locl.h
@@ -0,0 +1,226 @@
+/* crypto/ripemd/rmd_locl.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdlib.h>
+#include <string.h>
+#include "ripemd.h"
+
+#define ULONG unsigned long
+#define UCHAR unsigned char
+#define UINT unsigned int
+
+#ifdef NOCONST
+#define const
+#endif
+
+#undef c2nl
+#define c2nl(c,l) (l =(((unsigned long)(*((c)++)))<<24), \
+ l|=(((unsigned long)(*((c)++)))<<16), \
+ l|=(((unsigned long)(*((c)++)))<< 8), \
+ l|=(((unsigned long)(*((c)++))) ))
+
+#undef p_c2nl
+#define p_c2nl(c,l,n) { \
+ switch (n) { \
+ case 0: l =((unsigned long)(*((c)++)))<<24; \
+ case 1: l|=((unsigned long)(*((c)++)))<<16; \
+ case 2: l|=((unsigned long)(*((c)++)))<< 8; \
+ case 3: l|=((unsigned long)(*((c)++))); \
+ } \
+ }
+
+#undef c2nl_p
+/* NOTE the pointer is not incremented at the end of this */
+#define c2nl_p(c,l,n) { \
+ l=0; \
+ (c)+=n; \
+ switch (n) { \
+ case 3: l =((unsigned long)(*(--(c))))<< 8; \
+ case 2: l|=((unsigned long)(*(--(c))))<<16; \
+ case 1: l|=((unsigned long)(*(--(c))))<<24; \
+ } \
+ }
+
+#undef p_c2nl_p
+#define p_c2nl_p(c,l,sc,len) { \
+ switch (sc) \
+ { \
+ case 0: l =((unsigned long)(*((c)++)))<<24; \
+ if (--len == 0) break; \
+ case 1: l|=((unsigned long)(*((c)++)))<<16; \
+ if (--len == 0) break; \
+ case 2: l|=((unsigned long)(*((c)++)))<< 8; \
+ } \
+ }
+
+#undef nl2c
+#define nl2c(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>16)&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
+ *((c)++)=(unsigned char)(((l) )&0xff))
+
+#undef c2l
+#define c2l(c,l) (l =(((unsigned long)(*((c)++))) ), \
+ l|=(((unsigned long)(*((c)++)))<< 8), \
+ l|=(((unsigned long)(*((c)++)))<<16), \
+ l|=(((unsigned long)(*((c)++)))<<24))
+
+#undef p_c2l
+#define p_c2l(c,l,n) { \
+ switch (n) { \
+ case 0: l =((unsigned long)(*((c)++))); \
+ case 1: l|=((unsigned long)(*((c)++)))<< 8; \
+ case 2: l|=((unsigned long)(*((c)++)))<<16; \
+ case 3: l|=((unsigned long)(*((c)++)))<<24; \
+ } \
+ }
+
+#undef c2l_p
+/* NOTE the pointer is not incremented at the end of this */
+#define c2l_p(c,l,n) { \
+ l=0; \
+ (c)+=n; \
+ switch (n) { \
+ case 3: l =((unsigned long)(*(--(c))))<<16; \
+ case 2: l|=((unsigned long)(*(--(c))))<< 8; \
+ case 1: l|=((unsigned long)(*(--(c)))); \
+ } \
+ }
+
+#undef p_c2l_p
+#define p_c2l_p(c,l,sc,len) { \
+ switch (sc) \
+ { \
+ case 0: l =((unsigned long)(*((c)++))); \
+ if (--len == 0) break; \
+ case 1: l|=((unsigned long)(*((c)++)))<< 8; \
+ if (--len == 0) break; \
+ case 2: l|=((unsigned long)(*((c)++)))<<16; \
+ } \
+ }
+
+#undef l2c
+#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>16)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>24)&0xff))
+
+#undef ROTATE
+#if defined(WIN32)
+#define ROTATE(a,n) _lrotl(a,n)
+#else
+#define ROTATE(a,n) (((a)<<(n))|(((a)&0xffffffff)>>(32-(n))))
+#endif
+
+/* A nice byte order reversal from Wei Dai <weidai@eskimo.com> */
+#if defined(WIN32)
+/* 5 instructions with rotate instruction, else 9 */
+#define Endian_Reverse32(a) \
+ { \
+ unsigned long l=(a); \
+ (a)=((ROTATE(l,8)&0x00FF00FF)|(ROTATE(l,24)&0xFF00FF00)); \
+ }
+#else
+/* 6 instructions with rotate instruction, else 8 */
+#define Endian_Reverse32(a) \
+ { \
+ unsigned long l=(a); \
+ l=(((l&0xFF00FF00)>>8L)|((l&0x00FF00FF)<<8L)); \
+ (a)=ROTATE(l,16L); \
+ }
+#endif
+
+#define F1(x,y,z) ((x)^(y)^(z))
+#define F2(x,y,z) (((x)&(y))|((~x)&z))
+#define F3(x,y,z) (((x)|(~y))^(z))
+#define F4(x,y,z) (((x)&(z))|((y)&(~(z))))
+#define F5(x,y,z) ((x)^((y)|(~(z))))
+
+#define RIPEMD160_A 0x67452301L
+#define RIPEMD160_B 0xEFCDAB89L
+#define RIPEMD160_C 0x98BADCFEL
+#define RIPEMD160_D 0x10325476L
+#define RIPEMD160_E 0xC3D2E1F0L
+
+#include "rmdconst.h"
+
+#define RIP1(a,b,c,d,e,w,s) { \
+ a+=F1(b,c,d)+X[w]; \
+ a=ROTATE(a,s)+e; \
+ c=ROTATE(c,10); }
+
+#define RIP2(a,b,c,d,e,w,s,K) { \
+ a+=F2(b,c,d)+X[w]+K; \
+ a=ROTATE(a,s)+e; \
+ c=ROTATE(c,10); }
+
+#define RIP3(a,b,c,d,e,w,s,K) { \
+ a+=F3(b,c,d)+X[w]+K; \
+ a=ROTATE(a,s)+e; \
+ c=ROTATE(c,10); }
+
+#define RIP4(a,b,c,d,e,w,s,K) { \
+ a+=F4(b,c,d)+X[w]+K; \
+ a=ROTATE(a,s)+e; \
+ c=ROTATE(c,10); }
+
+#define RIP5(a,b,c,d,e,w,s,K) { \
+ a+=F5(b,c,d)+X[w]+K; \
+ a=ROTATE(a,s)+e; \
+ c=ROTATE(c,10); }
+
diff --git a/src/lib/libssl/src/crypto/ripemd/rmd_one.c b/src/lib/libssl/src/crypto/ripemd/rmd_one.c
new file mode 100644
index 0000000000..a7626dbcda
--- /dev/null
+++ b/src/lib/libssl/src/crypto/ripemd/rmd_one.c
@@ -0,0 +1,77 @@
+/* crypto/ripemd/rmd_one.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "rmd_locl.h"
+
+unsigned char *RIPEMD160(d, n, md)
+unsigned char *d;
+unsigned long n;
+unsigned char *md;
+ {
+ RIPEMD160_CTX c;
+ static unsigned char m[RIPEMD160_DIGEST_LENGTH];
+
+ if (md == NULL) md=m;
+ RIPEMD160_Init(&c);
+ RIPEMD160_Update(&c,d,n);
+ RIPEMD160_Final(md,&c);
+ memset(&c,0,sizeof(c)); /* security consideration */
+ return(md);
+ }
+
diff --git a/src/lib/libssl/src/crypto/ripemd/rmdconst.h b/src/lib/libssl/src/crypto/ripemd/rmdconst.h
new file mode 100644
index 0000000000..59c48dead1
--- /dev/null
+++ b/src/lib/libssl/src/crypto/ripemd/rmdconst.h
@@ -0,0 +1,399 @@
+/* crypto/ripemd/rmdconst.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#define KL0 0x00000000L
+#define KL1 0x5A827999L
+#define KL2 0x6ED9EBA1L
+#define KL3 0x8F1BBCDCL
+#define KL4 0xA953FD4EL
+
+#define KR0 0x50A28BE6L
+#define KR1 0x5C4DD124L
+#define KR2 0x6D703EF3L
+#define KR3 0x7A6D76E9L
+#define KR4 0x00000000L
+
+#define WL00 0
+#define SL00 11
+#define WL01 1
+#define SL01 14
+#define WL02 2
+#define SL02 15
+#define WL03 3
+#define SL03 12
+#define WL04 4
+#define SL04 5
+#define WL05 5
+#define SL05 8
+#define WL06 6
+#define SL06 7
+#define WL07 7
+#define SL07 9
+#define WL08 8
+#define SL08 11
+#define WL09 9
+#define SL09 13
+#define WL10 10
+#define SL10 14
+#define WL11 11
+#define SL11 15
+#define WL12 12
+#define SL12 6
+#define WL13 13
+#define SL13 7
+#define WL14 14
+#define SL14 9
+#define WL15 15
+#define SL15 8
+
+#define WL16 7
+#define SL16 7
+#define WL17 4
+#define SL17 6
+#define WL18 13
+#define SL18 8
+#define WL19 1
+#define SL19 13
+#define WL20 10
+#define SL20 11
+#define WL21 6
+#define SL21 9
+#define WL22 15
+#define SL22 7
+#define WL23 3
+#define SL23 15
+#define WL24 12
+#define SL24 7
+#define WL25 0
+#define SL25 12
+#define WL26 9
+#define SL26 15
+#define WL27 5
+#define SL27 9
+#define WL28 2
+#define SL28 11
+#define WL29 14
+#define SL29 7
+#define WL30 11
+#define SL30 13
+#define WL31 8
+#define SL31 12
+
+#define WL32 3
+#define SL32 11
+#define WL33 10
+#define SL33 13
+#define WL34 14
+#define SL34 6
+#define WL35 4
+#define SL35 7
+#define WL36 9
+#define SL36 14
+#define WL37 15
+#define SL37 9
+#define WL38 8
+#define SL38 13
+#define WL39 1
+#define SL39 15
+#define WL40 2
+#define SL40 14
+#define WL41 7
+#define SL41 8
+#define WL42 0
+#define SL42 13
+#define WL43 6
+#define SL43 6
+#define WL44 13
+#define SL44 5
+#define WL45 11
+#define SL45 12
+#define WL46 5
+#define SL46 7
+#define WL47 12
+#define SL47 5
+
+#define WL48 1
+#define SL48 11
+#define WL49 9
+#define SL49 12
+#define WL50 11
+#define SL50 14
+#define WL51 10
+#define SL51 15
+#define WL52 0
+#define SL52 14
+#define WL53 8
+#define SL53 15
+#define WL54 12
+#define SL54 9
+#define WL55 4
+#define SL55 8
+#define WL56 13
+#define SL56 9
+#define WL57 3
+#define SL57 14
+#define WL58 7
+#define SL58 5
+#define WL59 15
+#define SL59 6
+#define WL60 14
+#define SL60 8
+#define WL61 5
+#define SL61 6
+#define WL62 6
+#define SL62 5
+#define WL63 2
+#define SL63 12
+
+#define WL64 4
+#define SL64 9
+#define WL65 0
+#define SL65 15
+#define WL66 5
+#define SL66 5
+#define WL67 9
+#define SL67 11
+#define WL68 7
+#define SL68 6
+#define WL69 12
+#define SL69 8
+#define WL70 2
+#define SL70 13
+#define WL71 10
+#define SL71 12
+#define WL72 14
+#define SL72 5
+#define WL73 1
+#define SL73 12
+#define WL74 3
+#define SL74 13
+#define WL75 8
+#define SL75 14
+#define WL76 11
+#define SL76 11
+#define WL77 6
+#define SL77 8
+#define WL78 15
+#define SL78 5
+#define WL79 13
+#define SL79 6
+
+#define WR00 5
+#define SR00 8
+#define WR01 14
+#define SR01 9
+#define WR02 7
+#define SR02 9
+#define WR03 0
+#define SR03 11
+#define WR04 9
+#define SR04 13
+#define WR05 2
+#define SR05 15
+#define WR06 11
+#define SR06 15
+#define WR07 4
+#define SR07 5
+#define WR08 13
+#define SR08 7
+#define WR09 6
+#define SR09 7
+#define WR10 15
+#define SR10 8
+#define WR11 8
+#define SR11 11
+#define WR12 1
+#define SR12 14
+#define WR13 10
+#define SR13 14
+#define WR14 3
+#define SR14 12
+#define WR15 12
+#define SR15 6
+
+#define WR16 6
+#define SR16 9
+#define WR17 11
+#define SR17 13
+#define WR18 3
+#define SR18 15
+#define WR19 7
+#define SR19 7
+#define WR20 0
+#define SR20 12
+#define WR21 13
+#define SR21 8
+#define WR22 5
+#define SR22 9
+#define WR23 10
+#define SR23 11
+#define WR24 14
+#define SR24 7
+#define WR25 15
+#define SR25 7
+#define WR26 8
+#define SR26 12
+#define WR27 12
+#define SR27 7
+#define WR28 4
+#define SR28 6
+#define WR29 9
+#define SR29 15
+#define WR30 1
+#define SR30 13
+#define WR31 2
+#define SR31 11
+
+#define WR32 15
+#define SR32 9
+#define WR33 5
+#define SR33 7
+#define WR34 1
+#define SR34 15
+#define WR35 3
+#define SR35 11
+#define WR36 7
+#define SR36 8
+#define WR37 14
+#define SR37 6
+#define WR38 6
+#define SR38 6
+#define WR39 9
+#define SR39 14
+#define WR40 11
+#define SR40 12
+#define WR41 8
+#define SR41 13
+#define WR42 12
+#define SR42 5
+#define WR43 2
+#define SR43 14
+#define WR44 10
+#define SR44 13
+#define WR45 0
+#define SR45 13
+#define WR46 4
+#define SR46 7
+#define WR47 13
+#define SR47 5
+
+#define WR48 8
+#define SR48 15
+#define WR49 6
+#define SR49 5
+#define WR50 4
+#define SR50 8
+#define WR51 1
+#define SR51 11
+#define WR52 3
+#define SR52 14
+#define WR53 11
+#define SR53 14
+#define WR54 15
+#define SR54 6
+#define WR55 0
+#define SR55 14
+#define WR56 5
+#define SR56 6
+#define WR57 12
+#define SR57 9
+#define WR58 2
+#define SR58 12
+#define WR59 13
+#define SR59 9
+#define WR60 9
+#define SR60 12
+#define WR61 7
+#define SR61 5
+#define WR62 10
+#define SR62 15
+#define WR63 14
+#define SR63 8
+
+#define WR64 12
+#define SR64 8
+#define WR65 15
+#define SR65 5
+#define WR66 10
+#define SR66 12
+#define WR67 4
+#define SR67 9
+#define WR68 1
+#define SR68 12
+#define WR69 5
+#define SR69 5
+#define WR70 8
+#define SR70 14
+#define WR71 7
+#define SR71 6
+#define WR72 6
+#define SR72 8
+#define WR73 2
+#define SR73 13
+#define WR74 13
+#define SR74 6
+#define WR75 14
+#define SR75 5
+#define WR76 0
+#define SR76 15
+#define WR77 3
+#define SR77 13
+#define WR78 9
+#define SR78 11
+#define WR79 11
+#define SR79 11
+
diff --git a/src/lib/libssl/src/crypto/ripemd/rmdtest.c b/src/lib/libssl/src/crypto/ripemd/rmdtest.c
new file mode 100644
index 0000000000..6a0297f975
--- /dev/null
+++ b/src/lib/libssl/src/crypto/ripemd/rmdtest.c
@@ -0,0 +1,133 @@
+/* crypto/ripemd/rmdtest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include "ripemd.h"
+
+char *test[]={
+ "",
+ "a",
+ "abc",
+ "message digest",
+ "abcdefghijklmnopqrstuvwxyz",
+ "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
+ "12345678901234567890123456789012345678901234567890123456789012345678901234567890",
+ NULL,
+ };
+
+char *ret[]={
+ "9c1185a5c5e9fc54612808977ee8f548b2258d31",
+ "0bdc9d2d256b3ee9daae347be6f4dc835a467ffe",
+ "8eb208f7e05d987a9b044a8e98c6b087f15a0bfc",
+ "5d0689ef49d2fae572b881b123a85ffa21595f36",
+ "f71c27109c692c1b56bbdceb5b9d2865b3708dbc",
+ "12a053384a9c0c88e405a06c27dcf49ada62eb2b",
+ "b0e20b6e3116640286ed3a87a5713079b21f5189",
+ "9b752e45573d4b39f4dbd3323cab82bf63326bfb",
+ };
+
+#ifndef NOPROTO
+static char *pt(unsigned char *md);
+#else
+static char *pt();
+#endif
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ int i,err=0;
+ unsigned char **P,**R;
+ char *p;
+
+ P=(unsigned char **)test;
+ R=(unsigned char **)ret;
+ i=1;
+ while (*P != NULL)
+ {
+ p=pt(RIPEMD160(&(P[0][0]),(unsigned long)strlen((char *)*P),NULL));
+ if (strcmp(p,(char *)*R) != 0)
+ {
+ printf("error calculating RIPEMD160 on '%s'\n",*P);
+ printf("got %s instead of %s\n",p,*R);
+ err++;
+ }
+ else
+ printf("test %d ok\n",i);
+ i++;
+ R++;
+ P++;
+ }
+ exit(err);
+ return(0);
+ }
+
+static char *pt(md)
+unsigned char *md;
+ {
+ int i;
+ static char buf[80];
+
+ for (i=0; i<RIPEMD160_DIGEST_LENGTH; i++)
+ sprintf(&(buf[i*2]),"%02x",md[i]);
+ return(buf);
+ }
+
diff --git a/src/lib/libssl/src/crypto/rsa/rsa.h b/src/lib/libssl/src/crypto/rsa/rsa.h
new file mode 100644
index 0000000000..aeb78ffcd3
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rsa/rsa.h
@@ -0,0 +1,324 @@
+/* crypto/rsa/rsa.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_RSA_H
+#define HEADER_RSA_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include "bn.h"
+#include "crypto.h"
+
+typedef struct rsa_meth_st
+ {
+ char *name;
+ int (*rsa_pub_enc)();
+ int (*rsa_pub_dec)();
+ int (*rsa_priv_enc)();
+ int (*rsa_priv_dec)();
+ int (*rsa_mod_exp)(); /* Can be null */
+ int (*bn_mod_exp)(); /* Can be null */
+ int (*init)(/* RSA * */); /* called at new */
+ int (*finish)(/* RSA * */); /* called at free */
+
+ int flags; /* RSA_METHOD_FLAG_* things */
+ char *app_data; /* may be needed! */
+ } RSA_METHOD;
+
+typedef struct rsa_st
+ {
+ /* The first parameter is used to pickup errors where
+ * this is passed instead of aEVP_PKEY, it is set to 0 */
+ int pad;
+ int version;
+ RSA_METHOD *meth;
+ BIGNUM *n;
+ BIGNUM *e;
+ BIGNUM *d;
+ BIGNUM *p;
+ BIGNUM *q;
+ BIGNUM *dmp1;
+ BIGNUM *dmq1;
+ BIGNUM *iqmp;
+ /* be carefull using this if the RSA structure is shared */
+ CRYPTO_EX_DATA ex_data;
+ int references;
+ int flags;
+
+ /* Normally used to cached montgomery values */
+ char *method_mod_n;
+ char *method_mod_p;
+ char *method_mod_q;
+
+ BN_BLINDING *blinding;
+ } RSA;
+
+#define RSA_3 0x3L
+#define RSA_F4 0x10001L
+
+#define RSA_METHOD_FLAG_NO_CHECK 0x01 /* don't check pub/private match */
+#define RSA_FLAG_CACHE_PUBLIC 0x02
+#define RSA_FLAG_CACHE_PRIVATE 0x04
+#define RSA_FLAG_BLINDING 0x08
+#define RSA_FLAG_THREAD_SAFE 0x10
+
+#define RSA_PKCS1_PADDING 1
+#define RSA_SSLV23_PADDING 2
+#define RSA_NO_PADDING 3
+
+#define RSA_set_app_data(s,arg) RSA_set_ex_data(s,0,(char *)arg)
+#define RSA_get_app_data(s) RSA_get_ex_data(s,0)
+
+#ifndef NOPROTO
+RSA * RSA_new(void);
+RSA * RSA_new_method(RSA_METHOD *method);
+int RSA_size(RSA *);
+RSA * RSA_generate_key(int bits, unsigned long e,void
+ (*callback)(int,int,char *),char *cb_arg);
+ /* next 4 return -1 on error */
+int RSA_public_encrypt(int flen, unsigned char *from,
+ unsigned char *to, RSA *rsa,int padding);
+int RSA_private_encrypt(int flen, unsigned char *from,
+ unsigned char *to, RSA *rsa,int padding);
+int RSA_public_decrypt(int flen, unsigned char *from,
+ unsigned char *to, RSA *rsa,int padding);
+int RSA_private_decrypt(int flen, unsigned char *from,
+ unsigned char *to, RSA *rsa,int padding);
+void RSA_free (RSA *r);
+
+int RSA_flags(RSA *r);
+
+void RSA_set_default_method(RSA_METHOD *meth);
+
+/* If you have RSAref compiled in. */
+RSA_METHOD *RSA_PKCS1_RSAref(void);
+
+/* these are the actual SSLeay RSA functions */
+RSA_METHOD *RSA_PKCS1_SSLeay(void);
+
+void ERR_load_RSA_strings(void );
+
+RSA * d2i_RSAPublicKey(RSA **a, unsigned char **pp, long length);
+int i2d_RSAPublicKey(RSA *a, unsigned char **pp);
+RSA * d2i_RSAPrivateKey(RSA **a, unsigned char **pp, long length);
+int i2d_RSAPrivateKey(RSA *a, unsigned char **pp);
+#ifndef NO_FP_API
+int RSA_print_fp(FILE *fp, RSA *r,int offset);
+#endif
+
+#ifdef HEADER_BIO_H
+int RSA_print(BIO *bp, RSA *r,int offset);
+#endif
+
+int i2d_Netscape_RSA(RSA *a, unsigned char **pp, int (*cb)());
+RSA *d2i_Netscape_RSA(RSA **a, unsigned char **pp, long length, int (*cb)());
+/* Naughty internal function required elsewhere, to handle a MS structure
+ * that is the same as the netscape one :-) */
+RSA *d2i_Netscape_RSA_2(RSA **a, unsigned char **pp, long length, int (*cb)());
+
+/* The following 2 functions sign and verify a X509_SIG ASN1 object
+ * inside PKCS#1 padded RSA encryption */
+int RSA_sign(int type, unsigned char *m, unsigned int m_len,
+ unsigned char *sigret, unsigned int *siglen, RSA *rsa);
+int RSA_verify(int type, unsigned char *m, unsigned int m_len,
+ unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
+
+/* The following 2 function sign and verify a ASN1_OCTET_STRING
+ * object inside PKCS#1 padded RSA encryption */
+int RSA_sign_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len,
+ unsigned char *sigret, unsigned int *siglen, RSA *rsa);
+int RSA_verify_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len,
+ unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
+
+int RSA_blinding_on(RSA *rsa, BN_CTX *ctx);
+void RSA_blinding_off(RSA *rsa);
+
+int RSA_padding_add_PKCS1_type_1(unsigned char *to,int tlen,
+ unsigned char *f,int fl);
+int RSA_padding_check_PKCS1_type_1(unsigned char *to,int tlen,
+ unsigned char *f,int fl);
+int RSA_padding_add_PKCS1_type_2(unsigned char *to,int tlen,
+ unsigned char *f,int fl);
+int RSA_padding_check_PKCS1_type_2(unsigned char *to,int tlen,
+ unsigned char *f,int fl);
+int RSA_padding_add_SSLv23(unsigned char *to,int tlen,
+ unsigned char *f,int fl);
+int RSA_padding_check_SSLv23(unsigned char *to,int tlen,
+ unsigned char *f,int fl);
+int RSA_padding_add_none(unsigned char *to,int tlen,
+ unsigned char *f,int fl);
+int RSA_padding_check_none(unsigned char *to,int tlen,
+ unsigned char *f,int fl);
+
+int RSA_get_ex_new_index(long argl, char *argp, int (*new_func)(),
+ int (*dup_func)(), void (*free_func)());
+int RSA_set_ex_data(RSA *r,int idx,char *arg);
+char *RSA_get_ex_data(RSA *r, int idx);
+
+#else
+
+RSA * RSA_new();
+RSA * RSA_new_method();
+int RSA_size();
+RSA * RSA_generate_key();
+int RSA_public_encrypt();
+int RSA_private_encrypt();
+int RSA_public_decrypt();
+int RSA_private_decrypt();
+void RSA_free ();
+
+int RSA_flags();
+
+void RSA_set_default_method();
+
+/* RSA_METHOD *RSA_PKCS1_RSAref(); */
+RSA_METHOD *RSA_PKCS1_SSLeay();
+
+void ERR_load_RSA_strings();
+
+RSA * d2i_RSAPublicKey();
+int i2d_RSAPublicKey();
+RSA * d2i_RSAPrivateKey();
+int i2d_RSAPrivateKey();
+#ifndef NO_FP_API
+int RSA_print_fp();
+#endif
+
+int RSA_print();
+
+int i2d_Netscape_RSA();
+RSA *d2i_Netscape_RSA();
+RSA *d2i_Netscape_RSA_2();
+
+int RSA_sign();
+int RSA_verify();
+
+int RSA_sign_ASN1_OCTET_STRING();
+int RSA_verify_ASN1_OCTET_STRING();
+int RSA_blinding_on();
+void RSA_blinding_off();
+
+int RSA_padding_add_PKCS1_type_1();
+int RSA_padding_check_PKCS1_type_1();
+int RSA_padding_add_PKCS1_type_2();
+int RSA_padding_check_PKCS1_type_2();
+int RSA_padding_add_SSLv23();
+int RSA_padding_check_SSLv23();
+int RSA_padding_add_none();
+int RSA_padding_check_none();
+
+int RSA_get_ex_new_index();
+int RSA_set_ex_data();
+char *RSA_get_ex_data();
+
+#endif
+
+/* BEGIN ERROR CODES */
+/* Error codes for the RSA functions. */
+
+/* Function codes. */
+#define RSA_F_RSA_EAY_PRIVATE_DECRYPT 100
+#define RSA_F_RSA_EAY_PRIVATE_ENCRYPT 101
+#define RSA_F_RSA_EAY_PUBLIC_DECRYPT 102
+#define RSA_F_RSA_EAY_PUBLIC_ENCRYPT 103
+#define RSA_F_RSA_GENERATE_KEY 104
+#define RSA_F_RSA_NEW_METHOD 105
+#define RSA_F_RSA_PADDING_ADD_NONE 106
+#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1 107
+#define RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2 108
+#define RSA_F_RSA_PADDING_ADD_SSLV23 109
+#define RSA_F_RSA_PADDING_CHECK_NONE 110
+#define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1 111
+#define RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2 112
+#define RSA_F_RSA_PADDING_CHECK_SSLV23 113
+#define RSA_F_RSA_PRINT 114
+#define RSA_F_RSA_PRINT_FP 115
+#define RSA_F_RSA_SIGN 116
+#define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 117
+#define RSA_F_RSA_VERIFY 118
+#define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING 119
+
+/* Reason codes. */
+#define RSA_R_ALGORITHM_MISMATCH 100
+#define RSA_R_BAD_E_VALUE 101
+#define RSA_R_BAD_FIXED_HEADER_DECRYPT 102
+#define RSA_R_BAD_PAD_BYTE_COUNT 103
+#define RSA_R_BAD_SIGNATURE 104
+#define RSA_R_BAD_ZERO_BYTE 105
+#define RSA_R_BLOCK_TYPE_IS_NOT_01 106
+#define RSA_R_BLOCK_TYPE_IS_NOT_02 107
+#define RSA_R_DATA_GREATER_THAN_MOD_LEN 108
+#define RSA_R_DATA_TOO_LARGE 109
+#define RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 110
+#define RSA_R_DATA_TOO_SMALL 111
+#define RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY 112
+#define RSA_R_NULL_BEFORE_BLOCK_MISSING 113
+#define RSA_R_PADDING_CHECK_FAILED 114
+#define RSA_R_SSLV3_ROLLBACK_ATTACK 115
+#define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116
+#define RSA_R_UNKNOWN_ALGORITHM_TYPE 117
+#define RSA_R_UNKNOWN_PADDING_TYPE 118
+#define RSA_R_WRONG_SIGNATURE_LENGTH 119
+
+#ifdef __cplusplus
+}
+#endif
+#endif
+
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_eay.c b/src/lib/libssl/src/crypto/rsa/rsa_eay.c
new file mode 100644
index 0000000000..42a77f11cd
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rsa/rsa_eay.c
@@ -0,0 +1,274 @@
+
+/* This file has been explicitly broken by ryker for OpenBSD, July
+ * 1, 1998. In spite of the title, there is no implementation of the
+ * RSA algorithm left in this file. All these routines will return an
+ * error and fail when called. They exist as stubs and can be
+ * ressurected from the bit bucket by someone in the free world once
+ * the RSA algorithm is no longer subject to patent problems. Eric
+ * Young's original copyright is below.
+ */
+
+/* crypto/rsa/rsa_eay.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "rsa.h"
+#include "rand.h"
+
+#ifndef NOPROTO
+static int RSA_eay_public_encrypt(int flen, unsigned char *from,
+ unsigned char *to, RSA *rsa,int padding);
+static int RSA_eay_private_encrypt(int flen, unsigned char *from,
+ unsigned char *to, RSA *rsa,int padding);
+static int RSA_eay_public_decrypt(int flen, unsigned char *from,
+ unsigned char *to, RSA *rsa,int padding);
+static int RSA_eay_private_decrypt(int flen, unsigned char *from,
+ unsigned char *to, RSA *rsa,int padding);
+static int RSA_eay_mod_exp(BIGNUM *r0, BIGNUM *i, RSA *rsa);
+static int RSA_eay_init(RSA *rsa);
+static int RSA_eay_finish(RSA *rsa);
+#else
+static int RSA_eay_public_encrypt();
+static int RSA_eay_private_encrypt();
+static int RSA_eay_public_decrypt();
+static int RSA_eay_private_decrypt();
+static int RSA_eay_mod_exp();
+static int RSA_eay_init();
+static int RSA_eay_finish();
+#endif
+
+static RSA_METHOD rsa_pkcs1_eay_meth={
+ "Eric Young's PKCS#1 RSA",
+ RSA_eay_public_encrypt,
+ RSA_eay_public_decrypt,
+ RSA_eay_private_encrypt,
+ RSA_eay_private_decrypt,
+ RSA_eay_mod_exp,
+ BN_mod_exp_mont,
+ RSA_eay_init,
+ RSA_eay_finish,
+ 0,
+ NULL,
+ };
+
+RSA_METHOD *RSA_PKCS1_SSLeay()
+ {
+ return(&rsa_pkcs1_eay_meth);
+ }
+
+static int RSA_eay_public_encrypt(flen, from, to, rsa, padding)
+int flen;
+unsigned char *from;
+unsigned char *to;
+RSA *rsa;
+int padding;
+ {
+ BIGNUM *f=NULL,*ret=NULL;
+ int i,j,k,num=0,r= -1;
+ unsigned char *buf=NULL;
+ BN_CTX *ctx=NULL;
+
+ /* Body of this routine removed for OpenBSD - will return
+ * when the RSA patent expires
+ */
+
+err:
+ if (ctx != NULL) BN_CTX_free(ctx);
+ if (f != NULL) BN_free(f);
+ if (ret != NULL) BN_free(ret);
+ if (buf != NULL)
+ {
+ memset(buf,0,num);
+ Free(buf);
+ }
+ return(r);
+ }
+
+static int RSA_eay_private_encrypt(flen, from, to, rsa, padding)
+int flen;
+unsigned char *from;
+unsigned char *to;
+RSA *rsa;
+int padding;
+ {
+ BIGNUM *f=NULL,*ret=NULL;
+ int i,j,k,num=0,r= -1;
+ unsigned char *buf=NULL;
+ BN_CTX *ctx=NULL;
+
+ /* Body of this routine removed for OpenBSD - will return
+ * when the RSA patent expires
+ */
+
+err:
+ if (ctx != NULL) BN_CTX_free(ctx);
+ if (ret != NULL) BN_free(ret);
+ if (f != NULL) BN_free(f);
+ if (buf != NULL)
+ {
+ memset(buf,0,num);
+ Free(buf);
+ }
+ return(r);
+ }
+
+static int RSA_eay_private_decrypt(flen, from, to, rsa,padding)
+int flen;
+unsigned char *from;
+unsigned char *to;
+RSA *rsa;
+int padding;
+ {
+ BIGNUM *f=NULL,*ret=NULL;
+ int j,num=0,r= -1;
+ unsigned char *p;
+ unsigned char *buf=NULL;
+ BN_CTX *ctx=NULL;
+
+ /* Body of this routine removed for OpenBSD - will return
+ * when the RSA patent expires
+ */
+
+err:
+ if (ctx != NULL) BN_CTX_free(ctx);
+ if (f != NULL) BN_free(f);
+ if (ret != NULL) BN_free(ret);
+ if (buf != NULL)
+ {
+ memset(buf,0,num);
+ Free(buf);
+ }
+ return(r);
+ }
+
+static int RSA_eay_public_decrypt(flen, from, to, rsa, padding)
+int flen;
+unsigned char *from;
+unsigned char *to;
+RSA *rsa;
+int padding;
+ {
+ BIGNUM *f=NULL,*ret=NULL;
+ int i,num=0,r= -1;
+ unsigned char *p;
+ unsigned char *buf=NULL;
+ BN_CTX *ctx=NULL;
+
+
+ /* Body of this routine removed for OpenBSD - will return
+ * when the RSA patent expires
+ */
+
+err:
+ if (ctx != NULL) BN_CTX_free(ctx);
+ if (f != NULL) BN_free(f);
+ if (ret != NULL) BN_free(ret);
+ if (buf != NULL)
+ {
+ memset(buf,0,num);
+ Free(buf);
+ }
+ return(r);
+ }
+
+static int RSA_eay_mod_exp(r0, I, rsa)
+BIGNUM *r0;
+BIGNUM *I;
+RSA *rsa;
+ {
+ BIGNUM *r1=NULL,*m1=NULL;
+ int ret=0;
+ BN_CTX *ctx;
+
+ if ((ctx=BN_CTX_new()) == NULL) goto err;
+ m1=BN_new();
+ r1=BN_new();
+ if ((m1 == NULL) || (r1 == NULL)) goto err;
+
+ /* Body of this routine removed for OpenBSD - will return
+ * when the RSA patent expires
+ */
+err:
+ if (m1 != NULL) BN_free(m1);
+ if (r1 != NULL) BN_free(r1);
+ BN_CTX_free(ctx);
+ return(ret);
+ }
+
+static int RSA_eay_init(rsa)
+RSA *rsa;
+ {
+ rsa->flags|=RSA_FLAG_CACHE_PUBLIC|RSA_FLAG_CACHE_PRIVATE;
+ return(1);
+ }
+
+static int RSA_eay_finish(rsa)
+RSA *rsa;
+ {
+ if (rsa->method_mod_n != NULL)
+ BN_MONT_CTX_free((BN_MONT_CTX *)rsa->method_mod_n);
+ if (rsa->method_mod_p != NULL)
+ BN_MONT_CTX_free((BN_MONT_CTX *)rsa->method_mod_p);
+ if (rsa->method_mod_q != NULL)
+ BN_MONT_CTX_free((BN_MONT_CTX *)rsa->method_mod_q);
+ return(1);
+ }
+
+
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_err.c b/src/lib/libssl/src/crypto/rsa/rsa_err.c
new file mode 100644
index 0000000000..796b3afd47
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rsa/rsa_err.c
@@ -0,0 +1,129 @@
+/* lib/rsa/rsa_err.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include "err.h"
+#include "rsa.h"
+
+/* BEGIN ERROR CODES */
+#ifndef NO_ERR
+static ERR_STRING_DATA RSA_str_functs[]=
+ {
+{ERR_PACK(0,RSA_F_RSA_EAY_PRIVATE_DECRYPT,0), "RSA_EAY_PRIVATE_DECRYPT"},
+{ERR_PACK(0,RSA_F_RSA_EAY_PRIVATE_ENCRYPT,0), "RSA_EAY_PRIVATE_ENCRYPT"},
+{ERR_PACK(0,RSA_F_RSA_EAY_PUBLIC_DECRYPT,0), "RSA_EAY_PUBLIC_DECRYPT"},
+{ERR_PACK(0,RSA_F_RSA_EAY_PUBLIC_ENCRYPT,0), "RSA_EAY_PUBLIC_ENCRYPT"},
+{ERR_PACK(0,RSA_F_RSA_GENERATE_KEY,0), "RSA_generate_key"},
+{ERR_PACK(0,RSA_F_RSA_NEW_METHOD,0), "RSA_new_method"},
+{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_NONE,0), "RSA_padding_add_none"},
+{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1,0), "RSA_padding_add_PKCS1_type_1"},
+{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2,0), "RSA_padding_add_PKCS1_type_2"},
+{ERR_PACK(0,RSA_F_RSA_PADDING_ADD_SSLV23,0), "RSA_padding_add_SSLv23"},
+{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_NONE,0), "RSA_padding_check_none"},
+{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,0), "RSA_padding_check_PKCS1_type_1"},
+{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,0), "RSA_padding_check_PKCS1_type_2"},
+{ERR_PACK(0,RSA_F_RSA_PADDING_CHECK_SSLV23,0), "RSA_padding_check_SSLv23"},
+{ERR_PACK(0,RSA_F_RSA_PRINT,0), "RSA_print"},
+{ERR_PACK(0,RSA_F_RSA_PRINT_FP,0), "RSA_print_fp"},
+{ERR_PACK(0,RSA_F_RSA_SIGN,0), "RSA_sign"},
+{ERR_PACK(0,RSA_F_RSA_SIGN_ASN1_OCTET_STRING,0), "RSA_sign_ASN1_OCTET_STRING"},
+{ERR_PACK(0,RSA_F_RSA_VERIFY,0), "RSA_verify"},
+{ERR_PACK(0,RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,0), "RSA_verify_ASN1_OCTET_STRING"},
+{0,NULL},
+ };
+
+static ERR_STRING_DATA RSA_str_reasons[]=
+ {
+{RSA_R_ALGORITHM_MISMATCH ,"algorithm mismatch"},
+{RSA_R_BAD_E_VALUE ,"bad e value"},
+{RSA_R_BAD_FIXED_HEADER_DECRYPT ,"bad fixed header decrypt"},
+{RSA_R_BAD_PAD_BYTE_COUNT ,"bad pad byte count"},
+{RSA_R_BAD_SIGNATURE ,"bad signature"},
+{RSA_R_BAD_ZERO_BYTE ,"bad zero byte"},
+{RSA_R_BLOCK_TYPE_IS_NOT_01 ,"block type is not 01"},
+{RSA_R_BLOCK_TYPE_IS_NOT_02 ,"block type is not 02"},
+{RSA_R_DATA_GREATER_THAN_MOD_LEN ,"data greater than mod len"},
+{RSA_R_DATA_TOO_LARGE ,"data too large"},
+{RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE ,"data too large for key size"},
+{RSA_R_DATA_TOO_SMALL ,"data too small"},
+{RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY ,"digest too big for rsa key"},
+{RSA_R_NULL_BEFORE_BLOCK_MISSING ,"null before block missing"},
+{RSA_R_PADDING_CHECK_FAILED ,"padding check failed"},
+{RSA_R_SSLV3_ROLLBACK_ATTACK ,"sslv3 rollback attack"},
+{RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD,"the asn1 object identifier is not known for this md"},
+{RSA_R_UNKNOWN_ALGORITHM_TYPE ,"unknown algorithm type"},
+{RSA_R_UNKNOWN_PADDING_TYPE ,"unknown padding type"},
+{RSA_R_WRONG_SIGNATURE_LENGTH ,"wrong signature length"},
+{0,NULL},
+ };
+
+#endif
+
+void ERR_load_RSA_strings()
+ {
+ static int init=1;
+
+ if (init);
+ {;
+ init=0;
+#ifndef NO_ERR
+ ERR_load_strings(ERR_LIB_RSA,RSA_str_functs);
+ ERR_load_strings(ERR_LIB_RSA,RSA_str_reasons);
+#endif
+
+ }
+ }
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_gen.c b/src/lib/libssl/src/crypto/rsa/rsa_gen.c
new file mode 100644
index 0000000000..4cbd373829
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rsa/rsa_gen.c
@@ -0,0 +1,101 @@
+/* crypto/rsa/rsa_gen.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "rsa.h"
+
+RSA *RSA_generate_key(bits, e_value, callback,cb_arg)
+int bits;
+unsigned long e_value;
+void (*callback)(P_I_I_P);
+char *cb_arg;
+ {
+ RSA *rsa=NULL;
+ BIGNUM *r0=NULL,*r1=NULL,*r2=NULL,*r3=NULL,*tmp;
+ int bitsp,bitsq,ok= -1,n=0;
+ BN_CTX *ctx=NULL,*ctx2=NULL;
+
+ ctx=BN_CTX_new();
+ if (ctx == NULL) goto err;
+ ctx2=BN_CTX_new();
+ if (ctx2 == NULL) goto err;
+
+ /* Body of this routine removed for OpenBSD - will return
+ * when the RSA patent expires
+ */
+err:
+ if (ok == -1)
+ {
+ RSAerr(RSA_F_RSA_GENERATE_KEY,ERR_LIB_BN);
+ ok=0;
+ }
+ BN_CTX_free(ctx);
+ BN_CTX_free(ctx2);
+
+ if (!ok)
+ {
+ if (rsa != NULL) RSA_free(rsa);
+ return(NULL);
+ }
+ else
+ return(rsa);
+ }
+
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_lib.c b/src/lib/libssl/src/crypto/rsa/rsa_lib.c
new file mode 100644
index 0000000000..95a56f8a28
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rsa/rsa_lib.c
@@ -0,0 +1,294 @@
+/* crypto/rsa/rsa_lib.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "crypto.h"
+#include "cryptlib.h"
+#include "lhash.h"
+#include "bn.h"
+#include "rsa.h"
+
+char *RSA_version="RSA part of SSLeay 0.9.0b 29-Jun-1998";
+
+static RSA_METHOD *default_RSA_meth=NULL;
+static int rsa_meth_num=0;
+static STACK *rsa_meth=NULL;
+
+RSA *RSA_new()
+ {
+ return(RSA_new_method(NULL));
+ }
+
+void RSA_set_default_method(meth)
+RSA_METHOD *meth;
+ {
+ default_RSA_meth=meth;
+ }
+
+RSA *RSA_new_method(meth)
+RSA_METHOD *meth;
+ {
+ RSA *ret;
+
+ if (default_RSA_meth == NULL)
+ {
+#ifdef RSAref
+ default_RSA_meth=RSA_PKCS1_RSAref();
+#else
+ default_RSA_meth=RSA_PKCS1_SSLeay();
+#endif
+ }
+ ret=(RSA *)Malloc(sizeof(RSA));
+ if (ret == NULL)
+ {
+ RSAerr(RSA_F_RSA_NEW_METHOD,ERR_R_MALLOC_FAILURE);
+ return(NULL);
+ }
+
+ if (meth == NULL)
+ ret->meth=default_RSA_meth;
+ else
+ ret->meth=meth;
+
+ ret->pad=0;
+ ret->version=0;
+ ret->n=NULL;
+ ret->e=NULL;
+ ret->d=NULL;
+ ret->p=NULL;
+ ret->q=NULL;
+ ret->dmp1=NULL;
+ ret->dmq1=NULL;
+ ret->iqmp=NULL;
+ ret->references=1;
+ ret->method_mod_n=NULL;
+ ret->method_mod_p=NULL;
+ ret->method_mod_q=NULL;
+ ret->blinding=NULL;
+ ret->flags=ret->meth->flags;
+ if ((ret->meth->init != NULL) && !ret->meth->init(ret))
+ {
+ Free(ret);
+ ret=NULL;
+ }
+ CRYPTO_new_ex_data(rsa_meth,(char *)ret,&ret->ex_data);
+ return(ret);
+ }
+
+void RSA_free(r)
+RSA *r;
+ {
+ int i;
+
+ if (r == NULL) return;
+
+ i=CRYPTO_add(&r->references,-1,CRYPTO_LOCK_RSA);
+#ifdef REF_PRINT
+ REF_PRINT("RSA",r);
+#endif
+ if (i > 0) return;
+#ifdef REF_CHECK
+ if (i < 0)
+ {
+ fprintf(stderr,"RSA_free, bad reference count\n");
+ abort();
+ }
+#endif
+
+ CRYPTO_free_ex_data(rsa_meth,(char *)r,&r->ex_data);
+
+ if (r->meth->finish != NULL)
+ r->meth->finish(r);
+
+ if (r->n != NULL) BN_clear_free(r->n);
+ if (r->e != NULL) BN_clear_free(r->e);
+ if (r->d != NULL) BN_clear_free(r->d);
+ if (r->p != NULL) BN_clear_free(r->p);
+ if (r->q != NULL) BN_clear_free(r->q);
+ if (r->dmp1 != NULL) BN_clear_free(r->dmp1);
+ if (r->dmq1 != NULL) BN_clear_free(r->dmq1);
+ if (r->iqmp != NULL) BN_clear_free(r->iqmp);
+ if (r->blinding != NULL) BN_BLINDING_free(r->blinding);
+ Free(r);
+ }
+
+int RSA_get_ex_new_index(argl,argp,new_func,dup_func,free_func)
+long argl;
+char *argp;
+int (*new_func)();
+int (*dup_func)();
+void (*free_func)();
+ {
+ rsa_meth_num++;
+ return(CRYPTO_get_ex_new_index(rsa_meth_num-1,
+ &rsa_meth,argl,argp,new_func,dup_func,free_func));
+ }
+
+int RSA_set_ex_data(r,idx,arg)
+RSA *r;
+int idx;
+char *arg;
+ {
+ return(CRYPTO_set_ex_data(&r->ex_data,idx,arg));
+ }
+
+char *RSA_get_ex_data(r,idx)
+RSA *r;
+int idx;
+ {
+ return(CRYPTO_get_ex_data(&r->ex_data,idx));
+ }
+
+int RSA_size(r)
+RSA *r;
+ {
+ return(BN_num_bytes(r->n));
+ }
+
+int RSA_public_encrypt(flen, from, to, rsa, padding)
+int flen;
+unsigned char *from;
+unsigned char *to;
+RSA *rsa;
+int padding;
+ {
+ return(rsa->meth->rsa_pub_enc(flen, from, to, rsa, padding));
+ }
+
+int RSA_private_encrypt(flen, from, to, rsa, padding)
+int flen;
+unsigned char *from;
+unsigned char *to;
+RSA *rsa;
+int padding;
+ {
+ return(rsa->meth->rsa_priv_enc(flen, from, to, rsa, padding));
+ }
+
+int RSA_private_decrypt(flen, from, to, rsa, padding)
+int flen;
+unsigned char *from;
+unsigned char *to;
+RSA *rsa;
+int padding;
+ {
+ return(rsa->meth->rsa_priv_dec(flen, from, to, rsa, padding));
+ }
+
+int RSA_public_decrypt(flen, from, to, rsa, padding)
+int flen;
+unsigned char *from;
+unsigned char *to;
+RSA *rsa;
+int padding;
+ {
+ return(rsa->meth->rsa_pub_dec(flen, from, to, rsa, padding));
+ }
+
+int RSA_flags(r)
+RSA *r;
+ {
+ return((r == NULL)?0:r->meth->flags);
+ }
+
+void RSA_blinding_off(rsa)
+RSA *rsa;
+ {
+ if (rsa->blinding != NULL)
+ {
+ BN_BLINDING_free(rsa->blinding);
+ rsa->blinding=NULL;
+ }
+ rsa->flags&= ~RSA_FLAG_BLINDING;
+ }
+
+int RSA_blinding_on(rsa,p_ctx)
+RSA *rsa;
+BN_CTX *p_ctx;
+ {
+ BIGNUM *A,*Ai;
+ BN_CTX *ctx;
+ int ret=0;
+
+ if (p_ctx == NULL)
+ {
+ if ((ctx=BN_CTX_new()) == NULL) goto err;
+ }
+ else
+ ctx=p_ctx;
+
+ if (rsa->blinding != NULL)
+ BN_BLINDING_free(rsa->blinding);
+
+ A=ctx->bn[0];
+ ctx->tos++;
+ if (!BN_rand(A,BN_num_bits(rsa->n)-1,1,0)) goto err;
+ if ((Ai=BN_mod_inverse(A,rsa->n,ctx)) == NULL) goto err;
+
+ if (!rsa->meth->bn_mod_exp(A,A,rsa->e,rsa->n,ctx,
+ (char *)rsa->method_mod_n)) goto err;
+ rsa->blinding=BN_BLINDING_new(A,Ai,rsa->n);
+ ctx->tos--;
+ rsa->flags|=RSA_FLAG_BLINDING;
+ BN_free(Ai);
+ ret=1;
+err:
+ if (ctx != p_ctx) BN_CTX_free(ctx);
+ return(ret);
+ }
+
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_none.c b/src/lib/libssl/src/crypto/rsa/rsa_none.c
new file mode 100644
index 0000000000..f0dd943657
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rsa/rsa_none.c
@@ -0,0 +1,109 @@
+/* crypto/rsa/rsa_none.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "rsa.h"
+#include "rand.h"
+
+int RSA_padding_add_none(to,tlen,from,flen)
+unsigned char *to;
+int tlen;
+unsigned char *from;
+int flen;
+ {
+ if (flen >= tlen)
+ {
+ RSAerr(RSA_F_RSA_PADDING_ADD_NONE,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
+ return(0);
+ }
+
+ *(to++)=0;
+ memcpy(to,from,(unsigned int)flen);
+ return(1);
+ }
+
+int RSA_padding_check_none(to,tlen,from,flen)
+unsigned char *to;
+int tlen;
+unsigned char *from;
+int flen;
+ {
+ int j;
+
+ from++;
+ if (flen+1 > tlen)
+ {
+ RSAerr(RSA_F_RSA_PADDING_CHECK_NONE,RSA_R_DATA_TOO_LARGE);
+ return(-1);
+ }
+ if (*(from++) != 0)
+ {
+ RSAerr(RSA_F_RSA_PADDING_CHECK_NONE,RSA_R_BAD_ZERO_BYTE);
+ return(-1);
+ }
+
+ /* scan over padding data */
+ j=flen-1; /* one for type and one for the prepended 0. */
+ memset(to,0,tlen-j);
+ to+=(tlen-j);
+ memcpy(to,from,j);
+ return(j);
+ }
+
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_pk1.c b/src/lib/libssl/src/crypto/rsa/rsa_pk1.c
new file mode 100644
index 0000000000..2791291b94
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rsa/rsa_pk1.c
@@ -0,0 +1,233 @@
+/* crypto/rsa/rsa_pk1.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "rsa.h"
+#include "rand.h"
+
+#ifndef NOPROTO
+int RSA_padding_add_PKCS1_type_1();
+int RSA_padding_check_PKCS1_type_1();
+int RSA_padding_add_PKCS1_type_2();
+int RSA_padding_check_PKCS1_type_2();
+int RSA_padding_add_SSLv23();
+int RSA_padding_check_SSLv23();
+int RSA_padding_add_none();
+int RSA_padding_check_none();
+
+#endif
+
+int RSA_padding_add_PKCS1_type_1(to,tlen,from,flen)
+unsigned char *to;
+int tlen;
+unsigned char *from;
+int flen;
+ {
+ int j;
+ unsigned char *p;
+
+ if (flen > (tlen-11))
+ {
+ RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_1,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
+ return(0);
+ }
+
+ p=(unsigned char *)to;
+
+ *(p++)=0;
+ *(p++)=1; /* Private Key BT (Block Type) */
+
+ /* padd out with 0xff data */
+ j=tlen-3-flen;
+ memset(p,0xff,j);
+ p+=j;
+ *(p++)='\0';
+ memcpy(p,from,(unsigned int)flen);
+ return(1);
+ }
+
+int RSA_padding_check_PKCS1_type_1(to,tlen,from,flen)
+unsigned char *to;
+int tlen;
+unsigned char *from;
+int flen;
+ {
+ int i,j;
+ unsigned char *p;
+
+ p=from;
+ if (*(p++) != 01)
+ {
+ RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,RSA_R_BLOCK_TYPE_IS_NOT_01);
+ return(-1);
+ }
+
+ /* scan over padding data */
+ j=flen-1; /* one for type. */
+ for (i=0; i<j; i++)
+ {
+ if (*p != 0xff) /* should decrypt to 0xff */
+ {
+ if (*p == 0)
+ { p++; break; }
+ else {
+ RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,RSA_R_BAD_FIXED_HEADER_DECRYPT);
+ return(-1);
+ }
+ }
+ p++;
+ }
+
+ if (i == j)
+ {
+ RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,RSA_R_NULL_BEFORE_BLOCK_MISSING);
+ return(-1);
+ }
+
+ if (i < 8)
+ {
+ RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_1,RSA_R_BAD_PAD_BYTE_COUNT);
+ return(-1);
+ }
+ i++; /* Skip over the '\0' */
+ j-=i;
+ memcpy(to,p,(unsigned int)j);
+
+ return(j);
+ }
+
+int RSA_padding_add_PKCS1_type_2(to,tlen,from,flen)
+unsigned char *to;
+int tlen;
+unsigned char *from;
+int flen;
+ {
+ int i,j;
+ unsigned char *p;
+
+ if (flen > (tlen-11))
+ {
+ RSAerr(RSA_F_RSA_PADDING_ADD_PKCS1_TYPE_2,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
+ return(0);
+ }
+
+ p=(unsigned char *)to;
+
+ *(p++)=0;
+ *(p++)=2; /* Public Key BT (Block Type) */
+
+ /* pad out with non-zero random data */
+ j=tlen-3-flen;
+
+ RAND_bytes(p,j);
+ for (i=0; i<j; i++)
+ {
+ if (*p == '\0')
+ do {
+ RAND_bytes(p,1);
+ } while (*p == '\0');
+ p++;
+ }
+
+ *(p++)='\0';
+
+ memcpy(p,from,(unsigned int)flen);
+ return(1);
+ }
+
+int RSA_padding_check_PKCS1_type_2(to,tlen,from,flen)
+unsigned char *to;
+int tlen;
+unsigned char *from;
+int flen;
+ {
+ int i,j;
+ unsigned char *p;
+
+ p=from;
+ if (*(p++) != 02)
+ {
+ RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,RSA_R_BLOCK_TYPE_IS_NOT_02);
+ return(-1);
+ }
+
+ /* scan over padding data */
+ j=flen-1; /* one for type. */
+ for (i=0; i<j; i++)
+ if (*(p++) == 0) break;
+
+ if (i == j)
+ {
+ RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,RSA_R_NULL_BEFORE_BLOCK_MISSING);
+ return(-1);
+ }
+
+ if (i < 8)
+ {
+ RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2,RSA_R_BAD_PAD_BYTE_COUNT);
+ return(-1);
+ }
+ i++; /* Skip over the '\0' */
+ j-=i;
+ memcpy(to,p,(unsigned int)j);
+
+ return(j);
+ }
+
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_saos.c b/src/lib/libssl/src/crypto/rsa/rsa_saos.c
new file mode 100644
index 0000000000..fb0fae5a43
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rsa/rsa_saos.c
@@ -0,0 +1,153 @@
+/* crypto/rsa/rsa_saos.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "rsa.h"
+#include "objects.h"
+#include "x509.h"
+
+int RSA_sign_ASN1_OCTET_STRING(type,m,m_len,sigret,siglen,rsa)
+int type;
+unsigned char *m;
+unsigned int m_len;
+unsigned char *sigret;
+unsigned int *siglen;
+RSA *rsa;
+ {
+ ASN1_OCTET_STRING sig;
+ int i,j,ret=1;
+ unsigned char *p,*s;
+
+ sig.type=V_ASN1_OCTET_STRING;
+ sig.length=m_len;
+ sig.data=m;
+
+ i=i2d_ASN1_OCTET_STRING(&sig,NULL);
+ j=RSA_size(rsa);
+ if ((i-RSA_PKCS1_PADDING) > j)
+ {
+ RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY);
+ return(0);
+ }
+ s=(unsigned char *)Malloc((unsigned int)j+1);
+ if (s == NULL)
+ {
+ RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING,ERR_R_MALLOC_FAILURE);
+ return(0);
+ }
+ p=s;
+ i2d_ASN1_OCTET_STRING(&sig,&p);
+ i=RSA_private_encrypt(i,s,sigret,rsa,RSA_PKCS1_PADDING);
+ if (i <= 0)
+ ret=0;
+ else
+ *siglen=i;
+
+ memset(s,0,(unsigned int)j+1);
+ Free(s);
+ return(ret);
+ }
+
+int RSA_verify_ASN1_OCTET_STRING(dtype, m, m_len, sigbuf, siglen, rsa)
+int dtype;
+unsigned char *m;
+unsigned int m_len;
+unsigned char *sigbuf;
+unsigned int siglen;
+RSA *rsa;
+ {
+ int i,ret=0;
+ unsigned char *p,*s;
+ ASN1_OCTET_STRING *sig=NULL;
+
+ if (siglen != (unsigned int)RSA_size(rsa))
+ {
+ RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,RSA_R_WRONG_SIGNATURE_LENGTH);
+ return(0);
+ }
+
+ s=(unsigned char *)Malloc((unsigned int)siglen);
+ if (s == NULL)
+ {
+ RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ i=RSA_public_decrypt((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING);
+
+ if (i <= 0) goto err;
+
+ p=s;
+ sig=d2i_ASN1_OCTET_STRING(NULL,&p,(long)i);
+ if (sig == NULL) goto err;
+
+ if ( ((unsigned int)sig->length != m_len) ||
+ (memcmp(m,sig->data,m_len) != 0))
+ {
+ RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,RSA_R_BAD_SIGNATURE);
+ }
+ else
+ ret=1;
+err:
+ if (sig != NULL) ASN1_OCTET_STRING_free(sig);
+ memset(s,0,(unsigned int)siglen);
+ Free(s);
+ return(ret);
+ }
+
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_sign.c b/src/lib/libssl/src/crypto/rsa/rsa_sign.c
new file mode 100644
index 0000000000..28c5571e74
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rsa/rsa_sign.c
@@ -0,0 +1,196 @@
+/* crypto/rsa/rsa_sign.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "rsa.h"
+#include "objects.h"
+#include "x509.h"
+
+int RSA_sign(type,m,m_len,sigret,siglen,rsa)
+int type;
+unsigned char *m;
+unsigned int m_len;
+unsigned char *sigret;
+unsigned int *siglen;
+RSA *rsa;
+ {
+ X509_SIG sig;
+ ASN1_TYPE parameter;
+ int i,j,ret=1;
+ unsigned char *p,*s;
+ X509_ALGOR algor;
+ ASN1_OCTET_STRING digest;
+
+ sig.algor= &algor;
+ sig.algor->algorithm=OBJ_nid2obj(type);
+ if (sig.algor->algorithm == NULL)
+ {
+ RSAerr(RSA_F_RSA_SIGN,RSA_R_UNKNOWN_ALGORITHM_TYPE);
+ return(0);
+ }
+ if (sig.algor->algorithm->length == 0)
+ {
+ RSAerr(RSA_F_RSA_SIGN,RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD);
+ return(0);
+ }
+ parameter.type=V_ASN1_NULL;
+ parameter.value.ptr=NULL;
+ sig.algor->parameter= ¶meter;
+
+ sig.digest= &digest;
+ sig.digest->data=m;
+ sig.digest->length=m_len;
+
+ i=i2d_X509_SIG(&sig,NULL);
+ j=RSA_size(rsa);
+ if ((i-RSA_PKCS1_PADDING) > j)
+ {
+ RSAerr(RSA_F_RSA_SIGN,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY);
+ return(0);
+ }
+ s=(unsigned char *)Malloc((unsigned int)j+1);
+ if (s == NULL)
+ {
+ RSAerr(RSA_F_RSA_SIGN,ERR_R_MALLOC_FAILURE);
+ return(0);
+ }
+ p=s;
+ i2d_X509_SIG(&sig,&p);
+ i=RSA_private_encrypt(i,s,sigret,rsa,RSA_PKCS1_PADDING);
+ if (i <= 0)
+ ret=0;
+ else
+ *siglen=i;
+
+ memset(s,0,(unsigned int)j+1);
+ Free(s);
+ return(ret);
+ }
+
+int RSA_verify(dtype, m, m_len, sigbuf, siglen, rsa)
+int dtype;
+unsigned char *m;
+unsigned int m_len;
+unsigned char *sigbuf;
+unsigned int siglen;
+RSA *rsa;
+ {
+ int i,ret=0,sigtype;
+ unsigned char *p,*s;
+ X509_SIG *sig=NULL;
+
+ if (siglen != (unsigned int)RSA_size(rsa))
+ {
+ RSAerr(RSA_F_RSA_VERIFY,RSA_R_WRONG_SIGNATURE_LENGTH);
+ return(0);
+ }
+
+ s=(unsigned char *)Malloc((unsigned int)siglen);
+ if (s == NULL)
+ {
+ RSAerr(RSA_F_RSA_VERIFY,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ i=RSA_public_decrypt((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING);
+
+ if (i <= 0) goto err;
+
+ p=s;
+ sig=d2i_X509_SIG(NULL,&p,(long)i);
+ if (sig == NULL) goto err;
+ sigtype=OBJ_obj2nid(sig->algor->algorithm);
+
+#ifdef RSA_DEBUG
+ /* put a backward compatability flag in EAY */
+ fprintf(stderr,"in(%s) expect(%s)\n",OBJ_nid2ln(sigtype),
+ OBJ_nid2ln(dtype));
+#endif
+ if (sigtype != dtype)
+ {
+ if (((dtype == NID_md5) &&
+ (sigtype == NID_md5WithRSAEncryption)) ||
+ ((dtype == NID_md2) &&
+ (sigtype == NID_md2WithRSAEncryption)))
+ {
+ /* ok, we will let it through */
+#if !defined(NO_STDIO) && !defined(WIN16)
+ fprintf(stderr,"signature has problems, re-make with post SSLeay045\n");
+#endif
+ }
+ else
+ {
+ RSAerr(RSA_F_RSA_VERIFY,RSA_R_ALGORITHM_MISMATCH);
+ goto err;
+ }
+ }
+ if ( ((unsigned int)sig->digest->length != m_len) ||
+ (memcmp(m,sig->digest->data,m_len) != 0))
+ {
+ RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
+ }
+ else
+ ret=1;
+err:
+ if (sig != NULL) X509_SIG_free(sig);
+ memset(s,0,(unsigned int)siglen);
+ Free(s);
+ return(ret);
+ }
+
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_ssl.c b/src/lib/libssl/src/crypto/rsa/rsa_ssl.c
new file mode 100644
index 0000000000..9bcd4b2c03
--- /dev/null
+++ b/src/lib/libssl/src/crypto/rsa/rsa_ssl.c
@@ -0,0 +1,153 @@
+/* crypto/rsa/rsa_ssl.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "rsa.h"
+#include "rand.h"
+
+int RSA_padding_add_SSLv23(to,tlen,from,flen)
+unsigned char *to;
+int tlen;
+unsigned char *from;
+int flen;
+ {
+ int i,j;
+ unsigned char *p;
+
+ if (flen > (tlen-11))
+ {
+ RSAerr(RSA_F_RSA_PADDING_ADD_SSLV23,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
+ return(0);
+ }
+
+ p=(unsigned char *)to;
+
+ *(p++)=0;
+ *(p++)=2; /* Public Key BT (Block Type) */
+
+ /* pad out with non-zero random data */
+ j=tlen-3-8-flen;
+
+ RAND_bytes(p,j);
+ for (i=0; i<j; i++)
+ {
+ if (*p == '\0')
+ do {
+ RAND_bytes(p,1);
+ } while (*p == '\0');
+ p++;
+ }
+
+ memset(p,3,8);
+ p+=8;
+ *(p++)='\0';
+
+ memcpy(p,from,(unsigned int)flen);
+ return(1);
+ }
+
+int RSA_padding_check_SSLv23(to,tlen,from,flen)
+unsigned char *to;
+int tlen;
+unsigned char *from;
+int flen;
+ {
+ int i,j,k;
+ unsigned char *p;
+
+ p=from;
+ if (flen < 10)
+ {
+ RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_DATA_TOO_SMALL);
+ return(-1);
+ }
+ if (*(p++) != 02)
+ {
+ RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_BLOCK_TYPE_IS_NOT_02);
+ return(-1);
+ }
+
+ /* scan over padding data */
+ j=flen-1; /* one for type */
+ for (i=0; i<j; i++)
+ if (*(p++) == 0) break;
+
+ if ((i == j) || (i < 8))
+ {
+ RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_NULL_BEFORE_BLOCK_MISSING);
+ return(-1);
+ }
+ for (k= -8; k<0; k++)
+ {
+ if (p[k] != 0x03) break;
+ }
+ if (k == 0)
+ {
+ RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_SSLV3_ROLLBACK_ATTACK);
+ return(-1);
+ }
+
+ i++; /* Skip over the '\0' */
+ j-=i;
+ memcpy(to,p,(unsigned int)j);
+
+ return(j);
+ }
+
diff --git a/src/lib/libssl/src/crypto/sha/asm/README b/src/lib/libssl/src/crypto/sha/asm/README
new file mode 100644
index 0000000000..b7e755765f
--- /dev/null
+++ b/src/lib/libssl/src/crypto/sha/asm/README
@@ -0,0 +1 @@
+C2.pl works
diff --git a/src/lib/libssl/src/crypto/sha/asm/sha1-586.pl b/src/lib/libssl/src/crypto/sha/asm/sha1-586.pl
new file mode 100644
index 0000000000..d6d998f8ee
--- /dev/null
+++ b/src/lib/libssl/src/crypto/sha/asm/sha1-586.pl
@@ -0,0 +1,491 @@
+#!/usr/bin/perl
+
+$normal=0;
+
+push(@INC,"perlasm","../../perlasm");
+require "x86asm.pl";
+
+&asm_init($ARGV[0],"sha1-586.pl");
+
+$A="eax";
+$B="ebx";
+$C="ecx";
+$D="edx";
+$E="edi";
+$T="esi";
+$tmp1="ebp";
+
+$off=9*4;
+
+@K=(0x5a827999,0x6ed9eba1,0x8f1bbcdc,0xca62c1d6);
+
+&sha1_block("sha1_block_x86");
+
+&asm_finish();
+
+sub Nn
+ {
+ local($p)=@_;
+ local(%n)=($A,$T,$B,$A,$C,$B,$D,$C,$E,$D,$T,$E);
+ return($n{$p});
+ }
+
+sub Np
+ {
+ local($p)=@_;
+ local(%n)=($A,$T,$B,$A,$C,$B,$D,$C,$E,$D,$T,$E);
+ local(%n)=($A,$B,$B,$C,$C,$D,$D,$E,$E,$T,$T,$A);
+ return($n{$p});
+ }
+
+sub Na
+ {
+ local($n)=@_;
+ return( (($n )&0x0f),
+ (($n+ 2)&0x0f),
+ (($n+ 8)&0x0f),
+ (($n+13)&0x0f),
+ (($n+ 1)&0x0f));
+ }
+
+sub X_expand
+ {
+ local($in)=@_;
+
+ &comment("First, load the words onto the stack in network byte order");
+ for ($i=0; $i<16; $i++)
+ {
+ &mov("eax",&DWP(($i+0)*4,$in,"",0)) unless $i == 0;
+ &bswap("eax");
+ &mov(&swtmp($i+0),"eax");
+ }
+
+ &comment("We now have the X array on the stack");
+ &comment("starting at sp-4");
+ }
+
+# Rules of engagement
+# F is always trashable at the start, the running total.
+# E becomes the next F so it can be trashed after it has been 'accumulated'
+# F becomes A in the next round. We don't need to access it much.
+# During the X update part, the result ends up in $X[$n0].
+
+sub BODY_00_15
+ {
+ local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_;
+
+return if $n & 1;
+ &comment("00_15 $n");
+
+ &mov($f,$c);
+
+ &mov($tmp1,$a);
+ &xor($f,$d); # F2
+
+ &rotl($tmp1,5); # A2
+
+ &and($f,$b); # F3
+ &add($tmp1,$e);
+
+ &rotr($b,1); # B1 <- F
+ &mov($e,&swtmp($n)); # G1
+
+ &rotr($b,1); # B1 <- F
+ &xor($f,$d); # F4
+
+ &lea($tmp1,&DWP($K,$tmp1,$e,1));
+
+############################
+# &BODY_40_59( 0,$K[2],$X,42,$A,$B,$C,$D,$E,$T);
+# &BODY_40_59( 0,$K[2],$X,43,$T,$A,$B,$C,$D,$E);
+$n++;
+ local($n0,$n1,$n2,$n3,$np)=&Na($n);
+ ($b,$c,$d,$e,$f,$a)=($a,$b,$c,$d,$e,$f);
+
+ &mov($f,$c);
+
+ &add($a,$tmp1); # MOVED DOWN
+ &xor($f,$d); # F2
+
+ &mov($tmp1,$a);
+ &and($f,$b); # F3
+
+ &rotl($tmp1,5); # A2
+
+ &add($tmp1,$e);
+ &mov($e,&swtmp($n)); # G1
+
+ &rotr($b,1); # B1 <- F
+ &xor($f,$d); # F4
+
+ &rotr($b,1); # B1 <- F
+ &lea($tmp1,&DWP($K,$tmp1,$e,1));
+
+ &add($f,$tmp1);
+ }
+
+sub BODY_16_19
+ {
+ local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_;
+ local($n0,$n1,$n2,$n3,$np)=&Na($n);
+
+return if $n & 1;
+ &comment("16_19 $n");
+
+ &nop() if ($pos < 0);
+&mov($tmp1,&swtmp($n0)); # X1
+ &mov($f,&swtmp($n1)); # X2
+&xor($f,$tmp1); # X3
+ &mov($tmp1,&swtmp($n2)); # X4
+&xor($f,$tmp1); # X5
+ &mov($tmp1,&swtmp($n3)); # X6
+&xor($f,$tmp1); # X7 - slot
+ &mov($tmp1,$c); # F1
+&rotl($f,1); # X8 - slot
+ &xor($tmp1,$d); # F2
+&mov(&swtmp($n0),$f); # X9 - anytime
+ &and($tmp1,$b); # F3
+&lea($f,&DWP($K,$f,$e,1)); # tot=X+K+e
+ &xor($tmp1,$d); # F4
+&mov($e,$a); # A1
+ &add($f,$tmp1); # tot+=F();
+
+&rotl($e,5); # A2
+
+&rotr($b,1); # B1 <- F
+ &add($f,$e); # tot+=a
+
+############################
+# &BODY_40_59( 0,$K[2],$X,42,$A,$B,$C,$D,$E,$T);
+# &BODY_40_59( 0,$K[2],$X,43,$T,$A,$B,$C,$D,$E);
+$n++;
+ local($n0,$n1,$n2,$n3,$np)=&Na($n);
+ ($b,$c,$d,$e,$f,$a)=($a,$b,$c,$d,$e,$f);
+
+
+&mov($f,&swtmp($n0)); # X1
+ &mov($tmp1,&swtmp($n1)); # X2
+&xor($f,$tmp1); # X3
+ &mov($tmp1,&swtmp($n2)); # X4
+&xor($f,$tmp1); # X5
+ &mov($tmp1,&swtmp($n3)); # X6
+&rotr($c,1); #&rotr($b,1); # B1 <- F # MOVED DOWN
+ &xor($f,$tmp1); # X7 - slot
+&rotl($f,1); # X8 - slot
+ &mov($tmp1,$c); # F1
+&xor($tmp1,$d); # F2
+ &mov(&swtmp($n0),$f); # X9 - anytime
+&and($tmp1,$b); # F3
+ &lea($f,&DWP($K,$f,$e,1)); # tot=X+K+e
+
+&xor($tmp1,$d); # F4
+ &mov($e,$a); # A1
+
+&rotl($e,5); # A2
+
+&rotr($b,1); # B1 <- F
+ &add($f,$e); # tot+=a
+
+&rotr($b,1); # B1 <- F
+ &add($f,$tmp1); # tot+=F();
+
+ }
+
+sub BODY_20_39
+ {
+ local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_;
+
+ &comment("20_39 $n");
+ local($n0,$n1,$n2,$n3,$np)=&Na($n);
+
+&mov($f,&swtmp($n0)); # X1
+ &mov($tmp1,&swtmp($n1)); # X2
+&xor($f,$tmp1); # X3
+ &mov($tmp1,&swtmp($n2)); # X4
+&xor($f,$tmp1); # X5
+ &mov($tmp1,&swtmp($n3)); # X6
+&xor($f,$tmp1); # X7 - slot
+ &mov($tmp1,$b); # F1
+&rotl($f,1); # X8 - slot
+ &xor($tmp1,$c); # F2
+&mov(&swtmp($n0),$f); # X9 - anytime
+ &xor($tmp1,$d); # F3
+
+&lea($f,&DWP($K,$f,$e,1)); # tot=X+K+e
+ &mov($e,$a); # A1
+
+&rotl($e,5); # A2
+
+if ($n != 79) # last loop
+ {
+ &rotr($b,1); # B1 <- F
+ &add($e,$tmp1); # tmp1=F()+a
+
+ &rotr($b,1); # B2 <- F
+ &add($f,$e); # tot+=tmp1;
+ }
+else
+ {
+ &add($e,$tmp1); # tmp1=F()+a
+ &mov($tmp1,&wparam(0));
+
+ &rotr($b,1); # B1 <- F
+ &add($f,$e); # tot+=tmp1;
+
+ &rotr($b,1); # B2 <- F
+ }
+ }
+
+sub BODY_40_59
+ {
+ local($pos,$K,$X,$n,$a,$b,$c,$d,$e,$f)=@_;
+
+ &comment("40_59 $n");
+ return if $n & 1;
+ local($n0,$n1,$n2,$n3,$np)=&Na($n);
+
+&mov($f,&swtmp($n0)); # X1
+ &mov($tmp1,&swtmp($n1)); # X2
+&xor($f,$tmp1); # X3
+ &mov($tmp1,&swtmp($n2)); # X4
+&xor($f,$tmp1); # X5
+ &mov($tmp1,&swtmp($n3)); # X6
+&xor($f,$tmp1); # X7 - slot
+ &mov($tmp1,$b); # F1
+&rotl($f,1); # X8 - slot
+ &or($tmp1,$c); # F2
+&mov(&swtmp($n0),$f); # X9 - anytime
+ &and($tmp1,$d); # F3
+
+&lea($f,&DWP($K,$f,$e,1)); # tot=X+K+e
+ &mov($e,$b); # F4
+
+&rotr($b,1); # B1 <- F
+ &and($e,$c); # F5
+
+&or($tmp1,$e); # F6
+ &mov($e,$a); # A1
+
+&rotl($e,5); # A2
+
+&add($tmp1,$e); # tmp1=F()+a
+
+############################
+# &BODY_40_59( 0,$K[2],$X,42,$A,$B,$C,$D,$E,$T);
+# &BODY_40_59( 0,$K[2],$X,43,$T,$A,$B,$C,$D,$E);
+$n++;
+ local($n0,$n1,$n2,$n3,$np)=&Na($n);
+ ($b,$c,$d,$e,$f,$a)=($a,$b,$c,$d,$e,$f);
+
+ &mov($f,&swtmp($n0)); # X1
+&add($a,$tmp1); # tot+=tmp1; # moved was add f,tmp1
+ &mov($tmp1,&swtmp($n1)); # X2
+&xor($f,$tmp1); # X3
+ &mov($tmp1,&swtmp($n2)); # X4
+&xor($f,$tmp1); # X5
+ &mov($tmp1,&swtmp($n3)); # X6
+&rotr($c,1); # B2 <- F # moved was rotr b,1
+ &xor($f,$tmp1); # X7 - slot
+&rotl($f,1); # X8 - slot
+ &mov($tmp1,$b); # F1
+&mov(&swtmp($n0),$f); # X9 - anytime
+ &or($tmp1,$c); # F2
+&lea($f,&DWP($K,$f,$e,1)); # tot=X+K+e
+ &mov($e,$b); # F4
+&and($tmp1,$d); # F3
+ &and($e,$c); # F5
+
+&or($tmp1,$e); # F6
+ &mov($e,$a); # A1
+
+&rotl($e,5); # A2
+
+&rotr($b,1); # B1 <- F
+ &add($tmp1,$e); # tmp1=F()+a
+
+&rotr($b,1); # B2 <- F
+ &add($f,$tmp1); # tot+=tmp1;
+ }
+
+sub BODY_60_79
+ {
+ &BODY_20_39(@_);
+ }
+
+sub sha1_block
+ {
+ local($name)=@_;
+
+ &function_begin_B($name,"");
+
+ # parameter 1 is the MD5_CTX structure.
+ # A 0
+ # B 4
+ # C 8
+ # D 12
+ # E 16
+
+ &push("esi");
+ &push("ebp");
+ &mov("eax", &wparam(2));
+ &mov("esi", &wparam(1));
+ &add("eax", "esi"); # offset to leave on
+ &mov("ebp", &wparam(0));
+ &push("ebx");
+ &sub("eax", 64);
+ &push("edi");
+ &mov($B, &DWP( 4,"ebp","",0));
+ &stack_push(18);
+ &mov($D, &DWP(12,"ebp","",0));
+ &mov($E, &DWP(16,"ebp","",0));
+ &mov($C, &DWP( 8,"ebp","",0));
+ &mov(&swtmp(17),"eax");
+
+ &comment("First we need to setup the X array");
+ &mov("eax",&DWP(0,"esi","",0)); # pulled out of X_expand
+
+ &set_label("start") unless $normal;
+
+ &X_expand("esi");
+ &mov(&swtmp(16),"esi");
+
+ &comment("");
+ &comment("Start processing");
+
+ # odd start
+ &mov($A, &DWP( 0,"ebp","",0));
+ $X="esp";
+ &BODY_00_15(-2,$K[0],$X, 0,$A,$B,$C,$D,$E,$T);
+ &BODY_00_15( 0,$K[0],$X, 1,$T,$A,$B,$C,$D,$E);
+ &BODY_00_15( 0,$K[0],$X, 2,$E,$T,$A,$B,$C,$D);
+ &BODY_00_15( 0,$K[0],$X, 3,$D,$E,$T,$A,$B,$C);
+ &BODY_00_15( 0,$K[0],$X, 4,$C,$D,$E,$T,$A,$B);
+ &BODY_00_15( 0,$K[0],$X, 5,$B,$C,$D,$E,$T,$A);
+ &BODY_00_15( 0,$K[0],$X, 6,$A,$B,$C,$D,$E,$T);
+ &BODY_00_15( 0,$K[0],$X, 7,$T,$A,$B,$C,$D,$E);
+ &BODY_00_15( 0,$K[0],$X, 8,$E,$T,$A,$B,$C,$D);
+ &BODY_00_15( 0,$K[0],$X, 9,$D,$E,$T,$A,$B,$C);
+ &BODY_00_15( 0,$K[0],$X,10,$C,$D,$E,$T,$A,$B);
+ &BODY_00_15( 0,$K[0],$X,11,$B,$C,$D,$E,$T,$A);
+ &BODY_00_15( 0,$K[0],$X,12,$A,$B,$C,$D,$E,$T);
+ &BODY_00_15( 0,$K[0],$X,13,$T,$A,$B,$C,$D,$E);
+ &BODY_00_15( 0,$K[0],$X,14,$E,$T,$A,$B,$C,$D);
+ &BODY_00_15( 1,$K[0],$X,15,$D,$E,$T,$A,$B,$C);
+ &BODY_16_19(-1,$K[0],$X,16,$C,$D,$E,$T,$A,$B);
+ &BODY_16_19( 0,$K[0],$X,17,$B,$C,$D,$E,$T,$A);
+ &BODY_16_19( 0,$K[0],$X,18,$A,$B,$C,$D,$E,$T);
+ &BODY_16_19( 1,$K[0],$X,19,$T,$A,$B,$C,$D,$E);
+
+ &BODY_20_39(-1,$K[1],$X,20,$E,$T,$A,$B,$C,$D);
+ &BODY_20_39( 0,$K[1],$X,21,$D,$E,$T,$A,$B,$C);
+ &BODY_20_39( 0,$K[1],$X,22,$C,$D,$E,$T,$A,$B);
+ &BODY_20_39( 0,$K[1],$X,23,$B,$C,$D,$E,$T,$A);
+ &BODY_20_39( 0,$K[1],$X,24,$A,$B,$C,$D,$E,$T);
+ &BODY_20_39( 0,$K[1],$X,25,$T,$A,$B,$C,$D,$E);
+ &BODY_20_39( 0,$K[1],$X,26,$E,$T,$A,$B,$C,$D);
+ &BODY_20_39( 0,$K[1],$X,27,$D,$E,$T,$A,$B,$C);
+ &BODY_20_39( 0,$K[1],$X,28,$C,$D,$E,$T,$A,$B);
+ &BODY_20_39( 0,$K[1],$X,29,$B,$C,$D,$E,$T,$A);
+ &BODY_20_39( 0,$K[1],$X,30,$A,$B,$C,$D,$E,$T);
+ &BODY_20_39( 0,$K[1],$X,31,$T,$A,$B,$C,$D,$E);
+ &BODY_20_39( 0,$K[1],$X,32,$E,$T,$A,$B,$C,$D);
+ &BODY_20_39( 0,$K[1],$X,33,$D,$E,$T,$A,$B,$C);
+ &BODY_20_39( 0,$K[1],$X,34,$C,$D,$E,$T,$A,$B);
+ &BODY_20_39( 0,$K[1],$X,35,$B,$C,$D,$E,$T,$A);
+ &BODY_20_39( 0,$K[1],$X,36,$A,$B,$C,$D,$E,$T);
+ &BODY_20_39( 0,$K[1],$X,37,$T,$A,$B,$C,$D,$E);
+ &BODY_20_39( 0,$K[1],$X,38,$E,$T,$A,$B,$C,$D);
+ &BODY_20_39( 1,$K[1],$X,39,$D,$E,$T,$A,$B,$C);
+
+ &BODY_40_59(-1,$K[2],$X,40,$C,$D,$E,$T,$A,$B);
+ &BODY_40_59( 0,$K[2],$X,41,$B,$C,$D,$E,$T,$A);
+ &BODY_40_59( 0,$K[2],$X,42,$A,$B,$C,$D,$E,$T);
+ &BODY_40_59( 0,$K[2],$X,43,$T,$A,$B,$C,$D,$E);
+ &BODY_40_59( 0,$K[2],$X,44,$E,$T,$A,$B,$C,$D);
+ &BODY_40_59( 0,$K[2],$X,45,$D,$E,$T,$A,$B,$C);
+ &BODY_40_59( 0,$K[2],$X,46,$C,$D,$E,$T,$A,$B);
+ &BODY_40_59( 0,$K[2],$X,47,$B,$C,$D,$E,$T,$A);
+ &BODY_40_59( 0,$K[2],$X,48,$A,$B,$C,$D,$E,$T);
+ &BODY_40_59( 0,$K[2],$X,49,$T,$A,$B,$C,$D,$E);
+ &BODY_40_59( 0,$K[2],$X,50,$E,$T,$A,$B,$C,$D);
+ &BODY_40_59( 0,$K[2],$X,51,$D,$E,$T,$A,$B,$C);
+ &BODY_40_59( 0,$K[2],$X,52,$C,$D,$E,$T,$A,$B);
+ &BODY_40_59( 0,$K[2],$X,53,$B,$C,$D,$E,$T,$A);
+ &BODY_40_59( 0,$K[2],$X,54,$A,$B,$C,$D,$E,$T);
+ &BODY_40_59( 0,$K[2],$X,55,$T,$A,$B,$C,$D,$E);
+ &BODY_40_59( 0,$K[2],$X,56,$E,$T,$A,$B,$C,$D);
+ &BODY_40_59( 0,$K[2],$X,57,$D,$E,$T,$A,$B,$C);
+ &BODY_40_59( 0,$K[2],$X,58,$C,$D,$E,$T,$A,$B);
+ &BODY_40_59( 1,$K[2],$X,59,$B,$C,$D,$E,$T,$A);
+
+ &BODY_60_79(-1,$K[3],$X,60,$A,$B,$C,$D,$E,$T);
+ &BODY_60_79( 0,$K[3],$X,61,$T,$A,$B,$C,$D,$E);
+ &BODY_60_79( 0,$K[3],$X,62,$E,$T,$A,$B,$C,$D);
+ &BODY_60_79( 0,$K[3],$X,63,$D,$E,$T,$A,$B,$C);
+ &BODY_60_79( 0,$K[3],$X,64,$C,$D,$E,$T,$A,$B);
+ &BODY_60_79( 0,$K[3],$X,65,$B,$C,$D,$E,$T,$A);
+ &BODY_60_79( 0,$K[3],$X,66,$A,$B,$C,$D,$E,$T);
+ &BODY_60_79( 0,$K[3],$X,67,$T,$A,$B,$C,$D,$E);
+ &BODY_60_79( 0,$K[3],$X,68,$E,$T,$A,$B,$C,$D);
+ &BODY_60_79( 0,$K[3],$X,69,$D,$E,$T,$A,$B,$C);
+ &BODY_60_79( 0,$K[3],$X,70,$C,$D,$E,$T,$A,$B);
+ &BODY_60_79( 0,$K[3],$X,71,$B,$C,$D,$E,$T,$A);
+ &BODY_60_79( 0,$K[3],$X,72,$A,$B,$C,$D,$E,$T);
+ &BODY_60_79( 0,$K[3],$X,73,$T,$A,$B,$C,$D,$E);
+ &BODY_60_79( 0,$K[3],$X,74,$E,$T,$A,$B,$C,$D);
+ &BODY_60_79( 0,$K[3],$X,75,$D,$E,$T,$A,$B,$C);
+ &BODY_60_79( 0,$K[3],$X,76,$C,$D,$E,$T,$A,$B);
+ &BODY_60_79( 0,$K[3],$X,77,$B,$C,$D,$E,$T,$A);
+ &BODY_60_79( 0,$K[3],$X,78,$A,$B,$C,$D,$E,$T);
+ &BODY_60_79( 2,$K[3],$X,79,$T,$A,$B,$C,$D,$E);
+
+ &comment("End processing");
+ &comment("");
+ # D is the tmp value
+
+ # E -> A
+ # T -> B
+ # A -> C
+ # B -> D
+ # C -> E
+ # D -> T
+
+ # The last 2 have been moved into the last loop
+ # &mov($tmp1,&wparam(0));
+
+ &mov($D, &DWP(12,$tmp1,"",0));
+ &add($D,$B);
+ &mov($B, &DWP( 4,$tmp1,"",0));
+ &add($B,$T);
+ &mov($T, $A);
+ &mov($A, &DWP( 0,$tmp1,"",0));
+ &mov(&DWP(12,$tmp1,"",0),$D);
+
+ &add($A,$E);
+ &mov($E, &DWP(16,$tmp1,"",0));
+ &add($E,$C);
+ &mov($C, &DWP( 8,$tmp1,"",0));
+ &add($C,$T);
+
+ &mov(&DWP( 0,$tmp1,"",0),$A);
+ &mov("esi",&swtmp(16));
+ &mov(&DWP( 8,$tmp1,"",0),$C); # This is for looping
+ &add("esi",64);
+ &mov("eax",&swtmp(17));
+ &mov(&DWP(16,$tmp1,"",0),$E);
+ &cmp("eax","esi");
+ &mov(&DWP( 4,$tmp1,"",0),$B); # This is for looping
+ &jl(&label("end"));
+ &mov("eax",&DWP(0,"esi","",0)); # Pulled down from
+ &jmp(&label("start"));
+
+ &set_label("end");
+ &stack_pop(18);
+ &pop("edi");
+ &pop("ebx");
+ &pop("ebp");
+ &pop("esi");
+ &ret();
+ &function_end_B($name);
+ }
+
diff --git a/src/lib/libssl/src/crypto/sha/sha.c b/src/lib/libssl/src/crypto/sha/sha.c
new file mode 100644
index 0000000000..713fec3610
--- /dev/null
+++ b/src/lib/libssl/src/crypto/sha/sha.c
@@ -0,0 +1,135 @@
+/* crypto/sha/sha.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "sha.h"
+
+#define BUFSIZE 1024*16
+
+#ifndef NOPROTO
+void do_fp(FILE *f);
+void pt(unsigned char *md);
+int read(int, void *, unsigned int);
+#else
+void do_fp();
+void pt();
+int read();
+#endif
+
+int main(argc, argv)
+int argc;
+char **argv;
+ {
+ int i,err=0;
+ FILE *IN;
+
+ if (argc == 1)
+ {
+ do_fp(stdin);
+ }
+ else
+ {
+ for (i=1; i<argc; i++)
+ {
+ IN=fopen(argv[i],"r");
+ if (IN == NULL)
+ {
+ perror(argv[i]);
+ err++;
+ continue;
+ }
+ printf("SHA(%s)= ",argv[i]);
+ do_fp(IN);
+ fclose(IN);
+ }
+ }
+ exit(err);
+ }
+
+void do_fp(f)
+FILE *f;
+ {
+ SHA_CTX c;
+ unsigned char md[SHA_DIGEST_LENGTH];
+ int fd;
+ int i;
+ unsigned char buf[BUFSIZE];
+
+ fd=fileno(f);
+ SHA_Init(&c);
+ for (;;)
+ {
+ i=read(fd,buf,BUFSIZE);
+ if (i <= 0) break;
+ SHA_Update(&c,buf,(unsigned long)i);
+ }
+ SHA_Final(&(md[0]),&c);
+ pt(md);
+ }
+
+void pt(md)
+unsigned char *md;
+ {
+ int i;
+
+ for (i=0; i<SHA_DIGEST_LENGTH; i++)
+ printf("%02x",md[i]);
+ printf("\n");
+ }
+
diff --git a/src/lib/libssl/src/crypto/sha/sha.h b/src/lib/libssl/src/crypto/sha/sha.h
new file mode 100644
index 0000000000..4cf0ea0225
--- /dev/null
+++ b/src/lib/libssl/src/crypto/sha/sha.h
@@ -0,0 +1,109 @@
+/* crypto/sha/sha.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_SHA_H
+#define HEADER_SHA_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define SHA_CBLOCK 64
+#define SHA_LBLOCK 16
+#define SHA_BLOCK 16
+#define SHA_LAST_BLOCK 56
+#define SHA_LENGTH_BLOCK 8
+#define SHA_DIGEST_LENGTH 20
+
+typedef struct SHAstate_st
+ {
+ unsigned long h0,h1,h2,h3,h4;
+ unsigned long Nl,Nh;
+ unsigned long data[SHA_LBLOCK];
+ int num;
+ } SHA_CTX;
+
+#ifndef NOPROTO
+void SHA_Init(SHA_CTX *c);
+void SHA_Update(SHA_CTX *c, unsigned char *data, unsigned long len);
+void SHA_Final(unsigned char *md, SHA_CTX *c);
+unsigned char *SHA(unsigned char *d, unsigned long n,unsigned char *md);
+void SHA_Transform(SHA_CTX *c, unsigned char *data);
+void SHA1_Init(SHA_CTX *c);
+void SHA1_Update(SHA_CTX *c, unsigned char *data, unsigned long len);
+void SHA1_Final(unsigned char *md, SHA_CTX *c);
+unsigned char *SHA1(unsigned char *d, unsigned long n,unsigned char *md);
+void SHA1_Transform(SHA_CTX *c, unsigned char *data);
+#else
+void SHA_Init();
+void SHA_Update();
+void SHA_Final();
+unsigned char *SHA();
+void SHA_Transform();
+void SHA1_Init();
+void SHA1_Update();
+void SHA1_Final();
+unsigned char *SHA1();
+void SHA1_Transform();
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/src/lib/libssl/src/crypto/sha/sha1.c b/src/lib/libssl/src/crypto/sha/sha1.c
new file mode 100644
index 0000000000..a4739ac9fd
--- /dev/null
+++ b/src/lib/libssl/src/crypto/sha/sha1.c
@@ -0,0 +1,135 @@
+/* crypto/sha/sha1.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "sha.h"
+
+#define BUFSIZE 1024*16
+
+#ifndef NOPROTO
+void do_fp(FILE *f);
+void pt(unsigned char *md);
+int read(int, void *, unsigned int);
+#else
+void do_fp();
+void pt();
+int read();
+#endif
+
+int main(argc, argv)
+int argc;
+char **argv;
+ {
+ int i,err=0;
+ FILE *IN;
+
+ if (argc == 1)
+ {
+ do_fp(stdin);
+ }
+ else
+ {
+ for (i=1; i<argc; i++)
+ {
+ IN=fopen(argv[i],"r");
+ if (IN == NULL)
+ {
+ perror(argv[i]);
+ err++;
+ continue;
+ }
+ printf("SHA1(%s)= ",argv[i]);
+ do_fp(IN);
+ fclose(IN);
+ }
+ }
+ exit(err);
+ }
+
+void do_fp(f)
+FILE *f;
+ {
+ SHA_CTX c;
+ unsigned char md[SHA_DIGEST_LENGTH];
+ int fd;
+ int i;
+ unsigned char buf[BUFSIZE];
+
+ fd=fileno(f);
+ SHA1_Init(&c);
+ for (;;)
+ {
+ i=read(fd,buf,BUFSIZE);
+ if (i <= 0) break;
+ SHA1_Update(&c,buf,(unsigned long)i);
+ }
+ SHA1_Final(&(md[0]),&c);
+ pt(md);
+ }
+
+void pt(md)
+unsigned char *md;
+ {
+ int i;
+
+ for (i=0; i<SHA_DIGEST_LENGTH; i++)
+ printf("%02x",md[i]);
+ printf("\n");
+ }
+
diff --git a/src/lib/libssl/src/crypto/sha/sha1_one.c b/src/lib/libssl/src/crypto/sha/sha1_one.c
new file mode 100644
index 0000000000..fe5770d601
--- /dev/null
+++ b/src/lib/libssl/src/crypto/sha/sha1_one.c
@@ -0,0 +1,77 @@
+/* crypto/sha/sha1_one.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include "sha.h"
+
+unsigned char *SHA1(d, n, md)
+unsigned char *d;
+unsigned long n;
+unsigned char *md;
+ {
+ SHA_CTX c;
+ static unsigned char m[SHA_DIGEST_LENGTH];
+
+ if (md == NULL) md=m;
+ SHA1_Init(&c);
+ SHA1_Update(&c,d,n);
+ SHA1_Final(md,&c);
+ memset(&c,0,sizeof(c));
+ return(md);
+ }
diff --git a/src/lib/libssl/src/crypto/sha/sha1dgst.c b/src/lib/libssl/src/crypto/sha/sha1dgst.c
new file mode 100644
index 0000000000..2b0ae1f0d4
--- /dev/null
+++ b/src/lib/libssl/src/crypto/sha/sha1dgst.c
@@ -0,0 +1,468 @@
+/* crypto/sha/sha1dgst.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#undef SHA_0
+#define SHA_1
+#include "sha.h"
+#include "sha_locl.h"
+
+char *SHA1_version="SHA1 part of SSLeay 0.9.0b 29-Jun-1998";
+
+/* Implemented from SHA-1 document - The Secure Hash Algorithm
+ */
+
+#define INIT_DATA_h0 (unsigned long)0x67452301L
+#define INIT_DATA_h1 (unsigned long)0xefcdab89L
+#define INIT_DATA_h2 (unsigned long)0x98badcfeL
+#define INIT_DATA_h3 (unsigned long)0x10325476L
+#define INIT_DATA_h4 (unsigned long)0xc3d2e1f0L
+
+#define K_00_19 0x5a827999L
+#define K_20_39 0x6ed9eba1L
+#define K_40_59 0x8f1bbcdcL
+#define K_60_79 0xca62c1d6L
+
+#ifndef NOPROTO
+# ifdef SHA1_ASM
+ void sha1_block_x86(SHA_CTX *c, register unsigned long *p, int num);
+# define sha1_block sha1_block_x86
+# else
+ void sha1_block(SHA_CTX *c, register unsigned long *p, int num);
+# endif
+#else
+# ifdef SHA1_ASM
+ void sha1_block_x86();
+# define sha1_block sha1_block_x86
+# else
+ void sha1_block();
+# endif
+#endif
+
+
+#if defined(L_ENDIAN) && defined(SHA1_ASM)
+# define M_c2nl c2l
+# define M_p_c2nl p_c2l
+# define M_c2nl_p c2l_p
+# define M_p_c2nl_p p_c2l_p
+# define M_nl2c l2c
+#else
+# define M_c2nl c2nl
+# define M_p_c2nl p_c2nl
+# define M_c2nl_p c2nl_p
+# define M_p_c2nl_p p_c2nl_p
+# define M_nl2c nl2c
+#endif
+
+void SHA1_Init(c)
+SHA_CTX *c;
+ {
+ c->h0=INIT_DATA_h0;
+ c->h1=INIT_DATA_h1;
+ c->h2=INIT_DATA_h2;
+ c->h3=INIT_DATA_h3;
+ c->h4=INIT_DATA_h4;
+ c->Nl=0;
+ c->Nh=0;
+ c->num=0;
+ }
+
+void SHA1_Update(c, data, len)
+SHA_CTX *c;
+register unsigned char *data;
+unsigned long len;
+ {
+ register ULONG *p;
+ int ew,ec,sw,sc;
+ ULONG l;
+
+ if (len == 0) return;
+
+ l=(c->Nl+(len<<3))&0xffffffffL;
+ if (l < c->Nl) /* overflow */
+ c->Nh++;
+ c->Nh+=(len>>29);
+ c->Nl=l;
+
+ if (c->num != 0)
+ {
+ p=c->data;
+ sw=c->num>>2;
+ sc=c->num&0x03;
+
+ if ((c->num+len) >= SHA_CBLOCK)
+ {
+ l= p[sw];
+ M_p_c2nl(data,l,sc);
+ p[sw++]=l;
+ for (; sw<SHA_LBLOCK; sw++)
+ {
+ M_c2nl(data,l);
+ p[sw]=l;
+ }
+ len-=(SHA_CBLOCK-c->num);
+
+ sha1_block(c,p,64);
+ c->num=0;
+ /* drop through and do the rest */
+ }
+ else
+ {
+ c->num+=(int)len;
+ if ((sc+len) < 4) /* ugly, add char's to a word */
+ {
+ l= p[sw];
+ M_p_c2nl_p(data,l,sc,len);
+ p[sw]=l;
+ }
+ else
+ {
+ ew=(c->num>>2);
+ ec=(c->num&0x03);
+ l= p[sw];
+ M_p_c2nl(data,l,sc);
+ p[sw++]=l;
+ for (; sw < ew; sw++)
+ { M_c2nl(data,l); p[sw]=l; }
+ if (ec)
+ {
+ M_c2nl_p(data,l,ec);
+ p[sw]=l;
+ }
+ }
+ return;
+ }
+ }
+ /* We can only do the following code for assember, the reason
+ * being that the sha1_block 'C' version changes the values
+ * in the 'data' array. The assember code avoids this and
+ * copies it to a local array. I should be able to do this for
+ * the C version as well....
+ */
+#if 1
+#if defined(B_ENDIAN) || defined(SHA1_ASM)
+ if ((((unsigned int)data)%sizeof(ULONG)) == 0)
+ {
+ sw=len/SHA_CBLOCK;
+ if (sw)
+ {
+ sw*=SHA_CBLOCK;
+ sha1_block(c,(ULONG *)data,sw);
+ data+=sw;
+ len-=sw;
+ }
+ }
+#endif
+#endif
+ /* we now can process the input data in blocks of SHA_CBLOCK
+ * chars and save the leftovers to c->data. */
+ p=c->data;
+ while (len >= SHA_CBLOCK)
+ {
+#if defined(B_ENDIAN) || defined(L_ENDIAN)
+ if (p != (unsigned long *)data)
+ memcpy(p,data,SHA_CBLOCK);
+ data+=SHA_CBLOCK;
+# ifdef L_ENDIAN
+# ifndef SHA1_ASM /* Will not happen */
+ for (sw=(SHA_LBLOCK/4); sw; sw--)
+ {
+ Endian_Reverse32(p[0]);
+ Endian_Reverse32(p[1]);
+ Endian_Reverse32(p[2]);
+ Endian_Reverse32(p[3]);
+ p+=4;
+ }
+ p=c->data;
+# endif
+# endif
+#else
+ for (sw=(SHA_BLOCK/4); sw; sw--)
+ {
+ M_c2nl(data,l); *(p++)=l;
+ M_c2nl(data,l); *(p++)=l;
+ M_c2nl(data,l); *(p++)=l;
+ M_c2nl(data,l); *(p++)=l;
+ }
+ p=c->data;
+#endif
+ sha1_block(c,p,64);
+ len-=SHA_CBLOCK;
+ }
+ ec=(int)len;
+ c->num=ec;
+ ew=(ec>>2);
+ ec&=0x03;
+
+ for (sw=0; sw < ew; sw++)
+ { M_c2nl(data,l); p[sw]=l; }
+ M_c2nl_p(data,l,ec);
+ p[sw]=l;
+ }
+
+void SHA1_Transform(c,b)
+SHA_CTX *c;
+unsigned char *b;
+ {
+ ULONG p[16];
+#ifndef B_ENDIAN
+ ULONG *q;
+ int i;
+#endif
+
+#if defined(B_ENDIAN) || defined(L_ENDIAN)
+ memcpy(p,b,64);
+#ifdef L_ENDIAN
+ q=p;
+ for (i=(SHA_LBLOCK/4); i; i--)
+ {
+ Endian_Reverse32(q[0]);
+ Endian_Reverse32(q[1]);
+ Endian_Reverse32(q[2]);
+ Endian_Reverse32(q[3]);
+ q+=4;
+ }
+#endif
+#else
+ q=p;
+ for (i=(SHA_LBLOCK/4); i; i--)
+ {
+ ULONG l;
+ c2nl(b,l); *(q++)=l;
+ c2nl(b,l); *(q++)=l;
+ c2nl(b,l); *(q++)=l;
+ c2nl(b,l); *(q++)=l;
+ }
+#endif
+ sha1_block(c,p,64);
+ }
+
+#ifndef SHA1_ASM
+
+void sha1_block(c, W, num)
+SHA_CTX *c;
+register unsigned long *W;
+int num;
+ {
+ register ULONG A,B,C,D,E,T;
+ ULONG X[16];
+
+ A=c->h0;
+ B=c->h1;
+ C=c->h2;
+ D=c->h3;
+ E=c->h4;
+
+ for (;;)
+ {
+ BODY_00_15( 0,A,B,C,D,E,T,W);
+ BODY_00_15( 1,T,A,B,C,D,E,W);
+ BODY_00_15( 2,E,T,A,B,C,D,W);
+ BODY_00_15( 3,D,E,T,A,B,C,W);
+ BODY_00_15( 4,C,D,E,T,A,B,W);
+ BODY_00_15( 5,B,C,D,E,T,A,W);
+ BODY_00_15( 6,A,B,C,D,E,T,W);
+ BODY_00_15( 7,T,A,B,C,D,E,W);
+ BODY_00_15( 8,E,T,A,B,C,D,W);
+ BODY_00_15( 9,D,E,T,A,B,C,W);
+ BODY_00_15(10,C,D,E,T,A,B,W);
+ BODY_00_15(11,B,C,D,E,T,A,W);
+ BODY_00_15(12,A,B,C,D,E,T,W);
+ BODY_00_15(13,T,A,B,C,D,E,W);
+ BODY_00_15(14,E,T,A,B,C,D,W);
+ BODY_00_15(15,D,E,T,A,B,C,W);
+ BODY_16_19(16,C,D,E,T,A,B,W,W,W,W);
+ BODY_16_19(17,B,C,D,E,T,A,W,W,W,W);
+ BODY_16_19(18,A,B,C,D,E,T,W,W,W,W);
+ BODY_16_19(19,T,A,B,C,D,E,W,W,W,X);
+
+ BODY_20_31(20,E,T,A,B,C,D,W,W,W,X);
+ BODY_20_31(21,D,E,T,A,B,C,W,W,W,X);
+ BODY_20_31(22,C,D,E,T,A,B,W,W,W,X);
+ BODY_20_31(23,B,C,D,E,T,A,W,W,W,X);
+ BODY_20_31(24,A,B,C,D,E,T,W,W,X,X);
+ BODY_20_31(25,T,A,B,C,D,E,W,W,X,X);
+ BODY_20_31(26,E,T,A,B,C,D,W,W,X,X);
+ BODY_20_31(27,D,E,T,A,B,C,W,W,X,X);
+ BODY_20_31(28,C,D,E,T,A,B,W,W,X,X);
+ BODY_20_31(29,B,C,D,E,T,A,W,W,X,X);
+ BODY_20_31(30,A,B,C,D,E,T,W,X,X,X);
+ BODY_20_31(31,T,A,B,C,D,E,W,X,X,X);
+ BODY_32_39(32,E,T,A,B,C,D,X);
+ BODY_32_39(33,D,E,T,A,B,C,X);
+ BODY_32_39(34,C,D,E,T,A,B,X);
+ BODY_32_39(35,B,C,D,E,T,A,X);
+ BODY_32_39(36,A,B,C,D,E,T,X);
+ BODY_32_39(37,T,A,B,C,D,E,X);
+ BODY_32_39(38,E,T,A,B,C,D,X);
+ BODY_32_39(39,D,E,T,A,B,C,X);
+
+ BODY_40_59(40,C,D,E,T,A,B,X);
+ BODY_40_59(41,B,C,D,E,T,A,X);
+ BODY_40_59(42,A,B,C,D,E,T,X);
+ BODY_40_59(43,T,A,B,C,D,E,X);
+ BODY_40_59(44,E,T,A,B,C,D,X);
+ BODY_40_59(45,D,E,T,A,B,C,X);
+ BODY_40_59(46,C,D,E,T,A,B,X);
+ BODY_40_59(47,B,C,D,E,T,A,X);
+ BODY_40_59(48,A,B,C,D,E,T,X);
+ BODY_40_59(49,T,A,B,C,D,E,X);
+ BODY_40_59(50,E,T,A,B,C,D,X);
+ BODY_40_59(51,D,E,T,A,B,C,X);
+ BODY_40_59(52,C,D,E,T,A,B,X);
+ BODY_40_59(53,B,C,D,E,T,A,X);
+ BODY_40_59(54,A,B,C,D,E,T,X);
+ BODY_40_59(55,T,A,B,C,D,E,X);
+ BODY_40_59(56,E,T,A,B,C,D,X);
+ BODY_40_59(57,D,E,T,A,B,C,X);
+ BODY_40_59(58,C,D,E,T,A,B,X);
+ BODY_40_59(59,B,C,D,E,T,A,X);
+
+ BODY_60_79(60,A,B,C,D,E,T,X);
+ BODY_60_79(61,T,A,B,C,D,E,X);
+ BODY_60_79(62,E,T,A,B,C,D,X);
+ BODY_60_79(63,D,E,T,A,B,C,X);
+ BODY_60_79(64,C,D,E,T,A,B,X);
+ BODY_60_79(65,B,C,D,E,T,A,X);
+ BODY_60_79(66,A,B,C,D,E,T,X);
+ BODY_60_79(67,T,A,B,C,D,E,X);
+ BODY_60_79(68,E,T,A,B,C,D,X);
+ BODY_60_79(69,D,E,T,A,B,C,X);
+ BODY_60_79(70,C,D,E,T,A,B,X);
+ BODY_60_79(71,B,C,D,E,T,A,X);
+ BODY_60_79(72,A,B,C,D,E,T,X);
+ BODY_60_79(73,T,A,B,C,D,E,X);
+ BODY_60_79(74,E,T,A,B,C,D,X);
+ BODY_60_79(75,D,E,T,A,B,C,X);
+ BODY_60_79(76,C,D,E,T,A,B,X);
+ BODY_60_79(77,B,C,D,E,T,A,X);
+ BODY_60_79(78,A,B,C,D,E,T,X);
+ BODY_60_79(79,T,A,B,C,D,E,X);
+
+ c->h0=(c->h0+E)&0xffffffffL;
+ c->h1=(c->h1+T)&0xffffffffL;
+ c->h2=(c->h2+A)&0xffffffffL;
+ c->h3=(c->h3+B)&0xffffffffL;
+ c->h4=(c->h4+C)&0xffffffffL;
+
+ num-=64;
+ if (num <= 0) break;
+
+ A=c->h0;
+ B=c->h1;
+ C=c->h2;
+ D=c->h3;
+ E=c->h4;
+
+ W+=16;
+ }
+ }
+#endif
+
+void SHA1_Final(md, c)
+unsigned char *md;
+SHA_CTX *c;
+ {
+ register int i,j;
+ register ULONG l;
+ register ULONG *p;
+ static unsigned char end[4]={0x80,0x00,0x00,0x00};
+ unsigned char *cp=end;
+
+ /* c->num should definitly have room for at least one more byte. */
+ p=c->data;
+ j=c->num;
+ i=j>>2;
+#ifdef PURIFY
+ if ((j&0x03) == 0) p[i]=0;
+#endif
+ l=p[i];
+ M_p_c2nl(cp,l,j&0x03);
+ p[i]=l;
+ i++;
+ /* i is the next 'undefined word' */
+ if (c->num >= SHA_LAST_BLOCK)
+ {
+ for (; i<SHA_LBLOCK; i++)
+ p[i]=0;
+ sha1_block(c,p,64);
+ i=0;
+ }
+ for (; i<(SHA_LBLOCK-2); i++)
+ p[i]=0;
+ p[SHA_LBLOCK-2]=c->Nh;
+ p[SHA_LBLOCK-1]=c->Nl;
+#if defined(L_ENDIAN) && defined(SHA1_ASM)
+ Endian_Reverse32(p[SHA_LBLOCK-2]);
+ Endian_Reverse32(p[SHA_LBLOCK-1]);
+#endif
+ sha1_block(c,p,64);
+ cp=md;
+ l=c->h0; nl2c(l,cp);
+ l=c->h1; nl2c(l,cp);
+ l=c->h2; nl2c(l,cp);
+ l=c->h3; nl2c(l,cp);
+ l=c->h4; nl2c(l,cp);
+
+ /* clear stuff, sha1_block may be leaving some stuff on the stack
+ * but I'm not worried :-) */
+ c->num=0;
+/* memset((char *)&c,0,sizeof(c));*/
+ }
+
diff --git a/src/lib/libssl/src/crypto/sha/sha1s.cpp b/src/lib/libssl/src/crypto/sha/sha1s.cpp
new file mode 100644
index 0000000000..0163377de6
--- /dev/null
+++ b/src/lib/libssl/src/crypto/sha/sha1s.cpp
@@ -0,0 +1,79 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+ asm volatile(".byte 15, 49\n\t"
+ : "=eax" (tsc)
+ :
+ : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+ unsigned long a;
+ __asm _emit 0fh
+ __asm _emit 31h
+ __asm mov a, eax;
+ tsc=a;
+}
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "sha.h"
+
+extern "C" {
+void sha1_block_x86(SHA_CTX *ctx, unsigned char *buffer,int num);
+}
+
+void main(int argc,char *argv[])
+ {
+ unsigned char buffer[64*256];
+ SHA_CTX ctx;
+ unsigned long s1,s2,e1,e2;
+ unsigned char k[16];
+ unsigned long data[2];
+ unsigned char iv[8];
+ int i,num=0,numm;
+ int j=0;
+
+ if (argc >= 2)
+ num=atoi(argv[1]);
+
+ if (num == 0) num=16;
+ if (num > 250) num=16;
+ numm=num+2;
+ num*=64;
+ numm*=64;
+
+ for (j=0; j<6; j++)
+ {
+ for (i=0; i<10; i++) /**/
+ {
+ sha1_block_x86(&ctx,buffer,numm);
+ GetTSC(s1);
+ sha1_block_x86(&ctx,buffer,numm);
+ GetTSC(e1);
+ GetTSC(s2);
+ sha1_block_x86(&ctx,buffer,num);
+ GetTSC(e2);
+ sha1_block_x86(&ctx,buffer,num);
+ }
+
+ printf("sha1 (%d bytes) %d %d (%.2f)\n",num,
+ e1-s1,e2-s2,(double)((e1-s1)-(e2-s2))/2);
+ }
+ }
+
diff --git a/src/lib/libssl/src/crypto/sha/sha1test.c b/src/lib/libssl/src/crypto/sha/sha1test.c
new file mode 100644
index 0000000000..3c62a218b4
--- /dev/null
+++ b/src/lib/libssl/src/crypto/sha/sha1test.c
@@ -0,0 +1,155 @@
+/* crypto/sha/sha1test.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include "sha.h"
+
+#undef SHA_0 /* FIPS 180 */
+#define SHA_1 /* FIPS 180-1 */
+
+char *test[]={
+ "abc",
+ "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
+ NULL,
+ };
+
+#ifdef SHA_0
+char *ret[]={
+ "0164b8a914cd2a5e74c4f7ff082c4d97f1edf880",
+ "d2516ee1acfa5baf33dfc1c471e438449ef134c8",
+ };
+char *bigret=
+ "3232affa48628a26653b5aaa44541fd90d690603";
+#endif
+#ifdef SHA_1
+char *ret[]={
+ "a9993e364706816aba3e25717850c26c9cd0d89d",
+ "84983e441c3bd26ebaae4aa1f95129e5e54670f1",
+ };
+char *bigret=
+ "34aa973cd4c4daa4f61eeb2bdbad27316534016f";
+#endif
+
+#ifndef NOPROTO
+static char *pt(unsigned char *md);
+#else
+static char *pt();
+#endif
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ int i,err=0;
+ unsigned char **P,**R;
+ static unsigned char buf[1000];
+ char *p,*r;
+ SHA_CTX c;
+ unsigned char md[SHA_DIGEST_LENGTH];
+
+ P=(unsigned char **)test;
+ R=(unsigned char **)ret;
+ i=1;
+ while (*P != NULL)
+ {
+ p=pt(SHA1(*P,(unsigned long)strlen((char *)*P),NULL));
+ if (strcmp(p,(char *)*R) != 0)
+ {
+ printf("error calculating SHA1 on '%s'\n",*P);
+ printf("got %s instead of %s\n",p,*R);
+ err++;
+ }
+ else
+ printf("test %d ok\n",i);
+ i++;
+ R++;
+ P++;
+ }
+
+ memset(buf,'a',1000);
+ SHA1_Init(&c);
+ for (i=0; i<1000; i++)
+ SHA1_Update(&c,buf,1000);
+ SHA1_Final(md,&c);
+ p=pt(md);
+
+ r=bigret;
+ if (strcmp(p,r) != 0)
+ {
+ printf("error calculating SHA1 on 'a' * 1000\n");
+ printf("got %s instead of %s\n",p,r);
+ err++;
+ }
+ else
+ printf("test 3 ok\n");
+ exit(err);
+ return(0);
+ }
+
+static char *pt(md)
+unsigned char *md;
+ {
+ int i;
+ static char buf[80];
+
+ for (i=0; i<SHA_DIGEST_LENGTH; i++)
+ sprintf(&(buf[i*2]),"%02x",md[i]);
+ return(buf);
+ }
diff --git a/src/lib/libssl/src/crypto/sha/sha_dgst.c b/src/lib/libssl/src/crypto/sha/sha_dgst.c
new file mode 100644
index 0000000000..8ed533ea26
--- /dev/null
+++ b/src/lib/libssl/src/crypto/sha/sha_dgst.c
@@ -0,0 +1,442 @@
+/* crypto/sha/sha_dgst.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#define SHA_0
+#undef SHA_1
+#include "sha.h"
+#include "sha_locl.h"
+
+char *SHA_version="SHA part of SSLeay 0.9.0b 29-Jun-1998";
+
+/* Implemented from SHA-0 document - The Secure Hash Algorithm
+ */
+
+#define INIT_DATA_h0 (unsigned long)0x67452301L
+#define INIT_DATA_h1 (unsigned long)0xefcdab89L
+#define INIT_DATA_h2 (unsigned long)0x98badcfeL
+#define INIT_DATA_h3 (unsigned long)0x10325476L
+#define INIT_DATA_h4 (unsigned long)0xc3d2e1f0L
+
+#define K_00_19 0x5a827999L
+#define K_20_39 0x6ed9eba1L
+#define K_40_59 0x8f1bbcdcL
+#define K_60_79 0xca62c1d6L
+
+#ifndef NOPROTO
+ void sha_block(SHA_CTX *c, register unsigned long *p, int num);
+#else
+ void sha_block();
+#endif
+
+#define M_c2nl c2nl
+#define M_p_c2nl p_c2nl
+#define M_c2nl_p c2nl_p
+#define M_p_c2nl_p p_c2nl_p
+#define M_nl2c nl2c
+
+void SHA_Init(c)
+SHA_CTX *c;
+ {
+ c->h0=INIT_DATA_h0;
+ c->h1=INIT_DATA_h1;
+ c->h2=INIT_DATA_h2;
+ c->h3=INIT_DATA_h3;
+ c->h4=INIT_DATA_h4;
+ c->Nl=0;
+ c->Nh=0;
+ c->num=0;
+ }
+
+void SHA_Update(c, data, len)
+SHA_CTX *c;
+register unsigned char *data;
+unsigned long len;
+ {
+ register ULONG *p;
+ int ew,ec,sw,sc;
+ ULONG l;
+
+ if (len == 0) return;
+
+ l=(c->Nl+(len<<3))&0xffffffffL;
+ if (l < c->Nl) /* overflow */
+ c->Nh++;
+ c->Nh+=(len>>29);
+ c->Nl=l;
+
+ if (c->num != 0)
+ {
+ p=c->data;
+ sw=c->num>>2;
+ sc=c->num&0x03;
+
+ if ((c->num+len) >= SHA_CBLOCK)
+ {
+ l= p[sw];
+ M_p_c2nl(data,l,sc);
+ p[sw++]=l;
+ for (; sw<SHA_LBLOCK; sw++)
+ {
+ M_c2nl(data,l);
+ p[sw]=l;
+ }
+ len-=(SHA_CBLOCK-c->num);
+
+ sha_block(c,p,64);
+ c->num=0;
+ /* drop through and do the rest */
+ }
+ else
+ {
+ c->num+=(int)len;
+ if ((sc+len) < 4) /* ugly, add char's to a word */
+ {
+ l= p[sw];
+ M_p_c2nl_p(data,l,sc,len);
+ p[sw]=l;
+ }
+ else
+ {
+ ew=(c->num>>2);
+ ec=(c->num&0x03);
+ l= p[sw];
+ M_p_c2nl(data,l,sc);
+ p[sw++]=l;
+ for (; sw < ew; sw++)
+ { M_c2nl(data,l); p[sw]=l; }
+ if (ec)
+ {
+ M_c2nl_p(data,l,ec);
+ p[sw]=l;
+ }
+ }
+ return;
+ }
+ }
+ /* We can only do the following code for assember, the reason
+ * being that the sha_block 'C' version changes the values
+ * in the 'data' array. The assember code avoids this and
+ * copies it to a local array. I should be able to do this for
+ * the C version as well....
+ */
+#if 1
+#if defined(B_ENDIAN) || defined(SHA_ASM)
+ if ((((unsigned int)data)%sizeof(ULONG)) == 0)
+ {
+ sw=len/SHA_CBLOCK;
+ if (sw)
+ {
+ sw*=SHA_CBLOCK;
+ sha_block(c,(ULONG *)data,sw);
+ data+=sw;
+ len-=sw;
+ }
+ }
+#endif
+#endif
+ /* we now can process the input data in blocks of SHA_CBLOCK
+ * chars and save the leftovers to c->data. */
+ p=c->data;
+ while (len >= SHA_CBLOCK)
+ {
+#if defined(B_ENDIAN) || defined(L_ENDIAN)
+ if (p != (unsigned long *)data)
+ memcpy(p,data,SHA_CBLOCK);
+ data+=SHA_CBLOCK;
+# ifdef L_ENDIAN
+# ifndef SHA_ASM /* Will not happen */
+ for (sw=(SHA_LBLOCK/4); sw; sw--)
+ {
+ Endian_Reverse32(p[0]);
+ Endian_Reverse32(p[1]);
+ Endian_Reverse32(p[2]);
+ Endian_Reverse32(p[3]);
+ p+=4;
+ }
+ p=c->data;
+# endif
+# endif
+#else
+ for (sw=(SHA_BLOCK/4); sw; sw--)
+ {
+ M_c2nl(data,l); *(p++)=l;
+ M_c2nl(data,l); *(p++)=l;
+ M_c2nl(data,l); *(p++)=l;
+ M_c2nl(data,l); *(p++)=l;
+ }
+ p=c->data;
+#endif
+ sha_block(c,p,64);
+ len-=SHA_CBLOCK;
+ }
+ ec=(int)len;
+ c->num=ec;
+ ew=(ec>>2);
+ ec&=0x03;
+
+ for (sw=0; sw < ew; sw++)
+ { M_c2nl(data,l); p[sw]=l; }
+ M_c2nl_p(data,l,ec);
+ p[sw]=l;
+ }
+
+void SHA_Transform(c,b)
+SHA_CTX *c;
+unsigned char *b;
+ {
+ ULONG p[16];
+#if !defined(B_ENDIAN)
+ ULONG *q;
+ int i;
+#endif
+
+#if defined(B_ENDIAN) || defined(L_ENDIAN)
+ memcpy(p,b,64);
+#ifdef L_ENDIAN
+ q=p;
+ for (i=(SHA_LBLOCK/4); i; i--)
+ {
+ Endian_Reverse32(q[0]);
+ Endian_Reverse32(q[1]);
+ Endian_Reverse32(q[2]);
+ Endian_Reverse32(q[3]);
+ q+=4;
+ }
+#endif
+#else
+ q=p;
+ for (i=(SHA_LBLOCK/4); i; i--)
+ {
+ ULONG l;
+ c2nl(b,l); *(q++)=l;
+ c2nl(b,l); *(q++)=l;
+ c2nl(b,l); *(q++)=l;
+ c2nl(b,l); *(q++)=l;
+ }
+#endif
+ sha_block(c,p,64);
+ }
+
+void sha_block(c, W, num)
+SHA_CTX *c;
+register unsigned long *W;
+int num;
+ {
+ register ULONG A,B,C,D,E,T;
+ ULONG X[16];
+
+ A=c->h0;
+ B=c->h1;
+ C=c->h2;
+ D=c->h3;
+ E=c->h4;
+
+ for (;;)
+ {
+ BODY_00_15( 0,A,B,C,D,E,T,W);
+ BODY_00_15( 1,T,A,B,C,D,E,W);
+ BODY_00_15( 2,E,T,A,B,C,D,W);
+ BODY_00_15( 3,D,E,T,A,B,C,W);
+ BODY_00_15( 4,C,D,E,T,A,B,W);
+ BODY_00_15( 5,B,C,D,E,T,A,W);
+ BODY_00_15( 6,A,B,C,D,E,T,W);
+ BODY_00_15( 7,T,A,B,C,D,E,W);
+ BODY_00_15( 8,E,T,A,B,C,D,W);
+ BODY_00_15( 9,D,E,T,A,B,C,W);
+ BODY_00_15(10,C,D,E,T,A,B,W);
+ BODY_00_15(11,B,C,D,E,T,A,W);
+ BODY_00_15(12,A,B,C,D,E,T,W);
+ BODY_00_15(13,T,A,B,C,D,E,W);
+ BODY_00_15(14,E,T,A,B,C,D,W);
+ BODY_00_15(15,D,E,T,A,B,C,W);
+ BODY_16_19(16,C,D,E,T,A,B,W,W,W,W);
+ BODY_16_19(17,B,C,D,E,T,A,W,W,W,W);
+ BODY_16_19(18,A,B,C,D,E,T,W,W,W,W);
+ BODY_16_19(19,T,A,B,C,D,E,W,W,W,X);
+
+ BODY_20_31(20,E,T,A,B,C,D,W,W,W,X);
+ BODY_20_31(21,D,E,T,A,B,C,W,W,W,X);
+ BODY_20_31(22,C,D,E,T,A,B,W,W,W,X);
+ BODY_20_31(23,B,C,D,E,T,A,W,W,W,X);
+ BODY_20_31(24,A,B,C,D,E,T,W,W,X,X);
+ BODY_20_31(25,T,A,B,C,D,E,W,W,X,X);
+ BODY_20_31(26,E,T,A,B,C,D,W,W,X,X);
+ BODY_20_31(27,D,E,T,A,B,C,W,W,X,X);
+ BODY_20_31(28,C,D,E,T,A,B,W,W,X,X);
+ BODY_20_31(29,B,C,D,E,T,A,W,W,X,X);
+ BODY_20_31(30,A,B,C,D,E,T,W,X,X,X);
+ BODY_20_31(31,T,A,B,C,D,E,W,X,X,X);
+ BODY_32_39(32,E,T,A,B,C,D,X);
+ BODY_32_39(33,D,E,T,A,B,C,X);
+ BODY_32_39(34,C,D,E,T,A,B,X);
+ BODY_32_39(35,B,C,D,E,T,A,X);
+ BODY_32_39(36,A,B,C,D,E,T,X);
+ BODY_32_39(37,T,A,B,C,D,E,X);
+ BODY_32_39(38,E,T,A,B,C,D,X);
+ BODY_32_39(39,D,E,T,A,B,C,X);
+
+ BODY_40_59(40,C,D,E,T,A,B,X);
+ BODY_40_59(41,B,C,D,E,T,A,X);
+ BODY_40_59(42,A,B,C,D,E,T,X);
+ BODY_40_59(43,T,A,B,C,D,E,X);
+ BODY_40_59(44,E,T,A,B,C,D,X);
+ BODY_40_59(45,D,E,T,A,B,C,X);
+ BODY_40_59(46,C,D,E,T,A,B,X);
+ BODY_40_59(47,B,C,D,E,T,A,X);
+ BODY_40_59(48,A,B,C,D,E,T,X);
+ BODY_40_59(49,T,A,B,C,D,E,X);
+ BODY_40_59(50,E,T,A,B,C,D,X);
+ BODY_40_59(51,D,E,T,A,B,C,X);
+ BODY_40_59(52,C,D,E,T,A,B,X);
+ BODY_40_59(53,B,C,D,E,T,A,X);
+ BODY_40_59(54,A,B,C,D,E,T,X);
+ BODY_40_59(55,T,A,B,C,D,E,X);
+ BODY_40_59(56,E,T,A,B,C,D,X);
+ BODY_40_59(57,D,E,T,A,B,C,X);
+ BODY_40_59(58,C,D,E,T,A,B,X);
+ BODY_40_59(59,B,C,D,E,T,A,X);
+
+ BODY_60_79(60,A,B,C,D,E,T,X);
+ BODY_60_79(61,T,A,B,C,D,E,X);
+ BODY_60_79(62,E,T,A,B,C,D,X);
+ BODY_60_79(63,D,E,T,A,B,C,X);
+ BODY_60_79(64,C,D,E,T,A,B,X);
+ BODY_60_79(65,B,C,D,E,T,A,X);
+ BODY_60_79(66,A,B,C,D,E,T,X);
+ BODY_60_79(67,T,A,B,C,D,E,X);
+ BODY_60_79(68,E,T,A,B,C,D,X);
+ BODY_60_79(69,D,E,T,A,B,C,X);
+ BODY_60_79(70,C,D,E,T,A,B,X);
+ BODY_60_79(71,B,C,D,E,T,A,X);
+ BODY_60_79(72,A,B,C,D,E,T,X);
+ BODY_60_79(73,T,A,B,C,D,E,X);
+ BODY_60_79(74,E,T,A,B,C,D,X);
+ BODY_60_79(75,D,E,T,A,B,C,X);
+ BODY_60_79(76,C,D,E,T,A,B,X);
+ BODY_60_79(77,B,C,D,E,T,A,X);
+ BODY_60_79(78,A,B,C,D,E,T,X);
+ BODY_60_79(79,T,A,B,C,D,E,X);
+
+ c->h0=(c->h0+E)&0xffffffffL;
+ c->h1=(c->h1+T)&0xffffffffL;
+ c->h2=(c->h2+A)&0xffffffffL;
+ c->h3=(c->h3+B)&0xffffffffL;
+ c->h4=(c->h4+C)&0xffffffffL;
+
+ num-=64;
+ if (num <= 0) break;
+
+ A=c->h0;
+ B=c->h1;
+ C=c->h2;
+ D=c->h3;
+ E=c->h4;
+
+ W+=16;
+ }
+ }
+
+void SHA_Final(md, c)
+unsigned char *md;
+SHA_CTX *c;
+ {
+ register int i,j;
+ register ULONG l;
+ register ULONG *p;
+ static unsigned char end[4]={0x80,0x00,0x00,0x00};
+ unsigned char *cp=end;
+
+ /* c->num should definitly have room for at least one more byte. */
+ p=c->data;
+ j=c->num;
+ i=j>>2;
+#ifdef PURIFY
+ if ((j&0x03) == 0) p[i]=0;
+#endif
+ l=p[i];
+ M_p_c2nl(cp,l,j&0x03);
+ p[i]=l;
+ i++;
+ /* i is the next 'undefined word' */
+ if (c->num >= SHA_LAST_BLOCK)
+ {
+ for (; i<SHA_LBLOCK; i++)
+ p[i]=0;
+ sha_block(c,p,64);
+ i=0;
+ }
+ for (; i<(SHA_LBLOCK-2); i++)
+ p[i]=0;
+ p[SHA_LBLOCK-2]=c->Nh;
+ p[SHA_LBLOCK-1]=c->Nl;
+ sha_block(c,p,64);
+ cp=md;
+ l=c->h0; nl2c(l,cp);
+ l=c->h1; nl2c(l,cp);
+ l=c->h2; nl2c(l,cp);
+ l=c->h3; nl2c(l,cp);
+ l=c->h4; nl2c(l,cp);
+
+ /* clear stuff, sha_block may be leaving some stuff on the stack
+ * but I'm not worried :-) */
+ c->num=0;
+/* memset((char *)&c,0,sizeof(c));*/
+ }
+
diff --git a/src/lib/libssl/src/crypto/sha/sha_locl.h b/src/lib/libssl/src/crypto/sha/sha_locl.h
new file mode 100644
index 0000000000..2814ad15fa
--- /dev/null
+++ b/src/lib/libssl/src/crypto/sha/sha_locl.h
@@ -0,0 +1,246 @@
+/* crypto/sha/sha_locl.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdlib.h>
+#include <string.h>
+
+#ifdef undef
+/* one or the other needs to be defined */
+#ifndef SHA_1 /* FIPE 180-1 */
+#define SHA_0 /* FIPS 180 */
+#endif
+#endif
+
+#define ULONG unsigned long
+#define UCHAR unsigned char
+#define UINT unsigned int
+
+#ifdef NOCONST
+#define const
+#endif
+
+#undef c2nl
+#define c2nl(c,l) (l =(((unsigned long)(*((c)++)))<<24), \
+ l|=(((unsigned long)(*((c)++)))<<16), \
+ l|=(((unsigned long)(*((c)++)))<< 8), \
+ l|=(((unsigned long)(*((c)++))) ))
+
+#undef p_c2nl
+#define p_c2nl(c,l,n) { \
+ switch (n) { \
+ case 0: l =((unsigned long)(*((c)++)))<<24; \
+ case 1: l|=((unsigned long)(*((c)++)))<<16; \
+ case 2: l|=((unsigned long)(*((c)++)))<< 8; \
+ case 3: l|=((unsigned long)(*((c)++))); \
+ } \
+ }
+
+#undef c2nl_p
+/* NOTE the pointer is not incremented at the end of this */
+#define c2nl_p(c,l,n) { \
+ l=0; \
+ (c)+=n; \
+ switch (n) { \
+ case 3: l =((unsigned long)(*(--(c))))<< 8; \
+ case 2: l|=((unsigned long)(*(--(c))))<<16; \
+ case 1: l|=((unsigned long)(*(--(c))))<<24; \
+ } \
+ }
+
+#undef p_c2nl_p
+#define p_c2nl_p(c,l,sc,len) { \
+ switch (sc) \
+ { \
+ case 0: l =((unsigned long)(*((c)++)))<<24; \
+ if (--len == 0) break; \
+ case 1: l|=((unsigned long)(*((c)++)))<<16; \
+ if (--len == 0) break; \
+ case 2: l|=((unsigned long)(*((c)++)))<< 8; \
+ } \
+ }
+
+#undef nl2c
+#define nl2c(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>16)&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
+ *((c)++)=(unsigned char)(((l) )&0xff))
+
+#undef c2l
+#define c2l(c,l) (l =(((unsigned long)(*((c)++))) ), \
+ l|=(((unsigned long)(*((c)++)))<< 8), \
+ l|=(((unsigned long)(*((c)++)))<<16), \
+ l|=(((unsigned long)(*((c)++)))<<24))
+
+#undef p_c2l
+#define p_c2l(c,l,n) { \
+ switch (n) { \
+ case 0: l =((unsigned long)(*((c)++))); \
+ case 1: l|=((unsigned long)(*((c)++)))<< 8; \
+ case 2: l|=((unsigned long)(*((c)++)))<<16; \
+ case 3: l|=((unsigned long)(*((c)++)))<<24; \
+ } \
+ }
+
+#undef c2l_p
+/* NOTE the pointer is not incremented at the end of this */
+#define c2l_p(c,l,n) { \
+ l=0; \
+ (c)+=n; \
+ switch (n) { \
+ case 3: l =((unsigned long)(*(--(c))))<<16; \
+ case 2: l|=((unsigned long)(*(--(c))))<< 8; \
+ case 1: l|=((unsigned long)(*(--(c)))); \
+ } \
+ }
+
+#undef p_c2l_p
+#define p_c2l_p(c,l,sc,len) { \
+ switch (sc) \
+ { \
+ case 0: l =((unsigned long)(*((c)++))); \
+ if (--len == 0) break; \
+ case 1: l|=((unsigned long)(*((c)++)))<< 8; \
+ if (--len == 0) break; \
+ case 2: l|=((unsigned long)(*((c)++)))<<16; \
+ } \
+ }
+
+#undef l2c
+#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>16)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>24)&0xff))
+
+#undef ROTATE
+#if defined(WIN32)
+#define ROTATE(a,n) _lrotl(a,n)
+#else
+#define ROTATE(a,n) (((a)<<(n))|(((a)&0xffffffff)>>(32-(n))))
+#endif
+
+/* A nice byte order reversal from Wei Dai <weidai@eskimo.com> */
+#if defined(WIN32)
+/* 5 instructions with rotate instruction, else 9 */
+#define Endian_Reverse32(a) \
+ { \
+ unsigned long l=(a); \
+ (a)=((ROTATE(l,8)&0x00FF00FF)|(ROTATE(l,24)&0xFF00FF00)); \
+ }
+#else
+/* 6 instructions with rotate instruction, else 8 */
+#define Endian_Reverse32(a) \
+ { \
+ unsigned long l=(a); \
+ l=(((l&0xFF00FF00)>>8L)|((l&0x00FF00FF)<<8L)); \
+ (a)=ROTATE(l,16L); \
+ }
+#endif
+
+/* As pointed out by Wei Dai <weidai@eskimo.com>, F() below can be
+ * simplified to the code in F_00_19. Wei attributes these optimisations
+ * to Peter Gutmann's SHS code, and he attributes it to Rich Schroeppel.
+ * #define F(x,y,z) (((x) & (y)) | ((~(x)) & (z)))
+ * I've just become aware of another tweak to be made, again from Wei Dai,
+ * in F_40_59, (x&a)|(y&a) -> (x|y)&a
+ */
+#define F_00_19(b,c,d) ((((c) ^ (d)) & (b)) ^ (d))
+#define F_20_39(b,c,d) ((b) ^ (c) ^ (d))
+#define F_40_59(b,c,d) (((b) & (c)) | (((b)|(c)) & (d)))
+#define F_60_79(b,c,d) F_20_39(b,c,d)
+
+#ifdef SHA_0
+#undef Xupdate
+#define Xupdate(a,i,ia,ib,ic,id) X[(i)&0x0f]=(a)=\
+ (ia[(i)&0x0f]^ib[((i)+2)&0x0f]^ic[((i)+8)&0x0f]^id[((i)+13)&0x0f]);
+#endif
+#ifdef SHA_1
+#undef Xupdate
+#define Xupdate(a,i,ia,ib,ic,id) (a)=\
+ (ia[(i)&0x0f]^ib[((i)+2)&0x0f]^ic[((i)+8)&0x0f]^id[((i)+13)&0x0f]);\
+ X[(i)&0x0f]=(a)=ROTATE((a),1);
+#endif
+
+#define BODY_00_15(i,a,b,c,d,e,f,xa) \
+ (f)=xa[i]+(e)+K_00_19+ROTATE((a),5)+F_00_19((b),(c),(d)); \
+ (b)=ROTATE((b),30);
+
+#define BODY_16_19(i,a,b,c,d,e,f,xa,xb,xc,xd) \
+ Xupdate(f,i,xa,xb,xc,xd); \
+ (f)+=(e)+K_00_19+ROTATE((a),5)+F_00_19((b),(c),(d)); \
+ (b)=ROTATE((b),30);
+
+#define BODY_20_31(i,a,b,c,d,e,f,xa,xb,xc,xd) \
+ Xupdate(f,i,xa,xb,xc,xd); \
+ (f)+=(e)+K_20_39+ROTATE((a),5)+F_20_39((b),(c),(d)); \
+ (b)=ROTATE((b),30);
+
+#define BODY_32_39(i,a,b,c,d,e,f,xa) \
+ Xupdate(f,i,xa,xa,xa,xa); \
+ (f)+=(e)+K_20_39+ROTATE((a),5)+F_20_39((b),(c),(d)); \
+ (b)=ROTATE((b),30);
+
+#define BODY_40_59(i,a,b,c,d,e,f,xa) \
+ Xupdate(f,i,xa,xa,xa,xa); \
+ (f)+=(e)+K_40_59+ROTATE((a),5)+F_40_59((b),(c),(d)); \
+ (b)=ROTATE((b),30);
+
+#define BODY_60_79(i,a,b,c,d,e,f,xa) \
+ Xupdate(f,i,xa,xa,xa,xa); \
+ (f)=X[(i)&0x0f]+(e)+K_60_79+ROTATE((a),5)+F_60_79((b),(c),(d)); \
+ (b)=ROTATE((b),30);
+
diff --git a/src/lib/libssl/src/crypto/sha/sha_one.c b/src/lib/libssl/src/crypto/sha/sha_one.c
new file mode 100644
index 0000000000..18ab7f61bc
--- /dev/null
+++ b/src/lib/libssl/src/crypto/sha/sha_one.c
@@ -0,0 +1,77 @@
+/* crypto/sha/sha_one.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include "sha.h"
+
+unsigned char *SHA(d, n, md)
+unsigned char *d;
+unsigned long n;
+unsigned char *md;
+ {
+ SHA_CTX c;
+ static unsigned char m[SHA_DIGEST_LENGTH];
+
+ if (md == NULL) md=m;
+ SHA_Init(&c);
+ SHA_Update(&c,d,n);
+ SHA_Final(md,&c);
+ memset(&c,0,sizeof(c));
+ return(md);
+ }
diff --git a/src/lib/libssl/src/crypto/sha/shatest.c b/src/lib/libssl/src/crypto/sha/shatest.c
new file mode 100644
index 0000000000..03816e9b39
--- /dev/null
+++ b/src/lib/libssl/src/crypto/sha/shatest.c
@@ -0,0 +1,155 @@
+/* crypto/sha/shatest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include "sha.h"
+
+#define SHA_0 /* FIPS 180 */
+#undef SHA_1 /* FIPS 180-1 */
+
+char *test[]={
+ "abc",
+ "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
+ NULL,
+ };
+
+#ifdef SHA_0
+char *ret[]={
+ "0164b8a914cd2a5e74c4f7ff082c4d97f1edf880",
+ "d2516ee1acfa5baf33dfc1c471e438449ef134c8",
+ };
+char *bigret=
+ "3232affa48628a26653b5aaa44541fd90d690603";
+#endif
+#ifdef SHA_1
+char *ret[]={
+ "a9993e364706816aba3e25717850c26c9cd0d89d",
+ "84983e441c3bd26ebaae4aa1f95129e5e54670f1",
+ };
+char *bigret=
+ "34aa973cd4c4daa4f61eeb2bdbad27316534016f";
+#endif
+
+#ifndef NOPROTO
+static char *pt(unsigned char *md);
+#else
+static char *pt();
+#endif
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ int i,err=0;
+ unsigned char **P,**R;
+ static unsigned char buf[1000];
+ char *p,*r;
+ SHA_CTX c;
+ unsigned char md[SHA_DIGEST_LENGTH];
+
+ P=(unsigned char **)test;
+ R=(unsigned char **)ret;
+ i=1;
+ while (*P != NULL)
+ {
+ p=pt(SHA(*P,(unsigned long)strlen((char *)*P),NULL));
+ if (strcmp(p,(char *)*R) != 0)
+ {
+ printf("error calculating SHA on '%s'\n",*P);
+ printf("got %s instead of %s\n",p,*R);
+ err++;
+ }
+ else
+ printf("test %d ok\n",i);
+ i++;
+ R++;
+ P++;
+ }
+
+ memset(buf,'a',1000);
+ SHA_Init(&c);
+ for (i=0; i<1000; i++)
+ SHA_Update(&c,buf,1000);
+ SHA_Final(md,&c);
+ p=pt(md);
+
+ r=bigret;
+ if (strcmp(p,r) != 0)
+ {
+ printf("error calculating SHA on '%s'\n",p);
+ printf("got %s instead of %s\n",p,r);
+ err++;
+ }
+ else
+ printf("test 3 ok\n");
+ exit(err);
+ return(0);
+ }
+
+static char *pt(md)
+unsigned char *md;
+ {
+ int i;
+ static char buf[80];
+
+ for (i=0; i<SHA_DIGEST_LENGTH; i++)
+ sprintf(&(buf[i*2]),"%02x",md[i]);
+ return(buf);
+ }
diff --git a/src/lib/libssl/src/crypto/stack/stack.c b/src/lib/libssl/src/crypto/stack/stack.c
new file mode 100644
index 0000000000..610ccbb756
--- /dev/null
+++ b/src/lib/libssl/src/crypto/stack/stack.c
@@ -0,0 +1,307 @@
+/* crypto/stack/stack.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* Code for stacks
+ * Author - Eric Young v 1.0
+ * 1.2 eay 12-Mar-97 - Modified sk_find so that it _DOES_ return the
+ * lowest index for the seached item.
+ *
+ * 1.1 eay - Take from netdb and added to SSLeay
+ *
+ * 1.0 eay - First version 29/07/92
+ */
+#include <stdio.h>
+#include "cryptlib.h"
+#include "stack.h"
+
+#undef MIN_NODES
+#define MIN_NODES 4
+
+char *STACK_version="STACK part of SSLeay 0.9.0b 29-Jun-1998";
+
+#ifndef NOPROTO
+#define FP_ICC (int (*)(const void *,const void *))
+#else
+#define FP_ICC
+#endif
+
+#include <errno.h>
+
+void sk_set_cmp_func(sk,c)
+STACK *sk;
+int (*c)();
+ {
+ if (sk->comp != c)
+ sk->sorted=0;
+ sk->comp=c;
+ }
+
+STACK *sk_dup(sk)
+STACK *sk;
+ {
+ STACK *ret;
+ char **s;
+
+ if ((ret=sk_new(sk->comp)) == NULL) goto err;
+ s=(char **)Realloc((char *)ret->data,
+ (unsigned int)sizeof(char *)*sk->num_alloc);
+ if (s == NULL) goto err;
+ ret->data=s;
+
+ ret->num=sk->num;
+ memcpy(ret->data,sk->data,sizeof(char *)*sk->num);
+ ret->sorted=sk->sorted;
+ ret->num_alloc=sk->num_alloc;
+ ret->comp=sk->comp;
+ return(ret);
+err:
+ return(NULL);
+ }
+
+STACK *sk_new(c)
+int (*c)();
+ {
+ STACK *ret;
+ int i;
+
+ if ((ret=(STACK *)Malloc(sizeof(STACK))) == NULL)
+ goto err0;
+ if ((ret->data=(char **)Malloc(sizeof(char *)*MIN_NODES)) == NULL)
+ goto err1;
+ for (i=0; i<MIN_NODES; i++)
+ ret->data[i]=NULL;
+ ret->comp=c;
+ ret->num_alloc=MIN_NODES;
+ ret->num=0;
+ ret->sorted=0;
+ return(ret);
+err1:
+ Free((char *)ret);
+err0:
+ return(NULL);
+ }
+
+int sk_insert(st,data,loc)
+STACK *st;
+char *data;
+int loc;
+ {
+ char **s;
+
+ if (st->num_alloc <= st->num+1)
+ {
+ s=(char **)Realloc((char *)st->data,
+ (unsigned int)sizeof(char *)*st->num_alloc*2);
+ if (s == NULL)
+ return(0);
+ st->data=s;
+ st->num_alloc*=2;
+ }
+ if ((loc >= (int)st->num) || (loc < 0))
+ st->data[st->num]=data;
+ else
+ {
+ int i;
+ char **f,**t;
+
+ f=(char **)st->data;
+ t=(char **)&(st->data[1]);
+ for (i=st->num; i>loc; i--)
+ t[i]=f[i];
+
+#ifdef undef /* no memmove on sunos :-( */
+ memmove( (char *)&(st->data[loc+1]),
+ (char *)&(st->data[loc]),
+ sizeof(char *)*(st->num-loc));
+#endif
+ st->data[loc]=data;
+ }
+ st->num++;
+ st->sorted=0;
+ return(st->num);
+ }
+
+char *sk_delete_ptr(st,p)
+STACK *st;
+char *p;
+ {
+ int i;
+
+ for (i=0; i<st->num; i++)
+ if (st->data[i] == p)
+ return(sk_delete(st,i));
+ return(NULL);
+ }
+
+char *sk_delete(st,loc)
+STACK *st;
+int loc;
+ {
+ char *ret;
+ int i,j;
+
+ if ((st->num == 0) || (loc < 0) || (loc >= st->num)) return(NULL);
+
+ ret=st->data[loc];
+ if (loc != st->num-1)
+ {
+ j=st->num-1;
+ for (i=loc; i<j; i++)
+ st->data[i]=st->data[i+1];
+ /* In theory memcpy is not safe for this
+ * memcpy( &(st->data[loc]),
+ * &(st->data[loc+1]),
+ * sizeof(char *)*(st->num-loc-1));
+ */
+ }
+ st->num--;
+ return(ret);
+ }
+
+int sk_find(st,data)
+STACK *st;
+char *data;
+ {
+ char **r;
+ int i;
+ int (*comp_func)();
+
+ if (st->comp == NULL)
+ {
+ for (i=0; i<st->num; i++)
+ if (st->data[i] == data)
+ return(i);
+ return(-1);
+ }
+ comp_func=(int (*)())st->comp;
+ if (!st->sorted)
+ {
+ qsort((char *)st->data,st->num,sizeof(char *),FP_ICC comp_func);
+ st->sorted=1;
+ }
+ if (data == NULL) return(-1);
+ r=(char **)bsearch(&data,(char *)st->data,
+ st->num,sizeof(char *),FP_ICC comp_func);
+ if (r == NULL) return(-1);
+ i=(int)(r-st->data);
+ for ( ; i>0; i--)
+ if ((*st->comp)(&(st->data[i-1]),&data) < 0)
+ break;
+ return(i);
+ }
+
+int sk_push(st,data)
+STACK *st;
+char *data;
+ {
+ return(sk_insert(st,data,st->num));
+ }
+
+int sk_unshift(st,data)
+STACK *st;
+char *data;
+ {
+ return(sk_insert(st,data,0));
+ }
+
+char *sk_shift(st)
+STACK *st;
+ {
+ if (st == NULL) return(NULL);
+ if (st->num <= 0) return(NULL);
+ return(sk_delete(st,0));
+ }
+
+char *sk_pop(st)
+STACK *st;
+ {
+ if (st == NULL) return(NULL);
+ if (st->num <= 0) return(NULL);
+ return(sk_delete(st,st->num-1));
+ }
+
+void sk_zero(st)
+STACK *st;
+ {
+ if (st == NULL) return;
+ if (st->num <= 0) return;
+ memset((char *)st->data,0,sizeof(st->data)*st->num);
+ st->num=0;
+ }
+
+void sk_pop_free(st,func)
+STACK *st;
+void (*func)();
+ {
+ int i;
+
+ if (st == NULL) return;
+ for (i=0; i<st->num; i++)
+ if (st->data[i] != NULL)
+ func(st->data[i]);
+ sk_free(st);
+ }
+
+void sk_free(st)
+STACK *st;
+ {
+ if (st == NULL) return;
+ if (st->data != NULL) Free((char *)st->data);
+ Free((char *)st);
+ }
+
diff --git a/src/lib/libssl/src/crypto/stack/stack.h b/src/lib/libssl/src/crypto/stack/stack.h
new file mode 100644
index 0000000000..615eb6ff94
--- /dev/null
+++ b/src/lib/libssl/src/crypto/stack/stack.h
@@ -0,0 +1,120 @@
+/* crypto/stack/stack.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_STACK_H
+#define HEADER_STACK_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef struct stack_st
+ {
+ int num;
+ char **data;
+ int sorted;
+
+ int num_alloc;
+ int (*comp)();
+ } STACK;
+
+#define sk_num(sk) ((sk)->num)
+#define sk_value(sk,n) ((sk)->data[n])
+
+#define sk_new_null() sk_new(NULL)
+#ifndef NOPROTO
+
+STACK *sk_new(int (*cmp)());
+void sk_free(STACK *);
+void sk_pop_free(STACK *st, void (*func)());
+int sk_insert(STACK *sk,char *data,int where);
+char *sk_delete(STACK *st,int loc);
+char *sk_delete_ptr(STACK *st, char *p);
+int sk_find(STACK *st,char *data);
+int sk_push(STACK *st,char *data);
+int sk_unshift(STACK *st,char *data);
+char *sk_shift(STACK *st);
+char *sk_pop(STACK *st);
+void sk_zero(STACK *st);
+void sk_set_cmp_func(STACK *sk, int (*c)());
+STACK *sk_dup(STACK *st);
+
+#else
+
+STACK *sk_new();
+void sk_free();
+void sk_pop_free();
+int sk_insert();
+char *sk_delete();
+char *sk_delete_ptr();
+int sk_find();
+int sk_push();
+int sk_unshift();
+char *sk_shift();
+char *sk_pop();
+void sk_zero();
+void sk_set_cmp_func();
+STACK *sk_dup();
+
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/src/lib/libssl/src/crypto/threads/mttest.c b/src/lib/libssl/src/crypto/threads/mttest.c
new file mode 100644
index 0000000000..be395f2bc4
--- /dev/null
+++ b/src/lib/libssl/src/crypto/threads/mttest.c
@@ -0,0 +1,1115 @@
+/* crypto/threads/mttest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#ifdef LINUX
+#include <typedefs.h>
+#endif
+#ifdef WIN32
+#include <windows.h>
+#endif
+#ifdef SOLARIS
+#include <synch.h>
+#include <thread.h>
+#endif
+#ifdef IRIX
+#include <ulocks.h>
+#include <sys/prctl.h>
+#endif
+#include "lhash.h"
+#include "crypto.h"
+#include "buffer.h"
+#include "../e_os.h"
+#include "x509.h"
+#include "ssl.h"
+#include "err.h"
+
+#ifdef NO_FP_API
+#define APPS_WIN16
+#include "../crypto/buffer/bss_file.c"
+#endif
+
+#define TEST_SERVER_CERT "../apps/server.pem"
+#define TEST_CLIENT_CERT "../apps/client.pem"
+
+#define MAX_THREAD_NUMBER 100
+
+#ifndef NOPROTO
+int MS_CALLBACK verify_callback(int ok, X509 *xs, X509 *xi, int depth,
+ int error,char *arg);
+void thread_setup(void);
+void thread_cleanup(void);
+void do_threads(SSL_CTX *s_ctx,SSL_CTX *c_ctx);
+
+void irix_locking_callback(int mode,int type,char *file,int line);
+void solaris_locking_callback(int mode,int type,char *file,int line);
+void win32_locking_callback(int mode,int type,char *file,int line);
+void pthreads_locking_callback(int mode,int type,char *file,int line);
+
+unsigned long irix_thread_id(void );
+unsigned long solaris_thread_id(void );
+unsigned long pthreads_thread_id(void );
+
+#else
+int MS_CALLBACK verify_callback();
+void thread_setup();
+void thread_cleanup();
+void do_threads();
+
+void irix_locking_callback();
+void solaris_locking_callback();
+void win32_locking_callback();
+void pthreads_locking_callback();
+
+unsigned long irix_thread_id();
+unsigned long solaris_thread_id();
+unsigned long pthreads_thread_id();
+
+#endif
+
+BIO *bio_err=NULL;
+BIO *bio_stdout=NULL;
+
+static char *cipher=NULL;
+int verbose=0;
+#ifdef FIONBIO
+static int s_nbio=0;
+#endif
+
+int thread_number=10;
+int number_of_loops=10;
+int reconnect=0;
+int cache_stats=0;
+
+#ifndef NOPROTO
+int doit(char *ctx[4]);
+#else
+int doit();
+#endif
+
+static void print_stats(fp,ctx)
+FILE *fp;
+SSL_CTX *ctx;
+{
+ fprintf(fp,"%4ld items in the session cache\n",
+ SSL_CTX_sess_number(ctx));
+ fprintf(fp,"%4d client connects (SSL_connect())\n",
+ SSL_CTX_sess_connect(ctx));
+ fprintf(fp,"%4d client connects that finished\n",
+ SSL_CTX_sess_connect_good(ctx));
+ fprintf(fp,"%4d server connects (SSL_accept())\n",
+ SSL_CTX_sess_accept(ctx));
+ fprintf(fp,"%4d server connects that finished\n",
+ SSL_CTX_sess_accept_good(ctx));
+ fprintf(fp,"%4d session cache hits\n",SSL_CTX_sess_hits(ctx));
+ fprintf(fp,"%4d session cache misses\n",SSL_CTX_sess_misses(ctx));
+ fprintf(fp,"%4d session cache timeouts\n",SSL_CTX_sess_timeouts(ctx));
+ }
+
+static void sv_usage()
+ {
+ fprintf(stderr,"usage: ssltest [args ...]\n");
+ fprintf(stderr,"\n");
+ fprintf(stderr," -server_auth - check server certificate\n");
+ fprintf(stderr," -client_auth - do client authentication\n");
+ fprintf(stderr," -v - more output\n");
+ fprintf(stderr," -CApath arg - PEM format directory of CA's\n");
+ fprintf(stderr," -CAfile arg - PEM format file of CA's\n");
+ fprintf(stderr," -threads arg - number of threads\n");
+ fprintf(stderr," -loops arg - number of 'connections', per thread\n");
+ fprintf(stderr," -reconnect - reuse session-id's\n");
+ fprintf(stderr," -stats - server session-id cache stats\n");
+ fprintf(stderr," -cert arg - server certificate/key\n");
+ fprintf(stderr," -ccert arg - client certificate/key\n");
+ fprintf(stderr," -ssl3 - just SSLv3n\n");
+ }
+
+int main(argc, argv)
+int argc;
+char *argv[];
+ {
+ char *CApath=NULL,*CAfile=NULL;
+ int badop=0;
+ int ret=1;
+ int client_auth=0;
+ int server_auth=0;
+ SSL_CTX *s_ctx=NULL;
+ SSL_CTX *c_ctx=NULL;
+ char *scert=TEST_SERVER_CERT;
+ char *ccert=TEST_CLIENT_CERT;
+ SSL_METHOD *ssl_method=SSLv23_method();
+
+ if (bio_err == NULL)
+ bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
+ if (bio_stdout == NULL)
+ bio_stdout=BIO_new_fp(stdout,BIO_NOCLOSE);
+ argc--;
+ argv++;
+
+ while (argc >= 1)
+ {
+ if (strcmp(*argv,"-server_auth") == 0)
+ server_auth=1;
+ else if (strcmp(*argv,"-client_auth") == 0)
+ client_auth=1;
+ else if (strcmp(*argv,"-reconnect") == 0)
+ reconnect=1;
+ else if (strcmp(*argv,"-stats") == 0)
+ cache_stats=1;
+ else if (strcmp(*argv,"-ssl3") == 0)
+ ssl_method=SSLv3_method();
+ else if (strcmp(*argv,"-ssl2") == 0)
+ ssl_method=SSLv2_method();
+ else if (strcmp(*argv,"-CApath") == 0)
+ {
+ if (--argc < 1) goto bad;
+ CApath= *(++argv);
+ }
+ else if (strcmp(*argv,"-CAfile") == 0)
+ {
+ if (--argc < 1) goto bad;
+ CAfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-cert") == 0)
+ {
+ if (--argc < 1) goto bad;
+ scert= *(++argv);
+ }
+ else if (strcmp(*argv,"-ccert") == 0)
+ {
+ if (--argc < 1) goto bad;
+ ccert= *(++argv);
+ }
+ else if (strcmp(*argv,"-threads") == 0)
+ {
+ if (--argc < 1) goto bad;
+ thread_number= atoi(*(++argv));
+ if (thread_number == 0) thread_number=1;
+ if (thread_number > MAX_THREAD_NUMBER)
+ thread_number=MAX_THREAD_NUMBER;
+ }
+ else if (strcmp(*argv,"-loops") == 0)
+ {
+ if (--argc < 1) goto bad;
+ number_of_loops= atoi(*(++argv));
+ if (number_of_loops == 0) number_of_loops=1;
+ }
+ else
+ {
+ fprintf(stderr,"unknown option %s\n",*argv);
+ badop=1;
+ break;
+ }
+ argc--;
+ argv++;
+ }
+ if (badop)
+ {
+bad:
+ sv_usage();
+ goto end;
+ }
+
+ if (cipher == NULL) cipher=getenv("SSL_CIPHER");
+
+ SSL_load_error_strings();
+ SSLeay_add_ssl_algorithms();
+
+ c_ctx=SSL_CTX_new(ssl_method);
+ s_ctx=SSL_CTX_new(ssl_method);
+ if ((c_ctx == NULL) || (s_ctx == NULL))
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ SSL_CTX_set_session_cache_mode(s_ctx,
+ SSL_SESS_CACHE_NO_AUTO_CLEAR|SSL_SESS_CACHE_SERVER);
+ SSL_CTX_set_session_cache_mode(c_ctx,
+ SSL_SESS_CACHE_NO_AUTO_CLEAR|SSL_SESS_CACHE_SERVER);
+
+ SSL_CTX_use_certificate_file(s_ctx,scert,SSL_FILETYPE_PEM);
+ SSL_CTX_use_RSAPrivateKey_file(s_ctx,scert,SSL_FILETYPE_PEM);
+
+ if (client_auth)
+ {
+ SSL_CTX_use_certificate_file(c_ctx,ccert,
+ SSL_FILETYPE_PEM);
+ SSL_CTX_use_RSAPrivateKey_file(c_ctx,ccert,
+ SSL_FILETYPE_PEM);
+ }
+
+ if ( (!SSL_CTX_load_verify_locations(s_ctx,CAfile,CApath)) ||
+ (!SSL_CTX_set_default_verify_paths(s_ctx)) ||
+ (!SSL_CTX_load_verify_locations(c_ctx,CAfile,CApath)) ||
+ (!SSL_CTX_set_default_verify_paths(c_ctx)))
+ {
+ fprintf(stderr,"SSL_load_verify_locations\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (client_auth)
+ {
+ fprintf(stderr,"client authentication\n");
+ SSL_CTX_set_verify(s_ctx,
+ SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
+ verify_callback);
+ }
+ if (server_auth)
+ {
+ fprintf(stderr,"server authentication\n");
+ SSL_CTX_set_verify(c_ctx,SSL_VERIFY_PEER,
+ verify_callback);
+ }
+
+ thread_setup();
+ do_threads(s_ctx,c_ctx);
+ thread_cleanup();
+end:
+
+ if (c_ctx != NULL)
+ {
+ fprintf(stderr,"Client SSL_CTX stats then free it\n");
+ print_stats(stderr,c_ctx);
+ SSL_CTX_free(c_ctx);
+ }
+ if (s_ctx != NULL)
+ {
+ fprintf(stderr,"Server SSL_CTX stats then free it\n");
+ print_stats(stderr,s_ctx);
+ if (cache_stats)
+ {
+ fprintf(stderr,"-----\n");
+ lh_stats(SSL_CTX_sessions(s_ctx),stderr);
+ fprintf(stderr,"-----\n");
+ /* lh_node_stats(SSL_CTX_sessions(s_ctx),stderr);
+ fprintf(stderr,"-----\n"); */
+ lh_node_usage_stats(SSL_CTX_sessions(s_ctx),stderr);
+ fprintf(stderr,"-----\n");
+ }
+ SSL_CTX_free(s_ctx);
+ fprintf(stderr,"done free\n");
+ }
+ exit(ret);
+ return(0);
+ }
+
+#define W_READ 1
+#define W_WRITE 2
+#define C_DONE 1
+#define S_DONE 2
+
+int ndoit(ssl_ctx)
+SSL_CTX *ssl_ctx[2];
+ {
+ int i;
+ int ret;
+ char *ctx[4];
+
+ ctx[0]=(char *)ssl_ctx[0];
+ ctx[1]=(char *)ssl_ctx[1];
+
+ if (reconnect)
+ {
+ ctx[2]=(char *)SSL_new(ssl_ctx[0]);
+ ctx[3]=(char *)SSL_new(ssl_ctx[1]);
+ }
+ else
+ {
+ ctx[2]=NULL;
+ ctx[3]=NULL;
+ }
+
+ fprintf(stdout,"started thread %lu\n",CRYPTO_thread_id());
+ for (i=0; i<number_of_loops; i++)
+ {
+/* fprintf(stderr,"%4d %2d ctx->ref (%3d,%3d)\n",
+ CRYPTO_thread_id(),i,
+ ssl_ctx[0]->references,
+ ssl_ctx[1]->references); */
+ /* pthread_delay_np(&tm);*/
+
+ ret=doit(ctx);
+ if (ret != 0)
+ {
+ fprintf(stdout,"error[%d] %lu - %d\n",
+ i,CRYPTO_thread_id(),ret);
+ return(ret);
+ }
+ }
+ fprintf(stdout,"DONE %lu\n",CRYPTO_thread_id());
+ if (reconnect)
+ {
+ SSL_free((SSL *)ctx[2]);
+ SSL_free((SSL *)ctx[3]);
+ }
+ return(0);
+ }
+
+int doit(ctx)
+char *ctx[4];
+ {
+ SSL_CTX *s_ctx,*c_ctx;
+ static char cbuf[200],sbuf[200];
+ SSL *c_ssl=NULL;
+ SSL *s_ssl=NULL;
+ BIO *c_to_s=NULL;
+ BIO *s_to_c=NULL;
+ BIO *c_bio=NULL;
+ BIO *s_bio=NULL;
+ int c_r,c_w,s_r,s_w;
+ int c_want,s_want;
+ int i;
+ int done=0;
+ int c_write,s_write;
+ int do_server=0,do_client=0;
+
+ s_ctx=(SSL_CTX *)ctx[0];
+ c_ctx=(SSL_CTX *)ctx[1];
+
+ if (ctx[2] != NULL)
+ s_ssl=(SSL *)ctx[2];
+ else
+ s_ssl=SSL_new(s_ctx);
+
+ if (ctx[3] != NULL)
+ c_ssl=(SSL *)ctx[3];
+ else
+ c_ssl=SSL_new(c_ctx);
+
+ if ((s_ssl == NULL) || (c_ssl == NULL)) goto err;
+
+ c_to_s=BIO_new(BIO_s_mem());
+ s_to_c=BIO_new(BIO_s_mem());
+ if ((s_to_c == NULL) || (c_to_s == NULL)) goto err;
+
+ c_bio=BIO_new(BIO_f_ssl());
+ s_bio=BIO_new(BIO_f_ssl());
+ if ((c_bio == NULL) || (s_bio == NULL)) goto err;
+
+ SSL_set_connect_state(c_ssl);
+ SSL_set_bio(c_ssl,s_to_c,c_to_s);
+ BIO_set_ssl(c_bio,c_ssl,(ctx[2] == NULL)?BIO_CLOSE:BIO_NOCLOSE);
+
+ SSL_set_accept_state(s_ssl);
+ SSL_set_bio(s_ssl,c_to_s,s_to_c);
+ BIO_set_ssl(s_bio,s_ssl,(ctx[3] == NULL)?BIO_CLOSE:BIO_NOCLOSE);
+
+ c_r=0; s_r=1;
+ c_w=1; s_w=0;
+ c_want=W_WRITE;
+ s_want=0;
+ c_write=1,s_write=0;
+
+ /* We can always do writes */
+ for (;;)
+ {
+ do_server=0;
+ do_client=0;
+
+ i=(int)BIO_pending(s_bio);
+ if ((i && s_r) || s_w) do_server=1;
+
+ i=(int)BIO_pending(c_bio);
+ if ((i && c_r) || c_w) do_client=1;
+
+ if (do_server && verbose)
+ {
+ if (SSL_in_init(s_ssl))
+ printf("server waiting in SSL_accept - %s\n",
+ SSL_state_string_long(s_ssl));
+ else if (s_write)
+ printf("server:SSL_write()\n");
+ else
+ printf("server:SSL_read()\n");
+ }
+
+ if (do_client && verbose)
+ {
+ if (SSL_in_init(c_ssl))
+ printf("client waiting in SSL_connect - %s\n",
+ SSL_state_string_long(c_ssl));
+ else if (c_write)
+ printf("client:SSL_write()\n");
+ else
+ printf("client:SSL_read()\n");
+ }
+
+ if (!do_client && !do_server)
+ {
+ fprintf(stdout,"ERROR IN STARTUP\n");
+ break;
+ }
+ if (do_client && !(done & C_DONE))
+ {
+ if (c_write)
+ {
+ i=BIO_write(c_bio,"hello from client\n",18);
+ if (i < 0)
+ {
+ c_r=0;
+ c_w=0;
+ if (BIO_should_retry(c_bio))
+ {
+ if (BIO_should_read(c_bio))
+ c_r=1;
+ if (BIO_should_write(c_bio))
+ c_w=1;
+ }
+ else
+ {
+ fprintf(stderr,"ERROR in CLIENT\n");
+ return(1);
+ }
+ }
+ else if (i == 0)
+ {
+ fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
+ return(1);
+ }
+ else
+ {
+ /* ok */
+ c_write=0;
+ }
+ }
+ else
+ {
+ i=BIO_read(c_bio,cbuf,100);
+ if (i < 0)
+ {
+ c_r=0;
+ c_w=0;
+ if (BIO_should_retry(c_bio))
+ {
+ if (BIO_should_read(c_bio))
+ c_r=1;
+ if (BIO_should_write(c_bio))
+ c_w=1;
+ }
+ else
+ {
+ fprintf(stderr,"ERROR in CLIENT\n");
+ return(1);
+ }
+ }
+ else if (i == 0)
+ {
+ fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
+ return(1);
+ }
+ else
+ {
+ done|=C_DONE;
+#ifdef undef
+ fprintf(stdout,"CLIENT:from server:");
+ fwrite(cbuf,1,i,stdout);
+ fflush(stdout);
+#endif
+ }
+ }
+ }
+
+ if (do_server && !(done & S_DONE))
+ {
+ if (!s_write)
+ {
+ i=BIO_read(s_bio,sbuf,100);
+ if (i < 0)
+ {
+ s_r=0;
+ s_w=0;
+ if (BIO_should_retry(s_bio))
+ {
+ if (BIO_should_read(s_bio))
+ s_r=1;
+ if (BIO_should_write(s_bio))
+ s_w=1;
+ }
+ else
+ {
+ fprintf(stderr,"ERROR in SERVER\n");
+ ERR_print_errors_fp(stderr);
+ return(1);
+ }
+ }
+ else if (i == 0)
+ {
+ fprintf(stderr,"SSL SERVER STARTUP FAILED\n");
+ return(1);
+ }
+ else
+ {
+ s_write=1;
+ s_w=1;
+#ifdef undef
+ fprintf(stdout,"SERVER:from client:");
+ fwrite(sbuf,1,i,stdout);
+ fflush(stdout);
+#endif
+ }
+ }
+ else
+ {
+ i=BIO_write(s_bio,"hello from server\n",18);
+ if (i < 0)
+ {
+ s_r=0;
+ s_w=0;
+ if (BIO_should_retry(s_bio))
+ {
+ if (BIO_should_read(s_bio))
+ s_r=1;
+ if (BIO_should_write(s_bio))
+ s_w=1;
+ }
+ else
+ {
+ fprintf(stderr,"ERROR in SERVER\n");
+ ERR_print_errors_fp(stderr);
+ return(1);
+ }
+ }
+ else if (i == 0)
+ {
+ fprintf(stderr,"SSL SERVER STARTUP FAILED\n");
+ return(1);
+ }
+ else
+ {
+ s_write=0;
+ s_r=1;
+ done|=S_DONE;
+ }
+ }
+ }
+
+ if ((done & S_DONE) && (done & C_DONE)) break;
+ }
+
+ SSL_set_shutdown(c_ssl,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
+ SSL_set_shutdown(s_ssl,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
+
+#ifdef undef
+ fprintf(stdout,"DONE\n");
+#endif
+err:
+ /* We have to set the BIO's to NULL otherwise they will be
+ * free()ed twice. Once when th s_ssl is SSL_free()ed and
+ * again when c_ssl is SSL_free()ed.
+ * This is a hack required because s_ssl and c_ssl are sharing the same
+ * BIO structure and SSL_set_bio() and SSL_free() automatically
+ * BIO_free non NULL entries.
+ * You should not normally do this or be required to do this */
+
+ if (s_ssl != NULL)
+ {
+ s_ssl->rbio=NULL;
+ s_ssl->wbio=NULL;
+ }
+ if (c_ssl != NULL)
+ {
+ c_ssl->rbio=NULL;
+ c_ssl->wbio=NULL;
+ }
+
+ /* The SSL's are optionally freed in the following calls */
+ if (c_to_s != NULL) BIO_free(c_to_s);
+ if (s_to_c != NULL) BIO_free(s_to_c);
+
+ if (c_bio != NULL) BIO_free(c_bio);
+ if (s_bio != NULL) BIO_free(s_bio);
+ return(0);
+ }
+
+int MS_CALLBACK verify_callback(ok, xs, xi, depth, error, arg)
+int ok;
+X509 *xs;
+X509 *xi;
+int depth;
+int error;
+char *arg;
+ {
+ char buf[256];
+
+ if (verbose)
+ {
+ X509_NAME_oneline(X509_get_subject_name(xs),buf,256);
+ if (ok)
+ fprintf(stderr,"depth=%d %s\n",depth,buf);
+ else
+ fprintf(stderr,"depth=%d error=%d %s\n",depth,error,buf);
+ }
+ return(ok);
+ }
+
+#define THREAD_STACK_SIZE (16*1024)
+
+#ifdef WIN32
+
+static HANDLE lock_cs[CRYPTO_NUM_LOCKS];
+
+void thread_setup()
+ {
+ int i;
+
+ for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+ {
+ lock_cs[i]=CreateMutex(NULL,FALSE,NULL);
+ }
+
+ CRYPTO_set_locking_callback((void (*)(int,int,char *,int))win32_locking_callback);
+ /* id callback defined */
+ }
+
+void thread_cleanup()
+ {
+ int i;
+
+ CRYPTO_set_locking_callback(NULL);
+ for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+ CloseHandle(lock_cs[i]);
+ }
+
+void win32_locking_callback(mode,type,file,line)
+int mode;
+int type;
+char *file;
+int line;
+ {
+ if (mode & CRYPTO_LOCK)
+ {
+ WaitForSingleObject(lock_cs[type],INFINITE);
+ }
+ else
+ {
+ ReleaseMutex(lock_cs[type]);
+ }
+ }
+
+void do_threads(s_ctx,c_ctx)
+SSL_CTX *s_ctx,*c_ctx;
+ {
+ double ret;
+ SSL_CTX *ssl_ctx[2];
+ DWORD thread_id[MAX_THREAD_NUMBER];
+ HANDLE thread_handle[MAX_THREAD_NUMBER];
+ int i;
+ SYSTEMTIME start,end;
+
+ ssl_ctx[0]=s_ctx;
+ ssl_ctx[1]=c_ctx;
+
+ GetSystemTime(&start);
+ for (i=0; i<thread_number; i++)
+ {
+ thread_handle[i]=CreateThread(NULL,
+ THREAD_STACK_SIZE,
+ (LPTHREAD_START_ROUTINE)ndoit,
+ (void *)ssl_ctx,
+ 0L,
+ &(thread_id[i]));
+ }
+
+ printf("reaping\n");
+ for (i=0; i<thread_number; i+=50)
+ {
+ int j;
+
+ j=(thread_number < (i+50))?(thread_number-i):50;
+
+ if (WaitForMultipleObjects(j,
+ (CONST HANDLE *)&(thread_handle[i]),TRUE,INFINITE)
+ == WAIT_FAILED)
+ {
+ fprintf(stderr,"WaitForMultipleObjects failed:%d\n",GetLastError());
+ exit(1);
+ }
+ }
+ GetSystemTime(&end);
+
+ if (start.wDayOfWeek > end.wDayOfWeek) end.wDayOfWeek+=7;
+ ret=(end.wDayOfWeek-start.wDayOfWeek)*24;
+
+ ret=(ret+end.wHour-start.wHour)*60;
+ ret=(ret+end.wMinute-start.wMinute)*60;
+ ret=(ret+end.wSecond-start.wSecond);
+ ret+=(end.wMilliseconds-start.wMilliseconds)/1000.0;
+
+ printf("win32 threads done - %.3f seconds\n",ret);
+ }
+
+#endif /* WIN32 */
+
+#ifdef SOLARIS
+
+static mutex_t lock_cs[CRYPTO_NUM_LOCKS];
+/*static rwlock_t lock_cs[CRYPTO_NUM_LOCKS]; */
+static long lock_count[CRYPTO_NUM_LOCKS];
+
+void thread_setup()
+ {
+ int i;
+
+ for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+ {
+ lock_count[i]=0;
+ /* rwlock_init(&(lock_cs[i]),USYNC_THREAD,NULL); */
+ mutex_init(&(lock_cs[i]),USYNC_THREAD,NULL);
+ }
+
+ CRYPTO_set_id_callback((unsigned long (*)())solaris_thread_id);
+ CRYPTO_set_locking_callback((void (*)())solaris_locking_callback);
+ }
+
+void thread_cleanup()
+ {
+ int i;
+
+ CRYPTO_set_locking_callback(NULL);
+fprintf(stderr,"cleanup\n");
+ for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+ {
+ /* rwlock_destroy(&(lock_cs[i])); */
+ mutex_destroy(&(lock_cs[i]));
+ fprintf(stderr,"%8ld:%s\n",lock_count[i],CRYPTO_get_lock_name(i));
+ }
+fprintf(stderr,"done cleanup\n");
+ }
+
+void solaris_locking_callback(mode,type,file,line)
+int mode;
+int type;
+char *file;
+int line;
+ {
+#ifdef undef
+fprintf(stderr,"thread=%4d mode=%s lock=%s %s:%d\n",
+ CRYPTO_thread_id(),
+ (mode&CRYPTO_LOCK)?"l":"u",
+ (type&CRYPTO_READ)?"r":"w",file,line);
+#endif
+
+/*
+if (CRYPTO_LOCK_SSL_CERT == type)
+ fprintf(stderr,"(t,m,f,l) %ld %d %s %d\n",
+ CRYPTO_thread_id(),
+ mode,file,line);
+*/
+ if (mode & CRYPTO_LOCK)
+ {
+ /* if (mode & CRYPTO_READ)
+ rw_rdlock(&(lock_cs[type]));
+ else
+ rw_wrlock(&(lock_cs[type])); */
+
+ mutex_lock(&(lock_cs[type]));
+ lock_count[type]++;
+ }
+ else
+ {
+/* rw_unlock(&(lock_cs[type])); */
+ mutex_unlock(&(lock_cs[type]));
+ }
+ }
+
+void do_threads(s_ctx,c_ctx)
+SSL_CTX *s_ctx,*c_ctx;
+ {
+ SSL_CTX *ssl_ctx[2];
+ thread_t thread_ctx[MAX_THREAD_NUMBER];
+ int i;
+
+ ssl_ctx[0]=s_ctx;
+ ssl_ctx[1]=c_ctx;
+
+ thr_setconcurrency(thread_number);
+ for (i=0; i<thread_number; i++)
+ {
+ thr_create(NULL, THREAD_STACK_SIZE,
+ (void *(*)())ndoit,
+ (void *)ssl_ctx,
+ 0L,
+ &(thread_ctx[i]));
+ }
+
+ printf("reaping\n");
+ for (i=0; i<thread_number; i++)
+ {
+ thr_join(thread_ctx[i],NULL,NULL);
+ }
+
+ printf("solaris threads done (%d,%d)\n",
+ s_ctx->references,c_ctx->references);
+ }
+
+unsigned long solaris_thread_id()
+ {
+ unsigned long ret;
+
+ ret=(unsigned long)thr_self();
+ return(ret);
+ }
+#endif /* SOLARIS */
+
+#ifdef IRIX
+
+
+static usptr_t *arena;
+static usema_t *lock_cs[CRYPTO_NUM_LOCKS];
+
+void thread_setup()
+ {
+ int i;
+ char filename[20];
+
+ strcpy(filename,"/tmp/mttest.XXXXXX");
+ mktemp(filename);
+
+ usconfig(CONF_STHREADIOOFF);
+ usconfig(CONF_STHREADMALLOCOFF);
+ usconfig(CONF_INITUSERS,100);
+ usconfig(CONF_LOCKTYPE,US_DEBUGPLUS);
+ arena=usinit(filename);
+ unlink(filename);
+
+ for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+ {
+ lock_cs[i]=usnewsema(arena,1);
+ }
+
+ CRYPTO_set_id_callback((unsigned long (*)())irix_thread_id);
+ CRYPTO_set_locking_callback((void (*)())irix_locking_callback);
+ }
+
+void thread_cleanup()
+ {
+ int i;
+
+ CRYPTO_set_locking_callback(NULL);
+ for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+ {
+ char buf[10];
+
+ sprintf(buf,"%2d:",i);
+ usdumpsema(lock_cs[i],stdout,buf);
+ usfreesema(lock_cs[i],arena);
+ }
+ }
+
+void irix_locking_callback(mode,type,file,line)
+int mode;
+int type;
+char *file;
+int line;
+ {
+ if (mode & CRYPTO_LOCK)
+ {
+ printf("lock %d\n",type);
+ uspsema(lock_cs[type]);
+ }
+ else
+ {
+ printf("unlock %d\n",type);
+ usvsema(lock_cs[type]);
+ }
+ }
+
+void do_threads(s_ctx,c_ctx)
+SSL_CTX *s_ctx,*c_ctx;
+ {
+ SSL_CTX *ssl_ctx[2];
+ int thread_ctx[MAX_THREAD_NUMBER];
+ int i;
+
+ ssl_ctx[0]=s_ctx;
+ ssl_ctx[1]=c_ctx;
+
+ for (i=0; i<thread_number; i++)
+ {
+ thread_ctx[i]=sproc((void (*)())ndoit,
+ PR_SADDR|PR_SFDS,(void *)ssl_ctx);
+ }
+
+ printf("reaping\n");
+ for (i=0; i<thread_number; i++)
+ {
+ wait(NULL);
+ }
+
+ printf("irix threads done (%d,%d)\n",
+ s_ctx->references,c_ctx->references);
+ }
+
+unsigned long irix_thread_id()
+ {
+ unsigned long ret;
+
+ ret=(unsigned long)getpid();
+ return(ret);
+ }
+#endif /* IRIX */
+
+#ifdef PTHREADS
+
+static pthread_mutex_t lock_cs[CRYPTO_NUM_LOCKS];
+static long lock_count[CRYPTO_NUM_LOCKS];
+
+void thread_setup()
+ {
+ int i;
+
+ for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+ {
+ lock_count[i]=0;
+ pthread_mutex_init(&(lock_cs[i]),NULL);
+ }
+
+ CRYPTO_set_id_callback((unsigned long (*)())pthreads_thread_id);
+ CRYPTO_set_locking_callback((void (*)())pthreads_locking_callback);
+ }
+
+void thread_cleanup()
+ {
+ int i;
+
+ CRYPTO_set_locking_callback(NULL);
+ fprintf(stderr,"cleanup\n");
+ for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+ {
+ pthread_mutex_destroy(&(lock_cs[i]));
+ fprintf(stderr,"%8ld:%s\n",lock_count[i],
+ CRYPTO_get_lock_name(i));
+ }
+ fprintf(stderr,"done cleanup\n");
+ }
+
+void pthreads_locking_callback(mode,type,file,line)
+int mode;
+int type;
+char *file;
+int line;
+ {
+#ifdef undef
+ fprintf(stderr,"thread=%4d mode=%s lock=%s %s:%d\n",
+ CRYPTO_thread_id(),
+ (mode&CRYPTO_LOCK)?"l":"u",
+ (type&CRYPTO_READ)?"r":"w",file,line);
+#endif
+/*
+ if (CRYPTO_LOCK_SSL_CERT == type)
+ fprintf(stderr,"(t,m,f,l) %ld %d %s %d\n",
+ CRYPTO_thread_id(),
+ mode,file,line);
+*/
+ if (mode & CRYPTO_LOCK)
+ {
+ pthread_mutex_lock(&(lock_cs[type]));
+ lock_count[type]++;
+ }
+ else
+ {
+ pthread_mutex_unlock(&(lock_cs[type]));
+ }
+ }
+
+void do_threads(s_ctx,c_ctx)
+SSL_CTX *s_ctx,*c_ctx;
+ {
+ SSL_CTX *ssl_ctx[2];
+ pthread_t thread_ctx[MAX_THREAD_NUMBER];
+ int i;
+
+ ssl_ctx[0]=s_ctx;
+ ssl_ctx[1]=c_ctx;
+
+ /*
+ thr_setconcurrency(thread_number);
+ */
+ for (i=0; i<thread_number; i++)
+ {
+ pthread_create(&(thread_ctx[i]), NULL,
+ (void *(*)())ndoit, (void *)ssl_ctx);
+ }
+
+ printf("reaping\n");
+ for (i=0; i<thread_number; i++)
+ {
+ pthread_join(thread_ctx[i],NULL);
+ }
+
+ printf("pthreads threads done (%d,%d)\n",
+ s_ctx->references,c_ctx->references);
+ }
+
+unsigned long pthreads_thread_id()
+ {
+ unsigned long ret;
+
+ ret=(unsigned long)pthread_self();
+ return(ret);
+ }
+
+#endif /* PTHREADS */
+
+
+
diff --git a/src/lib/libssl/src/crypto/threads/th-lock.c b/src/lib/libssl/src/crypto/threads/th-lock.c
new file mode 100644
index 0000000000..039022446d
--- /dev/null
+++ b/src/lib/libssl/src/crypto/threads/th-lock.c
@@ -0,0 +1,399 @@
+/* crypto/threads/th-lock.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#ifdef LINUX
+#include <typedefs.h>
+#endif
+#ifdef WIN32
+#include <windows.h>
+#endif
+#ifdef SOLARIS
+#include <synch.h>
+#include <thread.h>
+#endif
+#ifdef IRIX
+#include <ulocks.h>
+#include <sys/prctl.h>
+#endif
+#include "lhash.h"
+#include "crypto.h"
+#include "buffer.h"
+#include "e_os.h"
+#include "x509.h"
+#include "ssl.h"
+#include "err.h"
+
+#ifndef NOPROTO
+int CRYPTO_thread_setup(void);
+void CRYPTO_thread_cleanup(void);
+
+static void irix_locking_callback(int mode,int type,char *file,int line);
+static void solaris_locking_callback(int mode,int type,char *file,int line);
+static void win32_locking_callback(int mode,int type,char *file,int line);
+static void pthreads_locking_callback(int mode,int type,char *file,int line);
+
+static unsigned long irix_thread_id(void );
+static unsigned long solaris_thread_id(void );
+static unsigned long pthreads_thread_id(void );
+
+#else
+int CRYPOTO_thread_setup();
+void CRYPTO_cleanup();
+
+static void irix_locking_callback();
+static void solaris_locking_callback();
+static void win32_locking_callback();
+static void pthreads_locking_callback();
+
+static unsigned long irix_thread_id();
+static unsigned long solaris_thread_id();
+static unsigned long pthreads_thread_id();
+
+#endif
+
+/* usage:
+ * CRYPTO_thread_setup();
+ * applicaion code
+ * CRYPTO_thread_cleanup();
+ */
+
+#define THREAD_STACK_SIZE (16*1024)
+
+#ifdef WIN32
+
+static HANDLE lock_cs[CRYPTO_NUM_LOCKS];
+
+int CRYPTO_thread_setup()
+ {
+ int i;
+
+ for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+ {
+ lock_cs[i]=CreateMutex(NULL,FALSE,NULL);
+ }
+
+ CRYPTO_set_locking_callback((void (*)(int,int,char *,int))win32_locking_callback);
+ /* id callback defined */
+ return(1);
+ }
+
+static void CRYPTO_thread_cleanup()
+ {
+ int i;
+
+ CRYPTO_set_locking_callback(NULL);
+ for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+ CloseHandle(lock_cs[i]);
+ }
+
+void win32_locking_callback(mode,type,file,line)
+int mode;
+int type;
+char *file;
+int line;
+ {
+ if (mode & CRYPTO_LOCK)
+ {
+ WaitForSingleObject(lock_cs[type],INFINITE);
+ }
+ else
+ {
+ ReleaseMutex(lock_cs[type]);
+ }
+ }
+
+#endif /* WIN32 */
+
+#ifdef SOLARIS
+
+#define USE_MUTEX
+
+static mutex_t lock_cs[CRYPTO_NUM_LOCKS];
+#ifdef USE_MUTEX
+static long lock_count[CRYPTO_NUM_LOCKS];
+#else
+static rwlock_t lock_cs[CRYPTO_NUM_LOCKS];
+#endif
+
+void CRYPTO_thread_setup()
+ {
+ int i;
+
+ for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+ {
+ lock_count[i]=0;
+#ifdef USE_MUTEX
+ mutex_init(&(lock_cs[i]),USYNC_THREAD,NULL);
+#else
+ rwlock_init(&(lock_cs[i]),USYNC_THREAD,NULL);
+#endif
+ }
+
+ CRYPTO_set_id_callback((unsigned long (*)())solaris_thread_id);
+ CRYPTO_set_locking_callback((void (*)())solaris_locking_callback);
+ }
+
+void CRYPTO_thread_cleanup()
+ {
+ int i;
+
+ CRYPTO_set_locking_callback(NULL);
+ for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+ {
+#ifdef USE_MUTEX
+ mutex_destroy(&(lock_cs[i]));
+#else
+ rwlock_destroy(&(lock_cs[i]));
+#endif
+ }
+ }
+
+void solaris_locking_callback(mode,type,file,line)
+int mode;
+int type;
+char *file;
+int line;
+ {
+#if 0
+ fprintf(stderr,"thread=%4d mode=%s lock=%s %s:%d\n",
+ CRYPTO_thread_id(),
+ (mode&CRYPTO_LOCK)?"l":"u",
+ (type&CRYPTO_READ)?"r":"w",file,line);
+#endif
+
+#if 0
+ if (CRYPTO_LOCK_SSL_CERT == type)
+ fprintf(stderr,"(t,m,f,l) %ld %d %s %d\n",
+ CRYPTO_thread_id(),
+ mode,file,line);
+#endif
+ if (mode & CRYPTO_LOCK)
+ {
+#ifdef USE_MUTEX
+ mutex_lock(&(lock_cs[type]));
+#else
+ if (mode & CRYPTO_READ)
+ rw_rdlock(&(lock_cs[type]));
+ else
+ rw_wrlock(&(lock_cs[type]));
+#endif
+ lock_count[type]++;
+ }
+ else
+ {
+#ifdef USE_MUTEX
+ mutex_unlock(&(lock_cs[type]));
+#else
+ rw_unlock(&(lock_cs[type]));
+#endif
+ }
+ }
+
+unsigned long solaris_thread_id()
+ {
+ unsigned long ret;
+
+ ret=(unsigned long)thr_self();
+ return(ret);
+ }
+#endif /* SOLARIS */
+
+#ifdef IRIX
+/* I don't think this works..... */
+
+static usptr_t *arena;
+static usema_t *lock_cs[CRYPTO_NUM_LOCKS];
+
+void CRYPTO_thread_setup()
+ {
+ int i;
+ char filename[20];
+
+ strcpy(filename,"/tmp/mttest.XXXXXX");
+ mktemp(filename);
+
+ usconfig(CONF_STHREADIOOFF);
+ usconfig(CONF_STHREADMALLOCOFF);
+ usconfig(CONF_INITUSERS,100);
+ usconfig(CONF_LOCKTYPE,US_DEBUGPLUS);
+ arena=usinit(filename);
+ unlink(filename);
+
+ for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+ {
+ lock_cs[i]=usnewsema(arena,1);
+ }
+
+ CRYPTO_set_id_callback((unsigned long (*)())irix_thread_id);
+ CRYPTO_set_locking_callback((void (*)())irix_locking_callback);
+ }
+
+void CRYPTO_thread_cleanup()
+ {
+ int i;
+
+ CRYPTO_set_locking_callback(NULL);
+ for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+ {
+ char buf[10];
+
+ sprintf(buf,"%2d:",i);
+ usdumpsema(lock_cs[i],stdout,buf);
+ usfreesema(lock_cs[i],arena);
+ }
+ }
+
+void irix_locking_callback(mode,type,file,line)
+int mode;
+int type;
+char *file;
+int line;
+ {
+ if (mode & CRYPTO_LOCK)
+ {
+ uspsema(lock_cs[type]);
+ }
+ else
+ {
+ usvsema(lock_cs[type]);
+ }
+ }
+
+unsigned long irix_thread_id()
+ {
+ unsigned long ret;
+
+ ret=(unsigned long)getpid();
+ return(ret);
+ }
+#endif /* IRIX */
+
+/* Linux and a few others */
+#ifdef PTHREADS
+
+static pthread_mutex_t lock_cs[CRYPTO_NUM_LOCKS];
+static long lock_count[CRYPTO_NUM_LOCKS];
+
+void CRYPTO_thread_setup()
+ {
+ int i;
+
+ for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+ {
+ lock_count[i]=0;
+ pthread_mutex_init(&(lock_cs[i]),NULL);
+ }
+
+ CRYPTO_set_id_callback((unsigned long (*)())pthreads_thread_id);
+ CRYPTO_set_locking_callback((void (*)())pthreads_locking_callback);
+ }
+
+void thread_cleanup()
+ {
+ int i;
+
+ CRYPTO_set_locking_callback(NULL);
+ for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+ {
+ pthread_mutex_destroy(&(lock_cs[i]));
+ }
+ }
+
+void pthreads_locking_callback(mode,type,file,line)
+int mode;
+int type;
+char *file;
+int line;
+ {
+#if 0
+ fprintf(stderr,"thread=%4d mode=%s lock=%s %s:%d\n",
+ CRYPTO_thread_id(),
+ (mode&CRYPTO_LOCK)?"l":"u",
+ (type&CRYPTO_READ)?"r":"w",file,line);
+#endif
+#if 0
+ if (CRYPTO_LOCK_SSL_CERT == type)
+ fprintf(stderr,"(t,m,f,l) %ld %d %s %d\n",
+ CRYPTO_thread_id(),
+ mode,file,line);
+#endif
+ if (mode & CRYPTO_LOCK)
+ {
+ pthread_mutex_lock(&(lock_cs[type]));
+ lock_count[type]++;
+ }
+ else
+ {
+ pthread_mutex_unlock(&(lock_cs[type]));
+ }
+ }
+
+unsigned long pthreads_thread_id()
+ {
+ unsigned long ret;
+
+ ret=(unsigned long)pthread_self();
+ return(ret);
+ }
+
+#endif /* PTHREADS */
+
diff --git a/src/lib/libssl/src/crypto/tmdiff.c b/src/lib/libssl/src/crypto/tmdiff.c
new file mode 100644
index 0000000000..b93799fc03
--- /dev/null
+++ b/src/lib/libssl/src/crypto/tmdiff.c
@@ -0,0 +1,217 @@
+/* crypto/tmdiff.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include <stdlib.h>
+
+#ifndef MSDOS
+# ifndef WIN32
+# define TIMES
+# endif
+#endif
+
+#ifndef VMS
+# ifndef _IRIX
+# include <time.h>
+# endif
+# ifdef TIMES
+# include <sys/types.h>
+# include <sys/times.h>
+# endif
+#else /* VMS */
+# include <types.h>
+ struct tms {
+ time_t tms_utime;
+ time_t tms_stime;
+ time_t tms_uchild; /* I dunno... */
+ time_t tms_uchildsys; /* so these names are a guess :-) */
+ }
+#endif /* VMS */
+
+#ifdef sun
+#include <limits.h>
+#include <sys/param.h>
+#endif
+
+#ifndef TIMES
+#include <sys/timeb.h>
+#endif
+
+#ifdef WIN32
+#include <windows.h>
+#endif
+
+/* The following if from times(3) man page. It may need to be changed */
+#ifndef HZ
+# ifndef CLK_TCK
+# ifndef _BSD_CLK_TCK_ /* FreeBSD hack */
+# ifndef VMS
+# define HZ 100.0
+# else /* VMS */
+# define HZ 100.0
+# endif
+# else /* _BSD_CLK_TCK_ */
+# define HZ ((double)_BSD_CLK_TCK_)
+# endif
+# else /* CLK_TCK */
+# define HZ ((double)CLK_TCK)
+# endif
+#endif
+
+typedef struct ms_tm
+ {
+#ifdef TIMES
+ struct tms ms_tms;
+#else
+# ifdef WIN32
+ HANDLE thread_id;
+ FILETIME ms_win32;
+# else
+ struct timeb ms_timeb;
+# endif
+#endif
+ } MS_TM;
+
+char *ms_time_init()
+ {
+ MS_TM *ret;
+
+ ret=malloc(sizeof(MS_TM));
+ if (ret == NULL)
+ return(NULL);
+ memset(ret,0,sizeof(MS_TM));
+#ifdef WIN32
+ ret->thread_id=GetCurrentThread();
+#endif
+ return((char *)ret);
+ }
+
+void ms_time_final(a)
+char *a;
+ {
+ if (a != NULL)
+ free(a);
+ }
+
+void ms_time_get(a)
+char *a;
+ {
+ MS_TM *tm=(MS_TM *)a;
+ FILETIME tmpa,tmpb,tmpc;
+
+#ifdef TIMES
+ printf("AAA\n");
+ times(&tm->ms_tms);
+#else
+# ifdef WIN32
+ GetThreadTimes(tm->thread_id,&tmpa,&tmpb,&tmpc,&(tm->ms_win32));
+# else
+ printf("CCC\n");
+ ftime(tm->ms_timeb);
+# endif
+#endif
+ }
+
+double ms_time_diff(ap,bp)
+char *ap,*bp;
+ {
+ MS_TM *a=(MS_TM *)ap;
+ MS_TM *b=(MS_TM *)bp;
+ double ret;
+
+#ifdef TIMES
+ ret=(b->ms_tms.tms_utime-a->ms_tms.tms_utime)/HZ;
+#else
+# ifdef WIN32
+ ret =(double)(b->ms_win32.dwHighDateTime&0x000fffff)*10+
+ b->ms_win32.dwLowDateTime/1e7;
+ ret-=(double)(a->ms_win32.dwHighDateTime&0x000fffff)*10+a->ms_win32.dwLowDateTime/1e7;
+# else
+ ret= (double)(b->time-a->time)+
+ ((double)((unsigned long)b->mullitm-(unsigned long)))/1000.0;
+# endif
+#endif
+ return((ret < 0.0000001)?0.0000001:ret);
+ }
+
+int ms_time_cmp(ap,bp)
+char *ap,*bp;
+ {
+ MS_TM *a=(MS_TM *)ap,*b=(MS_TM *)bp;
+ double d;
+ int ret;
+
+#ifdef TIMES
+ d=(b->ms_tms.tms_utime-a->ms_tms.tms_utime)/HZ;
+#else
+# ifdef WIN32
+ d =(b->ms_win32.dwHighDateTime&0x000fffff)*10+b->ms_win32.dwLowDateTime/1e7;
+ d-=(a->ms_win32.dwHighDateTime&0x000fffff)*10+a->ms_win32.dwLowDateTime/1e7;
+# else
+ d= (double)(b->time-a->time)+
+ ((double)((unsigned long)b->mullitm-(unsigned long)))/1000.0;
+# endif
+#endif
+ if (d == 0.0)
+ ret=0;
+ else if (d < 0)
+ ret= -1;
+ else
+ ret=1;
+ return(ret);
+ }
+
diff --git a/src/lib/libssl/src/crypto/txt_db/txt_db.c b/src/lib/libssl/src/crypto/txt_db/txt_db.c
new file mode 100644
index 0000000000..e34ce4efa9
--- /dev/null
+++ b/src/lib/libssl/src/crypto/txt_db/txt_db.c
@@ -0,0 +1,394 @@
+/* crypto/txt_db/txt_db.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "cryptlib.h"
+#include "buffer.h"
+#include "txt_db.h"
+
+#undef BUFSIZE
+#define BUFSIZE 512
+
+char *TXT_DB_version="TXT_DB part of SSLeay 0.9.0b 29-Jun-1998";
+
+TXT_DB *TXT_DB_read(in,num)
+BIO *in;
+int num;
+ {
+ TXT_DB *ret=NULL;
+ int er=1;
+ int esc=0;
+ long ln=0;
+ int i,add,n;
+ int size=BUFSIZE;
+ int offset=0;
+ char *p,**pp,*f;
+ BUF_MEM *buf=NULL;
+
+ if ((buf=BUF_MEM_new()) == NULL) goto err;
+ if (!BUF_MEM_grow(buf,size)) goto err;
+
+ if ((ret=(TXT_DB *)Malloc(sizeof(TXT_DB))) == NULL)
+ goto err;
+ ret->num_fields=num;
+ ret->index=NULL;
+ ret->qual=NULL;
+ if ((ret->data=sk_new_null()) == NULL)
+ goto err;
+ if ((ret->index=(LHASH **)Malloc(sizeof(LHASH *)*num)) == NULL)
+ goto err;
+ if ((ret->qual=(int (**)())Malloc(sizeof(int (**)())*num)) == NULL)
+ goto err;
+ for (i=0; i<num; i++)
+ {
+ ret->index[i]=NULL;
+ ret->qual[i]=NULL;
+ }
+
+ add=(num+1)*sizeof(char *);
+ buf->data[size-1]='\0';
+ offset=0;
+ for (;;)
+ {
+ if (offset != 0)
+ {
+ size+=BUFSIZE;
+ if (!BUF_MEM_grow(buf,size)) goto err;
+ }
+ buf->data[offset]='\0';
+ BIO_gets(in,&(buf->data[offset]),size-offset);
+ ln++;
+ if (buf->data[offset] == '\0') break;
+ if ((offset == 0) && (buf->data[0] == '#')) continue;
+ i=strlen(&(buf->data[offset]));
+ offset+=i;
+ if (buf->data[offset-1] != '\n')
+ continue;
+ else
+ {
+ buf->data[offset-1]='\0'; /* blat the '\n' */
+ p=(char *)Malloc(add+offset);
+ offset=0;
+ }
+ pp=(char **)p;
+ p+=add;
+ n=0;
+ pp[n++]=p;
+ i=0;
+ f=buf->data;
+
+ esc=0;
+ for (;;)
+ {
+ if (*f == '\0') break;
+ if (*f == '\t')
+ {
+ if (esc)
+ p--;
+ else
+ {
+ *(p++)='\0';
+ f++;
+ if (n >= num) break;
+ pp[n++]=p;
+ continue;
+ }
+ }
+ esc=(*f == '\\');
+ *(p++)= *(f++);
+ }
+ *(p++)='\0';
+ if ((n != num) || (*f != '\0'))
+ {
+#if !defined(NO_STDIO) && !defined(WIN16) /* temporaty fix :-( */
+ fprintf(stderr,"wrong number of fields on line %ld\n",ln);
+#endif
+ er=2;
+ goto err;
+ }
+ pp[n]=p;
+ if (!sk_push(ret->data,(char *)pp))
+ {
+#if !defined(NO_STDIO) && !defined(WIN16) /* temporaty fix :-( */
+ fprintf(stderr,"failure in sk_push\n");
+#endif
+ er=2;
+ goto err;
+ }
+ }
+ er=0;
+err:
+ BUF_MEM_free(buf);
+ if (er)
+ {
+#if !defined(NO_STDIO) && !defined(WIN16)
+ if (er == 1) fprintf(stderr,"Malloc failure\n");
+#endif
+ if (ret->data != NULL) sk_free(ret->data);
+ if (ret->index != NULL) Free(ret->index);
+ if (ret->qual != NULL) Free((char *)ret->qual);
+ if (ret != NULL) Free(ret);
+ return(NULL);
+ }
+ else
+ return(ret);
+ }
+
+char **TXT_DB_get_by_index(db,idx,value)
+TXT_DB *db;
+int idx;
+char **value;
+ {
+ char **ret;
+ LHASH *lh;
+
+ if (idx >= db->num_fields)
+ {
+ db->error=DB_ERROR_INDEX_OUT_OF_RANGE;
+ return(NULL);
+ }
+ lh=db->index[idx];
+ if (lh == NULL)
+ {
+ db->error=DB_ERROR_NO_INDEX;
+ return(NULL);
+ }
+ ret=(char **)lh_retrieve(lh,(char *)value);
+ db->error=DB_ERROR_OK;
+ return(ret);
+ }
+
+int TXT_DB_create_index(db,field,qual,hash,cmp)
+TXT_DB *db;
+int field;
+int (*qual)();
+unsigned long (*hash)();
+int (*cmp)();
+ {
+ LHASH *idx;
+ char *r;
+ int i,n;
+
+ if (field >= db->num_fields)
+ {
+ db->error=DB_ERROR_INDEX_OUT_OF_RANGE;
+ return(0);
+ }
+ if ((idx=lh_new(hash,cmp)) == NULL)
+ {
+ db->error=DB_ERROR_MALLOC;
+ return(0);
+ }
+ n=sk_num(db->data);
+ for (i=0; i<n; i++)
+ {
+ r=(char *)sk_value(db->data,i);
+ if ((qual != NULL) && (qual(r) == 0)) continue;
+ if ((r=lh_insert(idx,r)) != NULL)
+ {
+ db->error=DB_ERROR_INDEX_CLASH;
+ db->arg1=sk_find(db->data,r);
+ db->arg2=i;
+ lh_free(idx);
+ return(0);
+ }
+ }
+ if (db->index[field] != NULL) lh_free(db->index[field]);
+ db->index[field]=idx;
+ db->qual[field]=qual;
+ return(1);
+ }
+
+long TXT_DB_write(out,db)
+BIO *out;
+TXT_DB *db;
+ {
+ long i,j,n,nn,l,tot=0;
+ char *p,**pp,*f;
+ BUF_MEM *buf=NULL;
+ long ret= -1;
+
+ if ((buf=BUF_MEM_new()) == NULL)
+ goto err;
+ n=sk_num(db->data);
+ nn=db->num_fields;
+ for (i=0; i<n; i++)
+ {
+ pp=(char **)sk_value(db->data,i);
+
+ l=0;
+ for (j=0; j<nn; j++)
+ {
+ if (pp[j] != NULL)
+ l+=strlen(pp[j]);
+ }
+ if (!BUF_MEM_grow(buf,(int)(l*2+nn))) goto err;
+
+ p=buf->data;
+ for (j=0; j<nn; j++)
+ {
+ f=pp[j];
+ if (f != NULL)
+ for (;;)
+ {
+ if (*f == '\0') break;
+ if (*f == '\t') *(p++)='\\';
+ *(p++)= *(f++);
+ }
+ *(p++)='\t';
+ }
+ p[-1]='\n';
+ j=p-buf->data;
+ if (BIO_write(out,buf->data,(int)j) != j)
+ goto err;
+ tot+=j;
+ }
+ ret=tot;
+err:
+ if (buf != NULL) BUF_MEM_free(buf);
+ return(ret);
+ }
+
+int TXT_DB_insert(db,row)
+TXT_DB *db;
+char **row;
+ {
+ int i;
+ char **r;
+
+ for (i=0; i<db->num_fields; i++)
+ {
+ if (db->index[i] != NULL)
+ {
+ if ((db->qual[i] != NULL) &&
+ (db->qual[i](row) == 0)) continue;
+ r=(char **)lh_retrieve(db->index[i],(char *)row);
+ if (r != NULL)
+ {
+ db->error=DB_ERROR_INDEX_CLASH;
+ db->arg1=i;
+ db->arg_row=r;
+ goto err;
+ }
+ }
+ }
+ /* We have passed the index checks, now just append and insert */
+ if (!sk_push(db->data,(char *)row))
+ {
+ db->error=DB_ERROR_MALLOC;
+ goto err;
+ }
+
+ for (i=0; i<db->num_fields; i++)
+ {
+ if (db->index[i] != NULL)
+ {
+ if ((db->qual[i] != NULL) &&
+ (db->qual[i](row) == 0)) continue;
+ lh_insert(db->index[i],(char *)row);
+ }
+ }
+ return(1);
+err:
+ return(0);
+ }
+
+void TXT_DB_free(db)
+TXT_DB *db;
+ {
+ int i,n;
+ char **p,*max;
+
+ if (db->index != NULL)
+ {
+ for (i=db->num_fields-1; i>=0; i--)
+ if (db->index[i] != NULL) lh_free(db->index[i]);
+ Free(db->index);
+ }
+ if (db->qual != NULL)
+ Free(db->qual);
+ if (db->data != NULL)
+ {
+ for (i=sk_num(db->data)-1; i>=0; i--)
+ {
+ /* check if any 'fields' have been allocated
+ * from outside of the initial block */
+ p=(char **)sk_value(db->data,i);
+ max=p[db->num_fields]; /* last address */
+ if (max == NULL) /* new row */
+ {
+ for (n=0; n<db->num_fields; n++)
+ if (p[n] != NULL) Free(p[n]);
+ }
+ else
+ {
+ for (n=0; n<db->num_fields; n++)
+ {
+ if (((p[n] < (char *)p) || (p[n] > max))
+ && (p[n] != NULL))
+ Free(p[n]);
+ }
+ }
+ Free(sk_value(db->data,i));
+ }
+ sk_free(db->data);
+ }
+ Free(db);
+ }
diff --git a/src/lib/libssl/src/crypto/txt_db/txt_db.h b/src/lib/libssl/src/crypto/txt_db/txt_db.h
new file mode 100644
index 0000000000..aca6dae393
--- /dev/null
+++ b/src/lib/libssl/src/crypto/txt_db/txt_db.h
@@ -0,0 +1,117 @@
+/* crypto/txt_db/txt_db.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_TXT_DB_H
+#define HEADER_TXT_DB_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include "stack.h"
+#include "lhash.h"
+
+#define DB_ERROR_OK 0
+#define DB_ERROR_MALLOC 1
+#define DB_ERROR_INDEX_CLASH 2
+#define DB_ERROR_INDEX_OUT_OF_RANGE 3
+#define DB_ERROR_NO_INDEX 4
+#define DB_ERROR_INSERT_INDEX_CLASH 5
+
+typedef struct txt_db_st
+ {
+ int num_fields;
+ STACK /* char ** */ *data;
+ LHASH **index;
+ int (**qual)();
+ long error;
+ long arg1;
+ long arg2;
+ char **arg_row;
+ } TXT_DB;
+
+#ifndef NOPROTO
+#ifdef HEADER_BIO_H
+TXT_DB *TXT_DB_read(BIO *in, int num);
+long TXT_DB_write(BIO *out, TXT_DB *db);
+#else
+TXT_DB *TXT_DB_read(char *in, int num);
+long TXT_DB_write(char *out, TXT_DB *db);
+#endif
+int TXT_DB_create_index(TXT_DB *db,int field,int (*qual)(),
+ unsigned long (*hash)(),int (*cmp)());
+void TXT_DB_free(TXT_DB *db);
+char **TXT_DB_get_by_index(TXT_DB *db, int idx, char **value);
+int TXT_DB_insert(TXT_DB *db,char **value);
+
+#else
+
+TXT_DB *TXT_DB_read();
+long TXT_DB_write();
+int TXT_DB_create_index();
+void TXT_DB_free();
+char **TXT_DB_get_by_index();
+int TXT_DB_insert();
+
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/src/lib/libssl/src/crypto/x509/by_dir.c b/src/lib/libssl/src/crypto/x509/by_dir.c
new file mode 100644
index 0000000000..11725ec94c
--- /dev/null
+++ b/src/lib/libssl/src/crypto/x509/by_dir.c
@@ -0,0 +1,359 @@
+/* crypto/x509/by_dir.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include <errno.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+
+#include "cryptlib.h"
+#include "lhash.h"
+#include "x509.h"
+#include "pem.h"
+
+typedef struct lookup_dir_st
+ {
+ BUF_MEM *buffer;
+ int num_dirs;
+ char **dirs;
+ int *dirs_type;
+ int num_dirs_alloced;
+ } BY_DIR;
+
+#ifndef NOPROTO
+static int dir_ctrl(X509_LOOKUP *ctx,int cmd,char *argp,long argl,char **ret);
+static int new_dir(X509_LOOKUP *lu);
+static void free_dir(X509_LOOKUP *lu);
+static int add_cert_dir(BY_DIR *ctx,char *dir,int type);
+static int get_cert_by_subject(X509_LOOKUP *xl,int type,X509_NAME *name,
+ X509_OBJECT *ret);
+#else
+static int dir_ctrl();
+static int new_dir();
+static void free_dir();
+static int add_cert_dir();
+static int get_cert_by_subject();
+#endif
+
+X509_LOOKUP_METHOD x509_dir_lookup=
+ {
+ "Load certs from files in a directory",
+ new_dir, /* new */
+ free_dir, /* free */
+ NULL, /* init */
+ NULL, /* shutdown */
+ dir_ctrl, /* ctrl */
+ get_cert_by_subject, /* get_by_subject */
+ NULL, /* get_by_issuer_serial */
+ NULL, /* get_by_fingerprint */
+ NULL, /* get_by_alias */
+ };
+
+X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir()
+ {
+ return(&x509_dir_lookup);
+ }
+
+static int dir_ctrl(ctx,cmd,argp,argl,retp)
+X509_LOOKUP *ctx;
+int cmd;
+long argl;
+char *argp;
+char **retp;
+ {
+ int ret=0;
+ BY_DIR *ld;
+ char *dir;
+
+ ld=(BY_DIR *)ctx->method_data;
+
+ switch (cmd)
+ {
+ case X509_L_ADD_DIR:
+ if (argl == X509_FILETYPE_DEFAULT)
+ {
+ ret=add_cert_dir(ld,X509_get_default_cert_dir(),
+ X509_FILETYPE_PEM);
+ if (!ret)
+ {
+ X509err(X509_F_DIR_CTRL,X509_R_LOADING_CERT_DIR);
+ }
+ else
+ {
+ dir=(char *)Getenv(X509_get_default_cert_dir_env());
+ ret=add_cert_dir(ld,dir,X509_FILETYPE_PEM);
+ }
+ }
+ else
+ ret=add_cert_dir(ld,argp,(int)argl);
+ break;
+ }
+ return(ret);
+ }
+
+static int new_dir(lu)
+X509_LOOKUP *lu;
+ {
+ BY_DIR *a;
+
+ if ((a=(BY_DIR *)Malloc(sizeof(BY_DIR))) == NULL)
+ return(0);
+ if ((a->buffer=BUF_MEM_new()) == NULL)
+ {
+ Free(a);
+ return(0);
+ }
+ a->num_dirs=0;
+ a->dirs=NULL;
+ a->dirs_type=NULL;
+ a->num_dirs_alloced=0;
+ lu->method_data=(char *)a;
+ return(1);
+ }
+
+static void free_dir(lu)
+X509_LOOKUP *lu;
+ {
+ BY_DIR *a;
+ int i;
+
+ a=(BY_DIR *)lu->method_data;
+ for (i=0; i<a->num_dirs; i++)
+ if (a->dirs[i] != NULL) Free(a->dirs[i]);
+ if (a->dirs != NULL) Free(a->dirs);
+ if (a->dirs_type != NULL) Free(a->dirs_type);
+ if (a->buffer != NULL) BUF_MEM_free(a->buffer);
+ Free(a);
+ }
+
+static int add_cert_dir(ctx,dir, type)
+BY_DIR *ctx;
+char *dir;
+int type;
+ {
+ int j,len;
+ int *ip;
+ char *s,*ss,*p;
+ char **pp;
+
+ if (dir == NULL) return(0);
+
+ s=dir;
+ p=s;
+ for (;;)
+ {
+ if ((*p == LIST_SEPARATOR_CHAR) || (*p == '\0'))
+ {
+ ss=s;
+ s=p+1;
+ len=(int)(p-ss);
+ if (len == 0) continue;
+ for (j=0; j<ctx->num_dirs; j++)
+ if (strncmp(ctx->dirs[j],ss,(unsigned int)len) == 0)
+ continue;
+ if (ctx->num_dirs_alloced < (ctx->num_dirs+1))
+ {
+ ctx->num_dirs_alloced+=10;
+ pp=(char **)Malloc(ctx->num_dirs_alloced*
+ sizeof(char *));
+ ip=(int *)Malloc(ctx->num_dirs_alloced*
+ sizeof(int));
+ if ((pp == NULL) || (ip == NULL))
+ {
+ X509err(X509_F_ADD_CERT_DIR,ERR_R_MALLOC_FAILURE);
+ return(0);
+ }
+ memcpy(pp,ctx->dirs,(ctx->num_dirs_alloced-10)*
+ sizeof(char *));
+ memcpy(ip,ctx->dirs_type,(ctx->num_dirs_alloced-10)*
+ sizeof(int));
+ if (ctx->dirs != NULL)
+ Free((char *)ctx->dirs);
+ if (ctx->dirs_type != NULL)
+ Free((char *)ctx->dirs_type);
+ ctx->dirs=pp;
+ ctx->dirs_type=ip;
+ }
+ ctx->dirs_type[ctx->num_dirs]=type;
+ ctx->dirs[ctx->num_dirs]=(char *)Malloc((unsigned int)len+1);
+ if (ctx->dirs[ctx->num_dirs] == NULL) return(0);
+ strncpy(ctx->dirs[ctx->num_dirs],ss,(unsigned int)len);
+ ctx->dirs[ctx->num_dirs][len]='\0';
+ ctx->num_dirs++;
+ }
+ if (*p == '\0') break;
+ p++;
+ }
+ return(1);
+ }
+
+static int get_cert_by_subject(xl,type,name,ret)
+X509_LOOKUP *xl;
+int type;
+X509_NAME *name;
+X509_OBJECT *ret;
+ {
+ BY_DIR *ctx;
+ union {
+ struct {
+ X509 st_x509;
+ X509_CINF st_x509_cinf;
+ } x509;
+ struct {
+ X509_CRL st_crl;
+ X509_CRL_INFO st_crl_info;
+ } crl;
+ } data;
+ int ok=0;
+ int i,j,k;
+ unsigned long h;
+ BUF_MEM *b=NULL;
+ struct stat st;
+ X509_OBJECT stmp,*tmp;
+ char *postfix="";
+
+ if (name == NULL) return(0);
+
+ stmp.type=type;
+ if (type == X509_LU_X509)
+ {
+ data.x509.st_x509.cert_info= &data.x509.st_x509_cinf;
+ data.x509.st_x509_cinf.subject=name;
+ stmp.data.x509= &data.x509.st_x509;
+ postfix="";
+ }
+ else if (type == X509_LU_CRL)
+ {
+ data.crl.st_crl.crl= &data.crl.st_crl_info;
+ data.crl.st_crl_info.issuer=name;
+ stmp.data.crl= &data.crl.st_crl;
+ postfix="r";
+ }
+ else
+ {
+ X509err(X509_F_GET_CERT_BY_SUBJECT,X509_R_WRONG_LOOKUP_TYPE);
+ goto finish;
+ }
+
+ if ((b=BUF_MEM_new()) == NULL)
+ {
+ X509err(X509_F_GET_CERT_BY_SUBJECT,ERR_R_BUF_LIB);
+ goto finish;
+ }
+
+ ctx=(BY_DIR *)xl->method_data;
+
+ h=X509_NAME_hash(name);
+ for (i=0; i<ctx->num_dirs; i++)
+ {
+ j=strlen(ctx->dirs[i])+1+8+6+1+1;
+ if (!BUF_MEM_grow(b,j))
+ {
+ X509err(X509_F_GET_CERT_BY_SUBJECT,ERR_R_MALLOC_FAILURE);
+ goto finish;
+ }
+ k=0;
+ for (;;)
+ {
+ sprintf(b->data,"%s/%08lx.%s%d",ctx->dirs[i],h,
+ postfix,k);
+ k++;
+ if (stat(b->data,&st) < 0)
+ break;
+ /* found one. */
+ if (type == X509_LU_X509)
+ {
+ if ((X509_load_cert_file(xl,b->data,
+ ctx->dirs_type[i])) == 0)
+ break;
+ }
+ else if (type == X509_LU_CRL)
+ {
+ if ((X509_load_crl_file(xl,b->data,
+ ctx->dirs_type[i])) == 0)
+ break;
+ }
+ /* else case will caught higher up */
+ }
+
+ /* we have added it to the cache so now pull
+ * it out again */
+ CRYPTO_r_lock(CRYPTO_LOCK_X509_STORE);
+ tmp=(X509_OBJECT *)lh_retrieve(xl->store_ctx->certs,
+ (char *)&stmp);
+ CRYPTO_r_unlock(CRYPTO_LOCK_X509_STORE);
+
+ if (tmp != NULL)
+ {
+ ok=1;
+ ret->type=tmp->type;
+ memcpy(&ret->data,&tmp->data,sizeof(ret->data));
+ /* If we were going to up the reference count,
+ * we would need to do it on a perl 'type'
+ * basis */
+ /* CRYPTO_add(&tmp->data.x509->references,1,
+ CRYPTO_LOCK_X509);*/
+ goto finish;
+ }
+ }
+finish:
+ if (b != NULL) BUF_MEM_free(b);
+ return(ok);
+ }
+
diff --git a/src/lib/libssl/src/crypto/x509/by_file.c b/src/lib/libssl/src/crypto/x509/by_file.c
new file mode 100644
index 0000000000..09ebb9bf08
--- /dev/null
+++ b/src/lib/libssl/src/crypto/x509/by_file.c
@@ -0,0 +1,282 @@
+/* crypto/x509/by_file.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include <errno.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+
+#include "cryptlib.h"
+#include "lhash.h"
+#include "buffer.h"
+#include "x509.h"
+#include "pem.h"
+
+#ifndef NO_STDIO
+
+#ifndef NOPROTO
+static int by_file_ctrl(X509_LOOKUP *ctx,int cmd,char *argc,
+ long argl,char **ret);
+#else
+static int by_file_ctrl();
+#endif
+
+X509_LOOKUP_METHOD x509_file_lookup=
+ {
+ "Load file into cache",
+ NULL, /* new */
+ NULL, /* free */
+ NULL, /* init */
+ NULL, /* shutdown */
+ by_file_ctrl, /* ctrl */
+ NULL, /* get_by_subject */
+ NULL, /* get_by_issuer_serial */
+ NULL, /* get_by_fingerprint */
+ NULL, /* get_by_alias */
+ };
+
+X509_LOOKUP_METHOD *X509_LOOKUP_file()
+ {
+ return(&x509_file_lookup);
+ }
+
+static int by_file_ctrl(ctx,cmd,argp,argl,ret)
+X509_LOOKUP *ctx;
+int cmd;
+char *argp;
+long argl;
+char **ret;
+ {
+ int ok=0,ok2=0;
+ char *file;
+
+ switch (cmd)
+ {
+ case X509_L_FILE_LOAD:
+ if (argl == X509_FILETYPE_DEFAULT)
+ {
+ ok=X509_load_cert_file(ctx,X509_get_default_cert_file(),
+ X509_FILETYPE_PEM);
+ ok2=X509_load_crl_file(ctx,X509_get_default_cert_file(),
+ X509_FILETYPE_PEM);
+ if (!ok || !ok2)
+ {
+ X509err(X509_F_BY_FILE_CTRL,X509_R_LOADING_DEFAULTS);
+ }
+ else
+ {
+ file=(char *)Getenv(X509_get_default_cert_file_env());
+ ok=X509_load_cert_file(ctx,file,
+ X509_FILETYPE_PEM);
+ ok2=X509_load_crl_file(ctx,file,
+ X509_FILETYPE_PEM);
+ }
+ }
+ else
+ {
+ ok=X509_load_cert_file(ctx,argp,(int)argl);
+ ok2=X509_load_crl_file(ctx,argp,(int)argl);
+ }
+ break;
+ }
+ return((ok && ok2)?ok:0);
+ }
+
+int X509_load_cert_file(ctx,file,type)
+X509_LOOKUP *ctx;
+char *file;
+int type;
+ {
+ int ret=0;
+ BIO *in=NULL;
+ int i,count=0;
+ X509 *x=NULL;
+
+ if (file == NULL) return(1);
+ in=BIO_new(BIO_s_file_internal());
+
+ if ((in == NULL) || (BIO_read_filename(in,file) <= 0))
+ {
+ X509err(X509_F_X509_LOAD_CERT_FILE,ERR_R_SYS_LIB);
+ goto err;
+ }
+
+ if (type == X509_FILETYPE_PEM)
+ {
+ for (;;)
+ {
+ x=PEM_read_bio_X509(in,NULL,NULL);
+ if (x == NULL)
+ {
+ if ((ERR_GET_REASON(ERR_peek_error()) ==
+ PEM_R_NO_START_LINE) && (count > 0))
+ {
+ ERR_clear_error();
+ break;
+ }
+ else
+ {
+ X509err(X509_F_X509_LOAD_CERT_FILE,
+ ERR_R_PEM_LIB);
+ goto err;
+ }
+ }
+ i=X509_STORE_add_cert(ctx->store_ctx,x);
+ if (!i) goto err;
+ count++;
+ X509_free(x);
+ x=NULL;
+ }
+ ret=count;
+ }
+ else if (type == X509_FILETYPE_ASN1)
+ {
+ x=d2i_X509_bio(in,NULL);
+ if (x == NULL)
+ {
+ X509err(X509_F_X509_LOAD_CERT_FILE,ERR_R_ASN1_LIB);
+ goto err;
+ }
+ i=X509_STORE_add_cert(ctx->store_ctx,x);
+ if (!i) goto err;
+ ret=i;
+ }
+ else
+ {
+ X509err(X509_F_X509_LOAD_CERT_FILE,X509_R_BAD_X509_FILETYPE);
+ goto err;
+ }
+err:
+ if (x != NULL) X509_free(x);
+ if (in != NULL) BIO_free(in);
+ return(ret);
+ }
+
+int X509_load_crl_file(ctx,file,type)
+X509_LOOKUP *ctx;
+char *file;
+int type;
+ {
+ int ret=0;
+ BIO *in=NULL;
+ int i,count=0;
+ X509_CRL *x=NULL;
+
+ if (file == NULL) return(1);
+ in=BIO_new(BIO_s_file_internal());
+
+ if ((in == NULL) || (BIO_read_filename(in,file) <= 0))
+ {
+ X509err(X509_F_X509_LOAD_CRL_FILE,ERR_R_SYS_LIB);
+ goto err;
+ }
+
+ if (type == X509_FILETYPE_PEM)
+ {
+ for (;;)
+ {
+ x=PEM_read_bio_X509_CRL(in,NULL,NULL);
+ if (x == NULL)
+ {
+ if ((ERR_GET_REASON(ERR_peek_error()) ==
+ PEM_R_NO_START_LINE) && (count > 0))
+ {
+ ERR_clear_error();
+ break;
+ }
+ else
+ {
+ X509err(X509_F_X509_LOAD_CRL_FILE,
+ ERR_R_PEM_LIB);
+ goto err;
+ }
+ }
+ i=X509_STORE_add_crl(ctx->store_ctx,x);
+ if (!i) goto err;
+ count++;
+ X509_CRL_free(x);
+ x=NULL;
+ }
+ ret=count;
+ }
+ else if (type == X509_FILETYPE_ASN1)
+ {
+ x=d2i_X509_CRL_bio(in,NULL);
+ if (x == NULL)
+ {
+ X509err(X509_F_X509_LOAD_CRL_FILE,ERR_R_ASN1_LIB);
+ goto err;
+ }
+ i=X509_STORE_add_crl(ctx->store_ctx,x);
+ if (!i) goto err;
+ ret=i;
+ }
+ else
+ {
+ X509err(X509_F_X509_LOAD_CRL_FILE,X509_R_BAD_X509_FILETYPE);
+ goto err;
+ }
+err:
+ if (x != NULL) X509_CRL_free(x);
+ if (in != NULL) BIO_free(in);
+ return(ret);
+ }
+
+#endif /* NO_STDIO */
+
diff --git a/src/lib/libssl/src/crypto/x509/x509.h b/src/lib/libssl/src/crypto/x509/x509.h
new file mode 100644
index 0000000000..95114f7c43
--- /dev/null
+++ b/src/lib/libssl/src/crypto/x509/x509.h
@@ -0,0 +1,1152 @@
+/* crypto/x509/x509.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_X509_H
+#define HEADER_X509_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include "stack.h"
+#include "asn1.h"
+
+#ifndef NO_RSA
+#include "rsa.h"
+#else
+#define RSA long
+#endif
+
+#ifndef NO_DSA
+#include "dsa.h"
+#else
+#define DSA long
+#endif
+
+#ifndef NO_DH
+#include "dh.h"
+#else
+#define DH long
+#endif
+
+#include "evp.h"
+
+#define X509_FILETYPE_PEM 1
+#define X509_FILETYPE_ASN1 2
+#define X509_FILETYPE_DEFAULT 3
+
+#define X509v3_KU_DIGITAL_SIGNATURE 0x0080
+#define X509v3_KU_NON_REPUDIATION 0x0040
+#define X509v3_KU_KEY_ENCIPHERMENT 0x0020
+#define X509v3_KU_DATA_ENCIPHERMENT 0x0010
+#define X509v3_KU_KEY_AGREEMENT 0x0008
+#define X509v3_KU_KEY_CERT_SIGN 0x0004
+#define X509v3_KU_CRL_SIGN 0x0002
+#define X509v3_KU_ENCIPHER_ONLY 0x0001
+#define X509v3_KU_DECIPHER_ONLY 0x8000
+#define X509v3_KU_UNDEF 0xffff
+
+typedef struct X509_objects_st
+ {
+ int nid;
+ int (*a2i)();
+ int (*i2a)();
+ } X509_OBJECTS;
+
+typedef struct X509_algor_st
+ {
+ ASN1_OBJECT *algorithm;
+ ASN1_TYPE *parameter;
+ } X509_ALGOR;
+
+typedef struct X509_val_st
+ {
+ ASN1_UTCTIME *notBefore;
+ ASN1_UTCTIME *notAfter;
+ } X509_VAL;
+
+typedef struct X509_pubkey_st
+ {
+ X509_ALGOR *algor;
+ ASN1_BIT_STRING *public_key;
+ struct evp_pkey_st /* EVP_PKEY*/ *pkey;
+ } X509_PUBKEY;
+
+typedef struct X509_sig_st
+ {
+ X509_ALGOR *algor;
+ ASN1_OCTET_STRING *digest;
+ } X509_SIG;
+
+typedef struct X509_name_entry_st
+ {
+ ASN1_OBJECT *object;
+ ASN1_STRING *value;
+ int set;
+ int size; /* temp variable */
+ } X509_NAME_ENTRY;
+
+/* we always keep X509_NAMEs in 2 forms. */
+typedef struct X509_name_st
+ {
+ STACK *entries; /* of X509_NAME_ENTRY */
+ int modified; /* true if 'bytes' needs to be built */
+#ifdef HEADER_BUFFER_H
+ BUF_MEM *bytes;
+#else
+ char *bytes;
+#endif
+ unsigned long hash; /* Keep the hash around for lookups */
+ } X509_NAME;
+
+#define X509_EX_V_NETSCAPE_HACK 0x8000
+#define X509_EX_V_INIT 0x0001
+typedef struct X509_extension_st
+ {
+ ASN1_OBJECT *object;
+ short critical;
+ short netscape_hack;
+ ASN1_OCTET_STRING *value;
+ long argl; /* used when decoding */
+ char *argp; /* used when decoding */
+ void (*ex_free)(); /* clear argp stuff */
+ } X509_EXTENSION;
+
+/* #if 1 */
+typedef struct x509_extension_method_st
+ {
+ int nid;
+ int data_type;
+ int pack_type;
+ void (*ex_clear)();
+ int (*ex_get_bool)();
+ int (*ex_set_bool)();
+ int (*ex_get_str)();
+ int (*ex_set_str)();
+ char *(*ex_get_struct)();
+ int (*ex_set_struct)();
+ int (*a2i)();
+ int (*i2a)();
+ } X509_EXTENSION_METHOD;
+/* #endif */
+
+typedef struct X509_req_info_st
+ {
+ ASN1_INTEGER *version;
+ X509_NAME *subject;
+ X509_PUBKEY *pubkey;
+ /* d=2 hl=2 l= 0 cons: cont: 00 */
+ STACK /* X509_ATTRIBUTE */ *attributes; /* [ 0 ] */
+ int req_kludge;
+ } X509_REQ_INFO;
+
+typedef struct X509_req_st
+ {
+ X509_REQ_INFO *req_info;
+ X509_ALGOR *sig_alg;
+ ASN1_BIT_STRING *signature;
+ int references;
+ } X509_REQ;
+
+typedef struct x509_cinf_st
+ {
+ ASN1_INTEGER *version; /* [ 0 ] default of v1 */
+ ASN1_INTEGER *serialNumber;
+ X509_ALGOR *signature;
+ X509_NAME *issuer;
+ X509_VAL *validity;
+ X509_NAME *subject;
+ X509_PUBKEY *key;
+ ASN1_BIT_STRING *issuerUID; /* [ 1 ] optional in v2 */
+ ASN1_BIT_STRING *subjectUID; /* [ 2 ] optional in v2 */
+ STACK /* X509_EXTENSION */ *extensions; /* [ 3 ] optional in v3 */
+ } X509_CINF;
+
+typedef struct x509_st
+ {
+ X509_CINF *cert_info;
+ X509_ALGOR *sig_alg;
+ ASN1_BIT_STRING *signature;
+ int valid;
+ int references;
+ char *name;
+ } X509;
+
+typedef struct X509_revoked_st
+ {
+ ASN1_INTEGER *serialNumber;
+ ASN1_UTCTIME *revocationDate;
+ STACK /* optional X509_EXTENSION */ *extensions;
+ int sequence; /* load sequence */
+ } X509_REVOKED;
+
+typedef struct X509_crl_info_st
+ {
+ ASN1_INTEGER *version;
+ X509_ALGOR *sig_alg;
+ X509_NAME *issuer;
+ ASN1_UTCTIME *lastUpdate;
+ ASN1_UTCTIME *nextUpdate;
+ STACK /* X509_REVOKED */ *revoked;
+ STACK /* [0] X509_EXTENSION */ *extensions;
+ } X509_CRL_INFO;
+
+typedef struct X509_crl_st
+ {
+ /* actual signature */
+ X509_CRL_INFO *crl;
+ X509_ALGOR *sig_alg;
+ ASN1_BIT_STRING *signature;
+ int references;
+ } X509_CRL;
+
+/* a sequence of these are used */
+typedef struct x509_attributes_st
+ {
+ ASN1_OBJECT *object;
+ int set; /* 1 for a set, 0 for a single item (which is wrong) */
+ union {
+ char *ptr;
+/* 1 */ STACK /* ASN1_TYPE */ *set;
+/* 0 */ ASN1_TYPE *single;
+ } value;
+ } X509_ATTRIBUTE;
+
+typedef struct private_key_st
+ {
+ int version;
+ /* The PKCS#8 data types */
+ X509_ALGOR *enc_algor;
+ ASN1_OCTET_STRING *enc_pkey; /* encrypted pub key */
+
+ /* When decrypted, the following will not be NULL */
+ EVP_PKEY *dec_pkey;
+
+ /* used to encrypt and decrypt */
+ int key_length;
+ char *key_data;
+ int key_free; /* true if we should auto free key_data */
+
+ /* expanded version of 'enc_algor' */
+ EVP_CIPHER_INFO cipher;
+
+ int references;
+ } X509_PKEY;
+
+#ifdef HEADER_ENVELOPE_H
+typedef struct X509_info_st
+ {
+ X509 *x509;
+ X509_CRL *crl;
+ X509_PKEY *x_pkey;
+
+ EVP_CIPHER_INFO enc_cipher;
+ int enc_len;
+ char *enc_data;
+
+ int references;
+ } X509_INFO;
+#endif
+
+/* The next 2 structures and their 8 routines were sent to me by
+ * Pat Richard <patr@x509.com> and are used to manipulate
+ * Netscapes spki strucutres - usefull if you are writing a CA web page
+ */
+typedef struct Netscape_spkac_st
+ {
+ X509_PUBKEY *pubkey;
+ ASN1_IA5STRING *challenge; /* challenge sent in atlas >= PR2 */
+ } NETSCAPE_SPKAC;
+
+typedef struct Netscape_spki_st
+ {
+ NETSCAPE_SPKAC *spkac; /* signed public key and challenge */
+ X509_ALGOR *sig_algor;
+ ASN1_BIT_STRING *signature;
+ } NETSCAPE_SPKI;
+
+#ifndef HEADER_BN_H
+#define BIGNUM char
+#endif
+
+typedef struct CBCParameter_st
+ {
+ unsigned char iv[8];
+ } CBC_PARAM;
+
+#include "x509_vfy.h"
+#include "pkcs7.h"
+
+#ifdef SSLEAY_MACROS
+#define X509_verify(a,r) ASN1_verify((int (*)())i2d_X509_CINF,a->sig_alg,\
+ a->signature,(char *)a->cert_info,r)
+#define X509_REQ_verify(a,r) ASN1_verify((int (*)())i2d_X509_REQ_INFO, \
+ a->sig_alg,a->signature,(char *)a->req_info,r)
+#define X509_CRL_verify(a,r) ASN1_verify((int (*)())i2d_X509_CRL_INFO, \
+ a->sig_alg, a->signature,(char *)a->crl,r)
+
+#define X509_sign(x,pkey,md) \
+ ASN1_sign((int (*)())i2d_X509_CINF, x->cert_info->signature, \
+ x->sig_alg, x->signature, (char *)x->cert_info,pkey,md)
+#define X509_REQ_sign(x,pkey,md) \
+ ASN1_sign((int (*)())i2d_X509_REQ_INFO,x->sig_alg, NULL, \
+ x->signature, (char *)x->req_info,pkey,md)
+#define X509_CRL_sign(x,pkey,md) \
+ ASN1_sign((int (*)())i2d_X509_CRL_INFO,x->crl->sig_alg,x->sig_alg, \
+ x->signature, (char *)x->crl,pkey,md)
+#define NETSCAPE_SPKI_sign(x,pkey,md) \
+ ASN1_sign((int (*)())i2d_NETSCAPE_SPKAC, x->sig_algor,NULL, \
+ x->signature, (char *)x->spkac,pkey,md)
+
+#define X509_dup(x509) (X509 *)ASN1_dup((int (*)())i2d_X509, \
+ (char *(*)())d2i_X509,(char *)x509)
+#define X509_EXTENSION_dup(ex) (X509_EXTENSION *)ASN1_dup( \
+ (int (*)())i2d_X509_EXTENSION, \
+ (char *(*)())d2i_X509_EXTENSION,(char *)ex)
+#define d2i_X509_fp(fp,x509) (X509 *)ASN1_d2i_fp((char *(*)())X509_new, \
+ (char *(*)())d2i_X509, (fp),(unsigned char **)(x509))
+#define i2d_X509_fp(fp,x509) ASN1_i2d_fp(i2d_X509,fp,(unsigned char *)x509)
+#define d2i_X509_bio(bp,x509) (X509 *)ASN1_d2i_bio((char *(*)())X509_new, \
+ (char *(*)())d2i_X509, (bp),(unsigned char **)(x509))
+#define i2d_X509_bio(bp,x509) ASN1_i2d_bio(i2d_X509,bp,(unsigned char *)x509)
+
+#define X509_CRL_dup(crl) (X509_CRL *)ASN1_dup((int (*)())i2d_X509_CRL, \
+ (char *(*)())d2i_X509_CRL,(char *)crl)
+#define d2i_X509_CRL_fp(fp,crl) (X509_CRL *)ASN1_d2i_fp((char *(*)()) \
+ X509_CRL_new,(char *(*)())d2i_X509_CRL, (fp),\
+ (unsigned char **)(crl))
+#define i2d_X509_CRL_fp(fp,crl) ASN1_i2d_fp(i2d_X509_CRL,fp,\
+ (unsigned char *)crl)
+#define d2i_X509_CRL_bio(bp,crl) (X509_CRL *)ASN1_d2i_bio((char *(*)()) \
+ X509_CRL_new,(char *(*)())d2i_X509_CRL, (bp),\
+ (unsigned char **)(crl))
+#define i2d_X509_CRL_bio(bp,crl) ASN1_i2d_bio(i2d_X509_CRL,bp,\
+ (unsigned char *)crl)
+
+#define PKCS7_dup(p7) (PKCS7 *)ASN1_dup((int (*)())i2d_PKCS7, \
+ (char *(*)())d2i_PKCS7,(char *)p7)
+#define d2i_PKCS7_fp(fp,p7) (PKCS7 *)ASN1_d2i_fp((char *(*)()) \
+ PKCS7_new,(char *(*)())d2i_PKCS7, (fp),\
+ (unsigned char **)(p7))
+#define i2d_PKCS7_fp(fp,p7) ASN1_i2d_fp(i2d_PKCS7,fp,\
+ (unsigned char *)p7)
+#define d2i_PKCS7_bio(bp,p7) (PKCS7 *)ASN1_d2i_bio((char *(*)()) \
+ PKCS7_new,(char *(*)())d2i_PKCS7, (bp),\
+ (unsigned char **)(p7))
+#define i2d_PKCS7_bio(bp,p7) ASN1_i2d_bio(i2d_PKCS7,bp,\
+ (unsigned char *)p7)
+
+#define X509_REQ_dup(req) (X509_REQ *)ASN1_dup((int (*)())i2d_X509_REQ, \
+ (char *(*)())d2i_X509_REQ,(char *)req)
+#define d2i_X509_REQ_fp(fp,req) (X509_REQ *)ASN1_d2i_fp((char *(*)())\
+ X509_REQ_new, (char *(*)())d2i_X509_REQ, (fp),\
+ (unsigned char **)(req))
+#define i2d_X509_REQ_fp(fp,req) ASN1_i2d_fp(i2d_X509_REQ,fp,\
+ (unsigned char *)req)
+#define d2i_X509_REQ_bio(bp,req) (X509_REQ *)ASN1_d2i_bio((char *(*)())\
+ X509_REQ_new, (char *(*)())d2i_X509_REQ, (bp),\
+ (unsigned char **)(req))
+#define i2d_X509_REQ_bio(bp,req) ASN1_i2d_bio(i2d_X509_REQ,bp,\
+ (unsigned char *)req)
+
+#define RSAPublicKey_dup(rsa) (RSA *)ASN1_dup((int (*)())i2d_RSAPublicKey, \
+ (char *(*)())d2i_RSAPublicKey,(char *)rsa)
+#define RSAPrivateKey_dup(rsa) (RSA *)ASN1_dup((int (*)())i2d_RSAPrivateKey, \
+ (char *(*)())d2i_RSAPrivateKey,(char *)rsa)
+
+#define d2i_RSAPrivateKey_fp(fp,rsa) (RSA *)ASN1_d2i_fp((char *(*)())\
+ RSA_new,(char *(*)())d2i_RSAPrivateKey, (fp), \
+ (unsigned char **)(rsa))
+#define i2d_RSAPrivateKey_fp(fp,rsa) ASN1_i2d_fp(i2d_RSAPrivateKey,fp, \
+ (unsigned char *)rsa)
+#define d2i_RSAPrivateKey_bio(bp,rsa) (RSA *)ASN1_d2i_bio((char *(*)())\
+ RSA_new,(char *(*)())d2i_RSAPrivateKey, (bp), \
+ (unsigned char **)(rsa))
+#define i2d_RSAPrivateKey_bio(bp,rsa) ASN1_i2d_bio(i2d_RSAPrivateKey,bp, \
+ (unsigned char *)rsa)
+
+#define d2i_RSAPublicKey_fp(fp,rsa) (RSA *)ASN1_d2i_fp((char *(*)())\
+ RSA_new,(char *(*)())d2i_RSAPublicKey, (fp), \
+ (unsigned char **)(rsa))
+#define i2d_RSAPublicKey_fp(fp,rsa) ASN1_i2d_fp(i2d_RSAPublicKey,fp, \
+ (unsigned char *)rsa)
+#define d2i_RSAPublicKey_bio(bp,rsa) (RSA *)ASN1_d2i_bio((char *(*)())\
+ RSA_new,(char *(*)())d2i_RSAPublicKey, (bp), \
+ (unsigned char **)(rsa))
+#define i2d_RSAPublicKey_bio(bp,rsa) ASN1_i2d_bio(i2d_RSAPublicKey,bp, \
+ (unsigned char *)rsa)
+
+#define d2i_DSAPrivateKey_fp(fp,dsa) (DSA *)ASN1_d2i_fp((char *(*)())\
+ DSA_new,(char *(*)())d2i_DSAPrivateKey, (fp), \
+ (unsigned char **)(dsa))
+#define i2d_DSAPrivateKey_fp(fp,dsa) ASN1_i2d_fp(i2d_DSAPrivateKey,fp, \
+ (unsigned char *)dsa)
+#define d2i_DSAPrivateKey_bio(bp,dsa) (DSA *)ASN1_d2i_bio((char *(*)())\
+ DSA_new,(char *(*)())d2i_DSAPrivateKey, (bp), \
+ (unsigned char **)(dsa))
+#define i2d_DSAPrivateKey_bio(bp,dsa) ASN1_i2d_bio(i2d_DSAPrivateKey,bp, \
+ (unsigned char *)dsa)
+
+#define X509_NAME_dup(xn) (X509_NAME *)ASN1_dup((int (*)())i2d_X509_NAME, \
+ (char *(*)())d2i_X509_NAME,(char *)xn)
+#define X509_NAME_ENTRY_dup(ne) (X509_NAME_ENTRY *)ASN1_dup( \
+ (int (*)())i2d_X509_NAME_ENTRY, \
+ (char *(*)())d2i_X509_NAME_ENTRY,\
+ (char *)ne)
+
+#define X509_digest(data,type,md,len) \
+ ASN1_digest((int (*)())i2d_X509,type,(char *)data,md,len)
+#define X509_NAME_digest(data,type,md,len) \
+ ASN1_digest((int (*)())i2d_X509_NAME,type,(char *)data,md,len)
+#define PKCS7_ISSUER_AND_SERIAL_digest(data,type,md,len) \
+ ASN1_digest((int (*)())i2d_PKCS7_ISSUER_AND_SERIAL,type,\
+ (char *)data,md,len)
+#endif
+
+#define X509_EXT_PACK_UNKNOWN 1
+#define X509_EXT_PACK_STRING 2
+
+#define X509_get_version(x) ASN1_INTEGER_get((x)->cert_info->version)
+/* #define X509_get_serialNumber(x) ((x)->cert_info->serialNumber) */
+#define X509_get_notBefore(x) ((x)->cert_info->validity->notBefore)
+#define X509_get_notAfter(x) ((x)->cert_info->validity->notAfter)
+#define X509_extract_key(x) X509_get_pubkey(x) /*****/
+#define X509_REQ_get_version(x) ASN1_INTEGER_get((x)->req_info->version)
+#define X509_REQ_get_subject_name(x) ((x)->req_info->subject)
+#define X509_REQ_extract_key(a) X509_REQ_get_pubkey(a)
+#define X509_name_cmp(a,b) X509_NAME_cmp((a),(b))
+#define X509_get_signature_type(x) EVP_PKEY_type(OBJ_obj2nid((x)->sig_alg->algorithm))
+
+/* This one is only used so that a binary form can output, as in
+ * i2d_X509_NAME(X509_get_X509_PUBKEY(x),&buf) */
+#define X509_get_X509_PUBKEY(x) ((x)->cert_info->key)
+
+#ifndef NOPROTO
+
+#ifndef SSLEAY_MACROS
+#ifdef HEADER_ENVELOPE_H
+int X509_verify(X509 *a, EVP_PKEY *r);
+char *X509_verify_cert_error_string(long n);
+
+int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r);
+int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r);
+int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r);
+
+int X509_sign(X509 *x, EVP_PKEY *pkey, EVP_MD *md);
+int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, EVP_MD *md);
+int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, EVP_MD *md);
+int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, EVP_MD *md);
+
+int X509_digest(X509 *data,EVP_MD *type,unsigned char *md,unsigned int *len);
+int X509_NAME_digest(X509_NAME *data,EVP_MD *type,
+ unsigned char *md,unsigned int *len);
+#endif
+
+#ifndef NO_FP_API
+X509 *d2i_X509_fp(FILE *fp, X509 *x509);
+int i2d_X509_fp(FILE *fp,X509 *x509);
+X509_CRL *d2i_X509_CRL_fp(FILE *fp,X509_CRL *crl);
+int i2d_X509_CRL_fp(FILE *fp,X509_CRL *crl);
+X509_REQ *d2i_X509_REQ_fp(FILE *fp,X509_REQ *req);
+int i2d_X509_REQ_fp(FILE *fp,X509_REQ *req);
+RSA *d2i_RSAPrivateKey_fp(FILE *fp,RSA *rsa);
+int i2d_RSAPrivateKey_fp(FILE *fp,RSA *rsa);
+DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA *dsa);
+int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa);
+RSA *d2i_RSAPublicKey_fp(FILE *fp,RSA *rsa);
+int i2d_RSAPublicKey_fp(FILE *fp,RSA *rsa);
+#endif
+
+#ifdef HEADER_BIO_H
+X509 *d2i_X509_bio(BIO *bp,X509 *x509);
+int i2d_X509_bio(BIO *bp,X509 *x509);
+X509_CRL *d2i_X509_CRL_bio(BIO *bp,X509_CRL *crl);
+int i2d_X509_CRL_bio(BIO *bp,X509_CRL *crl);
+X509_REQ *d2i_X509_REQ_bio(BIO *bp,X509_REQ *req);
+int i2d_X509_REQ_bio(BIO *bp,X509_REQ *req);
+RSA *d2i_RSAPrivateKey_bio(BIO *bp,RSA *rsa);
+int i2d_RSAPrivateKey_bio(BIO *bp,RSA *rsa);
+DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA *dsa);
+int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa);
+RSA *d2i_RSAPublicKey_bio(BIO *bp,RSA *rsa);
+int i2d_RSAPublicKey_bio(BIO *bp,RSA *rsa);
+#endif
+
+X509 *X509_dup(X509 *x509);
+X509_EXTENSION *X509_EXTENSION_dup(X509_EXTENSION *ex);
+X509_CRL *X509_CRL_dup(X509_CRL *crl);
+X509_REQ *X509_REQ_dup(X509_REQ *req);
+X509_NAME *X509_NAME_dup(X509_NAME *xn);
+X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne);
+RSA *RSAPublicKey_dup(RSA *rsa);
+RSA *RSAPrivateKey_dup(RSA *rsa);
+
+#endif /* !SSLEAY_MACROS */
+
+int X509_cmp_current_time(ASN1_UTCTIME *s);
+ASN1_UTCTIME * X509_gmtime_adj(ASN1_UTCTIME *s, long adj);
+
+char * X509_get_default_cert_area(void );
+char * X509_get_default_cert_dir(void );
+char * X509_get_default_cert_file(void );
+char * X509_get_default_cert_dir_env(void );
+char * X509_get_default_cert_file_env(void );
+char * X509_get_default_private_dir(void );
+
+X509_REQ * X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, EVP_MD *md);
+X509 * X509_REQ_to_X509(X509_REQ *r, int days,EVP_PKEY *pkey);
+void ERR_load_X509_strings(void );
+
+X509_ALGOR * X509_ALGOR_new(void );
+void X509_ALGOR_free(X509_ALGOR *a);
+int i2d_X509_ALGOR(X509_ALGOR *a,unsigned char **pp);
+X509_ALGOR * d2i_X509_ALGOR(X509_ALGOR **a,unsigned char **pp,
+ long length);
+
+X509_VAL * X509_VAL_new(void );
+void X509_VAL_free(X509_VAL *a);
+int i2d_X509_VAL(X509_VAL *a,unsigned char **pp);
+X509_VAL * d2i_X509_VAL(X509_VAL **a,unsigned char **pp,
+ long length);
+
+X509_PUBKEY * X509_PUBKEY_new(void );
+void X509_PUBKEY_free(X509_PUBKEY *a);
+int i2d_X509_PUBKEY(X509_PUBKEY *a,unsigned char **pp);
+X509_PUBKEY * d2i_X509_PUBKEY(X509_PUBKEY **a,unsigned char **pp,
+ long length);
+int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey);
+EVP_PKEY * X509_PUBKEY_get(X509_PUBKEY *key);
+int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK *chain);
+
+
+X509_SIG * X509_SIG_new(void );
+void X509_SIG_free(X509_SIG *a);
+int i2d_X509_SIG(X509_SIG *a,unsigned char **pp);
+X509_SIG * d2i_X509_SIG(X509_SIG **a,unsigned char **pp,long length);
+
+X509_REQ_INFO *X509_REQ_INFO_new(void);
+void X509_REQ_INFO_free(X509_REQ_INFO *a);
+int i2d_X509_REQ_INFO(X509_REQ_INFO *a,unsigned char **pp);
+X509_REQ_INFO *d2i_X509_REQ_INFO(X509_REQ_INFO **a,unsigned char **pp,
+ long length);
+
+X509_REQ * X509_REQ_new(void);
+void X509_REQ_free(X509_REQ *a);
+int i2d_X509_REQ(X509_REQ *a,unsigned char **pp);
+X509_REQ * d2i_X509_REQ(X509_REQ **a,unsigned char **pp,long length);
+
+X509_ATTRIBUTE *X509_ATTRIBUTE_new(void );
+void X509_ATTRIBUTE_free(X509_ATTRIBUTE *a);
+int i2d_X509_ATTRIBUTE(X509_ATTRIBUTE *a,unsigned char **pp);
+X509_ATTRIBUTE *d2i_X509_ATTRIBUTE(X509_ATTRIBUTE **a,unsigned char **pp,
+ long length);
+
+X509_EXTENSION *X509_EXTENSION_new(void );
+void X509_EXTENSION_free(X509_EXTENSION *a);
+int i2d_X509_EXTENSION(X509_EXTENSION *a,unsigned char **pp);
+X509_EXTENSION *d2i_X509_EXTENSION(X509_EXTENSION **a,unsigned char **pp,
+ long length);
+
+X509_NAME_ENTRY *X509_NAME_ENTRY_new(void);
+void X509_NAME_ENTRY_free(X509_NAME_ENTRY *a);
+int i2d_X509_NAME_ENTRY(X509_NAME_ENTRY *a,unsigned char **pp);
+X509_NAME_ENTRY *d2i_X509_NAME_ENTRY(X509_NAME_ENTRY **a,unsigned char **pp,
+ long length);
+
+X509_NAME * X509_NAME_new(void);
+void X509_NAME_free(X509_NAME *a);
+int i2d_X509_NAME(X509_NAME *a,unsigned char **pp);
+X509_NAME * d2i_X509_NAME(X509_NAME **a,unsigned char **pp,long length);
+int X509_NAME_set(X509_NAME **xn, X509_NAME *name);
+
+
+X509_CINF * X509_CINF_new(void);
+void X509_CINF_free(X509_CINF *a);
+int i2d_X509_CINF(X509_CINF *a,unsigned char **pp);
+X509_CINF * d2i_X509_CINF(X509_CINF **a,unsigned char **pp,long length);
+
+X509 * X509_new(void);
+void X509_free(X509 *a);
+int i2d_X509(X509 *a,unsigned char **pp);
+X509 * d2i_X509(X509 **a,unsigned char **pp,long length);
+
+X509_REVOKED * X509_REVOKED_new(void);
+void X509_REVOKED_free(X509_REVOKED *a);
+int i2d_X509_REVOKED(X509_REVOKED *a,unsigned char **pp);
+X509_REVOKED * d2i_X509_REVOKED(X509_REVOKED **a,unsigned char **pp,long length);
+
+X509_CRL_INFO *X509_CRL_INFO_new(void);
+void X509_CRL_INFO_free(X509_CRL_INFO *a);
+int i2d_X509_CRL_INFO(X509_CRL_INFO *a,unsigned char **pp);
+X509_CRL_INFO *d2i_X509_CRL_INFO(X509_CRL_INFO **a,unsigned char **pp,
+ long length);
+
+X509_CRL * X509_CRL_new(void);
+void X509_CRL_free(X509_CRL *a);
+int i2d_X509_CRL(X509_CRL *a,unsigned char **pp);
+X509_CRL * d2i_X509_CRL(X509_CRL **a,unsigned char **pp,long length);
+
+X509_PKEY * X509_PKEY_new(void );
+void X509_PKEY_free(X509_PKEY *a);
+int i2d_X509_PKEY(X509_PKEY *a,unsigned char **pp);
+X509_PKEY * d2i_X509_PKEY(X509_PKEY **a,unsigned char **pp,long length);
+
+NETSCAPE_SPKI * NETSCAPE_SPKI_new(void );
+void NETSCAPE_SPKI_free(NETSCAPE_SPKI *a);
+int i2d_NETSCAPE_SPKI(NETSCAPE_SPKI *a,unsigned char **pp);
+NETSCAPE_SPKI * d2i_NETSCAPE_SPKI(NETSCAPE_SPKI **a,unsigned char **pp,
+ long length);
+
+NETSCAPE_SPKAC *NETSCAPE_SPKAC_new(void );
+void NETSCAPE_SPKAC_free(NETSCAPE_SPKAC *a);
+int i2d_NETSCAPE_SPKAC(NETSCAPE_SPKAC *a,unsigned char **pp);
+NETSCAPE_SPKAC *d2i_NETSCAPE_SPKAC(NETSCAPE_SPKAC **a,unsigned char **pp,
+ long length);
+
+#ifdef HEADER_ENVELOPE_H
+X509_INFO * X509_INFO_new(void);
+void X509_INFO_free(X509_INFO *a);
+char * X509_NAME_oneline(X509_NAME *a,char *buf,int size);
+
+int ASN1_verify(int (*i2d)(), X509_ALGOR *algor1,
+ ASN1_BIT_STRING *signature,char *data,EVP_PKEY *pkey);
+
+int ASN1_digest(int (*i2d)(),EVP_MD *type,char *data,
+ unsigned char *md,unsigned int *len);
+
+int ASN1_sign(int (*i2d)(), X509_ALGOR *algor1, X509_ALGOR *algor2,
+ ASN1_BIT_STRING *signature,
+ char *data,EVP_PKEY *pkey, EVP_MD *type);
+#endif
+
+int X509_set_version(X509 *x,long version);
+int X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial);
+ASN1_INTEGER * X509_get_serialNumber(X509 *x);
+int X509_set_issuer_name(X509 *x, X509_NAME *name);
+X509_NAME * X509_get_issuer_name(X509 *a);
+int X509_set_subject_name(X509 *x, X509_NAME *name);
+X509_NAME * X509_get_subject_name(X509 *a);
+int X509_set_notBefore(X509 *x, ASN1_UTCTIME *tm);
+int X509_set_notAfter(X509 *x, ASN1_UTCTIME *tm);
+int X509_set_pubkey(X509 *x, EVP_PKEY *pkey);
+EVP_PKEY * X509_get_pubkey(X509 *x);
+int X509_certificate_type(X509 *x,EVP_PKEY *pubkey /* optional */);
+
+int X509_REQ_set_version(X509_REQ *x,long version);
+int X509_REQ_set_subject_name(X509_REQ *req,X509_NAME *name);
+int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey);
+EVP_PKEY * X509_REQ_get_pubkey(X509_REQ *req);
+
+int X509_check_private_key(X509 *x509,EVP_PKEY *pkey);
+
+int X509_issuer_and_serial_cmp(X509 *a, X509 *b);
+unsigned long X509_issuer_and_serial_hash(X509 *a);
+
+int X509_issuer_name_cmp(X509 *a, X509 *b);
+unsigned long X509_issuer_name_hash(X509 *a);
+
+int X509_subject_name_cmp(X509 *a,X509 *b);
+unsigned long X509_subject_name_hash(X509 *x);
+
+int X509_NAME_cmp (X509_NAME *a, X509_NAME *b);
+unsigned long X509_NAME_hash(X509_NAME *x);
+
+int X509_CRL_cmp(X509_CRL *a,X509_CRL *b);
+#ifndef NO_FP_API
+int X509_print_fp(FILE *bp,X509 *x);
+int X509_REQ_print_fp(FILE *bp,X509_REQ *req);
+#endif
+
+#ifdef HEADER_BIO_H
+int X509_NAME_print(BIO *bp, X509_NAME *name, int obase);
+int X509_print(BIO *bp,X509 *x);
+int X509_REQ_print(BIO *bp,X509_REQ *req);
+#endif
+
+int X509_NAME_entry_count(X509_NAME *name);
+int X509_NAME_get_text_by_NID(X509_NAME *name, int nid,
+ char *buf,int len);
+int X509_NAME_get_text_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj,
+ char *buf,int len);
+
+/* NOTE: you should be passsing -1, not 0 as lastpos. The functions that use
+ * lastpos, seach after that position on. */
+int X509_NAME_get_index_by_NID(X509_NAME *name,int nid,int lastpos);
+int X509_NAME_get_index_by_OBJ(X509_NAME *name,ASN1_OBJECT *obj,
+ int lastpos);
+X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc);
+X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc);
+int X509_NAME_add_entry(X509_NAME *name,X509_NAME_ENTRY *ne,
+ int loc, int set);
+X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid,
+ int type,unsigned char *bytes, int len);
+X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne,
+ ASN1_OBJECT *obj, int type,unsigned char *bytes,
+ int len);
+int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne,
+ ASN1_OBJECT *obj);
+int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type,
+ unsigned char *bytes, int len);
+ASN1_OBJECT * X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne);
+ASN1_STRING * X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne);
+
+int X509v3_get_ext_count(STACK *x);
+int X509v3_get_ext_by_NID(STACK *x, int nid, int lastpos);
+int X509v3_get_ext_by_OBJ(STACK *x,ASN1_OBJECT *obj,int lastpos);
+int X509v3_get_ext_by_critical(STACK *x, int crit, int lastpos);
+X509_EXTENSION *X509v3_get_ext(STACK *x, int loc);
+X509_EXTENSION *X509v3_delete_ext(STACK *x, int loc);
+STACK * X509v3_add_ext(STACK **x, X509_EXTENSION *ex, int loc);
+
+int X509v3_data_type_by_OBJ(ASN1_OBJECT *obj);
+int X509v3_data_type_by_NID(int nid);
+int X509v3_pack_type_by_OBJ(ASN1_OBJECT *obj);
+int X509v3_pack_type_by_NID(int nid);
+
+int X509_get_ext_count(X509 *x);
+int X509_get_ext_by_NID(X509 *x, int nid, int lastpos);
+int X509_get_ext_by_OBJ(X509 *x,ASN1_OBJECT *obj,int lastpos);
+int X509_get_ext_by_critical(X509 *x, int crit, int lastpos);
+X509_EXTENSION *X509_get_ext(X509 *x, int loc);
+X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
+int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
+
+int X509_CRL_get_ext_count(X509_CRL *x);
+int X509_CRL_get_ext_by_NID(X509_CRL *x, int nid, int lastpos);
+int X509_CRL_get_ext_by_OBJ(X509_CRL *x,ASN1_OBJECT *obj,int lastpos);
+int X509_CRL_get_ext_by_critical(X509_CRL *x, int crit, int lastpos);
+X509_EXTENSION *X509_CRL_get_ext(X509_CRL *x, int loc);
+X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
+int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
+
+int X509_REVOKED_get_ext_count(X509_REVOKED *x);
+int X509_REVOKED_get_ext_by_NID(X509_REVOKED *x, int nid, int lastpos);
+int X509_REVOKED_get_ext_by_OBJ(X509_REVOKED *x,ASN1_OBJECT *obj,int lastpos);
+int X509_REVOKED_get_ext_by_critical(X509_REVOKED *x, int crit, int lastpos);
+X509_EXTENSION *X509_REVOKED_get_ext(X509_REVOKED *x, int loc);
+X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc);
+int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc);
+
+X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex,
+ int nid, int crit, ASN1_OCTET_STRING *data);
+X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex,
+ ASN1_OBJECT *obj,int crit,ASN1_OCTET_STRING *data);
+int X509_EXTENSION_set_object(X509_EXTENSION *ex,ASN1_OBJECT *obj);
+int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit);
+int X509_EXTENSION_set_data(X509_EXTENSION *ex,
+ ASN1_OCTET_STRING *data);
+ASN1_OBJECT * X509_EXTENSION_get_object(X509_EXTENSION *ex);
+ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ne);
+int X509_EXTENSION_get_critical(X509_EXTENSION *ex);
+ASN1_OCTET_STRING *X509v3_pack_string(ASN1_OCTET_STRING **ex,int type,
+ unsigned char *bytes, int len);
+ASN1_STRING * X509v3_unpack_string(ASN1_STRING **ex,int type,
+ ASN1_OCTET_STRING *os);
+
+int X509_verify_cert(X509_STORE_CTX *ctx);
+
+/* lookup a cert from a X509 STACK */
+X509 *X509_find_by_issuer_and_serial(STACK *sk,X509_NAME *name,
+ ASN1_INTEGER *serial);
+X509 *X509_find_by_subject(STACK *sk,X509_NAME *name);
+
+#else
+
+#ifndef SSLEAY_MACROS
+#ifdef HEADER_ENVELOPE_H
+int X509_verify();
+int X509_REQ_verify();
+int X509_CRL_verify();
+int NETSCAPE_SPKI_verify();
+
+int X509_sign();
+int X509_REQ_sign();
+int X509_CRL_sign();
+int NETSCAPE_SPKI_sign();
+
+int X509_digest();
+int X509_NAME_digest();
+#endif
+
+#ifndef NO_FP_API
+X509 *d2i_X509_fp();
+int i2d_X509_fp();
+X509_CRL *d2i_X509_CRL_fp();
+int i2d_X509_CRL_fp();
+X509_REQ *d2i_X509_REQ_fp();
+int i2d_X509_REQ_fp();
+RSA *d2i_RSAPrivateKey_fp();
+int i2d_RSAPrivateKey_fp();
+DSA *d2i_DSAPrivateKey_fp();
+int i2d_DSAPrivateKey_fp();
+RSA *d2i_RSAPublicKey_fp();
+int i2d_RSAPublicKey_fp();
+#endif
+
+X509 *d2i_X509_bio();
+int i2d_X509_bio();
+X509_CRL *d2i_X509_CRL_bio();
+int i2d_X509_CRL_bio();
+X509_REQ *d2i_X509_REQ_bio();
+int i2d_X509_REQ_bio();
+RSA *d2i_RSAPrivateKey_bio();
+int i2d_RSAPrivateKey_bio();
+DSA *d2i_DSAPrivateKey_bio();
+int i2d_DSAPrivateKey_bio();
+RSA *d2i_RSAPublicKey_bio();
+int i2d_RSAPublicKey_bio();
+
+X509 *X509_dup();
+X509_EXTENSION *X509_EXTENSION_dup();
+X509_CRL *X509_CRL_dup();
+X509_REQ *X509_REQ_dup();
+X509_NAME *X509_NAME_dup();
+X509_NAME_ENTRY *X509_NAME_ENTRY_dup();
+RSA *RSAPublicKey_dup();
+RSA *RSAPrivateKey_dup();
+
+#endif /* !SSLEAY_MACROS */
+
+int X509_cmp_current_time();
+ASN1_UTCTIME * X509_gmtime_adj();
+
+char * X509_get_default_cert_area();
+char * X509_get_default_cert_dir();
+char * X509_get_default_cert_file();
+char * X509_get_default_cert_dir_env();
+char * X509_get_default_cert_file_env();
+char * X509_get_default_private_dir();
+
+X509_REQ * X509_to_X509_REQ();
+X509 * X509_REQ_to_X509();
+void ERR_load_X509_strings();
+
+X509_ALGOR * X509_ALGOR_new();
+void X509_ALGOR_free();
+int i2d_X509_ALGOR();
+X509_ALGOR * d2i_X509_ALGOR();
+
+X509_VAL * X509_VAL_new();
+void X509_VAL_free();
+int i2d_X509_VAL();
+X509_VAL * d2i_X509_VAL();
+
+X509_PUBKEY * X509_PUBKEY_new();
+void X509_PUBKEY_free();
+int i2d_X509_PUBKEY();
+X509_PUBKEY * d2i_X509_PUBKEY();
+int X509_PUBKEY_set();
+EVP_PKEY * X509_PUBKEY_get();
+int X509_get_pubkey_parameters();
+
+X509_SIG * X509_SIG_new();
+void X509_SIG_free();
+int i2d_X509_SIG();
+X509_SIG * d2i_X509_SIG();
+
+X509_REQ_INFO *X509_REQ_INFO_new();
+void X509_REQ_INFO_free();
+int i2d_X509_REQ_INFO();
+X509_REQ_INFO *d2i_X509_REQ_INFO();
+
+X509_REQ * X509_REQ_new();
+void X509_REQ_free();
+int i2d_X509_REQ();
+X509_REQ * d2i_X509_REQ();
+
+X509_ATTRIBUTE *X509_ATTRIBUTE_new();
+void X509_ATTRIBUTE_free();
+int i2d_X509_ATTRIBUTE();
+X509_ATTRIBUTE *d2i_X509_ATTRIBUTE();
+
+X509_EXTENSION *X509_EXTENSION_new();
+void X509_EXTENSION_free();
+int i2d_X509_EXTENSION();
+X509_EXTENSION *d2i_X509_EXTENSION();
+
+X509_NAME_ENTRY *X509_NAME_ENTRY_new();
+void X509_NAME_ENTRY_free();
+int i2d_X509_NAME_ENTRY();
+X509_NAME_ENTRY *d2i_X509_NAME_ENTRY();
+
+X509_NAME * X509_NAME_new();
+void X509_NAME_free();
+int i2d_X509_NAME();
+X509_NAME * d2i_X509_NAME();
+int X509_NAME_set();
+
+
+X509_CINF * X509_CINF_new();
+void X509_CINF_free();
+int i2d_X509_CINF();
+X509_CINF * d2i_X509_CINF();
+
+X509 * X509_new();
+void X509_free();
+int i2d_X509();
+X509 * d2i_X509();
+
+X509_REVOKED * X509_REVOKED_new();
+void X509_REVOKED_free();
+int i2d_X509_REVOKED();
+X509_REVOKED * d2i_X509_REVOKED();
+
+X509_CRL_INFO *X509_CRL_INFO_new();
+void X509_CRL_INFO_free();
+int i2d_X509_CRL_INFO();
+X509_CRL_INFO *d2i_X509_CRL_INFO();
+
+X509_CRL * X509_CRL_new();
+void X509_CRL_free();
+int i2d_X509_CRL();
+X509_CRL * d2i_X509_CRL();
+
+X509_PKEY * X509_PKEY_new();
+void X509_PKEY_free();
+int i2d_X509_PKEY();
+X509_PKEY * d2i_X509_PKEY();
+
+NETSCAPE_SPKI * NETSCAPE_SPKI_new();
+void NETSCAPE_SPKI_free();
+int i2d_NETSCAPE_SPKI();
+NETSCAPE_SPKI * d2i_NETSCAPE_SPKI();
+
+NETSCAPE_SPKAC *NETSCAPE_SPKAC_new();
+void NETSCAPE_SPKAC_free();
+int i2d_NETSCAPE_SPKAC();
+NETSCAPE_SPKAC *d2i_NETSCAPE_SPKAC();
+
+#ifdef HEADER_ENVELOPE_H
+X509_INFO * X509_INFO_new();
+void X509_INFO_free();
+#endif
+
+char * X509_NAME_oneline();
+
+int ASN1_verify();
+int ASN1_digest();
+int ASN1_sign();
+
+int X509_set_version();
+int X509_set_serialNumber();
+ASN1_INTEGER * X509_get_serialNumber();
+int X509_set_issuer_name();
+X509_NAME * X509_get_issuer_name();
+int X509_set_subject_name();
+X509_NAME * X509_get_subject_name();
+int X509_set_notBefore();
+int X509_set_notAfter();
+int X509_set_pubkey();
+EVP_PKEY * X509_get_pubkey();
+int X509_certificate_type();
+
+int X509_REQ_set_version();
+int X509_REQ_set_subject_name();
+int X509_REQ_set_pubkey();
+EVP_PKEY * X509_REQ_get_pubkey();
+
+int X509_check_private_key();
+
+int X509_issuer_and_serial_cmp();
+unsigned long X509_issuer_and_serial_hash();
+
+int X509_issuer_name_cmp();
+unsigned long X509_issuer_name_hash();
+
+int X509_subject_name_cmp();
+unsigned long X509_subject_name_hash();
+
+int X509_NAME_cmp ();
+unsigned long X509_NAME_hash();
+
+int X509_CRL_cmp();
+#ifndef NO_FP_API
+int X509_print_fp();
+int X509_REQ_print_fp();
+#endif
+
+int X509_NAME_print();
+int X509_print();
+int X509_REQ_print();
+
+int X509_NAME_entry_count();
+int X509_NAME_get_text_by_NID();
+int X509_NAME_get_text_by_OBJ();
+
+int X509_NAME_get_index_by_NID();
+int X509_NAME_get_index_by_OBJ();
+X509_NAME_ENTRY *X509_NAME_get_entry();
+X509_NAME_ENTRY *X509_NAME_delete_entry();
+int X509_NAME_add_entry();
+X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID();
+X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ();
+int X509_NAME_ENTRY_set_object();
+int X509_NAME_ENTRY_set_data();
+ASN1_OBJECT * X509_NAME_ENTRY_get_object();
+ASN1_STRING * X509_NAME_ENTRY_get_data();
+
+int X509v3_get_ext_count();
+int X509v3_get_ext_by_NID();
+int X509v3_get_ext_by_OBJ();
+int X509v3_get_ext_by_critical();
+X509_EXTENSION *X509v3_get_ext();
+X509_EXTENSION *X509v3_delete_ext();
+STACK * X509v3_add_ext();
+
+int X509v3_data_type_by_OBJ();
+int X509v3_data_type_by_NID();
+int X509v3_pack_type_by_OBJ();
+int X509v3_pack_type_by_NID();
+
+int X509_get_ext_count();
+int X509_get_ext_by_NID();
+int X509_get_ext_by_OBJ();
+int X509_get_ext_by_critical();
+X509_EXTENSION *X509_get_ext();
+X509_EXTENSION *X509_delete_ext();
+int X509_add_ext();
+
+int X509_CRL_get_ext_count();
+int X509_CRL_get_ext_by_NID();
+int X509_CRL_get_ext_by_OBJ();
+int X509_CRL_get_ext_by_critical();
+X509_EXTENSION *X509_CRL_get_ext();
+X509_EXTENSION *X509_CRL_delete_ext();
+int X509_CRL_add_ext();
+
+int X509_REVOKED_get_ext_count();
+int X509_REVOKED_get_ext_by_NID();
+int X509_REVOKED_get_ext_by_OBJ();
+int X509_REVOKED_get_ext_by_critical();
+X509_EXTENSION *X509_REVOKED_get_ext();
+X509_EXTENSION *X509_REVOKED_delete_ext();
+int X509_REVOKED_add_ext();
+
+X509_EXTENSION *X509_EXTENSION_create_by_NID();
+X509_EXTENSION *X509_EXTENSION_create_by_OBJ();
+int X509_EXTENSION_set_object();
+int X509_EXTENSION_set_critical();
+int X509_EXTENSION_set_data();
+ASN1_OBJECT * X509_EXTENSION_get_object();
+ASN1_OCTET_STRING *X509_EXTENSION_get_data();
+int X509_EXTENSION_get_critical();
+ASN1_OCTET_STRING *X509v3_pack_string();
+ASN1_STRING * X509v3_unpack_string();
+
+int X509_verify_cert();
+char * X509_verify_cert_error_string();
+
+/* lookup a cert from a X509 STACK */
+X509 *X509_find_by_issuer_and_serial();
+X509 *X509_find_by_subject();
+
+#endif
+
+/* BEGIN ERROR CODES */
+/* Error codes for the X509 functions. */
+
+/* Function codes. */
+#define X509_F_ADD_CERT_DIR 100
+#define X509_F_BY_FILE_CTRL 101
+#define X509_F_DIR_CTRL 102
+#define X509_F_GET_CERT_BY_SUBJECT 103
+#define X509_F_X509V3_ADD_EXT 104
+#define X509_F_X509V3_ADD_EXTENSION 105
+#define X509_F_X509V3_PACK_STRING 106
+#define X509_F_X509V3_UNPACK_STRING 107
+#define X509_F_X509_EXTENSION_CREATE_BY_NID 108
+#define X509_F_X509_EXTENSION_CREATE_BY_OBJ 109
+#define X509_F_X509_GET_PUBKEY_PARAMETERS 110
+#define X509_F_X509_LOAD_CERT_FILE 111
+#define X509_F_X509_LOAD_CRL_FILE 112
+#define X509_F_X509_NAME_ADD_ENTRY 113
+#define X509_F_X509_NAME_ENTRY_CREATE_BY_NID 114
+#define X509_F_X509_NAME_ENTRY_SET_OBJECT 115
+#define X509_F_X509_NAME_ONELINE 116
+#define X509_F_X509_NAME_PRINT 117
+#define X509_F_X509_PRINT_FP 118
+#define X509_F_X509_PUBKEY_GET 119
+#define X509_F_X509_PUBKEY_SET 120
+#define X509_F_X509_REQ_PRINT 121
+#define X509_F_X509_REQ_PRINT_FP 122
+#define X509_F_X509_REQ_TO_X509 123
+#define X509_F_X509_STORE_ADD_CERT 124
+#define X509_F_X509_STORE_ADD_CRL 125
+#define X509_F_X509_TO_X509_REQ 126
+#define X509_F_X509_VERIFY_CERT 127
+
+/* Reason codes. */
+#define X509_R_BAD_X509_FILETYPE 100
+#define X509_R_CERT_ALREADY_IN_HASH_TABLE 101
+#define X509_R_ERR_ASN1_LIB 102
+#define X509_R_LOADING_CERT_DIR 103
+#define X509_R_LOADING_DEFAULTS 104
+#define X509_R_NO_CERT_SET_FOR_US_TO_VERIFY 105
+#define X509_R_SHOULD_RETRY 106
+#define X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN 107
+#define X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY 108
+#define X509_R_UNKNOWN_NID 109
+#define X509_R_UNKNOWN_STRING_TYPE 110
+#define X509_R_UNSUPPORTED_ALGORITHM 111
+#define X509_R_WRONG_LOOKUP_TYPE 112
+
+#ifdef __cplusplus
+}
+#endif
+#endif
+
diff --git a/src/lib/libssl/src/crypto/x509/x509_cmp.c b/src/lib/libssl/src/crypto/x509/x509_cmp.c
new file mode 100644
index 0000000000..f9d9510ac5
--- /dev/null
+++ b/src/lib/libssl/src/crypto/x509/x509_cmp.c
@@ -0,0 +1,257 @@
+/* crypto/x509/x509_cmp.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include "cryptlib.h"
+#include "asn1.h"
+#include "objects.h"
+#include "x509.h"
+
+int X509_issuer_and_serial_cmp(a,b)
+X509 *a;
+X509 *b;
+ {
+ int i;
+ X509_CINF *ai,*bi;
+
+ ai=a->cert_info;
+ bi=b->cert_info;
+ i=ASN1_INTEGER_cmp(ai->serialNumber,bi->serialNumber);
+ if (i) return(i);
+ return(X509_NAME_cmp(ai->issuer,bi->issuer));
+ }
+
+#ifndef NO_MD5
+unsigned long X509_issuer_and_serial_hash(a)
+X509 *a;
+ {
+ unsigned long ret=0;
+ MD5_CTX ctx;
+ unsigned char md[16];
+ char str[256];
+
+ X509_NAME_oneline(a->cert_info->issuer,str,256);
+ ret=strlen(str);
+ MD5_Init(&ctx);
+ MD5_Update(&ctx,(unsigned char *)str,ret);
+ MD5_Update(&ctx,(unsigned char *)a->cert_info->serialNumber->data,
+ (unsigned long)a->cert_info->serialNumber->length);
+ MD5_Final(&(md[0]),&ctx);
+ ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)|
+ ((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L)
+ )&0xffffffffL;
+ return(ret);
+ }
+#endif
+
+int X509_issuer_name_cmp(a, b)
+X509 *a;
+X509 *b;
+ {
+ return(X509_NAME_cmp(a->cert_info->issuer,b->cert_info->issuer));
+ }
+
+int X509_subject_name_cmp(a, b)
+X509 *a;
+X509 *b;
+ {
+ return(X509_NAME_cmp(a->cert_info->subject,b->cert_info->subject));
+ }
+
+int X509_CRL_cmp(a, b)
+X509_CRL *a;
+X509_CRL *b;
+ {
+ return(X509_NAME_cmp(a->crl->issuer,b->crl->issuer));
+ }
+
+X509_NAME *X509_get_issuer_name(a)
+X509 *a;
+ {
+ return(a->cert_info->issuer);
+ }
+
+unsigned long X509_issuer_name_hash(x)
+X509 *x;
+ {
+ return(X509_NAME_hash(x->cert_info->issuer));
+ }
+
+X509_NAME *X509_get_subject_name(a)
+X509 *a;
+ {
+ return(a->cert_info->subject);
+ }
+
+ASN1_INTEGER *X509_get_serialNumber(a)
+X509 *a;
+ {
+ return(a->cert_info->serialNumber);
+ }
+
+unsigned long X509_subject_name_hash(x)
+X509 *x;
+ {
+ return(X509_NAME_hash(x->cert_info->subject));
+ }
+
+int X509_NAME_cmp(a, b)
+X509_NAME *a;
+X509_NAME *b;
+ {
+ int i,j;
+ X509_NAME_ENTRY *na,*nb;
+
+ if (sk_num(a->entries) != sk_num(b->entries))
+ return(sk_num(a->entries)-sk_num(b->entries));
+ for (i=sk_num(a->entries)-1; i>=0; i--)
+ {
+ na=(X509_NAME_ENTRY *)sk_value(a->entries,i);
+ nb=(X509_NAME_ENTRY *)sk_value(b->entries,i);
+ j=na->value->length-nb->value->length;
+ if (j) return(j);
+ j=memcmp(na->value->data,nb->value->data,
+ na->value->length);
+ if (j) return(j);
+ j=na->set-nb->set;
+ if (j) return(j);
+ }
+
+ /* We will check the object types after checking the values
+ * since the values will more often be different than the object
+ * types. */
+ for (i=sk_num(a->entries)-1; i>=0; i--)
+ {
+ na=(X509_NAME_ENTRY *)sk_value(a->entries,i);
+ nb=(X509_NAME_ENTRY *)sk_value(b->entries,i);
+ j=OBJ_cmp(na->object,nb->object);
+ if (j) return(j);
+ }
+ return(0);
+ }
+
+#ifndef NO_MD5
+/* I now DER encode the name and hash it. Since I cache the DER encoding,
+ * this is reasonably effiecent. */
+unsigned long X509_NAME_hash(x)
+X509_NAME *x;
+ {
+ unsigned long ret=0;
+ unsigned char md[16];
+ unsigned char str[256],*p,*pp;
+ int i;
+
+ i=i2d_X509_NAME(x,NULL);
+ if (i > sizeof(str))
+ p=Malloc(i);
+ else
+ p=str;
+
+ pp=p;
+ i2d_X509_NAME(x,&pp);
+ MD5((unsigned char *)p,i,&(md[0]));
+ if (p != str) Free(p);
+
+ ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)|
+ ((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L)
+ )&0xffffffffL;
+ return(ret);
+ }
+#endif
+
+/* Search a stack of X509 for a match */
+X509 *X509_find_by_issuer_and_serial(sk,name,serial)
+STACK *sk;
+X509_NAME *name;
+ASN1_INTEGER *serial;
+ {
+ int i;
+ X509_CINF cinf;
+ X509 x,*x509=NULL;
+
+ x.cert_info= &cinf;
+ cinf.serialNumber=serial;
+ cinf.issuer=name;
+
+ for (i=0; i<sk_num(sk); i++)
+ {
+ x509=(X509 *)sk_value(sk,i);
+ if (X509_issuer_and_serial_cmp(x509,&x) == 0)
+ return(x509);
+ }
+ return(NULL);
+ }
+
+X509 *X509_find_by_subject(sk,name)
+STACK *sk;
+X509_NAME *name;
+ {
+ X509 *x509;
+ int i;
+
+ for (i=0; i<sk_num(sk); i++)
+ {
+ x509=(X509 *)sk_value(sk,i);
+ if (X509_NAME_cmp(X509_get_subject_name(x509),name) == 0)
+ return(x509);
+ }
+ return(NULL);
+ }
+
diff --git a/src/lib/libssl/src/crypto/x509/x509_d2.c b/src/lib/libssl/src/crypto/x509/x509_d2.c
new file mode 100644
index 0000000000..01e22f4cb4
--- /dev/null
+++ b/src/lib/libssl/src/crypto/x509/x509_d2.c
@@ -0,0 +1,110 @@
+/* crypto/x509/x509_d2.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include "cryptlib.h"
+#include "crypto.h"
+#include "x509.h"
+
+#ifndef NO_STDIO
+int X509_STORE_set_default_paths(ctx)
+X509_STORE *ctx;
+ {
+ X509_LOOKUP *lookup;
+
+ lookup=X509_STORE_add_lookup(ctx,X509_LOOKUP_file());
+ if (lookup == NULL) return(0);
+ X509_LOOKUP_load_file(lookup,NULL,X509_FILETYPE_DEFAULT);
+
+ lookup=X509_STORE_add_lookup(ctx,X509_LOOKUP_hash_dir());
+ if (lookup == NULL) return(0);
+ X509_LOOKUP_add_dir(lookup,NULL,X509_FILETYPE_DEFAULT);
+
+ /* clear any errors */
+ ERR_clear_error();
+
+ return(1);
+ }
+
+int X509_STORE_load_locations(ctx,file,path)
+X509_STORE *ctx;
+char *file;
+char *path;
+ {
+ X509_LOOKUP *lookup;
+
+ if (file != NULL)
+ {
+ lookup=X509_STORE_add_lookup(ctx,X509_LOOKUP_file());
+ if (lookup == NULL) return(0);
+ X509_LOOKUP_load_file(lookup,file,X509_FILETYPE_PEM);
+ }
+ if (path != NULL)
+ {
+ lookup=X509_STORE_add_lookup(ctx,X509_LOOKUP_hash_dir());
+ if (lookup == NULL) return(0);
+ X509_LOOKUP_add_dir(lookup,path,X509_FILETYPE_PEM);
+ }
+ if ((path == NULL) && (file == NULL))
+ return(0);
+ return(1);
+ }
+
+#endif
diff --git a/src/lib/libssl/src/crypto/x509/x509_def.c b/src/lib/libssl/src/crypto/x509/x509_def.c
new file mode 100644
index 0000000000..d9ab39b15a
--- /dev/null
+++ b/src/lib/libssl/src/crypto/x509/x509_def.c
@@ -0,0 +1,83 @@
+/* crypto/x509/x509_def.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include "cryptlib.h"
+#include "crypto.h"
+#include "x509.h"
+
+char *X509_get_default_private_dir()
+ { return(X509_PRIVATE_DIR); }
+
+char *X509_get_default_cert_area()
+ { return(X509_CERT_AREA); }
+
+char *X509_get_default_cert_dir()
+ { return(X509_CERT_DIR); }
+
+char *X509_get_default_cert_file()
+ { return(X509_CERT_FILE); }
+
+char *X509_get_default_cert_dir_env()
+ { return(X509_CERT_DIR_EVP); }
+
+char *X509_get_default_cert_file_env()
+ { return(X509_CERT_FILE_EVP); }
+
diff --git a/src/lib/libssl/src/crypto/x509/x509_err.c b/src/lib/libssl/src/crypto/x509/x509_err.c
new file mode 100644
index 0000000000..9304721612
--- /dev/null
+++ b/src/lib/libssl/src/crypto/x509/x509_err.c
@@ -0,0 +1,130 @@
+/* lib/x509/x509_err.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include "err.h"
+#include "x509.h"
+
+/* BEGIN ERROR CODES */
+#ifndef NO_ERR
+static ERR_STRING_DATA X509_str_functs[]=
+ {
+{ERR_PACK(0,X509_F_ADD_CERT_DIR,0), "ADD_CERT_DIR"},
+{ERR_PACK(0,X509_F_BY_FILE_CTRL,0), "BY_FILE_CTRL"},
+{ERR_PACK(0,X509_F_DIR_CTRL,0), "DIR_CTRL"},
+{ERR_PACK(0,X509_F_GET_CERT_BY_SUBJECT,0), "GET_CERT_BY_SUBJECT"},
+{ERR_PACK(0,X509_F_X509V3_ADD_EXT,0), "X509v3_add_ext"},
+{ERR_PACK(0,X509_F_X509V3_ADD_EXTENSION,0), "X509V3_ADD_EXTENSION"},
+{ERR_PACK(0,X509_F_X509V3_PACK_STRING,0), "X509v3_pack_string"},
+{ERR_PACK(0,X509_F_X509V3_UNPACK_STRING,0), "X509v3_unpack_string"},
+{ERR_PACK(0,X509_F_X509_EXTENSION_CREATE_BY_NID,0), "X509_EXTENSION_create_by_NID"},
+{ERR_PACK(0,X509_F_X509_EXTENSION_CREATE_BY_OBJ,0), "X509_EXTENSION_create_by_OBJ"},
+{ERR_PACK(0,X509_F_X509_GET_PUBKEY_PARAMETERS,0), "X509_get_pubkey_parameters"},
+{ERR_PACK(0,X509_F_X509_LOAD_CERT_FILE,0), "X509_LOAD_CERT_FILE"},
+{ERR_PACK(0,X509_F_X509_LOAD_CRL_FILE,0), "X509_LOAD_CRL_FILE"},
+{ERR_PACK(0,X509_F_X509_NAME_ADD_ENTRY,0), "X509_NAME_add_entry"},
+{ERR_PACK(0,X509_F_X509_NAME_ENTRY_CREATE_BY_NID,0), "X509_NAME_ENTRY_create_by_NID"},
+{ERR_PACK(0,X509_F_X509_NAME_ENTRY_SET_OBJECT,0), "X509_NAME_ENTRY_set_object"},
+{ERR_PACK(0,X509_F_X509_NAME_ONELINE,0), "X509_NAME_oneline"},
+{ERR_PACK(0,X509_F_X509_NAME_PRINT,0), "X509_NAME_print"},
+{ERR_PACK(0,X509_F_X509_PRINT_FP,0), "X509_print_fp"},
+{ERR_PACK(0,X509_F_X509_PUBKEY_GET,0), "X509_PUBKEY_get"},
+{ERR_PACK(0,X509_F_X509_PUBKEY_SET,0), "X509_PUBKEY_set"},
+{ERR_PACK(0,X509_F_X509_REQ_PRINT,0), "X509_REQ_print"},
+{ERR_PACK(0,X509_F_X509_REQ_PRINT_FP,0), "X509_REQ_print_fp"},
+{ERR_PACK(0,X509_F_X509_REQ_TO_X509,0), "X509_REQ_to_X509"},
+{ERR_PACK(0,X509_F_X509_STORE_ADD_CERT,0), "X509_STORE_ADD_CERT"},
+{ERR_PACK(0,X509_F_X509_STORE_ADD_CRL,0), "X509_STORE_ADD_CRL"},
+{ERR_PACK(0,X509_F_X509_TO_X509_REQ,0), "X509_to_X509_REQ"},
+{ERR_PACK(0,X509_F_X509_VERIFY_CERT,0), "X509_verify_cert"},
+{0,NULL},
+ };
+
+static ERR_STRING_DATA X509_str_reasons[]=
+ {
+{X509_R_BAD_X509_FILETYPE ,"bad x509 filetype"},
+{X509_R_CERT_ALREADY_IN_HASH_TABLE ,"cert already in hash table"},
+{X509_R_ERR_ASN1_LIB ,"err asn1 lib"},
+{X509_R_LOADING_CERT_DIR ,"loading cert dir"},
+{X509_R_LOADING_DEFAULTS ,"loading defaults"},
+{X509_R_NO_CERT_SET_FOR_US_TO_VERIFY ,"no cert set for us to verify"},
+{X509_R_SHOULD_RETRY ,"should retry"},
+{X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN,"unable to find parameters in chain"},
+{X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY ,"unable to get certs public key"},
+{X509_R_UNKNOWN_NID ,"unknown nid"},
+{X509_R_UNKNOWN_STRING_TYPE ,"unknown string type"},
+{X509_R_UNSUPPORTED_ALGORITHM ,"unsupported algorithm"},
+{X509_R_WRONG_LOOKUP_TYPE ,"wrong lookup type"},
+{0,NULL},
+ };
+
+#endif
+
+void ERR_load_X509_strings()
+ {
+ static int init=1;
+
+ if (init);
+ {;
+ init=0;
+#ifndef NO_ERR
+ ERR_load_strings(ERR_LIB_X509,X509_str_functs);
+ ERR_load_strings(ERR_LIB_X509,X509_str_reasons);
+#endif
+
+ }
+ }
diff --git a/src/lib/libssl/src/crypto/x509/x509_ext.c b/src/lib/libssl/src/crypto/x509/x509_ext.c
new file mode 100644
index 0000000000..1d76ecfcfd
--- /dev/null
+++ b/src/lib/libssl/src/crypto/x509/x509_ext.c
@@ -0,0 +1,222 @@
+/* crypto/x509/x509_ext.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "stack.h"
+#include "cryptlib.h"
+#include "asn1.h"
+#include "objects.h"
+#include "evp.h"
+#include "x509.h"
+
+int X509_CRL_get_ext_count(x)
+X509_CRL *x;
+ {
+ return(X509v3_get_ext_count(x->crl->extensions));
+ }
+
+int X509_CRL_get_ext_by_NID(x,nid,lastpos)
+X509_CRL *x;
+int nid;
+int lastpos;
+ {
+ return(X509v3_get_ext_by_NID(x->crl->extensions,nid,lastpos));
+ }
+
+int X509_CRL_get_ext_by_OBJ(x,obj,lastpos)
+X509_CRL *x;
+ASN1_OBJECT *obj;
+int lastpos;
+ {
+ return(X509v3_get_ext_by_OBJ(x->crl->extensions,obj,lastpos));
+ }
+
+int X509_CRL_get_ext_by_critical(x,crit,lastpos)
+X509_CRL *x;
+int crit;
+int lastpos;
+ {
+ return(X509v3_get_ext_by_critical(x->crl->extensions,crit,lastpos));
+ }
+
+X509_EXTENSION *X509_CRL_get_ext(x,loc)
+X509_CRL *x;
+int loc;
+ {
+ return(X509v3_get_ext(x->crl->extensions,loc));
+ }
+
+X509_EXTENSION *X509_CRL_delete_ext(x,loc)
+X509_CRL *x;
+int loc;
+ {
+ return(X509v3_delete_ext(x->crl->extensions,loc));
+ }
+
+int X509_CRL_add_ext(x,ex,loc)
+X509_CRL *x;
+X509_EXTENSION *ex;
+int loc;
+ {
+ return(X509v3_add_ext(&(x->crl->extensions),ex,loc) != NULL);
+ }
+
+int X509_get_ext_count(x)
+X509 *x;
+ {
+ return(X509v3_get_ext_count(x->cert_info->extensions));
+ }
+
+int X509_get_ext_by_NID(x,nid,lastpos)
+X509 *x;
+int nid;
+int lastpos;
+ {
+ return(X509v3_get_ext_by_NID(x->cert_info->extensions,nid,lastpos));
+ }
+
+int X509_get_ext_by_OBJ(x,obj,lastpos)
+X509 *x;
+ASN1_OBJECT *obj;
+int lastpos;
+ {
+ return(X509v3_get_ext_by_OBJ(x->cert_info->extensions,obj,lastpos));
+ }
+
+int X509_get_ext_by_critical(x,crit,lastpos)
+X509 *x;
+int crit;
+int lastpos;
+ {
+ return(X509v3_get_ext_by_critical(x->cert_info->extensions,crit,lastpos));
+ }
+
+X509_EXTENSION *X509_get_ext(x,loc)
+X509 *x;
+int loc;
+ {
+ return(X509v3_get_ext(x->cert_info->extensions,loc));
+ }
+
+X509_EXTENSION *X509_delete_ext(x,loc)
+X509 *x;
+int loc;
+ {
+ return(X509v3_delete_ext(x->cert_info->extensions,loc));
+ }
+
+int X509_add_ext(x,ex,loc)
+X509 *x;
+X509_EXTENSION *ex;
+int loc;
+ {
+ return(X509v3_add_ext(&(x->cert_info->extensions),ex,loc) != NULL);
+ }
+
+int X509_REVOKED_get_ext_count(x)
+X509_REVOKED *x;
+ {
+ return(X509v3_get_ext_count(x->extensions));
+ }
+
+int X509_REVOKED_get_ext_by_NID(x,nid,lastpos)
+X509_REVOKED *x;
+int nid;
+int lastpos;
+ {
+ return(X509v3_get_ext_by_NID(x->extensions,nid,lastpos));
+ }
+
+int X509_REVOKED_get_ext_by_OBJ(x,obj,lastpos)
+X509_REVOKED *x;
+ASN1_OBJECT *obj;
+int lastpos;
+ {
+ return(X509v3_get_ext_by_OBJ(x->extensions,obj,lastpos));
+ }
+
+int X509_REVOKED_get_ext_by_critical(x,crit,lastpos)
+X509_REVOKED *x;
+int crit;
+int lastpos;
+ {
+ return(X509v3_get_ext_by_critical(x->extensions,crit,lastpos));
+ }
+
+X509_EXTENSION *X509_REVOKED_get_ext(x,loc)
+X509_REVOKED *x;
+int loc;
+ {
+ return(X509v3_get_ext(x->extensions,loc));
+ }
+
+X509_EXTENSION *X509_REVOKED_delete_ext(x,loc)
+X509_REVOKED *x;
+int loc;
+ {
+ return(X509v3_delete_ext(x->extensions,loc));
+ }
+
+int X509_REVOKED_add_ext(x,ex,loc)
+X509_REVOKED *x;
+X509_EXTENSION *ex;
+int loc;
+ {
+ return(X509v3_add_ext(&(x->extensions),ex,loc) != NULL);
+ }
+
diff --git a/src/lib/libssl/src/crypto/x509/x509_lu.c b/src/lib/libssl/src/crypto/x509/x509_lu.c
new file mode 100644
index 0000000000..2c7e10a46e
--- /dev/null
+++ b/src/lib/libssl/src/crypto/x509/x509_lu.c
@@ -0,0 +1,446 @@
+/* crypto/x509/x509_lu.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "lhash.h"
+#include "x509.h"
+
+static STACK *x509_store_meth=NULL;
+static STACK *x509_store_ctx_meth=NULL;
+
+X509_LOOKUP *X509_LOOKUP_new(method)
+X509_LOOKUP_METHOD *method;
+ {
+ X509_LOOKUP *ret;
+
+ ret=(X509_LOOKUP *)Malloc(sizeof(X509_LOOKUP));
+ if (ret == NULL) return(NULL);
+
+ ret->init=0;
+ ret->skip=0;
+ ret->method=method;
+ ret->method_data=NULL;
+ ret->store_ctx=NULL;
+ if ((method->new_item != NULL) && !method->new_item(ret))
+ {
+ Free(ret);
+ return(NULL);
+ }
+ return(ret);
+ }
+
+void X509_LOOKUP_free(ctx)
+X509_LOOKUP *ctx;
+ {
+ if (ctx == NULL) return;
+ if ( (ctx->method != NULL) &&
+ (ctx->method->free != NULL))
+ ctx->method->free(ctx);
+ Free(ctx);
+ }
+
+int X509_LOOKUP_init(ctx)
+X509_LOOKUP *ctx;
+ {
+ if (ctx->method == NULL) return(0);
+ if (ctx->method->init != NULL)
+ return(ctx->method->init(ctx));
+ else
+ return(1);
+ }
+
+int X509_LOOKUP_shutdown(ctx)
+X509_LOOKUP *ctx;
+ {
+ if (ctx->method == NULL) return(0);
+ if (ctx->method->init != NULL)
+ return(ctx->method->shutdown(ctx));
+ else
+ return(1);
+ }
+
+int X509_LOOKUP_ctrl(ctx,cmd,argc,argl,ret)
+X509_LOOKUP *ctx;
+int cmd;
+char *argc;
+long argl;
+char **ret;
+ {
+ if (ctx->method == NULL) return(-1);
+ if (ctx->method->ctrl != NULL)
+ return(ctx->method->ctrl(ctx,cmd,argc,argl,ret));
+ else
+ return(1);
+ }
+
+int X509_LOOKUP_by_subject(ctx,type,name,ret)
+X509_LOOKUP *ctx;
+int type;
+X509_NAME *name;
+X509_OBJECT *ret;
+ {
+ if ((ctx->method == NULL) || (ctx->method->get_by_subject == NULL))
+ return(X509_LU_FAIL);
+ if (ctx->skip) return(0);
+ return(ctx->method->get_by_subject(ctx,type,name,ret));
+ }
+
+int X509_LOOKUP_by_issuer_serial(ctx,type,name,serial,ret)
+X509_LOOKUP *ctx;
+int type;
+X509_NAME *name;
+ASN1_INTEGER *serial;
+X509_OBJECT *ret;
+ {
+ if ((ctx->method == NULL) ||
+ (ctx->method->get_by_issuer_serial == NULL))
+ return(X509_LU_FAIL);
+ return(ctx->method->get_by_issuer_serial(ctx,type,name,serial,ret));
+ }
+
+int X509_LOOKUP_by_fingerprint(ctx,type,bytes,len,ret)
+X509_LOOKUP *ctx;
+int type;
+unsigned char *bytes;
+int len;
+X509_OBJECT *ret;
+ {
+ if ((ctx->method == NULL) || (ctx->method->get_by_fingerprint == NULL))
+ return(X509_LU_FAIL);
+ return(ctx->method->get_by_fingerprint(ctx,type,bytes,len,ret));
+ }
+
+int X509_LOOKUP_by_alias(ctx,type,str,len,ret)
+X509_LOOKUP *ctx;
+int type;
+char *str;
+int len;
+X509_OBJECT *ret;
+ {
+ if ((ctx->method == NULL) || (ctx->method->get_by_alias == NULL))
+ return(X509_LU_FAIL);
+ return(ctx->method->get_by_alias(ctx,str,len,ret));
+ }
+
+static unsigned long x509_object_hash(a)
+X509_OBJECT *a;
+ {
+ unsigned long h;
+
+ switch (a->type)
+ {
+ case X509_LU_X509:
+ h=X509_NAME_hash(a->data.x509->cert_info->subject);
+ break;
+ case X509_LU_CRL:
+ h=X509_NAME_hash(a->data.crl->crl->issuer);
+ break;
+ default:
+ abort();
+ }
+ return(h);
+ }
+
+static int x509_object_cmp(a,b)
+X509_OBJECT *a,*b;
+ {
+ int ret;
+
+ ret=(a->type - b->type);
+ if (ret) return(ret);
+ switch (a->type)
+ {
+ case X509_LU_X509:
+ ret=X509_subject_name_cmp(a->data.x509,b->data.x509);
+ break;
+ case X509_LU_CRL:
+ ret=X509_CRL_cmp(a->data.crl,b->data.crl);
+ break;
+ default:
+ abort();
+ }
+ return(ret);
+ }
+
+X509_STORE *X509_STORE_new()
+ {
+ X509_STORE *ret;
+
+ if ((ret=(X509_STORE *)Malloc(sizeof(X509_STORE))) == NULL)
+ return(NULL);
+ ret->certs=lh_new(x509_object_hash,x509_object_cmp);
+ ret->cache=1;
+ ret->get_cert_methods=sk_new_null();
+ ret->verify=NULL;
+ ret->verify_cb=NULL;
+ memset(&ret->ex_data,0,sizeof(CRYPTO_EX_DATA));
+ ret->references=1;
+ return(ret);
+ }
+
+static void cleanup(a)
+X509_OBJECT *a;
+ {
+ if (a->type == X509_LU_X509)
+ {
+ X509_free(a->data.x509);
+ }
+ else if (a->type == X509_LU_CRL)
+ {
+ X509_CRL_free(a->data.crl);
+ }
+ else
+ abort();
+
+ Free(a);
+ }
+
+void X509_STORE_free(vfy)
+X509_STORE *vfy;
+ {
+ int i;
+ STACK *sk;
+ X509_LOOKUP *lu;
+
+ sk=vfy->get_cert_methods;
+ for (i=0; i<sk_num(sk); i++)
+ {
+ lu=(X509_LOOKUP *)sk_value(sk,i);
+ X509_LOOKUP_shutdown(lu);
+ X509_LOOKUP_free(lu);
+ }
+ sk_free(sk);
+
+ CRYPTO_free_ex_data(x509_store_meth,(char *)vfy,&vfy->ex_data);
+ lh_doall(vfy->certs,cleanup);
+ lh_free(vfy->certs);
+ Free(vfy);
+ }
+
+X509_LOOKUP *X509_STORE_add_lookup(v,m)
+X509_STORE *v;
+X509_LOOKUP_METHOD *m;
+ {
+ int i;
+ STACK *sk;
+ X509_LOOKUP *lu;
+
+ sk=v->get_cert_methods;
+ for (i=0; i<sk_num(sk); i++)
+ {
+ lu=(X509_LOOKUP *)sk_value(sk,i);
+ if (m == lu->method)
+ {
+ return(lu);
+ }
+ }
+ /* a new one */
+ lu=X509_LOOKUP_new(m);
+ if (lu == NULL)
+ return(NULL);
+ else
+ {
+ lu->store_ctx=v;
+ if (sk_push(v->get_cert_methods,(char *)lu))
+ return(lu);
+ else
+ {
+ X509_LOOKUP_free(lu);
+ return(NULL);
+ }
+ }
+ }
+
+int X509_STORE_get_by_subject(vs,type,name,ret)
+X509_STORE_CTX *vs;
+int type;
+X509_NAME *name;
+X509_OBJECT *ret;
+ {
+ X509_STORE *ctx=vs->ctx;
+ X509_LOOKUP *lu;
+ X509_OBJECT stmp,*tmp;
+ int i,j;
+
+ tmp=X509_OBJECT_retrive_by_subject(ctx->certs,type,name);
+
+ if (tmp == NULL)
+ {
+ for (i=vs->current_method; i<sk_num(ctx->get_cert_methods); i++)
+ {
+ lu=(X509_LOOKUP *)sk_value(ctx->get_cert_methods,i);
+ j=X509_LOOKUP_by_subject(lu,type,name,&stmp);
+ if (j < 0)
+ {
+ vs->current_method=j;
+ return(j);
+ }
+ else if (j)
+ {
+ tmp= &stmp;
+ break;
+ }
+ }
+ vs->current_method=0;
+ if (tmp == NULL)
+ return(0);
+ }
+
+/* if (ret->data.ptr != NULL)
+ X509_OBJECT_free_contents(ret); */
+
+ ret->type=tmp->type;
+ ret->data.ptr=tmp->data.ptr;
+
+ X509_OBJECT_up_ref_count(ret);
+
+ return(1);
+ }
+
+void X509_OBJECT_up_ref_count(a)
+X509_OBJECT *a;
+ {
+ switch (a->type)
+ {
+ case X509_LU_X509:
+ CRYPTO_add(&a->data.x509->references,1,CRYPTO_LOCK_X509);
+ break;
+ case X509_LU_CRL:
+ CRYPTO_add(&a->data.crl->references,1,CRYPTO_LOCK_X509_CRL);
+ break;
+ }
+ }
+
+void X509_OBJECT_free_contents(a)
+X509_OBJECT *a;
+ {
+ switch (a->type)
+ {
+ case X509_LU_X509:
+ X509_free(a->data.x509);
+ break;
+ case X509_LU_CRL:
+ X509_CRL_free(a->data.crl);
+ break;
+ }
+ }
+
+X509_OBJECT *X509_OBJECT_retrive_by_subject(h,type,name)
+LHASH *h;
+int type;
+X509_NAME *name;
+ {
+ X509_OBJECT stmp,*tmp;
+ X509 x509_s;
+ X509_CINF cinf_s;
+ X509_CRL crl_s;
+ X509_CRL_INFO crl_info_s;
+
+ stmp.type=type;
+ switch (type)
+ {
+ case X509_LU_X509:
+ stmp.data.x509= &x509_s;
+ x509_s.cert_info= &cinf_s;
+ cinf_s.subject=name;
+ break;
+ case X509_LU_CRL:
+ stmp.data.crl= &crl_s;
+ crl_s.crl= &crl_info_s;
+ crl_info_s.issuer=name;
+ break;
+ default:
+ abort();
+ }
+
+ tmp=(X509_OBJECT *)lh_retrieve(h,(char *)&stmp);
+ return(tmp);
+ }
+
+void X509_STORE_CTX_init(ctx,store,x509,chain)
+X509_STORE_CTX *ctx;
+X509_STORE *store;
+X509 *x509;
+STACK *chain;
+ {
+ ctx->ctx=store;
+ ctx->current_method=0;
+ ctx->cert=x509;
+ ctx->untrusted=chain;
+ ctx->last_untrusted=0;
+ ctx->valid=0;
+ ctx->chain=NULL;
+ ctx->depth=10;
+ ctx->error=0;
+ ctx->current_cert=NULL;
+ memset(&(ctx->ex_data),0,sizeof(CRYPTO_EX_DATA));
+ }
+
+void X509_STORE_CTX_cleanup(ctx)
+X509_STORE_CTX *ctx;
+ {
+ if (ctx->chain != NULL)
+ {
+ sk_pop_free(ctx->chain,X509_free);
+ ctx->chain=NULL;
+ }
+ CRYPTO_free_ex_data(x509_store_ctx_meth,(char *)ctx,&(ctx->ex_data));
+ memset(&ctx->ex_data,0,sizeof(CRYPTO_EX_DATA));
+ }
+
diff --git a/src/lib/libssl/src/crypto/x509/x509_obj.c b/src/lib/libssl/src/crypto/x509/x509_obj.c
new file mode 100644
index 0000000000..c0576fd6f6
--- /dev/null
+++ b/src/lib/libssl/src/crypto/x509/x509_obj.c
@@ -0,0 +1,179 @@
+/* crypto/x509/x509_obj.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "lhash.h"
+#include "objects.h"
+#include "x509.h"
+#include "buffer.h"
+
+char *X509_NAME_oneline(a,buf,len)
+X509_NAME *a;
+char *buf;
+int len;
+ {
+ X509_NAME_ENTRY *ne;
+ unsigned int i;
+ int n,lold,l,l1,l2,num,j,type;
+ char *s,*p;
+ unsigned char *q;
+ BUF_MEM *b=NULL;
+ static char hex[17]="0123456789ABCDEF";
+ int gs_doit[4];
+ char tmp_buf[80];
+
+ if (a == NULL) return("NO X509_NAME");
+ if (buf == NULL)
+ {
+ if ((b=BUF_MEM_new()) == NULL) goto err;
+ if (!BUF_MEM_grow(b,200)) goto err;
+ b->data[0]='\0';
+ len=200;
+ }
+
+ len--; /* space for '\0' */
+ l=0;
+ for (i=0; (int)i<sk_num(a->entries); i++)
+ {
+ ne=(X509_NAME_ENTRY *)sk_value(a->entries,i);
+ n=OBJ_obj2nid(ne->object);
+ if ((n == NID_undef) || ((s=OBJ_nid2sn(n)) == NULL))
+ {
+ i2t_ASN1_OBJECT(tmp_buf,sizeof(tmp_buf),ne->object);
+ s=tmp_buf;
+ }
+ l1=strlen(s);
+
+ type=ne->value->type;
+ num=ne->value->length;
+ q=ne->value->data;
+
+ if ((type == V_ASN1_GENERALSTRING) && ((num%4) == 0))
+ {
+ gs_doit[0]=gs_doit[1]=gs_doit[2]=gs_doit[3]=0;
+ for (j=0; j<num; j++)
+ if (q[j] != 0) gs_doit[j&3]=1;
+
+ if (gs_doit[0]|gs_doit[1]|gs_doit[2])
+ gs_doit[0]=gs_doit[1]=gs_doit[2]=gs_doit[3]=1;
+ else
+ {
+ gs_doit[0]=gs_doit[1]=gs_doit[2]=0;
+ gs_doit[3]=1;
+ }
+ }
+ else
+ gs_doit[0]=gs_doit[1]=gs_doit[2]=gs_doit[3]=1;
+
+ for (l2=j=0; j<num; j++)
+ {
+ if (!gs_doit[j&3]) continue;
+ l2++;
+ if ((q[j] < ' ') || (q[j] > '~')) l2+=3;
+ }
+
+ lold=l;
+ l+=1+l1+1+l2;
+ if (b != NULL)
+ {
+ if (!BUF_MEM_grow(b,l+1)) goto err;
+ p= &(b->data[lold]);
+ }
+ else if (l > len)
+ {
+ break;
+ }
+ else
+ p= &(buf[lold]);
+ *(p++)='/';
+ memcpy(p,s,(unsigned int)l1); p+=l1;
+ *(p++)='=';
+
+ q=ne->value->data;
+
+ for (j=0; j<num; j++)
+ {
+ if (!gs_doit[j&3]) continue;
+ n=q[j];
+ if ((n < ' ') || (n > '~'))
+ {
+ *(p++)='\\';
+ *(p++)='x';
+ *(p++)=hex[(n>>4)&0x0f];
+ *(p++)=hex[n&0x0f];
+ }
+ else
+ *(p++)=n;
+ }
+ *p='\0';
+ }
+ if (b != NULL)
+ {
+ p=b->data;
+ Free((char *)b);
+ }
+ else
+ p=buf;
+ return(p);
+err:
+ X509err(X509_F_X509_NAME_ONELINE,ERR_R_MALLOC_FAILURE);
+ if (b != NULL) BUF_MEM_free(b);
+ return(NULL);
+ }
+
diff --git a/src/lib/libssl/src/crypto/x509/x509_r2x.c b/src/lib/libssl/src/crypto/x509/x509_r2x.c
new file mode 100644
index 0000000000..6aec2427f7
--- /dev/null
+++ b/src/lib/libssl/src/crypto/x509/x509_r2x.c
@@ -0,0 +1,122 @@
+/* crypto/x509/x509_r2x.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "evp.h"
+#include "asn1.h"
+#include "x509.h"
+#include "objects.h"
+#include "buffer.h"
+#include "pem.h"
+
+X509 *X509_REQ_to_X509(r,days,pkey)
+X509_REQ *r;
+int days;
+EVP_PKEY *pkey;
+ {
+ X509 *ret=NULL;
+ int er=1;
+ X509_REQ_INFO *ri=NULL;
+ X509_CINF *xi=NULL;
+ X509_NAME *xn;
+
+ if ((ret=X509_new()) == NULL)
+ {
+ X509err(X509_F_X509_REQ_TO_X509,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ /* duplicate the request */
+ ri=(X509_REQ_INFO *)ASN1_dup(i2d_X509_REQ_INFO,
+ (char *(*)())d2i_X509_REQ_INFO,(char *)r->req_info);
+ if (ri == NULL) goto err;
+
+ xi=ret->cert_info;
+
+ if (sk_num(ri->attributes) != 0)
+ {
+ if ((xi->version=ASN1_INTEGER_new()) == NULL) goto err;
+ if (!ASN1_INTEGER_set(xi->version,2)) goto err;
+/* xi->extensions=ri->attributes; <- bad, should not ever be done
+ ri->attributes=NULL; */
+ }
+
+ xn=X509_REQ_get_subject_name(r);
+ X509_set_subject_name(ret,X509_NAME_dup(xn));
+ X509_set_issuer_name(ret,X509_NAME_dup(xn));
+
+ X509_gmtime_adj(xi->validity->notBefore,0);
+ X509_gmtime_adj(xi->validity->notAfter,(long)60*60*24*days);
+
+ X509_set_pubkey(ret,X509_REQ_get_pubkey(r));
+
+ if (!X509_sign(ret,pkey,EVP_md5()))
+ goto err;
+ er=0;
+err:
+ if (er)
+ {
+ X509_free(ret);
+ X509_REQ_INFO_free(ri);
+ return(NULL);
+ }
+ return(ret);
+ }
+
diff --git a/src/lib/libssl/src/crypto/x509/x509_req.c b/src/lib/libssl/src/crypto/x509/x509_req.c
new file mode 100644
index 0000000000..5004365bad
--- /dev/null
+++ b/src/lib/libssl/src/crypto/x509/x509_req.c
@@ -0,0 +1,116 @@
+/* crypto/x509/x509_req.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "evp.h"
+#include "asn1.h"
+#include "x509.h"
+#include "objects.h"
+#include "buffer.h"
+#include "pem.h"
+
+X509_REQ *X509_to_X509_REQ(x,pkey,md)
+X509 *x;
+EVP_PKEY *pkey;
+EVP_MD *md;
+ {
+ X509_REQ *ret;
+ X509_REQ_INFO *ri;
+ int i;
+
+ ret=X509_REQ_new();
+ if (ret == NULL)
+ {
+ X509err(X509_F_X509_TO_X509_REQ,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ ri=ret->req_info;
+
+ ri->version->length=1;
+ ri->version->data=(unsigned char *)Malloc(1);
+ if (ri->version->data == NULL) goto err;
+ ri->version->data[0]=0; /* version == 0 */
+
+ if (!X509_REQ_set_subject_name(ret,X509_get_subject_name(x)))
+ goto err;
+
+ i=X509_REQ_set_pubkey(ret,X509_get_pubkey(x));
+ if (!i) goto err;
+
+ if (pkey != NULL)
+ {
+ if (!X509_REQ_sign(ret,pkey,md))
+ goto err;
+ }
+ return(ret);
+err:
+ X509_REQ_free(ret);
+ return(NULL);
+ }
+
+EVP_PKEY *X509_REQ_get_pubkey(req)
+X509_REQ *req;
+ {
+ if ((req == NULL) || (req->req_info == NULL))
+ return(NULL);
+ return(X509_PUBKEY_get(req->req_info->pubkey));
+ }
+
diff --git a/src/lib/libssl/src/crypto/x509/x509_set.c b/src/lib/libssl/src/crypto/x509/x509_set.c
new file mode 100644
index 0000000000..5d0a3a0c0e
--- /dev/null
+++ b/src/lib/libssl/src/crypto/x509/x509_set.c
@@ -0,0 +1,164 @@
+/* crypto/x509/x509_set.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1.h"
+#include "objects.h"
+#include "evp.h"
+#include "x509.h"
+
+int X509_set_version(x,version)
+X509 *x;
+long version;
+ {
+ if (x == NULL) return(0);
+ if (x->cert_info->version == NULL)
+ {
+ if ((x->cert_info->version=ASN1_INTEGER_new()) == NULL)
+ return(0);
+ }
+ return(ASN1_INTEGER_set(x->cert_info->version,version));
+ }
+
+int X509_set_serialNumber(x,serial)
+X509 *x;
+ASN1_INTEGER *serial;
+ {
+ ASN1_INTEGER *in;
+
+ if (x == NULL) return(0);
+ in=x->cert_info->serialNumber;
+ if (in != serial)
+ {
+ in=ASN1_INTEGER_dup(serial);
+ if (in != NULL)
+ {
+ ASN1_INTEGER_free(x->cert_info->serialNumber);
+ x->cert_info->serialNumber=in;
+ }
+ }
+ return(in != NULL);
+ }
+
+int X509_set_issuer_name(x,name)
+X509 *x;
+X509_NAME *name;
+ {
+ if ((x == NULL) || (x->cert_info == NULL)) return(0);
+ return(X509_NAME_set(&x->cert_info->issuer,name));
+ }
+
+int X509_set_subject_name(x,name)
+X509 *x;
+X509_NAME *name;
+ {
+ if ((x == NULL) || (x->cert_info == NULL)) return(0);
+ return(X509_NAME_set(&x->cert_info->subject,name));
+ }
+
+int X509_set_notBefore(x,tm)
+X509 *x;
+ASN1_UTCTIME *tm;
+ {
+ ASN1_UTCTIME *in;
+
+ if ((x == NULL) || (x->cert_info->validity == NULL)) return(0);
+ in=x->cert_info->validity->notBefore;
+ if (in != tm)
+ {
+ in=ASN1_UTCTIME_dup(tm);
+ if (in != NULL)
+ {
+ ASN1_UTCTIME_free(x->cert_info->validity->notBefore);
+ x->cert_info->validity->notBefore=in;
+ }
+ }
+ return(in != NULL);
+ }
+
+int X509_set_notAfter(x,tm)
+X509 *x;
+ASN1_UTCTIME *tm;
+ {
+ ASN1_UTCTIME *in;
+
+ if ((x == NULL) || (x->cert_info->validity == NULL)) return(0);
+ in=x->cert_info->validity->notAfter;
+ if (in != tm)
+ {
+ in=ASN1_UTCTIME_dup(tm);
+ if (in != NULL)
+ {
+ ASN1_UTCTIME_free(x->cert_info->validity->notAfter);
+ x->cert_info->validity->notAfter=in;
+ }
+ }
+ return(in != NULL);
+ }
+
+int X509_set_pubkey(x,pkey)
+X509 *x;
+EVP_PKEY *pkey;
+ {
+ if ((x == NULL) || (x->cert_info == NULL)) return(0);
+ return(X509_PUBKEY_set(&(x->cert_info->key),pkey));
+ }
+
+
+
diff --git a/src/lib/libssl/src/crypto/x509/x509_txt.c b/src/lib/libssl/src/crypto/x509/x509_txt.c
new file mode 100644
index 0000000000..408d1c277c
--- /dev/null
+++ b/src/lib/libssl/src/crypto/x509/x509_txt.c
@@ -0,0 +1,132 @@
+/* crypto/x509/x509_txt.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include <errno.h>
+#include <sys/types.h>
+
+#include "cryptlib.h"
+#include "lhash.h"
+#include "buffer.h"
+#include "evp.h"
+#include "asn1.h"
+#include "x509.h"
+#include "objects.h"
+#include "pem.h"
+
+char *X509_verify_cert_error_string(n)
+long n;
+ {
+ static char buf[100];
+
+ switch ((int)n)
+ {
+ case X509_V_OK:
+ return("ok");
+ case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
+ return("unable to get issuer certificate");
+ case X509_V_ERR_UNABLE_TO_GET_CRL:
+ return("unable to get certificate CRL");
+ case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE:
+ return("unable to decrypt certificate's signature");
+ case X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE:
+ return("unable to decrypt CRL's's signature");
+ case X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY:
+ return("unable to decode issuer public key");
+ case X509_V_ERR_CERT_SIGNATURE_FAILURE:
+ return("certificate signature failure");
+ case X509_V_ERR_CRL_SIGNATURE_FAILURE:
+ return("CRL signature failure");
+ case X509_V_ERR_CERT_NOT_YET_VALID:
+ return("certificate is not yet valid");
+ case X509_V_ERR_CRL_NOT_YET_VALID:
+ return("CRL is not yet valid");
+ case X509_V_ERR_CERT_HAS_EXPIRED:
+ return("Certificate has expired");
+ case X509_V_ERR_CRL_HAS_EXPIRED:
+ return("CRL has expired");
+ case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
+ return("format error in certificate's notBefore field");
+ case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
+ return("format error in certificate's notAfter field");
+ case X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD:
+ return("format error in CRL's lastUpdate field");
+ case X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD:
+ return("format error in CRL's nextUpdate field");
+ case X509_V_ERR_OUT_OF_MEM:
+ return("out of memory");
+ case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
+ return("self signed certificate");
+ case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:
+ return("self signed certificate in certificate chain");
+ case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:
+ return("unable to get local issuer certificate");
+ case X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:
+ return("unable to verify the first certificate");
+ case X509_V_ERR_CERT_CHAIN_TOO_LONG:
+ return("certificate chain too long");
+ case X509_V_ERR_APPLICATION_VERIFICATION:
+ return("application verification failure");
+ default:
+ sprintf(buf,"error number %ld",n);
+ return(buf);
+ }
+ }
+
+
diff --git a/src/lib/libssl/src/crypto/x509/x509_v3.c b/src/lib/libssl/src/crypto/x509/x509_v3.c
new file mode 100644
index 0000000000..1c03602f0b
--- /dev/null
+++ b/src/lib/libssl/src/crypto/x509/x509_v3.c
@@ -0,0 +1,409 @@
+/* crypto/x509/x509_v3.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "stack.h"
+#include "cryptlib.h"
+#include "asn1.h"
+#include "objects.h"
+#include "evp.h"
+#include "x509.h"
+
+#ifndef NOPROTO
+static X509_EXTENSION_METHOD *find_by_nid(int nid);
+static int xem_cmp(X509_EXTENSION_METHOD **a, X509_EXTENSION_METHOD **b);
+#else
+static X509_EXTENSION_METHOD *find_by_nid();
+static int xem_cmp();
+#endif
+
+static STACK *extensions=NULL;
+
+int X509v3_get_ext_count(x)
+STACK *x;
+ {
+ if (x == NULL) return(0);
+ return(sk_num(x));
+ }
+
+int X509v3_get_ext_by_NID(x,nid,lastpos)
+STACK *x;
+int nid;
+int lastpos;
+ {
+ ASN1_OBJECT *obj;
+
+ obj=OBJ_nid2obj(nid);
+ if (obj == NULL) return(-2);
+ return(X509v3_get_ext_by_OBJ(x,obj,lastpos));
+ }
+
+int X509v3_get_ext_by_OBJ(sk,obj,lastpos)
+STACK *sk;
+ASN1_OBJECT *obj;
+int lastpos;
+ {
+ int n;
+ X509_EXTENSION *ex;
+
+ if (sk == NULL) return(-1);
+ lastpos++;
+ if (lastpos < 0)
+ lastpos=0;
+ n=sk_num(sk);
+ for ( ; lastpos < n; lastpos++)
+ {
+ ex=(X509_EXTENSION *)sk_value(sk,lastpos);
+ if (OBJ_cmp(ex->object,obj) == 0)
+ return(lastpos);
+ }
+ return(-1);
+ }
+
+int X509v3_get_ext_by_critical(sk,crit,lastpos)
+STACK *sk;
+int crit;
+int lastpos;
+ {
+ int n;
+ X509_EXTENSION *ex;
+
+ if (sk == NULL) return(-1);
+ lastpos++;
+ if (lastpos < 0)
+ lastpos=0;
+ n=sk_num(sk);
+ for ( ; lastpos < n; lastpos++)
+ {
+ ex=(X509_EXTENSION *)sk_value(sk,lastpos);
+ if ( (ex->critical && crit) ||
+ (!ex->critical && !crit))
+ return(lastpos);
+ }
+ return(-1);
+ }
+
+X509_EXTENSION *X509v3_get_ext(x,loc)
+STACK *x;
+int loc;
+ {
+ if ((x == NULL) || (sk_num(x) <= loc) || (loc < 0))
+ return(NULL);
+ else
+ return((X509_EXTENSION *)sk_value(x,loc));
+ }
+
+X509_EXTENSION *X509v3_delete_ext(x,loc)
+STACK *x;
+int loc;
+ {
+ X509_EXTENSION *ret;
+
+ if ((x == NULL) || (sk_num(x) <= loc) || (loc < 0))
+ return(NULL);
+ ret=(X509_EXTENSION *)sk_delete(x,loc);
+ return(ret);
+ }
+
+STACK *X509v3_add_ext(x,ex,loc)
+STACK **x;
+X509_EXTENSION *ex;
+int loc;
+ {
+ X509_EXTENSION *new_ex=NULL;
+ int n;
+ STACK *sk=NULL;
+
+ if ((x != NULL) && (*x == NULL))
+ {
+ if ((sk=sk_new_null()) == NULL)
+ goto err;
+ }
+ else
+ sk= *x;
+
+ n=sk_num(sk);
+ if (loc > n) loc=n;
+ else if (loc < 0) loc=n;
+
+ if ((new_ex=X509_EXTENSION_dup(ex)) == NULL)
+ goto err2;
+ if (!sk_insert(sk,(char *)new_ex,loc))
+ goto err;
+ if ((x != NULL) && (*x == NULL))
+ *x=sk;
+ return(sk);
+err:
+ X509err(X509_F_X509V3_ADD_EXT,ERR_R_MALLOC_FAILURE);
+err2:
+ if (new_ex != NULL) X509_EXTENSION_free(new_ex);
+ if (sk != NULL) sk_free(sk);
+ return(NULL);
+ }
+
+X509_EXTENSION *X509_EXTENSION_create_by_NID(ex,nid,crit,data)
+X509_EXTENSION **ex;
+int nid;
+int crit;
+ASN1_OCTET_STRING *data;
+ {
+ ASN1_OBJECT *obj;
+ X509_EXTENSION *ret;
+
+ obj=OBJ_nid2obj(nid);
+ if (obj == NULL)
+ {
+ X509err(X509_F_X509_EXTENSION_CREATE_BY_NID,X509_R_UNKNOWN_NID);
+ return(NULL);
+ }
+ ret=X509_EXTENSION_create_by_OBJ(ex,obj,crit,data);
+ if (ret == NULL) ASN1_OBJECT_free(obj);
+ return(ret);
+ }
+
+X509_EXTENSION *X509_EXTENSION_create_by_OBJ(ex,obj,crit,data)
+X509_EXTENSION **ex;
+ASN1_OBJECT *obj;
+int crit;
+ASN1_OCTET_STRING *data;
+ {
+ X509_EXTENSION *ret;
+
+ if ((ex == NULL) || (*ex == NULL))
+ {
+ if ((ret=X509_EXTENSION_new()) == NULL)
+ {
+ X509err(X509_F_X509_EXTENSION_CREATE_BY_OBJ,ERR_R_MALLOC_FAILURE);
+ return(NULL);
+ }
+ }
+ else
+ ret= *ex;
+
+ if (!X509_EXTENSION_set_object(ret,obj))
+ goto err;
+ if (!X509_EXTENSION_set_critical(ret,crit))
+ goto err;
+ if (!X509_EXTENSION_set_data(ret,data))
+ goto err;
+
+ if ((ex != NULL) && (*ex == NULL)) *ex=ret;
+ return(ret);
+err:
+ if ((ex == NULL) || (ret != *ex))
+ X509_EXTENSION_free(ret);
+ return(NULL);
+ }
+
+int X509_EXTENSION_set_object(ex,obj)
+X509_EXTENSION *ex;
+ASN1_OBJECT *obj;
+ {
+ if ((ex == NULL) || (obj == NULL))
+ return(0);
+ ASN1_OBJECT_free(ex->object);
+ ex->object=OBJ_dup(obj);
+ return(1);
+ }
+
+int X509_EXTENSION_set_critical(ex,crit)
+X509_EXTENSION *ex;
+int crit;
+ {
+ if (ex == NULL) return(0);
+ ex->critical=(crit)?0xFF:0;
+ return(1);
+ }
+
+int X509_EXTENSION_set_data(ex,data)
+X509_EXTENSION *ex;
+ASN1_OCTET_STRING *data;
+ {
+ int i;
+
+ if (ex == NULL) return(0);
+ i=ASN1_OCTET_STRING_set(ex->value,data->data,data->length);
+ if (!i) return(0);
+ return(1);
+ }
+
+ASN1_OBJECT *X509_EXTENSION_get_object(ex)
+X509_EXTENSION *ex;
+ {
+ if (ex == NULL) return(NULL);
+ return(ex->object);
+ }
+
+ASN1_OCTET_STRING *X509_EXTENSION_get_data(ex)
+X509_EXTENSION *ex;
+ {
+ if (ex == NULL) return(NULL);
+ return(ex->value);
+ }
+
+int X509_EXTENSION_get_critical(ex)
+X509_EXTENSION *ex;
+ {
+ if (ex == NULL) return(0);
+ return(ex->critical);
+ }
+
+int X509v3_data_type_by_OBJ(obj)
+ASN1_OBJECT *obj;
+ {
+ int nid;
+
+ nid=OBJ_obj2nid(obj);
+ if (nid == V_ASN1_UNDEF) return(V_ASN1_UNDEF);
+ return(X509v3_data_type_by_NID(nid));
+ }
+
+int X509v3_data_type_by_NID(nid)
+int nid;
+ {
+ X509_EXTENSION_METHOD *x;
+
+ x=find_by_nid(nid);
+ if (x == NULL)
+ return(V_ASN1_UNDEF);
+ else
+ return(x->data_type);
+ }
+
+int X509v3_pack_type_by_OBJ(obj)
+ASN1_OBJECT *obj;
+ {
+ int nid;
+
+ nid=OBJ_obj2nid(obj);
+ if (nid == NID_undef) return(X509_EXT_PACK_UNKNOWN);
+ return(X509v3_pack_type_by_NID(nid));
+ }
+
+int X509v3_pack_type_by_NID(nid)
+int nid;
+ {
+ X509_EXTENSION_METHOD *x;
+
+ x=find_by_nid(nid);
+ if (x == NULL)
+ return(X509_EXT_PACK_UNKNOWN);
+ else
+ return(x->pack_type);
+ }
+
+static X509_EXTENSION_METHOD *find_by_nid(nid)
+int nid;
+ {
+ X509_EXTENSION_METHOD x;
+ int i;
+
+ x.nid=nid;
+ if (extensions == NULL) return(NULL);
+ i=sk_find(extensions,(char *)&x);
+ if (i < 0)
+ return(NULL);
+ else
+ return((X509_EXTENSION_METHOD *)sk_value(extensions,i));
+ }
+
+static int xem_cmp(a,b)
+X509_EXTENSION_METHOD **a,**b;
+ {
+ return((*a)->nid-(*b)->nid);
+ }
+
+void X509v3_cleanup_extensions()
+ {
+ int i;
+
+ if (extensions != NULL)
+ {
+ for (i=0; i<sk_num(extensions); i++)
+ Free(sk_value(extensions,i));
+ sk_free(extensions);
+ extensions=NULL;
+ }
+ }
+
+int X509v3_add_extension(x)
+X509_EXTENSION_METHOD *x;
+ {
+ X509_EXTENSION_METHOD *newx;
+
+ if (extensions == NULL)
+ {
+ extensions=sk_new(xem_cmp);
+ if (extensions == NULL) goto err;
+ }
+ newx=(X509_EXTENSION_METHOD *)Malloc(sizeof(X509_EXTENSION_METHOD));
+ if (newx == NULL) goto err;
+ newx->nid=x->nid;
+ newx->data_type=x->data_type;
+ newx->pack_type=x->pack_type;
+ if (!sk_push(extensions,(char *)newx))
+ {
+ Free(newx);
+ goto err;
+ }
+ return(1);
+err:
+ X509err(X509_F_X509V3_ADD_EXTENSION,ERR_R_MALLOC_FAILURE);
+ return(0);
+ }
+
diff --git a/src/lib/libssl/src/crypto/x509/x509_vfy.c b/src/lib/libssl/src/crypto/x509/x509_vfy.c
new file mode 100644
index 0000000000..c1be91edba
--- /dev/null
+++ b/src/lib/libssl/src/crypto/x509/x509_vfy.c
@@ -0,0 +1,704 @@
+/* crypto/x509/x509_vfy.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include <errno.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+
+#include "crypto.h"
+#include "cryptlib.h"
+#include "lhash.h"
+#include "buffer.h"
+#include "evp.h"
+#include "asn1.h"
+#include "x509.h"
+#include "objects.h"
+#include "pem.h"
+
+#ifndef NOPROTO
+static int null_callback(int ok,X509_STORE_CTX *e);
+static int internal_verify(X509_STORE_CTX *ctx);
+#else
+static int null_callback();
+static int internal_verify();
+#endif
+
+char *X509_version="X509 part of SSLeay 0.9.0b 29-Jun-1998";
+static STACK *x509_store_ctx_method=NULL;
+static int x509_store_ctx_num=0;
+#if 0
+static int x509_store_num=1;
+static STACK *x509_store_method=NULL;
+#endif
+
+static int null_callback(ok,e)
+int ok;
+X509_STORE_CTX *e;
+ {
+ return(ok);
+ }
+
+#if 0
+static int x509_subject_cmp(a,b)
+X509 **a,**b;
+ {
+ return(X509_subject_name_cmp(*a,*b));
+ }
+#endif
+
+int X509_verify_cert(ctx)
+X509_STORE_CTX *ctx;
+ {
+ X509 *x,*xtmp,*chain_ss=NULL;
+ X509_NAME *xn;
+ X509_OBJECT obj;
+ int depth,i,ok=0;
+ int num;
+ int (*cb)();
+ STACK *sktmp=NULL;
+
+ if (ctx->cert == NULL)
+ {
+ X509err(X509_F_X509_VERIFY_CERT,X509_R_NO_CERT_SET_FOR_US_TO_VERIFY);
+ return(-1);
+ }
+
+ cb=ctx->ctx->verify_cb;
+ if (cb == NULL) cb=null_callback;
+
+ /* first we make sure the chain we are going to build is
+ * present and that the first entry is in place */
+ if (ctx->chain == NULL)
+ {
+ if ( ((ctx->chain=sk_new_null()) == NULL) ||
+ (!sk_push(ctx->chain,(char *)ctx->cert)))
+ {
+ X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE);
+ goto end;
+ }
+ CRYPTO_add(&ctx->cert->references,1,CRYPTO_LOCK_X509);
+ ctx->last_untrusted=1;
+ }
+
+ /* We use a temporary so we can chop and hack at it */
+ if ((ctx->untrusted != NULL) && (sktmp=sk_dup(ctx->untrusted)) == NULL)
+ {
+ X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE);
+ goto end;
+ }
+
+ num=sk_num(ctx->chain);
+ x=(X509 *)sk_value(ctx->chain,num-1);
+ depth=ctx->depth;
+
+
+ for (;;)
+ {
+ /* If we have enough, we break */
+ if (depth <= num) break;
+
+ /* If we are self signed, we break */
+ xn=X509_get_issuer_name(x);
+ if (X509_NAME_cmp(X509_get_subject_name(x),xn) == 0)
+ break;
+
+ /* If we were passed a cert chain, use it first */
+ if (ctx->untrusted != NULL)
+ {
+ xtmp=X509_find_by_subject(sktmp,xn);
+ if (xtmp != NULL)
+ {
+ if (!sk_push(ctx->chain,(char *)xtmp))
+ {
+ X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE);
+ goto end;
+ }
+ CRYPTO_add(&xtmp->references,1,CRYPTO_LOCK_X509);
+ sk_delete_ptr(sktmp,(char *)xtmp);
+ ctx->last_untrusted++;
+ x=xtmp;
+ num++;
+ /* reparse the full chain for
+ * the next one */
+ continue;
+ }
+ }
+ break;
+ }
+
+ /* at this point, chain should contain a list of untrusted
+ * certificates. We now need to add at least one trusted one,
+ * if possible, otherwise we complain. */
+
+ i=sk_num(ctx->chain);
+ x=(X509 *)sk_value(ctx->chain,i-1);
+ if (X509_NAME_cmp(X509_get_subject_name(x),X509_get_issuer_name(x))
+ == 0)
+ {
+ /* we have a self signed certificate */
+ if (sk_num(ctx->chain) == 1)
+ {
+ ctx->error=X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT;
+ ctx->current_cert=x;
+ ctx->error_depth=i-1;
+ ok=cb(0,ctx);
+ if (!ok) goto end;
+ }
+ else
+ {
+ /* worry more about this one elsewhere */
+ chain_ss=(X509 *)sk_pop(ctx->chain);
+ ctx->last_untrusted--;
+ num--;
+ x=(X509 *)sk_value(ctx->chain,num-1);
+ }
+ }
+
+ /* We now lookup certs from the certificate store */
+ for (;;)
+ {
+ /* If we have enough, we break */
+ if (depth <= num) break;
+
+ /* If we are self signed, we break */
+ xn=X509_get_issuer_name(x);
+ if (X509_NAME_cmp(X509_get_subject_name(x),xn) == 0)
+ break;
+
+ ok=X509_STORE_get_by_subject(ctx,X509_LU_X509,xn,&obj);
+ if (ok != X509_LU_X509)
+ {
+ if (ok == X509_LU_RETRY)
+ {
+ X509_OBJECT_free_contents(&obj);
+ X509err(X509_F_X509_VERIFY_CERT,X509_R_SHOULD_RETRY);
+ return(ok);
+ }
+ else if (ok != X509_LU_FAIL)
+ {
+ X509_OBJECT_free_contents(&obj);
+ /* not good :-(, break anyway */
+ return(ok);
+ }
+ break;
+ }
+ x=obj.data.x509;
+ if (!sk_push(ctx->chain,(char *)obj.data.x509))
+ {
+ X509_OBJECT_free_contents(&obj);
+ X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE);
+ return(0);
+ }
+ num++;
+ }
+
+ /* we now have our chain, lets check it... */
+ xn=X509_get_issuer_name(x);
+ if (X509_NAME_cmp(X509_get_subject_name(x),xn) != 0)
+ {
+ if ((chain_ss == NULL) || (X509_NAME_cmp(X509_get_subject_name(chain_ss),xn) != 0))
+ {
+ if (ctx->last_untrusted >= num)
+ ctx->error=X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY;
+ else
+ ctx->error=X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT;
+ ctx->current_cert=x;
+ }
+ else
+ {
+
+ sk_push(ctx->chain,(char *)chain_ss);
+ num++;
+ ctx->last_untrusted=num;
+ ctx->current_cert=chain_ss;
+ ctx->error=X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN;
+ chain_ss=NULL;
+ }
+
+ ctx->error_depth=num-1;
+ ok=cb(0,ctx);
+ if (!ok) goto end;
+ }
+
+ /* We may as well copy down any DSA parameters that are required */
+ X509_get_pubkey_parameters(NULL,ctx->chain);
+
+ /* At this point, we have a chain and just need to verify it */
+ if (ctx->ctx->verify != NULL)
+ ok=ctx->ctx->verify(ctx);
+ else
+ ok=internal_verify(ctx);
+end:
+ if (sktmp != NULL) sk_free(sktmp);
+ if (chain_ss != NULL) X509_free(chain_ss);
+ return(ok);
+ }
+
+static int internal_verify(ctx)
+X509_STORE_CTX *ctx;
+ {
+ int i,ok=0,n;
+ X509 *xs,*xi;
+ EVP_PKEY *pkey=NULL;
+ int (*cb)();
+
+ cb=ctx->ctx->verify_cb;
+ if (cb == NULL) cb=null_callback;
+
+ n=sk_num(ctx->chain);
+ ctx->error_depth=n-1;
+ n--;
+ xi=(X509 *)sk_value(ctx->chain,n);
+ if (X509_NAME_cmp(X509_get_subject_name(xi),
+ X509_get_issuer_name(xi)) == 0)
+ xs=xi;
+ else
+ {
+ if (n <= 0)
+ {
+ ctx->error=X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE;
+ ctx->current_cert=xi;
+ ok=cb(0,ctx);
+ goto end;
+ }
+ else
+ {
+ n--;
+ ctx->error_depth=n;
+ xs=(X509 *)sk_value(ctx->chain,n);
+ }
+ }
+
+/* ctx->error=0; not needed */
+ while (n >= 0)
+ {
+ ctx->error_depth=n;
+ if (!xs->valid)
+ {
+ if ((pkey=X509_get_pubkey(xi)) == NULL)
+ {
+ ctx->error=X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY;
+ ctx->current_cert=xi;
+ ok=(*cb)(0,ctx);
+ if (!ok) goto end;
+ }
+ if (X509_verify(xs,pkey) <= 0)
+ {
+ ctx->error=X509_V_ERR_CERT_SIGNATURE_FAILURE;
+ ctx->current_cert=xs;
+ ok=(*cb)(0,ctx);
+ if (!ok) goto end;
+ }
+ pkey=NULL;
+
+ i=X509_cmp_current_time(X509_get_notBefore(xs));
+ if (i == 0)
+ {
+ ctx->error=X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD;
+ ctx->current_cert=xs;
+ ok=(*cb)(0,ctx);
+ if (!ok) goto end;
+ }
+ if (i > 0)
+ {
+ ctx->error=X509_V_ERR_CERT_NOT_YET_VALID;
+ ctx->current_cert=xs;
+ ok=(*cb)(0,ctx);
+ if (!ok) goto end;
+ }
+ xs->valid=1;
+ }
+
+ i=X509_cmp_current_time(X509_get_notAfter(xs));
+ if (i == 0)
+ {
+ ctx->error=X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD;
+ ctx->current_cert=xs;
+ ok=(*cb)(0,ctx);
+ if (!ok) goto end;
+ }
+
+ if (i < 0)
+ {
+ ctx->error=X509_V_ERR_CERT_HAS_EXPIRED;
+ ctx->current_cert=xs;
+ ok=(*cb)(0,ctx);
+ if (!ok) goto end;
+ }
+
+ /* CRL CHECK */
+
+ /* The last error (if any) is still in the error value */
+ ctx->current_cert=xs;
+ ok=(*cb)(1,ctx);
+ if (!ok) goto end;
+
+ n--;
+ if (n >= 0)
+ {
+ xi=xs;
+ xs=(X509 *)sk_value(ctx->chain,n);
+ }
+ }
+ ok=1;
+end:
+ return(ok);
+ }
+
+int X509_cmp_current_time(ctm)
+ASN1_UTCTIME *ctm;
+ {
+ char *str;
+ ASN1_UTCTIME atm;
+ time_t offset;
+ char buff1[24],buff2[24],*p;
+ int i,j;
+
+ p=buff1;
+ i=ctm->length;
+ str=(char *)ctm->data;
+ if ((i < 11) || (i > 17)) return(0);
+ memcpy(p,str,10);
+ p+=10;
+ str+=10;
+
+ if ((*str == 'Z') || (*str == '-') || (*str == '+'))
+ { *(p++)='0'; *(p++)='0'; }
+ else { *(p++)= *(str++); *(p++)= *(str++); }
+ *(p++)='Z';
+ *(p++)='\0';
+
+ if (*str == 'Z')
+ offset=0;
+ else
+ {
+ if ((*str != '+') && (str[5] != '-'))
+ return(0);
+ offset=((str[1]-'0')*10+(str[2]-'0'))*60;
+ offset+=(str[3]-'0')*10+(str[4]-'0');
+ if (*str == '-')
+ offset=-offset;
+ }
+ atm.type=V_ASN1_UTCTIME;
+ atm.length=sizeof(buff2);
+ atm.data=(unsigned char *)buff2;
+
+ X509_gmtime_adj(&atm,-offset);
+
+ i=(buff1[0]-'0')*10+(buff1[1]-'0');
+ if (i < 70) i+=100;
+ j=(buff2[0]-'0')*10+(buff2[1]-'0');
+ if (j < 70) j+=100;
+
+ if (i < j) return (-1);
+ if (i > j) return (1);
+ i=strcmp(buff1,buff2);
+ if (i == 0) /* wait a second then return younger :-) */
+ return(-1);
+ else
+ return(i);
+ }
+
+ASN1_UTCTIME *X509_gmtime_adj(s, adj)
+ASN1_UTCTIME *s;
+long adj;
+ {
+ time_t t;
+
+ time(&t);
+ t+=adj;
+ return(ASN1_UTCTIME_set(s,t));
+ }
+
+int X509_get_pubkey_parameters(pkey,chain)
+EVP_PKEY *pkey;
+STACK *chain;
+ {
+ EVP_PKEY *ktmp=NULL,*ktmp2;
+ int i,j;
+
+ if ((pkey != NULL) && !EVP_PKEY_missing_parameters(pkey)) return(1);
+
+ for (i=0; i<sk_num(chain); i++)
+ {
+ ktmp=X509_get_pubkey((X509 *)sk_value(chain,i));
+ if (ktmp == NULL)
+ {
+ X509err(X509_F_X509_GET_PUBKEY_PARAMETERS,X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY);
+ return(0);
+ }
+ if (!EVP_PKEY_missing_parameters(ktmp))
+ break;
+ else
+ {
+ ktmp=NULL;
+ }
+ }
+ if (ktmp == NULL)
+ {
+ X509err(X509_F_X509_GET_PUBKEY_PARAMETERS,X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN);
+ return(0);
+ }
+
+ /* first, populate the other certs */
+ for (j=i-1; j >= 0; j--)
+ {
+ ktmp2=X509_get_pubkey((X509 *)sk_value(chain,j));
+ EVP_PKEY_copy_parameters(ktmp2,ktmp);
+ }
+
+ if (pkey != NULL)
+ EVP_PKEY_copy_parameters(pkey,ktmp);
+ return(1);
+ }
+
+EVP_PKEY *X509_get_pubkey(x)
+X509 *x;
+ {
+ if ((x == NULL) || (x->cert_info == NULL))
+ return(NULL);
+ return(X509_PUBKEY_get(x->cert_info->key));
+ }
+
+int X509_check_private_key(x,k)
+X509 *x;
+EVP_PKEY *k;
+ {
+ EVP_PKEY *xk=NULL;
+ int ok=0;
+
+ xk=X509_get_pubkey(x);
+ if (xk->type != k->type) goto err;
+ switch (k->type)
+ {
+#ifndef NO_RSA
+ case EVP_PKEY_RSA:
+ if (BN_cmp(xk->pkey.rsa->n,k->pkey.rsa->n) != 0) goto err;
+ if (BN_cmp(xk->pkey.rsa->e,k->pkey.rsa->e) != 0) goto err;
+ break;
+#endif
+#ifndef NO_DSA
+ case EVP_PKEY_DSA:
+ if (BN_cmp(xk->pkey.dsa->pub_key,k->pkey.dsa->pub_key) != 0)
+ goto err;
+ break;
+#endif
+#ifndef NO_DH
+ case EVP_PKEY_DH:
+ /* No idea */
+ goto err;
+#endif
+ default:
+ goto err;
+ }
+
+ ok=1;
+err:
+ return(ok);
+ }
+
+int X509_STORE_add_cert(ctx,x)
+X509_STORE *ctx;
+X509 *x;
+ {
+ X509_OBJECT *obj,*r;
+ int ret=1;
+
+ if (x == NULL) return(0);
+ obj=(X509_OBJECT *)Malloc(sizeof(X509_OBJECT));
+ if (obj == NULL)
+ {
+ X509err(X509_F_X509_STORE_ADD_CERT,ERR_R_MALLOC_FAILURE);
+ return(0);
+ }
+ obj->type=X509_LU_X509;
+ obj->data.x509=x;
+
+ CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
+
+ X509_OBJECT_up_ref_count(obj);
+
+ r=(X509_OBJECT *)lh_insert(ctx->certs,(char *)obj);
+ if (r != NULL)
+ { /* oops, put it back */
+ lh_delete(ctx->certs,(char *)obj);
+ X509_OBJECT_free_contents(obj);
+ Free(obj);
+ lh_insert(ctx->certs,(char *)r);
+ X509err(X509_F_X509_STORE_ADD_CERT,X509_R_CERT_ALREADY_IN_HASH_TABLE);
+ ret=0;
+ }
+
+ CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+
+ return(ret);
+ }
+
+int X509_STORE_add_crl(ctx,x)
+X509_STORE *ctx;
+X509_CRL *x;
+ {
+ X509_OBJECT *obj,*r;
+ int ret=1;
+
+ if (x == NULL) return(0);
+ obj=(X509_OBJECT *)Malloc(sizeof(X509_OBJECT));
+ if (obj == NULL)
+ {
+ X509err(X509_F_X509_STORE_ADD_CRL,ERR_R_MALLOC_FAILURE);
+ return(0);
+ }
+ obj->type=X509_LU_CRL;
+ obj->data.crl=x;
+
+ CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
+
+ X509_OBJECT_up_ref_count(obj);
+
+ r=(X509_OBJECT *)lh_insert(ctx->certs,(char *)obj);
+ if (r != NULL)
+ { /* oops, put it back */
+ lh_delete(ctx->certs,(char *)obj);
+ X509_OBJECT_free_contents(obj);
+ Free(obj);
+ lh_insert(ctx->certs,(char *)r);
+ X509err(X509_F_X509_STORE_ADD_CRL,X509_R_CERT_ALREADY_IN_HASH_TABLE);
+ ret=0;
+ }
+
+ CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+
+ return(ret);
+ }
+
+int X509_STORE_CTX_get_ex_new_index(argl,argp,new_func,dup_func,free_func)
+long argl;
+char *argp;
+int (*new_func)();
+int (*dup_func)();
+void (*free_func)();
+ {
+ x509_store_ctx_num++;
+ return(CRYPTO_get_ex_new_index(x509_store_ctx_num-1,
+ &x509_store_ctx_method,
+ argl,argp,new_func,dup_func,free_func));
+ }
+
+int X509_STORE_CTX_set_ex_data(ctx,idx,data)
+X509_STORE_CTX *ctx;
+int idx;
+char *data;
+ {
+ return(CRYPTO_set_ex_data(&ctx->ex_data,idx,data));
+ }
+
+char *X509_STORE_CTX_get_ex_data(ctx,idx)
+X509_STORE_CTX *ctx;
+int idx;
+ {
+ return(CRYPTO_get_ex_data(&ctx->ex_data,idx));
+ }
+
+int X509_STORE_CTX_get_error(ctx)
+X509_STORE_CTX *ctx;
+ {
+ return(ctx->error);
+ }
+
+void X509_STORE_CTX_set_error(ctx,err)
+X509_STORE_CTX *ctx;
+int err;
+ {
+ ctx->error=err;
+ }
+
+int X509_STORE_CTX_get_error_depth(ctx)
+X509_STORE_CTX *ctx;
+ {
+ return(ctx->error_depth);
+ }
+
+X509 *X509_STORE_CTX_get_current_cert(ctx)
+X509_STORE_CTX *ctx;
+ {
+ return(ctx->current_cert);
+ }
+
+STACK *X509_STORE_CTX_get_chain(ctx)
+X509_STORE_CTX *ctx;
+ {
+ return(ctx->chain);
+ }
+
+void X509_STORE_CTX_set_cert(ctx,x)
+X509_STORE_CTX *ctx;
+X509 *x;
+ {
+ ctx->cert=x;
+ }
+
+void X509_STORE_CTX_set_chain(ctx,sk)
+X509_STORE_CTX *ctx;
+STACK *sk;
+ {
+ ctx->untrusted=sk;
+ }
+
+
diff --git a/src/lib/libssl/src/crypto/x509/x509_vfy.h b/src/lib/libssl/src/crypto/x509/x509_vfy.h
new file mode 100644
index 0000000000..dfc060f899
--- /dev/null
+++ b/src/lib/libssl/src/crypto/x509/x509_vfy.h
@@ -0,0 +1,378 @@
+/* crypto/x509/x509_vfy.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_X509_VFY_H
+#define HEADER_X509_VFY_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include "bio.h"
+#include "crypto.h"
+
+/* Outer object */
+typedef struct x509_hash_dir_st
+ {
+ int num_dirs;
+ char **dirs;
+ int *dirs_type;
+ int num_dirs_alloced;
+ } X509_HASH_DIR_CTX;
+
+typedef struct x509_file_st
+ {
+ int num_paths; /* number of paths to files or directories */
+ int num_alloced;
+ char **paths; /* the list of paths or directories */
+ int *path_type;
+ } X509_CERT_FILE_CTX;
+
+/*******************************/
+/*
+SSL_CTX -> X509_STORE
+ -> X509_LOOKUP
+ ->X509_LOOKUP_METHOD
+ -> X509_LOOKUP
+ ->X509_LOOKUP_METHOD
+
+SSL -> X509_STORE_CTX
+ ->X509_STORE
+
+The X509_STORE holds the tables etc for verification stuff.
+A X509_STORE_CTX is used while validating a single certificate.
+The X509_STORE has X509_LOOKUPs for looking up certs.
+The X509_STORE then calls a function to actually verify the
+certificate chain.
+*/
+
+#define X509_LU_RETRY -1
+#define X509_LU_FAIL 0
+#define X509_LU_X509 1
+#define X509_LU_CRL 2
+#define X509_LU_PKEY 3
+
+typedef struct x509_object_st
+ {
+ /* one of the above types */
+ int type;
+ union {
+ char *ptr;
+ X509 *x509;
+ X509_CRL *crl;
+ EVP_PKEY *pkey;
+ } data;
+ } X509_OBJECT;
+
+/* This is a static that defines the function interface */
+typedef struct x509_lookup_method_st
+ {
+ char *name;
+ int (*new_item)();
+ void (*free)();
+ int (*init)(/* meth, char ** */);
+ int (*shutdown)( /* meth, char ** */);
+ int (*ctrl)( /* meth, char **, int cmd, char *argp, int argi */);
+ int (*get_by_subject)(/* meth, char **, XNAME *, X509 **ret */);
+ int (*get_by_issuer_serial)();
+ int (*get_by_fingerprint)();
+ int (*get_by_alias)();
+ } X509_LOOKUP_METHOD;
+
+/* This is used to hold everything. It is used for all certificate
+ * validation. Once we have a certificate chain, the 'verify'
+ * function is then called to actually check the cert chain. */
+typedef struct x509_store_st
+ {
+ /* The following is a cache of trusted certs */
+ int cache; /* if true, stash any hits */
+#ifdef HEADER_LHASH_H
+ LHASH *certs; /* cached certs; */
+#else
+ char *certs;
+#endif
+
+ /* These are external lookup methods */
+ STACK *get_cert_methods;/* X509_LOOKUP */
+ int (*verify)(); /* called to verify a certificate */
+ int (*verify_cb)(); /* error callback */
+
+ CRYPTO_EX_DATA ex_data;
+ int references;
+ int depth; /* how deep to look */
+ } X509_STORE;
+
+#define X509_STORE_set_depth(ctx,d) ((ctx)->depth=(d))
+
+#define X509_STORE_set_verify_cb_func(ctx,func) ((ctx)->verify_cb=(func))
+#define X509_STORE_set_verify_func(ctx,func) ((ctx)->verify=(func))
+
+/* This is the functions plus an instance of the local variables. */
+typedef struct x509_lookup_st
+ {
+ int init; /* have we been started */
+ int skip; /* don't use us. */
+ X509_LOOKUP_METHOD *method; /* the functions */
+ char *method_data; /* method data */
+
+ X509_STORE *store_ctx; /* who owns us */
+ } X509_LOOKUP;
+
+/* This is a temporary used when processing cert chains. Since the
+ * gathering of the cert chain can take some time (and have to be
+ * 'retried', this needs to be kept and passed around. */
+typedef struct x509_store_state_st
+ {
+ X509_STORE *ctx;
+ int current_method; /* used when looking up certs */
+
+ /* The following are set by the caller */
+ X509 *cert; /* The cert to check */
+ STACK *untrusted; /* chain of X509s - untrusted - passed in */
+
+ /* The following is built up */
+ int depth; /* how far to go looking up certs */
+ int valid; /* if 0, rebuild chain */
+ int last_untrusted; /* index of last untrusted cert */
+ STACK *chain; /* chain of X509s - built up and trusted */
+
+ /* When something goes wrong, this is why */
+ int error_depth;
+ int error;
+ X509 *current_cert;
+
+ CRYPTO_EX_DATA ex_data;
+ } X509_STORE_CTX;
+
+#define X509_STORE_CTX_set_app_data(ctx,data) \
+ X509_STORE_CTX_set_ex_data(ctx,0,data)
+#define X509_STORE_CTX_get_app_data(ctx) \
+ X509_STORE_CTX_get_ex_data(ctx,0)
+
+#define X509_L_FILE_LOAD 1
+#define X509_L_ADD_DIR 2
+
+X509_LOOKUP_METHOD *X509_LOOKUP_file();
+#define X509_LOOKUP_load_file(x,name,type) \
+ X509_LOOKUP_ctrl((x),X509_L_FILE_LOAD,(name),(long)(type),NULL)
+
+X509_LOOKUP_METHOD *X509_LOOKUP_dir();
+#define X509_LOOKUP_add_dir(x,name,type) \
+ X509_LOOKUP_ctrl((x),X509_L_ADD_DIR,(name),(long)(type),NULL)
+
+#define X509_V_OK 0
+
+#define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT 2
+#define X509_V_ERR_UNABLE_TO_GET_CRL 3
+#define X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE 4
+#define X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE 5
+#define X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY 6
+#define X509_V_ERR_CERT_SIGNATURE_FAILURE 7
+#define X509_V_ERR_CRL_SIGNATURE_FAILURE 8
+#define X509_V_ERR_CERT_NOT_YET_VALID 9
+#define X509_V_ERR_CERT_HAS_EXPIRED 10
+#define X509_V_ERR_CRL_NOT_YET_VALID 11
+#define X509_V_ERR_CRL_HAS_EXPIRED 12
+#define X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD 13
+#define X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD 14
+#define X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD 15
+#define X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD 16
+#define X509_V_ERR_OUT_OF_MEM 17
+#define X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT 18
+#define X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN 19
+#define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY 20
+#define X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE 21
+#define X509_V_ERR_CERT_CHAIN_TOO_LONG 22
+#define X509_V_ERR_CERT_REVOKED 23
+
+/* The application is not happy */
+#define X509_V_ERR_APPLICATION_VERIFICATION 50
+
+#ifndef NOPROTO
+#ifdef HEADER_LHASH_H
+X509_OBJECT *X509_OBJECT_retrive_by_subject(LHASH *h,int type,X509_NAME *name);
+#endif
+void X509_OBJECT_up_ref_count(X509_OBJECT *a);
+void X509_OBJECT_free_contents(X509_OBJECT *a);
+X509_STORE *X509_STORE_new(void );
+void X509_STORE_free(X509_STORE *v);
+
+void X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
+ X509 *x509, STACK *chain);
+void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx);
+
+X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m);
+
+X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void);
+X509_LOOKUP_METHOD *X509_LOOKUP_file(void);
+
+int X509_STORE_add_cert(X509_STORE *ctx, X509 *x);
+int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x);
+
+int X509_STORE_get_by_subject(X509_STORE_CTX *vs,int type,X509_NAME *name,
+ X509_OBJECT *ret);
+
+int X509_LOOKUP_ctrl(X509_LOOKUP *ctx,int cmd,char *argc,long argl,char **ret);
+
+#ifndef NO_STDIO
+int X509_load_cert_file(X509_LOOKUP *ctx, char *file, int type);
+int X509_load_crl_file(X509_LOOKUP *ctx, char *file, int type);
+#endif
+
+void X509v3_cleanup_extensions(void );
+int X509v3_add_extension(X509_EXTENSION_METHOD *x);
+int X509v3_add_netscape_extensions(void );
+int X509v3_add_standard_extensions(void );
+
+X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method);
+void X509_LOOKUP_free(X509_LOOKUP *ctx);
+int X509_LOOKUP_init(X509_LOOKUP *ctx);
+int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, int type, X509_NAME *name,
+ X509_OBJECT *ret);
+int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, int type, X509_NAME *name,
+ ASN1_INTEGER *serial, X509_OBJECT *ret);
+int X509_LOOKUP_by_fingerprint(X509_LOOKUP *ctx, int type,
+ unsigned char *bytes, int len, X509_OBJECT *ret);
+int X509_LOOKUP_by_alias(X509_LOOKUP *ctx, int type, char *str,
+ int len, X509_OBJECT *ret);
+int X509_LOOKUP_shutdown(X509_LOOKUP *ctx);
+
+#ifndef NO_STDIO
+int X509_STORE_load_locations (X509_STORE *ctx,
+ char *file, char *dir);
+int X509_STORE_set_default_paths(X509_STORE *ctx);
+#endif
+
+int X509_STORE_CTX_get_ex_new_index(long argl, char *argp, int (*new_func)(),
+ int (*dup_func)(), void (*free_func)());
+int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx,int idx,char *data);
+char * X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx,int idx);
+int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
+void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx,int s);
+int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
+X509 * X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx);
+STACK * X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx);
+void X509_STORE_CTX_set_cert(X509_STORE_CTX *c,X509 *x);
+void X509_STORE_CTX_set_chain(X509_STORE_CTX *c,STACK /* X509 */ *sk);
+
+#else
+
+#ifdef HEADER_LHASH_H
+X509_OBJECT *X509_OBJECT_retrive_by_subject();
+#endif
+void X509_OBJECT_up_ref_count();
+void X509_OBJECT_free_contents();
+X509_STORE *X509_STORE_new();
+void X509_STORE_free();
+
+void X509_STORE_CTX_init();
+void X509_STORE_CTX_cleanup();
+
+X509_LOOKUP *X509_STORE_add_lookup();
+
+X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir();
+X509_LOOKUP_METHOD *X509_LOOKUP_file();
+
+int X509_STORE_add_cert();
+int X509_STORE_add_crl();
+
+int X509_STORE_get_by_subject();
+
+int X509_LOOKUP_ctrl();
+
+#ifndef NO_STDIO
+int X509_load_cert_file();
+int X509_load_crl_file();
+#endif
+
+void X509v3_cleanup_extensions();
+int X509v3_add_extension();
+int X509v3_add_netscape_extensions();
+int X509v3_add_standard_extensions();
+
+X509_LOOKUP *X509_LOOKUP_new();
+void X509_LOOKUP_free();
+int X509_LOOKUP_init();
+int X509_LOOKUP_by_subject();
+int X509_LOOKUP_by_issuer_serial();
+int X509_LOOKUP_by_fingerprint();
+int X509_LOOKUP_by_alias();
+int X509_LOOKUP_shutdown();
+
+#ifndef NO_STDIO
+int X509_STORE_load_locations ();
+int X509_STORE_set_default_paths();
+#endif
+
+int X509_STORE_CTX_set_ex_data();
+char * X509_STORE_CTX_get_ex_data();
+int X509_STORE_CTX_get_error();
+void X509_STORE_CTX_set_error();
+int X509_STORE_CTX_get_error_depth();
+X509 * X509_STORE_CTX_get_current_cert();
+STACK * X509_STORE_CTX_get_chain();
+void X509_STORE_CTX_set_cert();
+void X509_STORE_CTX_set_chain();
+
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+#endif
+
diff --git a/src/lib/libssl/src/crypto/x509/x509name.c b/src/lib/libssl/src/crypto/x509/x509name.c
new file mode 100644
index 0000000000..650e71b1b5
--- /dev/null
+++ b/src/lib/libssl/src/crypto/x509/x509name.c
@@ -0,0 +1,358 @@
+/* crypto/x509/x509name.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "stack.h"
+#include "cryptlib.h"
+#include "asn1.h"
+#include "objects.h"
+#include "evp.h"
+#include "x509.h"
+
+int X509_NAME_get_text_by_NID(name,nid,buf,len)
+X509_NAME *name;
+int nid;
+char *buf;
+int len;
+ {
+ ASN1_OBJECT *obj;
+
+ obj=OBJ_nid2obj(nid);
+ if (obj == NULL) return(-1);
+ return(X509_NAME_get_text_by_OBJ(name,obj,buf,len));
+ }
+
+int X509_NAME_get_text_by_OBJ(name,obj,buf,len)
+X509_NAME *name;
+ASN1_OBJECT *obj;
+char *buf;
+int len;
+ {
+ int i;
+ ASN1_STRING *data;
+
+ i=X509_NAME_get_index_by_OBJ(name,obj,-1);
+ if (i < 0) return(-1);
+ data=X509_NAME_ENTRY_get_data(X509_NAME_get_entry(name,i));
+ i=(data->length > (len-1))?(len-1):data->length;
+ if (buf == NULL) return(data->length);
+ memcpy(buf,data->data,i);
+ buf[i]='\0';
+ return(i);
+ }
+
+int X509_NAME_entry_count(name)
+X509_NAME *name;
+ {
+ if (name == NULL) return(0);
+ return(sk_num(name->entries));
+ }
+
+int X509_NAME_get_index_by_NID(name,nid,lastpos)
+X509_NAME *name;
+int nid;
+int lastpos;
+ {
+ ASN1_OBJECT *obj;
+
+ obj=OBJ_nid2obj(nid);
+ if (obj == NULL) return(-2);
+ return(X509_NAME_get_index_by_OBJ(name,obj,lastpos));
+ }
+
+/* NOTE: you should be passsing -1, not 0 as lastpos */
+int X509_NAME_get_index_by_OBJ(name,obj,lastpos)
+X509_NAME *name;
+ASN1_OBJECT *obj;
+int lastpos;
+ {
+ int n;
+ X509_NAME_ENTRY *ne;
+ STACK *sk;
+
+ if (name == NULL) return(-1);
+ if (lastpos < 0)
+ lastpos= -1;
+ sk=name->entries;
+ n=sk_num(sk);
+ for (lastpos++; lastpos < n; lastpos++)
+ {
+ ne=(X509_NAME_ENTRY *)sk_value(sk,lastpos);
+ if (OBJ_cmp(ne->object,obj) == 0)
+ return(lastpos);
+ }
+ return(-1);
+ }
+
+X509_NAME_ENTRY *X509_NAME_get_entry(name,loc)
+X509_NAME *name;
+int loc;
+ {
+ if ( (name == NULL) || (sk_num(name->entries) <= loc) || (loc < 0))
+ return(NULL);
+ else
+ return((X509_NAME_ENTRY *)sk_value(name->entries,loc));
+ }
+
+X509_NAME_ENTRY *X509_NAME_delete_entry(name,loc)
+X509_NAME *name;
+int loc;
+ {
+ X509_NAME_ENTRY *ret;
+ int i,j,n,set_prev,set_next;
+ STACK *sk;
+
+ if ((name == NULL) || (sk_num(name->entries) <= loc) || (loc < 0))
+ return(NULL);
+ sk=name->entries;
+ ret=(X509_NAME_ENTRY *)sk_delete(sk,loc);
+ n=sk_num(sk);
+ name->modified=1;
+ if (loc == n) return(ret);
+
+ /* else we need to fixup the set field */
+ if (loc != 0)
+ set_prev=((X509_NAME_ENTRY *)sk_value(sk,loc-1))->set;
+ else
+ set_prev=ret->set-1;
+ set_next=((X509_NAME_ENTRY *)sk_value(sk,loc))->set;
+
+ /* set_prev is the previous set
+ * set is the current set
+ * set_next is the following
+ * prev 1 1 1 1 1 1 1 1
+ * set 1 1 2 2
+ * next 1 1 2 2 2 2 3 2
+ * so basically only if prev and next differ by 2, then
+ * re-number down by 1 */
+ if (set_prev+1 < set_next)
+ {
+ j=set_next-set_prev-1;
+ for (i=loc; i<n; i++)
+ ((X509_NAME_ENTRY *)sk_value(sk,loc-1))->set-=j;
+ }
+ return(ret);
+ }
+
+/* if set is -1, append to previous set, 0 'a new one', and 1,
+ * prepend to the guy we are about to stomp on. */
+int X509_NAME_add_entry(name,ne,loc,set)
+X509_NAME *name;
+X509_NAME_ENTRY *ne;
+int loc;
+int set;
+ {
+ X509_NAME_ENTRY *new_name=NULL;
+ int n,i,inc;
+ STACK *sk;
+
+ if (name == NULL) return(0);
+ sk=name->entries;
+ n=sk_num(sk);
+ if (loc > n) loc=n;
+ else if (loc < 0) loc=n;
+
+ name->modified=1;
+
+ if (set == -1)
+ {
+ if (loc == 0)
+ {
+ set=0;
+ inc=1;
+ }
+ else
+ {
+ set=((X509_NAME_ENTRY *)sk_value(sk,loc-1))->set;
+ inc=0;
+ }
+ }
+ else /* if (set >= 0) */
+ {
+ if (loc >= n)
+ {
+ if (loc != 0)
+ set=((X509_NAME_ENTRY *)
+ sk_value(sk,loc-1))->set+1;
+ else
+ set=0;
+ }
+ else
+ set=((X509_NAME_ENTRY *)sk_value(sk,loc))->set;
+ inc=(set == 0)?1:0;
+ }
+
+ if ((new_name=X509_NAME_ENTRY_dup(ne)) == NULL)
+ goto err;
+ new_name->set=set;
+ if (!sk_insert(sk,(char *)new_name,loc))
+ {
+ X509err(X509_F_X509_NAME_ADD_ENTRY,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ if (inc)
+ {
+ n=sk_num(sk);
+ for (i=loc+1; i<n; i++)
+ ((X509_NAME_ENTRY *)sk_value(sk,i-1))->set+=1;
+ }
+ return(1);
+err:
+ if (new_name != NULL)
+ X509_NAME_ENTRY_free(ne);
+ return(0);
+ }
+
+X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(ne,nid,type,bytes,len)
+X509_NAME_ENTRY **ne;
+int nid;
+int type;
+unsigned char *bytes;
+int len;
+ {
+ ASN1_OBJECT *obj;
+
+ obj=OBJ_nid2obj(nid);
+ if (obj == NULL)
+ {
+ X509err(X509_F_X509_NAME_ENTRY_CREATE_BY_NID,X509_R_UNKNOWN_NID);
+ return(NULL);
+ }
+ return(X509_NAME_ENTRY_create_by_OBJ(ne,obj,type,bytes,len));
+ }
+
+X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(ne,obj,type,bytes,len)
+X509_NAME_ENTRY **ne;
+ASN1_OBJECT *obj;
+int type;
+unsigned char *bytes;
+int len;
+ {
+ X509_NAME_ENTRY *ret;
+
+ if ((ne == NULL) || (*ne == NULL))
+ {
+ if ((ret=X509_NAME_ENTRY_new()) == NULL)
+ return(NULL);
+ }
+ else
+ ret= *ne;
+
+ if (!X509_NAME_ENTRY_set_object(ret,obj))
+ goto err;
+ if (!X509_NAME_ENTRY_set_data(ret,type,bytes,len))
+ goto err;
+
+ if ((ne != NULL) && (*ne == NULL)) *ne=ret;
+ return(ret);
+err:
+ if ((ne == NULL) || (ret != *ne))
+ X509_NAME_ENTRY_free(ret);
+ return(NULL);
+ }
+
+int X509_NAME_ENTRY_set_object(ne,obj)
+X509_NAME_ENTRY *ne;
+ASN1_OBJECT *obj;
+ {
+ if ((ne == NULL) || (obj == NULL))
+ {
+ X509err(X509_F_X509_NAME_ENTRY_SET_OBJECT,ERR_R_PASSED_NULL_PARAMETER);
+ return(0);
+ }
+ ASN1_OBJECT_free(ne->object);
+ ne->object=OBJ_dup(obj);
+ return((ne->object == NULL)?0:1);
+ }
+
+int X509_NAME_ENTRY_set_data(ne,type,bytes,len)
+X509_NAME_ENTRY *ne;
+int type;
+unsigned char *bytes;
+int len;
+ {
+ int i;
+
+ if ((ne == NULL) || ((bytes == NULL) && (len != 0))) return(0);
+ if (len < 0) len=strlen((char *)bytes);
+ i=ASN1_STRING_set(ne->value,bytes,len);
+ if (!i) return(0);
+ if (type != V_ASN1_UNDEF)
+ {
+ if (type == V_ASN1_APP_CHOOSE)
+ ne->value->type=ASN1_PRINTABLE_type(bytes,len);
+ else
+ ne->value->type=type;
+ }
+ return(1);
+ }
+
+ASN1_OBJECT *X509_NAME_ENTRY_get_object(ne)
+X509_NAME_ENTRY *ne;
+ {
+ if (ne == NULL) return(NULL);
+ return(ne->object);
+ }
+
+ASN1_STRING *X509_NAME_ENTRY_get_data(ne)
+X509_NAME_ENTRY *ne;
+ {
+ if (ne == NULL) return(NULL);
+ return(ne->value);
+ }
+
diff --git a/src/lib/libssl/src/crypto/x509/x509rset.c b/src/lib/libssl/src/crypto/x509/x509rset.c
new file mode 100644
index 0000000000..323b25470a
--- /dev/null
+++ b/src/lib/libssl/src/crypto/x509/x509rset.c
@@ -0,0 +1,89 @@
+/* crypto/x509/x509rset.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1.h"
+#include "objects.h"
+#include "evp.h"
+#include "x509.h"
+
+int X509_REQ_set_version(x,version)
+X509_REQ *x;
+long version;
+ {
+ if (x == NULL) return(0);
+ return(ASN1_INTEGER_set(x->req_info->version,version));
+ }
+
+int X509_REQ_set_subject_name(x,name)
+X509_REQ *x;
+X509_NAME *name;
+ {
+ if ((x == NULL) || (x->req_info == NULL)) return(0);
+ return(X509_NAME_set(&x->req_info->subject,name));
+ }
+
+int X509_REQ_set_pubkey(x,pkey)
+X509_REQ *x;
+EVP_PKEY *pkey;
+ {
+ if ((x == NULL) || (x->req_info == NULL)) return(0);
+ return(X509_PUBKEY_set(&x->req_info->pubkey,pkey));
+ }
+
diff --git a/src/lib/libssl/src/crypto/x509/x509type.c b/src/lib/libssl/src/crypto/x509/x509type.c
new file mode 100644
index 0000000000..42c23bcfca
--- /dev/null
+++ b/src/lib/libssl/src/crypto/x509/x509type.c
@@ -0,0 +1,115 @@
+/* crypto/x509/x509type.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+int X509_certificate_type(x,pkey)
+X509 *x;
+EVP_PKEY *pkey;
+ {
+ EVP_PKEY *pk;
+ int ret=0,i;
+
+ if (x == NULL) return(0);
+
+ if (pkey == NULL)
+ pk=X509_get_pubkey(x);
+ else
+ pk=pkey;
+
+ if (pk == NULL) return(0);
+
+ switch (pk->type)
+ {
+ case EVP_PKEY_RSA:
+ ret=EVP_PK_RSA|EVP_PKT_SIGN;
+/* if (!sign only extension) */
+ ret|=EVP_PKT_ENC;
+ break;
+ case EVP_PKEY_DSA:
+ ret=EVP_PK_DSA|EVP_PKT_SIGN;
+ break;
+ case EVP_PKEY_DH:
+ ret=EVP_PK_DH|EVP_PKT_EXCH;
+ break;
+ default:
+ break;
+ }
+
+ i=X509_get_signature_type(x);
+ switch (i)
+ {
+ case EVP_PKEY_RSA:
+ ret|=EVP_PKS_RSA;
+ break;
+ case EVP_PKS_DSA:
+ ret|=EVP_PKS_DSA;
+ break;
+ default:
+ break;
+ }
+
+ if (EVP_PKEY_size(pkey) <= 512)
+ ret|=EVP_PKT_EXP;
+ return(ret);
+ }
+
diff --git a/src/lib/libssl/src/crypto/x509/x_all.c b/src/lib/libssl/src/crypto/x509/x_all.c
new file mode 100644
index 0000000000..b7dde23e9a
--- /dev/null
+++ b/src/lib/libssl/src/crypto/x509/x_all.c
@@ -0,0 +1,465 @@
+/* crypto/x509/x_all.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#undef SSLEAY_MACROS
+#include "stack.h"
+#include "cryptlib.h"
+#include "buffer.h"
+#include "asn1.h"
+#include "evp.h"
+#include "x509.h"
+
+int X509_verify(a,r)
+X509 *a;
+EVP_PKEY *r;
+ {
+ return(ASN1_verify((int (*)())i2d_X509_CINF,a->sig_alg,
+ a->signature,(char *)a->cert_info,r));
+ }
+
+int X509_REQ_verify(a,r)
+X509_REQ *a;
+EVP_PKEY *r;
+ {
+ return( ASN1_verify((int (*)())i2d_X509_REQ_INFO,
+ a->sig_alg,a->signature,(char *)a->req_info,r));
+ }
+
+int X509_CRL_verify(a,r)
+X509_CRL *a;
+EVP_PKEY *r;
+ {
+ return(ASN1_verify((int (*)())i2d_X509_CRL_INFO,
+ a->sig_alg, a->signature,(char *)a->crl,r));
+ }
+
+int NETSCAPE_SPKI_verify(a,r)
+NETSCAPE_SPKI *a;
+EVP_PKEY *r;
+ {
+ return(ASN1_verify((int (*)())i2d_NETSCAPE_SPKAC,
+ a->sig_algor,a->signature, (char *)a->spkac,r));
+ }
+
+int X509_sign(x,pkey,md)
+X509 *x;
+EVP_PKEY *pkey;
+EVP_MD *md;
+ {
+ return(ASN1_sign((int (*)())i2d_X509_CINF, x->cert_info->signature,
+ x->sig_alg, x->signature, (char *)x->cert_info,pkey,md));
+ }
+
+int X509_REQ_sign(x,pkey,md)
+X509_REQ *x;
+EVP_PKEY *pkey;
+EVP_MD *md;
+ {
+ return(ASN1_sign((int (*)())i2d_X509_REQ_INFO,x->sig_alg, NULL,
+ x->signature, (char *)x->req_info,pkey,md));
+ }
+
+int X509_CRL_sign(x,pkey,md)
+X509_CRL *x;
+EVP_PKEY *pkey;
+EVP_MD *md;
+ {
+ return(ASN1_sign((int (*)())i2d_X509_CRL_INFO,x->crl->sig_alg,
+ x->sig_alg, x->signature, (char *)x->crl,pkey,md));
+ }
+
+int NETSCAPE_SPKI_sign(x,pkey,md)
+NETSCAPE_SPKI *x;
+EVP_PKEY *pkey;
+EVP_MD *md;
+ {
+ return(ASN1_sign((int (*)())i2d_NETSCAPE_SPKAC, x->sig_algor,NULL,
+ x->signature, (char *)x->spkac,pkey,md));
+ }
+
+X509 *X509_dup(x509)
+X509 *x509;
+ {
+ return((X509 *)ASN1_dup((int (*)())i2d_X509,
+ (char *(*)())d2i_X509,(char *)x509));
+ }
+
+X509_EXTENSION *X509_EXTENSION_dup(ex)
+X509_EXTENSION *ex;
+ {
+ return((X509_EXTENSION *)ASN1_dup(
+ (int (*)())i2d_X509_EXTENSION,
+ (char *(*)())d2i_X509_EXTENSION,(char *)ex));
+ }
+
+#ifndef NO_FP_API
+X509 *d2i_X509_fp(fp,x509)
+FILE *fp;
+X509 *x509;
+ {
+ return((X509 *)ASN1_d2i_fp((char *(*)())X509_new,
+ (char *(*)())d2i_X509, (fp),(unsigned char **)(x509)));
+ }
+
+int i2d_X509_fp(fp,x509)
+FILE *fp;
+X509 *x509;
+ {
+ return(ASN1_i2d_fp(i2d_X509,fp,(unsigned char *)x509));
+ }
+#endif
+
+X509 *d2i_X509_bio(bp,x509)
+BIO *bp;
+X509 *x509;
+ {
+ return((X509 *)ASN1_d2i_bio((char *(*)())X509_new,
+ (char *(*)())d2i_X509, (bp),(unsigned char **)(x509)));
+ }
+
+int i2d_X509_bio(bp,x509)
+BIO *bp;
+X509 *x509;
+ {
+ return(ASN1_i2d_bio(i2d_X509,bp,(unsigned char *)x509));
+ }
+
+X509_CRL *X509_CRL_dup(crl)
+X509_CRL *crl;
+ {
+ return((X509_CRL *)ASN1_dup((int (*)())i2d_X509_CRL,
+ (char *(*)())d2i_X509_CRL,(char *)crl));
+ }
+
+#ifndef NO_FP_API
+X509_CRL *d2i_X509_CRL_fp(fp,crl)
+FILE *fp;
+X509_CRL *crl;
+ {
+ return((X509_CRL *)ASN1_d2i_fp((char *(*)())
+ X509_CRL_new,(char *(*)())d2i_X509_CRL, (fp),
+ (unsigned char **)(crl)));
+ }
+
+int i2d_X509_CRL_fp(fp,crl)
+FILE *fp;
+X509_CRL *crl;
+ {
+ return(ASN1_i2d_fp(i2d_X509_CRL,fp,(unsigned char *)crl));
+ }
+#endif
+
+X509_CRL *d2i_X509_CRL_bio(bp,crl)
+BIO *bp;
+X509_CRL *crl;
+ {
+ return((X509_CRL *)ASN1_d2i_bio((char *(*)())
+ X509_CRL_new,(char *(*)())d2i_X509_CRL, (bp),
+ (unsigned char **)(crl)));
+ }
+
+int i2d_X509_CRL_bio(bp,crl)
+BIO *bp;
+X509_CRL *crl;
+ {
+ return(ASN1_i2d_bio(i2d_X509_CRL,bp,(unsigned char *)crl));
+ }
+
+PKCS7 *PKCS7_dup(p7)
+PKCS7 *p7;
+ {
+ return((PKCS7 *)ASN1_dup((int (*)())i2d_PKCS7,
+ (char *(*)())d2i_PKCS7,(char *)p7));
+ }
+
+#ifndef NO_FP_API
+PKCS7 *d2i_PKCS7_fp(fp,p7)
+FILE *fp;
+PKCS7 *p7;
+ {
+ return((PKCS7 *)ASN1_d2i_fp((char *(*)())
+ PKCS7_new,(char *(*)())d2i_PKCS7, (fp),
+ (unsigned char **)(p7)));
+ }
+
+int i2d_PKCS7_fp(fp,p7)
+FILE *fp;
+PKCS7 *p7;
+ {
+ return(ASN1_i2d_fp(i2d_PKCS7,fp,(unsigned char *)p7));
+ }
+#endif
+
+PKCS7 *d2i_PKCS7_bio(bp,p7)
+BIO *bp;
+PKCS7 *p7;
+ {
+ return((PKCS7 *)ASN1_d2i_bio((char *(*)())
+ PKCS7_new,(char *(*)())d2i_PKCS7, (bp),
+ (unsigned char **)(p7)));
+ }
+
+int i2d_PKCS7_bio(bp,p7)
+BIO *bp;
+PKCS7 *p7;
+ {
+ return(ASN1_i2d_bio(i2d_PKCS7,bp,(unsigned char *)p7));
+ }
+
+X509_REQ *X509_REQ_dup(req)
+X509_REQ *req;
+ {
+ return((X509_REQ *)ASN1_dup((int (*)())i2d_X509_REQ,
+ (char *(*)())d2i_X509_REQ,(char *)req));
+ }
+
+#ifndef NO_FP_API
+X509_REQ *d2i_X509_REQ_fp(fp,req)
+FILE *fp;
+X509_REQ *req;
+ {
+ return((X509_REQ *)ASN1_d2i_fp((char *(*)())
+ X509_REQ_new, (char *(*)())d2i_X509_REQ, (fp),
+ (unsigned char **)(req)));
+ }
+
+int i2d_X509_REQ_fp(fp,req)
+FILE *fp;
+X509_REQ *req;
+ {
+ return(ASN1_i2d_fp(i2d_X509_REQ,fp,(unsigned char *)req));
+ }
+#endif
+
+X509_REQ *d2i_X509_REQ_bio(bp,req)
+BIO *bp;
+X509_REQ *req;
+ {
+ return((X509_REQ *)ASN1_d2i_bio((char *(*)())
+ X509_REQ_new, (char *(*)())d2i_X509_REQ, (bp),
+ (unsigned char **)(req)));
+ }
+
+int i2d_X509_REQ_bio(bp,req)
+BIO *bp;
+X509_REQ *req;
+ {
+ return(ASN1_i2d_bio(i2d_X509_REQ,bp,(unsigned char *)req));
+ }
+
+#ifndef NO_RSA
+RSA *RSAPublicKey_dup(rsa)
+RSA *rsa;
+ {
+ return((RSA *)ASN1_dup((int (*)())i2d_RSAPublicKey,
+ (char *(*)())d2i_RSAPublicKey,(char *)rsa));
+ }
+
+RSA *RSAPrivateKey_dup(rsa)
+RSA *rsa;
+ {
+ return((RSA *)ASN1_dup((int (*)())i2d_RSAPrivateKey,
+ (char *(*)())d2i_RSAPrivateKey,(char *)rsa));
+ }
+
+#ifndef NO_FP_API
+RSA *d2i_RSAPrivateKey_fp(fp,rsa)
+FILE *fp;
+RSA *rsa;
+ {
+ return((RSA *)ASN1_d2i_fp((char *(*)())
+ RSA_new,(char *(*)())d2i_RSAPrivateKey, (fp),
+ (unsigned char **)(rsa)));
+ }
+
+int i2d_RSAPrivateKey_fp(fp,rsa)
+FILE *fp;
+RSA *rsa;
+ {
+ return(ASN1_i2d_fp(i2d_RSAPrivateKey,fp,(unsigned char *)rsa));
+ }
+
+RSA *d2i_RSAPublicKey_fp(fp,rsa)
+FILE *fp;
+RSA *rsa;
+ {
+ return((RSA *)ASN1_d2i_fp((char *(*)())
+ RSA_new,(char *(*)())d2i_RSAPublicKey, (fp),
+ (unsigned char **)(rsa)));
+ }
+
+int i2d_RSAPublicKey_fp(fp,rsa)
+FILE *fp;
+RSA *rsa;
+ {
+ return(ASN1_i2d_fp(i2d_RSAPublicKey,fp,(unsigned char *)rsa));
+ }
+#endif
+
+RSA *d2i_RSAPrivateKey_bio(bp,rsa)
+BIO *bp;
+RSA *rsa;
+ {
+ return((RSA *)ASN1_d2i_bio((char *(*)())
+ RSA_new,(char *(*)())d2i_RSAPrivateKey, (bp),
+ (unsigned char **)(rsa)));
+ }
+
+int i2d_RSAPrivateKey_bio(bp,rsa)
+BIO *bp;
+RSA *rsa;
+ {
+ return(ASN1_i2d_bio(i2d_RSAPrivateKey,bp,(unsigned char *)rsa));
+ }
+
+RSA *d2i_RSAPublicKey_bio(bp,rsa)
+BIO *bp;
+RSA *rsa;
+ {
+ return((RSA *)ASN1_d2i_bio((char *(*)())
+ RSA_new,(char *(*)())d2i_RSAPublicKey, (bp),
+ (unsigned char **)(rsa)));
+ }
+
+int i2d_RSAPublicKey_bio(bp,rsa)
+BIO *bp;
+RSA *rsa;
+ {
+ return(ASN1_i2d_bio(i2d_RSAPublicKey,bp,(unsigned char *)rsa));
+ }
+#endif
+
+#ifndef NO_DSA
+#ifndef NO_FP_API
+DSA *d2i_DSAPrivateKey_fp(fp,dsa)
+FILE *fp;
+DSA *dsa;
+ {
+ return((DSA *)ASN1_d2i_fp((char *(*)())
+ DSA_new,(char *(*)())d2i_DSAPrivateKey, (fp),
+ (unsigned char **)(dsa)));
+ }
+
+int i2d_DSAPrivateKey_fp(fp,dsa)
+FILE *fp;
+DSA *dsa;
+ {
+ return(ASN1_i2d_fp(i2d_DSAPrivateKey,fp,(unsigned char *)dsa));
+ }
+#endif
+
+DSA *d2i_DSAPrivateKey_bio(bp,dsa)
+BIO *bp;
+DSA *dsa;
+ {
+ return((DSA *)ASN1_d2i_bio((char *(*)())
+ DSA_new,(char *(*)())d2i_DSAPrivateKey, (bp),
+ (unsigned char **)(dsa)));
+ }
+
+int i2d_DSAPrivateKey_bio(bp,dsa)
+BIO *bp;
+DSA *dsa;
+ {
+ return(ASN1_i2d_bio(i2d_DSAPrivateKey,bp,(unsigned char *)dsa));
+ }
+#endif
+
+X509_NAME *X509_NAME_dup(xn)
+X509_NAME *xn;
+ {
+ return((X509_NAME *)ASN1_dup((int (*)())i2d_X509_NAME,
+ (char *(*)())d2i_X509_NAME,(char *)xn));
+ }
+
+X509_NAME_ENTRY *X509_NAME_ENTRY_dup(ne)
+X509_NAME_ENTRY *ne;
+ {
+ return((X509_NAME_ENTRY *)ASN1_dup((int (*)())i2d_X509_NAME_ENTRY,
+ (char *(*)())d2i_X509_NAME_ENTRY,(char *)ne));
+ }
+
+int X509_digest(data,type,md,len)
+X509 *data;
+EVP_MD *type;
+unsigned char *md;
+unsigned int *len;
+ {
+ return(ASN1_digest((int (*)())i2d_X509,type,(char *)data,md,len));
+ }
+
+int X509_NAME_digest(data,type,md,len)
+X509_NAME *data;
+EVP_MD *type;
+unsigned char *md;
+unsigned int *len;
+ {
+ return(ASN1_digest((int (*)())i2d_X509_NAME,type,(char *)data,md,len));
+ }
+
+int PKCS7_ISSUER_AND_SERIAL_digest(data,type,md,len)
+PKCS7_ISSUER_AND_SERIAL *data;
+EVP_MD *type;
+unsigned char *md;
+unsigned int *len;
+ {
+ return(ASN1_digest((int (*)())i2d_PKCS7_ISSUER_AND_SERIAL,type,
+ (char *)data,md,len));
+ }
+
diff --git a/src/lib/libssl/src/crypto/x509v3/x509v3.h b/src/lib/libssl/src/crypto/x509v3/x509v3.h
new file mode 100644
index 0000000000..d7945bc9cd
--- /dev/null
+++ b/src/lib/libssl/src/crypto/x509v3/x509v3.h
@@ -0,0 +1,87 @@
+/* crypto/x509v3/x509v3.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#define X509v3_N_KU_digitalSignature 0
+#define X509v3_N_KU_nonRepudiation 1
+#define X509v3_N_KU_keyEncipherment 2
+#define X509v3_N_KU_dataEncipherment 3
+#define X509v3_N_KU_keyAgreement 4
+#define X509v3_N_KU_keyCertSign 5
+#define X509v3_N_KU_cRLSign 6
+#define X509v3_N_KU_encipherOnly 7
+#define X509v3_N_KU_decipherOnly 8
+#define X509v3_N_KU_NUM 9
+#define X509v3_S_KU_digitalSignature "digitalSignature"
+#define X509v3_S_KU_nonRepudiation "nonRepudiation"
+#define X509v3_S_KU_keyEncipherment "keyEncipherment"
+#define X509v3_S_KU_dataEncipherment "dataEncipherment"
+#define X509v3_S_KU_keyAgreement "keyAgreement"
+#define X509v3_S_KU_keyCertSign "keyCertSign"
+#define X509v3_S_KU_cRLSign "cRLSign"
+#define X509v3_S_KU_encipherOnly "encipherOnly"
+#define X509v3_S_KU_decipherOnly "decipherOnly"
+
+
+void X509_ex_clear(X509_EXTENSION *a);
+int X509_ex_get_bool(X509_EXTENSION *a,int num);
+int X509_ex_set_bool(X509_EXTENSION *a,int num,int value);
+int X509_ex_get_str(X509_EXTENSION *a,int index,char **p,int *len);
+int X509_ex_set_str(X509_EXTENSION *a,int oid,int index,char *p,int len);
+char *X509_ex_get_struct(X509_EXTENSION *a,int oid,int index,char **p);
+int X509_ex_set_struct(X509_EXTENSION *a,int index,char *p);
+int a2i_X509_EXTENSION(BIO *bp,X509_EXTENSION *a,char *buf,int len);
+int i2a_X509_EXTENSION(BIO *bp,X509_EXTENSION *a);
diff --git a/src/lib/libssl/src/demos/README b/src/lib/libssl/src/demos/README
new file mode 100644
index 0000000000..769965ab83
--- /dev/null
+++ b/src/lib/libssl/src/demos/README
@@ -0,0 +1,3 @@
+Some demo programs sent to me by various people
+
+eric
diff --git a/src/lib/libssl/src/demos/b64.c b/src/lib/libssl/src/demos/b64.c
new file mode 100644
index 0000000000..42abc42d33
--- /dev/null
+++ b/src/lib/libssl/src/demos/b64.c
@@ -0,0 +1,270 @@
+/* demos/b64.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "apps.h"
+#include "buffer.h"
+#include "err.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+#include "pem.h"
+
+#undef SIZE
+#undef BSIZE
+#undef PROG
+
+#define SIZE (512)
+#define BSIZE (8*1024)
+#define PROG enc_main
+
+int main(argc,argv)
+int argc;
+char **argv;
+ {
+ char *strbuf=NULL;
+ unsigned char *buff=NULL,*bufsize=NULL;
+ int bsize=BSIZE,verbose=0;
+ int ret=1,inl;
+ unsigned char key[24],iv[MD5_DIGEST_LENGTH];
+ char *str=NULL;
+ char *hkey=NULL,*hiv=NULL;
+ int enc=1,printkey=0,i,base64=0;
+ int debug=0;
+ EVP_CIPHER *cipher=NULL,*c;
+ char *inf=NULL,*outf=NULL;
+ BIO *in=NULL,*out=NULL,*b64=NULL,*benc=NULL,*rbio=NULL,*wbio=NULL;
+#define PROG_NAME_SIZE 16
+ char pname[PROG_NAME_SIZE];
+
+
+ apps_startup();
+
+ if (bio_err == NULL)
+ if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+
+ base64=1;
+
+ argc--;
+ argv++;
+ while (argc >= 1)
+ {
+ if (strcmp(*argv,"-e") == 0)
+ enc=1;
+ if (strcmp(*argv,"-in") == 0)
+ {
+ if (--argc < 1) goto bad;
+ inf= *(++argv);
+ }
+ else if (strcmp(*argv,"-out") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outf= *(++argv);
+ }
+ else if (strcmp(*argv,"-d") == 0)
+ enc=0;
+ else if (strcmp(*argv,"-v") == 0)
+ verbose=1;
+ else if (strcmp(*argv,"-debug") == 0)
+ debug=1;
+ else if (strcmp(*argv,"-bufsize") == 0)
+ {
+ if (--argc < 1) goto bad;
+ bufsize=(unsigned char *)*(++argv);
+ }
+ else
+ {
+ BIO_printf(bio_err,"unknown option '%s'\n",*argv);
+bad:
+ BIO_printf(bio_err,"options are\n");
+ BIO_printf(bio_err,"%-14s input file\n","-in <file>");
+ BIO_printf(bio_err,"%-14s output file\n","-out <file>");
+ BIO_printf(bio_err,"%-14s encode\n","-e");
+ BIO_printf(bio_err,"%-14s decode\n","-d");
+ BIO_printf(bio_err,"%-14s buffer size\n","-bufsize <n>");
+
+ goto end;
+ }
+ argc--;
+ argv++;
+ }
+
+ if (bufsize != NULL)
+ {
+ int i;
+ unsigned long n;
+
+ for (n=0; *bufsize; bufsize++)
+ {
+ i= *bufsize;
+ if ((i <= '9') && (i >= '0'))
+ n=n*10+i-'0';
+ else if (i == 'k')
+ {
+ n*=1024;
+ bufsize++;
+ break;
+ }
+ }
+ if (*bufsize != '\0')
+ {
+ BIO_printf(bio_err,"invalid 'bufsize' specified.\n");
+ goto end;
+ }
+
+ /* It must be large enough for a base64 encoded line */
+ if (n < 80) n=80;
+
+ bsize=(int)n;
+ if (verbose) BIO_printf(bio_err,"bufsize=%d\n",bsize);
+ }
+
+ strbuf=Malloc(SIZE);
+ buff=(unsigned char *)Malloc(EVP_ENCODE_LENGTH(bsize));
+ if ((buff == NULL) || (strbuf == NULL))
+ {
+ BIO_printf(bio_err,"Malloc failure\n");
+ goto end;
+ }
+
+ in=BIO_new(BIO_s_file());
+ out=BIO_new(BIO_s_file());
+ if ((in == NULL) || (out == NULL))
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ if (debug)
+ {
+ BIO_set_callback(in,BIO_debug_callback);
+ BIO_set_callback(out,BIO_debug_callback);
+ BIO_set_callback_arg(in,bio_err);
+ BIO_set_callback_arg(out,bio_err);
+ }
+
+ if (inf == NULL)
+ BIO_set_fp(in,stdin,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_read_filename(in,inf) <= 0)
+ {
+ perror(inf);
+ goto end;
+ }
+ }
+
+ if (outf == NULL)
+ BIO_set_fp(out,stdout,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_write_filename(out,outf) <= 0)
+ {
+ perror(outf);
+ goto end;
+ }
+ }
+
+ rbio=in;
+ wbio=out;
+
+ if (base64)
+ {
+ if ((b64=BIO_new(BIO_f_base64())) == NULL)
+ goto end;
+ if (debug)
+ {
+ BIO_set_callback(b64,BIO_debug_callback);
+ BIO_set_callback_arg(b64,bio_err);
+ }
+ if (enc)
+ wbio=BIO_push(b64,wbio);
+ else
+ rbio=BIO_push(b64,rbio);
+ }
+
+ for (;;)
+ {
+ inl=BIO_read(rbio,(char *)buff,bsize);
+ if (inl <= 0) break;
+ if (BIO_write(wbio,(char *)buff,inl) != inl)
+ {
+ BIO_printf(bio_err,"error writing output file\n");
+ goto end;
+ }
+ }
+ BIO_flush(wbio);
+
+ ret=0;
+ if (verbose)
+ {
+ BIO_printf(bio_err,"bytes read :%8ld\n",BIO_number_read(in));
+ BIO_printf(bio_err,"bytes written:%8ld\n",BIO_number_written(out));
+ }
+end:
+ if (strbuf != NULL) Free(strbuf);
+ if (buff != NULL) Free(buff);
+ if (in != NULL) BIO_free(in);
+ if (out != NULL) BIO_free(out);
+ if (benc != NULL) BIO_free(benc);
+ if (b64 != NULL) BIO_free(b64);
+ EXIT(ret);
+ }
+
diff --git a/src/lib/libssl/src/demos/b64.pl b/src/lib/libssl/src/demos/b64.pl
new file mode 100644
index 0000000000..dc5d983787
--- /dev/null
+++ b/src/lib/libssl/src/demos/b64.pl
@@ -0,0 +1,20 @@
+#!/usr/bin/perl
+
+#
+# Make PEM encoded data have lines of 64 bytes of data
+#
+
+while (<>)
+ {
+ if (/^-----BEGIN/ .. /^-----END/)
+ {
+ if (/^-----BEGIN/) { $first=$_; next; }
+ if (/^-----END/) { $last=$_; next; }
+ $out.=$_;
+ }
+ }
+$out =~ s/\s//g;
+$out =~ s/(.{64})/$1\n/g;
+print "$first$out\n$last\n";
+
+
diff --git a/src/lib/libssl/src/demos/bio/README b/src/lib/libssl/src/demos/bio/README
new file mode 100644
index 0000000000..0b24e5b80c
--- /dev/null
+++ b/src/lib/libssl/src/demos/bio/README
@@ -0,0 +1,3 @@
+This directory contains some simple examples of the use of BIO's
+to simplify socket programming.
+
diff --git a/src/lib/libssl/src/demos/bio/saccept.c b/src/lib/libssl/src/demos/bio/saccept.c
new file mode 100644
index 0000000000..920eab397c
--- /dev/null
+++ b/src/lib/libssl/src/demos/bio/saccept.c
@@ -0,0 +1,107 @@
+/* NOCW */
+/* demos/bio/saccept.c */
+
+/* A minimal program to server an SSL connection.
+ * It uses blocking.
+ * saccept host:port
+ * host is the interface IP to use. If any interface, use *:port
+ * The default it *:4433
+ *
+ * cc -I../../include saccept.c -L../.. -lssl -lcrypto
+ */
+
+#include <stdio.h>
+#include <signal.h>
+#include "err.h"
+#include "ssl.h"
+
+#define CERT_FILE "server.pem"
+
+BIO *in=NULL;
+
+void close_up()
+ {
+ if (in != NULL)
+ BIO_free(in);
+ }
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ char *port=NULL;
+ BIO *ssl_bio,*tmp;
+ SSL_CTX *ctx;
+ SSL *ssl;
+ char buf[512];
+ int ret=1,i;
+
+ if (argc <= 1)
+ port="*:4433";
+ else
+ port=argv[1];
+
+ signal(SIGINT,close_up);
+
+ SSL_load_error_strings();
+
+ /* Add ciphers and message digests */
+ SSLeay_add_ssl_algorithms();
+
+ ctx=SSL_CTX_new(SSLv23_server_method());
+ if (!SSL_CTX_use_certificate_file(ctx,CERT_FILE,SSL_FILETYPE_PEM))
+ goto err;
+ if (!SSL_CTX_use_PrivateKey_file(ctx,CERT_FILE,SSL_FILETYPE_PEM))
+ goto err;
+ if (!SSL_CTX_check_private_key(ctx))
+ goto err;
+
+ /* Setup server side SSL bio */
+ ssl=SSL_new(ctx);
+ ssl_bio=BIO_new_ssl(ctx,0);
+
+ if ((in=BIO_new_accept(port)) == NULL) goto err;
+
+ /* This means that when a new connection is acceptede on 'in',
+ * The ssl_bio will be 'dupilcated' and have the new socket
+ * BIO push into it. Basically it means the SSL BIO will be
+ * automatically setup */
+ BIO_set_accept_bios(in,ssl_bio);
+
+again:
+ /* The first call will setup the accept socket, and the second
+ * will get a socket. In this loop, the first actual accept
+ * will occur in the BIO_read() function. */
+
+ if (BIO_do_accept(in) <= 0) goto err;
+
+ for (;;)
+ {
+ i=BIO_read(in,buf,512);
+ if (i == 0)
+ {
+ /* If we have finished, remove the underlying
+ * BIO stack so the next time we call any function
+ * for this BIO, it will attempt to do an
+ * accept */
+ printf("Done\n");
+ tmp=BIO_pop(in);
+ BIO_free_all(tmp);
+ goto again;
+ }
+ if (i < 0) goto err;
+ fwrite(buf,1,i,stdout);
+ fflush(stdout);
+ }
+
+ ret=0;
+err:
+ if (ret)
+ {
+ ERR_print_errors_fp(stderr);
+ }
+ if (in != NULL) BIO_free(in);
+ exit(ret);
+ return(!ret);
+ }
+
diff --git a/src/lib/libssl/src/demos/bio/sconnect.c b/src/lib/libssl/src/demos/bio/sconnect.c
new file mode 100644
index 0000000000..8a667f5911
--- /dev/null
+++ b/src/lib/libssl/src/demos/bio/sconnect.c
@@ -0,0 +1,115 @@
+/* NOCW */
+/* demos/bio/sconnect.c */
+
+/* A minimal program to do SSL to a passed host and port.
+ * It is actually using non-blocking IO but in a very simple manner
+ * sconnect host:port - it does a 'GET / HTTP/1.0'
+ *
+ * cc -I../../include sconnect.c -L../.. -lssl -lcrypto
+ */
+#include <stdio.h>
+#include <stdlib.h>
+#include "err.h"
+#include "ssl.h"
+
+extern int errno;
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ char *host;
+ BIO *out;
+ char buf[1024*10],*p;
+ SSL_CTX *ssl_ctx=NULL;
+ SSL *ssl;
+ BIO *ssl_bio;
+ int i,len,off,ret=1;
+
+ if (argc <= 1)
+ host="localhost:4433";
+ else
+ host=argv[1];
+
+ /* Lets get nice error messages */
+ SSL_load_error_strings();
+
+ /* Setup all the global SSL stuff */
+ SSLeay_add_ssl_algorithms();
+ ssl_ctx=SSL_CTX_new(SSLv23_client_method());
+
+ /* Lets make a SSL structure */
+ ssl=SSL_new(ssl_ctx);
+ SSL_set_connect_state(ssl);
+
+ /* Use it inside an SSL BIO */
+ ssl_bio=BIO_new(BIO_f_ssl());
+ BIO_set_ssl(ssl_bio,ssl,BIO_CLOSE);
+
+ /* Lets use a connect BIO under the SSL BIO */
+ out=BIO_new(BIO_s_connect());
+ BIO_set_hostname(out,host);
+ BIO_set_nbio(out,1);
+ out=BIO_push(ssl_bio,out);
+
+ p="GET / HTTP/1.0\r\n\r\n";
+ len=strlen(p);
+
+ off=0;
+ for (;;)
+ {
+ i=BIO_write(out,&(p[off]),len);
+ if (i <= 0)
+ {
+ if (BIO_should_retry(out))
+ {
+ fprintf(stderr,"write DELAY\n");
+ sleep(1);
+ continue;
+ }
+ else
+ {
+ goto err;
+ }
+ }
+ off+=i;
+ len-=i;
+ if (len <= 0) break;
+ }
+
+ for (;;)
+ {
+ i=BIO_read(out,buf,sizeof(buf));
+ if (i == 0) break;
+ if (i < 0)
+ {
+ if (BIO_should_retry(out))
+ {
+ fprintf(stderr,"read DELAY\n");
+ sleep(1);
+ continue;
+ }
+ goto err;
+ }
+ fwrite(buf,1,i,stdout);
+ }
+
+ ret=1;
+
+ if (0)
+ {
+err:
+ if (ERR_peek_error() == 0) /* system call error */
+ {
+ fprintf(stderr,"errno=%d ",errno);
+ perror("error");
+ }
+ else
+ ERR_print_errors_fp(stderr);
+ }
+ BIO_free_all(out);
+ if (ssl_ctx != NULL) SSL_CTX_free(ssl_ctx);
+ exit(!ret);
+ return(ret);
+ }
+
diff --git a/src/lib/libssl/src/demos/bio/server.pem b/src/lib/libssl/src/demos/bio/server.pem
new file mode 100644
index 0000000000..5cf1387d65
--- /dev/null
+++ b/src/lib/libssl/src/demos/bio/server.pem
@@ -0,0 +1,30 @@
+subject=/C=AU/SP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
+issuer= /C=AU/SP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
+-----BEGIN X509 CERTIFICATE-----
+
+MIIBgjCCASwCAQQwDQYJKoZIhvcNAQEEBQAwODELMAkGA1UEBhMCQVUxDDAKBgNV
+BAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3JzYSB0ZXN0IENBMB4XDTk1MTAwOTIz
+MzIwNVoXDTk4MDcwNTIzMzIwNVowYDELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FM
+RDEZMBcGA1UEChMQTWluY29tIFB0eS4gTHRkLjELMAkGA1UECxMCQ1MxGzAZBgNV
+BAMTElNTTGVheSBkZW1vIHNlcnZlcjBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQC3
+LCXcScWua0PFLkHBLm2VejqpA1F4RQ8q0VjRiPafjx/Z/aWH3ipdMVvuJGa/wFXb
+/nDFLDlfWp+oCPwhBtVPAgMBAAEwDQYJKoZIhvcNAQEEBQADQQArNFsihWIjBzb0
+DCsU0BvL2bvSwJrPEqFlkDq3F4M6EGutL9axEcANWgbbEdAvNJD1dmEmoWny27Pn
+IMs6ZOZB
+-----END X509 CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+
+MIIBPAIBAAJBALcsJdxJxa5rQ8UuQcEubZV6OqkDUXhFDyrRWNGI9p+PH9n9pYfe
+Kl0xW+4kZr/AVdv+cMUsOV9an6gI/CEG1U8CAwEAAQJAXJMBZ34ZXHd1vtgL/3hZ
+hexKbVTx/djZO4imXO/dxPGRzG2ylYZpHmG32/T1kaHpZlCHoEPgHoSzmxYXfxjG
+sQIhAPmZ/bQOjmRUHM/VM2X5zrjjM6z18R1P6l3ObFwt9FGdAiEAu943Yh9SqMRw
+tL0xHGxKmM/YJueUw1gB6sLkETN71NsCIQCeT3RhoqXfrpXDoEcEU+gwzjI1bpxq
+agiNTOLfqGoA5QIhAIQFYjgzONxex7FLrsKBm16N2SFl5pXsN9SpRqqL2n63AiEA
+g9VNIQ3xwpw7og3IbONifeku+J9qGMGQJMKwSTwrFtI=
+-----END RSA PRIVATE KEY-----
+
+-----BEGIN DH PARAMETERS-----
+MEYCQQDaWDwW2YUiidDkr3VvTMqS3UvlM7gE+w/tlO+cikQD7VdGUNNpmdsp13Yn
+a6LT1BLiGPTdHghM9tgAPnxHdOgzAgEC
+-----END DH PARAMETERS-----
+
diff --git a/src/lib/libssl/src/demos/maurice/Makefile b/src/lib/libssl/src/demos/maurice/Makefile
new file mode 100644
index 0000000000..fa67dcca81
--- /dev/null
+++ b/src/lib/libssl/src/demos/maurice/Makefile
@@ -0,0 +1,23 @@
+CC=cc
+CFLAGS= -g -I../../include
+LIBS= -L/usr/local/ssl/lib -L../.. -lcrypto
+EXAMPLES=example1 example2 example3 example4
+
+all: $(EXAMPLES)
+
+example1: example1.o loadkeys.o
+ $(CC) -o example1 example1.o loadkeys.o $(LIBS)
+
+example2: example2.o loadkeys.o
+ $(CC) -o example2 example2.o loadkeys.o $(LIBS)
+
+example3: example3.o
+ $(CC) -o example3 example3.o $(LIBS)
+
+example4: example4.o
+ $(CC) -o example4 example4.o $(LIBS)
+
+
+clean:
+ rm -f $(EXAMPLES) *.o
+
diff --git a/src/lib/libssl/src/demos/maurice/README b/src/lib/libssl/src/demos/maurice/README
new file mode 100644
index 0000000000..29778d55cb
--- /dev/null
+++ b/src/lib/libssl/src/demos/maurice/README
@@ -0,0 +1,34 @@
+From Maurice Gittens <mgittens@gits.nl>
+--
+ Example programs, demonstrating some basic SSLeay crypto library
+ operations, to help you not to make the same mistakes I did.
+
+ The following files are present.
+ - loadkeys.c Demonstrates the loading and of public and
+ private keys.
+ - loadkeys.h The interface for loadkeys.c
+ - example1.c Demonstrates the sealing and opening API's
+ - example2.c Demonstrates rsa encryption and decryption
+ - example3.c Demonstrates the use of symmetric block ciphers
+ - example4.c Demonstrates base64 and decoding
+ - Makefile A makefile you probably will have to adjust for
+ your environment
+ - README this file
+
+
+ The programs were written by Maurice Gittens <mgittens@gits.nl>
+ with the necesary help from Eric Young <eay@cryptsoft.com>
+
+ You may do as you please with these programs, but please don't
+ pretend that you wrote them.
+
+ To be complete: If you use these programs you acknowlegde that
+ you are aware that there is NO warranty of any kind associated
+ with these programs. I don't even claim that the programs work,
+ they are provided AS-IS.
+
+ January 1997
+
+ Maurice
+
+
diff --git a/src/lib/libssl/src/demos/maurice/cert.pem b/src/lib/libssl/src/demos/maurice/cert.pem
new file mode 100644
index 0000000000..e31a9ae05f
--- /dev/null
+++ b/src/lib/libssl/src/demos/maurice/cert.pem
@@ -0,0 +1,77 @@
+issuer :/C=NL/SP=Brabant/L=Eindhoven/O=Gittens Information Systems B.V./OU=Certification Services/CN=ca.gits.nl/Email=mgittens@gits.nl
+subject:/C=NL/SP=Brabant/O=Gittens Information Systems B.V./OU=Certification Services/CN=caleb.gits.nl/Email=mgittens@gits.nl
+serial :01
+
+Certificate:
+ Data:
+ Version: 0 (0x0)
+ Serial Number: 1 (0x1)
+ Signature Algorithm: md5withRSAEncryption
+ Issuer: C=NL, SP=Brabant, L=Eindhoven, O=Gittens Information Systems B.V., OU=Certification Services, CN=ca.gits.nl/Email=mgittens@gits.nl
+ Validity
+ Not Before: Jan 5 13:21:16 1997 GMT
+ Not After : Jul 24 13:21:16 1997 GMT
+ Subject: C=NL, SP=Brabant, O=Gittens Information Systems B.V., OU=Certification Services, CN=caleb.gits.nl/Email=mgittens@gits.nl
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Modulus:
+ 00:dd:82:a0:fe:a9:8d:6a:02:7e:78:d6:33:75:9b:
+ 82:01:4b:12:80:ea:6b:9b:83:9e:e3:ae:dc:f3:d0:
+ 71:7c:4b:ea:03:57:b4:cc:ba:44:5b:b8:4b:49:d3:
+ f6:39:cc:3d:12:1f:da:58:26:27:bc:bc:ab:a4:6d:
+ 62:d1:91:5a:47:9f:80:40:c1:b9:fa:e3:1e:ef:52:
+ 78:46:26:43:65:1d:f2:6b:bf:ff:c0:81:66:14:cd:
+ 81:32:91:f1:f8:51:7d:0e:17:1f:27:fc:c7:51:fd:
+ 1c:73:41:e5:66:43:3c:67:a3:09:b9:5e:36:50:50:
+ b1:e8:42:bd:5c:c6:2b:ec:a9:2c:fe:6a:fe:40:26:
+ 64:9e:b9:bf:2d:1d:fb:d0:48:5b:82:2a:8e:ab:a4:
+ d5:7b:5f:26:84:8a:9a:69:5e:c1:71:e2:a9:59:4c:
+ 2a:76:f7:fd:f4:cf:3f:d3:ce:30:72:62:65:1c:e9:
+ e9:ee:d2:fc:44:00:1e:e0:80:57:e9:41:b3:f0:44:
+ e5:0f:77:3b:1a:1f:57:5e:94:1d:c3:a5:fa:af:41:
+ 8c:4c:30:6b:2b:00:84:52:0c:64:0c:a8:5b:17:16:
+ d1:1e:f8:ea:72:01:47:9a:b9:21:95:f9:71:ed:7c:
+ d2:93:54:0c:c5:9c:e8:e5:40:28:c5:a0:ca:b1:a9:
+ 20:f9
+ Exponent: 65537 (0x10001)
+ Signature Algorithm: md5withRSAEncryption
+ 93:08:f9:e0:d4:c5:ca:95:de:4e:38:3b:28:87:e9:d3:b6:ce:
+ 4f:69:2e:c9:09:57:2f:fa:e2:50:9f:39:ec:f3:84:e8:3a:8f:
+ 9b:c3:06:62:90:49:93:6d:23:7a:2b:3d:7b:f9:46:32:18:d3:
+ 87:44:49:f7:29:2f:f3:58:97:70:c3:45:5b:90:52:1c:df:fb:
+ a8:a3:a1:29:53:a3:4c:ed:d2:51:d0:44:98:a4:14:6f:76:9d:
+ 0d:03:76:e5:d3:13:21:ce:a3:4d:2a:77:fe:ad:b3:47:6d:42:
+ b9:4a:0e:ff:61:f4:ec:62:b2:3b:00:9c:ac:16:a2:ec:19:c8:
+ c7:3d:d7:7d:97:cd:4d:1a:d2:00:07:4e:40:3d:b9:ba:1e:e2:
+ fe:81:28:57:b9:ad:2b:74:59:b0:9f:8b:a5:98:d3:75:06:67:
+ 4a:04:11:b2:ea:1a:8c:e0:d4:be:c8:0c:46:76:7f:5f:5a:7b:
+ 72:09:dd:b6:d3:6b:97:70:e8:7e:17:74:1c:f7:3a:5f:e3:fa:
+ c2:f7:95:bd:74:5e:44:4b:9b:bd:27:de:02:7f:87:1f:68:68:
+ 60:b9:f4:1d:2b:7b:ce:ef:b1:7f:3a:be:b9:66:60:54:6f:0c:
+ a0:dd:8c:03:a7:f1:9f:f8:0e:8d:bb:c6:ba:77:61:f7:8e:be:
+ 28:ba:d8:4f
+
+-----BEGIN CERTIFICATE-----
+MIIDzzCCArcCAQEwDQYJKoZIhvcNAQEEBQAwgbUxCzAJBgNVBAYTAk5MMRAwDgYD
+VQQIEwdCcmFiYW50MRIwEAYDVQQHEwlFaW5kaG92ZW4xKTAnBgNVBAoTIEdpdHRl
+bnMgSW5mb3JtYXRpb24gU3lzdGVtcyBCLlYuMR8wHQYDVQQLExZDZXJ0aWZpY2F0
+aW9uIFNlcnZpY2VzMRMwEQYDVQQDEwpjYS5naXRzLm5sMR8wHQYJKoZIhvcNAQkB
+FhBtZ2l0dGVuc0BnaXRzLm5sMB4XDTk3MDEwNTEzMjExNloXDTk3MDcyNDEzMjEx
+NlowgaQxCzAJBgNVBAYTAk5MMRAwDgYDVQQIEwdCcmFiYW50MSkwJwYDVQQKEyBH
+aXR0ZW5zIEluZm9ybWF0aW9uIFN5c3RlbXMgQi5WLjEfMB0GA1UECxMWQ2VydGlm
+aWNhdGlvbiBTZXJ2aWNlczEWMBQGA1UEAxMNY2FsZWIuZ2l0cy5ubDEfMB0GCSqG
+SIb3DQEJARYQbWdpdHRlbnNAZ2l0cy5ubDCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBAN2CoP6pjWoCfnjWM3WbggFLEoDqa5uDnuOu3PPQcXxL6gNXtMy6
+RFu4S0nT9jnMPRIf2lgmJ7y8q6RtYtGRWkefgEDBufrjHu9SeEYmQ2Ud8mu//8CB
+ZhTNgTKR8fhRfQ4XHyf8x1H9HHNB5WZDPGejCbleNlBQsehCvVzGK+ypLP5q/kAm
+ZJ65vy0d+9BIW4Iqjquk1XtfJoSKmmlewXHiqVlMKnb3/fTPP9POMHJiZRzp6e7S
+/EQAHuCAV+lBs/BE5Q93OxofV16UHcOl+q9BjEwwaysAhFIMZAyoWxcW0R746nIB
+R5q5IZX5ce180pNUDMWc6OVAKMWgyrGpIPkCAwEAATANBgkqhkiG9w0BAQQFAAOC
+AQEAkwj54NTFypXeTjg7KIfp07bOT2kuyQlXL/riUJ857POE6DqPm8MGYpBJk20j
+eis9e/lGMhjTh0RJ9ykv81iXcMNFW5BSHN/7qKOhKVOjTO3SUdBEmKQUb3adDQN2
+5dMTIc6jTSp3/q2zR21CuUoO/2H07GKyOwCcrBai7BnIxz3XfZfNTRrSAAdOQD25
+uh7i/oEoV7mtK3RZsJ+LpZjTdQZnSgQRsuoajODUvsgMRnZ/X1p7cgndttNrl3Do
+fhd0HPc6X+P6wveVvXReREubvSfeAn+HH2hoYLn0HSt7zu+xfzq+uWZgVG8MoN2M
+A6fxn/gOjbvGundh946+KLrYTw==
+-----END CERTIFICATE-----
+
diff --git a/src/lib/libssl/src/demos/maurice/example1.c b/src/lib/libssl/src/demos/maurice/example1.c
new file mode 100644
index 0000000000..77730d3232
--- /dev/null
+++ b/src/lib/libssl/src/demos/maurice/example1.c
@@ -0,0 +1,200 @@
+/* NOCW */
+/*
+ Please read the README file for condition of use, before
+ using this software.
+
+ Maurice Gittens <mgittens@gits.nl> January 1997
+*/
+
+#include <unistd.h>
+#include <stdio.h>
+#include <netinet/in.h>
+#include <fcntl.h>
+#include <strings.h>
+#include <stdlib.h>
+
+#include "rsa.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+#include "err.h"
+#include "pem.h"
+#include "ssl.h"
+
+#include "loadkeys.h"
+
+#define PUBFILE "cert.pem"
+#define PRIVFILE "privkey.pem"
+
+#define STDIN 0
+#define STDOUT 1
+
+void main_encrypt(void);
+void main_decrypt(void);
+
+static const char *usage = "Usage: example1 [-d]\n";
+
+int main(int argc, char *argv[])
+{
+
+ ERR_load_crypto_strings();
+
+ if ((argc == 1))
+ {
+ main_encrypt();
+ }
+ else if ((argc == 2) && !strcmp(argv[1],"-d"))
+ {
+ main_decrypt();
+ }
+ else
+ {
+ printf("%s",usage);
+ exit(1);
+ }
+
+ return 0;
+}
+
+void main_encrypt(void)
+{
+ unsigned int ebuflen;
+ EVP_CIPHER_CTX ectx;
+ unsigned char iv[EVP_MAX_IV_LENGTH];
+ unsigned char *ekey[1];
+ int readlen;
+ int ekeylen, net_ekeylen;
+ EVP_PKEY *pubKey[1];
+ char buf[512];
+ char ebuf[512];
+
+ memset(iv, '\0', sizeof(iv));
+
+ pubKey[0] = ReadPublicKey(PUBFILE);
+
+ if(!pubKey)
+ {
+ fprintf(stderr,"Error: can't load public key");
+ exit(1);
+ }
+
+ ekey[0] = malloc(EVP_PKEY_size(pubKey[0]));
+ if (!ekey[0])
+ {
+ EVP_PKEY_free(pubKey[0]);
+ perror("malloc");
+ exit(1);
+ }
+
+ EVP_SealInit(&ectx,
+ EVP_des_ede3_cbc(),
+ ekey,
+ &ekeylen,
+ iv,
+ pubKey,
+ 1);
+
+ net_ekeylen = htonl(ekeylen);
+ write(STDOUT, (char*)&net_ekeylen, sizeof(net_ekeylen));
+ write(STDOUT, ekey[0], ekeylen);
+ write(STDOUT, iv, sizeof(iv));
+
+ while(1)
+ {
+ readlen = read(STDIN, buf, sizeof(buf));
+
+ if (readlen <= 0)
+ {
+ if (readlen < 0)
+ perror("read");
+
+ break;
+ }
+
+ EVP_SealUpdate(&ectx, ebuf, &ebuflen, buf, readlen);
+
+ write(STDOUT, ebuf, ebuflen);
+ }
+
+ EVP_SealFinal(&ectx, ebuf, &ebuflen);
+
+ write(STDOUT, ebuf, ebuflen);
+
+ EVP_PKEY_free(pubKey[0]);
+ free(ekey[0]);
+}
+
+void main_decrypt(void)
+{
+ char buf[512];
+ char ebuf[512];
+ unsigned int buflen;
+ EVP_CIPHER_CTX ectx;
+ unsigned char iv[8];
+ unsigned char *encryptKey;
+ unsigned int ekeylen;
+ EVP_PKEY *privateKey;
+
+ memset(iv, '\0', sizeof(iv));
+
+ privateKey = ReadPrivateKey(PRIVFILE);
+ if (!privateKey)
+ {
+ fprintf(stderr, "Error: can't load private key");
+ exit(1);
+ }
+
+ read(STDIN, &ekeylen, sizeof(ekeylen));
+ ekeylen = ntohl(ekeylen);
+
+ if (ekeylen != EVP_PKEY_size(privateKey))
+ {
+ EVP_PKEY_free(privateKey);
+ fprintf(stderr, "keylength mismatch");
+ exit(1);
+ }
+
+ encryptKey = malloc(sizeof(char) * ekeylen);
+ if (!encryptKey)
+ {
+ EVP_PKEY_free(privateKey);
+ perror("malloc");
+ exit(1);
+ }
+
+ read(STDIN, encryptKey, ekeylen);
+ read(STDIN, iv, sizeof(iv));
+
+ EVP_OpenInit(&ectx,
+ EVP_des_ede3_cbc(),
+ encryptKey,
+ ekeylen,
+ iv,
+ privateKey);
+
+ while(1)
+ {
+ int readlen = read(STDIN, ebuf, sizeof(ebuf));
+
+ if (readlen <= 0)
+ {
+ if (readlen < 0)
+ perror("read");
+
+ break;
+ }
+
+ EVP_OpenUpdate(&ectx, buf, &buflen, ebuf, readlen);
+
+ write(STDOUT, buf, buflen);
+ }
+
+ EVP_OpenFinal(&ectx, buf, &buflen);
+
+ write(STDOUT, buf, buflen);
+
+ EVP_PKEY_free(privateKey);
+ free(encryptKey);
+}
+
+
diff --git a/src/lib/libssl/src/demos/maurice/example2.c b/src/lib/libssl/src/demos/maurice/example2.c
new file mode 100644
index 0000000000..99f7b22440
--- /dev/null
+++ b/src/lib/libssl/src/demos/maurice/example2.c
@@ -0,0 +1,77 @@
+/* NOCW */
+/*
+ Please read the README file for condition of use, before
+ using this software.
+
+ Maurice Gittens <mgittens@gits.nl> January 1997
+*/
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <strings.h>
+
+#include "rsa.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+#include "err.h"
+#include "pem.h"
+#include "ssl.h"
+
+#include "loadkeys.h"
+
+#define PUBFILE "cert.pem"
+#define PRIVFILE "privkey.pem"
+#define STDIN 0
+#define STDOUT 1
+
+int main()
+{
+ char *ct = "This the clear text";
+ char *buf;
+ char *buf2;
+ EVP_PKEY *pubKey;
+ EVP_PKEY *privKey;
+ int len;
+ FILE *fp;
+
+ ERR_load_crypto_strings();
+
+ privKey = ReadPrivateKey(PRIVFILE);
+ if (!privKey)
+ {
+ ERR_print_errors_fp (stderr);
+ exit (1);
+ }
+
+ pubKey = ReadPublicKey(PUBFILE);
+ if(!pubKey)
+ {
+ EVP_PKEY_free(privKey);
+ fprintf(stderr,"Error: can't load public key");
+ exit(1);
+ }
+
+ /* No error checking */
+ buf = malloc(EVP_PKEY_size(pubKey));
+ buf2 = malloc(EVP_PKEY_size(pubKey));
+
+ len = RSA_public_encrypt(strlen(ct)+1, ct, buf, pubKey->pkey.rsa,RSA_PKCS1_PADDING);
+
+ if (len != EVP_PKEY_size(pubKey))
+ {
+ fprintf(stderr,"Error: ciphertext should match length of key\n");
+ exit(1);
+ }
+
+ RSA_private_decrypt(len, buf, buf2, privKey->pkey.rsa,RSA_PKCS1_PADDING);
+
+ printf("%s\n", buf2);
+
+ EVP_PKEY_free(privKey);
+ EVP_PKEY_free(pubKey);
+ free(buf);
+ free(buf2);
+}
+
+
diff --git a/src/lib/libssl/src/demos/maurice/example3.c b/src/lib/libssl/src/demos/maurice/example3.c
new file mode 100644
index 0000000000..fcaff00c37
--- /dev/null
+++ b/src/lib/libssl/src/demos/maurice/example3.c
@@ -0,0 +1,86 @@
+/* NOCW */
+/*
+ Please read the README file for condition of use, before
+ using this software.
+
+ Maurice Gittens <mgittens@gits.nl> January 1997
+
+*/
+
+#include <stdio.h>
+#include <fcntl.h>
+#include <sys/stat.h>
+#include <evp.h>
+
+#define STDIN 0
+#define STDOUT 1
+#define BUFLEN 512
+#define INIT_VECTOR "12345678"
+#define ENCRYPT 1
+#define DECRYPT 0
+#define ALG EVP_des_ede3_cbc()
+
+static const char *usage = "Usage: example3 [-d] password\n";
+
+void do_cipher(char *,int);
+
+int main(int argc, char *argv[])
+{
+ if ((argc == 2))
+ {
+ do_cipher(argv[1],ENCRYPT);
+ }
+ else if ((argc == 3) && !strcmp(argv[1],"-d"))
+ {
+ do_cipher(argv[2],DECRYPT);
+ }
+ else
+ {
+ fprintf(stderr,"%s", usage);
+ exit(1);
+ }
+
+ return 0;
+}
+
+void do_cipher(char *pw, int operation)
+{
+ char buf[BUFLEN];
+ char ebuf[BUFLEN + 8];
+ unsigned int ebuflen, rc;
+ unsigned char iv[EVP_MAX_IV_LENGTH], key[EVP_MAX_KEY_LENGTH];
+ unsigned int ekeylen, net_ekeylen;
+ EVP_CIPHER_CTX ectx;
+
+ memcpy(iv, INIT_VECTOR, sizeof(iv));
+
+ EVP_BytesToKey(ALG, EVP_md5(), "salu", pw, strlen(pw), 1, key, iv);
+
+ EVP_CipherInit(&ectx, ALG, key, iv, operation);
+
+ while(1)
+ {
+ int readlen = read(STDIN, buf, sizeof(buf));
+
+ if (readlen <= 0)
+ {
+ if (!readlen)
+ break;
+ else
+ {
+ perror("read");
+ exit(1);
+ }
+ }
+
+ EVP_CipherUpdate(&ectx, ebuf, &ebuflen, buf, readlen);
+
+ write(STDOUT, ebuf, ebuflen);
+ }
+
+ EVP_CipherFinal(&ectx, ebuf, &ebuflen);
+
+ write(STDOUT, ebuf, ebuflen);
+}
+
+
diff --git a/src/lib/libssl/src/demos/maurice/example4.c b/src/lib/libssl/src/demos/maurice/example4.c
new file mode 100644
index 0000000000..d436a20019
--- /dev/null
+++ b/src/lib/libssl/src/demos/maurice/example4.c
@@ -0,0 +1,122 @@
+/* NOCW */
+/*
+ Please read the README file for condition of use, before
+ using this software.
+
+ Maurice Gittens <mgittens@gits.nl> January 1997
+
+*/
+
+#include <stdio.h>
+#include <fcntl.h>
+#include <sys/stat.h>
+#include <evp.h>
+
+#define STDIN 0
+#define STDOUT 1
+#define BUFLEN 512
+
+static const char *usage = "Usage: example4 [-d]\n";
+
+void do_encode(void);
+void do_decode(void);
+
+int main(int argc, char *argv[])
+{
+ if ((argc == 1))
+ {
+ do_encode();
+ }
+ else if ((argc == 2) && !strcmp(argv[1],"-d"))
+ {
+ do_decode();
+ }
+ else
+ {
+ fprintf(stderr,"%s", usage);
+ exit(1);
+ }
+
+ return 0;
+}
+
+void do_encode()
+{
+ char buf[BUFLEN];
+ char ebuf[BUFLEN+24];
+ unsigned int ebuflen, rc;
+ EVP_ENCODE_CTX ectx;
+
+ EVP_EncodeInit(&ectx);
+
+ while(1)
+ {
+ int readlen = read(STDIN, buf, sizeof(buf));
+
+ if (readlen <= 0)
+ {
+ if (!readlen)
+ break;
+ else
+ {
+ perror("read");
+ exit(1);
+ }
+ }
+
+ EVP_EncodeUpdate(&ectx, ebuf, &ebuflen, buf, readlen);
+
+ write(STDOUT, ebuf, ebuflen);
+ }
+
+ EVP_EncodeFinal(&ectx, ebuf, &ebuflen);
+
+ write(STDOUT, ebuf, ebuflen);
+}
+
+void do_decode()
+{
+ char buf[BUFLEN];
+ char ebuf[BUFLEN+24];
+ unsigned int ebuflen, rc;
+ EVP_ENCODE_CTX ectx;
+
+ EVP_DecodeInit(&ectx);
+
+ while(1)
+ {
+ int readlen = read(STDIN, buf, sizeof(buf));
+ int rc;
+
+ if (readlen <= 0)
+ {
+ if (!readlen)
+ break;
+ else
+ {
+ perror("read");
+ exit(1);
+ }
+ }
+
+ rc = EVP_DecodeUpdate(&ectx, ebuf, &ebuflen, buf, readlen);
+ if (rc <= 0)
+ {
+ if (!rc)
+ {
+ write(STDOUT, ebuf, ebuflen);
+ break;
+ }
+
+ fprintf(stderr, "Error: decoding message\n");
+ return;
+ }
+
+ write(STDOUT, ebuf, ebuflen);
+ }
+
+ EVP_DecodeFinal(&ectx, ebuf, &ebuflen);
+
+ write(STDOUT, ebuf, ebuflen);
+}
+
diff --git a/src/lib/libssl/src/demos/maurice/loadkeys.c b/src/lib/libssl/src/demos/maurice/loadkeys.c
new file mode 100644
index 0000000000..7c89f071f3
--- /dev/null
+++ b/src/lib/libssl/src/demos/maurice/loadkeys.c
@@ -0,0 +1,77 @@
+/* NOCW */
+/*
+ Please read the README file for condition of use, before
+ using this software.
+
+ Maurice Gittens <mgittens@gits.nl> January 1997
+
+*/
+
+#include <unistd.h>
+#include <stdio.h>
+#include <netinet/in.h>
+#include <fcntl.h>
+#include <strings.h>
+#include <stdlib.h>
+
+#include "rsa.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+#include "err.h"
+#include "pem.h"
+#include "ssl.h"
+
+EVP_PKEY * ReadPublicKey(const char *certfile)
+{
+ FILE *fp = fopen (certfile, "r");
+ X509 *x509;
+ EVP_PKEY *pkey;
+
+ if (!fp)
+ return NULL;
+
+ x509 = (X509 *)PEM_ASN1_read ((char *(*)())d2i_X509,
+ PEM_STRING_X509,
+ fp, NULL, NULL);
+
+ if (x509 == NULL)
+ {
+ ERR_print_errors_fp (stderr);
+ return NULL;
+ }
+
+ fclose (fp);
+
+ pkey=X509_extract_key(x509);
+
+ X509_free(x509);
+
+ if (pkey == NULL)
+ ERR_print_errors_fp (stderr);
+
+ return pkey;
+}
+
+EVP_PKEY *ReadPrivateKey(const char *keyfile)
+{
+ FILE *fp = fopen(keyfile, "r");
+ EVP_PKEY *pkey;
+
+ if (!fp)
+ return NULL;
+
+ pkey = (EVP_PKEY*)PEM_ASN1_read ((char *(*)())d2i_PrivateKey,
+ PEM_STRING_EVP_PKEY,
+ fp,
+ NULL, NULL);
+
+ fclose (fp);
+
+ if (pkey == NULL)
+ ERR_print_errors_fp (stderr);
+
+ return pkey;
+}
+
+
diff --git a/src/lib/libssl/src/demos/maurice/loadkeys.h b/src/lib/libssl/src/demos/maurice/loadkeys.h
new file mode 100644
index 0000000000..e42c6f8dc4
--- /dev/null
+++ b/src/lib/libssl/src/demos/maurice/loadkeys.h
@@ -0,0 +1,19 @@
+/* NOCW */
+/*
+ Please read the README file for condition of use, before
+ using this software.
+
+ Maurice Gittens <mgittens@gits.nl> January 1997
+
+*/
+
+#ifndef LOADKEYS_H_SEEN
+#define LOADKEYS_H_SEEN
+
+#include "evp.h"
+
+EVP_PKEY * ReadPublicKey(const char *certfile);
+EVP_PKEY *ReadPrivateKey(const char *keyfile);
+
+#endif
+
diff --git a/src/lib/libssl/src/demos/maurice/privkey.pem b/src/lib/libssl/src/demos/maurice/privkey.pem
new file mode 100644
index 0000000000..fc3554e930
--- /dev/null
+++ b/src/lib/libssl/src/demos/maurice/privkey.pem
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEA3YKg/qmNagJ+eNYzdZuCAUsSgOprm4Oe467c89BxfEvqA1e0
+zLpEW7hLSdP2Ocw9Eh/aWCYnvLyrpG1i0ZFaR5+AQMG5+uMe71J4RiZDZR3ya7//
+wIFmFM2BMpHx+FF9DhcfJ/zHUf0cc0HlZkM8Z6MJuV42UFCx6EK9XMYr7Kks/mr+
+QCZknrm/LR370EhbgiqOq6TVe18mhIqaaV7BceKpWUwqdvf99M8/084wcmJlHOnp
+7tL8RAAe4IBX6UGz8ETlD3c7Gh9XXpQdw6X6r0GMTDBrKwCEUgxkDKhbFxbRHvjq
+cgFHmrkhlflx7XzSk1QMxZzo5UAoxaDKsakg+QIDAQABAoIBAQC0hnh083PnuJ6g
+Flob+B+stCUhYWtPc6ZzgphaMD+9ABV4oescipWZdooNYiyikBwZgFIvUvFBtTXh
+rLBDgUVlZ81beUb7/EvC2aBh818rsotWW0Sw/ARY4d7wetcL/EWBzUA8E5vR6wlb
+uZGelR9OiyYqp2h2bj1/v5yaVnuHxBeBj5clTHtPMXc+/70iUNBDMZ0ruZTdSwll
+e0DH8pp/5USYewlrKtRIJT7elC8LFMqEz4OpNvfaR2OEY0FatYYmSvQPNwV8/Eor
+XlNzRi9qD0uXbVexaAgQZ3/KZuAzUbOgwJZZXEAOGkZ/J1n08jljPXdU0o7bHhNl
+7siHbuEBAoGBAP53IvvJkhnH8Akf6E6sXelZkPKHnwDwfywDAiIhXza9DB1DViRS
+bZUB5gzcxmLGalex5+LcwZmsqFO5NXZ8SQeE9p0YT8yJsX4J1w9JzSvsWJBS2vyW
+Kbt21oG6JAGrWSGMIfxKpuahtWLf4JpGjftti0qIVQ60GKEPc1/xE2PZAoGBAN7Y
+nRPaUaqcIwbnH9kovOKwZ/PWREy1ecr3YXj65VYTnwSJHD0+CJa/DX8eB/G4AoNA
+Y2LPbq0Xu3+7SaUsO45VkaZuJmNwheUQ4tmyd/YdnVZ0AHXx1tvpR7QeO0WjnlNK
+mR+x00fetrff2Ypahs0wtU0Xf3F8ORgVB8jnxBIhAoGAcwf0PpI+g30Im3dbEsWE
+poogpiJ81HXjZ0fs3PTtD9eh9FCOTlkcxHFZR5M980TyqbX4t2tH8WpFpaNh8a/5
+a3bF7PoiiLnuDKXyHC0mnKZ42rU53VkcgGwWSAqXYFHPNwUcD+rHTBbp4kqGQ/eF
+E5XPk9/RY5YyVAyiAUr/kvECgYBvW1Ua75SxqbZDI8mhbZ79tGMt0NtubZz/1KCL
+oOxrGAD1dkJ7Q/1svunSpMIZgvcWeV1wqfFHY72ZNZC2jiTwmkffH9nlBPyTm92Q
+JYOWo/PUmMEGLyRL3gWrtxOtV/as7nEYCndmyZ8KwTxmy5fi/z0J2f0gS5AIPbIX
+LeGnoQKBgQDapjz9K4HWR5AMxyga4eiLIrmADySP846uz3eZIvTJQZ+6TAamvnno
+KbnU21cGq5HBBtxqQvGswLPGW9rZAgykHHJmYBUp0xv4+I4qHfXyD7QNmvq+Vxjj
+V2tgIafEpaf2ZsfM7BZeZz8MzeGcDwyrHtIO1FQiYN5Qz9Hq68XmVA==
+-----END RSA PRIVATE KEY-----
diff --git a/src/lib/libssl/src/demos/prime/prime.c b/src/lib/libssl/src/demos/prime/prime.c
new file mode 100644
index 0000000000..e4a17765bb
--- /dev/null
+++ b/src/lib/libssl/src/demos/prime/prime.c
@@ -0,0 +1,100 @@
+/* demos/prime/prime.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "bn.h"
+
+void callback(type,num)
+int type,num;
+ {
+ if (type == 0)
+ fprintf(stderr,".");
+ else if (type == 1)
+ fprintf(stderr,"+");
+ else if (type == 2)
+ fprintf(stderr,"*");
+ fflush(stderr);
+ }
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ BIGNUM *rand;
+ int num=256;
+
+ /* we should really call RAND_seed(char *bytes,int num);
+ * to fully initalise the random number generator */
+ if (argc >= 2)
+ {
+ num=atoi(argv[1]);
+ if (num == 0) num=256;
+ }
+
+ fprintf(stderr,"generate a strong prime\n");
+ rand=BN_generate_prime(num,1,NULL,NULL,callback);
+ /* change the second parameter to 1 for a strong prime */
+ fprintf(stderr,"\n");
+
+ BN_print_fp(stdout,rand);
+ fprintf(stdout,"\n");
+ BN_free(rand);
+ exit(0);
+ return(0);
+ }
+
diff --git a/src/lib/libssl/src/demos/privkey.pem b/src/lib/libssl/src/demos/privkey.pem
new file mode 100644
index 0000000000..ddae24075d
--- /dev/null
+++ b/src/lib/libssl/src/demos/privkey.pem
@@ -0,0 +1,9 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIBPAIBAAJBAN+FmbxmHVOp/RxtpMGz0DvQEBz1sDktHp19hIoMSu0YZift5MAu
+4xAEJYvWVCshDiyOTWsUBXwZkrkt87FyctkCAwEAAQJAG/vxBGpQb6IPo1iC0RF/
+F430BnwoBPCGLbeCOXpSgx5X+19vuTSdEqMgeNB6+aNb+XY/7mvVfCjyD6WZ0oxs
+JQIhAPO+uL9cP40lFs62pdL3QSWsh3VNDByvOtr9LpeaxBm/AiEA6sKVfXsDQ5hd
+SHt9U61r2r8Lcxmzi9Kw6JNqjMmzqWcCIQCKoRy+aZ8Tjdas9yDVHh+FZ90bEBkl
+b1xQFNOdEj8aTQIhAOJWrO6INYNsWTPS6+hLYZtLamyUsQj0H+B8kNQge/mtAiEA
+nBfvUl243qbqN8gF7Az1u33uc9FsPVvQPiBzLxZ4ixw=
+-----END RSA PRIVATE KEY-----
diff --git a/src/lib/libssl/src/demos/selfsign.c b/src/lib/libssl/src/demos/selfsign.c
new file mode 100644
index 0000000000..72146fc068
--- /dev/null
+++ b/src/lib/libssl/src/demos/selfsign.c
@@ -0,0 +1,168 @@
+/* NOCW */
+/* cc -o ssdemo -I../include selfsign.c ../libcrypto.a */
+
+#include <stdio.h>
+#include <stdlib.h>
+
+#include "buffer.h"
+#include "crypto.h"
+#include "objects.h"
+#include "asn1.h"
+#include "evp.h"
+#include "x509.h"
+#include "pem.h"
+
+int mkit(X509 **x509p, EVP_PKEY **pkeyp, int bits, int serial, int days);
+
+int main()
+ {
+ BIO *bio_err;
+ X509 *x509=NULL;
+ EVP_PKEY *pkey=NULL;
+
+ CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+
+ X509v3_add_netscape_extensions();
+
+ if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+
+ mkit(&x509,&pkey,512,0,365);
+
+ RSA_print_fp(stdout,pkey->pkey.rsa,0);
+ X509_print_fp(stdout,x509);
+
+ PEM_write_RSAPrivateKey(stdout,pkey->pkey.rsa,NULL,NULL,0,NULL);
+ PEM_write_X509(stdout,x509);
+
+ X509_free(x509);
+ EVP_PKEY_free(pkey);
+ BIO_free(bio_err);
+
+ X509_cleanup_extensions();
+
+ CRYPTO_mem_leaks(bio_err);
+ return(0);
+ }
+
+#ifdef WIN16
+# define MS_CALLBACK _far _loadds
+# define MS_FAR _far
+#else
+# define MS_CALLBACK
+# define MS_FAR
+#endif
+
+static void MS_CALLBACK callback(p, n)
+int p;
+int n;
+ {
+ char c='B';
+
+ if (p == 0) c='.';
+ if (p == 1) c='+';
+ if (p == 2) c='*';
+ if (p == 3) c='\n';
+ fputc(c,stderr);
+ }
+
+int mkit(x509p,pkeyp,bits,serial,days)
+X509 **x509p;
+EVP_PKEY **pkeyp;
+int bits;
+int serial;
+int days;
+ {
+ X509 *x;
+ EVP_PKEY *pk;
+ RSA *rsa;
+ char *s;
+ X509_NAME *name=NULL;
+ X509_NAME_ENTRY *ne=NULL;
+ X509_EXTENSION *ex=NULL;
+ ASN1_OCTET_STRING *data=NULL;
+
+
+ if ((pkeyp == NULL) || (*pkeyp == NULL))
+ {
+ if ((pk=EVP_PKEY_new()) == NULL)
+ {
+ abort();
+ return(0);
+ }
+ }
+ else
+ pk= *pkeyp;
+
+ if ((x509p == NULL) || (*x509p == NULL))
+ {
+ if ((x=X509_new()) == NULL)
+ goto err;
+ }
+ else
+ x= *x509p;
+
+ rsa=RSA_generate_key(bits,RSA_F4,callback);
+ if (!EVP_PKEY_assign_RSA(pk,rsa))
+ {
+ abort();
+ goto err;
+ }
+ rsa=NULL;
+
+ X509_set_version(x,3);
+ ASN1_INTEGER_set(X509_get_serialNumber(x),serial);
+ X509_gmtime_adj(X509_get_notBefore(x),0);
+ X509_gmtime_adj(X509_get_notAfter(x),(long)60*60*24*days);
+ X509_set_pubkey(x,pk);
+
+ name=X509_NAME_new();
+
+ ne=X509_NAME_ENTRY_create_by_NID(NULL,NID_countryName,
+ V_ASN1_APP_CHOOSE,"AU",-1);
+ X509_NAME_add_entry(name,ne,0,0);
+
+ X509_NAME_ENTRY_create_by_NID(&ne,NID_commonName,
+ V_ASN1_APP_CHOOSE,"Eric Young",-1);
+ X509_NAME_add_entry(name,ne,1,0);
+
+ /* finished with structure */
+ X509_NAME_ENTRY_free(ne);
+
+ X509_set_subject_name(x,name);
+ X509_set_issuer_name(x,name);
+
+ /* finished with structure */
+ X509_NAME_free(name);
+
+ data=X509v3_pack_string(NULL,V_ASN1_BIT_STRING,
+ "\001",1);
+ ex=X509_EXTENSION_create_by_NID(NULL,NID_netscape_cert_type,0,data);
+ X509_add_ext(x,ex,-1);
+
+ X509v3_pack_string(&data,V_ASN1_IA5STRING,
+ "example comment extension",-1);
+ X509_EXTENSION_create_by_NID(&ex,NID_netscape_comment,0,data);
+ X509_add_ext(x,ex,-1);
+
+ X509v3_pack_string(&data,V_ASN1_BIT_STRING,
+ "www.cryptsoft.com",-1);
+ X509_EXTENSION_create_by_NID(&ex,NID_netscape_ssl_server_name,0,data);
+ X509_add_ext(x,ex,-1);
+
+ X509_EXTENSION_free(ex);
+ ASN1_OCTET_STRING_free(data);
+
+ if (!X509_sign(x,pk,EVP_md5()))
+ goto err;
+
+ *x509p=x;
+ *pkeyp=pk;
+ return(1);
+err:
+ return(0);
+ }
+
+
+
+
diff --git a/src/lib/libssl/src/demos/sign/cert.pem b/src/lib/libssl/src/demos/sign/cert.pem
new file mode 100644
index 0000000000..9d7ac238d8
--- /dev/null
+++ b/src/lib/libssl/src/demos/sign/cert.pem
@@ -0,0 +1,14 @@
+-----BEGIN CERTIFICATE-----
+MIICLDCCAdYCAQAwDQYJKoZIhvcNAQEEBQAwgaAxCzAJBgNVBAYTAlBUMRMwEQYD
+VQQIEwpRdWVlbnNsYW5kMQ8wDQYDVQQHEwZMaXNib2ExFzAVBgNVBAoTDk5ldXJv
+bmlvLCBMZGEuMRgwFgYDVQQLEw9EZXNlbnZvbHZpbWVudG8xGzAZBgNVBAMTEmJy
+dXR1cy5uZXVyb25pby5wdDEbMBkGCSqGSIb3DQEJARYMc2FtcG9AaWtpLmZpMB4X
+DTk2MDkwNTAzNDI0M1oXDTk2MTAwNTAzNDI0M1owgaAxCzAJBgNVBAYTAlBUMRMw
+EQYDVQQIEwpRdWVlbnNsYW5kMQ8wDQYDVQQHEwZMaXNib2ExFzAVBgNVBAoTDk5l
+dXJvbmlvLCBMZGEuMRgwFgYDVQQLEw9EZXNlbnZvbHZpbWVudG8xGzAZBgNVBAMT
+EmJydXR1cy5uZXVyb25pby5wdDEbMBkGCSqGSIb3DQEJARYMc2FtcG9AaWtpLmZp
+MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAL7+aty3S1iBA/+yxjxv4q1MUTd1kjNw
+L4lYKbpzzlmC5beaQXeQ2RmGMTXU+mDvuqItjVHOK3DvPK7lTcSGftUCAwEAATAN
+BgkqhkiG9w0BAQQFAANBAFqPEKFjk6T6CKTHvaQeEAsX0/8YHPHqH/9AnhSjrwuX
+9EBc0n6bVGhN7XaXd6sJ7dym9sbsWxb+pJdurnkxjx4=
+-----END CERTIFICATE-----
diff --git a/src/lib/libssl/src/demos/sign/key.pem b/src/lib/libssl/src/demos/sign/key.pem
new file mode 100644
index 0000000000..239ad66f99
--- /dev/null
+++ b/src/lib/libssl/src/demos/sign/key.pem
@@ -0,0 +1,9 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIBPAIBAAJBAL7+aty3S1iBA/+yxjxv4q1MUTd1kjNwL4lYKbpzzlmC5beaQXeQ
+2RmGMTXU+mDvuqItjVHOK3DvPK7lTcSGftUCAwEAAQJBALjkK+jc2+iihI98riEF
+oudmkNziSRTYjnwjx8mCoAjPWviB3c742eO3FG4/soi1jD9A5alihEOXfUzloenr
+8IECIQD3B5+0l+68BA/6d76iUNqAAV8djGTzvxnCxycnxPQydQIhAMXt4trUI3nc
+a+U8YL2HPFA3gmhBsSICbq2OptOCnM7hAiEA6Xi3JIQECob8YwkRj29DU3/4WYD7
+WLPgsQpwo1GuSpECICGsnWH5oaeD9t9jbFoSfhJvv0IZmxdcLpRcpslpeWBBAiEA
+6/5B8J0GHdJq89FHwEG/H2eVVUYu5y/aD6sgcm+0Avg=
+-----END RSA PRIVATE KEY-----
diff --git a/src/lib/libssl/src/demos/sign/sig.txt b/src/lib/libssl/src/demos/sign/sig.txt
new file mode 100644
index 0000000000..5613c0ee77
--- /dev/null
+++ b/src/lib/libssl/src/demos/sign/sig.txt
@@ -0,0 +1,158 @@
+From ssl-lists-owner@mincom.com Mon Sep 30 02:37:40 1996
+Received: from cygnus.mincom.oz.au by orb.mincom.oz.au with SMTP id AA11782
+ (5.65c/IDA-1.4.4 for eay); Mon, 30 Sep 1996 11:46:21 +1000
+Received: (from daemon@localhost) by cygnus.mincom.oz.au (8.7.5/8.7.3) id LAA18980 for ssl-users-outgoing; Mon, 30 Sep 1996 11:44:56 +1000 (EST)
+Received: from minbne.mincom.oz.au (minbne.mincom.oz.au [192.55.196.247]) by cygnus.mincom.oz.au (8.7.5/8.7.3) with SMTP id LAA18962 for <ssl-users@listserv.mincom.oz.au>; Mon, 30 Sep 1996 11:44:51 +1000 (EST)
+Received: by minbne.mincom.oz.au id AA22230
+ (5.65c/IDA-1.4.4 for ssl-users@listserv.mincom.oz.au); Mon, 30 Sep 1996 11:38:41 +1000
+Received: from brutus.neuronio.pt (brutus.neuronio.pt [193.126.253.2]) by bunyip.cc.uq.oz.au (8.7.6/8.7.3) with SMTP id LAA15824 for <ssl-users@mincom.com>; Mon, 30 Sep 1996 11:40:07 +1000
+Received: (from sampo@localhost) by brutus.neuronio.pt (8.6.11/8.6.11) id BAA08729; Mon, 30 Sep 1996 01:37:40 +0100
+Date: Mon, 30 Sep 1996 01:37:40 +0100
+Message-Id: <199609300037.BAA08729@brutus.neuronio.pt>
+From: Sampo Kellomaki <sampo@neuronio.pt>
+To: ssl-users@mincom.com
+Cc: sampo@brutus.neuronio.pt
+Subject: Signing with envelope routines
+Sender: ssl-lists-owner@mincom.com
+Precedence: bulk
+Status: RO
+X-Status: D
+
+
+I have been trying to figure out how to produce signatures with EVP_
+routines. I seem to be able to read in private key and sign some
+data ok, but I can't figure out how I am supposed to read in
+public key so that I could verify my signature. I use self signed
+certificate.
+
+I figured I should use
+ EVP_PKEY* pkey = PEM_ASN1_read(d2i_PrivateKey, PEM_STRING_EVP_PKEY,
+ fp, NULL, NULL);
+to read in private key and this seems to work Ok.
+
+However when I try analogous
+ EVP_PKEY* pkey = PEM_ASN1_read(d2i_PublicKey, PEM_STRING_X509,
+ fp, NULL, NULL);
+the program fails with
+
+error:0D09508D:asn1 encoding routines:D2I_PUBLICKEY:unknown public key type:d2i_pu.c:93
+error:0906700D:PEM routines:PEM_ASN1_read_bio:ASN1 lib:pem_lib.c:232
+
+I figured that the second argument to PEM_ASN1_read should match the
+name in my PEM encoded object, hence PEM_STRING_X509.
+PEM_STRING_EVP_PKEY seems to be somehow magical
+because it matches whatever private key there happens to be. I could
+not find a similar constant to use with getting the certificate, however.
+
+Is my approach of using PEM_ASN1_read correct? What should I pass in
+as name? Can I use normal (or even self signed) X509 certificate for
+verifying the signature?
+
+When will SSLeay documentation be written ;-)? If I would contribute
+comments to the code, would Eric take time to review them and include
+them in distribution?
+
+I'm using SSLeay-0.6.4. My program is included below along with the
+key and cert that I use.
+
+--Sampo
+
+-----------------------------------
+/* sign-it.cpp - Simple test app using SSLeay envelopes to sign data
+ 29.9.1996, Sampo Kellomaki <sampo@iki.fi> */
+
+#include <stdio.h>
+#include "rsa.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+#include "err.h"
+#include "pem.h"
+#include "ssl.h"
+
+void main ()
+{
+ int err;
+ int sig_len;
+ unsigned char sig_buf [4096];
+ const char certfile[] = "plain-cert.pem";
+ const char keyfile[] = "plain-key.pem";
+ const char data[] = "I owe you...";
+ EVP_MD_CTX md_ctx;
+ EVP_PKEY* pkey;
+ FILE* fp;
+
+ SSL_load_error_strings();
+
+ /* Read private key */
+
+ fp = fopen (keyfile, "r"); if (fp == NULL) exit (1);
+ pkey = (EVP_PKEY*)PEM_ASN1_read ((char *(*)())d2i_PrivateKey,
+ PEM_STRING_EVP_PKEY,
+ fp,
+ NULL, NULL);
+ if (pkey == NULL) { ERR_print_errors_fp (stderr); exit (1); }
+ fclose (fp);
+
+ /* Do the signature */
+
+ EVP_SignInit (&md_ctx, EVP_md5());
+ EVP_SignUpdate (&md_ctx, data, strlen(data));
+ sig_len = sizeof(sig_buf);
+ err = EVP_SignFinal (&md_ctx,
+ sig_buf,
+ &sig_len,
+ pkey);
+ if (err != 1) { ERR_print_errors_fp (stderr); exit (1); }
+ EVP_PKEY_free (pkey);
+
+ /* Read public key */
+
+ fp = fopen (certfile, "r"); if (fp == NULL) exit (1);
+ pkey = (EVP_PKEY*)PEM_ASN1_read ((char *(*)())d2i_PublicKey,
+ PEM_STRING_X509,
+ fp,
+ NULL, NULL);
+ if (pkey == NULL) { ERR_print_errors_fp (stderr); exit (1); }
+ fclose (fp);
+
+ /* Verify the signature */
+
+ EVP_VerifyInit (&md_ctx, EVP_md5());
+ EVP_VerifyUpdate (&md_ctx, data, strlen((char*)data));
+ err = EVP_VerifyFinal (&md_ctx,
+ sig_buf,
+ sig_len,
+ pkey);
+ if (err != 1) { ERR_print_errors_fp (stderr); exit (1); }
+ EVP_PKEY_free (pkey);
+ printf ("Signature Verified Ok.\n");
+}
+/* EOF */
+--------------- plain-cert.pem -----------------
+-----BEGIN CERTIFICATE-----
+MIICLDCCAdYCAQAwDQYJKoZIhvcNAQEEBQAwgaAxCzAJBgNVBAYTAlBUMRMwEQYD
+VQQIEwpRdWVlbnNsYW5kMQ8wDQYDVQQHEwZMaXNib2ExFzAVBgNVBAoTDk5ldXJv
+bmlvLCBMZGEuMRgwFgYDVQQLEw9EZXNlbnZvbHZpbWVudG8xGzAZBgNVBAMTEmJy
+dXR1cy5uZXVyb25pby5wdDEbMBkGCSqGSIb3DQEJARYMc2FtcG9AaWtpLmZpMB4X
+DTk2MDkwNTAzNDI0M1oXDTk2MTAwNTAzNDI0M1owgaAxCzAJBgNVBAYTAlBUMRMw
+EQYDVQQIEwpRdWVlbnNsYW5kMQ8wDQYDVQQHEwZMaXNib2ExFzAVBgNVBAoTDk5l
+dXJvbmlvLCBMZGEuMRgwFgYDVQQLEw9EZXNlbnZvbHZpbWVudG8xGzAZBgNVBAMT
+EmJydXR1cy5uZXVyb25pby5wdDEbMBkGCSqGSIb3DQEJARYMc2FtcG9AaWtpLmZp
+MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAL7+aty3S1iBA/+yxjxv4q1MUTd1kjNw
+L4lYKbpzzlmC5beaQXeQ2RmGMTXU+mDvuqItjVHOK3DvPK7lTcSGftUCAwEAATAN
+BgkqhkiG9w0BAQQFAANBAFqPEKFjk6T6CKTHvaQeEAsX0/8YHPHqH/9AnhSjrwuX
+9EBc0n6bVGhN7XaXd6sJ7dym9sbsWxb+pJdurnkxjx4=
+-----END CERTIFICATE-----
+---------------- plain-key.pem -----------------
+-----BEGIN RSA PRIVATE KEY-----
+MIIBPAIBAAJBAL7+aty3S1iBA/+yxjxv4q1MUTd1kjNwL4lYKbpzzlmC5beaQXeQ
+2RmGMTXU+mDvuqItjVHOK3DvPK7lTcSGftUCAwEAAQJBALjkK+jc2+iihI98riEF
+oudmkNziSRTYjnwjx8mCoAjPWviB3c742eO3FG4/soi1jD9A5alihEOXfUzloenr
+8IECIQD3B5+0l+68BA/6d76iUNqAAV8djGTzvxnCxycnxPQydQIhAMXt4trUI3nc
+a+U8YL2HPFA3gmhBsSICbq2OptOCnM7hAiEA6Xi3JIQECob8YwkRj29DU3/4WYD7
+WLPgsQpwo1GuSpECICGsnWH5oaeD9t9jbFoSfhJvv0IZmxdcLpRcpslpeWBBAiEA
+6/5B8J0GHdJq89FHwEG/H2eVVUYu5y/aD6sgcm+0Avg=
+-----END RSA PRIVATE KEY-----
+------------------------------------------------
+
diff --git a/src/lib/libssl/src/demos/sign/sign.c b/src/lib/libssl/src/demos/sign/sign.c
new file mode 100644
index 0000000000..5cbce3cdc5
--- /dev/null
+++ b/src/lib/libssl/src/demos/sign/sign.c
@@ -0,0 +1,137 @@
+/* demos/sign/sign.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* sign-it.cpp - Simple test app using SSLeay envelopes to sign data
+ 29.9.1996, Sampo Kellomaki <sampo@iki.fi> */
+
+/* converted to C - eay :-) */
+
+#include <stdio.h>
+#include "rsa.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+#include "err.h"
+#include "pem.h"
+#include "ssl.h"
+
+void main ()
+{
+ int err;
+ int sig_len;
+ unsigned char sig_buf [4096];
+ static char certfile[] = "cert.pem";
+ static char keyfile[] = "key.pem";
+ static char data[] = "I owe you...";
+ EVP_MD_CTX md_ctx;
+ EVP_PKEY * pkey;
+ FILE * fp;
+ X509 * x509;
+
+ /* Just load the crypto library error strings,
+ * SSL_load_error_strings() loads the crypto AND the SSL ones */
+ /* SSL_load_error_strings();*/
+ ERR_load_crypto_strings();
+
+ /* Read private key */
+
+ fp = fopen (keyfile, "r"); if (fp == NULL) exit (1);
+ pkey = (EVP_PKEY*)PEM_ASN1_read ((char *(*)())d2i_PrivateKey,
+ PEM_STRING_EVP_PKEY,
+ fp,
+ NULL, NULL);
+ if (pkey == NULL) { ERR_print_errors_fp (stderr); exit (1); }
+ fclose (fp);
+
+ /* Do the signature */
+
+ EVP_SignInit (&md_ctx, EVP_md5());
+ EVP_SignUpdate (&md_ctx, data, strlen(data));
+ sig_len = sizeof(sig_buf);
+ err = EVP_SignFinal (&md_ctx,
+ sig_buf,
+ &sig_len,
+ pkey);
+ if (err != 1) { ERR_print_errors_fp (stderr); exit (1); }
+ EVP_PKEY_free (pkey);
+
+ /* Read public key */
+
+ fp = fopen (certfile, "r"); if (fp == NULL) exit (1);
+ x509 = (X509 *)PEM_ASN1_read ((char *(*)())d2i_X509,
+ PEM_STRING_X509,
+ fp, NULL, NULL);
+ if (x509 == NULL) { ERR_print_errors_fp (stderr); exit (1); }
+ fclose (fp);
+
+ /* Get public key - eay */
+ pkey=X509_extract_key(x509);
+ if (pkey == NULL) { ERR_print_errors_fp (stderr); exit (1); }
+
+ /* Verify the signature */
+
+ EVP_VerifyInit (&md_ctx, EVP_md5());
+ EVP_VerifyUpdate (&md_ctx, data, strlen((char*)data));
+ err = EVP_VerifyFinal (&md_ctx,
+ sig_buf,
+ sig_len,
+ pkey);
+ if (err != 1) { ERR_print_errors_fp (stderr); exit (1); }
+ EVP_PKEY_free (pkey);
+ printf ("Signature Verified Ok.\n");
+}
diff --git a/src/lib/libssl/src/demos/sign/sign.txt b/src/lib/libssl/src/demos/sign/sign.txt
new file mode 100644
index 0000000000..2aa2b46cc3
--- /dev/null
+++ b/src/lib/libssl/src/demos/sign/sign.txt
@@ -0,0 +1,170 @@
+From ssl-lists-owner@mincom.com Mon Sep 30 22:43:15 1996
+Received: from cygnus.mincom.oz.au by orb.mincom.oz.au with SMTP id AA12802
+ (5.65c/IDA-1.4.4 for eay); Mon, 30 Sep 1996 12:45:43 +1000
+Received: (from daemon@localhost) by cygnus.mincom.oz.au (8.7.5/8.7.3) id MAA25922 for ssl-users-outgoing; Mon, 30 Sep 1996 12:43:43 +1000 (EST)
+Received: from orb.mincom.oz.au (eay@orb.mincom.oz.au [192.55.197.1]) by cygnus.mincom.oz.au (8.7.5/8.7.3) with SMTP id MAA25900 for <ssl-users@listserv.mincom.oz.au>; Mon, 30 Sep 1996 12:43:39 +1000 (EST)
+Received: by orb.mincom.oz.au id AA12688
+ (5.65c/IDA-1.4.4 for ssl-users@listserv.mincom.oz.au); Mon, 30 Sep 1996 12:43:16 +1000
+Date: Mon, 30 Sep 1996 12:43:15 +1000 (EST)
+From: Eric Young <eay@mincom.com>
+X-Sender: eay@orb
+To: Sampo Kellomaki <sampo@neuronio.pt>
+Cc: ssl-users@mincom.com, sampo@brutus.neuronio.pt
+Subject: Re: Signing with envelope routines
+In-Reply-To: <199609300037.BAA08729@brutus.neuronio.pt>
+Message-Id: <Pine.SOL.3.91.960930121504.11800Y-100000@orb>
+Mime-Version: 1.0
+Content-Type: TEXT/PLAIN; charset=US-ASCII
+Sender: ssl-lists-owner@mincom.com
+Precedence: bulk
+Status: O
+X-Status:
+
+
+On Mon, 30 Sep 1996, Sampo Kellomaki wrote:
+> I have been trying to figure out how to produce signatures with EVP_
+> routines. I seem to be able to read in private key and sign some
+> data ok, but I can't figure out how I am supposed to read in
+> public key so that I could verify my signature. I use self signed
+> certificate.
+
+hmm... a rather poorly documented are of the library at this point in time.
+
+> I figured I should use
+> EVP_PKEY* pkey = PEM_ASN1_read(d2i_PrivateKey, PEM_STRING_EVP_PKEY,
+> fp, NULL, NULL);
+> to read in private key and this seems to work Ok.
+>
+> However when I try analogous
+> EVP_PKEY* pkey = PEM_ASN1_read(d2i_PublicKey, PEM_STRING_X509,
+> fp, NULL, NULL);
+
+What you should do is
+ X509 *x509=PEM_read_X509(fp,NULL,NULL);
+ /* which is the same as PEM_ASN1_read(d2i_X509,PEM_STRING_X509,fp,
+ * NULL,NULL); */
+Then
+ EVP_PKEY *pkey=X509_extract_key(x509);
+
+There is also a X509_REQ_extract_key(req);
+which gets the public key from a certificate request.
+
+I re-worked quite a bit of this when I cleaned up the dependancy on
+RSA as the private key.
+
+> I figured that the second argument to PEM_ASN1_read should match the
+> name in my PEM encoded object, hence PEM_STRING_X509.
+> PEM_STRING_EVP_PKEY seems to be somehow magical
+> because it matches whatever private key there happens to be. I could
+> not find a similar constant to use with getting the certificate, however.
+
+:-), PEM_STRING_EVP_PKEY is 'magical' :-). In theory I should be using a
+standard such as PKCS#8 to store the private key so that the type is
+encoded in the asn.1 encoding of the object.
+
+> Is my approach of using PEM_ASN1_read correct? What should I pass in
+> as name? Can I use normal (or even self signed) X509 certificate for
+> verifying the signature?
+
+The actual public key is kept in the certificate, so basically you have
+to load the certificate and then 'unpack' the public key from the
+certificate.
+
+> When will SSLeay documentation be written ;-)? If I would contribute
+> comments to the code, would Eric take time to review them and include
+> them in distribution?
+
+:-) After SSLv3 and PKCS#7 :-). I actually started doing a function list
+but what I really need to do is do quite a few 'this is how you do xyz'
+type documents. I suppose the current method is to post to ssl-users and
+I'll respond :-).
+
+I'll add a 'demo' directory for the next release, I've appended a
+modified version of your program that works, you were very close :-).
+
+eric
+
+/* sign-it.cpp - Simple test app using SSLeay envelopes to sign data
+ 29.9.1996, Sampo Kellomaki <sampo@iki.fi> */
+
+/* converted to C - eay :-) */
+
+#include <stdio.h>
+#include "rsa.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+#include "err.h"
+#include "pem.h"
+#include "ssl.h"
+
+void main ()
+{
+ int err;
+ int sig_len;
+ unsigned char sig_buf [4096];
+ static char certfile[] = "plain-cert.pem";
+ static char keyfile[] = "plain-key.pem";
+ static char data[] = "I owe you...";
+ EVP_MD_CTX md_ctx;
+ EVP_PKEY * pkey;
+ FILE * fp;
+ X509 * x509;
+
+ /* Just load the crypto library error strings,
+ * SSL_load_error_strings() loads the crypto AND the SSL ones */
+ /* SSL_load_error_strings();*/
+ ERR_load_crypto_strings();
+
+ /* Read private key */
+
+ fp = fopen (keyfile, "r"); if (fp == NULL) exit (1);
+ pkey = (EVP_PKEY*)PEM_ASN1_read ((char *(*)())d2i_PrivateKey,
+ PEM_STRING_EVP_PKEY,
+ fp,
+ NULL, NULL);
+ if (pkey == NULL) { ERR_print_errors_fp (stderr); exit (1); }
+ fclose (fp);
+
+ /* Do the signature */
+
+ EVP_SignInit (&md_ctx, EVP_md5());
+ EVP_SignUpdate (&md_ctx, data, strlen(data));
+ sig_len = sizeof(sig_buf);
+ err = EVP_SignFinal (&md_ctx,
+ sig_buf,
+ &sig_len,
+ pkey);
+ if (err != 1) { ERR_print_errors_fp (stderr); exit (1); }
+ EVP_PKEY_free (pkey);
+
+ /* Read public key */
+
+ fp = fopen (certfile, "r"); if (fp == NULL) exit (1);
+ x509 = (X509 *)PEM_ASN1_read ((char *(*)())d2i_X509,
+ PEM_STRING_X509,
+ fp, NULL, NULL);
+ if (x509 == NULL) { ERR_print_errors_fp (stderr); exit (1); }
+ fclose (fp);
+
+ /* Get public key - eay */
+ pkey=X509_extract_key(x509);
+ if (pkey == NULL) { ERR_print_errors_fp (stderr); exit (1); }
+
+ /* Verify the signature */
+
+ EVP_VerifyInit (&md_ctx, EVP_md5());
+ EVP_VerifyUpdate (&md_ctx, data, strlen((char*)data));
+ err = EVP_VerifyFinal (&md_ctx,
+ sig_buf,
+ sig_len,
+ pkey);
+ if (err != 1) { ERR_print_errors_fp (stderr); exit (1); }
+ EVP_PKEY_free (pkey);
+ printf ("Signature Verified Ok.\n");
+}
+
+
+
+
+
diff --git a/src/lib/libssl/src/demos/spkigen.c b/src/lib/libssl/src/demos/spkigen.c
new file mode 100644
index 0000000000..01fe6254f2
--- /dev/null
+++ b/src/lib/libssl/src/demos/spkigen.c
@@ -0,0 +1,160 @@
+/* NOCW */
+/* demos/spkigen.c
+ * 18-Mar-1997 - eay - A quick hack :-)
+ * version 1.1, it would probably help to save or load the
+ * private key :-)
+ */
+#include <stdio.h>
+#include <stdlib.h>
+#include "err.h"
+#include "asn1.h"
+#include "objects.h"
+#include "evp.h"
+#include "x509.h"
+#include "pem.h"
+
+/* The following two don't exist in SSLeay but they are in here as
+ * examples */
+#define PEM_write_SPKI(fp,x) \
+ PEM_ASN1_write((int (*)())i2d_NETSCAPE_SPKI,"SPKI",fp,\
+ (char *)x,NULL,NULL,0,NULL)
+int SPKI_set_pubkey(NETSCAPE_SPKI *x, EVP_PKEY *pkey);
+
+/* These are defined in the next version of SSLeay */
+int EVP_PKEY_assign(EVP_PKEY *pkey, int type,char *key);
+#define RSA_F4 0x10001
+#define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\
+ (char *)(rsa))
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ RSA *rsa=NULL;
+ NETSCAPE_SPKI *spki=NULL;
+ EVP_PKEY *pkey=NULL;
+ char buf[128];
+ int ok=0,i;
+ FILE *fp;
+
+ pkey=EVP_PKEY_new();
+
+ if (argc < 2)
+ {
+ /* Generate an RSA key, the random state should have been seeded
+ * with lots of calls to RAND_seed(....) */
+ fprintf(stderr,"generating RSA key, could take some time...\n");
+ if ((rsa=RSA_generate_key(512,RSA_F4,NULL)) == NULL) goto err;
+ }
+ else
+ {
+ if ((fp=fopen(argv[1],"r")) == NULL)
+ { perror(argv[1]); goto err; }
+ if ((rsa=PEM_read_RSAPrivateKey(fp,NULL,NULL)) == NULL)
+ goto err;
+ fclose(fp);
+ }
+
+ if (!EVP_PKEY_assign_RSA(pkey,rsa)) goto err;
+ rsa=NULL;
+
+ /* lets make the spki and set the public key and challenge */
+ if ((spki=NETSCAPE_SPKI_new()) == NULL) goto err;
+
+ if (!SPKI_set_pubkey(spki,pkey)) goto err;
+
+ fprintf(stderr,"please enter challenge string:");
+ fflush(stderr);
+ fgets(buf,120,stdin);
+ i=strlen(buf);
+ if (i > 0) buf[--i]='\0';
+ if (!ASN1_STRING_set((ASN1_STRING *)spki->spkac->challenge,
+ buf,i)) goto err;
+
+ if (!NETSCAPE_SPKI_sign(spki,pkey,EVP_md5())) goto err;
+ PEM_write_SPKI(stdout,spki);
+ if (argc < 2)
+ PEM_write_RSAPrivateKey(stdout,pkey->pkey.rsa,NULL,NULL,0,NULL);
+
+ ok=1;
+err:
+ if (!ok)
+ {
+ fprintf(stderr,"something bad happened....");
+ ERR_print_errors_fp(stderr);
+ }
+ NETSCAPE_SPKI_free(spki);
+ EVP_PKEY_free(pkey);
+ exit(!ok);
+ }
+
+/* This function is in the next version of SSLeay */
+int EVP_PKEY_assign(pkey,type,key)
+EVP_PKEY *pkey;
+int type;
+char *key;
+ {
+ if (pkey == NULL) return(0);
+ if (pkey->pkey.ptr != NULL)
+ {
+ if (pkey->type == EVP_PKEY_RSA)
+ RSA_free(pkey->pkey.rsa);
+ /* else memory leak */
+ }
+ pkey->type=type;
+ pkey->pkey.ptr=key;
+ return(1);
+ }
+
+/* While I have a
+ * X509_set_pubkey() and X509_REQ_set_pubkey(), SPKI_set_pubkey() does
+ * not currently exist so here is a version of it.
+ * The next SSLeay release will probably have
+ * X509_set_pubkey(),
+ * X509_REQ_set_pubkey() and
+ * NETSCAPE_SPKI_set_pubkey()
+ * as macros calling the same function */
+int SPKI_set_pubkey(x,pkey)
+NETSCAPE_SPKI *x;
+EVP_PKEY *pkey;
+ {
+ int ok=0;
+ X509_PUBKEY *pk;
+ X509_ALGOR *a;
+ ASN1_OBJECT *o;
+ unsigned char *s,*p;
+ int i;
+
+ if (x == NULL) return(0);
+
+ if ((pk=X509_PUBKEY_new()) == NULL) goto err;
+ a=pk->algor;
+
+ /* set the algorithm id */
+ if ((o=OBJ_nid2obj(pkey->type)) == NULL) goto err;
+ ASN1_OBJECT_free(a->algorithm);
+ a->algorithm=o;
+
+ /* Set the parameter list */
+ if ((a->parameter == NULL) || (a->parameter->type != V_ASN1_NULL))
+ {
+ ASN1_TYPE_free(a->parameter);
+ a->parameter=ASN1_TYPE_new();
+ a->parameter->type=V_ASN1_NULL;
+ }
+ i=i2d_PublicKey(pkey,NULL);
+ if ((s=(unsigned char *)malloc(i+1)) == NULL) goto err;
+ p=s;
+ i2d_PublicKey(pkey,&p);
+ if (!ASN1_BIT_STRING_set(pk->public_key,s,i)) goto err;
+ free(s);
+
+ X509_PUBKEY_free(x->spkac->pubkey);
+ x->spkac->pubkey=pk;
+ pk=NULL;
+ ok=1;
+err:
+ if (pk != NULL) X509_PUBKEY_free(pk);
+ return(ok);
+ }
+
diff --git a/src/lib/libssl/src/demos/ssl/cli.cpp b/src/lib/libssl/src/demos/ssl/cli.cpp
new file mode 100644
index 0000000000..f52a9c025b
--- /dev/null
+++ b/src/lib/libssl/src/demos/ssl/cli.cpp
@@ -0,0 +1,102 @@
+/* cli.cpp - Minimal ssleay client for Unix
+ 30.9.1996, Sampo Kellomaki <sampo@iki.fi> */
+
+#include <stdio.h>
+#include <memory.h>
+#include <errno.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#include <netdb.h>
+
+#include "rsa.h" /* SSLeay stuff */
+#include "crypto.h"
+#include "x509.h"
+#include "pem.h"
+#include "ssl.h"
+#include "err.h"
+
+#define CHK_NULL(x) if ((x)==NULL) exit (1)
+#define CHK_ERR(err,s) if ((err)==-1) { perror(s); exit(1); }
+#define CHK_SSL(err) if ((err)==-1) { ERR_print_errors_fp(stderr); exit(2); }
+
+void main ()
+{
+ int err;
+ int sd;
+ struct sockaddr_in sa;
+ SSL_CTX* ctx;
+ SSL* ssl;
+ X509* server_cert;
+ char* str;
+ char buf [4096];
+
+ SSL_load_error_strings();
+ ctx = SSL_CTX_new (); CHK_NULL(ctx);
+
+ /* ----------------------------------------------- */
+ /* Create a socket and connect to server using normal socket calls. */
+
+ sd = socket (AF_INET, SOCK_STREAM, 0); CHK_ERR(sd, "socket");
+
+ memset (&sa, '\0', sizeof(sa));
+ sa.sin_family = AF_INET;
+ sa.sin_addr.s_addr = inet_addr ("127.0.0.1"); /* Server IP */
+ sa.sin_port = htons (1111); /* Server Port number */
+
+ err = connect(sd, (struct sockaddr*) &sa,
+ sizeof(sa)); CHK_ERR(err, "connect");
+
+ /* ----------------------------------------------- */
+ /* Now we have TCP conncetion. Start SSL negotiation. */
+
+ ssl = SSL_new (ctx); CHK_NULL(ssl);
+ SSL_set_fd (ssl, sd);
+ err = SSL_connect (ssl); CHK_SSL(err);
+
+ /* Following two steps are optional and not required for
+ data exchange to be successful. */
+
+ /* Get the cipher - opt */
+
+ printf ("SSL connection using %s\n", SSL_get_cipher (ssl));
+
+ /* Get server's certificate (note: beware of dynamic allocation) - opt */
+
+ server_cert = SSL_get_peer_certificate (ssl); CHK_NULL(server_cert);
+ printf ("Server certificate:\n");
+
+ str = X509_NAME_oneline (X509_get_subject_name (server_cert));
+ CHK_NULL(str);
+ printf ("\t subject: %s\n", str);
+ Free (str);
+
+ str = X509_NAME_oneline (X509_get_issuer_name (server_cert));
+ CHK_NULL(str);
+ printf ("\t issuer: %s\n", str);
+ Free (str);
+
+ /* We could do all sorts of certificate verification stuff here before
+ deallocating the certificate. */
+
+ X509_free (server_cert);
+
+ /* --------------------------------------------------- */
+ /* DATA EXCHANGE - Send a message and receive a reply. */
+
+ err = SSL_write (ssl, "Hello World!", strlen("Hello World!")); CHK_SSL(err);
+
+ shutdown (sd, 1); /* Half close, send EOF to server. */
+
+ err = SSL_read (ssl, buf, sizeof(buf) - 1); CHK_SSL(err);
+ buf[err] = '\0';
+ printf ("Got %d chars:'%s'\n", err, buf);
+
+ /* Clean up. */
+
+ close (sd);
+ SSL_free (ssl);
+ SSL_CTX_free (ctx);
+}
+/* EOF - cli.cpp */
diff --git a/src/lib/libssl/src/demos/ssl/inetdsrv.cpp b/src/lib/libssl/src/demos/ssl/inetdsrv.cpp
new file mode 100644
index 0000000000..b09c8b6e0b
--- /dev/null
+++ b/src/lib/libssl/src/demos/ssl/inetdsrv.cpp
@@ -0,0 +1,98 @@
+/* inetdserv.cpp - Minimal ssleay server for Unix inetd.conf
+ * 30.9.1996, Sampo Kellomaki <sampo@iki.fi>
+ * From /etc/inetd.conf:
+ * 1111 stream tcp nowait sampo /usr/users/sampo/demo/inetdserv inetdserv
+ */
+
+#include <stdio.h>
+#include <errno.h>
+
+#include "rsa.h" /* SSLeay stuff */
+#include "crypto.h"
+#include "x509.h"
+#include "pem.h"
+#include "ssl.h"
+#include "err.h"
+
+#define HOME "/usr/users/sampo/demo/"
+#define CERTF HOME "plain-cert.pem"
+#define KEYF HOME "plain-key.pem"
+
+#define CHK_NULL(x) if ((x)==NULL) exit (1)
+#define CHK_ERR(err,s) if ((err)==-1) \
+ { fprintf(log, "%s %d\n", (s), errno); exit(1); }
+#define CHK_SSL(err) if ((err)==-1) { ERR_print_errors_fp(log); exit(2); }
+
+void main ()
+{
+ int err;
+ SSL_CTX* ctx;
+ SSL* ssl;
+ X509* client_cert;
+ char* str;
+ char buf [4096];
+ FILE* log;
+
+ log = fopen ("/dev/console", "a"); CHK_NULL(log);
+ fprintf (log, "inetdserv %ld\n", (long)getpid());
+
+ SSL_load_error_strings();
+ ctx = SSL_CTX_new (); CHK_NULL(ctx);
+
+ err = SSL_CTX_use_RSAPrivateKey_file (ctx, KEYF, SSL_FILETYPE_PEM);
+ CHK_SSL (err);
+
+ err = SSL_CTX_use_certificate_file (ctx, CERTF, SSL_FILETYPE_PEM);
+ CHK_SSL (err);
+
+ /* inetd has already opened the TCP connection, so we can get right
+ down to business. */
+
+ ssl = SSL_new (ctx); CHK_NULL(ssl);
+ SSL_set_fd (ssl, fileno(stdin));
+ err = SSL_accept (ssl); CHK_SSL(err);
+
+ /* Get the cipher - opt */
+
+ fprintf (log, "SSL connection using %s\n", SSL_get_cipher (ssl));
+
+ /* Get client's certificate (note: beware of dynamic allocation) - opt */
+
+ client_cert = SSL_get_peer_certificate (ssl);
+ if (client_cert != NULL) {
+ fprintf (log, "Client certificate:\n");
+
+ str = X509_NAME_oneline (X509_get_subject_name (client_cert));
+ CHK_NULL(str);
+ fprintf (log, "\t subject: %s\n", str);
+ Free (str);
+
+ str = X509_NAME_oneline (X509_get_issuer_name (client_cert));
+ CHK_NULL(str);
+ fprintf (log, "\t issuer: %s\n", str);
+ Free (str);
+
+ /* We could do all sorts of certificate verification stuff here before
+ deallocating the certificate. */
+
+ X509_free (client_cert);
+ } else
+ fprintf (log, "Client doe not have certificate.\n");
+
+ /* ------------------------------------------------- */
+ /* DATA EXCHANGE: Receive message and send reply */
+
+ err = SSL_read (ssl, buf, sizeof(buf) - 1); CHK_SSL(err);
+ buf[err] = '\0';
+ fprintf (log, "Got %d chars:'%s'\n", err, buf);
+
+ err = SSL_write (ssl, "Loud and clear.", strlen("Loud and clear."));
+ CHK_SSL(err);
+
+ /* Clean up. */
+
+ fclose (log);
+ SSL_free (ssl);
+ SSL_CTX_free (ctx);
+}
+/* EOF - inetdserv.cpp */
diff --git a/src/lib/libssl/src/demos/ssl/serv.cpp b/src/lib/libssl/src/demos/ssl/serv.cpp
new file mode 100644
index 0000000000..8681f2f22b
--- /dev/null
+++ b/src/lib/libssl/src/demos/ssl/serv.cpp
@@ -0,0 +1,126 @@
+/* serv.cpp - Minimal ssleay server for Unix
+ 30.9.1996, Sampo Kellomaki <sampo@iki.fi> */
+
+#include <stdio.h>
+#include <memory.h>
+#include <errno.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#include <netdb.h>
+
+#include "rsa.h" /* SSLeay stuff */
+#include "crypto.h"
+#include "x509.h"
+#include "pem.h"
+#include "ssl.h"
+#include "err.h"
+
+#define HOME "/usr/users/sampo/sibs/tim/"
+#define CERTF HOME "plain-cert.pem"
+#define KEYF HOME "plain-key.pem"
+
+#define CHK_NULL(x) if ((x)==NULL) exit (1)
+#define CHK_ERR(err,s) if ((err)==-1) { perror(s); exit(1); }
+#define CHK_SSL(err) if ((err)==-1) { ERR_print_errors_fp(stderr); exit(2); }
+
+void main ()
+{
+ int err;
+ int listen_sd;
+ int sd;
+ struct sockaddr_in sa_serv;
+ struct sockaddr_in sa_cli;
+ int client_len;
+ SSL_CTX* ctx;
+ SSL* ssl;
+ X509* client_cert;
+ char* str;
+ char buf [4096];
+
+ /* SSL preliminaries. We keep the certificate and key with the context. */
+
+ SSL_load_error_strings();
+ ctx = SSL_CTX_new (); CHK_NULL(ctx);
+
+ err = SSL_CTX_use_RSAPrivateKey_file (ctx, KEYF, SSL_FILETYPE_PEM);
+ CHK_SSL(err);
+
+ err = SSL_CTX_use_certificate_file (ctx, CERTF, SSL_FILETYPE_PEM);
+ CHK_SSL(err);
+
+ /* ----------------------------------------------- */
+ /* Prepare TCP socket for receiving connections */
+
+ listen_sd = socket (AF_INET, SOCK_STREAM, 0); CHK_ERR(listen_sd, "socket");
+
+ memset (&sa_serv, '\0', sizeof(sa_serv));
+ sa_serv.sin_family = AF_INET;
+ sa_serv.sin_addr.s_addr = INADDR_ANY;
+ sa_serv.sin_port = htons (1111); /* Server Port number */
+
+ err = bind(listen_sd, (struct sockaddr*) &sa_serv,
+ sizeof (sa_serv)); CHK_ERR(err, "bind");
+
+ /* Receive a TCP connection. */
+
+ err = listen (listen_sd, 5); CHK_ERR(err, "listen");
+
+ client_len = sizeof(sa_cli);
+ sd = accept (listen_sd, (struct sockaddr*) &sa_cli, &client_len);
+ CHK_ERR(sd, "accept");
+ close (listen_sd);
+
+ printf ("Connection from %lx, port %x\n",
+ sa_cli.sin_addr.s_addr, sa_cli.sin_port);
+
+ /* ----------------------------------------------- */
+ /* TCP connection is ready. Do server side SSL. */
+
+ ssl = SSL_new (ctx); CHK_NULL(ssl);
+ SSL_set_fd (ssl, sd);
+ err = SSL_accept (ssl); CHK_SSL(err);
+
+ /* Get the cipher - opt */
+
+ printf ("SSL connection using %s\n", SSL_get_cipher (ssl));
+
+ /* Get client's certificate (note: beware of dynamic allocation) - opt */
+
+ client_cert = SSL_get_peer_certificate (ssl);
+ if (client_cert != NULL) {
+ printf ("Client certificate:\n");
+
+ str = X509_NAME_oneline (X509_get_subject_name (client_cert));
+ CHK_NULL(str);
+ printf ("\t subject: %s\n", str);
+ Free (str);
+
+ str = X509_NAME_oneline (X509_get_issuer_name (client_cert));
+ CHK_NULL(str);
+ printf ("\t issuer: %s\n", str);
+ Free (str);
+
+ /* We could do all sorts of certificate verification stuff here before
+ deallocating the certificate. */
+
+ X509_free (client_cert);
+ } else
+ printf ("Client does not have certificate.\n");
+
+ /* DATA EXCHANGE - Receive message and send reply. */
+
+ err = SSL_read (ssl, buf, sizeof(buf) - 1); CHK_SSL(err);
+ buf[err] = '\0';
+ printf ("Got %d chars:'%s'\n", err, buf);
+
+ err = SSL_write (ssl, "I hear you.", strlen("I hear you.")); CHK_SSL(err);
+
+ /* Clean up. */
+
+ close (sd);
+ SSL_free (ssl);
+ SSL_CTX_free (ctx);
+}
+/* EOF - serv.cpp */
diff --git a/src/lib/libssl/src/e_os.h b/src/lib/libssl/src/e_os.h
new file mode 100644
index 0000000000..3d142ec2ba
--- /dev/null
+++ b/src/lib/libssl/src/e_os.h
@@ -0,0 +1,322 @@
+/* e_os.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_E_OS_H
+#define HEADER_E_OS_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Used to checking reference counts, most while doing perl5 stuff :-) */
+#ifdef REF_PRINT
+#undef REF_PRINT
+#define REF_PRINT(a,b) fprintf(stderr,"%08X:%4d:%s\n",(int)b,b->references,a)
+#endif
+
+#ifndef DEVRANDOM
+/* set this to your 'random' device if you have one.
+ * My default, we will try to read this file */
+#define DEVRANDOM "/dev/urandom"
+#endif
+
+#if defined(NOCONST)
+#define const
+#endif
+
+/********************************************************************
+ The Microsoft section
+ ********************************************************************/
+/* The following is used becaue of the small stack in some
+ * Microsoft operating systems */
+#if defined(WIN16) || defined(MSDOS)
+# define MS_STATIC static
+#else
+# define MS_STATIC
+#endif
+
+#if defined(WIN32) || defined(WIN16)
+# ifndef WINDOWS
+# define WINDOWS
+# endif
+# ifndef MSDOS
+# define MSDOS
+# endif
+#endif
+
+#ifdef WIN32
+#define get_last_sys_error() GetLastError()
+#define clear_sys_error() SetLastError(0)
+#else
+#define get_last_sys_error() errno
+#define clear_sys_error() errno=0
+#endif
+
+#ifdef WINDOWS
+#define get_last_socket_error() WSAGetLastError()
+#define clear_socket_error() WSASetLastError(0)
+#else
+#define get_last_socket_error() errno
+#define clear_socket_error() errno=0
+#define ioctlsocket(a,b,c) ioctl(a,b,c)
+#endif
+
+#ifdef WIN16
+# define NO_FP_API
+# define MS_CALLBACK _far _loadds
+# define MS_FAR _far
+#else
+# define MS_CALLBACK
+# define MS_FAR
+#endif
+
+#ifdef NO_STDIO
+# define NO_FP_API
+#endif
+
+#if defined(WINDOWS) || defined(MSDOS)
+
+#ifndef S_IFDIR
+#define S_IFDIR _S_IFDIR
+#endif
+
+#ifndef S_IFMT
+#define S_IFMT _S_IFMT
+#endif
+
+#define strncasecmp(a,b,c) strnicmp((a),(b),(c))
+
+# ifdef WINDOWS
+# include <windows.h>
+# include <stddef.h>
+# include <errno.h>
+# include <string.h>
+# include <malloc.h>
+# endif
+# include <io.h>
+# include <fcntl.h>
+
+#if defined(WIN16) && !defined(MONOLITH) && defined(SSLEAY) && defined(_WINEXITNOPERSIST)
+# define EXIT(n) { if (n == 0) _wsetexit(_WINEXITNOPERSIST); return(n); }
+#else
+# define EXIT(n) return(n);
+#endif
+# define LIST_SEPARATOR_CHAR ';'
+#ifndef X_OK
+# define X_OK 0
+#endif
+#ifndef W_OK
+# define W_OK 2
+#endif
+#ifndef R_OK
+# define R_OK 4
+#endif
+# define SSLEAY_CONF "ssleay.cnf"
+# define NUL_DEV "nul"
+# define RFILE ".rnd"
+
+#else /* The non-microsoft world world */
+
+# ifdef VMS
+# include <unixlib.h>
+# else
+# include <unistd.h>
+# endif
+
+# define SSLEAY_CONF "ssleay.cnf"
+# define RFILE ".rnd"
+# define LIST_SEPARATOR_CHAR ':'
+# ifndef MONOLITH
+# define EXIT(n) exit(n); return(n)
+# else
+# define EXIT(n) return(n)
+# endif
+# define NUL_DEV "/dev/null"
+
+# define SSLeay_getpid() getpid()
+
+#endif
+
+/*************/
+
+#ifdef USE_SOCKETS
+# if defined(WINDOWS) || defined(MSDOS)
+ /* windows world */
+
+# ifdef NO_SOCK
+# define SSLeay_Write(a,b,c) (-1)
+# define SSLeay_Read(a,b,c) (-1)
+# define SHUTDOWN(fd) close(fd)
+# define SHUTDOWN2(fd) close(fd)
+# else
+# include <winsock.h>
+extern HINSTANCE _hInstance;
+# define SSLeay_Write(a,b,c) send((a),(b),(c),0)
+# define SSLeay_Read(a,b,c) recv((a),(b),(c),0)
+# define SHUTDOWN(fd) { shutdown((fd),0); closesocket(fd); }
+# define SHUTDOWN2(fd) { shutdown((fd),2); closesocket(fd); }
+# endif
+
+
+# else
+
+# ifndef VMS
+ /* unix world */
+# include <netdb.h>
+# include <sys/types.h>
+# include <sys/socket.h>
+# ifdef FILIO_H
+# include <sys/filio.h> /* Added for FIONBIO under unixware */
+# endif
+# include <sys/param.h>
+# include <sys/time.h> /* Needed under linux for FD_XXX */
+# include <netinet/in.h>
+# endif
+
+# if defined(NeXT) || defined(_NEXT_SOURCE)
+# include <sys/fcntl.h>
+# include <sys/types.h>
+# endif
+
+# ifdef AIX
+# include <sys/select.h>
+# endif
+
+# if defined(sun)
+# include <sys/filio.h>
+# else
+# include <sys/ioctl.h>
+# endif
+
+# ifdef VMS
+# include <unixio.h>
+# endif
+
+# define SSLeay_Read(a,b,c) read((a),(b),(c))
+# define SSLeay_Write(a,b,c) write((a),(b),(c))
+# define SHUTDOWN(fd) { shutdown((fd),0); close((fd)); }
+# define SHUTDOWN2(fd) { shutdown((fd),2); close((fd)); }
+# define INVALID_SOCKET -1
+# endif
+#endif
+
+#if defined(THREADS) || defined(sun)
+#ifndef _REENTRANT
+#define _REENTRANT
+#endif
+#endif
+
+/***********************************************/
+
+#ifndef NOPROTO
+#define P_CC_CC const void *,const void *
+#define P_I_I int,int
+#define P_I_I_P int,int,char *
+#define P_I_I_P_I int,int,char *,int
+#define P_IP_I_I_P_I int *,int,int,char *,int
+#define P_V void
+#else
+#define P_CC_CC
+#define P_I_I
+#define P_I_I_P
+#define P_IP_I_I_P_I
+#define P_I_I_P_I
+#define P_V
+#endif
+
+/* not used yet */
+#define CS_BEGIN
+#define CS_END
+
+/* do we need to do this for getenv.
+ * Just define getenv for use under windows */
+
+#ifdef WIN16
+/* How to do this needs to be thought out a bit more.... */
+/*char *GETENV(char *);
+#define Getenv GETENV*/
+#define Getenv getenv
+#else
+#define Getenv getenv
+#endif
+
+#define DG_GCC_BUG /* gcc < 2.6.3 on DGUX */
+
+#ifdef sgi
+#define IRIX_CC_BUG /* all version of IRIX I've tested (4.* 5.*) */
+#endif
+
+#ifdef NO_MD2
+#define MD2_Init MD2Init
+#define MD2_Update MD2Update
+#define MD2_Final MD2Final
+#define MD2_DIGEST_LENGTH 16
+#endif
+#ifdef NO_MD5
+#define MD5_Init MD5Init
+#define MD5_Update MD5Update
+#define MD5_Final MD5Final
+#define MD5_DIGEST_LENGTH 16
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
+
diff --git a/src/lib/libssl/src/makevms.com b/src/lib/libssl/src/makevms.com
new file mode 100644
index 0000000000..2f4792aa9a
--- /dev/null
+++ b/src/lib/libssl/src/makevms.com
@@ -0,0 +1,65 @@
+$!
+$! This procedure compiles the SSL sources into 2 libraries:
+$! [.CRYPTO]CRYPTO-xxx.OLB ! crypto-graphics subroutines
+$! [.SSL]SSL-xxx.OLB ! SSL protocol.
+$!
+$! where 'xxx' specifies the machine achitecture: AXP or VAX
+$!
+$! To perform 1 sub-option, specify P1 as one of:
+$! INCLUDE CRYPTO SSL SSL_TASK
+$!
+$! Requirements:
+$! DECC 4.0 (may work with other versions)
+$! OpenVMS 6.1 (may work with other versions)
+$!
+$ original_default = f$environment("DEFAULT")
+$ proc = f$environment("PROCEDURE")
+$ proc_dir = f$parse("1.1;1",proc) - "1.1;1"
+$ set default 'proc_dir'
+$!
+$! Copy all include files to [.include]
+$!
+$ set noon
+$ if P1 .nes. "" then goto do_'p1'
+$ do_include
+$ write sys$output "Rebuilding [.include] directory..."
+$ delete [.include]*.h;*
+$ backup [.*...]*.h; includes.bck/save
+$ backup includes.bck/save [.include]
+$ delete includes.bck;
+$ if p1 .nes. "" then goto cleanup
+$!
+$! Build crypto lib.
+$!
+$ do_crypto:
+$ write sys$Output "Making CRYPTO library"
+$ set default [.crypto]
+$ @libvms
+$ set default [-]
+$ if p1 .nes. "" then goto cleanup
+$!
+$! Build SSL lib.
+$!
+$ do_ssl:
+$ write sys$output "Making SSL library"
+$ set default [.ssl]
+$ libname = "ssl-axp.olb"
+$ if f$getsyi("CPU") .lt. 128 then libname = "ssl-vax.olb"
+$ if f$search(libname) .eqs. "" then library/create/log 'libname'
+$ cc ssl.c/include=[-.include]/prefix=all
+$ library/replace 'libname' ssl.obj
+$ set default [-]
+$ if p1 .nes. "" then goto cleanup
+$!
+$ do_ssl_task:
+$ write sys$output "Building SSL_TASK.EXE, the DECnet-based SSL engine"
+$ set default [.ssl]
+$ libname = "ssl-axp.olb"
+$ if f$getsyi("CPU") .lt. 128 then libname = "ssl-vax.olb"
+$ cc ssl_task/include=[-.include]/prefix=all
+$ cryptolib = "[-.crypto]crypto-" + f$element(1,"-",libname)
+$ link ssl_task,'libname'/library,'cryptolib'/library
+$!
+$ cleanup:
+$ set default 'original_default'
+$ write sys$output "Done"
diff --git a/src/lib/libssl/src/ms/.rnd b/src/lib/libssl/src/ms/.rnd
new file mode 100644
index 0000000000..03072abc1f
Binary files /dev/null and b/src/lib/libssl/src/ms/.rnd differ
diff --git a/src/lib/libssl/src/ms/16all.bat b/src/lib/libssl/src/ms/16all.bat
new file mode 100644
index 0000000000..e57e177177
--- /dev/null
+++ b/src/lib/libssl/src/ms/16all.bat
@@ -0,0 +1,12 @@
+set OPTS=no_asm
+
+perl Configure VC-WIN16
+perl util\mk1mf.pl %OPTS% debug VC-WIN16 >d16.mak
+perl util\mk1mf.pl %OPTS% VC-WIN16 >16.mak
+perl util\mk1mf.pl %OPTS% debug dll VC-WIN16 >d16dll.mak
+perl util\mk1mf.pl %OPTS% dll VC-WIN16 >16dll.mak
+
+nmake -f d16.mak
+nmake -f 16.mak
+nmake -f d16dll.mak
+nmake -f 16dll.mak
diff --git a/src/lib/libssl/src/ms/32all.bat b/src/lib/libssl/src/ms/32all.bat
new file mode 100644
index 0000000000..088c942887
--- /dev/null
+++ b/src/lib/libssl/src/ms/32all.bat
@@ -0,0 +1,12 @@
+set OPTS=no_asm
+
+perl Configure VC-WIN32
+perl util\mk1mf.pl %OPTS% debug VC-WIN32 >d32.mak
+perl util\mk1mf.pl %OPTS% VC-WIN32 >32.mak
+perl util\mk1mf.pl %OPTS% debug dll VC-WIN32 >d32dll.mak
+perl util\mk1mf.pl %OPTS% dll VC-WIN32 >32dll.mak
+
+nmake -f d32.mak
+nmake -f 32.mak
+nmake -f d32dll.mak
+nmake -f 32dll.mak
diff --git a/src/lib/libssl/src/ms/README b/src/lib/libssl/src/ms/README
new file mode 100644
index 0000000000..5804a2d84a
--- /dev/null
+++ b/src/lib/libssl/src/ms/README
@@ -0,0 +1,18 @@
+Run these makefiles from the top level as in
+nmake -f ms\makefilename
+to build with visual C++ 4.[01].
+
+The results will be in the out directory.
+
+These makefiles and def files were generated my typing
+
+perl util\mk1mf.pl VC-MSDOS no-sock >ms/msdos.mak
+perl util\mk1mf.pl VC-W31-32 >ms/w31.mak
+perl util\mk1mf.pl VC-W31-32 dll >ms/w31dll.mak
+perl util\mk1mf.pl VC-NT >ms/nt.mak
+perl util\mk1mf.pl VC-NT dll >ms/ntdll.mak
+
+perl util\mkdef.pl 16 crypto > ms/crypto16.def
+perl util\mkdef.pl 32 crypto > ms/crypto32.def
+perl util\mkdef.pl 16 ssl > ms/ssl16.def
+perl util\mkdef.pl 32 ssl > ms/ssl32.def
diff --git a/src/lib/libssl/src/ms/certCA.srl b/src/lib/libssl/src/ms/certCA.srl
new file mode 100644
index 0000000000..d6b24041cf
--- /dev/null
+++ b/src/lib/libssl/src/ms/certCA.srl
@@ -0,0 +1 @@
+19
diff --git a/src/lib/libssl/src/ms/certCA.ss b/src/lib/libssl/src/ms/certCA.ss
new file mode 100644
index 0000000000..6bfccc7c48
--- /dev/null
+++ b/src/lib/libssl/src/ms/certCA.ss
@@ -0,0 +1,10 @@
+-----BEGIN CERTIFICATE-----
+MIIBXDCCAQYCAQAwDQYJKoZIhvcNAQEEBQAwOTELMAkGA1UEBhMCQVUxFzAVBgNV
+BAoTDkRvZGd5IEJyb3RoZXJzMREwDwYDVQQDEwhEb2RneSBDQTAeFw05NzExMjgw
+MDA3MzBaFw05NzEyMjgwMDA3MzBaMDkxCzAJBgNVBAYTAkFVMRcwFQYDVQQKEw5E
+b2RneSBCcm90aGVyczERMA8GA1UEAxMIRG9kZ3kgQ0EwXDANBgkqhkiG9w0BAQEF
+AANLADBIAkEAwOKExbdfKLemEMGOKeBgqI3abJE9yzf3WhrPcQLRAyM85YPxk0DQ
+YWwhEh9i2BxGWYAZ7Krv1EqdsViCQBGuBQIDAQABMA0GCSqGSIb3DQEBBAUAA0EA
+VXYhZ1FnfBFIjHiYV8PD4uQuVJLhNa2q3cSWX1HTHfbrAPa/lMSUWuWcYwD3lBeb
+D69W77B0LqAfVajBQwbXkQ==
+-----END CERTIFICATE-----
diff --git a/src/lib/libssl/src/ms/certU.ss b/src/lib/libssl/src/ms/certU.ss
new file mode 100644
index 0000000000..6a0302ed1d
--- /dev/null
+++ b/src/lib/libssl/src/ms/certU.ss
@@ -0,0 +1,10 @@
+-----BEGIN CERTIFICATE-----
+MIIBcTCCARsCARgwDQYJKoZIhvcNAQEEBQAwOTELMAkGA1UEBhMCQVUxFzAVBgNV
+BAoTDkRvZGd5IEJyb3RoZXJzMREwDwYDVQQDEwhEb2RneSBDQTAeFw05NzExMjgw
+MDA3MzRaFw05NzEyMjgwMDA3MzRaME4xCzAJBgNVBAYTAkFVMRcwFQYDVQQKEw5E
+b2RneSBCcm90aGVyczESMBAGA1UEAxMJQnJvdGhlciAxMRIwEAYDVQQDEwlCcm90
+aGVyIDIwXDANBgkqhkiG9w0BAQEFAANLADBIAkEAyfgRHCZvlyq9yiQisWmetnpb
+DZMhZB+HjuxQxp3gEpI7P8q5Z5tXIU5+OFAfIRkRdMGa/UK+NVg7AJ6UYyIR3wID
+AQABMA0GCSqGSIb3DQEBBAUAA0EAgH3htGAw6tMcZYANofqYr96RhjnxzCGZkUq3
+SH9thHUBywcXQo6BUpGxUXFExW4NA2f49OWQxf8kYrVAXHcCsA==
+-----END CERTIFICATE-----
diff --git a/src/lib/libssl/src/ms/cmp.pl b/src/lib/libssl/src/ms/cmp.pl
new file mode 100644
index 0000000000..c6bfcae6c5
--- /dev/null
+++ b/src/lib/libssl/src/ms/cmp.pl
@@ -0,0 +1,47 @@
+#!/usr/bin/perl
+
+($#ARGV == 1) || die "usage: cmp.pl <file1> <file2>\n";
+
+open(IN0,"<$ARGV[0]") || die "unable to open $ARGV[0]\n";
+open(IN1,"<$ARGV[1]") || die "unable to open $ARGV[1]\n";
+binmode IN0;
+binmode IN1;
+
+$tot=0;
+$ret=1;
+for (;;)
+ {
+ $n1=sysread(IN0,$b1,4096);
+ $n2=sysread(IN1,$b2,4096);
+
+ last if ($n1 != $n2);
+ last if ($b1 ne $b2);
+ last if ($n1 < 0);
+ if ($n1 == 0)
+ {
+ $ret=0;
+ last;
+ }
+ $tot+=$n1;
+ }
+
+close(IN0);
+close(IN1);
+if ($ret)
+ {
+ printf STDERR "$ARGV[0] and $ARGV[1] are different\n";
+ @a1=unpack("C*",$b1);
+ @a2=unpack("C*",$b2);
+ for ($i=0; $i<=$#a1; $i++)
+ {
+ if ($a1[$i] ne $a2[$i])
+ {
+ printf "%02X %02X <<\n",$a1[$i],$a2[$i];
+ last;
+ }
+ }
+ $nm=$tot+$n1;
+ $tot+=$i+1;
+ printf STDERR "diff at char $tot of $nm\n";
+ }
+exit($ret);
diff --git a/src/lib/libssl/src/ms/do_ms.bat b/src/lib/libssl/src/ms/do_ms.bat
new file mode 100644
index 0000000000..673d706a1a
--- /dev/null
+++ b/src/lib/libssl/src/ms/do_ms.bat
@@ -0,0 +1,11 @@
+
+rem perl util\mk1mf.pl VC-MSDOS no-sock >ms\msdos.mak
+rem perl util\mk1mf.pl VC-W31-32 >ms\w31.mak
+perl util\mk1mf.pl VC-W31-32 dll >ms\w31dll.mak
+rem perl util\mk1mf.pl VC-WIN32 >ms\nt.mak
+perl util\mk1mf.pl VC-WIN32 dll >ms\ntdll.mak
+
+perl util\mkdef.pl 16 libeay > ms\libeay16.def
+perl util\mkdef.pl 32 libeay > ms\libeay32.def
+perl util\mkdef.pl 16 ssleay > ms\ssleay16.def
+perl util\mkdef.pl 32 ssleay > ms\ssleay32.def
diff --git a/src/lib/libssl/src/ms/keyCA.ss b/src/lib/libssl/src/ms/keyCA.ss
new file mode 100644
index 0000000000..9ed3e7dc46
--- /dev/null
+++ b/src/lib/libssl/src/ms/keyCA.ss
@@ -0,0 +1,9 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIBOwIBAAJBAMDihMW3Xyi3phDBjingYKiN2myRPcs391oaz3EC0QMjPOWD8ZNA
+0GFsIRIfYtgcRlmAGeyq79RKnbFYgkARrgUCAwEAAQJAGEWo/ZRoth/+Fse0kxJ4
+N126acURKJx/VOhgyFDZanJxxwhaXRRkZZfXgFP5StY2lAOrcuMnsDjc8XYNrvcE
+wQIhAOXcIp0eZfoPAAuhoQ2bd94dg8QX+8Hv38oJBUuduTs1AiEA1tHvlMrRC1dp
+mPUWooFaRFfadFvCMJy5ouGQ24bKMZECIB1YiHbEvcI6DghuHzCsi5Yo8HyljzfI
+VyrlEe8AePiNAiEAv6Hxpnsy9noZAlEIyxi3TKZOg2Rjm/gDhfDQx3S7pHECIQDC
+R6w+uHZzVJ50/kNh3mJow2W2+Rffkk2hcM4r5Sf4Vg==
+-----END RSA PRIVATE KEY-----
diff --git a/src/lib/libssl/src/ms/keyU.ss b/src/lib/libssl/src/ms/keyU.ss
new file mode 100644
index 0000000000..ab62876195
--- /dev/null
+++ b/src/lib/libssl/src/ms/keyU.ss
@@ -0,0 +1,9 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIBOgIBAAJBAMn4ERwmb5cqvcokIrFpnrZ6Ww2TIWQfh47sUMad4BKSOz/KuWeb
+VyFOfjhQHyEZEXTBmv1CvjVYOwCelGMiEd8CAwEAAQJAEu/4orwT4Ie4bfi/bAUs
+RY3pdbdi/SFbs5IC7OymsvbqO/J5/6lTLKX/CFUvXjbpd922jfNMQzdalOfZ7R+K
+aQIhAP9DOq6eFRbNqzxxDadOOSLFEcWBZwzIX12zoPgxarPDAiEAyo1tF3zbU93G
+WQ1yjlhXYm07VdoZV0CUI6dKkB0ok7UCIEmiQhZHAbxfPcskrZSaiv7NrE+2AVz9
+nAzymTefQbFzAiAFCODmTY8yFXghrIjlauK5Kpfn+WTZ21wTSsw6qs7gZQIhAK2l
+vwdD73PZSW928dZ9VoV7Dh7Klflf6J+xrJIibP7z
+-----END RSA PRIVATE KEY-----
diff --git a/src/lib/libssl/src/ms/req2CA.ss b/src/lib/libssl/src/ms/req2CA.ss
new file mode 100644
index 0000000000..6a3dd4e2d0
--- /dev/null
+++ b/src/lib/libssl/src/ms/req2CA.ss
@@ -0,0 +1,29 @@
+Certificate Request:
+ Data:
+ Version: 0 (0x0)
+ Subject: C=AU, O=Dodgy Brothers, CN=Dodgy CA
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (512 bit)
+ Modulus (512 bit):
+ 00:c0:e2:84:c5:b7:5f:28:b7:a6:10:c1:8e:29:e0:
+ 60:a8:8d:da:6c:91:3d:cb:37:f7:5a:1a:cf:71:02:
+ d1:03:23:3c:e5:83:f1:93:40:d0:61:6c:21:12:1f:
+ 62:d8:1c:46:59:80:19:ec:aa:ef:d4:4a:9d:b1:58:
+ 82:40:11:ae:05
+ Exponent: 65537 (0x10001)
+ Attributes:
+ a0:00
+ Signature Algorithm: md5WithRSAEncryption
+ 12:14:96:c0:0e:ea:5a:08:6f:13:fd:72:84:6a:26:33:29:f9:
+ 52:39:4c:fc:ec:da:0d:83:39:2e:27:17:9b:f8:46:03:b5:dd:
+ 52:a6:dd:3a:50:8e:73:4f:87:94:59:31:1d:5a:54:24:96:4d:
+ d4:57:95:4c:ca:4c:dc:0b:b8:5f
+-----BEGIN CERTIFICATE REQUEST-----
+MIHzMIGeAgEAMDkxCzAJBgNVBAYTAkFVMRcwFQYDVQQKEw5Eb2RneSBCcm90aGVy
+czERMA8GA1UEAxMIRG9kZ3kgQ0EwXDANBgkqhkiG9w0BAQEFAANLADBIAkEAwOKE
+xbdfKLemEMGOKeBgqI3abJE9yzf3WhrPcQLRAyM85YPxk0DQYWwhEh9i2BxGWYAZ
+7Krv1EqdsViCQBGuBQIDAQABoAAwDQYJKoZIhvcNAQEEBQADQQASFJbADupaCG8T
+/XKEaiYzKflSOUz87NoNgzkuJxeb+EYDtd1Spt06UI5zT4eUWTEdWlQklk3UV5VM
+ykzcC7hf
+-----END CERTIFICATE REQUEST-----
diff --git a/src/lib/libssl/src/ms/reqCA.ss b/src/lib/libssl/src/ms/reqCA.ss
new file mode 100644
index 0000000000..be8ca974d0
--- /dev/null
+++ b/src/lib/libssl/src/ms/reqCA.ss
@@ -0,0 +1,8 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIHzMIGeAgEAMDkxCzAJBgNVBAYTAkFVMRcwFQYDVQQKEw5Eb2RneSBCcm90aGVy
+czERMA8GA1UEAxMIRG9kZ3kgQ0EwXDANBgkqhkiG9w0BAQEFAANLADBIAkEAwOKE
+xbdfKLemEMGOKeBgqI3abJE9yzf3WhrPcQLRAyM85YPxk0DQYWwhEh9i2BxGWYAZ
+7Krv1EqdsViCQBGuBQIDAQABoAAwDQYJKoZIhvcNAQEFBQADQQDAvyCzrfhnLH8V
+tldPhV9imEi8Dh8vjRYIIb4AlIq25ku8NJyTHi3zOwvH2iiTUx4oxOV9/++UbU+l
+dmT7y1IS
+-----END CERTIFICATE REQUEST-----
diff --git a/src/lib/libssl/src/ms/reqU.ss b/src/lib/libssl/src/ms/reqU.ss
new file mode 100644
index 0000000000..9223897196
--- /dev/null
+++ b/src/lib/libssl/src/ms/reqU.ss
@@ -0,0 +1,8 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBCDCBswIBADBOMQswCQYDVQQGEwJBVTEXMBUGA1UEChMORG9kZ3kgQnJvdGhl
+cnMxEjAQBgNVBAMTCUJyb3RoZXIgMTESMBAGA1UEAxMJQnJvdGhlciAyMFwwDQYJ
+KoZIhvcNAQEBBQADSwAwSAJBAMn4ERwmb5cqvcokIrFpnrZ6Ww2TIWQfh47sUMad
+4BKSOz/KuWebVyFOfjhQHyEZEXTBmv1CvjVYOwCelGMiEd8CAwEAAaAAMA0GCSqG
+SIb3DQEBAgUAA0EAbE4cboaJY3vKmskyPC1cS5Jn4WjFOjaUCNI5MjeTNTZ6AE4o
+h6Sx4PeQomjMA1gRGrHCz+5IyVBcgskY5IYLCw==
+-----END CERTIFICATE REQUEST-----
diff --git a/src/lib/libssl/src/ms/speed16.bat b/src/lib/libssl/src/ms/speed16.bat
new file mode 100644
index 0000000000..7ff08851a2
--- /dev/null
+++ b/src/lib/libssl/src/ms/speed16.bat
@@ -0,0 +1,38 @@
+set makefile=ms\dos.bat
+
+perl Configure b
+del tmp\*.obj
+nmake -f %makefile%
+nmake -f %makefile%
+nmake -f %makefile%
+out\ssleay version -v -b -f >speed.1
+out\ssleay speed >speed.1l
+
+perl Configure bl-4c-2c
+del tmp\rc4*.obj tmp\bn*.obj tmp\md2_dgst.obj
+nmake -f %makefile%
+nmake -f %makefile%
+nmake -f %makefile%
+out\ssleay speed rc4 rsa md2 >speed.2l
+
+perl Configure bl-4c-ri
+del tmp\rc4*.obj
+nmake -f %makefile%
+nmake -f %makefile%
+nmake -f %makefile%
+out\ssleay speed rc4 >speed.3l
+
+perl Configure b2-is-ri-dp
+perl util\mk1mf.pl VC-MSDOS no-asm >m2
+del tmp\i_*.obj tmp\rc4*.obj tmp\ecb_enc.obj tmp\bn*.obj
+nmake -f m2
+nmake -f m2
+nmake -f m2
+out\ssleay speed rsa rc4 idea des >speed.4l
+
+type speed.1 >speed.log
+type speed.1l >>speed.log
+perl util\sp-diff.pl speed.1l speed.2l >>speed.log
+perl util\sp-diff.pl speed.1l speed.3l >>speed.log
+perl util\sp-diff.pl speed.1l speed.4l >>speed.log
+
diff --git a/src/lib/libssl/src/ms/speed32.bat b/src/lib/libssl/src/ms/speed32.bat
new file mode 100644
index 0000000000..95f7ce9505
--- /dev/null
+++ b/src/lib/libssl/src/ms/speed32.bat
@@ -0,0 +1,37 @@
+set makefile=ms\nt.mak
+
+perl Configure b
+del tmp\*.obj
+nmake -f %makefile%
+nmake -f %makefile%
+nmake -f %makefile%
+out\ssleay version -v -b -f >speed.1
+out\ssleay speed >speed.1l
+
+perl Configure bl-4c-2c
+del tmp\rc4*.obj tmp\bn*.obj tmp\md2_dgst.obj
+nmake -f %makefile%
+nmake -f %makefile%
+nmake -f %makefile%
+out\ssleay speed rc4 rsa md2 >speed.2l
+
+perl Configure bl-4c-ri
+del tmp\rc4*.obj
+nmake -f %makefile%
+nmake -f %makefile%
+nmake -f %makefile%
+out\ssleay speed rc4 >speed.3l
+
+perl Configure b2-is-ri-dp
+del tmp\i_*.obj tmp\rc4*.obj tmp\ecb_enc.obj tmp\bn*.obj
+nmake -f %makefile%
+nmake -f %makefile%
+nmake -f %makefile%
+out\ssleay speed rsa rc4 idea des >speed.4l
+
+type speed.1 >speed.log
+type speed.1l >>speed.log
+perl util\sp-diff.pl speed.1l speed.2l >>speed.log
+perl util\sp-diff.pl speed.1l speed.3l >>speed.log
+perl util\sp-diff.pl speed.1l speed.4l >>speed.log
+
diff --git a/src/lib/libssl/src/ms/tenc.bat b/src/lib/libssl/src/ms/tenc.bat
new file mode 100644
index 0000000000..a4fa7f3652
--- /dev/null
+++ b/src/lib/libssl/src/ms/tenc.bat
@@ -0,0 +1,14 @@
+rem called by testenc
+
+echo test %1 %2 %3 %4 %5 %6
+%ssleay% %1 %2 %3 %4 %5 %6 -e -bufsize 113 -k test -in %input% -out %tmp1%
+%ssleay% %1 %2 %3 %4 %5 %6 -d -bufsize 157 -k test -in %tmp1% -out %out1%
+%cmp% %input% %out1%
+if errorlevel 1 goto err
+
+echo test base64 %1 %2 %3 %4 %5 %6
+%ssleay% %1 %2 %3 %4 %5 %6 -a -e -bufsize 113 -k test -in %input% -out %tmp1%
+%ssleay% %1 %2 %3 %4 %5 %6 -a -d -bufsize 157 -k test -in %tmp1% -out %out1%
+%cmp% %input% %out1%
+
+:err
diff --git a/src/lib/libssl/src/ms/test.bat b/src/lib/libssl/src/ms/test.bat
new file mode 100644
index 0000000000..cffaf46524
--- /dev/null
+++ b/src/lib/libssl/src/ms/test.bat
@@ -0,0 +1,134 @@
+@echo=off
+
+set test=..\ms
+
+rem run this from inside the bin directory
+
+echo destest
+destest
+if errorlevel 1 goto done
+
+echo ideatest
+ideatest
+if errorlevel 1 goto done
+
+echo bftest
+bftest
+if errorlevel 1 goto done
+
+echo shatest
+shatest
+if errorlevel 1 goto done
+
+echo sha1test
+sha1test
+if errorlevel 1 goto done
+
+echo md5test
+md5test
+if errorlevel 1 goto done
+
+echo md2test
+md2test
+if errorlevel 1 goto done
+
+echo mdc2test
+mdc2test
+if errorlevel 1 goto done
+
+echo rc2test
+rc2test
+if errorlevel 1 goto done
+
+echo rc4test
+rc4test
+if errorlevel 1 goto done
+
+echo randtest
+randtest
+if errorlevel 1 goto done
+
+echo dhtest
+dhtest
+if errorlevel 1 goto done
+
+echo exptest
+exptest
+if errorlevel 1 goto done
+
+echo dsatest
+dsatest
+if errorlevel 1 goto done
+
+echo testenc
+call %test%\testenc ssleay
+if errorlevel 1 goto done
+
+echo testpem
+call %test%\testpem ssleay
+if errorlevel 1 goto done
+
+echo verify
+copy ..\certs\*.pem cert.tmp >nul
+ssleay verify -CAfile cert.tmp ..\certs\*.pem
+
+echo testss
+call %test%\testss ssleay
+if errorlevel 1 goto done
+
+echo test sslv2
+ssltest -ssl2
+if errorlevel 1 goto done
+
+echo test sslv2 with server authentication
+ssltest -ssl2 -server_auth -CAfile cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv2 with client authentication
+ssltest -ssl2 -client_auth -CAfile cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv2 with both client and server authentication
+ssltest -ssl2 -server_auth -client_auth -CAfile cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv3
+ssltest -ssl3
+if errorlevel 1 goto done
+
+echo test sslv3 with server authentication
+ssltest -ssl3 -server_auth -CAfile cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv3 with client authentication
+ssltest -ssl3 -client_auth -CAfile cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv3 with both client and server authentication
+ssltest -ssl3 -server_auth -client_auth -CAfile cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv2/sslv3
+ssltest
+if errorlevel 1 goto done
+
+echo test sslv2/sslv3 with server authentication
+ssltest -server_auth -CAfile cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv2/sslv3 with client authentication
+ssltest -client_auth -CAfile cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv2/sslv3 with both client and server authentication
+ssltest -server_auth -client_auth -CAfile cert.tmp
+if errorlevel 1 goto done
+
+
+del cert.tmp
+
+echo passed all tests
+goto end
+:done
+echo problems.....
+:end
diff --git a/src/lib/libssl/src/ms/testenc.bat b/src/lib/libssl/src/ms/testenc.bat
new file mode 100644
index 0000000000..2c73bb7d1c
--- /dev/null
+++ b/src/lib/libssl/src/ms/testenc.bat
@@ -0,0 +1,93 @@
+echo=off
+
+echo start testenc
+path=..\ms;%path%
+set ssleay=%1%
+set input=..\ms\testenc.bat
+set tmp1=..\ms\cipher.out
+set out1=..\ms\clear.out
+set cmp=perl ..\ms\cmp.pl
+
+call tenc.bat enc
+if errorlevel 1 goto err
+
+call tenc.bat rc4
+if errorlevel 1 goto err
+
+call tenc.bat des-cfb
+if errorlevel 1 goto err
+
+call tenc.bat des-ede-cfb
+if errorlevel 1 goto err
+
+call tenc.bat des-ede3-cfb
+if errorlevel 1 goto err
+
+call tenc.bat des-ofb
+if errorlevel 1 goto err
+
+call tenc.bat des-ede-ofb
+if errorlevel 1 goto err
+
+call tenc.bat des-ede3-ofb
+if errorlevel 1 goto err
+
+call tenc.bat des-ecb
+if errorlevel 1 goto err
+
+call tenc.bat des-ede
+if errorlevel 1 goto err
+
+call tenc.bat des-ede3
+if errorlevel 1 goto err
+
+call tenc.bat des-cbc
+if errorlevel 1 goto err
+
+call tenc.bat des-ede-cbc
+if errorlevel 1 goto err
+
+call tenc.bat des-ede3-cbc
+if errorlevel 1 goto err
+
+call tenc.bat idea-ecb
+if errorlevel 1 goto err
+
+call tenc.bat idea-cfb
+if errorlevel 1 goto err
+
+call tenc.bat idea-ofb
+if errorlevel 1 goto err
+
+call tenc.bat idea-cbc
+if errorlevel 1 goto err
+
+call tenc.bat rc2-ecb
+if errorlevel 1 goto err
+
+call tenc.bat rc2-cfb
+if errorlevel 1 goto err
+
+call tenc.bat rc2-ofb
+if errorlevel 1 goto err
+
+call tenc.bat rc2-cbc
+if errorlevel 1 goto err
+
+call tenc.bat bf-ecb
+if errorlevel 1 goto err
+
+call tenc.bat bf-cfb
+if errorlevel 1 goto err
+
+call tenc.bat bf-ofb
+if errorlevel 1 goto err
+
+call tenc.bat bf-cbc
+if errorlevel 1 goto err
+
+echo OK
+del %out1%
+del %tmp1%
+:err
+
diff --git a/src/lib/libssl/src/ms/testpem.bat b/src/lib/libssl/src/ms/testpem.bat
new file mode 100644
index 0000000000..8f6cdd4d04
--- /dev/null
+++ b/src/lib/libssl/src/ms/testpem.bat
@@ -0,0 +1,36 @@
+echo=off
+set ssleay=%1%
+set tmp1=pem.out
+set cmp=perl ..\ms\cmp.pl
+
+call tpem.bat crl ..\test\testcrl.pem
+if errorlevel 1 goto err
+
+call tpem.bat pkcs7 ..\test\testp7.pem
+if errorlevel 1 goto err
+
+call tpem.bat req ..\test\testreq.pem
+if errorlevel 1 goto err
+
+call tpem.bat req ..\test\testreq2.pem
+if errorlevel 1 goto err
+
+call tpem.bat rsa ..\test\testrsa.pem
+if errorlevel 1 goto err
+
+call tpem.bat x509 ..\test\testx509.pem
+if errorlevel 1 goto err
+
+call tpem.bat x509 ..\test\v3-cert1.pem
+if errorlevel 1 goto err
+
+call tpem.bat x509 ..\test\v3-cert1.pem
+if errorlevel 1 goto err
+
+call tpem.bat sess_id ..\test\testsid.pem
+if errorlevel 1 goto err
+
+echo OK
+del %tmp1%
+:err
+
diff --git a/src/lib/libssl/src/ms/testss.bat b/src/lib/libssl/src/ms/testss.bat
new file mode 100644
index 0000000000..9a3bf428ce
--- /dev/null
+++ b/src/lib/libssl/src/ms/testss.bat
@@ -0,0 +1,98 @@
+echo=off
+
+rem set ssleay=..\out\ssleay
+set ssleay=%1
+
+set reqcmd=%ssleay% req
+set x509cmd=%ssleay% x509
+set verifycmd=%ssleay% verify
+
+set CAkey=keyCA.ss
+set CAcert=certCA.ss
+set CAserial=certCA.srl
+set CAreq=reqCA.ss
+set CAconf=..\test\CAss.cnf
+set CAreq2=req2CA.ss
+
+set Uconf=..\test\Uss.cnf
+set Ukey=keyU.ss
+set Ureq=reqU.ss
+set Ucert=certU.ss
+
+echo make a certificate request using 'req'
+%reqcmd% -config %CAconf% -out %CAreq% -keyout %CAkey% -new
+if errorlevel 1 goto err_req
+
+echo convert the certificate request into a self signed certificate using 'x509'
+%x509cmd% -CAcreateserial -in %CAreq% -days 30 -req -out %CAcert% -signkey %CAkey% >err.ss
+if errorlevel 1 goto err_x509
+
+echo --
+echo convert a certificate into a certificate request using 'x509'
+%x509cmd% -in %CAcert% -x509toreq -signkey %CAkey% -out %CAreq2% >err.ss
+if errorlevel 1 goto err_x509_2
+
+%reqcmd% -verify -in %CAreq% -noout
+if errorlevel 1 goto err_verify_1
+
+%reqcmd% -verify -in %CAreq2% -noout
+if errorlevel 1 goto err_verify_2
+
+%verifycmd% -CAfile %CAcert% %CAcert%
+if errorlevel 1 goto err_verify_3
+
+echo --
+echo make another certificate request using 'req'
+%reqcmd% -config %Uconf% -out %Ureq% -keyout %Ukey% -new >err.ss
+if errorlevel 1 goto err_req_gen
+
+echo --
+echo sign certificate request with the just created CA via 'x509'
+%x509cmd% -CAcreateserial -in %Ureq% -days 30 -req -out %Ucert% -CA %CAcert% -CAkey %CAkey% -CAserial %CAserial%
+if errorlevel 1 goto err_x509_sign
+
+%verifycmd% -CAfile %CAcert% %Ucert%
+echo --
+echo Certificate details
+%x509cmd% -subject -issuer -startdate -enddate -noout -in %Ucert%
+
+echo Everything appeared to work
+echo --
+echo The generated CA certificate is %CAcert%
+echo The generated CA private key is %CAkey%
+echo The current CA signing serial number is in %CAserial%
+
+echo The generated user certificate is %Ucert%
+echo The generated user private key is %Ukey%
+echo --
+
+del err.ss
+
+goto end
+
+:err_req
+echo error using 'req' to generate a certificate request
+goto end
+:err_x509
+echo error using 'x509' to self sign a certificate request
+goto end
+:err_x509_2
+echo error using 'x509' convert a certificate to a certificate request
+goto end
+:err_verify_1
+echo first generated request is invalid
+goto end
+:err_verify_2
+echo second generated request is invalid
+goto end
+:err_verify_3
+echo first generated cert is invalid
+goto end
+:err_req_gen
+echo error using 'req' to generate a certificate request
+goto end
+:err_x509_sign
+echo error using 'x509' to sign a certificate request
+goto end
+
+:end
diff --git a/src/lib/libssl/src/ms/tpem.bat b/src/lib/libssl/src/ms/tpem.bat
new file mode 100644
index 0000000000..cd01792e9f
--- /dev/null
+++ b/src/lib/libssl/src/ms/tpem.bat
@@ -0,0 +1,6 @@
+rem called by testpem
+
+echo test %1 %2
+%ssleay% %1 -in %2 -out %tmp1%
+%cmp% %2 %tmp1%
+
diff --git a/src/lib/libssl/src/shlib/README b/src/lib/libssl/src/shlib/README
new file mode 100644
index 0000000000..fea07a59ea
--- /dev/null
+++ b/src/lib/libssl/src/shlib/README
@@ -0,0 +1 @@
+Only the windows NT and, linux builds have been tested for SSLeay 0.8.0
diff --git a/src/lib/libssl/src/shlib/irix.sh b/src/lib/libssl/src/shlib/irix.sh
new file mode 100644
index 0000000000..22e4e6ad50
--- /dev/null
+++ b/src/lib/libssl/src/shlib/irix.sh
@@ -0,0 +1,7 @@
+FLAGS="-DTERMIOS -O2 -mips2 -DB_ENDIAN -fomit-frame-pointer -Wall -Iinclude"
+SHFLAGS="-DPIC -fpic"
+
+gcc -c -Icrypto $SHFLAGS $FLAGS -o crypto.o crypto/crypto.c
+ld -shared -o libcrypto.so crypto.o
+gcc -c -Issl $SHFLAGS $FLAGS -o ssl.o ssl/ssl.c
+ld -shared -o libssl.so ssl.o
diff --git a/src/lib/libssl/src/shlib/solaris.sh b/src/lib/libssl/src/shlib/solaris.sh
new file mode 100644
index 0000000000..03475f12b4
--- /dev/null
+++ b/src/lib/libssl/src/shlib/solaris.sh
@@ -0,0 +1,36 @@
+#!/bin/sh
+
+echo "#define DATE \"`date`\"" >crypto/date.h
+
+major="0"
+minor="8.0"
+slib=libssl
+clib=libcrypto
+CC=gcc
+CPP='gcc -E'
+AS=as
+#FLAGS='-DTERMIO -O3 -DL_ENDIAN -fomit-frame-pointer -mv8 -Wall'
+FLAGS='-DTERMIO -g2 -ggdb -DL_ENDIAN -Wall -DREF_CHECK -DCRYPTO_MDEBUG'
+INCLUDE='-Iinclude -Icrypto -Issl'
+SHFLAGS='-DPIC -fpic'
+
+CFLAGS="$FLAGS $INCLUDE $SHFLAGS"
+ASM_OBJ="";
+
+echo compiling bignum assember
+$AS -o bn_asm.o crypto/bn/asm/sparc.s
+CFLAGS="$CFLAGS -DBN_ASM"
+ASM_OBJ="$ASM_OBJ bn_asm.o"
+
+echo compiling $clib
+$CC -c $CFLAGS -DCFLAGS="\"$FLAGS\"" -o crypto.o crypto/crypto.c
+
+echo linking $clib.so
+gcc $CFLAGS -shared -o $clib.so.$major.$minor crypto.o $ASM_OBJ -lnsl -lsocket
+
+echo compiling $slib.so
+$CC -c $CFLAGS -o ssl.o ssl/ssl.c
+
+echo building $slib.so
+gcc $CFLAGS -shared -o $slib.so ssl.o -L. -lcrypto
+
diff --git a/src/lib/libssl/src/shlib/sun.sh b/src/lib/libssl/src/shlib/sun.sh
new file mode 100644
index 0000000000..a890bbd376
--- /dev/null
+++ b/src/lib/libssl/src/shlib/sun.sh
@@ -0,0 +1,8 @@
+FLAGS="-DTERMIO -O3 -DB_ENDIAN -fomit-frame-pointer -mv8 -Wall -Iinclude"
+SHFLAGS="-DPIC -fpic"
+
+gcc -c -Icrypto $SHFLAGS -fpic $FLAGS -o crypto.o crypto/crypto.c
+ld -G -z text -o libcrypto.so crypto.o
+
+gcc -c -Issl $SHFLAGS $FLAGS -o ssl.o ssl/ssl.c
+ld -G -z text -o libssl.so ssl.o
diff --git a/src/lib/libssl/src/shlib/win32.bat b/src/lib/libssl/src/shlib/win32.bat
new file mode 100644
index 0000000000..c807a99d35
--- /dev/null
+++ b/src/lib/libssl/src/shlib/win32.bat
@@ -0,0 +1,18 @@
+rem win32 dll build
+
+set OPTIONS1=-DDES_ASM -DBN_ASM -DBF_ASM -DFLAT_INC -Iout -Itmp -DL_ENDIAN
+set OPTIONS2=/W3 /WX /Ox /Gs0 /GF /Gy /nologo
+
+set OPTIONS=%OPTIONS1% %OPTIONS2%
+
+rem ml /coff /c crypto\bf\asm\b-win32.asm
+rem ml /coff /c crypto\des\asm\c-win32.asm
+rem ml /coff /c crypto\des\asm\d-win32.asm
+rem ml /coff /c crypto\bn\asm\x86nt32.asm
+
+cl /Focrypto.obj -DWIN32 %OPTIONS% -c crypto\crypto.c
+cl /Fossl.obj -DWIN32 %OPTIONS% -c ssl\ssl.c
+cl /Foeay.obj -DWIN32 %OPTIONS% -c apps\eay.c
+
+cl /Fessleay.exe %OPTIONS% eay.obj ssl.obj crypto.obj crypto\bf\asm\b-win32.obj crypto\des\asm\c-win32.obj crypto\des\asm\d-win32.obj crypto\bn\asm\x86nt32.obj user32.lib gdi32.lib wsock32.lib
+
diff --git a/src/lib/libssl/src/shlib/win32dll.bat b/src/lib/libssl/src/shlib/win32dll.bat
new file mode 100644
index 0000000000..294c94c81c
--- /dev/null
+++ b/src/lib/libssl/src/shlib/win32dll.bat
@@ -0,0 +1,13 @@
+rem win32 dll build
+
+set OPTIONS1=-DDES_ASM -DBN_ASM -DBF_ASM -DFLAT_INC -Iout -Itmp -DL_ENDIAN
+set OPTIONS2=/W3 /WX /Ox /Gf /nologo
+
+set OPTIONS=%OPTIONS1% %OPTIONS2%
+
+cl /Felibeay32.dll /GD /MD /LD -DWIN32 %OPTIONS% ms\libeay32.def crypto\crypto.c crypto\bf\asm\b-win32.obj crypto\des\asm\c-win32.obj crypto\des\asm\d-win32.obj crypto\bn\asm\x86nt32.obj user32.lib gdi32.lib wsock32.lib
+
+cl /Fessleay32.dll /GD /MD /LD -DWIN32 %OPTIONS% ms\ssleay32.def ssl\ssl.c libeay32.lib
+
+cl /Fessleay.exe /MD -DWIN32 %OPTIONS% apps\eay.c ssleay32.lib libeay32.lib user32.lib wsock32.lib
+
diff --git a/src/lib/libssl/src/ssl/bio_ssl.c b/src/lib/libssl/src/ssl/bio_ssl.c
new file mode 100644
index 0000000000..58a6d69b9b
--- /dev/null
+++ b/src/lib/libssl/src/ssl/bio_ssl.c
@@ -0,0 +1,585 @@
+/* ssl/bio_ssl.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#include "crypto.h"
+#include "bio.h"
+#include "err.h"
+#include "ssl.h"
+
+#ifndef NOPROTO
+static int ssl_write(BIO *h,char *buf,int num);
+static int ssl_read(BIO *h,char *buf,int size);
+static int ssl_puts(BIO *h,char *str);
+static long ssl_ctrl(BIO *h,int cmd,long arg1,char *arg2);
+static int ssl_new(BIO *h);
+static int ssl_free(BIO *data);
+#else
+static int ssl_write();
+static int ssl_read();
+static int ssl_puts();
+static long ssl_ctrl();
+static int ssl_new();
+static int ssl_free();
+#endif
+
+typedef struct bio_ssl_st
+ {
+ SSL *ssl; /* The ssl handle :-) */
+ /* re-negotiate every time the total number of bytes is this size */
+ int num_renegotiates;
+ unsigned long renegotiate_count;
+ unsigned long byte_count;
+ unsigned long renegotiate_timeout;
+ unsigned long last_time;
+ } BIO_SSL;
+
+static BIO_METHOD methods_sslp=
+ {
+ BIO_TYPE_SSL,"ssl",
+ ssl_write,
+ ssl_read,
+ ssl_puts,
+ NULL, /* ssl_gets, */
+ ssl_ctrl,
+ ssl_new,
+ ssl_free,
+ };
+
+BIO_METHOD *BIO_f_ssl()
+ {
+ return(&methods_sslp);
+ }
+
+static int ssl_new(bi)
+BIO *bi;
+ {
+ BIO_SSL *bs;
+
+ bs=(BIO_SSL *)Malloc(sizeof(BIO_SSL));
+ if (bs == NULL)
+ {
+ BIOerr(BIO_F_SSL_NEW,ERR_R_MALLOC_FAILURE);
+ return(0);
+ }
+ memset(bs,0,sizeof(BIO_SSL));
+ bi->init=0;
+ bi->ptr=(char *)bs;
+ bi->flags=0;
+ return(1);
+ }
+
+static int ssl_free(a)
+BIO *a;
+ {
+ BIO_SSL *bs;
+
+ if (a == NULL) return(0);
+ bs=(BIO_SSL *)a->ptr;
+ if (bs->ssl != NULL) SSL_shutdown(bs->ssl);
+ if (a->shutdown)
+ {
+ if (a->init && (bs->ssl != NULL))
+ SSL_free(bs->ssl);
+ a->init=0;
+ a->flags=0;
+ }
+ if (a->ptr != NULL)
+ Free(a->ptr);
+ return(1);
+ }
+
+static int ssl_read(b,out,outl)
+BIO *b;
+char *out;
+int outl;
+ {
+ int ret=1;
+ BIO_SSL *sb;
+ SSL *ssl;
+ int retry_reason=0;
+ int r=0;
+
+ if (out == NULL) return(0);
+ sb=(BIO_SSL *)b->ptr;
+ ssl=sb->ssl;
+
+ BIO_clear_retry_flags(b);
+
+#if 0
+ if (!SSL_is_init_finished(ssl))
+ {
+/* ret=SSL_do_handshake(ssl); */
+ if (ret > 0)
+ {
+
+ outflags=(BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY);
+ ret= -1;
+ goto end;
+ }
+ }
+#endif
+/* if (ret > 0) */
+ ret=SSL_read(ssl,out,outl);
+
+ switch (SSL_get_error(ssl,ret))
+ {
+ case SSL_ERROR_NONE:
+ if (ret <= 0) break;
+ if (sb->renegotiate_count > 0)
+ {
+ sb->byte_count+=ret;
+ if (sb->byte_count > sb->renegotiate_count)
+ {
+ sb->byte_count=0;
+ sb->num_renegotiates++;
+ SSL_renegotiate(ssl);
+ r=1;
+ }
+ }
+ if ((sb->renegotiate_timeout > 0) && (!r))
+ {
+ unsigned long tm;
+
+ tm=(unsigned long)time(NULL);
+ if (tm > sb->last_time+sb->renegotiate_timeout)
+ {
+ sb->last_time=tm;
+ sb->num_renegotiates++;
+ SSL_renegotiate(ssl);
+ }
+ }
+
+ break;
+ case SSL_ERROR_WANT_READ:
+ BIO_set_retry_read(b);
+ break;
+ case SSL_ERROR_WANT_WRITE:
+ BIO_set_retry_write(b);
+ break;
+ case SSL_ERROR_WANT_X509_LOOKUP:
+ BIO_set_retry_special(b);
+ retry_reason=BIO_RR_SSL_X509_LOOKUP;
+ break;
+ case SSL_ERROR_WANT_CONNECT:
+ BIO_set_retry_special(b);
+ retry_reason=BIO_RR_CONNECT;
+ break;
+ case SSL_ERROR_SYSCALL:
+ case SSL_ERROR_SSL:
+ case SSL_ERROR_ZERO_RETURN:
+ default:
+ break;
+ }
+
+ b->retry_reason=retry_reason;
+ return(ret);
+ }
+
+static int ssl_write(b,out,outl)
+BIO *b;
+char *out;
+int outl;
+ {
+ int ret,r=0;
+ int retry_reason=0;
+ SSL *ssl;
+ BIO_SSL *bs;
+
+ if (out == NULL) return(0);
+ bs=(BIO_SSL *)b->ptr;
+ ssl=bs->ssl;
+
+ BIO_clear_retry_flags(b);
+
+/* ret=SSL_do_handshake(ssl);
+ if (ret > 0) */
+ ret=SSL_write(ssl,out,outl);
+
+ switch (SSL_get_error(ssl,ret))
+ {
+ case SSL_ERROR_NONE:
+ if (ret <= 0) break;
+ if (bs->renegotiate_count > 0)
+ {
+ bs->byte_count+=ret;
+ if (bs->byte_count > bs->renegotiate_count)
+ {
+ bs->byte_count=0;
+ bs->num_renegotiates++;
+ SSL_renegotiate(ssl);
+ r=1;
+ }
+ }
+ if ((bs->renegotiate_timeout > 0) && (!r))
+ {
+ unsigned long tm;
+
+ tm=(unsigned long)time(NULL);
+ if (tm > bs->last_time+bs->renegotiate_timeout)
+ {
+ bs->last_time=tm;
+ bs->num_renegotiates++;
+ SSL_renegotiate(ssl);
+ }
+ }
+ break;
+ case SSL_ERROR_WANT_WRITE:
+ BIO_set_retry_write(b);
+ break;
+ case SSL_ERROR_WANT_READ:
+ BIO_set_retry_read(b);
+ break;
+ case SSL_ERROR_WANT_X509_LOOKUP:
+ BIO_set_retry_special(b);
+ retry_reason=BIO_RR_SSL_X509_LOOKUP;
+ break;
+ case SSL_ERROR_WANT_CONNECT:
+ BIO_set_retry_special(b);
+ retry_reason=BIO_RR_CONNECT;
+ case SSL_ERROR_SYSCALL:
+ case SSL_ERROR_SSL:
+ default:
+ break;
+ }
+
+ b->retry_reason=retry_reason;
+ return(ret);
+ }
+
+static long ssl_ctrl(b,cmd,num,ptr)
+BIO *b;
+int cmd;
+long num;
+char *ptr;
+ {
+ SSL **sslp,*ssl;
+ BIO_SSL *bs;
+ BIO *dbio,*bio;
+ long ret=1;
+
+ bs=(BIO_SSL *)b->ptr;
+ ssl=bs->ssl;
+ if ((ssl == NULL) && (cmd != BIO_C_SET_SSL))
+ return(0);
+ switch (cmd)
+ {
+ case BIO_CTRL_RESET:
+ SSL_shutdown(ssl);
+
+ if (ssl->handshake_func == ssl->method->ssl_connect)
+ SSL_set_connect_state(ssl);
+ else if (ssl->handshake_func == ssl->method->ssl_accept)
+ SSL_set_accept_state(ssl);
+
+ SSL_clear(ssl);
+
+ if (b->next_bio != NULL)
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ else if (ssl->rbio != NULL)
+ ret=BIO_ctrl(ssl->rbio,cmd,num,ptr);
+ else
+ ret=1;
+ break;
+ case BIO_CTRL_INFO:
+ ret=0;
+ break;
+ case BIO_C_SSL_MODE:
+ if (num) /* client mode */
+ SSL_set_connect_state(ssl);
+ else
+ SSL_set_accept_state(ssl);
+ break;
+ case BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT:
+ ret=bs->renegotiate_timeout;
+ if (num < 60) num=5;
+ bs->renegotiate_timeout=(unsigned long)num;
+ bs->last_time=(unsigned long)time(NULL);
+ break;
+ case BIO_C_SET_SSL_RENEGOTIATE_BYTES:
+ ret=bs->renegotiate_count;
+ if ((long)num >=512)
+ bs->renegotiate_count=(unsigned long)num;
+ break;
+ case BIO_C_GET_SSL_NUM_RENEGOTIATES:
+ ret=bs->num_renegotiates;
+ break;
+ case BIO_C_SET_SSL:
+ if (ssl != NULL)
+ ssl_free(b);
+ b->shutdown=(int)num;
+ ssl=(SSL *)ptr;
+ ((BIO_SSL *)b->ptr)->ssl=ssl;
+ bio=SSL_get_rbio(ssl);
+ if (bio != NULL)
+ {
+ if (b->next_bio != NULL)
+ BIO_push(bio,b->next_bio);
+ b->next_bio=bio;
+ CRYPTO_add(&bio->references,1,CRYPTO_LOCK_BIO);
+ }
+ b->init=1;
+ break;
+ case BIO_C_GET_SSL:
+ if (ptr != NULL)
+ {
+ sslp=(SSL **)ptr;
+ *sslp=ssl;
+ }
+ else
+ ret=0;
+ break;
+ case BIO_CTRL_GET_CLOSE:
+ ret=b->shutdown;
+ break;
+ case BIO_CTRL_SET_CLOSE:
+ b->shutdown=(int)num;
+ break;
+ case BIO_CTRL_WPENDING:
+ ret=BIO_ctrl(ssl->wbio,cmd,num,ptr);
+ break;
+ case BIO_CTRL_PENDING:
+ ret=SSL_pending(ssl);
+ if (ret == 0)
+ ret=BIO_pending(ssl->rbio);
+ break;
+ case BIO_CTRL_FLUSH:
+ BIO_clear_retry_flags(b);
+ ret=BIO_ctrl(ssl->wbio,cmd,num,ptr);
+ BIO_copy_next_retry(b);
+ break;
+ case BIO_CTRL_PUSH:
+ if ((b->next_bio != NULL) && (b->next_bio != ssl->rbio))
+ {
+ SSL_set_bio(ssl,b->next_bio,b->next_bio);
+ CRYPTO_add(&b->next_bio->references,1,CRYPTO_LOCK_BIO);
+ }
+ break;
+ case BIO_CTRL_POP:
+ /* ugly bit of a hack */
+ if (ssl->rbio != ssl->wbio) /* we are in trouble :-( */
+ {
+ BIO_free_all(ssl->wbio);
+ }
+ ssl->wbio=NULL;
+ ssl->rbio=NULL;
+ break;
+ case BIO_C_DO_STATE_MACHINE:
+ BIO_clear_retry_flags(b);
+
+ b->retry_reason=0;
+ ret=(int)SSL_do_handshake(ssl);
+
+ switch (SSL_get_error(ssl,(int)ret))
+ {
+ case SSL_ERROR_WANT_READ:
+ BIO_set_flags(b,
+ BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY);
+ break;
+ case SSL_ERROR_WANT_WRITE:
+ BIO_set_flags(b,
+ BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY);
+ break;
+ case SSL_ERROR_WANT_CONNECT:
+ BIO_set_flags(b,
+ BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY);
+ b->retry_reason=b->next_bio->retry_reason;
+ break;
+ default:
+ break;
+ }
+ break;
+ case BIO_CTRL_DUP:
+ dbio=(BIO *)ptr;
+ if (((BIO_SSL *)dbio->ptr)->ssl != NULL)
+ SSL_free(((BIO_SSL *)dbio->ptr)->ssl);
+ ((BIO_SSL *)dbio->ptr)->ssl=SSL_dup(ssl);
+ ((BIO_SSL *)dbio->ptr)->renegotiate_count=
+ ((BIO_SSL *)b->ptr)->renegotiate_count;
+ ((BIO_SSL *)dbio->ptr)->byte_count=
+ ((BIO_SSL *)b->ptr)->byte_count;
+ ((BIO_SSL *)dbio->ptr)->renegotiate_timeout=
+ ((BIO_SSL *)b->ptr)->renegotiate_timeout;
+ ((BIO_SSL *)dbio->ptr)->last_time=
+ ((BIO_SSL *)b->ptr)->last_time;
+ ret=(((BIO_SSL *)dbio->ptr)->ssl != NULL);
+ break;
+ case BIO_C_GET_FD:
+ ret=BIO_ctrl(ssl->rbio,cmd,num,ptr);
+ break;
+ case BIO_CTRL_SET_CALLBACK:
+ SSL_set_info_callback(ssl,(void (*)())ptr);
+ break;
+ case BIO_CTRL_GET_CALLBACK:
+ {
+ void (**fptr)();
+
+ fptr=(void (**)())ptr;
+ *fptr=SSL_get_info_callback(ssl);
+ }
+ break;
+ default:
+ ret=BIO_ctrl(ssl->rbio,cmd,num,ptr);
+ break;
+ }
+ return(ret);
+ }
+
+static int ssl_puts(bp,str)
+BIO *bp;
+char *str;
+ {
+ int n,ret;
+
+ n=strlen(str);
+ ret=BIO_write(bp,str,n);
+ return(ret);
+ }
+
+BIO *BIO_new_buffer_ssl_connect(ctx)
+SSL_CTX *ctx;
+ {
+ BIO *ret=NULL,*buf=NULL,*ssl=NULL;
+
+ if ((buf=BIO_new(BIO_f_buffer())) == NULL)
+ return(NULL);
+ if ((ssl=BIO_new_ssl_connect(ctx)) == NULL)
+ goto err;
+ if ((ret=BIO_push(buf,ssl)) == NULL)
+ goto err;
+ return(ret);
+err:
+ if (buf != NULL) BIO_free(buf);
+ if (ssl != NULL) BIO_free(ssl);
+ return(NULL);
+ }
+
+BIO *BIO_new_ssl_connect(ctx)
+SSL_CTX *ctx;
+ {
+ BIO *ret=NULL,*con=NULL,*ssl=NULL;
+
+ if ((con=BIO_new(BIO_s_connect())) == NULL)
+ return(NULL);
+ if ((ssl=BIO_new_ssl(ctx,1)) == NULL)
+ goto err;
+ if ((ret=BIO_push(ssl,con)) == NULL)
+ goto err;
+ return(ret);
+err:
+ if (con != NULL) BIO_free(con);
+ if (ret != NULL) BIO_free(ret);
+ return(NULL);
+ }
+
+BIO *BIO_new_ssl(ctx,client)
+SSL_CTX *ctx;
+int client;
+ {
+ BIO *ret;
+ SSL *ssl;
+
+ if ((ret=BIO_new(BIO_f_ssl())) == NULL)
+ return(NULL);
+ if ((ssl=SSL_new(ctx)) == NULL)
+ {
+ BIO_free(ret);
+ return(NULL);
+ }
+ if (client)
+ SSL_set_connect_state(ssl);
+ else
+ SSL_set_accept_state(ssl);
+
+ BIO_set_ssl(ret,ssl,BIO_CLOSE);
+ return(ret);
+ }
+
+int BIO_ssl_copy_session_id(t,f)
+BIO *t,*f;
+ {
+ t=BIO_find_type(t,BIO_TYPE_SSL);
+ f=BIO_find_type(f,BIO_TYPE_SSL);
+ if ((t == NULL) || (f == NULL))
+ return(0);
+ if ( (((BIO_SSL *)t->ptr)->ssl == NULL) ||
+ (((BIO_SSL *)f->ptr)->ssl == NULL))
+ return(0);
+ SSL_copy_session_id(((BIO_SSL *)t->ptr)->ssl,((BIO_SSL *)f->ptr)->ssl);
+ return(1);
+ }
+
+void BIO_ssl_shutdown(b)
+BIO *b;
+ {
+ SSL *s;
+
+ while (b != NULL)
+ {
+ if (b->method->type == BIO_TYPE_SSL)
+ {
+ s=((BIO_SSL *)b->ptr)->ssl;
+ SSL_shutdown(s);
+ break;
+ }
+ b=b->next_bio;
+ }
+ }
diff --git a/src/lib/libssl/src/ssl/s23_clnt.c b/src/lib/libssl/src/ssl/s23_clnt.c
new file mode 100644
index 0000000000..a4661ebb68
--- /dev/null
+++ b/src/lib/libssl/src/ssl/s23_clnt.c
@@ -0,0 +1,466 @@
+/* ssl/s23_clnt.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "buffer.h"
+#include "rand.h"
+#include "objects.h"
+#include "evp.h"
+#include "ssl_locl.h"
+
+#define BREAK break
+
+#ifndef NOPROTO
+static int ssl23_client_hello(SSL *s);
+static int ssl23_get_server_hello(SSL *s);
+#else
+static int ssl23_client_hello();
+static int ssl23_get_server_hello();
+#endif
+
+static SSL_METHOD *ssl23_get_client_method(ver)
+int ver;
+ {
+ if (ver == SSL2_VERSION)
+ return(SSLv2_client_method());
+ else if (ver == SSL3_VERSION)
+ return(SSLv3_client_method());
+ else if (ver == TLS1_VERSION)
+ return(TLSv1_client_method());
+ else
+ return(NULL);
+ }
+
+SSL_METHOD *SSLv23_client_method()
+ {
+ static int init=1;
+ static SSL_METHOD SSLv23_client_data;
+
+ if (init)
+ {
+ init=0;
+ memcpy((char *)&SSLv23_client_data,
+ (char *)sslv23_base_method(),sizeof(SSL_METHOD));
+ SSLv23_client_data.ssl_connect=ssl23_connect;
+ SSLv23_client_data.get_ssl_method=ssl23_get_client_method;
+ }
+ return(&SSLv23_client_data);
+ }
+
+int ssl23_connect(s)
+SSL *s;
+ {
+ BUF_MEM *buf;
+ unsigned long Time=time(NULL);
+ void (*cb)()=NULL;
+ int ret= -1;
+ int new_state,state;
+
+ RAND_seed((unsigned char *)&Time,sizeof(Time));
+ ERR_clear_error();
+ clear_sys_error();
+
+ if (s->info_callback != NULL)
+ cb=s->info_callback;
+ else if (s->ctx->info_callback != NULL)
+ cb=s->ctx->info_callback;
+
+ if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
+ s->in_handshake++;
+
+ for (;;)
+ {
+ state=s->state;
+
+ switch(s->state)
+ {
+ case SSL_ST_BEFORE:
+ case SSL_ST_CONNECT:
+ case SSL_ST_BEFORE|SSL_ST_CONNECT:
+ case SSL_ST_OK|SSL_ST_CONNECT:
+
+ if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
+
+ /* s->version=TLS1_VERSION; */
+ s->type=SSL_ST_CONNECT;
+
+ if (s->init_buf == NULL)
+ {
+ if ((buf=BUF_MEM_new()) == NULL)
+ {
+ ret= -1;
+ goto end;
+ }
+ if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH))
+ {
+ ret= -1;
+ goto end;
+ }
+ s->init_buf=buf;
+ }
+
+ if (!ssl3_setup_buffers(s)) { ret= -1; goto end; }
+
+ ssl3_init_finished_mac(s);
+
+ s->state=SSL23_ST_CW_CLNT_HELLO_A;
+ s->ctx->sess_connect++;
+ s->init_num=0;
+ break;
+
+ case SSL23_ST_CW_CLNT_HELLO_A:
+ case SSL23_ST_CW_CLNT_HELLO_B:
+
+ s->shutdown=0;
+ ret=ssl23_client_hello(s);
+ if (ret <= 0) goto end;
+ s->state=SSL23_ST_CR_SRVR_HELLO_A;
+ s->init_num=0;
+
+ break;
+
+ case SSL23_ST_CR_SRVR_HELLO_A:
+ case SSL23_ST_CR_SRVR_HELLO_B:
+ ret=ssl23_get_server_hello(s);
+ if (ret >= 0) cb=NULL;
+ goto end;
+ break;
+
+ default:
+ SSLerr(SSL_F_SSL23_CONNECT,SSL_R_UNKNOWN_STATE);
+ ret= -1;
+ goto end;
+ /* break; */
+ }
+
+ if (s->debug) BIO_flush(s->wbio);
+
+ if ((cb != NULL) && (s->state != state))
+ {
+ new_state=s->state;
+ s->state=state;
+ cb(s,SSL_CB_CONNECT_LOOP,1);
+ s->state=new_state;
+ }
+ }
+end:
+ s->in_handshake--;
+ if (cb != NULL)
+ cb(s,SSL_CB_CONNECT_EXIT,ret);
+ return(ret);
+ }
+
+
+static int ssl23_client_hello(s)
+SSL *s;
+ {
+ unsigned char *buf;
+ unsigned char *p,*d;
+ int i,ch_len;
+
+ buf=(unsigned char *)s->init_buf->data;
+ if (s->state == SSL23_ST_CW_CLNT_HELLO_A)
+ {
+#if 0
+ /* don't reuse session-id's */
+ if (!ssl_get_new_session(s,0))
+ {
+ return(-1);
+ }
+#endif
+
+ p=s->s3->client_random;
+ RAND_bytes(p,SSL3_RANDOM_SIZE);
+
+ /* Do the message type and length last */
+ d= &(buf[2]);
+ p=d+9;
+
+ *(d++)=SSL2_MT_CLIENT_HELLO;
+ if (!(s->options & SSL_OP_NO_TLSv1))
+ {
+ *(d++)=TLS1_VERSION_MAJOR;
+ *(d++)=TLS1_VERSION_MINOR;
+ }
+ else if (!(s->options & SSL_OP_NO_SSLv3))
+ {
+ *(d++)=SSL3_VERSION_MAJOR;
+ *(d++)=SSL3_VERSION_MINOR;
+ }
+ else if (!(s->options & SSL_OP_NO_SSLv2))
+ {
+ *(d++)=SSL2_VERSION_MAJOR;
+ *(d++)=SSL2_VERSION_MINOR;
+ }
+ else
+ {
+ SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_PROTOCOLS_AVAILABLE);
+ return(-1);
+ }
+
+ /* Ciphers supported */
+ i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),p);
+ if (i == 0)
+ {
+ /* no ciphers */
+ SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);
+ return(-1);
+ }
+ s2n(i,d);
+ p+=i;
+
+ /* put in the session-id, zero since there is no
+ * reuse. */
+#if 0
+ s->session->session_id_length=0;
+#endif
+ s2n(0,d);
+
+ if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
+ ch_len=SSL2_CHALLENGE_LENGTH;
+ else
+ ch_len=SSL2_MAX_CHALLENGE_LENGTH;
+
+ /* write out sslv2 challenge */
+ if (SSL3_RANDOM_SIZE < ch_len)
+ i=SSL3_RANDOM_SIZE;
+ else
+ i=ch_len;
+ s2n(i,d);
+ memset(&(s->s3->client_random[0]),0,SSL3_RANDOM_SIZE);
+ RAND_bytes(&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i);
+ memcpy(p,&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i);
+ p+=i;
+
+ i= p- &(buf[2]);
+ buf[0]=((i>>8)&0xff)|0x80;
+ buf[1]=(i&0xff);
+
+ s->state=SSL23_ST_CW_CLNT_HELLO_B;
+ /* number of bytes to write */
+ s->init_num=i+2;
+ s->init_off=0;
+
+ ssl3_finish_mac(s,&(buf[2]),i);
+ }
+
+ /* SSL3_ST_CW_CLNT_HELLO_B */
+ return(ssl23_write_bytes(s));
+ }
+
+static int ssl23_get_server_hello(s)
+SSL *s;
+ {
+ char buf[8];
+ unsigned char *p;
+ int i,ch_len;
+ int n;
+
+ n=ssl23_read_bytes(s,7);
+
+ if (n != 7) return(n);
+ p=s->packet;
+
+ memcpy(buf,p,n);
+
+ if ((p[0] & 0x80) && (p[2] == SSL2_MT_SERVER_HELLO) &&
+ (p[5] == 0x00) && (p[6] == 0x02))
+ {
+ /* we are talking sslv2 */
+ /* we need to clean up the SSLv3 setup and put in the
+ * sslv2 stuff. */
+
+ if (s->options & SSL_OP_NO_SSLv2)
+ {
+ SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);
+ goto err;
+ }
+ if (s->s2 == NULL)
+ {
+ if (!ssl2_new(s))
+ goto err;
+ }
+ else
+ ssl2_clear(s);
+
+ if (s->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
+ ch_len=SSL2_CHALLENGE_LENGTH;
+ else
+ ch_len=SSL2_MAX_CHALLENGE_LENGTH;
+
+ /* write out sslv2 challenge */
+ i=(SSL3_RANDOM_SIZE < ch_len)
+ ?SSL3_RANDOM_SIZE:ch_len;
+ s->s2->challenge_length=i;
+ memcpy(s->s2->challenge,
+ &(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i);
+
+ if (s->s3 != NULL) ssl3_free(s);
+
+ if (!BUF_MEM_grow(s->init_buf,
+ SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER))
+ {
+ SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,ERR_R_BUF_LIB);
+ goto err;
+ }
+
+ s->state=SSL2_ST_GET_SERVER_HELLO_A;
+ s->s2->ssl2_rollback=1;
+
+ /* setup the 5 bytes we have read so we get them from
+ * the sslv2 buffer */
+ s->rstate=SSL_ST_READ_HEADER;
+ s->packet_length=n;
+ s->packet= &(s->s2->rbuf[0]);
+ memcpy(s->packet,buf,n);
+ s->s2->rbuf_left=n;
+ s->s2->rbuf_offs=0;
+
+ /* we have already written one */
+ s->s2->write_sequence=1;
+
+ s->method=SSLv2_client_method();
+ s->handshake_func=s->method->ssl_connect;
+ }
+ else if ((p[0] == SSL3_RT_HANDSHAKE) &&
+ (p[1] == SSL3_VERSION_MAJOR) &&
+ ((p[2] == SSL3_VERSION_MINOR) ||
+ (p[2] == TLS1_VERSION_MINOR)) &&
+ (p[5] == SSL3_MT_SERVER_HELLO))
+ {
+ /* we have sslv3 or tls1 */
+
+ if (!ssl_init_wbio_buffer(s,1)) goto err;
+
+ /* we are in this state */
+ s->state=SSL3_ST_CR_SRVR_HELLO_A;
+
+ /* put the 5 bytes we have read into the input buffer
+ * for SSLv3 */
+ s->rstate=SSL_ST_READ_HEADER;
+ s->packet_length=n;
+ s->packet= &(s->s3->rbuf.buf[0]);
+ memcpy(s->packet,buf,n);
+ s->s3->rbuf.left=n;
+ s->s3->rbuf.offset=0;
+
+ if ((p[2] == SSL3_VERSION_MINOR) &&
+ !(s->options & SSL_OP_NO_SSLv3))
+ {
+ s->version=SSL3_VERSION;
+ s->method=SSLv3_client_method();
+ }
+ else if ((p[2] == TLS1_VERSION_MINOR) &&
+ !(s->options & SSL_OP_NO_TLSv1))
+ {
+ s->version=TLS1_VERSION;
+ s->method=TLSv1_client_method();
+ }
+ else
+ {
+ SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_PROTOCOL);
+ goto err;
+ }
+
+ s->handshake_func=s->method->ssl_connect;
+ }
+ else if ((p[0] == SSL3_RT_ALERT) &&
+ (p[1] == SSL3_VERSION_MAJOR) &&
+ ((p[2] == SSL3_VERSION_MINOR) ||
+ (p[2] == TLS1_VERSION_MINOR)) &&
+ (p[3] == 0) &&
+ (p[4] == 2))
+ {
+ void (*cb)()=NULL;
+ int j;
+
+ /* An alert */
+ if (s->info_callback != NULL)
+ cb=s->info_callback;
+ else if (s->ctx->info_callback != NULL)
+ cb=s->ctx->info_callback;
+
+ i=p[5];
+ if (cb != NULL)
+ {
+ j=(i<<8)|p[6];
+ cb(s,SSL_CB_READ_ALERT,j);
+ }
+
+ s->rwstate=SSL_NOTHING;
+ SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,1000+p[6]);
+ goto err;
+ }
+ else
+ {
+ SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNKNOWN_PROTOCOL);
+ goto err;
+ }
+ s->init_num=0;
+
+ /* Since, if we are sending a ssl23 client hello, we are not
+ * reusing a session-id */
+ if (!ssl_get_new_session(s,0))
+ goto err;
+
+ s->first_packet=1;
+ return(SSL_connect(s));
+err:
+ return(-1);
+ }
+
diff --git a/src/lib/libssl/src/ssl/s23_lib.c b/src/lib/libssl/src/ssl/s23_lib.c
new file mode 100644
index 0000000000..e16f641101
--- /dev/null
+++ b/src/lib/libssl/src/ssl/s23_lib.c
@@ -0,0 +1,233 @@
+/* ssl/s23_lib.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "objects.h"
+#include "ssl_locl.h"
+
+#ifndef NOPROTO
+static int ssl23_num_ciphers(void );
+static SSL_CIPHER *ssl23_get_cipher(unsigned int u);
+static int ssl23_read(SSL *s, char *buf, int len);
+static int ssl23_write(SSL *s, char *buf, int len);
+static long ssl23_default_timeout(void );
+static int ssl23_put_cipher_by_char(SSL_CIPHER *c, unsigned char *p);
+static SSL_CIPHER *ssl23_get_cipher_by_char(unsigned char *p);
+#else
+static int ssl23_num_ciphers();
+static SSL_CIPHER *ssl23_get_cipher();
+static int ssl23_read();
+static int ssl23_write();
+static long ssl23_default_timeout();
+static int ssl23_put_cipher_by_char();
+static SSL_CIPHER *ssl23_get_cipher_by_char();
+#endif
+
+char *SSL23_version_str="SSLv2/3 compatablity part of SSLeay 0.7.0 30-Jan-1997";
+
+static SSL_METHOD SSLv23_data= {
+ TLS1_VERSION,
+ tls1_new,
+ tls1_clear,
+ tls1_free,
+ ssl_undefined_function,
+ ssl_undefined_function,
+ ssl23_read,
+ ssl_undefined_function,
+ ssl23_write,
+ ssl_undefined_function,
+ ssl_undefined_function,
+ ssl3_ctrl,
+ ssl3_ctx_ctrl,
+ ssl23_get_cipher_by_char,
+ ssl23_put_cipher_by_char,
+ ssl_undefined_function,
+ ssl23_num_ciphers,
+ ssl23_get_cipher,
+ ssl_bad_method,
+ ssl23_default_timeout,
+ &ssl3_undef_enc_method,
+ };
+
+static long ssl23_default_timeout()
+ {
+ return(300);
+ }
+
+SSL_METHOD *sslv23_base_method()
+ {
+ return(&SSLv23_data);
+ }
+
+static int ssl23_num_ciphers()
+ {
+ return(ssl3_num_ciphers()+ssl2_num_ciphers());
+ }
+
+static SSL_CIPHER *ssl23_get_cipher(u)
+unsigned int u;
+ {
+ unsigned int uu=ssl3_num_ciphers();
+
+ if (u < uu)
+ return(ssl3_get_cipher(u));
+ else
+ return(ssl2_get_cipher(u-uu));
+ }
+
+/* This function needs to check if the ciphers required are actually
+ * available */
+static SSL_CIPHER *ssl23_get_cipher_by_char(p)
+unsigned char *p;
+ {
+ SSL_CIPHER c,*cp;
+ unsigned long id;
+ int n;
+
+ n=ssl3_num_ciphers();
+ id=0x03000000|((unsigned long)p[0]<<16L)|
+ ((unsigned long)p[1]<<8L)|(unsigned long)p[2];
+ c.id=id;
+ cp=ssl3_get_cipher_by_char(p);
+ if (cp == NULL)
+ cp=ssl2_get_cipher_by_char(p);
+ return(cp);
+ }
+
+static int ssl23_put_cipher_by_char(c,p)
+SSL_CIPHER *c;
+unsigned char *p;
+ {
+ long l;
+
+ /* We can write SSLv2 and SSLv3 ciphers */
+ if (p != NULL)
+ {
+ l=c->id;
+ p[0]=((unsigned char)(l>>16L))&0xFF;
+ p[1]=((unsigned char)(l>> 8L))&0xFF;
+ p[2]=((unsigned char)(l ))&0xFF;
+ }
+ return(3);
+ }
+
+static int ssl23_read(s,buf,len)
+SSL *s;
+char *buf;
+int len;
+ {
+ int n;
+
+#if 0
+ if (s->shutdown & SSL_RECEIVED_SHUTDOWN)
+ {
+ s->rwstate=SSL_NOTHING;
+ return(0);
+ }
+#endif
+ clear_sys_error();
+ if (SSL_in_init(s) && (!s->in_handshake))
+ {
+ n=s->handshake_func(s);
+ if (n < 0) return(n);
+ if (n == 0)
+ {
+ SSLerr(SSL_F_SSL23_READ,SSL_R_SSL_HANDSHAKE_FAILURE);
+ return(-1);
+ }
+ return(SSL_read(s,buf,len));
+ }
+ else
+ {
+ ssl_undefined_function(s);
+ return(-1);
+ }
+ }
+
+static int ssl23_write(s,buf,len)
+SSL *s;
+char *buf;
+int len;
+ {
+ int n;
+
+#if 0
+ if (s->shutdown & SSL_SENT_SHUTDOWN)
+ {
+ s->rwstate=SSL_NOTHING;
+ return(0);
+ }
+#endif
+ clear_sys_error();
+ if (SSL_in_init(s) && (!s->in_handshake))
+ {
+ n=s->handshake_func(s);
+ if (n < 0) return(n);
+ if (n == 0)
+ {
+ SSLerr(SSL_F_SSL23_WRITE,SSL_R_SSL_HANDSHAKE_FAILURE);
+ return(-1);
+ }
+ return(SSL_write(s,buf,len));
+ }
+ else
+ {
+ ssl_undefined_function(s);
+ return(-1);
+ }
+ }
diff --git a/src/lib/libssl/src/ssl/s23_meth.c b/src/lib/libssl/src/ssl/s23_meth.c
new file mode 100644
index 0000000000..1eed7a54bc
--- /dev/null
+++ b/src/lib/libssl/src/ssl/s23_meth.c
@@ -0,0 +1,92 @@
+/* ssl/s23_meth.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "objects.h"
+#include "ssl_locl.h"
+
+static SSL_METHOD *ssl23_get_method(ver)
+int ver;
+ {
+ if (ver == SSL2_VERSION)
+ return(SSLv23_method());
+ else if (ver == SSL3_VERSION)
+ return(SSLv3_method());
+ else if (ver == TLS1_VERSION)
+ return(TLSv1_method());
+ else
+ return(NULL);
+ }
+
+SSL_METHOD *SSLv23_method()
+ {
+ static int init=1;
+ static SSL_METHOD SSLv23_data;
+
+ if (init)
+ {
+ init=0;
+ memcpy((char *)&SSLv23_data,(char *)sslv23_base_method(),
+ sizeof(SSL_METHOD));
+ SSLv23_data.ssl_connect=ssl23_connect;
+ SSLv23_data.ssl_accept=ssl23_accept;
+ SSLv23_data.get_ssl_method=ssl23_get_method;
+ }
+ return(&SSLv23_data);
+ }
+
diff --git a/src/lib/libssl/src/ssl/s23_pkt.c b/src/lib/libssl/src/ssl/s23_pkt.c
new file mode 100644
index 0000000000..c25c312772
--- /dev/null
+++ b/src/lib/libssl/src/ssl/s23_pkt.c
@@ -0,0 +1,120 @@
+/* ssl/s23_pkt.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#define USE_SOCKETS
+#include "evp.h"
+#include "buffer.h"
+#include "ssl_locl.h"
+
+int ssl23_write_bytes(s)
+SSL *s;
+ {
+ int i,num,tot;
+ char *buf;
+
+ buf=s->init_buf->data;
+ tot=s->init_off;
+ num=s->init_num;
+ for (;;)
+ {
+ s->rwstate=SSL_WRITING;
+ i=BIO_write(s->wbio,&(buf[tot]),num);
+ if (i < 0)
+ {
+ s->init_off=tot;
+ s->init_num=num;
+ return(i);
+ }
+ s->rwstate=SSL_NOTHING;
+ if (i == num) return(tot+i);
+
+ num-=i;
+ tot+=i;
+ }
+ }
+
+/* only return when we have read 'n' bytes */
+int ssl23_read_bytes(s,n)
+SSL *s;
+int n;
+ {
+ unsigned char *p;
+ int j;
+
+ if (s->packet_length < (unsigned int)n)
+ {
+ p=s->packet;
+
+ for (;;)
+ {
+ s->rwstate=SSL_READING;
+ j=BIO_read(s->rbio,(char *)&(p[s->packet_length]),
+ n-s->packet_length);
+ if (j <= 0)
+ return(j);
+ s->rwstate=SSL_NOTHING;
+ s->packet_length+=j;
+ if (s->packet_length >= (unsigned int)n)
+ return(s->packet_length);
+ }
+ }
+ return(n);
+ }
+
diff --git a/src/lib/libssl/src/ssl/s23_srvr.c b/src/lib/libssl/src/ssl/s23_srvr.c
new file mode 100644
index 0000000000..c7b9ecbcf2
--- /dev/null
+++ b/src/lib/libssl/src/ssl/s23_srvr.c
@@ -0,0 +1,499 @@
+/* ssl/s23_srvr.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "buffer.h"
+#include "rand.h"
+#include "objects.h"
+#include "evp.h"
+#include "ssl_locl.h"
+
+#define BREAK break
+
+#ifndef NOPROTO
+int ssl23_get_client_hello(SSL *s);
+#else
+int ssl23_get_client_hello();
+#endif
+
+static SSL_METHOD *ssl23_get_server_method(ver)
+int ver;
+ {
+ if (ver == SSL2_VERSION)
+ return(SSLv2_server_method());
+ else if (ver == SSL3_VERSION)
+ return(SSLv3_server_method());
+ else if (ver == TLS1_VERSION)
+ return(TLSv1_server_method());
+ else
+ return(NULL);
+ }
+
+SSL_METHOD *SSLv23_server_method()
+ {
+ static int init=1;
+ static SSL_METHOD SSLv23_server_data;
+
+ if (init)
+ {
+ init=0;
+ memcpy((char *)&SSLv23_server_data,
+ (char *)sslv23_base_method(),sizeof(SSL_METHOD));
+ SSLv23_server_data.ssl_accept=ssl23_accept;
+ SSLv23_server_data.get_ssl_method=ssl23_get_server_method;
+ }
+ return(&SSLv23_server_data);
+ }
+
+int ssl23_accept(s)
+SSL *s;
+ {
+ BUF_MEM *buf;
+ unsigned long Time=time(NULL);
+ void (*cb)()=NULL;
+ int ret= -1;
+ int new_state,state;
+
+ RAND_seed((unsigned char *)&Time,sizeof(Time));
+ ERR_clear_error();
+ clear_sys_error();
+
+ if (s->info_callback != NULL)
+ cb=s->info_callback;
+ else if (s->ctx->info_callback != NULL)
+ cb=s->ctx->info_callback;
+
+ if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
+ s->in_handshake++;
+
+ for (;;)
+ {
+ state=s->state;
+
+ switch(s->state)
+ {
+ case SSL_ST_BEFORE:
+ case SSL_ST_ACCEPT:
+ case SSL_ST_BEFORE|SSL_ST_ACCEPT:
+ case SSL_ST_OK|SSL_ST_ACCEPT:
+
+ if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
+
+ /* s->version=SSL3_VERSION; */
+ s->type=SSL_ST_ACCEPT;
+
+ if (s->init_buf == NULL)
+ {
+ if ((buf=BUF_MEM_new()) == NULL)
+ {
+ ret= -1;
+ goto end;
+ }
+ if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH))
+ {
+ ret= -1;
+ goto end;
+ }
+ s->init_buf=buf;
+ }
+
+ ssl3_init_finished_mac(s);
+
+ s->state=SSL23_ST_SR_CLNT_HELLO_A;
+ s->ctx->sess_accept++;
+ s->init_num=0;
+ break;
+
+ case SSL23_ST_SR_CLNT_HELLO_A:
+ case SSL23_ST_SR_CLNT_HELLO_B:
+
+ s->shutdown=0;
+ ret=ssl23_get_client_hello(s);
+ if (ret >= 0) cb=NULL;
+ goto end;
+ break;
+
+ default:
+ SSLerr(SSL_F_SSL23_ACCEPT,SSL_R_UNKNOWN_STATE);
+ ret= -1;
+ goto end;
+ /* break; */
+ }
+
+ if ((cb != NULL) && (s->state != state))
+ {
+ new_state=s->state;
+ s->state=state;
+ cb(s,SSL_CB_ACCEPT_LOOP,1);
+ s->state=new_state;
+ }
+ }
+end:
+ if (cb != NULL)
+ cb(s,SSL_CB_ACCEPT_EXIT,ret);
+ s->in_handshake--;
+ return(ret);
+ }
+
+
+int ssl23_get_client_hello(s)
+SSL *s;
+ {
+ char buf_space[8];
+ char *buf= &(buf_space[0]);
+ unsigned char *p,*d,*dd;
+ unsigned int i;
+ unsigned int csl,sil,cl;
+ int n=0,j,tls1=0;
+ int type=0,use_sslv2_strong=0;
+
+ /* read the initial header */
+ if (s->state == SSL23_ST_SR_CLNT_HELLO_A)
+ {
+ if (!ssl3_setup_buffers(s)) goto err;
+
+ n=ssl23_read_bytes(s,7);
+ if (n != 7) return(n);
+
+ p=s->packet;
+
+ memcpy(buf,p,n);
+
+ if ((p[0] & 0x80) && (p[2] == SSL2_MT_CLIENT_HELLO))
+ {
+ /* SSLv2 header */
+ if ((p[3] == 0x00) && (p[4] == 0x02))
+ {
+ /* SSLv2 */
+ if (!(s->options & SSL_OP_NO_SSLv2))
+ type=1;
+ }
+ else if (p[3] == SSL3_VERSION_MAJOR)
+ {
+ /* SSLv3/TLSv1 */
+ if (p[4] >= TLS1_VERSION_MINOR)
+ {
+ if (!(s->options & SSL_OP_NO_TLSv1))
+ {
+ tls1=1;
+ s->state=SSL23_ST_SR_CLNT_HELLO_B;
+ }
+ else if (!(s->options & SSL_OP_NO_SSLv3))
+ {
+ s->state=SSL23_ST_SR_CLNT_HELLO_B;
+ }
+ }
+ else if (!(s->options & SSL_OP_NO_SSLv3))
+ s->state=SSL23_ST_SR_CLNT_HELLO_B;
+
+ if (s->options & SSL_OP_NON_EXPORT_FIRST)
+ {
+ STACK *sk;
+ SSL_CIPHER *c;
+ int ne2,ne3;
+
+ j=((p[0]&0x7f)<<8)|p[1];
+ if (j > (1024*4))
+ {
+ SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_LARGE);
+ goto err;
+ }
+
+ n=ssl23_read_bytes(s,j+2);
+ if (n <= 0) return(n);
+ p=s->packet;
+
+ if ((buf=Malloc(n)) == NULL)
+ {
+ SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ memcpy(buf,p,n);
+
+ p+=5;
+ n2s(p,csl);
+ p+=4;
+
+ sk=ssl_bytes_to_cipher_list(
+ s,p,csl,NULL);
+ if (sk != NULL)
+ {
+ ne2=ne3=0;
+ for (j=0; j<sk_num(sk); j++)
+ {
+ c=(SSL_CIPHER *)sk_value(sk,j);
+ if (!(c->algorithms & SSL_EXP))
+ {
+ if ((c->id>>24L) == 2L)
+ ne2=1;
+ else
+ ne3=1;
+ }
+ }
+ if (ne2 && !ne3)
+ {
+ type=1;
+ use_sslv2_strong=1;
+ goto next_bit;
+ }
+ }
+ }
+ }
+ }
+ else if ((p[0] == SSL3_RT_HANDSHAKE) &&
+ (p[1] == SSL3_VERSION_MAJOR) &&
+ (p[5] == SSL3_MT_CLIENT_HELLO))
+ {
+ /* true SSLv3 or tls1 */
+ if (p[2] >= TLS1_VERSION_MINOR)
+ {
+ if (!(s->options & SSL_OP_NO_TLSv1))
+ {
+ type=3;
+ tls1=1;
+ }
+ else if (!(s->options & SSL_OP_NO_SSLv3))
+ type=3;
+ }
+ else if (!(s->options & SSL_OP_NO_SSLv3))
+ type=3;
+ }
+ else if ((strncmp("GET ", p,4) == 0) ||
+ (strncmp("POST ",p,5) == 0) ||
+ (strncmp("HEAD ",p,5) == 0) ||
+ (strncmp("PUT ", p,4) == 0))
+ {
+ SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_HTTP_REQUEST);
+ goto err;
+ }
+ else if (strncmp("CONNECT",p,7) == 0)
+ {
+ SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_HTTPS_PROXY_REQUEST);
+ goto err;
+ }
+ }
+
+next_bit:
+ if (s->state == SSL23_ST_SR_CLNT_HELLO_B)
+ {
+ /* we have a SSLv3/TLSv1 in a SSLv2 header */
+ type=2;
+ p=s->packet;
+ n=((p[0]&0x7f)<<8)|p[1];
+ if (n > (1024*4))
+ {
+ SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_LARGE);
+ goto err;
+ }
+
+ j=ssl23_read_bytes(s,n+2);
+ if (j <= 0) return(j);
+
+ ssl3_finish_mac(s,&(s->packet[2]),s->packet_length-2);
+
+ p=s->packet;
+ p+=5;
+ n2s(p,csl);
+ n2s(p,sil);
+ n2s(p,cl);
+ d=(unsigned char *)s->init_buf->data;
+ if ((csl+sil+cl+11) != s->packet_length)
+ {
+ SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_LENGTH_MISMATCH);
+ goto err;
+ }
+
+ *(d++)=SSL3_VERSION_MAJOR;
+ if (tls1)
+ *(d++)=TLS1_VERSION_MINOR;
+ else
+ *(d++)=SSL3_VERSION_MINOR;
+
+ /* lets populate the random area */
+ /* get the chalenge_length */
+ i=(cl > SSL3_RANDOM_SIZE)?SSL3_RANDOM_SIZE:cl;
+ memset(d,0,SSL3_RANDOM_SIZE);
+ memcpy(&(d[SSL3_RANDOM_SIZE-i]),&(p[csl+sil]),i);
+ d+=SSL3_RANDOM_SIZE;
+
+ /* no session-id reuse */
+ *(d++)=0;
+
+ /* ciphers */
+ j=0;
+ dd=d;
+ d+=2;
+ for (i=0; i<csl; i+=3)
+ {
+ if (p[i] != 0) continue;
+ *(d++)=p[i+1];
+ *(d++)=p[i+2];
+ j+=2;
+ }
+ s2n(j,dd);
+
+ /* compression */
+ *(d++)=1;
+ *(d++)=0;
+
+ i=(d-(unsigned char *)s->init_buf->data);
+
+ /* get the data reused from the init_buf */
+ s->s3->tmp.reuse_message=1;
+ s->s3->tmp.message_type=SSL3_MT_CLIENT_HELLO;
+ s->s3->tmp.message_size=i;
+ }
+
+ if (type == 1)
+ {
+ /* we are talking sslv2 */
+ /* we need to clean up the SSLv3/TLSv1 setup and put in the
+ * sslv2 stuff. */
+
+ if (s->s2 == NULL)
+ {
+ if (!ssl2_new(s))
+ goto err;
+ }
+ else
+ ssl2_clear(s);
+
+ if (s->s3 != NULL) ssl3_free(s);
+
+ if (!BUF_MEM_grow(s->init_buf,
+ SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER))
+ {
+ goto err;
+ }
+
+ s->state=SSL2_ST_GET_CLIENT_HELLO_A;
+ if ((s->options & SSL_OP_MSIE_SSLV2_RSA_PADDING) ||
+ use_sslv2_strong)
+ s->s2->ssl2_rollback=0;
+ else
+ s->s2->ssl2_rollback=1;
+
+ /* setup the 5 bytes we have read so we get them from
+ * the sslv2 buffer */
+ s->rstate=SSL_ST_READ_HEADER;
+ s->packet_length=n;
+ s->packet= &(s->s2->rbuf[0]);
+ memcpy(s->packet,buf,n);
+ s->s2->rbuf_left=n;
+ s->s2->rbuf_offs=0;
+
+ s->method=SSLv2_server_method();
+ s->handshake_func=s->method->ssl_accept;
+ }
+
+ if ((type == 2) || (type == 3))
+ {
+ /* we have SSLv3/TLSv1 */
+
+ if (!ssl_init_wbio_buffer(s,1)) goto err;
+
+ /* we are in this state */
+ s->state=SSL3_ST_SR_CLNT_HELLO_A;
+
+ if (type == 3)
+ {
+ /* put the 'n' bytes we have read into the input buffer
+ * for SSLv3 */
+ s->rstate=SSL_ST_READ_HEADER;
+ s->packet_length=n;
+ s->packet= &(s->s3->rbuf.buf[0]);
+ memcpy(s->packet,buf,n);
+ s->s3->rbuf.left=n;
+ s->s3->rbuf.offset=0;
+ }
+ else
+ {
+ s->packet_length=0;
+ s->s3->rbuf.left=0;
+ s->s3->rbuf.offset=0;
+ }
+
+ if (tls1)
+ {
+ s->version=TLS1_VERSION;
+ s->method=TLSv1_server_method();
+ }
+ else
+ {
+ s->version=SSL3_VERSION;
+ s->method=SSLv3_server_method();
+ }
+ s->handshake_func=s->method->ssl_accept;
+ }
+
+ if ((type < 1) || (type > 3))
+ {
+ /* bad, very bad */
+ SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNKNOWN_PROTOCOL);
+ goto err;
+ }
+ s->init_num=0;
+
+ if (buf != buf_space) Free(buf);
+ s->first_packet=1;
+ return(SSL_accept(s));
+err:
+ if (buf != buf_space) Free(buf);
+ return(-1);
+ }
+
diff --git a/src/lib/libssl/src/ssl/s2_clnt.c b/src/lib/libssl/src/ssl/s2_clnt.c
new file mode 100644
index 0000000000..16df9ec565
--- /dev/null
+++ b/src/lib/libssl/src/ssl/s2_clnt.c
@@ -0,0 +1,983 @@
+/* ssl/s2_clnt.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "rand.h"
+#include "buffer.h"
+#include "objects.h"
+#include "ssl_locl.h"
+#include "evp.h"
+
+#ifndef NOPROTO
+static int get_server_finished(SSL *s);
+static int get_server_verify(SSL *s);
+static int get_server_hello(SSL *s);
+static int client_hello(SSL *s);
+static int client_master_key(SSL *s);
+static int client_finished(SSL *s);
+static int client_certificate(SSL *s);
+static int ssl_rsa_public_encrypt(CERT *c, int len, unsigned char *from,
+ unsigned char *to,int padding);
+#else
+static int get_server_finished();
+static int get_server_verify();
+static int get_server_hello();
+static int client_hello();
+static int client_master_key();
+static int client_finished();
+static int client_certificate();
+static int ssl_rsa_public_encrypt();
+#endif
+
+#define BREAK break
+
+static SSL_METHOD *ssl2_get_client_method(ver)
+int ver;
+ {
+ if (ver == SSL2_VERSION)
+ return(SSLv2_client_method());
+ else
+ return(NULL);
+ }
+
+SSL_METHOD *SSLv2_client_method()
+ {
+ static int init=1;
+ static SSL_METHOD SSLv2_client_data;
+
+ if (init)
+ {
+ init=0;
+ memcpy((char *)&SSLv2_client_data,(char *)sslv2_base_method(),
+ sizeof(SSL_METHOD));
+ SSLv2_client_data.ssl_connect=ssl2_connect;
+ SSLv2_client_data.get_ssl_method=ssl2_get_client_method;
+ }
+ return(&SSLv2_client_data);
+ }
+
+int ssl2_connect(s)
+SSL *s;
+ {
+ unsigned long l=time(NULL);
+ BUF_MEM *buf=NULL;
+ int ret= -1;
+ void (*cb)()=NULL;
+ int new_state,state;
+
+ RAND_seed((unsigned char *)&l,sizeof(l));
+ ERR_clear_error();
+ clear_sys_error();
+
+ if (s->info_callback != NULL)
+ cb=s->info_callback;
+ else if (s->ctx->info_callback != NULL)
+ cb=s->ctx->info_callback;
+
+ /* init things to blank */
+ if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
+ s->in_handshake++;
+
+ for (;;)
+ {
+ state=s->state;
+
+ switch (s->state)
+ {
+ case SSL_ST_BEFORE:
+ case SSL_ST_CONNECT:
+ case SSL_ST_BEFORE|SSL_ST_CONNECT:
+ case SSL_ST_OK|SSL_ST_CONNECT:
+
+ if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
+
+ s->version=SSL2_VERSION;
+ s->type=SSL_ST_CONNECT;
+
+ buf=s->init_buf;
+ if ((buf == NULL) && ((buf=BUF_MEM_new()) == NULL))
+ {
+ ret= -1;
+ goto end;
+ }
+ if (!BUF_MEM_grow(buf,
+ SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER))
+ {
+ ret= -1;
+ goto end;
+ }
+ s->init_buf=buf;
+ s->init_num=0;
+ s->state=SSL2_ST_SEND_CLIENT_HELLO_A;
+ s->ctx->sess_connect++;
+ s->handshake_func=ssl2_connect;
+ BREAK;
+
+ case SSL2_ST_SEND_CLIENT_HELLO_A:
+ case SSL2_ST_SEND_CLIENT_HELLO_B:
+ s->shutdown=0;
+ ret=client_hello(s);
+ if (ret <= 0) goto end;
+ s->init_num=0;
+ s->state=SSL2_ST_GET_SERVER_HELLO_A;
+ BREAK;
+
+ case SSL2_ST_GET_SERVER_HELLO_A:
+ case SSL2_ST_GET_SERVER_HELLO_B:
+ ret=get_server_hello(s);
+ if (ret <= 0) goto end;
+ s->init_num=0;
+ if (!s->hit) /* new session */
+ {
+ s->state=SSL2_ST_SEND_CLIENT_MASTER_KEY_A;
+ BREAK;
+ }
+ else
+ {
+ s->state=SSL2_ST_CLIENT_START_ENCRYPTION;
+ break;
+ }
+
+ case SSL2_ST_SEND_CLIENT_MASTER_KEY_A:
+ case SSL2_ST_SEND_CLIENT_MASTER_KEY_B:
+ ret=client_master_key(s);
+ if (ret <= 0) goto end;
+ s->init_num=0;
+ s->state=SSL2_ST_CLIENT_START_ENCRYPTION;
+ break;
+
+ case SSL2_ST_CLIENT_START_ENCRYPTION:
+ /* Ok, we now have all the stuff needed to
+ * start encrypting, so lets fire it up :-) */
+ if (!ssl2_enc_init(s,1))
+ {
+ ret= -1;
+ goto end;
+ }
+ s->s2->clear_text=0;
+ s->state=SSL2_ST_SEND_CLIENT_FINISHED_A;
+ break;
+
+ case SSL2_ST_SEND_CLIENT_FINISHED_A:
+ case SSL2_ST_SEND_CLIENT_FINISHED_B:
+ ret=client_finished(s);
+ if (ret <= 0) goto end;
+ s->init_num=0;
+ s->state=SSL2_ST_GET_SERVER_VERIFY_A;
+ break;
+
+ case SSL2_ST_GET_SERVER_VERIFY_A:
+ case SSL2_ST_GET_SERVER_VERIFY_B:
+ ret=get_server_verify(s);
+ if (ret <= 0) goto end;
+ s->init_num=0;
+ s->state=SSL2_ST_GET_SERVER_FINISHED_A;
+ break;
+
+ case SSL2_ST_GET_SERVER_FINISHED_A:
+ case SSL2_ST_GET_SERVER_FINISHED_B:
+ ret=get_server_finished(s);
+ if (ret <= 0) goto end;
+ break;
+
+ case SSL2_ST_SEND_CLIENT_CERTIFICATE_A:
+ case SSL2_ST_SEND_CLIENT_CERTIFICATE_B:
+ case SSL2_ST_SEND_CLIENT_CERTIFICATE_C:
+ case SSL2_ST_SEND_CLIENT_CERTIFICATE_D:
+ case SSL2_ST_X509_GET_CLIENT_CERTIFICATE:
+ ret=client_certificate(s);
+ if (ret <= 0) goto end;
+ s->init_num=0;
+ s->state=SSL2_ST_GET_SERVER_FINISHED_A;
+ break;
+
+ case SSL_ST_OK:
+ BUF_MEM_free(s->init_buf);
+ s->init_buf=NULL;
+ s->init_num=0;
+ /* ERR_clear_error();*/
+
+ /* If we want to cache session-ids in the client
+ * and we sucessfully add the session-id to the
+ * cache, and there is a callback, then pass it out.
+ * 26/11/96 - eay - only add if not a re-used session.
+ */
+
+ ssl_update_cache(s,SSL_SESS_CACHE_CLIENT);
+ if (s->hit) s->ctx->sess_hit++;
+
+ ret=1;
+ /* s->server=0; */
+ s->ctx->sess_connect_good++;
+
+ if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1);
+
+ goto end;
+ break;
+ default:
+ SSLerr(SSL_F_SSL2_CONNECT,SSL_R_UNKNOWN_STATE);
+ return(-1);
+ /* break; */
+ }
+
+ if ((cb != NULL) && (s->state != state))
+ {
+ new_state=s->state;
+ s->state=state;
+ cb(s,SSL_CB_CONNECT_LOOP,1);
+ s->state=new_state;
+ }
+ }
+end:
+ s->in_handshake--;
+ if (cb != NULL)
+ cb(s,SSL_CB_CONNECT_EXIT,ret);
+ return(ret);
+ }
+
+static int get_server_hello(s)
+SSL *s;
+ {
+ unsigned char *buf;
+ unsigned char *p;
+ int i,j;
+ STACK *sk=NULL,*cl;
+
+ buf=(unsigned char *)s->init_buf->data;
+ p=buf;
+ if (s->state == SSL2_ST_GET_SERVER_HELLO_A)
+ {
+ i=ssl2_read(s,(char *)&(buf[s->init_num]),11-s->init_num);
+ if (i < (11-s->init_num))
+ return(ssl2_part_read(s,SSL_F_GET_SERVER_HELLO,i));
+
+ if (*(p++) != SSL2_MT_SERVER_HELLO)
+ {
+ if (p[-1] != SSL2_MT_ERROR)
+ {
+ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_GET_SERVER_HELLO,
+ SSL_R_READ_WRONG_PACKET_TYPE);
+ }
+ else
+ SSLerr(SSL_F_GET_SERVER_HELLO,
+ SSL_R_PEER_ERROR);
+ return(-1);
+ }
+ s->hit=(*(p++))?1:0;
+ s->s2->tmp.cert_type= *(p++);
+ n2s(p,i);
+ if (i < s->version) s->version=i;
+ n2s(p,i); s->s2->tmp.cert_length=i;
+ n2s(p,i); s->s2->tmp.csl=i;
+ n2s(p,i); s->s2->tmp.conn_id_length=i;
+ s->state=SSL2_ST_GET_SERVER_HELLO_B;
+ s->init_num=0;
+ }
+
+ /* SSL2_ST_GET_SERVER_HELLO_B */
+ j=s->s2->tmp.cert_length+s->s2->tmp.csl+s->s2->tmp.conn_id_length
+ - s->init_num;
+ i=ssl2_read(s,(char *)&(buf[s->init_num]),j);
+ if (i != j) return(ssl2_part_read(s,SSL_F_GET_SERVER_HELLO,i));
+
+ /* things are looking good */
+
+ p=buf;
+ if (s->hit)
+ {
+ if (s->s2->tmp.cert_length != 0)
+ {
+ SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_REUSE_CERT_LENGTH_NOT_ZERO);
+ return(-1);
+ }
+ if (s->s2->tmp.cert_type != 0)
+ {
+ if (!(s->options &
+ SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG))
+ {
+ SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_REUSE_CERT_TYPE_NOT_ZERO);
+ return(-1);
+ }
+ }
+ if (s->s2->tmp.csl != 0)
+ {
+ SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_REUSE_CIPHER_LIST_NOT_ZERO);
+ return(-1);
+ }
+ }
+ else
+ {
+#ifdef undef
+ /* very bad */
+ memset(s->session->session_id,0,
+ SSL_MAX_SSL_SESSION_ID_LENGTH_IN_BYTES);
+ s->session->session_id_length=0;
+ */
+#endif
+
+ /* we need to do this incase we were trying to reuse a
+ * client session but others are already reusing it.
+ * If this was a new 'blank' session ID, the session-id
+ * length will still be 0 */
+ if (s->session->session_id_length > 0)
+ {
+ if (!ssl_get_new_session(s,0))
+ {
+ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
+ return(-1);
+ }
+ }
+
+ if (ssl2_set_certificate(s,s->s2->tmp.cert_type,
+ s->s2->tmp.cert_length,p) <= 0)
+ {
+ ssl2_return_error(s,SSL2_PE_BAD_CERTIFICATE);
+ return(-1);
+ }
+ p+=s->s2->tmp.cert_length;
+
+ if (s->s2->tmp.csl == 0)
+ {
+ ssl2_return_error(s,SSL2_PE_NO_CIPHER);
+ SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_NO_CIPHER_LIST);
+ return(-1);
+ }
+
+ /* We have just received a list of ciphers back from the
+ * server. We need to get the ones that match, then select
+ * the one we want the most :-). */
+
+ /* load the ciphers */
+ sk=ssl_bytes_to_cipher_list(s,p,s->s2->tmp.csl,
+ &s->session->ciphers);
+ p+=s->s2->tmp.csl;
+ if (sk == NULL)
+ {
+ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_GET_SERVER_HELLO,ERR_R_MALLOC_FAILURE);
+ return(-1);
+ }
+
+ sk_set_cmp_func(sk,ssl_cipher_ptr_id_cmp);
+
+ /* get the array of ciphers we will accept */
+ cl=ssl_get_ciphers_by_id(s);
+
+ /* In theory we could have ciphers sent back that we
+ * don't want to use but that does not matter since we
+ * will check against the list we origionally sent and
+ * for performance reasons we should not bother to match
+ * the two lists up just to check. */
+ for (i=0; i<sk_num(cl); i++)
+ {
+ if (sk_find(sk,sk_value(cl,i)) >= 0)
+ break;
+ }
+
+ if (i >= sk_num(cl))
+ {
+ ssl2_return_error(s,SSL2_PE_NO_CIPHER);
+ SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_NO_CIPHER_MATCH);
+ return(-1);
+ }
+ s->session->cipher=(SSL_CIPHER *)sk_value(cl,i);
+ }
+
+ if ((s->session != NULL) && (s->session->peer != NULL))
+ X509_free(s->session->peer);
+
+ /* hmmm, can we have the problem of the other session with this
+ * cert, Free's it before we increment the reference count. */
+ CRYPTO_w_lock(CRYPTO_LOCK_X509);
+ s->session->peer=s->session->cert->key->x509;
+ CRYPTO_add(&s->session->peer->references,1,CRYPTO_LOCK_X509);
+ CRYPTO_w_unlock(CRYPTO_LOCK_X509);
+
+ s->s2->conn_id_length=s->s2->tmp.conn_id_length;
+ memcpy(s->s2->conn_id,p,s->s2->tmp.conn_id_length);
+ return(1);
+ }
+
+static int client_hello(s)
+SSL *s;
+ {
+ unsigned char *buf;
+ unsigned char *p,*d;
+/* CIPHER **cipher;*/
+ int i,n,j;
+
+ buf=(unsigned char *)s->init_buf->data;
+ if (s->state == SSL2_ST_SEND_CLIENT_HELLO_A)
+ {
+ if ((s->session == NULL) ||
+ (s->session->ssl_version != s->version))
+ {
+ if (!ssl_get_new_session(s,0))
+ {
+ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
+ return(-1);
+ }
+ }
+ /* else use the pre-loaded session */
+
+ p=buf; /* header */
+ d=p+9; /* data section */
+ *(p++)=SSL2_MT_CLIENT_HELLO; /* type */
+ s2n(SSL2_CLIENT_VERSION,p); /* version */
+ n=j=0;
+
+ n=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),d);
+ d+=n;
+
+ if (n == 0)
+ {
+ SSLerr(SSL_F_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);
+ return(-1);
+ }
+
+ s2n(n,p); /* cipher spec num bytes */
+
+ if ((s->session->session_id_length > 0) &&
+ (s->session->session_id_length <=
+ SSL2_MAX_SSL_SESSION_ID_LENGTH))
+ {
+ i=s->session->session_id_length;
+ s2n(i,p); /* session id length */
+ memcpy(d,s->session->session_id,(unsigned int)i);
+ d+=i;
+ }
+ else
+ {
+ s2n(0,p);
+ }
+
+ s->s2->challenge_length=SSL2_CHALLENGE_LENGTH;
+ s2n(SSL2_CHALLENGE_LENGTH,p); /* challenge length */
+ /*challenge id data*/
+ RAND_bytes(s->s2->challenge,SSL2_CHALLENGE_LENGTH);
+ memcpy(d,s->s2->challenge,SSL2_CHALLENGE_LENGTH);
+ d+=SSL2_CHALLENGE_LENGTH;
+
+ s->state=SSL2_ST_SEND_CLIENT_HELLO_B;
+ s->init_num=d-buf;
+ s->init_off=0;
+ }
+ /* SSL2_ST_SEND_CLIENT_HELLO_B */
+ return(ssl2_do_write(s));
+ }
+
+static int client_master_key(s)
+SSL *s;
+ {
+ unsigned char *buf;
+ unsigned char *p,*d;
+ int clear,enc,karg,i;
+ SSL_SESSION *sess;
+ EVP_CIPHER *c;
+ EVP_MD *md;
+
+ buf=(unsigned char *)s->init_buf->data;
+ if (s->state == SSL2_ST_SEND_CLIENT_MASTER_KEY_A)
+ {
+
+ if (!ssl_cipher_get_evp(s->session->cipher,&c,&md))
+ {
+ ssl2_return_error(s,SSL2_PE_NO_CIPHER);
+ SSLerr(SSL_F_CLIENT_MASTER_KEY,SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);
+ return(-1);
+ }
+ sess=s->session;
+ p=buf;
+ d=p+10;
+ *(p++)=SSL2_MT_CLIENT_MASTER_KEY;/* type */
+
+ i=ssl_put_cipher_by_char(s,sess->cipher,p);
+ p+=i;
+
+ /* make key_arg data */
+ i=EVP_CIPHER_iv_length(c);
+ sess->key_arg_length=i;
+ if (i > 0) RAND_bytes(sess->key_arg,i);
+
+ /* make a master key */
+ i=EVP_CIPHER_key_length(c);
+ sess->master_key_length=i;
+ if (i > 0) RAND_bytes(sess->master_key,i);
+
+ if (sess->cipher->algorithm2 & SSL2_CF_8_BYTE_ENC)
+ enc=8;
+ else if (sess->cipher->algorithms & SSL_EXP)
+ enc=5;
+ else
+ enc=i;
+
+ if (i < enc)
+ {
+ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_CLIENT_MASTER_KEY,SSL_R_CIPHER_TABLE_SRC_ERROR);
+ return(-1);
+ }
+ clear=i-enc;
+ s2n(clear,p);
+ memcpy(d,sess->master_key,(unsigned int)clear);
+ d+=clear;
+
+ enc=ssl_rsa_public_encrypt(sess->cert,enc,
+ &(sess->master_key[clear]),d,
+ (s->s2->ssl2_rollback)?RSA_SSLV23_PADDING:RSA_PKCS1_PADDING);
+ if (enc <= 0)
+ {
+ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_CLIENT_MASTER_KEY,SSL_R_PUBLIC_KEY_ENCRYPT_ERROR);
+ return(-1);
+ }
+ s2n(enc,p);
+ d+=enc;
+ karg=sess->key_arg_length;
+ s2n(karg,p); /* key arg size */
+ memcpy(d,sess->key_arg,(unsigned int)karg);
+ d+=karg;
+
+ s->state=SSL2_ST_SEND_CLIENT_MASTER_KEY_B;
+ s->init_num=d-buf;
+ s->init_off=0;
+ }
+
+ /* SSL2_ST_SEND_CLIENT_MASTER_KEY_B */
+ return(ssl2_do_write(s));
+ }
+
+static int client_finished(s)
+SSL *s;
+ {
+ unsigned char *p;
+
+ if (s->state == SSL2_ST_SEND_CLIENT_FINISHED_A)
+ {
+ p=(unsigned char *)s->init_buf->data;
+ *(p++)=SSL2_MT_CLIENT_FINISHED;
+ memcpy(p,s->s2->conn_id,(unsigned int)s->s2->conn_id_length);
+
+ s->state=SSL2_ST_SEND_CLIENT_FINISHED_B;
+ s->init_num=s->s2->conn_id_length+1;
+ s->init_off=0;
+ }
+ return(ssl2_do_write(s));
+ }
+
+/* read the data and then respond */
+static int client_certificate(s)
+SSL *s;
+ {
+ unsigned char *buf;
+ unsigned char *p,*d;
+ int i;
+ unsigned int n;
+ int cert_ch_len=0;
+ unsigned char *cert_ch;
+
+ buf=(unsigned char *)s->init_buf->data;
+ cert_ch= &(buf[2]);
+
+ /* We have a cert associated with the SSL, so attach it to
+ * the session if it does not have one */
+
+ if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_A)
+ {
+ i=ssl2_read(s,(char *)&(buf[s->init_num]),
+ SSL2_MAX_CERT_CHALLENGE_LENGTH+1-s->init_num);
+ if (i<(SSL2_MIN_CERT_CHALLENGE_LENGTH+1-s->init_num))
+ return(ssl2_part_read(s,SSL_F_CLIENT_CERTIFICATE,i));
+
+ /* type=buf[0]; */
+ /* type eq x509 */
+ if (buf[1] != SSL2_AT_MD5_WITH_RSA_ENCRYPTION)
+ {
+ ssl2_return_error(s,SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE);
+ SSLerr(SSL_F_CLIENT_CERTIFICATE,SSL_R_BAD_AUTHENTICATION_TYPE);
+ return(-1);
+ }
+ cert_ch_len=i-1;
+
+ if ((s->cert == NULL) ||
+ (s->cert->key->x509 == NULL) ||
+ (s->cert->key->privatekey == NULL))
+ {
+ s->state=SSL2_ST_X509_GET_CLIENT_CERTIFICATE;
+ }
+ else
+ s->state=SSL2_ST_SEND_CLIENT_CERTIFICATE_C;
+ }
+
+ if (s->state == SSL2_ST_X509_GET_CLIENT_CERTIFICATE)
+ {
+ X509 *x509=NULL;
+ EVP_PKEY *pkey=NULL;
+
+ /* If we get an error we need to
+ * ssl->rwstate=SSL_X509_LOOKUP;
+ * return(error);
+ * We should then be retried when things are ok and we
+ * can get a cert or not */
+
+ i=0;
+ if (s->ctx->client_cert_cb != NULL)
+ {
+ i=s->ctx->client_cert_cb(s,&(x509),&(pkey));
+ }
+
+ if (i < 0)
+ {
+ s->rwstate=SSL_X509_LOOKUP;
+ return(-1);
+ }
+ s->rwstate=SSL_NOTHING;
+
+ if ((i == 1) && (pkey != NULL) && (x509 != NULL))
+ {
+ s->state=SSL2_ST_SEND_CLIENT_CERTIFICATE_C;
+ if ( !SSL_use_certificate(s,x509) ||
+ !SSL_use_PrivateKey(s,pkey))
+ {
+ i=0;
+ }
+ X509_free(x509);
+ EVP_PKEY_free(pkey);
+ }
+ else if (i == 1)
+ {
+ if (x509 != NULL) X509_free(x509);
+ if (pkey != NULL) EVP_PKEY_free(pkey);
+ SSLerr(SSL_F_CLIENT_CERTIFICATE,SSL_R_BAD_DATA_RETURNED_BY_CALLBACK);
+ i=0;
+ }
+
+ if (i == 0)
+ {
+ /* We have no client certificate to respond with
+ * so send the correct error message back */
+ s->state=SSL2_ST_SEND_CLIENT_CERTIFICATE_B;
+ p=buf;
+ *(p++)=SSL2_MT_ERROR;
+ s2n(SSL2_PE_NO_CERTIFICATE,p);
+ s->init_off=0;
+ s->init_num=3;
+ /* Write is done at the end */
+ }
+ }
+
+ if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_B)
+ {
+ return(ssl2_do_write(s));
+ }
+
+ if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_C)
+ {
+ EVP_MD_CTX ctx;
+
+ /* ok, now we calculate the checksum
+ * do it first so we can reuse buf :-) */
+ p=buf;
+ EVP_SignInit(&ctx,s->ctx->rsa_md5);
+ EVP_SignUpdate(&ctx,s->s2->key_material,
+ (unsigned int)s->s2->key_material_length);
+ EVP_SignUpdate(&ctx,cert_ch,(unsigned int)cert_ch_len);
+ n=i2d_X509(s->session->cert->key->x509,&p);
+ EVP_SignUpdate(&ctx,buf,(unsigned int)n);
+
+ p=buf;
+ d=p+6;
+ *(p++)=SSL2_MT_CLIENT_CERTIFICATE;
+ *(p++)=SSL2_CT_X509_CERTIFICATE;
+ n=i2d_X509(s->cert->key->x509,&d);
+ s2n(n,p);
+
+ if (!EVP_SignFinal(&ctx,d,&n,s->cert->key->privatekey))
+ {
+ /* this is not good. If things have failed it
+ * means there so something wrong with the key.
+ * We will contiune with a 0 length signature
+ */
+ }
+ memset(&ctx,0,sizeof(ctx));
+ s2n(n,p);
+ d+=n;
+
+ s->state=SSL2_ST_SEND_CLIENT_CERTIFICATE_D;
+ s->init_num=d-buf;
+ s->init_off=0;
+ }
+ /* if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_D) */
+ return(ssl2_do_write(s));
+ }
+
+static int get_server_verify(s)
+SSL *s;
+ {
+ unsigned char *p;
+ int i;
+
+ p=(unsigned char *)s->init_buf->data;
+ if (s->state == SSL2_ST_GET_SERVER_VERIFY_A)
+ {
+ i=ssl2_read(s,(char *)&(p[s->init_num]),1-s->init_num);
+ if (i < (1-s->init_num))
+ return(ssl2_part_read(s,SSL_F_GET_SERVER_VERIFY,i));
+
+ s->state= SSL2_ST_GET_SERVER_VERIFY_B;
+ s->init_num=0;
+ if (*p != SSL2_MT_SERVER_VERIFY)
+ {
+ if (p[0] != SSL2_MT_ERROR)
+ {
+ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_GET_SERVER_VERIFY,
+ SSL_R_READ_WRONG_PACKET_TYPE);
+ }
+ else
+ SSLerr(SSL_F_GET_SERVER_VERIFY,
+ SSL_R_PEER_ERROR);
+ return(-1);
+ }
+ }
+
+ p=(unsigned char *)s->init_buf->data;
+ i=ssl2_read(s,(char *)&(p[s->init_num]),
+ (unsigned int)s->s2->challenge_length-s->init_num);
+ if (i < ((int)s->s2->challenge_length-s->init_num))
+ return(ssl2_part_read(s,SSL_F_GET_SERVER_VERIFY,i));
+ if (memcmp(p,s->s2->challenge,(unsigned int)s->s2->challenge_length) != 0)
+ {
+ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_GET_SERVER_VERIFY,SSL_R_CHALLENGE_IS_DIFFERENT);
+ return(-1);
+ }
+ return(1);
+ }
+
+static int get_server_finished(s)
+SSL *s;
+ {
+ unsigned char *buf;
+ unsigned char *p;
+ int i;
+
+ buf=(unsigned char *)s->init_buf->data;
+ p=buf;
+ if (s->state == SSL2_ST_GET_SERVER_FINISHED_A)
+ {
+ i=ssl2_read(s,(char *)&(buf[s->init_num]),1-s->init_num);
+ if (i < (1-s->init_num))
+ return(ssl2_part_read(s,SSL_F_GET_SERVER_FINISHED,i));
+ s->init_num=i;
+ if (*p == SSL2_MT_REQUEST_CERTIFICATE)
+ {
+ s->state=SSL2_ST_SEND_CLIENT_CERTIFICATE_A;
+ return(1);
+ }
+ else if (*p != SSL2_MT_SERVER_FINISHED)
+ {
+ if (p[0] != SSL2_MT_ERROR)
+ {
+ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_GET_SERVER_FINISHED,SSL_R_READ_WRONG_PACKET_TYPE);
+ }
+ else
+ SSLerr(SSL_F_GET_SERVER_FINISHED,SSL_R_PEER_ERROR);
+ return(-1);
+ }
+ s->state=SSL_ST_OK;
+ s->init_num=0;
+ }
+
+ i=ssl2_read(s,(char *)&(buf[s->init_num]),
+ SSL2_SSL_SESSION_ID_LENGTH-s->init_num);
+ if (i < (SSL2_SSL_SESSION_ID_LENGTH-s->init_num))
+ return(ssl2_part_read(s,SSL_F_GET_SERVER_FINISHED,i));
+
+ if (!s->hit) /* new session */
+ {
+ /* new session-id */
+ /* Make sure we were not trying to re-use an old SSL_SESSION
+ * or bad things can happen */
+ /* ZZZZZZZZZZZZZ */
+ s->session->session_id_length=SSL2_SSL_SESSION_ID_LENGTH;
+ memcpy(s->session->session_id,p,SSL2_SSL_SESSION_ID_LENGTH);
+ }
+ else
+ {
+ if (!(s->options & SSL_OP_MICROSOFT_SESS_ID_BUG))
+ {
+ if (memcmp(buf,s->session->session_id,
+ (unsigned int)s->session->session_id_length) != 0)
+ {
+ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_GET_SERVER_FINISHED,SSL_R_SSL_SESSION_ID_IS_DIFFERENT);
+ return(-1);
+ }
+ }
+ }
+ return(1);
+ }
+
+/* loads in the certificate from the server */
+int ssl2_set_certificate(s, type, len, data)
+SSL *s;
+int type;
+int len;
+unsigned char *data;
+ {
+ STACK *sk=NULL;
+ EVP_PKEY *pkey=NULL;
+ CERT *c=NULL;
+ int i;
+ X509 *x509=NULL;
+ int ret=0;
+
+ x509=d2i_X509(NULL,&data,(long)len);
+ if (x509 == NULL)
+ {
+ SSLerr(SSL_F_SSL2_SET_CERTIFICATE,ERR_R_X509_LIB);
+ goto err;
+ }
+
+ if (((sk=sk_new_null()) == NULL) ||
+ (!sk_push(sk,(char *)x509)))
+ {
+ SSLerr(SSL_F_SSL2_SET_CERTIFICATE,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ i=ssl_verify_cert_chain(s,sk);
+
+ if ((s->verify_mode != SSL_VERIFY_NONE) && (!i))
+ {
+ SSLerr(SSL_F_SSL2_SET_CERTIFICATE,SSL_R_CERTIFICATE_VERIFY_FAILED);
+ goto err;
+ }
+
+ /* cert for ssl */
+ c=ssl_cert_new();
+ if (c == NULL)
+ {
+ ret= -1;
+ goto err;
+ }
+
+ /* cert for session */
+ if (s->session->cert) ssl_cert_free(s->session->cert);
+ s->session->cert=c;
+
+/* c->cert_type=type; */
+
+ c->pkeys[SSL_PKEY_RSA_ENC].x509=x509;
+ c->key= &(c->pkeys[SSL_PKEY_RSA_ENC]);
+
+ pkey=X509_get_pubkey(x509);
+ x509=NULL;
+ if (pkey == NULL)
+ {
+ SSLerr(SSL_F_SSL2_SET_CERTIFICATE,SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY);
+ goto err;
+ }
+ if (pkey->type != EVP_PKEY_RSA)
+ {
+ SSLerr(SSL_F_SSL2_SET_CERTIFICATE,SSL_R_PUBLIC_KEY_NOT_RSA);
+ goto err;
+ }
+
+ if (!ssl_set_cert_type(c,SSL2_CT_X509_CERTIFICATE))
+ goto err;
+ ret=1;
+err:
+ if (sk != NULL) sk_free(sk);
+ if (x509 != NULL) X509_free(x509);
+ return(ret);
+ }
+
+static int ssl_rsa_public_encrypt(c, len, from, to, padding)
+CERT *c;
+int len;
+unsigned char *from;
+unsigned char *to;
+int padding;
+ {
+ EVP_PKEY *pkey=NULL;
+ int i= -1;
+
+ if ((c == NULL) || (c->key->x509 == NULL) ||
+ ((pkey=X509_get_pubkey(c->key->x509)) == NULL))
+ {
+ SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT,SSL_R_NO_PUBLICKEY);
+ return(-1);
+ }
+ if (pkey->type != EVP_PKEY_RSA)
+ {
+ SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT,SSL_R_PUBLIC_KEY_IS_NOT_RSA);
+ goto end;
+ }
+
+ /* we have the public key */
+ i=RSA_public_encrypt(len,from,to,pkey->pkey.rsa,padding);
+ if (i < 0)
+ SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT,ERR_R_RSA_LIB);
+end:
+ return(i);
+ }
+
diff --git a/src/lib/libssl/src/ssl/s2_enc.c b/src/lib/libssl/src/ssl/s2_enc.c
new file mode 100644
index 0000000000..b43056fa14
--- /dev/null
+++ b/src/lib/libssl/src/ssl/s2_enc.c
@@ -0,0 +1,187 @@
+/* ssl/s2_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "ssl_locl.h"
+
+int ssl2_enc_init(s, client)
+SSL *s;
+int client;
+ {
+ /* Max number of bytes needed */
+ EVP_CIPHER_CTX *rs,*ws;
+ EVP_CIPHER *c;
+ EVP_MD *md;
+ int num;
+
+ if (!ssl_cipher_get_evp(s->session->cipher,&c,&md))
+ {
+ ssl2_return_error(s,SSL2_PE_NO_CIPHER);
+ SSLerr(SSL_F_SSL2_ENC_INIT,SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);
+ return(0);
+ }
+
+ s->read_hash=md;
+ s->write_hash=md;
+
+ if ((s->enc_read_ctx == NULL) &&
+ ((s->enc_read_ctx=(EVP_CIPHER_CTX *)
+ Malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
+ goto err;
+ if ((s->enc_write_ctx == NULL) &&
+ ((s->enc_write_ctx=(EVP_CIPHER_CTX *)
+ Malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
+ goto err;
+
+ rs= s->enc_read_ctx;
+ ws= s->enc_write_ctx;
+
+ EVP_CIPHER_CTX_init(rs);
+ EVP_CIPHER_CTX_init(ws);
+
+ num=c->key_len;
+ s->s2->key_material_length=num*2;
+
+ ssl2_generate_key_material(s);
+
+ EVP_EncryptInit(ws,c,&(s->s2->key_material[(client)?num:0]),
+ s->session->key_arg);
+ EVP_DecryptInit(rs,c,&(s->s2->key_material[(client)?0:num]),
+ s->session->key_arg);
+ s->s2->read_key= &(s->s2->key_material[(client)?0:num]);
+ s->s2->write_key= &(s->s2->key_material[(client)?num:0]);
+ return(1);
+err:
+ SSLerr(SSL_F_SSL2_ENC_INIT,ERR_R_MALLOC_FAILURE);
+ return(0);
+ }
+
+/* read/writes from s->s2->mac_data using length for encrypt and
+ * decrypt. It sets the s->s2->padding, s->[rw]length and
+ * s->s2->pad_data ptr if we are encrypting */
+void ssl2_enc(s,send)
+SSL *s;
+int send;
+ {
+ EVP_CIPHER_CTX *ds;
+ unsigned long l;
+ int bs;
+
+ if (send)
+ {
+ ds=s->enc_write_ctx;
+ l=s->s2->wlength;
+ }
+ else
+ {
+ ds=s->enc_read_ctx;
+ l=s->s2->rlength;
+ }
+
+ /* check for NULL cipher */
+ if (ds == NULL) return;
+
+
+ bs=ds->cipher->block_size;
+ /* This should be using (bs-1) and bs instead of 7 and 8, but
+ * what the hell. */
+ if (bs == 8)
+ l=(l+7)/8*8;
+
+ EVP_Cipher(ds,s->s2->mac_data,s->s2->mac_data,l);
+ }
+
+void ssl2_mac(s, md,send)
+SSL *s;
+unsigned char *md;
+int send;
+ {
+ EVP_MD_CTX c;
+ unsigned char sequence[4],*p,*sec,*act;
+ unsigned long seq;
+ unsigned int len;
+
+ if (send)
+ {
+ seq=s->s2->write_sequence;
+ sec=s->s2->write_key;
+ len=s->s2->wact_data_length;
+ act=s->s2->wact_data;
+ }
+ else
+ {
+ seq=s->s2->read_sequence;
+ sec=s->s2->read_key;
+ len=s->s2->ract_data_length;
+ act=s->s2->ract_data;
+ }
+
+ p= &(sequence[0]);
+ l2n(seq,p);
+
+ /* There has to be a MAC algorithm. */
+ EVP_DigestInit(&c,s->read_hash);
+ EVP_DigestUpdate(&c,sec,
+ EVP_CIPHER_CTX_key_length(s->enc_read_ctx));
+ EVP_DigestUpdate(&c,act,len);
+ /* the above line also does the pad data */
+ EVP_DigestUpdate(&c,sequence,4);
+ EVP_DigestFinal(&c,md,NULL);
+ /* some would say I should zero the md context */
+ }
+
diff --git a/src/lib/libssl/src/ssl/s2_lib.c b/src/lib/libssl/src/ssl/s2_lib.c
new file mode 100644
index 0000000000..275eb52f13
--- /dev/null
+++ b/src/lib/libssl/src/ssl/s2_lib.c
@@ -0,0 +1,444 @@
+/* ssl/s2_lib.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "rsa.h"
+#include "objects.h"
+#include "ssl_locl.h"
+
+#ifndef NOPROTO
+static int ssl2_ok(SSL *s);
+static long ssl2_default_timeout(void );
+#else
+static int ssl2_ok();
+static long ssl2_default_timeout();
+#endif
+
+char *ssl2_version_str="SSLv2 part of SSLeay 0.9.0b 29-Jun-1998";
+
+#define SSL2_NUM_CIPHERS (sizeof(ssl2_ciphers)/sizeof(SSL_CIPHER))
+
+SSL_CIPHER ssl2_ciphers[]={
+/* NULL_WITH_MD5 v3 */
+#if 0
+ {
+ 1,
+ SSL2_TXT_NULL_WITH_MD5,
+ SSL2_CK_NULL_WITH_MD5,
+ SSL_kRSA|SSL_aRSA|SSL_eNULL|SSL_MD5|SSL_EXP|SSL_SSLV2,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+#endif
+/* RC4_128_EXPORT40_WITH_MD5 */
+ {
+ 1,
+ SSL2_TXT_RC4_128_EXPORT40_WITH_MD5,
+ SSL2_CK_RC4_128_EXPORT40_WITH_MD5,
+ SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_EXP|SSL_SSLV2,
+ SSL2_CF_5_BYTE_ENC,
+ SSL_ALL_CIPHERS,
+ },
+/* RC4_128_WITH_MD5 */
+ {
+ 1,
+ SSL2_TXT_RC4_128_WITH_MD5,
+ SSL2_CK_RC4_128_WITH_MD5,
+ SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_NOT_EXP|SSL_SSLV2|SSL_MEDIUM,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* RC2_128_CBC_EXPORT40_WITH_MD5 */
+ {
+ 1,
+ SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5,
+ SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5,
+ SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_EXP|SSL_SSLV2,
+ SSL2_CF_5_BYTE_ENC,
+ SSL_ALL_CIPHERS,
+ },
+/* RC2_128_CBC_WITH_MD5 */
+ {
+ 1,
+ SSL2_TXT_RC2_128_CBC_WITH_MD5,
+ SSL2_CK_RC2_128_CBC_WITH_MD5,
+ SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_NOT_EXP|SSL_SSLV2|SSL_MEDIUM,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* IDEA_128_CBC_WITH_MD5 */
+ {
+ 1,
+ SSL2_TXT_IDEA_128_CBC_WITH_MD5,
+ SSL2_CK_IDEA_128_CBC_WITH_MD5,
+ SSL_kRSA|SSL_aRSA|SSL_IDEA|SSL_MD5|SSL_NOT_EXP|SSL_SSLV2|SSL_MEDIUM,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* DES_64_CBC_WITH_MD5 */
+ {
+ 1,
+ SSL2_TXT_DES_64_CBC_WITH_MD5,
+ SSL2_CK_DES_64_CBC_WITH_MD5,
+ SSL_kRSA|SSL_aRSA|SSL_DES|SSL_MD5|SSL_NOT_EXP|SSL_SSLV2|SSL_LOW,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* DES_192_EDE3_CBC_WITH_MD5 */
+ {
+ 1,
+ SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5,
+ SSL2_CK_DES_192_EDE3_CBC_WITH_MD5,
+ SSL_kRSA|SSL_aRSA|SSL_3DES|SSL_MD5|SSL_NOT_EXP|SSL_SSLV2|SSL_HIGH,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* RC4_64_WITH_MD5 */
+#if 1
+ {
+ 1,
+ SSL2_TXT_RC4_64_WITH_MD5,
+ SSL2_CK_RC4_64_WITH_MD5,
+ SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_SSLV2|SSL_LOW,
+ SSL2_CF_8_BYTE_ENC,
+ SSL_ALL_CIPHERS,
+ },
+#endif
+/* NULL SSLeay (testing) */
+#if 0
+ {
+ 0,
+ SSL2_TXT_NULL,
+ SSL2_CK_NULL,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+#endif
+
+/* end of list :-) */
+ };
+
+static SSL_METHOD SSLv2_data= {
+ SSL2_VERSION,
+ ssl2_new, /* local */
+ ssl2_clear, /* local */
+ ssl2_free, /* local */
+ ssl_undefined_function,
+ ssl_undefined_function,
+ ssl2_read,
+ ssl2_peek,
+ ssl2_write,
+ ssl2_shutdown,
+ ssl2_ok,
+ ssl2_ctrl, /* local */
+ ssl2_ctx_ctrl, /* local */
+ ssl2_get_cipher_by_char,
+ ssl2_put_cipher_by_char,
+ ssl2_pending,
+ ssl2_num_ciphers,
+ ssl2_get_cipher,
+ ssl_bad_method,
+ ssl2_default_timeout,
+ &ssl3_undef_enc_method,
+ };
+
+static long ssl2_default_timeout()
+ {
+ return(300);
+ }
+
+SSL_METHOD *sslv2_base_method()
+ {
+ return(&SSLv2_data);
+ }
+
+int ssl2_num_ciphers()
+ {
+ return(SSL2_NUM_CIPHERS);
+ }
+
+SSL_CIPHER *ssl2_get_cipher(u)
+unsigned int u;
+ {
+ if (u < SSL2_NUM_CIPHERS)
+ return(&(ssl2_ciphers[SSL2_NUM_CIPHERS-1-u]));
+ else
+ return(NULL);
+ }
+
+int ssl2_pending(s)
+SSL *s;
+ {
+ return(s->s2->ract_data_length);
+ }
+
+int ssl2_new(s)
+SSL *s;
+ {
+ SSL2_CTX *s2;
+
+ if ((s2=(SSL2_CTX *)Malloc(sizeof(SSL2_CTX))) == NULL) goto err;
+ memset(s2,0,sizeof(SSL2_CTX));
+
+ if ((s2->rbuf=(unsigned char *)Malloc(
+ SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2)) == NULL) goto err;
+ if ((s2->wbuf=(unsigned char *)Malloc(
+ SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2)) == NULL) goto err;
+ s->s2=s2;
+
+ ssl2_clear(s);
+ return(1);
+err:
+ if (s2 != NULL)
+ {
+ if (s2->wbuf != NULL) Free(s2->wbuf);
+ if (s2->rbuf != NULL) Free(s2->rbuf);
+ Free(s2);
+ }
+ return(0);
+ }
+
+void ssl2_free(s)
+SSL *s;
+ {
+ SSL2_CTX *s2;
+
+ s2=s->s2;
+ if (s2->rbuf != NULL) Free(s2->rbuf);
+ if (s2->wbuf != NULL) Free(s2->wbuf);
+ memset(s2,0,sizeof(SSL2_CTX));
+ Free(s2);
+ s->s2=NULL;
+ }
+
+void ssl2_clear(s)
+SSL *s;
+ {
+ SSL2_CTX *s2;
+ unsigned char *rbuf,*wbuf;
+
+ s2=s->s2;
+
+ rbuf=s2->rbuf;
+ wbuf=s2->wbuf;
+
+ memset(s2,0,sizeof(SSL2_CTX));
+
+ s2->rbuf=rbuf;
+ s2->wbuf=wbuf;
+ s2->clear_text=1;
+ s->packet=s2->rbuf;
+ s->version=SSL2_VERSION;
+ s->packet_length=0;
+ }
+
+long ssl2_ctrl(s,cmd,larg,parg)
+SSL *s;
+int cmd;
+long larg;
+char *parg;
+ {
+ int ret=0;
+
+ switch(cmd)
+ {
+ case SSL_CTRL_GET_SESSION_REUSED:
+ ret=s->hit;
+ break;
+ default:
+ break;
+ }
+ return(ret);
+ }
+
+long ssl2_ctx_ctrl(ctx,cmd,larg,parg)
+SSL_CTX *ctx;
+int cmd;
+long larg;
+char *parg;
+ {
+ return(0);
+ }
+
+/* This function needs to check if the ciphers required are actually
+ * available */
+SSL_CIPHER *ssl2_get_cipher_by_char(p)
+unsigned char *p;
+ {
+ static int init=1;
+ static SSL_CIPHER *sorted[SSL2_NUM_CIPHERS];
+ SSL_CIPHER c,*cp= &c,**cpp;
+ unsigned long id;
+ int i;
+
+ if (init)
+ {
+ init=0;
+
+ for (i=0; i<SSL2_NUM_CIPHERS; i++)
+ sorted[i]= &(ssl2_ciphers[i]);
+
+ qsort( (char *)sorted,
+ SSL2_NUM_CIPHERS,sizeof(SSL_CIPHER *),
+ FP_ICC ssl_cipher_ptr_id_cmp);
+ }
+
+ id=0x02000000L|((unsigned long)p[0]<<16L)|
+ ((unsigned long)p[1]<<8L)|(unsigned long)p[2];
+ c.id=id;
+ cpp=(SSL_CIPHER **)OBJ_bsearch((char *)&cp,
+ (char *)sorted,
+ SSL2_NUM_CIPHERS,sizeof(SSL_CIPHER *),
+ (int (*)())ssl_cipher_ptr_id_cmp);
+ if ((cpp == NULL) || !(*cpp)->valid)
+ return(NULL);
+ else
+ return(*cpp);
+ }
+
+int ssl2_put_cipher_by_char(c,p)
+SSL_CIPHER *c;
+unsigned char *p;
+ {
+ long l;
+
+ if (p != NULL)
+ {
+ l=c->id;
+ if ((l & 0xff000000) != 0x02000000) return(0);
+ p[0]=((unsigned char)(l>>16L))&0xFF;
+ p[1]=((unsigned char)(l>> 8L))&0xFF;
+ p[2]=((unsigned char)(l ))&0xFF;
+ }
+ return(3);
+ }
+
+void ssl2_generate_key_material(s)
+SSL *s;
+ {
+ unsigned int i;
+ MD5_CTX ctx;
+ unsigned char *km;
+ unsigned char c='0';
+
+ km=s->s2->key_material;
+ for (i=0; i<s->s2->key_material_length; i+=MD5_DIGEST_LENGTH)
+ {
+ MD5_Init(&ctx);
+
+ MD5_Update(&ctx,s->session->master_key,s->session->master_key_length);
+ MD5_Update(&ctx,(unsigned char *)&c,1);
+ c++;
+ MD5_Update(&ctx,s->s2->challenge,s->s2->challenge_length);
+ MD5_Update(&ctx,s->s2->conn_id,s->s2->conn_id_length);
+ MD5_Final(km,&ctx);
+ km+=MD5_DIGEST_LENGTH;
+ }
+ }
+
+void ssl2_return_error(s,err)
+SSL *s;
+int err;
+ {
+ if (!s->error)
+ {
+ s->error=3;
+ s->error_code=err;
+
+ ssl2_write_error(s);
+ }
+ }
+
+
+void ssl2_write_error(s)
+SSL *s;
+ {
+ char buf[3];
+ int i,error;
+
+ buf[0]=SSL2_MT_ERROR;
+ buf[1]=(s->error_code>>8)&0xff;
+ buf[2]=(s->error_code)&0xff;
+
+/* state=s->rwstate;*/
+ error=s->error;
+ s->error=0;
+ i=ssl2_write(s,&(buf[3-error]),error);
+/* if (i == error) s->rwstate=state; */
+
+ if (i < 0)
+ s->error=error;
+ else if (i != s->error)
+ s->error=error-i;
+ /* else
+ s->error=0; */
+ }
+
+static int ssl2_ok(s)
+SSL *s;
+ {
+ return(1);
+ }
+
+int ssl2_shutdown(s)
+SSL *s;
+ {
+ s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
+ return(1);
+ }
+
diff --git a/src/lib/libssl/src/ssl/s2_meth.c b/src/lib/libssl/src/ssl/s2_meth.c
new file mode 100644
index 0000000000..cfc8828cc7
--- /dev/null
+++ b/src/lib/libssl/src/ssl/s2_meth.c
@@ -0,0 +1,88 @@
+/* ssl/s2_meth.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "objects.h"
+#include "ssl_locl.h"
+
+static SSL_METHOD *ssl2_get_method(ver)
+int ver;
+ {
+ if (ver == SSL2_VERSION)
+ return(SSLv2_method());
+ else
+ return(NULL);
+ }
+
+SSL_METHOD *SSLv2_method()
+ {
+ static int init=1;
+ static SSL_METHOD SSLv2_data;
+
+ if (init)
+ {
+ init=0;
+ memcpy((char *)&SSLv2_data,(char *)sslv2_base_method(),
+ sizeof(SSL_METHOD));
+ SSLv2_data.ssl_connect=ssl2_connect;
+ SSLv2_data.ssl_accept=ssl2_accept;
+ SSLv2_data.get_ssl_method=ssl2_get_method;
+ }
+ return(&SSLv2_data);
+ }
+
diff --git a/src/lib/libssl/src/ssl/s2_pkt.c b/src/lib/libssl/src/ssl/s2_pkt.c
new file mode 100644
index 0000000000..e4167b53af
--- /dev/null
+++ b/src/lib/libssl/src/ssl/s2_pkt.c
@@ -0,0 +1,651 @@
+/* ssl/s2_pkt.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#define USE_SOCKETS
+#include "ssl_locl.h"
+
+/* SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_PEER_ERROR_NO_CIPHER);
+ * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_PEER_ERROR_NO_CERTIFICATE);
+ * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_PEER_ERROR_CERTIFICATE);
+ * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE);
+ * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_UNKNOWN_REMOTE_ERROR_TYPE);
+ */
+
+#ifndef NOPROTO
+static int read_n(SSL *s,unsigned int n,unsigned int max,unsigned int extend);
+static int do_ssl_write(SSL *s, char *buf, unsigned int len);
+static int write_pending(SSL *s, char *buf, unsigned int len);
+static int ssl_mt_error(int n);
+#else
+static int read_n();
+static int do_ssl_write();
+static int write_pending();
+static int ssl_mt_error();
+#endif
+
+int ssl2_peek(s,buf,len)
+SSL *s;
+char *buf;
+int len;
+ {
+ int ret;
+
+ ret=ssl2_read(s,buf,len);
+ if (ret > 0)
+ {
+ s->s2->ract_data_length+=ret;
+ s->s2->ract_data-=ret;
+ }
+ return(ret);
+ }
+
+/* SSL_read -
+ * This routine will return 0 to len bytes, decrypted etc if required.
+ */
+int ssl2_read(s, buf, len)
+SSL *s;
+char *buf;
+int len;
+ {
+ int n;
+ unsigned char mac[MAX_MAC_SIZE];
+ unsigned char *p;
+ int i;
+ unsigned int mac_size=0;
+
+ if (SSL_in_init(s) && !s->in_handshake)
+ {
+ n=s->handshake_func(s);
+ if (n < 0) return(n);
+ if (n == 0)
+ {
+ SSLerr(SSL_F_SSL2_READ,SSL_R_SSL_HANDSHAKE_FAILURE);
+ return(-1);
+ }
+ }
+
+ clear_sys_error();
+ s->rwstate=SSL_NOTHING;
+ if (len <= 0) return(len);
+
+ if (s->s2->ract_data_length != 0) /* read from buffer */
+ {
+ if (len > s->s2->ract_data_length)
+ n=s->s2->ract_data_length;
+ else
+ n=len;
+
+ memcpy(buf,s->s2->ract_data,(unsigned int)n);
+ s->s2->ract_data_length-=n;
+ s->s2->ract_data+=n;
+ if (s->s2->ract_data_length == 0)
+ s->rstate=SSL_ST_READ_HEADER;
+ return(n);
+ }
+
+ if (s->rstate == SSL_ST_READ_HEADER)
+ {
+ if (s->first_packet)
+ {
+ n=read_n(s,5,SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2,0);
+ if (n <= 0) return(n); /* error or non-blocking */
+ s->first_packet=0;
+ p=s->packet;
+ if (!((p[0] & 0x80) && (
+ (p[2] == SSL2_MT_CLIENT_HELLO) ||
+ (p[2] == SSL2_MT_SERVER_HELLO))))
+ {
+ SSLerr(SSL_F_SSL2_READ,SSL_R_NON_SSLV2_INITIAL_PACKET);
+ return(-1);
+ }
+ }
+ else
+ {
+ n=read_n(s,2,SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2,0);
+ if (n <= 0) return(n); /* error or non-blocking */
+ }
+ /* part read stuff */
+
+ s->rstate=SSL_ST_READ_BODY;
+ p=s->packet;
+ /* Do header */
+ /*s->s2->padding=0;*/
+ s->s2->escape=0;
+ s->s2->rlength=(((unsigned int)p[0])<<8)|((unsigned int)p[1]);
+ if ((p[0] & TWO_BYTE_BIT)) /* Two byte header? */
+ {
+ s->s2->three_byte_header=0;
+ s->s2->rlength&=TWO_BYTE_MASK;
+ }
+ else
+ {
+ s->s2->three_byte_header=1;
+ s->s2->rlength&=THREE_BYTE_MASK;
+
+ /* security >s2->escape */
+ s->s2->escape=((p[0] & SEC_ESC_BIT))?1:0;
+ }
+ }
+
+ if (s->rstate == SSL_ST_READ_BODY)
+ {
+ n=s->s2->rlength+2+s->s2->three_byte_header;
+ if (n > (int)s->packet_length)
+ {
+ n-=s->packet_length;
+ i=read_n(s,(unsigned int)n,(unsigned int)n,1);
+ if (i <= 0) return(i); /* ERROR */
+ }
+
+ p= &(s->packet[2]);
+ s->rstate=SSL_ST_READ_HEADER;
+ if (s->s2->three_byte_header)
+ s->s2->padding= *(p++);
+ else s->s2->padding=0;
+
+ /* Data portion */
+ if (s->s2->clear_text)
+ {
+ s->s2->mac_data=p;
+ s->s2->ract_data=p;
+ s->s2->pad_data=NULL;
+ }
+ else
+ {
+ mac_size=EVP_MD_size(s->read_hash);
+ s->s2->mac_data=p;
+ s->s2->ract_data= &p[mac_size];
+ s->s2->pad_data= &p[mac_size+
+ s->s2->rlength-s->s2->padding];
+ }
+
+ s->s2->ract_data_length=s->s2->rlength;
+ /* added a check for length > max_size in case
+ * encryption was not turned on yet due to an error */
+ if ((!s->s2->clear_text) &&
+ (s->s2->rlength >= mac_size))
+ {
+ ssl2_enc(s,0);
+ s->s2->ract_data_length-=mac_size;
+ ssl2_mac(s,mac,0);
+ s->s2->ract_data_length-=s->s2->padding;
+ if ( (memcmp(mac,s->s2->mac_data,
+ (unsigned int)mac_size) != 0) ||
+ (s->s2->rlength%EVP_CIPHER_CTX_block_size(s->enc_read_ctx) != 0))
+ {
+ SSLerr(SSL_F_SSL2_READ,SSL_R_BAD_MAC_DECODE);
+ return(-1);
+ }
+ }
+ INC32(s->s2->read_sequence); /* expect next number */
+ /* s->s2->ract_data is now available for processing */
+
+ /* If a 0 byte packet was sent, return 0, otherwise
+ * we play havoc with people using select with
+ * blocking sockets. Let them handle a packet at a time,
+ * they should really be using non-blocking sockets. */
+ if (s->s2->ract_data_length == 0)
+ return(0);
+ return(ssl2_read(s,buf,len));
+ }
+ else
+ {
+ SSLerr(SSL_F_SSL2_READ,SSL_R_BAD_STATE);
+ return(-1);
+ }
+ }
+
+static int read_n(s, n, max, extend)
+SSL *s;
+unsigned int n;
+unsigned int max;
+unsigned int extend;
+ {
+ int i,off,newb;
+
+ /* if there is stuff still in the buffer from a previous read,
+ * and there is more than we want, take some. */
+ if (s->s2->rbuf_left >= (int)n)
+ {
+ if (extend)
+ s->packet_length+=n;
+ else
+ {
+ s->packet= &(s->s2->rbuf[s->s2->rbuf_offs]);
+ s->packet_length=n;
+ }
+ s->s2->rbuf_left-=n;
+ s->s2->rbuf_offs+=n;
+ return(n);
+ }
+
+ if (!s->read_ahead) max=n;
+ if (max > (unsigned int)(SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2))
+ max=SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2;
+
+
+ /* Else we want more than we have.
+ * First, if there is some left or we want to extend */
+ off=0;
+ if ((s->s2->rbuf_left != 0) || ((s->packet_length != 0) && extend))
+ {
+ newb=s->s2->rbuf_left;
+ if (extend)
+ {
+ off=s->packet_length;
+ if (s->packet != s->s2->rbuf)
+ memcpy(s->s2->rbuf,s->packet,
+ (unsigned int)newb+off);
+ }
+ else if (s->s2->rbuf_offs != 0)
+ {
+ memcpy(s->s2->rbuf,&(s->s2->rbuf[s->s2->rbuf_offs]),
+ (unsigned int)newb);
+ s->s2->rbuf_offs=0;
+ }
+ s->s2->rbuf_left=0;
+ }
+ else
+ newb=0;
+
+ /* off is the offset to start writing too.
+ * r->s2->rbuf_offs is the 'unread data', now 0.
+ * newb is the number of new bytes so far
+ */
+ s->packet=s->s2->rbuf;
+ while (newb < (int)n)
+ {
+ clear_sys_error();
+ if (s->rbio != NULL)
+ {
+ s->rwstate=SSL_READING;
+ i=BIO_read(s->rbio,(char *)&(s->s2->rbuf[off+newb]),
+ max-newb);
+ }
+ else
+ {
+ SSLerr(SSL_F_READ_N,SSL_R_READ_BIO_NOT_SET);
+ i= -1;
+ }
+#ifdef PKT_DEBUG
+ if (s->debug & 0x01) sleep(1);
+#endif
+ if (i <= 0)
+ {
+ s->s2->rbuf_left+=newb;
+ return(i);
+ }
+ newb+=i;
+ }
+
+ /* record unread data */
+ if (newb > (int)n)
+ {
+ s->s2->rbuf_offs=n+off;
+ s->s2->rbuf_left=newb-n;
+ }
+ else
+ {
+ s->s2->rbuf_offs=0;
+ s->s2->rbuf_left=0;
+ }
+ if (extend)
+ s->packet_length+=n;
+ else
+ s->packet_length=n;
+ s->rwstate=SSL_NOTHING;
+ return(n);
+ }
+
+int ssl2_write(s, buf, len)
+SSL *s;
+char *buf;
+int len;
+ {
+ unsigned int n,tot;
+ int i;
+
+ if (SSL_in_init(s) && !s->in_handshake)
+ {
+ i=s->handshake_func(s);
+ if (i < 0) return(i);
+ if (i == 0)
+ {
+ SSLerr(SSL_F_SSL2_WRITE,SSL_R_SSL_HANDSHAKE_FAILURE);
+ return(-1);
+ }
+ }
+
+ if (s->error)
+ {
+ ssl2_write_error(s);
+ if (s->error)
+ return(-1);
+ }
+
+ clear_sys_error();
+ s->rwstate=SSL_NOTHING;
+ if (len <= 0) return(len);
+
+ tot=s->s2->wnum;
+ s->s2->wnum=0;
+
+ n=(len-tot);
+ for (;;)
+ {
+ i=do_ssl_write(s,&(buf[tot]),n);
+ if (i <= 0)
+ {
+ s->s2->wnum=tot;
+ return(i);
+ }
+ if (i == (int)n) return(tot+i);
+
+ n-=i;
+ tot+=i;
+ }
+ }
+
+static int write_pending(s,buf,len)
+SSL *s;
+char *buf;
+unsigned int len;
+ {
+ int i;
+
+ /* s->s2->wpend_len != 0 MUST be true. */
+
+ /* check that they have given us the same buffer to
+ * write */
+ if ((s->s2->wpend_tot > (int)len) || (s->s2->wpend_buf != buf))
+ {
+ SSLerr(SSL_F_WRITE_PENDING,SSL_R_BAD_WRITE_RETRY);
+ return(-1);
+ }
+
+ for (;;)
+ {
+ clear_sys_error();
+ if (s->wbio != NULL)
+ {
+ s->rwstate=SSL_WRITING;
+ i=BIO_write(s->wbio,
+ (char *)&(s->s2->write_ptr[s->s2->wpend_off]),
+ (unsigned int)s->s2->wpend_len);
+ }
+ else
+ {
+ SSLerr(SSL_F_WRITE_PENDING,SSL_R_WRITE_BIO_NOT_SET);
+ i= -1;
+ }
+#ifdef PKT_DEBUG
+ if (s->debug & 0x01) sleep(1);
+#endif
+ if (i == s->s2->wpend_len)
+ {
+ s->s2->wpend_len=0;
+ s->rwstate=SSL_NOTHING;
+ return(s->s2->wpend_ret);
+ }
+ else if (i <= 0)
+ return(i);
+ s->s2->wpend_off+=i;
+ s->s2->wpend_len-=i;
+ }
+ }
+
+static int do_ssl_write(s, buf, len)
+SSL *s;
+char *buf;
+unsigned int len;
+ {
+ unsigned int j,k,olen,p,mac_size,bs;
+ register unsigned char *pp;
+
+ olen=len;
+
+ /* first check if there is data from an encryption waiting to
+ * be sent - it must be sent because the other end is waiting.
+ * This will happen with non-blocking IO. We print it and then
+ * return.
+ */
+ if (s->s2->wpend_len != 0) return(write_pending(s,buf,len));
+
+ /* set mac_size to mac size */
+ if (s->s2->clear_text)
+ mac_size=0;
+ else
+ mac_size=EVP_MD_size(s->write_hash);
+
+ /* lets set the pad p */
+ if (s->s2->clear_text)
+ {
+ if (len > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER)
+ len=SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER;
+ p=0;
+ s->s2->three_byte_header=0;
+ /* len=len; */
+ }
+ else
+ {
+ bs=EVP_CIPHER_CTX_block_size(s->enc_read_ctx);
+ j=len+mac_size;
+ if ((j > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) &&
+ (!s->s2->escape))
+ {
+ if (j > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER)
+ j=SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER;
+ /* set k to the max number of bytes with 2
+ * byte header */
+ k=j-(j%bs);
+ /* how many data bytes? */
+ len=k-mac_size;
+ s->s2->three_byte_header=0;
+ p=0;
+ }
+ else if ((bs <= 1) && (!s->s2->escape))
+ {
+ /* len=len; */
+ s->s2->three_byte_header=0;
+ p=0;
+ }
+ else /* 3 byte header */
+ {
+ /*len=len; */
+ p=(j%bs);
+ p=(p == 0)?0:(bs-p);
+ if (s->s2->escape)
+ s->s2->three_byte_header=1;
+ else
+ s->s2->three_byte_header=(p == 0)?0:1;
+ }
+ }
+ /* mac_size is the number of MAC bytes
+ * len is the number of data bytes we are going to send
+ * p is the number of padding bytes
+ * if p == 0, it is a 2 byte header */
+
+ s->s2->wlength=len;
+ s->s2->padding=p;
+ s->s2->mac_data= &(s->s2->wbuf[3]);
+ s->s2->wact_data= &(s->s2->wbuf[3+mac_size]);
+ /* we copy the data into s->s2->wbuf */
+ memcpy(s->s2->wact_data,buf,len);
+#ifdef PURIFY
+ if (p)
+ memset(&(s->s2->wact_data[len]),0,p);
+#endif
+
+ if (!s->s2->clear_text)
+ {
+ s->s2->wact_data_length=len+p;
+ ssl2_mac(s,s->s2->mac_data,1);
+ s->s2->wlength+=p+mac_size;
+ ssl2_enc(s,1);
+ }
+
+ /* package up the header */
+ s->s2->wpend_len=s->s2->wlength;
+ if (s->s2->three_byte_header) /* 3 byte header */
+ {
+ pp=s->s2->mac_data;
+ pp-=3;
+ pp[0]=(s->s2->wlength>>8)&(THREE_BYTE_MASK>>8);
+ if (s->s2->escape) pp[0]|=SEC_ESC_BIT;
+ pp[1]=s->s2->wlength&0xff;
+ pp[2]=s->s2->padding;
+ s->s2->wpend_len+=3;
+ }
+ else
+ {
+ pp=s->s2->mac_data;
+ pp-=2;
+ pp[0]=((s->s2->wlength>>8)&(TWO_BYTE_MASK>>8))|TWO_BYTE_BIT;
+ pp[1]=s->s2->wlength&0xff;
+ s->s2->wpend_len+=2;
+ }
+ s->s2->write_ptr=pp;
+
+ INC32(s->s2->write_sequence); /* expect next number */
+
+ /* lets try to actually write the data */
+ s->s2->wpend_tot=olen;
+ s->s2->wpend_buf=(char *)buf;
+
+ s->s2->wpend_ret=len;
+
+ s->s2->wpend_off=0;
+ return(write_pending(s,buf,olen));
+ }
+
+int ssl2_part_read(s,f,i)
+SSL *s;
+unsigned long f;
+int i;
+ {
+ unsigned char *p;
+ int j;
+
+ /* check for error */
+ if ((s->init_num == 0) && (i >= 3))
+ {
+ p=(unsigned char *)s->init_buf->data;
+ if (p[0] == SSL2_MT_ERROR)
+ {
+ j=(p[1]<<8)|p[2];
+ SSLerr((int)f,ssl_mt_error(j));
+ }
+ }
+
+ if (i < 0)
+ {
+ /* ssl2_return_error(s); */
+ /* for non-blocking io,
+ * this is not fatal */
+ return(i);
+ }
+ else
+ {
+ s->init_num+=i;
+ return(0);
+ }
+ }
+
+int ssl2_do_write(s)
+SSL *s;
+ {
+ int ret;
+
+ ret=ssl2_write(s,(char *)&(s->init_buf->data[s->init_off]),
+ s->init_num);
+ if (ret == s->init_num)
+ return(1);
+ if (ret < 0)
+ return(-1);
+ s->init_off+=ret;
+ s->init_num-=ret;
+ return(0);
+ }
+
+static int ssl_mt_error(n)
+int n;
+ {
+ int ret;
+
+ switch (n)
+ {
+ case SSL2_PE_NO_CIPHER:
+ ret=SSL_R_PEER_ERROR_NO_CIPHER;
+ break;
+ case SSL2_PE_NO_CERTIFICATE:
+ ret=SSL_R_PEER_ERROR_NO_CERTIFICATE;
+ break;
+ case SSL2_PE_BAD_CERTIFICATE:
+ ret=SSL_R_PEER_ERROR_CERTIFICATE;
+ break;
+ case SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE:
+ ret=SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE;
+ break;
+ default:
+ ret=SSL_R_UNKNOWN_REMOTE_ERROR_TYPE;
+ break;
+ }
+ return(ret);
+ }
diff --git a/src/lib/libssl/src/ssl/s2_srvr.c b/src/lib/libssl/src/ssl/s2_srvr.c
new file mode 100644
index 0000000000..c6c8ea32f1
--- /dev/null
+++ b/src/lib/libssl/src/ssl/s2_srvr.c
@@ -0,0 +1,964 @@
+/* ssl/s2_srvr.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "bio.h"
+#include "rand.h"
+#include "objects.h"
+#include "ssl_locl.h"
+#include "evp.h"
+
+#ifndef NOPROTO
+static int get_client_master_key(SSL *s);
+static int get_client_hello(SSL *s);
+static int server_hello(SSL *s);
+static int get_client_finished(SSL *s);
+static int server_verify(SSL *s);
+static int server_finish(SSL *s);
+static int request_certificate(SSL *s);
+static int ssl_rsa_private_decrypt(CERT *c, int len, unsigned char *from,
+ unsigned char *to,int padding);
+#else
+static int get_client_master_key();
+static int get_client_hello();
+static int server_hello();
+static int get_client_finished();
+static int server_verify();
+static int server_finish();
+static int request_certificate();
+static int ssl_rsa_private_decrypt();
+#endif
+
+#define BREAK break
+
+static SSL_METHOD *ssl2_get_server_method(ver)
+int ver;
+ {
+ if (ver == SSL2_VERSION)
+ return(SSLv2_server_method());
+ else
+ return(NULL);
+ }
+
+SSL_METHOD *SSLv2_server_method()
+ {
+ static int init=1;
+ static SSL_METHOD SSLv2_server_data;
+
+ if (init)
+ {
+ init=0;
+ memcpy((char *)&SSLv2_server_data,(char *)sslv2_base_method(),
+ sizeof(SSL_METHOD));
+ SSLv2_server_data.ssl_accept=ssl2_accept;
+ SSLv2_server_data.get_ssl_method=ssl2_get_server_method;
+ }
+ return(&SSLv2_server_data);
+ }
+
+int ssl2_accept(s)
+SSL *s;
+ {
+ unsigned long l=time(NULL);
+ BUF_MEM *buf=NULL;
+ int ret= -1;
+ long num1;
+ void (*cb)()=NULL;
+ int new_state,state;
+
+ RAND_seed((unsigned char *)&l,sizeof(l));
+ ERR_clear_error();
+ clear_sys_error();
+
+ if (s->info_callback != NULL)
+ cb=s->info_callback;
+ else if (s->ctx->info_callback != NULL)
+ cb=s->ctx->info_callback;
+
+ /* init things to blank */
+ if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
+ s->in_handshake++;
+
+ if (((s->session == NULL) || (s->session->cert == NULL)) &&
+ (s->cert == NULL))
+ {
+ SSLerr(SSL_F_SSL2_ACCEPT,SSL_R_NO_CERTIFICATE_SET);
+ return(-1);
+ }
+
+ clear_sys_error();
+ for (;;)
+ {
+ state=s->state;
+
+ switch (s->state)
+ {
+ case SSL_ST_BEFORE:
+ case SSL_ST_ACCEPT:
+ case SSL_ST_BEFORE|SSL_ST_ACCEPT:
+ case SSL_ST_OK|SSL_ST_ACCEPT:
+
+ if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
+
+ s->version=SSL2_VERSION;
+ s->type=SSL_ST_ACCEPT;
+
+ buf=s->init_buf;
+ if ((buf == NULL) && ((buf=BUF_MEM_new()) == NULL))
+ { ret= -1; goto end; }
+ if (!BUF_MEM_grow(buf,(int)
+ SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER))
+ { ret= -1; goto end; }
+ s->init_buf=buf;
+ s->init_num=0;
+ s->ctx->sess_accept++;
+ s->handshake_func=ssl2_accept;
+ s->state=SSL2_ST_GET_CLIENT_HELLO_A;
+ BREAK;
+
+ case SSL2_ST_GET_CLIENT_HELLO_A:
+ case SSL2_ST_GET_CLIENT_HELLO_B:
+ case SSL2_ST_GET_CLIENT_HELLO_C:
+ s->shutdown=0;
+ ret=get_client_hello(s);
+ if (ret <= 0) goto end;
+ s->init_num=0;
+ s->state=SSL2_ST_SEND_SERVER_HELLO_A;
+ BREAK;
+
+ case SSL2_ST_SEND_SERVER_HELLO_A:
+ case SSL2_ST_SEND_SERVER_HELLO_B:
+ ret=server_hello(s);
+ if (ret <= 0) goto end;
+ s->init_num=0;
+ if (!s->hit)
+ {
+ s->state=SSL2_ST_GET_CLIENT_MASTER_KEY_A;
+ BREAK;
+ }
+ else
+ {
+ s->state=SSL2_ST_SERVER_START_ENCRYPTION;
+ BREAK;
+ }
+ case SSL2_ST_GET_CLIENT_MASTER_KEY_A:
+ case SSL2_ST_GET_CLIENT_MASTER_KEY_B:
+ ret=get_client_master_key(s);
+ if (ret <= 0) goto end;
+ s->init_num=0;
+ s->state=SSL2_ST_SERVER_START_ENCRYPTION;
+ BREAK;
+
+ case SSL2_ST_SERVER_START_ENCRYPTION:
+ /* Ok we how have sent all the stuff needed to
+ * start encrypting, the next packet back will
+ * be encrypted. */
+ if (!ssl2_enc_init(s,0))
+ { ret= -1; goto end; }
+ s->s2->clear_text=0;
+ s->state=SSL2_ST_SEND_SERVER_VERIFY_A;
+ BREAK;
+
+ case SSL2_ST_SEND_SERVER_VERIFY_A:
+ case SSL2_ST_SEND_SERVER_VERIFY_B:
+ ret=server_verify(s);
+ if (ret <= 0) goto end;
+ s->init_num=0;
+ if (s->hit)
+ {
+ /* If we are in here, we have been
+ * buffering the output, so we need to
+ * flush it and remove buffering from
+ * future traffic */
+ s->state=SSL2_ST_SEND_SERVER_VERIFY_C;
+ BREAK;
+ }
+ else
+ {
+ s->state=SSL2_ST_GET_CLIENT_FINISHED_A;
+ break;
+ }
+
+ case SSL2_ST_SEND_SERVER_VERIFY_C:
+ /* get the number of bytes to write */
+ num1=BIO_ctrl(s->wbio,BIO_CTRL_INFO,0,NULL);
+ if (num1 != 0)
+ {
+ s->rwstate=SSL_WRITING;
+ num1=BIO_flush(s->wbio);
+ if (num1 <= 0) { ret= -1; goto end; }
+ s->rwstate=SSL_NOTHING;
+ }
+
+ /* flushed and now remove buffering */
+ s->wbio=BIO_pop(s->wbio);
+
+ s->state=SSL2_ST_GET_CLIENT_FINISHED_A;
+ BREAK;
+
+ case SSL2_ST_GET_CLIENT_FINISHED_A:
+ case SSL2_ST_GET_CLIENT_FINISHED_B:
+ ret=get_client_finished(s);
+ if (ret <= 0)
+ goto end;
+ s->init_num=0;
+ s->state=SSL2_ST_SEND_REQUEST_CERTIFICATE_A;
+ BREAK;
+
+ case SSL2_ST_SEND_REQUEST_CERTIFICATE_A:
+ case SSL2_ST_SEND_REQUEST_CERTIFICATE_B:
+ case SSL2_ST_SEND_REQUEST_CERTIFICATE_C:
+ case SSL2_ST_SEND_REQUEST_CERTIFICATE_D:
+ /* don't do a 'request certificate' if we
+ * don't want to, or we already have one, and
+ * we only want to do it once. */
+ if (!(s->verify_mode & SSL_VERIFY_PEER) ||
+ ((s->session->peer != NULL) &&
+ (s->verify_mode & SSL_VERIFY_CLIENT_ONCE)))
+ {
+ s->state=SSL2_ST_SEND_SERVER_FINISHED_A;
+ break;
+ }
+ else
+ {
+ ret=request_certificate(s);
+ if (ret <= 0) goto end;
+ s->init_num=0;
+ s->state=SSL2_ST_SEND_SERVER_FINISHED_A;
+ }
+ BREAK;
+
+ case SSL2_ST_SEND_SERVER_FINISHED_A:
+ case SSL2_ST_SEND_SERVER_FINISHED_B:
+ ret=server_finish(s);
+ if (ret <= 0) goto end;
+ s->init_num=0;
+ s->state=SSL_ST_OK;
+ break;
+
+ case SSL_ST_OK:
+ BUF_MEM_free(s->init_buf);
+ s->init_buf=NULL;
+ s->init_num=0;
+ /* ERR_clear_error();*/
+
+ ssl_update_cache(s,SSL_SESS_CACHE_SERVER);
+
+ s->ctx->sess_accept_good++;
+ /* s->server=1; */
+ ret=1;
+
+ if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1);
+
+ goto end;
+ /* BREAK; */
+
+ default:
+ SSLerr(SSL_F_SSL2_ACCEPT,SSL_R_UNKNOWN_STATE);
+ ret= -1;
+ goto end;
+ /* BREAK; */
+ }
+
+ if ((cb != NULL) && (s->state != state))
+ {
+ new_state=s->state;
+ s->state=state;
+ cb(s,SSL_CB_ACCEPT_LOOP,1);
+ s->state=new_state;
+ }
+ }
+end:
+ s->in_handshake--;
+ if (cb != NULL)
+ cb(s,SSL_CB_ACCEPT_EXIT,ret);
+ return(ret);
+ }
+
+static int get_client_master_key(s)
+SSL *s;
+ {
+ int export,i,n,keya,error=0,ek;
+ unsigned char *p;
+ SSL_CIPHER *cp;
+ EVP_CIPHER *c;
+ EVP_MD *md;
+
+ p=(unsigned char *)s->init_buf->data;
+ if (s->state == SSL2_ST_GET_CLIENT_MASTER_KEY_A)
+ {
+ i=ssl2_read(s,(char *)&(p[s->init_num]),10-s->init_num);
+
+ if (i < (10-s->init_num))
+ return(ssl2_part_read(s,SSL_F_GET_CLIENT_MASTER_KEY,i));
+ if (*(p++) != SSL2_MT_CLIENT_MASTER_KEY)
+ {
+ if (p[-1] != SSL2_MT_ERROR)
+ {
+ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_READ_WRONG_PACKET_TYPE);
+ }
+ else
+ SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,
+ SSL_R_PEER_ERROR);
+ return(-1);
+ }
+
+ cp=ssl2_get_cipher_by_char(p);
+ if (cp == NULL)
+ {
+ ssl2_return_error(s,SSL2_PE_NO_CIPHER);
+ SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,
+ SSL_R_NO_CIPHER_MATCH);
+ return(-1);
+ }
+ s->session->cipher= cp;
+
+ p+=3;
+ n2s(p,i); s->s2->tmp.clear=i;
+ n2s(p,i); s->s2->tmp.enc=i;
+ n2s(p,i); s->session->key_arg_length=i;
+ s->state=SSL2_ST_GET_CLIENT_MASTER_KEY_B;
+ s->init_num=0;
+ }
+
+ /* SSL2_ST_GET_CLIENT_MASTER_KEY_B */
+ p=(unsigned char *)s->init_buf->data;
+ keya=s->session->key_arg_length;
+ n=s->s2->tmp.clear+s->s2->tmp.enc+keya - s->init_num;
+ i=ssl2_read(s,(char *)&(p[s->init_num]),n);
+ if (i != n) return(ssl2_part_read(s,SSL_F_GET_CLIENT_MASTER_KEY,i));
+
+ memcpy(s->session->key_arg,&(p[s->s2->tmp.clear+s->s2->tmp.enc]),
+ (unsigned int)keya);
+
+ if (s->session->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL)
+ {
+ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_NO_PRIVATEKEY);
+ return(-1);
+ }
+ i=ssl_rsa_private_decrypt(s->cert,s->s2->tmp.enc,
+ &(p[s->s2->tmp.clear]),&(p[s->s2->tmp.clear]),
+ (s->s2->ssl2_rollback)?RSA_SSLV23_PADDING:RSA_PKCS1_PADDING);
+
+ export=(s->session->cipher->algorithms & SSL_EXP)?1:0;
+
+ if (!ssl_cipher_get_evp(s->session->cipher,&c,&md))
+ {
+ ssl2_return_error(s,SSL2_PE_NO_CIPHER);
+ SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);
+ return(0);
+ }
+
+ if (s->session->cipher->algorithm2 & SSL2_CF_8_BYTE_ENC)
+ {
+ export=1;
+ ek=8;
+ }
+ else
+ ek=5;
+
+ /* bad decrypt */
+#if 1
+ /* If a bad decrypt, continue with protocol but with a
+ * dud master secret */
+ if ((i < 0) ||
+ ((!export && (i != EVP_CIPHER_key_length(c)))
+ || ( export && ((i != ek) || (s->s2->tmp.clear+i !=
+ EVP_CIPHER_key_length(c))))))
+ {
+ if (export)
+ i=ek;
+ else
+ i=EVP_CIPHER_key_length(c);
+ RAND_bytes(p,i);
+ }
+#else
+ if (i < 0)
+ {
+ error=1;
+ SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_BAD_RSA_DECRYPT);
+ }
+ /* incorrect number of key bytes for non export cipher */
+ else if ((!export && (i != EVP_CIPHER_key_length(c)))
+ || ( export && ((i != ek) || (s->s2->tmp.clear+i !=
+ EVP_CIPHER_key_length(c)))))
+ {
+ error=1;
+ SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_WRONG_NUMBER_OF_KEY_BITS);
+ }
+ if (error)
+ {
+ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
+ return(-1);
+ }
+#endif
+
+ if (export) i+=s->s2->tmp.clear;
+ s->session->master_key_length=i;
+ memcpy(s->session->master_key,p,(unsigned int)i);
+ return(1);
+ }
+
+static int get_client_hello(s)
+SSL *s;
+ {
+ int i,n;
+ unsigned char *p;
+ STACK *cs; /* a stack of SSL_CIPHERS */
+ STACK *cl; /* the ones we want to use */
+ int z;
+
+ /* This is a bit of a hack to check for the correct packet
+ * type the first time round. */
+ if (s->state == SSL2_ST_GET_CLIENT_HELLO_A)
+ {
+ s->first_packet=1;
+ s->state=SSL2_ST_GET_CLIENT_HELLO_B;
+ }
+
+ p=(unsigned char *)s->init_buf->data;
+ if (s->state == SSL2_ST_GET_CLIENT_HELLO_B)
+ {
+ i=ssl2_read(s,(char *)&(p[s->init_num]),9-s->init_num);
+ if (i < (9-s->init_num))
+ return(ssl2_part_read(s,SSL_F_GET_CLIENT_HELLO,i));
+
+ if (*(p++) != SSL2_MT_CLIENT_HELLO)
+ {
+ if (p[-1] != SSL2_MT_ERROR)
+ {
+ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_READ_WRONG_PACKET_TYPE);
+ }
+ else
+ SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_PEER_ERROR);
+ return(-1);
+ }
+ n2s(p,i);
+ if (i < s->version) s->version=i;
+ n2s(p,i); s->s2->tmp.cipher_spec_length=i;
+ n2s(p,i); s->s2->tmp.session_id_length=i;
+ n2s(p,i); s->s2->challenge_length=i;
+ if ( (i < SSL2_MIN_CHALLENGE_LENGTH) ||
+ (i > SSL2_MAX_CHALLENGE_LENGTH))
+ {
+ SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_INVALID_CHALLENGE_LENGTH);
+ return(-1);
+ }
+ s->state=SSL2_ST_GET_CLIENT_HELLO_C;
+ s->init_num=0;
+ }
+
+ /* SSL2_ST_GET_CLIENT_HELLO_C */
+ p=(unsigned char *)s->init_buf->data;
+ n=s->s2->tmp.cipher_spec_length+s->s2->challenge_length+
+ s->s2->tmp.session_id_length-s->init_num;
+ i=ssl2_read(s,(char *)&(p[s->init_num]),n);
+ if (i != n) return(ssl2_part_read(s,SSL_F_GET_CLIENT_HELLO,i));
+
+ /* get session-id before cipher stuff so we can get out session
+ * structure if it is cached */
+ /* session-id */
+ if ((s->s2->tmp.session_id_length != 0) &&
+ (s->s2->tmp.session_id_length != SSL2_SSL_SESSION_ID_LENGTH))
+ {
+ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_BAD_SSL_SESSION_ID_LENGTH);
+ return(-1);
+ }
+
+ if (s->s2->tmp.session_id_length == 0)
+ {
+ if (!ssl_get_new_session(s,1))
+ {
+ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
+ return(-1);
+ }
+ }
+ else
+ {
+ i=ssl_get_prev_session(s,&(p[s->s2->tmp.cipher_spec_length]),
+ s->s2->tmp.session_id_length);
+ if (i == 1)
+ { /* previous session */
+ s->hit=1;
+ }
+ else if (i == -1)
+ {
+ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
+ return(-1);
+ }
+ else
+ {
+ if (s->cert == NULL)
+ {
+ ssl2_return_error(s,SSL2_PE_NO_CERTIFICATE);
+ SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_NO_CERTIFICATE_SET);
+ return(-1);
+ }
+
+ if (!ssl_get_new_session(s,1))
+ {
+ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
+ return(-1);
+ }
+ }
+ }
+
+ if (!s->hit)
+ {
+ cs=ssl_bytes_to_cipher_list(s,p,s->s2->tmp.cipher_spec_length,
+ &s->session->ciphers);
+ if (cs == NULL) goto mem_err;
+
+ cl=ssl_get_ciphers_by_id(s);
+
+ for (z=0; z<sk_num(cs); z++)
+ {
+ if (sk_find(cl,sk_value(cs,z)) < 0)
+ {
+ sk_delete(cs,z);
+ z--;
+ }
+ }
+
+ /* s->session->ciphers should now have a list of
+ * ciphers that are on both the client and server.
+ * This list is ordered by the order the client sent
+ * the ciphers.
+ */
+ }
+ p+=s->s2->tmp.cipher_spec_length;
+ /* done cipher selection */
+
+ /* session id extracted already */
+ p+=s->s2->tmp.session_id_length;
+
+ /* challenge */
+ memcpy(s->s2->challenge,p,(unsigned int)s->s2->challenge_length);
+ return(1);
+mem_err:
+ SSLerr(SSL_F_GET_CLIENT_HELLO,ERR_R_MALLOC_FAILURE);
+ return(0);
+ }
+
+static int server_hello(s)
+SSL *s;
+ {
+ unsigned char *p,*d;
+ int n,hit;
+ STACK *sk;
+
+ p=(unsigned char *)s->init_buf->data;
+ if (s->state == SSL2_ST_SEND_SERVER_HELLO_A)
+ {
+ d=p+11;
+ *(p++)=SSL2_MT_SERVER_HELLO; /* type */
+ hit=s->hit;
+ *(p++)=(unsigned char)hit;
+ if (!hit)
+ { /* else add cert to session */
+ CRYPTO_add(&s->cert->references,1,CRYPTO_LOCK_SSL_CERT);
+ if (s->session->cert != NULL)
+ ssl_cert_free(s->session->cert);
+ s->session->cert=s->cert;
+ }
+ else /* We have a session id-cache hit, if the
+ * session-id has no certificate listed against
+ * the 'cert' structure, grab the 'old' one
+ * listed against the SSL connection */
+ {
+ if (s->session->cert == NULL)
+ {
+ CRYPTO_add(&s->cert->references,1,
+ CRYPTO_LOCK_SSL_CERT);
+ s->session->cert=s->cert;
+ }
+ }
+
+ if (s->session->cert == NULL)
+ {
+ ssl2_return_error(s,SSL2_PE_NO_CERTIFICATE);
+ SSLerr(SSL_F_SERVER_HELLO,SSL_R_NO_CERTIFICATE_SPECIFIED);
+ return(-1);
+ }
+
+ if (hit)
+ {
+ *(p++)=0; /* no certificate type */
+ s2n(s->version,p); /* version */
+ s2n(0,p); /* cert len */
+ s2n(0,p); /* ciphers len */
+ }
+ else
+ {
+ /* EAY EAY */
+ /* put certificate type */
+ *(p++)=SSL2_CT_X509_CERTIFICATE;
+ s2n(s->version,p); /* version */
+ n=i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,NULL);
+ s2n(n,p); /* certificate length */
+ i2d_X509(s->cert->pkeys[SSL_PKEY_RSA_ENC].x509,&d);
+ n=0;
+
+ /* lets send out the ciphers we like in the
+ * prefered order */
+ sk= s->session->ciphers;
+ n=ssl_cipher_list_to_bytes(s,s->session->ciphers,d);
+ d+=n;
+ s2n(n,p); /* add cipher length */
+ }
+
+ /* make and send conn_id */
+ s2n(SSL2_CONNECTION_ID_LENGTH,p); /* add conn_id length */
+ s->s2->conn_id_length=SSL2_CONNECTION_ID_LENGTH;
+ RAND_bytes(s->s2->conn_id,(int)s->s2->conn_id_length);
+ memcpy(d,s->s2->conn_id,SSL2_CONNECTION_ID_LENGTH);
+ d+=SSL2_CONNECTION_ID_LENGTH;
+
+ s->state=SSL2_ST_SEND_SERVER_HELLO_B;
+ s->init_num=d-(unsigned char *)s->init_buf->data;
+ s->init_off=0;
+ }
+ /* SSL2_ST_SEND_SERVER_HELLO_B */
+ /* If we are using TCP/IP, the performace is bad if we do 2
+ * writes without a read between them. This occurs when
+ * Session-id reuse is used, so I will put in a buffering module
+ */
+ if (s->hit)
+ {
+ if (!ssl_init_wbio_buffer(s,1)) return(-1);
+ }
+
+ return(ssl2_do_write(s));
+ }
+
+static int get_client_finished(s)
+SSL *s;
+ {
+ unsigned char *p;
+ int i;
+
+ p=(unsigned char *)s->init_buf->data;
+ if (s->state == SSL2_ST_GET_CLIENT_FINISHED_A)
+ {
+ i=ssl2_read(s,(char *)&(p[s->init_num]),1-s->init_num);
+ if (i < 1-s->init_num)
+ return(ssl2_part_read(s,SSL_F_GET_CLIENT_FINISHED,i));
+
+ if (*p != SSL2_MT_CLIENT_FINISHED)
+ {
+ if (*p != SSL2_MT_ERROR)
+ {
+ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_GET_CLIENT_FINISHED,SSL_R_READ_WRONG_PACKET_TYPE);
+ }
+ else
+ SSLerr(SSL_F_GET_CLIENT_FINISHED,SSL_R_PEER_ERROR);
+ return(-1);
+ }
+ s->init_num=0;
+ s->state=SSL2_ST_GET_CLIENT_FINISHED_B;
+ }
+
+ /* SSL2_ST_GET_CLIENT_FINISHED_B */
+ i=ssl2_read(s,(char *)&(p[s->init_num]),s->s2->conn_id_length-s->init_num);
+ if (i < (int)s->s2->conn_id_length-s->init_num)
+ {
+ return(ssl2_part_read(s,SSL_F_GET_CLIENT_FINISHED,i));
+ }
+ if (memcmp(p,s->s2->conn_id,(unsigned int)s->s2->conn_id_length) != 0)
+ {
+ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_GET_CLIENT_FINISHED,SSL_R_CONNECTION_ID_IS_DIFFERENT);
+ return(-1);
+ }
+ return(1);
+ }
+
+static int server_verify(s)
+SSL *s;
+ {
+ unsigned char *p;
+
+ if (s->state == SSL2_ST_SEND_SERVER_VERIFY_A)
+ {
+ p=(unsigned char *)s->init_buf->data;
+ *(p++)=SSL2_MT_SERVER_VERIFY;
+ memcpy(p,s->s2->challenge,(unsigned int)s->s2->challenge_length);
+ /* p+=s->s2->challenge_length; */
+
+ s->state=SSL2_ST_SEND_SERVER_VERIFY_B;
+ s->init_num=s->s2->challenge_length+1;
+ s->init_off=0;
+ }
+ return(ssl2_do_write(s));
+ }
+
+static int server_finish(s)
+SSL *s;
+ {
+ unsigned char *p;
+
+ if (s->state == SSL2_ST_SEND_SERVER_FINISHED_A)
+ {
+ p=(unsigned char *)s->init_buf->data;
+ *(p++)=SSL2_MT_SERVER_FINISHED;
+
+ memcpy(p,s->session->session_id,
+ (unsigned int)s->session->session_id_length);
+ /* p+=s->session->session_id_length; */
+
+ s->state=SSL2_ST_SEND_SERVER_FINISHED_B;
+ s->init_num=s->session->session_id_length+1;
+ s->init_off=0;
+ }
+
+ /* SSL2_ST_SEND_SERVER_FINISHED_B */
+ return(ssl2_do_write(s));
+ }
+
+/* send the request and check the response */
+static int request_certificate(s)
+SSL *s;
+ {
+ unsigned char *p,*p2,*buf2;
+ unsigned char *ccd;
+ int i,j,ctype,ret= -1;
+ X509 *x509=NULL;
+ STACK *sk=NULL;
+
+ ccd=s->s2->tmp.ccl;
+ if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_A)
+ {
+ p=(unsigned char *)s->init_buf->data;
+ *(p++)=SSL2_MT_REQUEST_CERTIFICATE;
+ *(p++)=SSL2_AT_MD5_WITH_RSA_ENCRYPTION;
+ RAND_bytes(ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH);
+ memcpy(p,ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH);
+
+ s->state=SSL2_ST_SEND_REQUEST_CERTIFICATE_B;
+ s->init_num=SSL2_MIN_CERT_CHALLENGE_LENGTH+2;
+ s->init_off=0;
+ }
+
+ if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_B)
+ {
+ i=ssl2_do_write(s);
+ if (i <= 0)
+ {
+ ret=i;
+ goto end;
+ }
+
+ s->init_num=0;
+ s->state=SSL2_ST_SEND_REQUEST_CERTIFICATE_C;
+ }
+
+ if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_C)
+ {
+ p=(unsigned char *)s->init_buf->data;
+ i=ssl2_read(s,(char *)&(p[s->init_num]),6-s->init_num);
+ if (i < 3)
+ {
+ ret=ssl2_part_read(s,SSL_F_REQUEST_CERTIFICATE,i);
+ goto end;
+ }
+
+ if ((*p == SSL2_MT_ERROR) && (i >= 3))
+ {
+ n2s(p,i);
+ if (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)
+ {
+ ssl2_return_error(s,SSL2_PE_BAD_CERTIFICATE);
+ SSLerr(SSL_F_REQUEST_CERTIFICATE,SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
+ goto end;
+ }
+ ret=1;
+ goto end;
+ }
+ if ((*(p++) != SSL2_MT_CLIENT_CERTIFICATE) || (i < 6))
+ {
+ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_REQUEST_CERTIFICATE,SSL_R_SHORT_READ);
+ goto end;
+ }
+ /* ok we have a response */
+ /* certificate type, there is only one right now. */
+ ctype= *(p++);
+ if (ctype != SSL2_AT_MD5_WITH_RSA_ENCRYPTION)
+ {
+ ssl2_return_error(s,SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE);
+ SSLerr(SSL_F_REQUEST_CERTIFICATE,SSL_R_BAD_RESPONSE_ARGUMENT);
+ goto end;
+ }
+ n2s(p,i); s->s2->tmp.clen=i;
+ n2s(p,i); s->s2->tmp.rlen=i;
+ s->state=SSL2_ST_SEND_REQUEST_CERTIFICATE_D;
+ s->init_num=0;
+ }
+
+ /* SSL2_ST_SEND_REQUEST_CERTIFICATE_D */
+ p=(unsigned char *)s->init_buf->data;
+ j=s->s2->tmp.clen+s->s2->tmp.rlen-s->init_num;
+ i=ssl2_read(s,(char *)&(p[s->init_num]),j);
+ if (i < j)
+ {
+ ret=ssl2_part_read(s,SSL_F_REQUEST_CERTIFICATE,i);
+ goto end;
+ }
+
+ x509=(X509 *)d2i_X509(NULL,&p,(long)s->s2->tmp.clen);
+ if (x509 == NULL)
+ {
+ SSLerr(SSL_F_REQUEST_CERTIFICATE,ERR_R_X509_LIB);
+ goto msg_end;
+ }
+
+ if (((sk=sk_new_null()) == NULL) || (!sk_push(sk,(char *)x509)))
+ {
+ SSLerr(SSL_F_REQUEST_CERTIFICATE,ERR_R_MALLOC_FAILURE);
+ goto msg_end;
+ }
+
+ i=ssl_verify_cert_chain(s,sk);
+
+ if (i) /* we like the packet, now check the chksum */
+ {
+ EVP_MD_CTX ctx;
+ EVP_PKEY *pkey=NULL;
+
+ EVP_VerifyInit(&ctx,s->ctx->rsa_md5);
+ EVP_VerifyUpdate(&ctx,s->s2->key_material,
+ (unsigned int)s->s2->key_material_length);
+ EVP_VerifyUpdate(&ctx,ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH);
+
+ i=i2d_X509(s->session->cert->pkeys[SSL_PKEY_RSA_ENC].x509,NULL);
+ buf2=(unsigned char *)Malloc((unsigned int)i);
+ if (buf2 == NULL)
+ {
+ SSLerr(SSL_F_REQUEST_CERTIFICATE,ERR_R_MALLOC_FAILURE);
+ goto msg_end;
+ }
+ p2=buf2;
+ i=i2d_X509(s->session->cert->pkeys[SSL_PKEY_RSA_ENC].x509,&p2);
+ EVP_VerifyUpdate(&ctx,buf2,(unsigned int)i);
+ Free(buf2);
+
+ pkey=X509_get_pubkey(x509);
+ if (pkey == NULL) goto end;
+ i=EVP_VerifyFinal(&ctx,p,s->s2->tmp.rlen,pkey);
+ memset(&ctx,0,sizeof(ctx));
+
+ if (i)
+ {
+ if (s->session->peer != NULL)
+ X509_free(s->session->peer);
+ s->session->peer=x509;
+ CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509);
+ ret=1;
+ goto end;
+ }
+ else
+ {
+ SSLerr(SSL_F_REQUEST_CERTIFICATE,SSL_R_BAD_CHECKSUM);
+ goto msg_end;
+ }
+ }
+ else
+ {
+msg_end:
+ ssl2_return_error(s,SSL2_PE_BAD_CERTIFICATE);
+ }
+end:
+ if (sk != NULL) sk_free(sk);
+ if (x509 != NULL) X509_free(x509);
+ return(ret);
+ }
+
+static int ssl_rsa_private_decrypt(c, len, from, to,padding)
+CERT *c;
+int len;
+unsigned char *from;
+unsigned char *to;
+int padding;
+ {
+ RSA *rsa;
+ int i;
+
+ if ((c == NULL) || (c->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL))
+ {
+ SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT,SSL_R_NO_PRIVATEKEY);
+ return(-1);
+ }
+ if (c->pkeys[SSL_PKEY_RSA_ENC].privatekey->type != EVP_PKEY_RSA)
+ {
+ SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT,SSL_R_PUBLIC_KEY_IS_NOT_RSA);
+ return(-1);
+ }
+ rsa=c->pkeys[SSL_PKEY_RSA_ENC].privatekey->pkey.rsa;
+
+ /* we have the public key */
+ i=RSA_private_decrypt(len,from,to,rsa,padding);
+ if (i < 0)
+ SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT,ERR_R_RSA_LIB);
+ return(i);
+ }
+
diff --git a/src/lib/libssl/src/ssl/s3_both.c b/src/lib/libssl/src/ssl/s3_both.c
new file mode 100644
index 0000000000..6de62e1591
--- /dev/null
+++ b/src/lib/libssl/src/ssl/s3_both.c
@@ -0,0 +1,469 @@
+/* ssl/s3_both.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "buffer.h"
+#include "rand.h"
+#include "objects.h"
+#include "evp.h"
+#include "x509.h"
+#include "ssl_locl.h"
+
+#define BREAK break
+
+/* SSL3err(SSL_F_SSL3_GET_FINISHED,SSL_R_EXCESSIVE_MESSAGE_SIZE);
+ */
+
+int ssl3_send_finished(s,a,b,sender,slen)
+SSL *s;
+int a;
+int b;
+unsigned char *sender;
+int slen;
+ {
+ unsigned char *p,*d;
+ int i;
+ unsigned long l;
+
+ if (s->state == a)
+ {
+ d=(unsigned char *)s->init_buf->data;
+ p= &(d[4]);
+
+ i=s->method->ssl3_enc->final_finish_mac(s,
+ &(s->s3->finish_dgst1),
+ &(s->s3->finish_dgst2),
+ sender,slen,p);
+ p+=i;
+ l=i;
+
+ *(d++)=SSL3_MT_FINISHED;
+ l2n3(l,d);
+ s->init_num=(int)l+4;
+ s->init_off=0;
+
+ s->state=b;
+ }
+
+ /* SSL3_ST_SEND_xxxxxx_HELLO_B */
+ return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
+ }
+
+int ssl3_get_finished(s,a,b)
+SSL *s;
+int a;
+int b;
+ {
+ int al,i,ok;
+ long n;
+ unsigned char *p;
+
+ /* the mac has already been generated when we received the
+ * change cipher spec message and is in s->s3->tmp.in_dgst[12]
+ */
+
+ n=ssl3_get_message(s,
+ a,
+ b,
+ SSL3_MT_FINISHED,
+ 64, /* should actually be 36+4 :-) */
+ &ok);
+
+ if (!ok) return((int)n);
+
+ /* If this occurs if we has missed a message */
+ if (!s->s3->change_cipher_spec)
+ {
+ al=SSL_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_SSL3_GET_FINISHED,SSL_R_GOT_A_FIN_BEFORE_A_CCS);
+ goto f_err;
+ }
+ s->s3->change_cipher_spec=0;
+
+ p=(unsigned char *)s->init_buf->data;
+
+ i=s->method->ssl3_enc->finish_mac_length;
+
+ if (i != n)
+ {
+ al=SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_FINISHED,SSL_R_BAD_DIGEST_LENGTH);
+ goto f_err;
+ }
+
+ if (memcmp( p, (char *)&(s->s3->tmp.finish_md[0]),i) != 0)
+ {
+ al=SSL_AD_DECRYPT_ERROR;
+ SSLerr(SSL_F_SSL3_GET_FINISHED,SSL_R_DIGEST_CHECK_FAILED);
+ goto f_err;
+ }
+
+ return(1);
+f_err:
+ ssl3_send_alert(s,SSL3_AL_FATAL,al);
+ return(0);
+ }
+
+/* for these 2 messages, we need to
+ * ssl->enc_read_ctx re-init
+ * ssl->s3->read_sequence zero
+ * ssl->s3->read_mac_secret re-init
+ * ssl->session->read_sym_enc assign
+ * ssl->session->read_compression assign
+ * ssl->session->read_hash assign
+ */
+int ssl3_send_change_cipher_spec(s,a,b)
+SSL *s;
+int a,b;
+ {
+ unsigned char *p;
+
+ if (s->state == a)
+ {
+ p=(unsigned char *)s->init_buf->data;
+ *p=SSL3_MT_CCS;
+ s->init_num=1;
+ s->init_off=0;
+
+ s->state=b;
+ }
+
+ /* SSL3_ST_CW_CHANGE_B */
+ return(ssl3_do_write(s,SSL3_RT_CHANGE_CIPHER_SPEC));
+ }
+
+unsigned long ssl3_output_cert_chain(s,x)
+SSL *s;
+X509 *x;
+ {
+ unsigned char *p;
+ int n,i;
+ unsigned long l=7;
+ BUF_MEM *buf;
+ X509_STORE_CTX xs_ctx;
+ X509_OBJECT obj;
+
+ /* TLSv1 sends a chain with nothing in it, instead of an alert */
+ buf=s->init_buf;
+ if (!BUF_MEM_grow(buf,(int)(10)))
+ {
+ SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
+ return(0);
+ }
+ if (x != NULL)
+ {
+ X509_STORE_CTX_init(&xs_ctx,s->ctx->cert_store,NULL,NULL);
+
+ for (;;)
+ {
+ n=i2d_X509(x,NULL);
+ if (!BUF_MEM_grow(buf,(int)(n+l+3)))
+ {
+ SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
+ return(0);
+ }
+ p=(unsigned char *)&(buf->data[l]);
+ l2n3(n,p);
+ i2d_X509(x,&p);
+ l+=n+3;
+ if (X509_NAME_cmp(X509_get_subject_name(x),
+ X509_get_issuer_name(x)) == 0) break;
+
+ i=X509_STORE_get_by_subject(&xs_ctx,X509_LU_X509,
+ X509_get_issuer_name(x),&obj);
+ if (i <= 0) break;
+ x=obj.data.x509;
+ /* Count is one too high since the X509_STORE_get uped the
+ * ref count */
+ X509_free(x);
+ }
+
+ X509_STORE_CTX_cleanup(&xs_ctx);
+ }
+
+ l-=7;
+ p=(unsigned char *)&(buf->data[4]);
+ l2n3(l,p);
+ l+=3;
+ p=(unsigned char *)&(buf->data[0]);
+ *(p++)=SSL3_MT_CERTIFICATE;
+ l2n3(l,p);
+ l+=4;
+ return(l);
+ }
+
+long ssl3_get_message(s,st1,stn,mt,max,ok)
+SSL *s;
+int st1,stn,mt;
+long max;
+int *ok;
+ {
+ unsigned char *p;
+ unsigned long l;
+ long n;
+ int i,al;
+
+ if (s->s3->tmp.reuse_message)
+ {
+ s->s3->tmp.reuse_message=0;
+ if ((mt >= 0) && (s->s3->tmp.message_type != mt))
+ {
+ al=SSL_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_UNEXPECTED_MESSAGE);
+ goto f_err;
+ }
+ *ok=1;
+ return((int)s->s3->tmp.message_size);
+ }
+
+ p=(unsigned char *)s->init_buf->data;
+
+ if (s->state == st1)
+ {
+ i=ssl3_read_bytes(s,SSL3_RT_HANDSHAKE,
+ (char *)&(p[s->init_num]),
+ 4-s->init_num);
+ if (i < (4-s->init_num))
+ {
+ *ok=0;
+ return(ssl3_part_read(s,i));
+ }
+
+ if ((mt >= 0) && (*p != mt))
+ {
+ al=SSL_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_UNEXPECTED_MESSAGE);
+ goto f_err;
+ }
+ s->s3->tmp.message_type= *(p++);
+
+ n2l3(p,l);
+ if (l > (unsigned long)max)
+ {
+ al=SSL_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_EXCESSIVE_MESSAGE_SIZE);
+ goto f_err;
+ }
+ if (l && !BUF_MEM_grow(s->init_buf,(int)l))
+ {
+ SSLerr(SSL_F_SSL3_GET_MESSAGE,ERR_R_BUF_LIB);
+ goto err;
+ }
+ s->s3->tmp.message_size=l;
+ s->state=stn;
+
+ s->init_num=0;
+ }
+
+ /* next state (stn) */
+ p=(unsigned char *)s->init_buf->data;
+ n=s->s3->tmp.message_size;
+ if (n > 0)
+ {
+ i=ssl3_read_bytes(s,SSL3_RT_HANDSHAKE,
+ (char *)&(p[s->init_num]),(int)n);
+ if (i != (int)n)
+ {
+ *ok=0;
+ return(ssl3_part_read(s,i));
+ }
+ }
+ *ok=1;
+ return(n);
+f_err:
+ ssl3_send_alert(s,SSL3_AL_FATAL,al);
+err:
+ *ok=0;
+ return(-1);
+ }
+
+int ssl_cert_type(x,pkey)
+X509 *x;
+EVP_PKEY *pkey;
+ {
+ EVP_PKEY *pk;
+ int ret= -1,i,j;
+
+ if (pkey == NULL)
+ pk=X509_get_pubkey(x);
+ else
+ pk=pkey;
+ if (pk == NULL) goto err;
+
+ i=pk->type;
+ if (i == EVP_PKEY_RSA)
+ {
+ ret=SSL_PKEY_RSA_ENC;
+ if (x != NULL)
+ {
+ j=X509_get_ext_count(x);
+ /* check to see if this is a signing only certificate */
+ /* EAY EAY EAY EAY */
+ }
+ }
+ else if (i == EVP_PKEY_DSA)
+ {
+ ret=SSL_PKEY_DSA_SIGN;
+ }
+ else if (i == EVP_PKEY_DH)
+ {
+ /* if we just have a key, we needs to be guess */
+
+ if (x == NULL)
+ ret=SSL_PKEY_DH_DSA;
+ else
+ {
+ j=X509_get_signature_type(x);
+ if (j == EVP_PKEY_RSA)
+ ret=SSL_PKEY_DH_RSA;
+ else if (j== EVP_PKEY_DSA)
+ ret=SSL_PKEY_DH_DSA;
+ else ret= -1;
+ }
+ }
+ else
+ ret= -1;
+
+err:
+ return(ret);
+ }
+
+int ssl_verify_alarm_type(type)
+long type;
+ {
+ int al;
+
+ switch(type)
+ {
+ case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
+ case X509_V_ERR_UNABLE_TO_GET_CRL:
+ al=SSL_AD_UNKNOWN_CA;
+ break;
+ case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE:
+ case X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE:
+ case X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY:
+ case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
+ case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
+ case X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD:
+ case X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD:
+ case X509_V_ERR_CERT_NOT_YET_VALID:
+ case X509_V_ERR_CRL_NOT_YET_VALID:
+ al=SSL_AD_BAD_CERTIFICATE;
+ break;
+ case X509_V_ERR_CERT_SIGNATURE_FAILURE:
+ case X509_V_ERR_CRL_SIGNATURE_FAILURE:
+ al=SSL_AD_DECRYPT_ERROR;
+ break;
+ case X509_V_ERR_CERT_HAS_EXPIRED:
+ case X509_V_ERR_CRL_HAS_EXPIRED:
+ al=SSL_AD_CERTIFICATE_EXPIRED;
+ break;
+ case X509_V_ERR_CERT_REVOKED:
+ al=SSL_AD_CERTIFICATE_REVOKED;
+ break;
+ case X509_V_ERR_OUT_OF_MEM:
+ al=SSL_AD_INTERNAL_ERROR;
+ break;
+ case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
+ case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:
+ case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:
+ case X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:
+ case X509_V_ERR_CERT_CHAIN_TOO_LONG:
+ al=SSL_AD_UNKNOWN_CA;
+ break;
+ case X509_V_ERR_APPLICATION_VERIFICATION:
+ al=SSL_AD_HANDSHAKE_FAILURE;
+ break;
+ default:
+ al=SSL_AD_CERTIFICATE_UNKNOWN;
+ break;
+ }
+ return(al);
+ }
+
+int ssl3_setup_buffers(s)
+SSL *s;
+ {
+ unsigned char *p;
+ unsigned int extra;
+
+ if (s->s3->rbuf.buf == NULL)
+ {
+ if (s->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER)
+ extra=SSL3_RT_MAX_EXTRA;
+ else
+ extra=0;
+ if ((p=(unsigned char *)Malloc(SSL3_RT_MAX_PACKET_SIZE+extra))
+ == NULL)
+ goto err;
+ s->s3->rbuf.buf=p;
+ }
+
+ if (s->s3->wbuf.buf == NULL)
+ {
+ if ((p=(unsigned char *)Malloc(SSL3_RT_MAX_PACKET_SIZE))
+ == NULL)
+ goto err;
+ s->s3->wbuf.buf=p;
+ }
+ s->packet= &(s->s3->rbuf.buf[0]);
+ return(1);
+err:
+ SSLerr(SSL_F_SSL3_SETUP_BUFFERS,ERR_R_MALLOC_FAILURE);
+ return(0);
+ }
diff --git a/src/lib/libssl/src/ssl/s3_clnt.c b/src/lib/libssl/src/ssl/s3_clnt.c
new file mode 100644
index 0000000000..940c6a458f
--- /dev/null
+++ b/src/lib/libssl/src/ssl/s3_clnt.c
@@ -0,0 +1,1678 @@
+/* ssl/s3_clnt.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "buffer.h"
+#include "rand.h"
+#include "objects.h"
+#include "evp.h"
+#include "ssl_locl.h"
+
+#define BREAK break
+/* SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,ERR_R_MALLOC_FAILURE);
+ * SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,ERR_R_MALLOC_FAILURE);
+ * SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,ERR_R_MALLOC_FAILURE);
+ * SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_MALLOC_FAILURE);
+ * SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,ERR_R_MALLOC_FAILURE);
+ * SSLerr(SSL_F_SSL3_GET_SERVER_DONE,ERR_R_MALLOC_FAILURE);
+SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_SSL3_SESSION_ID_TOO_SHORT);
+ */
+
+#ifndef NOPROTO
+static int ssl3_client_hello(SSL *s);
+static int ssl3_get_server_hello(SSL *s);
+static int ssl3_get_certificate_request(SSL *s);
+static int ca_dn_cmp(X509_NAME **a,X509_NAME **b);
+static int ssl3_get_server_done(SSL *s);
+static int ssl3_send_client_verify(SSL *s);
+static int ssl3_send_client_certificate(SSL *s);
+static int ssl3_send_client_key_exchange(SSL *s);
+static int ssl3_get_key_exchange(SSL *s);
+static int ssl3_get_server_certificate(SSL *s);
+static int ssl3_check_cert_and_algorithm(SSL *s);
+#else
+static int ssl3_client_hello();
+static int ssl3_get_server_hello();
+static int ssl3_get_certificate_request();
+static int ca_dn_cmp();
+static int ssl3_get_server_done();
+static int ssl3_send_client_verify();
+static int ssl3_send_client_certificate();
+static int ssl3_send_client_key_exchange();
+static int ssl3_get_key_exchange();
+static int ssl3_get_server_certificate();
+static int ssl3_check_cert_and_algorithm();
+#endif
+
+static SSL_METHOD *ssl3_get_client_method(ver)
+int ver;
+ {
+ if (ver == SSL3_VERSION)
+ return(SSLv3_client_method());
+ else
+ return(NULL);
+ }
+
+SSL_METHOD *SSLv3_client_method()
+ {
+ static int init=1;
+ static SSL_METHOD SSLv3_client_data;
+
+ if (init)
+ {
+ init=0;
+ memcpy((char *)&SSLv3_client_data,(char *)sslv3_base_method(),
+ sizeof(SSL_METHOD));
+ SSLv3_client_data.ssl_connect=ssl3_connect;
+ SSLv3_client_data.get_ssl_method=ssl3_get_client_method;
+ }
+ return(&SSLv3_client_data);
+ }
+
+int ssl3_connect(s)
+SSL *s;
+ {
+ BUF_MEM *buf;
+ unsigned long Time=time(NULL),l;
+ long num1;
+ void (*cb)()=NULL;
+ int ret= -1;
+ BIO *under;
+ int new_state,state,skip=0;;
+
+ RAND_seed((unsigned char *)&Time,sizeof(Time));
+ ERR_clear_error();
+ clear_sys_error();
+
+ if (s->info_callback != NULL)
+ cb=s->info_callback;
+ else if (s->ctx->info_callback != NULL)
+ cb=s->ctx->info_callback;
+
+ if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
+ s->in_handshake++;
+
+ for (;;)
+ {
+ state=s->state;
+
+ switch(s->state)
+ {
+ case SSL_ST_RENEGOTIATE:
+ s->new_session=1;
+ s->state=SSL_ST_CONNECT;
+ s->ctx->sess_connect_renegotiate++;
+ /* break */
+ case SSL_ST_BEFORE:
+ case SSL_ST_CONNECT:
+ case SSL_ST_BEFORE|SSL_ST_CONNECT:
+ case SSL_ST_OK|SSL_ST_CONNECT:
+
+ if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
+
+ if ((s->version & 0xff00 ) != 0x0300)
+ abort();
+ /* s->version=SSL3_VERSION; */
+ s->type=SSL_ST_CONNECT;
+
+ if (s->init_buf == NULL)
+ {
+ if ((buf=BUF_MEM_new()) == NULL)
+ {
+ ret= -1;
+ goto end;
+ }
+ if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH))
+ {
+ ret= -1;
+ goto end;
+ }
+ s->init_buf=buf;
+ }
+
+ if (!ssl3_setup_buffers(s)) { ret= -1; goto end; }
+
+ /* setup buffing BIO */
+ if (!ssl_init_wbio_buffer(s,0)) { ret= -1; goto end; }
+
+ /* don't push the buffering BIO quite yet */
+
+ ssl3_init_finished_mac(s);
+
+ s->state=SSL3_ST_CW_CLNT_HELLO_A;
+ s->ctx->sess_connect++;
+ s->init_num=0;
+ break;
+
+ case SSL3_ST_CW_CLNT_HELLO_A:
+ case SSL3_ST_CW_CLNT_HELLO_B:
+
+ s->shutdown=0;
+ ret=ssl3_client_hello(s);
+ if (ret <= 0) goto end;
+ s->state=SSL3_ST_CR_SRVR_HELLO_A;
+ s->init_num=0;
+
+ /* turn on buffering for the next lot of output */
+ if (s->bbio != s->wbio)
+ s->wbio=BIO_push(s->bbio,s->wbio);
+
+ break;
+
+ case SSL3_ST_CR_SRVR_HELLO_A:
+ case SSL3_ST_CR_SRVR_HELLO_B:
+ ret=ssl3_get_server_hello(s);
+ if (ret <= 0) goto end;
+ if (s->hit)
+ s->state=SSL3_ST_CR_FINISHED_A;
+ else
+ s->state=SSL3_ST_CR_CERT_A;
+ s->init_num=0;
+ break;
+
+ case SSL3_ST_CR_CERT_A:
+ case SSL3_ST_CR_CERT_B:
+ /* Check if it is anon DH */
+ if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL))
+ {
+ ret=ssl3_get_server_certificate(s);
+ if (ret <= 0) goto end;
+ }
+ else
+ skip=1;
+ s->state=SSL3_ST_CR_KEY_EXCH_A;
+ s->init_num=0;
+ break;
+
+ case SSL3_ST_CR_KEY_EXCH_A:
+ case SSL3_ST_CR_KEY_EXCH_B:
+ ret=ssl3_get_key_exchange(s);
+ if (ret <= 0) goto end;
+ s->state=SSL3_ST_CR_CERT_REQ_A;
+ s->init_num=0;
+
+ /* at this point we check that we have the
+ * required stuff from the server */
+ if (!ssl3_check_cert_and_algorithm(s))
+ {
+ ret= -1;
+ goto end;
+ }
+ break;
+
+ case SSL3_ST_CR_CERT_REQ_A:
+ case SSL3_ST_CR_CERT_REQ_B:
+ ret=ssl3_get_certificate_request(s);
+ if (ret <= 0) goto end;
+ s->state=SSL3_ST_CR_SRVR_DONE_A;
+ s->init_num=0;
+ break;
+
+ case SSL3_ST_CR_SRVR_DONE_A:
+ case SSL3_ST_CR_SRVR_DONE_B:
+ ret=ssl3_get_server_done(s);
+ if (ret <= 0) goto end;
+ if (s->s3->tmp.cert_req)
+ s->state=SSL3_ST_CW_CERT_A;
+ else
+ s->state=SSL3_ST_CW_KEY_EXCH_A;
+ s->init_num=0;
+
+ break;
+
+ case SSL3_ST_CW_CERT_A:
+ case SSL3_ST_CW_CERT_B:
+ case SSL3_ST_CW_CERT_C:
+ ret=ssl3_send_client_certificate(s);
+ if (ret <= 0) goto end;
+ s->state=SSL3_ST_CW_KEY_EXCH_A;
+ s->init_num=0;
+ break;
+
+ case SSL3_ST_CW_KEY_EXCH_A:
+ case SSL3_ST_CW_KEY_EXCH_B:
+ ret=ssl3_send_client_key_exchange(s);
+ if (ret <= 0) goto end;
+ l=s->s3->tmp.new_cipher->algorithms;
+ /* EAY EAY EAY need to check for DH fix cert
+ * sent back */
+ /* For TLS, cert_req is set to 2, so a cert chain
+ * of nothing is sent, but no verify packet is sent */
+ if (s->s3->tmp.cert_req == 1)
+ {
+ s->state=SSL3_ST_CW_CERT_VRFY_A;
+ }
+ else
+ {
+ s->state=SSL3_ST_CW_CHANGE_A;
+ s->s3->change_cipher_spec=0;
+ }
+
+ s->init_num=0;
+ break;
+
+ case SSL3_ST_CW_CERT_VRFY_A:
+ case SSL3_ST_CW_CERT_VRFY_B:
+ ret=ssl3_send_client_verify(s);
+ if (ret <= 0) goto end;
+ s->state=SSL3_ST_CW_CHANGE_A;
+ s->init_num=0;
+ s->s3->change_cipher_spec=0;
+ break;
+
+ case SSL3_ST_CW_CHANGE_A:
+ case SSL3_ST_CW_CHANGE_B:
+ ret=ssl3_send_change_cipher_spec(s,
+ SSL3_ST_CW_CHANGE_A,SSL3_ST_CW_CHANGE_B);
+ if (ret <= 0) goto end;
+ s->state=SSL3_ST_CW_FINISHED_A;
+ s->init_num=0;
+
+ s->session->cipher=s->s3->tmp.new_cipher;
+ if (!s->method->ssl3_enc->setup_key_block(s))
+ {
+ ret= -1;
+ goto end;
+ }
+
+ if (!s->method->ssl3_enc->change_cipher_state(s,
+ SSL3_CHANGE_CIPHER_CLIENT_WRITE))
+ {
+ ret= -1;
+ goto end;
+ }
+
+ break;
+
+ case SSL3_ST_CW_FINISHED_A:
+ case SSL3_ST_CW_FINISHED_B:
+ ret=ssl3_send_finished(s,
+ SSL3_ST_CW_FINISHED_A,SSL3_ST_CW_FINISHED_B,
+ s->method->ssl3_enc->client_finished,
+ s->method->ssl3_enc->client_finished_len);
+ if (ret <= 0) goto end;
+ s->state=SSL3_ST_CW_FLUSH;
+
+ /* clear flags */
+ s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER;
+ if (s->hit)
+ {
+ s->s3->tmp.next_state=SSL_ST_OK;
+ if (s->s3->flags & SSL3_FLAGS_DELAY_CLIENT_FINISHED)
+ {
+ s->state=SSL_ST_OK;
+ s->s3->flags|=SSL3_FLAGS_POP_BUFFER;
+ s->s3->delay_buf_pop_ret=0;
+ }
+ }
+ else
+ {
+ s->s3->tmp.next_state=SSL3_ST_CR_FINISHED_A;
+ }
+ s->init_num=0;
+ break;
+
+ case SSL3_ST_CR_FINISHED_A:
+ case SSL3_ST_CR_FINISHED_B:
+
+ ret=ssl3_get_finished(s,SSL3_ST_CR_FINISHED_A,
+ SSL3_ST_CR_FINISHED_B);
+ if (ret <= 0) goto end;
+
+ if (s->hit)
+ s->state=SSL3_ST_CW_CHANGE_A;
+ else
+ s->state=SSL_ST_OK;
+ s->init_num=0;
+ break;
+
+ case SSL3_ST_CW_FLUSH:
+ /* number of bytes to be flushed */
+ num1=BIO_ctrl(s->wbio,BIO_CTRL_INFO,0,NULL);
+ if (num1 > 0)
+ {
+ s->rwstate=SSL_WRITING;
+ num1=BIO_flush(s->wbio);
+ if (num1 <= 0) { ret= -1; goto end; }
+ s->rwstate=SSL_NOTHING;
+ }
+
+ s->state=s->s3->tmp.next_state;
+ break;
+
+ case SSL_ST_OK:
+ /* clean a few things up */
+ ssl3_cleanup_key_block(s);
+
+ BUF_MEM_free(s->init_buf);
+ s->init_buf=NULL;
+
+ if (!(s->s3->flags & SSL3_FLAGS_POP_BUFFER))
+ {
+ /* remove buffering */
+ under=BIO_pop(s->wbio);
+ if (under != NULL)
+ s->wbio=under;
+ else
+ abort(); /* ok */
+
+ BIO_free(s->bbio);
+ s->bbio=NULL;
+ }
+ /* else do it later */
+
+ s->init_num=0;
+ s->new_session=0;
+
+ ssl_update_cache(s,SSL_SESS_CACHE_CLIENT);
+ if (s->hit) s->ctx->sess_hit++;
+
+ ret=1;
+ /* s->server=0; */
+ s->handshake_func=ssl3_connect;
+ s->ctx->sess_connect_good++;
+
+ if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1);
+
+ goto end;
+ break;
+
+ default:
+ SSLerr(SSL_F_SSL3_CONNECT,SSL_R_UNKNOWN_STATE);
+ ret= -1;
+ goto end;
+ /* break; */
+ }
+
+ /* did we do anything */
+ if (!s->s3->tmp.reuse_message && !skip)
+ {
+ if (s->debug)
+ {
+ if ((ret=BIO_flush(s->wbio)) <= 0)
+ goto end;
+ }
+
+ if ((cb != NULL) && (s->state != state))
+ {
+ new_state=s->state;
+ s->state=state;
+ cb(s,SSL_CB_CONNECT_LOOP,1);
+ s->state=new_state;
+ }
+ }
+ skip=0;
+ }
+end:
+ if (cb != NULL)
+ cb(s,SSL_CB_CONNECT_EXIT,ret);
+ s->in_handshake--;
+ return(ret);
+ }
+
+
+static int ssl3_client_hello(s)
+SSL *s;
+ {
+ unsigned char *buf;
+ unsigned char *p,*d;
+ int i;
+ unsigned long Time,l;
+
+ buf=(unsigned char *)s->init_buf->data;
+ if (s->state == SSL3_ST_CW_CLNT_HELLO_A)
+ {
+ if ((s->session == NULL) ||
+ (s->session->ssl_version != s->version))
+ {
+ if (!ssl_get_new_session(s,0))
+ goto err;
+ }
+ /* else use the pre-loaded session */
+
+ p=s->s3->client_random;
+ Time=time(NULL); /* Time */
+ l2n(Time,p);
+ RAND_bytes(&(p[4]),SSL3_RANDOM_SIZE-sizeof(Time));
+
+ /* Do the message type and length last */
+ d=p= &(buf[4]);
+
+ *(p++)=s->version>>8;
+ *(p++)=s->version&0xff;
+
+ /* Random stuff */
+ memcpy(p,s->s3->client_random,SSL3_RANDOM_SIZE);
+ p+=SSL3_RANDOM_SIZE;
+
+ /* Session ID */
+ if (s->new_session)
+ i=0;
+ else
+ i=s->session->session_id_length;
+ *(p++)=i;
+ if (i != 0)
+ {
+ memcpy(p,s->session->session_id,i);
+ p+=i;
+ }
+
+ /* Ciphers supported */
+ i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),&(p[2]));
+ if (i == 0)
+ {
+ SSLerr(SSL_F_SSL3_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);
+ goto err;
+ }
+ s2n(i,p);
+ p+=i;
+
+ /* hardwire in the NULL compression algorithm. */
+ *(p++)=1;
+ *(p++)=0;
+
+ l=(p-d);
+ d=buf;
+ *(d++)=SSL3_MT_CLIENT_HELLO;
+ l2n3(l,d);
+
+ s->state=SSL3_ST_CW_CLNT_HELLO_B;
+ /* number of bytes to write */
+ s->init_num=p-buf;
+ s->init_off=0;
+ }
+
+ /* SSL3_ST_CW_CLNT_HELLO_B */
+ return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
+err:
+ return(-1);
+ }
+
+static int ssl3_get_server_hello(s)
+SSL *s;
+ {
+ STACK *sk;
+ SSL_CIPHER *c;
+ unsigned char *p,*d;
+ int i,al,ok;
+ unsigned int j;
+ long n;
+
+ n=ssl3_get_message(s,
+ SSL3_ST_CR_SRVR_HELLO_A,
+ SSL3_ST_CR_SRVR_HELLO_B,
+ SSL3_MT_SERVER_HELLO,
+ 300, /* ?? */
+ &ok);
+
+ if (!ok) return((int)n);
+ d=p=(unsigned char *)s->init_buf->data;
+
+ if ((p[0] != (s->version>>8)) || (p[1] != (s->version&0xff)))
+ {
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_WRONG_SSL_VERSION);
+ s->version=(s->version&0xff00)|p[1];
+ al=SSL_AD_PROTOCOL_VERSION;
+ goto f_err;
+ }
+ p+=2;
+
+ /* load the server hello data */
+ /* load the server random */
+ memcpy(s->s3->server_random,p,SSL3_RANDOM_SIZE);
+ p+=SSL3_RANDOM_SIZE;
+
+ /* get the session-id */
+ j= *(p++);
+
+ if ((j != 0) && (j != SSL3_SESSION_ID_SIZE))
+ {
+ /* SSLref returns 16 :-( */
+ if (j < SSL2_SSL_SESSION_ID_LENGTH)
+ {
+ al=SSL_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_SSL3_SESSION_ID_TOO_SHORT);
+ goto f_err;
+ }
+ }
+ if ((j != 0) && (j == s->session->session_id_length) &&
+ (memcmp(p,s->session->session_id,j) == 0))
+ s->hit=1;
+ else /* a miss or crap from the other end */
+ {
+ /* If we were trying for session-id reuse, make a new
+ * SSL_SESSION so we don't stuff up other people */
+ s->hit=0;
+ if (s->session->session_id_length > 0)
+ {
+ if (!ssl_get_new_session(s,0))
+ {
+ al=SSL_AD_INTERNAL_ERROR;
+ goto f_err;
+ }
+ }
+ s->session->session_id_length=j;
+ memcpy(s->session->session_id,p,j); /* j could be 0 */
+ }
+ p+=j;
+ c=ssl_get_cipher_by_char(s,p);
+ if (c == NULL)
+ {
+ /* unknown cipher */
+ al=SSL_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_UNKNOWN_CIPHER_RETURNED);
+ goto f_err;
+ }
+ p+=ssl_put_cipher_by_char(s,NULL,NULL);
+
+ sk=ssl_get_ciphers_by_id(s);
+ i=sk_find(sk,(char *)c);
+ if (i < 0)
+ {
+ /* we did not say we would use this cipher */
+ al=SSL_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_WRONG_CIPHER_RETURNED);
+ goto f_err;
+ }
+
+ if (s->hit && (s->session->cipher != c))
+ {
+ if (!(s->options &
+ SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG))
+ {
+ al=SSL_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED);
+ goto f_err;
+ }
+ }
+ s->s3->tmp.new_cipher=c;
+
+ /* lets get the compression algorithm */
+ j= *(p++);
+ if (j != 0)
+ {
+ al=SSL_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
+ goto f_err;
+ }
+
+ if (p != (d+n))
+ {
+ /* wrong packet length */
+ al=SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_BAD_PACKET_LENGTH);
+ goto err;
+ }
+
+ return(1);
+f_err:
+ ssl3_send_alert(s,SSL3_AL_FATAL,al);
+err:
+ return(-1);
+ }
+
+static int ssl3_get_server_certificate(s)
+SSL *s;
+ {
+ int al,i,ok,ret= -1;
+ unsigned long n,nc,llen,l;
+ X509 *x=NULL;
+ unsigned char *p,*d,*q;
+ STACK *sk=NULL;
+ CERT *c;
+ EVP_PKEY *pkey=NULL;
+
+ n=ssl3_get_message(s,
+ SSL3_ST_CR_CERT_A,
+ SSL3_ST_CR_CERT_B,
+ -1,
+#if defined(MSDOS) && !defined(WIN32)
+ 1024*30, /* 30k max cert list :-) */
+#else
+ 1024*100, /* 100k max cert list :-) */
+#endif
+ &ok);
+
+ if (!ok) return((int)n);
+
+ if (s->s3->tmp.message_type == SSL3_MT_SERVER_KEY_EXCHANGE)
+ {
+ s->s3->tmp.reuse_message=1;
+ return(1);
+ }
+
+ if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE)
+ {
+ al=SSL_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_BAD_MESSAGE_TYPE);
+ goto f_err;
+ }
+ d=p=(unsigned char *)s->init_buf->data;
+
+ if ((sk=sk_new_null()) == NULL)
+ {
+ SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ n2l3(p,llen);
+ if (llen+3 != n)
+ {
+ al=SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_LENGTH_MISMATCH);
+ goto f_err;
+ }
+ for (nc=0; nc<llen; )
+ {
+ n2l3(p,l);
+ if ((l+nc+3) > llen)
+ {
+ al=SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH);
+ goto f_err;
+ }
+
+ q=p;
+ x=d2i_X509(NULL,&q,l);
+ if (x == NULL)
+ {
+ al=SSL_AD_BAD_CERTIFICATE;
+ SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,ERR_R_ASN1_LIB);
+ goto f_err;
+ }
+ if (q != (p+l))
+ {
+ al=SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH);
+ goto f_err;
+ }
+ if (!sk_push(sk,(char *)x))
+ {
+ SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ x=NULL;
+ nc+=l+3;
+ p=q;
+ }
+
+ i=ssl_verify_cert_chain(s,sk);
+ if ((s->verify_mode != SSL_VERIFY_NONE) && (!i))
+ {
+ al=ssl_verify_alarm_type(s->verify_result);
+ SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_CERTIFICATE_VERIFY_FAILED);
+ goto f_err;
+ }
+
+ c=ssl_cert_new();
+ if (c == NULL) goto err;
+
+ if (s->session->cert) ssl_cert_free(s->session->cert);
+ s->session->cert=c;
+
+ c->cert_chain=sk;
+ x=(X509 *)sk_value(sk,0);
+ sk=NULL;
+
+ pkey=X509_get_pubkey(x);
+
+ if (EVP_PKEY_missing_parameters(pkey))
+ {
+ x=NULL;
+ al=SSL3_AL_FATAL;
+ SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS);
+ goto f_err;
+ }
+
+ i=ssl_cert_type(x,pkey);
+ if (i < 0)
+ {
+ x=NULL;
+ al=SSL3_AL_FATAL;
+ SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_UNKNOWN_CERTIFICATE_TYPE);
+ goto f_err;
+ }
+
+ c->cert_type=i;
+ CRYPTO_add(&x->references,1,CRYPTO_LOCK_X509);
+ if (c->pkeys[i].x509 != NULL)
+ X509_free(c->pkeys[i].x509);
+ c->pkeys[i].x509=x;
+ c->key= &(c->pkeys[i]);
+
+ if ((s->session != NULL) && (s->session->peer != NULL))
+ X509_free(s->session->peer);
+ CRYPTO_add(&x->references,1,CRYPTO_LOCK_X509);
+ s->session->peer=x;
+
+ x=NULL;
+ ret=1;
+
+ if (0)
+ {
+f_err:
+ ssl3_send_alert(s,SSL3_AL_FATAL,al);
+ }
+err:
+ if (x != NULL) X509_free(x);
+ if (sk != NULL) sk_pop_free(sk,X509_free);
+ return(ret);
+ }
+
+static int ssl3_get_key_exchange(s)
+SSL *s;
+ {
+#ifndef NO_RSA
+ unsigned char *q,md_buf[EVP_MAX_MD_SIZE*2];
+#endif
+ EVP_MD_CTX md_ctx;
+ unsigned char *param,*p;
+ int al,i,j,param_len,ok;
+ long n,alg;
+ EVP_PKEY *pkey=NULL;
+ RSA *rsa=NULL;
+#ifndef NO_DH
+ DH *dh=NULL;
+#endif
+
+ n=ssl3_get_message(s,
+ SSL3_ST_CR_KEY_EXCH_A,
+ SSL3_ST_CR_KEY_EXCH_B,
+ -1,
+ 1024*8, /* ?? */
+ &ok);
+
+ if (!ok) return((int)n);
+
+ if (s->s3->tmp.message_type != SSL3_MT_SERVER_KEY_EXCHANGE)
+ {
+ s->s3->tmp.reuse_message=1;
+ return(1);
+ }
+
+ param=p=(unsigned char *)s->init_buf->data;
+
+ if (s->session->cert != NULL)
+ {
+#ifndef NO_RSA
+ if (s->session->cert->rsa_tmp != NULL)
+ {
+ RSA_free(s->session->cert->rsa_tmp);
+ s->session->cert->rsa_tmp=NULL;
+ }
+#endif
+#ifndef NO_DH
+ if (s->session->cert->dh_tmp)
+ {
+ DH_free(s->session->cert->dh_tmp);
+ s->session->cert->dh_tmp=NULL;
+ }
+#endif
+ }
+ else
+ {
+ s->session->cert=ssl_cert_new();
+ }
+
+ param_len=0;
+ alg=s->s3->tmp.new_cipher->algorithms;
+
+#ifndef NO_RSA
+ if (alg & SSL_kRSA)
+ {
+ if ((rsa=RSA_new()) == NULL)
+ {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ n2s(p,i);
+ param_len=i+2;
+ if (param_len > n)
+ {
+ al=SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_RSA_MODULUS_LENGTH);
+ goto f_err;
+ }
+ if (!(rsa->n=BN_bin2bn(p,i,rsa->n)))
+ {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
+ goto err;
+ }
+ p+=i;
+
+ n2s(p,i);
+ param_len+=i+2;
+ if (param_len > n)
+ {
+ al=SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_RSA_E_LENGTH);
+ goto f_err;
+ }
+ if (!(rsa->e=BN_bin2bn(p,i,rsa->e)))
+ {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
+ goto err;
+ }
+ p+=i;
+ n-=param_len;
+
+/* s->session->cert->rsa_tmp=rsa;*/
+ /* this should be because we are using an export cipher */
+ if (alg & SSL_aRSA)
+ pkey=X509_get_pubkey(s->session->cert->pkeys[SSL_PKEY_RSA_ENC].x509);
+ else
+ {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_INTERNAL_ERROR);
+ goto err;
+ }
+ s->session->cert->rsa_tmp=rsa;
+ }
+ else
+#endif
+#ifndef NO_DH
+ if (alg & SSL_kEDH)
+ {
+ if ((dh=DH_new()) == NULL)
+ {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_DH_LIB);
+ goto err;
+ }
+ n2s(p,i);
+ param_len=i+2;
+ if (param_len > n)
+ {
+ al=SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_DH_P_LENGTH);
+ goto f_err;
+ }
+ if (!(dh->p=BN_bin2bn(p,i,NULL)))
+ {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
+ goto err;
+ }
+ p+=i;
+
+ n2s(p,i);
+ param_len+=i+2;
+ if (param_len > n)
+ {
+ al=SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_DH_G_LENGTH);
+ goto f_err;
+ }
+ if (!(dh->g=BN_bin2bn(p,i,NULL)))
+ {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
+ goto err;
+ }
+ p+=i;
+
+ n2s(p,i);
+ param_len+=i+2;
+ if (param_len > n)
+ {
+ al=SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_DH_PUB_KEY_LENGTH);
+ goto f_err;
+ }
+ if (!(dh->pub_key=BN_bin2bn(p,i,NULL)))
+ {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
+ goto err;
+ }
+ p+=i;
+ n-=param_len;
+
+#ifndef NO_RSA
+ if (alg & SSL_aRSA)
+ pkey=X509_get_pubkey(s->session->cert->pkeys[SSL_PKEY_RSA_ENC].x509);
+ else
+#endif
+#ifndef NO_DSA
+ if (alg & SSL_aDSS)
+ pkey=X509_get_pubkey(s->session->cert->pkeys[SSL_PKEY_DSA_SIGN].x509);
+#endif
+ /* else anonymous DH, so no certificate or pkey. */
+
+ s->session->cert->dh_tmp=dh;
+ }
+ else if ((alg & SSL_kDHr) || (alg & SSL_kDHd))
+ {
+ al=SSL_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER);
+ goto f_err;
+ }
+#endif
+
+ /* p points to the next byte, there are 'n' bytes left */
+
+
+ /* if it was signed, check the signature */
+ if (pkey != NULL)
+ {
+ n2s(p,i);
+ n-=2;
+ j=EVP_PKEY_size(pkey);
+
+ if ((i != n) || (n > j) || (n <= 0))
+ {
+ /* wrong packet length */
+ al=SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_WRONG_SIGNATURE_LENGTH);
+ goto err;
+ }
+
+#ifndef NO_RSA
+ if (pkey->type == EVP_PKEY_RSA)
+ {
+ int num;
+
+ j=0;
+ q=md_buf;
+ for (num=2; num > 0; num--)
+ {
+ EVP_DigestInit(&md_ctx,(num == 2)
+ ?s->ctx->md5:s->ctx->sha1);
+ EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
+ EVP_DigestUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
+ EVP_DigestUpdate(&md_ctx,param,param_len);
+ EVP_DigestFinal(&md_ctx,q,(unsigned int *)&i);
+ q+=i;
+ j+=i;
+ }
+ i=RSA_public_decrypt((int)n,p,p,pkey->pkey.rsa,
+ RSA_PKCS1_PADDING);
+ if (i <= 0)
+ {
+ al=SSL_AD_DECRYPT_ERROR;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_RSA_DECRYPT);
+ goto f_err;
+ }
+ if ((j != i) || (memcmp(p,md_buf,i) != 0))
+ {
+ /* bad signature */
+ al=SSL_AD_DECRYPT_ERROR;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SIGNATURE);
+ goto f_err;
+ }
+ }
+ else
+#endif
+#ifndef NO_DSA
+ if (pkey->type == EVP_PKEY_DSA)
+ {
+ /* lets do DSS */
+ EVP_VerifyInit(&md_ctx,EVP_dss1());
+ EVP_VerifyUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
+ EVP_VerifyUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
+ EVP_VerifyUpdate(&md_ctx,param,param_len);
+ if (!EVP_VerifyFinal(&md_ctx,p,(int)n,pkey))
+ {
+ /* bad signature */
+ al=SSL_AD_DECRYPT_ERROR;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SIGNATURE);
+ goto f_err;
+ }
+ }
+ else
+#endif
+ {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_INTERNAL_ERROR);
+ goto err;
+ }
+ }
+ else
+ {
+ /* still data left over */
+ if (!(alg & SSL_aNULL))
+ {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_INTERNAL_ERROR);
+ goto err;
+ }
+ if (n != 0)
+ {
+ al=SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_EXTRA_DATA_IN_MESSAGE);
+ goto f_err;
+ }
+ }
+
+ return(1);
+f_err:
+ ssl3_send_alert(s,SSL3_AL_FATAL,al);
+err:
+ return(-1);
+ }
+
+static int ssl3_get_certificate_request(s)
+SSL *s;
+ {
+ int ok,ret=0;
+ unsigned long n,nc,l;
+ unsigned int llen,ctype_num,i;
+ X509_NAME *xn=NULL;
+ unsigned char *p,*d,*q;
+ STACK *ca_sk=NULL;
+
+ n=ssl3_get_message(s,
+ SSL3_ST_CR_CERT_REQ_A,
+ SSL3_ST_CR_CERT_REQ_B,
+ -1,
+#if defined(MSDOS) && !defined(WIN32)
+ 1024*30, /* 30k max cert list :-) */
+#else
+ 1024*100, /* 100k max cert list :-) */
+#endif
+ &ok);
+
+ if (!ok) return((int)n);
+
+ s->s3->tmp.cert_req=0;
+
+ if (s->s3->tmp.message_type == SSL3_MT_SERVER_DONE)
+ {
+ s->s3->tmp.reuse_message=1;
+ return(1);
+ }
+
+ if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE_REQUEST)
+ {
+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE);
+ SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_WRONG_MESSAGE_TYPE);
+ goto err;
+ }
+
+ /* TLS does not like anon-DH with client cert */
+ if (s->version > SSL3_VERSION)
+ {
+ l=s->s3->tmp.new_cipher->algorithms;
+ if (l & SSL_aNULL)
+ {
+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_UNEXPECTED_MESSAGE);
+ SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER);
+ goto err;
+ }
+ }
+
+ d=p=(unsigned char *)s->init_buf->data;
+
+ if ((ca_sk=sk_new(ca_dn_cmp)) == NULL)
+ {
+ SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ /* get the certificate types */
+ ctype_num= *(p++);
+ if (ctype_num > SSL3_CT_NUMBER)
+ ctype_num=SSL3_CT_NUMBER;
+ for (i=0; i<ctype_num; i++)
+ s->s3->tmp.ctype[i]= p[i];
+ p+=ctype_num;
+
+ /* get the CA RDNs */
+ n2s(p,llen);
+ if ((llen+ctype_num+2+1) != n)
+ {
+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR);
+ SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_LENGTH_MISMATCH);
+ goto err;
+ }
+
+ for (nc=0; nc<llen; )
+ {
+ n2s(p,l);
+ if ((l+nc+2) > llen)
+ {
+ if ((s->options & SSL_OP_NETSCAPE_CA_DN_BUG))
+ goto cont; /* netscape bugs */
+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR);
+ SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_CA_DN_TOO_LONG);
+ goto err;
+ }
+
+ q=p;
+
+ if ((xn=d2i_X509_NAME(NULL,&q,l)) == NULL)
+ {
+ /* If netscape tollerance is on, ignore errors */
+ if (s->options & SSL_OP_NETSCAPE_CA_DN_BUG)
+ goto cont;
+ else
+ {
+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR);
+ SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,ERR_R_ASN1_LIB);
+ goto err;
+ }
+ }
+
+ if (q != (p+l))
+ {
+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR);
+ SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_CA_DN_LENGTH_MISMATCH);
+ goto err;
+ }
+ if (!sk_push(ca_sk,(char *)xn))
+ {
+ SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ p+=l;
+ nc+=l+2;
+ }
+
+ if (0)
+ {
+cont:
+ ERR_clear_error();
+ }
+
+ /* we should setup a certficate to return.... */
+ s->s3->tmp.cert_req=1;
+ s->s3->tmp.ctype_num=ctype_num;
+ if (s->s3->tmp.ca_names != NULL)
+ sk_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
+ s->s3->tmp.ca_names=ca_sk;
+ ca_sk=NULL;
+
+ ret=1;
+err:
+ if (ca_sk != NULL) sk_pop_free(ca_sk,X509_NAME_free);
+ return(ret);
+ }
+
+static int ca_dn_cmp(a,b)
+X509_NAME **a,**b;
+ {
+ return(X509_NAME_cmp(*a,*b));
+ }
+
+static int ssl3_get_server_done(s)
+SSL *s;
+ {
+ int ok,ret=0;
+ long n;
+
+ n=ssl3_get_message(s,
+ SSL3_ST_CR_SRVR_DONE_A,
+ SSL3_ST_CR_SRVR_DONE_B,
+ SSL3_MT_SERVER_DONE,
+ 30, /* should be very small, like 0 :-) */
+ &ok);
+
+ if (!ok) return((int)n);
+ if (n > 0)
+ {
+ /* should contain no data */
+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECODE_ERROR);
+ SSLerr(SSL_F_SSL3_GET_SERVER_DONE,SSL_R_LENGTH_MISMATCH);
+ }
+ ret=1;
+ return(ret);
+ }
+
+static int ssl3_send_client_key_exchange(s)
+SSL *s;
+ {
+ unsigned char *p,*q,*d;
+ int n;
+ unsigned long l;
+ EVP_PKEY *pkey=NULL;
+
+ if (s->state == SSL3_ST_CW_KEY_EXCH_A)
+ {
+ d=(unsigned char *)s->init_buf->data;
+ p= &(d[4]);
+
+ l=s->s3->tmp.new_cipher->algorithms;
+
+#ifndef NO_RSA
+ if (l & SSL_kRSA)
+ {
+ RSA *rsa;
+ unsigned char tmp_buf[48];
+
+ if (s->session->cert->rsa_tmp != NULL)
+ rsa=s->session->cert->rsa_tmp;
+ else
+ {
+ pkey=X509_get_pubkey(s->session->cert->pkeys[SSL_PKEY_RSA_ENC].x509);
+ if ((pkey == NULL) ||
+ (pkey->type != EVP_PKEY_RSA) ||
+ (pkey->pkey.rsa == NULL))
+ {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_INTERNAL_ERROR);
+ goto err;
+ }
+ rsa=pkey->pkey.rsa;
+ }
+
+ tmp_buf[0]=s->version>>8;
+ tmp_buf[1]=s->version&0xff;
+ RAND_bytes(&(tmp_buf[2]),SSL_MAX_MASTER_KEY_LENGTH-2);
+
+ s->session->master_key_length=SSL_MAX_MASTER_KEY_LENGTH;
+
+ q=p;
+ /* Fix buf for TLS and beyond */
+ if (s->version > SSL3_VERSION)
+ p+=2;
+ n=RSA_public_encrypt(SSL_MAX_MASTER_KEY_LENGTH,
+ tmp_buf,p,rsa,RSA_PKCS1_PADDING);
+ if (n <= 0)
+ {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_BAD_RSA_ENCRYPT);
+ goto err;
+ }
+
+ /* Fix buf for TLS and beyond */
+ if (s->version > SSL3_VERSION)
+ {
+ s2n(n,q);
+ n+=2;
+ }
+
+ s->session->master_key_length=
+ s->method->ssl3_enc->generate_master_secret(s,
+ s->session->master_key,
+ tmp_buf,48);
+ memset(tmp_buf,0,48);
+ }
+ else
+#endif
+#ifndef NO_DH
+ if (l & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
+ {
+ DH *dh_srvr,*dh_clnt;
+
+ if (s->session->cert->dh_tmp != NULL)
+ dh_srvr=s->session->cert->dh_tmp;
+ else
+ {
+ /* we get them from the cert */
+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_UNABLE_TO_FIND_DH_PARAMETERS);
+ goto err;
+ }
+
+ /* generate a new random key */
+ if ((dh_clnt=DHparams_dup(dh_srvr)) == NULL)
+ {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB);
+ goto err;
+ }
+ if (!DH_generate_key(dh_clnt))
+ {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB);
+ goto err;
+ }
+
+ /* use the 'p' output buffer for the DH key, but
+ * make sure to clear it out afterwards */
+
+ n=DH_compute_key(p,dh_srvr->pub_key,dh_clnt);
+
+ if (n <= 0)
+ {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB);
+ goto err;
+ }
+
+ /* generate master key from the result */
+ s->session->master_key_length=
+ s->method->ssl3_enc->generate_master_secret(s,
+ s->session->master_key,p,n);
+ /* clean up */
+ memset(p,0,n);
+
+ /* send off the data */
+ n=BN_num_bytes(dh_clnt->pub_key);
+ s2n(n,p);
+ BN_bn2bin(dh_clnt->pub_key,p);
+ n+=2;
+
+ DH_free(dh_clnt);
+
+ /* perhaps clean things up a bit EAY EAY EAY EAY*/
+ }
+ else
+#endif
+ {
+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_INTERNAL_ERROR);
+ goto err;
+ }
+
+ *(d++)=SSL3_MT_CLIENT_KEY_EXCHANGE;
+ l2n3(n,d);
+
+ s->state=SSL3_ST_CW_KEY_EXCH_B;
+ /* number of bytes to write */
+ s->init_num=n+4;
+ s->init_off=0;
+ }
+
+ /* SSL3_ST_CW_KEY_EXCH_B */
+ return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
+err:
+ return(-1);
+ }
+
+static int ssl3_send_client_verify(s)
+SSL *s;
+ {
+ unsigned char *p,*d;
+ unsigned char data[MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH];
+ EVP_PKEY *pkey;
+ int i=0;
+ unsigned long n;
+#ifndef NO_DSA
+ int j;
+#endif
+
+ if (s->state == SSL3_ST_CW_CERT_VRFY_A)
+ {
+ d=(unsigned char *)s->init_buf->data;
+ p= &(d[4]);
+ pkey=s->cert->key->privatekey;
+
+ s->method->ssl3_enc->cert_verify_mac(s,&(s->s3->finish_dgst2),
+ &(data[MD5_DIGEST_LENGTH]));
+
+#ifndef NO_RSA
+ if (pkey->type == EVP_PKEY_RSA)
+ {
+ s->method->ssl3_enc->cert_verify_mac(s,
+ &(s->s3->finish_dgst1),&(data[0]));
+ i=RSA_private_encrypt(
+ MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH,
+ data,&(p[2]),pkey->pkey.rsa,
+ RSA_PKCS1_PADDING);
+ if (i <= 0)
+ {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,ERR_R_RSA_LIB);
+ goto err;
+ }
+ s2n(i,p);
+ n=i+2;
+ }
+ else
+#endif
+#ifndef NO_DSA
+ if (pkey->type == EVP_PKEY_DSA)
+ {
+ if (!DSA_sign(pkey->save_type,
+ &(data[MD5_DIGEST_LENGTH]),
+ SHA_DIGEST_LENGTH,&(p[2]),
+ (unsigned int *)&j,pkey->pkey.dsa))
+ {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,ERR_R_DSA_LIB);
+ goto err;
+ }
+ s2n(j,p);
+ n=j+2;
+ }
+ else
+#endif
+ {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,SSL_R_INTERNAL_ERROR);
+ goto err;
+ }
+ *(d++)=SSL3_MT_CERTIFICATE_VERIFY;
+ l2n3(n,d);
+
+ s->init_num=(int)n+4;
+ s->init_off=0;
+ }
+ return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
+err:
+ return(-1);
+ }
+
+static int ssl3_send_client_certificate(s)
+SSL *s;
+ {
+ X509 *x509=NULL;
+ EVP_PKEY *pkey=NULL;
+ int i;
+ unsigned long l;
+
+ if (s->state == SSL3_ST_CW_CERT_A)
+ {
+ if ((s->cert == NULL) ||
+ (s->cert->key->x509 == NULL) ||
+ (s->cert->key->privatekey == NULL))
+ s->state=SSL3_ST_CW_CERT_B;
+ else
+ s->state=SSL3_ST_CW_CERT_C;
+ }
+
+ /* We need to get a client cert */
+ if (s->state == SSL3_ST_CW_CERT_B)
+ {
+ /* If we get an error, we need to
+ * ssl->rwstate=SSL_X509_LOOKUP; return(-1);
+ * We then get retied later */
+ i=0;
+ if (s->ctx->client_cert_cb != NULL)
+ i=s->ctx->client_cert_cb(s,&(x509),&(pkey));
+ if (i < 0)
+ {
+ s->rwstate=SSL_X509_LOOKUP;
+ return(-1);
+ }
+ s->rwstate=SSL_NOTHING;
+ if ((i == 1) && (pkey != NULL) && (x509 != NULL))
+ {
+ s->state=SSL3_ST_CW_CERT_B;
+ if ( !SSL_use_certificate(s,x509) ||
+ !SSL_use_PrivateKey(s,pkey))
+ i=0;
+ }
+ else if (i == 1)
+ {
+ i=0;
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_CERTIFICATE,SSL_R_BAD_DATA_RETURNED_BY_CALLBACK);
+ }
+
+ if (x509 != NULL) X509_free(x509);
+ if (pkey != NULL) EVP_PKEY_free(pkey);
+ if (i == 0)
+ {
+ if (s->version == SSL3_VERSION)
+ {
+ s->s3->tmp.cert_req=0;
+ ssl3_send_alert(s,SSL3_AL_WARNING,SSL_AD_NO_CERTIFICATE);
+ return(1);
+ }
+ else
+ {
+ s->s3->tmp.cert_req=2;
+ }
+ }
+
+ /* Ok, we have a cert */
+ s->state=SSL3_ST_CW_CERT_C;
+ }
+
+ if (s->state == SSL3_ST_CW_CERT_C)
+ {
+ s->state=SSL3_ST_CW_CERT_D;
+ l=ssl3_output_cert_chain(s,
+ (s->s3->tmp.cert_req == 2)?NULL:s->cert->key->x509);
+ s->init_num=(int)l;
+ s->init_off=0;
+ }
+ /* SSL3_ST_CW_CERT_D */
+ return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
+ }
+
+#define has_bits(i,m) (((i)&(m)) == (m))
+
+static int ssl3_check_cert_and_algorithm(s)
+SSL *s;
+ {
+ int i,idx;
+ long algs;
+ EVP_PKEY *pkey=NULL;
+ CERT *c;
+ RSA *rsa;
+ DH *dh;
+
+ c=s->session->cert;
+
+ if (c == NULL)
+ {
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_INTERNAL_ERROR);
+ goto err;
+ }
+
+ algs=s->s3->tmp.new_cipher->algorithms;
+
+ /* we don't have a certificate */
+ if (algs & (SSL_aDH|SSL_aNULL))
+ return(1);
+
+ rsa=s->session->cert->rsa_tmp;
+ dh=s->session->cert->dh_tmp;
+
+ /* This is the passed certificate */
+
+ idx=c->cert_type;
+ pkey=X509_get_pubkey(c->pkeys[idx].x509);
+ i=X509_certificate_type(c->pkeys[idx].x509,pkey);
+
+
+ /* Check that we have a certificate if we require one */
+ if ((algs & SSL_aRSA) && !has_bits(i,EVP_PK_RSA|EVP_PKT_SIGN))
+ {
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_RSA_SIGNING_CERT);
+ goto f_err;
+ }
+#ifndef NO_DSA
+ else if ((algs & SSL_aDSS) && !has_bits(i,EVP_PK_DSA|EVP_PKT_SIGN))
+ {
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DSA_SIGNING_CERT);
+ goto f_err;
+ }
+#endif
+
+ if ((algs & SSL_kRSA) &&
+ !(has_bits(i,EVP_PK_RSA|EVP_PKT_ENC) || (rsa != NULL)))
+ {
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_RSA_ENCRYPTING_CERT);
+ goto f_err;
+ }
+#ifndef NO_DH
+ else if ((algs & SSL_kEDH) &&
+ !(has_bits(i,EVP_PK_DH|EVP_PKT_EXCH) || (dh != NULL)))
+ {
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_KEY);
+ goto f_err;
+ }
+ else if ((algs & SSL_kDHr) && !has_bits(i,EVP_PK_DH|EVP_PKS_RSA))
+ {
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_RSA_CERT);
+ goto f_err;
+ }
+#ifndef NO_DSA
+ else if ((algs & SSL_kDHd) && !has_bits(i,EVP_PK_DH|EVP_PKS_DSA))
+ {
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_DSA_CERT);
+ goto f_err;
+ }
+#endif
+#endif
+
+ if ((algs & SSL_EXP) && !has_bits(i,EVP_PKT_EXP))
+ {
+#ifndef NO_RSA
+ if (algs & SSL_kRSA)
+ {
+ if ((rsa == NULL) || (RSA_size(rsa) > 512))
+ {
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_EXPORT_TMP_RSA_KEY);
+ goto f_err;
+ }
+ }
+ else
+#endif
+#ifndef NO_DH
+ if (algs & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
+ {
+ if ((dh == NULL) || (DH_size(dh) > 512))
+ {
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_EXPORT_TMP_DH_KEY);
+ goto f_err;
+ }
+ }
+ else
+#endif
+ {
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);
+ goto f_err;
+ }
+ }
+ return(1);
+f_err:
+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_HANDSHAKE_FAILURE);
+err:
+ return(0);
+ }
+
diff --git a/src/lib/libssl/src/ssl/s3_enc.c b/src/lib/libssl/src/ssl/s3_enc.c
new file mode 100644
index 0000000000..bbd9b637c5
--- /dev/null
+++ b/src/lib/libssl/src/ssl/s3_enc.c
@@ -0,0 +1,573 @@
+/* ssl/s3_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "evp.h"
+#include "ssl_locl.h"
+
+static unsigned char ssl3_pad_1[48]={
+ 0x36,0x36,0x36,0x36,0x36,0x36,0x36,0x36,
+ 0x36,0x36,0x36,0x36,0x36,0x36,0x36,0x36,
+ 0x36,0x36,0x36,0x36,0x36,0x36,0x36,0x36,
+ 0x36,0x36,0x36,0x36,0x36,0x36,0x36,0x36,
+ 0x36,0x36,0x36,0x36,0x36,0x36,0x36,0x36,
+ 0x36,0x36,0x36,0x36,0x36,0x36,0x36,0x36 };
+
+static unsigned char ssl3_pad_2[48]={
+ 0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,
+ 0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,
+ 0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,
+ 0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,
+ 0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,
+ 0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c };
+
+#ifndef NO_PROTO
+static int ssl3_handshake_mac(SSL *s, EVP_MD_CTX *in_ctx,
+ unsigned char *sender, int len, unsigned char *p);
+#else
+static int ssl3_handshake_mac();
+#endif
+
+static void ssl3_generate_key_block(s,km,num)
+SSL *s;
+unsigned char *km;
+int num;
+ {
+ MD5_CTX m5;
+ SHA_CTX s1;
+ unsigned char buf[8],smd[SHA_DIGEST_LENGTH];
+ unsigned char c='A';
+ int i,j,k;
+
+ k=0;
+ for (i=0; i<num; i+=MD5_DIGEST_LENGTH)
+ {
+ k++;
+ for (j=0; j<k; j++)
+ buf[j]=c;
+ c++;
+ SHA1_Init( &s1);
+ SHA1_Update(&s1,buf,k);
+ SHA1_Update(&s1,s->session->master_key,
+ s->session->master_key_length);
+ SHA1_Update(&s1,s->s3->server_random,SSL3_RANDOM_SIZE);
+ SHA1_Update(&s1,s->s3->client_random,SSL3_RANDOM_SIZE);
+ SHA1_Final( smd,&s1);
+
+ MD5_Init( &m5);
+ MD5_Update(&m5,s->session->master_key,
+ s->session->master_key_length);
+ MD5_Update(&m5,smd,SHA_DIGEST_LENGTH);
+ if ((i+MD5_DIGEST_LENGTH) > num)
+ {
+ MD5_Final(smd,&m5);
+ memcpy(km,smd,(num-i));
+ }
+ else
+ MD5_Final(km,&m5);
+
+ km+=MD5_DIGEST_LENGTH;
+ }
+ memset(smd,0,SHA_DIGEST_LENGTH);
+ }
+
+int ssl3_change_cipher_state(s,which)
+SSL *s;
+int which;
+ {
+ unsigned char *p,*key_block,*mac_secret;
+ unsigned char exp_key[EVP_MAX_KEY_LENGTH];
+ unsigned char exp_iv[EVP_MAX_KEY_LENGTH];
+ unsigned char *ms,*key,*iv,*er1,*er2;
+ EVP_CIPHER_CTX *dd;
+ EVP_CIPHER *c;
+ SSL_COMPRESSION *comp;
+ EVP_MD *m;
+ MD5_CTX md;
+ int exp,n,i,j,k;
+
+ exp=(s->s3->tmp.new_cipher->algorithms & SSL_EXPORT)?1:0;
+ c=s->s3->tmp.new_sym_enc;
+ m=s->s3->tmp.new_hash;
+ comp=s->s3->tmp.new_compression;
+ key_block=s->s3->tmp.key_block;
+
+ if (which & SSL3_CC_READ)
+ {
+ if ((s->enc_read_ctx == NULL) &&
+ ((s->enc_read_ctx=(EVP_CIPHER_CTX *)
+ Malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
+ goto err;
+ dd= s->enc_read_ctx;
+ s->read_hash=m;
+ s->read_compression=comp;
+ memset(&(s->s3->read_sequence[0]),0,8);
+ mac_secret= &(s->s3->read_mac_secret[0]);
+ }
+ else
+ {
+ if ((s->enc_write_ctx == NULL) &&
+ ((s->enc_write_ctx=(EVP_CIPHER_CTX *)
+ Malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
+ goto err;
+ dd= s->enc_write_ctx;
+ s->write_hash=m;
+ s->write_compression=comp;
+ memset(&(s->s3->write_sequence[0]),0,8);
+ mac_secret= &(s->s3->write_mac_secret[0]);
+ }
+
+ EVP_CIPHER_CTX_init(dd);
+
+ p=s->s3->tmp.key_block;
+ i=EVP_MD_size(m);
+ j=(exp)?5:EVP_CIPHER_key_length(c);
+ k=EVP_CIPHER_iv_length(c);
+ if ( (which == SSL3_CHANGE_CIPHER_CLIENT_WRITE) ||
+ (which == SSL3_CHANGE_CIPHER_SERVER_READ))
+ {
+ ms= &(p[ 0]); n=i+i;
+ key= &(p[ n]); n+=j+j;
+ iv= &(p[ n]); n+=k+k;
+ er1= &(s->s3->client_random[0]);
+ er2= &(s->s3->server_random[0]);
+ }
+ else
+ {
+ n=i;
+ ms= &(p[ n]); n+=i+j;
+ key= &(p[ n]); n+=j+k;
+ iv= &(p[ n]); n+=k;
+ er1= &(s->s3->server_random[0]);
+ er2= &(s->s3->client_random[0]);
+ }
+
+ if (n > s->s3->tmp.key_block_length)
+ {
+ SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE,SSL_R_INTERNAL_ERROR);
+ goto err2;
+ }
+
+ memcpy(mac_secret,ms,i);
+ if (exp)
+ {
+ /* In here I set both the read and write key/iv to the
+ * same value since only the correct one will be used :-).
+ */
+ MD5_Init(&md);
+ MD5_Update(&md,key,j);
+ MD5_Update(&md,er1,SSL3_RANDOM_SIZE);
+ MD5_Update(&md,er2,SSL3_RANDOM_SIZE);
+ MD5_Final(&(exp_key[0]),&md);
+ key= &(exp_key[0]);
+
+ if (k > 0)
+ {
+ MD5_Init(&md);
+ MD5_Update(&md,er1,SSL3_RANDOM_SIZE);
+ MD5_Update(&md,er2,SSL3_RANDOM_SIZE);
+ MD5_Final(&(exp_iv[0]),&md);
+ iv= &(exp_iv[0]);
+ }
+ }
+
+ s->session->key_arg_length=0;
+
+ EVP_CipherInit(dd,c,key,iv,(which & SSL3_CC_WRITE));
+
+ memset(&(exp_key[0]),0,sizeof(exp_key));
+ memset(&(exp_iv[0]),0,sizeof(exp_iv));
+ return(1);
+err:
+ SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE,ERR_R_MALLOC_FAILURE);
+err2:
+ return(0);
+ }
+
+int ssl3_setup_key_block(s)
+SSL *s;
+ {
+ unsigned char *p;
+ EVP_CIPHER *c;
+ EVP_MD *hash;
+ int num,exp;
+
+ if (s->s3->tmp.key_block_length != 0)
+ return(1);
+
+ if (!ssl_cipher_get_evp(s->session->cipher,&c,&hash))
+ {
+ SSLerr(SSL_F_SSL3_SETUP_KEY_BLOCK,SSL_R_CIPHER_OR_HASH_UNAVAILABLE);
+ return(0);
+ }
+
+ s->s3->tmp.new_sym_enc=c;
+ s->s3->tmp.new_hash=hash;
+
+ exp=(s->session->cipher->algorithms & SSL_EXPORT)?1:0;
+
+ num=EVP_CIPHER_key_length(c)+EVP_MD_size(hash)+EVP_CIPHER_iv_length(c);
+ num*=2;
+
+ ssl3_cleanup_key_block(s);
+
+ if ((p=(unsigned char *)Malloc(num)) == NULL)
+ goto err;
+
+ s->s3->tmp.key_block_length=num;
+ s->s3->tmp.key_block=p;
+
+ ssl3_generate_key_block(s,p,num);
+
+ return(1);
+err:
+ SSLerr(SSL_F_SSL3_SETUP_KEY_BLOCK,ERR_R_MALLOC_FAILURE);
+ return(0);
+ }
+
+void ssl3_cleanup_key_block(s)
+SSL *s;
+ {
+ if (s->s3->tmp.key_block != NULL)
+ {
+ memset(s->s3->tmp.key_block,0,
+ s->s3->tmp.key_block_length);
+ Free(s->s3->tmp.key_block);
+ s->s3->tmp.key_block=NULL;
+ }
+ s->s3->tmp.key_block_length=0;
+ }
+
+int ssl3_enc(s,send)
+SSL *s;
+int send;
+ {
+ SSL3_RECORD *rec;
+ EVP_CIPHER_CTX *ds;
+ unsigned long l;
+ int bs,i;
+ EVP_CIPHER *enc;
+ SSL_COMPRESSION *comp;
+
+ if (send)
+ {
+ ds=s->enc_write_ctx;
+ rec= &(s->s3->wrec);
+ if (s->enc_write_ctx == NULL)
+ { enc=NULL; comp=NULL; }
+ else
+ {
+ enc=EVP_CIPHER_CTX_cipher(s->enc_write_ctx);
+ comp=s->write_compression;
+ }
+ }
+ else
+ {
+ ds=s->enc_read_ctx;
+ rec= &(s->s3->rrec);
+ if (s->enc_read_ctx == NULL)
+ { enc=NULL; comp=NULL; }
+ else
+ {
+ enc=EVP_CIPHER_CTX_cipher(s->enc_read_ctx);
+ comp=s->read_compression;
+ }
+ }
+
+ if ((s->session == NULL) || (ds == NULL) ||
+ ((enc == NULL) && (comp == NULL)))
+ {
+ memcpy(rec->data,rec->input,rec->length);
+ rec->input=rec->data;
+ }
+ else
+ {
+ l=rec->length;
+ bs=EVP_CIPHER_block_size(ds->cipher);
+
+ /* This should be using (bs-1) and bs instead of 7 and 8 */
+ if ((bs != 1) && send)
+ {
+ i=bs-((int)l%bs);
+
+ /* we need to add 'i-1' padding bytes */
+ l+=i;
+ rec->length+=i;
+ rec->input[l-1]=(i-1);
+ }
+
+ EVP_Cipher(ds,rec->data,rec->input,l);
+
+ if ((bs != 1) && !send)
+ {
+ i=rec->data[l-1]+1;
+ if (i > bs)
+ {
+ SSLerr(SSL_F_SSL3_ENC,SSL_R_BLOCK_CIPHER_PAD_IS_WRONG);
+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECRYPT_ERROR);
+ return(0);
+ }
+ rec->length-=i;
+ }
+ }
+ return(1);
+ }
+
+void ssl3_init_finished_mac(s)
+SSL *s;
+ {
+ EVP_DigestInit(&(s->s3->finish_dgst1),s->ctx->md5);
+ EVP_DigestInit(&(s->s3->finish_dgst2),s->ctx->sha1);
+ }
+
+void ssl3_finish_mac(s,buf,len)
+SSL *s;
+unsigned char *buf;
+int len;
+ {
+ EVP_DigestUpdate(&(s->s3->finish_dgst1),buf,len);
+ EVP_DigestUpdate(&(s->s3->finish_dgst2),buf,len);
+ }
+
+int ssl3_cert_verify_mac(s,ctx,p)
+SSL *s;
+EVP_MD_CTX *ctx;
+unsigned char *p;
+ {
+ return(ssl3_handshake_mac(s,ctx,NULL,0,p));
+ }
+
+int ssl3_final_finish_mac(s,ctx1,ctx2,sender,len,p)
+SSL *s;
+EVP_MD_CTX *ctx1,*ctx2;
+unsigned char *sender;
+int len;
+unsigned char *p;
+ {
+ int ret;
+
+ ret=ssl3_handshake_mac(s,ctx1,sender,len,p);
+ p+=ret;
+ ret+=ssl3_handshake_mac(s,ctx2,sender,len,p);
+ return(ret);
+ }
+
+static int ssl3_handshake_mac(s,in_ctx,sender,len,p)
+SSL *s;
+EVP_MD_CTX *in_ctx;
+unsigned char *sender;
+int len;
+unsigned char *p;
+ {
+ unsigned int ret;
+ int npad,n;
+ unsigned int i;
+ unsigned char md_buf[EVP_MAX_MD_SIZE];
+ EVP_MD_CTX ctx;
+
+ memcpy(&ctx,in_ctx,sizeof(EVP_MD_CTX));
+
+ n=EVP_MD_CTX_size(&ctx);
+ npad=(48/n)*n;
+
+ if (sender != NULL)
+ EVP_DigestUpdate(&ctx,sender,len);
+ EVP_DigestUpdate(&ctx,s->session->master_key,
+ s->session->master_key_length);
+ EVP_DigestUpdate(&ctx,ssl3_pad_1,npad);
+ EVP_DigestFinal(&ctx,md_buf,&i);
+
+ EVP_DigestInit(&ctx,EVP_MD_CTX_type(&ctx));
+ EVP_DigestUpdate(&ctx,s->session->master_key,
+ s->session->master_key_length);
+ EVP_DigestUpdate(&ctx,ssl3_pad_2,npad);
+ EVP_DigestUpdate(&ctx,md_buf,i);
+ EVP_DigestFinal(&ctx,p,&ret);
+
+ memset(&ctx,0,sizeof(EVP_MD_CTX));
+
+ return((int)ret);
+ }
+
+int ssl3_mac(ssl,md,send)
+SSL *ssl;
+unsigned char *md;
+int send;
+ {
+ SSL3_RECORD *rec;
+ unsigned char *mac_sec,*seq;
+ EVP_MD_CTX md_ctx;
+ EVP_MD *hash;
+ unsigned char *p,rec_char;
+ unsigned int md_size;
+ int npad,i;
+
+ if (send)
+ {
+ rec= &(ssl->s3->wrec);
+ mac_sec= &(ssl->s3->write_mac_secret[0]);
+ seq= &(ssl->s3->write_sequence[0]);
+ hash=ssl->write_hash;
+ }
+ else
+ {
+ rec= &(ssl->s3->rrec);
+ mac_sec= &(ssl->s3->read_mac_secret[0]);
+ seq= &(ssl->s3->read_sequence[0]);
+ hash=ssl->read_hash;
+ }
+
+ md_size=EVP_MD_size(hash);
+ npad=(48/md_size)*md_size;
+
+ /* Chop the digest off the end :-) */
+
+ EVP_DigestInit( &md_ctx,hash);
+ EVP_DigestUpdate(&md_ctx,mac_sec,md_size);
+ EVP_DigestUpdate(&md_ctx,ssl3_pad_1,npad);
+ EVP_DigestUpdate(&md_ctx,seq,8);
+ rec_char=rec->type;
+ EVP_DigestUpdate(&md_ctx,&rec_char,1);
+ p=md;
+ s2n(rec->length,p);
+ EVP_DigestUpdate(&md_ctx,md,2);
+ EVP_DigestUpdate(&md_ctx,rec->input,rec->length);
+ EVP_DigestFinal( &md_ctx,md,NULL);
+
+ EVP_DigestInit( &md_ctx,hash);
+ EVP_DigestUpdate(&md_ctx,mac_sec,md_size);
+ EVP_DigestUpdate(&md_ctx,ssl3_pad_2,npad);
+ EVP_DigestUpdate(&md_ctx,md,md_size);
+ EVP_DigestFinal( &md_ctx,md,&md_size);
+
+ for (i=7; i>=0; i--)
+ if (++seq[i]) break;
+
+ return(md_size);
+ }
+
+int ssl3_generate_master_secret(s,out,p,len)
+SSL *s;
+unsigned char *out;
+unsigned char *p;
+int len;
+ {
+ static unsigned char *salt[3]={
+ (unsigned char *)"A",
+ (unsigned char *)"BB",
+ (unsigned char *)"CCC",
+ };
+ unsigned char buf[EVP_MAX_MD_SIZE];
+ EVP_MD_CTX ctx;
+ int i,ret=0;
+ unsigned int n;
+
+ for (i=0; i<3; i++)
+ {
+ EVP_DigestInit(&ctx,s->ctx->sha1);
+ EVP_DigestUpdate(&ctx,salt[i],strlen((char *)salt[i]));
+ EVP_DigestUpdate(&ctx,p,len);
+ EVP_DigestUpdate(&ctx,&(s->s3->client_random[0]),
+ SSL3_RANDOM_SIZE);
+ EVP_DigestUpdate(&ctx,&(s->s3->server_random[0]),
+ SSL3_RANDOM_SIZE);
+ EVP_DigestFinal(&ctx,buf,&n);
+
+ EVP_DigestInit(&ctx,s->ctx->md5);
+ EVP_DigestUpdate(&ctx,p,len);
+ EVP_DigestUpdate(&ctx,buf,n);
+ EVP_DigestFinal(&ctx,out,&n);
+ out+=n;
+ ret+=n;
+ }
+ return(ret);
+ }
+
+int ssl3_alert_code(code)
+int code;
+ {
+ switch (code)
+ {
+ case SSL_AD_CLOSE_NOTIFY: return(SSL3_AD_CLOSE_NOTIFY);
+ case SSL_AD_UNEXPECTED_MESSAGE: return(SSL3_AD_UNEXPECTED_MESSAGE);
+ case SSL_AD_BAD_RECORD_MAC: return(SSL3_AD_BAD_RECORD_MAC);
+ case SSL_AD_DECRYPTION_FAILED: return(SSL3_AD_BAD_RECORD_MAC);
+ case SSL_AD_RECORD_OVERFLOW: return(SSL3_AD_BAD_RECORD_MAC);
+ case SSL_AD_DECOMPRESSION_FAILURE:return(SSL3_AD_DECOMPRESSION_FAILURE);
+ case SSL_AD_HANDSHAKE_FAILURE: return(SSL3_AD_HANDSHAKE_FAILURE);
+ case SSL_AD_NO_CERTIFICATE: return(SSL3_AD_NO_CERTIFICATE);
+ case SSL_AD_BAD_CERTIFICATE: return(SSL3_AD_BAD_CERTIFICATE);
+ case SSL_AD_UNSUPPORTED_CERTIFICATE:return(SSL3_AD_UNSUPPORTED_CERTIFICATE);
+ case SSL_AD_CERTIFICATE_REVOKED:return(SSL3_AD_CERTIFICATE_REVOKED);
+ case SSL_AD_CERTIFICATE_EXPIRED:return(SSL3_AD_CERTIFICATE_EXPIRED);
+ case SSL_AD_CERTIFICATE_UNKNOWN:return(SSL3_AD_CERTIFICATE_UNKNOWN);
+ case SSL_AD_ILLEGAL_PARAMETER: return(SSL3_AD_ILLEGAL_PARAMETER);
+ case SSL_AD_UNKNOWN_CA: return(SSL3_AD_BAD_CERTIFICATE);
+ case SSL_AD_ACCESS_DENIED: return(SSL3_AD_HANDSHAKE_FAILURE);
+ case SSL_AD_DECODE_ERROR: return(SSL3_AD_HANDSHAKE_FAILURE);
+ case SSL_AD_DECRYPT_ERROR: return(SSL3_AD_HANDSHAKE_FAILURE);
+ case SSL_AD_EXPORT_RESTRICION: return(SSL3_AD_HANDSHAKE_FAILURE);
+ case SSL_AD_PROTOCOL_VERSION: return(SSL3_AD_HANDSHAKE_FAILURE);
+ case SSL_AD_INSUFFICIENT_SECURITY:return(SSL3_AD_HANDSHAKE_FAILURE);
+ case SSL_AD_INTERNAL_ERROR: return(SSL3_AD_HANDSHAKE_FAILURE);
+ case SSL_AD_USER_CANCLED: return(SSL3_AD_HANDSHAKE_FAILURE);
+ case SSL_AD_NO_RENEGOTIATION: return(-1); /* Don't send it :-) */
+ default: return(-1);
+ }
+ }
+
diff --git a/src/lib/libssl/src/ssl/s3_lib.c b/src/lib/libssl/src/ssl/s3_lib.c
new file mode 100644
index 0000000000..0fd945025d
--- /dev/null
+++ b/src/lib/libssl/src/ssl/s3_lib.c
@@ -0,0 +1,961 @@
+/* ssl/s3_lib.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "objects.h"
+#include "ssl_locl.h"
+
+char *ssl3_version_str="SSLv3 part of SSLeay 0.9.0b 29-Jun-1998";
+
+#define SSL3_NUM_CIPHERS (sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER))
+
+#ifndef NOPROTO
+static long ssl3_default_timeout(void );
+#else
+static long ssl3_default_timeout();
+#endif
+
+SSL_CIPHER ssl3_ciphers[]={
+/* The RSA ciphers */
+/* Cipher 01 */
+ {
+ 1,
+ SSL3_TXT_RSA_NULL_MD5,
+ SSL3_CK_RSA_NULL_MD5,
+ SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_MD5|SSL_NOT_EXP|SSL_SSLV3,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* Cipher 02 */
+ {
+ 1,
+ SSL3_TXT_RSA_NULL_SHA,
+ SSL3_CK_RSA_NULL_SHA,
+ SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+
+/* anon DH */
+/* Cipher 17 */
+ {
+ 1,
+ SSL3_TXT_ADH_RC4_40_MD5,
+ SSL3_CK_ADH_RC4_40_MD5,
+ SSL_kEDH |SSL_aNULL|SSL_RC4 |SSL_MD5 |SSL_EXP|SSL_SSLV3,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* Cipher 18 */
+ {
+ 1,
+ SSL3_TXT_ADH_RC4_128_MD5,
+ SSL3_CK_ADH_RC4_128_MD5,
+ SSL_kEDH |SSL_aNULL|SSL_RC4 |SSL_MD5|SSL_NOT_EXP|SSL_SSLV3,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* Cipher 19 */
+ {
+ 1,
+ SSL3_TXT_ADH_DES_40_CBC_SHA,
+ SSL3_CK_ADH_DES_40_CBC_SHA,
+ SSL_kEDH |SSL_aNULL|SSL_DES|SSL_SHA1|SSL_EXP|SSL_SSLV3,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* Cipher 1A */
+ {
+ 1,
+ SSL3_TXT_ADH_DES_64_CBC_SHA,
+ SSL3_CK_ADH_DES_64_CBC_SHA,
+ SSL_kEDH |SSL_aNULL|SSL_DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* Cipher 1B */
+ {
+ 1,
+ SSL3_TXT_ADH_DES_192_CBC_SHA,
+ SSL3_CK_ADH_DES_192_CBC_SHA,
+ SSL_kEDH |SSL_aNULL|SSL_3DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+
+/* RSA again */
+/* Cipher 03 */
+ {
+ 1,
+ SSL3_TXT_RSA_RC4_40_MD5,
+ SSL3_CK_RSA_RC4_40_MD5,
+ SSL_kRSA|SSL_aRSA|SSL_RC4 |SSL_MD5 |SSL_EXP|SSL_SSLV3,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* Cipher 04 */
+ {
+ 1,
+ SSL3_TXT_RSA_RC4_128_MD5,
+ SSL3_CK_RSA_RC4_128_MD5,
+ SSL_kRSA|SSL_aRSA|SSL_RC4 |SSL_MD5|SSL_NOT_EXP|SSL_SSLV3|SSL_MEDIUM,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* Cipher 05 */
+ {
+ 1,
+ SSL3_TXT_RSA_RC4_128_SHA,
+ SSL3_CK_RSA_RC4_128_SHA,
+ SSL_kRSA|SSL_aRSA|SSL_RC4 |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_MEDIUM,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* Cipher 06 */
+ {
+ 1,
+ SSL3_TXT_RSA_RC2_40_MD5,
+ SSL3_CK_RSA_RC2_40_MD5,
+ SSL_kRSA|SSL_aRSA|SSL_RC2 |SSL_MD5 |SSL_EXP|SSL_SSLV3,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* Cipher 07 */
+ {
+ 1,
+ SSL3_TXT_RSA_IDEA_128_SHA,
+ SSL3_CK_RSA_IDEA_128_SHA,
+ SSL_kRSA|SSL_aRSA|SSL_IDEA |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_MEDIUM,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* Cipher 08 */
+ {
+ 1,
+ SSL3_TXT_RSA_DES_40_CBC_SHA,
+ SSL3_CK_RSA_DES_40_CBC_SHA,
+ SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_EXP|SSL_SSLV3,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* Cipher 09 */
+ {
+ 1,
+ SSL3_TXT_RSA_DES_64_CBC_SHA,
+ SSL3_CK_RSA_DES_64_CBC_SHA,
+ SSL_kRSA|SSL_aRSA|SSL_DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_LOW,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* Cipher 0A */
+ {
+ 1,
+ SSL3_TXT_RSA_DES_192_CBC3_SHA,
+ SSL3_CK_RSA_DES_192_CBC3_SHA,
+ SSL_kRSA|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_HIGH,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+
+/* The DH ciphers */
+/* Cipher 0B */
+ {
+ 0,
+ SSL3_TXT_DH_DSS_DES_40_CBC_SHA,
+ SSL3_CK_DH_DSS_DES_40_CBC_SHA,
+ SSL_kDHd |SSL_aDH|SSL_DES|SSL_SHA1|SSL_EXP|SSL_SSLV3,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* Cipher 0C */
+ {
+ 0,
+ SSL3_TXT_DH_DSS_DES_64_CBC_SHA,
+ SSL3_CK_DH_DSS_DES_64_CBC_SHA,
+ SSL_kDHd |SSL_aDH|SSL_DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_LOW,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* Cipher 0D */
+ {
+ 0,
+ SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
+ SSL3_CK_DH_DSS_DES_192_CBC3_SHA,
+ SSL_kDHd |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_HIGH,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* Cipher 0E */
+ {
+ 0,
+ SSL3_TXT_DH_RSA_DES_40_CBC_SHA,
+ SSL3_CK_DH_RSA_DES_40_CBC_SHA,
+ SSL_kDHr |SSL_aDH|SSL_DES|SSL_SHA1|SSL_EXP|SSL_SSLV3,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* Cipher 0F */
+ {
+ 0,
+ SSL3_TXT_DH_RSA_DES_64_CBC_SHA,
+ SSL3_CK_DH_RSA_DES_64_CBC_SHA,
+ SSL_kDHr |SSL_aDH|SSL_DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_LOW,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* Cipher 10 */
+ {
+ 0,
+ SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
+ SSL3_CK_DH_RSA_DES_192_CBC3_SHA,
+ SSL_kDHr |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_HIGH,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+
+/* The Ephemeral DH ciphers */
+/* Cipher 11 */
+ {
+ 1,
+ SSL3_TXT_EDH_DSS_DES_40_CBC_SHA,
+ SSL3_CK_EDH_DSS_DES_40_CBC_SHA,
+ SSL_kEDH|SSL_aDSS|SSL_DES|SSL_SHA1|SSL_EXP|SSL_SSLV3,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* Cipher 12 */
+ {
+ 1,
+ SSL3_TXT_EDH_DSS_DES_64_CBC_SHA,
+ SSL3_CK_EDH_DSS_DES_64_CBC_SHA,
+ SSL_kEDH|SSL_aDSS|SSL_DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_LOW,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* Cipher 13 */
+ {
+ 1,
+ SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA,
+ SSL3_CK_EDH_DSS_DES_192_CBC3_SHA,
+ SSL_kEDH|SSL_aDSS|SSL_3DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_HIGH,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* Cipher 14 */
+ {
+ 1,
+ SSL3_TXT_EDH_RSA_DES_40_CBC_SHA,
+ SSL3_CK_EDH_RSA_DES_40_CBC_SHA,
+ SSL_kEDH|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_EXP|SSL_SSLV3,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* Cipher 15 */
+ {
+ 1,
+ SSL3_TXT_EDH_RSA_DES_64_CBC_SHA,
+ SSL3_CK_EDH_RSA_DES_64_CBC_SHA,
+ SSL_kEDH|SSL_aRSA|SSL_DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_LOW,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* Cipher 16 */
+ {
+ 1,
+ SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA,
+ SSL3_CK_EDH_RSA_DES_192_CBC3_SHA,
+ SSL_kEDH|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_HIGH,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+
+/* Fortezza */
+/* Cipher 1C */
+ {
+ 0,
+ SSL3_TXT_FZA_DMS_NULL_SHA,
+ SSL3_CK_FZA_DMS_NULL_SHA,
+ SSL_kFZA|SSL_aFZA |SSL_eNULL |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+
+/* Cipher 1D */
+ {
+ 0,
+ SSL3_TXT_FZA_DMS_FZA_SHA,
+ SSL3_CK_FZA_DMS_FZA_SHA,
+ SSL_kFZA|SSL_aFZA |SSL_eFZA |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+
+/* Cipher 1E */
+ {
+ 0,
+ SSL3_TXT_FZA_DMS_RC4_SHA,
+ SSL3_CK_FZA_DMS_RC4_SHA,
+ SSL_kFZA|SSL_aFZA |SSL_RC4 |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+
+/* end of list */
+ };
+
+static SSL3_ENC_METHOD SSLv3_enc_data={
+ ssl3_enc,
+ ssl3_mac,
+ ssl3_setup_key_block,
+ ssl3_generate_master_secret,
+ ssl3_change_cipher_state,
+ ssl3_final_finish_mac,
+ MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH,
+ ssl3_cert_verify_mac,
+ SSL3_MD_CLIENT_FINISHED_CONST,4,
+ SSL3_MD_SERVER_FINISHED_CONST,4,
+ ssl3_alert_code,
+ };
+
+static SSL_METHOD SSLv3_data= {
+ SSL3_VERSION,
+ ssl3_new,
+ ssl3_clear,
+ ssl3_free,
+ ssl_undefined_function,
+ ssl_undefined_function,
+ ssl3_read,
+ ssl3_peek,
+ ssl3_write,
+ ssl3_shutdown,
+ ssl3_renegotiate,
+ ssl3_ctrl,
+ ssl3_ctx_ctrl,
+ ssl3_get_cipher_by_char,
+ ssl3_put_cipher_by_char,
+ ssl3_pending,
+ ssl3_num_ciphers,
+ ssl3_get_cipher,
+ ssl_bad_method,
+ ssl3_default_timeout,
+ &SSLv3_enc_data,
+ };
+
+static long ssl3_default_timeout()
+ {
+ /* 2 hours, the 24 hours mentioned in the SSLv3 spec
+ * is way too long for http, the cache would over fill */
+ return(60*60*2);
+ }
+
+SSL_METHOD *sslv3_base_method()
+ {
+ return(&SSLv3_data);
+ }
+
+int ssl3_num_ciphers()
+ {
+ return(SSL3_NUM_CIPHERS);
+ }
+
+SSL_CIPHER *ssl3_get_cipher(u)
+unsigned int u;
+ {
+ if (u < SSL3_NUM_CIPHERS)
+ return(&(ssl3_ciphers[SSL3_NUM_CIPHERS-1-u]));
+ else
+ return(NULL);
+ }
+
+/* The problem is that it may not be the correct record type */
+int ssl3_pending(s)
+SSL *s;
+ {
+ return(s->s3->rrec.length);
+ }
+
+int ssl3_new(s)
+SSL *s;
+ {
+ SSL3_CTX *s3;
+
+ if ((s3=(SSL3_CTX *)Malloc(sizeof(SSL3_CTX))) == NULL) goto err;
+ memset(s3,0,sizeof(SSL3_CTX));
+
+ s->s3=s3;
+ /*
+ s->s3->tmp.ca_names=NULL;
+ s->s3->tmp.key_block=NULL;
+ s->s3->tmp.key_block_length=0;
+ s->s3->rbuf.buf=NULL;
+ s->s3->wbuf.buf=NULL;
+ */
+
+ s->method->ssl_clear(s);
+ return(1);
+err:
+ return(0);
+ }
+
+void ssl3_free(s)
+SSL *s;
+ {
+ ssl3_cleanup_key_block(s);
+ if (s->s3->rbuf.buf != NULL)
+ Free(s->s3->rbuf.buf);
+ if (s->s3->wbuf.buf != NULL)
+ Free(s->s3->wbuf.buf);
+#ifndef NO_DH
+ if (s->s3->tmp.dh != NULL)
+ DH_free(s->s3->tmp.dh);
+#endif
+ if (s->s3->tmp.ca_names != NULL)
+ sk_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
+ memset(s->s3,0,sizeof(SSL3_CTX));
+ Free(s->s3);
+ s->s3=NULL;
+ }
+
+void ssl3_clear(s)
+SSL *s;
+ {
+ unsigned char *rp,*wp;
+
+ ssl3_cleanup_key_block(s);
+ if (s->s3->tmp.ca_names != NULL)
+ sk_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
+
+ rp=s->s3->rbuf.buf;
+ wp=s->s3->wbuf.buf;
+
+ memset(s->s3,0,sizeof(SSL3_CTX));
+ if (rp != NULL) s->s3->rbuf.buf=rp;
+ if (wp != NULL) s->s3->wbuf.buf=wp;
+ s->packet_length=0;
+ s->s3->renegotiate=0;
+ s->s3->total_renegotiations=0;
+ s->s3->num_renegotiations=0;
+ s->s3->in_read_app_data=0;
+ s->version=SSL3_VERSION;
+ }
+
+long ssl3_ctrl(s,cmd,larg,parg)
+SSL *s;
+int cmd;
+long larg;
+char *parg;
+ {
+ int ret=0;
+
+ switch (cmd)
+ {
+ case SSL_CTRL_GET_SESSION_REUSED:
+ ret=s->hit;
+ break;
+ case SSL_CTRL_GET_CLIENT_CERT_REQUEST:
+ break;
+ case SSL_CTRL_GET_NUM_RENEGOTIATIONS:
+ ret=s->s3->num_renegotiations;
+ break;
+ case SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS:
+ ret=s->s3->num_renegotiations;
+ s->s3->num_renegotiations=0;
+ break;
+ case SSL_CTRL_GET_TOTAL_RENEGOTIATIONS:
+ ret=s->s3->total_renegotiations;
+ break;
+ default:
+ break;
+ }
+ return(ret);
+ }
+
+long ssl3_ctx_ctrl(ctx,cmd,larg,parg)
+SSL_CTX *ctx;
+int cmd;
+long larg;
+char *parg;
+ {
+ CERT *cert;
+
+ cert=ctx->default_cert;
+
+ switch (cmd)
+ {
+#ifndef NO_RSA
+ case SSL_CTRL_NEED_TMP_RSA:
+ if ( (cert->rsa_tmp == NULL) &&
+ ((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
+ (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8)))
+ )
+ return(1);
+ else
+ return(0);
+ break;
+ case SSL_CTRL_SET_TMP_RSA:
+ {
+ RSA *rsa;
+ int i;
+
+ rsa=(RSA *)parg;
+ i=1;
+ if (rsa == NULL)
+ i=0;
+ else
+ {
+ if ((rsa=RSAPrivateKey_dup(rsa)) == NULL)
+ i=0;
+ }
+ if (!i)
+ {
+ SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_RSA_LIB);
+ return(0);
+ }
+ else
+ {
+ if (cert->rsa_tmp != NULL)
+ RSA_free(cert->rsa_tmp);
+ cert->rsa_tmp=rsa;
+ return(1);
+ }
+ }
+ break;
+ case SSL_CTRL_SET_TMP_RSA_CB:
+ cert->rsa_tmp_cb=(RSA *(*)())parg;
+ break;
+#endif
+#ifndef NO_DH
+ case SSL_CTRL_SET_TMP_DH:
+ {
+ DH *new=NULL,*dh;
+
+ dh=(DH *)parg;
+ if ( ((new=DHparams_dup(dh)) == NULL) ||
+ (!DH_generate_key(new)))
+ {
+ SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB);
+ if (new != NULL) DH_free(new);
+ return(0);
+ }
+ else
+ {
+ if (cert->dh_tmp != NULL)
+ DH_free(cert->dh_tmp);
+ cert->dh_tmp=new;
+ return(1);
+ }
+ }
+ break;
+ case SSL_CTRL_SET_TMP_DH_CB:
+ cert->dh_tmp_cb=(DH *(*)())parg;
+ break;
+#endif
+ default:
+ return(0);
+ }
+ return(1);
+ }
+
+/* This function needs to check if the ciphers required are actually
+ * available */
+SSL_CIPHER *ssl3_get_cipher_by_char(p)
+unsigned char *p;
+ {
+ static int init=1;
+ static SSL_CIPHER *sorted[SSL3_NUM_CIPHERS];
+ SSL_CIPHER c,*cp= &c,**cpp;
+ unsigned long id;
+ int i;
+
+ if (init)
+ {
+ init=0;
+
+ for (i=0; i<SSL3_NUM_CIPHERS; i++)
+ sorted[i]= &(ssl3_ciphers[i]);
+
+ qsort( (char *)sorted,
+ SSL3_NUM_CIPHERS,sizeof(SSL_CIPHER *),
+ FP_ICC ssl_cipher_ptr_id_cmp);
+ }
+
+ id=0x03000000L|((unsigned long)p[0]<<8L)|(unsigned long)p[1];
+ c.id=id;
+ cpp=(SSL_CIPHER **)OBJ_bsearch((char *)&cp,
+ (char *)sorted,
+ SSL3_NUM_CIPHERS,sizeof(SSL_CIPHER *),
+ (int (*)())ssl_cipher_ptr_id_cmp);
+ if ((cpp == NULL) || !(*cpp)->valid)
+ return(NULL);
+ else
+ return(*cpp);
+ }
+
+int ssl3_put_cipher_by_char(c,p)
+SSL_CIPHER *c;
+unsigned char *p;
+ {
+ long l;
+
+ if (p != NULL)
+ {
+ l=c->id;
+ if ((l & 0xff000000) != 0x03000000) return(0);
+ p[0]=((unsigned char)(l>> 8L))&0xFF;
+ p[1]=((unsigned char)(l ))&0xFF;
+ }
+ return(2);
+ }
+
+int ssl3_part_read(s,i)
+SSL *s;
+int i;
+ {
+ s->rwstate=SSL_READING;
+
+ if (i < 0)
+ {
+ return(i);
+ }
+ else
+ {
+ s->init_num+=i;
+ return(0);
+ }
+ }
+
+SSL_CIPHER *ssl3_choose_cipher(s,have,pref)
+SSL *s;
+STACK *have,*pref;
+ {
+ SSL_CIPHER *c,*ret=NULL;
+ int i,j,ok;
+ CERT *cert;
+ unsigned long alg,mask,emask;
+
+ /* Lets see which ciphers we can supported */
+ if (s->cert != NULL)
+ cert=s->cert;
+ else
+ cert=s->ctx->default_cert;
+
+ ssl_set_cert_masks(cert);
+ mask=cert->mask;
+ emask=cert->export_mask;
+
+ sk_set_cmp_func(pref,ssl_cipher_ptr_id_cmp);
+
+ for (i=0; i<sk_num(have); i++)
+ {
+ c=(SSL_CIPHER *)sk_value(have,i);
+ alg=c->algorithms&(SSL_MKEY_MASK|SSL_AUTH_MASK);
+ if (alg & SSL_EXPORT)
+ {
+ ok=((alg & emask) == alg)?1:0;
+#ifdef CIPHER_DEBUG
+ printf("%d:[%08lX:%08lX]%s\n",ok,alg,mask,c->name);
+#endif
+ }
+ else
+ {
+ ok=((alg & mask) == alg)?1:0;
+#ifdef CIPHER_DEBUG
+ printf("%d:[%08lX:%08lX]%s\n",ok,alg,mask,c->name);
+#endif
+ }
+
+ if (!ok) continue;
+
+ j=sk_find(pref,(char *)c);
+ if (j >= 0)
+ {
+ ret=(SSL_CIPHER *)sk_value(pref,j);
+ break;
+ }
+ }
+ return(ret);
+ }
+
+int ssl3_get_req_cert_type(s,p)
+SSL *s;
+unsigned char *p;
+ {
+ int ret=0;
+ unsigned long alg;
+
+ alg=s->s3->tmp.new_cipher->algorithms;
+
+#ifndef NO_DH
+ if (alg & (SSL_kDHr|SSL_kEDH))
+ {
+#ifndef NO_RSA
+ p[ret++]=SSL3_CT_RSA_FIXED_DH;
+#endif
+#ifndef NO_DSA
+ p[ret++]=SSL3_CT_DSS_FIXED_DH;
+#endif
+ }
+ if ((s->version == SSL3_VERSION) &&
+ (alg & (SSL_kEDH|SSL_kDHd|SSL_kDHr)))
+ {
+#ifndef NO_RSA
+ p[ret++]=SSL3_CT_RSA_EPHEMERAL_DH;
+#endif
+#ifndef NO_DSA
+ p[ret++]=SSL3_CT_DSS_EPHEMERAL_DH;
+#endif
+ }
+#endif /* !NO_DH */
+#ifndef NO_RSA
+ p[ret++]=SSL3_CT_RSA_SIGN;
+#endif
+ p[ret++]=SSL3_CT_DSS_SIGN;
+ return(ret);
+ }
+
+int ssl3_shutdown(s)
+SSL *s;
+ {
+
+ /* Don't do anything much if we have not done the handshake or
+ * we don't want to send messages :-) */
+ if ((s->quiet_shutdown) || (s->state == SSL_ST_BEFORE))
+ {
+ s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
+ return(1);
+ }
+
+ if (!(s->shutdown & SSL_SENT_SHUTDOWN))
+ {
+ s->shutdown|=SSL_SENT_SHUTDOWN;
+#if 1
+ ssl3_send_alert(s,SSL3_AL_WARNING,SSL_AD_CLOSE_NOTIFY);
+#endif
+ /* our shutdown alert has been sent now, and if it still needs
+ * to be written, s->s3->alert_dispatch will be true */
+ }
+ else if (s->s3->alert_dispatch)
+ {
+ /* resend it if not sent */
+#if 1
+ ssl3_dispatch_alert(s);
+#endif
+ }
+ else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN))
+ {
+ /* If we are waiting for a close from our peer, we are closed */
+ ssl3_read_bytes(s,0,NULL,0);
+ }
+
+ if ((s->shutdown == (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN)) &&
+ !s->s3->alert_dispatch)
+ return(1);
+ else
+ return(0);
+ }
+
+int ssl3_write(s,buf,len)
+SSL *s;
+char *buf;
+int len;
+ {
+ int ret,n;
+ BIO *under;
+
+#if 0
+ if (s->shutdown & SSL_SEND_SHUTDOWN)
+ {
+ s->rwstate=SSL_NOTHING;
+ return(0);
+ }
+#endif
+ clear_sys_error();
+ if (s->s3->renegotiate) ssl3_renegotiate_check(s);
+
+ /* This is an experimental flag that sends the
+ * last handshake message in the same packet as the first
+ * use data - used to see if it helps the TCP protocol during
+ * session-id reuse */
+ /* The second test is because the buffer may have been removed */
+ if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio))
+ {
+ /* First time through, we write into the buffer */
+ if (s->s3->delay_buf_pop_ret == 0)
+ {
+ ret=ssl3_write_bytes(s,SSL3_RT_APPLICATION_DATA,
+ (char *)buf,len);
+ if (ret <= 0) return(ret);
+
+ s->s3->delay_buf_pop_ret=ret;
+ }
+
+ s->rwstate=SSL_WRITING;
+ n=BIO_flush(s->wbio);
+ if (n <= 0) return(n);
+ s->rwstate=SSL_NOTHING;
+
+ /* We have flushed the buffer */
+ under=BIO_pop(s->wbio);
+ s->wbio=under;
+ BIO_free(s->bbio);
+ s->bbio=NULL;
+ ret=s->s3->delay_buf_pop_ret;
+ s->s3->delay_buf_pop_ret=0;
+
+ s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER;
+ }
+ else
+ {
+ ret=ssl3_write_bytes(s,SSL3_RT_APPLICATION_DATA,
+ (char *)buf,len);
+ if (ret <= 0) return(ret);
+ }
+
+ return(ret);
+ }
+
+int ssl3_read(s,buf,len)
+SSL *s;
+char *buf;
+int len;
+ {
+ int ret;
+
+ clear_sys_error();
+ if (s->s3->renegotiate) ssl3_renegotiate_check(s);
+ s->s3->in_read_app_data=1;
+ ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len);
+ if ((ret == -1) && (s->s3->in_read_app_data == 0))
+ {
+ ERR_get_error(); /* clear the error */
+ s->s3->in_read_app_data=0;
+ s->in_handshake++;
+ ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len);
+ s->in_handshake--;
+ }
+ else
+ s->s3->in_read_app_data=0;
+
+ return(ret);
+ }
+
+int ssl3_peek(s,buf,len)
+SSL *s;
+char *buf;
+int len;
+ {
+ SSL3_RECORD *rr;
+ int n;
+
+ rr= &(s->s3->rrec);
+ if ((rr->length == 0) || (rr->type != SSL3_RT_APPLICATION_DATA))
+ {
+ n=ssl3_read(s,buf,1);
+ if (n <= 0) return(n);
+ rr->length++;
+ rr->off--;
+ }
+
+ if ((unsigned int)len > rr->length)
+ n=rr->length;
+ else
+ n=len;
+ memcpy(buf,&(rr->data[rr->off]),(unsigned int)n);
+ return(n);
+ }
+
+int ssl3_renegotiate(s)
+SSL *s;
+ {
+ if (s->handshake_func == NULL)
+ return(1);
+
+ if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)
+ return(0);
+
+ s->s3->renegotiate=1;
+ return(1);
+ }
+
+int ssl3_renegotiate_check(s)
+SSL *s;
+ {
+ int ret=0;
+
+ if (s->s3->renegotiate)
+ {
+ if ( (s->s3->rbuf.left == 0) &&
+ (s->s3->wbuf.left == 0) &&
+ !SSL_in_init(s))
+ {
+/*
+if we are the server, and we have sent a 'RENEGOTIATE' message, we
+need to go to SSL_ST_ACCEPT.�
+*/
+ /* SSL_ST_ACCEPT */
+ s->state=SSL_ST_RENEGOTIATE;
+ s->s3->renegotiate=0;
+ s->s3->num_renegotiations++;
+ s->s3->total_renegotiations++;
+ ret=1;
+ }
+ }
+ return(ret);
+ }
+
+
diff --git a/src/lib/libssl/src/ssl/s3_meth.c b/src/lib/libssl/src/ssl/s3_meth.c
new file mode 100644
index 0000000000..3d66b4643a
--- /dev/null
+++ b/src/lib/libssl/src/ssl/s3_meth.c
@@ -0,0 +1,88 @@
+/* ssl/s3_meth.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "objects.h"
+#include "ssl_locl.h"
+
+static SSL_METHOD *ssl3_get_method(ver)
+int ver;
+ {
+ if (ver == SSL3_VERSION)
+ return(SSLv3_method());
+ else
+ return(NULL);
+ }
+
+SSL_METHOD *SSLv3_method()
+ {
+ static int init=1;
+ static SSL_METHOD SSLv3_data;
+
+ if (init)
+ {
+ init=0;
+ memcpy((char *)&SSLv3_data,(char *)sslv3_base_method(),
+ sizeof(SSL_METHOD));
+ SSLv3_data.ssl_connect=ssl3_connect;
+ SSLv3_data.ssl_accept=ssl3_accept;
+ SSLv3_data.get_ssl_method=ssl3_get_method;
+ }
+ return(&SSLv3_data);
+ }
+
diff --git a/src/lib/libssl/src/ssl/s3_pkt.c b/src/lib/libssl/src/ssl/s3_pkt.c
new file mode 100644
index 0000000000..2385080347
--- /dev/null
+++ b/src/lib/libssl/src/ssl/s3_pkt.c
@@ -0,0 +1,1061 @@
+/* ssl/s3_pkt.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#define USE_SOCKETS
+#include "evp.h"
+#include "buffer.h"
+#include "ssl_locl.h"
+
+/* SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CIPHER);
+ * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CERTIFICATE);
+ * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_PEER_ERROR_CERTIFICATE);
+ * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE);
+ * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_UNKNOWN_REMOTE_ERROR_TYPE);
+ * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE);
+ * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_BAD_RECORD_MAC);
+ * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE);
+ * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE);
+ * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_NO_CERTIFICATE);
+ * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_BAD_CERTIFICATE);
+ * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE);
+ * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED);
+ * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED);
+ * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN);
+ * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER);
+ */
+
+#ifndef NOPROTO
+static int do_ssl3_write(SSL *s, int type, char *buf, unsigned int len);
+static int ssl3_write_pending(SSL *s, int type, char *buf, unsigned int len);
+static int ssl3_get_record(SSL *s);
+static int do_compress(SSL *ssl);
+static int do_uncompress(SSL *ssl);
+static int do_change_cipher_spec(SSL *ssl);
+#else
+static int do_ssl3_write();
+static int ssl3_write_pending();
+static int ssl3_get_record();
+static int do_compress();
+static int do_uncompress();
+static int do_change_cipher_spec();
+#endif
+
+static int ssl3_read_n(s,n,max,extend)
+SSL *s;
+int n;
+int max;
+int extend;
+ {
+ int i,off,newb;
+
+ /* if there is stuff still in the buffer from a previous read,
+ * and there is more than we want, take some. */
+ if (s->s3->rbuf.left >= (int)n)
+ {
+ if (extend)
+ s->packet_length+=n;
+ else
+ {
+ s->packet= &(s->s3->rbuf.buf[s->s3->rbuf.offset]);
+ s->packet_length=n;
+ }
+ s->s3->rbuf.left-=n;
+ s->s3->rbuf.offset+=n;
+ return(n);
+ }
+
+ /* else we need to read more data */
+ if (!s->read_ahead) max=n;
+ if (max > SSL3_RT_MAX_PACKET_SIZE)
+ max=SSL3_RT_MAX_PACKET_SIZE;
+
+ /* First check if there is some left or we want to extend */
+ off=0;
+ if ( (s->s3->rbuf.left != 0) ||
+ ((s->packet_length != 0) && extend))
+ {
+ newb=s->s3->rbuf.left;
+ if (extend)
+ {
+ /* Copy bytes back to the front of the buffer
+ * Take the bytes already pointed to by 'packet'
+ * and take the extra ones on the end. */
+ off=s->packet_length;
+ if (s->packet != s->s3->rbuf.buf)
+ memcpy(s->s3->rbuf.buf,s->packet,newb+off);
+ }
+ else if (s->s3->rbuf.offset != 0)
+ { /* so the data is not at the start of the buffer */
+ memcpy(s->s3->rbuf.buf,
+ &(s->s3->rbuf.buf[s->s3->rbuf.offset]),newb);
+ s->s3->rbuf.offset=0;
+ }
+
+ s->s3->rbuf.left=0;
+ }
+ else
+ newb=0;
+
+ /* So we now have 'newb' bytes at the front of
+ * s->s3->rbuf.buf and need to read some more in on the end
+ * We start reading into the buffer at 's->s3->rbuf.offset'
+ */
+ s->packet=s->s3->rbuf.buf;
+
+ while (newb < n)
+ {
+ clear_sys_error();
+ if (s->rbio != NULL)
+ {
+ s->rwstate=SSL_READING;
+ i=BIO_read(s->rbio,
+ (char *)&(s->s3->rbuf.buf[off+newb]),
+ max-newb);
+ }
+ else
+ {
+ SSLerr(SSL_F_SSL3_READ_N,SSL_R_READ_BIO_NOT_SET);
+ i= -1;
+ }
+
+ if (i <= 0)
+ {
+ s->s3->rbuf.left+=newb;
+ return(i);
+ }
+ newb+=i;
+ }
+
+ /* record used data read */
+ if (newb > n)
+ {
+ s->s3->rbuf.offset=n+off;
+ s->s3->rbuf.left=newb-n;
+ }
+ else
+ {
+ s->s3->rbuf.offset=0;
+ s->s3->rbuf.left=0;
+ }
+
+ if (extend)
+ s->packet_length+=n;
+ else
+ s->packet_length+=n;
+ return(n);
+ }
+
+/* Call this to get a new input record.
+ * It will return <= 0 if more data is needed, normally due to an error
+ * or non-blocking IO.
+ * When it finishes, one packet has been decoded and can be found in
+ * ssl->s3->rrec.type - is the type of record
+ * ssl->s3->rrec.data, - data
+ * ssl->s3->rrec.length, - number of bytes
+ */
+static int ssl3_get_record(s)
+SSL *s;
+ {
+ char tmp_buf[512];
+ int ssl_major,ssl_minor,al;
+ int n,i,ret= -1;
+ SSL3_BUFFER *rb;
+ SSL3_RECORD *rr;
+ SSL_SESSION *sess;
+ unsigned char *p;
+ unsigned char md[EVP_MAX_MD_SIZE];
+ short version;
+ unsigned int mac_size;
+ int clear=0,extra;
+
+ rr= &(s->s3->rrec);
+ rb= &(s->s3->rbuf);
+ sess=s->session;
+
+ if (s->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER)
+ extra=SSL3_RT_MAX_EXTRA;
+ else
+ extra=0;
+
+again:
+ /* check if we have the header */
+ if ( (s->rstate != SSL_ST_READ_BODY) ||
+ (s->packet_length < SSL3_RT_HEADER_LENGTH))
+ {
+ n=ssl3_read_n(s,SSL3_RT_HEADER_LENGTH,
+ SSL3_RT_MAX_PACKET_SIZE,0);
+ if (n <= 0) return(n); /* error or non-blocking */
+ s->rstate=SSL_ST_READ_BODY;
+
+ p=s->packet;
+
+ /* Pull apart the header into the SSL3_RECORD */
+ rr->type= *(p++);
+ ssl_major= *(p++);
+ ssl_minor= *(p++);
+ version=(ssl_major<<8)|ssl_minor;
+ n2s(p,rr->length);
+
+ /* Lets check version */
+ if (s->first_packet)
+ {
+ s->first_packet=0;
+ }
+ else
+ {
+ if (version != s->version)
+ {
+ SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER);
+ /* Send back error using their
+ * version number :-) */
+ s->version=version;
+ al=SSL_AD_PROTOCOL_VERSION;
+ goto f_err;
+ }
+ }
+
+ if ((version>>8) != SSL3_VERSION_MAJOR)
+ {
+ SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER);
+ goto err;
+ }
+
+ if (rr->length >
+ (unsigned int)SSL3_RT_MAX_ENCRYPTED_LENGTH+extra)
+ {
+ al=SSL_AD_RECORD_OVERFLOW;
+ SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_PACKET_LENGTH_TOO_LONG);
+ goto f_err;
+ }
+
+ s->rstate=SSL_ST_READ_BODY;
+ }
+
+ /* get and decode the data */
+ if (s->rstate == SSL_ST_READ_BODY)
+ {
+ if (rr->length > (s->packet_length-SSL3_RT_HEADER_LENGTH))
+ {
+ i=rr->length;
+ /*-(s->packet_length-SSL3_RT_HEADER_LENGTH); */
+ n=ssl3_read_n(s,i,i,1);
+ if (n <= 0) return(n); /* error or non-blocking io */
+ }
+ s->rstate=SSL_ST_READ_HEADER;
+ }
+
+ /* At this point, we have the data in s->packet and there should be
+ * s->packet_length bytes, we must not 'overrun' this buffer :-)
+ * One of the following functions will copy the data from the
+ * s->packet buffer */
+
+ rr->input= &(s->packet[SSL3_RT_HEADER_LENGTH]);
+
+ /* ok, we can now read from 's->packet' data into 'rr'
+ * rr->input points at rr->length bytes, which
+ * need to be copied into rr->data by either
+ * the decryption or by the decompression
+ * When the data is 'copied' into the rr->data buffer,
+ * rr->input will be pointed at the new buffer */
+
+ /* Set the state for the following operations */
+ s->rstate=SSL_ST_READ_HEADER;
+
+ /* We now have - encrypted [ MAC [ compressed [ plain ] ] ]
+ * rr->length bytes of encrypted compressed stuff. */
+
+ /* check is not needed I belive */
+ if (rr->length > (unsigned int)SSL3_RT_MAX_ENCRYPTED_LENGTH+extra)
+ {
+ al=SSL_AD_RECORD_OVERFLOW;
+ SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_ENCRYPTED_LENGTH_TOO_LONG);
+ goto f_err;
+ }
+
+ /* decrypt in place in 'rr->input' */
+ rr->data=rr->input;
+ memcpy(tmp_buf,rr->input,(rr->length > 512)?512:rr->length);
+
+ if (!s->method->ssl3_enc->enc(s,0))
+ {
+ al=SSL_AD_DECRYPT_ERROR;
+ goto f_err;
+ }
+#ifdef TLS_DEBUG
+printf("dec %d\n",rr->length);
+{ int z; for (z=0; z<rr->length; z++) printf("%02X%c",rr->data[z],((z+1)%16)?' ':'\n'); }
+printf("\n");
+#endif
+ /* r->length is now the compressed data plus mac */
+ if ( (sess == NULL) ||
+ (s->enc_read_ctx == NULL) ||
+ (s->read_hash == NULL))
+ clear=1;
+
+ if (!clear)
+ {
+ mac_size=EVP_MD_size(s->read_hash);
+
+ if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+extra+mac_size)
+ {
+ al=SSL_AD_RECORD_OVERFLOW;
+ SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_PRE_MAC_LENGTH_TOO_LONG);
+ goto f_err;
+ }
+ /* check MAC for rr->input' */
+ if (rr->length < mac_size)
+ {
+ al=SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_LENGTH_TOO_SHORT);
+ goto f_err;
+ }
+ rr->length-=mac_size;
+ i=s->method->ssl3_enc->mac(s,md,0);
+ if (memcmp(md,&(rr->data[rr->length]),mac_size) != 0)
+ {
+ al=SSL_AD_BAD_RECORD_MAC;
+ SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_BAD_MAC_DECODE);
+ ret= -1;
+ goto f_err;
+ }
+ }
+
+ /* r->length is now just compressed */
+ if ((sess != NULL) && (sess->read_compression != NULL))
+ {
+ if (rr->length >
+ (unsigned int)SSL3_RT_MAX_COMPRESSED_LENGTH+extra)
+ {
+ al=SSL_AD_RECORD_OVERFLOW;
+ SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_COMPRESSED_LENGTH_TOO_LONG);
+ goto f_err;
+ }
+ if (!do_uncompress(s))
+ {
+ al=SSL_AD_DECOMPRESSION_FAILURE;
+ SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_BAD_DECOMPRESSION);
+ goto f_err;
+ }
+ }
+
+ if (rr->length > (unsigned int)SSL3_RT_MAX_PLAIN_LENGTH+extra)
+ {
+ al=SSL_AD_RECORD_OVERFLOW;
+ SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_DATA_LENGTH_TOO_LONG);
+ goto f_err;
+ }
+
+ rr->off=0;
+ /* So at this point the following is true
+ * ssl->s3->rrec.type is the type of record
+ * ssl->s3->rrec.length == number of bytes in record
+ * ssl->s3->rrec.off == offset to first valid byte
+ * ssl->s3->rrec.data == where to take bytes from, increment
+ * after use :-).
+ */
+
+ /* we have pulled in a full packet so zero things */
+ s->packet_length=0;
+
+ /* just read a 0 length packet */
+ if (rr->length == 0) goto again;
+
+ return(1);
+f_err:
+ ssl3_send_alert(s,SSL3_AL_FATAL,al);
+err:
+ return(ret);
+ }
+
+static int do_uncompress(ssl)
+SSL *ssl;
+ {
+ return(1);
+ }
+
+static int do_compress(ssl)
+SSL *ssl;
+ {
+ return(1);
+ }
+
+/* Call this to write data
+ * It will return <= 0 if not all data has been sent or non-blocking IO.
+ */
+int ssl3_write_bytes(s,type,buf,len)
+SSL *s;
+int type;
+char *buf;
+int len;
+ {
+ unsigned int tot,n,nw;
+ int i;
+
+ s->rwstate=SSL_NOTHING;
+ tot=s->s3->wnum;
+ s->s3->wnum=0;
+
+ if (SSL_in_init(s) && !s->in_handshake)
+ {
+ i=s->handshake_func(s);
+ if (i < 0) return(i);
+ if (i == 0)
+ {
+ SSLerr(SSL_F_SSL3_WRITE_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE);
+ return(-1);
+ }
+ }
+
+ n=(len-tot);
+ for (;;)
+ {
+ if (n > SSL3_RT_MAX_PLAIN_LENGTH)
+ nw=SSL3_RT_MAX_PLAIN_LENGTH;
+ else
+ nw=n;
+
+ i=do_ssl3_write(s,type,&(buf[tot]),nw);
+ if (i <= 0)
+ {
+ s->s3->wnum=tot;
+ return(i);
+ }
+
+ if (type == SSL3_RT_HANDSHAKE)
+ ssl3_finish_mac(s,(unsigned char *)&(buf[tot]),i);
+
+ if (i == (int)n) return(tot+i);
+
+ n-=i;
+ tot+=i;
+ }
+ }
+
+static int do_ssl3_write(s,type,buf,len)
+SSL *s;
+int type;
+char *buf;
+unsigned int len;
+ {
+ unsigned char *p,*plen;
+ int i,mac_size,clear=0;
+ SSL3_RECORD *wr;
+ SSL3_BUFFER *wb;
+ SSL_SESSION *sess;
+
+ /* first check is there is a SSL3_RECORD still being written
+ * out. This will happen with non blocking IO */
+ if (s->s3->wbuf.left != 0)
+ return(ssl3_write_pending(s,type,buf,len));
+
+ /* If we have an alert to send, lets send it */
+ if (s->s3->alert_dispatch)
+ {
+ i=ssl3_dispatch_alert(s);
+ if (i <= 0)
+ return(i);
+ /* if it went, fall through and send more stuff */
+ }
+
+ if (len <= 0) return(len);
+
+ wr= &(s->s3->wrec);
+ wb= &(s->s3->wbuf);
+ sess=s->session;
+
+ if ( (sess == NULL) ||
+ (s->enc_write_ctx == NULL) ||
+ (s->write_hash == NULL))
+ clear=1;
+
+ if (clear)
+ mac_size=0;
+ else
+ mac_size=EVP_MD_size(s->write_hash);
+
+ p=wb->buf;
+
+ /* write the header */
+ *(p++)=type&0xff;
+ wr->type=type;
+
+ *(p++)=(s->version>>8);
+ *(p++)=s->version&0xff;
+
+ /* record where we are to write out packet length */
+ plen=p;
+ p+=2;
+
+ /* lets setup the record stuff. */
+ wr->data=p;
+ wr->length=(int)len;
+ wr->input=(unsigned char *)buf;
+
+ /* we now 'read' from wr->input, wr->length bytes into
+ * wr->data */
+
+ /* first we compress */
+ if ((sess != NULL) && (sess->write_compression != NULL))
+ {
+ if (!do_compress(s))
+ {
+ SSLerr(SSL_F_DO_SSL3_WRITE,SSL_R_COMPRESSION_FAILURE);
+ goto err;
+ }
+ }
+ else
+ {
+ memcpy(wr->data,wr->input,wr->length);
+ wr->input=wr->data;
+ }
+
+ /* we should still have the output to wr->data and the input
+ * from wr->input. Length should be wr->length.
+ * wr->data still points in the wb->buf */
+
+ if (mac_size != 0)
+ {
+ s->method->ssl3_enc->mac(s,&(p[wr->length]),1);
+ wr->length+=mac_size;
+ wr->input=p;
+ wr->data=p;
+ }
+
+ /* ssl3_enc can only have an error on read */
+ s->method->ssl3_enc->enc(s,1);
+
+ /* record length after mac and block padding */
+ s2n(wr->length,plen);
+
+ /* we should now have
+ * wr->data pointing to the encrypted data, which is
+ * wr->length long */
+ wr->type=type; /* not needed but helps for debugging */
+ wr->length+=SSL3_RT_HEADER_LENGTH;
+
+ /* Now lets setup wb */
+ wb->left=wr->length;
+ wb->offset=0;
+
+ s->s3->wpend_tot=len;
+ s->s3->wpend_buf=buf;
+ s->s3->wpend_type=type;
+ s->s3->wpend_ret=len;
+
+ /* we now just need to write the buffer */
+ return(ssl3_write_pending(s,type,buf,len));
+err:
+ return(-1);
+ }
+
+/* if s->s3->wbuf.left != 0, we need to call this */
+static int ssl3_write_pending(s,type,buf,len)
+SSL *s;
+int type;
+char *buf;
+unsigned int len;
+ {
+ int i;
+
+/* XXXX */
+ if ((s->s3->wpend_tot > (int)len) || (s->s3->wpend_buf != buf)
+ || (s->s3->wpend_type != type))
+ {
+ SSLerr(SSL_F_SSL3_WRITE_PENDING,SSL_R_BAD_WRITE_RETRY);
+ return(-1);
+ }
+
+ for (;;)
+ {
+ clear_sys_error();
+ if (s->wbio != NULL)
+ {
+ s->rwstate=SSL_WRITING;
+ i=BIO_write(s->wbio,
+ (char *)&(s->s3->wbuf.buf[s->s3->wbuf.offset]),
+ (unsigned int)s->s3->wbuf.left);
+ }
+ else
+ {
+ SSLerr(SSL_F_SSL3_WRITE_PENDING,SSL_R_BIO_NOT_SET);
+ i= -1;
+ }
+ if (i == s->s3->wbuf.left)
+ {
+ s->s3->wbuf.left=0;
+ s->rwstate=SSL_NOTHING;
+ return(s->s3->wpend_ret);
+ }
+ else if (i <= 0)
+ return(i);
+ s->s3->wbuf.offset+=i;
+ s->s3->wbuf.left-=i;
+ }
+ }
+
+int ssl3_read_bytes(s,type,buf,len)
+SSL *s;
+int type;
+char *buf;
+int len;
+ {
+ int al,i,j,n,ret;
+ SSL3_RECORD *rr;
+ void (*cb)()=NULL;
+ BIO *bio;
+
+ if (s->s3->rbuf.buf == NULL) /* Not initalised yet */
+ if (!ssl3_setup_buffers(s))
+ return(-1);
+
+ if (!s->in_handshake && SSL_in_init(s))
+ {
+ i=s->handshake_func(s);
+ if (i < 0) return(i);
+ if (i == 0)
+ {
+ SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE);
+ return(-1);
+ }
+ }
+start:
+ s->rwstate=SSL_NOTHING;
+
+ /* s->s3->rrec.type - is the type of record
+ * s->s3->rrec.data, - data
+ * s->s3->rrec.off, - ofset into 'data' for next read
+ * s->s3->rrec.length, - number of bytes. */
+ rr= &(s->s3->rrec);
+
+ /* get new packet */
+ if ((rr->length == 0) || (s->rstate == SSL_ST_READ_BODY))
+ {
+ ret=ssl3_get_record(s);
+ if (ret <= 0) return(ret);
+ }
+
+ /* we now have a packet which can be read and processed */
+
+ if (s->s3->change_cipher_spec && (rr->type != SSL3_RT_HANDSHAKE))
+ {
+ al=SSL_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_DATA_BETWEEN_CCS_AND_FINISHED);
+ goto err;
+ }
+
+ /* If the other end has shutdown, throw anything we read away */
+ if (s->shutdown & SSL_RECEIVED_SHUTDOWN)
+ {
+ rr->length=0;
+ s->rwstate=SSL_NOTHING;
+ return(0);
+ }
+
+ /* Check for an incoming 'Client Request' message */
+ if ((rr->type == SSL3_RT_HANDSHAKE) && (rr->length == 4) &&
+ (rr->data[0] == SSL3_MT_CLIENT_REQUEST) &&
+ (s->session != NULL) && (s->session->cipher != NULL))
+ {
+ if ((rr->data[1] != 0) || (rr->data[2] != 0) ||
+ (rr->data[3] != 0))
+ {
+ al=SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_BAD_CLIENT_REQUEST);
+ goto err;
+ }
+
+ if (SSL_is_init_finished(s) &&
+ !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) &&
+ !s->s3->renegotiate)
+ {
+ ssl3_renegotiate(s);
+ if (ssl3_renegotiate_check(s))
+ {
+ n=s->handshake_func(s);
+ if (n < 0) return(n);
+ if (n == 0)
+ {
+ SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE);
+ return(-1);
+ }
+ }
+ }
+ rr->length=0;
+/* ZZZ */ goto start;
+ }
+
+ /* if it is not the type we want, or we have shutdown and want
+ * the peer shutdown */
+ if ((rr->type != type) || (s->shutdown & SSL_SENT_SHUTDOWN))
+ {
+ if (rr->type == SSL3_RT_ALERT)
+ {
+ if ((rr->length != 2) || (rr->off != 0))
+ {
+ al=SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_BAD_ALERT_RECORD);
+ goto f_err;
+ }
+
+ i=rr->data[0];
+ n=rr->data[1];
+
+ /* clear from buffer */
+ rr->length=0;
+
+ if (s->info_callback != NULL)
+ cb=s->info_callback;
+ else if (s->ctx->info_callback != NULL)
+ cb=s->ctx->info_callback;
+
+ if (cb != NULL)
+ {
+ j=(i<<8)|n;
+ cb(s,SSL_CB_READ_ALERT,j);
+ }
+
+ if (i == 1)
+ {
+ s->s3->warn_alert=n;
+ if (n == SSL_AD_CLOSE_NOTIFY)
+ {
+ s->shutdown|=SSL_RECEIVED_SHUTDOWN;
+ return(0);
+ }
+ }
+ else if (i == 2)
+ {
+ char tmp[16];
+
+ s->rwstate=SSL_NOTHING;
+ s->s3->fatal_alert=n;
+ SSLerr(SSL_F_SSL3_READ_BYTES,1000+n);
+ sprintf(tmp,"%d",n);
+ ERR_add_error_data(2,"SSL alert number ",tmp);
+ s->shutdown|=SSL_RECEIVED_SHUTDOWN;
+ SSL_CTX_remove_session(s->ctx,s->session);
+ return(0);
+ }
+ else
+ {
+ al=SSL_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_UNKNOWN_ALERT_TYPE);
+ goto f_err;
+ }
+
+ rr->length=0;
+ goto start;
+ }
+
+ if (s->shutdown & SSL_SENT_SHUTDOWN)
+ {
+ s->rwstate=SSL_NOTHING;
+ rr->length=0;
+ return(0);
+ }
+
+ if (rr->type == SSL3_RT_CHANGE_CIPHER_SPEC)
+ {
+ if ( (rr->length != 1) || (rr->off != 0) ||
+ (rr->data[0] != SSL3_MT_CCS))
+ {
+ i=SSL_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_BAD_CHANGE_CIPHER_SPEC);
+ goto err;
+ }
+
+ rr->length=0;
+ s->s3->change_cipher_spec=1;
+ if (!do_change_cipher_spec(s))
+ goto err;
+ else
+ goto start;
+ }
+
+ /* else we have a handshake */
+ if ((rr->type == SSL3_RT_HANDSHAKE) &&
+ !s->in_handshake)
+ {
+ if (((s->state&SSL_ST_MASK) == SSL_ST_OK) &&
+ !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS))
+ {
+ s->state=SSL_ST_BEFORE;
+ s->new_session=1;
+ }
+ n=s->handshake_func(s);
+ if (n < 0) return(n);
+ if (n == 0)
+ {
+ SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE);
+ return(-1);
+ }
+
+ /* In the case where we try to read application data
+ * the first time, but we trigger an SSL handshake, we
+ * return -1 with the retry option set. I do this
+ * otherwise renegotiation can cause nasty problems
+ * in the non-blocking world */
+
+ s->rwstate=SSL_READING;
+ bio=SSL_get_rbio(s);
+ BIO_clear_retry_flags(bio);
+ BIO_set_retry_read(bio);
+ return(-1);
+ }
+
+ switch (rr->type)
+ {
+ default:
+#ifndef NO_TLS
+ /* TLS just ignores unknown message types */
+ if (s->version == TLS1_VERSION)
+ {
+ goto start;
+ }
+#endif
+ case SSL3_RT_CHANGE_CIPHER_SPEC:
+ case SSL3_RT_ALERT:
+ case SSL3_RT_HANDSHAKE:
+ al=SSL_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_UNEXPECTED_RECORD);
+ goto f_err;
+ case SSL3_RT_APPLICATION_DATA:
+ /* At this point, we were expecting something else,
+ * but have application data. What we do is set the
+ * error, and return -1. On the way out, if the
+ * library was running inside ssl3_read() and it makes
+ * sense to read application data at this point, we
+ * will indulge it. This will mostly happen during
+ * session renegotiation.
+ */
+ if (s->s3->in_read_app_data &&
+ (s->s3->total_renegotiations != 0) &&
+ ((
+ (s->state & SSL_ST_CONNECT) &&
+ (s->state >= SSL3_ST_CW_CLNT_HELLO_A) &&
+ (s->state <= SSL3_ST_CR_SRVR_HELLO_A)
+ ) || (
+ (s->state & SSL_ST_ACCEPT) &&
+ (s->state <= SSL3_ST_SW_HELLO_REQ_A) &&
+ (s->state >= SSL3_ST_SR_CLNT_HELLO_A)
+ )
+ ))
+ {
+ s->s3->in_read_app_data=0;
+ return(-1);
+ }
+ else
+ {
+ al=SSL_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_UNEXPECTED_RECORD);
+ goto f_err;
+ }
+ }
+ }
+
+ /* make sure that we are not getting application data when we
+ * are doing a handshake for the first time */
+ if (SSL_in_init(s) && (type == SSL3_RT_APPLICATION_DATA) &&
+ (s->enc_read_ctx == NULL))
+ {
+ al=SSL_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_APP_DATA_IN_HANDSHAKE);
+ goto f_err;
+ }
+
+ if (len <= 0) return(len);
+
+ if ((unsigned int)len > rr->length)
+ n=rr->length;
+ else
+ n=len;
+
+ memcpy(buf,&(rr->data[rr->off]),(unsigned int)n);
+ rr->length-=n;
+ rr->off+=n;
+ if (rr->length <= 0)
+ {
+ s->rstate=SSL_ST_READ_HEADER;
+ rr->off=0;
+ }
+
+ if (type == SSL3_RT_HANDSHAKE)
+ ssl3_finish_mac(s,(unsigned char *)buf,n);
+ return(n);
+f_err:
+ ssl3_send_alert(s,SSL3_AL_FATAL,al);
+err:
+ return(-1);
+ }
+
+static int do_change_cipher_spec(s)
+SSL *s;
+ {
+ int i;
+ unsigned char *sender;
+ int slen;
+
+ if (s->state & SSL_ST_ACCEPT)
+ i=SSL3_CHANGE_CIPHER_SERVER_READ;
+ else
+ i=SSL3_CHANGE_CIPHER_CLIENT_READ;
+
+ if (s->s3->tmp.key_block == NULL)
+ {
+ s->session->cipher=s->s3->tmp.new_cipher;
+ if (!s->method->ssl3_enc->setup_key_block(s)) return(0);
+ }
+
+ if (!s->method->ssl3_enc->change_cipher_state(s,i))
+ return(0);
+
+ /* we have to record the message digest at
+ * this point so we can get it before we read
+ * the finished message */
+ if (s->state & SSL_ST_CONNECT)
+ {
+ sender=s->method->ssl3_enc->server_finished;
+ slen=s->method->ssl3_enc->server_finished_len;
+ }
+ else
+ {
+ sender=s->method->ssl3_enc->client_finished;
+ slen=s->method->ssl3_enc->client_finished_len;
+ }
+
+ s->method->ssl3_enc->final_finish_mac(s,
+ &(s->s3->finish_dgst1),
+ &(s->s3->finish_dgst2),
+ sender,slen,&(s->s3->tmp.finish_md[0]));
+
+ return(1);
+ }
+
+int ssl3_do_write(s,type)
+SSL *s;
+int type;
+ {
+ int ret;
+
+ ret=ssl3_write_bytes(s,type,(char *)
+ &(s->init_buf->data[s->init_off]),s->init_num);
+ if (ret == s->init_num)
+ return(1);
+ if (ret < 0) return(-1);
+ s->init_off+=ret;
+ s->init_num-=ret;
+ return(0);
+ }
+
+void ssl3_send_alert(s,level,desc)
+SSL *s;
+int level;
+int desc;
+ {
+ /* Map tls/ssl alert value to correct one */
+ desc=s->method->ssl3_enc->alert_value(desc);
+ if (desc < 0) return;
+ /* If a fatal one, remove from cache */
+ if ((level == 2) && (s->session != NULL))
+ SSL_CTX_remove_session(s->ctx,s->session);
+
+ s->s3->alert_dispatch=1;
+ s->s3->send_alert[0]=level;
+ s->s3->send_alert[1]=desc;
+ if (s->s3->wbuf.left == 0) /* data still being written out */
+ ssl3_dispatch_alert(s);
+ /* else data is still being written out, we will get written
+ * some time in the future */
+ }
+
+int ssl3_dispatch_alert(s)
+SSL *s;
+ {
+ int i,j;
+ void (*cb)()=NULL;
+
+ s->s3->alert_dispatch=0;
+ i=do_ssl3_write(s,SSL3_RT_ALERT,&(s->s3->send_alert[0]),2);
+ if (i <= 0)
+ {
+ s->s3->alert_dispatch=1;
+ }
+ else
+ {
+ /* If it is important, send it now. If the message
+ * does not get sent due to non-blocking IO, we will
+ * not worry too much. */
+ if (s->s3->send_alert[0] == SSL3_AL_FATAL)
+ BIO_flush(s->wbio);
+
+ if (s->info_callback != NULL)
+ cb=s->info_callback;
+ else if (s->ctx->info_callback != NULL)
+ cb=s->ctx->info_callback;
+
+ if (cb != NULL)
+ {
+ j=(s->s3->send_alert[0]<<8)|s->s3->send_alert[1];
+ cb(s,SSL_CB_WRITE_ALERT,j);
+ }
+ }
+ return(i);
+ }
+
diff --git a/src/lib/libssl/src/ssl/s3_srvr.c b/src/lib/libssl/src/ssl/s3_srvr.c
new file mode 100644
index 0000000000..64903af151
--- /dev/null
+++ b/src/lib/libssl/src/ssl/s3_srvr.c
@@ -0,0 +1,1675 @@
+/* ssl/s3_srvr.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#define REUSE_CIPHER_BUG
+
+#include <stdio.h>
+#include "buffer.h"
+#include "rand.h"
+#include "objects.h"
+#include "evp.h"
+#include "x509.h"
+#include "ssl_locl.h"
+
+#define BREAK break
+/* SSLerr(SSL_F_SSL3_ACCEPT,ERR_R_MALLOC_FAILURE);
+ * SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,ERR_R_MALLOC_FAILURE);
+ * SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,ERR_R_MALLOC_FAILURE);
+ * SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,ERR_R_MALLOC_FAILURE);
+ * SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,ERR_R_MALLOC_FAILURE);
+ */
+
+#ifndef NOPROTO
+static int ssl3_get_client_hello(SSL *s);
+static int ssl3_send_server_hello(SSL *s);
+static int ssl3_send_server_key_exchange(SSL *s);
+static int ssl3_send_certificate_request(SSL *s);
+static int ssl3_send_server_done(SSL *s);
+static int ssl3_get_cert_verify(SSL *s);
+static int ssl3_get_client_key_exchange(SSL *s);
+static int ssl3_get_client_certificate(SSL *s);
+static int ssl3_send_hello_request(SSL *s);
+
+#else
+
+static int ssl3_get_client_hello();
+static int ssl3_send_server_hello();
+static int ssl3_send_server_key_exchange();
+static int ssl3_send_certificate_request();
+static int ssl3_send_server_done();
+static int ssl3_get_cert_verify();
+static int ssl3_get_client_key_exchange();
+static int ssl3_get_client_certificate();
+static int ssl3_send_hello_request();
+
+#endif
+
+static SSL_METHOD *ssl3_get_server_method(ver)
+int ver;
+ {
+ if (ver == SSL3_VERSION)
+ return(SSLv3_server_method());
+ else
+ return(NULL);
+ }
+
+SSL_METHOD *SSLv3_server_method()
+ {
+ static int init=1;
+ static SSL_METHOD SSLv3_server_data;
+
+ if (init)
+ {
+ init=0;
+ memcpy((char *)&SSLv3_server_data,(char *)sslv3_base_method(),
+ sizeof(SSL_METHOD));
+ SSLv3_server_data.ssl_accept=ssl3_accept;
+ SSLv3_server_data.get_ssl_method=ssl3_get_server_method;
+ }
+ return(&SSLv3_server_data);
+ }
+
+int ssl3_accept(s)
+SSL *s;
+ {
+ BUF_MEM *buf;
+ unsigned long l,Time=time(NULL);
+ void (*cb)()=NULL;
+ long num1;
+ int ret= -1;
+ CERT *ct;
+ BIO *under;
+ int new_state,state,skip=0;
+
+ RAND_seed((unsigned char *)&Time,sizeof(Time));
+ ERR_clear_error();
+ clear_sys_error();
+
+ if (s->info_callback != NULL)
+ cb=s->info_callback;
+ else if (s->ctx->info_callback != NULL)
+ cb=s->ctx->info_callback;
+
+ /* init things to blank */
+ if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
+ s->in_handshake++;
+
+#ifdef undef
+ /* FIX THIS EAY EAY EAY */
+ /* we don't actually need a cert, we just need a cert or a DH_tmp */
+ if (((s->session == NULL) || (s->session->cert == NULL)) &&
+ (s->cert == NULL))
+ {
+ SSLerr(SSL_F_SSL3_ACCEPT,SSL_R_NO_CERTIFICATE_SET);
+ ret= -1;
+ goto end;
+ }
+#endif
+
+ for (;;)
+ {
+ state=s->state;
+
+ switch (s->state)
+ {
+ case SSL_ST_RENEGOTIATE:
+ s->new_session=1;
+ /* s->state=SSL_ST_ACCEPT; */
+
+ case SSL_ST_BEFORE:
+ case SSL_ST_ACCEPT:
+ case SSL_ST_BEFORE|SSL_ST_ACCEPT:
+ case SSL_ST_OK|SSL_ST_ACCEPT:
+
+ if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
+
+ if ((s->version>>8) != 3)
+ abort();
+ /* s->version=SSL3_VERSION; */
+ s->type=SSL_ST_ACCEPT;
+
+ if (s->init_buf == NULL)
+ {
+ if ((buf=BUF_MEM_new()) == NULL)
+ {
+ ret= -1;
+ goto end;
+ }
+ if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH))
+ {
+ ret= -1;
+ goto end;
+ }
+ s->init_buf=buf;
+ }
+
+ if (!ssl3_setup_buffers(s))
+ {
+ ret= -1;
+ goto end;
+ }
+
+ /* Ok, we now need to push on a buffering BIO so that
+ * the output is sent in a way that TCP likes :-)
+ */
+ if (!ssl_init_wbio_buffer(s,1)) { ret= -1; goto end; }
+
+ s->init_num=0;
+
+ if (s->state != SSL_ST_RENEGOTIATE)
+ {
+ s->state=SSL3_ST_SR_CLNT_HELLO_A;
+ ssl3_init_finished_mac(s);
+ s->ctx->sess_accept++;
+ }
+ else
+ {
+ s->ctx->sess_accept_renegotiate++;
+ s->state=SSL3_ST_SW_HELLO_REQ_A;
+ }
+ break;
+
+ case SSL3_ST_SW_HELLO_REQ_A:
+ case SSL3_ST_SW_HELLO_REQ_B:
+
+ s->shutdown=0;
+ ret=ssl3_send_hello_request(s);
+ if (ret <= 0) goto end;
+ s->s3->tmp.next_state=SSL3_ST_SW_HELLO_REQ_C;
+ s->state=SSL3_ST_SW_FLUSH;
+ s->init_num=0;
+
+ ssl3_init_finished_mac(s);
+ break;
+
+ case SSL3_ST_SW_HELLO_REQ_C:
+ /* remove buffering on output */
+ under=BIO_pop(s->wbio);
+ if (under != NULL)
+ s->wbio=under;
+ else
+ abort(); /* ok */
+ BIO_free(s->bbio);
+ s->bbio=NULL;
+
+ s->state=SSL_ST_OK;
+ ret=1;
+ goto end;
+ /* break; */
+
+ case SSL3_ST_SR_CLNT_HELLO_A:
+ case SSL3_ST_SR_CLNT_HELLO_B:
+ case SSL3_ST_SR_CLNT_HELLO_C:
+
+ s->shutdown=0;
+ ret=ssl3_get_client_hello(s);
+ if (ret <= 0) goto end;
+ s->state=SSL3_ST_SW_SRVR_HELLO_A;
+ s->init_num=0;
+ break;
+
+ case SSL3_ST_SW_SRVR_HELLO_A:
+ case SSL3_ST_SW_SRVR_HELLO_B:
+ ret=ssl3_send_server_hello(s);
+ if (ret <= 0) goto end;
+
+ if (s->hit)
+ s->state=SSL3_ST_SW_CHANGE_A;
+ else
+ s->state=SSL3_ST_SW_CERT_A;
+ s->init_num=0;
+ break;
+
+ case SSL3_ST_SW_CERT_A:
+ case SSL3_ST_SW_CERT_B:
+ /* Check if it is anon DH */
+ if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL))
+ {
+ ret=ssl3_send_server_certificate(s);
+ if (ret <= 0) goto end;
+ }
+ else
+ skip=1;
+ s->state=SSL3_ST_SW_KEY_EXCH_A;
+ s->init_num=0;
+ break;
+
+ case SSL3_ST_SW_KEY_EXCH_A:
+ case SSL3_ST_SW_KEY_EXCH_B:
+ l=s->s3->tmp.new_cipher->algorithms;
+ if (s->session->cert == NULL)
+ {
+ if (s->cert != NULL)
+ {
+ CRYPTO_add(&s->cert->references,1,CRYPTO_LOCK_SSL_CERT);
+ s->session->cert=s->cert;
+ }
+ else
+ {
+ CRYPTO_add(&s->ctx->default_cert->references,1,CRYPTO_LOCK_SSL_CERT);
+ s->session->cert=s->ctx->default_cert;
+ }
+ }
+ ct=s->session->cert;
+
+ /* clear this, it may get reset by
+ * send_server_key_exchange */
+ if (s->options & SSL_OP_EPHEMERAL_RSA)
+ s->s3->tmp.use_rsa_tmp=1;
+ else
+ s->s3->tmp.use_rsa_tmp=0;
+
+ /* only send if a DH key exchange, fortezza or
+ * RSA but we have a sign only certificate */
+ if ( s->s3->tmp.use_rsa_tmp ||
+ (l & (SSL_DH|SSL_kFZA)) ||
+ ((l & SSL_kRSA) &&
+ ((ct->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL)||
+ ((l & SSL_EXPORT) &&
+ (EVP_PKEY_size(ct->pkeys[SSL_PKEY_RSA_ENC].privatekey)*8 > 512)
+ )
+ )
+ )
+ )
+ {
+ ret=ssl3_send_server_key_exchange(s);
+ if (ret <= 0) goto end;
+ }
+ else
+ skip=1;
+
+ s->state=SSL3_ST_SW_CERT_REQ_A;
+ s->init_num=0;
+ break;
+
+ case SSL3_ST_SW_CERT_REQ_A:
+ case SSL3_ST_SW_CERT_REQ_B:
+ if (!(s->verify_mode & SSL_VERIFY_PEER) ||
+ ((s->session->peer != NULL) &&
+ (s->verify_mode & SSL_VERIFY_CLIENT_ONCE)))
+ {
+ /* no cert request */
+ skip=1;
+ s->s3->tmp.cert_request=0;
+ s->state=SSL3_ST_SW_SRVR_DONE_A;
+ }
+ else
+ {
+ s->s3->tmp.cert_request=1;
+ ret=ssl3_send_certificate_request(s);
+ if (ret <= 0) goto end;
+ s->state=SSL3_ST_SW_SRVR_DONE_A;
+ s->init_num=0;
+ }
+ break;
+
+ case SSL3_ST_SW_SRVR_DONE_A:
+ case SSL3_ST_SW_SRVR_DONE_B:
+ ret=ssl3_send_server_done(s);
+ if (ret <= 0) goto end;
+ s->s3->tmp.next_state=SSL3_ST_SR_CERT_A;
+ s->state=SSL3_ST_SW_FLUSH;
+ s->init_num=0;
+ break;
+
+ case SSL3_ST_SW_FLUSH:
+ /* number of bytes to be flushed */
+ num1=BIO_ctrl(s->wbio,BIO_CTRL_INFO,0,NULL);
+ if (num1 > 0)
+ {
+ s->rwstate=SSL_WRITING;
+ num1=BIO_flush(s->wbio);
+ if (num1 <= 0) { ret= -1; goto end; }
+ s->rwstate=SSL_NOTHING;
+ }
+
+ s->state=s->s3->tmp.next_state;
+ break;
+
+ case SSL3_ST_SR_CERT_A:
+ case SSL3_ST_SR_CERT_B:
+ /* could be sent for a DH cert, even if we
+ * have not asked for it :-) */
+ ret=ssl3_get_client_certificate(s);
+ if (ret <= 0) goto end;
+ s->init_num=0;
+ s->state=SSL3_ST_SR_KEY_EXCH_A;
+ break;
+
+ case SSL3_ST_SR_KEY_EXCH_A:
+ case SSL3_ST_SR_KEY_EXCH_B:
+ ret=ssl3_get_client_key_exchange(s);
+ if (ret <= 0) goto end;
+ s->state=SSL3_ST_SR_CERT_VRFY_A;
+ s->init_num=0;
+
+ /* We need to get hashes here so if there is
+ * a client cert, it can be verified */
+ s->method->ssl3_enc->cert_verify_mac(s,
+ &(s->s3->finish_dgst1),
+ &(s->s3->tmp.finish_md[0]));
+ s->method->ssl3_enc->cert_verify_mac(s,
+ &(s->s3->finish_dgst2),
+ &(s->s3->tmp.finish_md[MD5_DIGEST_LENGTH]));
+
+ break;
+
+ case SSL3_ST_SR_CERT_VRFY_A:
+ case SSL3_ST_SR_CERT_VRFY_B:
+
+ /* we should decide if we expected this one */
+ ret=ssl3_get_cert_verify(s);
+ if (ret <= 0) goto end;
+
+ s->state=SSL3_ST_SR_FINISHED_A;
+ s->init_num=0;
+ break;
+
+ case SSL3_ST_SR_FINISHED_A:
+ case SSL3_ST_SR_FINISHED_B:
+ ret=ssl3_get_finished(s,SSL3_ST_SR_FINISHED_A,
+ SSL3_ST_SR_FINISHED_B);
+ if (ret <= 0) goto end;
+ if (s->hit)
+ s->state=SSL_ST_OK;
+ else
+ s->state=SSL3_ST_SW_CHANGE_A;
+ s->init_num=0;
+ break;
+
+ case SSL3_ST_SW_CHANGE_A:
+ case SSL3_ST_SW_CHANGE_B:
+
+ s->session->cipher=s->s3->tmp.new_cipher;
+ if (!s->method->ssl3_enc->setup_key_block(s))
+ { ret= -1; goto end; }
+
+ ret=ssl3_send_change_cipher_spec(s,
+ SSL3_ST_SW_CHANGE_A,SSL3_ST_SW_CHANGE_B);
+
+ if (ret <= 0) goto end;
+ s->state=SSL3_ST_SW_FINISHED_A;
+ s->init_num=0;
+
+ if (!s->method->ssl3_enc->change_cipher_state(s,
+ SSL3_CHANGE_CIPHER_SERVER_WRITE))
+ {
+ ret= -1;
+ goto end;
+ }
+
+ break;
+
+ case SSL3_ST_SW_FINISHED_A:
+ case SSL3_ST_SW_FINISHED_B:
+ ret=ssl3_send_finished(s,
+ SSL3_ST_SW_FINISHED_A,SSL3_ST_SW_FINISHED_B,
+ s->method->ssl3_enc->server_finished,
+ s->method->ssl3_enc->server_finished_len);
+ if (ret <= 0) goto end;
+ s->state=SSL3_ST_SW_FLUSH;
+ if (s->hit)
+ s->s3->tmp.next_state=SSL3_ST_SR_FINISHED_A;
+ else
+ s->s3->tmp.next_state=SSL_ST_OK;
+ s->init_num=0;
+ break;
+
+ case SSL_ST_OK:
+ /* clean a few things up */
+ ssl3_cleanup_key_block(s);
+
+ BUF_MEM_free(s->init_buf);
+ s->init_buf=NULL;
+
+ /* remove buffering on output */
+ under=BIO_pop(s->wbio);
+ if (under != NULL)
+ s->wbio=under;
+ else
+ abort(); /* ok */
+ BIO_free(s->bbio);
+ s->bbio=NULL;
+
+ s->new_session=0;
+ s->init_num=0;
+
+ ssl_update_cache(s,SSL_SESS_CACHE_SERVER);
+
+ s->ctx->sess_accept_good++;
+ /* s->server=1; */
+ s->handshake_func=ssl3_accept;
+ ret=1;
+
+ if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1);
+
+ goto end;
+ /* break; */
+
+ default:
+ SSLerr(SSL_F_SSL3_ACCEPT,SSL_R_UNKNOWN_STATE);
+ ret= -1;
+ goto end;
+ /* break; */
+ }
+
+ if (!s->s3->tmp.reuse_message && !skip)
+ {
+ if (s->debug)
+ {
+ if ((ret=BIO_flush(s->wbio)) <= 0)
+ goto end;
+ }
+
+
+ if ((cb != NULL) && (s->state != state))
+ {
+ new_state=s->state;
+ s->state=state;
+ cb(s,SSL_CB_ACCEPT_LOOP,1);
+ s->state=new_state;
+ }
+ }
+ skip=0;
+ }
+end:
+ /* BIO_flush(s->wbio); */
+
+ if (cb != NULL)
+ cb(s,SSL_CB_ACCEPT_EXIT,ret);
+ s->in_handshake--;
+ return(ret);
+ }
+
+static int ssl3_send_hello_request(s)
+SSL *s;
+ {
+ unsigned char *p;
+
+ if (s->state == SSL3_ST_SW_HELLO_REQ_A)
+ {
+ p=(unsigned char *)s->init_buf->data;
+ *(p++)=SSL3_MT_CLIENT_REQUEST;
+ *(p++)=0;
+ *(p++)=0;
+ *(p++)=0;
+
+ s->state=SSL3_ST_SW_HELLO_REQ_B;
+ /* number of bytes to write */
+ s->init_num=4;
+ s->init_off=0;
+ }
+
+ /* SSL3_ST_SW_HELLO_REQ_B */
+ return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
+ }
+
+static int ssl3_get_client_hello(s)
+SSL *s;
+ {
+ int i,j,ok,al,ret= -1;
+ long n;
+ unsigned long id;
+ unsigned char *p,*d;
+ SSL_CIPHER *c;
+ STACK *ciphers=NULL;
+
+ /* We do this so that we will respond with our native type.
+ * If we are TLSv1 and we get SSLv3, we will respond with TLSv1,
+ * This down switching should be handled by a different method.
+ * If we are SSLv3, we will respond with SSLv3, even if prompted with
+ * TLSv1.
+ */
+ if (s->state == SSL3_ST_SR_CLNT_HELLO_A)
+ {
+ s->first_packet=1;
+ s->state=SSL3_ST_SR_CLNT_HELLO_B;
+ }
+ n=ssl3_get_message(s,
+ SSL3_ST_SR_CLNT_HELLO_B,
+ SSL3_ST_SR_CLNT_HELLO_C,
+ SSL3_MT_CLIENT_HELLO,
+ SSL3_RT_MAX_PLAIN_LENGTH,
+ &ok);
+
+ if (!ok) return((int)n);
+ d=p=(unsigned char *)s->init_buf->data;
+
+ /* The version number has already been checked in ssl3_get_message.
+ * I a native TLSv1/SSLv3 method, the match must be correct except
+ * perhaps for the first message */
+ p+=2;
+
+ /* load the client random */
+ memcpy(s->s3->client_random,p,SSL3_RANDOM_SIZE);
+ p+=SSL3_RANDOM_SIZE;
+
+ /* get the session-id */
+ j= *(p++);
+
+ s->hit=0;
+ if (j == 0)
+ {
+ if (!ssl_get_new_session(s,1))
+ goto err;
+ }
+ else
+ {
+ i=ssl_get_prev_session(s,p,j);
+ if (i == 1)
+ { /* previous session */
+ s->hit=1;
+ }
+ else
+ {
+ if (!ssl_get_new_session(s,1))
+ goto err;
+ }
+ }
+
+ p+=j;
+ n2s(p,i);
+ if ((i == 0) && (j != 0))
+ {
+ /* we need a cipher if we are not resuming a session */
+ al=SSL_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_CIPHERS_SPECIFIED);
+ goto f_err;
+ }
+ if ((i+p) > (d+n))
+ {
+ /* not enough data */
+ al=SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_LENGTH_MISMATCH);
+ goto f_err;
+ }
+ if ((i > 0) && (ssl_bytes_to_cipher_list(s,p,i,&(ciphers))
+ == NULL))
+ {
+ goto err;
+ }
+ p+=i;
+
+ /* If it is a hit, check that the cipher is in the list */
+ if ((s->hit) && (i > 0))
+ {
+ j=0;
+ id=s->session->cipher->id;
+
+ for (i=0; i<sk_num(ciphers); i++)
+ {
+ c=(SSL_CIPHER *)sk_value(ciphers,i);
+ if (c->id == id)
+ {
+ j=1;
+ break;
+ }
+ }
+ if (j == 0)
+ {
+ if ((s->options & SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG) && (sk_num(ciphers) == 1))
+ {
+ /* Very bad for multi-threading.... */
+ s->session->cipher=
+ (SSL_CIPHER *)sk_value(ciphers,0);
+ }
+ else
+ {
+ /* we need to have the cipher in the cipher
+ * list if we are asked to reuse it */
+ al=SSL_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_REQUIRED_CIPHER_MISSING);
+ goto f_err;
+ }
+ }
+ }
+
+ /* compression */
+ i= *(p++);
+ for (j=0; j<i; j++)
+ if (p[j] == 0) break;
+
+ p+=i;
+ if (j >= i)
+ {
+ /* no compress */
+ al=SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_COMPRESSION_SPECIFIED);
+ goto f_err;
+ }
+
+ /* TLS does not mind if there is extra stuff */
+ if (s->version == SSL3_VERSION)
+ {
+ if (p > (d+n))
+ {
+ /* wrong number of bytes,
+ * there could be more to follow */
+ al=SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_LENGTH_MISMATCH);
+ goto f_err;
+ }
+ }
+
+ /* do nothing with compression */
+
+ /* Given s->session->ciphers and ssl_get_ciphers_by_id(s), we must
+ * pick a cipher */
+
+ if (!s->hit)
+ {
+ if (s->session->ciphers != NULL)
+ sk_free(s->session->ciphers);
+ s->session->ciphers=ciphers;
+ if (ciphers == NULL)
+ {
+ al=SSL_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_CIPHERS_PASSED);
+ goto f_err;
+ }
+ ciphers=NULL;
+ c=ssl3_choose_cipher(s,s->session->ciphers,
+ ssl_get_ciphers_by_id(s));
+
+ if (c == NULL)
+ {
+ al=SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_SHARED_CIPHER);
+ goto f_err;
+ }
+ s->s3->tmp.new_cipher=c;
+ }
+ else
+ {
+ /* Session-id reuse */
+#ifdef REUSE_CIPHER_BUG
+ STACK *sk;
+ SSL_CIPHER *nc=NULL;
+ SSL_CIPHER *ec=NULL;
+
+ if (s->options & SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG)
+ {
+ sk=s->session->ciphers;
+ for (i=0; i<sk_num(sk); i++)
+ {
+ c=(SSL_CIPHER *)sk_value(sk,i);
+ if (c->algorithms & SSL_eNULL)
+ nc=c;
+ if (c->algorithms & SSL_EXP)
+ ec=c;
+ }
+ if (nc != NULL)
+ s->s3->tmp.new_cipher=nc;
+ else if (ec != NULL)
+ s->s3->tmp.new_cipher=ec;
+ else
+ s->s3->tmp.new_cipher=s->session->cipher;
+ }
+ else
+#endif
+ s->s3->tmp.new_cipher=s->session->cipher;
+ }
+
+ /* we now have the following setup.
+ * client_random
+ * cipher_list - our prefered list of ciphers
+ * ciphers - the clients prefered list of ciphers
+ * compression - basically ignored right now
+ * ssl version is set - sslv3
+ * s->session - The ssl session has been setup.
+ * s->hit - sesson reuse flag
+ * s->tmp.new_cipher - the new cipher to use.
+ */
+
+ ret=1;
+ if (0)
+ {
+f_err:
+ ssl3_send_alert(s,SSL3_AL_FATAL,al);
+ }
+err:
+ if (ciphers != NULL) sk_free(ciphers);
+ return(ret);
+ }
+
+static int ssl3_send_server_hello(s)
+SSL *s;
+ {
+ unsigned char *buf;
+ unsigned char *p,*d;
+ int i,sl;
+ unsigned long l,Time;
+
+ if (s->state == SSL3_ST_SW_SRVR_HELLO_A)
+ {
+ buf=(unsigned char *)s->init_buf->data;
+ p=s->s3->server_random;
+ Time=time(NULL); /* Time */
+ l2n(Time,p);
+ RAND_bytes(p,SSL3_RANDOM_SIZE-sizeof(Time));
+ /* Do the message type and length last */
+ d=p= &(buf[4]);
+
+ *(p++)=s->version>>8;
+ *(p++)=s->version&0xff;
+
+ /* Random stuff */
+ memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE);
+ p+=SSL3_RANDOM_SIZE;
+
+ /* now in theory we have 3 options to sending back the
+ * session id. If it is a re-use, we send back the
+ * old session-id, if it is a new session, we send
+ * back the new session-id or we send back a 0 length
+ * session-id if we want it to be single use.
+ * Currently I will not implement the '0' length session-id
+ * 12-Jan-98 - I'll now support the '0' length stuff.
+ */
+ if (!(s->ctx->session_cache_mode & SSL_SESS_CACHE_SERVER))
+ s->session->session_id_length=0;
+
+ sl=s->session->session_id_length;
+ *(p++)=sl;
+ memcpy(p,s->session->session_id,sl);
+ p+=sl;
+
+ /* put the cipher */
+ i=ssl3_put_cipher_by_char(s->s3->tmp.new_cipher,p);
+ p+=i;
+
+ /* put the compression method */
+ *(p++)=0;
+
+ /* do the header */
+ l=(p-d);
+ d=buf;
+ *(d++)=SSL3_MT_SERVER_HELLO;
+ l2n3(l,d);
+
+ s->state=SSL3_ST_CW_CLNT_HELLO_B;
+ /* number of bytes to write */
+ s->init_num=p-buf;
+ s->init_off=0;
+ }
+
+ /* SSL3_ST_CW_CLNT_HELLO_B */
+ return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
+ }
+
+static int ssl3_send_server_done(s)
+SSL *s;
+ {
+ unsigned char *p;
+
+ if (s->state == SSL3_ST_SW_SRVR_DONE_A)
+ {
+ p=(unsigned char *)s->init_buf->data;
+
+ /* do the header */
+ *(p++)=SSL3_MT_SERVER_DONE;
+ *(p++)=0;
+ *(p++)=0;
+ *(p++)=0;
+
+ s->state=SSL3_ST_SW_SRVR_DONE_B;
+ /* number of bytes to write */
+ s->init_num=4;
+ s->init_off=0;
+ }
+
+ /* SSL3_ST_CW_CLNT_HELLO_B */
+ return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
+ }
+
+static int ssl3_send_server_key_exchange(s)
+SSL *s;
+ {
+#ifndef NO_RSA
+ unsigned char *q;
+ int j,num;
+ RSA *rsa;
+ unsigned char md_buf[MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH];
+#endif
+#ifndef NO_DH
+ DH *dh,*dhp;
+#endif
+ EVP_PKEY *pkey;
+ unsigned char *p,*d;
+ int al,i;
+ unsigned long type;
+ int n;
+ CERT *cert;
+ BIGNUM *r[4];
+ int nr[4],kn;
+ BUF_MEM *buf;
+ EVP_MD_CTX md_ctx;
+
+ if (s->state == SSL3_ST_SW_KEY_EXCH_A)
+ {
+ type=s->s3->tmp.new_cipher->algorithms & SSL_MKEY_MASK;
+ cert=s->session->cert;
+
+ buf=s->init_buf;
+
+ r[0]=r[1]=r[2]=r[3]=NULL;
+ n=0;
+#ifndef NO_RSA
+ if (type & SSL_kRSA)
+ {
+ rsa=cert->rsa_tmp;
+ if ((rsa == NULL) && (s->ctx->default_cert->rsa_tmp_cb != NULL))
+ {
+ rsa=s->ctx->default_cert->rsa_tmp_cb(s,
+ (s->s3->tmp.new_cipher->algorithms|
+ SSL_NOT_EXP)?0:1);
+ CRYPTO_add(&rsa->references,1,CRYPTO_LOCK_RSA);
+ cert->rsa_tmp=rsa;
+ }
+ if (rsa == NULL)
+ {
+ al=SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_MISSING_TMP_RSA_KEY);
+ goto f_err;
+ }
+ r[0]=rsa->n;
+ r[1]=rsa->e;
+ s->s3->tmp.use_rsa_tmp=1;
+ }
+ else
+#endif
+#ifndef NO_DH
+ if (type & SSL_kEDH)
+ {
+ dhp=cert->dh_tmp;
+ if ((dhp == NULL) && (cert->dh_tmp_cb != NULL))
+ dhp=cert->dh_tmp_cb(s,
+ (s->s3->tmp.new_cipher->algorithms|
+ SSL_NOT_EXP)?0:1);
+ if (dhp == NULL)
+ {
+ al=SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_MISSING_TMP_DH_KEY);
+ goto f_err;
+ }
+ if ((dh=DHparams_dup(dhp)) == NULL)
+ {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_DH_LIB);
+ goto err;
+ }
+
+ s->s3->tmp.dh=dh;
+ if (((dhp->pub_key == NULL) ||
+ (dhp->priv_key == NULL) ||
+ (s->options & SSL_OP_SINGLE_DH_USE)) &&
+ (!DH_generate_key(dh)))
+ {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_DH_LIB);
+ goto err;
+ }
+ else
+ {
+ dh->pub_key=BN_dup(dhp->pub_key);
+ dh->priv_key=BN_dup(dhp->priv_key);
+ if ((dh->pub_key == NULL) ||
+ (dh->priv_key == NULL))
+ {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_DH_LIB);
+ goto err;
+ }
+ }
+ r[0]=dh->p;
+ r[1]=dh->g;
+ r[2]=dh->pub_key;
+ }
+ else
+#endif
+ {
+ al=SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);
+ goto f_err;
+ }
+ for (i=0; r[i] != NULL; i++)
+ {
+ nr[i]=BN_num_bytes(r[i]);
+ n+=2+nr[i];
+ }
+
+ if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL))
+ {
+ if ((pkey=ssl_get_sign_pkey(s,s->s3->tmp.new_cipher))
+ == NULL)
+ {
+ al=SSL_AD_DECODE_ERROR;
+ goto f_err;
+ }
+ kn=EVP_PKEY_size(pkey);
+ }
+ else
+ {
+ pkey=NULL;
+ kn=0;
+ }
+
+ if (!BUF_MEM_grow(buf,n+4+kn))
+ {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_BUF);
+ goto err;
+ }
+ d=(unsigned char *)s->init_buf->data;
+ p= &(d[4]);
+
+ for (i=0; r[i] != NULL; i++)
+ {
+ s2n(nr[i],p);
+ BN_bn2bin(r[i],p);
+ p+=nr[i];
+ }
+
+ /* not anonymous */
+ if (pkey != NULL)
+ {
+ /* n is the length of the params, they start at &(d[4])
+ * and p points to the space at the end. */
+#ifndef NO_RSA
+ if (pkey->type == EVP_PKEY_RSA)
+ {
+ q=md_buf;
+ j=0;
+ for (num=2; num > 0; num--)
+ {
+ EVP_DigestInit(&md_ctx,(num == 2)
+ ?s->ctx->md5:s->ctx->sha1);
+ EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
+ EVP_DigestUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
+ EVP_DigestUpdate(&md_ctx,&(d[4]),n);
+ EVP_DigestFinal(&md_ctx,q,
+ (unsigned int *)&i);
+ q+=i;
+ j+=i;
+ }
+ i=RSA_private_encrypt(j,md_buf,&(p[2]),
+ pkey->pkey.rsa,RSA_PKCS1_PADDING);
+ if (i <= 0)
+ {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_RSA);
+ goto err;
+ }
+ s2n(i,p);
+ n+=i+2;
+ }
+ else
+#endif
+#if !defined(NO_DSA)
+ if (pkey->type == EVP_PKEY_DSA)
+ {
+ /* lets do DSS */
+ EVP_SignInit(&md_ctx,EVP_dss1());
+ EVP_SignUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
+ EVP_SignUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
+ EVP_SignUpdate(&md_ctx,&(d[4]),n);
+ if (!EVP_SignFinal(&md_ctx,&(p[2]),
+ (unsigned int *)&i,pkey))
+ {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_DSA);
+ goto err;
+ }
+ s2n(i,p);
+ n+=i+2;
+ }
+ else
+#endif
+ {
+ /* Is this error check actually needed? */
+ al=SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_UNKNOWN_PKEY_TYPE);
+ goto f_err;
+ }
+ }
+
+ *(d++)=SSL3_MT_SERVER_KEY_EXCHANGE;
+ l2n3(n,d);
+
+ /* we should now have things packed up, so lets send
+ * it off */
+ s->init_num=n+4;
+ s->init_off=0;
+ }
+
+ /* SSL3_ST_SW_KEY_EXCH_B */
+ return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
+f_err:
+ ssl3_send_alert(s,SSL3_AL_FATAL,al);
+err:
+ return(-1);
+ }
+
+static int ssl3_send_certificate_request(s)
+SSL *s;
+ {
+ unsigned char *p,*d;
+ int i,j,nl,off,n;
+ STACK *sk=NULL;
+ X509_NAME *name;
+ BUF_MEM *buf;
+
+ if (s->state == SSL3_ST_SW_CERT_REQ_A)
+ {
+ buf=s->init_buf;
+
+ d=p=(unsigned char *)&(buf->data[4]);
+
+ /* get the list of acceptable cert types */
+ p++;
+ n=ssl3_get_req_cert_type(s,p);
+ d[0]=n;
+ p+=n;
+ n++;
+
+ off=n;
+ p+=2;
+ n+=2;
+
+ sk=SSL_get_client_CA_list(s);
+ nl=0;
+ if (sk != NULL)
+ {
+ for (i=0; i<sk_num(sk); i++)
+ {
+ name=(X509_NAME *)sk_value(sk,i);
+ j=i2d_X509_NAME(name,NULL);
+ if (!BUF_MEM_grow(buf,4+n+j+2))
+ {
+ SSLerr(SSL_F_SSL3_SEND_CERTIFICATE_REQUEST,ERR_R_BUF_LIB);
+ goto err;
+ }
+ p=(unsigned char *)&(buf->data[4+n]);
+ if (!(s->options & SSL_OP_NETSCAPE_CA_DN_BUG))
+ {
+ s2n(j,p);
+ i2d_X509_NAME(name,&p);
+ n+=2+j;
+ nl+=2+j;
+ }
+ else
+ {
+ d=p;
+ i2d_X509_NAME(name,&p);
+ j-=2; s2n(j,d); j+=2;
+ n+=j;
+ nl+=j;
+ }
+ }
+ }
+ /* else no CA names */
+ p=(unsigned char *)&(buf->data[4+off]);
+ s2n(nl,p);
+
+ d=(unsigned char *)buf->data;
+ *(d++)=SSL3_MT_CERTIFICATE_REQUEST;
+ l2n3(n,d);
+
+ /* we should now have things packed up, so lets send
+ * it off */
+
+ s->init_num=n+4;
+ s->init_off=0;
+ }
+
+ /* SSL3_ST_SW_CERT_REQ_B */
+ return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
+err:
+ return(-1);
+ }
+
+static int ssl3_get_client_key_exchange(s)
+SSL *s;
+ {
+ int i,al,ok;
+ long n;
+ unsigned long l;
+ unsigned char *p;
+ RSA *rsa=NULL;
+ EVP_PKEY *pkey=NULL;
+#ifndef NO_DH
+ BIGNUM *pub=NULL;
+ DH *dh_srvr;
+#endif
+
+ n=ssl3_get_message(s,
+ SSL3_ST_SR_KEY_EXCH_A,
+ SSL3_ST_SR_KEY_EXCH_B,
+ SSL3_MT_CLIENT_KEY_EXCHANGE,
+ 400, /* ???? */
+ &ok);
+
+ if (!ok) return((int)n);
+ p=(unsigned char *)s->init_buf->data;
+
+ l=s->s3->tmp.new_cipher->algorithms;
+
+#ifndef NO_RSA
+ if (l & SSL_kRSA)
+ {
+ /* FIX THIS UP EAY EAY EAY EAY */
+ if (s->s3->tmp.use_rsa_tmp)
+ {
+ if ((s->session->cert != NULL) &&
+ (s->session->cert->rsa_tmp != NULL))
+ rsa=s->session->cert->rsa_tmp;
+ else if ((s->ctx->default_cert != NULL) &&
+ (s->ctx->default_cert->rsa_tmp != NULL))
+ rsa=s->ctx->default_cert->rsa_tmp;
+ /* Don't do a callback because rsa_tmp should
+ * be sent already */
+ if (rsa == NULL)
+ {
+ al=SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_TMP_RSA_PKEY);
+ goto f_err;
+
+ }
+ }
+ else
+ {
+ pkey=s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey;
+ if ( (pkey == NULL) ||
+ (pkey->type != EVP_PKEY_RSA) ||
+ (pkey->pkey.rsa == NULL))
+ {
+ al=SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_RSA_CERTIFICATE);
+ goto f_err;
+ }
+ rsa=pkey->pkey.rsa;
+ }
+
+ /* TLS */
+ if (s->version > SSL3_VERSION)
+ {
+ n2s(p,i);
+ if (n != i+2)
+ {
+ if (!(s->options & SSL_OP_TLS_D5_BUG))
+ {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG);
+ goto err;
+ }
+ else
+ p-=2;
+ }
+ else
+ n=i;
+ }
+
+ i=RSA_private_decrypt((int)n,p,p,rsa,RSA_PKCS1_PADDING);
+
+#if 1
+ /* If a bad decrypt, use a dud master key */
+ if ((i != SSL_MAX_MASTER_KEY_LENGTH) ||
+ ((p[0] != (s->version>>8)) ||
+ (p[1] != (s->version & 0xff))))
+ {
+ p[0]=(s->version>>8);
+ p[1]=(s->version & 0xff);
+ RAND_bytes(&(p[2]),SSL_MAX_MASTER_KEY_LENGTH-2);
+ i=SSL_MAX_MASTER_KEY_LENGTH;
+ }
+#else
+ if (i != SSL_MAX_MASTER_KEY_LENGTH)
+ {
+ al=SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BAD_RSA_DECRYPT);
+ goto f_err;
+ }
+
+ if ((p[0] != (s->version>>8)) || (p[1] != (s->version & 0xff)))
+ {
+ al=SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BAD_PROTOCOL_VERSION_NUMBER);
+ goto f_err;
+ }
+#endif
+
+ s->session->master_key_length=
+ s->method->ssl3_enc->generate_master_secret(s,
+ s->session->master_key,
+ p,i);
+ memset(p,0,i);
+ }
+ else
+#endif
+#ifndef NO_DH
+ if (l & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
+ {
+ n2s(p,i);
+ if (n != i+2)
+ {
+ if (!(s->options & SSL_OP_SSLEAY_080_CLIENT_DH_BUG))
+ {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG);
+ goto err;
+ }
+ else
+ {
+ p-=2;
+ i=(int)n;
+ }
+ }
+
+ if (n == 0L) /* the parameters are in the cert */
+ {
+ al=SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_UNABLE_TO_DECODE_DH_CERTS);
+ goto f_err;
+ }
+ else
+ {
+ if (s->s3->tmp.dh == NULL)
+ {
+ al=SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_TMP_DH_KEY);
+ goto f_err;
+ }
+ else
+ dh_srvr=s->s3->tmp.dh;
+ }
+
+ pub=BN_bin2bn(p,i,NULL);
+ if (pub == NULL)
+ {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BN_LIB);
+ goto err;
+ }
+
+ i=DH_compute_key(p,pub,dh_srvr);
+
+ if (i <= 0)
+ {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB);
+ goto err;
+ }
+
+ DH_free(s->s3->tmp.dh);
+ s->s3->tmp.dh=NULL;
+
+ BN_clear_free(pub);
+ pub=NULL;
+ s->session->master_key_length=
+ s->method->ssl3_enc->generate_master_secret(s,
+ s->session->master_key,p,i);
+ }
+ else
+#endif
+ {
+ al=SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_UNKNOWN_CIPHER_TYPE);
+ goto f_err;
+ }
+
+ return(1);
+f_err:
+ ssl3_send_alert(s,SSL3_AL_FATAL,al);
+#if !defined(NO_DH) || !defined(NO_RSA)
+err:
+#endif
+ return(-1);
+ }
+
+static int ssl3_get_cert_verify(s)
+SSL *s;
+ {
+ EVP_PKEY *pkey=NULL;
+ unsigned char *p;
+ int al,ok,ret=0;
+ long n;
+ int type=0,i,j;
+ X509 *peer;
+
+ n=ssl3_get_message(s,
+ SSL3_ST_SR_CERT_VRFY_A,
+ SSL3_ST_SR_CERT_VRFY_B,
+ -1,
+ 512, /* 512? */
+ &ok);
+
+ if (!ok) return((int)n);
+
+ if (s->session->peer != NULL)
+ {
+ peer=s->session->peer;
+ pkey=X509_get_pubkey(peer);
+ type=X509_certificate_type(peer,pkey);
+ }
+ else
+ {
+ peer=NULL;
+ pkey=NULL;
+ }
+
+ if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE_VERIFY)
+ {
+ s->s3->tmp.reuse_message=1;
+ if ((peer != NULL) && (type | EVP_PKT_SIGN))
+ {
+ al=SSL_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_MISSING_VERIFY_MESSAGE);
+ goto f_err;
+ }
+ ret=1;
+ goto end;
+ }
+
+ if (peer == NULL)
+ {
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_NO_CLIENT_CERT_RECEIVED);
+ al=SSL_AD_UNEXPECTED_MESSAGE;
+ goto f_err;
+ }
+
+ if (!(type & EVP_PKT_SIGN))
+ {
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE);
+ al=SSL_AD_ILLEGAL_PARAMETER;
+ goto f_err;
+ }
+
+ if (s->s3->change_cipher_spec)
+ {
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_CCS_RECEIVED_EARLY);
+ al=SSL_AD_UNEXPECTED_MESSAGE;
+ goto f_err;
+ }
+
+ /* we now have a signature that we need to verify */
+ p=(unsigned char *)s->init_buf->data;
+ n2s(p,i);
+ n-=2;
+ if (i > n)
+ {
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_LENGTH_MISMATCH);
+ al=SSL_AD_DECODE_ERROR;
+ goto f_err;
+ }
+
+ j=EVP_PKEY_size(pkey);
+ if ((i > j) || (n > j) || (n <= 0))
+ {
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_WRONG_SIGNATURE_SIZE);
+ al=SSL_AD_DECODE_ERROR;
+ goto f_err;
+ }
+
+#ifndef NO_RSA
+ if (pkey->type == EVP_PKEY_RSA)
+ {
+ i=RSA_public_decrypt(i,p,p,pkey->pkey.rsa,RSA_PKCS1_PADDING);
+ if (i < 0)
+ {
+ al=SSL_AD_DECRYPT_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_BAD_RSA_DECRYPT);
+ goto f_err;
+ }
+ if ((i != (MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH)) ||
+ memcmp(&(s->s3->tmp.finish_md[0]),p,
+ MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH))
+ {
+ al=SSL_AD_DECRYPT_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_BAD_RSA_SIGNATURE);
+ goto f_err;
+ }
+ }
+ else
+#endif
+#ifndef NO_DSA
+ if (pkey->type == EVP_PKEY_DSA)
+ {
+ j=DSA_verify(pkey->save_type,
+ &(s->s3->tmp.finish_md[MD5_DIGEST_LENGTH]),
+ SHA_DIGEST_LENGTH,p,i,pkey->pkey.dsa);
+ if (j <= 0)
+ {
+ /* bad signature */
+ al=SSL_AD_DECRYPT_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_BAD_DSA_SIGNATURE);
+ goto f_err;
+ }
+ }
+ else
+#endif
+ {
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_INTERNAL_ERROR);
+ al=SSL_AD_UNSUPPORTED_CERTIFICATE;
+ goto f_err;
+ }
+
+
+ ret=1;
+ if (0)
+ {
+f_err:
+ ssl3_send_alert(s,SSL3_AL_FATAL,al);
+ }
+end:
+ return(ret);
+ }
+
+static int ssl3_get_client_certificate(s)
+SSL *s;
+ {
+ int i,ok,al,ret= -1;
+ X509 *x=NULL;
+ unsigned long l,nc,llen,n;
+ unsigned char *p,*d,*q;
+ STACK *sk=NULL;
+
+ n=ssl3_get_message(s,
+ SSL3_ST_SR_CERT_A,
+ SSL3_ST_SR_CERT_B,
+ -1,
+#if defined(MSDOS) && !defined(WIN32)
+ 1024*30, /* 30k max cert list :-) */
+#else
+ 1024*100, /* 100k max cert list :-) */
+#endif
+ &ok);
+
+ if (!ok) return((int)n);
+
+ if (s->s3->tmp.message_type == SSL3_MT_CLIENT_KEY_EXCHANGE)
+ {
+ if ( (s->verify_mode & SSL_VERIFY_PEER) &&
+ (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT))
+ {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
+ al=SSL_AD_HANDSHAKE_FAILURE;
+ goto f_err;
+ }
+ /* If tls asked for a client cert we must return a 0 list */
+ if ((s->version > SSL3_VERSION) && s->s3->tmp.cert_request)
+ {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST);
+ al=SSL_AD_UNEXPECTED_MESSAGE;
+ goto f_err;
+ }
+ s->s3->tmp.reuse_message=1;
+ return(1);
+ }
+
+ if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE)
+ {
+ al=SSL_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_WRONG_MESSAGE_TYPE);
+ goto f_err;
+ }
+ d=p=(unsigned char *)s->init_buf->data;
+
+ if ((sk=sk_new_null()) == NULL)
+ {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ n2l3(p,llen);
+ if (llen+3 != n)
+ {
+ al=SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_LENGTH_MISMATCH);
+ goto f_err;
+ }
+ for (nc=0; nc<llen; )
+ {
+ n2l3(p,l);
+ if ((l+nc+3) > llen)
+ {
+ al=SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH);
+ goto f_err;
+ }
+
+ q=p;
+ x=d2i_X509(NULL,&p,l);
+ if (x == NULL)
+ {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,ERR_R_ASN1_LIB);
+ goto err;
+ }
+ if (p != (q+l))
+ {
+ al=SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH);
+ goto f_err;
+ }
+ if (!sk_push(sk,(char *)x))
+ {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ x=NULL;
+ nc+=l+3;
+ }
+
+ if (sk_num(sk) <= 0)
+ {
+ /* TLS does not mind 0 certs returned */
+ if (s->version == SSL3_VERSION)
+ {
+ al=SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_NO_CERTIFICATES_RETURNED);
+ goto f_err;
+ }
+ /* Fail for TLS only if we required a certificate */
+ else if ((s->verify_mode & SSL_VERIFY_PEER) &&
+ (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT))
+ {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
+ al=SSL_AD_HANDSHAKE_FAILURE;
+ goto f_err;
+ }
+ }
+ else
+ {
+ i=ssl_verify_cert_chain(s,sk);
+ if (!i)
+ {
+ al=ssl_verify_alarm_type(s->verify_result);
+ SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_NO_CERTIFICATE_RETURNED);
+ goto f_err;
+ }
+ }
+
+ /* This should not be needed */
+ if (s->session->peer != NULL)
+ X509_free(s->session->peer);
+ s->session->peer=(X509 *)sk_shift(sk);
+
+ ret=1;
+ if (0)
+ {
+f_err:
+ ssl3_send_alert(s,SSL3_AL_FATAL,al);
+ }
+err:
+ if (x != NULL) X509_free(x);
+ if (sk != NULL) sk_pop_free(sk,X509_free);
+ return(ret);
+ }
+
+int ssl3_send_server_certificate(s)
+SSL *s;
+ {
+ unsigned long l;
+ X509 *x;
+
+ if (s->state == SSL3_ST_SW_CERT_A)
+ {
+ x=ssl_get_server_send_cert(s);
+ if (x == NULL)
+ {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_CERTIFICATE,SSL_R_INTERNAL_ERROR);
+ return(0);
+ }
+
+ l=ssl3_output_cert_chain(s,x);
+ s->state=SSL3_ST_SW_CERT_B;
+ s->init_num=(int)l;
+ s->init_off=0;
+ }
+
+ /* SSL3_ST_SW_CERT_B */
+ return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
+ }
diff --git a/src/lib/libssl/src/ssl/ssl.h b/src/lib/libssl/src/ssl/ssl.h
new file mode 100644
index 0000000000..cf8f9651b2
--- /dev/null
+++ b/src/lib/libssl/src/ssl/ssl.h
@@ -0,0 +1,1453 @@
+/* ssl/ssl.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_SSL_H
+#define HEADER_SSL_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* SSLeay version number for ASN.1 encoding of the session information */
+/* Version 0 - initial version
+ * Version 1 - added the optional peer certificate
+ */
+#define SSL_SESSION_ASN1_VERSION 0x0001
+
+/* text strings for the ciphers */
+#define SSL_TXT_NULL_WITH_MD5 SSL2_TXT_NULL_WITH_MD5
+#define SSL_TXT_RC4_128_WITH_MD5 SSL2_TXT_RC4_128_WITH_MD5
+#define SSL_TXT_RC4_128_EXPORT40_WITH_MD5 SSL2_TXT_RC4_128_EXPORT40_WITH_MD5
+#define SSL_TXT_RC2_128_CBC_WITH_MD5 SSL2_TXT_RC2_128_CBC_WITH_MD5
+#define SSL_TXT_RC2_128_CBC_EXPORT40_WITH_MD5 SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5
+#define SSL_TXT_IDEA_128_CBC_WITH_MD5 SSL2_TXT_IDEA_128_CBC_WITH_MD5
+#define SSL_TXT_DES_64_CBC_WITH_MD5 SSL2_TXT_DES_64_CBC_WITH_MD5
+#define SSL_TXT_DES_64_CBC_WITH_SHA SSL2_TXT_DES_64_CBC_WITH_SHA
+#define SSL_TXT_DES_192_EDE3_CBC_WITH_MD5 SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5
+#define SSL_TXT_DES_192_EDE3_CBC_WITH_SHA SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA
+
+#define SSL_MAX_SSL_SESSION_ID_LENGTH 32
+
+#define SSL_MIN_RSA_MODULUS_LENGTH_IN_BYTES (512/8)
+#define SSL_MAX_KEY_ARG_LENGTH 8
+#define SSL_MAX_MASTER_KEY_LENGTH 48
+
+/* These are used to specify which ciphers to use and not to use */
+#define SSL_TXT_LOW "LOW"
+#define SSL_TXT_MEDIUM "MEDIUM"
+#define SSL_TXT_HIGH "HIGH"
+#define SSL_TXT_kFZA "kFZA"
+#define SSL_TXT_aFZA "aFZA"
+#define SSL_TXT_eFZA "eFZA"
+#define SSL_TXT_FZA "FZA"
+
+#define SSL_TXT_aNULL "aNULL"
+#define SSL_TXT_eNULL "eNULL"
+#define SSL_TXT_NULL "NULL"
+
+#define SSL_TXT_kRSA "kRSA"
+#define SSL_TXT_kDHr "kDHr"
+#define SSL_TXT_kDHd "kDHd"
+#define SSL_TXT_kEDH "kEDH"
+#define SSL_TXT_aRSA "aRSA"
+#define SSL_TXT_aDSS "aDSS"
+#define SSL_TXT_aDH "aDH"
+#define SSL_TXT_DSS "DSS"
+#define SSL_TXT_DH "DH"
+#define SSL_TXT_EDH "EDH"
+#define SSL_TXT_ADH "ADH"
+#define SSL_TXT_RSA "RSA"
+#define SSL_TXT_DES "DES"
+#define SSL_TXT_3DES "3DES"
+#define SSL_TXT_RC4 "RC4"
+#define SSL_TXT_RC2 "RC2"
+#define SSL_TXT_IDEA "IDEA"
+#define SSL_TXT_MD5 "MD5"
+#define SSL_TXT_SHA1 "SHA1"
+#define SSL_TXT_SHA "SHA"
+#define SSL_TXT_EXP "EXP"
+#define SSL_TXT_EXPORT "EXPORT"
+#define SSL_TXT_SSLV2 "SSLv2"
+#define SSL_TXT_SSLV3 "SSLv3"
+#define SSL_TXT_ALL "ALL"
+
+/* 'DEFAULT' at the start of the cipher list insert the following string
+ * in addition to this being the default cipher string */
+#ifndef NO_RSA
+#define SSL_DEFAULT_CIPHER_LIST "ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP"
+#else
+#define SSL_ALLOW_ADH
+#define SSL_DEFAULT_CIPHER_LIST "HIGH:MEDIUM:LOW:ADH+3DES:ADH+RC4:ADH+DES:+EXP"
+#endif
+
+/* Used in SSL_set_shutdown()/SSL_get_shutdown(); */
+#define SSL_SENT_SHUTDOWN 1
+#define SSL_RECEIVED_SHUTDOWN 2
+
+#include "crypto.h"
+#include "lhash.h"
+#include "buffer.h"
+#include "bio.h"
+#include "x509.h"
+
+#define SSL_FILETYPE_ASN1 X509_FILETYPE_ASN1
+#define SSL_FILETYPE_PEM X509_FILETYPE_PEM
+
+/* This is needed to stop compilers complaining about the
+ * 'struct ssl_st *' function parameters used to prototype callbacks
+ * in SSL_CTX. */
+typedef struct ssl_st *ssl_crock_st;
+
+/* used to hold info on the particular ciphers used */
+typedef struct ssl_cipher_st
+ {
+ int valid;
+ char *name; /* text name */
+ unsigned long id; /* id, 4 bytes, first is version */
+ unsigned long algorithms; /* what ciphers are used */
+ unsigned long algorithm2; /* Extra flags */
+ unsigned long mask; /* used for matching */
+ } SSL_CIPHER;
+
+/* Used to hold functions for SSLv2 or SSLv3/TLSv1 functions */
+typedef struct ssl_method_st
+ {
+ int version;
+ int (*ssl_new)();
+ void (*ssl_clear)();
+ void (*ssl_free)();
+ int (*ssl_accept)();
+ int (*ssl_connect)();
+ int (*ssl_read)();
+ int (*ssl_peek)();
+ int (*ssl_write)();
+ int (*ssl_shutdown)();
+ int (*ssl_renegotiate)();
+ long (*ssl_ctrl)();
+ long (*ssl_ctx_ctrl)();
+ SSL_CIPHER *(*get_cipher_by_char)();
+ int (*put_cipher_by_char)();
+ int (*ssl_pending)();
+ int (*num_ciphers)();
+ SSL_CIPHER *(*get_cipher)();
+ struct ssl_method_st *(*get_ssl_method)();
+ long (*get_timeout)();
+ struct ssl3_enc_method *ssl3_enc; /* Extra SSLv3/TLS stuff */
+ } SSL_METHOD;
+
+typedef struct ssl_compression_st
+ {
+ char *stuff;
+ } SSL_COMPRESSION;
+
+/* Lets make this into an ASN.1 type structure as follows
+ * SSL_SESSION_ID ::= SEQUENCE {
+ * version INTEGER, -- structure version number
+ * SSLversion INTEGER, -- SSL version number
+ * Cipher OCTET_STRING, -- the 3 byte cipher ID
+ * Session_ID OCTET_STRING, -- the Session ID
+ * Master_key OCTET_STRING, -- the master key
+ * Key_Arg [ 0 ] IMPLICIT OCTET_STRING, -- the optional Key argument
+ * Time [ 1 ] EXPLICIT INTEGER, -- optional Start Time
+ * Timeout [ 2 ] EXPLICIT INTEGER, -- optional Timeout ins seconds
+ * Peer [ 3 ] EXPLICIT X509, -- optional Peer Certificate
+ * }
+ * Look in ssl/ssl_asn1.c for more details
+ * I'm using EXPLICIT tags so I can read the damn things using asn1parse :-).
+ */
+typedef struct ssl_session_st
+ {
+ int ssl_version; /* what ssl version session info is
+ * being kept in here? */
+
+ /* only really used in SSLv2 */
+ unsigned int key_arg_length;
+ unsigned char key_arg[SSL_MAX_KEY_ARG_LENGTH];
+ int master_key_length;
+ unsigned char master_key[SSL_MAX_MASTER_KEY_LENGTH];
+ /* session_id - valid? */
+ unsigned int session_id_length;
+ unsigned char session_id[SSL_MAX_SSL_SESSION_ID_LENGTH];
+
+ int not_resumable;
+
+ /* The cert is the certificate used to establish this connection */
+ struct cert_st /* CERT */ *cert;
+
+ /* This is the cert for the other end. On servers, it will be
+ * the same as cert->x509 */
+ X509 *peer;
+
+ int references;
+ long timeout;
+ long time;
+
+ SSL_COMPRESSION *read_compression;
+ SSL_COMPRESSION *write_compression;
+
+ SSL_CIPHER *cipher;
+ unsigned long cipher_id; /* when ASN.1 loaded, this
+ * needs to be used to load
+ * the 'cipher' structure */
+
+ STACK /* SSL_CIPHER */ *ciphers; /* shared ciphers? */
+
+ CRYPTO_EX_DATA ex_data; /* application specific data */
+
+ /* These are used to make removal of session-ids more
+ * efficient and to implement a maximum cache size. */
+ struct ssl_session_st *prev,*next;
+ } SSL_SESSION;
+
+#define SSL_OP_MICROSOFT_SESS_ID_BUG 0x00000001L
+#define SSL_OP_NETSCAPE_CHALLENGE_BUG 0x00000002L
+#define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x00000008L
+#define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x00000010L
+#define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x00000020L
+#define SSL_OP_MSIE_SSLV2_RSA_PADDING 0x00000040L
+#define SSL_OP_SSLEAY_080_CLIENT_DH_BUG 0x00000080L
+#define SSL_OP_TLS_D5_BUG 0x00000100L
+#define SSL_OP_TLS_BLOCK_PADDING_BUG 0x00000200L
+
+/* If set, only use tmp_dh parameters once */
+#define SSL_OP_SINGLE_DH_USE 0x00100000L
+/* Set to also use the tmp_rsa key when doing RSA operations. */
+#define SSL_OP_EPHEMERAL_RSA 0x00200000L
+
+#define SSL_OP_NETSCAPE_CA_DN_BUG 0x20000000L
+#define SSL_OP_NON_EXPORT_FIRST 0x40000000L
+#define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG 0x80000000L
+#define SSL_OP_ALL 0x000FFFFFL
+
+#define SSL_CTX_set_options(ctx,op) ((ctx)->options|=(op))
+#define SSL_set_options(ssl,op) ((ssl)->options|=(op))
+
+#define SSL_OP_NO_SSLv2 0x01000000L
+#define SSL_OP_NO_SSLv3 0x02000000L
+#define SSL_OP_NO_TLSv1 0x04000000L
+
+/* Normally you will only use these if your application wants to use
+ * the certificate store in other places, perhaps PKCS7 */
+#define SSL_CTX_get_cert_store(ctx) ((ctx)->cert_store)
+#define SSL_CTX_set_cert_store(ctx,cs) \
+ (X509_STORE_free((ctx)->cert_store),(ctx)->cert_store=(cs))
+
+
+#define SSL_SESSION_CACHE_MAX_SIZE_DEFAULT (1024*20)
+
+typedef struct ssl_ctx_st
+ {
+ SSL_METHOD *method;
+ unsigned long options;
+
+ STACK /* SSL_CIPHER */ *cipher_list;
+ /* same as above but sorted for lookup */
+ STACK /* SSL_CIPHER */ *cipher_list_by_id;
+
+ struct x509_store_st /* X509_STORE */ *cert_store;
+ struct lhash_st /* LHASH */ *sessions; /* a set of SSL_SESSION's */
+ /* Most session-ids that will be cached, default is
+ * SSL_SESSION_CACHE_SIZE_DEFAULT. 0 is unlimited. */
+ unsigned long session_cache_size;
+ struct ssl_session_st *session_cache_head;
+ struct ssl_session_st *session_cache_tail;
+
+ /* This can have one of 2 values, ored together,
+ * SSL_SESS_CACHE_CLIENT,
+ * SSL_SESS_CACHE_SERVER,
+ * Default is SSL_SESSION_CACHE_SERVER, which means only
+ * SSL_accept which cache SSL_SESSIONS. */
+ int session_cache_mode;
+
+ /* If timeout is not 0, it is the default timeout value set
+ * when SSL_new() is called. This has been put in to make
+ * life easier to set things up */
+ long session_timeout;
+
+ /* If this callback is not null, it will be called each
+ * time a session id is added to the cache. If this function
+ * returns 1, it means that the callback will do a
+ * SSL_SESSION_free() when it has finished using it. Otherwise,
+ * on 0, it means the callback has finished with it.
+ * If remove_session_cb is not null, it will be called when
+ * a session-id is removed from the cache. Again, a return
+ * of 0 mens that SSLeay should not SSL_SESSION_free() since
+ * the application is doing something with it. */
+#ifndef NOPROTO
+ int (*new_session_cb)(struct ssl_st *ssl,SSL_SESSION *sess);
+ void (*remove_session_cb)(struct ssl_ctx_st *ctx,SSL_SESSION *sess);
+ SSL_SESSION *(*get_session_cb)(struct ssl_st *ssl,
+ unsigned char *data,int len,int *copy);
+#else
+ int (*new_session_cb)();
+ void (*remove_session_cb)();
+ SSL_SESSION *(*get_session_cb)();
+#endif
+
+ int sess_connect; /* SSL new connection - started */
+ int sess_connect_renegotiate;/* SSL renegotiatene - requested */
+ int sess_connect_good; /* SSL new connection/renegotiate - finished */
+ int sess_accept; /* SSL new accept - started */
+ int sess_accept_renegotiate;/* SSL renegotiatene - requested */
+ int sess_accept_good; /* SSL accept/renegotiate - finished */
+ int sess_miss; /* session lookup misses */
+ int sess_timeout; /* session reuse attempt on timeouted session */
+ int sess_cache_full; /* session removed due to full cache */
+ int sess_hit; /* session reuse actually done */
+ int sess_cb_hit; /* session-id that was not in the cache was
+ * passed back via the callback. This
+ * indicates that the application is supplying
+ * session-id's from other processes -
+ * spooky :-) */
+
+ int references;
+
+ void (*info_callback)();
+
+ /* if defined, these override the X509_verify_cert() calls */
+ int (*app_verify_callback)();
+ char *app_verify_arg;
+
+ /* default values to use in SSL structures */
+ struct cert_st /* CERT */ *default_cert;
+ int default_read_ahead;
+ int default_verify_mode;
+ int (*default_verify_callback)();
+
+ /* Default password callback. */
+ int (*default_passwd_callback)();
+
+ /* get client cert callback */
+ int (*client_cert_cb)(/* SSL *ssl, X509 **x509, EVP_PKEY **pkey */);
+
+ /* what we put in client requests */
+ STACK *client_CA;
+
+ int quiet_shutdown;
+
+ CRYPTO_EX_DATA ex_data;
+
+ EVP_MD *rsa_md5;/* For SSLv2 - name is 'ssl2-md5' */
+ EVP_MD *md5; /* For SSLv3/TLSv1 'ssl3-md5' */
+ EVP_MD *sha1; /* For SSLv3/TLSv1 'ssl3->sha1' */
+ } SSL_CTX;
+
+#define SSL_SESS_CACHE_OFF 0x0000
+#define SSL_SESS_CACHE_CLIENT 0x0001
+#define SSL_SESS_CACHE_SERVER 0x0002
+#define SSL_SESS_CACHE_BOTH (SSL_SESS_CACHE_CLIENT|SSL_SESS_CACHE_SERVER)
+#define SSL_SESS_CACHE_NO_AUTO_CLEAR 0x0080
+/* This one, when set, makes the server session-id lookup not look
+ * in the cache. If there is an application get_session callback
+ * defined, this will still get called. */
+#define SSL_SESS_CACHE_NO_INTERNAL_LOOKUP 0x0100
+
+#define SSL_CTX_sessions(ctx) ((ctx)->sessions)
+/* You will need to include lhash.h to access the following #define */
+#define SSL_CTX_sess_number(ctx) ((ctx)->sessions->num_items)
+#define SSL_CTX_sess_connect(ctx) ((ctx)->sess_connect)
+#define SSL_CTX_sess_connect_good(ctx) ((ctx)->sess_connect_good)
+#define SSL_CTX_sess_accept(ctx) ((ctx)->sess_accept)
+#define SSL_CTX_sess_accept_renegotiate(ctx) ((ctx)->sess_accept_renegotiate)
+#define SSL_CTX_sess_connect_renegotiate(ctx) ((ctx)->sess_connect_renegotiate)
+#define SSL_CTX_sess_accept_good(ctx) ((ctx)->sess_accept_good)
+#define SSL_CTX_sess_hits(ctx) ((ctx)->sess_hit)
+#define SSL_CTX_sess_cb_hits(ctx) ((ctx)->sess_cb_hit)
+#define SSL_CTX_sess_misses(ctx) ((ctx)->sess_miss)
+#define SSL_CTX_sess_timeouts(ctx) ((ctx)->sess_timeout)
+#define SSL_CTX_sess_cache_full(ctx) ((ctx)->sess_cache_full)
+
+#define SSL_CTX_sess_set_cache_size(ctx,t) ((ctx)->session_cache_size=(t))
+#define SSL_CTX_sess_get_cache_size(ctx) ((ctx)->session_cache_size)
+
+#define SSL_CTX_sess_set_new_cb(ctx,cb) ((ctx)->new_session_cb=(cb))
+#define SSL_CTX_sess_get_new_cb(ctx) ((ctx)->new_session_cb)
+#define SSL_CTX_sess_set_remove_cb(ctx,cb) ((ctx)->remove_session_cb=(cb))
+#define SSL_CTX_sess_get_remove_cb(ctx) ((ctx)->remove_session_cb)
+#define SSL_CTX_sess_set_get_cb(ctx,cb) ((ctx)->get_session_cb=(cb))
+#define SSL_CTX_sess_get_get_cb(ctx) ((ctx)->get_session_cb)
+#define SSL_CTX_set_session_cache_mode(ctx,m) ((ctx)->session_cache_mode=(m))
+#define SSL_CTX_get_session_cache_mode(ctx) ((ctx)->session_cache_mode)
+#define SSL_CTX_set_timeout(ctx,t) ((ctx)->session_timeout=(t))
+#define SSL_CTX_get_timeout(ctx) ((ctx)->session_timeout)
+
+#define SSL_CTX_set_info_callback(ctx,cb) ((ctx)->info_callback=(cb))
+#define SSL_CTX_get_info_callback(ctx) ((ctx)->info_callback)
+#define SSL_CTX_set_default_read_ahead(ctx,m) (((ctx)->default_read_ahead)=(m))
+
+#define SSL_CTX_set_client_cert_cb(ctx,cb) ((ctx)->client_cert_cb=(cb))
+#define SSL_CTX_get_client_cert_cb(ctx) ((ctx)->client_cert_cb)
+
+#define SSL_NOTHING 1
+#define SSL_WRITING 2
+#define SSL_READING 3
+#define SSL_X509_LOOKUP 4
+
+/* These will only be used when doing non-blocking IO */
+#define SSL_want(s) ((s)->rwstate)
+#define SSL_want_nothing(s) ((s)->rwstate == SSL_NOTHING)
+#define SSL_want_read(s) ((s)->rwstate == SSL_READING)
+#define SSL_want_write(s) ((s)->rwstate == SSL_WRITING)
+#define SSL_want_x509_lookup(s) ((s)->rwstate == SSL_X509_LOOKUP)
+
+typedef struct ssl_st
+ {
+ /* procol version
+ * 2 for SSLv2
+ * 3 for SSLv3
+ * -3 for SSLv3 but accept SSLv2 */
+ int version;
+ int type; /* SSL_ST_CONNECT or SSL_ST_ACCEPT */
+
+ SSL_METHOD *method; /* SSLv3 */
+
+ /* There are 2 BIO's even though they are normally both the
+ * same. This is so data can be read and written to different
+ * handlers */
+
+#ifdef HEADER_BIO_H
+ BIO *rbio; /* used by SSL_read */
+ BIO *wbio; /* used by SSL_write */
+ BIO *bbio; /* used during session-id reuse to concatinate
+ * messages */
+#else
+ char *rbio; /* used by SSL_read */
+ char *wbio; /* used by SSL_write */
+ char *bbio;
+#endif
+ /* This holds a variable that indicates what we were doing
+ * when a 0 or -1 is returned. This is needed for
+ * non-blocking IO so we know what request needs re-doing when
+ * in SSL_accept or SSL_connect */
+ int rwstate;
+
+ /* true when we are actually in SSL_accept() or SSL_connect() */
+ int in_handshake;
+ int (*handshake_func)();
+
+/* int server;*/ /* are we the server side? */
+
+ int new_session;/* 1 if we are to use a new session */
+ int quiet_shutdown;/* don't send shutdown packets */
+ int shutdown; /* we have shut things down, 0x01 sent, 0x02
+ * for received */
+ int state; /* where we are */
+ int rstate; /* where we are when reading */
+
+ BUF_MEM *init_buf; /* buffer used during init */
+ int init_num; /* amount read/written */
+ int init_off; /* amount read/written */
+
+ /* used internally to point at a raw packet */
+ unsigned char *packet;
+ unsigned int packet_length;
+
+ struct ssl2_ctx_st *s2; /* SSLv2 variables */
+ struct ssl3_ctx_st *s3; /* SSLv3 variables */
+
+ int read_ahead; /* Read as many input bytes as possible */
+ int hit; /* reusing a previous session */
+
+ /* crypto */
+ STACK /* SSL_CIPHER */ *cipher_list;
+ STACK /* SSL_CIPHER */ *cipher_list_by_id;
+
+ /* These are the ones being used, the ones is SSL_SESSION are
+ * the ones to be 'copied' into these ones */
+
+ EVP_CIPHER_CTX *enc_read_ctx; /* cryptographic state */
+ EVP_MD *read_hash; /* used for mac generation */
+ SSL_COMPRESSION *read_compression; /* compression */
+
+ EVP_CIPHER_CTX *enc_write_ctx; /* cryptographic state */
+ EVP_MD *write_hash; /* used for mac generation */
+ SSL_COMPRESSION *write_compression; /* compression */
+
+ /* session info */
+
+ /* client cert? */
+ /* This is used to hold the server certificate used */
+ struct cert_st /* CERT */ *cert;
+
+ /* This can also be in the session once a session is established */
+ SSL_SESSION *session;
+
+ /* Used in SSL2 and SSL3 */
+ int verify_mode; /* 0 don't care about verify failure.
+ * 1 fail if verify fails */
+ int (*verify_callback)(); /* fail if callback returns 0 */
+ void (*info_callback)(); /* optional informational callback */
+
+ int error; /* error bytes to be written */
+ int error_code; /* actual code */
+
+ SSL_CTX *ctx;
+ /* set this flag to 1 and a sleep(1) is put into all SSL_read()
+ * and SSL_write() calls, good for nbio debuging :-) */
+ int debug;
+
+ /* extra application data */
+ long verify_result;
+ CRYPTO_EX_DATA ex_data;
+
+ /* for server side, keep the list of CA_dn we can use */
+ STACK /* X509_NAME */ *client_CA;
+
+ int references;
+ unsigned long options;
+ int first_packet;
+ } SSL;
+
+#include "ssl2.h"
+#include "ssl3.h"
+#include "tls1.h" /* This is mostly sslv3 with a few tweaks */
+#include "ssl23.h"
+
+/* compatablity */
+#define SSL_set_app_data(s,arg) (SSL_set_ex_data(s,0,(char *)arg))
+#define SSL_get_app_data(s) (SSL_get_ex_data(s,0))
+#define SSL_SESSION_set_app_data(s,a) (SSL_SESSION_set_ex_data(s,0,(char *)a))
+#define SSL_SESSION_get_app_data(s) (SSL_SESSION_get_ex_data(s,0))
+#define SSL_CTX_get_app_data(ctx) (SSL_CTX_get_ex_data(ctx,0))
+#define SSL_CTX_set_app_data(ctx,arg) (SSL_CTX_set_ex_data(ctx,0,(char *)arg))
+
+/* The following are the possible values for ssl->state are are
+ * used to indicate where we are upto in the SSL connection establishment.
+ * The macros that follow are about the only things you should need to use
+ * and even then, only when using non-blocking IO.
+ * It can also be useful to work out where you were when the connection
+ * failed */
+
+#define SSL_ST_CONNECT 0x1000
+#define SSL_ST_ACCEPT 0x2000
+#define SSL_ST_MASK 0x0FFF
+#define SSL_ST_INIT (SSL_ST_CONNECT|SSL_ST_ACCEPT)
+#define SSL_ST_BEFORE 0x4000
+#define SSL_ST_OK 0x03
+#define SSL_ST_RENEGOTIATE (0x04|SSL_ST_INIT)
+
+#define SSL_CB_LOOP 0x01
+#define SSL_CB_EXIT 0x02
+#define SSL_CB_READ 0x04
+#define SSL_CB_WRITE 0x08
+#define SSL_CB_ALERT 0x4000 /* used in callback */
+#define SSL_CB_READ_ALERT (SSL_CB_ALERT|SSL_CB_READ)
+#define SSL_CB_WRITE_ALERT (SSL_CB_ALERT|SSL_CB_WRITE)
+#define SSL_CB_ACCEPT_LOOP (SSL_ST_ACCEPT|SSL_CB_LOOP)
+#define SSL_CB_ACCEPT_EXIT (SSL_ST_ACCEPT|SSL_CB_EXIT)
+#define SSL_CB_CONNECT_LOOP (SSL_ST_CONNECT|SSL_CB_LOOP)
+#define SSL_CB_CONNECT_EXIT (SSL_ST_CONNECT|SSL_CB_EXIT)
+#define SSL_CB_HANDSHAKE_START 0x10
+#define SSL_CB_HANDSHAKE_DONE 0x20
+
+/* Is the SSL_connection established? */
+#define SSL_get_state(a) SSL_state(a)
+#define SSL_is_init_finished(a) (SSL_state(a) == SSL_ST_OK)
+#define SSL_in_init(a) (SSL_state(a)&SSL_ST_INIT)
+#define SSL_in_before(a) (SSL_state(a)&SSL_ST_BEFORE)
+#define SSL_in_connect_init(a) (SSL_state(a)&SSL_ST_CONNECT)
+#define SSL_in_accept_init(a) (SSL_state(a)&SSL_ST_ACCEPT)
+
+/* The following 2 states are kept in ssl->rstate when reads fail,
+ * you should not need these */
+#define SSL_ST_READ_HEADER 0xF0
+#define SSL_ST_READ_BODY 0xF1
+#define SSL_ST_READ_DONE 0xF2
+
+/* use either SSL_VERIFY_NONE or SSL_VERIFY_PEER, the last 2 options
+ * are 'ored' with SSL_VERIFY_PEER if they are desired */
+#define SSL_VERIFY_NONE 0x00
+#define SSL_VERIFY_PEER 0x01
+#define SSL_VERIFY_FAIL_IF_NO_PEER_CERT 0x02
+#define SSL_VERIFY_CLIENT_ONCE 0x04
+
+/* this is for backward compatablility */
+#if 0 /* NEW_SSLEAY */
+#define SSL_CTX_set_default_verify(a,b,c) SSL_CTX_set_verify(a,b,c)
+#define SSL_set_pref_cipher(c,n) SSL_set_cipher_list(c,n)
+#define SSL_add_session(a,b) SSL_CTX_add_session((a),(b))
+#define SSL_remove_session(a,b) SSL_CTX_remove_session((a),(b))
+#define SSL_flush_sessions(a,b) SSL_CTX_flush_sessions((a),(b))
+#endif
+/* More backward compatablity */
+#define SSL_get_cipher(s) \
+ SSL_CIPHER_get_name(SSL_get_current_cipher(s))
+#define SSL_get_cipher_bits(s,np) \
+ SSL_CIPHER_get_bits(SSL_get_current_cipher(s),np)
+#define SSL_get_cipher_version(s) \
+ SSL_CIPHER_get_version(SSL_get_current_cipher(s))
+#define SSL_get_cipher_name(s) \
+ SSL_CIPHER_get_name(SSL_get_current_cipher(s))
+#define SSL_get_time(a) SSL_SESSION_get_time(a)
+#define SSL_set_time(a,b) SSL_SESSION_set_time((a),(b))
+#define SSL_get_timeout(a) SSL_SESSION_get_timeout(a)
+#define SSL_set_timeout(a,b) SSL_SESSION_set_timeout((a),(b))
+
+/* VMS linker has a 31 char name limit */
+#define SSL_CTX_set_cert_verify_callback(a,b,c) \
+ SSL_CTX_set_cert_verify_cb((a),(b),(c))
+
+#if 1 /*SSLEAY_MACROS*/
+#define d2i_SSL_SESSION_bio(bp,s_id) (SSL_SESSION *)ASN1_d2i_bio( \
+ (char *(*)())SSL_SESSION_new,(char *(*)())d2i_SSL_SESSION, \
+ (bp),(unsigned char **)(s_id))
+#define i2d_SSL_SESSION_bio(bp,s_id) ASN1_i2d_bio(i2d_SSL_SESSION, \
+ bp,(unsigned char *)s_id)
+#define PEM_read_SSL_SESSION(fp,x,cb) (SSL_SESSION *)PEM_ASN1_read( \
+ (char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,fp,(char **)x,cb)
+#define PEM_read_bio_SSL_SESSION(bp,x,cb) (SSL_SESSION *)PEM_ASN1_read_bio( \
+ (char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,bp,(char **)x,cb)
+#define PEM_write_SSL_SESSION(fp,x) \
+ PEM_ASN1_write((int (*)())i2d_SSL_SESSION, \
+ PEM_STRING_SSL_SESSION,fp, (char *)x, NULL,NULL,0,NULL)
+#define PEM_write_bio_SSL_SESSION(bp,x) \
+ PEM_ASN1_write_bio((int (*)())i2d_SSL_SESSION, \
+ PEM_STRING_SSL_SESSION,bp, (char *)x, NULL,NULL,0,NULL)
+#endif
+
+/* These alert types are for SSLv3 and TLSv1 */
+#define SSL_AD_CLOSE_NOTIFY SSL3_AD_CLOSE_NOTIFY
+#define SSL_AD_UNEXPECTED_MESSAGE SSL3_AD_UNEXPECTED_MESSAGE /* fatal */
+#define SSL_AD_BAD_RECORD_MAC SSL3_AD_BAD_RECORD_MAC /* fatal */
+#define SSL_AD_DECRYPTION_FAILED TLS1_AD_DECRYPTION_FAILED
+#define SSL_AD_RECORD_OVERFLOW TLS1_AD_RECORD_OVERFLOW
+#define SSL_AD_DECOMPRESSION_FAILURE SSL3_AD_DECOMPRESSION_FAILURE/* fatal */
+#define SSL_AD_HANDSHAKE_FAILURE SSL3_AD_HANDSHAKE_FAILURE/* fatal */
+#define SSL_AD_NO_CERTIFICATE SSL3_AD_NO_CERTIFICATE /* Not for TLS */
+#define SSL_AD_BAD_CERTIFICATE SSL3_AD_BAD_CERTIFICATE
+#define SSL_AD_UNSUPPORTED_CERTIFICATE SSL3_AD_UNSUPPORTED_CERTIFICATE
+#define SSL_AD_CERTIFICATE_REVOKED SSL3_AD_CERTIFICATE_REVOKED
+#define SSL_AD_CERTIFICATE_EXPIRED SSL3_AD_CERTIFICATE_EXPIRED
+#define SSL_AD_CERTIFICATE_UNKNOWN SSL3_AD_CERTIFICATE_UNKNOWN
+#define SSL_AD_ILLEGAL_PARAMETER SSL3_AD_ILLEGAL_PARAMETER /* fatal */
+#define SSL_AD_UNKNOWN_CA TLS1_AD_UNKNOWN_CA /* fatal */
+#define SSL_AD_ACCESS_DENIED TLS1_AD_ACCESS_DENIED /* fatal */
+#define SSL_AD_DECODE_ERROR TLS1_AD_DECODE_ERROR /* fatal */
+#define SSL_AD_DECRYPT_ERROR TLS1_AD_DECRYPT_ERROR
+#define SSL_AD_EXPORT_RESTRICION TLS1_AD_EXPORT_RESTRICION/* fatal */
+#define SSL_AD_PROTOCOL_VERSION TLS1_AD_PROTOCOL_VERSION /* fatal */
+#define SSL_AD_INSUFFICIENT_SECURITY TLS1_AD_INSUFFICIENT_SECURITY/* fatal */
+#define SSL_AD_INTERNAL_ERROR TLS1_AD_INTERNAL_ERROR /* fatal */
+#define SSL_AD_USER_CANCLED TLS1_AD_USER_CANCLED
+#define SSL_AD_NO_RENEGOTIATION TLS1_AD_NO_RENEGOTIATION
+
+#define SSL_ERROR_NONE 0
+#define SSL_ERROR_SSL 1
+#define SSL_ERROR_WANT_READ 2
+#define SSL_ERROR_WANT_WRITE 3
+#define SSL_ERROR_WANT_X509_LOOKUP 4
+#define SSL_ERROR_SYSCALL 5 /* look at errno */
+#define SSL_ERROR_ZERO_RETURN 6
+#define SSL_ERROR_WANT_CONNECT 7
+
+#define SSL_CTRL_NEED_TMP_RSA 1
+#define SSL_CTRL_SET_TMP_RSA 2
+#define SSL_CTRL_SET_TMP_DH 3
+#define SSL_CTRL_SET_TMP_RSA_CB 4
+#define SSL_CTRL_SET_TMP_DH_CB 5
+/* Add these ones */
+#define SSL_CTRL_GET_SESSION_REUSED 6
+#define SSL_CTRL_GET_CLIENT_CERT_REQUEST 7
+#define SSL_CTRL_GET_NUM_RENEGOTIATIONS 8
+#define SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS 9
+#define SSL_CTRL_GET_TOTAL_RENEGOTIATIONS 10
+
+#define SSL_session_reused(ssl) \
+ SSL_ctrl((ssl),SSL_CTRL_GET_SESSION_REUSED,0,NULL)
+#define SSL_num_renegotiations(ssl) \
+ SSL_ctrl((ssl),SSL_CTRL_GET_NUM_RENEGOTIATIONS,0,NULL)
+#define SSL_clear_num_renegotiations(ssl) \
+ SSL_ctrl((ssl),SSL_CTRL_CLEAR_NUM_RENEGOTIATIONS,0,NULL)
+#define SSL_total_renegotiations(ssl) \
+ SSL_ctrl((ssl),SSL_CTRL_GET_TOTAL_RENEGOTIATIONS,0,NULL)
+
+#define SSL_CTX_need_tmp_RSA(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_NEED_TMP_RSA,0,NULL)
+#define SSL_CTX_set_tmp_rsa(ctx,rsa) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_RSA,0,(char *)rsa)
+#define SSL_CTX_set_tmp_dh(ctx,dh) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH,0,(char *)dh)
+
+/* For the next 2, the callbacks are
+ * RSA *tmp_rsa_cb(int export)
+ * DH *tmp_dh_cb(int export)
+ */
+#define SSL_CTX_set_tmp_rsa_callback(ctx,cb) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_RSA_CB,0,(char *)cb)
+#define SSL_CTX_set_tmp_dh_callback(ctx,dh) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH_CB,0,(char *)dh)
+
+#ifndef NOPROTO
+
+#ifdef HEADER_BIO_H
+BIO_METHOD *BIO_f_ssl(void);
+BIO *BIO_new_ssl(SSL_CTX *ctx,int client);
+BIO *BIO_new_ssl_connect(SSL_CTX *ctx);
+BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx);
+int BIO_ssl_copy_session_id(BIO *to,BIO *from);
+void BIO_ssl_shutdown(BIO *ssl_bio);
+
+#endif
+
+int SSL_CTX_set_cipher_list(SSL_CTX *,char *str);
+SSL_CTX *SSL_CTX_new(SSL_METHOD *meth);
+void SSL_CTX_free(SSL_CTX *);
+void SSL_clear(SSL *s);
+void SSL_CTX_flush_sessions(SSL_CTX *ctx,long tm);
+
+SSL_CIPHER *SSL_get_current_cipher(SSL *s);
+int SSL_CIPHER_get_bits(SSL_CIPHER *c,int *alg_bits);
+char * SSL_CIPHER_get_version(SSL_CIPHER *c);
+char * SSL_CIPHER_get_name(SSL_CIPHER *c);
+
+int SSL_get_fd(SSL *s);
+char * SSL_get_cipher_list(SSL *s,int n);
+char * SSL_get_shared_ciphers(SSL *s, char *buf, int len);
+int SSL_get_read_ahead(SSL * s);
+int SSL_pending(SSL *s);
+#ifndef NO_SOCK
+int SSL_set_fd(SSL *s, int fd);
+int SSL_set_rfd(SSL *s, int fd);
+int SSL_set_wfd(SSL *s, int fd);
+#endif
+#ifdef HEADER_BIO_H
+void SSL_set_bio(SSL *s, BIO *rbio,BIO *wbio);
+BIO * SSL_get_rbio(SSL *s);
+BIO * SSL_get_wbio(SSL *s);
+#endif
+int SSL_set_cipher_list(SSL *s, char *str);
+void SSL_set_read_ahead(SSL *s, int yes);
+int SSL_get_verify_mode(SSL *s);
+int (*SSL_get_verify_callback(SSL *s))();
+void SSL_set_verify(SSL *s, int mode, int (*callback) ());
+int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
+int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);
+int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
+int SSL_use_PrivateKey_ASN1(int pk,SSL *ssl, unsigned char *d, long len);
+int SSL_use_certificate(SSL *ssl, X509 *x);
+int SSL_use_certificate_ASN1(SSL *ssl, int len, unsigned char *d);
+
+#ifndef NO_STDIO
+int SSL_use_RSAPrivateKey_file(SSL *ssl, char *file, int type);
+int SSL_use_PrivateKey_file(SSL *ssl, char *file, int type);
+int SSL_use_certificate_file(SSL *ssl, char *file, int type);
+int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, char *file, int type);
+int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, char *file, int type);
+int SSL_CTX_use_certificate_file(SSL_CTX *ctx, char *file, int type);
+STACK * SSL_load_client_CA_file(char *file);
+#endif
+
+void ERR_load_SSL_strings(void );
+void SSL_load_error_strings(void );
+char * SSL_state_string(SSL *s);
+char * SSL_rstate_string(SSL *s);
+char * SSL_state_string_long(SSL *s);
+char * SSL_rstate_string_long(SSL *s);
+long SSL_SESSION_get_time(SSL_SESSION *s);
+long SSL_SESSION_set_time(SSL_SESSION *s, long t);
+long SSL_SESSION_get_timeout(SSL_SESSION *s);
+long SSL_SESSION_set_timeout(SSL_SESSION *s, long t);
+void SSL_copy_session_id(SSL *to,SSL *from);
+
+SSL_SESSION *SSL_SESSION_new(void);
+unsigned long SSL_SESSION_hash(SSL_SESSION *a);
+int SSL_SESSION_cmp(SSL_SESSION *a,SSL_SESSION *b);
+#ifndef NO_FP_API
+int SSL_SESSION_print_fp(FILE *fp,SSL_SESSION *ses);
+#endif
+#ifdef HEADER_BIO_H
+int SSL_SESSION_print(BIO *fp,SSL_SESSION *ses);
+#endif
+void SSL_SESSION_free(SSL_SESSION *ses);
+int i2d_SSL_SESSION(SSL_SESSION *in,unsigned char **pp);
+int SSL_set_session(SSL *to, SSL_SESSION *session);
+int SSL_CTX_add_session(SSL_CTX *s, SSL_SESSION *c);
+int SSL_CTX_remove_session(SSL_CTX *,SSL_SESSION *c);
+SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a,unsigned char **pp,long length);
+
+#ifdef HEADER_X509_H
+X509 * SSL_get_peer_certificate(SSL *s);
+#endif
+
+STACK * SSL_get_peer_cert_chain(SSL *s);
+
+int SSL_CTX_get_verify_mode(SSL_CTX *ctx);
+int (*SSL_CTX_get_verify_callback(SSL_CTX *ctx))();
+void SSL_CTX_set_verify(SSL_CTX *ctx,int mode,int (*callback)());
+void SSL_CTX_set_cert_verify_cb(SSL_CTX *ctx, int (*cb)(),char *arg);
+int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
+int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len);
+int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
+int SSL_CTX_use_PrivateKey_ASN1(int pk,SSL_CTX *ctx,
+ unsigned char *d, long len);
+int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
+int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d);
+
+void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx,int (*cb)());
+
+int SSL_CTX_check_private_key(SSL_CTX *ctx);
+int SSL_check_private_key(SSL *ctx);
+
+SSL * SSL_new(SSL_CTX *ctx);
+void SSL_clear(SSL *s);
+void SSL_free(SSL *ssl);
+int SSL_accept(SSL *ssl);
+int SSL_connect(SSL *ssl);
+int SSL_read(SSL *ssl,char *buf,int num);
+int SSL_peek(SSL *ssl,char *buf,int num);
+int SSL_write(SSL *ssl,char *buf,int num);
+long SSL_ctrl(SSL *ssl,int cmd, long larg, char *parg);
+long SSL_CTX_ctrl(SSL_CTX *ctx,int cmd, long larg, char *parg);
+
+int SSL_get_error(SSL *s,int ret_code);
+char * SSL_get_version(SSL *s);
+
+/* This sets the 'default' SSL version that SSL_new() will create */
+int SSL_CTX_set_ssl_version(SSL_CTX *ctx,SSL_METHOD *meth);
+
+SSL_METHOD *SSLv2_method(void); /* SSLv2 */
+SSL_METHOD *SSLv2_server_method(void); /* SSLv2 */
+SSL_METHOD *SSLv2_client_method(void); /* SSLv2 */
+
+SSL_METHOD *SSLv3_method(void); /* SSLv3 */
+SSL_METHOD *SSLv3_server_method(void); /* SSLv3 */
+SSL_METHOD *SSLv3_client_method(void); /* SSLv3 */
+
+SSL_METHOD *SSLv23_method(void); /* SSLv3 but can rollback to v2 */
+SSL_METHOD *SSLv23_server_method(void); /* SSLv3 but can rollback to v2 */
+SSL_METHOD *SSLv23_client_method(void); /* SSLv3 but can rollback to v2 */
+
+SSL_METHOD *TLSv1_method(void); /* TLSv1.0 */
+SSL_METHOD *TLSv1_server_method(void); /* TLSv1.0 */
+SSL_METHOD *TLSv1_client_method(void); /* TLSv1.0 */
+
+STACK *SSL_get_ciphers(SSL *s);
+
+int SSL_do_handshake(SSL *s);
+int SSL_renegotiate(SSL *s);
+int SSL_shutdown(SSL *s);
+
+SSL_METHOD *SSL_get_ssl_method(SSL *s);
+int SSL_set_ssl_method(SSL *s,SSL_METHOD *method);
+char *SSL_alert_type_string_long(int value);
+char *SSL_alert_type_string(int value);
+char *SSL_alert_desc_string_long(int value);
+char *SSL_alert_desc_string(int value);
+
+void SSL_set_client_CA_list(SSL *s, STACK *list);
+void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK *list);
+STACK *SSL_get_client_CA_list(SSL *s);
+STACK *SSL_CTX_get_client_CA_list(SSL_CTX *s);
+int SSL_add_client_CA(SSL *ssl,X509 *x);
+int SSL_CTX_add_client_CA(SSL_CTX *ctx,X509 *x);
+
+void SSL_set_connect_state(SSL *s);
+void SSL_set_accept_state(SSL *s);
+
+long SSL_get_default_timeout(SSL *s);
+
+void SSLeay_add_ssl_algorithms(void );
+
+char *SSL_CIPHER_description(SSL_CIPHER *,char *buf,int size);
+STACK *SSL_dup_CA_list(STACK *sk);
+
+SSL *SSL_dup(SSL *ssl);
+
+X509 *SSL_get_certificate(SSL *ssl);
+/* EVP_PKEY */ struct evp_pkey_st *SSL_get_privatekey(SSL *ssl);
+
+void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx,int mode);
+int SSL_CTX_get_quiet_shutdown(SSL_CTX *ctx);
+void SSL_set_quiet_shutdown(SSL *ssl,int mode);
+int SSL_get_quiet_shutdown(SSL *ssl);
+void SSL_set_shutdown(SSL *ssl,int mode);
+int SSL_get_shutdown(SSL *ssl);
+int SSL_version(SSL *ssl);
+int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx);
+int SSL_CTX_load_verify_locations(SSL_CTX *ctx,char *CAfile,char *CApath);
+SSL_SESSION *SSL_get_session(SSL *ssl);
+SSL_CTX *SSL_get_SSL_CTX(SSL *ssl);
+void SSL_set_info_callback(SSL *ssl,void (*cb)());
+void (*SSL_get_info_callback(SSL *ssl))();
+int SSL_state(SSL *ssl);
+
+void SSL_set_verify_result(SSL *ssl,long v);
+long SSL_get_verify_result(SSL *ssl);
+
+int SSL_set_ex_data(SSL *ssl,int idx,char *data);
+char *SSL_get_ex_data(SSL *ssl,int idx);
+int SSL_get_ex_new_index(long argl, char *argp, int (*new_func)(),
+ int (*dup_func)(), void (*free_func)());
+
+int SSL_SESSION_set_ex_data(SSL_SESSION *ss,int idx,char *data);
+char *SSL_SESSION_get_ex_data(SSL_SESSION *ss,int idx);
+int SSL_SESSION_get_ex_new_index(long argl, char *argp, int (*new_func)(),
+ int (*dup_func)(), void (*free_func)());
+
+int SSL_CTX_set_ex_data(SSL_CTX *ssl,int idx,char *data);
+char *SSL_CTX_get_ex_data(SSL_CTX *ssl,int idx);
+int SSL_CTX_get_ex_new_index(long argl, char *argp, int (*new_func)(),
+ int (*dup_func)(), void (*free_func)());
+
+#else
+
+BIO_METHOD *BIO_f_ssl();
+BIO *BIO_new_ssl();
+BIO *BIO_new_ssl_connect();
+BIO *BIO_new_buffer_ssl_connect();
+int BIO_ssl_copy_session_id();
+void BIO_ssl_shutdown();
+
+int SSL_CTX_set_cipher_list();
+SSL_CTX *SSL_CTX_new();
+void SSL_CTX_free();
+void SSL_clear();
+void SSL_CTX_flush_sessions();
+
+SSL_CIPHER *SSL_get_current_cipher();
+int SSL_CIPHER_get_bits();
+char * SSL_CIPHER_get_version();
+char * SSL_CIPHER_get_name();
+
+int SSL_get_fd();
+char * SSL_get_cipher_list();
+char * SSL_get_shared_ciphers();
+int SSL_get_read_ahead();
+int SSL_pending();
+#ifndef NO_SOCK
+int SSL_set_fd();
+int SSL_set_rfd();
+int SSL_set_wfd();
+#endif
+#ifdef HEADER_BIO_H
+void SSL_set_bio();
+BIO * SSL_get_rbio();
+BIO * SSL_get_wbio();
+#endif
+int SSL_set_cipher_list();
+void SSL_set_read_ahead();
+int SSL_get_verify_mode();
+
+void SSL_set_verify();
+int SSL_use_RSAPrivateKey();
+int SSL_use_RSAPrivateKey_ASN1();
+int SSL_use_PrivateKey();
+int SSL_use_PrivateKey_ASN1();
+int SSL_use_certificate();
+int SSL_use_certificate_ASN1();
+
+#ifndef NO_STDIO
+int SSL_use_RSAPrivateKey_file();
+int SSL_use_PrivateKey_file();
+int SSL_use_certificate_file();
+int SSL_CTX_use_RSAPrivateKey_file();
+int SSL_CTX_use_PrivateKey_file();
+int SSL_CTX_use_certificate_file();
+STACK * SSL_load_client_CA_file();
+#endif
+
+void ERR_load_SSL_strings();
+void SSL_load_error_strings();
+char * SSL_state_string();
+char * SSL_rstate_string();
+char * SSL_state_string_long();
+char * SSL_rstate_string_long();
+long SSL_SESSION_get_time();
+long SSL_SESSION_set_time();
+long SSL_SESSION_get_timeout();
+long SSL_SESSION_set_timeout();
+void SSL_copy_session_id();
+
+SSL_SESSION *SSL_SESSION_new();
+unsigned long SSL_SESSION_hash();
+int SSL_SESSION_cmp();
+#ifndef NO_FP_API
+int SSL_SESSION_print_fp();
+#endif
+#ifdef HEADER_BIO_H
+int SSL_SESSION_print();
+#endif
+void SSL_SESSION_free();
+int i2d_SSL_SESSION();
+int SSL_set_session();
+int SSL_CTX_add_session();
+int SSL_CTX_remove_session();
+SSL_SESSION *d2i_SSL_SESSION();
+
+#ifdef HEADER_X509_H
+X509 * SSL_get_peer_certificate();
+#endif
+
+STACK * SSL_get_peer_cert_chain();
+
+int SSL_CTX_get_verify_mode();
+int (*SSL_CTX_get_verify_callback())();
+void SSL_CTX_set_verify();
+void SSL_CTX_set_cert_verify_cb();
+int SSL_CTX_use_RSAPrivateKey();
+int SSL_CTX_use_RSAPrivateKey_ASN1();
+int SSL_CTX_use_PrivateKey();
+int SSL_CTX_use_PrivateKey_ASN1();
+int SSL_CTX_use_certificate();
+int SSL_CTX_use_certificate_ASN1();
+
+void SSL_CTX_set_default_passwd_cb();
+
+int SSL_CTX_check_private_key();
+int SSL_check_private_key();
+
+SSL * SSL_new();
+void SSL_clear();
+void SSL_free();
+int SSL_accept();
+int SSL_connect();
+int SSL_read();
+int SSL_peek();
+int SSL_write();
+long SSL_ctrl();
+long SSL_CTX_ctrl();
+
+int SSL_get_error();
+char * SSL_get_version();
+
+int SSL_CTX_set_ssl_version();
+
+SSL_METHOD *SSLv2_method();
+SSL_METHOD *SSLv2_server_method();
+SSL_METHOD *SSLv2_client_method();
+
+SSL_METHOD *SSLv3_method();
+SSL_METHOD *SSLv3_server_method();
+SSL_METHOD *SSLv3_client_method();
+
+SSL_METHOD *SSLv23_method();
+SSL_METHOD *SSLv23_server_method();
+SSL_METHOD *SSLv23_client_method();
+
+SSL_METHOD *TLSv1_method();
+SSL_METHOD *TLSv1_server_method();
+SSL_METHOD *TLSv1_client_method();
+
+STACK *SSL_get_ciphers();
+
+int SSL_do_handshake();
+int SSL_renegotiate();
+int SSL_shutdown();
+
+SSL_METHOD *SSL_get_ssl_method();
+int SSL_set_ssl_method();
+char *SSL_alert_type_string_long();
+char *SSL_alert_type_string();
+char *SSL_alert_desc_string_long();
+char *SSL_alert_desc_string();
+
+void SSL_set_client_CA_list();
+void SSL_CTX_set_client_CA_list();
+STACK *SSL_get_client_CA_list();
+STACK *SSL_CTX_get_client_CA_list();
+int SSL_add_client_CA();
+int SSL_CTX_add_client_CA();
+
+void SSL_set_connect_state();
+void SSL_set_accept_state();
+
+long SSL_get_default_timeout();
+
+void SSLeay_add_ssl_algorithms();
+
+char *SSL_CIPHER_description();
+STACK *SSL_dup_CA_list();
+
+SSL *SSL_dup();
+
+X509 *SSL_get_certificate();
+/* EVP * */ struct evp_pkey_st *SSL_get_privatekey();
+
+#ifdef this_is_for_mk1mf_pl
+EVP *SSL_get_privatekey();
+
+void SSL_CTX_set_quiet_shutdown();
+int SSL_CTX_get_quiet_shutdown();
+void SSL_set_quiet_shutdown();
+int SSL_get_quiet_shutdown();
+void SSL_set_shutdown();
+int SSL_get_shutdown();
+int SSL_version();
+int SSL_CTX_set_default_verify_paths();
+int SSL_CTX_load_verify_locations();
+SSL_SESSION *SSL_get_session();
+SSL_CTX *SSL_get_SSL_CTX();
+void SSL_set_info_callback();
+int (*SSL_get_info_callback())();
+int SSL_state();
+void SSL_set_verify_result();
+long SSL_get_verify_result();
+
+int SSL_set_ex_data();
+char *SSL_get_ex_data();
+int SSL_get_ex_new_index();
+
+int SSL_SESSION_set_ex_data();
+char *SSL_SESSION_get_ex_data();
+int SSL_SESSION_get_ex_new_index();
+
+int SSL_CTX_set_ex_data();
+char *SSL_CTX_get_ex_data();
+int SSL_CTX_get_ex_new_index();
+
+#endif
+
+#endif
+
+/* BEGIN ERROR CODES */
+/* Error codes for the SSL functions. */
+
+/* Function codes. */
+#define SSL_F_CLIENT_CERTIFICATE 100
+#define SSL_F_CLIENT_HELLO 101
+#define SSL_F_CLIENT_MASTER_KEY 102
+#define SSL_F_D2I_SSL_SESSION 103
+#define SSL_F_DO_SSL3_WRITE 104
+#define SSL_F_GET_CLIENT_FINISHED 105
+#define SSL_F_GET_CLIENT_HELLO 106
+#define SSL_F_GET_CLIENT_MASTER_KEY 107
+#define SSL_F_GET_SERVER_FINISHED 108
+#define SSL_F_GET_SERVER_HELLO 109
+#define SSL_F_GET_SERVER_VERIFY 110
+#define SSL_F_I2D_SSL_SESSION 111
+#define SSL_F_READ_N 112
+#define SSL_F_REQUEST_CERTIFICATE 113
+#define SSL_F_SERVER_HELLO 114
+#define SSL_F_SSL23_ACCEPT 115
+#define SSL_F_SSL23_CLIENT_HELLO 116
+#define SSL_F_SSL23_CONNECT 117
+#define SSL_F_SSL23_GET_CLIENT_HELLO 118
+#define SSL_F_SSL23_GET_SERVER_HELLO 119
+#define SSL_F_SSL23_READ 120
+#define SSL_F_SSL23_WRITE 121
+#define SSL_F_SSL2_ACCEPT 122
+#define SSL_F_SSL2_CONNECT 123
+#define SSL_F_SSL2_ENC_INIT 124
+#define SSL_F_SSL2_READ 125
+#define SSL_F_SSL2_SET_CERTIFICATE 126
+#define SSL_F_SSL2_WRITE 127
+#define SSL_F_SSL3_ACCEPT 128
+#define SSL_F_SSL3_CHANGE_CIPHER_STATE 129
+#define SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM 130
+#define SSL_F_SSL3_CLIENT_HELLO 131
+#define SSL_F_SSL3_CONNECT 132
+#define SSL_F_SSL3_CTX_CTRL 133
+#define SSL_F_SSL3_ENC 134
+#define SSL_F_SSL3_GET_CERTIFICATE_REQUEST 135
+#define SSL_F_SSL3_GET_CERT_VERIFY 136
+#define SSL_F_SSL3_GET_CLIENT_CERTIFICATE 137
+#define SSL_F_SSL3_GET_CLIENT_HELLO 138
+#define SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE 139
+#define SSL_F_SSL3_GET_FINISHED 140
+#define SSL_F_SSL3_GET_KEY_EXCHANGE 141
+#define SSL_F_SSL3_GET_MESSAGE 142
+#define SSL_F_SSL3_GET_RECORD 143
+#define SSL_F_SSL3_GET_SERVER_CERTIFICATE 144
+#define SSL_F_SSL3_GET_SERVER_DONE 145
+#define SSL_F_SSL3_GET_SERVER_HELLO 146
+#define SSL_F_SSL3_OUTPUT_CERT_CHAIN 147
+#define SSL_F_SSL3_READ_BYTES 148
+#define SSL_F_SSL3_READ_N 149
+#define SSL_F_SSL3_SEND_CERTIFICATE_REQUEST 150
+#define SSL_F_SSL3_SEND_CLIENT_CERTIFICATE 151
+#define SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE 152
+#define SSL_F_SSL3_SEND_CLIENT_VERIFY 153
+#define SSL_F_SSL3_SEND_SERVER_CERTIFICATE 154
+#define SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE 155
+#define SSL_F_SSL3_SETUP_BUFFERS 156
+#define SSL_F_SSL3_SETUP_KEY_BLOCK 157
+#define SSL_F_SSL3_WRITE_BYTES 158
+#define SSL_F_SSL3_WRITE_PENDING 159
+#define SSL_F_SSL_BAD_METHOD 160
+#define SSL_F_SSL_BYTES_TO_CIPHER_LIST 161
+#define SSL_F_SSL_CERT_NEW 162
+#define SSL_F_SSL_CHECK_PRIVATE_KEY 163
+#define SSL_F_SSL_CREATE_CIPHER_LIST 164
+#define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY 165
+#define SSL_F_SSL_CTX_NEW 166
+#define SSL_F_SSL_CTX_SET_SSL_VERSION 167
+#define SSL_F_SSL_CTX_USE_CERTIFICATE 168
+#define SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1 169
+#define SSL_F_SSL_CTX_USE_CERTIFICATE_FILE 170
+#define SSL_F_SSL_CTX_USE_PRIVATEKEY 171
+#define SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1 172
+#define SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE 173
+#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY 174
+#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1 175
+#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE 176
+#define SSL_F_SSL_DO_HANDSHAKE 177
+#define SSL_F_SSL_GET_NEW_SESSION 178
+#define SSL_F_SSL_GET_SERVER_SEND_CERT 179
+#define SSL_F_SSL_GET_SIGN_PKEY 180
+#define SSL_F_SSL_INIT_WBIO_BUFFER 181
+#define SSL_F_SSL_LOAD_CLIENT_CA_FILE 182
+#define SSL_F_SSL_NEW 183
+#define SSL_F_SSL_RSA_PRIVATE_DECRYPT 184
+#define SSL_F_SSL_RSA_PUBLIC_ENCRYPT 185
+#define SSL_F_SSL_SESSION_NEW 186
+#define SSL_F_SSL_SESSION_PRINT_FP 187
+#define SSL_F_SSL_SET_CERT 188
+#define SSL_F_SSL_SET_FD 189
+#define SSL_F_SSL_SET_PKEY 190
+#define SSL_F_SSL_SET_RFD 191
+#define SSL_F_SSL_SET_SESSION 192
+#define SSL_F_SSL_SET_WFD 193
+#define SSL_F_SSL_UNDEFINED_FUNCTION 194
+#define SSL_F_SSL_USE_CERTIFICATE 195
+#define SSL_F_SSL_USE_CERTIFICATE_ASN1 196
+#define SSL_F_SSL_USE_CERTIFICATE_FILE 197
+#define SSL_F_SSL_USE_PRIVATEKEY 198
+#define SSL_F_SSL_USE_PRIVATEKEY_ASN1 199
+#define SSL_F_SSL_USE_PRIVATEKEY_FILE 200
+#define SSL_F_SSL_USE_RSAPRIVATEKEY 201
+#define SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1 202
+#define SSL_F_SSL_USE_RSAPRIVATEKEY_FILE 203
+#define SSL_F_SSL_WRITE 204
+#define SSL_F_TLS1_CHANGE_CIPHER_STATE 205
+#define SSL_F_TLS1_ENC 206
+#define SSL_F_TLS1_SETUP_KEY_BLOCK 207
+#define SSL_F_WRITE_PENDING 208
+
+/* Reason codes. */
+#define SSL_R_APP_DATA_IN_HANDSHAKE 100
+#define SSL_R_BAD_ALERT_RECORD 101
+#define SSL_R_BAD_AUTHENTICATION_TYPE 102
+#define SSL_R_BAD_CHANGE_CIPHER_SPEC 103
+#define SSL_R_BAD_CHECKSUM 104
+#define SSL_R_BAD_CLIENT_REQUEST 105
+#define SSL_R_BAD_DATA_RETURNED_BY_CALLBACK 106
+#define SSL_R_BAD_DECOMPRESSION 107
+#define SSL_R_BAD_DH_G_LENGTH 108
+#define SSL_R_BAD_DH_PUB_KEY_LENGTH 109
+#define SSL_R_BAD_DH_P_LENGTH 110
+#define SSL_R_BAD_DIGEST_LENGTH 111
+#define SSL_R_BAD_DSA_SIGNATURE 112
+#define SSL_R_BAD_MAC_DECODE 113
+#define SSL_R_BAD_MESSAGE_TYPE 114
+#define SSL_R_BAD_PACKET_LENGTH 115
+#define SSL_R_BAD_PROTOCOL_VERSION_NUMBER 116
+#define SSL_R_BAD_RESPONSE_ARGUMENT 117
+#define SSL_R_BAD_RSA_DECRYPT 118
+#define SSL_R_BAD_RSA_ENCRYPT 119
+#define SSL_R_BAD_RSA_E_LENGTH 120
+#define SSL_R_BAD_RSA_MODULUS_LENGTH 121
+#define SSL_R_BAD_RSA_SIGNATURE 122
+#define SSL_R_BAD_SIGNATURE 123
+#define SSL_R_BAD_SSL_FILETYPE 124
+#define SSL_R_BAD_SSL_SESSION_ID_LENGTH 125
+#define SSL_R_BAD_STATE 126
+#define SSL_R_BAD_WRITE_RETRY 127
+#define SSL_R_BIO_NOT_SET 128
+#define SSL_R_BLOCK_CIPHER_PAD_IS_WRONG 129
+#define SSL_R_BN_LIB 130
+#define SSL_R_CA_DN_LENGTH_MISMATCH 131
+#define SSL_R_CA_DN_TOO_LONG 132
+#define SSL_R_CCS_RECEIVED_EARLY 133
+#define SSL_R_CERTIFICATE_VERIFY_FAILED 134
+#define SSL_R_CERT_LENGTH_MISMATCH 135
+#define SSL_R_CHALLENGE_IS_DIFFERENT 136
+#define SSL_R_CIPHER_CODE_WRONG_LENGTH 137
+#define SSL_R_CIPHER_OR_HASH_UNAVAILABLE 138
+#define SSL_R_CIPHER_TABLE_SRC_ERROR 139
+#define SSL_R_COMPRESSED_LENGTH_TOO_LONG 140
+#define SSL_R_COMPRESSION_FAILURE 141
+#define SSL_R_CONNECTION_ID_IS_DIFFERENT 142
+#define SSL_R_CONNECTION_TYPE_NOT_SET 143
+#define SSL_R_DATA_BETWEEN_CCS_AND_FINISHED 144
+#define SSL_R_DATA_LENGTH_TOO_LONG 145
+#define SSL_R_DECRYPTION_FAILED 146
+#define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG 147
+#define SSL_R_DIGEST_CHECK_FAILED 148
+#define SSL_R_ENCRYPTED_LENGTH_TOO_LONG 149
+#define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST 150
+#define SSL_R_EXCESSIVE_MESSAGE_SIZE 151
+#define SSL_R_EXTRA_DATA_IN_MESSAGE 152
+#define SSL_R_GOT_A_FIN_BEFORE_A_CCS 153
+#define SSL_R_HTTPS_PROXY_REQUEST 154
+#define SSL_R_HTTP_REQUEST 155
+#define SSL_R_INTERNAL_ERROR 156
+#define SSL_R_INVALID_CHALLENGE_LENGTH 157
+#define SSL_R_LENGTH_MISMATCH 158
+#define SSL_R_LENGTH_TOO_SHORT 159
+#define SSL_R_LIBRARY_HAS_NO_CIPHERS 160
+#define SSL_R_MISSING_DH_DSA_CERT 161
+#define SSL_R_MISSING_DH_KEY 162
+#define SSL_R_MISSING_DH_RSA_CERT 163
+#define SSL_R_MISSING_DSA_SIGNING_CERT 164
+#define SSL_R_MISSING_EXPORT_TMP_DH_KEY 165
+#define SSL_R_MISSING_EXPORT_TMP_RSA_KEY 166
+#define SSL_R_MISSING_RSA_CERTIFICATE 167
+#define SSL_R_MISSING_RSA_ENCRYPTING_CERT 168
+#define SSL_R_MISSING_RSA_SIGNING_CERT 169
+#define SSL_R_MISSING_TMP_DH_KEY 170
+#define SSL_R_MISSING_TMP_RSA_KEY 171
+#define SSL_R_MISSING_TMP_RSA_PKEY 172
+#define SSL_R_MISSING_VERIFY_MESSAGE 173
+#define SSL_R_NON_SSLV2_INITIAL_PACKET 174
+#define SSL_R_NO_CERTIFICATES_RETURNED 175
+#define SSL_R_NO_CERTIFICATE_ASSIGNED 176
+#define SSL_R_NO_CERTIFICATE_RETURNED 177
+#define SSL_R_NO_CERTIFICATE_SET 178
+#define SSL_R_NO_CERTIFICATE_SPECIFIED 179
+#define SSL_R_NO_CIPHERS_AVAILABLE 180
+#define SSL_R_NO_CIPHERS_PASSED 181
+#define SSL_R_NO_CIPHERS_SPECIFIED 182
+#define SSL_R_NO_CIPHER_LIST 183
+#define SSL_R_NO_CIPHER_MATCH 184
+#define SSL_R_NO_CLIENT_CERT_RECEIVED 185
+#define SSL_R_NO_COMPRESSION_SPECIFIED 186
+#define SSL_R_NO_PRIVATEKEY 187
+#define SSL_R_NO_PRIVATE_KEY_ASSIGNED 188
+#define SSL_R_NO_PROTOCOLS_AVAILABLE 189
+#define SSL_R_NO_PUBLICKEY 190
+#define SSL_R_NO_SHARED_CIPHER 191
+#define SSL_R_NULL_SSL_CTX 192
+#define SSL_R_NULL_SSL_METHOD_PASSED 193
+#define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED 194
+#define SSL_R_PACKET_LENGTH_TOO_LONG 195
+#define SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE 196
+#define SSL_R_PEER_ERROR 197
+#define SSL_R_PEER_ERROR_CERTIFICATE 198
+#define SSL_R_PEER_ERROR_NO_CERTIFICATE 199
+#define SSL_R_PEER_ERROR_NO_CIPHER 200
+#define SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 201
+#define SSL_R_PRE_MAC_LENGTH_TOO_LONG 202
+#define SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS 203
+#define SSL_R_PROTOCOL_IS_SHUTDOWN 204
+#define SSL_R_PUBLIC_KEY_ENCRYPT_ERROR 205
+#define SSL_R_PUBLIC_KEY_IS_NOT_RSA 206
+#define SSL_R_PUBLIC_KEY_NOT_RSA 207
+#define SSL_R_READ_BIO_NOT_SET 208
+#define SSL_R_READ_WRONG_PACKET_TYPE 209
+#define SSL_R_RECORD_LENGTH_MISMATCH 210
+#define SSL_R_RECORD_TOO_LARGE 211
+#define SSL_R_REQUIRED_CIPHER_MISSING 212
+#define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO 213
+#define SSL_R_REUSE_CERT_TYPE_NOT_ZERO 214
+#define SSL_R_REUSE_CIPHER_LIST_NOT_ZERO 215
+#define SSL_R_SHORT_READ 216
+#define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 217
+#define SSL_R_SSL3_SESSION_ID_TOO_SHORT 218
+#define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE 1042
+#define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC 1020
+#define SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED 1045
+#define SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED 1044
+#define SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN 1046
+#define SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE 1030
+#define SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE 1040
+#define SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER 1047
+#define SSL_R_SSLV3_ALERT_NO_CERTIFICATE 1041
+#define SSL_R_SSLV3_ALERT_PEER_ERROR_CERTIFICATE 219
+#define SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CERTIFICATE 220
+#define SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CIPHER 221
+#define SSL_R_SSLV3_ALERT_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 222
+#define SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE 1010
+#define SSL_R_SSLV3_ALERT_UNKNOWN_REMOTE_ERROR_TYPE 223
+#define SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE 1043
+#define SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION 224
+#define SSL_R_SSL_HANDSHAKE_FAILURE 225
+#define SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS 226
+#define SSL_R_SSL_SESSION_ID_IS_DIFFERENT 227
+#define SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER 228
+#define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 229
+#define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG 230
+#define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER 231
+#define SSL_R_UNABLE_TO_DECODE_DH_CERTS 232
+#define SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY 233
+#define SSL_R_UNABLE_TO_FIND_DH_PARAMETERS 234
+#define SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS 235
+#define SSL_R_UNABLE_TO_FIND_SSL_METHOD 236
+#define SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES 237
+#define SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES 238
+#define SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES 239
+#define SSL_R_UNEXPECTED_MESSAGE 240
+#define SSL_R_UNEXPECTED_RECORD 241
+#define SSL_R_UNKNOWN_ALERT_TYPE 242
+#define SSL_R_UNKNOWN_CERTIFICATE_TYPE 243
+#define SSL_R_UNKNOWN_CIPHER_RETURNED 244
+#define SSL_R_UNKNOWN_CIPHER_TYPE 245
+#define SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE 246
+#define SSL_R_UNKNOWN_PKEY_TYPE 247
+#define SSL_R_UNKNOWN_PROTOCOL 248
+#define SSL_R_UNKNOWN_REMOTE_ERROR_TYPE 249
+#define SSL_R_UNKNOWN_SSL_VERSION 250
+#define SSL_R_UNKNOWN_STATE 251
+#define SSL_R_UNSUPPORTED_CIPHER 252
+#define SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM 253
+#define SSL_R_UNSUPPORTED_PROTOCOL 254
+#define SSL_R_UNSUPPORTED_SSL_VERSION 255
+#define SSL_R_WRITE_BIO_NOT_SET 256
+#define SSL_R_WRONG_CIPHER_RETURNED 257
+#define SSL_R_WRONG_MESSAGE_TYPE 258
+#define SSL_R_WRONG_NUMBER_OF_KEY_BITS 259
+#define SSL_R_WRONG_SIGNATURE_LENGTH 260
+#define SSL_R_WRONG_SIGNATURE_SIZE 261
+#define SSL_R_WRONG_SSL_VERSION 262
+#define SSL_R_WRONG_VERSION_NUMBER 263
+#define SSL_R_X509_LIB 264
+
+#ifdef __cplusplus
+}
+#endif
+#endif
+
diff --git a/src/lib/libssl/src/ssl/ssl2.h b/src/lib/libssl/src/ssl/ssl2.h
new file mode 100644
index 0000000000..3dc94e520b
--- /dev/null
+++ b/src/lib/libssl/src/ssl/ssl2.h
@@ -0,0 +1,265 @@
+/* ssl/ssl2.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_SSL2_H
+#define HEADER_SSL2_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Protocol Version Codes */
+#define SSL2_VERSION 0x0002
+#define SSL2_VERSION_MAJOR 0x00
+#define SSL2_VERSION_MINOR 0x02
+#define SSL2_CLIENT_VERSION 0x0002
+#define SSL2_SERVER_VERSION 0x0002
+
+/* Protocol Message Codes */
+#define SSL2_MT_ERROR 0
+#define SSL2_MT_CLIENT_HELLO 1
+#define SSL2_MT_CLIENT_MASTER_KEY 2
+#define SSL2_MT_CLIENT_FINISHED 3
+#define SSL2_MT_SERVER_HELLO 4
+#define SSL2_MT_SERVER_VERIFY 5
+#define SSL2_MT_SERVER_FINISHED 6
+#define SSL2_MT_REQUEST_CERTIFICATE 7
+#define SSL2_MT_CLIENT_CERTIFICATE 8
+
+/* Error Message Codes */
+#define SSL2_PE_UNDEFINED_ERROR 0x0000
+#define SSL2_PE_NO_CIPHER 0x0001
+#define SSL2_PE_NO_CERTIFICATE 0x0002
+#define SSL2_PE_BAD_CERTIFICATE 0x0004
+#define SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE 0x0006
+
+/* Cipher Kind Values */
+#define SSL2_CK_NULL_WITH_MD5 0x02000000 /* v3 */
+#define SSL2_CK_RC4_128_WITH_MD5 0x02010080
+#define SSL2_CK_RC4_128_EXPORT40_WITH_MD5 0x02020080
+#define SSL2_CK_RC2_128_CBC_WITH_MD5 0x02030080
+#define SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5 0x02040080
+#define SSL2_CK_IDEA_128_CBC_WITH_MD5 0x02050080
+#define SSL2_CK_DES_64_CBC_WITH_MD5 0x02060040
+#define SSL2_CK_DES_64_CBC_WITH_SHA 0x02060140 /* v3 */
+#define SSL2_CK_DES_192_EDE3_CBC_WITH_MD5 0x020700c0
+#define SSL2_CK_DES_192_EDE3_CBC_WITH_SHA 0x020701c0 /* v3 */
+#define SSL2_CK_RC4_64_WITH_MD5 0x02080080 /* MS hack */
+
+#define SSL2_CK_DES_64_CFB64_WITH_MD5_1 0x02ff0800 /* SSLeay */
+#define SSL2_CK_NULL 0x02ff0810 /* SSLeay */
+
+#define SSL2_TXT_DES_64_CFB64_WITH_MD5_1 "DES-CFB-M1"
+#define SSL2_TXT_NULL_WITH_MD5 "NULL-MD5"
+#define SSL2_TXT_RC4_128_WITH_MD5 "RC4-MD5"
+#define SSL2_TXT_RC4_128_EXPORT40_WITH_MD5 "EXP-RC4-MD5"
+#define SSL2_TXT_RC2_128_CBC_WITH_MD5 "RC2-CBC-MD5"
+#define SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5 "EXP-RC2-CBC-MD5"
+#define SSL2_TXT_IDEA_128_CBC_WITH_MD5 "IDEA-CBC-MD5"
+#define SSL2_TXT_DES_64_CBC_WITH_MD5 "DES-CBC-MD5"
+#define SSL2_TXT_DES_64_CBC_WITH_SHA "DES-CBC-SHA"
+#define SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5 "DES-CBC3-MD5"
+#define SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA "DES-CBC3-SHA"
+#define SSL2_TXT_RC4_64_WITH_MD5 "RC4-64-MD5"
+
+#define SSL2_TXT_NULL "NULL"
+
+/* Flags for the SSL_CIPHER.algorithm2 field */
+#define SSL2_CF_5_BYTE_ENC 0x01
+#define SSL2_CF_8_BYTE_ENC 0x02
+
+/* Certificate Type Codes */
+#define SSL2_CT_X509_CERTIFICATE 0x01
+
+/* Authentication Type Code */
+#define SSL2_AT_MD5_WITH_RSA_ENCRYPTION 0x01
+
+#define SSL2_MAX_SSL_SESSION_ID_LENGTH 32
+
+/* Upper/Lower Bounds */
+#define SSL2_MAX_MASTER_KEY_LENGTH_IN_BITS 256
+#define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER (unsigned int)32767
+#define SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER 16383 /**/
+
+#define SSL2_CHALLENGE_LENGTH 16
+/*#define SSL2_CHALLENGE_LENGTH 32 */
+#define SSL2_MIN_CHALLENGE_LENGTH 16
+#define SSL2_MAX_CHALLENGE_LENGTH 32
+#define SSL2_CONNECTION_ID_LENGTH 16
+#define SSL2_MAX_CONNECTION_ID_LENGTH 16
+#define SSL2_SSL_SESSION_ID_LENGTH 16
+#define SSL2_MAX_CERT_CHALLENGE_LENGTH 32
+#define SSL2_MIN_CERT_CHALLENGE_LENGTH 16
+#define SSL2_MAX_KEY_MATERIAL_LENGTH 24
+
+#ifndef HEADER_SSL_LOCL_H
+#define CERT char
+#endif
+
+typedef struct ssl2_ctx_st
+ {
+ int three_byte_header;
+ int clear_text; /* clear text */
+ int escape; /* not used in SSLv2 */
+ int ssl2_rollback; /* used if SSLv23 rolled back to SSLv2 */
+
+ /* non-blocking io info, used to make sure the same
+ * args were passwd */
+ unsigned int wnum; /* number of bytes sent so far */
+ int wpend_tot;
+ char *wpend_buf;
+
+ int wpend_off; /* offset to data to write */
+ int wpend_len; /* number of bytes passwd to write */
+ int wpend_ret; /* number of bytes to return to caller */
+
+ /* buffer raw data */
+ int rbuf_left;
+ int rbuf_offs;
+ unsigned char *rbuf;
+ unsigned char *wbuf;
+
+ unsigned char *write_ptr;/* used to point to the start due to
+ * 2/3 byte header. */
+
+ unsigned int padding;
+ unsigned int rlength; /* passed to ssl2_enc */
+ int ract_data_length; /* Set when things are encrypted. */
+ unsigned int wlength; /* passed to ssl2_enc */
+ int wact_data_length; /* Set when things are decrypted. */
+ unsigned char *ract_data;
+ unsigned char *wact_data;
+ unsigned char *mac_data;
+ unsigned char *pad_data;
+
+ unsigned char *read_key;
+ unsigned char *write_key;
+
+ /* Stuff specifically to do with this SSL session */
+ unsigned int challenge_length;
+ unsigned char challenge[SSL2_MAX_CHALLENGE_LENGTH];
+ unsigned int conn_id_length;
+ unsigned char conn_id[SSL2_MAX_CONNECTION_ID_LENGTH];
+ unsigned int key_material_length;
+ unsigned char key_material[SSL2_MAX_KEY_MATERIAL_LENGTH*2];
+
+ unsigned long read_sequence;
+ unsigned long write_sequence;
+
+ struct {
+ unsigned int conn_id_length;
+ unsigned int cert_type;
+ unsigned int cert_length;
+ int csl;
+ int clear;
+ unsigned int enc;
+ unsigned char ccl[SSL2_MAX_CERT_CHALLENGE_LENGTH];
+ int cipher_spec_length;
+ unsigned int session_id_length;
+ unsigned int clen;
+ unsigned int rlen;
+ } tmp;
+ } SSL2_CTX;
+
+/* SSLv2 */
+/* client */
+#define SSL2_ST_SEND_CLIENT_HELLO_A (0x10|SSL_ST_CONNECT)
+#define SSL2_ST_SEND_CLIENT_HELLO_B (0x11|SSL_ST_CONNECT)
+#define SSL2_ST_GET_SERVER_HELLO_A (0x20|SSL_ST_CONNECT)
+#define SSL2_ST_GET_SERVER_HELLO_B (0x21|SSL_ST_CONNECT)
+#define SSL2_ST_SEND_CLIENT_MASTER_KEY_A (0x30|SSL_ST_CONNECT)
+#define SSL2_ST_SEND_CLIENT_MASTER_KEY_B (0x31|SSL_ST_CONNECT)
+#define SSL2_ST_SEND_CLIENT_FINISHED_A (0x40|SSL_ST_CONNECT)
+#define SSL2_ST_SEND_CLIENT_FINISHED_B (0x41|SSL_ST_CONNECT)
+#define SSL2_ST_SEND_CLIENT_CERTIFICATE_A (0x50|SSL_ST_CONNECT)
+#define SSL2_ST_SEND_CLIENT_CERTIFICATE_B (0x51|SSL_ST_CONNECT)
+#define SSL2_ST_SEND_CLIENT_CERTIFICATE_C (0x52|SSL_ST_CONNECT)
+#define SSL2_ST_SEND_CLIENT_CERTIFICATE_D (0x53|SSL_ST_CONNECT)
+#define SSL2_ST_GET_SERVER_VERIFY_A (0x60|SSL_ST_CONNECT)
+#define SSL2_ST_GET_SERVER_VERIFY_B (0x61|SSL_ST_CONNECT)
+#define SSL2_ST_GET_SERVER_FINISHED_A (0x70|SSL_ST_CONNECT)
+#define SSL2_ST_GET_SERVER_FINISHED_B (0x71|SSL_ST_CONNECT)
+#define SSL2_ST_CLIENT_START_ENCRYPTION (0x80|SSL_ST_CONNECT)
+#define SSL2_ST_X509_GET_CLIENT_CERTIFICATE (0x90|SSL_ST_CONNECT)
+/* server */
+#define SSL2_ST_GET_CLIENT_HELLO_A (0x10|SSL_ST_ACCEPT)
+#define SSL2_ST_GET_CLIENT_HELLO_B (0x11|SSL_ST_ACCEPT)
+#define SSL2_ST_GET_CLIENT_HELLO_C (0x12|SSL_ST_ACCEPT)
+#define SSL2_ST_SEND_SERVER_HELLO_A (0x20|SSL_ST_ACCEPT)
+#define SSL2_ST_SEND_SERVER_HELLO_B (0x21|SSL_ST_ACCEPT)
+#define SSL2_ST_GET_CLIENT_MASTER_KEY_A (0x30|SSL_ST_ACCEPT)
+#define SSL2_ST_GET_CLIENT_MASTER_KEY_B (0x31|SSL_ST_ACCEPT)
+#define SSL2_ST_SEND_SERVER_VERIFY_A (0x40|SSL_ST_ACCEPT)
+#define SSL2_ST_SEND_SERVER_VERIFY_B (0x41|SSL_ST_ACCEPT)
+#define SSL2_ST_SEND_SERVER_VERIFY_C (0x42|SSL_ST_ACCEPT)
+#define SSL2_ST_GET_CLIENT_FINISHED_A (0x50|SSL_ST_ACCEPT)
+#define SSL2_ST_GET_CLIENT_FINISHED_B (0x51|SSL_ST_ACCEPT)
+#define SSL2_ST_SEND_SERVER_FINISHED_A (0x60|SSL_ST_ACCEPT)
+#define SSL2_ST_SEND_SERVER_FINISHED_B (0x61|SSL_ST_ACCEPT)
+#define SSL2_ST_SEND_REQUEST_CERTIFICATE_A (0x70|SSL_ST_ACCEPT)
+#define SSL2_ST_SEND_REQUEST_CERTIFICATE_B (0x71|SSL_ST_ACCEPT)
+#define SSL2_ST_SEND_REQUEST_CERTIFICATE_C (0x72|SSL_ST_ACCEPT)
+#define SSL2_ST_SEND_REQUEST_CERTIFICATE_D (0x73|SSL_ST_ACCEPT)
+#define SSL2_ST_SERVER_START_ENCRYPTION (0x80|SSL_ST_ACCEPT)
+#define SSL2_ST_X509_GET_SERVER_CERTIFICATE (0x90|SSL_ST_ACCEPT)
+
+#ifdef __cplusplus
+}
+#endif
+#endif
+
diff --git a/src/lib/libssl/src/ssl/ssl23.h b/src/lib/libssl/src/ssl/ssl23.h
new file mode 100644
index 0000000000..d3228983c7
--- /dev/null
+++ b/src/lib/libssl/src/ssl/ssl23.h
@@ -0,0 +1,83 @@
+/* ssl/ssl23.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_SSL23_H
+#define HEADER_SSL23_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*client */
+/* write to server */
+#define SSL23_ST_CW_CLNT_HELLO_A (0x210|SSL_ST_CONNECT)
+#define SSL23_ST_CW_CLNT_HELLO_B (0x211|SSL_ST_CONNECT)
+/* read from server */
+#define SSL23_ST_CR_SRVR_HELLO_A (0x220|SSL_ST_CONNECT)
+#define SSL23_ST_CR_SRVR_HELLO_B (0x221|SSL_ST_CONNECT)
+
+/* server */
+/* read from client */
+#define SSL23_ST_SR_CLNT_HELLO_A (0x210|SSL_ST_ACCEPT)
+#define SSL23_ST_SR_CLNT_HELLO_B (0x211|SSL_ST_ACCEPT)
+
+#ifdef __cplusplus
+}
+#endif
+#endif
+
diff --git a/src/lib/libssl/src/ssl/ssl3.h b/src/lib/libssl/src/ssl/ssl3.h
new file mode 100644
index 0000000000..95772eef60
--- /dev/null
+++ b/src/lib/libssl/src/ssl/ssl3.h
@@ -0,0 +1,455 @@
+/* ssl/ssl3.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_SSL3_H
+#define HEADER_SSL3_H
+
+#include "buffer.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define SSL3_CK_RSA_NULL_MD5 0x03000001
+#define SSL3_CK_RSA_NULL_SHA 0x03000002
+#define SSL3_CK_RSA_RC4_40_MD5 0x03000003
+#define SSL3_CK_RSA_RC4_128_MD5 0x03000004
+#define SSL3_CK_RSA_RC4_128_SHA 0x03000005
+#define SSL3_CK_RSA_RC2_40_MD5 0x03000006
+#define SSL3_CK_RSA_IDEA_128_SHA 0x03000007
+#define SSL3_CK_RSA_DES_40_CBC_SHA 0x03000008
+#define SSL3_CK_RSA_DES_64_CBC_SHA 0x03000009
+#define SSL3_CK_RSA_DES_192_CBC3_SHA 0x0300000A
+
+#define SSL3_CK_DH_DSS_DES_40_CBC_SHA 0x0300000B
+#define SSL3_CK_DH_DSS_DES_64_CBC_SHA 0x0300000C
+#define SSL3_CK_DH_DSS_DES_192_CBC3_SHA 0x0300000D
+#define SSL3_CK_DH_RSA_DES_40_CBC_SHA 0x0300000E
+#define SSL3_CK_DH_RSA_DES_64_CBC_SHA 0x0300000F
+#define SSL3_CK_DH_RSA_DES_192_CBC3_SHA 0x03000010
+
+#define SSL3_CK_EDH_DSS_DES_40_CBC_SHA 0x03000011
+#define SSL3_CK_EDH_DSS_DES_64_CBC_SHA 0x03000012
+#define SSL3_CK_EDH_DSS_DES_192_CBC3_SHA 0x03000013
+#define SSL3_CK_EDH_RSA_DES_40_CBC_SHA 0x03000014
+#define SSL3_CK_EDH_RSA_DES_64_CBC_SHA 0x03000015
+#define SSL3_CK_EDH_RSA_DES_192_CBC3_SHA 0x03000016
+
+#define SSL3_CK_ADH_RC4_40_MD5 0x03000017
+#define SSL3_CK_ADH_RC4_128_MD5 0x03000018
+#define SSL3_CK_ADH_DES_40_CBC_SHA 0x03000019
+#define SSL3_CK_ADH_DES_64_CBC_SHA 0x0300001A
+#define SSL3_CK_ADH_DES_192_CBC_SHA 0x0300001B
+
+#define SSL3_CK_FZA_DMS_NULL_SHA 0x0300001C
+#define SSL3_CK_FZA_DMS_FZA_SHA 0x0300001D
+#define SSL3_CK_FZA_DMS_RC4_SHA 0x0300001E
+
+#define SSL3_TXT_RSA_NULL_MD5 "NULL-MD5"
+#define SSL3_TXT_RSA_NULL_SHA "NULL-SHA"
+#define SSL3_TXT_RSA_RC4_40_MD5 "EXP-RC4-MD5"
+#define SSL3_TXT_RSA_RC4_128_MD5 "RC4-MD5"
+#define SSL3_TXT_RSA_RC4_128_SHA "RC4-SHA"
+#define SSL3_TXT_RSA_RC2_40_MD5 "EXP-RC2-CBC-MD5"
+#define SSL3_TXT_RSA_IDEA_128_SHA "IDEA-CBC-SHA"
+#define SSL3_TXT_RSA_DES_40_CBC_SHA "EXP-DES-CBC-SHA"
+#define SSL3_TXT_RSA_DES_64_CBC_SHA "DES-CBC-SHA"
+#define SSL3_TXT_RSA_DES_192_CBC3_SHA "DES-CBC3-SHA"
+
+#define SSL3_TXT_DH_DSS_DES_40_CBC_SHA "EXP-DH-DSS-DES-CBC-SHA"
+#define SSL3_TXT_DH_DSS_DES_64_CBC_SHA "DH-DSS-DES-CBC-SHA"
+#define SSL3_TXT_DH_DSS_DES_192_CBC3_SHA "DH-DSS-DES-CBC3-SHA"
+#define SSL3_TXT_DH_RSA_DES_40_CBC_SHA "EXP-DH-RSA-DES-CBC-SHA"
+#define SSL3_TXT_DH_RSA_DES_64_CBC_SHA "DH-RSA-DES-CBC-SHA"
+#define SSL3_TXT_DH_RSA_DES_192_CBC3_SHA "DH-RSA-DES-CBC3-SHA"
+
+#define SSL3_TXT_EDH_DSS_DES_40_CBC_SHA "EXP-EDH-DSS-DES-CBC-SHA"
+#define SSL3_TXT_EDH_DSS_DES_64_CBC_SHA "EDH-DSS-DES-CBC-SHA"
+#define SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA "EDH-DSS-DES-CBC3-SHA"
+#define SSL3_TXT_EDH_RSA_DES_40_CBC_SHA "EXP-EDH-RSA-DES-CBC-SHA"
+#define SSL3_TXT_EDH_RSA_DES_64_CBC_SHA "EDH-RSA-DES-CBC-SHA"
+#define SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA "EDH-RSA-DES-CBC3-SHA"
+
+#define SSL3_TXT_ADH_RC4_40_MD5 "EXP-ADH-RC4-MD5"
+#define SSL3_TXT_ADH_RC4_128_MD5 "ADH-RC4-MD5"
+#define SSL3_TXT_ADH_DES_40_CBC_SHA "EXP-ADH-DES-CBC-SHA"
+#define SSL3_TXT_ADH_DES_64_CBC_SHA "ADH-DES-CBC-SHA"
+#define SSL3_TXT_ADH_DES_192_CBC_SHA "ADH-DES-CBC3-SHA"
+
+#define SSL3_TXT_FZA_DMS_NULL_SHA "FZA-NULL-SHA"
+#define SSL3_TXT_FZA_DMS_FZA_SHA "FZA-FZA-CBC-SHA"
+#define SSL3_TXT_FZA_DMS_RC4_SHA "FZA-RC4-SHA"
+
+#define SSL3_SSL_SESSION_ID_LENGTH 32
+#define SSL3_MAX_SSL_SESSION_ID_LENGTH 32
+
+#define SSL3_MASTER_SECRET_SIZE 48
+#define SSL3_RANDOM_SIZE 32
+#define SSL3_SESSION_ID_SIZE 32
+#define SSL3_RT_HEADER_LENGTH 5
+
+/* Due to MS stuffing up, this can change.... */
+#if defined(WIN16) || (defined(MSDOS) && !defined(WIN32))
+#define SSL3_RT_MAX_EXTRA (14000)
+#else
+#define SSL3_RT_MAX_EXTRA (16384)
+#endif
+
+#define SSL3_RT_MAX_PLAIN_LENGTH 16384
+#define SSL3_RT_MAX_COMPRESSED_LENGTH (1024+SSL3_RT_MAX_PLAIN_LENGTH)
+#define SSL3_RT_MAX_ENCRYPTED_LENGTH (1024+SSL3_RT_MAX_COMPRESSED_LENGTH)
+#define SSL3_RT_MAX_PACKET_SIZE (SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH)
+#define SSL3_RT_MAX_DATA_SIZE (1024*1024)
+
+/* the states that a SSL3_RECORD can be in
+ * For SSL_read it goes
+ * rbuf->ENCODED -> read
+ * ENCODED -> we need to decode everything - call decode_record
+ */
+
+#define SSL3_RS_BLANK 1
+#define SSL3_RS_DATA
+
+#define SSL3_RS_ENCODED 2
+#define SSL3_RS_READ_MORE 3
+#define SSL3_RS_WRITE_MORE
+#define SSL3_RS_PLAIN 3
+#define SSL3_RS_PART_READ 4
+#define SSL3_RS_PART_WRITE 5
+
+#define SSL3_MD_CLIENT_FINISHED_CONST {0x43,0x4C,0x4E,0x54}
+#define SSL3_MD_SERVER_FINISHED_CONST {0x53,0x52,0x56,0x52}
+
+#define SSL3_VERSION 0x0300
+#define SSL3_VERSION_MAJOR 0x03
+#define SSL3_VERSION_MINOR 0x00
+
+#define SSL3_RT_CHANGE_CIPHER_SPEC 20
+#define SSL3_RT_ALERT 21
+#define SSL3_RT_HANDSHAKE 22
+#define SSL3_RT_APPLICATION_DATA 23
+
+#define SSL3_AL_WARNING 1
+#define SSL3_AL_FATAL 2
+
+#define SSL3_AD_CLOSE_NOTIFY 0
+#define SSL3_AD_UNEXPECTED_MESSAGE 10 /* fatal */
+#define SSL3_AD_BAD_RECORD_MAC 20 /* fatal */
+#define SSL3_AD_DECOMPRESSION_FAILURE 30 /* fatal */
+#define SSL3_AD_HANDSHAKE_FAILURE 40 /* fatal */
+#define SSL3_AD_NO_CERTIFICATE 41
+#define SSL3_AD_BAD_CERTIFICATE 42
+#define SSL3_AD_UNSUPPORTED_CERTIFICATE 43
+#define SSL3_AD_CERTIFICATE_REVOKED 44
+#define SSL3_AD_CERTIFICATE_EXPIRED 45
+#define SSL3_AD_CERTIFICATE_UNKNOWN 46
+#define SSL3_AD_ILLEGAL_PARAMETER 47 /* fatal */
+
+typedef struct ssl3_record_st
+ {
+/*r */ int type; /* type of record */
+/* */ /*int state;*/ /* any data in it? */
+/*rw*/ unsigned int length; /* How many bytes available */
+/*r */ unsigned int off; /* read/write offset into 'buf' */
+/*rw*/ unsigned char *data; /* pointer to the record data */
+/*rw*/ unsigned char *input; /* where the decode bytes are */
+/*rw*/ unsigned char *comp; /* only used with decompression */
+ } SSL3_RECORD;
+
+typedef struct ssl3_buffer_st
+ {
+/*r */ int total; /* used in non-blocking writes */
+/*r */ int wanted; /* how many more bytes we need */
+/*rw*/ int left; /* how many bytes left */
+/*rw*/ int offset; /* where to 'copy from' */
+/*rw*/ unsigned char *buf; /* SSL3_RT_MAX_PACKET_SIZE bytes */
+ } SSL3_BUFFER;
+
+typedef struct ssl3_compression_st {
+ int nothing;
+ } SSL3_COMPRESSION;
+
+#define SSL3_CT_RSA_SIGN 1
+#define SSL3_CT_DSS_SIGN 2
+#define SSL3_CT_RSA_FIXED_DH 3
+#define SSL3_CT_DSS_FIXED_DH 4
+#define SSL3_CT_RSA_EPHEMERAL_DH 5
+#define SSL3_CT_DSS_EPHEMERAL_DH 6
+#define SSL3_CT_FORTEZZA_DMS 20
+#define SSL3_CT_NUMBER 7
+
+#define SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS 0x0001
+#define SSL3_FLAGS_DELAY_CLIENT_FINISHED 0x0002
+#define SSL3_FLAGS_POP_BUFFER 0x0004
+#define TLS1_FLAGS_TLS_PADDING_BUG 0x0008
+
+#if 0
+#define AD_CLOSE_NOTIFY 0
+#define AD_UNEXPECTED_MESSAGE 1
+#define AD_BAD_RECORD_MAC 2
+#define AD_DECRYPTION_FAILED 3
+#define AD_RECORD_OVERFLOW 4
+#define AD_DECOMPRESSION_FAILURE 5 /* fatal */
+#define AD_HANDSHAKE_FAILURE 6 /* fatal */
+#define AD_NO_CERTIFICATE 7 /* Not under TLS */
+#define AD_BAD_CERTIFICATE 8
+#define AD_UNSUPPORTED_CERTIFICATE 9
+#define AD_CERTIFICATE_REVOKED 10
+#define AD_CERTIFICATE_EXPIRED 11
+#define AD_CERTIFICATE_UNKNOWN 12
+#define AD_ILLEGAL_PARAMETER 13 /* fatal */
+#define AD_UNKNOWN_CA 14 /* fatal */
+#define AD_ACCESS_DENIED 15 /* fatal */
+#define AD_DECODE_ERROR 16 /* fatal */
+#define AD_DECRYPT_ERROR 17
+#define AD_EXPORT_RESTRICION 18 /* fatal */
+#define AD_PROTOCOL_VERSION 19 /* fatal */
+#define AD_INSUFFICIENT_SECURITY 20 /* fatal */
+#define AD_INTERNAL_ERROR 21 /* fatal */
+#define AD_USER_CANCLED 22
+#define AD_NO_RENEGOTIATION 23
+#endif
+
+typedef struct ssl3_ctx_st
+ {
+ long flags;
+ int delay_buf_pop_ret;
+
+ unsigned char read_sequence[8];
+ unsigned char read_mac_secret[EVP_MAX_MD_SIZE];
+ unsigned char write_sequence[8];
+ unsigned char write_mac_secret[EVP_MAX_MD_SIZE];
+
+ unsigned char server_random[SSL3_RANDOM_SIZE];
+ unsigned char client_random[SSL3_RANDOM_SIZE];
+
+ SSL3_BUFFER rbuf; /* read IO goes into here */
+ SSL3_BUFFER wbuf; /* write IO goes into here */
+ SSL3_RECORD rrec; /* each decoded record goes in here */
+ SSL3_RECORD wrec; /* goes out from here */
+ /* Used by ssl3_read_n to point
+ * to input data packet */
+
+ /* partial write - check the numbers match */
+ unsigned int wnum; /* number of bytes sent so far */
+ int wpend_tot; /* number bytes written */
+ int wpend_type;
+ int wpend_ret; /* number of bytes submitted */
+ char *wpend_buf;
+
+ /* used during startup, digest all incoming/outgoing packets */
+ EVP_MD_CTX finish_dgst1;
+ EVP_MD_CTX finish_dgst2;
+
+ /* this is set whenerver we see a change_cipher_spec message
+ * come in when we are not looking for one */
+ int change_cipher_spec;
+
+ int warn_alert;
+ int fatal_alert;
+ /* we alow one fatal and one warning alert to be outstanding,
+ * send close alert via the warning alert */
+ int alert_dispatch;
+ char send_alert[2];
+
+ /* This flag is set when we should renegotiate ASAP, basically when
+ * there is no more data in the read or write buffers */
+ int renegotiate;
+ int total_renegotiations;
+ int num_renegotiations;
+
+ int in_read_app_data;
+
+ struct {
+ /* Actually only needs to be 16+20 for SSLv3 and 12 for TLS */
+ unsigned char finish_md[EVP_MAX_MD_SIZE*2];
+
+ unsigned long message_size;
+ int message_type;
+
+ /* used to hold the new cipher we are going to use */
+ SSL_CIPHER *new_cipher;
+ DH *dh;
+
+ /* used when SSL_ST_FLUSH_DATA is entered */
+ int next_state;
+
+ int reuse_message;
+
+ /* used for certificate requests */
+ int cert_req;
+ int ctype_num;
+ char ctype[SSL3_CT_NUMBER];
+ STACK *ca_names;
+
+ int use_rsa_tmp;
+
+ int key_block_length;
+ unsigned char *key_block;
+
+ EVP_CIPHER *new_sym_enc;
+ EVP_MD *new_hash;
+ SSL_COMPRESSION *new_compression;
+ int cert_request;
+ } tmp;
+ } SSL3_CTX;
+
+/* SSLv3 */
+/*client */
+/* extra state */
+#define SSL3_ST_CW_FLUSH (0x100|SSL_ST_CONNECT)
+/* write to server */
+#define SSL3_ST_CW_CLNT_HELLO_A (0x110|SSL_ST_CONNECT)
+#define SSL3_ST_CW_CLNT_HELLO_B (0x111|SSL_ST_CONNECT)
+/* read from server */
+#define SSL3_ST_CR_SRVR_HELLO_A (0x120|SSL_ST_CONNECT)
+#define SSL3_ST_CR_SRVR_HELLO_B (0x121|SSL_ST_CONNECT)
+#define SSL3_ST_CR_CERT_A (0x130|SSL_ST_CONNECT)
+#define SSL3_ST_CR_CERT_B (0x131|SSL_ST_CONNECT)
+#define SSL3_ST_CR_KEY_EXCH_A (0x140|SSL_ST_CONNECT)
+#define SSL3_ST_CR_KEY_EXCH_B (0x141|SSL_ST_CONNECT)
+#define SSL3_ST_CR_CERT_REQ_A (0x150|SSL_ST_CONNECT)
+#define SSL3_ST_CR_CERT_REQ_B (0x151|SSL_ST_CONNECT)
+#define SSL3_ST_CR_SRVR_DONE_A (0x160|SSL_ST_CONNECT)
+#define SSL3_ST_CR_SRVR_DONE_B (0x161|SSL_ST_CONNECT)
+/* write to server */
+#define SSL3_ST_CW_CERT_A (0x170|SSL_ST_CONNECT)
+#define SSL3_ST_CW_CERT_B (0x171|SSL_ST_CONNECT)
+#define SSL3_ST_CW_CERT_C (0x172|SSL_ST_CONNECT)
+#define SSL3_ST_CW_CERT_D (0x173|SSL_ST_CONNECT)
+#define SSL3_ST_CW_KEY_EXCH_A (0x180|SSL_ST_CONNECT)
+#define SSL3_ST_CW_KEY_EXCH_B (0x181|SSL_ST_CONNECT)
+#define SSL3_ST_CW_CERT_VRFY_A (0x190|SSL_ST_CONNECT)
+#define SSL3_ST_CW_CERT_VRFY_B (0x191|SSL_ST_CONNECT)
+#define SSL3_ST_CW_CHANGE_A (0x1A0|SSL_ST_CONNECT)
+#define SSL3_ST_CW_CHANGE_B (0x1A1|SSL_ST_CONNECT)
+#define SSL3_ST_CW_FINISHED_A (0x1B0|SSL_ST_CONNECT)
+#define SSL3_ST_CW_FINISHED_B (0x1B1|SSL_ST_CONNECT)
+/* read from server */
+#define SSL3_ST_CR_CHANGE_A (0x1C0|SSL_ST_CONNECT)
+#define SSL3_ST_CR_CHANGE_B (0x1C1|SSL_ST_CONNECT)
+#define SSL3_ST_CR_FINISHED_A (0x1D0|SSL_ST_CONNECT)
+#define SSL3_ST_CR_FINISHED_B (0x1D1|SSL_ST_CONNECT)
+
+/* server */
+/* extra state */
+#define SSL3_ST_SW_FLUSH (0x100|SSL_ST_ACCEPT)
+/* read from client */
+/* Do not change the number values, they do matter */
+#define SSL3_ST_SR_CLNT_HELLO_A (0x110|SSL_ST_ACCEPT)
+#define SSL3_ST_SR_CLNT_HELLO_B (0x111|SSL_ST_ACCEPT)
+#define SSL3_ST_SR_CLNT_HELLO_C (0x112|SSL_ST_ACCEPT)
+/* write to client */
+#define SSL3_ST_SW_HELLO_REQ_A (0x120|SSL_ST_ACCEPT)
+#define SSL3_ST_SW_HELLO_REQ_B (0x121|SSL_ST_ACCEPT)
+#define SSL3_ST_SW_HELLO_REQ_C (0x122|SSL_ST_ACCEPT)
+#define SSL3_ST_SW_SRVR_HELLO_A (0x130|SSL_ST_ACCEPT)
+#define SSL3_ST_SW_SRVR_HELLO_B (0x131|SSL_ST_ACCEPT)
+#define SSL3_ST_SW_CERT_A (0x140|SSL_ST_ACCEPT)
+#define SSL3_ST_SW_CERT_B (0x141|SSL_ST_ACCEPT)
+#define SSL3_ST_SW_KEY_EXCH_A (0x150|SSL_ST_ACCEPT)
+#define SSL3_ST_SW_KEY_EXCH_B (0x151|SSL_ST_ACCEPT)
+#define SSL3_ST_SW_CERT_REQ_A (0x160|SSL_ST_ACCEPT)
+#define SSL3_ST_SW_CERT_REQ_B (0x161|SSL_ST_ACCEPT)
+#define SSL3_ST_SW_SRVR_DONE_A (0x170|SSL_ST_ACCEPT)
+#define SSL3_ST_SW_SRVR_DONE_B (0x171|SSL_ST_ACCEPT)
+/* read from client */
+#define SSL3_ST_SR_CERT_A (0x180|SSL_ST_ACCEPT)
+#define SSL3_ST_SR_CERT_B (0x181|SSL_ST_ACCEPT)
+#define SSL3_ST_SR_KEY_EXCH_A (0x190|SSL_ST_ACCEPT)
+#define SSL3_ST_SR_KEY_EXCH_B (0x191|SSL_ST_ACCEPT)
+#define SSL3_ST_SR_CERT_VRFY_A (0x1A0|SSL_ST_ACCEPT)
+#define SSL3_ST_SR_CERT_VRFY_B (0x1A1|SSL_ST_ACCEPT)
+#define SSL3_ST_SR_CHANGE_A (0x1B0|SSL_ST_ACCEPT)
+#define SSL3_ST_SR_CHANGE_B (0x1B1|SSL_ST_ACCEPT)
+#define SSL3_ST_SR_FINISHED_A (0x1C0|SSL_ST_ACCEPT)
+#define SSL3_ST_SR_FINISHED_B (0x1C1|SSL_ST_ACCEPT)
+/* write to client */
+#define SSL3_ST_SW_CHANGE_A (0x1D0|SSL_ST_ACCEPT)
+#define SSL3_ST_SW_CHANGE_B (0x1D1|SSL_ST_ACCEPT)
+#define SSL3_ST_SW_FINISHED_A (0x1E0|SSL_ST_ACCEPT)
+#define SSL3_ST_SW_FINISHED_B (0x1E1|SSL_ST_ACCEPT)
+
+#define SSL3_MT_CLIENT_REQUEST 0
+#define SSL3_MT_CLIENT_HELLO 1
+#define SSL3_MT_SERVER_HELLO 2
+#define SSL3_MT_CERTIFICATE 11
+#define SSL3_MT_SERVER_KEY_EXCHANGE 12
+#define SSL3_MT_CERTIFICATE_REQUEST 13
+#define SSL3_MT_SERVER_DONE 14
+#define SSL3_MT_CERTIFICATE_VERIFY 15
+#define SSL3_MT_CLIENT_KEY_EXCHANGE 16
+#define SSL3_MT_FINISHED 20
+
+#define SSL3_MT_CCS 1
+
+/* These are used when changing over to a new cipher */
+#define SSL3_CC_READ 0x01
+#define SSL3_CC_WRITE 0x02
+#define SSL3_CC_CLIENT 0x10
+#define SSL3_CC_SERVER 0x20
+#define SSL3_CHANGE_CIPHER_CLIENT_WRITE (SSL3_CC_CLIENT|SSL3_CC_WRITE)
+#define SSL3_CHANGE_CIPHER_SERVER_READ (SSL3_CC_SERVER|SSL3_CC_READ)
+#define SSL3_CHANGE_CIPHER_CLIENT_READ (SSL3_CC_CLIENT|SSL3_CC_READ)
+#define SSL3_CHANGE_CIPHER_SERVER_WRITE (SSL3_CC_SERVER|SSL3_CC_WRITE)
+
+#ifdef __cplusplus
+}
+#endif
+#endif
+
diff --git a/src/lib/libssl/src/ssl/ssl_algs.c b/src/lib/libssl/src/ssl/ssl_algs.c
new file mode 100644
index 0000000000..65f3a59386
--- /dev/null
+++ b/src/lib/libssl/src/ssl/ssl_algs.c
@@ -0,0 +1,102 @@
+/* ssl/ssl_algs.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "objects.h"
+#include "lhash.h"
+#include "ssl_locl.h"
+
+void SSLeay_add_ssl_algorithms()
+ {
+#ifndef NO_DES
+ EVP_add_cipher(EVP_des_cbc());
+ EVP_add_cipher(EVP_des_ede3_cbc());
+#endif
+#ifndef NO_IDEA
+ EVP_add_cipher(EVP_idea_cbc());
+#endif
+#ifndef NO_RC4
+ EVP_add_cipher(EVP_rc4());
+#endif
+#ifndef NO_RC2
+ EVP_add_cipher(EVP_rc2_cbc());
+#endif
+
+#ifndef NO_MD2
+ EVP_add_digest(EVP_md2());
+#endif
+#ifndef NO_MD5
+ EVP_add_digest(EVP_md5());
+ EVP_add_alias(SN_md5,"ssl2-md5");
+ EVP_add_alias(SN_md5,"ssl3-md5");
+#endif
+#ifndef NO_SHA1
+ EVP_add_digest(EVP_sha1()); /* RSA with sha1 */
+ EVP_add_alias(SN_sha1,"ssl3-sha1");
+#endif
+#if !defined(NO_SHA1) && !defined(NO_DSA)
+ EVP_add_digest(EVP_dss1()); /* DSA with sha1 */
+#endif
+
+ /* If you want support for phased out ciphers, add the following */
+#if 0
+ EVP_add_digest(EVP_sha());
+ EVP_add_digest(EVP_dss());
+#endif
+ }
+
diff --git a/src/lib/libssl/src/ssl/ssl_asn1.c b/src/lib/libssl/src/ssl/ssl_asn1.c
new file mode 100644
index 0000000000..116a83de64
--- /dev/null
+++ b/src/lib/libssl/src/ssl/ssl_asn1.c
@@ -0,0 +1,313 @@
+/* ssl/ssl_asn1.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "asn1_mac.h"
+#include "objects.h"
+#include "ssl_locl.h"
+
+typedef struct ssl_session_asn1_st
+ {
+ ASN1_INTEGER version;
+ ASN1_INTEGER ssl_version;
+ ASN1_OCTET_STRING cipher;
+ ASN1_OCTET_STRING master_key;
+ ASN1_OCTET_STRING session_id;
+ ASN1_OCTET_STRING key_arg;
+ ASN1_INTEGER time;
+ ASN1_INTEGER timeout;
+ } SSL_SESSION_ASN1;
+
+/*
+ * SSLerr(SSL_F_I2D_SSL_SESSION,SSL_R_CIPHER_CODE_WRONG_LENGTH);
+ * SSLerr(SSL_F_D2I_SSL_SESSION,SSL_R_UNSUPPORTED_CIPHER);
+ */
+
+int i2d_SSL_SESSION(in,pp)
+SSL_SESSION *in;
+unsigned char **pp;
+ {
+#define LSIZE2 (sizeof(long)*2)
+ int v1=0,v2=0,v3=0;
+ unsigned char buf[4],ibuf1[LSIZE2],ibuf2[LSIZE2];
+ unsigned char ibuf3[LSIZE2],ibuf4[LSIZE2];
+ long l;
+ SSL_SESSION_ASN1 a;
+ M_ASN1_I2D_vars(in);
+
+ if ((in == NULL) || ((in->cipher == NULL) && (in->cipher_id == 0)))
+ return(0);
+
+ /* Note that I cheat in the following 2 assignments. I know
+ * that if the ASN1_INTERGER passed to ASN1_INTEGER_set
+ * is > sizeof(long)+1, the buffer will not be re-Malloc()ed.
+ * This is a bit evil but makes things simple, no dynamic allocation
+ * to clean up :-) */
+ a.version.length=LSIZE2;
+ a.version.type=V_ASN1_INTEGER;
+ a.version.data=ibuf1;
+ ASN1_INTEGER_set(&(a.version),SSL_SESSION_ASN1_VERSION);
+
+ a.ssl_version.length=LSIZE2;
+ a.ssl_version.type=V_ASN1_INTEGER;
+ a.ssl_version.data=ibuf2;
+ ASN1_INTEGER_set(&(a.ssl_version),in->ssl_version);
+
+ a.cipher.type=V_ASN1_OCTET_STRING;
+ a.cipher.data=buf;
+
+ if (in->cipher == NULL)
+ l=in->cipher_id;
+ else
+ l=in->cipher->id;
+ if (in->ssl_version == SSL2_VERSION)
+ {
+ a.cipher.length=3;
+ buf[0]=((unsigned char)(l>>16L))&0xff;
+ buf[1]=((unsigned char)(l>> 8L))&0xff;
+ buf[2]=((unsigned char)(l ))&0xff;
+ }
+ else
+ {
+ a.cipher.length=2;
+ buf[0]=((unsigned char)(l>>8L))&0xff;
+ buf[1]=((unsigned char)(l ))&0xff;
+ }
+
+ a.master_key.length=in->master_key_length;
+ a.master_key.type=V_ASN1_OCTET_STRING;
+ a.master_key.data=in->master_key;
+
+ a.session_id.length=in->session_id_length;
+ a.session_id.type=V_ASN1_OCTET_STRING;
+ a.session_id.data=in->session_id;
+
+ a.key_arg.length=in->key_arg_length;
+ a.key_arg.type=V_ASN1_OCTET_STRING;
+ a.key_arg.data=in->key_arg;
+
+ if (in->time != 0L)
+ {
+ a.time.length=LSIZE2;
+ a.time.type=V_ASN1_INTEGER;
+ a.time.data=ibuf3;
+ ASN1_INTEGER_set(&(a.time),in->time);
+ }
+
+ if (in->timeout != 0L)
+ {
+ a.timeout.length=LSIZE2;
+ a.timeout.type=V_ASN1_INTEGER;
+ a.timeout.data=ibuf4;
+ ASN1_INTEGER_set(&(a.timeout),in->timeout);
+ }
+
+ M_ASN1_I2D_len(&(a.version), i2d_ASN1_INTEGER);
+ M_ASN1_I2D_len(&(a.ssl_version), i2d_ASN1_INTEGER);
+ M_ASN1_I2D_len(&(a.cipher), i2d_ASN1_OCTET_STRING);
+ M_ASN1_I2D_len(&(a.session_id), i2d_ASN1_OCTET_STRING);
+ M_ASN1_I2D_len(&(a.master_key), i2d_ASN1_OCTET_STRING);
+ if (in->key_arg_length > 0)
+ M_ASN1_I2D_len_IMP_opt(&(a.key_arg),i2d_ASN1_OCTET_STRING);
+ if (in->time != 0L)
+ M_ASN1_I2D_len_EXP_opt(&(a.time),i2d_ASN1_INTEGER,1,v1);
+ if (in->timeout != 0L)
+ M_ASN1_I2D_len_EXP_opt(&(a.timeout),i2d_ASN1_INTEGER,2,v2);
+ if (in->peer != NULL)
+ M_ASN1_I2D_len_EXP_opt(in->peer,i2d_X509,3,v3);
+
+ M_ASN1_I2D_seq_total();
+
+ M_ASN1_I2D_put(&(a.version), i2d_ASN1_INTEGER);
+ M_ASN1_I2D_put(&(a.ssl_version), i2d_ASN1_INTEGER);
+ M_ASN1_I2D_put(&(a.cipher), i2d_ASN1_OCTET_STRING);
+ M_ASN1_I2D_put(&(a.session_id), i2d_ASN1_OCTET_STRING);
+ M_ASN1_I2D_put(&(a.master_key), i2d_ASN1_OCTET_STRING);
+ if (in->key_arg_length > 0)
+ M_ASN1_I2D_put_IMP_opt(&(a.key_arg),i2d_ASN1_OCTET_STRING,0);
+ if (in->time != 0L)
+ M_ASN1_I2D_put_EXP_opt(&(a.time),i2d_ASN1_INTEGER,1,v1);
+ if (in->timeout != 0L)
+ M_ASN1_I2D_put_EXP_opt(&(a.timeout),i2d_ASN1_INTEGER,2,v2);
+ if (in->peer != NULL)
+ M_ASN1_I2D_put_EXP_opt(in->peer,i2d_X509,3,v3);
+
+ M_ASN1_I2D_finish();
+ }
+
+SSL_SESSION *d2i_SSL_SESSION(a,pp,length)
+SSL_SESSION **a;
+unsigned char **pp;
+long length;
+ {
+ int version,ssl_version=0,i;
+ long id;
+ ASN1_INTEGER ai,*aip;
+ ASN1_OCTET_STRING os,*osp;
+ M_ASN1_D2I_vars(a,SSL_SESSION *,SSL_SESSION_new);
+
+ aip= &ai;
+ osp= &os;
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+
+ ai.data=NULL; ai.length=0;
+ M_ASN1_D2I_get(aip,d2i_ASN1_INTEGER);
+ version=(int)ASN1_INTEGER_get(aip);
+ if (ai.data != NULL) { Free(ai.data); ai.data=NULL; ai.length=0; }
+
+ /* we don't care about the version right now :-) */
+ M_ASN1_D2I_get(aip,d2i_ASN1_INTEGER);
+ ssl_version=(int)ASN1_INTEGER_get(aip);
+ ret->ssl_version=ssl_version;
+ if (ai.data != NULL) { Free(ai.data); ai.data=NULL; ai.length=0; }
+
+ os.data=NULL; os.length=0;
+ M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING);
+ if (ssl_version == SSL2_VERSION)
+ {
+ if (os.length != 3)
+ {
+ c.error=SSL_R_CIPHER_CODE_WRONG_LENGTH;
+ goto err;
+ }
+ id=0x02000000L|
+ ((unsigned long)os.data[0]<<16L)|
+ ((unsigned long)os.data[1]<< 8L)|
+ (unsigned long)os.data[2];
+ }
+ else if ((ssl_version>>8) == 3)
+ {
+ if (os.length != 2)
+ {
+ c.error=SSL_R_CIPHER_CODE_WRONG_LENGTH;
+ goto err;
+ }
+ id=0x03000000L|
+ ((unsigned long)os.data[0]<<8L)|
+ (unsigned long)os.data[1];
+ }
+ else
+ {
+ SSLerr(SSL_F_D2I_SSL_SESSION,SSL_R_UNKNOWN_SSL_VERSION);
+ return(NULL);
+ }
+
+ ret->cipher=NULL;
+ ret->cipher_id=id;
+
+ M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING);
+ if ((ssl_version>>8) == SSL3_VERSION)
+ i=SSL3_MAX_SSL_SESSION_ID_LENGTH;
+ else /* if (ssl_version == SSL2_VERSION) */
+ i=SSL2_MAX_SSL_SESSION_ID_LENGTH;
+
+ if (os.length > i)
+ os.length=i;
+
+ ret->session_id_length=os.length;
+ memcpy(ret->session_id,os.data,os.length);
+
+ M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING);
+ if (ret->master_key_length > SSL_MAX_MASTER_KEY_LENGTH)
+ ret->master_key_length=SSL_MAX_MASTER_KEY_LENGTH;
+ else
+ ret->master_key_length=os.length;
+ memcpy(ret->master_key,os.data,ret->master_key_length);
+
+ os.length=0;
+ M_ASN1_D2I_get_IMP_opt(osp,d2i_ASN1_OCTET_STRING,0,V_ASN1_OCTET_STRING);
+ if (os.length > SSL_MAX_KEY_ARG_LENGTH)
+ ret->key_arg_length=SSL_MAX_KEY_ARG_LENGTH;
+ else
+ ret->key_arg_length=os.length;
+ memcpy(ret->key_arg,os.data,ret->key_arg_length);
+ if (os.data != NULL) Free(os.data);
+
+ ai.length=0;
+ M_ASN1_D2I_get_EXP_opt(aip,d2i_ASN1_INTEGER,1);
+ if (ai.data != NULL)
+ {
+ ret->time=ASN1_INTEGER_get(aip);
+ Free(ai.data); ai.data=NULL; ai.length=0;
+ }
+ else
+ ret->time=time(NULL);
+
+ ai.length=0;
+ M_ASN1_D2I_get_EXP_opt(aip,d2i_ASN1_INTEGER,2);
+ if (ai.data != NULL)
+ {
+ ret->timeout=ASN1_INTEGER_get(aip);
+ Free(ai.data); ai.data=NULL; ai.length=0;
+ }
+ else
+ ret->timeout=3;
+
+ if (ret->peer != NULL)
+ {
+ X509_free(ret->peer);
+ ret->peer=NULL;
+ }
+ M_ASN1_D2I_get_EXP_opt(ret->peer,d2i_X509,3);
+
+ M_ASN1_D2I_Finish(a,SSL_SESSION_free,SSL_F_D2I_SSL_SESSION);
+ }
+
diff --git a/src/lib/libssl/src/ssl/ssl_cert.c b/src/lib/libssl/src/ssl/ssl_cert.c
new file mode 100644
index 0000000000..c1cb86e1b7
--- /dev/null
+++ b/src/lib/libssl/src/ssl/ssl_cert.c
@@ -0,0 +1,329 @@
+/* ssl/ssl_cert.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "objects.h"
+#include "bio.h"
+#include "pem.h"
+#include "ssl_locl.h"
+
+CERT *ssl_cert_new()
+ {
+ CERT *ret;
+
+ ret=(CERT *)Malloc(sizeof(CERT));
+ if (ret == NULL)
+ {
+ SSLerr(SSL_F_SSL_CERT_NEW,ERR_R_MALLOC_FAILURE);
+ return(NULL);
+ }
+ memset(ret,0,sizeof(CERT));
+/*
+ ret->valid=0;
+ ret->mask=0;
+ ret->export_mask=0;
+ ret->cert_type=0;
+ ret->key->x509=NULL;
+ ret->key->publickey=NULL;
+ ret->key->privatekey=NULL; */
+
+ ret->key= &(ret->pkeys[SSL_PKEY_RSA_ENC]);
+ ret->references=1;
+
+ return(ret);
+ }
+
+void ssl_cert_free(c)
+CERT *c;
+ {
+ int i;
+
+ i=CRYPTO_add(&c->references,-1,CRYPTO_LOCK_SSL_CERT);
+#ifdef REF_PRINT
+ REF_PRINT("CERT",c);
+#endif
+ if (i > 0) return;
+#ifdef REF_CHECK
+ if (i < 0)
+ {
+ fprintf(stderr,"ssl_cert_free, bad reference count\n");
+ abort(); /* ok */
+ }
+#endif
+
+#ifndef NO_RSA
+ if (c->rsa_tmp) RSA_free(c->rsa_tmp);
+#endif
+#ifndef NO_DH
+ if (c->dh_tmp) DH_free(c->dh_tmp);
+#endif
+
+ for (i=0; i<SSL_PKEY_NUM; i++)
+ {
+ if (c->pkeys[i].x509 != NULL)
+ X509_free(c->pkeys[i].x509);
+ if (c->pkeys[i].privatekey != NULL)
+ EVP_PKEY_free(c->pkeys[i].privatekey);
+#if 0
+ if (c->pkeys[i].publickey != NULL)
+ EVP_PKEY_free(c->pkeys[i].publickey);
+#endif
+ }
+ if (c->cert_chain != NULL)
+ sk_pop_free(c->cert_chain,X509_free);
+ Free(c);
+ }
+
+int ssl_set_cert_type(c, type)
+CERT *c;
+int type;
+ {
+ c->cert_type=type;
+ return(1);
+ }
+
+int ssl_verify_cert_chain(s,sk)
+SSL *s;
+STACK *sk;
+ {
+ X509 *x;
+ int i;
+ X509_STORE_CTX ctx;
+
+ if ((sk == NULL) || (sk_num(sk) == 0))
+ return(0);
+
+ x=(X509 *)sk_value(sk,0);
+ X509_STORE_CTX_init(&ctx,s->ctx->cert_store,x,sk);
+ X509_STORE_CTX_set_app_data(&ctx,(char *)s);
+
+ if (s->ctx->app_verify_callback != NULL)
+ i=s->ctx->app_verify_callback(&ctx);
+ else
+ i=X509_verify_cert(&ctx);
+
+ X509_STORE_CTX_cleanup(&ctx);
+ s->verify_result=ctx.error;
+
+ return(i);
+ }
+
+static void set_client_CA_list(ca_list,list)
+STACK **ca_list;
+STACK *list;
+ {
+ if (*ca_list != NULL)
+ sk_pop_free(*ca_list,X509_NAME_free);
+
+ *ca_list=list;
+ }
+
+STACK *SSL_dup_CA_list(sk)
+STACK *sk;
+ {
+ int i;
+ STACK *ret;
+ X509_NAME *name;
+
+ ret=sk_new_null();
+ for (i=0; i<sk_num(sk); i++)
+ {
+ name=X509_NAME_dup((X509_NAME *)sk_value(sk,i));
+ if ((name == NULL) || !sk_push(ret,(char *)name))
+ {
+ sk_pop_free(ret,X509_NAME_free);
+ return(NULL);
+ }
+ }
+ return(ret);
+ }
+
+void SSL_set_client_CA_list(s,list)
+SSL *s;
+STACK *list;
+ {
+ set_client_CA_list(&(s->client_CA),list);
+ }
+
+void SSL_CTX_set_client_CA_list(ctx,list)
+SSL_CTX *ctx;
+STACK *list;
+ {
+ set_client_CA_list(&(ctx->client_CA),list);
+ }
+
+STACK *SSL_CTX_get_client_CA_list(ctx)
+SSL_CTX *ctx;
+ {
+ return(ctx->client_CA);
+ }
+
+STACK *SSL_get_client_CA_list(s)
+SSL *s;
+ {
+ if (s->type == SSL_ST_CONNECT)
+ { /* we are in the client */
+ if (((s->version>>8) == SSL3_VERSION_MAJOR) &&
+ (s->s3 != NULL))
+ return(s->s3->tmp.ca_names);
+ else
+ return(NULL);
+ }
+ else
+ {
+ if (s->client_CA != NULL)
+ return(s->client_CA);
+ else
+ return(s->ctx->client_CA);
+ }
+ }
+
+static int add_client_CA(sk,x)
+STACK **sk;
+X509 *x;
+ {
+ X509_NAME *name;
+
+ if (x == NULL) return(0);
+ if ((*sk == NULL) && ((*sk=sk_new_null()) == NULL))
+ return(0);
+
+ if ((name=X509_NAME_dup(X509_get_subject_name(x))) == NULL)
+ return(0);
+
+ if (!sk_push(*sk,(char *)name))
+ {
+ X509_NAME_free(name);
+ return(0);
+ }
+ return(1);
+ }
+
+int SSL_add_client_CA(ssl,x)
+SSL *ssl;
+X509 *x;
+ {
+ return(add_client_CA(&(ssl->client_CA),x));
+ }
+
+int SSL_CTX_add_client_CA(ctx,x)
+SSL_CTX *ctx;
+X509 *x;
+ {
+ return(add_client_CA(&(ctx->client_CA),x));
+ }
+
+static int name_cmp(a,b)
+X509_NAME **a,**b;
+ {
+ return(X509_NAME_cmp(*a,*b));
+ }
+
+#ifndef NO_STDIO
+STACK *SSL_load_client_CA_file(file)
+char *file;
+ {
+ BIO *in;
+ X509 *x=NULL;
+ X509_NAME *xn=NULL;
+ STACK *ret,*sk;
+
+ ret=sk_new(NULL);
+ sk=sk_new(name_cmp);
+
+ in=BIO_new(BIO_s_file_internal());
+
+ if ((ret == NULL) || (sk == NULL) || (in == NULL))
+ {
+ SSLerr(SSL_F_SSL_LOAD_CLIENT_CA_FILE,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ if (!BIO_read_filename(in,file))
+ goto err;
+
+ for (;;)
+ {
+ if (PEM_read_bio_X509(in,&x,NULL) == NULL)
+ break;
+ if ((xn=X509_get_subject_name(x)) == NULL) goto err;
+ /* check for duplicates */
+ xn=X509_NAME_dup(xn);
+ if (xn == NULL) goto err;
+ if (sk_find(sk,(char *)xn) >= 0)
+ X509_NAME_free(xn);
+ else
+ {
+ sk_push(sk,(char *)xn);
+ sk_push(ret,(char *)xn);
+ }
+ }
+
+ if (0)
+ {
+err:
+ if (ret != NULL) sk_pop_free(ret,X509_NAME_free);
+ ret=NULL;
+ }
+ if (sk != NULL) sk_free(sk);
+ if (in != NULL) BIO_free(in);
+ if (x != NULL) X509_free(x);
+ return(ret);
+ }
+#endif
+
diff --git a/src/lib/libssl/src/ssl/ssl_ciph.c b/src/lib/libssl/src/ssl/ssl_ciph.c
new file mode 100644
index 0000000000..820994408b
--- /dev/null
+++ b/src/lib/libssl/src/ssl/ssl_ciph.c
@@ -0,0 +1,758 @@
+/* ssl/ssl_ciph.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "objects.h"
+#include "ssl_locl.h"
+
+#define SSL_ENC_DES_IDX 0
+#define SSL_ENC_3DES_IDX 1
+#define SSL_ENC_RC4_IDX 2
+#define SSL_ENC_RC2_IDX 3
+#define SSL_ENC_IDEA_IDX 4
+#define SSL_ENC_eFZA_IDX 5
+#define SSL_ENC_NULL_IDX 6
+#define SSL_ENC_NUM_IDX 7
+
+static EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX]={
+ NULL,NULL,NULL,NULL,NULL,NULL,
+ };
+
+#define SSL_MD_MD5_IDX 0
+#define SSL_MD_SHA1_IDX 1
+#define SSL_MD_NUM_IDX 2
+static EVP_MD *ssl_digest_methods[SSL_MD_NUM_IDX]={
+ NULL,NULL,
+ };
+
+typedef struct cipher_sort_st
+ {
+ SSL_CIPHER *cipher;
+ int pref;
+ } CIPHER_SORT;
+
+#define CIPHER_ADD 1
+#define CIPHER_KILL 2
+#define CIPHER_DEL 3
+#define CIPHER_ORD 4
+
+typedef struct cipher_choice_st
+ {
+ int type;
+ unsigned long algorithms;
+ unsigned long mask;
+ long top;
+ } CIPHER_CHOICE;
+
+typedef struct cipher_order_st
+ {
+ SSL_CIPHER *cipher;
+ int active;
+ int dead;
+ struct cipher_order_st *next,*prev;
+ } CIPHER_ORDER;
+
+static SSL_CIPHER cipher_aliases[]={
+ {0,SSL_TXT_ALL, 0,SSL_ALL, 0,SSL_ALL}, /* must be first */
+ {0,SSL_TXT_kRSA,0,SSL_kRSA, 0,SSL_MKEY_MASK},
+ {0,SSL_TXT_kDHr,0,SSL_kDHr, 0,SSL_MKEY_MASK},
+ {0,SSL_TXT_kDHd,0,SSL_kDHd, 0,SSL_MKEY_MASK},
+ {0,SSL_TXT_kEDH,0,SSL_kEDH, 0,SSL_MKEY_MASK},
+ {0,SSL_TXT_kFZA,0,SSL_kFZA, 0,SSL_MKEY_MASK},
+ {0,SSL_TXT_DH, 0,SSL_DH, 0,SSL_MKEY_MASK},
+ {0,SSL_TXT_EDH, 0,SSL_EDH, 0,SSL_MKEY_MASK|SSL_AUTH_MASK},
+
+ {0,SSL_TXT_aRSA,0,SSL_aRSA, 0,SSL_AUTH_MASK},
+ {0,SSL_TXT_aDSS,0,SSL_aDSS, 0,SSL_AUTH_MASK},
+ {0,SSL_TXT_aFZA,0,SSL_aFZA, 0,SSL_AUTH_MASK},
+ {0,SSL_TXT_aNULL,0,SSL_aNULL,0,SSL_AUTH_MASK},
+ {0,SSL_TXT_aDH, 0,SSL_aDH, 0,SSL_AUTH_MASK},
+ {0,SSL_TXT_DSS, 0,SSL_DSS, 0,SSL_AUTH_MASK},
+
+ {0,SSL_TXT_DES, 0,SSL_DES, 0,SSL_ENC_MASK},
+ {0,SSL_TXT_3DES,0,SSL_3DES, 0,SSL_ENC_MASK},
+ {0,SSL_TXT_RC4, 0,SSL_RC4, 0,SSL_ENC_MASK},
+ {0,SSL_TXT_RC2, 0,SSL_RC2, 0,SSL_ENC_MASK},
+ {0,SSL_TXT_IDEA,0,SSL_IDEA, 0,SSL_ENC_MASK},
+ {0,SSL_TXT_eNULL,0,SSL_eNULL,0,SSL_ENC_MASK},
+ {0,SSL_TXT_eFZA,0,SSL_eFZA, 0,SSL_ENC_MASK},
+
+ {0,SSL_TXT_MD5, 0,SSL_MD5, 0,SSL_MAC_MASK},
+ {0,SSL_TXT_SHA1,0,SSL_SHA1, 0,SSL_MAC_MASK},
+ {0,SSL_TXT_SHA, 0,SSL_SHA, 0,SSL_MAC_MASK},
+
+ {0,SSL_TXT_NULL,0,SSL_NULL, 0,SSL_ENC_MASK},
+ {0,SSL_TXT_RSA, 0,SSL_RSA, 0,SSL_AUTH_MASK|SSL_MKEY_MASK},
+ {0,SSL_TXT_ADH, 0,SSL_ADH, 0,SSL_AUTH_MASK|SSL_MKEY_MASK},
+ {0,SSL_TXT_FZA, 0,SSL_FZA, 0,SSL_AUTH_MASK|SSL_MKEY_MASK|SSL_ENC_MASK},
+
+ {0,SSL_TXT_EXP, 0,SSL_EXP, 0,SSL_EXP_MASK},
+ {0,SSL_TXT_EXPORT,0,SSL_EXPORT,0,SSL_EXP_MASK},
+ {0,SSL_TXT_SSLV2,0,SSL_SSLV2,0,SSL_SSL_MASK},
+ {0,SSL_TXT_SSLV3,0,SSL_SSLV3,0,SSL_SSL_MASK},
+ {0,SSL_TXT_LOW, 0,SSL_LOW,0,SSL_STRONG_MASK},
+ {0,SSL_TXT_MEDIUM,0,SSL_MEDIUM,0,SSL_STRONG_MASK},
+ {0,SSL_TXT_HIGH, 0,SSL_HIGH,0,SSL_STRONG_MASK},
+ };
+
+static int init_ciphers=1;
+static void load_ciphers();
+
+static int cmp_by_name(a,b)
+SSL_CIPHER **a,**b;
+ {
+ return(strcmp((*a)->name,(*b)->name));
+ }
+
+static void load_ciphers()
+ {
+ init_ciphers=0;
+ ssl_cipher_methods[SSL_ENC_DES_IDX]=
+ EVP_get_cipherbyname(SN_des_cbc);
+ ssl_cipher_methods[SSL_ENC_3DES_IDX]=
+ EVP_get_cipherbyname(SN_des_ede3_cbc);
+ ssl_cipher_methods[SSL_ENC_RC4_IDX]=
+ EVP_get_cipherbyname(SN_rc4);
+ ssl_cipher_methods[SSL_ENC_RC2_IDX]=
+ EVP_get_cipherbyname(SN_rc2_cbc);
+ ssl_cipher_methods[SSL_ENC_IDEA_IDX]=
+ EVP_get_cipherbyname(SN_idea_cbc);
+
+ ssl_digest_methods[SSL_MD_MD5_IDX]=
+ EVP_get_digestbyname(SN_md5);
+ ssl_digest_methods[SSL_MD_SHA1_IDX]=
+ EVP_get_digestbyname(SN_sha1);
+ }
+
+int ssl_cipher_get_evp(c,enc,md)
+SSL_CIPHER *c;
+EVP_CIPHER **enc;
+EVP_MD **md;
+ {
+ int i;
+
+ if (c == NULL) return(0);
+
+ switch (c->algorithms & SSL_ENC_MASK)
+ {
+ case SSL_DES:
+ i=SSL_ENC_DES_IDX;
+ break;
+ case SSL_3DES:
+ i=SSL_ENC_3DES_IDX;
+ break;
+ case SSL_RC4:
+ i=SSL_ENC_RC4_IDX;
+ break;
+ case SSL_RC2:
+ i=SSL_ENC_RC2_IDX;
+ break;
+ case SSL_IDEA:
+ i=SSL_ENC_IDEA_IDX;
+ break;
+ case SSL_eNULL:
+ i=SSL_ENC_NULL_IDX;
+ break;
+ break;
+ default:
+ i= -1;
+ break;
+ }
+
+ if ((i < 0) || (i > SSL_ENC_NUM_IDX))
+ *enc=NULL;
+ else
+ {
+ if (i == SSL_ENC_NULL_IDX)
+ *enc=EVP_enc_null();
+ else
+ *enc=ssl_cipher_methods[i];
+ }
+
+ switch (c->algorithms & SSL_MAC_MASK)
+ {
+ case SSL_MD5:
+ i=SSL_MD_MD5_IDX;
+ break;
+ case SSL_SHA1:
+ i=SSL_MD_SHA1_IDX;
+ break;
+ default:
+ i= -1;
+ break;
+ }
+ if ((i < 0) || (i > SSL_MD_NUM_IDX))
+ *md=NULL;
+ else
+ *md=ssl_digest_methods[i];
+
+ if ((*enc != NULL) && (*md != NULL))
+ return(1);
+ else
+ return(0);
+ }
+
+#define ITEM_SEP(a) \
+ (((a) == ':') || ((a) == ' ') || ((a) == ';') || ((a) == ','))
+
+static void ll_append_tail(head,curr,tail)
+CIPHER_ORDER **head,*curr,**tail;
+ {
+ if (curr == *tail) return;
+ if (curr == *head)
+ *head=curr->next;
+ if (curr->prev != NULL)
+ curr->prev->next=curr->next;
+ if (curr->next != NULL) /* should always be true */
+ curr->next->prev=curr->prev;
+ (*tail)->next=curr;
+ curr->prev= *tail;
+ curr->next=NULL;
+ *tail=curr;
+ }
+
+STACK *ssl_create_cipher_list(ssl_method,cipher_list,cipher_list_by_id,str)
+SSL_METHOD *ssl_method;
+STACK **cipher_list,**cipher_list_by_id;
+char *str;
+ {
+ SSL_CIPHER *c;
+ char *l;
+ STACK *ret=NULL,*ok=NULL;
+#define CL_BUF 40
+ char buf[CL_BUF];
+ char *tmp_str=NULL;
+ unsigned long mask,algorithms,ma;
+ char *start;
+ int i,j,k,num=0,ch,multi;
+ unsigned long al;
+ STACK *ca_list=NULL;
+ int current_x,num_x;
+ CIPHER_CHOICE *ops=NULL;
+ CIPHER_ORDER *list=NULL,*head=NULL,*tail=NULL,*curr,*tail2,*curr2;
+ int list_num;
+ int type;
+ SSL_CIPHER c_tmp,*cp;
+
+ if (str == NULL) return(NULL);
+
+ if (strncmp(str,"DEFAULT",7) == 0)
+ {
+ i=strlen(str)+2+strlen(SSL_DEFAULT_CIPHER_LIST);
+ if ((tmp_str=Malloc(i)) == NULL)
+ {
+ SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ strcpy(tmp_str,SSL_DEFAULT_CIPHER_LIST);
+ strcat(tmp_str,":");
+ strcat(tmp_str,&(str[7]));
+ str=tmp_str;
+ }
+ if (init_ciphers) load_ciphers();
+
+ num=ssl_method->num_ciphers();
+
+ if ((ret=(STACK *)sk_new(NULL)) == NULL) goto err;
+ if ((ca_list=(STACK *)sk_new(cmp_by_name)) == NULL) goto err;
+
+ mask =SSL_kFZA;
+#ifdef NO_RSA
+ mask|=SSL_aRSA|SSL_kRSA;
+#endif
+#ifdef NO_DSA
+ mask|=SSL_aDSS;
+#endif
+#ifdef NO_DH
+ mask|=SSL_kDHr|SSL_kDHd|SSL_kEDH|SSL_aDH;
+#endif
+
+#ifndef SSL_ALLOW_ENULL
+ mask|=SSL_eNULL;
+#endif
+
+ mask|=(ssl_cipher_methods[SSL_ENC_DES_IDX ] == NULL)?SSL_DES :0;
+ mask|=(ssl_cipher_methods[SSL_ENC_3DES_IDX] == NULL)?SSL_3DES:0;
+ mask|=(ssl_cipher_methods[SSL_ENC_RC4_IDX ] == NULL)?SSL_RC4 :0;
+ mask|=(ssl_cipher_methods[SSL_ENC_RC2_IDX ] == NULL)?SSL_RC2 :0;
+ mask|=(ssl_cipher_methods[SSL_ENC_IDEA_IDX] == NULL)?SSL_IDEA:0;
+ mask|=(ssl_cipher_methods[SSL_ENC_eFZA_IDX] == NULL)?SSL_eFZA:0;
+
+ mask|=(ssl_digest_methods[SSL_MD_MD5_IDX ] == NULL)?SSL_MD5 :0;
+ mask|=(ssl_digest_methods[SSL_MD_SHA1_IDX] == NULL)?SSL_SHA1:0;
+
+ if ((list=(CIPHER_ORDER *)Malloc(sizeof(CIPHER_ORDER)*num)) == NULL)
+ goto err;
+
+ /* Get the initial list of ciphers */
+ list_num=0;
+ for (i=0; i<num; i++)
+ {
+ c=ssl_method->get_cipher((unsigned int)i);
+ /* drop those that use any of that is not available */
+ if ((c != NULL) && c->valid && !(c->algorithms & mask))
+ {
+ list[list_num].cipher=c;
+ list[list_num].next=NULL;
+ list[list_num].prev=NULL;
+ list[list_num].active=0;
+ list_num++;
+ if (!sk_push(ca_list,(char *)c)) goto err;
+ }
+ }
+
+ for (i=1; i<list_num-1; i++)
+ {
+ list[i].prev= &(list[i-1]);
+ list[i].next= &(list[i+1]);
+ }
+ if (list_num > 0)
+ {
+ head= &(list[0]);
+ head->prev=NULL;
+ head->next= &(list[1]);
+ tail= &(list[list_num-1]);
+ tail->prev= &(list[list_num-2]);
+ tail->next=NULL;
+ }
+
+ /* special case */
+ cipher_aliases[0].algorithms= ~mask;
+
+ /* get the aliases */
+ k=sizeof(cipher_aliases)/sizeof(SSL_CIPHER);
+ for (j=0; j<k; j++)
+ {
+ al=cipher_aliases[j].algorithms;
+ /* Drop those that are not relevent */
+ if ((al & mask) == al) continue;
+ if (!sk_push(ca_list,(char *)&(cipher_aliases[j]))) goto err;
+ }
+
+ /* ca_list now holds a 'stack' of SSL_CIPHERS, some real, some
+ * 'aliases' */
+
+ /* how many parameters are there? */
+ num=1;
+ for (l=str; *l; l++)
+ if (ITEM_SEP(*l))
+ num++;
+ ops=(CIPHER_CHOICE *)Malloc(sizeof(CIPHER_CHOICE)*num);
+ if (ops == NULL) goto err;
+ memset(ops,0,sizeof(CIPHER_CHOICE)*num);
+
+ /* we now parse the input string and create our operations */
+ l=str;
+ i=0;
+ current_x=0;
+
+ for (;;)
+ {
+ ch= *l;
+
+ if (ch == '\0') break;
+
+ if (ch == '-')
+ { j=CIPHER_DEL; l++; }
+ else if (ch == '+')
+ { j=CIPHER_ORD; l++; }
+ else if (ch == '!')
+ { j=CIPHER_KILL; l++; }
+ else
+ { j=CIPHER_ADD; }
+
+ if (ITEM_SEP(ch))
+ {
+ l++;
+ continue;
+ }
+ ops[current_x].type=j;
+ ops[current_x].algorithms=0;
+ ops[current_x].mask=0;
+
+ start=l;
+ for (;;)
+ {
+ ch= *l;
+ i=0;
+ while ( ((ch >= 'A') && (ch <= 'Z')) ||
+ ((ch >= '0') && (ch <= '9')) ||
+ ((ch >= 'a') && (ch <= 'z')) ||
+ (ch == '-'))
+ {
+ buf[i]=ch;
+ ch= *(++l);
+ i++;
+ if (i >= (CL_BUF-2)) break;
+ }
+ buf[i]='\0';
+
+ /* check for multi-part specification */
+ if (ch == '+')
+ {
+ multi=1;
+ l++;
+ }
+ else
+ multi=0;
+
+ c_tmp.name=buf;
+ j=sk_find(ca_list,(char *)&c_tmp);
+ if (j < 0)
+ goto end_loop;
+
+ cp=(SSL_CIPHER *)sk_value(ca_list,j);
+ ops[current_x].algorithms|=cp->algorithms;
+ /* We add the SSL_SSL_MASK so we can match the
+ * SSLv2 and SSLv3 versions of RC4-MD5 */
+ ops[current_x].mask|=cp->mask;
+ if (!multi) break;
+ }
+ current_x++;
+ if (ch == '\0') break;
+end_loop:
+ /* Make sure we scan until the next valid start point */
+ while ((*l != '\0') && ITEM_SEP(*l))
+ l++;
+ }
+
+ num_x=current_x;
+ current_x=0;
+
+ /* We will now process the list of ciphers, once for each category, to
+ * decide what we should do with it. */
+ for (j=0; j<num_x; j++)
+ {
+ algorithms=ops[j].algorithms;
+ type=ops[j].type;
+ mask=ops[j].mask;
+
+ curr=head;
+ curr2=head;
+ tail2=tail;
+ for (;;)
+ {
+ if ((curr == NULL) || (curr == tail2)) break;
+ curr=curr2;
+ curr2=curr->next;
+
+ cp=curr->cipher;
+ ma=mask & cp->algorithms;
+ if ((ma == 0) || ((ma & algorithms) != ma))
+ {
+ /* does not apply */
+ continue;
+ }
+
+ /* add the cipher if it has not been added yet. */
+ if (type == CIPHER_ADD)
+ {
+ if (!curr->active)
+ {
+ ll_append_tail(&head,curr,&tail);
+ curr->active=1;
+ }
+ }
+ /* Move the added cipher to this location */
+ else if (type == CIPHER_ORD)
+ {
+ if (curr->active)
+ {
+ ll_append_tail(&head,curr,&tail);
+ }
+ }
+ else if (type == CIPHER_DEL)
+ curr->active=0;
+ if (type == CIPHER_KILL)
+ {
+ if (head == curr)
+ head=curr->next;
+ else
+ curr->prev->next=curr->next;
+ if (tail == curr)
+ tail=curr->prev;
+ curr->active=0;
+ if (curr->next != NULL)
+ curr->next->prev=curr->prev;
+ if (curr->prev != NULL)
+ curr->prev->next=curr->next;
+ curr->next=NULL;
+ curr->prev=NULL;
+ }
+ }
+ }
+
+ for (curr=head; curr != NULL; curr=curr->next)
+ {
+ if (curr->active)
+ {
+ sk_push(ret,(char *)curr->cipher);
+#ifdef CIPHER_DEBUG
+ printf("<%s>\n",curr->cipher->name);
+#endif
+ }
+ }
+
+ if (cipher_list != NULL)
+ {
+ if (*cipher_list != NULL)
+ sk_free(*cipher_list);
+ *cipher_list=ret;
+ }
+
+ if (cipher_list_by_id != NULL)
+ {
+ if (*cipher_list_by_id != NULL)
+ sk_free(*cipher_list_by_id);
+ *cipher_list_by_id=sk_dup(ret);
+ }
+
+ if ( (cipher_list_by_id == NULL) ||
+ (*cipher_list_by_id == NULL) ||
+ (cipher_list == NULL) ||
+ (*cipher_list == NULL))
+ goto err;
+ sk_set_cmp_func(*cipher_list_by_id,ssl_cipher_ptr_id_cmp);
+
+ ok=ret;
+ ret=NULL;
+err:
+ if (tmp_str) Free(tmp_str);
+ if (ops != NULL) Free(ops);
+ if (ret != NULL) sk_free(ret);
+ if (ca_list != NULL) sk_free(ca_list);
+ if (list != NULL) Free(list);
+ return(ok);
+ }
+
+char *SSL_CIPHER_description(cipher,buf,len)
+SSL_CIPHER *cipher;
+char *buf;
+int len;
+ {
+ int export;
+ char *ver,*exp;
+ char *kx,*au,*enc,*mac;
+ unsigned long alg,alg2;
+ static char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s\n";
+
+ alg=cipher->algorithms;
+ alg2=cipher->algorithm2;
+
+ export=(alg&SSL_EXP)?1:0;
+ exp=(export)?" export":"";
+
+ if (alg & SSL_SSLV2)
+ ver="SSLv2";
+ else if (alg & SSL_SSLV3)
+ ver="SSLv3";
+ else
+ ver="unknown";
+
+ switch (alg&SSL_MKEY_MASK)
+ {
+ case SSL_kRSA:
+ kx=(export)?"RSA(512)":"RSA";
+ break;
+ case SSL_kDHr:
+ kx="DH/RSA";
+ break;
+ case SSL_kDHd:
+ kx="DH/DSS";
+ break;
+ case SSL_kFZA:
+ kx="Fortezza";
+ break;
+ case SSL_kEDH:
+ kx=(export)?"DH(512)":"DH";
+ break;
+ default:
+ kx="unknown";
+ }
+
+ switch (alg&SSL_AUTH_MASK)
+ {
+ case SSL_aRSA:
+ au="RSA";
+ break;
+ case SSL_aDSS:
+ au="DSS";
+ break;
+ case SSL_aDH:
+ au="DH";
+ break;
+ case SSL_aFZA:
+ case SSL_aNULL:
+ au="None";
+ break;
+ default:
+ au="unknown";
+ break;
+ }
+
+ switch (alg&SSL_ENC_MASK)
+ {
+ case SSL_DES:
+ enc=export?"DES(40)":"DES(56)";
+ break;
+ case SSL_3DES:
+ enc="3DES(168)";
+ break;
+ case SSL_RC4:
+ enc=export?"RC4(40)":((alg2&SSL2_CF_8_BYTE_ENC)?"RC4(64)":"RC4(128)");
+ break;
+ case SSL_RC2:
+ enc=export?"RC2(40)":"RC2(128)";
+ break;
+ case SSL_IDEA:
+ enc="IDEA(128)";
+ break;
+ case SSL_eFZA:
+ enc="Fortezza";
+ break;
+ case SSL_eNULL:
+ enc="None";
+ break;
+ default:
+ enc="unknown";
+ break;
+ }
+
+ switch (alg&SSL_MAC_MASK)
+ {
+ case SSL_MD5:
+ mac="MD5";
+ break;
+ case SSL_SHA1:
+ mac="SHA1";
+ break;
+ default:
+ mac="unknown";
+ break;
+ }
+
+ if (buf == NULL)
+ {
+ buf=Malloc(128);
+ if (buf == NULL) return("Malloc Error");
+ }
+ else if (len < 128)
+ return("Buffer too small");
+
+ sprintf(buf,format,cipher->name,ver,kx,au,enc,mac,exp);
+ return(buf);
+ }
+
+char *SSL_CIPHER_get_version(c)
+SSL_CIPHER *c;
+ {
+ int i;
+
+ if (c == NULL) return("(NONE)");
+ i=(int)(c->id>>24L);
+ if (i == 3)
+ return("TLSv1/SSLv3");
+ else if (i == 2)
+ return("SSLv2");
+ else
+ return("unknown");
+ }
+
+/* return the actual cipher being used */
+char *SSL_CIPHER_get_name(c)
+SSL_CIPHER *c;
+ {
+ if (c != NULL)
+ return(c->name);
+ return("(NONE)");
+ }
+
+/* number of bits for symetric cipher */
+int SSL_CIPHER_get_bits(c,alg_bits)
+SSL_CIPHER *c;
+int *alg_bits;
+ {
+ int ret=0,a=0;
+ EVP_CIPHER *enc;
+ EVP_MD *md;
+
+ if (c != NULL)
+ {
+ if (!ssl_cipher_get_evp(c,&enc,&md))
+ return(0);
+
+ a=EVP_CIPHER_key_length(enc)*8;
+
+ if (c->algorithms & SSL_EXP)
+ {
+ ret=40;
+ }
+ else
+ {
+ if (c->algorithm2 & SSL2_CF_8_BYTE_ENC)
+ ret=64;
+ else
+ ret=a;
+ }
+ }
+
+ if (alg_bits != NULL) *alg_bits=a;
+
+ return(ret);
+ }
+
diff --git a/src/lib/libssl/src/ssl/ssl_err.c b/src/lib/libssl/src/ssl/ssl_err.c
new file mode 100644
index 0000000000..bcbb98591f
--- /dev/null
+++ b/src/lib/libssl/src/ssl/ssl_err.c
@@ -0,0 +1,374 @@
+/* lib/ssl/ssl_err.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include "err.h"
+#include "ssl.h"
+
+/* BEGIN ERROR CODES */
+#ifndef NO_ERR
+static ERR_STRING_DATA SSL_str_functs[]=
+ {
+{ERR_PACK(0,SSL_F_CLIENT_CERTIFICATE,0), "CLIENT_CERTIFICATE"},
+{ERR_PACK(0,SSL_F_CLIENT_HELLO,0), "CLIENT_HELLO"},
+{ERR_PACK(0,SSL_F_CLIENT_MASTER_KEY,0), "CLIENT_MASTER_KEY"},
+{ERR_PACK(0,SSL_F_D2I_SSL_SESSION,0), "d2i_SSL_SESSION"},
+{ERR_PACK(0,SSL_F_DO_SSL3_WRITE,0), "DO_SSL3_WRITE"},
+{ERR_PACK(0,SSL_F_GET_CLIENT_FINISHED,0), "GET_CLIENT_FINISHED"},
+{ERR_PACK(0,SSL_F_GET_CLIENT_HELLO,0), "GET_CLIENT_HELLO"},
+{ERR_PACK(0,SSL_F_GET_CLIENT_MASTER_KEY,0), "GET_CLIENT_MASTER_KEY"},
+{ERR_PACK(0,SSL_F_GET_SERVER_FINISHED,0), "GET_SERVER_FINISHED"},
+{ERR_PACK(0,SSL_F_GET_SERVER_HELLO,0), "GET_SERVER_HELLO"},
+{ERR_PACK(0,SSL_F_GET_SERVER_VERIFY,0), "GET_SERVER_VERIFY"},
+{ERR_PACK(0,SSL_F_I2D_SSL_SESSION,0), "i2d_SSL_SESSION"},
+{ERR_PACK(0,SSL_F_READ_N,0), "READ_N"},
+{ERR_PACK(0,SSL_F_REQUEST_CERTIFICATE,0), "REQUEST_CERTIFICATE"},
+{ERR_PACK(0,SSL_F_SERVER_HELLO,0), "SERVER_HELLO"},
+{ERR_PACK(0,SSL_F_SSL23_ACCEPT,0), "SSL23_ACCEPT"},
+{ERR_PACK(0,SSL_F_SSL23_CLIENT_HELLO,0), "SSL23_CLIENT_HELLO"},
+{ERR_PACK(0,SSL_F_SSL23_CONNECT,0), "SSL23_CONNECT"},
+{ERR_PACK(0,SSL_F_SSL23_GET_CLIENT_HELLO,0), "SSL23_GET_CLIENT_HELLO"},
+{ERR_PACK(0,SSL_F_SSL23_GET_SERVER_HELLO,0), "SSL23_GET_SERVER_HELLO"},
+{ERR_PACK(0,SSL_F_SSL23_READ,0), "SSL23_READ"},
+{ERR_PACK(0,SSL_F_SSL23_WRITE,0), "SSL23_WRITE"},
+{ERR_PACK(0,SSL_F_SSL2_ACCEPT,0), "SSL2_ACCEPT"},
+{ERR_PACK(0,SSL_F_SSL2_CONNECT,0), "SSL2_CONNECT"},
+{ERR_PACK(0,SSL_F_SSL2_ENC_INIT,0), "SSL2_ENC_INIT"},
+{ERR_PACK(0,SSL_F_SSL2_READ,0), "SSL2_READ"},
+{ERR_PACK(0,SSL_F_SSL2_SET_CERTIFICATE,0), "SSL2_SET_CERTIFICATE"},
+{ERR_PACK(0,SSL_F_SSL2_WRITE,0), "SSL2_WRITE"},
+{ERR_PACK(0,SSL_F_SSL3_ACCEPT,0), "SSL3_ACCEPT"},
+{ERR_PACK(0,SSL_F_SSL3_CHANGE_CIPHER_STATE,0), "SSL3_CHANGE_CIPHER_STATE"},
+{ERR_PACK(0,SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,0), "SSL3_CHECK_CERT_AND_ALGORITHM"},
+{ERR_PACK(0,SSL_F_SSL3_CLIENT_HELLO,0), "SSL3_CLIENT_HELLO"},
+{ERR_PACK(0,SSL_F_SSL3_CONNECT,0), "SSL3_CONNECT"},
+{ERR_PACK(0,SSL_F_SSL3_CTX_CTRL,0), "SSL3_CTX_CTRL"},
+{ERR_PACK(0,SSL_F_SSL3_ENC,0), "SSL3_ENC"},
+{ERR_PACK(0,SSL_F_SSL3_GET_CERTIFICATE_REQUEST,0), "SSL3_GET_CERTIFICATE_REQUEST"},
+{ERR_PACK(0,SSL_F_SSL3_GET_CERT_VERIFY,0), "SSL3_GET_CERT_VERIFY"},
+{ERR_PACK(0,SSL_F_SSL3_GET_CLIENT_CERTIFICATE,0), "SSL3_GET_CLIENT_CERTIFICATE"},
+{ERR_PACK(0,SSL_F_SSL3_GET_CLIENT_HELLO,0), "SSL3_GET_CLIENT_HELLO"},
+{ERR_PACK(0,SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,0), "SSL3_GET_CLIENT_KEY_EXCHANGE"},
+{ERR_PACK(0,SSL_F_SSL3_GET_FINISHED,0), "SSL3_GET_FINISHED"},
+{ERR_PACK(0,SSL_F_SSL3_GET_KEY_EXCHANGE,0), "SSL3_GET_KEY_EXCHANGE"},
+{ERR_PACK(0,SSL_F_SSL3_GET_MESSAGE,0), "SSL3_GET_MESSAGE"},
+{ERR_PACK(0,SSL_F_SSL3_GET_RECORD,0), "SSL3_GET_RECORD"},
+{ERR_PACK(0,SSL_F_SSL3_GET_SERVER_CERTIFICATE,0), "SSL3_GET_SERVER_CERTIFICATE"},
+{ERR_PACK(0,SSL_F_SSL3_GET_SERVER_DONE,0), "SSL3_GET_SERVER_DONE"},
+{ERR_PACK(0,SSL_F_SSL3_GET_SERVER_HELLO,0), "SSL3_GET_SERVER_HELLO"},
+{ERR_PACK(0,SSL_F_SSL3_OUTPUT_CERT_CHAIN,0), "SSL3_OUTPUT_CERT_CHAIN"},
+{ERR_PACK(0,SSL_F_SSL3_READ_BYTES,0), "SSL3_READ_BYTES"},
+{ERR_PACK(0,SSL_F_SSL3_READ_N,0), "SSL3_READ_N"},
+{ERR_PACK(0,SSL_F_SSL3_SEND_CERTIFICATE_REQUEST,0), "SSL3_SEND_CERTIFICATE_REQUEST"},
+{ERR_PACK(0,SSL_F_SSL3_SEND_CLIENT_CERTIFICATE,0), "SSL3_SEND_CLIENT_CERTIFICATE"},
+{ERR_PACK(0,SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,0), "SSL3_SEND_CLIENT_KEY_EXCHANGE"},
+{ERR_PACK(0,SSL_F_SSL3_SEND_CLIENT_VERIFY,0), "SSL3_SEND_CLIENT_VERIFY"},
+{ERR_PACK(0,SSL_F_SSL3_SEND_SERVER_CERTIFICATE,0), "SSL3_SEND_SERVER_CERTIFICATE"},
+{ERR_PACK(0,SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,0), "SSL3_SEND_SERVER_KEY_EXCHANGE"},
+{ERR_PACK(0,SSL_F_SSL3_SETUP_BUFFERS,0), "SSL3_SETUP_BUFFERS"},
+{ERR_PACK(0,SSL_F_SSL3_SETUP_KEY_BLOCK,0), "SSL3_SETUP_KEY_BLOCK"},
+{ERR_PACK(0,SSL_F_SSL3_WRITE_BYTES,0), "SSL3_WRITE_BYTES"},
+{ERR_PACK(0,SSL_F_SSL3_WRITE_PENDING,0), "SSL3_WRITE_PENDING"},
+{ERR_PACK(0,SSL_F_SSL_BAD_METHOD,0), "SSL_BAD_METHOD"},
+{ERR_PACK(0,SSL_F_SSL_BYTES_TO_CIPHER_LIST,0), "SSL_BYTES_TO_CIPHER_LIST"},
+{ERR_PACK(0,SSL_F_SSL_CERT_NEW,0), "SSL_CERT_NEW"},
+{ERR_PACK(0,SSL_F_SSL_CHECK_PRIVATE_KEY,0), "SSL_check_private_key"},
+{ERR_PACK(0,SSL_F_SSL_CREATE_CIPHER_LIST,0), "SSL_CREATE_CIPHER_LIST"},
+{ERR_PACK(0,SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,0), "SSL_CTX_check_private_key"},
+{ERR_PACK(0,SSL_F_SSL_CTX_NEW,0), "SSL_CTX_new"},
+{ERR_PACK(0,SSL_F_SSL_CTX_SET_SSL_VERSION,0), "SSL_CTX_set_ssl_version"},
+{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE,0), "SSL_CTX_use_certificate"},
+{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1,0), "SSL_CTX_use_certificate_ASN1"},
+{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,0), "SSL_CTX_use_certificate_file"},
+{ERR_PACK(0,SSL_F_SSL_CTX_USE_PRIVATEKEY,0), "SSL_CTX_use_PrivateKey"},
+{ERR_PACK(0,SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1,0), "SSL_CTX_use_PrivateKey_ASN1"},
+{ERR_PACK(0,SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,0), "SSL_CTX_use_PrivateKey_file"},
+{ERR_PACK(0,SSL_F_SSL_CTX_USE_RSAPRIVATEKEY,0), "SSL_CTX_use_RSAPrivateKey"},
+{ERR_PACK(0,SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1,0), "SSL_CTX_use_RSAPrivateKey_ASN1"},
+{ERR_PACK(0,SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,0), "SSL_CTX_use_RSAPrivateKey_file"},
+{ERR_PACK(0,SSL_F_SSL_DO_HANDSHAKE,0), "SSL_do_handshake"},
+{ERR_PACK(0,SSL_F_SSL_GET_NEW_SESSION,0), "SSL_GET_NEW_SESSION"},
+{ERR_PACK(0,SSL_F_SSL_GET_SERVER_SEND_CERT,0), "SSL_GET_SERVER_SEND_CERT"},
+{ERR_PACK(0,SSL_F_SSL_GET_SIGN_PKEY,0), "SSL_GET_SIGN_PKEY"},
+{ERR_PACK(0,SSL_F_SSL_INIT_WBIO_BUFFER,0), "SSL_INIT_WBIO_BUFFER"},
+{ERR_PACK(0,SSL_F_SSL_LOAD_CLIENT_CA_FILE,0), "SSL_load_client_CA_file"},
+{ERR_PACK(0,SSL_F_SSL_NEW,0), "SSL_new"},
+{ERR_PACK(0,SSL_F_SSL_RSA_PRIVATE_DECRYPT,0), "SSL_RSA_PRIVATE_DECRYPT"},
+{ERR_PACK(0,SSL_F_SSL_RSA_PUBLIC_ENCRYPT,0), "SSL_RSA_PUBLIC_ENCRYPT"},
+{ERR_PACK(0,SSL_F_SSL_SESSION_NEW,0), "SSL_SESSION_new"},
+{ERR_PACK(0,SSL_F_SSL_SESSION_PRINT_FP,0), "SSL_SESSION_print_fp"},
+{ERR_PACK(0,SSL_F_SSL_SET_CERT,0), "SSL_SET_CERT"},
+{ERR_PACK(0,SSL_F_SSL_SET_FD,0), "SSL_set_fd"},
+{ERR_PACK(0,SSL_F_SSL_SET_PKEY,0), "SSL_SET_PKEY"},
+{ERR_PACK(0,SSL_F_SSL_SET_RFD,0), "SSL_set_rfd"},
+{ERR_PACK(0,SSL_F_SSL_SET_SESSION,0), "SSL_set_session"},
+{ERR_PACK(0,SSL_F_SSL_SET_WFD,0), "SSL_set_wfd"},
+{ERR_PACK(0,SSL_F_SSL_UNDEFINED_FUNCTION,0), "SSL_UNDEFINED_FUNCTION"},
+{ERR_PACK(0,SSL_F_SSL_USE_CERTIFICATE,0), "SSL_use_certificate"},
+{ERR_PACK(0,SSL_F_SSL_USE_CERTIFICATE_ASN1,0), "SSL_use_certificate_ASN1"},
+{ERR_PACK(0,SSL_F_SSL_USE_CERTIFICATE_FILE,0), "SSL_use_certificate_file"},
+{ERR_PACK(0,SSL_F_SSL_USE_PRIVATEKEY,0), "SSL_use_PrivateKey"},
+{ERR_PACK(0,SSL_F_SSL_USE_PRIVATEKEY_ASN1,0), "SSL_use_PrivateKey_ASN1"},
+{ERR_PACK(0,SSL_F_SSL_USE_PRIVATEKEY_FILE,0), "SSL_use_PrivateKey_file"},
+{ERR_PACK(0,SSL_F_SSL_USE_RSAPRIVATEKEY,0), "SSL_use_RSAPrivateKey"},
+{ERR_PACK(0,SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1,0), "SSL_use_RSAPrivateKey_ASN1"},
+{ERR_PACK(0,SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,0), "SSL_use_RSAPrivateKey_file"},
+{ERR_PACK(0,SSL_F_SSL_WRITE,0), "SSL_write"},
+{ERR_PACK(0,SSL_F_TLS1_CHANGE_CIPHER_STATE,0), "TLS1_CHANGE_CIPHER_STATE"},
+{ERR_PACK(0,SSL_F_TLS1_ENC,0), "TLS1_ENC"},
+{ERR_PACK(0,SSL_F_TLS1_SETUP_KEY_BLOCK,0), "TLS1_SETUP_KEY_BLOCK"},
+{ERR_PACK(0,SSL_F_WRITE_PENDING,0), "WRITE_PENDING"},
+{0,NULL},
+ };
+
+static ERR_STRING_DATA SSL_str_reasons[]=
+ {
+{SSL_R_APP_DATA_IN_HANDSHAKE ,"app data in handshake"},
+{SSL_R_BAD_ALERT_RECORD ,"bad alert record"},
+{SSL_R_BAD_AUTHENTICATION_TYPE ,"bad authentication type"},
+{SSL_R_BAD_CHANGE_CIPHER_SPEC ,"bad change cipher spec"},
+{SSL_R_BAD_CHECKSUM ,"bad checksum"},
+{SSL_R_BAD_CLIENT_REQUEST ,"bad client request"},
+{SSL_R_BAD_DATA_RETURNED_BY_CALLBACK ,"bad data returned by callback"},
+{SSL_R_BAD_DECOMPRESSION ,"bad decompression"},
+{SSL_R_BAD_DH_G_LENGTH ,"bad dh g length"},
+{SSL_R_BAD_DH_PUB_KEY_LENGTH ,"bad dh pub key length"},
+{SSL_R_BAD_DH_P_LENGTH ,"bad dh p length"},
+{SSL_R_BAD_DIGEST_LENGTH ,"bad digest length"},
+{SSL_R_BAD_DSA_SIGNATURE ,"bad dsa signature"},
+{SSL_R_BAD_MAC_DECODE ,"bad mac decode"},
+{SSL_R_BAD_MESSAGE_TYPE ,"bad message type"},
+{SSL_R_BAD_PACKET_LENGTH ,"bad packet length"},
+{SSL_R_BAD_PROTOCOL_VERSION_NUMBER ,"bad protocol version number"},
+{SSL_R_BAD_RESPONSE_ARGUMENT ,"bad response argument"},
+{SSL_R_BAD_RSA_DECRYPT ,"bad rsa decrypt"},
+{SSL_R_BAD_RSA_ENCRYPT ,"bad rsa encrypt"},
+{SSL_R_BAD_RSA_E_LENGTH ,"bad rsa e length"},
+{SSL_R_BAD_RSA_MODULUS_LENGTH ,"bad rsa modulus length"},
+{SSL_R_BAD_RSA_SIGNATURE ,"bad rsa signature"},
+{SSL_R_BAD_SIGNATURE ,"bad signature"},
+{SSL_R_BAD_SSL_FILETYPE ,"bad ssl filetype"},
+{SSL_R_BAD_SSL_SESSION_ID_LENGTH ,"bad ssl session id length"},
+{SSL_R_BAD_STATE ,"bad state"},
+{SSL_R_BAD_WRITE_RETRY ,"bad write retry"},
+{SSL_R_BIO_NOT_SET ,"bio not set"},
+{SSL_R_BLOCK_CIPHER_PAD_IS_WRONG ,"block cipher pad is wrong"},
+{SSL_R_BN_LIB ,"bn lib"},
+{SSL_R_CA_DN_LENGTH_MISMATCH ,"ca dn length mismatch"},
+{SSL_R_CA_DN_TOO_LONG ,"ca dn too long"},
+{SSL_R_CCS_RECEIVED_EARLY ,"ccs received early"},
+{SSL_R_CERTIFICATE_VERIFY_FAILED ,"certificate verify failed"},
+{SSL_R_CERT_LENGTH_MISMATCH ,"cert length mismatch"},
+{SSL_R_CHALLENGE_IS_DIFFERENT ,"challenge is different"},
+{SSL_R_CIPHER_CODE_WRONG_LENGTH ,"cipher code wrong length"},
+{SSL_R_CIPHER_OR_HASH_UNAVAILABLE ,"cipher or hash unavailable"},
+{SSL_R_CIPHER_TABLE_SRC_ERROR ,"cipher table src error"},
+{SSL_R_COMPRESSED_LENGTH_TOO_LONG ,"compressed length too long"},
+{SSL_R_COMPRESSION_FAILURE ,"compression failure"},
+{SSL_R_CONNECTION_ID_IS_DIFFERENT ,"connection id is different"},
+{SSL_R_CONNECTION_TYPE_NOT_SET ,"connection type not set"},
+{SSL_R_DATA_BETWEEN_CCS_AND_FINISHED ,"data between ccs and finished"},
+{SSL_R_DATA_LENGTH_TOO_LONG ,"data length too long"},
+{SSL_R_DECRYPTION_FAILED ,"decryption failed"},
+{SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG ,"dh public value length is wrong"},
+{SSL_R_DIGEST_CHECK_FAILED ,"digest check failed"},
+{SSL_R_ENCRYPTED_LENGTH_TOO_LONG ,"encrypted length too long"},
+{SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST ,"error in received cipher list"},
+{SSL_R_EXCESSIVE_MESSAGE_SIZE ,"excessive message size"},
+{SSL_R_EXTRA_DATA_IN_MESSAGE ,"extra data in message"},
+{SSL_R_GOT_A_FIN_BEFORE_A_CCS ,"got a fin before a ccs"},
+{SSL_R_HTTPS_PROXY_REQUEST ,"https proxy request"},
+{SSL_R_HTTP_REQUEST ,"http request"},
+{SSL_R_INTERNAL_ERROR ,"internal error"},
+{SSL_R_INVALID_CHALLENGE_LENGTH ,"invalid challenge length"},
+{SSL_R_LENGTH_MISMATCH ,"length mismatch"},
+{SSL_R_LENGTH_TOO_SHORT ,"length too short"},
+{SSL_R_LIBRARY_HAS_NO_CIPHERS ,"library has no ciphers"},
+{SSL_R_MISSING_DH_DSA_CERT ,"missing dh dsa cert"},
+{SSL_R_MISSING_DH_KEY ,"missing dh key"},
+{SSL_R_MISSING_DH_RSA_CERT ,"missing dh rsa cert"},
+{SSL_R_MISSING_DSA_SIGNING_CERT ,"missing dsa signing cert"},
+{SSL_R_MISSING_EXPORT_TMP_DH_KEY ,"missing export tmp dh key"},
+{SSL_R_MISSING_EXPORT_TMP_RSA_KEY ,"missing export tmp rsa key"},
+{SSL_R_MISSING_RSA_CERTIFICATE ,"missing rsa certificate"},
+{SSL_R_MISSING_RSA_ENCRYPTING_CERT ,"missing rsa encrypting cert"},
+{SSL_R_MISSING_RSA_SIGNING_CERT ,"missing rsa signing cert"},
+{SSL_R_MISSING_TMP_DH_KEY ,"missing tmp dh key"},
+{SSL_R_MISSING_TMP_RSA_KEY ,"missing tmp rsa key"},
+{SSL_R_MISSING_TMP_RSA_PKEY ,"missing tmp rsa pkey"},
+{SSL_R_MISSING_VERIFY_MESSAGE ,"missing verify message"},
+{SSL_R_NON_SSLV2_INITIAL_PACKET ,"non sslv2 initial packet"},
+{SSL_R_NO_CERTIFICATES_RETURNED ,"no certificates returned"},
+{SSL_R_NO_CERTIFICATE_ASSIGNED ,"no certificate assigned"},
+{SSL_R_NO_CERTIFICATE_RETURNED ,"no certificate returned"},
+{SSL_R_NO_CERTIFICATE_SET ,"no certificate set"},
+{SSL_R_NO_CERTIFICATE_SPECIFIED ,"no certificate specified"},
+{SSL_R_NO_CIPHERS_AVAILABLE ,"no ciphers available"},
+{SSL_R_NO_CIPHERS_PASSED ,"no ciphers passed"},
+{SSL_R_NO_CIPHERS_SPECIFIED ,"no ciphers specified"},
+{SSL_R_NO_CIPHER_LIST ,"no cipher list"},
+{SSL_R_NO_CIPHER_MATCH ,"no cipher match"},
+{SSL_R_NO_CLIENT_CERT_RECEIVED ,"no client cert received"},
+{SSL_R_NO_COMPRESSION_SPECIFIED ,"no compression specified"},
+{SSL_R_NO_PRIVATEKEY ,"no privatekey"},
+{SSL_R_NO_PRIVATE_KEY_ASSIGNED ,"no private key assigned"},
+{SSL_R_NO_PROTOCOLS_AVAILABLE ,"no protocols available"},
+{SSL_R_NO_PUBLICKEY ,"no publickey"},
+{SSL_R_NO_SHARED_CIPHER ,"no shared cipher"},
+{SSL_R_NULL_SSL_CTX ,"null ssl ctx"},
+{SSL_R_NULL_SSL_METHOD_PASSED ,"null ssl method passed"},
+{SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED ,"old session cipher not returned"},
+{SSL_R_PACKET_LENGTH_TOO_LONG ,"packet length too long"},
+{SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE ,"peer did not return a certificate"},
+{SSL_R_PEER_ERROR ,"peer error"},
+{SSL_R_PEER_ERROR_CERTIFICATE ,"peer error certificate"},
+{SSL_R_PEER_ERROR_NO_CERTIFICATE ,"peer error no certificate"},
+{SSL_R_PEER_ERROR_NO_CIPHER ,"peer error no cipher"},
+{SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE,"peer error unsupported certificate type"},
+{SSL_R_PRE_MAC_LENGTH_TOO_LONG ,"pre mac length too long"},
+{SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS ,"problems mapping cipher functions"},
+{SSL_R_PROTOCOL_IS_SHUTDOWN ,"protocol is shutdown"},
+{SSL_R_PUBLIC_KEY_ENCRYPT_ERROR ,"public key encrypt error"},
+{SSL_R_PUBLIC_KEY_IS_NOT_RSA ,"public key is not rsa"},
+{SSL_R_PUBLIC_KEY_NOT_RSA ,"public key not rsa"},
+{SSL_R_READ_BIO_NOT_SET ,"read bio not set"},
+{SSL_R_READ_WRONG_PACKET_TYPE ,"read wrong packet type"},
+{SSL_R_RECORD_LENGTH_MISMATCH ,"record length mismatch"},
+{SSL_R_RECORD_TOO_LARGE ,"record too large"},
+{SSL_R_REQUIRED_CIPHER_MISSING ,"required cipher missing"},
+{SSL_R_REUSE_CERT_LENGTH_NOT_ZERO ,"reuse cert length not zero"},
+{SSL_R_REUSE_CERT_TYPE_NOT_ZERO ,"reuse cert type not zero"},
+{SSL_R_REUSE_CIPHER_LIST_NOT_ZERO ,"reuse cipher list not zero"},
+{SSL_R_SHORT_READ ,"short read"},
+{SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE,"signature for non signing certificate"},
+{SSL_R_SSL3_SESSION_ID_TOO_SHORT ,"ssl3 session id too short"},
+{SSL_R_SSLV3_ALERT_BAD_CERTIFICATE ,"sslv3 alert bad certificate"},
+{SSL_R_SSLV3_ALERT_BAD_RECORD_MAC ,"sslv3 alert bad record mac"},
+{SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED ,"sslv3 alert certificate expired"},
+{SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED ,"sslv3 alert certificate revoked"},
+{SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN ,"sslv3 alert certificate unknown"},
+{SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE ,"sslv3 alert decompression failure"},
+{SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE ,"sslv3 alert handshake failure"},
+{SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER ,"sslv3 alert illegal parameter"},
+{SSL_R_SSLV3_ALERT_NO_CERTIFICATE ,"sslv3 alert no certificate"},
+{SSL_R_SSLV3_ALERT_PEER_ERROR_CERTIFICATE,"sslv3 alert peer error certificate"},
+{SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CERTIFICATE,"sslv3 alert peer error no certificate"},
+{SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CIPHER ,"sslv3 alert peer error no cipher"},
+{SSL_R_SSLV3_ALERT_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE,"sslv3 alert peer error unsupported certificate type"},
+{SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE ,"sslv3 alert unexpected message"},
+{SSL_R_SSLV3_ALERT_UNKNOWN_REMOTE_ERROR_TYPE,"sslv3 alert unknown remote error type"},
+{SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE,"sslv3 alert unsupported certificate"},
+{SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION,"ssl ctx has no default ssl version"},
+{SSL_R_SSL_HANDSHAKE_FAILURE ,"ssl handshake failure"},
+{SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS ,"ssl library has no ciphers"},
+{SSL_R_SSL_SESSION_ID_IS_DIFFERENT ,"ssl session id is different"},
+{SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER,"tls client cert req with anon cipher"},
+{SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST,"tls peer did not respond with certificate list"},
+{SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG,"tls rsa encrypted value length is wrong"},
+{SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER ,"tried to use unsupported cipher"},
+{SSL_R_UNABLE_TO_DECODE_DH_CERTS ,"unable to decode dh certs"},
+{SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY ,"unable to extract public key"},
+{SSL_R_UNABLE_TO_FIND_DH_PARAMETERS ,"unable to find dh parameters"},
+{SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS,"unable to find public key parameters"},
+{SSL_R_UNABLE_TO_FIND_SSL_METHOD ,"unable to find ssl method"},
+{SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES ,"unable to load ssl2 md5 routines"},
+{SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES ,"unable to load ssl3 md5 routines"},
+{SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES ,"unable to load ssl3 sha1 routines"},
+{SSL_R_UNEXPECTED_MESSAGE ,"unexpected message"},
+{SSL_R_UNEXPECTED_RECORD ,"unexpected record"},
+{SSL_R_UNKNOWN_ALERT_TYPE ,"unknown alert type"},
+{SSL_R_UNKNOWN_CERTIFICATE_TYPE ,"unknown certificate type"},
+{SSL_R_UNKNOWN_CIPHER_RETURNED ,"unknown cipher returned"},
+{SSL_R_UNKNOWN_CIPHER_TYPE ,"unknown cipher type"},
+{SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE ,"unknown key exchange type"},
+{SSL_R_UNKNOWN_PKEY_TYPE ,"unknown pkey type"},
+{SSL_R_UNKNOWN_PROTOCOL ,"unknown protocol"},
+{SSL_R_UNKNOWN_REMOTE_ERROR_TYPE ,"unknown remote error type"},
+{SSL_R_UNKNOWN_SSL_VERSION ,"unknown ssl version"},
+{SSL_R_UNKNOWN_STATE ,"unknown state"},
+{SSL_R_UNSUPPORTED_CIPHER ,"unsupported cipher"},
+{SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM ,"unsupported compression algorithm"},
+{SSL_R_UNSUPPORTED_PROTOCOL ,"unsupported protocol"},
+{SSL_R_UNSUPPORTED_SSL_VERSION ,"unsupported ssl version"},
+{SSL_R_WRITE_BIO_NOT_SET ,"write bio not set"},
+{SSL_R_WRONG_CIPHER_RETURNED ,"wrong cipher returned"},
+{SSL_R_WRONG_MESSAGE_TYPE ,"wrong message type"},
+{SSL_R_WRONG_NUMBER_OF_KEY_BITS ,"wrong number of key bits"},
+{SSL_R_WRONG_SIGNATURE_LENGTH ,"wrong signature length"},
+{SSL_R_WRONG_SIGNATURE_SIZE ,"wrong signature size"},
+{SSL_R_WRONG_SSL_VERSION ,"wrong ssl version"},
+{SSL_R_WRONG_VERSION_NUMBER ,"wrong version number"},
+{SSL_R_X509_LIB ,"x509 lib"},
+{0,NULL},
+ };
+
+#endif
+
+void ERR_load_SSL_strings()
+ {
+ static int init=1;
+
+ if (init);
+ {;
+ init=0;
+#ifndef NO_ERR
+ ERR_load_strings(ERR_LIB_SSL,SSL_str_functs);
+ ERR_load_strings(ERR_LIB_SSL,SSL_str_reasons);
+#endif
+
+ }
+ }
diff --git a/src/lib/libssl/src/ssl/ssl_err2.c b/src/lib/libssl/src/ssl/ssl_err2.c
new file mode 100644
index 0000000000..0b91f7b8d2
--- /dev/null
+++ b/src/lib/libssl/src/ssl/ssl_err2.c
@@ -0,0 +1,70 @@
+/* ssl/ssl_err2.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "err.h"
+#include "ssl.h"
+
+void SSL_load_error_strings()
+ {
+#ifndef NO_ERR
+ ERR_load_crypto_strings();
+ ERR_load_SSL_strings();
+#endif
+ }
+
diff --git a/src/lib/libssl/src/ssl/ssl_lib.c b/src/lib/libssl/src/ssl/ssl_lib.c
new file mode 100644
index 0000000000..f562ec6b14
--- /dev/null
+++ b/src/lib/libssl/src/ssl/ssl_lib.c
@@ -0,0 +1,1721 @@
+/* ssl/ssl_lib.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "objects.h"
+#include "lhash.h"
+#include "ssl_locl.h"
+
+char *SSL_version_str="SSLeay 0.9.0b 29-Jun-1998";
+
+static STACK *ssl_meth=NULL;
+static STACK *ssl_ctx_meth=NULL;
+static int ssl_meth_num=0;
+static int ssl_ctx_meth_num=0;
+
+SSL3_ENC_METHOD ssl3_undef_enc_method={
+ ssl_undefined_function,
+ ssl_undefined_function,
+ ssl_undefined_function,
+ ssl_undefined_function,
+ ssl_undefined_function,
+ ssl_undefined_function,
+ };
+
+void SSL_clear(s)
+SSL *s;
+ {
+ int state;
+
+ if (s->method == NULL) return;
+
+ s->error=0;
+ s->hit=0;
+
+ /* This is set if we are doing dynamic renegotiation so keep
+ * the old cipher. It is sort of a SSL_clear_lite :-) */
+ if (s->new_session) return;
+
+ state=s->state; /* Keep to check if we throw away the session-id */
+ s->type=0;
+
+ s->version=s->method->version;
+ s->rwstate=SSL_NOTHING;
+ s->state=SSL_ST_BEFORE;
+ s->rstate=SSL_ST_READ_HEADER;
+ s->read_ahead=s->ctx->default_read_ahead;
+
+/* s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN); */
+
+ if (s->init_buf != NULL)
+ {
+ BUF_MEM_free(s->init_buf);
+ s->init_buf=NULL;
+ }
+
+ ssl_clear_cipher_ctx(s);
+
+ if (ssl_clear_bad_session(s))
+ {
+ SSL_SESSION_free(s->session);
+ s->session=NULL;
+ }
+
+ s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
+ s->first_packet=0;
+
+ s->method->ssl_clear(s);
+ }
+
+/* Used to change an SSL_CTXs default SSL method type */
+int SSL_CTX_set_ssl_version(ctx,meth)
+SSL_CTX *ctx;
+SSL_METHOD *meth;
+ {
+ STACK *sk;
+
+ ctx->method=meth;
+
+ sk=ssl_create_cipher_list(ctx->method,&(ctx->cipher_list),
+ &(ctx->cipher_list_by_id),SSL_DEFAULT_CIPHER_LIST);
+ if ((sk == NULL) || (sk_num(sk) <= 0))
+ {
+ SSLerr(SSL_F_SSL_CTX_SET_SSL_VERSION,SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);
+ return(0);
+ }
+ return(1);
+ }
+
+SSL *SSL_new(ctx)
+SSL_CTX *ctx;
+ {
+ SSL *s;
+
+ if (ctx == NULL)
+ {
+ SSLerr(SSL_F_SSL_NEW,SSL_R_NULL_SSL_CTX);
+ return(NULL);
+ }
+ if (ctx->method == NULL)
+ {
+ SSLerr(SSL_F_SSL_NEW,SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION);
+ return(NULL);
+ }
+
+ s=(SSL *)Malloc(sizeof(SSL));
+ if (s == NULL) goto err;
+ memset(s,0,sizeof(SSL));
+
+ if (ctx->default_cert != NULL)
+ {
+ CRYPTO_add(&ctx->default_cert->references,1,
+ CRYPTO_LOCK_SSL_CERT);
+ s->cert=ctx->default_cert;
+ }
+ else
+ s->cert=NULL;
+ s->verify_mode=ctx->default_verify_mode;
+ s->verify_callback=ctx->default_verify_callback;
+ CRYPTO_add(&ctx->references,1,CRYPTO_LOCK_SSL_CTX);
+ s->ctx=ctx;
+
+ s->verify_result=X509_V_OK;
+
+ s->method=ctx->method;
+
+ if (!s->method->ssl_new(s))
+ {
+ SSL_CTX_free(ctx);
+ Free(s);
+ goto err;
+ }
+
+ s->quiet_shutdown=ctx->quiet_shutdown;
+ s->references=1;
+ s->options=ctx->options;
+ SSL_clear(s);
+
+ CRYPTO_new_ex_data(ssl_meth,(char *)s,&s->ex_data);
+
+ return(s);
+err:
+ SSLerr(SSL_F_SSL_NEW,ERR_R_MALLOC_FAILURE);
+ return(NULL);
+ }
+
+void SSL_free(s)
+SSL *s;
+ {
+ int i;
+
+ i=CRYPTO_add(&s->references,-1,CRYPTO_LOCK_SSL);
+#ifdef REF_PRINT
+ REF_PRINT("SSL",s);
+#endif
+ if (i > 0) return;
+#ifdef REF_CHECK
+ if (i < 0)
+ {
+ fprintf(stderr,"SSL_free, bad reference count\n");
+ abort(); /* ok */
+ }
+#endif
+
+ CRYPTO_free_ex_data(ssl_meth,(char *)s,&s->ex_data);
+
+ if (s->bbio != NULL)
+ {
+ /* If the buffering BIO is in place, pop it off */
+ if (s->bbio == s->wbio)
+ {
+ s->wbio=BIO_pop(s->wbio);
+ }
+ BIO_free(s->bbio);
+ s->bbio=NULL;
+ }
+ if (s->rbio != NULL)
+ BIO_free_all(s->rbio);
+ if ((s->wbio != NULL) && (s->wbio != s->rbio))
+ BIO_free_all(s->wbio);
+
+ if (s->init_buf != NULL) BUF_MEM_free(s->init_buf);
+
+ /* add extra stuff */
+ if (s->cipher_list != NULL) sk_free(s->cipher_list);
+ if (s->cipher_list_by_id != NULL) sk_free(s->cipher_list_by_id);
+
+ /* Make the next call work :-) */
+ if (s->session != NULL)
+ {
+ ssl_clear_bad_session(s);
+ SSL_SESSION_free(s->session);
+ }
+
+ ssl_clear_cipher_ctx(s);
+
+ if (s->cert != NULL) ssl_cert_free(s->cert);
+ /* Free up if allocated */
+
+ if (s->ctx) SSL_CTX_free(s->ctx);
+
+ if (s->client_CA != NULL)
+ sk_pop_free(s->client_CA,X509_NAME_free);
+
+ if (s->method != NULL) s->method->ssl_free(s);
+
+ Free((char *)s);
+ }
+
+void SSL_set_bio(s, rbio,wbio)
+SSL *s;
+BIO *rbio;
+BIO *wbio;
+ {
+ /* If the output buffering BIO is still in place, remove it
+ */
+ if (s->bbio != NULL)
+ {
+ if (s->wbio == s->bbio)
+ {
+ s->wbio=s->wbio->next_bio;
+ s->bbio->next_bio=NULL;
+ }
+ }
+ if ((s->rbio != NULL) && (s->rbio != rbio))
+ BIO_free_all(s->rbio);
+ if ((s->wbio != NULL) && (s->wbio != wbio) && (s->rbio != s->wbio))
+ BIO_free_all(s->wbio);
+ s->rbio=rbio;
+ s->wbio=wbio;
+ }
+
+BIO *SSL_get_rbio(s)
+SSL *s;
+ { return(s->rbio); }
+
+BIO *SSL_get_wbio(s)
+SSL *s;
+ { return(s->wbio); }
+
+int SSL_get_fd(s)
+SSL *s;
+ {
+ int ret= -1;
+ BIO *b,*r;
+
+ b=SSL_get_rbio(s);
+ r=BIO_find_type(b,BIO_TYPE_DESCRIPTOR);
+ if (r != NULL)
+ BIO_get_fd(r,&ret);
+ return(ret);
+ }
+
+#ifndef NO_SOCK
+int SSL_set_fd(s, fd)
+SSL *s;
+int fd;
+ {
+ int ret=0;
+ BIO *bio=NULL;
+
+ bio=BIO_new(BIO_s_socket());
+
+ if (bio == NULL)
+ {
+ SSLerr(SSL_F_SSL_SET_FD,ERR_R_BUF_LIB);
+ goto err;
+ }
+ BIO_set_fd(bio,fd,BIO_NOCLOSE);
+ SSL_set_bio(s,bio,bio);
+ ret=1;
+err:
+ return(ret);
+ }
+
+int SSL_set_wfd(s, fd)
+SSL *s;
+int fd;
+ {
+ int ret=0;
+ BIO *bio=NULL;
+
+ if ((s->rbio == NULL) || (BIO_method_type(s->rbio) != BIO_TYPE_SOCKET)
+ || ((int)BIO_get_fd(s->rbio,NULL) != fd))
+ {
+ bio=BIO_new(BIO_s_socket());
+
+ if (bio == NULL)
+ { SSLerr(SSL_F_SSL_SET_WFD,ERR_R_BUF_LIB); goto err; }
+ BIO_set_fd(bio,fd,BIO_NOCLOSE);
+ SSL_set_bio(s,SSL_get_rbio(s),bio);
+ }
+ else
+ SSL_set_bio(s,SSL_get_rbio(s),SSL_get_rbio(s));
+ ret=1;
+err:
+ return(ret);
+ }
+
+int SSL_set_rfd(s, fd)
+SSL *s;
+int fd;
+ {
+ int ret=0;
+ BIO *bio=NULL;
+
+ if ((s->wbio == NULL) || (BIO_method_type(s->wbio) != BIO_TYPE_SOCKET)
+ || ((int)BIO_get_fd(s->wbio,NULL) != fd))
+ {
+ bio=BIO_new(BIO_s_socket());
+
+ if (bio == NULL)
+ {
+ SSLerr(SSL_F_SSL_SET_RFD,ERR_R_BUF_LIB);
+ goto err;
+ }
+ BIO_set_fd(bio,fd,BIO_NOCLOSE);
+ SSL_set_bio(s,bio,SSL_get_wbio(s));
+ }
+ else
+ SSL_set_bio(s,SSL_get_wbio(s),SSL_get_wbio(s));
+ ret=1;
+err:
+ return(ret);
+ }
+#endif
+
+int SSL_get_verify_mode(s)
+SSL *s;
+ {
+ return(s->verify_mode);
+ }
+
+int (*SSL_get_verify_callback(s))()
+SSL *s;
+ {
+ return(s->verify_callback);
+ }
+
+int SSL_CTX_get_verify_mode(ctx)
+SSL_CTX *ctx;
+ {
+ return(ctx->default_verify_mode);
+ }
+
+int (*SSL_CTX_get_verify_callback(ctx))()
+SSL_CTX *ctx;
+ {
+ return(ctx->default_verify_callback);
+ }
+
+void SSL_set_verify(s, mode, callback)
+SSL *s;
+int mode;
+int (*callback)();
+ {
+ s->verify_mode=mode;
+ if (callback != NULL)
+ s->verify_callback=callback;
+ }
+
+void SSL_set_read_ahead(s, yes)
+SSL *s;
+int yes;
+ {
+ s->read_ahead=yes;
+ }
+
+int SSL_get_read_ahead(s)
+SSL *s;
+ {
+ return(s->read_ahead);
+ }
+
+int SSL_pending(s)
+SSL *s;
+ {
+ return(s->method->ssl_pending(s));
+ }
+
+X509 *SSL_get_peer_certificate(s)
+SSL *s;
+ {
+ X509 *r;
+
+ if ((s == NULL) || (s->session == NULL))
+ r=NULL;
+ else
+ r=s->session->peer;
+
+ if (r == NULL) return(r);
+
+ CRYPTO_add(&r->references,1,CRYPTO_LOCK_X509);
+
+ return(r);
+ }
+
+STACK *SSL_get_peer_cert_chain(s)
+SSL *s;
+ {
+ STACK *r;
+
+ if ((s == NULL) || (s->session == NULL) || (s->session->cert == NULL))
+ r=NULL;
+ else
+ r=s->session->cert->cert_chain;
+
+ return(r);
+ }
+
+/* Now in theory, since the calling process own 't' it should be safe to
+ * modify. We need to be able to read f without being hassled */
+void SSL_copy_session_id(t,f)
+SSL *t,*f;
+ {
+ CERT *tmp;
+
+ /* Do we need to to SSL locking? */
+ SSL_set_session(t,SSL_get_session(f));
+
+ /* what if we are setup as SSLv2 but want to talk SSLv3 or
+ * vice-versa */
+ if (t->method != f->method)
+ {
+ t->method->ssl_free(t); /* cleanup current */
+ t->method=f->method; /* change method */
+ t->method->ssl_new(t); /* setup new */
+ }
+
+ tmp=t->cert;
+ if (f->cert != NULL)
+ {
+ CRYPTO_add(&f->cert->references,1,CRYPTO_LOCK_SSL_CERT);
+ t->cert=f->cert;
+ }
+ else
+ t->cert=NULL;
+ if (tmp != NULL) ssl_cert_free(tmp);
+ }
+
+/* Fix this so it checks all the valid key/cert options */
+int SSL_CTX_check_private_key(ctx)
+SSL_CTX *ctx;
+ {
+ if ( (ctx == NULL) ||
+ (ctx->default_cert == NULL) ||
+ (ctx->default_cert->key->x509 == NULL))
+ {
+ SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,SSL_R_NO_CERTIFICATE_ASSIGNED);
+ return(0);
+ }
+ if (ctx->default_cert->key->privatekey == NULL)
+ {
+ SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,SSL_R_NO_PRIVATE_KEY_ASSIGNED);
+ return(0);
+ }
+ return(X509_check_private_key(ctx->default_cert->key->x509, ctx->default_cert->key->privatekey));
+ }
+
+/* Fix this function so that it takes an optional type parameter */
+int SSL_check_private_key(ssl)
+SSL *ssl;
+ {
+ if (ssl == NULL)
+ {
+ SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,ERR_R_PASSED_NULL_PARAMETER);
+ return(0);
+ }
+ if (ssl->cert == NULL)
+ return(SSL_CTX_check_private_key(ssl->ctx));
+ if (ssl->cert->key->x509 == NULL)
+ {
+ SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,SSL_R_NO_CERTIFICATE_ASSIGNED);
+ return(0);
+ }
+ if (ssl->cert->key->privatekey == NULL)
+ {
+ SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,SSL_R_NO_PRIVATE_KEY_ASSIGNED);
+ return(0);
+ }
+ return(X509_check_private_key(ssl->cert->key->x509,
+ ssl->cert->key->privatekey));
+ }
+
+int SSL_accept(s)
+SSL *s;
+ {
+ return(s->method->ssl_accept(s));
+ }
+
+int SSL_connect(s)
+SSL *s;
+ {
+ return(s->method->ssl_connect(s));
+ }
+
+long SSL_get_default_timeout(s)
+SSL *s;
+ {
+ return(s->method->get_timeout());
+ }
+
+int SSL_read(s,buf,num)
+SSL *s;
+char *buf;
+int num;
+ {
+ if (s->shutdown & SSL_RECEIVED_SHUTDOWN)
+ {
+ s->rwstate=SSL_NOTHING;
+ return(0);
+ }
+ return(s->method->ssl_read(s,buf,num));
+ }
+
+int SSL_peek(s,buf,num)
+SSL *s;
+char *buf;
+int num;
+ {
+ if (s->shutdown & SSL_RECEIVED_SHUTDOWN)
+ {
+ return(0);
+ }
+ return(s->method->ssl_peek(s,buf,num));
+ }
+
+int SSL_write(s,buf,num)
+SSL *s;
+char *buf;
+int num;
+ {
+ if (s->shutdown & SSL_SENT_SHUTDOWN)
+ {
+ s->rwstate=SSL_NOTHING;
+ SSLerr(SSL_F_SSL_WRITE,SSL_R_PROTOCOL_IS_SHUTDOWN);
+ return(-1);
+ }
+ return(s->method->ssl_write(s,buf,num));
+ }
+
+int SSL_shutdown(s)
+SSL *s;
+ {
+ if ((s != NULL) && !SSL_in_init(s))
+ return(s->method->ssl_shutdown(s));
+ else
+ return(1);
+ }
+
+int SSL_renegotiate(s)
+SSL *s;
+ {
+ s->new_session=1;
+ return(s->method->ssl_renegotiate(s));
+ }
+
+long SSL_ctrl(s,cmd,larg,parg)
+SSL *s;
+int cmd;
+long larg;
+char *parg;
+ {
+ return(s->method->ssl_ctrl(s,cmd,larg,parg));
+ }
+
+long SSL_CTX_ctrl(ctx,cmd,larg,parg)
+SSL_CTX *ctx;
+int cmd;
+long larg;
+char *parg;
+ {
+ return(ctx->method->ssl_ctx_ctrl(ctx,cmd,larg,parg));
+ }
+
+int ssl_cipher_id_cmp(a,b)
+SSL_CIPHER *a,*b;
+ {
+ long l;
+
+ l=a->id-b->id;
+ if (l == 0L)
+ return(0);
+ else
+ return((l > 0)?1:-1);
+ }
+
+int ssl_cipher_ptr_id_cmp(ap,bp)
+SSL_CIPHER **ap,**bp;
+ {
+ long l;
+
+ l=(*ap)->id-(*bp)->id;
+ if (l == 0L)
+ return(0);
+ else
+ return((l > 0)?1:-1);
+ }
+
+/* return a STACK of the ciphers available for the SSL and in order of
+ * preference */
+STACK *SSL_get_ciphers(s)
+SSL *s;
+ {
+ if ((s != NULL) && (s->cipher_list != NULL))
+ {
+ return(s->cipher_list);
+ }
+ else if ((s->ctx != NULL) &&
+ (s->ctx->cipher_list != NULL))
+ {
+ return(s->ctx->cipher_list);
+ }
+ return(NULL);
+ }
+
+/* return a STACK of the ciphers available for the SSL and in order of
+ * algorithm id */
+STACK *ssl_get_ciphers_by_id(s)
+SSL *s;
+ {
+ if ((s != NULL) && (s->cipher_list_by_id != NULL))
+ {
+ return(s->cipher_list_by_id);
+ }
+ else if ((s != NULL) && (s->ctx != NULL) &&
+ (s->ctx->cipher_list_by_id != NULL))
+ {
+ return(s->ctx->cipher_list_by_id);
+ }
+ return(NULL);
+ }
+
+/* The old interface to get the same thing as SSL_get_ciphers() */
+char *SSL_get_cipher_list(s,n)
+SSL *s;
+int n;
+ {
+ SSL_CIPHER *c;
+ STACK *sk;
+
+ if (s == NULL) return(NULL);
+ sk=SSL_get_ciphers(s);
+ if ((sk == NULL) || (sk_num(sk) <= n))
+ return(NULL);
+ c=(SSL_CIPHER *)sk_value(sk,n);
+ if (c == NULL) return(NULL);
+ return(c->name);
+ }
+
+/* specify the ciphers to be used by defaut by the SSL_CTX */
+int SSL_CTX_set_cipher_list(ctx,str)
+SSL_CTX *ctx;
+char *str;
+ {
+ STACK *sk;
+
+ sk=ssl_create_cipher_list(ctx->method,&ctx->cipher_list,
+ &ctx->cipher_list_by_id,str);
+/* XXXX */
+ return((sk == NULL)?0:1);
+ }
+
+/* specify the ciphers to be used by the SSL */
+int SSL_set_cipher_list(s, str)
+SSL *s;
+char *str;
+ {
+ STACK *sk;
+
+ sk=ssl_create_cipher_list(s->ctx->method,&s->cipher_list,
+ &s->cipher_list_by_id,str);
+/* XXXX */
+ return((sk == NULL)?0:1);
+ }
+
+/* works well for SSLv2, not so good for SSLv3 */
+char *SSL_get_shared_ciphers(s,buf,len)
+SSL *s;
+char *buf;
+int len;
+ {
+ char *p,*cp;
+ STACK *sk;
+ SSL_CIPHER *c;
+ int i;
+
+ if ((s->session == NULL) || (s->session->ciphers == NULL) ||
+ (len < 2))
+ return(NULL);
+
+ p=buf;
+ sk=s->session->ciphers;
+ for (i=0; i<sk_num(sk); i++)
+ {
+ /* Decrement for either the ':' or a '\0' */
+ len--;
+ c=(SSL_CIPHER *)sk_value(sk,i);
+ for (cp=c->name; *cp; )
+ {
+ if (len-- == 0)
+ {
+ *p='\0';
+ return(buf);
+ }
+ else
+ *(p++)= *(cp++);
+ }
+ *(p++)=':';
+ }
+ p[-1]='\0';
+ return(buf);
+ }
+
+int ssl_cipher_list_to_bytes(s,sk,p)
+SSL *s;
+STACK *sk;
+unsigned char *p;
+ {
+ int i,j=0;
+ SSL_CIPHER *c;
+ unsigned char *q;
+
+ if (sk == NULL) return(0);
+ q=p;
+
+ for (i=0; i<sk_num(sk); i++)
+ {
+ c=(SSL_CIPHER *)sk_value(sk,i);
+ j=ssl_put_cipher_by_char(s,c,p);
+ p+=j;
+ }
+ return(p-q);
+ }
+
+STACK *ssl_bytes_to_cipher_list(s,p,num,skp)
+SSL *s;
+unsigned char *p;
+int num;
+STACK **skp;
+ {
+ SSL_CIPHER *c;
+ STACK *sk;
+ int i,n;
+
+ n=ssl_put_cipher_by_char(s,NULL,NULL);
+ if ((num%n) != 0)
+ {
+ SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
+ return(NULL);
+ }
+ if ((skp == NULL) || (*skp == NULL))
+ sk=sk_new(NULL); /* change perhaps later */
+ else
+ {
+ sk= *skp;
+ sk_zero(sk);
+ }
+
+ for (i=0; i<num; i+=n)
+ {
+ c=ssl_get_cipher_by_char(s,p);
+ p+=n;
+ if (c != NULL)
+ {
+ if (!sk_push(sk,(char *)c))
+ {
+ SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ }
+ }
+
+ if (skp != NULL)
+ *skp=sk;
+ return(sk);
+err:
+ if ((skp == NULL) || (*skp == NULL))
+ sk_free(sk);
+ return(NULL);
+ }
+
+unsigned long SSL_SESSION_hash(a)
+SSL_SESSION *a;
+ {
+ unsigned long l;
+
+ l= (a->session_id[0] )|(a->session_id[1]<< 8L)|
+ (a->session_id[2]<<16L)|(a->session_id[3]<<24L);
+ return(l);
+ }
+
+int SSL_SESSION_cmp(a, b)
+SSL_SESSION *a;
+SSL_SESSION *b;
+ {
+ if (a->ssl_version != b->ssl_version)
+ return(1);
+ if (a->session_id_length != b->session_id_length)
+ return(1);
+ return(memcmp(a->session_id,b->session_id,a->session_id_length));
+ }
+
+SSL_CTX *SSL_CTX_new(meth)
+SSL_METHOD *meth;
+ {
+ SSL_CTX *ret;
+
+ if (meth == NULL)
+ {
+ SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_NULL_SSL_METHOD_PASSED);
+ return(NULL);
+ }
+ ret=(SSL_CTX *)Malloc(sizeof(SSL_CTX));
+ if (ret == NULL)
+ goto err;
+
+ memset(ret,0,sizeof(SSL_CTX));
+
+ ret->method=meth;
+
+ ret->cert_store=NULL;
+ ret->session_cache_mode=SSL_SESS_CACHE_SERVER;
+ ret->session_cache_size=SSL_SESSION_CACHE_MAX_SIZE_DEFAULT;
+ ret->session_cache_head=NULL;
+ ret->session_cache_tail=NULL;
+
+ /* We take the system default */
+ ret->session_timeout=meth->get_timeout();
+
+ ret->new_session_cb=NULL;
+ ret->remove_session_cb=NULL;
+ ret->get_session_cb=NULL;
+
+ ret->sess_connect=0;
+ ret->sess_connect_good=0;
+ ret->sess_accept=0;
+ ret->sess_accept_renegotiate=0;
+ ret->sess_connect_renegotiate=0;
+ ret->sess_accept_good=0;
+ ret->sess_miss=0;
+ ret->sess_timeout=0;
+ ret->sess_cache_full=0;
+ ret->sess_hit=0;
+ ret->sess_cb_hit=0;
+
+ ret->references=1;
+ ret->quiet_shutdown=0;
+
+/* ret->cipher=NULL;*/
+/* ret->s2->challenge=NULL;
+ ret->master_key=NULL;
+ ret->key_arg=NULL;
+ ret->s2->conn_id=NULL; */
+
+ ret->info_callback=NULL;
+
+ ret->app_verify_callback=NULL;
+ ret->app_verify_arg=NULL;
+
+ ret->default_read_ahead=0;
+ ret->default_verify_mode=SSL_VERIFY_NONE;
+ ret->default_verify_callback=NULL;
+ if ((ret->default_cert=ssl_cert_new()) == NULL)
+ goto err;
+
+ ret->default_passwd_callback=NULL;
+ ret->client_cert_cb=NULL;
+
+ ret->sessions=lh_new(SSL_SESSION_hash,SSL_SESSION_cmp);
+ if (ret->sessions == NULL) goto err;
+ ret->cert_store=X509_STORE_new();
+ if (ret->cert_store == NULL) goto err;
+
+ ssl_create_cipher_list(ret->method,
+ &ret->cipher_list,&ret->cipher_list_by_id,
+ SSL_DEFAULT_CIPHER_LIST);
+ if ((ret->cipher_list == NULL) || (sk_num(ret->cipher_list) <= 0))
+ {
+ SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_LIBRARY_HAS_NO_CIPHERS);
+ goto err2;
+ }
+
+ if ((ret->rsa_md5=EVP_get_digestbyname("ssl2-md5")) == NULL)
+ {
+ SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_UNABLE_TO_LOAD_SSL2_MD5_ROUTINES);
+ goto err2;
+ }
+ if ((ret->md5=EVP_get_digestbyname("ssl3-md5")) == NULL)
+ {
+ SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES);
+ goto err2;
+ }
+ if ((ret->sha1=EVP_get_digestbyname("ssl3-sha1")) == NULL)
+ {
+ SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES);
+ goto err2;
+ }
+
+ if ((ret->client_CA=sk_new_null()) == NULL)
+ goto err;
+
+ CRYPTO_new_ex_data(ssl_ctx_meth,(char *)ret,&ret->ex_data);
+
+ return(ret);
+err:
+ SSLerr(SSL_F_SSL_CTX_NEW,ERR_R_MALLOC_FAILURE);
+err2:
+ if (ret != NULL) SSL_CTX_free(ret);
+ return(NULL);
+ }
+
+void SSL_CTX_free(a)
+SSL_CTX *a;
+ {
+ int i;
+
+ if (a == NULL) return;
+
+ i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_SSL_CTX);
+#ifdef REF_PRINT
+ REF_PRINT("SSL_CTX",a);
+#endif
+ if (i > 0) return;
+#ifdef REF_CHECK
+ if (i < 0)
+ {
+ fprintf(stderr,"SSL_CTX_free, bad reference count\n");
+ abort(); /* ok */
+ }
+#endif
+ CRYPTO_free_ex_data(ssl_ctx_meth,(char *)a,&a->ex_data);
+
+ if (a->sessions != NULL)
+ {
+ SSL_CTX_flush_sessions(a,0);
+ lh_free(a->sessions);
+ }
+ if (a->cert_store != NULL)
+ X509_STORE_free(a->cert_store);
+ if (a->cipher_list != NULL)
+ sk_free(a->cipher_list);
+ if (a->cipher_list_by_id != NULL)
+ sk_free(a->cipher_list_by_id);
+ if (a->default_cert != NULL)
+ ssl_cert_free(a->default_cert);
+ if (a->client_CA != NULL)
+ sk_pop_free(a->client_CA,X509_NAME_free);
+ Free((char *)a);
+ }
+
+void SSL_CTX_set_default_passwd_cb(ctx,cb)
+SSL_CTX *ctx;
+int (*cb)();
+ {
+ ctx->default_passwd_callback=cb;
+ }
+
+void SSL_CTX_set_cert_verify_cb(ctx,cb,arg)
+SSL_CTX *ctx;
+int (*cb)();
+char *arg;
+ {
+ ctx->app_verify_callback=cb;
+ ctx->app_verify_arg=arg;
+ }
+
+void SSL_CTX_set_verify(ctx,mode,cb)
+SSL_CTX *ctx;
+int mode;
+int (*cb)();
+ {
+ ctx->default_verify_mode=mode;
+ ctx->default_verify_callback=cb;
+ /* This needs cleaning up EAY EAY EAY */
+ X509_STORE_set_verify_cb_func(ctx->cert_store,cb);
+ }
+
+void ssl_set_cert_masks(c)
+CERT *c;
+ {
+ CERT_PKEY *cpk;
+ int rsa_enc,rsa_tmp,rsa_sign,dh_tmp,dh_rsa,dh_dsa,dsa_sign;
+ int rsa_enc_export,dh_rsa_export,dh_dsa_export;
+ int rsa_tmp_export,dh_tmp_export;
+ unsigned long mask,emask;
+
+ if ((c == NULL) || (c->valid)) return;
+
+#ifndef NO_RSA
+ rsa_tmp=((c->rsa_tmp != NULL) || (c->rsa_tmp_cb != NULL))?1:0;
+ rsa_tmp_export=((c->rsa_tmp_cb != NULL) ||
+ (rsa_tmp && (RSA_size(c->rsa_tmp)*8 <= 512)))?1:0;
+#else
+ rsa_tmp=rsa_tmp_export=0;
+#endif
+#ifndef NO_DH
+ dh_tmp=((c->dh_tmp != NULL) || (c->dh_tmp_cb != NULL))?1:0;
+ dh_tmp_export=((c->dh_tmp_cb != NULL) ||
+ (dh_tmp && (DH_size(c->dh_tmp)*8 <= 512)))?1:0;
+#else
+ dh_tmp=dh_tmp_export=0;
+#endif
+
+ cpk= &(c->pkeys[SSL_PKEY_RSA_ENC]);
+ rsa_enc= ((cpk->x509 != NULL) && (cpk->privatekey != NULL))?1:0;
+ rsa_enc_export=(rsa_enc && (EVP_PKEY_size(cpk->privatekey)*8 <= 512))?1:0;
+ cpk= &(c->pkeys[SSL_PKEY_RSA_SIGN]);
+ rsa_sign=((cpk->x509 != NULL) && (cpk->privatekey != NULL))?1:0;
+ cpk= &(c->pkeys[SSL_PKEY_DSA_SIGN]);
+ dsa_sign=((cpk->x509 != NULL) && (cpk->privatekey != NULL))?1:0;
+ cpk= &(c->pkeys[SSL_PKEY_DH_RSA]);
+ dh_rsa= ((cpk->x509 != NULL) && (cpk->privatekey != NULL))?1:0;
+ dh_rsa_export=(dh_rsa && (EVP_PKEY_size(cpk->privatekey)*8 <= 512))?1:0;
+ cpk= &(c->pkeys[SSL_PKEY_DH_DSA]);
+/* FIX THIS EAY EAY EAY */
+ dh_dsa= ((cpk->x509 != NULL) && (cpk->privatekey != NULL))?1:0;
+ dh_dsa_export=(dh_dsa && (EVP_PKEY_size(cpk->privatekey)*8 <= 512))?1:0;
+
+ mask=0;
+ emask=0;
+
+#ifdef CIPHER_DEBUG
+ printf("rt=%d dht=%d re=%d rs=%d ds=%d dhr=%d dhd=%d\n",
+ rsa_tmp,dh_tmp,
+ rsa_enc,rsa_sign,dsa_sign,dh_rsa,dh_dsa);
+#endif
+
+ if (rsa_enc || (rsa_tmp && rsa_sign))
+ mask|=SSL_kRSA;
+ if (rsa_enc_export || (rsa_tmp_export && rsa_sign))
+ emask|=SSL_kRSA;
+
+#if 0
+ /* The match needs to be both kEDH and aRSA or aDSA, so don't worry */
+ if ( (dh_tmp || dh_rsa || dh_dsa) &&
+ (rsa_enc || rsa_sign || dsa_sign))
+ mask|=SSL_kEDH;
+ if ((dh_tmp_export || dh_rsa_export || dh_dsa_export) &&
+ (rsa_enc || rsa_sign || dsa_sign))
+ emask|=SSL_kEDH;
+#endif
+
+ if (dh_tmp_export)
+ emask|=SSL_kEDH;
+
+ if (dh_tmp)
+ mask|=SSL_kEDH;
+
+ if (dh_rsa) mask|=SSL_kDHr;
+ if (dh_rsa_export) emask|=SSL_kDHr;
+
+ if (dh_dsa) mask|=SSL_kDHd;
+ if (dh_dsa_export) emask|=SSL_kDHd;
+
+ if (rsa_enc || rsa_sign)
+ {
+ mask|=SSL_aRSA;
+ emask|=SSL_aRSA;
+ }
+
+ if (dsa_sign)
+ {
+ mask|=SSL_aDSS;
+ emask|=SSL_aDSS;
+ }
+
+#ifdef SSL_ALLOW_ADH
+ mask|=SSL_aNULL;
+ emask|=SSL_aNULL;
+#endif
+
+ c->mask=mask;
+ c->export_mask=emask;
+ c->valid=1;
+ }
+
+/* THIS NEEDS CLEANING UP */
+X509 *ssl_get_server_send_cert(s)
+SSL *s;
+ {
+ unsigned long alg,mask,kalg;
+ CERT *c;
+ int i,export;
+
+ c=s->cert;
+ ssl_set_cert_masks(c);
+ alg=s->s3->tmp.new_cipher->algorithms;
+ export=(alg & SSL_EXPORT)?1:0;
+ mask=(export)?c->export_mask:c->mask;
+ kalg=alg&(SSL_MKEY_MASK|SSL_AUTH_MASK);
+
+ if (kalg & SSL_kDHr)
+ i=SSL_PKEY_DH_RSA;
+ else if (kalg & SSL_kDHd)
+ i=SSL_PKEY_DH_DSA;
+ else if (kalg & SSL_aDSS)
+ i=SSL_PKEY_DSA_SIGN;
+ else if (kalg & SSL_aRSA)
+ {
+ if (c->pkeys[SSL_PKEY_RSA_ENC].x509 == NULL)
+ i=SSL_PKEY_RSA_SIGN;
+ else
+ i=SSL_PKEY_RSA_ENC;
+ }
+ else /* if (kalg & SSL_aNULL) */
+ {
+ SSLerr(SSL_F_SSL_GET_SERVER_SEND_CERT,SSL_R_INTERNAL_ERROR);
+ return(NULL);
+ }
+ if (c->pkeys[i].x509 == NULL) return(NULL);
+ return(c->pkeys[i].x509);
+ }
+
+EVP_PKEY *ssl_get_sign_pkey(s,cipher)
+SSL *s;
+SSL_CIPHER *cipher;
+ {
+ unsigned long alg;
+ CERT *c;
+
+ alg=cipher->algorithms;
+ c=s->cert;
+
+ if ((alg & SSL_aDSS) &&
+ (c->pkeys[SSL_PKEY_DSA_SIGN].privatekey != NULL))
+ return(c->pkeys[SSL_PKEY_DSA_SIGN].privatekey);
+ else if (alg & SSL_aRSA)
+ {
+ if (c->pkeys[SSL_PKEY_RSA_SIGN].privatekey != NULL)
+ return(c->pkeys[SSL_PKEY_RSA_SIGN].privatekey);
+ else if (c->pkeys[SSL_PKEY_RSA_ENC].privatekey != NULL)
+ return(c->pkeys[SSL_PKEY_RSA_ENC].privatekey);
+ else
+ return(NULL);
+ }
+ else /* if (alg & SSL_aNULL) */
+ {
+ SSLerr(SSL_F_SSL_GET_SIGN_PKEY,SSL_R_INTERNAL_ERROR);
+ return(NULL);
+ }
+ }
+
+void ssl_update_cache(s,mode)
+SSL *s;
+int mode;
+ {
+ int i;
+
+ /* If the session_id_length is 0, we are not supposed to cache it,
+ * and it would be rather hard to do anyway :-) */
+ if (s->session->session_id_length == 0) return;
+
+ if ((s->ctx->session_cache_mode & mode)
+ && (!s->hit)
+ && SSL_CTX_add_session(s->ctx,s->session)
+ && (s->ctx->new_session_cb != NULL))
+ {
+ CRYPTO_add(&s->session->references,1,CRYPTO_LOCK_SSL_SESSION);
+ if (!s->ctx->new_session_cb(s,s->session))
+ SSL_SESSION_free(s->session);
+ }
+
+ /* auto flush every 255 connections */
+ i=s->ctx->session_cache_mode;
+ if ((!(i & SSL_SESS_CACHE_NO_AUTO_CLEAR)) &&
+ ((i & mode) == mode))
+ {
+ if ( (((mode & SSL_SESS_CACHE_CLIENT)
+ ?s->ctx->sess_connect_good
+ :s->ctx->sess_accept_good) & 0xff) == 0xff)
+ {
+ SSL_CTX_flush_sessions(s->ctx,time(NULL));
+ }
+ }
+ }
+
+SSL_METHOD *SSL_get_ssl_method(s)
+SSL *s;
+ {
+ return(s->method);
+ }
+
+int SSL_set_ssl_method(s,meth)
+SSL *s;
+SSL_METHOD *meth;
+ {
+ int conn= -1;
+ int ret=1;
+
+ if (s->method != meth)
+ {
+ if (s->handshake_func != NULL)
+ conn=(s->handshake_func == s->method->ssl_connect);
+
+ if (s->method->version == meth->version)
+ s->method=meth;
+ else
+ {
+ s->method->ssl_free(s);
+ s->method=meth;
+ ret=s->method->ssl_new(s);
+ }
+
+ if (conn == 1)
+ s->handshake_func=meth->ssl_connect;
+ else if (conn == 0)
+ s->handshake_func=meth->ssl_accept;
+ }
+ return(ret);
+ }
+
+int SSL_get_error(s,i)
+SSL *s;
+int i;
+ {
+ int reason;
+ BIO *bio;
+
+ if (i > 0) return(SSL_ERROR_NONE);
+
+ if (ERR_peek_error() != 0)
+ return(SSL_ERROR_SSL);
+
+ if ((i < 0) && SSL_want_read(s))
+ {
+ bio=SSL_get_rbio(s);
+ if (BIO_should_read(bio))
+ return(SSL_ERROR_WANT_READ);
+ else if (BIO_should_write(bio))
+ return(SSL_ERROR_WANT_WRITE);
+ else if (BIO_should_io_special(bio))
+ {
+ reason=BIO_get_retry_reason(bio);
+ if (reason == BIO_RR_CONNECT)
+ return(SSL_ERROR_WANT_CONNECT);
+ else
+ return(SSL_ERROR_SYSCALL); /* unknown */
+ }
+ }
+
+ if ((i < 0) && SSL_want_write(s))
+ {
+ bio=SSL_get_wbio(s);
+ if (BIO_should_write(bio))
+ return(SSL_ERROR_WANT_WRITE);
+ else if (BIO_should_read(bio))
+ return(SSL_ERROR_WANT_READ);
+ else if (BIO_should_io_special(bio))
+ {
+ reason=BIO_get_retry_reason(bio);
+ if (reason == BIO_RR_CONNECT)
+ return(SSL_ERROR_WANT_CONNECT);
+ else
+ return(SSL_ERROR_SYSCALL);
+ }
+ }
+ if ((i < 0) && SSL_want_x509_lookup(s))
+ {
+ return(SSL_ERROR_WANT_X509_LOOKUP);
+ }
+
+ if (i == 0)
+ {
+ if (s->version == SSL2_VERSION)
+ {
+ /* assume it is the socket being closed */
+ return(SSL_ERROR_ZERO_RETURN);
+ }
+ else
+ {
+ if ((s->shutdown & SSL_RECEIVED_SHUTDOWN) &&
+ (s->s3->warn_alert == SSL_AD_CLOSE_NOTIFY))
+ return(SSL_ERROR_ZERO_RETURN);
+ }
+ }
+ return(SSL_ERROR_SYSCALL);
+ }
+
+int SSL_do_handshake(s)
+SSL *s;
+ {
+ int ret=1;
+
+ if (s->handshake_func == NULL)
+ {
+ SSLerr(SSL_F_SSL_DO_HANDSHAKE,SSL_R_CONNECTION_TYPE_NOT_SET);
+ return(-1);
+ }
+ if (s->s3->renegotiate) ssl3_renegotiate_check(s);
+ if (SSL_in_init(s) || SSL_in_before(s))
+ {
+ ret=s->handshake_func(s);
+ }
+ return(ret);
+ }
+
+/* For the next 2 functions, SSL_clear() sets shutdown and so
+ * one of these calls will reset it */
+void SSL_set_accept_state(s)
+SSL *s;
+ {
+ s->shutdown=0;
+ s->state=SSL_ST_ACCEPT|SSL_ST_BEFORE;
+ s->handshake_func=s->method->ssl_accept;
+ /* clear the current cipher */
+ ssl_clear_cipher_ctx(s);
+ }
+
+void SSL_set_connect_state(s)
+SSL *s;
+ {
+ s->shutdown=0;
+ s->state=SSL_ST_CONNECT|SSL_ST_BEFORE;
+ s->handshake_func=s->method->ssl_connect;
+ /* clear the current cipher */
+ ssl_clear_cipher_ctx(s);
+ }
+
+int ssl_undefined_function(s)
+SSL *s;
+ {
+ SSLerr(SSL_F_SSL_UNDEFINED_FUNCTION,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ return(0);
+ }
+
+SSL_METHOD *ssl_bad_method(ver)
+int ver;
+ {
+ SSLerr(SSL_F_SSL_BAD_METHOD,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ return(NULL);
+ }
+
+char *SSL_get_version(s)
+SSL *s;
+ {
+ if (s->version == TLS1_VERSION)
+ return("TLSv1");
+ else if (s->version == SSL3_VERSION)
+ return("SSLv3");
+ else if (s->version == SSL2_VERSION)
+ return("SSLv2");
+ else
+ return("unknown");
+ }
+
+SSL *SSL_dup(s)
+SSL *s;
+ {
+ STACK *sk;
+ X509_NAME *xn;
+ SSL *ret;
+ int i;
+
+ if ((ret=SSL_new(SSL_get_SSL_CTX(s))) == NULL) return(NULL);
+
+ /* This copies version, session-id, SSL_METHOD and 'cert' */
+ SSL_copy_session_id(ret,s);
+
+ SSL_set_read_ahead(ret,SSL_get_read_ahead(s));
+ SSL_set_verify(ret,SSL_get_verify_mode(s),
+ SSL_get_verify_callback(s));
+
+ SSL_set_info_callback(ret,SSL_get_info_callback(s));
+
+ ret->debug=s->debug;
+ ret->options=s->options;
+
+ /* copy app data, a little dangerous perhaps */
+ if (!CRYPTO_dup_ex_data(ssl_meth,&ret->ex_data,&s->ex_data))
+ goto err;
+
+ /* setup rbio, and wbio */
+ if (s->rbio != NULL)
+ {
+ if (!BIO_dup_state(s->rbio,(char *)&ret->rbio))
+ goto err;
+ }
+ if (s->wbio != NULL)
+ {
+ if (s->wbio != s->rbio)
+ {
+ if (!BIO_dup_state(s->wbio,(char *)&ret->wbio))
+ goto err;
+ }
+ else
+ ret->wbio=ret->rbio;
+ }
+
+ /* dup the cipher_list and cipher_list_by_id stacks */
+ if (s->cipher_list != NULL)
+ {
+ if ((ret->cipher_list=sk_dup(s->cipher_list)) == NULL)
+ goto err;
+ }
+ if (s->cipher_list_by_id != NULL)
+ if ((ret->cipher_list_by_id=sk_dup(s->cipher_list_by_id))
+ == NULL)
+ goto err;
+
+ /* Dup the client_CA list */
+ if (s->client_CA != NULL)
+ {
+ if ((sk=sk_dup(s->client_CA)) == NULL) goto err;
+ ret->client_CA=sk;
+ for (i=0; i<sk_num(sk); i++)
+ {
+ xn=(X509_NAME *)sk_value(sk,i);
+ if ((sk_value(sk,i)=(char *)X509_NAME_dup(xn)) == NULL)
+ {
+ X509_NAME_free(xn);
+ goto err;
+ }
+ }
+ }
+
+ ret->shutdown=s->shutdown;
+ ret->state=s->state;
+ ret->handshake_func=s->handshake_func;
+
+ if (0)
+ {
+err:
+ if (ret != NULL) SSL_free(ret);
+ ret=NULL;
+ }
+ return(ret);
+ }
+
+void ssl_clear_cipher_ctx(s)
+SSL *s;
+ {
+ if (s->enc_read_ctx != NULL)
+ {
+ EVP_CIPHER_CTX_cleanup(s->enc_read_ctx);
+ Free(s->enc_read_ctx);
+ s->enc_read_ctx=NULL;
+ }
+ if (s->enc_write_ctx != NULL)
+ {
+ EVP_CIPHER_CTX_cleanup(s->enc_write_ctx);
+ Free(s->enc_write_ctx);
+ s->enc_write_ctx=NULL;
+ }
+ }
+
+/* Fix this function so that it takes an optional type parameter */
+X509 *SSL_get_certificate(s)
+SSL *s;
+ {
+ if (s->cert != NULL)
+ return(s->cert->key->x509);
+ else
+ return(NULL);
+ }
+
+/* Fix this function so that it takes an optional type parameter */
+EVP_PKEY *SSL_get_privatekey(s)
+SSL *s;
+ {
+ if (s->cert != NULL)
+ return(s->cert->key->privatekey);
+ else
+ return(NULL);
+ }
+
+SSL_CIPHER *SSL_get_current_cipher(s)
+SSL *s;
+ {
+ if ((s->session != NULL) && (s->session->cipher != NULL))
+ return(s->session->cipher);
+ return(NULL);
+ }
+
+int ssl_init_wbio_buffer(s,push)
+SSL *s;
+int push;
+ {
+ BIO *bbio;
+
+ if (s->bbio == NULL)
+ {
+ bbio=BIO_new(BIO_f_buffer());
+ if (bbio == NULL) return(0);
+ s->bbio=bbio;
+ }
+ else
+ {
+ bbio=s->bbio;
+ if (s->bbio == s->wbio)
+ s->wbio=BIO_pop(s->wbio);
+ }
+ BIO_reset(bbio);
+/* if (!BIO_set_write_buffer_size(bbio,16*1024)) */
+ if (!BIO_set_read_buffer_size(bbio,1))
+ {
+ SSLerr(SSL_F_SSL_INIT_WBIO_BUFFER,ERR_R_BUF_LIB);
+ return(0);
+ }
+ if (push)
+ {
+ if (s->wbio != bbio)
+ s->wbio=BIO_push(bbio,s->wbio);
+ }
+ else
+ {
+ if (s->wbio == bbio)
+ s->wbio=BIO_pop(bbio);
+ }
+ return(1);
+ }
+
+void SSL_CTX_set_quiet_shutdown(ctx,mode)
+SSL_CTX *ctx;
+int mode;
+ {
+ ctx->quiet_shutdown=mode;
+ }
+
+int SSL_CTX_get_quiet_shutdown(ctx)
+SSL_CTX *ctx;
+ {
+ return(ctx->quiet_shutdown);
+ }
+
+void SSL_set_quiet_shutdown(s,mode)
+SSL *s;
+int mode;
+ {
+ s->quiet_shutdown=mode;
+ }
+
+int SSL_get_quiet_shutdown(s)
+SSL *s;
+ {
+ return(s->quiet_shutdown);
+ }
+
+void SSL_set_shutdown(s,mode)
+SSL *s;
+int mode;
+ {
+ s->shutdown=mode;
+ }
+
+int SSL_get_shutdown(s)
+SSL *s;
+ {
+ return(s->shutdown);
+ }
+
+int SSL_version(s)
+SSL *s;
+ {
+ return(s->version);
+ }
+
+SSL_CTX *SSL_get_SSL_CTX(ssl)
+SSL *ssl;
+ {
+ return(ssl->ctx);
+ }
+
+int SSL_CTX_set_default_verify_paths(ctx)
+SSL_CTX *ctx;
+ {
+ return(X509_STORE_set_default_paths(ctx->cert_store));
+ }
+
+int SSL_CTX_load_verify_locations(ctx,CAfile,CApath)
+SSL_CTX *ctx;
+char *CAfile;
+char *CApath;
+ {
+ return(X509_STORE_load_locations(ctx->cert_store,CAfile,CApath));
+ }
+
+void SSL_set_info_callback(ssl,cb)
+SSL *ssl;
+void (*cb)();
+ {
+ ssl->info_callback=cb;
+ }
+
+void (*SSL_get_info_callback(ssl))()
+SSL *ssl;
+ {
+ return(ssl->info_callback);
+ }
+
+int SSL_state(ssl)
+SSL *ssl;
+ {
+ return(ssl->state);
+ }
+
+void SSL_set_verify_result(ssl,arg)
+SSL *ssl;
+long arg;
+ {
+ ssl->verify_result=arg;
+ }
+
+long SSL_get_verify_result(ssl)
+SSL *ssl;
+ {
+ return(ssl->verify_result);
+ }
+
+int SSL_get_ex_new_index(argl,argp,new_func,dup_func,free_func)
+long argl;
+char *argp;
+int (*new_func)();
+int (*dup_func)();
+void (*free_func)();
+ {
+ ssl_meth_num++;
+ return(CRYPTO_get_ex_new_index(ssl_meth_num-1,
+ &ssl_meth,argl,argp,new_func,dup_func,free_func));
+ }
+
+int SSL_set_ex_data(s,idx,arg)
+SSL *s;
+int idx;
+char *arg;
+ {
+ return(CRYPTO_set_ex_data(&s->ex_data,idx,arg));
+ }
+
+char *SSL_get_ex_data(s,idx)
+SSL *s;
+int idx;
+ {
+ return(CRYPTO_get_ex_data(&s->ex_data,idx));
+ }
+
+int SSL_CTX_get_ex_new_index(argl,argp,new_func,dup_func,free_func)
+long argl;
+char *argp;
+int (*new_func)();
+int (*dup_func)();
+void (*free_func)();
+ {
+ ssl_ctx_meth_num++;
+ return(CRYPTO_get_ex_new_index(ssl_ctx_meth_num-1,
+ &ssl_ctx_meth,argl,argp,new_func,dup_func,free_func));
+ }
+
+int SSL_CTX_set_ex_data(s,idx,arg)
+SSL_CTX *s;
+int idx;
+char *arg;
+ {
+ return(CRYPTO_set_ex_data(&s->ex_data,idx,arg));
+ }
+
+char *SSL_CTX_get_ex_data(s,idx)
+SSL_CTX *s;
+int idx;
+ {
+ return(CRYPTO_get_ex_data(&s->ex_data,idx));
+ }
+
+#if defined(_WINDLL) && defined(WIN16)
+#include "../crypto/bio/bss_file.c"
+#endif
+
diff --git a/src/lib/libssl/src/ssl/ssl_locl.h b/src/lib/libssl/src/ssl/ssl_locl.h
new file mode 100644
index 0000000000..b29517081b
--- /dev/null
+++ b/src/lib/libssl/src/ssl/ssl_locl.h
@@ -0,0 +1,558 @@
+/* ssl/ssl_locl.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_SSL_LOCL_H
+#define HEADER_SSL_LOCL_H
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+
+#include "e_os.h"
+
+#include "buffer.h"
+#include "bio.h"
+#include "crypto.h"
+#include "evp.h"
+#include "stack.h"
+#include "x509.h"
+#include "err.h"
+#include "ssl.h"
+
+
+#define c2l(c,l) (l = ((unsigned long)(*((c)++))) , \
+ l|=(((unsigned long)(*((c)++)))<< 8), \
+ l|=(((unsigned long)(*((c)++)))<<16), \
+ l|=(((unsigned long)(*((c)++)))<<24))
+
+/* NOTE - c is not incremented as per c2l */
+#define c2ln(c,l1,l2,n) { \
+ c+=n; \
+ l1=l2=0; \
+ switch (n) { \
+ case 8: l2 =((unsigned long)(*(--(c))))<<24; \
+ case 7: l2|=((unsigned long)(*(--(c))))<<16; \
+ case 6: l2|=((unsigned long)(*(--(c))))<< 8; \
+ case 5: l2|=((unsigned long)(*(--(c)))); \
+ case 4: l1 =((unsigned long)(*(--(c))))<<24; \
+ case 3: l1|=((unsigned long)(*(--(c))))<<16; \
+ case 2: l1|=((unsigned long)(*(--(c))))<< 8; \
+ case 1: l1|=((unsigned long)(*(--(c)))); \
+ } \
+ }
+
+#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>16)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>24)&0xff))
+
+#define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24, \
+ l|=((unsigned long)(*((c)++)))<<16, \
+ l|=((unsigned long)(*((c)++)))<< 8, \
+ l|=((unsigned long)(*((c)++))))
+
+#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>16)&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
+ *((c)++)=(unsigned char)(((l) )&0xff))
+
+/* NOTE - c is not incremented as per l2c */
+#define l2cn(l1,l2,c,n) { \
+ c+=n; \
+ switch (n) { \
+ case 8: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
+ case 7: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
+ case 6: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
+ case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
+ case 4: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
+ case 3: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
+ case 2: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
+ case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
+ } \
+ }
+
+#define n2s(c,s) (s =((unsigned int)(*((c)++)))<< 8, \
+ s|=((unsigned int)(*((c)++))))
+#define s2n(s,c) (*((c)++)=(unsigned char)(((s)>> 8)&0xff), \
+ *((c)++)=(unsigned char)(((s) )&0xff))
+
+#define n2l3(c,l) (l =((unsigned long)(*((c)++)))<<16, \
+ l|=((unsigned long)(*((c)++)))<< 8, \
+ l|=((unsigned long)(*((c)++))))
+
+#define l2n3(l,c) (*((c)++)=(unsigned char)(((l)>>16)&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
+ *((c)++)=(unsigned char)(((l) )&0xff))
+
+/* LOCAL STUFF */
+
+#define SSL_DECRYPT 0
+#define SSL_ENCRYPT 1
+
+#define TWO_BYTE_BIT 0x80
+#define SEC_ESC_BIT 0x40
+#define TWO_BYTE_MASK 0x7fff
+#define THREE_BYTE_MASK 0x3fff
+
+#define INC32(a) ((a)=((a)+1)&0xffffffffL)
+#define DEC32(a) ((a)=((a)-1)&0xffffffffL)
+#define MAX_MAC_SIZE 20 /* up from 16 for SSLv3 */
+
+#define SSL_MKEY_MASK 0x0000001FL
+#define SSL_kRSA 0x00000001L /* RSA key exchange */
+#define SSL_kDHr 0x00000002L /* DH cert RSA CA cert */
+#define SSL_kDHd 0x00000004L /* DH cert DSA CA cert */
+#define SSL_kFZA 0x00000008L
+#define SSL_kEDH 0x00000010L /* tmp DH key no DH cert */
+#define SSL_EDH (SSL_kEDH|(SSL_AUTH_MASK^SSL_aNULL))
+
+#define SSL_AUTH_MASK 0x000003e0L
+#define SSL_aRSA 0x00000020L /* Authenticate with RSA */
+#define SSL_aDSS 0x00000040L /* Authenticate with DSS */
+#define SSL_DSS SSL_aDSS
+#define SSL_aFZA 0x00000080L
+#define SSL_aNULL 0x00000100L /* no Authenticate, ADH */
+#define SSL_aDH 0x00000200L /* no Authenticate, ADH */
+
+#define SSL_NULL (SSL_eNULL)
+#define SSL_ADH (SSL_kEDH|SSL_aNULL)
+#define SSL_RSA (SSL_kRSA|SSL_aRSA)
+#define SSL_DH (SSL_kDHr|SSL_kDHd|SSL_kEDH)
+#define SSL_FZA (SSL_aFZA|SSL_kFZA|SSL_eFZA)
+
+#define SSL_ENC_MASK 0x0001Fc00L
+#define SSL_DES 0x00000400L
+#define SSL_3DES 0x00000800L
+#define SSL_RC4 0x00001000L
+#define SSL_RC2 0x00002000L
+#define SSL_IDEA 0x00004000L
+#define SSL_eFZA 0x00008000L
+#define SSL_eNULL 0x00010000L
+
+#define SSL_MAC_MASK 0x00060000L
+#define SSL_MD5 0x00020000L
+#define SSL_SHA1 0x00040000L
+#define SSL_SHA (SSL_SHA1)
+
+#define SSL_EXP_MASK 0x00300000L
+#define SSL_EXP 0x00100000L
+#define SSL_NOT_EXP 0x00200000L
+#define SSL_EXPORT SSL_EXP
+
+#define SSL_SSL_MASK 0x00c00000L
+#define SSL_SSLV2 0x00400000L
+#define SSL_SSLV3 0x00800000L
+
+#define SSL_STRONG_MASK 0x07000000L
+#define SSL_LOW 0x01000000L
+#define SSL_MEDIUM 0x02000000L
+#define SSL_HIGH 0x04000000L
+
+/* we have used 0fffffff - 4 bits left to go */
+#define SSL_ALL 0xffffffffL
+#define SSL_ALL_CIPHERS (SSL_MKEY_MASK|SSL_AUTH_MASK|SSL_ENC_MASK|\
+ SSL_MAC_MASK|SSL_EXP_MASK)
+
+/* Mostly for SSLv3 */
+#define SSL_PKEY_RSA_ENC 0
+#define SSL_PKEY_RSA_SIGN 1
+#define SSL_PKEY_DSA_SIGN 2
+#define SSL_PKEY_DH_RSA 3
+#define SSL_PKEY_DH_DSA 4
+#define SSL_PKEY_NUM 5
+
+/* SSL_kRSA <- RSA_ENC | (RSA_TMP & RSA_SIGN) |
+ * <- (EXPORT & (RSA_ENC | RSA_TMP) & RSA_SIGN)
+ * SSL_kDH <- DH_ENC & (RSA_ENC | RSA_SIGN | DSA_SIGN)
+ * SSL_kEDH <- RSA_ENC | RSA_SIGN | DSA_SIGN
+ * SSL_aRSA <- RSA_ENC | RSA_SIGN
+ * SSL_aDSS <- DSA_SIGN
+ */
+
+/*
+#define CERT_INVALID 0
+#define CERT_PUBLIC_KEY 1
+#define CERT_PRIVATE_KEY 2
+*/
+
+typedef struct cert_pkey_st
+ {
+ X509 *x509;
+/* EVP_PKEY *publickey; *//* when extracted */
+ EVP_PKEY *privatekey;
+ } CERT_PKEY;
+
+typedef struct cert_st
+ {
+ int cert_type;
+
+#ifdef undef
+ X509 *x509;
+ EVP_PKEY *publickey; /* when extracted */
+ EVP_PKEY *privatekey;
+
+ pkeys[SSL_PKEY_RSA_ENC].x509
+/* pkeys[SSL_PKEY_RSA_ENC].publickey */
+ pkeys[SSL_PKEY_RSA_ENC].privatekey
+#endif
+
+ /* Current active set */
+ CERT_PKEY *key;
+
+ /* The following masks are for the key and auth
+ * algorithms that are supported by the certs below */
+ int valid;
+ unsigned long mask;
+ unsigned long export_mask;
+
+ RSA *rsa_tmp;
+ DH *dh_tmp;
+ RSA *(*rsa_tmp_cb)();
+ DH *(*dh_tmp_cb)();
+ CERT_PKEY pkeys[SSL_PKEY_NUM];
+
+ STACK *cert_chain;
+
+ int references;
+ } CERT;
+
+/*#define MAC_DEBUG */
+
+/*#define ERR_DEBUG */
+/*#define ABORT_DEBUG */
+/*#define PKT_DEBUG 1 */
+/*#define DES_DEBUG */
+/*#define DES_OFB_DEBUG */
+/*#define SSL_DEBUG */
+/*#define RSA_DEBUG */
+/*#define IDEA_DEBUG */
+
+#ifndef NOPROTO
+#define FP_ICC (int (*)(const void *,const void *))
+#else
+#define FP_ICC
+#endif
+
+#define ssl_put_cipher_by_char(ssl,ciph,ptr) \
+ ((ssl)->method->put_cipher_by_char((ciph),(ptr)))
+#define ssl_get_cipher_by_char(ssl,ptr) \
+ ((ssl)->method->get_cipher_by_char(ptr))
+
+/* This is for the SSLv3/TLSv1.0 differences in crypto/hash stuff
+ * It is a bit of a mess of functions, but hell, think of it as
+ * an opaque strucute :-) */
+typedef struct ssl3_enc_method
+ {
+ int (*enc)();
+ int (*mac)();
+ int (*setup_key_block)();
+ int (*generate_master_secret)();
+ int (*change_cipher_state)();
+ int (*final_finish_mac)();
+ int finish_mac_length;
+ int (*cert_verify_mac)();
+ unsigned char client_finished[20];
+ int client_finished_len;
+ unsigned char server_finished[20];
+ int server_finished_len;
+ int (*alert_value)();
+ } SSL3_ENC_METHOD;
+
+extern SSL3_ENC_METHOD ssl3_undef_enc_method;
+extern SSL_CIPHER ssl2_ciphers[];
+extern SSL_CIPHER ssl3_ciphers[];
+
+#ifndef NOPROTO
+
+SSL_METHOD *ssl_bad_method(int ver);
+SSL_METHOD *sslv2_base_method(void);
+SSL_METHOD *sslv23_base_method(void);
+SSL_METHOD *sslv3_base_method(void);
+
+void ssl_clear_cipher_ctx(SSL *s);
+int ssl_clear_bad_session(SSL *s);
+CERT *ssl_cert_new(void);
+void ssl_cert_free(CERT *c);
+int ssl_set_cert_type(CERT *c, int type);
+int ssl_get_new_session(SSL *s, int session);
+int ssl_get_prev_session(SSL *s, unsigned char *session,int len);
+int ssl_cipher_id_cmp(SSL_CIPHER *a,SSL_CIPHER *b);
+int ssl_cipher_ptr_id_cmp(SSL_CIPHER **ap,SSL_CIPHER **bp);
+STACK *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num,STACK **skp);
+int ssl_cipher_list_to_bytes(SSL *s,STACK *sk,unsigned char *p);
+STACK *ssl_create_cipher_list(SSL_METHOD *meth,STACK **pref,
+ STACK **sorted,char *str);
+void ssl_update_cache(SSL *s, int mode);
+int ssl_cipher_get_evp(SSL_CIPHER *c, EVP_CIPHER **enc, EVP_MD **md);
+int ssl_verify_cert_chain(SSL *s,STACK *sk);
+int ssl_undefined_function(SSL *s);
+X509 *ssl_get_server_send_cert(SSL *);
+EVP_PKEY *ssl_get_sign_pkey(SSL *,SSL_CIPHER *);
+int ssl_cert_type(X509 *x,EVP_PKEY *pkey);
+void ssl_set_cert_masks(CERT *c);
+STACK *ssl_get_ciphers_by_id(SSL *s);
+int ssl_verify_alarm_type(long type);
+
+int ssl2_enc_init(SSL *s, int client);
+void ssl2_generate_key_material(SSL *s);
+void ssl2_enc(SSL *s,int send_data);
+void ssl2_mac(SSL *s,unsigned char *mac,int send_data);
+SSL_CIPHER *ssl2_get_cipher_by_char(unsigned char *p);
+int ssl2_put_cipher_by_char(SSL_CIPHER *c,unsigned char *p);
+int ssl2_part_read(SSL *s, unsigned long f, int i);
+int ssl2_do_write(SSL *s);
+int ssl2_set_certificate(SSL *s, int type, int len, unsigned char *data);
+void ssl2_return_error(SSL *s,int reason);
+void ssl2_write_error(SSL *s);
+int ssl2_num_ciphers(void);
+SSL_CIPHER *ssl2_get_cipher(unsigned int u);
+int ssl2_new(SSL *s);
+void ssl2_free(SSL *s);
+int ssl2_accept(SSL *s);
+int ssl2_connect(SSL *s);
+int ssl2_read(SSL *s, char *buf, int len);
+int ssl2_peek(SSL *s, char *buf, int len);
+int ssl2_write(SSL *s, char *buf, int len);
+int ssl2_shutdown(SSL *s);
+void ssl2_clear(SSL *s);
+long ssl2_ctrl(SSL *s,int cmd, long larg, char *parg);
+long ssl2_ctx_ctrl(SSL_CTX *s,int cmd, long larg, char *parg);
+int ssl2_pending(SSL *s);
+
+SSL_CIPHER *ssl3_get_cipher_by_char(unsigned char *p);
+int ssl3_put_cipher_by_char(SSL_CIPHER *c,unsigned char *p);
+void ssl3_init_finished_mac(SSL *s);
+int ssl3_send_server_certificate(SSL *s);
+int ssl3_get_finished(SSL *s,int state_a,int state_b);
+int ssl3_setup_key_block(SSL *s);
+int ssl3_send_change_cipher_spec(SSL *s,int state_a,int state_b);
+int ssl3_change_cipher_state(SSL *s,int which);
+void ssl3_cleanup_key_block(SSL *s);
+int ssl3_do_write(SSL *s,int type);
+void ssl3_send_alert(SSL *s,int level, int desc);
+int ssl3_generate_master_secret(SSL *s, unsigned char *out,
+ unsigned char *p, int len);
+int ssl3_get_req_cert_type(SSL *s,unsigned char *p);
+long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok);
+int ssl3_send_finished(SSL *s, int a, int b, unsigned char *sender,int slen);
+int ssl3_num_ciphers(void);
+SSL_CIPHER *ssl3_get_cipher(unsigned int u);
+int ssl3_renegotiate(SSL *ssl);
+int ssl3_renegotiate_check(SSL *ssl);
+int ssl3_dispatch_alert(SSL *s);
+int ssl3_read_bytes(SSL *s, int type, char *buf, int len);
+int ssl3_part_read(SSL *s, int i);
+int ssl3_write_bytes(SSL *s, int type, char *buf, int len);
+int ssl3_final_finish_mac(SSL *s, EVP_MD_CTX *ctx1,EVP_MD_CTX *ctx2,
+ unsigned char *sender, int slen,unsigned char *p);
+int ssl3_cert_verify_mac(SSL *s, EVP_MD_CTX *in, unsigned char *p);
+void ssl3_finish_mac(SSL *s, unsigned char *buf, int len);
+int ssl3_enc(SSL *s, int send_data);
+int ssl3_mac(SSL *ssl, unsigned char *md, int send_data);
+unsigned long ssl3_output_cert_chain(SSL *s, X509 *x);
+SSL_CIPHER *ssl3_choose_cipher(SSL *ssl,STACK *have,STACK *pref);
+int ssl3_setup_buffers(SSL *s);
+int ssl3_new(SSL *s);
+void ssl3_free(SSL *s);
+int ssl3_accept(SSL *s);
+int ssl3_connect(SSL *s);
+int ssl3_read(SSL *s, char *buf, int len);
+int ssl3_peek(SSL *s,char *buf, int len);
+int ssl3_write(SSL *s, char *buf, int len);
+int ssl3_shutdown(SSL *s);
+void ssl3_clear(SSL *s);
+long ssl3_ctrl(SSL *s,int cmd, long larg, char *parg);
+long ssl3_ctx_ctrl(SSL_CTX *s,int cmd, long larg, char *parg);
+int ssl3_pending(SSL *s);
+
+int ssl23_accept(SSL *s);
+int ssl23_connect(SSL *s);
+int ssl23_read_bytes(SSL *s, int n);
+int ssl23_write_bytes(SSL *s);
+
+int tls1_new(SSL *s);
+void tls1_free(SSL *s);
+void tls1_clear(SSL *s);
+long tls1_ctrl(SSL *s,int cmd, long larg, char *parg);
+SSL_METHOD *tlsv1_base_method(void );
+
+
+int ssl_init_wbio_buffer(SSL *s, int push);
+
+int tls1_change_cipher_state(SSL *s, int which);
+int tls1_setup_key_block(SSL *s);
+int tls1_enc(SSL *s, int snd);
+int tls1_final_finish_mac(SSL *s, EVP_MD_CTX *in1_ctx, EVP_MD_CTX *in2_ctx,
+ unsigned char *str, int slen, unsigned char *p);
+int tls1_cert_verify_mac(SSL *s, EVP_MD_CTX *in, unsigned char *p);
+int tls1_mac(SSL *ssl, unsigned char *md, int snd);
+int tls1_generate_master_secret(SSL *s, unsigned char *out,
+ unsigned char *p, int len);
+int tls1_alert_code(int code);
+int ssl3_alert_code(int code);
+
+
+#else
+
+SSL_METHOD *ssl_bad_method();
+SSL_METHOD *sslv2_base_method();
+SSL_METHOD *sslv23_base_method();
+SSL_METHOD *sslv3_base_method();
+
+void ssl_clear_cipher_ctx();
+int ssl_clear_bad_session();
+CERT *ssl_cert_new();
+void ssl_cert_free();
+int ssl_set_cert_type();
+int ssl_get_new_session();
+int ssl_get_prev_session();
+int ssl_cipher_id_cmp();
+int ssl_cipher_ptr_id_cmp();
+STACK *ssl_bytes_to_cipher_list();
+int ssl_cipher_list_to_bytes();
+STACK *ssl_create_cipher_list();
+void ssl_update_cache();
+int ssl_session_get_ciphers();
+int ssl_verify_cert_chain();
+int ssl_undefined_function();
+X509 *ssl_get_server_send_cert();
+EVP_PKEY *ssl_get_sign_pkey();
+int ssl_cert_type();
+void ssl_set_cert_masks();
+STACK *ssl_get_ciphers_by_id();
+int ssl_verify_alarm_type();
+
+int ssl2_enc_init();
+void ssl2_generate_key_material();
+void ssl2_enc();
+void ssl2_mac();
+SSL_CIPHER *ssl2_get_cipher_by_char();
+int ssl2_put_cipher_by_char();
+int ssl2_part_read();
+int ssl2_do_write();
+int ssl2_set_certificate();
+void ssl2_return_error();
+void ssl2_write_error();
+int ssl2_num_ciphers();
+SSL_CIPHER *ssl2_get_cipher();
+int ssl2_new();
+void ssl2_free();
+int ssl2_accept();
+int ssl2_connect();
+int ssl2_read();
+int ssl2_peek();
+int ssl2_write();
+int ssl2_shutdown();
+void ssl2_clear();
+long ssl2_ctrl();
+long ssl2_ctx_ctrl();
+int ssl2_pending();
+
+SSL_CIPHER *ssl3_get_cipher_by_char();
+int ssl3_put_cipher_by_char();
+void ssl3_init_finished_mac();
+int ssl3_send_server_certificate();
+int ssl3_get_finished();
+int ssl3_setup_key_block();
+int ssl3_send_change_cipher_spec();
+int ssl3_change_cipher_state();
+void ssl3_cleanup_key_block();
+int ssl3_do_write();
+void ssl3_send_alert();
+int ssl3_generate_master_secret();
+int ssl3_get_req_cert_type();
+long ssl3_get_message();
+int ssl3_send_finished();
+int ssl3_num_ciphers();
+SSL_CIPHER *ssl3_get_cipher();
+int ssl3_renegotiate();
+int ssl3_renegotiate_check();
+int ssl3_dispatch_alert();
+int ssl3_read_bytes();
+int ssl3_part_read();
+int ssl3_write_bytes();
+int ssl3_final_finish_mac();
+void ssl3_finish_mac();
+int ssl3_enc();
+int ssl3_mac();
+unsigned long ssl3_output_cert_chain();
+SSL_CIPHER *ssl3_choose_cipher();
+int ssl3_setup_buffers();
+int ssl3_new();
+void ssl3_free();
+int ssl3_accept();
+int ssl3_connect();
+int ssl3_read();
+int ssl3_peek();
+int ssl3_write();
+int ssl3_shutdown();
+void ssl3_clear();
+long ssl3_ctrl();
+long ssl3_ctx_ctrl();
+int ssl3_pending();
+
+int ssl23_accept();
+int ssl23_connect();
+int ssl23_read_bytes();
+int ssl23_write_bytes();
+
+int ssl_init_wbio_buffer();
+
+#endif
+
+#endif
diff --git a/src/lib/libssl/src/ssl/ssl_rsa.c b/src/lib/libssl/src/ssl/ssl_rsa.c
new file mode 100644
index 0000000000..140475e5fb
--- /dev/null
+++ b/src/lib/libssl/src/ssl/ssl_rsa.c
@@ -0,0 +1,831 @@
+/* ssl/ssl_rsa.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "bio.h"
+#include "objects.h"
+#include "evp.h"
+#include "x509.h"
+#include "pem.h"
+#include "ssl_locl.h"
+
+#ifndef NOPROTO
+static int ssl_set_cert(CERT *c, X509 *x509);
+static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey);
+#else
+static int ssl_set_cert();
+static int ssl_set_pkey();
+#endif
+
+int SSL_use_certificate(ssl, x)
+SSL *ssl;
+X509 *x;
+ {
+ CERT *c;
+
+ if (x == NULL)
+ {
+ SSLerr(SSL_F_SSL_USE_CERTIFICATE,ERR_R_PASSED_NULL_PARAMETER);
+ return(0);
+ }
+ if ((ssl->cert == NULL) || (ssl->cert == ssl->ctx->default_cert))
+ {
+ c=ssl_cert_new();
+ if (c == NULL)
+ {
+ SSLerr(SSL_F_SSL_USE_CERTIFICATE,ERR_R_MALLOC_FAILURE);
+ return(0);
+ }
+ if (ssl->cert != NULL) ssl_cert_free(ssl->cert);
+ ssl->cert=c;
+ }
+ c=ssl->cert;
+
+ return(ssl_set_cert(c,x));
+ }
+
+#ifndef NO_STDIO
+int SSL_use_certificate_file(ssl, file, type)
+SSL *ssl;
+char *file;
+int type;
+ {
+ int j;
+ BIO *in;
+ int ret=0;
+ X509 *x=NULL;
+
+ in=BIO_new(BIO_s_file_internal());
+ if (in == NULL)
+ {
+ SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE,ERR_R_BUF_LIB);
+ goto end;
+ }
+
+ if (BIO_read_filename(in,file) <= 0)
+ {
+ SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE,ERR_R_SYS_LIB);
+ goto end;
+ }
+ if (type == SSL_FILETYPE_ASN1)
+ {
+ j=ERR_R_ASN1_LIB;
+ x=d2i_X509_bio(in,NULL);
+ }
+ else if (type == SSL_FILETYPE_PEM)
+ {
+ j=ERR_R_PEM_LIB;
+ x=PEM_read_bio_X509(in,NULL,ssl->ctx->default_passwd_callback);
+ }
+ else
+ {
+ SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE,SSL_R_BAD_SSL_FILETYPE);
+ goto end;
+ }
+
+ if (x == NULL)
+ {
+ SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE,j);
+ goto end;
+ }
+
+ ret=SSL_use_certificate(ssl,x);
+end:
+ if (x != NULL) X509_free(x);
+ if (in != NULL) BIO_free(in);
+ return(ret);
+ }
+#endif
+
+int SSL_use_certificate_ASN1(ssl, len, d)
+SSL *ssl;
+int len;
+unsigned char *d;
+ {
+ X509 *x;
+ int ret;
+
+ x=d2i_X509(NULL,&d,(long)len);
+ if (x == NULL)
+ {
+ SSLerr(SSL_F_SSL_USE_CERTIFICATE_ASN1,ERR_R_ASN1_LIB);
+ return(0);
+ }
+
+ ret=SSL_use_certificate(ssl,x);
+ X509_free(x);
+ return(ret);
+ }
+
+#ifndef NO_RSA
+int SSL_use_RSAPrivateKey(ssl, rsa)
+SSL *ssl;
+RSA *rsa;
+ {
+ CERT *c;
+ EVP_PKEY *pkey;
+ int ret;
+
+ if (rsa == NULL)
+ {
+ SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY,ERR_R_PASSED_NULL_PARAMETER);
+ return(0);
+ }
+
+ if ((ssl->cert == NULL) || (ssl->cert == ssl->ctx->default_cert))
+ {
+ c=ssl_cert_new();
+ if (c == NULL)
+ {
+ SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY,ERR_R_MALLOC_FAILURE);
+ return(0);
+ }
+ if (ssl->cert != NULL) ssl_cert_free(ssl->cert);
+ ssl->cert=c;
+ }
+ c=ssl->cert;
+ if ((pkey=EVP_PKEY_new()) == NULL)
+ {
+ SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY,ERR_R_EVP_LIB);
+ return(0);
+ }
+
+ CRYPTO_add(&rsa->references,1,CRYPTO_LOCK_RSA);
+ EVP_PKEY_assign_RSA(pkey,rsa);
+
+ ret=ssl_set_pkey(c,pkey);
+ EVP_PKEY_free(pkey);
+ return(ret);
+ }
+#endif
+
+static int ssl_set_pkey(c,pkey)
+CERT *c;
+EVP_PKEY *pkey;
+ {
+ int i,ok=0,bad=0;
+
+ i=ssl_cert_type(NULL,pkey);
+ if (i < 0)
+ {
+ SSLerr(SSL_F_SSL_SET_PKEY,SSL_R_UNKNOWN_CERTIFICATE_TYPE);
+ return(0);
+ }
+
+ if (c->pkeys[i].x509 != NULL)
+ {
+#ifndef NO_RSA
+ /* Don't check the public/private key, this is mostly
+ * for smart cards. */
+ if ((pkey->type == EVP_PKEY_RSA) &&
+ (RSA_flags(pkey->pkey.rsa) &
+ RSA_METHOD_FLAG_NO_CHECK))
+ ok=1;
+ else
+#endif
+ if (!X509_check_private_key(c->pkeys[i].x509,pkey))
+ {
+ if ((i == SSL_PKEY_DH_RSA) || (i == SSL_PKEY_DH_DSA))
+ {
+ i=(i == SSL_PKEY_DH_RSA)?
+ SSL_PKEY_DH_DSA:SSL_PKEY_DH_RSA;
+
+ if (c->pkeys[i].x509 == NULL)
+ ok=1;
+ else
+ {
+ if (!X509_check_private_key(
+ c->pkeys[i].x509,pkey))
+ bad=1;
+ else
+ ok=1;
+ }
+ }
+ else
+ bad=1;
+ }
+ else
+ ok=1;
+ }
+ else
+ ok=1;
+
+ if (bad)
+ {
+ X509_free(c->pkeys[i].x509);
+ c->pkeys[i].x509=NULL;
+ return(0);
+ }
+
+ if (c->pkeys[i].privatekey != NULL)
+ EVP_PKEY_free(c->pkeys[i].privatekey);
+ CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY);
+ c->pkeys[i].privatekey=pkey;
+ c->key= &(c->pkeys[i]);
+
+ c->valid=0;
+ return(1);
+ }
+
+#ifndef NO_RSA
+#ifndef NO_STDIO
+int SSL_use_RSAPrivateKey_file(ssl, file, type)
+SSL *ssl;
+char *file;
+int type;
+ {
+ int j,ret=0;
+ BIO *in;
+ RSA *rsa=NULL;
+
+ in=BIO_new(BIO_s_file_internal());
+ if (in == NULL)
+ {
+ SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,ERR_R_BUF_LIB);
+ goto end;
+ }
+
+ if (BIO_read_filename(in,file) <= 0)
+ {
+ SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,ERR_R_SYS_LIB);
+ goto end;
+ }
+ if (type == SSL_FILETYPE_ASN1)
+ {
+ j=ERR_R_ASN1_LIB;
+ rsa=d2i_RSAPrivateKey_bio(in,NULL);
+ }
+ else if (type == SSL_FILETYPE_PEM)
+ {
+ j=ERR_R_PEM_LIB;
+ rsa=PEM_read_bio_RSAPrivateKey(in,NULL,
+ ssl->ctx->default_passwd_callback);
+ }
+ else
+ {
+ SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE);
+ goto end;
+ }
+ if (rsa == NULL)
+ {
+ SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,j);
+ goto end;
+ }
+ ret=SSL_use_RSAPrivateKey(ssl,rsa);
+ RSA_free(rsa);
+end:
+ if (in != NULL) BIO_free(in);
+ return(ret);
+ }
+#endif
+
+int SSL_use_RSAPrivateKey_ASN1(ssl,d,len)
+SSL *ssl;
+unsigned char *d;
+long len;
+ {
+ int ret;
+ unsigned char *p;
+ RSA *rsa;
+
+ p=d;
+ if ((rsa=d2i_RSAPrivateKey(NULL,&p,(long)len)) == NULL)
+ {
+ SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1,ERR_R_ASN1_LIB);
+ return(0);
+ }
+
+ ret=SSL_use_RSAPrivateKey(ssl,rsa);
+ RSA_free(rsa);
+ return(ret);
+ }
+#endif /* !NO_RSA */
+
+int SSL_use_PrivateKey(ssl, pkey)
+SSL *ssl;
+EVP_PKEY *pkey;
+ {
+ CERT *c;
+ int ret;
+
+ if (pkey == NULL)
+ {
+ SSLerr(SSL_F_SSL_USE_PRIVATEKEY,ERR_R_PASSED_NULL_PARAMETER);
+ return(0);
+ }
+
+ if ((ssl->cert == NULL) || (ssl->cert == ssl->ctx->default_cert))
+ {
+ c=ssl_cert_new();
+ if (c == NULL)
+ {
+ SSLerr(SSL_F_SSL_USE_PRIVATEKEY,ERR_R_MALLOC_FAILURE);
+ return(0);
+ }
+ if (ssl->cert != NULL) ssl_cert_free(ssl->cert);
+ ssl->cert=c;
+ }
+ c=ssl->cert;
+
+ ret=ssl_set_pkey(c,pkey);
+ return(ret);
+ }
+
+#ifndef NO_STDIO
+int SSL_use_PrivateKey_file(ssl, file, type)
+SSL *ssl;
+char *file;
+int type;
+ {
+ int j,ret=0;
+ BIO *in;
+ EVP_PKEY *pkey=NULL;
+
+ in=BIO_new(BIO_s_file_internal());
+ if (in == NULL)
+ {
+ SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,ERR_R_BUF_LIB);
+ goto end;
+ }
+
+ if (BIO_read_filename(in,file) <= 0)
+ {
+ SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,ERR_R_SYS_LIB);
+ goto end;
+ }
+ if (type == SSL_FILETYPE_PEM)
+ {
+ j=ERR_R_PEM_LIB;
+ pkey=PEM_read_bio_PrivateKey(in,NULL,
+ ssl->ctx->default_passwd_callback);
+ }
+ else
+ {
+ SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE);
+ goto end;
+ }
+ if (pkey == NULL)
+ {
+ SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,j);
+ goto end;
+ }
+ ret=SSL_use_PrivateKey(ssl,pkey);
+ EVP_PKEY_free(pkey);
+end:
+ if (in != NULL) BIO_free(in);
+ return(ret);
+ }
+#endif
+
+int SSL_use_PrivateKey_ASN1(type,ssl,d,len)
+int type;
+SSL *ssl;
+unsigned char *d;
+long len;
+ {
+ int ret;
+ unsigned char *p;
+ EVP_PKEY *pkey;
+
+ p=d;
+ if ((pkey=d2i_PrivateKey(type,NULL,&p,(long)len)) == NULL)
+ {
+ SSLerr(SSL_F_SSL_USE_PRIVATEKEY_ASN1,ERR_R_ASN1_LIB);
+ return(0);
+ }
+
+ ret=SSL_use_PrivateKey(ssl,pkey);
+ EVP_PKEY_free(pkey);
+ return(ret);
+ }
+
+int SSL_CTX_use_certificate(ctx, x)
+SSL_CTX *ctx;
+X509 *x;
+ {
+ CERT *c;
+
+ if (x == NULL)
+ {
+ SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE,ERR_R_PASSED_NULL_PARAMETER);
+ return(0);
+ }
+
+ if (ctx->default_cert == NULL)
+ {
+ c=ssl_cert_new();
+ if (c == NULL)
+ {
+ SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE,ERR_R_MALLOC_FAILURE);
+ return(0);
+ }
+ ctx->default_cert=c;
+ }
+ c=ctx->default_cert;
+
+ return(ssl_set_cert(c,x));
+ }
+
+static int ssl_set_cert(c,x)
+CERT *c;
+X509 *x;
+ {
+ EVP_PKEY *pkey;
+ int i,ok=0,bad=0;
+
+ pkey=X509_get_pubkey(x);
+ if (pkey == NULL)
+ {
+ SSLerr(SSL_F_SSL_SET_CERT,SSL_R_X509_LIB);
+ return(0);
+ }
+
+ i=ssl_cert_type(x,pkey);
+ if (i < 0)
+ {
+ SSLerr(SSL_F_SSL_SET_CERT,SSL_R_UNKNOWN_CERTIFICATE_TYPE);
+ return(0);
+ }
+
+ if (c->pkeys[i].privatekey != NULL)
+ {
+ if (!X509_check_private_key(x,c->pkeys[i].privatekey))
+ {
+ if ((i == SSL_PKEY_DH_RSA) || (i == SSL_PKEY_DH_DSA))
+ {
+ i=(i == SSL_PKEY_DH_RSA)?
+ SSL_PKEY_DH_DSA:SSL_PKEY_DH_RSA;
+
+ if (c->pkeys[i].privatekey == NULL)
+ ok=1;
+ else
+ {
+ if (!X509_check_private_key(x,
+ c->pkeys[i].privatekey))
+ bad=1;
+ else
+ ok=1;
+ }
+ }
+ else
+ bad=1;
+ }
+ else
+ ok=1;
+ }
+ else
+ ok=1;
+
+ if (bad)
+ {
+ EVP_PKEY_free(c->pkeys[i].privatekey);
+ c->pkeys[i].privatekey=NULL;
+ }
+
+ if (c->pkeys[i].x509 != NULL)
+ X509_free(c->pkeys[i].x509);
+ CRYPTO_add(&x->references,1,CRYPTO_LOCK_X509);
+ c->pkeys[i].x509=x;
+ c->key= &(c->pkeys[i]);
+
+ c->valid=0;
+ return(1);
+ }
+
+#ifndef NO_STDIO
+int SSL_CTX_use_certificate_file(ctx, file, type)
+SSL_CTX *ctx;
+char *file;
+int type;
+ {
+ int j;
+ BIO *in;
+ int ret=0;
+ X509 *x=NULL;
+
+ in=BIO_new(BIO_s_file_internal());
+ if (in == NULL)
+ {
+ SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,ERR_R_BUF_LIB);
+ goto end;
+ }
+
+ if (BIO_read_filename(in,file) <= 0)
+ {
+ SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,ERR_R_SYS_LIB);
+ goto end;
+ }
+ if (type == SSL_FILETYPE_ASN1)
+ {
+ j=ERR_R_ASN1_LIB;
+ x=d2i_X509_bio(in,NULL);
+ }
+ else if (type == SSL_FILETYPE_PEM)
+ {
+ j=ERR_R_PEM_LIB;
+ x=PEM_read_bio_X509(in,NULL,ctx->default_passwd_callback);
+ }
+ else
+ {
+ SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,SSL_R_BAD_SSL_FILETYPE);
+ goto end;
+ }
+
+ if (x == NULL)
+ {
+ SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,j);
+ goto end;
+ }
+
+ ret=SSL_CTX_use_certificate(ctx,x);
+end:
+ if (x != NULL) X509_free(x);
+ if (in != NULL) BIO_free(in);
+ return(ret);
+ }
+#endif
+
+int SSL_CTX_use_certificate_ASN1(ctx, len, d)
+SSL_CTX *ctx;
+int len;
+unsigned char *d;
+ {
+ X509 *x;
+ int ret;
+
+ x=d2i_X509(NULL,&d,(long)len);
+ if (x == NULL)
+ {
+ SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1,ERR_R_ASN1_LIB);
+ return(0);
+ }
+
+ ret=SSL_CTX_use_certificate(ctx,x);
+ X509_free(x);
+ return(ret);
+ }
+
+#ifndef NO_RSA
+int SSL_CTX_use_RSAPrivateKey(ctx, rsa)
+SSL_CTX *ctx;
+RSA *rsa;
+ {
+ int ret;
+ CERT *c;
+ EVP_PKEY *pkey;
+
+ if (rsa == NULL)
+ {
+ SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY,ERR_R_PASSED_NULL_PARAMETER);
+ return(0);
+ }
+ if (ctx->default_cert == NULL)
+ {
+ c=ssl_cert_new();
+ if (c == NULL)
+ {
+ SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY,ERR_R_MALLOC_FAILURE);
+ return(0);
+ }
+ ctx->default_cert=c;
+ }
+ c=ctx->default_cert;
+
+ if ((pkey=EVP_PKEY_new()) == NULL)
+ {
+ SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY,ERR_R_EVP_LIB);
+ return(0);
+ }
+
+ CRYPTO_add(&rsa->references,1,CRYPTO_LOCK_RSA);
+ EVP_PKEY_assign_RSA(pkey,rsa);
+
+ ret=ssl_set_pkey(c,pkey);
+ EVP_PKEY_free(pkey);
+ return(ret);
+ }
+
+#ifndef NO_STDIO
+int SSL_CTX_use_RSAPrivateKey_file(ctx, file, type)
+SSL_CTX *ctx;
+char *file;
+int type;
+ {
+ int j,ret=0;
+ BIO *in;
+ RSA *rsa=NULL;
+
+ in=BIO_new(BIO_s_file_internal());
+ if (in == NULL)
+ {
+ SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,ERR_R_BUF_LIB);
+ goto end;
+ }
+
+ if (BIO_read_filename(in,file) <= 0)
+ {
+ SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,ERR_R_SYS_LIB);
+ goto end;
+ }
+ if (type == SSL_FILETYPE_ASN1)
+ {
+ j=ERR_R_ASN1_LIB;
+ rsa=d2i_RSAPrivateKey_bio(in,NULL);
+ }
+ else if (type == SSL_FILETYPE_PEM)
+ {
+ j=ERR_R_PEM_LIB;
+ rsa=PEM_read_bio_RSAPrivateKey(in,NULL,
+ ctx->default_passwd_callback);
+ }
+ else
+ {
+ SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE);
+ goto end;
+ }
+ if (rsa == NULL)
+ {
+ SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,j);
+ goto end;
+ }
+ ret=SSL_CTX_use_RSAPrivateKey(ctx,rsa);
+ RSA_free(rsa);
+end:
+ if (in != NULL) BIO_free(in);
+ return(ret);
+ }
+#endif
+
+int SSL_CTX_use_RSAPrivateKey_ASN1(ctx,d,len)
+SSL_CTX *ctx;
+unsigned char *d;
+long len;
+ {
+ int ret;
+ unsigned char *p;
+ RSA *rsa;
+
+ p=d;
+ if ((rsa=d2i_RSAPrivateKey(NULL,&p,(long)len)) == NULL)
+ {
+ SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1,ERR_R_ASN1_LIB);
+ return(0);
+ }
+
+ ret=SSL_CTX_use_RSAPrivateKey(ctx,rsa);
+ RSA_free(rsa);
+ return(ret);
+ }
+#endif /* !NO_RSA */
+
+int SSL_CTX_use_PrivateKey(ctx, pkey)
+SSL_CTX *ctx;
+EVP_PKEY *pkey;
+ {
+ CERT *c;
+
+ if (pkey == NULL)
+ {
+ SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY,ERR_R_PASSED_NULL_PARAMETER);
+ return(0);
+ }
+
+ if (ctx->default_cert == NULL)
+ {
+ c=ssl_cert_new();
+ if (c == NULL)
+ {
+ SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY,ERR_R_MALLOC_FAILURE);
+ return(0);
+ }
+ ctx->default_cert=c;
+ }
+ c=ctx->default_cert;
+
+ return(ssl_set_pkey(c,pkey));
+ }
+
+#ifndef NO_STDIO
+int SSL_CTX_use_PrivateKey_file(ctx, file, type)
+SSL_CTX *ctx;
+char *file;
+int type;
+ {
+ int j,ret=0;
+ BIO *in;
+ EVP_PKEY *pkey=NULL;
+
+ in=BIO_new(BIO_s_file_internal());
+ if (in == NULL)
+ {
+ SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,ERR_R_BUF_LIB);
+ goto end;
+ }
+
+ if (BIO_read_filename(in,file) <= 0)
+ {
+ SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,ERR_R_SYS_LIB);
+ goto end;
+ }
+ if (type == SSL_FILETYPE_PEM)
+ {
+ j=ERR_R_PEM_LIB;
+ pkey=PEM_read_bio_PrivateKey(in,NULL,
+ ctx->default_passwd_callback);
+ }
+ else
+ {
+ SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE);
+ goto end;
+ }
+ if (pkey == NULL)
+ {
+ SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,j);
+ goto end;
+ }
+ ret=SSL_CTX_use_PrivateKey(ctx,pkey);
+ EVP_PKEY_free(pkey);
+end:
+ if (in != NULL) BIO_free(in);
+ return(ret);
+ }
+#endif
+
+int SSL_CTX_use_PrivateKey_ASN1(type,ctx,d,len)
+int type;
+SSL_CTX *ctx;
+unsigned char *d;
+long len;
+ {
+ int ret;
+ unsigned char *p;
+ EVP_PKEY *pkey;
+
+ p=d;
+ if ((pkey=d2i_PrivateKey(type,NULL,&p,(long)len)) == NULL)
+ {
+ SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1,ERR_R_ASN1_LIB);
+ return(0);
+ }
+
+ ret=SSL_CTX_use_PrivateKey(ctx,pkey);
+ EVP_PKEY_free(pkey);
+ return(ret);
+ }
+
+
diff --git a/src/lib/libssl/src/ssl/ssl_sess.c b/src/lib/libssl/src/ssl/ssl_sess.c
new file mode 100644
index 0000000000..8212600e40
--- /dev/null
+++ b/src/lib/libssl/src/ssl/ssl_sess.c
@@ -0,0 +1,582 @@
+/* ssl/ssl_sess.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "lhash.h"
+#include "rand.h"
+#include "ssl_locl.h"
+
+#ifndef NOPROTO
+static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s);
+static void SSL_SESSION_list_add(SSL_CTX *ctx,SSL_SESSION *s);
+#else
+static void SSL_SESSION_list_remove();
+static void SSL_SESSION_list_add();
+#endif
+
+static ssl_session_num=0;
+static STACK *ssl_session_meth=NULL;
+
+SSL_SESSION *SSL_get_session(ssl)
+SSL *ssl;
+ {
+ return(ssl->session);
+ }
+
+int SSL_SESSION_get_ex_new_index(argl,argp,new_func,dup_func,free_func)
+long argl;
+char *argp;
+int (*new_func)();
+int (*dup_func)();
+void (*free_func)();
+ {
+ ssl_session_num++;
+ return(CRYPTO_get_ex_new_index(ssl_session_num-1,
+ &ssl_session_meth,
+ argl,argp,new_func,dup_func,free_func));
+ }
+
+int SSL_SESSION_set_ex_data(s,idx,arg)
+SSL_SESSION *s;
+int idx;
+char *arg;
+ {
+ return(CRYPTO_set_ex_data(&s->ex_data,idx,arg));
+ }
+
+char *SSL_SESSION_get_ex_data(s,idx)
+SSL_SESSION *s;
+int idx;
+ {
+ return(CRYPTO_get_ex_data(&s->ex_data,idx));
+ }
+
+SSL_SESSION *SSL_SESSION_new()
+ {
+ SSL_SESSION *ss;
+
+ ss=(SSL_SESSION *)Malloc(sizeof(SSL_SESSION));
+ if (ss == NULL)
+ {
+ SSLerr(SSL_F_SSL_SESSION_NEW,ERR_R_MALLOC_FAILURE);
+ return(0);
+ }
+ memset(ss,0,sizeof(SSL_SESSION));
+
+ ss->references=1;
+ ss->timeout=60*5+4; /* 5 minute timeout by default */
+ ss->time=time(NULL);
+ ss->prev=NULL;
+ ss->next=NULL;
+ CRYPTO_new_ex_data(ssl_session_meth,(char *)ss,&ss->ex_data);
+ return(ss);
+ }
+
+int ssl_get_new_session(s, session)
+SSL *s;
+int session;
+ {
+ SSL_SESSION *ss=NULL;
+
+ if ((ss=SSL_SESSION_new()) == NULL) return(0);
+
+ /* If the context has a default timeout, use it */
+ if (s->ctx->session_timeout != 0)
+ ss->timeout=SSL_get_default_timeout(s);
+
+ if (s->session != NULL)
+ {
+ SSL_SESSION_free(s->session);
+ s->session=NULL;
+ }
+
+ if (session)
+ {
+ if (s->version == SSL2_CLIENT_VERSION)
+ {
+ ss->ssl_version=SSL2_VERSION;
+ ss->session_id_length=SSL2_SSL_SESSION_ID_LENGTH;
+ }
+ else if (s->version == SSL3_VERSION)
+ {
+ ss->ssl_version=SSL3_VERSION;
+ ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH;
+ }
+ else if (s->version == TLS1_VERSION)
+ {
+ ss->ssl_version=TLS1_VERSION;
+ ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH;
+ }
+ else
+ {
+ SSLerr(SSL_F_SSL_GET_NEW_SESSION,SSL_R_UNSUPPORTED_SSL_VERSION);
+ SSL_SESSION_free(ss);
+ return(0);
+ }
+
+ for (;;)
+ {
+ SSL_SESSION *r;
+
+ RAND_bytes(ss->session_id,ss->session_id_length);
+ CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
+ r=(SSL_SESSION *)lh_retrieve(s->ctx->sessions,
+ (char *)ss);
+ CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
+ if (r == NULL) break;
+ /* else - woops a session_id match */
+ }
+ }
+ else
+ {
+ ss->session_id_length=0;
+ }
+
+ s->session=ss;
+ ss->ssl_version=s->version;
+
+ return(1);
+ }
+
+int ssl_get_prev_session(s,session_id,len)
+SSL *s;
+unsigned char *session_id;
+int len;
+ {
+ SSL_SESSION *ret=NULL,data;
+
+ /* conn_init();*/
+ data.ssl_version=s->version;
+ data.session_id_length=len;
+ if (len > SSL_MAX_SSL_SESSION_ID_LENGTH)
+ return(0);
+ memcpy(data.session_id,session_id,len);;
+
+ if (!(s->ctx->session_cache_mode & SSL_SESS_CACHE_NO_INTERNAL_LOOKUP))
+ {
+ CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
+ ret=(SSL_SESSION *)lh_retrieve(s->ctx->sessions,(char *)&data);
+ CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
+ }
+
+ if (ret == NULL)
+ {
+ int copy=1;
+
+ s->ctx->sess_miss++;
+ ret=NULL;
+ if ((s->ctx->get_session_cb != NULL) &&
+ ((ret=s->ctx->get_session_cb(s,session_id,len,©))
+ != NULL))
+ {
+ s->ctx->sess_cb_hit++;
+
+ /* The following should not return 1, otherwise,
+ * things are very strange */
+ SSL_CTX_add_session(s->ctx,ret);
+ /* auto free it */
+ if (!copy)
+ SSL_SESSION_free(ret);
+ }
+ if (ret == NULL) return(0);
+ }
+
+ if (ret->cipher == NULL)
+ {
+ char buf[5],*p;
+ unsigned long l;
+
+ p=buf;
+ l=ret->cipher_id;
+ l2n(l,p);
+ if ((ret->ssl_version>>8) == SSL3_VERSION_MAJOR)
+ ret->cipher=ssl_get_cipher_by_char(s,&(buf[2]));
+ else
+ ret->cipher=ssl_get_cipher_by_char(s,&(buf[1]));
+ if (ret->cipher == NULL)
+ return(0);
+ }
+
+ /* If a thread got the session, then 'swaped', and another got
+ * it and then due to a time-out decided to 'Free' it we could
+ * be in trouble. So I'll increment it now, then double decrement
+ * later - am I speaking rubbish?. */
+ CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION);
+
+ if ((long)(ret->time+ret->timeout) < (long)time(NULL)) /* timeout */
+ {
+ s->ctx->sess_timeout++;
+ /* remove it from the cache */
+ SSL_CTX_remove_session(s->ctx,ret);
+ SSL_SESSION_free(ret); /* again to actually Free it */
+ return(0);
+ }
+
+ s->ctx->sess_hit++;
+
+ /* ret->time=time(NULL); */ /* rezero timeout? */
+ /* again, just leave the session
+ * if it is the same session, we have just incremented and
+ * then decremented the reference count :-) */
+ if (s->session != NULL)
+ SSL_SESSION_free(s->session);
+ s->session=ret;
+ return(1);
+ }
+
+int SSL_CTX_add_session(ctx,c)
+SSL_CTX *ctx;
+SSL_SESSION *c;
+ {
+ int ret=0;
+ SSL_SESSION *s;
+
+ /* conn_init(); */
+ CRYPTO_add(&c->references,1,CRYPTO_LOCK_SSL_SESSION);
+
+ CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
+ s=(SSL_SESSION *)lh_insert(ctx->sessions,(char *)c);
+
+ /* Put on the end of the queue unless it is already in the cache */
+ if (s == NULL)
+ SSL_SESSION_list_add(ctx,c);
+
+ /* If the same session if is being 're-added', Free the old
+ * one when the last person stops using it.
+ * This will also work if it is alread in the cache.
+ * The references will go up and then down :-) */
+ if (s != NULL)
+ {
+ SSL_SESSION_free(s);
+ ret=0;
+ }
+ else
+ {
+ ret=1;
+
+ if (SSL_CTX_sess_get_cache_size(ctx) > 0)
+ {
+ while (SSL_CTX_sess_number(ctx) >
+ SSL_CTX_sess_get_cache_size(ctx))
+ {
+ if (!SSL_CTX_remove_session(ctx,
+ ctx->session_cache_tail))
+ break;
+ else
+ ctx->sess_cache_full++;
+ }
+ }
+ }
+ CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
+ return(ret);
+ }
+
+int SSL_CTX_remove_session(ctx,c)
+SSL_CTX *ctx;
+SSL_SESSION *c;
+ {
+ SSL_SESSION *r;
+ int ret=0;
+
+ if ((c != NULL) && (c->session_id_length != 0))
+ {
+ CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
+ r=(SSL_SESSION *)lh_delete(ctx->sessions,(char *)c);
+ if (r != NULL)
+ {
+ ret=1;
+ SSL_SESSION_list_remove(ctx,c);
+ }
+
+ CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
+
+ if (ret)
+ {
+ r->not_resumable=1;
+ if (ctx->remove_session_cb != NULL)
+ ctx->remove_session_cb(ctx,r);
+ SSL_SESSION_free(r);
+ }
+ }
+ else
+ ret=0;
+ return(ret);
+ }
+
+void SSL_SESSION_free(ss)
+SSL_SESSION *ss;
+ {
+ int i;
+
+ i=CRYPTO_add(&ss->references,-1,CRYPTO_LOCK_SSL_SESSION);
+#ifdef REF_PRINT
+ REF_PRINT("SSL_SESSION",ss);
+#endif
+ if (i > 0) return;
+#ifdef REF_CHECK
+ if (i < 0)
+ {
+ fprintf(stderr,"SSL_SESSION_free, bad reference count\n");
+ abort(); /* ok */
+ }
+#endif
+
+ CRYPTO_free_ex_data(ssl_session_meth,(char *)ss,&ss->ex_data);
+
+ memset(ss->key_arg,0,SSL_MAX_KEY_ARG_LENGTH);
+ memset(ss->master_key,0,SSL_MAX_MASTER_KEY_LENGTH);
+ memset(ss->session_id,0,SSL_MAX_SSL_SESSION_ID_LENGTH);
+ if (ss->cert != NULL) ssl_cert_free(ss->cert);
+ if (ss->peer != NULL) X509_free(ss->peer);
+ if (ss->ciphers != NULL) sk_free(ss->ciphers);
+ memset(ss,0,sizeof(*ss));
+ Free(ss);
+ }
+
+int SSL_set_session(s, session)
+SSL *s;
+SSL_SESSION *session;
+ {
+ int ret=0;
+ SSL_METHOD *meth;
+
+ if (session != NULL)
+ {
+ meth=s->ctx->method->get_ssl_method(session->ssl_version);
+ if (meth == NULL)
+ meth=s->method->get_ssl_method(session->ssl_version);
+ if (meth == NULL)
+ {
+ SSLerr(SSL_F_SSL_SET_SESSION,SSL_R_UNABLE_TO_FIND_SSL_METHOD);
+ return(0);
+ }
+
+ if (meth != s->method)
+ {
+ if (!SSL_set_ssl_method(s,meth))
+ return(0);
+ session->timeout=SSL_get_default_timeout(s);
+ }
+
+ /* CRYPTO_w_lock(CRYPTO_LOCK_SSL);*/
+ CRYPTO_add(&session->references,1,CRYPTO_LOCK_SSL_SESSION);
+ if (s->session != NULL)
+ SSL_SESSION_free(s->session);
+ s->session=session;
+ /* CRYPTO_w_unlock(CRYPTO_LOCK_SSL);*/
+ ret=1;
+ }
+ else
+ {
+ if (s->session != NULL)
+ {
+ SSL_SESSION_free(s->session);
+ s->session=NULL;
+ }
+ }
+ return(ret);
+ }
+
+long SSL_SESSION_set_timeout(s,t)
+SSL_SESSION *s;
+long t;
+ {
+ if (s == NULL) return(0);
+ s->timeout=t;
+ return(1);
+ }
+
+long SSL_SESSION_get_timeout(s)
+SSL_SESSION *s;
+ {
+ if (s == NULL) return(0);
+ return(s->timeout);
+ }
+
+long SSL_SESSION_get_time(s)
+SSL_SESSION *s;
+ {
+ if (s == NULL) return(0);
+ return(s->time);
+ }
+
+long SSL_SESSION_set_time(s,t)
+SSL_SESSION *s;
+long t;
+ {
+ if (s == NULL) return(0);
+ s->time=t;
+ return(t);
+ }
+
+typedef struct timeout_param_st
+ {
+ SSL_CTX *ctx;
+ long time;
+ LHASH *cache;
+ } TIMEOUT_PARAM;
+
+static void timeout(s,p)
+SSL_SESSION *s;
+TIMEOUT_PARAM *p;
+ {
+ if ((p->time == 0) || (p->time > (s->time+s->timeout))) /* timeout */
+ {
+ /* The reason we don't call SSL_CTX_remove_session() is to
+ * save on locking overhead */
+ lh_delete(p->cache,(char *)s);
+ SSL_SESSION_list_remove(p->ctx,s);
+ s->not_resumable=1;
+ if (p->ctx->remove_session_cb != NULL)
+ p->ctx->remove_session_cb(p->ctx,s);
+ SSL_SESSION_free(s);
+ }
+ }
+
+void SSL_CTX_flush_sessions(s,t)
+SSL_CTX *s;
+long t;
+ {
+ unsigned long i;
+ TIMEOUT_PARAM tp;
+
+ tp.ctx=s;
+ tp.cache=SSL_CTX_sessions(s);
+ if (tp.cache == NULL) return;
+ tp.time=t;
+ CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
+ i=tp.cache->down_load;
+ tp.cache->down_load=0;
+ lh_doall_arg(tp.cache,(void (*)())timeout,(char *)&tp);
+ tp.cache->down_load=i;
+ CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
+ }
+
+int ssl_clear_bad_session(s)
+SSL *s;
+ {
+ if ( (s->session != NULL) &&
+ !(s->shutdown & SSL_SENT_SHUTDOWN) &&
+ !(SSL_in_init(s) || SSL_in_before(s)))
+ {
+ SSL_CTX_remove_session(s->ctx,s->session);
+ return(1);
+ }
+ else
+ return(0);
+ }
+
+/* locked by SSL_CTX in the calling function */
+static void SSL_SESSION_list_remove(ctx,s)
+SSL_CTX *ctx;
+SSL_SESSION *s;
+ {
+ if ((s->next == NULL) || (s->prev == NULL)) return;
+
+ if (s->next == (SSL_SESSION *)&(ctx->session_cache_tail))
+ { /* last element in list */
+ if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head))
+ { /* only one element in list */
+ ctx->session_cache_head=NULL;
+ ctx->session_cache_tail=NULL;
+ }
+ else
+ {
+ ctx->session_cache_tail=s->prev;
+ s->prev->next=(SSL_SESSION *)&(ctx->session_cache_tail);
+ }
+ }
+ else
+ {
+ if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head))
+ { /* first element in list */
+ ctx->session_cache_head=s->next;
+ s->next->prev=(SSL_SESSION *)&(ctx->session_cache_head);
+ }
+ else
+ { /* middle of list */
+ s->next->prev=s->prev;
+ s->prev->next=s->next;
+ }
+ }
+ s->prev=s->next=NULL;
+ }
+
+static void SSL_SESSION_list_add(ctx,s)
+SSL_CTX *ctx;
+SSL_SESSION *s;
+ {
+ if ((s->next != NULL) && (s->prev != NULL))
+ SSL_SESSION_list_remove(ctx,s);
+
+ if (ctx->session_cache_head == NULL)
+ {
+ ctx->session_cache_head=s;
+ ctx->session_cache_tail=s;
+ s->prev=(SSL_SESSION *)&(ctx->session_cache_head);
+ s->next=(SSL_SESSION *)&(ctx->session_cache_tail);
+ }
+ else
+ {
+ s->next=ctx->session_cache_head;
+ s->next->prev=s;
+ s->prev=(SSL_SESSION *)&(ctx->session_cache_head);
+ ctx->session_cache_head=s;
+ }
+ }
+
diff --git a/src/lib/libssl/src/ssl/ssl_stat.c b/src/lib/libssl/src/ssl/ssl_stat.c
new file mode 100644
index 0000000000..a1daf25dd4
--- /dev/null
+++ b/src/lib/libssl/src/ssl/ssl_stat.c
@@ -0,0 +1,458 @@
+/* ssl/ssl_stat.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "ssl_locl.h"
+
+char *SSL_state_string_long(s)
+SSL *s;
+ {
+ char *str;
+
+ switch (s->state)
+ {
+case SSL_ST_BEFORE: str="before SSL initalisation"; break;
+case SSL_ST_ACCEPT: str="before accept initalisation"; break;
+case SSL_ST_CONNECT: str="before connect initalisation"; break;
+case SSL_ST_OK: str="SSL negotiation finished successfully"; break;
+case SSL_ST_RENEGOTIATE: str="SSL renegotiate ciphers"; break;
+case SSL_ST_BEFORE|SSL_ST_CONNECT: str="before/connect initalisation"; break;
+case SSL_ST_OK|SSL_ST_CONNECT: str="ok/connect SSL initalisation"; break;
+case SSL_ST_BEFORE|SSL_ST_ACCEPT: str="before/accept initalisation"; break;
+case SSL_ST_OK|SSL_ST_ACCEPT: str="ok/accept SSL initalisation"; break;
+#ifndef NO_SSL2
+case SSL2_ST_CLIENT_START_ENCRYPTION: str="SSLv2 client start encryption"; break;
+case SSL2_ST_SERVER_START_ENCRYPTION: str="SSLv2 server start encryption"; break;
+case SSL2_ST_SEND_CLIENT_HELLO_A: str="SSLv2 write client hello A"; break;
+case SSL2_ST_SEND_CLIENT_HELLO_B: str="SSLv2 write client hello B"; break;
+case SSL2_ST_GET_SERVER_HELLO_A: str="SSLv2 read server hello A"; break;
+case SSL2_ST_GET_SERVER_HELLO_B: str="SSLv2 read server hello B"; break;
+case SSL2_ST_SEND_CLIENT_MASTER_KEY_A: str="SSLv2 write client master key A"; break;
+case SSL2_ST_SEND_CLIENT_MASTER_KEY_B: str="SSLv2 write client master key B"; break;
+case SSL2_ST_SEND_CLIENT_FINISHED_A: str="SSLv2 write client finished A"; break;
+case SSL2_ST_SEND_CLIENT_FINISHED_B: str="SSLv2 write client finished B"; break;
+case SSL2_ST_SEND_CLIENT_CERTIFICATE_A: str="SSLv2 write client certificate A"; break;
+case SSL2_ST_SEND_CLIENT_CERTIFICATE_B: str="SSLv2 write client certificate B"; break;
+case SSL2_ST_SEND_CLIENT_CERTIFICATE_C: str="SSLv2 write client certificate C"; break;
+case SSL2_ST_SEND_CLIENT_CERTIFICATE_D: str="SSLv2 write client certificate D"; break;
+case SSL2_ST_GET_SERVER_VERIFY_A: str="SSLv2 read server verify A"; break;
+case SSL2_ST_GET_SERVER_VERIFY_B: str="SSLv2 read server verify B"; break;
+case SSL2_ST_GET_SERVER_FINISHED_A: str="SSLv2 read server finished A"; break;
+case SSL2_ST_GET_SERVER_FINISHED_B: str="SSLv2 read server finished B"; break;
+case SSL2_ST_GET_CLIENT_HELLO_A: str="SSLv2 read client hello A"; break;
+case SSL2_ST_GET_CLIENT_HELLO_B: str="SSLv2 read client hello B"; break;
+case SSL2_ST_GET_CLIENT_HELLO_C: str="SSLv2 read client hello C"; break;
+case SSL2_ST_SEND_SERVER_HELLO_A: str="SSLv2 write server hello A"; break;
+case SSL2_ST_SEND_SERVER_HELLO_B: str="SSLv2 write server hello B"; break;
+case SSL2_ST_GET_CLIENT_MASTER_KEY_A: str="SSLv2 read client master key A"; break;
+case SSL2_ST_GET_CLIENT_MASTER_KEY_B: str="SSLv2 read client master key B"; break;
+case SSL2_ST_SEND_SERVER_VERIFY_A: str="SSLv2 write server verify A"; break;
+case SSL2_ST_SEND_SERVER_VERIFY_B: str="SSLv2 write server verify B"; break;
+case SSL2_ST_SEND_SERVER_VERIFY_C: str="SSLv2 write server verify C"; break;
+case SSL2_ST_GET_CLIENT_FINISHED_A: str="SSLv2 read client finished A"; break;
+case SSL2_ST_GET_CLIENT_FINISHED_B: str="SSLv2 read client finished B"; break;
+case SSL2_ST_SEND_SERVER_FINISHED_A: str="SSLv2 write server finished A"; break;
+case SSL2_ST_SEND_SERVER_FINISHED_B: str="SSLv2 write server finished B"; break;
+case SSL2_ST_SEND_REQUEST_CERTIFICATE_A: str="SSLv2 write request certificate A"; break;
+case SSL2_ST_SEND_REQUEST_CERTIFICATE_B: str="SSLv2 write request certificate B"; break;
+case SSL2_ST_SEND_REQUEST_CERTIFICATE_C: str="SSLv2 write request certificate C"; break;
+case SSL2_ST_SEND_REQUEST_CERTIFICATE_D: str="SSLv2 write request certificate D"; break;
+case SSL2_ST_X509_GET_SERVER_CERTIFICATE: str="SSLv2 X509 read server certificate"; break;
+case SSL2_ST_X509_GET_CLIENT_CERTIFICATE: str="SSLv2 X509 read client certificate"; break;
+#endif
+
+#ifndef NO_SSL3
+/* SSLv3 additions */
+case SSL3_ST_CW_CLNT_HELLO_A: str="SSLv3 write client hello A"; break;
+case SSL3_ST_CW_CLNT_HELLO_B: str="SSLv3 write client hello B"; break;
+case SSL3_ST_CR_SRVR_HELLO_A: str="SSLv3 read server hello A"; break;
+case SSL3_ST_CR_SRVR_HELLO_B: str="SSLv3 read server hello B"; break;
+case SSL3_ST_CR_CERT_A: str="SSLv3 read server certificate A"; break;
+case SSL3_ST_CR_CERT_B: str="SSLv3 read server certificate B"; break;
+case SSL3_ST_CR_KEY_EXCH_A: str="SSLv3 read server key exchange A"; break;
+case SSL3_ST_CR_KEY_EXCH_B: str="SSLv3 read server key exchange B"; break;
+case SSL3_ST_CR_CERT_REQ_A: str="SSLv3 read server certificate request A"; break;
+case SSL3_ST_CR_CERT_REQ_B: str="SSLv3 read server certificate request B"; break;
+case SSL3_ST_CR_SRVR_DONE_A: str="SSLv3 read server done A"; break;
+case SSL3_ST_CR_SRVR_DONE_B: str="SSLv3 read server done B"; break;
+case SSL3_ST_CW_CERT_A: str="SSLv3 write client certificate A"; break;
+case SSL3_ST_CW_CERT_B: str="SSLv3 write client certificate B"; break;
+case SSL3_ST_CW_KEY_EXCH_A: str="SSLv3 write client key exchange A"; break;
+case SSL3_ST_CW_KEY_EXCH_B: str="SSLv3 write client key exchange B"; break;
+case SSL3_ST_CW_CERT_VRFY_A: str="SSLv3 write certificate verify A"; break;
+case SSL3_ST_CW_CERT_VRFY_B: str="SSLv3 write certificate verify A"; break;
+
+case SSL3_ST_CW_CHANGE_A:
+case SSL3_ST_SW_CHANGE_A: str="SSLv3 write change cipher spec A"; break;
+case SSL3_ST_CW_CHANGE_B:
+case SSL3_ST_SW_CHANGE_B: str="SSLv3 write change cipher spec B"; break;
+case SSL3_ST_CW_FINISHED_A:
+case SSL3_ST_SW_FINISHED_A: str="SSLv3 write finished A"; break;
+case SSL3_ST_CW_FINISHED_B:
+case SSL3_ST_SW_FINISHED_B: str="SSLv3 write finished A"; break;
+case SSL3_ST_CR_CHANGE_A:
+case SSL3_ST_SR_CHANGE_A: str="SSLv3 read change cipher spec A"; break;
+case SSL3_ST_CR_CHANGE_B:
+case SSL3_ST_SR_CHANGE_B: str="SSLv3 read change cipher spec B"; break;
+case SSL3_ST_CR_FINISHED_A:
+case SSL3_ST_SR_FINISHED_A: str="SSLv3 read finished A"; break;
+case SSL3_ST_CR_FINISHED_B:
+case SSL3_ST_SR_FINISHED_B: str="SSLv3 read finished B"; break;
+
+case SSL3_ST_CW_FLUSH:
+case SSL3_ST_SW_FLUSH: str="SSLv3 flush data"; break;
+
+case SSL3_ST_SR_CLNT_HELLO_A: str="SSLv3 read client hello A"; break;
+case SSL3_ST_SR_CLNT_HELLO_B: str="SSLv3 read client hello B"; break;
+case SSL3_ST_SR_CLNT_HELLO_C: str="SSLv3 read client hello C"; break;
+case SSL3_ST_SW_HELLO_REQ_A: str="SSLv3 write hello request A"; break;
+case SSL3_ST_SW_HELLO_REQ_B: str="SSLv3 write hello request B"; break;
+case SSL3_ST_SW_HELLO_REQ_C: str="SSLv3 write hello request C"; break;
+case SSL3_ST_SW_SRVR_HELLO_A: str="SSLv3 write server hello A"; break;
+case SSL3_ST_SW_SRVR_HELLO_B: str="SSLv3 write server hello B"; break;
+case SSL3_ST_SW_CERT_A: str="SSLv3 write certificate A"; break;
+case SSL3_ST_SW_CERT_B: str="SSLv3 write certificate B"; break;
+case SSL3_ST_SW_KEY_EXCH_A: str="SSLv3 write key exchange A"; break;
+case SSL3_ST_SW_KEY_EXCH_B: str="SSLv3 write key exchange B"; break;
+case SSL3_ST_SW_CERT_REQ_A: str="SSLv3 write certificate request A"; break;
+case SSL3_ST_SW_CERT_REQ_B: str="SSLv3 write certificate request B"; break;
+case SSL3_ST_SW_SRVR_DONE_A: str="SSLv3 write server done A"; break;
+case SSL3_ST_SW_SRVR_DONE_B: str="SSLv3 write server done B"; break;
+case SSL3_ST_SR_CERT_A: str="SSLv3 read client certificate A"; break;
+case SSL3_ST_SR_CERT_B: str="SSLv3 read client certificate B"; break;
+case SSL3_ST_SR_KEY_EXCH_A: str="SSLv3 read client key exchange A"; break;
+case SSL3_ST_SR_KEY_EXCH_B: str="SSLv3 read client key exchange B"; break;
+case SSL3_ST_SR_CERT_VRFY_A: str="SSLv3 read certificate verify A"; break;
+case SSL3_ST_SR_CERT_VRFY_B: str="SSLv3 read certificate verify B"; break;
+#endif
+
+#if !defined(NO_SSL2) && !defined(NO_SSL3)
+/* SSLv2/v3 compatablitity states */
+/* client */
+case SSL23_ST_CW_CLNT_HELLO_A: str="SSLv2/v3 write client hello A"; break;
+case SSL23_ST_CW_CLNT_HELLO_B: str="SSLv2/v3 write client hello B"; break;
+case SSL23_ST_CR_SRVR_HELLO_A: str="SSLv2/v3 read server hello A"; break;
+case SSL23_ST_CR_SRVR_HELLO_B: str="SSLv2/v3 read server hello B"; break;
+/* server */
+case SSL23_ST_SR_CLNT_HELLO_A: str="SSLv2/v3 read client hello A"; break;
+case SSL23_ST_SR_CLNT_HELLO_B: str="SSLv2/v3 read client hello B"; break;
+#endif
+
+default: str="unknown state"; break;
+ }
+ return(str);
+ }
+
+char *SSL_rstate_string_long(s)
+SSL *s;
+ {
+ char *str;
+
+ switch (s->rstate)
+ {
+ case SSL_ST_READ_HEADER: str="read header"; break;
+ case SSL_ST_READ_BODY: str="read body"; break;
+ case SSL_ST_READ_DONE: str="read done"; break;
+ default: str="unknown"; break;
+ }
+ return(str);
+ }
+
+char *SSL_state_string(s)
+SSL *s;
+ {
+ char *str;
+
+ switch (s->state)
+ {
+case SSL_ST_BEFORE: str="PINIT "; break;
+case SSL_ST_ACCEPT: str="AINIT "; break;
+case SSL_ST_CONNECT: str="CINIT "; break;
+case SSL_ST_OK: str="SSLOK "; break;
+#ifndef NO_SSL2
+case SSL2_ST_CLIENT_START_ENCRYPTION: str="2CSENC"; break;
+case SSL2_ST_SERVER_START_ENCRYPTION: str="2SSENC"; break;
+case SSL2_ST_SEND_CLIENT_HELLO_A: str="2SCH_A"; break;
+case SSL2_ST_SEND_CLIENT_HELLO_B: str="2SCH_B"; break;
+case SSL2_ST_GET_SERVER_HELLO_A: str="2GSH_A"; break;
+case SSL2_ST_GET_SERVER_HELLO_B: str="2GSH_B"; break;
+case SSL2_ST_SEND_CLIENT_MASTER_KEY_A: str="2SCMKA"; break;
+case SSL2_ST_SEND_CLIENT_MASTER_KEY_B: str="2SCMKB"; break;
+case SSL2_ST_SEND_CLIENT_FINISHED_A: str="2SCF_A"; break;
+case SSL2_ST_SEND_CLIENT_FINISHED_B: str="2SCF_B"; break;
+case SSL2_ST_SEND_CLIENT_CERTIFICATE_A: str="2SCC_A"; break;
+case SSL2_ST_SEND_CLIENT_CERTIFICATE_B: str="2SCC_B"; break;
+case SSL2_ST_SEND_CLIENT_CERTIFICATE_C: str="2SCC_C"; break;
+case SSL2_ST_SEND_CLIENT_CERTIFICATE_D: str="2SCC_D"; break;
+case SSL2_ST_GET_SERVER_VERIFY_A: str="2GSV_A"; break;
+case SSL2_ST_GET_SERVER_VERIFY_B: str="2GSV_B"; break;
+case SSL2_ST_GET_SERVER_FINISHED_A: str="2GSF_A"; break;
+case SSL2_ST_GET_SERVER_FINISHED_B: str="2GSF_B"; break;
+case SSL2_ST_GET_CLIENT_HELLO_A: str="2GCH_A"; break;
+case SSL2_ST_GET_CLIENT_HELLO_B: str="2GCH_B"; break;
+case SSL2_ST_GET_CLIENT_HELLO_C: str="2GCH_C"; break;
+case SSL2_ST_SEND_SERVER_HELLO_A: str="2SSH_A"; break;
+case SSL2_ST_SEND_SERVER_HELLO_B: str="2SSH_B"; break;
+case SSL2_ST_GET_CLIENT_MASTER_KEY_A: str="2GCMKA"; break;
+case SSL2_ST_GET_CLIENT_MASTER_KEY_B: str="2GCMKA"; break;
+case SSL2_ST_SEND_SERVER_VERIFY_A: str="2SSV_A"; break;
+case SSL2_ST_SEND_SERVER_VERIFY_B: str="2SSV_B"; break;
+case SSL2_ST_SEND_SERVER_VERIFY_C: str="2SSV_C"; break;
+case SSL2_ST_GET_CLIENT_FINISHED_A: str="2GCF_A"; break;
+case SSL2_ST_GET_CLIENT_FINISHED_B: str="2GCF_B"; break;
+case SSL2_ST_SEND_SERVER_FINISHED_A: str="2SSF_A"; break;
+case SSL2_ST_SEND_SERVER_FINISHED_B: str="2SSF_B"; break;
+case SSL2_ST_SEND_REQUEST_CERTIFICATE_A: str="2SRC_A"; break;
+case SSL2_ST_SEND_REQUEST_CERTIFICATE_B: str="2SRC_B"; break;
+case SSL2_ST_SEND_REQUEST_CERTIFICATE_C: str="2SRC_C"; break;
+case SSL2_ST_SEND_REQUEST_CERTIFICATE_D: str="2SRC_D"; break;
+case SSL2_ST_X509_GET_SERVER_CERTIFICATE: str="2X9GSC"; break;
+case SSL2_ST_X509_GET_CLIENT_CERTIFICATE: str="2X9GCC"; break;
+#endif
+
+#ifndef NO_SSL3
+/* SSLv3 additions */
+case SSL3_ST_SW_FLUSH:
+case SSL3_ST_CW_FLUSH: str="3FLUSH"; break;
+case SSL3_ST_CW_CLNT_HELLO_A: str="3WCH_A"; break;
+case SSL3_ST_CW_CLNT_HELLO_B: str="3WCH_B"; break;
+case SSL3_ST_CR_SRVR_HELLO_A: str="3RSH_A"; break;
+case SSL3_ST_CR_SRVR_HELLO_B: str="3RSH_B"; break;
+case SSL3_ST_CR_CERT_A: str="3RSC_A"; break;
+case SSL3_ST_CR_CERT_B: str="3RSC_B"; break;
+case SSL3_ST_CR_KEY_EXCH_A: str="3RSKEA"; break;
+case SSL3_ST_CR_KEY_EXCH_B: str="3RSKEB"; break;
+case SSL3_ST_CR_CERT_REQ_A: str="3RCR_A"; break;
+case SSL3_ST_CR_CERT_REQ_B: str="3RCR_B"; break;
+case SSL3_ST_CR_SRVR_DONE_A: str="3RSD_A"; break;
+case SSL3_ST_CR_SRVR_DONE_B: str="3RSD_B"; break;
+case SSL3_ST_CW_CERT_A: str="3WCC_A"; break;
+case SSL3_ST_CW_CERT_B: str="3WCC_B"; break;
+case SSL3_ST_CW_KEY_EXCH_A: str="3WCKEA"; break;
+case SSL3_ST_CW_KEY_EXCH_B: str="3WCKEB"; break;
+case SSL3_ST_CW_CERT_VRFY_A: str="3WCV_A"; break;
+case SSL3_ST_CW_CERT_VRFY_B: str="3WCV_B"; break;
+
+case SSL3_ST_SW_CHANGE_A:
+case SSL3_ST_CW_CHANGE_A: str="3WCCSA"; break;
+case SSL3_ST_SW_CHANGE_B:
+case SSL3_ST_CW_CHANGE_B: str="3WCCSB"; break;
+case SSL3_ST_SW_FINISHED_A:
+case SSL3_ST_CW_FINISHED_A: str="3WFINA"; break;
+case SSL3_ST_SW_FINISHED_B:
+case SSL3_ST_CW_FINISHED_B: str="3WFINB"; break;
+case SSL3_ST_SR_CHANGE_A:
+case SSL3_ST_CR_CHANGE_A: str="3RCCSA"; break;
+case SSL3_ST_SR_CHANGE_B:
+case SSL3_ST_CR_CHANGE_B: str="3RCCSB"; break;
+case SSL3_ST_SR_FINISHED_A:
+case SSL3_ST_CR_FINISHED_A: str="3RFINA"; break;
+case SSL3_ST_SR_FINISHED_B:
+case SSL3_ST_CR_FINISHED_B: str="3RFINB"; break;
+
+case SSL3_ST_SW_HELLO_REQ_A: str="3WHR_A"; break;
+case SSL3_ST_SW_HELLO_REQ_B: str="3WHR_B"; break;
+case SSL3_ST_SW_HELLO_REQ_C: str="3WHR_C"; break;
+case SSL3_ST_SR_CLNT_HELLO_A: str="3RCH_A"; break;
+case SSL3_ST_SR_CLNT_HELLO_B: str="3RCH_B"; break;
+case SSL3_ST_SR_CLNT_HELLO_C: str="3RCH_C"; break;
+case SSL3_ST_SW_SRVR_HELLO_A: str="3WSH_A"; break;
+case SSL3_ST_SW_SRVR_HELLO_B: str="3WSH_B"; break;
+case SSL3_ST_SW_CERT_A: str="3WSC_A"; break;
+case SSL3_ST_SW_CERT_B: str="3WSC_B"; break;
+case SSL3_ST_SW_KEY_EXCH_A: str="3WSKEA"; break;
+case SSL3_ST_SW_KEY_EXCH_B: str="3WSKEB"; break;
+case SSL3_ST_SW_CERT_REQ_A: str="3WCR_A"; break;
+case SSL3_ST_SW_CERT_REQ_B: str="3WCR_B"; break;
+case SSL3_ST_SW_SRVR_DONE_A: str="3WSD_A"; break;
+case SSL3_ST_SW_SRVR_DONE_B: str="3WSD_B"; break;
+case SSL3_ST_SR_CERT_A: str="3RCC_A"; break;
+case SSL3_ST_SR_CERT_B: str="3RCC_B"; break;
+case SSL3_ST_SR_KEY_EXCH_A: str="3RCKEA"; break;
+case SSL3_ST_SR_KEY_EXCH_B: str="3RCKEB"; break;
+case SSL3_ST_SR_CERT_VRFY_A: str="3RCV_A"; break;
+case SSL3_ST_SR_CERT_VRFY_B: str="3RCV_B"; break;
+#endif
+
+#if !defined(NO_SSL2) && !defined(NO_SSL3)
+/* SSLv2/v3 compatablitity states */
+/* client */
+case SSL23_ST_CW_CLNT_HELLO_A: str="23WCHA"; break;
+case SSL23_ST_CW_CLNT_HELLO_B: str="23WCHB"; break;
+case SSL23_ST_CR_SRVR_HELLO_A: str="23RSHA"; break;
+case SSL23_ST_CR_SRVR_HELLO_B: str="23RSHA"; break;
+/* server */
+case SSL23_ST_SR_CLNT_HELLO_A: str="23RCHA"; break;
+case SSL23_ST_SR_CLNT_HELLO_B: str="23RCHB"; break;
+#endif
+
+default: str="UNKWN "; break;
+ }
+ return(str);
+ }
+
+char *SSL_alert_type_string_long(value)
+int value;
+ {
+ value>>=8;
+ if (value == SSL3_AL_WARNING)
+ return("warning");
+ else if (value == SSL3_AL_FATAL)
+ return("fatal");
+ else
+ return("unknown");
+ }
+
+char *SSL_alert_type_string(value)
+int value;
+ {
+ value>>=8;
+ if (value == SSL3_AL_WARNING)
+ return("W");
+ else if (value == SSL3_AL_FATAL)
+ return("F");
+ else
+ return("U");
+ }
+
+char *SSL_alert_desc_string(value)
+int value;
+ {
+ char *str;
+
+ switch (value & 0xff)
+ {
+ case SSL3_AD_CLOSE_NOTIFY: str="CN"; break;
+ case SSL3_AD_UNEXPECTED_MESSAGE: str="UM"; break;
+ case SSL3_AD_BAD_RECORD_MAC: str="BM"; break;
+ case SSL3_AD_DECOMPRESSION_FAILURE: str="DF"; break;
+ case SSL3_AD_HANDSHAKE_FAILURE: str="HF"; break;
+ case SSL3_AD_NO_CERTIFICATE: str="NC"; break;
+ case SSL3_AD_BAD_CERTIFICATE: str="BC"; break;
+ case SSL3_AD_UNSUPPORTED_CERTIFICATE: str="UC"; break;
+ case SSL3_AD_CERTIFICATE_REVOKED: str="CR"; break;
+ case SSL3_AD_CERTIFICATE_EXPIRED: str="CE"; break;
+ case SSL3_AD_CERTIFICATE_UNKNOWN: str="CU"; break;
+ case SSL3_AD_ILLEGAL_PARAMETER: str="IP"; break;
+ default: str="UK"; break;
+ }
+ return(str);
+ }
+
+char *SSL_alert_desc_string_long(value)
+int value;
+ {
+ char *str;
+
+ switch (value & 0xff)
+ {
+ case SSL3_AD_CLOSE_NOTIFY:
+ str="close notify";
+ break;
+ case SSL3_AD_UNEXPECTED_MESSAGE:
+ str="unexected_message";
+ break;
+ case SSL3_AD_BAD_RECORD_MAC:
+ str="bad record mac";
+ break;
+ case SSL3_AD_DECOMPRESSION_FAILURE:
+ str="decompression failure";
+ break;
+ case SSL3_AD_HANDSHAKE_FAILURE:
+ str="handshake failure";
+ break;
+ case SSL3_AD_NO_CERTIFICATE:
+ str="no certificate";
+ break;
+ case SSL3_AD_BAD_CERTIFICATE:
+ str="bad certificate";
+ break;
+ case SSL3_AD_UNSUPPORTED_CERTIFICATE:
+ str="unsupported certificate";
+ break;
+ case SSL3_AD_CERTIFICATE_REVOKED:
+ str="certificate revoked";
+ break;
+ case SSL3_AD_CERTIFICATE_EXPIRED:
+ str="certificate expired";
+ break;
+ case SSL3_AD_CERTIFICATE_UNKNOWN:
+ str="certifcate unknown";
+ break;
+ case SSL3_AD_ILLEGAL_PARAMETER:
+ str="illegal parameter";
+ break;
+ default: str="unknown"; break;
+ }
+ return(str);
+ }
+
+char *SSL_rstate_string(s)
+SSL *s;
+ {
+ char *str;
+
+ switch (s->rstate)
+ {
+ case SSL_ST_READ_HEADER:str="RH"; break;
+ case SSL_ST_READ_BODY: str="RB"; break;
+ case SSL_ST_READ_DONE: str="RD"; break;
+ default: str="unknown"; break;
+ }
+ return(str);
+ }
diff --git a/src/lib/libssl/src/ssl/ssl_task.c b/src/lib/libssl/src/ssl/ssl_task.c
new file mode 100644
index 0000000000..ab72166665
--- /dev/null
+++ b/src/lib/libssl/src/ssl/ssl_task.c
@@ -0,0 +1,359 @@
+/* ssl/ssl_task.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* VMS */
+/*
+ * DECnet object for servicing SSL. We accept the inbound and speak a
+ * simple protocol for multiplexing the 2 data streams (application and
+ * ssl data) over this logical link.
+ *
+ * Logical names:
+ * SSL_CIPHER Defines a list of cipher specifications the server
+ * will support in order of preference.
+ * SSL_SERVER_CERTIFICATE
+ * Points to PEM (privacy enhanced mail) file that
+ * contains the server certificate and private password.
+ * SYS$NET Logical created by netserver.exe as hook for completing
+ * DECnet logical link.
+ *
+ * Each NSP message sent over the DECnet link has the following structure:
+ * struct rpc_msg {
+ * char channel;
+ * char function;
+ * short length;
+ * char data[MAX_DATA];
+ * } msg;
+ *
+ * The channel field designates the virtual data stream this message applies
+ * to and is one of:
+ * A - Application data (payload).
+ * R - Remote client connection that initiated the SSL connection. Encrypted
+ * data is sent over this connection.
+ * G - General data, reserved for future use.
+ *
+ * The data streams are half-duplex read/write and have following functions:
+ * G - Get, requests that up to msg.length bytes of data be returned. The
+ * data is returned in the next 'C' function response that matches the
+ * requesting channel.
+ * P - Put, requests that the first msg.length bytes of msg.data be appended
+ * to the designated stream.
+ * C - Confirms a get or put. Every get and put will get a confirm response,
+ * you cannot initiate another function on a channel until the previous
+ * operation has been confirmed.
+ *
+ * The 2 channels may interleave their operations, for example:
+ * Server msg Client msg
+ * A, Get, 4092 ---->
+ * <---- R, get, 4092
+ * R, Confirm, {hello} ---->
+ * <---- R, put, {srv hello}
+ * R, Confirm, 0 ---->
+ * . (SSL handshake completed)
+ * . (read first app data).
+ * <---- A, confirm, {http data}
+ * A, Put, {http data} ---->
+ * <---- A, confirm, 0
+ *
+ * The length field is not permitted to be larger that 4092 bytes.
+ *
+ * Author: Dave Jones
+ * Date: 22-JUL-1996
+ */
+#include <stdlib.h>
+#include <stdio.h>
+#include <iodef.h> /* VMS IO$_ definitions */
+#include <descrip.h> /* VMS string descriptors */
+extern int SYS$QIOW(), SYS$ASSIGN();
+int LIB$INIT_TIMER(), LIB$SHOW_TIMER();
+
+#include <string.h> /* from ssltest.c */
+#include <errno.h>
+#include "buffer.h"
+#include "../e_os.h"
+#include "x509.h"
+#include "ssl.h"
+#include "err.h"
+
+int MS_CALLBACK verify_callback(int ok, X509 *xs, X509 *xi, int depth,
+ int error);
+BIO *bio_err=NULL;
+BIO *bio_stdout=NULL;
+BIO_METHOD *BIO_s_rtcp();
+
+static char *cipher=NULL;
+int verbose=1;
+#ifdef FIONBIO
+static int s_nbio=0;
+#endif
+#define TEST_SERVER_CERT "SSL_SERVER_CERTIFICATE"
+/*************************************************************************/
+struct rpc_msg { /* Should have member alignment inhibited */
+ char channel; /* 'A'-app data. 'R'-remote client 'G'-global */
+ char function; /* 'G'-get, 'P'-put, 'C'-confirm, 'X'-close */
+ unsigned short int length; /* Amount of data returned or max to return */
+ char data[4092]; /* variable data */
+};
+#define RPC_HDR_SIZE (sizeof(struct rpc_msg) - 4092)
+
+static $DESCRIPTOR(sysnet, "SYS$NET");
+typedef unsigned short io_channel;
+
+struct io_status {
+ unsigned short status;
+ unsigned short count;
+ unsigned long stsval;
+};
+int doit(io_channel chan, SSL_CTX *s_ctx );
+/*****************************************************************************/
+/* Decnet I/O routines.
+ */
+static int get ( io_channel chan, char *buffer, int maxlen, int *length )
+{
+ int status;
+ struct io_status iosb;
+ status = SYS$QIOW ( 0, chan, IO$_READVBLK, &iosb, 0, 0,
+ buffer, maxlen, 0, 0, 0, 0 );
+ if ( (status&1) == 1 ) status = iosb.status;
+ if ( (status&1) == 1 ) *length = iosb.count;
+ return status;
+}
+
+static int put ( io_channel chan, char *buffer, int length )
+{
+ int status;
+ struct io_status iosb;
+ status = SYS$QIOW ( 0, chan, IO$_WRITEVBLK, &iosb, 0, 0,
+ buffer, length, 0, 0, 0, 0 );
+ if ( (status&1) == 1 ) status = iosb.status;
+ return status;
+}
+/***************************************************************************/
+/* Handle operations on the 'G' channel.
+ */
+static int general_request ( io_channel chan, struct rpc_msg *msg, int length )
+{
+ return 48;
+}
+/***************************************************************************/
+int main ( int argc, char **argv )
+{
+ int status, length;
+ io_channel chan;
+ struct rpc_msg msg;
+
+ char *CApath=NULL,*CAfile=NULL;
+ int badop=0;
+ int ret=1;
+ int client_auth=0;
+ int server_auth=0;
+ SSL_CTX *s_ctx=NULL;
+ /*
+ * Confirm logical link with initiating client.
+ */
+ LIB$INIT_TIMER();
+ status = SYS$ASSIGN ( &sysnet, &chan, 0, 0, 0 );
+ printf("status of assign to SYS$NET: %d\n", status );
+ /*
+ * Initialize standard out and error files.
+ */
+ if (bio_err == NULL)
+ if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+ if (bio_stdout == NULL)
+ if ((bio_stdout=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_stdout,stdout,BIO_NOCLOSE);
+ /*
+ * get the preferred cipher list and other initialization
+ */
+ if (cipher == NULL) cipher=getenv("SSL_CIPHER");
+ printf("cipher list: %s\n", cipher ? cipher : "{undefined}" );
+
+ SSL_load_error_strings();
+
+ s_ctx=SSL_CTX_new(SSLv2());
+
+ if (s_ctx == NULL) goto end;
+
+ SSL_CTX_use_certificate_file(s_ctx,TEST_SERVER_CERT,SSL_FILETYPE_PEM);
+ SSL_CTX_use_RSAPrivateKey_file(s_ctx,TEST_SERVER_CERT,SSL_FILETYPE_PEM);
+ printf("Loaded server certificate: '%s'\n", TEST_SERVER_CERT );
+
+ /*
+ * Take commands from client until bad status.
+ */
+ LIB$SHOW_TIMER();
+ status = doit ( chan, s_ctx );
+ LIB$SHOW_TIMER();
+ /*
+ * do final cleanup and exit.
+ */
+end:
+ if (s_ctx != NULL) SSL_CTX_free(s_ctx);
+ LIB$SHOW_TIMER();
+ return 1;
+}
+
+int doit(io_channel chan, SSL_CTX *s_ctx )
+{
+ int status, length, link_state;
+ struct rpc_msg msg;
+ static char cbuf[200],sbuf[200];
+ SSL *s_ssl=NULL;
+ BIO *c_to_s=NULL;
+ BIO *s_to_c=NULL;
+ BIO *c_bio=NULL;
+ BIO *s_bio=NULL;
+ int i;
+ int done=0;
+
+ s_ssl=SSL_new(s_ctx);
+ if (s_ssl == NULL) goto err;
+
+ c_to_s=BIO_new(BIO_s_rtcp());
+ s_to_c=BIO_new(BIO_s_rtcp());
+ if ((s_to_c == NULL) || (c_to_s == NULL)) goto err;
+ BIO_set_fd ( c_to_s, "", chan );
+ BIO_set_fd ( s_to_c, "", chan );
+
+ c_bio=BIO_new(BIO_f_ssl());
+ s_bio=BIO_new(BIO_f_ssl());
+ if ((c_bio == NULL) || (s_bio == NULL)) goto err;
+
+ SSL_set_accept_state(s_ssl);
+ SSL_set_bio(s_ssl,c_to_s,s_to_c);
+ BIO_set_ssl(s_bio,s_ssl,BIO_CLOSE);
+
+ /* We can always do writes */
+ printf("Begin doit main loop\n");
+ /*
+ * Link states: 0-idle, 1-read pending, 2-write pending, 3-closed.
+ */
+ for (link_state = 0; link_state < 3; ) {
+ /*
+ * Wait for remote end to request data action on A channel.
+ */
+ while ( link_state == 0 ) {
+ status = get ( chan, (char *) &msg, sizeof(msg), &length );
+ if ( (status&1) == 0 ) {
+ printf("Error in main loop get: %d\n", status );
+ link_state = 3;
+ break;
+ }
+ if ( length < RPC_HDR_SIZE ) {
+ printf("Error in main loop get size: %d\n", length );
+ break;
+ link_state = 3;
+ }
+ if ( msg.channel != 'A' ) {
+ printf("Error in main loop, unexpected channel: %c\n",
+ msg.channel );
+ break;
+ link_state = 3;
+ }
+ if ( msg.function == 'G' ) {
+ link_state = 1;
+ } else if ( msg.function == 'P' ) {
+ link_state = 2; /* write pending */
+ } else if ( msg.function == 'X' ) {
+ link_state = 3;
+ } else {
+ link_state = 3;
+ }
+ }
+ if ( link_state == 1 ) {
+ i = BIO_read ( s_bio, msg.data, msg.length );
+ if ( i < 0 ) link_state = 3;
+ else {
+ msg.channel = 'A';
+ msg.function = 'C'; /* confirm */
+ msg.length = i;
+ status = put ( chan, (char *) &msg, i+RPC_HDR_SIZE );
+ if ( (status&1) == 0 ) break;
+ link_state = 0;
+ }
+ } else if ( link_state == 2 ) {
+ i = BIO_write ( s_bio, msg.data, msg.length );
+ if ( i < 0 ) link_state = 3;
+ else {
+ msg.channel = 'A';
+ msg.function = 'C'; /* confirm */
+ msg.length = 0;
+ status = put ( chan, (char *) &msg, RPC_HDR_SIZE );
+ if ( (status&1) == 0 ) break;
+ link_state = 0;
+ }
+ }
+ }
+ fprintf(stdout,"DONE\n");
+err:
+ /* We have to set the BIO's to NULL otherwise they will be
+ * free()ed twice. Once when th s_ssl is SSL_free()ed and
+ * again when c_ssl is SSL_free()ed.
+ * This is a hack required because s_ssl and c_ssl are sharing the same
+ * BIO structure and SSL_set_bio() and SSL_free() automatically
+ * BIO_free non NULL entries.
+ * You should not normally do this or be required to do this */
+ s_ssl->rbio=NULL;
+ s_ssl->wbio=NULL;
+
+ if (c_to_s != NULL) BIO_free(c_to_s);
+ if (s_to_c != NULL) BIO_free(s_to_c);
+ if (c_bio != NULL) BIO_free(c_bio);
+ if (s_bio != NULL) BIO_free(s_bio);
+ return(0);
+}
diff --git a/src/lib/libssl/src/ssl/ssl_txt.c b/src/lib/libssl/src/ssl/ssl_txt.c
new file mode 100644
index 0000000000..ce60e1a6dd
--- /dev/null
+++ b/src/lib/libssl/src/ssl/ssl_txt.c
@@ -0,0 +1,152 @@
+/* ssl/ssl_txt.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "buffer.h"
+#include "ssl_locl.h"
+
+#ifndef NO_FP_API
+int SSL_SESSION_print_fp(fp, x)
+FILE *fp;
+SSL_SESSION *x;
+ {
+ BIO *b;
+ int ret;
+
+ if ((b=BIO_new(BIO_s_file_internal())) == NULL)
+ {
+ SSLerr(SSL_F_SSL_SESSION_PRINT_FP,ERR_R_BUF_LIB);
+ return(0);
+ }
+ BIO_set_fp(b,fp,BIO_NOCLOSE);
+ ret=SSL_SESSION_print(b,x);
+ BIO_free(b);
+ return(ret);
+ }
+#endif
+
+int SSL_SESSION_print(bp,x)
+BIO *bp;
+SSL_SESSION *x;
+ {
+ int i;
+ char str[128],*s;
+
+ if (x == NULL) goto err;
+ if (BIO_puts(bp,"SSL-Session:\n") <= 0) goto err;
+ if (x->ssl_version == SSL2_VERSION)
+ s="SSLv2";
+ else if (x->ssl_version == SSL3_VERSION)
+ s="SSLv3";
+ else if (x->ssl_version == TLS1_VERSION)
+ s="TLSv1";
+ else
+ s="unknown";
+ sprintf(str," Protocol : %s\n",s);
+ if (BIO_puts(bp,str) <= 0) goto err;
+
+ if (x->cipher == NULL)
+ {
+ if (((x->cipher_id) & 0xff000000) == 0x02000000)
+ sprintf(str," Cipher : %06lX\n",x->cipher_id&0xffffff);
+ else
+ sprintf(str," Cipher : %04lX\n",x->cipher_id&0xffff);
+ }
+ else
+ sprintf(str," Cipher : %s\n",(x->cipher == NULL)?"unknown":x->cipher->name);
+ if (BIO_puts(bp,str) <= 0) goto err;
+ if (BIO_puts(bp," Session-ID: ") <= 0) goto err;
+ for (i=0; i<(int)x->session_id_length; i++)
+ {
+ sprintf(str,"%02X",x->session_id[i]);
+ if (BIO_puts(bp,str) <= 0) goto err;
+ }
+ if (BIO_puts(bp,"\n Master-Key: ") <= 0) goto err;
+ for (i=0; i<(int)x->master_key_length; i++)
+ {
+ sprintf(str,"%02X",x->master_key[i]);
+ if (BIO_puts(bp,str) <= 0) goto err;
+ }
+ if (BIO_puts(bp,"\n Key-Arg : ") <= 0) goto err;
+ if (x->key_arg_length == 0)
+ {
+ if (BIO_puts(bp,"None") <= 0) goto err;
+ }
+ else
+ for (i=0; i<(int)x->key_arg_length; i++)
+ {
+ sprintf(str,"%02X",x->key_arg[i]);
+ if (BIO_puts(bp,str) <= 0) goto err;
+ }
+ if (x->time != 0L)
+ {
+ sprintf(str,"\n Start Time: %ld",x->time);
+ if (BIO_puts(bp,str) <= 0) goto err;
+ }
+ if (x->timeout != 0L)
+ {
+ sprintf(str,"\n Timeout : %ld (sec)",x->timeout);
+ if (BIO_puts(bp,str) <= 0) goto err;
+ }
+ if (BIO_puts(bp,"\n") <= 0) goto err;
+
+ return(1);
+err:
+ return(0);
+ }
+
diff --git a/src/lib/libssl/src/ssl/ssltest.c b/src/lib/libssl/src/ssl/ssltest.c
new file mode 100644
index 0000000000..f9dca4e3ef
--- /dev/null
+++ b/src/lib/libssl/src/ssl/ssltest.c
@@ -0,0 +1,751 @@
+/* ssl/ssltest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#include "e_os.h"
+#include "bio.h"
+#include "crypto.h"
+#include "x509.h"
+#include "ssl.h"
+#include "err.h"
+#ifdef WINDOWS
+#include "../crypto/bio/bss_file.c"
+#endif
+
+#define TEST_SERVER_CERT "../apps/server.pem"
+#define TEST_CLIENT_CERT "../apps/client.pem"
+
+#ifndef NOPROTO
+int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
+static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int export);
+#ifndef NO_DSA
+static DH *get_dh512(void);
+#endif
+#else
+int MS_CALLBACK verify_callback();
+static RSA MS_CALLBACK *tmp_rsa_cb();
+#ifndef NO_DSA
+static DH *get_dh512();
+#endif
+#endif
+
+BIO *bio_err=NULL;
+BIO *bio_stdout=NULL;
+
+static char *cipher=NULL;
+int verbose=0;
+int debug=0;
+#ifdef FIONBIO
+static int s_nbio=0;
+#endif
+
+
+#ifndef NOPROTO
+int doit(SSL *s_ssl,SSL *c_ssl,long bytes);
+#else
+int doit();
+#endif
+
+static void sv_usage()
+ {
+ fprintf(stderr,"usage: ssltest [args ...]\n");
+ fprintf(stderr,"\n");
+ fprintf(stderr," -server_auth - check server certificate\n");
+ fprintf(stderr," -client_auth - do client authentication\n");
+ fprintf(stderr," -v - more output\n");
+ fprintf(stderr," -d - debug output\n");
+ fprintf(stderr," -reuse - use session-id reuse\n");
+ fprintf(stderr," -num <val> - number of connections to perform\n");
+ fprintf(stderr," -bytes <val> - number of bytes to swap between client/server\n");
+#ifndef NO_SSL2
+ fprintf(stderr," -ssl2 - use SSLv2\n");
+#endif
+#ifndef NO_SSL3
+ fprintf(stderr," -ssl3 - use SSLv3\n");
+#endif
+#ifndef NO_TLS1
+ fprintf(stderr," -tls1 - use TLSv1\n");
+#endif
+ fprintf(stderr," -CApath arg - PEM format directory of CA's\n");
+ fprintf(stderr," -CAfile arg - PEM format file of CA's\n");
+ fprintf(stderr," -cert arg - Certificate file\n");
+ fprintf(stderr," -s_cert arg - Just the server certificate file\n");
+ fprintf(stderr," -c_cert arg - Just the client certificate file\n");
+ fprintf(stderr," -cipher arg - The cipher list\n");
+ }
+
+int main(argc, argv)
+int argc;
+char *argv[];
+ {
+ char *CApath=NULL,*CAfile=NULL;
+ int badop=0;
+ int tls1=0,ssl2=0,ssl3=0,ret=1;
+ int client_auth=0;
+ int server_auth=0,i;
+ char *server_cert=TEST_SERVER_CERT;
+ char *client_cert=TEST_CLIENT_CERT;
+ SSL_CTX *s_ctx=NULL;
+ SSL_CTX *c_ctx=NULL;
+ SSL_METHOD *meth=NULL;
+ SSL *c_ssl,*s_ssl;
+ int number=1,reuse=0;
+ long bytes=1L;
+ SSL_CIPHER *ciph;
+#ifndef NO_DH
+ DH *dh;
+#endif
+
+ bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
+ bio_stdout=BIO_new_fp(stdout,BIO_NOCLOSE);
+
+ CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+
+ argc--;
+ argv++;
+
+ while (argc >= 1)
+ {
+ if (strcmp(*argv,"-server_auth") == 0)
+ server_auth=1;
+ else if (strcmp(*argv,"-client_auth") == 0)
+ client_auth=1;
+ else if (strcmp(*argv,"-v") == 0)
+ verbose=1;
+ else if (strcmp(*argv,"-d") == 0)
+ debug=1;
+ else if (strcmp(*argv,"-reuse") == 0)
+ reuse=1;
+ else if (strcmp(*argv,"-ssl2") == 0)
+ ssl2=1;
+ else if (strcmp(*argv,"-tls1") == 0)
+ tls1=1;
+ else if (strcmp(*argv,"-ssl3") == 0)
+ ssl3=1;
+ else if (strncmp(*argv,"-num",4) == 0)
+ {
+ if (--argc < 1) goto bad;
+ number= atoi(*(++argv));
+ if (number == 0) number=1;
+ }
+ else if (strcmp(*argv,"-bytes") == 0)
+ {
+ if (--argc < 1) goto bad;
+ bytes= atol(*(++argv));
+ if (bytes == 0L) bytes=1L;
+ i=strlen(argv[0]);
+ if (argv[0][i-1] == 'k') bytes*=1024L;
+ if (argv[0][i-1] == 'm') bytes*=1024L*1024L;
+ }
+ else if (strcmp(*argv,"-cert") == 0)
+ {
+ if (--argc < 1) goto bad;
+ server_cert= *(++argv);
+ }
+ else if (strcmp(*argv,"-s_cert") == 0)
+ {
+ if (--argc < 1) goto bad;
+ server_cert= *(++argv);
+ }
+ else if (strcmp(*argv,"-c_cert") == 0)
+ {
+ if (--argc < 1) goto bad;
+ client_cert= *(++argv);
+ }
+ else if (strcmp(*argv,"-cipher") == 0)
+ {
+ if (--argc < 1) goto bad;
+ cipher= *(++argv);
+ }
+ else if (strcmp(*argv,"-CApath") == 0)
+ {
+ if (--argc < 1) goto bad;
+ CApath= *(++argv);
+ }
+ else if (strcmp(*argv,"-CAfile") == 0)
+ {
+ if (--argc < 1) goto bad;
+ CAfile= *(++argv);
+ }
+ else
+ {
+ fprintf(stderr,"unknown option %s\n",*argv);
+ badop=1;
+ break;
+ }
+ argc--;
+ argv++;
+ }
+ if (badop)
+ {
+bad:
+ sv_usage();
+ goto end;
+ }
+
+/* if (cipher == NULL) cipher=getenv("SSL_CIPHER"); */
+
+ SSLeay_add_ssl_algorithms();
+ SSL_load_error_strings();
+
+#if !defined(NO_SSL2) && !defined(NO_SSL3)
+ if (ssl2)
+ meth=SSLv2_method();
+ else
+ if (tls1)
+ meth=TLSv1_method();
+ else
+ if (ssl3)
+ meth=SSLv3_method();
+ else
+ meth=SSLv23_method();
+#else
+#ifdef NO_SSL2
+ meth=SSLv3_method();
+#else
+ meth=SSLv2_method();
+#endif
+#endif
+
+ c_ctx=SSL_CTX_new(meth);
+ s_ctx=SSL_CTX_new(meth);
+ if ((c_ctx == NULL) || (s_ctx == NULL))
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (cipher != NULL)
+ {
+ SSL_CTX_set_cipher_list(c_ctx,cipher);
+ SSL_CTX_set_cipher_list(s_ctx,cipher);
+ }
+
+#ifndef NO_DH
+ dh=get_dh512();
+ SSL_CTX_set_tmp_dh(s_ctx,dh);
+ DH_free(dh);
+#endif
+
+#ifndef NO_RSA
+ SSL_CTX_set_tmp_rsa_callback(s_ctx,tmp_rsa_cb);
+#endif
+
+ if (!SSL_CTX_use_certificate_file(s_ctx,server_cert,SSL_FILETYPE_PEM))
+ {
+ ERR_print_errors(bio_err);
+ }
+ else if (!SSL_CTX_use_PrivateKey_file(s_ctx,server_cert,
+ SSL_FILETYPE_PEM))
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (client_auth)
+ {
+ SSL_CTX_use_certificate_file(c_ctx,client_cert,
+ SSL_FILETYPE_PEM);
+ SSL_CTX_use_PrivateKey_file(c_ctx,client_cert,
+ SSL_FILETYPE_PEM);
+ }
+
+ if ( (!SSL_CTX_load_verify_locations(s_ctx,CAfile,CApath)) ||
+ (!SSL_CTX_set_default_verify_paths(s_ctx)) ||
+ (!SSL_CTX_load_verify_locations(c_ctx,CAfile,CApath)) ||
+ (!SSL_CTX_set_default_verify_paths(c_ctx)))
+ {
+ /* fprintf(stderr,"SSL_load_verify_locations\n"); */
+ ERR_print_errors(bio_err);
+ /* goto end; */
+ }
+
+ if (client_auth)
+ {
+ fprintf(stderr,"client authentication\n");
+ SSL_CTX_set_verify(s_ctx,
+ SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
+ verify_callback);
+ }
+ if (server_auth)
+ {
+ fprintf(stderr,"server authentication\n");
+ SSL_CTX_set_verify(c_ctx,SSL_VERIFY_PEER,
+ verify_callback);
+ }
+
+ c_ssl=SSL_new(c_ctx);
+ s_ssl=SSL_new(s_ctx);
+
+ for (i=0; i<number; i++)
+ {
+ if (!reuse) SSL_set_session(c_ssl,NULL);
+ ret=doit(s_ssl,c_ssl,bytes);
+ }
+
+ if (!verbose)
+ {
+ ciph=SSL_get_current_cipher(c_ssl);
+ fprintf(stdout,"Protocol %s, cipher %s, %s\n",
+ SSL_get_version(c_ssl),
+ SSL_CIPHER_get_version(ciph),
+ SSL_CIPHER_get_name(ciph));
+ }
+ if ((number > 1) || (bytes > 1L))
+ printf("%d handshakes of %ld bytes done\n",number,bytes);
+
+ SSL_free(s_ssl);
+ SSL_free(c_ssl);
+
+end:
+ if (s_ctx != NULL) SSL_CTX_free(s_ctx);
+ if (c_ctx != NULL) SSL_CTX_free(c_ctx);
+
+ if (bio_stdout != NULL) BIO_free(bio_stdout);
+
+ ERR_remove_state(0);
+ EVP_cleanup();
+ CRYPTO_mem_leaks(bio_err);
+ EXIT(ret);
+ }
+
+#define W_READ 1
+#define W_WRITE 2
+#define C_DONE 1
+#define S_DONE 2
+
+int doit(s_ssl,c_ssl,count)
+SSL *s_ssl,*c_ssl;
+long count;
+ {
+ MS_STATIC char cbuf[1024*8],sbuf[1024*8];
+ long cw_num=count,cr_num=count;
+ long sw_num=count,sr_num=count;
+ int ret=1;
+ BIO *c_to_s=NULL;
+ BIO *s_to_c=NULL;
+ BIO *c_bio=NULL;
+ BIO *s_bio=NULL;
+ int c_r,c_w,s_r,s_w;
+ int c_want,s_want;
+ int i,j;
+ int done=0;
+ int c_write,s_write;
+ int do_server=0,do_client=0;
+ SSL_CIPHER *ciph;
+
+ c_to_s=BIO_new(BIO_s_mem());
+ s_to_c=BIO_new(BIO_s_mem());
+ if ((s_to_c == NULL) || (c_to_s == NULL))
+ {
+ ERR_print_errors(bio_err);
+ goto err;
+ }
+
+ c_bio=BIO_new(BIO_f_ssl());
+ s_bio=BIO_new(BIO_f_ssl());
+ if ((c_bio == NULL) || (s_bio == NULL))
+ {
+ ERR_print_errors(bio_err);
+ goto err;
+ }
+
+ SSL_set_connect_state(c_ssl);
+ SSL_set_bio(c_ssl,s_to_c,c_to_s);
+ BIO_set_ssl(c_bio,c_ssl,BIO_NOCLOSE);
+
+ SSL_set_accept_state(s_ssl);
+ SSL_set_bio(s_ssl,c_to_s,s_to_c);
+ BIO_set_ssl(s_bio,s_ssl,BIO_NOCLOSE);
+
+ c_r=0; s_r=1;
+ c_w=1; s_w=0;
+ c_want=W_WRITE;
+ s_want=0;
+ c_write=1,s_write=0;
+
+ /* We can always do writes */
+ for (;;)
+ {
+ do_server=0;
+ do_client=0;
+
+ i=(int)BIO_pending(s_bio);
+ if ((i && s_r) || s_w) do_server=1;
+
+ i=(int)BIO_pending(c_bio);
+ if ((i && c_r) || c_w) do_client=1;
+
+ if (do_server && debug)
+ {
+ if (SSL_in_init(s_ssl))
+ printf("server waiting in SSL_accept - %s\n",
+ SSL_state_string_long(s_ssl));
+/* else if (s_write)
+ printf("server:SSL_write()\n");
+ else
+ printf("server:SSL_read()\n"); */
+ }
+
+ if (do_client && debug)
+ {
+ if (SSL_in_init(c_ssl))
+ printf("client waiting in SSL_connect - %s\n",
+ SSL_state_string_long(c_ssl));
+/* else if (c_write)
+ printf("client:SSL_write()\n");
+ else
+ printf("client:SSL_read()\n"); */
+ }
+
+ if (!do_client && !do_server)
+ {
+ fprintf(stdout,"ERROR IN STARTUP\n");
+ ERR_print_errors(bio_err);
+ break;
+ }
+ if (do_client && !(done & C_DONE))
+ {
+ if (c_write)
+ {
+ j=(cw_num > (long)sizeof(cbuf))
+ ?sizeof(cbuf):(int)cw_num;
+ i=BIO_write(c_bio,cbuf,j);
+ if (i < 0)
+ {
+ c_r=0;
+ c_w=0;
+ if (BIO_should_retry(c_bio))
+ {
+ if (BIO_should_read(c_bio))
+ c_r=1;
+ if (BIO_should_write(c_bio))
+ c_w=1;
+ }
+ else
+ {
+ fprintf(stderr,"ERROR in CLIENT\n");
+ ERR_print_errors(bio_err);
+ goto err;
+ }
+ }
+ else if (i == 0)
+ {
+ fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
+ goto err;
+ }
+ else
+ {
+ if (debug)
+ printf("client wrote %d\n",i);
+ /* ok */
+ s_r=1;
+ c_write=0;
+ cw_num-=i;
+ }
+ }
+ else
+ {
+ i=BIO_read(c_bio,cbuf,sizeof(cbuf));
+ if (i < 0)
+ {
+ c_r=0;
+ c_w=0;
+ if (BIO_should_retry(c_bio))
+ {
+ if (BIO_should_read(c_bio))
+ c_r=1;
+ if (BIO_should_write(c_bio))
+ c_w=1;
+ }
+ else
+ {
+ fprintf(stderr,"ERROR in CLIENT\n");
+ ERR_print_errors(bio_err);
+ goto err;
+ }
+ }
+ else if (i == 0)
+ {
+ fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
+ goto err;
+ }
+ else
+ {
+ if (debug)
+ printf("client read %d\n",i);
+ cr_num-=i;
+ if (sw_num > 0)
+ {
+ s_write=1;
+ s_w=1;
+ }
+ if (cr_num <= 0)
+ {
+ s_write=1;
+ s_w=1;
+ done=S_DONE|C_DONE;
+ }
+ }
+ }
+ }
+
+ if (do_server && !(done & S_DONE))
+ {
+ if (!s_write)
+ {
+ i=BIO_read(s_bio,sbuf,sizeof(cbuf));
+ if (i < 0)
+ {
+ s_r=0;
+ s_w=0;
+ if (BIO_should_retry(s_bio))
+ {
+ if (BIO_should_read(s_bio))
+ s_r=1;
+ if (BIO_should_write(s_bio))
+ s_w=1;
+ }
+ else
+ {
+ fprintf(stderr,"ERROR in SERVER\n");
+ ERR_print_errors(bio_err);
+ goto err;
+ }
+ }
+ else if (i == 0)
+ {
+ ERR_print_errors(bio_err);
+ fprintf(stderr,"SSL SERVER STARTUP FAILED in SSL_read\n");
+ goto err;
+ }
+ else
+ {
+ if (debug)
+ printf("server read %d\n",i);
+ sr_num-=i;
+ if (cw_num > 0)
+ {
+ c_write=1;
+ c_w=1;
+ }
+ if (sr_num <= 0)
+ {
+ s_write=1;
+ s_w=1;
+ c_write=0;
+ }
+ }
+ }
+ else
+ {
+ j=(sw_num > (long)sizeof(sbuf))?
+ sizeof(sbuf):(int)sw_num;
+ i=BIO_write(s_bio,sbuf,j);
+ if (i < 0)
+ {
+ s_r=0;
+ s_w=0;
+ if (BIO_should_retry(s_bio))
+ {
+ if (BIO_should_read(s_bio))
+ s_r=1;
+ if (BIO_should_write(s_bio))
+ s_w=1;
+ }
+ else
+ {
+ fprintf(stderr,"ERROR in SERVER\n");
+ ERR_print_errors(bio_err);
+ goto err;
+ }
+ }
+ else if (i == 0)
+ {
+ ERR_print_errors(bio_err);
+ fprintf(stderr,"SSL SERVER STARTUP FAILED in SSL_write\n");
+ goto err;
+ }
+ else
+ {
+ if (debug)
+ printf("server wrote %d\n",i);
+ sw_num-=i;
+ s_write=0;
+ c_r=1;
+ if (sw_num <= 0)
+ done|=S_DONE;
+ }
+ }
+ }
+
+ if ((done & S_DONE) && (done & C_DONE)) break;
+ }
+
+ ciph=SSL_get_current_cipher(c_ssl);
+ if (verbose)
+ fprintf(stdout,"DONE, protocol %s, cipher %s, %s\n",
+ SSL_get_version(c_ssl),
+ SSL_CIPHER_get_version(ciph),
+ SSL_CIPHER_get_name(ciph));
+ ret=0;
+err:
+ /* We have to set the BIO's to NULL otherwise they will be
+ * Free()ed twice. Once when th s_ssl is SSL_free()ed and
+ * again when c_ssl is SSL_free()ed.
+ * This is a hack required because s_ssl and c_ssl are sharing the same
+ * BIO structure and SSL_set_bio() and SSL_free() automatically
+ * BIO_free non NULL entries.
+ * You should not normally do this or be required to do this */
+ if (s_ssl != NULL)
+ {
+ s_ssl->rbio=NULL;
+ s_ssl->wbio=NULL;
+ }
+ if (c_ssl != NULL)
+ {
+ c_ssl->rbio=NULL;
+ c_ssl->wbio=NULL;
+ }
+
+ if (c_to_s != NULL) BIO_free(c_to_s);
+ if (s_to_c != NULL) BIO_free(s_to_c);
+ if (c_bio != NULL) BIO_free_all(c_bio);
+ if (s_bio != NULL) BIO_free_all(s_bio);
+ return(ret);
+ }
+
+int MS_CALLBACK verify_callback(ok, ctx)
+int ok;
+X509_STORE_CTX *ctx;
+ {
+ char *s,buf[256];
+
+ s=X509_NAME_oneline(X509_get_subject_name(ctx->current_cert),buf,256);
+ if (s != NULL)
+ {
+ if (ok)
+ fprintf(stderr,"depth=%d %s\n",ctx->error_depth,buf);
+ else
+ fprintf(stderr,"depth=%d error=%d %s\n",
+ ctx->error_depth,ctx->error,buf);
+ }
+
+ if (ok == 0)
+ {
+ switch (ctx->error)
+ {
+ case X509_V_ERR_CERT_NOT_YET_VALID:
+ case X509_V_ERR_CERT_HAS_EXPIRED:
+ case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
+ ok=1;
+ }
+ }
+
+ return(ok);
+ }
+
+#ifndef NO_DH
+static unsigned char dh512_p[]={
+ 0xDA,0x58,0x3C,0x16,0xD9,0x85,0x22,0x89,0xD0,0xE4,0xAF,0x75,
+ 0x6F,0x4C,0xCA,0x92,0xDD,0x4B,0xE5,0x33,0xB8,0x04,0xFB,0x0F,
+ 0xED,0x94,0xEF,0x9C,0x8A,0x44,0x03,0xED,0x57,0x46,0x50,0xD3,
+ 0x69,0x99,0xDB,0x29,0xD7,0x76,0x27,0x6B,0xA2,0xD3,0xD4,0x12,
+ 0xE2,0x18,0xF4,0xDD,0x1E,0x08,0x4C,0xF6,0xD8,0x00,0x3E,0x7C,
+ 0x47,0x74,0xE8,0x33,
+ };
+static unsigned char dh512_g[]={
+ 0x02,
+ };
+
+static DH *get_dh512()
+ {
+ DH *dh=NULL;
+
+ if ((dh=DH_new()) == NULL) return(NULL);
+ dh->p=BN_bin2bn(dh512_p,sizeof(dh512_p),NULL);
+ dh->g=BN_bin2bn(dh512_g,sizeof(dh512_g),NULL);
+ if ((dh->p == NULL) || (dh->g == NULL))
+ return(NULL);
+ return(dh);
+ }
+#endif
+
+static RSA MS_CALLBACK *tmp_rsa_cb(s,export)
+SSL *s;
+int export;
+ {
+ static RSA *rsa_tmp=NULL;
+
+ if (rsa_tmp == NULL)
+ {
+ BIO_printf(bio_err,"Generating temp (512 bit) RSA key...");
+ BIO_flush(bio_err);
+#ifndef NO_RSA
+ rsa_tmp=RSA_generate_key(512,RSA_F4,NULL,NULL);
+#endif
+ BIO_printf(bio_err,"\n");
+ BIO_flush(bio_err);
+ }
+ return(rsa_tmp);
+ }
+
+
diff --git a/src/lib/libssl/src/ssl/t1_clnt.c b/src/lib/libssl/src/ssl/t1_clnt.c
new file mode 100644
index 0000000000..986d2436e2
--- /dev/null
+++ b/src/lib/libssl/src/ssl/t1_clnt.c
@@ -0,0 +1,90 @@
+/* ssl/t1_clnt.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "buffer.h"
+#include "rand.h"
+#include "objects.h"
+#include "evp.h"
+#include "ssl_locl.h"
+
+static SSL_METHOD *tls1_get_client_method(ver)
+int ver;
+ {
+ if (ver == TLS1_VERSION)
+ return(TLSv1_client_method());
+ else
+ return(NULL);
+ }
+
+SSL_METHOD *TLSv1_client_method()
+ {
+ static int init=1;
+ static SSL_METHOD TLSv1_client_data;
+
+ if (init)
+ {
+ init=0;
+ memcpy((char *)&TLSv1_client_data,(char *)tlsv1_base_method(),
+ sizeof(SSL_METHOD));
+ TLSv1_client_data.ssl_connect=ssl3_connect;
+ TLSv1_client_data.get_ssl_method=tls1_get_client_method;
+ }
+ return(&TLSv1_client_data);
+ }
+
diff --git a/src/lib/libssl/src/ssl/t1_enc.c b/src/lib/libssl/src/ssl/t1_enc.c
new file mode 100644
index 0000000000..fbdd3bffb5
--- /dev/null
+++ b/src/lib/libssl/src/ssl/t1_enc.c
@@ -0,0 +1,635 @@
+/* ssl/t1_enc.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "evp.h"
+#include "hmac.h"
+#include "ssl_locl.h"
+
+static void tls1_P_hash(md,sec,sec_len,seed,seed_len,out,olen)
+EVP_MD *md;
+unsigned char *sec;
+int sec_len;
+unsigned char *seed;
+int seed_len;
+unsigned char *out;
+int olen;
+ {
+ int chunk,n;
+ unsigned int j;
+ HMAC_CTX ctx;
+ HMAC_CTX ctx_tmp;
+ unsigned char A1[HMAC_MAX_MD_CBLOCK];
+ unsigned int A1_len;
+
+ chunk=EVP_MD_size(md);
+
+ HMAC_Init(&ctx,sec,sec_len,md);
+ HMAC_Update(&ctx,seed,seed_len);
+ HMAC_Final(&ctx,A1,&A1_len);
+
+ n=0;
+ for (;;)
+ {
+ HMAC_Init(&ctx,NULL,0,NULL); /* re-init */
+ HMAC_Update(&ctx,A1,A1_len);
+ memcpy(&ctx_tmp,&ctx,sizeof(ctx)); /* Copy for A2 */ /* not needed for last one */
+ HMAC_Update(&ctx,seed,seed_len);
+
+ if (olen > chunk)
+ {
+ HMAC_Final(&ctx,out,&j);
+ out+=j;
+ olen-=j;
+ HMAC_Final(&ctx_tmp,A1,&A1_len); /* calc the next A1 value */
+ }
+ else /* last one */
+ {
+ HMAC_Final(&ctx,A1,&A1_len);
+ memcpy(out,A1,olen);
+ break;
+ }
+ }
+ HMAC_cleanup(&ctx);
+ HMAC_cleanup(&ctx_tmp);
+ memset(A1,0,sizeof(A1));
+ }
+
+static void tls1_PRF(md5,sha1,label,label_len,sec,slen,out1,out2,olen)
+EVP_MD *md5;
+EVP_MD *sha1;
+unsigned char *label;
+int label_len;
+unsigned char *sec;
+int slen;
+unsigned char *out1;
+unsigned char *out2;
+int olen;
+ {
+ int len,i;
+ unsigned char *S1,*S2;
+
+ len=slen/2;
+ S1=sec;
+ S2= &(sec[len]);
+ len+=(slen&1); /* add for odd, make longer */
+
+
+ tls1_P_hash(md5 ,S1,len,label,label_len,out1,olen);
+ tls1_P_hash(sha1,S2,len,label,label_len,out2,olen);
+
+ for (i=0; i<olen; i++)
+ out1[i]^=out2[i];
+ }
+
+static void tls1_generate_key_block(s,km,tmp,num)
+SSL *s;
+unsigned char *km,*tmp;
+int num;
+ {
+ unsigned char *p;
+ unsigned char buf[SSL3_RANDOM_SIZE*2+
+ TLS_MD_MAX_CONST_SIZE];
+ p=buf;
+
+ memcpy(p,TLS_MD_KEY_EXPANSION_CONST,
+ TLS_MD_KEY_EXPANSION_CONST_SIZE);
+ p+=TLS_MD_KEY_EXPANSION_CONST_SIZE;
+ memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE);
+ p+=SSL3_RANDOM_SIZE;
+ memcpy(p,s->s3->client_random,SSL3_RANDOM_SIZE);
+ p+=SSL3_RANDOM_SIZE;
+
+ tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,p-buf,
+ s->session->master_key,s->session->master_key_length,
+ km,tmp,num);
+ }
+
+int tls1_change_cipher_state(s,which)
+SSL *s;
+int which;
+ {
+ unsigned char *p,*key_block,*mac_secret;
+ unsigned char *exp_label,buf[TLS_MD_MAX_CONST_SIZE+
+ SSL3_RANDOM_SIZE*2];
+ unsigned char tmp1[EVP_MAX_KEY_LENGTH];
+ unsigned char tmp2[EVP_MAX_KEY_LENGTH];
+ unsigned char iv1[EVP_MAX_IV_LENGTH*2];
+ unsigned char iv2[EVP_MAX_IV_LENGTH*2];
+ unsigned char *ms,*key,*iv,*er1,*er2;
+ int client_write;
+ EVP_CIPHER_CTX *dd;
+ EVP_CIPHER *c;
+ SSL_COMPRESSION *comp;
+ EVP_MD *m;
+ int exp,n,i,j,k,exp_label_len;
+
+ exp=(s->s3->tmp.new_cipher->algorithms & SSL_EXPORT)?1:0;
+ c=s->s3->tmp.new_sym_enc;
+ m=s->s3->tmp.new_hash;
+ comp=s->s3->tmp.new_compression;
+ key_block=s->s3->tmp.key_block;
+
+ if (which & SSL3_CC_READ)
+ {
+ if ((s->enc_read_ctx == NULL) &&
+ ((s->enc_read_ctx=(EVP_CIPHER_CTX *)
+ Malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
+ goto err;
+ dd= s->enc_read_ctx;
+ s->read_hash=m;
+ s->read_compression=comp;
+ memset(&(s->s3->read_sequence[0]),0,8);
+ mac_secret= &(s->s3->read_mac_secret[0]);
+ }
+ else
+ {
+ if ((s->enc_write_ctx == NULL) &&
+ ((s->enc_write_ctx=(EVP_CIPHER_CTX *)
+ Malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
+ goto err;
+ dd= s->enc_write_ctx;
+ s->write_hash=m;
+ s->write_compression=comp;
+ memset(&(s->s3->write_sequence[0]),0,8);
+ mac_secret= &(s->s3->write_mac_secret[0]);
+ }
+
+ EVP_CIPHER_CTX_init(dd);
+
+ p=s->s3->tmp.key_block;
+ i=EVP_MD_size(m);
+ j=(exp)?5:EVP_CIPHER_key_length(c);
+ k=EVP_CIPHER_iv_length(c);
+ er1= &(s->s3->client_random[0]);
+ er2= &(s->s3->server_random[0]);
+ if ( (which == SSL3_CHANGE_CIPHER_CLIENT_WRITE) ||
+ (which == SSL3_CHANGE_CIPHER_SERVER_READ))
+ {
+ ms= &(p[ 0]); n=i+i;
+ key= &(p[ n]); n+=j+j;
+ iv= &(p[ n]); n+=k+k;
+ exp_label=(unsigned char *)TLS_MD_CLIENT_WRITE_KEY_CONST;
+ exp_label_len=TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE;
+ client_write=1;
+ }
+ else
+ {
+ n=i;
+ ms= &(p[ n]); n+=i+j;
+ key= &(p[ n]); n+=j+k;
+ iv= &(p[ n]); n+=k;
+ exp_label=(unsigned char *)TLS_MD_SERVER_WRITE_KEY_CONST;
+ exp_label_len=TLS_MD_SERVER_WRITE_KEY_CONST_SIZE;
+ client_write=0;
+ }
+
+ if (n > s->s3->tmp.key_block_length)
+ {
+ SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,SSL_R_INTERNAL_ERROR);
+ goto err2;
+ }
+
+ memcpy(mac_secret,ms,i);
+#ifdef TLS_DEBUG
+printf("which = %04X\nmac key=",which);
+{ int z; for (z=0; z<i; z++) printf("%02X%c",ms[z],((z+1)%16)?' ':'\n'); }
+#endif
+ if (exp)
+ {
+ /* In here I set both the read and write key/iv to the
+ * same value since only the correct one will be used :-).
+ */
+ p=buf;
+ memcpy(p,exp_label,exp_label_len);
+ p+=exp_label_len;
+ memcpy(p,s->s3->client_random,SSL3_RANDOM_SIZE);
+ p+=SSL3_RANDOM_SIZE;
+ memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE);
+ p+=SSL3_RANDOM_SIZE;
+ tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,p-buf,key,j,
+ tmp1,tmp2,EVP_CIPHER_key_length(c));
+ key=tmp1;
+
+ if (k > 0)
+ {
+ p=buf;
+ memcpy(p,TLS_MD_IV_BLOCK_CONST,
+ TLS_MD_IV_BLOCK_CONST_SIZE);
+ p+=TLS_MD_IV_BLOCK_CONST_SIZE;
+ memcpy(p,s->s3->client_random,SSL3_RANDOM_SIZE);
+ p+=SSL3_RANDOM_SIZE;
+ memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE);
+ p+=SSL3_RANDOM_SIZE;
+ tls1_PRF(s->ctx->md5,s->ctx->sha1,
+ buf,p-buf,"",0,iv1,iv2,k*2);
+ if (client_write)
+ iv=iv1;
+ else
+ iv= &(iv1[k]);
+ }
+ }
+
+ s->session->key_arg_length=0;
+
+ EVP_CipherInit(dd,c,key,iv,(which & SSL3_CC_WRITE));
+#ifdef TLS_DEBUG
+printf("which = %04X\nkey=",which);
+{ int z; for (z=0; z<EVP_CIPHER_key_length(c); z++) printf("%02X%c",key[z],((z+1)%16)?' ':'\n'); }
+printf("\niv=");
+{ int z; for (z=0; z<k; z++) printf("%02X%c",iv[z],((z+1)%16)?' ':'\n'); }
+printf("\n");
+#endif
+
+ memset(tmp1,0,sizeof(tmp1));
+ memset(tmp2,0,sizeof(tmp1));
+ memset(iv1,0,sizeof(iv1));
+ memset(iv2,0,sizeof(iv2));
+ return(1);
+err:
+ SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,ERR_R_MALLOC_FAILURE);
+err2:
+ return(0);
+ }
+
+int tls1_setup_key_block(s)
+SSL *s;
+ {
+ unsigned char *p1,*p2;
+ EVP_CIPHER *c;
+ EVP_MD *hash;
+ int num,exp;
+
+ if (s->s3->tmp.key_block_length != 0)
+ return(1);
+
+ if (!ssl_cipher_get_evp(s->session->cipher,&c,&hash))
+ {
+ SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK,SSL_R_CIPHER_OR_HASH_UNAVAILABLE);
+ return(0);
+ }
+
+ s->s3->tmp.new_sym_enc=c;
+ s->s3->tmp.new_hash=hash;
+
+ exp=(s->session->cipher->algorithms & SSL_EXPORT)?1:0;
+
+ num=EVP_CIPHER_key_length(c)+EVP_MD_size(hash)+EVP_CIPHER_iv_length(c);
+ num*=2;
+
+ ssl3_cleanup_key_block(s);
+
+ if ((p1=(unsigned char *)Malloc(num)) == NULL)
+ goto err;
+ if ((p2=(unsigned char *)Malloc(num)) == NULL)
+ goto err;
+
+ s->s3->tmp.key_block_length=num;
+ s->s3->tmp.key_block=p1;
+
+
+#ifdef TLS_DEBUG
+printf("client random\n");
+{ int z; for (z=0; z<SSL3_RANDOM_SIZE; z++) printf("%02X%c",s->s3->client_random[z],((z+1)%16)?' ':'\n'); }
+printf("server random\n");
+{ int z; for (z=0; z<SSL3_RANDOM_SIZE; z++) printf("%02X%c",s->s3->server_random[z],((z+1)%16)?' ':'\n'); }
+printf("pre-master\n");
+{ int z; for (z=0; z<s->session->master_key_length; z++) printf("%02X%c",s->session->master_key[z],((z+1)%16)?' ':'\n'); }
+#endif
+ tls1_generate_key_block(s,p1,p2,num);
+ memset(p2,0,num);
+ Free(p2);
+#ifdef TLS_DEBUG
+printf("\nkey block\n");
+{ int z; for (z=0; z<num; z++) printf("%02X%c",p1[z],((z+1)%16)?' ':'\n'); }
+#endif
+
+ return(1);
+err:
+ SSLerr(SSL_F_TLS1_SETUP_KEY_BLOCK,ERR_R_MALLOC_FAILURE);
+ return(0);
+ }
+
+int tls1_enc(s,send)
+SSL *s;
+int send;
+ {
+ SSL3_RECORD *rec;
+ EVP_CIPHER_CTX *ds;
+ unsigned long l;
+ int bs,i,ii,j,k,n=0;
+ EVP_CIPHER *enc;
+ SSL_COMPRESSION *comp;
+
+ if (send)
+ {
+ if (s->write_hash != NULL)
+ n=EVP_MD_size(s->write_hash);
+ ds=s->enc_write_ctx;
+ rec= &(s->s3->wrec);
+ if (s->enc_write_ctx == NULL)
+ { enc=NULL; comp=NULL; }
+ else
+ {
+ enc=EVP_CIPHER_CTX_cipher(s->enc_write_ctx);
+ comp=s->write_compression;
+ }
+ }
+ else
+ {
+ if (s->read_hash != NULL)
+ n=EVP_MD_size(s->read_hash);
+ ds=s->enc_read_ctx;
+ rec= &(s->s3->rrec);
+ if (s->enc_read_ctx == NULL)
+ { enc=NULL; comp=NULL; }
+ else
+ {
+ enc=EVP_CIPHER_CTX_cipher(s->enc_read_ctx);
+ comp=s->read_compression;
+ }
+ }
+
+ if ((s->session == NULL) || (ds == NULL) ||
+ ((enc == NULL) && (comp == NULL)))
+ {
+ memcpy(rec->data,rec->input,rec->length);
+ rec->input=rec->data;
+ }
+ else
+ {
+ l=rec->length;
+ bs=EVP_CIPHER_block_size(ds->cipher);
+
+ if ((bs != 1) && send)
+ {
+ i=bs-((int)l%bs);
+
+ /* Add weird padding of upto 256 bytes */
+
+ /* we need to add 'i' padding bytes of value j */
+ j=i-1;
+ if (s->options & SSL_OP_TLS_BLOCK_PADDING_BUG)
+ {
+ if (s->s3->flags & TLS1_FLAGS_TLS_PADDING_BUG)
+ j++;
+ }
+ for (k=(int)l; k<(int)(l+i); k++)
+ rec->input[k]=j;
+ l+=i;
+ rec->length+=i;
+ }
+
+ EVP_Cipher(ds,rec->data,rec->input,l);
+
+ if ((bs != 1) && !send)
+ {
+ ii=i=rec->data[l-1];
+ i++;
+ if (s->options&SSL_OP_TLS_BLOCK_PADDING_BUG)
+ {
+ /* First packet is even in size, so check */
+ if ((memcmp(s->s3->read_sequence,
+ "\0\0\0\0\0\0\0\0",8) == 0) && !(ii & 1))
+ s->s3->flags|=TLS1_FLAGS_TLS_PADDING_BUG;
+ if (s->s3->flags & TLS1_FLAGS_TLS_PADDING_BUG)
+ i--;
+ }
+ if (i > (int)rec->length)
+ {
+ SSLerr(SSL_F_TLS1_ENC,SSL_R_BLOCK_CIPHER_PAD_IS_WRONG);
+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECRYPTION_FAILED);
+ return(0);
+ }
+ for (j=(int)(l-i); j<(int)l; j++)
+ {
+ if (rec->data[j] != ii)
+ {
+ SSLerr(SSL_F_TLS1_ENC,SSL_R_DECRYPTION_FAILED);
+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL_AD_DECRYPTION_FAILED);
+ return(0);
+ }
+ }
+ rec->length-=i;
+ }
+ }
+ return(1);
+ }
+
+int tls1_cert_verify_mac(s,in_ctx,out)
+SSL *s;
+EVP_MD_CTX *in_ctx;
+unsigned char *out;
+ {
+ unsigned int ret;
+ EVP_MD_CTX ctx;
+
+ memcpy(&ctx,in_ctx,sizeof(EVP_MD_CTX));
+ EVP_DigestFinal(&ctx,out,&ret);
+ return((int)ret);
+ }
+
+int tls1_final_finish_mac(s,in1_ctx,in2_ctx,str,slen,out)
+SSL *s;
+EVP_MD_CTX *in1_ctx,*in2_ctx;
+unsigned char *str;
+int slen;
+unsigned char *out;
+ {
+ unsigned int i;
+ EVP_MD_CTX ctx;
+ unsigned char buf[TLS_MD_MAX_CONST_SIZE+MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH];
+ unsigned char *q,buf2[12];
+
+ q=buf;
+ memcpy(q,str,slen);
+ q+=slen;
+
+ memcpy(&ctx,in1_ctx,sizeof(EVP_MD_CTX));
+ EVP_DigestFinal(&ctx,q,&i);
+ q+=i;
+ memcpy(&ctx,in2_ctx,sizeof(EVP_MD_CTX));
+ EVP_DigestFinal(&ctx,q,&i);
+ q+=i;
+
+ tls1_PRF(s->ctx->md5,s->ctx->sha1,buf,q-buf,
+ s->session->master_key,s->session->master_key_length,
+ out,buf2,12);
+ memset(&ctx,0,sizeof(EVP_MD_CTX));
+
+ return((int)12);
+ }
+
+int tls1_mac(ssl,md,send)
+SSL *ssl;
+unsigned char *md;
+int send;
+ {
+ SSL3_RECORD *rec;
+ unsigned char *mac_sec,*seq;
+ EVP_MD *hash;
+ unsigned int md_size;
+ int i;
+ HMAC_CTX hmac;
+ unsigned char buf[5];
+
+ if (send)
+ {
+ rec= &(ssl->s3->wrec);
+ mac_sec= &(ssl->s3->write_mac_secret[0]);
+ seq= &(ssl->s3->write_sequence[0]);
+ hash=ssl->write_hash;
+ }
+ else
+ {
+ rec= &(ssl->s3->rrec);
+ mac_sec= &(ssl->s3->read_mac_secret[0]);
+ seq= &(ssl->s3->read_sequence[0]);
+ hash=ssl->read_hash;
+ }
+
+ md_size=EVP_MD_size(hash);
+
+ buf[0]=rec->type;
+ buf[1]=TLS1_VERSION_MAJOR;
+ buf[2]=TLS1_VERSION_MINOR;
+ buf[3]=rec->length>>8;
+ buf[4]=rec->length&0xff;
+
+ /* I should fix this up TLS TLS TLS TLS TLS XXXXXXXX */
+ HMAC_Init(&hmac,mac_sec,EVP_MD_size(hash),hash);
+ HMAC_Update(&hmac,seq,8);
+ HMAC_Update(&hmac,buf,5);
+ HMAC_Update(&hmac,rec->input,rec->length);
+ HMAC_Final(&hmac,md,&md_size);
+
+#ifdef TLS_DEBUG
+printf("sec=");
+{int z; for (z=0; z<md_size; z++) printf("%02X ",mac_sec[z]); printf("\n"); }
+printf("seq=");
+{int z; for (z=0; z<8; z++) printf("%02X ",seq[z]); printf("\n"); }
+printf("buf=");
+{int z; for (z=0; z<5; z++) printf("%02X ",buf[z]); printf("\n"); }
+printf("rec=");
+{int z; for (z=0; z<rec->length; z++) printf("%02X ",buf[z]); printf("\n"); }
+#endif
+
+ for (i=7; i>=0; i--)
+ if (++seq[i]) break;
+
+#ifdef TLS_DEBUG
+{int z; for (z=0; z<md_size; z++) printf("%02X ",md[z]); printf("\n"); }
+#endif
+ return(md_size);
+ }
+
+int tls1_generate_master_secret(s,out,p,len)
+SSL *s;
+unsigned char *out;
+unsigned char *p;
+int len;
+ {
+ unsigned char buf[SSL3_RANDOM_SIZE*2+TLS_MD_MASTER_SECRET_CONST_SIZE];
+ unsigned char buff[SSL_MAX_MASTER_KEY_LENGTH];
+
+ /* Setup the stuff to munge */
+ memcpy(buf,TLS_MD_MASTER_SECRET_CONST,
+ TLS_MD_MASTER_SECRET_CONST_SIZE);
+ memcpy(&(buf[TLS_MD_MASTER_SECRET_CONST_SIZE]),
+ s->s3->client_random,SSL3_RANDOM_SIZE);
+ memcpy(&(buf[SSL3_RANDOM_SIZE+TLS_MD_MASTER_SECRET_CONST_SIZE]),
+ s->s3->server_random,SSL3_RANDOM_SIZE);
+ tls1_PRF(s->ctx->md5,s->ctx->sha1,
+ buf,TLS_MD_MASTER_SECRET_CONST_SIZE+SSL3_RANDOM_SIZE*2,p,len,
+ s->session->master_key,buff,SSL3_MASTER_SECRET_SIZE);
+ return(SSL3_MASTER_SECRET_SIZE);
+ }
+
+int tls1_alert_code(code)
+int code;
+ {
+ switch (code)
+ {
+ case SSL_AD_CLOSE_NOTIFY: return(SSL3_AD_CLOSE_NOTIFY);
+ case SSL_AD_UNEXPECTED_MESSAGE: return(SSL3_AD_UNEXPECTED_MESSAGE);
+ case SSL_AD_BAD_RECORD_MAC: return(SSL3_AD_BAD_RECORD_MAC);
+ case SSL_AD_DECRYPTION_FAILED: return(TLS1_AD_DECRYPTION_FAILED);
+ case SSL_AD_RECORD_OVERFLOW: return(TLS1_AD_RECORD_OVERFLOW);
+ case SSL_AD_DECOMPRESSION_FAILURE:return(SSL3_AD_DECOMPRESSION_FAILURE);
+ case SSL_AD_HANDSHAKE_FAILURE: return(SSL3_AD_HANDSHAKE_FAILURE);
+ case SSL_AD_NO_CERTIFICATE: return(-1);
+ case SSL_AD_BAD_CERTIFICATE: return(SSL3_AD_BAD_CERTIFICATE);
+ case SSL_AD_UNSUPPORTED_CERTIFICATE:return(SSL3_AD_UNSUPPORTED_CERTIFICATE);
+ case SSL_AD_CERTIFICATE_REVOKED:return(SSL3_AD_CERTIFICATE_REVOKED);
+ case SSL_AD_CERTIFICATE_EXPIRED:return(SSL3_AD_CERTIFICATE_EXPIRED);
+ case SSL_AD_CERTIFICATE_UNKNOWN:return(SSL3_AD_CERTIFICATE_UNKNOWN);
+ case SSL_AD_ILLEGAL_PARAMETER: return(SSL3_AD_ILLEGAL_PARAMETER);
+ case SSL_AD_UNKNOWN_CA: return(TLS1_AD_UNKNOWN_CA);
+ case SSL_AD_ACCESS_DENIED: return(TLS1_AD_ACCESS_DENIED);
+ case SSL_AD_DECODE_ERROR: return(TLS1_AD_DECODE_ERROR);
+ case SSL_AD_DECRYPT_ERROR: return(TLS1_AD_DECRYPT_ERROR);
+ case SSL_AD_EXPORT_RESTRICION: return(TLS1_AD_EXPORT_RESTRICION);
+ case SSL_AD_PROTOCOL_VERSION: return(TLS1_AD_PROTOCOL_VERSION);
+ case SSL_AD_INSUFFICIENT_SECURITY:return(TLS1_AD_INSUFFICIENT_SECURITY);
+ case SSL_AD_INTERNAL_ERROR: return(TLS1_AD_INTERNAL_ERROR);
+ case SSL_AD_USER_CANCLED: return(TLS1_AD_USER_CANCLED);
+ case SSL_AD_NO_RENEGOTIATION: return(TLS1_AD_NO_RENEGOTIATION);
+ default: return(-1);
+ }
+ }
+
diff --git a/src/lib/libssl/src/ssl/t1_lib.c b/src/lib/libssl/src/ssl/t1_lib.c
new file mode 100644
index 0000000000..f9fbfa414c
--- /dev/null
+++ b/src/lib/libssl/src/ssl/t1_lib.c
@@ -0,0 +1,151 @@
+/* ssl/t1_lib.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "objects.h"
+#include "ssl_locl.h"
+
+char *tls1_version_str="TLSv1 part of SSLeay 0.9.0b 29-Jun-1998";
+
+#ifndef NO_PROTO
+static long tls1_default_timeout(void);
+#else
+static long tls1_default_timeout();
+#endif
+
+static SSL3_ENC_METHOD TLSv1_enc_data={
+ tls1_enc,
+ tls1_mac,
+ tls1_setup_key_block,
+ tls1_generate_master_secret,
+ tls1_change_cipher_state,
+ tls1_final_finish_mac,
+ TLS1_FINISH_MAC_LENGTH,
+ tls1_cert_verify_mac,
+ TLS_MD_CLIENT_FINISH_CONST,TLS_MD_CLIENT_FINISH_CONST_SIZE,
+ TLS_MD_SERVER_FINISH_CONST,TLS_MD_SERVER_FINISH_CONST_SIZE,
+ tls1_alert_code,
+ };
+
+static SSL_METHOD TLSv1_data= {
+ TLS1_VERSION,
+ tls1_new,
+ tls1_clear,
+ tls1_free,
+ ssl_undefined_function,
+ ssl_undefined_function,
+ ssl3_read,
+ ssl3_peek,
+ ssl3_write,
+ ssl3_shutdown,
+ ssl3_renegotiate,
+ ssl3_ctrl,
+ ssl3_ctx_ctrl,
+ ssl3_get_cipher_by_char,
+ ssl3_put_cipher_by_char,
+ ssl3_pending,
+ ssl3_num_ciphers,
+ ssl3_get_cipher,
+ ssl_bad_method,
+ tls1_default_timeout,
+ &TLSv1_enc_data,
+ };
+
+static long tls1_default_timeout()
+ {
+ /* 2 hours, the 24 hours mentioned in the TLSv1 spec
+ * is way too long for http, the cache would over fill */
+ return(60*60*2);
+ }
+
+SSL_METHOD *tlsv1_base_method()
+ {
+ return(&TLSv1_data);
+ }
+
+int tls1_new(s)
+SSL *s;
+ {
+ if (!ssl3_new(s)) return(0);
+ s->method->ssl_clear(s);
+ return(1);
+ }
+
+void tls1_free(s)
+SSL *s;
+ {
+ ssl3_free(s);
+ }
+
+void tls1_clear(s)
+SSL *s;
+ {
+ ssl3_clear(s);
+ s->version=TLS1_VERSION;
+ }
+
+#if 0
+long tls1_ctrl(s,cmd,larg,parg)
+SSL *s;
+int cmd;
+long larg;
+char *parg;
+ {
+ return(0);
+ }
+#endif
diff --git a/src/lib/libssl/src/ssl/t1_meth.c b/src/lib/libssl/src/ssl/t1_meth.c
new file mode 100644
index 0000000000..512c2078e7
--- /dev/null
+++ b/src/lib/libssl/src/ssl/t1_meth.c
@@ -0,0 +1,88 @@
+/* ssl/t1_meth.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "objects.h"
+#include "ssl_locl.h"
+
+static SSL_METHOD *tls1_get_method(ver)
+int ver;
+ {
+ if (ver == TLS1_VERSION)
+ return(TLSv1_method());
+ else
+ return(NULL);
+ }
+
+SSL_METHOD *TLSv1_method()
+ {
+ static int init=1;
+ static SSL_METHOD TLSv1_data;
+
+ if (init)
+ {
+ init=0;
+ memcpy((char *)&TLSv1_data,(char *)tlsv1_base_method(),
+ sizeof(SSL_METHOD));
+ TLSv1_data.ssl_connect=ssl3_connect;
+ TLSv1_data.ssl_accept=ssl3_accept;
+ TLSv1_data.get_ssl_method=tls1_get_method;
+ }
+ return(&TLSv1_data);
+ }
+
diff --git a/src/lib/libssl/src/ssl/t1_srvr.c b/src/lib/libssl/src/ssl/t1_srvr.c
new file mode 100644
index 0000000000..8cf0addcd9
--- /dev/null
+++ b/src/lib/libssl/src/ssl/t1_srvr.c
@@ -0,0 +1,91 @@
+/* ssl/t1_srvr.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "buffer.h"
+#include "rand.h"
+#include "objects.h"
+#include "evp.h"
+#include "x509.h"
+#include "ssl_locl.h"
+
+static SSL_METHOD *tls1_get_server_method(ver)
+int ver;
+ {
+ if (ver == TLS1_VERSION)
+ return(TLSv1_server_method());
+ else
+ return(NULL);
+ }
+
+SSL_METHOD *TLSv1_server_method()
+ {
+ static int init=1;
+ static SSL_METHOD TLSv1_server_data;
+
+ if (init)
+ {
+ init=0;
+ memcpy((char *)&TLSv1_server_data,(char *)tlsv1_base_method(),
+ sizeof(SSL_METHOD));
+ TLSv1_server_data.ssl_accept=ssl3_accept;
+ TLSv1_server_data.get_ssl_method=tls1_get_server_method;
+ }
+ return(&TLSv1_server_data);
+ }
+
diff --git a/src/lib/libssl/src/ssl/tls1.h b/src/lib/libssl/src/ssl/tls1.h
new file mode 100644
index 0000000000..60978613ef
--- /dev/null
+++ b/src/lib/libssl/src/ssl/tls1.h
@@ -0,0 +1,115 @@
+/* ssl/tls1.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_TLS1_H
+#define HEADER_TLS1_H
+
+#include "buffer.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define TLS1_VERSION 0x0301
+#define TLS1_VERSION_MAJOR 0x03
+#define TLS1_VERSION_MINOR 0x01
+
+#define TLS1_AD_DECRYPTION_FAILED 21
+#define TLS1_AD_RECORD_OVERFLOW 22
+#define TLS1_AD_UNKNOWN_CA 48 /* fatal */
+#define TLS1_AD_ACCESS_DENIED 49 /* fatal */
+#define TLS1_AD_DECODE_ERROR 50 /* fatal */
+#define TLS1_AD_DECRYPT_ERROR 51
+#define TLS1_AD_EXPORT_RESTRICION 60 /* fatal */
+#define TLS1_AD_PROTOCOL_VERSION 70 /* fatal */
+#define TLS1_AD_INSUFFICIENT_SECURITY 71 /* fatal */
+#define TLS1_AD_INTERNAL_ERROR 80 /* fatal */
+#define TLS1_AD_USER_CANCLED 90
+#define TLS1_AD_NO_RENEGOTIATION 100
+
+#define TLS_CT_RSA_SIGN 1
+#define TLS_CT_DSS_SIGN 2
+#define TLS_CT_RSA_FIXED_DH 3
+#define TLS_CT_DSS_FIXED_DH 4
+#define TLS_CT_NUMBER 4
+
+#define TLS1_FINISH_MAC_LENGTH 12
+
+#define TLS_MD_MAX_CONST_SIZE 20
+#define TLS_MD_CLIENT_FINISH_CONST "client finished"
+#define TLS_MD_CLIENT_FINISH_CONST_SIZE 15
+#define TLS_MD_SERVER_FINISH_CONST "server finished"
+#define TLS_MD_SERVER_FINISH_CONST_SIZE 15
+#define TLS_MD_SERVER_WRITE_KEY_CONST "server write key"
+#define TLS_MD_SERVER_WRITE_KEY_CONST_SIZE 16
+#define TLS_MD_KEY_EXPANSION_CONST "key expansion"
+#define TLS_MD_KEY_EXPANSION_CONST_SIZE 13
+#define TLS_MD_CLIENT_WRITE_KEY_CONST "client write key"
+#define TLS_MD_CLIENT_WRITE_KEY_CONST_SIZE 16
+#define TLS_MD_SERVER_WRITE_KEY_CONST "server write key"
+#define TLS_MD_SERVER_WRITE_KEY_CONST_SIZE 16
+#define TLS_MD_IV_BLOCK_CONST "IV block"
+#define TLS_MD_IV_BLOCK_CONST_SIZE 8
+#define TLS_MD_MASTER_SECRET_CONST "master secret"
+#define TLS_MD_MASTER_SECRET_CONST_SIZE 13
+
+#ifdef __cplusplus
+}
+#endif
+#endif
+
diff --git a/src/lib/libssl/src/test/CAss.cnf b/src/lib/libssl/src/test/CAss.cnf
new file mode 100644
index 0000000000..b941b7ae15
--- /dev/null
+++ b/src/lib/libssl/src/test/CAss.cnf
@@ -0,0 +1,25 @@
+#
+# SSLeay example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+
+RANDFILE = ./.rnd
+
+####################################################################
+[ req ]
+default_bits = 512
+default_keyfile = keySS.pem
+distinguished_name = req_distinguished_name
+encrypt_rsa_key = no
+default_md = sha1
+
+[ req_distinguished_name ]
+countryName = Country Name (2 letter code)
+countryName_default = AU
+countryName_value = AU
+
+organizationName = Organization Name (eg, company)
+organizationName_value = Dodgy Brothers
+
+commonName = Common Name (eg, YOUR name)
+commonName_value = Dodgy CA
diff --git a/src/lib/libssl/src/test/CAssdh.cnf b/src/lib/libssl/src/test/CAssdh.cnf
new file mode 100644
index 0000000000..4e0a908679
--- /dev/null
+++ b/src/lib/libssl/src/test/CAssdh.cnf
@@ -0,0 +1,24 @@
+#
+# SSLeay example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+# hacked by iang to do DH certs - CA
+
+RANDFILE = ./.rnd
+
+####################################################################
+[ req ]
+distinguished_name = req_distinguished_name
+encrypt_rsa_key = no
+
+[ req_distinguished_name ]
+countryName = Country Name (2 letter code)
+countryName_default = CU
+countryName_value = CU
+
+organizationName = Organization Name (eg, company)
+organizationName_value = La Junta de la Revolucion
+
+commonName = Common Name (eg, YOUR name)
+commonName_value = Junta
+
diff --git a/src/lib/libssl/src/test/CAssdsa.cnf b/src/lib/libssl/src/test/CAssdsa.cnf
new file mode 100644
index 0000000000..a6b4d1810c
--- /dev/null
+++ b/src/lib/libssl/src/test/CAssdsa.cnf
@@ -0,0 +1,23 @@
+#
+# SSLeay example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+# hacked by iang to do DSA certs - CA
+
+RANDFILE = ./.rnd
+
+####################################################################
+[ req ]
+distinguished_name = req_distinguished_name
+encrypt_rsa_key = no
+
+[ req_distinguished_name ]
+countryName = Country Name (2 letter code)
+countryName_default = ES
+countryName_value = ES
+
+organizationName = Organization Name (eg, company)
+organizationName_value = Hermanos Locos
+
+commonName = Common Name (eg, YOUR name)
+commonName_value = Hermanos Locos CA
diff --git a/src/lib/libssl/src/test/CAssrsa.cnf b/src/lib/libssl/src/test/CAssrsa.cnf
new file mode 100644
index 0000000000..eb24a6dfc0
--- /dev/null
+++ b/src/lib/libssl/src/test/CAssrsa.cnf
@@ -0,0 +1,24 @@
+#
+# SSLeay example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+# create RSA certs - CA
+
+RANDFILE = ./.rnd
+
+####################################################################
+[ req ]
+distinguished_name = req_distinguished_name
+encrypt_key = no
+
+[ req_distinguished_name ]
+countryName = Country Name (2 letter code)
+countryName_default = ES
+countryName_value = ES
+
+organizationName = Organization Name (eg, company)
+organizationName_value = Hermanos Locos
+
+commonName = Common Name (eg, YOUR name)
+commonName_value = Hermanos Locos CA
+
diff --git a/src/lib/libssl/src/test/Sssdsa.cnf b/src/lib/libssl/src/test/Sssdsa.cnf
new file mode 100644
index 0000000000..8e170a28ef
--- /dev/null
+++ b/src/lib/libssl/src/test/Sssdsa.cnf
@@ -0,0 +1,27 @@
+#
+# SSLeay example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+# hacked by iang to do DSA certs - Server
+
+RANDFILE = ./.rnd
+
+####################################################################
+[ req ]
+distinguished_name = req_distinguished_name
+encrypt_rsa_key = no
+
+[ req_distinguished_name ]
+countryName = Country Name (2 letter code)
+countryName_default = ES
+countryName_value = ES
+
+organizationName = Organization Name (eg, company)
+organizationName_value = Tortilleras S.A.
+
+0.commonName = Common Name (eg, YOUR name)
+0.commonName_value = Torti
+
+1.commonName = Common Name (eg, YOUR name)
+1.commonName_value = Gordita
+
diff --git a/src/lib/libssl/src/test/Sssrsa.cnf b/src/lib/libssl/src/test/Sssrsa.cnf
new file mode 100644
index 0000000000..8c79a03fca
--- /dev/null
+++ b/src/lib/libssl/src/test/Sssrsa.cnf
@@ -0,0 +1,26 @@
+#
+# SSLeay example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+# create RSA certs - Server
+
+RANDFILE = ./.rnd
+
+####################################################################
+[ req ]
+distinguished_name = req_distinguished_name
+encrypt_key = no
+
+[ req_distinguished_name ]
+countryName = Country Name (2 letter code)
+countryName_default = ES
+countryName_value = ES
+
+organizationName = Organization Name (eg, company)
+organizationName_value = Tortilleras S.A.
+
+0.commonName = Common Name (eg, YOUR name)
+0.commonName_value = Torti
+
+1.commonName = Common Name (eg, YOUR name)
+1.commonName_value = Gordita
diff --git a/src/lib/libssl/src/test/Uss.cnf b/src/lib/libssl/src/test/Uss.cnf
new file mode 100644
index 0000000000..c89692d519
--- /dev/null
+++ b/src/lib/libssl/src/test/Uss.cnf
@@ -0,0 +1,28 @@
+#
+# SSLeay example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+
+RANDFILE = ./.rnd
+
+####################################################################
+[ req ]
+default_bits = 512
+default_keyfile = keySS.pem
+distinguished_name = req_distinguished_name
+encrypt_rsa_key = no
+default_md = md2
+
+[ req_distinguished_name ]
+countryName = Country Name (2 letter code)
+countryName_default = AU
+countryName_value = AU
+
+organizationName = Organization Name (eg, company)
+organizationName_value = Dodgy Brothers
+
+0.commonName = Common Name (eg, YOUR name)
+0.commonName_value = Brother 1
+
+1.commonName = Common Name (eg, YOUR name)
+1.commonName_value = Brother 2
diff --git a/src/lib/libssl/src/test/methtest.c b/src/lib/libssl/src/test/methtest.c
new file mode 100644
index 0000000000..630d29dc91
--- /dev/null
+++ b/src/lib/libssl/src/test/methtest.c
@@ -0,0 +1,105 @@
+/* test/methtest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "rsa.h"
+#include "x509.h"
+#include "meth.h"
+#include "err.h"
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ METHOD_CTX *top,*tmp1,*tmp2;
+
+ top=METH_new(x509_lookup()); /* get a top level context */
+ if (top == NULL) goto err;
+
+ tmp1=METH_new(x509_by_file());
+ if (top == NULL) goto err;
+ METH_arg(tmp1,METH_TYPE_FILE,"cafile1");
+ METH_arg(tmp1,METH_TYPE_FILE,"cafile2");
+ METH_push(top,METH_X509_CA_BY_SUBJECT,tmp1);
+
+ tmp2=METH_new(x509_by_dir());
+ METH_arg(tmp2,METH_TYPE_DIR,"/home/eay/.CAcerts");
+ METH_arg(tmp2,METH_TYPE_DIR,"/home/eay/SSLeay/certs");
+ METH_arg(tmp2,METH_TYPE_DIR,"/usr/local/ssl/certs");
+ METH_push(top,METH_X509_CA_BY_SUBJECT,tmp2);
+
+/* tmp=METH_new(x509_by_issuer_dir);
+ METH_arg(tmp,METH_TYPE_DIR,"/home/eay/.mycerts");
+ METH_push(top,METH_X509_BY_ISSUER,tmp);
+
+ tmp=METH_new(x509_by_issuer_primary);
+ METH_arg(tmp,METH_TYPE_FILE,"/home/eay/.mycerts/primary.pem");
+ METH_push(top,METH_X509_BY_ISSUER,tmp);
+*/
+
+ METH_init(top);
+ METH_control(tmp1,METH_CONTROL_DUMP,stdout);
+ METH_control(tmp2,METH_CONTROL_DUMP,stdout);
+ exit(0);
+err:
+ ERR_load_crypto_strings();
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ return(0);
+ }
diff --git a/src/lib/libssl/src/test/pkcs7-1.pem b/src/lib/libssl/src/test/pkcs7-1.pem
new file mode 100644
index 0000000000..c47b27af88
--- /dev/null
+++ b/src/lib/libssl/src/test/pkcs7-1.pem
@@ -0,0 +1,15 @@
+-----BEGIN PKCS7-----
+MIICUAYJKoZIhvcNAQcCoIICQTCCAj0CAQExDjAMBggqhkiG9w0CAgUAMCgGCSqG
+SIb3DQEHAaAbBBlFdmVyeW9uZSBnZXRzIEZyaWRheSBvZmYuoIIBXjCCAVowggEE
+AgQUAAApMA0GCSqGSIb3DQEBAgUAMCwxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRF
+eGFtcGxlIE9yZ2FuaXphdGlvbjAeFw05MjA5MDkyMjE4MDZaFw05NDA5MDkyMjE4
+MDVaMEIxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRFeGFtcGxlIE9yZ2FuaXphdGlv
+bjEUMBIGA1UEAxMLVGVzdCBVc2VyIDEwWzANBgkqhkiG9w0BAQEFAANKADBHAkAK
+ZnkdxpiBaN56t3QZu3+wwAHGJxAnAHUUKULhmo2MUdBTs+N4Kh3l3Fr06+mUaBcB
+FKHf5nzcmpr1XWVWILurAgMBAAEwDQYJKoZIhvcNAQECBQADQQBFGqHhqncgSl/N
+9XYGnQL3MsJvNnsNV4puZPOakR9Hld8JlDQFEaDR30ogsmp3TMrvdfxpLlTCoZN8
+BxEmnZsWMYGbMIGYAgEBMDQwLDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFEV4YW1w
+bGUgT3JnYW5pemF0aW9uAgQUAAApMAwGCCqGSIb3DQICBQAwDQYJKoZIhvcNAQEB
+BQAEQAX6aoEvx9+L9PJUJQngPoRuEbnGIL4gCe+0QO+8xmkhaZSsBPNBtX0FIC1C
+j7Kie1x339mxW/w9VZNTUDQQweHh
+-----END PKCS7-----
diff --git a/src/lib/libssl/src/test/pkcs7.pem b/src/lib/libssl/src/test/pkcs7.pem
new file mode 100644
index 0000000000..d55c60b94e
--- /dev/null
+++ b/src/lib/libssl/src/test/pkcs7.pem
@@ -0,0 +1,54 @@
+ MIAGCSqGSIb3DQEHAqCAMIACAQExADCABgkqhkiG9w0BBwEAAKCAMIIE+DCCBGGg
+ AwIBAgIQaGSF/JpbS1C223+yrc+N1DANBgkqhkiG9w0BAQQFADBiMREwDwYDVQQH
+ EwhJbnRlcm5ldDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNDAyBgNVBAsTK1Zl
+ cmlTaWduIENsYXNzIDEgQ0EgLSBJbmRpdmlkdWFsIFN1YnNjcmliZXIwHhcNOTYw
+ ODEyMDAwMDAwWhcNOTYwODE3MjM1OTU5WjCCASAxETAPBgNVBAcTCEludGVybmV0
+ MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xh
+ c3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjE3MDUGA1UECxMuRGlnaXRh
+ bCBJRCBDbGFzcyAxIC0gU01JTUUgVmVyaVNpZ24sIEluYy4gVEVTVDFGMEQGA1UE
+ CxM9d3d3LnZlcmlzaWduLmNvbS9yZXBvc2l0b3J5L0NQUyBJbmNvcnAuIGJ5IFJl
+ Zi4sTElBQi5MVEQoYyk5NjEZMBcGA1UEAxMQQWxleGFuZHJlIERlYWNvbjEgMB4G
+ CSqGSIb3DQEJARYRYWxleEB2ZXJpc2lnbi5jb20wWzANBgkqhkiG9w0BAQEFAANK
+ ADBHAkAOy7xxCAIkOfuIA2LyRpxgKlDORl8htdXYhF5iBGUx1GYaK6KF+bK/CCI0
+ l4j2OfWGFBUrwGoWqxTNcWgTfMzRAgMBAAGjggIyMIICLjAJBgNVHRMEAjAAMIIC
+ HwYDVR0DBIICFjCCAhIwggIOMIICCgYLYIZIAYb4RQEHAQEwggH5FoIBp1RoaXMg
+ Y2VydGlmaWNhdGUgaW5jb3Jwb3JhdGVzIGJ5IHJlZmVyZW5jZSwgYW5kIGl0cyB1
+ c2UgaXMgc3RyaWN0bHkgc3ViamVjdCB0bywgdGhlIFZlcmlTaWduIENlcnRpZmlj
+ YXRpb24gUHJhY3RpY2UgU3RhdGVtZW50IChDUFMpLCBhdmFpbGFibGUgYXQ6IGh0
+ dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9DUFM7IGJ5IEUtbWFpbCBhdCBDUFMtcmVx
+ dWVzdHNAdmVyaXNpZ24uY29tOyBvciBieSBtYWlsIGF0IFZlcmlTaWduLCBJbmMu
+ LCAyNTkzIENvYXN0IEF2ZS4sIE1vdW50YWluIFZpZXcsIENBIDk0MDQzIFVTQSBU
+ ZWwuICsxICg0MTUpIDk2MS04ODMwIENvcHlyaWdodCAoYykgMTk5NiBWZXJpU2ln
+ biwgSW5jLiAgQWxsIFJpZ2h0cyBSZXNlcnZlZC4gQ0VSVEFJTiBXQVJSQU5USUVT
+ IERJU0NMQUlNRUQgYW5kIExJQUJJTElUWSBMSU1JVEVELqAOBgxghkgBhvhFAQcB
+ AQGhDgYMYIZIAYb4RQEHAQECMCwwKhYoaHR0cHM6Ly93d3cudmVyaXNpZ24uY29t
+ L3JlcG9zaXRvcnkvQ1BTIDANBgkqhkiG9w0BAQQFAAOBgQAimWMGQwwwxk+b3KAL
+ HlSWXtU7LWHe29CEG8XeVNTvrqs6SBqT7OoENOkGxpfdpVgZ3Qw2SKjxDvbvpfSF
+ slsqcxWSgB/hWuaVuZCkvTw/dYGGOxkTJGxvDCfl1PZjX4dKbatslsi9Z9HpGWT7
+ ttItRwKqcBKgmCJvKi1pGWED0zCCAnkwggHioAMCAQICEDURpVKQb+fQKaRAGdQR
+ /D4wDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlT
+ aWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAxIFB1YmxpYyBQcmltYXJ5IENlcnRp
+ ZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2MDYyNzAwMDAwMFoXDTk3MDYyNzIzNTk1
+ OVowYjERMA8GA1UEBxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMu
+ MTQwMgYDVQQLEytWZXJpU2lnbiBDbGFzcyAxIENBIC0gSW5kaXZpZHVhbCBTdWJz
+ Y3JpYmVyMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2FKbPTdAFDdjKI9Bv
+ qrQpkmOOLPhvltcunXZLEbE2jVfJw/0cxrr+Hgi6M8qV6r7jW80GqLd5HUQq7XPy
+ sVKDaBBwZJHXPmv5912dFEObbpdFmIFH0S3L3bty10w/cariQPJUObwW7s987Lrb
+ P2wqsxaxhhKdrpM01bjV0Pc+qQIDAQABozMwMTAPBgNVHRMECDAGAQH/AgEBMAsG
+ A1UdDwQEAwIBBjARBglghkgBhvhCAQEEBAMCAgQwDQYJKoZIhvcNAQECBQADgYEA
+ KeXHoBmnbxRCgk0jM9e9mDppdxpsipIna/J8DOHEUuD4nONAr4+xOg73SBl026n7
+ Bk55A2wvAMGo7+kKTZ+rHaFDDcmq4O+rzFri2RIOeGAncj1IcGptAQhvXoIhFMG4
+ Jlzg1KlHZHqy7D3jex78zcSU7kKOu8f5tAX1jC3+sToAAKGAMIIBJzCBkTANBgkq
+ hkiG9w0BAQIFADBiMREwDwYDVQQHEwhJbnRlcm5ldDEXMBUGA1UEChMOVmVyaVNp
+ Z24sIEluYy4xNDAyBgNVBAsTK1ZlcmlTaWduIENsYXNzIDEgQ0EgLSBJbmRpdmlk
+ dWFsIFN1YnNjcmliZXIXDTk2MDcwMTE3MzA0MFoXDTk3MDcwMTAwMDAwMFowDQYJ
+ KoZIhvcNAQECBQADgYEAGLuQ6PX8A7AiqBEtWzYtl6lZNSDI0bR5YUo+D2Jzkw30
+ dxQnJSbKXEc6XYuzAW5HvrzATXu5c19WWPT4cRDwmjH71i9QcDysWwf/wE0qGTiW
+ I3tQT0I5VGh7jIJD07nlBw3R4Xl8dH9kr85JsWinqDH5YKpIo9o8knY5n7+qjOow
+ ggEkMIGOMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5W
+ ZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMSBQdWJsaWMgUHJpbWFyeSBD
+ ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eRcNOTYwNzE2MjMxMTI5WhcNOTYwODE1MDAw
+ MDAwWjANBgkqhkiG9w0BAQIFAAOBgQAXsLE4vnsY6sY67QrmWec7iaU2ehzxanEK
+ /9wKHZNuhlNzk+qGZZw2evxfUe2OaRbYpl8zuZvhK9BHD3ad14OSe9/zx5hOPgP/
+ DQXt6R4R8Q/1JheBrolrgbavjvI2wKS8/Psp2prBrkF4T48+AKRmS8Zzh1guxgvP
+ b+xSu/jH0gAAMYAAAAAAAAAAAA==
diff --git a/src/lib/libssl/src/test/r160test.c b/src/lib/libssl/src/test/r160test.c
new file mode 100644
index 0000000000..a172e393ca
--- /dev/null
+++ b/src/lib/libssl/src/test/r160test.c
@@ -0,0 +1,57 @@
+/* test/r160test.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
diff --git a/src/lib/libssl/src/test/tcrl b/src/lib/libssl/src/test/tcrl
new file mode 100644
index 0000000000..859fba452f
--- /dev/null
+++ b/src/lib/libssl/src/test/tcrl
@@ -0,0 +1,81 @@
+#!/bin/sh
+
+PATH=../apps:$PATH
+export PATH
+
+cmd='../apps/ssleay crl'
+
+if [ "$1"x != "x" ]; then
+ t=$1
+else
+ t=testcrl.pem
+fi
+
+echo testing crl conversions
+cp $t fff.p
+
+echo "p -> d"
+$cmd -in fff.p -inform p -outform d >f.d
+if [ $? != 0 ]; then exit 1; fi
+#echo "p -> t"
+#$cmd -in fff.p -inform p -outform t >f.t
+#if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in fff.p -inform p -outform p >f.p
+if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> d"
+$cmd -in f.d -inform d -outform d >ff.d1
+if [ $? != 0 ]; then exit 1; fi
+#echo "t -> d"
+#$cmd -in f.t -inform t -outform d >ff.d2
+#if [ $? != 0 ]; then exit 1; fi
+echo "p -> d"
+$cmd -in f.p -inform p -outform d >ff.d3
+if [ $? != 0 ]; then exit 1; fi
+
+#echo "d -> t"
+#$cmd -in f.d -inform d -outform t >ff.t1
+#if [ $? != 0 ]; then exit 1; fi
+#echo "t -> t"
+#$cmd -in f.t -inform t -outform t >ff.t2
+#if [ $? != 0 ]; then exit 1; fi
+#echo "p -> t"
+#$cmd -in f.p -inform p -outform t >ff.t3
+#if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> p"
+$cmd -in f.d -inform d -outform p >ff.p1
+if [ $? != 0 ]; then exit 1; fi
+#echo "t -> p"
+#$cmd -in f.t -inform t -outform p >ff.p2
+#if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in f.p -inform p -outform p >ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+cmp fff.p f.p
+if [ $? != 0 ]; then exit 1; fi
+cmp fff.p ff.p1
+if [ $? != 0 ]; then exit 1; fi
+#cmp fff.p ff.p2
+#if [ $? != 0 ]; then exit 1; fi
+cmp fff.p ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+#cmp f.t ff.t1
+#if [ $? != 0 ]; then exit 1; fi
+#cmp f.t ff.t2
+#if [ $? != 0 ]; then exit 1; fi
+#cmp f.t ff.t3
+#if [ $? != 0 ]; then exit 1; fi
+
+cmp f.p ff.p1
+if [ $? != 0 ]; then exit 1; fi
+#cmp f.p ff.p2
+#if [ $? != 0 ]; then exit 1; fi
+cmp f.p ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+/bin/rm -f f.* ff.* fff.*
+exit 0
diff --git a/src/lib/libssl/src/test/test.cnf b/src/lib/libssl/src/test/test.cnf
new file mode 100644
index 0000000000..faad3914a8
--- /dev/null
+++ b/src/lib/libssl/src/test/test.cnf
@@ -0,0 +1,88 @@
+#
+# SSLeay example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+
+RANDFILE = ./.rnd
+
+####################################################################
+[ ca ]
+default_ca = CA_default # The default ca section
+
+####################################################################
+[ CA_default ]
+
+dir = ./demoCA # Where everything is kept
+certs = $dir/certs # Where the issued certs are kept
+crl_dir = $dir/crl # Where the issued crl are kept
+database = $dir/index.txt # database index file.
+new_certs_dir = $dir/new_certs # default place for new certs.
+
+certificate = $dir/CAcert.pem # The CA certificate
+serial = $dir/serial # The current serial number
+crl = $dir/crl.pem # The current CRL
+private_key = $dir/private/CAkey.pem# The private key
+RANDFILE = $dir/private/.rand # private random number file
+
+default_days = 365 # how long to certify for
+default_crl_days= 30 # how long before next CRL
+default_md = md5 # which md to use.
+
+# A few difference way of specifying how similar the request should look
+# For type CA, the listed attributes must be the same, and the optional
+# and supplied fields are just that :-)
+policy = policy_match
+
+# For the CA policy
+[ policy_match ]
+countryName = match
+stateOrProvinceName = match
+organizationName = match
+organizationalUnitName = optional
+commonName = supplied
+emailAddress = optional
+
+# For the 'anything' policy
+# At this point in time, you must list all acceptable 'object'
+# types.
+[ policy_anything ]
+countryName = optional
+stateOrProvinceName = optional
+localityName = optional
+organizationName = optional
+organizationalUnitName = optional
+commonName = supplied
+emailAddress = optional
+
+####################################################################
+[ req ]
+default_bits = 512
+default_keyfile = testkey.pem
+distinguished_name = req_distinguished_name
+encrypt_rsa_key = no
+
+[ req_distinguished_name ]
+countryName = Country Name (2 letter code)
+countryName_default = AU
+countryName_value = AU
+
+stateOrProvinceName = State or Province Name (full name)
+stateOrProvinceName_default = Queensland
+stateOrProvinceName_value =
+
+localityName = Locality Name (eg, city)
+localityName_value = Brisbane
+
+organizationName = Organization Name (eg, company)
+organizationName_default =
+organizationName_value = CryptSoft Pty Ltd
+
+organizationalUnitName = Organizational Unit Name (eg, section)
+organizationalUnitName_default =
+organizationalUnitName_value = .
+
+commonName = Common Name (eg, YOUR name)
+commonName_value = Eric Young
+
+emailAddress = Email Address
+emailAddress_value = eay@mincom.oz.au
diff --git a/src/lib/libssl/src/test/testca b/src/lib/libssl/src/test/testca
new file mode 100644
index 0000000000..a28402f9ca
--- /dev/null
+++ b/src/lib/libssl/src/test/testca
@@ -0,0 +1,44 @@
+#!/bin/sh
+
+SH="/bin/sh"
+PATH=../apps:$PATH
+export SH PATH
+
+SSLEAY_CONFIG="-config CAss.cnf"
+export SSLEAY_CONFIG
+
+/bin/rm -fr demoCA
+$SH ../apps/CA.sh -newca <<EOF
+EOF
+
+if [ $? != 0 ]; then
+ exit 1;
+fi
+
+SSLEAY_CONFIG="-config Uss.cnf"
+export SSLEAY_CONFIG
+$SH ../apps/CA.sh -newreq
+if [ $? != 0 ]; then
+ exit 1;
+fi
+
+
+SSLEAY_CONFIG="-config ../apps/ssleay.cnf"
+export SSLEAY_CONFIG
+$SH ../apps/CA.sh -sign <<EOF
+y
+y
+EOF
+if [ $? != 0 ]; then
+ exit 1;
+fi
+
+
+$SH ../apps/CA.sh -verify newcert.pem
+if [ $? != 0 ]; then
+ exit 1;
+fi
+
+/bin/rm -fr demoCA newcert.pem newreq.pem
+#usage: CA -newcert|-newreq|-newca|-sign|-verify
+
diff --git a/src/lib/libssl/src/test/testcrl.pem b/src/lib/libssl/src/test/testcrl.pem
new file mode 100644
index 0000000000..0989788354
--- /dev/null
+++ b/src/lib/libssl/src/test/testcrl.pem
@@ -0,0 +1,16 @@
+-----BEGIN X509 CRL-----
+MIICjTCCAfowDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMxIDAeBgNVBAoT
+F1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2VydmVy
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5Fw05NTA1MDIwMjEyMjZaFw05NTA2MDEw
+MDAxNDlaMIIBaDAWAgUCQQAABBcNOTUwMjAxMTcyNDI2WjAWAgUCQQAACRcNOTUw
+MjEwMDIxNjM5WjAWAgUCQQAADxcNOTUwMjI0MDAxMjQ5WjAWAgUCQQAADBcNOTUw
+MjI1MDA0NjQ0WjAWAgUCQQAAGxcNOTUwMzEzMTg0MDQ5WjAWAgUCQQAAFhcNOTUw
+MzE1MTkxNjU0WjAWAgUCQQAAGhcNOTUwMzE1MTk0MDQxWjAWAgUCQQAAHxcNOTUw
+MzI0MTk0NDMzWjAWAgUCcgAABRcNOTUwMzI5MjAwNzExWjAWAgUCcgAAERcNOTUw
+MzMwMDIzNDI2WjAWAgUCQQAAIBcNOTUwNDA3MDExMzIxWjAWAgUCcgAAHhcNOTUw
+NDA4MDAwMjU5WjAWAgUCcgAAQRcNOTUwNDI4MTcxNzI0WjAWAgUCcgAAOBcNOTUw
+NDI4MTcyNzIxWjAWAgUCcgAATBcNOTUwNTAyMDIxMjI2WjANBgkqhkiG9w0BAQIF
+AAN+AHqOEJXSDejYy0UwxxrH/9+N2z5xu/if0J6qQmK92W0hW158wpJg+ovV3+wQ
+wvIEPRL2rocL0tKfAsVq1IawSJzSNgxG0lrcla3MrJBnZ4GaZDu4FutZh72MR3Gt
+JaAL3iTJHJD55kK2D/VoyY1djlsPuNh6AEgdVwFAyp0v
+-----END X509 CRL-----
diff --git a/src/lib/libssl/src/test/testenc b/src/lib/libssl/src/test/testenc
new file mode 100644
index 0000000000..42db56c2be
--- /dev/null
+++ b/src/lib/libssl/src/test/testenc
@@ -0,0 +1,62 @@
+#!/bin/sh
+
+testsrc=Makefile.ssl
+test=./p
+cmd=../apps/ssleay
+
+cat $testsrc >$test;
+
+echo cat
+$cmd enc < $test > $test.cipher
+$cmd enc < $test.cipher >$test.clear
+cmp $test $test.clear
+if [ $? != 0 ]
+then
+ exit 1
+else
+ /bin/rm $test.cipher $test.clear
+fi
+echo base64
+$cmd enc -a -e < $test > $test.cipher
+$cmd enc -a -d < $test.cipher >$test.clear
+cmp $test $test.clear
+if [ $? != 0 ]
+then
+ exit 1
+else
+ /bin/rm $test.cipher $test.clear
+fi
+
+for i in rc4 \
+ des-cfb des-ede-cfb des-ede3-cfb \
+ des-ofb des-ede-ofb des-ede3-ofb \
+ des-ecb des-ede des-ede3 desx \
+ des-cbc des-ede-cbc des-ede3-cbc \
+ idea-ecb idea-cfb idea-ofb idea-cbc \
+ rc2-ecb rc2-cfb rc2-ofb rc2-cbc \
+ bf-ecb bf-cfb bf-ofb bf-cbc rc4 \
+ cast5-ecb cast5-cfb cast5-ofb cast5-cbc
+do
+ echo $i
+ $cmd $i -bufsize 113 -e -k test < $test > $test.$i.cipher
+ $cmd $i -bufsize 157 -d -k test < $test.$i.cipher >$test.$i.clear
+ cmp $test $test.$i.clear
+ if [ $? != 0 ]
+ then
+ exit 1
+ else
+ /bin/rm $test.$i.cipher $test.$i.clear
+ fi
+
+ echo $i base64
+ $cmd $i -bufsize 113 -a -e -k test < $test > $test.$i.cipher
+ $cmd $i -bufsize 157 -a -d -k test < $test.$i.cipher >$test.$i.clear
+ cmp $test $test.$i.clear
+ if [ $? != 0 ]
+ then
+ exit 1
+ else
+ /bin/rm $test.$i.cipher $test.$i.clear
+ fi
+done
+rm -f $test
diff --git a/src/lib/libssl/src/test/testgen b/src/lib/libssl/src/test/testgen
new file mode 100644
index 0000000000..12a4ca4cea
--- /dev/null
+++ b/src/lib/libssl/src/test/testgen
@@ -0,0 +1,30 @@
+#!/bin/sh
+
+T=testcert
+KEY=512
+CA=../certs/testca.pem
+
+/bin/rm -f $T.1 $T.2 $T.key
+
+PATH=../apps:$PATH;
+export PATH
+
+echo "generating certificate request"
+
+echo "There should be a 2 sequences of .'s and some +'s."
+echo "There should not be more that at most 80 per line"
+echo "This could take some time."
+
+../apps/ssleay req -config test.cnf -new -out testreq.pem
+if [ $? != 0 ]; then
+echo problems creating request
+exit 1
+fi
+
+../apps/ssleay req -verify -in testreq.pem -noout
+if [ $? != 0 ]; then
+echo signature on req is wrong
+exit 1
+fi
+
+exit 0
diff --git a/src/lib/libssl/src/test/testp7.pem b/src/lib/libssl/src/test/testp7.pem
new file mode 100644
index 0000000000..b3b6dba830
--- /dev/null
+++ b/src/lib/libssl/src/test/testp7.pem
@@ -0,0 +1,46 @@
+-----BEGIN PKCS7-----
+MIAGCSqGSIb3DQEHAqCAMIIIBwIBATEAMIAGCSqGSIb3DQEHAQAAoIIGPDCCBHIw
+ggQcoAMCAQICEHkvjiX1iVGQMenF9HgIjI8wDQYJKoZIhvcNAQEEBQAwYjERMA8G
+A1UEBxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQL
+EytWZXJpU2lnbiBDbGFzcyAxIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyMB4X
+DTk2MDcxOTAwMDAwMFoXDTk3MDMzMDIzNTk1OVowgdUxETAPBgNVBAcTCEludGVy
+bmV0MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24g
+Q2xhc3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjEoMCYGA1UECxMfRGln
+aXRhbCBJRCBDbGFzcyAxIC0gU01JTUUgVGVzdDFHMEUGA1UECxM+d3d3LnZlcmlz
+aWduLmNvbS9yZXBvc2l0b3J5L0NQUy0xLjAgSW5jLiBieSBSZWYuLExJQUIuTFRE
+KGMpOTYwWzANBgkqhkiG9w0BAQEFAANKADBHAkAOy7xxCAIkOfuIA2LyRpxgKlDO
+Rl8htdXYhF5iBGUx1GYaK6KF+bK/CCI0l4j2OfWGFBUrwGoWqxTNcWgTfMzRAgMB
+AAGjggI5MIICNTAJBgNVHRMEAjAAMIICJgYDVR0DBIICHTCCAhkwggIVMIICEQYL
+YIZIAYb4RQEHAQEwggIAFoIBq1RoaXMgY2VydGlmaWNhdGUgaW5jb3Jwb3JhdGVz
+IGJ5IHJlZmVyZW5jZSwgYW5kIGl0cyB1c2UgaXMgc3RyaWN0bHkgc3ViamVjdCB0
+bywgdGhlIFZlcmlTaWduIENlcnRpZmljYXRpb24gUHJhY3RpY2UgU3RhdGVtZW50
+IChDUFMpLCBhdmFpbGFibGUgYXQ6IGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9D
+UFMtMS4wOyBieSBFLW1haWwgYXQgQ1BTLXJlcXVlc3RzQHZlcmlzaWduLmNvbTsg
+b3IgYnkgbWFpbCBhdCBWZXJpU2lnbiwgSW5jLiwgMjU5MyBDb2FzdCBBdmUuLCBN
+b3VudGFpbiBWaWV3LCBDQSA5NDA0MyBVU0EgVGVsLiArMSAoNDE1KSA5NjEtODgz
+MCBDb3B5cmlnaHQgKGMpIDE5OTYgVmVyaVNpZ24sIEluYy4gIEFsbCBSaWdodHMg
+UmVzZXJ2ZWQuIENFUlRBSU4gV0FSUkFOVElFUyBESVNDTEFJTUVEIGFuZCBMSUFC
+SUxJVFkgTElNSVRFRC6gDgYMYIZIAYb4RQEHAQEBoQ4GDGCGSAGG+EUBBwEBAjAv
+MC0WK2h0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9yZXBvc2l0b3J5L0NQUy0xLgMw
+DQYJKoZIhvcNAQEEBQADQQDAmA7km/3iJWEsWN9Z2WU2gmZAknx45WnDKHxMa3Bf
+gNsh6BLk/ngkJKjNKTDR13XVHqEPUY1flbjATZputw1GMIIBwjCCAWygAwIBAgIQ
+fAmE6tW5ERSQWDneu3KfSTANBgkqhkiG9w0BAQIFADA+MQswCQYDVQQGEwJVUzEX
+MBUGA1UEChMOVmVyaVNpZ24sIEluYy4xFjAUBgNVBAsTDVRFU1QgUm9vdCBQQ0Ew
+HhcNOTYwNzE3MDAwMDAwWhcNOTcwNzE3MjM1OTU5WjBiMREwDwYDVQQHEwhJbnRl
+cm5ldDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNDAyBgNVBAsTK1ZlcmlTaWdu
+IENsYXNzIDEgQ0EgLSBJbmRpdmlkdWFsIFN1YnNjcmliZXIwXDANBgkqhkiG9w0B
+AQEFAANLADBIAkEA7Fc6zYJw4WwCWa1ni3fYNbzGSQNluuw990024GusjLfhEk1h
+MsIUukTT/n8yxoO7rYp4x+LS+tHF2tBtuxg7CwIDAQABoyIwIDALBgNVHQ8EBAMC
+AQYwEQYJYIZIAYb4QgEBBAQDAgIEMA0GCSqGSIb3DQEBAgUAA0EAFKem0cJGg9nd
+TAbP5o1HIEyNn11ZlvLU5v1Hejs1MKQt72IMm4jjgOH+pjguXW8lB6yzrK4oVOO2
+UNCaNQ1H26GCAa0wgeYwgZEwDQYJKoZIhvcNAQECBQAwYjERMA8GA1UEBxMISW50
+ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytWZXJpU2ln
+biBDbGFzcyAxIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyFw05NjA3MTcxNzU5
+MjlaFw05NzA3MTgwMDAwMDBaMA0GCSqGSIb3DQEBAgUAA0EAubVWYTsWsQmste9f
++UgMw8BkjDlM25fwQLrCfmmnLxjewey10kSROypUaJLb+r4oRALc0fG9XfZsaiiI
+gotQHjCBwTBtMA0GCSqGSIb3DQEBAgUAMD4xCzAJBgNVBAYTAlVTMRcwFQYDVQQK
+Ew5WZXJpU2lnbiwgSW5jLjEWMBQGA1UECxMNVEVTVCBSb290IFBDQRcNOTYwNzE3
+MTc0NDA5WhcNOTgwNzE3MDAwMDAwWjANBgkqhkiG9w0BAQIFAANBAHitA0/xAukC
+jHzeh1AMT/l2oC68N+yFb+aJPHBBMxc6gG2MaKjBNwb5hcXUllMlExONA3ju10f7
+owIq3s3wx10xAAAAAAA=
+-----END PKCS7-----
diff --git a/src/lib/libssl/src/test/testreq2.pem b/src/lib/libssl/src/test/testreq2.pem
new file mode 100644
index 0000000000..c3cdcffcbc
--- /dev/null
+++ b/src/lib/libssl/src/test/testreq2.pem
@@ -0,0 +1,7 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIHaMIGFAgEAMA4xDDAKBgNVBAMTA2NuNDBcMA0GCSqGSIb3DQEBAQUAA0sAMEgC
+QQCQsnkyUGDY2R3mYoeTprFJKgWuJ3f1jUjlIuW5+wfAUoeMt35c4vcFZ2mIBpEG
+DtzkNQN1kr2O9ldm9zYnYhyhAgMBAAGgEjAQBgorBgEEAYI3AgEOMQIwADANBgkq
+hkiG9w0BAQQFAANBAAb2szZgVIxg3vK6kYLjGSBISyuzcXJ6IvuPW6M+yzi1Qgoi
+gQhazHTJp91T8ItZEzUJGZSZl2e5iXlnffWB+/U=
+-----END CERTIFICATE REQUEST-----
diff --git a/src/lib/libssl/src/test/testrsa.pem b/src/lib/libssl/src/test/testrsa.pem
new file mode 100644
index 0000000000..aad21067a8
--- /dev/null
+++ b/src/lib/libssl/src/test/testrsa.pem
@@ -0,0 +1,9 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIBPAIBAAJBAKrbeqkuRk8VcRmWFmtP+LviMB3+6dizWW3DwaffznyHGAFwUJ/I
+Tv0XtbsCyl3QoyKGhrOAy3RvPK5M38iuXT0CAwEAAQJAZ3cnzaHXM/bxGaR5CR1R
+rD1qFBAVfoQFiOH9uPJgMaoAuoQEisPHVcZDKcOv4wEg6/TInAIXBnEigtqvRzuy
+oQIhAPcgZzUq3yVooAaoov8UbXPxqHlwo6GBMqnv20xzkf6ZAiEAsP4BnIaQTM8S
+mvcpHZwQJdmdHHkGKAs37Dfxi67HbkUCIQCeZGliHXFa071Fp06ZeWlR2ADonTZz
+rJBhdTe0v5pCeQIhAIZfkiGgGBX4cIuuckzEm43g9WMUjxP/0GlK39vIyihxAiEA
+mymehFRT0MvqW5xAKAx7Pgkt8HVKwVhc2LwGKHE0DZM=
+-----END RSA PRIVATE KEY-----
diff --git a/src/lib/libssl/src/test/testsid.pem b/src/lib/libssl/src/test/testsid.pem
new file mode 100644
index 0000000000..cd8617be2e
--- /dev/null
+++ b/src/lib/libssl/src/test/testsid.pem
@@ -0,0 +1,12 @@
+-----BEGIN SSL SESSION PARAMETERS-----
+MIIBxwIBAQIBAgQDAQCABBCi11xa5qkOP8xrr02K/NQCBBBkIYQZM0Bt95W0EHNV
+bA58oQYCBDIBr7WiBAICASyjggGGMIIBgjCCASwCAQMwDQYJKoZIhvcNAQEEBQAw
+ODELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3Jz
+YSB0ZXN0IENBMB4XDTk1MTAwOTIzMzEzNFoXDTk4MDcwNTIzMzEzNFowYDELMAkG
+A1UEBhMCQVUxDDAKBgNVBAgTA1FMRDEZMBcGA1UEChMQTWluY29tIFB0eS4gTHRk
+LjELMAkGA1UECxMCQ1MxGzAZBgNVBAMTElNTTGVheSBkZW1vIGNsaWVudDBcMA0G
+CSqGSIb3DQEBAQUAA0sAMEgCQQC4pcXEL1lgVA+B5Q3TcuW/O3LZHoA73IYm8oFD
+TezgCDhL2RTMn+seKWF36UtJKRIOBU9jZHCVVd0Me5ls6BEjAgMBAAEwDQYJKoZI
+hvcNAQEEBQADQQBoIpOcwUY1qlVF7j3ROSGvUsbvByOBFmYWkIBgsCqR+9qo1A7L
+CrWF5i8LWt/vLwAHaxWNx2YuBJMFyuK81fTv
+-----END SSL SESSION PARAMETERS-----
diff --git a/src/lib/libssl/src/test/testss b/src/lib/libssl/src/test/testss
new file mode 100644
index 0000000000..a5aecf4694
--- /dev/null
+++ b/src/lib/libssl/src/test/testss
@@ -0,0 +1,89 @@
+#!/bin/sh
+
+digest='-mdc2'
+reqcmd="../apps/ssleay req"
+x509cmd="../apps/ssleay x509 $digest"
+verifycmd="../apps/ssleay verify"
+
+CAkey="keyCA.ss"
+CAcert="certCA.ss"
+CAreq="reqCA.ss"
+CAconf="CAss.cnf"
+CAreq2="req2CA.ss" # temp
+
+Uconf="Uss.cnf"
+Ukey="keyU.ss"
+Ureq="reqU.ss"
+Ucert="certU.ss"
+
+echo
+echo "make a certificate request using 'req'"
+$reqcmd -config $CAconf -out $CAreq -keyout $CAkey -new #>err.ss
+if [ $? != 0 ]; then
+ echo "error using 'req' to generate a certificate request"
+ exit 1
+fi
+echo
+echo "convert the certificate request into a self signed certificate using 'x509'"
+$x509cmd -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey >err.ss
+if [ $? != 0 ]; then
+ echo "error using 'x509' to self sign a certificate request"
+ exit 1
+fi
+
+echo
+echo "convert a certificate into a certificate request using 'x509'"
+$x509cmd -in $CAcert -x509toreq -signkey $CAkey -out $CAreq2 >err.ss
+if [ $? != 0 ]; then
+ echo "error using 'x509' convert a certificate to a certificate request"
+ exit 1
+fi
+
+$reqcmd -verify -in $CAreq -noout
+if [ $? != 0 ]; then
+ echo first generated request is invalid
+ exit 1
+fi
+
+$reqcmd -verify -in $CAreq2 -noout
+if [ $? != 0 ]; then
+ echo second generated request is invalid
+ exit 1
+fi
+
+$verifycmd -CAfile $CAcert $CAcert
+if [ $? != 0 ]; then
+ echo first generated cert is invalid
+ exit 1
+fi
+
+echo
+echo "make another certificate request using 'req'"
+$reqcmd -config $Uconf -out $Ureq -keyout $Ukey -new >err.ss
+if [ $? != 0 ]; then
+ echo "error using 'req' to generate a certificate request"
+ exit 1
+fi
+
+echo
+echo "sign certificate request with the just created CA via 'x509'"
+$x509cmd -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey >err.ss
+if [ $? != 0 ]; then
+ echo "error using 'x509' to sign a certificate request"
+ exit 1
+fi
+
+$verifycmd -CAfile $CAcert $Ucert
+echo
+echo "Certificate details"
+$x509cmd -subject -issuer -startdate -enddate -noout -in $Ucert
+
+echo
+echo The generated CA certificate is $CAcert
+echo The generated CA private key is $CAkey
+
+echo The generated user certificate is $Ucert
+echo The generated user private key is $Ukey
+
+/bin/rm err.ss
+exit 0
diff --git a/src/lib/libssl/src/test/testssl b/src/lib/libssl/src/test/testssl
new file mode 100644
index 0000000000..f115adb8e1
--- /dev/null
+++ b/src/lib/libssl/src/test/testssl
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+echo test sslv2
+./ssltest -ssl2 || exit 1
+
+echo test sslv2 with server authentication
+./ssltest -ssl2 -server_auth -CApath ../certs || exit 1
+
+echo test sslv2 with client authentication
+./ssltest -ssl2 -client_auth -CApath ../certs || exit 1
+
+echo test sslv2 with both client and server authentication
+./ssltest -ssl2 -server_auth -client_auth -CApath ../certs || exit 1
+
+echo test sslv3
+./ssltest -ssl3 || exit 1
+
+echo test sslv3 with server authentication
+./ssltest -ssl3 -server_auth -CApath ../certs || exit 1
+
+echo test sslv3 with client authentication
+./ssltest -ssl3 -client_auth -CApath ../certs || exit 1
+
+echo test sslv3 with both client and server authentication
+./ssltest -ssl3 -server_auth -client_auth -CApath ../certs || exit 1
+
+echo test sslv2/sslv3
+./ssltest || exit 1
+
+echo test sslv2/sslv3 with server authentication
+./ssltest -server_auth -CApath ../certs || exit 1
+
+echo test sslv2/sslv3 with client authentication
+./ssltest -client_auth -CApath ../certs || exit 1
+
+echo test sslv2/sslv3 with both client and server authentication
+./ssltest -server_auth -client_auth -CApath ../certs || exit 1
+
+exit 0
+
diff --git a/src/lib/libssl/src/test/testx509.pem b/src/lib/libssl/src/test/testx509.pem
new file mode 100644
index 0000000000..8a85d14964
--- /dev/null
+++ b/src/lib/libssl/src/test/testx509.pem
@@ -0,0 +1,10 @@
+-----BEGIN CERTIFICATE-----
+MIIBWzCCAQYCARgwDQYJKoZIhvcNAQEEBQAwODELMAkGA1UEBhMCQVUxDDAKBgNV
+BAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3JzYSB0ZXN0IENBMB4XDTk1MDYxOTIz
+MzMxMloXDTk1MDcxNzIzMzMxMlowOjELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FM
+RDEdMBsGA1UEAxMUU1NMZWF5L3JzYSB0ZXN0IGNlcnQwXDANBgkqhkiG9w0BAQEF
+AANLADBIAkEAqtt6qS5GTxVxGZYWa0/4u+IwHf7p2LNZbcPBp9/OfIcYAXBQn8hO
+/Re1uwLKXdCjIoaGs4DLdG88rkzfyK5dPQIDAQABMAwGCCqGSIb3DQIFBQADQQAE
+Wc7EcF8po2/ZO6kNCwK/ICH6DobgLekA5lSLr5EvuioZniZp5lFzAw4+YzPQ7XKJ
+zl9HYIMxATFyqSiD9jsx
+-----END CERTIFICATE-----
diff --git a/src/lib/libssl/src/test/times b/src/lib/libssl/src/test/times
new file mode 100644
index 0000000000..49aeebf216
--- /dev/null
+++ b/src/lib/libssl/src/test/times
@@ -0,0 +1,113 @@
+
+More number for the questions about SSL overheads....
+
+The following numbers were generated on a pentium pro 200, running linux.
+They give an indication of the SSL protocol and encryption overheads.
+
+The program that generated them is an unreleased version of ssl/ssltest.c
+which is the SSLeay ssl protocol testing program. It is a single process that
+talks both sides of the SSL protocol via a non-blocking memory buffer
+interface.
+
+How do I read this? The protocol and cipher are reasonable obvious.
+The next number is the number of connections being made. The next is the
+number of bytes exchanged bewteen the client and server side of the protocol.
+This is the number of bytes that the client sends to the server, and then
+the server sends back. Because this is all happening in one process,
+the data is being encrypted, decrypted, encrypted and then decrypted again.
+It is a round trip of that many bytes. Because the one process performs
+both the client and server sides of the protocol and it sends this many bytes
+each direction, multiply this number by 4 to generate the number
+of bytes encrypted/decrypted/MACed. The first time value is how many seconds
+elapsed doing a full SSL handshake, the second is the cost of one
+full handshake and the rest being session-id reuse.
+
+SSLv2 RC4-MD5 1000 x 1 12.83s 0.70s
+SSLv3 NULL-MD5 1000 x 1 14.35s 1.47s
+SSLv3 RC4-MD5 1000 x 1 14.46s 1.56s
+SSLv3 RC4-MD5 1000 x 1 51.93s 1.62s 1024bit RSA
+SSLv3 RC4-SHA 1000 x 1 14.61s 1.83s
+SSLv3 DES-CBC-SHA 1000 x 1 14.70s 1.89s
+SSLv3 DES-CBC3-SHA 1000 x 1 15.16s 2.16s
+
+SSLv2 RC4-MD5 1000 x 1024 13.72s 1.27s
+SSLv3 NULL-MD5 1000 x 1024 14.79s 1.92s
+SSLv3 RC4-MD5 1000 x 1024 52.58s 2.29s 1024bit RSA
+SSLv3 RC4-SHA 1000 x 1024 15.39s 2.67s
+SSLv3 DES-CBC-SHA 1000 x 1024 16.45s 3.55s
+SSLv3 DES-CBC3-SHA 1000 x 1024 18.21s 5.38s
+
+SSLv2 RC4-MD5 1000 x 10240 18.97s 6.52s
+SSLv3 NULL-MD5 1000 x 10240 17.79s 5.11s
+SSLv3 RC4-MD5 1000 x 10240 20.25s 7.90s
+SSLv3 RC4-MD5 1000 x 10240 58.26s 8.08s 1024bit RSA
+SSLv3 RC4-SHA 1000 x 10240 22.96s 11.44s
+SSLv3 DES-CBC-SHA 1000 x 10240 30.65s 18.41s
+SSLv3 DES-CBC3-SHA 1000 x 10240 47.04s 34.53s
+
+SSLv2 RC4-MD5 1000 x 102400 70.22s 57.74s
+SSLv3 NULL-MD5 1000 x 102400 43.73s 31.03s
+SSLv3 RC4-MD5 1000 x 102400 71.32s 58.83s
+SSLv3 RC4-MD5 1000 x 102400 109.66s 59.20s 1024bit RSA
+SSLv3 RC4-SHA 1000 x 102400 95.88s 82.21s
+SSLv3 DES-CBC-SHA 1000 x 102400 173.22s 160.55s
+SSLv3 DES-CBC3-SHA 1000 x 102400 336.61s 323.82s
+
+What does this all mean? Well for a server, with no session-id reuse, with
+a transfer size of 10240 bytes, using RC4-MD5 and a 512bit server key,
+a pentium pro 200 running linux can handle the SSLv3 protocol overheads of
+about 49 connections a second. Reality will be quite different :-).
+
+Remeber the first number is 1000 full ssl handshakes, the second is
+1 full and 999 with session-id reuse. The RSA overheads for each exchange
+would be one public and one private operation, but the protocol/MAC/cipher
+cost would be quite similar in both the client and server.
+
+eric (adding numbers to speculation)
+
+--- Appendix ---
+- The time measured is user time but these number a very rough.
+- Remember this is the cost of both client and server sides of the protocol.
+- The TCP/kernal overhead of connection establishment is normally the
+ killer in SSL. Often delays in the TCP protocol will make session-id
+ reuse look slower that new sessions, but this would not be the case on
+ a loaded server.
+- The TCP round trip latencies, while slowing indervidual connections,
+ would have minimal impact on throughput.
+- Instead of sending one 102400 byte buffer, one 8k buffer is sent until
+- the required number of bytes are processed.
+- The SSLv3 connections were actually SSLv2 compatable SSLv3 headers.
+- A 512bit server key was being used except where noted.
+- No server key verification was being performed on the client side of the
+ protocol. This would slow things down very little.
+- The library being used is SSLeay 0.8.x.
+- The normal mesauring system was commands of the form
+ time ./ssltest -num 1000 -bytes 102400 -cipher DES-CBC-SHA -reuse
+ This modified version of ssltest should be in the next public release of
+ SSLeay.
+
+The general cipher performace number for this platform are
+
+SSLeay 0.8.2a 04-Sep-1997
+built on Fri Sep 5 17:37:05 EST 1997
+options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2)
+C flags:gcc -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 131.02k 368.41k 500.57k 549.21k 566.09k
+mdc2 535.60k 589.10k 595.88k 595.97k 594.54k
+md5 1801.53k 9674.77k 17484.03k 21849.43k 23592.96k
+sha 1261.63k 5533.25k 9285.63k 11187.88k 11913.90k
+sha1 1103.13k 4782.53k 7933.78k 9472.34k 10070.70k
+rc4 10722.53k 14443.93k 15215.79k 15299.24k 15219.59k
+des cbc 3286.57k 3827.73k 3913.39k 3931.82k 3926.70k
+des ede3 1443.50k 1549.08k 1561.17k 1566.38k 1564.67k
+idea cbc 2203.64k 2508.16k 2538.33k 2543.62k 2547.71k
+rc2 cbc 1430.94k 1511.59k 1524.82k 1527.13k 1523.33k
+blowfish cbc 4716.07k 5965.82k 6190.17k 6243.67k 6234.11k
+ sign verify
+rsa 512 bits 0.0100s 0.0011s
+rsa 1024 bits 0.0451s 0.0012s
+rsa 2048 bits 0.2605s 0.0086s
+rsa 4096 bits 1.6883s 0.0302s
+
diff --git a/src/lib/libssl/src/test/tpkcs7 b/src/lib/libssl/src/test/tpkcs7
new file mode 100644
index 0000000000..ea1f005dac
--- /dev/null
+++ b/src/lib/libssl/src/test/tpkcs7
@@ -0,0 +1,51 @@
+#!/bin/sh
+
+PATH=../apps:$PATH
+export PATH
+
+cmd='../apps/ssleay pkcs7'
+
+if [ "$1"x != "x" ]; then
+ t=$1
+else
+ t=testp7.pem
+fi
+
+echo testing pkcs7 conversions
+cp $t fff.p
+
+echo "p -> d"
+$cmd -in fff.p -inform p -outform d >f.d
+if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in fff.p -inform p -outform p >f.p
+if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> d"
+$cmd -in f.d -inform d -outform d >ff.d1
+if [ $? != 0 ]; then exit 1; fi
+echo "p -> d"
+$cmd -in f.p -inform p -outform d >ff.d3
+if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> p"
+$cmd -in f.d -inform d -outform p >ff.p1
+if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in f.p -inform p -outform p >ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+cmp fff.p f.p
+if [ $? != 0 ]; then exit 1; fi
+cmp fff.p ff.p1
+if [ $? != 0 ]; then exit 1; fi
+cmp fff.p ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+cmp f.p ff.p1
+if [ $? != 0 ]; then exit 1; fi
+cmp f.p ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+/bin/rm -f f.* ff.* fff.*
+exit 0
diff --git a/src/lib/libssl/src/test/tpkcs7d b/src/lib/libssl/src/test/tpkcs7d
new file mode 100644
index 0000000000..c8f18fb09c
--- /dev/null
+++ b/src/lib/libssl/src/test/tpkcs7d
@@ -0,0 +1,44 @@
+#!/bin/sh
+
+PATH=../apps:$PATH
+export PATH
+
+cmd='../apps/ssleay pkcs7'
+
+if [ "$1"x != "x" ]; then
+ t=$1
+else
+ t=pkcs7-1.pem
+fi
+
+echo testing pkcs7 conversions
+cp $t fff.p
+
+echo "p -> d"
+$cmd -in fff.p -inform p -outform d >f.d
+if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in fff.p -inform p -outform p >f.p
+if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> d"
+$cmd -in f.d -inform d -outform d >ff.d1
+if [ $? != 0 ]; then exit 1; fi
+echo "p -> d"
+$cmd -in f.p -inform p -outform d >ff.d3
+if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> p"
+$cmd -in f.d -inform d -outform p >ff.p1
+if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in f.p -inform p -outform p >ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+cmp f.p ff.p1
+if [ $? != 0 ]; then exit 1; fi
+cmp f.p ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+/bin/rm -f f.* ff.* fff.*
+exit 0
diff --git a/src/lib/libssl/src/test/treq b/src/lib/libssl/src/test/treq
new file mode 100644
index 0000000000..e5f1d8cc41
--- /dev/null
+++ b/src/lib/libssl/src/test/treq
@@ -0,0 +1,81 @@
+#!/bin/sh
+
+PATH=../apps:$PATH
+export PATH
+
+cmd='../apps/ssleay req'
+
+if [ "$1"x != "x" ]; then
+ t=$1
+else
+ t=testreq.pem
+fi
+
+echo testing req conversions
+cp $t fff.p
+
+echo "p -> d"
+$cmd -in fff.p -inform p -outform d >f.d
+if [ $? != 0 ]; then exit 1; fi
+#echo "p -> t"
+#$cmd -in fff.p -inform p -outform t >f.t
+#if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in fff.p -inform p -outform p >f.p
+if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> d"
+$cmd -verify -in f.d -inform d -outform d >ff.d1
+if [ $? != 0 ]; then exit 1; fi
+#echo "t -> d"
+#$cmd -in f.t -inform t -outform d >ff.d2
+#if [ $? != 0 ]; then exit 1; fi
+echo "p -> d"
+$cmd -verify -in f.p -inform p -outform d >ff.d3
+if [ $? != 0 ]; then exit 1; fi
+
+#echo "d -> t"
+#$cmd -in f.d -inform d -outform t >ff.t1
+#if [ $? != 0 ]; then exit 1; fi
+#echo "t -> t"
+#$cmd -in f.t -inform t -outform t >ff.t2
+#if [ $? != 0 ]; then exit 1; fi
+#echo "p -> t"
+#$cmd -in f.p -inform p -outform t >ff.t3
+#if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> p"
+$cmd -in f.d -inform d -outform p >ff.p1
+if [ $? != 0 ]; then exit 1; fi
+#echo "t -> p"
+#$cmd -in f.t -inform t -outform p >ff.p2
+#if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in f.p -inform p -outform p >ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+cmp fff.p f.p
+if [ $? != 0 ]; then exit 1; fi
+cmp fff.p ff.p1
+if [ $? != 0 ]; then exit 1; fi
+#cmp fff.p ff.p2
+#if [ $? != 0 ]; then exit 1; fi
+cmp fff.p ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+#cmp f.t ff.t1
+#if [ $? != 0 ]; then exit 1; fi
+#cmp f.t ff.t2
+#if [ $? != 0 ]; then exit 1; fi
+#cmp f.t ff.t3
+#if [ $? != 0 ]; then exit 1; fi
+
+cmp f.p ff.p1
+if [ $? != 0 ]; then exit 1; fi
+#cmp f.p ff.p2
+#if [ $? != 0 ]; then exit 1; fi
+cmp f.p ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+/bin/rm -f f.* ff.* fff.*
+exit 0
diff --git a/src/lib/libssl/src/test/trsa b/src/lib/libssl/src/test/trsa
new file mode 100644
index 0000000000..e5b8fe0448
--- /dev/null
+++ b/src/lib/libssl/src/test/trsa
@@ -0,0 +1,81 @@
+#!/bin/sh
+
+PATH=../apps:$PATH
+export PATH
+
+cmd='../apps/ssleay rsa'
+
+if [ "$1"x != "x" ]; then
+ t=$1
+else
+ t=testrsa.pem
+fi
+
+echo testing rsa conversions
+cp $t fff.p
+
+echo "p -> d"
+$cmd -in fff.p -inform p -outform d >f.d
+if [ $? != 0 ]; then exit 1; fi
+#echo "p -> t"
+#$cmd -in fff.p -inform p -outform t >f.t
+#if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in fff.p -inform p -outform p >f.p
+if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> d"
+$cmd -in f.d -inform d -outform d >ff.d1
+if [ $? != 0 ]; then exit 1; fi
+#echo "t -> d"
+#$cmd -in f.t -inform t -outform d >ff.d2
+#if [ $? != 0 ]; then exit 1; fi
+echo "p -> d"
+$cmd -in f.p -inform p -outform d >ff.d3
+if [ $? != 0 ]; then exit 1; fi
+
+#echo "d -> t"
+#$cmd -in f.d -inform d -outform t >ff.t1
+#if [ $? != 0 ]; then exit 1; fi
+#echo "t -> t"
+#$cmd -in f.t -inform t -outform t >ff.t2
+#if [ $? != 0 ]; then exit 1; fi
+#echo "p -> t"
+#$cmd -in f.p -inform p -outform t >ff.t3
+#if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> p"
+$cmd -in f.d -inform d -outform p >ff.p1
+if [ $? != 0 ]; then exit 1; fi
+#echo "t -> p"
+#$cmd -in f.t -inform t -outform p >ff.p2
+#if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in f.p -inform p -outform p >ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+cmp fff.p f.p
+if [ $? != 0 ]; then exit 1; fi
+cmp fff.p ff.p1
+if [ $? != 0 ]; then exit 1; fi
+#cmp fff.p ff.p2
+#if [ $? != 0 ]; then exit 1; fi
+cmp fff.p ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+#cmp f.t ff.t1
+#if [ $? != 0 ]; then exit 1; fi
+#cmp f.t ff.t2
+#if [ $? != 0 ]; then exit 1; fi
+#cmp f.t ff.t3
+#if [ $? != 0 ]; then exit 1; fi
+
+cmp f.p ff.p1
+if [ $? != 0 ]; then exit 1; fi
+#cmp f.p ff.p2
+#if [ $? != 0 ]; then exit 1; fi
+cmp f.p ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+/bin/rm -f f.* ff.* fff.*
+exit 0
diff --git a/src/lib/libssl/src/test/tsid b/src/lib/libssl/src/test/tsid
new file mode 100644
index 0000000000..8c7e9b1387
--- /dev/null
+++ b/src/lib/libssl/src/test/tsid
@@ -0,0 +1,81 @@
+#!/bin/sh
+
+PATH=../apps:$PATH
+export PATH
+
+cmd='../apps/ssleay sess_id'
+
+if [ "$1"x != "x" ]; then
+ t=$1
+else
+ t=testsid.pem
+fi
+
+echo testing session-id conversions
+cp $t fff.p
+
+echo "p -> d"
+$cmd -in fff.p -inform p -outform d >f.d
+if [ $? != 0 ]; then exit 1; fi
+#echo "p -> t"
+#$cmd -in fff.p -inform p -outform t >f.t
+#if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in fff.p -inform p -outform p >f.p
+if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> d"
+$cmd -in f.d -inform d -outform d >ff.d1
+if [ $? != 0 ]; then exit 1; fi
+#echo "t -> d"
+#$cmd -in f.t -inform t -outform d >ff.d2
+#if [ $? != 0 ]; then exit 1; fi
+echo "p -> d"
+$cmd -in f.p -inform p -outform d >ff.d3
+if [ $? != 0 ]; then exit 1; fi
+
+#echo "d -> t"
+#$cmd -in f.d -inform d -outform t >ff.t1
+#if [ $? != 0 ]; then exit 1; fi
+#echo "t -> t"
+#$cmd -in f.t -inform t -outform t >ff.t2
+#if [ $? != 0 ]; then exit 1; fi
+#echo "p -> t"
+#$cmd -in f.p -inform p -outform t >ff.t3
+#if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> p"
+$cmd -in f.d -inform d -outform p >ff.p1
+if [ $? != 0 ]; then exit 1; fi
+#echo "t -> p"
+#$cmd -in f.t -inform t -outform p >ff.p2
+#if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in f.p -inform p -outform p >ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+cmp fff.p f.p
+if [ $? != 0 ]; then exit 1; fi
+cmp fff.p ff.p1
+if [ $? != 0 ]; then exit 1; fi
+#cmp fff.p ff.p2
+#if [ $? != 0 ]; then exit 1; fi
+cmp fff.p ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+#cmp f.t ff.t1
+#if [ $? != 0 ]; then exit 1; fi
+#cmp f.t ff.t2
+#if [ $? != 0 ]; then exit 1; fi
+#cmp f.t ff.t3
+#if [ $? != 0 ]; then exit 1; fi
+
+cmp f.p ff.p1
+if [ $? != 0 ]; then exit 1; fi
+#cmp f.p ff.p2
+#if [ $? != 0 ]; then exit 1; fi
+cmp f.p ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+/bin/rm -f f.* ff.* fff.*
+exit 0
diff --git a/src/lib/libssl/src/test/tx509 b/src/lib/libssl/src/test/tx509
new file mode 100644
index 0000000000..f8d1f82cdd
--- /dev/null
+++ b/src/lib/libssl/src/test/tx509
@@ -0,0 +1,81 @@
+#!/bin/sh
+
+PATH=../apps:$PATH
+export PATH
+
+cmd='../apps/ssleay x509'
+
+if [ "$1"x != "x" ]; then
+ t=$1
+else
+ t=testx509.pem
+fi
+
+echo testing X509 conversions
+cp $t fff.p
+
+echo "p -> d"
+$cmd -in fff.p -inform p -outform d >f.d
+if [ $? != 0 ]; then exit 1; fi
+echo "p -> n"
+$cmd -in fff.p -inform p -outform n >f.n
+if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in fff.p -inform p -outform p >f.p
+if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> d"
+$cmd -in f.d -inform d -outform d >ff.d1
+if [ $? != 0 ]; then exit 1; fi
+echo "n -> d"
+$cmd -in f.n -inform n -outform d >ff.d2
+if [ $? != 0 ]; then exit 1; fi
+echo "p -> d"
+$cmd -in f.p -inform p -outform d >ff.d3
+if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> n"
+$cmd -in f.d -inform d -outform n >ff.n1
+if [ $? != 0 ]; then exit 1; fi
+echo "n -> n"
+$cmd -in f.n -inform n -outform n >ff.n2
+if [ $? != 0 ]; then exit 1; fi
+echo "p -> n"
+$cmd -in f.p -inform p -outform n >ff.n3
+if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> p"
+$cmd -in f.d -inform d -outform p >ff.p1
+if [ $? != 0 ]; then exit 1; fi
+echo "n -> p"
+$cmd -in f.n -inform n -outform p >ff.p2
+if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in f.p -inform p -outform p >ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+cmp fff.p f.p
+if [ $? != 0 ]; then exit 1; fi
+cmp fff.p ff.p1
+if [ $? != 0 ]; then exit 1; fi
+cmp fff.p ff.p2
+if [ $? != 0 ]; then exit 1; fi
+cmp fff.p ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+cmp f.n ff.n1
+if [ $? != 0 ]; then exit 1; fi
+cmp f.n ff.n2
+if [ $? != 0 ]; then exit 1; fi
+cmp f.n ff.n3
+if [ $? != 0 ]; then exit 1; fi
+
+cmp f.p ff.p1
+if [ $? != 0 ]; then exit 1; fi
+cmp f.p ff.p2
+if [ $? != 0 ]; then exit 1; fi
+cmp f.p ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+/bin/rm -f f.* ff.* fff.*
+exit 0
diff --git a/src/lib/libssl/src/test/v3-cert1.pem b/src/lib/libssl/src/test/v3-cert1.pem
new file mode 100644
index 0000000000..0da253d5c3
--- /dev/null
+++ b/src/lib/libssl/src/test/v3-cert1.pem
@@ -0,0 +1,16 @@
+-----BEGIN CERTIFICATE-----
+MIICjTCCAfigAwIBAgIEMaYgRzALBgkqhkiG9w0BAQQwRTELMAkGA1UEBhMCVVMx
+NjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFuZCBTcGFjZSBBZG1pbmlz
+dHJhdGlvbjAmFxE5NjA1MjgxMzQ5MDUrMDgwMBcROTgwNTI4MTM0OTA1KzA4MDAw
+ZzELMAkGA1UEBhMCVVMxNjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFu
+ZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEgMAkGA1UEBRMCMTYwEwYDVQQDEwxTdGV2
+ZSBTY2hvY2gwWDALBgkqhkiG9w0BAQEDSQAwRgJBALrAwyYdgxmzNP/ts0Uyf6Bp
+miJYktU/w4NG67ULaN4B5CnEz7k57s9o3YY3LecETgQ5iQHmkwlYDTL2fTgVfw0C
+AQOjgaswgagwZAYDVR0ZAQH/BFowWDBWMFQxCzAJBgNVBAYTAlVTMTYwNAYDVQQK
+Ey1OYXRpb25hbCBBZXJvbmF1dGljcyBhbmQgU3BhY2UgQWRtaW5pc3RyYXRpb24x
+DTALBgNVBAMTBENSTDEwFwYDVR0BAQH/BA0wC4AJODMyOTcwODEwMBgGA1UdAgQR
+MA8ECTgzMjk3MDgyM4ACBSAwDQYDVR0KBAYwBAMCBkAwCwYJKoZIhvcNAQEEA4GB
+AH2y1VCEw/A4zaXzSYZJTTUi3uawbbFiS2yxHvgf28+8Js0OHXk1H1w2d6qOHH21
+X82tZXd/0JtG0g1T9usFFBDvYK8O0ebgz/P5ELJnBL2+atObEuJy1ZZ0pBDWINR3
+WkDNLCGiTkCKp0F5EWIrVDwh54NNevkCQRZita+z4IBO
+-----END CERTIFICATE-----
diff --git a/src/lib/libssl/src/test/v3-cert2.pem b/src/lib/libssl/src/test/v3-cert2.pem
new file mode 100644
index 0000000000..de0723ff8d
--- /dev/null
+++ b/src/lib/libssl/src/test/v3-cert2.pem
@@ -0,0 +1,16 @@
+-----BEGIN CERTIFICATE-----
+MIICiTCCAfKgAwIBAgIEMeZfHzANBgkqhkiG9w0BAQQFADB9MQswCQYDVQQGEwJD
+YTEPMA0GA1UEBxMGTmVwZWFuMR4wHAYDVQQLExVObyBMaWFiaWxpdHkgQWNjZXB0
+ZWQxHzAdBgNVBAoTFkZvciBEZW1vIFB1cnBvc2VzIE9ubHkxHDAaBgNVBAMTE0Vu
+dHJ1c3QgRGVtbyBXZWIgQ0EwHhcNOTYwNzEyMTQyMDE1WhcNOTYxMDEyMTQyMDE1
+WjB0MSQwIgYJKoZIhvcNAQkBExVjb29rZUBpc3NsLmF0bC5ocC5jb20xCzAJBgNV
+BAYTAlVTMScwJQYDVQQLEx5IZXdsZXR0IFBhY2thcmQgQ29tcGFueSAoSVNTTCkx
+FjAUBgNVBAMTDVBhdWwgQS4gQ29va2UwXDANBgkqhkiG9w0BAQEFAANLADBIAkEA
+6ceSq9a9AU6g+zBwaL/yVmW1/9EE8s5you1mgjHnj0wAILuoB3L6rm6jmFRy7QZT
+G43IhVZdDua4e+5/n1ZslwIDAQABo2MwYTARBglghkgBhvhCAQEEBAMCB4AwTAYJ
+YIZIAYb4QgENBD8WPVRoaXMgY2VydGlmaWNhdGUgaXMgb25seSBpbnRlbmRlZCBm
+b3IgZGVtb25zdHJhdGlvbiBwdXJwb3Nlcy4wDQYJKoZIhvcNAQEEBQADgYEAi8qc
+F3zfFqy1sV8NhjwLVwOKuSfhR/Z8mbIEUeSTlnH3QbYt3HWZQ+vXI8mvtZoBc2Fz
+lexKeIkAZXCesqGbs6z6nCt16P6tmdfbZF3I3AWzLquPcOXjPf4HgstkyvVBn0Ap
+jAFN418KF/Cx4qyHB4cjdvLrRjjQLnb2+ibo7QU=
+-----END CERTIFICATE-----
diff --git a/src/lib/libssl/src/times/090/586-100.nt b/src/lib/libssl/src/times/090/586-100.nt
new file mode 100644
index 0000000000..297ec3e7f0
--- /dev/null
+++ b/src/lib/libssl/src/times/090/586-100.nt
@@ -0,0 +1,32 @@
+SSLeay 0.9.0 08-Apr-1998
+built on Wed Apr 8 12:47:17 EST 1998
+options:bn(64,32) md2(int) rc4(idx,int) des(idx,cisc,4,long) idea(int) blowfish(
+ptr2)
+C flags:cl /MD /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DWIN32 -DL_ENDIAN
+-DBN_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 92.25k 256.80k 347.01k 380.40k 390.31k
+mdc2 240.72k 251.10k 252.00k 250.80k 251.40k
+md5 1013.61k 5651.94k 11831.61k 16294.89k 17901.43k
+hmac(md5) 419.50k 2828.07k 7770.11k 13824.34k 17091.70k
+sha1 524.31k 2721.45k 5216.15k 6766.10k 7308.42k
+rmd160 462.09k 2288.59k 4260.77k 5446.44k 5841.65k
+rc4 7895.90k 10326.73k 10555.43k 10728.22k 10429.44k
+des cbc 2036.86k 2208.92k 2237.68k 2237.20k 2181.35k
+des ede3 649.92k 739.42k 749.07k 748.86k 738.27k
+idea cbc 823.19k 885.10k 894.92k 896.45k 891.87k
+rc2 cbc 792.63k 859.00k 867.45k 868.96k 865.30k
+rc5-32/12 cbc 3502.26k 4026.79k 4107.23k 4121.76k 4073.72k
+blowfish cbc 3752.96k 4026.79k 4075.31k 3965.87k 3892.26k
+cast cbc 2566.27k 2807.43k 2821.79k 2792.48k 2719.34k
+ sign verify sign/s verify/s
+rsa 512 bits 0.0179s 0.0020s 56.0 501.7
+rsa 1024 bits 0.0950s 0.0060s 10.5 166.6
+rsa 2048 bits 0.6299s 0.0209s 1.6 47.8
+rsa 4096 bits 4.5870s 0.0787s 0.2 12.7
+ sign verify sign/s verify/s
+dsa 512 bits 0.0180s 0.0339s 55.6 29.5
+dsa 1024 bits 0.0555s 0.1076s 18.0 9.3
+dsa 2048 bits 0.1971s 0.3918s 5.1 2.6
+
diff --git a/src/lib/libssl/src/times/100.lnx b/src/lib/libssl/src/times/100.lnx
new file mode 100644
index 0000000000..d0f45371d6
--- /dev/null
+++ b/src/lib/libssl/src/times/100.lnx
@@ -0,0 +1,32 @@
+SSLeay 0.8.4c 03-Aug-1999
+built on Tue Nov 4 02:52:29 EST 1997
+options:bn(64,32) md2(int) rc4(ptr,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2)
+C flags:gcc -DL_ENDIAN -DTERMIO -DBN_ASM -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DMD5_ASM -DSHA1_ASM
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 53.27k 155.95k 201.30k 216.41k 236.78k
+mdc2 192.98k 207.98k 206.76k 206.17k 208.87k
+md5 993.15k 5748.27k 11944.70k 16477.53k 18287.27k
+hmac(md5) 404.97k 2787.58k 7690.07k 13744.43k 17601.88k
+sha1 563.24k 2851.67k 5363.71k 6879.23k 7441.07k
+rc4 7876.70k 10400.85k 10825.90k 10943.49k 10745.17k
+des cbc 2047.39k 2188.25k 2188.29k 2239.49k 2233.69k
+des ede3 660.55k 764.01k 773.55k 779.21k 780.97k
+idea cbc 653.93k 708.48k 715.43k 719.87k 720.90k
+rc2 cbc 648.08k 702.23k 708.78k 711.00k 709.97k
+blowfish cbc 3764.39k 4288.66k 4375.04k 4497.07k 4423.68k
+cast cbc 2757.14k 2993.75k 3035.31k 3078.90k 3055.62k
+
+blowfish cbc 3258.81k 3673.47k 3767.30k 3774.12k 3719.17k
+cast cbc 2677.05k 3164.78k 3273.05k 3287.38k 3244.03k
+
+
+ sign verify
+rsa 512 bits 0.0213s 0.0020s
+rsa 1024 bits 0.1073s 0.0063s
+rsa 2048 bits 0.6873s 0.0224s
+rsa 4096 bits 4.9333s 0.0845s
+ sign verify
+dsa 512 bits 0.0201s 0.0385s
+dsa 1024 bits 0.0604s 0.1190s
+dsa 2048 bits 0.2121s 0.4229s
diff --git a/src/lib/libssl/src/times/100.nt b/src/lib/libssl/src/times/100.nt
new file mode 100644
index 0000000000..0dd7cfc478
--- /dev/null
+++ b/src/lib/libssl/src/times/100.nt
@@ -0,0 +1,29 @@
+SSLeay 0.8.4c 03-Aug-1999
+built on Tue Aug 3 09:49:58 EST 1999
+options:bn(64,32) md2(int) rc4(ptr,int) des(idx,cisc,4,long) idea(int) blowfish(
+ptr2)
+C flags:cl /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DWIN32 -DL_ENDIAN -DBN
+_ASM -DMD5_ASM -DSHA1_ASM
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 93.07k 258.38k 349.03k 382.83k 392.87k
+mdc2 245.80k 259.02k 259.34k 259.16k 260.14k
+md5 1103.42k 6017.65k 12210.49k 16552.11k 18291.77k
+hmac(md5) 520.15k 3394.00k 8761.86k 14593.96k 17742.40k
+sha1 538.06k 2726.76k 5242.22k 6821.12k 7426.18k
+rc4 8283.90k 10513.09k 10886.38k 10929.50k 10816.75k
+des cbc 2073.10k 2232.91k 2251.61k 2256.46k 2232.44k
+des ede3 758.85k 782.46k 786.14k 786.08k 781.24k
+idea cbc 831.02k 892.63k 901.07k 903.48k 901.85k
+rc2 cbc 799.89k 866.09k 873.96k 876.22k 874.03k
+blowfish cbc 3835.32k 4418.78k 4511.94k 4494.54k 4416.92k
+cast cbc 2974.68k 3272.71k 3313.04k 3335.17k 3261.51k
+ sign verify
+rsa 512 bits 0.0202s 0.0019s
+rsa 1024 bits 0.1029s 0.0062s
+rsa 2048 bits 0.6770s 0.0220s
+rsa 4096 bits 4.8770s 0.0838s
+ sign verify
+dsa 512 bits 0.0191s 0.0364s
+dsa 1024 bits 0.0590s 0.1141s
+dsa 2048 bits 0.2088s 0.4171s
diff --git a/src/lib/libssl/src/times/200.lnx b/src/lib/libssl/src/times/200.lnx
new file mode 100644
index 0000000000..fd7e7f4e92
--- /dev/null
+++ b/src/lib/libssl/src/times/200.lnx
@@ -0,0 +1,30 @@
+This machine was slightly loaded :-(
+
+SSLeay 0.8.4c 03-Aug-1999
+built on Tue Nov 4 02:52:29 EST 1997
+options:bn(64,32) md2(int) rc4(ptr,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2)
+C flags:gcc -DL_ENDIAN -DTERMIO -DBN_ASM -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DMD5_ASM -DSHA1_ASM
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 130.86k 365.31k 499.60k 547.75k 561.41k
+mdc2 526.03k 581.38k 587.12k 586.31k 589.60k
+md5 1919.49k 11173.23k 22387.60k 29553.47k 32587.21k
+hmac(md5) 747.09k 5248.35k 14275.44k 24713.26k 31737.13k
+sha1 1336.63k 6400.50k 11668.67k 14648.83k 15700.85k
+rc4 15002.32k 21327.21k 22301.63k 22503.78k 22549.26k
+des cbc 4115.16k 4521.08k 4632.37k 4607.28k 4570.57k
+des ede3 1540.29k 1609.76k 1623.64k 1620.76k 1624.18k
+idea cbc 2405.08k 2664.78k 2704.22k 2713.95k 2716.29k
+rc2 cbc 1634.07k 1764.30k 1780.23k 1790.27k 1788.12k
+blowfish cbc 5993.98k 6927.27k 7083.61k 7088.40k 7123.72k
+cast cbc 5981.52k 6900.44k 7079.70k 7110.40k 7057.72k
+ sign verify
+rsa 512 bits 0.0085s 0.0007s
+rsa 1024 bits 0.0377s 0.0020s
+rsa 2048 bits 0.2176s 0.0067s
+rsa 4096 bits 1.4800s 0.0242s
+sign verify
+dsa 512 bits 0.0071s 0.0132s
+dsa 1024 bits 0.0192s 0.0376s
+dsa 2048 bits 0.0638s 0.1280s
+
diff --git a/src/lib/libssl/src/times/486-66.dos b/src/lib/libssl/src/times/486-66.dos
new file mode 100644
index 0000000000..1644bf8022
--- /dev/null
+++ b/src/lib/libssl/src/times/486-66.dos
@@ -0,0 +1,22 @@
+MS-dos static libs, 16bit C build, 16bit assember
+
+SSLeay 0.6.1
+options:bn(32,16) md2(char) rc4(idx,int) des(ptr,long) idea(short)
+C flags:cl /ALw /Gx- /Gf /f- /Ocgnotb2 /G2 /W3 /WX -DL_ENDIAN /nologo -DMSDOS -D
+NO_SOCK
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 18.62k 55.54k 76.88k 85.39k 86.52k
+md5 94.03k 442.06k 794.38k 974.51k 1061.31k
+sha 38.37k 166.23k 272.78k 331.41k 353.77k
+sha1 34.38k 147.77k 244.77k 292.57k 312.08k
+rc4 641.25k 795.34k 817.16k 829.57k 817.16k
+des cfb 111.46k 118.08k 120.69k 119.16k 119.37k
+des cbc 122.96k 135.69k 137.10k 135.69k 135.40k
+des ede3 48.01k 50.92k 50.32k 50.96k 50.96k
+idea cfb 97.09k 100.21k 100.36k 101.14k 100.98k
+idea cbc 102.08k 109.41k 111.46k 111.65k 110.52k
+rc2 cfb 120.47k 125.55k 125.79k 125.55k 125.55k
+rc2 cbc 129.77k 140.33k 143.72k 142.16k 141.85k
+rsa 512 bits 0.264s
+rsa 1024 bits 1.494s
diff --git a/src/lib/libssl/src/times/486-66.nt b/src/lib/libssl/src/times/486-66.nt
new file mode 100644
index 0000000000..b26a9005d6
--- /dev/null
+++ b/src/lib/libssl/src/times/486-66.nt
@@ -0,0 +1,22 @@
+SSLeay 0.6.1 02-Jul-1996
+built on Fri Jul 10 09:53:15 EST 1996
+options:bn(64,32) md2(int) rc4(idx,int) des(idx,long) idea(int)
+C flags:cl /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /nologo -DWIN32 -DL_ENDIAN /MD
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 38.27k 107.28k 145.43k 159.60k 164.15k
+md5 399.00k 1946.13k 3610.80k 4511.94k 4477.27k
+sha 182.04k 851.26k 1470.65k 1799.20k 1876.48k
+sha1 151.83k 756.55k 1289.76k 1567.38k 1625.70k
+rc4 1853.92k 2196.25k 2232.91k 2241.31k 2152.96k
+des cfb 360.58k 382.69k 384.94k 386.07k 377.19k
+des cbc 376.10k 431.87k 436.32k 437.78k 430.45k
+des ede3 152.55k 160.38k 161.51k 161.33k 159.98k
+idea cfb 245.59k 255.60k 256.65k 257.16k 254.61k
+idea cbc 257.16k 276.12k 279.05k 279.11k 276.70k
+rc2 cfb 280.25k 293.49k 294.74k 294.15k 291.47k
+rc2 cbc 295.47k 321.57k 324.76k 324.76k 320.00k
+rsa 512 bits 0.084s
+rsa 1024 bits 0.495s
+rsa 2048 bits 3.435s
+
diff --git a/src/lib/libssl/src/times/486-66.w31 b/src/lib/libssl/src/times/486-66.w31
new file mode 100644
index 0000000000..381f149b32
--- /dev/null
+++ b/src/lib/libssl/src/times/486-66.w31
@@ -0,0 +1,23 @@
+Windows 3.1 DLL's, 16 bit C with 32bit assember
+
+SSLeay 0.6.1 02-Jul-1996
+built on Wed Jul 10 09:53:15 EST 1996
+options:bn(32,32) md2(char) rc4(idx,int) des(ptr,long) idea(short)
+C flags:cl /ALw /Gx- /Gf /G2 /f- /Ocgnotb2 /W3 /WX -DL_ENDIAN /nologo -DWIN16
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 18.94k 54.27k 73.43k 80.91k 83.75k
+md5 78.96k 391.26k 734.30k 919.80k 992.97k
+sha 39.01k 168.04k 280.67k 336.08k 359.10k
+sha1 35.20k 150.14k 247.31k 294.54k 313.94k
+rc4 509.61k 655.36k 678.43k 677.02k 670.10k
+des cfb 97.09k 104.69k 106.56k 105.70k 106.56k
+des cbc 116.82k 129.77k 131.07k 131.07k 131.07k
+des ede3 44.22k 47.90k 48.53k 48.47k 47.86k
+idea cfb 83.49k 87.03k 87.03k 87.15k 87.73k
+idea cbc 89.04k 96.23k 96.95k 97.81k 97.09k
+rc2 cfb 108.32k 113.58k 113.78k 114.57k 114.77k
+rc2 cbc 118.08k 131.07k 134.02k 134.02k 132.66k
+rsa 512 bits 0.181s
+rsa 1024 bits 0.846s
+
diff --git a/src/lib/libssl/src/times/5.lnx b/src/lib/libssl/src/times/5.lnx
new file mode 100644
index 0000000000..1c1e392a29
--- /dev/null
+++ b/src/lib/libssl/src/times/5.lnx
@@ -0,0 +1,29 @@
+SSLeay 0.8.5g 24-Jan-1998
+built on Tue Jan 27 08:11:42 EST 1998
+options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2)
+C flags:gcc -DL_ENDIAN -DTERMIO -DBN_ASM -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DSHA1_ASM -DMD5_ASM -DRMD160_ASM
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 56.55k 156.69k 211.63k 231.77k 238.71k
+mdc2 192.26k 208.09k 210.09k 209.58k 210.26k
+md5 991.04k 5745.51k 11932.67k 16465.24k 18306.39k
+hmac(md5) 333.99k 2383.89k 6890.67k 13133.82k 17397.08k
+sha1 571.68k 2883.88k 5379.07k 6880.26k 7443.80k
+rmd160 409.41k 2212.91k 4225.45k 5456.55k 5928.28k
+rc4 6847.57k 8596.22k 8901.80k 8912.90k 8850.09k
+des cbc 2046.29k 2229.78k 2254.76k 2259.97k 2233.69k
+des ede3 751.11k 779.95k 783.96k 784.38k 780.97k
+idea cbc 653.40k 708.29k 718.42k 720.21k 720.90k
+rc2 cbc 647.19k 702.46k 709.21k 710.66k 709.97k
+rc5-32/12 cbc 3498.18k 4054.12k 4133.46k 4151.64k 4139.69k
+blowfish cbc 3763.95k 4437.74k 4532.74k 4515.50k 4448.26k
+cast cbc 2754.22k 3020.67k 3079.08k 3069.95k 3036.50k
+ sign verify sign/s verify/s
+rsa 512 bits 0.0207s 0.0020s 48.3 511.3
+rsa 1024 bits 0.1018s 0.0059s 9.8 169.6
+rsa 2048 bits 0.6438s 0.0208s 1.6 48.0
+rsa 4096 bits 4.6033s 0.0793s 0.2 12.6
+ sign verify sign/s verify/s
+dsa 512 bits 0.0190s 0.0359s 52.6 27.8
+dsa 1024 bits 0.0566s 0.1109s 17.7 9.0
+dsa 2048 bits 0.1988s 0.3915s 5.0 2.6
diff --git a/src/lib/libssl/src/times/586-085i.nt b/src/lib/libssl/src/times/586-085i.nt
new file mode 100644
index 0000000000..8a5797526f
--- /dev/null
+++ b/src/lib/libssl/src/times/586-085i.nt
@@ -0,0 +1,29 @@
+SSLeay 0.8.5i 28-Jan-1998
+built on Wed Jan 28 18:00:07 EST 1998
+options:bn(64,32) md2(int) rc4(idx,int) des(idx,cisc,4,long) idea(int) blowfish(ptr2)
+C flags:cl /MT /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DWIN32 -DL_ENDIAN -DBN_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 92.74k 257.59k 348.16k 381.79k 392.14k
+mdc2 227.65k 247.82k 249.90k 250.65k 250.20k
+md5 1089.54k 5966.29k 12104.77k 16493.53k 18204.44k
+hmac(md5) 513.53k 3361.36k 8725.41k 14543.36k 17593.56k
+sha1 580.74k 2880.51k 5376.62k 6865.78k 7413.05k
+rmd160 508.06k 2427.96k 4385.51k 5510.84k 5915.80k
+rc4 8004.40k 10408.74k 10794.48k 10884.12k 10728.22k
+des cbc 2057.24k 2222.97k 2246.79k 2209.39k 2223.44k
+des ede3 739.42k 761.99k 765.48k 760.26k 760.97k
+idea cbc 827.08k 889.60k 898.83k 901.15k 897.98k
+rc2 cbc 795.64k 861.04k 871.13k 872.58k 871.13k
+rc5-32/12 cbc 3597.17k 4139.66k 4204.39k 4223.02k 4204.39k
+blowfish cbc 3807.47k 3996.10k 4156.07k 4204.39k 4105.62k
+cast cbc 2777.68k 2814.21k 2892.62k 2916.76k 2868.88k
+ sign verify sign/s verify/s
+rsa 512 bits 0.0178s 0.0018s 56.3 541.6
+rsa 1024 bits 0.0945s 0.0059s 10.6 168.3
+rsa 2048 bits 0.6269s 0.0208s 1.6 48.0
+rsa 4096 bits 4.5560s 0.0784s 0.2 12.8
+ sign verify sign/s verify/s
+dsa 512 bits 0.0178s 0.0340s 56.2 29.4
+dsa 1024 bits 0.0552s 0.1077s 18.1 9.3
+dsa 2048 bits 0.1963s 0.3811s 5.1 2.6
diff --git a/src/lib/libssl/src/times/586-100.LN3 b/src/lib/libssl/src/times/586-100.LN3
new file mode 100644
index 0000000000..a6fa818f4b
--- /dev/null
+++ b/src/lib/libssl/src/times/586-100.LN3
@@ -0,0 +1,26 @@
+SSLeay 0.8.3v 15-Oct-1997
+built on Wed Oct 15 10:05:00 EST 1997
+options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2)
+C flags:gcc -DL_ENDIAN -DTERMIO -DX86_ASM -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 56.27k 156.76k 211.46k 231.77k 238.71k
+mdc2 188.74k 206.12k 207.70k 207.87k 208.18k
+md5 991.56k 5718.31k 11748.61k 16090.79k 17850.37k
+hmac(md5) 387.56k 2636.01k 7327.83k 13340.33k 17091.24k
+sha1 463.55k 2274.18k 4071.17k 5072.90k 5447.68k
+rc4 3673.94k 4314.52k 4402.26k 4427.09k 4407.30k
+des cbc 2023.79k 2209.77k 2233.34k 2220.71k 2222.76k
+des ede3 747.17k 778.54k 781.57k 778.24k 778.24k
+idea cbc 614.64k 678.04k 683.52k 685.06k 685.40k
+rc2 cbc 536.83k 574.10k 578.05k 579.24k 578.90k
+blowfish cbc 3673.39k 4354.58k 4450.22k 4429.48k 4377.26k
+ sign verify
+rsa 512 bits 0.0217s 0.0021s
+rsa 1024 bits 0.1083s 0.0064s
+rsa 2048 bits 0.6867s 0.0223s
+rsa 4096 bits 4.9400s 0.0846s
+ sign verify
+dsa 512 bits 0.0203s 0.0387s
+dsa 1024 bits 0.0599s 0.1170s
+dsa 2048 bits 0.2115s 0.4242s
diff --git a/src/lib/libssl/src/times/586-100.NT2 b/src/lib/libssl/src/times/586-100.NT2
new file mode 100644
index 0000000000..7f8c167b46
--- /dev/null
+++ b/src/lib/libssl/src/times/586-100.NT2
@@ -0,0 +1,26 @@
+SSLeay 0.8.3e 30-Sep-1997
+built on Tue Sep 30 14:52:58 EST 1997
+options:bn(64,32) md2(int) rc4(idx,int) des(idx,cisc,4,long) idea(int) blowfish(ptr2)
+C flags:cl /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DWIN32 -DL_ENDIAN -DX86_ASM
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 92.99k 257.59k 348.16k 381.47k 392.14k
+mdc2 223.77k 235.30k 237.15k 236.77k 237.29k
+md5 862.53k 4222.17k 7842.75k 9925.00k 10392.23k
+sha 491.34k 2338.61k 4062.28k 4986.10k 5307.90k
+sha1 494.38k 2234.94k 3838.83k 4679.58k 4980.18k
+rc4 6338.10k 7489.83k 7676.25k 7698.80k 7631.56k
+des cbc 1654.17k 1917.66k 1961.05k 1968.05k 1960.69k
+des ede3 691.17k 739.42k 744.13k 745.82k 741.40k
+idea cbc 788.46k 870.33k 879.16k 881.38k 879.90k
+rc2 cbc 794.44k 859.63k 868.24k 869.68k 867.45k
+blowfish cbc 2379.88k 3017.48k 3116.12k 3134.76k 3070.50k
+ sign verify
+rsa 512 bits 0.0204s 0.0027s
+rsa 1024 bits 0.1074s 0.0032s
+rsa 2048 bits 0.6890s 0.0246s
+rsa 4096 bits 5.0180s 0.0911s
+ sign verify
+dsa 512 bits 0.0201s 0.0376s
+dsa 1024 bits 0.0608s 0.1193s
+dsa 2048 bits 0.2133s 0.4294s
diff --git a/src/lib/libssl/src/times/586-100.dos b/src/lib/libssl/src/times/586-100.dos
new file mode 100644
index 0000000000..3085c256b1
--- /dev/null
+++ b/src/lib/libssl/src/times/586-100.dos
@@ -0,0 +1,24 @@
+ms-dos static libs, 16 bit C and 16 bit assmber
+
+SSLeay 0.6.1 02-Jul-1996
+built on Tue Jul 9 22:52:54 EST 1996
+options:bn(32,16) md2(char) rc4(idx,int) des(ptr,long) idea(short)
+C flags:cl /ALw /Gx- /Gf /G2 /f- /Ocgnotb2 /W3 /WX -DL_ENDIAN /nologo -DMSDOS -DNO_SOCK
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 45.99k 130.75k 176.53k 199.35k 203.21k
+md5 236.17k 1072.16k 1839.61k 2221.56k 2383.13k
+sha 107.97k 459.10k 757.64k 908.64k 954.99k
+sha1 96.95k 409.92k 672.16k 788.40k 844.26k
+rc4 1659.14k 1956.30k 2022.72k 2022.72k 2022.72k
+des cfb 313.57k 326.86k 326.86k 331.83k 326.86k
+des cbc 345.84k 378.82k 378.82k 384.38k 378.82k
+des ede3 139.59k 144.66k 144.61k 144.45k 143.29k
+idea cfb 262.67k 274.21k 274.21k 274.21k 274.21k
+idea cbc 284.32k 318.14k 318.14k 318.14k 318.14k
+rc2 cfb 265.33k 274.21k 277.69k 277.11k 277.69k
+rc2 cbc 283.71k 310.60k 309.86k 313.57k 314.32k
+rsa 512 bits 0.104s
+rsa 1024 bits 0.566s
+rsa 2048 bits 3.680s
+rsa 4096 bits 26.740s
diff --git a/src/lib/libssl/src/times/586-100.ln4 b/src/lib/libssl/src/times/586-100.ln4
new file mode 100644
index 0000000000..14a9db912b
--- /dev/null
+++ b/src/lib/libssl/src/times/586-100.ln4
@@ -0,0 +1,26 @@
+SSLeay 0.8.3aa 24-Oct-1997
+built on Mon Oct 27 10:16:25 EST 1997
+options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2)
+C flags:gcc -DL_ENDIAN -DTERMIO -DBN_ASM -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DMD5_ASM -DSHA1_ASM
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 56.78k 156.71k 211.46k 231.77k 238.71k
+mdc2 187.45k 200.49k 201.64k 202.75k 202.77k
+md5 1002.51k 5798.66k 11967.15k 16449.19k 18251.78k
+hmac(md5) 468.71k 3173.46k 8386.99k 14305.56k 17607.34k
+sha1 586.98k 2934.87k 5393.58k 6863.19k 7408.30k
+rc4 3675.10k 4314.15k 4402.77k 4427.78k 4404.57k
+des cbc 1902.96k 2202.01k 2242.30k 2252.46k 2236.42k
+des ede3 700.15k 774.23k 783.70k 781.62k 783.70k
+idea cbc 618.46k 677.93k 683.61k 685.40k 685.40k
+rc2 cbc 536.97k 573.87k 577.96k 579.24k 578.90k
+blowfish cbc 3672.66k 4271.89k 4428.80k 4469.76k 4374.53k
+ sign verify
+rsa 512 bits 0.0213s 0.0021s
+rsa 1024 bits 0.1075s 0.0063s
+rsa 2048 bits 0.6853s 0.0224s
+rsa 4096 bits 4.9400s 0.0845s
+ sign verify
+dsa 512 bits 0.0203s 0.0380s
+dsa 1024 bits 0.0600s 0.1189s
+dsa 2048 bits 0.2110s 0.4250s
diff --git a/src/lib/libssl/src/times/586-100.lnx b/src/lib/libssl/src/times/586-100.lnx
new file mode 100644
index 0000000000..0c051738c6
--- /dev/null
+++ b/src/lib/libssl/src/times/586-100.lnx
@@ -0,0 +1,23 @@
+SSLeay 0.7.3 30-Apr-1997
+built on Mon May 12 04:13:55 EST 1997
+options:bn(64,32) md2(char) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2)
+C flags:gcc -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 72.95k 202.77k 274.01k 300.37k 309.23k
+md5 770.57k 4094.02k 7409.41k 9302.36k 9986.05k
+sha 363.05k 1571.07k 2613.85k 3134.81k 3320.49k
+sha1 340.94k 1462.85k 2419.20k 2892.12k 3042.35k
+rc4 3676.91k 4314.94k 4407.47k 4430.51k 4412.76k
+des cbc 1489.95k 1799.08k 1841.66k 1851.73k 1848.66k
+des ede3 621.93k 711.19k 726.10k 729.77k 729.09k
+idea cbc 618.16k 676.99k 683.09k 684.37k 683.59k
+rc2 cbc 537.59k 573.93k 578.56k 579.58k 579.70k
+blowfish cbc 2077.57k 2682.20k 2827.18k 2840.92k 2842.62k
+rsa 512 bits 0.024s 0.003
+rsa 1024 bits 0.120s 0.003
+rsa 2048 bits 0.751s 0.026
+rsa 4096 bits 5.320s 0.096
+dsa 512 bits 0.022s 0.042
+dsa 1024 bits 0.065s 0.126
+dsa 2048 bits 0.227s 0.449
diff --git a/src/lib/libssl/src/times/586-100.nt b/src/lib/libssl/src/times/586-100.nt
new file mode 100644
index 0000000000..9adcac3105
--- /dev/null
+++ b/src/lib/libssl/src/times/586-100.nt
@@ -0,0 +1,23 @@
+SSLeay 0.7.3 30-Apr-1997
+built on Mon May 19 10:47:38 EST 1997
+options:bn(64,32) md2(char) rc4(idx,int) des(idx,cisc,4,long) idea(int) blowfish(ptr2)
+C flags not available
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 89.57k 245.94k 331.59k 362.95k 373.29k
+md5 858.93k 4175.51k 7700.21k 9715.78k 10369.11k
+sha 466.18k 2103.67k 3607.69k 4399.31k 4669.16k
+sha1 449.59k 2041.02k 3496.13k 4256.45k 4512.92k
+rc4 5862.55k 7447.27k 7698.80k 7768.38k 7653.84k
+des cbc 1562.71k 1879.84k 1928.24k 1938.93k 1911.02k
+des ede3 680.27k 707.97k 728.62k 733.15k 725.98k
+idea cbc 797.46k 885.85k 895.68k 898.06k 896.45k
+rc2 cbc 609.46k 648.75k 654.01k 654.42k 653.60k
+blowfish cbc 2357.94k 3000.22k 3106.89k 3134.76k 3080.42k
+rsa 512 bits 0.022s 0.003
+rsa 1024 bits 0.112s 0.003
+rsa 2048 bits 0.726s 0.026
+rsa 4096 bits 5.268s 0.095
+dsa 512 bits 0.021s 0.039
+dsa 1024 bits 0.063s 0.127
+dsa 2048 bits 0.224s 0.451
diff --git a/src/lib/libssl/src/times/586-100.ntx b/src/lib/libssl/src/times/586-100.ntx
new file mode 100644
index 0000000000..35166a5e97
--- /dev/null
+++ b/src/lib/libssl/src/times/586-100.ntx
@@ -0,0 +1,30 @@
+SSLeay 0.8.5f 22-Jan-1998
+built on Wed Jan 21 17:11:53 EST 1998
+options:bn(64,32) md2(int) rc4(idx,int) des(idx,cisc,4,long) idea(int) blowfish(
+ptr2)
+C flags:cl /MT /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DWIN32 -DL_ENDIAN
+-DBN_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 92.99k 257.43k 347.84k 381.82k 392.14k
+mdc2 232.19k 253.68k 257.57k 258.70k 258.70k
+md5 1094.09k 5974.79k 12139.81k 16487.04k 18291.77k
+hmac(md5) 375.70k 2590.04k 7309.70k 13469.18k 17447.19k
+sha1 613.78k 2982.93k 5446.44k 6889.46k 7424.86k
+rmd160 501.23k 2405.68k 4367.25k 5503.61k 5915.80k
+rc4 8167.75k 10429.44k 10839.12k 10929.50k 10772.30k
+des cbc 2057.24k 2218.27k 2237.20k 2227.69k 2213.59k
+des ede3 719.63k 727.11k 728.77k 719.56k 722.97k
+idea cbc 827.67k 888.85k 898.06k 900.30k 898.75k
+rc2 cbc 797.46k 862.53k 870.33k 872.58k 870.40k
+blowfish cbc 3835.32k 4435.60k 4513.89k 4513.89k 4416.92k
+cast cbc 2785.06k 3052.62k 3088.59k 3034.95k 3034.95k
+ sign verify sign/s verify/s
+rsa 512 bits 0.0202s 0.0020s 49.4 500.2
+rsa 1024 bits 0.1030s 0.0063s 9.7 159.4
+rsa 2048 bits 0.6740s 0.0223s 1.5 44.9
+rsa 4096 bits 4.8970s 0.0844s 0.2 11.8
+ sign verify sign/s verify/s
+dsa 512 bits 0.0191s 0.0361s 52.4 27.7
+dsa 1024 bits 0.0587s 0.1167s 17.0 8.6
+dsa 2048 bits 0.2091s 0.4123s 4.8 2.4
diff --git a/src/lib/libssl/src/times/586-100.w31 b/src/lib/libssl/src/times/586-100.w31
new file mode 100644
index 0000000000..d5b1c10243
--- /dev/null
+++ b/src/lib/libssl/src/times/586-100.w31
@@ -0,0 +1,27 @@
+Pentium 100, Windows 3.1 DLL's, 16 bit C, 32bit assember.
+
+Running under Windows NT 4.0 Beta 2
+
+SSLeay 0.6.4 20-Aug-1996
+built on Thu Aug 22 08:44:21 EST 1996
+options:bn(32,32) md2(char) rc4(idx,int) des(ptr,long) idea(short)
+C flags:cl /ALw /Gx- /Gf /G2 /f- /Ocgnotb2 /W3 /WX -DL_ENDIAN /nologo -DWIN16
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 45.83k 128.82k 180.17k 194.90k 198.59k
+md5 224.82k 1038.19k 1801.68k 2175.47k 2330.17k
+sha 105.11k 448.11k 739.48k 884.13k 944.66k
+sha1 94.71k 402.99k 667.88k 795.58k 844.26k
+rc4 1614.19k 1956.30k 2022.72k 2022.72k 2022.72k
+des cfb 291.27k 318.14k 318.14k 318.14k 322.84k
+des cbc 326.86k 356.17k 362.08k 362.08k 367.15k
+des ede3 132.40k 139.57k 139.53k 139.37k 140.97k
+idea cfb 265.33k 280.67k 280.67k 277.69k 281.27k
+idea cbc 274.21k 302.01k 306.24k 306.24k 305.53k
+rc2 cfb 264.79k 274.21k 274.78k 274.21k 274.21k
+rc2 cbc 281.27k 306.24k 309.86k 305.53k 309.86k
+rsa 512 bits 0.058s
+rsa 1024 bits 0.280s
+rsa 2048 bits 1.430s
+rsa 4096 bits 10.600s
+
diff --git a/src/lib/libssl/src/times/586-1002.lnx b/src/lib/libssl/src/times/586-1002.lnx
new file mode 100644
index 0000000000..d830bcea42
--- /dev/null
+++ b/src/lib/libssl/src/times/586-1002.lnx
@@ -0,0 +1,26 @@
+SSLeay 0.8.3e 30-Sep-1997
+built on Wed Oct 1 03:01:44 EST 1997
+options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2)
+C flags:gcc -DL_ENDIAN -DTERMIO -DX86_ASM -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 56.21k 156.57k 211.29k 231.77k 237.92k
+mdc2 170.99k 191.70k 193.90k 195.58k 195.95k
+md5 770.50k 3961.96k 7291.22k 9250.82k 9942.36k
+sha 344.93k 1520.77k 2569.81k 3108.52k 3295.91k
+sha1 326.20k 1423.74k 2385.15k 2870.95k 3041.96k
+rc4 3672.88k 4309.65k 4374.41k 4408.66k 4355.41k
+des cbc 1349.73k 1689.05k 1735.34k 1748.99k 1739.43k
+des ede3 638.70k 704.00k 711.85k 714.41k 712.70k
+idea cbc 619.55k 677.33k 683.26k 685.06k 685.40k
+rc2 cbc 521.18k 571.20k 573.46k 578.90k 578.90k
+blowfish cbc 2079.67k 2592.49k 2702.34k 2730.33k 2695.17k
+ sign verify
+rsa 512 bits 0.0213s 0.0026s
+rsa 1024 bits 0.1099s 0.0031s
+rsa 2048 bits 0.7007s 0.0248s
+rsa 4096 bits 5.0500s 0.0921s
+ sign verify
+dsa 512 bits 0.0203s 0.0389s
+dsa 1024 bits 0.0614s 0.1222s
+dsa 2048 bits 0.2149s 0.4283s
diff --git a/src/lib/libssl/src/times/586p-100.lnx b/src/lib/libssl/src/times/586p-100.lnx
new file mode 100644
index 0000000000..561eb3114f
--- /dev/null
+++ b/src/lib/libssl/src/times/586p-100.lnx
@@ -0,0 +1,26 @@
+Pentium 100 - Linux 1.2.13 - gcc 2.7.2p
+This is the pentium specific version of gcc
+
+SSLeay 0.6.4 20-Aug-1996
+built on Thu Aug 22 08:27:58 EST 1996
+options:bn(64,32) md2(char) rc4(idx,int) des(idx,long) idea(int)
+C flags:gcc -DL_ENDIAN -DTERMIO -O6 -fomit-frame-pointer -mpentium -Wall
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 74.90k 208.43k 282.11k 309.59k 318.43k
+md5 807.08k 4205.67k 7801.51k 9958.06k 10810.71k
+sha 405.98k 1821.55k 3119.10k 3799.04k 4052.31k
+sha1 389.13k 1699.50k 2852.78k 3437.57k 3656.36k
+rc4 3621.15k 4130.07k 4212.74k 4228.44k 4213.42k
+des cfb 794.39k 828.37k 831.74k 832.51k 832.85k
+des cbc 817.68k 886.17k 894.72k 896.00k 892.93k
+des ede3 308.83k 323.29k 324.61k 324.95k 324.95k
+idea cfb 690.41k 715.39k 718.51k 719.19k 718.17k
+idea cbc 696.80k 760.60k 767.32k 768.68k 770.05k
+rc2 cfb 619.91k 639.74k 642.30k 642.73k 641.71k
+rc2 cbc 631.99k 671.42k 676.35k 676.18k 677.21k
+rsa 512 bits 0.025s
+rsa 1024 bits 0.123s
+rsa 2048 bits 0.756s
+rsa 4096 bits 5.365s
+
diff --git a/src/lib/libssl/src/times/686-200.bsd b/src/lib/libssl/src/times/686-200.bsd
new file mode 100644
index 0000000000..f23c580e09
--- /dev/null
+++ b/src/lib/libssl/src/times/686-200.bsd
@@ -0,0 +1,25 @@
+Pentium Pro 200mhz
+FreeBSD 2.1.5
+gcc 2.7.2.2
+
+SSLeay 0.7.0 30-Jan-1997
+built on Tue Apr 22 12:14:36 EST 1997
+options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2)
+C flags:gcc -DTERMIOS -D_ANSI_SOURCE -fomit-frame-pointer -O3 -m486 -Wall
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 130.99k 367.68k 499.09k 547.04k 566.50k
+md5 1924.98k 8293.50k 13464.41k 16010.39k 16820.68k
+sha 1250.75k 5330.43k 8636.88k 10227.36k 10779.14k
+sha1 1071.55k 4572.50k 7459.98k 8791.96k 9341.61k
+rc4 10724.22k 14546.25k 15240.18k 15259.50k 15265.63k
+des cbc 3309.11k 3883.01k 3968.25k 3971.86k 3979.14k
+des ede3 1442.98k 1548.33k 1562.48k 1562.00k 1563.33k
+idea cbc 2195.69k 2506.39k 2529.59k 2545.66k 2546.54k
+rc2 cbc 806.00k 833.52k 837.58k 838.52k 836.69k
+blowfish cbc 4687.34k 5949.97k 6182.43k 6248.11k 6226.09k
+rsa 512 bits 0.010s
+rsa 1024 bits 0.045s
+rsa 2048 bits 0.260s
+rsa 4096 bits 1.690s
+
diff --git a/src/lib/libssl/src/times/686-200.lnx b/src/lib/libssl/src/times/686-200.lnx
new file mode 100644
index 0000000000..a10cc2fd01
--- /dev/null
+++ b/src/lib/libssl/src/times/686-200.lnx
@@ -0,0 +1,26 @@
+SSLeay 0.8.2a 04-Sep-1997
+built on Fri Sep 5 17:37:05 EST 1997
+options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2) C flags:gcc -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 131.02k 368.41k 500.57k 549.21k 566.09k
+mdc2 535.60k 589.10k 595.88k 595.97k 594.54k
+md5 1801.53k 9674.77k 17484.03k 21849.43k 23592.96k
+sha 1261.63k 5533.25k 9285.63k 11187.88k 11913.90k
+sha1 1103.13k 4782.53k 7933.78k 9472.34k 10070.70k
+rc4 10722.53k 14443.93k 15215.79k 15299.24k 15219.59k
+des cbc 3286.57k 3827.73k 3913.39k 3931.82k 3926.70k
+des ede3 1443.50k 1549.08k 1561.17k 1566.38k 1564.67k
+idea cbc 2203.64k 2508.16k 2538.33k 2543.62k 2547.71k
+rc2 cbc 1430.94k 1511.59k 1524.82k 1527.13k 1523.33k
+blowfish cbc 4716.07k 5965.82k 6190.17k 6243.67k 6234.11k
+ sign verify
+rsa 512 bits 0.0100s 0.0011s
+rsa 1024 bits 0.0451s 0.0012s
+rsa 2048 bits 0.2605s 0.0086s
+rsa 4096 bits 1.6883s 0.0302s
+ sign verify
+dsa 512 bits 0.0083s 0.0156s
+dsa 1024 bits 0.0228s 0.0454s
+dsa 2048 bits 0.0719s 0.1446s
+
diff --git a/src/lib/libssl/src/times/686-200.nt b/src/lib/libssl/src/times/686-200.nt
new file mode 100644
index 0000000000..c8cbaa04e3
--- /dev/null
+++ b/src/lib/libssl/src/times/686-200.nt
@@ -0,0 +1,24 @@
+built on Tue May 13 08:24:51 EST 1997
+options:bn(64,32) md2(char) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfi
+sh(ptr2)
+C flags not available
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 156.39k 427.99k 576.14k 628.36k 647.27k
+md5 2120.48k 10255.02k 18396.07k 22795.13k 24244.53k
+sha 1468.59k 6388.89k 10686.12k 12826.62k 13640.01k
+sha1 1393.46k 6013.34k 9974.56k 11932.59k 12633.45k
+rc4 13833.46k 19275.29k 20321.24k 20281.93k 20520.08k
+des cbc 3382.50k 4104.02k 4152.78k 4194.30k 4194.30k
+des ede3 1465.51k 1533.00k 1549.96k 1553.29k 1570.29k
+idea cbc 2579.52k 3079.52k 3130.08k 3153.61k 3106.89k
+rc2 cbc 1204.57k 1276.42k 1285.81k 1289.76k 1285.81k
+blowfish cbc 5229.81k 6374.32k 6574.14k 6574.14k 6594.82k
+rsa 512 bits 0.008s 0.001
+rsa 1024 bits 0.038s 0.001
+rsa 2048 bits 0.231s 0.008
+rsa 4096 bits 1.540s 0.027
+dsa 512 bits 0.007s 0.013
+dsa 1024 bits 0.021s 0.040
+dsa 2048 bits 0.066s 0.130
+
diff --git a/src/lib/libssl/src/times/L1 b/src/lib/libssl/src/times/L1
new file mode 100644
index 0000000000..09253d7279
--- /dev/null
+++ b/src/lib/libssl/src/times/L1
@@ -0,0 +1,27 @@
+SSLeay 0.8.3ad 27-Oct-1997
+built on Wed Oct 29 00:36:17 EST 1997
+options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2)
+C flags:gcc -DL_ENDIAN -DTERMIO -DBN_ASM -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized -DMD5_ASM -DSHA1_ASM
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 56.16k 156.50k 211.46k 231.77k 238.71k
+mdc2 183.37k 205.21k 205.57k 209.92k 207.53k
+md5 1003.65k 5605.56k 11628.54k 15887.70k 17522.69k
+hmac(md5) 411.24k 2803.46k 7616.94k 13475.84k 16864.60k
+sha1 542.66k 2843.50k 5320.53k 6833.49k 7389.18k
+rc4 3677.15k 4313.73k 4407.89k 4429.82k 4404.57k
+des cbc 1787.94k 2174.51k 2236.76k 2249.73k 2230.95k
+des ede3 719.46k 777.26k 784.81k 780.29k 783.70k
+idea cbc 619.56k 677.89k 684.12k 685.40k 685.40k
+rc2 cbc 537.51k 573.93k 578.47k 579.24k 578.90k
+blowfish cbc 3226.76k 4221.65k 4424.19k 4468.39k 4377.26k
+cast cbc 2866.13k 3165.35k 3263.15k 3287.04k 3233.11k
+ sign verify
+rsa 512 bits 0.0212s 0.0021s
+rsa 1024 bits 0.1072s 0.0064s
+rsa 2048 bits 0.6853s 0.0222s
+rsa 4096 bits 4.9300s 0.0848s
+ sign verify
+dsa 512 bits 0.0200s 0.0380s
+dsa 1024 bits 0.0600s 0.1180s
+dsa 2048 bits 0.2110s 0.4221s
diff --git a/src/lib/libssl/src/times/R10000.t b/src/lib/libssl/src/times/R10000.t
new file mode 100644
index 0000000000..6b3874c866
--- /dev/null
+++ b/src/lib/libssl/src/times/R10000.t
@@ -0,0 +1,24 @@
+IRIX 6.2 - R10000 195mhz
+SLeay 0.6.5a 06-Dec-1996
+built on Tue Dec 24 03:51:45 EST 1996
+options:bn(32,32) md2(int) rc4(ptr,int) des(ptr,risc2,16,long) idea(int)
+C flags:cc -O2 -DTERMIOS -DB_ENDIAN
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 156.34k 424.03k 571.88k 628.88k 646.01k
+md5 1885.02k 8181.72k 13440.53k 16020.60k 16947.54k
+sha 1587.12k 7022.05k 11951.24k 14440.12k 15462.74k
+sha1 1413.13k 6215.86k 10571.16k 12736.22k 13628.51k
+rc4 10556.28k 11974.08k 12077.10k 12111.38k 12103.20k
+des cfb 2977.71k 3252.27k 3284.36k 3302.66k 3290.54k
+des cbc 3298.31k 3704.96k 3771.30k 3730.73k 3778.80k
+des ede3 1278.28k 1328.82k 1342.66k 1339.82k 1343.27k
+idea cfb 2843.34k 3138.04k 3180.95k 3176.46k 3188.54k
+idea cbc 3115.21k 3558.03k 3590.61k 3591.24k 3601.18k
+rc2 cfb 2006.66k 2133.33k 2149.03k 2159.36k 2149.71k
+rc2 cbc 2167.07k 2315.30k 2338.05k 2329.34k 2333.90k
+rsa 512 bits 0.008s
+rsa 1024 bits 0.043s
+rsa 2048 bits 0.280s
+rsa 4096 bits 2.064s
+
diff --git a/src/lib/libssl/src/times/R4400.t b/src/lib/libssl/src/times/R4400.t
new file mode 100644
index 0000000000..af8848ffe3
--- /dev/null
+++ b/src/lib/libssl/src/times/R4400.t
@@ -0,0 +1,26 @@
+IRIX 5.3
+R4400 200mhz
+cc -O2
+SSLeay 0.6.5a 06-Dec-1996
+built on Mon Dec 23 11:51:11 EST 1996
+options:bn(32,32) md2(int) rc4(ptr,int) des(ptr,risc2,16,long) idea(int)
+C flags:cc -O2 -DTERMIOS -DB_ENDIAN
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 100.62k 280.25k 380.15k 416.02k 428.82k
+md5 828.62k 3525.05k 6311.98k 7742.51k 8328.04k
+sha 580.04k 2513.74k 4251.73k 5101.04k 5394.80k
+sha1 520.23k 2382.94k 4107.82k 5024.62k 5362.56k
+rc4 5871.53k 6323.08k 6357.49k 6392.04k 6305.45k
+des cfb 1016.76k 1156.72k 1176.59k 1180.55k 1181.65k
+des cbc 1016.38k 1303.81k 1349.10k 1359.41k 1356.62k
+des ede3 607.39k 650.74k 655.11k 657.52k 654.18k
+idea cfb 1296.10k 1348.66k 1353.80k 1358.75k 1355.40k
+idea cbc 1453.90k 1554.68k 1567.84k 1569.89k 1573.57k
+rc2 cfb 1199.86k 1251.69k 1253.57k 1259.56k 1251.31k
+rc2 cbc 1334.60k 1428.55k 1441.89k 1445.42k 1441.45k
+rsa 512 bits 0.024s
+rsa 1024 bits 0.125s
+rsa 2048 bits 0.806s
+rsa 4096 bits 5.800s
+
diff --git a/src/lib/libssl/src/times/aix.t b/src/lib/libssl/src/times/aix.t
new file mode 100644
index 0000000000..4f24e3980e
--- /dev/null
+++ b/src/lib/libssl/src/times/aix.t
@@ -0,0 +1,34 @@
+from Paco Garcia <pgarcia@ctv.es>
+This machine is a Bull Estrella Minitower Model MT604-100
+Processor : PPC604
+P.Speed : 100Mhz
+Data/Instr Cache : 16 K
+L2 Cache : 256 K
+PCI BUS Speed : 33 Mhz
+TransfRate PCI : 132 MB/s
+Memory : 96 MB
+
+AIX 4.1.4
+
+SSLeay 0.6.6 14-Jan-1997
+built on Mon Jan 13 21:36:03 CUT 1997
+options:bn(64,32) md2(int) rc4(ptr,char) des(idx,cisc,4,long) idea(int) blowfish
+(idx)
+C flags:cc -O -DAIX -DB_ENDIAN
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 53.83k 147.46k 197.63k 215.72k 221.70k
+md5 1278.13k 5354.77k 8679.60k 10195.09k 10780.56k
+sha 1055.34k 4600.37k 7721.30k 9298.94k 9868.63k
+sha1 276.90k 1270.25k 2187.95k 2666.84k 2850.82k
+rc4 4660.57k 5268.93k 5332.48k 5362.47k 5346.65k
+des cbc 1774.16k 1981.10k 1979.56k 2032.71k 1972.25k
+des ede3 748.81k 781.42k 785.66k 785.75k 780.84k
+idea cbc 2066.19k 2329.58k 2378.91k 2379.86k 2380.89k
+rc2 cbc 1278.53k 1379.69k 1389.99k 1393.66k 1389.91k
+blowfish cbc 2812.91k 3307.90k 3364.91k 3386.37k 3374.32k
+rsa 512 bits 0.019s
+rsa 1024 bits 0.096s
+rsa 2048 bits 0.614s
+rsa 4096 bits 4.433s
+
diff --git a/src/lib/libssl/src/times/aixold.t b/src/lib/libssl/src/times/aixold.t
new file mode 100644
index 0000000000..0b51412cf9
--- /dev/null
+++ b/src/lib/libssl/src/times/aixold.t
@@ -0,0 +1,23 @@
+SSLeay 0.7.3r 20-May-1997
+built on Mon Jun 2 04:06:32 EST 1997
+options:bn(64,32) md2(int) rc4(ptr,char) des(idx,cisc,4,long) idea(int) blowfish(idx)
+C flags:cc -O -DAIX -DB_ENDIAN
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 19.09k 52.47k 71.23k 77.49k 78.93k
+md5 214.56k 941.21k 1585.43k 1883.12k 1988.70k
+sha 118.35k 521.65k 860.28k 1042.27k 1100.46k
+sha1 109.52k 478.98k 825.90k 995.48k 1049.69k
+rc4 1263.63k 1494.24k 1545.70k 1521.66k 1518.99k
+des cbc 259.62k 286.55k 287.15k 288.15k 289.45k
+des ede3 104.92k 107.88k 109.27k 109.25k 109.96k
+idea cbc 291.63k 320.07k 319.40k 320.51k 318.27k
+rc2 cbc 220.04k 237.76k 241.44k 245.90k 244.08k
+blowfish cbc 407.95k 474.83k 480.99k 485.71k 481.07k
+rsa 512 bits 0.157s 0.019
+rsa 1024 bits 0.908s 0.023
+rsa 2048 bits 6.225s 0.218
+rsa 4096 bits 46.500s 0.830
+dsa 512 bits 0.159s 0.312
+dsa 1024 bits 0.536s 1.057
+dsa 2048 bits 1.970s 3.977
diff --git a/src/lib/libssl/src/times/alpha.t b/src/lib/libssl/src/times/alpha.t
new file mode 100644
index 0000000000..3a7c6c4983
--- /dev/null
+++ b/src/lib/libssl/src/times/alpha.t
@@ -0,0 +1,81 @@
+SSLeay-051 Alpha gcc -O3 64Bit (assember bn_mul)
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 44.40k 121.56k 162.73k 179.20k 185.01k
+md5 780.85k 3278.53k 5281.52k 6327.98k 6684.67k
+sha 501.40k 2249.19k 3855.27k 4801.19k 5160.96k
+sha-1 384.99k 1759.72k 3113.64k 3946.92k 4229.80k
+rc4 3505.05k 3724.54k 3723.78k 3555.33k 3694.68k
+des cfb 946.96k 1015.27k 1021.87k 1033.56k 1037.65k
+des cbc 1001.24k 1220.20k 1243.31k 1272.73k 1265.87k
+des ede3 445.34k 491.65k 500.53k 502.10k 502.44k
+idea cfb 643.53k 667.49k 663.81k 666.28k 664.51k
+idea cbc 650.42k 735.41k 733.27k 742.74k 745.47k
+rsa 512 bits 0.031s
+rsa 1024 bits 0.141s
+rsa 2048 bits 0.844s
+rsa 4096 bits 6.033s
+
+SSLeay-051 Alpha cc -O2 64bit (assember bn_mul)
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 45.37k 122.86k 165.97k 182.95k 188.42k
+md5 842.42k 3629.93k 5916.76k 7039.17k 7364.61k
+sha 498.93k 2197.23k 3895.60k 4756.48k 5132.13k
+sha-1 382.02k 1757.21k 3112.53k 3865.23k 4128.77k
+rc4 2975.25k 3049.33k 3180.97k 3214.68k 3424.26k
+des cfb 901.55k 990.83k 1006.08k 1011.19k 1004.89k
+des cbc 947.84k 1127.84k 1163.67k 1162.24k 1157.80k
+des ede3 435.62k 485.57k 493.67k 491.52k 491.52k
+idea cfb 629.31k 648.66k 647.77k 648.53k 649.90k
+idea cbc 565.15k 608.00k 613.46k 613.38k 617.13k
+rsa 512 bits 0.030s
+rsa 1024 bits 0.141s
+rsa 2048 bits 0.854s
+rsa 4096 bits 6.067s
+
+des cfb 718.28k 822.64k 833.11k 836.27k 841.05k
+des cbc 806.10k 951.42k 975.83k 983.73k 991.23k
+des ede3 329.50k 379.11k 387.95k 387.41k 388.33k
+
+des cfb 871.62k 948.65k 951.81k 953.00k 955.58k
+des cbc 953.60k 1174.27k 1206.70k 1216.10k 1216.44k
+des ede3 349.34k 418.05k 427.26k 429.74k 431.45k
+
+
+
+
+SSLeay-045c Alpha gcc -O3 64Bit
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 44.95k 122.22k 164.27k 180.62k 184.66k
+md5 808.71k 3371.95k 5415.68k 6385.66k 6684.67k
+sha 493.68k 2162.05k 3725.82k 4552.02k 4838.74k
+rc4 3317.32k 3649.09k 3728.30k 3744.09k 3691.86k
+cfb des 996.45k 1050.77k 1058.30k 1059.16k 1064.96k
+cbc des 1096.52k 1255.49k 1282.13k 1289.90k 1299.80k
+ede3 des 482.14k 513.51k 518.66k 520.19k 521.39k
+cfb idea 519.90k 533.40k 535.21k 535.55k 535.21k
+cbc idea 619.34k 682.21k 688.04k 689.15k 690.86k
+rsa 512 bits 0.050s
+rsa 1024 bits 0.279s
+rsa 2048 bits 1.908s
+rsa 4096 bits 14.750s
+
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 37.31k 102.77k 137.64k 151.55k 155.78k
+md5 516.65k 2535.21k 4655.72k 5859.66k 6343.34k
+rc4 3519.61k 3707.01k 3746.86k 3755.39k 3675.48k
+cfb des 780.27k 894.68k 913.10k 921.26k 922.97k
+cbc des 867.54k 1040.13k 1074.17k 1075.54k 1084.07k
+ede3 des 357.19k 397.36k 398.08k 402.28k 401.41k
+cbc idea 646.53k 686.44k 694.03k 691.20k 693.59k
+rsa 512 bits 0.046s
+rsa 1024 bits 0.270s
+rsa 2048 bits 1.858s
+rsa 4096 bits 14.350s
+
+md2 C 37.83k 103.17k 137.90k 150.87k 155.37k
+md2 L 37.30k 102.04k 139.01k 152.74k 155.78k
+rc4 I 3532.24k 3718.08k 3750.83k 3768.78k 3694.59k
+rc4 CI 2662.97k 2873.26k 2907.22k 2920.63k 2886.31k
+rc4 LI 3514.63k 3738.72k 3747.41k 3752.96k 3708.49k
+cbc idea S 619.01k 658.68k 661.50k 662.53k 663.55k
+cbc idea L 645.69k 684.22k 694.55k 692.57k 690.86k
diff --git a/src/lib/libssl/src/times/alpha400.t b/src/lib/libssl/src/times/alpha400.t
new file mode 100644
index 0000000000..079e0d187c
--- /dev/null
+++ b/src/lib/libssl/src/times/alpha400.t
@@ -0,0 +1,25 @@
+Alpha EV5.6 (21164A) 400mhz
+
+SSLeay 0.7.3r 20-May-1997
+built on Mon Jun 2 03:39:58 EST 1997
+options:bn(64,64) md2(int) rc4(ptr,int) des(idx,cisc,4,long) idea(int) blowfish(idx)
+C flags:cc -arch host -tune host -fast -std -O4 -inline speed
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 274.98k 760.96k 1034.27k 1124.69k 1148.69k
+md5 2524.46k 11602.60k 19838.81k 24075.26k 25745.10k
+sha 1848.46k 8335.66k 14232.49k 17247.91k 18530.30k
+sha1 1639.67k 7336.53k 12371.80k 14807.72k 15870.63k
+rc4 17950.93k 19390.66k 19652.44k 19700.39k 19412.31k
+des cbc 4018.59k 4872.06k 4988.76k 5003.26k 4995.73k
+des ede3 1809.11k 1965.67k 1984.26k 1986.90k 1982.46k
+idea cbc 2848.82k 3204.33k 3250.26k 3257.34k 3260.42k
+rc2 cbc 3766.08k 4349.50k 4432.21k 4448.94k 4448.26k
+blowfish cbc 6694.88k 9042.35k 9486.93k 9598.98k 9624.91k
+rsa 512 bits 0.003s 0.000
+rsa 1024 bits 0.013s 0.000
+rsa 2048 bits 0.081s 0.003
+rsa 4096 bits 0.577s 0.011
+dsa 512 bits 0.003s 0.005
+dsa 1024 bits 0.007s 0.014
+dsa 2048 bits 0.025s 0.050
diff --git a/src/lib/libssl/src/times/cyrix100.lnx b/src/lib/libssl/src/times/cyrix100.lnx
new file mode 100644
index 0000000000..010a2216b1
--- /dev/null
+++ b/src/lib/libssl/src/times/cyrix100.lnx
@@ -0,0 +1,22 @@
+SSLeay 0.6.6 06-Dec-1996
+built on Fri Dec 6 10:05:20 GMT 1996
+options:bn(64,32) md2(char) rc4(idx,int) des(idx,risc,16,long) idea(int)
+C flags:gcc -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 36.77k 102.48k 138.00k 151.57k 155.78k
+md5 513.59k 2577.22k 4623.51k 5768.99k 6214.53k
+sha 259.89k 1105.45k 1814.97k 2156.16k 2292.13k
+sha1 242.43k 1040.95k 1719.44k 2049.74k 2164.64k
+rc4 1984.48k 2303.41k 2109.37k 2071.47k 1985.61k
+des cfb 712.08k 758.29k 753.17k 752.06k 748.67k
+des cbc 787.37k 937.64k 956.77k 961.61k 957.54k
+des ede3 353.97k 377.28k 379.99k 379.34k 379.11k
+idea cfb 403.80k 418.50k 416.60k 415.78k 415.03k
+idea cbc 426.54k 466.40k 471.31k 472.67k 473.14k
+rc2 cfb 405.15k 420.05k 418.16k 416.72k 416.36k
+rc2 cbc 428.21k 468.43k 473.09k 472.59k 474.70k
+rsa 512 bits 0.040s
+rsa 1024 bits 0.195s
+rsa 2048 bits 1.201s
+rsa 4096 bits 8.700s
diff --git a/src/lib/libssl/src/times/dgux-x86.t b/src/lib/libssl/src/times/dgux-x86.t
new file mode 100644
index 0000000000..70635c536b
--- /dev/null
+++ b/src/lib/libssl/src/times/dgux-x86.t
@@ -0,0 +1,23 @@
+version:SSLeay 0.5.2c 15-May-1996
+built Fri Jun 14 19:47:04 EST 1996
+options:bn(LLONG,thirty_two) md2(CHAR) rc4(IDX,int) des(ary,long) idea(int)
+C flags:gcc -O3 -fomit-frame-pointer -DL_ENDIAN
+
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 113.86k 316.48k 428.36k 467.63k 481.56k
+md5 1001.99k 5037.99k 9545.94k 12036.95k 11800.38k
+sha 628.77k 2743.48k 5113.42k 6206.99k 6165.42k
+sha1 583.83k 2638.66k 4538.85k 5532.09k 5917.04k
+rc4 5493.27k 6369.39k 6511.30k 6577.83k 6486.73k
+des cfb 1219.01k 1286.06k 1299.33k 1288.87k 1381.72k
+des cbc 1360.58k 1469.04k 1456.96k 1454.08k 1513.57k
+des ede3 544.45k 567.84k 568.99k 570.37k 566.09k
+idea cfb 1012.39k 1056.30k 1063.52k 989.17k 863.24k
+idea cbc 985.36k 1090.44k 1105.92k 1108.65k 1090.17k
+rc2 cfb 963.86k 979.06k 995.30k 937.35k 827.39k
+rc2 cbc 951.72k 1042.11k 1049.60k 1047.21k 1059.11k
+rsa 512 bits 0.032s
+rsa 1024 bits 0.159s
+rsa 2048 bits 1.025s
+rsa 4096 bits 7.270s
+
diff --git a/src/lib/libssl/src/times/dgux.t b/src/lib/libssl/src/times/dgux.t
new file mode 100644
index 0000000000..c7f7564e8d
--- /dev/null
+++ b/src/lib/libssl/src/times/dgux.t
@@ -0,0 +1,17 @@
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 38.54k 106.28k 144.00k 157.46k 161.72k
+md5 323.23k 1471.62k 2546.11k 3100.20k 3309.57k
+rc4 I 1902.74k 2055.20k 2080.42k 2077.88k 2065.46k
+cfb des 456.23k 475.22k 481.79k 488.42k 487.17k
+cbc des 484.30k 537.50k 553.09k 558.08k 558.67k
+ede3 des 199.97k 209.05k 211.03k 211.85k 212.78k
+cbc idea 478.50k 519.33k 523.42k 525.09k 526.44k
+rsa 512 bits 0.159s !RSA_LLONG
+rsa 1024 bits 1.053s
+rsa 2048 bits 7.600s
+rsa 4096 bits 59.760s
+
+md2 C 30.53k 83.58k 112.84k 123.22k 126.24k
+rc4 1844.56k 1975.50k 1997.73k 1994.95k 1984.88k
+rc4 C 1800.09k 1968.85k 1995.20k 1992.36k 1996.80k
+rc4 CI 1830.81k 2035.75k 2067.28k 2070.23k 2062.77k
diff --git a/src/lib/libssl/src/times/hpux-acc.t b/src/lib/libssl/src/times/hpux-acc.t
new file mode 100644
index 0000000000..0c0e936d19
--- /dev/null
+++ b/src/lib/libssl/src/times/hpux-acc.t
@@ -0,0 +1,25 @@
+HPUX 887
+
+SSLeay 0.7.3r 20-May-1997
+built on Mon Jun 2 02:59:45 EST 1997
+options:bn(32,32) md2(int) rc4(ptr,int) des(ptr,risc1,16,long) idea(int) blowfish(idx)
+C flags:cc -DB_ENDIAN -D_HPUX_SOURCE -Aa -Ae +ESlit +O4 -Wl,-a,archive
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 58.99k 166.85k 225.07k 247.21k 253.76k
+md5 639.22k 2726.98k 4477.25k 5312.69k 5605.20k
+sha 381.08k 1661.49k 2793.84k 3368.86k 3581.23k
+sha1 349.54k 1514.56k 2536.63k 3042.59k 3224.39k
+rc4 2891.10k 4238.01k 4464.11k 4532.49k 4545.87k
+des cbc 717.05k 808.76k 820.14k 821.97k 821.96k
+des ede3 288.21k 303.50k 303.69k 305.82k 305.14k
+idea cbc 325.83k 334.36k 335.89k 336.61k 333.43k
+rc2 cbc 793.00k 915.81k 926.69k 933.28k 929.53k
+blowfish cbc 1561.91k 2051.97k 2122.65k 2139.40k 2145.92k
+rsa 512 bits 0.031s 0.004
+rsa 1024 bits 0.164s 0.004
+rsa 2048 bits 1.055s 0.037
+rsa 4096 bits 7.600s 0.137
+dsa 512 bits 0.029s 0.057
+dsa 1024 bits 0.092s 0.177
+dsa 2048 bits 0.325s 0.646
diff --git a/src/lib/libssl/src/times/hpux-kr.t b/src/lib/libssl/src/times/hpux-kr.t
new file mode 100644
index 0000000000..ad4a0adc18
--- /dev/null
+++ b/src/lib/libssl/src/times/hpux-kr.t
@@ -0,0 +1,23 @@
+SSLeay 0.7.3r 20-May-1997
+built on Mon Jun 2 02:17:35 EST 1997
+options:bn(32,32) md2(int) rc4(ptr,int) des(ptr,cisc,16,long) idea(int) blowfish(idx)
+C flags:cc -DB_ENDIAN -DNOCONST -DNOPROTO -D_HPUX_SOURCE
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 35.30k 98.36k 133.41k 146.34k 150.69k
+md5 391.20k 1737.31k 2796.65k 3313.75k 3503.74k
+sha 189.55k 848.14k 1436.72k 1735.87k 1848.03k
+sha1 175.30k 781.14k 1310.32k 1575.61k 1675.81k
+rc4 2070.55k 2501.47k 2556.65k 2578.34k 2584.91k
+des cbc 465.13k 536.85k 545.87k 547.86k 548.89k
+des ede3 190.05k 200.99k 202.31k 202.22k 202.75k
+idea cbc 263.44k 277.77k 282.13k 281.51k 283.15k
+rc2 cbc 448.37k 511.39k 519.54k 522.00k 521.31k
+blowfish cbc 839.98k 1097.70k 1131.16k 1145.64k 1144.67k
+rsa 512 bits 0.048s 0.005
+rsa 1024 bits 0.222s 0.006
+rsa 2048 bits 1.272s 0.042
+rsa 4096 bits 8.445s 0.149
+dsa 512 bits 0.041s 0.077
+dsa 1024 bits 0.111s 0.220
+dsa 2048 bits 0.363s 0.726
diff --git a/src/lib/libssl/src/times/hpux.t b/src/lib/libssl/src/times/hpux.t
new file mode 100644
index 0000000000..dcf7615edf
--- /dev/null
+++ b/src/lib/libssl/src/times/hpux.t
@@ -0,0 +1,86 @@
+HP-UX A.09.05 9000/712
+
+SSLeay 0.6.6 14-Jan-1997
+built on Tue Jan 14 16:36:31 WET 1997
+options:bn(32,32) md2(int) rc4(ptr,int) des(ptr,risc1,16,long) idea(int)
+blowfish(idx)
+C flags:cc -DB_ENDIAN -D_HPUX_SOURCE -Aa +ESlit +O2 -Wl,-a,archive
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 66.56k 184.92k 251.82k 259.86k 282.62k
+md5 615.54k 2805.92k 4764.30k 5724.21k 6084.39k
+sha 358.23k 1616.46k 2781.50k 3325.72k 3640.89k
+sha1 327.50k 1497.98k 2619.44k 3220.26k 3460.85k
+rc4 3500.47k 3890.99k 3943.81k 3883.74k 3900.02k
+des cbc 742.65k 871.66k 887.15k 891.21k 895.40k
+des ede3 302.42k 322.50k 324.46k 326.66k 326.05k
+idea cbc 664.41k 755.87k 765.61k 772.70k 773.69k
+rc2 cbc 798.78k 931.04k 947.69k 950.31k 952.04k
+blowfish cbc 1353.32k 1932.29k 2021.93k 2047.02k 2053.66k
+rsa 512 bits 0.059s
+rsa 1024 bits 0.372s
+rsa 2048 bits 2.697s
+rsa 4096 bits 20.790s
+
+SSLeay 0.6.6 14-Jan-1997
+built on Tue Jan 14 15:37:30 WET 1997
+options:bn(64,32) md2(int) rc4(ptr,int) des(ptr,risc1,16,long) idea(int)
+blowfish(idx)
+C flags:gcc -DB_ENDIAN -O3
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 44.91k 122.57k 167.71k 183.89k 190.24k
+md5 532.50k 2316.27k 3965.72k 4740.11k 5055.06k
+sha 363.76k 1684.09k 2978.53k 3730.86k 3972.72k
+sha1 385.76k 1743.53k 2997.69k 3650.74k 3899.08k
+rc4 3178.84k 3621.31k 3672.71k 3684.01k 3571.54k
+des cbc 733.00k 844.70k 863.28k 863.72k 868.73k
+des ede3 289.99k 308.94k 310.11k 309.64k 312.08k
+idea cbc 624.07k 713.91k 724.76k 723.35k 725.13k
+rc2 cbc 704.34k 793.39k 804.25k 805.99k 782.63k
+blowfish cbc 1371.24k 1823.66k 1890.05k 1915.51k 1920.12k
+rsa 512 bits 0.030s
+rsa 1024 bits 0.156s
+rsa 2048 bits 1.113s
+rsa 4096 bits 7.480s
+
+
+HPUX B.10.01 V 9000/887 - HP92453-01 A.10.11 HP C Compiler
+SSLeay 0.5.2 - -Aa +ESlit +Oall +O4 -Wl,-a,archive
+
+HPUX A.09.04 B 9000/887
+
+ssleay 0.5.1 gcc v 2.7.0 -O3 -mpa-risc-1-1
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 53.00k 166.81k 205.66k 241.95k 242.20k
+md5 743.22k 3128.44k 6031.85k 6142.07k 7025.26k
+sha 481.30k 2008.24k 3361.31k 3985.07k 4180.74k
+sha-1 463.60k 1916.15k 3139.24k 3786.27k 3997.70k
+rc4 3708.61k 4125.16k 4547.53k 4206.21k 4390.07k
+des cfb 665.91k 705.97k 698.48k 694.25k 666.08k
+des cbc 679.80k 741.90k 769.85k 747.62k 719.47k
+des ede3 264.31k 270.22k 265.63k 273.07k 273.07k
+idea cfb 635.91k 673.40k 605.60k 699.53k 672.36k
+idea cbc 705.85k 774.63k 750.60k 715.83k 721.50k
+rsa 512 bits 0.066s
+rsa 1024 bits 0.372s
+rsa 2048 bits 2.177s
+rsa 4096 bits 16.230s
+
+HP92453-01 A.09.61 HP C Compiler
+ssleay 0.5.1 cc -Ae +ESlit +Oall -Wl,-a,archive
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 58.69k 163.30k 213.57k 230.40k 254.23k
+md5 608.60k 2596.82k 3871.43k 4684.10k 4763.88k
+sha 343.26k 1482.43k 2316.80k 2766.27k 2860.26k
+sha-1 319.15k 1324.13k 2106.03k 2527.82k 2747.95k
+rc4 2467.47k 3374.41k 3265.49k 3354.39k 3368.55k
+des cfb 812.05k 814.90k 851.20k 819.20k 854.56k
+des cbc 836.35k 994.06k 916.02k 1020.01k 988.14k
+des ede3 369.78k 389.15k 401.01k 382.94k 408.03k
+idea cfb 290.40k 298.06k 286.11k 296.92k 299.46k
+idea cbc 301.30k 297.72k 304.34k 300.10k 309.70k
+rsa 512 bits 0.350s
+rsa 1024 bits 2.635s
+rsa 2048 bits 19.930s
+
diff --git a/src/lib/libssl/src/times/p2.w95 b/src/lib/libssl/src/times/p2.w95
new file mode 100644
index 0000000000..82d1e5515d
--- /dev/null
+++ b/src/lib/libssl/src/times/p2.w95
@@ -0,0 +1,22 @@
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 235.90k 652.30k 893.36k 985.74k 985.74k
+mdc2 779.61k 816.81k 825.65k 816.01k 825.65k
+md5 2788.77k 13508.23k 24672.38k 30504.03k 33156.55k
+sha 1938.22k 8397.01k 14122.24k 16980.99k 18196.55k
+sha1 1817.29k 7832.50k 13168.93k 15738.48k 16810.84k
+rc4 15887.52k 21709.65k 22745.68k 22995.09k 22995.09k
+des cbc 4599.02k 5377.31k 5377.31k 5533.38k 5533.38k
+des ede3 1899.59k 2086.71k 2086.67k 2086.51k 2085.90k
+idea cbc 3350.08k 3934.62k 3979.42k 4017.53k 4017.53k
+rc2 cbc 1534.13k 1630.76k 1625.70k 1644.83k 1653.91k
+blowfish cbc 6678.83k 8490.49k 8701.88k 8848.74k 8886.24k
+ sign verify
+rsa 512 bits 0.0062s 0.0008s
+rsa 1024 bits 0.0287s 0.0009s
+rsa 2048 bits 0.1785s 0.0059s
+rsa 4096 bits 1.1300s 0.0205s
+ sign verify
+dsa 512 bits 0.0055s 0.0100s
+dsa 1024 bits 0.0154s 0.0299s
+dsa 2048 bits 0.0502s 0.0996s
diff --git a/src/lib/libssl/src/times/pent2.t b/src/lib/libssl/src/times/pent2.t
new file mode 100644
index 0000000000..b6dc269155
--- /dev/null
+++ b/src/lib/libssl/src/times/pent2.t
@@ -0,0 +1,24 @@
+pentium 2, 266mhz, Visual C++ 5.0, Windows 95
+
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 235.90k 652.30k 893.36k 985.74k 985.74k
+mdc2 779.61k 816.81k 825.65k 816.01k 825.65k
+md5 2788.77k 13508.23k 24672.38k 30504.03k 33156.55k
+sha 1938.22k 8397.01k 14122.24k 16980.99k 18196.55k
+sha1 1817.29k 7832.50k 13168.93k 15738.48k 16810.84k
+rc4 15887.52k 21709.65k 22745.68k 22995.09k 22995.09k
+des cbc 4599.02k 5377.31k 5377.31k 5533.38k 5533.38k
+des ede3 1899.59k 2086.71k 2086.67k 2086.51k 2085.90k
+idea cbc 3350.08k 3934.62k 3979.42k 4017.53k 4017.53k
+rc2 cbc 1534.13k 1630.76k 1625.70k 1644.83k 1653.91k
+blowfish cbc 6678.83k 8490.49k 8701.88k 8848.74k 8886.24k
+ sign verify
+rsa 512 bits 0.0062s 0.0008s
+rsa 1024 bits 0.0287s 0.0009s
+rsa 2048 bits 0.1785s 0.0059s
+rsa 4096 bits 1.1300s 0.0205s
+ sign verify
+dsa 512 bits 0.0055s 0.0100s
+dsa 1024 bits 0.0154s 0.0299s
+dsa 2048 bits 0.0502s 0.0996s
diff --git a/src/lib/libssl/src/times/readme b/src/lib/libssl/src/times/readme
new file mode 100644
index 0000000000..7074f5815b
--- /dev/null
+++ b/src/lib/libssl/src/times/readme
@@ -0,0 +1,11 @@
+The 'times' in this directory are not all for the most recent version of
+the library and it should be noted that on some CPUs (specifically sparc
+and Alpha), the locations of files in the application after linking can
+make upto a %10 speed difference when running benchmarks on things like
+cbc mode DES. To put it mildly this can be very anoying.
+
+About the only way to get around this would be to compile the library as one
+object file, or to 'include' the source files in a specific order.
+
+The best way to get an idea of the 'raw' DES speed is to build the
+'speed' program in crypto/des.
diff --git a/src/lib/libssl/src/times/s586-100.lnx b/src/lib/libssl/src/times/s586-100.lnx
new file mode 100644
index 0000000000..cbc3e3c4fb
--- /dev/null
+++ b/src/lib/libssl/src/times/s586-100.lnx
@@ -0,0 +1,25 @@
+Shared library build
+
+SSLeay 0.7.3 30-Apr-1997
+built on Tue May 13 03:43:56 EST 1997
+options:bn(64,32) md2(char) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2)
+C flags:-DTERMIO -O3 -DL_ENDIAN -fomit-frame-pointer -m486 -Wall
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 68.95k 191.40k 258.22k 283.31k 291.21k
+md5 627.37k 3064.75k 5370.15k 6765.91k 7255.38k
+sha 323.35k 1431.32k 2417.07k 2916.69k 3102.04k
+sha1 298.08k 1318.34k 2228.82k 2694.83k 2864.47k
+rc4 3404.13k 4026.33k 4107.43k 4136.28k 4117.85k
+des cbc 1414.60k 1782.53k 1824.24k 1847.64k 1840.47k
+des ede3 588.36k 688.19k 700.33k 702.46k 704.51k
+idea cbc 582.96k 636.71k 641.54k 642.39k 642.30k
+rc2 cbc 569.34k 612.37k 617.64k 617.47k 619.86k
+blowfish cbc 2015.77k 2534.49k 2609.65k 2607.10k 2615.98k
+rsa 512 bits 0.027s 0.003
+rsa 1024 bits 0.128s 0.003
+rsa 2048 bits 0.779s 0.027
+rsa 4096 bits 5.450s 0.098
+dsa 512 bits 0.024s 0.045
+dsa 1024 bits 0.068s 0.132
+dsa 2048 bits 0.231s 0.469
diff --git a/src/lib/libssl/src/times/s586-100.nt b/src/lib/libssl/src/times/s586-100.nt
new file mode 100644
index 0000000000..8e3baf6d5e
--- /dev/null
+++ b/src/lib/libssl/src/times/s586-100.nt
@@ -0,0 +1,23 @@
+SSLeay 0.7.3 30-Apr-1997
+built on Mon May 19 10:47:38 EST 1997
+options:bn(64,32) md2(char) rc4(idx,int) des(idx,cisc,4,long) idea(int) blowfish(ptr2)
+C flags not available
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 90.26k 248.57k 335.06k 366.09k 376.64k
+md5 863.95k 4205.24k 7628.78k 9582.60k 10290.25k
+sha 463.93k 2102.51k 3623.28k 4417.85k 4695.29k
+sha1 458.23k 2005.88k 3385.78k 4094.00k 4340.13k
+rc4 5843.60k 7543.71k 7790.31k 7836.89k 7791.47k
+des cbc 1583.95k 1910.67k 1960.69k 1972.12k 1946.13k
+des ede3 654.79k 722.60k 740.97k 745.82k 738.27k
+idea cbc 792.04k 876.96k 887.35k 892.63k 890.36k
+rc2 cbc 603.50k 652.38k 661.85k 662.69k 661.44k
+blowfish cbc 2379.88k 3043.76k 3153.61k 3153.61k 3134.76k
+rsa 512 bits 0.022s 0.003
+rsa 1024 bits 0.111s 0.003
+rsa 2048 bits 0.716s 0.025
+rsa 4096 bits 5.188s 0.094
+dsa 512 bits 0.020s 0.039
+dsa 1024 bits 0.062s 0.124
+dsa 2048 bits 0.221s 0.441
diff --git a/src/lib/libssl/src/times/sgi.t b/src/lib/libssl/src/times/sgi.t
new file mode 100644
index 0000000000..7963610150
--- /dev/null
+++ b/src/lib/libssl/src/times/sgi.t
@@ -0,0 +1,29 @@
+SGI Challenge R4400 200mhz IRIX 5.3 - gcc (2.6.3)
+SSLeay 0.6.1 02-Jul-1996
+built on Tue Jul 2 16:25:30 EST 1996
+options:bn(64,32) md2(char) rc4(idx,char) des(idx,long) idea(int)
+C flags:gcc -O2 -mips2 -DTERMIOS -DB_ENDIAN
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 96.53k 266.70k 360.09k 393.70k 405.07k
+md5 971.15k 4382.56k 7406.90k 8979.99k 9559.18k
+sha 596.86k 2832.26k 4997.30k 6277.75k 6712.89k
+sha1 578.34k 2630.16k 4632.05k 5684.34k 6083.37k
+rc4 5641.12k 6821.76k 6996.13k 7052.61k 6913.32k
+des cfb 1354.86k 1422.11k 1434.58k 1433.24k 1432.89k
+des cbc 1467.13k 1618.92k 1630.08k 1637.00k 1629.62k
+des ede3 566.13k 591.91k 596.86k 596.18k 592.54k
+idea cfb 1190.60k 1264.49k 1270.38k 1267.84k 1272.37k
+idea cbc 1271.45k 1410.37k 1422.49k 1426.46k 1421.73k
+rc2 cfb 1285.73k 1371.40k 1380.92k 1383.13k 1379.23k
+rc2 cbc 1386.61k 1542.10k 1562.49k 1572.45k 1567.93k
+rsa 512 bits 0.018s
+rsa 1024 bits 0.106s
+rsa 2048 bits 0.738s
+rsa 4096 bits 5.535s
+
+version:SSLeay 0.5.2c 15-May-1996
+rsa 512 bits 0.035s
+rsa 1024 bits 0.204s
+rsa 2048 bits 1.423s
+rsa 4096 bits 10.800s
diff --git a/src/lib/libssl/src/times/sparc.t b/src/lib/libssl/src/times/sparc.t
new file mode 100644
index 0000000000..1611f76570
--- /dev/null
+++ b/src/lib/libssl/src/times/sparc.t
@@ -0,0 +1,26 @@
+gcc 2.7.2
+Sparc 10 - Solaris 2.3 - 50mhz
+SSLeay 0.7.3r 20-May-1997
+built on Mon Jun 2 00:55:51 EST 1997
+options:bn(64,32) md2(int) rc4(ptr,char) des(idx,cisc,16,long) idea(int) blowfish(ptr)
+C flags:gcc -O3 -fomit-frame-pointer -mv8 -Wall
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 54.88k 154.52k 210.35k 231.08k 237.21k
+md5 550.75k 2460.49k 4116.01k 4988.74k 5159.86k
+sha 340.28k 1461.76k 2430.10k 2879.87k 2999.15k
+sha1 307.27k 1298.41k 2136.26k 2540.07k 2658.28k
+rc4 2652.21k 2805.24k 3301.63k 4003.98k 4071.18k
+des cbc 811.78k 903.93k 914.19k 921.60k 932.29k
+des ede3 328.21k 344.93k 349.64k 351.48k 345.07k
+idea cbc 685.06k 727.42k 734.41k 730.11k 739.21k
+rc2 cbc 718.59k 777.02k 781.96k 784.38k 782.60k
+blowfish cbc 1268.85k 1520.64k 1568.88k 1587.54k 1591.98k
+rsa 512 bits 0.037s 0.005
+rsa 1024 bits 0.213s 0.006
+rsa 2048 bits 1.471s 0.053
+rsa 4096 bits 11.100s 0.202
+dsa 512 bits 0.038s 0.074
+dsa 1024 bits 0.128s 0.248
+dsa 2048 bits 0.473s 0.959
+
diff --git a/src/lib/libssl/src/times/sparc2 b/src/lib/libssl/src/times/sparc2
new file mode 100644
index 0000000000..4b0dd805ef
--- /dev/null
+++ b/src/lib/libssl/src/times/sparc2
@@ -0,0 +1,21 @@
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 14.56k 40.25k 54.95k 60.13k 62.18k
+mdc2 53.59k 57.45k 58.11k 58.21k 58.51k
+md5 176.95k 764.75k 1270.36k 1520.14k 1608.36k
+hmac(md5) 55.88k 369.70k 881.15k 1337.05k 1567.40k
+sha1 92.69k 419.75k 723.63k 878.82k 939.35k
+rc4 1247.28k 1414.09k 1434.30k 1434.34k 1441.13k
+des cbc 284.41k 318.58k 323.07k 324.09k 323.87k
+des ede3 109.99k 119.99k 121.60k 121.87k 121.66k
+idea cbc 43.06k 43.68k 43.84k 43.64k 44.07k
+rc2 cbc 278.85k 311.44k 316.50k 316.57k 317.37k
+blowfish cbc 468.89k 569.35k 581.61k 568.34k 559.54k
+cast cbc 285.84k 338.79k 345.71k 346.19k 341.09k
+ sign verify
+rsa 512 bits 0.4175s 0.0519s
+rsa 1024 bits 2.9325s 0.1948s
+rsa 2048 bits 22.3600s 0.7669s
+ sign verify
+dsa 512 bits 0.5178s 1.0300s
+dsa 1024 bits 1.8780s 3.7167s
+dsa 2048 bits 7.3500s 14.4800s
diff --git a/src/lib/libssl/src/times/sparcLX.t b/src/lib/libssl/src/times/sparcLX.t
new file mode 100644
index 0000000000..2fdaed7cc5
--- /dev/null
+++ b/src/lib/libssl/src/times/sparcLX.t
@@ -0,0 +1,22 @@
+Sparc Station LX
+SSLeay 0.7.3 30-Apr-1997
+built on Thu May 1 10:44:02 EST 1997
+options:bn(64,32) md2(int) rc4(ptr,char) des(idx,cisc,16,long) idea(int) blowfish(ptr)
+C flags:gcc -O3 -fomit-frame-pointer -mv8 -Wall
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 17.60k 48.72k 66.47k 72.70k 74.72k
+md5 226.24k 1082.21k 1982.72k 2594.02k 2717.01k
+sha 71.38k 320.71k 551.08k 677.76k 720.90k
+sha1 63.08k 280.79k 473.86k 576.94k 608.94k
+rc4 1138.30k 1257.67k 1304.49k 1377.78k 1364.42k
+des cbc 265.34k 308.85k 314.28k 315.39k 317.20k
+des ede3 83.23k 93.13k 94.04k 94.50k 94.63k
+idea cbc 254.48k 274.26k 275.88k 274.68k 275.80k
+rc2 cbc 328.27k 375.39k 381.43k 381.61k 380.83k
+blowfish cbc 487.00k 498.02k 510.12k 515.41k 516.10k
+rsa 512 bits 0.093s
+rsa 1024 bits 0.537s
+rsa 2048 bits 3.823s
+rsa 4096 bits 28.650s
+
diff --git a/src/lib/libssl/src/times/usparc.t b/src/lib/libssl/src/times/usparc.t
new file mode 100644
index 0000000000..2215624f9f
--- /dev/null
+++ b/src/lib/libssl/src/times/usparc.t
@@ -0,0 +1,25 @@
+Sparc 2000? - Solaris 2.5.1 - 167mhz Ultra sparc
+
+SSLeay 0.7.3r 20-May-1997
+built on Mon Jun 2 02:25:48 EST 1997
+options:bn(64,32) md2(int) rc4(ptr,char) des(ptr,risc1,16,long) idea(int) blowfish(ptr)
+C flags:cc cc -xtarget=ultra -xarch=v8plus -Xa -xO5 -Xa -DB_ENDIAN
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 135.23k 389.87k 536.66k 591.87k 603.48k
+md5 1534.38k 6160.41k 9842.69k 11446.95k 11993.09k
+sha 1178.30k 5020.74k 8532.22k 10275.50k 11010.05k
+sha1 1114.22k 4703.94k 7703.81k 9236.14k 9756.67k
+rc4 10818.03k 13327.57k 13711.10k 13810.69k 13836.29k
+des cbc 3052.44k 3320.02k 3356.25k 3369.98k 3295.91k
+des ede3 1310.32k 1359.98k 1367.47k 1362.94k 1362.60k
+idea cbc 1749.52k 1833.13k 1844.74k 1848.32k 1848.66k
+rc2 cbc 1950.25k 2053.23k 2064.21k 2072.58k 2072.58k
+blowfish cbc 4927.16k 5659.75k 5762.73k 5797.55k 5805.40k
+rsa 512 bits 0.021s 0.003
+rsa 1024 bits 0.126s 0.003
+rsa 2048 bits 0.888s 0.032
+rsa 4096 bits 6.770s 0.122
+dsa 512 bits 0.022s 0.043
+dsa 1024 bits 0.076s 0.151
+dsa 2048 bits 0.286s 0.574
diff --git a/src/lib/libssl/src/times/x86/bfs.cpp b/src/lib/libssl/src/times/x86/bfs.cpp
new file mode 100644
index 0000000000..272ed2f978
--- /dev/null
+++ b/src/lib/libssl/src/times/x86/bfs.cpp
@@ -0,0 +1,67 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+ asm volatile(".byte 15, 49\n\t"
+ : "=eax" (tsc)
+ :
+ : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+ unsigned long a;
+ __asm _emit 0fh
+ __asm _emit 31h
+ __asm mov a, eax;
+ tsc=a;
+}
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "blowfish.h"
+
+void main(int argc,char *argv[])
+ {
+ BF_KEY key;
+ unsigned long s1,s2,e1,e2;
+ unsigned long data[2];
+ int i,j;
+
+ for (j=0; j<6; j++)
+ {
+ for (i=0; i<1000; i++) /**/
+ {
+ BF_encrypt(&data[0],&key);
+ GetTSC(s1);
+ BF_encrypt(&data[0],&key);
+ BF_encrypt(&data[0],&key);
+ BF_encrypt(&data[0],&key);
+ GetTSC(e1);
+ GetTSC(s2);
+ BF_encrypt(&data[0],&key);
+ BF_encrypt(&data[0],&key);
+ BF_encrypt(&data[0],&key);
+ BF_encrypt(&data[0],&key);
+ GetTSC(e2);
+ BF_encrypt(&data[0],&key);
+ }
+
+ printf("blowfish %d %d (%d)\n",
+ e1-s1,e2-s2,((e2-s2)-(e1-s1)));
+ }
+ }
+
diff --git a/src/lib/libssl/src/times/x86/casts.cpp b/src/lib/libssl/src/times/x86/casts.cpp
new file mode 100644
index 0000000000..7f524da57b
--- /dev/null
+++ b/src/lib/libssl/src/times/x86/casts.cpp
@@ -0,0 +1,67 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+ asm volatile(".byte 15, 49\n\t"
+ : "=eax" (tsc)
+ :
+ : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+ unsigned long a;
+ __asm _emit 0fh
+ __asm _emit 31h
+ __asm mov a, eax;
+ tsc=a;
+}
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "cast.h"
+
+void main(int argc,char *argv[])
+ {
+ CAST_KEY key;
+ unsigned long s1,s2,e1,e2;
+ unsigned long data[2];
+ int i,j;
+
+ for (j=0; j<6; j++)
+ {
+ for (i=0; i<1000; i++) /**/
+ {
+ CAST_encrypt(&data[0],&key);
+ GetTSC(s1);
+ CAST_encrypt(&data[0],&key);
+ CAST_encrypt(&data[0],&key);
+ CAST_encrypt(&data[0],&key);
+ GetTSC(e1);
+ GetTSC(s2);
+ CAST_encrypt(&data[0],&key);
+ CAST_encrypt(&data[0],&key);
+ CAST_encrypt(&data[0],&key);
+ CAST_encrypt(&data[0],&key);
+ GetTSC(e2);
+ CAST_encrypt(&data[0],&key);
+ }
+
+ printf("cast %d %d (%d)\n",
+ e1-s1,e2-s2,((e2-s2)-(e1-s1)));
+ }
+ }
+
diff --git a/src/lib/libssl/src/times/x86/des3s.cpp b/src/lib/libssl/src/times/x86/des3s.cpp
new file mode 100644
index 0000000000..9aff6494d9
--- /dev/null
+++ b/src/lib/libssl/src/times/x86/des3s.cpp
@@ -0,0 +1,67 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+ asm volatile(".byte 15, 49\n\t"
+ : "=eax" (tsc)
+ :
+ : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+ unsigned long a;
+ __asm _emit 0fh
+ __asm _emit 31h
+ __asm mov a, eax;
+ tsc=a;
+}
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "des.h"
+
+void main(int argc,char *argv[])
+ {
+ des_key_schedule key1,key2,key3;
+ unsigned long s1,s2,e1,e2;
+ unsigned long data[2];
+ int i,j;
+
+ for (j=0; j<6; j++)
+ {
+ for (i=0; i<1000; i++) /**/
+ {
+ des_encrypt3(&data[0],key1,key2,key3);
+ GetTSC(s1);
+ des_encrypt3(&data[0],key1,key2,key3);
+ des_encrypt3(&data[0],key1,key2,key3);
+ des_encrypt3(&data[0],key1,key2,key3);
+ GetTSC(e1);
+ GetTSC(s2);
+ des_encrypt3(&data[0],key1,key2,key3);
+ des_encrypt3(&data[0],key1,key2,key3);
+ des_encrypt3(&data[0],key1,key2,key3);
+ des_encrypt3(&data[0],key1,key2,key3);
+ GetTSC(e2);
+ des_encrypt3(&data[0],key1,key2,key3);
+ }
+
+ printf("des %d %d (%d)\n",
+ e1-s1,e2-s2,((e2-s2)-(e1-s1)));
+ }
+ }
+
diff --git a/src/lib/libssl/src/times/x86/dess.cpp b/src/lib/libssl/src/times/x86/dess.cpp
new file mode 100644
index 0000000000..7fb5987314
--- /dev/null
+++ b/src/lib/libssl/src/times/x86/dess.cpp
@@ -0,0 +1,67 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+ asm volatile(".byte 15, 49\n\t"
+ : "=eax" (tsc)
+ :
+ : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+ unsigned long a;
+ __asm _emit 0fh
+ __asm _emit 31h
+ __asm mov a, eax;
+ tsc=a;
+}
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "des.h"
+
+void main(int argc,char *argv[])
+ {
+ des_key_schedule key;
+ unsigned long s1,s2,e1,e2;
+ unsigned long data[2];
+ int i,j;
+
+ for (j=0; j<6; j++)
+ {
+ for (i=0; i<1000; i++) /**/
+ {
+ des_encrypt(&data[0],key,1);
+ GetTSC(s1);
+ des_encrypt(&data[0],key,1);
+ des_encrypt(&data[0],key,1);
+ des_encrypt(&data[0],key,1);
+ GetTSC(e1);
+ GetTSC(s2);
+ des_encrypt(&data[0],key,1);
+ des_encrypt(&data[0],key,1);
+ des_encrypt(&data[0],key,1);
+ des_encrypt(&data[0],key,1);
+ GetTSC(e2);
+ des_encrypt(&data[0],key,1);
+ }
+
+ printf("des %d %d (%d)\n",
+ e1-s1,e2-s2,((e2-s2)-(e1-s1)));
+ }
+ }
+
diff --git a/src/lib/libssl/src/times/x86/md5s.cpp b/src/lib/libssl/src/times/x86/md5s.cpp
new file mode 100644
index 0000000000..ef8e175df0
--- /dev/null
+++ b/src/lib/libssl/src/times/x86/md5s.cpp
@@ -0,0 +1,78 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+ asm volatile(".byte 15, 49\n\t"
+ : "=eax" (tsc)
+ :
+ : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+ unsigned long a;
+ __asm _emit 0fh
+ __asm _emit 31h
+ __asm mov a, eax;
+ tsc=a;
+}
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "md5.h"
+
+extern "C" {
+void md5_block_x86(MD5_CTX *ctx, unsigned char *buffer,int num);
+}
+
+void main(int argc,char *argv[])
+ {
+ unsigned char buffer[64*256];
+ MD5_CTX ctx;
+ unsigned long s1,s2,e1,e2;
+ unsigned char k[16];
+ unsigned long data[2];
+ unsigned char iv[8];
+ int i,num=0,numm;
+ int j=0;
+
+ if (argc >= 2)
+ num=atoi(argv[1]);
+
+ if (num == 0) num=16;
+ if (num > 250) num=16;
+ numm=num+2;
+ num*=64;
+ numm*=64;
+
+ for (j=0; j<6; j++)
+ {
+ for (i=0; i<10; i++) /**/
+ {
+ md5_block_x86(&ctx,buffer,numm);
+ GetTSC(s1);
+ md5_block_x86(&ctx,buffer,numm);
+ GetTSC(e1);
+ GetTSC(s2);
+ md5_block_x86(&ctx,buffer,num);
+ GetTSC(e2);
+ md5_block_x86(&ctx,buffer,num);
+ }
+ printf("md5 (%d bytes) %d %d (%.2f)\n",num,
+ e1-s1,e2-s2,(double)((e1-s1)-(e2-s2))/2);
+ }
+ }
+
diff --git a/src/lib/libssl/src/times/x86/rc4s.cpp b/src/lib/libssl/src/times/x86/rc4s.cpp
new file mode 100644
index 0000000000..39f1727dd3
--- /dev/null
+++ b/src/lib/libssl/src/times/x86/rc4s.cpp
@@ -0,0 +1,73 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+ asm volatile(".byte 15, 49\n\t"
+ : "=eax" (tsc)
+ :
+ : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+ unsigned long a;
+ __asm _emit 0fh
+ __asm _emit 31h
+ __asm mov a, eax;
+ tsc=a;
+}
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "rc4.h"
+
+void main(int argc,char *argv[])
+ {
+ unsigned char buffer[1024];
+ RC4_KEY ctx;
+ unsigned long s1,s2,e1,e2;
+ unsigned char k[16];
+ unsigned long data[2];
+ unsigned char iv[8];
+ int i,num=64,numm;
+ int j=0;
+
+ if (argc >= 2)
+ num=atoi(argv[1]);
+
+ if (num == 0) num=256;
+ if (num > 1024-16) num=1024-16;
+ numm=num+8;
+
+ for (j=0; j<6; j++)
+ {
+ for (i=0; i<10; i++) /**/
+ {
+ RC4(&ctx,numm,buffer,buffer);
+ GetTSC(s1);
+ RC4(&ctx,numm,buffer,buffer);
+ GetTSC(e1);
+ GetTSC(s2);
+ RC4(&ctx,num,buffer,buffer);
+ GetTSC(e2);
+ RC4(&ctx,num,buffer,buffer);
+ }
+
+ printf("RC4 (%d bytes) %d %d (%d) - 8 bytes\n",num,
+ e1-s1,e2-s2,(e1-s1)-(e2-s2));
+ }
+ }
+
diff --git a/src/lib/libssl/src/times/x86/sha1s.cpp b/src/lib/libssl/src/times/x86/sha1s.cpp
new file mode 100644
index 0000000000..0163377de6
--- /dev/null
+++ b/src/lib/libssl/src/times/x86/sha1s.cpp
@@ -0,0 +1,79 @@
+//
+// gettsc.inl
+//
+// gives access to the Pentium's (secret) cycle counter
+//
+// This software was written by Leonard Janke (janke@unixg.ubc.ca)
+// in 1996-7 and is entered, by him, into the public domain.
+
+#if defined(__WATCOMC__)
+void GetTSC(unsigned long&);
+#pragma aux GetTSC = 0x0f 0x31 "mov [edi], eax" parm [edi] modify [edx eax];
+#elif defined(__GNUC__)
+inline
+void GetTSC(unsigned long& tsc)
+{
+ asm volatile(".byte 15, 49\n\t"
+ : "=eax" (tsc)
+ :
+ : "%edx", "%eax");
+}
+#elif defined(_MSC_VER)
+inline
+void GetTSC(unsigned long& tsc)
+{
+ unsigned long a;
+ __asm _emit 0fh
+ __asm _emit 31h
+ __asm mov a, eax;
+ tsc=a;
+}
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "sha.h"
+
+extern "C" {
+void sha1_block_x86(SHA_CTX *ctx, unsigned char *buffer,int num);
+}
+
+void main(int argc,char *argv[])
+ {
+ unsigned char buffer[64*256];
+ SHA_CTX ctx;
+ unsigned long s1,s2,e1,e2;
+ unsigned char k[16];
+ unsigned long data[2];
+ unsigned char iv[8];
+ int i,num=0,numm;
+ int j=0;
+
+ if (argc >= 2)
+ num=atoi(argv[1]);
+
+ if (num == 0) num=16;
+ if (num > 250) num=16;
+ numm=num+2;
+ num*=64;
+ numm*=64;
+
+ for (j=0; j<6; j++)
+ {
+ for (i=0; i<10; i++) /**/
+ {
+ sha1_block_x86(&ctx,buffer,numm);
+ GetTSC(s1);
+ sha1_block_x86(&ctx,buffer,numm);
+ GetTSC(e1);
+ GetTSC(s2);
+ sha1_block_x86(&ctx,buffer,num);
+ GetTSC(e2);
+ sha1_block_x86(&ctx,buffer,num);
+ }
+
+ printf("sha1 (%d bytes) %d %d (%.2f)\n",num,
+ e1-s1,e2-s2,(double)((e1-s1)-(e2-s2))/2);
+ }
+ }
+
diff --git a/src/lib/libssl/src/tools/c_hash b/src/lib/libssl/src/tools/c_hash
new file mode 100644
index 0000000000..54ff9d2cac
--- /dev/null
+++ b/src/lib/libssl/src/tools/c_hash
@@ -0,0 +1,9 @@
+#!/bin/sh
+# print out the hash values
+#
+
+for i in $*
+do
+ h=`ssleay x509 -hash -noout -in $i`
+ echo "$h.0 => $i"
+done
diff --git a/src/lib/libssl/src/tools/c_info b/src/lib/libssl/src/tools/c_info
new file mode 100644
index 0000000000..5dd960b3a1
--- /dev/null
+++ b/src/lib/libssl/src/tools/c_info
@@ -0,0 +1,12 @@
+#!/bin/sh
+#
+# print the subject
+#
+
+for i in $*
+do
+ n=`ssleay x509 -subject -issuer -enddate -noout -in $i`
+ echo "$i"
+ echo "$n"
+ echo "--------"
+done
diff --git a/src/lib/libssl/src/tools/c_issuer b/src/lib/libssl/src/tools/c_issuer
new file mode 100644
index 0000000000..a885b24b7b
--- /dev/null
+++ b/src/lib/libssl/src/tools/c_issuer
@@ -0,0 +1,10 @@
+#!/bin/sh
+#
+# print out the issuer
+#
+
+for i in $*
+do
+ n=`ssleay x509 -issuer -noout -in $i`
+ echo "$i\t$n"
+done
diff --git a/src/lib/libssl/src/tools/c_name b/src/lib/libssl/src/tools/c_name
new file mode 100644
index 0000000000..4b33e68c59
--- /dev/null
+++ b/src/lib/libssl/src/tools/c_name
@@ -0,0 +1,10 @@
+#!/bin/sh
+#
+# print the subject
+#
+
+for i in $*
+do
+ n=`ssleay x509 -subject -noout -in $i`
+ echo "$i $n"
+done
diff --git a/src/lib/libssl/src/tools/c_rehash b/src/lib/libssl/src/tools/c_rehash
new file mode 100644
index 0000000000..cbff15e48b
--- /dev/null
+++ b/src/lib/libssl/src/tools/c_rehash
@@ -0,0 +1,47 @@
+#!/bin/sh
+#
+# redo the hashes for the certificates in your cert path or the ones passed
+# on the command line.
+#
+
+if [ "$SSLEAY"x = "x" -o ! -x $SSLEAY ]; then
+ SSLEAY='ssleay'
+ export SSLEAY
+fi
+DIR=/usr/ssl
+PATH=$DIR/bin:$PATH
+
+SSL_DIR=$DIR/certs
+
+if [ "$*" = "" ]; then
+ CERTS=${*:-${SSL_CERT_DIR:-$SSL_DIR}}
+else
+ CERTS=$*
+fi
+
+IFS=': '
+for i in $CERTS
+do
+ (
+ IFS=' '
+ if [ -d $i -a -w $i ]; then
+ cd $i
+ echo "Doing $i"
+ for i in *.pem
+ do
+ if [ $i != '*.pem' ]; then
+ h=`$SSLEAY x509 -hash -noout -in $i`
+ if [ "x$h" = "x" ]; then
+ echo $i does not contain a certificate
+ else
+ if [ -f $h.0 ]; then
+ /bin/rm -f $h.0
+ fi
+ echo "$i => $h.0"
+ ln -s $i $h.0
+ fi
+ fi
+ done
+ fi
+ )
+done
diff --git a/src/lib/libssl/src/util/FreeBSD.sh b/src/lib/libssl/src/util/FreeBSD.sh
new file mode 100644
index 0000000000..db8edfc6aa
--- /dev/null
+++ b/src/lib/libssl/src/util/FreeBSD.sh
@@ -0,0 +1,6 @@
+#!/bin/sh
+
+perl util/perlpath.pl /usr/bin
+perl util/ssldir.pl /usr/local
+perl util/mk1mf.pl FreeBSD >Makefile.FreeBSD
+perl Configure FreeBSD
diff --git a/src/lib/libssl/src/util/add_cr.pl b/src/lib/libssl/src/util/add_cr.pl
new file mode 100644
index 0000000000..ddd6d61e2d
--- /dev/null
+++ b/src/lib/libssl/src/util/add_cr.pl
@@ -0,0 +1,123 @@
+#!/usr/bin/perl
+#
+# This adds a copyright message to a souce code file.
+# It also gets the file name correct.
+#
+# perl util/add_cr.pl *.[ch] */*.[ch] */*/*.[ch]
+#
+
+foreach (@ARGV)
+ {
+ &dofile($_);
+ }
+
+sub dofile
+ {
+ local($file)=@_;
+
+ open(IN,"<$file") || die "unable to open $file:$!\n";
+
+ print STDERR "doing $file\n";
+ @in=<IN>;
+
+ return(1) if ($in[0] =~ / NOCW /);
+
+ @out=();
+ open(OUT,">$file.out") || die "unable to open $file.$$:$!\n";
+ push(@out,"/* $file */\n");
+ if (($in[1] !~ /^\/\* Copyright \(C\) [0-9-]+ Eric Young \(eay\@cryptsoft.com\)/))
+ {
+ push(@out,&Copyright);
+ $i=2;
+ @a=grep(/ Copyright \(C\) /,@in);
+ if ($#a >= 0)
+ {
+ while (($i <= $#in) && ($in[$i] ne " */\n"))
+ { $i++; }
+ $i++ if ($in[$i] eq " */\n");
+
+ while (($i <= $#in) && ($in[$i] =~ /^\s*$/))
+ { $i++; }
+
+ push(@out,"\n");
+ for ( ; $i <= $#in; $i++)
+ { push(@out,$in[$i]); }
+ }
+ else
+ { push(@out,@in); }
+ }
+ else
+ {
+ shift(@in);
+ push(@out,@in);
+ }
+ print OUT @out;
+ close(IN);
+ close(OUT);
+ rename("$file","$file.orig") || die "unable to rename $file:$!\n";
+ rename("$file.out",$file) || die "unable to rename $file.out:$!\n";
+ }
+
+
+
+sub Copyright
+ {
+ return <<'EOF';
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+EOF
+ }
diff --git a/src/lib/libssl/src/util/bat.sh b/src/lib/libssl/src/util/bat.sh
new file mode 100644
index 0000000000..c6f48e8a7b
--- /dev/null
+++ b/src/lib/libssl/src/util/bat.sh
@@ -0,0 +1,132 @@
+#!/usr/local/bin/perl
+
+$infile="/home/eay/ssl/SSLeay/MINFO";
+
+open(IN,"<$infile") || die "unable to open $infile:$!\n";
+$_=<IN>;
+for (;;)
+ {
+ chop;
+
+ ($key,$val)=/^([^=]+)=(.*)/;
+ if ($key eq "RELATIVE_DIRECTORY")
+ {
+ if ($lib ne "")
+ {
+ $uc=$lib;
+ $uc =~ s/^lib(.*)\.a/$1/;
+ $uc =~ tr/a-z/A-Z/;
+ $lib_nam{$uc}=$uc;
+ $lib_obj{$uc}.=$libobj." ";
+ }
+ last if ($val eq "FINISHED");
+ $lib="";
+ $libobj="";
+ $dir=$val;
+ }
+
+ if ($key eq "TEST")
+ { $test.=&var_add($dir,$val); }
+
+ if (($key eq "PROGS") || ($key eq "E_OBJ"))
+ { $e_exe.=&var_add($dir,$val); }
+
+ if ($key eq "LIB")
+ {
+ $lib=$val;
+ $lib =~ s/^.*\/([^\/]+)$/$1/;
+ }
+
+ if ($key eq "EXHEADER")
+ { $exheader.=&var_add($dir,$val); }
+
+ if ($key eq "HEADER")
+ { $header.=&var_add($dir,$val); }
+
+ if ($key eq "LIBSRC")
+ { $libsrc.=&var_add($dir,$val); }
+
+ if (!($_=<IN>))
+ { $_="RELATIVE_DIRECTORY=FINISHED\n"; }
+ }
+close(IN);
+
+@a=split(/\s+/,$libsrc);
+foreach (@a)
+ {
+ print "${_}.c\n";
+ }
+
+sub var_add
+ {
+ local($dir,$val)=@_;
+ local(@a,$_,$ret);
+
+ return("") if $no_idea && $dir =~ /\/idea/;
+ return("") if $no_rc2 && $dir =~ /\/rc2/;
+ return("") if $no_rc4 && $dir =~ /\/rc4/;
+ return("") if $no_rsa && $dir =~ /\/rsa/;
+ return("") if $no_rsa && $dir =~ /^rsaref/;
+ return("") if $no_dsa && $dir =~ /\/dsa/;
+ return("") if $no_dh && $dir =~ /\/dh/;
+ if ($no_des && $dir =~ /\/des/)
+ {
+ if ($val =~ /read_pwd/)
+ { return("$dir/read_pwd "); }
+ else
+ { return(""); }
+ }
+ return("") if $no_mdc2 && $dir =~ /\/mdc2/;
+ return("") if $no_sock && $dir =~ /\/proxy/;
+ return("") if $no_bf && $dir =~ /\/bf/;
+ return("") if $no_cast && $dir =~ /\/cast/;
+
+ $val =~ s/^\s*(.*)\s*$/$1/;
+ @a=split(/\s+/,$val);
+ grep(s/\.[och]$//,@a);
+
+ @a=grep(!/^e_.*_3d$/,@a) if $no_des;
+ @a=grep(!/^e_.*_d$/,@a) if $no_des;
+ @a=grep(!/^e_.*_i$/,@a) if $no_idea;
+ @a=grep(!/^e_.*_r2$/,@a) if $no_rc2;
+ @a=grep(!/^e_.*_bf$/,@a) if $no_bf;
+ @a=grep(!/^e_.*_c$/,@a) if $no_cast;
+ @a=grep(!/^e_rc4$/,@a) if $no_rc4;
+
+ @a=grep(!/(^s2_)|(^s23_)/,@a) if $no_ssl2;
+ @a=grep(!/(^s3_)|(^s23_)/,@a) if $no_ssl3;
+
+ @a=grep(!/(_sock$)|(_acpt$)|(_conn$)|(^pxy_)/,@a) if $no_sock;
+
+ @a=grep(!/(^md2)|(_md2$)/,@a) if $no_md2;
+ @a=grep(!/(^md5)|(_md5$)/,@a) if $no_md5;
+
+ @a=grep(!/(^d2i_r_)|(^i2d_r_)/,@a) if $no_rsa;
+ @a=grep(!/(^p_open$)|(^p_seal$)/,@a) if $no_rsa;
+ @a=grep(!/(^pem_seal$)/,@a) if $no_rsa;
+
+ @a=grep(!/(m_dss$)|(m_dss1$)/,@a) if $no_dsa;
+ @a=grep(!/(^d2i_s_)|(^i2d_s_)|(_dsap$)/,@a) if $no_dsa;
+
+ @a=grep(!/^n_pkey$/,@a) if $no_rsa || $no_rc4;
+
+ @a=grep(!/_dhp$/,@a) if $no_dh;
+
+ @a=grep(!/(^sha[^1])|(_sha$)|(m_dss$)/,@a) if $no_sha;
+ @a=grep(!/(^sha1)|(_sha1$)|(m_dss1$)/,@a) if $no_sha1;
+ @a=grep(!/_mdc2$/,@a) if $no_mdc2;
+
+ @a=grep(!/(^rsa$)|(^genrsa$)|(^req$)|(^ca$)/,@a) if $no_rsa;
+ @a=grep(!/(^dsa$)|(^gendsa$)|(^dsaparam$)/,@a) if $no_dsa;
+ @a=grep(!/^gendsa$/,@a) if $no_sha1;
+ @a=grep(!/(^dh$)|(^gendh$)/,@a) if $no_dh;
+
+ @a=grep(!/(^dh)|(_sha1$)|(m_dss1$)/,@a) if $no_sha1;
+
+ grep($_="$dir/$_",@a);
+ @a=grep(!/(^|\/)s_/,@a) if $no_sock;
+ @a=grep(!/(^|\/)bio_sock/,@a) if $no_sock;
+ $ret=join(' ',@a)." ";
+ return($ret);
+ }
+
diff --git a/src/lib/libssl/src/util/ck_errf.pl b/src/lib/libssl/src/util/ck_errf.pl
new file mode 100644
index 0000000000..c5764e40df
--- /dev/null
+++ b/src/lib/libssl/src/util/ck_errf.pl
@@ -0,0 +1,44 @@
+#!/usr/bin/perl
+#
+# This is just a quick script to scan for cases where the 'error'
+# function name in a XXXerr() macro is wrong.
+#
+# Run in the top level by going
+# perl util/ck_errf.pl */*.c */*/*.c
+#
+
+foreach $file (@ARGV)
+ {
+ open(IN,"<$file") || die "unable to open $file\n";
+ $func="";
+ while (<IN>)
+ {
+ if (/^[a-zA-Z].+[\s*]([A-Za-z_0-9]+)\(.*\)/)
+ {
+ $func=$1;
+ $func =~ tr/A-Z/a-z/;
+ }
+ if (/([A-Z0-9]+)err\(([^,]+)/)
+ {
+ next if ($func eq "");
+ $errlib=$1;
+ $n=$2;
+ if ($n !~ /([^_]+)_F_(.+)$/)
+ {
+ # print "check -$file:$.:$func:$n\n";
+ next;
+ }
+ $lib=$1;
+ $n=$2;
+
+ if ($lib ne $errlib)
+ { print "$file:$.:$func:$n\n"; next; }
+
+ $n =~ tr/A-Z/a-z/;
+ if (($n ne $func) && ($errlib ne "SYS"))
+ { print "$file:$.:$func:$n\n"; next; }
+ # print "$func:$1\n";
+ }
+ }
+ }
+
diff --git a/src/lib/libssl/src/util/deleof.pl b/src/lib/libssl/src/util/deleof.pl
new file mode 100644
index 0000000000..04f30f0e47
--- /dev/null
+++ b/src/lib/libssl/src/util/deleof.pl
@@ -0,0 +1,7 @@
+#!/usr/bin/perl
+
+while (<>)
+ {
+ print
+ last if (/^# DO NOT DELETE THIS LINE/);
+ }
diff --git a/src/lib/libssl/src/util/do_ms.sh b/src/lib/libssl/src/util/do_ms.sh
new file mode 100644
index 0000000000..f498d842b7
--- /dev/null
+++ b/src/lib/libssl/src/util/do_ms.sh
@@ -0,0 +1,17 @@
+#!/bin/sh
+#
+# generate the Microsoft makefiles and .def files
+#
+
+PATH=util:../util:$PATH
+
+# perl util/mk1mf.pl VC-MSDOS no-sock >ms/msdos.mak
+# perl util/mk1mf.pl VC-W31-32 >ms/w31.mak
+perl util/mk1mf.pl VC-WIN16 dll >ms/w31dll.mak
+# perl util/mk1mf.pl VC-WIN32 >ms/nt.mak
+perl util/mk1mf.pl VC-WIN32 dll >ms/ntdll.mak
+
+perl util/mkdef.pl 16 libeay > ms/libeay16.def
+perl util/mkdef.pl 32 libeay > ms/libeay32.def
+perl util/mkdef.pl 16 ssleay > ms/ssleay16.def
+perl util/mkdef.pl 32 ssleay > ms/ssleay32.def
diff --git a/src/lib/libssl/src/util/err-ins.pl b/src/lib/libssl/src/util/err-ins.pl
new file mode 100644
index 0000000000..db1bb48275
--- /dev/null
+++ b/src/lib/libssl/src/util/err-ins.pl
@@ -0,0 +1,33 @@
+#!/usr/bin/perl
+#
+# tack error codes onto the end of a file
+#
+
+open(ERR,$ARGV[0]) || die "unable to open error file '$ARGV[0]':$!\n";
+@err=<ERR>;
+close(ERR);
+
+open(IN,$ARGV[1]) || die "unable to open header file '$ARGV[1]':$!\n";
+
+@out="";
+while (<IN>)
+ {
+ push(@out,$_);
+ last if /BEGIN ERROR CODES/;
+ }
+close(IN);
+
+open(OUT,">$ARGV[1]") || die "unable to open header file '$ARGV[1]':$1\n";
+print OUT @out;
+print OUT @err;
+print OUT <<"EOF";
+
+#ifdef __cplusplus
+}
+#endif
+#endif
+
+EOF
+close(OUT);
+
+
diff --git a/src/lib/libssl/src/util/files.pl b/src/lib/libssl/src/util/files.pl
new file mode 100644
index 0000000000..bf3b7effdc
--- /dev/null
+++ b/src/lib/libssl/src/util/files.pl
@@ -0,0 +1,61 @@
+#!/usr/bin/perl
+#
+# used to generate the file MINFO for use by util/mk1mf.pl
+# It is basically a list of all variables from the passed makefile
+#
+
+$s="";
+while (<>)
+ {
+ chop;
+ s/#.*//;
+ if (/^(\S+)\s*=\s*(.*)$/)
+ {
+ $o="";
+ ($s,$b)=($1,$2);
+ for (;;)
+ {
+ if ($b =~ /\\$/)
+ {
+ chop($b);
+ $o.=$b." ";
+ $b=<>;
+ chop($b);
+ }
+ else
+ {
+ $o.=$b." ";
+ last;
+ }
+ }
+ $o =~ s/^\s+//;
+ $o =~ s/\s+$//;
+ $o =~ s/\s+/ /g;
+
+ $o =~ s/\$[({]([^)}]+)[)}]/$sym{$1}/g;
+ $sym{$s}=$o;
+ }
+ }
+
+$pwd=`pwd`; chop($pwd);
+
+if ($sym{'TOP'} eq ".")
+ {
+ $n=0;
+ $dir=".";
+ }
+else {
+ $n=split(/\//,$sym{'TOP'});
+ @_=split(/\//,$pwd);
+ $z=$#_-$n+1;
+ foreach $i ($z .. $#_) { $dir.=$_[$i]."/"; }
+ chop($dir);
+ }
+
+print "RELATIVE_DIRECTORY=$dir\n";
+
+foreach (sort keys %sym)
+ {
+ print "$_=$sym{$_}\n";
+ }
+print "RELATIVE_DIRECTORY=\n";
diff --git a/src/lib/libssl/src/util/fixNT.sh b/src/lib/libssl/src/util/fixNT.sh
new file mode 100644
index 0000000000..ce4f19299b
--- /dev/null
+++ b/src/lib/libssl/src/util/fixNT.sh
@@ -0,0 +1,14 @@
+#!/bin/sh
+#
+# clean up the mess that NT makes of my source tree
+#
+
+if [ -f makefile.ssl -a ! -f Makefile.ssl ]; then
+ /bin/mv makefile.ssl Makefile.ssl
+fi
+chmod +x Configure util/*
+echo cleaning
+/bin/rm -f `find . -name '*.$$$' -print` 2>/dev/null >/dev/null
+echo 'removing those damn ^M'
+perl -pi -e 's/\015//' `find . -type 'f' -print |grep -v '.obj$' |grep -v '.der$' |grep -v '.gz'`
+make -f Makefile.ssl links
diff --git a/src/lib/libssl/src/util/install.sh b/src/lib/libssl/src/util/install.sh
new file mode 100644
index 0000000000..e1d0c982df
--- /dev/null
+++ b/src/lib/libssl/src/util/install.sh
@@ -0,0 +1,108 @@
+#!/bin/sh
+#
+# install - install a program, script, or datafile
+# This comes from X11R5; it is not part of GNU.
+#
+# $XConsortium: install.sh,v 1.2 89/12/18 14:47:22 jim Exp $
+#
+# This script is compatible with the BSD install script, but was written
+# from scratch.
+#
+
+
+# set DOITPROG to echo to test this script
+
+doit="${DOITPROG:-}"
+
+
+# put in absolute paths if you don't have them in your path; or use env. vars.
+
+mvprog="${MVPROG:-mv}"
+cpprog="${CPPROG:-cp}"
+chmodprog="${CHMODPROG:-chmod}"
+chownprog="${CHOWNPROG:-chown}"
+chgrpprog="${CHGRPPROG:-chgrp}"
+stripprog="${STRIPPROG:-strip}"
+rmprog="${RMPROG:-rm}"
+
+instcmd="$mvprog"
+chmodcmd=""
+chowncmd=""
+chgrpcmd=""
+stripcmd=""
+rmcmd="$rmprog -f"
+src=""
+dst=""
+
+while [ x"$1" != x ]; do
+ case $1 in
+ -c) instcmd="$cpprog"
+ shift
+ continue;;
+
+ -m) chmodcmd="$chmodprog $2"
+ shift
+ shift
+ continue;;
+
+ -o) chowncmd="$chownprog $2"
+ shift
+ shift
+ continue;;
+
+ -g) chgrpcmd="$chgrpprog $2"
+ shift
+ shift
+ continue;;
+
+ -s) stripcmd="$stripprog"
+ shift
+ continue;;
+
+ *) if [ x"$src" = x ]
+ then
+ src=$1
+ else
+ dst=$1
+ fi
+ shift
+ continue;;
+ esac
+done
+
+if [ x"$src" = x ]
+then
+ echo "install: no input file specified"
+ exit 1
+fi
+
+if [ x"$dst" = x ]
+then
+ echo "install: no destination specified"
+ exit 1
+fi
+
+
+# if destination is a directory, append the input filename; if your system
+# does not like double slashes in filenames, you may need to add some logic
+
+if [ -d $dst ]
+then
+ dst="$dst"/`basename $src`
+fi
+
+
+# get rid of the old one and mode the new one in
+
+$doit $rmcmd $dst
+$doit $instcmd $src $dst
+
+
+# and set any options; do chmod last to preserve setuid bits
+
+if [ x"$chowncmd" != x ]; then $doit $chowncmd $dst; fi
+if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dst; fi
+if [ x"$stripcmd" != x ]; then $doit $stripcmd $dst; fi
+if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dst; fi
+
+exit 0
diff --git a/src/lib/libssl/src/util/libeay.num b/src/lib/libssl/src/util/libeay.num
new file mode 100644
index 0000000000..fcaf254287
--- /dev/null
+++ b/src/lib/libssl/src/util/libeay.num
@@ -0,0 +1,1065 @@
+SSLeay 1
+SSLeay_version 2
+ASN1_BIT_STRING_asn1_meth 3
+ASN1_HEADER_free 4
+ASN1_HEADER_new 5
+ASN1_IA5STRING_asn1_meth 6
+ASN1_INTEGER_get 7
+ASN1_INTEGER_set 8
+ASN1_INTEGER_to_BN 9
+ASN1_OBJECT_create 10
+ASN1_OBJECT_free 11
+ASN1_OBJECT_new 12
+ASN1_PRINTABLE_type 13
+ASN1_STRING_cmp 14
+ASN1_STRING_dup 15
+ASN1_STRING_free 16
+ASN1_STRING_new 17
+ASN1_STRING_print 18
+ASN1_STRING_set 19
+ASN1_STRING_type_new 20
+ASN1_TYPE_free 21
+ASN1_TYPE_new 22
+ASN1_UNIVERSALSTRING_to_string 23
+ASN1_UTCTIME_check 24
+ASN1_UTCTIME_print 25
+ASN1_UTCTIME_set 26
+ASN1_check_infinite_end 27
+ASN1_d2i_bio 28
+ASN1_d2i_fp 29
+ASN1_digest 30
+ASN1_dup 31
+ASN1_get_object 32
+ASN1_i2d_bio 33
+ASN1_i2d_fp 34
+ASN1_object_size 35
+ASN1_parse 36
+ASN1_put_object 37
+ASN1_sign 38
+ASN1_verify 39
+BF_cbc_encrypt 40
+BF_cfb64_encrypt 41
+BF_ecb_encrypt 42
+BF_encrypt 43
+BF_ofb64_encrypt 44
+BF_options 45
+BF_set_key 46
+BIO_CONNECT_free 47
+BIO_CONNECT_new 48
+BIO_accept 51
+BIO_ctrl 52
+BIO_int_ctrl 53
+BIO_debug_callback 54
+BIO_dump 55
+BIO_dup_chain 56
+BIO_f_base64 57
+BIO_f_buffer 58
+BIO_f_cipher 59
+BIO_f_md 60
+BIO_f_null 61
+BIO_f_proxy_server 62
+BIO_fd_non_fatal_error 63
+BIO_fd_should_retry 64
+BIO_find_type 65
+BIO_free 66
+BIO_free_all 67
+BIO_get_accept_socket 69
+BIO_get_filter_bio 70
+BIO_get_host_ip 71
+BIO_get_port 72
+BIO_get_retry_BIO 73
+BIO_get_retry_reason 74
+BIO_gethostbyname 75
+BIO_gets 76
+BIO_new 78
+BIO_new_accept 79
+BIO_new_connect 80
+BIO_new_fd 81
+BIO_new_file 82
+BIO_new_fp 83
+BIO_new_socket 84
+BIO_pop 85
+BIO_printf 86
+BIO_push 87
+BIO_puts 88
+BIO_read 89
+BIO_s_accept 90
+BIO_s_connect 91
+BIO_s_fd 92
+BIO_s_file 93
+BIO_s_mem 95
+BIO_s_null 96
+BIO_s_proxy_client 97
+BIO_s_socket 98
+BIO_set 100
+BIO_set_cipher 101
+BIO_set_tcp_ndelay 102
+BIO_sock_cleanup 103
+BIO_sock_error 104
+BIO_sock_init 105
+BIO_sock_non_fatal_error 106
+BIO_sock_should_retry 107
+BIO_socket_ioctl 108
+BIO_write 109
+BN_CTX_free 110
+BN_CTX_new 111
+BN_MONT_CTX_free 112
+BN_MONT_CTX_new 113
+BN_MONT_CTX_set 114
+BN_add 115
+BN_add_word 116
+BN_hex2bn 117
+BN_bin2bn 118
+BN_bn2hex 119
+BN_bn2bin 120
+BN_clear 121
+BN_clear_bit 122
+BN_clear_free 123
+BN_cmp 124
+BN_copy 125
+BN_div 126
+BN_div_word 127
+BN_dup 128
+BN_free 129
+BN_from_montgomery 130
+BN_gcd 131
+BN_generate_prime 132
+BN_get_word 133
+BN_is_bit_set 134
+BN_is_prime 135
+BN_lshift 136
+BN_lshift1 137
+BN_mask_bits 138
+BN_mod 139
+BN_mod_exp 140
+BN_mod_exp_mont 141
+BN_mod_exp_recp 142
+BN_mod_exp_simple 143
+BN_mod_inverse 144
+BN_mod_mul 145
+BN_mod_mul_montgomery 146
+BN_mod_mul_reciprocal 147
+BN_mod_word 148
+BN_mul 149
+BN_new 150
+BN_num_bits 151
+BN_num_bits_word 152
+BN_options 153
+BN_print 154
+BN_print_fp 155
+BN_rand 156
+BN_reciprocal 157
+BN_rshift 158
+BN_rshift1 159
+BN_set_bit 160
+BN_set_word 161
+BN_sqr 162
+BN_sub 163
+BN_to_ASN1_INTEGER 164
+BN_ucmp 165
+BN_value_one 166
+BUF_MEM_free 167
+BUF_MEM_grow 168
+BUF_MEM_new 169
+BUF_strdup 170
+CONF_free 171
+CONF_get_number 172
+CONF_get_section 173
+CONF_get_string 174
+CONF_load 175
+CRYPTO_add_lock 176
+CRYPTO_dbg_free 177
+CRYPTO_dbg_malloc 178
+CRYPTO_dbg_realloc 179
+CRYPTO_dbg_remalloc 180
+CRYPTO_free 181
+CRYPTO_get_add_lock_callback 182
+CRYPTO_get_id_callback 183
+CRYPTO_get_lock_name 184
+CRYPTO_get_locking_callback 185
+CRYPTO_get_mem_functions 186
+CRYPTO_lock 187
+CRYPTO_malloc 188
+CRYPTO_mem_ctrl 189
+CRYPTO_mem_leaks 190
+CRYPTO_mem_leaks_cb 191
+CRYPTO_mem_leaks_fp 192
+CRYPTO_realloc 193
+CRYPTO_remalloc 194
+CRYPTO_set_add_lock_callback 195
+CRYPTO_set_id_callback 196
+CRYPTO_set_locking_callback 197
+CRYPTO_set_mem_functions 198
+CRYPTO_thread_id 199
+DH_check 200
+DH_compute_key 201
+DH_free 202
+DH_generate_key 203
+DH_generate_parameters 204
+DH_new 205
+DH_size 206
+DHparams_print 207
+DHparams_print_fp 208
+DSA_free 209
+DSA_generate_key 210
+DSA_generate_parameters 211
+DSA_is_prime 212
+DSA_new 213
+DSA_print 214
+DSA_print_fp 215
+DSA_sign 216
+DSA_sign_setup 217
+DSA_size 218
+DSA_verify 219
+DSAparams_print 220
+DSAparams_print_fp 221
+ERR_clear_error 222
+ERR_error_string 223
+ERR_free_strings 224
+ERR_func_error_string 225
+ERR_get_err_state_table 226
+ERR_get_error 227
+ERR_get_error_line 228
+ERR_get_state 229
+ERR_get_string_table 230
+ERR_lib_error_string 231
+ERR_load_ASN1_strings 232
+ERR_load_BIO_strings 233
+ERR_load_BN_strings 234
+ERR_load_BUF_strings 235
+ERR_load_CONF_strings 236
+ERR_load_DH_strings 237
+ERR_load_DSA_strings 238
+ERR_load_ERR_strings 239
+ERR_load_EVP_strings 240
+ERR_load_OBJ_strings 241
+ERR_load_PEM_strings 242
+ERR_load_PROXY_strings 243
+ERR_load_RSA_strings 244
+ERR_load_X509_strings 245
+ERR_load_crypto_strings 246
+ERR_load_strings 247
+ERR_peek_error 248
+ERR_peek_error_line 249
+ERR_print_errors 250
+ERR_print_errors_fp 251
+ERR_put_error 252
+ERR_reason_error_string 253
+ERR_remove_state 254
+EVP_BytesToKey 255
+EVP_CIPHER_CTX_cleanup 256
+EVP_CipherFinal 257
+EVP_CipherInit 258
+EVP_CipherUpdate 259
+EVP_DecodeBlock 260
+EVP_DecodeFinal 261
+EVP_DecodeInit 262
+EVP_DecodeUpdate 263
+EVP_DecryptFinal 264
+EVP_DecryptInit 265
+EVP_DecryptUpdate 266
+EVP_DigestFinal 267
+EVP_DigestInit 268
+EVP_DigestUpdate 269
+EVP_EncodeBlock 270
+EVP_EncodeFinal 271
+EVP_EncodeInit 272
+EVP_EncodeUpdate 273
+EVP_EncryptFinal 274
+EVP_EncryptInit 275
+EVP_EncryptUpdate 276
+EVP_OpenFinal 277
+EVP_OpenInit 278
+EVP_PKEY_assign 279
+EVP_PKEY_copy_parameters 280
+EVP_PKEY_free 281
+EVP_PKEY_missing_parameters 282
+EVP_PKEY_new 283
+EVP_PKEY_save_parameters 284
+EVP_PKEY_size 285
+EVP_PKEY_type 286
+EVP_SealFinal 287
+EVP_SealInit 288
+EVP_SignFinal 289
+EVP_VerifyFinal 290
+EVP_add_alias 291
+EVP_add_cipher 292
+EVP_add_digest 293
+EVP_bf_cbc 294
+EVP_bf_cfb 295
+EVP_bf_ecb 296
+EVP_bf_ofb 297
+EVP_cleanup 298
+EVP_des_cbc 299
+EVP_des_cfb 300
+EVP_des_ecb 301
+EVP_des_ede 302
+EVP_des_ede3 303
+EVP_des_ede3_cbc 304
+EVP_des_ede3_cfb 305
+EVP_des_ede3_ofb 306
+EVP_des_ede_cbc 307
+EVP_des_ede_cfb 308
+EVP_des_ede_ofb 309
+EVP_des_ofb 310
+EVP_desx_cbc 311
+EVP_dss 312
+EVP_dss1 313
+EVP_enc_null 314
+EVP_get_cipherbyname 315
+EVP_get_digestbyname 316
+EVP_get_pw_prompt 317
+EVP_idea_cbc 318
+EVP_idea_cfb 319
+EVP_idea_ecb 320
+EVP_idea_ofb 321
+EVP_md2 322
+EVP_md5 323
+EVP_md_null 324
+EVP_rc2_cbc 325
+EVP_rc2_cfb 326
+EVP_rc2_ecb 327
+EVP_rc2_ofb 328
+EVP_rc4 329
+EVP_read_pw_string 330
+EVP_set_pw_prompt 331
+EVP_sha 332
+EVP_sha1 333
+MD2 334
+MD2_Final 335
+MD2_Init 336
+MD2_Update 337
+MD2_options 338
+MD5 339
+MD5_Final 340
+MD5_Init 341
+MD5_Update 342
+MDC2 343
+MDC2_Final 344
+MDC2_Init 345
+MDC2_Update 346
+NETSCAPE_SPKAC_free 347
+NETSCAPE_SPKAC_new 348
+NETSCAPE_SPKI_free 349
+NETSCAPE_SPKI_new 350
+NETSCAPE_SPKI_sign 351
+NETSCAPE_SPKI_verify 352
+OBJ_add_object 353
+OBJ_bsearch 354
+OBJ_cleanup 355
+OBJ_cmp 356
+OBJ_create 357
+OBJ_dup 358
+OBJ_ln2nid 359
+OBJ_new_nid 360
+OBJ_nid2ln 361
+OBJ_nid2obj 362
+OBJ_nid2sn 363
+OBJ_obj2nid 364
+OBJ_sn2nid 365
+OBJ_txt2nid 366
+PEM_ASN1_read 367
+PEM_ASN1_read_bio 368
+PEM_ASN1_write 369
+PEM_ASN1_write_bio 370
+PEM_SealFinal 371
+PEM_SealInit 372
+PEM_SealUpdate 373
+PEM_SignFinal 374
+PEM_SignInit 375
+PEM_SignUpdate 376
+PEM_X509_INFO_read 377
+PEM_X509_INFO_read_bio 378
+PEM_X509_INFO_write_bio 379
+PEM_dek_info 380
+PEM_do_header 381
+PEM_get_EVP_CIPHER_INFO 382
+PEM_proc_type 383
+PEM_read 384
+PEM_read_DHparams 385
+PEM_read_DSAPrivateKey 386
+PEM_read_DSAparams 387
+PEM_read_PKCS7 388
+PEM_read_PrivateKey 389
+PEM_read_RSAPrivateKey 390
+PEM_read_X509 391
+PEM_read_X509_CRL 392
+PEM_read_X509_REQ 393
+PEM_read_bio 394
+PEM_read_bio_DHparams 395
+PEM_read_bio_DSAPrivateKey 396
+PEM_read_bio_DSAparams 397
+PEM_read_bio_PKCS7 398
+PEM_read_bio_PrivateKey 399
+PEM_read_bio_RSAPrivateKey 400
+PEM_read_bio_X509 401
+PEM_read_bio_X509_CRL 402
+PEM_read_bio_X509_REQ 403
+PEM_write 404
+PEM_write_DHparams 405
+PEM_write_DSAPrivateKey 406
+PEM_write_DSAparams 407
+PEM_write_PKCS7 408
+PEM_write_PrivateKey 409
+PEM_write_RSAPrivateKey 410
+PEM_write_X509 411
+PEM_write_X509_CRL 412
+PEM_write_X509_REQ 413
+PEM_write_bio 414
+PEM_write_bio_DHparams 415
+PEM_write_bio_DSAPrivateKey 416
+PEM_write_bio_DSAparams 417
+PEM_write_bio_PKCS7 418
+PEM_write_bio_PrivateKey 419
+PEM_write_bio_RSAPrivateKey 420
+PEM_write_bio_X509 421
+PEM_write_bio_X509_CRL 422
+PEM_write_bio_X509_REQ 423
+PKCS7_DIGEST_free 424
+PKCS7_DIGEST_new 425
+PKCS7_ENCRYPT_free 426
+PKCS7_ENCRYPT_new 427
+PKCS7_ENC_CONTENT_free 428
+PKCS7_ENC_CONTENT_new 429
+PKCS7_ENVELOPE_free 430
+PKCS7_ENVELOPE_new 431
+PKCS7_ISSUER_AND_SERIAL_digest 432
+PKCS7_ISSUER_AND_SERIAL_free 433
+PKCS7_ISSUER_AND_SERIAL_new 434
+PKCS7_RECIP_INFO_free 435
+PKCS7_RECIP_INFO_new 436
+PKCS7_SIGNED_free 437
+PKCS7_SIGNED_new 438
+PKCS7_SIGNER_INFO_free 439
+PKCS7_SIGNER_INFO_new 440
+PKCS7_SIGN_ENVELOPE_free 441
+PKCS7_SIGN_ENVELOPE_new 442
+PKCS7_dup 443
+PKCS7_free 444
+PKCS7_new 445
+PROXY_ENTRY_add_noproxy 446
+PROXY_ENTRY_clear_noproxy 447
+PROXY_ENTRY_free 448
+PROXY_ENTRY_get_noproxy 449
+PROXY_ENTRY_new 450
+PROXY_ENTRY_set_server 451
+PROXY_add_noproxy 452
+PROXY_add_server 453
+PROXY_check_by_host 454
+PROXY_check_url 455
+PROXY_clear_noproxy 456
+PROXY_free 457
+PROXY_get_noproxy 458
+PROXY_get_proxies 459
+PROXY_get_proxy_entry 460
+PROXY_load_conf 461
+PROXY_new 462
+PROXY_print 463
+RAND_bytes 464
+RAND_cleanup 465
+RAND_file_name 466
+RAND_load_file 467
+RAND_screen 468
+RAND_seed 469
+RAND_write_file 470
+RC2_cbc_encrypt 471
+RC2_cfb64_encrypt 472
+RC2_ecb_encrypt 473
+RC2_encrypt 474
+RC2_ofb64_encrypt 475
+RC2_set_key 476
+RC4 477
+RC4_options 478
+RC4_set_key 479
+RSAPrivateKey_asn1_meth 480
+RSAPrivateKey_dup 481
+RSAPublicKey_dup 482
+RSA_PKCS1_SSLeay 483
+RSA_free 484
+RSA_generate_key 485
+RSA_new 486
+RSA_new_method 487
+RSA_print 488
+RSA_print_fp 489
+RSA_private_decrypt 490
+RSA_private_encrypt 491
+RSA_public_decrypt 492
+RSA_public_encrypt 493
+RSA_set_default_method 494
+RSA_sign 495
+RSA_sign_ASN1_OCTET_STRING 496
+RSA_size 497
+RSA_verify 498
+RSA_verify_ASN1_OCTET_STRING 499
+SHA 500
+SHA1 501
+SHA1_Final 502
+SHA1_Init 503
+SHA1_Update 504
+SHA_Final 505
+SHA_Init 506
+SHA_Update 507
+SSLeay_add_all_algorithms 508
+SSLeay_add_all_ciphers 509
+SSLeay_add_all_digests 510
+TXT_DB_create_index 511
+TXT_DB_free 512
+TXT_DB_get_by_index 513
+TXT_DB_insert 514
+TXT_DB_read 515
+TXT_DB_write 516
+X509_ALGOR_free 517
+X509_ALGOR_new 518
+X509_ATTRIBUTE_free 519
+X509_ATTRIBUTE_new 520
+X509_CINF_free 521
+X509_CINF_new 522
+X509_CRL_INFO_free 523
+X509_CRL_INFO_new 524
+X509_CRL_add_ext 525
+X509_CRL_cmp 526
+X509_CRL_delete_ext 527
+X509_CRL_dup 528
+X509_CRL_free 529
+X509_CRL_get_ext 530
+X509_CRL_get_ext_by_NID 531
+X509_CRL_get_ext_by_OBJ 532
+X509_CRL_get_ext_by_critical 533
+X509_CRL_get_ext_count 534
+X509_CRL_new 535
+X509_CRL_sign 536
+X509_CRL_verify 537
+X509_EXTENSION_create_by_NID 538
+X509_EXTENSION_create_by_OBJ 539
+X509_EXTENSION_dup 540
+X509_EXTENSION_free 541
+X509_EXTENSION_get_critical 542
+X509_EXTENSION_get_data 543
+X509_EXTENSION_get_object 544
+X509_EXTENSION_new 545
+X509_EXTENSION_set_critical 546
+X509_EXTENSION_set_data 547
+X509_EXTENSION_set_object 548
+X509_INFO_free 549
+X509_INFO_new 550
+X509_LOOKUP_by_alias 551
+X509_LOOKUP_by_fingerprint 552
+X509_LOOKUP_by_issuer_serial 553
+X509_LOOKUP_by_subject 554
+X509_LOOKUP_ctrl 555
+X509_LOOKUP_file 556
+X509_LOOKUP_free 557
+X509_LOOKUP_hash_dir 558
+X509_LOOKUP_init 559
+X509_LOOKUP_new 560
+X509_LOOKUP_shutdown 561
+X509_NAME_ENTRY_create_by_NID 562
+X509_NAME_ENTRY_create_by_OBJ 563
+X509_NAME_ENTRY_dup 564
+X509_NAME_ENTRY_free 565
+X509_NAME_ENTRY_get_data 566
+X509_NAME_ENTRY_get_object 567
+X509_NAME_ENTRY_new 568
+X509_NAME_ENTRY_set_data 569
+X509_NAME_ENTRY_set_object 570
+X509_NAME_add_entry 571
+X509_NAME_cmp 572
+X509_NAME_delete_entry 573
+X509_NAME_digest 574
+X509_NAME_dup 575
+X509_NAME_entry_count 576
+X509_NAME_free 577
+X509_NAME_get_entry 578
+X509_NAME_get_index_by_NID 579
+X509_NAME_get_index_by_OBJ 580
+X509_NAME_get_text_by_NID 581
+X509_NAME_get_text_by_OBJ 582
+X509_NAME_hash 583
+X509_NAME_new 584
+X509_NAME_oneline 585
+X509_NAME_print 586
+X509_NAME_set 587
+X509_OBJECT_free_contents 588
+X509_OBJECT_retrive_by_subject 589
+X509_OBJECT_up_ref_count 590
+X509_PKEY_free 591
+X509_PKEY_new 592
+X509_PUBKEY_free 593
+X509_PUBKEY_get 594
+X509_PUBKEY_new 595
+X509_PUBKEY_set 596
+X509_REQ_INFO_free 597
+X509_REQ_INFO_new 598
+X509_REQ_dup 599
+X509_REQ_free 600
+X509_REQ_get_pubkey 601
+X509_REQ_new 602
+X509_REQ_print 603
+X509_REQ_print_fp 604
+X509_REQ_set_pubkey 605
+X509_REQ_set_subject_name 606
+X509_REQ_set_version 607
+X509_REQ_sign 608
+X509_REQ_to_X509 609
+X509_REQ_verify 610
+X509_REVOKED_add_ext 611
+X509_REVOKED_delete_ext 612
+X509_REVOKED_free 613
+X509_REVOKED_get_ext 614
+X509_REVOKED_get_ext_by_NID 615
+X509_REVOKED_get_ext_by_OBJ 616
+X509_REVOKED_get_ext_by_critical 617
+X509_REVOKED_get_ext_count 618
+X509_REVOKED_new 619
+X509_SIG_free 620
+X509_SIG_new 621
+X509_STORE_CTX_cleanup 622
+X509_STORE_CTX_init 623
+X509_STORE_add_cert 624
+X509_STORE_add_lookup 625
+X509_STORE_free 626
+X509_STORE_get_by_subject 627
+X509_STORE_load_locations 628
+X509_STORE_new 629
+X509_STORE_set_default_paths 630
+X509_VAL_free 631
+X509_VAL_new 632
+X509_add_ext 633
+X509_asn1_meth 634
+X509_certificate_type 635
+X509_check_private_key 636
+X509_cmp_current_time 637
+X509_delete_ext 638
+X509_digest 639
+X509_dup 640
+X509_free 641
+X509_get_default_cert_area 642
+X509_get_default_cert_dir 643
+X509_get_default_cert_dir_env 644
+X509_get_default_cert_file 645
+X509_get_default_cert_file_env 646
+X509_get_default_private_dir 647
+X509_get_ext 648
+X509_get_ext_by_NID 649
+X509_get_ext_by_OBJ 650
+X509_get_ext_by_critical 651
+X509_get_ext_count 652
+X509_get_issuer_name 653
+X509_get_pubkey 654
+X509_get_pubkey_parameters 655
+X509_get_serialNumber 656
+X509_get_subject_name 657
+X509_gmtime_adj 658
+X509_issuer_and_serial_cmp 659
+X509_issuer_and_serial_hash 660
+X509_issuer_name_cmp 661
+X509_issuer_name_hash 662
+X509_load_cert_file 663
+X509_new 664
+X509_print 665
+X509_print_fp 666
+X509_set_issuer_name 667
+X509_set_notAfter 668
+X509_set_notBefore 669
+X509_set_pubkey 670
+X509_set_serialNumber 671
+X509_set_subject_name 672
+X509_set_version 673
+X509_sign 674
+X509_subject_name_cmp 675
+X509_subject_name_hash 676
+X509_to_X509_REQ 677
+X509_verify 678
+X509_verify_cert 679
+X509_verify_cert_error_string 680
+X509v3_add_ext 681
+X509v3_add_extension 682
+X509v3_add_netscape_extensions 683
+X509v3_add_standard_extensions 684
+X509v3_cleanup_extensions 685
+X509v3_data_type_by_NID 686
+X509v3_data_type_by_OBJ 687
+X509v3_delete_ext 688
+X509v3_get_ext 689
+X509v3_get_ext_by_NID 690
+X509v3_get_ext_by_OBJ 691
+X509v3_get_ext_by_critical 692
+X509v3_get_ext_count 693
+X509v3_pack_string 694
+X509v3_pack_type_by_NID 695
+X509v3_pack_type_by_OBJ 696
+X509v3_unpack_string 697
+_des_crypt 698
+a2d_ASN1_OBJECT 699
+a2i_ASN1_INTEGER 700
+a2i_ASN1_STRING 701
+asn1_Finish 702
+asn1_GetSequence 703
+bn_div64 704
+bn_expand2 705
+bn_mul_add_words 706
+bn_mul_words 707
+bn_qadd 708
+bn_qsub 709
+bn_sqr_words 710
+crypt 711
+d2i_ASN1_BIT_STRING 712
+d2i_ASN1_BOOLEAN 713
+d2i_ASN1_HEADER 714
+d2i_ASN1_IA5STRING 715
+d2i_ASN1_INTEGER 716
+d2i_ASN1_OBJECT 717
+d2i_ASN1_OCTET_STRING 718
+d2i_ASN1_PRINTABLE 719
+d2i_ASN1_PRINTABLESTRING 720
+d2i_ASN1_SET 721
+d2i_ASN1_T61STRING 722
+d2i_ASN1_TYPE 723
+d2i_ASN1_UTCTIME 724
+d2i_ASN1_bytes 725
+d2i_ASN1_type_bytes 726
+d2i_DHparams 727
+d2i_DSAPrivateKey 728
+d2i_DSAPrivateKey_bio 729
+d2i_DSAPrivateKey_fp 730
+d2i_DSAPublicKey 731
+d2i_DSAparams 732
+d2i_NETSCAPE_SPKAC 733
+d2i_NETSCAPE_SPKI 734
+d2i_Netscape_RSA 735
+d2i_PKCS7 736
+d2i_PKCS7_DIGEST 737
+d2i_PKCS7_ENCRYPT 738
+d2i_PKCS7_ENC_CONTENT 739
+d2i_PKCS7_ENVELOPE 740
+d2i_PKCS7_ISSUER_AND_SERIAL 741
+d2i_PKCS7_RECIP_INFO 742
+d2i_PKCS7_SIGNED 743
+d2i_PKCS7_SIGNER_INFO 744
+d2i_PKCS7_SIGN_ENVELOPE 745
+d2i_PKCS7_bio 746
+d2i_PKCS7_fp 747
+d2i_PrivateKey 748
+d2i_PublicKey 749
+d2i_RSAPrivateKey 750
+d2i_RSAPrivateKey_bio 751
+d2i_RSAPrivateKey_fp 752
+d2i_RSAPublicKey 753
+d2i_X509 754
+d2i_X509_ALGOR 755
+d2i_X509_ATTRIBUTE 756
+d2i_X509_CINF 757
+d2i_X509_CRL 758
+d2i_X509_CRL_INFO 759
+d2i_X509_CRL_bio 760
+d2i_X509_CRL_fp 761
+d2i_X509_EXTENSION 762
+d2i_X509_NAME 763
+d2i_X509_NAME_ENTRY 764
+d2i_X509_PKEY 765
+d2i_X509_PUBKEY 766
+d2i_X509_REQ 767
+d2i_X509_REQ_INFO 768
+d2i_X509_REQ_bio 769
+d2i_X509_REQ_fp 770
+d2i_X509_REVOKED 771
+d2i_X509_SIG 772
+d2i_X509_VAL 773
+d2i_X509_bio 774
+d2i_X509_fp 775
+des_cbc_cksum 777
+des_cbc_encrypt 778
+des_cblock_print_file 779
+des_cfb64_encrypt 780
+des_cfb_encrypt 781
+des_decrypt3 782
+des_ecb3_encrypt 783
+des_ecb_encrypt 784
+des_ede3_cbc_encrypt 785
+des_ede3_cfb64_encrypt 786
+des_ede3_ofb64_encrypt 787
+des_enc_read 788
+des_enc_write 789
+des_encrypt 790
+des_encrypt2 791
+des_encrypt3 792
+des_fcrypt 793
+des_is_weak_key 794
+des_key_sched 795
+des_ncbc_encrypt 796
+des_ofb64_encrypt 797
+des_ofb_encrypt 798
+des_options 799
+des_pcbc_encrypt 800
+des_quad_cksum 801
+des_random_key 802
+des_random_seed 803
+des_read_2passwords 804
+des_read_password 805
+des_read_pw 806
+des_read_pw_string 807
+des_set_key 808
+des_set_odd_parity 809
+des_string_to_2keys 810
+des_string_to_key 811
+des_xcbc_encrypt 812
+des_xwhite_in2out 813
+fcrypt_body 814
+i2a_ASN1_INTEGER 815
+i2a_ASN1_OBJECT 816
+i2a_ASN1_STRING 817
+i2d_ASN1_BIT_STRING 818
+i2d_ASN1_BOOLEAN 819
+i2d_ASN1_HEADER 820
+i2d_ASN1_IA5STRING 821
+i2d_ASN1_INTEGER 822
+i2d_ASN1_OBJECT 823
+i2d_ASN1_OCTET_STRING 824
+i2d_ASN1_PRINTABLE 825
+i2d_ASN1_SET 826
+i2d_ASN1_TYPE 827
+i2d_ASN1_UTCTIME 828
+i2d_ASN1_bytes 829
+i2d_DHparams 830
+i2d_DSAPrivateKey 831
+i2d_DSAPrivateKey_bio 832
+i2d_DSAPrivateKey_fp 833
+i2d_DSAPublicKey 834
+i2d_DSAparams 835
+i2d_NETSCAPE_SPKAC 836
+i2d_NETSCAPE_SPKI 837
+i2d_Netscape_RSA 838
+i2d_PKCS7 839
+i2d_PKCS7_DIGEST 840
+i2d_PKCS7_ENCRYPT 841
+i2d_PKCS7_ENC_CONTENT 842
+i2d_PKCS7_ENVELOPE 843
+i2d_PKCS7_ISSUER_AND_SERIAL 844
+i2d_PKCS7_RECIP_INFO 845
+i2d_PKCS7_SIGNED 846
+i2d_PKCS7_SIGNER_INFO 847
+i2d_PKCS7_SIGN_ENVELOPE 848
+i2d_PKCS7_bio 849
+i2d_PKCS7_fp 850
+i2d_PrivateKey 851
+i2d_PublicKey 852
+i2d_RSAPrivateKey 853
+i2d_RSAPrivateKey_bio 854
+i2d_RSAPrivateKey_fp 855
+i2d_RSAPublicKey 856
+i2d_X509 857
+i2d_X509_ALGOR 858
+i2d_X509_ATTRIBUTE 859
+i2d_X509_CINF 860
+i2d_X509_CRL 861
+i2d_X509_CRL_INFO 862
+i2d_X509_CRL_bio 863
+i2d_X509_CRL_fp 864
+i2d_X509_EXTENSION 865
+i2d_X509_NAME 866
+i2d_X509_NAME_ENTRY 867
+i2d_X509_PKEY 868
+i2d_X509_PUBKEY 869
+i2d_X509_REQ 870
+i2d_X509_REQ_INFO 871
+i2d_X509_REQ_bio 872
+i2d_X509_REQ_fp 873
+i2d_X509_REVOKED 874
+i2d_X509_SIG 875
+i2d_X509_VAL 876
+i2d_X509_bio 877
+i2d_X509_fp 878
+idea_cbc_encrypt 879
+idea_cfb64_encrypt 880
+idea_ecb_encrypt 881
+idea_encrypt 882
+idea_ofb64_encrypt 883
+idea_options 884
+idea_set_decrypt_key 885
+idea_set_encrypt_key 886
+lh_delete 887
+lh_doall 888
+lh_doall_arg 889
+lh_free 890
+lh_insert 891
+lh_new 892
+lh_node_stats 893
+lh_node_stats_bio 894
+lh_node_usage_stats 895
+lh_node_usage_stats_bio 896
+lh_retrieve 897
+lh_stats 898
+lh_stats_bio 899
+lh_strhash 900
+sk_delete 901
+sk_delete_ptr 902
+sk_dup 903
+sk_find 904
+sk_free 905
+sk_insert 906
+sk_new 907
+sk_pop 908
+sk_pop_free 909
+sk_push 910
+sk_set_cmp_func 911
+sk_shift 912
+sk_unshift 913
+sk_zero 914
+BIO_f_nbio_test 915
+ASN1_TYPE_get 916
+ASN1_TYPE_set 917
+PKCS7_content_free 918
+ERR_load_PKCS7_strings 919
+X509_find_by_issuer_and_serial 920
+X509_find_by_subject 921
+PKCS7_ctrl 927
+PKCS7_set_type 928
+PKCS7_set_content 929
+PKCS7_SIGNER_INFO_set 930
+PKCS7_add_signer 931
+PKCS7_add_certificate 932
+PKCS7_add_crl 933
+PKCS7_content_new 934
+PKCS7_dataSign 935
+PKCS7_dataVerify 936
+PKCS7_dataInit 937
+PKCS7_add_signature 938
+PKCS7_cert_from_signer_info 939
+PKCS7_get_signer_info 940
+EVP_delete_alias 941
+EVP_mdc2 942
+PEM_read_bio_RSAPublicKey 943
+PEM_write_bio_RSAPublicKey 944
+d2i_RSAPublicKey_bio 945
+i2d_RSAPublicKey_bio 946
+PEM_read_RSAPublicKey 947
+PEM_write_RSAPublicKey 949
+d2i_RSAPublicKey_fp 952
+i2d_RSAPublicKey_fp 954
+BIO_copy_next_retry 955
+RSA_flags 956
+X509_STORE_add_crl 957
+X509_load_crl_file 958
+EVP_rc2_40_cbc 959
+EVP_rc4_40 960
+EVP_CIPHER_CTX_init 961
+HMAC 962
+HMAC_Init 963
+HMAC_Update 964
+HMAC_Final 965
+ERR_get_next_error_library 966
+EVP_PKEY_cmp_parameters 967
+HMAC_cleanup 968
+BIO_ptr_ctrl 969
+BIO_new_file_internal 970
+BIO_new_fp_internal 971
+BIO_s_file_internal 972
+BN_BLINDING_convert 973
+BN_BLINDING_invert 974
+BN_BLINDING_update 975
+RSA_blinding_on 977
+RSA_blinding_off 978
+i2t_ASN1_OBJECT 979
+BN_BLINDING_new 980
+BN_BLINDING_free 981
+EVP_cast5_cbc 983
+EVP_cast5_cfb 984
+EVP_cast5_ecb 985
+EVP_cast5_ofb 986
+BF_decrypt 987
+CAST_set_key 988
+CAST_encrypt 989
+CAST_decrypt 990
+CAST_ecb_encrypt 991
+CAST_cbc_encrypt 992
+CAST_cfb64_encrypt 993
+CAST_ofb64_encrypt 994
+RC2_decrypt 995
+OBJ_create_objects 997
+BN_exp 998
+BN_mul_word 999
+BN_sub_word 1000
+BN_dec2bn 1001
+BN_bn2dec 1002
+BIO_ghbn_ctrl 1003
+CRYPTO_free_ex_data 1004
+CRYPTO_get_ex_data 1005
+CRYPTO_set_ex_data 1007
+ERR_load_CRYPTO_strings 1009
+ERR_load_CRYPTOlib_strings 1009
+EVP_PKEY_bits 1010
+MD5_Transform 1011
+SHA1_Transform 1012
+SHA_Transform 1013
+X509_STORE_CTX_get_chain 1014
+X509_STORE_CTX_get_current_cert 1015
+X509_STORE_CTX_get_error 1016
+X509_STORE_CTX_get_error_depth 1017
+X509_STORE_CTX_get_ex_data 1018
+X509_STORE_CTX_set_cert 1020
+X509_STORE_CTX_set_chain 1021
+X509_STORE_CTX_set_error 1022
+X509_STORE_CTX_set_ex_data 1023
+CRYPTO_dup_ex_data 1025
+CRYPTO_get_new_lockid 1026
+CRYPTO_new_ex_data 1027
+RSA_set_ex_data 1028
+RSA_get_ex_data 1029
+RSA_get_ex_new_index 1030
+RSA_padding_add_PKCS1_type_1 1031
+RSA_padding_add_PKCS1_type_2 1032
+RSA_padding_add_SSLv23 1033
+RSA_padding_add_none 1034
+RSA_padding_check_PKCS1_type_1 1035
+RSA_padding_check_PKCS1_type_2 1036
+RSA_padding_check_SSLv23 1037
+RSA_padding_check_none 1038
+bn_add_words 1039
+d2i_Netscape_RSA_2 1040
+CRYPTO_get_ex_new_index 1041
+RIPEMD160_Init 1042
+RIPEMD160_Update 1043
+RIPEMD160_Final 1044
+RIPEMD160 1045
+RIPEMD160_Transform 1046
+RC5_32_set_key 1047
+RC5_32_ecb_encrypt 1048
+RC5_32_encrypt 1049
+RC5_32_decrypt 1050
+RC5_32_cbc_encrypt 1051
+RC5_32_cfb64_encrypt 1052
+RC5_32_ofb64_encrypt 1053
+BN_bn2mpi 1058
+BN_mpi2bn 1059
+ASN1_BIT_STRING_get_bit 1060
+ASN1_BIT_STRING_set_bit 1061
+BIO_get_ex_data 1062
+BIO_get_ex_new_index 1063
+BIO_set_ex_data 1064
+X509_STORE_CTX_get_ex_new_index 1065
+X509v3_get_key_usage 1066
+X509v3_set_key_usage 1067
+a2i_X509v3_key_usage 1068
+i2a_X509v3_key_usage 1069
+EVP_PKEY_decrypt 1070
+EVP_PKEY_encrypt 1071
+PKCS7_RECIP_INFO_set 1072
+PKCS7_add_recipient 1073
+PKCS7_add_recipient_info 1074
+PKCS7_set_cipher 1075
+ASN1_TYPE_get_int_octetstring 1076
+ASN1_TYPE_get_octetstring 1077
+ASN1_TYPE_set_int_octetstring 1078
+ASN1_TYPE_set_octetstring 1079
+ASN1_UTCTIME_set_string 1080
+ERR_add_error_data 1081
+ERR_set_error_data 1082
+EVP_CIPHER_asn1_to_param 1083
+EVP_CIPHER_param_to_asn1 1084
+EVP_CIPHER_get_asn1_iv 1085
+EVP_CIPHER_set_asn1_iv 1086
+EVP_rc5_32_12_16_cbc 1087
+EVP_rc5_32_12_16_cfb 1088
+EVP_rc5_32_12_16_ecb 1089
+EVP_rc5_32_12_16_ofb 1090
+asn1_add_error 1091
diff --git a/src/lib/libssl/src/util/mk1mf.pl b/src/lib/libssl/src/util/mk1mf.pl
new file mode 100644
index 0000000000..149a0f4f80
--- /dev/null
+++ b/src/lib/libssl/src/util/mk1mf.pl
@@ -0,0 +1,793 @@
+#!/usr/bin/perl
+# A bit of an evil hack but it post processes the file ../MINFO which
+# is generated by `make files` in the top directory.
+# This script outputs one mega makefile that has no shell stuff or any
+# funny stuff
+#
+
+$INSTALLTOP="/usr/local/ssl";
+
+$ssl_version="0.8.2";
+
+$infile="MINFO";
+
+%ops=(
+ "VC-WIN32", "Microsoft Visual C++ 4.[01] - Windows NT [34].x",
+ "VC-W31-16", "Microsoft Visual C++ 1.52 - Windows 3.1 - 286",
+ "VC-WIN16", "Alias for VC-W31-32",
+ "VC-W31-32", "Microsoft Visual C++ 1.52 - Windows 3.1 - 386+",
+ "VC-MSDOS","Microsoft Visual C++ 1.52 - MSDOS",
+ "BC-NT", "Borland C++ 4.5 - Windows NT - PROBABLY NOT WORKING",
+ "BC-W31", "Borland C++ 4.5 - Windows 3.1 - PROBABLY NOT WORKING",
+ "BC-MSDOS","Borland C++ 4.5 - MSDOS",
+ "linux-elf","Linux elf",
+ "FreeBSD","FreeBSD distribution",
+ "default","cc under unix",
+ );
+
+$type="";
+foreach (@ARGV)
+ {
+ if (/^no-rc2$/) { $no_rc2=1; }
+ elsif (/^no-rc4$/) { $no_rc4=1; }
+ elsif (/^no-rc5$/) { $no_rc5=1; }
+ elsif (/^no-idea$/) { $no_idea=1; }
+ elsif (/^no-des$/) { $no_des=1; }
+ elsif (/^no-bf$/) { $no_bf=1; }
+ elsif (/^no-cast$/) { $no_cast=1; }
+ elsif (/^no-md2$/) { $no_md2=1; }
+ elsif (/^no-md5$/) { $no_md5=1; }
+ elsif (/^no-sha$/) { $no_sha=1; }
+ elsif (/^no-sha1$/) { $no_sha1=1; }
+ elsif (/^no-rmd160$/) { $no_rmd160=1; }
+ elsif (/^no-mdc2$/) { $no_mdc2=1; }
+ elsif (/^no-patents$/) { $no_rc2=$no_rc4=$no_rc5=$no_idea=$no_rsa=1; }
+ elsif (/^no-rsa$/) { $no_rsa=1; }
+ elsif (/^no-dsa$/) { $no_dsa=1; }
+ elsif (/^no-dh$/) { $no_dh=1; }
+ elsif (/^no-asm$/) { $no_asm=1; }
+ elsif (/^no-ssl2$/) { $no_ssl2=1; }
+ elsif (/^no-ssl3$/) { $no_ssl3=1; }
+ elsif (/^no-err$/) { $no_err=1; }
+ elsif (/^no-sock$/) { $no_sock=1; }
+
+ elsif (/^just-ssl$/) { $no_rc2=$no_idea=$no_des=$no_bf=$no_cast=1;
+ $no_md2=$no_sha=$no_mdc2=$no_dsa=$no_dh=1;
+ $no_ssl2=$no_err=1; }
+
+ elsif (/^rsaref$/) { $rsaref=1; }
+ elsif (/^gcc$/) { $gcc=1; }
+ elsif (/^debug$/) { $debug=1; }
+ elsif (/^shlib$/) { $shlib=1; }
+ elsif (/^dll$/) { $shlib=1; }
+ elsif (/^([^=]*)=(.*)$/){ $VARS{$1}=$2; }
+ elsif (/^-[lL].*$/) { $l_flags.="$_ "; }
+ elsif ((!/^-help/) && (!/^-h/) && (!/^-\?/) && /^-.*$/)
+ { $c_flags.="$_ "; }
+ else
+ {
+ if (!defined($ops{$_}))
+ {
+ print STDERR "unknown option - $_\n";
+ print STDERR "usage: perl mk1mf.pl [system] [options]\n";
+ print STDERR "\nwhere [system] can be one of the following\n";
+ foreach $i (sort keys %ops)
+ { printf STDERR "\t%-10s\t%s\n",$i,$ops{$i}; }
+ print STDERR <<"EOF";
+and [options] can be one of
+ no-md2 no-md5 no-sha no-sha1 no-mdc2 no-rmd160 - Skip this digest
+ no-rc2 no-rc4 no-idea no-des no-bf no-cast - Skip this symetric cipher
+ no-rc5
+ no-rsa no-dsa no-dh - Skip this public key cipher
+ no-ssl2 no-ssl3 - Skip this version of SSL
+ just-ssl - remove all non-ssl keys/digest
+ no-asm - No x86 asm
+ no-socks - No socket code
+ no-err - No error strings
+ dll/shlib - Build shared libraries (MS)
+ debug - Debug build
+ gcc - Use Gcc (unix)
+ rsaref - Build to require RSAref
+
+Values that can be set
+TMP=tmpdir OUT=outdir SRC=srcdir BIN=binpath INC=header-outdir CC=C-compiler
+
+-L<ex_lib_path> -l<ex_lib> - extra library flags (unix)
+-<ex_cc_flags> - extra 'cc' flags,
+ added (MS), or replace (unix)
+EOF
+ exit(1);
+ }
+ $type=$_;
+ }
+ }
+
+$no_mdc2=1 if ($no_des);
+
+$no_ssl3=1 if ($no_md5 || $no_sha1);
+$no_ssl3=1 if ($no_rsa && $no_dh);
+
+$no_ssl2=1 if ($no_md5 || $no_rsa);
+$no_ssl2=1 if ($no_rsa);
+
+$out_def="out";
+$inc_def="outinc";
+$tmp_def="tmp";
+
+
+($ssl,$crypto)=("ssl","crypto");
+$RSAglue="RSAglue";
+$ranlib="echo ranlib";
+
+$cc=(defined($VARS{'CC'}))?$VARS{'CC'}:'cc';
+$src_dir=(defined($VARS{'SRC'}))?$VARS{'SRC'}:'.';
+$bin_dir=(defined($VARS{'BIN'}))?$VARS{'BIN'}:'';
+
+# $bin_dir.=$o causes a core dump on my sparc :-(
+
+push(@INC,"util/pl","pl");
+if ($type eq "VC-MSDOS")
+ {
+ $asmbits=16;
+ $msdos=1;
+ require 'VC-16.pl';
+ }
+elsif ($type eq "VC-W31-16")
+ {
+ $asmbits=16;
+ $msdos=1; $win16=1;
+ require 'VC-16.pl';
+ }
+elsif (($type eq "VC-W31-32") || ($type eq "VC-WIN16"))
+ {
+ $asmbits=32;
+ $msdos=1; $win16=1;
+ require 'VC-16.pl';
+ }
+elsif (($type eq "VC-WIN32") || ($type eq "VC-NT"))
+ {
+ require 'VC-32.pl';
+ }
+elsif ($type eq "BC-NT")
+ {
+ $bc=1;
+ require 'BC-32.pl';
+ }
+elsif ($type eq "BC-W31")
+ {
+ $bc=1;
+ $msdos=1; $w16=1;
+ require 'BC-16.pl';
+ }
+elsif ($type eq "BC-Q16")
+ {
+ $msdos=1; $w16=1; $shlib=0; $qw=1;
+ require 'BC-16.pl';
+ }
+elsif ($type eq "BC-MSDOS")
+ {
+ $asmbits=16;
+ $msdos=1;
+ require 'BC-16.pl';
+ }
+elsif ($type eq "FreeBSD")
+ {
+ require 'unix.pl';
+ $cflags='-DTERMIO -D_ANSI_SOURCE -O2 -fomit-frame-pointer';
+ }
+elsif ($type eq "linux-elf")
+ {
+ require "unix.pl";
+ require "linux.pl";
+ $unix=1;
+ }
+else
+ {
+ require "unix.pl";
+
+ $unix=1;
+ $cflags.=' -DTERMIO';
+ }
+
+$out_dir=(defined($VARS{'OUT'}))?$VARS{'OUT'}:$out_def.($debug?".dbg":"");
+$tmp_dir=(defined($VARS{'TMP'}))?$VARS{'TMP'}:$tmp_def.($debug?".dbg":"");
+$inc_dir=(defined($VARS{'INC'}))?$VARS{'INC'}:$inc_def;
+
+$bin_dir=$bin_dir.$o unless ((substr($bin_dir,-1,1) eq $o) || ($bin_dir eq ''));
+
+$cflags.=" -DNO_IDEA" if $no_idea;
+$cflags.=" -DNO_RC2" if $no_rc2;
+$cflags.=" -DNO_RC4" if $no_rc4;
+$cflags.=" -DNO_RC5" if $no_rc5;
+$cflags.=" -DNO_MD2" if $no_md2;
+$cflags.=" -DNO_MD5" if $no_md5;
+$cflags.=" -DNO_SHA" if $no_sha;
+$cflags.=" -DNO_SHA1" if $no_sha1;
+$cflags.=" -DNO_RMD160" if $no_rmd160;
+$cflags.=" -DNO_MDC2" if $no_mdc2;
+$cflags.=" -DNO_BLOWFISH" if $no_bf;
+$cflags.=" -DNO_CAST" if $no_cast;
+$cflags.=" -DNO_DES" if $no_des;
+$cflags.=" -DNO_RSA" if $no_rsa;
+$cflags.=" -DNO_DSA" if $no_dsa;
+$cflags.=" -DNO_DH" if $no_dh;
+$cflags.=" -DNO_SOCK" if $no_sock;
+$cflags.=" -DNO_SSL2" if $no_ssl2;
+$cflags.=" -DNO_SSL3" if $no_ssl3;
+$cflags.=" -DNO_ERR" if $no_err;
+$cflags.=" -DRSAref" if $rsaref ne "";
+
+if ($unix)
+ { $cflags="$c_flags" if ($c_flags ne ""); }
+else { $cflags="$c_flags$cflags" if ($c_flags ne ""); }
+
+$ex_libs="$l_flags$ex_libs" if ($l_flags ne "");
+
+if ($ranlib ne "")
+ {
+ $ranlib="\$(SRC_D)$o$ranlib";
+ }
+
+if ($msdos)
+ {
+ $banner ="\t\@echo Make sure you have run 'perl Configure $type' in the\n";
+ $banner.="\t\@echo top level directory, if you don't have perl, you will\n";
+ $banner.="\t\@echo need to probably edit crypto/bn/bn.h, check the\n";
+ $banner.="\t\@echo documentation for details.\n";
+ }
+
+# have to do this to allow $(CC) under unix
+$link="$bin_dir$link" if ($link !~ /^\$/);
+
+$INSTALLTOP =~ s|/|$o|g;
+
+$defs= <<"EOF";
+# This makefile has been automatically generated from the SSLeay distribution.
+# This single makefile will build the complete SSLeay distribution and
+# by default leave the 'intertesting' output files in .${o}out and the stuff
+# that needs deleting in .${o}tmp.
+# The file was generated by running 'make makefile.one', which
+# does a 'make files', which writes all the environment variables from all
+# the makefiles to the file call MINFO. This file is used by
+# util${o}mk1mf.pl to generate makefile.one.
+# The 'makefile per directory' system suites me when developing this
+# library and also so I can 'distribute' indervidual library sections.
+# The one monster makefile better suits building in non-unix
+# environments.
+
+INSTALLTOP=$INSTALLTOP
+
+# Set your compiler options
+CC=$bin_dir${cc}
+CFLAG=$cflags
+APP_CFLAG=$app_cflag
+LIB_CFLAG=$lib_cflag
+SHLIB_CFLAG=$shl_cflag
+APP_EX_OBJ=$app_ex_obj
+SHLIB_EX_OBJ=$shlib_ex_obj
+# add extra libraries to this define, for solaris -lsocket -lnsl would
+# be added
+EX_LIBS=$ex_libs
+
+# The SSLeay directory
+SRC_D=$src_dir
+
+LINK=$link
+LFLAGS=$lflags
+
+BN_MULW_OBJ=$bn_mulw_obj
+BN_MULW_SRC=$bn_mulw_src
+DES_ENC_OBJ=$des_enc_obj
+DES_ENC_SRC=$des_enc_src
+DES_CRYPT_OBJ=$des_crypt_obj
+DES_CRYPT_SRC=$des_crypt_src
+BF_ENC_OBJ=$bf_enc_obj
+BF_ENC_SRC=$bf_enc_src
+CAST_ENC_OBJ=$cast_enc_obj
+CAST_ENC_SRC=$cast_enc_src
+RC4_ENC_OBJ=$rc4_enc_obj
+RC4_ENC_SRC=$rc4_enc_src
+RC5_ENC_OBJ=$rc5_enc_obj
+RC5_ENC_SRC=$rc5_enc_src
+MD5_ASM_OBJ=$md5_asm_obj
+MD5_ASM_SRC=$md5_asm_src
+SHA1_ASM_OBJ=$sha1_asm_obj
+SHA1_ASM_SRC=$sha1_asm_src
+RMD160_ASM_OBJ=$rmd160_asm_obj
+RMD160_ASM_SRC=$rmd160_asm_src
+
+# The output directory for everything intersting
+OUT_D=$out_dir
+# The output directory for all the temporary muck
+TMP_D=$tmp_dir
+# The output directory for the header files
+INC_D=$inc_dir
+
+CP=$cp
+RM=$rm
+RANLIB=$ranlib
+MKDIR=mkdir
+MKLIB=$bin_dir$mklib
+MLFLAGS=$mlflags
+ASM=$bin_dir$asm
+
+######################################################
+# You should not need to touch anything below this point
+######################################################
+
+E_EXE=ssleay
+SSL=$ssl
+CRYPTO=$crypto
+RSAGLUE=$RSAglue
+
+# BIN_D - Binary output directory
+# TEST_D - Binary test file output directory
+# LIB_D - library output directory
+BIN_D=\$(OUT_D)
+TEST_D=\$(OUT_D)
+LIB_D=\$(OUT_D)
+
+# INCL_D - local library directory
+# OBJ_D - temp object file directory
+OBJ_D=\$(TMP_D)
+INCL_D=\$(TMP_D)
+
+O_SSL= \$(LIB_D)$o$plib\$(SSL)$shlibp
+O_CRYPTO= \$(LIB_D)$o$plib\$(CRYPTO)$shlibp
+O_RSAGLUE= \$(LIB_D)$o$plib\$(RSAGLUE)$libp
+SO_SSL= $plib\$(SSL)$so_shlibp
+SO_CRYPTO= $plib\$(CRYPTO)$so_shlibp
+L_SSL= \$(LIB_D)$o\$(SSL)$libp
+L_CRYPTO= \$(LIB_D)$o\$(CRYPTO)$libp
+
+L_LIBS= \$(L_SSL) \$(L_CRYPTO)
+#L_LIBS= \$(O_SSL) \$(O_RSAGLUE) -lrsaref \$(O_CRYPTO)
+
+######################################################
+# Don't touch anything below this point
+######################################################
+
+INC=-I\$(INC_D) -I\$(INCL_D)
+APP_CFLAGS=\$(INC) \$(CFLAG) \$(APP_CFLAG)
+LIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG)
+SHLIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG) \$(SHLIB_CFLAG)
+LIBS_DEP=\$(O_CRYPTO) \$(O_RSAGLUE) \$(O_SSL)
+
+#############################################
+EOF
+
+$rules=<<"EOF";
+all: banner \$(TMP_D) \$(BIN_D) \$(TEST_D) \$(LIB_D) \$(INC_D) headers lib exe
+
+banner:
+$banner
+
+\$(TMP_D):
+ \$(MKDIR) \$(TMP_D)
+
+\$(BIN_D):
+ \$(MKDIR) \$(BIN_D)
+
+\$(TEST_D):
+ \$(MKDIR) \$(TEST_D)
+
+\$(LIB_D):
+ \$(MKDIR) \$(LIB_D)
+
+\$(INC_D):
+ \$(MKDIR) \$(INC_D)
+
+headers: \$(HEADER) \$(EXHEADER)
+
+lib: \$(LIBS_DEP)
+
+exe: \$(T_EXE) \$(BIN_D)$o\$(E_EXE)$exep
+
+install:
+ \$(MKDIR) \$(INSTALLTOP)
+ \$(MKDIR) \$(INSTALLTOP)${o}bin
+ \$(MKDIR) \$(INSTALLTOP)${o}include
+ \$(MKDIR) \$(INSTALLTOP)${o}lib
+ \$(CP) \$(INC_D)${o}*.\[ch\] \$(INSTALLTOP)${o}include
+ \$(CP) \$(BIN_D)$o\$(E_EXE)$exep \$(INSTALLTOP)${o}bin
+ \$(CP) \$(O_SSL) \$(INSTALLTOP)${o}lib
+ \$(CP) \$(O_CRYPTO) \$(INSTALLTOP)${o}lib
+
+clean:
+ \$(RM) \$(TMP_D)$o*.*
+
+vclean:
+ \$(RM) \$(TMP_D)$o*.*
+ \$(RM) \$(OUT_D)$o*.*
+
+EOF
+
+#############################################
+# We parse in input file and 'store' info for later printing.
+open(IN,"<$infile") || die "unable to open $infile:$!\n";
+$_=<IN>;
+for (;;)
+ {
+ chop;
+
+ ($key,$val)=/^([^=]+)=(.*)/;
+ if ($key eq "RELATIVE_DIRECTORY")
+ {
+ if ($lib ne "")
+ {
+ $uc=$lib;
+ $uc =~ s/^lib(.*)\.a/$1/;
+ $uc =~ tr/a-z/A-Z/;
+ $lib_nam{$uc}=$uc;
+ $lib_obj{$uc}.=$libobj." ";
+ }
+ last if ($val eq "FINISHED");
+ $lib="";
+ $libobj="";
+ $dir=$val;
+ }
+
+ if ($key eq "TEST")
+ { $test.=&var_add($dir,$val); }
+
+ if (($key eq "PROGS") || ($key eq "E_OBJ"))
+ { $e_exe.=&var_add($dir,$val); }
+
+ if ($key eq "LIB")
+ {
+ $lib=$val;
+ $lib =~ s/^.*\/([^\/]+)$/$1/;
+ }
+
+ if ($key eq "EXHEADER")
+ { $exheader.=&var_add($dir,$val); }
+
+ if ($key eq "HEADER")
+ { $header.=&var_add($dir,$val); }
+
+ if ($key eq "LIBOBJ")
+ { $libobj=&var_add($dir,$val); }
+
+ if (!($_=<IN>))
+ { $_="RELATIVE_DIRECTORY=FINISHED\n"; }
+ }
+close(IN);
+
+# Strip of trailing ' '
+foreach (keys %lib_obj) { $lib_obj{$_}=&clean_up_ws($lib_obj{$_}); }
+$test=&clean_up_ws($test);
+$e_exe=&clean_up_ws($e_exe);
+$exheader=&clean_up_ws($exheader);
+$header=&clean_up_ws($header);
+
+# First we strip the exheaders from the headers list
+foreach (split(/\s+/,$exheader)){ $h{$_}=1; }
+foreach (split(/\s+/,$header)) { $h.=$_." " unless $h{$_}; }
+chop($h); $header=$h;
+
+$defs.=&do_defs("HEADER",$header,"\$(INCL_D)",".h");
+$rules.=&do_copy_rule("\$(INCL_D)",$header,".h");
+
+$defs.=&do_defs("EXHEADER",$exheader,"\$(INC_D)",".h");
+$rules.=&do_copy_rule("\$(INC_D)",$exheader,".h");
+
+$defs.=&do_defs("T_OBJ",$test,"\$(OBJ_D)",$obj);
+$rules.=&do_compile_rule("\$(OBJ_D)",$test,"\$(APP_CFLAGS)");
+
+$defs.=&do_defs("E_OBJ",$e_exe,"\$(OBJ_D)",$obj);
+$rules.=&do_compile_rule("\$(OBJ_D)",$e_exe,'-DMONOLITH $(APP_CFLAGS)');
+
+foreach (values %lib_nam)
+ {
+ $lib_obj=$lib_obj{$_};
+ local($slib)=$shlib;
+
+ $slib=0 if ($_ eq "RSAGLUE");
+
+ if (($_ eq "SSL") && $no_ssl2 && $no_ssl3)
+ {
+ $rules.="\$(O_SSL):\n\n";
+ next;
+ }
+
+ if (($_ eq "RSAGLUE") && $no_rsa)
+ {
+ $rules.="\$(O_RSAGLUE):\n\n";
+ next;
+ }
+
+ if (($bn_mulw_obj ne "") && ($_ eq "CRYPTO"))
+ {
+ $lib_obj =~ s/\s\S*\/bn_mulw\S*/ \$(BN_MULW_OBJ)/;
+ $rules.=&do_asm_rule($bn_mulw_obj,$bn_mulw_src);
+ }
+ if (($des_enc_obj ne "") && ($_ eq "CRYPTO"))
+ {
+ $lib_obj =~ s/\s\S*des_enc\S*/ \$(DES_ENC_OBJ)/;
+ $lib_obj =~ s/\s\S*\/fcrypt_b\S*\s*/ /;
+ $rules.=&do_asm_rule($des_enc_obj,$des_enc_src);
+ }
+ if (($bf_enc_obj ne "") && ($_ eq "CRYPTO"))
+ {
+ $lib_obj =~ s/\s\S*\/bf_enc\S*/ \$(BF_ENC_OBJ)/;
+ $rules.=&do_asm_rule($bf_enc_obj,$bf_enc_src);
+ }
+ if (($cast_enc_obj ne "") && ($_ eq "CRYPTO"))
+ {
+ $lib_obj =~ s/(\s\S*\/c_enc\S*)/ \$(CAST_ENC_OBJ)/;
+ $rules.=&do_asm_rule($cast_enc_obj,$cast_enc_src);
+ }
+ if (($rc4_enc_obj ne "") && ($_ eq "CRYPTO"))
+ {
+ $lib_obj =~ s/\s\S*\/rc4_enc\S*/ \$(RC4_ENC_OBJ)/;
+ $rules.=&do_asm_rule($rc4_enc_obj,$rc4_enc_src);
+ }
+ if (($rc5_enc_obj ne "") && ($_ eq "CRYPTO"))
+ {
+ $lib_obj =~ s/\s\S*\/rc5_enc\S*/ \$(RC5_ENC_OBJ)/;
+ $rules.=&do_asm_rule($rc5_enc_obj,$rc5_enc_src);
+ }
+ if (($md5_asm_obj ne "") && ($_ eq "CRYPTO"))
+ {
+ $lib_obj =~ s/\s(\S*\/md5_dgst\S*)/ $1 \$(MD5_ASM_OBJ)/;
+ $rules.=&do_asm_rule($md5_asm_obj,$md5_asm_src);
+ }
+ if (($sha1_asm_obj ne "") && ($_ eq "CRYPTO"))
+ {
+ $lib_obj =~ s/\s(\S*\/sha1dgst\S*)/ $1 \$(SHA1_ASM_OBJ)/;
+ $rules.=&do_asm_rule($sha1_asm_obj,$sha1_asm_src);
+ }
+ if (($rmd160_asm_obj ne "") && ($_ eq "CRYPTO"))
+ {
+ $lib_obj =~ s/\s(\S*\/rmd_dgst\S*)/ $1 \$(RMD160_ASM_OBJ)/;
+ $rules.=&do_asm_rule($rmd160_asm_obj,$rmd160_asm_src);
+ }
+ $defs.=&do_defs(${_}."OBJ",$lib_obj,"\$(OBJ_D)",$obj);
+ $lib=($slib)?" \$(SHLIB_CFLAGS)":" \$(LIB_CFLAGS)";
+ $rules.=&do_compile_rule("\$(OBJ_D)",$lib_obj{$_},$lib);
+ }
+
+$defs.=&do_defs("T_EXE",$test,"\$(TEST_D)",$exep);
+foreach (split(/\s+/,$test))
+ {
+ $t=&bname($_);
+ $tt="\$(OBJ_D)${o}$t${obj}";
+ $rules.=&do_link_rule("\$(TEST_D)$o$t$exep",$tt,"\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)");
+ }
+
+$rules.= &do_lib_rule("\$(SSLOBJ)","\$(O_SSL)",$ssl,$shlib,"\$(SO_SSL)");
+$rules.= &do_lib_rule("\$(RSAGLUEOBJ)","\$(O_RSAGLUE)",$RSAglue,0,"")
+ unless $no_rsa;
+$rules.= &do_lib_rule("\$(CRYPTOOBJ)","\$(O_CRYPTO)",$crypto,$shlib,"\$(SO_CRYPTO)");
+
+$rules.=&do_link_rule("\$(BIN_D)$o\$(E_EXE)$exep","\$(E_OBJ)","\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)");
+
+print $defs;
+print "###################################################################\n";
+print $rules;
+
+###############################################
+# strip off any trailing .[och] and append the relative directory
+# also remembering to do nothing if we are in one of the dropped
+# directories
+sub var_add
+ {
+ local($dir,$val)=@_;
+ local(@a,$_,$ret);
+
+ return("") if $no_idea && $dir =~ /\/idea/;
+ return("") if $no_rc2 && $dir =~ /\/rc2/;
+ return("") if $no_rc4 && $dir =~ /\/rc4/;
+ return("") if $no_rc5 && $dir =~ /\/rc5/;
+ return("") if $no_rsa && $dir =~ /\/rsa/;
+ return("") if $no_rsa && $dir =~ /^rsaref/;
+ return("") if $no_dsa && $dir =~ /\/dsa/;
+ return("") if $no_dh && $dir =~ /\/dh/;
+ if ($no_des && $dir =~ /\/des/)
+ {
+ if ($val =~ /read_pwd/)
+ { return("$dir/read_pwd "); }
+ else
+ { return(""); }
+ }
+ return("") if $no_mdc2 && $dir =~ /\/mdc2/;
+ return("") if $no_sock && $dir =~ /\/proxy/;
+ return("") if $no_bf && $dir =~ /\/bf/;
+ return("") if $no_cast && $dir =~ /\/cast/;
+
+ $val =~ s/^\s*(.*)\s*$/$1/;
+ @a=split(/\s+/,$val);
+ grep(s/\.[och]$//,@a);
+
+ @a=grep(!/^e_.*_3d$/,@a) if $no_des;
+ @a=grep(!/^e_.*_d$/,@a) if $no_des;
+ @a=grep(!/^e_.*_i$/,@a) if $no_idea;
+ @a=grep(!/^e_.*_r2$/,@a) if $no_rc2;
+ @a=grep(!/^e_.*_r5$/,@a) if $no_rc5;
+ @a=grep(!/^e_.*_bf$/,@a) if $no_bf;
+ @a=grep(!/^e_.*_c$/,@a) if $no_cast;
+ @a=grep(!/^e_rc4$/,@a) if $no_rc4;
+
+ @a=grep(!/(^s2_)|(^s23_)/,@a) if $no_ssl2;
+ @a=grep(!/(^s3_)|(^s23_)/,@a) if $no_ssl3;
+
+ @a=grep(!/(_sock$)|(_acpt$)|(_conn$)|(^pxy_)/,@a) if $no_sock;
+
+ @a=grep(!/(^md2)|(_md2$)/,@a) if $no_md2;
+ @a=grep(!/(^md5)|(_md5$)/,@a) if $no_md5;
+
+ @a=grep(!/(^d2i_r_)|(^i2d_r_)/,@a) if $no_rsa;
+ @a=grep(!/(^p_open$)|(^p_seal$)/,@a) if $no_rsa;
+ @a=grep(!/(^pem_seal$)/,@a) if $no_rsa;
+
+ @a=grep(!/(m_dss$)|(m_dss1$)/,@a) if $no_dsa;
+ @a=grep(!/(^d2i_s_)|(^i2d_s_)|(_dsap$)/,@a) if $no_dsa;
+
+ @a=grep(!/^n_pkey$/,@a) if $no_rsa || $no_rc4;
+
+ @a=grep(!/_dhp$/,@a) if $no_dh;
+
+ @a=grep(!/(^sha[^1])|(_sha$)|(m_dss$)/,@a) if $no_sha;
+ @a=grep(!/(^sha1)|(_sha1$)|(m_dss1$)/,@a) if $no_sha1;
+ @a=grep(!/_mdc2$/,@a) if $no_mdc2;
+
+ @a=grep(!/(^rsa$)|(^genrsa$)|(^req$)|(^ca$)/,@a) if $no_rsa;
+ @a=grep(!/(^dsa$)|(^gendsa$)|(^dsaparam$)/,@a) if $no_dsa;
+ @a=grep(!/^gendsa$/,@a) if $no_sha1;
+ @a=grep(!/(^dh$)|(^gendh$)/,@a) if $no_dh;
+
+ @a=grep(!/(^dh)|(_sha1$)|(m_dss1$)/,@a) if $no_sha1;
+
+ grep($_="$dir/$_",@a);
+ @a=grep(!/(^|\/)s_/,@a) if $no_sock;
+ @a=grep(!/(^|\/)bio_sock/,@a) if $no_sock;
+ $ret=join(' ',@a)." ";
+ return($ret);
+ }
+
+# change things so that each 'token' is only separated by one space
+sub clean_up_ws
+ {
+ local($w)=@_;
+
+ $w =~ s/^\s*(.*)\s*$/$1/;
+ $w =~ s/\s+/ /g;
+ return($w);
+ }
+
+sub do_defs
+ {
+ local($var,$files,$location,$postfix)=@_;
+ local($_,$ret,$pf);
+ local(*OUT,$tmp,$t);
+
+ $files =~ s/\//$o/g if $o ne '/';
+ $ret="$var=";
+ $n=1;
+ $Vars{$var}.="";
+ foreach (split(/ /,$files))
+ {
+ $orig=$_;
+ $_=&bname($_) unless /^\$/;
+ if ($n++ == 2)
+ {
+ $n=0;
+ $ret.="\\\n\t";
+ }
+ if (($_ =~ /bss_file/) && ($postfix eq ".h"))
+ { $pf=".c"; }
+ else { $pf=$postfix; }
+ if ($_ =~ /BN_MULW/) { $t="$_ "; }
+ elsif ($_ =~ /DES_ENC/) { $t="$_ "; }
+ elsif ($_ =~ /BF_ENC/) { $t="$_ "; }
+ elsif ($_ =~ /CAST_ENC/){ $t="$_ "; }
+ elsif ($_ =~ /RC4_ENC/) { $t="$_ "; }
+ elsif ($_ =~ /RC5_ENC/) { $t="$_ "; }
+ elsif ($_ =~ /MD5_ASM/) { $t="$_ "; }
+ elsif ($_ =~ /SHA1_ASM/){ $t="$_ "; }
+ elsif ($_ =~ /RMD160_ASM/){ $t="$_ "; }
+ else { $t="$location${o}$_$pf "; }
+
+ $Vars{$var}.="$t ";
+ $ret.=$t;
+ }
+ chop($ret);
+ $ret.="\n\n";
+ return($ret);
+ }
+
+# return the name with the leading path removed
+sub bname
+ {
+ local($ret)=@_;
+ $ret =~ s/^.*[\\\/]([^\\\/]+)$/$1/;
+ return($ret);
+ }
+
+# do a rule for each file that says 'copy' to new direcory on change
+sub do_copy_rule
+ {
+ local($to,$files,$p)=@_;
+ local($ret,$_,$n,$pp);
+
+ $files =~ s/\//$o/g if $o ne '/';
+ foreach (split(/\s+/,$files))
+ {
+ $n=&bname($_);
+ if ($n =~ /bss_file/)
+ { $pp=".c"; }
+ else { $pp=$p; }
+ $ret.="$to${o}$n$pp: \$(SRC_D)$o$_$pp\n\t\$(CP) \$(SRC_D)$o$_$pp $to${o}$n$pp\n\n";
+ }
+ return($ret);
+ }
+
+##############################################################
+# do a rule for each file that says 'compile' to new direcory
+# compile the files in '$files' into $to
+sub do_compile_rule
+ {
+ local($to,$files,$ex)=@_;
+ local($ret,$_,$n);
+
+ $files =~ s/\//$o/g if $o ne '/';
+ foreach (split(/\s+/,$files))
+ {
+ $n=&bname($_);
+ $ret.=&cc_compile_target("$to${o}$n$obj","${_}.c",$ex)
+ }
+ return($ret);
+ }
+
+##############################################################
+# do a rule for each file that says 'compile' to new direcory
+sub cc_compile_target
+ {
+ local($target,$source,$ex_flags)=@_;
+ local($ret);
+
+ # EAY EAY
+ $ex_flags.=' -DCFLAGS="\"$(CC) $(CFLAG)\""' if ($source =~ /cversion/);
+ $target =~ s/\//$o/g if $o ne "/";
+ $source =~ s/\//$o/g if $o ne "/";
+ $ret ="$target: \$(SRC_D)$o$source\n\t";
+ $ret.="\$(CC) ${ofile}$target $ex_flags -c \$(SRC_D)$o$source\n\n";
+ return($ret);
+ }
+
+##############################################################
+sub do_asm_rule
+ {
+ local($target,$src)=@_;
+ local($ret,@s,@t,$i);
+
+ $target =~ s/\//$o/g if $o ne "/";
+ $src =~ s/\//$o/g if $o ne "/";
+
+ @s=split(/\s+/,$src);
+ @t=split(/\s+/,$target);
+
+ for ($i=0; $i<=$#s; $i++)
+ {
+ $ret.="$t[$i]: $s[$i]\n";
+ $ret.="\t\$(ASM) $afile$t[$i] \$(SRC_D)$o$s[$i]\n\n";
+ }
+ return($ret);
+ }
+
+sub do_shlib_rule
+ {
+ local($n,$def)=@_;
+ local($ret,$nn);
+ local($t);
+
+ ($nn=$n) =~ tr/a-z/A-Z/;
+ $ret.="$n.dll: \$(${nn}OBJ)\n";
+ if ($vc && $w32)
+ {
+ $ret.="\t\$(MKSHLIB) $efile$n.dll $def @<<\n \$(${nn}OBJ_F)\n<<\n";
+ }
+ $ret.="\n";
+ return($ret);
+ }
+
diff --git a/src/lib/libssl/src/util/mkcerts.sh b/src/lib/libssl/src/util/mkcerts.sh
new file mode 100644
index 0000000000..5f8a1dae73
--- /dev/null
+++ b/src/lib/libssl/src/util/mkcerts.sh
@@ -0,0 +1,220 @@
+#!bin/sh
+
+# This script will re-make all the required certs.
+# cd apps
+# sh ../util/mkcerts.sh
+# mv ca-cert.pem pca-cert.pem ../certs
+# cd ..
+# cat certs/*.pem >>apps/server.pem
+# cat certs/*.pem >>apps/server2.pem
+# SSLEAY=`pwd`/apps/ssleay; export SSLEAY
+# sh tools/c_rehash certs
+#
+
+CAbits=1024
+SSLEAY="../apps/ssleay"
+CONF="-config ../apps/ssleay.cnf"
+
+# create pca request.
+echo creating $CAbits bit PCA cert request
+$SSLEAY req $CONF \
+ -new -md5 -newkey $CAbits \
+ -keyout pca-key.pem \
+ -out pca-req.pem -nodes >/dev/null <<EOF
+AU
+Queensland
+.
+CryptSoft Pty Ltd
+.
+Test PCA (1024 bit)
+
+
+
+EOF
+
+if [ $? != 0 ]; then
+ echo problems generating PCA request
+ exit 1
+fi
+
+#sign it.
+echo
+echo self signing PCA
+$SSLEAY x509 -md5 -days 1461 \
+ -req -signkey pca-key.pem \
+ -CAcreateserial -CAserial pca-cert.srl \
+ -in pca-req.pem -out pca-cert.pem
+
+if [ $? != 0 ]; then
+ echo problems self signing PCA cert
+ exit 1
+fi
+echo
+
+# create ca request.
+echo creating $CAbits bit CA cert request
+$SSLEAY req $CONF \
+ -new -md5 -newkey $CAbits \
+ -keyout ca-key.pem \
+ -out ca-req.pem -nodes >/dev/null <<EOF
+AU
+Queensland
+.
+CryptSoft Pty Ltd
+.
+Test CA (1024 bit)
+
+
+
+EOF
+
+if [ $? != 0 ]; then
+ echo problems generating CA request
+ exit 1
+fi
+
+#sign it.
+echo
+echo signing CA
+$SSLEAY x509 -md5 -days 1461 \
+ -req \
+ -CAcreateserial -CAserial pca-cert.srl \
+ -CA pca-cert.pem -CAkey pca-key.pem \
+ -in ca-req.pem -out ca-cert.pem
+
+if [ $? != 0 ]; then
+ echo problems signing CA cert
+ exit 1
+fi
+echo
+
+# create server request.
+echo creating 512 bit server cert request
+$SSLEAY req $CONF \
+ -new -md5 -newkey 512 \
+ -keyout s512-key.pem \
+ -out s512-req.pem -nodes >/dev/null <<EOF
+AU
+Queensland
+.
+CryptSoft Pty Ltd
+.
+Server test cert (512 bit)
+
+
+
+EOF
+
+if [ $? != 0 ]; then
+ echo problems generating 512 bit server cert request
+ exit 1
+fi
+
+#sign it.
+echo
+echo signing 512 bit server cert
+$SSLEAY x509 -md5 -days 365 \
+ -req \
+ -CAcreateserial -CAserial ca-cert.srl \
+ -CA ca-cert.pem -CAkey ca-key.pem \
+ -in s512-req.pem -out server.pem
+
+if [ $? != 0 ]; then
+ echo problems signing 512 bit server cert
+ exit 1
+fi
+echo
+
+# create 1024 bit server request.
+echo creating 1024 bit server cert request
+$SSLEAY req $CONF \
+ -new -md5 -newkey 1024 \
+ -keyout s1024key.pem \
+ -out s1024req.pem -nodes >/dev/null <<EOF
+AU
+Queensland
+.
+CryptSoft Pty Ltd
+.
+Server test cert (1024 bit)
+
+
+
+EOF
+
+if [ $? != 0 ]; then
+ echo problems generating 1024 bit server cert request
+ exit 1
+fi
+
+#sign it.
+echo
+echo signing 1024 bit server cert
+$SSLEAY x509 -md5 -days 365 \
+ -req \
+ -CAcreateserial -CAserial ca-cert.srl \
+ -CA ca-cert.pem -CAkey ca-key.pem \
+ -in s1024req.pem -out server2.pem
+
+if [ $? != 0 ]; then
+ echo problems signing 1024 bit server cert
+ exit 1
+fi
+echo
+
+# create 512 bit client request.
+echo creating 512 bit client cert request
+$SSLEAY req $CONF \
+ -new -md5 -newkey 512 \
+ -keyout c512-key.pem \
+ -out c512-req.pem -nodes >/dev/null <<EOF
+AU
+Queensland
+.
+CryptSoft Pty Ltd
+.
+Client test cert (512 bit)
+
+
+
+EOF
+
+if [ $? != 0 ]; then
+ echo problems generating 512 bit client cert request
+ exit 1
+fi
+
+#sign it.
+echo
+echo signing 512 bit client cert
+$SSLEAY x509 -md5 -days 365 \
+ -req \
+ -CAcreateserial -CAserial ca-cert.srl \
+ -CA ca-cert.pem -CAkey ca-key.pem \
+ -in c512-req.pem -out client.pem
+
+if [ $? != 0 ]; then
+ echo problems signing 512 bit client cert
+ exit 1
+fi
+
+echo cleanup
+
+cat pca-key.pem >> pca-cert.pem
+cat ca-key.pem >> ca-cert.pem
+cat s512-key.pem >> server.pem
+cat s1024key.pem >> server2.pem
+cat c512-key.pem >> client.pem
+
+for i in pca-cert.pem ca-cert.pem server.pem server2.pem client.pem
+do
+$SSLEAY x509 -issuer -subject -in $i -noout >$$
+cat $$
+/bin/cat $i >>$$
+/bin/mv $$ $i
+done
+
+#/bin/rm -f *key.pem *req.pem *.srl
+
+echo Finished
+
diff --git a/src/lib/libssl/src/util/mkdef.pl b/src/lib/libssl/src/util/mkdef.pl
new file mode 100644
index 0000000000..8124f11292
--- /dev/null
+++ b/src/lib/libssl/src/util/mkdef.pl
@@ -0,0 +1,292 @@
+#!/usr/bin/perl
+#
+# generate a .def file
+#
+# It does this by parsing the header files and looking for the
+# non-prototyped functions.
+#
+
+$crypto_num="util/libeay.num";
+$ssl_num= "util/ssleay.num";
+
+$NT=1;
+foreach (@ARGV)
+ {
+ $NT=1 if $_ eq "32";
+ $NT=0 if $_ eq "16";
+ $do_ssl=1 if $_ eq "ssleay";
+ $do_crypto=1 if $_ eq "libeay";
+ }
+
+if (!$do_ssl && !$do_crypto)
+ {
+ print STDERR "usage: $0 ( ssl | crypto ) [ 16 | 32 ]\n";
+ exit(1);
+ }
+
+%ssl_list=&load_numbers($ssl_num);
+%crypto_list=&load_numbers($crypto_num);
+
+$ssl="ssl/ssl.h";
+
+$crypto ="crypto/crypto.h";
+$crypto.=" crypto/des/des.h";
+$crypto.=" crypto/idea/idea.h";
+$crypto.=" crypto/rc4/rc4.h";
+$crypto.=" crypto/rc5/rc5.h";
+$crypto.=" crypto/rc2/rc2.h";
+$crypto.=" crypto/bf/blowfish.h";
+$crypto.=" crypto/cast/cast.h";
+$crypto.=" crypto/md2/md2.h";
+$crypto.=" crypto/md5/md5.h";
+$crypto.=" crypto/mdc2/mdc2.h";
+$crypto.=" crypto/sha/sha.h";
+$crypto.=" crypto/ripemd/ripemd.h";
+
+$crypto.=" crypto/bn/bn.h";
+$crypto.=" crypto/rsa/rsa.h";
+$crypto.=" crypto/dsa/dsa.h";
+$crypto.=" crypto/dh/dh.h";
+
+$crypto.=" crypto/stack/stack.h";
+$crypto.=" crypto/buffer/buffer.h";
+$crypto.=" crypto/bio/bio.h";
+$crypto.=" crypto/lhash/lhash.h";
+$crypto.=" crypto/conf/conf.h";
+$crypto.=" crypto/txt_db/txt_db.h";
+
+$crypto.=" crypto/evp/evp.h";
+$crypto.=" crypto/objects/objects.h";
+$crypto.=" crypto/pem/pem.h";
+#$crypto.=" crypto/meth/meth.h";
+$crypto.=" crypto/asn1/asn1.h";
+$crypto.=" crypto/asn1/asn1_mac.h";
+$crypto.=" crypto/err/err.h";
+$crypto.=" crypto/pkcs7/pkcs7.h";
+$crypto.=" crypto/x509/x509.h";
+$crypto.=" crypto/x509/x509_vfy.h";
+$crypto.=" crypto/rand/rand.h";
+$crypto.=" crypto/hmac/hmac.h";
+
+$match{'NOPROTO'}=1;
+$match2{'PERL5'}=1;
+
+&print_def_file(*STDOUT,"SSLEAY",*ssl_list,&do_defs("SSLEAY",$ssl))
+ if $do_ssl == 1;
+
+&print_def_file(*STDOUT,"LIBEAY",*crypto_list,&do_defs("LIBEAY",$crypto))
+ if $do_crypto == 1;
+
+sub do_defs
+ {
+ local($name,$files)=@_;
+ local(@ret);
+
+ $off=-1;
+ foreach $file (split(/\s+/,$files))
+ {
+# print STDERR "reading $file\n";
+ open(IN,"<$file") || die "unable to open $file:$!\n";
+ $depth=0;
+ $pr=-1;
+ @np="";
+ $/=undef;
+ $a=<IN>;
+ while (($i=index($a,"/*")) >= 0)
+ {
+ $j=index($a,"*/");
+ break unless ($j >= 0);
+ $a=substr($a,0,$i).substr($a,$j+2);
+ # print "$i $j\n";
+ }
+ foreach (split("\n",$a))
+ {
+ if (/^\#\s*ifndef (.*)/)
+ {
+ push(@tag,$1);
+ $tag{$1}=-1;
+ next;
+ }
+ elsif (/^\#\s*if !defined\(([^\)]+)\)/)
+ {
+ push(@tag,$1);
+ $tag{$1}=-1;
+ next;
+ }
+ elsif (/^\#\s*ifdef (.*)/)
+ {
+ push(@tag,$1);
+ $tag{$1}=1;
+ next;
+ }
+ elsif (/^\#\s*if defined(.*)/)
+ {
+ push(@tag,$1);
+ $tag{$1}=1;
+ next;
+ }
+ elsif (/^\#\s*endif/)
+ {
+ $tag{$tag[$#tag]}=0;
+ pop(@tag);
+ next;
+ }
+ elsif (/^\#\s*else/)
+ {
+ $t=$tag[$#tag];
+ $tag{$t}= -$tag{$t};
+ next;
+ }
+#printf STDERR "$_\n%2d %2d %2d %2d %2d $NT\n",
+#$tag{'NOPROTO'},$tag{'FreeBSD'},$tag{'WIN16'},$tag{'PERL5'},$tag{'NO_FP_API'};
+
+ $t=undef;
+ if (/^extern .*;$/)
+ { $t=&do_extern($name,$_); }
+ elsif ( ($tag{'NOPROTO'} == 1) &&
+ ($tag{'FreeBSD'} != 1) &&
+ (($NT && ($tag{'WIN16'} != 1)) ||
+ (!$NT && ($tag{'WIN16'} != -1))) &&
+ ($tag{'PERL5'} != 1) &&
+# ($tag{'_WINDLL'} != -1) &&
+ ((!$NT && $tag{'_WINDLL'} != -1) ||
+ ($NT && $tag{'_WINDLL'} != 1)) &&
+ ((($tag{'NO_FP_API'} != 1) && $NT) ||
+ (($tag{'NO_FP_API'} != -1) && !$NT)))
+ { $t=&do_line($name,$_); }
+ else
+ { $t=undef; }
+ if (($t ne undef) && (!$done{$name,$t}))
+ {
+ $done{$name,$t}++;
+ push(@ret,$t);
+#printf STDERR "one:$t\n" if $t =~ /BIO_/;
+ }
+ }
+ close(IN);
+ }
+ return(@ret);
+ }
+
+sub do_line
+ {
+ local($file,$_)=@_;
+ local($n);
+
+ return(undef) if /^$/;
+ return(undef) if /^\s/;
+#printf STDERR "two:$_\n" if $_ =~ /BIO_/;
+ if (/(CRYPTO_get_locking_callback)/)
+ { return($1); }
+ elsif (/(CRYPTO_get_id_callback)/)
+ { return($1); }
+ elsif (/(CRYPTO_get_add_lock_callback)/)
+ { return($1); }
+ elsif (/(SSL_CTX_get_verify_callback)/)
+ { return($1); }
+ elsif (/(SSL_get_info_callback)/)
+ { return($1); }
+ elsif ((!$NT) && /(ERR_load_CRYPTO_strings)/)
+ { return("ERR_load_CRYPTOlib_strings"); }
+ elsif (!$NT && /BIO_s_file/)
+ { return(undef); }
+ elsif (!$NT && /BIO_new_file/)
+ { return(undef); }
+ elsif (!$NT && /BIO_new_fp/)
+ { return(undef); }
+ elsif ($NT && /BIO_s_file_internal/)
+ { return(undef); }
+ elsif ($NT && /BIO_new_file_internal/)
+ { return(undef); }
+ elsif ($NT && /BIO_new_fp_internal/)
+ { return(undef); }
+ else
+ {
+ /\s\**(\S+)\s*\(/;
+ return($1);
+ }
+ }
+
+sub do_extern
+ {
+ local($file,$_)=@_;
+ local($n);
+
+ /\s\**(\S+);$/;
+ return($1);
+ }
+
+sub print_def_file
+ {
+ local(*OUT,$name,*nums,@functions)=@_;
+ local($n)=1;
+
+ if ($NT)
+ { $name.="32"; }
+ else
+ { $name.="16"; }
+
+ print OUT <<"EOF";
+;
+; Definition file for the DDL version of the $name library from SSLeay
+;
+
+LIBRARY $name
+
+DESCRIPTION 'SSLeay $name - eay\@cryptsoft.com'
+
+EOF
+
+ if (!$NT)
+ {
+ print <<"EOF";
+CODE PRELOAD MOVEABLE
+DATA PRELOAD MOVEABLE SINGLE
+
+EXETYPE WINDOWS
+
+HEAPSIZE 4096
+STACKSIZE 8192
+
+EOF
+ }
+
+ print "EXPORTS\n";
+
+
+ (@e)=grep(/^SSLeay/,@functions);
+ (@r)=grep(!/^SSLeay/,@functions);
+ @functions=((sort @e),(sort @r));
+
+ foreach $func (@functions)
+ {
+ if (!defined($nums{$func}))
+ {
+ printf STDERR "$func does not have a number assigned\n";
+ }
+ else
+ {
+ $n=$nums{$func};
+ printf OUT " %s%-35s@%d\n",($NT)?"":"_",$func,$n;
+ }
+ }
+ printf OUT "\n";
+ }
+
+sub load_numbers
+ {
+ local($name)=@_;
+ local($j,@a,%ret);
+
+ open(IN,"<$name") || die "unable to open $name:$!\n";
+ while (<IN>)
+ {
+ chop;
+ s/#.*$//;
+ next if /^\s*$/;
+ @a=split;
+ $ret{$a[0]}=$a[1];
+ }
+ close(IN);
+ return(%ret);
+ }
diff --git a/src/lib/libssl/src/util/perlpath.pl b/src/lib/libssl/src/util/perlpath.pl
new file mode 100644
index 0000000000..9e57e10ad4
--- /dev/null
+++ b/src/lib/libssl/src/util/perlpath.pl
@@ -0,0 +1,30 @@
+#!/usr/bin/perl
+#
+# modify the '#!/usr/local/bin/perl'
+# line in all scripts that rely on perl.
+#
+
+require "find.pl";
+
+$#ARGV == 0 || print STDERR "usage: perlpath newpath (eg /usr/bin)\n";
+&find(".");
+
+sub wanted
+ {
+ return unless /\.pl$/ || /^[Cc]onfigur/;
+
+ open(IN,"<$_") || die "unable to open $dir/$_:$!\n";
+ @a=<IN>;
+ close(IN);
+
+ $a[0]="#!$ARGV[0]/perl\n";
+
+ # Playing it safe...
+ $new="$_.new";
+ open(OUT,">$new") || die "unable to open $dir/$new:$!\n";
+ print OUT @a;
+ close(OUT);
+
+ rename($new,$_) || die "unable to rename $dir/$new:$!\n";
+ chmod(0755,$_) || die "unable to chmod $dir/$new:$!\n";
+ }
diff --git a/src/lib/libssl/src/util/pl/BC-16.pl b/src/lib/libssl/src/util/pl/BC-16.pl
new file mode 100644
index 0000000000..7c3fdb68f4
--- /dev/null
+++ b/src/lib/libssl/src/util/pl/BC-16.pl
@@ -0,0 +1,146 @@
+#!/usr/bin/perl
+# VCw16lib.pl - the file for Visual C++ 1.52b for windows, static libraries
+#
+
+$o='\\';
+$cp='copy';
+$rm='del';
+
+# C compiler stuff
+$cc='bcc';
+
+if ($debug)
+ { $op="-v "; }
+else { $op="-O "; }
+
+$cflags="-d -ml $op -DL_ENDIAN";
+# I add the stack opt
+$base_lflags="/c /C";
+$lflags="$base_lflags";
+
+if ($win16)
+ {
+ $shlib=1;
+ $cflags.=" -DWINDOWS -DWIN16";
+ $app_cflag="-W";
+ $lib_cflag="-WD";
+ $lflags.="/Twe";
+ }
+else
+ {
+ $cflags.=" -DMSDOS";
+ $lflags.=" /Tde";
+ }
+
+if ($shlib)
+ {
+ $mlflags=" /Twd $base_lflags"; # stack if defined in .def file
+ $libs="libw ldllcew";
+ $no_asm=1;
+ }
+else
+ { $mlflags=''; }
+
+$obj='.obj';
+$ofile="-o";
+
+# EXE linking stuff
+$link="tlink";
+$efile="";
+$exep='.exe';
+$ex_libs="CL";
+$ex_libs.=$no_sock?"":" winsock.lib";
+
+$app_ex_obj="C0L.obj ";
+$shlib_ex_obj="" if ($shlib);
+
+# static library stuff
+$mklib='tlib';
+$ranlib='echo no ranlib';
+$plib="";
+$libp=".lib";
+$shlibp=($shlib)?".dll":".lib";
+$lfile='';
+
+$asm='bcc -c -B -Tml';
+$afile='/o';
+if ($no_asm)
+ {
+ $bn_mulw_obj='';
+ $bn_mulw_src='';
+ }
+elsif ($asmbits == 32)
+ {
+ $bn_mulw_obj='crypto\bn\asm\x86w32.obj';
+ $bn_mulw_src='crypto\bn\asm\x86w32.asm';
+ }
+else
+ {
+ $bn_mulw_obj='crypto\bn\asm\x86w16.obj';
+ $bn_mulw_src='crypto\bn\asm\x86w16.asm';
+ }
+
+sub do_lib_rule
+ {
+ local($target,$name,$shlib)=@_;
+ local($ret,$Name);
+
+ $taget =~ s/\//$o/g if $o ne '/';
+ ($Name=$name) =~ tr/a-z/A-Z/;
+
+ $ret.="$target: \$(${Name}OBJ)\n";
+ $ret.="\t\$(RM) \$(O_$Name)\n";
+
+ # Due to a pathetic line length limit, I unwrap the args.
+ local($lib_names)="";
+ local($dll_names)="";
+ foreach $_ (sort split(/\s+/,$Vars{"${Name}OBJ"}))
+ {
+ $lib_names.=" +$_ &\n";
+ $dll_names.=" $_\n";
+ }
+
+ if (!$shlib)
+ {
+ $ret.="\t\$(MKLIB) $target & <<|\n$lib_names\n,\n|\n";
+ }
+ else
+ {
+ local($ex)=($Name eq "SSL")?' $(L_CRYPTO) winsock':"";
+ $ret.="\t\$(LINK) \$(MLFLAGS) @&&|\n";
+ $ret.=$dll_names;
+ $ret.="\n $target\n\n $ex $libs\nms$o${name}16.def;\n|\n";
+ ($out_lib=$target) =~ s/O_/L_/;
+ $ret.="\timplib /nowep $out_lib $target\n\n";
+ }
+ $ret.="\n";
+ return($ret);
+ }
+
+sub do_link_rule
+ {
+ local($target,$files,$dep_libs,$libs)=@_;
+ local($ret,$f,$_,@f);
+
+ $file =~ s/\//$o/g if $o ne '/';
+ $n=&bname($targer);
+ $ret.="$target: $files $dep_libs\n";
+ $ret.=" \$(LINK) @&&|";
+
+ # Due to a pathetic line length limit, I have to unwrap the args.
+ $ret.=" \$(LFLAGS) ";
+ if ($files =~ /\(([^)]*)\)$/)
+ {
+ $ret.=" \$(APP_EX_OBJ)";
+ foreach $_ (sort split(/\s+/,$Vars{$1}))
+ { $ret.="\n $r $_ +"; }
+ chop($ret);
+ $ret.="\n";
+ }
+ else
+ { $ret.="\n $r \$(APP_EX_OBJ) $files\n"; }
+ $ret.=" $target\n\n $libs\n\n|\n\n";
+ return($ret);
+ }
+
+1;
diff --git a/src/lib/libssl/src/util/pl/BC-32.pl b/src/lib/libssl/src/util/pl/BC-32.pl
new file mode 100644
index 0000000000..3898d16f61
--- /dev/null
+++ b/src/lib/libssl/src/util/pl/BC-32.pl
@@ -0,0 +1,135 @@
+#!/usr/bin/perl
+# VCw16lib.pl - the file for Visual C++ 1.52b for windows, static libraries
+#
+
+$o='\\';
+$cp='copy';
+$rm='del';
+
+# C compiler stuff
+$cc='bcc32';
+
+if ($debug)
+ { $op="-v "; }
+else { $op="-O "; }
+
+$cflags="-d $op -DL_ENDIAN ";
+# I add the stack opt
+$base_lflags="-c";
+$lflags="$base_lflags";
+
+$cflags.=" -DWINDOWS -DWIN32";
+$app_cflag="-WC";
+$lib_cflag="-WC";
+$lflags.=" -Tpe";
+
+if ($shlib)
+ {
+ $mlflags="$base_lflags -Tpe"; # stack if defined in .def file
+ $libs="libw ldllcew";
+ }
+else
+ { $mlflags=''; }
+
+$obj='.obj';
+$ofile="-o";
+
+# EXE linking stuff
+$link="tlink32";
+$efile="";
+$exep='.exe';
+$ex_libs="CW32.LIB IMPORT32.LIB";
+$ex_libs.=$no_sock?"":" wsock32.lib";
+$shlib_ex_obj="" if $shlib;
+$app_ex_obj="C0X32.OBJ";
+
+# static library stuff
+$mklib='tlib';
+$ranlib='';
+$plib="";
+$libp=".lib";
+$shlibp=($shlib)?".dll":".lib";
+$lfile='';
+
+$asm='ml /Cp /c /Cx';
+$afile='/Fo';
+if ($noasm)
+ {
+ $bn_mulw_obj='';
+ $bn_mulw_src='';
+ }
+else
+ {
+ $bn_mulw_obj='crypto\bn\asm\x86b32.obj';
+ $bn_mulw_src='crypto\bn\asm\x86m32.asm';
+ }
+
+sub do_lib_rule
+ {
+ local($target,$name,$shlib)=@_;
+ local($ret,$Name);
+
+ $taget =~ s/\//$o/g if $o ne '/';
+ ($Name=$name) =~ tr/a-z/A-Z/;
+
+ $ret.="$target: \$(${Name}OBJ)\n";
+ $ret.="\t\$(RM) \$(O_$Name)\n";
+
+ # Due to a pathetic line length limit, I unwrap the args.
+ local($lib_names)="";
+ local($dll_names)="";
+ foreach $_ (sort split(/\s+/,$Vars{"${Name}OBJ"}))
+ {
+ $lib_names.=" +$_ &\n";
+ $dll_names.=" $_\n";
+ }
+
+ if (!$shlib)
+ {
+ $ret.="\t\$(MKLIB) $target & <<|\n$lib_names\n,\n|\n";
+ }
+ else
+ {
+ # $(SHLIB_EX_OBJ)
+ local($ex)=($Name eq "SSL")?' $(L_CRYPTO) winsock':"";
+ $ret.="\t\$(LINK) \$(MLFLAGS) @&&|\n";
+ $ret.=$dll_names;
+ $ret.="\n $target\n\n $ex $libs\nms$o${name}16.def;\n|\n";
+ ($out_lib=$target) =~ s/O_/L_/;
+ $ret.="\timplib /nowep $out_lib $target\n\n";
+ }
+ $ret.="\n";
+ return($ret);
+ }
+
+sub do_link_rule
+ {
+ local($target,$files,$dep_libs,$libs)=@_;
+ local($ret,$f,$_,@f);
+
+ $file =~ s/\//$o/g if $o ne '/';
+ $n=&bname($targer);
+ $ret.="$target: $files $dep_libs\n";
+ $ret.=" \$(LINK) @&&|";
+
+ # Due to a pathetic line length limit, I have to unwrap the args.
+ $r=" \$(LFLAGS) ";
+ if ($files =~ /\(([^)]*)\)$/)
+ {
+ @a=('$(APP_EX_OBJ)');
+ push(@a,sort split(/\s+/,$Vars{$1}));
+ foreach $_ (@a)
+ {
+ $ret.="\n $r $_ +";
+ $r="";
+ }
+ chop($ret);
+ $ret.="\n";
+ }
+ else
+ { $ret.="\n $r \$(APP_EX_OBJ) $files\n"; }
+ $ret.=" $target\n\n $libs\n\n|\n\n";
+ return($ret);
+ }
+
+1;
diff --git a/src/lib/libssl/src/util/pl/VC-16.pl b/src/lib/libssl/src/util/pl/VC-16.pl
new file mode 100644
index 0000000000..a6e6c0241c
--- /dev/null
+++ b/src/lib/libssl/src/util/pl/VC-16.pl
@@ -0,0 +1,173 @@
+#!/usr/bin/perl
+# VCw16lib.pl - the file for Visual C++ 1.52b for windows, static libraries
+#
+
+$ssl= "ssleay16";
+$crypto="libeay16";
+$RSAref="RSAref16";
+
+$o='\\';
+$cp='copy';
+$rm='del';
+
+# C compiler stuff
+$cc='cl';
+
+$out_def="out16";
+$tmp_def="tmp16";
+$inc_def="inc16";
+
+if ($debug)
+ {
+ $op="/Od /Zi /Zd";
+ $base_lflags="/CO";
+ }
+else {
+ $op="/G2 /f- /Ocgnotb2";
+ }
+$base_lflags.=" /FARCALL /NOLOGO /NOD /SEG:1024 /ONERROR:NOEXE /NOE /PACKC:60000";
+if ($win16) { $base_lflags.=" /PACKD:60000"; }
+
+$cflags="/ALw /Gx- /Gt256 /Gf $op /W3 /WX -DL_ENDIAN /nologo";
+# I add the stack opt
+$lflags="$base_lflags /STACK:20000";
+
+if ($win16)
+ {
+ $cflags.=" -DWINDOWS -DWIN16";
+ $app_cflag="/Gw /FPi87";
+ $lib_cflag="/Gw";
+ $lib_cflag.=" -D_WINDLL -D_DLL" if $shlib;
+ $lib_cflag.=" -DWIN16TTY" if !$shlib;
+ $lflags.=" /ALIGN:256";
+ $ex_libs.="oldnames llibcewq libw";
+ }
+else
+ {
+ $no_sock=1;
+ $cflags.=" -DMSDOS";
+ $lflags.=" /EXEPACK";
+ $ex_libs.="oldnames.lib llibce.lib";
+ }
+
+if ($shlib)
+ {
+ $mlflags="$base_lflags";
+ $libs="oldnames ldllcew libw";
+ $shlib_ex_obj="";
+# $no_asm=1;
+ $out_def="out16dll";
+ $tmp_def="tmp16dll";
+ }
+else
+ { $mlflags=''; }
+
+$app_ex_obj="setargv.obj";
+
+$obj='.obj';
+$ofile="/Fo";
+
+# EXE linking stuff
+$link="link";
+$efile="";
+$exep='.exe';
+$ex_libs.=$no_sock?"":" winsock";
+
+# static library stuff
+$mklib='lib /PAGESIZE:1024';
+$ranlib='';
+$plib="";
+$libp=".lib";
+$shlibp=($shlib)?".dll":".lib";
+$lfile='';
+
+$asm='ml /Cp /c /Cx';
+$afile='/Fo';
+
+$bn_mulw_obj='';
+$bn_mulw_src='';
+$des_enc_obj='';
+$des_enc_src='';
+$bf_enc_obj='';
+$bf_enc_src='';
+
+if (!$no_asm)
+ {
+ if ($asmbits == 32)
+ {
+ $bn_mulw_obj='crypto\bn\asm\x86w32.obj';
+ $bn_mulw_src='crypto\bn\asm\x86w32.asm';
+ }
+ else
+ {
+ $bn_mulw_obj='crypto\bn\asm\x86w16.obj';
+ $bn_mulw_src='crypto\bn\asm\x86w16.asm';
+ }
+ }
+
+sub do_lib_rule
+ {
+ local($objs,$target,$name,$shlib)=@_;
+ local($ret,$Name);
+
+ $taget =~ s/\//$o/g if $o ne '/';
+ ($Name=$name) =~ tr/a-z/A-Z/;
+
+# $target="\$(LIB_D)$o$target";
+ $ret.="$target: $objs\n";
+# $ret.="\t\$(RM) \$(O_$Name)\n";
+
+ # Due to a pathetic line length limit, I unwrap the args.
+ local($lib_names)="";
+ local($dll_names)=" \$(SHLIB_EX_OBJ) +\n";
+ ($obj)= ($objs =~ /\((.*)\)/);
+ foreach $_ (sort split(/\s+/,$Vars{$obj}))
+ {
+ $lib_names.="+$_ &\n";
+ $dll_names.=" $_ +\n";
+ }
+
+ if (!$shlib)
+ {
+ $ret.="\tdel $target\n";
+ $ret.="\t\$(MKLIB) @<<\n$target\ny\n$lib_names\n\n<<\n";
+ }
+ else
+ {
+ local($ex)=($target =~ /O_SSL/)?'$(L_CRYPTO)':"";
+ $ex.=' winsock';
+ $ret.="\t\$(LINK) \$(MLFLAGS) @<<\n";
+ $ret.=$dll_names;
+ $ret.="\n $target\n\n $ex $libs\nms$o${name}.def;\n<<\n";
+ ($out_lib=$target) =~ s/O_/L_/;
+ $ret.="\timplib /noignorecase /nowep $out_lib $target\n";
+ }
+ $ret.="\n";
+ return($ret);
+ }
+
+sub do_link_rule
+ {
+ local($target,$files,$dep_libs,$libs)=@_;
+ local($ret,$f,$_,@f);
+
+ $file =~ s/\//$o/g if $o ne '/';
+ $n=&bname($targer);
+ $ret.="$target: $files $dep_libs\n";
+ $ret.=" \$(LINK) \$(LFLAGS) @<<\n";
+
+ # Due to a pathetic line length limit, I have to unwrap the args.
+ if ($files =~ /\(([^)]*)\)$/)
+ {
+ @a=('$(APP_EX_OBJ)');
+ push(@a,sort split(/\s+/,$Vars{$1}));
+ for $_ (@a)
+ { $ret.=" $_ +\n"; }
+ }
+ else
+ { $ret.=" \$(APP_EX_OBJ) $files"; }
+ $ret.="\n $target\n\n $libs\n\n<<\n\n";
+ return($ret);
+ }
+
+1;
diff --git a/src/lib/libssl/src/util/pl/VC-32.pl b/src/lib/libssl/src/util/pl/VC-32.pl
new file mode 100644
index 0000000000..701e282c33
--- /dev/null
+++ b/src/lib/libssl/src/util/pl/VC-32.pl
@@ -0,0 +1,133 @@
+#!/usr/bin/perl
+# VCw32lib.pl - the file for Visual C++ 4.[01] for windows NT, static libraries
+#
+
+$ssl= "ssleay32";
+$crypto="libeay32";
+$RSAref="RSAref32";
+
+$o='\\';
+$cp='copy';
+$rm='del';
+
+# C compiler stuff
+$cc='cl';
+$cflags=' /MD /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DWIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN';
+$lflags="/nologo /subsystem:console /machine:I386 /opt:ref";
+$mlflags='';
+
+$out_def="out32";
+$tmp_def="tmp32";
+$inc_def="inc32";
+
+if ($debug)
+ {
+ $cflags=" /MDd /W3 /WX /Zi /Yd /Od /nologo -DWINDOWS -DWIN32 -D_DEBUG -DL_ENDIAN";
+ $lflags.=" /debug";
+ $mlflags.=' /debug';
+ }
+
+$obj='.obj';
+$ofile="/Fo";
+
+# EXE linking stuff
+$link="link";
+$efile="/out:";
+$exep='.exe';
+if ($no_sock)
+ { $ex_libs=""; }
+else { $ex_libs="wsock32.lib user32.lib gdi32.lib"; }
+
+# static library stuff
+$mklib='lib';
+$ranlib='';
+$plib="";
+$libp=".lib";
+$shlibp=($shlib)?".dll":".lib";
+$lfile='/out:';
+
+$shlib_ex_obj="";
+$app_ex_obj="setargv.obj";
+
+$asm='ml /Cp /coff /c /Cx';
+$asm.=" /Zi" if $debug;
+$afile='/Fo';
+
+$bn_mulw_obj='';
+$bn_mulw_src='';
+$des_enc_obj='';
+$des_enc_src='';
+$bf_enc_obj='';
+$bf_enc_src='';
+
+if (!$no_asm)
+ {
+ $bn_mulw_obj='crypto\bn\asm\bn-win32.obj';
+ $bn_mulw_src='crypto\bn\asm\bn-win32.asm';
+ $des_enc_obj='crypto\des\asm\d-win32.obj crypto\des\asm\y-win32.obj';
+ $des_enc_src='crypto\des\asm\d-win32.asm crypto\des\asm\y-win32.asm';
+ $bf_enc_obj='crypto\bf\asm\b-win32.obj';
+ $bf_enc_src='crypto\bf\asm\b-win32.asm';
+ $cast_enc_obj='crypto\cast\asm\c-win32.obj';
+ $cast_enc_src='crypto\cast\asm\c-win32.asm';
+ $rc4_enc_obj='crypto\rc4\asm\r4-win32.obj';
+ $rc4_enc_src='crypto\rc4\asm\r4-win32.asm';
+ $rc5_enc_obj='crypto\rc5\asm\r5-win32.obj';
+ $rc5_enc_src='crypto\rc5\asm\r5-win32.asm';
+ $md5_asm_obj='crypto\md5\asm\m5-win32.obj';
+ $md5_asm_src='crypto\md5\asm\m5-win32.asm';
+ $sha1_asm_obj='crypto\sha\asm\s1-win32.obj';
+ $sha1_asm_src='crypto\sha\asm\s1-win32.asm';
+ $rmd160_asm_obj='crypto\ripemd\asm\rm-win32.obj';
+ $rmd160_asm_src='crypto\ripemd\asm\rm-win32.asm';
+ $cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM";
+ }
+
+if ($shlib)
+ {
+ $mlflags.=" $lflags /dll";
+# $cflags =~ s| /MD| /MT|;
+ $lib_cflag=" /GD -D_WINDLL -D_DLL";
+ $out_def="out32dll";
+ $tmp_def="tmp32dll";
+ }
+
+sub do_lib_rule
+ {
+ local($objs,$target,$name,$shlib)=@_;
+ local($ret,$Name);
+
+ $taget =~ s/\//$o/g if $o ne '/';
+ ($Name=$name) =~ tr/a-z/A-Z/;
+
+# $target="\$(LIB_D)$o$target";
+ $ret.="$target: $objs\n";
+ if (!$shlib)
+ {
+# $ret.="\t\$(RM) \$(O_$Name)\n";
+ $ret.="\t\$(MKLIB) $lfile$target @<<\n $objs\n<<\n";
+ }
+ else
+ {
+ local($ex)=($target =~ /O_SSL/)?' $(L_CRYPTO)':'';
+ $ex.=' wsock32.lib gdi32.lib';
+ $ret.="\t\$(LINK) \$(MLFLAGS) $efile$target /def:ms/${Name}.def @<<\n \$(SHLIB_EX_OBJ) $objs $ex\n<<\n";
+ }
+ $ret.="\n";
+ return($ret);
+ }
+
+sub do_link_rule
+ {
+ local($target,$files,$dep_libs,$libs)=@_;
+ local($ret,$_);
+
+ $file =~ s/\//$o/g if $o ne '/';
+ $n=&bname($targer);
+ $ret.="$target: $files $dep_libs\n";
+ $ret.=" \$(LINK) \$(LFLAGS) $efile$target @<<\n";
+ $ret.=" \$(APP_EX_OBJ) $files $libs\n<<\n\n";
+ return($ret);
+ }
+
+1;
diff --git a/src/lib/libssl/src/util/pl/linux.pl b/src/lib/libssl/src/util/pl/linux.pl
new file mode 100644
index 0000000000..2b13da1bfc
--- /dev/null
+++ b/src/lib/libssl/src/util/pl/linux.pl
@@ -0,0 +1,96 @@
+#!/usr/bin/perl
+#
+# linux.pl - the standard unix makefile stuff.
+#
+
+$o='/';
+$cp='/bin/cp';
+$rm='/bin/rm -f';
+
+# C compiler stuff
+
+$cc='gcc';
+if ($debug)
+ { $cflags="-g2 -ggdb -DREF_CHECK -DCRYPTO_MDEBUG"; }
+else
+ { $cflags="-O3 -fomit-frame-pointer"; }
+
+if (!$no_asm)
+ {
+ $bn_mulw_obj='$(OBJ_D)/bn86-elf.o';
+ $bn_mulw_src='crypto/bn/asm/bn86unix.cpp';
+ $des_enc_obj='$(OBJ_D)/dx86-elf.o $(OBJ_D)/yx86-elf.o';
+ $des_enc_src='crypto/des/asm/dx86unix.cpp crypto/des/asm/yx86unix.cpp';
+ $bf_enc_obj='$(OBJ_D)/bx86-elf.o';
+ $bf_enc_src='crypto/bf/asm/bx86unix.cpp';
+ $cast_enc_obj='$(OBJ_D)/cx86-elf.o';
+ $cast_enc_src='crypto/cast/asm/cx86unix.cpp';
+ $rc4_enc_obj='$(OBJ_D)/rx86-elf.o';
+ $rc4_enc_src='crypto/rc4/asm/rx86unix.cpp';
+ $md5_asm_obj='$(OBJ_D)/mx86-elf.o';
+ $md5_asm_src='crypto/md5/asm/mx86unix.cpp';
+ $sha1_asm_obj='$(OBJ_D)/sx86-elf.o';
+ $sha1_asm_src='crypto/sha/asm/sx86unix.cpp';
+ $cflags.=" -DBN_ASM -DMD5_ASM -DSHA1_ASM";
+ }
+
+$cflags.=" -DTERMIO -DL_ENDIAN -m486 -Wall";
+
+if ($shlib)
+ {
+ $shl_cflag=" -DPIC -fpic";
+ $shlibp=".so.$ssl_version";
+ $so_shlibp=".so";
+ }
+
+sub do_shlib_rule
+ {
+ local($obj,$target,$name,$shlib,$so_name)=@_;
+ local($ret,$_,$Name);
+
+ $target =~ s/\//$o/g if $o ne '/';
+ ($Name=$name) =~ tr/a-z/A-Z/;
+
+ $ret.="\$(LIB_D)$o$target: \$(${Name}OBJ)\n";
+ $ret.="\t\$(RM) \$(LIB_D)$o$target\n";
+ $ret.="\tgcc \${CFLAGS} -shared -Wl,-soname,$target -o \$(LIB_D)$o$target \$(${Name}OBJ)\n";
+ ($t=$target) =~ s/(^.*)\/[^\/]*$/$1/;
+ if ($so_name ne "")
+ {
+ $ret.="\t\$(RM) \$(LIB_D)$o$so_name\n";
+ $ret.="\tln -s $target \$(LIB_D)$o$so_name\n\n";
+ }
+ }
+
+sub do_link_rule
+ {
+ local($target,$files,$dep_libs,$libs)=@_;
+ local($ret,$_);
+
+ $file =~ s/\//$o/g if $o ne '/';
+ $n=&bname($target);
+ $ret.="$target: $files $dep_libs\n";
+ $ret.="\t\$(LINK) ${efile}$target \$(LFLAGS) $files $libs\n\n";
+ return($ret);
+ }
+
+sub do_asm_rule
+ {
+ local($target,$src)=@_;
+ local($ret,@s,@t,$i);
+
+ $target =~ s/\//$o/g if $o ne "/";
+ $src =~ s/\//$o/g if $o ne "/";
+
+ @s=split(/\s+/,$src);
+ @t=split(/\s+/,$target);
+
+ for ($i=0; $i<=$#s; $i++)
+ {
+ $ret.="$t[$i]: $s[$i]\n";
+ $ret.="\tgcc -E -DELF \$(SRC_D)$o$s[$i]|\$(AS) $afile$t[$i]\n\n";
+ }
+ return($ret);
+ }
+
+1;
diff --git a/src/lib/libssl/src/util/pl/unix.pl b/src/lib/libssl/src/util/pl/unix.pl
new file mode 100644
index 0000000000..ab4978fd20
--- /dev/null
+++ b/src/lib/libssl/src/util/pl/unix.pl
@@ -0,0 +1,83 @@
+#!/usr/bin/perl
+#
+# unix.pl - the standard unix makefile stuff.
+#
+
+$o='/';
+$cp='/bin/cp';
+$rm='/bin/rm -f';
+
+# C compiler stuff
+
+if ($gcc)
+ {
+ $cc='gcc';
+ if ($debug)
+ { $cflags="-g2 -ggdb"; }
+ else
+ { $cflags="-O3 -fomit-frame-pointer"; }
+ }
+else
+ {
+ $cc='cc';
+ if ($debug)
+ { $cflags="-g"; }
+ else
+ { $cflags="-O"; }
+ }
+$obj='.o';
+$ofile='-o ';
+
+# EXE linking stuff
+$link='${CC}';
+$lflags='${CFLAGS}';
+$efile='-o ';
+$exep='';
+$ex_libs="";
+
+# static library stuff
+$mklib='ar r';
+$mlflags='';
+$ranlib='util/ranlib.sh';
+$plib='lib';
+$libp=".a";
+$shlibp=".a";
+$lfile='';
+
+$asm='as';
+$afile='-o ';
+$bn_mulw_obj="";
+$bn_mulw_src="";
+$des_enc_obj="";
+$des_enc_src="";
+$bf_enc_obj="";
+$bf_enc_src="";
+
+sub do_lib_rule
+ {
+ local($obj,$target,$name,$shlib)=@_;
+ local($ret,$_,$Name);
+
+ $target =~ s/\//$o/g if $o ne '/';
+ $target="\$(LIB_D)$o$target";
+ ($Name=$name) =~ tr/a-z/A-Z/;
+
+ $ret.="$target: \$(${Name}OBJ)\n";
+ $ret.="\t\$(RM) $target\n";
+ $ret.="\t\$(MKLIB) $target \$(${Name}OBJ)\n";
+ $ret.="\t\$(RANLIB) $target\n\n";
+ }
+
+sub do_link_rule
+ {
+ local($target,$files,$dep_libs,$libs)=@_;
+ local($ret,$_);
+
+ $file =~ s/\//$o/g if $o ne '/';
+ $n=&bname($target);
+ $ret.="$target: $files $dep_libs\n";
+ $ret.="\t\$(LINK) ${efile}$target \$(LFLAGS) $files $libs\n\n";
+ return($ret);
+ }
+
+1;
diff --git a/src/lib/libssl/src/util/point.sh b/src/lib/libssl/src/util/point.sh
new file mode 100644
index 0000000000..92c12e8282
--- /dev/null
+++ b/src/lib/libssl/src/util/point.sh
@@ -0,0 +1,4 @@
+#!/bin/sh
+
+/bin/rm -f $2
+ln -s $1 $2
diff --git a/src/lib/libssl/src/util/sp-diff.pl b/src/lib/libssl/src/util/sp-diff.pl
new file mode 100644
index 0000000000..2c88336858
--- /dev/null
+++ b/src/lib/libssl/src/util/sp-diff.pl
@@ -0,0 +1,80 @@
+#!/usr/bin/perl
+#
+# This file takes as input, the files that have been output from
+# ssleay speed.
+# It prints a table of the relative differences with %100 being 'no difference'
+#
+
+($#ARGV == 1) || die "$0 speedout1 speedout2\n";
+
+%one=&loadfile($ARGV[0]);
+%two=&loadfile($ARGV[1]);
+
+$line=0;
+foreach $a ("md2","md5","sha","sha1","rc4","des cfb","des cbc","des ede3",
+ "idea cfb","idea cbc","rc2 cfb","rc2 cbc","blowfish cbc","cast cbc")
+ {
+ if (defined($one{$a,8}) && defined($two{$a,8}))
+ {
+ print "type 8 byte% 64 byte% 256 byte% 1024 byte% 8192 byte%\n"
+ unless $line;
+ $line++;
+ printf "%-12s ",$a;
+ foreach $b (8,64,256,1024,8192)
+ {
+ $r=$two{$a,$b}/$one{$a,$b}*100;
+ printf "%12.2f",$r;
+ }
+ print "\n";
+ }
+ }
+
+foreach $a (
+ "rsa 512","rsa 1024","rsa 2048","rsa 4096",
+ "dsa 512","dsa 1024","dsa 2048",
+ )
+ {
+ if (defined($one{$a,1}) && defined($two{$a,1}))
+ {
+ $r1=($one{$a,1}/$two{$a,1})*100;
+ $r2=($one{$a,2}/$two{$a,2})*100;
+ printf "$a bits %% %6.2f %% %6.2f\n",$r1,$r2;
+ }
+ }
+
+sub loadfile
+ {
+ local($file)=@_;
+ local($_,%ret);
+
+ open(IN,"<$file") || die "unable to open '$file' for input\n";
+ $header=1;
+ while (<IN>)
+ {
+ $header=0 if /^[dr]sa/;
+ if (/^type/) { $header=0; next; }
+ next if $header;
+ chop;
+ @a=split;
+ if ($a[0] =~ /^[dr]sa$/)
+ {
+ ($n,$t1,$t2)=($_ =~ /^([dr]sa\s+\d+)\s+bits\s+([.\d]+)s\s+([.\d]+)/);
+ $ret{$n,1}=$t1;
+ $ret{$n,2}=$t2;
+ }
+ else
+ {
+ $n=join(' ',grep(/[^k]$/,@a));
+ @k=grep(s/k$//,@a);
+
+ $ret{$n, 8}=$k[0];
+ $ret{$n, 64}=$k[1];
+ $ret{$n, 256}=$k[2];
+ $ret{$n,1024}=$k[3];
+ $ret{$n,8192}=$k[4];
+ }
+ }
+ close(IN);
+ return(%ret);
+ }
+
diff --git a/src/lib/libssl/src/util/speed.sh b/src/lib/libssl/src/util/speed.sh
new file mode 100644
index 0000000000..f489706197
--- /dev/null
+++ b/src/lib/libssl/src/util/speed.sh
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+#
+# This is a ugly script use, in conjuction with editing the 'b'
+# configuration in the $(TOP)/Configure script which will
+# output when finished a file called speed.log which is the
+# timings of SSLeay with various options turned on or off.
+#
+# from the $(TOP) directory
+# Edit Configure, modifying things to do with the b/bl-4c-2c etc
+# configurations.
+#
+
+make clean
+perl Configure b
+make
+apps/ssleay version -v -b -f >speed.1
+apps/ssleay speed >speed.1l
+
+perl Configure bl-4c-2c
+/bin/rm -f crypto/rc4/*.o crypto/bn/bn*.o crypto/md2/md2_dgst.o
+make
+apps/ssleay speed rc4 rsa md2 >speed.2l
+
+perl Configure bl-4c-ri
+/bin/rm -f crypto/rc4/rc4*.o
+make
+apps/ssleay speed rc4 >speed.3l
+
+perl Configure b2-is-ri-dp
+/bin/rm -f crypto/idea/i_*.o crypto/rc4/*.o crypto/des/ecb_enc.o crypto/bn/bn*.o
+apps/ssleay speed rsa rc4 idea des >speed.4l
+
+cat speed.1 >speed.log
+cat speed.1l >>speed.log
+perl util/sp-diff.pl speed.1l speed.2l >>speed.log
+perl util/sp-diff.pl speed.1l speed.3l >>speed.log
+perl util/sp-diff.pl speed.1l speed.4l >>speed.log
+
diff --git a/src/lib/libssl/src/util/src-dep.pl b/src/lib/libssl/src/util/src-dep.pl
new file mode 100644
index 0000000000..91242f7bb6
--- /dev/null
+++ b/src/lib/libssl/src/util/src-dep.pl
@@ -0,0 +1,147 @@
+#!/usr/bin/perl
+
+# we make up an array of
+# $file{function_name}=filename;
+# $unres{filename}="func1 func2 ...."
+$debug=1;
+#$nm_func="parse_linux";
+$nm_func="parse_solaris";
+
+foreach (@ARGV)
+ {
+ &$nm_func($_);
+ }
+
+foreach $file (sort keys %unres)
+ {
+ @a=split(/\s+/,$unres{$file});
+ %ff=();
+ foreach $func (@a)
+ {
+ $f=$file{$func};
+ $ff{$f}=1 if $f ne "";
+ }
+
+ foreach $a (keys %ff)
+ { $we_need{$file}.="$a "; }
+ }
+
+foreach $file (sort keys %we_need)
+ {
+# print " $file $we_need{$file}\n";
+ foreach $bit (split(/\s+/,$we_need{$file}))
+ { push(@final,&walk($bit)); }
+
+ foreach (@final) { $fin{$_}=1; }
+ @final="";
+ foreach (sort keys %fin)
+ { push(@final,$_); }
+
+ print "$file: @final\n";
+ }
+
+sub walk
+ {
+ local($f)=@_;
+ local(@a,%seen,@ret,$r);
+
+ @ret="";
+ $f =~ s/^\s+//;
+ $f =~ s/\s+$//;
+ return "" if ($f =~ "^\s*$");
+
+ return(split(/\s/,$done{$f})) if defined ($done{$f});
+
+ return if $in{$f} > 0;
+ $in{$f}++;
+ push(@ret,$f);
+ foreach $r (split(/\s+/,$we_need{$f}))
+ {
+ push(@ret,&walk($r));
+ }
+ $in{$f}--;
+ $done{$f}=join(" ",@ret);
+ return(@ret);
+ }
+
+sub parse_linux
+ {
+ local($name)=@_;
+
+ open(IN,"nm $name|") || die "unable to run 'nn $name':$!\n";
+ while (<IN>)
+ {
+ chop;
+ next if /^\s*$/;
+ if (/^[^[](.*):$/)
+ {
+ $file=$1;
+ $file="$1.c" if /\[(.*).o\]/;
+ print STDERR "$file\n";
+ $we_need{$file}=" ";
+ next;
+ }
+
+ @a=split(/\s*\|\s*/);
+ next unless $#a == 7;
+ next unless $a[4] eq "GLOB";
+ if ($a[6] eq "UNDEF")
+ {
+ $unres{$file}.=$a[7]." ";
+ }
+ else
+ {
+ if ($file{$a[7]} ne "")
+ {
+ print STDERR "duplicate definition of $a[7],\n$file{$a[7]} and $file \n";
+ }
+ else
+ {
+ $file{$a[7]}=$file;
+ }
+ }
+ }
+ close(IN);
+ }
+
+sub parse_solaris
+ {
+ local($name)=@_;
+
+ open(IN,"nm $name|") || die "unable to run 'nn $name':$!\n";
+ while (<IN>)
+ {
+ chop;
+ next if /^\s*$/;
+ if (/^(\S+):$/)
+ {
+ $file=$1;
+ #$file="$1.c" if $file =~ /^(.*).o$/;
+ print STDERR "$file\n";
+ $we_need{$file}=" ";
+ next;
+ }
+ @a=split(/\s*\|\s*/);
+ next unless $#a == 7;
+ next unless $a[4] eq "GLOB";
+ if ($a[6] eq "UNDEF")
+ {
+ $unres{$file}.=$a[7]." ";
+ print STDERR "$file needs $a[7]\n" if $debug;
+ }
+ else
+ {
+ if ($file{$a[7]} ne "")
+ {
+ print STDERR "duplicate definition of $a[7],\n$file{$a[7]} and $file \n";
+ }
+ else
+ {
+ $file{$a[7]}=$file;
+ print STDERR "$file has $a[7]\n" if $debug;
+ }
+ }
+ }
+ close(IN);
+ }
+
diff --git a/src/lib/libssl/src/util/ssleay.num b/src/lib/libssl/src/util/ssleay.num
new file mode 100644
index 0000000000..359fa15df1
--- /dev/null
+++ b/src/lib/libssl/src/util/ssleay.num
@@ -0,0 +1,156 @@
+ERR_load_SSL_strings 1
+SSL_CIPHER_description 2
+SSL_CTX_add_client_CA 3
+SSL_CTX_add_session 4
+SSL_CTX_check_private_key 5
+SSL_CTX_ctrl 6
+SSL_CTX_flush_sessions 7
+SSL_CTX_free 8
+SSL_CTX_get_client_CA_list 9
+SSL_CTX_get_verify_callback 10
+SSL_CTX_get_verify_mode 11
+SSL_CTX_new 12
+SSL_CTX_remove_session 13
+SSL_CTX_set_cert_verify_cb 14
+SSL_CTX_set_cipher_list 15
+SSL_CTX_set_client_CA_list 16
+SSL_CTX_set_default_passwd_cb 17
+SSL_CTX_set_ssl_version 19
+SSL_CTX_set_verify 21
+SSL_CTX_use_PrivateKey 22
+SSL_CTX_use_PrivateKey_ASN1 23
+SSL_CTX_use_PrivateKey_file 24
+SSL_CTX_use_RSAPrivateKey 25
+SSL_CTX_use_RSAPrivateKey_ASN1 26
+SSL_CTX_use_RSAPrivateKey_file 27
+SSL_CTX_use_certificate 28
+SSL_CTX_use_certificate_ASN1 29
+SSL_CTX_use_certificate_file 30
+SSL_SESSION_free 31
+SSL_SESSION_new 32
+SSL_SESSION_print 33
+SSL_SESSION_print_fp 34
+SSL_accept 35
+SSL_add_client_CA 36
+SSL_alert_desc_string 37
+SSL_alert_desc_string_long 38
+SSL_alert_type_string 39
+SSL_alert_type_string_long 40
+SSL_check_private_key 41
+SSL_clear 42
+SSL_connect 43
+SSL_copy_session_id 44
+SSL_ctrl 45
+SSL_dup 46
+SSL_dup_CA_list 47
+SSL_free 48
+SSL_get_certificate 49
+SSL_get_cipher_list 52
+SSL_get_ciphers 55
+SSL_get_client_CA_list 56
+SSL_get_default_timeout 57
+SSL_get_error 58
+SSL_get_fd 59
+SSL_get_peer_cert_chain 60
+SSL_get_peer_certificate 61
+SSL_get_rbio 63
+SSL_get_read_ahead 64
+SSL_get_shared_ciphers 65
+SSL_get_ssl_method 66
+SSL_get_verify_callback 69
+SSL_get_verify_mode 70
+SSL_get_version 71
+SSL_get_wbio 72
+SSL_load_client_CA_file 73
+SSL_load_error_strings 74
+SSL_new 75
+SSL_peek 76
+SSL_pending 77
+SSL_read 78
+SSL_renegotiate 79
+SSL_rstate_string 80
+SSL_rstate_string_long 81
+SSL_set_accept_state 82
+SSL_set_bio 83
+SSL_set_cipher_list 84
+SSL_set_client_CA_list 85
+SSL_set_connect_state 86
+SSL_set_fd 87
+SSL_set_read_ahead 88
+SSL_set_rfd 89
+SSL_set_session 90
+SSL_set_ssl_method 91
+SSL_set_verify 94
+SSL_set_wfd 95
+SSL_shutdown 96
+SSL_state_string 97
+SSL_state_string_long 98
+SSL_use_PrivateKey 99
+SSL_use_PrivateKey_ASN1 100
+SSL_use_PrivateKey_file 101
+SSL_use_RSAPrivateKey 102
+SSL_use_RSAPrivateKey_ASN1 103
+SSL_use_RSAPrivateKey_file 104
+SSL_use_certificate 105
+SSL_use_certificate_ASN1 106
+SSL_use_certificate_file 107
+SSL_write 108
+SSLeay_add_ssl_algorithms 109
+SSLv23_client_method 110
+SSLv23_method 111
+SSLv23_server_method 112
+SSLv2_client_method 113
+SSLv2_method 114
+SSLv2_server_method 115
+SSLv3_client_method 116
+SSLv3_method 117
+SSLv3_server_method 118
+d2i_SSL_SESSION 119
+i2d_SSL_SESSION 120
+BIO_f_ssl 121
+BIO_new_ssl 122
+BIO_proxy_ssl_copy_session_id 123
+BIO_ssl_copy_session_id 124
+SSL_do_handshake 125
+SSL_get_privatekey 126
+SSL_get_current_cipher 127
+SSL_CIPHER_get_bits 128
+SSL_CIPHER_get_version 129
+SSL_CIPHER_get_name 130
+BIO_ssl_shutdown 131
+SSL_SESSION_cmp 132
+SSL_SESSION_hash 133
+SSL_SESSION_get_time 134
+SSL_SESSION_set_time 135
+SSL_SESSION_get_timeout 136
+SSL_SESSION_set_timeout 137
+SSL_CTX_get_ex_data 138
+SSL_CTX_get_quiet_shutdown 140
+SSL_CTX_load_verify_locations 141
+SSL_CTX_set_default_verify_paths 142
+SSL_CTX_set_ex_data 143
+SSL_CTX_set_quiet_shutdown 145
+SSL_SESSION_get_ex_data 146
+SSL_SESSION_set_ex_data 148
+SSL_get_SSL_CTX 150
+SSL_get_ex_data 151
+SSL_get_quiet_shutdown 153
+SSL_get_session 154
+SSL_get_shutdown 155
+SSL_get_verify_result 157
+SSL_set_ex_data 158
+SSL_set_info_callback 160
+SSL_set_quiet_shutdown 161
+SSL_set_shutdown 162
+SSL_set_verify_result 163
+SSL_version 164
+SSL_get_info_callback 165
+SSL_state 166
+SSL_CTX_get_ex_new_index 167
+SSL_SESSION_get_ex_new_index 168
+SSL_get_ex_new_index 169
+TLSv1_method 170
+TLSv1_server_method 171
+TLSv1_client_method 172
+BIO_new_buffer_ssl_connect 173
+BIO_new_ssl_connect 174
diff --git a/src/lib/libssl/src/util/tab_num.pl b/src/lib/libssl/src/util/tab_num.pl
new file mode 100644
index 0000000000..77b591d92f
--- /dev/null
+++ b/src/lib/libssl/src/util/tab_num.pl
@@ -0,0 +1,17 @@
+#!/usr/bin/perl
+
+$num=1;
+$width=40;
+
+while (<>)
+ {
+ chop;
+
+ $i=length($_);
+
+ $n=$width-$i;
+ $i=int(($n+7)/8);
+ print $_.("\t" x $i).$num."\n";
+ $num++;
+ }
+
diff --git a/src/lib/libssl/src/util/x86asm.sh b/src/lib/libssl/src/util/x86asm.sh
new file mode 100644
index 0000000000..81d3289860
--- /dev/null
+++ b/src/lib/libssl/src/util/x86asm.sh
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+echo Generating x86 assember
+echo Bignum
+(cd crypto/bn/asm; perl bn-586.pl cpp > bn86unix.cpp)
+(cd crypto/bn/asm; perl bn-586.pl win32 > bn-win32.asm)
+
+echo DES
+(cd crypto/des/asm; perl des-586.pl cpp > dx86unix.cpp)
+(cd crypto/des/asm; perl des-586.pl win32 > d-win32.asm)
+
+echo "crypt(3)"
+(cd crypto/des/asm; perl crypt586.pl cpp > yx86unix.cpp)
+(cd crypto/des/asm; perl crypt586.pl win32 > y-win32.asm)
+
+echo Blowfish
+(cd crypto/bf/asm; perl bf-586.pl cpp > bx86unix.cpp)
+(cd crypto/bf/asm; perl bf-586.pl win32 > b-win32.asm)
+
+echo CAST5
+(cd crypto/cast/asm; perl cast-586.pl cpp > cx86unix.cpp)
+(cd crypto/cast/asm; perl cast-586.pl win32 > c-win32.asm)
+
+echo RC4
+(cd crypto/rc4/asm; perl rc4-586.pl cpp > rx86unix.cpp)
+(cd crypto/rc4/asm; perl rc4-586.pl win32 > r4-win32.asm)
+
+echo MD5
+(cd crypto/md5/asm; perl md5-586.pl cpp > mx86unix.cpp)
+(cd crypto/md5/asm; perl md5-586.pl win32 > m5-win32.asm)
+
+echo SHA1
+(cd crypto/sha/asm; perl sha1-586.pl cpp > sx86unix.cpp)
+(cd crypto/sha/asm; perl sha1-586.pl win32 > s1-win32.asm)
+
+echo RIPEMD160
+(cd crypto/ripemd/asm; perl rmd-586.pl cpp > rm86unix.cpp)
+(cd crypto/ripemd/asm; perl rmd-586.pl win32 > rm-win32.asm)
+
+echo RC5/32
+(cd crypto/rc5/asm; perl rc5-586.pl cpp > r586unix.cpp)
+(cd crypto/rc5/asm; perl rc5-586.pl win32 > r5-win32.asm)
--
cgit v1.2.3-55-g6feb